From f4758cd524907a921853c29a575fb78dcf267e54 Mon Sep 17 00:00:00 2001 From: Ethan Everett <84542561+eeverettrbx@users.noreply.github.com> Date: Mon, 8 Sep 2025 16:50:58 -0700 Subject: [PATCH 0001/2408] quic: ignore EMSGSIZE on receive Some OSes (Linux, macOS, more?) will generate an EMSGSIZE socket error on the next recv all after receiving an ICMP Packet Too Big on an unconnected UDP socket. These can be safely ignored as QUIC's DPLPMTUD uses MTU probes that do not rely on receiving ICMP packets. Closes #18505 --- lib/vquic/vquic.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/vquic/vquic.c b/lib/vquic/vquic.c index 647450a29b..3a0ac87238 100644 --- a/lib/vquic/vquic.c +++ b/lib/vquic/vquic.c @@ -404,7 +404,7 @@ static CURLcode recvmmsg_packets(struct Curl_cfilter *cf, } while((mcount = recvmmsg(qctx->sockfd, mmsg, n, 0, NULL)) == -1 && - SOCKERRNO == SOCKEINTR) + (SOCKERRNO == SOCKEINTR || SOCKERRNO == SOCKEMSGSIZE)) ; if(mcount == -1) { if(SOCKERRNO == EAGAIN || SOCKERRNO == SOCKEWOULDBLOCK) { @@ -420,7 +420,7 @@ static CURLcode recvmmsg_packets(struct Curl_cfilter *cf, goto out; } Curl_strerror(SOCKERRNO, errstr, sizeof(errstr)); - failf(data, "QUIC: recvmsg() unexpectedly returned %d (errno=%d; %s)", + failf(data, "QUIC: recvmmsg() unexpectedly returned %d (errno=%d; %s)", mcount, SOCKERRNO, errstr); result = CURLE_RECV_ERROR; goto out; @@ -497,7 +497,7 @@ static CURLcode recvmsg_packets(struct Curl_cfilter *cf, msg.msg_controllen = sizeof(msg_ctrl); while((nread = recvmsg(qctx->sockfd, &msg, 0)) == -1 && - SOCKERRNO == SOCKEINTR) + (SOCKERRNO == SOCKEINTR || SOCKERRNO == SOCKEMSGSIZE)) ; if(nread == -1) { if(SOCKERRNO == EAGAIN || SOCKERRNO == SOCKEWOULDBLOCK) { @@ -571,7 +571,7 @@ static CURLcode recvfrom_packets(struct Curl_cfilter *cf, while((nread = recvfrom(qctx->sockfd, (char *)buf, bufsize, 0, (struct sockaddr *)&remote_addr, &remote_addrlen)) == -1 && - SOCKERRNO == SOCKEINTR) + (SOCKERRNO == SOCKEINTR || SOCKERRNO == SOCKEMSGSIZE)) ; if(nread == -1) { if(SOCKERRNO == EAGAIN || SOCKERRNO == SOCKEWOULDBLOCK) { From 80ac5fb2ec29203fd9d87d705f72e8cd2afee501 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Wed, 10 Sep 2025 11:33:36 +0200 Subject: [PATCH 0002/2408] easy_getinfo: check magic, Curl_close safety Check the easy handles magic in calls to curl_easy_getinfo(). In Curl_close() clear the magic after DNS shutdown since we'd like to see tracing for this. When clearing the magic, also clear the verbose flag so we no longer call DEBUGFUNCTION on such a handle. Closes #18511 --- lib/easy.c | 6 +++++- lib/url.c | 20 +++++++++++--------- 2 files changed, 16 insertions(+), 10 deletions(-) diff --git a/lib/easy.c b/lib/easy.c index b9b8d52754..0a4b6faf52 100644 --- a/lib/easy.c +++ b/lib/easy.c @@ -877,12 +877,16 @@ void curl_easy_cleanup(CURL *ptr) * information from a performed transfer and similar. */ #undef curl_easy_getinfo -CURLcode curl_easy_getinfo(CURL *data, CURLINFO info, ...) +CURLcode curl_easy_getinfo(CURL *easy, CURLINFO info, ...) { + struct Curl_easy *data = easy; va_list arg; void *paramp; CURLcode result; + if(!GOOD_EASY_HANDLE(data)) + return CURLE_BAD_FUNCTION_ARGUMENT; + va_start(arg, info); paramp = va_arg(arg, void *); diff --git a/lib/url.c b/lib/url.c index b52267cb67..45d44bac73 100644 --- a/lib/url.c +++ b/lib/url.c @@ -258,13 +258,20 @@ CURLcode Curl_close(struct Curl_easy **datap) Curl_expire_clear(data); /* shut off any timers left */ - data->magic = 0; /* force a clear AFTER the possibly enforced removal from - the multi handle, since that function uses the magic - field! */ - if(data->state.rangestringalloc) free(data->state.range); + /* release any resolve information this transfer kept */ + Curl_async_destroy(data); + Curl_resolv_unlink(data, &data->state.dns[0]); /* done with this */ + Curl_resolv_unlink(data, &data->state.dns[1]); + + data->set.verbose = FALSE; /* no more calls to DEBUGFUNCTION */ + data->magic = 0; /* force a clear AFTER the possibly enforced removal from + * the multi handle and async dns shutdown. The multi + * handle might check the magic and so might any + * DEBUGFUNCTION invoked for tracing */ + /* freed here just in case DONE was not called */ Curl_req_free(&data->req, data); @@ -299,11 +306,6 @@ CURLcode Curl_close(struct Curl_easy **datap) Curl_safefree(data->info.contenttype); Curl_safefree(data->info.wouldredirect); - /* release any resolve information this transfer kept */ - Curl_async_destroy(data); - Curl_resolv_unlink(data, &data->state.dns[0]); /* done with this */ - Curl_resolv_unlink(data, &data->state.dns[1]); - data_priority_cleanup(data); /* No longer a dirty share, if it exists */ From a782867c9f966b2daeb67a4438bc4c26c6bbd46b Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Wed, 10 Sep 2025 11:55:24 +0200 Subject: [PATCH 0003/2408] curl_easy_getinfo: error code on NULL arg When passing an address to curl_easy_getinfo to retrieve a value and the address is NULL, return CURLE_BAD_FUNCTION_ARGUMENT instead of CURLE_UNKNOWN_OPTION. Closes #18512 --- lib/getinfo.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/getinfo.c b/lib/getinfo.c index 7ff78d2d6d..e2a8231d53 100644 --- a/lib/getinfo.c +++ b/lib/getinfo.c @@ -621,7 +621,7 @@ CURLcode Curl_getinfo(struct Curl_easy *data, CURLINFO info, ...) struct curl_slist **param_slistp = NULL; curl_socket_t *param_socketp = NULL; int type; - CURLcode result = CURLE_UNKNOWN_OPTION; + CURLcode result = CURLE_BAD_FUNCTION_ARGUMENT; if(!data) return CURLE_BAD_FUNCTION_ARGUMENT; @@ -661,6 +661,7 @@ CURLcode Curl_getinfo(struct Curl_easy *data, CURLINFO info, ...) result = getinfo_socket(data, info, param_socketp); break; default: + result = CURLE_UNKNOWN_OPTION; break; } From 31f0f0a0609bc8cc4ce665907b58b90330f69f5c Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 10 Sep 2025 12:54:59 +0200 Subject: [PATCH 0004/2408] RELEASE-NOTES: synced and bump include/curl/curlver.h --- RELEASE-NOTES | 578 +---------------------------------------- include/curl/curlver.h | 6 +- 2 files changed, 13 insertions(+), 571 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 5b9f4324af..04e1ad4779 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -1,6 +1,6 @@ -curl and libcurl 8.16.0 +curl and libcurl 8.16.1 - Public curl releases: 270 + Public curl releases: 271 Command line options: 272 curl_easy_setopt() options: 308 Public functions in libcurl: 98 @@ -8,286 +8,12 @@ curl and libcurl 8.16.0 This release includes the following changes: - o build: bump minimum required mingw-w64 to v3.0 (from v1.0) [33] - o curl: add --follow [129] - o curl: add --out-null [101] - o curl: add --parallel-max-host to limit concurrent connections per host [81] - o curl: make --retry-delay and --retry-max-time accept decimal seconds [112] - o hostip: cache negative name resolves [175] - o ip happy eyeballing: keep attempts running [80] - o mbedtls: bump minimum version required to 3.2.0 [180] - o multi: add curl_multi_get_offt [56] - o multi: add CURLMOPT_NETWORK_CHANGED to signal network changed [84] - o netrc: use the NETRC environment variable (first) if set [70] - o smtp: allow suffix behind a mail address for RFC 3461 [127] - o tls: make default TLS version be minimum 1.2 [71] - o tool_getparam: add support for `--longopt=value` [69] - o vquic: drop msh3 [8] - o websocket: support CURLOPT_READFUNCTION [193] - o writeout: add %time{} [74] This release includes the following bugfixes: - o _PROTOCOLS.md: mention file:// is only for absolute paths [102] - o acinclude: --with-ca-fallback only works with OpenSSL [217] - o alpn: query filter [104] - o ares: destroy channel on shutdown [178] - o ares: use `ares_strerror()` to retrieve error messages [236] - o asyn-thrdd: fix --disable-socketpair builds [235] - o asyn-thrdd: fix Curl_async_pollset without socketpair [205] - o asyn-thrdd: fix no `HAVE_GETADDRINFO` builds [214] - o asyn-thrdd: manage DEFERRED and locks better [228] - o autotools: make curl-config executable [253] - o aws-lc: do not use large buffer [250] - o BINDINGS.md: add LibQurl [156] - o bufq: add integer overflow checks before chunk allocations [108] - o bufq: removed "Useless Assignment" [188] - o bufq: simplify condition [207] - o build: allow libtests/clients to use libcurl dependencies directly [87] - o build: disable `TCP_NODELAY` for emscripten [176] - o build: enable _GNU_SOURCE on GNU/Hurd [27] - o build: extend GNU C guards to clang where applicable, fix fallouts [61] - o build: fix build errors/warnings in rare configurations [7] - o build: fix disable-verbose [48] - o build: fix mingw-w64 version guard for mingw32ce [124] - o build: if no perl, fix to use the pre-built hugehelp, if present [144] - o build: link to Apple frameworks required by static wolfSSL [40] - o build: support LibreSSL native crypto lib with ngtcp2 1.15.0+ [209] - o build: tidy up compiler definition for tests [37] - o cf-https-connect: delete unused declaration [15] - o clang-tidy: disable `clang-analyzer-security.ArrayBound` [265] - o cmake: `CURL_CA_FALLBACK` only works with OpenSSL [215] - o cmake: capitalize 'Rustls' in the config summary - o cmake: defer building `unitprotos.h` till a test target needs it [75] - o cmake: define `WIN32_LEAN_AND_MEAN` for examples [159] - o cmake: drop redundant unity mode for `curlinfo` [155] - o cmake: enable `-Wall` for MSVC 1944 [128] - o cmake: fix `ENABLE_UNIX_SOCKETS=OFF` with pre-fill enabled on unix - o cmake: fix setting LTO properties on the wrong targets [258] - o cmake: fix to disable Schannel and SSPI for non-Windows targets - o cmake: fix to restrict `SystemConfiguration` to macOS [139] - o cmake: honor `CMAKE_C_FLAGS` in test 1119 and 1167 [206] - o cmake: improve error message for invalid HTTP/3 MultiSSL configs [187] - o cmake: keep websockets disabled if HTTP is disabled - o cmake: make `runtests` targets build the curl tool [32] - o cmake: make the ExternalProject test work [183] - o cmake: omit linking duplicate/unnecessary libs to tests & examples [45] - o cmake: re-add simple test target, and name it `tests` [142] - o cmake: set `CURL_DIRSUFFIX` automatically in multi-config builds [154] - o CODE_STYLE: sync with recent `checksrc.pl` updates [49] - o config-win32.h: do not use winsock2 `inet_ntop()`/`inet_pton()` [58] - o configure: if no perl, disable unity and shell completion, related tidy ups [137] - o configure: tidy up internal names in ngtcp2 ossl detection logic [212] - o connectdata: remove primary+secondary ip_quadruple [126] - o connection: terminate after goaway [62] - o contrithanks: fix for BSD `sed` tool [98] - o cookie: don't treat the leading slash as trailing [185] - o cookie: remove expired cookies before listing [158] - o curl-config: remove X prefix use [138] - o curl/system.h: fix for GCC 3.3.x and older [38] - o curl: make the URL indexes 64 bit [117] - o curl: tool_read_cb fix of segfault [18] - o curl_addrinfo: drop workaround for old-mingw [14] - o curl_easy_ssls_export: make the example more clear [78] - o curl_fnmatch, servers: drop local macros in favour of `sizeof()` [21] - o curl_mime_data_cb.md: mention what datasize is for [107] - o curl_ossl: extend callback table for nghttp3 1.11.0 [46] - o curl_setup.h: include `stdint.h` earlier [260] - o curl_setup.h: move UWP detection after `config-win32.h` (revert) [51] - o curl_setup.h: move UWP detection after `config-win32.h` [23] - o CURLINFO_FILETIME*.md: correct the examples [242] - o CURLOPT: bump `CURL_REDIR_*` macros to `long` [110] - o CURLOPT: bump `CURL_SSLVERSION_*` macros to `long` [149] - o CURLOPT: bump `CURLALTSVC_*` macros to `long` [96] - o CURLOPT: bump `CURLFTP*` enums to `long`, drop casts [54] - o CURLOPT: bump `CURLHEADER_*` macros to `long`, drop casts [94] - o CURLOPT: bump `CURLPROTO_*` macros to `long` [148] - o CURLOPT: bump `CURLPROXY_*` enums to `long`, drop casts [95] - o CURLOPT: bump `CURLWS_NOAUTOPONG`, `CURLWS_RAW_MODE` macros to `long` [150] - o CURLOPT: bump remaining macros to `long` [147] - o CURLOPT: drop redundant `long` casts [55] - o CURLOPT: replace `(long)` cast with `L` suffix for `CURLHSTS_*` macros - o CURLOPT_HTTP_VERSION: mention new default value [179] - o CURLOPT_SSL_CTX_*: replace the base64 with XXXX [171] - o delta: fix warnings, fix for non-GNU `date` tool [99] - o DEPRECATE.md: drop old OpenSSL versions [266] - o DEPRECATE.md: drop support for c-ares versions before 1.16.0 [191] - o DEPRECATE.md: drop support for Windows XP/2003 [31] - o DEPRECATE.md: remove leftover "nothing" [57] - o DISTROS.md: add Haiku [39] - o docs/cmdline-opts: the auth types are not mutually exclusive [103] - o docs: add CURLOPT type change history, drop casts where present [143] - o docs: add major incident section to vuln disclosure policy [271] - o docs: fix link CONTRIBUTE.md link [192] - o docs: fix name in curl_easy_ssls_export man page [12] - o docs: fix typo (staring -> starting) [211] - o docs: point two broken links to archive.org [134] - o docs: put `<>` within backticks in titles [261] - o doh: rename symbols to avoid collision with mingw-w64 headers [66] - o easy handle: check validity on external calls [28] - o examples: drop long cast for `CURLALTSVC_*` - o examples: make `CURLPIPE_MULTIPLEX` fallback `long` [233] - o examples: remove base64 encoded chunks from examples [189] - o examples: remove href_extractor.c [186] - o ftp: store dir components as start+len instead of memdup'ing [198] - o ftp: use 'conn' instead of 'data->conn' [208] - o gnutls: fix building with older supported GnuTLS versions [241] - o gnutls: some small cleanups [41] - o hmac: return error if init fails [2] - o hostip: do DNS cache pruning in milliseconds [132] - o HTTP3.md: avoid `configure` issue for ngtcp2 1.14.0+ compatibility [182] - o http: const up readonly H2_NON_FIELD [10] - o http: do the cookie list access under lock [270] - o http: silence `-Warray-bounds` with gcc 13+ [44] - o idn: reject conversions that end up as a zero length hostname [273] - o inet_pton, inet_ntop: drop declarations when unused [59] - o lib1560: fix memory leak when run without UTF-8 support [17] - o lib1560: replace an `int` with `bool` [97] - o lib2700: use `testnum` [151] - o lib517: use `LL` 64-bit literals & re-enable a test case (`time_t`) [100] - o lib: drop `UNUSED_PARAM` macro [259] - o libcurl: reset rewind flag in curl_easy_reset() [184] - o libssh: Use sftp_aio instead of sftp_async for sftp_recv [92] - o libtests: update format strings to avoid casts, drop some macros [109] - o libtests: use `FMT_SOCKET_T`, drop more casts [136] - o managen: reset text mode at end of table marker [145] - o mbedtls: check for feature macros instead of version [166] - o mdlinkcheck: handle links with a leading slash properly [195] - o memanalyze: fix warnings [22] - o memory: make function overrides work reliably in unity builds [93] - o multi event: remove only announced [25] - o multi: don't insert a node into the splay tree twice [68] - o multi: fix assert in multi_getsock() [53] - o multi: fix bad splay management [133] - o multi: process pending, one by one [90] - o multi: replace remaining EXPIRE_RUN_NOW [67] - o multissl: initialize when requesting a random number [30] - o ngtcp2: extend callback tables for nghttp3 1.11.0 and ngtcp2 1.14.0 [47] - o ngtcp2: handshake timeout should be equal to --connect-timeout [262] - o ngtcp2: use custom mem funcs [204] - o openldap: fix `-Wtentative-definition-compat` [268] - o openssl: add and use `HAVE_BORINGSSL_LIKE` internal macro [222] - o openssl: add and use `HAVE_OPENSSL3` internal macro [223] - o openssl: assume `OPENSSL_VERSION_NUMBER` [181] - o openssl: auto-pause on verify callback retry [167] - o openssl: check SSL_write() length on retries [152] - o openssl: clear errors after a failed `d2i_X509()` [161] - o openssl: drop more legacy cruft [224] - o openssl: drop redundant `HAVE_OPENSSL_VERSION` macro [221] - o openssl: drop redundant version check [246] - o openssl: drop single-use interim macro `USE_OPENSSL_SRP` [201] - o openssl: enable `HAVE_KEYLOG_CALLBACK` for AWS-LC [220] - o openssl: merge two `#if` blocks [218] - o openssl: output unescaped utf8 x509 issuer/subject DNs [169] - o openssl: remove legacy cruft, document macro guards [231] - o openssl: save and restore OpenSSL error queue in two functions [172] - o openssl: some small cleanups [42] - o openssl: split cert_stuff into smaller sub functions [72] - o openssl: sync an AWS-LC guard with BoringSSL [199] - o openssl: use `RSA_flags()` again with BoringSSL [219] - o parallel-max: bump the max value to 65535 [86] - o parsedate: make Curl_getdate_capped able to return epoch [229] - o processhelp.pm: fix to use the correct null device on Windows [164] - o processhelp.pm: use `Win32::Process*` perl modules if available [200] - o projects: drop unused logic from `generate.bat` [157] - o projects: fix Windows project 'clean' function [203] - o pytest: add SOCKS tests and scoring [9] - o pytest: fix test_17_09_ssl_min_max for BoringSSL [197] - o pytest: increase server KeepAliveTimeout [26] - o pytest: relax error check on test_07_22 [16] - o resolving: dns error tracing [196] - o runtests: assume `Time::HiRes`, drop Perl Win32 dependency [163] - o runtests: remove warning message [230] - o runtests: replace `--ci` with `--buidinfo`, show OS/Perl version again [247] - o runtests: show still running tests when nothing has happened for a while [227] - o schannel: add an error message for client cert not found [165] - o schannel: assume `CERT_CHAIN_REVOCATION_CHECK_CHAIN` [114] - o schannel: drop fallbacks for 4 macros [121] - o schannel: drop fallbacks for unused `BCRYPT_*` macros [122] - o schannel: drop old-mingw special case [77] - o schannel: fix recent update for mingw32ce [123] - o schannel: fix renegotiation [202] - o schannel: improve handshake procedure [239] - o schannel: not supported with UWP, drop redundant code [105] - o schannel: use if(result) like the code style says [125] - o scripts: enable strict warnings in Perl where missing, fix fallouts [63] - o scripts: fix two Perl uninitialized value warnings [60] - o sendf: getting less data than "max allowed" is okay [170] - o servers: convert two macros to scoped static const strings [89] - o setopt: refactor out the booleans from setopt_long to setopt_bool [83] - o setopt: split out cookielist() and cookiefile() [130] - o socks: do_SOCKS5: Fix invalid buffer content on short send [43] - o socks_sspi: simplify, clean up Curl_SOCKS5_gssapi_negotiate [237] - o spacecheck.pl: when detecting unicode, mention line number [85] - o spacecheck: warn for 3+ empty lines in a row, fix fallouts [240] - o spelling: file system [232] - o test1148: drop redundant `LC_NUMBER=` env setting [13] - o test1557: pass `long` type to `multi_setopt()` [234] - o test1560: set locale/codeset with `LC_ALL` (was: `LANG`), test in CI [19] - o test1560: skip some URLs if UTF-8 is not supported [34] - o test1: raise alloc limits [11] - o test428: re-enable for Windows [5] - o test436: fix running on Windows with `_curlrc` present [153] - o test: add `cygwin` feature and use it (test 1056, 1517) [249] - o tests/ech_tests.sh: indent, if/for style, inline ifs [131] - o tests: constify command-line arguments [82] - o tests: delete unused commands [177] - o tests: drop unused `BLANK` envs, unset `CURL_NOT_SET` [248] - o tests: drop unused `CURL_FORCEHOST` envs [36] - o tests: fix perl warnings in http2-server, http3-server [119] - o tests: fix prechecks to call the bundle libtest tool [120] - o tests: fix UTF-8 detection, per-test `LC_*` settings, CI coverage [6] - o tests: merge clients into libtests, drop duplicate code [76] - o tests: remove the QUIT filters [210] - o tests: set `CURL_ENTROPY` per test, not globally [35] - o tests: unset some envs instead of blanking them [4] - o threaded-resolver: fix shutdown [252] - o tidy-up: `Curl_thread_create()` callback return type [20] - o tidy-up: move literal to the right side of comparisons [65] - o tidy-up: prefer `ifdef`/`ifndef` for single checks [64] - o tls: CURLINFO_TLS_SSL_PTR testing [79] - o TODO: remove session export item [194] - o TODO: remove the expand ~ idea [216] - o tool_cb_wrt: stop alloc/free for every chunk windows console output [140] - o tool_filetime: accept setting negative filetime [256] - o tool_getparam: let --trace-config override -v [238] - o tool_getparam: warn on more unicode prefixes [275] - o tool_operate: avoid superfluous strdup'ing output [1] - o tool_operate: use stricter curl_multi_setopt() arguments [225] - o tool_operate: use the correct config pointer [115] - o tool_paramhlp: fix secs2ms() [116] - o tool_parsecfg: use dynbuf for quoted arguments [162] - o tool_urlglob: add integer overflow protection [244] - o tool_urlglob: polish, cleanups, improvements [141] - o typecheck-gcc: add type checks for curl_multi_setopt() [226] - o unit-tests: build the unitprotos.h from here [73] - o unit2604: avoid `UNCONST()` [135] - o URL-SYNTAX.md: drop link to codepoints.net to pass linkcheck [190] - o urlapi: allow more path characters "raw" when asked to URL encode [146] - o urldata: reduce two long struct fields to unsigned short [174] - o urlglob: only accept 255 globs - o vquic-tls: fix SSL backend type for QUIC connections using gnutls [29] - o vquic: replace assert [254] - o vquic: use curl_getenv [168] - o vtls: set seen http version on successful ALPN [160] - o websocket example: cast print values to unsigned int [251] - o websocket: handling of PONG frames [213] - o websocket: improve handling of 0-len frames [269] - o websocket: reset upload_done when sending data [245] - o windows: assume `ADDRESS_FAMILY`, drop feature checks [88] - o windows: document toolchain support for `CERT_NAME_SEARCH_ALL_NAMES_FLAG` - o windows: document toolchain support for some macros (cont.) [111] - o windows: document toolchain support for some macros [113] - o windows: drop `CRYPT_E_*` macro fallbacks, limit one to mingw32ce [118] - o windows: drop two interim, single-use macros [106] - o windows: drop unused `curlx/version_win32.h` includes [52] - o windows: fix `if_nametoindex()` detection with autotools, improve with cmake [24] - o windows: include `wincrypt.h` before `iphlpapi.h` for mingw-w64 <6 [50] - o windows: target version macro tidy-ups [3] - o wolfssl: rename ML-KEM hybrids to match IETF draft [173] - o write-out.md: header_json is not included the json object [243] - o ws: avoid NULL pointer deref in curl_ws_recv [91] - o ws: get a new mask for each new outgoing frame [255] + o curl_easy_getinfo: error code on NULL arg [2] + o easy_getinfo: check magic, Curl_close safety [3] + o quic: ignore EMSGSIZE on receive [4] This release includes the following known bugs: @@ -311,295 +37,11 @@ Planned upcoming removals include: This release would not have looked like this without help, code, reports and advice from friends like these: - adamse on github, Ahmad Gani, Alice Lee Poetics, Ammar Faizi, - Andrew Kirillov, Andriy Druk, Anthony Hu, Berthin Torres Callañaupa, - BobodevMm on github, Calvin Ruocco, Caolán McNamara, Cole Leavitt, - correctmost on github, d1r3ct0r, Dan Fandrich, Daniel Böhmer, Daniel Engberg, - Daniel McCarney, Daniel Stenberg, David Zhuang, devgs on github, - Dominik Tomecki, Dustin L. Howett, Eshan Kelkar, Florian Friedrich, - Gabriel Marin, Gisle Vanem, Google Big Sleep, Harry Sintonen, - IoannisGS on github, James Fuller, Jelle Raaijmakers, Jeroen Ooms, - Kai Pastor, Karthik Das, kkmuffme on github, kupavcevdenis on github, - letshack9707 on hackerone, lf- on github, LoRd_MuldeR, Marcel Raad, - Michael Osipov, Michał Petryka, Natris on github, nevakrien on github, - Oxan van Leeuwen, Paul Gilmartin, Pavel Kropachev, Petar Popovic, - Philippe Antoine, Pino Toscano, Qriist on github, Ray Satiro, - renovate[bot], RepoRascal on hackerone, rm-rmonaghan on github, - Roberto Hidalgo, Samuel Henrique, Schrijvers Luc, Sebastian Carlos, - Sergio Durigan Junior, Simon Dalvai, Stanislav Osipov, Stefan Eissing, - stephannn on github, sunriseL, Tal Regev, Terence Eden, Todd Gamblin, - Viktor Szakats, Waldemar Kornewald, XCas13, xfangfang, yaoy6 on github, - Yedaya Katsman, ウさん - (76 contributors) + Daniel Stenberg, Ethan Everett, Stefan Eissing + (3 contributors) References to bug reports and discussions on issues: - [1] = https://curl.se/bug/?i=17946 - [2] = https://curl.se/bug/?i=18008 - [3] = https://curl.se/bug/?i=17981 - [4] = https://curl.se/bug/?i=17994 - [5] = https://curl.se/bug/?i=17991 - [6] = https://curl.se/bug/?i=17988 - [7] = https://curl.se/bug/?i=17962 - [8] = https://curl.se/bug/?i=17729 - [9] = https://curl.se/bug/?i=17986 - [10] = https://curl.se/bug/?i=17996 - [11] = https://curl.se/bug/?i=18004 - [12] = https://curl.se/bug/?i=17995 - [13] = https://curl.se/bug/?i=17993 - [14] = https://curl.se/bug/?i=18038 - [15] = https://curl.se/bug/?i=18036 - [16] = https://curl.se/bug/?i=18050 - [17] = https://curl.se/bug/?i=17998 - [18] = https://curl.se/bug/?i=17978 - [19] = https://curl.se/bug/?i=17938 - [20] = https://curl.se/bug/?i=17889 - [21] = https://curl.se/bug/?i=17898 - [22] = https://curl.se/bug/?i=18049 - [23] = https://curl.se/bug/?i=17980 - [24] = https://curl.se/bug/?i=17982 - [25] = https://curl.se/bug/?i=17949 - [26] = https://curl.se/bug/?i=17968 - [27] = https://curl.se/bug/?i=17975 - [28] = https://curl.se/bug/?i=17958 - [29] = https://curl.se/bug/?i=17976 - [30] = https://curl.se/bug/?i=17963 - [31] = https://curl.se/bug/?i=18016 - [32] = https://curl.se/bug/?i=17967 - [33] = https://curl.se/bug/?i=17984 - [34] = https://curl.se/bug/?i=17933 - [35] = https://curl.se/bug/?i=17971 - [36] = https://curl.se/bug/?i=17972 - [37] = https://curl.se/bug/?i=17768 - [38] = https://curl.se/bug/?i=17951 - [39] = https://curl.se/bug/?i=17953 - [40] = https://github.com/microsoft/vcpkg/pull/46444#pullrequestreview-3026575393 - [41] = https://curl.se/bug/?i=17941 - [42] = https://curl.se/bug/?i=17940 - [43] = https://curl.se/bug/?i=17942 - [44] = https://curl.se/bug/?i=18030 - [45] = https://curl.se/bug/?i=17696 - [46] = https://curl.se/bug/?i=18026 - [47] = https://curl.se/bug/?i=18019 - [48] = https://curl.se/bug/?i=18053 - [49] = https://curl.se/bug/?i=18015 - [50] = https://curl.se/bug/?i=18012 - [51] = https://curl.se/bug/?i=18014 - [52] = https://curl.se/bug/?i=18011 - [53] = https://curl.se/bug/?i=18046 - [54] = https://curl.se/bug/?i=17797 - [55] = https://curl.se/bug/?i=17791 - [56] = https://curl.se/bug/?i=17992 - [57] = https://curl.se/bug/?i=18044 - [58] = https://curl.se/bug/?i=18045 - [59] = https://curl.se/bug/?i=18043 - [60] = https://curl.se/bug/?i=18047 - [61] = https://curl.se/bug/?i=17955 - [62] = https://curl.se/bug/?i=17884 - [63] = https://curl.se/bug/?i=17877 - [64] = https://curl.se/bug/?i=18018 - [65] = https://curl.se/bug/?i=17876 - [66] = https://curl.se/bug/?i=18041 - [67] = https://curl.se/bug/?i=17883 - [68] = https://curl.se/bug/?i=18005 - [69] = https://curl.se/bug/?i=17789 - [70] = https://curl.se/bug/?i=17712 - [71] = https://curl.se/bug/?i=17894 - [72] = https://curl.se/bug/?i=18081 - [73] = https://curl.se/bug/?i=18088 - [74] = https://curl.se/bug/?i=18119 - [75] = https://curl.se/bug/?i=18086 - [76] = https://curl.se/bug/?i=18079 - [77] = https://curl.se/bug/?i=18084 - [78] = https://curl.se/bug/?i=18117 - [79] = https://curl.se/bug/?i=18066 - [80] = https://curl.se/bug/?i=18105 - [81] = https://curl.se/bug/?i=18052 - [82] = https://curl.se/bug/?i=18076 - [83] = https://curl.se/bug/?i=17887 - [84] = https://curl.se/bug/?i=17225 - [85] = https://curl.se/bug/?i=18120 - [86] = https://curl.se/bug/?i=18068 - [87] = https://curl.se/bug/?i=18069 - [88] = https://curl.se/bug/?i=18057 - [89] = https://curl.se/bug/?i=18067 - [90] = https://curl.se/bug/?i=18017 - [91] = https://curl.se/bug/?i=18065 - [92] = https://curl.se/bug/?i=17440 - [93] = https://curl.se/bug/?i=17827 - [94] = https://curl.se/bug/?i=18055 - [95] = https://curl.se/bug/?i=18054 - [96] = https://curl.se/bug/?i=18063 - [97] = https://curl.se/bug/?i=18064 - [98] = https://curl.se/bug/?i=18062 - [99] = https://curl.se/bug/?i=18061 - [100] = https://curl.se/bug/?i=18032 - [101] = https://curl.se/bug/?i=17800 - [102] = https://curl.se/bug/?i=18060 - [103] = https://curl.se/bug/?i=18059 - [104] = https://curl.se/bug/?i=17947 - [105] = https://curl.se/bug/?i=18116 - [106] = https://curl.se/bug/?i=18114 - [107] = https://curl.se/bug/?i=18115 - [108] = https://curl.se/bug/?i=18112 - [109] = https://curl.se/bug/?i=18106 - [110] = https://curl.se/bug/?i=18110 - [111] = https://curl.se/bug/?i=18113 - [112] = https://curl.se/bug/?i=18109 - [113] = https://curl.se/bug/?i=18085 - [114] = https://curl.se/bug/?i=18108 - [115] = https://curl.se/bug/?i=18200 - [116] = https://curl.se/bug/?i=18167 - [117] = https://curl.se/bug/?i=18096 - [118] = https://curl.se/bug/?i=18092 - [119] = https://curl.se/bug/?i=18100 - [120] = https://curl.se/bug/?i=18099 - [121] = https://curl.se/bug/?i=18093 - [122] = https://curl.se/bug/?i=18091 - [123] = https://curl.se/bug/?i=18097 - [124] = https://curl.se/bug/?i=18095 - [125] = https://curl.se/bug/?i=18094 - [126] = https://curl.se/bug/?i=17960 - [127] = https://curl.se/bug/?i=16643 - [128] = https://curl.se/bug/?i=18165 - [129] = https://curl.se/bug/?i=16543 - [130] = https://curl.se/bug/?i=18162 - [131] = https://curl.se/bug/?i=18187 - [132] = https://curl.se/bug/?i=18160 - [133] = https://curl.se/bug/?i=18201 - [134] = https://curl.se/bug/?i=18393 - [135] = https://curl.se/bug/?i=18143 - [136] = https://curl.se/bug/?i=18142 - [137] = https://curl.se/bug/?i=18141 - [138] = https://curl.se/bug/?i=18158 - [139] = https://curl.se/bug/?i=18149 - [140] = https://curl.se/bug/?i=18233 - [141] = https://curl.se/bug/?i=18198 - [142] = https://curl.se/bug/?i=18145 - [143] = https://curl.se/bug/?i=18130 - [144] = https://curl.se/bug/?i=18118 - [145] = https://curl.se/bug/?i=18139 - [146] = https://curl.se/bug/?i=17977 - [147] = https://curl.se/bug/?i=18134 - [148] = https://curl.se/bug/?i=18136 - [149] = https://curl.se/bug/?i=18135 - [150] = https://curl.se/bug/?i=18137 - [151] = https://curl.se/bug/?i=18138 - [152] = https://curl.se/bug/?i=18121 - [153] = https://curl.se/bug/?i=18242 - [154] = https://curl.se/bug/?i=18241 - [155] = https://curl.se/bug/?i=18238 - [156] = https://curl.se/bug/?i=18195 - [157] = https://curl.se/bug/?i=18397 - [158] = https://curl.se/bug/?i=18299 - [159] = https://curl.se/bug/?i=18232 - [160] = https://curl.se/bug/?i=18177 - [161] = https://curl.se/bug/?i=18190 - [162] = https://curl.se/bug/?i=18230 - [163] = https://curl.se/bug/?i=18287 - [164] = https://curl.se/bug/?i=18282 - [165] = https://curl.se/bug/?i=18124 - [166] = https://curl.se/bug/?i=18271 - [167] = https://curl.se/mail/lib-2025-08/0012.html - [168] = https://curl.se/bug/?i=18170 - [169] = https://curl.se/bug/?i=18171 - [170] = https://curl.se/bug/?i=18283 - [171] = https://curl.se/bug/?i=18261 - [172] = https://curl.se/bug/?i=18190 - [173] = https://curl.se/bug/?i=18123 - [174] = https://curl.se/bug/?i=18173 - [175] = https://curl.se/bug/?i=18157 - [176] = https://curl.se/bug/?i=17974 - [177] = https://curl.se/bug/?i=18319 - [178] = https://curl.se/bug/?i=18216 - [179] = https://curl.se/bug/?i=18272 - [180] = https://curl.se/bug/?i=18254 - [181] = https://curl.se/bug/?i=18388 - [182] = https://curl.se/bug/?i=18188 - [183] = https://curl.se/bug/?i=18208 - [184] = https://curl.se/bug/?i=18206 - [185] = https://curl.se/bug/?i=18266 - [186] = https://curl.se/bug/?i=18264 - [187] = https://curl.se/bug/?i=18246 - [188] = https://curl.se/bug/?i=18322 - [189] = https://curl.se/bug/?i=18260 - [190] = https://curl.se/bug/?i=18259 - [191] = https://curl.se/bug/?i=18408 - [192] = https://curl.se/bug/?i=18372 - [193] = https://curl.se/bug/?i=17683 - [194] = https://curl.se/bug/?i=18243 - [195] = https://curl.se/bug/?i=18382 - [196] = https://curl.se/bug/?i=18247 - [197] = https://curl.se/bug/?i=18385 - [198] = https://curl.se/bug/?i=18312 - [199] = https://curl.se/bug/?i=18384 - [200] = https://curl.se/bug/?i=18308 - [201] = https://curl.se/bug/?i=18383 - [202] = https://curl.se/bug/?i=18029 - [203] = https://curl.se/bug/?i=18412 - [204] = https://curl.se/bug/?i=18196 - [205] = https://curl.se/bug/?i=18306 - [206] = https://curl.se/bug/?i=18307 - [207] = https://curl.se/bug/?i=18305 - [208] = https://curl.se/bug/?i=18304 - [209] = https://curl.se/bug/?i=18377 - [210] = https://curl.se/bug/?i=18405 - [211] = https://curl.se/bug/?i=18450 - [212] = https://curl.se/bug/?i=18378 - [213] = https://curl.se/bug/?i=16706 - [214] = https://curl.se/bug/?i=18371 - [215] = https://curl.se/bug/?i=18365 - [216] = https://curl.se/bug/?i=18363 - [217] = https://curl.se/bug/?i=18362 - [218] = https://curl.se/bug/?i=18370 - [219] = https://curl.se/bug/?i=18369 - [220] = https://curl.se/bug/?i=18368 - [221] = https://curl.se/bug/?i=18367 - [222] = https://curl.se/bug/?i=18358 - [223] = https://curl.se/bug/?i=18360 - [224] = https://curl.se/bug/?i=18359 - [225] = https://curl.se/bug/?i=18357 - [226] = https://curl.se/bug/?i=18357 - [227] = https://curl.se/bug/?i=18349 - [228] = https://curl.se/bug/?i=18350 - [229] = https://curl.se/bug/?i=18445 - [230] = https://curl.se/bug/?i=18404 - [231] = https://curl.se/bug/?i=18351 - [232] = https://curl.se/bug/?i=18348 - [233] = https://curl.se/bug/?i=18356 - [234] = https://curl.se/bug/?i=18355 - [235] = https://curl.se/bug/?i=18347 - [236] = https://curl.se/bug/?i=18251 - [237] = https://curl.se/bug/?i=18315 - [238] = https://curl.se/bug/?i=18346 - [239] = https://curl.se/bug/?i=18323 - [240] = https://curl.se/bug/?i=18478 - [241] = https://curl.se/bug/?i=18335 - [242] = https://curl.se/bug/?i=18447 - [243] = https://curl.se/bug/?i=18390 - [244] = https://curl.se/bug/?i=18398 - [245] = https://curl.se/bug/?i=18476 - [246] = https://curl.se/bug/?i=18333 - [247] = https://curl.se/bug/?i=18329 - [248] = https://curl.se/bug/?i=18328 - [249] = https://curl.se/bug/?i=18327 - [250] = https://curl.se/bug/?i=18434 - [251] = https://curl.se/bug/?i=18326 - [252] = https://curl.se/bug/?i=18263 - [253] = https://curl.se/bug/?i=18433 - [254] = https://curl.se/bug/?i=18495 - [255] = https://curl.se/bug/?i=18496 - [256] = https://curl.se/bug/?i=18424 - [258] = https://curl.se/bug/?i=18469 - [259] = https://curl.se/bug/?i=18455 - [260] = https://curl.se/bug/?i=18430 - [261] = https://curl.se/bug/?i=18498 - [262] = https://curl.se/bug/?i=18431 - [265] = https://curl.se/bug/?i=18422 - [266] = https://curl.se/bug/?i=18413 - [268] = https://curl.se/bug/?i=18470 - [269] = https://curl.se/bug/?i=18286 - [270] = https://curl.se/bug/?i=18457 - [271] = https://curl.se/bug/?i=18483 - [273] = https://curl.se/bug/?i=18462 - [275] = https://curl.se/bug/?i=18459 + [2] = https://curl.se/bug/?i=18512 + [3] = https://curl.se/bug/?i=18511 + [4] = https://curl.se/bug/?i=18505 diff --git a/include/curl/curlver.h b/include/curl/curlver.h index 48fb81df81..03baeb4ae1 100644 --- a/include/curl/curlver.h +++ b/include/curl/curlver.h @@ -32,13 +32,13 @@ /* This is the version number of the libcurl package from which this header file origins: */ -#define LIBCURL_VERSION "8.16.0-DEV" +#define LIBCURL_VERSION "8.16.1-DEV" /* The numeric version number is also available "in parts" by using these defines: */ #define LIBCURL_VERSION_MAJOR 8 #define LIBCURL_VERSION_MINOR 16 -#define LIBCURL_VERSION_PATCH 0 +#define LIBCURL_VERSION_PATCH 1 /* This is the numeric version of the libcurl version number, meant for easier parsing and comparisons by programs. The LIBCURL_VERSION_NUM define will always follow this syntax: @@ -58,7 +58,7 @@ CURL_VERSION_BITS() macro since curl's own configure script greps for it and needs it to contain the full number. */ -#define LIBCURL_VERSION_NUM 0x081000 +#define LIBCURL_VERSION_NUM 0x081001 /* * This is the date and time when the full source package was created. The From 3ba74c43953087f441104f65918ed82f2078b4c3 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 10 Sep 2025 12:48:06 +0200 Subject: [PATCH 0005/2408] curl_mem_undef.h: limit to `CURLDEBUG` for non-memalloc overrides To fix non-`CURLDEBUG` builds on 32-bit AIX, where `fopen` is a system macro. Ref: #18502 Ref: https://github.com/curl/curl/pull/18502/commits/793a375ce3002454599ffe2d7b561b6340103306 Follow-up to 3bb5e58c105d7be450b667858d1b8e7ae3ded555 #17827 Reported-by: Andrew Kirillov Fixes #18510 Closes #18514 --- lib/curl_mem_undef.h | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/lib/curl_mem_undef.h b/lib/curl_mem_undef.h index b72e529dde..acc3a9226a 100644 --- a/lib/curl_mem_undef.h +++ b/lib/curl_mem_undef.h @@ -29,13 +29,15 @@ #undef calloc #undef realloc #undef free -#undef send -#undef recv - #ifdef _WIN32 #undef _tcsdup #endif +#ifdef CURLDEBUG + +#undef send +#undef recv + #undef socket #ifdef HAVE_ACCEPT4 #undef accept4 @@ -51,5 +53,7 @@ #undef fdopen #undef fclose +#endif /* CURLDEBUG */ + #undef HEADER_CURL_MEMORY_H #undef HEADER_CURL_MEMDEBUG_H From 0455d8772a1af20ce63c46c5738582aa9b1b8441 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 10 Sep 2025 10:25:17 +0200 Subject: [PATCH 0006/2408] GHA: minimize installed packages in http3-linux and Windows cross-builds In the last couple of months some jobs started taking a lot of time and often timing out due to slow `apt install` from the Azure Ubuntu mirror. The jobs affected were those that installed large packages: GHA/http3-linux and the 3 cross-build jobs in GHA/windows. This patch reduces the installed packaged to the minimum required to complete the jobs. Saving a minute+ for each http3-linux job (a total of 20+ minutes for the workflow.) Also saving bandwidth and reducing the chance for long downloads or timeouts with slow Azure repos. Details: - http3: delete redundant packages from the `build-cache` job. - http3: install gnutls dependencies for gnutls jobs only. - http3: do not install test dependencies in jobs not running tests. - http3: drop redundant packages from the curl jobs. - Windows-cross: replace `mingw-w64` with `gcc-mingw-w64-x86-64-win32` for the 3 Windows cross-build job. Dropping C++, 32-bit, and 64-bit POSIX-threaded parts. Saving time and significant bandwidth for each of the 3 jobs: Download size: 277 MB -> 65 MB (installed: 1300 MB -> 400 MB) - Windows-cross: restore previous job time limit of 15m (from 45m) Follow-up to ff5140a25f42fef80325c6e28c4802fdb7e06386 #18163 Before: https://github.com/curl/curl/actions/runs/17611514207 (http3) https://github.com/curl/curl/actions/runs/17611514185/job/50034354923 (Windows cross) After: https://github.com/curl/curl/actions/runs/17628406362?pr=18509 (http3) https://github.com/curl/curl/actions/runs/17627562551/job/50088055529?pr=18509 (Windows cross) http3 job | Bef. | Aft. | :------------------ | ------: | ------: | Build caches (hot) | 10s | 12s | AM awslc | 3m 0s | 1m 54s | CM awslc | 4m 32s | 3m 4s | AM boringssl | 3m 9s | 1m 48s | CM boringssl | 3m 43s | 3m 2s | AM gnutls | 3m 9s | 2m 18s | CM gnutls | 4m 19s | 2m 55s | AM libressl | 2m 14s | 1m 24s | CM libressl | 5m 30s | 2m 57s | AM openssl | 5m 16s | 4m 17s | CM openssl | 1m 50s | 1m 47s | AM openssl-quic | 2m 58s | 1m 7s | CM openssl-quic | 4m 16s | 2m 43s | AM quiche | 2m 54s | 1m 34s | CM quiche | 5m 0s | 3m 15s | AM quictls | 2m 34s | 1m 13s | CM quictls | 4m 20s | 3m 17s | AM wolfssl | 2m 48s | 1m 30s | CM wolfssl | 4m 49s | 3m 22s | Total: | 66m 21s | 43m 27s | Gain: | | 22m 54s | Out of curiousity, build times as seen in the http3 build-cache job: - TLS backends: - openssl: 2m25s - libressl: 27s - aws-lc: 41s - boringssl: 1m8s - quictls: 1m46s - gnutls: 6m30s - wolfssl: 51s - quiche + boringssl: 1m9s - ng* libs (not yet optimized for build speed): - nghttp3: 13s - ngtcp2: 52s (with 6 backends, 3 runs) - ngtcp2: 19s (boringssl) - nghttp2: 21s Ref: https://github.com/curl/curl/actions/runs/17626120054/job/50083344805 A similar effort in curl-for-win, affecting 2 GHA/curl-for-win Windows jobs (though they use the default Debian repo, with no issues): - with llvm/clang: Download size: 648 MB -> 430 MB (installed: 3344 MB -> 2333 MB) - with gcc: Download size: 550 MB -> 328 MB (installed: 2815 MB -> 1804 MB) Ref: https://github.com/curl/curl-for-win/commit/e19665d9486bdca60f996ed2e198a66128cfba38 Ref: https://github.com/curl/curl-for-win/commit/6b14c3946a8c89dc1d3847afc9501fc71f3ac628 Bug: https://github.com/curl/curl/pull/18502#issuecomment-3270259744 Closes #18509 --- .github/workflows/http3-linux.yml | 26 ++++++++++++++------------ .github/workflows/windows.yml | 4 ++-- 2 files changed, 16 insertions(+), 14 deletions(-) diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index a317f99783..1a7ff07d5f 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -192,12 +192,8 @@ jobs: sudo apt-get -o Dpkg::Use-Pty=0 update sudo rm -f /var/lib/man-db/auto-update sudo apt-get -o Dpkg::Use-Pty=0 install \ - libtool autoconf automake pkgconf stunnel4 \ - libpsl-dev libbrotli-dev libzstd-dev zlib1g-dev libev-dev libc-ares-dev \ - nettle-dev libp11-kit-dev libtspi-dev libunistring-dev guile-2.2-dev libtasn1-bin \ - libtasn1-6-dev libidn2-0-dev gawk gperf libtss2-dev dns-root-data bison gtk-doc-tools \ - texinfo texlive texlive-extra-utils autopoint libev-dev \ - apache2 apache2-dev libnghttp2-dev dante-server + libtool autoconf automake pkgconf \ + nettle-dev libp11-kit-dev libev-dev autopoint bison gperf gtk-doc-tools libtasn1-bin # for gnutls echo 'CC=gcc-12' >> "$GITHUB_ENV" echo 'CXX=g++-12' >> "$GITHUB_ENV" @@ -350,6 +346,7 @@ jobs: timeout-minutes: 45 env: MATRIX_BUILD: ${{ matrix.build.generate && 'cmake' || 'autotools' }} + MATRIX_INSTALL_PACKAGES: '${{ matrix.build.install_packages }}' strategy: fail-fast: false matrix: @@ -430,6 +427,7 @@ jobs: -DUSE_NGTCP2=ON -DCURL_DISABLE_NTLM=ON - name: 'gnutls' + install_packages: nettle-dev libp11-kit-dev install_steps: skipall PKG_CONFIG_PATH: /home/runner/gnutls/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig configure: >- @@ -438,6 +436,7 @@ jobs: --with-gnutls=/home/runner/gnutls/build --enable-ssls-export - name: 'gnutls' + install_packages: nettle-dev libp11-kit-dev PKG_CONFIG_PATH: /home/runner/gnutls/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig generate: >- -DCURL_USE_GNUTLS=ON @@ -493,17 +492,20 @@ jobs: steps: - name: 'install prereqs' + env: + INSTALL_PACKAGES: >- + ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') && 'stunnel4 ' || '' }} + ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') && 'apache2 apache2-dev libnghttp2-dev vsftpd dante-server' || '' }} + run: | sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list sudo apt-get -o Dpkg::Use-Pty=0 update sudo rm -f /var/lib/man-db/auto-update sudo apt-get -o Dpkg::Use-Pty=0 install \ - libtool autoconf automake pkgconf stunnel4 \ - libpsl-dev libbrotli-dev libzstd-dev zlib1g-dev libev-dev libc-ares-dev \ - nettle-dev libp11-kit-dev libtspi-dev libunistring-dev guile-2.2-dev libtasn1-bin \ - libtasn1-6-dev libidn2-0-dev gawk gperf libtss2-dev dns-root-data bison gtk-doc-tools \ - texinfo texlive texlive-extra-utils autopoint libev-dev libuv1-dev \ - apache2 apache2-dev libnghttp2-dev vsftpd dante-server + libtool autoconf automake pkgconf \ + libpsl-dev libbrotli-dev libzstd-dev zlib1g-dev libidn2-0-dev libuv1-dev \ + ${INSTALL_PACKAGES} \ + ${MATRIX_INSTALL_PACKAGES} python3 -m venv ~/venv echo 'CC=gcc-12' >> "$GITHUB_ENV" echo 'CXX=g++-12' >> "$GITHUB_ENV" diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index 27b29ce429..0938142df9 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -706,7 +706,7 @@ jobs: linux-cross-mingw-w64: name: "linux-mingw, ${{ matrix.build == 'cmake' && 'CM' || 'AM' }} ${{ matrix.compiler }}" runs-on: ubuntu-latest - timeout-minutes: 45 + timeout-minutes: 15 env: MAKEFLAGS: -j 5 TRIPLET: 'x86_64-w64-mingw32' @@ -725,7 +725,7 @@ jobs: INSTALL_PACKAGES: ${{ matrix.compiler == 'clang-tidy' && 'clang' || '' }} run: | sudo rm -f /var/lib/man-db/auto-update - sudo apt-get -o Dpkg::Use-Pty=0 install mingw-w64 ${INSTALL_PACKAGES} + sudo apt-get -o Dpkg::Use-Pty=0 install gcc-mingw-w64-x86-64-win32 ${INSTALL_PACKAGES} - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 with: From 7417f14b93b2bcc4ed31696dee7e9404ab2897af Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 10 Sep 2025 16:54:27 +0000 Subject: [PATCH 0007/2408] GHA: update rojopolis/spellcheck-github-actions digest to 739a1e3 Closes #18515 --- .github/workflows/checkdocs.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/checkdocs.yml b/.github/workflows/checkdocs.yml index 917efc5398..36a4ff999e 100644 --- a/.github/workflows/checkdocs.yml +++ b/.github/workflows/checkdocs.yml @@ -117,7 +117,7 @@ jobs: run: grep -v '^#' .github/scripts/spellcheck.words > wordlist.txt - name: 'check Spelling' - uses: rojopolis/spellcheck-github-actions@35a02bae020e6999c5c37fabaf447f2eb8822ca7 # v0 + uses: rojopolis/spellcheck-github-actions@739a1e3ceb79a98a5d4a9bf76f351137f9d78892 # v0 with: config_path: .github/scripts/spellcheck.yaml From 39c2d4b54363609865fa49f0f0d7adff84a03d03 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 10 Sep 2025 18:40:05 +0000 Subject: [PATCH 0008/2408] GHA: update github/codeql-action digest to 192325c Closes #18516 --- .github/workflows/codeql.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 25a8f8cbc0..9863f7624d 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -52,10 +52,10 @@ jobs: persist-credentials: false - name: 'initialize' - uses: github/codeql-action/init@d3678e237b9c32a6c9bffb3315c335f976f3549f # v3 + uses: github/codeql-action/init@192325c86100d080feab897ff886c34abd4c83a3 # v3 with: languages: actions, python queries: security-extended - name: 'perform analysis' - uses: github/codeql-action/analyze@d3678e237b9c32a6c9bffb3315c335f976f3549f # v3 + uses: github/codeql-action/analyze@192325c86100d080feab897ff886c34abd4c83a3 # v3 From aa8a44ecfa0e46a839affb58c6640b514b062995 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 11 Sep 2025 11:20:08 +0200 Subject: [PATCH 0009/2408] GHA: fix and tweak installed packages for http3-linux and Windows-cross - explicitly install `libldap-dev` to not rely on test-specific packages installing it implicitly, to have the same `curl -V` output for each TLS backend build pair. Follow-up to 0455d8772a1af20ce63c46c5738582aa9b1b8441 #18509 - install `libev-dev` for tests. It's a runtime dependency for the local build of `nghttpx`. Missing it made pytest skip 178 tests. Also skewing the 'Gain' time. I estimate it to account for 3 minutes, making the total gain ~20 minutes. Follow-up to 0455d8772a1af20ce63c46c5738582aa9b1b8441 #18509 (It may be a better solution to disable libev for the local nghttp2 build, to avoid this hidden dependency.) - fix quiche jobs to use the local build of `libnghttp2`. - stop installing the `clang` package for Windows-cross. `clang` and `clang-tidy` tools are preinstalled on the Ubuntu 24.04 runner. Closes #18519 --- .github/workflows/http3-linux.yml | 7 ++++--- .github/workflows/windows.yml | 4 +--- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index 1a7ff07d5f..3443b11464 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -476,6 +476,7 @@ jobs: - name: 'quiche' install_steps: skipall + PKG_CONFIG_PATH: /home/runner/nghttp2/build/lib/pkgconfig configure: >- LDFLAGS=-Wl,-rpath,/home/runner/quiche/target/release --with-openssl=/home/runner/quiche/quiche/deps/boringssl/src @@ -484,7 +485,7 @@ jobs: --enable-unity - name: 'quiche' - PKG_CONFIG_PATH: /home/runner/quiche/target/release + PKG_CONFIG_PATH: /home/runner/nghttp2/build/lib/pkgconfig:/home/runner/quiche/target/release generate: >- -DOPENSSL_ROOT_DIR=/home/runner/quiche/quiche/deps/boringssl/src -DUSE_QUICHE=ON @@ -495,7 +496,7 @@ jobs: env: INSTALL_PACKAGES: >- ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') && 'stunnel4 ' || '' }} - ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') && 'apache2 apache2-dev libnghttp2-dev vsftpd dante-server' || '' }} + ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') && 'apache2 apache2-dev libnghttp2-dev vsftpd dante-server libev-dev' || '' }} run: | sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list @@ -503,7 +504,7 @@ jobs: sudo rm -f /var/lib/man-db/auto-update sudo apt-get -o Dpkg::Use-Pty=0 install \ libtool autoconf automake pkgconf \ - libpsl-dev libbrotli-dev libzstd-dev zlib1g-dev libidn2-0-dev libuv1-dev \ + libpsl-dev libbrotli-dev libzstd-dev zlib1g-dev libidn2-0-dev libldap-dev libuv1-dev \ ${INSTALL_PACKAGES} \ ${MATRIX_INSTALL_PACKAGES} python3 -m venv ~/venv diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index 0938142df9..9acc8cbde6 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -721,11 +721,9 @@ jobs: - { build: 'cmake' , compiler: 'clang-tidy' } steps: - name: 'install packages' - env: - INSTALL_PACKAGES: ${{ matrix.compiler == 'clang-tidy' && 'clang' || '' }} run: | sudo rm -f /var/lib/man-db/auto-update - sudo apt-get -o Dpkg::Use-Pty=0 install gcc-mingw-w64-x86-64-win32 ${INSTALL_PACKAGES} + sudo apt-get -o Dpkg::Use-Pty=0 install gcc-mingw-w64-x86-64-win32 - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 with: From bf6ae59ab1586e3cd97f27341e4964a9316dc3d5 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 11 Sep 2025 15:02:57 +0200 Subject: [PATCH 0010/2408] GHA/windows: drop repeated word from comment --- .github/workflows/windows.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index 9acc8cbde6..b519af47d6 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -950,9 +950,8 @@ jobs: # Use Ninja when running tests to avoid MSBuild heuristics picking # up "error messages" in the test log output and making the job fail. # Officially this requires the vcvarsall.bat MS-DOS batch file (as of - # VS2022). Since it integrates badly with CI steps and shell scripts - # scripts, reproduce the necessary build configuration manually, and - # without envs. + # VS2022). Since it integrates badly with CI steps and shell scripts, + # reproduce the necessary build configuration manually, without envs. [[ "$(uname -s)" = *'ARM64'* ]] && MSVC_HOST='arm64' || MSVC_HOST='x64' # x86 MSVC_ROOTD="$(cygpath --mixed --short-name "$PROGRAMFILES/Microsoft Visual Studio")" # to avoid spaces in directory names MSVC_ROOTU="$(/usr/bin/find "$(cygpath --unix "$MSVC_ROOTD/2022/Enterprise/vc/tools/msvc")" -mindepth 1 -maxdepth 1 -type d -name '*.*' | sort | tail -n 1)" From b178d58266d4d9805de6da913b5be25c0485b6c2 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Thu, 11 Sep 2025 12:59:22 +0200 Subject: [PATCH 0011/2408] quic: fix min TLS version handling When switching to TSLv1.2 as default in 9d8998c99408e1adf8eba629fad9f87b3235bdfa, this led to an explicit setting of 1.2 on QUIC connections when using quictls, overriding the already set min version of 1.3. This leads to a ClientHello with TLS 1.2+1.3 offered on a QUIC connect which is rejected by the Caddy server. Using ngtcp2 with OpenSSL 3.5+, GnuTLS or AWS-LC is not affected. Fixes #18518 Reported-by: fds242 on github Closes #18520 --- lib/vtls/openssl.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index a49203ab07..5c22ad25dc 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -2865,11 +2865,12 @@ static void ossl_trace(int direction, int ssl_ver, int content_type, #if OPENSSL_VERSION_NUMBER >= 0x10100000L /* 1.1.0 */ static CURLcode -ossl_set_ssl_version_min_max(struct Curl_cfilter *cf, SSL_CTX *ctx) +ossl_set_ssl_version_min_max(struct Curl_cfilter *cf, SSL_CTX *ctx, + unsigned int ssl_version_min) { struct ssl_primary_config *conn_config = Curl_ssl_cf_get_primary_config(cf); /* first, TLS min version... */ - long curl_ssl_version_min = conn_config->version; + long curl_ssl_version_min = (long)ssl_version_min; long curl_ssl_version_max; /* convert curl min SSL version option to OpenSSL constant */ @@ -4110,7 +4111,7 @@ CURLcode Curl_ossl_ctx_init(struct ossl_ctx *octx, ctx_options |= SSL_OP_NO_SSLv3; #if OPENSSL_VERSION_NUMBER >= 0x10100000L /* 1.1.0 */ - result = ossl_set_ssl_version_min_max(cf, octx->ssl_ctx); + result = ossl_set_ssl_version_min_max(cf, octx->ssl_ctx, ssl_version_min); #else result = ossl_set_ssl_version_min_max_legacy(&ctx_options, cf, data); #endif From 115fe808f2346b9c02d2720d8f575098e473a5d2 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Thu, 11 Sep 2025 14:12:04 +0200 Subject: [PATCH 0012/2408] ngtcp2: check error code on connect failure Access the error codes of ngtcp2 when a connect attempt failes. Trace the information for analysis. Treat errors as permanent failure by default, trigger retrying only when the server refused without indicating an error. Closes #18521 --- lib/vquic/curl_ngtcp2.c | 30 +++++++++++++++++++++++++----- tests/http/testenv/nghttpx.py | 7 ++++--- 2 files changed, 29 insertions(+), 8 deletions(-) diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index 6470f1506d..3f7c58d08a 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -2578,11 +2578,31 @@ static CURLcode cf_ngtcp2_connect(struct Curl_cfilter *cf, out: if(result == CURLE_RECV_ERROR && ctx->qconn && ngtcp2_conn_in_draining_period(ctx->qconn)) { - /* When a QUIC server instance is shutting down, it may send us a - * CONNECTION_CLOSE right away. Our connection then enters the DRAINING - * state. The CONNECT may work in the near future again. Indicate - * that as a "weird" reply. */ - result = CURLE_WEIRD_SERVER_REPLY; + const ngtcp2_ccerr *cerr = ngtcp2_conn_get_ccerr(ctx->qconn); + + result = CURLE_COULDNT_CONNECT; + if(cerr) { + CURL_TRC_CF(data, cf, "connect error, type=%d, code=%" + FMT_PRIu64, + cerr->type, (curl_uint64_t)cerr->error_code); + switch(cerr->type) { + case NGTCP2_CCERR_TYPE_VERSION_NEGOTIATION: + CURL_TRC_CF(data, cf, "error in version negotiation"); + break; + default: + if(cerr->error_code >= NGTCP2_CRYPTO_ERROR) { + CURL_TRC_CF(data, cf, "crypto error, tls alert=%u", + (unsigned int)(cerr->error_code & 0xffu)); + } + else if(cerr->error_code == NGTCP2_CONNECTION_REFUSED) { + CURL_TRC_CF(data, cf, "connection refused by server"); + /* When a QUIC server instance is shutting down, it may send us a + * CONNECTION_CLOSE with this code right away. We want + * to keep on trying in this case. */ + result = CURLE_WEIRD_SERVER_REPLY; + } + } + } } #ifndef CURL_DISABLE_VERBOSE_STRINGS diff --git a/tests/http/testenv/nghttpx.py b/tests/http/testenv/nghttpx.py index 0bd46ac360..dfb416334c 100644 --- a/tests/http/testenv/nghttpx.py +++ b/tests/http/testenv/nghttpx.py @@ -124,15 +124,16 @@ class Nghttpx: running = self._process self._process = None os.kill(running.pid, signal.SIGQUIT) - end_wait = datetime.now() + timeout + end_wait = datetime.now() + timedelta(seconds=5) if not self.start(wait_live=False): self._process = running return False while datetime.now() < end_wait: try: log.debug(f'waiting for nghttpx({running.pid}) to exit.') - running.wait(2) + running.wait(1) log.debug(f'nghttpx({running.pid}) terminated -> {running.returncode}') + running = None break except subprocess.TimeoutExpired: log.warning(f'nghttpx({running.pid}), not shut down yet.') @@ -142,7 +143,7 @@ class Nghttpx: os.kill(running.pid, signal.SIGKILL) running.terminate() running.wait(1) - return self.wait_live(timeout=timedelta(seconds=Env.SERVER_TIMEOUT)) + return self.wait_live(timeout=timeout) return False def wait_dead(self, timeout: timedelta): From 839b22863e2f3dfdceab91e66c23257bc8726863 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 11 Sep 2025 16:09:45 +0200 Subject: [PATCH 0013/2408] ssl-sessions.md: mark option experimental Also make managen output the experimental text with the correct prefix/margin for the ascii version. Closes #18523 --- docs/cmdline-opts/ssl-sessions.md | 1 + scripts/managen | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/cmdline-opts/ssl-sessions.md b/docs/cmdline-opts/ssl-sessions.md index bb1e251e73..33ef984a3e 100644 --- a/docs/cmdline-opts/ssl-sessions.md +++ b/docs/cmdline-opts/ssl-sessions.md @@ -8,6 +8,7 @@ Help: Load/save SSL session tickets from/to this file Added: 8.12.0 Category: tls Multi: single +Experimental: yes See-also: - tls-earlydata Example: diff --git a/scripts/managen b/scripts/managen index 459b651240..1eb536a0e6 100755 --- a/scripts/managen +++ b/scripts/managen @@ -728,7 +728,8 @@ sub single { } if($experimental) { - push @leading, "**WARNING**: this option is experimental. Do not use in production.\n\n"; + my $pref = $manpage ? "" : "[1]"; + push @leading, "$pref**WARNING**: this option is experimental. Do not use in production.\n\n"; } my $pre = $manpage ? "\n": "[1]"; From 53f90cb3b5678de16a0129ff4f9f3f0e87dfd78b Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 11 Sep 2025 15:05:28 +0200 Subject: [PATCH 0014/2408] GHA/http3-linux: fix nghttpx build and other tweaks - fix `nghttp2` build to also build the `nghttpx` application. Restore required `libc-ares-dev`. Also confirm that `libev-dev` is required too. Document these requirements. Follow-up to 0455d8772a1af20ce63c46c5738582aa9b1b8441 #18509 - explicitly enable `nghttpx` for the `nghttp2` build to make it fail if requirements aren't met: ``` configure: error: applications were requested (--enable-app) but dependencies are not met. ``` - explicitly install brotli, zstd, zlib for the dependency builds. Of these, zstd and zlib are preinstalled. zlib is required for `nghttpx`. zstd and brotli doesn't seem to be used, but keep them there just in case and to match the test env. Follow-up to 0455d8772a1af20ce63c46c5738582aa9b1b8441 #18509 - enable brotli for `nghttpx`. It doesn't change the tests, and also cost almost nothing, so I figure why not. Closes #18522 --- .github/workflows/http3-linux.yml | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index 3443b11464..195437182f 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -193,7 +193,10 @@ jobs: sudo rm -f /var/lib/man-db/auto-update sudo apt-get -o Dpkg::Use-Pty=0 install \ libtool autoconf automake pkgconf \ - nettle-dev libp11-kit-dev libev-dev autopoint bison gperf gtk-doc-tools libtasn1-bin # for gnutls + libbrotli-dev libzstd-dev zlib1g-dev \ + libev-dev \ + libc-ares-dev \ + nettle-dev libp11-kit-dev autopoint bison gperf gtk-doc-tools libtasn1-bin # for GnuTLS echo 'CC=gcc-12' >> "$GITHUB_ENV" echo 'CXX=g++-12' >> "$GITHUB_ENV" @@ -256,6 +259,7 @@ jobs: cd ~ git clone --quiet --depth=1 -b "${GNUTLS_VERSION}" https://github.com/gnutls/gnutls.git cd gnutls + # required: nettle-dev libp11-kit-dev libev-dev autopoint bison gperf gtk-doc-tools libtasn1-bin ./bootstrap ./configure --disable-dependency-tracking --prefix="$PWD"/build \ LDFLAGS="-Wl,-rpath,$PWD/build/lib -L$PWD/build/lib" \ @@ -332,10 +336,13 @@ jobs: cd nghttp2 git submodule update --init --depth=1 autoreconf -fi + # required (for nghttpx application): libc-ares-dev libev-dev zlib1g-dev + # optional (for nghttpx application): libbrotli-dev ./configure --disable-dependency-tracking --prefix="$PWD"/build \ PKG_CONFIG_PATH=/home/runner/quictls/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig \ LDFLAGS=-Wl,-rpath,/home/runner/quictls/build/lib \ - --enable-http3 + --with-libbrotlienc --with-libbrotlidec \ + --enable-app --enable-http3 make install linux: From c184f464f795dbdf8db354b9b2bc01891ddc4fdd Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 11 Sep 2025 17:50:59 +0200 Subject: [PATCH 0015/2408] CURLOPT_MAXLIFETIME_CONN: make default 24 hours Set a default value to only reuse existing connections if less than 24 hours old. This makes the TLS certificate check get redone for the new connection. An application can still set it to zero. Closes #18527 --- docs/libcurl/opts/CURLOPT_MAXLIFETIME_CONN.md | 14 ++++++++------ lib/url.c | 2 +- lib/urldata.h | 4 ++-- 3 files changed, 11 insertions(+), 9 deletions(-) diff --git a/docs/libcurl/opts/CURLOPT_MAXLIFETIME_CONN.md b/docs/libcurl/opts/CURLOPT_MAXLIFETIME_CONN.md index b29e61a2c3..8c1fbf82f8 100644 --- a/docs/libcurl/opts/CURLOPT_MAXLIFETIME_CONN.md +++ b/docs/libcurl/opts/CURLOPT_MAXLIFETIME_CONN.md @@ -35,16 +35,18 @@ connection to have to be considered for reuse for this request. libcurl features a connection cache that holds previously used connections. When a new request is to be done, libcurl considers any connection that -matches for reuse. The CURLOPT_MAXLIFETIME_CONN(3) limit prevents -libcurl from trying too old connections for reuse. This can be used for -client-side load balancing. If a connection is found in the cache that is -older than this set *maxlifetime*, it is instead marked for closure. +matches for reuse. The CURLOPT_MAXLIFETIME_CONN(3) limit prevents libcurl from +trying too old connections for reuse. This can be used for client-side load +balancing. If a connection is found in the cache that is older than this set +*maxlifetime*, it is instead marked for closure. -If set to 0, this behavior is disabled: all connections are eligible for reuse. +If set to 0, this behavior is disabled: all connections are eligible for +reuse. # DEFAULT -0 seconds (i.e., disabled) +24 hours (since 8.17.0). Before that, the default was 0 seconds (i.e., +disabled) # %PROTOCOLS% diff --git a/lib/url.c b/lib/url.c index 45d44bac73..283da6d68b 100644 --- a/lib/url.c +++ b/lib/url.c @@ -488,7 +488,7 @@ CURLcode Curl_init_userdefined(struct Curl_easy *data) set->upkeep_interval_ms = CURL_UPKEEP_INTERVAL_DEFAULT; set->maxconnects = DEFAULT_CONNCACHE_SIZE; /* for easy handles */ set->conn_max_idle_ms = 118 * 1000; - set->conn_max_age_ms = 0; + set->conn_max_age_ms = 24 * 3600 * 1000; set->http09_allowed = FALSE; set->httpwant = CURL_HTTP_VERSION_NONE ; diff --git a/lib/urldata.h b/lib/urldata.h index cf181af641..a0ee614da8 100644 --- a/lib/urldata.h +++ b/lib/urldata.h @@ -1390,9 +1390,9 @@ struct UserDefined { void *progress_client; /* pointer to pass to the progress callback */ void *ioctl_client; /* pointer to pass to the ioctl callback */ timediff_t conn_max_idle_ms; /* max idle time to allow a connection that - is to be reused */ + is to be reused */ timediff_t conn_max_age_ms; /* max time since creation to allow a - connection that is to be reused */ + connection that is to be reused */ curl_off_t filesize; /* size of file to upload, -1 means unknown */ long low_speed_limit; /* bytes/second */ long low_speed_time; /* number of seconds */ From 16cd81ed69b9123584dd73a6924a8f852dc2372a Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 11 Sep 2025 16:52:40 +0200 Subject: [PATCH 0016/2408] urldata: FILE is not a list-only protocol The struct field thus does not depend on the presence of it Closes #18525 --- lib/urldata.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/urldata.h b/lib/urldata.h index a0ee614da8..4f00c8c9a0 100644 --- a/lib/urldata.h +++ b/lib/urldata.h @@ -116,7 +116,7 @@ typedef unsigned int curl_prot_t; #define PROTO_FAMILY_SSH (CURLPROTO_SCP|CURLPROTO_SFTP) #if !defined(CURL_DISABLE_FTP) || defined(USE_SSH) || \ - !defined(CURL_DISABLE_POP3) || !defined(CURL_DISABLE_FILE) + !defined(CURL_DISABLE_POP3) /* these protocols support CURLOPT_DIRLISTONLY */ #define CURL_LIST_ONLY_PROTOCOL 1 #endif From 57b195bf51ae863d93f48257039c080be4e61359 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 11 Sep 2025 23:46:34 +0200 Subject: [PATCH 0017/2408] CURLINFO_FTP_ENTRY_PATH.md: this is for SFTP as well Closes #18531 --- docs/libcurl/opts/CURLINFO_FTP_ENTRY_PATH.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/libcurl/opts/CURLINFO_FTP_ENTRY_PATH.md b/docs/libcurl/opts/CURLINFO_FTP_ENTRY_PATH.md index a25ac0a72c..08b5a6d336 100644 --- a/docs/libcurl/opts/CURLINFO_FTP_ENTRY_PATH.md +++ b/docs/libcurl/opts/CURLINFO_FTP_ENTRY_PATH.md @@ -9,6 +9,7 @@ See-also: - curl_easy_setopt (3) Protocol: - FTP + - SFTP Added-in: 7.15.4 --- @@ -28,7 +29,7 @@ CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_FTP_ENTRY_PATH, char **path); Pass a pointer to a char pointer to receive a pointer to a string holding the path of the entry path. That is the initial path libcurl ended up in when -logging on to the remote FTP server. This stores a NULL as pointer if +logging on to the remote FTP or SFTP server. This stores a NULL as pointer if something is wrong. The **path** pointer is NULL or points to private memory. You MUST NOT free From d7d32ad9b9e9dbf7a372689affd497dcec18df6e Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 11 Sep 2025 23:16:55 +0200 Subject: [PATCH 0018/2408] docs/libcurl: remove ancient version references To make the texts easier on the eye. - Remove most free text references to curl versions before 7.60.0 (May 2018) - Leave those present in a HISTORY section Most of them are already documented in symbols-in-versions anyway. Closes #18530 --- docs/libcurl/curl_easy_getinfo.md | 6 +-- docs/libcurl/curl_formadd.md | 15 +++---- docs/libcurl/curl_global_init.md | 2 +- docs/libcurl/curl_version_info.md | 40 ++++++++----------- docs/libcurl/libcurl-errors.md | 20 ++++------ .../opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD.md | 4 +- docs/libcurl/opts/CURLINFO_TLS_SESSION.md | 11 ++--- docs/libcurl/opts/CURLOPT_HTTP_VERSION.md | 10 ++--- docs/libcurl/opts/CURLOPT_ISSUERCERT.md | 4 +- docs/libcurl/opts/CURLOPT_OPENSOCKETDATA.md | 1 - .../opts/CURLOPT_OPENSOCKETFUNCTION.md | 1 - docs/libcurl/opts/CURLOPT_PROXY_SSLVERSION.md | 11 ----- .../libcurl/opts/CURLOPT_PROXY_SSL_OPTIONS.md | 3 +- docs/libcurl/opts/CURLOPT_QUOTE.md | 2 +- docs/libcurl/opts/CURLOPT_SOCKOPTFUNCTION.md | 1 - docs/libcurl/opts/CURLOPT_SSLVERSION.md | 26 ++++-------- docs/libcurl/opts/CURLOPT_SSL_OPTIONS.md | 3 +- docs/libcurl/opts/CURLOPT_TCP_KEEPINTVL.md | 2 +- docs/libcurl/opts/CURLSHOPT_SHARE.md | 10 ++--- 19 files changed, 62 insertions(+), 110 deletions(-) diff --git a/docs/libcurl/curl_easy_getinfo.md b/docs/libcurl/curl_easy_getinfo.md index dff0504477..9515fadeed 100644 --- a/docs/libcurl/curl_easy_getinfo.md +++ b/docs/libcurl/curl_easy_getinfo.md @@ -45,7 +45,7 @@ The session's active socket. See CURLINFO_ACTIVESOCKET(3) ## CURLINFO_APPCONNECT_TIME The time it took from the start until the SSL connect/handshake with the -remote host was completed as a double in number of seconds. (Added in 7.19.0) +remote host was completed as a double in number of seconds. ## CURLINFO_APPCONNECT_TIME_T @@ -222,7 +222,7 @@ User's private data pointer. See CURLINFO_PRIVATE(3) ## CURLINFO_PROTOCOL -(**Deprecated**) The protocol used for the connection. (Added in 7.52.0) See +(**Deprecated**) The protocol used for the connection. See CURLINFO_PROTOCOL(3) ## CURLINFO_PROXYAUTH_AVAIL @@ -303,7 +303,7 @@ RTSP session ID. See CURLINFO_RTSP_SESSION_ID(3) ## CURLINFO_SCHEME -The scheme used for the connection. (Added in 7.52.0) See CURLINFO_SCHEME(3) +The scheme used for the connection. See CURLINFO_SCHEME(3) ## CURLINFO_SIZE_DOWNLOAD diff --git a/docs/libcurl/curl_formadd.md b/docs/libcurl/curl_formadd.md index 6bef05523a..f35e50eab7 100644 --- a/docs/libcurl/curl_formadd.md +++ b/docs/libcurl/curl_formadd.md @@ -101,8 +101,6 @@ If you pass a 0 (zero) for this option, libcurl calls strlen() on the contents to figure out the size. If you really want to send a zero byte content then you must make sure strlen() on the data pointer returns zero. -(Option added in 7.46.0) - ## CURLFORM_CONTENTSLENGTH (This option is deprecated. Use *CURLFORM_CONTENTLEN* instead.) @@ -171,13 +169,12 @@ long which gives the length of the buffer. ## CURLFORM_STREAM -Tells libcurl to use the CURLOPT_READFUNCTION(3) callback to get -data. The parameter you pass to *CURLFORM_STREAM* is the pointer passed on -to the read callback's fourth argument. If you want the part to look like a -file upload one, set the *CURLFORM_FILENAME* parameter as well. Note that -when using *CURLFORM_STREAM*, *CURLFORM_CONTENTSLENGTH* must also be -set with the total expected length of the part unless the formpost is sent -chunked encoded. (Option added in libcurl 7.18.2) +Tells libcurl to use the CURLOPT_READFUNCTION(3) callback to get data. The +parameter you pass to *CURLFORM_STREAM* is the pointer passed on to the read +callback's fourth argument. If you want the part to look like a file upload +one, set the *CURLFORM_FILENAME* parameter as well. Note that when using +*CURLFORM_STREAM*, *CURLFORM_CONTENTSLENGTH* must also be set with the total +expected length of the part unless the formpost is sent chunked encoded. ## CURLFORM_ARRAY diff --git a/docs/libcurl/curl_global_init.md b/docs/libcurl/curl_global_init.md index 198b6e9f30..724f90cddc 100644 --- a/docs/libcurl/curl_global_init.md +++ b/docs/libcurl/curl_global_init.md @@ -108,7 +108,7 @@ This bit has no point since 7.69.0 but its behavior is instead the default. Before 7.69.0: when this flag is set, curl acknowledges EINTR condition when connecting or when waiting for data. Otherwise, curl waits until full timeout -elapses. (Added in 7.30.0) +elapses. # %PROTOCOLS% diff --git a/docs/libcurl/curl_version_info.md b/docs/libcurl/curl_version_info.md index 8a8671dbf9..a9c97b39c5 100644 --- a/docs/libcurl/curl_version_info.md +++ b/docs/libcurl/curl_version_info.md @@ -165,13 +165,13 @@ HTTP Alt-Svc parsing and the associated options (Added in 7.64.1) libcurl was built with support for asynchronous name lookups, which allows more exact timeouts (even on Windows) and less blocking when using the multi -interface. (added in 7.10.7) +interface. ## `brotli` *features* mask bit: CURL_VERSION_BROTLI -supports HTTP Brotli content encoding using libbrotlidec (Added in 7.57.0) +supports HTTP Brotli content encoding using libbrotlidec ## `asyn-rr` @@ -185,7 +185,7 @@ resolves, but uses the threaded resolver for "normal" resolves (Added in *features* mask bit: CURL_VERSION_DEBUG -libcurl was built with debug capabilities (added in 7.10.6) +libcurl was built with debug capabilities ## `ECH` @@ -207,7 +207,6 @@ authentication methods. (added in 7.76.0) libcurl was built with support for GSS-API. This makes libcurl use provided functions for Kerberos and SPNEGO authentication. It also allows libcurl to use the current user credentials without the app having to pass them on. -(Added in 7.38.0) ## `HSTS` @@ -221,7 +220,6 @@ libcurl was built with support for HSTS (HTTP Strict Transport Security) *features* mask bit: CURL_VERSION_HTTP2 libcurl was built with support for HTTP2. -(Added in 7.33.0) ## `HTTP3` @@ -234,7 +232,6 @@ HTTP/3 and QUIC support are built-in (Added in 7.66.0) *features* mask bit: CURL_VERSION_HTTPS_PROXY libcurl was built with support for HTTPS-proxy. -(Added in 7.52.0) ## `HTTPSRR` @@ -248,7 +245,7 @@ in 8.12.0) *features* mask bit: CURL_VERSION_IDN libcurl was built with support for IDNA, domain names with international -letters. (Added in 7.12.0) +letters. ## `IPv6` @@ -261,19 +258,19 @@ supports IPv6 *features* mask bit: CURL_VERSION_KERBEROS5 supports Kerberos V5 authentication for FTP, IMAP, LDAP, POP3, SMTP and -SOCKSv5 proxy. (Added in 7.40.0) +SOCKSv5 proxy. ## `Largefile` *features* mask bit: CURL_VERSION_LARGEFILE -libcurl was built with support for large files. (Added in 7.11.1) +libcurl was built with support for large files. ## `libz` *features* mask bit: CURL_VERSION_LIBZ -supports HTTP deflate using libz (Added in 7.10) +supports HTTP deflate using libz ## `MultiSSL` @@ -281,20 +278,19 @@ supports HTTP deflate using libz (Added in 7.10) libcurl was built with multiple SSL backends. For details, see curl_global_sslset(3). -(Added in 7.56.0) ## `NTLM` *features* mask bit: CURL_VERSION_NTLM -supports HTTP NTLM (added in 7.10.6) +supports HTTP NTLM ## `NTLM_WB` *features* mask bit: CURL_VERSION_NTLM_WB -libcurl was built with support for NTLM delegation to a winbind helper. -(Added in 7.22.0) This feature was removed from curl in 8.8.0. +libcurl was built with support for NTLM delegation to a winbind helper. This +feature was removed from curl in 8.8.0. ## `PSL` @@ -302,20 +298,19 @@ libcurl was built with support for NTLM delegation to a winbind helper. libcurl was built with support for Mozilla's Public Suffix List. This makes libcurl ignore cookies with a domain that is on the list. -(Added in 7.47.0) ## `SPNEGO` *features* mask bit: CURL_VERSION_SPNEGO libcurl was built with support for SPNEGO authentication (Simple and Protected -GSS-API Negotiation Mechanism, defined in RFC 2478.) (added in 7.10.8) +GSS-API Negotiation Mechanism, defined in RFC 2478.) ## `SSL` *features* mask bit: CURL_VERSION_SSL -supports SSL (HTTPS/FTPS) (Added in 7.10) +supports SSL (HTTPS/FTPS) ## `SSLS-EXPORT` @@ -331,7 +326,7 @@ libcurl was built with SSL session import/export support libcurl was built with support for SSPI. This is only available on Windows and makes libcurl use Windows-provided functions for Kerberos, NTLM, SPNEGO and Digest authentication. It also allows libcurl to use the current user -credentials without the app having to pass them on. (Added in 7.13.2) +credentials without the app having to pass them on. ## `threadsafe` @@ -345,14 +340,14 @@ curl initialization. (Added in 7.84.0) See libcurl-thread(3) *features* mask bit: CURL_VERSION_TLSAUTH_SRP libcurl was built with support for TLS-SRP (in one or more of the built-in TLS -backends). (Added in 7.21.4) +backends). ## `TrackMemory` *features* mask bit: CURL_VERSION_CURLDEBUG libcurl was built with memory tracking debug capabilities. This is mainly of -interest for libcurl hackers. (added in 7.19.6) +interest for libcurl hackers. ## `Unicode` @@ -366,7 +361,6 @@ characters work in filenames and options passed to libcurl. (Added in 7.72.0) *features* mask bit: CURL_VERSION_UNIX_SOCKETS libcurl was built with support for Unix domain sockets. -(Added in 7.40.0) ## `zstd` @@ -379,13 +373,13 @@ supports HTTP zstd content encoding using zstd library (Added in 7.72.0) *features* mask bit: CURL_VERSION_CONV libcurl was built with support for character conversions provided by -callbacks. Always 0 since 7.82.0. (Added in 7.15.4, deprecated.) +callbacks. Always 0 since 7.82.0. Deprecated. ## no name *features* mask bit: CURL_VERSION_GSSNEGOTIATE -supports HTTP GSS-Negotiate (added in 7.10.6, deprecated in 7.38.0) +supports HTTP GSS-Negotiate. Deprecated. ## no name diff --git a/docs/libcurl/libcurl-errors.md b/docs/libcurl/libcurl-errors.md index 773601dae7..25d63bf81f 100644 --- a/docs/libcurl/libcurl-errors.md +++ b/docs/libcurl/libcurl-errors.md @@ -349,7 +349,7 @@ Initiating the SSL Engine failed. ## CURLE_LOGIN_DENIED (67) -The remote server denied curl to login (Added in 7.13.1) +The remote server denied curl to login ## CURLE_TFTP_NOTFOUND (68) @@ -403,22 +403,20 @@ Failed to shut down the SSL connection. Socket is not ready for send/recv. Wait until it is ready and try again. This return code is only returned from curl_easy_recv(3) and curl_easy_send(3) -(Added in 7.18.2) ## CURLE_SSL_CRL_BADFILE (82) -Failed to load CRL file (Added in 7.19.0) +Failed to load CRL file ## CURLE_SSL_ISSUER_ERROR (83) -Issuer check failed (Added in 7.19.0) +Issuer check failed ## CURLE_FTP_PRET_FAILED (84) The FTP server does not understand the PRET command at all or does not support the given argument. Be careful when using CURLOPT_CUSTOMREQUEST(3), a -custom LIST command is sent with the PRET command before PASV as well. (Added -in 7.20.0) +custom LIST command is sent with the PRET command before PASV as well. ## CURLE_RTSP_CSEQ_ERROR (85) @@ -439,7 +437,7 @@ Chunk callback reported error. ## CURLE_NO_CONNECTION_AVAILABLE (89) (For internal use only, is never returned by libcurl) No connection available, -the session is queued. (added in 7.30.0) +the session is queued. ## CURLE_SSL_PINNEDPUBKEYNOTMATCH (90) @@ -509,7 +507,6 @@ used. An alias for *CURLM_CALL_MULTI_PERFORM*. Never returned by modern libcurl versions. -(Added in 7.15.5) ## CURLM_OK (0) @@ -536,17 +533,15 @@ This can only be returned if libcurl bugs. Please report it to us. ## CURLM_BAD_SOCKET (5) The passed-in socket is not a valid one that libcurl already knows about. -(Added in 7.15.4) ## CURLM_UNKNOWN_OPTION (6) curl_multi_setopt() with unsupported option -(Added in 7.15.4) ## CURLM_ADDED_ALREADY (7) An easy handle already added to a multi handle was attempted to get added a -second time. (Added in 7.32.1) +second time. ## CURLM_RECURSIVE_API_CALL (8) @@ -592,12 +587,11 @@ An invalid share object was passed to the function. ## CURLSHE_NOMEM (4) Not enough memory was available. -(Added in 7.12.0) ## CURLSHE_NOT_BUILT_IN (5) The requested sharing could not be done because the library you use do not have -that particular feature enabled. (Added in 7.23.0) +that particular feature enabled. # CURLUcode diff --git a/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD.md b/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD.md index 60fae12acd..46e8e7ba01 100644 --- a/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD.md +++ b/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD.md @@ -29,8 +29,8 @@ CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_CONTENT_LENGTH_DOWNLOAD, # DESCRIPTION Pass a pointer to a double to receive the content-length of the download. This -is the value read from the Content-Length: field. Since 7.19.4, this returns --1 if the size is not known. +is the value read from the Content-Length: field. This returns -1 if the size +is not known. CURLINFO_CONTENT_LENGTH_DOWNLOAD_T(3) is a newer replacement that returns a more sensible variable type. diff --git a/docs/libcurl/opts/CURLINFO_TLS_SESSION.md b/docs/libcurl/opts/CURLINFO_TLS_SESSION.md index 4fb5425f85..f4209b45b6 100644 --- a/docs/libcurl/opts/CURLINFO_TLS_SESSION.md +++ b/docs/libcurl/opts/CURLINFO_TLS_SESSION.md @@ -31,14 +31,11 @@ CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_TLS_SESSION, # DESCRIPTION -**This option has been superseded** by CURLINFO_TLS_SSL_PTR(3) which -was added in 7.48.0. The only reason you would use this option instead is if -you could be using a version of libcurl earlier than 7.48.0. +**This option has been superseded** by CURLINFO_TLS_SSL_PTR(3). -This option is exactly the same as CURLINFO_TLS_SSL_PTR(3) except in the -case of OpenSSL and wolfSSL. If the session *backend* is -CURLSSLBACKEND_OPENSSL the session *internals* pointer varies depending -on the option: +This option is exactly the same as CURLINFO_TLS_SSL_PTR(3) except in the case +of OpenSSL and wolfSSL. If the session *backend* is CURLSSLBACKEND_OPENSSL the +session *internals* pointer varies depending on the option: ## OpenSSL: diff --git a/docs/libcurl/opts/CURLOPT_HTTP_VERSION.md b/docs/libcurl/opts/CURLOPT_HTTP_VERSION.md index dd791b81cb..4cabb09f87 100644 --- a/docs/libcurl/opts/CURLOPT_HTTP_VERSION.md +++ b/docs/libcurl/opts/CURLOPT_HTTP_VERSION.md @@ -51,27 +51,27 @@ Enforce HTTP 1.1 requests. ## CURL_HTTP_VERSION_2_0 Attempt HTTP 2 requests. libcurl falls back to HTTP 1.1 if HTTP 2 cannot be -negotiated with the server. (Added in 7.33.0) +negotiated with the server. When libcurl uses HTTP/2 over HTTPS, it does not itself insist on TLS 1.2 or higher even though that is required by the specification. A user can add this version requirement with CURLOPT_SSLVERSION(3). -The alias *CURL_HTTP_VERSION_2* was added in 7.43.0 to better reflect the -actual protocol name. +The alias *CURL_HTTP_VERSION_2* was added to better reflect the actual +protocol name. ## CURL_HTTP_VERSION_2TLS Attempt HTTP 2 over TLS (HTTPS) only. libcurl falls back to HTTP 1.1 if HTTP 2 cannot be negotiated with the HTTPS server. For clear text HTTP servers, -libcurl uses 1.1. (Added in 7.47.0) +libcurl uses 1.1. ## CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE Issue non-TLS HTTP requests using HTTP/2 without HTTP/1.1 Upgrade. It requires prior knowledge that the server supports HTTP/2 straight away. HTTPS requests still do HTTP/2 the standard way with negotiated protocol version in the TLS -handshake. (Added in 7.49.0) +handshake. Since 8.10.0 if this option is set for an HTTPS request then the application layer protocol version (ALPN) offered to the server is only HTTP/2. Prior to diff --git a/docs/libcurl/opts/CURLOPT_ISSUERCERT.md b/docs/libcurl/opts/CURLOPT_ISSUERCERT.md index 0dc4c2243c..7b6998040b 100644 --- a/docs/libcurl/opts/CURLOPT_ISSUERCERT.md +++ b/docs/libcurl/opts/CURLOPT_ISSUERCERT.md @@ -43,8 +43,8 @@ not considered as failure. A specific error code (CURLE_SSL_ISSUER_ERROR) is defined with the option, which is returned if the setup of the SSL/TLS session has failed due to a -mismatch with the issuer of peer certificate (CURLOPT_SSL_VERIFYPEER(3) -has to be set too for the check to fail). (Added in 7.19.0) +mismatch with the issuer of peer certificate (CURLOPT_SSL_VERIFYPEER(3) has to +be set too for the check to fail). Using this option multiple times makes the last set string override the previous ones. Set it to NULL to disable its use again. diff --git a/docs/libcurl/opts/CURLOPT_OPENSOCKETDATA.md b/docs/libcurl/opts/CURLOPT_OPENSOCKETDATA.md index 2962994b2a..d91a7da3ba 100644 --- a/docs/libcurl/opts/CURLOPT_OPENSOCKETDATA.md +++ b/docs/libcurl/opts/CURLOPT_OPENSOCKETDATA.md @@ -56,7 +56,6 @@ static curl_socket_t opensocket(void *clientp, static int sockopt_callback(void *clientp, curl_socket_t curlfd, curlsocktype purpose) { - /* This return code was added in libcurl 7.21.5 */ return CURL_SOCKOPT_ALREADY_CONNECTED; } diff --git a/docs/libcurl/opts/CURLOPT_OPENSOCKETFUNCTION.md b/docs/libcurl/opts/CURLOPT_OPENSOCKETFUNCTION.md index b8517c4f32..89931d0e06 100644 --- a/docs/libcurl/opts/CURLOPT_OPENSOCKETFUNCTION.md +++ b/docs/libcurl/opts/CURLOPT_OPENSOCKETFUNCTION.md @@ -104,7 +104,6 @@ static curl_socket_t opensocket(void *clientp, static int sockopt_callback(void *clientp, curl_socket_t curlfd, curlsocktype purpose) { - /* This return code was added in libcurl 7.21.5 */ return CURL_SOCKOPT_ALREADY_CONNECTED; } diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SSLVERSION.md b/docs/libcurl/opts/CURLOPT_PROXY_SSLVERSION.md index 7e1f6f1400..bb35bda1ae 100644 --- a/docs/libcurl/opts/CURLOPT_PROXY_SSLVERSION.md +++ b/docs/libcurl/opts/CURLOPT_PROXY_SSLVERSION.md @@ -72,33 +72,22 @@ supported for wolfSSL. The flag defines the maximum supported TLS version as TLSv1.2, or the default value from the SSL library. -(Added in 7.54.0) ## CURL_SSLVERSION_MAX_TLSv1_0 The flag defines maximum supported TLS version as TLSv1.0. -(Added in 7.54.0) ## CURL_SSLVERSION_MAX_TLSv1_1 The flag defines maximum supported TLS version as TLSv1.1. -(Added in 7.54.0) ## CURL_SSLVERSION_MAX_TLSv1_2 The flag defines maximum supported TLS version as TLSv1.2. -(Added in 7.54.0) ## CURL_SSLVERSION_MAX_TLSv1_3 The flag defines maximum supported TLS version as TLSv1.3. -(Added in 7.54.0) - -## - -In versions of curl prior to 7.54 the CURL_SSLVERSION_TLS options were -documented to allow *only* the specified TLS version, but behavior was -inconsistent depending on the TLS library. # DEFAULT diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SSL_OPTIONS.md b/docs/libcurl/opts/CURLOPT_PROXY_SSL_OPTIONS.md index 0729518a0d..18b7ce6b36 100644 --- a/docs/libcurl/opts/CURLOPT_PROXY_SSL_OPTIONS.md +++ b/docs/libcurl/opts/CURLOPT_PROXY_SSL_OPTIONS.md @@ -49,8 +49,7 @@ Transport and OpenSSL. Tells libcurl to disable certificate revocation checks for those SSL backends where such behavior is present. This option is only supported for Schannel (the native Windows SSL library), with an exception in the case of Windows' -Untrusted Publishers block list which it seems cannot be bypassed. (Added in -7.44.0) +Untrusted Publishers block list which it seems cannot be bypassed. ## CURLSSLOPT_NO_PARTIALCHAIN diff --git a/docs/libcurl/opts/CURLOPT_QUOTE.md b/docs/libcurl/opts/CURLOPT_QUOTE.md index 8687f527a9..5e00f45137 100644 --- a/docs/libcurl/opts/CURLOPT_QUOTE.md +++ b/docs/libcurl/opts/CURLOPT_QUOTE.md @@ -120,7 +120,7 @@ operand, provided it is empty. ## statvfs file The statvfs command returns statistics on the file system in which specified -file resides. (Added in 7.49.0) +file resides. ## symlink source_file target_file diff --git a/docs/libcurl/opts/CURLOPT_SOCKOPTFUNCTION.md b/docs/libcurl/opts/CURLOPT_SOCKOPTFUNCTION.md index 0efdd0b3be..a2ded45692 100644 --- a/docs/libcurl/opts/CURLOPT_SOCKOPTFUNCTION.md +++ b/docs/libcurl/opts/CURLOPT_SOCKOPTFUNCTION.md @@ -96,7 +96,6 @@ static curl_socket_t opensocket(void *clientp, static int sockopt_callback(void *clientp, curl_socket_t curlfd, curlsocktype purpose) { - /* This return code was added in libcurl 7.21.5 */ return CURL_SOCKOPT_ALREADY_CONNECTED; } diff --git a/docs/libcurl/opts/CURLOPT_SSLVERSION.md b/docs/libcurl/opts/CURLOPT_SSLVERSION.md index 366edc0a7e..6aa641def9 100644 --- a/docs/libcurl/opts/CURLOPT_SSLVERSION.md +++ b/docs/libcurl/opts/CURLOPT_SSLVERSION.md @@ -58,58 +58,48 @@ SSL v3 - refused ## CURL_SSLVERSION_TLSv1_0 -TLS v1.0 or later (Added in 7.34.0) +TLS v1.0 or later ## CURL_SSLVERSION_TLSv1_1 -TLS v1.1 or later (Added in 7.34.0) +TLS v1.1 or later ## CURL_SSLVERSION_TLSv1_2 -TLS v1.2 or later (Added in 7.34.0) +TLS v1.2 or later ## CURL_SSLVERSION_TLSv1_3 -TLS v1.3 or later (Added in 7.52.0) +TLS v1.3 or later ## -The maximum TLS version can be set by using *one* of the -CURL_SSLVERSION_MAX_ macros below. It is also possible to OR *one* of the -CURL_SSLVERSION_ macros with *one* of the CURL_SSLVERSION_MAX_ macros. +The maximum TLS version can be set by using *one* of the CURL_SSLVERSION_MAX_ +macros below. It is also possible to OR *one* of the CURL_SSLVERSION_ macros +with *one* of the CURL_SSLVERSION_MAX_ macros. ## CURL_SSLVERSION_MAX_DEFAULT The flag defines the maximum supported TLS version by libcurl, or the default value from the SSL library is used. libcurl uses a sensible default maximum, which was TLS v1.2 up to before 7.61.0 and is TLS v1.3 since then - assuming -the TLS library support it. (Added in 7.54.0) +the TLS library support it. ## CURL_SSLVERSION_MAX_TLSv1_0 The flag defines maximum supported TLS version as TLS v1.0. -(Added in 7.54.0) ## CURL_SSLVERSION_MAX_TLSv1_1 The flag defines maximum supported TLS version as TLS v1.1. -(Added in 7.54.0) ## CURL_SSLVERSION_MAX_TLSv1_2 The flag defines maximum supported TLS version as TLS v1.2. -(Added in 7.54.0) ## CURL_SSLVERSION_MAX_TLSv1_3 The flag defines maximum supported TLS version as TLS v1.3. -(Added in 7.54.0) - -## - -In versions of curl prior to 7.54 the CURL_SSLVERSION_TLS options were -documented to allow *only* the specified TLS version, but behavior was -inconsistent depending on the TLS library. # DEFAULT diff --git a/docs/libcurl/opts/CURLOPT_SSL_OPTIONS.md b/docs/libcurl/opts/CURLOPT_SSL_OPTIONS.md index 89a1d430f7..2065fe6f16 100644 --- a/docs/libcurl/opts/CURLOPT_SSL_OPTIONS.md +++ b/docs/libcurl/opts/CURLOPT_SSL_OPTIONS.md @@ -47,8 +47,7 @@ Transport and OpenSSL. Tells libcurl to disable certificate revocation checks for those SSL backends where such behavior is present. This option is only supported for Schannel (the native Windows SSL library), with an exception in the case of Windows' -Untrusted Publishers block list which it seems cannot be bypassed. (Added in -7.44.0) +Untrusted Publishers block list which it seems cannot be bypassed. ## CURLSSLOPT_NO_PARTIALCHAIN diff --git a/docs/libcurl/opts/CURLOPT_TCP_KEEPINTVL.md b/docs/libcurl/opts/CURLOPT_TCP_KEEPINTVL.md index 9ac65c42b4..2d664439a2 100644 --- a/docs/libcurl/opts/CURLOPT_TCP_KEEPINTVL.md +++ b/docs/libcurl/opts/CURLOPT_TCP_KEEPINTVL.md @@ -28,7 +28,7 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_TCP_KEEPINTVL, long interval); # DESCRIPTION Pass a long. Sets the interval, in seconds, to wait between sending keepalive -probes. Not all operating systems support this option. (Added in 7.25.0) +probes. Not all operating systems support this option. The maximum value this accepts is 2147483648. Any larger value is capped to this amount. diff --git a/docs/libcurl/opts/CURLSHOPT_SHARE.md b/docs/libcurl/opts/CURLSHOPT_SHARE.md index 4171430a79..92a279a310 100644 --- a/docs/libcurl/opts/CURLSHOPT_SHARE.md +++ b/docs/libcurl/opts/CURLSHOPT_SHARE.md @@ -54,10 +54,9 @@ the same multi handle share the DNS cache by default without using this option. ## CURL_LOCK_DATA_SSL_SESSION -SSL sessions are shared across the easy handles using this shared -object. This reduces the time spent in the SSL handshake when reconnecting to -the same server. This symbol was added in 7.10.3 but was not implemented until -7.23.0. +SSL sessions are shared across the easy handles using this shared object. This +reduces the time spent in the SSL handshake when reconnecting to the same +server. Note that when you use the multi interface, all easy handles added to the same multi handle share the SSL session cache by default without using this option. @@ -74,9 +73,6 @@ additional transfers added to them if the existing connection is held by the same multi or easy handle. libcurl does not support doing multiplexed streams in different threads using a shared connection. -Support for **CURL_LOCK_DATA_CONNECT** was added in 7.57.0, but the symbol -existed before this. - Note that when you use the multi interface, all easy handles added to the same multi handle share the connection cache by default without using this option. From bbdb869ec7e708d12128784a13a1b9e34c67b450 Mon Sep 17 00:00:00 2001 From: Dan Fandrich Date: Fri, 12 Sep 2025 00:10:20 -0700 Subject: [PATCH 0019/2408] libcurl-security.md: mention long-running connections Some applications may want to periodically recheck the remote server certificate, which doesn't happen on a long-running connection. Ref: #18527 Closes #18533 --- docs/libcurl/libcurl-security.md | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/docs/libcurl/libcurl-security.md b/docs/libcurl/libcurl-security.md index c6a10cd271..7fbd32974d 100644 --- a/docs/libcurl/libcurl-security.md +++ b/docs/libcurl/libcurl-security.md @@ -98,6 +98,24 @@ Use authenticated protocols protected with HTTPS or SSH. Never ever switch off certificate verification. +# Certificates and Long-running Connections + +Certificate validation of encrypted connections is performed immediately after +a connection is established. That connection could be used for many subsequent +transfers, even if the certificate used for validation expires or is revoked, +the local certificate bundle is changed in a way that would have caused that +certificate to fail validation, the server changes its certificate to one +that would have failed validation, or even if a completely different server is +brought up under the same hostname. This could continue for many hours (or +even years) after such a change occurs, which may not be desired behavior for +some applications. + +Remedies: + +Use the CURLOPT_MAXLIFETIME_CONN(3) option to limit the amount of time that +connections are used after they have been successfully validated. Further +transfers require a new connection with validation performed again. + # Redirects The CURLOPT_FOLLOWLOCATION(3) option automatically follows HTTP From cc50f05370981e4933504e8aaec6b15880ff847f Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 11 Sep 2025 19:50:40 +0200 Subject: [PATCH 0020/2408] GHA/codeql: re-enable for C with the default query pack Earlier we used `security-extended` and tried `security-and-quality`. Try the default to see how it works. CodeQL no longer uses the project's Actions cache, also fixing the previously seen repeat cache entry issue. - switch to `manual` build. It's 3x faster than the default `autobuild`. - enable more dependencies to increase coverage. - docs/tests/CI.md: re-add CodeQL. Ref: https://docs.github.com/en/code-security/code-scanning/managing-your-code-scanning-configuration/codeql-query-suites Ref: https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages Ref: #16263 Ref: 173805b2e76960de5c51fd5fe64286d8ac81f1ff #15798 Closes #18528 --- .github/scripts/spellcheck.words | 1 + .github/workflows/codeql.yml | 34 ++++++++++++++++++++++++++++++++ docs/tests/CI.md | 4 ++++ 3 files changed, 39 insertions(+) diff --git a/.github/scripts/spellcheck.words b/.github/scripts/spellcheck.words index 13b7b2f367..46c05b741b 100644 --- a/.github/scripts/spellcheck.words +++ b/.github/scripts/spellcheck.words @@ -122,6 +122,7 @@ CMakeLists CNA CNAME CNAMEs +CodeQL CODESET codeset CodeSonar diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 9863f7624d..0952eb3d1d 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -59,3 +59,37 @@ jobs: - name: 'perform analysis' uses: github/codeql-action/analyze@192325c86100d080feab897ff886c34abd4c83a3 # v3 + + c: + name: 'C' + runs-on: ubuntu-latest + permissions: + security-events: write + steps: + - name: 'install prereqs' + timeout-minutes: 5 + run: | + sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list + sudo apt-get -o Dpkg::Use-Pty=0 update + sudo rm -f /var/lib/man-db/auto-update + sudo apt-get -o Dpkg::Use-Pty=0 install libpsl-dev libbrotli-dev libidn2-dev libssh2-1-dev libnghttp2-dev libldap-dev + + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + persist-credentials: false + + - name: 'initialize' + uses: github/codeql-action/init@192325c86100d080feab897ff886c34abd4c83a3 # v3 + with: + languages: cpp + build-mode: manual + + - name: 'build' + timeout-minutes: 10 + run: | + cmake -B . -G Ninja + cmake --build . --verbose + src/curl -V + + - name: 'perform analysis' + uses: github/codeql-action/analyze@192325c86100d080feab897ff886c34abd4c83a3 # v3 diff --git a/docs/tests/CI.md b/docs/tests/CI.md index d101e3563c..40c87ba14e 100644 --- a/docs/tests/CI.md +++ b/docs/tests/CI.md @@ -31,8 +31,10 @@ Consider the following table while looking at pull request failures: | CI platform as shown in PR | State | What to look at next | | ----------------------------------- | ------ | -------------------------- | + | CI / CodeQL | stable | quality check results | | CI / fuzzing | stable | fuzzing results | | CI / macos ... | stable | all errors and failures | + | Code scanning results / CodeQL | stable | quality check results | | FreeBSD FreeBSD: ... | stable | all errors and failures | | LGTM analysis: Python | stable | new findings | | LGTM analysis: C/C++ | stable | new findings | @@ -40,6 +42,7 @@ Consider the following table while looking at pull request failures: | AppVeyor | flaky | all errors and failures | | curl.curl (linux ...) | stable | all errors and failures | | curl.curl (windows ...) | flaky | repetitive errors/failures | + | CodeQL | stable | new findings | Sometimes the tests fail due to a dependency service temporarily being offline or otherwise unavailable, for example package downloads. In this case you can @@ -58,6 +61,7 @@ GitHub Actions runs the following tests: - macOS tests with a variety of different compilation options - Fuzz tests ([see the curl-fuzzer repo for more info](https://github.com/curl/curl-fuzzer)). +- CodeQL static analysis These are each configured in different files in `.github/workflows`. From 83c457f9f3244544c4f0f13051cd00e637c6de88 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 13 Sep 2025 17:20:22 +0200 Subject: [PATCH 0021/2408] GHA: document permissions as required by zizmor 1.13.0 Ref: https://github.com/zizmorcore/zizmor/pull/1131 Ref: https://docs.zizmor.sh/audits/#undocumented-permissions Bug: https://github.com/curl/curl/pull/18539#issuecomment-3288151910 Closes #18541 --- .github/workflows/appveyor-status.yml | 2 +- .github/workflows/codeql.yml | 4 ++-- .github/workflows/hacktoberfest-accepted.yml | 5 ++--- .github/workflows/label.yml | 4 ++-- 4 files changed, 7 insertions(+), 8 deletions(-) diff --git a/.github/workflows/appveyor-status.yml b/.github/workflows/appveyor-status.yml index cb7f96b190..5269f3ca65 100644 --- a/.github/workflows/appveyor-status.yml +++ b/.github/workflows/appveyor-status.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest if: ${{ github.event.sender.login == 'appveyor[bot]' }} permissions: - statuses: write + statuses: write # To update build statuses steps: - name: 'Create individual AppVeyor build statuses' if: ${{ github.event.sha && github.event.target_url }} diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 0952eb3d1d..ff2e91c32a 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -45,7 +45,7 @@ jobs: name: 'GHA and Python' runs-on: ubuntu-latest permissions: - security-events: write + security-events: write # To create/update security events steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: @@ -64,7 +64,7 @@ jobs: name: 'C' runs-on: ubuntu-latest permissions: - security-events: write + security-events: write # To create/update security events steps: - name: 'install prereqs' timeout-minutes: 5 diff --git a/.github/workflows/hacktoberfest-accepted.yml b/.github/workflows/hacktoberfest-accepted.yml index 916b354481..3aacbd6d0c 100644 --- a/.github/workflows/hacktoberfest-accepted.yml +++ b/.github/workflows/hacktoberfest-accepted.yml @@ -23,9 +23,8 @@ jobs: name: 'Add hacktoberfest-accepted label' runs-on: ubuntu-latest permissions: - # requires issues AND pull-requests write permissions to edit labels on PRs! - issues: write - pull-requests: write + issues: write # To edit labels on PRs + pull-requests: write # To edit labels on PRs steps: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 with: diff --git a/.github/workflows/label.yml b/.github/workflows/label.yml index b84702a8a1..cfafde14f7 100644 --- a/.github/workflows/label.yml +++ b/.github/workflows/label.yml @@ -19,8 +19,8 @@ jobs: name: 'Labeler' runs-on: ubuntu-latest permissions: - contents: read - pull-requests: write + contents: read # To comply with https://github.com/actions/labeler documentation + pull-requests: write # To edit labels on PRs steps: - uses: actions/labeler@634933edcd8ababfe52f92936142cc22ac488b1b # v6 From eb319bf6ea4811e9ea19308d7f3d45f340cc7766 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 14 Sep 2025 10:33:38 +0200 Subject: [PATCH 0022/2408] RELEASE-NOTES: synced --- RELEASE-NOTES | 26 +++++++++++++++++++++++--- 1 file changed, 23 insertions(+), 3 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 04e1ad4779..58d8fe6d02 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -4,7 +4,7 @@ curl and libcurl 8.16.1 Command line options: 272 curl_easy_setopt() options: 308 Public functions in libcurl: 98 - Contributors: 3499 + Contributors: 3500 This release includes the following changes: @@ -12,8 +12,17 @@ This release includes the following changes: This release includes the following bugfixes: o curl_easy_getinfo: error code on NULL arg [2] + o curl_mem_undef.h: limit to `CURLDEBUG` for non-memalloc overrides [19] + o CURLINFO_FTP_ENTRY_PATH.md: this is for SFTP as well [8] + o CURLOPT_MAXLIFETIME_CONN: make default 24 hours [10] + o docs/libcurl: remove ancient version references [7] o easy_getinfo: check magic, Curl_close safety [3] + o libcurl-security.md: mention long-running connections [6] + o ngtcp2: check error code on connect failure [13] + o quic: fix min TLS version handling [14] o quic: ignore EMSGSIZE on receive [4] + o ssl-sessions.md: mark option experimental [12] + o urldata: FILE is not a list-only protocol [9] This release includes the following known bugs: @@ -37,11 +46,22 @@ Planned upcoming removals include: This release would not have looked like this without help, code, reports and advice from friends like these: - Daniel Stenberg, Ethan Everett, Stefan Eissing - (3 contributors) + Andrew Kirillov, Dan Fandrich, Daniel Stenberg, Emilio Pozuelo Monfort, + Ethan Everett, fds242 on github, renovate[bot], Stefan Eissing, + Viktor Szakats + (9 contributors) References to bug reports and discussions on issues: [2] = https://curl.se/bug/?i=18512 [3] = https://curl.se/bug/?i=18511 [4] = https://curl.se/bug/?i=18505 + [6] = https://curl.se/bug/?i=18533 + [7] = https://curl.se/bug/?i=18530 + [8] = https://curl.se/bug/?i=18531 + [9] = https://curl.se/bug/?i=18525 + [10] = https://curl.se/bug/?i=18527 + [12] = https://curl.se/bug/?i=18523 + [13] = https://curl.se/bug/?i=18521 + [14] = https://curl.se/bug/?i=18518 + [19] = https://curl.se/bug/?i=18510 From d52af3c692943377a28a5bfa270248d009a9eed1 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 14 Sep 2025 11:55:50 +0200 Subject: [PATCH 0023/2408] appveyor: bump to OpenSSL 3.5, adjust to dropped 1.1.1 on VS2019 - bump OpenSSL 3.4 to 3.5 on VS2022 runners. - bump OpenSSL 1.1.1 to 3.0 on VS2019 runners. 1.1.1 is documented to be present, but missing. Fixes: ``` + cmake -G 'Visual Studio 16 2019' -A x64 [...] -DOPENSSL_ROOT_DIR=C:/OpenSSL-v111-Win64 [...] CMake Error at C:/Program Files/CMake/share/cmake-4.1/Modules/FindPackageHandleStandardArgs.cmake:227 (message): Could NOT find OpenSSL, try to set the path to OpenSSL root folder in the system variable OPENSSL_ROOT_DIR (missing: OPENSSL_CRYPTO_LIBRARY OPENSSL_INCLUDE_DIR) Call Stack (most recent call first): CMakeLists.txt:757 (find_package) ``` Ref: https://ci.appveyor.com/project/curlorg/curl/builds/52740431/job/tq6h4xhqpa3vgq47?fullLog=true Ref: https://www.appveyor.com/docs/windows-images-software/ Ref: https://github.com/appveyor/website/commit/9a739f7bce4a624b28ff382d58a9ebc507ab0f78 Closes #18543 --- appveyor.sh | 4 +++- appveyor.yml | 6 +++--- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/appveyor.sh b/appveyor.sh index 1e4c16362f..dea58c9545 100644 --- a/appveyor.sh +++ b/appveyor.sh @@ -34,7 +34,9 @@ case "${TARGET:-}" in esac if [ "${APPVEYOR_BUILD_WORKER_IMAGE}" = 'Visual Studio 2022' ]; then - openssl_root_win="C:/OpenSSL-v34${openssl_suffix}" + openssl_root_win="C:/OpenSSL-v35${openssl_suffix}" +elif [ "${APPVEYOR_BUILD_WORKER_IMAGE}" = 'Visual Studio 2019' ]; then + openssl_root_win="C:/OpenSSL-v30${openssl_suffix}" else openssl_root_win="C:/OpenSSL-v111${openssl_suffix}" fi diff --git a/appveyor.yml b/appveyor.yml index effd8589d1..42b580883c 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -46,7 +46,7 @@ environment: # generated CMake-based Visual Studio builds - - job_name: 'CMake, VS2022, Release, x64, OpenSSL 3.4, Shared, Build-tests' + - job_name: 'CMake, VS2022, Release, x64, OpenSSL 3.5, Shared, Build-tests' APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2022' PRJ_GEN: 'Visual Studio 17 2022' TARGET: '-A x64' @@ -101,7 +101,7 @@ environment: OPENSSL: 'ON' SHARED: 'ON' TFLAGS: 'skipall' - - job_name: 'CMake, VS2019, Debug, x64, OpenSSL 1.1.1 + Schannel, Shared, Build-tests' + - job_name: 'CMake, VS2019, Debug, x64, OpenSSL 3.0 + Schannel, Shared, Build-tests' APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2019' PRJ_GEN: 'Visual Studio 16 2019' TARGET: '-A x64' @@ -109,7 +109,7 @@ environment: OPENSSL: 'ON' SCHANNEL: 'ON' SHARED: 'ON' - - job_name: 'CMake, VS2022, Debug, x64, OpenSSL 3.4 + Schannel, Static, Unicode, Build-tests & examples, clang-cl' + - job_name: 'CMake, VS2022, Debug, x64, OpenSSL 3.5 + Schannel, Static, Unicode, Build-tests & examples, clang-cl' APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2022' PRJ_GEN: 'Visual Studio 17 2022' TARGET: '-A x64' From 6bb53f29efb7c379f3d22f9e6298e001bf1ff7da Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 14 Sep 2025 11:44:35 +0200 Subject: [PATCH 0024/2408] TODO: remove already implemented or bad items - remove "connect to multiple IPs in parallel" - remove "CURLOPT_RESOLVE for any port number", It can already be accomplished with CURLOPT_CONNECT_TO - remove "dynamically load modules", we don't believe in this - remove "netrc caching and sharing", we already cache it - remove "Offer API to flush the connection pool", this is effectively what CURLMOPT_NETWORK_CHANGED now allows - remove "WebSocket read callback", introduced in 8.16.0 Closes #18542 --- docs/TODO | 53 ----------------------------------------------------- 1 file changed, 53 deletions(-) diff --git a/docs/TODO b/docs/TODO index 1e22814f38..6075577f31 100644 --- a/docs/TODO +++ b/docs/TODO @@ -23,24 +23,18 @@ 1.4 alt-svc sharing 1.5 get rid of PATH_MAX 1.6 thread-safe sharing - 1.8 CURLOPT_RESOLVE for any port number 1.10 auto-detect proxy - 1.11 minimize dependencies with dynamically loaded modules 1.12 updated DNS server while running 1.13 c-ares and CURLOPT_OPENSOCKETFUNCTION - 1.14 connect to multiple IPs in parallel 1.15 Monitor connections in the connection pool 1.16 Try to URL encode given URL 1.17 Add support for IRIs 1.18 try next proxy if one does not work 1.19 provide timing info for each redirect 1.20 SRV and URI DNS records - 1.21 netrc caching and sharing 1.22 CURLINFO_PAUSE_STATE - 1.23 Offer API to flush the connection pool 1.25 Expose tried IP addresses that failed 1.28 FD_CLOEXEC - 1.29 WebSocket read callback 1.30 config file parsing 1.31 erase secrets from heap/stack after use 1.32 add asynch getaddrinfo support @@ -252,14 +246,6 @@ share between multiple concurrent threads. Fixing this would enable more users to share data in more powerful ways. -1.8 CURLOPT_RESOLVE for any port number - - This option allows applications to set a replacement IP address for a given - host + port pair. Consider making support for providing a replacement address - for the hostname on all port numbers. - - See https://github.com/curl/curl/issues/1264 - 1.10 auto-detect proxy libcurl could be made to detect the system proxy setup automatically and use @@ -272,14 +258,6 @@ libdetectproxy is a (C++) library for detecting the proxy on Windows https://github.com/paulharris/libdetectproxy -1.11 minimize dependencies with dynamically loaded modules - - We can create a system with loadable modules/plug-ins, where these modules - would be the ones that link to 3rd party libs. That would allow us to avoid - having to load ALL dependencies since only the necessary ones for this - app/invoke/used protocols would be necessary to load. See - https://github.com/curl/curl/issues/349 - 1.12 updated DNS server while running If /etc/resolv.conf gets updated while a program using libcurl is running, it @@ -301,17 +279,6 @@ See https://github.com/curl/curl/issues/2734 -1.14 connect to multiple IPs in parallel - - curl currently implements the happy eyeball algorithm for connecting to the - IPv4 and IPv6 alternatives for a host in parallel, sticking with the - connection that "wins". We could implement a similar algorithm per individual - IP family as well when there are multiple available addresses: start with the - first address, then start a second attempt N milliseconds after and then a - third another N milliseconds later. That way there would be less waiting when - the first IP has problems. It also improves the connection timeout value - handling for multiple address situations. - 1.15 Monitor connections in the connection pool libcurl's connection cache or pool holds a number of open connections for the @@ -368,24 +335,11 @@ Offer support for resolving SRV and URI DNS records for libcurl to know which server to connect to for various protocols (including HTTP). -1.21 netrc caching and sharing - - The netrc file is read and parsed each time a connection is setup, which - means that if a transfer needs multiple connections for authentication or - redirects, the file might be reread (and parsed) multiple times. This makes - it impossible to provide the file as a pipe. - 1.22 CURLINFO_PAUSE_STATE Return information about the transfer's current pause state, in both directions. https://github.com/curl/curl/issues/2588 -1.23 Offer API to flush the connection pool - - Sometimes applications want to flush all the existing connections kept alive. - An API could allow a forced flush or just a forced loop that would properly - close all connections that have been closed by the server already. - 1.25 Expose tried IP addresses that failed When libcurl fails to connect to a host, it could offer the application the @@ -403,13 +357,6 @@ https://github.com/curl/curl/issues/2252 -1.29 WebSocket read callback - - Call the read callback once the connection is established to allow sending - the first message in the connection. - - https://github.com/curl/curl/issues/11402 - 1.30 config file parsing Consider providing an API, possibly in a separate companion library, for From 07837204cdd18f470594fc0caea7fbb50de286df Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 14 Sep 2025 12:38:29 +0200 Subject: [PATCH 0025/2408] GHA/distcheck: disable `man-db/auto-update` Make sure to not rebuild man pages after purging system curl, to make the job faster and avoid timeouts: ``` Sun, 14 Sep 2025 10:16:28 GMT Removing curl (8.5.0-2ubuntu10.6) ... Sun, 14 Sep 2025 10:16:28 GMT Processing triggers for man-db (2.12.0-4build2) ... Sun, 14 Sep 2025 10:21:22 GMT (Reading database ... 218629 files and directories currently installed.) ``` Ref: https://github.com/curl/curl/actions/runs/17709785947/job/50326910814?pr=18535#step:3:19 Closes #18544 --- .github/workflows/distcheck.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/workflows/distcheck.yml b/.github/workflows/distcheck.yml index bf6c69bfcf..9d893481bc 100644 --- a/.github/workflows/distcheck.yml +++ b/.github/workflows/distcheck.yml @@ -33,7 +33,9 @@ jobs: persist-credentials: false - name: 'remove preinstalled curl libcurl4{-doc}' - run: sudo apt-get -o Dpkg::Use-Pty=0 purge curl libcurl4 libcurl4-doc + run: | + sudo rm -f /var/lib/man-db/auto-update + sudo apt-get -o Dpkg::Use-Pty=0 purge curl libcurl4 libcurl4-doc - name: 'autoreconf' run: autoreconf -fi @@ -233,7 +235,9 @@ jobs: persist-credentials: false - name: 'remove preinstalled curl libcurl4{-doc}' - run: sudo apt-get -o Dpkg::Use-Pty=0 purge curl libcurl4 libcurl4-doc + run: | + sudo rm -f /var/lib/man-db/auto-update + sudo apt-get -o Dpkg::Use-Pty=0 purge curl libcurl4 libcurl4-doc - name: 'generate release tarballs' run: ./scripts/dmaketgz 9.10.11 From c1be5459d9619163e26d5732ee732b417d697e9d Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 14 Sep 2025 14:14:34 +0200 Subject: [PATCH 0026/2408] GHA/codeql: analyse Windows Schannel WinIDN build Follow-up to cc50f05370981e4933504e8aaec6b15880ff847f #18528 Closes #18545 --- .github/workflows/codeql.yml | 30 +++++++++++++++++++++++++----- 1 file changed, 25 insertions(+), 5 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index ff2e91c32a..e335409595 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -61,12 +61,23 @@ jobs: uses: github/codeql-action/analyze@192325c86100d080feab897ff886c34abd4c83a3 # v3 c: - name: 'C' - runs-on: ubuntu-latest + name: 'C (${{ matrix.build.name }})' + runs-on: ${{ matrix.build.image }} permissions: security-events: write # To create/update security events + strategy: + fail-fast: false + matrix: + build: + - name: 'Linux' + image: ubuntu-latest + - name: 'Windows' + image: windows-2022 + env: + MATRIX_IMAGE: '${{ matrix.build.image }}' steps: - name: 'install prereqs' + if: ${{ contains(matrix.build.image, 'ubuntu') }} timeout-minutes: 5 run: | sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list @@ -86,10 +97,19 @@ jobs: - name: 'build' timeout-minutes: 10 + shell: bash run: | - cmake -B . -G Ninja - cmake --build . --verbose - src/curl -V + if [[ "${MATRIX_IMAGE}" = *'windows'* ]]; then + cmake -B . -DBUILD_SHARED_LIBS=OFF \ + -DCMAKE_VS_GLOBALS=TrackFileAccess=false \ + -DCURL_USE_SCHANNEL=ON -DCURL_USE_LIBPSL=OFF -DUSE_WIN32_IDN=ON + cmake --build . --verbose + src/Debug/curl.exe --disable --version + else + cmake -B . -G Ninja + cmake --build . --verbose + src/curl --disable --version + fi - name: 'perform analysis' uses: github/codeql-action/analyze@192325c86100d080feab897ff886c34abd4c83a3 # v3 From 64347831684d3a7905fd7ef95bfab59df44b6aea Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 14 Sep 2025 14:29:13 +0200 Subject: [PATCH 0027/2408] tool_getparam: split opt_filestring into two sep functions One for file name arguments and one for "strings". Closes #18546 --- src/tool_getparam.c | 232 +++++++++++++++++++++++--------------------- 1 file changed, 121 insertions(+), 111 deletions(-) diff --git a/src/tool_getparam.c b/src/tool_getparam.c index 6be57dbd5c..f2ad6daf2e 100644 --- a/src/tool_getparam.c +++ b/src/tool_getparam.c @@ -2163,11 +2163,123 @@ static ParameterError opt_bool(struct OperationConfig *config, return PARAM_OK; } +/* opt_file handles file options */ +static ParameterError opt_file(struct OperationConfig *config, + const struct LongShort *a, + const char *nextarg) +{ + ParameterError err = PARAM_OK; + if((nextarg[0] == '-') && nextarg[1]) { + /* if the filename looks like a command line option */ + warnf("The filename argument '%s' looks like a flag.", nextarg); + } + switch(a->cmd) { + case C_ABSTRACT_UNIX_SOCKET: /* --abstract-unix-socket */ + config->abstract_unix_socket = TRUE; + err = getstr(&config->unix_socket_path, nextarg, DENY_BLANK); + break; + case C_CACERT: /* --cacert */ + err = getstr(&config->cacert, nextarg, DENY_BLANK); + break; + case C_CAPATH: /* --capath */ + err = getstr(&config->capath, nextarg, DENY_BLANK); + break; + case C_CERT: /* --cert */ + GetFileAndPassword(nextarg, &config->cert, &config->key_passwd); + break; + case C_CONFIG: /* --config */ + if(parseconfig(nextarg)) { + errorf("cannot read config from '%s'", nextarg); + err = PARAM_READ_ERROR; + } + break; + case C_CRLFILE: /* --crlfile */ + err = getstr(&config->crlfile, nextarg, DENY_BLANK); + break; + case C_DUMP_HEADER: /* --dump-header */ + err = getstr(&config->headerfile, nextarg, DENY_BLANK); + break; + case C_ETAG_SAVE: /* --etag-save */ + if(config->num_urls > 1) { + errorf("The etag options only work on a single URL"); + err = PARAM_BAD_USE; + } + else + err = getstr(&config->etag_save_file, nextarg, DENY_BLANK); + break; + case C_ETAG_COMPARE: /* --etag-compare */ + if(config->num_urls > 1) { + errorf("The etag options only work on a single URL"); + err = PARAM_BAD_USE; + } + else + err = getstr(&config->etag_compare_file, nextarg, DENY_BLANK); + break; + case C_KEY: /* --key */ + err = getstr(&config->key, nextarg, DENY_BLANK); + break; + case C_NETRC_FILE: /* --netrc-file */ + err = getstr(&config->netrc_file, nextarg, DENY_BLANK); + break; + case C_OUTPUT: /* --output */ + err = parse_output(config, nextarg); + break; + case C_PROXY_CACERT: /* --proxy-cacert */ + err = getstr(&config->proxy_cacert, nextarg, DENY_BLANK); + break; + case C_PROXY_CAPATH: /* --proxy-capath */ + err = getstr(&config->proxy_capath, nextarg, DENY_BLANK); + break; + case C_PROXY_CERT: /* --proxy-cert */ + GetFileAndPassword(nextarg, &config->proxy_cert, + &config->proxy_key_passwd); + break; + case C_PROXY_CRLFILE: /* --proxy-crlfile */ + err = getstr(&config->proxy_crlfile, nextarg, DENY_BLANK); + break; + case C_PROXY_KEY: /* --proxy-key */ + err = getstr(&config->proxy_key, nextarg, ALLOW_BLANK); + break; + case C_SSL_SESSIONS: /* --ssl-sessions */ + if(feature_ssls_export) + err = getstr(&global->ssl_sessions, nextarg, DENY_BLANK); + else + err = PARAM_LIBCURL_DOESNT_SUPPORT; + break; + case C_STDERR: /* --stderr */ + tool_set_stderr_file(nextarg); + break; + case C_TRACE: /* --trace */ + err = getstr(&global->trace_dump, nextarg, DENY_BLANK); + if(!err) { + if(global->tracetype && (global->tracetype != TRACE_BIN)) + warnf("--trace overrides an earlier trace/verbose option"); + global->tracetype = TRACE_BIN; + } + break; + case C_TRACE_ASCII: /* --trace-ascii */ + err = getstr(&global->trace_dump, nextarg, DENY_BLANK); + if(!err) { + if(global->tracetype && (global->tracetype != TRACE_ASCII)) + warnf("--trace-ascii overrides an earlier trace/verbose option"); + global->tracetype = TRACE_ASCII; + } + break; + case C_UNIX_SOCKET: /* --unix-socket */ + config->abstract_unix_socket = FALSE; + err = getstr(&config->unix_socket_path, nextarg, DENY_BLANK); + break; + case C_UPLOAD_FILE: /* --upload-file */ + err = parse_upload_file(config, nextarg); + break; + } + return err; +} -/* opt_filestring handles string and file options */ -static ParameterError opt_filestring(struct OperationConfig *config, - const struct LongShort *a, - const char *nextarg) +/* opt_string handles string options */ +static ParameterError opt_string(struct OperationConfig *config, + const struct LongShort *a, + const char *nextarg) { ParameterError err = PARAM_OK; curl_off_t value; @@ -2227,22 +2339,6 @@ static ParameterError opt_filestring(struct OperationConfig *config, /* IP addrs of DNS servers */ err = getstr(&config->dns_servers, nextarg, DENY_BLANK); break; - case C_TRACE: /* --trace */ - err = getstr(&global->trace_dump, nextarg, DENY_BLANK); - if(!err) { - if(global->tracetype && (global->tracetype != TRACE_BIN)) - warnf("--trace overrides an earlier trace/verbose option"); - global->tracetype = TRACE_BIN; - } - break; - case C_TRACE_ASCII: /* --trace-ascii */ - err = getstr(&global->trace_dump, nextarg, DENY_BLANK); - if(!err) { - if(global->tracetype && (global->tracetype != TRACE_ASCII)) - warnf("--trace-ascii overrides an earlier trace/verbose option"); - global->tracetype = TRACE_ASCII; - } - break; case C_LIMIT_RATE: /* --limit-rate */ err = GetSizeParameter(nextarg, "rate", &value); if(!err) { @@ -2272,9 +2368,6 @@ static ParameterError opt_filestring(struct OperationConfig *config, config->authtype |= CURLAUTH_AWS_SIGV4; err = getstr(&config->aws_sigv4, nextarg, ALLOW_BLANK); break; - case C_STDERR: /* --stderr */ - tool_set_stderr_file(nextarg); - break; case C_INTERFACE: /* --interface */ /* interface */ err = getstr(&config->iface, nextarg, DENY_BLANK); @@ -2406,10 +2499,6 @@ static ParameterError opt_filestring(struct OperationConfig *config, case C_SASL_AUTHZID: /* --sasl-authzid */ err = getstr(&config->sasl_authzid, nextarg, DENY_BLANK); break; - case C_UNIX_SOCKET: /* --unix-socket */ - config->abstract_unix_socket = FALSE; - err = getstr(&config->unix_socket_path, nextarg, DENY_BLANK); - break; case C_PROXY_SERVICE_NAME: /* --proxy-service-name */ err = getstr(&config->proxy_service_name, nextarg, DENY_BLANK); break; @@ -2427,10 +2516,6 @@ static ParameterError opt_filestring(struct OperationConfig *config, case C_CONNECT_TO: /* --connect-to */ err = add2list(&config->connect_to, nextarg); break; - case C_ABSTRACT_UNIX_SOCKET: /* --abstract-unix-socket */ - config->abstract_unix_socket = TRUE; - err = getstr(&config->unix_socket_path, nextarg, DENY_BLANK); - break; case C_TLS_MAX: /* --tls-max */ err = str2tls_max(&config->ssl_version_max, nextarg); if(!err && (config->ssl_version_max < config->ssl_version)) { @@ -2499,9 +2584,6 @@ static ParameterError opt_filestring(struct OperationConfig *config, case C_URL_QUERY: /* --url-query */ err = url_query(nextarg, config); break; - case C_DUMP_HEADER: /* --dump-header */ - err = getstr(&config->headerfile, nextarg, DENY_BLANK); - break; case C_REFERER: { /* --referer */ size_t len = strlen(nextarg); /* does it end with ;auto ? */ @@ -2520,18 +2602,9 @@ static ParameterError opt_filestring(struct OperationConfig *config, tool_safefree(config->referer); } break; - case C_CERT: /* --cert */ - GetFileAndPassword(nextarg, &config->cert, &config->key_passwd); - break; - case C_CACERT: /* --cacert */ - err = getstr(&config->cacert, nextarg, DENY_BLANK); - break; case C_CERT_TYPE: /* --cert-type */ err = getstr(&config->cert_type, nextarg, DENY_BLANK); break; - case C_KEY: /* --key */ - err = getstr(&config->key, nextarg, DENY_BLANK); - break; case C_KEY_TYPE: /* --key-type */ err = getstr(&config->key_type, nextarg, DENY_BLANK); break; @@ -2548,9 +2621,6 @@ static ParameterError opt_filestring(struct OperationConfig *config, case C_ECH: /* --ech */ err = parse_ech(config, nextarg); break; - case C_CAPATH: /* --capath */ - err = getstr(&config->capath, nextarg, DENY_BLANK); - break; case C_PUBKEY: /* --pubkey */ err = getstr(&config->pubkey, nextarg, DENY_BLANK); break; @@ -2567,9 +2637,6 @@ static ParameterError opt_filestring(struct OperationConfig *config, else err = getstr(&config->hostpubsha256, nextarg, DENY_BLANK); break; - case C_CRLFILE: /* --crlfile */ - err = getstr(&config->crlfile, nextarg, DENY_BLANK); - break; case C_TLSUSER: /* --tlsuser */ if(!feature_tls_srp) err = PARAM_LIBCURL_DOESNT_SUPPORT; @@ -2597,12 +2664,6 @@ static ParameterError opt_filestring(struct OperationConfig *config, case C_PROXY_PINNEDPUBKEY: /* --proxy-pinnedpubkey */ err = getstr(&config->proxy_pinnedpubkey, nextarg, DENY_BLANK); break; - case C_SSL_SESSIONS: /* --ssl-sessions */ - if(feature_ssls_export) - err = getstr(&global->ssl_sessions, nextarg, DENY_BLANK); - else - err = PARAM_LIBCURL_DOESNT_SUPPORT; - break; case C_PROXY_TLSUSER: /* --proxy-tlsuser */ if(!feature_tls_srp) err = PARAM_LIBCURL_DOESNT_SUPPORT; @@ -2625,16 +2686,9 @@ static ParameterError opt_filestring(struct OperationConfig *config, err = PARAM_LIBCURL_DOESNT_SUPPORT; /* only support TLS-SRP */ } break; - case C_PROXY_CERT: /* --proxy-cert */ - GetFileAndPassword(nextarg, &config->proxy_cert, - &config->proxy_key_passwd); - break; case C_PROXY_CERT_TYPE: /* --proxy-cert-type */ err = getstr(&config->proxy_cert_type, nextarg, DENY_BLANK); break; - case C_PROXY_KEY: /* --proxy-key */ - err = getstr(&config->proxy_key, nextarg, ALLOW_BLANK); - break; case C_PROXY_KEY_TYPE: /* --proxy-key-type */ err = getstr(&config->proxy_key_type, nextarg, DENY_BLANK); break; @@ -2644,34 +2698,9 @@ static ParameterError opt_filestring(struct OperationConfig *config, case C_PROXY_CIPHERS: /* --proxy-ciphers */ err = getstr(&config->proxy_cipher_list, nextarg, DENY_BLANK); break; - case C_PROXY_CRLFILE: /* --proxy-crlfile */ - err = getstr(&config->proxy_crlfile, nextarg, DENY_BLANK); - break; case C_LOGIN_OPTIONS: /* --login-options */ err = getstr(&config->login_options, nextarg, ALLOW_BLANK); break; - case C_PROXY_CACERT: /* --proxy-cacert */ - err = getstr(&config->proxy_cacert, nextarg, DENY_BLANK); - break; - case C_PROXY_CAPATH: /* --proxy-capath */ - err = getstr(&config->proxy_capath, nextarg, DENY_BLANK); - break; - case C_ETAG_SAVE: /* --etag-save */ - if(config->num_urls > 1) { - errorf("The etag options only work on a single URL"); - err = PARAM_BAD_USE; - } - else - err = getstr(&config->etag_save_file, nextarg, DENY_BLANK); - break; - case C_ETAG_COMPARE: /* --etag-compare */ - if(config->num_urls > 1) { - errorf("The etag options only work on a single URL"); - err = PARAM_BAD_USE; - } - else - err = getstr(&config->etag_compare_file, nextarg, DENY_BLANK); - break; case C_CURVES: /* --curves */ err = getstr(&config->ssl_ec_curves, nextarg, DENY_BLANK); break; @@ -2695,25 +2724,13 @@ static ParameterError opt_filestring(struct OperationConfig *config, case C_PROXY_HEADER: /* --proxy-header */ err = parse_header(config, (cmdline_t)a->cmd, nextarg); break; - case C_CONFIG: /* --config */ - if(parseconfig(nextarg)) { - errorf("cannot read config from '%s'", nextarg); - err = PARAM_READ_ERROR; - } - break; case C_MAX_TIME: /* --max-time */ /* specified max time */ err = secs2ms(&config->timeout_ms, nextarg); break; - case C_NETRC_FILE: /* --netrc-file */ - err = getstr(&config->netrc_file, nextarg, DENY_BLANK); - break; case C_OUTPUT_DIR: /* --output-dir */ err = getstr(&config->output_dir, nextarg, DENY_BLANK); break; - case C_OUTPUT: /* --output */ - err = parse_output(config, nextarg); - break; case C_FTP_PORT: /* --ftp-port */ /* This makes the FTP sessions use PORT instead of PASV */ /* use or <192.168.10.10> style addresses. Anything except @@ -2736,9 +2753,6 @@ static ParameterError opt_filestring(struct OperationConfig *config, /* Telnet options */ err = add2list(&config->telnet_options, nextarg); break; - case C_UPLOAD_FILE: /* --upload-file */ - err = parse_upload_file(config, nextarg); - break; case C_USER: /* --user */ /* user:password */ err = getstr(&config->userpwd, nextarg, ALLOW_BLANK); @@ -2947,18 +2961,14 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */ break; } - if((ARGTYPE(a->desc) == ARG_FILE) && - (nextarg[0] == '-') && nextarg[1]) { - /* if the filename looks like a command line option */ - warnf("The filename argument '%s' looks like a flag.", - nextarg); - } - else if(has_leading_unicode((const unsigned char *)nextarg)) { + if(has_leading_unicode((const unsigned char *)nextarg)) { warnf("The argument '%s' starts with a Unicode character. " "Maybe ASCII was intended?", nextarg); } - /* ARG_FILE | ARG_STRG */ - err = opt_filestring(config, a, nextarg); + if(ARGTYPE(a->desc) == ARG_FILE) + err = opt_file(config, a, nextarg); + else /* if(ARGTYPE(a->desc) == ARG_STRG) */ + err = opt_string(config, a, nextarg); if(a->desc & ARG_CLEAR) cleanarg(CURL_UNCONST(nextarg)); } From 58bdfb4e1d643c4ba7bd8db855e3218ac7757e7c Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 14 Sep 2025 23:30:13 +0200 Subject: [PATCH 0028/2408] CURLOPT_SSL_VERIFYHOST.md: add see-also to two other VERIFYHOST options Closes #18548 --- docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.md b/docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.md index 9db4d4dfd3..b87e0a739d 100644 --- a/docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.md +++ b/docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.md @@ -8,6 +8,8 @@ See-also: - CURLOPT_CAINFO (3) - CURLOPT_PINNEDPUBLICKEY (3) - CURLOPT_SSL_VERIFYPEER (3) + - CURLOPT_PROXY_SSL_VERIFYHOST (3) + - CURLOPT_DOH_SSL_VERIFYHOST (3) Protocol: - TLS TLS-backend: From f7cac7cc07a45481b246c875e8113d741ba2a6e1 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 14 Sep 2025 23:28:03 +0200 Subject: [PATCH 0029/2408] setopt: accept *_SSL_VERIFYHOST set to 2L ... without outputing a verbose message about it. In the early days we had 2L and 1L have different functionalities. Reported-by: Jicea Bug: https://curl.se/mail/lib-2025-09/0031.html Closes #18547 --- lib/setopt.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/lib/setopt.c b/lib/setopt.c index 5adfe4dbeb..6f98e7dce4 100644 --- a/lib/setopt.c +++ b/lib/setopt.c @@ -443,6 +443,7 @@ static CURLcode setopt_bool(struct Curl_easy *data, CURLoption option, long arg, bool *set) { bool enabled = !!arg; + int ok = 1; struct UserDefined *s = &data->set; switch(option) { case CURLOPT_FORBID_REUSE: @@ -619,7 +620,7 @@ static CURLcode setopt_bool(struct Curl_easy *data, CURLoption option, * Enable verification of the hostname in the peer certificate for proxy */ s->proxy_ssl.primary.verifyhost = enabled; - + ok = 2; /* Update the current connection proxy_ssl_config. */ Curl_ssl_conn_config_update(data, TRUE); break; @@ -723,6 +724,7 @@ static CURLcode setopt_bool(struct Curl_easy *data, CURLoption option, * Enable verification of the hostname in the peer certificate for DoH */ s->doh_verifyhost = enabled; + ok = 2; break; case CURLOPT_DOH_SSL_VERIFYSTATUS: /* @@ -732,6 +734,7 @@ static CURLcode setopt_bool(struct Curl_easy *data, CURLoption option, return CURLE_NOT_BUILT_IN; s->doh_verifystatus = enabled; + ok = 2; break; #endif /* ! CURL_DISABLE_DOH */ case CURLOPT_SSL_VERIFYHOST: @@ -743,6 +746,7 @@ static CURLcode setopt_bool(struct Curl_easy *data, CURLoption option, this argument took a boolean when it was not and misused it. Treat 1 and 2 the same */ s->ssl.primary.verifyhost = enabled; + ok = 2; /* Update the current connection ssl_config. */ Curl_ssl_conn_config_update(data, FALSE); @@ -844,7 +848,7 @@ static CURLcode setopt_bool(struct Curl_easy *data, CURLoption option, default: return CURLE_OK; } - if((arg > 1) || (arg < 0)) + if((arg > ok) || (arg < 0)) /* reserve other values for future use */ infof(data, "boolean setopt(%d) got unsupported argument %ld," " treated as %d", option, arg, enabled); From de3fc1d7adb78c078e4cc7ccc48e550758094ad3 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Sat, 13 Sep 2025 15:25:53 +0200 Subject: [PATCH 0030/2408] asyn-thrdd: drop pthread_cancel Remove use of pthread_cancel in asnyc threaded resolving. While there are system where this works, others might leak to resource leakage (memory, files, etc.). The popular nsswitch is one example where resolve code can be dragged in that is not prepared. The overall promise and mechanism of pthread_cancel() is just too brittle and the historcal design of getaddrinfo() continues to haunt us. Fixes #18532 Reported-by: Javier Blazquez Closes #18540 --- docs/libcurl/libcurl-env-dbg.md | 5 --- lib/asyn-thrdd.c | 67 +++++++-------------------------- lib/curl_threads.c | 36 ------------------ lib/curl_threads.h | 16 -------- lib/hostip.c | 19 ---------- lib/hostip.h | 4 -- tests/data/Makefile.am | 2 +- tests/data/test795 | 36 ------------------ tests/libtest/Makefile.am | 2 +- tests/libtest/test795.pl | 46 ---------------------- 10 files changed, 16 insertions(+), 217 deletions(-) delete mode 100644 tests/data/test795 delete mode 100755 tests/libtest/test795.pl diff --git a/docs/libcurl/libcurl-env-dbg.md b/docs/libcurl/libcurl-env-dbg.md index d142e94410..3fcc1935d5 100644 --- a/docs/libcurl/libcurl-env-dbg.md +++ b/docs/libcurl/libcurl-env-dbg.md @@ -83,11 +83,6 @@ When built with c-ares for name resolving, setting this environment variable to `[IP:port]` makes libcurl use that DNS server instead of the system default. This is used by the curl test suite. -## `CURL_DNS_DELAY_MS` - -Delay the DNS resolve by this many milliseconds. This is used in the test -suite to check proper handling of CURLOPT_CONNECTTIMEOUT(3). - ## `CURL_FTP_PWD_STOP` When set, the first transfer - when using ftp: - returns before sending diff --git a/lib/asyn-thrdd.c b/lib/asyn-thrdd.c index ca6830a0be..2edef32f7b 100644 --- a/lib/asyn-thrdd.c +++ b/lib/asyn-thrdd.c @@ -199,14 +199,6 @@ err_exit: return NULL; } -static void async_thrd_cleanup(void *arg) -{ - struct async_thrdd_addr_ctx *addr_ctx = arg; - - Curl_thread_disable_cancel(); - addr_ctx_unlink(&addr_ctx, NULL); -} - #ifdef HAVE_GETADDRINFO /* @@ -220,15 +212,6 @@ static CURL_THREAD_RETURN_T CURL_STDCALL getaddrinfo_thread(void *arg) struct async_thrdd_addr_ctx *addr_ctx = arg; bool do_abort; -/* clang complains about empty statements and the pthread_cleanup* macros - * are pretty ill defined. */ -#if defined(__clang__) -#pragma clang diagnostic push -#pragma clang diagnostic ignored "-Wextra-semi-stmt" -#endif - - Curl_thread_push_cleanup(async_thrd_cleanup, addr_ctx); - Curl_mutex_acquire(&addr_ctx->mutx); do_abort = addr_ctx->do_abort; Curl_mutex_release(&addr_ctx->mutx); @@ -237,9 +220,6 @@ static CURL_THREAD_RETURN_T CURL_STDCALL getaddrinfo_thread(void *arg) char service[12]; int rc; -#ifdef DEBUGBUILD - Curl_resolve_test_delay(); -#endif msnprintf(service, sizeof(service), "%d", addr_ctx->port); rc = Curl_getaddrinfo_ex(addr_ctx->hostname, service, @@ -274,11 +254,6 @@ static CURL_THREAD_RETURN_T CURL_STDCALL getaddrinfo_thread(void *arg) } - Curl_thread_pop_cleanup(); -#if defined(__clang__) -#pragma clang diagnostic pop -#endif - addr_ctx_unlink(&addr_ctx, NULL); return 0; } @@ -293,24 +268,11 @@ static CURL_THREAD_RETURN_T CURL_STDCALL gethostbyname_thread(void *arg) struct async_thrdd_addr_ctx *addr_ctx = arg; bool do_abort; -/* clang complains about empty statements and the pthread_cleanup* macros - * are pretty ill defined. */ -#if defined(__clang__) -#pragma clang diagnostic push -#pragma clang diagnostic ignored "-Wextra-semi-stmt" -#endif - - Curl_thread_push_cleanup(async_thrd_cleanup, addr_ctx); - Curl_mutex_acquire(&addr_ctx->mutx); do_abort = addr_ctx->do_abort; Curl_mutex_release(&addr_ctx->mutx); if(!do_abort) { -#ifdef DEBUGBUILD - Curl_resolve_test_delay(); -#endif - addr_ctx->res = Curl_ipv4_resolve_r(addr_ctx->hostname, addr_ctx->port); if(!addr_ctx->res) { addr_ctx->sock_error = SOCKERRNO; @@ -337,12 +299,7 @@ static CURL_THREAD_RETURN_T CURL_STDCALL gethostbyname_thread(void *arg) #endif } - Curl_thread_pop_cleanup(); -#if defined(__clang__) -#pragma clang diagnostic pop -#endif - - async_thrd_cleanup(addr_ctx); + addr_ctx_unlink(&addr_ctx, NULL); return 0; } @@ -381,12 +338,12 @@ static void async_thrdd_destroy(struct Curl_easy *data) CURL_TRC_DNS(data, "async_thrdd_destroy, thread joined"); } else { - /* thread is still running. Detach the thread while mutexed, it will - * trigger the cleanup when it releases its reference. */ + /* thread is still running. Detach it. */ Curl_thread_destroy(&addr->thread_hnd); CURL_TRC_DNS(data, "async_thrdd_destroy, thread detached"); } } + /* release our reference to the shared context */ addr_ctx_unlink(&thrdd->addr, data); } @@ -532,10 +489,12 @@ static void async_thrdd_shutdown(struct Curl_easy *data) done = addr_ctx->thrd_done; Curl_mutex_release(&addr_ctx->mutx); - DEBUGASSERT(addr_ctx->thread_hnd != curl_thread_t_null); - if(!done && (addr_ctx->thread_hnd != curl_thread_t_null)) { - CURL_TRC_DNS(data, "cancelling resolve thread"); - (void)Curl_thread_cancel(&addr_ctx->thread_hnd); + /* Wait for the thread to terminate if it is already marked done. If it is + not done yet we cannot do anything here. We had tried pthread_cancel but + it caused hanging and resource leaks (#18532). */ + if(done && (addr_ctx->thread_hnd != curl_thread_t_null)) { + Curl_thread_join(&addr_ctx->thread_hnd); + CURL_TRC_DNS(data, "async_thrdd_shutdown, thread joined"); } } @@ -553,9 +512,11 @@ static CURLcode asyn_thrdd_await(struct Curl_easy *data, if(!entry) async_thrdd_shutdown(data); - CURL_TRC_DNS(data, "resolve, wait for thread to finish"); - if(!Curl_thread_join(&addr_ctx->thread_hnd)) { - DEBUGASSERT(0); + if(addr_ctx->thread_hnd != curl_thread_t_null) { + CURL_TRC_DNS(data, "resolve, wait for thread to finish"); + if(!Curl_thread_join(&addr_ctx->thread_hnd)) { + DEBUGASSERT(0); + } } if(entry) diff --git a/lib/curl_threads.c b/lib/curl_threads.c index 2750f5ad9f..96fd0f8a7a 100644 --- a/lib/curl_threads.c +++ b/lib/curl_threads.c @@ -100,34 +100,6 @@ int Curl_thread_join(curl_thread_t *hnd) return ret; } -/* do not use pthread_cancel if: - * - pthread_cancel seems to be absent - * - on FreeBSD, as we see hangers in CI testing - * - this is a -fsanitize=thread build - * (clang sanitizer reports false positive when functions to not return) - */ -#if defined(PTHREAD_CANCEL_ENABLE) && !defined(__FreeBSD__) -#if defined(__has_feature) -# if !__has_feature(thread_sanitizer) -#define USE_PTHREAD_CANCEL -# endif -#else /* __has_feature */ -#define USE_PTHREAD_CANCEL -#endif /* !__has_feature */ -#endif /* PTHREAD_CANCEL_ENABLE && !__FreeBSD__ */ - -int Curl_thread_cancel(curl_thread_t *hnd) -{ - (void)hnd; - if(*hnd != curl_thread_t_null) -#ifdef USE_PTHREAD_CANCEL - return pthread_cancel(**hnd); -#else - return 1; /* not supported */ -#endif - return 0; -} - #elif defined(USE_THREADS_WIN32) curl_thread_t Curl_thread_create(CURL_THREAD_RETURN_T @@ -182,12 +154,4 @@ int Curl_thread_join(curl_thread_t *hnd) return ret; } -int Curl_thread_cancel(curl_thread_t *hnd) -{ - if(*hnd != curl_thread_t_null) { - return 1; /* not supported */ - } - return 0; -} - #endif /* USE_THREADS_* */ diff --git a/lib/curl_threads.h b/lib/curl_threads.h index 115277c00e..82f08c5fbb 100644 --- a/lib/curl_threads.h +++ b/lib/curl_threads.h @@ -66,22 +66,6 @@ void Curl_thread_destroy(curl_thread_t *hnd); int Curl_thread_join(curl_thread_t *hnd); -int Curl_thread_cancel(curl_thread_t *hnd); - -#if defined(USE_THREADS_POSIX) && defined(PTHREAD_CANCEL_ENABLE) -#define Curl_thread_push_cleanup(a,b) pthread_cleanup_push(a,b) -#define Curl_thread_pop_cleanup() pthread_cleanup_pop(0) -#define Curl_thread_enable_cancel() \ - pthread_setcancelstate(PTHREAD_CANCEL_ENABLE, NULL) -#define Curl_thread_disable_cancel() \ - pthread_setcancelstate(PTHREAD_CANCEL_DISABLE, NULL) -#else -#define Curl_thread_push_cleanup(a,b) ((void)a,(void)b) -#define Curl_thread_pop_cleanup() Curl_nop_stmt -#define Curl_thread_enable_cancel() Curl_nop_stmt -#define Curl_thread_disable_cancel() Curl_nop_stmt -#endif - #endif /* USE_THREADS_POSIX || USE_THREADS_WIN32 */ #endif /* HEADER_CURL_THREADS_H */ diff --git a/lib/hostip.c b/lib/hostip.c index 2d122fb999..b6be2ca1f2 100644 --- a/lib/hostip.c +++ b/lib/hostip.c @@ -1132,10 +1132,6 @@ CURLcode Curl_resolv_timeout(struct Curl_easy *data, prev_alarm = alarm(curlx_sltoui(timeout/1000L)); } -#ifdef DEBUGBUILD - Curl_resolve_test_delay(); -#endif - #else /* !USE_ALARM_TIMEOUT */ #ifndef CURLRES_ASYNCH if(timeoutms) @@ -1639,18 +1635,3 @@ CURLcode Curl_resolver_error(struct Curl_easy *data, const char *detail) return result; } #endif /* USE_CURL_ASYNC */ - -#ifdef DEBUGBUILD -#include "curlx/wait.h" - -void Curl_resolve_test_delay(void) -{ - const char *p = getenv("CURL_DNS_DELAY_MS"); - if(p) { - curl_off_t l; - if(!curlx_str_number(&p, &l, TIME_T_MAX) && l) { - curlx_wait_ms((timediff_t)l); - } - } -} -#endif diff --git a/lib/hostip.h b/lib/hostip.h index 2f78be82c2..3eb82cd149 100644 --- a/lib/hostip.h +++ b/lib/hostip.h @@ -216,8 +216,4 @@ struct Curl_addrinfo *Curl_sync_getaddrinfo(struct Curl_easy *data, #endif -#ifdef DEBUGBUILD -void Curl_resolve_test_delay(void); -#endif - #endif /* HEADER_CURL_HOSTIP_H */ diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am index daed381e47..4523de4886 100644 --- a/tests/data/Makefile.am +++ b/tests/data/Makefile.am @@ -112,7 +112,7 @@ test754 test755 test756 test757 test758 test759 test760 test761 test762 \ test763 \ \ test780 test781 test782 test783 test784 test785 test786 test787 test788 \ -test789 test790 test791 test792 test793 test794 test795 test796 test797 \ +test789 test790 test791 test792 test793 test794 test796 test797 \ \ test799 test800 test801 test802 test803 test804 test805 test806 test807 \ test808 test809 test810 test811 test812 test813 test814 test815 test816 \ diff --git a/tests/data/test795 b/tests/data/test795 deleted file mode 100644 index 2c98b3bcc4..0000000000 --- a/tests/data/test795 +++ /dev/null @@ -1,36 +0,0 @@ - - - -DNS - - - -# Client-side - - -http -Debug -!c-ares -!win32 - - -Delayed resolve --connect-timeout check - - -CURL_DNS_DELAY_MS=5000 - - -http://test.invalid -v --no-progress-meter --trace-config dns --connect-timeout 1 -w \%{time_total} - - - -# Verify data after the test has been "shot" - - -28 - - -%SRCDIR/libtest/test795.pl %LOGDIR/stdout%TESTNUMBER 2 >> %LOGDIR/stderr%TESTNUMBER - - - diff --git a/tests/libtest/Makefile.am b/tests/libtest/Makefile.am index 4ccfbd2b7b..b62a359eab 100644 --- a/tests/libtest/Makefile.am +++ b/tests/libtest/Makefile.am @@ -42,7 +42,7 @@ AM_CPPFLAGS = -I$(top_srcdir)/include \ include Makefile.inc EXTRA_DIST = CMakeLists.txt $(FIRST_C) $(FIRST_H) $(UTILS_C) $(UTILS_H) $(TESTS_C) \ - test307.pl test610.pl test613.pl test795.pl test1013.pl test1022.pl mk-lib1521.pl + test307.pl test610.pl test613.pl test1013.pl test1022.pl mk-lib1521.pl CFLAGS += @CURL_CFLAG_EXTRAS@ diff --git a/tests/libtest/test795.pl b/tests/libtest/test795.pl deleted file mode 100755 index 6aa793f7f6..0000000000 --- a/tests/libtest/test795.pl +++ /dev/null @@ -1,46 +0,0 @@ -#!/usr/bin/env perl -#*************************************************************************** -# _ _ ____ _ -# Project ___| | | | _ \| | -# / __| | | | |_) | | -# | (__| |_| | _ <| |___ -# \___|\___/|_| \_\_____| -# -# Copyright (C) Daniel Stenberg, , et al. -# -# This software is licensed as described in the file COPYING, which -# you should have received as part of this distribution. The terms -# are also available at https://curl.se/docs/copyright.html. -# -# You may opt to use, copy, modify, merge, publish, distribute and/or sell -# copies of the Software, and permit persons to whom the Software is -# furnished to do so, under the terms of the COPYING file. -# -# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY -# KIND, either express or implied. -# -# SPDX-License-Identifier: curl -# -########################################################################### -use strict; -use warnings; - -my $ok = 1; -my $exp_duration = $ARGV[1] + 0.0; - -# Read the output of curl --version -open(F, $ARGV[0]) || die "Can't open test result from $ARGV[0]\n"; -$_ = ; -chomp; -/\s*([\.\d]+)\s*/; -my $duration = $1 + 0.0; -close F; - -if ($duration <= $exp_duration) { - print "OK: duration of $duration in expected range\n"; - $ok = 0; -} -else { - print "FAILED: duration of $duration is larger than $exp_duration\n"; -} -exit $ok; From e09f45fea4fca38c5e09f858a383ad5e45a92c24 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 14 Sep 2025 23:59:41 +0200 Subject: [PATCH 0031/2408] dist: do not distribute `CI.md` `CI.md` slipped into the 8.15.0, 8.16.0 tarballs by accident. Remove it again and update the checker exception. Follow-up to fa3f889752e6b5034966de61a372a60773a69ca8 #17463 Closes #18549 --- .github/scripts/distfiles.sh | 4 ++-- docs/Makefile.am | 1 - 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/scripts/distfiles.sh b/.github/scripts/distfiles.sh index 26370744d7..eaa7857af2 100755 --- a/.github/scripts/distfiles.sh +++ b/.github/scripts/distfiles.sh @@ -19,6 +19,7 @@ gitonly=".git* ^SECURITY.md ^LICENSES/* ^docs/examples/adddocsref.pl +^docs/tests/CI.md ^docs/THANKS-filter ^projects/Windows/* ^scripts/ciconfig.pl @@ -28,8 +29,7 @@ gitonly=".git* ^scripts/delta ^scripts/installcheck.sh ^scripts/release-notes.pl -^scripts/singleuse.pl -^tests/CI.md" +^scripts/singleuse.pl" tarfiles="$(mktemp)" gitfiles="$(mktemp)" diff --git a/docs/Makefile.am b/docs/Makefile.am index 554657e889..65ba28c0eb 100644 --- a/docs/Makefile.am +++ b/docs/Makefile.am @@ -42,7 +42,6 @@ CLEANFILES = $(MK_CA_DOCS) $(man_MANS) $(TEST_DOCS) endif TESTDOCS = \ - tests/CI.md \ tests/FILEFORMAT.md \ tests/HTTP.md \ tests/TEST-SUITE.md From 8de37b8cda7342e54615a9a840c076def155b023 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 15 Sep 2025 10:33:19 +0200 Subject: [PATCH 0032/2408] cmdline-docs: extended, clarified, refreshed Closes #18550 --- docs/cmdline-opts/abstract-unix-socket.md | 6 +++--- docs/cmdline-opts/compressed-ssh.md | 3 ++- docs/cmdline-opts/disallow-username-in-url.md | 3 +++ docs/cmdline-opts/engine.md | 7 +++++-- docs/cmdline-opts/follow.md | 4 ++++ docs/cmdline-opts/globoff.md | 3 +++ docs/cmdline-opts/http2.md | 1 + docs/cmdline-opts/http3.md | 2 ++ docs/cmdline-opts/junk-session-cookies.md | 5 ++++- docs/cmdline-opts/location.md | 4 ++++ docs/cmdline-opts/max-redirs.md | 8 +++++--- docs/cmdline-opts/proto-redir.md | 5 +++-- docs/cmdline-opts/proxy.md | 3 +-- docs/cmdline-opts/request.md | 11 ++++++----- docs/cmdline-opts/retry-connrefused.md | 6 ++++-- docs/cmdline-opts/retry.md | 13 ++++++++----- docs/cmdline-opts/sasl-ir.md | 4 +++- docs/cmdline-opts/tr-encoding.md | 5 +++++ docs/cmdline-opts/trace-ids.md | 4 ++++ docs/cmdline-opts/unix-socket.md | 5 ++++- 20 files changed, 74 insertions(+), 28 deletions(-) diff --git a/docs/cmdline-opts/abstract-unix-socket.md b/docs/cmdline-opts/abstract-unix-socket.md index 7078e642fd..b1b6100e16 100644 --- a/docs/cmdline-opts/abstract-unix-socket.md +++ b/docs/cmdline-opts/abstract-unix-socket.md @@ -16,6 +16,6 @@ Example: # `--abstract-unix-socket` -Connect through an abstract Unix domain socket, instead of using the network. -Note: netstat shows the path of an abstract socket prefixed with `@`, however -the \ argument should not have this leading character. +Connect to the server through an abstract Unix domain socket, instead of using +the network. Note: netstat shows the path of an abstract socket prefixed with +`@`, however the \ argument should not have this leading character. diff --git a/docs/cmdline-opts/compressed-ssh.md b/docs/cmdline-opts/compressed-ssh.md index 955c59c2b7..07d3981b48 100644 --- a/docs/cmdline-opts/compressed-ssh.md +++ b/docs/cmdline-opts/compressed-ssh.md @@ -16,4 +16,5 @@ Example: # `--compressed-ssh` Enable SSH compression. This is a request, not an order; the server may or may -not do it. +not do it. This allows the data to be sent compressed over the wire, and +automatically decompressed in the receiving end, to save bandwidth. diff --git a/docs/cmdline-opts/disallow-username-in-url.md b/docs/cmdline-opts/disallow-username-in-url.md index 012f2d0dc8..0507f531cc 100644 --- a/docs/cmdline-opts/disallow-username-in-url.md +++ b/docs/cmdline-opts/disallow-username-in-url.md @@ -16,3 +16,6 @@ Example: Exit with error if passed a URL containing a username. Probably most useful when the URL is being provided at runtime or similar. + +Accepting and using credentials in a URL is normally considered a security +hazard as they are easily leaked that way. diff --git a/docs/cmdline-opts/engine.md b/docs/cmdline-opts/engine.md index 511190023e..cde6949b86 100644 --- a/docs/cmdline-opts/engine.md +++ b/docs/cmdline-opts/engine.md @@ -17,6 +17,9 @@ Example: # `--engine` -Select the OpenSSL crypto engine to use for cipher operations. Use --engine -list to print a list of build-time supported engines. Note that not all (and +Select the OpenSSL crypto engine to use for cipher operations. Use `--engine +list` to print a list of build-time supported engines. Note that not all (and possibly none) of the engines may be available at runtime. + +The OpenSSL concept "engines" has been superseded by "providers" in OpenSSL 3, +and this option should work fine to specify such as well. diff --git a/docs/cmdline-opts/follow.md b/docs/cmdline-opts/follow.md index 9d4225ab35..47d9128441 100644 --- a/docs/cmdline-opts/follow.md +++ b/docs/cmdline-opts/follow.md @@ -9,6 +9,8 @@ Multi: boolean See-also: - request - location + - proto-redir + - max-redirs Example: - -X POST --follow $URL --- @@ -23,3 +25,5 @@ status codes 307 or 308, but may be reset to GET for 301, 302 and 303. This is subtly different than --location, as that option always set the custom method in all subsequent requests independent of response code. + +Restrict which protocols a redirect is accepted to follow with --proto-redir. diff --git a/docs/cmdline-opts/globoff.md b/docs/cmdline-opts/globoff.md index 3c8c341439..5ef4b2ae88 100644 --- a/docs/cmdline-opts/globoff.md +++ b/docs/cmdline-opts/globoff.md @@ -20,3 +20,6 @@ Switch off the URL globbing function. When you set this option, you can specify URLs that contain the letters {}[] without having curl itself interpret them. Note that these letters are not normal legal URL contents but they should be encoded according to the URI standard. + +curl detects numerical IPv6 addresses when used in URLs and excludes them from +the treatment, so they can still be used without having to disable globbing. diff --git a/docs/cmdline-opts/http2.md b/docs/cmdline-opts/http2.md index ae4d26974c..f5180be2b5 100644 --- a/docs/cmdline-opts/http2.md +++ b/docs/cmdline-opts/http2.md @@ -14,6 +14,7 @@ See-also: - http1.1 - http3 - no-alpn + - proxy-http2 Example: - --http2 $URL --- diff --git a/docs/cmdline-opts/http3.md b/docs/cmdline-opts/http3.md index a66d797829..e4dfeef075 100644 --- a/docs/cmdline-opts/http3.md +++ b/docs/cmdline-opts/http3.md @@ -33,3 +33,5 @@ still tries to proceed with an older HTTP version. The fallback performs the regular negotiation between HTTP/1 and HTTP/2. Use --http3-only for similar functionality *without* a fallback. + +curl cannot do HTTP/3 over any proxy. diff --git a/docs/cmdline-opts/junk-session-cookies.md b/docs/cmdline-opts/junk-session-cookies.md index 63971050c0..668dfce2d6 100644 --- a/docs/cmdline-opts/junk-session-cookies.md +++ b/docs/cmdline-opts/junk-session-cookies.md @@ -18,5 +18,8 @@ Example: # `--junk-session-cookies` When curl is told to read cookies from a given file, this option makes it -discard all "session cookies". This has the same effect as if a new session is +discard all session cookies. This has the same effect as if a new session is started. Typical browsers discard session cookies when they are closed down. + +Session cookies are cookies without a set expiry time. They are meant to only +last for "a session". diff --git a/docs/cmdline-opts/location.md b/docs/cmdline-opts/location.md index 86ae7e3580..56950c2dfc 100644 --- a/docs/cmdline-opts/location.md +++ b/docs/cmdline-opts/location.md @@ -12,6 +12,8 @@ See-also: - resolve - alt-svc - follow + - proto-redir + - max-redirs Example: - -L $URL --- @@ -40,3 +42,5 @@ using the dedicated options for that: --post301, --post302 and --post303. The method set with --request overrides the method curl would otherwise select to use. + +Restrict which protocols a redirect is accepted to follow with --proto-redir. diff --git a/docs/cmdline-opts/max-redirs.md b/docs/cmdline-opts/max-redirs.md index 7c9f193d2c..02bdfaa7fb 100644 --- a/docs/cmdline-opts/max-redirs.md +++ b/docs/cmdline-opts/max-redirs.md @@ -10,12 +10,14 @@ Added: 7.5 Multi: single See-also: - location + - follow Example: - --max-redirs 3 --location $URL --- # `--max-redirs` -Set the maximum number of redirections to follow. When --location is used, to -prevent curl from following too many redirects, by default, the limit is -set to 50 redirects. Set this option to -1 to make it unlimited. +Set the maximum number of redirections to follow. When --location or --follow +are used, this option prevents curl from following too many redirects. By +default the limit is set to 50 redirects. Set this option to -1 to make it +unlimited. diff --git a/docs/cmdline-opts/proto-redir.md b/docs/cmdline-opts/proto-redir.md index 337aa93cb6..1f75bfdfd6 100644 --- a/docs/cmdline-opts/proto-redir.md +++ b/docs/cmdline-opts/proto-redir.md @@ -9,8 +9,9 @@ Category: connection curl Multi: single See-also: - proto + - follow Example: - - --proto-redir =http,https $URL + - --proto-redir =http,https --follow $URL --- # `--proto-redir` @@ -20,7 +21,7 @@ not overridden by this option. See --proto for how protocols are represented. Example, allow only HTTP and HTTPS on redirect: - curl --proto-redir -all,http,https http://example.com + curl --proto-redir -all,http,https --follow http://example.com By default curl only allows HTTP, HTTPS, FTP and FTPS on redirects (added in 7.65.2). Specifying *all* or *+all* enables all protocols on diff --git a/docs/cmdline-opts/proxy.md b/docs/cmdline-opts/proxy.md index 1ed503c108..6cd456169d 100644 --- a/docs/cmdline-opts/proxy.md +++ b/docs/cmdline-opts/proxy.md @@ -31,8 +31,7 @@ HTTPS proxy support works with the https:// protocol prefix for OpenSSL and GnuTLS (added in 7.52.0). It also works for mbedTLS, Rustls, Schannel and wolfSSL (added in 7.87.0). -Unrecognized and unsupported proxy protocols cause an error (added in 7.52.0). -Ancient curl versions ignored unknown schemes and used http:// instead. +Unrecognized and unsupported proxy protocol schemes cause an error. If the port number is not specified in the proxy string, it is assumed to be 1080. diff --git a/docs/cmdline-opts/request.md b/docs/cmdline-opts/request.md index 86cf10deaf..2c9d7776e5 100644 --- a/docs/cmdline-opts/request.md +++ b/docs/cmdline-opts/request.md @@ -10,8 +10,9 @@ Added: 6.0 Multi: single See-also: - request-target + - follow Example: - - -X "DELETE" $URL + - --request "DELETE" $URL - -X NLST ftp://example.com/ --- @@ -37,10 +38,10 @@ This option only changes the actual word used in the HTTP request, it does not alter the way curl behaves. For example if you want to make a proper HEAD request, using -X HEAD does not suffice. You need to use the --head option. -The method string you set with --request is used for all requests, which -if you for example use --location may cause unintended side-effects when curl -does not change request method according to the HTTP 30x response codes - and -similar. +If --location is used, the method string you set with --request is used for +all requests, which may cause unintended side-effects when curl does not +change request method according to the HTTP 30x response codes - and similar. +Consider using --follow instead in combination with --request. ## FTP Specifies a custom FTP command to use instead of *LIST* when doing file lists diff --git a/docs/cmdline-opts/retry-connrefused.md b/docs/cmdline-opts/retry-connrefused.md index 22345cd881..2e6ba80686 100644 --- a/docs/cmdline-opts/retry-connrefused.md +++ b/docs/cmdline-opts/retry-connrefused.md @@ -15,5 +15,7 @@ Example: # `--retry-connrefused` -In addition to the other conditions, consider ECONNREFUSED as a transient -error too for --retry. This option is used together with --retry. +In addition to the other conditions, also consider ECONNREFUSED as a transient +error for --retry. This option is used together with --retry. Normally, a +confused connection is not considered a transient error and therefore thus not +otherwise trigger a retry. diff --git a/docs/cmdline-opts/retry.md b/docs/cmdline-opts/retry.md index 2176e8f43d..f55d8edcca 100644 --- a/docs/cmdline-opts/retry.md +++ b/docs/cmdline-opts/retry.md @@ -9,6 +9,8 @@ Category: curl Multi: single See-also: - retry-max-time + - retry-connrefused + - retry-delay Example: - --retry 7 $URL --- @@ -16,16 +18,17 @@ Example: # `--retry` If a transient error is returned when curl tries to perform a transfer, it -retries this number of times before giving up. Setting the number to 0 -makes curl do no retries (which is the default). Transient error means either: -a timeout, an FTP 4xx response code or an HTTP 408, 429, 500, 502, 503 or 504 +retries this number of times before giving up. Setting the number to 0 makes +curl do no retries (which is the default). Transient error means either: a +timeout, an FTP 4xx response code or an HTTP 408, 429, 500, 502, 503 or 504 response code. When curl is about to retry a transfer, it first waits one second and then for all forthcoming retries it doubles the waiting time until it reaches 10 minutes, which then remains the set fixed delay time between the rest of the -retries. By using --retry-delay you disable this exponential backoff algorithm. -See also --retry-max-time to limit the total time allowed for retries. +retries. By using --retry-delay you disable this exponential backoff +algorithm. See also --retry-max-time to limit the total time allowed for +retries. curl complies with the Retry-After: response header if one was present to know when to issue the next retry (added in 7.66.0). diff --git a/docs/cmdline-opts/sasl-ir.md b/docs/cmdline-opts/sasl-ir.md index b11137df0a..0f759c6d10 100644 --- a/docs/cmdline-opts/sasl-ir.md +++ b/docs/cmdline-opts/sasl-ir.md @@ -14,4 +14,6 @@ Example: # `--sasl-ir` -Enable initial response in SASL authentication. +Enable initial response in SASL authentication. Such an "initial response" is +a message sent by the client to the server after the client selects an +authentication mechanism. diff --git a/docs/cmdline-opts/tr-encoding.md b/docs/cmdline-opts/tr-encoding.md index cdd8f02d67..c364c07d4b 100644 --- a/docs/cmdline-opts/tr-encoding.md +++ b/docs/cmdline-opts/tr-encoding.md @@ -17,3 +17,8 @@ Example: Request a compressed Transfer-Encoding response using one of the algorithms curl supports, and uncompress the data while receiving it. + +This method was once intended to be the way to do automatic data compression +for HTTP but for all practical purposes using Content-Encoding as done with +--compressed has superseded transfer encoding. The --tr-encoding option is +therefore often not be one you want. diff --git a/docs/cmdline-opts/trace-ids.md b/docs/cmdline-opts/trace-ids.md index b9a6222600..302631d844 100644 --- a/docs/cmdline-opts/trace-ids.md +++ b/docs/cmdline-opts/trace-ids.md @@ -18,3 +18,7 @@ Example: Prepend the transfer and connection identifiers to each trace or verbose line that curl displays. + +The identifiers are unique numbers assigned to each connection and transfer to +allow a user to better understand which transfer and connection each verbose +output line refers to. diff --git a/docs/cmdline-opts/unix-socket.md b/docs/cmdline-opts/unix-socket.md index 582f32dc50..34cc714f79 100644 --- a/docs/cmdline-opts/unix-socket.md +++ b/docs/cmdline-opts/unix-socket.md @@ -16,4 +16,7 @@ Example: # `--unix-socket` -Connect through this Unix domain socket, instead of using the network. +Connect to the server through this Unix domain socket, instead of using the +network. + +To connect to a proxy over Unix domain socket, see --proxy. From 61b79dee7966e979cb5ae950ea773ecf4c048a62 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 15 Sep 2025 12:51:58 +0200 Subject: [PATCH 0033/2408] CURLOPT_TIMECONDITION.md: works for FILE and FTP as well Closes #18551 --- docs/libcurl/opts/CURLOPT_TIMECONDITION.md | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/docs/libcurl/opts/CURLOPT_TIMECONDITION.md b/docs/libcurl/opts/CURLOPT_TIMECONDITION.md index d17174c254..f03473f608 100644 --- a/docs/libcurl/opts/CURLOPT_TIMECONDITION.md +++ b/docs/libcurl/opts/CURLOPT_TIMECONDITION.md @@ -9,6 +9,8 @@ See-also: - CURLOPT_TIMEVALUE (3) Protocol: - HTTP + - FILE + - FTP Added-in: 7.1 --- @@ -26,15 +28,15 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_TIMECONDITION, long cond); # DESCRIPTION -Pass a long as parameter. This defines how the CURLOPT_TIMEVALUE(3) time -value is treated. You can set this parameter to *CURL_TIMECOND_IFMODSINCE* -or *CURL_TIMECOND_IFUNMODSINCE*. +Pass a long as parameter. This defines how the CURLOPT_TIMEVALUE(3) time value +is treated. You can set this parameter to *CURL_TIMECOND_IFMODSINCE* or +*CURL_TIMECOND_IFUNMODSINCE*. The last modification time of a file is not always known and in such instances this feature has no effect even if the given time condition would not have -been met. curl_easy_getinfo(3) with the *CURLINFO_CONDITION_UNMET* -option can be used after a transfer to learn if a zero-byte successful -"transfer" was due to this condition not matching. +been met. curl_easy_getinfo(3) with the *CURLINFO_CONDITION_UNMET* option can +be used after a transfer to learn if a zero-byte successful "transfer" was due +to this condition not matching. # DEFAULT From a4196e22493b945bc61f51767105d5922c7feb93 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 2 Sep 2025 14:20:26 +0200 Subject: [PATCH 0034/2408] tidy-up: whitespace Closes #18553 --- docs/examples/Makefile.example | 4 ++-- docs/examples/ephiperfifo.c | 9 --------- docs/examples/evhiperfifo.c | 8 -------- docs/examples/hiperfifo.c | 12 ------------ lib/ftp.c | 5 +---- lib/md4.c | 6 +++--- lib/md5.c | 8 ++++---- lib/memdebug.c | 10 +++++----- lib/url.c | 4 ++-- lib/vauth/digest_sspi.c | 16 ++++++++-------- lib/vauth/krb5_sspi.c | 6 +++--- lib/vauth/ntlm_sspi.c | 24 ++++++++++++------------ lib/vauth/spnego_sspi.c | 4 ++-- lib/vquic/curl_ngtcp2.c | 4 +--- lib/vquic/curl_osslq.c | 4 +--- lib/vquic/curl_quiche.c | 4 +--- lib/ws.c | 2 +- scripts/checksrc.pl | 1 - src/terminal.c | 2 +- tests/data/test1634 | 2 +- tests/data/test1635 | 2 +- tests/data/test612 | 2 +- tests/unit/unit1304.c | 2 +- 23 files changed, 51 insertions(+), 90 deletions(-) diff --git a/docs/examples/Makefile.example b/docs/examples/Makefile.example index cfb59c94ef..9738e94bb8 100644 --- a/docs/examples/Makefile.example +++ b/docs/examples/Makefile.example @@ -26,7 +26,7 @@ TARGET = example # Which object files that the executable consists of -OBJS= ftpget.o +OBJS = ftpget.o # What compiler to use CC = gcc @@ -48,7 +48,7 @@ LIBS = -lcurl -lsocket -lnsl -lssl -lcrypto # Link the target with all objects and libraries $(TARGET) : $(OBJS) - $(CC) -o $(TARGET) $(OBJS) $(LDFLAGS) $(LIBS) + $(CC) -o $(TARGET) $(OBJS) $(LDFLAGS) $(LIBS) # Compile the source files into object files ftpget.o : ftpget.c diff --git a/docs/examples/ephiperfifo.c b/docs/examples/ephiperfifo.c index d30b944bbc..3fddb2b743 100644 --- a/docs/examples/ephiperfifo.c +++ b/docs/examples/ephiperfifo.c @@ -88,7 +88,6 @@ struct GlobalInfo { FILE *input; }; - /* Information associated with a specific easy handle */ struct ConnInfo { CURL *easy; @@ -97,7 +96,6 @@ struct ConnInfo { char error[CURL_ERROR_SIZE]; }; - /* Information associated with a specific socket */ struct SockInfo { curl_socket_t sockfd; @@ -167,7 +165,6 @@ static int multi_timer_cb(CURLM *multi, long timeout_ms, struct GlobalInfo *g) return 0; } - /* Check for completed transfers, and remove their easy handles */ static void check_multi_info(struct GlobalInfo *g) { @@ -244,7 +241,6 @@ static void timer_cb(struct GlobalInfo *g, int revents) check_multi_info(g); } - /* Clean up the SockInfo structure */ static void remsock(struct SockInfo *f, struct GlobalInfo *g) { @@ -258,7 +254,6 @@ static void remsock(struct SockInfo *f, struct GlobalInfo *g) } } - /* Assign information to a SockInfo structure */ static void setsock(struct SockInfo *f, curl_socket_t s, CURL *e, int act, struct GlobalInfo *g) @@ -284,7 +279,6 @@ static void setsock(struct SockInfo *f, curl_socket_t s, CURL *e, int act, s, strerror(errno)); } - /* Initialize a new SockInfo structure */ static void addsock(curl_socket_t s, CURL *easy, int action, struct GlobalInfo *g) @@ -324,7 +318,6 @@ static int sock_cb(CURL *e, curl_socket_t s, int what, void *cbp, void *sockp) return 0; } - /* CURLOPT_WRITEFUNCTION */ static size_t write_cb(void *ptr, size_t size, size_t nmemb, void *data) { @@ -333,7 +326,6 @@ static size_t write_cb(void *ptr, size_t size, size_t nmemb, void *data) return size * nmemb; } - /* CURLOPT_PROGRESSFUNCTION */ static int prog_cb(void *p, double dltotal, double dlnow, double ult, double uln) @@ -346,7 +338,6 @@ static int prog_cb(void *p, double dltotal, double dlnow, double ult, return 0; } - /* Create a new easy handle, and add it to the global curl_multi */ static void new_conn(const char *url, struct GlobalInfo *g) { diff --git a/docs/examples/evhiperfifo.c b/docs/examples/evhiperfifo.c index b28f057c82..364a0f42fe 100644 --- a/docs/examples/evhiperfifo.c +++ b/docs/examples/evhiperfifo.c @@ -88,7 +88,6 @@ struct GlobalInfo { FILE *input; }; - /* Information associated with a specific easy handle */ struct ConnInfo { CURL *easy; @@ -97,7 +96,6 @@ struct ConnInfo { char error[CURL_ERROR_SIZE]; }; - /* Information associated with a specific socket */ struct SockInfo { curl_socket_t sockfd; @@ -164,7 +162,6 @@ static void mcode_or_die(const char *where, CURLMcode code) } } - /* Check for completed transfers, and remove their easy handles */ static void check_multi_info(struct GlobalInfo *g) { @@ -191,7 +188,6 @@ static void check_multi_info(struct GlobalInfo *g) } } - /* Called by libevent when we get action on a multi socket */ static void event_cb(EV_P_ struct ev_io *w, int revents) { @@ -240,7 +236,6 @@ static void remsock(struct SockInfo *f, struct GlobalInfo *g) } } - /* Assign information to a SockInfo structure */ static void setsock(struct SockInfo *f, curl_socket_t s, CURL *e, int act, struct GlobalInfo *g) @@ -261,7 +256,6 @@ static void setsock(struct SockInfo *f, curl_socket_t s, CURL *e, int act, ev_io_start(g->loop, &f->ev); } - /* Initialize a new SockInfo structure */ static void addsock(curl_socket_t s, CURL *easy, int action, struct GlobalInfo *g) @@ -304,7 +298,6 @@ static int sock_cb(CURL *e, curl_socket_t s, int what, void *cbp, void *sockp) return 0; } - /* CURLOPT_WRITEFUNCTION */ static size_t write_cb(void *ptr, size_t size, size_t nmemb, void *data) { @@ -328,7 +321,6 @@ static int xferinfo_cb(void *p, curl_off_t dltotal, curl_off_t dlnow, return 0; } - /* Create a new easy handle, and add it to the global curl_multi */ static void new_conn(const char *url, struct GlobalInfo *g) { diff --git a/docs/examples/hiperfifo.c b/docs/examples/hiperfifo.c index 35a519b63e..1af1eb0c72 100644 --- a/docs/examples/hiperfifo.c +++ b/docs/examples/hiperfifo.c @@ -88,7 +88,6 @@ struct GlobalInfo { int stopped; }; - /* Information associated with a specific easy handle */ struct ConnInfo { CURL *easy; @@ -97,7 +96,6 @@ struct ConnInfo { char error[CURL_ERROR_SIZE]; }; - /* Information associated with a specific socket */ struct SockInfo { curl_socket_t sockfd; @@ -134,7 +132,6 @@ static void mcode_or_die(const char *where, CURLMcode code) } } - /* Update the event timer after curl_multi library calls */ static int multi_timer_cb(CURLM *multi, long timeout_ms, struct GlobalInfo *g) { @@ -158,7 +155,6 @@ static int multi_timer_cb(CURLM *multi, long timeout_ms, struct GlobalInfo *g) return 0; } - /* Check for completed transfers, and remove their easy handles */ static void check_multi_info(struct GlobalInfo *g) { @@ -187,7 +183,6 @@ static void check_multi_info(struct GlobalInfo *g) event_base_loopbreak(g->evbase); } - /* Called by libevent when we get action on a multi socket */ static void event_cb(int fd, short kind, void *userp) { @@ -210,7 +205,6 @@ static void event_cb(int fd, short kind, void *userp) } } - /* Called by libevent when our timeout expires */ static void timer_cb(int fd, short kind, void *userp) { @@ -225,7 +219,6 @@ static void timer_cb(int fd, short kind, void *userp) check_multi_info(g); } - /* Clean up the SockInfo structure */ static void remsock(struct SockInfo *f) { @@ -237,7 +230,6 @@ static void remsock(struct SockInfo *f) } } - /* Assign information to a SockInfo structure */ static void setsock(struct SockInfo *f, curl_socket_t s, CURL *e, int act, struct GlobalInfo *g) @@ -256,7 +248,6 @@ static void setsock(struct SockInfo *f, curl_socket_t s, CURL *e, int act, event_add(&f->ev, NULL); } - /* Initialize a new SockInfo structure */ static void addsock(curl_socket_t s, CURL *easy, int action, struct GlobalInfo *g) @@ -296,7 +287,6 @@ static int sock_cb(CURL *e, curl_socket_t s, int what, void *cbp, void *sockp) return 0; } - /* CURLOPT_WRITEFUNCTION */ static size_t write_cb(void *ptr, size_t size, size_t nmemb, void *data) { @@ -305,7 +295,6 @@ static size_t write_cb(void *ptr, size_t size, size_t nmemb, void *data) return size * nmemb; } - /* CURLOPT_PROGRESSFUNCTION */ static int xferinfo_cb(void *p, curl_off_t dltotal, curl_off_t dlnow, curl_off_t ult, curl_off_t uln) @@ -319,7 +308,6 @@ static int xferinfo_cb(void *p, curl_off_t dltotal, curl_off_t dlnow, return 0; } - /* Create a new easy handle, and add it to the global curl_multi */ static void new_conn(const char *url, struct GlobalInfo *g) { diff --git a/lib/ftp.c b/lib/ftp.c index 29c2f789a3..6c710dceb9 100644 --- a/lib/ftp.c +++ b/lib/ftp.c @@ -430,6 +430,7 @@ static const struct Curl_cwtype ftp_cw_lc = { }; #endif /* CURL_PREFER_LF_LINEENDS */ + /*********************************************************************** * * ftp_check_ctrl_on_data_wait() @@ -629,7 +630,6 @@ static CURLcode ftp_readresp(struct Curl_easy *data, * from a server after a command. * */ - CURLcode Curl_GetFTPResponse(struct Curl_easy *data, ssize_t *nreadp, /* return number of bytes read */ int *ftpcodep) /* return the ftp-code */ @@ -3494,7 +3494,6 @@ static CURLcode ftp_done(struct Curl_easy *data, CURLcode status, * * BLOCKING */ - static CURLcode ftp_sendquote(struct Curl_easy *data, struct ftp_conn *ftpc, @@ -3617,7 +3616,6 @@ ftp_pasv_verbose(struct Curl_easy *data, * (which basically is only for when PASV is being sent to retry a failed * EPSV). */ - static CURLcode ftp_do_more(struct Curl_easy *data, int *completep) { struct connectdata *conn = data->conn; @@ -3781,7 +3779,6 @@ static CURLcode ftp_do_more(struct Curl_easy *data, int *completep) * This is the actual DO function for FTP. Get a file/directory according to * the options previously setup. */ - static CURLcode ftp_perform(struct Curl_easy *data, struct ftp_conn *ftpc, diff --git a/lib/md4.c b/lib/md4.c index b9c98d6c4a..b30881213e 100644 --- a/lib/md4.c +++ b/lib/md4.c @@ -342,7 +342,7 @@ static const void *my_md4_body(MD4_CTX *ctx, saved_c = c; saved_d = d; -/* Round 1 */ + /* Round 1 */ MD4_STEP(MD4_F, a, b, c, d, MD4_SET(0), 3) MD4_STEP(MD4_F, d, a, b, c, MD4_SET(1), 7) MD4_STEP(MD4_F, c, d, a, b, MD4_SET(2), 11) @@ -360,7 +360,7 @@ static const void *my_md4_body(MD4_CTX *ctx, MD4_STEP(MD4_F, c, d, a, b, MD4_SET(14), 11) MD4_STEP(MD4_F, b, c, d, a, MD4_SET(15), 19) -/* Round 2 */ + /* Round 2 */ MD4_STEP(MD4_G, a, b, c, d, MD4_GET(0) + 0x5a827999, 3) MD4_STEP(MD4_G, d, a, b, c, MD4_GET(4) + 0x5a827999, 5) MD4_STEP(MD4_G, c, d, a, b, MD4_GET(8) + 0x5a827999, 9) @@ -378,7 +378,7 @@ static const void *my_md4_body(MD4_CTX *ctx, MD4_STEP(MD4_G, c, d, a, b, MD4_GET(11) + 0x5a827999, 9) MD4_STEP(MD4_G, b, c, d, a, MD4_GET(15) + 0x5a827999, 13) -/* Round 3 */ + /* Round 3 */ MD4_STEP(MD4_H, a, b, c, d, MD4_GET(0) + 0x6ed9eba1, 3) MD4_STEP(MD4_H, d, a, b, c, MD4_GET(8) + 0x6ed9eba1, 9) MD4_STEP(MD4_H, c, d, a, b, MD4_GET(4) + 0x6ed9eba1, 11) diff --git a/lib/md5.c b/lib/md5.c index 625670965a..e5cc4088da 100644 --- a/lib/md5.c +++ b/lib/md5.c @@ -382,7 +382,7 @@ static const void *my_md5_body(my_md5_ctx *ctx, saved_c = c; saved_d = d; -/* Round 1 */ + /* Round 1 */ MD5_STEP(MD5_F, a, b, c, d, MD5_SET(0), 0xd76aa478, 7) MD5_STEP(MD5_F, d, a, b, c, MD5_SET(1), 0xe8c7b756, 12) MD5_STEP(MD5_F, c, d, a, b, MD5_SET(2), 0x242070db, 17) @@ -400,7 +400,7 @@ static const void *my_md5_body(my_md5_ctx *ctx, MD5_STEP(MD5_F, c, d, a, b, MD5_SET(14), 0xa679438e, 17) MD5_STEP(MD5_F, b, c, d, a, MD5_SET(15), 0x49b40821, 22) -/* Round 2 */ + /* Round 2 */ MD5_STEP(MD5_G, a, b, c, d, MD5_GET(1), 0xf61e2562, 5) MD5_STEP(MD5_G, d, a, b, c, MD5_GET(6), 0xc040b340, 9) MD5_STEP(MD5_G, c, d, a, b, MD5_GET(11), 0x265e5a51, 14) @@ -418,7 +418,7 @@ static const void *my_md5_body(my_md5_ctx *ctx, MD5_STEP(MD5_G, c, d, a, b, MD5_GET(7), 0x676f02d9, 14) MD5_STEP(MD5_G, b, c, d, a, MD5_GET(12), 0x8d2a4c8a, 20) -/* Round 3 */ + /* Round 3 */ MD5_STEP(MD5_H, a, b, c, d, MD5_GET(5), 0xfffa3942, 4) MD5_STEP(MD5_H2, d, a, b, c, MD5_GET(8), 0x8771f681, 11) MD5_STEP(MD5_H, c, d, a, b, MD5_GET(11), 0x6d9d6122, 16) @@ -436,7 +436,7 @@ static const void *my_md5_body(my_md5_ctx *ctx, MD5_STEP(MD5_H, c, d, a, b, MD5_GET(15), 0x1fa27cf8, 16) MD5_STEP(MD5_H2, b, c, d, a, MD5_GET(2), 0xc4ac5665, 23) -/* Round 4 */ + /* Round 4 */ MD5_STEP(MD5_I, a, b, c, d, MD5_GET(0), 0xf4292244, 6) MD5_STEP(MD5_I, d, a, b, c, MD5_GET(7), 0x432aff97, 10) MD5_STEP(MD5_I, c, d, a, b, MD5_GET(14), 0xab9423a7, 15) diff --git a/lib/memdebug.c b/lib/memdebug.c index c1121713ea..0d8d39603c 100644 --- a/lib/memdebug.c +++ b/lib/memdebug.c @@ -321,9 +321,9 @@ curl_socket_t curl_dbg_socket(int domain, int type, int protocol, } SEND_TYPE_RETV curl_dbg_send(SEND_TYPE_ARG1 sockfd, - SEND_QUAL_ARG2 SEND_TYPE_ARG2 buf, - SEND_TYPE_ARG3 len, SEND_TYPE_ARG4 flags, int line, - const char *source) + SEND_QUAL_ARG2 SEND_TYPE_ARG2 buf, + SEND_TYPE_ARG3 len, SEND_TYPE_ARG4 flags, + int line, const char *source) { SEND_TYPE_RETV rc; if(countcheck("send", line, source)) @@ -336,8 +336,8 @@ SEND_TYPE_RETV curl_dbg_send(SEND_TYPE_ARG1 sockfd, } RECV_TYPE_RETV curl_dbg_recv(RECV_TYPE_ARG1 sockfd, RECV_TYPE_ARG2 buf, - RECV_TYPE_ARG3 len, RECV_TYPE_ARG4 flags, int line, - const char *source) + RECV_TYPE_ARG3 len, RECV_TYPE_ARG4 flags, + int line, const char *source) { RECV_TYPE_RETV rc; if(countcheck("recv", line, source)) diff --git a/lib/url.c b/lib/url.c index 283da6d68b..29702296a9 100644 --- a/lib/url.c +++ b/lib/url.c @@ -361,9 +361,9 @@ CURLcode Curl_init_userdefined(struct Curl_easy *data) struct UserDefined *set = &data->set; CURLcode result = CURLE_OK; - set->out = stdout; /* default output to stdout */ + set->out = stdout; /* default output to stdout */ set->in_set = stdin; /* default input from stdin */ - set->err = stderr; /* default stderr to stderr */ + set->err = stderr; /* default stderr to stderr */ /* use fwrite as default function to store output */ set->fwrite_func = (curl_write_callback)fwrite; diff --git a/lib/vauth/digest_sspi.c b/lib/vauth/digest_sspi.c index c74b8f8653..861c4e1cb9 100644 --- a/lib/vauth/digest_sspi.c +++ b/lib/vauth/digest_sspi.c @@ -195,9 +195,9 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data, /* Generate our response message */ status = Curl_pSecFn->InitializeSecurityContext(&credentials, NULL, spn, - 0, 0, 0, &chlg_desc, 0, - &context, &resp_desc, &attrs, - &expiry); + 0, 0, 0, &chlg_desc, 0, + &context, &resp_desc, &attrs, + &expiry); if(status == SEC_I_COMPLETE_NEEDED || status == SEC_I_COMPLETE_AND_CONTINUE) @@ -591,11 +591,11 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data, /* Generate our response message */ status = Curl_pSecFn->InitializeSecurityContext(&credentials, NULL, - spn, - ISC_REQ_USE_HTTP_STYLE, 0, 0, - &chlg_desc, 0, - digest->http_context, - &resp_desc, &attrs, &expiry); + spn, + ISC_REQ_USE_HTTP_STYLE, 0, 0, + &chlg_desc, 0, + digest->http_context, + &resp_desc, &attrs, &expiry); curlx_unicodefree(spn); if(status == SEC_I_COMPLETE_NEEDED || diff --git a/lib/vauth/krb5_sspi.c b/lib/vauth/krb5_sspi.c index ea26f82750..6595ab977a 100644 --- a/lib/vauth/krb5_sspi.c +++ b/lib/vauth/krb5_sspi.c @@ -282,8 +282,8 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data, /* Get our response size information */ status = Curl_pSecFn->QueryContextAttributes(krb5->context, - SECPKG_ATTR_SIZES, - &sizes); + SECPKG_ATTR_SIZES, + &sizes); if(status == SEC_E_INSUFFICIENT_MEMORY) return CURLE_OUT_OF_MEMORY; @@ -392,7 +392,7 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data, /* Encrypt the data */ status = Curl_pSecFn->EncryptMessage(krb5->context, KERB_WRAP_NO_ENCRYPT, - &wrap_desc, 0); + &wrap_desc, 0); if(status != SEC_E_OK) { free(padding); free(message); diff --git a/lib/vauth/ntlm_sspi.c b/lib/vauth/ntlm_sspi.c index d45e2db38e..101eb8abd3 100644 --- a/lib/vauth/ntlm_sspi.c +++ b/lib/vauth/ntlm_sspi.c @@ -170,11 +170,11 @@ CURLcode Curl_auth_create_ntlm_type1_message(struct Curl_easy *data, /* Generate our type-1 message */ status = Curl_pSecFn->InitializeSecurityContext(ntlm->credentials, NULL, - ntlm->spn, - 0, 0, SECURITY_NETWORK_DREP, - NULL, 0, - ntlm->context, &type_1_desc, - &attrs, &expiry); + ntlm->spn, + 0, 0, SECURITY_NETWORK_DREP, + NULL, 0, + ntlm->context, &type_1_desc, + &attrs, &expiry); if(status == SEC_I_COMPLETE_NEEDED || status == SEC_I_COMPLETE_AND_CONTINUE) Curl_pSecFn->CompleteAuthToken(ntlm->context, &type_1_desc); @@ -308,13 +308,13 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data, /* Generate our type-3 message */ status = Curl_pSecFn->InitializeSecurityContext(ntlm->credentials, - ntlm->context, - ntlm->spn, - 0, 0, SECURITY_NETWORK_DREP, - &type_2_desc, - 0, ntlm->context, - &type_3_desc, - &attrs, &expiry); + ntlm->context, + ntlm->spn, + 0, 0, SECURITY_NETWORK_DREP, + &type_2_desc, + 0, ntlm->context, + &type_3_desc, + &attrs, &expiry); if(status != SEC_E_OK) { infof(data, "NTLM handshake failure (type-3 message): Status=%lx", status); diff --git a/lib/vauth/spnego_sspi.c b/lib/vauth/spnego_sspi.c index 9c48125261..af3a9c9798 100644 --- a/lib/vauth/spnego_sspi.c +++ b/lib/vauth/spnego_sspi.c @@ -270,7 +270,7 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data, if(nego->status == SEC_I_COMPLETE_NEEDED || nego->status == SEC_I_COMPLETE_AND_CONTINUE) { nego->status = (DWORD)Curl_pSecFn->CompleteAuthToken(nego->context, - &resp_desc); + &resp_desc); if(GSS_ERROR(nego->status)) { char buffer[STRERROR_LEN]; failf(data, "CompleteAuthToken failed: %s", @@ -308,7 +308,7 @@ CURLcode Curl_auth_create_spnego_message(struct negotiatedata *nego, char **outptr, size_t *outlen) { /* Base64 encode the already generated response */ - CURLcode result = curlx_base64_encode((const char *) nego->output_token, + CURLcode result = curlx_base64_encode((const char *)nego->output_token, nego->output_token_length, outptr, outlen); if(!result && (!*outptr || !*outlen)) { diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index 3f7c58d08a..4191924b5a 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -2433,9 +2433,7 @@ static CURLcode cf_connect_start(struct Curl_cfilter *cf, CURLcode result; const struct Curl_sockaddr_ex *sockaddr = NULL; int qfd; -static const struct alpn_spec ALPN_SPEC_H3 = { - { "h3", "h3-29" }, 2 -}; + static const struct alpn_spec ALPN_SPEC_H3 = {{ "h3", "h3-29" }, 2}; DEBUGASSERT(ctx->initialized); ctx->dcid.datalen = NGTCP2_MAX_CIDLEN; diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c index 3586ad0d55..e82cbf2a3e 100644 --- a/lib/vquic/curl_osslq.c +++ b/lib/vquic/curl_osslq.c @@ -1161,9 +1161,7 @@ static CURLcode cf_osslq_ctx_start(struct Curl_cfilter *cf, const struct Curl_sockaddr_ex *peer_addr = NULL; BIO *bio = NULL; BIO_ADDR *baddr = NULL; -static const struct alpn_spec ALPN_SPEC_H3 = { - { "h3" }, 1 -}; + static const struct alpn_spec ALPN_SPEC_H3 = {{ "h3" }, 1}; DEBUGASSERT(ctx->initialized); diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c index 179ccf8aa1..8f0535d65d 100644 --- a/lib/vquic/curl_quiche.c +++ b/lib/vquic/curl_quiche.c @@ -1256,9 +1256,7 @@ static CURLcode cf_quiche_ctx_open(struct Curl_cfilter *cf, int rv; CURLcode result; const struct Curl_sockaddr_ex *sockaddr; -static const struct alpn_spec ALPN_SPEC_H3 = { - { "h3" }, 1 -}; + static const struct alpn_spec ALPN_SPEC_H3 = {{ "h3" }, 1}; DEBUGASSERT(ctx->q.sockfd != CURL_SOCKET_BAD); DEBUGASSERT(ctx->initialized); diff --git a/lib/ws.c b/lib/ws.c index 3b65428160..00fdeb3e97 100644 --- a/lib/ws.c +++ b/lib/ws.c @@ -1876,7 +1876,7 @@ CURL_EXTERN CURLcode curl_ws_start_frame(CURL *d, result = ws_enc_write_head(data, ws, &ws->enc, flags, frame_len, &ws->sendbuf); if(result) - CURL_TRC_WS(data, "curl_start_frame(), error adding frame head %d", + CURL_TRC_WS(data, "curl_start_frame(), error adding frame head %d", result); out: diff --git a/scripts/checksrc.pl b/scripts/checksrc.pl index 43b8195537..574e03c13b 100755 --- a/scripts/checksrc.pl +++ b/scripts/checksrc.pl @@ -936,7 +936,6 @@ sub scanfile { my $diff = $second - $first; checkwarn("INDENTATION", $line, length($1), $file, $ol, "not indented $indent steps (uses $diff)"); - } } } diff --git a/src/terminal.c b/src/terminal.c index 0150cd4a56..014e2df8c0 100644 --- a/src/terminal.c +++ b/src/terminal.c @@ -66,7 +66,7 @@ unsigned int get_terminal_columns(void) cols = (int)ts.ws_col; #elif defined(_WIN32) && !defined(CURL_WINDOWS_UWP) && !defined(UNDER_CE) { - HANDLE stderr_hnd = GetStdHandle(STD_ERROR_HANDLE); + HANDLE stderr_hnd = GetStdHandle(STD_ERROR_HANDLE); CONSOLE_SCREEN_BUFFER_INFO console_info; if((stderr_hnd != INVALID_HANDLE_VALUE) && diff --git a/tests/data/test1634 b/tests/data/test1634 index ad25634840..ee7a50871a 100644 --- a/tests/data/test1634 +++ b/tests/data/test1634 @@ -48,7 +48,7 @@ http --retry with a 429 response and Retry-After: and --fail -http://%HOSTIP:%HTTPPORT/%TESTNUMBER --retry 1 --fail +http://%HOSTIP:%HTTPPORT/%TESTNUMBER --retry 1 --fail diff --git a/tests/data/test1635 b/tests/data/test1635 index 399846c004..751d46232c 100644 --- a/tests/data/test1635 +++ b/tests/data/test1635 @@ -37,7 +37,7 @@ http --retry with a 429 response and Retry-After: and --fail-with-body -http://%HOSTIP:%HTTPPORT/%TESTNUMBER --retry 1 --fail-with-body +http://%HOSTIP:%HTTPPORT/%TESTNUMBER --retry 1 --fail-with-body diff --git a/tests/data/test612 b/tests/data/test612 index 7ab5c80d65..8994961466 100644 --- a/tests/data/test612 +++ b/tests/data/test612 @@ -24,7 +24,7 @@ sftp SFTP post-quote remove file ---key %LOGDIR/server/curl_client_key --pubkey %LOGDIR/server/curl_client_key.pub -u %USER: -T %LOGDIR/file%TESTNUMBER.txt -Q "-rm %SFTP_PWD/%LOGDIR/upload.%TESTNUMBER" sftp://%HOSTIP:%SSHPORT%SFTP_PWD/%LOGDIR/upload.%TESTNUMBER --insecure +--key %LOGDIR/server/curl_client_key --pubkey %LOGDIR/server/curl_client_key.pub -u %USER: -T %LOGDIR/file%TESTNUMBER.txt -Q "-rm %SFTP_PWD/%LOGDIR/upload.%TESTNUMBER" sftp://%HOSTIP:%SSHPORT%SFTP_PWD/%LOGDIR/upload.%TESTNUMBER --insecure Dummy test file for remove test diff --git a/tests/unit/unit1304.c b/tests/unit/unit1304.c index 250a2ee3f6..041ce42691 100644 --- a/tests/unit/unit1304.c +++ b/tests/unit/unit1304.c @@ -159,8 +159,8 @@ static CURLcode test_unit1304(const char *arg) * with login[0] != 0. */ free(password); - free(login); password = NULL; + free(login); login = NULL; Curl_netrc_init(&store); result = Curl_parsenetrc(&store, From ac24e0a80e80f7a5f06aacd4696b185856fdb3ec Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 15 Sep 2025 15:21:30 +0200 Subject: [PATCH 0035/2408] GHA/codeql: tidy up config names Before this patch there was a single C config detected, named `build:`. Closes #18555 --- .github/workflows/codeql.yml | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index e335409595..8d23d6bac2 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -41,7 +41,7 @@ concurrency: permissions: {} jobs: - codeql: + gha_python: name: 'GHA and Python' runs-on: ubuntu-latest permissions: @@ -61,23 +61,19 @@ jobs: uses: github/codeql-action/analyze@192325c86100d080feab897ff886c34abd4c83a3 # v3 c: - name: 'C (${{ matrix.build.name }})' - runs-on: ${{ matrix.build.image }} + name: 'C' + runs-on: ${{ matrix.platform == 'Linux' && 'ubuntu-latest' || 'windows-2022' }} permissions: security-events: write # To create/update security events strategy: fail-fast: false matrix: - build: - - name: 'Linux' - image: ubuntu-latest - - name: 'Windows' - image: windows-2022 + platform: [Linux, Windows] env: - MATRIX_IMAGE: '${{ matrix.build.image }}' + MATRIX_PLATFORM: '${{ matrix.platform }}' steps: - name: 'install prereqs' - if: ${{ contains(matrix.build.image, 'ubuntu') }} + if: ${{ matrix.platform == 'Linux' }} timeout-minutes: 5 run: | sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list @@ -99,7 +95,7 @@ jobs: timeout-minutes: 10 shell: bash run: | - if [[ "${MATRIX_IMAGE}" = *'windows'* ]]; then + if [ "${MATRIX_PLATFORM}" = 'Windows' ]; then cmake -B . -DBUILD_SHARED_LIBS=OFF \ -DCMAKE_VS_GLOBALS=TrackFileAccess=false \ -DCURL_USE_SCHANNEL=ON -DCURL_USE_LIBPSL=OFF -DUSE_WIN32_IDN=ON From 56d3bb78bedf200ac093b0ec8f75845b3f7cbb7d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 15 Sep 2025 14:56:28 +0000 Subject: [PATCH 0036/2408] GHA: bump actions/checkout from 4.2.2 to 5.0.0 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.2 to 5.0.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4.2.2...08c6903cd8c0fde910a37f88322edcfb5dd907a8) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Closes #18556 --- .github/workflows/codeql.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 8d23d6bac2..9993d92cac 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -47,7 +47,7 @@ jobs: permissions: security-events: write # To create/update security events steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v4 with: persist-credentials: false @@ -81,7 +81,7 @@ jobs: sudo rm -f /var/lib/man-db/auto-update sudo apt-get -o Dpkg::Use-Pty=0 install libpsl-dev libbrotli-dev libidn2-dev libssh2-1-dev libnghttp2-dev libldap-dev - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v4 with: persist-credentials: false From 98d5321530e498d66756c1e2b2ef449b8cfc762c Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 15 Sep 2025 12:00:44 +0000 Subject: [PATCH 0037/2408] GHA: Update nghttp2/nghttp2 to v1.67.1 Closes #18552 --- .github/workflows/http3-linux.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index 195437182f..2fe8b8cdbb 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -60,7 +60,7 @@ env: # renovate: datasource=github-tags depName=ngtcp2/ngtcp2 versioning=semver registryUrl=https://github.com NGTCP2_VERSION: 1.15.1 # renovate: datasource=github-tags depName=nghttp2/nghttp2 versioning=semver registryUrl=https://github.com - NGHTTP2_VERSION: 1.67.0 + NGHTTP2_VERSION: 1.67.1 # renovate: datasource=github-tags depName=cloudflare/quiche versioning=semver registryUrl=https://github.com QUICHE_VERSION: 0.24.6 From af7d67d3c03329116e593d999851d2cc3ebbf119 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 16 Sep 2025 10:27:42 +0200 Subject: [PATCH 0038/2408] krb5: return appropriate error on send failures Closes #18561 --- lib/krb5.c | 46 ++++++++++++++++++++++++++-------------------- 1 file changed, 26 insertions(+), 20 deletions(-) diff --git a/lib/krb5.c b/lib/krb5.c index 563d724bbb..b041d2f227 100644 --- a/lib/krb5.c +++ b/lib/krb5.c @@ -620,16 +620,16 @@ static CURLcode sec_recv(struct Curl_easy *data, int sockindex, /* Send |length| bytes from |from| to the |sockindex| socket taking care of encoding and negotiating with the server. |from| can be NULL. */ -static void do_sec_send(struct Curl_easy *data, struct connectdata *conn, - int sockindex, const char *from, size_t length) +static CURLcode do_sec_send(struct Curl_easy *data, struct connectdata *conn, + int sockindex, const char *from, size_t length) { int bytes, htonl_bytes; /* 32-bit integers for htonl */ char *buffer = NULL; char *cmd_buffer; size_t cmd_size = 0; - CURLcode error; enum protection_level prot_level = conn->data_prot; bool iscmd = (prot_level == PROT_CMD); + CURLcode result = CURLE_OK; DEBUGASSERT(prot_level > PROT_NONE && prot_level < PROT_LAST); @@ -642,36 +642,40 @@ static void do_sec_send(struct Curl_easy *data, struct connectdata *conn, bytes = conn->mech->encode(conn->app_data, from, (int)length, (int)prot_level, (void **)&buffer); if(!buffer || bytes <= 0) - return; /* error */ + return CURLE_OUT_OF_MEMORY; /* error */ if(iscmd) { - error = curlx_base64_encode(buffer, curlx_sitouz(bytes), - &cmd_buffer, &cmd_size); - if(error) { + result = curlx_base64_encode(buffer, curlx_sitouz(bytes), + &cmd_buffer, &cmd_size); + if(result) { free(buffer); - return; /* error */ + return result; /* error */ } if(cmd_size > 0) { static const char *enc = "ENC "; static const char *mic = "MIC "; if(prot_level == PROT_PRIVATE) - socket_write(data, sockindex, enc, 4); + result = socket_write(data, sockindex, enc, 4); else - socket_write(data, sockindex, mic, 4); - - socket_write(data, sockindex, cmd_buffer, cmd_size); - socket_write(data, sockindex, "\r\n", 2); - infof(data, "Send: %s%s", prot_level == PROT_PRIVATE ? enc : mic, - cmd_buffer); - free(cmd_buffer); + result = socket_write(data, sockindex, mic, 4); + if(!result) + result = socket_write(data, sockindex, cmd_buffer, cmd_size); + if(!result) + result = socket_write(data, sockindex, "\r\n", 2); + if(!result) + infof(data, "Send: %s%s", prot_level == PROT_PRIVATE ? enc : mic, + cmd_buffer); } + free(cmd_buffer); } else { htonl_bytes = (int)htonl((OM_uint32)bytes); - socket_write(data, sockindex, &htonl_bytes, sizeof(htonl_bytes)); - socket_write(data, sockindex, buffer, curlx_sitouz(bytes)); + result = socket_write(data, sockindex, &htonl_bytes, sizeof(htonl_bytes)); + if(!result) + result = socket_write(data, sockindex, buffer, curlx_sitouz(bytes)); } free(buffer); + return result; } static CURLcode sec_write(struct Curl_easy *data, int sockindex, @@ -685,11 +689,13 @@ static CURLcode sec_write(struct Curl_easy *data, int sockindex, if(len <= 0) len = length; while(length) { + CURLcode result; if(length < len) len = length; - /* WTF: this ignores all errors writing to the socket */ - do_sec_send(data, conn, sockindex, buffer, len); + result = do_sec_send(data, conn, sockindex, buffer, len); + if(result) + return result; length -= len; buffer += len; *pnwritten += len; From a333fd4411b95fc0c3061b2d675de9287b6123e0 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 15 Sep 2025 21:03:52 +0200 Subject: [PATCH 0039/2408] GHA/codeql: enable more build options, build servers and tunits - add HTTP/3 build with OpenSSL 3.5, nghttp3 and ngtcp2. - enable GSASL, Heimdal, rtmp, SSLS-export. - make one build MultiSSL with GnuTLS, mbedTLS, Rustls, wolfSSL. - build servers (also on Windows), and tunits. - use Linuxbrew to install build dependencies missing from Ubuntu. Coverage is now 466 C files. (was: 446) Closes #18557 --- .github/workflows/codeql.yml | 28 ++++++++++++++++++++++++---- 1 file changed, 24 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 9993d92cac..5ff3434442 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -79,7 +79,9 @@ jobs: sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list sudo apt-get -o Dpkg::Use-Pty=0 update sudo rm -f /var/lib/man-db/auto-update - sudo apt-get -o Dpkg::Use-Pty=0 install libpsl-dev libbrotli-dev libidn2-dev libssh2-1-dev libnghttp2-dev libldap-dev + sudo apt-get -o Dpkg::Use-Pty=0 install libpsl-dev libbrotli-dev libidn2-dev libssh2-1-dev \ + libnghttp2-dev libldap-dev heimdal-dev librtmp-dev libgnutls28-dev libwolfssl-dev + /home/linuxbrew/.linuxbrew/bin/brew install gsasl libnghttp3 libngtcp2 mbedtls rustls-ffi - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v4 with: @@ -102,9 +104,27 @@ jobs: cmake --build . --verbose src/Debug/curl.exe --disable --version else - cmake -B . -G Ninja - cmake --build . --verbose - src/curl --disable --version + eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)" + + # MultiSSL + export PKG_CONFIG_PATH; PKG_CONFIG_PATH="$(brew --prefix mbedtls)/lib/pkgconfig:$(brew --prefix rustls-ffi)/lib/pkgconfig:$(brew --prefix gsasl)/lib/pkgconfig" + cmake -B _bld1 -G Ninja \ + -DCURL_USE_GNUTLS=ON -DCURL_USE_MBEDTLS=ON -DCURL_USE_RUSTLS=ON -DCURL_USE_WOLFSSL=ON \ + -DUSE_LIBRTMP=ON -DCURL_USE_GSASL=ON -DCURL_USE_GSSAPI=ON -DUSE_SSLS_EXPORT=ON + cmake --build _bld1 --verbose + cmake --build _bld1 --verbose --target servers + cmake --build _bld1 --verbose --target tunits + + # HTTP/3 + export PKG_CONFIG_PATH; PKG_CONFIG_PATH="$(brew --prefix libnghttp3)/lib/pkgconfig:$(brew --prefix libngtcp2)/lib/pkgconfig:$(brew --prefix gsasl)/lib/pkgconfig" + cmake -B _bld2 -G Ninja \ + -DCURL_USE_OPENSSL=ON -DOPENSSL_ROOT_DIR="$(brew --prefix openssl)" -DUSE_NGTCP2=ON \ + -DUSE_LIBRTMP=ON -DCURL_USE_GSASL=ON -DCURL_USE_GSSAPI=ON -DUSE_SSLS_EXPORT=ON + cmake --build _bld2 --verbose + cmake --build _bld2 --verbose --target servers + + _bld1/src/curl --disable --version + _bld2/src/curl --disable --version fi - name: 'perform analysis' From f6ddc1fc1e25ff8ea866f90942719af898d0ef0c Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 15 Sep 2025 15:01:54 +0200 Subject: [PATCH 0040/2408] Makefile.example: simplify and make it configurable - build in a single step. - allow overriding all variables: source, target, compiler, libpaths, libs, flags. Example: ```shell LIBS= LDFLAGS= SRC=altsvc.c make -f Makefile.example ``` Closes #18554 --- docs/examples/Makefile.example | 37 +++++++++++++++------------------- 1 file changed, 16 insertions(+), 21 deletions(-) diff --git a/docs/examples/Makefile.example b/docs/examples/Makefile.example index 9738e94bb8..f2994e73e1 100644 --- a/docs/examples/Makefile.example +++ b/docs/examples/Makefile.example @@ -22,34 +22,29 @@ # ########################################################################### -# What to call the final executable -TARGET = example +SRC ?= ftpget.c -# Which object files that the executable consists of -OBJS = ftpget.o +# What to call the final executable +TARGET ?= example # What compiler to use -CC = gcc +CC ?= gcc -# Compiler flags, -g for debug, -c to make an object file -CFLAGS = -c -g +# Compiler flags, -g for debug +CFLAGS ?= -g -# This should point to a directory that holds libcurl, if it is not -# in the system's standard lib dir -# We also set a -L to include the directory where we have the OpenSSL -# libraries -LDFLAGS = -L/home/dast/lib -L/usr/local/ssl/lib +# This should point to a directory that holds libcurl, if it is not in the +# system's standard lib dir +# We also set a -L to include the directory where we have the OpenSSL libraries +LDFLAGS ?= -L/home/dast/lib -L/usr/local/ssl/lib -# We need -lcurl for the curl stuff # We need -lsocket and -lnsl when on Solaris -# We need -lssl and -lcrypto when using libcurl with SSL support +# We need -lssl and -lcrypto when using libcurl with TLS support # We need -lpthread for the pthread example -LIBS = -lcurl -lsocket -lnsl -lssl -lcrypto +LIBS ?= -lsocket -lnsl -lssl -lcrypto +# We need -lcurl for the curl stuff +LIBS := -lcurl $(LIBS) # Link the target with all objects and libraries -$(TARGET) : $(OBJS) - $(CC) -o $(TARGET) $(OBJS) $(LDFLAGS) $(LIBS) - -# Compile the source files into object files -ftpget.o : ftpget.c - $(CC) $(CFLAGS) $< +$(TARGET) : $(SRC) + $(CC) -o $(TARGET) $(CFLAGS) $(LDFLAGS) $(LIBS) $< From 619307feb09fb48feb9a24bbe5655dfcc8f17a3a Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 16 Sep 2025 10:49:14 +0200 Subject: [PATCH 0041/2408] cmake: fix building docs when the base directory contains `.3` Fixing: ``` ninja: error: '<...>/basedir.md/_bld/docs/libcurl/libcurl-symbols.md', needed by 'docs/libcurl/curl_easy_cleanup.3', missing and no known rule to make it ``` Reported-by: Nir Azkiel Fixes #18560 Follow-up to 898b012a9bf388590c4be7f526815b5ab74feca1 #1288 Closes #18563 --- docs/libcurl/CMakeLists.txt | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/docs/libcurl/CMakeLists.txt b/docs/libcurl/CMakeLists.txt index 2102dd8ee3..bee1021f72 100644 --- a/docs/libcurl/CMakeLists.txt +++ b/docs/libcurl/CMakeLists.txt @@ -52,11 +52,9 @@ function(curl_add_manual_pages _listname) endif() list(APPEND _rofffiles "${CMAKE_CURRENT_BINARY_DIR}/${_file}") - if(_file STREQUAL "libcurl-symbols.3") - # Special case, an auto-generated file. - string(REPLACE ".3" ".md" _mdfile "${CMAKE_CURRENT_BINARY_DIR}/${_file}") - else() - string(REPLACE ".3" ".md" _mdfile "${_file}") + string(REPLACE ".3" ".md" _mdfile "${_file}") + if(_file STREQUAL "libcurl-symbols.3") # Special case for auto-generated file + set(_mdfile "${CMAKE_CURRENT_BINARY_DIR}/${_mdfile}") endif() list(APPEND _mdfiles "${_mdfile}") endforeach() From ea752b575c6ee984fb2a4d16a9dbf0d4f1e26282 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 16 Sep 2025 12:47:27 +0200 Subject: [PATCH 0042/2408] sws: fix checking `sscanf()` return value Closes #18565 --- tests/server/sws.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/server/sws.c b/tests/server/sws.c index 2b94e52938..a512a7a31e 100644 --- a/tests/server/sws.c +++ b/tests/server/sws.c @@ -330,7 +330,7 @@ static int sws_ProcessRequest(struct sws_httprequest *req) size_t npath = 0; /* httppath length */ if(sscanf(line, - "%" REQUEST_KEYWORD_SIZE_TXT"s ", request)) { + "%" REQUEST_KEYWORD_SIZE_TXT"s ", request) == 1) { http = strstr(line + strlen(request), "HTTP/"); if(http && sscanf(http, "HTTP/%d.%d", From ff8dfd315c155960836105ad719185c3b4d547bd Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Tue, 16 Sep 2025 15:49:58 +0200 Subject: [PATCH 0043/2408] aws-lc: re-enable large read-ahead with v1.61.0 again AWS-LC fixed a bug with large read ahead buffers in v1.61.0. Check a define introduced in that version to enable the large read ahead again. AWS-LC issue: https://github.com/aws/aws-lc/issues/2650 Closes #18568 --- lib/vtls/openssl.c | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 5c22ad25dc..af890b6c57 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -121,14 +121,11 @@ static void ossl_provider_cleanup(struct Curl_easy *data); #endif -/* - * AWS-LC has `SSL_CTX_set_default_read_buffer_len()?` but runs into - * decryption failures with large buffers. Sporadic failures in - * test_10_08 with h2 proxy uploads, increased frequency - * with CURL_DBG_SOCK_RBLOCK=50. Looks like a bug on their part. - */ +/* AWS-LC fixed a bug with large buffers in v1.61.0 which also introduced + * X509_V_ERR_EC_KEY_EXPLICIT_PARAMS. */ #if OPENSSL_VERSION_NUMBER >= 0x10100000L && \ - !defined(LIBRESSL_VERSION_NUMBER) && !defined(HAVE_BORINGSSL_LIKE) + !defined(LIBRESSL_VERSION_NUMBER) && !defined(OPENSSL_IS_BORINGSSL) && \ + (!defined(OPENSSL_IS_AWSLC) || (defined(X509_V_ERR_EC_KEY_EXPLICIT_PARAMS))) #define HAVE_SSL_CTX_SET_DEFAULT_READ_BUFFER_LEN 1 #endif From cdb56c6666e79fff211d91ee88b0c0e9a5a0dd23 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 16 Sep 2025 16:30:08 +0200 Subject: [PATCH 0044/2408] docs/libcurl: clarify some timeout option behavior Closes #18569 --- docs/libcurl/opts/CURLOPT_ACCEPTTIMEOUT_MS.md | 9 +++++++-- docs/libcurl/opts/CURLOPT_FTPPORT.md | 1 + .../libcurl/opts/CURLOPT_SERVER_RESPONSE_TIMEOUT.md | 13 ++++++------- .../opts/CURLOPT_SERVER_RESPONSE_TIMEOUT_MS.md | 10 +++++----- 4 files changed, 19 insertions(+), 14 deletions(-) diff --git a/docs/libcurl/opts/CURLOPT_ACCEPTTIMEOUT_MS.md b/docs/libcurl/opts/CURLOPT_ACCEPTTIMEOUT_MS.md index 8fdbc96632..5dd19a708b 100644 --- a/docs/libcurl/opts/CURLOPT_ACCEPTTIMEOUT_MS.md +++ b/docs/libcurl/opts/CURLOPT_ACCEPTTIMEOUT_MS.md @@ -8,6 +8,7 @@ See-also: - CURLOPT_CONNECTTIMEOUT_MS (3) - CURLOPT_DEBUGFUNCTION (3) - CURLOPT_STDERR (3) + - CURLOPT_FTPPORT (3) Protocol: - FTP Added-in: 7.24.0 @@ -28,7 +29,11 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_ACCEPTTIMEOUT_MS, long ms); # DESCRIPTION Pass a long telling libcurl the maximum number of milliseconds to wait for a -server to connect back to libcurl when an active FTP connection is used. +server to connect back to libcurl when an active FTP connection is used. When +active FTP is used, the client (libcurl) tells the server to do a TCP connect +back to the client, instead of vice versa for passive FTP. + +This option has no purpose for passive FTP. # DEFAULT @@ -45,7 +50,7 @@ int main(void) if(curl) { curl_easy_setopt(curl, CURLOPT_URL, "ftp://example.com/path/file"); - /* wait no more than 5 seconds for FTP server responses */ + /* wait no more than 5 seconds for the FTP server to connect */ curl_easy_setopt(curl, CURLOPT_ACCEPTTIMEOUT_MS, 5000L); curl_easy_perform(curl); diff --git a/docs/libcurl/opts/CURLOPT_FTPPORT.md b/docs/libcurl/opts/CURLOPT_FTPPORT.md index c5eee3c0ac..59e4419512 100644 --- a/docs/libcurl/opts/CURLOPT_FTPPORT.md +++ b/docs/libcurl/opts/CURLOPT_FTPPORT.md @@ -9,6 +9,7 @@ Protocol: See-also: - CURLOPT_FTP_USE_EPRT (3) - CURLOPT_FTP_USE_EPSV (3) + - CURLOPT_ACCEPTTIMEOUT_MS (3) Added-in: 7.1 --- diff --git a/docs/libcurl/opts/CURLOPT_SERVER_RESPONSE_TIMEOUT.md b/docs/libcurl/opts/CURLOPT_SERVER_RESPONSE_TIMEOUT.md index 3d6ba1f9aa..30ae25b42a 100644 --- a/docs/libcurl/opts/CURLOPT_SERVER_RESPONSE_TIMEOUT.md +++ b/docs/libcurl/opts/CURLOPT_SERVER_RESPONSE_TIMEOUT.md @@ -33,13 +33,12 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SERVER_RESPONSE_TIMEOUT, # DESCRIPTION -Pass a long. Causes libcurl to set a *timeout* period (in seconds) on the -amount of time that the server is allowed to take in order to send a response -message for a command before the session is considered dead. While libcurl is -waiting for a response, this value overrides CURLOPT_TIMEOUT(3). It is -recommended that if used in conjunction with CURLOPT_TIMEOUT(3), you set -CURLOPT_SERVER_RESPONSE_TIMEOUT(3) to a value smaller than -CURLOPT_TIMEOUT(3). +Pass a long. It tells libcurl to wait no longer than *timeout* seconds for +responses on sent commands. If no response is received within this period, the +connection is considered dead and the transfer fails. + +It is recommended that if used in conjunction with CURLOPT_TIMEOUT(3), you set +CURLOPT_SERVER_RESPONSE_TIMEOUT(3) to a value smaller than CURLOPT_TIMEOUT(3). This option was formerly known as CURLOPT_FTP_RESPONSE_TIMEOUT. diff --git a/docs/libcurl/opts/CURLOPT_SERVER_RESPONSE_TIMEOUT_MS.md b/docs/libcurl/opts/CURLOPT_SERVER_RESPONSE_TIMEOUT_MS.md index 7acbd105ec..267659cde2 100644 --- a/docs/libcurl/opts/CURLOPT_SERVER_RESPONSE_TIMEOUT_MS.md +++ b/docs/libcurl/opts/CURLOPT_SERVER_RESPONSE_TIMEOUT_MS.md @@ -33,11 +33,11 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SERVER_RESPONSE_TIMEOUT_MS, # DESCRIPTION -Pass a long. Causes libcurl to set a *timeout* period (in milliseconds) on the -amount of time that the server is allowed to take in order to send a response -message for a command before the session is considered dead. While libcurl is -waiting for a response, this value overrides CURLOPT_TIMEOUT(3). It is -recommended that if used in conjunction with CURLOPT_TIMEOUT(3), you set +Pass a long. It tells libcurl to wait no longer than *timeout* milliseconds +for responses on sent commands. If no response is received within this period, +the connection is considered dead and the transfer fails. + +It is recommended that if used in conjunction with CURLOPT_TIMEOUT(3), you set CURLOPT_SERVER_RESPONSE_TIMEOUT_MS(3) to a value smaller than CURLOPT_TIMEOUT(3). From 22ac7f30ad1075295234a8f74f59f9ce9b173b1c Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 16 Sep 2025 12:13:10 +0000 Subject: [PATCH 0045/2408] GHA: update openssl/openssl to v3.5.3 Closes #18566 --- .github/workflows/http3-linux.yml | 2 +- .github/workflows/linux.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index 2fe8b8cdbb..4ad880ddf6 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -42,7 +42,7 @@ env: MAKEFLAGS: -j 5 CURL_CI: github # handled in renovate.json - OPENSSL_VERSION: 3.5.2 + OPENSSL_VERSION: 3.5.3 # handled in renovate.json QUICTLS_VERSION: 3.3.0 # renovate: datasource=github-tags depName=libressl/portable versioning=semver registryUrl=https://github.com diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index ed206ec03c..70a6a259ab 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -52,7 +52,7 @@ env: # renovate: datasource=github-tags depName=google/boringssl versioning=semver registryUrl=https://github.com BORINGSSL_VERSION: 0.20250818.0 # handled in renovate.json - OPENSSL_VERSION: 3.5.2 + OPENSSL_VERSION: 3.5.3 # handled in renovate.json QUICTLS_VERSION: 3.3.0 # renovate: datasource=github-tags depName=rustls/rustls-ffi versioning=semver registryUrl=https://github.com From 3053a3e90f696dc1cfb481c61a2032dcc3b6c15c Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 16 Sep 2025 16:49:54 +0200 Subject: [PATCH 0046/2408] docs/libcurl: use lowercase must To shout less. Use bold in some places. Closes #18570 --- docs/libcurl/opts/CURLINFO_CONTENT_TYPE.md | 4 ++-- docs/libcurl/opts/CURLINFO_EFFECTIVE_METHOD.md | 6 +++--- docs/libcurl/opts/CURLINFO_EFFECTIVE_URL.md | 6 +++--- docs/libcurl/opts/CURLINFO_FTP_ENTRY_PATH.md | 6 +++--- docs/libcurl/opts/CURLINFO_LOCAL_IP.md | 6 +++--- docs/libcurl/opts/CURLINFO_PRIMARY_IP.md | 6 +++--- docs/libcurl/opts/CURLINFO_REFERER.md | 6 +++--- docs/libcurl/opts/CURLINFO_RTSP_SESSION_ID.md | 6 +++--- docs/libcurl/opts/CURLINFO_SCHEME.md | 6 +++--- docs/libcurl/opts/CURLOPT_HEADERDATA.md | 6 +++--- docs/libcurl/opts/CURLOPT_IOCTLFUNCTION.md | 12 ++++++------ docs/libcurl/opts/CURLOPT_SHARE.md | 13 ++++++------- docs/libcurl/opts/CURLOPT_SSH_HOSTKEYFUNCTION.md | 2 +- docs/libcurl/opts/CURLOPT_SSH_KEYFUNCTION.md | 2 +- docs/libcurl/opts/CURLOPT_TRANSFER_ENCODING.md | 4 ++-- docs/libcurl/opts/CURLOPT_WRITEDATA.md | 2 +- 16 files changed, 46 insertions(+), 47 deletions(-) diff --git a/docs/libcurl/opts/CURLINFO_CONTENT_TYPE.md b/docs/libcurl/opts/CURLINFO_CONTENT_TYPE.md index 71e9c5122c..8a9093ced2 100644 --- a/docs/libcurl/opts/CURLINFO_CONTENT_TYPE.md +++ b/docs/libcurl/opts/CURLINFO_CONTENT_TYPE.md @@ -33,8 +33,8 @@ object. This is the value read from the Content-Type: field. If you get NULL, it means that the server did not send a valid Content-Type header or that the protocol used does not support this. -The **ct** pointer is set to NULL or pointing to private memory. You MUST -NOT free it - it gets freed when you call curl_easy_cleanup(3) on the +The **ct** pointer is NULL or points to private memory. You **must not** free +it. It gets freed automatically when you call curl_easy_cleanup(3) on the corresponding curl handle. The modern way to get this header from a response is to instead use the diff --git a/docs/libcurl/opts/CURLINFO_EFFECTIVE_METHOD.md b/docs/libcurl/opts/CURLINFO_EFFECTIVE_METHOD.md index 0a748063c6..5299dab8c1 100644 --- a/docs/libcurl/opts/CURLINFO_EFFECTIVE_METHOD.md +++ b/docs/libcurl/opts/CURLINFO_EFFECTIVE_METHOD.md @@ -35,9 +35,9 @@ method. In cases when you have asked libcurl to follow redirects, the method may not be the same method the first request would use. -The **methodp** pointer is NULL or points to private memory. You MUST NOT -free - it gets freed when you call curl_easy_cleanup(3) on the -corresponding curl handle. +The **methodp** pointer is NULL or points to private memory. You +**must not** free it. The memory gets freed automatically when you call +curl_easy_cleanup(3) on the corresponding curl handle. # %PROTOCOLS% diff --git a/docs/libcurl/opts/CURLINFO_EFFECTIVE_URL.md b/docs/libcurl/opts/CURLINFO_EFFECTIVE_URL.md index aa50901834..172f6de3d4 100644 --- a/docs/libcurl/opts/CURLINFO_EFFECTIVE_URL.md +++ b/docs/libcurl/opts/CURLINFO_EFFECTIVE_URL.md @@ -32,9 +32,9 @@ Pass in a pointer to a char pointer and get the last used effective URL. In cases when you have asked libcurl to follow redirects, it may not be the same value you set with CURLOPT_URL(3). -The **urlp** pointer is NULL or points to private memory. You MUST NOT free -- it gets freed when you call curl_easy_cleanup(3) on the corresponding curl -handle. +The **urlp** pointer is NULL or points to private memory. You **must not** +free it. It memory gets freed automatically when you call curl_easy_cleanup(3) +on the corresponding curl handle. # %PROTOCOLS% diff --git a/docs/libcurl/opts/CURLINFO_FTP_ENTRY_PATH.md b/docs/libcurl/opts/CURLINFO_FTP_ENTRY_PATH.md index 08b5a6d336..db053e311e 100644 --- a/docs/libcurl/opts/CURLINFO_FTP_ENTRY_PATH.md +++ b/docs/libcurl/opts/CURLINFO_FTP_ENTRY_PATH.md @@ -32,9 +32,9 @@ path of the entry path. That is the initial path libcurl ended up in when logging on to the remote FTP or SFTP server. This stores a NULL as pointer if something is wrong. -The **path** pointer is NULL or points to private memory. You MUST NOT free -- it gets freed when you call curl_easy_cleanup(3) on the corresponding curl -handle. +The **path** pointer is NULL or points to private memory. You **must not** +free it. The memory gets freed automatically when you call +curl_easy_cleanup(3) on the corresponding curl handle. # %PROTOCOLS% diff --git a/docs/libcurl/opts/CURLINFO_LOCAL_IP.md b/docs/libcurl/opts/CURLINFO_LOCAL_IP.md index a8b89914a0..c626815c90 100644 --- a/docs/libcurl/opts/CURLINFO_LOCAL_IP.md +++ b/docs/libcurl/opts/CURLINFO_LOCAL_IP.md @@ -35,9 +35,9 @@ with this **curl** handle. This string may be IPv6 when that is enabled. Note that you get a pointer to a memory area that is reused at next request so you need to copy the string if you want to keep the information. -The **ip** pointer is NULL or points to private memory. You MUST NOT free - it -gets freed when you call curl_easy_cleanup(3) on the corresponding CURL -handle. +The **ip** pointer is NULL or points to private memory. You **must not** free +it. The memory gets freed automatically when you call curl_easy_cleanup(3) on +the corresponding curl handle. # %PROTOCOLS% diff --git a/docs/libcurl/opts/CURLINFO_PRIMARY_IP.md b/docs/libcurl/opts/CURLINFO_PRIMARY_IP.md index e87be53e3c..1fdb130711 100644 --- a/docs/libcurl/opts/CURLINFO_PRIMARY_IP.md +++ b/docs/libcurl/opts/CURLINFO_PRIMARY_IP.md @@ -35,9 +35,9 @@ string holding the IP address of the most recent connection done with this get a pointer to a memory area that is reused at next request so you need to copy the string if you want to keep the information. -The **ip** pointer is NULL or points to private memory. You MUST NOT free - it -gets freed when you call curl_easy_cleanup(3) on the corresponding curl -handle. +The **ip** pointer is NULL or points to private memory. You **must not** free +it. The memory gets freed automatically when you call curl_easy_cleanup(3) on +the corresponding curl handle. # %PROTOCOLS% diff --git a/docs/libcurl/opts/CURLINFO_REFERER.md b/docs/libcurl/opts/CURLINFO_REFERER.md index bd278dd603..17b9db1a18 100644 --- a/docs/libcurl/opts/CURLINFO_REFERER.md +++ b/docs/libcurl/opts/CURLINFO_REFERER.md @@ -31,9 +31,9 @@ CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_REFERER, char **hdrp); Pass in a pointer to a char pointer and get the referrer header used in the most recent request. -The **hdrp** pointer is NULL or points to private memory you MUST NOT free - -it gets freed when you call curl_easy_cleanup(3) on the corresponding curl -handle. +The **hdrp** pointer is NULL or points to private memory. You **must not** +free it. The memory gets freed automatically when you call +curl_easy_cleanup(3) on the corresponding curl handle. # %PROTOCOLS% diff --git a/docs/libcurl/opts/CURLINFO_RTSP_SESSION_ID.md b/docs/libcurl/opts/CURLINFO_RTSP_SESSION_ID.md index c24f42b24d..121642677b 100644 --- a/docs/libcurl/opts/CURLINFO_RTSP_SESSION_ID.md +++ b/docs/libcurl/opts/CURLINFO_RTSP_SESSION_ID.md @@ -33,9 +33,9 @@ most recent RTSP Session ID. Applications wishing to resume an RTSP session on another connection should retrieve this info before closing the active connection. -The **id** pointer is NULL or points to private memory. You MUST NOT free - it -gets freed when you call curl_easy_cleanup(3) on the corresponding curl -handle. +The **id** pointer is NULL or points to private memory. You **must not** free +it. The memory gets freed automatically when you call curl_easy_cleanup(3) on +the corresponding curl handle. # %PROTOCOLS% diff --git a/docs/libcurl/opts/CURLINFO_SCHEME.md b/docs/libcurl/opts/CURLINFO_SCHEME.md index 0089531d01..1c61849829 100644 --- a/docs/libcurl/opts/CURLINFO_SCHEME.md +++ b/docs/libcurl/opts/CURLINFO_SCHEME.md @@ -33,9 +33,9 @@ Pass a pointer to a char pointer to receive the pointer to a null-terminated string holding the URL scheme used for the most recent connection done with this CURL **handle**. -The **scheme** pointer is NULL or points to private memory. You MUST NOT -free - it gets freed when you call curl_easy_cleanup(3) on the corresponding -curl handle. +The **scheme** pointer is NULL or points to private memory. You **must not** +free it. The memory gets freed automatically when you call +curl_easy_cleanup(3) on the corresponding curl handle. The returned scheme might be upper or lowercase. Do comparisons case insensitively. diff --git a/docs/libcurl/opts/CURLOPT_HEADERDATA.md b/docs/libcurl/opts/CURLOPT_HEADERDATA.md index bb3f2ed834..f767961cdc 100644 --- a/docs/libcurl/opts/CURLOPT_HEADERDATA.md +++ b/docs/libcurl/opts/CURLOPT_HEADERDATA.md @@ -36,9 +36,9 @@ If CURLOPT_WRITEFUNCTION(3) or CURLOPT_HEADERFUNCTION(3) is used, If neither of those options are set, *pointer* must be a valid FILE * and it is used by a plain fwrite() to write headers to. -If you are using libcurl as a Windows DLL, you **MUST** use a -CURLOPT_WRITEFUNCTION(3) or CURLOPT_HEADERFUNCTION(3) if you set -this option or you might experience crashes. +If you are using libcurl as a Windows DLL, you **must** use a +CURLOPT_WRITEFUNCTION(3) or CURLOPT_HEADERFUNCTION(3) if you set this option +or you might experience crashes. # DEFAULT diff --git a/docs/libcurl/opts/CURLOPT_IOCTLFUNCTION.md b/docs/libcurl/opts/CURLOPT_IOCTLFUNCTION.md index 29dc8bb4ff..d2dda82dd8 100644 --- a/docs/libcurl/opts/CURLOPT_IOCTLFUNCTION.md +++ b/docs/libcurl/opts/CURLOPT_IOCTLFUNCTION.md @@ -50,15 +50,15 @@ rewinding the read data stream is the only action it can request. The rewinding of the read data stream may be necessary when doing an HTTP PUT or POST with a multi-pass authentication method. -The callback MUST return *CURLIOE_UNKNOWNCMD* if the input *cmd* is -not *CURLIOCMD_RESTARTREAD*. +The callback **must** return *CURLIOE_UNKNOWNCMD* if the input *cmd* is not +*CURLIOCMD_RESTARTREAD*. -The *clientp* argument to the callback is set with the -CURLOPT_IOCTLDATA(3) option. +The *clientp* argument to the callback is set with the CURLOPT_IOCTLDATA(3) +option. **This option is deprecated**. Do not use it. Use CURLOPT_SEEKFUNCTION(3) -instead to provide seeking. If CURLOPT_SEEKFUNCTION(3) is set, this -parameter is ignored when seeking. +instead to provide seeking. If CURLOPT_SEEKFUNCTION(3) is set, this parameter +is ignored when seeking. # DEFAULT diff --git a/docs/libcurl/opts/CURLOPT_SHARE.md b/docs/libcurl/opts/CURLOPT_SHARE.md index c4488086a7..9b9a281e00 100644 --- a/docs/libcurl/opts/CURLOPT_SHARE.md +++ b/docs/libcurl/opts/CURLOPT_SHARE.md @@ -26,13 +26,12 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SHARE, CURLSH *share); # DESCRIPTION -Pass a *share* handle as a parameter. The share handle must have been -created by a previous call to curl_share_init(3). Setting this option, -makes this curl handle use the data from the shared handle instead of keeping -the data to itself. This enables several curl handles to share data. If the -curl handles are used simultaneously in multiple threads, you **MUST** use -the locking methods in the share handle. See curl_share_setopt(3) for -details. +Pass a *share* handle as a parameter. The share handle must have been created +by a previous call to curl_share_init(3). Setting this option, makes this curl +handle use the data from the shared handle instead of keeping the data to +itself. This enables several curl handles to share data. If the curl handles +are used simultaneously in multiple threads, you **must** use the locking +methods in the share handle. See curl_share_setopt(3) for details. If you add a share that is set to share cookies, your easy handle uses that cookie cache and get the cookie engine enabled. If you stop sharing an object diff --git a/docs/libcurl/opts/CURLOPT_SSH_HOSTKEYFUNCTION.md b/docs/libcurl/opts/CURLOPT_SSH_HOSTKEYFUNCTION.md index 89422e4ef6..0f7e9996bd 100644 --- a/docs/libcurl/opts/CURLOPT_SSH_HOSTKEYFUNCTION.md +++ b/docs/libcurl/opts/CURLOPT_SSH_HOSTKEYFUNCTION.md @@ -44,7 +44,7 @@ says what type it is, from the **CURLKHTYPE_*** series in the **clientp** is a custom pointer set with CURLOPT_SSH_HOSTKEYDATA(3). -The callback MUST return one of the following return codes to tell libcurl how +The callback must return one of the following return codes to tell libcurl how to act: ## CURLKHMATCH_OK diff --git a/docs/libcurl/opts/CURLOPT_SSH_KEYFUNCTION.md b/docs/libcurl/opts/CURLOPT_SSH_KEYFUNCTION.md index 636b7a3609..1e21b614f1 100644 --- a/docs/libcurl/opts/CURLOPT_SSH_KEYFUNCTION.md +++ b/docs/libcurl/opts/CURLOPT_SSH_KEYFUNCTION.md @@ -68,7 +68,7 @@ called if CURLOPT_SSH_KNOWNHOSTS(3) is also set. This callback function gets passed the curl handle, the key from the known_hosts file *knownkey*, the key from the remote site *foundkey*, info from libcurl on the matching status and a custom pointer (set with -CURLOPT_SSH_KEYDATA(3)). It MUST return one of the following return codes to +CURLOPT_SSH_KEYDATA(3)). It must return one of the following return codes to tell libcurl how to act: ## CURLKHSTAT_FINE_REPLACE diff --git a/docs/libcurl/opts/CURLOPT_TRANSFER_ENCODING.md b/docs/libcurl/opts/CURLOPT_TRANSFER_ENCODING.md index 262c089794..07e7266da5 100644 --- a/docs/libcurl/opts/CURLOPT_TRANSFER_ENCODING.md +++ b/docs/libcurl/opts/CURLOPT_TRANSFER_ENCODING.md @@ -35,8 +35,8 @@ HTTP response sent using a compressed Transfer-Encoding that is automatically uncompressed by libcurl on reception. Transfer-Encoding differs slightly from the Content-Encoding you ask for with -CURLOPT_ACCEPT_ENCODING(3) in that a Transfer-Encoding is strictly meant -to be for the transfer and thus MUST be decoded before the data arrives in the +CURLOPT_ACCEPT_ENCODING(3) in that a Transfer-Encoding is strictly meant to be +for the transfer and thus must be decoded before the data arrives in the client. Traditionally, Transfer-Encoding has been much less used and supported by both HTTP clients and HTTP servers. diff --git a/docs/libcurl/opts/CURLOPT_WRITEDATA.md b/docs/libcurl/opts/CURLOPT_WRITEDATA.md index 5983de5d27..f6c6a2eeb9 100644 --- a/docs/libcurl/opts/CURLOPT_WRITEDATA.md +++ b/docs/libcurl/opts/CURLOPT_WRITEDATA.md @@ -36,7 +36,7 @@ to *fwrite(3)* when writing data. The internal CURLOPT_WRITEFUNCTION(3) writes the data to the FILE * given with this option, or to stdout if this option has not been set. -If you are using libcurl as a Windows DLL, you **MUST** use a +If you are using libcurl as a Windows DLL, you must also use CURLOPT_WRITEFUNCTION(3) if you set this option or you might experience crashes. From 92361999086712c7ae6ca59930cdac204e0db2a2 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 17 Sep 2025 08:25:42 +0200 Subject: [PATCH 0047/2408] setopt: make CURLOPT_MAXREDIRS accept -1 (again) Regression from b059f7d (shipped in 8.16.0) Reported-by: Adam Light Fixes #18571 Closes #18576 --- lib/setopt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/setopt.c b/lib/setopt.c index 6f98e7dce4..d7a7f6c52d 100644 --- a/lib/setopt.c +++ b/lib/setopt.c @@ -955,7 +955,7 @@ static CURLcode setopt_long(struct Curl_easy *data, CURLoption option, break; case CURLOPT_MAXREDIRS: - result = value_range(&arg, -1, 0, 0x7fff); + result = value_range(&arg, -1, -1, 0x7fff); if(result) return result; s->maxredirs = (short)arg; From 04e08664a8e392b05a79cd710ef43fe0de7c1797 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 17 Sep 2025 10:30:31 +0200 Subject: [PATCH 0048/2408] RELEASE-NOTES: synced --- RELEASE-NOTES | 39 +++++++++++++++++++++++++++++++++++---- 1 file changed, 35 insertions(+), 4 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 58d8fe6d02..c6fb253c75 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -4,24 +4,39 @@ curl and libcurl 8.16.1 Command line options: 272 curl_easy_setopt() options: 308 Public functions in libcurl: 98 - Contributors: 3500 + Contributors: 3502 This release includes the following changes: This release includes the following bugfixes: + o asyn-thrdd: drop pthread_cancel [30] + o aws-lc: re-enable large read-ahead with v1.61.0 again [16] + o cmake: fix building docs when the base directory contains `.3` [18] + o cmdline-docs: extended, clarified, refreshed [28] o curl_easy_getinfo: error code on NULL arg [2] o curl_mem_undef.h: limit to `CURLDEBUG` for non-memalloc overrides [19] o CURLINFO_FTP_ENTRY_PATH.md: this is for SFTP as well [8] o CURLOPT_MAXLIFETIME_CONN: make default 24 hours [10] + o CURLOPT_SSL_VERIFYHOST.md: add see-also to two other VERIFYHOST options [32] + o CURLOPT_TIMECONDITION.md: works for FILE and FTP as well [27] + o dist: do not distribute `CI.md` [29] + o docs/libcurl: clarify some timeout option behavior [15] o docs/libcurl: remove ancient version references [7] + o docs/libcurl: use lowercase must [5] o easy_getinfo: check magic, Curl_close safety [3] + o krb5: return appropriate error on send failures [22] o libcurl-security.md: mention long-running connections [6] + o Makefile.example: simplify and make it configurable [20] o ngtcp2: check error code on connect failure [13] o quic: fix min TLS version handling [14] o quic: ignore EMSGSIZE on receive [4] + o setopt: accept *_SSL_VERIFYHOST set to 2L [31] + o setopt: make CURLOPT_MAXREDIRS accept -1 (again) [1] o ssl-sessions.md: mark option experimental [12] + o sws: fix checking `sscanf()` return value [17] + o TODO: remove already implemented or bad items [36] o urldata: FILE is not a list-only protocol [9] This release includes the following known bugs: @@ -46,16 +61,19 @@ Planned upcoming removals include: This release would not have looked like this without help, code, reports and advice from friends like these: - Andrew Kirillov, Dan Fandrich, Daniel Stenberg, Emilio Pozuelo Monfort, - Ethan Everett, fds242 on github, renovate[bot], Stefan Eissing, + Adam Light, Andrew Kirillov, Dan Fandrich, Daniel Stenberg, dependabot[bot], + Emilio Pozuelo Monfort, Ethan Everett, fds242 on github, Javier Blazquez, + Jicea, Nir Azkiel, renovate[bot], Samuel Dionne-Riel, Stefan Eissing, Viktor Szakats - (9 contributors) + (15 contributors) References to bug reports and discussions on issues: + [1] = https://curl.se/bug/?i=18571 [2] = https://curl.se/bug/?i=18512 [3] = https://curl.se/bug/?i=18511 [4] = https://curl.se/bug/?i=18505 + [5] = https://curl.se/bug/?i=18570 [6] = https://curl.se/bug/?i=18533 [7] = https://curl.se/bug/?i=18530 [8] = https://curl.se/bug/?i=18531 @@ -64,4 +82,17 @@ References to bug reports and discussions on issues: [12] = https://curl.se/bug/?i=18523 [13] = https://curl.se/bug/?i=18521 [14] = https://curl.se/bug/?i=18518 + [15] = https://curl.se/bug/?i=18569 + [16] = https://curl.se/bug/?i=18568 + [17] = https://curl.se/bug/?i=18565 + [18] = https://curl.se/bug/?i=18560 [19] = https://curl.se/bug/?i=18510 + [20] = https://curl.se/bug/?i=18554 + [22] = https://curl.se/bug/?i=18561 + [27] = https://curl.se/bug/?i=18551 + [28] = https://curl.se/bug/?i=18550 + [29] = https://curl.se/bug/?i=18549 + [30] = https://curl.se/bug/?i=18532 + [31] = https://curl.se/mail/lib-2025-09/0031.html + [32] = https://curl.se/bug/?i=18548 + [36] = https://curl.se/bug/?i=18542 From 0a27a506b1f1ff926dd94766434dcc8ff4c12bb4 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 17 Sep 2025 13:02:01 +0200 Subject: [PATCH 0049/2408] managen: ignore version mentions < 7.66.0 Only mention version specific details for versions from within the last six years. Closes #18583 --- scripts/managen | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/managen b/scripts/managen index 1eb536a0e6..768c632d4b 100755 --- a/scripts/managen +++ b/scripts/managen @@ -265,8 +265,8 @@ sub too_old { elsif($version =~ /^(\d+)\.(\d+)/) { $a = $1 * 1000 + $2 * 10; } - if($a < 7600) { - # we consider everything before 7.60.0 to be too old to mention + if($a < 7660) { + # we consider everything before 7.66.0 to be too old to mention # specific changes for return 1; } From dbe4e28d57f76b5ad96241bc5865d043679575d8 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 17 Sep 2025 11:53:33 +0200 Subject: [PATCH 0050/2408] managen: render better manpage references/links - When an option name is used in text, this script no longer outputs the short plus long version in the manpage output. It makes the text much more readable. This always showing both verions was previously done primarily to make sure roffit would linkify it correctly, but since roffit 0.17 it should link both long or short names correctly. - When managen outputs generic text about options at the end of the description it now highlights them properly so that they too get linkified correctly in the HTML version. For consistency. Closes #18580 --- scripts/managen | 55 ++++++++++++++++++++++++--------------------- tests/data/test1705 | 8 +++---- 2 files changed, 34 insertions(+), 29 deletions(-) diff --git a/scripts/managen b/scripts/managen index 768c632d4b..9290680670 100755 --- a/scripts/managen +++ b/scripts/managen @@ -66,8 +66,7 @@ my $indent = 4; # get the long name version, return the manpage string sub manpageify { - my ($k)=@_; - my $l; + my ($k, $manpage)=@_; my $trail = ''; # the matching pattern might include a trailing dot that cannot be part of # the option name @@ -75,18 +74,15 @@ sub manpageify { # cut off trailing dot $trail = "."; } - my $klong = $k; - # quote "bare" minuses in the long name - $klong =~ s/-/\\-/g; - if($optlong{$k}) { - # both short + long - $l = "\\fI-".$optlong{$k}.", \\-\\-$klong\\fP$trail"; - } - else { + if($manpage) { + my $klong = $k; + # quote "bare" minuses in the long name + $klong =~ s/-/\\-/g; + # only long - $l = "\\fI\\-\\-$klong\\fP$trail"; + return "\\fI\\-\\-$klong\\fP$trail"; } - return $l; + return "--$k$trail"; } @@ -477,7 +473,7 @@ sub render { if($manpage) { if(!$quote && $d =~ /--/) { - $d =~ s/--([a-z0-9.-]+)/manpageify($1)/ge; + $d =~ s/--([a-z0-9.-]+)/manpageify($1, 1)/ge; } # quote minuses in the output @@ -741,7 +737,9 @@ sub single { } if($scope eq "global") { push @desc, "\n" if(!$manpage); - push @desc, "${pre}This option is global and does not need to be specified for each use of --next.\n"; + push @desc, + sprintf("${pre}This option is global and does not need to be specified for each use of %s.\n", + manpageify("next", $manpage)); } else { print STDERR "$f:$line:1:ERROR: unrecognized scope: '$scope'\n"; @@ -751,11 +749,15 @@ sub single { my @extra; if($multi eq "single") { - push @extra, "${pre}If --$long is provided several times, the last set ". - "value is used.\n"; + push @extra, + sprintf("${pre}If %s is provided several times, the last set ". + "value is used.\n", + manpageify($long, $manpage)); } elsif($multi eq "append") { - push @extra, "${pre}--$long can be used several times in a command line\n"; + push @extra, + sprintf("${pre}%s can be used several times in a command line\n", + manpageify($long, $manpage)); } elsif($multi eq "boolean") { my $rev = "no-$long"; @@ -767,20 +769,23 @@ sub single { } my $dashes = $manpage ? "\\-\\-" : "--"; push @extra, - "${pre}Providing --$long multiple times has no extra effect.\n". - "Disable it again with $dashes$rev.\n"; + sprintf("${pre}Providing %s multiple times has no extra effect.\n". + "Disable it again with $dashes$rev.\n", + manpageify($long, $manpage)); } elsif($multi eq "mutex") { push @extra, - "${pre}Providing --$long multiple times has no extra effect.\n"; + sprintf("${pre}Providing %s multiple times has no extra effect.\n", + manpageify($long, $manpage)); } elsif($multi eq "custom") { ; # left for the text to describe } elsif($multi eq "per-URL") { push @extra, - "${pre}--$long is associated with a single URL. Use it once per URL ". - "when you use several URLs in a command line.\n"; + sprintf("${pre}%s is associated with a single URL. Use it once per URL ". + "when you use several URLs in a command line.\n", + manpageify($long, $manpage)); } else { print STDERR "$f:$line:1:ERROR: unrecognized Multi: '$multi'\n"; @@ -804,7 +809,7 @@ sub single { if(!$helplong{$k}) { print STDERR "$f:$line:1:WARN: see-also a non-existing option: $k\n"; } - my $l = $manpage ? manpageify($k) : "--$k"; + my $l = manpageify($k, $manpage); my $sep = " and"; if($and && ($i < $and)) { $sep = ","; @@ -814,7 +819,7 @@ sub single { } if($requires) { - my $l = $manpage ? manpageify($long) : "--$long"; + my $l = manpageify($long, $manpage); push @foot, "$l requires that libcurl". " is built to support $requires.\n"; } @@ -827,7 +832,7 @@ sub single { if(!$helplong{$k}) { print STDERR "WARN: $f mutexes a non-existing option: $k\n"; } - my $l = $manpage ? manpageify($k) : "--$k"; + my $l = manpageify($k, $manpage); my $sep = ", "; if($count == ($num -1)) { $sep = " and "; diff --git a/tests/data/test1705 b/tests/data/test1705 index b56982ae40..7c21ffa349 100644 --- a/tests/data/test1705 +++ b/tests/data/test1705 @@ -224,9 +224,9 @@ End with a quote hello .fi -This option is global and does not need to be specified for each use of --next. +This option is global and does not need to be specified for each use of \fI\-\-next\fP. -Providing --fakeitreal multiple times has no extra effect. +Providing \fI\-\-fakeitreal\fP multiple times has no extra effect. Disable it again with \-\-no-fakeitreal. Example: @@ -265,14 +265,14 @@ relying upon support for that protocol being built into curl to avoid an error. This option can be used multiple times, in which case the effect is the same as concatenating the protocols into one instance of the option. -If --proto is provided several times, the last set value is used. +If \fI\-\-proto\fP is provided several times, the last set value is used. Example: .nf curl --proto =http,https,sftp https://example.com .fi -See also \fI-v, \-\-fakeitreal\fP and \fI\-\-proto\-default\fP. +See also \fI\-\-fakeitreal\fP and \fI\-\-proto\-default\fP. .SH PROXY PROTOCOL PREFIXES The proxy string may be specified with a protocol:// prefix to specify alternative proxy protocols. From 0f067ba4aa30b681a0e92761e003936470340fd5 Mon Sep 17 00:00:00 2001 From: Christian Schmitz Date: Wed, 17 Sep 2025 11:04:47 +0200 Subject: [PATCH 0051/2408] libcurl-multi.md: added curl_multi_get_offt mention The multi interface page didn't mention the new curl_multi_get_offt function. Closes #18579 --- docs/libcurl/libcurl-multi.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/libcurl/libcurl-multi.md b/docs/libcurl/libcurl-multi.md index 3becb648de..27f153b8ad 100644 --- a/docs/libcurl/libcurl-multi.md +++ b/docs/libcurl/libcurl-multi.md @@ -166,7 +166,9 @@ get activity on the sockets you have been asked to wait on, or if the timeout timer expires. You can poll curl_multi_info_read(3) to see if any transfer has -completed, as it then has a message saying so. +completed, as it then has a message saying so. To know how many transfers are +currently queued, running, pending or done, you can use the +curl_multi_get_offt(3) function. # BLOCKING From 74fdc1185f40c2fe2253043ff3f563fbbd4b43ed Mon Sep 17 00:00:00 2001 From: Michael Osipov Date: Wed, 17 Sep 2025 20:33:25 +0200 Subject: [PATCH 0052/2408] configure: add "-mt" for pthread support on HP-UX HP-UX requires this compiler and linker flag to pass proper macros and add required libraries. Closes #18585 --- configure.ac | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index af005beffd..3f02d037ef 100644 --- a/configure.ac +++ b/configure.ac @@ -4340,11 +4340,9 @@ if test "$want_threaded_resolver" = "yes" && test "$USE_THREADS_WIN32" != "1"; t AC_CHECK_FUNC(pthread_create, [USE_THREADS_POSIX=1] ) LIBS="$save_LIBS" - dnl on HP-UX, life is more complicated... case $host in *-hp-hpux*) - dnl it doesn't actually work without -lpthread - USE_THREADS_POSIX="" + CFLAGS="$CFLAGS -mt" ;; *) ;; From 3031fae3bd5135853133b95cd5396e93925a23bf Mon Sep 17 00:00:00 2001 From: Christian Schmitz Date: Wed, 17 Sep 2025 10:11:59 +0200 Subject: [PATCH 0053/2408] multi.h: add CURLMINFO_LASTENTRY For multiple enums, we use LASTENTRY values to do range checks when receiving an option as integer. So I added LASTENTRY, so the check will work, even if you add more options later. Closes #18578 --- include/curl/multi.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/include/curl/multi.h b/include/curl/multi.h index 782541f1ab..99e4413c9f 100644 --- a/include/curl/multi.h +++ b/include/curl/multi.h @@ -464,7 +464,9 @@ typedef enum { * be read via `curl_multi_info_read()`. */ CURLMINFO_XFERS_DONE = 4, /* The total number of easy handles added to the multi handle, ever. */ - CURLMINFO_XFERS_ADDED = 5 + CURLMINFO_XFERS_ADDED = 5, + + CURLMINFO_LASTENTRY /* the last unused */ } CURLMinfo_offt; /* From a827e4294cee78e2169555d4d99c6c5d583d51bc Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 17 Sep 2025 23:22:36 +0200 Subject: [PATCH 0054/2408] smtp: check EHLO responses case insensitively Adjust test 980 to announce starttls in lowercase. Fixes #18588 Reported-by: Joshua Rogers Closes #18589 --- lib/smtp.c | 8 ++++---- tests/data/test980 | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/lib/smtp.c b/lib/smtp.c index 5dba1f9ea8..84ff693a3c 100644 --- a/lib/smtp.c +++ b/lib/smtp.c @@ -989,19 +989,19 @@ static CURLcode smtp_state_ehlo_resp(struct Curl_easy *data, len -= 4; /* Does the server support the STARTTLS capability? */ - if(len >= 8 && !memcmp(line, "STARTTLS", 8)) + if(len >= 8 && curl_strnequal(line, "STARTTLS", 8)) smtpc->tls_supported = TRUE; /* Does the server support the SIZE capability? */ - else if(len >= 4 && !memcmp(line, "SIZE", 4)) + else if(len >= 4 && curl_strnequal(line, "SIZE", 4)) smtpc->size_supported = TRUE; /* Does the server support the UTF-8 capability? */ - else if(len >= 8 && !memcmp(line, "SMTPUTF8", 8)) + else if(len >= 8 && curl_strnequal(line, "SMTPUTF8", 8)) smtpc->utf8_supported = TRUE; /* Does the server support authentication? */ - else if(len >= 5 && !memcmp(line, "AUTH ", 5)) { + else if(len >= 5 && curl_strnequal(line, "AUTH ", 5)) { smtpc->auth_supported = TRUE; /* Advance past the AUTH keyword */ diff --git a/tests/data/test980 b/tests/data/test980 index 5811b437d4..8a52559472 100644 --- a/tests/data/test980 +++ b/tests/data/test980 @@ -10,7 +10,7 @@ STARTTLS # Server-side -CAPA STARTTLS +CAPA starttls AUTH PLAIN REPLY STARTTLS 454 currently unavailable\r\n235 Authenticated\r\n250 2.1.0 Sender ok\r\n250 2.1.5 Recipient ok\r\n354 Enter mail\r\n250 2.0.0 Accepted REPLY AUTH 535 5.7.8 Authentication credentials invalid From 20f757ef140a8466e888e6f395461a3ea73daf41 Mon Sep 17 00:00:00 2001 From: Joshua Rogers Date: Thu, 18 Sep 2025 06:45:12 +0500 Subject: [PATCH 0055/2408] tool_cb_hdr: fix fwrite check in header callback Compare fwrite result to nmemb (items), not cb (bytes). Closes #18593 --- src/tool_cb_hdr.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/tool_cb_hdr.c b/src/tool_cb_hdr.c index 6af9d1947e..3bb3c12dc8 100644 --- a/src/tool_cb_hdr.c +++ b/src/tool_cb_hdr.c @@ -116,7 +116,7 @@ size_t tool_header_cb(char *ptr, size_t size, size_t nmemb, void *userdata) if(per->config->headerfile && heads->stream) { size_t rc = fwrite(ptr, size, nmemb, heads->stream); - if(rc != cb) + if(rc != nmemb) return rc; /* flush the stream to send off what we got earlier */ if(fflush(heads->stream)) { From 4e74b9f592b7e0775800f212052c18c44128f89b Mon Sep 17 00:00:00 2001 From: Joshua Rogers Date: Thu, 18 Sep 2025 03:43:11 +0500 Subject: [PATCH 0056/2408] socks_sspi: restore non-blocking socket on error paths Closes #18592 --- lib/socks_sspi.c | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/socks_sspi.c b/lib/socks_sspi.c index 49210585b0..c106fec0c8 100644 --- a/lib/socks_sspi.c +++ b/lib/socks_sspi.c @@ -559,6 +559,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, */ return CURLE_OK; error: + (void)curlx_nonblock(sock, TRUE); free(service_name); Curl_pSecFn->FreeCredentialsHandle(&cred_handle); Curl_pSecFn->DeleteSecurityContext(&sspi_context); From ca034e839c92570b6cece09b63624af41f39e77b Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 18 Sep 2025 08:49:22 +0200 Subject: [PATCH 0057/2408] tool: fix exponential retry delay Also, show retry delay with decimals since it might be not be integer seconds. Regression from da27db068fc888d7091d347080 (shipped in 8.16.0) Reported-by: Andrew Olsen Fixes #18591 Assisted-by: Jay Satiro Closes #18595 --- src/tool_cfgable.c | 1 - src/tool_cfgable.h | 3 ++- src/tool_operate.c | 21 ++++++++++++++------- 3 files changed, 16 insertions(+), 9 deletions(-) diff --git a/src/tool_cfgable.c b/src/tool_cfgable.c index 0321848b0d..675f4d2d9d 100644 --- a/src/tool_cfgable.c +++ b/src/tool_cfgable.c @@ -52,7 +52,6 @@ struct OperationConfig *config_alloc(void) config->ftp_skip_ip = TRUE; config->file_clobber_mode = CLOBBER_DEFAULT; config->upload_flags = CURLULFLAG_SEEN; - config->retry_delay_ms = RETRY_SLEEP_DEFAULT; curlx_dyn_init(&config->postdata, MAX_FILE2MEMORY); return config; } diff --git a/src/tool_cfgable.h b/src/tool_cfgable.h index 5e7222a8a8..3b2ac93a74 100644 --- a/src/tool_cfgable.h +++ b/src/tool_cfgable.h @@ -209,7 +209,8 @@ struct OperationConfig { long httpversion; unsigned long socks5_auth;/* auth bitmask for socks5 proxies */ long req_retry; /* number of retries */ - long retry_delay_ms; /* delay between retries (in milliseconds) */ + long retry_delay_ms; /* delay between retries (in milliseconds), + 0 means increase exponentially */ long retry_maxtime_ms; /* maximum time to keep retrying */ unsigned long mime_options; /* Mime option flags. */ diff --git a/src/tool_operate.c b/src/tool_operate.c index 2c3030096f..4337cdee60 100644 --- a/src/tool_operate.c +++ b/src/tool_operate.c @@ -437,7 +437,6 @@ static CURLcode retrycheck(struct OperationConfig *config, ": FTP error" }; - sleeptime = per->retry_sleep; if(RETRY_HTTP == retry) { curl_easy_getinfo(curl, CURLINFO_RETRY_AFTER, &retry_after); if(retry_after) { @@ -464,20 +463,28 @@ static CURLcode retrycheck(struct OperationConfig *config, } } } + if(!sleeptime && !config->retry_delay_ms) { + if(!per->retry_sleep) + per->retry_sleep = RETRY_SLEEP_DEFAULT; + else + per->retry_sleep *= 2; + if(per->retry_sleep > RETRY_SLEEP_MAX) + per->retry_sleep = RETRY_SLEEP_MAX; + } + if(!sleeptime) + sleeptime = per->retry_sleep; warnf("Problem %s. " - "Will retry in %ld second%s. " + "Will retry in %ld%s%.*ld second%s. " "%ld retr%s left.", m[retry], sleeptime/1000L, + (sleeptime%1000L ? "." : ""), + (sleeptime%1000L ? 3 : 0), + sleeptime%1000L, (sleeptime/1000L == 1 ? "" : "s"), per->retry_remaining, (per->retry_remaining > 1 ? "ies" : "y")); per->retry_remaining--; - if(!config->retry_delay_ms) { - per->retry_sleep *= 2; - if(per->retry_sleep > RETRY_SLEEP_MAX) - per->retry_sleep = RETRY_SLEEP_MAX; - } if(outs->bytes && outs->filename && outs->stream) { #ifndef __MINGW32CE__ From 0f0821133095cf8b6efdfd98c71a09fccb34ac78 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Thu, 18 Sep 2025 11:10:45 +0200 Subject: [PATCH 0058/2408] cfilter: unlink and discard Rewrite the code that removes a filter from the connection and discards it. Always look at the connection, otherwise it will not work of the filter is at the top of the chain. Change QUIC filter setup code to always tear down the chain in construction when an error occured. HTTP proxy, do not remove the h1/h2 sub filter on close. Leave it to be discarded with the connection. Avoids keeping an additional pointer that might become dangling. Triggered by a reported on a code bug in discard method. Reported-by: Joshua Rogers Closes #18596 --- lib/cfilters.c | 37 +++++++++++++++++-------------------- lib/cfilters.h | 14 +++++--------- lib/http_proxy.c | 28 ++++------------------------ lib/vquic/curl_ngtcp2.c | 20 +++++++++----------- lib/vquic/curl_osslq.c | 19 +++++++++---------- lib/vquic/curl_quiche.c | 19 +++++++++---------- lib/vtls/vtls.c | 2 +- 7 files changed, 54 insertions(+), 85 deletions(-) diff --git a/lib/cfilters.c b/lib/cfilters.c index efd2ac6f63..07f3c5f7b4 100644 --- a/lib/cfilters.c +++ b/lib/cfilters.c @@ -383,29 +383,26 @@ void Curl_conn_cf_insert_after(struct Curl_cfilter *cf_at, *pnext = tail; } -bool Curl_conn_cf_discard_sub(struct Curl_cfilter *cf, - struct Curl_cfilter *discard, - struct Curl_easy *data, - bool destroy_always) +bool Curl_conn_cf_discard(struct Curl_cfilter **pcf, + struct Curl_easy *data) { - struct Curl_cfilter **pprev = &cf->next; + struct Curl_cfilter *cf = pcf ? *pcf : NULL; bool found = FALSE; - - /* remove from sub-chain and destroy */ - DEBUGASSERT(cf); - while(*pprev) { - if(*pprev == cf) { - *pprev = discard->next; - discard->next = NULL; - found = TRUE; - break; + if(cf) { + if(cf->conn) { + /* unlink if present in connection filter chain */ + struct Curl_cfilter **pprev = &cf->conn->cfilter[cf->sockindex]; + while(*pprev) { + if(*pprev == *pcf) { + *pprev = (*pcf)->next; + cf->next = NULL; + found = TRUE; + break; + } + pprev = &((*pprev)->next); + } } - pprev = &((*pprev)->next); - } - if(found || destroy_always) { - discard->next = NULL; - discard->cft->destroy(discard, data); - free(discard); + Curl_conn_cf_discard_chain(pcf, data); } return found; } diff --git a/lib/cfilters.h b/lib/cfilters.h index 815b72a6e8..af38191a93 100644 --- a/lib/cfilters.h +++ b/lib/cfilters.h @@ -297,16 +297,12 @@ void Curl_conn_cf_insert_after(struct Curl_cfilter *cf_at, struct Curl_cfilter *cf_new); /** - * Discard, e.g. remove and destroy `discard` iff - * it still is in the filter chain below `cf`. If `discard` - * is no longer found beneath `cf` return FALSE. - * if `destroy_always` is TRUE, will call `discard`s destroy - * function and free it even if not found in the subchain. + * Extract filter `*pcf` from its connection filter chain. + * Destroy `*pcf`, even if it was not part of the chain and NULL it. + * Returns TRUE of cf has been part of chain. */ -bool Curl_conn_cf_discard_sub(struct Curl_cfilter *cf, - struct Curl_cfilter *discard, - struct Curl_easy *data, - bool destroy_always); +bool Curl_conn_cf_discard(struct Curl_cfilter **pcf, + struct Curl_easy *data); /** * Discard all cfilters starting with `*pcf` and clearing it afterwards. diff --git a/lib/http_proxy.c b/lib/http_proxy.c index 2d742856ce..b756efe711 100644 --- a/lib/http_proxy.c +++ b/lib/http_proxy.c @@ -215,9 +215,8 @@ CURLcode Curl_http_proxy_get_destination(struct Curl_cfilter *cf, } struct cf_proxy_ctx { - /* the protocol specific sub-filter we install during connect */ - struct Curl_cfilter *cf_protocol; int httpversion; /* HTTP version used to CONNECT */ + BIT(sub_filter_installed); }; CURLcode Curl_http_proxy_create_CONNECT(struct httpreq **preq, @@ -317,8 +316,7 @@ connect_sub: return result; *done = FALSE; - if(!ctx->cf_protocol) { - struct Curl_cfilter *cf_protocol = NULL; + if(!ctx->sub_filter_installed) { int httpversion = 0; const char *alpn = Curl_conn_cf_get_alpn_negotiated(cf->next, data); @@ -332,7 +330,6 @@ connect_sub: result = Curl_cf_h1_proxy_insert_after(cf, data); if(result) goto out; - cf_protocol = cf->next; httpversion = 10; } else if(!alpn || !strcmp(alpn, "http/1.1")) { @@ -340,7 +337,6 @@ connect_sub: result = Curl_cf_h1_proxy_insert_after(cf, data); if(result) goto out; - cf_protocol = cf->next; /* Assume that without an ALPN, we are talking to an ancient one */ httpversion = 11; } @@ -350,7 +346,6 @@ connect_sub: result = Curl_cf_h2_proxy_insert_after(cf, data); if(result) goto out; - cf_protocol = cf->next; httpversion = 20; } #endif @@ -360,7 +355,7 @@ connect_sub: goto out; } - ctx->cf_protocol = cf_protocol; + ctx->sub_filter_installed = TRUE; ctx->httpversion = httpversion; /* after we installed the filter "below" us, we call connect * on out sub-chain again. @@ -371,7 +366,7 @@ connect_sub: /* subchain connected and we had already installed the protocol filter. * This means the protocol tunnel is established, we are done. */ - DEBUGASSERT(ctx->cf_protocol); + DEBUGASSERT(ctx->sub_filter_installed); result = CURLE_OK; } @@ -419,23 +414,8 @@ static void http_proxy_cf_destroy(struct Curl_cfilter *cf, static void http_proxy_cf_close(struct Curl_cfilter *cf, struct Curl_easy *data) { - struct cf_proxy_ctx *ctx = cf->ctx; - CURL_TRC_CF(data, cf, "close"); cf->connected = FALSE; - if(ctx->cf_protocol) { - struct Curl_cfilter *f; - /* if someone already removed it, we assume he also - * took care of destroying it. */ - for(f = cf->next; f; f = f->next) { - if(f == ctx->cf_protocol) { - /* still in our sub-chain */ - Curl_conn_cf_discard_sub(cf, ctx->cf_protocol, data, FALSE); - break; - } - } - ctx->cf_protocol = NULL; - } if(cf->next) cf->next->cft->do_close(cf->next, data); } diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index 4191924b5a..6cadc8fc58 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -2767,7 +2767,7 @@ CURLcode Curl_cf_ngtcp2_create(struct Curl_cfilter **pcf, const struct Curl_addrinfo *ai) { struct cf_ngtcp2_ctx *ctx = NULL; - struct Curl_cfilter *cf = NULL, *udp_cf = NULL; + struct Curl_cfilter *cf = NULL; CURLcode result; (void)data; @@ -2781,23 +2781,21 @@ CURLcode Curl_cf_ngtcp2_create(struct Curl_cfilter **pcf, result = Curl_cf_create(&cf, &Curl_cft_http3, ctx); if(result) goto out; + cf->conn = conn; - result = Curl_cf_udp_create(&udp_cf, data, conn, ai, TRNSPRT_QUIC); + result = Curl_cf_udp_create(&cf->next, data, conn, ai, TRNSPRT_QUIC); if(result) goto out; - - cf->conn = conn; - udp_cf->conn = cf->conn; - udp_cf->sockindex = cf->sockindex; - cf->next = udp_cf; + cf->next->conn = cf->conn; + cf->next->sockindex = cf->sockindex; out: *pcf = (!result) ? cf : NULL; if(result) { - if(udp_cf) - Curl_conn_cf_discard_sub(cf, udp_cf, data, TRUE); - Curl_safefree(cf); - cf_ngtcp2_ctx_free(ctx); + if(cf) + Curl_conn_cf_discard_chain(&cf, data); + else if(ctx) + cf_ngtcp2_ctx_free(ctx); } return result; } diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c index e82cbf2a3e..c292072a65 100644 --- a/lib/vquic/curl_osslq.c +++ b/lib/vquic/curl_osslq.c @@ -2398,7 +2398,7 @@ CURLcode Curl_cf_osslq_create(struct Curl_cfilter **pcf, const struct Curl_addrinfo *ai) { struct cf_osslq_ctx *ctx = NULL; - struct Curl_cfilter *cf = NULL, *udp_cf = NULL; + struct Curl_cfilter *cf = NULL; CURLcode result; (void)data; @@ -2412,23 +2412,22 @@ CURLcode Curl_cf_osslq_create(struct Curl_cfilter **pcf, result = Curl_cf_create(&cf, &Curl_cft_http3, ctx); if(result) goto out; + cf->conn = conn; - result = Curl_cf_udp_create(&udp_cf, data, conn, ai, TRNSPRT_QUIC); + result = Curl_cf_udp_create(&cf->next, data, conn, ai, TRNSPRT_QUIC); if(result) goto out; - cf->conn = conn; - udp_cf->conn = cf->conn; - udp_cf->sockindex = cf->sockindex; - cf->next = udp_cf; + cf->next->conn = cf->conn; + cf->next->sockindex = cf->sockindex; out: *pcf = (!result) ? cf : NULL; if(result) { - if(udp_cf) - Curl_conn_cf_discard_sub(cf, udp_cf, data, TRUE); - Curl_safefree(cf); - cf_osslq_ctx_free(ctx); + if(cf) + Curl_conn_cf_discard_chain(&cf, data); + else if(ctx) + cf_osslq_ctx_free(ctx); } return result; } diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c index 8f0535d65d..c1563c4e63 100644 --- a/lib/vquic/curl_quiche.c +++ b/lib/vquic/curl_quiche.c @@ -1636,7 +1636,7 @@ CURLcode Curl_cf_quiche_create(struct Curl_cfilter **pcf, const struct Curl_addrinfo *ai) { struct cf_quiche_ctx *ctx = NULL; - struct Curl_cfilter *cf = NULL, *udp_cf = NULL; + struct Curl_cfilter *cf = NULL; CURLcode result; (void)data; @@ -1651,22 +1651,21 @@ CURLcode Curl_cf_quiche_create(struct Curl_cfilter **pcf, result = Curl_cf_create(&cf, &Curl_cft_http3, ctx); if(result) goto out; + cf->conn = conn; - result = Curl_cf_udp_create(&udp_cf, data, conn, ai, TRNSPRT_QUIC); + result = Curl_cf_udp_create(&cf->next, data, conn, ai, TRNSPRT_QUIC); if(result) goto out; - - udp_cf->conn = cf->conn; - udp_cf->sockindex = cf->sockindex; - cf->next = udp_cf; + cf->next->conn = cf->conn; + cf->next->sockindex = cf->sockindex; out: *pcf = (!result) ? cf : NULL; if(result) { - if(udp_cf) - Curl_conn_cf_discard_sub(cf, udp_cf, data, TRUE); - Curl_safefree(cf); - cf_quiche_ctx_free(ctx); + if(cf) + Curl_conn_cf_discard_chain(&cf, data); + else if(ctx) + cf_quiche_ctx_free(ctx); } return result; diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c index f17f9142be..bfec585ce2 100644 --- a/lib/vtls/vtls.c +++ b/lib/vtls/vtls.c @@ -1862,7 +1862,7 @@ CURLcode Curl_ssl_cfilter_remove(struct Curl_easy *data, Curl_shutdown_clear(data, sockindex); if(!result && !done) /* blocking failed? */ result = CURLE_SSL_SHUTDOWN_FAILED; - Curl_conn_cf_discard_sub(head, cf, data, FALSE); + Curl_conn_cf_discard(&cf, data); CURL_TRC_CF(data, cf, "shutdown and remove SSL, done -> %d", result); break; } From 5cc2b8344675140efc660d7a67958274c9caf590 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 18 Sep 2025 14:49:09 +0200 Subject: [PATCH 0059/2408] smb: adjust buffer size checks The checks did not account for the **two byte** 16bit read so risked reading one more byte than what actually was received. Reported-by: Joshua Rogers Closes #18599 --- lib/smb.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/smb.c b/lib/smb.c index 81cf6e7cc1..bf02119ea1 100644 --- a/lib/smb.c +++ b/lib/smb.c @@ -1104,7 +1104,7 @@ static CURLcode smb_request_state(struct Curl_easy *data, bool *done) break; case SMB_DOWNLOAD: - if(h->status || smbc->got < sizeof(struct smb_header) + 14) { + if(h->status || smbc->got < sizeof(struct smb_header) + 15) { req->result = CURLE_RECV_ERROR; next_state = SMB_CLOSE; break; @@ -1133,7 +1133,7 @@ static CURLcode smb_request_state(struct Curl_easy *data, bool *done) break; case SMB_UPLOAD: - if(h->status || smbc->got < sizeof(struct smb_header) + 6) { + if(h->status || smbc->got < sizeof(struct smb_header) + 7) { req->result = CURLE_UPLOAD_FAILED; next_state = SMB_CLOSE; break; From 232d5a2ed9c091c88e3b724a1e7d6d6e6cac0079 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 18 Sep 2025 15:02:03 +0200 Subject: [PATCH 0060/2408] openldap: avoid indexing the result at -1 for blank responses Reported-by: Joshua Rogers Closes #18600 --- lib/openldap.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/openldap.c b/lib/openldap.c index da26d4a78d..1f8737f524 100644 --- a/lib/openldap.c +++ b/lib/openldap.c @@ -1172,7 +1172,8 @@ static CURLcode oldap_recv(struct Curl_easy *data, int sockindex, char *buf, if(!binary) { /* check for leading or trailing whitespace */ if(ISBLANK(bvals[i].bv_val[0]) || - ISBLANK(bvals[i].bv_val[bvals[i].bv_len - 1])) + (bvals[i].bv_len && + ISBLANK(bvals[i].bv_val[bvals[i].bv_len - 1]))) binval = TRUE; else { /* check for unprintable characters */ From b4922b1295333dc6679eb1d588ddc2fb6b7fd5b7 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 16 Sep 2025 11:47:38 +0200 Subject: [PATCH 0061/2408] GHA/codeql: enable cares, debug, build curlinfo, examples Also build examples, out of curiousity, as an experiment, possibly temporary. It needs around 40 seconds. Closes #18564 --- .github/workflows/codeql.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 5ff3434442..2344f1d16f 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -79,7 +79,7 @@ jobs: sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list sudo apt-get -o Dpkg::Use-Pty=0 update sudo rm -f /var/lib/man-db/auto-update - sudo apt-get -o Dpkg::Use-Pty=0 install libpsl-dev libbrotli-dev libidn2-dev libssh2-1-dev \ + sudo apt-get -o Dpkg::Use-Pty=0 install libpsl-dev libbrotli-dev libidn2-dev libssh2-1-dev libc-ares-dev \ libnghttp2-dev libldap-dev heimdal-dev librtmp-dev libgnutls28-dev libwolfssl-dev /home/linuxbrew/.linuxbrew/bin/brew install gsasl libnghttp3 libngtcp2 mbedtls rustls-ffi @@ -108,12 +108,14 @@ jobs: # MultiSSL export PKG_CONFIG_PATH; PKG_CONFIG_PATH="$(brew --prefix mbedtls)/lib/pkgconfig:$(brew --prefix rustls-ffi)/lib/pkgconfig:$(brew --prefix gsasl)/lib/pkgconfig" - cmake -B _bld1 -G Ninja \ + cmake -B _bld1 -G Ninja -DENABLE_DEBUG=ON \ -DCURL_USE_GNUTLS=ON -DCURL_USE_MBEDTLS=ON -DCURL_USE_RUSTLS=ON -DCURL_USE_WOLFSSL=ON \ - -DUSE_LIBRTMP=ON -DCURL_USE_GSASL=ON -DCURL_USE_GSSAPI=ON -DUSE_SSLS_EXPORT=ON + -DUSE_LIBRTMP=ON -DCURL_USE_GSASL=ON -DCURL_USE_GSSAPI=ON -DUSE_SSLS_EXPORT=ON -DENABLE_ARES=ON cmake --build _bld1 --verbose + cmake --build _bld1 --verbose --target curlinfo cmake --build _bld1 --verbose --target servers cmake --build _bld1 --verbose --target tunits + cmake --build _bld1 --verbose --target curl-examples-build # HTTP/3 export PKG_CONFIG_PATH; PKG_CONFIG_PATH="$(brew --prefix libnghttp3)/lib/pkgconfig:$(brew --prefix libngtcp2)/lib/pkgconfig:$(brew --prefix gsasl)/lib/pkgconfig" From 44a586472b42a288836f730b4b3b7dd5490057f6 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 18 Sep 2025 15:50:17 +0200 Subject: [PATCH 0062/2408] ldap: do not base64 encode zero length string Reported-by: Joshua Rogers Closes #18602 --- lib/ldap.c | 34 ++++++++++++++++++---------------- 1 file changed, 18 insertions(+), 16 deletions(-) diff --git a/lib/ldap.c b/lib/ldap.c index c66a56d7bb..4b232e2bb6 100644 --- a/lib/ldap.c +++ b/lib/ldap.c @@ -634,22 +634,9 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done) if((attr_len > 7) && (strcmp(";binary", attr + (attr_len - 7)) == 0)) { /* Binary attribute, encode to base64. */ - result = curlx_base64_encode(vals[i]->bv_val, vals[i]->bv_len, - &val_b64, &val_b64_sz); - if(result) { - ldap_value_free_len(vals); - FREE_ON_WINLDAP(attr); - ldap_memfree(attribute); - if(ber) - ber_free(ber, 0); - - goto quit; - } - - if(val_b64_sz > 0) { - result = Curl_client_write(data, CLIENTWRITE_BODY, val_b64, - val_b64_sz); - free(val_b64); + if(vals[i]->bv_len) { + result = curlx_base64_encode(vals[i]->bv_val, vals[i]->bv_len, + &val_b64, &val_b64_sz); if(result) { ldap_value_free_len(vals); FREE_ON_WINLDAP(attr); @@ -659,6 +646,21 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done) goto quit; } + + if(val_b64_sz > 0) { + result = Curl_client_write(data, CLIENTWRITE_BODY, val_b64, + val_b64_sz); + free(val_b64); + if(result) { + ldap_value_free_len(vals); + FREE_ON_WINLDAP(attr); + ldap_memfree(attribute); + if(ber) + ber_free(ber, 0); + + goto quit; + } + } } } else { From a80abc45a572132b7f425e526cd60c0cf49f28e2 Mon Sep 17 00:00:00 2001 From: Joshua Rogers Date: Tue, 16 Sep 2025 23:27:23 +0500 Subject: [PATCH 0063/2408] sasl: clear canceled mechanism instead of toggling it Use &= ~authused in SASL_CANCEL (was ^=) to actually remove the offending mechanism and avoid re-enabling a disabled mech on retry. Closes #18573 --- lib/curl_sasl.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c index 8eb63fb949..9c86f3ea08 100644 --- a/lib/curl_sasl.c +++ b/lib/curl_sasl.c @@ -812,7 +812,9 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct Curl_easy *data, case SASL_CANCEL: /* Remove the offending mechanism from the supported list */ - sasl->authmechs ^= sasl->authused; + sasl->authmechs &= (unsigned short)~sasl->authused; + sasl->authused = SASL_AUTH_NONE; + sasl->curmech = NULL; /* Start an alternative SASL authentication */ return Curl_sasl_start(sasl, data, sasl->force_ir, progress); From f8175b1536610ec60a9d2dce5a055d59287af4d5 Mon Sep 17 00:00:00 2001 From: Jay Satiro Date: Thu, 18 Sep 2025 02:07:17 -0400 Subject: [PATCH 0064/2408] socks_sspi: Fix some memory cleanup calls - Ensure memory allocated by malloc() is freed by free(). Prior to this change SSPI's FreeContextBuffer() was sometimes used to free malloc'd memory. I can only assume the reason we have no crash reports about this is because the underlying heap free is probably the same for both. Reported-by: Joshua Rogers Fixes https://github.com/curl/curl/issues/18587 Closes https://github.com/curl/curl/pull/18594 --- lib/socks_sspi.c | 102 +++++++++++++++++++++++++---------------------- 1 file changed, 55 insertions(+), 47 deletions(-) diff --git a/lib/socks_sspi.c b/lib/socks_sspi.c index c106fec0c8..3ff3b723f9 100644 --- a/lib/socks_sspi.c +++ b/lib/socks_sspi.c @@ -90,6 +90,8 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, unsigned char socksreq[4]; /* room for GSS-API exchange header only */ const char *service = data->set.str[STRING_PROXY_SERVICE_NAME] ? data->set.str[STRING_PROXY_SERVICE_NAME] : "rcmd"; + char *etbuf; + size_t etbuf_size; /* GSS-API request looks like * +----+------+-----+----------------+ @@ -131,11 +133,14 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, wrap_desc.pBuffers = sspi_w_token; wrap_desc.ulVersion = SECBUFFER_VERSION; - cred_handle.dwLower = 0; - cred_handle.dwUpper = 0; + memset(&cred_handle, 0, sizeof(cred_handle)); + memset(&sspi_context, 0, sizeof(sspi_context)); names.sUserName = NULL; + etbuf = NULL; + etbuf_size = 0; + status = Curl_pSecFn->AcquireCredentialsHandle(NULL, (TCHAR *)CURL_UNCONST(TEXT("Kerberos")), @@ -178,11 +183,8 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, curlx_unicodefree(sname); - if(sspi_recv_token.pvBuffer) { - Curl_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer); - sspi_recv_token.pvBuffer = NULL; - sspi_recv_token.cbBuffer = 0; - } + Curl_safefree(sspi_recv_token.pvBuffer); + sspi_recv_token.cbBuffer = 0; if(check_sspi_err(data, status, "InitializeSecurityContext")) { failf(data, "Failed to initialise security context."); @@ -220,10 +222,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, } sspi_send_token.cbBuffer = 0; - if(sspi_recv_token.pvBuffer) { - Curl_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer); - sspi_recv_token.pvBuffer = NULL; - } + Curl_safefree(sspi_recv_token.pvBuffer); sspi_recv_token.cbBuffer = 0; if(status != SEC_I_CONTINUE_NEEDED) @@ -289,7 +288,6 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, status = Curl_pSecFn->QueryCredentialsAttributes(&cred_handle, SECPKG_CRED_ATTR_NAMES, &names); - Curl_pSecFn->FreeCredentialsHandle(&cred_handle); if(check_sspi_err(data, status, "QueryCredentialAttributes")) { failf(data, "Failed to determine username."); result = CURLE_COULDNT_CONNECT; @@ -303,6 +301,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, curlx_unicodefree(user_utf8); #endif Curl_pSecFn->FreeContextBuffer(names.sUserName); + names.sUserName = NULL; } /* Do encryption */ @@ -399,35 +398,30 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, result = CURLE_COULDNT_CONNECT; goto error; } - sspi_send_token.cbBuffer = sspi_w_token[0].cbBuffer + - sspi_w_token[1].cbBuffer + - sspi_w_token[2].cbBuffer; - sspi_send_token.pvBuffer = malloc(sspi_send_token.cbBuffer); - if(!sspi_send_token.pvBuffer) { + + etbuf_size = sspi_w_token[0].cbBuffer + + sspi_w_token[1].cbBuffer + + sspi_w_token[2].cbBuffer; + etbuf = malloc(etbuf_size); + if(!etbuf) { result = CURLE_OUT_OF_MEMORY; goto error; } - memcpy(sspi_send_token.pvBuffer, sspi_w_token[0].pvBuffer, - sspi_w_token[0].cbBuffer); - memcpy((PUCHAR) sspi_send_token.pvBuffer +(int)sspi_w_token[0].cbBuffer, + memcpy(etbuf, sspi_w_token[0].pvBuffer, sspi_w_token[0].cbBuffer); + memcpy(etbuf + sspi_w_token[0].cbBuffer, sspi_w_token[1].pvBuffer, sspi_w_token[1].cbBuffer); - memcpy((PUCHAR) sspi_send_token.pvBuffer + - sspi_w_token[0].cbBuffer + - sspi_w_token[1].cbBuffer, + memcpy(etbuf + sspi_w_token[0].cbBuffer + sspi_w_token[1].cbBuffer, sspi_w_token[2].pvBuffer, sspi_w_token[2].cbBuffer); - Curl_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer); - sspi_w_token[0].pvBuffer = NULL; + Curl_safefree(sspi_w_token[0].pvBuffer); sspi_w_token[0].cbBuffer = 0; - Curl_pSecFn->FreeContextBuffer(sspi_w_token[1].pvBuffer); - sspi_w_token[1].pvBuffer = NULL; + Curl_safefree(sspi_w_token[1].pvBuffer); sspi_w_token[1].cbBuffer = 0; - Curl_pSecFn->FreeContextBuffer(sspi_w_token[2].pvBuffer); - sspi_w_token[2].pvBuffer = NULL; + Curl_safefree(sspi_w_token[2].pvBuffer); sspi_w_token[2].cbBuffer = 0; - us_length = htons((unsigned short)sspi_send_token.cbBuffer); + us_length = htons((unsigned short)etbuf_size); memcpy(socksreq + 2, &us_length, sizeof(short)); } @@ -450,16 +444,14 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, } } else { - code = Curl_conn_cf_send(cf->next, data, - (char *)sspi_send_token.pvBuffer, - sspi_send_token.cbBuffer, FALSE, &written); - if(code || (sspi_send_token.cbBuffer != (size_t)written)) { + code = Curl_conn_cf_send(cf->next, data, etbuf, etbuf_size, + FALSE, &written); + if(code || (etbuf_size != written)) { failf(data, "Failed to send SSPI encryption type."); result = CURLE_COULDNT_CONNECT; goto error; } - if(sspi_send_token.pvBuffer) - Curl_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer); + Curl_safefree(etbuf); } result = Curl_blockread_all(cf, data, (char *)socksreq, 4, &actualread); @@ -514,8 +506,16 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, status = Curl_pSecFn->DecryptMessage(&sspi_context, &wrap_desc, 0, &qop); + /* since sspi_w_token[1].pvBuffer is allocated by the SSPI in this case, it + must be freed in this block using FreeContextBuffer() instead of + potentially in error cleanup using free(). */ + if(check_sspi_err(data, status, "DecryptMessage")) { failf(data, "Failed to query security context attributes."); + if(sspi_w_token[1].pvBuffer) { + Curl_pSecFn->FreeContextBuffer(sspi_w_token[1].pvBuffer); + sspi_w_token[1].pvBuffer = NULL; + } result = CURLE_COULDNT_CONNECT; goto error; } @@ -523,13 +523,20 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, if(sspi_w_token[1].cbBuffer != 1) { failf(data, "Invalid SSPI encryption response length (%lu).", (unsigned long)sspi_w_token[1].cbBuffer); + if(sspi_w_token[1].pvBuffer) { + Curl_pSecFn->FreeContextBuffer(sspi_w_token[1].pvBuffer); + sspi_w_token[1].pvBuffer = NULL; + } result = CURLE_COULDNT_CONNECT; goto error; } memcpy(socksreq, sspi_w_token[1].pvBuffer, sspi_w_token[1].cbBuffer); - Curl_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer); + Curl_safefree(sspi_w_token[0].pvBuffer); + sspi_w_token[0].cbBuffer = 0; Curl_pSecFn->FreeContextBuffer(sspi_w_token[1].pvBuffer); + sspi_w_token[1].pvBuffer = NULL; + sspi_w_token[1].cbBuffer = 0; } else { if(sspi_w_token[0].cbBuffer != 1) { @@ -539,7 +546,8 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, goto error; } memcpy(socksreq, sspi_w_token[0].pvBuffer, sspi_w_token[0].cbBuffer); - Curl_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer); + Curl_safefree(sspi_w_token[0].pvBuffer); + sspi_w_token[0].cbBuffer = 0; } (void)curlx_nonblock(sock, TRUE); @@ -557,24 +565,24 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, conn->socks5_sspi_context = sspi_context; } */ + + Curl_pSecFn->DeleteSecurityContext(&sspi_context); + Curl_pSecFn->FreeCredentialsHandle(&cred_handle); return CURLE_OK; error: (void)curlx_nonblock(sock, TRUE); free(service_name); - Curl_pSecFn->FreeCredentialsHandle(&cred_handle); Curl_pSecFn->DeleteSecurityContext(&sspi_context); - if(sspi_recv_token.pvBuffer) - Curl_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer); + Curl_pSecFn->FreeCredentialsHandle(&cred_handle); + free(sspi_recv_token.pvBuffer); if(sspi_send_token.pvBuffer) Curl_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer); if(names.sUserName) Curl_pSecFn->FreeContextBuffer(names.sUserName); - if(sspi_w_token[0].pvBuffer) - Curl_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer); - if(sspi_w_token[1].pvBuffer) - Curl_pSecFn->FreeContextBuffer(sspi_w_token[1].pvBuffer); - if(sspi_w_token[2].pvBuffer) - Curl_pSecFn->FreeContextBuffer(sspi_w_token[2].pvBuffer); + free(sspi_w_token[0].pvBuffer); + free(sspi_w_token[1].pvBuffer); + free(sspi_w_token[2].pvBuffer); + free(etbuf); return result; } #endif From ad147ec53de822a18b5dec63b72f43688ae53869 Mon Sep 17 00:00:00 2001 From: Joshua Rogers Date: Wed, 17 Sep 2025 00:52:28 +0500 Subject: [PATCH 0065/2408] tftp: propagate expired timer from tftp_state_timeout() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When Curl_timeleft() < 0 we used to return 0, masking the expiry and skipping the caller’s (timeout_ms < 0) path. Now we set FIN and return the negative value so tftp_multi_statemach() aborts with CURLE_OPERATION_TIMEDOUT as intended. Closes #18574 --- lib/tftp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/tftp.c b/lib/tftp.c index 4c2fadc2ca..620ab1e70d 100644 --- a/lib/tftp.c +++ b/lib/tftp.c @@ -1184,7 +1184,7 @@ static timediff_t tftp_state_timeout(struct tftp_conn *state, if(timeout_ms < 0) { state->error = TFTP_ERR_TIMEOUT; state->state = TFTP_STATE_FIN; - return 0; + return timeout_ms; } current = time(NULL); if(current > state->rx_time + state->retry_time) { From 54aff4db3c620fd1fcd7c7a7f949fd8ca3773eb8 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 18 Sep 2025 17:32:39 +0200 Subject: [PATCH 0066/2408] tftp: check and act on tftp_set_timeouts() returning error Reported-by: Joshua Rogers Ref: https://github.com/curl/curl/pull/18574#issuecomment-3300183302 Closes #18603 --- lib/tftp.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/lib/tftp.c b/lib/tftp.c index 620ab1e70d..84b92ee488 100644 --- a/lib/tftp.c +++ b/lib/tftp.c @@ -962,6 +962,7 @@ static CURLcode tftp_connect(struct Curl_easy *data, bool *done) int need_blksize; struct connectdata *conn = data->conn; const struct Curl_sockaddr_ex *remote_addr = NULL; + CURLcode result; blksize = TFTP_BLKSIZE_DEFAULT; @@ -1013,7 +1014,9 @@ static CURLcode tftp_connect(struct Curl_easy *data, bool *done) ((struct sockaddr *)&state->local_addr)->sa_family = (CURL_SA_FAMILY_T)(remote_addr->family); - tftp_set_timeouts(state); + result = tftp_set_timeouts(state); + if(result) + return result; if(!conn->bits.bound) { /* If not already bound, bind to any interface, random UDP port. If it is From ce354d0f4d251371f65f1770d95bba1d926de421 Mon Sep 17 00:00:00 2001 From: Jay Satiro Date: Thu, 18 Sep 2025 11:38:20 -0400 Subject: [PATCH 0067/2408] tool_operate: Improve wording in retry message - Use the plural 'seconds' for anything other than exactly 1 second. Before: Will retry in 1.250 second. After: Will retry in 1.250 seconds. Follow-up to ca034e83. Closes https://github.com/curl/curl/pull/18604 --- src/tool_operate.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/tool_operate.c b/src/tool_operate.c index 4337cdee60..75926d704b 100644 --- a/src/tool_operate.c +++ b/src/tool_operate.c @@ -480,7 +480,7 @@ static CURLcode retrycheck(struct OperationConfig *config, (sleeptime%1000L ? "." : ""), (sleeptime%1000L ? 3 : 0), sleeptime%1000L, - (sleeptime/1000L == 1 ? "" : "s"), + (sleeptime == 1000L ? "" : "s"), per->retry_remaining, (per->retry_remaining > 1 ? "ies" : "y")); From f13250edf11312ab8c0425cf39b182a31b53c6f7 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 18 Sep 2025 18:50:09 +0200 Subject: [PATCH 0068/2408] examples: fix two issues found by CodeQL - http2-upload: use `fstat()` to query file length to fix TOCTOU. - ftpuploadresume: fix checking `sscanf()` return value. Follow-up to b4922b1295333dc6679eb1d588ddc2fb6b7fd5b7 #18564 Closes #18605 --- docs/examples/ftpuploadresume.c | 2 +- docs/examples/http2-upload.c | 26 ++++++++++++++++---------- 2 files changed, 17 insertions(+), 11 deletions(-) diff --git a/docs/examples/ftpuploadresume.c b/docs/examples/ftpuploadresume.c index b02ad928a6..67495aec68 100644 --- a/docs/examples/ftpuploadresume.c +++ b/docs/examples/ftpuploadresume.c @@ -38,7 +38,7 @@ static size_t getcontentlengthfunc(void *ptr, size_t size, size_t nmemb, long len = 0; r = sscanf(ptr, "Content-Length: %ld\n", &len); - if(r) + if(r == 1) *((long *) stream) = len; return size * nmemb; diff --git a/docs/examples/http2-upload.c b/docs/examples/http2-upload.c index 482889ea18..31f4ed56e1 100644 --- a/docs/examples/http2-upload.c +++ b/docs/examples/http2-upload.c @@ -45,6 +45,9 @@ #ifdef _WIN32 #undef stat #define stat _stat +#undef fstat +#define fstat _fstat +#define fileno _fileno #endif /* curl stuff */ @@ -223,16 +226,6 @@ static int setup(struct input *i, int num, const char *upload) curl_msnprintf(url, 256, "https://localhost:8443/upload-%d", num); - /* get the file size of the local file */ - if(stat(upload, &file_info)) { - fprintf(stderr, "error: could not stat file %s: %s\n", upload, - strerror(errno)); - fclose(out); - return 1; - } - - uploadsize = file_info.st_size; - i->in = fopen(upload, "rb"); if(!i->in) { fprintf(stderr, "error: could not open file %s for reading: %s\n", upload, @@ -241,6 +234,19 @@ static int setup(struct input *i, int num, const char *upload) return 1; } +#ifdef UNDER_CE + if(stat(upload, &file_info) != 0) { +#else + if(fstat(fileno(i->in), &file_info) != 0) { +#endif + fprintf(stderr, "error: could not stat file %s: %s\n", upload, + strerror(errno)); + fclose(out); + return 1; + } + + uploadsize = file_info.st_size; + hnd = i->hnd = curl_easy_init(); /* write to this file */ From cec6c1cd9c3923e2b583ba2f0756a733ad25293e Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 18 Sep 2025 20:26:15 +0200 Subject: [PATCH 0069/2408] GHA/codeql: make it run on docs updates, to verify examples Follow-up to b4922b1295333dc6679eb1d588ddc2fb6b7fd5b7 #18564 --- .github/workflows/codeql.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 2344f1d16f..7b2922e2bb 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -13,7 +13,6 @@ name: 'CodeQL' - '**/*.md' - '.circleci/**' - 'appveyor.*' - - 'docs/**' - 'packages/**' - 'plan9/**' - 'projects/**' @@ -26,7 +25,6 @@ name: 'CodeQL' - '**/*.md' - '.circleci/**' - 'appveyor.*' - - 'docs/**' - 'packages/**' - 'plan9/**' - 'projects/**' From 9f18cb6544bbf47e2e2fad6564bc03098273c7bc Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 18 Sep 2025 14:02:51 +0200 Subject: [PATCH 0070/2408] libssh2: error check and null-terminate in ssh_state_sftp_readdir_link() - null-terminate the result to match the other getter `libssh2_sftp_symlink_ex()` call. - check negative result and bail out early. Reported-by: Joshua Rogers Closes #18598 --- lib/vssh/libssh2.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c index 5dfc377ec1..73d48077b5 100644 --- a/lib/vssh/libssh2.c +++ b/lib/vssh/libssh2.c @@ -2405,6 +2405,12 @@ static CURLcode ssh_state_sftp_readdir_link(struct Curl_easy *data, curlx_dyn_free(&sshp->readdir_link); + if(rc < 0) + return CURLE_OUT_OF_MEMORY; + + /* It seems that this string is not always null-terminated */ + sshp->readdir_filename[rc] = '\0'; + /* append filename and extra output */ result = curlx_dyn_addf(&sshp->readdir, " -> %s", sshp->readdir_filename); if(result) From 9fb8d567ca96659dc0d35cc82f160a721adf6edd Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 19 Sep 2025 08:47:15 +0200 Subject: [PATCH 0071/2408] tool_operate: keep the progress meter for --out-null Fixes #18607 Closes #18609 --- src/tool_operate.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/tool_operate.c b/src/tool_operate.c index 75926d704b..8ca3c14e8f 100644 --- a/src/tool_operate.c +++ b/src/tool_operate.c @@ -1277,8 +1277,8 @@ static CURLcode single_transfer(struct OperationConfig *config, config->resume_from = -1; /* -1 will then force get-it-yourself */ } - if(output_expected(per->url, per->uploadfile) && outs->stream && - isatty(fileno(outs->stream))) + if(!outs->out_null && output_expected(per->url, per->uploadfile) && + outs->stream && isatty(fileno(outs->stream))) /* we send the output to a tty, therefore we switch off the progress meter */ per->noprogress = global->noprogress = global->isatty = TRUE; From 0d9a07abb731cc52a220f48430f66b546965594f Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 18 Sep 2025 23:25:28 +0200 Subject: [PATCH 0072/2408] libssh2: drop two redundant null-terminations The null-termination was first added in the initial SFTP commit in 2006: a634f644005cbe2b3dea2b84328d605ec3474054 At that time this was a reasonable concern because libssh2 started null-terminating this string just one year prior, in 2005: https://github.com/libssh2/libssh2/commit/efc3841fd2c2c945e96492e9089e4d1810709d53 This fix was released in libssh2 v0.13 (2006-03-02). curl requires libssh2 v1.2.8, making this workaround no longer necessary. Follow-up to 9f18cb6544bbf47e2e2fad6564bc03098273c7bc #18598 Closes #18606 --- lib/vssh/libssh2.c | 5 ----- 1 file changed, 5 deletions(-) diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c index 73d48077b5..69284407ab 100644 --- a/lib/vssh/libssh2.c +++ b/lib/vssh/libssh2.c @@ -1995,8 +1995,6 @@ static CURLcode ssh_state_sftp_realpath(struct Curl_easy *data, return CURLE_AGAIN; if(rc > 0) { - /* It seems that this string is not always null-terminated */ - sshp->readdir_filename[rc] = '\0'; free(sshc->homedir); sshc->homedir = strdup(sshp->readdir_filename); if(!sshc->homedir) { @@ -2408,9 +2406,6 @@ static CURLcode ssh_state_sftp_readdir_link(struct Curl_easy *data, if(rc < 0) return CURLE_OUT_OF_MEMORY; - /* It seems that this string is not always null-terminated */ - sshp->readdir_filename[rc] = '\0'; - /* append filename and extra output */ result = curlx_dyn_addf(&sshp->readdir, " -> %s", sshp->readdir_filename); if(result) From 9618c337d1c876df04599462fbdb73d370162dbf Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 19 Sep 2025 10:19:29 +0200 Subject: [PATCH 0073/2408] GHA/codeql: try disabling the TRAP cache The `cpp` CodeQL job is adding a cache entry for each run on the master branch. One for Linux, another for Windows. Size: 68MB + 180MB = 248MB. In one week we got 50+ such entries, almost filling the available cache space. Following the recommendation in an open issue thread, this patch tries to disable this cache. Since it only affects master, the effect can only be verified after merging. The latest cache is picked up in PRs. The performance impact is also to be seen after merge. Bug: https://github.com/curl/curl/pull/18528#issuecomment-3288950880 Ref: https://github.com/github/codeql-action/pull/1172 Ref: https://github.com/github/codeql-action/issues/2030 Ref: https://github.com/github/codeql-action/issues/2885#issuecomment-2879069087 Follow-up to cc50f05370981e4933504e8aaec6b15880ff847f #18528 Closes #18613 --- .github/workflows/codeql.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 7b2922e2bb..ec41fcf626 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -90,6 +90,7 @@ jobs: with: languages: cpp build-mode: manual + trap-caching: false - name: 'build' timeout-minutes: 10 From b2356a31974e137e304c35f2c0f7c7a4a988eeb6 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 19 Sep 2025 14:20:14 +0200 Subject: [PATCH 0074/2408] GHA: tidy up actions/checkout version in comments [ci skip] --- .github/workflows/checkdocs.yml | 2 +- .github/workflows/codeql.yml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/checkdocs.yml b/.github/workflows/checkdocs.yml index 36a4ff999e..f236ebc850 100644 --- a/.github/workflows/checkdocs.yml +++ b/.github/workflows/checkdocs.yml @@ -39,7 +39,7 @@ jobs: # name: 'proselint' # runs-on: ubuntu-latest # steps: - # - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 + # - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 # with: # persist-credentials: false # diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index ec41fcf626..b5e05efe46 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -45,7 +45,7 @@ jobs: permissions: security-events: write # To create/update security events steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v4 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 with: persist-credentials: false @@ -81,7 +81,7 @@ jobs: libnghttp2-dev libldap-dev heimdal-dev librtmp-dev libgnutls28-dev libwolfssl-dev /home/linuxbrew/.linuxbrew/bin/brew install gsasl libnghttp3 libngtcp2 mbedtls rustls-ffi - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v4 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 with: persist-credentials: false From 4f5528675a1bc1008748c3c0f636ab4c1ec6d9c0 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 19 Sep 2025 13:35:23 +0200 Subject: [PATCH 0075/2408] libssh: react on errors from ssh_scp_read Reported in Joshua's sarif data Closes #18616 --- lib/vssh/libssh.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c index 695532ff85..2554468c4b 100644 --- a/lib/vssh/libssh.c +++ b/lib/vssh/libssh.c @@ -2889,7 +2889,7 @@ static CURLcode scp_recv(struct Curl_easy *data, int sockindex, { struct connectdata *conn = data->conn; struct ssh_conn *sshc = Curl_conn_meta_get(conn, CURL_META_SSH_CONN); - ssize_t nread; + int nread; (void)sockindex; /* we only support SCP on the fixed known primary socket */ *pnread = 0; @@ -2899,7 +2899,8 @@ static CURLcode scp_recv(struct Curl_easy *data, int sockindex, /* libssh returns int */ nread = ssh_scp_read(sshc->scp_session, mem, len); - + if(nread == SSH_ERROR) + return CURLE_SSH; #if 0 /* The following code is misleading, mostly added as wishful thinking * that libssh at some point will implement non-blocking ssh_scp_write/read. From df60e8fe701e189e7629fd08b61950a0fb1b697a Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 19 Sep 2025 13:23:14 +0200 Subject: [PATCH 0076/2408] cf_socket_recv: don't count reading zero bytes as first byte Reported in Joshua's sarif data Closes #18615 --- lib/cf-socket.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/cf-socket.c b/lib/cf-socket.c index f449ca36ca..308325ccdc 100644 --- a/lib/cf-socket.c +++ b/lib/cf-socket.c @@ -1578,7 +1578,7 @@ static CURLcode cf_socket_recv(struct Curl_cfilter *cf, struct Curl_easy *data, *pnread = (size_t)nread; CURL_TRC_CF(data, cf, "recv(len=%zu) -> %d, %zu", len, result, *pnread); - if(!result && !ctx->got_first_byte) { + if(!result && !ctx->got_first_byte && nread) { ctx->first_byte_at = curlx_now(); ctx->got_first_byte = TRUE; } From 1055864b03beee1615c04421854e5e927a0cdb5d Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 19 Sep 2025 14:19:26 +0200 Subject: [PATCH 0077/2408] telnet: make printsub require another byte input Reported in Joshua's sarif data Closes #18618 --- lib/telnet.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/telnet.c b/lib/telnet.c index cc827c1b3e..05e5ebe60c 100644 --- a/lib/telnet.c +++ b/lib/telnet.c @@ -713,7 +713,7 @@ static void printsub(struct Curl_easy *data, else /* bad input */ return; } - if(length < 1) { + if(length <= 1) { infof(data, "(Empty suboption?)"); return; } From fd6eb8d6e77d95e71c0c55678b46173b21edd1e9 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 19 Sep 2025 15:59:57 +0200 Subject: [PATCH 0078/2408] cookie: avoid saving a cookie file if no transfer was done Because parts of the cookie loading happens on transfer start the in-memory cookie jar risks being incomplete and then a save might wrongly truncate the target file. Added test 1902 to verify. Reported-by: divinity76 on github Fixes #18621 Closes #18622 --- lib/cookie.c | 12 +++++----- tests/data/Makefile.am | 2 +- tests/data/test1902 | 43 ++++++++++++++++++++++++++++++++++ tests/libtest/Makefile.inc | 2 +- tests/libtest/lib1902.c | 48 ++++++++++++++++++++++++++++++++++++++ 5 files changed, 99 insertions(+), 8 deletions(-) create mode 100644 tests/data/test1902 create mode 100644 tests/libtest/lib1902.c diff --git a/lib/cookie.c b/lib/cookie.c index 35d33268f9..90d375a761 100644 --- a/lib/cookie.c +++ b/lib/cookie.c @@ -1658,18 +1658,18 @@ void Curl_flush_cookies(struct Curl_easy *data, bool cleanup) { CURLcode res; - if(data->set.str[STRING_COOKIEJAR]) { - Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE); - + Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE); + /* only save the cookie file if a transfer was started (data->state.url is + set), as otherwise the cookies were not completely initialized and there + might be cookie files that weren't loaded so saving the file is the wrong + thing. */ + if(data->set.str[STRING_COOKIEJAR] && data->state.url) { /* if we have a destination file for all the cookies to get dumped to */ res = cookie_output(data, data->cookies, data->set.str[STRING_COOKIEJAR]); if(res) infof(data, "WARNING: failed to save cookies in %s: %s", data->set.str[STRING_COOKIEJAR], curl_easy_strerror(res)); } - else { - Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE); - } if(cleanup && (!data->share || (data->cookies != data->share->cookies))) { Curl_cookie_cleanup(data->cookies); diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am index 4523de4886..dfff012257 100644 --- a/tests/data/Makefile.am +++ b/tests/data/Makefile.am @@ -232,7 +232,7 @@ test1708 test1709 test1710 \ \ test1800 test1801 \ \ -test1900 test1901 test1903 test1904 test1905 test1906 test1907 \ +test1900 test1901 test1902 test1903 test1904 test1905 test1906 test1907 \ test1908 test1909 test1910 test1911 test1912 test1913 test1914 test1915 \ test1916 test1917 test1918 test1919 \ \ diff --git a/tests/data/test1902 b/tests/data/test1902 new file mode 100644 index 0000000000..7bf70e9068 --- /dev/null +++ b/tests/data/test1902 @@ -0,0 +1,43 @@ + + + +cookies + + + +# Client-side + + + +set COOKIEFILE and COOKIEJAR but make no transfer + + +cookies + + +lib%TESTNUMBER + + + +%LOGDIR/cookie%TESTNUMBER + + +# Netscape HTTP Cookie File +# https://curl.se/docs/http-cookies.html +# This file was generated by libcurl! Edit at your own risk. + +example.com FALSE / FALSE 0 has_js 1 + + + +# Verify data after the test has been "shot" + + +# Netscape HTTP Cookie File +# https://curl.se/docs/http-cookies.html +# This file was generated by libcurl! Edit at your own risk. + +example.com FALSE / FALSE 0 has_js 1 + + + diff --git a/tests/libtest/Makefile.inc b/tests/libtest/Makefile.inc index 40ec0d1559..00273f9e9d 100644 --- a/tests/libtest/Makefile.inc +++ b/tests/libtest/Makefile.inc @@ -90,7 +90,7 @@ TESTS_C = \ lib1591.c lib1592.c lib1593.c lib1594.c lib1597.c \ lib1598.c lib1599.c \ lib1662.c \ - lib1900.c lib1901.c lib1903.c lib1905.c lib1906.c lib1907.c \ + lib1900.c lib1901.c lib1902.c lib1903.c lib1905.c lib1906.c lib1907.c \ lib1908.c lib1910.c lib1911.c lib1912.c lib1913.c \ lib1915.c lib1916.c lib1918.c lib1919.c \ lib1933.c lib1934.c lib1935.c lib1936.c lib1937.c lib1938.c lib1939.c \ diff --git a/tests/libtest/lib1902.c b/tests/libtest/lib1902.c new file mode 100644 index 0000000000..8e5929e338 --- /dev/null +++ b/tests/libtest/lib1902.c @@ -0,0 +1,48 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + * SPDX-License-Identifier: curl + * + ***************************************************************************/ +#include "first.h" + +#include "memdebug.h" + +static CURLcode test_lib1902(const char *URL) +{ + CURLcode res = CURLE_OK; + CURL *curl; + + curl_global_init(CURL_GLOBAL_ALL); + + curl = curl_easy_init(); + if(curl) { + easy_setopt(curl, CURLOPT_COOKIEFILE, URL); + easy_setopt(curl, CURLOPT_COOKIEJAR, URL); + + /* Do not perform any actual network operation, + the issue occur when not calling curl.*perform */ + } + +test_cleanup: + curl_easy_cleanup(curl); + curl_global_cleanup(); + return res; +} From b0c823b86fa00e6a41a61614b45999e94b573eaf Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 19 Sep 2025 16:47:01 +0200 Subject: [PATCH 0079/2408] RELEASE-NOTES: synced and bump to 8.17.0 --- RELEASE-NOTES | 65 ++++++++++++++++++++++++++++++++++++++---- include/curl/curlver.h | 8 +++--- 2 files changed, 63 insertions(+), 10 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index c6fb253c75..69b05b895a 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -1,10 +1,10 @@ -curl and libcurl 8.16.1 +curl and libcurl 8.17.0 Public curl releases: 271 Command line options: 272 curl_easy_setopt() options: 308 Public functions in libcurl: 98 - Contributors: 3502 + Contributors: 3504 This release includes the following changes: @@ -13,8 +13,12 @@ This release includes the following bugfixes: o asyn-thrdd: drop pthread_cancel [30] o aws-lc: re-enable large read-ahead with v1.61.0 again [16] + o cf_socket_recv: don't count reading zero bytes as first byte [23] + o cfilter: unlink and discard [46] o cmake: fix building docs when the base directory contains `.3` [18] o cmdline-docs: extended, clarified, refreshed [28] + o configure: add "-mt" for pthread support on HP-UX [52] + o cookie: avoid saving a cookie file if no transfer was done [11] o curl_easy_getinfo: error code on NULL arg [2] o curl_mem_undef.h: limit to `CURLDEBUG` for non-memalloc overrides [19] o CURLINFO_FTP_ENTRY_PATH.md: this is for SFTP as well [8] @@ -26,17 +30,39 @@ This release includes the following bugfixes: o docs/libcurl: remove ancient version references [7] o docs/libcurl: use lowercase must [5] o easy_getinfo: check magic, Curl_close safety [3] + o examples: fix two issues found by CodeQL [35] o krb5: return appropriate error on send failures [22] + o ldap: do not base64 encode zero length string [42] + o libcurl-multi.md: added curl_multi_get_offt mention [53] o libcurl-security.md: mention long-running connections [6] + o libssh2: drop two redundant null-terminations [26] + o libssh2: error check and null-terminate in ssh_state_sftp_readdir_link() [34] + o libssh: react on errors from ssh_scp_read [24] o Makefile.example: simplify and make it configurable [20] + o managen: ignore version mentions < 7.66.0 [55] + o managen: render better manpage references/links [54] + o multi.h: add CURLMINFO_LASTENTRY [51] o ngtcp2: check error code on connect failure [13] + o openldap: avoid indexing the result at -1 for blank responses [44] o quic: fix min TLS version handling [14] o quic: ignore EMSGSIZE on receive [4] + o sasl: clear canceled mechanism instead of toggling it [41] o setopt: accept *_SSL_VERIFYHOST set to 2L [31] o setopt: make CURLOPT_MAXREDIRS accept -1 (again) [1] + o smb: adjust buffer size checks [45] + o smtp: check EHLO responses case insensitively [50] + o socks_sspi: fix memory cleanup calls [40] + o socks_sspi: restore non-blocking socket on error paths [48] o ssl-sessions.md: mark option experimental [12] o sws: fix checking `sscanf()` return value [17] + o telnet: make printsub require another byte input [21] + o tftp: check and act on tftp_set_timeouts() returning error [38] + o tftp: propagate expired timer from tftp_state_timeout() [39] o TODO: remove already implemented or bad items [36] + o tool: fix exponential retry delay [47] + o tool_cb_hdr: fix fwrite check in header callback [49] + o tool_operate: improve wording in retry message [37] + o tool_operate: keep the progress meter for --out-null [33] o urldata: FILE is not a list-only protocol [9] This release includes the following known bugs: @@ -61,11 +87,12 @@ Planned upcoming removals include: This release would not have looked like this without help, code, reports and advice from friends like these: - Adam Light, Andrew Kirillov, Dan Fandrich, Daniel Stenberg, dependabot[bot], + Adam Light, Andrew Kirillov, Andrew Olsen, Christian Schmitz, Dan Fandrich, + Daniel Stenberg, dependabot[bot], divinity76 on github, Emilio Pozuelo Monfort, Ethan Everett, fds242 on github, Javier Blazquez, - Jicea, Nir Azkiel, renovate[bot], Samuel Dionne-Riel, Stefan Eissing, - Viktor Szakats - (15 contributors) + Jicea, Joshua Rogers, Michael Osipov, Nir Azkiel, Ray Satiro, renovate[bot], + Samuel Dionne-Riel, Stefan Eissing, Viktor Szakats + (21 contributors) References to bug reports and discussions on issues: @@ -79,6 +106,7 @@ References to bug reports and discussions on issues: [8] = https://curl.se/bug/?i=18531 [9] = https://curl.se/bug/?i=18525 [10] = https://curl.se/bug/?i=18527 + [11] = https://curl.se/bug/?i=18621 [12] = https://curl.se/bug/?i=18523 [13] = https://curl.se/bug/?i=18521 [14] = https://curl.se/bug/?i=18518 @@ -88,11 +116,36 @@ References to bug reports and discussions on issues: [18] = https://curl.se/bug/?i=18560 [19] = https://curl.se/bug/?i=18510 [20] = https://curl.se/bug/?i=18554 + [21] = https://curl.se/bug/?i=18618 [22] = https://curl.se/bug/?i=18561 + [23] = https://curl.se/bug/?i=18615 + [24] = https://curl.se/bug/?i=18616 + [26] = https://curl.se/bug/?i=18606 [27] = https://curl.se/bug/?i=18551 [28] = https://curl.se/bug/?i=18550 [29] = https://curl.se/bug/?i=18549 [30] = https://curl.se/bug/?i=18532 [31] = https://curl.se/mail/lib-2025-09/0031.html [32] = https://curl.se/bug/?i=18548 + [33] = https://curl.se/bug/?i=18607 + [34] = https://curl.se/bug/?i=18598 + [35] = https://curl.se/bug/?i=18605 [36] = https://curl.se/bug/?i=18542 + [37] = https://curl.se/bug/?i=18604 + [38] = https://curl.se/bug/?i=18603 + [39] = https://curl.se/bug/?i=18574 + [40] = https://curl.se/bug/?i=18587 + [41] = https://curl.se/bug/?i=18573 + [42] = https://curl.se/bug/?i=18602 + [44] = https://curl.se/bug/?i=18600 + [45] = https://curl.se/bug/?i=18599 + [46] = https://curl.se/bug/?i=18596 + [47] = https://curl.se/bug/?i=18591 + [48] = https://curl.se/bug/?i=18592 + [49] = https://curl.se/bug/?i=18593 + [50] = https://curl.se/bug/?i=18588 + [51] = https://curl.se/bug/?i=18578 + [52] = https://curl.se/bug/?i=18585 + [53] = https://curl.se/bug/?i=18579 + [54] = https://curl.se/bug/?i=18580 + [55] = https://curl.se/bug/?i=18583 diff --git a/include/curl/curlver.h b/include/curl/curlver.h index 03baeb4ae1..19b2bf8752 100644 --- a/include/curl/curlver.h +++ b/include/curl/curlver.h @@ -32,13 +32,13 @@ /* This is the version number of the libcurl package from which this header file origins: */ -#define LIBCURL_VERSION "8.16.1-DEV" +#define LIBCURL_VERSION "8.17.0-DEV" /* The numeric version number is also available "in parts" by using these defines: */ #define LIBCURL_VERSION_MAJOR 8 -#define LIBCURL_VERSION_MINOR 16 -#define LIBCURL_VERSION_PATCH 1 +#define LIBCURL_VERSION_MINOR 17 +#define LIBCURL_VERSION_PATCH 0 /* This is the numeric version of the libcurl version number, meant for easier parsing and comparisons by programs. The LIBCURL_VERSION_NUM define will always follow this syntax: @@ -58,7 +58,7 @@ CURL_VERSION_BITS() macro since curl's own configure script greps for it and needs it to contain the full number. */ -#define LIBCURL_VERSION_NUM 0x081001 +#define LIBCURL_VERSION_NUM 0x081100 /* * This is the date and time when the full source package was created. The From 58f071dbe4be8dfc95dad4ac4c9574502966d1dd Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 19 Sep 2025 17:36:29 +0200 Subject: [PATCH 0080/2408] tool_getparam/set_rate: skip the multiplication on overflow The code detected the problem but didn't avoid the calculation correctly. Fixes #18624 Reported-by: BobodevMm on github Closes #18625 --- src/tool_getparam.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/tool_getparam.c b/src/tool_getparam.c index f2ad6daf2e..b8fec5f7ab 100644 --- a/src/tool_getparam.c +++ b/src/tool_getparam.c @@ -1012,8 +1012,9 @@ static ParameterError set_rate(const char *nextarg) errorf("too large --rate unit"); err = PARAM_NUMBER_TOO_LARGE; } - /* this typecast is okay based on the check above */ - numerator *= (long)numunits; + else + /* this typecast is okay based on the check above */ + numerator *= (long)numunits; } if(err) From a0369e1705b536279313c11dd54d490cf6f9ea3d Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 19 Sep 2025 14:59:17 +0200 Subject: [PATCH 0081/2408] gtls: avoid potential use of uninitialized variable in trace output Reported in Joshua's sarif data Closes #18620 --- lib/vtls/gtls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index f38c90e66c..eef64886e1 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -2195,7 +2195,7 @@ static CURLcode gtls_recv(struct Curl_cfilter *cf, } out: - CURL_TRC_CF(data, cf, "gtls_recv(len=%zu) -> 0, %zu", blen, *pnread); + CURL_TRC_CF(data, cf, "gtls_recv(len=%zu) -> 0, %zd", blen, nread); return result; } From 5e2d4d790575d4ad0381c4862f5e435a3b6532d1 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 19 Sep 2025 13:47:16 +0200 Subject: [PATCH 0082/2408] base64: accept zero length argument to base64_encode We used to treat 0 as "call strlen() to get the length" for curlx_base64_encode, but it turns out this is rather fragile as we easily do the mistake of passing in zero when the data is actually not there and then calling strlen() is wrong. Force the caller to pass in the correct size. A zero length input string now returns a zero length output and a NULL pointer. Closes #18617 --- lib/curlx/base64.c | 4 +--- tests/unit/unit1302.c | 2 +- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/lib/curlx/base64.c b/lib/curlx/base64.c index dc6e9c001c..5f6887bd5c 100644 --- a/lib/curlx/base64.c +++ b/lib/curlx/base64.c @@ -182,7 +182,7 @@ static CURLcode base64_encode(const char *table64, *outlen = 0; if(!insize) - insize = strlen(inputbuff); + return CURLE_OK; #if SIZEOF_SIZE_T == 4 if(insize > UINT_MAX/4) @@ -240,8 +240,6 @@ static CURLcode base64_encode(const char *table64, * encoded data. Size of encoded data is returned in variable pointed by * outlen. * - * Input length of 0 indicates input buffer holds a null-terminated string. - * * Returns CURLE_OK on success, otherwise specific error code. Function * output shall not be considered valid unless CURLE_OK is returned. * diff --git a/tests/unit/unit1302.c b/tests/unit/unit1302.c index 54693631ff..a1676699f2 100644 --- a/tests/unit/unit1302.c +++ b/tests/unit/unit1302.c @@ -172,7 +172,7 @@ static CURLcode test_unit1302(const char *arg) fprintf(stderr, "Test %u URL encoded output length %d instead of %d\n", i, (int)olen, (int)e->olen); } - if(memcmp(out, e->output, e->olen)) { + if(out && memcmp(out, e->output, e->olen)) { fprintf(stderr, "Test %u URL encoded badly. Got '%s', expected '%s'\n", i, out, e->output); unitfail++; From 8d004781a577fc2fae72873c4a45b2fb3f366d98 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 27 Jul 2025 13:50:03 +0200 Subject: [PATCH 0083/2408] build: drop the winbuild build system In favor of CMake. Closes #18040 --- .github/labeler.yml | 2 - .github/scripts/codespell.sh | 1 - .github/scripts/spacecheck.pl | 3 +- .github/scripts/typos.toml | 1 - .github/workflows/checksrc.yml | 2 - .github/workflows/curl-for-win.yml | 2 - .github/workflows/fuzz.yml | 2 - .github/workflows/http3-linux.yml | 2 - .github/workflows/linux-old.yml | 2 - .github/workflows/linux.yml | 2 - .github/workflows/macos.yml | 2 - .github/workflows/non-native.yml | 2 - .github/workflows/windows.yml | 2 - .gitignore | 1 - Makefile.am | 5 +- appveyor.sh | 23 - appveyor.yml | 51 -- docs/DEPRECATE.md | 8 +- docs/INSTALL-CMAKE.md | 60 +-- docs/INSTALL.md | 2 - projects/README.md | 3 - winbuild/.gitignore | 6 - winbuild/Makefile.vc | 308 ------------ winbuild/MakefileBuild.vc | 732 ----------------------------- winbuild/README.md | 207 -------- winbuild/makedebug.bat | 33 -- 26 files changed, 4 insertions(+), 1460 deletions(-) delete mode 100644 winbuild/.gitignore delete mode 100644 winbuild/Makefile.vc delete mode 100644 winbuild/MakefileBuild.vc delete mode 100644 winbuild/README.md delete mode 100644 winbuild/makedebug.bat diff --git a/.github/labeler.yml b/.github/labeler.yml index 42a891e623..982055f16a 100644 --- a/.github/labeler.yml +++ b/.github/labeler.yml @@ -75,7 +75,6 @@ build: packages/**,\ plan9/**,\ projects/**,\ - winbuild/**,\ lib/libcurl.def,\ tests/cmake/**\ }" @@ -520,6 +519,5 @@ Windows: m4/curl-schannel.m4,\ projects/**,\ src/tool_doswin.c,\ - winbuild/**,\ lib/libcurl.def\ }" diff --git a/.github/scripts/codespell.sh b/.github/scripts/codespell.sh index 766eeeb87c..b373a7d210 100755 --- a/.github/scripts/codespell.sh +++ b/.github/scripts/codespell.sh @@ -14,7 +14,6 @@ codespell \ --skip 'docs/THANKS' \ --skip 'packages/*' \ --skip 'scripts/wcurl' \ - --skip 'winbuild/*' \ --ignore-regex '.*spellchecker:disable-line' \ --ignore-words '.github/scripts/codespell-ignore.txt' \ $(git ls-files) diff --git a/.github/scripts/spacecheck.pl b/.github/scripts/spacecheck.pl index e61d30b5b0..7caf526327 100755 --- a/.github/scripts/spacecheck.pl +++ b/.github/scripts/spacecheck.pl @@ -30,7 +30,7 @@ my @tabs = ( "^m4/zz40-xc-ovr.m4", "Makefile\\.(am|example)\$", "/mkfile", - "\\.(sln|vc)\$", + "\\.sln\$", "^tests/data/test", ); @@ -40,7 +40,6 @@ my @mixed_eol = ( my @need_crlf = ( "\\.(bat|sln)\$", - "^winbuild/.+\\.md\$", ); my @space_at_eol = ( diff --git a/.github/scripts/typos.toml b/.github/scripts/typos.toml index 46301615cd..73ecac136a 100644 --- a/.github/scripts/typos.toml +++ b/.github/scripts/typos.toml @@ -25,5 +25,4 @@ extend-exclude = [ "docs/THANKS", "packages/*", "scripts/wcurl", - "winbuild/*", ] diff --git a/.github/workflows/checksrc.yml b/.github/workflows/checksrc.yml index 061a192297..a0ff120bec 100644 --- a/.github/workflows/checksrc.yml +++ b/.github/workflows/checksrc.yml @@ -18,7 +18,6 @@ name: 'Source' - 'Dockerfile' - 'plan9/**' - 'tests/data/**' - - 'winbuild/**' pull_request: branches: - master @@ -29,7 +28,6 @@ name: 'Source' - 'Dockerfile' - 'plan9/**' - 'tests/data/**' - - 'winbuild/**' permissions: {} diff --git a/.github/workflows/curl-for-win.yml b/.github/workflows/curl-for-win.yml index 704a78d2cd..0090c7d6e2 100644 --- a/.github/workflows/curl-for-win.yml +++ b/.github/workflows/curl-for-win.yml @@ -17,7 +17,6 @@ name: 'curl-for-win' - 'packages/**' - 'plan9/**' - 'projects/**' - - 'winbuild/**' pull_request: branches: - master @@ -29,7 +28,6 @@ name: 'curl-for-win' - 'packages/**' - 'plan9/**' - 'projects/**' - - 'winbuild/**' concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} diff --git a/.github/workflows/fuzz.yml b/.github/workflows/fuzz.yml index d9cc43169e..1c466160fc 100644 --- a/.github/workflows/fuzz.yml +++ b/.github/workflows/fuzz.yml @@ -20,7 +20,6 @@ name: 'Fuzzer' - 'plan9/**' - 'projects/**' - 'tests/data/**' - - 'winbuild/**' pull_request: branches: - master @@ -35,7 +34,6 @@ name: 'Fuzzer' - 'plan9/**' - 'projects/**' - 'tests/data/**' - - 'winbuild/**' permissions: {} diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index 4ad880ddf6..3d3b35dee0 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -17,7 +17,6 @@ name: 'Linux HTTP/3' - 'packages/**' - 'plan9/**' - 'projects/**' - - 'winbuild/**' pull_request: branches: - master @@ -29,7 +28,6 @@ name: 'Linux HTTP/3' - 'packages/**' - 'plan9/**' - 'projects/**' - - 'winbuild/**' concurrency: # Hardcoded workflow filename as workflow name above is just Linux again diff --git a/.github/workflows/linux-old.yml b/.github/workflows/linux-old.yml index 352986eb04..e572c1745f 100644 --- a/.github/workflows/linux-old.yml +++ b/.github/workflows/linux-old.yml @@ -31,7 +31,6 @@ name: 'Old Linux' - 'packages/**' - 'plan9/**' - 'projects/**' - - 'winbuild/**' pull_request: branches: - master @@ -43,7 +42,6 @@ name: 'Old Linux' - 'packages/**' - 'plan9/**' - 'projects/**' - - 'winbuild/**' permissions: {} diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 70a6a259ab..af2edf0e09 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -16,7 +16,6 @@ name: 'Linux' - 'packages/**' - 'plan9/**' - 'projects/**' - - 'winbuild/**' pull_request: branches: - master @@ -27,7 +26,6 @@ name: 'Linux' - 'packages/**' - 'plan9/**' - 'projects/**' - - 'winbuild/**' concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index 5e817dd4bd..be8565303e 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -17,7 +17,6 @@ name: 'macOS' - 'packages/**' - 'plan9/**' - 'projects/**' - - 'winbuild/**' pull_request: branches: - master @@ -29,7 +28,6 @@ name: 'macOS' - 'packages/**' - 'plan9/**' - 'projects/**' - - 'winbuild/**' concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} diff --git a/.github/workflows/non-native.yml b/.github/workflows/non-native.yml index 3c76ed9de8..2670c39078 100644 --- a/.github/workflows/non-native.yml +++ b/.github/workflows/non-native.yml @@ -17,7 +17,6 @@ name: 'non-native' - 'packages/**' - 'plan9/**' - 'projects/**' - - 'winbuild/**' pull_request: branches: - master @@ -29,7 +28,6 @@ name: 'non-native' - 'packages/**' - 'plan9/**' - 'projects/**' - - 'winbuild/**' concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index b519af47d6..d45979c05a 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -17,7 +17,6 @@ name: 'Windows' - 'packages/**' - 'plan9/**' - 'projects/**' - - 'winbuild/**' pull_request: branches: - master @@ -29,7 +28,6 @@ name: 'Windows' - 'packages/**' - 'plan9/**' - 'projects/**' - - 'winbuild/**' concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} diff --git a/.gitignore b/.gitignore index 9c901f9fff..0ac1002956 100644 --- a/.gitignore +++ b/.gitignore @@ -28,7 +28,6 @@ /.vs /bld/ /build/ -/builds/ /stats/ __pycache__ Debug diff --git a/Makefile.am b/Makefile.am index b5ab0442a8..fd97e61d9d 100644 --- a/Makefile.am +++ b/Makefile.am @@ -66,9 +66,6 @@ CMAKE_DIST = \ VC_DIST = projects/README.md projects/generate.bat -WINBUILD_DIST = winbuild/README.md \ - winbuild/MakefileBuild.vc winbuild/Makefile.vc winbuild/makedebug.bat - PLAN9_DIST = plan9/include/mkfile \ plan9/include/mkfile \ plan9/mkfile.proto \ @@ -80,7 +77,7 @@ PLAN9_DIST = plan9/include/mkfile \ plan9/src/mkfile EXTRA_DIST = CHANGES.md COPYING RELEASE-NOTES Dockerfile .editorconfig \ - $(CMAKE_DIST) $(VC_DIST) $(WINBUILD_DIST) $(PLAN9_DIST) + $(CMAKE_DIST) $(VC_DIST) $(PLAN9_DIST) DISTCLEANFILES = buildinfo.txt diff --git a/appveyor.sh b/appveyor.sh index dea58c9545..4be76095ee 100644 --- a/appveyor.sh +++ b/appveyor.sh @@ -96,29 +96,6 @@ elif [ "${BUILD_SYSTEM}" = 'VisualStudioSolution' ]; then msbuild.exe -maxcpucount "-property:Configuration=${PRJ_CFG}" "Windows/${VC_VERSION}/curl-all.sln" ) curl="build/Win32/${VC_VERSION}/${PRJ_CFG}/curld.exe" -elif [ "${BUILD_SYSTEM}" = 'winbuild_vs2015' ]; then - ( - cd winbuild - cat << EOF > _make.bat - call "C:/Program Files/Microsoft SDKs/Windows/v7.1/Bin/SetEnv.cmd" /x64 - call "C:/Program Files (x86)/Microsoft Visual Studio 14.0/VC/vcvarsall.bat" x86_amd64 - nmake -f Makefile.vc mode=dll VC=14 "SSL_PATH=${openssl_root_win}" WITH_SSL=dll MACHINE=x64 DEBUG=${DEBUG} ENABLE_UNICODE=${ENABLE_UNICODE} WINBUILD_ACKNOWLEDGE_DEPRECATED=yes -EOF - ./_make.bat - rm _make.bat - ) - curl="builds/libcurl-vc14-x64-${PATHPART}-dll-ssl-dll-ipv6-sspi/bin/curl.exe" -elif [ "${BUILD_SYSTEM}" = 'winbuild_vs2017' ]; then - ( - cd winbuild - cat << EOF > _make.bat - call "C:/Program Files (x86)/Microsoft Visual Studio/2017/Community/VC/Auxiliary/Build/vcvars64.bat" - nmake -f Makefile.vc mode=dll VC=14.10 "SSL_PATH=${openssl_root_win}" WITH_SSL=dll MACHINE=x64 DEBUG=${DEBUG} ENABLE_UNICODE=${ENABLE_UNICODE} WINBUILD_ACKNOWLEDGE_DEPRECATED=yes -EOF - ./_make.bat - rm _make.bat - ) - curl="builds/libcurl-vc14.10-x64-${PATHPART}-dll-ssl-dll-ipv6-sspi/bin/curl.exe" fi find . \( -name '*.exe' -o -name '*.dll' -o -name '*.lib' -o -name '*.pdb' \) -exec file '{}' \; diff --git a/appveyor.yml b/appveyor.yml index 42b580883c..af6ecd2c15 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -147,57 +147,6 @@ environment: PRJ_CFG: Debug HTTP_ONLY: 'ON' - # winbuild-based builds - - - job_name: 'winbuild, VS2015, Debug, x64, OpenSSL 1.1.1, Build-only' - APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2015' - BUILD_SYSTEM: winbuild_vs2015 - DEBUG: 'yes' - PATHPART: debug - ENABLE_UNICODE: 'no' - - job_name: 'winbuild, VS2015, Release, x64, OpenSSL 1.1.1, Build-only' - APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2015' - BUILD_SYSTEM: winbuild_vs2015 - DEBUG: 'no' - PATHPART: release - ENABLE_UNICODE: 'no' - - job_name: 'winbuild, VS2017, Debug, x64, OpenSSL 1.1.1, Build-only' - APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2017' - BUILD_SYSTEM: winbuild_vs2017 - DEBUG: 'yes' - PATHPART: debug - ENABLE_UNICODE: 'no' - - job_name: 'winbuild, VS2017, Release, x64, OpenSSL 1.1.1, Build-only' - APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2017' - BUILD_SYSTEM: winbuild_vs2017 - DEBUG: 'no' - PATHPART: release - ENABLE_UNICODE: 'no' - - job_name: 'winbuild, VS2015, Debug, x64, OpenSSL 1.1.1, Unicode, Build-only' - APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2015' - BUILD_SYSTEM: winbuild_vs2015 - DEBUG: 'yes' - PATHPART: debug - ENABLE_UNICODE: 'yes' - - job_name: 'winbuild, VS2015, Release, x64, OpenSSL 1.1.1, Unicode, Build-only' - APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2015' - BUILD_SYSTEM: winbuild_vs2015 - DEBUG: 'no' - PATHPART: release - ENABLE_UNICODE: 'yes' - - job_name: 'winbuild, VS2017, Debug, x64, OpenSSL 1.1.1, Unicode, Build-only' - APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2017' - BUILD_SYSTEM: winbuild_vs2017 - DEBUG: 'yes' - PATHPART: debug - ENABLE_UNICODE: 'yes' - - job_name: 'winbuild, VS2017, Release, x64, OpenSSL 1.1.1, Unicode, Build-only' - APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2017' - BUILD_SYSTEM: winbuild_vs2017 - DEBUG: 'no' - PATHPART: release - ENABLE_UNICODE: 'yes' - # generated VisualStudioSolution-based builds - job_name: 'VisualStudioSolution, VS2013, Debug, x86, Schannel, Build-only' diff --git a/docs/DEPRECATE.md b/docs/DEPRECATE.md index 65c630cbee..786b6a92c7 100644 --- a/docs/DEPRECATE.md +++ b/docs/DEPRECATE.md @@ -12,13 +12,6 @@ email the as soon as possible and explain to us why this is a problem for you and how your use case cannot be satisfied properly using a workaround. -## winbuild build system - -curl drops support for the winbuild build method after September 2025. - -We recommend migrating to CMake. See the migration guide in -`docs/INSTALL-CMAKE.md`. - ## Windows CE Windows CE "mainstream support" ended on October 9, 2018, and "Extended @@ -79,3 +72,4 @@ We remove support for this OpenSSL version from curl in June 2026. - Secure Transport (removed in 8.15.0) - BearSSL (removed in 8.15.0) - msh3 (removed in 8.16.0) + - winbuild build system (removed in 8.17.0) diff --git a/docs/INSTALL-CMAKE.md b/docs/INSTALL-CMAKE.md index ea761fa99a..b112e1f8b4 100644 --- a/docs/INSTALL-CMAKE.md +++ b/docs/INSTALL-CMAKE.md @@ -23,9 +23,7 @@ It consists of the following steps after you have unpacked the source. We recommend building with CMake on Windows. For instructions on migrating from the `projects/Windows` Visual Studio solution files, see -[this section](#migrating-from-visual-studio-ide-project-files). For -instructions on migrating from the winbuild builds, see -[the following section](#migrating-from-winbuild-builds). +[this section](#migrating-from-visual-studio-ide-project-files). ## Using `cmake` @@ -546,59 +544,3 @@ We do *not* specify `-DCMAKE_BUILD_TYPE=Debug` here as we might do for the `"NMake Makefiles"` generator because the Visual Studio generators are [multi-config generators](https://cmake.org/cmake/help/latest/prop_gbl/GENERATOR_IS_MULTI_CONFIG.html) and therefore ignore the value of `CMAKE_BUILD_TYPE`. - -# Migrating from winbuild builds - -We recommend CMake to build curl with MSVC. The winbuild build system is -deprecated and is going to be removed in September 2025 in favor of the CMake -build system. - -In CMake you can customize the path of dependencies by passing the absolute -header path and the full path of the library via `*_INCLUDE_DIR` and -`*_LIBRARY` options (see the complete list in the option listing above). -The full path to the library can point to a static library or an import -library, which defines if the dependency is linked as a dll or statically. -For OpenSSL this works -[differently](https://cmake.org/cmake/help/latest/module/FindOpenSSL.html): -You can pass the root directory of the OpenSSL installation via -`OPENSSL_ROOT_DIR`, then pass `OPENSSL_USE_STATIC_LIBS=ON` to select static -libs. - -winbuild options | Equivalent CMake options -:-------------------------------- | :-------------------------------- -`DEBUG` | `CMAKE_BUILD_TYPE=Debug` -`GEN_PDB` | `CMAKE_EXE_LINKER_FLAGS=/Fd`, `CMAKE_SHARED_LINKER_FLAGS=/Fd` -`LIB_NAME_DLL`, `LIB_NAME_STATIC` | `IMPORT_LIB_SUFFIX`, `LIBCURL_OUTPUT_NAME`, `STATIC_LIB_SUFFIX` -`VC`: `` | see the CMake [Visual Studio generators](https://cmake.org/cmake/help/latest/manual/cmake-generators.7.html#visual-studio-generators) -`MACHINE`: `x64`, `x86` | `-A x64`, `-A Win32` -`MODE`: `dll`, `static` | `BUILD_SHARED_LIBS=ON/OFF`, `BUILD_STATIC_LIBS=ON/OFF`, `BUILD_STATIC_CURL=ON/OFF` (default: dll) -`RTLIBCFG`: `static` | `CURL_STATIC_CRT=ON` -`ENABLE_IDN` | `USE_WIN32_IDN=ON` -`ENABLE_IPV6` | `ENABLE_IPV6=ON` -`ENABLE_NGHTTP2` | `USE_NGHTTP2=ON` -`ENABLE_OPENSSL_AUTO_LOAD_CONFIG` | `CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG=OFF` (default) -`ENABLE_SCHANNEL` | `CURL_USE_SCHANNEL=ON` -`ENABLE_SSPI` | `CURL_WINDOWS_SSPI=ON` (default with Schannel) -`ENABLE_UNICODE` | `ENABLE_UNICODE=ON` -`WITH_PREFIX` | `CMAKE_INSTALL_PREFIX=` -`WITH_DEVEL` | see individual `*_INCLUDE_DIR` and `*_LIBRARY` options and `OPENSSL_ROOT_DIR` -`WITH_CARES`, `CARES_PATH` | `ENABLE_ARES=ON`, optional: `CARES_INCLUDE_DIR`, `CARES_LIBRARY` -`WITH_MBEDTLS`, `MBEDTLS_PATH` | `CURL_USE_MBEDTLS=ON`, optional: `MBEDTLS_INCLUDE_DIR`, `MBEDTLS_LIBRARY`, `MBEDX509_LIBRARY`, `MBEDCRYPTO_LIBRARY` -`WITH_NGHTTP2`, `NGHTTP2_PATH` | `USE_NGHTTP2=ON`, optional: `NGHTTP2_INCLUDE_DIR`, `NGHTTP2_LIBRARY` -`WITH_SSH`, `SSH_PATH` | `CURL_USE_LIBSSH=ON`, optional: `LIBSSH_INCLUDE_DIR`, `LIBSSH_LIBRARY` -`WITH_SSH2`, `SSH2_PATH` | `CURL_USE_LIBSSH2=ON`, optional: `LIBSSH2_INCLUDE_DIR`, `LIBSSH2_LIBRARY` -`WITH_SSL`, `SSL_PATH` | `CURL_USE_OPENSSL=ON`, optional: `OPENSSL_ROOT_DIR`, `OPENSSL_USE_STATIC_LIBS=ON` -`WITH_WOLFSSL`, `WOLFSSL_PATH` | `CURL_USE_WOLFSSL=ON`, optional: `WOLFSSL_INCLUDE_DIR`, `WOLFSSL_LIBRARY` -`WITH_ZLIB`, `ZLIB_PATH` | `CURL_ZLIB=ON`, optional: `ZLIB_INCLUDE_DIR`, `ZLIB_LIBRARY` - -For example this command-line: - - > nmake -f Makefile.vc VC=17 MACHINE=x64 DEBUG=ON mode=dll SSL_PATH=C:\OpenSSL WITH_SSL=dll ENABLE_UNICODE=ON - -translates to: - - > cmake . -G "Visual Studio 17 2022" -A x64 -DBUILD_SHARED_LIBS=ON -DOPENSSL_ROOT_DIR=C:\OpenSSL -DCURL_USE_OPENSSL=ON -DENABLE_UNICODE=ON -DCURL_USE_LIBPSL=OFF - > cmake --build . --config Debug - -We use `--config` with `cmake --build` because the Visual Studio CMake -generators are multi-config and therefore ignore `CMAKE_BUILD_TYPE`. diff --git a/docs/INSTALL.md b/docs/INSTALL.md index 0c53731710..ab20e9fde1 100644 --- a/docs/INSTALL.md +++ b/docs/INSTALL.md @@ -347,7 +347,6 @@ If you want to set any of these defines you have the following options: - Modify `lib/config-win32.h` - Modify `lib/curl_setup.h` - - Modify `winbuild/Makefile.vc` - Modify the "Preprocessor Definitions" in the libcurl project Note: The pre-processor settings can be found using the Visual Studio IDE @@ -362,7 +361,6 @@ visible to libcurl and curl compilation processes. To set this definition you have the following alternatives: - Modify `lib/config-win32.h` - - Modify `winbuild/Makefile.vc` - Modify the "Preprocessor Definitions" in the libcurl project Note: The pre-processor settings can be found using the Visual Studio IDE diff --git a/projects/README.md b/projects/README.md index e587249dbb..1777074c6d 100644 --- a/projects/README.md +++ b/projects/README.md @@ -16,9 +16,6 @@ You need to generate the project files before using them. Please run "generate To generate project files for recent versions of Visual Studio instead, use cmake. Refer to INSTALL-CMAKE.md in the docs directory. -Another way to build curl using Visual Studio is without project files. Refer -to README in the winbuild directory. - ## Directory Structure The following directory structure is used for the legacy project files: diff --git a/winbuild/.gitignore b/winbuild/.gitignore deleted file mode 100644 index 0d7f2b276f..0000000000 --- a/winbuild/.gitignore +++ /dev/null @@ -1,6 +0,0 @@ -# Copyright (C) Daniel Stenberg, , et al. -# -# SPDX-License-Identifier: curl - -*.idb -*.inc diff --git a/winbuild/Makefile.vc b/winbuild/Makefile.vc deleted file mode 100644 index 1a202cb559..0000000000 --- a/winbuild/Makefile.vc +++ /dev/null @@ -1,308 +0,0 @@ -#*************************************************************************** -# _ _ ____ _ -# Project ___| | | | _ \| | -# / __| | | | |_) | | -# | (__| |_| | _ <| |___ -# \___|\___/|_| \_\_____| -# -# Copyright (C) Daniel Stenberg, , et al. -# -# This software is licensed as described in the file COPYING, which -# you should have received as part of this distribution. The terms -# are also available at https://curl.se/docs/copyright.html. -# -# You may opt to use, copy, modify, merge, publish, distribute and/or sell -# copies of the Software, and permit persons to whom the Software is -# furnished to do so, under the terms of the COPYING file. -# -# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY -# KIND, either express or implied. -# -# SPDX-License-Identifier: curl -# -#*************************************************************************** - -!MESSAGE -!MESSAGE WARNING: -!MESSAGE -!MESSAGE The winbuild build system is deprecated and will be removed in -!MESSAGE September 2025 in favor of the CMake build system. -!MESSAGE -!MESSAGE Please see docs/INSTALL-CMAKE.md : "Migrating from winbuild builds" -!MESSAGE -!MESSAGE To use the winbuild build system you must acknowledge this warning by -!MESSAGE setting command line option WINBUILD_ACKNOWLEDGE_DEPRECATED=yes -!MESSAGE -!IF "$(WINBUILD_ACKNOWLEDGE_DEPRECATED)"!="yes" -!ERROR The user must acknowledge the deprecation warning to continue. -!ENDIF - -!IF "$(MODE)"=="static" -TARGET = $(LIB_NAME_STATIC) -AS_DLL = false -CFGSET=true -!ELSEIF "$(MODE)"=="dll" -TARGET = $(LIB_NAME_DLL) -AS_DLL = true -CFGSET=true -!ELSE -!MESSAGE Invalid mode: $(MODE) - -####################### -# Usage -# - -!MESSAGE See winbuild/README.md for usage -!ERROR please choose a valid mode - -!ENDIF - -!INCLUDE "../lib/Makefile.inc" -CSOURCES=$(CSOURCES: = ) -LIBCURL_OBJS=$(CSOURCES:.c=.obj) - -!INCLUDE "../src/Makefile.inc" -CURL_CFILES=$(CURL_CFILES: = ) -CURL_OBJS=$(CURL_CFILES:.c=.obj) - - -# backwards compatible check for USE_SSPI -!IFDEF USE_SSPI -ENABLE_SSPI = $(USE_SSPI) -!ENDIF - -# default options - -!IFNDEF MACHINE -# Note: nmake magically changes the value of PROCESSOR_ARCHITECTURE from "AMD64" -# to "x86" when building in a 32 bit build environment on a 64 bit machine. -!IF "$(PROCESSOR_ARCHITECTURE)"=="AMD64" -MACHINE = x64 -!ELSE -MACHINE = x86 -!ENDIF -!ENDIF - -!IFNDEF ENABLE_IDN -USE_IDN = true -!ELSEIF "$(ENABLE_IDN)"=="yes" -USE_IDN = true -!ELSEIF "$(ENABLE_IDN)"=="no" -USE_IDN = false -!ENDIF - -!IFNDEF ENABLE_IPV6 -USE_IPV6 = true -!ELSEIF "$(ENABLE_IPV6)"=="yes" -USE_IPV6 = true -!ELSEIF "$(ENABLE_IPV6)"=="no" -USE_IPV6 = false -!ENDIF - -!IFNDEF ENABLE_SSPI -USE_SSPI = true -!ELSEIF "$(ENABLE_SSPI)"=="yes" -USE_SSPI = true -!ELSEIF "$(ENABLE_SSPI)"=="no" -USE_SSPI = false -!ENDIF - -!IFNDEF ENABLE_SCHANNEL -!IF DEFINED(WITH_SSL) || DEFINED(WITH_MBEDTLS) || DEFINED(WITH_WOLFSSL) -USE_SCHANNEL = false -!ELSE -USE_SCHANNEL = $(USE_SSPI) -!ENDIF -!ELSEIF "$(ENABLE_SCHANNEL)"=="yes" -USE_SCHANNEL = true -!ELSEIF "$(ENABLE_SCHANNEL)"=="no" -USE_SCHANNEL = false -!ENDIF - -!IFNDEF ENABLE_OPENSSL_AUTO_LOAD_CONFIG -ENABLE_OPENSSL_AUTO_LOAD_CONFIG = true -!ELSEIF "$(ENABLE_OPENSSL_AUTO_LOAD_CONFIG)"=="yes" -!UNDEF ENABLE_OPENSSL_AUTO_LOAD_CONFIG -ENABLE_OPENSSL_AUTO_LOAD_CONFIG = true -!ELSEIF "$(ENABLE_OPENSSL_AUTO_LOAD_CONFIG)"=="no" -!UNDEF ENABLE_OPENSSL_AUTO_LOAD_CONFIG -ENABLE_OPENSSL_AUTO_LOAD_CONFIG = false -!ENDIF - -!IFNDEF ENABLE_UNICODE -USE_UNICODE = false -!ELSEIF "$(ENABLE_UNICODE)"=="yes" -USE_UNICODE = true -!ELSEIF "$(ENABLE_UNICODE)"=="no" -USE_UNICODE = false -!ENDIF - -CONFIG_NAME_LIB = libcurl - -!IF "$(WITH_SSL)"=="dll" -USE_SSL = true -SSL = dll -!ELSEIF "$(WITH_SSL)"=="static" -USE_SSL = true -SSL = static -!ENDIF - -!IF "$(ENABLE_NGHTTP2)"=="yes" -# compatibility bit, WITH_NGHTTP2 is the correct flag -WITH_NGHTTP2 = dll -USE_NGHTTP2 = true -NGHTTP2 = dll -!ELSEIF "$(WITH_NGHTTP2)"=="dll" -USE_NGHTTP2 = true -NGHTTP2 = dll -!ELSEIF "$(WITH_NGHTTP2)"=="static" -USE_NGHTTP2 = true -NGHTTP2 = static -!ENDIF - -!IFNDEF USE_NGHTTP2 -USE_NGHTTP2 = false -!ENDIF - -!IF "$(WITH_MBEDTLS)"=="dll" || "$(WITH_MBEDTLS)"=="static" -USE_MBEDTLS = true -MBEDTLS = $(WITH_MBEDTLS) -!ENDIF - -!IF "$(WITH_WOLFSSL)"=="dll" || "$(WITH_WOLFSSL)"=="static" -USE_WOLFSSL = true -WOLFSSL = $(WITH_WOLFSSL) -!ENDIF - -!IF "$(WITH_CARES)"=="dll" -USE_CARES = true -CARES = dll -!ELSEIF "$(WITH_CARES)"=="static" -USE_CARES = true -CARES = static -!ENDIF - -!IF "$(WITH_ZLIB)"=="dll" -USE_ZLIB = true -ZLIB = dll -!ELSEIF "$(WITH_ZLIB)"=="static" -USE_ZLIB = true -ZLIB = static -!ENDIF - -!IF "$(WITH_SSH2)"=="dll" -USE_SSH2 = true -SSH2 = dll -!ELSEIF "$(WITH_SSH2)"=="static" -USE_SSH2 = true -SSH2 = static -!ENDIF - -!IF "$(WITH_SSH)"=="dll" -USE_SSH = true -SSH = dll -!ELSEIF "$(WITH_SSH)"=="static" -USE_SSH = true -SSH = static -!ENDIF - -CONFIG_NAME_LIB = $(CONFIG_NAME_LIB)-vc$(VC)-$(MACHINE) - -!IF "$(DEBUG)"=="yes" -CONFIG_NAME_LIB = $(CONFIG_NAME_LIB)-debug -!ELSE -CONFIG_NAME_LIB = $(CONFIG_NAME_LIB)-release -!ENDIF - -!IF "$(AS_DLL)"=="true" -CONFIG_NAME_LIB = $(CONFIG_NAME_LIB)-dll -!ELSE -CONFIG_NAME_LIB = $(CONFIG_NAME_LIB)-static -!ENDIF - -!IF "$(USE_SSL)"=="true" -CONFIG_NAME_LIB = $(CONFIG_NAME_LIB)-ssl-$(SSL) -!ENDIF - -!IF "$(USE_MBEDTLS)"=="true" -CONFIG_NAME_LIB = $(CONFIG_NAME_LIB)-mbedtls-$(MBEDTLS) -!ENDIF - -!IF "$(USE_WOLFSSL)"=="true" -CONFIG_NAME_LIB = $(CONFIG_NAME_LIB)-wolfssl-$(WOLFSSL) -!ENDIF - -!IF "$(USE_CARES)"=="true" -CONFIG_NAME_LIB = $(CONFIG_NAME_LIB)-cares-$(CARES) -!ENDIF - -!IF "$(USE_ZLIB)"=="true" -CONFIG_NAME_LIB = $(CONFIG_NAME_LIB)-zlib-$(ZLIB) -!ENDIF - -!IF "$(USE_SSH2)"=="true" -CONFIG_NAME_LIB = $(CONFIG_NAME_LIB)-ssh2-$(SSH2) -!ENDIF - -!IF "$(USE_SSH)"=="true" -CONFIG_NAME_LIB = $(CONFIG_NAME_LIB)-ssh-$(SSH) -!ENDIF - -!IF "$(USE_IPV6)"=="true" -CONFIG_NAME_LIB = $(CONFIG_NAME_LIB)-ipv6 -!ENDIF - -!IF "$(USE_SSPI)"=="true" -CONFIG_NAME_LIB = $(CONFIG_NAME_LIB)-sspi -!ENDIF - -!IF "$(USE_SCHANNEL)"=="true" -CONFIG_NAME_LIB = $(CONFIG_NAME_LIB)-schannel -!ENDIF - -!IF "$(USE_NGHTTP2)"=="true" -CONFIG_NAME_LIB = $(CONFIG_NAME_LIB)-nghttp2-$(NGHTTP2) -!ENDIF - -!MESSAGE configuration name: $(CONFIG_NAME_LIB) - -# Note these directories are removed by this makefile's 'clean' so they should -# not be changed to point to user-specified directories that may contain other -# data. MakefileBuild.vc uses the same variable names but allows some user -# changes and therefore does not remove the directories. -BUILD_DIR=../builds/$(CONFIG_NAME_LIB) -LIBCURL_DIROBJ = ..\builds\$(CONFIG_NAME_LIB)-obj-lib -CURL_DIROBJ = ..\builds\$(CONFIG_NAME_LIB)-obj-curl -DIRDIST = ..\builds\$(CONFIG_NAME_LIB)\ - -$(MODE): - @echo LIBCURL_OBJS = \> LIBCURL_OBJS.inc - @for %%i in ($(LIBCURL_OBJS)) do @echo $(LIBCURL_DIROBJ)/%%i \>> LIBCURL_OBJS.inc - @echo. >> LIBCURL_OBJS.inc - - @echo CURL_OBJS = \> CURL_OBJS.inc - @for %%i in ($(CURL_OBJS)) do @echo $(CURL_DIROBJ)/%%i \>> CURL_OBJS.inc - @echo. >> CURL_OBJS.inc - - @SET CONFIG_NAME_LIB=$(CONFIG_NAME_LIB) - @SET MACHINE=$(MACHINE) - @SET USE_NGHTTP2=$(USE_NGHTTP2) - @SET USE_IDN=$(USE_IDN) - @SET USE_IPV6=$(USE_IPV6) - @SET USE_SSPI=$(USE_SSPI) - @SET USE_SCHANNEL=$(USE_SCHANNEL) - @SET USE_UNICODE=$(USE_UNICODE) -# compatibility bit - @SET WITH_NGHTTP2=$(WITH_NGHTTP2) - - @$(MAKE) /NOLOGO /F MakefileBuild.vc - -copy_from_lib: - echo copying .c... - FOR %%i IN ($(CURLX_CFILES:/=\)) DO copy %%i ..\src\ - -clean: - @if exist $(LIBCURL_DIROBJ) rd /s /q $(LIBCURL_DIROBJ) - @if exist $(CURL_DIROBJ) rd /s /q $(CURL_DIROBJ) - @if exist $(DIRDIST) rd /s /q $(DIRDIST) - $(MAKE) /NOLOGO /F MakefileBuild.vc $@ diff --git a/winbuild/MakefileBuild.vc b/winbuild/MakefileBuild.vc deleted file mode 100644 index 509e43e263..0000000000 --- a/winbuild/MakefileBuild.vc +++ /dev/null @@ -1,732 +0,0 @@ -#*************************************************************************** -# _ _ ____ _ -# Project ___| | | | _ \| | -# / __| | | | |_) | | -# | (__| |_| | _ <| |___ -# \___|\___/|_| \_\_____| -# -# Copyright (C) Daniel Stenberg, , et al. -# -# This software is licensed as described in the file COPYING, which -# you should have received as part of this distribution. The terms -# are also available at https://curl.se/docs/copyright.html. -# -# You may opt to use, copy, modify, merge, publish, distribute and/or sell -# copies of the Software, and permit persons to whom the Software is -# furnished to do so, under the terms of the COPYING file. -# -# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY -# KIND, either express or implied. -# -# SPDX-License-Identifier: curl -# -#*************************************************************************** - -########################################################################### -# -# Makefile for building libcurl with MSVC -# -# Usage: see README.md -# -############################################################## - -CFGSET=FALSE -WINBUILD_DIR=`cd` - -# Utilities. -# If a path is required that contains characters such as space, quote the path. -MT = mt.exe -RC = rc.exe -ZIP = zip.exe - -# Allow changing C compiler via environment variable CC (default cl.exe) -# This command macro is not set by default: https://msdn.microsoft.com/en-us/library/ms933742.aspx -!If "$(CC)" == "" -CC = cl.exe -!Endif - -!IF "$(VC)"=="6" -CC_NODEBUG = $(CC) /O2 /DNDEBUG -CC_DEBUG = $(CC) /Od /Gm /Zi /D_DEBUG /GZ -CFLAGS = /I. /I../lib /I../include /nologo /W4 /GX /YX /FD /c /DBUILDING_LIBCURL -!ELSE -CC_NODEBUG = $(CC) /O2 /DNDEBUG -CC_DEBUG = $(CC) /Od /D_DEBUG /RTC1 /Z7 /LDd -CFLAGS = /I. /I../lib /I../include /nologo /W4 /EHsc /FD /c /DBUILDING_LIBCURL -!ENDIF - -LFLAGS = /nologo /machine:$(MACHINE) -LNKDLL = link.exe /DLL -# Use lib.exe instead of link.exe as link.exe /lib has the following bad habits: -# - optimizing options like /opt:ref raises warnings (at least in Visual Studio 2015) -# - all (including Windows) dependencies are aggregated (as static parts) -# - link.exe /lib is not documented (anymore) at MSDN -# Instead of id: just create an archive, that contains all objects -LNKLIB = lib.exe - -CFLAGS_PDB = /Zi -LFLAGS_PDB = /incremental:no /opt:ref,icf /DEBUG - -CFLAGS_LIBCURL_STATIC = /DCURL_STATICLIB - -WIN_LIBS = ws2_32.lib wldap32.lib advapi32.lib crypt32.lib secur32.lib - -BASE_NAME = libcurl -BASE_NAME_DEBUG = $(BASE_NAME)_debug -BASE_NAME_STATIC = $(BASE_NAME)_a -BASE_NAME_STATIC_DEBUG = $(BASE_NAME_STATIC)_debug - -LIB_NAME_STATIC = $(BASE_NAME_STATIC).lib -LIB_NAME_STATIC_DEBUG = $(BASE_NAME_STATIC_DEBUG).lib -LIB_NAME_DLL = $(BASE_NAME).dll -LIB_NAME_IMP = $(BASE_NAME).lib -LIB_NAME_DLL_DEBUG = $(BASE_NAME_DEBUG).dll -LIB_NAME_IMP_DEBUG = $(BASE_NAME_DEBUG).lib - -PDB_NAME_STATIC = $(BASE_NAME_STATIC).pdb -PDB_NAME_STATIC_DEBUG = $(BASE_NAME_STATIC_DEBUG).pdb -PDB_NAME_DLL = $(BASE_NAME).pdb -PDB_NAME_DLL_DEBUG = $(BASE_NAME_DEBUG).pdb - -# CURL Command section -PROGRAM_NAME = curl.exe -CURL_CFLAGS = /I../lib /I../lib/curlx /I../include /nologo /W4 /EHsc /FD /c -CURL_LFLAGS = /out:$(DIRDIST)\bin\$(PROGRAM_NAME) /subsystem:console $(LFLAGS) -CURL_RESFLAGS = /i../include - -############################################################# -## Nothing more to do below this line! -LIBCURL_SRC_DIR = ..\lib -CURL_SRC_DIR = ..\src - -!IF EXISTS($(CURL_SRC_DIR)\tool_hugehelp.c) -USE_MANUAL = true -CFLAGS = $(CFLAGS) /DUSE_MANUAL -!ENDIF - -!IFNDEF WITH_DEVEL -WITH_DEVEL = ../../deps -!ENDIF -DEVEL_INCLUDE= $(WITH_DEVEL)/include -DEVEL_LIB = $(WITH_DEVEL)/lib - -!IF EXISTS("$(DEVEL_INCLUDE)") -CFLAGS = $(CFLAGS) /I"$(DEVEL_INCLUDE)" -!ENDIF -!IF EXISTS("$(DEVEL_LIB)") -LFLAGS = $(LFLAGS) "/LIBPATH:$(DEVEL_LIB)" -!ENDIF - -!IFDEF SSL_PATH -SSL_INC_DIR = $(SSL_PATH)\include -SSL_LIB_DIR = $(SSL_PATH)\lib -SSL_LFLAGS = $(SSL_LFLAGS) "/LIBPATH:$(SSL_LIB_DIR)" -!ELSE -SSL_INC_DIR=$(DEVEL_INCLUDE)\openssl -SSL_LIB_DIR=$(DEVEL_LIB) -!ENDIF - -!IF "$(WITH_SSL)"=="dll" || "$(WITH_SSL)"=="static" -!IF EXISTS("$(SSL_LIB_DIR)\libssl.lib") -SSL_LIBS = libssl.lib libcrypto.lib -!ELSE -SSL_LIBS = libeay32.lib ssleay32.lib -!ENDIF -USE_SSL = true -SSL = $(WITH_SSL) -!IF "$(WITH_SSL)"=="static" -WIN_LIBS = $(WIN_LIBS) gdi32.lib user32.lib crypt32.lib -!ENDIF -!ENDIF - -!IFDEF USE_SSL -SSL_CFLAGS = /DUSE_OPENSSL /I"$(SSL_INC_DIR)" -!IF "$(ENABLE_OPENSSL_AUTO_LOAD_CONFIG)"=="false" -SSL_CFLAGS = $(SSL_CFLAGS) /DCURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG -!ENDIF -!ENDIF - -!IF "$(DISABLE_WEBSOCKETS)"=="true" -CFLAGS = $(CFLAGS) /DCURL_DISABLE_WEBSOCKETS=1 -!ENDIF - -!IFDEF NGHTTP2_PATH -NGHTTP2_INC_DIR = $(NGHTTP2_PATH)\include -NGHTTP2_LIB_DIR = $(NGHTTP2_PATH)\lib -NGHTTP2_LFLAGS = $(NGHTTP2_LFLAGS) "/LIBPATH:$(NGHTTP2_LIB_DIR)" -!ELSE -NGHTTP2_INC_DIR = $(DEVEL_INCLUDE) -NGHTTP2_LIB_DIR = $(DEVEL_LIB) -!ENDIF - -!IF "$(WITH_NGHTTP2)"=="dll" -NGHTTP2_CFLAGS = /DUSE_NGHTTP2 /I"$(NGHTTP2_INC_DIR)" -NGHTTP2_LIBS = nghttp2.lib -!ELSEIF "$(WITH_NGHTTP2)"=="static" -NGHTTP2_CFLAGS = /DUSE_NGHTTP2 /DNGHTTP2_STATICLIB /I"$(NGHTTP2_INC_DIR)" -!IF EXISTS("$(NGHTTP2_LIB_DIR)\nghttp2_static.lib") -NGHTTP2_LIBS = nghttp2_static.lib -!ELSE -NGHTTP2_LIBS = nghttp2.lib -!ENDIF -!ENDIF - -!IFDEF MBEDTLS_PATH -MBEDTLS_INC_DIR = $(MBEDTLS_PATH)\include -MBEDTLS_LIB_DIR = $(MBEDTLS_PATH)\lib -MBEDTLS_LFLAGS = $(MBEDTLS_LFLAGS) "/LIBPATH:$(MBEDTLS_LIB_DIR)" -!ELSE -MBEDTLS_INC_DIR = $(DEVEL_INCLUDE) -MBEDTLS_LIB_DIR = $(DEVEL_LIB) -!ENDIF - -!IF "$(WITH_MBEDTLS)"=="dll" || "$(WITH_MBEDTLS)"=="static" -USE_MBEDTLS = true -MBEDTLS = $(WITH_MBEDTLS) -MBEDTLS_CFLAGS = /DUSE_MBEDTLS /I"$(MBEDTLS_INC_DIR)" -MBEDTLS_LIBS = mbedtls.lib mbedcrypto.lib mbedx509.lib -!ENDIF - -!IFDEF WOLFSSL_PATH -WOLFSSL_INC_DIR = $(WOLFSSL_PATH)\include -WOLFSSL_LIB_DIR = $(WOLFSSL_PATH)\lib -WOLFSSL_LFLAGS = $(WOLFSSL_LFLAGS) "/LIBPATH:$(WOLFSSL_LIB_DIR)" -!ELSE -WOLFSSL_INC_DIR = $(DEVEL_INCLUDE) -WOLFSSL_LIB_DIR = $(DEVEL_LIB) -!ENDIF - -!IF "$(WITH_WOLFSSL)"=="dll" || "$(WITH_WOLFSSL)"=="static" -USE_WOLFSSL = true -WOLFSSL = $(WITH_WOLFSSL) -WOLFSSL_CFLAGS = /DUSE_WOLFSSL /I"$(WOLFSSL_INC_DIR)" -WOLFSSL_LIBS = wolfssl.lib -!ENDIF - - -!IFDEF CARES_PATH -CARES_INC_DIR = $(CARES_PATH)\include -CARES_LIB_DIR = $(CARES_PATH)\lib -CARES_LFLAGS = $(CARES_LFLAGS) "/LIBPATH:$(CARES_LIB_DIR)" -!ELSE -CARES_INC_DIR = $(DEVEL_INCLUDE)/cares -CARES_LIB_DIR = $(DEVEL_LIB) -!ENDIF - -!IF "$(WITH_CARES)"=="dll" -!IF "$(DEBUG)"=="yes" -CARES_LIBS = caresd.lib -!ELSE -CARES_LIBS = cares.lib -!ENDIF -USE_CARES = true -CARES = dll -!ELSEIF "$(WITH_CARES)"=="static" -!IF "$(DEBUG)"=="yes" -CARES_LIBS = libcaresd.lib -!ELSE -CARES_LIBS = libcares.lib -!ENDIF -USE_CARES = true -CARES = static -!ENDIF - -!IFDEF USE_CARES -CARES_CFLAGS = /DUSE_ARES /I"$(CARES_INC_DIR)" -!IF "$(CARES)"=="static" -CARES_CFLAGS = $(CARES_CFLAGS) /DCARES_STATICLIB -!ENDIF -!ENDIF - - -!IFDEF ZLIB_PATH -ZLIB_INC_DIR = $(ZLIB_PATH)\include -ZLIB_LIB_DIR = $(ZLIB_PATH)\lib -ZLIB_LFLAGS = $(ZLIB_LFLAGS) "/LIBPATH:$(ZLIB_LIB_DIR)" -!ELSE -ZLIB_INC_DIR = $(DEVEL_INCLUDE) -ZLIB_LIB_DIR = $(DEVEL_LIB) -!ENDIF - -# Depending on how zlib is built the libraries have different names, we -# try to handle them all. -!IF "$(WITH_ZLIB)"=="dll" -!IF EXISTS("$(ZLIB_LIB_DIR)\zlibwapi.lib") -ZLIB_LIBS = zlibwapi.lib -ADDITIONAL_ZLIB_CFLAGS = /DZLIB_WINAPI -!ELSEIF EXISTS("$(ZLIB_LIB_DIR)\zdll.lib") -ZLIB_LIBS = zdll.lib -!ELSE -ZLIB_LIBS = zlib.lib -!ENDIF -USE_ZLIB = true -ZLIB = dll -!ELSEIF "$(WITH_ZLIB)"=="static" -!IF EXISTS("$(ZLIB_LIB_DIR)\zlibstat.lib") -ZLIB_LIBS = zlibstat.lib -ADDITIONAL_ZLIB_CFLAGS = /DZLIB_WINAPI -!ELSEIF EXISTS("$(ZLIB_LIB_DIR)\zlibstatic.lib") -ZLIB_LIBS = zlibstatic.lib -!ELSEIF EXISTS("$(ZLIB_LIB_DIR)\zlib.lib") -ZLIB_LIBS = zlib.lib -!ELSE -ZLIB_LIBS = zlib_a.lib -!ENDIF -USE_ZLIB = true -ZLIB = static -!ENDIF - -!IFDEF USE_ZLIB -ZLIB_CFLAGS = /DHAVE_LIBZ $(ADDITIONAL_ZLIB_CFLAGS) /I"$(ZLIB_INC_DIR)" -!ENDIF - - -!IFDEF SSH2_PATH -SSH2_INC_DIR= $(SSH2_PATH)\include -SSH2_LIB_DIR= $(SSH2_PATH)\lib -SSH2_LFLAGS = $(SSH2_LFLAGS) "/LIBPATH:$(SSH2_LIB_DIR)" -!ELSE -SSH2_LIB_DIR= $(DEVEL_LIB) -SSH2_INC_DIR= $(DEVEL_INCLUDE)/libssh2 -!ENDIF - -!IF "$(WITH_SSH2)"=="dll" -SSH2_LIBS = libssh2.lib -USE_SSH2 = true -SSH2 = dll -!ELSEIF "$(WITH_SSH2)"=="static" -# libssh2 NMakefile on Windows at default creates a static library without _a suffix -!IF EXISTS("$(SSH2_LIB_DIR)\libssh2.lib") -SSH2_LIBS = libssh2.lib -!ELSE -SSH2_LIBS = libssh2_a.lib -!ENDIF -WIN_LIBS = $(WIN_LIBS) user32.lib -USE_SSH2 = true -SSH2 = static -!ENDIF - -!IFDEF USE_SSH2 -SSH2_CFLAGS = /DUSE_LIBSSH2 -SSH2_CFLAGS = $(SSH2_CFLAGS) /I"$(SSH2_INC_DIR)" -!ENDIF - - -!IFDEF SSH_PATH -SSH_INC_DIR= $(SSH_PATH)\include -SSH_LIB_DIR= $(SSH_PATH)\lib -SSH_LFLAGS = $(SSH_LFLAGS) "/LIBPATH:$(SSH_LIB_DIR)" -!ELSE -SSH_LIB_DIR= $(DEVEL_LIB) -SSH_INC_DIR= $(DEVEL_INCLUDE) -!ENDIF - -!IF "$(WITH_SSH)"=="dll" || "$(WITH_SSH)"=="static" -SSH_LIBS = ssh.lib -USE_SSH = true -SSH = $(WITH_SSH) -!ENDIF - -!IFDEF USE_SSH -SSH_CFLAGS = /DUSE_LIBSSH -SSH_CFLAGS = $(SSH_CFLAGS) /I"$(SSH_INC_DIR)" -!ENDIF - - -!IFNDEF USE_IDN -USE_IDN = true -!ELSEIF "$(USE_IDN)"=="yes" -USE_IDN = true -!ENDIF - -!IF "$(USE_IDN)"=="true" -IDN_CFLAGS = $(IDN_CFLAGS) /DUSE_WIN32_IDN -WIN_LIBS = $(WIN_LIBS) Normaliz.lib -!ENDIF - - -!IFNDEF USE_IPV6 -USE_IPV6 = true -!ELSEIF "$(USE_IPV6)"=="yes" -USE_IPV6 = true -!ENDIF - -!IF "$(USE_IPV6)"=="true" -IPV6_CFLAGS = $(IPV6_CFLAGS) /DUSE_IPV6 -!ENDIF - - -!IFNDEF USE_SSPI -USE_SSPI = true -!ELSEIF "$(USE_SSPI)"=="yes" -USE_SSPI = true -!ENDIF - -!IF "$(USE_SSPI)"=="true" -SSPI_CFLAGS = $(SSPI_CFLAGS) /DUSE_WINDOWS_SSPI -!ENDIF - - -!IFNDEF USE_SCHANNEL -!IF "$(USE_SSL)"=="true" -USE_SCHANNEL = false -!ELSE -USE_SCHANNEL = $(USE_SSPI) -!ENDIF -!ELSEIF "$(USE_SCHANNEL)"=="yes" -USE_SCHANNEL = true -!ENDIF - - -!IF "$(USE_SCHANNEL)"=="true" -!IF "$(USE_SSPI)"!="true" -!ERROR cannot build with Schannel without SSPI -!ENDIF -SSPI_CFLAGS = $(SSPI_CFLAGS) /DUSE_SCHANNEL -WIN_LIBS = $(WIN_LIBS) Crypt32.lib -!ENDIF - - -!IF "$(GEN_PDB)"=="yes" -GEN_PDB = true -!ENDIF - - -!IFDEF EMBED_MANIFEST -MANIFESTTOOL = $(MT) -manifest $(DIRDIST)\bin\$(PROGRAM_NAME).manifest -outputresource:$(DIRDIST)\bin\$(PROGRAM_NAME);1 -!ENDIF - -# Runtime library configuration -!IF "$(RTLIBCFG)"=="static" -RTLIB = /MT -RTLIB_DEBUG = /MTd -!ELSE -RTLIB = /MD -RTLIB_DEBUG = /MDd -!ENDIF - -!IF "$(MODE)"=="static" -TARGET = $(LIB_NAME_STATIC) -CURL_LIBCURL_LIBNAME=$(LIB_NAME_STATIC) -AS_DLL = false -CFGSET = true -!ELSEIF "$(MODE)"=="dll" -TARGET = $(LIB_NAME_DLL) -CURL_LIBCURL_LIBNAME=$(LIB_NAME_IMP) -AS_DLL = true -CFGSET = true -!ENDIF - -!IF "$(CFGSET)" == "FALSE" -!ERROR please choose a valid mode -!ENDIF - - -# CURL_XX macros are for the curl.exe command - -!IF "$(DEBUG)"=="yes" -RC_FLAGS = /d_DEBUG /Fo $@ $(LIBCURL_SRC_DIR)\libcurl.rc -CURL_CC = $(CC_DEBUG) $(RTLIB_DEBUG) -CURL_RC_FLAGS = $(CURL_RC_FLAGS) /i../include /d_DEBUG /Fo $@ $(CURL_SRC_DIR)\curl.rc -!ELSE -RC_FLAGS = /Fo $@ $(LIBCURL_SRC_DIR)\libcurl.rc -CURL_CC = $(CC_NODEBUG) $(RTLIB) -CURL_RC_FLAGS = $(CURL_RC_FLAGS) /i../include /Fo $@ $(CURL_SRC_DIR)\curl.rc -!ENDIF - -!IF "$(AS_DLL)" == "true" - -LNK = $(LNKDLL) $(LFLAGS) $(WIN_LIBS) /out:$(LIB_DIROBJ)\$(TARGET) -!IF "$(DEBUG)"=="yes" -TARGET = $(LIB_NAME_DLL_DEBUG) -LNK = $(LNK) /DEBUG /IMPLIB:$(LIB_DIROBJ)\$(LIB_NAME_IMP_DEBUG) -PDB = $(PDB_NAME_DLL_DEBUG) -CURL_LIBS = /IMPLIB:$(LIB_DIROBJ)\$(LIB_NAME_IMP_DEBUG) -!ELSE -TARGET = $(LIB_NAME_DLL) -LNK = $(LNK) /IMPLIB:$(LIB_DIROBJ)\$(LIB_NAME_IMP) -PDB = $(PDB_NAME_DLL) -CURL_LIBS = /IMPLIB:$(LIB_DIROBJ)\$(LIB_NAME_IMP) -!ENDIF -RESOURCE = $(LIB_DIROBJ)\libcurl.res - -# AS_DLL -!ELSE - -!IF "$(DEBUG)"=="yes" -TARGET = $(LIB_NAME_STATIC_DEBUG) -PDB = $(PDB_NAME_STATIC_DEBUG) -!ELSE -TARGET = $(LIB_NAME_STATIC) -PDB = $(PDB_NAME_STATIC) -!ENDIF -LNK = $(LNKLIB) /out:$(LIB_DIROBJ)\$(TARGET) -CURL_CC = $(CURL_CC) $(CFLAGS_LIBCURL_STATIC) - -# AS_DLL -!ENDIF - -!IF "$(USE_SSL)"=="true" -CFLAGS = $(CFLAGS) $(SSL_CFLAGS) -LFLAGS = $(LFLAGS) $(SSL_LFLAGS) $(SSL_LIBS) -!ENDIF - -!IF "$(USE_MBEDTLS)"=="true" -CFLAGS = $(CFLAGS) $(MBEDTLS_CFLAGS) -LFLAGS = $(LFLAGS) $(MBEDTLS_LFLAGS) $(MBEDTLS_LIBS) -!ENDIF - -!IF "$(USE_WOLFSSL)"=="true" -CFLAGS = $(CFLAGS) $(WOLFSSL_CFLAGS) -LFLAGS = $(LFLAGS) $(WOLFSSL_LFLAGS) $(WOLFSSL_LIBS) -!ENDIF - -!IF "$(USE_CARES)"=="true" -CFLAGS = $(CFLAGS) $(CARES_CFLAGS) -LFLAGS = $(LFLAGS) $(CARES_LFLAGS) $(CARES_LIBS) -!ENDIF - -!IF "$(USE_ZLIB)"=="true" -CFLAGS = $(CFLAGS) $(ZLIB_CFLAGS) -LFLAGS = $(LFLAGS) $(ZLIB_LFLAGS) $(ZLIB_LIBS) -!ENDIF - -!IF "$(USE_SSH2)"=="true" -CFLAGS = $(CFLAGS) $(SSH2_CFLAGS) -LFLAGS = $(LFLAGS) $(SSH2_LFLAGS) $(SSH2_LIBS) -!ENDIF - -!IF "$(USE_SSH)"=="true" -CFLAGS = $(CFLAGS) $(SSH_CFLAGS) -LFLAGS = $(LFLAGS) $(SSH_LFLAGS) $(SSH_LIBS) -!ENDIF - -!IF "$(USE_IDN)"=="true" -CFLAGS = $(CFLAGS) $(IDN_CFLAGS) -!ENDIF - -!IF "$(USE_IPV6)"=="true" -CFLAGS = $(CFLAGS) $(IPV6_CFLAGS) -!ENDIF - -!IF "$(USE_SSPI)"=="true" -CFLAGS = $(CFLAGS) $(SSPI_CFLAGS) -!ENDIF - -!IF "$(USE_NGHTTP2)"=="true" -CFLAGS = $(CFLAGS) $(NGHTTP2_CFLAGS) -LFLAGS = $(LFLAGS) $(NGHTTP2_LFLAGS) $(NGHTTP2_LIBS) -!ENDIF - -!IF "$(GEN_PDB)"=="true" -CFLAGS = $(CFLAGS) $(CFLAGS_PDB) /Fd"$(LIB_DIROBJ)\$(PDB)" -LFLAGS = $(LFLAGS) $(LFLAGS_PDB) -!ENDIF - -!IF ( "$(USE_SSL)"=="true" && "$(USE_SCHANNEL)"=="true" ) \ - || ( "$(USE_SSL)"=="true" && "$(USE_MBEDTLS)"=="true" ) \ - || ( "$(USE_SSL)"=="true" && "$(USE_WOLFSSL)"=="true" ) \ - || ( "$(USE_MBEDTLS)"=="true" && "$(USE_WOLFSSL)"=="true" ) \ - || ( "$(USE_MBEDTLS)"=="true" && "$(USE_SCHANNEL)"=="true" ) \ - || ( "$(USE_WOLFSSL)"=="true" && "$(USE_SCHANNEL)"=="true" ) -CFLAGS = $(CFLAGS) /DCURL_WITH_MULTI_SSL -!ENDIF - -!IF "$(USE_UNICODE)"=="true" -CFLAGS = $(CFLAGS) /DUNICODE /D_UNICODE -!ENDIF - -LIB_DIROBJ = ..\builds\$(CONFIG_NAME_LIB)-obj-lib -CURL_DIROBJ = ..\builds\$(CONFIG_NAME_LIB)-obj-curl - -!IFDEF WITH_PREFIX -DIRDIST = $(WITH_PREFIX) -!ELSE -DIRDIST = ..\builds\$(CONFIG_NAME_LIB)\ -!ENDIF - -# -# curl.exe -# -CURL_LINK = link.exe /incremental:no /libpath:"$(DIRDIST)\lib" - -!IF "$(CFGSET)" != "FALSE" -# A mode was provided, so the library can be built. -# -!include CURL_OBJS.inc -!include LIBCURL_OBJS.inc - -!IF "$(AS_DLL)" == "true" -LIB_OBJS = $(LIBCURL_OBJS) $(RESOURCE) -!ELSE -LIB_OBJS = $(LIBCURL_OBJS) -!ENDIF - -EXE_OBJS = $(CURL_OBJS) $(CURL_DIROBJ)\curl.res - -all : $(TARGET) $(PROGRAM_NAME) - -package: $(TARGET) - @cd $(DIRDIST) - @-$(ZIP) -9 -q -r ..\$(CONFIG_NAME_LIB).zip .>nul 2<&1 - @cd $(MAKEDIR) - -$(TARGET): $(LIB_OBJS) $(LIB_DIROBJ) $(DIRDIST) - @echo Using SSL: $(USE_SSL) - @echo Using NGHTTP2: $(USE_NGHTTP2) - @echo Using c-ares: $(USE_CARES) - @echo Using SSH2: $(USE_SSH2) - @echo Using SSH: $(USE_SSH) - @echo Using ZLIB: $(USE_ZLIB) - @echo Using IDN: $(USE_IDN) - @echo Using IPv6: $(USE_IPV6) - @echo Using SSPI: $(USE_SSPI) - @echo Using Schannel: $(USE_SCHANNEL) - @echo CFLAGS: $(CFLAGS) - @echo LFLAGS: $(LFLAGS) - @echo GenPDB: $(GEN_PDB) - @echo Debug: $(DEBUG) - @echo Machine: $(MACHINE) - $(LNK) $(LIB_OBJS) - @echo Copying libs... - @if exist $(LIB_DIROBJ)\$(LIB_NAME_DLL) copy $(LIB_DIROBJ)\$(LIB_NAME_DLL) $(DIRDIST)\bin\ /y >nul 2<&1 - @if exist $(LIB_DIROBJ)\$(LIB_NAME_STATIC) copy $(LIB_DIROBJ)\$(LIB_NAME_STATIC) $(DIRDIST)\lib\ /y >nul 2<&1 - @if exist $(LIB_DIROBJ)\$(LIB_NAME_DLL_DEBUG) copy $(LIB_DIROBJ)\$(LIB_NAME_DLL_DEBUG) $(DIRDIST)\bin\ /y >nul 2<&1 - @if exist $(LIB_DIROBJ)\$(LIB_NAME_STATIC_DEBUG) copy $(LIB_DIROBJ)\$(LIB_NAME_STATIC_DEBUG) $(DIRDIST)\lib\ /y >nul 2<&1 - @if exist $(LIB_DIROBJ)\$(LIB_NAME_IMP) copy $(LIB_DIROBJ)\$(LIB_NAME_IMP) $(DIRDIST)\lib\ /y >nul 2<&1 - @if exist $(LIB_DIROBJ)\$(LIB_NAME_IMP_DEBUG) copy $(LIB_DIROBJ)\$(LIB_NAME_IMP_DEBUG) $(DIRDIST)\lib >nul 2<&1 - @-copy $(LIB_DIROBJ)\*.exp $(DIRDIST)\lib /y >nul 2<&1 - @-copy $(LIB_DIROBJ)\*.pdb $(DIRDIST)\lib /y >nul 2<&1 - @-copy ..\include\curl\*.h $(DIRDIST)\include\curl\ /y >nul 2<&1 - -$(LIB_OBJS): $(LIB_DIROBJ) $(DIRDIST) - -$(DIRDIST): - @if not exist "$(DIRDIST)\bin" mkdir $(DIRDIST)\bin - @if not exist "$(DIRDIST)\include" mkdir $(DIRDIST)\include - @if not exist "$(DIRDIST)\include\curl" mkdir $(DIRDIST)\include\curl - @if not exist "$(DIRDIST)\lib" mkdir $(DIRDIST)\lib - -$(LIB_DIROBJ): - @if not exist "$(LIB_DIROBJ)" mkdir $(LIB_DIROBJ) - @if not exist "$(LIB_DIROBJ)\vauth" mkdir $(LIB_DIROBJ)\vauth - @if not exist "$(LIB_DIROBJ)\vtls" mkdir $(LIB_DIROBJ)\vtls - @if not exist "$(LIB_DIROBJ)\vssh" mkdir $(LIB_DIROBJ)\vssh - @if not exist "$(LIB_DIROBJ)\vquic" mkdir $(LIB_DIROBJ)\vquic - @if not exist "$(LIB_DIROBJ)\curlx" mkdir $(LIB_DIROBJ)\curlx - -$(CURL_DIROBJ): - @if not exist "$(CURL_DIROBJ)" mkdir $(CURL_DIROBJ) -# we need a lib dir for the portability functions from libcurl -# we use the .c directly here - @if not exist "$(CURL_DIROBJ)" mkdir $(CURL_DIROBJ)\lib - -.SUFFIXES: .c .obj .res - -{$(LIBCURL_SRC_DIR)\}.c{$(LIB_DIROBJ)\}.obj:: - $(CURL_CC) $(CFLAGS) /Fo"$(LIB_DIROBJ)\\" $< - -{$(LIBCURL_SRC_DIR)\vauth\}.c{$(LIB_DIROBJ)\vauth\}.obj:: - $(CURL_CC) $(CFLAGS) /Fo"$(LIB_DIROBJ)\vauth\\" $< - -{$(LIBCURL_SRC_DIR)\vtls\}.c{$(LIB_DIROBJ)\vtls\}.obj:: - $(CURL_CC) $(CFLAGS) /Fo"$(LIB_DIROBJ)\vtls\\" $< - -{$(LIBCURL_SRC_DIR)\vssh\}.c{$(LIB_DIROBJ)\vssh\}.obj:: - $(CURL_CC) $(CFLAGS) /Fo"$(LIB_DIROBJ)\vssh\\" $< - -{$(LIBCURL_SRC_DIR)\vquic\}.c{$(LIB_DIROBJ)\vquic\}.obj:: - $(CURL_CC) $(CFLAGS) /Fo"$(LIB_DIROBJ)\vquic\\" $< - -{$(LIBCURL_SRC_DIR)\curlx\}.c{$(LIB_DIROBJ)\curlx\}.obj:: - $(CURL_CC) $(CFLAGS) /Fo"$(LIB_DIROBJ)\curlx\\" $< - -$(LIB_DIROBJ)\libcurl.res: $(LIBCURL_SRC_DIR)\libcurl.rc - $(RC) $(RC_FLAGS) - -# -# curl.exe -# - - -!IF "$(MODE)"=="static" -!IF "$(DEBUG)"=="yes" -CURL_LIBCURL_LIBNAME=$(LIB_NAME_STATIC_DEBUG) -!ELSE -CURL_LIBCURL_LIBNAME=$(LIB_NAME_STATIC) -!ENDIF -!ELSEIF "$(MODE)"=="dll" -!IF "$(DEBUG)"=="yes" -CURL_LIBCURL_LIBNAME=$(LIB_NAME_IMP_DEBUG) -!ELSE -CURL_LIBCURL_LIBNAME=$(LIB_NAME_IMP) -!ENDIF -!ENDIF - -CURL_FROM_LIBCURL=\ - $(CURL_DIROBJ)\nonblock.obj \ - $(CURL_DIROBJ)\strparse.obj \ - $(CURL_DIROBJ)\strcase.obj \ - $(CURL_DIROBJ)\timeval.obj \ - $(CURL_DIROBJ)\wait.obj \ - $(CURL_DIROBJ)\warnless.obj \ - $(CURL_DIROBJ)\multibyte.obj \ - $(CURL_DIROBJ)\version_win32.obj \ - $(CURL_DIROBJ)\dynbuf.obj \ - $(CURL_DIROBJ)\base64.obj - -!IFDEF USE_MANUAL -CURL_FROM_LIBCURL = $(CURL_FROM_LIBCURL) $(CURL_DIROBJ)\tool_hugehelp.obj -!ENDIF - -$(PROGRAM_NAME): $(CURL_DIROBJ) $(CURL_FROM_LIBCURL) $(EXE_OBJS) - $(CURL_LINK) $(CURL_LFLAGS) $(CURL_LIBCURL_LIBNAME) $(WIN_LIBS) $(CURL_FROM_LIBCURL) $(EXE_OBJS) - $(MANIFESTTOOL) - -{$(CURL_SRC_DIR)\}.c{$(CURL_DIROBJ)\}.obj:: - $(CURL_CC) $(CURL_CFLAGS) /Fo"$(CURL_DIROBJ)\\" $< - -!IFDEF USE_MANUAL -$(CURL_DIROBJ)\tool_hugehelp.obj: $(CURL_SRC_DIR)\tool_hugehelp.c - $(CURL_CC) $(CURL_CFLAGS) /Zm200 /Fo"$@" $(CURL_SRC_DIR)\tool_hugehelp.c -!ENDIF -$(CURL_DIROBJ)\nonblock.obj: ../lib/curlx/nonblock.c - $(CURL_CC) $(CURL_CFLAGS) /Fo"$@" ../lib/curlx/nonblock.c -$(CURL_DIROBJ)\strparse.obj: ../lib/curlx/strparse.c - $(CURL_CC) $(CURL_CFLAGS) /Fo"$@" ../lib/curlx/strparse.c -$(CURL_DIROBJ)\strcase.obj: ../lib/strcase.c - $(CURL_CC) $(CURL_CFLAGS) /Fo"$@" ../lib/strcase.c -$(CURL_DIROBJ)\timeval.obj: ../lib/curlx/timeval.c - $(CURL_CC) $(CURL_CFLAGS) /Fo"$@" ../lib/curlx/timeval.c -$(CURL_DIROBJ)\multibyte.obj: ../lib/curlx/multibyte.c - $(CURL_CC) $(CURL_CFLAGS) /Fo"$@" ../lib/curlx/multibyte.c -$(CURL_DIROBJ)\version_win32.obj: ../lib/curlx/version_win32.c - $(CURL_CC) $(CURL_CFLAGS) /Fo"$@" ../lib/curlx/version_win32.c -$(CURL_DIROBJ)\wait.obj: ../lib/curlx/wait.c - $(CURL_CC) $(CURL_CFLAGS) /Fo"$@" ../lib/curlx/wait.c -$(CURL_DIROBJ)\warnless.obj: ../lib/curlx/warnless.c - $(CURL_CC) $(CURL_CFLAGS) /Fo"$@" ../lib/curlx/warnless.c -$(CURL_DIROBJ)\dynbuf.obj: ../lib/curlx/dynbuf.c - $(CURL_CC) $(CURL_CFLAGS) /Fo"$@" ../lib/curlx/dynbuf.c -$(CURL_DIROBJ)\base64.obj: ../lib/curlx/base64.c - $(CURL_CC) $(CURL_CFLAGS) /Fo"$@" ../lib/curlx/base64.c -$(CURL_DIROBJ)\curl.res: $(CURL_SRC_DIR)\curl.rc - $(RC) $(CURL_RC_FLAGS) - -!ENDIF # End of case where a config was provided. - -# Makefile.vc's clean removes (LIB)CURL_DIROBJ and DIRDIST dirs then calls -# this clean. Note those are the original directories we control and not the -# directories possibly modified by this makefile to point to user-specified -# directories. -# For example, don't remove DIRDIST here since it may contain user files if it -# has been changed by WITH_PREFIX to a different output dir (eg C:\usr\local). -clean: - @-erase /s *.dll 2> NUL - @-erase /s *.exp 2> NUL - @-erase /s *.idb 2> NUL - @-erase /s *.lib 2> NUL - @-erase /s *.obj 2> NUL - @-erase /s *.pch 2> NUL - @-erase /s *.pdb 2> NUL - @-erase /s *.res 2> NUL diff --git a/winbuild/README.md b/winbuild/README.md deleted file mode 100644 index 691e2dbc8d..0000000000 --- a/winbuild/README.md +++ /dev/null @@ -1,207 +0,0 @@ - - -# Deprecation warning - - This winbuild build system is deprecated and is going to be removed in - September 2025 in favor of the CMake build system. - - Please see docs/INSTALL-CMAKE.md : "Migrating from winbuild builds" - -# Building curl with Visual C++ - - This document describes how to compile, build and install curl and libcurl - from sources using the Visual C++ build tool. To build with VC++, you have to - first install VC++. The minimum required version of VC is 9 (part of Visual - Studio 2008). However using a more recent version is strongly recommended. - - VC++ is also part of the Windows Platform SDK. You do not have to install the - full Visual Studio or Visual C++ if all you want is to build curl. - - The latest Platform SDK can be downloaded freely from [Windows SDK and - emulator - archive](https://developer.microsoft.com/en-us/windows/downloads/sdk-archive) - -## Prerequisites - - If you wish to support zlib, OpenSSL, c-ares, ssh2, you have to download them - separately and copy them to the `deps` directory as shown below: - - somedirectory\ - |_curl-src - | |_winbuild - | - |_deps - |_ lib - |_ include - |_ bin - - It is also possible to create the `deps` directory in some other random places - and tell the `Makefile` its location using the `WITH_DEVEL` option. - -## Open a command prompt - -Open a Visual Studio Command prompt: - - Using the **'VS [version] [platform] [type] Command Prompt'** menu entry: - where [version] is the Visual Studio version, [platform] is e.g. x64 and - [type] Native or Cross platform build. This type of command prompt may not - exist in all Visual Studio versions. For example, to build a 64-bit curl open - the x64 Native Tools prompt. - - See also: - - [How to: Enable a 64-Bit, x64 hosted MSVC toolset on the command line](https://docs.microsoft.com/en-us/cpp/build/how-to-enable-a-64-bit-visual-cpp-toolset-on-the-command-line) - - [Set the Path and Environment Variables for Command-Line Builds](https://docs.microsoft.com/en-us/cpp/build/building-on-the-command-line) - - [Developer Command Prompt for Visual Studio](https://docs.microsoft.com/en-us/dotnet/framework/tools/developer-command-prompt-for-vs) - -## Build in the console - - Once you are in the console, go to the winbuild directory in the curl - sources: - - cd curl-src\winbuild - - Then you can call `nmake /f Makefile.vc` with the desired options (see - below). The builds are in the top src directory, `builds\` directory, in a - directory named using the options given to the nmake call. - - nmake /f Makefile.vc mode= - -where `` is one or many of: - - - `VC=` - VC version. 6 or later. - - `WITH_DEVEL=` - Paths for the development files (SSL, zlib, etc.) - Defaults to sibling directory: `../deps` - - `WITH_SSL=` - Enable OpenSSL support, DLL or static - - `WITH_NGHTTP2=` - Enable HTTP/2 support, DLL or static - - `WITH_MBEDTLS=` - Enable mbedTLS support, DLL or static - - `WITH_WOLFSSL=` - Enable wolfSSL support, DLL or static - - `WITH_CARES=` - Enable c-ares support, DLL or static - - `WITH_ZLIB=` - Enable zlib support, DLL or static - - `WITH_SSH=` - Enable libssh support, DLL or static - - `WITH_SSH2=` - Enable libssh2 support, DLL or static - - `WITH_PREFIX=` - Where to install the build - - `ENABLE_SSPI=` - Enable SSPI support, defaults to yes - - `ENABLE_IPV6=` - Enable IPv6, defaults to yes - - `ENABLE_IDN=` - Enable use of Windows IDN APIs, defaults to yes - Requires Windows Vista or later - - `ENABLE_SCHANNEL=` - Enable native Windows SSL support, defaults - to yes if SSPI and no other SSL library - - `ENABLE_OPENSSL_AUTO_LOAD_CONFIG=` - - Enable loading OpenSSL configuration - automatically, defaults to yes - - `ENABLE_UNICODE=` - Enable Unicode support, defaults to no - - `GEN_PDB=` - Generate External Program Database - (debug symbols for release build) - - `DEBUG=` - Debug builds - - `MACHINE=` - Target architecture (default is x86) - - `CARES_PATH=` - Custom path for c-ares - - `MBEDTLS_PATH=` - Custom path for mbedTLS - - `WOLFSSL_PATH=` - Custom path for wolfSSL - - `NGHTTP2_PATH=` - Custom path for nghttp2 - - `SSH_PATH=` - Custom path for libssh - - `SSH2_PATH=` - Custom path for libssh2 - - `SSL_PATH=` - Custom path for OpenSSL - - `ZLIB_PATH=` - Custom path for zlib - -## Cleaning a build - - For most build configurations you can remove a bad build by using the same - options with the added keyword "clean". For example: - - nmake /f Makefile.vc mode=static clean - - Build errors due to switching Visual Studio platform tools or mistakenly - specifying the wrong machine platform for the tools can usually be solved by - first cleaning the bad build. - -## Static linking of Microsoft's C runtime (CRT): - - If you are using mode=static, nmake creates and links to the static build of - libcurl but *not* the static CRT. If you must you can force nmake to link in - the static CRT by passing `RTLIBCFG=static`. Typically you shouldn't use that - option, and nmake defaults to the DLL CRT. `RTLIBCFG` is rarely used and - therefore rarely tested. When passing `RTLIBCFG` for a configuration that was - already built but not with that option, or if the option was specified - differently, you must destroy the build directory containing the - configuration so that nmake can build it from scratch. - - This option is not recommended unless you have enough development experience - to know how to match the runtime library for linking (that is, the CRT). If - `RTLIBCFG=static` then release builds use `/MT` and debug builds use `/MTd`. - -## Building your own application with libcurl (Visual Studio example) - - When you build curl and libcurl, nmake shows the relative path where the - output directory is. The output directory is named from the options nmake - used when building. You may also see temp directories of the same name but - with suffixes -obj-curl and -obj-lib. - - For example let's say you have built curl.exe and libcurl.dll from the Visual - Studio 2010 x64 Win64 Command Prompt: - - nmake /f Makefile.vc mode=dll VC=10 - - The output directory has a name similar to - `..\builds\libcurl-vc10-x64-release-dll-ipv6-sspi-schannel`. - - The output directory contains subdirectories bin, lib and include. Those are - the directories to set in your Visual Studio project. You can either copy the - output directory to your project or leave it in place. Following the example, - let's assume you leave it in place and your curl top source directory is - `C:\curl-7.82.0`. You would set these options for configurations using the - x64 platform: - -~~~ - - Configuration Properties > Debugging > Environment - PATH=C:\curl-7.82.0\builds\libcurl-vc10-x64-release-dll-ipv6-sspi-schannel\bin;%PATH% - - - C/C++ > General > Additional Include Directories - C:\curl-7.82.0\builds\libcurl-vc10-x64-release-dll-ipv6-sspi-schannel\include; - - - Linker > General > Additional Library Directories - C:\curl-7.82.0\builds\libcurl-vc10-x64-release-dll-ipv6-sspi-schannel\lib; - - - Linker > Input > Additional Dependencies - libcurl.lib; -~~~ - - For configurations using the x86 platform (aka Win32 platform) you would - need to make a separate x86 build of libcurl. - - If you build libcurl static (`mode=static`) or debug (`DEBUG=yes`) then the - library name varies and separate builds may be necessary for separate - configurations of your project within the same platform. This is discussed in - the next section. - -## Building your own application with a static libcurl - - When building an application that uses the static libcurl library on Windows, - you must define `CURL_STATICLIB`. Otherwise the linker looks for dynamic - import symbols. - - The static library name has an `_a` suffix in the basename and the debug - library name has a `_debug` suffix in the basename. For example, - `libcurl_a_debug.lib` is a static debug build of libcurl. - - You may need a separate build of libcurl for each VC configuration combination - (for example: Debug|Win32, Debug|x64, Release|Win32, Release|x64). - - You must specify any additional dependencies needed by your build of static - libcurl (for example: - `advapi32.lib;crypt32.lib;normaliz.lib;ws2_32.lib;wldap32.lib`). - -## Legacy Windows and SSL - - When you build curl using the build files in this directory the default SSL - backend is Schannel (Windows SSPI), the native SSL library that comes with - the Windows OS. Schannel in Windows 8 and earlier is not able to connect to - servers that no longer support the legacy handshakes and algorithms used by - those versions. If you are using curl in one of those earlier versions of - Windows you should choose another SSL backend like OpenSSL. diff --git a/winbuild/makedebug.bat b/winbuild/makedebug.bat deleted file mode 100644 index 6305537e3d..0000000000 --- a/winbuild/makedebug.bat +++ /dev/null @@ -1,33 +0,0 @@ -@echo off -rem *************************************************************************** -rem * _ _ ____ _ -rem * Project ___| | | | _ \| | -rem * / __| | | | |_) | | -rem * | (__| |_| | _ <| |___ -rem * \___|\___/|_| \_\_____| -rem * -rem * Copyright (C) Daniel Stenberg, , et al. -rem * -rem * This software is licensed as described in the file COPYING, which -rem * you should have received as part of this distribution. The terms -rem * are also available at https://curl.se/docs/copyright.html. -rem * -rem * You may opt to use, copy, modify, merge, publish, distribute and/or sell -rem * copies of the Software, and permit persons to whom the Software is -rem * furnished to do so, under the terms of the COPYING file. -rem * -rem * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY -rem * KIND, either express or implied. -rem * -rem * SPDX-License-Identifier: curl -rem * -rem *************************************************************************** - -where.exe nmake.exe >nul 2>&1 - -if %ERRORLEVEL% EQU 1 ( - echo Error: Cannot find nmake.exe - be sure to run this script from within a Developer Command-Prompt -) else ( - nmake.exe /f Makefile.vc MODE=static DEBUG=yes GEN_PDB=yes - if %ERRORLEVEL% NEQ 0 echo Error: Build Failed -) From 1c49f2f26d0f200bb9de61f795f06a1bc56845e9 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 1 Aug 2025 21:09:52 +0200 Subject: [PATCH 0084/2408] windows: replace `_beginthreadex()` with `CreateThread()` MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Replace `_beginthreadex()` C runtime calls with native win32 API `CreateThread()`. The latter was already used in `src/tool_doswin.c` and in UWP and Windows CE builds before this patch. After this patch all Windows flavors use it. To drop PP logic and simplify code. While working on this it turned out that `src/tool_doswin.c` calls `TerminateThread()`, which isn't recommended by the documentation, except for "the most extreme cases". This patch makes no attempt to change that code. Ref: 9a2663322c330ff11275abafd612e9c99407a94a #17572 Ref: https://learn.microsoft.com/windows/win32/api/processthreadsapi/nf-processthreadsapi-terminatethread Also: - use `WaitForSingleObjectEx()` on all desktop Windows. Ref: 4be80d5109a340973dc6ce0221ec5c5761587df0 Ref: https://sourceforge.net/p/curl/feature-requests/82/ Ref: https://learn.microsoft.com/windows/win32/api/synchapi/nf-synchapi-waitforsingleobjectex - tests: drop redundant casts. - lib3207: fix to not rely on thread macros when building without thread support. Assisted-by: Jay Satiro Assisted-by: Marcel Raad Assisted-by: Michał Petryka Follow-up to 38029101e2d78ba125732b3bab6ec267b80a0e72 #11625 Closes #18451 --- lib/curl_threads.c | 26 +++++--------------------- lib/curl_threads.h | 12 +++--------- tests/libtest/lib3026.c | 24 +++++------------------- tests/libtest/lib3207.c | 4 ++++ tests/server/sockfilt.c | 11 +++++------ tests/server/util.c | 20 +++++++------------- 6 files changed, 29 insertions(+), 68 deletions(-) diff --git a/lib/curl_threads.c b/lib/curl_threads.c index 96fd0f8a7a..94425d19fe 100644 --- a/lib/curl_threads.c +++ b/lib/curl_threads.c @@ -26,12 +26,8 @@ #include -#ifdef USE_THREADS_POSIX -# ifdef HAVE_PTHREAD_H -# include -# endif -#elif defined(USE_THREADS_WIN32) -# include +#if defined(USE_THREADS_POSIX) && defined(HAVE_PTHREAD_H) +#include #endif #include "curl_threads.h" @@ -105,20 +101,8 @@ int Curl_thread_join(curl_thread_t *hnd) curl_thread_t Curl_thread_create(CURL_THREAD_RETURN_T (CURL_STDCALL *func) (void *), void *arg) { -#if defined(CURL_WINDOWS_UWP) || defined(UNDER_CE) - typedef HANDLE curl_win_thread_handle_t; -#else - typedef uintptr_t curl_win_thread_handle_t; -#endif - curl_thread_t t; - curl_win_thread_handle_t thread_handle; -#if defined(CURL_WINDOWS_UWP) || defined(UNDER_CE) - thread_handle = CreateThread(NULL, 0, func, arg, 0, NULL); -#else - thread_handle = _beginthreadex(NULL, 0, func, arg, 0, NULL); -#endif - t = (curl_thread_t)thread_handle; - if((t == 0) || (t == LongToHandle(-1L))) { + curl_thread_t t = CreateThread(NULL, 0, func, arg, 0, NULL); + if(!t) { #ifdef UNDER_CE DWORD gle = GetLastError(); /* !checksrc! disable ERRNOVAR 1 */ @@ -142,7 +126,7 @@ void Curl_thread_destroy(curl_thread_t *hnd) int Curl_thread_join(curl_thread_t *hnd) { -#if !defined(_WIN32_WINNT) || (_WIN32_WINNT < _WIN32_WINNT_VISTA) +#ifdef UNDER_CE int ret = (WaitForSingleObject(*hnd, INFINITE) == WAIT_OBJECT_0); #else int ret = (WaitForSingleObjectEx(*hnd, INFINITE, FALSE) == WAIT_OBJECT_0); diff --git a/lib/curl_threads.h b/lib/curl_threads.h index 82f08c5fbb..241014cc6a 100644 --- a/lib/curl_threads.h +++ b/lib/curl_threads.h @@ -26,6 +26,7 @@ #include "curl_setup.h" #ifdef USE_THREADS_POSIX +# define CURL_THREAD_RETURN_T unsigned int # define CURL_STDCALL # define curl_mutex_t pthread_mutex_t # define curl_thread_t pthread_t * @@ -35,7 +36,8 @@ # define Curl_mutex_release(m) pthread_mutex_unlock(m) # define Curl_mutex_destroy(m) pthread_mutex_destroy(m) #elif defined(USE_THREADS_WIN32) -# define CURL_STDCALL __stdcall +# define CURL_THREAD_RETURN_T DWORD +# define CURL_STDCALL WINAPI # define curl_mutex_t CRITICAL_SECTION # define curl_thread_t HANDLE # define curl_thread_t_null (HANDLE)0 @@ -47,14 +49,6 @@ # define Curl_mutex_acquire(m) EnterCriticalSection(m) # define Curl_mutex_release(m) LeaveCriticalSection(m) # define Curl_mutex_destroy(m) DeleteCriticalSection(m) -#else -# define CURL_STDCALL -#endif - -#if defined(CURL_WINDOWS_UWP) || defined(UNDER_CE) -#define CURL_THREAD_RETURN_T DWORD -#else -#define CURL_THREAD_RETURN_T unsigned int #endif #if defined(USE_THREADS_POSIX) || defined(USE_THREADS_WIN32) diff --git a/tests/libtest/lib3026.c b/tests/libtest/lib3026.c index 2b35a25841..167fdd4d33 100644 --- a/tests/libtest/lib3026.c +++ b/tests/libtest/lib3026.c @@ -26,12 +26,7 @@ #define NUM_THREADS 100 #ifdef _WIN32 -#if defined(CURL_WINDOWS_UWP) || defined(UNDER_CE) -static DWORD WINAPI t3026_run_thread(LPVOID ptr) -#else -#include -static unsigned int WINAPI t3026_run_thread(void *ptr) -#endif +static DWORD WINAPI t3026_run_thread(void *ptr) { CURLcode *result = ptr; @@ -44,13 +39,8 @@ static unsigned int WINAPI t3026_run_thread(void *ptr) static CURLcode test_lib3026(const char *URL) { -#if defined(CURL_WINDOWS_UWP) || defined(UNDER_CE) - typedef HANDLE curl_win_thread_handle_t; -#else - typedef uintptr_t curl_win_thread_handle_t; -#endif CURLcode results[NUM_THREADS]; - curl_win_thread_handle_t thread_handles[NUM_THREADS]; + HANDLE thread_handles[NUM_THREADS]; unsigned tid_count = NUM_THREADS, i; CURLcode test_failure = CURLE_OK; curl_version_info_data *ver; @@ -65,13 +55,9 @@ static CURLcode test_lib3026(const char *URL) } for(i = 0; i < tid_count; i++) { - curl_win_thread_handle_t th; + HANDLE th; results[i] = CURL_LAST; /* initialize with invalid value */ -#if defined(CURL_WINDOWS_UWP) || defined(UNDER_CE) th = CreateThread(NULL, 0, t3026_run_thread, &results[i], 0, NULL); -#else - th = _beginthreadex(NULL, 0, t3026_run_thread, &results[i], 0, NULL); -#endif if(!th) { curl_mfprintf(stderr, "%s:%d Couldn't create thread, errno %lu\n", __FILE__, __LINE__, GetLastError()); @@ -84,8 +70,8 @@ static CURLcode test_lib3026(const char *URL) cleanup: for(i = 0; i < tid_count; i++) { - WaitForSingleObject((HANDLE)thread_handles[i], INFINITE); - CloseHandle((HANDLE)thread_handles[i]); + WaitForSingleObject(thread_handles[i], INFINITE); + CloseHandle(thread_handles[i]); if(results[i] != CURLE_OK) { curl_mfprintf(stderr, "%s:%d thread[%u]: curl_global_init() failed," "with code %d (%s)\n", __FILE__, __LINE__, diff --git a/tests/libtest/lib3207.c b/tests/libtest/lib3207.c index 446d98a000..e3b50ff40f 100644 --- a/tests/libtest/lib3207.c +++ b/tests/libtest/lib3207.c @@ -68,7 +68,11 @@ static size_t write_memory_callback(char *contents, size_t size, return realsize; } +#if defined(USE_THREADS_POSIX) || defined(USE_THREADS_WIN32) static CURL_THREAD_RETURN_T CURL_STDCALL test_thread(void *ptr) +#else +static unsigned int test_thread(void *ptr) +#endif { struct Ctx *ctx = (struct Ctx *)ptr; CURLcode res = CURLE_OK; diff --git a/tests/server/sockfilt.c b/tests/server/sockfilt.c index c8b21beee9..2785b75134 100644 --- a/tests/server/sockfilt.c +++ b/tests/server/sockfilt.c @@ -412,8 +412,7 @@ struct select_ws_wait_data { HANDLE signal; /* internal event to signal handle trigger */ HANDLE abort; /* internal event to abort waiting threads */ }; -#include -static unsigned int WINAPI select_ws_wait_thread(void *lpParameter) +static DWORD WINAPI select_ws_wait_thread(void *lpParameter) { struct select_ws_wait_data *data; HANDLE signal, handle, handles[2]; @@ -557,25 +556,25 @@ static unsigned int WINAPI select_ws_wait_thread(void *lpParameter) static HANDLE select_ws_wait(HANDLE handle, HANDLE signal, HANDLE abort) { - typedef uintptr_t curl_win_thread_handle_t; struct select_ws_wait_data *data; - curl_win_thread_handle_t thread; /* allocate internal waiting data structure */ data = malloc(sizeof(struct select_ws_wait_data)); if(data) { + HANDLE thread; + data->handle = handle; data->signal = signal; data->abort = abort; /* launch waiting thread */ - thread = _beginthreadex(NULL, 0, &select_ws_wait_thread, data, 0, NULL); + thread = CreateThread(NULL, 0, &select_ws_wait_thread, data, 0, NULL); /* free data if thread failed to launch */ if(!thread) { free(data); } - return (HANDLE)thread; + return thread; } return NULL; } diff --git a/tests/server/util.c b/tests/server/util.c index 26a5dd17f7..02f91083e4 100644 --- a/tests/server/util.c +++ b/tests/server/util.c @@ -350,7 +350,7 @@ static SIGHANDLER_T old_sigbreak_handler = SIG_ERR; #endif #if defined(_WIN32) && !defined(CURL_WINDOWS_UWP) && !defined(UNDER_CE) -static unsigned int thread_main_id = 0; +static DWORD thread_main_id = 0; static HANDLE thread_main_window = NULL; static HWND hidden_main_window = NULL; #endif @@ -487,8 +487,7 @@ static LRESULT CALLBACK main_window_proc(HWND hwnd, UINT uMsg, } /* Window message queue loop for hidden main window, details see above. */ -#include -static unsigned int WINAPI main_window_loop(void *lpParameter) +static DWORD WINAPI main_window_loop(void *lpParameter) { WNDCLASS wc; BOOL ret; @@ -509,7 +508,7 @@ static unsigned int WINAPI main_window_loop(void *lpParameter) CW_USEDEFAULT, CW_USEDEFAULT, CW_USEDEFAULT, CW_USEDEFAULT, (HWND)NULL, (HMENU)NULL, - wc.hInstance, (LPVOID)NULL); + wc.hInstance, NULL); if(!hidden_main_window) { win32_perror("CreateWindowEx failed"); return (DWORD)-1; @@ -623,15 +622,10 @@ void install_signal_handlers(bool keep_sigalrm) #endif #if !defined(CURL_WINDOWS_UWP) && !defined(UNDER_CE) - { - typedef uintptr_t curl_win_thread_handle_t; - curl_win_thread_handle_t thread; - thread = _beginthreadex(NULL, 0, &main_window_loop, - (void *)GetModuleHandle(NULL), 0, &thread_main_id); - thread_main_window = (HANDLE)thread; - if(!thread_main_window || !thread_main_id) - logmsg("cannot start main window loop"); - } + thread_main_window = CreateThread(NULL, 0, &main_window_loop, + GetModuleHandle(NULL), 0, &thread_main_id); + if(!thread_main_window || !thread_main_id) + logmsg("cannot start main window loop"); #endif #endif } From dc3f4fd89b7700a920597630d43e6c2702c6cc46 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 3 Sep 2025 16:48:49 +0200 Subject: [PATCH 0085/2408] autotools: make `--enable-code-coverage` support llvm/clang Cherry-picked from #18468 Closes #18473 --- configure.ac | 5 ++--- m4/curl-functions.m4 | 32 +++++++++++++++++++------------- 2 files changed, 21 insertions(+), 16 deletions(-) diff --git a/configure.ac b/configure.ac index 3f02d037ef..6c33b561be 100644 --- a/configure.ac +++ b/configure.ac @@ -128,9 +128,6 @@ CURLVERSION=`$SED -ne 's/^#define LIBCURL_VERSION "\(.*\)".*/\1/p' ${srcdir}/inc XC_CHECK_PROG_CC CURL_ATOMIC -dnl for --enable-code-coverage -CURL_COVERAGE - XC_AUTOMAKE AC_MSG_CHECKING([curl version]) AC_MSG_RESULT($CURLVERSION) @@ -523,6 +520,8 @@ dnl platform/compiler/architecture specific checks/flags dnl ********************************************************************** CURL_CHECK_COMPILER +dnl for --enable-code-coverage +CURL_COVERAGE CURL_CHECK_NATIVE_WINDOWS curl_cv_wince='no' diff --git a/m4/curl-functions.m4 b/m4/curl-functions.m4 index 83206dbc82..3640f0c84e 100644 --- a/m4/curl-functions.m4 +++ b/m4/curl-functions.m4 @@ -4290,25 +4290,31 @@ AC_DEFUN([CURL_COVERAGE],[ AS_HELP_STRING([--enable-code-coverage], [Provide code coverage]), coverage="$enableval") - dnl if not gcc switch off again - AS_IF([ test "$GCC" != "yes" ], coverage="no" ) + dnl if not gcc or clang switch off again + AS_IF([test "$compiler_id" != "GNU_C" -a "$compiler_id" != "CLANG" -a "$compiler_id" != "APPLECLANG"], coverage="no" ) AC_MSG_RESULT($coverage) if test "x$coverage" = "xyes"; then curl_coverage_msg="enabled" - AC_CHECK_TOOL([GCOV], [gcov], [gcov]) - if test -z "$GCOV"; then - AC_MSG_ERROR([needs gcov for code coverage]) - fi - AC_CHECK_PROG([LCOV], [lcov], [lcov]) - if test -z "$LCOV"; then - AC_MSG_ERROR([needs lcov for code coverage]) - fi - CPPFLAGS="$CPPFLAGS -DNDEBUG" - CFLAGS="$CFLAGS -O0 -g -fprofile-arcs -ftest-coverage" - LIBS="$LIBS -lgcov" + CFLAGS="$CFLAGS -O0 -g" + + if test "$compiler_id" = "GNU_C"; then + AC_CHECK_TOOL([GCOV], [gcov], [gcov]) + if test -z "$GCOV"; then + AC_MSG_ERROR([needs gcov for code coverage]) + fi + AC_CHECK_PROG([LCOV], [lcov], [lcov]) + if test -z "$LCOV"; then + AC_MSG_ERROR([needs lcov for code coverage]) + fi + CFLAGS="$CFLAGS -ftest-coverage -fprofile-arcs" + LIBS="$LIBS -lgcov" + else + CFLAGS="$CFLAGS -fprofile-instr-generate -fcoverage-mapping" + LDFLAGS="$LDFLAGS -fprofile-instr-generate -fcoverage-mapping" + fi fi ]) From 91720b620e802748d2e1629f43e29b76736542f9 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 3 Sep 2025 14:32:29 +0200 Subject: [PATCH 0086/2408] cmake: add `CURL_CODE_COVERAGE` option To sync up with the `--enable-code-coverage` `./configure` option. Ref: https://gcc.gnu.org/onlinedocs/gcc/Invoking-Gcov.html Ref: https://gcc.gnu.org/onlinedocs/gcc/Cross-profiling.html Ref: https://clang.llvm.org/docs/SourceBasedCodeCoverage.html Closes #18468 --- CMakeLists.txt | 23 +++++++++++++++++++++++ docs/INSTALL-CMAKE.md | 1 + lib/CMakeLists.txt | 17 +++++++++++++++++ src/CMakeLists.txt | 10 ++++++++++ 4 files changed, 51 insertions(+) diff --git a/CMakeLists.txt b/CMakeLists.txt index 0265162e74..ad78c58ed1 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -311,6 +311,26 @@ if(CURL_CLANG_TIDY) endif() endif() +option(CURL_CODE_COVERAGE "Enable code coverage build options" OFF) +if(CURL_CODE_COVERAGE) + if(CMAKE_C_COMPILER_ID STREQUAL "GNU") + set(CURL_COVERAGE_MACROS "NDEBUG") + set(CURL_COVERAGE_CFLAGS "-O0" "-g" "-fprofile-arcs") + if(CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 4.1) + list(APPEND CURL_COVERAGE_CFLAGS "--coverage") + else() + list(APPEND CURL_COVERAGE_CFLAGS "-ftest-coverage") + endif() + set(CURL_COVERAGE_LIBS "gcov") + elseif(CMAKE_C_COMPILER_ID MATCHES "Clang") + set(CURL_COVERAGE_MACROS "NDEBUG") + set(CURL_COVERAGE_CFLAGS "-O0" "-g" "-fprofile-instr-generate" "-fcoverage-mapping") + set(CURL_COVERAGE_LDFLAGS "-fprofile-instr-generate" "-fcoverage-mapping") + else() + set(CURL_CODE_COVERAGE OFF) + endif() +endif() + # For debug libs and exes, add "-d" postfix if(NOT DEFINED CMAKE_DEBUG_POSTFIX) set(CMAKE_DEBUG_POSTFIX "-d") @@ -1984,6 +2004,9 @@ if(WIN32) endif() list(APPEND CURL_LIBS ${CURL_NETWORK_AND_TIME_LIBS}) +if(CURL_CODE_COVERAGE) + list(APPEND CURL_LIBS ${CURL_COVERAGE_LIBS}) +endif() if(CMAKE_C_COMPILER_ID STREQUAL "MSVC") # MSVC but exclude clang-cl set_property(DIRECTORY APPEND PROPERTY COMPILE_OPTIONS "-MP") # Parallel compilation diff --git a/docs/INSTALL-CMAKE.md b/docs/INSTALL-CMAKE.md index b112e1f8b4..94a19c71c7 100644 --- a/docs/INSTALL-CMAKE.md +++ b/docs/INSTALL-CMAKE.md @@ -227,6 +227,7 @@ target_link_libraries(my_target PRIVATE CURL::libcurl) - `BUILD_TESTING`: Build tests. Default: `ON` - `CURL_CLANG_TIDY`: Run the build through `clang-tidy`. Default: `OFF` - `CURL_CLANG_TIDYFLAGS`: Custom options to pass to `clang-tidy`. Default: (empty) +- `CURL_CODE_COVERAGE`: Enable code coverage build options. Default: `OFF` - `CURL_COMPLETION_FISH`: Install fish completions. Default: `OFF` - `CURL_COMPLETION_FISH_DIR`: Custom fish completion install directory. - `CURL_COMPLETION_ZSH`: Install zsh completions. Default: `OFF` diff --git a/lib/CMakeLists.txt b/lib/CMakeLists.txt index 3476d55b09..7dce3aea87 100644 --- a/lib/CMakeLists.txt +++ b/lib/CMakeLists.txt @@ -124,6 +124,10 @@ if(SHARE_LIB_OBJECT AND CMAKE_VERSION VERSION_GREATER_EQUAL 3.12) set_target_properties(${LIB_OBJECT} PROPERTIES INTERPROCEDURAL_OPTIMIZATION TRUE) endif() endif() + if(CURL_CODE_COVERAGE) + set_property(TARGET ${LIB_OBJECT} APPEND PROPERTY COMPILE_DEFINITIONS ${CURL_COVERAGE_MACROS}) + set_property(TARGET ${LIB_OBJECT} APPEND PROPERTY COMPILE_OPTIONS ${CURL_COVERAGE_CFLAGS}) + endif() target_include_directories(${LIB_OBJECT} INTERFACE "$" @@ -162,6 +166,10 @@ if(BUILD_STATIC_LIBS) set_target_properties(${LIB_STATIC} PROPERTIES INTERPROCEDURAL_OPTIMIZATION TRUE) endif() endif() + if(CURL_CODE_COVERAGE) + set_property(TARGET ${LIB_STATIC} APPEND PROPERTY COMPILE_DEFINITIONS ${CURL_COVERAGE_MACROS}) + set_property(TARGET ${LIB_STATIC} APPEND PROPERTY COMPILE_OPTIONS ${CURL_COVERAGE_CFLAGS}) + endif() target_include_directories(${LIB_STATIC} INTERFACE "$" @@ -198,6 +206,15 @@ if(BUILD_SHARED_LIBS) set_target_properties(${LIB_SHARED} PROPERTIES INTERPROCEDURAL_OPTIMIZATION TRUE) endif() endif() + if(CURL_CODE_COVERAGE) + set_property(TARGET ${LIB_SHARED} APPEND PROPERTY COMPILE_DEFINITIONS ${CURL_COVERAGE_MACROS}) + set_property(TARGET ${LIB_SHARED} APPEND PROPERTY COMPILE_OPTIONS ${CURL_COVERAGE_CFLAGS}) + if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.13) + target_link_options(${LIB_SHARED} PRIVATE ${CURL_COVERAGE_LDFLAGS}) + else() + target_link_libraries(${LIB_SHARED} PRIVATE ${CURL_COVERAGE_LDFLAGS}) + endif() + endif() target_include_directories(${LIB_SHARED} INTERFACE "$" diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 37ca979bab..c4b8ebb934 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -129,6 +129,16 @@ if(ENABLE_UNICODE AND MINGW AND NOT MINGW32CE) endif() endif() +if(CURL_CODE_COVERAGE) + set_property(TARGET ${EXE_NAME} APPEND PROPERTY COMPILE_DEFINITIONS ${CURL_COVERAGE_MACROS}) + set_property(TARGET ${EXE_NAME} APPEND PROPERTY COMPILE_OPTIONS ${CURL_COVERAGE_CFLAGS}) + if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.13) + target_link_options(${EXE_NAME} PRIVATE ${CURL_COVERAGE_LDFLAGS}) + else() + target_link_libraries(${EXE_NAME} PRIVATE ${CURL_COVERAGE_LDFLAGS}) + endif() +endif() + ################################################################################ install(TARGETS ${EXE_NAME} EXPORT ${TARGETS_EXPORT_NAME} DESTINATION ${CMAKE_INSTALL_BINDIR}) From 096fc4325b895b507defd387aed0d021a3ea0a02 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 7 Sep 2025 17:30:05 +0200 Subject: [PATCH 0087/2408] digest_sspi: fix two memory leaks in error branches Closes #18488 --- lib/vauth/digest_sspi.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/vauth/digest_sspi.c b/lib/vauth/digest_sspi.c index 861c4e1cb9..cf297ff84d 100644 --- a/lib/vauth/digest_sspi.c +++ b/lib/vauth/digest_sspi.c @@ -521,6 +521,7 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data, if(!digest->user) { free(output_token); + Curl_sspi_free_identity(p_identity); return CURLE_OUT_OF_MEMORY; } } @@ -530,6 +531,7 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data, if(!digest->passwd) { free(output_token); + Curl_sspi_free_identity(p_identity); Curl_safefree(digest->user); return CURLE_OUT_OF_MEMORY; } From ad26a6cb99b6a5a98cfb3856743f0cea14657895 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 5 Sep 2025 10:44:06 +0200 Subject: [PATCH 0088/2408] tidy-up: avoid using the reserved macro namespace To avoid hitting `-Wreserved-macro-identifier` where possible. - amigaos: introduce local macro instead of reusing `__request()`. - easy_lock: avoid redefining `__has_builtin()`. Follow-up to 33fd57b8fff8c0d873da2316a2a7f911caac2bae #9062 - rand: drop interim macro `_random()`. - windows: rename local macro `_tcsdup()` to `Curl_tcsdup()`. To avoid using the reserved macro namespace and to avoid colliding with `_tcsdup()` as defined by Windows headers. - checksrc: ban `_tcsdup()` in favor of `Curl_tcsdup()`. - tool_doswin: avoid redefining `_use_lfn()` (MS-DOS). - tool_findfile: limit `__NO_NET_API` hack to AmigaOS. Syncing this pattern with `lib/netrc.c`. Follow-up to 784a8ec2c1a3cc4bd676077a28a0d5f6ee7786a5 #16279 - examples/http2-upload: avoid reserved namespace for local macro. More cases will be removed when dropping WinCE support via #17927. Cases remain when defining external macros out of curl's control. Ref: #18477 Closes #18482 --- docs/examples/http2-upload.c | 4 ++-- docs/internals/CODE_STYLE.md | 1 + lib/amigaos.c | 7 ++++--- lib/curl_mem_undef.h | 2 +- lib/curl_memory.h | 6 +++--- lib/curl_setup.h | 2 +- lib/curl_sspi.c | 4 ++-- lib/easy_lock.h | 14 ++++++-------- lib/memdebug.h | 6 +++--- lib/rand.c | 12 +++++------- lib/vauth/digest_sspi.c | 2 +- lib/vauth/vauth.c | 2 +- lib/vtls/schannel.c | 2 +- scripts/checksrc.pl | 1 + src/tool_doswin.c | 7 ++++--- src/tool_findfile.c | 4 ++++ 16 files changed, 40 insertions(+), 36 deletions(-) diff --git a/docs/examples/http2-upload.c b/docs/examples/http2-upload.c index 31f4ed56e1..128a4b0bed 100644 --- a/docs/examples/http2-upload.c +++ b/docs/examples/http2-upload.c @@ -71,14 +71,14 @@ int my_gettimeofday(struct timeval *tp, void *tzp) (void)tzp; if(tp) { /* Offset between 1601-01-01 and 1970-01-01 in 100 nanosec units */ - #define _WIN32_FT_OFFSET (116444736000000000) + #define WIN32_FT_OFFSET (116444736000000000) union { CURL_TYPEOF_CURL_OFF_T ns100; /* time since 1 Jan 1601 in 100ns units */ FILETIME ft; } _now; GetSystemTimeAsFileTime(&_now.ft); tp->tv_usec = (long)((_now.ns100 / 10) % 1000000); - tp->tv_sec = (long)((_now.ns100 - _WIN32_FT_OFFSET) / 10000000); + tp->tv_sec = (long)((_now.ns100 - WIN32_FT_OFFSET) / 10000000); } return 0; } diff --git a/docs/internals/CODE_STYLE.md b/docs/internals/CODE_STYLE.md index dadec934dd..aef5103fed 100644 --- a/docs/internals/CODE_STYLE.md +++ b/docs/internals/CODE_STYLE.md @@ -335,6 +335,7 @@ This is the full list of functions generally banned. _mbscat _mbsncat _tcscat + _tcsdup _tcsncat _waccess _wcscat diff --git a/lib/amigaos.c b/lib/amigaos.c index ac6d6b4193..cc5d49f9b8 100644 --- a/lib/amigaos.c +++ b/lib/amigaos.c @@ -199,8 +199,9 @@ struct Library *SocketBase = NULL; #ifdef __libnix__ void __request(const char *msg); +#define CURL_AMIGA_REQUEST(msg) __request(msg) #else -# define __request(msg) Printf((const unsigned char *)(msg "\n\a"), 0) +#define CURL_AMIGA_REQUEST(msg) Printf((const unsigned char *)(msg "\n\a"), 0) #endif void Curl_amiga_cleanup(void) @@ -217,14 +218,14 @@ CURLcode Curl_amiga_init(void) SocketBase = OpenLibrary((const unsigned char *)"bsdsocket.library", 4); if(!SocketBase) { - __request("No TCP/IP Stack running!"); + CURL_AMIGA_REQUEST("No TCP/IP Stack running!"); return CURLE_FAILED_INIT; } if(SocketBaseTags(SBTM_SETVAL(SBTC_ERRNOPTR(sizeof(errno))), (ULONG) &errno, SBTM_SETVAL(SBTC_LOGTAGPTR), (ULONG) "curl", TAG_DONE)) { - __request("SocketBaseTags ERROR"); + CURL_AMIGA_REQUEST("SocketBaseTags ERROR"); return CURLE_FAILED_INIT; } diff --git a/lib/curl_mem_undef.h b/lib/curl_mem_undef.h index acc3a9226a..f3cca294e9 100644 --- a/lib/curl_mem_undef.h +++ b/lib/curl_mem_undef.h @@ -30,7 +30,7 @@ #undef realloc #undef free #ifdef _WIN32 -#undef _tcsdup +#undef Curl_tcsdup #endif #ifdef CURLDEBUG diff --git a/lib/curl_memory.h b/lib/curl_memory.h index 07ef111ce7..7793bb63a3 100644 --- a/lib/curl_memory.h +++ b/lib/curl_memory.h @@ -77,11 +77,11 @@ #define free(ptr) Curl_cfree(ptr) #ifdef _WIN32 -#undef _tcsdup +#undef Curl_tcsdup #ifdef UNICODE -#define _tcsdup(ptr) Curl_wcsdup(ptr) +#define Curl_tcsdup(ptr) Curl_wcsdup(ptr) #else -#define _tcsdup(ptr) Curl_cstrdup(ptr) +#define Curl_tcsdup(ptr) Curl_cstrdup(ptr) #endif #endif /* _WIN32 */ diff --git a/lib/curl_setup.h b/lib/curl_setup.h index 72c118affc..93cbb57056 100644 --- a/lib/curl_setup.h +++ b/lib/curl_setup.h @@ -46,7 +46,7 @@ fail. Fixed in 14.2.0_1. Disable the workaround if the fix is detected. */ #if defined(__APPLE__) && !defined(__clang__) && defined(__GNUC__) && \ defined(__has_attribute) -# if !defined(__has_feature) +# if !defined(__has_feature) /* Keep this PP check separate from others */ # define availability curl_pp_attribute_disabled # elif !__has_feature(attribute_availability) # define availability curl_pp_attribute_disabled diff --git a/lib/curl_sspi.c b/lib/curl_sspi.c index 635f560b68..c819b1c22e 100644 --- a/lib/curl_sspi.c +++ b/lib/curl_sspi.c @@ -138,7 +138,7 @@ CURLcode Curl_create_sspi_identity(const char *userp, const char *passwdp, } /* Setup the identity's user and length */ - dup_user.tchar_ptr = _tcsdup(user.tchar_ptr); + dup_user.tchar_ptr = Curl_tcsdup(user.tchar_ptr); if(!dup_user.tchar_ptr) { curlx_unicodefree(useranddomain.tchar_ptr); return CURLE_OUT_OF_MEMORY; @@ -165,7 +165,7 @@ CURLcode Curl_create_sspi_identity(const char *userp, const char *passwdp, passwd.tchar_ptr = curlx_convert_UTF8_to_tchar(passwdp); if(!passwd.tchar_ptr) return CURLE_OUT_OF_MEMORY; - dup_passwd.tchar_ptr = _tcsdup(passwd.tchar_ptr); + dup_passwd.tchar_ptr = Curl_tcsdup(passwd.tchar_ptr); if(!dup_passwd.tchar_ptr) { curlx_unicodefree(passwd.tchar_ptr); return CURLE_OUT_OF_MEMORY; diff --git a/lib/easy_lock.h b/lib/easy_lock.h index 909753f43a..f8998cc547 100644 --- a/lib/easy_lock.h +++ b/lib/easy_lock.h @@ -45,20 +45,18 @@ #define curl_simple_lock atomic_int #define CURL_SIMPLE_LOCK_INIT 0 -/* a clang-thing */ -#ifndef __has_builtin -#define __has_builtin(x) 0 -#endif - #ifndef __INTEL_COMPILER /* The Intel compiler tries to look like GCC *and* clang *and* lies in its __has_builtin() function, so override it. */ /* if GCC on i386/x86_64 or if the built-in is present */ -#if ( (defined(__GNUC__) && !defined(__clang__)) && \ - (defined(__i386__) || defined(__x86_64__))) || \ - __has_builtin(__builtin_ia32_pause) +#if (defined(__GNUC__) && !defined(__clang__)) && \ + (defined(__i386__) || defined(__x86_64__)) #define HAVE_BUILTIN_IA32_PAUSE +#elif defined(__has_builtin) /* Keep this PP check separate from others */ +#if __has_builtin(__builtin_ia32_pause) +#define HAVE_BUILTIN_IA32_PAUSE +#endif #endif #endif diff --git a/lib/memdebug.h b/lib/memdebug.h index 30469b99a5..eabdd9c258 100644 --- a/lib/memdebug.h +++ b/lib/memdebug.h @@ -48,11 +48,11 @@ #define recv(a,b,c,d) curl_dbg_recv(a,b,c,d, __LINE__, __FILE__) #ifdef _WIN32 -#undef _tcsdup +#undef Curl_tcsdup #ifdef UNICODE -#define _tcsdup(ptr) curl_dbg_wcsdup(ptr, __LINE__, __FILE__) +#define Curl_tcsdup(ptr) curl_dbg_wcsdup(ptr, __LINE__, __FILE__) #else -#define _tcsdup(ptr) curl_dbg_strdup(ptr, __LINE__, __FILE__) +#define Curl_tcsdup(ptr) curl_dbg_strdup(ptr, __LINE__, __FILE__) #endif #endif /* _WIN32 */ diff --git a/lib/rand.c b/lib/rand.c index a1a5e42c2b..f30f3de7c3 100644 --- a/lib/rand.c +++ b/lib/rand.c @@ -149,12 +149,6 @@ static CURLcode weak_random(struct Curl_easy *data, } #endif -#ifdef USE_SSL -#define _random(x,y,z) Curl_ssl_random(x,y,z) -#else -#define _random(x,y,z) weak_random(x,y,z) -#endif - static CURLcode randit(struct Curl_easy *data, unsigned int *rnd, bool env_override) { @@ -185,7 +179,11 @@ static CURLcode randit(struct Curl_easy *data, unsigned int *rnd, #endif /* data may be NULL! */ - return _random(data, (unsigned char *)rnd, sizeof(*rnd)); +#ifdef USE_SSL + return Curl_ssl_random(data, (unsigned char *)rnd, sizeof(*rnd)); +#else + return weak_random(data, (unsigned char *)rnd, sizeof(*rnd)); +#endif } /* diff --git a/lib/vauth/digest_sspi.c b/lib/vauth/digest_sspi.c index cf297ff84d..0a1fe84ddf 100644 --- a/lib/vauth/digest_sspi.c +++ b/lib/vauth/digest_sspi.c @@ -277,7 +277,7 @@ CURLcode Curl_override_sspi_http_realm(const char *chlg, if(!domain.tchar_ptr) return CURLE_OUT_OF_MEMORY; - dup_domain.tchar_ptr = _tcsdup(domain.tchar_ptr); + dup_domain.tchar_ptr = Curl_tcsdup(domain.tchar_ptr); if(!dup_domain.tchar_ptr) { curlx_unicodefree(domain.tchar_ptr); return CURLE_OUT_OF_MEMORY; diff --git a/lib/vauth/vauth.c b/lib/vauth/vauth.c index 1b44aa6de1..c6cf428572 100644 --- a/lib/vauth/vauth.c +++ b/lib/vauth/vauth.c @@ -100,7 +100,7 @@ TCHAR *Curl_auth_build_spn(const char *service, const char *host, free(utf8_spn); if(!tchar_spn) return NULL; - dupe_tchar_spn = _tcsdup(tchar_spn); + dupe_tchar_spn = Curl_tcsdup(tchar_spn); curlx_unicodefree(tchar_spn); return dupe_tchar_spn; } diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index 1afc6790cc..21dcf1371b 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -433,7 +433,7 @@ get_cert_location(TCHAR *path, DWORD *store_name, TCHAR **store_path, return CURLE_SSL_CERTPROBLEM; *sep = TEXT('\0'); - *store_path = _tcsdup(store_path_start); + *store_path = Curl_tcsdup(store_path_start); *sep = TEXT('\\'); if(!*store_path) return CURLE_OUT_OF_MEMORY; diff --git a/scripts/checksrc.pl b/scripts/checksrc.pl index 574e03c13b..c52b8258d7 100755 --- a/scripts/checksrc.pl +++ b/scripts/checksrc.pl @@ -62,6 +62,7 @@ my %banfunc = ( "_mbscat" => 1, "_mbsncat" => 1, "_tcscat" => 1, + "_tcsdup" => 1, "_tcsncat" => 1, "_wcscat" => 1, "_wcsncat" => 1, diff --git a/src/tool_doswin.c b/src/tool_doswin.c index 4ed90ba8c5..c0dcfed04e 100644 --- a/src/tool_doswin.c +++ b/src/tool_doswin.c @@ -46,9 +46,10 @@ # undef PATH_MAX # define PATH_MAX MAX_PATH #elif !defined(__DJGPP__) || (__DJGPP__ < 2) /* DJGPP 2.0 has _use_lfn() */ -# define _use_lfn(f) (0) /* long filenames never available */ +# define CURL_USE_LFN(f) 0 /* long filenames never available */ #elif defined(__DJGPP__) -# include /* _use_lfn(f) prototype */ +# include /* for _use_lfn(f) prototype */ +# define CURL_USE_LFN(f) _use_lfn(f) #endif #ifdef MSDOS @@ -314,7 +315,7 @@ static SANITIZEcode msdosify(char **const sanitized, const char *file_name, return SANITIZE_ERR_INVALID_PATH; /* Support for Windows 9X VFAT systems, when available. */ - if(_use_lfn(file_name)) { + if(CURL_USE_LFN(file_name)) { illegal_aliens = illegal_chars_w95; len -= (illegal_chars_w95 - illegal_chars_dos); } diff --git a/src/tool_findfile.c b/src/tool_findfile.c index 72868f4b4f..8b2be84142 100644 --- a/src/tool_findfile.c +++ b/src/tool_findfile.c @@ -24,10 +24,14 @@ #include "tool_setup.h" #ifdef HAVE_PWD_H +#ifdef __AMIGA__ #undef __NO_NET_API /* required for AmigaOS to declare getpwuid() */ +#endif #include +#ifdef __AMIGA__ #define __NO_NET_API #endif +#endif #ifdef HAVE_FCNTL_H #include From 87cbeecee4118fa3dcc8a0179b1c3b43e4775cb4 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 7 Sep 2025 21:42:41 +0200 Subject: [PATCH 0089/2408] windows: stop passing unused, optional argument for Win9x compatibility Expiry timestamp in `AcquireCredentialsHandle()` (SSPI) and `InitializeSecurityContext()` (Schannel) calls. The argument is optional in both. The returned value was never used in curl. The reason for passing it was Windows 95 compatibility, according to comments in the SSPI code. curl no longer supports Windows 95. Ref: https://learn.microsoft.com/windows/win32/api/sspi/nf-sspi-acquirecredentialshandlea Ref: https://learn.microsoft.com/windows/win32/secauthn/initializesecuritycontext--schannel Ref: 3fe531196771c8e81f917eebca4a06e062ab3a19 Ref: aaa42aa0d594b95c6c670a373ba30c507aa0a5ed Closes #18490 --- lib/socks_sspi.c | 6 ++---- lib/vauth/digest_sspi.c | 10 ++++------ lib/vauth/krb5_sspi.c | 6 ++---- lib/vauth/ntlm_sspi.c | 8 +++----- lib/vauth/spnego_sspi.c | 6 ++---- lib/vtls/schannel.c | 13 +++++-------- lib/vtls/schannel_int.h | 2 -- 7 files changed, 18 insertions(+), 33 deletions(-) diff --git a/lib/socks_sspi.c b/lib/socks_sspi.c index 3ff3b723f9..cdc9ef864a 100644 --- a/lib/socks_sspi.c +++ b/lib/socks_sspi.c @@ -83,7 +83,6 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, CtxtHandle sspi_context; PCtxtHandle context_handle = NULL; SecPkgCredentials_Names names; - TimeStamp expiry; char *service_name = NULL; unsigned short us_length; unsigned long qop; @@ -146,7 +145,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, (TCHAR *)CURL_UNCONST(TEXT("Kerberos")), SECPKG_CRED_OUTBOUND, NULL, NULL, NULL, NULL, - &cred_handle, &expiry); + &cred_handle, NULL); if(check_sspi_err(data, status, "AcquireCredentialsHandle")) { failf(data, "Failed to acquire credentials."); @@ -178,8 +177,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, &input_desc, 0, &sspi_context, &output_desc, - &sspi_ret_flags, - &expiry); + &sspi_ret_flags, NULL); curlx_unicodefree(sname); diff --git a/lib/vauth/digest_sspi.c b/lib/vauth/digest_sspi.c index 0a1fe84ddf..2f4b8d4a1d 100644 --- a/lib/vauth/digest_sspi.c +++ b/lib/vauth/digest_sspi.c @@ -112,7 +112,6 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data, SecBufferDesc resp_desc; SECURITY_STATUS status; unsigned long attrs; - TimeStamp expiry; /* For Windows 9x compatibility of SSPI calls */ /* Ensure we have a valid challenge message */ if(!Curl_bufref_len(chlg)) { @@ -168,7 +167,7 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data, (TCHAR *)CURL_UNCONST(TEXT(SP_NAME_DIGEST)), SECPKG_CRED_OUTBOUND, NULL, p_identity, NULL, NULL, - &credentials, &expiry); + &credentials, NULL); if(status != SEC_E_OK) { Curl_sspi_free_identity(p_identity); @@ -197,7 +196,7 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data, status = Curl_pSecFn->InitializeSecurityContext(&credentials, NULL, spn, 0, 0, 0, &chlg_desc, 0, &context, &resp_desc, &attrs, - &expiry); + NULL); if(status == SEC_I_COMPLETE_NEEDED || status == SEC_I_COMPLETE_AND_CONTINUE) @@ -488,7 +487,6 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data, SecBuffer resp_buf; SecBufferDesc resp_desc; unsigned long attrs; - TimeStamp expiry; /* For Windows 9x compatibility of SSPI calls */ TCHAR *spn; /* free the copy of user/passwd used to make the previous identity */ @@ -542,7 +540,7 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data, (TCHAR *)CURL_UNCONST(TEXT(SP_NAME_DIGEST)), SECPKG_CRED_OUTBOUND, NULL, p_identity, NULL, NULL, - &credentials, &expiry); + &credentials, NULL); if(status != SEC_E_OK) { Curl_sspi_free_identity(p_identity); free(output_token); @@ -597,7 +595,7 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data, ISC_REQ_USE_HTTP_STYLE, 0, 0, &chlg_desc, 0, digest->http_context, - &resp_desc, &attrs, &expiry); + &resp_desc, &attrs, NULL); curlx_unicodefree(spn); if(status == SEC_I_COMPLETE_NEEDED || diff --git a/lib/vauth/krb5_sspi.c b/lib/vauth/krb5_sspi.c index 6595ab977a..985f1c38fc 100644 --- a/lib/vauth/krb5_sspi.c +++ b/lib/vauth/krb5_sspi.c @@ -107,7 +107,6 @@ CURLcode Curl_auth_create_gssapi_user_message(struct Curl_easy *data, SecBufferDesc resp_desc; SECURITY_STATUS status; unsigned long attrs; - TimeStamp expiry; /* For Windows 9x compatibility of SSPI calls */ if(!krb5->spn) { /* Generate our SPN */ @@ -162,7 +161,7 @@ CURLcode Curl_auth_create_gssapi_user_message(struct Curl_easy *data, (TCHAR *)CURL_UNCONST(TEXT(SP_NAME_KERBEROS)), SECPKG_CRED_OUTBOUND, NULL, krb5->p_identity, NULL, NULL, - krb5->credentials, &expiry); + krb5->credentials, NULL); if(status != SEC_E_OK) return CURLE_LOGIN_DENIED; @@ -204,8 +203,7 @@ CURLcode Curl_auth_create_gssapi_user_message(struct Curl_easy *data, 0, SECURITY_NATIVE_DREP, chlg ? &chlg_desc : NULL, 0, &context, - &resp_desc, &attrs, - &expiry); + &resp_desc, &attrs, NULL); if(status == SEC_E_INSUFFICIENT_MEMORY) return CURLE_OUT_OF_MEMORY; diff --git a/lib/vauth/ntlm_sspi.c b/lib/vauth/ntlm_sspi.c index 101eb8abd3..9127a9bb27 100644 --- a/lib/vauth/ntlm_sspi.c +++ b/lib/vauth/ntlm_sspi.c @@ -98,7 +98,6 @@ CURLcode Curl_auth_create_ntlm_type1_message(struct Curl_easy *data, SecBufferDesc type_1_desc; SECURITY_STATUS status; unsigned long attrs; - TimeStamp expiry; /* For Windows 9x compatibility of SSPI calls */ /* Clean up any former leftovers and initialise to defaults */ Curl_auth_cleanup_ntlm(ntlm); @@ -147,7 +146,7 @@ CURLcode Curl_auth_create_ntlm_type1_message(struct Curl_easy *data, (TCHAR *)CURL_UNCONST(TEXT(SP_NAME_NTLM)), SECPKG_CRED_OUTBOUND, NULL, ntlm->p_identity, NULL, NULL, - ntlm->credentials, &expiry); + ntlm->credentials, NULL); if(status != SEC_E_OK) return CURLE_LOGIN_DENIED; @@ -174,7 +173,7 @@ CURLcode Curl_auth_create_ntlm_type1_message(struct Curl_easy *data, 0, 0, SECURITY_NETWORK_DREP, NULL, 0, ntlm->context, &type_1_desc, - &attrs, &expiry); + &attrs, NULL); if(status == SEC_I_COMPLETE_NEEDED || status == SEC_I_COMPLETE_AND_CONTINUE) Curl_pSecFn->CompleteAuthToken(ntlm->context, &type_1_desc); @@ -255,7 +254,6 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data, SecBufferDesc type_3_desc; SECURITY_STATUS status; unsigned long attrs; - TimeStamp expiry; /* For Windows 9x compatibility of SSPI calls */ #ifdef CURL_DISABLE_VERBOSE_STRINGS (void)data; @@ -314,7 +312,7 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data, &type_2_desc, 0, ntlm->context, &type_3_desc, - &attrs, &expiry); + &attrs, NULL); if(status != SEC_E_OK) { infof(data, "NTLM handshake failure (type-3 message): Status=%lx", status); diff --git a/lib/vauth/spnego_sspi.c b/lib/vauth/spnego_sspi.c index af3a9c9798..f21c66796f 100644 --- a/lib/vauth/spnego_sspi.c +++ b/lib/vauth/spnego_sspi.c @@ -105,7 +105,6 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data, SecBufferDesc chlg_desc; SecBufferDesc resp_desc; unsigned long attrs; - TimeStamp expiry; /* For Windows 9x compatibility of SSPI calls */ #ifdef CURL_DISABLE_VERBOSE_STRINGS (void)data; @@ -173,7 +172,7 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data, (TCHAR *)CURL_UNCONST(TEXT(SP_NAME_NEGOTIATE)), SECPKG_CRED_OUTBOUND, NULL, nego->p_identity, NULL, NULL, - nego->credentials, &expiry); + nego->credentials, NULL); if(nego->status != SEC_E_OK) return CURLE_AUTH_ERROR; @@ -250,8 +249,7 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data, 0, SECURITY_NATIVE_DREP, chlg ? &chlg_desc : NULL, 0, nego->context, - &resp_desc, &attrs, - &expiry); + &resp_desc, &attrs, NULL); /* Free the decoded challenge as it is not required anymore */ free(chlg); diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index 21dcf1371b..fb9ef10822 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -796,8 +796,7 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf, (TCHAR *)CURL_UNCONST(UNISP_NAME), SECPKG_CRED_OUTBOUND, NULL, &credentials, NULL, NULL, - &backend->cred->cred_handle, - &backend->cred->time_stamp); + &backend->cred->cred_handle, NULL); } else { /* Pre-Windows 10 1809 or the user set a legacy algorithm list. @@ -835,8 +834,7 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf, (TCHAR *)CURL_UNCONST(UNISP_NAME), SECPKG_CRED_OUTBOUND, NULL, &schannel_cred, NULL, NULL, - &backend->cred->cred_handle, - &backend->cred->time_stamp); + &backend->cred->cred_handle, NULL); } if(client_certs[0]) @@ -1050,7 +1048,7 @@ schannel_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data) backend->req_flags, 0, 0, (backend->use_alpn ? &inbuf_desc : NULL), 0, &backend->ctxt->ctxt_handle, - &outbuf_desc, &backend->ret_flags, &backend->ctxt->time_stamp); + &outbuf_desc, &backend->ret_flags, NULL); if(sspi_status != SEC_I_CONTINUE_NEEDED) { char buffer[STRERROR_LEN]; @@ -1259,7 +1257,7 @@ schannel_connect_step2(struct Curl_cfilter *cf, struct Curl_easy *data) &backend->cred->cred_handle, &backend->ctxt->ctxt_handle, backend->cred->sni_hostname, backend->req_flags, 0, 0, &inbuf_desc, 0, NULL, - &outbuf_desc, &backend->ret_flags, &backend->ctxt->time_stamp); + &outbuf_desc, &backend->ret_flags, NULL); /* free buffer for received handshake data */ Curl_safefree(inbuf[0].pvBuffer); @@ -2440,8 +2438,7 @@ static CURLcode schannel_shutdown(struct Curl_cfilter *cf, 0, &backend->ctxt->ctxt_handle, &outbuf_desc, - &backend->ret_flags, - &backend->ctxt->time_stamp); + &backend->ret_flags, NULL); if((sspi_status == SEC_E_OK) || (sspi_status == SEC_I_CONTEXT_EXPIRED)) { /* send close message which is in output buffer */ diff --git a/lib/vtls/schannel_int.h b/lib/vtls/schannel_int.h index 5483d12b5b..f9adb58294 100644 --- a/lib/vtls/schannel_int.h +++ b/lib/vtls/schannel_int.h @@ -99,7 +99,6 @@ typedef struct _SCH_CREDENTIALS { struct Curl_schannel_cred { CredHandle cred_handle; - TimeStamp time_stamp; TCHAR *sni_hostname; HCERTSTORE client_cert_store; int refcount; @@ -107,7 +106,6 @@ struct Curl_schannel_cred { struct Curl_schannel_ctxt { CtxtHandle ctxt_handle; - TimeStamp time_stamp; }; struct schannel_ssl_backend_data { From 92f215fea1aa8bd5b1709d38f42aab77ab3fc662 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 4 Sep 2025 11:56:33 +0200 Subject: [PATCH 0090/2408] build: address some `-Weverything` warnings, update picky warnings `-Weverything` is not enabled by curl, and not recommended by LLVM, because it may enable experimental options, and will result in new fallouts after toolchain upgrades. This patch aims to fix/silence as much as possible as found with llvm/clang 21.1.0. It also permanently enables warnings that were fixed in source and deemed manageable in the future. `-Wformat` warnings are addressed separately via #18343. Fix/silence warnings in the source: - typecheck-gcc.h: fix `-Wreserved-identifier`. - lib: silence `-Wcast-function-type-strict`. For llvm 16+ or Apple clang 16+. - asyn-ares: limit `HAPPY_EYEBALLS_DNS_TIMEOUT` to old c-ares versions. - curl_trc: fix `-Wc++-hidden-decl`. - doh: fix `-Wc++-keyword`. - ftp: fix `-Wreserved-identifier`. - ldap: fix `-Wreserved-identifier`. - mqtt: comment unused macro to avoid warning. - multi_ev: drop unused macros to avoid warnings. - setopt: fix useless `break;` after `return;`. - gtls, mbedtls, rustls: silence `-Wconditional-uninitialized`. - socks_sspi, schannel, x509asn1: fix `-Wimplicit-int-enum-cast`. - x509asn1: fix `-Wc++-keyword`. - openssl: scope `OSSL_UI_METHOD_CAST` to avoid unused macro warning. - libssh2, wolfssl: drop unused macros. - curl_ngtcp2, curl_quiche, httpsrr, urlapi: drop/limit unused macros. - tool_getparam: fix useless `break;` after `return;` or `break;`. Not normally enabled because it doesn't work with unity. https://github.com/llvm/llvm-project/issues/71046 - tool_operate: fix `-Wc++-keyword`. - curlinfo: fix a `-Wunsafe-buffer-usage`. - tests: silence `-Wformat-non-iso`. - lib557: fix `-Wreserved-identifier`. - lib1565: silence `-Wconditional-uninitialized`. Enable the above clang warnings permanently in picky mode: - `-Wc++-hidden-decl` - `-Wc++-keyword` (except for Windows, where it collides with `wchar_t`) - `-Wcast-function-type-strict` - `-Wcast-function-type` - `-Wconditional-uninitialized` - `-Wformat-non-iso` (except for clang-cl) - `-Wreserved-identifier` - `-Wtentative-definition-compat` Silence problematic `-Weverything` warnings globally (in picky mode): - `-Wused-but-marked-unused` (88000+ hits) and `-Wdisabled-macro-expansion` (2600+ hits). Triggered by `typecheck-gcc.h` when building with clang 14+. Maybe there exists a way to fix within that header? Ref: https://discourse.llvm.org/t/removing-wused-but-marked-unused/55310 - `-Wunsafe-buffer-usage`. clang 16+. 7000+ hits. May be useful in theory, but such high volume of hits makes it impractical to review and possibly address. Meant for C++. Ref: https://clang.llvm.org/docs/SafeBuffers.html Ref: https://stackoverflow.com/questions/77017567/how-to-fix-code-to-avoid-warning-wunsafe-buffer-usage Ref: https://discourse.llvm.org/t/rfc-c-buffer-hardening/65734 Ref: https://github.com/llvm/llvm-project/pull/111624 - `-Wimplicit-void-ptr-cast`. clang 21+. 1700+ hits. C++ warning, deemed pure noise. Ref: https://github.com/curl/curl/issues/18470#issuecomment-3253506266 - `-Wswitch-default` (180+ hits), `-Wswitch-enum` (190+ hits), `-Wcovered-switch-default` (20+ hits). Next to impossible to fix cleanly, esp. when the covered `case` branches depend on compile-time options. - `-Wdocumentation-unknown-command` (8+ hits). Triggered in a few sources. Seems arbitrary and bogus. - `-Wpadded` (550+ hits). - `-Wc++-keyword` on Windows, where it collides with `wchar_t`. (100+ hits) Ref: https://github.com/llvm/llvm-project/issues/155988 - `-Wreserved-macro-identifier`. clang 13+. 5+ hits. Sometimes it's necessary to set external macros that use the reserved namespace. E.g. `_CRT_NONSTDC_NO_DEPRECATE`, `__ENVIRONMENT_MAC_OS_X_VERSION_MIN_REQUIRED__`, `__NO_NET_API`, possibly `_REENTRANT`, and more. It's not worth trying to silence them individually. - `-Wnonportable-system-include-path` with `clang-cl`. It'd be broken by doing what the warning suggests. - `-Wformat-non-iso` for clang-cl. CMake `PICKY_COMPILER=ON` (the default) or `./configure` `--enable-warnings` (not the default) is required to enable these silencing rules. Also: - autotools, cmake: fix Apple clang and mainline llvm version translations. Ref: https://en.wikipedia.org/wiki/Xcode#Toolchain_versions - autotools, cmake: enable `-Warray-compare` for clang 20+. Follow-up to 4b7accda5ae3f2e663aa3f3853805241ef87c2fe #17196 - cmake: fix to enable `-Wmissing-variable-declarations` at an earlier clang version. - cmake: update internal logic to handle warning options with `+` in them. - cmake: fix internal logic to match the whole option when looking into `CMAKE_C_FLAGS` for custom-disabled warnings. Follow-up to b85cb8cb4e143d1615d4fcc1ce8f2f7b66453995 #18485 Closes #18477 --- CMake/PickyWarnings.cmake | 122 +++++++--- include/curl/typecheck-gcc.h | 418 +++++++++++++++++------------------ lib/asyn-ares.c | 22 +- lib/curl_trc.c | 2 - lib/curl_trc.h | 10 +- lib/curlx/version_win32.c | 7 + lib/doh.c | 10 +- lib/formdata.c | 7 + lib/ftp.c | 12 +- lib/httpsrr.c | 2 - lib/ldap.c | 43 ++-- lib/mqtt.c | 2 +- lib/multi_ev.c | 4 - lib/sendf.c | 7 + lib/setopt.c | 16 +- lib/socks_sspi.c | 23 +- lib/url.c | 7 + lib/urlapi.c | 2 + lib/vquic/curl_ngtcp2.c | 7 - lib/vquic/curl_quiche.c | 6 - lib/vssh/libssh2.c | 10 +- lib/vtls/gtls.c | 2 +- lib/vtls/mbedtls.c | 2 +- lib/vtls/openssl.c | 16 +- lib/vtls/rustls.c | 4 +- lib/vtls/schannel.c | 11 +- lib/vtls/wolfssl.c | 3 - lib/vtls/x509asn1.c | 4 +- lib/vtls/x509asn1.h | 2 +- m4/curl-compilers.m4 | 73 ++++-- src/curlinfo.c | 6 +- src/tool_getparam.c | 3 - src/tool_operate.c | 4 +- tests/libtest/lib1565.c | 2 +- tests/libtest/lib557.c | 13 +- tests/unit/unit1398.c | 9 + 36 files changed, 533 insertions(+), 360 deletions(-) diff --git a/CMake/PickyWarnings.cmake b/CMake/PickyWarnings.cmake index f67576d681..bdd226e924 100644 --- a/CMake/PickyWarnings.cmake +++ b/CMake/PickyWarnings.cmake @@ -47,8 +47,8 @@ endif() if(APPLE AND (CMAKE_C_COMPILER_ID STREQUAL "Clang" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 3.6) OR - (CMAKE_C_COMPILER_ID STREQUAL "AppleClang" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 6.3)) - list(APPEND _picky "-Werror=partial-availability") # clang 3.6 appleclang 6.3 + (CMAKE_C_COMPILER_ID STREQUAL "AppleClang" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 6.1)) + list(APPEND _picky "-Werror=partial-availability") # clang 3.6 appleclang 6.1 endif() if(CMAKE_C_COMPILER_ID STREQUAL "GNU" OR CMAKE_C_COMPILER_ID MATCHES "Clang") @@ -87,6 +87,9 @@ if(PICKY_COMPILER) set(_picky_detect ) + # Notes: -Wno-* options should ideally be disabled at their precise cutoff versions, + # to suppress undesired warnings in case -Weverything is passed as a custom option. + # Assume these options always exist with both clang and gcc. # Require clang 3.0 / gcc 2.95 or later. list(APPEND _picky_enable @@ -121,13 +124,14 @@ if(PICKY_COMPILER) -Wmissing-field-initializers # clang 2.7 gcc 4.1 -Wmissing-noreturn # clang 2.7 gcc 4.1 -Wno-format-nonliteral # clang 1.0 gcc 2.96 (3.0) + -Wno-padded # clang 2.9 gcc 4.1 # Not used: We cannot change public structs -Wno-sign-conversion # clang 2.9 gcc 4.3 + -Wno-switch-default # clang 2.7 gcc 4.1 # Not used: Annoying to fix or silence + -Wno-switch-enum # clang 2.7 gcc 4.1 # Not used: It basically disallows default case -Wno-system-headers # clang 1.0 gcc 3.0 - # -Wpadded # clang 2.9 gcc 4.1 # Not used: We cannot change public structs -Wold-style-definition # clang 2.7 gcc 3.4 -Wredundant-decls # clang 2.7 gcc 4.1 -Wstrict-prototypes # clang 1.0 gcc 3.3 - # -Wswitch-enum # clang 2.7 gcc 4.1 # Not used: It basically disallows default case -Wtype-limits # clang 2.7 gcc 4.3 -Wunreachable-code # clang 2.7 gcc 4.1 # -Wunused-macros # clang 2.7 gcc 4.1 # Not practical @@ -139,6 +143,8 @@ if(PICKY_COMPILER) if(CMAKE_C_COMPILER_ID MATCHES "Clang") list(APPEND _picky_enable ${_picky_common_old} + -Wconditional-uninitialized # clang 3.0 + -Wno-used-but-marked-unused # clang 3.0 # Triggered by typecheck-gcc.h (with clang 14+) -Wshift-sign-overflow # clang 2.9 -Wshorten-64-to-32 # clang 1.0 -Wformat=2 # clang 3.0 gcc 4.8 @@ -149,39 +155,102 @@ if(PICKY_COMPILER) ) endif() # Enable based on compiler version - if((CMAKE_C_COMPILER_ID STREQUAL "Clang" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 3.6) OR - (CMAKE_C_COMPILER_ID STREQUAL "AppleClang" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 6.3)) + if(CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 3.1) list(APPEND _picky_enable - -Wdouble-promotion # clang 3.6 gcc 4.6 appleclang 6.3 - -Wenum-conversion # clang 3.2 gcc 10.0 appleclang 4.6 g++ 11.0 + -Wno-covered-switch-default # clang 3.1 appleclang 3.1 # Annoying to fix or silence + -Wno-disabled-macro-expansion # clang 3.1 appleclang 3.1 # Triggered by typecheck-gcc.h (with clang 14+) + ) + if(MSVC) + list(APPEND _picky_enable + -Wno-format-non-iso # clang 3.1 appleclang 3.1 # 'q' length modifier is not supported by ISO C + ) + else() + list(APPEND _picky_enable + -Wformat-non-iso # clang 3.1 appleclang 3.1 + ) + endif() + endif() + if((CMAKE_C_COMPILER_ID STREQUAL "Clang" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 3.3) OR + (CMAKE_C_COMPILER_ID STREQUAL "AppleClang" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 5.0)) + list(APPEND _picky_enable + -Wenum-conversion # clang 3.2 gcc 10.0 appleclang 4.2 g++ 11.0 + -Wmissing-variable-declarations # clang 3.2 appleclang 4.2 + -Wno-documentation-unknown-command # clang 3.3 appleclang 5.0 + -Wsometimes-uninitialized # clang 3.2 appleclang 4.2 + ) + endif() + if((CMAKE_C_COMPILER_ID STREQUAL "Clang" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 3.6) OR + (CMAKE_C_COMPILER_ID STREQUAL "AppleClang" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 6.1)) + list(APPEND _picky_enable + -Wdouble-promotion # clang 3.6 gcc 4.6 appleclang 6.1 -Wheader-guard # clang 3.4 appleclang 5.1 -Wpragmas # clang 3.5 gcc 4.1 appleclang 6.0 - -Wsometimes-uninitialized # clang 3.2 appleclang 4.6 # -Wunreachable-code-break # clang 3.5 appleclang 6.0 # Not used: Silent in "unity" builds -Wunused-const-variable # clang 3.4 gcc 6.0 appleclang 5.1 ) endif() if((CMAKE_C_COMPILER_ID STREQUAL "Clang" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 3.9) OR - (CMAKE_C_COMPILER_ID STREQUAL "AppleClang" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 8.3)) + (CMAKE_C_COMPILER_ID STREQUAL "AppleClang" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 8.1)) list(APPEND _picky_enable - -Wcomma # clang 3.9 appleclang 8.3 - -Wmissing-variable-declarations # clang 3.2 appleclang 4.6 + -Wcomma # clang 3.9 appleclang 8.1 ) + if(MSVC) + list(APPEND _picky_enable + -Wno-nonportable-system-include-path # clang 3.9 appleclang 8.1 # No truly portable solution to this + ) + endif() endif() if((CMAKE_C_COMPILER_ID STREQUAL "Clang" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 7.0) OR - (CMAKE_C_COMPILER_ID STREQUAL "AppleClang" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 10.3)) + (CMAKE_C_COMPILER_ID STREQUAL "AppleClang" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 11)) list(APPEND _picky_enable - -Wassign-enum # clang 7.0 appleclang 10.3 - -Wextra-semi-stmt # clang 7.0 appleclang 10.3 + -Wassign-enum # clang 7.0 appleclang 11.0 + -Wextra-semi-stmt # clang 7.0 appleclang 11.0 ) endif() if((CMAKE_C_COMPILER_ID STREQUAL "Clang" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 10.0) OR - (CMAKE_C_COMPILER_ID STREQUAL "AppleClang" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 12.4)) + (CMAKE_C_COMPILER_ID STREQUAL "AppleClang" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 12)) list(APPEND _picky_enable - -Wimplicit-fallthrough # clang 4.0 gcc 7.0 appleclang 12.4 # We do silencing for clang 10.0 and above only - -Wxor-used-as-pow # clang 10.0 gcc 13.0 + -Wimplicit-fallthrough # clang 4.0 gcc 7.0 appleclang 9.0 # We do silencing for clang 10.0 and above only + -Wxor-used-as-pow # clang 10.0 gcc 13.0 appleclang 12.0 ) endif() + if((CMAKE_C_COMPILER_ID STREQUAL "Clang" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 13.0) OR + (CMAKE_C_COMPILER_ID STREQUAL "AppleClang" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 13.1)) + list(APPEND _picky_enable + -Wcast-function-type # clang 13.0 appleclang 13.1 + -Wreserved-identifier # clang 13.0 appleclang 13.1 # Keep it before -Wno-reserved-macro-identifier + -Wno-reserved-macro-identifier # clang 13.0 appleclang 13.1 # External macros have to be set sometimes + ) + endif() + if((CMAKE_C_COMPILER_ID STREQUAL "Clang" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 16.0) OR + (CMAKE_C_COMPILER_ID STREQUAL "AppleClang" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 15.0)) + list(APPEND _picky_enable + -Wno-unsafe-buffer-usage # clang 16.0 appleclang 15.0 + ) + endif() + if((CMAKE_C_COMPILER_ID STREQUAL "Clang" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 16.0) OR + (CMAKE_C_COMPILER_ID STREQUAL "AppleClang" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 16.0)) + list(APPEND _picky_enable + -Wcast-function-type-strict # clang 16.0 appleclang 16.0 + ) + endif() + if(CMAKE_C_COMPILER_ID STREQUAL "Clang" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 21.0) + list(APPEND _picky_enable + -Warray-compare # clang 20.0 gcc 12.0 appleclang ? + -Wc++-hidden-decl # clang 21.0 appleclang ? + -Wno-implicit-void-ptr-cast # clang 21.0 appleclang ? + -Wtentative-definition-compat # clang 21.0 appleclang ? + ) + if(WIN32) + list(APPEND _picky_enable + -Wno-c++-keyword # clang 21.0 appleclang ? # `wchar_t` triggers it on Windows + ) + else() + list(APPEND _picky_enable + -Wc++-keyword # clang 21.0 appleclang ? + ) + endif() + endif() else() # gcc # Enable based on compiler version if(CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 4.3) @@ -207,7 +276,7 @@ if(PICKY_COMPILER) endif() if(CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 4.8) list(APPEND _picky_enable - -Wdouble-promotion # clang 3.6 gcc 4.6 appleclang 6.3 + -Wdouble-promotion # clang 3.6 gcc 4.6 appleclang 6.1 -Wformat=2 # clang 3.0 gcc 4.8 -Wtrampolines # gcc 4.6 ) @@ -232,21 +301,21 @@ if(PICKY_COMPILER) -Walloc-zero # gcc 7.0 -Wduplicated-branches # gcc 7.0 -Wformat-truncation=2 # gcc 7.0 - -Wimplicit-fallthrough # clang 4.0 gcc 7.0 + -Wimplicit-fallthrough # clang 4.0 gcc 7.0 appleclang 9.0 -Wrestrict # gcc 7.0 ) endif() if(CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 10.0) list(APPEND _picky_enable -Warith-conversion # gcc 10.0 - -Wenum-conversion # clang 3.2 gcc 10.0 appleclang 4.6 g++ 11.0 + -Wenum-conversion # clang 3.2 gcc 10.0 appleclang 4.2 g++ 11.0 ) endif() if(CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 13.0) list(APPEND _picky_enable - -Warray-compare # clang 20.0 gcc 12.0 + -Warray-compare # clang 20.0 gcc 12.0 appleclang ? -Wenum-int-mismatch # gcc 13.0 - -Wxor-used-as-pow # clang 10.0 gcc 13.0 + -Wxor-used-as-pow # clang 10.0 gcc 13.0 appleclang 12.0 ) endif() if(CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 15.0) @@ -262,8 +331,11 @@ if(PICKY_COMPILER) set(_picky_skipped "") foreach(_ccopt IN LISTS _picky_enable) - string(REGEX MATCH "-W([a-z0-9-]+)" _ccmatch "${_ccopt}") - if(_ccmatch AND CMAKE_C_FLAGS MATCHES "-Wno-${CMAKE_MATCH_1}" AND NOT _ccopt STREQUAL "-Wall" AND NOT _ccopt MATCHES "^-Wno-") + string(REGEX MATCH "-W([a-z0-9+-]+)" _ccmatch "${_ccopt}") + string(REPLACE "+" "\\+" _cmake_match_1 "${CMAKE_MATCH_1}") # escape '+' to make it a valid regex + if(_ccmatch AND "${CMAKE_C_FLAGS} " MATCHES "-Wno-${_cmake_match_1} " AND + NOT _ccopt STREQUAL "-Wall" AND + NOT _ccopt MATCHES "^-Wno-") string(APPEND _picky_skipped " ${_ccopt}") else() list(APPEND _picky "${_ccopt}") diff --git a/include/curl/typecheck-gcc.h b/include/curl/typecheck-gcc.h index a0b41aeb24..07fba246d4 100644 --- a/include/curl/typecheck-gcc.h +++ b/include/curl/typecheck-gcc.h @@ -29,9 +29,9 @@ /* To add a new kind of warning, add an * if(curlcheck_sometype_option(_curl_opt)) * if(!curlcheck_sometype(value)) - * _curl_easy_setopt_err_sometype(); + * Wcurl_easy_setopt_err_sometype(); * block and define curlcheck_sometype_option, curlcheck_sometype and - * _curl_easy_setopt_err_sometype below + * Wcurl_easy_setopt_err_sometype below * * NOTE: We use two nested 'if' statements here instead of the && operator, in * order to work around gcc bug #32061. It affects only gcc 4.3.x/4.4.x @@ -47,113 +47,113 @@ CURL_IGNORE_DEPRECATION( \ if(curlcheck_long_option(option)) \ if(!curlcheck_long(value)) \ - _curl_easy_setopt_err_long(); \ + Wcurl_easy_setopt_err_long(); \ if(curlcheck_off_t_option(option)) \ if(!curlcheck_off_t(value)) \ - _curl_easy_setopt_err_curl_off_t(); \ + Wcurl_easy_setopt_err_curl_off_t(); \ if(curlcheck_string_option(option)) \ if(!curlcheck_string(value)) \ - _curl_easy_setopt_err_string(); \ + Wcurl_easy_setopt_err_string(); \ if((option) == CURLOPT_PRIVATE) { } \ if(curlcheck_write_cb_option(option)) \ if(!curlcheck_write_cb(value)) \ - _curl_easy_setopt_err_write_callback(); \ + Wcurl_easy_setopt_err_write_callback(); \ if(curlcheck_curl_option(option)) \ if(!curlcheck_curl(value)) \ - _curl_easy_setopt_err_curl(); \ + Wcurl_easy_setopt_err_curl(); \ if((option) == CURLOPT_RESOLVER_START_FUNCTION) \ if(!curlcheck_resolver_start_callback(value)) \ - _curl_easy_setopt_err_resolver_start_callback(); \ + Wcurl_easy_setopt_err_resolver_start_callback(); \ if((option) == CURLOPT_READFUNCTION) \ if(!curlcheck_read_cb(value)) \ - _curl_easy_setopt_err_read_cb(); \ + Wcurl_easy_setopt_err_read_cb(); \ if((option) == CURLOPT_IOCTLFUNCTION) \ if(!curlcheck_ioctl_cb(value)) \ - _curl_easy_setopt_err_ioctl_cb(); \ + Wcurl_easy_setopt_err_ioctl_cb(); \ if((option) == CURLOPT_SOCKOPTFUNCTION) \ if(!curlcheck_sockopt_cb(value)) \ - _curl_easy_setopt_err_sockopt_cb(); \ + Wcurl_easy_setopt_err_sockopt_cb(); \ if((option) == CURLOPT_OPENSOCKETFUNCTION) \ if(!curlcheck_opensocket_cb(value)) \ - _curl_easy_setopt_err_opensocket_cb(); \ + Wcurl_easy_setopt_err_opensocket_cb(); \ if((option) == CURLOPT_PROGRESSFUNCTION) \ if(!curlcheck_progress_cb(value)) \ - _curl_easy_setopt_err_progress_cb(); \ + Wcurl_easy_setopt_err_progress_cb(); \ if((option) == CURLOPT_XFERINFOFUNCTION) \ if(!curlcheck_xferinfo_cb(value)) \ - _curl_easy_setopt_err_xferinfo_cb(); \ + Wcurl_easy_setopt_err_xferinfo_cb(); \ if((option) == CURLOPT_DEBUGFUNCTION) \ if(!curlcheck_debug_cb(value)) \ - _curl_easy_setopt_err_debug_cb(); \ + Wcurl_easy_setopt_err_debug_cb(); \ if((option) == CURLOPT_SSL_CTX_FUNCTION) \ if(!curlcheck_ssl_ctx_cb(value)) \ - _curl_easy_setopt_err_ssl_ctx_cb(); \ + Wcurl_easy_setopt_err_ssl_ctx_cb(); \ if(curlcheck_conv_cb_option(option)) \ if(!curlcheck_conv_cb(value)) \ - _curl_easy_setopt_err_conv_cb(); \ + Wcurl_easy_setopt_err_conv_cb(); \ if((option) == CURLOPT_SEEKFUNCTION) \ if(!curlcheck_seek_cb(value)) \ - _curl_easy_setopt_err_seek_cb(); \ + Wcurl_easy_setopt_err_seek_cb(); \ if((option) == CURLOPT_CHUNK_BGN_FUNCTION) \ if(!curlcheck_chunk_bgn_cb(value)) \ - _curl_easy_setopt_err_chunk_bgn_cb(); \ + Wcurl_easy_setopt_err_chunk_bgn_cb(); \ if((option) == CURLOPT_CHUNK_END_FUNCTION) \ if(!curlcheck_chunk_end_cb(value)) \ - _curl_easy_setopt_err_chunk_end_cb(); \ + Wcurl_easy_setopt_err_chunk_end_cb(); \ if((option) == CURLOPT_CLOSESOCKETFUNCTION) \ if(!curlcheck_close_socket_cb(value)) \ - _curl_easy_setopt_err_close_socket_cb(); \ + Wcurl_easy_setopt_err_close_socket_cb(); \ if((option) == CURLOPT_FNMATCH_FUNCTION) \ if(!curlcheck_fnmatch_cb(value)) \ - _curl_easy_setopt_err_fnmatch_cb(); \ + Wcurl_easy_setopt_err_fnmatch_cb(); \ if((option) == CURLOPT_HSTSREADFUNCTION) \ if(!curlcheck_hstsread_cb(value)) \ - _curl_easy_setopt_err_hstsread_cb(); \ + Wcurl_easy_setopt_err_hstsread_cb(); \ if((option) == CURLOPT_HSTSWRITEFUNCTION) \ if(!curlcheck_hstswrite_cb(value)) \ - _curl_easy_setopt_err_hstswrite_cb(); \ + Wcurl_easy_setopt_err_hstswrite_cb(); \ if((option) == CURLOPT_SSH_HOSTKEYFUNCTION) \ if(!curlcheck_ssh_hostkey_cb(value)) \ - _curl_easy_setopt_err_ssh_hostkey_cb(); \ + Wcurl_easy_setopt_err_ssh_hostkey_cb(); \ if((option) == CURLOPT_SSH_KEYFUNCTION) \ if(!curlcheck_ssh_key_cb(value)) \ - _curl_easy_setopt_err_ssh_key_cb(); \ + Wcurl_easy_setopt_err_ssh_key_cb(); \ if((option) == CURLOPT_INTERLEAVEFUNCTION) \ if(!curlcheck_interleave_cb(value)) \ - _curl_easy_setopt_err_interleave_cb(); \ + Wcurl_easy_setopt_err_interleave_cb(); \ if((option) == CURLOPT_PREREQFUNCTION) \ if(!curlcheck_prereq_cb(value)) \ - _curl_easy_setopt_err_prereq_cb(); \ + Wcurl_easy_setopt_err_prereq_cb(); \ if((option) == CURLOPT_TRAILERFUNCTION) \ if(!curlcheck_trailer_cb(value)) \ - _curl_easy_setopt_err_trailer_cb(); \ + Wcurl_easy_setopt_err_trailer_cb(); \ if(curlcheck_cb_data_option(option)) \ if(!curlcheck_cb_data(value)) \ - _curl_easy_setopt_err_cb_data(); \ + Wcurl_easy_setopt_err_cb_data(); \ if((option) == CURLOPT_ERRORBUFFER) \ if(!curlcheck_error_buffer(value)) \ - _curl_easy_setopt_err_error_buffer(); \ + Wcurl_easy_setopt_err_error_buffer(); \ if((option) == CURLOPT_CURLU) \ if(!curlcheck_ptr((value), CURLU)) \ - _curl_easy_setopt_err_curlu(); \ + Wcurl_easy_setopt_err_curlu(); \ if((option) == CURLOPT_STDERR) \ if(!curlcheck_FILE(value)) \ - _curl_easy_setopt_err_FILE(); \ + Wcurl_easy_setopt_err_FILE(); \ if(curlcheck_postfields_option(option)) \ if(!curlcheck_postfields(value)) \ - _curl_easy_setopt_err_postfields(); \ + Wcurl_easy_setopt_err_postfields(); \ if((option) == CURLOPT_HTTPPOST) \ if(!curlcheck_arr((value), struct curl_httppost)) \ - _curl_easy_setopt_err_curl_httpost(); \ + Wcurl_easy_setopt_err_curl_httpost(); \ if((option) == CURLOPT_MIMEPOST) \ if(!curlcheck_ptr((value), curl_mime)) \ - _curl_easy_setopt_err_curl_mimepost(); \ + Wcurl_easy_setopt_err_curl_mimepost(); \ if(curlcheck_slist_option(option)) \ if(!curlcheck_arr((value), struct curl_slist)) \ - _curl_easy_setopt_err_curl_slist(); \ + Wcurl_easy_setopt_err_curl_slist(); \ if((option) == CURLOPT_SHARE) \ if(!curlcheck_ptr((value), CURLSH)) \ - _curl_easy_setopt_err_CURLSH(); \ + Wcurl_easy_setopt_err_CURLSH(); \ ) \ } \ curl_easy_setopt(handle, option, value); \ @@ -166,28 +166,28 @@ CURL_IGNORE_DEPRECATION( \ if(curlcheck_string_info(info)) \ if(!curlcheck_arr((arg), char *)) \ - _curl_easy_getinfo_err_string(); \ + Wcurl_easy_getinfo_err_string(); \ if(curlcheck_long_info(info)) \ if(!curlcheck_arr((arg), long)) \ - _curl_easy_getinfo_err_long(); \ + Wcurl_easy_getinfo_err_long(); \ if(curlcheck_double_info(info)) \ if(!curlcheck_arr((arg), double)) \ - _curl_easy_getinfo_err_double(); \ + Wcurl_easy_getinfo_err_double(); \ if(curlcheck_slist_info(info)) \ if(!curlcheck_arr((arg), struct curl_slist *)) \ - _curl_easy_getinfo_err_curl_slist(); \ + Wcurl_easy_getinfo_err_curl_slist(); \ if(curlcheck_tlssessioninfo_info(info)) \ if(!curlcheck_arr((arg), struct curl_tlssessioninfo *)) \ - _curl_easy_getinfo_err_curl_tlssessioninfo(); \ + Wcurl_easy_getinfo_err_curl_tlssessioninfo(); \ if(curlcheck_certinfo_info(info)) \ if(!curlcheck_arr((arg), struct curl_certinfo *)) \ - _curl_easy_getinfo_err_curl_certinfo(); \ + Wcurl_easy_getinfo_err_curl_certinfo(); \ if(curlcheck_socket_info(info)) \ if(!curlcheck_arr((arg), curl_socket_t)) \ - _curl_easy_getinfo_err_curl_socket(); \ + Wcurl_easy_getinfo_err_curl_socket(); \ if(curlcheck_off_t_info(info)) \ if(!curlcheck_arr((arg), curl_off_t)) \ - _curl_easy_getinfo_err_curl_off_t(); \ + Wcurl_easy_getinfo_err_curl_off_t(); \ ) \ } \ curl_easy_getinfo(handle, info, arg); \ @@ -198,25 +198,25 @@ if(__builtin_constant_p(option)) { \ if(curlcheck_long_option(option)) \ if(!curlcheck_long(value)) \ - _curl_multi_setopt_err_long(); \ + Wcurl_multi_setopt_err_long(); \ if(curlcheck_off_t_option(option)) \ if(!curlcheck_off_t(value)) \ - _curl_multi_setopt_err_curl_off_t(); \ + Wcurl_multi_setopt_err_curl_off_t(); \ if(curlcheck_multicb_data_option(option)) \ if(!curlcheck_cb_data(value)) \ - _curl_multi_setopt_err_cb_data(); \ + Wcurl_multi_setopt_err_cb_data(); \ if(curlcheck_charpp_option(option)) \ if(!curlcheck_ptrptr(value, char)) \ - _curl_multi_setopt_err_charpp(); \ + Wcurl_multi_setopt_err_charpp(); \ if((option) == CURLMOPT_PUSHFUNCTION) \ if(!curlcheck_multipush_cb(value)) \ - _curl_multi_setopt_err_pushcb(); \ + Wcurl_multi_setopt_err_pushcb(); \ if((option) == CURLMOPT_SOCKETFUNCTION) \ if(!curlcheck_multisocket_cb(value)) \ - _curl_multi_setopt_err_socketcb(); \ + Wcurl_multi_setopt_err_socketcb(); \ if((option) == CURLMOPT_TIMERFUNCTION) \ if(!curlcheck_multitimer_cb(value)) \ - _curl_multi_setopt_err_timercb(); \ + Wcurl_multi_setopt_err_timercb(); \ } \ curl_multi_setopt(handle, option, value); \ }) @@ -256,7 +256,7 @@ #define curl_share_setopt(share,opt,param) curl_share_setopt(share,opt,param) -/* the actual warnings, triggered by calling the _curl_easy_setopt_err* +/* the actual warnings, triggered by calling the Wcurl_easy_setopt_err* * functions */ /* To define a new warning, use _CURL_WARNING(identifier, "message") */ @@ -265,117 +265,117 @@ __attribute__((__unused__)) __attribute__((__noinline__)) \ id(void) { __asm__(""); } -CURLWARNING(_curl_multi_setopt_err_long, +CURLWARNING(Wcurl_multi_setopt_err_long, "curl_multi_setopt expects a long argument") -CURLWARNING(_curl_multi_setopt_err_curl_off_t, +CURLWARNING(Wcurl_multi_setopt_err_curl_off_t, "curl_multi_setopt expects a curl_off_t argument") -CURLWARNING(_curl_multi_setopt_err_cb_data, +CURLWARNING(Wcurl_multi_setopt_err_cb_data, "curl_multi_setopt expects a 'void *' argument") -CURLWARNING(_curl_multi_setopt_err_charpp, +CURLWARNING(Wcurl_multi_setopt_err_charpp, "curl_multi_setopt expects a 'char **' argument") -CURLWARNING(_curl_multi_setopt_err_pushcb, +CURLWARNING(Wcurl_multi_setopt_err_pushcb, "curl_multi_setopt expects a curl_push_callback argument") -CURLWARNING(_curl_multi_setopt_err_socketcb, +CURLWARNING(Wcurl_multi_setopt_err_socketcb, "curl_multi_setopt expects a curl_socket_callback argument") -CURLWARNING(_curl_multi_setopt_err_timercb, +CURLWARNING(Wcurl_multi_setopt_err_timercb, "curl_multi_setopt expects a curl_multi_timer_callback argument") -CURLWARNING(_curl_easy_setopt_err_long, +CURLWARNING(Wcurl_easy_setopt_err_long, "curl_easy_setopt expects a long argument") -CURLWARNING(_curl_easy_setopt_err_curl_off_t, +CURLWARNING(Wcurl_easy_setopt_err_curl_off_t, "curl_easy_setopt expects a curl_off_t argument") -CURLWARNING(_curl_easy_setopt_err_string, +CURLWARNING(Wcurl_easy_setopt_err_string, "curl_easy_setopt expects a " "string ('char *' or char[]) argument") -CURLWARNING(_curl_easy_setopt_err_write_callback, +CURLWARNING(Wcurl_easy_setopt_err_write_callback, "curl_easy_setopt expects a curl_write_callback argument") -CURLWARNING(_curl_easy_setopt_err_resolver_start_callback, +CURLWARNING(Wcurl_easy_setopt_err_resolver_start_callback, "curl_easy_setopt expects a " "curl_resolver_start_callback argument") -CURLWARNING(_curl_easy_setopt_err_read_cb, +CURLWARNING(Wcurl_easy_setopt_err_read_cb, "curl_easy_setopt expects a curl_read_callback argument") -CURLWARNING(_curl_easy_setopt_err_ioctl_cb, +CURLWARNING(Wcurl_easy_setopt_err_ioctl_cb, "curl_easy_setopt expects a curl_ioctl_callback argument") -CURLWARNING(_curl_easy_setopt_err_sockopt_cb, +CURLWARNING(Wcurl_easy_setopt_err_sockopt_cb, "curl_easy_setopt expects a curl_sockopt_callback argument") -CURLWARNING(_curl_easy_setopt_err_opensocket_cb, +CURLWARNING(Wcurl_easy_setopt_err_opensocket_cb, "curl_easy_setopt expects a " "curl_opensocket_callback argument") -CURLWARNING(_curl_easy_setopt_err_progress_cb, +CURLWARNING(Wcurl_easy_setopt_err_progress_cb, "curl_easy_setopt expects a curl_progress_callback argument") -CURLWARNING(_curl_easy_setopt_err_xferinfo_cb, +CURLWARNING(Wcurl_easy_setopt_err_xferinfo_cb, "curl_easy_setopt expects a curl_xferinfo_callback argument") -CURLWARNING(_curl_easy_setopt_err_debug_cb, +CURLWARNING(Wcurl_easy_setopt_err_debug_cb, "curl_easy_setopt expects a curl_debug_callback argument") -CURLWARNING(_curl_easy_setopt_err_ssl_ctx_cb, +CURLWARNING(Wcurl_easy_setopt_err_ssl_ctx_cb, "curl_easy_setopt expects a curl_ssl_ctx_callback argument") -CURLWARNING(_curl_easy_setopt_err_conv_cb, +CURLWARNING(Wcurl_easy_setopt_err_conv_cb, "curl_easy_setopt expects a curl_conv_callback argument") -CURLWARNING(_curl_easy_setopt_err_seek_cb, +CURLWARNING(Wcurl_easy_setopt_err_seek_cb, "curl_easy_setopt expects a curl_seek_callback argument") -CURLWARNING(_curl_easy_setopt_err_cb_data, +CURLWARNING(Wcurl_easy_setopt_err_cb_data, "curl_easy_setopt expects a " "private data pointer as argument") -CURLWARNING(_curl_easy_setopt_err_chunk_bgn_cb, +CURLWARNING(Wcurl_easy_setopt_err_chunk_bgn_cb, "curl_easy_setopt expects a curl_chunk_bgn_callback argument") -CURLWARNING(_curl_easy_setopt_err_chunk_end_cb, +CURLWARNING(Wcurl_easy_setopt_err_chunk_end_cb, "curl_easy_setopt expects a curl_chunk_end_callback argument") -CURLWARNING(_curl_easy_setopt_err_close_socket_cb, +CURLWARNING(Wcurl_easy_setopt_err_close_socket_cb, "curl_easy_setopt expects a curl_closesocket_callback argument") -CURLWARNING(_curl_easy_setopt_err_fnmatch_cb, +CURLWARNING(Wcurl_easy_setopt_err_fnmatch_cb, "curl_easy_setopt expects a curl_fnmatch_callback argument") -CURLWARNING(_curl_easy_setopt_err_hstsread_cb, +CURLWARNING(Wcurl_easy_setopt_err_hstsread_cb, "curl_easy_setopt expects a curl_hstsread_callback argument") -CURLWARNING(_curl_easy_setopt_err_hstswrite_cb, +CURLWARNING(Wcurl_easy_setopt_err_hstswrite_cb, "curl_easy_setopt expects a curl_hstswrite_callback argument") -CURLWARNING(_curl_easy_setopt_err_ssh_key_cb, +CURLWARNING(Wcurl_easy_setopt_err_ssh_key_cb, "curl_easy_setopt expects a curl_sshkeycallback argument") -CURLWARNING(_curl_easy_setopt_err_ssh_hostkey_cb, +CURLWARNING(Wcurl_easy_setopt_err_ssh_hostkey_cb, "curl_easy_setopt expects a curl_sshhostkeycallback argument") -CURLWARNING(_curl_easy_setopt_err_interleave_cb, +CURLWARNING(Wcurl_easy_setopt_err_interleave_cb, "curl_easy_setopt expects a curl_interleave_callback argument") -CURLWARNING(_curl_easy_setopt_err_prereq_cb, +CURLWARNING(Wcurl_easy_setopt_err_prereq_cb, "curl_easy_setopt expects a curl_prereq_callback argument") -CURLWARNING(_curl_easy_setopt_err_trailer_cb, +CURLWARNING(Wcurl_easy_setopt_err_trailer_cb, "curl_easy_setopt expects a curl_trailerfunc_ok argument") -CURLWARNING(_curl_easy_setopt_err_error_buffer, +CURLWARNING(Wcurl_easy_setopt_err_error_buffer, "curl_easy_setopt expects a " "char buffer of CURL_ERROR_SIZE as argument") -CURLWARNING(_curl_easy_setopt_err_curlu, +CURLWARNING(Wcurl_easy_setopt_err_curlu, "curl_easy_setopt expects a 'CURLU *' argument") -CURLWARNING(_curl_easy_setopt_err_curl, +CURLWARNING(Wcurl_easy_setopt_err_curl, "curl_easy_setopt expects a 'CURL *' argument") -CURLWARNING(_curl_easy_setopt_err_FILE, +CURLWARNING(Wcurl_easy_setopt_err_FILE, "curl_easy_setopt expects a 'FILE *' argument") -CURLWARNING(_curl_easy_setopt_err_postfields, +CURLWARNING(Wcurl_easy_setopt_err_postfields, "curl_easy_setopt expects a 'void *' or 'char *' argument") -CURLWARNING(_curl_easy_setopt_err_curl_httpost, +CURLWARNING(Wcurl_easy_setopt_err_curl_httpost, "curl_easy_setopt expects a 'struct curl_httppost *' " "argument") -CURLWARNING(_curl_easy_setopt_err_curl_mimepost, +CURLWARNING(Wcurl_easy_setopt_err_curl_mimepost, "curl_easy_setopt expects a 'curl_mime *' " "argument") -CURLWARNING(_curl_easy_setopt_err_curl_slist, +CURLWARNING(Wcurl_easy_setopt_err_curl_slist, "curl_easy_setopt expects a 'struct curl_slist *' argument") -CURLWARNING(_curl_easy_setopt_err_CURLSH, +CURLWARNING(Wcurl_easy_setopt_err_CURLSH, "curl_easy_setopt expects a CURLSH* argument") -CURLWARNING(_curl_easy_getinfo_err_string, +CURLWARNING(Wcurl_easy_getinfo_err_string, "curl_easy_getinfo expects a pointer to 'char *'") -CURLWARNING(_curl_easy_getinfo_err_long, +CURLWARNING(Wcurl_easy_getinfo_err_long, "curl_easy_getinfo expects a pointer to long") -CURLWARNING(_curl_easy_getinfo_err_double, +CURLWARNING(Wcurl_easy_getinfo_err_double, "curl_easy_getinfo expects a pointer to double") -CURLWARNING(_curl_easy_getinfo_err_curl_slist, +CURLWARNING(Wcurl_easy_getinfo_err_curl_slist, "curl_easy_getinfo expects a pointer to 'struct curl_slist *'") -CURLWARNING(_curl_easy_getinfo_err_curl_tlssessioninfo, +CURLWARNING(Wcurl_easy_getinfo_err_curl_tlssessioninfo, "curl_easy_getinfo expects a pointer to " "'struct curl_tlssessioninfo *'") -CURLWARNING(_curl_easy_getinfo_err_curl_certinfo, +CURLWARNING(Wcurl_easy_getinfo_err_curl_certinfo, "curl_easy_getinfo expects a pointer to " "'struct curl_certinfo *'") -CURLWARNING(_curl_easy_getinfo_err_curl_socket, +CURLWARNING(Wcurl_easy_getinfo_err_curl_socket, "curl_easy_getinfo expects a pointer to curl_socket_t") -CURLWARNING(_curl_easy_getinfo_err_curl_off_t, +CURLWARNING(Wcurl_easy_getinfo_err_curl_off_t, "curl_easy_getinfo expects a pointer to curl_off_t") /* groups of curl_easy_setops options that take the same type of argument */ @@ -704,60 +704,60 @@ CURLWARNING(_curl_easy_getinfo_err_curl_off_t, (curlcheck_NULL(expr) || \ curlcheck_cb_compatible((expr), __typeof__(fread) *) || \ curlcheck_cb_compatible((expr), curl_read_callback) || \ - curlcheck_cb_compatible((expr), _curl_read_callback1) || \ - curlcheck_cb_compatible((expr), _curl_read_callback2) || \ - curlcheck_cb_compatible((expr), _curl_read_callback3) || \ - curlcheck_cb_compatible((expr), _curl_read_callback4) || \ - curlcheck_cb_compatible((expr), _curl_read_callback5) || \ - curlcheck_cb_compatible((expr), _curl_read_callback6)) -typedef size_t (*_curl_read_callback1)(char *, size_t, size_t, void *); -typedef size_t (*_curl_read_callback2)(char *, size_t, size_t, const void *); -typedef size_t (*_curl_read_callback3)(char *, size_t, size_t, FILE *); -typedef size_t (*_curl_read_callback4)(void *, size_t, size_t, void *); -typedef size_t (*_curl_read_callback5)(void *, size_t, size_t, const void *); -typedef size_t (*_curl_read_callback6)(void *, size_t, size_t, FILE *); + curlcheck_cb_compatible((expr), Wcurl_read_callback1) || \ + curlcheck_cb_compatible((expr), Wcurl_read_callback2) || \ + curlcheck_cb_compatible((expr), Wcurl_read_callback3) || \ + curlcheck_cb_compatible((expr), Wcurl_read_callback4) || \ + curlcheck_cb_compatible((expr), Wcurl_read_callback5) || \ + curlcheck_cb_compatible((expr), Wcurl_read_callback6)) +typedef size_t (*Wcurl_read_callback1)(char *, size_t, size_t, void *); +typedef size_t (*Wcurl_read_callback2)(char *, size_t, size_t, const void *); +typedef size_t (*Wcurl_read_callback3)(char *, size_t, size_t, FILE *); +typedef size_t (*Wcurl_read_callback4)(void *, size_t, size_t, void *); +typedef size_t (*Wcurl_read_callback5)(void *, size_t, size_t, const void *); +typedef size_t (*Wcurl_read_callback6)(void *, size_t, size_t, FILE *); /* evaluates to true if expr is of type curl_write_callback or "similar" */ #define curlcheck_write_cb(expr) \ (curlcheck_read_cb(expr) || \ curlcheck_cb_compatible((expr), __typeof__(fwrite) *) || \ curlcheck_cb_compatible((expr), curl_write_callback) || \ - curlcheck_cb_compatible((expr), _curl_write_callback1) || \ - curlcheck_cb_compatible((expr), _curl_write_callback2) || \ - curlcheck_cb_compatible((expr), _curl_write_callback3) || \ - curlcheck_cb_compatible((expr), _curl_write_callback4) || \ - curlcheck_cb_compatible((expr), _curl_write_callback5) || \ - curlcheck_cb_compatible((expr), _curl_write_callback6)) -typedef size_t (*_curl_write_callback1)(const char *, size_t, size_t, void *); -typedef size_t (*_curl_write_callback2)(const char *, size_t, size_t, + curlcheck_cb_compatible((expr), Wcurl_write_callback1) || \ + curlcheck_cb_compatible((expr), Wcurl_write_callback2) || \ + curlcheck_cb_compatible((expr), Wcurl_write_callback3) || \ + curlcheck_cb_compatible((expr), Wcurl_write_callback4) || \ + curlcheck_cb_compatible((expr), Wcurl_write_callback5) || \ + curlcheck_cb_compatible((expr), Wcurl_write_callback6)) +typedef size_t (*Wcurl_write_callback1)(const char *, size_t, size_t, void *); +typedef size_t (*Wcurl_write_callback2)(const char *, size_t, size_t, const void *); -typedef size_t (*_curl_write_callback3)(const char *, size_t, size_t, FILE *); -typedef size_t (*_curl_write_callback4)(const void *, size_t, size_t, void *); -typedef size_t (*_curl_write_callback5)(const void *, size_t, size_t, +typedef size_t (*Wcurl_write_callback3)(const char *, size_t, size_t, FILE *); +typedef size_t (*Wcurl_write_callback4)(const void *, size_t, size_t, void *); +typedef size_t (*Wcurl_write_callback5)(const void *, size_t, size_t, const void *); -typedef size_t (*_curl_write_callback6)(const void *, size_t, size_t, FILE *); +typedef size_t (*Wcurl_write_callback6)(const void *, size_t, size_t, FILE *); /* evaluates to true if expr is of type curl_ioctl_callback or "similar" */ #define curlcheck_ioctl_cb(expr) \ (curlcheck_NULL(expr) || \ curlcheck_cb_compatible((expr), curl_ioctl_callback) || \ - curlcheck_cb_compatible((expr), _curl_ioctl_callback1) || \ - curlcheck_cb_compatible((expr), _curl_ioctl_callback2) || \ - curlcheck_cb_compatible((expr), _curl_ioctl_callback3) || \ - curlcheck_cb_compatible((expr), _curl_ioctl_callback4)) -typedef curlioerr (*_curl_ioctl_callback1)(CURL *, int, void *); -typedef curlioerr (*_curl_ioctl_callback2)(CURL *, int, const void *); -typedef curlioerr (*_curl_ioctl_callback3)(CURL *, curliocmd, void *); -typedef curlioerr (*_curl_ioctl_callback4)(CURL *, curliocmd, const void *); + curlcheck_cb_compatible((expr), Wcurl_ioctl_callback1) || \ + curlcheck_cb_compatible((expr), Wcurl_ioctl_callback2) || \ + curlcheck_cb_compatible((expr), Wcurl_ioctl_callback3) || \ + curlcheck_cb_compatible((expr), Wcurl_ioctl_callback4)) +typedef curlioerr (*Wcurl_ioctl_callback1)(CURL *, int, void *); +typedef curlioerr (*Wcurl_ioctl_callback2)(CURL *, int, const void *); +typedef curlioerr (*Wcurl_ioctl_callback3)(CURL *, curliocmd, void *); +typedef curlioerr (*Wcurl_ioctl_callback4)(CURL *, curliocmd, const void *); /* evaluates to true if expr is of type curl_sockopt_callback or "similar" */ #define curlcheck_sockopt_cb(expr) \ (curlcheck_NULL(expr) || \ curlcheck_cb_compatible((expr), curl_sockopt_callback) || \ - curlcheck_cb_compatible((expr), _curl_sockopt_callback1) || \ - curlcheck_cb_compatible((expr), _curl_sockopt_callback2)) -typedef int (*_curl_sockopt_callback1)(void *, curl_socket_t, curlsocktype); -typedef int (*_curl_sockopt_callback2)(const void *, curl_socket_t, + curlcheck_cb_compatible((expr), Wcurl_sockopt_callback1) || \ + curlcheck_cb_compatible((expr), Wcurl_sockopt_callback2)) +typedef int (*Wcurl_sockopt_callback1)(void *, curl_socket_t, curlsocktype); +typedef int (*Wcurl_sockopt_callback2)(const void *, curl_socket_t, curlsocktype); /* evaluates to true if expr is of type curl_opensocket_callback or @@ -765,28 +765,28 @@ typedef int (*_curl_sockopt_callback2)(const void *, curl_socket_t, #define curlcheck_opensocket_cb(expr) \ (curlcheck_NULL(expr) || \ curlcheck_cb_compatible((expr), curl_opensocket_callback) || \ - curlcheck_cb_compatible((expr), _curl_opensocket_callback1) || \ - curlcheck_cb_compatible((expr), _curl_opensocket_callback2) || \ - curlcheck_cb_compatible((expr), _curl_opensocket_callback3) || \ - curlcheck_cb_compatible((expr), _curl_opensocket_callback4)) -typedef curl_socket_t (*_curl_opensocket_callback1) + curlcheck_cb_compatible((expr), Wcurl_opensocket_callback1) || \ + curlcheck_cb_compatible((expr), Wcurl_opensocket_callback2) || \ + curlcheck_cb_compatible((expr), Wcurl_opensocket_callback3) || \ + curlcheck_cb_compatible((expr), Wcurl_opensocket_callback4)) +typedef curl_socket_t (*Wcurl_opensocket_callback1) (void *, curlsocktype, struct curl_sockaddr *); -typedef curl_socket_t (*_curl_opensocket_callback2) +typedef curl_socket_t (*Wcurl_opensocket_callback2) (void *, curlsocktype, const struct curl_sockaddr *); -typedef curl_socket_t (*_curl_opensocket_callback3) +typedef curl_socket_t (*Wcurl_opensocket_callback3) (const void *, curlsocktype, struct curl_sockaddr *); -typedef curl_socket_t (*_curl_opensocket_callback4) +typedef curl_socket_t (*Wcurl_opensocket_callback4) (const void *, curlsocktype, const struct curl_sockaddr *); /* evaluates to true if expr is of type curl_progress_callback or "similar" */ #define curlcheck_progress_cb(expr) \ (curlcheck_NULL(expr) || \ curlcheck_cb_compatible((expr), curl_progress_callback) || \ - curlcheck_cb_compatible((expr), _curl_progress_callback1) || \ - curlcheck_cb_compatible((expr), _curl_progress_callback2)) -typedef int (*_curl_progress_callback1)(void *, + curlcheck_cb_compatible((expr), Wcurl_progress_callback1) || \ + curlcheck_cb_compatible((expr), Wcurl_progress_callback2)) +typedef int (*Wcurl_progress_callback1)(void *, double, double, double, double); -typedef int (*_curl_progress_callback2)(const void *, +typedef int (*Wcurl_progress_callback2)(const void *, double, double, double, double); /* evaluates to true if expr is of type curl_xferinfo_callback */ @@ -798,29 +798,29 @@ typedef int (*_curl_progress_callback2)(const void *, #define curlcheck_debug_cb(expr) \ (curlcheck_NULL(expr) || \ curlcheck_cb_compatible((expr), curl_debug_callback) || \ - curlcheck_cb_compatible((expr), _curl_debug_callback1) || \ - curlcheck_cb_compatible((expr), _curl_debug_callback2) || \ - curlcheck_cb_compatible((expr), _curl_debug_callback3) || \ - curlcheck_cb_compatible((expr), _curl_debug_callback4) || \ - curlcheck_cb_compatible((expr), _curl_debug_callback5) || \ - curlcheck_cb_compatible((expr), _curl_debug_callback6) || \ - curlcheck_cb_compatible((expr), _curl_debug_callback7) || \ - curlcheck_cb_compatible((expr), _curl_debug_callback8)) -typedef int (*_curl_debug_callback1) (CURL *, + curlcheck_cb_compatible((expr), Wcurl_debug_callback1) || \ + curlcheck_cb_compatible((expr), Wcurl_debug_callback2) || \ + curlcheck_cb_compatible((expr), Wcurl_debug_callback3) || \ + curlcheck_cb_compatible((expr), Wcurl_debug_callback4) || \ + curlcheck_cb_compatible((expr), Wcurl_debug_callback5) || \ + curlcheck_cb_compatible((expr), Wcurl_debug_callback6) || \ + curlcheck_cb_compatible((expr), Wcurl_debug_callback7) || \ + curlcheck_cb_compatible((expr), Wcurl_debug_callback8)) +typedef int (*Wcurl_debug_callback1) (CURL *, curl_infotype, char *, size_t, void *); -typedef int (*_curl_debug_callback2) (CURL *, +typedef int (*Wcurl_debug_callback2) (CURL *, curl_infotype, char *, size_t, const void *); -typedef int (*_curl_debug_callback3) (CURL *, +typedef int (*Wcurl_debug_callback3) (CURL *, curl_infotype, const char *, size_t, void *); -typedef int (*_curl_debug_callback4) (CURL *, +typedef int (*Wcurl_debug_callback4) (CURL *, curl_infotype, const char *, size_t, const void *); -typedef int (*_curl_debug_callback5) (CURL *, +typedef int (*Wcurl_debug_callback5) (CURL *, curl_infotype, unsigned char *, size_t, void *); -typedef int (*_curl_debug_callback6) (CURL *, +typedef int (*Wcurl_debug_callback6) (CURL *, curl_infotype, unsigned char *, size_t, const void *); -typedef int (*_curl_debug_callback7) (CURL *, +typedef int (*Wcurl_debug_callback7) (CURL *, curl_infotype, const unsigned char *, size_t, void *); -typedef int (*_curl_debug_callback8) (CURL *, +typedef int (*Wcurl_debug_callback8) (CURL *, curl_infotype, const unsigned char *, size_t, const void *); /* evaluates to true if expr is of type curl_ssl_ctx_callback or "similar" */ @@ -828,66 +828,66 @@ typedef int (*_curl_debug_callback8) (CURL *, #define curlcheck_ssl_ctx_cb(expr) \ (curlcheck_NULL(expr) || \ curlcheck_cb_compatible((expr), curl_ssl_ctx_callback) || \ - curlcheck_cb_compatible((expr), _curl_ssl_ctx_callback1) || \ - curlcheck_cb_compatible((expr), _curl_ssl_ctx_callback2) || \ - curlcheck_cb_compatible((expr), _curl_ssl_ctx_callback3) || \ - curlcheck_cb_compatible((expr), _curl_ssl_ctx_callback4) || \ - curlcheck_cb_compatible((expr), _curl_ssl_ctx_callback5) || \ - curlcheck_cb_compatible((expr), _curl_ssl_ctx_callback6) || \ - curlcheck_cb_compatible((expr), _curl_ssl_ctx_callback7) || \ - curlcheck_cb_compatible((expr), _curl_ssl_ctx_callback8)) -typedef CURLcode (*_curl_ssl_ctx_callback1)(CURL *, void *, void *); -typedef CURLcode (*_curl_ssl_ctx_callback2)(CURL *, void *, const void *); -typedef CURLcode (*_curl_ssl_ctx_callback3)(CURL *, const void *, void *); -typedef CURLcode (*_curl_ssl_ctx_callback4)(CURL *, const void *, + curlcheck_cb_compatible((expr), Wcurl_ssl_ctx_callback1) || \ + curlcheck_cb_compatible((expr), Wcurl_ssl_ctx_callback2) || \ + curlcheck_cb_compatible((expr), Wcurl_ssl_ctx_callback3) || \ + curlcheck_cb_compatible((expr), Wcurl_ssl_ctx_callback4) || \ + curlcheck_cb_compatible((expr), Wcurl_ssl_ctx_callback5) || \ + curlcheck_cb_compatible((expr), Wcurl_ssl_ctx_callback6) || \ + curlcheck_cb_compatible((expr), Wcurl_ssl_ctx_callback7) || \ + curlcheck_cb_compatible((expr), Wcurl_ssl_ctx_callback8)) +typedef CURLcode (*Wcurl_ssl_ctx_callback1)(CURL *, void *, void *); +typedef CURLcode (*Wcurl_ssl_ctx_callback2)(CURL *, void *, const void *); +typedef CURLcode (*Wcurl_ssl_ctx_callback3)(CURL *, const void *, void *); +typedef CURLcode (*Wcurl_ssl_ctx_callback4)(CURL *, const void *, const void *); #ifdef HEADER_SSL_H /* hack: if we included OpenSSL's ssl.h, we know about SSL_CTX * this will of course break if we are included before OpenSSL headers... */ -typedef CURLcode (*_curl_ssl_ctx_callback5)(CURL *, SSL_CTX *, void *); -typedef CURLcode (*_curl_ssl_ctx_callback6)(CURL *, SSL_CTX *, const void *); -typedef CURLcode (*_curl_ssl_ctx_callback7)(CURL *, const SSL_CTX *, void *); -typedef CURLcode (*_curl_ssl_ctx_callback8)(CURL *, const SSL_CTX *, +typedef CURLcode (*Wcurl_ssl_ctx_callback5)(CURL *, SSL_CTX *, void *); +typedef CURLcode (*Wcurl_ssl_ctx_callback6)(CURL *, SSL_CTX *, const void *); +typedef CURLcode (*Wcurl_ssl_ctx_callback7)(CURL *, const SSL_CTX *, void *); +typedef CURLcode (*Wcurl_ssl_ctx_callback8)(CURL *, const SSL_CTX *, const void *); #else -typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback5; -typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback6; -typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback7; -typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback8; +typedef Wcurl_ssl_ctx_callback1 Wcurl_ssl_ctx_callback5; +typedef Wcurl_ssl_ctx_callback1 Wcurl_ssl_ctx_callback6; +typedef Wcurl_ssl_ctx_callback1 Wcurl_ssl_ctx_callback7; +typedef Wcurl_ssl_ctx_callback1 Wcurl_ssl_ctx_callback8; #endif /* evaluates to true if expr is of type curl_conv_callback or "similar" */ #define curlcheck_conv_cb(expr) \ (curlcheck_NULL(expr) || \ curlcheck_cb_compatible((expr), curl_conv_callback) || \ - curlcheck_cb_compatible((expr), _curl_conv_callback1) || \ - curlcheck_cb_compatible((expr), _curl_conv_callback2) || \ - curlcheck_cb_compatible((expr), _curl_conv_callback3) || \ - curlcheck_cb_compatible((expr), _curl_conv_callback4)) -typedef CURLcode (*_curl_conv_callback1)(char *, size_t length); -typedef CURLcode (*_curl_conv_callback2)(const char *, size_t length); -typedef CURLcode (*_curl_conv_callback3)(void *, size_t length); -typedef CURLcode (*_curl_conv_callback4)(const void *, size_t length); + curlcheck_cb_compatible((expr), Wcurl_conv_callback1) || \ + curlcheck_cb_compatible((expr), Wcurl_conv_callback2) || \ + curlcheck_cb_compatible((expr), Wcurl_conv_callback3) || \ + curlcheck_cb_compatible((expr), Wcurl_conv_callback4)) +typedef CURLcode (*Wcurl_conv_callback1)(char *, size_t length); +typedef CURLcode (*Wcurl_conv_callback2)(const char *, size_t length); +typedef CURLcode (*Wcurl_conv_callback3)(void *, size_t length); +typedef CURLcode (*Wcurl_conv_callback4)(const void *, size_t length); /* evaluates to true if expr is of type curl_seek_callback or "similar" */ #define curlcheck_seek_cb(expr) \ (curlcheck_NULL(expr) || \ curlcheck_cb_compatible((expr), curl_seek_callback) || \ - curlcheck_cb_compatible((expr), _curl_seek_callback1) || \ - curlcheck_cb_compatible((expr), _curl_seek_callback2)) -typedef CURLcode (*_curl_seek_callback1)(void *, curl_off_t, int); -typedef CURLcode (*_curl_seek_callback2)(const void *, curl_off_t, int); + curlcheck_cb_compatible((expr), Wcurl_seek_callback1) || \ + curlcheck_cb_compatible((expr), Wcurl_seek_callback2)) +typedef CURLcode (*Wcurl_seek_callback1)(void *, curl_off_t, int); +typedef CURLcode (*Wcurl_seek_callback2)(const void *, curl_off_t, int); /* evaluates to true if expr is of type curl_chunk_bgn_callback */ #define curlcheck_chunk_bgn_cb(expr) \ (curlcheck_NULL(expr) || \ curlcheck_cb_compatible((expr), curl_chunk_bgn_callback) || \ - curlcheck_cb_compatible((expr), _curl_chunk_bgn_callback1) || \ - curlcheck_cb_compatible((expr), _curl_chunk_bgn_callback2)) -typedef long (*_curl_chunk_bgn_callback1)(struct curl_fileinfo *, + curlcheck_cb_compatible((expr), Wcurl_chunk_bgn_callback1) || \ + curlcheck_cb_compatible((expr), Wcurl_chunk_bgn_callback2)) +typedef long (*Wcurl_chunk_bgn_callback1)(struct curl_fileinfo *, void *, int); -typedef long (*_curl_chunk_bgn_callback2)(void *, void *, int); +typedef long (*Wcurl_chunk_bgn_callback2)(void *, void *, int); /* evaluates to true if expr is of type curl_chunk_end_callback */ #define curlcheck_chunk_end_cb(expr) \ @@ -927,11 +927,11 @@ typedef long (*_curl_chunk_bgn_callback2)(void *, void *, int); /* evaluates to true if expr is of type curl_interleave_callback */ #define curlcheck_interleave_cb(expr) \ (curlcheck_NULL(expr) || \ - curlcheck_cb_compatible((expr), _curl_interleave_callback1) || \ - curlcheck_cb_compatible((expr), _curl_interleave_callback2)) -typedef size_t (*_curl_interleave_callback1)(void *p, size_t s, + curlcheck_cb_compatible((expr), Wcurl_interleave_callback1) || \ + curlcheck_cb_compatible((expr), Wcurl_interleave_callback2)) +typedef size_t (*Wcurl_interleave_callback1)(void *p, size_t s, size_t n, void *u); -typedef size_t (*_curl_interleave_callback2)(char *p, size_t s, +typedef size_t (*Wcurl_interleave_callback2)(char *p, size_t s, size_t n, void *u); /* evaluates to true if expr is of type curl_prereq_callback */ diff --git a/lib/asyn-ares.c b/lib/asyn-ares.c index e955990878..807ca5c0bd 100644 --- a/lib/asyn-ares.c +++ b/lib/asyn-ares.c @@ -85,6 +85,17 @@ #if ARES_VERSION >= 0x011000 /* 1.16.0 or later has ares_getaddrinfo */ #define HAVE_CARES_GETADDRINFO 1 +#else +/* How long we are willing to wait for additional parallel responses after + obtaining a "definitive" one. For old c-ares without getaddrinfo. + + This is intended to equal the c-ares default timeout. cURL always uses that + default value. Unfortunately, c-ares does not expose its default timeout in + its API, but it is officially documented as 5 seconds. + + See query_completed_cb() for an explanation of how this is used. + */ +#define HAPPY_EYEBALLS_DNS_TIMEOUT 5000 #endif #ifdef USE_HTTPSRR @@ -99,17 +110,6 @@ #include "curl_memory.h" #include "memdebug.h" -/* How long we are willing to wait for additional parallel responses after - obtaining a "definitive" one. For old c-ares without getaddrinfo. - - This is intended to equal the c-ares default timeout. cURL always uses that - default value. Unfortunately, c-ares does not expose its default timeout in - its API, but it is officially documented as 5 seconds. - - See query_completed_cb() for an explanation of how this is used. - */ -#define HAPPY_EYEBALLS_DNS_TIMEOUT 5000 - #define CARES_TIMEOUT_PER_ATTEMPT 2000 static int ares_ver = 0; diff --git a/lib/curl_trc.c b/lib/curl_trc.c index 52671f4eae..9426adcede 100644 --- a/lib/curl_trc.c +++ b/lib/curl_trc.c @@ -640,8 +640,6 @@ void Curl_trc_cf_infof(struct Curl_easy *data, const struct Curl_cfilter *cf, (void)data; (void)cf; (void)fmt; } -struct curl_trc_feat; - void Curl_trc_multi(struct Curl_easy *data, const char *fmt, ...) { (void)data; (void)fmt; diff --git a/lib/curl_trc.h b/lib/curl_trc.h index fa0999250f..2819abe2dd 100644 --- a/lib/curl_trc.h +++ b/lib/curl_trc.h @@ -95,6 +95,11 @@ void Curl_trc_read(struct Curl_easy *data, void Curl_trc_dns(struct Curl_easy *data, const char *fmt, ...) CURL_PRINTF(2, 3); +struct curl_trc_feat { + const char *name; + int log_level; +}; + #ifndef CURL_DISABLE_FTP extern struct curl_trc_feat Curl_trc_feat_ftp; void Curl_trc_ftp(struct Curl_easy *data, @@ -184,11 +189,6 @@ void Curl_trc_ws(struct Curl_easy *data, #endif /* !CURL_HAVE_C99 */ -struct curl_trc_feat { - const char *name; - int log_level; -}; - #ifndef CURL_DISABLE_VERBOSE_STRINGS /* informational messages enabled */ diff --git a/lib/curlx/version_win32.c b/lib/curlx/version_win32.c index 8d0af68fcf..4efe62b111 100644 --- a/lib/curlx/version_win32.c +++ b/lib/curlx/version_win32.c @@ -134,8 +134,15 @@ bool curlx_verify_windows_version(const unsigned int majorVersion, static bool onetime = TRUE; /* safe because first call is during init */ if(onetime) { +#if defined(__clang__) && __clang_major__ >= 16 +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wcast-function-type-strict" +#endif pRtlVerifyVersionInfo = CURLX_FUNCTION_CAST(RTLVERIFYVERSIONINFO_FN, (GetProcAddress(GetModuleHandleA("ntdll"), "RtlVerifyVersionInfo"))); +#if defined(__clang__) && __clang_major__ >= 16 +#pragma clang diagnostic pop +#endif onetime = FALSE; } diff --git a/lib/doh.c b/lib/doh.c index 030b026fe2..069d5387ea 100644 --- a/lib/doh.c +++ b/lib/doh.c @@ -759,7 +759,7 @@ UNITTEST DOHcode doh_resp_decode(const unsigned char *doh, ancount = doh_get16bit(doh, 6); while(ancount) { - unsigned short class; + unsigned short dnsclass; unsigned int ttl; rc = doh_skipqname(doh, dohlen, &index); @@ -779,8 +779,8 @@ UNITTEST DOHcode doh_resp_decode(const unsigned char *doh, if(dohlen < (index + 2)) return DOH_DNS_OUT_OF_RANGE; - class = doh_get16bit(doh, index); - if(DNS_CLASS_IN != class) + dnsclass = doh_get16bit(doh, index); + if(DNS_CLASS_IN != dnsclass) return DOH_DNS_UNEXPECTED_CLASS; /* unsupported */ index += 2; @@ -816,7 +816,7 @@ UNITTEST DOHcode doh_resp_decode(const unsigned char *doh, if(dohlen < (index + 8)) return DOH_DNS_OUT_OF_RANGE; - index += 2 + 2 + 4; /* type, class and ttl */ + index += 2 + 2 + 4; /* type, dnsclass and ttl */ if(dohlen < (index + 2)) return DOH_DNS_OUT_OF_RANGE; @@ -838,7 +838,7 @@ UNITTEST DOHcode doh_resp_decode(const unsigned char *doh, if(dohlen < (index + 8)) return DOH_DNS_OUT_OF_RANGE; - index += 2 + 2 + 4; /* type, class and ttl */ + index += 2 + 2 + 4; /* type, dnsclass and ttl */ if(dohlen < (index + 2)) return DOH_DNS_OUT_OF_RANGE; diff --git a/lib/formdata.c b/lib/formdata.c index d8553e3256..475ca22fc8 100644 --- a/lib/formdata.c +++ b/lib/formdata.c @@ -868,10 +868,17 @@ CURLcode Curl_getformdata(CURL *data, particular, freopen(stdin) by the caller is not guaranteed to result as expected. This feature has been kept for backward compatibility: use of "-" pseudo filename should be avoided. */ +#if defined(__clang__) && __clang_major__ >= 16 +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wcast-function-type-strict" +#endif result = curl_mime_data_cb(part, (curl_off_t) -1, (curl_read_callback) fread, fseeko_wrapper, NULL, (void *) stdin); +#if defined(__clang__) && __clang_major__ >= 16 +#pragma clang diagnostic pop +#endif } else result = curl_mime_filedata(part, file->contents); diff --git a/lib/ftp.c b/lib/ftp.c index 6c710dceb9..6a33b6723c 100644 --- a/lib/ftp.c +++ b/lib/ftp.c @@ -142,11 +142,11 @@ static const char * const ftp_state_names[]={ #endif /* !CURL_DISABLE_VERBOSE_STRINGS */ /* This is the ONLY way to change FTP state! */ -static void _ftp_state(struct Curl_easy *data, - struct ftp_conn *ftpc, - ftpstate newstate +static void ftp_state_low(struct Curl_easy *data, + struct ftp_conn *ftpc, + ftpstate newstate #ifdef DEBUGBUILD - , int lineno + , int lineno #endif ) { @@ -172,9 +172,9 @@ static void _ftp_state(struct Curl_easy *data, /* Local API functions */ #ifndef DEBUGBUILD -#define ftp_state(x,y,z) _ftp_state(x,y,z) +#define ftp_state(x,y,z) ftp_state_low(x,y,z) #else /* !DEBUGBUILD */ -#define ftp_state(x,y,z) _ftp_state(x,y,z,__LINE__) +#define ftp_state(x,y,z) ftp_state_low(x,y,z,__LINE__) #endif /* DEBUGBUILD */ static CURLcode ftp_sendquote(struct Curl_easy *data, diff --git a/lib/httpsrr.c b/lib/httpsrr.c index df93ac34ac..26b8522cc9 100644 --- a/lib/httpsrr.c +++ b/lib/httpsrr.c @@ -38,8 +38,6 @@ #include "curl_memory.h" #include "memdebug.h" -#define MAX_ALPN_LENGTH 255 - static CURLcode httpsrr_decode_alpn(const char *cp, size_t len, unsigned char *alpns) { diff --git a/lib/ldap.c b/lib/ldap.c index 4b232e2bb6..66cf8916d6 100644 --- a/lib/ldap.c +++ b/lib/ldap.c @@ -119,30 +119,30 @@ struct ldap_urldesc { char *lud_filter; #endif char **lud_exts; - size_t lud_attrs_dups; /* how many were dup'ed, this field is not in the - "real" struct so can only be used in code - without HAVE_LDAP_URL_PARSE defined */ + size_t lud_attrs_dups; /* how many were dup'ed, this field is not in the + "real" struct so can only be used in code + without HAVE_LDAP_URL_PARSE defined */ }; #undef LDAPURLDesc #define LDAPURLDesc struct ldap_urldesc -static int _ldap_url_parse(struct Curl_easy *data, - const struct connectdata *conn, - LDAPURLDesc **ludp); -static void _ldap_free_urldesc(LDAPURLDesc *ludp); +static int ldap_url_parse_low(struct Curl_easy *data, + const struct connectdata *conn, + LDAPURLDesc **ludp); +static void ldap_free_urldesc_low(LDAPURLDesc *ludp); #undef ldap_free_urldesc -#define ldap_free_urldesc _ldap_free_urldesc +#define ldap_free_urldesc ldap_free_urldesc_low #endif #ifdef DEBUG_LDAP #define LDAP_TRACE(x) do { \ - _ldap_trace("%u: ", __LINE__); \ - _ldap_trace x; \ + ldap_trace_low("%u: ", __LINE__); \ + ldap_trace_low x; \ } while(0) - static void _ldap_trace(const char *fmt, ...) CURL_PRINTF(1, 2); + static void ldap_trace_low(const char *fmt, ...) CURL_PRINTF(1, 2); #else #define LDAP_TRACE(x) Curl_nop_stmt #endif @@ -346,7 +346,7 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done) #ifdef HAVE_LDAP_URL_PARSE rc = ldap_url_parse(data->state.url, &ludp); #else - rc = _ldap_url_parse(data, conn, &ludp); + rc = ldap_url_parse_low(data, conn, &ludp); #endif if(rc) { failf(data, "Bad LDAP URL: %s", ldap_err2string((curl_ldap_num_t)rc)); @@ -728,7 +728,7 @@ quit: } #ifdef DEBUG_LDAP -static void _ldap_trace(const char *fmt, ...) +static void ldap_trace_low(const char *fmt, ...) { static int do_trace = -1; va_list args; @@ -795,8 +795,9 @@ static size_t num_entries(const char *s) * * Defined in RFC4516 section 2. */ -static int _ldap_url_parse2(struct Curl_easy *data, - const struct connectdata *conn, LDAPURLDesc *ludp) +static int ldap_url_parse2_low(struct Curl_easy *data, + const struct connectdata *conn, + LDAPURLDesc *ludp) { int rc = LDAP_SUCCESS; char *p; @@ -999,9 +1000,9 @@ quit: return rc; } -static int _ldap_url_parse(struct Curl_easy *data, - const struct connectdata *conn, - LDAPURLDesc **ludpp) +static int ldap_url_parse_low(struct Curl_easy *data, + const struct connectdata *conn, + LDAPURLDesc **ludpp) { LDAPURLDesc *ludp = calloc(1, sizeof(*ludp)); int rc; @@ -1010,16 +1011,16 @@ static int _ldap_url_parse(struct Curl_easy *data, if(!ludp) return LDAP_NO_MEMORY; - rc = _ldap_url_parse2(data, conn, ludp); + rc = ldap_url_parse2_low(data, conn, ludp); if(rc != LDAP_SUCCESS) { - _ldap_free_urldesc(ludp); + ldap_free_urldesc_low(ludp); ludp = NULL; } *ludpp = ludp; return rc; } -static void _ldap_free_urldesc(LDAPURLDesc *ludp) +static void ldap_free_urldesc_low(LDAPURLDesc *ludp) { if(!ludp) return; diff --git a/lib/mqtt.c b/lib/mqtt.c index 35afe01207..01dd4e0a0d 100644 --- a/lib/mqtt.c +++ b/lib/mqtt.c @@ -54,7 +54,7 @@ #define MQTT_MSG_SUBSCRIBE 0x82 #define MQTT_MSG_SUBACK 0x90 #define MQTT_MSG_DISCONNECT 0xe0 -#define MQTT_MSG_PINGREQ 0xC0 +/* #define MQTT_MSG_PINGREQ 0xC0 */ #define MQTT_MSG_PINGRESP 0xD0 #define MQTT_CONNACK_LEN 2 diff --git a/lib/multi_ev.c b/lib/multi_ev.c index 61c639d9e4..49e6e673a0 100644 --- a/lib/multi_ev.c +++ b/lib/multi_ev.c @@ -51,8 +51,6 @@ static void mev_in_callback(struct Curl_multi *multi, bool value) multi->in_callback = value; } -#define CURL_MEV_CONN_HASH_SIZE 3 - /* Information about a socket for which we inform the libcurl application * what to supervise (CURL_POLL_IN/CURL_POLL_OUT/CURL_POLL_REMOVE) */ @@ -636,8 +634,6 @@ void Curl_multi_ev_conn_done(struct Curl_multi *multi, Curl_conn_meta_remove(conn, CURL_META_MEV_POLLSET); } -#define CURL_MEV_PS_HASH_SLOTS (991) /* nice prime */ - void Curl_multi_ev_init(struct Curl_multi *multi, size_t hashsize) { Curl_hash_init(&multi->ev.sh_entries, hashsize, mev_sh_entry_hash, diff --git a/lib/sendf.c b/lib/sendf.c index 551bb5ca81..f759fb61a4 100644 --- a/lib/sendf.c +++ b/lib/sendf.c @@ -878,7 +878,14 @@ static CURLcode cr_in_rewind(struct Curl_easy *data, /* If no CURLOPT_READFUNCTION is used, we know that we operate on a given FILE * stream and we can actually attempt to rewind that ourselves with fseek() */ +#if defined(__clang__) && __clang_major__ >= 16 +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wcast-function-type-strict" +#endif if(data->state.fread_func == (curl_read_callback)fread) { +#if defined(__clang__) && __clang_major__ >= 16 +#pragma clang diagnostic pop +#endif int err = fseek(data->state.in, 0, SEEK_SET); CURL_TRC_READ(data, "cr_in, rewind via fseek -> %d(%d)", (int)err, (int)errno); diff --git a/lib/setopt.c b/lib/setopt.c index d7a7f6c52d..d958c5492a 100644 --- a/lib/setopt.c +++ b/lib/setopt.c @@ -818,10 +818,10 @@ static CURLcode setopt_bool(struct Curl_easy *data, CURLoption option, #if defined(CONNECT_DATA_IDEMPOTENT) || defined(MSG_FASTOPEN) || \ defined(TCP_FASTOPEN_CONNECT) s->tcp_fastopen = enabled; + break; #else return CURLE_NOT_BUILT_IN; #endif - break; case CURLOPT_SSL_ENABLE_ALPN: s->ssl_enable_alpn = enabled; break; @@ -2637,8 +2637,15 @@ static CURLcode setopt_func(struct Curl_easy *data, CURLoption option, */ s->fwrite_func = va_arg(param, curl_write_callback); if(!s->fwrite_func) +#if defined(__clang__) && __clang_major__ >= 16 +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wcast-function-type-strict" +#endif /* When set to NULL, reset to our internal default function */ s->fwrite_func = (curl_write_callback)fwrite; +#if defined(__clang__) && __clang_major__ >= 16 +#pragma clang diagnostic pop +#endif break; case CURLOPT_READFUNCTION: /* @@ -2647,8 +2654,15 @@ static CURLcode setopt_func(struct Curl_easy *data, CURLoption option, s->fread_func_set = va_arg(param, curl_read_callback); if(!s->fread_func_set) { s->is_fread_set = 0; +#if defined(__clang__) && __clang_major__ >= 16 +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wcast-function-type-strict" +#endif /* When set to NULL, reset to our internal default function */ s->fread_func_set = (curl_read_callback)fread; +#if defined(__clang__) && __clang_major__ >= 16 +#pragma clang diagnostic pop +#endif } else s->is_fread_set = 1; diff --git a/lib/socks_sspi.c b/lib/socks_sspi.c index cdc9ef864a..7af0b081e2 100644 --- a/lib/socks_sspi.c +++ b/lib/socks_sspi.c @@ -71,7 +71,8 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, CURLcode code; size_t actualread; size_t written; - int result; + CURLcode result; + int err; /* Needs GSS-API authentication */ SECURITY_STATUS status; unsigned long sspi_ret_flags = 0; @@ -236,8 +237,8 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, * +----+------+-----+----------------+ */ - result = Curl_blockread_all(cf, data, (char *)socksreq, 4, &actualread); - if(result || (actualread != 4)) { + err = Curl_blockread_all(cf, data, (char *)socksreq, 4, &actualread); + if(err || (actualread != 4)) { failf(data, "Failed to receive SSPI authentication response."); result = CURLE_COULDNT_CONNECT; goto error; @@ -268,10 +269,10 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, result = CURLE_OUT_OF_MEMORY; goto error; } - result = Curl_blockread_all(cf, data, (char *)sspi_recv_token.pvBuffer, - sspi_recv_token.cbBuffer, &actualread); + err = Curl_blockread_all(cf, data, (char *)sspi_recv_token.pvBuffer, + sspi_recv_token.cbBuffer, &actualread); - if(result || (actualread != us_length)) { + if(err || (actualread != us_length)) { failf(data, "Failed to receive SSPI authentication token."); result = CURLE_COULDNT_CONNECT; goto error; @@ -452,8 +453,8 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, Curl_safefree(etbuf); } - result = Curl_blockread_all(cf, data, (char *)socksreq, 4, &actualread); - if(result || (actualread != 4)) { + err = Curl_blockread_all(cf, data, (char *)socksreq, 4, &actualread); + if(err || (actualread != 4)) { failf(data, "Failed to receive SSPI encryption response."); result = CURLE_COULDNT_CONNECT; goto error; @@ -484,10 +485,10 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, goto error; } - result = Curl_blockread_all(cf, data, (char *)sspi_w_token[0].pvBuffer, - sspi_w_token[0].cbBuffer, &actualread); + err = Curl_blockread_all(cf, data, (char *)sspi_w_token[0].pvBuffer, + sspi_w_token[0].cbBuffer, &actualread); - if(result || (actualread != us_length)) { + if(err || (actualread != us_length)) { failf(data, "Failed to receive SSPI encryption type."); result = CURLE_COULDNT_CONNECT; goto error; diff --git a/lib/url.c b/lib/url.c index 29702296a9..3f792ec765 100644 --- a/lib/url.c +++ b/lib/url.c @@ -365,11 +365,18 @@ CURLcode Curl_init_userdefined(struct Curl_easy *data) set->in_set = stdin; /* default input from stdin */ set->err = stderr; /* default stderr to stderr */ +#if defined(__clang__) && __clang_major__ >= 16 +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wcast-function-type-strict" +#endif /* use fwrite as default function to store output */ set->fwrite_func = (curl_write_callback)fwrite; /* use fread as default function to read input */ set->fread_func_set = (curl_read_callback)fread; +#if defined(__clang__) && __clang_major__ >= 16 +#pragma clang diagnostic pop +#endif set->is_fread_set = 0; set->seek_client = ZERO_NULL; diff --git a/lib/urlapi.c b/lib/urlapi.c index c89852794e..7776645b4a 100644 --- a/lib/urlapi.c +++ b/lib/urlapi.c @@ -42,11 +42,13 @@ #include "curl_memory.h" #include "memdebug.h" +#ifdef _WIN32 /* MS-DOS/Windows style drive prefix, eg c: in c:foo */ #define STARTS_WITH_DRIVE_PREFIX(str) \ ((('a' <= str[0] && str[0] <= 'z') || \ ('A' <= str[0] && str[0] <= 'Z')) && \ (str[1] == ':')) +#endif /* MS-DOS/Windows style drive prefix, optionally with * a '|' instead of ':', followed by a slash or NUL */ diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index 6cadc8fc58..246e0d51f6 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -80,7 +80,6 @@ #define QUIC_MAX_STREAMS (256*1024) -#define QUIC_MAX_DATA (1*1024*1024) #define QUIC_HANDSHAKE_TIMEOUT (10*NGTCP2_SECONDS) /* A stream window is the maximum amount we need to buffer for @@ -102,8 +101,6 @@ (H3_STREAM_WINDOW_SIZE / H3_STREAM_CHUNK_SIZE ) / 2 /* Receive and Send max number of chunks just follows from the * chunk size and window size */ -#define H3_STREAM_RECV_CHUNKS \ - (H3_STREAM_WINDOW_SIZE / H3_STREAM_CHUNK_SIZE) #define H3_STREAM_SEND_CHUNKS \ (H3_STREAM_WINDOW_SIZE / H3_STREAM_CHUNK_SIZE) @@ -1445,10 +1442,6 @@ cb_h3_read_req_body(nghttp3_conn *conn, int64_t stream_id, return (nghttp3_ssize)nvecs; } -/* Index where :authority header field will appear in request header - field list. */ -#define AUTHORITY_DST_IDX 3 - static CURLcode h3_stream_open(struct Curl_cfilter *cf, struct Curl_easy *data, const void *buf, size_t len, diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c index c1563c4e63..b88b4e97bd 100644 --- a/lib/vquic/curl_quiche.c +++ b/lib/vquic/curl_quiche.c @@ -75,8 +75,6 @@ * chunk size and window size */ #define H3_STREAM_RECV_CHUNKS \ (H3_STREAM_WINDOW_SIZE / H3_STREAM_CHUNK_SIZE) -#define H3_STREAM_SEND_CHUNKS \ - (H3_STREAM_WINDOW_SIZE / H3_STREAM_CHUNK_SIZE) /* * Store quiche version info in this buffer. @@ -955,10 +953,6 @@ static CURLcode cf_quiche_send_body(struct Curl_cfilter *cf, } } -/* Index where :authority header field will appear in request header - field list. */ -#define AUTHORITY_DST_IDX 3 - static CURLcode h3_open_stream(struct Curl_cfilter *cf, struct Curl_easy *data, const char *buf, size_t blen, bool eos, diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c index 69284407ab..ebfd241e6c 100644 --- a/lib/vssh/libssh2.c +++ b/lib/vssh/libssh2.c @@ -1216,9 +1216,6 @@ sftp_upload_init(struct Curl_easy *data, return CURLE_OK; } -/* make sure that this does not collide with an actual libssh2 error code */ -#define ERROR_LIBBSH2 1 - static CURLcode ssh_state_pkey_init(struct Curl_easy *data, struct ssh_conn *sshc) { @@ -3411,12 +3408,19 @@ static CURLcode ssh_connect(struct Curl_easy *data, bool *done) */ #if LIBSSH2_VERSION_NUM >= 0x010b01 infof(data, "Uses HTTPS proxy"); +#if defined(__clang__) && __clang_major__ >= 16 +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wcast-function-type-strict" +#endif libssh2_session_callback_set2(sshc->ssh_session, LIBSSH2_CALLBACK_RECV, (libssh2_cb_generic *)ssh_tls_recv); libssh2_session_callback_set2(sshc->ssh_session, LIBSSH2_CALLBACK_SEND, (libssh2_cb_generic *)ssh_tls_send); +#if defined(__clang__) && __clang_major__ >= 16 +#pragma clang diagnostic pop +#endif #else /* * This crazy union dance is here to avoid assigning a void pointer a diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index eef64886e1..e9252ec2a1 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -2064,7 +2064,7 @@ static CURLcode gtls_shutdown(struct Curl_cfilter *cf, (struct gtls_ssl_backend_data *)connssl->backend; char buf[1024]; CURLcode result = CURLE_OK; - ssize_t nread; + ssize_t nread = 0; size_t i; DEBUGASSERT(backend); diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c index 7b1a31e42f..a8abd0fe09 100644 --- a/lib/vtls/mbedtls.c +++ b/lib/vtls/mbedtls.c @@ -1160,7 +1160,7 @@ static CURLcode mbedtls_shutdown(struct Curl_cfilter *cf, (struct mbed_ssl_backend_data *)connssl->backend; unsigned char buf[1024]; CURLcode result = CURLE_OK; - int ret; + int ret = 0; size_t i; DEBUGASSERT(backend); diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index af890b6c57..66084a27c3 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -137,13 +137,13 @@ static void ossl_provider_cleanup(struct Curl_easy *data); #if defined(USE_OPENSSL_ENGINE) || defined(OPENSSL_HAS_PROVIDERS) #include -#endif #if OPENSSL_VERSION_NUMBER >= 0x10100000L #define OSSL_UI_METHOD_CAST(x) (x) #else #define OSSL_UI_METHOD_CAST(x) CURL_UNCONST(x) #endif +#endif #if OPENSSL_VERSION_NUMBER >= 0x10100000L /* OpenSSL 1.1.0+ and LibreSSL */ #define HAVE_X509_GET0_EXTENSIONS 1 /* added in 1.1.0 -pre1 */ @@ -1631,7 +1631,14 @@ static int pkcs12load(struct Curl_easy *data, fail: EVP_PKEY_free(pri); X509_free(x509); +#if defined(__clang__) && __clang_major__ >= 16 +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wcast-function-type-strict" +#endif sk_X509_pop_free(ca, X509_free); +#if defined(__clang__) && __clang_major__ >= 16 +#pragma clang diagnostic pop +#endif if(!cert_done) return 0; /* failure! */ return 1; @@ -3158,7 +3165,14 @@ static CURLcode load_cacert_from_memory(X509_STORE *store, } } +#if defined(__clang__) && __clang_major__ >= 16 +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wcast-function-type-strict" +#endif sk_X509_INFO_pop_free(inf, X509_INFO_free); +#if defined(__clang__) && __clang_major__ >= 16 +#pragma clang diagnostic pop +#endif BIO_free(cbio); /* if we did not end up importing anything, treat that as an error */ diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c index 221a7a6215..905d4f8a99 100644 --- a/lib/vtls/rustls.c +++ b/lib/vtls/rustls.c @@ -432,7 +432,7 @@ cr_get_selected_ciphers(struct Curl_easy *data, { const size_t supported_len = *selected_size; const size_t default_len = rustls_default_crypto_provider_ciphersuites_len(); - const struct rustls_supported_ciphersuite *entry; + const struct rustls_supported_ciphersuite *entry = NULL; const char *ciphers = ciphers12; size_t count = 0, default13_count = 0, i, j; const char *ptr, *end; @@ -1315,7 +1315,7 @@ cr_shutdown(struct Curl_cfilter *cf, struct rustls_ssl_backend_data *backend = (struct rustls_ssl_backend_data *)connssl->backend; CURLcode result = CURLE_OK; - size_t i, nread, nwritten; + size_t i, nread = 0, nwritten; DEBUGASSERT(backend); if(!backend->conn || cf->shutdown) { diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index fb9ef10822..0cc34b1389 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -771,7 +771,9 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf, SCH_CREDENTIALS credentials = { 0 }; TLS_PARAMETERS tls_parameters = { 0 }; - CRYPTO_SETTINGS crypto_settings[1] = { { 0 } }; + CRYPTO_SETTINGS crypto_settings[1]; + + memset(crypto_settings, 0, sizeof(crypto_settings)); tls_parameters.pDisabledCrypto = crypto_settings; @@ -2551,10 +2553,17 @@ static int schannel_init(void) { #if defined(HAS_ALPN_SCHANNEL) && !defined(UNDER_CE) typedef const char *(APIENTRY *WINE_GET_VERSION_FN)(void); +#if defined(__clang__) && __clang_major__ >= 16 +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wcast-function-type-strict" +#endif WINE_GET_VERSION_FN p_wine_get_version = CURLX_FUNCTION_CAST(WINE_GET_VERSION_FN, (GetProcAddress(GetModuleHandleA("ntdll"), "wine_get_version"))); +#if defined(__clang__) && __clang_major__ >= 16 +#pragma clang diagnostic pop +#endif if(p_wine_get_version) { /* WINE detected */ const char *wine_version = p_wine_get_version(); /* e.g. "6.0.2" */ /* Assume ALPN support with WINE 6.0 or upper */ diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c index afbb9b8218..693cbdc92e 100644 --- a/lib/vtls/wolfssl.c +++ b/lib/vtls/wolfssl.c @@ -1095,9 +1095,6 @@ static CURLcode ssl_version(struct Curl_easy *data, } -#define QUIC_CIPHERS \ - "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_" \ - "POLY1305_SHA256:TLS_AES_128_CCM_SHA256" #define QUIC_GROUPS "P-256:P-384:P-521" CURLcode Curl_wssl_ctx_init(struct wssl_ctx *wctx, diff --git a/lib/vtls/x509asn1.c b/lib/vtls/x509asn1.c index fe47e81a87..96b7f5bd63 100644 --- a/lib/vtls/x509asn1.c +++ b/lib/vtls/x509asn1.c @@ -199,7 +199,7 @@ static const char *getASN1Element_(struct Curl_asn1Element *elem, elem->header = beg; b = (unsigned char) *beg++; elem->constructed = (b & 0x20) != 0; - elem->class = (b >> 6) & 3; + elem->eclass = (b >> 6) & 3; b &= 0x1F; if(b == 0x1F) return NULL; /* Long tag values not supported here. */ @@ -456,7 +456,7 @@ static CURLcode encodeOID(struct dynbuf *store, x = 0; do { if(x & 0xFF000000) - return 0; + return CURLE_OK; y = *(const unsigned char *) beg++; x = (x << 7) | (y & 0x7F); } while(y & 0x80); diff --git a/lib/vtls/x509asn1.h b/lib/vtls/x509asn1.h index f9bd455b70..51ea0c2cd6 100644 --- a/lib/vtls/x509asn1.h +++ b/lib/vtls/x509asn1.h @@ -42,7 +42,7 @@ struct Curl_asn1Element { const char *header; /* Pointer to header byte. */ const char *beg; /* Pointer to element data. */ const char *end; /* Pointer to 1st byte after element. */ - unsigned char class; /* ASN.1 element class. */ + unsigned char eclass; /* ASN.1 element class. */ unsigned char tag; /* ASN.1 element tag. */ BIT(constructed); /* Element is constructed. */ }; diff --git a/m4/curl-compilers.m4 b/m4/curl-compilers.m4 index dc6d3aa4cf..0e4c4e2655 100644 --- a/m4/curl-compilers.m4 +++ b/m4/curl-compilers.m4 @@ -120,16 +120,18 @@ AC_DEFUN([CURL_CHECK_COMPILER_CLANG], [ compiler_num=`(expr $clangvhi "*" 100 + $clangvlo) 2>/dev/null` if test "$appleclang" = '1' && test "$oldapple" = '0'; then dnl Starting with Xcode 7 / clang 3.7, Apple clang won't tell its upstream version - if test "$compiler_num" -ge '1300'; then compiler_num='1200' - elif test "$compiler_num" -ge '1205'; then compiler_num='1101' - elif test "$compiler_num" -ge '1204'; then compiler_num='1000' - elif test "$compiler_num" -ge '1107'; then compiler_num='900' - elif test "$compiler_num" -ge '1103'; then compiler_num='800' - elif test "$compiler_num" -ge '1003'; then compiler_num='700' - elif test "$compiler_num" -ge '1001'; then compiler_num='600' - elif test "$compiler_num" -ge '904'; then compiler_num='500' - elif test "$compiler_num" -ge '902'; then compiler_num='400' - elif test "$compiler_num" -ge '803'; then compiler_num='309' + if test "$compiler_num" -ge '1700'; then compiler_num='1901' + elif test "$compiler_num" -ge '1600'; then compiler_num='1700' + elif test "$compiler_num" -ge '1500'; then compiler_num='1600' + elif test "$compiler_num" -ge '1400'; then compiler_num='1400' + elif test "$compiler_num" -ge '1301'; then compiler_num='1300' + elif test "$compiler_num" -ge '1300'; then compiler_num='1200' + elif test "$compiler_num" -ge '1200'; then compiler_num='1000' + elif test "$compiler_num" -ge '1100'; then compiler_num='800' + elif test "$compiler_num" -ge '1000'; then compiler_num='600' + elif test "$compiler_num" -ge '901'; then compiler_num='500' + elif test "$compiler_num" -ge '900'; then compiler_num='400' + elif test "$compiler_num" -ge '801'; then compiler_num='309' elif test "$compiler_num" -ge '703'; then compiler_num='308' else compiler_num='307' fi @@ -827,9 +829,10 @@ AC_DEFUN([CURL_SET_COMPILER_WARNING_OPTS], [ CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [empty-body]) CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [missing-field-initializers]) CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [missing-noreturn]) + tmp_CFLAGS="$tmp_CFLAGS -Wno-switch-default" + tmp_CFLAGS="$tmp_CFLAGS -Wno-switch-enum" # Not used because this basically disallows default case CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [old-style-definition]) CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [redundant-decls]) - # CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [switch-enum]) # Not used because this basically disallows default case CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [type-limits]) # CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [unused-macros]) # Not practical # tmp_CFLAGS="$tmp_CFLAGS -Wno-error=unused-macros" @@ -845,15 +848,23 @@ AC_DEFUN([CURL_SET_COMPILER_WARNING_OPTS], [ dnl Only clang 2.9 or later if test "$compiler_num" -ge "209"; then tmp_CFLAGS="$tmp_CFLAGS -Wno-sign-conversion" + tmp_CFLAGS="$tmp_CFLAGS -Wno-padded" # Not used because we cannot change public structs CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [shift-sign-overflow]) - # CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [padded]) # Not used because we cannot change public structs fi # dnl Only clang 3.0 or later if test "$compiler_num" -ge "300"; then CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [cast-qual]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [conditional-uninitialized]) CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [language-extension-token]) tmp_CFLAGS="$tmp_CFLAGS -Wformat=2" + tmp_CFLAGS="$tmp_CFLAGS -Wno-used-but-marked-unused" # Triggered by typecheck-gcc.h (with clang 14+) + fi + dnl Only clang 3.1 or later + if test "$compiler_num" -ge "301"; then + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [format-non-iso]) + tmp_CFLAGS="$tmp_CFLAGS -Wno-covered-switch-default" # Annoying to fix or silence + tmp_CFLAGS="$tmp_CFLAGS -Wno-disabled-macro-expansion" # Triggered by typecheck-gcc.h (with clang 14+) fi # dnl Only clang 3.2 or later @@ -870,6 +881,10 @@ AC_DEFUN([CURL_SET_COMPILER_WARNING_OPTS], [ ;; esac fi + dnl Only clang 3.3 or later + if test "$compiler_num" -ge "303"; then + tmp_CFLAGS="$tmp_CFLAGS -Wno-documentation-unknown-command" + fi # dnl Only clang 3.4 or later if test "$compiler_num" -ge "304"; then @@ -907,6 +922,35 @@ AC_DEFUN([CURL_SET_COMPILER_WARNING_OPTS], [ tmp_CFLAGS="$tmp_CFLAGS -Wimplicit-fallthrough" # we have silencing markup for clang 10.0 and above only CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [xor-used-as-pow]) fi + dnl clang 13 or later + if test "$compiler_num" -ge "1300"; then + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [cast-function-type]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [reserved-identifier]) # Keep it before -Wno-reserved-macro-identifier + tmp_CFLAGS="$tmp_CFLAGS -Wno-reserved-macro-identifier" # Sometimes such external macros need to be set + fi + dnl clang 16 or later + if test "$compiler_num" -ge "1600"; then + tmp_CFLAGS="$tmp_CFLAGS -Wno-unsafe-buffer-usage" + fi + dnl clang 17 or later + if test "$compiler_num" -ge "1700"; then + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [cast-function-type-strict]) # with Apple clang it requires 16.0 or above + fi + dnl clang 20 or later + if test "$compiler_num" -ge "2000"; then + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [array-compare]) + fi + dnl clang 21 or later + if test "$compiler_num" -ge "2100"; then + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [c++-hidden-decl]) + tmp_CFLAGS="$tmp_CFLAGS -Wno-implicit-void-ptr-cast" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [tentative-definition-compat]) + if test "$curl_cv_native_windows" = "yes"; then + tmp_CFLAGS="$tmp_CFLAGS -Wno-c++-keyword" # `wchar_t` triggers it on Windows + else + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [c++-keyword]) + fi + fi fi ;; # @@ -1015,10 +1059,11 @@ AC_DEFUN([CURL_SET_COMPILER_WARNING_OPTS], [ ;; esac CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [unreachable-code unused-parameter]) - # CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [padded]) # Not used because we cannot change public structs + tmp_CFLAGS="$tmp_CFLAGS -Wno-padded" # Not used because we cannot change public structs + tmp_CFLAGS="$tmp_CFLAGS -Wno-switch-default" + tmp_CFLAGS="$tmp_CFLAGS -Wno-switch-enum" # Not used because this basically disallows default case CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [pragmas]) CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [redundant-decls]) - # CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [switch-enum]) # Not used because this basically disallows default case # CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [unused-macros]) # Not practical # tmp_CFLAGS="$tmp_CFLAGS -Wno-error=unused-macros" fi diff --git a/src/curlinfo.c b/src/curlinfo.c index d601904f3e..14eb2f88c3 100644 --- a/src/curlinfo.c +++ b/src/curlinfo.c @@ -236,18 +236,16 @@ static const char *disabled[]={ #else "OFF" #endif - , - NULL }; int main(int argc, char **argv) { - int i; + size_t i; (void)argc; (void)argv; - for(i = 0; disabled[i]; i++) + for(i = 0; i < CURL_ARRAYSIZE(disabled); i++) printf("%s\n", disabled[i]); return 0; diff --git a/src/tool_getparam.c b/src/tool_getparam.c index b8fec5f7ab..43d30778de 100644 --- a/src/tool_getparam.c +++ b/src/tool_getparam.c @@ -2109,7 +2109,6 @@ static ParameterError opt_bool(struct OperationConfig *config, break; case C_REMOTE_NAME: /* --remote-name */ return parse_remote_name(config, toggle); - break; case C_PROXYTUNNEL: /* --proxytunnel */ config->proxytunnel = toggle; break; @@ -2131,7 +2130,6 @@ static ParameterError opt_bool(struct OperationConfig *config, break; case C_VERBOSE: /* --verbose */ return parse_verbose(toggle); - break; case C_VERSION: /* --version */ if(toggle) /* --no-version yields no output! */ return PARAM_VERSION_INFO_REQUESTED; @@ -2801,7 +2799,6 @@ static ParameterError opt_string(struct OperationConfig *config, else global->parallel_host = (unsigned short)val; break; - break; case C_PARALLEL_MAX: /* --parallel-max */ err = str2unum(&val, nextarg); if(err) diff --git a/src/tool_operate.c b/src/tool_operate.c index 8ca3c14e8f..14eff06e06 100644 --- a/src/tool_operate.c +++ b/src/tool_operate.c @@ -1934,7 +1934,7 @@ static CURLcode serial_transfers(CURLSH *share) return result; } -static CURLcode is_using_schannel(int *using) +static CURLcode is_using_schannel(int *pusing) { CURLcode result = CURLE_OK; static int using_schannel = -1; /* -1 = not checked @@ -1958,7 +1958,7 @@ static CURLcode is_using_schannel(int *using) if(result) return result; } - *using = using_schannel; + *pusing = using_schannel; return result; } diff --git a/tests/libtest/lib1565.c b/tests/libtest/lib1565.c index 3fecdd84ce..1b218d37a7 100644 --- a/tests/libtest/lib1565.c +++ b/tests/libtest/lib1565.c @@ -95,7 +95,7 @@ static CURLcode test_lib1565(const char *URL) CURL *started_handles[CONN_NUM]; int started_num = 0; int finished_num = 0; - pthread_t tid; + pthread_t tid = 0; bool tid_valid = false; struct CURLMsg *message; diff --git a/tests/libtest/lib557.c b/tests/libtest/lib557.c index 9742272a44..f831c9bfc2 100644 --- a/tests/libtest/lib557.c +++ b/tests/libtest/lib557.c @@ -42,6 +42,10 @@ #if !defined(__clang__) && __GNUC__ >= 7 #pragma GCC diagnostic ignored "-Wformat-overflow" #endif +#if defined(__clang__) && \ + (__clang_major__ > 3 || (__clang_major__ == 3 && __clang_minor__ >= 1)) +#pragma clang diagnostic ignored "-Wformat-non-iso" +#endif #endif #define BUFSZ 256 @@ -1101,7 +1105,7 @@ static int test_curl_off_t_formatting(void) return failed; } -static int _string_check(int linenumber, char *buf, const char *buf2) +static int string_check_low(int linenumber, char *buf, const char *buf2) { if(strcmp(buf, buf2)) { /* they shouldn't differ */ @@ -1111,9 +1115,9 @@ static int _string_check(int linenumber, char *buf, const char *buf2) } return 0; } -#define string_check(x,y) _string_check(__LINE__, x, y) +#define string_check(x,y) string_check_low(__LINE__, x, y) -static int _strlen_check(int linenumber, char *buf, size_t len) +static int strlen_check_low(int linenumber, char *buf, size_t len) { size_t buflen = strlen(buf); if(len != buflen) { @@ -1124,8 +1128,7 @@ static int _strlen_check(int linenumber, char *buf, size_t len) } return 0; } - -#define strlen_check(x,y) _strlen_check(__LINE__, x, y) +#define strlen_check(x,y) strlen_check_low(__LINE__, x, y) /* * The output strings in this test need to have been verified with a system diff --git a/tests/unit/unit1398.c b/tests/unit/unit1398.c index fcdd3ec9bf..1b72bf1163 100644 --- a/tests/unit/unit1398.c +++ b/tests/unit/unit1398.c @@ -91,9 +91,18 @@ static CURLcode test_unit1398(const char *arg) fail_unless(rc == 15, "return code should be 15"); fail_unless(!strcmp(output, " 1234 567"), "wrong output"); +#if defined(__clang__) && \ + (__clang_major__ > 3 || (__clang_major__ == 3 && __clang_minor__ >= 1)) +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wformat-non-iso" +#endif /* double precision */ rc = curl_msnprintf(output, 24, "%2$.*1$.99d", 3, 5678); fail_unless(rc == 0, "return code should be 0"); +#if defined(__clang__) && \ + (__clang_major__ > 3 || (__clang_major__ == 3 && __clang_minor__ >= 1)) +#pragma clang diagnostic pop +#endif /* 129 input % flags */ rc = curl_msnprintf(output, 130, From 1429858bcea20a022ce7e21d0f6a9c826332b95e Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 19 Sep 2025 22:22:14 +0200 Subject: [PATCH 0091/2408] tidy-up: update MS links, allow long URLs via `checksrc` - update Microsoft documentation links. (also drop language designator where present.) - checksrc: allow longer than 78 character lines if they contain a https URL. To make these links easier to use and parse. - merge links that were split into two lines. Closes #18626 --- docs/CIPHERS.md | 6 +++--- docs/INSTALL.md | 6 +++--- docs/TODO | 4 ++-- lib/cf-socket.c | 2 +- lib/cf-socket.h | 2 +- lib/curlx/multibyte.c | 2 +- lib/select.h | 2 +- lib/vauth/ntlm_sspi.c | 3 +-- lib/vauth/spnego_sspi.c | 3 +-- lib/vtls/openssl.c | 6 ++---- lib/vtls/schannel.c | 13 ++++++------- lib/vtls/schannel_verify.c | 2 +- scripts/checksrc.pl | 2 +- src/tool_doswin.c | 7 +++---- tests/server/sockfilt.c | 4 ++-- tests/server/util.c | 11 ++++------- 16 files changed, 33 insertions(+), 42 deletions(-) diff --git a/docs/CIPHERS.md b/docs/CIPHERS.md index 8ce938d9c2..7d9a1edf47 100644 --- a/docs/CIPHERS.md +++ b/docs/CIPHERS.md @@ -163,11 +163,11 @@ for further information on that format. Schannel does not support setting individual TLS 1.2 cipher suites directly. It only allows the enabling and disabling of encryption algorithms. These are in the form of `CALG_xxx`, see the [Schannel `ALG_ID` -documentation](https://docs.microsoft.com/windows/desktop/SecCrypto/alg-id) +documentation](https://learn.microsoft.com/windows/win32/seccrypto/alg-id) for a list of these algorithms. Also, (since curl 7.77.0) `SCH_USE_STRONG_CRYPTO` can be given to pass that flag to Schannel, lookup the [documentation for the Windows version in -use](https://learn.microsoft.com/en-us/windows/win32/secauthn/cipher-suites-in-schannel) +use](https://learn.microsoft.com/windows/win32/secauthn/cipher-suites-in-schannel) to see how that affects the cipher suite selection. When not specifying the `--ciphers` and `--tls13-ciphers` options curl passes this flag by default. @@ -264,7 +264,7 @@ Restrict to only TLS 1.2 with the `CAMELLIA-128-GCM` cipher. - [OpenSSL cipher suite names documentation](https://docs.openssl.org/master/man1/openssl-ciphers/#cipher-suite-names) - [wolfSSL cipher support documentation](https://www.wolfssl.com/documentation/manuals/wolfssl/chapter04.html#cipher-support) - [mbedTLS cipher suites reference](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/ssl__ciphersuites_8h/) -- [Schannel cipher suites documentation](https://learn.microsoft.com/en-us/windows/win32/secauthn/cipher-suites-in-schannel) +- [Schannel cipher suites documentation](https://learn.microsoft.com/windows/win32/secauthn/cipher-suites-in-schannel) - [IANA cipher suites list](https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4) - [Wikipedia cipher suite article](https://en.wikipedia.org/wiki/Cipher_suite) - [GnuTLS Priority Strings](https://gnutls.org/manual/html_node/Priority-Strings.html) diff --git a/docs/INSTALL.md b/docs/INSTALL.md index ab20e9fde1..3972d24239 100644 --- a/docs/INSTALL.md +++ b/docs/INSTALL.md @@ -193,9 +193,9 @@ You can build curl with: KB140584 is a must for any Windows developer. Especially important is full understanding if you are not going to follow the advice given above. - - [How To Use the C Runtime](https://support.microsoft.com/help/94248/how-to-use-the-c-run-time) - - [Runtime Library Compiler Options](https://docs.microsoft.com/cpp/build/reference/md-mt-ld-use-run-time-library) - - [Potential Errors Passing CRT Objects Across DLL Boundaries](https://docs.microsoft.com/cpp/c-runtime-library/potential-errors-passing-crt-objects-across-dll-boundaries) + - [How To Use the C Runtime](https://learn.microsoft.com/troubleshoot/developer/visualstudio/cpp/libraries/use-c-run-time) + - [Runtime Library Compiler Options](https://learn.microsoft.com/cpp/build/reference/md-mt-ld-use-run-time-library) + - [Potential Errors Passing CRT Objects Across DLL Boundaries](https://learn.microsoft.com/cpp/c-runtime-library/potential-errors-passing-crt-objects-across-dll-boundaries) If your app is misbehaving in some strange way, or it is suffering from memory corruption, before asking for further help, please try first to rebuild every diff --git a/docs/TODO b/docs/TODO index 6075577f31..d7416f9c8e 100644 --- a/docs/TODO +++ b/docs/TODO @@ -860,14 +860,14 @@ The existing support for the -E/--cert and --key options could be extended by supplying a custom certificate and key in PEM format, see: - Getting a Certificate for Schannel - https://msdn.microsoft.com/en-us/library/windows/desktop/aa375447.aspx + https://learn.microsoft.com/windows/win32/secauthn/getting-a-certificate-for-schannel 15.2 Extend support for the --ciphers option The existing support for the --ciphers option could be extended by mapping the OpenSSL/GnuTLS cipher suites to the Schannel APIs, see - Specifying Schannel Ciphers and Cipher Strengths - https://msdn.microsoft.com/en-us/library/windows/desktop/aa380161.aspx + https://learn.microsoft.com/windows/win32/secauthn/specifying-schannel-ciphers-and-cipher-strengths 15.4 Add option to allow abrupt server closure diff --git a/lib/cf-socket.c b/lib/cf-socket.c index 308325ccdc..d7463345ad 100644 --- a/lib/cf-socket.c +++ b/lib/cf-socket.c @@ -453,7 +453,7 @@ int Curl_socket_close(struct Curl_easy *data, struct connectdata *conn, /* When you run a program that uses the Windows Sockets API, you may experience slow performance when you copy data to a TCP server. - https://support.microsoft.com/kb/823764 + https://learn.microsoft.com/troubleshoot/windows-server/networking/slow-performance-copy-data-tcp-server-sockets-api Work-around: Make the Socket Send Buffer Size Larger Than the Program Send Buffer Size diff --git a/lib/cf-socket.h b/lib/cf-socket.h index 88c08fe7c0..083202fad9 100644 --- a/lib/cf-socket.h +++ b/lib/cf-socket.h @@ -80,7 +80,7 @@ int Curl_socket_close(struct Curl_easy *data, struct connectdata *conn, /* When you run a program that uses the Windows Sockets API, you may experience slow performance when you copy data to a TCP server. - https://support.microsoft.com/kb/823764 + https://learn.microsoft.com/troubleshoot/windows-server/networking/slow-performance-copy-data-tcp-server-sockets-api Work-around: Make the Socket Send Buffer Size Larger Than the Program Send Buffer Size diff --git a/lib/curlx/multibyte.c b/lib/curlx/multibyte.c index 30380275cc..1c81a71ec5 100644 --- a/lib/curlx/multibyte.c +++ b/lib/curlx/multibyte.c @@ -170,7 +170,7 @@ static bool fix_excessive_path(const TCHAR *in, TCHAR **out) * \\?\c:\longpath ---> \\?\c:\longpath (unchanged) * \\server\c$\longpath ---> \\?\UNC\server\c$\longpath * - * https://learn.microsoft.com/en-us/dotnet/standard/io/file-path-formats + * https://learn.microsoft.com/dotnet/standard/io/file-path-formats */ if(!wcsncmp(fbuf, L"\\\\?\\", 4)) ; /* do nothing */ diff --git a/lib/select.h b/lib/select.h index 47cdd31267..a23921ceb9 100644 --- a/lib/select.h +++ b/lib/select.h @@ -85,7 +85,7 @@ int Curl_poll(struct pollfd ufds[], unsigned int nfds, timediff_t timeout_ms); /* With Winsock the valid range is [0..INVALID_SOCKET-1] according to - https://docs.microsoft.com/en-us/windows/win32/winsock/socket-data-type-2 + https://learn.microsoft.com/windows/win32/winsock/socket-data-type-2 */ #ifdef USE_WINSOCK #define VALID_SOCK(s) ((s) < INVALID_SOCKET) diff --git a/lib/vauth/ntlm_sspi.c b/lib/vauth/ntlm_sspi.c index 9127a9bb27..dff5fe8747 100644 --- a/lib/vauth/ntlm_sspi.c +++ b/lib/vauth/ntlm_sspi.c @@ -275,8 +275,7 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data, * we have to pass a second SecBuffer to the SecBufferDesc * otherwise IIS will not pass the authentication (401 response). * Minimum supported version is Windows 7. - * https://docs.microsoft.com/en-us/security-updates - * /SecurityAdvisories/2009/973811 + * https://learn.microsoft.com/security-updates/SecurityAdvisories/2009/973811 */ if(ntlm->sslContext) { SEC_CHANNEL_BINDINGS channelBindings; diff --git a/lib/vauth/spnego_sspi.c b/lib/vauth/spnego_sspi.c index f21c66796f..ae44523d32 100644 --- a/lib/vauth/spnego_sspi.c +++ b/lib/vauth/spnego_sspi.c @@ -210,8 +210,7 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data, * we have to pass a second SecBuffer to the SecBufferDesc * otherwise IIS will not pass the authentication (401 response). * Minimum supported version is Windows 7. - * https://docs.microsoft.com/en-us/security-updates - * /SecurityAdvisories/2009/973811 + * https://learn.microsoft.com/security-updates/SecurityAdvisories/2009/973811 */ if(nego->sslContext) { SEC_CHANNEL_BINDINGS channelBindings; diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 66084a27c3..49bc02230b 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -3462,8 +3462,7 @@ static CURLcode ossl_populate_x509_store(struct Curl_cfilter *cf, problems with server-sent legacy intermediates. Newer versions of OpenSSL do alternate chain checking by default but we do not know how to determine that in a reliable manner. - https://web.archive.org/web/20190422050538/ - rt.openssl.org/Ticket/Display.html?id=3621 + https://web.archive.org/web/20190422050538/rt.openssl.org/Ticket/Display.html?id=3621 */ X509_STORE_set_flags(store, X509_V_FLAG_TRUSTED_FIRST); if(!ssl_config->no_partialchain && !ssl_crlfile) { @@ -4733,8 +4732,7 @@ static CURLcode ossl_pkp_pin_peer_pubkey(struct Curl_easy *data, X509* cert, /* Begin Gyrations to get the subjectPublicKeyInfo */ /* Thanks to Viktor Dukhovni on the OpenSSL mailing list */ - /* https://groups.google.com/group/mailing.openssl.users/browse_thread - /thread/d61858dae102c6c7 */ + /* https://groups.google.com/group/mailing.openssl.users/browse_thread/thread/d61858dae102c6c7 */ len1 = i2d_X509_PUBKEY(X509_get_X509_PUBKEY(cert), NULL); if(len1 < 1) break; /* failed */ diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index 0cc34b1389..b511c43277 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -139,7 +139,7 @@ /* ALPN requires version 8.1 of the Windows SDK, which was shipped with Visual Studio 2013, aka _MSC_VER 1800: - https://technet.microsoft.com/en-us/library/hh831771%28v=ws.11%29.aspx + https://learn.microsoft.com/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh831771 Or mingw-w64 9.0 or upper. */ #if (defined(__MINGW64_VERSION_MAJOR) && __MINGW64_VERSION_MAJOR >= 9) || \ @@ -585,8 +585,7 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf, if(fInCert || blob) { /* Reading a .P12 or .pfx file, like the example at bottom of - https://social.msdn.microsoft.com/Forums/windowsdesktop/ - en-US/3e7bc95f-b21a-4bcd-bd2c-7f996718cae5 + https://learn.microsoft.com/archive/msdn-technet-forums/3e7bc95f-b21a-4bcd-bd2c-7f996718cae5 */ CRYPT_DATA_BLOB datablob; WCHAR* pszPassword; @@ -1039,7 +1038,7 @@ schannel_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data) } /* Schannel InitializeSecurityContext: - https://msdn.microsoft.com/en-us/library/windows/desktop/aa375924.aspx + https://learn.microsoft.com/windows/win32/api/rrascfg/nn-rrascfg-ieapproviderconfig At the moment we do not pass inbuf unless we are using ALPN since we only use it for that, and WINE (for which we currently disable ALPN) is giving @@ -1945,7 +1944,7 @@ schannel_send(struct Curl_cfilter *cf, struct Curl_easy *data, /* copy data into output buffer */ memcpy(outbuf[1].pvBuffer, buf, len); - /* https://msdn.microsoft.com/en-us/library/windows/desktop/aa375390.aspx */ + /* https://learn.microsoft.com/windows/win32/api/sspi/nf-sspi-encryptmessage */ sspi_status = Curl_pSecFn->EncryptMessage(&backend->ctxt->ctxt_handle, 0, &outbuf_desc, 0); @@ -2164,7 +2163,7 @@ schannel_recv(struct Curl_cfilter *cf, struct Curl_easy *data, InitSecBuffer(&inbuf[3], SECBUFFER_EMPTY, NULL, 0); InitSecBufferDesc(&inbuf_desc, inbuf, 4); - /* https://msdn.microsoft.com/en-us/library/windows/desktop/aa375348.aspx + /* https://learn.microsoft.com/windows/win32/api/sspi/nf-sspi-decryptmessage */ sspi_status = Curl_pSecFn->DecryptMessage(&backend->ctxt->ctxt_handle, &inbuf_desc, 0, NULL); @@ -2373,7 +2372,7 @@ static CURLcode schannel_shutdown(struct Curl_cfilter *cf, struct Curl_easy *data, bool send_shutdown, bool *done) { - /* See https://msdn.microsoft.com/en-us/library/windows/desktop/aa380138.aspx + /* See https://learn.microsoft.com/windows/win32/secauthn/shutting-down-an-schannel-connection * Shutting Down an Schannel Connection */ struct ssl_connect_data *connssl = cf->ctx; diff --git a/lib/vtls/schannel_verify.c b/lib/vtls/schannel_verify.c index 17e4270763..b19e1757d4 100644 --- a/lib/vtls/schannel_verify.c +++ b/lib/vtls/schannel_verify.c @@ -552,7 +552,7 @@ CURLcode Curl_verify_host(struct Curl_cfilter *cf, * Right now we are only asking for the first preferred alternative name. * Instead we would need to do all via CERT_NAME_SEARCH_ALL_NAMES_FLAG * (If Windows CE supports that?) and run this section in a loop for each. - * https://msdn.microsoft.com/en-us/library/windows/desktop/aa376086.aspx + * https://learn.microsoft.com/windows/win32/api/wincrypt/nf-wincrypt-certgetnamestringa * curl: (51) schannel: CertGetNameString() certificate hostname * (.google.com) did not match connection (google.com) */ diff --git a/scripts/checksrc.pl b/scripts/checksrc.pl index c52b8258d7..28ad6315ba 100755 --- a/scripts/checksrc.pl +++ b/scripts/checksrc.pl @@ -516,7 +516,7 @@ sub scanfile { } # detect long lines - if(length($l) > $max_column) { + if(length($l) > $max_column && $l !~ / https:\/\//) { checkwarn("LONGLINE", $line, length($l), $file, $l, "Longer than $max_column columns"); } diff --git a/src/tool_doswin.c b/src/tool_doswin.c index c0dcfed04e..bfe013d8e5 100644 --- a/src/tool_doswin.c +++ b/src/tool_doswin.c @@ -84,7 +84,7 @@ f:\foo:bar => f:\foo:bar (flag SANITIZE_ALLOW_PATH) This function was implemented according to the guidelines in 'Naming Files, Paths, and Namespaces' section 'Naming Conventions'. -https://msdn.microsoft.com/en-us/library/windows/desktop/aa365247.aspx +https://learn.microsoft.com/windows/win32/fileio/naming-a-file Flags ----- @@ -473,9 +473,8 @@ static SANITIZEcode rename_if_reserved_dos(char **const sanitized, /* Rename reserved device names that are known to be accessible without \\.\ Examples: CON => _CON, CON.EXT => CON_EXT, CON:ADS => CON_ADS - https://web.archive.org/web/20160314141551/ - support.microsoft.com/en-us/kb/74496 - https://msdn.microsoft.com/en-us/library/windows/desktop/aa365247.aspx + https://web.archive.org/web/20160314141551/support.microsoft.com/en-us/kb/74496 + https://learn.microsoft.com/windows/win32/fileio/naming-a-file */ for(p = fname; p; p = (p == fname && fname != base ? base : NULL)) { size_t p_len; diff --git a/tests/server/sockfilt.c b/tests/server/sockfilt.c index 2785b75134..a52efe0a1b 100644 --- a/tests/server/sockfilt.c +++ b/tests/server/sockfilt.c @@ -404,8 +404,8 @@ static bool read_data_block(unsigned char *buffer, ssize_t maxlen, * other handle types supported by WaitForMultipleObjectsEx() as * well as disk files, anonymous and names pipes, and character input. * - * https://msdn.microsoft.com/en-us/library/windows/desktop/ms687028.aspx - * https://msdn.microsoft.com/en-us/library/windows/desktop/ms741572.aspx + * https://learn.microsoft.com/windows/win32/api/synchapi/nf-synchapi-waitformultipleobjectsex + * https://learn.microsoft.com/windows/win32/api/winsock2/nf-winsock2-wsaenumnetworkevents */ struct select_ws_wait_data { HANDLE handle; /* actual handle to wait for during select */ diff --git a/tests/server/util.c b/tests/server/util.c index 02f91083e4..052effa895 100644 --- a/tests/server/util.c +++ b/tests/server/util.c @@ -229,12 +229,9 @@ curl_off_t our_getpid(void) curl_off_t pid = (curl_off_t)t_getpid(); #ifdef _WIN32 /* store pid + MAX_PID to avoid conflict with Cygwin/msys PIDs, see also: - * - 2019-01-31: https://cygwin.com/git/?p=newlib-cygwin.git;a=commit; - * h=b5e1003722cb14235c4f166be72c09acdffc62ea - * - 2019-02-02: https://cygwin.com/git/?p=newlib-cygwin.git;a=commit; - * h=448cf5aa4b429d5a9cebf92a0da4ab4b5b6d23fe - * - 2024-12-19: https://cygwin.com/git/?p=newlib-cygwin.git;a=commit; - * h=363357c023ce01e936bdaedf0f479292a8fa4e0f + * - 2019-01-31: https://cygwin.com/git/?p=newlib-cygwin.git;a=commit;h=b5e1003722cb14235c4f166be72c09acdffc62ea + * - 2019-02-02: https://cygwin.com/git/?p=newlib-cygwin.git;a=commit;h=448cf5aa4b429d5a9cebf92a0da4ab4b5b6d23fe + * - 2024-12-19: https://cygwin.com/git/?p=newlib-cygwin.git;a=commit;h=363357c023ce01e936bdaedf0f479292a8fa4e0f */ pid += 4194304; #endif @@ -422,7 +419,7 @@ static void exit_signal_handler(int signum) * They are included for ANSI compatibility. Therefore, you can set * signal handlers for these signals by using signal, and you can also * explicitly generate these signals by calling raise. Source: - * https://docs.microsoft.com/en-us/cpp/c-runtime-library/reference/signal + * https://learn.microsoft.com/cpp/c-runtime-library/reference/signal */ static BOOL WINAPI ctrl_event_handler(DWORD dwCtrlType) { From 7a26304a95baecc32405099c0628f0a76a700a20 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 20 Sep 2025 11:11:35 +0200 Subject: [PATCH 0092/2408] curl_slist_append.md: clarify that a NULL pointer is not acceptable Closes #18627 --- docs/libcurl/curl_slist_append.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/docs/libcurl/curl_slist_append.md b/docs/libcurl/curl_slist_append.md index 75c6a57afd..b2766f728d 100644 --- a/docs/libcurl/curl_slist_append.md +++ b/docs/libcurl/curl_slist_append.md @@ -28,9 +28,10 @@ struct curl_slist *curl_slist_append(struct curl_slist *list, curl_slist_append(3) appends a string to a linked list of strings. The existing **list** should be passed as the first argument and the new list is -returned from this function. Pass in NULL in the **list** argument to create -a new list. The specified **string** has been appended when this function -returns. curl_slist_append(3) copies the string. +returned from this function. Pass in NULL in the **list** argument to create a +new list. The specified **string** has been appended when this function +returns. curl_slist_append(3) copies the string. The **string** argument must +be a valid string pointer and cannot be NULL. The list should be freed again (after usage) with curl_slist_free_all(3). From 335d16e944c86a0f7d9c52e3932e1f0ccca39feb Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 20 Sep 2025 11:25:38 +0200 Subject: [PATCH 0093/2408] libssh: error on bad chgrp number To avoid it continuing with a zero gid. Reported in Joshua's sarif data Closes #18629 --- lib/vssh/libssh.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c index 2554468c4b..be8336ad0a 100644 --- a/lib/vssh/libssh.c +++ b/lib/vssh/libssh.c @@ -1808,10 +1808,7 @@ static int myssh_in_SFTP_QUOTE_STAT(struct Curl_easy *data, if(!strncmp(cmd, "chgrp", 5)) { const char *p = sshc->quote_path1; curl_off_t gid; - (void)curlx_str_number(&p, &gid, UINT_MAX); - sshc->quote_attrs->gid = (uint32_t)gid; - if(sshc->quote_attrs->gid == 0 && !ISDIGIT(sshc->quote_path1[0]) && - !sshc->acceptfail) { + if(curlx_str_number(&p, &gid, UINT_MAX)) { Curl_safefree(sshc->quote_path1); Curl_safefree(sshc->quote_path2); failf(data, "Syntax error: chgrp gid not a number"); @@ -1820,6 +1817,7 @@ static int myssh_in_SFTP_QUOTE_STAT(struct Curl_easy *data, sshc->actualcode = CURLE_QUOTE_ERROR; return SSH_NO_ERROR; } + sshc->quote_attrs->gid = (uint32_t)gid; sshc->quote_attrs->flags |= SSH_FILEXFER_ATTR_UIDGID; } else if(!strncmp(cmd, "chmod", 5)) { From 0209e087c6989d7b6df49d3e090414eeccdda8ef Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 20 Sep 2025 11:31:54 +0200 Subject: [PATCH 0094/2408] tool_cb_hdr: size is always 1 - add comment in the header that the argument 'size' is always 1, as guaranteed by the libcurl API - then fix the call to fwrite() to avoid using "size, etag_length" which would be wrong if size was something else than 1, and use a fixed number there instead. Reported in Joshua's sarif data Closes #18630 --- src/tool_cb_hdr.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/tool_cb_hdr.c b/src/tool_cb_hdr.c index 3bb3c12dc8..7781e4dc3c 100644 --- a/src/tool_cb_hdr.c +++ b/src/tool_cb_hdr.c @@ -81,6 +81,8 @@ fail: /* ** callback for CURLOPT_HEADERFUNCTION +* +* 'size' is always 1 */ size_t tool_header_cb(char *ptr, size_t size, size_t nmemb, void *userdata) { @@ -164,7 +166,7 @@ size_t tool_header_cb(char *ptr, size_t size, size_t nmemb, void *userdata) } #endif - fwrite(etag_h, size, etag_length, etag_save->stream); + fwrite(etag_h, 1, etag_length, etag_save->stream); /* terminate with newline */ fputc('\n', etag_save->stream); (void)fflush(etag_save->stream); From 2fe95cb0e320db0c6034d154ab175002d23b936d Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 20 Sep 2025 11:17:48 +0200 Subject: [PATCH 0095/2408] rustls: typecast variable for safer trace output This is a variadic function call with a mismatched argument type; on platforms where uintptr_t and size_t differ, this invokes undefined behavior. Reported in Joshua's sarif data Closes #18628 --- lib/vtls/rustls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c index 905d4f8a99..e5d85aa38f 100644 --- a/lib/vtls/rustls.c +++ b/lib/vtls/rustls.c @@ -121,7 +121,7 @@ read_cb(void *userdata, uint8_t *buf, uintptr_t len, uintptr_t *out_n) connssl->peer_closed = TRUE; *out_n = (uintptr_t)nread; CURL_TRC_CF(io_ctx->data, io_ctx->cf, "cf->next recv(len=%zu) -> %d, %zu", - len, result, nread); + (size_t)len, result, nread); return ret; } From bf7375ecc50e857760b0d0a668c436e208a400bd Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 9 Sep 2025 15:29:12 +0200 Subject: [PATCH 0096/2408] build: avoid overriding system symbols for socket functions Before this patch `accept4()`, `socket()`, `socketpair()`, `send()` and `recv()` system symbols were remapped via macros, using the same name, to local curl debug wrappers. This patch replaces these overrides by introducing curl-namespaced macros that map either to the system symbols or to their curl debug wrappers in `CURLDEBUG` (TrackMemory) builds. This follows a patch that implemented the same for `accept()`. The old method required tricks to make these redefines work in unity builds, and avoid them interfering with system headers. These tricks did not work for system symbols implemented as macros. The new method allows to setup these mappings once, without interfering with system headers, upstream macros, or unity builds. It makes builds more robust. Also: - checksrc: ban all mapped functions. - docs/examples: tidy up checksrc rules. Follow-up to 9863599d69b79d290928a89bf9160f4e4e023d4e #18502 Follow-up to 3bb5e58c105d7be450b667858d1b8e7ae3ded555 #17827 Closes #18503 --- REUSE.toml | 1 + docs/examples/.checksrc | 3 +++ docs/examples/Makefile.am | 2 +- docs/examples/http2-upload.c | 1 - docs/examples/synctime.c | 2 -- lib/cf-socket.c | 6 +++--- lib/curl_addrinfo.c | 4 ++++ lib/curl_mem_undef.h | 11 ----------- lib/curl_setup.h | 24 ++++++++++++++++++++++-- lib/hostip.c | 2 +- lib/if2ip.c | 2 +- lib/memdebug.c | 16 +++++++++++----- lib/memdebug.h | 18 ------------------ lib/multi.c | 2 +- lib/socketpair.c | 6 +++--- lib/vquic/vquic.c | 4 ++-- packages/OS400/os400sys.c | 1 + scripts/checksrc.pl | 8 ++++++++ src/tool_cb_rea.c | 2 +- src/tool_cb_soc.c | 2 +- src/tool_doswin.c | 4 ++-- tests/libtest/lib1960.c | 2 +- tests/libtest/lib500.c | 2 +- tests/server/.checksrc | 6 ++++++ 24 files changed, 74 insertions(+), 57 deletions(-) create mode 100644 docs/examples/.checksrc diff --git a/REUSE.toml b/REUSE.toml index 81c214863f..6e8a272e79 100644 --- a/REUSE.toml +++ b/REUSE.toml @@ -40,6 +40,7 @@ path = [ "tests/data/test**", "tests/valgrind.supp", # checksrc control files + "docs/examples/.checksrc", "lib/.checksrc", "lib/curlx/.checksrc", "lib/vauth/.checksrc", diff --git a/docs/examples/.checksrc b/docs/examples/.checksrc new file mode 100644 index 0000000000..0b626e6570 --- /dev/null +++ b/docs/examples/.checksrc @@ -0,0 +1,3 @@ +allowfunc gmtime +allowfunc localtime +allowfunc socket diff --git a/docs/examples/Makefile.am b/docs/examples/Makefile.am index 27d4ce741b..89ebcc9840 100644 --- a/docs/examples/Makefile.am +++ b/docs/examples/Makefile.am @@ -24,7 +24,7 @@ AUTOMAKE_OPTIONS = foreign nostdinc -EXTRA_DIST = CMakeLists.txt README.md Makefile.example $(COMPLICATED_EXAMPLES) +EXTRA_DIST = CMakeLists.txt .checksrc README.md Makefile.example $(COMPLICATED_EXAMPLES) # Specify our include paths here, and do it relative to $(top_srcdir) and # $(top_builddir), to ensure that these paths which belong to the library diff --git a/docs/examples/http2-upload.c b/docs/examples/http2-upload.c index 128a4b0bed..d13c5e5806 100644 --- a/docs/examples/http2-upload.c +++ b/docs/examples/http2-upload.c @@ -161,7 +161,6 @@ int my_trace(CURL *handle, curl_infotype type, known_offset = 1; } secs = epoch_offset + tv.tv_sec; - /* !checksrc! disable BANNEDFUNC 1 */ now = localtime(&secs); /* not thread safe but we do not care */ curl_msnprintf(timebuf, sizeof(timebuf), "%02d:%02d:%02d.%06ld", now->tm_hour, now->tm_min, now->tm_sec, (long)tv.tv_usec); diff --git a/docs/examples/synctime.c b/docs/examples/synctime.c index ba5f09cb07..8d7af7c8c4 100644 --- a/docs/examples/synctime.c +++ b/docs/examples/synctime.c @@ -298,10 +298,8 @@ int main(int argc, char *argv[]) /* Calculating time diff between GMT and localtime */ tt = time(0); - /* !checksrc! disable BANNEDFUNC 1 */ lt = localtime(&tt); tt_local = mktime(lt); - /* !checksrc! disable BANNEDFUNC 1 */ gmt = gmtime(&tt); tt_gmt = mktime(gmt); tzonediffFloat = difftime(tt_local, tt_gmt); diff --git a/lib/cf-socket.c b/lib/cf-socket.c index d7463345ad..365ddb62a1 100644 --- a/lib/cf-socket.c +++ b/lib/cf-socket.c @@ -369,7 +369,7 @@ static CURLcode socket_open(struct Curl_easy *data, } else { /* opensocket callback not set, so simply create the socket now */ - *sockfd = socket(addr->family, addr->socktype, addr->protocol); + *sockfd = CURL_SOCKET(addr->family, addr->socktype, addr->protocol); } if(*sockfd == CURL_SOCKET_BAD) @@ -2113,8 +2113,8 @@ static CURLcode cf_tcp_accept_connect(struct Curl_cfilter *cf, if(!getsockname(ctx->sock, (struct sockaddr *) &add, &size)) { size = sizeof(add); #ifdef HAVE_ACCEPT4 - s_accepted = accept4(ctx->sock, (struct sockaddr *) &add, &size, - SOCK_NONBLOCK | SOCK_CLOEXEC); + s_accepted = CURL_ACCEPT4(ctx->sock, (struct sockaddr *) &add, &size, + SOCK_NONBLOCK | SOCK_CLOEXEC); #else s_accepted = CURL_ACCEPT(ctx->sock, (struct sockaddr *) &add, &size); #endif diff --git a/lib/curl_addrinfo.c b/lib/curl_addrinfo.c index 22212ac86f..c4ad71a02e 100644 --- a/lib/curl_addrinfo.c +++ b/lib/curl_addrinfo.c @@ -507,9 +507,11 @@ curl_dbg_freeaddrinfo(struct addrinfo *freethis, if(env) r_freeaddrinfo(freethis); else + /* !checksrc! disable BANNEDFUNC 1 */ freeaddrinfo(freethis); } #else + /* !checksrc! disable BANNEDFUNC 1 */ freeaddrinfo(freethis); #endif } @@ -540,8 +542,10 @@ curl_dbg_getaddrinfo(const char *hostname, if(env) res = r_getaddrinfo(hostname, service, hints, result); else + /* !checksrc! disable BANNEDFUNC 1 */ res = getaddrinfo(hostname, service, hints, result); #else + /* !checksrc! disable BANNEDFUNC 1 */ int res = getaddrinfo(hostname, service, hints, result); #endif if(res == 0) diff --git a/lib/curl_mem_undef.h b/lib/curl_mem_undef.h index f3cca294e9..a70a9fcf53 100644 --- a/lib/curl_mem_undef.h +++ b/lib/curl_mem_undef.h @@ -35,17 +35,6 @@ #ifdef CURLDEBUG -#undef send -#undef recv - -#undef socket -#ifdef HAVE_ACCEPT4 -#undef accept4 -#endif -#ifdef HAVE_SOCKETPAIR -#undef socketpair -#endif - #undef fopen #ifdef CURL_FOPEN #define fopen(fname, mode) CURL_FOPEN(fname, mode) diff --git a/lib/curl_setup.h b/lib/curl_setup.h index 93cbb57056..e49c57231d 100644 --- a/lib/curl_setup.h +++ b/lib/curl_setup.h @@ -1083,9 +1083,21 @@ CURL_EXTERN ALLOC_FUNC curl_dbg_getaddrinfo(host, serv, hint, res, __LINE__, __FILE__) #define CURL_FREEADDRINFO(data) \ curl_dbg_freeaddrinfo(data, __LINE__, __FILE__) - +#define CURL_SOCKET(domain,type,protocol) \ + curl_dbg_socket((int)domain, type, protocol, __LINE__, __FILE__) +#ifdef HAVE_SOCKETPAIR +#define CURL_SOCKETPAIR(domain,type,protocol,socket_vector) \ + curl_dbg_socketpair((int)domain, type, protocol, socket_vector, \ + __LINE__, __FILE__) +#endif #define CURL_ACCEPT(sock,addr,len) \ curl_dbg_accept(sock, addr, len, __LINE__, __FILE__) +#ifdef HAVE_ACCEPT4 +#define CURL_ACCEPT4(sock,addr,len,flags) \ + curl_dbg_accept4(sock, addr, len, flags, __LINE__, __FILE__) +#endif +#define CURL_SEND(a,b,c,d) curl_dbg_send(a,b,c,d, __LINE__, __FILE__) +#define CURL_RECV(a,b,c,d) curl_dbg_recv(a,b,c,d, __LINE__, __FILE__) #else /* !CURLDEBUG */ @@ -1094,8 +1106,16 @@ CURL_EXTERN ALLOC_FUNC #define CURL_GETADDRINFO getaddrinfo #define CURL_FREEADDRINFO freeaddrinfo - +#define CURL_SOCKET socket +#ifdef HAVE_SOCKETPAIR +#define CURL_SOCKETPAIR socketpair +#endif #define CURL_ACCEPT accept +#ifdef HAVE_ACCEPT4 +#define CURL_ACCEPT4 accept4 +#endif +#define CURL_SEND send +#define CURL_RECV recv #endif /* CURLDEBUG */ diff --git a/lib/hostip.c b/lib/hostip.c index b6be2ca1f2..fd8f706e7f 100644 --- a/lib/hostip.c +++ b/lib/hostip.c @@ -709,7 +709,7 @@ bool Curl_ipv6works(struct Curl_easy *data) else { int ipv6_works = -1; /* probe to see if we have a working IPv6 stack */ - curl_socket_t s = socket(PF_INET6, SOCK_DGRAM, 0); + curl_socket_t s = CURL_SOCKET(PF_INET6, SOCK_DGRAM, 0); if(s == CURL_SOCKET_BAD) /* an IPv6 address was requested but we cannot get/use one */ ipv6_works = 0; diff --git a/lib/if2ip.c b/lib/if2ip.c index 91ee59c02a..e501921d06 100644 --- a/lib/if2ip.c +++ b/lib/if2ip.c @@ -208,7 +208,7 @@ if2ip_result_t Curl_if2ip(int af, if(len >= sizeof(req.ifr_name)) return IF2IP_NOT_FOUND; - dummy = socket(AF_INET, SOCK_STREAM, 0); + dummy = CURL_SOCKET(AF_INET, SOCK_STREAM, 0); if(CURL_SOCKET_BAD == dummy) return IF2IP_NOT_FOUND; diff --git a/lib/memdebug.c b/lib/memdebug.c index 0d8d39603c..cffd4b2cf6 100644 --- a/lib/memdebug.c +++ b/lib/memdebug.c @@ -311,7 +311,8 @@ curl_socket_t curl_dbg_socket(int domain, int type, int protocol, if(countcheck("socket", line, source)) return CURL_SOCKET_BAD; - sockfd = (socket)(domain, type, protocol); + /* !checksrc! disable BANNEDFUNC 1 */ + sockfd = socket(domain, type, protocol); if(source && (sockfd != CURL_SOCKET_BAD)) curl_dbg_log("FD %s:%d socket() = %" FMT_SOCKET_T "\n", @@ -328,7 +329,8 @@ SEND_TYPE_RETV curl_dbg_send(SEND_TYPE_ARG1 sockfd, SEND_TYPE_RETV rc; if(countcheck("send", line, source)) return -1; - rc = (send)(sockfd, buf, len, flags); + /* !checksrc! disable BANNEDFUNC 1 */ + rc = send(sockfd, buf, len, flags); if(source) curl_dbg_log("SEND %s:%d send(%lu) = %ld\n", source, line, (unsigned long)len, (long)rc); @@ -342,7 +344,8 @@ RECV_TYPE_RETV curl_dbg_recv(RECV_TYPE_ARG1 sockfd, RECV_TYPE_ARG2 buf, RECV_TYPE_RETV rc; if(countcheck("recv", line, source)) return -1; - rc = (recv)(sockfd, buf, len, flags); + /* !checksrc! disable BANNEDFUNC 1 */ + rc = recv(sockfd, buf, len, flags); if(source) curl_dbg_log("RECV %s:%d recv(%lu) = %ld\n", source, line, (unsigned long)len, (long)rc); @@ -354,7 +357,8 @@ int curl_dbg_socketpair(int domain, int type, int protocol, curl_socket_t socket_vector[2], int line, const char *source) { - int res = (socketpair)(domain, type, protocol, socket_vector); + /* !checksrc! disable BANNEDFUNC 1 */ + int res = socketpair(domain, type, protocol, socket_vector); if(source && (res == 0)) curl_dbg_log("FD %s:%d socketpair() = " @@ -371,6 +375,7 @@ curl_socket_t curl_dbg_accept(curl_socket_t s, void *saddr, void *saddrlen, struct sockaddr *addr = (struct sockaddr *)saddr; curl_socklen_t *addrlen = (curl_socklen_t *)saddrlen; + /* !checksrc! disable BANNEDFUNC 1 */ curl_socket_t sockfd = accept(s, addr, addrlen); if(source && (sockfd != CURL_SOCKET_BAD)) @@ -388,7 +393,8 @@ curl_socket_t curl_dbg_accept4(curl_socket_t s, void *saddr, void *saddrlen, struct sockaddr *addr = (struct sockaddr *)saddr; curl_socklen_t *addrlen = (curl_socklen_t *)saddrlen; - curl_socket_t sockfd = (accept4)(s, addr, addrlen, flags); + /* !checksrc! disable BANNEDFUNC 1 */ + curl_socket_t sockfd = accept4(s, addr, addrlen, flags); if(source && (sockfd != CURL_SOCKET_BAD)) curl_dbg_log("FD %s:%d accept() = %" FMT_SOCKET_T "\n", diff --git a/lib/memdebug.h b/lib/memdebug.h index eabdd9c258..96ceb61759 100644 --- a/lib/memdebug.h +++ b/lib/memdebug.h @@ -42,10 +42,6 @@ #define realloc(ptr,size) curl_dbg_realloc(ptr, size, __LINE__, __FILE__) #undef free #define free(ptr) curl_dbg_free(ptr, __LINE__, __FILE__) -#undef send -#define send(a,b,c,d) curl_dbg_send(a,b,c,d, __LINE__, __FILE__) -#undef recv -#define recv(a,b,c,d) curl_dbg_recv(a,b,c,d, __LINE__, __FILE__) #ifdef _WIN32 #undef Curl_tcsdup @@ -56,20 +52,6 @@ #endif #endif /* _WIN32 */ -#undef socket -#define socket(domain,type,protocol) \ - curl_dbg_socket((int)domain, type, protocol, __LINE__, __FILE__) -#ifdef HAVE_ACCEPT4 -#undef accept4 /* for those with accept4 as a macro */ -#define accept4(sock,addr,len,flags) \ - curl_dbg_accept4(sock, addr, len, flags, __LINE__, __FILE__) -#endif -#ifdef HAVE_SOCKETPAIR -#define socketpair(domain,type,protocol,socket_vector) \ - curl_dbg_socketpair((int)domain, type, protocol, socket_vector, \ - __LINE__, __FILE__) -#endif - #undef fopen #define fopen(file,mode) curl_dbg_fopen(file,mode,__LINE__,__FILE__) #undef fdopen diff --git a/lib/multi.c b/lib/multi.c index 918928d03c..442956f844 100644 --- a/lib/multi.c +++ b/lib/multi.c @@ -1277,7 +1277,7 @@ static void reset_socket_fdwrite(curl_socket_t s) int t; int l = (int)sizeof(t); if(!getsockopt(s, SOL_SOCKET, SO_TYPE, (char *)&t, &l) && t == SOCK_STREAM) - send(s, NULL, 0, 0); + CURL_SEND(s, NULL, 0, 0); } #endif diff --git a/lib/socketpair.c b/lib/socketpair.c index 4151a9bb97..d2fd41141b 100644 --- a/lib/socketpair.c +++ b/lib/socketpair.c @@ -91,7 +91,7 @@ int Curl_socketpair(int domain, int type, int protocol, #ifdef SOCK_NONBLOCK type = nonblocking ? type | SOCK_NONBLOCK : type; #endif - if(socketpair(domain, type, protocol, socks)) + if(CURL_SOCKETPAIR(domain, type, protocol, socks)) return -1; #ifndef SOCK_NONBLOCK if(nonblocking) { @@ -154,7 +154,7 @@ int Curl_socketpair(int domain, int type, int protocol, (void)type; (void)protocol; - listener = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); + listener = CURL_SOCKET(AF_INET, SOCK_STREAM, IPPROTO_TCP); if(listener == CURL_SOCKET_BAD) return -1; @@ -188,7 +188,7 @@ int Curl_socketpair(int domain, int type, int protocol, goto error; if(listen(listener, 1) == -1) goto error; - socks[0] = socket(AF_INET, SOCK_STREAM, 0); + socks[0] = CURL_SOCKET(AF_INET, SOCK_STREAM, 0); if(socks[0] == CURL_SOCKET_BAD) goto error; if(connect(socks[0], &a.addr, sizeof(a.inaddr)) == -1) diff --git a/lib/vquic/vquic.c b/lib/vquic/vquic.c index 3a0ac87238..47fbf63af0 100644 --- a/lib/vquic/vquic.c +++ b/lib/vquic/vquic.c @@ -196,8 +196,8 @@ static CURLcode do_sendmsg(struct Curl_cfilter *cf, *psent = 0; - while((sent = send(qctx->sockfd, - (const char *)pkt, (SEND_TYPE_ARG3)pktlen, 0)) == -1 && + while((sent = CURL_SEND(qctx->sockfd, (const char *)pkt, + (SEND_TYPE_ARG3)pktlen, 0)) == -1 && SOCKERRNO == SOCKEINTR) ; diff --git a/packages/OS400/os400sys.c b/packages/OS400/os400sys.c index 7be7208549..bc227a0e69 100644 --- a/packages/OS400/os400sys.c +++ b/packages/OS400/os400sys.c @@ -333,6 +333,7 @@ Curl_getaddrinfo_a(const char *nodename, const char *servname, eservname[i] = '\0'; } + /* !checksrc! disable BANNEDFUNC 1 */ status = getaddrinfo(enodename, eservname, hints, res); free(enodename); free(eservname); diff --git a/scripts/checksrc.pl b/scripts/checksrc.pl index 28ad6315ba..0eeab72323 100755 --- a/scripts/checksrc.pl +++ b/scripts/checksrc.pl @@ -77,6 +77,14 @@ my %banfunc = ( "_waccess" => 1, "_access" => 1, "access" => 1, + "accept" => 1, + "accept4" => 1, + "freeaddrinfo" => 1, + "getaddrinfo" => 1, + "recv" => 1, + "send" => 1, + "socket" => 1, + "socketpair" => 1, ); my %warnings_extended = ( diff --git a/src/tool_cb_rea.c b/src/tool_cb_rea.c index 0a3e9ef0ee..b7bd9a7227 100644 --- a/src/tool_cb_rea.c +++ b/src/tool_cb_rea.c @@ -92,7 +92,7 @@ size_t tool_read_cb(char *buffer, size_t sz, size_t nmemb, void *userdata) execute */ if(per->uploadfile && !strcmp(per->uploadfile, ".") && per->infd > 0) { #if defined(_WIN32) && !defined(CURL_WINDOWS_UWP) && !defined(UNDER_CE) - rc = recv(per->infd, buffer, curlx_uztosi(sz * nmemb), 0); + rc = CURL_RECV(per->infd, buffer, curlx_uztosi(sz * nmemb), 0); if(rc < 0) { if(SOCKERRNO == SOCKEWOULDBLOCK) { CURL_SETERRNO(0); diff --git a/src/tool_cb_soc.c b/src/tool_cb_soc.c index 22048ee6bb..d89870297c 100644 --- a/src/tool_cb_soc.c +++ b/src/tool_cb_soc.c @@ -54,5 +54,5 @@ curl_socket_t tool_socket_open_mptcp_cb(void *clientp, return CURL_SOCKET_BAD; #endif - return socket(addr->family, addr->socktype, protocol); + return CURL_SOCKET(addr->family, addr->socktype, protocol); } diff --git a/src/tool_doswin.c b/src/tool_doswin.c index bfe013d8e5..0450e5707b 100644 --- a/src/tool_doswin.c +++ b/src/tool_doswin.c @@ -785,7 +785,7 @@ static DWORD WINAPI win_stdin_thread_func(void *thread_data) break; if(n == 0) break; - nwritten = send(socket_w, buffer, n, 0); + nwritten = CURL_SEND(socket_w, buffer, n, 0); if(nwritten == SOCKET_ERROR) break; if((DWORD)nwritten != n) @@ -889,7 +889,7 @@ curl_socket_t win32_stdin_read_thread(void) } /* Connect to the thread and rearrange our own STDIN handles */ - socket_r = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); + socket_r = CURL_SOCKET(AF_INET, SOCK_STREAM, IPPROTO_TCP); if(socket_r == CURL_SOCKET_BAD) { errorf("socket error: %08lx", GetLastError()); break; diff --git a/tests/libtest/lib1960.c b/tests/libtest/lib1960.c index 5cdc022426..1ee9277bef 100644 --- a/tests/libtest/lib1960.c +++ b/tests/libtest/lib1960.c @@ -96,7 +96,7 @@ static CURLcode test_lib1960(const char *URL) * over this socket as "already connected" to libcurl and make sure that * this works. */ - client_fd = socket(AF_INET, SOCK_STREAM, 0); + client_fd = CURL_SOCKET(AF_INET, SOCK_STREAM, 0); if(client_fd == CURL_SOCKET_BAD) { curl_mfprintf(stderr, "socket creation error\n"); goto test_cleanup; diff --git a/tests/libtest/lib500.c b/tests/libtest/lib500.c index 0586c1407f..7081ec625d 100644 --- a/tests/libtest/lib500.c +++ b/tests/libtest/lib500.c @@ -35,7 +35,7 @@ static curl_socket_t tst_opensocket(void *clientp, (void)clientp; (void)purpose; curl_mprintf("[OPEN] counter: %d\n", ++testcounter); - return socket(addr->family, addr->socktype, addr->protocol); + return CURL_SOCKET(addr->family, addr->socktype, addr->protocol); } static int tst_closesocket(void *clientp, curl_socket_t sock) diff --git a/tests/server/.checksrc b/tests/server/.checksrc index 8b1bcabe77..be8f12cec0 100644 --- a/tests/server/.checksrc +++ b/tests/server/.checksrc @@ -1 +1,7 @@ +allowfunc accept +allowfunc freeaddrinfo +allowfunc getaddrinfo +allowfunc recv +allowfunc send +allowfunc socket allowfunc strtoul From ca75476a5c9ff3066cfcc3af0a2f33b936466501 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 20 Sep 2025 15:07:15 +0200 Subject: [PATCH 0097/2408] GHA/codeql: drop winbuild references [ci skip] Follow-up to 8d004781a577fc2fae72873c4a45b2fb3f366d98 #18040 --- .github/workflows/codeql.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index b5e05efe46..bb3c074821 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -17,7 +17,6 @@ name: 'CodeQL' - 'plan9/**' - 'projects/**' - 'tests/data/**' - - 'winbuild/**' pull_request: branches: - master @@ -29,7 +28,6 @@ name: 'CodeQL' - 'plan9/**' - 'projects/**' - 'tests/data/**' - - 'winbuild/**' schedule: - cron: '0 0 * * 4' From 2a5da01e422f0853a2ea3764cde5fa08189d5b91 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 20 Sep 2025 14:29:44 +0200 Subject: [PATCH 0098/2408] socks: make Curl_blockread_all return CURLcode Reported in Joshua's sarif data Closes #18635 --- lib/socks.c | 27 +++++++++++++-------------- lib/socks.h | 10 +++++----- lib/socks_sspi.c | 33 ++++++++++++++++++--------------- 3 files changed, 36 insertions(+), 34 deletions(-) diff --git a/lib/socks.c b/lib/socks.c index fc6c9730f8..4cb8619d7b 100644 --- a/lib/socks.c +++ b/lib/socks.c @@ -98,14 +98,14 @@ struct socks_state { * * This is STUPID BLOCKING behavior. Only used by the SOCKS GSSAPI functions. */ -int Curl_blockread_all(struct Curl_cfilter *cf, - struct Curl_easy *data, /* transfer */ - char *buf, /* store read data here */ - size_t blen, /* space in buf */ - size_t *pnread) /* amount bytes read */ +CURLcode Curl_blockread_all(struct Curl_cfilter *cf, + struct Curl_easy *data, + char *buf, /* store read data here */ + size_t blen, /* space in buf */ + size_t *pnread) /* amount bytes read */ { size_t nread = 0; - CURLcode err; + CURLcode result; *pnread = 0; for(;;) { @@ -116,21 +116,20 @@ int Curl_blockread_all(struct Curl_cfilter *cf, } if(!timeout_ms) timeout_ms = TIMEDIFF_T_MAX; - if(SOCKET_READABLE(cf->conn->sock[cf->sockindex], timeout_ms) <= 0) { - return ~CURLE_OK; - } - err = Curl_conn_cf_recv(cf->next, data, buf, blen, &nread); - if(CURLE_AGAIN == err) + if(SOCKET_READABLE(cf->conn->sock[cf->sockindex], timeout_ms) <= 0) + return CURLE_OPERATION_TIMEDOUT; + result = Curl_conn_cf_recv(cf->next, data, buf, blen, &nread); + if(CURLE_AGAIN == result) continue; - else if(err) - return (int)err; + else if(result) + return result; if(blen == nread) { *pnread += nread; return CURLE_OK; } if(!nread) /* EOF */ - return ~CURLE_OK; + return CURLE_RECV_ERROR; buf += nread; blen -= nread; diff --git a/lib/socks.h b/lib/socks.h index d60796316f..f76bddc5f4 100644 --- a/lib/socks.h +++ b/lib/socks.h @@ -37,11 +37,11 @@ * * This is STUPID BLOCKING behavior */ -int Curl_blockread_all(struct Curl_cfilter *cf, - struct Curl_easy *data, - char *buf, - size_t blen, - size_t *pnread); +CURLcode Curl_blockread_all(struct Curl_cfilter *cf, + struct Curl_easy *data, + char *buf, + size_t blen, + size_t *pnread); #if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI) /* diff --git a/lib/socks_sspi.c b/lib/socks_sspi.c index 7af0b081e2..6afc3eac34 100644 --- a/lib/socks_sspi.c +++ b/lib/socks_sspi.c @@ -72,7 +72,6 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, size_t actualread; size_t written; CURLcode result; - int err; /* Needs GSS-API authentication */ SECURITY_STATUS status; unsigned long sspi_ret_flags = 0; @@ -237,10 +236,11 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, * +----+------+-----+----------------+ */ - err = Curl_blockread_all(cf, data, (char *)socksreq, 4, &actualread); - if(err || (actualread != 4)) { + result = Curl_blockread_all(cf, data, (char *)socksreq, 4, &actualread); + if(result || (actualread != 4)) { failf(data, "Failed to receive SSPI authentication response."); - result = CURLE_COULDNT_CONNECT; + if(!result) + result = CURLE_COULDNT_CONNECT; goto error; } @@ -269,12 +269,13 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, result = CURLE_OUT_OF_MEMORY; goto error; } - err = Curl_blockread_all(cf, data, (char *)sspi_recv_token.pvBuffer, - sspi_recv_token.cbBuffer, &actualread); + result = Curl_blockread_all(cf, data, (char *)sspi_recv_token.pvBuffer, + sspi_recv_token.cbBuffer, &actualread); - if(err || (actualread != us_length)) { + if(result || (actualread != us_length)) { failf(data, "Failed to receive SSPI authentication token."); - result = CURLE_COULDNT_CONNECT; + if(!result) + result = CURLE_COULDNT_CONNECT; goto error; } @@ -453,10 +454,11 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, Curl_safefree(etbuf); } - err = Curl_blockread_all(cf, data, (char *)socksreq, 4, &actualread); - if(err || (actualread != 4)) { + result = Curl_blockread_all(cf, data, (char *)socksreq, 4, &actualread); + if(result || (actualread != 4)) { failf(data, "Failed to receive SSPI encryption response."); - result = CURLE_COULDNT_CONNECT; + if(!result) + result = CURLE_COULDNT_CONNECT; goto error; } @@ -485,12 +487,13 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, goto error; } - err = Curl_blockread_all(cf, data, (char *)sspi_w_token[0].pvBuffer, - sspi_w_token[0].cbBuffer, &actualread); + result = Curl_blockread_all(cf, data, (char *)sspi_w_token[0].pvBuffer, + sspi_w_token[0].cbBuffer, &actualread); - if(err || (actualread != us_length)) { + if(result || (actualread != us_length)) { failf(data, "Failed to receive SSPI encryption type."); - result = CURLE_COULDNT_CONNECT; + if(!result) + result = CURLE_COULDNT_CONNECT; goto error; } From 277ebca61009ac6618cd598aa81a9cf5f2b245f7 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 20 Sep 2025 14:45:47 +0200 Subject: [PATCH 0099/2408] ftp: fix port number range loop for PORT commands If the last port to test is 65535, the loop would previously wrongly wrap the counter and start over at 0, which was not intended. Reported in Joshua's sarif data Closes #18636 --- lib/ftp.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/lib/ftp.c b/lib/ftp.c index 6a33b6723c..1e2cd4d3cf 100644 --- a/lib/ftp.c +++ b/lib/ftp.c @@ -1121,14 +1121,16 @@ static CURLcode ftp_state_use_port(struct Curl_easy *data, else break; + /* check if port is the maximum value here, because it might be 0xffff and + then the increment below will wrap the 16 bit counter */ + if(port == port_max) { + /* maybe all ports were in use already */ + failf(data, "bind() failed, ran out of ports"); + goto out; + } port++; } - /* maybe all ports were in use already */ - if(port > port_max) { - failf(data, "bind() failed, we ran out of ports"); - goto out; - } /* get the name again after the bind() so that we can extract the port number it uses now */ From ca8ec6e033eb6b733d123495db18b5c99bf4208a Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 20 Sep 2025 14:56:03 +0200 Subject: [PATCH 0100/2408] tftp: handle tftp_multi_statemach() return code Previously just ignored. Reported in Joshua's sarif data Closes #18638 --- lib/tftp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/tftp.c b/lib/tftp.c index 84b92ee488..7dc06261b2 100644 --- a/lib/tftp.c +++ b/lib/tftp.c @@ -1310,7 +1310,7 @@ static CURLcode tftp_perform(struct Curl_easy *data, bool *dophase_done) if((state->state == TFTP_STATE_FIN) || result) return result; - tftp_multi_statemach(data, dophase_done); + result = tftp_multi_statemach(data, dophase_done); if(*dophase_done) DEBUGF(infof(data, "DO phase is complete")); From df8244c30fa80cc9310a096f9c4c024a76ad1bc6 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 20 Sep 2025 15:00:37 +0200 Subject: [PATCH 0101/2408] libssh: error on bad chown number and store the value To avoid continuing with an unintended zero uid. Also actually use the value, which was omitted before! Reported in Joshua's sarif data Closes #18639 --- lib/vssh/libssh.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c index be8336ad0a..56f21d85e9 100644 --- a/lib/vssh/libssh.c +++ b/lib/vssh/libssh.c @@ -1838,9 +1838,7 @@ static int myssh_in_SFTP_QUOTE_STAT(struct Curl_easy *data, else if(!strncmp(cmd, "chown", 5)) { const char *p = sshc->quote_path1; curl_off_t uid; - (void)curlx_str_number(&p, &uid, UINT_MAX); - if(sshc->quote_attrs->uid == 0 && !ISDIGIT(sshc->quote_path1[0]) && - !sshc->acceptfail) { + if(curlx_str_number(&p, &uid, UINT_MAX)) { Curl_safefree(sshc->quote_path1); Curl_safefree(sshc->quote_path2); failf(data, "Syntax error: chown uid not a number"); @@ -1849,6 +1847,7 @@ static int myssh_in_SFTP_QUOTE_STAT(struct Curl_easy *data, sshc->actualcode = CURLE_QUOTE_ERROR; return SSH_NO_ERROR; } + sshc->quote_attrs->uid = (uint32_t)uid; sshc->quote_attrs->flags |= SSH_FILEXFER_ATTR_UIDGID; } else if(!strncmp(cmd, "atime", 5) || From 82eeda104144b23de1bc89641d5a41f8a57eba6e Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 20 Sep 2025 16:47:16 +0200 Subject: [PATCH 0102/2408] CURLOPT_HEADER/WRITEFUNCTION.md: drop '* size' since size is always 1 Closes #18640 --- docs/libcurl/opts/CURLOPT_HEADERFUNCTION.md | 4 ++-- docs/libcurl/opts/CURLOPT_WRITEFUNCTION.md | 15 +++++++-------- 2 files changed, 9 insertions(+), 10 deletions(-) diff --git a/docs/libcurl/opts/CURLOPT_HEADERFUNCTION.md b/docs/libcurl/opts/CURLOPT_HEADERFUNCTION.md index 2f4c00a03c..8e16b78d55 100644 --- a/docs/libcurl/opts/CURLOPT_HEADERFUNCTION.md +++ b/docs/libcurl/opts/CURLOPT_HEADERFUNCTION.md @@ -109,9 +109,9 @@ Nothing. static size_t header_callback(char *buffer, size_t size, size_t nitems, void *userdata) { - /* received header is nitems * size long in 'buffer' NOT ZERO TERMINATED */ + /* received header is 'nitems' bytes in 'buffer' NOT ZERO TERMINATED */ /* 'userdata' is set with CURLOPT_HEADERDATA */ - return nitems * size; + return nitems; } int main(void) diff --git a/docs/libcurl/opts/CURLOPT_WRITEFUNCTION.md b/docs/libcurl/opts/CURLOPT_WRITEFUNCTION.md index 3ee11d8e47..973a0aea75 100644 --- a/docs/libcurl/opts/CURLOPT_WRITEFUNCTION.md +++ b/docs/libcurl/opts/CURLOPT_WRITEFUNCTION.md @@ -40,13 +40,12 @@ delivered data, and the size of that data is *nmemb*; *size* is always 1. The data passed to this function is not null-terminated. The callback function is passed as much data as possible in all invokes, but -you must not make any assumptions. It may be one byte, it may be -thousands. The maximum amount of body data that is passed to the write -callback is defined in the curl.h header file: *CURL_MAX_WRITE_SIZE* (the -usual default is 16K). If CURLOPT_HEADER(3) is enabled, which makes header -data get passed to the write callback, you can get up to -*CURL_MAX_HTTP_HEADER* bytes of header data passed into it. This usually means -100K. +you must not make any assumptions. It may be one byte, it may be thousands. +The maximum amount of body data that is passed to the write callback is +defined in the curl.h header file: *CURL_MAX_WRITE_SIZE* (the usual default is +16K). If CURLOPT_HEADER(3) is enabled, which makes header data get passed to +the write callback, you can get up to *CURL_MAX_HTTP_HEADER* bytes of header +data passed into it. This usually means 100K. This function may be called with zero bytes data if the transferred file is empty. @@ -90,7 +89,7 @@ struct memory { static size_t cb(char *data, size_t size, size_t nmemb, void *clientp) { - size_t realsize = size * nmemb; + size_t realsize = nmemb; struct memory *mem = (struct memory *)clientp; char *ptr = realloc(mem->response, mem->size + realsize + 1); From 94eec0a788dbc80e87d7168be1bfb10d734d0ab3 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 20 Sep 2025 17:14:10 +0200 Subject: [PATCH 0103/2408] schannel: assign result before using it curl_easy_strerror(result) was called *before* result was assigned. Reported in Joshua's sarif data Closes #18642 --- lib/vtls/schannel.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index b511c43277..8b7f1d9306 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -2451,9 +2451,9 @@ static CURLcode schannel_shutdown(struct Curl_cfilter *cf, Curl_pSecFn->FreeContextBuffer(outbuf.pvBuffer); if(!result) { if(written < outbuf.cbBuffer) { + result = CURLE_SEND_ERROR; failf(data, "schannel: failed to send close msg: %s" " (bytes written: %zu)", curl_easy_strerror(result), written); - result = CURLE_SEND_ERROR; goto out; } backend->sent_shutdown = TRUE; @@ -2466,8 +2466,8 @@ static CURLcode schannel_shutdown(struct Curl_cfilter *cf, } else { if(!backend->recv_connection_closed) { - failf(data, "schannel: error sending close msg: %d", result); result = CURLE_SEND_ERROR; + failf(data, "schannel: error sending close msg: %d", result); goto out; } /* Looks like server already closed the connection. From d27d9c7ef1a37230ace8cc841027e6622c885df7 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 20 Sep 2025 16:56:14 +0200 Subject: [PATCH 0104/2408] cf-socket: use the right byte order for ports in bindlocal Reported in Joshua's sarif data Closes #18641 --- lib/cf-socket.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/cf-socket.c b/lib/cf-socket.c index 365ddb62a1..2f0429efea 100644 --- a/lib/cf-socket.c +++ b/lib/cf-socket.c @@ -790,10 +790,10 @@ static CURLcode bindlocal(struct Curl_easy *data, struct connectdata *conn, infof(data, "Bind to local port %d failed, trying next", port - 1); /* We reuse/clobber the port variable here below */ if(sock->sa_family == AF_INET) - si4->sin_port = ntohs(port); + si4->sin_port = htons(port); #ifdef USE_IPV6 else - si6->sin6_port = ntohs(port); + si6->sin6_port = htons(port); #endif } else From e2d3b832445a05ed2e590fa5a40b0914f932bc42 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 20 Sep 2025 14:51:01 +0200 Subject: [PATCH 0105/2408] libssh: return out of memory correctly if aprintf fails The code called set sshc->nextstate and returned SSH_OK without setting sshc->actualcode to an error code. Reported in Joshua's sarif data Closes #18637 --- lib/vssh/libssh.c | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c index 56f21d85e9..eacc27a921 100644 --- a/lib/vssh/libssh.c +++ b/lib/vssh/libssh.c @@ -765,7 +765,7 @@ static int myssh_in_SFTP_QUOTE_STATVFS(struct Curl_easy *data, #else #define CURL_LIBSSH_VFS_SIZE_MASK PRIu64 #endif - CURLcode result; + CURLcode result = CURLE_OK; char *tmp = aprintf("statvfs:\n" "f_bsize: %" CURL_LIBSSH_VFS_SIZE_MASK "\n" "f_frsize: %" CURL_LIBSSH_VFS_SIZE_MASK "\n" @@ -786,14 +786,13 @@ static int myssh_in_SFTP_QUOTE_STATVFS(struct Curl_easy *data, statvfs->f_namemax); sftp_statvfs_free(statvfs); - if(!tmp) { - myssh_to(data, sshc, SSH_SFTP_CLOSE); - sshc->nextstate = SSH_NO_STATE; - return SSH_OK; - } + if(!tmp) + result = CURLE_OUT_OF_MEMORY; - result = Curl_client_write(data, CLIENTWRITE_HEADER, tmp, strlen(tmp)); - free(tmp); + if(!result) { + result = Curl_client_write(data, CLIENTWRITE_HEADER, tmp, strlen(tmp)); + free(tmp); + } if(result) { myssh_to(data, sshc, SSH_SFTP_CLOSE); sshc->nextstate = SSH_NO_STATE; From 66d6075af9c9bb5e4ef7985c7bc46942c9d4ae99 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 20 Sep 2025 17:40:17 +0200 Subject: [PATCH 0106/2408] tftp: return error when sendto() fails The code just called failf() and then continued without returning error. Reported in Joshua's sarif data Closes #18643 --- lib/tftp.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/tftp.c b/lib/tftp.c index 7dc06261b2..8b6246a342 100644 --- a/lib/tftp.c +++ b/lib/tftp.c @@ -535,11 +535,12 @@ static CURLcode tftp_send_first(struct tftp_conn *state, (SEND_TYPE_ARG3)sbytes, 0, CURL_SENDTO_ARG5(&remote_addr->curl_sa_addr), (curl_socklen_t)remote_addr->addrlen); + free(filename); if(senddata != (ssize_t)sbytes) { char buffer[STRERROR_LEN]; failf(data, "%s", Curl_strerror(SOCKERRNO, buffer, sizeof(buffer))); + return CURLE_SEND_ERROR; } - free(filename); break; case TFTP_EVENT_OACK: From 979366a62568ca2ea0f8bed19fd901499c8dc178 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 20 Sep 2025 12:21:26 +0200 Subject: [PATCH 0107/2408] openldap: improve check for receiving blank data It can't access the first byte either unless it has length. Followup to 232d5a2ed9c091c88e3b724a1e7d6 Closes #18632 --- lib/openldap.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/openldap.c b/lib/openldap.c index 1f8737f524..717739b68d 100644 --- a/lib/openldap.c +++ b/lib/openldap.c @@ -1171,8 +1171,8 @@ static CURLcode oldap_recv(struct Curl_easy *data, int sockindex, char *buf, if(!binary) { /* check for leading or trailing whitespace */ - if(ISBLANK(bvals[i].bv_val[0]) || - (bvals[i].bv_len && + if(bvals[i].bv_len && + (ISBLANK(bvals[i].bv_val[0]) || ISBLANK(bvals[i].bv_val[bvals[i].bv_len - 1]))) binval = TRUE; else { From 50968d0378ebf05c90e8f1d167592797bbd258ba Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 20 Sep 2025 12:12:02 +0200 Subject: [PATCH 0108/2408] httpsrr: free old pointers when storing new In case we get "funny" input and the same field is provided several times, free the old pointer before stored a new memdup. Reported in Joshua's sarif data Closes #18631 --- lib/httpsrr.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lib/httpsrr.c b/lib/httpsrr.c index 26b8522cc9..8aa7f3b26e 100644 --- a/lib/httpsrr.c +++ b/lib/httpsrr.c @@ -98,6 +98,7 @@ CURLcode Curl_httpsrr_set(struct Curl_easy *data, case HTTPS_RR_CODE_IPV4: /* addr4 list */ if(!vlen || (vlen & 3)) /* the size must be 4-byte aligned */ return CURLE_BAD_FUNCTION_ARGUMENT; + free(hi->ipv4hints); hi->ipv4hints = Curl_memdup(val, vlen); if(!hi->ipv4hints) return CURLE_OUT_OF_MEMORY; @@ -107,6 +108,7 @@ CURLcode Curl_httpsrr_set(struct Curl_easy *data, case HTTPS_RR_CODE_ECH: if(!vlen) return CURLE_BAD_FUNCTION_ARGUMENT; + free(hi->echconfiglist); hi->echconfiglist = Curl_memdup(val, vlen); if(!hi->echconfiglist) return CURLE_OUT_OF_MEMORY; @@ -116,6 +118,7 @@ CURLcode Curl_httpsrr_set(struct Curl_easy *data, case HTTPS_RR_CODE_IPV6: /* addr6 list */ if(!vlen || (vlen & 15)) /* the size must be 16-byte aligned */ return CURLE_BAD_FUNCTION_ARGUMENT; + free(hi->ipv6hints); hi->ipv6hints = Curl_memdup(val, vlen); if(!hi->ipv6hints) return CURLE_OUT_OF_MEMORY; @@ -186,6 +189,7 @@ CURLcode Curl_httpsrr_from_ares(struct Curl_easy *data, is in ServiceMode */ target = ares_dns_rr_get_str(rr, ARES_RR_HTTPS_TARGET); if(target && target[0]) { + free(hinfo->target); hinfo->target = strdup(target); if(!hinfo->target) { result = CURLE_OUT_OF_MEMORY; From cf3b9657bcb7acd3525ca081b4ed16e860604d6d Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 19 Sep 2025 09:32:42 +0200 Subject: [PATCH 0109/2408] libssh2: up the minimum requirement to 1.9.0 Released on June 20 2019 --- .github/workflows/linux-old.yml | 10 +++--- configure.ac | 4 +-- docs/INTERNALS.md | 2 +- lib/vssh/libssh2.c | 59 ++------------------------------- 4 files changed, 10 insertions(+), 65 deletions(-) diff --git a/.github/workflows/linux-old.yml b/.github/workflows/linux-old.yml index e572c1745f..7e25cd2139 100644 --- a/.github/workflows/linux-old.yml +++ b/.github/workflows/linux-old.yml @@ -68,7 +68,7 @@ jobs: dpkg -i freexian-archive-keyring_2022.06.08_all.deb echo 'deb http://deb.freexian.com/extended-lts stretch-lts main contrib non-free' | tee /etc/apt/sources.list.d/extended-lts.list apt-get -o Dpkg::Use-Pty=0 update - apt-get -o Dpkg::Use-Pty=0 install -y --no-install-suggests --no-install-recommends cmake make automake autoconf libtool gcc pkg-config libpsl-dev libzstd-dev zlib1g-dev libgnutls28-dev libssh-dev libssh2-1-dev libc-ares-dev heimdal-dev libldap2-dev librtmp-dev stunnel4 groff + apt-get -o Dpkg::Use-Pty=0 install -y --no-install-suggests --no-install-recommends cmake make automake autoconf libtool gcc pkg-config libpsl-dev libzstd-dev zlib1g-dev libgnutls28-dev libc-ares-dev heimdal-dev libldap2-dev librtmp-dev stunnel4 groff # GitHub's actions/checkout needs newer glibc and libstdc++. The latter also depends on # gcc-8-base, but it doesn't actually seem used in our situation and isn't available in # the main repo, so force the install. @@ -80,12 +80,12 @@ jobs: with: persist-credentials: false - - name: 'cmake build-only (out-of-tree, libssh2)' + - name: 'cmake build-only (out-of-tree)' run: | mkdir bld-1 cd bld-1 cmake .. -DCMAKE_UNITY_BUILD=ON -DCURL_WERROR=ON -DBUILD_SHARED_LIBS=ON \ - -DCURL_USE_GNUTLS=ON -DENABLE_ARES=OFF -DCURL_ZSTD=OFF -DCURL_USE_GSSAPI=OFF -DCURL_USE_LIBSSH2=ON -DCURL_USE_LIBSSH=OFF -DUSE_LIBRTMP=ON + -DCURL_USE_GNUTLS=ON -DENABLE_ARES=OFF -DCURL_ZSTD=OFF -DCURL_USE_GSSAPI=OFF -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=OFF -DUSE_LIBRTMP=ON make install src/curl --disable --version @@ -129,12 +129,12 @@ jobs: - name: 'autoreconf' run: autoreconf -if - - name: 'configure (out-of-tree, c-ares, libssh2, zstd, gssapi)' + - name: 'configure (out-of-tree, c-ares, zstd, gssapi)' run: | mkdir bld-am cd bld-am ../configure --disable-dependency-tracking --enable-unity --enable-warnings --enable-werror \ - --with-gnutls --enable-ares --with-libssh2 --with-zstd --with-gssapi --with-librtmp \ + --with-gnutls --enable-ares --without-libssh2 --with-zstd --with-gssapi --with-librtmp \ --prefix="$PWD"/../curl-install-am - name: 'autotools curl_config.h' diff --git a/configure.ac b/configure.ac index 6c33b561be..fa23eb09b1 100644 --- a/configure.ac +++ b/configure.ac @@ -2292,8 +2292,8 @@ if test X"$OPT_LIBSSH2" != Xno; then CPPFLAGS="$CPPFLAGS $CPP_SSH2" LIBS="$LIB_SSH2 $LIBS" - dnl check for function added in libssh2 version 1.2.8 - AC_CHECK_LIB(ssh2, libssh2_free) + dnl check for function added in libssh2 version 1.9.0 + AC_CHECK_LIB(ssh2, libssh2_agent_get_identity_path) AC_CHECK_HEADER(libssh2.h, curl_ssh_msg="enabled (libssh2)" diff --git a/docs/INTERNALS.md b/docs/INTERNALS.md index de993c3e4b..93546ebe4b 100644 --- a/docs/INTERNALS.md +++ b/docs/INTERNALS.md @@ -29,7 +29,7 @@ versions of libs and build tools. - GnuTLS 3.1.10 - mbedTLS 3.2.0 - zlib 1.2.5.2 - - libssh2 1.2.8 + - libssh2 1.9.0 - c-ares 1.6.0 - libssh 0.9.0 - libidn2 2.0.0 diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c index ebfd241e6c..f68e3ee168 100644 --- a/lib/vssh/libssh2.c +++ b/lib/vssh/libssh2.c @@ -464,26 +464,18 @@ static CURLcode ssh_knownhost(struct Curl_easy *data, case LIBSSH2_HOSTKEY_TYPE_DSS: keybit = LIBSSH2_KNOWNHOST_KEY_SSHDSS; break; -#ifdef LIBSSH2_HOSTKEY_TYPE_ECDSA_256 case LIBSSH2_HOSTKEY_TYPE_ECDSA_256: keybit = LIBSSH2_KNOWNHOST_KEY_ECDSA_256; break; -#endif -#ifdef LIBSSH2_HOSTKEY_TYPE_ECDSA_384 case LIBSSH2_HOSTKEY_TYPE_ECDSA_384: keybit = LIBSSH2_KNOWNHOST_KEY_ECDSA_384; break; -#endif -#ifdef LIBSSH2_HOSTKEY_TYPE_ECDSA_521 case LIBSSH2_HOSTKEY_TYPE_ECDSA_521: keybit = LIBSSH2_KNOWNHOST_KEY_ECDSA_521; break; -#endif -#ifdef LIBSSH2_HOSTKEY_TYPE_ED25519 case LIBSSH2_HOSTKEY_TYPE_ED25519: keybit = LIBSSH2_KNOWNHOST_KEY_ED25519; break; -#endif default: infof(data, "unsupported key type, cannot check knownhosts"); keybit = 0; @@ -606,22 +598,9 @@ static CURLcode ssh_check_fingerprint(struct Curl_easy *data, size_t pub_pos = 0; size_t b64_pos = 0; -#ifdef LIBSSH2_HOSTKEY_HASH_SHA256 /* The fingerprint points to static storage (!), do not free() it. */ fingerprint = libssh2_hostkey_hash(sshc->ssh_session, LIBSSH2_HOSTKEY_HASH_SHA256); -#else - const char *hostkey; - size_t len = 0; - unsigned char hash[32]; - - hostkey = libssh2_session_hostkey(sshc->ssh_session, &len, NULL); - if(hostkey) { - if(!Curl_sha256it(hash, (const unsigned char *) hostkey, len)) - fingerprint = (char *) hash; - } -#endif - if(!fingerprint) { failf(data, "Denied establishing ssh session: sha256 fingerprint " @@ -755,24 +734,14 @@ static CURLcode ssh_force_knownhost_key_type(struct Curl_easy *data, { CURLcode result = CURLE_OK; -#ifdef LIBSSH2_KNOWNHOST_KEY_ED25519 static const char * const hostkey_method_ssh_ed25519 = "ssh-ed25519"; -#endif -#ifdef LIBSSH2_KNOWNHOST_KEY_ECDSA_521 static const char * const hostkey_method_ssh_ecdsa_521 = "ecdsa-sha2-nistp521"; -#endif -#ifdef LIBSSH2_KNOWNHOST_KEY_ECDSA_384 static const char * const hostkey_method_ssh_ecdsa_384 = "ecdsa-sha2-nistp384"; -#endif -#ifdef LIBSSH2_KNOWNHOST_KEY_ECDSA_256 static const char * const hostkey_method_ssh_ecdsa_256 = "ecdsa-sha2-nistp256"; -#endif - static const char * const hostkey_method_ssh_rsa - = "ssh-rsa"; static const char * const hostkey_method_ssh_rsa_all = "rsa-sha2-256,rsa-sha2-512,ssh-rsa"; static const char * const hostkey_method_ssh_dss @@ -830,35 +799,20 @@ static CURLcode ssh_force_knownhost_key_type(struct Curl_easy *data, conn->host.name, data->set.str[STRING_SSH_KNOWNHOSTS]); switch(store->typemask & LIBSSH2_KNOWNHOST_KEY_MASK) { -#ifdef LIBSSH2_KNOWNHOST_KEY_ED25519 case LIBSSH2_KNOWNHOST_KEY_ED25519: hostkey_method = hostkey_method_ssh_ed25519; break; -#endif -#ifdef LIBSSH2_KNOWNHOST_KEY_ECDSA_521 case LIBSSH2_KNOWNHOST_KEY_ECDSA_521: hostkey_method = hostkey_method_ssh_ecdsa_521; break; -#endif -#ifdef LIBSSH2_KNOWNHOST_KEY_ECDSA_384 case LIBSSH2_KNOWNHOST_KEY_ECDSA_384: hostkey_method = hostkey_method_ssh_ecdsa_384; break; -#endif -#ifdef LIBSSH2_KNOWNHOST_KEY_ECDSA_256 case LIBSSH2_KNOWNHOST_KEY_ECDSA_256: hostkey_method = hostkey_method_ssh_ecdsa_256; break; -#endif case LIBSSH2_KNOWNHOST_KEY_SSHRSA: - if(libssh2_version(0x010900)) - /* since 1.9.0 libssh2_session_method_pref() works as expected */ - hostkey_method = hostkey_method_ssh_rsa_all; - else - /* old libssh2 which cannot correctly remove unsupported methods due - * to bug in src/kex.c or does not support the new methods anyways. - */ - hostkey_method = hostkey_method_ssh_rsa; + hostkey_method = hostkey_method_ssh_rsa_all; break; case LIBSSH2_KNOWNHOST_KEY_SSHDSS: hostkey_method = hostkey_method_ssh_dss; @@ -2428,18 +2382,9 @@ static CURLcode ssh_state_scp_download_init(struct Curl_easy *data, */ /* get a fresh new channel from the ssh layer */ -#if LIBSSH2_VERSION_NUM < 0x010700 - struct stat sb; - memset(&sb, 0, sizeof(struct stat)); - sshc->ssh_channel = libssh2_scp_recv(sshc->ssh_session, - sshp->path, &sb); -#else libssh2_struct_stat sb; memset(&sb, 0, sizeof(libssh2_struct_stat)); - sshc->ssh_channel = libssh2_scp_recv2(sshc->ssh_session, - sshp->path, &sb); -#endif - + sshc->ssh_channel = libssh2_scp_recv2(sshc->ssh_session, sshp->path, &sb); if(!sshc->ssh_channel) { int ssh_err; char *err_msg = NULL; From bb46d42407cd0503a9c499b4646af594a4db4947 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 20 Sep 2025 22:49:46 +0200 Subject: [PATCH 0110/2408] openssl: make the asn1_object_dump name null terminated In case the buffer is too small. Reported in Joshua's sarif data Closes #18647 --- lib/vtls/openssl.c | 20 ++++++-------------- 1 file changed, 6 insertions(+), 14 deletions(-) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 49bc02230b..4d37f5e77f 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -293,20 +293,10 @@ do { \ } while(0) #endif -static int asn1_object_dump(ASN1_OBJECT *a, char *buf, size_t len) +static int asn1_object_dump(const ASN1_OBJECT *a, char *buf, size_t len) { - int i, ilen; - - ilen = (int)len; - if(ilen < 0) - return 1; /* buffer too big */ - - i = i2t_ASN1_OBJECT(buf, ilen, a); - - if(i >= ilen) - return 1; /* buffer too small */ - - return 0; + int i = i2t_ASN1_OBJECT(buf, (int)len, a); + return (i >= (int)len); /* buffer too small */ } static CURLcode X509V3_ext(struct Curl_easy *data, @@ -337,7 +327,9 @@ static CURLcode X509V3_ext(struct Curl_easy *data, obj = X509_EXTENSION_get_object(ext); - asn1_object_dump(obj, namebuf, sizeof(namebuf)); + if(asn1_object_dump(obj, namebuf, sizeof(namebuf))) + /* make sure the name is null-terminated */ + namebuf [ sizeof(namebuf) - 1] = 0; if(!X509V3_EXT_print(bio_out, ext, 0, 0)) ASN1_STRING_print(bio_out, (ASN1_STRING *)X509_EXTENSION_get_data(ext)); From 5ab120bc4e6d9706efde14b37f8bd80c20981ac2 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 17 Sep 2025 08:32:39 +0200 Subject: [PATCH 0111/2408] krb5: drop support for Kerberos FTP It was accidentally broken in commit 0f4c439fc7347f499cf5, shipped since 8.8.0 (May 2024) and yet not a single person has noticed or reported, indicating that we might as well drop support for FTP Kerberos. Krb5 support was added in 54967d2a3ab55596314 (July 2007), and we have been carrying the extra license information around since then for this code. This commit removes the last traces of that code and thus we can remove the extra copyright notices along with it. Reported-by: Joshua Rogers Closes #18577 --- .github/scripts/spellcheck.words | 3 - LICENSES/BSD-3-Clause.txt | 11 - README | 6 - README.md | 6 - docs/cmdline-opts/krb.md | 8 +- docs/libcurl/curl_easy_setopt.md | 2 +- docs/libcurl/opts/CURLOPT_KRBLEVEL.md | 15 +- docs/libcurl/symbols-in-versions | 2 +- include/curl/curl.h | 3 +- lib/Makefile.inc | 2 - lib/curl_krb5.h | 54 -- lib/ftp.c | 68 +- lib/ftp.h | 3 - lib/krb5.c | 953 -------------------------- lib/pingpong.c | 29 +- lib/setopt.c | 9 +- lib/url.c | 11 +- lib/urldata.h | 39 -- src/config2setopts.c | 1 - src/tool_getparam.c | 11 +- src/tool_listhelp.c | 2 +- tests/data/test1282 | 5 +- 22 files changed, 43 insertions(+), 1200 deletions(-) delete mode 100644 LICENSES/BSD-3-Clause.txt delete mode 100644 lib/curl_krb5.h delete mode 100644 lib/krb5.c diff --git a/.github/scripts/spellcheck.words b/.github/scripts/spellcheck.words index 46c05b741b..aafaeff6d9 100644 --- a/.github/scripts/spellcheck.words +++ b/.github/scripts/spellcheck.words @@ -356,7 +356,6 @@ HTTPS https HTTPSRR hyper's -Högskolan IANA Icecast ICONV @@ -424,7 +423,6 @@ Krb krb Kubernetes Kuhrt -Kungliga Largefile LDAP ldap @@ -848,7 +846,6 @@ Tatsuhiro TBD TCP tcpdump -Tekniska testability testcurl TFTP diff --git a/LICENSES/BSD-3-Clause.txt b/LICENSES/BSD-3-Clause.txt deleted file mode 100644 index 086d3992cb..0000000000 --- a/LICENSES/BSD-3-Clause.txt +++ /dev/null @@ -1,11 +0,0 @@ -Copyright (c) . - -Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - -1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - -2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - -3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/README b/README index f5efbd70a6..df320f9481 100644 --- a/README +++ b/README @@ -47,9 +47,3 @@ SECURITY PROBLEMS Report suspected security problems via our HackerOne page and not in public. https://hackerone.com/curl - -NOTICE - - Curl contains pieces of source code that is Copyright (c) 1998, 1999 - Kungliga Tekniska Högskolan. This notice is included here to comply with the - distribution terms. diff --git a/README.md b/README.md index 3359818fd5..32a3c34fb0 100644 --- a/README.md +++ b/README.md @@ -53,12 +53,6 @@ Download the latest source from the Git server: Report suspected security problems via [our HackerOne page](https://hackerone.com/curl) and not in public. -## Notice - -curl contains pieces of source code that is Copyright (c) 1998, 1999 Kungliga -Tekniska Högskolan. This notice is included here to comply with the -distribution terms. - ## Backers Thank you to all our backers :pray: [Become a backer](https://opencollective.com/curl#section-contribute). diff --git a/docs/cmdline-opts/krb.md b/docs/cmdline-opts/krb.md index c353a0c740..6d47a76d6e 100644 --- a/docs/cmdline-opts/krb.md +++ b/docs/cmdline-opts/krb.md @@ -6,7 +6,7 @@ Arg: Help: Enable Kerberos with security Protocols: FTP Requires: Kerberos -Category: ftp +Category: deprecated Added: 7.3 Multi: single See-also: @@ -18,6 +18,8 @@ Example: # `--krb` +Deprecated option (added in 8.17.0). It has no function anymore. + Enable Kerberos authentication and use. The level must be entered and should -be one of 'clear', 'safe', 'confidential', or 'private'. Should you use a -level that is not one of these, 'private' is used. +be one of `clear`, `safe`, `confidential`, or `private`. Should you use a +level that is not one of these, `private` is used. diff --git a/docs/libcurl/curl_easy_setopt.md b/docs/libcurl/curl_easy_setopt.md index ccca56de6b..430c3c14ab 100644 --- a/docs/libcurl/curl_easy_setopt.md +++ b/docs/libcurl/curl_easy_setopt.md @@ -540,7 +540,7 @@ Client key password. See CURLOPT_KEYPASSWD(3) ## CURLOPT_KRBLEVEL -Kerberos security level. See CURLOPT_KRBLEVEL(3) +**OBSOLETE**. Kerberos security level. See CURLOPT_KRBLEVEL(3) ## CURLOPT_LOCALPORT diff --git a/docs/libcurl/opts/CURLOPT_KRBLEVEL.md b/docs/libcurl/opts/CURLOPT_KRBLEVEL.md index bdea064600..8dc5de7cee 100644 --- a/docs/libcurl/opts/CURLOPT_KRBLEVEL.md +++ b/docs/libcurl/opts/CURLOPT_KRBLEVEL.md @@ -5,7 +5,6 @@ Title: CURLOPT_KRBLEVEL Section: 3 Source: libcurl See-also: - - CURLOPT_KRBLEVEL (3) - CURLOPT_USE_SSL (3) Protocol: - FTP @@ -26,11 +25,13 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_KRBLEVEL, char *level); # DESCRIPTION +Deprecated. It serves no purpose anymore. + Pass a char pointer as parameter. Set the kerberos security level for FTP; this also enables kerberos awareness. This is a string that should match one -of the following: &'clear', &'safe', &'confidential' or &'private'. If the -string is set but does not match one of these, 'private' is used. Set the -string to NULL to disable kerberos support for FTP. +of the following: `clear`, `safe`, `confidential` or `private`. If the string +is set but does not match one of these, `private` is used. Set the string to +NULL to disable kerberos support for FTP. The application does not have to keep the string around after setting this option. @@ -62,8 +63,14 @@ int main(void) # HISTORY +Functionality removed in 8.17.0 + This option was known as CURLOPT_KRB4LEVEL up to 7.16.3 +# DEPRECATED + +Deprecated since 8.17.0 + # %AVAILABILITY% # RETURN VALUE diff --git a/docs/libcurl/symbols-in-versions b/docs/libcurl/symbols-in-versions index bfcf357bf6..43435cb16b 100644 --- a/docs/libcurl/symbols-in-versions +++ b/docs/libcurl/symbols-in-versions @@ -704,7 +704,7 @@ CURLOPT_ISSUERCERT_BLOB 7.71.0 CURLOPT_KEEP_SENDING_ON_ERROR 7.51.0 CURLOPT_KEYPASSWD 7.17.0 CURLOPT_KRB4LEVEL 7.3 7.17.0 -CURLOPT_KRBLEVEL 7.16.4 +CURLOPT_KRBLEVEL 7.16.4 8.17.0 CURLOPT_LOCALPORT 7.15.2 CURLOPT_LOCALPORTRANGE 7.15.2 CURLOPT_LOGIN_OPTIONS 7.34.0 diff --git a/include/curl/curl.h b/include/curl/curl.h index 6f4aa90f13..49552558dd 100644 --- a/include/curl/curl.h +++ b/include/curl/curl.h @@ -1357,7 +1357,8 @@ typedef enum { /* Set the krb4/5 security level, this also enables krb4/5 awareness. This * is a string, 'clear', 'safe', 'confidential' or 'private'. If the string * is set but does not match one of these, 'private' will be used. */ - CURLOPT(CURLOPT_KRBLEVEL, CURLOPTTYPE_STRINGPOINT, 63), + CURLOPTDEPRECATED(CURLOPT_KRBLEVEL, CURLOPTTYPE_STRINGPOINT, 63, + 8.17.0, "removed"), /* Set if we should verify the peer in ssl handshake, set 1 to verify. */ CURLOPT(CURLOPT_SSL_VERIFYPEER, CURLOPTTYPE_LONG, 64), diff --git a/lib/Makefile.inc b/lib/Makefile.inc index 524fdcc53d..c17a8d9c3c 100644 --- a/lib/Makefile.inc +++ b/lib/Makefile.inc @@ -209,7 +209,6 @@ LIB_CFILES = \ idn.c \ if2ip.c \ imap.c \ - krb5.c \ ldap.c \ llist.c \ macos.c \ @@ -292,7 +291,6 @@ LIB_HFILES = \ curl_gethostname.h \ curl_gssapi.h \ curl_hmac.h \ - curl_krb5.h \ curl_ldap.h \ curl_md4.h \ curl_md5.h \ diff --git a/lib/curl_krb5.h b/lib/curl_krb5.h deleted file mode 100644 index 574340fd3c..0000000000 --- a/lib/curl_krb5.h +++ /dev/null @@ -1,54 +0,0 @@ -#ifndef HEADER_CURL_KRB5_H -#define HEADER_CURL_KRB5_H -/*************************************************************************** - * _ _ ____ _ - * Project ___| | | | _ \| | - * / __| | | | |_) | | - * | (__| |_| | _ <| |___ - * \___|\___/|_| \_\_____| - * - * Copyright (C) Daniel Stenberg, , et al. - * - * This software is licensed as described in the file COPYING, which - * you should have received as part of this distribution. The terms - * are also available at https://curl.se/docs/copyright.html. - * - * You may opt to use, copy, modify, merge, publish, distribute and/or sell - * copies of the Software, and permit persons to whom the Software is - * furnished to do so, under the terms of the COPYING file. - * - * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY - * KIND, either express or implied. - * - * SPDX-License-Identifier: curl - * - ***************************************************************************/ - -struct Curl_sec_client_mech { - const char *name; - size_t size; - int (*init)(void *); - int (*auth)(void *, struct Curl_easy *data, struct connectdata *); - void (*end)(void *); - int (*check_prot)(void *, int); - int (*encode)(void *, const void *, int, int, void **); - int (*decode)(void *, void *, int, int, struct connectdata *); -}; - -#define AUTH_OK 0 -#define AUTH_CONTINUE 1 -#define AUTH_ERROR 2 - -#if defined(HAVE_GSSAPI) && !defined(CURL_DISABLE_FTP) -void Curl_sec_conn_init(struct connectdata *); -void Curl_sec_conn_destroy(struct connectdata *); -int Curl_sec_read_msg(struct Curl_easy *data, struct connectdata *conn, char *, - enum protection_level); -CURLcode Curl_sec_login(struct Curl_easy *, struct connectdata *); -int Curl_sec_request_prot(struct connectdata *conn, const char *level); -#else -#define Curl_sec_conn_init(x) Curl_nop_stmt -#define Curl_sec_conn_destroy(x) Curl_nop_stmt -#endif - -#endif /* HEADER_CURL_KRB5_H */ diff --git a/lib/ftp.c b/lib/ftp.c index 1e2cd4d3cf..df94ea5e66 100644 --- a/lib/ftp.c +++ b/lib/ftp.c @@ -53,7 +53,6 @@ #include "fileinfo.h" #include "ftplistparser.h" #include "curl_range.h" -#include "curl_krb5.h" #include "strcase.h" #include "vtls/vtls.h" #include "cfilters.h" @@ -431,6 +430,9 @@ static const struct Curl_cwtype ftp_cw_lc = { #endif /* CURL_PREFER_LF_LINEENDS */ +static CURLcode getftpresponse(struct Curl_easy *data, ssize_t *nread, + int *ftpcode); + /*********************************************************************** * * ftp_check_ctrl_on_data_wait() @@ -450,7 +452,7 @@ static CURLcode ftp_check_ctrl_on_data_wait(struct Curl_easy *data, if(curlx_dyn_len(&pp->recvbuf) && (*curlx_dyn_ptr(&pp->recvbuf) > '3')) { /* Data connection could not be established, let's return */ infof(data, "There is negative response in cache while serv connect"); - (void)Curl_GetFTPResponse(data, &nread, &ftpcode); + (void)getftpresponse(data, &nread, &ftpcode); return CURLE_FTP_ACCEPT_FAILED; } @@ -496,7 +498,7 @@ static CURLcode ftp_check_ctrl_on_data_wait(struct Curl_easy *data, } } - (void)Curl_GetFTPResponse(data, &nread, &ftpcode); + (void)getftpresponse(data, &nread, &ftpcode); infof(data, "FTP code: %03d", ftpcode); @@ -578,28 +580,6 @@ static CURLcode ftp_readresp(struct Curl_easy *data, int code; CURLcode result = Curl_pp_readresp(data, sockindex, pp, &code, size); DEBUGASSERT(ftpcodep); -#ifdef HAVE_GSSAPI - { - struct connectdata *conn = data->conn; - char * const buf = curlx_dyn_ptr(&ftpc->pp.recvbuf); - - /* handle the security-oriented responses 6xx ***/ - switch(code) { - case 631: - code = Curl_sec_read_msg(data, conn, buf, PROT_SAFE); - break; - case 632: - code = Curl_sec_read_msg(data, conn, buf, PROT_PRIVATE); - break; - case 633: - code = Curl_sec_read_msg(data, conn, buf, PROT_CONFIDENTIAL); - break; - default: - /* normal ftp stuff we pass through! */ - break; - } - } -#endif /* store the latest code for later retrieval, except during shutdown */ if(!ftpc->shutdown) @@ -626,13 +606,14 @@ static CURLcode ftp_readresp(struct Curl_easy *data, /* --- parse FTP server responses --- */ /* - * Curl_GetFTPResponse() is a BLOCKING function to read the full response - * from a server after a command. + * getftpresponse() is a BLOCKING function to read the full response from a + * server after a command. * */ -CURLcode Curl_GetFTPResponse(struct Curl_easy *data, - ssize_t *nreadp, /* return number of bytes read */ - int *ftpcodep) /* return the ftp-code */ +static CURLcode getftpresponse(struct Curl_easy *data, + ssize_t *nreadp, /* return number of bytes + read */ + int *ftpcodep) /* return the ftp-code */ { /* * We cannot read just one byte per read() and then go back to select() as @@ -650,7 +631,7 @@ CURLcode Curl_GetFTPResponse(struct Curl_easy *data, int cache_skip = 0; DEBUGASSERT(ftpcodep); - CURL_TRC_FTP(data, "getFTPResponse start"); + CURL_TRC_FTP(data, "getftpresponse start"); *nreadp = 0; *ftpcodep = 0; /* 0 for errors */ @@ -733,7 +714,7 @@ CURLcode Curl_GetFTPResponse(struct Curl_easy *data, } /* while there is buffer left and loop is requested */ pp->pending_resp = FALSE; - CURL_TRC_FTP(data, "getFTPResponse -> result=%d, nread=%zd, ftpcode=%d", + CURL_TRC_FTP(data, "getftpresponse -> result=%d, nread=%zd, ftpcode=%d", result, *nreadp, *ftpcodep); return result; @@ -2814,25 +2795,6 @@ static CURLcode ftp_wait_resp(struct Curl_easy *data, return CURLE_WEIRD_SERVER_REPLY; } - /* We have received a 220 response fine, now we proceed. */ -#ifdef HAVE_GSSAPI - if(data->set.krb) { - /* If not anonymous login, try a secure login. Note that this - procedure is still BLOCKING. */ - - Curl_sec_request_prot(conn, "private"); - /* We set private first as default, in case the line below fails to - set a valid level */ - Curl_sec_request_prot(conn, data->set.str[STRING_KRB_LEVEL]); - - if(Curl_sec_login(data, conn)) { - failf(data, "secure login failed"); - return CURLE_WEIRD_SERVER_REPLY; - } - infof(data, "Authentication successful"); - } -#endif - if(data->set.use_ssl && !conn->bits.ftp_use_control_ssl) { /* We do not have an SSL/TLS control connection yet, but FTPS is requested. Try an FTPS connection now */ @@ -3403,7 +3365,7 @@ static CURLcode ftp_done(struct Curl_easy *data, CURLcode status, pp->response_time = 60*1000; /* give it only a minute for now */ pp->response = curlx_now(); /* timeout relative now */ - result = Curl_GetFTPResponse(data, &nread, &ftpcode); + result = getftpresponse(data, &nread, &ftpcode); pp->response_time = old_time; /* set this back to previous value */ @@ -3526,7 +3488,7 @@ CURLcode ftp_sendquote(struct Curl_easy *data, result = Curl_pp_sendf(data, &ftpc->pp, "%s", cmd); if(!result) { pp->response = curlx_now(); /* timeout relative now */ - result = Curl_GetFTPResponse(data, &nread, &ftpcode); + result = getftpresponse(data, &nread, &ftpcode); } if(result) return result; diff --git a/lib/ftp.h b/lib/ftp.h index aba1db7f2d..fdbb4b0539 100644 --- a/lib/ftp.h +++ b/lib/ftp.h @@ -35,9 +35,6 @@ extern const struct Curl_handler Curl_handler_ftp; extern const struct Curl_handler Curl_handler_ftps; #endif -CURLcode Curl_GetFTPResponse(struct Curl_easy *data, ssize_t *nread, - int *ftpcode); - bool ftp_conns_match(struct connectdata *needle, struct connectdata *conn); #endif /* CURL_DISABLE_FTP */ diff --git a/lib/krb5.c b/lib/krb5.c deleted file mode 100644 index b041d2f227..0000000000 --- a/lib/krb5.c +++ /dev/null @@ -1,953 +0,0 @@ -/* GSSAPI/krb5 support for FTP - loosely based on old krb4.c - * - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * Copyright (C) Daniel Stenberg - * All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. */ - -#include "curl_setup.h" - -#if defined(HAVE_GSSAPI) && !defined(CURL_DISABLE_FTP) - -#ifdef HAVE_NETDB_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif - -#include "urldata.h" -#include "url.h" -#include "cfilters.h" -#include "cf-socket.h" -#include "curlx/base64.h" -#include "ftp.h" -#include "curl_gssapi.h" -#include "sendf.h" -#include "transfer.h" -#include "curl_krb5.h" -#include "curlx/warnless.h" -#include "strdup.h" - -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" -#include "curl_memory.h" -#include "memdebug.h" - -#if defined(__GNUC__) && defined(__APPLE__) -#pragma GCC diagnostic push -#pragma GCC diagnostic ignored "-Wdeprecated-declarations" -#endif - -static CURLcode ftpsend(struct Curl_easy *data, struct connectdata *conn, - const char *cmd) -{ - size_t bytes_written; -#define SBUF_SIZE 1024 - char s[SBUF_SIZE]; - size_t write_len; - char *sptr = s; - CURLcode result = CURLE_OK; -#ifdef HAVE_GSSAPI - unsigned char data_sec = conn->data_prot; -#endif - - DEBUGASSERT(cmd); - - write_len = strlen(cmd); - if(!write_len || write_len > (sizeof(s) -3)) - return CURLE_BAD_FUNCTION_ARGUMENT; - - memcpy(&s, cmd, write_len); - strcpy(&s[write_len], "\r\n"); /* append a trailing CRLF */ - write_len += 2; - bytes_written = 0; - - for(;;) { -#ifdef HAVE_GSSAPI - conn->data_prot = PROT_CMD; -#endif - result = Curl_xfer_send(data, sptr, write_len, FALSE, &bytes_written); -#ifdef HAVE_GSSAPI - DEBUGASSERT(data_sec > PROT_NONE && data_sec < PROT_LAST); - conn->data_prot = data_sec; -#endif - - if(result) - break; - - Curl_debug(data, CURLINFO_HEADER_OUT, sptr, bytes_written); - - if(bytes_written != write_len) { - write_len -= bytes_written; - sptr += bytes_written; - } - else - break; - } - - return result; -} - -static int -krb5_init(void *app_data) -{ - gss_ctx_id_t *context = app_data; - /* Make sure our context is initialized for krb5_end. */ - *context = GSS_C_NO_CONTEXT; - return 0; -} - -static int -krb5_check_prot(void *app_data, int level) -{ - (void)app_data; - if(level == PROT_CONFIDENTIAL) - return -1; - return 0; -} - -static int -krb5_decode(void *app_data, void *buf, int len, - int level, struct connectdata *conn) -{ - gss_ctx_id_t *context = app_data; - OM_uint32 maj, min; - gss_buffer_desc enc, dec; - - (void)level; - (void)conn; - - enc.value = buf; - enc.length = len; - maj = gss_unwrap(&min, *context, &enc, &dec, NULL, NULL); - if(maj != GSS_S_COMPLETE) - return -1; - - memcpy(buf, dec.value, dec.length); - len = curlx_uztosi(dec.length); - gss_release_buffer(&min, &dec); - - return len; -} - -static int -krb5_encode(void *app_data, const void *from, int length, int level, void **to) -{ - gss_ctx_id_t *context = app_data; - gss_buffer_desc dec, enc; - OM_uint32 maj, min; - int state; - int len; - - /* NOTE that the cast is safe, neither of the krb5, gnu gss and heimdal - * libraries modify the input buffer in gss_wrap() - */ - dec.value = CURL_UNCONST(from); - dec.length = (size_t)length; - maj = gss_wrap(&min, *context, - level == PROT_PRIVATE, - GSS_C_QOP_DEFAULT, - &dec, &state, &enc); - - if(maj != GSS_S_COMPLETE) - return -1; - - /* malloc a new buffer, in case gss_release_buffer does not work as - expected */ - *to = malloc(enc.length); - if(!*to) - return -1; - memcpy(*to, enc.value, enc.length); - len = curlx_uztosi(enc.length); - gss_release_buffer(&min, &enc); - return len; -} - -static int -krb5_auth(void *app_data, struct Curl_easy *data, struct connectdata *conn) -{ - int ret = AUTH_OK; - char *p; - const char *host = conn->host.name; - ssize_t nread; - curl_socklen_t l = sizeof(conn->local_addr); - CURLcode result; - const char *service = data->set.str[STRING_SERVICE_NAME] ? - data->set.str[STRING_SERVICE_NAME] : - "ftp"; - const char *srv_host = "host"; - gss_buffer_desc input_buffer, output_buffer, *gssresp; - gss_buffer_desc _gssresp = GSS_C_EMPTY_BUFFER; - OM_uint32 maj, min; - gss_name_t gssname; - gss_ctx_id_t *context = app_data; - struct gss_channel_bindings_struct chan; - size_t base64_sz = 0; - const struct Curl_sockaddr_ex *remote_addr = - Curl_conn_get_remote_addr(data, FIRSTSOCKET); - struct sockaddr_in *remote_in_addr = remote_addr ? - (struct sockaddr_in *)CURL_UNCONST(&remote_addr->curl_sa_addr) : NULL; - char *stringp; - struct ftp_conn *ftpc = Curl_conn_meta_get(conn, CURL_META_FTP_CONN); - - if(!ftpc || !remote_in_addr) - return -2; - - if(getsockname(conn->sock[FIRSTSOCKET], - (struct sockaddr *)&conn->local_addr, &l) < 0) - perror("getsockname()"); - - chan.initiator_addrtype = GSS_C_AF_INET; - chan.initiator_address.length = l - 4; - chan.initiator_address.value = &conn->local_addr.sin_addr.s_addr; - chan.acceptor_addrtype = GSS_C_AF_INET; - chan.acceptor_address.length = l - 4; - chan.acceptor_address.value = &remote_in_addr->sin_addr.s_addr; - chan.application_data.length = 0; - chan.application_data.value = NULL; - - /* this loop will execute twice (once for service, once for host) */ - for(;;) { - /* this really should not be repeated here, but cannot help it */ - if(service == srv_host) { - result = ftpsend(data, conn, "AUTH GSSAPI"); - if(result) - return -2; - - if(Curl_GetFTPResponse(data, &nread, NULL)) - return -1; - else { - char *line = curlx_dyn_ptr(&ftpc->pp.recvbuf); - if(line[0] != '3') - return -1; - } - } - - stringp = aprintf("%s@%s", service, host); - if(!stringp) - return -2; - - input_buffer.value = stringp; - input_buffer.length = strlen(stringp); - maj = gss_import_name(&min, &input_buffer, GSS_C_NT_HOSTBASED_SERVICE, - &gssname); - free(stringp); - if(maj != GSS_S_COMPLETE) { - gss_release_name(&min, &gssname); - if(service == srv_host) { - failf(data, "Error importing service name %s@%s", service, host); - return AUTH_ERROR; - } - service = srv_host; - continue; - } - /* We pass NULL as |output_name_type| to avoid a leak. */ - gss_display_name(&min, gssname, &output_buffer, NULL); - infof(data, "Trying against %s", (char *)output_buffer.value); - gssresp = GSS_C_NO_BUFFER; - *context = GSS_C_NO_CONTEXT; - - do { - /* Release the buffer at each iteration to avoid leaking: the first time - we are releasing the memory from gss_display_name. The last item is - taken care by a final gss_release_buffer. */ - gss_release_buffer(&min, &output_buffer); - ret = AUTH_OK; - maj = Curl_gss_init_sec_context(data, - &min, - context, - gssname, - &Curl_krb5_mech_oid, - &chan, - gssresp, - &output_buffer, - TRUE, - NULL); - - if(gssresp) { - free(_gssresp.value); - gssresp = NULL; - } - - if(GSS_ERROR(maj)) { - infof(data, "Error creating security context"); - ret = AUTH_ERROR; - break; - } - - if(output_buffer.length) { - char *cmd; - - result = curlx_base64_encode((char *)output_buffer.value, - output_buffer.length, &p, &base64_sz); - if(result) { - infof(data, "base64-encoding: %s", curl_easy_strerror(result)); - ret = AUTH_ERROR; - break; - } - - cmd = aprintf("ADAT %s", p); - if(cmd) - result = ftpsend(data, conn, cmd); - else - result = CURLE_OUT_OF_MEMORY; - - free(p); - free(cmd); - - if(result) { - ret = -2; - break; - } - - if(Curl_GetFTPResponse(data, &nread, NULL)) { - ret = -1; - break; - } - else { - size_t len = curlx_dyn_len(&ftpc->pp.recvbuf); - p = curlx_dyn_ptr(&ftpc->pp.recvbuf); - if((len < 4) || (p[0] != '2' && p[0] != '3')) { - infof(data, "Server did not accept auth data"); - ret = AUTH_ERROR; - break; - } - } - - _gssresp.value = NULL; /* make sure it is initialized */ - _gssresp.length = 0; - p += 4; /* over '789 ' */ - p = strstr(p, "ADAT="); - if(p) { - unsigned char *outptr; - size_t outlen; - result = curlx_base64_decode(p + 5, &outptr, &outlen); - if(result) { - failf(data, "base64-decoding: %s", curl_easy_strerror(result)); - ret = AUTH_CONTINUE; - break; - } - _gssresp.value = outptr; - _gssresp.length = outlen; - } - - gssresp = &_gssresp; - } - } while(maj == GSS_S_CONTINUE_NEEDED); - - gss_release_name(&min, &gssname); - gss_release_buffer(&min, &output_buffer); - - if(gssresp) - free(_gssresp.value); - - if(ret == AUTH_OK || service == srv_host) - break; - - service = srv_host; - } - return ret; -} - -static void krb5_end(void *app_data) -{ - OM_uint32 min; - gss_ctx_id_t *context = app_data; - if(*context != GSS_C_NO_CONTEXT) { - OM_uint32 maj = Curl_gss_delete_sec_context(&min, context, - GSS_C_NO_BUFFER); - (void)maj; - DEBUGASSERT(maj == GSS_S_COMPLETE); - } -} - -static const struct Curl_sec_client_mech Curl_krb5_client_mech = { - "GSSAPI", - sizeof(gss_ctx_id_t), - krb5_init, - krb5_auth, - krb5_end, - krb5_check_prot, - - krb5_encode, - krb5_decode -}; - -static const struct { - unsigned char level; - const char *name; -} level_names[] = { - { PROT_CLEAR, "clear" }, - { PROT_SAFE, "safe" }, - { PROT_CONFIDENTIAL, "confidential" }, - { PROT_PRIVATE, "private" } -}; - -static unsigned char name_to_level(const char *name) -{ - int i; - for(i = 0; i < (int)sizeof(level_names)/(int)sizeof(level_names[0]); i++) - if(curl_strequal(name, level_names[i].name)) - return level_names[i].level; - return PROT_NONE; -} - -/* Convert a protocol |level| to its char representation. - We take an int to catch programming mistakes. */ -static char level_to_char(int level) -{ - switch(level) { - case PROT_CLEAR: - return 'C'; - case PROT_SAFE: - return 'S'; - case PROT_CONFIDENTIAL: - return 'E'; - case PROT_PRIVATE: - return 'P'; - case PROT_CMD: - default: - /* Those 2 cases should not be reached! */ - break; - } - DEBUGASSERT(0); - /* Default to the most secure alternative. */ - return 'P'; -} - -/* Send an FTP command defined by |message| and the optional arguments. The - function returns the ftp_code. If an error occurs, -1 is returned. */ -static int ftp_send_command(struct Curl_easy *data, const char *message, ...) - CURL_PRINTF(2, 3); - -static int ftp_send_command(struct Curl_easy *data, const char *message, ...) -{ - int ftp_code; - ssize_t nread = 0; - va_list args; - char print_buffer[50]; - - va_start(args, message); - mvsnprintf(print_buffer, sizeof(print_buffer), message, args); - va_end(args); - - if(ftpsend(data, data->conn, print_buffer)) { - ftp_code = -1; - } - else { - if(Curl_GetFTPResponse(data, &nread, &ftp_code)) - ftp_code = -1; - } - - (void)nread; - return ftp_code; -} - -/* Read |len| from the socket |fd| and store it in |to|. Return a CURLcode - saying whether an error occurred or CURLE_OK if |len| was read. */ -static CURLcode -socket_read(struct Curl_easy *data, int sockindex, void *to, size_t len) -{ - char *to_p = to; - CURLcode result; - size_t nread = 0; - - while(len > 0) { - result = Curl_conn_recv(data, sockindex, to_p, len, &nread); - if(result == CURLE_AGAIN) - continue; - if(result) - return result; - if(nread > len) - return CURLE_RECV_ERROR; - len -= nread; - to_p += nread; - } - return CURLE_OK; -} - - -/* Write |len| bytes from the buffer |to| to the socket |fd|. Return a - CURLcode saying whether an error occurred or CURLE_OK if |len| was - written. */ -static CURLcode -socket_write(struct Curl_easy *data, int sockindex, const void *to, - size_t len) -{ - const char *to_p = to; - CURLcode result; - size_t written; - - while(len > 0) { - result = Curl_conn_send(data, sockindex, to_p, len, FALSE, &written); - if(!result && written > 0) { - len -= written; - to_p += written; - } - else { - if(result == CURLE_AGAIN) - continue; - return result; - } - } - return CURLE_OK; -} - -static CURLcode krb5_read_data(struct Curl_easy *data, int sockindex, - struct krb5buffer *buf) -{ - struct connectdata *conn = data->conn; - int len; - CURLcode result; - int nread; - - result = socket_read(data, sockindex, &len, sizeof(len)); - if(result) - return result; - - if(len) { - len = (int)ntohl((uint32_t)len); - if(len > CURL_MAX_INPUT_LENGTH) - return CURLE_TOO_LARGE; - - curlx_dyn_reset(&buf->buf); - } - else - return CURLE_RECV_ERROR; - - do { - char buffer[1024]; - nread = CURLMIN(len, (int)sizeof(buffer)); - result = socket_read(data, sockindex, buffer, (size_t)nread); - if(result) - return result; - result = curlx_dyn_addn(&buf->buf, buffer, nread); - if(result) - return result; - len -= nread; - } while(len); - /* this decodes the dynbuf *in place* */ - nread = conn->mech->decode(conn->app_data, - curlx_dyn_ptr(&buf->buf), - len, conn->data_prot, conn); - if(nread < 0) - return CURLE_RECV_ERROR; - curlx_dyn_setlen(&buf->buf, nread); - buf->index = 0; - return CURLE_OK; -} - -static size_t -buffer_read(struct krb5buffer *buf, void *data, size_t len) -{ - size_t size = curlx_dyn_len(&buf->buf); - if(size - buf->index < len) - len = size - buf->index; - memcpy(data, curlx_dyn_ptr(&buf->buf) + buf->index, len); - buf->index += len; - return len; -} - -/* Matches Curl_recv signature */ -static CURLcode sec_recv(struct Curl_easy *data, int sockindex, - char *buffer, size_t len, size_t *pnread) -{ - struct connectdata *conn = data->conn; - CURLcode result = CURLE_OK; - size_t bytes_read; - - /* Handle clear text response. */ - if(conn->sec_complete == 0 || conn->data_prot == PROT_CLEAR) - return Curl_conn_recv(data, sockindex, buffer, len, pnread); - - if(conn->in_buffer.eof_flag) { - conn->in_buffer.eof_flag = 0; - *pnread = 0; - return CURLE_OK; - } - - bytes_read = buffer_read(&conn->in_buffer, buffer, len); - buffer += bytes_read; - len -= bytes_read; - *pnread += bytes_read; - - while(len > 0) { - result = krb5_read_data(data, sockindex, &conn->in_buffer); - if(result) - return result; - if(curlx_dyn_len(&conn->in_buffer.buf) == 0) { - if(*pnread > 0) - conn->in_buffer.eof_flag = 1; - return result; - } - bytes_read = buffer_read(&conn->in_buffer, buffer, len); - buffer += bytes_read; - len -= bytes_read; - *pnread += bytes_read; - } - return result; -} - -/* Send |length| bytes from |from| to the |sockindex| socket taking care of - encoding and negotiating with the server. |from| can be NULL. */ -static CURLcode do_sec_send(struct Curl_easy *data, struct connectdata *conn, - int sockindex, const char *from, size_t length) -{ - int bytes, htonl_bytes; /* 32-bit integers for htonl */ - char *buffer = NULL; - char *cmd_buffer; - size_t cmd_size = 0; - enum protection_level prot_level = conn->data_prot; - bool iscmd = (prot_level == PROT_CMD); - CURLcode result = CURLE_OK; - - DEBUGASSERT(prot_level > PROT_NONE && prot_level < PROT_LAST); - - if(iscmd) { - if(!strncmp(from, "PASS ", 5) || !strncmp(from, "ACCT ", 5)) - prot_level = PROT_PRIVATE; - else - prot_level = conn->command_prot; - } - bytes = conn->mech->encode(conn->app_data, from, (int)length, - (int)prot_level, (void **)&buffer); - if(!buffer || bytes <= 0) - return CURLE_OUT_OF_MEMORY; /* error */ - - if(iscmd) { - result = curlx_base64_encode(buffer, curlx_sitouz(bytes), - &cmd_buffer, &cmd_size); - if(result) { - free(buffer); - return result; /* error */ - } - if(cmd_size > 0) { - static const char *enc = "ENC "; - static const char *mic = "MIC "; - if(prot_level == PROT_PRIVATE) - result = socket_write(data, sockindex, enc, 4); - else - result = socket_write(data, sockindex, mic, 4); - if(!result) - result = socket_write(data, sockindex, cmd_buffer, cmd_size); - if(!result) - result = socket_write(data, sockindex, "\r\n", 2); - if(!result) - infof(data, "Send: %s%s", prot_level == PROT_PRIVATE ? enc : mic, - cmd_buffer); - } - free(cmd_buffer); - } - else { - htonl_bytes = (int)htonl((OM_uint32)bytes); - result = socket_write(data, sockindex, &htonl_bytes, sizeof(htonl_bytes)); - if(!result) - result = socket_write(data, sockindex, buffer, curlx_sitouz(bytes)); - } - free(buffer); - return result; -} - -static CURLcode sec_write(struct Curl_easy *data, int sockindex, - const char *buffer, size_t length, - size_t *pnwritten) -{ - struct connectdata *conn = data->conn; - size_t len = conn->buffer_size; - - *pnwritten = 0; - if(len <= 0) - len = length; - while(length) { - CURLcode result; - if(length < len) - len = length; - - result = do_sec_send(data, conn, sockindex, buffer, len); - if(result) - return result; - length -= len; - buffer += len; - *pnwritten += len; - } - return CURLE_OK; -} - -/* Matches Curl_send signature */ -static CURLcode sec_send(struct Curl_easy *data, int sockindex, - const void *buffer, size_t len, bool eos, - size_t *pnwritten) -{ - (void)eos; - return sec_write(data, sockindex, buffer, len, pnwritten); -} - -int Curl_sec_read_msg(struct Curl_easy *data, struct connectdata *conn, - char *buffer, enum protection_level level) -{ - /* decoded_len should be size_t or ssize_t but conn->mech->decode returns an - int */ - int decoded_len; - char *buf; - int ret_code = 0; - size_t decoded_sz = 0; - CURLcode error; - - (void)data; - - if(!conn->mech) - /* not initialized, return error */ - return -1; - - DEBUGASSERT(level > PROT_NONE && level < PROT_LAST); - - error = curlx_base64_decode(buffer + 4, (unsigned char **)&buf, &decoded_sz); - if(error || decoded_sz == 0) - return -1; - - if(decoded_sz > (size_t)INT_MAX) { - free(buf); - return -1; - } - decoded_len = curlx_uztosi(decoded_sz); - - decoded_len = conn->mech->decode(conn->app_data, buf, decoded_len, - (int)level, conn); - if(decoded_len <= 0) { - free(buf); - return -1; - } - - { - buf[decoded_len] = '\n'; - Curl_debug(data, CURLINFO_HEADER_IN, buf, decoded_len + 1); - } - - buf[decoded_len] = '\0'; - if(decoded_len <= 3) - /* suspiciously short */ - return 0; - - if(buf[3] != '-') - ret_code = atoi(buf); - - if(buf[decoded_len - 1] == '\n') - buf[decoded_len - 1] = '\0'; - strcpy(buffer, buf); - free(buf); - return ret_code; -} - -static int sec_set_protection_level(struct Curl_easy *data) -{ - int code; - struct connectdata *conn = data->conn; - unsigned char level = conn->request_data_prot; - - DEBUGASSERT(level > PROT_NONE && level < PROT_LAST); - - if(!conn->sec_complete) { - infof(data, "Trying to change the protection level after the" - " completion of the data exchange."); - return -1; - } - - /* Bail out if we try to set up the same level */ - if(conn->data_prot == level) - return 0; - - if(level) { - char *pbsz; - unsigned int buffer_size = 1 << 20; /* 1048576 */ - struct ftp_conn *ftpc = Curl_conn_meta_get(conn, CURL_META_FTP_CONN); - char *line; - - if(!ftpc) - return -2; - - code = ftp_send_command(data, "PBSZ %u", buffer_size); - if(code < 0) - return -1; - - if(code/100 != 2) { - failf(data, "Failed to set the protection's buffer size."); - return -1; - } - conn->buffer_size = buffer_size; - - line = curlx_dyn_ptr(&ftpc->pp.recvbuf); - pbsz = strstr(line, "PBSZ="); - if(pbsz) { - /* stick to default value if the check fails */ - if(ISDIGIT(pbsz[5])) - buffer_size = (unsigned int)atoi(&pbsz[5]); - if(buffer_size < conn->buffer_size) - conn->buffer_size = buffer_size; - } - } - - /* Now try to negotiate the protection level. */ - code = ftp_send_command(data, "PROT %c", level_to_char(level)); - - if(code < 0) - return -1; - - if(code/100 != 2) { - failf(data, "Failed to set the protection level."); - return -1; - } - - conn->data_prot = level; - if(level == PROT_PRIVATE) - conn->command_prot = level; - - return 0; -} - -int -Curl_sec_request_prot(struct connectdata *conn, const char *level) -{ - unsigned char l = name_to_level(level); - if(l == PROT_NONE) - return -1; - DEBUGASSERT(l > PROT_NONE && l < PROT_LAST); - conn->request_data_prot = l; - return 0; -} - -static CURLcode choose_mech(struct Curl_easy *data, struct connectdata *conn) -{ - int ret; - void *tmp_allocation; - const struct Curl_sec_client_mech *mech = &Curl_krb5_client_mech; - - tmp_allocation = realloc(conn->app_data, mech->size); - if(!tmp_allocation) { - failf(data, "Failed realloc of size %zu", mech->size); - mech = NULL; - return CURLE_OUT_OF_MEMORY; - } - conn->app_data = tmp_allocation; - - if(mech->init) { - ret = mech->init(conn->app_data); - if(ret) { - infof(data, "Failed initialization for %s. Skipping it.", - mech->name); - return CURLE_FAILED_INIT; - } - } - - infof(data, "Trying mechanism %s...", mech->name); - ret = ftp_send_command(data, "AUTH %s", mech->name); - if(ret < 0) - return CURLE_COULDNT_CONNECT; - - if(ret/100 != 3) { - switch(ret) { - case 504: - infof(data, "Mechanism %s is not supported by the server (server " - "returned ftp code: 504).", mech->name); - break; - case 534: - infof(data, "Mechanism %s was rejected by the server (server returned " - "ftp code: 534).", mech->name); - break; - default: - if(ret/100 == 5) { - infof(data, "server does not support the security extensions"); - return CURLE_USE_SSL_FAILED; - } - break; - } - return CURLE_LOGIN_DENIED; - } - - /* Authenticate */ - ret = mech->auth(conn->app_data, data, conn); - - if(ret != AUTH_CONTINUE) { - if(ret != AUTH_OK) { - /* Mechanism has dumped the error to stderr, do not error here. */ - return CURLE_USE_SSL_FAILED; - } - DEBUGASSERT(ret == AUTH_OK); - - conn->mech = mech; - conn->sec_complete = 1; - conn->recv[FIRSTSOCKET] = sec_recv; - conn->send[FIRSTSOCKET] = sec_send; - conn->recv[SECONDARYSOCKET] = sec_recv; - conn->send[SECONDARYSOCKET] = sec_send; - conn->command_prot = PROT_SAFE; - /* Set the requested protection level */ - /* BLOCKING */ - (void)sec_set_protection_level(data); - } - - return CURLE_OK; -} - -CURLcode -Curl_sec_login(struct Curl_easy *data, struct connectdata *conn) -{ - return choose_mech(data, conn); -} - -void -Curl_sec_conn_init(struct connectdata *conn) -{ - curlx_dyn_init(&conn->in_buffer.buf, CURL_MAX_INPUT_LENGTH); - conn->in_buffer.index = 0; - conn->in_buffer.eof_flag = 0; -} - -void -Curl_sec_conn_destroy(struct connectdata *conn) -{ - if(conn->mech && conn->mech->end) - conn->mech->end(conn->app_data); - Curl_safefree(conn->app_data); - curlx_dyn_free(&conn->in_buffer.buf); - conn->in_buffer.index = 0; - conn->in_buffer.eof_flag = 0; - conn->sec_complete = 0; - conn->data_prot = PROT_CLEAR; - conn->mech = NULL; -} - -#if defined(__GNUC__) && defined(__APPLE__) -#pragma GCC diagnostic pop -#endif - -#endif /* HAVE_GSSAPI && !CURL_DISABLE_FTP */ diff --git a/lib/pingpong.c b/lib/pingpong.c index 003ad58441..195e059ed1 100644 --- a/lib/pingpong.c +++ b/lib/pingpong.c @@ -182,10 +182,6 @@ CURLcode Curl_pp_vsendf(struct Curl_easy *data, CURLcode result; struct connectdata *conn = data->conn; -#ifdef HAVE_GSSAPI - enum protection_level data_sec; -#endif - DEBUGASSERT(pp->sendleft == 0); DEBUGASSERT(pp->sendsize == 0); DEBUGASSERT(pp->sendthis == NULL); @@ -208,9 +204,6 @@ CURLcode Curl_pp_vsendf(struct Curl_easy *data, write_len = curlx_dyn_len(&pp->sendbuf); s = curlx_dyn_ptr(&pp->sendbuf); -#ifdef HAVE_GSSAPI - conn->data_prot = PROT_CMD; -#endif result = Curl_conn_send(data, FIRSTSOCKET, s, write_len, FALSE, &bytes_written); if(result == CURLE_AGAIN) { @@ -218,11 +211,6 @@ CURLcode Curl_pp_vsendf(struct Curl_easy *data, } else if(result) return result; -#ifdef HAVE_GSSAPI - data_sec = conn->data_prot; - DEBUGASSERT(data_sec > PROT_NONE && data_sec < PROT_LAST); - conn->data_prot = (unsigned char)data_sec; -#endif Curl_debug(data, CURLINFO_HEADER_OUT, s, bytes_written); @@ -272,17 +260,7 @@ static CURLcode pingpong_read(struct Curl_easy *data, size_t buflen, size_t *nread) { - CURLcode result; -#ifdef HAVE_GSSAPI - enum protection_level prot = data->conn->data_prot; - data->conn->data_prot = PROT_CLEAR; -#endif - result = Curl_conn_recv(data, sockindex, buffer, buflen, nread); -#ifdef HAVE_GSSAPI - DEBUGASSERT(prot > PROT_NONE && prot < PROT_LAST); - data->conn->data_prot = (unsigned char)prot; -#endif - return result; + return Curl_conn_recv(data, sockindex, buffer, buflen, nread); } /* @@ -348,10 +326,7 @@ CURLcode Curl_pp_readresp(struct Curl_easy *data, size_t length = nl - line + 1; /* output debug output if that is requested */ -#ifdef HAVE_GSSAPI - if(!conn->sec_complete) -#endif - Curl_debug(data, CURLINFO_HEADER_IN, line, length); + Curl_debug(data, CURLINFO_HEADER_IN, line, length); /* * Pass all response-lines to the callback function registered for diff --git a/lib/setopt.c b/lib/setopt.c index d958c5492a..3f628c443c 100644 --- a/lib/setopt.c +++ b/lib/setopt.c @@ -1967,15 +1967,8 @@ static CURLcode setopt_cptr(struct Curl_easy *data, CURLoption option, case CURLOPT_FTP_ALTERNATIVE_TO_USER: return Curl_setstropt(&s->str[STRING_FTP_ALTERNATIVE_TO_USER], ptr); -#ifdef HAVE_GSSAPI case CURLOPT_KRBLEVEL: - /* - * A string that defines the kerberos security level. - */ - result = Curl_setstropt(&s->str[STRING_KRB_LEVEL], ptr); - s->krb = !!(s->str[STRING_KRB_LEVEL]); - break; -#endif + return CURLE_NOT_BUILT_IN; /* removed in 8.17.0 */ #endif case CURLOPT_URL: /* diff --git a/lib/url.c b/lib/url.c index 3f792ec765..a03a111995 100644 --- a/lib/url.c +++ b/lib/url.c @@ -98,7 +98,6 @@ #include "hsts.h" #include "noproxy.h" #include "cfilters.h" -#include "curl_krb5.h" #include "idn.h" /* And now for the protocols */ @@ -606,7 +605,6 @@ void Curl_conn_free(struct Curl_easy *data, struct connectdata *conn) Curl_safefree(conn->http_proxy.host.rawalloc); /* http proxy name buffer */ Curl_safefree(conn->socks_proxy.host.rawalloc); /* socks proxy name buffer */ #endif - Curl_sec_conn_destroy(conn); Curl_safefree(conn->user); Curl_safefree(conn->passwd); Curl_safefree(conn->sasl_authzid); @@ -1455,10 +1453,6 @@ static struct connectdata *allocate_conn(struct Curl_easy *data) /* Initialize the attached xfers bitset */ Curl_uint_spbset_init(&conn->xfers_attached); -#ifdef HAVE_GSSAPI - conn->data_prot = PROT_CLEAR; -#endif - /* Store the local bind parameters that will be used for this connection */ if(data->set.str[STRING_DEVICE]) { conn->localdev = strdup(data->set.str[STRING_DEVICE]); @@ -3473,10 +3467,7 @@ static CURLcode create_conn(struct Curl_easy *data, /* Do the unfailable inits first, before checks that may early return */ Curl_hash_init(&conn->meta_hash, 23, - Curl_hash_str, curlx_str_key_compare, conn_meta_freeentry); - - /* GSSAPI related inits */ - Curl_sec_conn_init(conn); + Curl_hash_str, curlx_str_key_compare, conn_meta_freeentry); result = parseurlandfillconn(data, conn); if(result) diff --git a/lib/urldata.h b/lib/urldata.h index 4f00c8c9a0..b2e83c4a0e 100644 --- a/lib/urldata.h +++ b/lib/urldata.h @@ -234,25 +234,6 @@ typedef CURLcode (Curl_recv)(struct Curl_easy *data, /* transfer */ ((x) && ((x)->magic == CURLEASY_MAGIC_NUMBER)) #endif -#ifdef HAVE_GSSAPI -/* Types needed for krb5-ftp connections */ -struct krb5buffer { - struct dynbuf buf; - size_t index; - BIT(eof_flag); -}; - -enum protection_level { - PROT_NONE, /* first in list */ - PROT_CLEAR, - PROT_SAFE, - PROT_CONFIDENTIAL, - PROT_PRIVATE, - PROT_CMD, - PROT_LAST /* last in list */ -}; -#endif - /* SSL backend-specific data; declared differently by each SSL backend */ struct ssl_backend_data; struct Curl_ssl_scache_entry; @@ -703,20 +684,6 @@ struct connectdata { was used on this connection. */ struct curltime keepalive; - /**** curl_get() phase fields */ - -#ifdef HAVE_GSSAPI - BIT(sec_complete); /* if Kerberos is enabled for this connection */ - unsigned char command_prot; /* enum protection_level */ - unsigned char data_prot; /* enum protection_level */ - unsigned char request_data_prot; /* enum protection_level */ - size_t buffer_size; - struct krb5buffer in_buffer; - void *app_data; - const struct Curl_sec_client_mech *mech; - struct sockaddr_in local_addr; -#endif - struct uint_spbset xfers_attached; /* mids of attached transfers */ /* A connection cache from a SHARE might be used in several multi handles. * We MUST not reuse connections that are running in another multi, @@ -1239,9 +1206,6 @@ enum dupstring { STRING_FTP_ALTERNATIVE_TO_USER, /* command to send if USER/PASS fails */ STRING_FTPPORT, /* port to send with the FTP PORT command */ #endif -#ifdef HAVE_GSSAPI - STRING_KRB_LEVEL, /* krb security level */ -#endif #ifndef CURL_DISABLE_NETRC STRING_NETRC_FILE, /* if not NULL, use this instead of trying to find $HOME/.netrc */ @@ -1604,9 +1568,6 @@ struct UserDefined { location: */ BIT(opt_no_body); /* as set with CURLOPT_NOBODY */ BIT(verbose); /* output verbosity */ -#ifdef HAVE_GSSAPI - BIT(krb); /* Kerberos connection requested */ -#endif BIT(reuse_forbid); /* forbidden to be reused, close after use */ BIT(reuse_fresh); /* do not reuse an existing connection */ BIT(no_signal); /* do not use any signal/alarm handler */ diff --git a/src/config2setopts.c b/src/config2setopts.c index e8f4b0a407..533fe992d3 100644 --- a/src/config2setopts.c +++ b/src/config2setopts.c @@ -973,7 +973,6 @@ CURLcode config2setopts(struct OperationConfig *config, customrequest_helper(config->httpreq, config->customrequest); my_setopt(curl, CURLOPT_STDERR, tool_stderr); my_setopt_str(curl, CURLOPT_INTERFACE, config->iface); - my_setopt_str(curl, CURLOPT_KRBLEVEL, config->krblevel); progressbarinit(&per->progressbar, config); my_setopt_str(curl, CURLOPT_DNS_SERVERS, config->dns_servers); my_setopt_str(curl, CURLOPT_DNS_INTERFACE, config->dns_interface); diff --git a/src/tool_getparam.c b/src/tool_getparam.c index 43d30778de..d7bdadb5d6 100644 --- a/src/tool_getparam.c +++ b/src/tool_getparam.c @@ -196,8 +196,8 @@ static const struct LongShort aliases[]= { {"keepalive-time", ARG_STRG, ' ', C_KEEPALIVE_TIME}, {"key", ARG_FILE, ' ', C_KEY}, {"key-type", ARG_STRG|ARG_TLS, ' ', C_KEY_TYPE}, - {"krb", ARG_STRG, ' ', C_KRB}, - {"krb4", ARG_STRG, ' ', C_KRB4}, + {"krb", ARG_STRG|ARG_DEPR, ' ', C_KRB}, + {"krb4", ARG_STRG|ARG_DEPR, ' ', C_KRB4}, {"libcurl", ARG_STRG, ' ', C_LIBCURL}, {"limit-rate", ARG_STRG, ' ', C_LIMIT_RATE}, {"list-only", ARG_BOOL, 'l', C_LIST_ONLY}, @@ -2371,13 +2371,6 @@ static ParameterError opt_string(struct OperationConfig *config, /* interface */ err = getstr(&config->iface, nextarg, DENY_BLANK); break; - case C_KRB: /* --krb */ - /* kerberos level string */ - if(!feature_spnego) - err = PARAM_LIBCURL_DOESNT_SUPPORT; - else - err = getstr(&config->krblevel, nextarg, DENY_BLANK); - break; case C_HAPROXY_CLIENTIP: /* --haproxy-clientip */ err = getstr(&config->haproxy_clientip, nextarg, DENY_BLANK); break; diff --git a/src/tool_listhelp.c b/src/tool_listhelp.c index ecbd8bf459..bd72dbe15c 100644 --- a/src/tool_listhelp.c +++ b/src/tool_listhelp.c @@ -343,7 +343,7 @@ const struct helptxt helptext[] = { CURLHELP_TLS}, {" --krb ", "Enable Kerberos with security ", - CURLHELP_FTP}, + CURLHELP_DEPRECATED}, {" --libcurl ", "Generate libcurl code for this command line", CURLHELP_CURL | CURLHELP_GLOBAL}, diff --git a/tests/data/test1282 b/tests/data/test1282 index f57275187f..a54166be96 100644 --- a/tests/data/test1282 +++ b/tests/data/test1282 @@ -18,11 +18,8 @@ REPLY PASS 633 XXXXXXXX\x00\x00XXXXXXXX ftp - -GSS-API - -FTP with 633 response before gss initialized +FTP with 633 response to auth ftp://%HOSTIP:%FTPPORT/%TESTNUMBER From 3dad0cfd779413866a2a0a8353ee9a98212673f8 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 8 Sep 2025 00:18:52 +0200 Subject: [PATCH 0112/2408] write-out: make %header{} able to output *all* occurances of a header By appending `:all:[separator]` to the header name. The `[separator]` string is output between each header value if there are more than one to output. Test 764 and 765 verify Idea-by: kapsiR on github Ref: #18449 Closes #18491 --- docs/cmdline-opts/write-out.md | 8 +++ src/tool_writeout.c | 122 ++++++++++++++++++++++++++++----- tests/data/Makefile.am | 2 +- tests/data/test764 | 67 ++++++++++++++++++ tests/data/test765 | 67 ++++++++++++++++++ 5 files changed, 249 insertions(+), 17 deletions(-) create mode 100644 tests/data/test764 create mode 100644 tests/data/test765 diff --git a/docs/cmdline-opts/write-out.md b/docs/cmdline-opts/write-out.md index b365eeb22d..9946349c15 100644 --- a/docs/cmdline-opts/write-out.md +++ b/docs/cmdline-opts/write-out.md @@ -93,6 +93,14 @@ The value of header `name` from the transfer's most recent server response. Unlike other variables, the variable name `header` is not in braces. For example `%header{date}`. Refer to --write-out remarks. (Added in 7.84.0) +Starting with 8.17.0, output the contents of *all* header fields using a +specific name - even for a whole redirect "chain" by appending +`:all:[separator]` to the header name. The `[separator]` string (if not blank) +is output between the headers if there are more than one. When more than one +header is shown, they are output in the chronological order of appearance over +the wire. To include a close brace (`}`) in the separator, escape it with a +backslash: `\}`. + ## `header_json` A JSON object with all HTTP response headers from the recent transfer. Values are provided as arrays, since in the case of multiple headers there can be diff --git a/src/tool_writeout.c b/src/tool_writeout.c index 225cf91fd4..cdde28c909 100644 --- a/src/tool_writeout.c +++ b/src/tool_writeout.c @@ -615,6 +615,111 @@ static const char *outtime(const char *ptr, /* %time{ ... */ return ptr; } +static void separator(const char *sep, size_t seplen, FILE *stream) +{ + while(seplen) { + if(*sep == '\\') { + switch(sep[1]) { + case 'r': + fputc('\r', stream); + break; + case 'n': + fputc('\n', stream); + break; + case 't': + fputc('\t', stream); + break; + case '}': + fputc('}', stream); + break; + case '\0': + break; + default: + /* unknown, just output this */ + fputc(sep[0], stream); + fputc(sep[1], stream); + break; + } + sep += 2; + seplen -= 2; + } + else { + fputc(*sep, stream); + sep++; + seplen--; + } + } +} + +static void output_header(struct per_transfer *per, + FILE *stream, + const char **pptr) +{ + const char *ptr = *pptr; + const char *end; + end = strchr(ptr, '}'); + do { + if(!end || (end[-1] != '\\')) + break; + end = strchr(&end[1], '}'); + } while(end); + if(end) { + char hname[256]; /* holds the longest header field name */ + struct curl_header *header; + const char *instr; + const char *sep = NULL; + size_t seplen = 0; + size_t vlen = end - ptr; + instr = memchr(ptr, ':', vlen); + if(instr) { + /* instructions follow */ + if(!strncmp(&instr[1], "all:", 4)) { + sep = &instr[5]; + seplen = end - sep; + vlen -= (seplen + 5); + } + } + if(vlen < sizeof(hname)) { + memcpy(hname, ptr, vlen); + hname[vlen] = 0; + if(sep) { + /* get headers from all requests */ + int reqno = 0; + size_t indno = 0; + bool output = FALSE; + do { + if(CURLHE_OK == curl_easy_header(per->curl, hname, indno, + CURLH_HEADER, reqno, + &header)) { + if(output) + /* output separator */ + separator(sep, seplen, stream); + fputs(header->value, stream); + output = TRUE; + } + else + break; + if((header->index + 1) < header->amount) + indno++; + else { + ++reqno; + indno = 0; + } + } while(1); + } + else { + if(CURLHE_OK == curl_easy_header(per->curl, hname, 0, + CURLH_HEADER, -1, &header)) + fputs(header->value, stream); + } + } + ptr = end + 1; + } + else + fputs("%header{", stream); + *pptr = ptr; +} + void ourWriteOut(struct OperationConfig *config, struct per_transfer *per, CURLcode per_result) { @@ -699,22 +804,7 @@ void ourWriteOut(struct OperationConfig *config, struct per_transfer *per, } else if(!strncmp("header{", &ptr[1], 7)) { ptr += 8; - end = strchr(ptr, '}'); - if(end) { - char hname[256]; /* holds the longest header field name */ - struct curl_header *header; - vlen = end - ptr; - if(vlen < sizeof(hname)) { - memcpy(hname, ptr, vlen); - hname[vlen] = 0; - if(CURLHE_OK == curl_easy_header(per->curl, hname, 0, - CURLH_HEADER, -1, &header)) - fputs(header->value, stream); - } - ptr = end + 1; - } - else - fputs("%header{", stream); + output_header(per, stream, &ptr); } else if(!strncmp("time{", &ptr[1], 5)) { ptr = outtime(ptr, stream); diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am index dfff012257..854791fba0 100644 --- a/tests/data/Makefile.am +++ b/tests/data/Makefile.am @@ -109,7 +109,7 @@ test727 test728 test729 test730 test731 test732 test733 test734 test735 \ test736 test737 test738 test739 test740 test741 test742 test743 test744 \ test745 test746 test747 test748 test749 test750 test751 test752 test753 \ test754 test755 test756 test757 test758 test759 test760 test761 test762 \ -test763 \ +test763 test764 test765 \ \ test780 test781 test782 test783 test784 test785 test786 test787 test788 \ test789 test790 test791 test792 test793 test794 test796 test797 \ diff --git a/tests/data/test764 b/tests/data/test764 new file mode 100644 index 0000000000..dd138e1084 --- /dev/null +++ b/tests/data/test764 @@ -0,0 +1,67 @@ + + + +HTTP +HTTP GET +-w +%header + + + +# +# Server-side + + +HTTP/1.1 301 Redirect +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +This: one +This: two +Content-Length: 6 +Location: %TESTNUMBER0002 +Content-Type: text/html +Funny-head: yesyes + +-foo- + + +HTTP/1.1 200 Not a redirect +Accept-Ranges: bytes +This: three +This: four +Content-Length: 6 +Funny-head: yesyes + +-foo- + + + + +# +# Client-side + + +headers-api + + +http + + +-w with multiple header output + + +http://%HOSTIP:%HTTPPORT/%TESTNUMBER -L -w '%header{this:all:***}\n' -o %LOGDIR/%TESTNUMBER.out + + + +# +# Verify data after the test has been "shot" + + +one***two***three***four + + + diff --git a/tests/data/test765 b/tests/data/test765 new file mode 100644 index 0000000000..2a868620c8 --- /dev/null +++ b/tests/data/test765 @@ -0,0 +1,67 @@ + + + +HTTP +HTTP GET +-w +%header + + + +# +# Server-side + + +HTTP/1.1 301 Redirect +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +This: one +This: two +Content-Length: 6 +Location: %TESTNUMBER0002 +Content-Type: text/html +Funny-head: yesyes + +-foo- + + +HTTP/1.1 200 Not a redirect +Accept-Ranges: bytes +This: three +This: four +Content-Length: 6 +Funny-head: yesyes + +-foo- + + + + +# +# Client-side + + +headers-api + + +http + + +-w with multiple header output using } in separator + + +http://%HOSTIP:%HTTPPORT/%TESTNUMBER -L -w '%header{this:all:-{\}-}\n' -o %LOGDIR/%TESTNUMBER.out + + + +# +# Verify data after the test has been "shot" + + +one-{}-two-{}-three-{}-four + + + From 4189c2c0fe15b3a6afecadb56fd50b6875d7170b Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 21 Sep 2025 00:05:55 +0200 Subject: [PATCH 0113/2408] RELEASE-NOTES: synced --- RELEASE-NOTES | 78 +++++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 70 insertions(+), 8 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 69b05b895a..0fb4e0be11 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -4,66 +4,97 @@ curl and libcurl 8.17.0 Command line options: 272 curl_easy_setopt() options: 308 Public functions in libcurl: 98 - Contributors: 3504 + Contributors: 3505 This release includes the following changes: + o build: drop the winbuild build system [81] + o krb5: drop support for Kerberos FTP [43] + o libssh2: up the minimum requirement to 1.9.0 [85] + o write-out: make %header{} able to output *all* occurances of a header [25] This release includes the following bugfixes: o asyn-thrdd: drop pthread_cancel [30] + o autotools: make `--enable-code-coverage` support llvm/clang [79] o aws-lc: re-enable large read-ahead with v1.61.0 again [16] + o base64: accept zero length argument to base64_encode [82] + o build: address some `-Weverything` warnings, update picky warnings [74] + o build: avoid overriding system symbols for socket functions [68] + o cf-socket: use the right byte order for ports in bindlocal [61] o cf_socket_recv: don't count reading zero bytes as first byte [23] o cfilter: unlink and discard [46] + o cmake: add `CURL_CODE_COVERAGE` option [78] o cmake: fix building docs when the base directory contains `.3` [18] o cmdline-docs: extended, clarified, refreshed [28] o configure: add "-mt" for pthread support on HP-UX [52] o cookie: avoid saving a cookie file if no transfer was done [11] o curl_easy_getinfo: error code on NULL arg [2] o curl_mem_undef.h: limit to `CURLDEBUG` for non-memalloc overrides [19] + o curl_slist_append.md: clarify that a NULL pointer is not acceptable [72] o CURLINFO_FTP_ENTRY_PATH.md: this is for SFTP as well [8] + o CURLOPT_HEADER/WRITEFUNCTION.md: drop '* size' since size is always 1 [63] o CURLOPT_MAXLIFETIME_CONN: make default 24 hours [10] o CURLOPT_SSL_VERIFYHOST.md: add see-also to two other VERIFYHOST options [32] o CURLOPT_TIMECONDITION.md: works for FILE and FTP as well [27] + o digest_sspi: fix two memory leaks in error branches [77] o dist: do not distribute `CI.md` [29] o docs/libcurl: clarify some timeout option behavior [15] o docs/libcurl: remove ancient version references [7] o docs/libcurl: use lowercase must [5] o easy_getinfo: check magic, Curl_close safety [3] o examples: fix two issues found by CodeQL [35] + o ftp: fix port number range loop for PORT commands [66] + o gtls: avoid potential use of uninitialized variable in trace output [83] + o httpsrr: free old pointers when storing new [57] o krb5: return appropriate error on send failures [22] o ldap: do not base64 encode zero length string [42] o libcurl-multi.md: added curl_multi_get_offt mention [53] o libcurl-security.md: mention long-running connections [6] o libssh2: drop two redundant null-terminations [26] o libssh2: error check and null-terminate in ssh_state_sftp_readdir_link() [34] + o libssh: error on bad chgrp number [71] + o libssh: error on bad chown number and store the value [64] o libssh: react on errors from ssh_scp_read [24] + o libssh: return out of memory correctly if aprintf fails [60] o Makefile.example: simplify and make it configurable [20] o managen: ignore version mentions < 7.66.0 [55] o managen: render better manpage references/links [54] o multi.h: add CURLMINFO_LASTENTRY [51] o ngtcp2: check error code on connect failure [13] o openldap: avoid indexing the result at -1 for blank responses [44] + o openssl: make the asn1_object_dump name null terminated [56] o quic: fix min TLS version handling [14] o quic: ignore EMSGSIZE on receive [4] + o rustls: typecast variable for safer trace output [69] o sasl: clear canceled mechanism instead of toggling it [41] + o schannel: assign result before using it [62] o setopt: accept *_SSL_VERIFYHOST set to 2L [31] o setopt: make CURLOPT_MAXREDIRS accept -1 (again) [1] o smb: adjust buffer size checks [45] o smtp: check EHLO responses case insensitively [50] + o socks: make Curl_blockread_all return CURLcode [67] o socks_sspi: fix memory cleanup calls [40] o socks_sspi: restore non-blocking socket on error paths [48] o ssl-sessions.md: mark option experimental [12] o sws: fix checking `sscanf()` return value [17] o telnet: make printsub require another byte input [21] o tftp: check and act on tftp_set_timeouts() returning error [38] + o tftp: handle tftp_multi_statemach() return code [65] o tftp: propagate expired timer from tftp_state_timeout() [39] + o tftp: return error when sendto() fails [59] + o tidy-up: avoid using the reserved macro namespace [76] + o tidy-up: update MS links, allow long URLs via `checksrc` [73] o TODO: remove already implemented or bad items [36] o tool: fix exponential retry delay [47] o tool_cb_hdr: fix fwrite check in header callback [49] + o tool_cb_hdr: size is always 1 [70] + o tool_getparam/set_rate: skip the multiplication on overflow [84] o tool_operate: improve wording in retry message [37] o tool_operate: keep the progress meter for --out-null [33] o urldata: FILE is not a list-only protocol [9] + o windows: replace `_beginthreadex()` with `CreateThread()` [80] + o windows: stop passing unused, optional argument for Win9x compatibility [75] This release includes the following known bugs: @@ -79,7 +110,6 @@ Planned upcoming removals include: o OpenSSL 1.x support o Support for c-ares versions before 1.16.0 o Support for Windows XP/2003 - o The winbuild build system o Windows CE support See https://curl.se/dev/deprecate.html @@ -87,12 +117,13 @@ Planned upcoming removals include: This release would not have looked like this without help, code, reports and advice from friends like these: - Adam Light, Andrew Kirillov, Andrew Olsen, Christian Schmitz, Dan Fandrich, - Daniel Stenberg, dependabot[bot], divinity76 on github, - Emilio Pozuelo Monfort, Ethan Everett, fds242 on github, Javier Blazquez, - Jicea, Joshua Rogers, Michael Osipov, Nir Azkiel, Ray Satiro, renovate[bot], - Samuel Dionne-Riel, Stefan Eissing, Viktor Szakats - (21 contributors) + Adam Light, Andrew Kirillov, Andrew Olsen, BobodevMm on github, + Christian Schmitz, Dan Fandrich, Daniel Stenberg, dependabot[bot], + divinity76 on github, Emilio Pozuelo Monfort, Ethan Everett, + fds242 on github, Javier Blazquez, Jicea, Joshua Rogers, kapsiR on github, + Marcel Raad, Michael Osipov, Michał Petryka, Nir Azkiel, Ray Satiro, + renovate[bot], Samuel Dionne-Riel, Stefan Eissing, Viktor Szakats + (25 contributors) References to bug reports and discussions on issues: @@ -120,6 +151,7 @@ References to bug reports and discussions on issues: [22] = https://curl.se/bug/?i=18561 [23] = https://curl.se/bug/?i=18615 [24] = https://curl.se/bug/?i=18616 + [25] = https://curl.se/bug/?i=18491 [26] = https://curl.se/bug/?i=18606 [27] = https://curl.se/bug/?i=18551 [28] = https://curl.se/bug/?i=18550 @@ -137,6 +169,7 @@ References to bug reports and discussions on issues: [40] = https://curl.se/bug/?i=18587 [41] = https://curl.se/bug/?i=18573 [42] = https://curl.se/bug/?i=18602 + [43] = https://curl.se/bug/?i=18577 [44] = https://curl.se/bug/?i=18600 [45] = https://curl.se/bug/?i=18599 [46] = https://curl.se/bug/?i=18596 @@ -149,3 +182,32 @@ References to bug reports and discussions on issues: [53] = https://curl.se/bug/?i=18579 [54] = https://curl.se/bug/?i=18580 [55] = https://curl.se/bug/?i=18583 + [56] = https://curl.se/bug/?i=18647 + [57] = https://curl.se/bug/?i=18631 + [59] = https://curl.se/bug/?i=18643 + [60] = https://curl.se/bug/?i=18637 + [61] = https://curl.se/bug/?i=18641 + [62] = https://curl.se/bug/?i=18642 + [63] = https://curl.se/bug/?i=18640 + [64] = https://curl.se/bug/?i=18639 + [65] = https://curl.se/bug/?i=18638 + [66] = https://curl.se/bug/?i=18636 + [67] = https://curl.se/bug/?i=18635 + [68] = https://curl.se/bug/?i=18503 + [69] = https://curl.se/bug/?i=18628 + [70] = https://curl.se/bug/?i=18630 + [71] = https://curl.se/bug/?i=18629 + [72] = https://curl.se/bug/?i=18627 + [73] = https://curl.se/bug/?i=18626 + [74] = https://curl.se/bug/?i=18477 + [75] = https://curl.se/bug/?i=18490 + [76] = https://curl.se/bug/?i=18482 + [77] = https://curl.se/bug/?i=18488 + [78] = https://curl.se/bug/?i=18468 + [79] = https://curl.se/bug/?i=18473 + [80] = https://curl.se/bug/?i=18451 + [81] = https://curl.se/bug/?i=18040 + [82] = https://curl.se/bug/?i=18617 + [83] = https://curl.se/bug/?i=18620 + [84] = https://curl.se/bug/?i=18624 + [85] = https://curl.se/bug/?i=18612 From 0513f9f8786e0cc4246e05d56bd264d0292d9c92 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 20 Sep 2025 19:04:21 +0200 Subject: [PATCH 0114/2408] build: show llvm/clang in platform flags and `buildinfo.txt` Show these flags: - `LLVM-CLANG` for mainline llvm/clang. - `APPLE-CLANG` for Apple clang. - `CLANG-CL` for clang-cl. (cmake only) Also: - GHA/linux: fix a job to build with clang, to match its descriptions. Closes #18645 --- .github/workflows/linux.yml | 1 + CMakeLists.txt | 9 +++++++++ acinclude.m4 | 5 +++++ 3 files changed, 15 insertions(+) diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index af2edf0e09..c9f090a969 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -179,6 +179,7 @@ jobs: - name: 'openssl clang krb5 LTO' install_packages: zlib1g-dev libkrb5-dev clang install_steps: skiprun + CC: clang generate: -DCURL_USE_OPENSSL=ON -DCURL_USE_GSSAPI=ON -DENABLE_DEBUG=ON -DCURL_LTO=ON - name: 'openssl !ipv6 !--libcurl !--digest-auth' diff --git a/CMakeLists.txt b/CMakeLists.txt index ad78c58ed1..a0587327db 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -148,6 +148,15 @@ endif() if(CMAKE_C_COMPILER_ID STREQUAL "GNU") string(APPEND _target_flags " GCC") endif() +if(CMAKE_C_COMPILER_ID MATCHES "Clang") + if(CMAKE_C_COMPILER_ID STREQUAL "AppleClang") + string(APPEND _target_flags " APPLE-CLANG") + elseif(MSVC) + string(APPEND _target_flags " CLANG-CL") + else() + string(APPEND _target_flags " LLVM-CLANG") + endif() +endif() if(MINGW) string(APPEND _target_flags " MINGW") endif() diff --git a/acinclude.m4 b/acinclude.m4 index fe10c2ec97..f6a7852779 100644 --- a/acinclude.m4 +++ b/acinclude.m4 @@ -1492,6 +1492,11 @@ AC_DEFUN([CURL_PREPARE_BUILDINFO], [ if test "x$compiler_id" = 'xGNU_C'; then curl_pflags="${curl_pflags} GCC" fi + if "$compiler_id" = "APPLECLANG"; then + curl_pflags="${curl_pflags} APPLE-CLANG" + elif test "$compiler_id" = "CLANG"; then + curl_pflags="${curl_pflags} LLVM-CLANG" + fi case $host_os in mingw*) curl_pflags="${curl_pflags} MINGW";; esac From 4e8dfe2093c83c708d4ee0b6952a8495608d708d Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 21 Sep 2025 09:39:58 +0200 Subject: [PATCH 0115/2408] RELEASE-NOTES: spellcheck! --- RELEASE-NOTES | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 0fb4e0be11..698c81d3a8 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -11,7 +11,7 @@ This release includes the following changes: o build: drop the winbuild build system [81] o krb5: drop support for Kerberos FTP [43] o libssh2: up the minimum requirement to 1.9.0 [85] - o write-out: make %header{} able to output *all* occurances of a header [25] + o write-out: make %header{} able to output *all* occurrences of a header [25] This release includes the following bugfixes: From fd61ed062bdad9ad9abdcc839f1c6c51b88e1c05 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 21 Sep 2025 00:09:09 +0200 Subject: [PATCH 0116/2408] ws: clarify an error message Instead of: "[WS] frame length longer than 64 signed not supported" Use: "[WS] frame length longer than 63 bit not supported" Closes #18654 --- lib/ws.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/ws.c b/lib/ws.c index 00fdeb3e97..c840961d10 100644 --- a/lib/ws.c +++ b/lib/ws.c @@ -453,7 +453,7 @@ static CURLcode ws_dec_read_head(struct ws_decoder *dec, break; case 10: if(dec->head[2] > 127) { - failf(data, "[WS] frame length longer than 64 signed not supported"); + failf(data, "[WS] frame length longer than 63 bit not supported"); return CURLE_RECV_ERROR; } dec->payload_len = ((curl_off_t)dec->head[2] << 56) | From 3d8e15650ccc02cb7384f3b991478363e9498f3f Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 20 Sep 2025 17:44:32 +0200 Subject: [PATCH 0117/2408] vtls_int.h: clarify data_pending Suggested-by: Joseph Birr-Pixton Closes #18644 --- lib/vtls/vtls_int.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lib/vtls/vtls_int.h b/lib/vtls/vtls_int.h index de0b735e22..8bf6c6c64b 100644 --- a/lib/vtls/vtls_int.h +++ b/lib/vtls/vtls_int.h @@ -153,6 +153,10 @@ struct Curl_ssl { size_t (*version)(char *buffer, size_t size); CURLcode (*shut_down)(struct Curl_cfilter *cf, struct Curl_easy *data, bool send_shutdown, bool *done); + + /* data_pending() shall return TRUE when it wants to get called again to + drain internal buffers and deliver data instead of waiting for the socket + to get readable */ bool (*data_pending)(struct Curl_cfilter *cf, const struct Curl_easy *data); From 3b22ed999ef046cbd7a3503746bf9acf927623e7 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 20 Sep 2025 22:55:50 +0200 Subject: [PATCH 0118/2408] telnet: return error on crazy TTYPE or XDISPLOC lengths Also use the packet size msnprintf() stores instead of calculating it separately. Reported in Joshua's sarif data Closes #18648 --- lib/telnet.c | 48 +++++++++++++++++++++++++++++------------------- 1 file changed, 29 insertions(+), 19 deletions(-) diff --git a/lib/telnet.c b/lib/telnet.c index 05e5ebe60c..b475910baf 100644 --- a/lib/telnet.c +++ b/lib/telnet.c @@ -164,7 +164,7 @@ static void set_remote_option(struct Curl_easy *data, struct TELNET *tn, static void printsub(struct Curl_easy *data, int direction, unsigned char *pointer, size_t length); -static void suboption(struct Curl_easy *data, struct TELNET *tn); +static CURLcode suboption(struct Curl_easy *data, struct TELNET *tn); static void sendsuboption(struct Curl_easy *data, struct TELNET *tn, int option); @@ -932,7 +932,7 @@ static CURLcode check_telnet_options(struct Curl_easy *data, * side. */ -static void suboption(struct Curl_easy *data, struct TELNET *tn) +static CURLcode suboption(struct Curl_easy *data, struct TELNET *tn) { struct curl_slist *v; unsigned char temp[2048]; @@ -944,22 +944,30 @@ static void suboption(struct Curl_easy *data, struct TELNET *tn) printsub(data, '<', (unsigned char *)tn->subbuffer, CURL_SB_LEN(tn) + 2); switch(CURL_SB_GET(tn)) { case CURL_TELOPT_TTYPE: - len = strlen(tn->subopt_ttype) + 4 + 2; - msnprintf((char *)temp, sizeof(temp), - "%c%c%c%c%s%c%c", CURL_IAC, CURL_SB, CURL_TELOPT_TTYPE, - CURL_TELQUAL_IS, tn->subopt_ttype, CURL_IAC, CURL_SE); + if(strlen(tn->subopt_ttype) > 1000) { + failf(data, "Tool long telnet TTYPE"); + return CURLE_SEND_ERROR; + } + len = msnprintf((char *)temp, sizeof(temp), "%c%c%c%c%s%c%c", + CURL_IAC, CURL_SB, CURL_TELOPT_TTYPE, + CURL_TELQUAL_IS, tn->subopt_ttype, CURL_IAC, CURL_SE); bytes_written = swrite(conn->sock[FIRSTSOCKET], temp, len); + if(bytes_written < 0) { err = SOCKERRNO; - failf(data,"Sending data failed (%d)",err); + failf(data, "Sending data failed (%d)", err); + return CURLE_SEND_ERROR; } printsub(data, '>', &temp[2], len-2); break; case CURL_TELOPT_XDISPLOC: - len = strlen(tn->subopt_xdisploc) + 4 + 2; - msnprintf((char *)temp, sizeof(temp), - "%c%c%c%c%s%c%c", CURL_IAC, CURL_SB, CURL_TELOPT_XDISPLOC, - CURL_TELQUAL_IS, tn->subopt_xdisploc, CURL_IAC, CURL_SE); + if(strlen(tn->subopt_xdisploc) > 1000) { + failf(data, "Tool long telnet XDISPLOC"); + return CURLE_SEND_ERROR; + } + len = msnprintf((char *)temp, sizeof(temp), "%c%c%c%c%s%c%c", + CURL_IAC, CURL_SB, CURL_TELOPT_XDISPLOC, + CURL_TELQUAL_IS, tn->subopt_xdisploc, CURL_IAC, CURL_SE); bytes_written = swrite(conn->sock[FIRSTSOCKET], temp, len); if(bytes_written < 0) { err = SOCKERRNO; @@ -968,11 +976,9 @@ static void suboption(struct Curl_easy *data, struct TELNET *tn) printsub(data, '>', &temp[2], len-2); break; case CURL_TELOPT_NEW_ENVIRON: - msnprintf((char *)temp, sizeof(temp), - "%c%c%c%c", CURL_IAC, CURL_SB, CURL_TELOPT_NEW_ENVIRON, - CURL_TELQUAL_IS); - len = 4; - + len = msnprintf((char *)temp, sizeof(temp), "%c%c%c%c", + CURL_IAC, CURL_SB, CURL_TELOPT_NEW_ENVIRON, + CURL_TELQUAL_IS); for(v = tn->telnet_vars; v; v = v->next) { size_t tmplen = (strlen(v->data) + 1); /* Add the variable if it fits */ @@ -1000,7 +1006,7 @@ static void suboption(struct Curl_easy *data, struct TELNET *tn) printsub(data, '>', &temp[2], len-2); break; } - return; + return CURLE_OK; } @@ -1204,7 +1210,9 @@ process_iac: CURL_SB_TERM(tn); printoption(data, "In SUBOPTION processing, RCVD", CURL_IAC, c); - suboption(data, tn); /* handle sub-option */ + result = suboption(data, tn); /* handle sub-option */ + if(result) + return result; tn->telrcv_state = CURL_TS_IAC; goto process_iac; } @@ -1216,7 +1224,9 @@ process_iac: CURL_SB_ACCUM(tn, CURL_SE); tn->subpointer -= 2; CURL_SB_TERM(tn); - suboption(data, tn); /* handle sub-option */ + result = suboption(data, tn); /* handle sub-option */ + if(result) + return result; tn->telrcv_state = CURL_TS_DATA; } break; From a9baf82a9b4291a948c908bce3f843c556d67deb Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 20 Sep 2025 23:23:07 +0200 Subject: [PATCH 0119/2408] ftp: fix ftp_do_more returning with *completep unset Specifically, when ftpc->wait_data_conn was true and Curl_conn_connect(...) returned with serv_conned == false the code called ftp_check_ctrl_on_data_wait and returned without setting *completep. Now set it to 0 at function start to avoid this happening again. Reported in Joshua's sarif data Closes #18650 --- lib/ftp.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/ftp.c b/lib/ftp.c index df94ea5e66..13b613bc1e 100644 --- a/lib/ftp.c +++ b/lib/ftp.c @@ -3594,6 +3594,9 @@ static CURLcode ftp_do_more(struct Curl_easy *data, int *completep) if(!ftpc || !ftp) return CURLE_FAILED_INIT; + + *completep = 0; /* default to stay in the state */ + /* if the second connection has been set up, try to connect it fully * to the remote host. This may not complete at this time, for several * reasons: @@ -3612,7 +3615,6 @@ static CURLcode ftp_do_more(struct Curl_easy *data, int *completep) /* this is a EPSV connect failing, try PASV instead */ return ftp_epsv_disable(data, ftpc, conn); } - *completep = (int)complete; return result; } } From 05930f304bbf1492951b71d828f0de9fe253d4ea Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 20 Sep 2025 23:33:05 +0200 Subject: [PATCH 0120/2408] rustls: use %zu for size_t in failf() format string Reported in Joshua's sarif data Closes #18651 --- lib/vtls/rustls.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c index e5d85aa38f..c89fadf966 100644 --- a/lib/vtls/rustls.c +++ b/lib/vtls/rustls.c @@ -1231,8 +1231,8 @@ cr_connect(struct Curl_cfilter *cf, size_t errorlen; rustls_error(rresult, errorbuf, sizeof(errorbuf), &errorlen); failf(data, - "Failed getting DER of server certificate #%ld: %.*s", i, - (int)errorlen, errorbuf); + "Failed getting DER of server certificate #%zu: %.*s", i, + (int)errorlen, errorbuf); return map_error(rresult); } { From ab3a293fd0cca2045cc2e3bf1a73f75b1bd7d4bc Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 20 Sep 2025 23:38:04 +0200 Subject: [PATCH 0121/2408] libssh: fix range parsing error handling mistake The range-parsing returned CURLE_RANGE_ERROR directly on one error instead of calling myssh_to_ERROR() like it should and like it does for all other errors. Reported in Joshua's sarif data Closes #18652 --- lib/vssh/libssh.c | 39 ++++++++++++++------------------------- 1 file changed, 14 insertions(+), 25 deletions(-) diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c index eacc27a921..cb2e8cde4d 100644 --- a/lib/vssh/libssh.c +++ b/lib/vssh/libssh.c @@ -1319,8 +1319,7 @@ static int myssh_in_SFTP_DOWNLOAD_STAT(struct Curl_easy *data, if(size < 0) { failf(data, "Bad file size (%" FMT_OFF_T ")", size); - rc = myssh_to_ERROR(data, sshc, CURLE_BAD_DOWNLOAD_RESUME); - return rc; + return myssh_to_ERROR(data, sshc, CURLE_BAD_DOWNLOAD_RESUME); } if(data->state.use_range) { curl_off_t from, to; @@ -1328,16 +1327,15 @@ static int myssh_in_SFTP_DOWNLOAD_STAT(struct Curl_easy *data, int from_t, to_t; from_t = curlx_str_number(&p, &from, CURL_OFF_T_MAX); - if(from_t == STRE_OVERFLOW) { - rc = myssh_to_ERROR(data, sshc, CURLE_RANGE_ERROR); - return rc; - } + if(from_t == STRE_OVERFLOW) + return myssh_to_ERROR(data, sshc, CURLE_RANGE_ERROR); + curlx_str_passblanks(&p); (void)curlx_str_single(&p, '-'); to_t = curlx_str_numblanks(&p, &to); if(to_t == STRE_OVERFLOW) - return CURLE_RANGE_ERROR; + return myssh_to_ERROR(data, sshc, CURLE_RANGE_ERROR); if((to_t == STRE_NO_NUM) || (to >= size)) { to = size - 1; @@ -1353,26 +1351,21 @@ static int myssh_in_SFTP_DOWNLOAD_STAT(struct Curl_easy *data, if(from > size) { failf(data, "Offset (%" FMT_OFF_T ") was beyond file size (%" FMT_OFF_T ")", from, size); - rc = myssh_to_ERROR(data, sshc, CURLE_BAD_DOWNLOAD_RESUME); - return rc; + return myssh_to_ERROR(data, sshc, CURLE_BAD_DOWNLOAD_RESUME); } if(from > to) { from = to; size = 0; } else { - if((to - from) == CURL_OFF_T_MAX) { - rc = myssh_to_ERROR(data, sshc, CURLE_RANGE_ERROR); - return rc; - } + if((to - from) == CURL_OFF_T_MAX) + return myssh_to_ERROR(data, sshc, CURLE_RANGE_ERROR); size = to - from + 1; } rc = sftp_seek64(sshc->sftp_file, from); - if(rc) { - rc = myssh_to_SFTP_CLOSE(data, sshc); - return rc; - } + if(rc) + return myssh_to_SFTP_CLOSE(data, sshc); } data->req.size = size; data->req.maxdownload = size; @@ -1386,8 +1379,7 @@ static int myssh_in_SFTP_DOWNLOAD_STAT(struct Curl_easy *data, if((curl_off_t)size < -data->state.resume_from) { failf(data, "Offset (%" FMT_OFF_T ") was beyond file size (%" FMT_OFF_T ")", data->state.resume_from, size); - rc = myssh_to_ERROR(data, sshc, CURLE_BAD_DOWNLOAD_RESUME); - return rc; + return myssh_to_ERROR(data, sshc, CURLE_BAD_DOWNLOAD_RESUME); } /* download from where? */ data->state.resume_from += size; @@ -1397,8 +1389,7 @@ static int myssh_in_SFTP_DOWNLOAD_STAT(struct Curl_easy *data, failf(data, "Offset (%" FMT_OFF_T ") was beyond file size (%" FMT_OFF_T ")", data->state.resume_from, size); - rc = myssh_to_ERROR(data, sshc, CURLE_BAD_DOWNLOAD_RESUME); - return rc; + return myssh_to_ERROR(data, sshc, CURLE_BAD_DOWNLOAD_RESUME); } } /* Now store the number of bytes we are expected to download */ @@ -1408,10 +1399,8 @@ static int myssh_in_SFTP_DOWNLOAD_STAT(struct Curl_easy *data, size - data->state.resume_from); rc = sftp_seek64(sshc->sftp_file, data->state.resume_from); - if(rc) { - rc = myssh_to_SFTP_CLOSE(data, sshc); - return rc; - } + if(rc) + return myssh_to_SFTP_CLOSE(data, sshc); } /* Setup the actual download */ From 0c53a5e5dcca82dfa57a209c350c77db1572a7c6 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 20 Sep 2025 23:53:52 +0200 Subject: [PATCH 0122/2408] openldap: check ldap_get_option() return codes Do not just assume that they always work. Reported in Joshua's sarif data Closes #18653 --- lib/openldap.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/lib/openldap.c b/lib/openldap.c index 717739b68d..7d25d18421 100644 --- a/lib/openldap.c +++ b/lib/openldap.c @@ -538,7 +538,8 @@ static CURLcode oldap_ssl_connect(struct Curl_easy *data, ldapstate newstate) Sockbuf *sb; /* Install the libcurl SSL handlers into the sockbuf. */ - ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, &sb); + if(ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, &sb) != LDAP_OPT_SUCCESS) + return CURLE_FAILED_INIT; ber_sockbuf_add_io(sb, &ldapsb_tls, LBER_SBIOD_LEVEL_TRANSPORT, data); li->recv = conn->recv[FIRSTSOCKET]; li->send = conn->send[FIRSTSOCKET]; @@ -951,7 +952,8 @@ static CURLcode oldap_disconnect(struct Curl_easy *data, #ifdef USE_SSL if(ssl_installed(conn)) { Sockbuf *sb; - ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, &sb); + if(ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, &sb) != LDAP_OPT_SUCCESS) + return CURLE_FAILED_INIT; ber_sockbuf_add_io(sb, &ldapsb_tls, LBER_SBIOD_LEVEL_TRANSPORT, data); } #endif @@ -986,7 +988,8 @@ static CURLcode oldap_do(struct Curl_easy *data, bool *done) if(ssl_installed(conn)) { Sockbuf *sb; /* re-install the libcurl SSL handlers into the sockbuf. */ - ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, &sb); + if(ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, &sb) != LDAP_OPT_SUCCESS) + return CURLE_FAILED_INIT; ber_sockbuf_add_io(sb, &ldapsb_tls, LBER_SBIOD_LEVEL_TRANSPORT, data); } #endif From d57e7cf20d805032740a8b173ea53ea0da1cce62 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 21 Sep 2025 10:18:13 +0200 Subject: [PATCH 0123/2408] ws: reject curl_ws_recv called with NULL buffer with a buflen Arguably this is just a bad application. Reported in Joshua's sarif data Closes #18656 --- lib/ws.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/ws.c b/lib/ws.c index c840961d10..b6ab28a35a 100644 --- a/lib/ws.c +++ b/lib/ws.c @@ -1502,7 +1502,7 @@ CURLcode curl_ws_recv(CURL *d, void *buffer, *nread = 0; *metap = NULL; - if(!GOOD_EASY_HANDLE(data)) + if(!GOOD_EASY_HANDLE(data) || (buflen && !buffer)) return CURLE_BAD_FUNCTION_ARGUMENT; conn = data->conn; From c23d7e7a980d172e2134225933440b05404a1f14 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 20 Sep 2025 11:35:01 +0200 Subject: [PATCH 0124/2408] GHA/codeql: enable ECH and HTTPS-RR Switch to Linuxbrew c-ares to hit the minimum version. (Ubuntu offers 1.27.0, HTTPS-RR requires 1.28.0.) Closes #18661 --- .github/workflows/codeql.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index bb3c074821..808ee0b63a 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -75,9 +75,9 @@ jobs: sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list sudo apt-get -o Dpkg::Use-Pty=0 update sudo rm -f /var/lib/man-db/auto-update - sudo apt-get -o Dpkg::Use-Pty=0 install libpsl-dev libbrotli-dev libidn2-dev libssh2-1-dev libc-ares-dev \ + sudo apt-get -o Dpkg::Use-Pty=0 install libpsl-dev libbrotli-dev libidn2-dev libssh2-1-dev \ libnghttp2-dev libldap-dev heimdal-dev librtmp-dev libgnutls28-dev libwolfssl-dev - /home/linuxbrew/.linuxbrew/bin/brew install gsasl libnghttp3 libngtcp2 mbedtls rustls-ffi + /home/linuxbrew/.linuxbrew/bin/brew install c-ares gsasl libnghttp3 libngtcp2 mbedtls rustls-ffi - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 with: @@ -104,10 +104,10 @@ jobs: eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)" # MultiSSL - export PKG_CONFIG_PATH; PKG_CONFIG_PATH="$(brew --prefix mbedtls)/lib/pkgconfig:$(brew --prefix rustls-ffi)/lib/pkgconfig:$(brew --prefix gsasl)/lib/pkgconfig" + export PKG_CONFIG_PATH; PKG_CONFIG_PATH="$(brew --prefix c-ares)/lib/pkgconfig:$(brew --prefix mbedtls)/lib/pkgconfig:$(brew --prefix rustls-ffi)/lib/pkgconfig:$(brew --prefix gsasl)/lib/pkgconfig" cmake -B _bld1 -G Ninja -DENABLE_DEBUG=ON \ -DCURL_USE_GNUTLS=ON -DCURL_USE_MBEDTLS=ON -DCURL_USE_RUSTLS=ON -DCURL_USE_WOLFSSL=ON \ - -DUSE_LIBRTMP=ON -DCURL_USE_GSASL=ON -DCURL_USE_GSSAPI=ON -DUSE_SSLS_EXPORT=ON -DENABLE_ARES=ON + -DUSE_LIBRTMP=ON -DCURL_USE_GSASL=ON -DCURL_USE_GSSAPI=ON -DUSE_SSLS_EXPORT=ON -DUSE_ECH=ON -DENABLE_ARES=ON cmake --build _bld1 --verbose cmake --build _bld1 --verbose --target curlinfo cmake --build _bld1 --verbose --target servers From 06d00e3879bbfe167972ee45f1dad0ec591a04fb Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 21 Sep 2025 13:31:35 +0200 Subject: [PATCH 0125/2408] cmake: clang detection tidy-ups Follow-up to 0513f9f8786e0cc4246e05d56bd264d0292d9c92 #18645 Follow-up to fe5225b5eaf3a1a0ce149023d38a9922a114798b #18209 Closes #18659 --- CMakeLists.txt | 14 ++++++-------- docs/examples/CMakeLists.txt | 2 +- 2 files changed, 7 insertions(+), 9 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index a0587327db..083c2f37b9 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -148,14 +148,12 @@ endif() if(CMAKE_C_COMPILER_ID STREQUAL "GNU") string(APPEND _target_flags " GCC") endif() -if(CMAKE_C_COMPILER_ID MATCHES "Clang") - if(CMAKE_C_COMPILER_ID STREQUAL "AppleClang") - string(APPEND _target_flags " APPLE-CLANG") - elseif(MSVC) - string(APPEND _target_flags " CLANG-CL") - else() - string(APPEND _target_flags " LLVM-CLANG") - endif() +if(CMAKE_C_COMPILER_ID STREQUAL "AppleClang") + string(APPEND _target_flags " APPLE-CLANG") +elseif(CMAKE_C_COMPILER_ID STREQUAL "Clang" AND MSVC) + string(APPEND _target_flags " CLANG-CL") +elseif(CMAKE_C_COMPILER_ID MATCHES "Clang") + string(APPEND _target_flags " LLVM-CLANG") endif() if(MINGW) string(APPEND _target_flags " MINGW") diff --git a/docs/examples/CMakeLists.txt b/docs/examples/CMakeLists.txt index cb1d983890..bc0f3ce359 100644 --- a/docs/examples/CMakeLists.txt +++ b/docs/examples/CMakeLists.txt @@ -37,7 +37,7 @@ foreach(_target IN LISTS check_PROGRAMS _all) # keep '_all' last set(_examples_c "${check_PROGRAMS}") list(TRANSFORM _examples_c APPEND ".c") add_library(${_target_name} OBJECT EXCLUDE_FROM_ALL ${_examples_c}) - if(MSVC AND NOT CMAKE_C_COMPILER_ID STREQUAL "Clang") + if(CMAKE_C_COMPILER_ID STREQUAL "MSVC") # MSVC but exclude clang-cl # CMake generates a static library for the OBJECT target. Silence these 'lib.exe' warnings: # warning LNK4006: main already defined in ....obj; second definition ignored # warning LNK4221: This object file does not define any previously undefined public symbols, From e5d9c871f0b54c8382b2f417b5923ac78d6a4e12 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 21 Aug 2025 22:27:41 +0200 Subject: [PATCH 0126/2408] tidy-up: assortment of small fixes - examples/headerapi: fix wrong cast. - curl_ngtcp2: delete stray character from error message. - rustls: fix inline variable declaration. - sendf: drop redundant `int` cast. - libtest/cli_ws_data: drop cast with mismatched signedness. Cherry-picked from #18343 Closes #18664 --- docs/examples/headerapi.c | 2 +- lib/sendf.c | 2 +- lib/vquic/curl_ngtcp2.c | 2 +- lib/vtls/rustls.c | 3 ++- tests/libtest/cli_ws_data.c | 2 +- 5 files changed, 6 insertions(+), 5 deletions(-) diff --git a/docs/examples/headerapi.c b/docs/examples/headerapi.c index 95c366884a..ede0c5cbda 100644 --- a/docs/examples/headerapi.c +++ b/docs/examples/headerapi.c @@ -69,7 +69,7 @@ int main(void) do { h = curl_easy_nextheader(curl, CURLH_HEADER, -1, prev); if(h) - printf(" %s: %s (%u)\n", h->name, h->value, (int)h->amount); + printf(" %s: %s (%u)\n", h->name, h->value, (unsigned int)h->amount); prev = h; } while(h); diff --git a/lib/sendf.c b/lib/sendf.c index f759fb61a4..a262d9036f 100644 --- a/lib/sendf.c +++ b/lib/sendf.c @@ -857,7 +857,7 @@ static CURLcode cr_in_rewind(struct Curl_easy *data, Curl_set_in_callback(data, FALSE); CURL_TRC_READ(data, "cr_in, rewind via set.seek_func -> %d", err); if(err) { - failf(data, "seek callback returned error %d", (int)err); + failf(data, "seek callback returned error %d", err); return CURLE_SEND_FAIL_REWIND; } } diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index 246e0d51f6..f902c190ef 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -1337,7 +1337,7 @@ out: result = Curl_1st_err(result, cf_progress_egress(cf, data, &pktx)); result = Curl_1st_err(result, check_and_set_expiry(cf, data, &pktx)); - CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] cf_recv(blen=%zu) -> %dm, %zu", + CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] cf_recv(blen=%zu) -> %d, %zu", stream ? stream->id : -1, blen, result, *pnread); CF_DATA_RESTORE(cf, save); return result; diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c index c89fadf966..87c23544ef 100644 --- a/lib/vtls/rustls.c +++ b/lib/vtls/rustls.c @@ -1212,13 +1212,14 @@ cr_connect(struct Curl_cfilter *cf, } if(data->set.ssl.certinfo) { size_t num_certs = 0; + size_t i; while(rustls_connection_get_peer_certificate(rconn, (int)num_certs)) { num_certs++; } result = Curl_ssl_init_certinfo(data, (int)num_certs); if(result) return result; - for(size_t i = 0; i < num_certs; i++) { + for(i = 0; i < num_certs; i++) { const rustls_certificate *cert; const unsigned char *der_data; size_t der_len; diff --git a/tests/libtest/cli_ws_data.c b/tests/libtest/cli_ws_data.c index 36d5dea25b..32356552a8 100644 --- a/tests/libtest/cli_ws_data.c +++ b/tests/libtest/cli_ws_data.c @@ -106,7 +106,7 @@ static CURLcode test_ws_data_m2_echo(const char *url, curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); curl_easy_setopt(curl, CURLOPT_CONNECT_ONLY, 2L); /* websocket style */ r = curl_easy_perform(curl); - curl_mfprintf(stderr, "curl_easy_perform() returned %u\n", (int)r); + curl_mfprintf(stderr, "curl_easy_perform() returned %u\n", r); if(r != CURLE_OK) goto out; From e21cc7844db33fe6b77e8dbe687cd720ec9d738e Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 21 Sep 2025 17:51:34 +0200 Subject: [PATCH 0127/2408] autotools: fix silly mistake in clang detection for `buildinfo.txt` Follow-up to 0513f9f8786e0cc4246e05d56bd264d0292d9c92 #18645 Closes #18666 --- acinclude.m4 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/acinclude.m4 b/acinclude.m4 index f6a7852779..febb8961cc 100644 --- a/acinclude.m4 +++ b/acinclude.m4 @@ -1492,7 +1492,7 @@ AC_DEFUN([CURL_PREPARE_BUILDINFO], [ if test "x$compiler_id" = 'xGNU_C'; then curl_pflags="${curl_pflags} GCC" fi - if "$compiler_id" = "APPLECLANG"; then + if test "$compiler_id" = "APPLECLANG"; then curl_pflags="${curl_pflags} APPLE-CLANG" elif test "$compiler_id" = "CLANG"; then curl_pflags="${curl_pflags} LLVM-CLANG" From 374c23c617322ecd76794d058461f69b8abbef0e Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 21 Sep 2025 18:02:21 +0200 Subject: [PATCH 0128/2408] autotools: fix duplicate `UNIX` and `BSD` flags in `buildinfo.txt` Follow-up to 2a292c39846107228201674d686be5b3ed96674d #15975 Closes #18667 --- acinclude.m4 | 8 -------- 1 file changed, 8 deletions(-) diff --git a/acinclude.m4 b/acinclude.m4 index febb8961cc..7b26dfd466 100644 --- a/acinclude.m4 +++ b/acinclude.m4 @@ -1474,14 +1474,6 @@ AC_DEFUN([CURL_PREPARE_BUILDINFO], [ if test "$curl_cv_winuwp" = 'yes'; then curl_pflags="${curl_pflags} UWP" fi - case $host in - *-*-*bsd*|*-*-aix*|*-*-hpux*|*-*-interix*|*-*-irix*|*-*-linux*|*-*-solaris*|*-*-sunos*|*-apple-*|*-*-cygwin*|*-*-msys*) - curl_pflags="${curl_pflags} UNIX";; - esac - case $host in - *-*-*bsd*) - curl_pflags="${curl_pflags} BSD";; - esac if test "$curl_cv_cygwin" = 'yes'; then curl_pflags="${curl_pflags} CYGWIN" fi From 989a274e45318b290b7ddf28d7562ff6ec0cba4a Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 21 Sep 2025 20:25:04 +0200 Subject: [PATCH 0129/2408] autotools: add support for libgsasl auto-detection via pkg-config Enable with `--with-gsasl`, as before. Cherry-picked from #18660 Closes #18669 --- configure.ac | 71 +++++++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 59 insertions(+), 12 deletions(-) diff --git a/configure.ac b/configure.ac index fa23eb09b1..1aa0c27596 100644 --- a/configure.ac +++ b/configure.ac @@ -2204,20 +2204,67 @@ dnl ********************************************************************** dnl Check for libgsasl dnl ********************************************************************** -AC_ARG_WITH(libgsasl, - AS_HELP_STRING([--without-libgsasl], - [disable libgsasl support for SCRAM]), - with_libgsasl=$withval, - with_libgsasl=yes) -if test $with_libgsasl != "no"; then - AC_SEARCH_LIBS(gsasl_init, gsasl, - [curl_gsasl_msg="enabled"; - AC_DEFINE([USE_GSASL], [1], [GSASL support enabled]) - LIBCURL_PC_REQUIRES_PRIVATE="$LIBCURL_PC_REQUIRES_PRIVATE libgsasl" +OPT_LIBGSASL=no +AC_ARG_WITH(libgsasl,dnl +AS_HELP_STRING([--with-libgsasl=PATH],[Where to look for libgsasl, PATH points to the libgsasl installation; when possible, set the PKG_CONFIG_PATH environment variable instead of using this option]) +AS_HELP_STRING([--without-libgsasl], [disable libgsasl support for SCRAM]), + OPT_LIBGSASL=$withval) + +if test "$OPT_LIBGSASL" != no; then + dnl backup the pre-libgsasl variables + CLEANLDFLAGS="$LDFLAGS" + CLEANLDFLAGSPC="$LDFLAGSPC" + CLEANCPPFLAGS="$CPPFLAGS" + CLEANLIBS="$LIBS" + + case "$OPT_LIBGSASL" in + yes) + dnl --with-libgsasl (without path) used + CURL_CHECK_PKGCONFIG(libgsasl) + + if test "$PKGCONFIG" != "no"; then + LIB_GSASL=`$PKGCONFIG --libs-only-l libgsasl` + LD_GSASL=`$PKGCONFIG --libs-only-L libgsasl` + CPP_GSASL=`$PKGCONFIG --cflags-only-I libgsasl` + else + dnl no libgsasl pkg-config found + LIB_GSASL="-lgsasl" + fi + ;; + *) + dnl use the given --with-libgsasl spot + PREFIX_GSASL=$OPT_LIBGSASL + ;; + esac + + dnl if given with a prefix, we set -L and -I based on that + if test -n "$PREFIX_GSASL"; then + LIB_GSASL="-lgsasl" + LD_GSASL=-L${PREFIX_GSASL}/lib$libsuff + CPP_GSASL=-I${PREFIX_GSASL}/include + fi + + LDFLAGS="$LDFLAGS $LD_GSASL" + LDFLAGSPC="$LDFLAGSPC $LD_GSASL" + CPPFLAGS="$CPPFLAGS $CPP_GSASL" + LIBS="$LIB_GSASL $LIBS" + + AC_CHECK_LIB(gsasl, gsasl_init, + [ + AC_CHECK_HEADERS(gsasl.h, + curl_gsasl_msg="enabled" + AC_DEFINE(USE_GSASL, 1, [GSASL support enabled]) + USE_LIBGSASL=1 + LIBCURL_PC_REQUIRES_PRIVATE="$LIBCURL_PC_REQUIRES_PRIVATE libgsasl" + ) ], - [curl_gsasl_msg="no (libgsasl not found)"; + dnl not found, revert back to clean variables + LDFLAGS=$CLEANLDFLAGS + LDFLAGSPC=$CLEANLDFLAGSPC + CPPFLAGS=$CLEANCPPFLAGS + LIBS=$CLEANLIBS + curl_gsasl_msg="no (libgsasl not found)" AC_MSG_WARN([libgsasl was not found]) - ] ) fi AM_CONDITIONAL([USE_GSASL], [test "$curl_gsasl_msg" = "enabled"]) From a72e1552f224f3785d8aafc9819cd4ad0821c01d Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 21 Sep 2025 10:48:00 +0200 Subject: [PATCH 0130/2408] telnet: refuse IAC codes in content Ban the use of IAC (0xff) in telnet options set by the application. They need to be escaped when sent but I can't see any valid reason for an application to send them. Of course, an application sending such data basically ask for trouble. Reported in Joshua's sarif data Closes #18657 --- lib/telnet.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/lib/telnet.c b/lib/telnet.c index b475910baf..f2226a7f7d 100644 --- a/lib/telnet.c +++ b/lib/telnet.c @@ -925,6 +925,14 @@ static CURLcode check_telnet_options(struct Curl_easy *data, return result; } +/* if the option contains an IAC code, it should be escaped in the output, but + as we cannot think of any legit way to send that as part of the content we + rather just ban its use instead */ +static bool bad_option(const char *data) +{ + return !!strchr(data, CURL_IAC); +} + /* * suboption() * @@ -944,6 +952,8 @@ static CURLcode suboption(struct Curl_easy *data, struct TELNET *tn) printsub(data, '<', (unsigned char *)tn->subbuffer, CURL_SB_LEN(tn) + 2); switch(CURL_SB_GET(tn)) { case CURL_TELOPT_TTYPE: + if(bad_option(tn->subopt_ttype)) + return CURLE_BAD_FUNCTION_ARGUMENT; if(strlen(tn->subopt_ttype) > 1000) { failf(data, "Tool long telnet TTYPE"); return CURLE_SEND_ERROR; @@ -961,6 +971,8 @@ static CURLcode suboption(struct Curl_easy *data, struct TELNET *tn) printsub(data, '>', &temp[2], len-2); break; case CURL_TELOPT_XDISPLOC: + if(bad_option(tn->subopt_xdisploc)) + return CURLE_BAD_FUNCTION_ARGUMENT; if(strlen(tn->subopt_xdisploc) > 1000) { failf(data, "Tool long telnet XDISPLOC"); return CURLE_SEND_ERROR; @@ -981,6 +993,8 @@ static CURLcode suboption(struct Curl_easy *data, struct TELNET *tn) CURL_TELQUAL_IS); for(v = tn->telnet_vars; v; v = v->next) { size_t tmplen = (strlen(v->data) + 1); + if(bad_option(v->data)) + return CURLE_BAD_FUNCTION_ARGUMENT; /* Add the variable if it fits */ if(len + tmplen < (int)sizeof(temp)-6) { char *s = strchr(v->data, ','); From c4f9977c66bbb05a837a7eb03004dd79c3cc9b44 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 21 Sep 2025 11:07:31 +0200 Subject: [PATCH 0131/2408] tftp: pin the first used address Store the used remote address on the first receive call and then make sure that it remains the same address on subsequent calls to reduce the risk of tampering. Doesn't make the transfer secure because it is still unauthenticated and clear text. Reported in Joshua's sarif data Closes #18658 --- lib/tftp.c | 32 +++++++++++++++++++++++--------- 1 file changed, 23 insertions(+), 9 deletions(-) diff --git a/lib/tftp.c b/lib/tftp.c index 8b6246a342..736b14b673 100644 --- a/lib/tftp.c +++ b/lib/tftp.c @@ -126,6 +126,10 @@ struct tftp_packet { #define CURL_META_TFTP_CONN "meta:proto:tftp:conn" struct tftp_conn { + struct Curl_sockaddr_storage local_addr; + struct Curl_sockaddr_storage remote_addr; + struct tftp_packet rpacket; + struct tftp_packet spacket; tftp_state_t state; tftp_mode_t mode; tftp_error_t error; @@ -136,16 +140,13 @@ struct tftp_conn { int retry_time; int retry_max; time_t rx_time; - struct Curl_sockaddr_storage local_addr; - struct Curl_sockaddr_storage remote_addr; curl_socklen_t remote_addrlen; int rbytes; size_t sbytes; unsigned int blksize; unsigned int requested_blksize; unsigned short block; - struct tftp_packet rpacket; - struct tftp_packet spacket; + BIT(remote_pinned); }; @@ -1094,18 +1095,31 @@ static CURLcode tftp_pollset(struct Curl_easy *data, static CURLcode tftp_receive_packet(struct Curl_easy *data, struct tftp_conn *state) { - curl_socklen_t fromlen; - CURLcode result = CURLE_OK; + CURLcode result = CURLE_OK; + struct Curl_sockaddr_storage remote_addr; + curl_socklen_t fromlen = sizeof(remote_addr); /* Receive the packet */ - fromlen = sizeof(state->remote_addr); state->rbytes = (int)recvfrom(state->sockfd, (void *)state->rpacket.data, (RECV_TYPE_ARG3)state->blksize + 4, 0, - (struct sockaddr *)&state->remote_addr, + (struct sockaddr *)&remote_addr, &fromlen); - state->remote_addrlen = fromlen; + if(state->remote_pinned) { + /* pinned, verify that it comes from the same address */ + if((state->remote_addrlen != fromlen) || + memcmp(&remote_addr, &state->remote_addr, fromlen)) { + failf(data, "Data received from another address"); + return CURLE_RECV_ERROR; + } + } + else { + /* pin address on first use */ + state->remote_pinned = TRUE; + state->remote_addrlen = fromlen; + memcpy(&state->remote_addr, &remote_addr, fromlen); + } /* Sanity check packet length */ if(state->rbytes < 4) { From 1f0f0bdb192a71b6b8b654115ee2c08f8411e356 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 22 Sep 2025 08:33:20 +0200 Subject: [PATCH 0132/2408] managen: strict protocol check - protocols MUST match one in the accept-list - protocols are typically all uppercase - drop All - use SCP and SFTP instead of SSH - add Protocols: to some options previously missing one Closes #18675 --- docs/cmdline-opts/doh-cert-status.md | 1 + docs/cmdline-opts/doh-insecure.md | 1 + docs/cmdline-opts/doh-url.md | 1 + docs/cmdline-opts/follow.md | 1 + docs/cmdline-opts/form-escape.md | 2 +- docs/cmdline-opts/ip-tos.md | 1 - docs/cmdline-opts/key.md | 2 +- docs/cmdline-opts/pass.md | 2 +- docs/cmdline-opts/sasl-authzid.md | 1 + docs/cmdline-opts/sasl-ir.md | 1 + docs/cmdline-opts/socks5-gssapi-nec.md | 1 + docs/cmdline-opts/socks5-gssapi.md | 1 + docs/cmdline-opts/telnet-option.md | 1 + docs/cmdline-opts/upload-flags.md | 1 + docs/cmdline-opts/url-query.md | 1 - docs/cmdline-opts/vlan-priority.md | 1 - scripts/managen | 34 ++++++++++++++++++++++++-- 17 files changed, 45 insertions(+), 8 deletions(-) diff --git a/docs/cmdline-opts/doh-cert-status.md b/docs/cmdline-opts/doh-cert-status.md index 7c497cf16f..445eb3dcd0 100644 --- a/docs/cmdline-opts/doh-cert-status.md +++ b/docs/cmdline-opts/doh-cert-status.md @@ -5,6 +5,7 @@ Long: doh-cert-status Help: Verify DoH server cert status OCSP-staple Added: 7.76.0 Category: dns tls +Protocols: DNS Multi: boolean See-also: - doh-insecure diff --git a/docs/cmdline-opts/doh-insecure.md b/docs/cmdline-opts/doh-insecure.md index 72f3cb7725..ee1602a242 100644 --- a/docs/cmdline-opts/doh-insecure.md +++ b/docs/cmdline-opts/doh-insecure.md @@ -5,6 +5,7 @@ Long: doh-insecure Help: Allow insecure DoH server connections Added: 7.76.0 Category: dns tls +Protocols: DNS Multi: boolean See-also: - doh-url diff --git a/docs/cmdline-opts/doh-url.md b/docs/cmdline-opts/doh-url.md index dcc6e52f8a..60cf6caab0 100644 --- a/docs/cmdline-opts/doh-url.md +++ b/docs/cmdline-opts/doh-url.md @@ -6,6 +6,7 @@ Arg: Help: Resolve hostnames over DoH Added: 7.62.0 Category: dns +Protocols: DNS Multi: single See-also: - doh-insecure diff --git a/docs/cmdline-opts/follow.md b/docs/cmdline-opts/follow.md index 47d9128441..e791e36adf 100644 --- a/docs/cmdline-opts/follow.md +++ b/docs/cmdline-opts/follow.md @@ -4,6 +4,7 @@ SPDX-License-Identifier: curl Long: follow Help: Follow redirects per spec Category: http +Protocols: HTTP Added: 8.16.0 Multi: boolean See-also: diff --git a/docs/cmdline-opts/form-escape.md b/docs/cmdline-opts/form-escape.md index 0f93fde7eb..7cf1cb7403 100644 --- a/docs/cmdline-opts/form-escape.md +++ b/docs/cmdline-opts/form-escape.md @@ -3,7 +3,7 @@ c: Copyright (C) Daniel Stenberg, , et al. SPDX-License-Identifier: curl Long: form-escape Help: Escape form fields using backslash -Protocols: HTTP imap smtp +Protocols: HTTP IMAP SMTP Added: 7.81.0 Category: http upload post Multi: single diff --git a/docs/cmdline-opts/ip-tos.md b/docs/cmdline-opts/ip-tos.md index 3d6473f312..f5ef589e23 100644 --- a/docs/cmdline-opts/ip-tos.md +++ b/docs/cmdline-opts/ip-tos.md @@ -6,7 +6,6 @@ Arg: Help: Set IP Type of Service or Traffic Class Added: 8.9.0 Category: connection -Protocols: All Multi: single See-also: - tcp-nodelay diff --git a/docs/cmdline-opts/key.md b/docs/cmdline-opts/key.md index 967119a8b5..cc4bc73fa5 100644 --- a/docs/cmdline-opts/key.md +++ b/docs/cmdline-opts/key.md @@ -3,7 +3,7 @@ c: Copyright (C) Daniel Stenberg, , et al. SPDX-License-Identifier: curl Long: key Arg: -Protocols: TLS SSH +Protocols: TLS SCP SFTP Help: Private key filename Category: tls ssh Added: 7.9.3 diff --git a/docs/cmdline-opts/pass.md b/docs/cmdline-opts/pass.md index 0527334f2a..79c2f8738a 100644 --- a/docs/cmdline-opts/pass.md +++ b/docs/cmdline-opts/pass.md @@ -4,7 +4,7 @@ SPDX-License-Identifier: curl Long: pass Arg: Help: Passphrase for the private key -Protocols: SSH TLS +Protocols: TLS SCP SFTP Category: ssh tls auth Added: 7.9.3 Multi: single diff --git a/docs/cmdline-opts/sasl-authzid.md b/docs/cmdline-opts/sasl-authzid.md index 4c4282d14d..4e92a20541 100644 --- a/docs/cmdline-opts/sasl-authzid.md +++ b/docs/cmdline-opts/sasl-authzid.md @@ -4,6 +4,7 @@ SPDX-License-Identifier: curl Long: sasl-authzid Arg: Help: Identity for SASL PLAIN authentication +Protocols: LDAP IMAP POP3 SMTP Added: 7.66.0 Category: auth Multi: single diff --git a/docs/cmdline-opts/sasl-ir.md b/docs/cmdline-opts/sasl-ir.md index 0f759c6d10..206bf29317 100644 --- a/docs/cmdline-opts/sasl-ir.md +++ b/docs/cmdline-opts/sasl-ir.md @@ -3,6 +3,7 @@ c: Copyright (C) Daniel Stenberg, , et al. SPDX-License-Identifier: curl Long: sasl-ir Help: Initial response in SASL authentication +Protocols: LDAP IMAP POP3 SMTP Added: 7.31.0 Category: auth Multi: boolean diff --git a/docs/cmdline-opts/socks5-gssapi-nec.md b/docs/cmdline-opts/socks5-gssapi-nec.md index eef6b2de9d..9cd91b9615 100644 --- a/docs/cmdline-opts/socks5-gssapi-nec.md +++ b/docs/cmdline-opts/socks5-gssapi-nec.md @@ -5,6 +5,7 @@ Long: socks5-gssapi-nec Help: Compatibility with NEC SOCKS5 server Added: 7.19.4 Category: proxy auth +Protocols: GSS/kerberos Multi: boolean See-also: - socks5 diff --git a/docs/cmdline-opts/socks5-gssapi.md b/docs/cmdline-opts/socks5-gssapi.md index e17425431b..b8520b22cc 100644 --- a/docs/cmdline-opts/socks5-gssapi.md +++ b/docs/cmdline-opts/socks5-gssapi.md @@ -5,6 +5,7 @@ Long: socks5-gssapi Help: Enable GSS-API auth for SOCKS5 proxies Added: 7.55.0 Category: proxy auth +Protocols: GSS/kerberos Multi: boolean See-also: - socks5 diff --git a/docs/cmdline-opts/telnet-option.md b/docs/cmdline-opts/telnet-option.md index a332b1a5cd..ca82a4ceb8 100644 --- a/docs/cmdline-opts/telnet-option.md +++ b/docs/cmdline-opts/telnet-option.md @@ -6,6 +6,7 @@ Short: t Arg: Help: Set telnet option Category: telnet +Protocols: TELNET Added: 7.7 Multi: append See-also: diff --git a/docs/cmdline-opts/upload-flags.md b/docs/cmdline-opts/upload-flags.md index e30fb3dbdb..d176148768 100644 --- a/docs/cmdline-opts/upload-flags.md +++ b/docs/cmdline-opts/upload-flags.md @@ -4,6 +4,7 @@ SPDX-License-Identifier: curl Long: upload-flags Arg: Help: IMAP upload behavior +Protocols: IMAP Category: curl output Added: 8.13.0 Multi: single diff --git a/docs/cmdline-opts/url-query.md b/docs/cmdline-opts/url-query.md index 43bf43d932..3953eda4c7 100644 --- a/docs/cmdline-opts/url-query.md +++ b/docs/cmdline-opts/url-query.md @@ -4,7 +4,6 @@ SPDX-License-Identifier: curl Long: url-query Arg: Help: Add a URL query part -Protocols: all Added: 7.87.0 Category: http post upload Multi: append diff --git a/docs/cmdline-opts/vlan-priority.md b/docs/cmdline-opts/vlan-priority.md index 34dc8ce066..c49c659e5c 100644 --- a/docs/cmdline-opts/vlan-priority.md +++ b/docs/cmdline-opts/vlan-priority.md @@ -6,7 +6,6 @@ Arg: Help: Set VLAN priority Added: 8.9.0 Category: connection -Protocols: All Multi: single See-also: - ip-tos diff --git a/scripts/managen b/scripts/managen index 9290680670..4849fe8378 100755 --- a/scripts/managen +++ b/scripts/managen @@ -241,8 +241,38 @@ sub overrides { } } +my %protexists = ( + 'DNS' => 1, + 'FILE' => 1, + 'FTP' => 1, + 'FTPS' => 1, + 'GSS/kerberos' => 1, + 'HTTP' => 1, + 'HTTPS' => 1, + 'IMAP' => 1, + 'IPFS' => 1, + 'LDAP' => 1, + 'MQTT' => 1, + 'POP3' => 1, + 'SCP' => 1, + 'SFTP' => 1, + 'SMTP' => 1, + 'SSL' => 2, # deprecated + 'TELNET' => 1, + 'TFTP' => 1, + 'TLS' => 1, + ); + sub protocols { - my ($manpage, $standalone, $data)=@_; + my ($f, $line, $manpage, $standalone, $data)=@_; + my @e = split(/ +/, $data); + for my $pr (@e) { + if(!$protexists{$pr}) { + + print STDERR "$f:$line:1:ERROR: unrecognized protocol: $pr\n"; + exit 2; + } + } if($standalone) { return ".SH \"PROTOCOLS\"\n$data\n"; } @@ -716,7 +746,7 @@ sub single { } my @leading; if($protocols) { - push @leading, protocols($manpage, $standalone, $protocols); + push @leading, protocols($f, $line, $manpage, $standalone, $protocols); } if($standalone) { From c9eff26c179222e7de077c0f59a6dfd9ba6dcce8 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 20 Sep 2025 13:34:08 +0200 Subject: [PATCH 0133/2408] tool_doswin: fix to use curl socket functions Replace `WSASocketW()` with `CURL_SOCKET()`. Also replace a call to `socketclose()` with `sclose()`. According to a comment, `socketclose()` was chosen to silence test 1498 (and 2300) reporting `MEMORY FAILURE`. These reports were accurate, and were caused by calling `WSASocketW()` instead of `socket()` (now `CURL_SOCKET()`). This also fixes the curl `sclose()` call on an error branch, which is now correctly paired with a curl socket open. The mismatched open/close calls caused an issue in TrackMemory-enabled (aka `CURLDEBUG`) builds. Docs confirm that `socket()` is defaulting to overlapped I/O, matching the replaced `WSASocketW()` call: https://learn.microsoft.com/windows/win32/api/winsock2/nf-winsock2-socket#remarks Also: - checksrc: ban `WSASocket*()` functions. - report `SOCKERRNO` instead of `GetLastError()` for socket calls, to match the rest of the codebase. Follow-up to 9a2663322c330ff11275abafd612e9c99407a94a #17572 Closes #18633 --- scripts/checksrc.pl | 3 +++ src/tool_doswin.c | 24 +++++++++++------------- 2 files changed, 14 insertions(+), 13 deletions(-) diff --git a/scripts/checksrc.pl b/scripts/checksrc.pl index 0eeab72323..0012ccdae1 100755 --- a/scripts/checksrc.pl +++ b/scripts/checksrc.pl @@ -74,6 +74,9 @@ my %banfunc = ( "LoadLibraryEx" => 1, "LoadLibraryExA" => 1, "LoadLibraryExW" => 1, + "WSASocket" => 1, + "WSASocketA" => 1, + "WSASocketW" => 1, "_waccess" => 1, "_access" => 1, "access" => 1, diff --git a/src/tool_doswin.c b/src/tool_doswin.c index 0450e5707b..29f8cecbd7 100644 --- a/src/tool_doswin.c +++ b/src/tool_doswin.c @@ -769,14 +769,14 @@ static DWORD WINAPI win_stdin_thread_func(void *thread_data) &clientAddrLen); if(socket_w == CURL_SOCKET_BAD) { - errorf("accept error: %08lx", GetLastError()); + errorf("accept error: %d", SOCKERRNO); goto ThreadCleanup; } - closesocket(tdata->socket_l); /* sclose here fails test 1498 */ + sclose(tdata->socket_l); tdata->socket_l = CURL_SOCKET_BAD; if(shutdown(socket_w, SD_RECEIVE) == SOCKET_ERROR) { - errorf("shutdown error: %08lx", GetLastError()); + errorf("shutdown error: %d", SOCKERRNO); goto ThreadCleanup; } for(;;) { @@ -835,11 +835,9 @@ curl_socket_t win32_stdin_read_thread(void) } /* Create the listening socket for the thread. When it starts, it will * accept our connection and begin writing STDIN data to the connection. */ - tdata->socket_l = WSASocketW(AF_INET, SOCK_STREAM, - IPPROTO_TCP, NULL, 0, WSA_FLAG_OVERLAPPED); - + tdata->socket_l = CURL_SOCKET(AF_INET, SOCK_STREAM, IPPROTO_TCP); if(tdata->socket_l == CURL_SOCKET_BAD) { - errorf("WSASocketW error: %08lx", GetLastError()); + errorf("socket() error: %d", SOCKERRNO); break; } @@ -850,20 +848,20 @@ curl_socket_t win32_stdin_read_thread(void) /* Bind to any available loopback port */ result = bind(tdata->socket_l, (SOCKADDR*)&selfaddr, socksize); if(result == SOCKET_ERROR) { - errorf("bind error: %08lx", GetLastError()); + errorf("bind error: %d", SOCKERRNO); break; } /* Bind to any available loopback port */ result = getsockname(tdata->socket_l, (SOCKADDR*)&selfaddr, &socksize); if(result == SOCKET_ERROR) { - errorf("getsockname error: %08lx", GetLastError()); + errorf("getsockname error: %d", SOCKERRNO); break; } result = listen(tdata->socket_l, 1); if(result == SOCKET_ERROR) { - errorf("listen error: %08lx", GetLastError()); + errorf("listen error: %d", SOCKERRNO); break; } @@ -891,7 +889,7 @@ curl_socket_t win32_stdin_read_thread(void) /* Connect to the thread and rearrange our own STDIN handles */ socket_r = CURL_SOCKET(AF_INET, SOCK_STREAM, IPPROTO_TCP); if(socket_r == CURL_SOCKET_BAD) { - errorf("socket error: %08lx", GetLastError()); + errorf("socket error: %d", SOCKERRNO); break; } @@ -899,12 +897,12 @@ curl_socket_t win32_stdin_read_thread(void) setsockopt(socket_r, SOL_SOCKET, SO_DONTLINGER, 0, 0); if(connect(socket_r, (SOCKADDR*)&selfaddr, socksize) == SOCKET_ERROR) { - errorf("connect error: %08lx", GetLastError()); + errorf("connect error: %d", SOCKERRNO); break; } if(shutdown(socket_r, SD_SEND) == SOCKET_ERROR) { - errorf("shutdown error: %08lx", GetLastError()); + errorf("shutdown error: %d", SOCKERRNO); break; } From aa9fa4d68e1f0e059c3df8d01838a650136e6f6f Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 21 Sep 2025 21:55:30 +0200 Subject: [PATCH 0134/2408] rustls: fix clang-tidy warning Seen with v21.1.1, non-debug-enabled build: ``` lib/vtls/rustls.c:415:23: error: File position of the stream might be 'indeterminate' after a failed operation. Can cause undefined behavior [clang-analyzer-unix.Stream,-warnings-as-errors] 415 | const size_t rr = fread(buf, 1, sizeof(buf), f); | ^ ``` Ref: https://github.com/curl/curl/actions/runs/17898248031/job/50887746633?pr=18660#step:11:174 Cherry-picked from #18660 Closes #18670 --- lib/vtls/rustls.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c index 87c23544ef..e081c4651a 100644 --- a/lib/vtls/rustls.c +++ b/lib/vtls/rustls.c @@ -410,7 +410,7 @@ read_file_into(const char *filename, return 0; } - while(!feof(f)) { + for(;;) { uint8_t buf[256]; const size_t rr = fread(buf, 1, sizeof(buf), f); if(rr == 0 || @@ -418,6 +418,8 @@ read_file_into(const char *filename, fclose(f); return 0; } + if(rr < sizeof(buf)) + break; } return fclose(f) == 0; From 7f5ff8f2769a0d771bbc0f5cad513cd07de79d08 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 22 Sep 2025 02:03:08 +0200 Subject: [PATCH 0135/2408] autotools: capitalize 'Rustls' in the log output To match the rest of the codebase. Follow-up to 548d8a842123c854ba92aac90a24c6191e2a8bd4 Cherry-picked from #18660 Closes #18671 --- configure.ac | 4 ++-- m4/curl-rustls.m4 | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/configure.ac b/configure.ac index 1aa0c27596..922978bfc1 100644 --- a/configure.ac +++ b/configure.ac @@ -272,8 +272,8 @@ AC_ARG_WITH(rustls,dnl AS_HELP_STRING([--with-rustls=PATH],[where to look for Rustls, PATH points to the installation root]),[ OPT_RUSTLS=$withval if test X"$withval" != Xno; then - TLSCHOICE="${TLSCHOICE:+$TLSCHOICE, }rustls" - experimental="$experimental rustls" + TLSCHOICE="${TLSCHOICE:+$TLSCHOICE, }Rustls" + experimental="$experimental Rustls" fi ]) diff --git a/m4/curl-rustls.m4 b/m4/curl-rustls.m4 index 13022f3963..8abcc6544b 100644 --- a/m4/curl-rustls.m4 +++ b/m4/curl-rustls.m4 @@ -132,7 +132,7 @@ if test "x$OPT_RUSTLS" != xno; then dnl don't need any. LIBS="$SSL_LIBS $LIBS" link_pkgconfig=1 - ssl_msg="rustls" + ssl_msg="Rustls" AC_DEFINE(USE_RUSTLS, 1, [if Rustls is enabled]) USE_RUSTLS="yes" RUSTLS_ENABLED=1 @@ -176,7 +176,7 @@ if test "x$OPT_RUSTLS" != xno; then AC_DEFINE(USE_RUSTLS, 1, [if Rustls is enabled]) RUSTLS_ENABLED=1 USE_RUSTLS="yes" - ssl_msg="rustls" + ssl_msg="Rustls" test rustls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes ], AC_MSG_ERROR([--with-rustls was specified but could not find compatible Rustls.]), From 330129c836b3ff9d904d4c0083ec4d71ac2c67c6 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 21 Sep 2025 19:48:22 +0200 Subject: [PATCH 0136/2408] GHA/linux: install zlib in all jobs by default Cherry-picked from #18660 Closes #18672 --- .github/workflows/linux.yml | 37 ++++++++++++++++--------------------- 1 file changed, 16 insertions(+), 21 deletions(-) diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index c9f090a969..7aa7bc5707 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -74,27 +74,26 @@ jobs: matrix: build: - name: 'libressl heimdal' - install_packages: zlib1g-dev libidn2-dev libnghttp2-dev libldap-dev heimdal-dev + install_packages: libidn2-dev libnghttp2-dev libldap-dev heimdal-dev install_steps: libressl pytest codeset-test configure: LDFLAGS=-Wl,-rpath,/home/runner/libressl/lib --with-openssl=/home/runner/libressl --with-gssapi --enable-debug - name: 'libressl heimdal valgrind' - install_packages: zlib1g-dev libnghttp2-dev libldap-dev heimdal-dev valgrind + install_packages: libnghttp2-dev libldap-dev heimdal-dev valgrind install_steps: libressl generate: -DOPENSSL_ROOT_DIR=/home/runner/libressl -DCURL_USE_GSSAPI=ON -DENABLE_DEBUG=ON -DCURL_LIBCURL_VERSIONED_SYMBOLS=ON - name: 'libressl clang' - install_packages: zlib1g-dev clang + install_packages: clang install_steps: libressl configure: CC=clang LDFLAGS=-Wl,-rpath,/home/runner/libressl/lib --with-openssl=/home/runner/libressl --enable-debug - name: 'wolfssl-all' - install_packages: zlib1g-dev install_steps: wolfssl-all configure: LDFLAGS=-Wl,-rpath,/home/runner/wolfssl-all/lib --with-wolfssl=/home/runner/wolfssl-all --enable-ech --enable-debug - name: 'wolfssl-opensslextra valgrind' - install_packages: zlib1g-dev valgrind + install_packages: valgrind install_steps: wolfssl-opensslextra wolfssh configure: LDFLAGS=-Wl,-rpath,/home/runner/wolfssl-opensslextra/lib --with-wolfssl=/home/runner/wolfssl-opensslextra --with-wolfssh=/home/runner/wolfssh --enable-ech --enable-debug @@ -133,17 +132,15 @@ jobs: -DCURL_COMPLETION_FISH=ON -DCURL_COMPLETION_ZSH=ON - name: 'awslc' - install_packages: zlib1g-dev install_steps: awslc pytest configure: LDFLAGS=-Wl,-rpath,/home/runner/awslc/lib --with-openssl=/home/runner/awslc --enable-ech - name: 'awslc' - install_packages: zlib1g-dev libidn2-dev + install_packages: libidn2-dev install_steps: awslc generate: -DOPENSSL_ROOT_DIR=/home/runner/awslc -DUSE_ECH=ON -DCMAKE_UNITY_BUILD=OFF - name: 'boringssl' - install_packages: zlib1g-dev install_steps: boringssl pytest generate: -DOPENSSL_ROOT_DIR=/home/runner/boringssl -DUSE_ECH=ON @@ -152,32 +149,30 @@ jobs: configure: --with-openssl --enable-debug --disable-unity - name: 'openssl libssh2 sync-resolver valgrind' - install_packages: zlib1g-dev libidn2-dev libssh2-1-dev libnghttp2-dev libldap-dev valgrind + install_packages: libidn2-dev libssh2-1-dev libnghttp2-dev libldap-dev valgrind generate: -DENABLE_DEBUG=ON -DENABLE_THREADED_RESOLVER=OFF -DCURL_USE_LIBSSH2=ON - name: 'openssl' - install_packages: zlib1g-dev install_steps: pytest configure: CFLAGS=-std=gnu89 --with-openssl --enable-debug - name: 'openssl arm' - install_packages: zlib1g-dev install_steps: pytest configure: CFLAGS=-std=gnu89 --with-openssl --enable-debug image: 'ubuntu-24.04-arm' - name: 'openssl -O3 libssh valgrind' - install_packages: zlib1g-dev libssh-dev valgrind + install_packages: libssh-dev valgrind CFLAGS: -O3 generate: -DENABLE_DEBUG=ON -DCURL_USE_LIBSSH=ON -DCMAKE_UNITY_BUILD_BATCH_SIZE=50 - name: 'openssl clang krb5 openldap static' install_steps: openldap-static - install_packages: zlib1g-dev libidn2-dev libkrb5-dev clang libssl-dev + install_packages: libidn2-dev libkrb5-dev clang libssl-dev configure: CC=clang --disable-shared --with-openssl --with-gssapi --enable-debug --disable-docs --disable-manual --with-ldap=/home/runner/openldap-static --with-ldap-lib=ldap --with-lber-lib=lber - name: 'openssl clang krb5 LTO' - install_packages: zlib1g-dev libkrb5-dev clang + install_packages: libkrb5-dev clang install_steps: skiprun CC: clang generate: -DCURL_USE_OPENSSL=ON -DCURL_USE_GSSAPI=ON -DENABLE_DEBUG=ON -DCURL_LTO=ON @@ -195,13 +190,13 @@ jobs: --disable-tftp --disable-ftp --disable-file --disable-smb - name: 'openssl torture !FTP' - install_packages: zlib1g-dev libnghttp2-dev libssh2-1-dev libc-ares-dev + install_packages: libnghttp2-dev libssh2-1-dev libc-ares-dev generate: -DCURL_USE_OPENSSL=ON -DENABLE_DEBUG=ON -DENABLE_ARES=ON tflags: -t --shallow=25 !FTP torture: true - name: 'openssl torture FTP' - install_packages: zlib1g-dev libnghttp2-dev libssh2-1-dev libc-ares-dev + install_packages: libnghttp2-dev libssh2-1-dev libc-ares-dev generate: -DCURL_USE_OPENSSL=ON -DENABLE_DEBUG=ON -DENABLE_ARES=ON tflags: -t --shallow=20 FTP torture: true @@ -220,7 +215,7 @@ jobs: configure: --without-ssl --enable-debug --disable-http --disable-smtp --disable-imap --disable-unity - name: 'clang-tidy' - install_packages: clang-tidy zlib1g-dev libssl-dev libkrb5-dev + install_packages: clang-tidy libkrb5-dev install_steps: skipall wolfssl-opensslextra wolfssh configure: LDFLAGS=-Wl,-rpath,/home/runner/wolfssl-opensslextra/lib --with-wolfssl=/home/runner/wolfssl-opensslextra --with-wolfssh=/home/runner/wolfssh --with-openssl --enable-ech --with-gssapi --enable-ssls-export make-custom-target: tidy @@ -234,7 +229,7 @@ jobs: make-prefix: scan-build --status-bugs - name: 'address-sanitizer' - install_packages: zlib1g-dev libssh2-1-dev clang libssl-dev libubsan1 libasan8 libtsan2 + install_packages: libssh2-1-dev clang libssl-dev libubsan1 libasan8 libtsan2 install_steps: pytest randcurl CFLAGS: -fsanitize=address,undefined,signed-integer-overflow -fno-sanitize-recover=undefined,integer -Wformat -Werror=format-security -Werror=array-bounds -g LDFLAGS: -fsanitize=address,undefined -fno-sanitize-recover=undefined,integer @@ -242,7 +237,7 @@ jobs: configure: CC=clang --with-openssl --enable-debug - name: 'thread-sanitizer' - install_packages: zlib1g-dev clang libtsan2 + install_packages: clang libtsan2 install_steps: pytest openssl-tsan CFLAGS: -fsanitize=thread -g LDFLAGS: -fsanitize=thread @@ -278,7 +273,7 @@ jobs: configure: --with-rustls --enable-ech --enable-debug - name: 'IntelC openssl' - install_packages: zlib1g-dev libssl-dev + install_packages: libssl-dev install_steps: intel configure: CC=icc --enable-debug --with-openssl @@ -311,7 +306,7 @@ jobs: sudo rm -f /var/lib/man-db/auto-update sudo apt-get -o Dpkg::Use-Pty=0 install \ libtool autoconf automake pkgconf \ - libpsl-dev libbrotli-dev libzstd-dev \ + libpsl-dev zlib1g-dev libbrotli-dev libzstd-dev \ ${INSTALL_PACKAGES} \ ${MATRIX_INSTALL_PACKAGES} python3 -m venv ~/venv From cd20f7b6532198162ddd5bfa816a284c1ad66a7e Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 22 Sep 2025 11:27:10 +0200 Subject: [PATCH 0137/2408] libssh: drop two unused assigments Reported in macOS clang-tidy v21.1.1 build, after enabling libssh in it: ``` lib/vssh/libssh.c lib/vssh/libssh.c:1342:9: error: Value stored to 'to_t' is never read [clang-analyzer-deadcode.DeadStores,-warnings-as-errors] 1342 | to_t = STRE_OK; | ^ lib/vssh/libssh.c:1342:9: note: Value stored to 'to_t' is never read lib/vssh/libssh.c:1349:9: error: Value stored to 'from_t' is never read [clang-analyzer-deadcode.DeadStores,-warnings-as-errors] 1349 | from_t = STRE_OK; | ^ lib/vssh/libssh.c:1349:9: note: Value stored to 'from_t' is never read 2 warnings generated. ``` Ref: https://github.com/curl/curl/actions/runs/17909917954/job/50918955923?pr=18660#step:11:182 Cherry-picked from #18660 Closes #18684 --- lib/vssh/libssh.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c index cb2e8cde4d..576ac3b0c0 100644 --- a/lib/vssh/libssh.c +++ b/lib/vssh/libssh.c @@ -1339,14 +1339,12 @@ static int myssh_in_SFTP_DOWNLOAD_STAT(struct Curl_easy *data, if((to_t == STRE_NO_NUM) || (to >= size)) { to = size - 1; - to_t = STRE_OK; } if(from_t == STRE_NO_NUM) { /* from is relative to end of file */ from = size - to; to = size - 1; - from_t = STRE_OK; } if(from > size) { failf(data, "Offset (%" FMT_OFF_T ") was beyond file size (%" From d75785c7dea214d12525beb659694d3fcc483731 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 20 Sep 2025 11:43:59 +0200 Subject: [PATCH 0138/2408] GHA: enable more options in static analyzer jobs This is an effort to pass more code through clang-tidt and scan-build static analyzers. Following CodeQL Linux jobs. GHA/codeql: - also build with libssh. - disable verbose output in build steps. GHA/linux: - enable more build options for the clang-tidy and scan-build jobs: libidn2, nghttp2, ldap, kerberos, rtmp, gnutls, gsasl, rustls, mbedtls, wolfssl Use Linuxbrew where necessary. - also enable ECH, gssapi in the scan-build job. - fix 'scanbuild' to be 'scan-build' in the job name. GHA/macos: - build with Rustls in the clang-tidy job. - add a new clang-tidy job to test HTTP/3 (with openssl + ngtcp2). - build with libssh in one of the clang-tidy jobs. - build with LibreSSL in the MultiSSL clang-tidy job. - build with heimdal and kerberos in the clang-tidy jobs respectively. - build with OpenLDAP in one clang-tidy job. - add support for `skipall`, `skiprun` job options, and use it. Closes #18660 --- .github/workflows/codeql.yml | 17 +++++++++-------- .github/workflows/linux.yml | 29 ++++++++++++++++++++++------- .github/workflows/macos.yml | 34 ++++++++++++++++++++++++++-------- 3 files changed, 57 insertions(+), 23 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 808ee0b63a..97b0ddd42c 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -75,7 +75,7 @@ jobs: sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list sudo apt-get -o Dpkg::Use-Pty=0 update sudo rm -f /var/lib/man-db/auto-update - sudo apt-get -o Dpkg::Use-Pty=0 install libpsl-dev libbrotli-dev libidn2-dev libssh2-1-dev \ + sudo apt-get -o Dpkg::Use-Pty=0 install libpsl-dev libbrotli-dev libidn2-dev libssh2-1-dev libssh-dev \ libnghttp2-dev libldap-dev heimdal-dev librtmp-dev libgnutls28-dev libwolfssl-dev /home/linuxbrew/.linuxbrew/bin/brew install c-ares gsasl libnghttp3 libngtcp2 mbedtls rustls-ffi @@ -108,19 +108,20 @@ jobs: cmake -B _bld1 -G Ninja -DENABLE_DEBUG=ON \ -DCURL_USE_GNUTLS=ON -DCURL_USE_MBEDTLS=ON -DCURL_USE_RUSTLS=ON -DCURL_USE_WOLFSSL=ON \ -DUSE_LIBRTMP=ON -DCURL_USE_GSASL=ON -DCURL_USE_GSSAPI=ON -DUSE_SSLS_EXPORT=ON -DUSE_ECH=ON -DENABLE_ARES=ON - cmake --build _bld1 --verbose - cmake --build _bld1 --verbose --target curlinfo - cmake --build _bld1 --verbose --target servers - cmake --build _bld1 --verbose --target tunits - cmake --build _bld1 --verbose --target curl-examples-build + cmake --build _bld1 + cmake --build _bld1 --target curlinfo + cmake --build _bld1 --target servers + cmake --build _bld1 --target tunits + cmake --build _bld1 --target curl-examples-build # HTTP/3 export PKG_CONFIG_PATH; PKG_CONFIG_PATH="$(brew --prefix libnghttp3)/lib/pkgconfig:$(brew --prefix libngtcp2)/lib/pkgconfig:$(brew --prefix gsasl)/lib/pkgconfig" cmake -B _bld2 -G Ninja \ -DCURL_USE_OPENSSL=ON -DOPENSSL_ROOT_DIR="$(brew --prefix openssl)" -DUSE_NGTCP2=ON \ + -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=ON \ -DUSE_LIBRTMP=ON -DCURL_USE_GSASL=ON -DCURL_USE_GSSAPI=ON -DUSE_SSLS_EXPORT=ON - cmake --build _bld2 --verbose - cmake --build _bld2 --verbose --target servers + cmake --build _bld2 + cmake --build _bld2 --target servers _bld1/src/curl --disable --version _bld2/src/curl --disable --version diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 7aa7bc5707..969b460d1d 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -215,18 +215,31 @@ jobs: configure: --without-ssl --enable-debug --disable-http --disable-smtp --disable-imap --disable-unity - name: 'clang-tidy' - install_packages: clang-tidy libkrb5-dev - install_steps: skipall wolfssl-opensslextra wolfssh - configure: LDFLAGS=-Wl,-rpath,/home/runner/wolfssl-opensslextra/lib --with-wolfssl=/home/runner/wolfssl-opensslextra --with-wolfssh=/home/runner/wolfssh --with-openssl --enable-ech --with-gssapi --enable-ssls-export + install_packages: clang-tidy libssl-dev libidn2-dev libssh2-1-dev libnghttp2-dev libldap-dev libkrb5-dev librtmp-dev libgnutls28-dev + install_steps: skipall mbedtls rustls wolfssl-opensslextra + install_steps_brew: gsasl make-custom-target: tidy + PKG_CONFIG_PATH: /home/linuxbrew/.linuxbrew/opt/gsasl/lib/pkgconfig + LDFLAGS: -Wl,-rpath,/home/runner/wolfssl-opensslextra/lib -Wl,-rpath,/home/linuxbrew/.linuxbrew/opt/gsasl/lib + configure: >- + --with-wolfssl=/home/runner/wolfssl-opensslextra --with-openssl --with-rustls --with-mbedtls=/home/runner/mbedtls --with-gnutls --with-libgsasl + --with-librtmp --with-libssh2 --with-libidn2 + --enable-ech --with-gssapi --enable-ssls-export - - name: 'scanbuild' - install_packages: clang-tools clang libssl-dev libssh2-1-dev - install_steps: skipall - configure: --with-openssl --enable-debug --with-libssh2 --disable-unity + - name: 'scan-build' + install_packages: clang-tools clang libssl-dev libidn2-dev libssh2-1-dev libnghttp2-dev libldap-dev libkrb5-dev librtmp-dev libgnutls28-dev + install_steps: skipall mbedtls rustls wolfssl-opensslextra + install_steps_brew: gsasl CC: clang configure-prefix: scan-build make-prefix: scan-build --status-bugs + PKG_CONFIG_PATH: /home/linuxbrew/.linuxbrew/opt/gsasl/lib/pkgconfig + LDFLAGS: -Wl,-rpath,/home/runner/wolfssl-opensslextra/lib -Wl,-rpath,/home/linuxbrew/.linuxbrew/opt/gsasl/lib + configure: >- + --with-wolfssl=/home/runner/wolfssl-opensslextra --with-openssl --with-rustls --with-mbedtls=/home/runner/mbedtls --with-gnutls --with-libgsasl + --with-librtmp --with-libssh2 --with-libidn2 + --enable-ech --with-gssapi --enable-ssls-export + --disable-debug --disable-unity - name: 'address-sanitizer' install_packages: libssh2-1-dev clang libssl-dev libubsan1 libasan8 libtsan2 @@ -296,6 +309,7 @@ jobs: - name: 'install prereqs' if: ${{ matrix.build.container == null && !contains(matrix.build.name, 'i686') }} env: + INSTALL_PACKAGES_BREW: '${{ matrix.build.install_steps_brew }}' INSTALL_PACKAGES: >- ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') && 'stunnel4' || '' }} ${{ contains(matrix.build.install_steps, 'pytest') && 'apache2 apache2-dev libnghttp2-dev vsftpd dante-server' || '' }} @@ -309,6 +323,7 @@ jobs: libpsl-dev zlib1g-dev libbrotli-dev libzstd-dev \ ${INSTALL_PACKAGES} \ ${MATRIX_INSTALL_PACKAGES} + [ -n "${INSTALL_PACKAGES_BREW}" ] && /home/linuxbrew/.linuxbrew/bin/brew install ${INSTALL_PACKAGES_BREW} python3 -m venv ~/venv - name: 'install prereqs' diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index be8565303e..0fd9d20f5b 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -281,10 +281,27 @@ jobs: generate: -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl -DCURL_USE_GSASL=ON -DUSE_LIBRTMP=ON -DUSE_APPLE_IDN=ON -DUSE_NGTCP2=ON - name: 'MultiSSL AppleIDN clang-tidy +examples' compiler: clang - install: llvm brotli zstd gnutls nettle mbedtls gsasl rtmpdump fish - install_steps: clang-tidy - generate: -DCURL_USE_OPENSSL=ON -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl -DCURL_DEFAULT_SSL_BACKEND=openssl -DCURL_USE_GNUTLS=ON -DCURL_USE_MBEDTLS=ON -DENABLE_ARES=ON -DCURL_USE_GSASL=ON -DUSE_LIBRTMP=ON -DUSE_APPLE_IDN=ON -DUSE_SSLS_EXPORT=ON -DCURL_CLANG_TIDY=ON -DCLANG_TIDY=/opt/homebrew/opt/llvm/bin/clang-tidy -DCURL_COMPLETION_FISH=ON -DCURL_COMPLETION_ZSH=ON + install: llvm brotli zstd gnutls nettle libressl krb5 mbedtls gsasl rustls-ffi rtmpdump libssh fish + install_steps: clang-tidy skiprun chkprefill: _chkprefill + generate: >- + -DCURL_USE_OPENSSL=ON -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/libressl -DCURL_DEFAULT_SSL_BACKEND=openssl + -DCURL_USE_GNUTLS=ON -DCURL_USE_MBEDTLS=ON -DCURL_USE_RUSTLS=ON -DENABLE_ARES=ON -DCURL_USE_GSASL=ON -DUSE_LIBRTMP=ON + -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=ON -DUSE_APPLE_IDN=ON -DUSE_SSLS_EXPORT=ON + -DCURL_USE_GSSAPI=ON -DGSS_ROOT_DIR=/opt/homebrew/opt/krb5 + -DCURL_CLANG_TIDY=ON -DCLANG_TIDY=/opt/homebrew/opt/llvm/bin/clang-tidy + -DCURL_COMPLETION_FISH=ON -DCURL_COMPLETION_ZSH=ON + + - name: 'HTTP/3 clang-tidy' + compiler: clang + install: llvm brotli zstd libnghttp3 libngtcp2 openldap heimdal + install_steps: clang-tidy skipall + generate: >- + -DCURL_USE_OPENSSL=ON -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl -DUSE_NGTCP2=ON + -DLDAP_INCLUDE_DIR=/opt/homebrew/opt/openldap/include -DLDAP_LIBRARY=/opt/homebrew/opt/openldap/lib/libldap.dylib -DLDAP_LBER_LIBRARY=/opt/homebrew/opt/openldap/lib/liblber.dylib + -DCURL_USE_GSSAPI=ON -DGSS_ROOT_DIR=/opt/homebrew/opt/heimdal + -DCURL_CLANG_TIDY=ON -DCLANG_TIDY=/opt/homebrew/opt/llvm/bin/clang-tidy + - name: 'quictls +static libssh +examples' install: quictls libssh generate: -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/quictls -DBUILD_STATIC_LIBS=ON -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=ON @@ -340,7 +357,7 @@ jobs: env: INSTALL_PACKAGES: >- ${{ matrix.build.generate && 'ninja' || 'automake libtool' }} - ${{ !contains(matrix.build.install_steps, 'clang-tidy') && 'nghttp2 stunnel' || '' }} + ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') && 'nghttp2 stunnel' || '' }} ${{ contains(matrix.build.install_steps, 'pytest') && 'caddy httpd vsftpd' || '' }} run: | @@ -459,6 +476,7 @@ jobs: fi - name: 'build tests' + if: ${{ !contains(matrix.build.install_steps, 'skipall') }} run: | if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake --build bld --verbose --target testdeps @@ -467,14 +485,14 @@ jobs: fi - name: 'install test prereqs' - if: ${{ !contains(matrix.build.install_steps, 'clang-tidy') }} + if: ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') }} run: | python3 -m venv ~/venv source ~/venv/bin/activate python3 -m pip install -r tests/requirements.txt - name: 'run tests' - if: ${{ !contains(matrix.build.install_steps, 'clang-tidy') }} + if: ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') }} timeout-minutes: ${{ contains(matrix.build.install_steps, 'torture') && 20 || 10 }} env: TEST_TARGET: ${{ contains(matrix.build.install_steps, 'torture') && 'test-torture' || 'test-ci' }} @@ -496,13 +514,13 @@ jobs: fi - name: 'install pytest prereqs' - if: ${{ !contains(matrix.build.install_steps, 'clang-tidy') && contains(matrix.build.install_steps, 'pytest') }} + if: ${{ contains(matrix.build.install_steps, 'pytest') }} run: | source ~/venv/bin/activate python3 -m pip install -r tests/http/requirements.txt - name: 'run pytest' - if: ${{ !contains(matrix.build.install_steps, 'clang-tidy') && contains(matrix.build.install_steps, 'pytest') }} + if: ${{ contains(matrix.build.install_steps, 'pytest') }} env: PYTEST_ADDOPTS: '--color=yes' PYTEST_XDIST_AUTO_NUM_WORKERS: 4 From f833d5d1fb0cabaaf646e4c630a2cf7b80f55d0f Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 22 Sep 2025 18:02:49 +0200 Subject: [PATCH 0139/2408] cmake: use modern alternatives for `get_filename_component()` - use `cmake_path()` to query filenames, with CMake 3.20 or upper. https://cmake.org/cmake/help/v4.1/command/cmake_path.html#query - use `cmake_host_system_information()` to query the registry, with CMake 3.24 or upper. https://cmake.org/cmake/help/v4.1/command/cmake_host_system_information.html#query-windows-registry Replacing the undocumented method. - also quote the value passed to `get_filename_component()` where missing. (Could not cause an actual issue as used in the code.) Closes #18688 --- CMake/FindGSS.cmake | 15 ++++++++++++--- CMake/FindNGTCP2.cmake | 6 +++++- CMakeLists.txt | 9 +++++++-- 3 files changed, 24 insertions(+), 6 deletions(-) diff --git a/CMake/FindGSS.cmake b/CMake/FindGSS.cmake index 9000445acb..172259e282 100644 --- a/CMake/FindGSS.cmake +++ b/CMake/FindGSS.cmake @@ -230,7 +230,11 @@ if(NOT _gss_FOUND) # Not found by pkg-config. Let us take more traditional appr if(GSS_FLAVOUR) set(_gss_libdir_suffixes "") set(_gss_libdir_hints ${_gss_root_hints}) - get_filename_component(_gss_calculated_potential_root "${_gss_INCLUDE_DIRS}" DIRECTORY) + if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.20) + cmake_path(GET _gss_INCLUDE_DIRS PARENT_PATH _gss_calculated_potential_root) + else() + get_filename_component(_gss_calculated_potential_root "${_gss_INCLUDE_DIRS}" DIRECTORY) + endif() list(APPEND _gss_libdir_hints ${_gss_calculated_potential_root}) if(WIN32) @@ -323,8 +327,13 @@ if(GSS_FLAVOUR) set(GSS_VERSION "Heimdal Unknown") endif() elseif(NOT GSS_VERSION AND GSS_FLAVOUR STREQUAL "MIT") - get_filename_component(_mit_version "[HKEY_LOCAL_MACHINE\\SOFTWARE\\MIT\\Kerberos\\SDK\\CurrentVersion;VersionString]" NAME - CACHE) + if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.24) + cmake_host_system_information(RESULT _mit_version QUERY WINDOWS_REGISTRY + "HKLM/SOFTWARE/MIT/Kerberos/SDK/CurrentVersion" VALUE "VersionString") + else() + get_filename_component(_mit_version + "[HKEY_LOCAL_MACHINE\\SOFTWARE\\MIT\\Kerberos\\SDK\\CurrentVersion;VersionString]" NAME CACHE) + endif() if(WIN32 AND _mit_version) set(GSS_VERSION "${_mit_version}") else() diff --git a/CMake/FindNGTCP2.cmake b/CMake/FindNGTCP2.cmake index 700017f859..eb4358ef00 100644 --- a/CMake/FindNGTCP2.cmake +++ b/CMake/FindNGTCP2.cmake @@ -104,7 +104,11 @@ else() endif() if(_ngtcp2_crypto_backend) - get_filename_component(_ngtcp2_library_dir "${NGTCP2_LIBRARY}" DIRECTORY) + if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.20) + cmake_path(GET NGTCP2_LIBRARY PARENT_PATH _ngtcp2_library_dir) + else() + get_filename_component(_ngtcp2_library_dir "${NGTCP2_LIBRARY}" DIRECTORY) + endif() find_library(${_crypto_library_upper}_LIBRARY NAMES ${_crypto_library_lower} HINTS ${_ngtcp2_library_dir}) if(${_crypto_library_upper}_LIBRARY) diff --git a/CMakeLists.txt b/CMakeLists.txt index 083c2f37b9..f817b61a81 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -2339,8 +2339,13 @@ if(NOT CURL_DISABLE_INSTALL) elseif(_lib MATCHES "/") # This gets a bit more complex, because we want to specify the # directory separately, and only once per directory - get_filename_component(_libdir ${_lib} DIRECTORY) - get_filename_component(_libname ${_lib} NAME_WE) + if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.20) + cmake_path(GET _lib PARENT_PATH _libdir) + cmake_path(GET _lib STEM _libname) + else() + get_filename_component(_libdir "${_lib}" DIRECTORY) + get_filename_component(_libname "${_lib}" NAME_WE) + endif() if(_libname MATCHES "^lib") if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.20) cmake_path(SET _libdir NORMALIZE "${_libdir}") From 051839eb8fcac5ed384e9c3911cb2511119c2c8a Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 22 Sep 2025 23:58:41 +0200 Subject: [PATCH 0140/2408] tidy-up: URLs Closes #18689 --- docs/BINDINGS.md | 6 +++--- docs/BUG-BOUNTY.md | 4 ++-- docs/ECH.md | 4 ++-- docs/HTTP-COOKIES.md | 2 +- docs/HTTPSRR.md | 2 +- docs/INSTALL.md | 9 +++++---- docs/RUSTLS.md | 2 +- 7 files changed, 15 insertions(+), 14 deletions(-) diff --git a/docs/BINDINGS.md b/docs/BINDINGS.md index 8bba1d9c9a..a72482cf8d 100644 --- a/docs/BINDINGS.md +++ b/docs/BINDINGS.md @@ -22,7 +22,7 @@ libcurl bindings [Basic](https://scriptbasic.com/) ScriptBasic bindings written by Peter Verhas -C++: [curlpp](https://github.com/jpbarrette/curlpp/) Written by Jean-Philippe Barrette-LaPierre, +C++: [curlpp](https://github.com/jpbarrette/curlpp) Written by Jean-Philippe Barrette-LaPierre, [curlcpp](https://github.com/JosephP91/curlcpp) by Giuseppe Persico and [C++ Requests](https://github.com/libcpr/cpr) by Huu Nguyen @@ -75,7 +75,7 @@ Go: [go-curl](https://github.com/andelf/go-curl) by ShuYu Wang Lua: [luacurl](https://web.archive.org/web/20201205052437/luacurl.luaforge.net/) by Alexander Marinov, [Lua-cURL](https://github.com/Lua-cURL) by Jürgen Hötzel -[Mono](https://web.archive.org/web/20070606064500/https://forge.novell.com/modules/xfmod/project/?libcurl-mono) Written by Jeffrey Phillips +[Mono](https://web.archive.org/web/20070606064500/forge.novell.com/modules/xfmod/project/?libcurl-mono) Written by Jeffrey Phillips [.NET](https://sourceforge.net/projects/libcurl-net/) libcurl-net by Jeffrey Phillips @@ -121,7 +121,7 @@ Ruby: [curb](https://github.com/taf2/curb) written by Ross Bamford, [Rust](https://github.com/alexcrichton/curl-rust) curl-rust - by Carl Lerche -[Scheme](https://www.metapaper.net/lisovsky/web/curl/) Bigloo binding by Kirill Lisovsky +[Scheme](https://metapaper.net/lisovsky/web/curl/) Bigloo binding by Kirill Lisovsky [Scilab](https://help.scilab.org/docs/current/fr_FR/getURL.html) binding by Sylvestre Ledru diff --git a/docs/BUG-BOUNTY.md b/docs/BUG-BOUNTY.md index 6933c61b34..d75ea28e02 100644 --- a/docs/BUG-BOUNTY.md +++ b/docs/BUG-BOUNTY.md @@ -7,8 +7,8 @@ SPDX-License-Identifier: curl # The curl bug bounty The curl project runs a bug bounty program in association with -[HackerOne](https://www.hackerone.com) and the [Internet Bug -Bounty](https://internetbugbounty.org). +[HackerOne](https://www.hackerone.com/) and the [Internet Bug +Bounty](https://internetbugbounty.org/). ## How does it work? diff --git a/docs/ECH.md b/docs/ECH.md index 969bbfa27f..712bf2d774 100644 --- a/docs/ECH.md +++ b/docs/ECH.md @@ -375,8 +375,8 @@ There are some known issues with the ECH implementation in wolfSSL: - The main issue is that the client currently handles HelloRetryRequest incorrectly. [HRR issue](https://github.com/wolfSSL/wolfssl/issues/6802).) The HRR issue means that the client does not work for - [this ECH test web site](https://tls-ech.dev) and any other similarly configured - sites. + [this ECH test web site](https://tls-ech.dev/) and any other similarly + configured sites. - There is also an issue related to so-called middlebox compatibility mode. [middlebox compatibility issue](https://github.com/wolfSSL/wolfssl/issues/6774) diff --git a/docs/HTTP-COOKIES.md b/docs/HTTP-COOKIES.md index 62905dbc6c..41faecdcb9 100644 --- a/docs/HTTP-COOKIES.md +++ b/docs/HTTP-COOKIES.md @@ -23,7 +23,7 @@ SPDX-License-Identifier: curl For a long time, the only spec explaining how to use cookies was the original [Netscape spec from 1994](https://curl.se/rfc/cookie_spec.html). - In 2011, [RFC 6265](https://www.ietf.org/rfc/rfc6265.txt) was finally + In 2011, [RFC 6265](https://datatracker.ietf.org/doc/html/rfc6265) was finally published and details how cookies work within HTTP. In 2016, an update which added support for prefixes was [proposed](https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-cookie-prefixes-00), diff --git a/docs/HTTPSRR.md b/docs/HTTPSRR.md index 22184a253e..7e82806348 100644 --- a/docs/HTTPSRR.md +++ b/docs/HTTPSRR.md @@ -6,7 +6,7 @@ SPDX-License-Identifier: curl # HTTPS RR -[RFC 9460](https://www.rfc-editor.org/rfc/rfc9460.html) documents the HTTPS +[RFC 9460](https://datatracker.ietf.org/doc/html/rfc9460) documents the HTTPS DNS Resource Record. curl features **experimental** support for HTTPS RR. diff --git a/docs/INSTALL.md b/docs/INSTALL.md index 3972d24239..ff0a36d365 100644 --- a/docs/INSTALL.md +++ b/docs/INSTALL.md @@ -15,7 +15,8 @@ libcurl from [source code](https://curl.se/download.html). ## Building using vcpkg -You can download and install curl and libcurl using the [vcpkg](https://github.com/Microsoft/vcpkg/) dependency manager: +You can download and install curl and libcurl using +the [vcpkg](https://github.com/Microsoft/vcpkg) dependency manager: git clone https://github.com/Microsoft/vcpkg.git cd vcpkg @@ -30,8 +31,8 @@ or pull request](https://github.com/Microsoft/vcpkg) on the vcpkg repository. ## Building from git If you get your code off a git repository instead of a release tarball, see -the [GIT-INFO.md](https://github.com/curl/curl/blob/master/GIT-INFO.md) file in the root directory for specific instructions on how -to proceed. +the [GIT-INFO.md](https://github.com/curl/curl/blob/master/GIT-INFO.md) file in +the root directory for specific instructions on how to proceed. # Unix @@ -217,7 +218,7 @@ executable in `/bin/` or you see the configure fail toward the end. Download the setup installer from [`cygwin`](https://cygwin.com/) to begin. Additional `cygwin` packages are needed for the install. For more on installing packages visit -[`cygwin setup`](https://www.cygwin.com/faq/faq.html#faq.setup.cli). +[`cygwin setup`](https://cygwin.com/faq/faq.html#faq.setup.cli). Either run setup-x86_64.exe, then search and select packages individually, or try: diff --git a/docs/RUSTLS.md b/docs/RUSTLS.md index e46e1d8025..4f904a97e0 100644 --- a/docs/RUSTLS.md +++ b/docs/RUSTLS.md @@ -8,7 +8,7 @@ SPDX-License-Identifier: curl [Rustls is a TLS backend written in Rust](https://docs.rs/rustls/). curl can be built to use it as an alternative to OpenSSL or other TLS backends. We use -the [rustls-ffi C bindings](https://github.com/rustls/rustls-ffi/). This +the [rustls-ffi C bindings](https://github.com/rustls/rustls-ffi). This version of curl is compatible with `rustls-ffi` v0.15.x. ## Getting rustls-ffi From 71fc11e6bbf530b90bf6e93a02cb32bdaecc933b Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 23 Sep 2025 11:19:18 +0200 Subject: [PATCH 0141/2408] GHA/codeql: build `units` on Linux Closes #18695 --- .github/workflows/codeql.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 97b0ddd42c..8cc7e9f48c 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -112,6 +112,7 @@ jobs: cmake --build _bld1 --target curlinfo cmake --build _bld1 --target servers cmake --build _bld1 --target tunits + cmake --build _bld1 --target units cmake --build _bld1 --target curl-examples-build # HTTP/3 From b326293619996ff88f965cc3baf90cee2038ba36 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 23 Sep 2025 11:50:23 +0200 Subject: [PATCH 0142/2408] GHA/linux: fix address sanitizer error output Same issue as seen earlier in the tsan job. Fix it the same way, by switching to cmake to avoid autotools' libtool confusing the analyzer. Ref: 2a46df31fdb91851895bc46d81f0065e6cafc80b #18274 Configuration remains identical. I removed libssh2 from the installed packages, because it was unused before, but cmake enabled it by default and libssh2 has memory leaks: Ref: https://github.com/curl/curl/actions/runs/17941312820/job/51018425159 Fixing: ``` /usr/bin/llvm-symbolizer-18: /home/runner/work/curl/curl/bld/lib/.libs/libcurl.so.4: no version information available (required by /usr/bin/llvm-symbolizer-18) /usr/bin/llvm-symbolizer-18: symbol lookup error: /home/runner/work/curl/curl/bld/lib/.libs/libcurl.so.4: undefined symbol: __asan_option_detect_stack_use_after_return ==33900==WARNING: Can't read from symbolizer at fd 3 [..] ==33900==WARNING: Can't write to symbolizer at fd 6 ==33900==WARNING: Failed to use and restart external symbolizer ``` Ref: https://github.com/curl/curl/actions/runs/17939949191/job/51013953675?pr=18693 Cherry-picked from #18693 Closes #18696 --- .github/workflows/linux.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 969b460d1d..4badcad407 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -242,12 +242,12 @@ jobs: --disable-debug --disable-unity - name: 'address-sanitizer' - install_packages: libssh2-1-dev clang libssl-dev libubsan1 libasan8 libtsan2 + install_packages: clang libssl-dev libubsan1 libasan8 libtsan2 install_steps: pytest randcurl CFLAGS: -fsanitize=address,undefined,signed-integer-overflow -fno-sanitize-recover=undefined,integer -Wformat -Werror=format-security -Werror=array-bounds -g - LDFLAGS: -fsanitize=address,undefined -fno-sanitize-recover=undefined,integer - LIBS: -ldl -lubsan - configure: CC=clang --with-openssl --enable-debug + LDFLAGS: -fsanitize=address,undefined -fno-sanitize-recover=undefined,integer -ldl -lubsan + CC: clang + generate: -DENABLE_DEBUG=ON - name: 'thread-sanitizer' install_packages: clang libtsan2 From 67de9924eb9dfcff009271b1fe9c901fc8a52807 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 23 Sep 2025 12:47:45 +0200 Subject: [PATCH 0143/2408] GHA/linux: enable libidn2 and libssh in asan job Closes #18697 --- .github/workflows/linux.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 4badcad407..dbdccf61ff 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -242,12 +242,12 @@ jobs: --disable-debug --disable-unity - name: 'address-sanitizer' - install_packages: clang libssl-dev libubsan1 libasan8 libtsan2 + install_packages: clang libssl-dev libssh-dev libidn2-dev libnghttp2-dev libubsan1 libasan8 libtsan2 install_steps: pytest randcurl CFLAGS: -fsanitize=address,undefined,signed-integer-overflow -fno-sanitize-recover=undefined,integer -Wformat -Werror=format-security -Werror=array-bounds -g LDFLAGS: -fsanitize=address,undefined -fno-sanitize-recover=undefined,integer -ldl -lubsan CC: clang - generate: -DENABLE_DEBUG=ON + generate: -DENABLE_DEBUG=ON -DCURL_USE_LIBSSH=ON - name: 'thread-sanitizer' install_packages: clang libtsan2 From 1acdf3bd64b6344ff818621155acf4cf5c3d1f50 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 23 Sep 2025 15:45:49 +0200 Subject: [PATCH 0144/2408] GHA/macos: add macos-26, llvm20, gcc15, drop macos-14, gcc14 Number of combo jobs down to 22 from 24. Also: - update the version matrix. - update exclusion matrix. - include verbose compiler configuration dump. It makes the Apple-included, default `-I/usr/local/include` visible. Ref: #18683 Closes #18698 --- .github/workflows/macos.yml | 45 ++++++++++++++++++++++++++++++++----- 1 file changed, 40 insertions(+), 5 deletions(-) diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index 0fd9d20f5b..0eb8f7e842 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -104,6 +104,7 @@ jobs: xcodebuild -sdk -version | grep '^Path:' || true xcrun --sdk iphoneos --show-sdk-path 2>/dev/null || true xcrun --sdk iphoneos --show-sdk-version || true + echo '::group::compiler defaults'; echo 'int main(void) {}' | "${CC}" -v -x c -; echo '::endgroup::' echo '::group::macros predefined'; "${CC}" -dM -E - < /dev/null | sort || true; echo '::endgroup::' echo '::group::brew packages installed'; ls -l /opt/homebrew/opt; echo '::endgroup::' @@ -555,18 +556,24 @@ jobs: strategy: fail-fast: false matrix: - compiler: [gcc-12, gcc-13, gcc-14, llvm@15, llvm@18, clang] + # Sources: + # https://github.com/actions/runner-images/blob/main/images/macos/macos-13-arm64-Readme.md + # https://github.com/actions/runner-images/blob/main/images/macos/macos-14-arm64-Readme.md + # https://github.com/actions/runner-images/blob/main/images/macos/macos-15-arm64-Readme.md + # https://github.com/actions/runner-images/blob/main/images/macos/macos-26-arm64-Readme.md + compiler: [gcc-12, gcc-13, gcc-15, llvm@15, llvm@18, llvm@20, clang] # Xcode support matrix as of 2024-07, with default macOS SDK versions and OS names, years: # * = default Xcode on the runner. # macos-13: 14.1, 14.2, 14.3.1, 15.0.1, 15.1,*15.2 # macos-14: 15.0.1, 15.1, 15.2, 15.3,*15.4 - # macos-15: *16.0, 16.1 - # macOSSDK: 13.0, 13.1, 13.3, 14.0, 14.2, 14.2, 14.4, 14.5, 15.0, 15.1 - # Ventura (2022) Sonoma (2023) Sequoia (2024) + # macos-15: 16.0, 16.1, 16.2, 16.3,*16.4, 26.0 + # macos-26: 16.4 *26.0 + # macOSSDK: 13.0, 13.1, 13.3, 14.0, 14.2, 14.2, 14.4, 14.5, 15.0, 15.1, 15.2, 15.4, 15.5, 26.0 + # Ventura (2022) Sonoma (2023) Sequoia (2024) Tahoe (2025) # https://github.com/actions/runner-images/tree/main/images/macos # https://en.wikipedia.org/wiki/MacOS_version_history # TODO when dropping macos-13: replace '$(brew --prefix ...' with /opt/homebrew - image: [macos-13, macos-14, macos-15] + image: [macos-13, macos-15, macos-26] # Can skip these to reduce jobs: # 15.1 has the same default macOS SDK as 15.2 and identical test results. # 14.1, 15.4 not revealing new fallouts. @@ -582,11 +589,19 @@ jobs: - { image: macos-13, xcode: '15.4' } - { image: macos-13, xcode: '16.0' } - { image: macos-13, xcode: '16.1' } + - { image: macos-13, xcode: '16.2' } + - { image: macos-13, xcode: '16.3' } + - { image: macos-13, xcode: '16.4' } + - { image: macos-13, xcode: '26.0' } - { image: macos-14, xcode: '14.1' } - { image: macos-14, xcode: '14.2' } - { image: macos-14, xcode: '14.3.1' } - { image: macos-14, xcode: '16.0' } - { image: macos-14, xcode: '16.1' } + - { image: macos-14, xcode: '16.2' } + - { image: macos-14, xcode: '16.3' } + - { image: macos-14, xcode: '16.4' } + - { image: macos-14, xcode: '26.0' } - { image: macos-15, xcode: '14.1' } - { image: macos-15, xcode: '14.2' } - { image: macos-15, xcode: '14.3.1' } @@ -595,12 +610,31 @@ jobs: - { image: macos-15, xcode: '15.2' } - { image: macos-15, xcode: '15.3' } - { image: macos-15, xcode: '15.4' } + - { image: macos-26, xcode: '14.1' } + - { image: macos-26, xcode: '14.2' } + - { image: macos-26, xcode: '14.3.1' } + - { image: macos-26, xcode: '15.0.1' } + - { image: macos-26, xcode: '15.1' } + - { image: macos-26, xcode: '15.2' } + - { image: macos-26, xcode: '15.3' } + - { image: macos-26, xcode: '15.4' } + - { image: macos-26, xcode: '16.0' } + - { image: macos-26, xcode: '16.1' } + - { image: macos-26, xcode: '16.2' } + - { image: macos-26, xcode: '16.3' } - { image: macos-13, compiler: 'llvm@18' } + - { image: macos-13, compiler: 'llvm@20' } - { image: macos-14, compiler: 'llvm@18' } + - { image: macos-14, compiler: 'llvm@20' } - { image: macos-15, compiler: 'llvm@15' } + - { image: macos-15, compiler: 'llvm@20' } + - { image: macos-26, compiler: 'llvm@15' } + - { image: macos-26, compiler: 'llvm@18' } + - { image: macos-26, compiler: 'gcc-12' } # Reduce build combinations, by dropping less interesting ones - { compiler: gcc-13, build: cmake } - { compiler: gcc-14, build: autotools } + - { compiler: gcc-15, build: autotools } steps: - name: 'install autotools' if: ${{ matrix.build == 'autotools' }} @@ -617,6 +651,7 @@ jobs: xcrun --sdk macosx --show-sdk-path 2>/dev/null || true xcrun --sdk macosx --show-sdk-version || true ls -l /Library/Developer/CommandLineTools/SDKs || true + echo '::group::compiler defaults'; echo 'int main(void) {}' | "${CC}" -v -x c -; echo '::endgroup::' echo '::group::macros predefined'; "${CC}" -dM -E - < /dev/null | sort || true; echo '::endgroup::' echo '::group::brew packages preinstalled'; ls -l "$(brew --prefix)/opt"; echo '::endgroup::' From 135e4ec1ddd664d3274447553db71f4959331858 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 22 Sep 2025 22:35:46 +0000 Subject: [PATCH 0145/2408] GHA: update dependency awslabs/aws-lc to v1.61.3 Closes #18690 --- .github/workflows/http3-linux.yml | 2 +- .github/workflows/linux.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index 3d3b35dee0..03e978565d 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -46,7 +46,7 @@ env: # renovate: datasource=github-tags depName=libressl/portable versioning=semver registryUrl=https://github.com LIBRESSL_VERSION: 4.1.0 # renovate: datasource=github-tags depName=awslabs/aws-lc versioning=semver registryUrl=https://github.com - AWSLC_VERSION: 1.60.0 + AWSLC_VERSION: 1.61.3 # renovate: datasource=github-tags depName=google/boringssl versioning=semver registryUrl=https://github.com BORINGSSL_VERSION: 0.20250818.0 # renovate: datasource=github-tags depName=gnutls/gnutls versioning=semver registryUrl=https://github.com diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index dbdccf61ff..7598137a95 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -46,7 +46,7 @@ env: # renovate: datasource=github-tags depName=Mbed-TLS/mbedtls versioning=semver registryUrl=https://github.com MBEDTLS_VERSION: 3.6.4 # renovate: datasource=github-tags depName=awslabs/aws-lc versioning=semver registryUrl=https://github.com - AWSLC_VERSION: 1.60.0 + AWSLC_VERSION: 1.61.3 # renovate: datasource=github-tags depName=google/boringssl versioning=semver registryUrl=https://github.com BORINGSSL_VERSION: 0.20250818.0 # handled in renovate.json From bdbb50a63e0d713102ffb3a29fd4d3544ff7d90d Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 24 Sep 2025 10:29:30 +0200 Subject: [PATCH 0146/2408] GHA/dist: fix number of parallel jobs on macos runner It was using the global parallel value in cmake integration tests, while on macos runners, this should be lower by one, as used in other macos jobs. Performance impact is minimal. Follow-up to fb70812437ad28b74dbdc1031e46c1d86bc9db3c #16126 Closes #18701 --- .github/workflows/distcheck.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/distcheck.yml b/.github/workflows/distcheck.yml index 9d893481bc..de06f5aeab 100644 --- a/.github/workflows/distcheck.yml +++ b/.github/workflows/distcheck.yml @@ -258,6 +258,7 @@ jobs: shell: ${{ contains(matrix.image, 'windows') && 'msys2 {0}' || 'bash' }} env: CC: ${{ !contains(matrix.image, 'windows') && 'clang' || '' }} + MAKEFLAGS: ${{ contains(matrix.image, 'macos') && '-j 4' || '-j 5' }} MATRIX_IMAGE: '${{ matrix.image }}' TESTOPTS: ${{ contains(matrix.image, 'macos') && '-D_CURL_PREFILL=ON' || '' }} ${{ contains(matrix.image, 'windows') && '-DCMAKE_UNITY_BUILD_BATCH_SIZE=30' || '' }} OLD_CMAKE_VERSION: 3.11.4 From cc157b49635f3d8d16f445d7af3c8152ff47ae18 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 24 Sep 2025 10:16:05 +0200 Subject: [PATCH 0147/2408] GHA/distcheck: bump timeout for the cmake integration It may take 1.5 minutes to find the C compiler on macos with old cmake. The build is also slow due to no unity and Ninja support. ``` Wed, 24 Sep 2025 04:56:51 GMT -- Using CMake version 3.11.4 Wed, 24 Sep 2025 04:58:01 GMT -- The C compiler identification is AppleClang 17.0.0.17000013 Wed, 24 Sep 2025 04:58:02 GMT -- Check for working C compiler: /Applications/Xcode_16.4.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/clang Wed, 24 Sep 2025 04:59:33 GMT -- Check for working C compiler: /Applications/Xcode_16.4.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/clang -- works Wed, 24 Sep 2025 04:59:33 GMT -- Detecting C compiler ABI info Wed, 24 Sep 2025 04:59:35 GMT -- Detecting C compiler ABI info - done ``` Ref: https://github.com/curl/curl/actions/runs/17966736478/job/51100678487?pr=18700#step:10:50 Closes #18702 --- .github/workflows/distcheck.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/distcheck.yml b/.github/workflows/distcheck.yml index de06f5aeab..da65bf4bd0 100644 --- a/.github/workflows/distcheck.yml +++ b/.github/workflows/distcheck.yml @@ -252,7 +252,7 @@ jobs: cmake-integration: name: 'CM integration ${{ matrix.image }}' runs-on: ${{ matrix.image }} - timeout-minutes: 10 + timeout-minutes: 15 defaults: run: shell: ${{ contains(matrix.image, 'windows') && 'msys2 {0}' || 'bash' }} From a99d79616b5df3442dac5598303179e33163a851 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 24 Sep 2025 09:26:19 +0000 Subject: [PATCH 0148/2408] GHA: update ngtcp2/nghttp3 to v1.12.0 Closes #18705 --- .github/workflows/http3-linux.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index 03e978565d..cd2d381092 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -54,7 +54,7 @@ env: # renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?.+)-stable$ registryUrl=https://github.com WOLFSSL_VERSION: 5.8.2 # renovate: datasource=github-tags depName=ngtcp2/nghttp3 versioning=semver registryUrl=https://github.com - NGHTTP3_VERSION: 1.11.0 + NGHTTP3_VERSION: 1.12.0 # renovate: datasource=github-tags depName=ngtcp2/ngtcp2 versioning=semver registryUrl=https://github.com NGTCP2_VERSION: 1.15.1 # renovate: datasource=github-tags depName=nghttp2/nghttp2 versioning=semver registryUrl=https://github.com From f8f84b40ccf6e73b89f6f27e2831d6ba1c70e334 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 24 Sep 2025 09:26:25 +0000 Subject: [PATCH 0149/2408] GHA: Update ngtcp2/ngtcp2 to v1.16.0 Closes #18706 --- .github/workflows/http3-linux.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index cd2d381092..780320e383 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -56,7 +56,7 @@ env: # renovate: datasource=github-tags depName=ngtcp2/nghttp3 versioning=semver registryUrl=https://github.com NGHTTP3_VERSION: 1.12.0 # renovate: datasource=github-tags depName=ngtcp2/ngtcp2 versioning=semver registryUrl=https://github.com - NGTCP2_VERSION: 1.15.1 + NGTCP2_VERSION: 1.16.0 # renovate: datasource=github-tags depName=nghttp2/nghttp2 versioning=semver registryUrl=https://github.com NGHTTP2_VERSION: 1.67.1 # renovate: datasource=github-tags depName=cloudflare/quiche versioning=semver registryUrl=https://github.com From 976a08985a93e105cdffc1a581e8b0a7f9ebc4c8 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Tue, 23 Sep 2025 09:55:11 +0200 Subject: [PATCH 0150/2408] ares: fix leak in tracing When DNS tracing is enabled, a string allocated by ares was not freed. Reported-by: jmaggard10 on github Bug: https://github.com/curl/curl/pull/18251#pullrequestreview-3255785083 Closes #18691 --- lib/asyn-ares.c | 7 +++++-- lib/curl_trc.h | 4 +++- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/lib/asyn-ares.c b/lib/asyn-ares.c index 807ca5c0bd..0a04f4cc36 100644 --- a/lib/asyn-ares.c +++ b/lib/asyn-ares.c @@ -747,8 +747,11 @@ struct Curl_addrinfo *Curl_async_getaddrinfo(struct Curl_easy *data, ares->result = CURLE_OK; #if ARES_VERSION >= 0x011800 /* >= v1.24.0 */ - CURL_TRC_DNS(data, "asyn-ares: servers=%s", - ares_get_servers_csv(ares->channel)); + if(CURL_TRC_DNS_is_verbose(data)) { + char *csv = ares_get_servers_csv(ares->channel); + CURL_TRC_DNS(data, "asyn-ares: servers=%s", csv); + ares_free_string(csv); + } #endif #ifdef HAVE_CARES_GETADDRINFO diff --git a/lib/curl_trc.h b/lib/curl_trc.h index 2819abe2dd..37a373e4a6 100644 --- a/lib/curl_trc.h +++ b/lib/curl_trc.h @@ -123,6 +123,8 @@ void Curl_trc_ws(struct Curl_easy *data, #define CURL_TRC_M_is_verbose(data) \ Curl_trc_ft_is_verbose(data, &Curl_trc_feat_multi) +#define CURL_TRC_DNS_is_verbose(data) \ + Curl_trc_ft_is_verbose(data, &Curl_trc_feat_dns) #if defined(CURL_HAVE_C99) && !defined(CURL_DISABLE_VERBOSE_STRINGS) #define infof(data, ...) \ @@ -141,7 +143,7 @@ void Curl_trc_ws(struct Curl_easy *data, do { if(Curl_trc_ft_is_verbose(data, &Curl_trc_feat_read)) \ Curl_trc_read(data, __VA_ARGS__); } while(0) #define CURL_TRC_DNS(data, ...) \ - do { if(Curl_trc_ft_is_verbose(data, &Curl_trc_feat_dns)) \ + do { if(CURL_TRC_DNS_is_verbose(data)) \ Curl_trc_dns(data, __VA_ARGS__); } while(0) #ifndef CURL_DISABLE_FTP From 7cb5e39f3682daf99d21a25c61841e1bf05ea693 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 22 Sep 2025 11:08:43 +0200 Subject: [PATCH 0151/2408] socks_gssapi: reject too long tokens If GSS returns a token to use that is longer than 65535 bytes, it can't be transmitted since the length field is an unisgned 16 bit field and thus needs to trigger an error. Reported in Joshua's sarif data Closes #18681 --- lib/socks_gssapi.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/socks_gssapi.c b/lib/socks_gssapi.c index 0a7ddd5ff1..037515e576 100644 --- a/lib/socks_gssapi.c +++ b/lib/socks_gssapi.c @@ -195,7 +195,9 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, if(gss_token != GSS_C_NO_BUFFER) gss_release_buffer(&gss_status, &gss_recv_token); if(check_gss_err(data, gss_major_status, - gss_minor_status, "gss_init_sec_context")) { + gss_minor_status, "gss_init_sec_context") || + /* the size needs to fit in a 16 bit field */ + (gss_send_token.length > 0xffff)) { gss_release_name(&gss_status, &server); gss_release_buffer(&gss_status, &gss_recv_token); gss_release_buffer(&gss_status, &gss_send_token); From 66c7e92ae4ab824d5c838a207f742af1df6edaec Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 22 Sep 2025 09:10:39 +0200 Subject: [PATCH 0152/2408] Revert "cf_socket_recv: don't count reading zero bytes as first byte" This reverts commit df60e8fe701e189e7629fd08b61950a0fb1b697a. The "first byte" checkpoint is not strictly the first byte received, but the sign of first traffic from the server, which a closed connection also is. Closes #18676 --- lib/cf-socket.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/cf-socket.c b/lib/cf-socket.c index 2f0429efea..d5add9723f 100644 --- a/lib/cf-socket.c +++ b/lib/cf-socket.c @@ -1578,7 +1578,7 @@ static CURLcode cf_socket_recv(struct Curl_cfilter *cf, struct Curl_easy *data, *pnread = (size_t)nread; CURL_TRC_CF(data, cf, "recv(len=%zu) -> %d, %zu", len, result, *pnread); - if(!result && !ctx->got_first_byte && nread) { + if(!result && !ctx->got_first_byte) { ctx->first_byte_at = curlx_now(); ctx->got_first_byte = TRUE; } From 470611d76c118995c64d3b738f02b89b76da6c43 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 22 Sep 2025 10:30:15 +0200 Subject: [PATCH 0153/2408] hostip: remove unnecessary leftover INT_MAX check in Curl_dnscache_prune The math already uses timediff_t so no need for the extra logic Ref: #18678 Closes #18680 --- lib/hostip.c | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/lib/hostip.c b/lib/hostip.c index fd8f706e7f..da260d7130 100644 --- a/lib/hostip.c +++ b/lib/hostip.c @@ -279,13 +279,9 @@ void Curl_dnscache_prune(struct Curl_easy *data) /* Remove outdated and unused entries from the hostcache */ timediff_t oldest_ms = dnscache_prune(&dnscache->entries, timeout_ms, now); - if(Curl_hash_count(&dnscache->entries) > MAX_DNS_CACHE_SIZE) { - if(oldest_ms < INT_MAX) - /* prune the ones over half this age */ - timeout_ms = (int)oldest_ms / 2; - else - timeout_ms = INT_MAX/2; - } + if(Curl_hash_count(&dnscache->entries) > MAX_DNS_CACHE_SIZE) + /* prune the ones over half this age */ + timeout_ms = oldest_ms / 2; else break; From acd0aa2c9d58c4aa849aa17ad6ff3f76ace02692 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 24 Sep 2025 14:53:18 +0200 Subject: [PATCH 0154/2408] docs: fix/tidy code fences - INSTALL.md: fence code to avoid wrong rendering. Reported-by: rinsuki on github Fixes: https://github.com/curl/curl-www/issues/480 - use `sh` instead of `bash` as fence language, for less visual noise. - INSTALL.md: drop stray shebang. - ECH.md: drop indent from fenced code. - minor tidy-ups. Ref: https://curl.se/docs/install.html Closes #18707 --- docs/ECH.md | 234 ++++++++++++++++++++++++------------------------ docs/INSTALL.md | 135 +++++++++++++++------------- 2 files changed, 191 insertions(+), 178 deletions(-) diff --git a/docs/ECH.md b/docs/ECH.md index 712bf2d774..d39f4b2f36 100644 --- a/docs/ECH.md +++ b/docs/ECH.md @@ -20,31 +20,31 @@ discussion about a good path forward for ECH support in curl. To build the OpenSSL project's ECH feature branch: -```bash - cd $HOME/code - git clone https://github.com/openssl/openssl - cd openssl - git checkout feature/ech - ./config --libdir=lib --prefix=$HOME/code/openssl-local-inst - ...stuff... - make -j8 - ...more stuff... - make install_sw - ...a little bit of stuff... +```sh +cd $HOME/code +git clone https://github.com/openssl/openssl +cd openssl +git checkout feature/ech +./config --libdir=lib --prefix=$HOME/code/openssl-local-inst +...stuff... +make -j8 +...more stuff... +make install_sw +...a little bit of stuff... ``` To build curl ECH-enabled, making use of the above: -```bash - cd $HOME/code - git clone https://github.com/curl/curl - cd curl - autoreconf -fi - LDFLAGS="-Wl,-rpath,$HOME/code/openssl-local-inst/lib/" ./configure --with-ssl=$HOME/code/openssl-local-inst --enable-ech - ...lots of output... - WARNING: ECH HTTPSRR enabled but marked EXPERIMENTAL... - make - ...lots more output... +```sh +cd $HOME/code +git clone https://github.com/curl/curl +cd curl +autoreconf -fi +LDFLAGS="-Wl,-rpath,$HOME/code/openssl-local-inst/lib/" ./configure --with-ssl=$HOME/code/openssl-local-inst --enable-ech +...lots of output... +WARNING: ECH HTTPSRR enabled but marked EXPERIMENTAL... +make +...lots more output... ``` If you do not get that WARNING at the end of the ``configure`` command, then @@ -63,24 +63,24 @@ not be the best solution. curl supports using DoH for A/AAAA lookups so it was relatively easy to add retrieval of HTTPS RRs in that situation. To use ECH and DoH together: -```bash - cd $HOME/code/curl - LD_LIBRARY_PATH=$HOME/code/openssl ./src/curl --ech true --doh-url https://one.one.one.one/dns-query https://defo.ie/ech-check.php - ... - SSL_ECH_STATUS: success good
- ... +```sh +cd $HOME/code/curl +LD_LIBRARY_PATH=$HOME/code/openssl ./src/curl --ech true --doh-url https://one.one.one.one/dns-query https://defo.ie/ech-check.php +... +SSL_ECH_STATUS: success good
+... ``` The output snippet above is within the HTML for the webpage, when things work. The above works for these test sites: -```bash - https://defo.ie/ech-check.php - https://draft-13.esni.defo.ie:8413/stats - https://draft-13.esni.defo.ie:8414/stats - https://crypto.cloudflare.com/cdn-cgi/trace - https://tls-ech.dev +```sh +https://defo.ie/ech-check.php +https://draft-13.esni.defo.ie:8413/stats +https://draft-13.esni.defo.ie:8414/stats +https://crypto.cloudflare.com/cdn-cgi/trace +https://tls-ech.dev ``` The list above has 4 different server technologies, implemented by 3 different @@ -107,18 +107,18 @@ reasons. To supply the ECHConfigList on the command line, you might need a bit of cut-and-paste, e.g.: -```bash - dig +short https defo.ie - 1 . ipv4hint=213.108.108.101 ech=AED+DQA8PAAgACD8WhlS7VwEt5bf3lekhHvXrQBGDrZh03n/LsNtAodbUAAEAAEAAQANY292ZXIuZGVmby5pZQAA ipv6hint=2a00:c6c0:0:116:5::10 +```sh +dig +short https defo.ie +1 . ipv4hint=213.108.108.101 ech=AED+DQA8PAAgACD8WhlS7VwEt5bf3lekhHvXrQBGDrZh03n/LsNtAodbUAAEAAEAAQANY292ZXIuZGVmby5pZQAA ipv6hint=2a00:c6c0:0:116:5::10 ``` Then paste the base64 encoded ECHConfigList onto the curl command line: -```bash - LD_LIBRARY_PATH=$HOME/code/openssl ./src/curl --ech ecl:AED+DQA8PAAgACD8WhlS7VwEt5bf3lekhHvXrQBGDrZh03n/LsNtAodbUAAEAAEAAQANY292ZXIuZGVmby5pZQAA https://defo.ie/ech-check.php - ... - SSL_ECH_STATUS: success good
- ... +```sh +LD_LIBRARY_PATH=$HOME/code/openssl ./src/curl --ech ecl:AED+DQA8PAAgACD8WhlS7VwEt5bf3lekhHvXrQBGDrZh03n/LsNtAodbUAAEAAEAAQANY292ZXIuZGVmby5pZQAA https://defo.ie/ech-check.php +... +SSL_ECH_STATUS: success good
+... ``` The output snippet above is within the HTML for the webpage. @@ -126,11 +126,11 @@ The output snippet above is within the HTML for the webpage. If you paste in the wrong ECHConfigList (it changes hourly for ``defo.ie``) you should get an error like this: -```bash - LD_LIBRARY_PATH=$HOME/code/openssl ./src/curl -vvv --ech ecl:AED+DQA8yAAgACDRMQo+qYNsNRNj+vfuQfFIkrrUFmM4vogucxKj/4nzYgAEAAEAAQANY292ZXIuZGVmby5pZQAA https://defo.ie/ech-check.php - ... - * OpenSSL/3.3.0: error:0A00054B:SSL routines::ech required - ... +```sh +LD_LIBRARY_PATH=$HOME/code/openssl ./src/curl -vvv --ech ecl:AED+DQA8yAAgACDRMQo+qYNsNRNj+vfuQfFIkrrUFmM4vogucxKj/4nzYgAEAAEAAQANY292ZXIuZGVmby5pZQAA https://defo.ie/ech-check.php +... +* OpenSSL/3.3.0: error:0A00054B:SSL routines::ech required +... ``` There is a reason to want this command line option - for use before publishing @@ -141,12 +141,12 @@ If you do use a wrong ECHConfigList value, then the server might return a good value, via the ``retry_configs`` mechanism. You can see that value in the verbose output, e.g.: -```bash - LD_LIBRARY_PATH=$HOME/code/openssl ./src/curl -vvv --ech ecl:AED+DQA8yAAgACDRMQo+qYNsNRNj+vfuQfFIkrrUFmM4vogucxKj/4nzYgAEAAEAAQANY292ZXIuZGVmby5pZQAA https://defo.ie/ech-check.php - ... +```sh +LD_LIBRARY_PATH=$HOME/code/openssl ./src/curl -vvv --ech ecl:AED+DQA8yAAgACDRMQo+qYNsNRNj+vfuQfFIkrrUFmM4vogucxKj/4nzYgAEAAEAAQANY292ZXIuZGVmby5pZQAA https://defo.ie/ech-check.php +... * ECH: retry_configs AQD+DQA8DAAgACBvYqJy+Hgk33wh/ZLBzKSPgwxeop7gvojQzfASq7zeZQAEAAEAAQANY292ZXIuZGVmby5pZQAA/g0APEMAIAAgXkT5r4cYs8z19q5rdittyIX8gfQ3ENW4wj1fVoiJZBoABAABAAEADWNvdmVyLmRlZm8uaWUAAP4NADw2ACAAINXSE9EdXzEQIJZA7vpwCIQsWqsFohZARXChgPsnfI1kAAQAAQABAA1jb3Zlci5kZWZvLmllAAD+DQA8cQAgACASeiD5F+UoSnVoHvA2l1EifUVMFtbVZ76xwDqmMPraHQAEAAEAAQANY292ZXIuZGVmby5pZQAA * ECH: retry_configs for defo.ie from cover.defo.ie, 319 - ... +... ``` At that point, you could copy the base64 encoded value above and try again. @@ -157,11 +157,11 @@ For now, this only works for the OpenSSL and BoringSSL/AWS-LC builds. curl has various ways to configure default settings, e.g. in ``$HOME/.curlrc``, so one can set the DoH URL and enable ECH that way: -```bash - cat ~/.curlrc - doh-url=https://one.one.one.one/dns-query - silent - ech=true +```sh +cat ~/.curlrc +doh-url=https://one.one.one.one/dns-query +silent +ech=true ``` Note that when you use the system's curl command (rather than our ECH-enabled @@ -176,27 +176,27 @@ now that seems to cause a problem, so that the following line(s) are ignored. If you want to always use our OpenSSL build you can set ``LD_LIBRARY_PATH`` in the environment: -```bash - export LD_LIBRARY_PATH=$HOME/code/openssl +```sh +export LD_LIBRARY_PATH=$HOME/code/openssl ``` When you do the above, there can be a mismatch between OpenSSL versions for applications that check that. A ``git push`` for example fails so you should unset ``LD_LIBRARY_PATH`` before doing that or use a different shell. -```bash - git push - OpenSSL version mismatch. Built against 30000080, you have 30200000 - ... +```sh +git push +OpenSSL version mismatch. Built against 30000080, you have 30200000 +... ``` With all that setup as above the command line gets simpler: -```bash - ./src/curl https://defo.ie/ech-check.php - ... - SSL_ECH_STATUS: success good
- ... +```sh +./src/curl https://defo.ie/ech-check.php +... +SSL_ECH_STATUS: success good
+... ``` The ``--ech true`` option is opportunistic, so tries to do ECH but does not fail if @@ -291,17 +291,17 @@ produce spurious failures. To build with cmake, assuming our ECH-enabled OpenSSL is as before: -```bash - cd $HOME/code - git clone https://github.com/curl/curl - cd curl - mkdir build - cd build - cmake -DOPENSSL_ROOT_DIR=$HOME/code/openssl -DUSE_ECH=1 .. - ... - make - ... - [100%] Built target curl +```sh +cd $HOME/code +git clone https://github.com/curl/curl +cd curl +mkdir build +cd build +cmake -DOPENSSL_ROOT_DIR=$HOME/code/openssl -DUSE_ECH=1 .. +... +make +... +[100%] Built target curl ``` The binary produced by the cmake build does not need any ECH-specific @@ -312,27 +312,27 @@ The binary produced by the cmake build does not need any ECH-specific BoringSSL is also supported by curl and also supports ECH, so to build with that, instead of our ECH-enabled OpenSSL: -```bash - cd $HOME/code - git clone https://boringssl.googlesource.com/boringssl - cd boringssl - cmake -DCMAKE_INSTALL_PREFIX:PATH=$HOME/code/boringssl/inst -DBUILD_SHARED_LIBS=1 - make - ... - make install +```sh +cd $HOME/code +git clone https://boringssl.googlesource.com/boringssl +cd boringssl +cmake -DCMAKE_INSTALL_PREFIX:PATH=$HOME/code/boringssl/inst -DBUILD_SHARED_LIBS=1 +make +... +make install ``` Then: -```bash - cd $HOME/code - git clone https://github.com/curl/curl - cd curl - autoreconf -fi - LDFLAGS="-Wl,-rpath,$HOME/code/boringssl/inst/lib" ./configure --with-ssl=$HOME/code/boringssl/inst --enable-ech - ...lots of output... - WARNING: ECH HTTPSRR enabled but marked EXPERIMENTAL. Use with caution. - make +```sh +cd $HOME/code +git clone https://github.com/curl/curl +cd curl +autoreconf -fi +LDFLAGS="-Wl,-rpath,$HOME/code/boringssl/inst/lib" ./configure --with-ssl=$HOME/code/boringssl/inst --enable-ech +...lots of output... +WARNING: ECH HTTPSRR enabled but marked EXPERIMENTAL. Use with caution. +make ``` The BoringSSL/AWS-LC APIs are fairly similar to those in our ECH-enabled @@ -346,14 +346,14 @@ line variant as of now. wolfSSL also supports ECH and can be used by curl, so here's how: -```bash - cd $HOME/code - git clone https://github.com/wolfSSL/wolfssl - cd wolfssl - ./autogen.sh - ./configure --prefix=$HOME/code/wolfssl/inst --enable-ech --enable-debug --enable-opensslextra - make - make install +```sh +cd $HOME/code +git clone https://github.com/wolfSSL/wolfssl +cd wolfssl +./autogen.sh +./configure --prefix=$HOME/code/wolfssl/inst --enable-ech --enable-debug --enable-opensslextra +make +make install ``` The install prefix (``inst``) in the above causes wolfSSL to be installed there @@ -361,13 +361,13 @@ and we seem to need that for the curl configure command to work out. The ``--enable-opensslextra`` turns out (after much faffing about;-) to be important or else we get build problems with curl below. -```bash - cd $HOME/code - git clone https://github.com/curl/curl - cd curl - autoreconf -fi - ./configure --with-wolfssl=$HOME/code/wolfssl/inst --enable-ech - make +```sh +cd $HOME/code +git clone https://github.com/curl/curl +cd curl +autoreconf -fi +./configure --with-wolfssl=$HOME/code/wolfssl/inst --enable-ech +make ``` There are some known issues with the ECH implementation in wolfSSL: @@ -439,7 +439,7 @@ this for now. Just a note to self as remembering this is a nuisance: -```bash +```sh LD_LIBRARY_PATH=$HOME/code/openssl:./lib/.libs gdb ./src/.libs/curl ``` @@ -451,10 +451,10 @@ for testing. We have published instructions for such in another repository. Once you have that set up, you can start a server and then run curl against that: -```bash - cd $HOME/code/ech-dev-utils - ./scripts/echsvr.sh -d - ... +```sh +cd $HOME/code/ech-dev-utils +./scripts/echsvr.sh -d +... ``` The ``echsvr.sh`` script supports many ECH-related options. Use ``echsvr.sh -h`` @@ -462,9 +462,9 @@ for details. In another window: -```bash - cd $HOME/code/curl/ - ./src/curl -vvv --insecure --connect-to foo.example.com:8443:localhost:8443 --ech ecl:AD7+DQA6uwAgACBix2B78sX+EQhEbxMspDOc8Z3xVS5aQpYP0Cxpc2AWPAAEAAEAAQALZXhhbXBsZS5jb20AAA== +```sh +cd $HOME/code/curl/ +./src/curl -vvv --insecure --connect-to foo.example.com:8443:localhost:8443 --ech ecl:AD7+DQA6uwAgACBix2B78sX+EQhEbxMspDOc8Z3xVS5aQpYP0Cxpc2AWPAAEAAEAAQALZXhhbXBsZS5jb20AAA== ``` ### Automated use of ``retry_configs`` not supported so far... diff --git a/docs/INSTALL.md b/docs/INSTALL.md index ff0a36d365..80fcb93216 100644 --- a/docs/INSTALL.md +++ b/docs/INSTALL.md @@ -275,28 +275,32 @@ If any error occurs during curl installation, try: You can use either autotools or cmake: - ./configure \ - CC=/path/to/djgpp/bin/i586-pc-msdosdjgpp-gcc \ - AR=/path/to/djgpp/bin/i586-pc-msdosdjgpp-ar \ - RANLIB=/path/to/djgpp/bin/i586-pc-msdosdjgpp-ranlib \ - WATT_ROOT=/path/to/djgpp/net/watt \ - --host=i586-pc-msdosdjgpp \ - --with-openssl=/path/to/djgpp \ - --with-zlib=/path/to/djgpp \ - --without-libpsl \ - --disable-shared +```sh +./configure \ + CC=/path/to/djgpp/bin/i586-pc-msdosdjgpp-gcc \ + AR=/path/to/djgpp/bin/i586-pc-msdosdjgpp-ar \ + RANLIB=/path/to/djgpp/bin/i586-pc-msdosdjgpp-ranlib \ + WATT_ROOT=/path/to/djgpp/net/watt \ + --host=i586-pc-msdosdjgpp \ + --with-openssl=/path/to/djgpp \ + --with-zlib=/path/to/djgpp \ + --without-libpsl \ + --disable-shared +``` - cmake . \ - -DCMAKE_SYSTEM_NAME=DOS \ - -DCMAKE_C_COMPILER_TARGET=i586-pc-msdosdjgpp \ - -DCMAKE_C_COMPILER=/path/to/djgpp/bin/i586-pc-msdosdjgpp-gcc \ - -DWATT_ROOT=/path/to/djgpp/net/watt \ - -DOPENSSL_INCLUDE_DIR=/path/to/djgpp/include \ - -DOPENSSL_SSL_LIBRARY=/path/to/djgpp/lib/libssl.a \ - -DOPENSSL_CRYPTO_LIBRARY=/path/to/djgpp/lib/libcrypto.a \ - -DZLIB_INCLUDE_DIR=/path/to/djgpp/include \ - -DZLIB_LIBRARY=/path/to/djgpp/lib/libz.a \ - -DCURL_USE_LIBPSL=OFF +```sh +cmake . \ + -DCMAKE_SYSTEM_NAME=DOS \ + -DCMAKE_C_COMPILER_TARGET=i586-pc-msdosdjgpp \ + -DCMAKE_C_COMPILER=/path/to/djgpp/bin/i586-pc-msdosdjgpp-gcc \ + -DWATT_ROOT=/path/to/djgpp/net/watt \ + -DOPENSSL_INCLUDE_DIR=/path/to/djgpp/include \ + -DOPENSSL_SSL_LIBRARY=/path/to/djgpp/lib/libssl.a \ + -DOPENSSL_CRYPTO_LIBRARY=/path/to/djgpp/lib/libcrypto.a \ + -DZLIB_INCLUDE_DIR=/path/to/djgpp/include \ + -DZLIB_LIBRARY=/path/to/djgpp/lib/libz.a \ + -DCURL_USE_LIBPSL=OFF +``` Notes: @@ -310,29 +314,33 @@ Notes: You can use either autotools or cmake: - ./configure \ - CC=/opt/amiga/bin/m68k-amigaos-gcc \ - AR=/opt/amiga/bin/m68k-amigaos-ar \ - RANLIB=/opt/amiga/bin/m68k-amigaos-ranlib \ - --host=m68k-amigaos \ - --with-amissl \ - CFLAGS='-O0 -msoft-float -mcrt=clib2' \ - CPPFLAGS=-I/path/to/AmiSSL/Developer/include \ - LDFLAGS=-L/path/to/AmiSSL/Developer/lib/AmigaOS3 \ - LIBS='-lnet -lm -latomic' \ - --without-libpsl \ - --disable-shared +```sh +./configure \ + CC=/opt/amiga/bin/m68k-amigaos-gcc \ + AR=/opt/amiga/bin/m68k-amigaos-ar \ + RANLIB=/opt/amiga/bin/m68k-amigaos-ranlib \ + --host=m68k-amigaos \ + --with-amissl \ + CFLAGS='-O0 -msoft-float -mcrt=clib2' \ + CPPFLAGS=-I/path/to/AmiSSL/Developer/include \ + LDFLAGS=-L/path/to/AmiSSL/Developer/lib/AmigaOS3 \ + LIBS='-lnet -lm -latomic' \ + --without-libpsl \ + --disable-shared +``` - cmake . \ - -DAMIGA=1 \ - -DCMAKE_SYSTEM_NAME=Generic \ - -DCMAKE_C_COMPILER_TARGET=m68k-unknown-amigaos \ - -DCMAKE_C_COMPILER=/opt/amiga/bin/m68k-amigaos-gcc \ - -DCMAKE_C_FLAGS='-O0 -msoft-float -mcrt=clib2' \ - -DAMISSL_INCLUDE_DIR=/path/to/AmiSSL/Developer/include \ - -DAMISSL_STUBS_LIBRARY=/path/to/AmiSSL/Developer/lib/AmigaOS3/libamisslstubs.a \ - -DAMISSL_AUTO_LIBRARY=/path/to/AmiSSL/Developer/lib/AmigaOS3/libamisslauto.a \ - -DCURL_USE_LIBPSL=OFF +```sh +cmake . \ + -DAMIGA=1 \ + -DCMAKE_SYSTEM_NAME=Generic \ + -DCMAKE_C_COMPILER_TARGET=m68k-unknown-amigaos \ + -DCMAKE_C_COMPILER=/opt/amiga/bin/m68k-amigaos-gcc \ + -DCMAKE_C_FLAGS='-O0 -msoft-float -mcrt=clib2' \ + -DAMISSL_INCLUDE_DIR=/path/to/AmiSSL/Developer/include \ + -DAMISSL_STUBS_LIBRARY=/path/to/AmiSSL/Developer/lib/AmigaOS3/libamisslstubs.a \ + -DAMISSL_AUTO_LIBRARY=/path/to/AmiSSL/Developer/lib/AmigaOS3/libamisslauto.a \ + -DCURL_USE_LIBPSL=OFF +``` ## Disabling Specific Protocols in Windows builds @@ -408,18 +416,22 @@ Examples to compile for `aarch64` and API level 29: with CMake, where `ANDROID_NDK_HOME` points into your NDK: - cmake . \ - -DANDROID_ABI=arm64-v8a \ - -DANDROID_PLATFORM=android-29 \ - -DCMAKE_TOOLCHAIN_FILE="$ANDROID_NDK_HOME/build/cmake/android.toolchain.cmake" \ - -DCURL_ENABLE_SSL=OFF \ - -DCURL_USE_LIBPSL=OFF +```sh +cmake . \ + -DANDROID_ABI=arm64-v8a \ + -DANDROID_PLATFORM=android-29 \ + -DCMAKE_TOOLCHAIN_FILE="$ANDROID_NDK_HOME/build/cmake/android.toolchain.cmake" \ + -DCURL_ENABLE_SSL=OFF \ + -DCURL_USE_LIBPSL=OFF +``` with `configure`, on macOS: -```bash +```sh export ANDROID_NDK_HOME=~/Library/Android/sdk/ndk/25.1.8937393 # Point into your NDK. -export HOST_TAG=darwin-x86_64 # Same tag for Apple Silicon. Other OS values here: https://developer.android.com/ndk/guides/other_build_systems#overview +# Same tag for Apple Silicon. Other OS values here: +# https://developer.android.com/ndk/guides/other_build_systems#overview +export HOST_TAG=darwin-x86_64 export TOOLCHAIN=$ANDROID_NDK_HOME/toolchains/llvm/prebuilt/$HOST_TAG export AR=$TOOLCHAIN/bin/llvm-ar export AS=$TOOLCHAIN/bin/llvm-as @@ -443,8 +455,10 @@ install `libssl.a` and `libcrypto.a` to `$TOOLCHAIN/sysroot/usr/lib` and copy `include/openssl` to `$TOOLCHAIN/sysroot/usr/include`. Now you can build curl for Android using OpenSSL like this: -```bash -LIBS="-lssl -lcrypto -lc++" # For OpenSSL/BoringSSL. In general, you need to the SSL/TLS layer's transitive dependencies if you are linking statically. +```sh +# For OpenSSL/BoringSSL. In general, you need to the SSL/TLS layer's transitive +# dependencies if you are linking statically. +LIBS='-lssl -lcrypto -lc++' ./configure --host aarch64-linux-android --with-pic --disable-shared --with-openssl="$TOOLCHAIN/sysroot/usr" ``` @@ -493,9 +507,7 @@ configure with any options you need. Be sure and specify the `--host` and of cross-compiling for the IBM 405GP PowerPC processor using the toolchain on Linux. -```bash -#! /bin/sh - +```sh export PATH=$PATH:/opt/hardhat/devkit/ppc/405/bin export CPPFLAGS="-I/opt/hardhat/devkit/ppc/405/target/usr/include" export AR=ppc_405-ar @@ -505,11 +517,12 @@ export RANLIB=ppc_405-ranlib export CC=ppc_405-gcc export NM=ppc_405-nm -./configure --target=powerpc-hardhat-linux - --host=powerpc-hardhat-linux - --build=i586-pc-linux-gnu - --prefix=/opt/hardhat/devkit/ppc/405/target/usr/local - --exec-prefix=/usr/local +./configure \ + --target=powerpc-hardhat-linux + --host=powerpc-hardhat-linux + --build=i586-pc-linux-gnu + --prefix=/opt/hardhat/devkit/ppc/405/target/usr/local + --exec-prefix=/usr/local ``` The `--prefix` parameter specifies where curl gets installed. If `configure` From 22b9f77e38cda5d7721059664140b37c74ed1d3f Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 24 Sep 2025 17:44:47 +0200 Subject: [PATCH 0155/2408] GHA/curl-for-win: use `DOCKER_IMAGE_STABLE` Replacing the hard-wired stable image. After this patch, it will automatically follow upstream updates. Follow-up to https://github.com/curl/curl-for-win/commit/6870bc1b35baff03168af1d0506ec8610851a819 Follow-up to https://github.com/curl/curl-for-win/commit/5a25df253da4f68de52b14a2e612df5fc60b8aa6 Closes #18709 --- .github/workflows/curl-for-win.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/curl-for-win.yml b/.github/workflows/curl-for-win.yml index 0090c7d6e2..e29a2a66e8 100644 --- a/.github/workflows/curl-for-win.yml +++ b/.github/workflows/curl-for-win.yml @@ -58,17 +58,17 @@ jobs: mv curl-for-win/* . export CW_CONFIG='-main-werror-unitybatch-linux-a64-x64-gcc' export CW_REVISION="${GITHUB_SHA}" - DOCKER_IMAGE='debian:bookworm-slim' + . ./_versions.sh export CW_CCSUFFIX='-15' export CW_GCCSUFFIX='-12' sudo podman image trust set --type reject default sudo podman image trust set --type accept docker.io/library - time podman pull "${DOCKER_IMAGE}" + time podman pull "${DOCKER_IMAGE_STABLE}" podman images --digests time podman run --volume "$(pwd):$(pwd)" --workdir "$(pwd)" \ --env-file <(env | grep -a -E \ '^(CW_|GITHUB_)') \ - "${DOCKER_IMAGE}" \ + "${DOCKER_IMAGE_STABLE}" \ sh -c ./_ci-linux-debian.sh linux-musl-llvm: From b011e3fcfb06d6c0278595ee2ee297036fbe9793 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 24 Sep 2025 06:52:52 +0200 Subject: [PATCH 0156/2408] vssh: drop support for wolfSSH The implementation was incomplete and lesser than the other backends. No one ever reported a bug or requested enhancements for this, indicating that this backend was never used. Closes #18700 --- .circleci/config.yml | 38 - .github/scripts/cmp-config.pl | 2 - .github/workflows/linux.yml | 34 +- .github/workflows/macos.yml | 2 +- CMake/FindWolfSSH.cmake | 65 -- CMakeLists.txt | 21 +- Makefile.am | 1 - configure.ac | 31 - docs/INSTALL-CMAKE.md | 3 - docs/KNOWN_BUGS | 16 - docs/tests/FILEFORMAT.md | 1 - lib/Makefile.inc | 3 +- lib/curl_config.h.cmake | 3 - lib/curl_setup.h | 2 +- lib/url.c | 2 +- lib/version.c | 4 +- lib/vssh/ssh.h | 11 - lib/vssh/wolfssh.c | 1225 --------------------------------- packages/OS400/ccsidcurl.c | 2 +- scripts/schemetable.c | 2 +- tests/runtests.pl | 3 - 21 files changed, 13 insertions(+), 1458 deletions(-) delete mode 100644 CMake/FindWolfSSH.cmake delete mode 100644 lib/vssh/wolfssh.c diff --git a/.circleci/config.yml b/.circleci/config.yml index c67f572c52..1603e7f7d0 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -61,20 +61,6 @@ commands: ./configure --disable-dependency-tracking --enable-tls13 --enable-all --enable-harden --prefix=$HOME/wssl make install - install-wolfssh: - steps: - - run: - command: | - # renovate: datasource=github-tags depName=wolfSSL/wolfssh versioning=semver extractVersion=^v?(?.+)-stable$ registryUrl=https://github.com - WOLFSSH_VERSION=1.4.19 - echo "Installing wolfSSH $WOLFSSH_VERSION" - curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \ - --location "https://github.com/wolfSSL/wolfssh/archive/v$WOLFSSH_VERSION-stable.tar.gz" | tar -xz - cd wolfssh-$WOLFSSH_VERSION-stable - ./autogen.sh - ./configure --disable-dependency-tracking --with-wolfssl=$HOME/wssl --prefix=$HOME/wssh --enable-scp --enable-sftp --disable-term --disable-examples - make install - configure: steps: - run: @@ -120,16 +106,6 @@ commands: --with-openssl --enable-ares \ || { tail -1000 config.log; false; } - configure-wolfssh: - steps: - - run: - command: | - autoreconf -fi - LDFLAGS="-Wl,-rpath,$HOME/wssh/lib" \ - ./configure --disable-dependency-tracking --enable-unity --enable-test-bundles --enable-werror --enable-warnings \ - --with-wolfssl=$HOME/wssl --with-wolfssh=$HOME/wssh \ - || { tail -1000 config.log; false; } - configure-cares-debug: steps: - run: @@ -171,16 +147,6 @@ jobs: - configure-openssl-no-verbose - build - wolfssh: - executor: ubuntu - steps: - - checkout - - install-deps - - install-wolfssl - - install-wolfssh - - configure-wolfssh - - build - no-proxy: executor: ubuntu steps: @@ -254,10 +220,6 @@ workflows: jobs: - no-verbose - wolfssl-wolfssh: - jobs: - - wolfssh - arm-openssl: jobs: - arm diff --git a/.github/scripts/cmp-config.pl b/.github/scripts/cmp-config.pl index 88df37b795..5fb8c0abdc 100755 --- a/.github/scripts/cmp-config.pl +++ b/.github/scripts/cmp-config.pl @@ -56,7 +56,6 @@ my %remove = ( '#define HAVE_LIBSSH' => 1, '#define HAVE_LIBSSH2 1' => 1, '#define HAVE_LIBSSL 1' => 1, - '#define HAVE_LIBWOLFSSH' => 1, '#define HAVE_LIBZSTD 1' => 1, '#define HAVE_NGHTTP2_NGHTTP2_H 1' => 1, '#define HAVE_NGHTTP3_NGHTTP3_H 1' => 1, @@ -78,7 +77,6 @@ my %remove = ( '#define HAVE_SYS_STAT_H 1' => 1, '#define HAVE_SYS_XATTR_H 1' => 1, '#define HAVE_UNICODE_UIDNA_H 1' => 1, - '#define HAVE_WOLFSSH_SSH_H 1' => 1, '#define HAVE_WOLFSSL_SET_QUIC_USE_LEGACY_CODEPOINT 1' => 1, '#define HAVE_ZSTD 1' => 1, '#define HAVE_ZSTD_H 1' => 1, diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 7598137a95..20a5849d4d 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -41,8 +41,6 @@ env: LIBRESSL_VERSION: 4.1.0 # renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?.+)-stable$ registryUrl=https://github.com WOLFSSL_VERSION: 5.8.2 - # renovate: datasource=github-tags depName=wolfSSL/wolfssh versioning=semver extractVersion=^v?(?.+)-stable$ registryUrl=https://github.com - WOLFSSH_VERSION: 1.4.19 # renovate: datasource=github-tags depName=Mbed-TLS/mbedtls versioning=semver registryUrl=https://github.com MBEDTLS_VERSION: 3.6.4 # renovate: datasource=github-tags depName=awslabs/aws-lc versioning=semver registryUrl=https://github.com @@ -94,8 +92,8 @@ jobs: - name: 'wolfssl-opensslextra valgrind' install_packages: valgrind - install_steps: wolfssl-opensslextra wolfssh - configure: LDFLAGS=-Wl,-rpath,/home/runner/wolfssl-opensslextra/lib --with-wolfssl=/home/runner/wolfssl-opensslextra --with-wolfssh=/home/runner/wolfssh --enable-ech --enable-debug + install_steps: wolfssl-opensslextra + configure: LDFLAGS=-Wl,-rpath,/home/runner/wolfssl-opensslextra/lib --with-wolfssl=/home/runner/wolfssl-opensslextra --enable-ech --enable-debug - name: 'mbedtls valgrind' install_packages: libnghttp2-dev libidn2-dev libldap-dev valgrind @@ -186,7 +184,7 @@ jobs: --disable-dict --disable-gopher --disable-ldap --disable-telnet --disable-imap --disable-pop3 --disable-smtp --without-librtmp --disable-rtsp - --without-libssh2 --without-libssh --without-wolfssh + --without-libssh2 --without-libssh --disable-tftp --disable-ftp --disable-file --disable-smb - name: 'openssl torture !FTP' @@ -405,31 +403,10 @@ jobs: --location "https://github.com/wolfSSL/wolfssl/archive/v${WOLFSSL_VERSION}-stable.tar.gz" | tar -xz cd "wolfssl-${WOLFSSL_VERSION}-stable" ./autogen.sh - ./configure --disable-dependency-tracking --enable-tls13 --enable-harden --enable-wolfssh --enable-ech --enable-opensslextra \ + ./configure --disable-dependency-tracking --enable-tls13 --enable-harden --enable-ech --enable-opensslextra \ --disable-benchmark --disable-crypttests --disable-examples --prefix=/home/runner/wolfssl-opensslextra make install - - name: 'cache wolfssh' - if: ${{ contains(matrix.build.install_steps, 'wolfssh') }} - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 - id: cache-wolfssh - env: - cache-name: cache-wolfssh - with: - path: ~/wolfssh - key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.WOLFSSH_VERSION }}-${{ env.WOLFSSL_VERSION }} - - - name: 'build wolfssh' - if: ${{ contains(matrix.build.install_steps, 'wolfssh') && steps.cache-wolfssh.outputs.cache-hit != 'true' }} - run: | - curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \ - --location "https://github.com/wolfSSL/wolfssh/archive/v${WOLFSSH_VERSION}-stable.tar.gz" | tar -xz - cd "wolfssh-${WOLFSSH_VERSION}-stable" - ./autogen.sh - ./configure --disable-dependency-tracking --with-wolfssl=/home/runner/wolfssl-opensslextra --enable-scp --enable-sftp --disable-term \ - --disable-examples --prefix=/home/runner/wolfssh - make install - - name: 'cache mbedtls' if: ${{ contains(matrix.build.install_steps, 'mbedtls') }} uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 @@ -691,9 +668,6 @@ jobs: TFLAGS: '${{ matrix.build.tflags }}' run: | if [ "${TEST_TARGET}" = 'test-ci' ]; then - if [[ "${MATRIX_INSTALL_STEPS}" = *'wolfssh'* ]]; then - TFLAGS+=' ~SFTP' # curl: (79) wolfssh SFTP connect error -1051 / WS_MATCH_KEY_ALGO_E / cannot match key algo with peer - fi if [[ "${MATRIX_INSTALL_PACKAGES}" = *'valgrind'* ]]; then TFLAGS+=' -j6' if [[ "${MATRIX_INSTALL_PACKAGES}" = *'heimdal-dev'* ]]; then diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index 0eb8f7e842..ee8cec7d70 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -253,7 +253,7 @@ jobs: --disable-ldap --disable-pop3 --without-librtmp --disable-rtsp --disable-shared --disable-smb --disable-smtp --disable-telnet --disable-tftp --disable-unix-sockets --without-brotli --without-gssapi --without-libidn2 --without-libpsl --without-librtmp - --without-libssh2 --without-libssh --without-wolfssh + --without-libssh2 --without-libssh --without-nghttp2 --disable-ntlm --without-ssl --without-zlib --without-zstd macos-version-min: '10.15' # Catalina (2019) diff --git a/CMake/FindWolfSSH.cmake b/CMake/FindWolfSSH.cmake deleted file mode 100644 index 98de656b92..0000000000 --- a/CMake/FindWolfSSH.cmake +++ /dev/null @@ -1,65 +0,0 @@ -#*************************************************************************** -# _ _ ____ _ -# Project ___| | | | _ \| | -# / __| | | | |_) | | -# | (__| |_| | _ <| |___ -# \___|\___/|_| \_\_____| -# -# Copyright (C) Daniel Stenberg, , et al. -# -# This software is licensed as described in the file COPYING, which -# you should have received as part of this distribution. The terms -# are also available at https://curl.se/docs/copyright.html. -# -# You may opt to use, copy, modify, merge, publish, distribute and/or sell -# copies of the Software, and permit persons to whom the Software is -# furnished to do so, under the terms of the COPYING file. -# -# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY -# KIND, either express or implied. -# -# SPDX-License-Identifier: curl -# -########################################################################### -# Find the wolfSSH library -# -# Input variables: -# -# - `WOLFSSH_INCLUDE_DIR`: The wolfSSH include directory. -# - `WOLFSSH_LIBRARY`: Path to `wolfssh` library. -# -# Result variables: -# -# - `WOLFSSH_FOUND`: System has wolfSSH. -# - `WOLFSSH_INCLUDE_DIRS`: The wolfSSH include directories. -# - `WOLFSSH_LIBRARIES`: The wolfSSH library names. -# - `WOLFSSH_VERSION`: Version of wolfSSH. - -find_path(WOLFSSH_INCLUDE_DIR NAMES "wolfssh/ssh.h") -find_library(WOLFSSH_LIBRARY NAMES "wolfssh" "libwolfssh") - -unset(WOLFSSH_VERSION CACHE) -if(WOLFSSH_INCLUDE_DIR AND EXISTS "${WOLFSSH_INCLUDE_DIR}/wolfssh/version.h") - set(_version_regex "#[\t ]*define[\t ]+LIBWOLFSSH_VERSION_STRING[\t ]+\"([^\"]*)\"") - file(STRINGS "${WOLFSSH_INCLUDE_DIR}/wolfssh/version.h" _version_str REGEX "${_version_regex}") - string(REGEX REPLACE "${_version_regex}" "\\1" _version_str "${_version_str}") - set(WOLFSSH_VERSION "${_version_str}") - unset(_version_regex) - unset(_version_str) -endif() - -include(FindPackageHandleStandardArgs) -find_package_handle_standard_args(WolfSSH - REQUIRED_VARS - WOLFSSH_INCLUDE_DIR - WOLFSSH_LIBRARY - VERSION_VAR - WOLFSSH_VERSION -) - -if(WOLFSSH_FOUND) - set(WOLFSSH_INCLUDE_DIRS ${WOLFSSH_INCLUDE_DIR}) - set(WOLFSSH_LIBRARIES ${WOLFSSH_LIBRARY}) -endif() - -mark_as_advanced(WOLFSSH_INCLUDE_DIR WOLFSSH_LIBRARY) diff --git a/CMakeLists.txt b/CMakeLists.txt index f817b61a81..115eaa5f34 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1391,23 +1391,6 @@ if(NOT USE_LIBSSH2 AND CURL_USE_LIBSSH) set(USE_LIBSSH ON) endif() -# wolfSSH -option(CURL_USE_WOLFSSH "Use wolfSSH" OFF) -mark_as_advanced(CURL_USE_WOLFSSH) -set(USE_WOLFSSH OFF) -if(NOT USE_LIBSSH2 AND NOT USE_LIBSSH AND CURL_USE_WOLFSSH) - if(USE_WOLFSSL) - find_package(WolfSSH) - if(WOLFSSH_FOUND) - set(CURL_LIBS ${WOLFSSH_LIBRARIES} ${CURL_LIBS}) # keep it before TLS-crypto, compression - include_directories(SYSTEM ${WOLFSSH_INCLUDE_DIRS}) - set(USE_WOLFSSH ON) - endif() - else() - message(WARNING "wolfSSH requires wolfSSL. Skipping.") - endif() -endif() - option(CURL_USE_GSASL "Use libgsasl" OFF) mark_as_advanced(CURL_USE_GSASL) if(CURL_USE_GSASL) @@ -2144,8 +2127,8 @@ curl_add_if("SMBS" NOT CURL_DISABLE_SMB AND _ssl_enabled AND _use_curl_ntlm_core AND (SIZEOF_CURL_OFF_T GREATER 4)) curl_add_if("SMTP" NOT CURL_DISABLE_SMTP) curl_add_if("SMTPS" NOT CURL_DISABLE_SMTP AND _ssl_enabled) -curl_add_if("SCP" USE_LIBSSH2 OR USE_LIBSSH OR USE_WOLFSSH) -curl_add_if("SFTP" USE_LIBSSH2 OR USE_LIBSSH OR USE_WOLFSSH) +curl_add_if("SCP" USE_LIBSSH2 OR USE_LIBSSH) +curl_add_if("SFTP" USE_LIBSSH2 OR USE_LIBSSH) curl_add_if("IPFS" NOT CURL_DISABLE_IPFS) curl_add_if("IPNS" NOT CURL_DISABLE_IPFS) curl_add_if("RTSP" NOT CURL_DISABLE_RTSP) diff --git a/Makefile.am b/Makefile.am index fd97e61d9d..7687385416 100644 --- a/Makefile.am +++ b/Makefile.am @@ -50,7 +50,6 @@ CMAKE_DIST = \ CMake/FindNettle.cmake \ CMake/FindQuiche.cmake \ CMake/FindRustls.cmake \ - CMake/FindWolfSSH.cmake \ CMake/FindWolfSSL.cmake \ CMake/FindZstd.cmake \ CMake/Macros.cmake \ diff --git a/configure.ac b/configure.ac index 922978bfc1..56ac66de23 100644 --- a/configure.ac +++ b/configure.ac @@ -2290,12 +2290,6 @@ AS_HELP_STRING([--with-libssh=PATH],[Where to look for libssh, PATH points to th AS_HELP_STRING([--with-libssh], [enable libssh]), OPT_LIBSSH=$withval, OPT_LIBSSH=no) -OPT_WOLFSSH=off -AC_ARG_WITH(wolfssh,dnl -AS_HELP_STRING([--with-wolfssh=PATH],[Where to look for wolfssh, PATH points to the wolfSSH installation; when possible, set the PKG_CONFIG_PATH environment variable instead of using this option]) -AS_HELP_STRING([--with-wolfssh], [enable wolfssh]), - OPT_WOLFSSH=$withval, OPT_WOLFSSH=no) - if test X"$OPT_LIBSSH2" != Xno; then dnl backup the pre-libssh2 variables CLEANLDFLAGS="$LDFLAGS" @@ -2453,28 +2447,6 @@ elif test X"$OPT_LIBSSH" != Xno; then CPPFLAGS=$CLEANCPPFLAGS LIBS=$CLEANLIBS fi -elif test X"$OPT_WOLFSSH" != Xno; then - dnl backup the pre-wolfssh variables - CLEANLDFLAGS="$LDFLAGS" - CLEANLDFLAGSPC="$LDFLAGSPC" - CLEANCPPFLAGS="$CPPFLAGS" - CLEANLIBS="$LIBS" - - if test "$OPT_WOLFSSH" != yes; then - WOLFCONFIG="$OPT_WOLFSSH/bin/wolfssh-config" - WOLFSSH_LIBS=`$WOLFCONFIG --libs` - LDFLAGS="$LDFLAGS $WOLFSSH_LIBS" - LDFLAGSPC="$LDFLAGSPC $WOLFSSH_LIBS" - CPPFLAGS="$CPPFLAGS `$WOLFCONFIG --cflags`" - fi - - AC_CHECK_LIB(wolfssh, wolfSSH_Init) - - AC_CHECK_HEADERS(wolfssh/ssh.h, - curl_ssh_msg="enabled (wolfSSH)" - AC_DEFINE(USE_WOLFSSH, 1, [if wolfSSH is in use]) - USE_WOLFSSH=1 - ) fi dnl ********************************************************************** @@ -5501,9 +5473,6 @@ if test "x$USE_LIBSSH" = "x1"; then SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS SCP" SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS SFTP" fi -if test "x$USE_WOLFSSH" = "x1"; then - SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS SFTP" -fi if test "x$CURL_DISABLE_IPFS" != "x1"; then SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS IPFS IPNS" fi diff --git a/docs/INSTALL-CMAKE.md b/docs/INSTALL-CMAKE.md index 94a19c71c7..566fee7423 100644 --- a/docs/INSTALL-CMAKE.md +++ b/docs/INSTALL-CMAKE.md @@ -363,7 +363,6 @@ Details via CMake - `CURL_USE_PKGCONFIG`: Enable `pkg-config` to detect dependencies. Default: `ON` for Unix (except Android, Apple devices), vcpkg, MinGW if not cross-compiling. - `CURL_USE_RUSTLS`: Enable Rustls for SSL/TLS. Default: `OFF` - `CURL_USE_SCHANNEL`: Enable Windows native SSL/TLS (Schannel). Default: `OFF` -- `CURL_USE_WOLFSSH`: Use wolfSSH. Default: `OFF` - `CURL_USE_WOLFSSL`: Enable wolfSSL for SSL/TLS. Default: `OFF` - `CURL_ZLIB`: Use zlib (`ON`, `OFF` or `AUTO`). Default: `AUTO` - `CURL_ZSTD`: Use zstd (`ON`, `OFF` or `AUTO`). Default: `AUTO` @@ -447,8 +446,6 @@ Details via CMake - `RUSTLS_INCLUDE_DIR`: The Rustls include directory. - `RUSTLS_LIBRARY`: Path to `rustls` library. - `WATT_ROOT`: Set this variable to the root installation of Watt-32. -- `WOLFSSH_INCLUDE_DIR`: The wolfSSH include directory. -- `WOLFSSH_LIBRARY`: Path to `wolfssh` library. - `WOLFSSL_INCLUDE_DIR`: The wolfSSL include directory. - `WOLFSSL_LIBRARY`: Path to `wolfssl` library. - `ZSTD_INCLUDE_DIR`: The zstd include directory. diff --git a/docs/KNOWN_BUGS b/docs/KNOWN_BUGS index 170132f507..1eb5716f8b 100644 --- a/docs/KNOWN_BUGS +++ b/docs/KNOWN_BUGS @@ -60,11 +60,9 @@ problems may have been fixed or changed somewhat since this was written. 9. SFTP and SCP 9.1 SFTP does not do CURLOPT_POSTQUOTE correct - 9.2 wolfssh: publickey auth does not work 9.3 Remote recursive folder creation with SFTP 9.4 libssh blocking and infinite loop problem 9.5 Cygwin: "WARNING: UNPROTECTED PRIVATE KEY FILE!" - 9.6 wolfssh: all tests fail 10. Connection 10.1 --interface with link-scoped IPv6 address @@ -400,14 +398,6 @@ problems may have been fixed or changed somewhat since this was written. report but it cannot be accepted as-is. See https://curl.se/bug/view.cgi?id=748 -9.2 wolfssh: publickey auth does not work - - When building curl to use the wolfSSH backend for SFTP, the publickey - authentication does not work. This is simply functionality not written for curl - yet, the necessary API for make this work is provided by wolfSSH. - - See https://github.com/curl/curl/issues/4820 - 9.3 Remote recursive folder creation with SFTP On this servers, the curl fails to create directories on the remote server @@ -429,12 +419,6 @@ problems may have been fixed or changed somewhat since this was written. https://github.com/curl/curl/issues/11244 -9.6 wolfssh: all tests fail - - Something fundamental stops them all from working properly. - - https://github.com/curl/curl/issues/16794 - 10. Connection 10.1 --interface with link-scoped IPv6 address diff --git a/docs/tests/FILEFORMAT.md b/docs/tests/FILEFORMAT.md index b28e819ebe..91aa9a5870 100644 --- a/docs/tests/FILEFORMAT.md +++ b/docs/tests/FILEFORMAT.md @@ -513,7 +513,6 @@ Features testable here are: - `wakeup` - `win32` - `WinIDN` -- `wolfssh` - `wolfssl` - `xattr` - `zstd` diff --git a/lib/Makefile.inc b/lib/Makefile.inc index c17a8d9c3c..6391eb2c43 100644 --- a/lib/Makefile.inc +++ b/lib/Makefile.inc @@ -127,8 +127,7 @@ LIB_VQUIC_HFILES = \ LIB_VSSH_CFILES = \ vssh/libssh.c \ vssh/libssh2.c \ - vssh/curl_path.c \ - vssh/wolfssh.c + vssh/curl_path.c LIB_VSSH_HFILES = \ vssh/curl_path.h \ diff --git a/lib/curl_config.h.cmake b/lib/curl_config.h.cmake index ca516710e4..30183c2009 100644 --- a/lib/curl_config.h.cmake +++ b/lib/curl_config.h.cmake @@ -706,9 +706,6 @@ ${SIZEOF_TIME_T_CODE} /* if libssh2 is in use */ #cmakedefine USE_LIBSSH2 1 -/* if wolfssh is in use */ -#cmakedefine USE_WOLFSSH 1 - /* if libpsl is in use */ #cmakedefine USE_LIBPSL 1 diff --git a/lib/curl_setup.h b/lib/curl_setup.h index e49c57231d..55c65c99f6 100644 --- a/lib/curl_setup.h +++ b/lib/curl_setup.h @@ -776,7 +776,7 @@ # endif #endif -#if defined(USE_LIBSSH2) || defined(USE_LIBSSH) || defined(USE_WOLFSSH) +#if defined(USE_LIBSSH2) || defined(USE_LIBSSH) #define USE_SSH #endif diff --git a/lib/url.c b/lib/url.c index a03a111995..6af2b7fb8b 100644 --- a/lib/url.c +++ b/lib/url.c @@ -1611,7 +1611,7 @@ const struct Curl_handler *Curl_getn_scheme_handler(const char *scheme, #else NULL, #endif -#if defined(USE_SSH) && !defined(USE_WOLFSSH) +#if defined(USE_SSH) &Curl_handler_scp, #else NULL, diff --git a/lib/version.c b/lib/version.c index a2d4867200..8158f26e73 100644 --- a/lib/version.c +++ b/lib/version.c @@ -368,10 +368,8 @@ static const char * const supported_protocols[] = { #ifndef CURL_DISABLE_RTSP "rtsp", #endif -#if defined(USE_SSH) && !defined(USE_WOLFSSH) - "scp", -#endif #ifdef USE_SSH + "scp", "sftp", #endif #if !defined(CURL_DISABLE_SMB) && defined(USE_CURL_NTLM_CORE) diff --git a/lib/vssh/ssh.h b/lib/vssh/ssh.h index 75b31bd931..9a5f1b7e31 100644 --- a/lib/vssh/ssh.h +++ b/lib/vssh/ssh.h @@ -34,9 +34,6 @@ #define SSH_SUPPRESS_DEPRECATED #include #include -#elif defined(USE_WOLFSSH) -#include -#include #endif #include "curl_path.h" @@ -211,14 +208,6 @@ struct ssh_conn { struct libssh2_agent_publickey *sshagent_identity; struct libssh2_agent_publickey *sshagent_prev_identity; LIBSSH2_KNOWNHOSTS *kh; -#elif defined(USE_WOLFSSH) - CURLcode actualcode; /* the actual error code */ - WOLFSSH *ssh_session; - WOLFSSH_CTX *ctx; - word32 handleSz; - byte handle[WOLFSSH_MAX_HANDLE]; - curl_off_t offset; - BIT(initialised); #endif /* USE_LIBSSH */ BIT(authed); /* the connection has been authenticated fine */ BIT(acceptfail); /* used by the SFTP_QUOTE (continue if diff --git a/lib/vssh/wolfssh.c b/lib/vssh/wolfssh.c deleted file mode 100644 index 7cd0402a99..0000000000 --- a/lib/vssh/wolfssh.c +++ /dev/null @@ -1,1225 +0,0 @@ -/*************************************************************************** - * _ _ ____ _ - * Project ___| | | | _ \| | - * / __| | | | |_) | | - * | (__| |_| | _ <| |___ - * \___|\___/|_| \_\_____| - * - * Copyright (C) Daniel Stenberg, , et al. - * - * This software is licensed as described in the file COPYING, which - * you should have received as part of this distribution. The terms - * are also available at https://curl.se/docs/copyright.html. - * - * You may opt to use, copy, modify, merge, publish, distribute and/or sell - * copies of the Software, and permit persons to whom the Software is - * furnished to do so, under the terms of the COPYING file. - * - * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY - * KIND, either express or implied. - * - * SPDX-License-Identifier: curl - * - ***************************************************************************/ - -#include "../curl_setup.h" - -#ifdef USE_WOLFSSH - -#include - -#include "../urldata.h" -#include "../url.h" -#include "../cfilters.h" -#include "../connect.h" -#include "../sendf.h" -#include "../progress.h" -#include "curl_path.h" -#include "../transfer.h" -#include "../speedcheck.h" -#include "../select.h" -#include "../multiif.h" -#include "../curlx/warnless.h" -#include "../strdup.h" - -/* The last 3 #include files should be in this order */ -#include "../curl_printf.h" -#include "../curl_memory.h" -#include "../memdebug.h" - -static CURLcode wssh_connect(struct Curl_easy *data, bool *done); -static CURLcode wssh_multi_statemach(struct Curl_easy *data, bool *done); -static CURLcode wssh_do(struct Curl_easy *data, bool *done); -#if 0 -static CURLcode wscp_done(struct Curl_easy *data, - CURLcode, bool premature); -static CURLcode wscp_doing(struct Curl_easy *data, - bool *dophase_done); -static CURLcode wscp_disconnect(struct Curl_easy *data, - struct connectdata *conn, - bool dead_connection); -#endif -static CURLcode wsftp_done(struct Curl_easy *data, - CURLcode, bool premature); -static CURLcode wsftp_doing(struct Curl_easy *data, - bool *dophase_done); -static CURLcode wsftp_disconnect(struct Curl_easy *data, - struct connectdata *conn, - bool dead); -static CURLcode wssh_pollset(struct Curl_easy *data, - struct easy_pollset *ps); -static CURLcode wssh_setup_connection(struct Curl_easy *data, - struct connectdata *conn); -static void wssh_sshc_cleanup(struct ssh_conn *sshc); - -#if 0 -/* - * SCP protocol handler. - */ - -const struct Curl_handler Curl_handler_scp = { - "SCP", /* scheme */ - wssh_setup_connection, /* setup_connection */ - wssh_do, /* do_it */ - wscp_done, /* done */ - ZERO_NULL, /* do_more */ - wssh_connect, /* connect_it */ - wssh_multi_statemach, /* connecting */ - wscp_doing, /* doing */ - wssh_pollset, /* proto_pollset */ - wssh_pollset, /* doing_pollset */ - ZERO_NULL, /* domore_pollset */ - wssh_pollset, /* perform_pollset */ - wscp_disconnect, /* disconnect */ - ZERO_NULL, /* write_resp */ - ZERO_NULL, /* write_resp_hd */ - ZERO_NULL, /* connection_check */ - ZERO_NULL, /* attach connection */ - ZERO_NULL, /* follow */ - PORT_SSH, /* defport */ - CURLPROTO_SCP, /* protocol */ - PROTOPT_DIRLOCK | PROTOPT_CLOSEACTION - | PROTOPT_NOURLQUERY /* flags */ -}; - -#endif - -/* - * SFTP protocol handler. - */ - -const struct Curl_handler Curl_handler_sftp = { - "SFTP", /* scheme */ - wssh_setup_connection, /* setup_connection */ - wssh_do, /* do_it */ - wsftp_done, /* done */ - ZERO_NULL, /* do_more */ - wssh_connect, /* connect_it */ - wssh_multi_statemach, /* connecting */ - wsftp_doing, /* doing */ - wssh_pollset, /* proto_pollset */ - wssh_pollset, /* doing_pollset */ - ZERO_NULL, /* domore_pollset */ - wssh_pollset, /* perform_pollset */ - wsftp_disconnect, /* disconnect */ - ZERO_NULL, /* write_resp */ - ZERO_NULL, /* write_resp_hd */ - ZERO_NULL, /* connection_check */ - ZERO_NULL, /* attach connection */ - ZERO_NULL, /* follow */ - PORT_SSH, /* defport */ - CURLPROTO_SFTP, /* protocol */ - CURLPROTO_SFTP, /* family */ - PROTOPT_DIRLOCK | PROTOPT_CLOSEACTION - | PROTOPT_NOURLQUERY /* flags */ -}; - -/* - * SSH State machine related code - */ -/* This is the ONLY way to change SSH state! */ -static void wssh_state(struct Curl_easy *data, - struct ssh_conn *sshc, - sshstate nowstate) -{ -#if defined(DEBUGBUILD) && !defined(CURL_DISABLE_VERBOSE_STRINGS) - /* for debug purposes */ - static const char * const names[] = { - "SSH_STOP", - "SSH_INIT", - "SSH_S_STARTUP", - "SSH_HOSTKEY", - "SSH_AUTHLIST", - "SSH_AUTH_PKEY_INIT", - "SSH_AUTH_PKEY", - "SSH_AUTH_PASS_INIT", - "SSH_AUTH_PASS", - "SSH_AUTH_AGENT_INIT", - "SSH_AUTH_AGENT_LIST", - "SSH_AUTH_AGENT", - "SSH_AUTH_HOST_INIT", - "SSH_AUTH_HOST", - "SSH_AUTH_KEY_INIT", - "SSH_AUTH_KEY", - "SSH_AUTH_GSSAPI", - "SSH_AUTH_DONE", - "SSH_SFTP_INIT", - "SSH_SFTP_REALPATH", - "SSH_SFTP_QUOTE_INIT", - "SSH_SFTP_POSTQUOTE_INIT", - "SSH_SFTP_QUOTE", - "SSH_SFTP_NEXT_QUOTE", - "SSH_SFTP_QUOTE_STAT", - "SSH_SFTP_QUOTE_SETSTAT", - "SSH_SFTP_QUOTE_SYMLINK", - "SSH_SFTP_QUOTE_MKDIR", - "SSH_SFTP_QUOTE_RENAME", - "SSH_SFTP_QUOTE_RMDIR", - "SSH_SFTP_QUOTE_UNLINK", - "SSH_SFTP_QUOTE_STATVFS", - "SSH_SFTP_GETINFO", - "SSH_SFTP_FILETIME", - "SSH_SFTP_TRANS_INIT", - "SSH_SFTP_UPLOAD_INIT", - "SSH_SFTP_CREATE_DIRS_INIT", - "SSH_SFTP_CREATE_DIRS", - "SSH_SFTP_CREATE_DIRS_MKDIR", - "SSH_SFTP_READDIR_INIT", - "SSH_SFTP_READDIR", - "SSH_SFTP_READDIR_LINK", - "SSH_SFTP_READDIR_BOTTOM", - "SSH_SFTP_READDIR_DONE", - "SSH_SFTP_DOWNLOAD_INIT", - "SSH_SFTP_DOWNLOAD_STAT", - "SSH_SFTP_CLOSE", - "SSH_SFTP_SHUTDOWN", - "SSH_SCP_TRANS_INIT", - "SSH_SCP_UPLOAD_INIT", - "SSH_SCP_DOWNLOAD_INIT", - "SSH_SCP_DOWNLOAD", - "SSH_SCP_DONE", - "SSH_SCP_SEND_EOF", - "SSH_SCP_WAIT_EOF", - "SSH_SCP_WAIT_CLOSE", - "SSH_SCP_CHANNEL_FREE", - "SSH_SESSION_DISCONNECT", - "SSH_SESSION_FREE", - "QUIT" - }; - - /* a precaution to make sure the lists are in sync */ - DEBUGASSERT(CURL_ARRAYSIZE(names) == SSH_LAST); - - if(sshc->state != nowstate) { - infof(data, "wolfssh %p state change from %s to %s", - (void *)sshc, names[sshc->state], names[nowstate]); - } -#endif - (void)data; - sshc->state = nowstate; -} - -static CURLcode wscp_send(struct Curl_easy *data, int sockindex, - const void *mem, size_t len, bool eos, - size_t *pnwritten) -{ - (void)data; - (void)sockindex; /* we only support SCP on the fixed known primary socket */ - (void)mem; - (void)len; - (void)eos; - *pnwritten = 0; - return CURLE_OK; -} - -static CURLcode wscp_recv(struct Curl_easy *data, int sockindex, - char *mem, size_t len, size_t *pnread) -{ - (void)data; - (void)sockindex; /* we only support SCP on the fixed known primary socket */ - (void)mem; - (void)len; - *pnread = 0; - - return CURLE_OK; -} - -/* return number of sent bytes */ -static CURLcode wsftp_send(struct Curl_easy *data, int sockindex, - const void *mem, size_t len, bool eos, - size_t *pnwritten) -{ - struct connectdata *conn = data->conn; - struct ssh_conn *sshc = Curl_conn_meta_get(conn, CURL_META_SSH_CONN); - word32 offset[2]; - int rc; - (void)sockindex; - (void)eos; - - *pnwritten = 0; - if(!sshc) - return CURLE_FAILED_INIT; - - offset[0] = (word32)sshc->offset & 0xFFFFFFFF; - offset[1] = (word32)(sshc->offset >> 32) & 0xFFFFFFFF; - - rc = wolfSSH_SFTP_SendWritePacket(sshc->ssh_session, sshc->handle, - sshc->handleSz, - &offset[0], - (byte *)CURL_UNCONST(mem), (word32)len); - - if(rc == WS_FATAL_ERROR) - rc = wolfSSH_get_error(sshc->ssh_session); - if(rc == WS_WANT_READ) { - conn->waitfor = KEEP_RECV; - return CURLE_AGAIN; - } - else if(rc == WS_WANT_WRITE) { - conn->waitfor = KEEP_SEND; - return CURLE_AGAIN; - } - if(rc < 0) { - failf(data, "wolfSSH_SFTP_SendWritePacket returned %d", rc); - return CURLE_SEND_ERROR; - } - DEBUGASSERT(rc == (int)len); - *pnwritten = (size_t)rc; - sshc->offset += *pnwritten; - infof(data, "sent %zu bytes SFTP from offset %" FMT_OFF_T, - *pnwritten, sshc->offset); - return CURLE_OK; -} - -/* - * Return number of received (decrypted) bytes - * or <0 on error - */ -static CURLcode wsftp_recv(struct Curl_easy *data, int sockindex, - char *mem, size_t len, size_t *pnread) -{ - int rc; - struct connectdata *conn = data->conn; - struct ssh_conn *sshc = Curl_conn_meta_get(conn, CURL_META_SSH_CONN); - word32 offset[2]; - (void)sockindex; - - *pnread = 0; - if(!sshc) - return CURLE_FAILED_INIT; - - offset[0] = (word32)sshc->offset & 0xFFFFFFFF; - offset[1] = (word32)(sshc->offset >> 32) & 0xFFFFFFFF; - - rc = wolfSSH_SFTP_SendReadPacket(sshc->ssh_session, sshc->handle, - sshc->handleSz, - &offset[0], - (byte *)mem, (word32)len); - if(rc == WS_FATAL_ERROR) - rc = wolfSSH_get_error(sshc->ssh_session); - if(rc == WS_WANT_READ) { - conn->waitfor = KEEP_RECV; - return CURLE_AGAIN; - } - else if(rc == WS_WANT_WRITE) { - conn->waitfor = KEEP_SEND; - return CURLE_AGAIN; - } - - DEBUGASSERT(rc <= (int)len); - - if(rc < 0) { - failf(data, "wolfSSH_SFTP_SendReadPacket returned %d", rc); - return CURLE_RECV_ERROR; - } - *pnread = (size_t)rc; - sshc->offset += *pnread; - return CURLE_OK; -} - -static void wssh_easy_dtor(void *key, size_t klen, void *entry) -{ - struct SSHPROTO *sshp = entry; - (void)key; - (void)klen; - Curl_safefree(sshp->path); - free(sshp); -} - -static void wssh_conn_dtor(void *key, size_t klen, void *entry) -{ - struct ssh_conn *sshc = entry; - (void)key; - (void)klen; - wssh_sshc_cleanup(sshc); - free(sshc); -} - -/* - * SSH setup and connection - */ -static CURLcode wssh_setup_connection(struct Curl_easy *data, - struct connectdata *conn) -{ - struct ssh_conn *sshc; - struct SSHPROTO *sshp; - (void)conn; - - sshc = calloc(1, sizeof(*sshc)); - if(!sshc) - return CURLE_OUT_OF_MEMORY; - - sshc->initialised = TRUE; - if(Curl_conn_meta_set(conn, CURL_META_SSH_CONN, sshc, wssh_conn_dtor)) - return CURLE_OUT_OF_MEMORY; - - sshp = calloc(1, sizeof(*sshp)); - if(!sshp || - Curl_meta_set(data, CURL_META_SSH_EASY, sshp, wssh_easy_dtor)) - return CURLE_OUT_OF_MEMORY; - - return CURLE_OK; -} - -static int userauth(byte authtype, - WS_UserAuthData* authdata, - void *ctx) -{ - struct Curl_easy *data = ctx; - DEBUGF(infof(data, "wolfssh callback: type %s", - authtype == WOLFSSH_USERAUTH_PASSWORD ? "PASSWORD" : - "PUBLICCKEY")); - if(authtype == WOLFSSH_USERAUTH_PASSWORD) { - authdata->sf.password.password = (byte *)data->conn->passwd; - authdata->sf.password.passwordSz = (word32) strlen(data->conn->passwd); - } - - return 0; -} - -static CURLcode wssh_connect(struct Curl_easy *data, bool *done) -{ - struct connectdata *conn = data->conn; - struct ssh_conn *sshc = Curl_conn_meta_get(conn, CURL_META_SSH_CONN); - struct SSHPROTO *sshp = Curl_meta_get(data, CURL_META_SSH_EASY); - curl_socket_t sock = conn->sock[FIRSTSOCKET]; - int rc; - - if(!sshc || !sshp) - return CURLE_FAILED_INIT; - - /* We default to persistent connections. We set this already in this connect - function to make the reuse checks properly be able to check this bit. */ - connkeep(conn, "SSH default"); - - if(conn->handler->protocol & CURLPROTO_SCP) { - conn->recv[FIRSTSOCKET] = wscp_recv; - conn->send[FIRSTSOCKET] = wscp_send; - } - else { - conn->recv[FIRSTSOCKET] = wsftp_recv; - conn->send[FIRSTSOCKET] = wsftp_send; - } - sshc->ctx = wolfSSH_CTX_new(WOLFSSH_ENDPOINT_CLIENT, NULL); - if(!sshc->ctx) { - failf(data, "No wolfSSH context"); - goto error; - } - - sshc->ssh_session = wolfSSH_new(sshc->ctx); - if(!sshc->ssh_session) { - failf(data, "No wolfSSH session"); - goto error; - } - - rc = wolfSSH_SetUsername(sshc->ssh_session, conn->user); - if(rc != WS_SUCCESS) { - failf(data, "wolfSSH failed to set username"); - goto error; - } - - /* set callback for authentication */ - wolfSSH_SetUserAuth(sshc->ctx, userauth); - wolfSSH_SetUserAuthCtx(sshc->ssh_session, data); - - rc = wolfSSH_set_fd(sshc->ssh_session, (int)sock); - if(rc) { - failf(data, "wolfSSH failed to set socket"); - goto error; - } - -#if 0 - wolfSSH_Debugging_ON(); -#endif - - *done = TRUE; - if(conn->handler->protocol & CURLPROTO_SCP) - wssh_state(data, sshc, SSH_INIT); - else - wssh_state(data, sshc, SSH_SFTP_INIT); - - return wssh_multi_statemach(data, done); -error: - wssh_sshc_cleanup(sshc); - return CURLE_FAILED_INIT; -} - -static CURLcode wssh_sftp_upload_init(struct Curl_easy *data, - struct ssh_conn *sshc, - struct SSHPROTO *sftp_scp, - bool *block) -{ - word32 flags; - WS_SFTP_FILEATRB createattrs; - struct connectdata *conn = data->conn; - int rc; - if(data->state.resume_from) { - WS_SFTP_FILEATRB attrs; - if(data->state.resume_from < 0) { - rc = wolfSSH_SFTP_STAT(sshc->ssh_session, sftp_scp->path, - &attrs); - if(rc != WS_SUCCESS) - return CURLE_SSH; - - if(rc) { - data->state.resume_from = 0; - } - else { - curl_off_t size = ((curl_off_t)attrs.sz[1] << 32) | attrs.sz[0]; - if(size < 0) { - failf(data, "Bad file size (%" FMT_OFF_T ")", size); - return CURLE_BAD_DOWNLOAD_RESUME; - } - data->state.resume_from = size; - } - } - } - - if(data->set.remote_append) - /* Try to open for append, but create if nonexisting */ - flags = WOLFSSH_FXF_WRITE|WOLFSSH_FXF_CREAT|WOLFSSH_FXF_APPEND; - else if(data->state.resume_from > 0) - /* If we have restart position then open for append */ - flags = WOLFSSH_FXF_WRITE|WOLFSSH_FXF_APPEND; - else - /* Clear file before writing (normal behavior) */ - flags = WOLFSSH_FXF_WRITE|WOLFSSH_FXF_CREAT|WOLFSSH_FXF_TRUNC; - - memset(&createattrs, 0, sizeof(createattrs)); - createattrs.per = (word32)data->set.new_file_perms; - sshc->handleSz = sizeof(sshc->handle); - rc = wolfSSH_SFTP_Open(sshc->ssh_session, sftp_scp->path, - flags, &createattrs, - sshc->handle, &sshc->handleSz); - if(rc == WS_FATAL_ERROR) - rc = wolfSSH_get_error(sshc->ssh_session); - if(rc == WS_WANT_READ) { - *block = TRUE; - conn->waitfor = KEEP_RECV; - return CURLE_OK; - } - else if(rc == WS_WANT_WRITE) { - *block = TRUE; - conn->waitfor = KEEP_SEND; - return CURLE_OK; - } - else if(rc == WS_SUCCESS) { - infof(data, "wolfssh SFTP open succeeded"); - } - else { - failf(data, "wolfssh SFTP upload open failed: %d", rc); - return CURLE_SSH; - } - wssh_state(data, sshc, SSH_SFTP_DOWNLOAD_STAT); - - /* If we have a restart point then we need to seek to the correct - position. */ - if(data->state.resume_from > 0) { - /* Let's read off the proper amount of bytes from the input. */ - int seekerr = CURL_SEEKFUNC_OK; - if(data->set.seek_func) { - Curl_set_in_callback(data, TRUE); - seekerr = data->set.seek_func(data->set.seek_client, - data->state.resume_from, SEEK_SET); - Curl_set_in_callback(data, FALSE); - } - - if(seekerr != CURL_SEEKFUNC_OK) { - curl_off_t passed = 0; - - if(seekerr != CURL_SEEKFUNC_CANTSEEK) { - failf(data, "Could not seek stream"); - return CURLE_FTP_COULDNT_USE_REST; - } - /* seekerr == CURL_SEEKFUNC_CANTSEEK (cannot seek to offset) */ - do { - char scratch[4*1024]; - size_t readthisamountnow = - (data->state.resume_from - passed > - (curl_off_t)sizeof(scratch)) ? - sizeof(scratch) : curlx_sotouz(data->state.resume_from - passed); - - size_t actuallyread; - Curl_set_in_callback(data, TRUE); - actuallyread = data->state.fread_func(scratch, 1, - readthisamountnow, - data->state.in); - Curl_set_in_callback(data, FALSE); - - passed += actuallyread; - if((actuallyread == 0) || (actuallyread > readthisamountnow)) { - /* this checks for greater-than only to make sure that the - CURL_READFUNC_ABORT return code still aborts */ - failf(data, "Failed to read data"); - return CURLE_FTP_COULDNT_USE_REST; - } - } while(passed < data->state.resume_from); - } - - /* now, decrease the size of the read */ - if(data->state.infilesize > 0) { - data->state.infilesize -= data->state.resume_from; - data->req.size = data->state.infilesize; - Curl_pgrsSetUploadSize(data, data->state.infilesize); - } - - sshc->offset += data->state.resume_from; - } - if(data->state.infilesize > 0) { - data->req.size = data->state.infilesize; - Curl_pgrsSetUploadSize(data, data->state.infilesize); - } - /* upload data */ - Curl_xfer_setup_send(data, FIRSTSOCKET); - - /* not set by Curl_xfer_setup to preserve keepon bits */ - data->conn->recv_idx = FIRSTSOCKET; - - /* store this original bitmask setup to use later on if we cannot - figure out a "real" bitmask */ - sshc->orig_waitfor = data->req.keepon; - - /* since we do not really wait for anything at this point, we want the state - machine to move on as soon as possible */ - Curl_multi_mark_dirty(data); - - wssh_state(data, sshc, SSH_STOP); - - return CURLE_OK; -} - -/* - * wssh_statemach_act() runs the SSH state machine as far as it can without - * blocking and without reaching the end. The data the pointer 'block' points - * to will be set to TRUE if the wolfssh function returns EAGAIN meaning it - * wants to be called again when the socket is ready - */ - -static CURLcode wssh_statemach_act(struct Curl_easy *data, - struct ssh_conn *sshc, - bool *block) -{ - CURLcode result = CURLE_OK; - struct connectdata *conn = data->conn; - struct SSHPROTO *sftp_scp = Curl_meta_get(data, CURL_META_SSH_EASY); - WS_SFTPNAME *name; - int rc = 0; - *block = FALSE; /* we are not blocking by default */ - - if(!sftp_scp) - return CURLE_FAILED_INIT; - - do { - switch(sshc->state) { - case SSH_INIT: - wssh_state(data, sshc, SSH_S_STARTUP); - break; - - case SSH_S_STARTUP: - rc = wolfSSH_connect(sshc->ssh_session); - if(rc != WS_SUCCESS) - rc = wolfSSH_get_error(sshc->ssh_session); - if(rc == WS_WANT_READ) { - *block = TRUE; - conn->waitfor = KEEP_RECV; - return CURLE_OK; - } - else if(rc == WS_WANT_WRITE) { - *block = TRUE; - conn->waitfor = KEEP_SEND; - return CURLE_OK; - } - else if(rc != WS_SUCCESS) { - wssh_state(data, sshc, SSH_STOP); - return CURLE_SSH; - } - infof(data, "wolfssh connected"); - wssh_state(data, sshc, SSH_STOP); - break; - case SSH_STOP: - break; - - case SSH_SFTP_INIT: - rc = wolfSSH_SFTP_connect(sshc->ssh_session); - if(rc != WS_SUCCESS) - rc = wolfSSH_get_error(sshc->ssh_session); - if(rc == WS_WANT_READ) { - *block = TRUE; - conn->waitfor = KEEP_RECV; - return CURLE_OK; - } - else if(rc == WS_WANT_WRITE) { - *block = TRUE; - conn->waitfor = KEEP_SEND; - return CURLE_OK; - } - else if(rc == WS_SUCCESS) { - infof(data, "wolfssh SFTP connected"); - wssh_state(data, sshc, SSH_SFTP_REALPATH); - } - else { - failf(data, "wolfssh SFTP connect error %d", rc); - return CURLE_SSH; - } - break; - case SSH_SFTP_REALPATH: - name = wolfSSH_SFTP_RealPath(sshc->ssh_session, - (char *)CURL_UNCONST(".")); - rc = wolfSSH_get_error(sshc->ssh_session); - if(rc == WS_WANT_READ) { - *block = TRUE; - conn->waitfor = KEEP_RECV; - return CURLE_OK; - } - else if(rc == WS_WANT_WRITE) { - *block = TRUE; - conn->waitfor = KEEP_SEND; - return CURLE_OK; - } - else if(name && (rc == WS_SUCCESS)) { - sshc->homedir = Curl_memdup0(name->fName, name->fSz); - if(!sshc->homedir) - sshc->actualcode = CURLE_OUT_OF_MEMORY; - wolfSSH_SFTPNAME_list_free(name); - wssh_state(data, sshc, SSH_STOP); - return CURLE_OK; - } - failf(data, "wolfssh SFTP realpath %d", rc); - return CURLE_SSH; - - case SSH_SFTP_QUOTE_INIT: - result = Curl_getworkingpath(data, sshc->homedir, &sftp_scp->path); - if(result) { - sshc->actualcode = result; - wssh_state(data, sshc, SSH_STOP); - break; - } - - if(data->set.quote) { - infof(data, "Sending quote commands"); - sshc->quote_item = data->set.quote; - wssh_state(data, sshc, SSH_SFTP_QUOTE); - } - else { - wssh_state(data, sshc, SSH_SFTP_GETINFO); - } - break; - case SSH_SFTP_GETINFO: - if(data->set.get_filetime) { - wssh_state(data, sshc, SSH_SFTP_FILETIME); - } - else { - wssh_state(data, sshc, SSH_SFTP_TRANS_INIT); - } - break; - case SSH_SFTP_TRANS_INIT: - if(data->state.upload) - wssh_state(data, sshc, SSH_SFTP_UPLOAD_INIT); - else { - if(sftp_scp->path[strlen(sftp_scp->path)-1] == '/') - wssh_state(data, sshc, SSH_SFTP_READDIR_INIT); - else - wssh_state(data, sshc, SSH_SFTP_DOWNLOAD_INIT); - } - break; - case SSH_SFTP_UPLOAD_INIT: - result = wssh_sftp_upload_init(data, sshc, sftp_scp, block); - break; - - case SSH_SFTP_DOWNLOAD_INIT: - sshc->handleSz = sizeof(sshc->handle); - rc = wolfSSH_SFTP_Open(sshc->ssh_session, sftp_scp->path, - WOLFSSH_FXF_READ, NULL, - sshc->handle, &sshc->handleSz); - if(rc == WS_FATAL_ERROR) - rc = wolfSSH_get_error(sshc->ssh_session); - if(rc == WS_WANT_READ) { - *block = TRUE; - conn->waitfor = KEEP_RECV; - return CURLE_OK; - } - else if(rc == WS_WANT_WRITE) { - *block = TRUE; - conn->waitfor = KEEP_SEND; - return CURLE_OK; - } - else if(rc == WS_SUCCESS) { - infof(data, "wolfssh SFTP open succeeded"); - wssh_state(data, sshc, SSH_SFTP_DOWNLOAD_STAT); - return CURLE_OK; - } - - failf(data, "wolfssh SFTP open failed: %d", rc); - return CURLE_SSH; - - case SSH_SFTP_DOWNLOAD_STAT: { - WS_SFTP_FILEATRB attrs; - curl_off_t size; - - rc = wolfSSH_SFTP_STAT(sshc->ssh_session, sftp_scp->path, &attrs); - if(rc == WS_FATAL_ERROR) - rc = wolfSSH_get_error(sshc->ssh_session); - if(rc == WS_WANT_READ) { - *block = TRUE; - conn->waitfor = KEEP_RECV; - return CURLE_OK; - } - else if(rc == WS_WANT_WRITE) { - *block = TRUE; - conn->waitfor = KEEP_SEND; - return CURLE_OK; - } - else if(rc == WS_SUCCESS) { - infof(data, "wolfssh STAT succeeded"); - } - else { - failf(data, "wolfssh SFTP open failed: %d", rc); - data->req.size = -1; - data->req.maxdownload = -1; - Curl_pgrsSetDownloadSize(data, -1); - return CURLE_SSH; - } - - size = ((curl_off_t)attrs.sz[1] << 32) | attrs.sz[0]; - - data->req.size = size; - data->req.maxdownload = size; - Curl_pgrsSetDownloadSize(data, size); - - infof(data, "SFTP download %" FMT_OFF_T " bytes", size); - - /* We cannot seek with wolfSSH so resuming and range requests are not - possible */ - if(data->state.use_range || data->state.resume_from) { - infof(data, "wolfSSH cannot do range/seek on SFTP"); - return CURLE_BAD_DOWNLOAD_RESUME; - } - - /* Setup the actual download */ - if(data->req.size == 0) { - /* no data to transfer */ - Curl_xfer_setup_nop(data); - infof(data, "File already completely downloaded"); - wssh_state(data, sshc, SSH_STOP); - break; - } - Curl_xfer_setup_recv(data, FIRSTSOCKET, data->req.size); - - /* not set by Curl_xfer_setup to preserve keepon bits */ - conn->send_idx = 0; - - if(result) { - /* this should never occur; the close state should be entered - at the time the error occurs */ - wssh_state(data, sshc, SSH_SFTP_CLOSE); - sshc->actualcode = result; - } - else { - wssh_state(data, sshc, SSH_STOP); - } - break; - } - case SSH_SFTP_CLOSE: - if(sshc->handleSz) { - rc = wolfSSH_SFTP_Close(sshc->ssh_session, sshc->handle, - sshc->handleSz); - if(rc != WS_SUCCESS) - rc = wolfSSH_get_error(sshc->ssh_session); - } - else { - rc = WS_SUCCESS; /* directory listing */ - } - if(rc == WS_WANT_READ) { - *block = TRUE; - conn->waitfor = KEEP_RECV; - return CURLE_OK; - } - else if(rc == WS_WANT_WRITE) { - *block = TRUE; - conn->waitfor = KEEP_SEND; - return CURLE_OK; - } - else if(rc == WS_SUCCESS) { - wssh_state(data, sshc, SSH_STOP); - return CURLE_OK; - } - - failf(data, "wolfssh SFTP CLOSE failed: %d", rc); - return CURLE_SSH; - - case SSH_SFTP_READDIR_INIT: - Curl_pgrsSetDownloadSize(data, -1); - if(data->req.no_body) { - wssh_state(data, sshc, SSH_STOP); - break; - } - wssh_state(data, sshc, SSH_SFTP_READDIR); - break; - - case SSH_SFTP_READDIR: - name = wolfSSH_SFTP_LS(sshc->ssh_session, sftp_scp->path); - if(!name) - rc = wolfSSH_get_error(sshc->ssh_session); - else - rc = WS_SUCCESS; - - if(rc == WS_WANT_READ) { - *block = TRUE; - conn->waitfor = KEEP_RECV; - return CURLE_OK; - } - else if(rc == WS_WANT_WRITE) { - *block = TRUE; - conn->waitfor = KEEP_SEND; - return CURLE_OK; - } - else if(name && (rc == WS_SUCCESS)) { - WS_SFTPNAME *origname = name; - result = CURLE_OK; - while(name) { - char *line = aprintf("%s\n", - data->set.list_only ? - name->fName : name->lName); - if(!line) { - wssh_state(data, sshc, SSH_SFTP_CLOSE); - sshc->actualcode = CURLE_OUT_OF_MEMORY; - break; - } - result = Curl_client_write(data, CLIENTWRITE_BODY, - line, strlen(line)); - free(line); - if(result) { - sshc->actualcode = result; - break; - } - name = name->next; - } - wolfSSH_SFTPNAME_list_free(origname); - wssh_state(data, sshc, SSH_STOP); - return result; - } - failf(data, "wolfssh SFTP ls failed: %d", rc); - return CURLE_SSH; - - case SSH_SFTP_SHUTDOWN: - wssh_sshc_cleanup(sshc); - wssh_state(data, sshc, SSH_STOP); - return CURLE_OK; - default: - break; - } - } while(!rc && (sshc->state != SSH_STOP)); - return result; -} - -/* called repeatedly until done from multi.c */ -static CURLcode wssh_multi_statemach(struct Curl_easy *data, bool *done) -{ - struct connectdata *conn = data->conn; - struct ssh_conn *sshc = Curl_conn_meta_get(conn, CURL_META_SSH_CONN); - CURLcode result = CURLE_OK; - bool block; /* we store the status and use that to provide a ssh_pollset() - implementation */ - if(!sshc) - return CURLE_FAILED_INIT; - - do { - result = wssh_statemach_act(data, sshc, &block); - *done = (sshc->state == SSH_STOP); - /* if there is no error, it is not done and it did not EWOULDBLOCK, then - try again */ - if(*done) { - DEBUGF(infof(data, "wssh_statemach_act says DONE")); - } - } while(!result && !*done && !block); - - return result; -} - -static -CURLcode wscp_perform(struct Curl_easy *data, - bool *connected, - bool *dophase_done) -{ - (void)data; - (void)connected; - (void)dophase_done; - return CURLE_OK; -} - -static -CURLcode wsftp_perform(struct Curl_easy *data, - struct ssh_conn *sshc, - bool *connected, - bool *dophase_done) -{ - CURLcode result = CURLE_OK; - - DEBUGF(infof(data, "DO phase starts")); - - *dophase_done = FALSE; /* not done yet */ - - /* start the first command in the DO phase */ - wssh_state(data, sshc, SSH_SFTP_QUOTE_INIT); - - /* run the state-machine */ - result = wssh_multi_statemach(data, dophase_done); - - *connected = Curl_conn_is_connected(data->conn, FIRSTSOCKET); - - if(*dophase_done) { - DEBUGF(infof(data, "DO phase is complete")); - } - - return result; -} - -/* - * The DO function is generic for both protocols. - */ -static CURLcode wssh_do(struct Curl_easy *data, bool *done) -{ - CURLcode result; - bool connected = FALSE; - struct connectdata *conn = data->conn; - struct ssh_conn *sshc = Curl_conn_meta_get(conn, CURL_META_SSH_CONN); - - *done = FALSE; /* default to false */ - if(!sshc) - return CURLE_FAILED_INIT; - - data->req.size = -1; /* make sure this is unknown at this point */ - sshc->actualcode = CURLE_OK; /* reset error code */ - sshc->secondCreateDirs = 0; /* reset the create dir attempt state - variable */ - - Curl_pgrsSetUploadCounter(data, 0); - Curl_pgrsSetDownloadCounter(data, 0); - Curl_pgrsSetUploadSize(data, -1); - Curl_pgrsSetDownloadSize(data, -1); - - if(conn->handler->protocol & CURLPROTO_SCP) - result = wscp_perform(data, &connected, done); - else - result = wsftp_perform(data, sshc, &connected, done); - - return result; -} - -static CURLcode wssh_block_statemach(struct Curl_easy *data, - struct ssh_conn *sshc, - bool disconnect) -{ - struct connectdata *conn = data->conn; - CURLcode result = CURLE_OK; - - while((sshc->state != SSH_STOP) && !result) { - bool block; - timediff_t left = 1000; - struct curltime now = curlx_now(); - - result = wssh_statemach_act(data, sshc, &block); - if(result) - break; - - if(!disconnect) { - if(Curl_pgrsUpdate(data)) - return CURLE_ABORTED_BY_CALLBACK; - - result = Curl_speedcheck(data, now); - if(result) - break; - - left = Curl_timeleft(data, NULL, FALSE); - if(left < 0) { - failf(data, "Operation timed out"); - return CURLE_OPERATION_TIMEDOUT; - } - } - - if(!result) { - int dir = conn->waitfor; - curl_socket_t sock = conn->sock[FIRSTSOCKET]; - curl_socket_t fd_read = CURL_SOCKET_BAD; - curl_socket_t fd_write = CURL_SOCKET_BAD; - if(dir == KEEP_RECV) - fd_read = sock; - else if(dir == KEEP_SEND) - fd_write = sock; - - /* wait for the socket to become ready */ - (void)Curl_socket_check(fd_read, CURL_SOCKET_BAD, fd_write, - left > 1000 ? 1000 : left); /* ignore result */ - } - } - - return result; -} - -/* generic done function for both SCP and SFTP called from their specific - done functions */ -static CURLcode wssh_done(struct Curl_easy *data, - struct ssh_conn *sshc, - CURLcode status) -{ - CURLcode result = CURLE_OK; - - if(!status) { - /* run the state-machine */ - result = wssh_block_statemach(data, sshc, FALSE); - } - else - result = status; - - if(Curl_pgrsDone(data)) - return CURLE_ABORTED_BY_CALLBACK; - - data->req.keepon = 0; /* clear all bits */ - return result; -} - -static void wssh_sshc_cleanup(struct ssh_conn *sshc) -{ - if(sshc->ssh_session) { - wolfSSH_free(sshc->ssh_session); - sshc->ssh_session = NULL; - } - if(sshc->ctx) { - wolfSSH_CTX_free(sshc->ctx); - sshc->ctx = NULL; - } - Curl_safefree(sshc->homedir); -} - -#if 0 -static CURLcode wscp_done(struct Curl_easy *data, - CURLcode code, bool premature) -{ - CURLcode result = CURLE_OK; - (void)conn; - (void)code; - (void)premature; - - return result; -} - -static CURLcode wscp_doing(struct Curl_easy *data, - bool *dophase_done) -{ - CURLcode result = CURLE_OK; - (void)conn; - (void)dophase_done; - - return result; -} - -static CURLcode wscp_disconnect(struct Curl_easy *data, - struct connectdata *conn, bool dead_connection) -{ - struct ssh_conn *sshc = Curl_conn_meta_get(conn, CURL_META_SSH_CONN); - CURLcode result = CURLE_OK; - (void)dead_connection; - if(sshc) - wssh_sshc_cleanup(sshc); - return result; -} -#endif - -static CURLcode wsftp_done(struct Curl_easy *data, - CURLcode code, bool premature) -{ - struct ssh_conn *sshc = Curl_conn_meta_get(data->conn, CURL_META_SSH_CONN); - (void)premature; - if(!sshc) - return CURLE_FAILED_INIT; - - wssh_state(data, sshc, SSH_SFTP_CLOSE); - - return wssh_done(data, sshc, code); -} - -static CURLcode wsftp_doing(struct Curl_easy *data, - bool *dophase_done) -{ - CURLcode result = wssh_multi_statemach(data, dophase_done); - - if(*dophase_done) { - DEBUGF(infof(data, "DO phase is complete")); - } - return result; -} - -static CURLcode wsftp_disconnect(struct Curl_easy *data, - struct connectdata *conn, - bool dead) -{ - struct ssh_conn *sshc = Curl_conn_meta_get(conn, CURL_META_SSH_CONN); - CURLcode result = CURLE_OK; - (void)dead; - - DEBUGF(infof(data, "SSH DISCONNECT starts now")); - - if(sshc && sshc->ssh_session) { - /* only if there is a session still around to use! */ - wssh_state(data, sshc, SSH_SFTP_SHUTDOWN); - result = wssh_block_statemach(data, sshc, TRUE); - } - - if(sshc) - wssh_sshc_cleanup(sshc); - DEBUGF(infof(data, "SSH DISCONNECT is done")); - return result; -} - -static CURLcode wssh_pollset(struct Curl_easy *data, - struct easy_pollset *ps) -{ - int flags = 0; - if(data->conn->waitfor & KEEP_RECV) - flags |= CURL_POLL_IN; - if(data->conn->waitfor & KEEP_SEND) - flags |= CURL_POLL_OUT; - return flags ? - Curl_pollset_change(data, ps, data->conn->sock[FIRSTSOCKET], flags, 0) : - CURLE_OK; -} - -void Curl_ssh_version(char *buffer, size_t buflen) -{ - (void)msnprintf(buffer, buflen, "wolfssh/%s", LIBWOLFSSH_VERSION_STRING); -} - -CURLcode Curl_ssh_init(void) -{ - if(WS_SUCCESS != wolfSSH_Init()) { - DEBUGF(fprintf(stderr, "Error: wolfSSH_Init failed\n")); - return CURLE_FAILED_INIT; - } - - return CURLE_OK; -} -void Curl_ssh_cleanup(void) -{ - (void)wolfSSH_Cleanup(); -} - -#endif /* USE_WOLFSSH */ diff --git a/packages/OS400/ccsidcurl.c b/packages/OS400/ccsidcurl.c index a9c04d5a42..101cf90247 100644 --- a/packages/OS400/ccsidcurl.c +++ b/packages/OS400/ccsidcurl.c @@ -1213,8 +1213,8 @@ curl_easy_setopt_ccsid(CURL *easy, CURLoption tag, ...) if(!s) { result = CURLE_OUT_OF_MEMORY; break; - } } + } else { /* Data length specified. */ size_t len; diff --git a/scripts/schemetable.c b/scripts/schemetable.c index 7da4613212..e65c462f7b 100644 --- a/scripts/schemetable.c +++ b/scripts/schemetable.c @@ -60,7 +60,7 @@ static const struct detail scheme[] = { {"rtmps", "#ifdef USE_LIBRTMP" }, {"rtmpts", "#ifdef USE_LIBRTMP" }, {"rtsp", "#ifndef CURL_DISABLE_RTSP" }, - {"scp", "#if defined(USE_SSH) && !defined(USE_WOLFSSH)" }, + {"scp", "#ifdef USE_SSH" }, {"sftp", "#ifdef USE_SSH" }, {"smb", "#if !defined(CURL_DISABLE_SMB) && \\\n" " defined(USE_CURL_NTLM_CORE) && (SIZEOF_CURL_OFF_T > 4)" }, diff --git a/tests/runtests.pl b/tests/runtests.pl index 4945e94cda..6b6e5b0761 100755 --- a/tests/runtests.pl +++ b/tests/runtests.pl @@ -639,9 +639,6 @@ sub checksystemfeatures { } } } - if($libcurl =~ /wolfssh/i) { - $feature{"wolfssh"} = 1; - } } elsif($_ =~ /^Protocols: (.*)/i) { $proto = $1; From 9a5810f6c1ebac17dae149c517cb520d4abaa4bf Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 24 Sep 2025 23:03:03 +0200 Subject: [PATCH 0157/2408] RELEASE-NOTES: synced --- RELEASE-NOTES | 69 +++++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 62 insertions(+), 7 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 698c81d3a8..fadadb8c87 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -4,28 +4,36 @@ curl and libcurl 8.17.0 Command line options: 272 curl_easy_setopt() options: 308 Public functions in libcurl: 98 - Contributors: 3505 + Contributors: 3508 This release includes the following changes: o build: drop the winbuild build system [81] o krb5: drop support for Kerberos FTP [43] o libssh2: up the minimum requirement to 1.9.0 [85] + o vssh: drop support for wolfSSH [58] o write-out: make %header{} able to output *all* occurrences of a header [25] This release includes the following bugfixes: + o ares: fix leak in tracing [91] o asyn-thrdd: drop pthread_cancel [30] + o autotools: add support for libgsasl auto-detection via pkg-config [112] + o autotools: capitalize 'Rustls' in the log output [106] + o autotools: fix duplicate `UNIX` and `BSD` flags in `buildinfo.txt` [113] + o autotools: fix silly mistake in clang detection for `buildinfo.txt` [114] o autotools: make `--enable-code-coverage` support llvm/clang [79] o aws-lc: re-enable large read-ahead with v1.61.0 again [16] o base64: accept zero length argument to base64_encode [82] o build: address some `-Weverything` warnings, update picky warnings [74] o build: avoid overriding system symbols for socket functions [68] + o build: show llvm/clang in platform flags and `buildinfo.txt` [126] o cf-socket: use the right byte order for ports in bindlocal [61] - o cf_socket_recv: don't count reading zero bytes as first byte [23] o cfilter: unlink and discard [46] o cmake: add `CURL_CODE_COVERAGE` option [78] + o cmake: clang detection tidy-ups [116] o cmake: fix building docs when the base directory contains `.3` [18] + o cmake: use modern alternatives for `get_filename_component()` [102] o cmdline-docs: extended, clarified, refreshed [28] o configure: add "-mt" for pthread support on HP-UX [52] o cookie: avoid saving a cookie file if no transfer was done [11] @@ -42,10 +50,13 @@ This release includes the following bugfixes: o docs/libcurl: clarify some timeout option behavior [15] o docs/libcurl: remove ancient version references [7] o docs/libcurl: use lowercase must [5] + o docs: fix/tidy code fences [87] o easy_getinfo: check magic, Curl_close safety [3] o examples: fix two issues found by CodeQL [35] + o ftp: fix ftp_do_more returning with *completep unset [122] o ftp: fix port number range loop for PORT commands [66] o gtls: avoid potential use of uninitialized variable in trace output [83] + o hostip: remove leftover INT_MAX check in Curl_dnscache_prune [88] o httpsrr: free old pointers when storing new [57] o krb5: return appropriate error on send failures [22] o ldap: do not base64 encode zero length string [42] @@ -53,20 +64,26 @@ This release includes the following bugfixes: o libcurl-security.md: mention long-running connections [6] o libssh2: drop two redundant null-terminations [26] o libssh2: error check and null-terminate in ssh_state_sftp_readdir_link() [34] + o libssh: drop two unused assigments [104] o libssh: error on bad chgrp number [71] o libssh: error on bad chown number and store the value [64] + o libssh: fix range parsing error handling mistake [120] o libssh: react on errors from ssh_scp_read [24] o libssh: return out of memory correctly if aprintf fails [60] o Makefile.example: simplify and make it configurable [20] o managen: ignore version mentions < 7.66.0 [55] o managen: render better manpage references/links [54] + o managen: strict protocol check [109] o multi.h: add CURLMINFO_LASTENTRY [51] o ngtcp2: check error code on connect failure [13] o openldap: avoid indexing the result at -1 for blank responses [44] + o openldap: check ldap_get_option() return codes [119] o openssl: make the asn1_object_dump name null terminated [56] o quic: fix min TLS version handling [14] o quic: ignore EMSGSIZE on receive [4] + o rustls: fix clang-tidy warning [107] o rustls: typecast variable for safer trace output [69] + o rustls: use %zu for size_t in failf() format string [121] o sasl: clear canceled mechanism instead of toggling it [41] o schannel: assign result before using it [62] o setopt: accept *_SSL_VERIFYHOST set to 2L [31] @@ -74,27 +91,37 @@ This release includes the following bugfixes: o smb: adjust buffer size checks [45] o smtp: check EHLO responses case insensitively [50] o socks: make Curl_blockread_all return CURLcode [67] + o socks_gssapi: reject too long tokens [90] o socks_sspi: fix memory cleanup calls [40] o socks_sspi: restore non-blocking socket on error paths [48] o ssl-sessions.md: mark option experimental [12] o sws: fix checking `sscanf()` return value [17] o telnet: make printsub require another byte input [21] + o telnet: refuse IAC codes in content [111] + o telnet: return error on crazy TTYPE or XDISPLOC lengths [123] o tftp: check and act on tftp_set_timeouts() returning error [38] o tftp: handle tftp_multi_statemach() return code [65] + o tftp: pin the first used address [110] o tftp: propagate expired timer from tftp_state_timeout() [39] o tftp: return error when sendto() fails [59] + o tidy-up: assortment of small fixes [115] o tidy-up: avoid using the reserved macro namespace [76] o tidy-up: update MS links, allow long URLs via `checksrc` [73] + o tidy-up: URLs [101] o TODO: remove already implemented or bad items [36] o tool: fix exponential retry delay [47] o tool_cb_hdr: fix fwrite check in header callback [49] o tool_cb_hdr: size is always 1 [70] + o tool_doswin: fix to use curl socket functions [108] o tool_getparam/set_rate: skip the multiplication on overflow [84] o tool_operate: improve wording in retry message [37] o tool_operate: keep the progress meter for --out-null [33] o urldata: FILE is not a list-only protocol [9] + o vtls_int.h: clarify data_pending [124] o windows: replace `_beginthreadex()` with `CreateThread()` [80] o windows: stop passing unused, optional argument for Win9x compatibility [75] + o ws: clarify an error message [125] + o ws: reject curl_ws_recv called with NULL buffer with a buflen [118] This release includes the following known bugs: @@ -120,10 +147,11 @@ advice from friends like these: Adam Light, Andrew Kirillov, Andrew Olsen, BobodevMm on github, Christian Schmitz, Dan Fandrich, Daniel Stenberg, dependabot[bot], divinity76 on github, Emilio Pozuelo Monfort, Ethan Everett, - fds242 on github, Javier Blazquez, Jicea, Joshua Rogers, kapsiR on github, - Marcel Raad, Michael Osipov, Michał Petryka, Nir Azkiel, Ray Satiro, - renovate[bot], Samuel Dionne-Riel, Stefan Eissing, Viktor Szakats - (25 contributors) + fds242 on github, Javier Blazquez, Jicea, jmaggard10 on github, + Joseph Birr-Pixton, Joshua Rogers, kapsiR on github, Marcel Raad, + Michael Osipov, Michał Petryka, Nir Azkiel, Ray Satiro, renovate[bot], + rinsuki on github, Samuel Dionne-Riel, Stefan Eissing, Viktor Szakats + (28 contributors) References to bug reports and discussions on issues: @@ -149,7 +177,6 @@ References to bug reports and discussions on issues: [20] = https://curl.se/bug/?i=18554 [21] = https://curl.se/bug/?i=18618 [22] = https://curl.se/bug/?i=18561 - [23] = https://curl.se/bug/?i=18615 [24] = https://curl.se/bug/?i=18616 [25] = https://curl.se/bug/?i=18491 [26] = https://curl.se/bug/?i=18606 @@ -184,6 +211,7 @@ References to bug reports and discussions on issues: [55] = https://curl.se/bug/?i=18583 [56] = https://curl.se/bug/?i=18647 [57] = https://curl.se/bug/?i=18631 + [58] = https://curl.se/bug/?i=18700 [59] = https://curl.se/bug/?i=18643 [60] = https://curl.se/bug/?i=18637 [61] = https://curl.se/bug/?i=18641 @@ -211,3 +239,30 @@ References to bug reports and discussions on issues: [83] = https://curl.se/bug/?i=18620 [84] = https://curl.se/bug/?i=18624 [85] = https://curl.se/bug/?i=18612 + [87] = https://curl.se/bug/?i=18707 + [88] = https://curl.se/bug/?i=18680 + [90] = https://curl.se/bug/?i=18681 + [91] = https://curl.se/bug/?i=18251 + [101] = https://curl.se/bug/?i=18689 + [102] = https://curl.se/bug/?i=18688 + [104] = https://curl.se/bug/?i=18684 + [106] = https://curl.se/bug/?i=18671 + [107] = https://curl.se/bug/?i=18670 + [108] = https://curl.se/bug/?i=18633 + [109] = https://curl.se/bug/?i=18675 + [110] = https://curl.se/bug/?i=18658 + [111] = https://curl.se/bug/?i=18657 + [112] = https://curl.se/bug/?i=18669 + [113] = https://curl.se/bug/?i=18667 + [114] = https://curl.se/bug/?i=18666 + [115] = https://curl.se/bug/?i=18664 + [116] = https://curl.se/bug/?i=18659 + [118] = https://curl.se/bug/?i=18656 + [119] = https://curl.se/bug/?i=18653 + [120] = https://curl.se/bug/?i=18652 + [121] = https://curl.se/bug/?i=18651 + [122] = https://curl.se/bug/?i=18650 + [123] = https://curl.se/bug/?i=18648 + [124] = https://curl.se/bug/?i=18644 + [125] = https://curl.se/bug/?i=18654 + [126] = https://curl.se/bug/?i=18645 From 977595772c6e650b538da965cde676c9bc15cfd8 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 24 Sep 2025 23:48:13 +0200 Subject: [PATCH 0158/2408] RELEASE-NOTES: codespell --- RELEASE-NOTES | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index fadadb8c87..da62171c71 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -64,7 +64,7 @@ This release includes the following bugfixes: o libcurl-security.md: mention long-running connections [6] o libssh2: drop two redundant null-terminations [26] o libssh2: error check and null-terminate in ssh_state_sftp_readdir_link() [34] - o libssh: drop two unused assigments [104] + o libssh: drop two unused assignments [104] o libssh: error on bad chgrp number [71] o libssh: error on bad chown number and store the value [64] o libssh: fix range parsing error handling mistake [120] From 9d3f878e59d155ee2b916550bdca531424643710 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 24 Sep 2025 21:01:05 +0000 Subject: [PATCH 0159/2408] GHA: update actions/cache digest to 0057852 Closes #18710 --- .github/workflows/http3-linux.yml | 46 +++++++++++++++---------------- .github/workflows/linux.yml | 20 +++++++------- .github/workflows/macos.yml | 2 +- .github/workflows/windows.yml | 10 +++---- 4 files changed, 39 insertions(+), 39 deletions(-) diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index 780320e383..61164913ad 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -69,7 +69,7 @@ jobs: steps: - name: 'cache openssl' - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-openssl-http3 env: cache-name: cache-openssl-http3 @@ -78,7 +78,7 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.OPENSSL_VERSION }} - name: 'cache libressl' - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-libressl env: cache-name: cache-libressl @@ -87,7 +87,7 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.LIBRESSL_VERSION }} - name: 'cache awslc' - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-awslc env: cache-name: cache-awslc @@ -96,7 +96,7 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.AWSLC_VERSION }} - name: 'cache boringssl' - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-boringssl env: cache-name: cache-boringssl @@ -105,7 +105,7 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.BORINGSSL_VERSION }} - name: 'cache quictls' - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-quictls-no-deprecated env: cache-name: cache-quictls-no-deprecated @@ -114,7 +114,7 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.QUICTLS_VERSION }}-quic1 - name: 'cache gnutls' - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-gnutls env: cache-name: cache-gnutls @@ -123,7 +123,7 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.GNUTLS_VERSION }} - name: 'cache wolfssl' - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-wolfssl env: cache-name: cache-wolfssl @@ -132,7 +132,7 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.WOLFSSL_VERSION }} - name: 'cache nghttp3' - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-nghttp3 env: cache-name: cache-nghttp3 @@ -141,7 +141,7 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGHTTP3_VERSION }} - name: 'cache ngtcp2' - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-ngtcp2 env: cache-name: cache-ngtcp2 @@ -150,7 +150,7 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.OPENSSL_VERSION }}-${{ env.LIBRESSL_VERSION }}-${{ env.AWSLC_VERSION }}-${{ env.QUICTLS_VERSION }}-${{ env.GNUTLS_VERSION }}-${{ env.WOLFSSL_VERSION }} - name: 'cache ngtcp2 boringssl' - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-ngtcp2-boringssl env: cache-name: cache-ngtcp2-boringssl @@ -159,7 +159,7 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.BORINGSSL_VERSION }} - name: 'cache nghttp2' - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-nghttp2 env: cache-name: cache-nghttp2 @@ -518,7 +518,7 @@ jobs: - name: 'cache openssl' if: ${{ matrix.build.name == 'openssl' || matrix.build.name == 'openssl-quic' }} - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-openssl-http3 env: cache-name: cache-openssl-http3 @@ -528,7 +528,7 @@ jobs: fail-on-cache-miss: true - name: 'cache libressl' - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-libressl env: cache-name: cache-libressl @@ -538,7 +538,7 @@ jobs: fail-on-cache-miss: true - name: 'cache awslc' - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-awslc env: cache-name: cache-awslc @@ -548,7 +548,7 @@ jobs: fail-on-cache-miss: true - name: 'cache boringssl' - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-boringssl env: cache-name: cache-boringssl @@ -558,7 +558,7 @@ jobs: fail-on-cache-miss: true - name: 'cache quictls' - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-quictls-no-deprecated env: cache-name: cache-quictls-no-deprecated @@ -569,7 +569,7 @@ jobs: - name: 'cache gnutls' if: ${{ matrix.build.name == 'gnutls' }} - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-gnutls env: cache-name: cache-gnutls @@ -580,7 +580,7 @@ jobs: - name: 'cache wolfssl' if: ${{ matrix.build.name == 'wolfssl' }} - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-wolfssl env: cache-name: cache-wolfssl @@ -590,7 +590,7 @@ jobs: fail-on-cache-miss: true - name: 'cache nghttp3' - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-nghttp3 env: cache-name: cache-nghttp3 @@ -600,7 +600,7 @@ jobs: fail-on-cache-miss: true - name: 'cache ngtcp2' - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-ngtcp2 env: cache-name: cache-ngtcp2 @@ -610,7 +610,7 @@ jobs: fail-on-cache-miss: true - name: 'cache ngtcp2 boringssl' - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-ngtcp2-boringssl env: cache-name: cache-ngtcp2-boringssl @@ -620,7 +620,7 @@ jobs: fail-on-cache-miss: true - name: 'cache nghttp2' - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-nghttp2 env: cache-name: cache-nghttp2 @@ -631,7 +631,7 @@ jobs: - name: 'cache quiche' if: ${{ matrix.build.name == 'quiche' }} - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-quiche env: cache-name: cache-quiche diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 20a5849d4d..4f16438267 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -348,7 +348,7 @@ jobs: - name: 'cache libressl' if: ${{ contains(matrix.build.install_steps, 'libressl') }} - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-libressl env: cache-name: cache-libressl @@ -367,7 +367,7 @@ jobs: - name: 'cache wolfssl (all)' if: ${{ contains(matrix.build.install_steps, 'wolfssl-all') }} - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-wolfssl-all env: cache-name: cache-wolfssl-all @@ -388,7 +388,7 @@ jobs: - name: 'cache wolfssl (opensslextra)' # does support `OPENSSL_COEXIST` if: ${{ contains(matrix.build.install_steps, 'wolfssl-opensslextra') }} - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-wolfssl-opensslextra env: cache-name: cache-wolfssl-opensslextra @@ -409,7 +409,7 @@ jobs: - name: 'cache mbedtls' if: ${{ contains(matrix.build.install_steps, 'mbedtls') }} - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-mbedtls env: cache-name: cache-mbedtls-threadsafe @@ -432,7 +432,7 @@ jobs: - name: 'cache openldap-static' if: ${{ contains(matrix.build.install_steps, 'openldap-static') }} - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-openldap-static env: cache-name: cache-openldap-static @@ -452,7 +452,7 @@ jobs: - name: 'cache openssl (thread sanitizer)' if: ${{ contains(matrix.build.install_steps, 'openssl-tsan') }} - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-openssl-tsan env: cache-name: cache-openssl-tsan @@ -471,7 +471,7 @@ jobs: - name: 'cache quictls' if: ${{ contains(matrix.build.install_steps, 'quictls') }} - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-quictls env: cache-name: cache-quictls @@ -490,7 +490,7 @@ jobs: - name: 'cache awslc' if: ${{ contains(matrix.build.install_steps, 'awslc') }} - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-awslc env: cache-name: cache-awslc @@ -511,7 +511,7 @@ jobs: - name: 'cache boringssl' if: ${{ contains(matrix.build.install_steps, 'boringssl') }} - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-boringssl env: cache-name: cache-boringssl @@ -532,7 +532,7 @@ jobs: - name: 'cache rustls' if: ${{ contains(matrix.build.install_steps, 'rustls') }} - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-rustls env: cache-name: cache-rustls diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index ee8cec7d70..c111eaf419 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -110,7 +110,7 @@ jobs: - name: 'cache libressl' if: ${{ contains(matrix.build.install_steps, 'libressl') }} - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-libressl env: cache-name: cache-libressl diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index d45979c05a..0f802b6902 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -62,7 +62,7 @@ jobs: run: perl --version | tee "$GITHUB_WORKSPACE"/perlversion - name: 'cache perl packages' - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-perl-win32-pkgs env: cache-name: cache-perl-win32-pkgs @@ -433,7 +433,7 @@ jobs: - name: 'cache perl packages' if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' && matrix.sys != 'msys' }} - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-perl-win32-pkgs env: cache-name: cache-perl-win32-pkgs @@ -570,7 +570,7 @@ jobs: ${{ matrix.install }} - name: 'cache compiler (gcc ${{ matrix.ver }}-${{ matrix.env }})' - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-compiler with: path: D:\my-cache @@ -663,7 +663,7 @@ jobs: - name: 'cache perl packages' if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-perl-win32-pkgs env: cache-name: cache-perl-win32-pkgs @@ -1057,7 +1057,7 @@ jobs: - name: 'cache perl packages' if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 id: cache-perl-win32-pkgs env: cache-name: cache-perl-win32-pkgs From 97e5a471e0d7a6ade6476c71801ae2a89961919b Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 22 Sep 2025 10:09:18 +0200 Subject: [PATCH 0160/2408] KNOWN_BUGS: Access violation sending client cert with SChannel It seems we can select between crashing or leaking sensitive files because Schannel is buggy. Closes #17626 Closes #18679 --- docs/KNOWN_BUGS | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/docs/KNOWN_BUGS b/docs/KNOWN_BUGS index 1eb5716f8b..3785d73aa4 100644 --- a/docs/KNOWN_BUGS +++ b/docs/KNOWN_BUGS @@ -15,6 +15,7 @@ problems may have been fixed or changed somewhat since this was written. 2. TLS 2.1 IMAPS connection fails with Rustls error + 2.2 Access violation sending client cert with Schannel 2.5 Client cert handling with Issuer DN differs between backends 2.7 Client cert (MTLS) issues with Schannel 2.11 Schannel TLS 1.2 handshake bug in old Windows versions @@ -120,6 +121,14 @@ problems may have been fixed or changed somewhat since this was written. https://github.com/curl/curl/issues/10457 +2.2 Access violation sending client cert with Schannel + + When using Schannel to do client certs, curl sets PKCS12_NO_PERSIST_KEY to + avoid leaking the private key into the filesystem. Unfortunately that flag + instead seems to trigger a crash. + + See https://github.com/curl/curl/issues/17626 + 2.5 Client cert handling with Issuer DN differs between backends When the specified client certificate does not match any of the From 0f1657ca75fcca4dbdbccf31d9d6cf4fae4a98e5 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 22 Sep 2025 11:27:27 +0200 Subject: [PATCH 0161/2408] mbedtls: handle WANT_WRITE from mbedtls_ssl_read() The mbedtls_ssl_read() function is documented to be able to also return MBEDTLS_ERR_SSL_WANT_WRITE, so act on that accordingly instead of returning error for it. Assisted-by: Stefan Eissing Reported in Joshua's sarif data Closes #18682 --- lib/vtls/mbedtls.c | 26 ++++++++++++++++++++++---- 1 file changed, 22 insertions(+), 4 deletions(-) diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c index a8abd0fe09..0a62da2b58 100644 --- a/lib/vtls/mbedtls.c +++ b/lib/vtls/mbedtls.c @@ -1113,8 +1113,9 @@ static CURLcode mbed_send(struct Curl_cfilter *cf, struct Curl_easy *data, int nwritten; (void)data; - *pnwritten = 0; DEBUGASSERT(backend); + *pnwritten = 0; + connssl->io_need = CURL_SSL_IO_NEED_NONE; /* mbedtls is picky when a mbedtls_ssl_write) was previously blocked. * It requires to be called with the same amount of bytes again, or it * will lose bytes, e.g. reporting all was sent but they were not. @@ -1135,11 +1136,22 @@ static CURLcode mbed_send(struct Curl_cfilter *cf, struct Curl_easy *data, else { CURL_TRC_CF(data, cf, "mbedtls_ssl_write(len=%zu) -> -0x%04X", len, -nwritten); - result = ((nwritten == MBEDTLS_ERR_SSL_WANT_WRITE) + switch(nwritten) { #ifdef MBEDTLS_SSL_PROTO_TLS1_3 - || (nwritten == MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET) + case MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET: #endif - ) ? CURLE_AGAIN : CURLE_SEND_ERROR; + case MBEDTLS_ERR_SSL_WANT_READ: + connssl->io_need = CURL_SSL_IO_NEED_RECV; + result = CURLE_AGAIN; + break; + case MBEDTLS_ERR_SSL_WANT_WRITE: + connssl->io_need = CURL_SSL_IO_NEED_SEND; + result = CURLE_AGAIN; + break; + default: + result = CURLE_SEND_ERROR; + break; + } if((result == CURLE_AGAIN) && !backend->send_blocked) { backend->send_blocked = TRUE; backend->send_blocked_len = len; @@ -1280,6 +1292,7 @@ static CURLcode mbed_recv(struct Curl_cfilter *cf, struct Curl_easy *data, (void)data; DEBUGASSERT(backend); *pnread = 0; + connssl->io_need = CURL_SSL_IO_NEED_NONE; nread = mbedtls_ssl_read(&backend->ssl, (unsigned char *)buf, buffersize); if(nread > 0) @@ -1294,6 +1307,11 @@ static CURLcode mbed_recv(struct Curl_cfilter *cf, struct Curl_easy *data, FALLTHROUGH(); #endif case MBEDTLS_ERR_SSL_WANT_READ: + connssl->io_need = CURL_SSL_IO_NEED_RECV; + result = CURLE_AGAIN; + break; + case MBEDTLS_ERR_SSL_WANT_WRITE: + connssl->io_need = CURL_SSL_IO_NEED_SEND; result = CURLE_AGAIN; break; case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: From aaa39873ea7cd2a5031cfaa16b54fa3b09af7ff1 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 25 Sep 2025 08:45:53 +0200 Subject: [PATCH 0162/2408] socks_gssapi: make the gss_context a local variable Reported-by: Stanislav Fort Closes #18711 --- lib/socks_gssapi.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/socks_gssapi.c b/lib/socks_gssapi.c index 037515e576..b6530d5d7d 100644 --- a/lib/socks_gssapi.c +++ b/lib/socks_gssapi.c @@ -49,8 +49,6 @@ #define MAX_GSS_LEN 1024 -static gss_ctx_id_t gss_context = GSS_C_NO_CONTEXT; - /* * Helper GSS-API error functions. */ @@ -134,6 +132,8 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, const char *serviceptr = data->set.str[STRING_PROXY_SERVICE_NAME] ? data->set.str[STRING_PROXY_SERVICE_NAME] : "rcmd"; const size_t serviceptr_length = strlen(serviceptr); + gss_ctx_id_t gss_context = GSS_C_NO_CONTEXT; + /* GSS-API request looks like * +----+------+-----+----------------+ From 98dae1d992aa1b048230f9d4934aefe8128b2f6c Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 21 Sep 2025 23:34:37 +0200 Subject: [PATCH 0163/2408] socks_gssapi: remove the forced "no protection" If a protected connection is requested, don't claim to drop down to "no protection". Reported in Joshua's sarif data Closes #18712 --- lib/socks_gssapi.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/lib/socks_gssapi.c b/lib/socks_gssapi.c index b6530d5d7d..0aa6f7245f 100644 --- a/lib/socks_gssapi.c +++ b/lib/socks_gssapi.c @@ -359,8 +359,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, infof(data, "SOCKS5 server supports GSS-API %s data protection.", (gss_enc == 0) ? "no" : ((gss_enc == 1) ? "integrity" : "confidentiality")); - /* force for the moment to no data protection */ - gss_enc = 0; + /* * Sending the encryption type in clear seems wrong. It should be * protected with gss_seal()/gss_wrap(). See RFC1961 extract below From 7f38bf51ad42506b5e4bf3a4c8ad6075a61b566b Mon Sep 17 00:00:00 2001 From: Patrick Monnerat Date: Thu, 25 Sep 2025 01:14:19 +0200 Subject: [PATCH 0164/2408] OS400: fix a use-after-free/double-free case Closes #18713 --- packages/OS400/ccsidcurl.c | 1 + 1 file changed, 1 insertion(+) diff --git a/packages/OS400/ccsidcurl.c b/packages/OS400/ccsidcurl.c index 101cf90247..b40367fd96 100644 --- a/packages/OS400/ccsidcurl.c +++ b/packages/OS400/ccsidcurl.c @@ -1246,6 +1246,7 @@ curl_easy_setopt_ccsid(CURL *easy, CURLoption tag, ...) data->set.postfieldsize = pfsize; /* Replace data size. */ s = cp; + cp = NULL; } result = curl_easy_setopt(easy, CURLOPT_POSTFIELDS, s); From 7d5f8be532c19ec73063aaa4f27057047bdae5ac Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 24 Sep 2025 17:22:52 +0200 Subject: [PATCH 0165/2408] GHA: use pip `requirements.txt` with pins, and more venv - requirements.txt: shorten copyright headers. - requirements.txt: pin packages to versions. - GHA/windows: use `tests/requirements.txt`. Pick a `cryptography` package version that satifies both `impacket` and pytests dependencies. - GHA/checksrc: move pip deps into a new `requirements.txt`. To make Dependabot detect and bump them. - GHA/checksrc: replace apt packages for python test deps with pip install `tests/**/requirements.txt` to a venv. - GHA/checksrc: use venv and drop `--break-system-packages`. - GHA/linux: fix to actually activate venvs. Follow-up to 2638570241cb9e68240d7621f0213916334a4765 #15578 - GHA/linux: fixup (did not cause an issue) Follow-up to d75785c7dea214d12525beb659694d3fcc483731 #18660 - GHA: create venvs later, simplify commands. - GHA: sync pip command-line options, e.g. drop progress-bar, everywhere. Assisted-by: Dan Fandrich Closes #18708 --- .github/scripts/requirements.txt | 8 +++++++ .github/workflows/checksrc.yml | 27 +++++++++++++----------- .github/workflows/http3-linux.yml | 9 ++++---- .github/workflows/linux.yml | 18 ++++++++-------- .github/workflows/macos.yml | 7 +++---- .github/workflows/windows.yml | 4 ++-- tests/http/requirements.txt | 35 +++++++------------------------ tests/requirements.txt | 25 ++-------------------- 8 files changed, 50 insertions(+), 83 deletions(-) create mode 100644 .github/scripts/requirements.txt diff --git a/.github/scripts/requirements.txt b/.github/scripts/requirements.txt new file mode 100644 index 0000000000..f94a9d93a8 --- /dev/null +++ b/.github/scripts/requirements.txt @@ -0,0 +1,8 @@ +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl + +cmakelang == 0.6.13 +codespell == 2.4.1 +pytype == 2024.10.11 +ruff == 0.11.9 diff --git a/.github/workflows/checksrc.yml b/.github/workflows/checksrc.yml index a0ff120bec..5aca2f941a 100644 --- a/.github/workflows/checksrc.yml +++ b/.github/workflows/checksrc.yml @@ -55,18 +55,15 @@ jobs: env: DEBIAN_FRONTEND: noninteractive run: | - sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list - sudo apt-get -o Dpkg::Use-Pty=0 update - sudo rm -f /var/lib/man-db/auto-update - sudo apt-get -o Dpkg::Use-Pty=0 install \ - python3-pip python3-networkx python3-pydot python3-yaml \ - python3-toml python3-markupsafe python3-jinja2 python3-tabulate \ - python3-typing-extensions python3-libcst python3-impacket \ - python3-websockets python3-pytest python3-filelock python3-pytest-xdist - python3 -m pip install --break-system-packages cmakelang==0.6.13 pytype==2024.10.11 ruff==0.11.9 codespell==2.4.1 + python3 -m venv ~/venv + ~/venv/bin/pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary \ + -r .github/scripts/requirements.txt \ + -r tests/http/requirements.txt \ + -r tests/requirements.txt - name: 'codespell' run: | + source ~/venv/bin/activate codespell --version .github/scripts/codespell.sh @@ -78,13 +75,19 @@ jobs: .github/scripts/typos.sh - name: 'cmakelint' - run: scripts/cmakelint.sh + run: | + source ~/venv/bin/activate + scripts/cmakelint.sh - name: 'pytype' - run: find . -name '*.py' -exec pytype -j auto -k {} + + run: | + source ~/venv/bin/activate + find . -name '*.py' -exec pytype -j auto -k {} + - name: 'ruff' - run: scripts/pythonlint.sh + run: | + source ~/venv/bin/activate + scripts/pythonlint.sh reuse: name: 'REUSE' diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index 61164913ad..019790b68e 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -512,7 +512,6 @@ jobs: libpsl-dev libbrotli-dev libzstd-dev zlib1g-dev libidn2-0-dev libldap-dev libuv1-dev \ ${INSTALL_PACKAGES} \ ${MATRIX_INSTALL_PACKAGES} - python3 -m venv ~/venv echo 'CC=gcc-12' >> "$GITHUB_ENV" echo 'CXX=g++-12' >> "$GITHUB_ENV" @@ -726,8 +725,8 @@ jobs: - name: 'install test prereqs' if: ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') }} run: | - source ~/venv/bin/activate - python3 -m pip install -r tests/requirements.txt + python3 -m venv ~/venv + ~/venv/bin/pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary -r tests/requirements.txt - name: 'run tests' if: ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') }} @@ -744,8 +743,8 @@ jobs: - name: 'install pytest prereqs' if: ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') }} run: | - source ~/venv/bin/activate - python3 -m pip install -r tests/http/requirements.txt + [ -d ~/venv ] || python3 -m venv ~/venv + ~/venv/bin/pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary -r tests/http/requirements.txt - name: 'run pytest event based' if: ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') }} diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 4f16438267..556ff8df1e 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -321,8 +321,9 @@ jobs: libpsl-dev zlib1g-dev libbrotli-dev libzstd-dev \ ${INSTALL_PACKAGES} \ ${MATRIX_INSTALL_PACKAGES} - [ -n "${INSTALL_PACKAGES_BREW}" ] && /home/linuxbrew/.linuxbrew/bin/brew install ${INSTALL_PACKAGES_BREW} - python3 -m venv ~/venv + if [ -n "${INSTALL_PACKAGES_BREW}" ]; then + /home/linuxbrew/.linuxbrew/bin/brew install ${INSTALL_PACKAGES_BREW} + fi - name: 'install prereqs' if: ${{ contains(matrix.build.name, 'i686') }} @@ -335,7 +336,6 @@ jobs: libtool autoconf automake pkgconf stunnel4 \ libpsl-dev:i386 libbrotli-dev:i386 libzstd-dev:i386 \ ${MATRIX_INSTALL_PACKAGES} - python3 -m venv ~/venv - name: 'install dependencies' if: ${{ startsWith(matrix.build.container, 'alpine') }} @@ -657,8 +657,8 @@ jobs: - name: 'install test prereqs' if: ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') && matrix.build.container == null }} run: | - [ -x ~/venv/bin/activate ] && source ~/venv/bin/activate - python3 -m pip install -r tests/requirements.txt + python3 -m venv ~/venv + ~/venv/bin/pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary -r tests/requirements.txt - name: 'run tests' if: ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') }} @@ -675,7 +675,7 @@ jobs: fi fi fi - [ -x ~/venv/bin/activate ] && source ~/venv/bin/activate + [ -f ~/venv/bin/activate ] && source ~/venv/bin/activate if [[ "${MATRIX_INSTALL_STEPS}" = *'codeset-test'* ]]; then locale || true export LC_ALL=C @@ -691,8 +691,8 @@ jobs: - name: 'install pytest prereqs' if: ${{ contains(matrix.build.install_steps, 'pytest') }} run: | - [ -x ~/venv/bin/activate ] && source ~/venv/bin/activate - python3 -m pip install -r tests/http/requirements.txt + [ -d ~/venv ] || python3 -m venv ~/venv + ~/venv/bin/pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary -r tests/http/requirements.txt - name: 'run pytest' if: ${{ contains(matrix.build.install_steps, 'pytest') }} @@ -700,7 +700,7 @@ jobs: PYTEST_ADDOPTS: '--color=yes' PYTEST_XDIST_AUTO_NUM_WORKERS: 4 run: | - [ -x ~/venv/bin/activate ] && source ~/venv/bin/activate + [ -f ~/venv/bin/activate ] && source ~/venv/bin/activate if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake --build bld --verbose --target curl-pytest-ci else diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index c111eaf419..88b7ee8800 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -489,8 +489,7 @@ jobs: if: ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') }} run: | python3 -m venv ~/venv - source ~/venv/bin/activate - python3 -m pip install -r tests/requirements.txt + ~/venv/bin/pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary -r tests/requirements.txt - name: 'run tests' if: ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') }} @@ -517,8 +516,8 @@ jobs: - name: 'install pytest prereqs' if: ${{ contains(matrix.build.install_steps, 'pytest') }} run: | - source ~/venv/bin/activate - python3 -m pip install -r tests/http/requirements.txt + [ -d ~/venv ] || python3 -m venv ~/venv + ~/venv/bin/pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary -r tests/http/requirements.txt - name: 'run pytest' if: ${{ contains(matrix.build.install_steps, 'pytest') }} diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index 0f802b6902..e5d66ccc87 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -658,7 +658,7 @@ jobs: timeout-minutes: 5 run: | /c/ProgramData/chocolatey/choco.exe install --yes --no-progress --limit-output --timeout 180 --force stunnel || true - python3 -m pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary impacket + python3 -m pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary -r tests/requirements.txt perl --version | tee "$GITHUB_WORKSPACE"/perlversion - name: 'cache perl packages' @@ -1051,7 +1051,7 @@ jobs: fi /c/ProgramData/chocolatey/choco.exe install --yes --no-progress --limit-output --timeout 180 --force stunnel || true if [ "${MATRIX_IMAGE}" != 'windows-11-arm' ]; then # save 30-60 seconds, to counteract the slower test run step - python3 -m pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary impacket + python3 -m pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary -r tests/requirements.txt fi perl --version | tee "$GITHUB_WORKSPACE"/perlversion diff --git a/tests/http/requirements.txt b/tests/http/requirements.txt index c879605608..8dddcd1e1c 100644 --- a/tests/http/requirements.txt +++ b/tests/http/requirements.txt @@ -1,31 +1,10 @@ -# -*- coding: utf-8 -*- -#*************************************************************************** -# _ _ ____ _ -# Project ___| | | | _ \| | -# / __| | | | |_) | | -# | (__| |_| | _ <| |___ -# \___|\___/|_| \_\_____| -# # Copyright (C) Daniel Stenberg, , et al. # -# This software is licensed as described in the file COPYING, which -# you should have received as part of this distribution. The terms -# are also available at https://curl.se/docs/copyright.html. -# -# You may opt to use, copy, modify, merge, publish, distribute and/or sell -# copies of the Software, and permit persons to whom the Software is -# furnished to do so, under the terms of the COPYING file. -# -# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY -# KIND, either express or implied. -# # SPDX-License-Identifier: curl -# -########################################################################### -# -pytest -cryptography -filelock -websockets -psutil -pytest-xdist + +cryptography == 42.0.8 +filelock == 3.19.1 +psutil == 7.1.0 +pytest == 8.4.2 +pytest-xdist == 3.8.0 +websockets == 15.0.1 diff --git a/tests/requirements.txt b/tests/requirements.txt index 706043ac39..dab4784c5f 100644 --- a/tests/requirements.txt +++ b/tests/requirements.txt @@ -1,26 +1,5 @@ -# -*- coding: utf-8 -*- -#*************************************************************************** -# _ _ ____ _ -# Project ___| | | | _ \| | -# / __| | | | |_) | | -# | (__| |_| | _ <| |___ -# \___|\___/|_| \_\_____| -# # Copyright (C) Daniel Stenberg, , et al. # -# This software is licensed as described in the file COPYING, which -# you should have received as part of this distribution. The terms -# are also available at https://curl.se/docs/copyright.html. -# -# You may opt to use, copy, modify, merge, publish, distribute and/or sell -# copies of the Software, and permit persons to whom the Software is -# furnished to do so, under the terms of the COPYING file. -# -# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY -# KIND, either express or implied. -# # SPDX-License-Identifier: curl -# -########################################################################### -# -impacket + +impacket == 0.12.0 From c9fce97dcb190eac5591ecab683d49ffd30b1c71 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Thu, 25 Sep 2025 10:42:24 +0200 Subject: [PATCH 0166/2408] cf-h2-proxy: break loop on edge case nghttp2 always consumes the memory, but be safe in case it ever decideds to not to. Fixes J2 Reported in Joshua's sarif data Closes #18715 --- lib/cf-h2-proxy.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/lib/cf-h2-proxy.c b/lib/cf-h2-proxy.c index d67bbd55ad..17a15c1d2a 100644 --- a/lib/cf-h2-proxy.c +++ b/lib/cf-h2-proxy.c @@ -433,6 +433,11 @@ static int proxy_h2_process_pending_input(struct Curl_cfilter *cf, *err = CURLE_RECV_ERROR; return -1; } + else if(!rv) { + /* nghttp2 does not want to process more, but has no error. This + * probably cannot happen, but be safe. */ + break; + } Curl_bufq_skip(&ctx->inbufq, (size_t)rv); if(Curl_bufq_is_empty(&ctx->inbufq)) { CURL_TRC_CF(data, cf, "[0] all data in connection buffer processed"); From 20d1c6e92ebb19a78e9b6848a210cac15cc14540 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 25 Sep 2025 10:35:40 +0200 Subject: [PATCH 0167/2408] socks_gssapi: remove superfluous releases of the gss_recv_token Reported in Joshua's sarif data Closes #18714 --- lib/socks_gssapi.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/lib/socks_gssapi.c b/lib/socks_gssapi.c index 0aa6f7245f..a88b6f7b75 100644 --- a/lib/socks_gssapi.c +++ b/lib/socks_gssapi.c @@ -199,7 +199,6 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, /* the size needs to fit in a 16 bit field */ (gss_send_token.length > 0xffff)) { gss_release_name(&gss_status, &server); - gss_release_buffer(&gss_status, &gss_recv_token); gss_release_buffer(&gss_status, &gss_send_token); Curl_gss_delete_sec_context(&gss_status, &gss_context, NULL); failf(data, "Failed to initial GSS-API token."); @@ -217,7 +216,6 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, if(code || (nwritten != 4)) { failf(data, "Failed to send GSS-API authentication request."); gss_release_name(&gss_status, &server); - gss_release_buffer(&gss_status, &gss_recv_token); gss_release_buffer(&gss_status, &gss_send_token); Curl_gss_delete_sec_context(&gss_status, &gss_context, NULL); return CURLE_COULDNT_CONNECT; @@ -229,7 +227,6 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, if(code || (gss_send_token.length != nwritten)) { failf(data, "Failed to send GSS-API authentication token."); gss_release_name(&gss_status, &server); - gss_release_buffer(&gss_status, &gss_recv_token); gss_release_buffer(&gss_status, &gss_send_token); Curl_gss_delete_sec_context(&gss_status, &gss_context, NULL); return CURLE_COULDNT_CONNECT; @@ -238,7 +235,6 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, } gss_release_buffer(&gss_status, &gss_send_token); - gss_release_buffer(&gss_status, &gss_recv_token); if(gss_major_status != GSS_S_CONTINUE_NEEDED) break; From 8e13e4258373e8f58f269f62f38637302a46f8f1 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 25 Sep 2025 08:48:20 +0000 Subject: [PATCH 0168/2408] GHA: update dependency ruff to v0.13.1 --- .github/scripts/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/scripts/requirements.txt b/.github/scripts/requirements.txt index f94a9d93a8..dd66a5ef45 100644 --- a/.github/scripts/requirements.txt +++ b/.github/scripts/requirements.txt @@ -5,4 +5,4 @@ cmakelang == 0.6.13 codespell == 2.4.1 pytype == 2024.10.11 -ruff == 0.11.9 +ruff == 0.13.1 From 6796147910168476a5ca9c22fbf297e544b577a7 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 25 Sep 2025 11:53:47 +0200 Subject: [PATCH 0169/2408] GHA/checksrc: run `reuse` directly, merge into the linters workflow To eliminate dependencies on an Action, Docker Hub and to simplify. Closes #18721 --- .github/scripts/requirements.txt | 1 + .github/workflows/checksrc.yml | 20 +++++++------------- 2 files changed, 8 insertions(+), 13 deletions(-) diff --git a/.github/scripts/requirements.txt b/.github/scripts/requirements.txt index dd66a5ef45..5e876b0cb2 100644 --- a/.github/scripts/requirements.txt +++ b/.github/scripts/requirements.txt @@ -5,4 +5,5 @@ cmakelang == 0.6.13 codespell == 2.4.1 pytype == 2024.10.11 +reuse == 5.1.1 ruff == 0.13.1 diff --git a/.github/workflows/checksrc.yml b/.github/workflows/checksrc.yml index 5aca2f941a..59fc930fa7 100644 --- a/.github/workflows/checksrc.yml +++ b/.github/workflows/checksrc.yml @@ -43,8 +43,8 @@ jobs: - name: 'check' run: scripts/checksrc-all.pl - spellcheck-cmakelint-pytype-ruff: - name: 'spellcheck, cmakelint, pytype, ruff' + linters: + name: 'spellcheck, linters, REUSE' runs-on: ubuntu-latest steps: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 @@ -61,6 +61,11 @@ jobs: -r tests/http/requirements.txt \ -r tests/requirements.txt + - name: 'REUSE check' + run: | + source ~/venv/bin/activate + reuse lint + - name: 'codespell' run: | source ~/venv/bin/activate @@ -89,17 +94,6 @@ jobs: source ~/venv/bin/activate scripts/pythonlint.sh - reuse: - name: 'REUSE' - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 - with: - persist-credentials: false - - - name: 'check' - uses: fsfe/reuse-action@bb774aa972c2a89ff34781233d275075cbddf542 # v5 - complexity: name: 'complexity' runs-on: ubuntu-latest From 943166fed3d1b8ce6a73b6a1de5de5338dda1428 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 25 Sep 2025 11:30:24 +0200 Subject: [PATCH 0170/2408] socks_sspi: bail out on too long fields A probably unnecessary precaution but since the field sizes are 16 bit in the protocol this makes sure to fail if they would ever be larger as that would go wrong. Reported in Joshua's sarif data Closes #18719 --- lib/socks_sspi.c | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/lib/socks_sspi.c b/lib/socks_sspi.c index 6afc3eac34..16e22d1f39 100644 --- a/lib/socks_sspi.c +++ b/lib/socks_sspi.c @@ -193,6 +193,11 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, if(sspi_send_token.cbBuffer) { socksreq[0] = 1; /* GSS-API subnegotiation version */ socksreq[1] = 1; /* authentication message type */ + if(sspi_send_token.cbBuffer > 0xffff) { + /* needs to fit in an unsigned 16 bit field */ + result = CURLE_COULDNT_CONNECT; + goto error; + } us_length = htons((unsigned short)sspi_send_token.cbBuffer); memcpy(socksreq + 2, &us_length, sizeof(short)); @@ -399,9 +404,13 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, goto error; } - etbuf_size = sspi_w_token[0].cbBuffer + - sspi_w_token[1].cbBuffer + - sspi_w_token[2].cbBuffer; + etbuf_size = sspi_w_token[0].cbBuffer + sspi_w_token[1].cbBuffer + + sspi_w_token[2].cbBuffer; + if(etbuf_size > 0xffff) { + /* needs to fit in an unsigned 16 bit field */ + result = CURLE_COULDNT_CONNECT; + goto error; + } etbuf = malloc(etbuf_size); if(!etbuf) { result = CURLE_OUT_OF_MEMORY; From b3fc692568ad3f01528e726223126e3fe870b1c1 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Fri, 8 Aug 2025 12:15:25 +0200 Subject: [PATCH 0171/2408] lib: upgrade/multiplex handling Improvements around HTTP Upgrade: and multiplex hanndling: * add `Curl_conn_set_multiplex()` to set connection's multiplex bit and trigger "connchanged" events * call `Curl_conn_set_multiplex()` in filters' `CF_CTRL_CONN_INFO_UPDATE` implementation where other connection properties are updated. This prevents connection updates before the final filter chain is chosen. * rename enum `UPGR101_INIT` to `UPGR101_NONE` * rename connection bit `asks_multiplex` to `upgrade_in_progress` * trigger "connchanged" when `upgrade_in_progress` clears * rename `WebSockets` to `WebSocket` as it is the common term used in documentation Closes #18227 --- lib/connect.c | 10 ++++++ lib/connect.h | 3 ++ lib/curl_config.h.cmake | 2 +- lib/http.c | 71 ++++++++++++++++++++++------------------- lib/http2.c | 27 +++++++++------- lib/request.c | 2 +- lib/request.h | 7 ++-- lib/url.c | 5 +-- lib/urldata.h | 2 +- lib/vquic/curl_ngtcp2.c | 5 +-- lib/vquic/curl_osslq.c | 7 ++-- lib/vquic/curl_quiche.c | 7 ++-- lib/ws.c | 7 ++-- 13 files changed, 90 insertions(+), 65 deletions(-) diff --git a/lib/connect.c b/lib/connect.c index f0628d6206..1182a42d31 100644 --- a/lib/connect.c +++ b/lib/connect.c @@ -621,3 +621,13 @@ out: Curl_resolv_unlink(data, &data->state.dns[sockindex]); return result; } + +void Curl_conn_set_multiplex(struct connectdata *conn) +{ + if(!conn->bits.multiplex) { + conn->bits.multiplex = TRUE; + if(conn->attached_multi) { + Curl_multi_connchanged(conn->attached_multi); + } + } +} diff --git a/lib/connect.h b/lib/connect.h index 6a2487ff53..cb185b2c57 100644 --- a/lib/connect.h +++ b/lib/connect.h @@ -123,6 +123,9 @@ CURLcode Curl_conn_setup(struct Curl_easy *data, struct Curl_dns_entry *dns, int ssl_mode); +/* Set conn to allow multiplexing. */ +void Curl_conn_set_multiplex(struct connectdata *conn); + extern struct Curl_cftype Curl_cft_setup; #endif /* HEADER_CURL_CONNECT_H */ diff --git a/lib/curl_config.h.cmake b/lib/curl_config.h.cmake index 30183c2009..bc8c1cd487 100644 --- a/lib/curl_config.h.cmake +++ b/lib/curl_config.h.cmake @@ -148,7 +148,7 @@ /* disables SMTP */ #cmakedefine CURL_DISABLE_SMTP 1 -/* disabled WebSockets */ +/* disabled WebSocket */ #cmakedefine CURL_DISABLE_WEBSOCKETS 1 /* disables use of socketpair for curl_multi_poll */ diff --git a/lib/http.c b/lib/http.c index e01de6f477..ce31e6dff0 100644 --- a/lib/http.c +++ b/lib/http.c @@ -2289,7 +2289,7 @@ static CURLcode addexpect(struct Curl_easy *data, struct dynbuf *r, *announced_exp100 = FALSE; /* Avoid Expect: 100-continue if Upgrade: is used */ - if(data->req.upgr101 != UPGR101_INIT) + if(data->req.upgr101 != UPGR101_NONE) return CURLE_OK; /* For really small puts we do not use Expect: headers at all, and for @@ -2622,6 +2622,7 @@ static CURLcode http_check_new_conn(struct Curl_easy *data) info_version = "HTTP/2"; /* There is no ALPN here, but the connection is now definitely h2 */ conn->httpversion_seen = 20; + Curl_conn_set_multiplex(conn); } else info_version = "HTTP/1.x"; @@ -3571,10 +3572,6 @@ static CURLcode http_statusline(struct Curl_easy *data, infof(data, "HTTP 1.0, assume close after body"); connclose(conn, "HTTP/1.0 close after body"); } - else if(k->httpversion == 20 || - (k->upgr101 == UPGR101_H2 && k->httpcode == 101)) { - DEBUGF(infof(data, "HTTP/2 found, allow multiplexing")); - } k->http_bodyless = k->httpcode >= 100 && k->httpcode < 200; switch(k->httpcode) { @@ -3717,6 +3714,7 @@ static CURLcode http_on_response(struct Curl_easy *data, struct connectdata *conn = data->conn; CURLcode result = CURLE_OK; struct SingleRequest *k = &data->req; + bool conn_changed = FALSE; (void)buf; /* not used without HTTP2 enabled */ *pconsumed = 0; @@ -3757,47 +3755,54 @@ static CURLcode http_on_response(struct Curl_easy *data, */ http_exp100_got100(data); break; - case 101: - /* Switching Protocols only allowed from HTTP/1.1 */ + case 101: { + int upgr101_requested = k->upgr101; + if(k->httpversion_sent != 11) { /* invalid for other HTTP versions */ - failf(data, "unexpected 101 response code"); + failf(data, "server sent 101 response while not talking HTTP/1.1"); result = CURLE_WEIRD_SERVER_REPLY; goto out; } - if(k->upgr101 == UPGR101_H2) { - /* Switching to HTTP/2, where we will get more responses */ + + /* Whatever the success, upgrade was selected. */ + k->upgr101 = UPGR101_RECEIVED; + data->conn->bits.upgrade_in_progress = FALSE; + conn_changed = TRUE; + + /* To be fully conform, we would check the "Upgrade:" response header + * to mention the protocol we requested. */ + switch(upgr101_requested) { + case UPGR101_H2: + /* Switch to HTTP/2, where we will get more responses. + * blen bytes in bug are already h2 protocol bytes */ infof(data, "Received 101, Switching to HTTP/2"); - k->upgr101 = UPGR101_RECEIVED; - data->conn->bits.asks_multiplex = FALSE; - /* We expect more response from HTTP/2 later */ - k->header = TRUE; - k->headerline = 0; /* restart the header line counter */ - k->httpversion_sent = 20; /* It's an HTTP/2 request now */ - /* Any remaining `buf` bytes are already HTTP/2 and passed to - * be processed. */ result = Curl_http2_upgrade(data, conn, FIRSTSOCKET, buf, blen); if(result) goto out; *pconsumed += blen; - } + break; #ifndef CURL_DISABLE_WEBSOCKETS - else if(k->upgr101 == UPGR101_WS) { - /* verify the response. Any passed `buf` bytes are already in - * WebSockets format and taken in by the protocol handler. */ + case UPGR101_WS: + /* Switch to WebSocket, where we now stream ws frames. + * blen bytes in bug are already ws protocol bytes */ + infof(data, "Received 101, Switching to WebSocket"); result = Curl_ws_accept(data, buf, blen); if(result) goto out; *pconsumed += blen; /* ws accept handled the data */ - } + break; #endif - else { + default: /* We silently accept this as the final response. What are we * switching to if we did not ask for an Upgrade? Maybe the * application provided an `Upgrade: xxx` header? */ k->header = FALSE; + break; } + /* processed 101 */ break; + } default: /* The server may send us other 1xx responses, like informative * 103. This have no influence on request processing and we expect @@ -3809,12 +3814,10 @@ static CURLcode http_on_response(struct Curl_easy *data, /* k->httpcode >= 200, final response */ k->header = FALSE; - - if(k->upgr101 == UPGR101_H2) { - /* A requested upgrade was denied, poke the multi handle to possibly - allow a pending pipewait to continue */ - data->conn->bits.asks_multiplex = FALSE; - Curl_multi_connchanged(data->multi); + if(data->conn->bits.upgrade_in_progress) { + /* Asked for protocol upgrade, but it was not selected by the server */ + data->conn->bits.upgrade_in_progress = FALSE; + conn_changed = TRUE; } if((k->size == -1) && !k->chunk && !conn->bits.close && @@ -3863,9 +3866,9 @@ static CURLcode http_on_response(struct Curl_easy *data, #endif #ifndef CURL_DISABLE_WEBSOCKETS - /* All >=200 HTTP status codes are errors when wanting WebSockets */ + /* All >=200 HTTP status codes are errors when wanting WebSocket */ if(data->req.upgr101 == UPGR101_WS) { - failf(data, "Refused WebSockets upgrade: %d", k->httpcode); + failf(data, "Refused WebSocket upgrade: %d", k->httpcode); result = CURLE_HTTP_RETURNED_ERROR; goto out; } @@ -3985,6 +3988,10 @@ out: result = Curl_1st_err( result, http_write_header(data, last_hd, last_hd_len)); } + if(conn_changed) { + /* poke the multi handle to allow any pending pipewait to retry now */ + Curl_multi_connchanged(data->multi); + } return result; } diff --git a/lib/http2.c b/lib/http2.c index e2cdc9181f..c526bf0fa4 100644 --- a/lib/http2.c +++ b/lib/http2.c @@ -1829,7 +1829,7 @@ CURLcode Curl_http2_request_upgrade(struct dynbuf *req, free(base64); k->upgr101 = UPGR101_H2; - data->conn->bits.asks_multiplex = TRUE; + data->conn->bits.upgrade_in_progress = TRUE; return result; } @@ -2696,6 +2696,12 @@ static CURLcode cf_h2_cntrl(struct Curl_cfilter *cf, case CF_CTRL_DATA_DONE: http2_data_done(cf, data); break; + case CF_CTRL_CONN_INFO_UPDATE: + if(!cf->sockindex && cf->connected) { + cf->conn->httpversion_seen = 20; + Curl_conn_set_multiplex(cf->conn); + } + break; default: break; } @@ -2895,9 +2901,6 @@ CURLcode Curl_http2_switch(struct Curl_easy *data) return result; CURL_TRC_CF(data, cf, "switching connection to HTTP/2"); - data->conn->bits.multiplex = TRUE; /* at least potentially multiplexed */ - Curl_multi_connchanged(data->multi); - if(cf->next) { bool done; return Curl_conn_cf_connect(cf, data, &done); @@ -2917,8 +2920,6 @@ CURLcode Curl_http2_switch_at(struct Curl_cfilter *cf, struct Curl_easy *data) return result; cf_h2 = cf->next; - cf->conn->bits.multiplex = TRUE; /* at least potentially multiplexed */ - Curl_multi_connchanged(data->multi); if(cf_h2->next) { bool done; @@ -2936,7 +2937,6 @@ CURLcode Curl_http2_upgrade(struct Curl_easy *data, CURLcode result; DEBUGASSERT(Curl_conn_http_version(data, conn) < 20); - DEBUGASSERT(data->req.upgr101 == UPGR101_RECEIVED); result = http2_cfilter_add(&cf, data, conn, sockindex, TRUE); if(result) @@ -2946,6 +2946,10 @@ CURLcode Curl_http2_upgrade(struct Curl_easy *data, DEBUGASSERT(cf->cft == &Curl_cft_nghttp2); ctx = cf->ctx; + data->req.httpversion_sent = 20; /* it is an h2 request now */ + data->req.header = TRUE; /* we expect the real response to come in h2 */ + data->req.headerline = 0; /* restart the header line counter */ + if(nread > 0) { /* Remaining data from the protocol switch reply is already using * the switched protocol, ie. HTTP/2. We add that to the network @@ -2968,14 +2972,13 @@ CURLcode Curl_http2_upgrade(struct Curl_easy *data, " after upgrade: len=%zu", nread); } - conn->bits.multiplex = TRUE; /* at least potentially multiplexed */ - Curl_multi_connchanged(data->multi); - if(cf->next) { bool done; - return Curl_conn_cf_connect(cf, data, &done); + result = Curl_conn_cf_connect(cf, data, &done); + if(!result) + cf->cft->cntrl(cf, data, CF_CTRL_CONN_INFO_UPDATE, 0, NULL); } - return CURLE_OK; + return result; } /* Only call this function for a transfer that already got an HTTP/2 diff --git a/lib/request.c b/lib/request.c index 8751ada559..2d5ad95212 100644 --- a/lib/request.c +++ b/lib/request.c @@ -139,7 +139,7 @@ void Curl_req_hard_reset(struct SingleRequest *req, struct Curl_easy *data) req->offset = 0; req->httpcode = 0; req->keepon = 0; - req->upgr101 = UPGR101_INIT; + req->upgr101 = UPGR101_NONE; req->sendbuf_hds_len = 0; req->timeofdoc = 0; req->location = NULL; diff --git a/lib/request.h b/lib/request.h index bce34de8ba..e12d5efdcb 100644 --- a/lib/request.h +++ b/lib/request.h @@ -42,11 +42,10 @@ enum expect100 { }; enum upgrade101 { - UPGR101_INIT, /* default state */ - UPGR101_WS, /* upgrade to WebSockets requested */ + UPGR101_NONE, /* default state */ + UPGR101_WS, /* upgrade to WebSocket requested */ UPGR101_H2, /* upgrade to HTTP/2 requested */ - UPGR101_RECEIVED, /* 101 response received */ - UPGR101_WORKING /* talking upgraded protocol */ + UPGR101_RECEIVED /* 101 response received */ }; diff --git a/lib/url.c b/lib/url.c index 6af2b7fb8b..41a63890e6 100644 --- a/lib/url.c +++ b/lib/url.c @@ -907,8 +907,8 @@ static bool url_match_fully_connected(struct connectdata *conn, struct url_conn_match *m) { if(!Curl_conn_is_connected(conn, FIRSTSOCKET) || - conn->bits.asks_multiplex) { - /* Not yet connected, or not yet decided if it multiplexes. The later + conn->bits.upgrade_in_progress) { + /* Not yet connected, or a protocol upgrade is in progress. The later * happens for HTTP/2 Upgrade: requests that need a response. */ if(m->may_multiplex) { m->seen_pending_conn = TRUE; @@ -1268,6 +1268,7 @@ static bool url_match_conn(struct connectdata *conn, void *userdata) if(!url_match_connect_config(conn, m)) return FALSE; + /* match for destination and protocol? */ if(!url_match_destination(conn, m)) return FALSE; diff --git a/lib/urldata.h b/lib/urldata.h index b2e83c4a0e..3c7e634b00 100644 --- a/lib/urldata.h +++ b/lib/urldata.h @@ -389,7 +389,7 @@ struct ConnectBits { #endif BIT(bound); /* set true if bind() has already been done on this socket/ connection */ - BIT(asks_multiplex); /* connection asks for multiplexing, but is not yet */ + BIT(upgrade_in_progress); /* protocol upgrade is in progress */ BIT(multiplex); /* connection is multiplexed */ BIT(tcp_fastopen); /* use TCP Fast Open */ BIT(tls_enable_alpn); /* TLS ALPN extension? */ diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index f902c190ef..0e05694992 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -464,7 +464,6 @@ static int cf_ngtcp2_handshake_completed(ngtcp2_conn *tconn, void *user_data) ctx->handshake_at = curlx_now(); ctx->tls_handshake_complete = TRUE; - cf->conn->bits.multiplex = TRUE; /* at least potentially multiplexed */ Curl_vquic_report_handshake(&ctx->tls, cf, data); ctx->tls_vrfy_result = Curl_vquic_tls_verify_peer(&ctx->tls, cf, @@ -1989,8 +1988,10 @@ static CURLcode cf_ngtcp2_cntrl(struct Curl_cfilter *cf, break; } case CF_CTRL_CONN_INFO_UPDATE: - if(!cf->sockindex && cf->connected) + if(!cf->sockindex && cf->connected) { cf->conn->httpversion_seen = 30; + Curl_conn_set_multiplex(cf->conn); + } break; default: break; diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c index c292072a65..5e9b072736 100644 --- a/lib/vquic/curl_osslq.c +++ b/lib/vquic/curl_osslq.c @@ -564,9 +564,6 @@ static CURLcode cf_osslq_verify_peer(struct Curl_cfilter *cf, struct Curl_easy *data) { struct cf_osslq_ctx *ctx = cf->ctx; - - cf->conn->bits.multiplex = TRUE; /* at least potentially multiplexed */ - return Curl_vquic_tls_verify_peer(&ctx->tls, cf, data, &ctx->peer); } @@ -2205,8 +2202,10 @@ static CURLcode cf_osslq_cntrl(struct Curl_cfilter *cf, break; } case CF_CTRL_CONN_INFO_UPDATE: - if(!cf->sockindex && cf->connected) + if(!cf->sockindex && cf->connected) { cf->conn->httpversion_seen = 30; + Curl_conn_set_multiplex(cf->conn); + } break; default: break; diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c index b88b4e97bd..523f04e33b 100644 --- a/lib/vquic/curl_quiche.c +++ b/lib/vquic/curl_quiche.c @@ -1234,8 +1234,10 @@ static CURLcode cf_quiche_cntrl(struct Curl_cfilter *cf, break; } case CF_CTRL_CONN_INFO_UPDATE: - if(!cf->sockindex && cf->connected) + if(!cf->sockindex && cf->connected) { cf->conn->httpversion_seen = 30; + Curl_conn_set_multiplex(cf->conn); + } break; default: break; @@ -1350,9 +1352,6 @@ static CURLcode cf_quiche_verify_peer(struct Curl_cfilter *cf, struct Curl_easy *data) { struct cf_quiche_ctx *ctx = cf->ctx; - - cf->conn->bits.multiplex = TRUE; /* at least potentially multiplexed */ - return Curl_vquic_tls_verify_peer(&ctx->tls, cf, data, &ctx->peer); } diff --git a/lib/ws.c b/lib/ws.c index b6ab28a35a..6a265fccc7 100644 --- a/lib/ws.c +++ b/lib/ws.c @@ -582,7 +582,7 @@ static void update_meta(struct websocket *ws, ws->recvframe.bytesleft = bytesleft; } -/* WebSockets decoding client writer */ +/* WebSocket decoding client writer */ struct ws_cw_ctx { struct Curl_cwriter super; struct bufq buf; @@ -1268,6 +1268,7 @@ CURLcode Curl_ws_request(struct Curl_easy *data, struct dynbuf *req) } data->state.http_hd_upgrade = TRUE; k->upgr101 = UPGR101_WS; + data->conn->bits.upgrade_in_progress = TRUE; return result; } @@ -1359,6 +1360,8 @@ CURLcode Curl_ws_accept(struct Curl_easy *data, goto out; ws_dec_writer = NULL; /* owned by transfer now */ + k->header = FALSE; /* we will not get more response headers */ + if(data->set.connect_only) { size_t nwritten; /* In CONNECT_ONLY setup, the payloads from `mem` need to be received @@ -1806,7 +1809,7 @@ out: static CURLcode ws_setup_conn(struct Curl_easy *data, struct connectdata *conn) { - /* WebSockets is 1.1 only (for now) */ + /* WebSocket is 1.1 only (for now) */ data->state.http_neg.accept_09 = FALSE; data->state.http_neg.only_10 = FALSE; data->state.http_neg.wanted = CURL_HTTP_V1x; From ccd2b03b0d32536c909ca056ba84216b3c5efaf5 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Tue, 26 Aug 2025 15:54:32 +0200 Subject: [PATCH 0172/2408] socks: rewwork, cleaning up socks state handling Restructured the code in the following ways: * add terminal states SUCCESS and FAILED * split SOCK4 and SOCK5 states to be more clear * use `bufq` for send/recv of SOCK messages * reduce SOCKS4 states, more speaking names * for most states, move code into static function * reduce SOCKS5 states, more speaking names * add helpers for traversing to FAILED state * add helper to flush bufq * add hepler to read minimum amount into bufq Closes #18401 --- lib/bufq.h | 2 +- lib/socks.c | 1795 +++++++++++++++++++++------------------- tests/libtest/lib564.c | 6 + 3 files changed, 970 insertions(+), 833 deletions(-) diff --git a/lib/bufq.h b/lib/bufq.h index 7cd1826a95..ad8e6435fa 100644 --- a/lib/bufq.h +++ b/lib/bufq.h @@ -225,7 +225,7 @@ typedef CURLcode Curl_bufq_reader(void *reader_ctx, size_t *pnread); /** - * Read date and append it to the end of the buffer queue until the + * Read bytes and append them to the end of the buffer queue until the * reader returns blocking or the queue is full. A reader returns * CURLE_AGAIN to indicate blocking. * Returns the total amount of buf read (may be 0) in `pnread` on success. diff --git a/lib/socks.c b/lib/socks.c index 4cb8619d7b..6927e32c3e 100644 --- a/lib/socks.c +++ b/lib/socks.c @@ -34,6 +34,7 @@ #endif #include "urldata.h" +#include "bufq.h" #include "sendf.h" #include "select.h" #include "cfilters.h" @@ -49,46 +50,74 @@ #include "curl_memory.h" #include "memdebug.h" +#if defined(DEBUGBUILD) && !defined(CURL_DISABLE_VERBOSE_STRINGS) +#define DEBUG_AND_VERBOSE +#endif + /* for the (SOCKS) connect state machine */ -enum connect_t { - CONNECT_INIT, - CONNECT_SOCKS_INIT, /* 1 */ - CONNECT_SOCKS_SEND, /* 2 waiting to send more first data */ - CONNECT_SOCKS_READ_INIT, /* 3 set up read */ - CONNECT_SOCKS_READ, /* 4 read server response */ - CONNECT_GSSAPI_INIT, /* 5 */ - CONNECT_AUTH_INIT, /* 6 setup outgoing auth buffer */ - CONNECT_AUTH_SEND, /* 7 send auth */ - CONNECT_AUTH_READ, /* 8 read auth response */ - CONNECT_REQ_INIT, /* 9 init SOCKS "request" */ - CONNECT_RESOLVING, /* 10 */ - CONNECT_RESOLVED, /* 11 */ - CONNECT_RESOLVE_REMOTE, /* 12 */ - CONNECT_REQ_SEND, /* 13 */ - CONNECT_REQ_SENDING, /* 14 */ - CONNECT_REQ_READ, /* 15 */ - CONNECT_REQ_READ_MORE, /* 16 */ - CONNECT_DONE /* 17 connected fine to the remote or the SOCKS proxy */ +enum socks_state_t { + SOCKS_ST_INIT, + /* SOCKS Version 4 states */ + SOCKS4_ST_START, + SOCKS4_ST_RESOLVING, + SOCKS4_ST_SEND, + SOCKS4_ST_RECV, + /* SOCKS Version 5 states */ + SOCKS5_ST_START, + SOCKS5_ST_REQ0_SEND, + SOCKS5_ST_RESP0_RECV, /* set up read */ + SOCKS5_ST_GSSAPI_INIT, + SOCKS5_ST_AUTH_INIT, /* setup outgoing auth buffer */ + SOCKS5_ST_AUTH_SEND, /* send auth */ + SOCKS5_ST_AUTH_RECV, /* read auth response */ + SOCKS5_ST_REQ1_INIT, /* init SOCKS "request" */ + SOCKS5_ST_RESOLVING, + SOCKS5_ST_REQ1_SEND, + SOCKS5_ST_RESP1_RECV, + /* Terminal states, all SOCKS versions */ + SOCKS_ST_SUCCESS, + SOCKS_ST_FAILED }; -#define CURL_SOCKS_BUF_SIZE 600 - -/* make sure we configure it not too low */ -#if CURL_SOCKS_BUF_SIZE < 600 -#error CURL_SOCKS_BUF_SIZE must be at least 600 +#ifdef DEBUG_AND_VERBOSE +static const char * const cf_socks_statename[] = { + "SOCKS_INIT", + "SOCKS4_START", + "SOCKS4_RESOLVING", + "SOCKS4_SEND", + "SOCKS4_RECV", + "SOCKS5_START", + "SOCKS5_REQ0_SEND", + "SOCKS5_RESP0_RECV", + "SOCKS5_GSSAPI_INIT", + "SOCKS5_AUTH_INIT", + "SOCKS5_AUTH_SEND", + "SOCKS5_AUTH_RECV", + "SOCKS5_REQ1_INIT", + "SOCKS5_RESOLVING", + "SOCKS5_REQ1_SEND", + "SOCKS5_RESP1_RECV", + "SOCKS_SUCCESS", + "SOCKS_FAILED" +}; #endif +#define SOCKS_CHUNK_SIZE 1024 +#define SOCKS_CHUNKS 1 + struct socks_state { - enum connect_t state; - size_t outstanding; /* send this many bytes more */ - unsigned char buffer[CURL_SOCKS_BUF_SIZE]; - unsigned char *outp; /* send from this pointer */ - + enum socks_state_t state; + struct bufq iobuf; const char *hostname; int remote_port; const char *proxy_user; const char *proxy_password; + CURLproxycode presult; + unsigned char version; + BIT(resolve_local); + BIT(start_resolving); + BIT(socks4a); }; #if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI) @@ -149,37 +178,13 @@ CURLcode Curl_blockread_all(struct Curl_cfilter *cf, static void socksstate(struct socks_state *sx, struct Curl_cfilter *cf, struct Curl_easy *data, - enum connect_t state + enum socks_state_t state #ifdef DEBUG_AND_VERBOSE , int lineno #endif ) { - enum connect_t oldstate = sx->state; -#ifdef DEBUG_AND_VERBOSE - /* synced with the state list in urldata.h */ - static const char * const socks_statename[] = { - "INIT", - "SOCKS_INIT", - "SOCKS_SEND", - "SOCKS_READ_INIT", - "SOCKS_READ", - "GSSAPI_INIT", - "AUTH_INIT", - "AUTH_SEND", - "AUTH_READ", - "REQ_INIT", - "RESOLVING", - "RESOLVED", - "RESOLVE_REMOTE", - "REQ_SEND", - "REQ_SENDING", - "REQ_READ", - "REQ_READ_MORE", - "DONE" - }; -#endif - + enum socks_state_t oldstate = sx->state; (void)cf; (void)data; if(oldstate == state) @@ -190,274 +195,209 @@ static void socksstate(struct socks_state *sx, #ifdef DEBUG_AND_VERBOSE CURL_TRC_CF(data, cf, "[%s] -> [%s] (line %d)", - socks_statename[oldstate], socks_statename[sx->state], lineno); + cf_socks_statename[oldstate], + cf_socks_statename[sx->state], lineno); #endif } -static CURLproxycode socks_state_send(struct Curl_cfilter *cf, - struct socks_state *sx, - struct Curl_easy *data, - CURLproxycode failcode, - const char *description) +static CURLproxycode socks_failed(struct socks_state *sx, + struct Curl_cfilter *cf, + struct Curl_easy *data, + CURLproxycode presult) { + sxstate(sx, cf, data, SOCKS_ST_FAILED); + sx->presult = presult; + return presult; +} + +static CURLproxycode socks_flush(struct socks_state *sx, + struct Curl_cfilter *cf, + struct Curl_easy *data, + bool *done) +{ + CURLcode result; + size_t nwritten; + + *done = FALSE; + while(!Curl_bufq_is_empty(&sx->iobuf)) { + result = Curl_cf_send_bufq(cf->next, data, &sx->iobuf, NULL, 0, + &nwritten); + if(result == CURLE_AGAIN) + return CURLPX_OK; + else if(result) { + failf(data, "Failed to send SOCKS request: %s", + curl_easy_strerror(result)); + return socks_failed(sx, cf, data, CURLPX_SEND_CONNECT); + } + } + *done = TRUE; + return CURLPX_OK; +} + +static CURLproxycode socks_recv(struct socks_state *sx, + struct Curl_cfilter *cf, + struct Curl_easy *data, + size_t min_bytes, + bool *done) +{ + CURLcode result; + size_t nread; + + *done = FALSE; + while(Curl_bufq_len(&sx->iobuf) < min_bytes) { + result = Curl_cf_recv_bufq(cf->next, data, &sx->iobuf, + min_bytes - Curl_bufq_len(&sx->iobuf), + &nread); + if(result == CURLE_AGAIN) + return CURLPX_OK; + else if(result) { + failf(data, "Failed to receive SOCKS response: %s", + curl_easy_strerror(result)); + return CURLPX_RECV_CONNECT; + } + else if(!nread) /* EOF */ + break; + } + *done = TRUE; + return CURLPX_OK; +} + +static CURLproxycode socks4_req_add_hd(struct socks_state *sx, + struct Curl_easy *data) +{ + unsigned char buf[4]; size_t nwritten; CURLcode result; - result = Curl_conn_cf_send(cf->next, data, (char *)sx->outp, - sx->outstanding, FALSE, &nwritten); - if(result) { - if(CURLE_AGAIN == result) - return CURLPX_OK; + (void)data; + buf[0] = 4; /* version (SOCKS4) */ + buf[1] = 1; /* connect */ + buf[2] = (unsigned char)((sx->remote_port >> 8) & 0xffu); /* MSB */ + buf[3] = (unsigned char)(sx->remote_port & 0xffu); /* LSB */ - failf(data, "Failed to send %s: %s", description, - curl_easy_strerror(result)); - return failcode; - } - else if(!nwritten) { - /* connection closed */ - failf(data, "connection to proxy closed"); - return CURLPX_CLOSED; - } - - DEBUGASSERT(sx->outstanding >= nwritten); - /* not done, remain in state */ - sx->outstanding -= nwritten; - sx->outp += nwritten; + result = Curl_bufq_write(&sx->iobuf, buf, 4, &nwritten); + if(result || (nwritten != 4)) + return CURLPX_SEND_REQUEST; return CURLPX_OK; } -static CURLproxycode socks_state_recv(struct Curl_cfilter *cf, - struct socks_state *sx, +static CURLproxycode socks4_req_add_user(struct socks_state *sx, + struct Curl_easy *data) +{ + CURLcode result; + size_t nwritten; + + if(sx->proxy_user) { + size_t plen = strlen(sx->proxy_user); + if(plen > 255) { + /* there is no real size limit to this field in the protocol, but + SOCKS5 limits the proxy user field to 255 bytes and it seems likely + that a longer field is either a mistake or malicious input */ + failf(data, "Too long SOCKS proxy username"); + return CURLPX_LONG_USER; + } + /* add proxy name WITH trailing zero */ + result = Curl_bufq_cwrite(&sx->iobuf, sx->proxy_user, plen + 1, + &nwritten); + if(result || (nwritten != (plen + 1))) + return CURLPX_SEND_REQUEST; + } + else { + /* empty user name */ + unsigned char b = 0; + result = Curl_bufq_write(&sx->iobuf, &b, 1, &nwritten); + if(result || (nwritten != 1)) + return CURLPX_SEND_REQUEST; + } + return CURLPX_OK; +} + +static CURLproxycode socks4_resolving(struct socks_state *sx, + struct Curl_cfilter *cf, struct Curl_easy *data, - CURLproxycode failcode, - const char *description) + bool *done) { - size_t nread; - CURLcode result; - - result = Curl_conn_cf_recv(cf->next, data, (char *)sx->outp, - sx->outstanding, &nread); - if(result) { - if(CURLE_AGAIN == result) - return CURLPX_OK; - - failf(data, "SOCKS: Failed receiving %s: %s", description, - curl_easy_strerror(result)); - return failcode; - } - else if(!nread) { - /* connection closed */ - failf(data, "connection to proxy closed"); - return CURLPX_CLOSED; - } - /* remain in reading state */ - DEBUGASSERT(sx->outstanding >= nread); - sx->outstanding -= nread; - sx->outp += nread; - return CURLPX_OK; -} - -/* -* This function logs in to a SOCKS4 proxy and sends the specifics to the final -* destination server. -* -* Reference : -* https://www.openssh.com/txt/socks4.protocol -* -* Note : -* Set protocol4a=true for "SOCKS 4A (Simple Extension to SOCKS 4 Protocol)" -* Nonsupport "Identification Protocol (RFC1413)" -*/ -static CURLproxycode do_SOCKS4(struct Curl_cfilter *cf, - struct socks_state *sx, - struct Curl_easy *data) -{ - struct connectdata *conn = cf->conn; - const bool protocol4a = - (conn->socks_proxy.proxytype == CURLPROXY_SOCKS4A); - unsigned char *socksreq = sx->buffer; - CURLcode result; - CURLproxycode presult; struct Curl_dns_entry *dns = NULL; + struct Curl_addrinfo *hp = NULL; + CURLcode result; + size_t nwritten; - switch(sx->state) { - case CONNECT_SOCKS_INIT: - /* SOCKS4 can only do IPv4, insist! */ - conn->ip_version = CURL_IPRESOLVE_V4; - CURL_TRC_CF(data, cf, "SOCKS4%s communication to%s %s:%d", - protocol4a ? "a" : "", - conn->bits.httpproxy ? " HTTP proxy" : "", - sx->hostname, sx->remote_port); + *done = FALSE; + if(sx->start_resolving) { + /* need to resolve hostname to add destination address */ + sx->start_resolving = FALSE; - /* - * Compose socks4 request - * - * Request format - * - * +----+----+----+----+----+----+----+----+----+----+....+----+ - * | VN | CD | DSTPORT | DSTIP | USERID |NULL| - * +----+----+----+----+----+----+----+----+----+----+....+----+ - * # of bytes: 1 1 2 4 variable 1 - */ - - socksreq[0] = 4; /* version (SOCKS4) */ - socksreq[1] = 1; /* connect */ - socksreq[2] = (unsigned char)((sx->remote_port >> 8) & 0xff); /* MSB */ - socksreq[3] = (unsigned char)(sx->remote_port & 0xff); /* LSB */ - - /* DNS resolve only for SOCKS4, not SOCKS4a */ - if(!protocol4a) { - result = Curl_resolv(data, sx->hostname, sx->remote_port, - cf->conn->ip_version, TRUE, &dns); - - if(result == CURLE_AGAIN) { - sxstate(sx, cf, data, CONNECT_RESOLVING); - CURL_TRC_CF(data, cf, "SOCKS4 non-blocking resolve of %s", - sx->hostname); - return CURLPX_OK; - } - else if(result) - return CURLPX_RESOLVE_HOST; - sxstate(sx, cf, data, CONNECT_RESOLVED); - goto CONNECT_RESOLVED; - } - - /* socks4a does not resolve anything locally */ - sxstate(sx, cf, data, CONNECT_REQ_INIT); - goto CONNECT_REQ_INIT; - - case CONNECT_RESOLVING: - /* check if we have the name resolved by now */ - result = Curl_resolv_check(data, &dns); - if(!dns) { - if(result) - return CURLPX_RESOLVE_HOST; + result = Curl_resolv(data, sx->hostname, sx->remote_port, + cf->conn->ip_version, TRUE, &dns); + if(result == CURLE_AGAIN) { + CURL_TRC_CF(data, cf, "SOCKS4 non-blocking resolve of %s", + sx->hostname); return CURLPX_OK; } - FALLTHROUGH(); - case CONNECT_RESOLVED: -CONNECT_RESOLVED: - { - struct Curl_addrinfo *hp = NULL; - /* - * We cannot use 'hostent' as a struct that Curl_resolv() returns. It - * returns a Curl_addrinfo pointer that may not always look the same. - */ - if(dns) { - hp = dns->addr; - - /* scan for the first IPv4 address */ - while(hp && (hp->ai_family != AF_INET)) - hp = hp->ai_next; - - if(hp) { - struct sockaddr_in *saddr_in; - char buf[64]; - Curl_printable_address(hp, buf, sizeof(buf)); - - saddr_in = (struct sockaddr_in *)(void *)hp->ai_addr; - socksreq[4] = ((unsigned char *)&saddr_in->sin_addr.s_addr)[0]; - socksreq[5] = ((unsigned char *)&saddr_in->sin_addr.s_addr)[1]; - socksreq[6] = ((unsigned char *)&saddr_in->sin_addr.s_addr)[2]; - socksreq[7] = ((unsigned char *)&saddr_in->sin_addr.s_addr)[3]; - - CURL_TRC_CF(data, cf, "SOCKS4 connect to IPv4 %s (locally resolved)", - buf); - Curl_resolv_unlink(data, &dns); /* not used anymore from now on */ - } - else - failf(data, "SOCKS4 connection to %s not supported", sx->hostname); - } - else - failf(data, "Failed to resolve \"%s\" for SOCKS4 connect.", - sx->hostname); - - if(!hp) + else if(result) return CURLPX_RESOLVE_HOST; } - FALLTHROUGH(); - case CONNECT_REQ_INIT: -CONNECT_REQ_INIT: - /* - * This is currently not supporting "Identification Protocol (RFC1413)". - */ - socksreq[8] = 0; /* ensure empty userid is null-terminated */ - if(sx->proxy_user) { - size_t plen = strlen(sx->proxy_user); - if(plen > 255) { - /* there is no real size limit to this field in the protocol, but - SOCKS5 limits the proxy user field to 255 bytes and it seems likely - that a longer field is either a mistake or malicious input */ - failf(data, "Too long SOCKS proxy username"); - return CURLPX_LONG_USER; - } - /* copy the proxy name WITH trailing zero */ - memcpy(socksreq + 8, sx->proxy_user, plen + 1); - } - - /* - * Make connection - */ - { - size_t packetsize = 9 + - strlen((char *)socksreq + 8); /* size including NUL */ - - /* If SOCKS4a, set special invalid IP address 0.0.0.x */ - if(protocol4a) { - size_t hostnamelen = 0; - socksreq[4] = 0; - socksreq[5] = 0; - socksreq[6] = 0; - socksreq[7] = 1; - /* append hostname */ - hostnamelen = strlen(sx->hostname) + 1; /* length including NUL */ - if((hostnamelen <= 255) && - (packetsize + hostnamelen < sizeof(sx->buffer))) - strcpy((char *)socksreq + packetsize, sx->hostname); - else { - failf(data, "SOCKS4: too long hostname"); - return CURLPX_LONG_HOSTNAME; - } - packetsize += hostnamelen; - } - sx->outp = socksreq; - DEBUGASSERT(packetsize <= sizeof(sx->buffer)); - sx->outstanding = packetsize; - sxstate(sx, cf, data, CONNECT_REQ_SENDING); - } - FALLTHROUGH(); - case CONNECT_REQ_SENDING: - /* Send request */ - presult = socks_state_send(cf, sx, data, CURLPX_SEND_CONNECT, - "SOCKS4 connect request"); - if(CURLPX_OK != presult) - return presult; - else if(sx->outstanding) { - /* remain in sending state */ + else { + /* check if we have the name resolved by now */ + result = Curl_resolv_check(data, &dns); + if(!result && !dns) return CURLPX_OK; - } - /* done sending! */ - sx->outstanding = 8; /* receive data size */ - sx->outp = socksreq; - sxstate(sx, cf, data, CONNECT_SOCKS_READ); - - FALLTHROUGH(); - case CONNECT_SOCKS_READ: - /* Receive response */ - presult = socks_state_recv(cf, sx, data, CURLPX_RECV_CONNECT, - "connect request ack"); - if(CURLPX_OK != presult) - return presult; - else if(sx->outstanding) { - /* remain in reading state */ - return CURLPX_OK; - } - sxstate(sx, cf, data, CONNECT_DONE); - break; - default: /* lots of unused states in SOCKS4 */ - break; } + if(result || !dns) { + failf(data, "Failed to resolve \"%s\" for SOCKS4 connect.", + sx->hostname); + return CURLPX_RESOLVE_HOST; + } + + /* + * We cannot use 'hostent' as a struct that Curl_resolv() returns. It + * returns a Curl_addrinfo pointer that may not always look the same. + */ + /* scan for the first IPv4 address */ + hp = dns->addr; + while(hp && (hp->ai_family != AF_INET)) + hp = hp->ai_next; + + if(hp) { + struct sockaddr_in *saddr_in; + char ipbuf[64]; + + Curl_printable_address(hp, ipbuf, sizeof(ipbuf)); + CURL_TRC_CF(data, cf, "SOCKS4 connect to IPv4 %s (locally resolved)", + ipbuf); + + saddr_in = (struct sockaddr_in *)(void *)hp->ai_addr; + result = Curl_bufq_write(&sx->iobuf, + (unsigned char *)&saddr_in->sin_addr.s_addr, 4, + &nwritten); + + Curl_resolv_unlink(data, &dns); /* not used anymore from now on */ + if(result || (nwritten != 4)) + return CURLPX_SEND_REQUEST; + } + else { + failf(data, "SOCKS4 connection to %s not supported", sx->hostname); + return CURLPX_RESOLVE_HOST; + } + + *done = TRUE; + return CURLPX_OK; +} + +static CURLproxycode socks4_check_resp(struct socks_state *sx, + struct Curl_cfilter *cf, + struct Curl_easy *data) +{ + const unsigned char *resp; + size_t rlen; + + if(!Curl_bufq_peek(&sx->iobuf, &resp, &rlen) || rlen < 8) { + failf(data, "SOCKS4 reply is incomplete."); + return CURLPX_RECV_CONNECT; + } + + DEBUGASSERT(rlen == 8); /* * Response format * @@ -478,72 +418,194 @@ CONNECT_REQ_INIT: */ /* wrong version ? */ - if(socksreq[0]) { - failf(data, - "SOCKS4 reply has wrong version, version should be 0."); + if(resp[0]) { + failf(data, "SOCKS4 reply has wrong version, version should be 0."); return CURLPX_BAD_VERSION; } /* Result */ - switch(socksreq[1]) { + switch(resp[1]) { case 90: - CURL_TRC_CF(data, cf, "SOCKS4%s request granted.", protocol4a ? "a" : ""); - break; + CURL_TRC_CF(data, cf, "SOCKS4%s request granted.", sx->socks4a ? "a" : ""); + Curl_bufq_reset(&sx->iobuf); + return CURLPX_OK; case 91: failf(data, - "[SOCKS] cannot complete SOCKS4 connection to %d.%d.%d.%d:%d. (%d)" + "[SOCKS] cannot complete SOCKS4 connection to %u.%u.%u.%u:%u. (%u)" ", request rejected or failed.", - socksreq[4], socksreq[5], socksreq[6], socksreq[7], - (((unsigned char)socksreq[2] << 8) | (unsigned char)socksreq[3]), - (unsigned char)socksreq[1]); + resp[4], resp[5], resp[6], resp[7], + ((resp[2] << 8) | resp[3]), resp[1]); return CURLPX_REQUEST_FAILED; case 92: failf(data, - "[SOCKS] cannot complete SOCKS4 connection to %d.%d.%d.%d:%d. (%d)" + "[SOCKS] cannot complete SOCKS4 connection to %u.%u.%u.%u:%u. (%u)" ", request rejected because SOCKS server cannot connect to " "identd on the client.", - socksreq[4], socksreq[5], socksreq[6], socksreq[7], - (((unsigned char)socksreq[2] << 8) | (unsigned char)socksreq[3]), - (unsigned char)socksreq[1]); + resp[4], resp[5], resp[6], resp[7], + ((resp[2] << 8) | resp[3]), resp[1]); return CURLPX_IDENTD; case 93: failf(data, - "[SOCKS] cannot complete SOCKS4 connection to %d.%d.%d.%d:%d. (%d)" + "[SOCKS] cannot complete SOCKS4 connection to %u.%u.%u.%u:%u. (%u)" ", request rejected because the client program and identd " "report different user-ids.", - socksreq[4], socksreq[5], socksreq[6], socksreq[7], - (((unsigned char)socksreq[2] << 8) | (unsigned char)socksreq[3]), - (unsigned char)socksreq[1]); + resp[4], resp[5], resp[6], resp[7], + ((resp[2] << 8) | resp[3]), resp[1]); return CURLPX_IDENTD_DIFFER; default: failf(data, - "[SOCKS] cannot complete SOCKS4 connection to %d.%d.%d.%d:%d. (%d)" + "[SOCKS] cannot complete SOCKS4 connection to %u.%u.%u.%u:%u. (%u)" ", Unknown.", - socksreq[4], socksreq[5], socksreq[6], socksreq[7], - (((unsigned char)socksreq[2] << 8) | (unsigned char)socksreq[3]), - (unsigned char)socksreq[1]); + resp[4], resp[5], resp[6], resp[7], + ((resp[2] << 8) | resp[3]), resp[1]); return CURLPX_UNKNOWN_FAIL; } - - return CURLPX_OK; /* Proxy was successful! */ } -static CURLproxycode socks5_init(struct Curl_cfilter *cf, - struct socks_state *sx, - struct Curl_easy *data, - const bool socks5_resolve_local, - const size_t hostname_len) +/* +* This function logs in to a SOCKS4 proxy and sends the specifics to the final +* destination server. +* +* Reference : +* https://www.openssh.com/txt/socks4.protocol +* +* Note : +* Set protocol4a=true for "SOCKS 4A (Simple Extension to SOCKS 4 Protocol)" +* Nonsupport "Identification Protocol (RFC1413)" +*/ +static CURLproxycode socks4_connect(struct Curl_cfilter *cf, + struct socks_state *sx, + struct Curl_easy *data) { - struct connectdata *conn = cf->conn; - const unsigned char auth = data->set.socks5auth; - unsigned char *socksreq = sx->buffer; + size_t nwritten; + CURLproxycode presult; + CURLcode result; + bool done; - if(conn->bits.httpproxy) - CURL_TRC_CF(data, cf, "SOCKS5: connecting to HTTP proxy %s port %d", +process_state: + switch(sx->state) { + case SOCKS_ST_INIT: + sx->version = 4; + sxstate(sx, cf, data, SOCKS4_ST_START); + FALLTHROUGH(); + + case SOCKS4_ST_START: + Curl_bufq_reset(&sx->iobuf); + sx->start_resolving = FALSE; + sx->socks4a = (cf->conn->socks_proxy.proxytype == CURLPROXY_SOCKS4A); + sx->resolve_local = !sx->socks4a; + sx->presult = CURLPX_OK; + + /* SOCKS4 can only do IPv4, insist! */ + cf->conn->ip_version = CURL_IPRESOLVE_V4; + CURL_TRC_CF(data, cf, "SOCKS4%s communication to%s %s:%d", + sx->socks4a ? "a" : "", + cf->conn->bits.httpproxy ? " HTTP proxy" : "", sx->hostname, sx->remote_port); + /* + * Compose socks4 request + * + * Request format + * + * +----+----+----+----+----+----+----+----+----+----+....+----+ + * | VN | CD | DSTPORT | DSTIP | USERID |NULL| + * +----+----+----+----+----+----+----+----+----+----+....+----+ + * # of bytes: 1 1 2 4 variable 1 + */ + presult = socks4_req_add_hd(sx, data); + if(presult) + return socks_failed(sx, cf, data, presult); + + /* DNS resolve only for SOCKS4, not SOCKS4a */ + if(!sx->resolve_local) { + /* socks4a, not resolving locally, sends the hostname. + * add an invalid address + user + hostname */ + unsigned char buf[4] = { 0, 0, 0, 1 }; + size_t hlen = strlen(sx->hostname) + 1; /* including NUL */ + + if(hlen > 255) { + failf(data, "SOCKS4: too long hostname"); + return socks_failed(sx, cf, data, CURLPX_LONG_HOSTNAME); + } + result = Curl_bufq_write(&sx->iobuf, buf, 4, &nwritten); + if(result || (nwritten != 4)) + return socks_failed(sx, cf, data, CURLPX_SEND_REQUEST); + presult = socks4_req_add_user(sx, data); + if(presult) + return socks_failed(sx, cf, data, presult); + result = Curl_bufq_cwrite(&sx->iobuf, sx->hostname, hlen, &nwritten); + if(result || (nwritten != hlen)) + return socks_failed(sx, cf, data, CURLPX_SEND_REQUEST); + /* request complete */ + sxstate(sx, cf, data, SOCKS4_ST_SEND); + goto process_state; + } + sx->start_resolving = TRUE; + sxstate(sx, cf, data, SOCKS4_ST_RESOLVING); + FALLTHROUGH(); + + case SOCKS4_ST_RESOLVING: + presult = socks4_resolving(sx, cf, data, &done); + if(presult) + return socks_failed(sx, cf, data, presult); + if(!done) + return CURLPX_OK; + /* append user */ + presult = socks4_req_add_user(sx, data); + if(presult) + return socks_failed(sx, cf, data, presult); + sxstate(sx, cf, data, SOCKS4_ST_SEND); + FALLTHROUGH(); + + case SOCKS4_ST_SEND: + presult = socks_flush(sx, cf, data, &done); + if(presult) + return socks_failed(sx, cf, data, presult); + else if(!done) + return CURLPX_OK; + sxstate(sx, cf, data, SOCKS4_ST_RECV); + FALLTHROUGH(); + + case SOCKS4_ST_RECV: + /* Receive 8 byte response */ + presult = socks_recv(sx, cf, data, 8, &done); + if(presult) + return socks_failed(sx, cf, data, presult); + else if(!done) + return CURLPX_OK; + presult = socks4_check_resp(sx, cf, data); + if(presult) + return socks_failed(sx, cf, data, presult); + sxstate(sx, cf, data, SOCKS_ST_SUCCESS); + FALLTHROUGH(); + + case SOCKS_ST_SUCCESS: + return CURLPX_OK; + + case SOCKS_ST_FAILED: + DEBUGASSERT(sx->presult); + return sx->presult; + + default: + DEBUGASSERT(0); + return socks_failed(sx, cf, data, CURLPX_SEND_REQUEST); + } +} + +static CURLproxycode socks5_req0_init(struct Curl_cfilter *cf, + struct socks_state *sx, + struct Curl_easy *data) +{ + const unsigned char auth = data->set.socks5auth; + unsigned char req[5]; /* version + len + 3 possible auth methods */ + unsigned char nauths; + size_t req_len, nwritten; + CURLcode result; + + (void)cf; /* RFC1928 chapter 5 specifies max 255 chars for domain name in packet */ - if(!socks5_resolve_local && hostname_len > 255) { + if(!sx->resolve_local && strlen(sx->hostname) > 255) { failf(data, "SOCKS5: the destination hostname is too long to be " "resolved remotely by the proxy."); return CURLPX_LONG_HOSTNAME; @@ -556,27 +618,73 @@ static CURLproxycode socks5_init(struct Curl_cfilter *cf, /* disable username/password auth */ sx->proxy_user = NULL; - if(!sx->outstanding) { - size_t idx = 0; - socksreq[idx++] = 5; /* version */ - idx++; /* number of authentication methods */ - socksreq[idx++] = 0; /* no authentication */ + req[0] = 5; /* version */ + nauths = 1; + req[1 + nauths] = 0; /* 1. no authentication */ #if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI) - if(auth & CURLAUTH_GSSAPI) - socksreq[idx++] = 1; /* GSS-API */ + if(auth & CURLAUTH_GSSAPI) { + ++nauths; + req[1 + nauths] = 1; /* GSS-API */ + } #endif - if(sx->proxy_user) - socksreq[idx++] = 2; /* username/password */ - /* write the number of authentication methods */ - socksreq[1] = (unsigned char) (idx - 2); + if(sx->proxy_user) { + ++nauths; + req[1 + nauths] = 2; /* username/password */ + } + req[1] = nauths; + req_len = 2 + nauths; - sx->outp = socksreq; - DEBUGASSERT(idx <= sizeof(sx->buffer)); - sx->outstanding = idx; + result = Curl_bufq_write(&sx->iobuf, req, req_len, &nwritten); + if(result || (nwritten != req_len)) + return CURLPX_SEND_REQUEST; + return CURLPX_OK; +} + +static CURLproxycode socks5_check_resp0(struct socks_state *sx, + struct Curl_cfilter *cf, + struct Curl_easy *data) +{ + const unsigned char *resp; + unsigned char auth_mode; + size_t rlen; + + if(!Curl_bufq_peek(&sx->iobuf, &resp, &rlen) || rlen < 2) { + failf(data, "SOCKS5 initial reply is incomplete."); + return CURLPX_RECV_CONNECT; } - return socks_state_send(cf, sx, data, CURLPX_SEND_CONNECT, - "initial SOCKS5 request"); + if(resp[0] != 5) { + failf(data, "Received invalid version in initial SOCKS5 response."); + return CURLPX_BAD_VERSION; + } + + auth_mode = resp[1]; + Curl_bufq_reset(&sx->iobuf); + + switch(auth_mode) { + case 0: + /* DONE! No authentication needed. Send request. */ + sxstate(sx, cf, data, SOCKS5_ST_REQ1_INIT); + return CURLPX_OK; + case 1: + if(data->set.socks5auth & CURLAUTH_GSSAPI) { + sxstate(sx, cf, data, SOCKS5_ST_GSSAPI_INIT); + return CURLPX_OK; + } + failf(data, + "SOCKS5 GSSAPI per-message authentication is not enabled."); + return CURLPX_GSSAPI_PERMSG; + case 2: + /* regular name + password authentication */ + sxstate(sx, cf, data, SOCKS5_ST_AUTH_INIT); + return CURLPX_OK; + case 255: + failf(data, "No authentication method was acceptable."); + return CURLPX_NO_AUTH; + default: + failf(data, "Unknown SOCKS5 mode attempted to be used by server."); + return CURLPX_UNKNOWN_MODE; + } } static CURLproxycode socks5_auth_init(struct Curl_cfilter *cf, @@ -584,17 +692,22 @@ static CURLproxycode socks5_auth_init(struct Curl_cfilter *cf, struct Curl_easy *data) { /* Needs username and password */ - size_t proxy_user_len, proxy_password_len; - size_t len = 0; - unsigned char *socksreq = sx->buffer; + size_t ulen = 0, plen = 0, nwritten; + unsigned char buf[2]; + CURLcode result; if(sx->proxy_user && sx->proxy_password) { - proxy_user_len = strlen(sx->proxy_user); - proxy_password_len = strlen(sx->proxy_password); - } - else { - proxy_user_len = 0; - proxy_password_len = 0; + ulen = strlen(sx->proxy_user); + plen = strlen(sx->proxy_password); + /* the lengths must fit in a single byte */ + if(ulen > 255) { + failf(data, "Excessive username length for proxy auth"); + return CURLPX_LONG_USER; + } + if(plen > 255) { + failf(data, "Excessive password length for proxy auth"); + return CURLPX_LONG_PASSWD; + } } /* username/password request looks like @@ -604,31 +717,329 @@ static CURLproxycode socks5_auth_init(struct Curl_cfilter *cf, * | 1 | 1 | 1 to 255 | 1 | 1 to 255 | * +----+------+----------+------+----------+ */ - socksreq[len++] = 1; /* username/pw subnegotiation version */ - socksreq[len++] = (unsigned char) proxy_user_len; - if(sx->proxy_user && proxy_user_len) { - /* the length must fit in a single byte */ - if(proxy_user_len > 255) { - failf(data, "Excessive username length for proxy auth"); - return CURLPX_LONG_USER; - } - memcpy(socksreq + len, sx->proxy_user, proxy_user_len); + buf[0] = 1; /* username/pw subnegotiation version */ + buf[1] = (unsigned char)ulen; + result = Curl_bufq_write(&sx->iobuf, buf, 2, &nwritten); + if(result || (nwritten != 2)) + return CURLPX_SEND_REQUEST; + if(ulen) { + result = Curl_bufq_cwrite(&sx->iobuf, sx->proxy_user, ulen, &nwritten); + if(result || (nwritten != ulen)) + return CURLPX_SEND_REQUEST; } - len += proxy_user_len; - socksreq[len++] = (unsigned char) proxy_password_len; - if(sx->proxy_password && proxy_password_len) { - /* the length must fit in a single byte */ - if(proxy_password_len > 255) { - failf(data, "Excessive password length for proxy auth"); - return CURLPX_LONG_PASSWD; - } - memcpy(socksreq + len, sx->proxy_password, proxy_password_len); + buf[0] = (unsigned char) plen; + result = Curl_bufq_write(&sx->iobuf, buf, 1, &nwritten); + if(result || (nwritten != 1)) + return CURLPX_SEND_REQUEST; + if(plen) { + result = Curl_bufq_cwrite(&sx->iobuf, sx->proxy_password, plen, &nwritten); + if(result || (nwritten != plen)) + return CURLPX_SEND_REQUEST; } - len += proxy_password_len; - sxstate(sx, cf, data, CONNECT_AUTH_SEND); - DEBUGASSERT(len <= sizeof(sx->buffer)); - sx->outstanding = len; - sx->outp = socksreq; + sxstate(sx, cf, data, SOCKS5_ST_AUTH_SEND); + return CURLPX_OK; +} + +static CURLproxycode socks5_check_auth_resp(struct socks_state *sx, + struct Curl_cfilter *cf, + struct Curl_easy *data) +{ + const unsigned char *resp; + unsigned char auth_status; + size_t rlen; + + (void)cf; + if(!Curl_bufq_peek(&sx->iobuf, &resp, &rlen) || rlen < 2) { + failf(data, "SOCKS5 sub-negotiation response incomplete."); + return CURLPX_RECV_CONNECT; + } + + /* ignore the first (VER) byte */ + auth_status = resp[1]; + Curl_bufq_reset(&sx->iobuf); + + if(auth_status) { + failf(data, "User was rejected by the SOCKS5 server (%d %d).", + resp[0], resp[1]); + return CURLPX_USER_REJECTED; + } + return CURLPX_OK; +} + +static CURLproxycode socks5_req1_init(struct socks_state *sx, + struct Curl_cfilter *cf, + struct Curl_easy *data) +{ + unsigned char req[5]; + unsigned char ipbuf[16]; + const unsigned char *destination; + unsigned char desttype, destlen, hdlen; + size_t nwritten; + CURLcode result; + + req[0] = 5; /* version (SOCKS5) */ + req[1] = 1; /* connect */ + req[2] = 0; /* must be zero */ + if(sx->resolve_local) { + /* rest of request is added after resolving */ + result = Curl_bufq_write(&sx->iobuf, req, 3, &nwritten); + if(result || (nwritten != 3)) + return CURLPX_SEND_REQUEST; + return CURLPX_OK; + } + + /* remote resolving, send what type+addr/string to resolve */ +#ifdef USE_IPV6 + if(cf->conn->bits.ipv6_ip) { + desttype = 4; + destination = ipbuf; + destlen = 16; + if(curlx_inet_pton(AF_INET6, sx->hostname, ipbuf) != 1) + return CURLPX_BAD_ADDRESS_TYPE; + } + else +#endif + if(curlx_inet_pton(AF_INET, sx->hostname, ipbuf) == 1) { + desttype = 1; + destination = ipbuf; + destlen = 4; + } + else { + const size_t hostname_len = strlen(sx->hostname); + desttype = 3; + destination = (const unsigned char *)sx->hostname; + destlen = (unsigned char) hostname_len; /* one byte length */ + } + + req[3] = desttype; + req[4] = destlen; + hdlen = (desttype == 3) ? 5 : 4; /* no length byte for ip addresses */ + result = Curl_bufq_write(&sx->iobuf, req, hdlen, &nwritten); + if(result || (nwritten != hdlen)) + return CURLPX_SEND_REQUEST; + result = Curl_bufq_write(&sx->iobuf, destination, destlen, &nwritten); + if(result || (nwritten != destlen)) + return CURLPX_SEND_REQUEST; + /* PORT MSB+LSB */ + req[0] = (unsigned char)((sx->remote_port >> 8) & 0xff); + req[1] = (unsigned char)(sx->remote_port & 0xff); + result = Curl_bufq_write(&sx->iobuf, req, 2, &nwritten); + if(result || (nwritten != 2)) + return CURLPX_SEND_REQUEST; + CURL_TRC_CF(data, cf, "SOCKS5 connect to %s:%d (remotely resolved)", + sx->hostname, sx->remote_port); + return CURLPX_OK; +} + +static CURLproxycode socks5_resolving(struct socks_state *sx, + struct Curl_cfilter *cf, + struct Curl_easy *data, + bool *done) +{ + struct Curl_dns_entry *dns = NULL; + struct Curl_addrinfo *hp = NULL; + char dest[MAX_IPADR_LEN]; /* printable address */ + unsigned char *destination = NULL; + unsigned char desttype = 1, destlen = 4; + unsigned char req[2]; + CURLcode result; + CURLproxycode presult = CURLPX_OK; + size_t nwritten; + + *done = FALSE; + if(sx->start_resolving) { + /* need to resolve hostname to add destination address */ + sx->start_resolving = FALSE; + + result = Curl_resolv(data, sx->hostname, sx->remote_port, + cf->conn->ip_version, TRUE, &dns); + if(result == CURLE_AGAIN) { + CURL_TRC_CF(data, cf, "SOCKS5 non-blocking resolve of %s", + sx->hostname); + return CURLPX_OK; + } + else if(result) + return CURLPX_RESOLVE_HOST; + } + else { + /* check if we have the name resolved by now */ + result = Curl_resolv_check(data, &dns); + if(!result && !dns) + return CURLPX_OK; + } + + if(result || !dns) { + failf(data, "Failed to resolve \"%s\" for SOCKS5 connect.", + sx->hostname); + presult = CURLPX_RESOLVE_HOST; + goto out; + } + + if(dns) + hp = dns->addr; +#ifdef USE_IPV6 + if(data->set.ipver != CURL_IPRESOLVE_WHATEVER) { + int wanted_family = data->set.ipver == CURL_IPRESOLVE_V4 ? + AF_INET : AF_INET6; + /* scan for the first proper address */ + while(hp && (hp->ai_family != wanted_family)) + hp = hp->ai_next; + } +#endif + if(!hp) { + failf(data, "Failed to resolve \"%s\" for SOCKS5 connect.", + sx->hostname); + presult = CURLPX_RESOLVE_HOST; + goto out; + } + + Curl_printable_address(hp, dest, sizeof(dest)); + + if(hp->ai_family == AF_INET) { + struct sockaddr_in *saddr_in; + desttype = 1; /* ATYP: IPv4 = 1 */ + destlen = 4; + saddr_in = (struct sockaddr_in *)(void *)hp->ai_addr; + destination = (unsigned char *)&saddr_in->sin_addr.s_addr; + CURL_TRC_CF(data, cf, "SOCKS5 connect to %s:%d (locally resolved)", + dest, sx->remote_port); + } +#ifdef USE_IPV6 + else if(hp->ai_family == AF_INET6) { + struct sockaddr_in6 *saddr_in6; + desttype = 4; /* ATYP: IPv6 = 4 */ + destlen = 16; + saddr_in6 = (struct sockaddr_in6 *)(void *)hp->ai_addr; + destination = (unsigned char *)&saddr_in6->sin6_addr.s6_addr; + CURL_TRC_CF(data, cf, "SOCKS5 connect to [%s]:%d (locally resolved)", + dest, sx->remote_port); + } +#endif + + if(!destination) { + failf(data, "SOCKS5 connection to %s not supported", dest); + presult = CURLPX_RESOLVE_HOST; + goto out; + } + + req[0] = desttype; + result = Curl_bufq_write(&sx->iobuf, req, 1, &nwritten); + if(result || (nwritten != 1)) { + presult = CURLPX_SEND_REQUEST; + goto out; + } + result = Curl_bufq_write(&sx->iobuf, destination, destlen, &nwritten); + if(result || (nwritten != destlen)) { + presult = CURLPX_SEND_REQUEST; + goto out; + } + /* PORT MSB+LSB */ + req[0] = (unsigned char)((sx->remote_port >> 8) & 0xffu); + req[1] = (unsigned char)(sx->remote_port & 0xffu); + result = Curl_bufq_write(&sx->iobuf, req, 2, &nwritten); + if(result || (nwritten != 2)) { + presult = CURLPX_SEND_REQUEST; + goto out; + } + +out: + if(dns) + Curl_resolv_unlink(data, &dns); + *done = (presult == CURLPX_OK); + return presult; +} + +static CURLproxycode socks5_recv_resp1(struct socks_state *sx, + struct Curl_cfilter *cf, + struct Curl_easy *data, + bool *done) +{ + const unsigned char *resp; + size_t rlen, resp_len = 8; /* minimum response length */ + CURLproxycode presult; + + presult = socks_recv(sx, cf, data, resp_len, done); + if(presult) + return presult; + else if(!*done) + return CURLPX_OK; + + if(!Curl_bufq_peek(&sx->iobuf, &resp, &rlen) || rlen < resp_len) { + failf(data, "SOCKS5 response is incomplete."); + return CURLPX_RECV_CONNECT; + } + + /* Response packet includes BND.ADDR is variable length parameter by RFC + 1928, so the response packet MUST be read until the end to avoid errors + at subsequent protocol level. + + +----+-----+-------+------+----------+----------+ + |VER | REP | RSV | ATYP | BND.ADDR | BND.PORT | + +----+-----+-------+------+----------+----------+ + | 1 | 1 | X'00' | 1 | Variable | 2 | + +----+-----+-------+------+----------+----------+ + + ATYP: + o IP v4 address: X'01', BND.ADDR = 4 byte + o domain name: X'03', BND.ADDR = [ 1 byte length, string ] + o IP v6 address: X'04', BND.ADDR = 16 byte + */ + if(resp[0] != 5) { /* version */ + failf(data, "SOCKS5 reply has wrong version, version should be 5."); + return CURLPX_BAD_VERSION; + } + else if(resp[1]) { /* Anything besides 0 is an error */ + CURLproxycode rc = CURLPX_REPLY_UNASSIGNED; + int code = resp[1]; + failf(data, "cannot complete SOCKS5 connection to %s. (%d)", + sx->hostname, code); + if(code < 9) { + /* RFC 1928 section 6 lists: */ + static const CURLproxycode lookup[] = { + CURLPX_OK, + CURLPX_REPLY_GENERAL_SERVER_FAILURE, + CURLPX_REPLY_NOT_ALLOWED, + CURLPX_REPLY_NETWORK_UNREACHABLE, + CURLPX_REPLY_HOST_UNREACHABLE, + CURLPX_REPLY_CONNECTION_REFUSED, + CURLPX_REPLY_TTL_EXPIRED, + CURLPX_REPLY_COMMAND_NOT_SUPPORTED, + CURLPX_REPLY_ADDRESS_TYPE_NOT_SUPPORTED, + }; + rc = lookup[code]; + } + return rc; + } + + /* Calculate real packet size */ + switch(resp[3]) { + case 1: /* IPv4 */ + resp_len = 4 + 4 + 2; + break; + case 3: /* domain name */ + resp_len = 4 + 1 + resp[4] + 2; /* header, var length, var bytes, port */ + break; + case 4: /* IPv6 */ + resp_len = 4 + 16 + 2; + break; + default: + failf(data, "SOCKS5 reply has wrong address type."); + return CURLPX_BAD_ADDRESS_TYPE; + } + + /* receive the rest of the response */ + presult = socks_recv(sx, cf, data, resp_len, done); + if(presult) + return presult; + else if(!*done) + return CURLPX_OK; + + if(!Curl_bufq_peek(&sx->iobuf, &resp, &rlen) || rlen < resp_len) { + failf(data, "SOCKS5 response is incomplete."); + return CURLPX_RECV_CONNECT; + } + /* got it all */ + *done = TRUE; return CURLPX_OK; } @@ -636,467 +1047,164 @@ static CURLproxycode socks5_auth_init(struct Curl_cfilter *cf, * This function logs in to a SOCKS5 proxy and sends the specifics to the final * destination server. */ -static CURLproxycode do_SOCKS5(struct Curl_cfilter *cf, - struct socks_state *sx, - struct Curl_easy *data) +static CURLproxycode socks5_connect(struct Curl_cfilter *cf, + struct socks_state *sx, + struct Curl_easy *data) { - /* - According to the RFC1928, section "6. Replies". This is what a SOCK5 - replies: - - +----+-----+-------+------+----------+----------+ - |VER | REP | RSV | ATYP | BND.ADDR | BND.PORT | - +----+-----+-------+------+----------+----------+ - | 1 | 1 | X'00' | 1 | Variable | 2 | - +----+-----+-------+------+----------+----------+ - - Where: - - o VER protocol version: X'05' - o REP Reply field: - o X'00' succeeded - */ - struct connectdata *conn = cf->conn; - unsigned char *socksreq = sx->buffer; - CURLcode result; CURLproxycode presult; - bool socks5_resolve_local = - (conn->socks_proxy.proxytype == CURLPROXY_SOCKS5); - const size_t hostname_len = strlen(sx->hostname); - size_t len = 0; - bool allow_gssapi = FALSE; - struct Curl_dns_entry *dns = NULL; + bool done; +process_state: switch(sx->state) { - case CONNECT_SOCKS_INIT: - presult = socks5_init(cf, sx, data, socks5_resolve_local, hostname_len); - if(presult || sx->outstanding) - return presult; - sxstate(sx, cf, data, CONNECT_SOCKS_READ); - goto CONNECT_SOCKS_READ_INIT; - case CONNECT_SOCKS_SEND: - presult = socks_state_send(cf, sx, data, CURLPX_SEND_CONNECT, - "initial SOCKS5 request"); - if(CURLPX_OK != presult) - return presult; - else if(sx->outstanding) { - /* remain in sending state */ - return CURLPX_OK; - } + case SOCKS_ST_INIT: + sx->version = 5; + sx->resolve_local = (cf->conn->socks_proxy.proxytype == CURLPROXY_SOCKS5); + sxstate(sx, cf, data, SOCKS5_ST_START); FALLTHROUGH(); - case CONNECT_SOCKS_READ_INIT: -CONNECT_SOCKS_READ_INIT: - sx->outstanding = 2; /* expect two bytes */ - sx->outp = socksreq; /* store it here */ + + case SOCKS5_ST_START: + if(cf->conn->bits.httpproxy) + CURL_TRC_CF(data, cf, "SOCKS5: connecting to HTTP proxy %s port %d", + sx->hostname, sx->remote_port); + presult = socks5_req0_init(cf, sx, data); + if(presult) + return socks_failed(sx, cf, data, presult); + sxstate(sx, cf, data, SOCKS5_ST_REQ0_SEND); FALLTHROUGH(); - case CONNECT_SOCKS_READ: - presult = socks_state_recv(cf, sx, data, CURLPX_RECV_CONNECT, - "initial SOCKS5 response"); -#if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI) - if(data->set.socks5auth & CURLAUTH_GSSAPI) - allow_gssapi = TRUE; -#endif - if(CURLPX_OK != presult) - return presult; - else if(sx->outstanding) { - /* remain in reading state */ + + case SOCKS5_ST_REQ0_SEND: + presult = socks_flush(sx, cf, data, &done); + if(presult) + return socks_failed(sx, cf, data, presult); + else if(!done) return CURLPX_OK; - } - else if(socksreq[0] != 5) { - failf(data, "Received invalid version in initial SOCKS5 response."); - return CURLPX_BAD_VERSION; - } - else if(socksreq[1] == 0) { - /* DONE! No authentication needed. Send request. */ - sxstate(sx, cf, data, CONNECT_REQ_INIT); - goto CONNECT_REQ_INIT; - } - else if(socksreq[1] == 2) { - /* regular name + password authentication */ - sxstate(sx, cf, data, CONNECT_AUTH_INIT); - goto CONNECT_AUTH_INIT; - } + /* done sending! */ + sxstate(sx, cf, data, SOCKS5_ST_RESP0_RECV); + FALLTHROUGH(); + + case SOCKS5_ST_RESP0_RECV: + presult = socks_recv(sx, cf, data, 2, &done); + if(presult) + return socks_failed(sx, cf, data, presult); + else if(!done) + return CURLPX_OK; + presult = socks5_check_resp0(sx, cf, data); + if(presult) + return socks_failed(sx, cf, data, presult); + /* socks5_check_resp0() sets next socks state */ + goto process_state; + + case SOCKS5_ST_GSSAPI_INIT: { #if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI) - else if(allow_gssapi && (socksreq[1] == 1)) { - sxstate(sx, cf, data, CONNECT_GSSAPI_INIT); - result = Curl_SOCKS5_gssapi_negotiate(cf, data); - if(result) { - failf(data, "Unable to negotiate SOCKS5 GSS-API context."); - return CURLPX_GSSAPI; - } - } -#endif - else { - /* error */ - if(!allow_gssapi && (socksreq[1] == 1)) { - failf(data, - "SOCKS5 GSSAPI per-message authentication is not supported."); - return CURLPX_GSSAPI_PERMSG; - } - else if(socksreq[1] == 255) { - failf(data, "No authentication method was acceptable."); - return CURLPX_NO_AUTH; - } - } - failf(data, - "Undocumented SOCKS5 mode attempted to be used by server."); - return CURLPX_UNKNOWN_MODE; -#if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI) - case CONNECT_GSSAPI_INIT: /* GSSAPI stuff done non-blocking */ - break; + CURLcode result = Curl_SOCKS5_gssapi_negotiate(cf, data); + if(result) { + failf(data, "Unable to negotiate SOCKS5 GSS-API context."); + return CURLPX_GSSAPI; + } + sxstate(sx, cf, data, SOCKS5_ST_REQ1_INIT); + goto process_state; +#else + failf(data, + "SOCKS5 GSSAPI per-message authentication is not supported."); + return socks_failed(sx, cf, data, CURLPX_GSSAPI_PERMSG); #endif + } - default: /* do nothing! */ - break; - -CONNECT_AUTH_INIT: - case CONNECT_AUTH_INIT: + case SOCKS5_ST_AUTH_INIT: presult = socks5_auth_init(cf, sx, data); if(presult) - return presult; + return socks_failed(sx, cf, data, presult); + sxstate(sx, cf, data, SOCKS5_ST_AUTH_SEND); FALLTHROUGH(); - case CONNECT_AUTH_SEND: - presult = socks_state_send(cf, sx, data, CURLPX_SEND_AUTH, - "SOCKS5 sub-negotiation request"); - if(CURLPX_OK != presult) - return presult; - else if(sx->outstanding) { - /* remain in sending state */ - return CURLPX_OK; - } - sx->outp = socksreq; - sx->outstanding = 2; - sxstate(sx, cf, data, CONNECT_AUTH_READ); - FALLTHROUGH(); - case CONNECT_AUTH_READ: - presult = socks_state_recv(cf, sx, data, CURLPX_RECV_AUTH, - "SOCKS5 sub-negotiation response"); - if(CURLPX_OK != presult) - return presult; - else if(sx->outstanding) { - /* remain in reading state */ - return CURLPX_OK; - } - /* ignore the first (VER) byte */ - else if(socksreq[1]) { /* status */ - failf(data, "User was rejected by the SOCKS5 server (%d %d).", - socksreq[0], socksreq[1]); - return CURLPX_USER_REJECTED; - } + case SOCKS5_ST_AUTH_SEND: + presult = socks_flush(sx, cf, data, &done); + if(presult) + return socks_failed(sx, cf, data, presult); + else if(!done) + return CURLPX_OK; + sxstate(sx, cf, data, SOCKS5_ST_AUTH_RECV); + FALLTHROUGH(); + + case SOCKS5_ST_AUTH_RECV: + presult = socks_recv(sx, cf, data, 2, &done); + if(presult) + return socks_failed(sx, cf, data, presult); + else if(!done) + return CURLPX_OK; + presult = socks5_check_auth_resp(sx, cf, data); + if(presult) + return socks_failed(sx, cf, data, presult); /* Everything is good so far, user was authenticated! */ - sxstate(sx, cf, data, CONNECT_REQ_INIT); + sxstate(sx, cf, data, SOCKS5_ST_REQ1_INIT); FALLTHROUGH(); - case CONNECT_REQ_INIT: -CONNECT_REQ_INIT: - if(socks5_resolve_local) { - result = Curl_resolv(data, sx->hostname, sx->remote_port, - cf->conn->ip_version, TRUE, &dns); - if(result == CURLE_AGAIN) { - sxstate(sx, cf, data, CONNECT_RESOLVING); - return CURLPX_OK; - } - else if(result) - return CURLPX_RESOLVE_HOST; - sxstate(sx, cf, data, CONNECT_RESOLVED); - goto CONNECT_RESOLVED; + case SOCKS5_ST_REQ1_INIT: + presult = socks5_req1_init(sx, cf, data); + if(presult) + return socks_failed(sx, cf, data, presult); + if(!sx->resolve_local) { + /* we do not resolve, request is complete */ + sxstate(sx, cf, data, SOCKS5_ST_REQ1_SEND); + goto process_state; } - goto CONNECT_RESOLVE_REMOTE; + sx->start_resolving = TRUE; + sxstate(sx, cf, data, SOCKS5_ST_RESOLVING); + FALLTHROUGH(); - case CONNECT_RESOLVING: - /* check if we have the name resolved by now */ - result = Curl_resolv_check(data, &dns); - if(!dns) { - if(result) - return CURLPX_RESOLVE_HOST; + case SOCKS5_ST_RESOLVING: + presult = socks5_resolving(sx, cf, data, &done); + if(presult) + return socks_failed(sx, cf, data, presult); + if(!done) return CURLPX_OK; - } - FALLTHROUGH(); - case CONNECT_RESOLVED: -CONNECT_RESOLVED: - { - char dest[MAX_IPADR_LEN]; /* printable address */ - struct Curl_addrinfo *hp = NULL; - if(dns) - hp = dns->addr; -#ifdef USE_IPV6 - if(data->set.ipver != CURL_IPRESOLVE_WHATEVER) { - int wanted_family = data->set.ipver == CURL_IPRESOLVE_V4 ? - AF_INET : AF_INET6; - /* scan for the first proper address */ - while(hp && (hp->ai_family != wanted_family)) - hp = hp->ai_next; - } -#endif - if(!hp) { - failf(data, "Failed to resolve \"%s\" for SOCKS5 connect.", - sx->hostname); - return CURLPX_RESOLVE_HOST; - } - - Curl_printable_address(hp, dest, sizeof(dest)); - - len = 0; - socksreq[len++] = 5; /* version (SOCKS5) */ - socksreq[len++] = 1; /* connect */ - socksreq[len++] = 0; /* must be zero */ - if(hp->ai_family == AF_INET) { - int i; - struct sockaddr_in *saddr_in; - socksreq[len++] = 1; /* ATYP: IPv4 = 1 */ - - saddr_in = (struct sockaddr_in *)(void *)hp->ai_addr; - for(i = 0; i < 4; i++) { - socksreq[len++] = ((unsigned char *)&saddr_in->sin_addr.s_addr)[i]; - } - - CURL_TRC_CF(data, cf, "SOCKS5 connect to %s:%d (locally resolved)", - dest, sx->remote_port); - } -#ifdef USE_IPV6 - else if(hp->ai_family == AF_INET6) { - int i; - struct sockaddr_in6 *saddr_in6; - socksreq[len++] = 4; /* ATYP: IPv6 = 4 */ - - saddr_in6 = (struct sockaddr_in6 *)(void *)hp->ai_addr; - for(i = 0; i < 16; i++) { - socksreq[len++] = - ((unsigned char *)&saddr_in6->sin6_addr.s6_addr)[i]; - } - - CURL_TRC_CF(data, cf, "SOCKS5 connect to [%s]:%d (locally resolved)", - dest, sx->remote_port); - } -#endif - else { - hp = NULL; /* fail! */ - failf(data, "SOCKS5 connection to %s not supported", dest); - } - - Curl_resolv_unlink(data, &dns); /* not used anymore from now on */ - goto CONNECT_REQ_SEND; - } -CONNECT_RESOLVE_REMOTE: - case CONNECT_RESOLVE_REMOTE: - /* Authentication is complete, now specify destination to the proxy */ - len = 0; - socksreq[len++] = 5; /* version (SOCKS5) */ - socksreq[len++] = 1; /* connect */ - socksreq[len++] = 0; /* must be zero */ - - if(!socks5_resolve_local) { - /* ATYP: domain name = 3, - IPv6 == 4, - IPv4 == 1 */ - unsigned char ip4[4]; -#ifdef USE_IPV6 - if(conn->bits.ipv6_ip) { - char ip6[16]; - if(curlx_inet_pton(AF_INET6, sx->hostname, ip6) != 1) - return CURLPX_BAD_ADDRESS_TYPE; - socksreq[len++] = 4; - memcpy(&socksreq[len], ip6, sizeof(ip6)); - len += sizeof(ip6); - } - else -#endif - if(curlx_inet_pton(AF_INET, sx->hostname, ip4) == 1) { - socksreq[len++] = 1; - memcpy(&socksreq[len], ip4, sizeof(ip4)); - len += sizeof(ip4); - } - else { - socksreq[len++] = 3; - socksreq[len++] = (unsigned char) hostname_len; /* one byte length */ - memcpy(&socksreq[len], sx->hostname, hostname_len); /* w/o NULL */ - len += hostname_len; - } - CURL_TRC_CF(data, cf, "SOCKS5 connect to %s:%d (remotely resolved)", - sx->hostname, sx->remote_port); - } + sxstate(sx, cf, data, SOCKS5_ST_REQ1_SEND); FALLTHROUGH(); - case CONNECT_REQ_SEND: -CONNECT_REQ_SEND: - /* PORT MSB */ - socksreq[len++] = (unsigned char)((sx->remote_port >> 8) & 0xff); - /* PORT LSB */ - socksreq[len++] = (unsigned char)(sx->remote_port & 0xff); - + case SOCKS5_ST_REQ1_SEND: + presult = socks_flush(sx, cf, data, &done); + if(presult) + return socks_failed(sx, cf, data, presult); + else if(!done) + return CURLPX_OK; #if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI) - if(conn->socks5_gssapi_enctype) { + if(cf->conn->socks5_gssapi_enctype) { failf(data, "SOCKS5 GSS-API protection not yet implemented."); return CURLPX_GSSAPI_PROTECTION; } #endif - sx->outp = socksreq; - DEBUGASSERT(len <= sizeof(sx->buffer)); - sx->outstanding = len; - sxstate(sx, cf, data, CONNECT_REQ_SENDING); + sxstate(sx, cf, data, SOCKS5_ST_RESP1_RECV); FALLTHROUGH(); - case CONNECT_REQ_SENDING: - presult = socks_state_send(cf, sx, data, CURLPX_SEND_REQUEST, - "SOCKS5 connect request"); - if(CURLPX_OK != presult) - return presult; - else if(sx->outstanding) { - /* remain in send state */ + + case SOCKS5_ST_RESP1_RECV: + presult = socks5_recv_resp1(sx, cf, data, &done); + if(presult) + return socks_failed(sx, cf, data, presult); + if(!done) return CURLPX_OK; - } -#if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI) - if(conn->socks5_gssapi_enctype) { - failf(data, "SOCKS5 GSS-API protection not yet implemented."); - return CURLPX_GSSAPI_PROTECTION; - } -#endif - sx->outstanding = 10; /* minimum packet size is 10 */ - sx->outp = socksreq; - sxstate(sx, cf, data, CONNECT_REQ_READ); + CURL_TRC_CF(data, cf, "SOCKS5 request granted."); + sxstate(sx, cf, data, SOCKS_ST_SUCCESS); FALLTHROUGH(); - case CONNECT_REQ_READ: - presult = socks_state_recv(cf, sx, data, CURLPX_RECV_REQACK, - "SOCKS5 connect request ack"); - if(CURLPX_OK != presult) - return presult; - else if(sx->outstanding) { - /* remain in reading state */ - return CURLPX_OK; - } - else if(socksreq[0] != 5) { /* version */ - failf(data, - "SOCKS5 reply has wrong version, version should be 5."); - return CURLPX_BAD_VERSION; - } - else if(socksreq[1]) { /* Anything besides 0 is an error */ - CURLproxycode rc = CURLPX_REPLY_UNASSIGNED; - int code = socksreq[1]; - failf(data, "cannot complete SOCKS5 connection to %s. (%d)", - sx->hostname, (unsigned char)socksreq[1]); - if(code < 9) { - /* RFC 1928 section 6 lists: */ - static const CURLproxycode lookup[] = { - CURLPX_OK, - CURLPX_REPLY_GENERAL_SERVER_FAILURE, - CURLPX_REPLY_NOT_ALLOWED, - CURLPX_REPLY_NETWORK_UNREACHABLE, - CURLPX_REPLY_HOST_UNREACHABLE, - CURLPX_REPLY_CONNECTION_REFUSED, - CURLPX_REPLY_TTL_EXPIRED, - CURLPX_REPLY_COMMAND_NOT_SUPPORTED, - CURLPX_REPLY_ADDRESS_TYPE_NOT_SUPPORTED, - }; - rc = lookup[code]; - } - return rc; - } - /* Fix: in general, returned BND.ADDR is variable length parameter by RFC - 1928, so the reply packet should be read until the end to avoid errors - at subsequent protocol level. + case SOCKS_ST_SUCCESS: + return CURLPX_OK; - +----+-----+-------+------+----------+----------+ - |VER | REP | RSV | ATYP | BND.ADDR | BND.PORT | - +----+-----+-------+------+----------+----------+ - | 1 | 1 | X'00' | 1 | Variable | 2 | - +----+-----+-------+------+----------+----------+ - - ATYP: - o IP v4 address: X'01', BND.ADDR = 4 byte - o domain name: X'03', BND.ADDR = [ 1 byte length, string ] - o IP v6 address: X'04', BND.ADDR = 16 byte - */ - - /* Calculate real packet size */ - if(socksreq[3] == 3) { - /* domain name */ - int addrlen = (int) socksreq[4]; - len = 5 + addrlen + 2; - } - else if(socksreq[3] == 4) { - /* IPv6 */ - len = 4 + 16 + 2; - } - else if(socksreq[3] == 1) { - len = 4 + 4 + 2; - } - else { - failf(data, "SOCKS5 reply has wrong address type."); - return CURLPX_BAD_ADDRESS_TYPE; - } - - /* At this point we already read first 10 bytes */ -#if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI) - if(!conn->socks5_gssapi_enctype) { - /* decrypt_gssapi_blockread already read the whole packet */ -#endif - if(len > 10) { - DEBUGASSERT(len <= sizeof(sx->buffer)); - sx->outstanding = len - 10; /* get the rest */ - sx->outp = &socksreq[10]; - sxstate(sx, cf, data, CONNECT_REQ_READ_MORE); - } - else { - sxstate(sx, cf, data, CONNECT_DONE); - break; - } -#if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI) - } -#endif - FALLTHROUGH(); - case CONNECT_REQ_READ_MORE: - presult = socks_state_recv(cf, sx, data, CURLPX_RECV_ADDRESS, - "SOCKS5 connect request address"); - if(CURLPX_OK != presult) - return presult; - else if(sx->outstanding) { - /* remain in reading state */ - return CURLPX_OK; - } - sxstate(sx, cf, data, CONNECT_DONE); - } - CURL_TRC_CF(data, cf, "SOCKS5 request granted."); - - return CURLPX_OK; /* Proxy was successful! */ -} - -static CURLcode connect_SOCKS(struct Curl_cfilter *cf, - struct socks_state *sxstate, - struct Curl_easy *data) -{ - CURLcode result = CURLE_OK; - CURLproxycode pxresult = CURLPX_OK; - struct connectdata *conn = cf->conn; - - switch(conn->socks_proxy.proxytype) { - case CURLPROXY_SOCKS5: - case CURLPROXY_SOCKS5_HOSTNAME: - pxresult = do_SOCKS5(cf, sxstate, data); - break; - - case CURLPROXY_SOCKS4: - case CURLPROXY_SOCKS4A: - pxresult = do_SOCKS4(cf, sxstate, data); - break; + case SOCKS_ST_FAILED: + DEBUGASSERT(sx->presult); + return sx->presult; default: - failf(data, "unknown proxytype option given"); - result = CURLE_COULDNT_CONNECT; - } /* switch proxytype */ - if(pxresult) { - result = CURLE_PROXY; - data->info.pxcode = pxresult; + DEBUGASSERT(0); + return socks_failed(sx, cf, data, CURLPX_SEND_REQUEST); } - - return result; } static void socks_proxy_cf_free(struct Curl_cfilter *cf) { struct socks_state *sxstate = cf->ctx; if(sxstate) { + Curl_bufq_free(&sxstate->iobuf); free(sxstate); cf->ctx = NULL; } @@ -1117,6 +1225,7 @@ static CURLcode socks_proxy_cf_connect(struct Curl_cfilter *cf, struct connectdata *conn = cf->conn; int sockindex = cf->sockindex; struct socks_state *sx = cf->ctx; + CURLproxycode pxresult = CURLPX_OK; if(cf->connected) { *done = TRUE; @@ -1128,17 +1237,13 @@ static CURLcode socks_proxy_cf_connect(struct Curl_cfilter *cf, return result; if(!sx) { - sx = calloc(1, sizeof(*sx)); + cf->ctx = sx = calloc(1, sizeof(*sx)); if(!sx) return CURLE_OUT_OF_MEMORY; - cf->ctx = sx; - } - if(sx->state == CONNECT_INIT) { /* for the secondary socket (FTP), use the "connect to host" * but ignore the "connect to port" (use the secondary port) */ - sxstate(sx, cf, data, CONNECT_SOCKS_INIT); sx->hostname = conn->bits.httpproxy ? conn->http_proxy.host.name : @@ -1153,29 +1258,54 @@ static CURLcode socks_proxy_cf_connect(struct Curl_cfilter *cf, conn->remote_port; sx->proxy_user = conn->socks_proxy.user; sx->proxy_password = conn->socks_proxy.passwd; + Curl_bufq_init2(&sx->iobuf, SOCKS_CHUNK_SIZE, SOCKS_CHUNKS, + BUFQ_OPT_SOFT_LIMIT); } - result = connect_SOCKS(cf, sx, data); - if(!result && sx->state == CONNECT_DONE) { - cf->connected = TRUE; + switch(conn->socks_proxy.proxytype) { + case CURLPROXY_SOCKS5: + case CURLPROXY_SOCKS5_HOSTNAME: + pxresult = socks5_connect(cf, sx, data); + break; + + case CURLPROXY_SOCKS4: + case CURLPROXY_SOCKS4A: + pxresult = socks4_connect(cf, sx, data); + break; + + default: + failf(data, "unknown proxytype option given"); + result = CURLE_COULDNT_CONNECT; + goto out; + } + + if(pxresult) { + result = CURLE_PROXY; + data->info.pxcode = pxresult; + goto out; + } + else if(sx->state != SOCKS_ST_SUCCESS) + goto out; + #ifndef CURL_DISABLE_VERBOSE_STRINGS - if(Curl_trc_is_verbose(data)) { - struct ip_quadruple ipquad; - bool is_ipv6; - result = Curl_conn_cf_get_ip_info(cf->next, data, &is_ipv6, &ipquad); - if(result) - return result; - infof(data, "Opened %sSOCKS connection from %s port %u to %s port %u " - "(via %s port %u)", - (sockindex == SECONDARYSOCKET) ? "2nd " : "", - ipquad.local_ip, ipquad.local_port, - sx->hostname, sx->remote_port, - ipquad.remote_ip, ipquad.remote_port); - } -#endif - socks_proxy_cf_free(cf); + if(Curl_trc_is_verbose(data)) { + struct ip_quadruple ipquad; + bool is_ipv6; + result = Curl_conn_cf_get_ip_info(cf->next, data, &is_ipv6, &ipquad); + if(result) + return result; + infof(data, "Opened %sSOCKS connection from %s port %u to %s port %u " + "(via %s port %u)", + (sockindex == SECONDARYSOCKET) ? "2nd " : "", + ipquad.local_ip, ipquad.local_port, + sx->hostname, sx->remote_port, + ipquad.remote_ip, ipquad.remote_port); } +#endif + socks_proxy_cf_free(cf); + cf->connected = TRUE; +out: *done = cf->connected; return result; } @@ -1192,15 +1322,16 @@ static CURLcode socks_cf_adjust_pollset(struct Curl_cfilter *cf, * to wait on, we determine what to wait for. */ curl_socket_t sock = Curl_conn_cf_get_socket(cf, data); switch(sx->state) { - case CONNECT_RESOLVING: - case CONNECT_SOCKS_READ: - case CONNECT_AUTH_READ: - case CONNECT_REQ_READ: - case CONNECT_REQ_READ_MORE: - result = Curl_pollset_set_in_only(data, ps, sock); + case SOCKS4_ST_SEND: + case SOCKS5_ST_REQ0_SEND: + case SOCKS5_ST_AUTH_SEND: + case SOCKS5_ST_REQ1_SEND: + CURL_TRC_CF(data, cf, "adjust pollset out (%d)", sx->state); + result = Curl_pollset_set_out_only(data, ps, sock); break; default: - result = Curl_pollset_set_out_only(data, ps, sock); + CURL_TRC_CF(data, cf, "adjust pollset in (%d)", sx->state); + result = Curl_pollset_set_in_only(data, ps, sock); break; } } diff --git a/tests/libtest/lib564.c b/tests/libtest/lib564.c index 86e4f9ed06..3fc8601504 100644 --- a/tests/libtest/lib564.c +++ b/tests/libtest/lib564.c @@ -23,6 +23,7 @@ ***************************************************************************/ #include "first.h" +#include "testtrace.h" #include "memdebug.h" static CURLcode test_lib564(const char *URL) @@ -32,6 +33,9 @@ static CURLcode test_lib564(const char *URL) int running; CURLM *m = NULL; + debug_config.nohex = TRUE; + debug_config.tracetime = TRUE; + start_test_timing(); global_init(CURL_GLOBAL_ALL); @@ -39,6 +43,8 @@ static CURLcode test_lib564(const char *URL) easy_init(curl); easy_setopt(curl, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_DEBUGDATA, &debug_config); + easy_setopt(curl, CURLOPT_DEBUGFUNCTION, libtest_debug_cb); easy_setopt(curl, CURLOPT_VERBOSE, 1L); easy_setopt(curl, CURLOPT_PROXY, libtest_arg2); easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS4); From cbc30d4ed2720a18ccf86a24eb3659a9cff74a1b Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Thu, 25 Sep 2025 11:15:15 +0200 Subject: [PATCH 0173/2408] vtls: alpn setting, check proto parameter When setting the negotiated alpn protocol, either then length must be 0 or a pointer must be passed. Reported in Joshua's sarif data Closes #18717 --- lib/vtls/vtls.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c index bfec585ce2..9872e4c24d 100644 --- a/lib/vtls/vtls.c +++ b/lib/vtls/vtls.c @@ -1993,6 +1993,11 @@ CURLcode Curl_alpn_set_negotiated(struct Curl_cfilter *cf, result = CURLE_SSL_CONNECT_ERROR; goto out; } + else if(!proto) { + DEBUGASSERT(0); /* with length, we need a pointer */ + result = CURLE_SSL_CONNECT_ERROR; + goto out; + } else if((strlen(connssl->negotiated.alpn) != proto_len) || memcmp(connssl->negotiated.alpn, proto, proto_len)) { failf(data, "ALPN: asked for '%s' from previous session, but server " From 9e8b05fb995ed36dee08e19953faa2ab48d9304b Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Thu, 25 Sep 2025 11:25:17 +0200 Subject: [PATCH 0174/2408] wolfssl: check BIO read parameters Check parameters passed more thoroughly and assure that current 'data' also exists. Reported in Joshua's sarif data Closes #18718 --- lib/vtls/wolfssl.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c index 693cbdc92e..0cf6e0e4a5 100644 --- a/lib/vtls/wolfssl.c +++ b/lib/vtls/wolfssl.c @@ -362,8 +362,11 @@ static int wssl_bio_cf_in_read(WOLFSSL_BIO *bio, char *buf, int blen) CURLcode result = CURLE_OK; DEBUGASSERT(data); - /* OpenSSL catches this case, so should we. */ - if(!buf) + if(!data || (blen < 0)) { + wssl->io_result = CURLE_FAILED_INIT; + return -1; + } + if(!buf || !blen) return 0; if((connssl->connecting_state == ssl_connect_2) && From b0f65932191df13148032fed307c15557723da48 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Thu, 25 Sep 2025 11:49:45 +0200 Subject: [PATCH 0175/2408] openssl-quic: check results better Fail on errors from SSL_handle_events(). Force quit Caddy test instance that is left hanging longer with openssl-quic tests for unknown reasons. Reported in Joshua's sarif data Closes #18720 --- lib/vquic/curl_osslq.c | 6 +++++- tests/http/testenv/caddy.py | 5 ++++- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c index 5e9b072736..b4cc052ec2 100644 --- a/lib/vquic/curl_osslq.c +++ b/lib/vquic/curl_osslq.c @@ -1421,12 +1421,16 @@ static CURLcode cf_progress_ingress(struct Curl_cfilter *cf, if(!snew) break; - (void)cf_osslq_h3conn_add_stream(&ctx->h3, snew, cf, data); + result = cf_osslq_h3conn_add_stream(&ctx->h3, snew, cf, data); + if(result) + goto out; } if(!SSL_handle_events(ctx->tls.ossl.ssl)) { int detail = SSL_get_error(ctx->tls.ossl.ssl, 0); result = cf_osslq_ssl_err(cf, data, detail, CURLE_RECV_ERROR); + if(result) + goto out; } if(ctx->h3.conn) { diff --git a/tests/http/testenv/caddy.py b/tests/http/testenv/caddy.py index ad56ce13c8..d7f6a0d729 100644 --- a/tests/http/testenv/caddy.py +++ b/tests/http/testenv/caddy.py @@ -117,7 +117,10 @@ class Caddy: self._mkpath(self._tmp_dir) if self._process: self._process.terminate() - self._process.wait(timeout=2) + try: + self._process.wait(timeout=1) + except Exception: + self._process.kill() self._process = None return not wait_dead or self.wait_dead(timeout=timedelta(seconds=5)) return True From 5f4f70e06d688e34a6079a81db1794d76c465fdb Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Thu, 25 Sep 2025 12:07:25 +0200 Subject: [PATCH 0176/2408] ngtcp2: fix early return On a failed tls handshake, the receive function returned without restoring the current data. Reported in Joshua's sarif data Closes #18723 --- lib/vquic/curl_ngtcp2.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index 0e05694992..4998400d96 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -1303,8 +1303,10 @@ static CURLcode cf_ngtcp2_recv(struct Curl_cfilter *cf, struct Curl_easy *data, *pnread = 0; /* handshake verification failed in callback, do not recv anything */ - if(ctx->tls_vrfy_result) - return ctx->tls_vrfy_result; + if(ctx->tls_vrfy_result) { + result = ctx->tls_vrfy_result; + goto out; + } pktx_init(&pktx, cf, data); From 887b863b00b9893c20eb9e1f3987ceaeade1f774 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Thu, 25 Sep 2025 12:11:15 +0200 Subject: [PATCH 0177/2408] openssl: clear retry flag on x509 error When loading the trust anchors and encountering an error, clear a possibly set retry flag. Reported in Joshua's sarif data Closes #18724 --- lib/vtls/openssl.c | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 4d37f5e77f..1048bf5751 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -741,6 +741,7 @@ static int ossl_bio_cf_in_read(BIO *bio, char *buf, int blen) if(!octx->x509_store_setup) { r2 = Curl_ssl_setup_x509_store(cf, data, octx->ssl_ctx); if(r2) { + BIO_clear_retry_flags(bio); octx->io_result = r2; return -1; } From ee2dd2d6cb9b50dbf7ffd3ada106ba5c09229fa5 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Thu, 25 Sep 2025 12:38:02 +0200 Subject: [PATCH 0178/2408] openssl-quic: handle error in SSL_get_stream_read_error_code The return code of SSL_get_stream_read_error_code() was not checked in one location, but others. Make that consistent. Reported in Joshua's sarif data Closes #18725 --- lib/vquic/curl_osslq.c | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c index b4cc052ec2..e6278ad961 100644 --- a/lib/vquic/curl_osslq.c +++ b/lib/vquic/curl_osslq.c @@ -1264,12 +1264,16 @@ static CURLcode h3_quic_recv(void *reader_ctx, else if(SSL_get_stream_read_state(x->s->ssl) == SSL_STREAM_STATE_RESET_REMOTE) { uint64_t app_error_code = NGHTTP3_H3_NO_ERROR; - SSL_get_stream_read_error_code(x->s->ssl, &app_error_code); - CURL_TRC_CF(x->data, x->cf, "[%" FMT_PRId64 "] h3_quic_recv -> RESET, " - "rv=%d, app_err=%" FMT_PRIu64, - x->s->id, rv, (curl_uint64_t)app_error_code); - if(app_error_code != NGHTTP3_H3_NO_ERROR) { + if(!SSL_get_stream_read_error_code(x->s->ssl, &app_error_code)) { x->s->reset = TRUE; + return CURLE_RECV_ERROR; + } + else { + CURL_TRC_CF(x->data, x->cf, "[%" FMT_PRId64 "] h3_quic_recv -> RESET, " + "rv=%d, app_err=%" FMT_PRIu64, + x->s->id, rv, (curl_uint64_t)app_error_code); + if(app_error_code != NGHTTP3_H3_NO_ERROR) + x->s->reset = TRUE; } x->s->recvd_eos = TRUE; return CURLE_OK; From 36eb26381c1c46098a7c0e4b8a12e7102001c721 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Thu, 25 Sep 2025 12:46:09 +0200 Subject: [PATCH 0179/2408] quiche: fix verbose message when ip quadruple cannot be obtained. Reported in Joshua's sarif data Closes #18726 --- lib/vquic/curl_quiche.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c index 523f04e33b..e096c63fe9 100644 --- a/lib/vquic/curl_quiche.c +++ b/lib/vquic/curl_quiche.c @@ -1432,9 +1432,11 @@ out: if(result && result != CURLE_AGAIN) { struct ip_quadruple ip; - Curl_cf_socket_peek(cf->next, data, NULL, NULL, &ip); - infof(data, "connect to %s port %u failed: %s", - ip.remote_ip, ip.remote_port, curl_easy_strerror(result)); + if(!Curl_cf_socket_peek(cf->next, data, NULL, NULL, &ip)) + infof(data, "connect to %s port %u failed: %s", + ip.remote_ip, ip.remote_port, curl_easy_strerror(result)); + else + infof(data, "connect failed: %s", curl_easy_strerror(result)); } #endif return result; From e02cbe94ff92310b2bb4ba3ad622063b0d34ce0a Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Thu, 25 Sep 2025 12:53:37 +0200 Subject: [PATCH 0180/2408] mbedtls: check result of setting ALPN The result of setting the negotiated ALPN was not checked, leading to reporting success when it should not have. Reported in Joshua's sarif data Closes #18727 --- lib/vtls/mbedtls.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c index 0a62da2b58..aa7e8d67ef 100644 --- a/lib/vtls/mbedtls.c +++ b/lib/vtls/mbedtls.c @@ -918,6 +918,7 @@ mbed_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data) static CURLcode mbed_connect_step2(struct Curl_cfilter *cf, struct Curl_easy *data) { + CURLcode result; int ret; struct ssl_connect_data *connssl = cf->ctx; struct mbed_ssl_backend_data *backend = @@ -968,7 +969,6 @@ mbed_connect_step2(struct Curl_cfilter *cf, struct Curl_easy *data) if(pinnedpubkey) { int size; - CURLcode result; const mbedtls_x509_crt *peercert; mbedtls_x509_crt *p = NULL; unsigned char *pubkey = NULL; @@ -1018,17 +1018,19 @@ pinnedpubkey_error: mbedtls_x509_crt_free(p); free(p); free(pubkey); - if(result) { + if(result) return result; - } } #ifdef HAS_ALPN_MBEDTLS if(connssl->alpn) { const char *proto = mbedtls_ssl_get_alpn_protocol(&backend->ssl); - Curl_alpn_set_negotiated(cf, data, connssl, (const unsigned char *)proto, - proto ? strlen(proto) : 0); + result = Curl_alpn_set_negotiated(cf, data, connssl, + (const unsigned char *)proto, + proto ? strlen(proto) : 0); + if(result) + return result; } #endif From 15b4b9618879318ffcd7d8b95f9b2692b14c8e8b Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Thu, 25 Sep 2025 12:59:36 +0200 Subject: [PATCH 0181/2408] rustls: fix comment describing cr_recv() The comments on `cf_recv()` function were outdated and described calling conventions that no longer are true. Reported in Joshua's sarif data Closes #18728 --- lib/vtls/rustls.c | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c index e081c4651a..a6d8a4652d 100644 --- a/lib/vtls/rustls.c +++ b/lib/vtls/rustls.c @@ -188,16 +188,8 @@ static ssize_t tls_recv_more(struct Curl_cfilter *cf, } /* - * On each run: - * - Read a chunk of bytes from the socket into Rustls' TLS input buffer. - * - Tell Rustls to process any new packets. - * - Read out as many plaintext bytes from Rustls as possible, until hitting - * error, EOF, or EAGAIN/EWOULDBLOCK, or plainbuf/plainlen is filled up. - * - * it is okay to call this function with plainbuf == NULL and plainlen == 0. In - * that case, it will copy bytes from the socket into Rustls' TLS input - * buffer, and process packets, but will not consume bytes from Rustls' - * plaintext output buffer. + * Filter receive method implementation. `plainbuf` and `plainlen` + * are always not NULL/0. */ static CURLcode cr_recv(struct Curl_cfilter *cf, struct Curl_easy *data, From dec661c81cb0bc55e089b67112ab995eeba350eb Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Thu, 25 Sep 2025 13:11:58 +0200 Subject: [PATCH 0182/2408] wolfssl: fix error check in shutdown When trying to send the TLS shutdown, use the return code to check for the cause. Reported in Joshua's sarif data Closes #18729 --- lib/vtls/wolfssl.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c index 0cf6e0e4a5..ed02435676 100644 --- a/lib/vtls/wolfssl.c +++ b/lib/vtls/wolfssl.c @@ -1921,7 +1921,8 @@ static CURLcode wssl_shutdown(struct Curl_cfilter *cf, * was not complete, we are lacking the close notify from the server. */ if(send_shutdown) { wolfSSL_ERR_clear_error(); - if(wolfSSL_shutdown(wctx->ssl) == 1) { + nread = wolfSSL_shutdown(wctx->ssl); + if(nread == 1) { CURL_TRC_CF(data, cf, "SSL shutdown finished"); *done = TRUE; goto out; From 771dd9d9e7cda15be4d99a4c50a04b4d6c46b765 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Thu, 25 Sep 2025 13:17:48 +0200 Subject: [PATCH 0183/2408] quiche: when ingress processing fails, return that error code Instead of a general CURLE_RECV_ERROR. Reported in Joshua's sarif data Closes #18730 --- lib/vquic/curl_quiche.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c index e096c63fe9..5fb67f69f4 100644 --- a/lib/vquic/curl_quiche.c +++ b/lib/vquic/curl_quiche.c @@ -865,9 +865,9 @@ static CURLcode cf_quiche_recv(struct Curl_cfilter *cf, struct Curl_easy *data, goto out; } - if(cf_process_ingress(cf, data)) { + result = cf_process_ingress(cf, data); + if(result) { CURL_TRC_CF(data, cf, "cf_recv, error on ingress"); - result = CURLE_RECV_ERROR; goto out; } From 221b7dda3837940532b03fbc5f7c54d8a6edd266 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Thu, 25 Sep 2025 13:25:29 +0200 Subject: [PATCH 0184/2408] transfer: avoid busy loop with tiny speed limit When a transfer has a speed limit less than 4, the receive loop early exits without receiving anything, causing a busy loop for that transfer. Perform that check only after the first receive has been done. Reported in Joshua's sarif data Closes #18732 --- lib/transfer.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/transfer.c b/lib/transfer.c index 1297a3e82d..62528d2275 100644 --- a/lib/transfer.c +++ b/lib/transfer.c @@ -283,7 +283,7 @@ static CURLcode sendrecv_dl(struct Curl_easy *data, * a quarter of the quota, break out. We want to stutter a bit * to keep in the limit, but too small receives will just cost * cpu unnecessarily. */ - if(total_received >= (data->set.max_recv_speed / 4)) + if(total_received && (total_received >= (data->set.max_recv_speed / 4))) break; if(data->set.max_recv_speed < (curl_off_t)bytestoread) bytestoread = (size_t)data->set.max_recv_speed; From 442943fb8e9a0e7bd9ae0e5976e4e52792af9739 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Thu, 25 Sep 2025 13:31:17 +0200 Subject: [PATCH 0185/2408] openssl: set io_need always When OpenSSL reports SSL_ERROR_WANT_READ, set the io_need explicitly. It should have already been set by the BIO, but be safe. Reported in Joshua's sarif data Closes #18733 --- lib/vtls/openssl.c | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 1048bf5751..d07c1bf773 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -5369,6 +5369,7 @@ static CURLcode ossl_recv(struct Curl_cfilter *cf, connclose(conn, "TLS close_notify"); break; case SSL_ERROR_WANT_READ: + connssl->io_need = CURL_SSL_IO_NEED_RECV; result = CURLE_AGAIN; goto out; case SSL_ERROR_WANT_WRITE: From e08211b1ca35b9d6fbc5e4a898af0738516ad1ec Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 25 Sep 2025 13:14:36 +0200 Subject: [PATCH 0186/2408] GHA: bump pip `cryptography`, relax `impacket` version requirement Bump `cryptography` to a newer version that fixes two known OpenSSL vulnerabilities reported by Dependabot. To make it work, also allow `impacket` 0.11.0, because it allows any pyOpenSSL version, while 0.12.0 pinned it to a single version that happens to be incompatible with the bugfixed `cryptography` version. Also: drop spaces from `requirements.txt` files. Bots don't add them, though they seem to be preferred in the official documentation: https://pip.pypa.io/en/stable/reference/requirements-file-format/ https://github.com/fortra/impacket/blob/impacket_0_11_0/requirements.txt https://github.com/fortra/impacket/blob/impacket_0_12_0/requirements.txt Follow-up to 7d5f8be532c19ec73063aaa4f27057047bdae5ac #18708 Closes #18731 --- .github/scripts/requirements.txt | 10 +++++----- tests/http/requirements.txt | 12 ++++++------ tests/requirements.txt | 2 +- 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/scripts/requirements.txt b/.github/scripts/requirements.txt index 5e876b0cb2..ac858451d5 100644 --- a/.github/scripts/requirements.txt +++ b/.github/scripts/requirements.txt @@ -2,8 +2,8 @@ # # SPDX-License-Identifier: curl -cmakelang == 0.6.13 -codespell == 2.4.1 -pytype == 2024.10.11 -reuse == 5.1.1 -ruff == 0.13.1 +cmakelang==0.6.13 +codespell==2.4.1 +pytype==2024.10.11 +reuse==5.1.1 +ruff==0.13.1 diff --git a/tests/http/requirements.txt b/tests/http/requirements.txt index 8dddcd1e1c..6a98723ac2 100644 --- a/tests/http/requirements.txt +++ b/tests/http/requirements.txt @@ -2,9 +2,9 @@ # # SPDX-License-Identifier: curl -cryptography == 42.0.8 -filelock == 3.19.1 -psutil == 7.1.0 -pytest == 8.4.2 -pytest-xdist == 3.8.0 -websockets == 15.0.1 +cryptography==44.0.1 +filelock==3.19.1 +psutil==7.1.0 +pytest==8.4.2 +pytest-xdist==3.8.0 +websockets==15.0.1 diff --git a/tests/requirements.txt b/tests/requirements.txt index dab4784c5f..501c1fc693 100644 --- a/tests/requirements.txt +++ b/tests/requirements.txt @@ -2,4 +2,4 @@ # # SPDX-License-Identifier: curl -impacket == 0.12.0 +impacket>=0.11.0,<=0.12.0 From 882293cc81c0c384c30288c24111e45e6de4cd39 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 25 Sep 2025 13:40:54 +0200 Subject: [PATCH 0187/2408] KNOWN_BUGS: telnet code does not handle partial writes properly Reported in Joshua's sarif data Closes #18735 --- docs/KNOWN_BUGS | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/docs/KNOWN_BUGS b/docs/KNOWN_BUGS index 3785d73aa4..5b7df42bda 100644 --- a/docs/KNOWN_BUGS +++ b/docs/KNOWN_BUGS @@ -86,6 +86,7 @@ problems may have been fixed or changed somewhat since this was written. 12.4 LDAPS requests to ActiveDirectory server hang 13. TCP/IP + 13.1 telnet code does not handle partial writes properly 13.2 Trying local ports fails on Windows 15. CMake @@ -547,6 +548,11 @@ problems may have been fixed or changed somewhat since this was written. 13. TCP/IP +13.1 telnet code does not handle partial writes properly + + It probably does not happen too easily because of how slow and infrequent + sends are normally performed. + 13.2 Trying local ports fails on Windows This makes '--local-port [range]' to not work since curl cannot properly From 5b8c80684b5b39c4d4fde2a7c4f2e3247c391fac Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 25 Sep 2025 14:34:46 +0200 Subject: [PATCH 0188/2408] GHA/checksrc: drop no longer used `DEBIAN_FRONTEND` env Follow-up to 7d5f8be532c19ec73063aaa4f27057047bdae5ac #18708 Cherry-picked from #18736 --- .github/workflows/checksrc.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/checksrc.yml b/.github/workflows/checksrc.yml index 59fc930fa7..0e7d4ed326 100644 --- a/.github/workflows/checksrc.yml +++ b/.github/workflows/checksrc.yml @@ -52,8 +52,6 @@ jobs: persist-credentials: false - name: 'install' - env: - DEBIAN_FRONTEND: noninteractive run: | python3 -m venv ~/venv ~/venv/bin/pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary \ From edbf610c6a55ee9776f85352f9ad182cd52559b0 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 25 Sep 2025 14:38:48 +0200 Subject: [PATCH 0189/2408] GHA: set `HOMEBREW_NO_AUTO_UPDATE=1` for Linuxbrew In an attempt to make `brew install` commands initialize faster. Often this command started with 20-50 seconds of delay before this patch. This is an attempt to make it launch faster. Cherry-picked from #18736 --- .github/workflows/checksrc.yml | 4 ++-- .github/workflows/codeql.yml | 2 +- .github/workflows/linux.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/checksrc.yml b/.github/workflows/checksrc.yml index 0e7d4ed326..b101a822c5 100644 --- a/.github/workflows/checksrc.yml +++ b/.github/workflows/checksrc.yml @@ -72,7 +72,7 @@ jobs: - name: 'typos' run: | - /home/linuxbrew/.linuxbrew/bin/brew install typos-cli + HOMEBREW_NO_AUTO_UPDATE=1 /home/linuxbrew/.linuxbrew/bin/brew install typos-cli eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)" typos --version .github/scripts/typos.sh @@ -118,7 +118,7 @@ jobs: timeout-minutes: 5 steps: - name: 'install prereqs' - run: /home/linuxbrew/.linuxbrew/bin/brew install shellcheck zizmor + run: HOMEBREW_NO_AUTO_UPDATE=1 /home/linuxbrew/.linuxbrew/bin/brew install shellcheck zizmor - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 with: diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 8cc7e9f48c..f271d26b14 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -77,7 +77,7 @@ jobs: sudo rm -f /var/lib/man-db/auto-update sudo apt-get -o Dpkg::Use-Pty=0 install libpsl-dev libbrotli-dev libidn2-dev libssh2-1-dev libssh-dev \ libnghttp2-dev libldap-dev heimdal-dev librtmp-dev libgnutls28-dev libwolfssl-dev - /home/linuxbrew/.linuxbrew/bin/brew install c-ares gsasl libnghttp3 libngtcp2 mbedtls rustls-ffi + HOMEBREW_NO_AUTO_UPDATE=1 /home/linuxbrew/.linuxbrew/bin/brew install c-ares gsasl libnghttp3 libngtcp2 mbedtls rustls-ffi - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 with: diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 556ff8df1e..2724901324 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -322,7 +322,7 @@ jobs: ${INSTALL_PACKAGES} \ ${MATRIX_INSTALL_PACKAGES} if [ -n "${INSTALL_PACKAGES_BREW}" ]; then - /home/linuxbrew/.linuxbrew/bin/brew install ${INSTALL_PACKAGES_BREW} + HOMEBREW_NO_AUTO_UPDATE=1 /home/linuxbrew/.linuxbrew/bin/brew install ${INSTALL_PACKAGES_BREW} fi - name: 'install prereqs' From bebc8df0f733468377fbb5cc2a68dbb1239a4b73 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 25 Sep 2025 14:52:38 +0200 Subject: [PATCH 0190/2408] schannel_verify: use more human friendly error messages Closes #18737 --- lib/vtls/schannel_verify.c | 23 ++++++++++------------- 1 file changed, 10 insertions(+), 13 deletions(-) diff --git a/lib/vtls/schannel_verify.c b/lib/vtls/schannel_verify.c index b19e1757d4..f73d758ba1 100644 --- a/lib/vtls/schannel_verify.c +++ b/lib/vtls/schannel_verify.c @@ -889,7 +889,7 @@ CURLcode Curl_verify_certificate(struct Curl_cfilter *cf, NULL, &pChainContext)) { char buffer[WINAPI_ERROR_LEN]; - failf(data, "schannel: CertGetCertificateChain failed: %s", + failf(data, "schannel: failed to get the certificate chain: %s", curlx_winapi_strerror(GetLastError(), buffer, sizeof(buffer))); pChainContext = NULL; result = CURLE_PEER_FAILED_VERIFICATION; @@ -910,23 +910,20 @@ CURLcode Curl_verify_certificate(struct Curl_cfilter *cf, if(dwTrustErrorMask) { if(dwTrustErrorMask & CERT_TRUST_IS_REVOKED) - failf(data, "schannel: CertGetCertificateChain trust error" - " CERT_TRUST_IS_REVOKED"); + failf(data, "schannel: trust for this certificate or one of " + "the certificates in the certificate chain has been revoked"); else if(dwTrustErrorMask & CERT_TRUST_IS_PARTIAL_CHAIN) - failf(data, "schannel: CertGetCertificateChain trust error" - " CERT_TRUST_IS_PARTIAL_CHAIN"); + failf(data, "schannel: the certificate chain is incomplete"); else if(dwTrustErrorMask & CERT_TRUST_IS_UNTRUSTED_ROOT) - failf(data, "schannel: CertGetCertificateChain trust error" - " CERT_TRUST_IS_UNTRUSTED_ROOT"); + failf(data, "schannel: the certificate or certificate chain is " + "based on an untrusted root"); else if(dwTrustErrorMask & CERT_TRUST_IS_NOT_TIME_VALID) - failf(data, "schannel: CertGetCertificateChain trust error" - " CERT_TRUST_IS_NOT_TIME_VALID"); + failf(data, "schannel: this certificate or one of the certificates " + "in the certificate chain is not time valid"); else if(dwTrustErrorMask & CERT_TRUST_REVOCATION_STATUS_UNKNOWN) - failf(data, "schannel: CertGetCertificateChain trust error" - " CERT_TRUST_REVOCATION_STATUS_UNKNOWN"); + failf(data, "schannel: the revocation status is unknown"); else - failf(data, "schannel: CertGetCertificateChain error mask: 0x%08lx", - dwTrustErrorMask); + failf(data, "schannel: error 0x%08lx", dwTrustErrorMask); result = CURLE_PEER_FAILED_VERIFICATION; } } From 9f75603d4fefacceed2e368638a1f7f12194d3ed Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 25 Sep 2025 16:19:56 +0200 Subject: [PATCH 0191/2408] tftp: only check address if it was stored If recvfrom() fails, it might not have stored an address. Follow-up to c4f9977c66bbb05a837a7eb03004dd79c3cc9b44 Pointed out by CodeSonar Closes #18738 --- lib/tftp.c | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/lib/tftp.c b/lib/tftp.c index 736b14b673..ad2c84e660 100644 --- a/lib/tftp.c +++ b/lib/tftp.c @@ -1106,19 +1106,21 @@ static CURLcode tftp_receive_packet(struct Curl_easy *data, 0, (struct sockaddr *)&remote_addr, &fromlen); - if(state->remote_pinned) { - /* pinned, verify that it comes from the same address */ - if((state->remote_addrlen != fromlen) || - memcmp(&remote_addr, &state->remote_addr, fromlen)) { - failf(data, "Data received from another address"); - return CURLE_RECV_ERROR; + if(fromlen) { + if(state->remote_pinned) { + /* pinned, verify that it comes from the same address */ + if((state->remote_addrlen != fromlen) || + memcmp(&remote_addr, &state->remote_addr, fromlen)) { + failf(data, "Data received from another address"); + return CURLE_RECV_ERROR; + } + } + else { + /* pin address on first use */ + state->remote_pinned = TRUE; + state->remote_addrlen = fromlen; + memcpy(&state->remote_addr, &remote_addr, fromlen); } - } - else { - /* pin address on first use */ - state->remote_pinned = TRUE; - state->remote_addrlen = fromlen; - memcpy(&state->remote_addr, &remote_addr, fromlen); } /* Sanity check packet length */ From f5bae285f321063a3d48774915bb38187b4511ac Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Thu, 25 Sep 2025 12:00:57 +0200 Subject: [PATCH 0192/2408] socks: handle error in verbose trace gracefully Adjust the flow to always succeed in verbose trace of connect. Reported in Joshua's sarif data Closes #18722 --- lib/socks.c | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/lib/socks.c b/lib/socks.c index 6927e32c3e..da974ad6d8 100644 --- a/lib/socks.c +++ b/lib/socks.c @@ -1291,15 +1291,16 @@ static CURLcode socks_proxy_cf_connect(struct Curl_cfilter *cf, if(Curl_trc_is_verbose(data)) { struct ip_quadruple ipquad; bool is_ipv6; - result = Curl_conn_cf_get_ip_info(cf->next, data, &is_ipv6, &ipquad); - if(result) - return result; - infof(data, "Opened %sSOCKS connection from %s port %u to %s port %u " - "(via %s port %u)", - (sockindex == SECONDARYSOCKET) ? "2nd " : "", - ipquad.local_ip, ipquad.local_port, - sx->hostname, sx->remote_port, - ipquad.remote_ip, ipquad.remote_port); + if(!Curl_conn_cf_get_ip_info(cf->next, data, &is_ipv6, &ipquad)) + infof(data, "Opened %sSOCKS connection from %s port %u to %s port %u " + "(via %s port %u)", + (sockindex == SECONDARYSOCKET) ? "2nd " : "", + ipquad.local_ip, ipquad.local_port, + sx->hostname, sx->remote_port, + ipquad.remote_ip, ipquad.remote_port); + else + infof(data, "Opened %sSOCKS connection", + (sockindex == SECONDARYSOCKET) ? "2nd " : ""); } #endif socks_proxy_cf_free(cf); From e48c1ea415d5076082bd2349d066c0df16dc9993 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 25 Sep 2025 14:50:15 +0200 Subject: [PATCH 0193/2408] GHA: use `pyspelling` directly To avoid depending on Docker Hub, an Docker image and a GitHub Action. Also to simplify running this check on a local machine. Pending question if Dependabot and Mend/Renovate will automatically pick up `requirements-docs.txt`. Also: - enable parallel spellchecking. (also to win back the time lost with installing components directly from Debian and pip.) - pin `pyspelling`. - link to official `pyspelling` docs. Closes #18736 --- .github/scripts/requirements-docs.txt | 5 +++++ .github/scripts/spellcheck.yaml | 1 + .github/workflows/checkdocs.yml | 21 +++++++++++++++------ 3 files changed, 21 insertions(+), 6 deletions(-) create mode 100644 .github/scripts/requirements-docs.txt diff --git a/.github/scripts/requirements-docs.txt b/.github/scripts/requirements-docs.txt new file mode 100644 index 0000000000..bd50e5010e --- /dev/null +++ b/.github/scripts/requirements-docs.txt @@ -0,0 +1,5 @@ +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl + +pyspelling==2.11 diff --git a/.github/scripts/spellcheck.yaml b/.github/scripts/spellcheck.yaml index 05ddf0d937..8e26b76189 100644 --- a/.github/scripts/spellcheck.yaml +++ b/.github/scripts/spellcheck.yaml @@ -2,6 +2,7 @@ # # SPDX-License-Identifier: curl # +# Docs: https://facelessuser.github.io/pyspelling/configuration/ # Docs: https://github.com/UnicornGlobal/spellcheck-github-actions matrix: - name: Markdown diff --git a/.github/workflows/checkdocs.yml b/.github/workflows/checkdocs.yml index f236ebc850..a34a341a63 100644 --- a/.github/workflows/checkdocs.yml +++ b/.github/workflows/checkdocs.yml @@ -113,13 +113,22 @@ jobs: # shellcheck disable=SC2046 .github/scripts/cleancmd.pl $(find docs -name '*.md') - - name: 'setup the custom wordlist' - run: grep -v '^#' .github/scripts/spellcheck.words > wordlist.txt + - name: 'install' + run: | + sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list + sudo apt-get -o Dpkg::Use-Pty=0 update + sudo rm -f /var/lib/man-db/auto-update + sudo apt-get -o Dpkg::Use-Pty=0 install aspell aspell-en + python3 -m venv ~/venv + ~/venv/bin/pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary -r .github/scripts/requirements-docs.txt - - name: 'check Spelling' - uses: rojopolis/spellcheck-github-actions@739a1e3ceb79a98a5d4a9bf76f351137f9d78892 # v0 - with: - config_path: .github/scripts/spellcheck.yaml + - name: 'check spelling' + run: | + source ~/venv/bin/activate + grep -v '^#' .github/scripts/spellcheck.words > wordlist.txt + aspell --version + pyspelling --version + pyspelling --verbose --jobs 5 --config .github/scripts/spellcheck.yaml badwords-synopsis: name: 'badwords, synopsis' From 9595921b06c911af278a645be1d298cb83e32df0 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 25 Sep 2025 16:32:18 +0200 Subject: [PATCH 0194/2408] libssh: clarify myssh_block2waitfor Fixed misleading comment. Simplified the bit setup. Reported in Joshua's sarif data Closes #18739 --- lib/vssh/libssh.c | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c index 576ac3b0c0..e1e660b4b3 100644 --- a/lib/vssh/libssh.c +++ b/lib/vssh/libssh.c @@ -2392,19 +2392,16 @@ static void myssh_block2waitfor(struct connectdata *conn, struct ssh_conn *sshc, bool block) { - /* If it did not block, or nothing was returned by ssh_get_poll_flags - * have the original set */ - conn->waitfor = sshc->orig_waitfor; - if(block) { int dir = ssh_get_poll_flags(sshc->ssh_session); - conn->waitfor = 0; /* translate the libssh define bits into our own bit defines */ - if(dir & SSH_READ_PENDING) - conn->waitfor |= KEEP_RECV; - if(dir & SSH_WRITE_PENDING) - conn->waitfor |= KEEP_SEND; + conn->waitfor = + ((dir & SSH_READ_PENDING) ? KEEP_RECV : 0) | + ((dir & SSH_WRITE_PENDING) ? KEEP_SEND : 0); } + else + /* if it did not block, use the original set */ + conn->waitfor = sshc->orig_waitfor; } /* called repeatedly until done from multi.c */ From b8f10be4f205665552a2dfd276889896e0c3116b Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 25 Sep 2025 16:38:49 +0200 Subject: [PATCH 0195/2408] libssh: acknowledge SSH_AGAIN in the SFTP state machine Reported in Joshua's sarif data Closes #18740 --- lib/vssh/libssh.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c index e1e660b4b3..0f51137e8c 100644 --- a/lib/vssh/libssh.c +++ b/lib/vssh/libssh.c @@ -1959,6 +1959,8 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data, case SSH_SFTP_QUOTE_SETSTAT: rc = sftp_setstat(sshc->sftp_session, sshc->quote_path2, sshc->quote_attrs); + if(rc == SSH_AGAIN) + break; if(rc && !sshc->acceptfail) { Curl_safefree(sshc->quote_path1); Curl_safefree(sshc->quote_path2); @@ -1978,6 +1980,8 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data, case SSH_SFTP_QUOTE_SYMLINK: rc = sftp_symlink(sshc->sftp_session, sshc->quote_path2, sshc->quote_path1); + if(rc == SSH_AGAIN) + break; if(rc && !sshc->acceptfail) { Curl_safefree(sshc->quote_path1); Curl_safefree(sshc->quote_path2); @@ -1994,6 +1998,8 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data, case SSH_SFTP_QUOTE_MKDIR: rc = sftp_mkdir(sshc->sftp_session, sshc->quote_path1, (mode_t)data->set.new_directory_perms); + if(rc == SSH_AGAIN) + break; if(rc && !sshc->acceptfail) { Curl_safefree(sshc->quote_path1); failf(data, "mkdir command failed: %s", @@ -2009,6 +2015,8 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data, case SSH_SFTP_QUOTE_RENAME: rc = sftp_rename(sshc->sftp_session, sshc->quote_path1, sshc->quote_path2); + if(rc == SSH_AGAIN) + break; if(rc && !sshc->acceptfail) { Curl_safefree(sshc->quote_path1); Curl_safefree(sshc->quote_path2); @@ -2024,6 +2032,8 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data, case SSH_SFTP_QUOTE_RMDIR: rc = sftp_rmdir(sshc->sftp_session, sshc->quote_path1); + if(rc == SSH_AGAIN) + break; if(rc && !sshc->acceptfail) { Curl_safefree(sshc->quote_path1); failf(data, "rmdir command failed: %s", @@ -2038,6 +2048,8 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data, case SSH_SFTP_QUOTE_UNLINK: rc = sftp_unlink(sshc->sftp_session, sshc->quote_path1); + if(rc == SSH_AGAIN) + break; if(rc && !sshc->acceptfail) { Curl_safefree(sshc->quote_path1); failf(data, "rm command failed: %s", From e27853d36b964e91baaa03d4a87802a2c4ba6eca Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 25 Sep 2025 15:03:08 +0000 Subject: [PATCH 0196/2408] GHA: update dependency ruff and github/codeql-action - update github/codeql-action digest to 303c0ae - update dependency ruff to v0.13.2 Closes #18716 Closes #18734 --- .github/scripts/requirements.txt | 2 +- .github/workflows/codeql.yml | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/scripts/requirements.txt b/.github/scripts/requirements.txt index ac858451d5..7cb10c47f8 100644 --- a/.github/scripts/requirements.txt +++ b/.github/scripts/requirements.txt @@ -6,4 +6,4 @@ cmakelang==0.6.13 codespell==2.4.1 pytype==2024.10.11 reuse==5.1.1 -ruff==0.13.1 +ruff==0.13.2 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index f271d26b14..53505673a4 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -48,13 +48,13 @@ jobs: persist-credentials: false - name: 'initialize' - uses: github/codeql-action/init@192325c86100d080feab897ff886c34abd4c83a3 # v3 + uses: github/codeql-action/init@303c0aef88fc2fe5ff6d63d3b1596bfd83dfa1f9 # v3 with: languages: actions, python queries: security-extended - name: 'perform analysis' - uses: github/codeql-action/analyze@192325c86100d080feab897ff886c34abd4c83a3 # v3 + uses: github/codeql-action/analyze@303c0aef88fc2fe5ff6d63d3b1596bfd83dfa1f9 # v3 c: name: 'C' @@ -84,7 +84,7 @@ jobs: persist-credentials: false - name: 'initialize' - uses: github/codeql-action/init@192325c86100d080feab897ff886c34abd4c83a3 # v3 + uses: github/codeql-action/init@303c0aef88fc2fe5ff6d63d3b1596bfd83dfa1f9 # v3 with: languages: cpp build-mode: manual @@ -129,4 +129,4 @@ jobs: fi - name: 'perform analysis' - uses: github/codeql-action/analyze@192325c86100d080feab897ff886c34abd4c83a3 # v3 + uses: github/codeql-action/analyze@303c0aef88fc2fe5ff6d63d3b1596bfd83dfa1f9 # v3 From 16e0a2098d91c87ab77ce568acdeda724baf753a Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 20 Sep 2025 22:32:23 +0200 Subject: [PATCH 0197/2408] openssl: fail the transfer if ossl_certchain() fails Since it would indicate errors to the degree that continuing would just risk hiding the earlier errors or make things weird. Inspired by a report in Joshua's sarif data Closes #18646 --- lib/vtls/openssl.c | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index d07c1bf773..37cdd55747 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -355,9 +355,8 @@ static CURLcode ossl_certchain(struct Curl_easy *data, SSL *ssl) DEBUGASSERT(ssl); sk = SSL_get_peer_cert_chain(ssl); - if(!sk) { - return CURLE_OUT_OF_MEMORY; - } + if(!sk) + return CURLE_SSL_CONNECT_ERROR; numcerts = sk_X509_num(sk); @@ -4856,9 +4855,15 @@ CURLcode Curl_ossl_check_peer_cert(struct Curl_cfilter *cf, return CURLE_OUT_OF_MEMORY; } - if(data->set.ssl.certinfo) - /* asked to gather certificate info */ - (void)ossl_certchain(data, octx->ssl); + if(data->set.ssl.certinfo && !octx->reused_session) { + /* asked to gather certificate info. Reused sessions don't have cert + chains */ + result = ossl_certchain(data, octx->ssl); + if(result) { + BIO_free(mem); + return result; + } + } octx->server_cert = SSL_get1_peer_certificate(octx->ssl); if(!octx->server_cert) { From 500ea90829c825e9c19d2d4290d4d130e9ac42bd Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 25 Sep 2025 23:35:31 +0200 Subject: [PATCH 0198/2408] RELEASE-NOTES: synced --- RELEASE-NOTES | 63 +++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 59 insertions(+), 4 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index da62171c71..511be250eb 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -4,7 +4,7 @@ curl and libcurl 8.17.0 Command line options: 272 curl_easy_setopt() options: 308 Public functions in libcurl: 98 - Contributors: 3508 + Contributors: 3509 This release includes the following changes: @@ -28,6 +28,7 @@ This release includes the following bugfixes: o build: address some `-Weverything` warnings, update picky warnings [74] o build: avoid overriding system symbols for socket functions [68] o build: show llvm/clang in platform flags and `buildinfo.txt` [126] + o cf-h2-proxy: break loop on edge case [140] o cf-socket: use the right byte order for ports in bindlocal [61] o cfilter: unlink and discard [46] o cmake: add `CURL_CODE_COVERAGE` option [78] @@ -60,10 +61,13 @@ This release includes the following bugfixes: o httpsrr: free old pointers when storing new [57] o krb5: return appropriate error on send failures [22] o ldap: do not base64 encode zero length string [42] + o lib: upgrade/multiplex handling [136] o libcurl-multi.md: added curl_multi_get_offt mention [53] o libcurl-security.md: mention long-running connections [6] o libssh2: drop two redundant null-terminations [26] o libssh2: error check and null-terminate in ssh_state_sftp_readdir_link() [34] + o libssh: acknowledge SSH_AGAIN in the SFTP state machine [89] + o libssh: clarify myssh_block2waitfor [92] o libssh: drop two unused assignments [104] o libssh: error on bad chgrp number [71] o libssh: error on bad chown number and store the value [64] @@ -74,24 +78,43 @@ This release includes the following bugfixes: o managen: ignore version mentions < 7.66.0 [55] o managen: render better manpage references/links [54] o managen: strict protocol check [109] + o mbedtls: check result of setting ALPN [127] + o mbedtls: handle WANT_WRITE from mbedtls_ssl_read() [145] o multi.h: add CURLMINFO_LASTENTRY [51] o ngtcp2: check error code on connect failure [13] + o ngtcp2: fix early return [131] o openldap: avoid indexing the result at -1 for blank responses [44] o openldap: check ldap_get_option() return codes [119] + o openssl-quic: check results better [132] + o openssl-quic: handle error in SSL_get_stream_read_error_code [129] + o openssl: clear retry flag on x509 error [130] + o openssl: fail the transfer if ossl_certchain() fails [23] o openssl: make the asn1_object_dump name null terminated [56] + o openssl: set io_need always [99] + o OS400: fix a use-after-free/double-free case [142] o quic: fix min TLS version handling [14] o quic: ignore EMSGSIZE on receive [4] + o quiche: fix verbose message when ip quadruple cannot be obtained. [128] + o quiche: when ingress processing fails, return that error code [103] o rustls: fix clang-tidy warning [107] + o rustls: fix comment describing cr_recv() [117] o rustls: typecast variable for safer trace output [69] o rustls: use %zu for size_t in failf() format string [121] o sasl: clear canceled mechanism instead of toggling it [41] o schannel: assign result before using it [62] + o schannel_verify: use more human friendly error messages [96] o setopt: accept *_SSL_VERIFYHOST set to 2L [31] o setopt: make CURLOPT_MAXREDIRS accept -1 (again) [1] o smb: adjust buffer size checks [45] o smtp: check EHLO responses case insensitively [50] + o socks: handle error in verbose trace gracefully [94] o socks: make Curl_blockread_all return CURLcode [67] + o socks: rewwork, cleaning up socks state handling [135] + o socks_gssapi: make the gss_context a local variable [144] o socks_gssapi: reject too long tokens [90] + o socks_gssapi: remove superfluous releases of the gss_recv_token [139] + o socks_gssapi: remove the forced "no protection" [143] + o socks_sspi: bail out on too long fields [137] o socks_sspi: fix memory cleanup calls [40] o socks_sspi: restore non-blocking socket on error paths [48] o ssl-sessions.md: mark option experimental [12] @@ -116,10 +139,14 @@ This release includes the following bugfixes: o tool_getparam/set_rate: skip the multiplication on overflow [84] o tool_operate: improve wording in retry message [37] o tool_operate: keep the progress meter for --out-null [33] + o transfer: avoid busy loop with tiny speed limit [100] o urldata: FILE is not a list-only protocol [9] + o vtls: alpn setting, check proto parameter [134] o vtls_int.h: clarify data_pending [124] o windows: replace `_beginthreadex()` with `CreateThread()` [80] o windows: stop passing unused, optional argument for Win9x compatibility [75] + o wolfssl: check BIO read parameters [133] + o wolfssl: fix error check in shutdown [105] o ws: clarify an error message [125] o ws: reject curl_ws_recv called with NULL buffer with a buflen [118] @@ -149,9 +176,10 @@ advice from friends like these: divinity76 on github, Emilio Pozuelo Monfort, Ethan Everett, fds242 on github, Javier Blazquez, Jicea, jmaggard10 on github, Joseph Birr-Pixton, Joshua Rogers, kapsiR on github, Marcel Raad, - Michael Osipov, Michał Petryka, Nir Azkiel, Ray Satiro, renovate[bot], - rinsuki on github, Samuel Dionne-Riel, Stefan Eissing, Viktor Szakats - (28 contributors) + Michael Osipov, Michał Petryka, Nir Azkiel, Patrick Monnerat, Ray Satiro, + renovate[bot], rinsuki on github, Samuel Dionne-Riel, Stanislav Fort, + Stefan Eissing, Viktor Szakats + (30 contributors) References to bug reports and discussions on issues: @@ -177,6 +205,7 @@ References to bug reports and discussions on issues: [20] = https://curl.se/bug/?i=18554 [21] = https://curl.se/bug/?i=18618 [22] = https://curl.se/bug/?i=18561 + [23] = https://curl.se/bug/?i=18646 [24] = https://curl.se/bug/?i=18616 [25] = https://curl.se/bug/?i=18491 [26] = https://curl.se/bug/?i=18606 @@ -241,11 +270,19 @@ References to bug reports and discussions on issues: [85] = https://curl.se/bug/?i=18612 [87] = https://curl.se/bug/?i=18707 [88] = https://curl.se/bug/?i=18680 + [89] = https://curl.se/bug/?i=18740 [90] = https://curl.se/bug/?i=18681 [91] = https://curl.se/bug/?i=18251 + [92] = https://curl.se/bug/?i=18739 + [94] = https://curl.se/bug/?i=18722 + [96] = https://curl.se/bug/?i=18737 + [99] = https://curl.se/bug/?i=18733 + [100] = https://curl.se/bug/?i=18732 [101] = https://curl.se/bug/?i=18689 [102] = https://curl.se/bug/?i=18688 + [103] = https://curl.se/bug/?i=18730 [104] = https://curl.se/bug/?i=18684 + [105] = https://curl.se/bug/?i=18729 [106] = https://curl.se/bug/?i=18671 [107] = https://curl.se/bug/?i=18670 [108] = https://curl.se/bug/?i=18633 @@ -257,6 +294,7 @@ References to bug reports and discussions on issues: [114] = https://curl.se/bug/?i=18666 [115] = https://curl.se/bug/?i=18664 [116] = https://curl.se/bug/?i=18659 + [117] = https://curl.se/bug/?i=18728 [118] = https://curl.se/bug/?i=18656 [119] = https://curl.se/bug/?i=18653 [120] = https://curl.se/bug/?i=18652 @@ -266,3 +304,20 @@ References to bug reports and discussions on issues: [124] = https://curl.se/bug/?i=18644 [125] = https://curl.se/bug/?i=18654 [126] = https://curl.se/bug/?i=18645 + [127] = https://curl.se/bug/?i=18727 + [128] = https://curl.se/bug/?i=18726 + [129] = https://curl.se/bug/?i=18725 + [130] = https://curl.se/bug/?i=18724 + [131] = https://curl.se/bug/?i=18723 + [132] = https://curl.se/bug/?i=18720 + [133] = https://curl.se/bug/?i=18718 + [134] = https://curl.se/bug/?i=18717 + [135] = https://curl.se/bug/?i=18401 + [136] = https://curl.se/bug/?i=18227 + [137] = https://curl.se/bug/?i=18719 + [139] = https://curl.se/bug/?i=18714 + [140] = https://curl.se/bug/?i=18715 + [142] = https://curl.se/bug/?i=18713 + [143] = https://curl.se/bug/?i=18712 + [144] = https://curl.se/bug/?i=18711 + [145] = https://curl.se/bug/?i=18682 From 061e265502fc2f605f0d87453b8b1167ba16839d Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Mon, 22 Sep 2025 15:48:07 +0200 Subject: [PATCH 0199/2408] http: handle user-defined connection headers When there is more than one user-supplied 'Connection: ' header, add values that curl needs internally to the first one and emit all subsequent ones thereafter. Fixes #18662 Reported-by: Evgeny Grin (Karlson2k) Closes #18686 --- docs/libcurl/opts/CURLOPT_HTTPHEADER.md | 4 ++ lib/http.c | 62 ++++++++++++++++---- tests/data/Makefile.am | 2 +- tests/data/test1617 | 75 +++++++++++++++++++++++++ 4 files changed, 132 insertions(+), 11 deletions(-) create mode 100644 tests/data/test1617 diff --git a/docs/libcurl/opts/CURLOPT_HTTPHEADER.md b/docs/libcurl/opts/CURLOPT_HTTPHEADER.md index 4440b4ec4b..c7a705bedc 100644 --- a/docs/libcurl/opts/CURLOPT_HTTPHEADER.md +++ b/docs/libcurl/opts/CURLOPT_HTTPHEADER.md @@ -55,6 +55,10 @@ without content (no data on the right side of the colon) as in `Accept:`, the internally used header is removed. To forcibly add a header without content (nothing after the colon), use the form `name;` (using a trailing semicolon). +There are exceptions when suppressing headers. The `Connection:` header in +HTTP/1.1 cannot be overridden. You can provide values for it, but should a +request require specific ones, they are always added to your own. + The headers included in the linked list **must not** be CRLF-terminated, since libcurl adds CRLF after each header item itself. Failure to comply with this might result in strange behavior. libcurl passes on the verbatim strings you diff --git a/lib/http.c b/lib/http.c index ce31e6dff0..3479bb4ec9 100644 --- a/lib/http.c +++ b/lib/http.c @@ -263,6 +263,19 @@ char *Curl_checkProxyheaders(struct Curl_easy *data, #define Curl_checkProxyheaders(x,y,z,a) NULL #endif +static bool http_header_is_empty(const char *header) +{ + struct Curl_str out; + + if(!curlx_str_cspn(&header, &out, ";:") && + (!curlx_str_single(&header, ':') || !curlx_str_single(&header, ';'))) { + curlx_str_untilnl(&header, &out, MAX_HTTP_RESP_HEADER_SIZE); + curlx_str_trimblanks(&out); + return curlx_strlen(&out) == 0; + } + return TRUE; /* invalid head format, treat as empty */ +} + /* * Strip off leading and trailing whitespace from the value in the given HTTP * header line and return a strdup()ed copy. Returns NULL in case of @@ -1702,7 +1715,7 @@ CURLcode Curl_add_custom_headers(struct Curl_easy *data, curlx_str_casecompare(&name, "Content-Length")) ; else if(curlx_str_casecompare(&name, "Connection")) - /* Normal Connection: header generation takes care of this */ + /* Connection headers are handled specially */ ; else if((httpversion >= 20) && curlx_str_casecompare(&name, "Transfer-Encoding")) @@ -2636,17 +2649,29 @@ static CURLcode http_check_new_conn(struct Curl_easy *data) static CURLcode http_add_connection_hd(struct Curl_easy *data, struct dynbuf *req) { - char *custom = Curl_checkheaders(data, STRCONST("Connection")); - char *custom_val = custom ? Curl_copy_header_value(custom) : NULL; - const char *sep = (custom_val && *custom_val) ? ", " : "Connection: "; + struct curl_slist *head; + const char *sep = "Connection: "; CURLcode result = CURLE_OK; size_t rlen = curlx_dyn_len(req); + char *value; + bool skip; - if(custom && !custom_val) - return CURLE_OUT_OF_MEMORY; + /* Add the 1st custom "Connection: " header, if there is one */ + for(head = data->set.headers; head; head = head->next) { + if(curl_strnequal(head->data, "Connection", 10) && + Curl_headersep(head->data[10]) && + !http_header_is_empty(head->data)) { + value = Curl_copy_header_value(head->data); + if(!value) + return CURLE_OUT_OF_MEMORY; + result = curlx_dyn_addf(req, "%s%s", sep, value); + sep = ", "; + free(value); + break; /* leave, having added 1st one */ + } + } - if(custom_val && *custom_val) - result = curlx_dyn_addf(req, "Connection: %s", custom_val); + /* add our internal Connection: header values, if we have any */ if(!result && data->state.http_hd_te) { result = curlx_dyn_addf(req, "%s%s", sep, "TE"); sep = ", "; @@ -2660,9 +2685,26 @@ static CURLcode http_add_connection_hd(struct Curl_easy *data, } if(!result && (rlen < curlx_dyn_len(req))) result = curlx_dyn_addn(req, STRCONST("\r\n")); + if(result) + return result; - free(custom_val); - return result; + /* Add all user-defined Connection: headers after the first */ + skip = TRUE; + for(head = data->set.headers; head; head = head->next) { + if(curl_strnequal(head->data, "Connection", 10) && + Curl_headersep(head->data[10]) && + !http_header_is_empty(head->data)) { + if(skip) { + skip = FALSE; + continue; + } + result = curlx_dyn_addf(req, "%s\r\n", head->data); + if(result) + return result; + } + } + + return CURLE_OK; } /* Header identifier in order we send them by default */ diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am index 854791fba0..5063e0210f 100644 --- a/tests/data/Makefile.am +++ b/tests/data/Makefile.am @@ -214,7 +214,7 @@ test1580 test1581 \ test1590 test1591 test1592 test1593 test1594 test1595 test1596 test1597 \ test1598 test1599 test1600 test1601 test1602 test1603 test1604 test1605 \ test1606 test1607 test1608 test1609 test1610 test1611 test1612 test1613 \ -test1614 test1615 test1616 \ +test1614 test1615 test1616 test1617 \ test1620 test1621 \ \ test1630 test1631 test1632 test1633 test1634 test1635 \ diff --git a/tests/data/test1617 b/tests/data/test1617 new file mode 100644 index 0000000000..0fe967bd27 --- /dev/null +++ b/tests/data/test1617 @@ -0,0 +1,75 @@ + + + +HTTP +HTTP GET +compressed +Transfer-Encoding + + +# +# Server-side + + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Transfer-Encoding: gzip, chunked + +2c +%hex[%1f%8b%08%08%79%9e%ab%41%00%03%6c%61%6c%61%6c%61%00%cb%c9%cc%4b%55%30%e4%52%c8%01%d1%46%5c]hex% +%hex[%10%86%31%17%00]hex% +%hex[%02%71%60%18%00%00%00]hex% +0 + + + + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Transfer-Encoding: gzip, chunked + +line 1 + line 2 + line 3 + + + + +# +# Client-side + + +libz + + +http + + +HTTP GET transfer-encoding with two user Connection: headers + + +http://%HOSTIP:%HTTPPORT/%TESTNUMBER --tr-encoding -H "Connection: this" -H "Connection: that" + + + +# +# Verify data after the test has been "shot" + + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +TE: gzip +Connection: this, TE +Connection: that + + + + From 84d96275319869e1f0e6c374e39b54a7d892d146 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 26 Sep 2025 09:43:19 +0200 Subject: [PATCH 0200/2408] tool_progress: handle possible integer overflows The progress meters max out at 2^63 bytes. Reported-by: BobodevMm on github Fixes #18744 Closes #18746 --- src/tool_progress.c | 29 +++++++++++++++++++---------- 1 file changed, 19 insertions(+), 10 deletions(-) diff --git a/src/tool_progress.c b/src/tool_progress.c index 666fe9869c..aae2ff68b1 100644 --- a/src/tool_progress.c +++ b/src/tool_progress.c @@ -144,6 +144,15 @@ static unsigned int speedindex; static bool indexwrapped; static struct speedcount speedstore[SPEEDCNT]; +static void add_offt(curl_off_t *val, curl_off_t add) +{ + if(CURL_OFF_T_MAX - *val < add) + /* maxed out! */ + *val = CURL_OFF_T_MAX; + else + *val += add; +} + /* |DL% UL% Dled Uled Xfers Live Total Current Left Speed | 6 -- 9.9G 0 2 2 0:00:40 0:00:02 0:00:37 4087M @@ -189,24 +198,24 @@ bool progress_meter(CURLM *multi, stamp = now; /* first add the amounts of the already completed transfers */ - all_dlnow += all_dlalready; - all_ulnow += all_ulalready; + add_offt(&all_dlnow, all_dlalready); + add_offt(&all_ulnow, all_ulalready); for(per = transfers; per; per = per->next) { - all_dlnow += per->dlnow; - all_ulnow += per->ulnow; + add_offt(&all_dlnow, per->dlnow); + add_offt(&all_ulnow, per->ulnow); if(!per->dltotal) dlknown = FALSE; else if(!per->dltotal_added) { /* only add this amount once */ - all_dltotal += per->dltotal; + add_offt(&all_dltotal, per->dltotal); per->dltotal_added = TRUE; } if(!per->ultotal) ulknown = FALSE; else if(!per->ultotal_added) { /* only add this amount once */ - all_ultotal += per->ultotal; + add_offt(&all_ultotal, per->ultotal); per->ultotal_added = TRUE; } } @@ -306,14 +315,14 @@ bool progress_meter(CURLM *multi, void progress_finalize(struct per_transfer *per) { /* get the numbers before this transfer goes away */ - all_dlalready += per->dlnow; - all_ulalready += per->ulnow; + add_offt(&all_dlalready, per->dlnow); + add_offt(&all_ulalready, per->ulnow); if(!per->dltotal_added) { - all_dltotal += per->dltotal; + add_offt(&all_dltotal, per->dltotal); per->dltotal_added = TRUE; } if(!per->ultotal_added) { - all_ultotal += per->ultotal; + add_offt(&all_ultotal, per->ultotal); per->ultotal_added = TRUE; } } From 72f72f678d1669d9758ad3f948321ee4dfc71330 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 26 Sep 2025 13:53:04 +0200 Subject: [PATCH 0201/2408] openldap: check ber_sockbuf_add_io() return code The man page says nothing about what the return code means but Howard Chu tells me it is 0 on success, -1 on fail. Help-by: Howard Chu Closes #18747 --- lib/openldap.c | 47 +++++++++++++++++++++++------------------------ 1 file changed, 23 insertions(+), 24 deletions(-) diff --git a/lib/openldap.c b/lib/openldap.c index 7d25d18421..6aa74e028f 100644 --- a/lib/openldap.c +++ b/lib/openldap.c @@ -531,19 +531,19 @@ static CURLcode oldap_ssl_connect(struct Curl_easy *data, ldapstate newstate) if(!li) return CURLE_FAILED_INIT; result = Curl_conn_connect(data, FIRSTSOCKET, FALSE, &ssldone); - if(!result) { - oldap_state(data, li, newstate); + if(result) + return result; + oldap_state(data, li, newstate); - if(ssldone) { - Sockbuf *sb; + if(ssldone) { + Sockbuf *sb; - /* Install the libcurl SSL handlers into the sockbuf. */ - if(ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, &sb) != LDAP_OPT_SUCCESS) - return CURLE_FAILED_INIT; - ber_sockbuf_add_io(sb, &ldapsb_tls, LBER_SBIOD_LEVEL_TRANSPORT, data); - li->recv = conn->recv[FIRSTSOCKET]; - li->send = conn->send[FIRSTSOCKET]; - } + /* Install the libcurl SSL handlers into the sockbuf. */ + if((ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, &sb) != LDAP_OPT_SUCCESS) || + ber_sockbuf_add_io(sb, &ldapsb_tls, LBER_SBIOD_LEVEL_TRANSPORT, data)) + return CURLE_FAILED_INIT; + li->recv = conn->recv[FIRSTSOCKET]; + li->send = conn->send[FIRSTSOCKET]; } return result; @@ -947,19 +947,18 @@ static CURLcode oldap_disconnect(struct Curl_easy *data, (void)data; #endif - if(li) { - if(li->ld) { + if(li && li->ld) { #ifdef USE_SSL - if(ssl_installed(conn)) { - Sockbuf *sb; - if(ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, &sb) != LDAP_OPT_SUCCESS) - return CURLE_FAILED_INIT; - ber_sockbuf_add_io(sb, &ldapsb_tls, LBER_SBIOD_LEVEL_TRANSPORT, data); - } -#endif - ldap_unbind_ext(li->ld, NULL, NULL); - li->ld = NULL; + if(ssl_installed(conn)) { + Sockbuf *sb; + if((ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, &sb) != LDAP_OPT_SUCCESS) + || + ber_sockbuf_add_io(sb, &ldapsb_tls, LBER_SBIOD_LEVEL_TRANSPORT, data)) + return CURLE_FAILED_INIT; } +#endif + ldap_unbind_ext(li->ld, NULL, NULL); + li->ld = NULL; } return CURLE_OK; } @@ -988,9 +987,9 @@ static CURLcode oldap_do(struct Curl_easy *data, bool *done) if(ssl_installed(conn)) { Sockbuf *sb; /* re-install the libcurl SSL handlers into the sockbuf. */ - if(ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, &sb) != LDAP_OPT_SUCCESS) + if((ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, &sb) != LDAP_OPT_SUCCESS) || + ber_sockbuf_add_io(sb, &ldapsb_tls, LBER_SBIOD_LEVEL_TRANSPORT, data)) return CURLE_FAILED_INIT; - ber_sockbuf_add_io(sb, &ldapsb_tls, LBER_SBIOD_LEVEL_TRANSPORT, data); } #endif From 34b1e146e42f2dbac5c89414a2a0458a8729a255 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 25 Sep 2025 01:54:28 +0200 Subject: [PATCH 0202/2408] perlcheck: add script, run in CI, fix fallouts Add script to run all Perl sources through `perl -c` to ensure no issues, and run this script via GHA/checksrc in CI. Fallouts: - fix two repeated declarations. - move `shell_quote()` from `testutil.pm` to `pathhelp.pm`, to avoid circular dependency in `globalconfig.pm`. Closes #18745 --- .github/workflows/checksrc.yml | 4 +++ scripts/Makefile.am | 3 ++- scripts/perlcheck.sh | 47 ++++++++++++++++++++++++++++++++++ tests/globalconfig.pm | 4 +-- tests/pathhelp.pm | 20 +++++++++++++++ tests/runner.pm | 2 +- tests/runtests.pl | 1 + tests/servers.pm | 2 +- tests/test745.pl | 5 ++-- tests/testcurl.pl | 6 +++-- tests/testutil.pm | 20 --------------- 11 files changed, 84 insertions(+), 30 deletions(-) create mode 100755 scripts/perlcheck.sh diff --git a/.github/workflows/checksrc.yml b/.github/workflows/checksrc.yml index b101a822c5..71ee031d68 100644 --- a/.github/workflows/checksrc.yml +++ b/.github/workflows/checksrc.yml @@ -82,6 +82,10 @@ jobs: source ~/venv/bin/activate scripts/cmakelint.sh + - name: 'perlcheck' + run: | + scripts/perlcheck.sh + - name: 'pytype' run: | source ~/venv/bin/activate diff --git a/scripts/Makefile.am b/scripts/Makefile.am index cfa3d3e740..a52581155d 100644 --- a/scripts/Makefile.am +++ b/scripts/Makefile.am @@ -25,7 +25,8 @@ EXTRA_DIST = coverage.sh completion.pl firefox-db2pem.sh checksrc.pl checksrc-all.pl \ mk-ca-bundle.pl mk-unity.pl schemetable.c cd2nroff nroff2cd cdall cd2cd managen \ dmaketgz maketgz release-tools.sh verify-release cmakelint.sh mdlinkcheck \ - CMakeLists.txt pythonlint.sh randdisable wcurl top-complexity extract-unit-protos + CMakeLists.txt perlcheck.sh pythonlint.sh randdisable wcurl top-complexity \ + extract-unit-protos dist_bin_SCRIPTS = wcurl diff --git a/scripts/perlcheck.sh b/scripts/perlcheck.sh new file mode 100755 index 0000000000..be0c0e1c87 --- /dev/null +++ b/scripts/perlcheck.sh @@ -0,0 +1,47 @@ +#!/bin/sh +#*************************************************************************** +# _ _ ____ _ +# Project ___| | | | _ \| | +# / __| | | | |_) | | +# | (__| |_| | _ <| |___ +# \___|\___/|_| \_\_____| +# +# Copyright (C) Dan Fandrich, , Viktor Szakats, et al. +# +# This software is licensed as described in the file COPYING, which +# you should have received as part of this distribution. The terms +# are also available at https://curl.se/docs/copyright.html. +# +# You may opt to use, copy, modify, merge, publish, distribute and/or sell +# copies of the Software, and permit persons to whom the Software is +# furnished to do so, under the terms of the COPYING file. +# +# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY +# KIND, either express or implied. +# +# SPDX-License-Identifier: curl +# +########################################################################### + +# The xargs invocation is portable, but does not preserve spaces in file names. +# If such a file is ever added, then this can be portably fixed by switching to +# "xargs -I{}" and appending {} to the end of the xargs arguments (which will +# call cmakelint once per file) or by using the GNU extension "xargs -d'\n'". + +set -eu + +cd "$(dirname "$0")"/.. + +{ + if [ -n "${1:-}" ]; then + for A in "$@"; do printf "%s\n" "$A"; done + elif git rev-parse --is-inside-work-tree >/dev/null 2>&1; then + { + git ls-files | grep -E '\.(pl|pm)$' + git grep -l -E '^#!/usr/bin/env perl' + } | sort -u + else + # strip off the leading ./ to make the grep regexes work properly + find . -type f \( -name '*.pl' -o -name '*.pm' \) | sed 's@^\./@@' + fi +} | xargs -n 1 perl -c -Itests diff --git a/tests/globalconfig.pm b/tests/globalconfig.pm index de9abab34c..8635dea55b 100644 --- a/tests/globalconfig.pm +++ b/tests/globalconfig.pm @@ -78,11 +78,9 @@ BEGIN { use pathhelp qw( exe_ext dirsepadd - ); -use Cwd qw(getcwd); -use testutil qw( shell_quote ); +use Cwd qw(getcwd); use File::Spec; diff --git a/tests/pathhelp.pm b/tests/pathhelp.pm index 1695825188..49987f7453 100644 --- a/tests/pathhelp.pm +++ b/tests/pathhelp.pm @@ -60,6 +60,7 @@ BEGIN { os_is_win exe_ext dirsepadd + shell_quote sys_native_abs_path sys_native_current_path build_sys_abs_path @@ -192,4 +193,23 @@ sub dirsepadd { return $dir . '/'; } +####################################################################### +# Quote an argument for passing safely to a Bourne shell +# This does the same thing as String::ShellQuote but doesn't need a package. +# +sub shell_quote { + my ($s)=@_; + if($^O eq 'MSWin32') { + $s = '"' . $s . '"'; + } + else { + if($s !~ m/^[-+=.,_\/:a-zA-Z0-9]+$/) { + # string contains a "dangerous" character--quote it + $s =~ s/'/'"'"'/g; + $s = "'" . $s . "'"; + } + } + return $s; +} + 1; # End of module diff --git a/tests/runner.pm b/tests/runner.pm index 62f722f319..1eef1f5b9d 100644 --- a/tests/runner.pm +++ b/tests/runner.pm @@ -84,6 +84,7 @@ use Storable qw( use pathhelp qw( exe_ext + shell_quote ); use servers qw( checkcmd @@ -100,7 +101,6 @@ use testutil qw( logmsg runclient exerunner - shell_quote subbase64 subsha256base64file substrippemfile diff --git a/tests/runtests.pl b/tests/runtests.pl index 6b6e5b0761..d836841a29 100755 --- a/tests/runtests.pl +++ b/tests/runtests.pl @@ -91,6 +91,7 @@ use serverhelp qw( use pathhelp qw( exe_ext sys_native_current_path + shell_quote ); use appveyor; diff --git a/tests/servers.pm b/tests/servers.pm index e625058870..e5505886f6 100644 --- a/tests/servers.pm +++ b/tests/servers.pm @@ -105,6 +105,7 @@ use pathhelp qw( os_is_win build_sys_abs_path sys_native_abs_path + shell_quote ); use processhelp; @@ -114,7 +115,6 @@ use testutil qw( runclient runclientoutput exerunner - shell_quote ); diff --git a/tests/test745.pl b/tests/test745.pl index faddda429f..4395eb9681 100755 --- a/tests/test745.pl +++ b/tests/test745.pl @@ -45,7 +45,8 @@ sub gettypecheck { } sub getinclude { - open(my $f, "<", "$root/include/curl/curl.h") + my $f; + open($f, "<", "$root/include/curl/curl.h") || die "no curl.h"; while(<$f>) { if($_ =~ /\((CURLOPT[^,]*), (CURLOPTTYPE_[^,]*)/) { @@ -61,7 +62,7 @@ sub getinclude { $enum{"CURLOPT_CONV_TO_NETWORK_FUNCTION"}++; close($f); - open(my $f, "<", "$root/include/curl/multi.h") + open($f, "<", "$root/include/curl/multi.h") || die "no curl.h"; while(<$f>) { if($_ =~ /\((CURLMOPT[^,]*), (CURLOPTTYPE_[^,]*)/) { diff --git a/tests/testcurl.pl b/tests/testcurl.pl index 8d6183102b..4f3eade703 100755 --- a/tests/testcurl.pl +++ b/tests/testcurl.pl @@ -584,8 +584,10 @@ if(-f "./libcurl.pc") { } } +my $f; + logit_spaced "display lib/$confheader"; -open(my $f, "<", "lib/$confheader") or die "lib/$confheader: $!"; +open($f, "<", "lib/$confheader") or die "lib/$confheader: $!"; while(<$f>) { print if /^ *#/; } @@ -660,7 +662,7 @@ if(($have_embedded_ares) && my $mkcmd = "$make -i" . ($targetos && !$configurebuild ? " $targetos" : ""); logit "$mkcmd"; -open(my $f, "-|", "$mkcmd 2>&1") or die; +open($f, "-|", "$mkcmd 2>&1") or die; while(<$f>) { s/$pwd//g; print; diff --git a/tests/testutil.pm b/tests/testutil.pm index e84cc45fde..3477d5bb57 100644 --- a/tests/testutil.pm +++ b/tests/testutil.pm @@ -38,7 +38,6 @@ BEGIN { runclientoutput setlogfunc exerunner - shell_quote subbase64 subnewlines subsha256base64file @@ -219,25 +218,6 @@ sub exerunner { return ''; } -####################################################################### -# Quote an argument for passing safely to a Bourne shell -# This does the same thing as String::ShellQuote but doesn't need a package. -# -sub shell_quote { - my ($s)=@_; - if($^O eq 'MSWin32') { - $s = '"' . $s . '"'; - } - else { - if($s !~ m/^[-+=.,_\/:a-zA-Z0-9]+$/) { - # string contains a "dangerous" character--quote it - $s =~ s/'/'"'"'/g; - $s = "'" . $s . "'"; - } - } - return $s; -} - sub get_sha256_base64 { my ($file_path) = @_; return encode_base64(sha256(do { local $/; open my $fh, '<:raw', $file_path or die $!; <$fh> }), ""); From b5ffe30e5b7e79d51ec96c266538eb5586c6a0dd Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 26 Sep 2025 16:30:34 +0200 Subject: [PATCH 0203/2408] cf-ip-happy: mention unix domain path, not port number In the connect error message if a unix domain socket was used. Reported-by: kuchara on github Ref: #18748 Closes #18749 --- lib/cf-ip-happy.c | 29 +++++++++++++++++++---------- 1 file changed, 19 insertions(+), 10 deletions(-) diff --git a/lib/cf-ip-happy.c b/lib/cf-ip-happy.c index 5e4c20444e..0a1364e4b3 100644 --- a/lib/cf-ip-happy.c +++ b/lib/cf-ip-happy.c @@ -627,26 +627,35 @@ static CURLcode is_connected(struct Curl_cfilter *cf, { const char *hostname, *proxy_name = NULL; - int port; + char viamsg[160]; #ifndef CURL_DISABLE_PROXY if(conn->bits.socksproxy) proxy_name = conn->socks_proxy.host.name; else if(conn->bits.httpproxy) proxy_name = conn->http_proxy.host.name; #endif - hostname = conn->bits.conn_to_host ? - conn->conn_to_host.name : conn->host.name; + hostname = conn->bits.conn_to_host ? conn->conn_to_host.name : + conn->host.name; - if(cf->sockindex == SECONDARYSOCKET) - port = conn->secondary_port; - else if(cf->conn->bits.conn_to_port) - port = conn->conn_to_port; +#ifdef USE_UNIX_SOCKETS + if(conn->unix_domain_socket) + msnprintf(viamsg, sizeof(viamsg), "over %s", conn->unix_domain_socket); else - port = conn->remote_port; +#endif + { + int port; + if(cf->sockindex == SECONDARYSOCKET) + port = conn->secondary_port; + else if(cf->conn->bits.conn_to_port) + port = conn->conn_to_port; + else + port = conn->remote_port; + msnprintf(viamsg, sizeof(viamsg), "port %u", port); + } - failf(data, "Failed to connect to %s port %u %s%s%safter " + failf(data, "Failed to connect to %s %s %s%s%safter " "%" FMT_TIMEDIFF_T " ms: %s", - hostname, port, + hostname, viamsg, proxy_name ? "via " : "", proxy_name ? proxy_name : "", proxy_name ? " " : "", From 8538856662460fdcb38bafde3218ee3022e64807 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 26 Sep 2025 20:57:16 +0200 Subject: [PATCH 0204/2408] perlcheck: parallelize Follow-up to 34b1e146e42f2dbac5c89414a2a0458a8729a255 #18745 Closes #18750 --- scripts/perlcheck.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/scripts/perlcheck.sh b/scripts/perlcheck.sh index be0c0e1c87..7de0f6dbb5 100755 --- a/scripts/perlcheck.sh +++ b/scripts/perlcheck.sh @@ -32,6 +32,10 @@ set -eu cd "$(dirname "$0")"/.. +procs=6 +command -v nproc >/dev/null && procs="$(nproc)" +echo "parallel: ${procs}" + { if [ -n "${1:-}" ]; then for A in "$@"; do printf "%s\n" "$A"; done @@ -44,4 +48,4 @@ cd "$(dirname "$0")"/.. # strip off the leading ./ to make the grep regexes work properly find . -type f \( -name '*.pl' -o -name '*.pm' \) | sed 's@^\./@@' fi -} | xargs -n 1 perl -c -Itests +} | xargs -n 1 -P "${procs}" perl -c -Itests From 95e50ad69473d8229b85478a3f2138b7e632fbe8 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 16 Sep 2025 19:28:27 +0200 Subject: [PATCH 0205/2408] tidy-up: miscellaneous - GHA/checkdocs: rename `spellcheck` job to `pyspelling` to say the exact tool used. - GHA/checkdocs: restore a comment. - GHA/linux: add `-B .` to a cmake configure to avoid warning, and future breakage. - autotools: use correct casing for `Schannel`. - doh: update RFC URL. - drop redundant parenthesis. - fix indentation, whitespace. Closes #18756 --- .github/workflows/checkdocs.yml | 5 +++-- configure.ac | 6 +++--- docs/libcurl/libcurl.m4 | 2 +- lib/curl_threads.c | 1 - lib/curlx/version_win32.c | 2 +- lib/doh.c | 2 +- lib/system_win32.c | 6 +++--- lib/telnet.c | 22 +++++++++------------- lib/vtls/openssl.c | 2 +- lib/vtls/schannel.c | 4 ++-- lib/ws.c | 12 ++++++------ 11 files changed, 30 insertions(+), 34 deletions(-) diff --git a/.github/workflows/checkdocs.yml b/.github/workflows/checkdocs.yml index a34a341a63..3f802b5c4e 100644 --- a/.github/workflows/checkdocs.yml +++ b/.github/workflows/checkdocs.yml @@ -100,8 +100,8 @@ jobs: - name: 'mdlinkcheck' run: ./scripts/mdlinkcheck - spellcheck: - name: 'spellcheck' + pyspelling: + name: 'pyspelling' runs-on: ubuntu-latest steps: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 @@ -125,6 +125,7 @@ jobs: - name: 'check spelling' run: | source ~/venv/bin/activate + # setup the custom wordlist grep -v '^#' .github/scripts/spellcheck.words > wordlist.txt aspell --version pyspelling --version diff --git a/configure.ac b/configure.ac index 56ac66de23..fddae6a630 100644 --- a/configure.ac +++ b/configure.ac @@ -208,7 +208,7 @@ OPT_SCHANNEL=no AC_ARG_WITH(schannel,dnl AS_HELP_STRING([--with-schannel],[enable Windows native SSL/TLS]), OPT_SCHANNEL=$withval - TLSCHOICE="schannel") + TLSCHOICE="Schannel") OPT_AMISSL=no AC_ARG_WITH(amissl,dnl @@ -5033,8 +5033,8 @@ if test "x$want_ech" != "xno"; then ECH_ENABLED_WOLFSSL=1) fi if test "x$RUSTLS_ENABLED" = "x1"; then - ECH_SUPPORT="$ECH_SUPPORT rustls-ffi" - ECH_ENABLED_RUSTLS=1 + ECH_SUPPORT="$ECH_SUPPORT rustls-ffi" + ECH_ENABLED_RUSTLS=1 fi dnl now deal with whatever we found diff --git a/docs/libcurl/libcurl.m4 b/docs/libcurl/libcurl.m4 index 4c89511f06..973493f03a 100644 --- a/docs/libcurl/libcurl.m4 +++ b/docs/libcurl/libcurl.m4 @@ -178,7 +178,7 @@ AC_DEFUN([LIBCURL_CHECK_CONFIG], x=CURLOPT_ERRORBUFFER; x=CURLOPT_STDERR; x=CURLOPT_VERBOSE; - if (x) {;} + if(x) {;} ]])],libcurl_cv_lib_curl_usable=yes,libcurl_cv_lib_curl_usable=no) CPPFLAGS=$_libcurl_save_cppflags diff --git a/lib/curl_threads.c b/lib/curl_threads.c index 94425d19fe..a585d26d3f 100644 --- a/lib/curl_threads.c +++ b/lib/curl_threads.c @@ -134,7 +134,6 @@ int Curl_thread_join(curl_thread_t *hnd) Curl_thread_destroy(hnd); - return ret; } diff --git a/lib/curlx/version_win32.c b/lib/curlx/version_win32.c index 4efe62b111..7e415dfe89 100644 --- a/lib/curlx/version_win32.c +++ b/lib/curlx/version_win32.c @@ -139,7 +139,7 @@ bool curlx_verify_windows_version(const unsigned int majorVersion, #pragma clang diagnostic ignored "-Wcast-function-type-strict" #endif pRtlVerifyVersionInfo = CURLX_FUNCTION_CAST(RTLVERIFYVERSIONINFO_FN, - (GetProcAddress(GetModuleHandleA("ntdll"), "RtlVerifyVersionInfo"))); + GetProcAddress(GetModuleHandleA("ntdll"), "RtlVerifyVersionInfo")); #if defined(__clang__) && __clang_major__ >= 16 #pragma clang diagnostic pop #endif diff --git a/lib/doh.c b/lib/doh.c index 069d5387ea..a76f42207d 100644 --- a/lib/doh.c +++ b/lib/doh.c @@ -1062,7 +1062,7 @@ UNITTEST void de_cleanup(struct dohentry *d) * @return is 1 for success, error otherwise * * The encoding here is defined in - * https://tools.ietf.org/html/rfc1035#section-3.1 + * https://datatracker.ietf.org/doc/html/rfc1035#section-3.1 * * The input buffer pointer will be modified so it points to * just after the end of the DNS name encoding on output. (And diff --git a/lib/system_win32.c b/lib/system_win32.c index a890a0ea98..cd01fd2ebf 100644 --- a/lib/system_win32.c +++ b/lib/system_win32.c @@ -106,8 +106,8 @@ CURLcode Curl_win32_init(long flags) #endif IF_NAMETOINDEX_FN pIfNameToIndex = CURLX_FUNCTION_CAST(IF_NAMETOINDEX_FN, - (GetProcAddress(s_hIpHlpApiDll, - CURL_TEXT("if_nametoindex")))); + GetProcAddress(s_hIpHlpApiDll, + CURL_TEXT("if_nametoindex"))); if(pIfNameToIndex) Curl_if_nametoindex = pIfNameToIndex; @@ -202,7 +202,7 @@ static HMODULE curl_load_library(LPCTSTR filename) and above */ pLoadLibraryEx = CURLX_FUNCTION_CAST(LOADLIBRARYEX_FN, - (GetProcAddress(hKernel32, LOADLIBARYEX))); + GetProcAddress(hKernel32, LOADLIBARYEX)); /* Detect if there is already a path in the filename and load the library if there is. Note: Both back slashes and forward slashes have been supported diff --git a/lib/telnet.c b/lib/telnet.c index f2226a7f7d..66585d6f2a 100644 --- a/lib/telnet.c +++ b/lib/telnet.c @@ -108,15 +108,15 @@ */ typedef enum { - CURL_TS_DATA = 0, - CURL_TS_IAC, - CURL_TS_WILL, - CURL_TS_WONT, - CURL_TS_DO, - CURL_TS_DONT, - CURL_TS_CR, - CURL_TS_SB, /* sub-option collection */ - CURL_TS_SE /* looking for sub-option end */ + CURL_TS_DATA = 0, + CURL_TS_IAC, + CURL_TS_WILL, + CURL_TS_WONT, + CURL_TS_DO, + CURL_TS_DONT, + CURL_TS_CR, + CURL_TS_SB, /* sub-option collection */ + CURL_TS_SE /* looking for sub-option end */ } TelnetReceive; struct TELNET { @@ -939,7 +939,6 @@ static bool bad_option(const char *data) * Look at the sub-option buffer, and try to be helpful to the other * side. */ - static CURLcode suboption(struct Curl_easy *data, struct TELNET *tn) { struct curl_slist *v; @@ -1023,13 +1022,11 @@ static CURLcode suboption(struct Curl_easy *data, struct TELNET *tn) return CURLE_OK; } - /* * sendsuboption() * * Send suboption information to the server side. */ - static void sendsuboption(struct Curl_easy *data, struct TELNET *tn, int option) { @@ -1084,7 +1081,6 @@ static void sendsuboption(struct Curl_easy *data, } } - static CURLcode telrcv(struct Curl_easy *data, struct TELNET *tn, diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 37cdd55747..36818daa9e 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -125,7 +125,7 @@ static void ossl_provider_cleanup(struct Curl_easy *data); * X509_V_ERR_EC_KEY_EXPLICIT_PARAMS. */ #if OPENSSL_VERSION_NUMBER >= 0x10100000L && \ !defined(LIBRESSL_VERSION_NUMBER) && !defined(OPENSSL_IS_BORINGSSL) && \ - (!defined(OPENSSL_IS_AWSLC) || (defined(X509_V_ERR_EC_KEY_EXPLICIT_PARAMS))) + (!defined(OPENSSL_IS_AWSLC) || defined(X509_V_ERR_EC_KEY_EXPLICIT_PARAMS)) #define HAVE_SSL_CTX_SET_DEFAULT_READ_BUFFER_LEN 1 #endif diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index 8b7f1d9306..8ff8029e3b 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -2558,8 +2558,8 @@ static int schannel_init(void) #endif WINE_GET_VERSION_FN p_wine_get_version = CURLX_FUNCTION_CAST(WINE_GET_VERSION_FN, - (GetProcAddress(GetModuleHandleA("ntdll"), - "wine_get_version"))); + GetProcAddress(GetModuleHandleA("ntdll"), + "wine_get_version")); #if defined(__clang__) && __clang_major__ >= 16 #pragma clang diagnostic pop #endif diff --git a/lib/ws.c b/lib/ws.c index 6a265fccc7..36c9c91f65 100644 --- a/lib/ws.c +++ b/lib/ws.c @@ -545,7 +545,7 @@ static CURLcode ws_dec_pass(struct ws_decoder *dec, const unsigned char tmp = '\0'; /* special case of a 0 length frame, need to write once */ result = write_cb(&tmp, 0, dec->frame_age, dec->frame_flags, - 0, 0, write_ctx, &nwritten); + 0, 0, write_ctx, &nwritten); if(result) return result; dec->state = WS_DEC_INIT; @@ -680,8 +680,8 @@ static CURLcode ws_cw_dec_next(const unsigned char *buf, size_t buflen, payload_len, buflen); result = Curl_cwriter_write(data, ctx->next_writer, - (ctx->cw_type | CLIENTWRITE_0LEN), - (const char *)buf, buflen); + (ctx->cw_type | CLIENTWRITE_0LEN), + (const char *)buf, buflen); if(result) return result; } @@ -1579,9 +1579,9 @@ CURLcode curl_ws_recv(CURL *d, void *buffer, *metap = &ws->recvframe; *nread = ws->recvframe.len; CURL_TRC_WS(data, "curl_ws_recv(len=%zu) -> %zu bytes (frame at %" - FMT_OFF_T ", %" FMT_OFF_T " left)", - buflen, *nread, ws->recvframe.offset, - ws->recvframe.bytesleft); + FMT_OFF_T ", %" FMT_OFF_T " left)", + buflen, *nread, ws->recvframe.offset, + ws->recvframe.bytesleft); /* all's well, try to send any pending control. we do not know * when the application will call `curl_ws_send()` again. */ if(!data->set.ws_raw_mode && ws->pending.type) { From 16f721443aee235014f3d17e623c5c5eeb24b83e Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 27 Sep 2025 13:02:12 +0200 Subject: [PATCH 0206/2408] GHA/linux: tidy up AWS-LC local build To sync with other builds and to use `-B` to avoid a cmake warning and future breakage. Closes #18757 --- .github/workflows/linux.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 2724901324..463ea7eb58 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -503,9 +503,8 @@ jobs: run: | curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \ --location "https://github.com/awslabs/aws-lc/archive/refs/tags/v${AWSLC_VERSION}.tar.gz" | tar -xz - mkdir "aws-lc-${AWSLC_VERSION}-build" - cd "aws-lc-${AWSLC_VERSION}-build" - cmake -G Ninja -DCMAKE_INSTALL_PREFIX=/home/runner/awslc "../aws-lc-${AWSLC_VERSION}" -DBUILD_TOOL=OFF -DBUILD_TESTING=OFF + cd "aws-lc-${AWSLC_VERSION}" + cmake -B . -G Ninja -DCMAKE_INSTALL_PREFIX=/home/runner/awslc -DBUILD_TOOL=OFF -DBUILD_TESTING=OFF cmake --build . cmake --install . From b5c9c858d53072ae6e5a2388d488d2f691f7cd32 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 26 Sep 2025 21:53:21 +0000 Subject: [PATCH 0207/2408] GHA: update dependency awslabs/aws-lc to v1.61.4 Closes #18752 --- .github/workflows/http3-linux.yml | 2 +- .github/workflows/linux.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index 019790b68e..6ed393465e 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -46,7 +46,7 @@ env: # renovate: datasource=github-tags depName=libressl/portable versioning=semver registryUrl=https://github.com LIBRESSL_VERSION: 4.1.0 # renovate: datasource=github-tags depName=awslabs/aws-lc versioning=semver registryUrl=https://github.com - AWSLC_VERSION: 1.61.3 + AWSLC_VERSION: 1.61.4 # renovate: datasource=github-tags depName=google/boringssl versioning=semver registryUrl=https://github.com BORINGSSL_VERSION: 0.20250818.0 # renovate: datasource=github-tags depName=gnutls/gnutls versioning=semver registryUrl=https://github.com diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 463ea7eb58..dd1e88ed0c 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -44,7 +44,7 @@ env: # renovate: datasource=github-tags depName=Mbed-TLS/mbedtls versioning=semver registryUrl=https://github.com MBEDTLS_VERSION: 3.6.4 # renovate: datasource=github-tags depName=awslabs/aws-lc versioning=semver registryUrl=https://github.com - AWSLC_VERSION: 1.61.3 + AWSLC_VERSION: 1.61.4 # renovate: datasource=github-tags depName=google/boringssl versioning=semver registryUrl=https://github.com BORINGSSL_VERSION: 0.20250818.0 # handled in renovate.json From 75d5424979a8effac331c4924edb1a8be458cdce Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 27 Sep 2025 17:58:29 +0200 Subject: [PATCH 0208/2408] GHA/windows: tidy up Cygwin jobs - drop unnecessary installed packages. - sync built type name with other jobs. Closes #18758 --- .github/workflows/windows.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index e5d66ccc87..b866bdacd6 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -110,8 +110,8 @@ jobs: strategy: matrix: include: - - { build: 'automake', platform: 'x86_64', tflags: 'skiprun', config: '--with-openssl', install: 'libssl-devel libssh2-devel', name: 'openssl R' } - - { build: 'cmake' , platform: 'x86_64', tflags: '' , config: '-DENABLE_DEBUG=ON -DCURL_USE_OPENSSL=ON -DENABLE_THREADED_RESOLVER=OFF', install: 'libssl-devel libssh2-devel', name: 'openssl' } + - { build: 'autotools', platform: 'x86_64', tflags: 'skiprun', config: '--with-openssl', install: 'libssl-devel libssh2-devel', name: 'openssl R' } + - { build: 'cmake' , platform: 'x86_64', tflags: '' , config: '-DENABLE_DEBUG=ON -DCURL_USE_OPENSSL=ON -DENABLE_THREADED_RESOLVER=OFF', install: 'libssl-devel libssh2-devel', name: 'openssl' } fail-fast: false steps: - run: git config --global core.autocrlf input @@ -123,8 +123,8 @@ jobs: work-vol: 'D:' # https://cygwin.com/cgi-bin2/package-grep.cgi packages: >- - autoconf libtool gcc-core gcc-g++ binutils - ${{ matrix.build }} make ninja + ${{ matrix.build == 'autotools' && 'autoconf automake libtool make' || 'cmake ninja' }} + gcc-core binutils perl openssh libpsl-devel zlib-devel @@ -138,7 +138,7 @@ jobs: persist-credentials: false - name: 'autoreconf' - if: ${{ matrix.build == 'automake' }} + if: ${{ matrix.build == 'autotools' }} timeout-minutes: 2 run: | PATH=/usr/bin From 660d915ebda4ea44c4422a647e09693d6fb6a9ee Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 27 Sep 2025 23:51:46 +0200 Subject: [PATCH 0209/2408] ci: use `--enable-option-checking=fatal` in autotools jobs To avoid typos and non-existing options passed to `./configure` in CI builds. Also delete obsolete option `--enable-test-bundles` from Circle CI jobs. Closes #18759 --- .circleci/config.yml | 12 ++++++------ .github/workflows/distcheck.yml | 10 +++++----- .github/workflows/http3-linux.yml | 2 +- .github/workflows/linux.yml | 2 +- .github/workflows/macos.yml | 6 +++--- .github/workflows/non-native.yml | 4 ++-- .github/workflows/windows.yml | 6 +++--- 7 files changed, 21 insertions(+), 21 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 1603e7f7d0..21b88054d5 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -66,7 +66,7 @@ commands: - run: command: | autoreconf -fi - ./configure --disable-dependency-tracking --enable-unity --enable-test-bundles --enable-werror --enable-warnings \ + ./configure --disable-dependency-tracking --enable-option-checking=fatal --enable-unity --enable-werror --enable-warnings \ --with-openssl \ || { tail -1000 config.log; false; } @@ -75,7 +75,7 @@ commands: - run: command: | autoreconf -fi - ./configure --disable-dependency-tracking --enable-unity --enable-test-bundles --enable-werror \ + ./configure --disable-dependency-tracking --enable-option-checking=fatal --enable-unity --enable-werror \ --with-openssl --disable-verbose \ || { tail -1000 config.log; false; } @@ -84,7 +84,7 @@ commands: - run: command: | autoreconf -fi - ./configure --disable-dependency-tracking --enable-unity --enable-test-bundles --enable-werror \ + ./configure --disable-dependency-tracking --enable-option-checking=fatal --enable-unity --enable-werror \ --with-openssl --disable-proxy \ || { tail -1000 config.log; false; } @@ -93,7 +93,7 @@ commands: - run: command: | autoreconf -fi - ./configure --disable-dependency-tracking --enable-unity --enable-test-bundles --enable-werror --enable-warnings \ + ./configure --disable-dependency-tracking --enable-option-checking=fatal --enable-unity --enable-werror --enable-warnings \ --with-openssl --with-libssh \ || { tail -1000 config.log; false; } @@ -102,7 +102,7 @@ commands: - run: command: | autoreconf -fi - ./configure --disable-dependency-tracking --enable-unity --enable-test-bundles --enable-werror --enable-warnings \ + ./configure --disable-dependency-tracking --enable-option-checking=fatal --enable-unity --enable-werror --enable-warnings \ --with-openssl --enable-ares \ || { tail -1000 config.log; false; } @@ -111,7 +111,7 @@ commands: - run: command: | autoreconf -fi - ./configure --disable-dependency-tracking --enable-unity --enable-test-bundles --enable-werror --enable-debug \ + ./configure --disable-dependency-tracking --enable-option-checking=fatal --enable-unity --enable-werror --enable-debug \ --with-openssl --enable-ares \ || { tail -1000 config.log; false; } diff --git a/.github/workflows/distcheck.yml b/.github/workflows/distcheck.yml index da65bf4bd0..7a1a4dad84 100644 --- a/.github/workflows/distcheck.yml +++ b/.github/workflows/distcheck.yml @@ -60,7 +60,7 @@ jobs: echo "::stop-commands::$(uuidgen)" tar xvf curl-99.98.97.tar.gz pushd curl-99.98.97 - ./configure --prefix="$HOME"/temp --enable-werror --without-ssl --without-libpsl + ./configure --prefix="$HOME"/temp --enable-option-checking=fatal --enable-werror --without-ssl --without-libpsl make make test-ci make install @@ -86,7 +86,7 @@ jobs: touch curl-99.98.97/docs/{cmdline-opts,libcurl}/Makefile.inc mkdir build pushd build - ../curl-99.98.97/configure --enable-werror --without-ssl --without-libpsl + ../curl-99.98.97/configure --enable-option-checking=fatal --enable-werror --without-ssl --without-libpsl make make test-ci popd @@ -110,7 +110,7 @@ jobs: pushd curl-99.98.97 mkdir build pushd build - ../configure --prefix="$PWD"/curl-install --enable-werror --without-ssl --enable-debug --without-libpsl + ../configure --prefix="$PWD"/curl-install --enable-option-checking=fatal --enable-werror --without-ssl --enable-debug --without-libpsl make make test-ci make install @@ -136,7 +136,7 @@ jobs: pushd curl-99.98.97 mkdir build pushd build - ../configure --prefix="$PWD"/curl-install --enable-werror --without-ssl --without-libpsl ac_cv_path_PERL= + ../configure --prefix="$PWD"/curl-install --enable-option-checking=fatal --enable-werror --without-ssl --without-libpsl ac_cv_path_PERL= make make install curl-install/bin/curl --disable --version @@ -158,7 +158,7 @@ jobs: echo "::stop-commands::$(uuidgen)" tar xvf curl-99.98.97.tar.gz pushd curl-99.98.97 - ./configure --prefix="$PWD"/curl-install --enable-werror --without-ssl --without-libpsl ac_cv_path_PERL= + ./configure --prefix="$PWD"/curl-install --enable-option-checking=fatal --enable-werror --without-ssl --without-libpsl ac_cv_path_PERL= make make install curl-install/bin/curl --disable --version diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index 6ed393465e..05d71b6f10 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -686,7 +686,7 @@ jobs: mkdir bld && cd bld && ../configure --enable-warnings --enable-werror --enable-debug \ --with-libuv \ --with-test-nghttpx=/home/runner/nghttp2/build/bin/nghttpx \ - --disable-dependency-tracking \ + --disable-dependency-tracking --enable-option-checking=fatal \ ${MATRIX_CONFIGURE} fi diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index dd1e88ed0c..1d38c50db6 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -595,7 +595,7 @@ jobs: mkdir bld && cd bld && \ ${MATRIX_CONFIGURE_PREFIX} \ ../configure --prefix="$HOME"/curl-install --enable-unity --enable-warnings --enable-werror \ - --disable-dependency-tracking \ + --disable-dependency-tracking --enable-option-checking=fatal \ ${MATRIX_CONFIGURE} fi diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index 88b7ee8800..6777f3aa92 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -160,7 +160,7 @@ jobs: ${MATRIX_GENERATE} ${options} else mkdir bld && cd bld && ../configure --enable-unity --enable-warnings --enable-werror \ - --disable-dependency-tracking \ + --disable-dependency-tracking --enable-option-checking=fatal \ CFLAGS="-isysroot $(xcrun --sdk iphoneos --show-sdk-path 2>/dev/null)" \ --host=aarch64-apple-darwin \ --with-apple-idn \ @@ -440,7 +440,7 @@ jobs: [ -n "${MATRIX_MACOS_VERSION_MIN}" ] && CFLAGS+=" -mmacosx-version-min=${MATRIX_MACOS_VERSION_MIN}" [[ "${MATRIX_INSTALL_STEPS}" = *'pytest'* ]] && options+=' --with-test-vsftpd=no' # Skip ~20 tests that stretch run time by 7x on macOS mkdir bld && cd bld && ../configure --prefix="$PWD"/curl-install --enable-unity --enable-warnings --enable-werror \ - --disable-dependency-tracking \ + --disable-dependency-tracking --enable-option-checking=fatal \ --with-libpsl=/opt/homebrew/opt/libpsl \ ${MATRIX_CONFIGURE} ${options} fi @@ -706,7 +706,7 @@ jobs: [ -n "${MATRIX_MACOS_VERSION_MIN}" ] && CFLAGS+=" -mmacosx-version-min=${MATRIX_MACOS_VERSION_MIN}" # would pick up nghttp2, libidn2, but libssh2 is disabled by default mkdir bld && cd bld && ../configure --enable-unity --enable-warnings --enable-werror \ - --disable-dependency-tracking \ + --disable-dependency-tracking --enable-option-checking=fatal \ --disable-docs --disable-manual \ --with-openssl="$(brew --prefix openssl)" \ --without-nghttp2 --without-libidn2 \ diff --git a/.github/workflows/non-native.yml b/.github/workflows/non-native.yml index 2670c39078..03abced26e 100644 --- a/.github/workflows/non-native.yml +++ b/.github/workflows/non-native.yml @@ -192,7 +192,7 @@ jobs: --prefix="$HOME"/curl-install \ --with-openssl \ --with-brotli --enable-ldap --enable-ldaps --with-libidn2 --with-libssh2 --with-nghttp2 --with-gssapi \ - --disable-dependency-tracking \ + --disable-dependency-tracking --enable-option-checking=fatal \ ${options} \ ${MATRIX_OPTIONS} \ || { tail -n 1000 config.log; false; } @@ -284,7 +284,7 @@ jobs: ${MATRIX_OPTIONS} else TOOLCHAIN="${ANDROID_NDK_HOME}/toolchains/llvm/prebuilt/linux-x86_64" - mkdir bld && cd bld && ../configure --disable-dependency-tracking --enable-unity --enable-warnings --enable-werror \ + mkdir bld && cd bld && ../configure --disable-dependency-tracking --enable-option-checking=fatal --enable-unity --enable-warnings --enable-werror \ CC="$TOOLCHAIN/bin/aarch64-linux-android${MATRIX_PLATFORM}-clang" \ AR="$TOOLCHAIN/bin/llvm-ar" \ RANLIB="$TOOLCHAIN/bin/llvm-ranlib" \ diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index b866bdacd6..e1219dfadc 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -160,7 +160,7 @@ jobs: mkdir bld && cd bld && ../configure --enable-unity --enable-warnings --enable-werror \ --prefix="$HOME"/curl-install \ --with-libssh2 \ - --disable-dependency-tracking \ + --disable-dependency-tracking --enable-option-checking=fatal \ ${MATRIX_CONFIG} fi @@ -367,7 +367,7 @@ jobs: mkdir bld && cd bld && ../configure --enable-unity --enable-warnings --enable-werror \ --prefix="$HOME"/curl-install \ --with-libssh2 \ - --disable-dependency-tracking \ + --disable-dependency-tracking --enable-option-checking=fatal \ ${MATRIX_CONFIG} fi @@ -756,7 +756,7 @@ jobs: --host="${TRIPLET}" \ --with-schannel --with-winidn \ --without-libpsl \ - --disable-dependency-tracking + --disable-dependency-tracking --enable-option-checking=fatal fi - name: 'configure log' From a6182865d0c8cfb9dbfe8d6444b428d17ecc677c Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 28 Sep 2025 00:32:49 +0200 Subject: [PATCH 0210/2408] CI: make pip use `tests/requirements.txt` in Circle CI Also sync `pip` options with those used in GHA. Closes #18760 --- .circleci/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 21b88054d5..39201708e8 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -45,7 +45,7 @@ commands: - run: command: | sudo apt-get update && sudo apt-get install -y libpsl-dev libbrotli-dev libzstd-dev zlib1g-dev python3-pip libpsl-dev - sudo python3 -m pip install impacket + sudo python3 -m pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary -r tests/requirements.txt install-wolfssl: steps: From 81a9197102472a03a873c0d59d150223f5ed8840 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 28 Sep 2025 11:54:57 +0200 Subject: [PATCH 0211/2408] GHA/linux-old: make one cmake v3.7.2 job verbose To show the details in cmake builds using the oldest supported version. Use a legacy method. `--verbose` became supported later, in 3.14. Closes #18764 --- .github/workflows/linux-old.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/linux-old.yml b/.github/workflows/linux-old.yml index 7e25cd2139..e7aad3c3e7 100644 --- a/.github/workflows/linux-old.yml +++ b/.github/workflows/linux-old.yml @@ -86,7 +86,7 @@ jobs: cd bld-1 cmake .. -DCMAKE_UNITY_BUILD=ON -DCURL_WERROR=ON -DBUILD_SHARED_LIBS=ON \ -DCURL_USE_GNUTLS=ON -DENABLE_ARES=OFF -DCURL_ZSTD=OFF -DCURL_USE_GSSAPI=OFF -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=OFF -DUSE_LIBRTMP=ON - make install + VERBOSE=1 make install src/curl --disable --version - name: 'cmake build-only curl_config.h' From e17aa98bfe3799723cec978661cad4079bfa4dd7 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 28 Sep 2025 02:34:13 +0200 Subject: [PATCH 0212/2408] cmake: use more `COMPILER_OPTIONS`, `LINK_OPTIONS` / `LINK_FLAGS` - replace `COMPILE_FLAGS` with `COMPILE_OPTIONS` that superceded it. Follow-up to 6140dfcf3e7845f11dee755de6865379aa96dab7 https://cmake.org/cmake/help/v4.1/prop_sf/COMPILE_FLAGS.html - replace `target_link_libraries()` with `LINK_FLAGS` property for CMake <=3.12, because we are passing linker options (not libs). Follow-up to 91720b620e802748d2e1629f43e29b76736542f9 #18468 Follow-up to 548873921cde197aa1d40216c594c76738031374 #17670 Follow-up to 95aea798dbd785c4daee2b2e24f2c8c94f3e3cf4 #5843 https://cmake.org/cmake/help/v3.7/command/target_link_libraries.html https://cmake.org/cmake/help/v3.7/prop_tgt/LINK_FLAGS.html - replace `target_link_options()` with `LINK_OPTIONS` propery for CMake 3.13+, to use the modern style. Follow-up to 91720b620e802748d2e1629f43e29b76736542f9 #18468 Follow-up to 548873921cde197aa1d40216c594c76738031374 #17670 https://cmake.org/cmake/help/v3.13/command/target_link_options.html https://cmake.org/cmake/help/v3.13/prop_tgt/LINK_OPTIONS.html Also: - fix to append to, not override, previously set linker options when using `CURL_LIBCURL_VERSIONED_SYMBOLS=ON`. Before this patch, it was overwriting linker options when using `CURL_CODE_COVERAGE=ON`. Follow-up to 91720b620e802748d2e1629f43e29b76736542f9 #18468 Closes #18762 --- lib/CMakeLists.txt | 14 +++++++------- src/CMakeLists.txt | 8 ++++---- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/lib/CMakeLists.txt b/lib/CMakeLists.txt index 7dce3aea87..d9857a50c2 100644 --- a/lib/CMakeLists.txt +++ b/lib/CMakeLists.txt @@ -112,7 +112,7 @@ if(SHARE_LIB_OBJECT AND CMAKE_VERSION VERSION_GREATER_EQUAL 3.12) set_target_properties(${LIB_OBJECT} PROPERTIES POSITION_INDEPENDENT_CODE ON) if(CURL_HIDES_PRIVATE_SYMBOLS) - set_property(TARGET ${LIB_OBJECT} APPEND PROPERTY COMPILE_FLAGS "${CURL_CFLAG_SYMBOLS_HIDE}") + set_property(TARGET ${LIB_OBJECT} APPEND PROPERTY COMPILE_OPTIONS "${CURL_CFLAG_SYMBOLS_HIDE}") set_property(TARGET ${LIB_OBJECT} APPEND PROPERTY COMPILE_DEFINITIONS "CURL_HIDDEN_SYMBOLS") endif() if(CURL_HAS_LTO) @@ -154,7 +154,7 @@ if(BUILD_STATIC_LIBS) INTERFACE_COMPILE_DEFINITIONS "CURL_STATICLIB" INTERFACE_LINK_DIRECTORIES "${CURL_LIBDIRS}") if(CURL_HIDES_PRIVATE_SYMBOLS) - set_property(TARGET ${LIB_STATIC} APPEND PROPERTY COMPILE_FLAGS "${CURL_CFLAG_SYMBOLS_HIDE}") + set_property(TARGET ${LIB_STATIC} APPEND PROPERTY COMPILE_OPTIONS "${CURL_CFLAG_SYMBOLS_HIDE}") set_property(TARGET ${LIB_STATIC} APPEND PROPERTY COMPILE_DEFINITIONS "CURL_HIDDEN_SYMBOLS") endif() if(CURL_HAS_LTO) @@ -194,7 +194,7 @@ if(BUILD_SHARED_LIBS) IMPORT_PREFIX "" IMPORT_SUFFIX "${IMPORT_LIB_SUFFIX}${CMAKE_IMPORT_LIBRARY_SUFFIX}" POSITION_INDEPENDENT_CODE ON) if(CURL_HIDES_PRIVATE_SYMBOLS) - set_property(TARGET ${LIB_SHARED} APPEND PROPERTY COMPILE_FLAGS "${CURL_CFLAG_SYMBOLS_HIDE}") + set_property(TARGET ${LIB_SHARED} APPEND PROPERTY COMPILE_OPTIONS "${CURL_CFLAG_SYMBOLS_HIDE}") set_property(TARGET ${LIB_SHARED} APPEND PROPERTY COMPILE_DEFINITIONS "CURL_HIDDEN_SYMBOLS") endif() if(CURL_HAS_LTO) @@ -210,9 +210,9 @@ if(BUILD_SHARED_LIBS) set_property(TARGET ${LIB_SHARED} APPEND PROPERTY COMPILE_DEFINITIONS ${CURL_COVERAGE_MACROS}) set_property(TARGET ${LIB_SHARED} APPEND PROPERTY COMPILE_OPTIONS ${CURL_COVERAGE_CFLAGS}) if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.13) - target_link_options(${LIB_SHARED} PRIVATE ${CURL_COVERAGE_LDFLAGS}) + set_property(TARGET ${LIB_SHARED} APPEND PROPERTY LINK_OPTIONS ${CURL_COVERAGE_LDFLAGS}) else() - target_link_libraries(${LIB_SHARED} PRIVATE ${CURL_COVERAGE_LDFLAGS}) + set_property(TARGET ${LIB_SHARED} APPEND PROPERTY LINK_FLAGS ${CURL_COVERAGE_LDFLAGS}) endif() endif() @@ -289,9 +289,9 @@ if(BUILD_SHARED_LIBS) check_c_source_compiles("int main(void) { return 0; }" HAVE_VERSIONED_SYMBOLS) if(HAVE_VERSIONED_SYMBOLS) if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.13) - set_target_properties(${LIB_SHARED} PROPERTIES LINK_OPTIONS "${CMAKE_REQUIRED_LINK_OPTIONS}") + set_property(TARGET ${LIB_SHARED} APPEND PROPERTY LINK_OPTIONS "${CMAKE_REQUIRED_LINK_OPTIONS}") else() - set_target_properties(${LIB_SHARED} PROPERTIES LINK_FLAGS "${CMAKE_REQUIRED_LINK_OPTIONS}") + set_property(TARGET ${LIB_SHARED} APPEND PROPERTY LINK_FLAGS "${CMAKE_REQUIRED_LINK_OPTIONS}") endif() else() message(WARNING "Versioned symbols requested, but not supported by the toolchain.") diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index c4b8ebb934..a70c96b765 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -123,9 +123,9 @@ endif() if(ENABLE_UNICODE AND MINGW AND NOT MINGW32CE) if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.13) - target_link_options(${EXE_NAME} PRIVATE "-municode") + set_property(TARGET ${EXE_NAME} APPEND PROPERTY LINK_OPTIONS "-municode") else() - target_link_libraries(${EXE_NAME} PRIVATE "-municode") + set_property(TARGET ${EXE_NAME} APPEND PROPERTY LINK_FLAGS "-municode") endif() endif() @@ -133,9 +133,9 @@ if(CURL_CODE_COVERAGE) set_property(TARGET ${EXE_NAME} APPEND PROPERTY COMPILE_DEFINITIONS ${CURL_COVERAGE_MACROS}) set_property(TARGET ${EXE_NAME} APPEND PROPERTY COMPILE_OPTIONS ${CURL_COVERAGE_CFLAGS}) if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.13) - target_link_options(${EXE_NAME} PRIVATE ${CURL_COVERAGE_LDFLAGS}) + set_property(TARGET ${EXE_NAME} APPEND PROPERTY LINK_OPTIONS ${CURL_COVERAGE_LDFLAGS}) else() - target_link_libraries(${EXE_NAME} PRIVATE ${CURL_COVERAGE_LDFLAGS}) + set_property(TARGET ${EXE_NAME} APPEND PROPERTY LINK_FLAGS ${CURL_COVERAGE_LDFLAGS}) endif() endif() From 10bac43b873fe45869e15b36aac1c1e5bc89b6e0 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 29 Sep 2025 22:48:55 +0200 Subject: [PATCH 0213/2408] tests/server: drop unsafe `open()` override in signal handler (Windows) Turns out the signal handler on Windows still wasn't signal safe after the previous round of fix. There is an `open()` call made from there, and `open` happens to be unconditionally overridden via `curl_setup.h` on Windows, to its local implementation (`curlx_win32_open()`), which does memory allocations and potentially other things that are not signal safe. This is a temporary fix, till avoiding the override of system symbols `open` and `stat` on Windows. FTR this did not fix the CI 2304 errors, diskspace fail or job hangs due to 0xC0000142 fork failure (it's rare all three occurs in the same run): https://github.com/curl/curl/actions/runs/18110523584?pr=18774 Ref: #18634 Follow-up e95f509c66abdd88ae02e3243cdc217f19c4a330 #16852 Closes #18774 --- tests/server/util.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/server/util.c b/tests/server/util.c index 052effa895..41f42ca42e 100644 --- a/tests/server/util.c +++ b/tests/server/util.c @@ -373,12 +373,12 @@ static void exit_signal_handler(int signum) (void)!write(STDERR_FILENO, msg, sizeof(msg) - 1); } else { + int fd; #ifdef _WIN32 -#define OPENMODE S_IREAD | S_IWRITE + fd = _open(serverlogfile, O_WRONLY|O_CREAT|O_APPEND, S_IREAD | S_IWRITE); #else -#define OPENMODE S_IRUSR | S_IWUSR + fd = open(serverlogfile, O_WRONLY|O_CREAT|O_APPEND, S_IRUSR | S_IWUSR); #endif - int fd = open(serverlogfile, O_WRONLY|O_CREAT|O_APPEND, OPENMODE); if(fd != -1) { static const char msg[] = "exit_signal_handler: called\n"; (void)!write(fd, msg, sizeof(msg) - 1); From 20142f5d06f7120ba94cbcc25c998e8d81aec85b Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 14 Sep 2025 15:34:18 +0200 Subject: [PATCH 0214/2408] build: avoid overriding system symbols for fopen functions By introducing wrappers for them in the curlx namespace: `curlx_fopen()`, `curlx_fdopen()`, `curlx_fclose()`. The undefine/redefine/`(function)()` methods broke on systems implementing these functions as macros. E.g. AIX 32-bit's `fopen()`. Also: - rename `lib/fopen.*` to `lib/curl_fopen.*` (for `Curl_fopen()`) to make room for the newly added `curlx/fopen.h`. - curlx: move file-related functions from `multibyte.c` to `fopen.c`. - tests/server: stop using the curl-specific `fopen()` implementation on Windows. Unicode isn't used by runtests, and it isn't critical to run tests on longs path. It can be re-enabled if this becomes necessary, or if the wrapper receives a feature that's critical for test servers. Reported-by: Andrew Kirillov Bug: https://github.com/curl/curl/issues/18510#issuecomment-3274393640 Follow-up to bf7375ecc50e857760b0d0a668c436e208a400bd #18503 Follow-up to 9863599d69b79d290928a89bf9160f4e4e023d4e #18502 Follow-up to 3bb5e58c105d7be450b667858d1b8e7ae3ded555 #17827 Closes #18634 --- .github/scripts/verify-examples.pl | 4 +- docs/examples/.checksrc | 3 + docs/internals/CHECKSRC.md | 2 +- lib/Makefile.inc | 6 +- lib/altsvc.c | 8 +- lib/cookie.c | 10 +- lib/{fopen.c => curl_fopen.c} | 8 +- lib/{fopen.h => curl_fopen.h} | 2 + lib/curl_mem_undef.h | 11 - lib/curl_setup.h | 3 - lib/curlx/curlx.h | 3 + lib/curlx/fopen.c | 310 +++++++++++++++++++++++++++++ lib/curlx/fopen.h | 48 +++++ lib/curlx/multibyte.c | 273 ------------------------- lib/hsts.c | 8 +- lib/memdebug.c | 24 +-- lib/memdebug.h | 7 - lib/mime.c | 15 +- lib/netrc.c | 5 +- lib/vtls/gtls.c | 5 +- lib/vtls/keylog.c | 7 +- lib/vtls/rustls.c | 7 +- lib/vtls/schannel.c | 5 +- lib/vtls/vtls.c | 5 +- scripts/checksrc.pl | 7 +- src/Makefile.inc | 2 + src/tool_cb_dbg.c | 2 +- src/tool_cb_wrt.c | 4 +- src/tool_cfgable.c | 2 +- src/tool_easysrc.c | 4 +- src/tool_formparse.c | 4 +- src/tool_getparam.c | 24 +-- src/tool_ipfs.c | 6 +- src/tool_operate.c | 34 ++-- src/tool_parsecfg.c | 6 +- src/tool_ssls.c | 8 +- src/tool_stderr.c | 4 +- src/tool_util.c | 2 +- src/tool_writeout.c | 12 +- src/var.c | 4 +- tests/data/test1185 | 4 +- tests/libtest/Makefile.inc | 1 + tests/libtest/cli_h2_serverpush.c | 10 +- tests/libtest/cli_hx_download.c | 4 +- tests/libtest/cli_hx_upload.c | 4 +- tests/libtest/lib500.c | 4 +- tests/libtest/lib505.c | 16 +- tests/libtest/lib518.c | 4 +- tests/libtest/lib525.c | 8 +- tests/libtest/lib537.c | 4 +- tests/libtest/lib541.c | 12 +- tests/libtest/lib566.c | 4 +- tests/libtest/lib568.c | 6 +- tests/libtest/lib569.c | 8 +- tests/libtest/lib571.c | 8 +- tests/libtest/lib572.c | 6 +- tests/libtest/lib578.c | 4 +- tests/libtest/lib579.c | 8 +- tests/libtest/lib582.c | 8 +- tests/libtest/lib591.c | 6 +- tests/libtest/lib599.c | 4 +- tests/libtest/lib678.c | 4 +- tests/server/.checksrc | 2 + tests/server/Makefile.inc | 1 + tests/unit/unit3200.c | 8 +- 65 files changed, 568 insertions(+), 484 deletions(-) rename lib/{fopen.c => curl_fopen.c} (96%) rename lib/{fopen.h => curl_fopen.h} (97%) create mode 100644 lib/curlx/fopen.c create mode 100644 lib/curlx/fopen.h diff --git a/.github/scripts/verify-examples.pl b/.github/scripts/verify-examples.pl index 27c4de6db8..a8dd08d182 100755 --- a/.github/scripts/verify-examples.pl +++ b/.github/scripts/verify-examples.pl @@ -63,9 +63,9 @@ sub extract { elsif($syn == 1) { if(/^~~~/) { $syn++; - print O "/* !checksrc! disable UNUSEDIGNORE all */\n"; + print O "/* !checksrc! disable BANNEDFUNC all */\n"; # for fopen() print O "/* !checksrc! disable COPYRIGHT all */\n"; - print O "/* !checksrc! disable FOPENMODE all */\n"; + print O "/* !checksrc! disable UNUSEDIGNORE all */\n"; printf O "#line %d \"$f\"\n", $iline+1; } } diff --git a/docs/examples/.checksrc b/docs/examples/.checksrc index 0b626e6570..e0b6c43da9 100644 --- a/docs/examples/.checksrc +++ b/docs/examples/.checksrc @@ -1,3 +1,6 @@ +allowfunc fclose +allowfunc fdopen +allowfunc fopen allowfunc gmtime allowfunc localtime allowfunc socket diff --git a/docs/internals/CHECKSRC.md b/docs/internals/CHECKSRC.md index 16eb96c75b..9c4f142879 100644 --- a/docs/internals/CHECKSRC.md +++ b/docs/internals/CHECKSRC.md @@ -76,7 +76,7 @@ warnings are: - `EXCLAMATIONSPACE`: space found after exclamations mark -- `FOPENMODE`: `fopen()` needs a macro for the mode string, use it +- `FOPENMODE`: `curlx_fopen()` needs a macro for the mode string, use it - `INDENTATION`: detected a wrong start column for code. Note that this warning only checks some specific places and can certainly miss many bad diff --git a/lib/Makefile.inc b/lib/Makefile.inc index 6391eb2c43..1447e53a1e 100644 --- a/lib/Makefile.inc +++ b/lib/Makefile.inc @@ -26,6 +26,7 @@ LIB_CURLX_CFILES = \ curlx/base64.c \ curlx/dynbuf.c \ + curlx/fopen.c \ curlx/inet_ntop.c \ curlx/inet_pton.c \ curlx/multibyte.c \ @@ -43,6 +44,7 @@ LIB_CURLX_HFILES = \ curlx/base64.h \ curlx/curlx.h \ curlx/dynbuf.h \ + curlx/fopen.h \ curlx/inet_ntop.h \ curlx/inet_pton.h \ curlx/multibyte.h \ @@ -157,6 +159,7 @@ LIB_CFILES = \ curl_des.c \ curl_endian.c \ curl_fnmatch.c \ + curl_fopen.c \ curl_get_line.c \ curl_gethostname.c \ curl_gssapi.c \ @@ -181,7 +184,6 @@ LIB_CFILES = \ fake_addrinfo.c \ file.c \ fileinfo.c \ - fopen.c \ formdata.c \ ftp.c \ ftplistparser.c \ @@ -286,6 +288,7 @@ LIB_HFILES = \ curl_des.h \ curl_endian.h \ curl_fnmatch.h \ + curl_fopen.h \ curl_get_line.h \ curl_gethostname.h \ curl_gssapi.h \ @@ -320,7 +323,6 @@ LIB_HFILES = \ fake_addrinfo.h \ file.h \ fileinfo.h \ - fopen.h \ formdata.h \ ftp.h \ ftplistparser.h \ diff --git a/lib/altsvc.c b/lib/altsvc.c index c7448692fb..7e4c4b5c25 100644 --- a/lib/altsvc.c +++ b/lib/altsvc.c @@ -31,11 +31,11 @@ #include #include "urldata.h" #include "altsvc.h" +#include "curl_fopen.h" #include "curl_get_line.h" #include "parsedate.h" #include "sendf.h" #include "curlx/warnless.h" -#include "fopen.h" #include "rename.h" #include "strdup.h" #include "curlx/inet_pton.h" @@ -227,7 +227,7 @@ static CURLcode altsvc_load(struct altsvcinfo *asi, const char *file) if(!asi->filename) return CURLE_OUT_OF_MEMORY; - fp = fopen(file, FOPEN_READTEXT); + fp = curlx_fopen(file, FOPEN_READTEXT); if(fp) { struct dynbuf buf; curlx_dyn_init(&buf, MAX_ALTSVC_LINE); @@ -238,7 +238,7 @@ static CURLcode altsvc_load(struct altsvcinfo *asi, const char *file) altsvc_add(asi, lineptr); } curlx_dyn_free(&buf); /* free the line buffer */ - fclose(fp); + curlx_fclose(fp); } return result; } @@ -391,7 +391,7 @@ CURLcode Curl_altsvc_save(struct Curl_easy *data, if(result) break; } - fclose(out); + curlx_fclose(out); if(!result && tempstore && Curl_rename(tempstore, file)) result = CURLE_WRITE_ERROR; diff --git a/lib/cookie.c b/lib/cookie.c index 90d375a761..c5fbe1344d 100644 --- a/lib/cookie.c +++ b/lib/cookie.c @@ -80,11 +80,11 @@ Example set of cookies: #include "slist.h" #include "share.h" #include "strcase.h" +#include "curl_fopen.h" #include "curl_get_line.h" #include "curl_memrchr.h" #include "parsedate.h" #include "rename.h" -#include "fopen.h" #include "strdup.h" #include "llist.h" #include "curlx/strparse.h" @@ -1195,7 +1195,7 @@ struct CookieInfo *Curl_cookie_init(struct Curl_easy *data, if(!strcmp(file, "-")) fp = stdin; else { - fp = fopen(file, "rb"); + fp = curlx_fopen(file, "rb"); if(!fp) infof(data, "WARNING: failed to open cookie file \"%s\"", file); else @@ -1228,7 +1228,7 @@ struct CookieInfo *Curl_cookie_init(struct Curl_easy *data, remove_expired(ci); if(handle) - fclose(handle); + curlx_fclose(handle); } data->state.cookie_engine = TRUE; } @@ -1583,7 +1583,7 @@ static CURLcode cookie_output(struct Curl_easy *data, } if(!use_stdout) { - fclose(out); + curlx_fclose(out); out = NULL; if(tempstore && Curl_rename(tempstore, filename)) { unlink(tempstore); @@ -1602,7 +1602,7 @@ static CURLcode cookie_output(struct Curl_easy *data, error: if(out && !use_stdout) - fclose(out); + curlx_fclose(out); free(tempstore); return error; } diff --git a/lib/fopen.c b/lib/curl_fopen.c similarity index 96% rename from lib/fopen.c rename to lib/curl_fopen.c index b28977317a..13acd299c0 100644 --- a/lib/fopen.c +++ b/lib/curl_fopen.c @@ -33,7 +33,7 @@ #include "urldata.h" #include "rand.h" -#include "fopen.h" +#include "curl_fopen.h" /* The last 3 #include files should be in this order */ #include "curl_printf.h" #include "curl_memory.h" @@ -102,7 +102,7 @@ CURLcode Curl_fopen(struct Curl_easy *data, const char *filename, char *dir = NULL; *tempname = NULL; - *fh = fopen(filename, FOPEN_WRITETEXT); + *fh = curlx_fopen(filename, FOPEN_WRITETEXT); if(!*fh) goto fail; if( @@ -114,7 +114,7 @@ CURLcode Curl_fopen(struct Curl_easy *data, const char *filename, || !S_ISREG(sb.st_mode)) { return CURLE_OK; } - fclose(*fh); + curlx_fclose(*fh); *fh = NULL; result = Curl_rand_alnum(data, randbuf, sizeof(randbuf)); @@ -144,7 +144,7 @@ CURLcode Curl_fopen(struct Curl_easy *data, const char *filename, if(fd == -1) goto fail; - *fh = fdopen(fd, FOPEN_WRITETEXT); + *fh = curlx_fdopen(fd, FOPEN_WRITETEXT); if(!*fh) goto fail; diff --git a/lib/fopen.h b/lib/curl_fopen.h similarity index 97% rename from lib/fopen.h rename to lib/curl_fopen.h index e3a919d073..a3dc1382bc 100644 --- a/lib/fopen.h +++ b/lib/curl_fopen.h @@ -24,6 +24,8 @@ * ***************************************************************************/ +#include "curlx/fopen.h" + CURLcode Curl_fopen(struct Curl_easy *data, const char *filename, FILE **fh, char **tempname); diff --git a/lib/curl_mem_undef.h b/lib/curl_mem_undef.h index a70a9fcf53..2be114cbd5 100644 --- a/lib/curl_mem_undef.h +++ b/lib/curl_mem_undef.h @@ -33,16 +33,5 @@ #undef Curl_tcsdup #endif -#ifdef CURLDEBUG - -#undef fopen -#ifdef CURL_FOPEN -#define fopen(fname, mode) CURL_FOPEN(fname, mode) -#endif -#undef fdopen -#undef fclose - -#endif /* CURLDEBUG */ - #undef HEADER_CURL_MEMORY_H #undef HEADER_CURL_MEMDEBUG_H diff --git a/lib/curl_setup.h b/lib/curl_setup.h index 55c65c99f6..b3c19a95ef 100644 --- a/lib/curl_setup.h +++ b/lib/curl_setup.h @@ -509,11 +509,8 @@ # ifndef UNDER_CE int curlx_win32_stat(const char *path, struct_stat *buffer); int curlx_win32_open(const char *filename, int oflag, ...); - FILE *curlx_win32_fopen(const char *filename, const char *mode); # define stat(fname, stp) curlx_win32_stat(fname, stp) # define open curlx_win32_open -# define CURL_FOPEN(fname, mode) curlx_win32_fopen(fname, mode) -# define fopen(fname, mode) CURL_FOPEN(fname, mode) # endif #elif defined(__DJGPP__) /* Requires DJGPP 2.04 */ diff --git a/lib/curlx/curlx.h b/lib/curlx/curlx.h index 9f7bd3a975..33ac72e8e1 100644 --- a/lib/curlx/curlx.h +++ b/lib/curlx/curlx.h @@ -64,6 +64,9 @@ #include "dynbuf.h" /* The curlx_dyn_* functions */ +#include "fopen.h" +/* The curlx_f* functions */ + #include "base64.h" #include "timeval.h" #include "timediff.h" diff --git a/lib/curlx/fopen.c b/lib/curlx/fopen.c new file mode 100644 index 0000000000..22c7259c70 --- /dev/null +++ b/lib/curlx/fopen.c @@ -0,0 +1,310 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + * SPDX-License-Identifier: curl + * + ***************************************************************************/ + +/* + * This file is 'mem-include-scan' clean, which means its memory allocations + * are not tracked by the curl memory tracker memdebug, so they must not use + * `CURLDEBUG` macro replacements in memdebug.h for free, malloc, etc. To avoid + * these macro replacements, wrap the names in parentheses to call the original + * versions: `ptr = (malloc)(123)`, `(free)(ptr)`, etc. + */ + +#include "../curl_setup.h" + +#if defined(_WIN32) && !defined(UNDER_CE) + +#include "fopen.h" +#include "multibyte.h" + +/* declare GetFullPathNameW for mingw-w64 UWP builds targeting old windows */ +#if defined(CURL_WINDOWS_UWP) && defined(__MINGW32__) && \ + (_WIN32_WINNT < _WIN32_WINNT_WIN10) +WINBASEAPI DWORD WINAPI GetFullPathNameW(LPCWSTR, DWORD, LPWSTR, LPWSTR *); +#endif + +/* Fix excessive paths (paths that exceed MAX_PATH length of 260). + * + * This is a helper function to fix paths that would exceed the MAX_PATH + * limitation check done by Windows APIs. It does so by normalizing the passed + * in filename or path 'in' to its full canonical path, and if that path is + * longer than MAX_PATH then setting 'out' to "\\?\" prefix + that full path. + * + * For example 'in' filename255chars in current directory C:\foo\bar is + * fixed as \\?\C:\foo\bar\filename255chars for 'out' which will tell Windows + * it is ok to access that filename even though the actual full path is longer + * than 260 chars. + * + * For non-Unicode builds this function may fail sometimes because only the + * Unicode versions of some Windows API functions can access paths longer than + * MAX_PATH, for example GetFullPathNameW which is used in this function. When + * the full path is then converted from Unicode to multibyte that fails if any + * directories in the path contain characters not in the current codepage. + */ +static bool fix_excessive_path(const TCHAR *in, TCHAR **out) +{ + size_t needed, count; + const wchar_t *in_w; + wchar_t *fbuf = NULL; + + /* MS documented "approximate" limit for the maximum path length */ + const size_t max_path_len = 32767; + +#ifndef _UNICODE + wchar_t *ibuf = NULL; + char *obuf = NULL; +#endif + + *out = NULL; + + /* skip paths already normalized */ + if(!_tcsncmp(in, _T("\\\\?\\"), 4)) + goto cleanup; + +#ifndef _UNICODE + /* convert multibyte input to unicode */ + needed = mbstowcs(NULL, in, 0); + if(needed == (size_t)-1 || needed >= max_path_len) + goto cleanup; + ++needed; /* for NUL */ + ibuf = (malloc)(needed * sizeof(wchar_t)); + if(!ibuf) + goto cleanup; + count = mbstowcs(ibuf, in, needed); + if(count == (size_t)-1 || count >= needed) + goto cleanup; + in_w = ibuf; +#else + in_w = in; +#endif + + /* GetFullPathNameW returns the normalized full path in unicode. It converts + forward slashes to backslashes, processes .. to remove directory segments, + etc. Unlike GetFullPathNameA it can process paths that exceed MAX_PATH. */ + needed = (size_t)GetFullPathNameW(in_w, 0, NULL, NULL); + if(!needed || needed > max_path_len) + goto cleanup; + /* skip paths that are not excessive and do not need modification */ + if(needed <= MAX_PATH) + goto cleanup; + fbuf = (malloc)(needed * sizeof(wchar_t)); + if(!fbuf) + goto cleanup; + count = (size_t)GetFullPathNameW(in_w, (DWORD)needed, fbuf, NULL); + if(!count || count >= needed) + goto cleanup; + + /* prepend \\?\ or \\?\UNC\ to the excessively long path. + * + * c:\longpath ---> \\?\c:\longpath + * \\.\c:\longpath ---> \\?\c:\longpath + * \\?\c:\longpath ---> \\?\c:\longpath (unchanged) + * \\server\c$\longpath ---> \\?\UNC\server\c$\longpath + * + * https://learn.microsoft.com/dotnet/standard/io/file-path-formats + */ + if(!wcsncmp(fbuf, L"\\\\?\\", 4)) + ; /* do nothing */ + else if(!wcsncmp(fbuf, L"\\\\.\\", 4)) + fbuf[2] = '?'; + else if(!wcsncmp(fbuf, L"\\\\.", 3) || !wcsncmp(fbuf, L"\\\\?", 3)) { + /* Unexpected, not UNC. The formatting doc doesn't allow this AFAICT. */ + goto cleanup; + } + else { + wchar_t *temp; + + if(!wcsncmp(fbuf, L"\\\\", 2)) { + /* "\\?\UNC\" + full path without "\\" + null */ + needed = 8 + (count - 2) + 1; + if(needed > max_path_len) + goto cleanup; + + temp = (malloc)(needed * sizeof(wchar_t)); + if(!temp) + goto cleanup; + + wcsncpy(temp, L"\\\\?\\UNC\\", 8); + wcscpy(temp + 8, fbuf + 2); + } + else { + /* "\\?\" + full path + null */ + needed = 4 + count + 1; + if(needed > max_path_len) + goto cleanup; + + temp = (malloc)(needed * sizeof(wchar_t)); + if(!temp) + goto cleanup; + + wcsncpy(temp, L"\\\\?\\", 4); + wcscpy(temp + 4, fbuf); + } + + (free)(fbuf); + fbuf = temp; + } + +#ifndef _UNICODE + /* convert unicode full path to multibyte output */ + needed = wcstombs(NULL, fbuf, 0); + if(needed == (size_t)-1 || needed >= max_path_len) + goto cleanup; + ++needed; /* for NUL */ + obuf = (malloc)(needed); + if(!obuf) + goto cleanup; + count = wcstombs(obuf, fbuf, needed); + if(count == (size_t)-1 || count >= needed) + goto cleanup; + *out = obuf; + obuf = NULL; +#else + *out = fbuf; + fbuf = NULL; +#endif + +cleanup: + (free)(fbuf); +#ifndef _UNICODE + (free)(ibuf); + (free)(obuf); +#endif + return *out ? true : false; +} + +int curlx_win32_open(const char *filename, int oflag, ...) +{ + int pmode = 0; + int result = -1; + TCHAR *fixed = NULL; + const TCHAR *target = NULL; + +#ifdef _UNICODE + wchar_t *filename_w = curlx_convert_UTF8_to_wchar(filename); +#endif + + va_list param; + va_start(param, oflag); + if(oflag & O_CREAT) + pmode = va_arg(param, int); + va_end(param); + +#ifdef _UNICODE + if(filename_w) { + if(fix_excessive_path(filename_w, &fixed)) + target = fixed; + else + target = filename_w; + result = _wopen(target, oflag, pmode); + curlx_unicodefree(filename_w); + } + else + /* !checksrc! disable ERRNOVAR 1 */ + CURL_SETERRNO(EINVAL); +#else + if(fix_excessive_path(filename, &fixed)) + target = fixed; + else + target = filename; + result = _open(target, oflag, pmode); +#endif + + (free)(fixed); + return result; +} + +FILE *curlx_win32_fopen(const char *filename, const char *mode) +{ + FILE *result = NULL; + TCHAR *fixed = NULL; + const TCHAR *target = NULL; + +#ifdef _UNICODE + wchar_t *filename_w = curlx_convert_UTF8_to_wchar(filename); + wchar_t *mode_w = curlx_convert_UTF8_to_wchar(mode); + if(filename_w && mode_w) { + if(fix_excessive_path(filename_w, &fixed)) + target = fixed; + else + target = filename_w; + result = _wfopen(target, mode_w); + } + else + /* !checksrc! disable ERRNOVAR 1 */ + CURL_SETERRNO(EINVAL); + curlx_unicodefree(filename_w); + curlx_unicodefree(mode_w); +#else + if(fix_excessive_path(filename, &fixed)) + target = fixed; + else + target = filename; + /* !checksrc! disable BANNEDFUNC 1 */ + result = fopen(target, mode); +#endif + + (free)(fixed); + return result; +} + +int curlx_win32_stat(const char *path, struct_stat *buffer) +{ + int result = -1; + TCHAR *fixed = NULL; + const TCHAR *target = NULL; + +#ifdef _UNICODE + wchar_t *path_w = curlx_convert_UTF8_to_wchar(path); + if(path_w) { + if(fix_excessive_path(path_w, &fixed)) + target = fixed; + else + target = path_w; +#ifndef USE_WIN32_LARGE_FILES + result = _wstat(target, buffer); +#else + result = _wstati64(target, buffer); +#endif + curlx_unicodefree(path_w); + } + else + /* !checksrc! disable ERRNOVAR 1 */ + CURL_SETERRNO(EINVAL); +#else + if(fix_excessive_path(path, &fixed)) + target = fixed; + else + target = path; +#ifndef USE_WIN32_LARGE_FILES + result = _stat(target, buffer); +#else + result = _stati64(target, buffer); +#endif +#endif + + (free)(fixed); + return result; +} + +#endif /* _WIN32 && !UNDER_CE */ diff --git a/lib/curlx/fopen.h b/lib/curlx/fopen.h new file mode 100644 index 0000000000..2a2b079637 --- /dev/null +++ b/lib/curlx/fopen.h @@ -0,0 +1,48 @@ +#ifndef HEADER_CURLX_FOPEN_H +#define HEADER_CURLX_FOPEN_H +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + * SPDX-License-Identifier: curl + * + ***************************************************************************/ + +#include "../curl_setup.h" + +#include "multibyte.h" + +#if defined(_WIN32) && !defined(UNDER_CE) +FILE *curlx_win32_fopen(const char *filename, const char *mode); +#define CURLX_FOPEN_LOW(fname, mode) curlx_win32_fopen(fname, mode) +#else +#define CURLX_FOPEN_LOW fopen +#endif + +#ifdef CURLDEBUG +#define curlx_fopen(file,mode) curl_dbg_fopen(file,mode,__LINE__,__FILE__) +#define curlx_fdopen(file,mode) curl_dbg_fdopen(file,mode,__LINE__,__FILE__) +#define curlx_fclose(file) curl_dbg_fclose(file,__LINE__,__FILE__) +#else +#define curlx_fopen CURLX_FOPEN_LOW +#define curlx_fdopen fdopen +#define curlx_fclose fclose +#endif + +#endif /* HEADER_CURLX_FOPEN_H */ diff --git a/lib/curlx/multibyte.c b/lib/curlx/multibyte.c index 1c81a71ec5..9e60edf7e3 100644 --- a/lib/curlx/multibyte.c +++ b/lib/curlx/multibyte.c @@ -84,277 +84,4 @@ char *curlx_convert_wchar_to_UTF8(const wchar_t *str_w) return str_utf8; } -#ifndef UNDER_CE - -/* declare GetFullPathNameW for mingw-w64 UWP builds targeting old windows */ -#if defined(CURL_WINDOWS_UWP) && defined(__MINGW32__) && \ - (_WIN32_WINNT < _WIN32_WINNT_WIN10) -WINBASEAPI DWORD WINAPI GetFullPathNameW(LPCWSTR, DWORD, LPWSTR, LPWSTR *); -#endif - -/* Fix excessive paths (paths that exceed MAX_PATH length of 260). - * - * This is a helper function to fix paths that would exceed the MAX_PATH - * limitation check done by Windows APIs. It does so by normalizing the passed - * in filename or path 'in' to its full canonical path, and if that path is - * longer than MAX_PATH then setting 'out' to "\\?\" prefix + that full path. - * - * For example 'in' filename255chars in current directory C:\foo\bar is - * fixed as \\?\C:\foo\bar\filename255chars for 'out' which will tell Windows - * it is ok to access that filename even though the actual full path is longer - * than 260 chars. - * - * For non-Unicode builds this function may fail sometimes because only the - * Unicode versions of some Windows API functions can access paths longer than - * MAX_PATH, for example GetFullPathNameW which is used in this function. When - * the full path is then converted from Unicode to multibyte that fails if any - * directories in the path contain characters not in the current codepage. - */ -static bool fix_excessive_path(const TCHAR *in, TCHAR **out) -{ - size_t needed, count; - const wchar_t *in_w; - wchar_t *fbuf = NULL; - - /* MS documented "approximate" limit for the maximum path length */ - const size_t max_path_len = 32767; - -#ifndef _UNICODE - wchar_t *ibuf = NULL; - char *obuf = NULL; -#endif - - *out = NULL; - - /* skip paths already normalized */ - if(!_tcsncmp(in, _T("\\\\?\\"), 4)) - goto cleanup; - -#ifndef _UNICODE - /* convert multibyte input to unicode */ - needed = mbstowcs(NULL, in, 0); - if(needed == (size_t)-1 || needed >= max_path_len) - goto cleanup; - ++needed; /* for NUL */ - ibuf = (malloc)(needed * sizeof(wchar_t)); - if(!ibuf) - goto cleanup; - count = mbstowcs(ibuf, in, needed); - if(count == (size_t)-1 || count >= needed) - goto cleanup; - in_w = ibuf; -#else - in_w = in; -#endif - - /* GetFullPathNameW returns the normalized full path in unicode. It converts - forward slashes to backslashes, processes .. to remove directory segments, - etc. Unlike GetFullPathNameA it can process paths that exceed MAX_PATH. */ - needed = (size_t)GetFullPathNameW(in_w, 0, NULL, NULL); - if(!needed || needed > max_path_len) - goto cleanup; - /* skip paths that are not excessive and do not need modification */ - if(needed <= MAX_PATH) - goto cleanup; - fbuf = (malloc)(needed * sizeof(wchar_t)); - if(!fbuf) - goto cleanup; - count = (size_t)GetFullPathNameW(in_w, (DWORD)needed, fbuf, NULL); - if(!count || count >= needed) - goto cleanup; - - /* prepend \\?\ or \\?\UNC\ to the excessively long path. - * - * c:\longpath ---> \\?\c:\longpath - * \\.\c:\longpath ---> \\?\c:\longpath - * \\?\c:\longpath ---> \\?\c:\longpath (unchanged) - * \\server\c$\longpath ---> \\?\UNC\server\c$\longpath - * - * https://learn.microsoft.com/dotnet/standard/io/file-path-formats - */ - if(!wcsncmp(fbuf, L"\\\\?\\", 4)) - ; /* do nothing */ - else if(!wcsncmp(fbuf, L"\\\\.\\", 4)) - fbuf[2] = '?'; - else if(!wcsncmp(fbuf, L"\\\\.", 3) || !wcsncmp(fbuf, L"\\\\?", 3)) { - /* Unexpected, not UNC. The formatting doc doesn't allow this AFAICT. */ - goto cleanup; - } - else { - wchar_t *temp; - - if(!wcsncmp(fbuf, L"\\\\", 2)) { - /* "\\?\UNC\" + full path without "\\" + null */ - needed = 8 + (count - 2) + 1; - if(needed > max_path_len) - goto cleanup; - - temp = (malloc)(needed * sizeof(wchar_t)); - if(!temp) - goto cleanup; - - wcsncpy(temp, L"\\\\?\\UNC\\", 8); - wcscpy(temp + 8, fbuf + 2); - } - else { - /* "\\?\" + full path + null */ - needed = 4 + count + 1; - if(needed > max_path_len) - goto cleanup; - - temp = (malloc)(needed * sizeof(wchar_t)); - if(!temp) - goto cleanup; - - wcsncpy(temp, L"\\\\?\\", 4); - wcscpy(temp + 4, fbuf); - } - - (free)(fbuf); - fbuf = temp; - } - -#ifndef _UNICODE - /* convert unicode full path to multibyte output */ - needed = wcstombs(NULL, fbuf, 0); - if(needed == (size_t)-1 || needed >= max_path_len) - goto cleanup; - ++needed; /* for NUL */ - obuf = (malloc)(needed); - if(!obuf) - goto cleanup; - count = wcstombs(obuf, fbuf, needed); - if(count == (size_t)-1 || count >= needed) - goto cleanup; - *out = obuf; - obuf = NULL; -#else - *out = fbuf; - fbuf = NULL; -#endif - -cleanup: - (free)(fbuf); -#ifndef _UNICODE - (free)(ibuf); - (free)(obuf); -#endif - return *out ? true : false; -} - -int curlx_win32_open(const char *filename, int oflag, ...) -{ - int pmode = 0; - int result = -1; - TCHAR *fixed = NULL; - const TCHAR *target = NULL; - -#ifdef _UNICODE - wchar_t *filename_w = curlx_convert_UTF8_to_wchar(filename); -#endif - - va_list param; - va_start(param, oflag); - if(oflag & O_CREAT) - pmode = va_arg(param, int); - va_end(param); - -#ifdef _UNICODE - if(filename_w) { - if(fix_excessive_path(filename_w, &fixed)) - target = fixed; - else - target = filename_w; - result = _wopen(target, oflag, pmode); - curlx_unicodefree(filename_w); - } - else - /* !checksrc! disable ERRNOVAR 1 */ - CURL_SETERRNO(EINVAL); -#else - if(fix_excessive_path(filename, &fixed)) - target = fixed; - else - target = filename; - result = _open(target, oflag, pmode); -#endif - - (free)(fixed); - return result; -} - -FILE *curlx_win32_fopen(const char *filename, const char *mode) -{ - FILE *result = NULL; - TCHAR *fixed = NULL; - const TCHAR *target = NULL; - -#ifdef _UNICODE - wchar_t *filename_w = curlx_convert_UTF8_to_wchar(filename); - wchar_t *mode_w = curlx_convert_UTF8_to_wchar(mode); - if(filename_w && mode_w) { - if(fix_excessive_path(filename_w, &fixed)) - target = fixed; - else - target = filename_w; - result = _wfopen(target, mode_w); - } - else - /* !checksrc! disable ERRNOVAR 1 */ - CURL_SETERRNO(EINVAL); - curlx_unicodefree(filename_w); - curlx_unicodefree(mode_w); -#else - if(fix_excessive_path(filename, &fixed)) - target = fixed; - else - target = filename; - result = (fopen)(target, mode); -#endif - - (free)(fixed); - return result; -} - -int curlx_win32_stat(const char *path, struct_stat *buffer) -{ - int result = -1; - TCHAR *fixed = NULL; - const TCHAR *target = NULL; - -#ifdef _UNICODE - wchar_t *path_w = curlx_convert_UTF8_to_wchar(path); - if(path_w) { - if(fix_excessive_path(path_w, &fixed)) - target = fixed; - else - target = path_w; -#ifndef USE_WIN32_LARGE_FILES - result = _wstat(target, buffer); -#else - result = _wstati64(target, buffer); -#endif - curlx_unicodefree(path_w); - } - else - /* !checksrc! disable ERRNOVAR 1 */ - CURL_SETERRNO(EINVAL); -#else - if(fix_excessive_path(path, &fixed)) - target = fixed; - else - target = path; -#ifndef USE_WIN32_LARGE_FILES - result = _stat(target, buffer); -#else - result = _stati64(target, buffer); -#endif -#endif - - (free)(fixed); - return result; -} - -#endif /* UNDER_CE */ - #endif /* _WIN32 */ diff --git a/lib/hsts.c b/lib/hsts.c index 9525158bcc..b84a470f90 100644 --- a/lib/hsts.c +++ b/lib/hsts.c @@ -32,10 +32,10 @@ #include "urldata.h" #include "llist.h" #include "hsts.h" +#include "curl_fopen.h" #include "curl_get_line.h" #include "sendf.h" #include "parsedate.h" -#include "fopen.h" #include "rename.h" #include "share.h" #include "strdup.h" @@ -379,7 +379,7 @@ CURLcode Curl_hsts_save(struct Curl_easy *data, struct hsts *h, if(result) break; } - fclose(out); + curlx_fclose(out); if(!result && tempstore && Curl_rename(tempstore, file)) result = CURLE_WRITE_ERROR; @@ -524,7 +524,7 @@ static CURLcode hsts_load(struct hsts *h, const char *file) if(!h->filename) return CURLE_OUT_OF_MEMORY; - fp = fopen(file, FOPEN_READTEXT); + fp = curlx_fopen(file, FOPEN_READTEXT); if(fp) { struct dynbuf buf; curlx_dyn_init(&buf, MAX_HSTS_LINE); @@ -542,7 +542,7 @@ static CURLcode hsts_load(struct hsts *h, const char *file) hsts_add(h, lineptr); } curlx_dyn_free(&buf); /* free the line buffer */ - fclose(fp); + curlx_fclose(fp); } return result; } diff --git a/lib/memdebug.c b/lib/memdebug.c index cffd4b2cf6..0c9d156715 100644 --- a/lib/memdebug.c +++ b/lib/memdebug.c @@ -29,6 +29,7 @@ #include #include "urldata.h" +#include "curlx/fopen.h" /* for CURLX_FOPEN_LOW() */ /* The last 3 #include files should be in this order */ #include "curl_printf.h" @@ -68,7 +69,8 @@ static void curl_dbg_cleanup(void) if(curl_dbg_logfile && curl_dbg_logfile != stderr && curl_dbg_logfile != stdout) { - (fclose)(curl_dbg_logfile); + /* !checksrc! disable BANNEDFUNC 1 */ + fclose(curl_dbg_logfile); } curl_dbg_logfile = NULL; } @@ -78,11 +80,7 @@ void curl_dbg_memdebug(const char *logname) { if(!curl_dbg_logfile) { if(logname && *logname) -#ifdef CURL_FOPEN - curl_dbg_logfile = CURL_FOPEN(logname, FOPEN_WRITETEXT); -#else - curl_dbg_logfile = (fopen)(logname, FOPEN_WRITETEXT); -#endif + curl_dbg_logfile = CURLX_FOPEN_LOW(logname, FOPEN_WRITETEXT); else curl_dbg_logfile = stderr; #ifdef MEMDEBUG_LOG_SYNC @@ -424,13 +422,7 @@ ALLOC_FUNC FILE *curl_dbg_fopen(const char *file, const char *mode, int line, const char *source) { - FILE *res; -#ifdef CURL_FOPEN - res = CURL_FOPEN(file, mode); -#else - res = (fopen)(file, mode); -#endif - + FILE *res = CURLX_FOPEN_LOW(file, mode); if(source) curl_dbg_log("FILE %s:%d fopen(\"%s\",\"%s\") = %p\n", source, line, file, mode, (void *)res); @@ -442,7 +434,8 @@ ALLOC_FUNC FILE *curl_dbg_fdopen(int filedes, const char *mode, int line, const char *source) { - FILE *res = (fdopen)(filedes, mode); + /* !checksrc! disable BANNEDFUNC 1 */ + FILE *res = fdopen(filedes, mode); if(source) curl_dbg_log("FILE %s:%d fdopen(\"%d\",\"%s\") = %p\n", source, line, filedes, mode, (void *)res); @@ -459,7 +452,8 @@ int curl_dbg_fclose(FILE *file, int line, const char *source) curl_dbg_log("FILE %s:%d fclose(%p)\n", source, line, (void *)file); - res = (fclose)(file); + /* !checksrc! disable BANNEDFUNC 1 */ + res = fclose(file); return res; } diff --git a/lib/memdebug.h b/lib/memdebug.h index 96ceb61759..c2b7fad952 100644 --- a/lib/memdebug.h +++ b/lib/memdebug.h @@ -52,12 +52,5 @@ #endif #endif /* _WIN32 */ -#undef fopen -#define fopen(file,mode) curl_dbg_fopen(file,mode,__LINE__,__FILE__) -#undef fdopen -#define fdopen(file,mode) curl_dbg_fdopen(file,mode,__LINE__,__FILE__) -#undef fclose -#define fclose(file) curl_dbg_fclose(file,__LINE__,__FILE__) - #endif /* CURLDEBUG */ #endif /* HEADER_CURL_MEMDEBUG_H */ diff --git a/lib/mime.c b/lib/mime.c index 894413be17..6ec7f69046 100644 --- a/lib/mime.c +++ b/lib/mime.c @@ -34,6 +34,7 @@ struct Curl_easy; #include "sendf.h" #include "transfer.h" #include "strdup.h" +#include "curlx/fopen.h" #include "curlx/base64.h" #if !defined(CURL_DISABLE_MIME) && \ @@ -131,7 +132,7 @@ static const char aschex[] = #ifndef __VMS #define filesize(name, stat_data) (stat_data.st_size) -#define fopen_read fopen +#define fopen_read curlx_fopen #else @@ -154,7 +155,7 @@ curl_off_t VmsRealFileSize(const char *name, int ret_stat; FILE * file; - file = fopen(name, FOPEN_READTEXT); /* VMS */ + file = curlx_fopen(name, FOPEN_READTEXT); /* VMS */ if(!file) return 0; @@ -165,7 +166,7 @@ curl_off_t VmsRealFileSize(const char *name, if(ret_stat) count += ret_stat; } - fclose(file); + curlx_fclose(file); return count; } @@ -210,10 +211,10 @@ static FILE * vmsfopenread(const char *file, const char *mode) case FAB$C_VAR: case FAB$C_VFC: case FAB$C_STMCR: - return fopen(file, FOPEN_READTEXT); /* VMS */ + return curlx_fopen(file, FOPEN_READTEXT); /* VMS */ break; default: - return fopen(file, FOPEN_READTEXT, "rfm=stmlf", "ctx=stm"); + return curlx_fopen(file, FOPEN_READTEXT, "rfm=stmlf", "ctx=stm"); } } @@ -745,7 +746,7 @@ static void mime_file_free(void *ptr) curl_mimepart *part = (curl_mimepart *) ptr; if(part->fp) { - fclose(part->fp); + curlx_fclose(part->fp); part->fp = NULL; } Curl_safefree(part->data); @@ -967,7 +968,7 @@ static size_t readback_part(curl_mimepart *part, mimesetstate(&part->state, MIMESTATE_END, NULL); /* Try sparing open file descriptors. */ if(part->kind == MIMEKIND_FILE && part->fp) { - fclose(part->fp); + curlx_fclose(part->fp); part->fp = NULL; } FALLTHROUGH(); diff --git a/lib/netrc.c b/lib/netrc.c index 447ee09585..a227ffefcd 100644 --- a/lib/netrc.c +++ b/lib/netrc.c @@ -39,6 +39,7 @@ #include "netrc.h" #include "strcase.h" #include "curl_get_line.h" +#include "curlx/fopen.h" #include "curlx/strparse.h" /* The last 3 #include files should be in this order */ @@ -76,7 +77,7 @@ enum found_state { static NETRCcode file2memory(const char *filename, struct dynbuf *filebuf) { NETRCcode ret = NETRC_FILE_MISSING; /* if it cannot open the file */ - FILE *file = fopen(filename, FOPEN_READTEXT); + FILE *file = curlx_fopen(filename, FOPEN_READTEXT); struct dynbuf linebuf; curlx_dyn_init(&linebuf, MAX_NETRC_LINE); @@ -99,7 +100,7 @@ static NETRCcode file2memory(const char *filename, struct dynbuf *filebuf) done: curlx_dyn_free(&linebuf); if(file) - fclose(file); + curlx_fclose(file); return ret; } diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index e9252ec2a1..2db73ca2d5 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -54,6 +54,7 @@ #include "../progress.h" #include "../select.h" #include "../strdup.h" +#include "../curlx/fopen.h" #include "../curlx/warnless.h" #include "x509asn1.h" #include "../multiif.h" @@ -211,7 +212,7 @@ static gnutls_datum_t load_file(const char *file) long filelen; void *ptr; - f = fopen(file, "rb"); + f = curlx_fopen(file, "rb"); if(!f) return loaded_file; if(fseek(f, 0, SEEK_END) != 0 @@ -227,7 +228,7 @@ static gnutls_datum_t load_file(const char *file) loaded_file.data = ptr; loaded_file.size = (unsigned int)filelen; out: - fclose(f); + curlx_fclose(f); return loaded_file; } diff --git a/lib/vtls/keylog.c b/lib/vtls/keylog.c index 2fd25089d9..9179d38fe7 100644 --- a/lib/vtls/keylog.c +++ b/lib/vtls/keylog.c @@ -33,6 +33,7 @@ #include "keylog.h" #include #include "../escape.h" +#include "../curlx/fopen.h" /* The last #include files should be: */ #include "../curl_memory.h" @@ -49,7 +50,7 @@ Curl_tls_keylog_open(void) if(!keylog_file_fp) { keylog_file_name = curl_getenv("SSLKEYLOGFILE"); if(keylog_file_name) { - keylog_file_fp = fopen(keylog_file_name, FOPEN_APPENDTEXT); + keylog_file_fp = curlx_fopen(keylog_file_name, FOPEN_APPENDTEXT); if(keylog_file_fp) { #ifdef _WIN32 if(setvbuf(keylog_file_fp, NULL, _IONBF, 0)) @@ -57,7 +58,7 @@ Curl_tls_keylog_open(void) if(setvbuf(keylog_file_fp, NULL, _IOLBF, 4096)) #endif { - fclose(keylog_file_fp); + curlx_fclose(keylog_file_fp); keylog_file_fp = NULL; } } @@ -70,7 +71,7 @@ void Curl_tls_keylog_close(void) { if(keylog_file_fp) { - fclose(keylog_file_fp); + curlx_fclose(keylog_file_fp); keylog_file_fp = NULL; } } diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c index a6d8a4652d..70e109212d 100644 --- a/lib/vtls/rustls.c +++ b/lib/vtls/rustls.c @@ -32,6 +32,7 @@ #include +#include "../curlx/fopen.h" #include "../curlx/inet_pton.h" #include "../urldata.h" #include "../sendf.h" @@ -397,7 +398,7 @@ static int read_file_into(const char *filename, struct dynbuf *out) { - FILE *f = fopen(filename, FOPEN_READTEXT); + FILE *f = curlx_fopen(filename, FOPEN_READTEXT); if(!f) { return 0; } @@ -407,14 +408,14 @@ read_file_into(const char *filename, const size_t rr = fread(buf, 1, sizeof(buf), f); if(rr == 0 || CURLE_OK != curlx_dyn_addn(out, buf, rr)) { - fclose(f); + curlx_fclose(f); return 0; } if(rr < sizeof(buf)) break; } - return fclose(f) == 0; + return curlx_fclose(f) == 0; } static void diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index 8ff8029e3b..bf68321afe 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -47,6 +47,7 @@ #include "../strdup.h" #include "../strerror.h" #include "../select.h" /* for the socket readiness */ +#include "../curlx/fopen.h" #include "../curlx/inet_pton.h" /* for IP addr SNI check */ #include "../curlx/multibyte.h" #include "../curlx/warnless.h" @@ -563,7 +564,7 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf, &cert_store_path, &cert_thumbprint_str); if(result && (data->set.ssl.primary.clientcert[0]!='\0')) - fInCert = fopen(data->set.ssl.primary.clientcert, "rb"); + fInCert = curlx_fopen(data->set.ssl.primary.clientcert, "rb"); if(result && !fInCert) { failf(data, "schannel: Failed to get certificate location" @@ -611,7 +612,7 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf, if((!certdata) || ((int) fread(certdata, certsize, 1, fInCert) != 1)) continue_reading = FALSE; - fclose(fInCert); + curlx_fclose(fInCert); if(!continue_reading) { failf(data, "schannel: Failed to read cert file %s", data->set.ssl.primary.clientcert); diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c index 9872e4c24d..9e3870e470 100644 --- a/lib/vtls/vtls.c +++ b/lib/vtls/vtls.c @@ -68,6 +68,7 @@ #include "../progress.h" #include "../share.h" #include "../multiif.h" +#include "../curlx/fopen.h" #include "../curlx/timeval.h" #include "../curl_md5.h" #include "../curl_sha256.h" @@ -803,7 +804,7 @@ CURLcode Curl_pin_peer_pubkey(struct Curl_easy *data, struct dynbuf buf; char unsigned *pem_ptr = NULL; size_t left; - FILE *fp = fopen(pinnedpubkey, "rb"); + FILE *fp = curlx_fopen(pinnedpubkey, "rb"); if(!fp) return result; @@ -865,7 +866,7 @@ CURLcode Curl_pin_peer_pubkey(struct Curl_easy *data, end: curlx_dyn_free(&buf); Curl_safefree(pem_ptr); - fclose(fp); + curlx_fclose(fp); } return result; diff --git a/scripts/checksrc.pl b/scripts/checksrc.pl index 0012ccdae1..b737961899 100755 --- a/scripts/checksrc.pl +++ b/scripts/checksrc.pl @@ -88,6 +88,9 @@ my %banfunc = ( "send" => 1, "socket" => 1, "socketpair" => 1, + "fclose" => 1, + "fdopen" => 1, + "fopen" => 1, ); my %warnings_extended = ( @@ -919,8 +922,8 @@ sub scanfile { } # scan for use of non-binary fopen without the macro - if($l =~ /^(.*\W)fopen\s*\([^,]*, *\"([^"]*)/) { - my $mode = $2; + if($l =~ /^(.*\W)(curlx_fopen|CURLX_FOPEN_LOW)\s*\([^,]*, *\"([^"]*)/) { + my $mode = $3; if($mode !~ /b/) { checkwarn("FOPENMODE", $line, length($1), $file, $ol, diff --git a/src/Makefile.inc b/src/Makefile.inc index 1086c07feb..35f8e6fdee 100644 --- a/src/Makefile.inc +++ b/src/Makefile.inc @@ -36,6 +36,7 @@ CURLX_CFILES = \ ../lib/curlx/base64.c \ ../lib/curlx/multibyte.c \ ../lib/curlx/dynbuf.c \ + ../lib/curlx/fopen.c \ ../lib/curlx/nonblock.c \ ../lib/curlx/strparse.c \ ../lib/curlx/timediff.c \ @@ -49,6 +50,7 @@ CURLX_HFILES = \ ../lib/curlx/multibyte.h \ ../lib/curl_setup.h \ ../lib/curlx/dynbuf.h \ + ../lib/curlx/fopen.h \ ../lib/curlx/nonblock.h \ ../lib/curlx/strparse.h \ ../lib/curlx/timediff.h \ diff --git a/src/tool_cb_dbg.c b/src/tool_cb_dbg.c index 6a587cc1cc..b454f5ca9b 100644 --- a/src/tool_cb_dbg.c +++ b/src/tool_cb_dbg.c @@ -124,7 +124,7 @@ int tool_debug_cb(CURL *handle, curl_infotype type, /* Ok, this is somewhat hackish but we do it undocumented for now */ global->trace_stream = tool_stderr; else { - global->trace_stream = fopen(global->trace_dump, FOPEN_WRITETEXT); + global->trace_stream = curlx_fopen(global->trace_dump, FOPEN_WRITETEXT); global->trace_fopened = TRUE; } } diff --git a/src/tool_cb_wrt.c b/src/tool_cb_wrt.c index 6fbf80753d..b4ea781739 100644 --- a/src/tool_cb_wrt.c +++ b/src/tool_cb_wrt.c @@ -55,7 +55,7 @@ bool tool_create_output_file(struct OutStruct *outs, (config->file_clobber_mode == CLOBBER_DEFAULT && !outs->is_cd_filename)) { /* open file for writing */ - file = fopen(fname, "wb"); + file = curlx_fopen(fname, "wb"); } else { int fd; @@ -92,7 +92,7 @@ bool tool_create_output_file(struct OutStruct *outs, is not needed because we would have failed earlier, in the while loop and `fd` would now be -1 */ if(fd != -1) { - file = fdopen(fd, "wb"); + file = curlx_fdopen(fd, "wb"); if(!file) close(fd); } diff --git a/src/tool_cfgable.c b/src/tool_cfgable.c index 675f4d2d9d..e2df7cf91f 100644 --- a/src/tool_cfgable.c +++ b/src/tool_cfgable.c @@ -258,7 +258,7 @@ static void free_globalconfig(void) tool_safefree(global->trace_dump); if(global->trace_fopened && global->trace_stream) - fclose(global->trace_stream); + curlx_fclose(global->trace_stream); global->trace_stream = NULL; tool_safefree(global->libcurl); diff --git a/src/tool_easysrc.c b/src/tool_easysrc.c index 223c66bdf5..bff251e6b0 100644 --- a/src/tool_easysrc.c +++ b/src/tool_easysrc.c @@ -178,7 +178,7 @@ void dumpeasysrc(void) FILE *out; bool fopened = FALSE; if(strcmp(o, "-")) { - out = fopen(o, FOPEN_WRITETEXT); + out = curlx_fopen(o, FOPEN_WRITETEXT); fopened = TRUE; } else @@ -227,7 +227,7 @@ void dumpeasysrc(void) fprintf(out, "%s\n", c); if(fopened) - fclose(out); + curlx_fclose(out); } easysrc_free(); diff --git a/src/tool_formparse.c b/src/tool_formparse.c index b5ab10a00f..f1f2f5b7e5 100644 --- a/src/tool_formparse.c +++ b/src/tool_formparse.c @@ -563,14 +563,14 @@ static int get_param_part(char endchar, endpos--; sep = *p; *endpos = '\0'; - fp = fopen(hdrfile, FOPEN_READTEXT); + fp = curlx_fopen(hdrfile, FOPEN_READTEXT); if(!fp) warnf("Cannot read from %s: %s", hdrfile, strerror(errno)); else { int i = read_field_headers(hdrfile, fp, &headers); - fclose(fp); + curlx_fclose(fp); if(i) { curl_slist_free_all(headers); return -1; diff --git a/src/tool_getparam.c b/src/tool_getparam.c index d7bdadb5d6..eed87bb807 100644 --- a/src/tool_getparam.c +++ b/src/tool_getparam.c @@ -627,7 +627,7 @@ static ParameterError data_urlencode(const char *nextarg, CURLX_SET_BINMODE(stdin); } else { - file = fopen(p, "rb"); + file = curlx_fopen(p, "rb"); if(!file) { errorf("Failed to open %s", p); return PARAM_READ_ERROR; @@ -637,7 +637,7 @@ static ParameterError data_urlencode(const char *nextarg, err = file2memory(&postdata, &size, file); if(file && (file != stdin)) - fclose(file); + curlx_fclose(file); if(err) return err; } @@ -899,7 +899,7 @@ static ParameterError set_data(cmdline_t cmd, CURLX_SET_BINMODE(stdin); } else { - file = fopen(nextarg, "rb"); + file = curlx_fopen(nextarg, "rb"); if(!file) { errorf("Failed to open %s", nextarg); return PARAM_READ_ERROR; @@ -917,7 +917,7 @@ static ParameterError set_data(cmdline_t cmd, } if(file && (file != stdin)) - fclose(file); + curlx_fclose(file); if(err) return err; @@ -1094,7 +1094,7 @@ static ParameterError parse_url(struct OperationConfig *config, if(fromstdin) f = stdin; else - f = fopen(&nextarg[1], FOPEN_READTEXT); + f = curlx_fopen(&nextarg[1], FOPEN_READTEXT); if(f) { curlx_dyn_init(&line, 8092); while(my_get_line(f, &line, &error)) { @@ -1104,7 +1104,7 @@ static ParameterError parse_url(struct OperationConfig *config, break; } if(!fromstdin) - fclose(f); + curlx_fclose(f); curlx_dyn_free(&line); if(error || err) return PARAM_READ_ERROR; @@ -1206,7 +1206,7 @@ static ParameterError parse_ech(struct OperationConfig *config, file = stdin; } else { - file = fopen(nextarg, FOPEN_READTEXT); + file = curlx_fopen(nextarg, FOPEN_READTEXT); } if(!file) { warnf("Couldn't read file \"%s\" " @@ -1216,7 +1216,7 @@ static ParameterError parse_ech(struct OperationConfig *config, } err = file2string(&tmpcfg, file); if(file != stdin) - fclose(file); + curlx_fclose(file); if(err) return err; config->ech_config = aprintf("ecl:%s",tmpcfg); @@ -1242,7 +1242,7 @@ static ParameterError parse_header(struct OperationConfig *config, if(nextarg[0] == '@') { /* read many headers from a file or stdin */ bool use_stdin = !strcmp(&nextarg[1], "-"); - FILE *file = use_stdin ? stdin : fopen(&nextarg[1], FOPEN_READTEXT); + FILE *file = use_stdin ? stdin : curlx_fopen(&nextarg[1], FOPEN_READTEXT); if(!file) { errorf("Failed to open %s", &nextarg[1]); err = PARAM_READ_ERROR; @@ -1263,7 +1263,7 @@ static ParameterError parse_header(struct OperationConfig *config, err = PARAM_READ_ERROR; curlx_dyn_free(&line); if(!use_stdin) - fclose(file); + curlx_fclose(file); } } else { @@ -1536,7 +1536,7 @@ static ParameterError parse_writeout(struct OperationConfig *config, } else { fname = nextarg; - file = fopen(fname, FOPEN_READTEXT); + file = curlx_fopen(fname, FOPEN_READTEXT); if(!file) { errorf("Failed to open %s", fname); return PARAM_READ_ERROR; @@ -1545,7 +1545,7 @@ static ParameterError parse_writeout(struct OperationConfig *config, tool_safefree(config->writeout); err = file2string(&config->writeout, file); if(file && (file != stdin)) - fclose(file); + curlx_fclose(file); if(err) return err; if(!config->writeout) diff --git a/src/tool_ipfs.c b/src/tool_ipfs.c index dd030f09bc..c2f1b16523 100644 --- a/src/tool_ipfs.c +++ b/src/tool_ipfs.c @@ -88,7 +88,7 @@ static char *ipfs_gateway(void) if(!gateway_composed_file_path) goto fail; - gateway_file = fopen(gateway_composed_file_path, FOPEN_READTEXT); + gateway_file = curlx_fopen(gateway_composed_file_path, FOPEN_READTEXT); tool_safefree(gateway_composed_file_path); if(gateway_file) { @@ -103,7 +103,7 @@ static char *ipfs_gateway(void) goto fail; } - fclose(gateway_file); + curlx_fclose(gateway_file); gateway_file = NULL; if(curlx_dyn_len(&dyn)) @@ -121,7 +121,7 @@ static char *ipfs_gateway(void) } fail: if(gateway_file) - fclose(gateway_file); + curlx_fclose(gateway_file); tool_safefree(gateway); tool_safefree(ipfs_path); return NULL; diff --git a/src/tool_operate.c b/src/tool_operate.c index 14eff06e06..d5a1b26468 100644 --- a/src/tool_operate.c +++ b/src/tool_operate.c @@ -164,7 +164,7 @@ static curl_off_t vms_realfilesize(const char *name, FILE * file; /* !checksrc! disable FOPENMODE 1 */ - file = fopen(name, "r"); /* VMS */ + file = curlx_fopen(name, "r"); /* VMS */ if(!file) { return 0; } @@ -175,7 +175,7 @@ static curl_off_t vms_realfilesize(const char *name, if(ret_stat) count += ret_stat; } - fclose(file); + curlx_fclose(file); return count; } @@ -660,7 +660,7 @@ static CURLcode post_per_transfer(struct per_transfer *per, /* Close the outs file */ if(outs->fopened && outs->stream) { - rc = fclose(outs->stream); + rc = curlx_fclose(outs->stream); if(!result && rc) { /* something went wrong in the writing process */ result = CURLE_WRITE_ERROR; @@ -696,13 +696,13 @@ skip: /* Close function-local opened file descriptors */ if(per->heads.fopened && per->heads.stream) - fclose(per->heads.stream); + curlx_fclose(per->heads.stream); if(per->heads.alloc_filename) tool_safefree(per->heads.filename); if(per->etag_save.fopened && per->etag_save.stream) - fclose(per->etag_save.stream); + curlx_fclose(per->etag_save.stream); if(per->etag_save.alloc_filename) tool_safefree(per->etag_save.filename); @@ -800,7 +800,7 @@ static CURLcode etag_compare(struct OperationConfig *config) ParameterError pe; /* open file for reading: */ - FILE *file = fopen(config->etag_compare_file, FOPEN_READTEXT); + FILE *file = curlx_fopen(config->etag_compare_file, FOPEN_READTEXT); if(!file) warnf("Failed to open %s: %s", config->etag_compare_file, strerror(errno)); @@ -815,7 +815,7 @@ static CURLcode etag_compare(struct OperationConfig *config) if(!header) { if(file) - fclose(file); + curlx_fclose(file); errorf("Failed to allocate memory for custom etag header"); return CURLE_OUT_OF_MEMORY; } @@ -825,7 +825,7 @@ static CURLcode etag_compare(struct OperationConfig *config) tool_safefree(header); if(file) - fclose(file); + curlx_fclose(file); if(pe != PARAM_OK) result = CURLE_OUT_OF_MEMORY; return result; @@ -843,7 +843,7 @@ static CURLcode etag_store(struct OperationConfig *config, /* open file for output: */ if(strcmp(config->etag_save_file, "-")) { - FILE *newfile = fopen(config->etag_save_file, "ab"); + FILE *newfile = curlx_fopen(config->etag_save_file, "ab"); if(!newfile) { warnf("Failed creating file for saving etags: \"%s\". " "Skip this transfer", config->etag_save_file); @@ -893,11 +893,11 @@ static CURLcode setup_headerfile(struct OperationConfig *config, return result; } if(!per->prev || per->prev->config != config) { - newfile = fopen(config->headerfile, "wb"); + newfile = curlx_fopen(config->headerfile, "wb"); if(newfile) - fclose(newfile); + curlx_fclose(newfile); } - newfile = fopen(config->headerfile, "ab"); + newfile = curlx_fopen(config->headerfile, "ab"); if(!newfile) { errorf("Failed to open %s", config->headerfile); @@ -999,11 +999,11 @@ static CURLcode setup_outfile(struct OperationConfig *config, #ifdef __VMS /* open file for output, forcing VMS output format into stream mode which is needed for stat() call above to always work. */ - FILE *file = fopen(outfile, "ab", - "ctx=stm", "rfm=stmlf", "rat=cr", "mrs=0"); + FILE *file = curlx_fopen(outfile, "ab", + "ctx=stm", "rfm=stmlf", "rat=cr", "mrs=0"); #else /* open file for output: */ - FILE *file = fopen(per->outfile, "ab"); + FILE *file = curlx_fopen(per->outfile, "ab"); #endif if(!file) { errorf("cannot open '%s'", per->outfile); @@ -1193,7 +1193,7 @@ static CURLcode single_transfer(struct OperationConfig *config, if(result) { curl_easy_cleanup(curl); if(etag_first.fopened) - fclose(etag_first.stream); + curlx_fclose(etag_first.stream); return result; } per->etag_save = etag_first; /* copy the whole struct */ @@ -2004,7 +2004,7 @@ static CURLcode cacertpaths(struct OperationConfig *config) char *cacert = NULL; FILE *cafile = tool_execpath("curl-ca-bundle.crt", &cacert); if(cafile) { - fclose(cafile); + curlx_fclose(cafile); config->cacert = strdup(cacert); } #elif !defined(CURL_WINDOWS_UWP) && !defined(UNDER_CE) && \ diff --git a/src/tool_parsecfg.c b/src/tool_parsecfg.c index bc22b9d5b7..632286530a 100644 --- a/src/tool_parsecfg.c +++ b/src/tool_parsecfg.c @@ -93,7 +93,7 @@ int parseconfig(const char *filename) /* NULL means load .curlrc from homedir! */ char *curlrc = findfile(".curlrc", CURLRC_DOTSCORE); if(curlrc) { - file = fopen(curlrc, FOPEN_READTEXT); + file = curlx_fopen(curlrc, FOPEN_READTEXT); if(!file) { free(curlrc); return 1; @@ -115,7 +115,7 @@ int parseconfig(const char *filename) } else { if(strcmp(filename, "-")) - file = fopen(filename, FOPEN_READTEXT); + file = curlx_fopen(filename, FOPEN_READTEXT); else file = stdin; } @@ -250,7 +250,7 @@ int parseconfig(const char *filename) curlx_dyn_free(&buf); curlx_dyn_free(&pbuf); if(file != stdin) - fclose(file); + curlx_fclose(file); if(fileerror) rc = 1; } diff --git a/src/tool_ssls.c b/src/tool_ssls.c index edf8d6095a..6fb0180455 100644 --- a/src/tool_ssls.c +++ b/src/tool_ssls.c @@ -66,7 +66,7 @@ CURLcode tool_ssls_load(struct OperationConfig *config, bool error = FALSE; curlx_dyn_init(&buf, MAX_SSLS_LINE); - fp = fopen(filename, FOPEN_READTEXT); + fp = curlx_fopen(filename, FOPEN_READTEXT); if(!fp) { /* ok if it does not exist */ notef("SSL session file does not exist (yet?): %s", filename); goto out; @@ -122,7 +122,7 @@ out: if(easy) curl_easy_cleanup(easy); if(fp) - fclose(fp); + curlx_fclose(fp); curlx_dyn_free(&buf); curl_free(shmac); curl_free(sdata); @@ -190,7 +190,7 @@ CURLcode tool_ssls_save(struct OperationConfig *config, CURLcode r = CURLE_OK; ctx.exported = 0; - ctx.fp = fopen(filename, FOPEN_WRITETEXT); + ctx.fp = curlx_fopen(filename, FOPEN_WRITETEXT); if(!ctx.fp) { warnf("Warning: Failed to create SSL session file %s", filename); @@ -207,6 +207,6 @@ out: if(easy) curl_easy_cleanup(easy); if(ctx.fp) - fclose(ctx.fp); + curlx_fclose(ctx.fp); return r; } diff --git a/src/tool_stderr.c b/src/tool_stderr.c index b023d6c802..1116c30092 100644 --- a/src/tool_stderr.c +++ b/src/tool_stderr.c @@ -50,12 +50,12 @@ void tool_set_stderr_file(const char *filename) /* precheck that filename is accessible to lessen the chance that the subsequent freopen will fail. */ - fp = fopen(filename, FOPEN_WRITETEXT); + fp = curlx_fopen(filename, FOPEN_WRITETEXT); if(!fp) { warnf("Warning: Failed to open %s", filename); return; } - fclose(fp); + curlx_fclose(fp); /* freopen the actual stderr (stdio.h stderr) instead of tool_stderr since the latter may be set to stdout. */ diff --git a/src/tool_util.c b/src/tool_util.c index e7ab704f12..f8415d2a17 100644 --- a/src/tool_util.c +++ b/src/tool_util.c @@ -127,7 +127,7 @@ FILE *tool_execpath(const char *filename, char **pathp) if(strlen(filename) < remaining - 1) { curl_msnprintf(lastdirchar, remaining, "%s%s", DIR_CHAR, filename); *pathp = filebuffer; - return fopen(filebuffer, FOPEN_READTEXT); + return curlx_fopen(filebuffer, FOPEN_READTEXT); } } } diff --git a/src/tool_writeout.c b/src/tool_writeout.c index cdde28c909..eaeec152e4 100644 --- a/src/tool_writeout.c +++ b/src/tool_writeout.c @@ -772,13 +772,13 @@ void ourWriteOut(struct OperationConfig *config, struct per_transfer *per, break; case VAR_STDOUT: if(fclose_stream) - fclose(stream); + curlx_fclose(stream); fclose_stream = FALSE; stream = stdout; break; case VAR_STDERR: if(fclose_stream) - fclose(stream); + curlx_fclose(stream); fclose_stream = FALSE; stream = tool_stderr; break; @@ -824,12 +824,12 @@ void ourWriteOut(struct OperationConfig *config, struct per_transfer *per, FILE *stream2; memcpy(fname, ptr, flen); fname[flen] = 0; - stream2 = fopen(fname, append ? FOPEN_APPENDTEXT : - FOPEN_WRITETEXT); + stream2 = curlx_fopen(fname, append ? FOPEN_APPENDTEXT : + FOPEN_WRITETEXT); if(stream2) { /* only change if the open worked */ if(fclose_stream) - fclose(stream); + curlx_fclose(stream); stream = stream2; fclose_stream = TRUE; } @@ -872,6 +872,6 @@ void ourWriteOut(struct OperationConfig *config, struct per_transfer *per, } } if(fclose_stream) - fclose(stream); + curlx_fclose(stream); curlx_dyn_free(&name); } diff --git a/src/var.c b/src/var.c index 612735016c..d279fdeb6e 100644 --- a/src/var.c +++ b/src/var.c @@ -455,7 +455,7 @@ ParameterError setvariable(const char *input) if(use_stdin) file = stdin; else { - file = fopen(line, "rb"); + file = curlx_fopen(line, "rb"); if(!file) { errorf("Failed to open %s: %s", line, strerror(errno)); err = PARAM_READ_ERROR; @@ -469,7 +469,7 @@ ParameterError setvariable(const char *input) } curlx_dyn_free(&fname); if(!use_stdin && file) - fclose(file); + curlx_fclose(file); if(err) return err; } diff --git a/tests/data/test1185 b/tests/data/test1185 index 8b14f4c5ff..43a27f0870 100644 --- a/tests/data/test1185 +++ b/tests/data/test1185 @@ -47,7 +47,7 @@ func_return() ; a = sprintf(buffer, "%s", moo); -FILE *f = fopen("filename", "r"); +FILE *f = curlx_fopen("filename", "r"); void startfunc(int a, int b) { func(); @@ -124,7 +124,7 @@ void startfunc(int a, int b) { a = sprintf(buffer, "%s", moo); ^ ./%LOGDIR/code1185.c:32:11: warning: use of non-binary fopen without FOPEN_* macro: r (FOPENMODE) - FILE *f = fopen("filename", "r"); + FILE *f = curlx_fopen("filename", "r"); ^ ./%LOGDIR/code1185.c:34:30: warning: wrongly placed open brace (BRACEPOS) void startfunc(int a, int b) { diff --git a/tests/libtest/Makefile.inc b/tests/libtest/Makefile.inc index 00273f9e9d..c316a05269 100644 --- a/tests/libtest/Makefile.inc +++ b/tests/libtest/Makefile.inc @@ -34,6 +34,7 @@ UTILS_C = memptr.c testutil.c testtrace.c UTILS_H = testutil.h testtrace.h unitcheck.h CURLX_C = \ + ../../lib/curlx/fopen.c \ ../../lib/curlx/warnless.c \ ../../lib/curlx/multibyte.c \ ../../lib/curlx/timediff.c \ diff --git a/tests/libtest/cli_h2_serverpush.c b/tests/libtest/cli_h2_serverpush.c index 7b465bc61a..a865fdfd8f 100644 --- a/tests/libtest/cli_h2_serverpush.c +++ b/tests/libtest/cli_h2_serverpush.c @@ -30,7 +30,7 @@ static FILE *out_download; static int setup_h2_serverpush(CURL *hnd, const char *url) { - out_download = fopen("download_0.data", "wb"); + out_download = curlx_fopen("download_0.data", "wb"); if(!out_download) return 1; /* failed */ @@ -72,7 +72,7 @@ static int server_push_callback(CURL *parent, curl_msnprintf(filename, sizeof(filename) - 1, "push%u", count++); /* here's a new stream, save it in a new file for each new push */ - out_push = fopen(filename, "wb"); + out_push = curlx_fopen(filename, "wb"); if(!out_push) { /* if we cannot save it, deny it */ curl_mfprintf(stderr, "Failed to create output file for push\n"); @@ -129,7 +129,7 @@ static CURLcode test_cli_h2_serverpush(const char *URL) easy = curl_easy_init(); if(setup_h2_serverpush(easy, URL)) { - fclose(out_download); + curlx_fclose(out_download); curl_mfprintf(stderr, "failed\n"); return (CURLcode)1; } @@ -166,9 +166,9 @@ static CURLcode test_cli_h2_serverpush(const char *URL) curl_multi_cleanup(multi_handle); - fclose(out_download); + curlx_fclose(out_download); if(out_push) - fclose(out_push); + curlx_fclose(out_push); return CURLE_OK; } diff --git a/tests/libtest/cli_hx_download.c b/tests/libtest/cli_hx_download.c index 6394c5e25b..7a6a48c171 100644 --- a/tests/libtest/cli_hx_download.c +++ b/tests/libtest/cli_hx_download.c @@ -94,7 +94,7 @@ static size_t my_write_d_cb(char *buf, size_t nitems, size_t buflen, if(!t->out) { curl_msnprintf(t->filename, sizeof(t->filename)-1, "download_%zu.data", t->idx); - t->out = fopen(t->filename, "wb"); + t->out = curlx_fopen(t->filename, "wb"); if(!t->out) return 0; } @@ -530,7 +530,7 @@ static CURLcode test_cli_hx_download(const char *URL) for(i = 0; i < transfer_count_d; ++i) { t = &transfer_d[i]; if(t->out) { - fclose(t->out); + curlx_fclose(t->out); t->out = NULL; } if(t->easy) { diff --git a/tests/libtest/cli_hx_upload.c b/tests/libtest/cli_hx_upload.c index 9c69e36787..40e486c41a 100644 --- a/tests/libtest/cli_hx_upload.c +++ b/tests/libtest/cli_hx_upload.c @@ -74,7 +74,7 @@ static size_t my_write_u_cb(char *buf, size_t nitems, size_t buflen, if(!t->out) { curl_msnprintf(t->filename, sizeof(t->filename)-1, "download_%zu.data", t->idx); - t->out = fopen(t->filename, "wb"); + t->out = curlx_fopen(t->filename, "wb"); if(!t->out) return 0; } @@ -494,7 +494,7 @@ static CURLcode test_cli_hx_upload(const char *URL) for(i = 0; i < transfer_count_u; ++i) { t = &transfer_u[i]; if(t->out) { - fclose(t->out); + curlx_fclose(t->out); t->out = NULL; } if(t->easy) { diff --git a/tests/libtest/lib500.c b/tests/libtest/lib500.c index 7081ec625d..ffb974f4f0 100644 --- a/tests/libtest/lib500.c +++ b/tests/libtest/lib500.c @@ -90,7 +90,7 @@ static CURLcode test_lib500(const char *URL) if(!res) { res = curl_easy_getinfo(curl, CURLINFO_PRIMARY_IP, &ipstr); if(libtest_arg2) { - FILE *moo = fopen(libtest_arg2, "wb"); + FILE *moo = curlx_fopen(libtest_arg2, "wb"); if(moo) { curl_off_t time_namelookup; curl_off_t time_connect; @@ -163,7 +163,7 @@ static CURLcode test_lib500(const char *URL) (long)(time_total % 1000000)); } - fclose(moo); + curlx_fclose(moo); } } } diff --git a/tests/libtest/lib505.c b/tests/libtest/lib505.c index 2285208e9f..fc20094584 100644 --- a/tests/libtest/lib505.c +++ b/tests/libtest/lib505.c @@ -51,7 +51,7 @@ static CURLcode test_lib505(const char *URL) return TEST_ERR_USAGE; } - hd_src = fopen(libtest_arg2, "rb"); + hd_src = curlx_fopen(libtest_arg2, "rb"); if(!hd_src) { curl_mfprintf(stderr, "fopen failed with error (%d) %s\n", errno, strerror(errno)); @@ -70,19 +70,19 @@ static CURLcode test_lib505(const char *URL) curl_mfprintf(stderr, "fstat() failed with error (%d) %s\n", errno, strerror(errno)); curl_mfprintf(stderr, "Error opening file '%s'\n", libtest_arg2); - fclose(hd_src); + curlx_fclose(hd_src); return TEST_ERR_MAJOR_BAD; } if(!file_info.st_size) { curl_mfprintf(stderr, "File %s has zero size!\n", libtest_arg2); - fclose(hd_src); + curlx_fclose(hd_src); return TEST_ERR_MAJOR_BAD; } if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) { curl_mfprintf(stderr, "curl_global_init() failed\n"); - fclose(hd_src); + curlx_fclose(hd_src); return TEST_ERR_MAJOR_BAD; } @@ -91,7 +91,7 @@ static CURLcode test_lib505(const char *URL) if(!curl) { curl_mfprintf(stderr, "curl_easy_init() failed\n"); curl_global_cleanup(); - fclose(hd_src); + curlx_fclose(hd_src); return TEST_ERR_MAJOR_BAD; } @@ -102,7 +102,7 @@ static CURLcode test_lib505(const char *URL) curl_mfprintf(stderr, "curl_slist_append() failed\n"); curl_easy_cleanup(curl); curl_global_cleanup(); - fclose(hd_src); + curlx_fclose(hd_src); return TEST_ERR_MAJOR_BAD; } headerlist = curl_slist_append(hl, buf_2); @@ -111,7 +111,7 @@ static CURLcode test_lib505(const char *URL) curl_slist_free_all(hl); curl_easy_cleanup(curl); curl_global_cleanup(); - fclose(hd_src); + curlx_fclose(hd_src); return TEST_ERR_MAJOR_BAD; } headerlist = hl; @@ -144,7 +144,7 @@ test_cleanup: curl_slist_free_all(headerlist); /* close the local file */ - fclose(hd_src); + curlx_fclose(hd_src); curl_easy_cleanup(curl); curl_global_cleanup(); diff --git a/tests/libtest/lib518.c b/tests/libtest/lib518.c index 86eddec003..9cf3a42554 100644 --- a/tests/libtest/lib518.c +++ b/tests/libtest/lib518.c @@ -77,7 +77,7 @@ static int t518_fopen_works(void) fpa[i] = NULL; } for(i = 0; i < 3; i++) { - fpa[i] = fopen(DEV_NULL, FOPEN_READTEXT); + fpa[i] = curlx_fopen(DEV_NULL, FOPEN_READTEXT); if(!fpa[i]) { t518_store_errmsg("fopen failed", errno); curl_mfprintf(stderr, "%s\n", t518_msgbuff); @@ -87,7 +87,7 @@ static int t518_fopen_works(void) } for(i = 0; i < 3; i++) { if(fpa[i]) - fclose(fpa[i]); + curlx_fclose(fpa[i]); } return ret; } diff --git a/tests/libtest/lib525.c b/tests/libtest/lib525.c index 6c7d650366..007889fdc7 100644 --- a/tests/libtest/lib525.c +++ b/tests/libtest/lib525.c @@ -42,7 +42,7 @@ static CURLcode test_lib525(const char *URL) return TEST_ERR_USAGE; } - hd_src = fopen(libtest_arg2, "rb"); + hd_src = curlx_fopen(libtest_arg2, "rb"); if(!hd_src) { curl_mfprintf(stderr, "fopen failed with error (%d) %s\n", errno, strerror(errno)); @@ -61,13 +61,13 @@ static CURLcode test_lib525(const char *URL) curl_mfprintf(stderr, "fstat() failed with error (%d) %s\n", errno, strerror(errno)); curl_mfprintf(stderr, "Error opening file '%s'\n", libtest_arg2); - fclose(hd_src); + curlx_fclose(hd_src); return TEST_ERR_FSTAT; } res_global_init(CURL_GLOBAL_ALL); if(res) { - fclose(hd_src); + curlx_fclose(hd_src); return res; } @@ -149,7 +149,7 @@ test_cleanup: } /* close the local file */ - fclose(hd_src); + curlx_fclose(hd_src); return res; } diff --git a/tests/libtest/lib537.c b/tests/libtest/lib537.c index fa03c3b983..90de8a2d0c 100644 --- a/tests/libtest/lib537.c +++ b/tests/libtest/lib537.c @@ -74,7 +74,7 @@ static int t537_fopen_works(void) fpa[i] = NULL; } for(i = 0; i < 3; i++) { - fpa[i] = fopen(DEV_NULL, FOPEN_READTEXT); + fpa[i] = curlx_fopen(DEV_NULL, FOPEN_READTEXT); if(!fpa[i]) { t537_store_errmsg("fopen failed", errno); curl_mfprintf(stderr, "%s\n", t537_msgbuff); @@ -84,7 +84,7 @@ static int t537_fopen_works(void) } for(i = 0; i < 3; i++) { if(fpa[i]) - fclose(fpa[i]); + curlx_fclose(fpa[i]); } return ret; } diff --git a/tests/libtest/lib541.c b/tests/libtest/lib541.c index 9868474d01..3bb64f8ac4 100644 --- a/tests/libtest/lib541.c +++ b/tests/libtest/lib541.c @@ -42,7 +42,7 @@ static CURLcode test_lib541(const char *URL) return TEST_ERR_USAGE; } - hd_src = fopen(libtest_arg2, "rb"); + hd_src = curlx_fopen(libtest_arg2, "rb"); if(!hd_src) { curl_mfprintf(stderr, "fopen failed with error (%d) %s\n", errno, strerror(errno)); @@ -61,19 +61,19 @@ static CURLcode test_lib541(const char *URL) curl_mfprintf(stderr, "fstat() failed with error (%d) %s\n", errno, strerror(errno)); curl_mfprintf(stderr, "Error opening file '%s'\n", libtest_arg2); - fclose(hd_src); + curlx_fclose(hd_src); return TEST_ERR_MAJOR_BAD; } if(!file_info.st_size) { curl_mfprintf(stderr, "File %s has zero size!\n", libtest_arg2); - fclose(hd_src); + curlx_fclose(hd_src); return TEST_ERR_MAJOR_BAD; } if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) { curl_mfprintf(stderr, "curl_global_init() failed\n"); - fclose(hd_src); + curlx_fclose(hd_src); return TEST_ERR_MAJOR_BAD; } @@ -82,7 +82,7 @@ static CURLcode test_lib541(const char *URL) if(!curl) { curl_mfprintf(stderr, "curl_easy_init() failed\n"); curl_global_cleanup(); - fclose(hd_src); + curlx_fclose(hd_src); return TEST_ERR_MAJOR_BAD; } @@ -110,7 +110,7 @@ static CURLcode test_lib541(const char *URL) test_cleanup: /* close the local file */ - fclose(hd_src); + curlx_fclose(hd_src); curl_easy_cleanup(curl); curl_global_cleanup(); diff --git a/tests/libtest/lib566.c b/tests/libtest/lib566.c index 15221cd0cc..79f48f235b 100644 --- a/tests/libtest/lib566.c +++ b/tests/libtest/lib566.c @@ -54,10 +54,10 @@ static CURLcode test_lib566(const char *URL) res = curl_easy_getinfo(curl, CURLINFO_CONTENT_LENGTH_DOWNLOAD, &content_length); - moo = fopen(libtest_arg2, "wb"); + moo = curlx_fopen(libtest_arg2, "wb"); if(moo) { curl_mfprintf(moo, "CL %.0f\n", content_length); - fclose(moo); + curlx_fclose(moo); } } diff --git a/tests/libtest/lib568.c b/tests/libtest/lib568.c index 8e34194ef5..83c6fd2394 100644 --- a/tests/libtest/lib568.c +++ b/tests/libtest/lib568.c @@ -75,7 +75,7 @@ static CURLcode test_lib568(const char *URL) fstat(sdp, &file_info); close(sdp); - sdpf = fopen(libtest_arg2, "rb"); + sdpf = curlx_fopen(libtest_arg2, "rb"); if(!sdpf) { curl_mfprintf(stderr, "can't fopen %s\n", libtest_arg2); res = TEST_ERR_MAJOR_BAD; @@ -94,7 +94,7 @@ static CURLcode test_lib568(const char *URL) goto test_cleanup; test_setopt(curl, CURLOPT_UPLOAD, 0L); - fclose(sdpf); + curlx_fclose(sdpf); sdpf = NULL; /* Make sure we can do a normal request now */ @@ -159,7 +159,7 @@ static CURLcode test_lib568(const char *URL) test_cleanup: if(sdpf) - fclose(sdpf); + curlx_fclose(sdpf); curl_free(stream_uri); diff --git a/tests/libtest/lib569.c b/tests/libtest/lib569.c index 8f340b489d..b1a80a7b01 100644 --- a/tests/libtest/lib569.c +++ b/tests/libtest/lib569.c @@ -38,7 +38,7 @@ static CURLcode test_lib569(const char *URL) int request = 1; int i; - FILE *idfile = fopen(libtest_arg2, "wb"); + FILE *idfile = curlx_fopen(libtest_arg2, "wb"); if(!idfile) { curl_mfprintf(stderr, "couldn't open the Session ID File\n"); return TEST_ERR_MAJOR_BAD; @@ -46,7 +46,7 @@ static CURLcode test_lib569(const char *URL) if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) { curl_mfprintf(stderr, "curl_global_init() failed\n"); - fclose(idfile); + curlx_fclose(idfile); return TEST_ERR_MAJOR_BAD; } @@ -54,7 +54,7 @@ static CURLcode test_lib569(const char *URL) if(!curl) { curl_mfprintf(stderr, "curl_easy_init() failed\n"); curl_global_cleanup(); - fclose(idfile); + curlx_fclose(idfile); return TEST_ERR_MAJOR_BAD; } @@ -116,7 +116,7 @@ static CURLcode test_lib569(const char *URL) test_cleanup: if(idfile) - fclose(idfile); + curlx_fclose(idfile); curl_free(stream_uri); curl_easy_cleanup(curl); diff --git a/tests/libtest/lib571.c b/tests/libtest/lib571.c index 2cf4128e7a..49afc2211d 100644 --- a/tests/libtest/lib571.c +++ b/tests/libtest/lib571.c @@ -95,7 +95,7 @@ static CURLcode test_lib571(const char *URL) char *stream_uri = NULL; int request = 1; - FILE *protofile = fopen(libtest_arg2, "wb"); + FILE *protofile = curlx_fopen(libtest_arg2, "wb"); if(!protofile) { curl_mfprintf(stderr, "Couldn't open the protocol dump file\n"); return TEST_ERR_MAJOR_BAD; @@ -103,14 +103,14 @@ static CURLcode test_lib571(const char *URL) if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) { curl_mfprintf(stderr, "curl_global_init() failed\n"); - fclose(protofile); + curlx_fclose(protofile); return TEST_ERR_MAJOR_BAD; } curl = curl_easy_init(); if(!curl) { curl_mfprintf(stderr, "curl_easy_init() failed\n"); - fclose(protofile); + curlx_fclose(protofile); curl_global_cleanup(); return TEST_ERR_MAJOR_BAD; } @@ -194,7 +194,7 @@ test_cleanup: curl_free(stream_uri); if(protofile) - fclose(protofile); + curlx_fclose(protofile); curl_easy_cleanup(curl); curl_global_cleanup(); diff --git a/tests/libtest/lib572.c b/tests/libtest/lib572.c index ea9e34e068..ef5e066023 100644 --- a/tests/libtest/lib572.c +++ b/tests/libtest/lib572.c @@ -93,7 +93,7 @@ static CURLcode test_lib572(const char *URL) fstat(params, &file_info); close(params); - paramsf = fopen(libtest_arg2, "rb"); + paramsf = curlx_fopen(libtest_arg2, "rb"); if(!paramsf) { curl_mfprintf(stderr, "can't fopen %s\n", libtest_arg2); res = TEST_ERR_MAJOR_BAD; @@ -110,7 +110,7 @@ static CURLcode test_lib572(const char *URL) goto test_cleanup; test_setopt(curl, CURLOPT_UPLOAD, 0L); - fclose(paramsf); + curlx_fclose(paramsf); paramsf = NULL; /* Heartbeat GET_PARAMETERS */ @@ -163,7 +163,7 @@ static CURLcode test_lib572(const char *URL) test_cleanup: if(paramsf) - fclose(paramsf); + curlx_fclose(paramsf); curl_free(stream_uri); diff --git a/tests/libtest/lib578.c b/tests/libtest/lib578.c index a15c9a4f81..b6be1600f4 100644 --- a/tests/libtest/lib578.c +++ b/tests/libtest/lib578.c @@ -33,7 +33,7 @@ static size_t data_size = CURL_ARRAYSIZE(t578_testdata); static int t578_progress_callback(void *clientp, double dltotal, double dlnow, double ultotal, double ulnow) { - FILE *moo = fopen(libtest_arg2, "wb"); + FILE *moo = curlx_fopen(libtest_arg2, "wb"); (void)clientp; (void)dltotal; @@ -45,7 +45,7 @@ static int t578_progress_callback(void *clientp, double dltotal, double dlnow, else curl_mfprintf(moo, "Progress callback called with UL %f out of %f\n", ulnow, ultotal); - fclose(moo); + curlx_fclose(moo); } return 0; } diff --git a/tests/libtest/lib579.c b/tests/libtest/lib579.c index 76ecefe4ec..29396941cc 100644 --- a/tests/libtest/lib579.c +++ b/tests/libtest/lib579.c @@ -35,11 +35,11 @@ static size_t last_ul_total = 0; static void progress_final_report(void) { - FILE *moo = fopen(libtest_arg2, "ab"); + FILE *moo = curlx_fopen(libtest_arg2, "ab"); curl_mfprintf(moo ? moo : stderr, "Progress: end UL %zu/%zu\n", last_ul, last_ul_total); if(moo) - fclose(moo); + curlx_fclose(moo); else curl_mfprintf(stderr, "Progress: end UL, can't open %s\n", libtest_arg2); started = FALSE; @@ -59,11 +59,11 @@ static int t579_progress_callback(void *clientp, double dltotal, double dlnow, last_ul = (size_t)ulnow; last_ul_total = (size_t)ultotal; if(!started) { - FILE *moo = fopen(libtest_arg2, "ab"); + FILE *moo = curlx_fopen(libtest_arg2, "ab"); curl_mfprintf(moo ? moo : stderr, "Progress: start UL %zu/%zu\n", last_ul, last_ul_total); if(moo) - fclose(moo); + curlx_fclose(moo); else curl_mfprintf(stderr, "Progress: start UL, can't open %s\n", libtest_arg2); diff --git a/tests/libtest/lib582.c b/tests/libtest/lib582.c index 70a9ab65dc..b197063221 100644 --- a/tests/libtest/lib582.c +++ b/tests/libtest/lib582.c @@ -243,7 +243,7 @@ static CURLcode test_lib582(const char *URL) return TEST_ERR_USAGE; } - hd_src = fopen(libtest_arg2, "rb"); + hd_src = curlx_fopen(libtest_arg2, "rb"); if(!hd_src) { curl_mfprintf(stderr, "fopen() failed with error (%d) %s\n", errno, strerror(errno)); @@ -262,7 +262,7 @@ static CURLcode test_lib582(const char *URL) curl_mfprintf(stderr, "fstat() failed with error (%d) %s\n", errno, strerror(errno)); curl_mfprintf(stderr, "Error opening file '%s'\n", libtest_arg2); - fclose(hd_src); + curlx_fclose(hd_src); return TEST_ERR_FSTAT; } curl_mfprintf(stderr, "Set to upload %" CURL_FORMAT_CURL_OFF_T " bytes\n", @@ -270,7 +270,7 @@ static CURLcode test_lib582(const char *URL) res_global_init(CURL_GLOBAL_ALL); if(res != CURLE_OK) { - fclose(hd_src); + curlx_fclose(hd_src); return res; } @@ -356,7 +356,7 @@ test_cleanup: curl_global_cleanup(); /* close the local file */ - fclose(hd_src); + curlx_fclose(hd_src); /* free local memory */ free(sockets.read.sockets); diff --git a/tests/libtest/lib591.c b/tests/libtest/lib591.c index 1f09fbdc4d..77a038c7c3 100644 --- a/tests/libtest/lib591.c +++ b/tests/libtest/lib591.c @@ -39,7 +39,7 @@ static CURLcode test_lib591(const char *URL) start_test_timing(); - upload = fopen(libtest_arg3, "rb"); + upload = curlx_fopen(libtest_arg3, "rb"); if(!upload) { curl_mfprintf(stderr, "fopen() failed with error (%d) %s\n", errno, strerror(errno)); @@ -49,7 +49,7 @@ static CURLcode test_lib591(const char *URL) res_global_init(CURL_GLOBAL_ALL); if(res) { - fclose(upload); + curlx_fclose(upload); return res; } @@ -138,7 +138,7 @@ test_cleanup: curl_global_cleanup(); /* close the local file */ - fclose(upload); + curlx_fclose(upload); return res; } diff --git a/tests/libtest/lib599.c b/tests/libtest/lib599.c index 5b52698a29..199ef90dbf 100644 --- a/tests/libtest/lib599.c +++ b/tests/libtest/lib599.c @@ -82,10 +82,10 @@ static CURLcode test_lib599(const char *URL) FILE *moo; res = curl_easy_getinfo(curl, CURLINFO_CONTENT_LENGTH_DOWNLOAD, &content_length); - moo = fopen(libtest_arg2, "wb"); + moo = curlx_fopen(libtest_arg2, "wb"); if(moo) { curl_mfprintf(moo, "CL %.0f\n", content_length); - fclose(moo); + curlx_fclose(moo); } } diff --git a/tests/libtest/lib678.c b/tests/libtest/lib678.c index 78e03c004f..5fdabdda96 100644 --- a/tests/libtest/lib678.c +++ b/tests/libtest/lib678.c @@ -30,7 +30,7 @@ static int loadfile(const char *filename, void **filedata, size_t *filesize) size_t datasize = 0; void *data = NULL; if(filename) { - FILE *fInCert = fopen(filename, "rb"); + FILE *fInCert = curlx_fopen(filename, "rb"); if(fInCert) { long cert_tell = 0; @@ -48,7 +48,7 @@ static int loadfile(const char *filename, void **filedata, size_t *filesize) if((!data) || ((int)fread(data, datasize, 1, fInCert) != 1)) continue_reading = FALSE; - fclose(fInCert); + curlx_fclose(fInCert); if(!continue_reading) { free(data); datasize = 0; diff --git a/tests/server/.checksrc b/tests/server/.checksrc index be8f12cec0..670d4b8009 100644 --- a/tests/server/.checksrc +++ b/tests/server/.checksrc @@ -1,4 +1,6 @@ allowfunc accept +allowfunc fclose +allowfunc fopen allowfunc freeaddrinfo allowfunc getaddrinfo allowfunc recv diff --git a/tests/server/Makefile.inc b/tests/server/Makefile.inc index 2e3791c774..be35fe7c4f 100644 --- a/tests/server/Makefile.inc +++ b/tests/server/Makefile.inc @@ -35,6 +35,7 @@ UTILS_H = CURLX_C = \ ../../lib/curlx/base64.c \ + ../../lib/curlx/fopen.c \ ../../lib/curlx/inet_pton.c \ ../../lib/curlx/inet_ntop.c \ ../../lib/curlx/multibyte.c \ diff --git a/tests/unit/unit3200.c b/tests/unit/unit3200.c index 023bf0ddb6..5c3e4d14ad 100644 --- a/tests/unit/unit3200.c +++ b/tests/unit/unit3200.c @@ -84,12 +84,12 @@ static CURLcode test_unit3200(const char *arg) char *line; curlx_dyn_init(&buf, len); - fp = fopen(arg, "wb"); + fp = curlx_fopen(arg, "wb"); abort_unless(fp != NULL, "Cannot open testfile"); fwrite(filecontents[i], 1, strlen(filecontents[i]), fp); - fclose(fp); + curlx_fclose(fp); - fp = fopen(arg, "rb"); + fp = curlx_fopen(arg, "rb"); abort_unless(fp != NULL, "Cannot open testfile"); curl_mfprintf(stderr, "Test %zd...", i); @@ -158,7 +158,7 @@ static CURLcode test_unit3200(const char *arg) break; } curlx_dyn_free(&buf); - fclose(fp); + curlx_fclose(fp); curl_mfprintf(stderr, "OK\n"); } return (CURLcode)rc; From dd37d6970cfd8b4cf47ebd469f03772813b92c23 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 30 Sep 2025 01:46:33 +0200 Subject: [PATCH 0215/2408] checksrc: fix possible endless loop when detecting `BANNEDFUNC` If the source line had square brackets before the match, the stripping of the banned function left the original line intact, and repeated the check on it forever. E.g. with banned function `open` in `lib518.c`: ```c t518_testfd[0] = open(DEV_NULL, O_RDONLY); ``` Closes #18775 --- scripts/checksrc.pl | 2 ++ 1 file changed, 2 insertions(+) diff --git a/scripts/checksrc.pl b/scripts/checksrc.pl index b737961899..23c9ef5301 100755 --- a/scripts/checksrc.pl +++ b/scripts/checksrc.pl @@ -902,6 +902,8 @@ sub scanfile { "use of $bad is banned"); my $replace = 'x' x (length($bad) + 1); $prefix =~ s/\*/\\*/; + $prefix =~ s/\[/\\[/; + $prefix =~ s/\]/\\]/; $suff =~ s/\(/\\(/; $l =~ s/$prefix$bad$suff/$prefix$replace/; goto again; From 5b086ba18833a3970919e692865ebabc00166869 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 30 Sep 2025 01:14:11 +0000 Subject: [PATCH 0216/2408] Dockerfile: update debian:bookworm-slim digest to 7e49091 Closes #18777 --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 454df8dea9..88a356bb88 100644 --- a/Dockerfile +++ b/Dockerfile @@ -24,7 +24,7 @@ # $ ./scripts/maketgz 8.7.1 # To update, get the latest digest e.g. from https://hub.docker.com/_/debian/tags -FROM debian:bookworm-slim@sha256:df52e55e3361a81ac1bead266f3373ee55d29aa50cf0975d440c2be3483d8ed3 +FROM debian:bookworm-slim@sha256:7e490910eea2861b9664577a96b54ce68ea3e02ce7f51d89cb0103a6f9c386e0 RUN apt-get update -qq && apt-get install -qq -y --no-install-recommends \ build-essential make autoconf automake libtool git perl zip zlib1g-dev gawk && \ From c478c7efdf4ebbc8d768ae4cdfdcecf49b68cf94 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 30 Sep 2025 11:41:11 +0200 Subject: [PATCH 0217/2408] examples: fix two more cases of `stat()` TOCTOU Also: - ftpupload: bump an intermediate variable size. Follow-up to f13250edf11312ab8c0425cf39b182a31b53c6f7 #18605 Closes #18778 --- docs/examples/ftpupload.c | 36 ++++++++++++++++++++++-------------- docs/examples/httpput.c | 16 +++++++++++++--- 2 files changed, 35 insertions(+), 17 deletions(-) diff --git a/docs/examples/ftpupload.c b/docs/examples/ftpupload.c index 6e7bece70d..ec64f4a2cd 100644 --- a/docs/examples/ftpupload.c +++ b/docs/examples/ftpupload.c @@ -37,6 +37,9 @@ #include #undef stat #define stat _stat +#undef fstat +#define fstat _fstat +#define fileno _fileno #else #include #endif @@ -78,25 +81,31 @@ int main(void) CURLcode res; FILE *hd_src; struct stat file_info; - unsigned long fsize; + curl_off_t fsize; struct curl_slist *headerlist = NULL; static const char buf_1 [] = "RNFR " UPLOAD_FILE_AS; static const char buf_2 [] = "RNTO " RENAME_FILE_TO; - /* get the file size of the local file */ - if(stat(LOCAL_FILE, &file_info)) { - printf("Couldn't open '%s': %s\n", LOCAL_FILE, strerror(errno)); - return 1; - } - fsize = (unsigned long)file_info.st_size; - - printf("Local file size: %lu bytes.\n", fsize); - - /* get a FILE * of the same file */ + /* get a FILE * of the file */ hd_src = fopen(LOCAL_FILE, "rb"); - if(!hd_src) + if(!hd_src) { + printf("Couldn't open '%s': %s\n", LOCAL_FILE, strerror(errno)); return 2; + } + + /* to get the file size */ +#ifdef UNDER_CE + if(stat(LOCAL_FILE, &file_info) != 0) { +#else + if(fstat(fileno(hd_src), &file_info) != 0) { +#endif + fclose(hd_src); + return 1; /* cannot continue */ + } + fsize = file_info.st_size; + + printf("Local file size: %lu bytes.\n", (unsigned long)fsize); /* In Windows, this inits the Winsock stuff */ curl_global_init(CURL_GLOBAL_ALL); @@ -127,8 +136,7 @@ int main(void) option you MUST make sure that the type of the passed-in argument is a curl_off_t. If you use CURLOPT_INFILESIZE (without _LARGE) you must make sure that to pass in a type 'long' argument. */ - curl_easy_setopt(curl, CURLOPT_INFILESIZE_LARGE, - (curl_off_t)fsize); + curl_easy_setopt(curl, CURLOPT_INFILESIZE_LARGE, fsize); /* Now run off and do what you have been told! */ res = curl_easy_perform(curl); diff --git a/docs/examples/httpput.c b/docs/examples/httpput.c index 3743e1b5b9..ddb1b07328 100644 --- a/docs/examples/httpput.c +++ b/docs/examples/httpput.c @@ -33,6 +33,9 @@ #ifdef _WIN32 #undef stat #define stat _stat +#undef fstat +#define fstat _fstat +#define fileno _fileno #endif /* @@ -79,9 +82,6 @@ int main(int argc, char **argv) file = argv[1]; url = argv[2]; - /* get the file size of the local file */ - stat(file, &file_info); - /* get a FILE * of the same file, could also be made with fdopen() from the previous descriptor, but hey this is just an example! */ @@ -89,6 +89,16 @@ int main(int argc, char **argv) if(!hd_src) return 2; + /* get the file size of the local file */ +#ifdef UNDER_CE + if(stat(file, &file_info) != 0) { +#else + if(fstat(fileno(hd_src), &file_info) != 0) { +#endif + fclose(hd_src); + return 1; /* cannot continue */ + } + /* In Windows, this inits the Winsock stuff */ curl_global_init(CURL_GLOBAL_ALL); From 684f4cdd3ef0cc41c547fce0e45d8a059a3058b3 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 30 Sep 2025 12:47:01 +0200 Subject: [PATCH 0218/2408] checksrc: catch banned functions when preceded by `(` Also add a test case. Closes #18779 --- scripts/checksrc.pl | 4 +++- tests/data/test1185 | 9 +++++++-- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/scripts/checksrc.pl b/scripts/checksrc.pl index 23c9ef5301..5e8434d5fa 100755 --- a/scripts/checksrc.pl +++ b/scripts/checksrc.pl @@ -893,7 +893,8 @@ sub scanfile { # scan for use of banned functions my $bl = $l; again: - if(($l =~ /^(.*?\W)(\w+)(\s*\()/x) && $banfunc{$2}) { + if((($l =~ /^(.*?\W)(\w+)(\s*\()/x) && $banfunc{$2}) || + (($l =~ /^(.*?\()(\w+)(\s*\()/x) && $banfunc{$2})) { my $bad = $2; my $prefix = $1; my $suff = $3; @@ -904,6 +905,7 @@ sub scanfile { $prefix =~ s/\*/\\*/; $prefix =~ s/\[/\\[/; $prefix =~ s/\]/\\]/; + $prefix =~ s/\(/\\(/; $suff =~ s/\(/\\(/; $l =~ s/$prefix$bad$suff/$prefix$replace/; goto again; diff --git a/tests/data/test1185 b/tests/data/test1185 index 43a27f0870..14a23dc01a 100644 --- a/tests/data/test1185 +++ b/tests/data/test1185 @@ -74,6 +74,8 @@ void startfunc(int a, int b) { if(a) b++; + if(sprintf(buffer, "%s", moo)) {} + // CPP comment ? /* comment doesn't end @@ -192,7 +194,10 @@ void startfunc(int a, int b) { ./%LOGDIR/code1185.c:57:7: warning: conditional block on the same line (ONELINECONDITION) if(a) b++; ^ -./%LOGDIR/code1185.c:59:2: warning: // comment (CPPCOMMENTS) +./%LOGDIR/code1185.c:59:5: warning: use of sprintf is banned (BANNEDFUNC) + if(sprintf(buffer, "%s", moo)) {} + ^ +./%LOGDIR/code1185.c:61:2: warning: // comment (CPPCOMMENTS) // CPP comment ? ^ ./%LOGDIR/code1185.c:1:1: error: Missing copyright statement (COPYRIGHT) @@ -201,7 +206,7 @@ void startfunc(int a, int b) { ./%LOGDIR/code1185.c:1:1: error: Missing closing comment (OPENCOMMENT) ^ -checksrc: 0 errors and 39 warnings +checksrc: 0 errors and 40 warnings 5 From 9678ff5b1bfea1c847aee4f9edf023e8f01c9293 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 30 Sep 2025 01:27:10 +0200 Subject: [PATCH 0219/2408] build: avoid overriding system `open` and `stat` symbols Replace them by `curlx_open()` and `curlx_stat()`. To make it obvious in the source code what is being executed. Also: - tests/server: stop overriding `open()` for test servers. This is critical for the call made from the signal handler. For other calls, it's an option to use `curlx_open()`, but doesn't look important enough to do it, following the path taken with `fopen()`. Follow-up to 10bac43b873fe45869e15b36aac1c1e5bc89b6e0 #18774 Follow-up to 20142f5d06f7120ba94cbcc25c998e8d81aec85b #18634 Follow-up to bf7375ecc50e857760b0d0a668c436e208a400bd #18503 Closes #18776 --- docs/examples/.checksrc | 1 + docs/examples/anyauthput.c | 1 + docs/examples/fileupload.c | 1 + docs/examples/ftpupload.c | 1 + docs/examples/http2-upload.c | 1 + docs/examples/httpput.c | 1 + lib/config-win32.h | 1 + lib/curl_fopen.c | 11 +++++------ lib/curl_setup.h | 6 ------ lib/curlx/fopen.h | 21 +++++++++++++++------ lib/file.c | 17 +++++++---------- lib/mime.c | 4 ++-- lib/vquic/vquic.c | 9 ++++----- lib/vssh/libssh2.c | 13 +++++-------- scripts/checksrc.pl | 2 ++ src/tool_cb_wrt.c | 13 +++++-------- src/tool_doswin.c | 2 +- src/tool_filetime.c | 2 +- src/tool_findfile.c | 6 +----- src/tool_getpass.c | 6 +----- src/tool_operate.c | 21 ++++++++------------- tests/libtest/lib505.c | 1 + tests/libtest/lib518.c | 2 +- tests/libtest/lib525.c | 1 + tests/libtest/lib537.c | 2 +- tests/libtest/lib541.c | 1 + tests/libtest/lib568.c | 2 +- tests/libtest/lib572.c | 2 +- tests/libtest/lib582.c | 1 + tests/server/.checksrc | 1 + tests/server/util.c | 6 +++--- 31 files changed, 76 insertions(+), 83 deletions(-) diff --git a/docs/examples/.checksrc b/docs/examples/.checksrc index e0b6c43da9..259058cad5 100644 --- a/docs/examples/.checksrc +++ b/docs/examples/.checksrc @@ -3,4 +3,5 @@ allowfunc fdopen allowfunc fopen allowfunc gmtime allowfunc localtime +allowfunc open allowfunc socket diff --git a/docs/examples/anyauthput.c b/docs/examples/anyauthput.c index c62250dce3..505d16b217 100644 --- a/docs/examples/anyauthput.c +++ b/docs/examples/anyauthput.c @@ -104,6 +104,7 @@ int main(int argc, char **argv) return 2; #ifdef UNDER_CE + /* !checksrc! disable BANNEDFUNC 1 */ stat(file, &file_info); #else fstat(fileno(fp), &file_info); diff --git a/docs/examples/fileupload.c b/docs/examples/fileupload.c index 0860c9457b..29c3c3c3c1 100644 --- a/docs/examples/fileupload.c +++ b/docs/examples/fileupload.c @@ -52,6 +52,7 @@ int main(void) /* to get the file size */ #ifdef UNDER_CE + /* !checksrc! disable BANNEDFUNC 1 */ if(stat("debugit", &file_info) != 0) { #else if(fstat(fileno(fd), &file_info) != 0) { diff --git a/docs/examples/ftpupload.c b/docs/examples/ftpupload.c index ec64f4a2cd..4f3b679226 100644 --- a/docs/examples/ftpupload.c +++ b/docs/examples/ftpupload.c @@ -96,6 +96,7 @@ int main(void) /* to get the file size */ #ifdef UNDER_CE + /* !checksrc! disable BANNEDFUNC 1 */ if(stat(LOCAL_FILE, &file_info) != 0) { #else if(fstat(fileno(hd_src), &file_info) != 0) { diff --git a/docs/examples/http2-upload.c b/docs/examples/http2-upload.c index d13c5e5806..b08e8fc102 100644 --- a/docs/examples/http2-upload.c +++ b/docs/examples/http2-upload.c @@ -234,6 +234,7 @@ static int setup(struct input *i, int num, const char *upload) } #ifdef UNDER_CE + /* !checksrc! disable BANNEDFUNC 1 */ if(stat(upload, &file_info) != 0) { #else if(fstat(fileno(i->in), &file_info) != 0) { diff --git a/docs/examples/httpput.c b/docs/examples/httpput.c index ddb1b07328..1951cb232e 100644 --- a/docs/examples/httpput.c +++ b/docs/examples/httpput.c @@ -91,6 +91,7 @@ int main(int argc, char **argv) /* get the file size of the local file */ #ifdef UNDER_CE + /* !checksrc! disable BANNEDFUNC 1 */ if(stat(file, &file_info) != 0) { #else if(fstat(fileno(hd_src), &file_info) != 0) { diff --git a/lib/config-win32.h b/lib/config-win32.h index b7f83927a4..408606d611 100644 --- a/lib/config-win32.h +++ b/lib/config-win32.h @@ -484,6 +484,7 @@ #define CURL_DISABLE_LDAP 1 #ifndef _MSC_VER +/* !checksrc! disable BANNEDFUNC 1 */ extern int stat(const char *path, struct stat *buffer); #endif diff --git a/lib/curl_fopen.c b/lib/curl_fopen.c index 13acd299c0..5e25f0eab6 100644 --- a/lib/curl_fopen.c +++ b/lib/curl_fopen.c @@ -27,10 +27,6 @@ #if !defined(CURL_DISABLE_COOKIES) || !defined(CURL_DISABLE_ALTSVC) || \ !defined(CURL_DISABLE_HSTS) -#ifdef HAVE_FCNTL_H -#include -#endif - #include "urldata.h" #include "rand.h" #include "curl_fopen.h" @@ -107,6 +103,7 @@ CURLcode Curl_fopen(struct Curl_easy *data, const char *filename, goto fail; if( #ifdef UNDER_CE + /* !checksrc! disable BANNEDFUNC 1 */ stat(filename, &sb) == -1 #else fstat(fileno(*fh), &sb) == -1 @@ -137,9 +134,11 @@ CURLcode Curl_fopen(struct Curl_easy *data, const char *filename, result = CURLE_WRITE_ERROR; #if (defined(ANDROID) || defined(__ANDROID__)) && \ (defined(__i386__) || defined(__arm__)) - fd = open(tempstore, O_WRONLY | O_CREAT | O_EXCL, (mode_t)(0600|sb.st_mode)); + fd = curlx_open(tempstore, O_WRONLY | O_CREAT | O_EXCL, + (mode_t)(0600 | sb.st_mode)); #else - fd = open(tempstore, O_WRONLY | O_CREAT | O_EXCL, 0600|sb.st_mode); + fd = curlx_open(tempstore, O_WRONLY | O_CREAT | O_EXCL, + 0600 | sb.st_mode); #endif if(fd == -1) goto fail; diff --git a/lib/curl_setup.h b/lib/curl_setup.h index b3c19a95ef..a741abde03 100644 --- a/lib/curl_setup.h +++ b/lib/curl_setup.h @@ -506,12 +506,6 @@ # endif # define LSEEK_ERROR (long)-1 # endif -# ifndef UNDER_CE - int curlx_win32_stat(const char *path, struct_stat *buffer); - int curlx_win32_open(const char *filename, int oflag, ...); -# define stat(fname, stp) curlx_win32_stat(fname, stp) -# define open curlx_win32_open -# endif #elif defined(__DJGPP__) /* Requires DJGPP 2.04 */ # include diff --git a/lib/curlx/fopen.h b/lib/curlx/fopen.h index 2a2b079637..d1e3d127c5 100644 --- a/lib/curlx/fopen.h +++ b/lib/curlx/fopen.h @@ -30,19 +30,28 @@ #if defined(_WIN32) && !defined(UNDER_CE) FILE *curlx_win32_fopen(const char *filename, const char *mode); +int curlx_win32_stat(const char *path, struct_stat *buffer); +int curlx_win32_open(const char *filename, int oflag, ...); #define CURLX_FOPEN_LOW(fname, mode) curlx_win32_fopen(fname, mode) +#define curlx_stat(fname, stp) curlx_win32_stat(fname, stp) +#define curlx_open curlx_win32_open #else -#define CURLX_FOPEN_LOW fopen +#ifdef HAVE_FCNTL_H +#include /* for open() */ +#endif +#define CURLX_FOPEN_LOW fopen +#define curlx_stat(fname, stp) stat(fname, stp) +#define curlx_open open #endif #ifdef CURLDEBUG -#define curlx_fopen(file,mode) curl_dbg_fopen(file,mode,__LINE__,__FILE__) +#define curlx_fopen(file,mode) curl_dbg_fopen(file,mode,__LINE__,__FILE__) #define curlx_fdopen(file,mode) curl_dbg_fdopen(file,mode,__LINE__,__FILE__) -#define curlx_fclose(file) curl_dbg_fclose(file,__LINE__,__FILE__) +#define curlx_fclose(file) curl_dbg_fclose(file,__LINE__,__FILE__) #else -#define curlx_fopen CURLX_FOPEN_LOW -#define curlx_fdopen fdopen -#define curlx_fclose fclose +#define curlx_fopen CURLX_FOPEN_LOW +#define curlx_fdopen fdopen +#define curlx_fclose fclose #endif #endif /* HEADER_CURLX_FOPEN_H */ diff --git a/lib/file.c b/lib/file.c index 749759653d..2d5818a1db 100644 --- a/lib/file.c +++ b/lib/file.c @@ -46,10 +46,6 @@ #include #endif -#ifdef HAVE_FCNTL_H -#include -#endif - #ifdef HAVE_SYS_TYPES_H #include #endif @@ -70,6 +66,7 @@ #include "transfer.h" #include "url.h" #include "parsedate.h" /* for the week day and month names */ +#include "curlx/fopen.h" #include "curlx/warnless.h" #include "curl_range.h" /* The last 3 #include files should be in this order */ @@ -237,7 +234,7 @@ static CURLcode file_connect(struct Curl_easy *data, bool *done) return CURLE_URL_MALFORMAT; } - fd = open(actual_path, O_RDONLY|CURL_O_BINARY); + fd = curlx_open(actual_path, O_RDONLY | CURL_O_BINARY); file->path = actual_path; #else if(memchr(real_path, 0, real_path_len)) { @@ -261,16 +258,16 @@ static CURLcode file_connect(struct Curl_easy *data, bool *done) extern int __unix_path_semantics; if(strchr(real_path + 1, ':')) { /* Amiga absolute path */ - fd = open(real_path + 1, O_RDONLY); + fd = curlx_open(real_path + 1, O_RDONLY); file->path++; } else if(__unix_path_semantics) { /* -lunix fallback */ - fd = open(real_path, O_RDONLY); + fd = curlx_open(real_path, O_RDONLY); } } #else - fd = open(real_path, O_RDONLY); + fd = curlx_open(real_path, O_RDONLY); file->path = real_path; #endif #endif @@ -349,9 +346,9 @@ static CURLcode file_upload(struct Curl_easy *data, #if (defined(ANDROID) || defined(__ANDROID__)) && \ (defined(__i386__) || defined(__arm__)) - fd = open(file->path, mode, (mode_t)data->set.new_file_perms); + fd = curlx_open(file->path, mode, (mode_t)data->set.new_file_perms); #else - fd = open(file->path, mode, data->set.new_file_perms); + fd = curlx_open(file->path, mode, data->set.new_file_perms); #endif if(fd < 0) { failf(data, "cannot open %s for writing", file->path); diff --git a/lib/mime.c b/lib/mime.c index 6ec7f69046..fe632604ed 100644 --- a/lib/mime.c +++ b/lib/mime.c @@ -205,7 +205,7 @@ static FILE * vmsfopenread(const char *file, const char *mode) struct_stat statbuf; int result; - result = stat(file, &statbuf); + result = curlx_stat(file, &statbuf); switch(statbuf.st_fab_rfm) { case FAB$C_VAR: @@ -1412,7 +1412,7 @@ CURLcode curl_mime_filedata(curl_mimepart *part, const char *filename) char *base; struct_stat sbuf; - if(stat(filename, &sbuf)) + if(curlx_stat(filename, &sbuf)) result = CURLE_READ_ERROR; else { part->data = strdup(filename); diff --git a/lib/vquic/vquic.c b/lib/vquic/vquic.c index 47fbf63af0..c509819752 100644 --- a/lib/vquic/vquic.c +++ b/lib/vquic/vquic.c @@ -27,15 +27,13 @@ #ifdef HAVE_NETINET_UDP_H #include #endif -#ifdef HAVE_FCNTL_H -#include -#endif #ifdef USE_NGHTTP3 #include #endif #include "../urldata.h" #include "../bufq.h" #include "../curlx/dynbuf.h" +#include "../curlx/fopen.h" #include "../cfilters.h" #include "../curl_trc.h" #include "curl_ngtcp2.h" @@ -665,8 +663,9 @@ CURLcode Curl_qlogdir(struct Curl_easy *data, result = curlx_dyn_add(&fname, ".sqlog"); if(!result) { - int qlogfd = open(curlx_dyn_ptr(&fname), O_WRONLY|O_CREAT|CURL_O_BINARY, - data->set.new_file_perms); + int qlogfd = curlx_open(curlx_dyn_ptr(&fname), + O_WRONLY | O_CREAT | CURL_O_BINARY, + data->set.new_file_perms); if(qlogfd != -1) *qlogfdp = qlogfd; } diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c index f68e3ee168..0b82b568b1 100644 --- a/lib/vssh/libssh2.c +++ b/lib/vssh/libssh2.c @@ -30,10 +30,6 @@ #include -#ifdef HAVE_FCNTL_H -#include -#endif - #ifdef HAVE_NETINET_IN_H #include #endif @@ -68,6 +64,7 @@ #include "../sockaddr.h" /* required for Curl_sockaddr_storage */ #include "../multiif.h" #include "../select.h" +#include "../curlx/fopen.h" #include "../curlx/warnless.h" #include "curl_path.h" #include "../curlx/strparse.h" @@ -1199,12 +1196,12 @@ static CURLcode ssh_state_pkey_init(struct Curl_easy *data, sshc->rsa = aprintf("%s/.ssh/id_rsa", home); if(!sshc->rsa) out_of_memory = TRUE; - else if(stat(sshc->rsa, &sbuf)) { + else if(curlx_stat(sshc->rsa, &sbuf)) { free(sshc->rsa); sshc->rsa = aprintf("%s/.ssh/id_dsa", home); if(!sshc->rsa) out_of_memory = TRUE; - else if(stat(sshc->rsa, &sbuf)) { + else if(curlx_stat(sshc->rsa, &sbuf)) { Curl_safefree(sshc->rsa); } } @@ -1213,10 +1210,10 @@ static CURLcode ssh_state_pkey_init(struct Curl_easy *data, if(!out_of_memory && !sshc->rsa) { /* Nothing found; try the current dir. */ sshc->rsa = strdup("id_rsa"); - if(sshc->rsa && stat(sshc->rsa, &sbuf)) { + if(sshc->rsa && curlx_stat(sshc->rsa, &sbuf)) { free(sshc->rsa); sshc->rsa = strdup("id_dsa"); - if(sshc->rsa && stat(sshc->rsa, &sbuf)) { + if(sshc->rsa && curlx_stat(sshc->rsa, &sbuf)) { free(sshc->rsa); /* Out of guesses. Set to the empty string to avoid * surprising info messages. */ diff --git a/scripts/checksrc.pl b/scripts/checksrc.pl index 5e8434d5fa..0907c3f9ad 100755 --- a/scripts/checksrc.pl +++ b/scripts/checksrc.pl @@ -91,6 +91,8 @@ my %banfunc = ( "fclose" => 1, "fdopen" => 1, "fopen" => 1, + "open" => 1, + "stat" => 1, ); my %warnings_extended = ( diff --git a/src/tool_cb_wrt.c b/src/tool_cb_wrt.c index b4ea781739..12e4417da4 100644 --- a/src/tool_cb_wrt.c +++ b/src/tool_cb_wrt.c @@ -23,11 +23,6 @@ ***************************************************************************/ #include "tool_setup.h" -#ifdef HAVE_FCNTL_H -/* for open() */ -#include -#endif - #include "tool_cfgable.h" #include "tool_msgs.h" #include "tool_cb_wrt.h" @@ -60,7 +55,8 @@ bool tool_create_output_file(struct OutStruct *outs, else { int fd; do { - fd = open(fname, O_CREAT | O_WRONLY | O_EXCL | CURL_O_BINARY, OPENMODE); + fd = curlx_open(fname, O_CREAT | O_WRONLY | O_EXCL | CURL_O_BINARY, + OPENMODE); /* Keep retrying in the hope that it is not interrupted sometime */ /* !checksrc! disable ERRNOVAR 1 */ } while(fd == -1 && errno == EINTR); @@ -78,8 +74,9 @@ bool tool_create_output_file(struct OutStruct *outs, return FALSE; next_num++; do { - fd = open(curlx_dyn_ptr(&fbuffer), - O_CREAT | O_WRONLY | O_EXCL | CURL_O_BINARY, OPENMODE); + fd = curlx_open(curlx_dyn_ptr(&fbuffer), + O_CREAT | O_WRONLY | O_EXCL | CURL_O_BINARY, + OPENMODE); /* Keep retrying in the hope that it is not interrupted sometime */ } while(fd == -1 && errno == EINTR); } diff --git a/src/tool_doswin.c b/src/tool_doswin.c index 29f8cecbd7..51b6f34101 100644 --- a/src/tool_doswin.c +++ b/src/tool_doswin.c @@ -532,7 +532,7 @@ static SANITIZEcode rename_if_reserved_dos(char **const sanitized, identify whether it is a reserved device name and not a regular filename. */ #ifdef MSDOS - if(base && ((stat(base, &st_buf)) == 0) && (S_ISCHR(st_buf.st_mode))) { + if(base && (curlx_stat(base, &st_buf) == 0) && S_ISCHR(st_buf.st_mode)) { /* Prepend a '_' */ size_t blen = strlen(base); if(blen) { diff --git a/src/tool_filetime.c b/src/tool_filetime.c index c818fe3ada..5912a5aa9a 100644 --- a/src/tool_filetime.c +++ b/src/tool_filetime.c @@ -75,7 +75,7 @@ int getfiletime(const char *filename, curl_off_t *stamp) } #else struct_stat statbuf; - if(stat(filename, &statbuf) != -1) { + if(curlx_stat(filename, &statbuf) != -1) { *stamp = (curl_off_t)statbuf.st_mtime; rc = 0; } diff --git a/src/tool_findfile.c b/src/tool_findfile.c index 8b2be84142..7705ab7d92 100644 --- a/src/tool_findfile.c +++ b/src/tool_findfile.c @@ -33,10 +33,6 @@ #endif #endif -#ifdef HAVE_FCNTL_H -#include -#endif - #include "tool_findfile.h" #include "tool_cfgable.h" @@ -77,7 +73,7 @@ static char *checkhome(const char *home, const char *fname, bool dotscore) else c = aprintf("%s" DIR_CHAR "%s", home, fname); if(c) { - int fd = open(c, O_RDONLY); + int fd = curlx_open(c, O_RDONLY); if(fd >= 0) { char *path = strdup(c); close(fd); diff --git a/src/tool_getpass.c b/src/tool_getpass.c index fc59accc07..a92fb7594c 100644 --- a/src/tool_getpass.c +++ b/src/tool_getpass.c @@ -30,10 +30,6 @@ #ifndef HAVE_GETPASS_R /* this file is only for systems without getpass_r() */ -#ifdef HAVE_FCNTL_H -# include -#endif - #ifdef HAVE_TERMIOS_H # include #elif defined(HAVE_TERMIO_H) @@ -178,7 +174,7 @@ char *getpass_r(const char *prompt, /* prompt to display */ { ssize_t nread; bool disabled; - int fd = open("/dev/tty", O_RDONLY); + int fd = curlx_open("/dev/tty", O_RDONLY); if(fd == -1) fd = STDIN_FILENO; /* use stdin if the tty could not be used */ diff --git a/src/tool_operate.c b/src/tool_operate.c index d5a1b26468..d4a6d4db42 100644 --- a/src/tool_operate.c +++ b/src/tool_operate.c @@ -23,10 +23,6 @@ ***************************************************************************/ #include "tool_setup.h" -#ifdef HAVE_FCNTL_H -# include -#endif - #ifdef HAVE_LOCALE_H # include #endif @@ -279,22 +275,22 @@ static CURLcode pre_transfer(struct per_transfer *per) #ifdef __VMS /* Calculate the real upload size for VMS */ per->infd = -1; - if(stat(per->uploadfile, &fileinfo) == 0) { + if(curlx_stat(per->uploadfile, &fileinfo) == 0) { fileinfo.st_size = VmsSpecialSize(uploadfile, &fileinfo); switch(fileinfo.st_fab_rfm) { case FAB$C_VAR: case FAB$C_VFC: case FAB$C_STMCR: - per->infd = open(per->uploadfile, O_RDONLY | CURL_O_BINARY); + per->infd = curlx_open(per->uploadfile, O_RDONLY | CURL_O_BINARY); break; default: - per->infd = open(per->uploadfile, O_RDONLY | CURL_O_BINARY, - "rfm=stmlf", "ctx=stm"); + per->infd = curlx_open(per->uploadfile, O_RDONLY | CURL_O_BINARY, + "rfm=stmlf", "ctx=stm"); } } if(per->infd == -1) #else - per->infd = open(per->uploadfile, O_RDONLY | CURL_O_BINARY); + per->infd = curlx_open(per->uploadfile, O_RDONLY | CURL_O_BINARY); if((per->infd == -1) || fstat(per->infd, &fileinfo)) #endif { @@ -668,8 +664,7 @@ static CURLcode post_per_transfer(struct per_transfer *per, } if(result && config->rm_partial) { struct_stat st; - if(!stat(outs->filename, &st) && - S_ISREG(st.st_mode)) { + if(!curlx_stat(outs->filename, &st) && S_ISREG(st.st_mode)) { if(!unlink(outs->filename)) notef("Removed output file: %s", outs->filename); else @@ -974,7 +969,7 @@ static CURLcode setup_outfile(struct OperationConfig *config, if(config->skip_existing) { struct_stat fileinfo; - if(!stat(per->outfile, &fileinfo)) { + if(!curlx_stat(per->outfile, &fileinfo)) { /* file is present */ notef("skips transfer, \"%s\" exists locally", per->outfile); per->skip = TRUE; @@ -987,7 +982,7 @@ static CURLcode setup_outfile(struct OperationConfig *config, of the file as it is now and open it for append instead */ struct_stat fileinfo; /* VMS -- Danger, the filesize is only valid for stream files */ - if(stat(per->outfile, &fileinfo) == 0) + if(curlx_stat(per->outfile, &fileinfo) == 0) /* set offset to current file size: */ config->resume_from = fileinfo.st_size; else diff --git a/tests/libtest/lib505.c b/tests/libtest/lib505.c index fc20094584..71b79b2a24 100644 --- a/tests/libtest/lib505.c +++ b/tests/libtest/lib505.c @@ -61,6 +61,7 @@ static CURLcode test_lib505(const char *URL) /* get the file size of the local file */ #ifdef UNDER_CE + /* !checksrc! disable BANNEDFUNC 1 */ hd = stat(libtest_arg2, &file_info); #else hd = fstat(fileno(hd_src), &file_info); diff --git a/tests/libtest/lib518.c b/tests/libtest/lib518.c index 9cf3a42554..007d261870 100644 --- a/tests/libtest/lib518.c +++ b/tests/libtest/lib518.c @@ -287,7 +287,7 @@ static int t518_test_rlimit(int keep_open) /* open a dummy descriptor */ - t518_testfd[0] = open(DEV_NULL, O_RDONLY); + t518_testfd[0] = curlx_open(DEV_NULL, O_RDONLY); if(t518_testfd[0] < 0) { curl_msnprintf(strbuff, sizeof(strbuff), "opening of %s failed", DEV_NULL); t518_store_errmsg(strbuff, errno); diff --git a/tests/libtest/lib525.c b/tests/libtest/lib525.c index 007889fdc7..b34cd261af 100644 --- a/tests/libtest/lib525.c +++ b/tests/libtest/lib525.c @@ -52,6 +52,7 @@ static CURLcode test_lib525(const char *URL) /* get the file size of the local file */ #ifdef UNDER_CE + /* !checksrc! disable BANNEDFUNC 1 */ hd = stat(libtest_arg2, &file_info); #else hd = fstat(fileno(hd_src), &file_info); diff --git a/tests/libtest/lib537.c b/tests/libtest/lib537.c index 90de8a2d0c..b8bbfb7536 100644 --- a/tests/libtest/lib537.c +++ b/tests/libtest/lib537.c @@ -289,7 +289,7 @@ static int t537_test_rlimit(int keep_open) /* open a dummy descriptor */ - t537_testfd[0] = open(DEV_NULL, O_RDONLY); + t537_testfd[0] = curlx_open(DEV_NULL, O_RDONLY); if(t537_testfd[0] < 0) { curl_msnprintf(strbuff, sizeof(strbuff), "opening of %s failed", DEV_NULL); t537_store_errmsg(strbuff, errno); diff --git a/tests/libtest/lib541.c b/tests/libtest/lib541.c index 3bb64f8ac4..5e6e3c2f33 100644 --- a/tests/libtest/lib541.c +++ b/tests/libtest/lib541.c @@ -52,6 +52,7 @@ static CURLcode test_lib541(const char *URL) /* get the file size of the local file */ #ifdef UNDER_CE + /* !checksrc! disable BANNEDFUNC 1 */ hd = stat(libtest_arg2, &file_info); #else hd = fstat(fileno(hd_src), &file_info); diff --git a/tests/libtest/lib568.c b/tests/libtest/lib568.c index 83c6fd2394..6e53b79989 100644 --- a/tests/libtest/lib568.c +++ b/tests/libtest/lib568.c @@ -66,7 +66,7 @@ static CURLcode test_lib568(const char *URL) curl_free(stream_uri); stream_uri = NULL; - sdp = open(libtest_arg2, O_RDONLY); + sdp = curlx_open(libtest_arg2, O_RDONLY); if(sdp == -1) { curl_mfprintf(stderr, "can't open %s\n", libtest_arg2); res = TEST_ERR_MAJOR_BAD; diff --git a/tests/libtest/lib572.c b/tests/libtest/lib572.c index ef5e066023..c3951f8d1d 100644 --- a/tests/libtest/lib572.c +++ b/tests/libtest/lib572.c @@ -84,7 +84,7 @@ static CURLcode test_lib572(const char *URL) stream_uri = NULL; /* PUT style GET_PARAMETERS */ - params = open(libtest_arg2, O_RDONLY); + params = curlx_open(libtest_arg2, O_RDONLY); if(params == -1) { curl_mfprintf(stderr, "can't open %s\n", libtest_arg2); res = TEST_ERR_MAJOR_BAD; diff --git a/tests/libtest/lib582.c b/tests/libtest/lib582.c index b197063221..9671c4b52f 100644 --- a/tests/libtest/lib582.c +++ b/tests/libtest/lib582.c @@ -253,6 +253,7 @@ static CURLcode test_lib582(const char *URL) /* get the file size of the local file */ #ifdef UNDER_CE + /* !checksrc! disable BANNEDFUNC 1 */ hd = stat(libtest_arg2, &file_info); #else hd = fstat(fileno(hd_src), &file_info); diff --git a/tests/server/.checksrc b/tests/server/.checksrc index 670d4b8009..29331433c2 100644 --- a/tests/server/.checksrc +++ b/tests/server/.checksrc @@ -3,6 +3,7 @@ allowfunc fclose allowfunc fopen allowfunc freeaddrinfo allowfunc getaddrinfo +allowfunc open allowfunc recv allowfunc send allowfunc socket diff --git a/tests/server/util.c b/tests/server/util.c index 41f42ca42e..749e33003c 100644 --- a/tests/server/util.c +++ b/tests/server/util.c @@ -373,12 +373,12 @@ static void exit_signal_handler(int signum) (void)!write(STDERR_FILENO, msg, sizeof(msg) - 1); } else { - int fd; #ifdef _WIN32 - fd = _open(serverlogfile, O_WRONLY|O_CREAT|O_APPEND, S_IREAD | S_IWRITE); +#define OPENMODE S_IREAD | S_IWRITE #else - fd = open(serverlogfile, O_WRONLY|O_CREAT|O_APPEND, S_IRUSR | S_IWUSR); +#define OPENMODE S_IRUSR | S_IWUSR #endif + int fd = open(serverlogfile, O_WRONLY | O_CREAT | O_APPEND, OPENMODE); if(fd != -1) { static const char msg[] = "exit_signal_handler: called\n"; (void)!write(fd, msg, sizeof(msg) - 1); From 583b1ad881daef798cd717c431de7f582a2a622c Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 30 Sep 2025 14:31:06 +0000 Subject: [PATCH 0220/2408] GHA: update dependency openssl/openssl to v3.5.4 Closes #18781 --- .github/workflows/http3-linux.yml | 2 +- .github/workflows/linux.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index 05d71b6f10..ffcab39f12 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -40,7 +40,7 @@ env: MAKEFLAGS: -j 5 CURL_CI: github # handled in renovate.json - OPENSSL_VERSION: 3.5.3 + OPENSSL_VERSION: 3.5.4 # handled in renovate.json QUICTLS_VERSION: 3.3.0 # renovate: datasource=github-tags depName=libressl/portable versioning=semver registryUrl=https://github.com diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 1d38c50db6..606c83db84 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -48,7 +48,7 @@ env: # renovate: datasource=github-tags depName=google/boringssl versioning=semver registryUrl=https://github.com BORINGSSL_VERSION: 0.20250818.0 # handled in renovate.json - OPENSSL_VERSION: 3.5.3 + OPENSSL_VERSION: 3.5.4 # handled in renovate.json QUICTLS_VERSION: 3.3.0 # renovate: datasource=github-tags depName=rustls/rustls-ffi versioning=semver registryUrl=https://github.com From f97aa8d7ed029ee99e097d9b0c9bd01570574478 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 30 Sep 2025 18:17:52 +0200 Subject: [PATCH 0221/2408] tidy-up: `fcntl.h` includes - drop from source files without obvious users. - include in `curlx/fopen.h` also for Windows. Follow-up to 9678ff5b1bfea1c847aee4f9edf023e8f01c9293 #18776 Closes #18782 --- lib/cf-ip-happy.c | 3 --- lib/cf-socket.c | 3 --- lib/connect.c | 3 --- lib/curlx/fopen.h | 7 ++++--- lib/rand.c | 3 --- lib/vtls/vtls.c | 3 --- lib/vtls/vtls_scache.c | 3 --- 7 files changed, 4 insertions(+), 21 deletions(-) diff --git a/lib/cf-ip-happy.c b/lib/cf-ip-happy.c index 0a1364e4b3..897b968114 100644 --- a/lib/cf-ip-happy.c +++ b/lib/cf-ip-happy.c @@ -41,9 +41,6 @@ #ifdef HAVE_NETDB_H #include #endif -#ifdef HAVE_FCNTL_H -#include -#endif #ifdef HAVE_ARPA_INET_H #include #endif diff --git a/lib/cf-socket.c b/lib/cf-socket.c index d5add9723f..cdd496a5e1 100644 --- a/lib/cf-socket.c +++ b/lib/cf-socket.c @@ -44,9 +44,6 @@ #ifdef HAVE_NETDB_H #include #endif -#ifdef HAVE_FCNTL_H -#include -#endif #ifdef HAVE_ARPA_INET_H #include #endif diff --git a/lib/connect.c b/lib/connect.c index 1182a42d31..4f42fef0e8 100644 --- a/lib/connect.c +++ b/lib/connect.c @@ -41,9 +41,6 @@ #ifdef HAVE_NETDB_H #include #endif -#ifdef HAVE_FCNTL_H -#include -#endif #ifdef HAVE_ARPA_INET_H #include #endif diff --git a/lib/curlx/fopen.h b/lib/curlx/fopen.h index d1e3d127c5..b44cbbdfce 100644 --- a/lib/curlx/fopen.h +++ b/lib/curlx/fopen.h @@ -28,6 +28,10 @@ #include "multibyte.h" +#ifdef HAVE_FCNTL_H +#include /* for open() and attributes */ +#endif + #if defined(_WIN32) && !defined(UNDER_CE) FILE *curlx_win32_fopen(const char *filename, const char *mode); int curlx_win32_stat(const char *path, struct_stat *buffer); @@ -36,9 +40,6 @@ int curlx_win32_open(const char *filename, int oflag, ...); #define curlx_stat(fname, stp) curlx_win32_stat(fname, stp) #define curlx_open curlx_win32_open #else -#ifdef HAVE_FCNTL_H -#include /* for open() */ -#endif #define CURLX_FOPEN_LOW fopen #define curlx_stat(fname, stp) stat(fname, stp) #define curlx_open open diff --git a/lib/rand.c b/lib/rand.c index f30f3de7c3..8b7f07ae40 100644 --- a/lib/rand.c +++ b/lib/rand.c @@ -26,9 +26,6 @@ #include -#ifdef HAVE_FCNTL_H -#include -#endif #ifdef HAVE_ARPA_INET_H #include #endif diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c index 9e3870e470..1b1f66cc6e 100644 --- a/lib/vtls/vtls.c +++ b/lib/vtls/vtls.c @@ -43,9 +43,6 @@ #ifdef HAVE_SYS_TYPES_H #include #endif -#ifdef HAVE_FCNTL_H -#include -#endif #include "../urldata.h" #include "../cfilters.h" diff --git a/lib/vtls/vtls_scache.c b/lib/vtls/vtls_scache.c index 662539cd89..e934fa3b5e 100644 --- a/lib/vtls/vtls_scache.c +++ b/lib/vtls/vtls_scache.c @@ -29,9 +29,6 @@ #ifdef HAVE_SYS_TYPES_H #include #endif -#ifdef HAVE_FCNTL_H -#include -#endif #include "../urldata.h" #include "../cfilters.h" From d8823e855c2698e840f6a1faf9aad3adbe4b9fdc Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Mon, 29 Sep 2025 16:44:35 +0200 Subject: [PATCH 0222/2408] asyn-thrdd resolver: clear timeout when done When the async threaded resolver thread returned, clear the started EXPIRE_ASYNC_NAME timeout. Closes #18769 --- lib/asyn-thrdd.c | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/asyn-thrdd.c b/lib/asyn-thrdd.c index 2edef32f7b..2aa16de728 100644 --- a/lib/asyn-thrdd.c +++ b/lib/asyn-thrdd.c @@ -611,6 +611,7 @@ CURLcode Curl_async_is_resolved(struct Curl_easy *data, data->state.async.done = TRUE; Curl_resolv_unlink(data, &data->state.async.dns); + Curl_expire_done(data, EXPIRE_ASYNC_NAME); if(thrdd->addr->res) { data->state.async.dns = From b02238975768d0bcbf8c7ef00eaaee3ec379f4ff Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Mon, 29 Sep 2025 16:38:55 +0200 Subject: [PATCH 0223/2408] ip-happy: do not set unnecessary timeout When attempts on all addresses have been started, do no longer set any EXPIRE_HAPPY_EYEBALLS timeouts. Fixes #18767 Reported-by: Johannes Schindelin Closes #18768 --- docs/libcurl/curl_global_trace.md | 4 ++ lib/cf-ip-happy.c | 60 +++++++++++++++++--------- lib/cf-socket.c | 5 ++- lib/curl_trc.c | 39 ++++++++++++----- lib/curl_trc.h | 21 ++++++---- lib/multi.c | 70 ++++++++++++++++--------------- tests/http/test_06_eyeballs.py | 32 ++++++++++++++ tests/http/testenv/curl.py | 3 ++ 8 files changed, 160 insertions(+), 74 deletions(-) diff --git a/docs/libcurl/curl_global_trace.md b/docs/libcurl/curl_global_trace.md index 4a21bdc455..0459eab674 100644 --- a/docs/libcurl/curl_global_trace.md +++ b/docs/libcurl/curl_global_trace.md @@ -138,6 +138,10 @@ Tracing of SSL Session handling, e.g. caching/import/export. Tracing of SMTP operations when this protocol is enabled in your build. +## `timer` + +Tracing of timers set for transfers. + ## `write` Traces writing of download data, received from the server, to the application. diff --git a/lib/cf-ip-happy.c b/lib/cf-ip-happy.c index 897b968114..47560889d4 100644 --- a/lib/cf-ip-happy.c +++ b/lib/cf-ip-happy.c @@ -153,12 +153,17 @@ static const struct Curl_addrinfo *cf_ai_iter_next(struct cf_ai_iter *iter) return iter->last; } -#ifdef USE_IPV6 -static bool cf_ai_iter_done(struct cf_ai_iter *iter) +static bool cf_ai_iter_has_more(struct cf_ai_iter *iter) { - return (iter->n >= 0) && !iter->last; + const struct Curl_addrinfo *addr = iter->last ? iter->last->ai_next : + ((iter->n < 0) ? iter->head : NULL); + while(addr) { + if(addr->ai_family == iter->ai_family) + return TRUE; + addr = addr->ai_next; + } + return FALSE; } -#endif struct cf_ip_attempt { struct cf_ip_attempt *next; @@ -353,7 +358,7 @@ static CURLcode cf_ip_ballers_run(struct cf_ip_ballers *bs, { CURLcode result = CURLE_OK; struct cf_ip_attempt *a = NULL, **panchor; - bool do_more, more_possible; + bool do_more; struct curltime now; timediff_t next_expire_ms; int i, inconclusive, ongoing; @@ -364,7 +369,6 @@ static CURLcode cf_ip_ballers_run(struct cf_ip_ballers *bs, evaluate: now = curlx_now(); ongoing = inconclusive = 0; - more_possible = TRUE; /* check if a running baller connects now */ i = -1; @@ -404,7 +408,13 @@ evaluate: do_more = TRUE; } else { - do_more = (curlx_timediff(now, bs->last_attempt_started) >= + bool more_possible = cf_ai_iter_has_more(&bs->addr_iter); +#ifdef USE_IPV6 + if(!more_possible) + more_possible = cf_ai_iter_has_more(&bs->ipv6_iter); +#endif + do_more = more_possible && + (curlx_timediff(now, bs->last_attempt_started) >= bs->attempt_delay_ms); if(do_more) CURL_TRC_CF(data, cf, "happy eyeballs timeout expired, " @@ -418,7 +428,7 @@ evaluate: int ai_family = 0; #ifdef USE_IPV6 if((bs->last_attempt_ai_family == AF_INET) || - cf_ai_iter_done(&bs->addr_iter)) { + !cf_ai_iter_has_more(&bs->addr_iter)) { addr = cf_ai_iter_next(&bs->ipv6_iter); ai_family = bs->ipv6_iter.ai_family; } @@ -472,11 +482,8 @@ evaluate: /* attempt timeout for restart has not expired yet */ goto out; } - else if(ongoing) { + else if(!ongoing) { /* no more addresses, no inconclusive attempts */ - more_possible = FALSE; - } - else { CURL_TRC_CF(data, cf, "no more attempts to try"); result = CURLE_COULDNT_CONNECT; i = 0; @@ -490,21 +497,34 @@ evaluate: out: if(!result) { + bool more_possible; + /* when do we need to be called again? */ next_expire_ms = Curl_timeleft(data, &now, TRUE); - if(more_possible) { - timediff_t expire_ms, elapsed_ms; - elapsed_ms = curlx_timediff(now, bs->last_attempt_started); - expire_ms = CURLMAX(bs->attempt_delay_ms - elapsed_ms, 0); - next_expire_ms = CURLMIN(next_expire_ms, expire_ms); - } - if(next_expire_ms <= 0) { failf(data, "Connection timeout after %" FMT_OFF_T " ms", curlx_timediff(now, data->progress.t_startsingle)); return CURLE_OPERATION_TIMEDOUT; } - Curl_expire(data, next_expire_ms, EXPIRE_HAPPY_EYEBALLS); + + more_possible = cf_ai_iter_has_more(&bs->addr_iter); +#ifdef USE_IPV6 + if(!more_possible) + more_possible = cf_ai_iter_has_more(&bs->ipv6_iter); +#endif + if(more_possible) { + timediff_t expire_ms, elapsed_ms; + elapsed_ms = curlx_timediff(now, bs->last_attempt_started); + expire_ms = CURLMAX(bs->attempt_delay_ms - elapsed_ms, 0); + next_expire_ms = CURLMIN(next_expire_ms, expire_ms); + if(next_expire_ms <= 0) { + CURL_TRC_CF(data, cf, "HAPPY_EYBALLS timeout due, re-evaluate"); + goto evaluate; + } + CURL_TRC_CF(data, cf, "next HAPPY_EYBALLS timeout in %" FMT_TIMEDIFF_T + "ms", next_expire_ms); + Curl_expire(data, next_expire_ms, EXPIRE_HAPPY_EYEBALLS); + } } return result; } diff --git a/lib/cf-socket.c b/lib/cf-socket.c index cdd496a5e1..3d1f5e7529 100644 --- a/lib/cf-socket.c +++ b/lib/cf-socket.c @@ -1329,7 +1329,8 @@ static CURLcode cf_tcp_connect(struct Curl_cfilter *cf, rc = SOCKET_WRITABLE(ctx->sock, 0); if(rc == 0) { /* no connection yet */ - CURL_TRC_CF(data, cf, "not connected yet"); + CURL_TRC_CF(data, cf, "not connected yet on fd=%" FMT_SOCKET_T, + ctx->sock); return CURLE_OK; } else if(rc == CURL_CSELECT_OUT || cf->conn->bits.tcp_fastopen) { @@ -1339,7 +1340,7 @@ static CURLcode cf_tcp_connect(struct Curl_cfilter *cf, set_local_ip(cf, data); *done = TRUE; cf->connected = TRUE; - CURL_TRC_CF(data, cf, "connected"); + CURL_TRC_CF(data, cf, "connected on fd=%" FMT_SOCKET_T, ctx->sock); return CURLE_OK; } } diff --git a/lib/curl_trc.c b/lib/curl_trc.c index 9426adcede..27dc2b3b44 100644 --- a/lib/curl_trc.c +++ b/lib/curl_trc.c @@ -272,6 +272,10 @@ struct curl_trc_feat Curl_trc_feat_dns = { "DNS", CURL_LOG_LVL_NONE, }; +struct curl_trc_feat Curl_trc_feat_timer = { + "TIMER", + CURL_LOG_LVL_NONE, +}; static const char * const Curl_trc_timer_names[]={ "100_TIMEOUT", @@ -291,24 +295,36 @@ static const char * const Curl_trc_timer_names[]={ "SHUTDOWN", }; -const char *Curl_trc_timer_name(int tid) +static const char *trc_timer_name(int tid) { if((tid >= 0) && ((size_t)tid < CURL_ARRAYSIZE(Curl_trc_timer_names))) return Curl_trc_timer_names[(size_t)tid]; return "UNKNOWN?"; } -void Curl_trc_multi_timeouts(struct Curl_easy *data) +void Curl_trc_timer(struct Curl_easy *data, int tid, const char *fmt, ...) { - struct Curl_llist_node *e = Curl_llist_head(&data->state.timeoutlist); - if(e) { - struct curltime now = curlx_now(); - while(e) { - struct time_node *n = Curl_node_elem(e); - e = Curl_node_next(e); - CURL_TRC_M(data, "[TIMEOUT] %s expires in %" FMT_TIMEDIFF_T "ns", - CURL_TIMER_NAME(n->eid), - curlx_timediff_us(n->time, now)); + DEBUGASSERT(!strchr(fmt, '\n')); + if(Curl_trc_ft_is_verbose(data, &Curl_trc_feat_timer)) { + const char *tname = trc_timer_name(tid); + va_list ap; + va_start(ap, fmt); + trc_infof(data, &Curl_trc_feat_timer, tname, 0, fmt, ap); + va_end(ap); + } +} +void Curl_trc_easy_timers(struct Curl_easy *data) +{ + if(CURL_TRC_TIMER_is_verbose(data)) { + struct Curl_llist_node *e = Curl_llist_head(&data->state.timeoutlist); + if(e) { + struct curltime now = curlx_now(); + while(e) { + struct time_node *n = Curl_node_elem(e); + e = Curl_node_next(e); + CURL_TRC_TIMER(data, n->eid, "expires in %" FMT_TIMEDIFF_T "ns", + curlx_timediff_us(n->time, now)); + } } } } @@ -476,6 +492,7 @@ static struct trc_feat_def trc_feats[] = { { &Curl_trc_feat_read, TRC_CT_NONE }, { &Curl_trc_feat_write, TRC_CT_NONE }, { &Curl_trc_feat_dns, TRC_CT_NETWORK }, + { &Curl_trc_feat_timer, TRC_CT_NETWORK }, #ifndef CURL_DISABLE_FTP { &Curl_trc_feat_ftp, TRC_CT_PROTOCOL }, #endif diff --git a/lib/curl_trc.h b/lib/curl_trc.h index 37a373e4a6..1a3f8f374e 100644 --- a/lib/curl_trc.h +++ b/lib/curl_trc.h @@ -86,7 +86,7 @@ void Curl_trc_multi(struct Curl_easy *data, const char *fmt, ...) CURL_PRINTF(2, 3); const char *Curl_trc_mstate_name(int state); const char *Curl_trc_timer_name(int tid); -void Curl_trc_multi_timeouts(struct Curl_easy *data); +void Curl_trc_easy_timers(struct Curl_easy *data); void Curl_trc_write(struct Curl_easy *data, const char *fmt, ...) CURL_PRINTF(2, 3); @@ -94,6 +94,8 @@ void Curl_trc_read(struct Curl_easy *data, const char *fmt, ...) CURL_PRINTF(2, 3); void Curl_trc_dns(struct Curl_easy *data, const char *fmt, ...) CURL_PRINTF(2, 3); +void Curl_trc_timer(struct Curl_easy *data, int tid, + const char *fmt, ...) CURL_PRINTF(3, 4); struct curl_trc_feat { const char *name; @@ -125,6 +127,8 @@ void Curl_trc_ws(struct Curl_easy *data, Curl_trc_ft_is_verbose(data, &Curl_trc_feat_multi) #define CURL_TRC_DNS_is_verbose(data) \ Curl_trc_ft_is_verbose(data, &Curl_trc_feat_dns) +#define CURL_TRC_TIMER_is_verbose(data) \ + Curl_trc_ft_is_verbose(data, &Curl_trc_feat_timer) #if defined(CURL_HAVE_C99) && !defined(CURL_DISABLE_VERBOSE_STRINGS) #define infof(data, ...) \ @@ -145,6 +149,9 @@ void Curl_trc_ws(struct Curl_easy *data, #define CURL_TRC_DNS(data, ...) \ do { if(CURL_TRC_DNS_is_verbose(data)) \ Curl_trc_dns(data, __VA_ARGS__); } while(0) +#define CURL_TRC_TIMER(data, tid, ...) \ + do { if(CURL_TRC_TIMER_is_verbose(data)) \ + Curl_trc_timer(data, tid, __VA_ARGS__); } while(0) #ifndef CURL_DISABLE_FTP #define CURL_TRC_FTP(data, ...) \ @@ -175,6 +182,7 @@ void Curl_trc_ws(struct Curl_easy *data, #define CURL_TRC_WRITE Curl_trc_write #define CURL_TRC_READ Curl_trc_read #define CURL_TRC_DNS Curl_trc_dns +#define CURL_TRC_TIMER Curl_trc_timer #ifndef CURL_DISABLE_FTP #define CURL_TRC_FTP Curl_trc_ftp @@ -198,6 +206,7 @@ extern struct curl_trc_feat Curl_trc_feat_multi; extern struct curl_trc_feat Curl_trc_feat_read; extern struct curl_trc_feat Curl_trc_feat_write; extern struct curl_trc_feat Curl_trc_feat_dns; +extern struct curl_trc_feat Curl_trc_feat_timer; #define Curl_trc_is_verbose(data) \ ((data) && (data)->set.verbose && \ @@ -210,10 +219,9 @@ extern struct curl_trc_feat Curl_trc_feat_dns; (Curl_trc_is_verbose(data) && \ (ft)->log_level >= CURL_LOG_LVL_INFO) #define CURL_MSTATE_NAME(s) Curl_trc_mstate_name((int)(s)) -#define CURL_TIMER_NAME(t) Curl_trc_timer_name((int)(t)) -#define CURL_TRC_M_TIMEOUTS(data) \ - do { if(CURL_TRC_M_is_verbose(data)) \ - Curl_trc_multi_timeouts(data); } while(0) +#define CURL_TRC_EASY_TIMERS(data) \ + do { if(CURL_TRC_TIMER_is_verbose(data)) \ + Curl_trc_easy_timers(data); } while(0) #else /* CURL_DISABLE_VERBOSE_STRINGS */ /* All informational messages are not compiled in for size savings */ @@ -222,8 +230,7 @@ extern struct curl_trc_feat Curl_trc_feat_dns; #define Curl_trc_cf_is_verbose(x,y) (FALSE) #define Curl_trc_ft_is_verbose(x,y) (FALSE) #define CURL_MSTATE_NAME(x) ((void)(x), "-") -#define CURL_TIMER_NAME(x) ((void)(x), "-") -#define CURL_TRC_M_TIMEOUTS(x) Curl_nop_stmt +#define CURL_TRC_EASY_TIMERS(x) Curl_nop_stmt #endif /* !CURL_DISABLE_VERBOSE_STRINGS */ diff --git a/lib/multi.c b/lib/multi.c index 442956f844..ae38f5f443 100644 --- a/lib/multi.c +++ b/lib/multi.c @@ -1135,7 +1135,7 @@ CURLMcode Curl_multi_pollset(struct Curl_easy *data, caller, ps->n, timeout_count); break; } - CURL_TRC_M_TIMEOUTS(data); + CURL_TRC_EASY_TIMERS(data); } if(expect_sockets && !ps->n && data->multi && @@ -3050,7 +3050,13 @@ static void multi_mark_expired_as_dirty(struct multi_run_ctx *mrc) data = Curl_splayget(t); /* assign this for next loop */ if(!data) continue; - + if(CURL_TRC_TIMER_is_verbose(data)) { + struct Curl_llist_node *e = Curl_llist_head(&data->state.timeoutlist); + if(e) { + struct time_node *n = Curl_node_elem(e); + CURL_TRC_TIMER(data, n->eid, "has expired"); + } + } (void)add_next_timeout(mrc->now, multi, data); Curl_multi_mark_dirty(data); } @@ -3323,6 +3329,7 @@ static CURLMcode multi_timeout(struct Curl_multi *multi, long *timeout_ms) { static const struct curltime tv_zero = {0, 0}; + struct Curl_easy *data = NULL; if(multi->dead) { *timeout_ms = 0; @@ -3350,14 +3357,14 @@ static CURLMcode multi_timeout(struct Curl_multi *multi, curlx_timediff_us(multi->timetree->key, now) > 0) { /* some time left before expiration */ timediff_t diff = curlx_timediff_ceil(multi->timetree->key, now); + data = Curl_splayget(multi->timetree); /* this should be safe even on 32-bit archs, as we do not use that overly long timeouts */ *timeout_ms = (long)diff; } else { if(multi->timetree) { - struct Curl_easy *data = Curl_splayget(multi->timetree); - CURL_TRC_M(data, "multi_timeout() says this has expired"); + data = Curl_splayget(multi->timetree); } /* 0 means immediately */ *timeout_ms = 0; @@ -3368,6 +3375,16 @@ static CURLMcode multi_timeout(struct Curl_multi *multi, *timeout_ms = -1; } + if(data && CURL_TRC_TIMER_is_verbose(data)) { + struct Curl_llist_node *e = + Curl_llist_head(&data->state.timeoutlist); + if(e) { + struct time_node *n = Curl_node_elem(e); + CURL_TRC_TIMER(data, n->eid, "gives multi timeout in %ldms", + *timeout_ms); + } + } + return CURLM_OK; } @@ -3387,8 +3404,6 @@ CURLMcode curl_multi_timeout(CURLM *m, return multi_timeout(multi, &expire_time, timeout_ms); } -#define DEBUG_UPDATE_TIMER 0 - /* * Tell the application it should update its timers, if it subscribes to the * update timer callback. @@ -3407,47 +3422,34 @@ CURLMcode Curl_update_timer(struct Curl_multi *multi) } if(timeout_ms < 0 && multi->last_timeout_ms < 0) { -#if DEBUG_UPDATE_TIMER - fprintf(stderr, "Curl_update_timer(), still no timeout, no change\n"); -#endif + /* nothing to do */ } else if(timeout_ms < 0) { /* there is no timeout now but there was one previously */ -#if DEBUG_UPDATE_TIMER - fprintf(stderr, "Curl_update_timer(), remove timeout, " - " last_timeout=%ldms\n", multi->last_timeout_ms); -#endif + CURL_TRC_M(multi->admin, "[TIMER] clear"); timeout_ms = -1; /* normalize */ set_value = TRUE; } else if(multi->last_timeout_ms < 0) { -#if DEBUG_UPDATE_TIMER - fprintf(stderr, "Curl_update_timer(), had no timeout, set now\n"); -#endif + CURL_TRC_M(multi->admin, "[TIMER] set %ldms, none before", + timeout_ms); set_value = TRUE; } else if(curlx_timediff_us(multi->last_expire_ts, expire_ts)) { /* We had a timeout before and have one now, the absolute timestamp * differs. The relative timeout_ms may be the same, but the starting * point differs. Let the application restart its timer. */ -#if DEBUG_UPDATE_TIMER - fprintf(stderr, "Curl_update_timer(), expire timestamp changed\n"); -#endif + CURL_TRC_M(multi->admin, "[TIMER] set %ldms, replace previous", + timeout_ms); set_value = TRUE; } else { /* We have same expire time as previously. Our relative 'timeout_ms' * may be different now, but the application has the timer running * and we do not to tell it to start this again. */ -#if DEBUG_UPDATE_TIMER - fprintf(stderr, "Curl_update_timer(), same expire timestamp, no change\n"); -#endif } if(set_value) { -#if DEBUG_UPDATE_TIMER - fprintf(stderr, "Curl_update_timer(), set timeout %ldms\n", timeout_ms); -#endif multi->last_expire_ts = expire_ts; multi->last_timeout_ms = timeout_ms; set_in_callback(multi, TRUE); @@ -3491,7 +3493,8 @@ multi_deltimeout(struct Curl_easy *data, expire_id eid) static CURLMcode multi_addtimeout(struct Curl_easy *data, struct curltime *stamp, - expire_id eid) + expire_id eid, + const struct curltime *nowp) { struct Curl_llist_node *e; struct time_node *node; @@ -3499,6 +3502,7 @@ multi_addtimeout(struct Curl_easy *data, size_t n; struct Curl_llist *timeoutlist = &data->state.timeoutlist; + (void)nowp; node = &data->state.expires[eid]; /* copy the timestamp and id */ @@ -3521,6 +3525,8 @@ multi_addtimeout(struct Curl_easy *data, this is the first timeout on the list */ Curl_llist_insert_next(timeoutlist, prev, node, &node->list); + CURL_TRC_TIMER(data, eid, "set for %" FMT_TIMEDIFF_T "ns", + curlx_timediff_us(node->time, *nowp)); return CURLM_OK; } @@ -3553,7 +3559,7 @@ void Curl_expire_ex(struct Curl_easy *data, /* Add it to the timer list. It must stay in the list until it has expired in case we need to recompute the minimum timer later. */ - multi_addtimeout(data, &set, id); + multi_addtimeout(data, &set, id, nowp); if(curr_expire->tv_sec || curr_expire->tv_usec) { /* This means that the struct is added as a node in the splay tree. @@ -3582,9 +3588,6 @@ void Curl_expire_ex(struct Curl_easy *data, Curl_splayset(&data->state.timenode, data); multi->timetree = Curl_splayinsert(*curr_expire, multi->timetree, &data->state.timenode); - if(data->id >= 0) - CURL_TRC_M(data, "[TIMEOUT] set %s to expire in %" FMT_TIMEDIFF_T "ns", - CURL_TIMER_NAME(id), curlx_timediff_us(set, *nowp)); } /* @@ -3610,12 +3613,11 @@ void Curl_expire(struct Curl_easy *data, timediff_t milli, expire_id id) * Removes the expire timer. Marks it as done. * */ -void Curl_expire_done(struct Curl_easy *data, expire_id id) +void Curl_expire_done(struct Curl_easy *data, expire_id eid) { /* remove the timer, if there */ - multi_deltimeout(data, id); - if(data->id >= 0) - CURL_TRC_M(data, "[TIMEOUT] cleared %s", CURL_TIMER_NAME(id)); + multi_deltimeout(data, eid); + CURL_TRC_TIMER(data, eid, "cleared"); } /* diff --git a/tests/http/test_06_eyeballs.py b/tests/http/test_06_eyeballs.py index 038721fbf9..d05eb3c7da 100644 --- a/tests/http/test_06_eyeballs.py +++ b/tests/http/test_06_eyeballs.py @@ -25,6 +25,7 @@ ########################################################################### # import logging +import re import pytest from testenv import Env, CurlClient @@ -100,3 +101,34 @@ class TestEyeballs: r.check_response(count=1, http_status=None, exitcode=False) assert r.stats[0]['time_connect'] == 0 # no one should have listened assert r.stats[0]['time_appconnect'] == 0 # did not happen either + + # check timers when trying 3 unresponsive addresses + @pytest.mark.skipif(condition=not Env.curl_has_feature('IPv6'), + reason='curl lacks ipv6 support') + def test_06_13_timers(self, env: Env): + curl = CurlClient(env=env) + # ipv6 0100::/64 is supposed to go into the void (rfc6666) + r = curl.http_download(urls=['https://xxx.invalid/'], extra_args=[ + '--resolve', 'xxx.invalid:443:0100::1,0100::2,0100::3', + '--connect-timeout', '1', + '--happy-eyeballs-timeout-ms', '123', + '--trace-config', 'timer,happy-eyeballs,tcp' + ]) + r.check_response(count=1, http_status=None, exitcode=False) + assert r.stats[0]['time_connect'] == 0 # no one connected + # check that we indeed started attempts on all 3 addresses + tcp_attempts = [line for line in r.trace_lines + if re.match(r'.*Trying \[100::[123]]:443', line)] + assert len(tcp_attempts) == 3, f'fond: {"".join(tcp_attempts)}\n{r.dump_logs()}' + # if the 0100::/64 really goes into the void, we should see 2 HAPPY_EYEBALLS + # timeouts being set here + failed_attempts = [line for line in r.trace_lines + if re.match(r'.*checked connect attempts: 0 ongoing', line)] + if len(failed_attempts): + # github CI fails right away with "Network is unreachable", slackers... + assert len(failed_attempts) == 3, f'found: {"".join(failed_attempts)}\n{r.dump_logs()}' + else: + # no immediately failed attempts, as should be + he_timers_set = [line for line in r.trace_lines + if re.match(r'.*\[TIMER] \[HAPPY_EYEBALLS] set for', line)] + assert len(he_timers_set) == 2, f'found: {"".join(he_timers_set)}\n{r.dump_logs()}' diff --git a/tests/http/testenv/curl.py b/tests/http/testenv/curl.py index 7c3f6e72d9..f8e7b12a26 100644 --- a/tests/http/testenv/curl.py +++ b/tests/http/testenv/curl.py @@ -895,6 +895,9 @@ class CurlClient: if not isinstance(urls, list): urls = [urls] + if options is not None and '--resolve' in options: + force_resolve = False + args = [self._curl, "-s", "--path-as-is"] if 'CURL_TEST_EVENT' in os.environ: args.append('--test-event') From f284222ffc852c2d908bf5e8397cf4ac7fc91a42 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 1 Oct 2025 08:16:45 +0200 Subject: [PATCH 0224/2408] TODO: fix a typo Closes #18788 --- docs/TODO | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/TODO b/docs/TODO index d7416f9c8e..4db3f5f4ed 100644 --- a/docs/TODO +++ b/docs/TODO @@ -531,7 +531,7 @@ 5.2 Obey Retry-After in redirects - The Retry-After is said to dicate "the minimum time that the user agent is + The Retry-After is said to dictate "the minimum time that the user agent is asked to wait before issuing the redirected request" and libcurl does not obey this. From a2b7a4157c2b83b523ed6e6886e28d48208e33fb Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 1 Oct 2025 08:19:35 +0200 Subject: [PATCH 0225/2408] typos.toml: exclude more from typo checks - exclude visual studio project templates - exclude test cases - allow 'proxys' which is used for "secure proxy" in test code - allow Tru64 and secur32 Closes #18789 --- .github/scripts/typos.toml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/scripts/typos.toml b/.github/scripts/typos.toml index 73ecac136a..97c682b5b6 100644 --- a/.github/scripts/typos.toml +++ b/.github/scripts/typos.toml @@ -12,6 +12,10 @@ extend-ignore-identifiers-re = [ "^[0-9a-zA-Z+]{64,}$", # possibly base64 "^(Januar|eyeballers|HELO_smtp|kno22|MkTypLibCompatible|optin|passin|perfec|__SecURE|SMTP_HELO|v_alue)$", "^(clen|req_clen|smtp_perform_helo|smtp_state_helo_resp|_stati64)$", + "^Tru64$", + "secur32", + # this should be limited to tests/http/*. Short for secure proxy. + "proxys", ] extend-ignore-re = [ @@ -25,4 +29,7 @@ extend-exclude = [ "docs/THANKS", "packages/*", "scripts/wcurl", + "projects/Windows/tmpl/curl.vcxproj", + "projects/Windows/tmpl/libcurl.vcxproj", + "tests/data/test*", ] From 205758d7eaad31b256812ce4da64c2ca01951cc1 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 1 Oct 2025 09:12:10 +0200 Subject: [PATCH 0226/2408] RELEASE-NOTES: synced --- RELEASE-NOTES | 45 ++++++++++++++++++++++++++++++++++++++------- 1 file changed, 38 insertions(+), 7 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 511be250eb..3977134b83 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -4,7 +4,7 @@ curl and libcurl 8.17.0 Command line options: 272 curl_easy_setopt() options: 308 Public functions in libcurl: 98 - Contributors: 3509 + Contributors: 3510 This release includes the following changes: @@ -17,6 +17,7 @@ This release includes the following changes: This release includes the following bugfixes: o ares: fix leak in tracing [91] + o asyn-thrdd resolver: clear timeout when done [97] o asyn-thrdd: drop pthread_cancel [30] o autotools: add support for libgsasl auto-detection via pkg-config [112] o autotools: capitalize 'Rustls' in the log output [106] @@ -26,15 +27,21 @@ This release includes the following bugfixes: o aws-lc: re-enable large read-ahead with v1.61.0 again [16] o base64: accept zero length argument to base64_encode [82] o build: address some `-Weverything` warnings, update picky warnings [74] + o build: avoid overriding system `open` and `stat` symbols [141] + o build: avoid overriding system symbols for fopen functions [150] o build: avoid overriding system symbols for socket functions [68] o build: show llvm/clang in platform flags and `buildinfo.txt` [126] o cf-h2-proxy: break loop on edge case [140] + o cf-ip-happy: mention unix domain path, not port number [161] o cf-socket: use the right byte order for ports in bindlocal [61] o cfilter: unlink and discard [46] + o checksrc: catch banned functions when preceded by `(` [146] + o checksrc: fix possible endless loop when detecting `BANNEDFUNC` [149] o cmake: add `CURL_CODE_COVERAGE` option [78] o cmake: clang detection tidy-ups [116] o cmake: fix building docs when the base directory contains `.3` [18] o cmake: use modern alternatives for `get_filename_component()` [102] + o cmake: use more `COMPILER_OPTIONS`, `LINK_OPTIONS` / `LINK_FLAGS` [152] o cmdline-docs: extended, clarified, refreshed [28] o configure: add "-mt" for pthread support on HP-UX [52] o cookie: avoid saving a cookie file if no transfer was done [11] @@ -54,11 +61,14 @@ This release includes the following bugfixes: o docs: fix/tidy code fences [87] o easy_getinfo: check magic, Curl_close safety [3] o examples: fix two issues found by CodeQL [35] + o examples: fix two more cases of `stat()` TOCTOU [147] o ftp: fix ftp_do_more returning with *completep unset [122] o ftp: fix port number range loop for PORT commands [66] o gtls: avoid potential use of uninitialized variable in trace output [83] o hostip: remove leftover INT_MAX check in Curl_dnscache_prune [88] + o http: handle user-defined connection headers [165] o httpsrr: free old pointers when storing new [57] + o ip-happy: do not set unnecessary timeout [95] o krb5: return appropriate error on send failures [22] o ldap: do not base64 encode zero length string [42] o lib: upgrade/multiplex handling [136] @@ -84,6 +94,7 @@ This release includes the following bugfixes: o ngtcp2: check error code on connect failure [13] o ngtcp2: fix early return [131] o openldap: avoid indexing the result at -1 for blank responses [44] + o openldap: check ber_sockbuf_add_io() return code [163] o openldap: check ldap_get_option() return codes [119] o openssl-quic: check results better [132] o openssl-quic: handle error in SSL_get_stream_read_error_code [129] @@ -122,15 +133,18 @@ This release includes the following bugfixes: o telnet: make printsub require another byte input [21] o telnet: refuse IAC codes in content [111] o telnet: return error on crazy TTYPE or XDISPLOC lengths [123] + o tests/server: drop unsafe `open()` override in signal handler (Windows) [151] o tftp: check and act on tftp_set_timeouts() returning error [38] o tftp: handle tftp_multi_statemach() return code [65] o tftp: pin the first used address [110] o tftp: propagate expired timer from tftp_state_timeout() [39] o tftp: return error when sendto() fails [59] + o tidy-up: `fcntl.h` includes [98] o tidy-up: assortment of small fixes [115] o tidy-up: avoid using the reserved macro namespace [76] o tidy-up: update MS links, allow long URLs via `checksrc` [73] o tidy-up: URLs [101] + o TODO: fix a typo [93] o TODO: remove already implemented or bad items [36] o tool: fix exponential retry delay [47] o tool_cb_hdr: fix fwrite check in header callback [49] @@ -139,6 +153,7 @@ This release includes the following bugfixes: o tool_getparam/set_rate: skip the multiplication on overflow [84] o tool_operate: improve wording in retry message [37] o tool_operate: keep the progress meter for --out-null [33] + o tool_progress: handle possible integer overflows [164] o transfer: avoid busy loop with tiny speed limit [100] o urldata: FILE is not a list-only protocol [9] o vtls: alpn setting, check proto parameter [134] @@ -174,12 +189,13 @@ advice from friends like these: Adam Light, Andrew Kirillov, Andrew Olsen, BobodevMm on github, Christian Schmitz, Dan Fandrich, Daniel Stenberg, dependabot[bot], divinity76 on github, Emilio Pozuelo Monfort, Ethan Everett, - fds242 on github, Javier Blazquez, Jicea, jmaggard10 on github, - Joseph Birr-Pixton, Joshua Rogers, kapsiR on github, Marcel Raad, - Michael Osipov, Michał Petryka, Nir Azkiel, Patrick Monnerat, Ray Satiro, - renovate[bot], rinsuki on github, Samuel Dionne-Riel, Stanislav Fort, - Stefan Eissing, Viktor Szakats - (30 contributors) + Evgeny Grin (Karlson2k), fds242 on github, Howard Chu, Javier Blazquez, + Jicea, jmaggard10 on github, Johannes Schindelin, Joseph Birr-Pixton, + Joshua Rogers, kapsiR on github, kuchara on github, Marcel Raad, + Michael Osipov, Michał Petryka, Mohamed Daahir, Nir Azkiel, Patrick Monnerat, + Ray Satiro, renovate[bot], rinsuki on github, Samuel Dionne-Riel, + Stanislav Fort, Stefan Eissing, Viktor Szakats + (35 contributors) References to bug reports and discussions on issues: @@ -274,8 +290,12 @@ References to bug reports and discussions on issues: [90] = https://curl.se/bug/?i=18681 [91] = https://curl.se/bug/?i=18251 [92] = https://curl.se/bug/?i=18739 + [93] = https://curl.se/bug/?i=18788 [94] = https://curl.se/bug/?i=18722 + [95] = https://curl.se/bug/?i=18767 [96] = https://curl.se/bug/?i=18737 + [97] = https://curl.se/bug/?i=18769 + [98] = https://curl.se/bug/?i=18782 [99] = https://curl.se/bug/?i=18733 [100] = https://curl.se/bug/?i=18732 [101] = https://curl.se/bug/?i=18689 @@ -317,7 +337,18 @@ References to bug reports and discussions on issues: [137] = https://curl.se/bug/?i=18719 [139] = https://curl.se/bug/?i=18714 [140] = https://curl.se/bug/?i=18715 + [141] = https://curl.se/bug/?i=18776 [142] = https://curl.se/bug/?i=18713 [143] = https://curl.se/bug/?i=18712 [144] = https://curl.se/bug/?i=18711 [145] = https://curl.se/bug/?i=18682 + [146] = https://curl.se/bug/?i=18779 + [147] = https://curl.se/bug/?i=18778 + [149] = https://curl.se/bug/?i=18775 + [150] = https://curl.se/bug/?i=18510 + [151] = https://curl.se/bug/?i=18774 + [152] = https://curl.se/bug/?i=18762 + [161] = https://curl.se/bug/?i=18749 + [163] = https://curl.se/bug/?i=18747 + [164] = https://curl.se/bug/?i=18744 + [165] = https://curl.se/bug/?i=18662 From a5a17b8ddb69195595b145d3b985a080a87acdc9 Mon Sep 17 00:00:00 2001 From: Samuel Henrique Date: Sat, 27 Sep 2025 09:42:08 +0100 Subject: [PATCH 0227/2408] wcurl: import v2025.09.27 Closes #18754 --- docs/wcurl.md | 12 +++++++++--- scripts/wcurl | 51 +++++++++++++++++++++++++++------------------------ 2 files changed, 36 insertions(+), 27 deletions(-) diff --git a/docs/wcurl.md b/docs/wcurl.md index 4111af5226..ab5f956fc0 100644 --- a/docs/wcurl.md +++ b/docs/wcurl.md @@ -45,6 +45,9 @@ By default, **wcurl** does: ## * Download multiple URLs in parallel if the installed curl's version is \>= 7.66.0 (--parallel); +## * Use a total number of 5 parallel connections to the same protocol + hostname + port number target + if the installed curl's version is \>= 8.16.0 (--parallel-max-host); + ## * Follow redirects; ## * Automatically choose a filename as output; @@ -124,10 +127,13 @@ Download a file passing the **--progress-bar** and **--http2** flags to curl: **wcurl --curl-options="--progress-bar --http2" example.com/filename.txt** -Resume from an interrupted download (if more options are used, this needs to -be the last one in the list): +* Resume from an interrupted download. The options necessary to resume the download (`--clobber --continue-at -`) must be the **last** options specified in `--curl-options`. Note that the only way to resume interrupted downloads is to allow wcurl to overwrite the destination file: -**wcurl --curl-options="--continue-at -" example.com/filename.txt** +**wcurl --curl-options="--clobber --continue-at -" example.com/filename.txt** + +Download multiple files without a limit of concurrent connections per host (the default limit is 5): + +**wcurl --curl-options="--parallel-max-host 0" example.com/filename1.txt example.com/filename2.txt** # AUTHORS diff --git a/scripts/wcurl b/scripts/wcurl index af66ae7fca..1014779e13 100755 --- a/scripts/wcurl +++ b/scripts/wcurl @@ -29,7 +29,7 @@ # Stop on errors and on usage of unset variables. set -eu -VERSION="2025.05.26" +VERSION="2025.09.27" PROGRAM_NAME="$(basename "$0")" readonly PROGRAM_NAME @@ -91,7 +91,7 @@ error() # Extra curl options provided by the user. # This is set per-URL for every URL provided. -# Some options are global, but we are erroring on the side of needlesly setting +# Some options are global, but we are erroring on the side of needlessly setting # them multiple times instead of causing issues with parameters that needs to # be set per-URL. CURL_OPTIONS="" @@ -133,7 +133,7 @@ sanitize() is_subset_of() { case "${1}" in - *[!${2}]*|'') return 1;; + *[!${2}]* | '') return 1 ;; esac } @@ -151,9 +151,9 @@ percent_decode() decode_out="${decode_out}${decode_hex2}" # Skip decoding if this is a control character (00-1F). # Skip decoding if DECODE_FILENAME is not "true". - if is_subset_of "${decode_hex1}" "23456789abcdefABCDEF" && \ - is_subset_of "${decode_hex2}" "0123456789abcdefABCDEF" && \ - [ "${DECODE_FILENAME}" = "true" ]; then + if is_subset_of "${decode_hex1}" "23456789abcdefABCDEF" \ + && is_subset_of "${decode_hex2}" "0123456789abcdefABCDEF" \ + && [ "${DECODE_FILENAME}" = "true" ]; then # Use printf to decode it into octal and then decode it to the final format. decode_out="$(printf "%b" "\\$(printf %o "0x${decode_hex1}${decode_hex2}")")" fi @@ -171,7 +171,7 @@ get_url_filename() # If what remains contains a slash, there's a path; return it percent-decoded. case "${hostname_and_path}" in # sed to remove everything preceding the last '/', e.g.: "example/something" becomes "something" - */*) percent_decode "$(printf %s "${hostname_and_path}" | sed -e 's,^.*/,,')";; + */*) percent_decode "$(printf %s "${hostname_and_path}" | sed -e 's,^.*/,,')" ;; esac # No slash means there was just a hostname and no path; return empty string. } @@ -181,35 +181,38 @@ exec_curl() { CMD="curl " - # Store version to check if it supports --no-clobber and --parallel. + # Store version to check if it supports --no-clobber, --parallel and --parallel-max-host. curl_version=$($CMD --version | cut -f2 -d' ' | head -n1) curl_version_major=$(echo "$curl_version" | cut -f1 -d.) curl_version_minor=$(echo "$curl_version" | cut -f2 -d.) - CURL_HAS_NO_CLOBBER="" - CURL_HAS_PARALLEL="" + CURL_NO_CLOBBER="" + CURL_PARALLEL="" # --no-clobber is only supported since 7.83.0. # --parallel is only supported since 7.66.0. + # --parallel-max-host is only supported since 8.16.0. if [ "${curl_version_major}" -ge 8 ]; then - CURL_HAS_NO_CLOBBER="--no-clobber" - CURL_HAS_PARALLEL="--parallel" - elif [ "${curl_version_major}" -eq 7 ];then + CURL_NO_CLOBBER="--no-clobber" + CURL_PARALLEL="--parallel" + if [ "${curl_version_minor}" -ge 16 ]; then + CURL_PARALLEL="--parallel --parallel-max-host 5" + fi + elif [ "${curl_version_major}" -eq 7 ]; then if [ "${curl_version_minor}" -ge 83 ]; then - CURL_HAS_NO_CLOBBER="--no-clobber" + CURL_NO_CLOBBER="--no-clobber" fi if [ "${curl_version_minor}" -ge 66 ]; then - CURL_HAS_PARALLEL="--parallel" + CURL_PARALLEL="--parallel" fi fi - # Detecting whether we need --parallel. It's easier to rely on + # Detecting whether we need --parallel. It's easier to rely on # the shell's argument parsing. # shellcheck disable=SC2086 set -- $URLS - if [ "$#" -gt 1 ]; then - CURL_PARALLEL="$CURL_HAS_PARALLEL" - else + # If there are less than two URLs, don't set the parallel flag. + if [ "$#" -lt 2 ]; then CURL_PARALLEL="" fi @@ -231,7 +234,7 @@ exec_curl() [ -z "${OUTPUT_PATH}" ] && OUTPUT_PATH=index.html fi # shellcheck disable=SC2086 - set -- "$@" ${NEXT_PARAMETER} ${PER_URL_PARAMETERS} ${CURL_HAS_NO_CLOBBER} ${CURL_OPTIONS} --output "${OUTPUT_PATH}" "${url}" + set -- "$@" ${NEXT_PARAMETER} ${PER_URL_PARAMETERS} ${CURL_NO_CLOBBER} --output "${OUTPUT_PATH}" ${CURL_OPTIONS} "${url}" NEXT_PARAMETER="--next" done @@ -268,13 +271,13 @@ while [ -n "${1-}" ]; do OUTPUT_PATH="${opt}" ;; - -o|-O|--output) + -o | -O | --output) shift HAS_USER_SET_OUTPUT="true" OUTPUT_PATH="${1}" ;; - -o*|-O*) + -o* | -O*) opt=$(printf "%s\n" "${1}" | sed 's/^-[oO]//') HAS_USER_SET_OUTPUT="true" OUTPUT_PATH="${opt}" @@ -284,12 +287,12 @@ while [ -n "${1-}" ]; do DECODE_FILENAME="false" ;; - -h|--help) + -h | --help) usage exit 0 ;; - -V|--version) + -V | --version) print_version exit 0 ;; From 0e67d97b831e94bd17128a172860e1b9111ea239 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 1 Oct 2025 01:37:23 +0000 Subject: [PATCH 0228/2408] GHA: update dependency libressl/portable to v4.1.1 Closes #18785 Closes #18786 --- .github/workflows/http3-linux.yml | 2 +- .github/workflows/linux.yml | 2 +- .github/workflows/macos.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index ffcab39f12..a5430dc5a1 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -44,7 +44,7 @@ env: # handled in renovate.json QUICTLS_VERSION: 3.3.0 # renovate: datasource=github-tags depName=libressl/portable versioning=semver registryUrl=https://github.com - LIBRESSL_VERSION: 4.1.0 + LIBRESSL_VERSION: 4.1.1 # renovate: datasource=github-tags depName=awslabs/aws-lc versioning=semver registryUrl=https://github.com AWSLC_VERSION: 1.61.4 # renovate: datasource=github-tags depName=google/boringssl versioning=semver registryUrl=https://github.com diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 606c83db84..8de911d7e9 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -38,7 +38,7 @@ env: CURL_CI: github CURL_CLANG_TIDYFLAGS: '-checks=-clang-analyzer-security.insecureAPI.bzero,-clang-analyzer-security.insecureAPI.strcpy,-clang-analyzer-optin.performance.Padding,-clang-analyzer-security.ArrayBound,-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling,-clang-analyzer-valist.Uninitialized' # renovate: datasource=github-tags depName=libressl-portable/portable versioning=semver registryUrl=https://github.com - LIBRESSL_VERSION: 4.1.0 + LIBRESSL_VERSION: 4.1.1 # renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?.+)-stable$ registryUrl=https://github.com WOLFSSL_VERSION: 5.8.2 # renovate: datasource=github-tags depName=Mbed-TLS/mbedtls versioning=semver registryUrl=https://github.com diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index 6777f3aa92..d766cf1c22 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -59,7 +59,7 @@ jobs: MATRIX_BUILD: ${{ matrix.build.generate && 'cmake' || 'autotools' }} MATRIX_OPTIONS: ${{ matrix.build.options }} # renovate: datasource=github-tags depName=libressl-portable/portable versioning=semver registryUrl=https://github.com - LIBRESSL_VERSION: 4.1.0 + LIBRESSL_VERSION: 4.1.1 strategy: fail-fast: false matrix: From 150567b0d25b519873800ac883ae43833e8f6aca Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 1 Oct 2025 12:12:30 +0200 Subject: [PATCH 0229/2408] tidy-up: LibreSSL Git repository URLs and local CI builds Also: - point the source tarball to a working URL. The GitHub release page misses the official source tarball for 4.1.1. - GHA/linux: switch LibreSSL build to cmake (syncing with http3-linux.) - GHA/macos: drop no longer needed LibreSSL build workaround. Closes #18792 --- .github/workflows/http3-linux.yml | 2 +- .github/workflows/linux.yml | 9 +++++---- .github/workflows/macos.yml | 4 +--- plan9/README | 2 +- 4 files changed, 8 insertions(+), 9 deletions(-) diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index a5430dc5a1..ce6ee41a8a 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -213,7 +213,7 @@ jobs: run: | cd ~ curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \ - --location "https://github.com/libressl/portable/releases/download/v${LIBRESSL_VERSION}/libressl-${LIBRESSL_VERSION}.tar.gz" | tar -xz + "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-${LIBRESSL_VERSION}.tar.gz" | tar -xz cd "libressl-${LIBRESSL_VERSION}" cmake -B . -G Ninja -DLIBRESSL_APPS=OFF -DLIBRESSL_TESTS=OFF -DCMAKE_INSTALL_PREFIX=/home/runner/libressl/build cmake --build . diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 8de911d7e9..068fc0842c 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -37,7 +37,7 @@ env: MAKEFLAGS: -j 5 CURL_CI: github CURL_CLANG_TIDYFLAGS: '-checks=-clang-analyzer-security.insecureAPI.bzero,-clang-analyzer-security.insecureAPI.strcpy,-clang-analyzer-optin.performance.Padding,-clang-analyzer-security.ArrayBound,-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling,-clang-analyzer-valist.Uninitialized' - # renovate: datasource=github-tags depName=libressl-portable/portable versioning=semver registryUrl=https://github.com + # renovate: datasource=github-tags depName=libressl/portable versioning=semver registryUrl=https://github.com LIBRESSL_VERSION: 4.1.1 # renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?.+)-stable$ registryUrl=https://github.com WOLFSSL_VERSION: 5.8.2 @@ -360,10 +360,11 @@ jobs: if: ${{ contains(matrix.build.install_steps, 'libressl') && steps.cache-libressl.outputs.cache-hit != 'true' }} run: | curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \ - --location "https://github.com/libressl/portable/releases/download/v${LIBRESSL_VERSION}/libressl-${LIBRESSL_VERSION}.tar.gz" | tar -xz + "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-${LIBRESSL_VERSION}.tar.gz" | tar -xz cd "libressl-${LIBRESSL_VERSION}" - ./configure --disable-dependency-tracking --prefix=/home/runner/libressl - make install + cmake -B . -G Ninja -DLIBRESSL_APPS=OFF -DLIBRESSL_TESTS=OFF -DCMAKE_INSTALL_PREFIX=/home/runner/libressl + cmake --build . + cmake --install . - name: 'cache wolfssl (all)' if: ${{ contains(matrix.build.install_steps, 'wolfssl-all') }} diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index d766cf1c22..1e2e61c8af 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -58,7 +58,7 @@ jobs: LDFLAGS: '' MATRIX_BUILD: ${{ matrix.build.generate && 'cmake' || 'autotools' }} MATRIX_OPTIONS: ${{ matrix.build.options }} - # renovate: datasource=github-tags depName=libressl-portable/portable versioning=semver registryUrl=https://github.com + # renovate: datasource=github-tags depName=libressl/portable versioning=semver registryUrl=https://github.com LIBRESSL_VERSION: 4.1.1 strategy: fail-fast: false @@ -124,9 +124,7 @@ jobs: curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 60 --retry 3 --retry-connrefused \ --location "https://github.com/libressl/portable/releases/download/v${LIBRESSL_VERSION}/libressl-${LIBRESSL_VERSION}.tar.gz" | tar -x cd "libressl-${LIBRESSL_VERSION}" - # FIXME: on the 4.0.1 release, delete '-DHAVE_ENDIAN_H=0' cmake -B . -G Ninja \ - -DHAVE_ENDIAN_H=0 \ -DCMAKE_INSTALL_PREFIX=/Users/runner/libressl \ -DCMAKE_SYSTEM_NAME=iOS \ -DCMAKE_SYSTEM_PROCESSOR=aarch64 \ diff --git a/plan9/README b/plan9/README index 6df23d31a7..3372e64f7b 100644 --- a/plan9/README +++ b/plan9/README @@ -11,7 +11,7 @@ The zlib that is available on Plan 9 can be downloaded from: LibreSSL Portable can be downloaded from: - https://github.com/libressl-portable/portable/pull/510 + https://github.com/libressl/portable/pull/510 Instruction =========== From b2ae19eed4073349ec8bee84007556ab8ded2ad0 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 1 Oct 2025 13:33:22 +0200 Subject: [PATCH 0230/2408] tool_getparam: warn if provided header looks malformed URL: https://fosstodon.org/@galdor/115298664084113519 Closes #18793 --- src/tool_getparam.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/tool_getparam.c b/src/tool_getparam.c index eed87bb807..60b3b30ad4 100644 --- a/src/tool_getparam.c +++ b/src/tool_getparam.c @@ -1267,6 +1267,10 @@ static ParameterError parse_header(struct OperationConfig *config, } } else { + if(!strchr(nextarg, ':') && !strchr(nextarg, ';')) { + warnf("The provided %s header '%s' does not look like a header?", + (cmd == C_PROXY_HEADER) ? "proxy": "HTTP", nextarg); + } if(cmd == C_PROXY_HEADER) /* --proxy-header */ err = add2list(&config->proxyheaders, nextarg); else From bc37765466e659f1d0bafe131735f2379f3b20ae Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 1 Oct 2025 11:26:16 +0200 Subject: [PATCH 0231/2408] form.md: drop reference to MANUAL Since it isn't linked and users might not understand what it refers to. Ref: #18755 Closes #18790 --- docs/cmdline-opts/form.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/docs/cmdline-opts/form.md b/docs/cmdline-opts/form.md index 9633b25119..100e29e571 100644 --- a/docs/cmdline-opts/form.md +++ b/docs/cmdline-opts/form.md @@ -141,5 +141,3 @@ base64 attached file: curl -F '=text message;encoder=quoted-printable' \ -F '=@localfile;encoder=base64' ... smtp://example.com - -See further examples and details in the MANUAL. From e891b4195fdc133e975d86bda865720cafd6add0 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 26 Sep 2025 14:10:30 +0200 Subject: [PATCH 0232/2408] cf-socket: tweak a memcpy() to read better By checking the size of the actual buffer and using that as memcpy target instead of another union member, this helps readers and static code analyzers to determine that this is not a buffer overflow. Ref: #18677 Closes #18787 --- lib/cf-socket.c | 7 +++---- lib/cf-socket.h | 9 +++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/lib/cf-socket.c b/lib/cf-socket.c index 3d1f5e7529..1fabf0ea0b 100644 --- a/lib/cf-socket.c +++ b/lib/cf-socket.c @@ -333,12 +333,11 @@ static CURLcode sock_assign_addr(struct Curl_sockaddr_ex *dest, } dest->addrlen = (unsigned int)ai->ai_addrlen; - if(dest->addrlen > sizeof(struct Curl_sockaddr_storage)) { - DEBUGASSERT(0); + DEBUGASSERT(dest->addrlen <= sizeof(dest->curl_sa_addrbuf)); + if(dest->addrlen > sizeof(dest->curl_sa_addrbuf)) return CURLE_TOO_LARGE; - } - memcpy(&dest->curl_sa_addr, ai->ai_addr, dest->addrlen); + memcpy(&dest->curl_sa_addrbuf, ai->ai_addr, dest->addrlen); return CURLE_OK; } diff --git a/lib/cf-socket.h b/lib/cf-socket.h index 083202fad9..85b7e5631b 100644 --- a/lib/cf-socket.h +++ b/lib/cf-socket.h @@ -48,11 +48,12 @@ struct Curl_sockaddr_ex { int protocol; unsigned int addrlen; union { - struct sockaddr addr; - struct Curl_sockaddr_storage buff; - } _sa_ex_u; + struct sockaddr sa; + struct Curl_sockaddr_storage buf; + } addr; }; -#define curl_sa_addr _sa_ex_u.addr +#define curl_sa_addr addr.sa +#define curl_sa_addrbuf addr.buf /* * Parse interface option, and return the interface name and the host part. From d71ec36d1b6ec2feeb3811f143e7e98fceb95be1 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Wed, 1 Oct 2025 11:23:27 +0200 Subject: [PATCH 0233/2408] openssl-quic: ignore unexpected streams opened by server HTTP/3 defines "reserved stream types" that are intended to be ignored by a receiver. This is part of the "greasing" effort that flexes parts of the protocol that are needed for future extensions. curl's OpenSSL-QUIC implementation treated all unexpected streams as an error. Which seems the right thing to do *but* for these reserved types. However OpenSSL does not expose this type and thus, curl needs to silently discard all unexpected streams opened by the server to allow interop with servers that flex the GREASE parts. Fixes #18780 Reported-by: Pocs Norbert Closes #18791 --- lib/vquic/curl_osslq.c | 36 ++++++++++++++++++++---------------- 1 file changed, 20 insertions(+), 16 deletions(-) diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c index e6278ad961..aea03c038f 100644 --- a/lib/vquic/curl_osslq.c +++ b/lib/vquic/curl_osslq.c @@ -453,32 +453,36 @@ static CURLcode cf_osslq_h3conn_add_stream(struct cf_osslq_h3conn *h3, { struct cf_osslq_ctx *ctx = cf->ctx; curl_int64_t stream_id = (curl_int64_t)SSL_get_stream_id(stream_ssl); - - if(h3->remote_ctrl_n >= CURL_ARRAYSIZE(h3->remote_ctrl)) { - /* rejected, we are full */ - CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] rejecting remote stream", - stream_id); - SSL_free(stream_ssl); - return CURLE_FAILED_INIT; - } - switch(SSL_get_stream_type(stream_ssl)) { + int stype = SSL_get_stream_type(stream_ssl); + /* This could be a GREASE stream, e.g. HTTP/3 rfc9114 ch 6.2.3 + * reserved stream type that is supposed to be discarded silently. + * BUT OpenSSL does not offer this information to us. So, we silently + * ignore all such streams we do not expect. */ + switch(stype) { case SSL_STREAM_TYPE_READ: { - struct cf_osslq_stream *nstream = &h3->remote_ctrl[h3->remote_ctrl_n++]; + struct cf_osslq_stream *nstream; + if(h3->remote_ctrl_n >= CURL_ARRAYSIZE(h3->remote_ctrl)) { + /* rejected, we are full */ + CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] reject remote uni stream", + stream_id); + SSL_free(stream_ssl); + return CURLE_OK; + } + nstream = &h3->remote_ctrl[h3->remote_ctrl_n++]; nstream->id = stream_id; nstream->ssl = stream_ssl; Curl_bufq_initp(&nstream->recvbuf, &ctx->stream_bufcp, 1, BUFQ_OPT_NONE); CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] accepted remote uni stream", stream_id); - break; + return CURLE_OK; } default: - CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] reject remote non-uni-read" - " stream", stream_id); + CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] reject remote %s" + " stream, type=%x", stream_id, + (stype == SSL_STREAM_TYPE_BIDI) ? "bidi" : "write", stype); SSL_free(stream_ssl); - return CURLE_FAILED_INIT; + return CURLE_OK; } - return CURLE_OK; - } static CURLcode cf_osslq_ssl_err(struct Curl_cfilter *cf, From 285f64d3a033e33ad0f0805fa6f5d72150b59333 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 1 Oct 2025 21:53:04 +0200 Subject: [PATCH 0234/2408] GHA/macos: also update LibreSSL source tarball URL Follow-up to 150567b0d25b519873800ac883ae43833e8f6aca #18792 --- .github/workflows/macos.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index 1e2e61c8af..b0f958d70c 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -122,7 +122,7 @@ jobs: if: ${{ contains(matrix.build.install_steps, 'libressl') && steps.cache-libressl.outputs.cache-hit != 'true' }} run: | curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 60 --retry 3 --retry-connrefused \ - --location "https://github.com/libressl/portable/releases/download/v${LIBRESSL_VERSION}/libressl-${LIBRESSL_VERSION}.tar.gz" | tar -x + "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-${LIBRESSL_VERSION}.tar.gz" | tar -xz cd "libressl-${LIBRESSL_VERSION}" cmake -B . -G Ninja \ -DCMAKE_INSTALL_PREFIX=/Users/runner/libressl \ From e234c0942648297dd15c265d359f91e7425b24fc Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 1 Oct 2025 19:54:31 +0000 Subject: [PATCH 0235/2408] GHA: update dependency openssl/openssl to v3.6.0 Closes #18796 --- .github/workflows/http3-linux.yml | 2 +- .github/workflows/linux.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index ce6ee41a8a..5b1bd5fde6 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -40,7 +40,7 @@ env: MAKEFLAGS: -j 5 CURL_CI: github # handled in renovate.json - OPENSSL_VERSION: 3.5.4 + OPENSSL_VERSION: 3.6.0 # handled in renovate.json QUICTLS_VERSION: 3.3.0 # renovate: datasource=github-tags depName=libressl/portable versioning=semver registryUrl=https://github.com diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 068fc0842c..36d37dfaea 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -48,7 +48,7 @@ env: # renovate: datasource=github-tags depName=google/boringssl versioning=semver registryUrl=https://github.com BORINGSSL_VERSION: 0.20250818.0 # handled in renovate.json - OPENSSL_VERSION: 3.5.4 + OPENSSL_VERSION: 3.6.0 # handled in renovate.json QUICTLS_VERSION: 3.3.0 # renovate: datasource=github-tags depName=rustls/rustls-ffi versioning=semver registryUrl=https://github.com From 9ebf778e824007f1aad83ba79f5af802ee77c884 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 23 Sep 2025 10:17:29 +0200 Subject: [PATCH 0236/2408] GHA/linux: add HTTP/3 c-ares scan-build and asan jobs They use Linuxbrew instead of locally built components. Linuxbrew limitations compared to the locally built components in GHA/http3-linux: - libngtcp2 currently supports OpenSSL only. - wolfssl can't coexist with openssl. - somewhat tricky configuration with autotools. Upside is easy of use, always the latest versions (may be downside), and availability of almost all packages. Closes #18693 --- .github/workflows/linux.yml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 36d37dfaea..3c827ae34b 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -239,6 +239,20 @@ jobs: --enable-ech --with-gssapi --enable-ssls-export --disable-debug --disable-unity + - name: 'scan-build H3 c-ares' + install_packages: clang-tools clang libidn2-dev libnghttp2-dev + install_steps: skipall + install_steps_brew: openssl libngtcp2 libnghttp3 c-ares + CC: clang + configure-prefix: scan-build + make-prefix: scan-build --status-bugs + LDFLAGS: -Wl,-rpath,/home/linuxbrew/.linuxbrew/opt/openssl/lib -Wl,-rpath,/home/linuxbrew/.linuxbrew/opt/libngtcp2/lib -Wl,-rpath,/home/linuxbrew/.linuxbrew/opt/libnghttp3/lib -Wl,-rpath,/home/linuxbrew/.linuxbrew/opt/c-ares/lib + PKG_CONFIG_PATH: /home/linuxbrew/.linuxbrew/opt/libngtcp2/lib/pkgconfig:/home/linuxbrew/.linuxbrew/opt/libnghttp3/lib/pkgconfig:/home/linuxbrew/.linuxbrew/opt/c-ares/lib/pkgconfig + configure: >- + --with-openssl=/home/linuxbrew/.linuxbrew/opt/openssl --with-ngtcp2 --with-nghttp3= + --with-libidn2 --enable-httpsrr --enable-ares + --disable-debug --disable-unity + - name: 'address-sanitizer' install_packages: clang libssl-dev libssh-dev libidn2-dev libnghttp2-dev libubsan1 libasan8 libtsan2 install_steps: pytest randcurl @@ -247,6 +261,16 @@ jobs: CC: clang generate: -DENABLE_DEBUG=ON -DCURL_USE_LIBSSH=ON + - name: 'address-sanitizer H3 c-ares' + install_packages: clang libubsan1 libasan8 libtsan2 + install_steps: pytest + install_steps_brew: openssl libngtcp2 libnghttp3 c-ares + CFLAGS: -fsanitize=address,undefined,signed-integer-overflow -fno-sanitize-recover=undefined,integer -Wformat -Werror=format-security -Werror=array-bounds -g + LDFLAGS: -fsanitize=address,undefined -fno-sanitize-recover=undefined,integer -ldl -lubsan -Wl,-rpath,/home/linuxbrew/.linuxbrew/opt/c-ares/lib + PKG_CONFIG_PATH: /home/linuxbrew/.linuxbrew/opt/libngtcp2/lib/pkgconfig:/home/linuxbrew/.linuxbrew/opt/libnghttp3/lib/pkgconfig:/home/linuxbrew/.linuxbrew/opt/c-ares/lib/pkgconfig + CC: clang + generate: -DENABLE_DEBUG=ON -DCURL_USE_OPENSSL=ON -DOPENSSL_ROOT_DIR=/home/linuxbrew/.linuxbrew/opt/openssl -DUSE_NGTCP2=ON -DUSE_SSLS_EXPORT=ON -DENABLE_ARES=ON + - name: 'thread-sanitizer' install_packages: clang libtsan2 install_steps: pytest openssl-tsan From e43aea3049ae50e9297d45cf5d96f3ac78999b69 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 1 Oct 2025 22:19:01 +0200 Subject: [PATCH 0237/2408] lib: fix build error and compiler warnings with verbose strings disabled - asyn-ares: fix compiler warning: ``` lib/asyn-ares.c:751:17: error: code will never be executed [clang-diagnostic-unreachable-code,-warnings-as-errors] 751 | char *csv = ares_get_servers_csv(ares->channel); | ^~~~~~~~~~~~~~~~~~~~ ``` - curl_trc: fix missing symbol: ``` /usr/bin/ld: ../lib/.libs/libcurl.so: undefined reference to `Curl_trc_timer' collect2: error: ld returned 1 exit status ``` Ref: https://app.circleci.com/pipelines/github/curl/curl/15446/workflows/67afa113-9c49-4249-9180-f6f01fc7dfdd/jobs/149177 Ref: https://github.com/curl/curl/actions/runs/18174250400/job/51736249444#step:33:623 Follow-up to b02238975768d0bcbf8c7ef00eaaee3ec379f4ff #18768 - multi: fix `-Wunreachable-code`: ``` lib/multi.c:1107:28: error: code will never be executed [-Werror,-Wunreachable-code] 1107 | size_t timeout_count = Curl_llist_count(&data->state.timeoutlist); | ^~~~~~~~~~~~~~~~ lib/multi.c:3054:35: error: code will never be executed [-Werror,-Wunreachable-code] 3054 | struct Curl_llist_node *e = Curl_llist_head(&data->state.timeoutlist); | ^~~~~~~~~~~~~~~ lib/multi.c:3380:7: error: code will never be executed [-Werror,-Wunreachable-code] 3380 | Curl_llist_head(&data->state.timeoutlist); | ^~~~~~~~~~~~~~~ ``` Cherry-picked from #18797 Closes #18799 --- lib/asyn-ares.c | 3 ++- lib/curl_trc.c | 5 +++++ lib/multi.c | 12 ++++++++++++ 3 files changed, 19 insertions(+), 1 deletion(-) diff --git a/lib/asyn-ares.c b/lib/asyn-ares.c index 0a04f4cc36..a9988806ac 100644 --- a/lib/asyn-ares.c +++ b/lib/asyn-ares.c @@ -746,7 +746,8 @@ struct Curl_addrinfo *Curl_async_getaddrinfo(struct Curl_easy *data, ares->ares_status = ARES_ENOTFOUND; ares->result = CURLE_OK; -#if ARES_VERSION >= 0x011800 /* >= v1.24.0 */ +#if !defined(CURL_DISABLE_VERBOSE_STRINGS) && \ + ARES_VERSION >= 0x011800 /* >= v1.24.0 */ if(CURL_TRC_DNS_is_verbose(data)) { char *csv = ares_get_servers_csv(ares->channel); CURL_TRC_DNS(data, "asyn-ares: servers=%s", csv); diff --git a/lib/curl_trc.c b/lib/curl_trc.c index 27dc2b3b44..e04c425b32 100644 --- a/lib/curl_trc.c +++ b/lib/curl_trc.c @@ -672,6 +672,11 @@ void Curl_trc_dns(struct Curl_easy *data, const char *fmt, ...) (void)data; (void)fmt; } +void Curl_trc_timer(struct Curl_easy *data, int tid, const char *fmt, ...) +{ + (void)data; (void)tid; (void)fmt; +} + void Curl_trc_read(struct Curl_easy *data, const char *fmt, ...) { (void)data; (void)fmt; diff --git a/lib/multi.c b/lib/multi.c index ae38f5f443..91d2f56d47 100644 --- a/lib/multi.c +++ b/lib/multi.c @@ -1103,6 +1103,7 @@ CURLMcode Curl_multi_pollset(struct Curl_easy *data, Curl_multi_mark_dirty(data); } +#ifndef CURL_DISABLE_VERBOSE_STRINGS if(CURL_TRC_M_is_verbose(data)) { size_t timeout_count = Curl_llist_count(&data->state.timeoutlist); switch(ps->n) { @@ -1137,6 +1138,7 @@ CURLMcode Curl_multi_pollset(struct Curl_easy *data, } CURL_TRC_EASY_TIMERS(data); } +#endif if(expect_sockets && !ps->n && data->multi && !Curl_uint_bset_contains(&data->multi->dirty, data->mid) && @@ -3050,6 +3052,7 @@ static void multi_mark_expired_as_dirty(struct multi_run_ctx *mrc) data = Curl_splayget(t); /* assign this for next loop */ if(!data) continue; +#ifndef CURL_DISABLE_VERBOSE_STRINGS if(CURL_TRC_TIMER_is_verbose(data)) { struct Curl_llist_node *e = Curl_llist_head(&data->state.timeoutlist); if(e) { @@ -3057,6 +3060,7 @@ static void multi_mark_expired_as_dirty(struct multi_run_ctx *mrc) CURL_TRC_TIMER(data, n->eid, "has expired"); } } +#endif (void)add_next_timeout(mrc->now, multi, data); Curl_multi_mark_dirty(data); } @@ -3329,7 +3333,9 @@ static CURLMcode multi_timeout(struct Curl_multi *multi, long *timeout_ms) { static const struct curltime tv_zero = {0, 0}; +#ifndef CURL_DISABLE_VERBOSE_STRINGS struct Curl_easy *data = NULL; +#endif if(multi->dead) { *timeout_ms = 0; @@ -3357,15 +3363,19 @@ static CURLMcode multi_timeout(struct Curl_multi *multi, curlx_timediff_us(multi->timetree->key, now) > 0) { /* some time left before expiration */ timediff_t diff = curlx_timediff_ceil(multi->timetree->key, now); +#ifndef CURL_DISABLE_VERBOSE_STRINGS data = Curl_splayget(multi->timetree); +#endif /* this should be safe even on 32-bit archs, as we do not use that overly long timeouts */ *timeout_ms = (long)diff; } else { +#ifndef CURL_DISABLE_VERBOSE_STRINGS if(multi->timetree) { data = Curl_splayget(multi->timetree); } +#endif /* 0 means immediately */ *timeout_ms = 0; } @@ -3375,6 +3385,7 @@ static CURLMcode multi_timeout(struct Curl_multi *multi, *timeout_ms = -1; } +#ifndef CURL_DISABLE_VERBOSE_STRINGS if(data && CURL_TRC_TIMER_is_verbose(data)) { struct Curl_llist_node *e = Curl_llist_head(&data->state.timeoutlist); @@ -3384,6 +3395,7 @@ static CURLMcode multi_timeout(struct Curl_multi *multi, *timeout_ms); } } +#endif return CURLM_OK; } From 632c5ee8971e3ff1293367d9d034975f068aa4fa Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 1 Oct 2025 22:36:08 +0200 Subject: [PATCH 0238/2408] runtests: tag tests that require curl verbose strings To skip them when curl has verbose strings disabled, instead of failing. Cherry-picked from #18797 Closes #18800 --- tests/data/test1007 | 3 +++ tests/data/test1287 | 1 + tests/data/test1506 | 3 +++ tests/data/test1538 | 3 +++ tests/data/test1542 | 3 +++ tests/data/test1559 | 1 + tests/data/test1652 | 1 + tests/data/test2402 | 1 + tests/data/test2404 | 1 + tests/data/test2502 | 1 + 10 files changed, 18 insertions(+) diff --git a/tests/data/test1007 b/tests/data/test1007 index 603d4c6390..ca12808626 100644 --- a/tests/data/test1007 +++ b/tests/data/test1007 @@ -13,6 +13,9 @@ FAILURE tftp + +verbose-strings + TFTP send with invalid permission on server diff --git a/tests/data/test1287 b/tests/data/test1287 index 48d71038ad..c9d2a6cb2d 100644 --- a/tests/data/test1287 +++ b/tests/data/test1287 @@ -62,6 +62,7 @@ HTTP over proxy-tunnel ignore TE and CL in CONNECT 2xx responses proxy +verbose-strings diff --git a/tests/data/test1506 b/tests/data/test1506 index ed95e3be6f..af581ae6bf 100644 --- a/tests/data/test1506 +++ b/tests/data/test1506 @@ -48,6 +48,9 @@ file contents should appear once for each file http + +verbose-strings + lib%TESTNUMBER diff --git a/tests/data/test1538 b/tests/data/test1538 index bbae00f0e9..df8aca936f 100644 --- a/tests/data/test1538 +++ b/tests/data/test1538 @@ -13,6 +13,9 @@ verbose logs # Client-side + +verbose-strings + lib%TESTNUMBER diff --git a/tests/data/test1542 b/tests/data/test1542 index 656af421df..e9061a8f2b 100644 --- a/tests/data/test1542 +++ b/tests/data/test1542 @@ -23,6 +23,9 @@ Content-Length: 0 http + +verbose-strings + lib%TESTNUMBER diff --git a/tests/data/test1559 b/tests/data/test1559 index cf4b13d4a2..981e46f9f1 100644 --- a/tests/data/test1559 +++ b/tests/data/test1559 @@ -14,6 +14,7 @@ verbose logs # require HTTP so that CURLOPT_POSTFIELDS works as assumed http +verbose-strings lib%TESTNUMBER diff --git a/tests/data/test1652 b/tests/data/test1652 index face77c981..848d5ca5b5 100644 --- a/tests/data/test1652 +++ b/tests/data/test1652 @@ -9,6 +9,7 @@ infof unittest +verbose-strings infof diff --git a/tests/data/test2402 b/tests/data/test2402 index 4e08e45ac4..5133a0944a 100644 --- a/tests/data/test2402 +++ b/tests/data/test2402 @@ -49,6 +49,7 @@ file contents should appear once for each file http/2 SSL +verbose-strings http/2 diff --git a/tests/data/test2404 b/tests/data/test2404 index 13e48c8be5..881a32120f 100644 --- a/tests/data/test2404 +++ b/tests/data/test2404 @@ -49,6 +49,7 @@ file contents should appear once for each file http/2 SSL +verbose-strings http/2 diff --git a/tests/data/test2502 b/tests/data/test2502 index f7822e8c26..8625ee7b74 100644 --- a/tests/data/test2502 +++ b/tests/data/test2502 @@ -48,6 +48,7 @@ file contents should appear once for each file http/3 +verbose-strings http/3 From 34dc762ceff13250a2338242dfea6f9ce7f061fd Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 1 Oct 2025 23:27:45 +0200 Subject: [PATCH 0239/2408] pytest: skip specific tests for no-verbose builds Detect via curlinfo if curl has verbose strings disabled, and skip tests that require it. Also: - cmake: make pytests depend on curlinfo. Cherry-picked from #18797 Closes #18801 --- tests/CMakeLists.txt | 6 +++--- tests/http/test_02_download.py | 5 +++++ tests/http/test_06_eyeballs.py | 1 + tests/http/test_10_proxy.py | 8 ++++++++ tests/http/test_13_proxy_auth.py | 2 ++ tests/http/test_15_tracing.py | 2 ++ tests/http/test_17_ssl_use.py | 1 + tests/http/test_19_shutdown.py | 8 ++++++++ tests/http/test_30_vsftpd.py | 2 ++ tests/http/test_31_vsftpds.py | 2 ++ tests/http/test_32_ftps_vsftpd.py | 2 ++ tests/http/testenv/env.py | 12 ++++++++++++ 12 files changed, 48 insertions(+), 3 deletions(-) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 8bfca21ca6..2b12cef83b 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -31,7 +31,7 @@ configure_file("config.in" "${CMAKE_CURRENT_BINARY_DIR}/config" @ONLY) add_custom_target(testdeps) if(BUILD_CURL_EXE) - add_dependencies(testdeps curlinfo) + add_dependencies(testdeps "curlinfo") endif() if(CURL_CLANG_TIDY) @@ -57,7 +57,7 @@ function(curl_add_runtests _targetname _test_flags) # skipping them, MSBuild doing a re-evaluation, and actually rebuilding them. if(NOT _targetname STREQUAL "test-ci") if(BUILD_CURL_EXE) - list(APPEND _depends ${EXE_NAME}) + list(APPEND _depends "${EXE_NAME}") endif() list(APPEND _depends "testdeps") endif() @@ -86,7 +86,7 @@ function(curl_add_pytests _targetname _test_flags) set(_depends "") if(NOT _targetname STREQUAL "pytest-ci") if(BUILD_CURL_EXE) - list(APPEND _depends ${EXE_NAME}) + list(APPEND _depends "${EXE_NAME}" "curlinfo") endif() list(APPEND _depends "libtests") endif() diff --git a/tests/http/test_02_download.py b/tests/http/test_02_download.py index 4ec781148c..89bf7e1ab1 100644 --- a/tests/http/test_02_download.py +++ b/tests/http/test_02_download.py @@ -600,6 +600,7 @@ class TestDownload: # nghttpx is the only server we have that supports TLS early data @pytest.mark.skipif(condition=not Env.have_nghttpx(), reason="no nghttpx") @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug") + @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings") @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3']) def test_02_32_earlydata(self, env: Env, httpd, nghttpx, proto): if not env.curl_can_early_data(): @@ -654,6 +655,8 @@ class TestDownload: def test_02_33_max_host_conns(self, env: Env, httpd, nghttpx, proto, max_host_conns): if not env.curl_is_debug(): pytest.skip('only works for curl debug builds') + if not env.curl_is_verbose(): + pytest.skip('only works for curl with verbose strings') if proto == 'h3' and not env.have_h3(): pytest.skip("h3 not supported") count = 50 @@ -692,6 +695,8 @@ class TestDownload: def test_02_34_max_total_conns(self, env: Env, httpd, nghttpx, proto, max_total_conns): if not env.curl_is_debug(): pytest.skip('only works for curl debug builds') + if not env.curl_is_verbose(): + pytest.skip('only works for curl with verbose strings') if proto == 'h3' and not env.have_h3(): pytest.skip("h3 not supported") count = 50 diff --git a/tests/http/test_06_eyeballs.py b/tests/http/test_06_eyeballs.py index d05eb3c7da..7d26774476 100644 --- a/tests/http/test_06_eyeballs.py +++ b/tests/http/test_06_eyeballs.py @@ -105,6 +105,7 @@ class TestEyeballs: # check timers when trying 3 unresponsive addresses @pytest.mark.skipif(condition=not Env.curl_has_feature('IPv6'), reason='curl lacks ipv6 support') + @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings") def test_06_13_timers(self, env: Env): curl = CurlClient(env=env) # ipv6 0100::/64 is supposed to go into the void (rfc6666) diff --git a/tests/http/test_10_proxy.py b/tests/http/test_10_proxy.py index e61284a4ca..592acbd60c 100644 --- a/tests/http/test_10_proxy.py +++ b/tests/http/test_10_proxy.py @@ -151,6 +151,7 @@ class TestProxy: @pytest.mark.parametrize("tunnel", ['http/1.1', 'h2']) @pytest.mark.skipif(condition=not Env.have_nghttpx(), reason="no nghttpx available") @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug") + @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings") def test_10_06_proxytunnel_https(self, env: Env, httpd, nghttpx_fwd, proto, tunnel): if tunnel == 'h2' and not env.curl_uses_lib('nghttp2'): pytest.skip('only supported with nghttp2') @@ -169,6 +170,7 @@ class TestProxy: # download many https: with proto via https: proxytunnel @pytest.mark.skipif(condition=not Env.have_ssl_curl(), reason="curl without SSL") @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug") + @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings") @pytest.mark.parametrize("proto", ['http/1.1', 'h2']) @pytest.mark.parametrize("tunnel", ['http/1.1', 'h2']) @pytest.mark.parametrize("fname, fcount", [ @@ -209,6 +211,7 @@ class TestProxy: ['data-1m', 5] ]) @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug") + @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings") @pytest.mark.skipif(condition=not Env.have_nghttpx(), reason="no nghttpx available") def test_10_08_upload_seq_large(self, env: Env, httpd, nghttpx, proto, tunnel, fname, fcount): @@ -236,6 +239,7 @@ class TestProxy: @pytest.mark.parametrize("tunnel", ['http/1.1', 'h2']) @pytest.mark.skipif(condition=not Env.have_nghttpx(), reason="no nghttpx available") @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug") + @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings") def test_10_09_reuse_server(self, env: Env, httpd, nghttpx_fwd, tunnel): if tunnel == 'h2' and not env.curl_uses_lib('nghttp2'): pytest.skip('only supported with nghttp2') @@ -259,6 +263,7 @@ class TestProxy: @pytest.mark.parametrize("tunnel", ['http/1.1', 'h2']) @pytest.mark.skipif(condition=not Env.have_nghttpx(), reason="no nghttpx available") @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug") + @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings") def test_10_10_reuse_proxy(self, env: Env, httpd, nghttpx_fwd, tunnel): # url twice via https: proxy separated with '--next', will reuse if tunnel == 'h2' and not env.curl_uses_lib('nghttp2'): @@ -287,6 +292,7 @@ class TestProxy: @pytest.mark.skipif(condition=not Env.have_nghttpx(), reason="no nghttpx available") @pytest.mark.skipif(condition=not Env.curl_uses_lib('openssl'), reason="tls13-ciphers not supported") @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug") + @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings") def test_10_11_noreuse_proxy_https(self, env: Env, httpd, nghttpx_fwd, tunnel): # different --proxy-tls13-ciphers, no reuse of connection for https: curl = CurlClient(env=env) @@ -313,6 +319,7 @@ class TestProxy: @pytest.mark.skipif(condition=not Env.have_nghttpx(), reason="no nghttpx available") @pytest.mark.skipif(condition=not Env.curl_uses_lib('openssl'), reason="tls13-ciphers not supported") @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug") + @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings") def test_10_12_noreuse_proxy_http(self, env: Env, httpd, nghttpx_fwd, tunnel): # different --proxy-tls13-ciphers, no reuse of connection for http: if tunnel == 'h2' and not env.curl_uses_lib('nghttp2'): @@ -339,6 +346,7 @@ class TestProxy: @pytest.mark.skipif(condition=not Env.have_nghttpx(), reason="no nghttpx available") @pytest.mark.skipif(condition=not Env.curl_uses_lib('openssl'), reason="tls13-ciphers not supported") @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug") + @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings") def test_10_13_noreuse_https(self, env: Env, httpd, nghttpx_fwd, tunnel): # different --tls13-ciphers on https: same proxy config if tunnel == 'h2' and not env.curl_uses_lib('nghttp2'): diff --git a/tests/http/test_13_proxy_auth.py b/tests/http/test_13_proxy_auth.py index fe45ae40ec..1f7c41e2dd 100644 --- a/tests/http/test_13_proxy_auth.py +++ b/tests/http/test_13_proxy_auth.py @@ -120,6 +120,7 @@ class TestProxyAuth: @pytest.mark.skipif(condition=not Env.curl_has_feature('HTTPS-proxy'), reason='curl lacks HTTPS-proxy support') @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug") + @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings") @pytest.mark.parametrize("proto", ['http/1.1', 'h2']) @pytest.mark.parametrize("tunnel", ['http/1.1', 'h2']) def test_13_07_tunnels_no_auth(self, env: Env, httpd, configures_httpd, nghttpx_fwd, proto, tunnel): @@ -139,6 +140,7 @@ class TestProxyAuth: @pytest.mark.skipif(condition=not Env.curl_has_feature('HTTPS-proxy'), reason='curl lacks HTTPS-proxy support') @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug") + @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings") @pytest.mark.parametrize("proto", ['http/1.1', 'h2']) @pytest.mark.parametrize("tunnel", ['http/1.1', 'h2']) def test_13_08_tunnels_auth(self, env: Env, httpd, configures_httpd, nghttpx_fwd, proto, tunnel): diff --git a/tests/http/test_15_tracing.py b/tests/http/test_15_tracing.py index 7e7d55de71..c94827aa4f 100644 --- a/tests/http/test_15_tracing.py +++ b/tests/http/test_15_tracing.py @@ -77,6 +77,8 @@ class TestTracing: # trace all def test_15_04_trace_all(self, env: Env, httpd): + if not env.curl_is_verbose(): + pytest.skip('only works for curl with verbose strings') curl = CurlClient(env=env) url = f'http://{env.domain1}:{env.http_port}/data.json' r = curl.http_get(url=url, def_tracing=False, extra_args=[ diff --git a/tests/http/test_17_ssl_use.py b/tests/http/test_17_ssl_use.py index 33dd50e939..b346281dfc 100644 --- a/tests/http/test_17_ssl_use.py +++ b/tests/http/test_17_ssl_use.py @@ -367,6 +367,7 @@ class TestSSLUse: assert r.exit_code != 0, f'should fail, server={server_ver:04x}, curl=[{curl_min_ver:04x}, {curl_max_ver:04x}]\n{r.dump_logs()}' @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug") + @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings") def test_17_10_h3_session_reuse(self, env: Env, httpd, nghttpx): if not env.have_h3(): pytest.skip("h3 not supported") diff --git a/tests/http/test_19_shutdown.py b/tests/http/test_19_shutdown.py index 9b3a6c90e9..a0167549fd 100644 --- a/tests/http/test_19_shutdown.py +++ b/tests/http/test_19_shutdown.py @@ -90,6 +90,8 @@ class TestShutdown: def test_19_03_shutdown_by_server(self, env: Env, httpd, proto): if not env.curl_is_debug(): pytest.skip('only works for curl debug builds') + if not env.curl_is_verbose(): + pytest.skip('only works for curl with verbose strings') count = 10 curl = CurlClient(env=env, run_env={ 'CURL_GRACEFUL_SHUTDOWN': '2000', @@ -109,6 +111,8 @@ class TestShutdown: def test_19_04_shutdown_by_curl(self, env: Env, httpd, proto): if not env.curl_is_debug(): pytest.skip('only works for curl debug builds') + if not env.curl_is_verbose(): + pytest.skip('only works for curl with verbose strings') count = 10 docname = 'data.json' url = f'https://localhost:{env.https_port}/{docname}' @@ -132,6 +136,8 @@ class TestShutdown: def test_19_05_event_shutdown_by_server(self, env: Env, httpd, proto): if not env.curl_is_debug(): pytest.skip('only works for curl debug builds') + if not env.curl_is_verbose(): + pytest.skip('only works for curl with verbose strings') count = 10 run_env = os.environ.copy() # forbid connection reuse to trigger shutdowns after transfer @@ -162,6 +168,8 @@ class TestShutdown: pytest.skip("h3 not supported") if not env.curl_is_debug(): pytest.skip('only works for curl debug builds') + if not env.curl_is_verbose(): + pytest.skip('only works for curl with verbose strings') curl = CurlClient(env=env, run_env={ 'CURL_GRACEFUL_SHUTDOWN': '2000', 'CURL_DEBUG': 'all' diff --git a/tests/http/test_30_vsftpd.py b/tests/http/test_30_vsftpd.py index 5f294fdfc8..bffeae35cf 100644 --- a/tests/http/test_30_vsftpd.py +++ b/tests/http/test_30_vsftpd.py @@ -141,6 +141,7 @@ class TestVsFTPD: # check with `tcpdump` if curl causes any TCP RST packets @pytest.mark.skipif(condition=not Env.tcpdump(), reason="tcpdump not available") @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug") + @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings") def test_30_06_shutdownh_download(self, env: Env, vsftpd: VsFTPD): docname = 'data-1k' curl = CurlClient(env=env) @@ -158,6 +159,7 @@ class TestVsFTPD: # check with `tcpdump` if curl causes any TCP RST packets @pytest.mark.skipif(condition=not Env.tcpdump(), reason="tcpdump not available") @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug") + @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings") def test_30_07_shutdownh_upload(self, env: Env, vsftpd: VsFTPD): docname = 'upload-1k' curl = CurlClient(env=env) diff --git a/tests/http/test_31_vsftpds.py b/tests/http/test_31_vsftpds.py index a3a9e66ca5..f7e32cb77b 100644 --- a/tests/http/test_31_vsftpds.py +++ b/tests/http/test_31_vsftpds.py @@ -148,6 +148,7 @@ class TestVsFTPD: # check with `tcpdump` if curl causes any TCP RST packets @pytest.mark.skipif(condition=not Env.tcpdump(), reason="tcpdump not available") @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug") + @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings") def test_31_06_shutdownh_download(self, env: Env, vsftpds: VsFTPD): docname = 'data-1k' curl = CurlClient(env=env) @@ -164,6 +165,7 @@ class TestVsFTPD: # check with `tcpdump` if curl causes any TCP RST packets @pytest.mark.skipif(condition=not Env.tcpdump(), reason="tcpdump not available") @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug") + @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings") def test_31_07_shutdownh_upload(self, env: Env, vsftpds: VsFTPD): docname = 'upload-1k' curl = CurlClient(env=env) diff --git a/tests/http/test_32_ftps_vsftpd.py b/tests/http/test_32_ftps_vsftpd.py index 4a28612242..46690a8435 100644 --- a/tests/http/test_32_ftps_vsftpd.py +++ b/tests/http/test_32_ftps_vsftpd.py @@ -160,6 +160,7 @@ class TestFtpsVsFTPD: # check with `tcpdump` if curl causes any TCP RST packets @pytest.mark.skipif(condition=not Env.tcpdump(), reason="tcpdump not available") @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug") + @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings") def test_32_06_shutdownh_download(self, env: Env, vsftpds: VsFTPD): docname = 'data-1k' curl = CurlClient(env=env) @@ -176,6 +177,7 @@ class TestFtpsVsFTPD: # check with `tcpdump` if curl causes any TCP RST packets @pytest.mark.skipif(condition=not Env.tcpdump(), reason="tcpdump not available") @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug") + @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings") def test_32_07_shutdownh_upload(self, env: Env, vsftpds: VsFTPD): docname = 'upload-1k' curl = CurlClient(env=env) diff --git a/tests/http/testenv/env.py b/tests/http/testenv/env.py index ad1173a984..0cd9101342 100644 --- a/tests/http/testenv/env.py +++ b/tests/http/testenv/env.py @@ -64,6 +64,7 @@ if not os.path.exists(CONFIG_PATH): CONFIG_PATH = ALT_CONFIG_PATH DEF_CONFIG = init_config_from(CONFIG_PATH) CURL = os.path.join(TOP_PATH, 'src', 'curl') +CURLINFO = os.path.join(TOP_PATH, 'src', 'curlinfo') class NghttpxUtil: @@ -110,6 +111,7 @@ class EnvConfig: self.config = DEF_CONFIG # check cur and its features self.curl = CURL + self.curlinfo = CURLINFO if 'CURL' in os.environ: self.curl = os.environ['CURL'] self.curl_props = { @@ -157,6 +159,12 @@ class EnvConfig: prot.lower() for prot in line[11:].split(' ') } + p = subprocess.run(args=[self.curlinfo], + capture_output=True, text=True) + if p.returncode != 0: + raise RuntimeError(f'{self.curlinfo} failed with exit code: {p.returncode}') + self.curl_is_verbose = 'verbose-strings: ON' in p.stdout + self.ports = {} self.httpd = self.config['httpd']['httpd'] @@ -462,6 +470,10 @@ class Env: def curl_is_debug() -> bool: return Env.CONFIG.curl_is_debug + @staticmethod + def curl_is_verbose() -> bool: + return Env.CONFIG.curl_is_verbose + @staticmethod def curl_can_early_data() -> bool: if Env.curl_uses_lib('gnutls'): From e49698925c7f90e8f1e70c2a71fb5d2b67918409 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 2 Oct 2025 11:31:52 +0200 Subject: [PATCH 0240/2408] tool_progress: make max5data() use an algorithm Instead of a list of conditions. Makes a unified decimal output when the value is less than 100. Prepares for > 64 bit data type. Closes #18807 --- src/tool_progress.c | 60 ++++++++++++++++----------------------------- 1 file changed, 21 insertions(+), 39 deletions(-) diff --git a/src/tool_progress.c b/src/tool_progress.c index aae2ff68b1..b03fbf16a1 100644 --- a/src/tool_progress.c +++ b/src/tool_progress.c @@ -31,48 +31,30 @@ Add suffix k, M, G when suitable... */ static char *max5data(curl_off_t bytes, char *max5) { -#define ONE_KILOBYTE (curl_off_t)1024 -#define ONE_MEGABYTE (1024 * ONE_KILOBYTE) -#define ONE_GIGABYTE (1024 * ONE_MEGABYTE) -#define ONE_TERABYTE (1024 * ONE_GIGABYTE) -#define ONE_PETABYTE (1024 * ONE_TERABYTE) - + /* a signed 64-bit value is 8192 petabytes maximum */ + const char unit[] = { 'k', 'M', 'G', 'T', 'P', 0 }; + int k = 0; if(bytes < 100000) msnprintf(max5, 6, "%5" CURL_FORMAT_CURL_OFF_T, bytes); - else if(bytes < 10000 * ONE_KILOBYTE) - msnprintf(max5, 6, "%4" CURL_FORMAT_CURL_OFF_T "k", bytes/ONE_KILOBYTE); - - else if(bytes < 100 * ONE_MEGABYTE) - /* 'XX.XM' is good as long as we are less than 100 megs */ - msnprintf(max5, 6, "%2" CURL_FORMAT_CURL_OFF_T ".%0" - CURL_FORMAT_CURL_OFF_T "M", bytes/ONE_MEGABYTE, - (bytes%ONE_MEGABYTE) / (ONE_MEGABYTE/10) ); - - else if(bytes < 10000 * ONE_MEGABYTE) - /* 'XXXXM' is good until we are at 10000MB or above */ - msnprintf(max5, 6, "%4" CURL_FORMAT_CURL_OFF_T "M", bytes/ONE_MEGABYTE); - - else if(bytes < 100 * ONE_GIGABYTE) - /* 10000 MB - 100 GB, we show it as XX.XG */ - msnprintf(max5, 6, "%2" CURL_FORMAT_CURL_OFF_T ".%0" - CURL_FORMAT_CURL_OFF_T "G", bytes/ONE_GIGABYTE, - (bytes%ONE_GIGABYTE) / (ONE_GIGABYTE/10) ); - - else if(bytes < 10000 * ONE_GIGABYTE) - /* up to 10000GB, display without decimal: XXXXG */ - msnprintf(max5, 6, "%4" CURL_FORMAT_CURL_OFF_T "G", bytes/ONE_GIGABYTE); - - else if(bytes < 10000 * ONE_TERABYTE) - /* up to 10000TB, display without decimal: XXXXT */ - msnprintf(max5, 6, "%4" CURL_FORMAT_CURL_OFF_T "T", bytes/ONE_TERABYTE); - - else - /* up to 10000PB, display without decimal: XXXXP */ - msnprintf(max5, 6, "%4" CURL_FORMAT_CURL_OFF_T "P", bytes/ONE_PETABYTE); - - /* 16384 petabytes (16 exabytes) is the maximum a 64-bit unsigned number can - hold, but our data type is signed so 8192PB will be the maximum. */ + do { + curl_off_t nbytes = bytes / 1024; + if(nbytes < 100) { + /* display with a decimal */ + msnprintf(max5, 6, "%2" CURL_FORMAT_CURL_OFF_T ".%0" + CURL_FORMAT_CURL_OFF_T "%c", bytes/1024, + (bytes%1024) / (1024/10), unit[k]); + break; + } + else if(nbytes < 10000) { + /* no decimals */ + msnprintf(max5, 6, "%4" CURL_FORMAT_CURL_OFF_T "%c", nbytes, unit[k]); + break; + } + bytes = nbytes; + k++; + DEBUGASSERT(unit[k]); + } while(unit[k]); return max5; } From 7f0fd14d9f6b1c28b3b3e2276e4937a24ec3997e Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 2 Oct 2025 10:20:59 +0200 Subject: [PATCH 0241/2408] tool_getparam: always disable "lib-ids" for tracing Since the tool code itself adds the ids (controlled with "ids"), getting them (also) added by the library adds nothing good. Always disable the lib-ids even when "--trace-config all" is selected. Also: change "== Info:" into just "* " to reduce output redundancy. Ref: #18755 Reported-by: Alice Lee Poetics Closes #18805 --- src/tool_cb_dbg.c | 2 +- src/tool_getparam.c | 9 ++++++--- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/src/tool_cb_dbg.c b/src/tool_cb_dbg.c index b454f5ca9b..d9aa1ff07a 100644 --- a/src/tool_cb_dbg.c +++ b/src/tool_cb_dbg.c @@ -201,7 +201,7 @@ int tool_debug_cb(CURL *handle, curl_infotype type, switch(type) { case CURLINFO_TEXT: - fprintf(output, "%s%s== Info: %.*s", timebuf, idsbuf, (int)size, data); + fprintf(output, "%s%s* %.*s", timebuf, idsbuf, (int)size, data); FALLTHROUGH(); default: /* in case a new one is introduced to shock us */ return 0; diff --git a/src/tool_getparam.c b/src/tool_getparam.c index 60b3b30ad4..0fdd6373e5 100644 --- a/src/tool_getparam.c +++ b/src/tool_getparam.c @@ -736,7 +736,10 @@ static CURLcode set_trace_config(const char *token) if((len == 3) && curl_strnequal(name, "all", 3)) { global->traceids = toggle; global->tracetime = toggle; - result = curl_global_trace(token); + if(toggle) + result = curl_global_trace("all,-lib-ids"); + else + result = curl_global_trace(token); if(result) goto out; } @@ -747,8 +750,8 @@ static CURLcode set_trace_config(const char *token) global->tracetime = toggle; } else { - char buffer[32]; - msnprintf(buffer, sizeof(buffer), "%c%.*s", toggle ? '+' : '-', + char buffer[64]; + msnprintf(buffer, sizeof(buffer), "%c%.*s,-lib-ids", toggle ? '+' : '-', (int)len, name); result = curl_global_trace(buffer); if(result) From ea4ba6d9ef21a271bfbccedb0456d09a1ed57173 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 2 Oct 2025 08:30:52 +0200 Subject: [PATCH 0242/2408] lib: remove personal names from comments - it's just too random who got mentioned - we can't mention all, so better consistently mention none - make sure they all are mentioned in THANKS - also remove some unnecessary comment ramblings Closes #18803 --- docs/THANKS | 2 ++ lib/cf-socket.c | 4 ++-- lib/curlx/inet_ntop.c | 3 --- lib/if2ip.h | 3 +-- lib/md4.c | 12 ------------ lib/md5.c | 12 ------------ lib/sha256.c | 4 ++-- lib/vtls/openssl.c | 19 +++++++------------ 8 files changed, 14 insertions(+), 45 deletions(-) diff --git a/docs/THANKS b/docs/THANKS index b5a838f57d..97f9999b08 100644 --- a/docs/THANKS +++ b/docs/THANKS @@ -3245,6 +3245,7 @@ Tommy Tam Tom Regner Tom Seddon Tom Sparrow +Tom St Denis Tom van der Woerdt Tom Wright tomy2105 on github @@ -3317,6 +3318,7 @@ VictorVG on github Victor Vieux Vijay Panghal Vikram Saxena +Viktor Dukhovni Viktor Petersson Viktor Szakats Vilhelm Prytz diff --git a/lib/cf-socket.c b/lib/cf-socket.c index 1fabf0ea0b..8ed1116c07 100644 --- a/lib/cf-socket.c +++ b/lib/cf-socket.c @@ -821,8 +821,8 @@ static bool verifyconnect(curl_socket_t sockfd, int *error) * In October 2003 we effectively nullified this function on Windows due to * problems with it using all CPU in multi-threaded cases. * - * In May 2004, we bring it back to offer more info back on connect failures. - * Gisle Vanem could reproduce the former problems with this function, but + * In May 2004, we brought it back to offer more info back on connect + * failures. We could reproduce the former problems with this function, but * could avoid them by adding this SleepEx() call below: * * "I do not have Rational Quantify, but the hint from his post was diff --git a/lib/curlx/inet_ntop.c b/lib/curlx/inet_ntop.c index 3f8bcbf366..884cfb79c2 100644 --- a/lib/curlx/inet_ntop.c +++ b/lib/curlx/inet_ntop.c @@ -16,9 +16,6 @@ * * SPDX-License-Identifier: ISC */ -/* - * Original code by Paul Vixie. "curlified" by Gisle Vanem. - */ #include "../curl_setup.h" diff --git a/lib/if2ip.h b/lib/if2ip.h index f4b2f4c15d..b33e41aebd 100644 --- a/lib/if2ip.h +++ b/lib/if2ip.h @@ -73,8 +73,7 @@ struct ifreq { } ifr_ifru; }; -/* This define was added by Daniel to avoid an extra #ifdef INTERIX in the - C code. */ +/* This define exists to avoid an extra #ifdef INTERIX in the C code. */ #define ifr_name ifr_ifrn.ifrn_name /* interface name */ #define ifr_addr ifr_ifru.ifru_addr /* address */ diff --git a/lib/md4.c b/lib/md4.c index b30881213e..241aadf14e 100644 --- a/lib/md4.c +++ b/lib/md4.c @@ -247,18 +247,6 @@ static void MD4_Final(unsigned char *result, MD4_CTX *ctx) * There is ABSOLUTELY NO WARRANTY, express or implied. * * (This is a heavily cut-down "BSD license".) - * - * This differs from Colin Plumb's older public domain implementation in that - * no exactly 32-bit integer data type is required (any 32-bit or wider - * unsigned integer data type will do), there is no compile-time endianness - * configuration, and the function prototypes match OpenSSL's. No code from - * Colin Plumb's implementation has been reused; this comment merely compares - * the properties of the two independent implementations. - * - * The primary goals of this implementation are portability and ease of use. - * It is meant to be fast, but not as fast as possible. Some known - * optimizations are not included to reduce source code size and avoid - * compile-time configuration. */ /* Any 32-bit or wider unsigned integer data type will do */ diff --git a/lib/md5.c b/lib/md5.c index e5cc4088da..e7d42ec1c0 100644 --- a/lib/md5.c +++ b/lib/md5.c @@ -282,18 +282,6 @@ static void my_md5_final(unsigned char *digest, void *in) * There is ABSOLUTELY NO WARRANTY, express or implied. * * (This is a heavily cut-down "BSD license".) - * - * This differs from Colin Plumb's older public domain implementation in that - * no exactly 32-bit integer data type is required (any 32-bit or wider - * unsigned integer data type will do), there is no compile-time endianness - * configuration, and the function prototypes match OpenSSL's. No code from - * Colin Plumb's implementation has been reused; this comment merely compares - * the properties of the two independent implementations. - * - * The primary goals of this implementation are portability and ease of use. - * It is meant to be fast, but not as fast as possible. Some known - * optimizations are not included to reduce source code size and avoid - * compile-time configuration. */ /* Any 32-bit or wider unsigned integer data type will do */ diff --git a/lib/sha256.c b/lib/sha256.c index 6f519add58..c5ed8b9c8f 100644 --- a/lib/sha256.c +++ b/lib/sha256.c @@ -231,8 +231,8 @@ static void my_sha256_final(unsigned char *digest, void *in) /* When no other crypto library is available we use this code segment */ -/* This is based on SHA256 implementation in LibTomCrypt that was released into - * public domain by Tom St Denis. */ +/* This is based on the SHA256 implementation in LibTomCrypt that was released + * into public domain. */ #define WPA_GET_BE32(a) ((((unsigned long)(a)[0]) << 24) | \ (((unsigned long)(a)[1]) << 16) | \ diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 36818daa9e..01c0b5513c 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -1773,8 +1773,6 @@ static CURLcode client_cert(struct Curl_easy *data, x509 = SSL_get_certificate(ssl); - /* This version was provided by Evan Jordan and is supposed to not - leak memory as the previous version: */ if(x509) { EVP_PKEY *pktmp = X509_get_pubkey(x509); EVP_PKEY_copy_parameters(pktmp, SSL_get_privatekey(ssl)); @@ -2931,10 +2929,9 @@ ossl_set_ssl_version_min_max(struct Curl_cfilter *cf, SSL_CTX *ctx, case CURL_SSLVERSION_MAX_NONE: /* none selected */ case CURL_SSLVERSION_MAX_DEFAULT: /* max selected */ default: - /* SSL_CTX_set_max_proto_version states that: - setting the maximum to 0 will enable - protocol versions up to the highest version - supported by the library */ + /* SSL_CTX_set_max_proto_version states that: setting the maximum to 0 + will enable protocol versions up to the highest version supported by + the library */ ossl_ssl_version_max = 0; break; } @@ -3291,9 +3288,9 @@ static CURLcode import_windows_cert_store(struct Curl_easy *data, if(!x509) continue; - /* Try to import the certificate. This may fail for legitimate - reasons such as duplicate certificate, which is allowed by MS but - not OpenSSL. */ + /* Try to import the certificate. This may fail for legitimate reasons + such as duplicate certificate, which is allowed by MS but not + OpenSSL. */ if(X509_STORE_add_cert(store, x509) == 1) { #if defined(DEBUGBUILD) && !defined(CURL_DISABLE_VERBOSE_STRINGS) infof(data, "SSL: Imported cert"); @@ -4721,9 +4718,7 @@ static CURLcode ossl_pkp_pin_peer_pubkey(struct Curl_easy *data, X509* cert, return result; do { - /* Begin Gyrations to get the subjectPublicKeyInfo */ - /* Thanks to Viktor Dukhovni on the OpenSSL mailing list */ - + /* Get the subjectPublicKeyInfo */ /* https://groups.google.com/group/mailing.openssl.users/browse_thread/thread/d61858dae102c6c7 */ len1 = i2d_X509_PUBKEY(X509_get_X509_PUBKEY(cert), NULL); if(len1 < 1) From dba87aea7d0a54a6a8318363a397dcf9c0fd071a Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Thu, 2 Oct 2025 10:23:42 +0200 Subject: [PATCH 0243/2408] multi_ev: remove unnecessary data check that confuses analysers Closes #18804 --- lib/multi_ev.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/multi_ev.c b/lib/multi_ev.c index 49e6e673a0..f43423510f 100644 --- a/lib/multi_ev.c +++ b/lib/multi_ev.c @@ -507,7 +507,7 @@ static CURLMcode mev_assess(struct Curl_multi *multi, goto out; } } - else if(data) + else Curl_multi_pollset(data, &ps, "ev assess"); last_ps = mev_get_last_pollset(data, conn); From af7900fb283dcfe20e628305d53070cd7c1f58ff Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 1 Oct 2025 22:07:37 +0200 Subject: [PATCH 0244/2408] CI: move no-verbose build from Circle CI to existing GHA jobs, with tests To test it in GHA and catch issues at PR time. Before this patch, Circle CI caught them after pushing to master (or non-fork PR branches.) GHA also run runtests, pytests and static analysis on these builds, after this patch. - GHA/linux: enable no-verbose in an existing job. - GHA/linux: enable no-verbose in the H3 scan-build job too. - GHA/macos: enable no-verbose in one build (= 3 jobs with different compilers). - GHA/codeql: enable no-verbose in the MultiSSL Linux build. - circleci: delete openssl no-verbose job in favor of the above. Closes #18797 --- .circleci/config.yml | 21 --------------------- .github/workflows/codeql.yml | 3 ++- .github/workflows/linux.yml | 3 ++- .github/workflows/macos.yml | 2 +- 4 files changed, 5 insertions(+), 24 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 39201708e8..63eae308c4 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -70,15 +70,6 @@ commands: --with-openssl \ || { tail -1000 config.log; false; } - configure-openssl-no-verbose: - steps: - - run: - command: | - autoreconf -fi - ./configure --disable-dependency-tracking --enable-option-checking=fatal --enable-unity --enable-werror \ - --with-openssl --disable-verbose \ - || { tail -1000 config.log; false; } - configure-no-proxy: steps: - run: @@ -139,14 +130,6 @@ jobs: - build - test - no-verbose: - executor: ubuntu - steps: - - checkout - - install-deps - - configure-openssl-no-verbose - - build - no-proxy: executor: ubuntu steps: @@ -216,10 +199,6 @@ workflows: jobs: - no-proxy - openssl-no-verbose: - jobs: - - no-verbose - arm-openssl: jobs: - arm diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 53505673a4..fe33518d8b 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -107,7 +107,8 @@ jobs: export PKG_CONFIG_PATH; PKG_CONFIG_PATH="$(brew --prefix c-ares)/lib/pkgconfig:$(brew --prefix mbedtls)/lib/pkgconfig:$(brew --prefix rustls-ffi)/lib/pkgconfig:$(brew --prefix gsasl)/lib/pkgconfig" cmake -B _bld1 -G Ninja -DENABLE_DEBUG=ON \ -DCURL_USE_GNUTLS=ON -DCURL_USE_MBEDTLS=ON -DCURL_USE_RUSTLS=ON -DCURL_USE_WOLFSSL=ON \ - -DUSE_LIBRTMP=ON -DCURL_USE_GSASL=ON -DCURL_USE_GSSAPI=ON -DUSE_SSLS_EXPORT=ON -DUSE_ECH=ON -DENABLE_ARES=ON + -DUSE_LIBRTMP=ON -DCURL_USE_GSASL=ON -DCURL_USE_GSSAPI=ON -DUSE_SSLS_EXPORT=ON -DUSE_ECH=ON -DENABLE_ARES=ON \ + -DCURL_DISABLE_VERBOSE_STRINGS=ON cmake --build _bld1 cmake --build _bld1 --target curlinfo cmake --build _bld1 --target servers diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 3c827ae34b..3cdb9a47cd 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -156,7 +156,7 @@ jobs: - name: 'openssl arm' install_steps: pytest - configure: CFLAGS=-std=gnu89 --with-openssl --enable-debug + configure: CFLAGS=-std=gnu89 --with-openssl --enable-debug --disable-verbose image: 'ubuntu-24.04-arm' - name: 'openssl -O3 libssh valgrind' @@ -252,6 +252,7 @@ jobs: --with-openssl=/home/linuxbrew/.linuxbrew/opt/openssl --with-ngtcp2 --with-nghttp3= --with-libidn2 --enable-httpsrr --enable-ares --disable-debug --disable-unity + --disable-verbose - name: 'address-sanitizer' install_packages: clang libssl-dev libssh-dev libidn2-dev libnghttp2-dev libubsan1 libasan8 libtsan2 diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index b0f958d70c..a321d28b33 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -277,7 +277,7 @@ jobs: # cmake - name: 'OpenSSL gsasl rtmp AppleIDN' install: libnghttp3 libngtcp2 gsasl rtmpdump - generate: -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl -DCURL_USE_GSASL=ON -DUSE_LIBRTMP=ON -DUSE_APPLE_IDN=ON -DUSE_NGTCP2=ON + generate: -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl -DCURL_USE_GSASL=ON -DUSE_LIBRTMP=ON -DUSE_APPLE_IDN=ON -DUSE_NGTCP2=ON -DCURL_DISABLE_VERBOSE_STRINGS=ON - name: 'MultiSSL AppleIDN clang-tidy +examples' compiler: clang install: llvm brotli zstd gnutls nettle libressl krb5 mbedtls gsasl rustls-ffi rtmpdump libssh fish From 9ac3a9a670acc55674c420c11a222c1714bb9d55 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 2 Oct 2025 13:03:49 +0200 Subject: [PATCH 0245/2408] INTERNALS: drop Winsock 2.2 from the dependency list It's implied by the minimum requirement of Windows XP. Also Windows CE is soon to be deleted via #17927. Closes #18808 --- docs/INTERNALS.md | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/INTERNALS.md b/docs/INTERNALS.md index 93546ebe4b..f3c34c1143 100644 --- a/docs/INTERNALS.md +++ b/docs/INTERNALS.md @@ -38,7 +38,6 @@ versions of libs and build tools. - MIT Kerberos 1.2.4 - Heimdal ? - nghttp2 1.15.0 - - Winsock 2.2 (on Windows 95+ and Windows CE .NET 4.1+) ## Build tools From 7682bd80e7d51c6d02e3279ea6b99c7d9e4296d0 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 2 Oct 2025 14:37:14 +0200 Subject: [PATCH 0246/2408] cmake: drop exclamation in comment looking like a name Ref: https://github.com/curl/curl/pull/3316#issuecomment-442343555 Follow-up to ea4ba6d9ef21a271bfbccedb0456d09a1ed57173 #18803 Follow-up to 558814e16d84aa202c5ccc0c8108a9d728e77a58 Closes #18810 --- CMake/FindGSS.cmake | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CMake/FindGSS.cmake b/CMake/FindGSS.cmake index 172259e282..78a9194cd6 100644 --- a/CMake/FindGSS.cmake +++ b/CMake/FindGSS.cmake @@ -181,7 +181,7 @@ if(NOT _gss_FOUND) # Not found by pkg-config. Let us take more traditional appr "inc" ) - if(_gss_INCLUDE_DIRS) # jay, we have found something + if(_gss_INCLUDE_DIRS) # We have found something cmake_push_check_state() list(APPEND CMAKE_REQUIRED_INCLUDES "${_gss_INCLUDE_DIRS}") check_include_files("gssapi/gssapi_generic.h;gssapi/gssapi_krb5.h" _gss_have_mit_headers) From b04137c1c6ed164594279c7d04b5e051634453ea Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 27 Sep 2025 16:32:22 +0200 Subject: [PATCH 0247/2408] renovate: adjust commit message prefixes, try making CodeQL and AWS-LC updates monthly Also: - enable pip bumps in Dependabot. - reduce dependabot to check monthly (was: weekly) Dependabot acts as a backup for mend/renovate. Closes #18761 --- .github/dependabot.yml | 7 ++++++- renovate.json | 26 +++++++++++++++++++++++--- 2 files changed, 29 insertions(+), 4 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 701a5d01cf..a21592ee3e 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -7,4 +7,9 @@ updates: - package-ecosystem: 'github-actions' directory: '/' schedule: - interval: 'weekly' + interval: 'monthly' + + - package-ecosystem: 'pip' + directory: '/' + schedule: + interval: 'monthly' diff --git a/renovate.json b/renovate.json index efb9064dab..1bc0309f3a 100644 --- a/renovate.json +++ b/renovate.json @@ -10,7 +10,7 @@ "matchManagers": [ "github-actions" ], - "commitMessagePrefix": "gha: ", + "commitMessagePrefix": "GHA: ", "labels": [ "CI" ] @@ -21,7 +21,7 @@ "pinDigest", "digest" ], - "commitMessagePrefix": "ci: ", + "commitMessagePrefix": "CI: ", "labels": [ "CI" ] @@ -30,7 +30,7 @@ "matchManagers": [ "custom.regex" ], - "commitMessagePrefix": "ci: ", + "commitMessagePrefix": "CI: ", "labels": [ "CI" ] @@ -43,6 +43,26 @@ ".github/workflows/linux-old.yml" ], "enabled": false + }, + { + "description": "Schedule CodeQL updates on the 10th of each month", + "matchPackageNames": [ + "/codeql/i" + ], + "groupName": "CodeQL", + "schedule": [ + "* * 10 * *" + ] + }, + { + "description": "Schedule package updates on the 10th of each month", + "matchSourceUrls": [ + "**/awslabs/**" + ], + "groupName": "monthly updates", + "schedule": [ + "* * 10 * *" + ] } ], "customManagers": [ From 03fe4467894848fc58a82a30e25f0d70f793baa7 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 2 Oct 2025 13:39:35 +0200 Subject: [PATCH 0248/2408] INTERNALS: specify minimum version for Heimdal: 7.1.0 Released on 2016-Dec-19, it's the first "revamped" stable version, and the earliest available as a source tarball at the official repository: https://github.com/heimdal/heimdal/releases/tag/heimdal-7.1.0 It's also the first version hosted by Homebrew. It builds fine locally with curl, and also builds in CI with old linux: 7.1.0+dfsg-13+deb9u4. Closes #18809 --- docs/INTERNALS.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/INTERNALS.md b/docs/INTERNALS.md index f3c34c1143..84b939f4dc 100644 --- a/docs/INTERNALS.md +++ b/docs/INTERNALS.md @@ -36,7 +36,7 @@ versions of libs and build tools. - wolfSSL 3.4.6 - OpenLDAP 2.0 - MIT Kerberos 1.2.4 - - Heimdal ? + - Heimdal 7.1.0 - nghttp2 1.15.0 ## Build tools From 2a25ebe9580e52b375533a7d12a86dff29a36c44 Mon Sep 17 00:00:00 2001 From: Jay Satiro Date: Thu, 2 Oct 2025 09:46:36 -0400 Subject: [PATCH 0249/2408] vtls_scache: fix race condition - Lock before counting the cache sessions. Prior to this change when taking a session a trace command counted the sessions but not under lock, which caused a race condition. Reported by: Viktor Szakats Fixes https://github.com/curl/curl/issues/18806 Closes https://github.com/curl/curl/pull/18813 --- lib/vtls/vtls_scache.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/vtls/vtls_scache.c b/lib/vtls/vtls_scache.c index e934fa3b5e..74b2b20cf6 100644 --- a/lib/vtls/vtls_scache.c +++ b/lib/vtls/vtls_scache.c @@ -902,7 +902,6 @@ CURLcode Curl_ssl_scache_take(struct Curl_cfilter *cf, peer->age = scache->age; /* set this as used in this age */ } } - Curl_ssl_scache_unlock(data); if(s) { *ps = s; CURL_TRC_SSLS(data, "took session for %s [proto=0x%x, " @@ -914,6 +913,7 @@ CURLcode Curl_ssl_scache_take(struct Curl_cfilter *cf, else { CURL_TRC_SSLS(data, "no cached session for %s", ssl_peer_key); } + Curl_ssl_scache_unlock(data); return result; } From e5316069f13ec9189d9fe0499dc09afaa9fb5cee Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 2 Oct 2025 19:10:35 +0200 Subject: [PATCH 0250/2408] GHA/macos: drop macos-13 runner image from combo jobs - replace with macos-14. - refresh tables, exceptions. - apply a pending TODO. Closes #18818 --- .github/workflows/macos.yml | 48 ++++++++++--------------------------- 1 file changed, 13 insertions(+), 35 deletions(-) diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index a321d28b33..f731406bfb 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -554,62 +554,42 @@ jobs: fail-fast: false matrix: # Sources: - # https://github.com/actions/runner-images/blob/main/images/macos/macos-13-arm64-Readme.md # https://github.com/actions/runner-images/blob/main/images/macos/macos-14-arm64-Readme.md # https://github.com/actions/runner-images/blob/main/images/macos/macos-15-arm64-Readme.md # https://github.com/actions/runner-images/blob/main/images/macos/macos-26-arm64-Readme.md compiler: [gcc-12, gcc-13, gcc-15, llvm@15, llvm@18, llvm@20, clang] - # Xcode support matrix as of 2024-07, with default macOS SDK versions and OS names, years: + # Xcode support matrix as of 2025-10, with default macOS SDK versions and OS names, years: # * = default Xcode on the runner. - # macos-13: 14.1, 14.2, 14.3.1, 15.0.1, 15.1,*15.2 - # macos-14: 15.0.1, 15.1, 15.2, 15.3,*15.4 - # macos-15: 16.0, 16.1, 16.2, 16.3,*16.4, 26.0 - # macos-26: 16.4 *26.0 - # macOSSDK: 13.0, 13.1, 13.3, 14.0, 14.2, 14.2, 14.4, 14.5, 15.0, 15.1, 15.2, 15.4, 15.5, 26.0 - # Ventura (2022) Sonoma (2023) Sequoia (2024) Tahoe (2025) + # macos-14: 15.0.1, 15.1, 15.2, 15.3,*15.4 + # macos-15: 16.0, 16.1, 16.2, 16.3,*16.4, 26.0 + # macos-26: 16.4 *26.0 + # macOSSDK: 14.0, 14.2, 14.2, 14.4, 14.5, 15.0, 15.1, 15.2, 15.4, 15.5, 26.0 + # Sonoma (2023) Sequoia (2024) Tahoe (2025) # https://github.com/actions/runner-images/tree/main/images/macos # https://en.wikipedia.org/wiki/MacOS_version_history - # TODO when dropping macos-13: replace '$(brew --prefix ...' with /opt/homebrew - image: [macos-13, macos-15, macos-26] + image: [macos-14, macos-15, macos-26] # Can skip these to reduce jobs: # 15.1 has the same default macOS SDK as 15.2 and identical test results. - # 14.1, 15.4 not revealing new fallouts. - #xcode: ['14.1', '14.2', '14.3.1', '15.0.1', '15.1', '15.2', '15.3', '15.4', '16.0', '16.1'] # all Xcode - #xcode: ['14.1', '14.2', '14.3.1', '15.0.1' , '15.2', '15.3', '15.4', '16.0', '16.1'] # all SDK - #xcode: [ '14.2', '14.3.1', '15.0.1' , '15.2', '15.3' , '16.0' ] # coverage + # 15.4 not revealing new fallouts. + #xcode: ['15.0.1', '15.1', '15.2', '15.3', '15.4', '16.0', '16.1'] # all Xcode + #xcode: ['15.0.1' , '15.2', '15.3', '15.4', '16.0', '16.1'] # all SDK + #xcode: ['15.0.1' , '15.2', '15.3' , '16.0' ] # coverage xcode: [''] # default Xcodes macos-version-min: [''] build: [autotools, cmake] exclude: # Combinations not covered by runner images: - - { image: macos-13, xcode: '15.3' } - - { image: macos-13, xcode: '15.4' } - - { image: macos-13, xcode: '16.0' } - - { image: macos-13, xcode: '16.1' } - - { image: macos-13, xcode: '16.2' } - - { image: macos-13, xcode: '16.3' } - - { image: macos-13, xcode: '16.4' } - - { image: macos-13, xcode: '26.0' } - - { image: macos-14, xcode: '14.1' } - - { image: macos-14, xcode: '14.2' } - - { image: macos-14, xcode: '14.3.1' } - { image: macos-14, xcode: '16.0' } - { image: macos-14, xcode: '16.1' } - { image: macos-14, xcode: '16.2' } - { image: macos-14, xcode: '16.3' } - { image: macos-14, xcode: '16.4' } - { image: macos-14, xcode: '26.0' } - - { image: macos-15, xcode: '14.1' } - - { image: macos-15, xcode: '14.2' } - - { image: macos-15, xcode: '14.3.1' } - { image: macos-15, xcode: '15.0.1' } - { image: macos-15, xcode: '15.1' } - { image: macos-15, xcode: '15.2' } - { image: macos-15, xcode: '15.3' } - { image: macos-15, xcode: '15.4' } - - { image: macos-26, xcode: '14.1' } - - { image: macos-26, xcode: '14.2' } - - { image: macos-26, xcode: '14.3.1' } - { image: macos-26, xcode: '15.0.1' } - { image: macos-26, xcode: '15.1' } - { image: macos-26, xcode: '15.2' } @@ -619,8 +599,6 @@ jobs: - { image: macos-26, xcode: '16.1' } - { image: macos-26, xcode: '16.2' } - { image: macos-26, xcode: '16.3' } - - { image: macos-13, compiler: 'llvm@18' } - - { image: macos-13, compiler: 'llvm@20' } - { image: macos-14, compiler: 'llvm@18' } - { image: macos-14, compiler: 'llvm@20' } - { image: macos-15, compiler: 'llvm@15' } @@ -650,7 +628,7 @@ jobs: ls -l /Library/Developer/CommandLineTools/SDKs || true echo '::group::compiler defaults'; echo 'int main(void) {}' | "${CC}" -v -x c -; echo '::endgroup::' echo '::group::macros predefined'; "${CC}" -dM -E - < /dev/null | sort || true; echo '::endgroup::' - echo '::group::brew packages preinstalled'; ls -l "$(brew --prefix)/opt"; echo '::endgroup::' + echo '::group::brew packages preinstalled'; ls -l /opt/homebrew/opt; echo '::endgroup::' - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 with: @@ -686,7 +664,7 @@ jobs: -DCMAKE_UNITY_BUILD=ON -DCURL_WERROR=ON \ -DCMAKE_OSX_SYSROOT="${sysroot}" \ -DCMAKE_C_COMPILER_TARGET="$(uname -m | sed 's/arm64/aarch64e/')-apple-darwin$(uname -r)" \ - -DCMAKE_IGNORE_PREFIX_PATH="$(brew --prefix)" \ + -DCMAKE_IGNORE_PREFIX_PATH=/opt/homebrew \ -DBUILD_LIBCURL_DOCS=OFF -DBUILD_MISC_DOCS=OFF -DENABLE_CURL_MANUAL=OFF \ -DCURL_USE_OPENSSL=ON \ -DUSE_NGHTTP2=OFF -DUSE_LIBIDN2=OFF \ From 95ac33fc4f8356b1c0685e70d1d8ab7842aecf3a Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Thu, 2 Oct 2025 16:39:37 +0200 Subject: [PATCH 0251/2408] ip-happy: prevent event-based stall on retry When delaying an IP happy eyeball restart, set an actual timer or the connection will stall when running event based. Closes #18815 --- lib/cf-ip-happy.c | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/lib/cf-ip-happy.c b/lib/cf-ip-happy.c index 47560889d4..c0150dd087 100644 --- a/lib/cf-ip-happy.c +++ b/lib/cf-ip-happy.c @@ -461,10 +461,10 @@ evaluate: else if(inconclusive) { /* tried all addresses, no success but some where inconclusive. * Let's restart the inconclusive ones. */ - if(curlx_timediff(now, bs->last_attempt_started) >= - bs->attempt_delay_ms) { - CURL_TRC_CF(data, cf, "tried all addresses with inconclusive results" - ", restarting one"); + timediff_t since_ms = curlx_timediff(now, bs->last_attempt_started); + timediff_t delay_ms = bs->attempt_delay_ms - since_ms; + if(delay_ms <= 0) { + CURL_TRC_CF(data, cf, "all attempts inconclusive, restarting one"); i = -1; for(a = bs->running; a; a = a->next) { ++i; @@ -479,6 +479,12 @@ evaluate: } DEBUGASSERT(0); /* should not come here */ } + else { + /* let's wait some more before restarting */ + infof(data, "connect attempts inconclusive, retrying " + "in %" FMT_TIMEDIFF_T "ms", delay_ms); + Curl_expire(data, delay_ms, EXPIRE_HAPPY_EYEBALLS); + } /* attempt timeout for restart has not expired yet */ goto out; } From 06625975af40ddf6067f2105250555ba76b0a6ae Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 2 Oct 2025 17:17:22 +0200 Subject: [PATCH 0252/2408] cmdline-opts/_PROGRESS.md: explain the suffixes Closes #18817 --- .github/scripts/spellcheck.words | 5 ++++- docs/cmdline-opts/_PROGRESS.md | 4 ++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/scripts/spellcheck.words b/.github/scripts/spellcheck.words index aafaeff6d9..fb4d9532e6 100644 --- a/.github/scripts/spellcheck.words +++ b/.github/scripts/spellcheck.words @@ -231,9 +231,9 @@ else's encodings enctype endianness -enums Engler enum +enums epoll EPRT EPSV @@ -294,6 +294,7 @@ GETing getpwuid ggcov Ghedini +giga Gisle Glesys globbed @@ -617,6 +618,7 @@ PEM pem perl permafailing +peta PINGs pipelining PKCS @@ -846,6 +848,7 @@ Tatsuhiro TBD TCP tcpdump +tera testability testcurl TFTP diff --git a/docs/cmdline-opts/_PROGRESS.md b/docs/cmdline-opts/_PROGRESS.md index 4cbbd8eb78..9ab1ce8c9b 100644 --- a/docs/cmdline-opts/_PROGRESS.md +++ b/docs/cmdline-opts/_PROGRESS.md @@ -5,8 +5,8 @@ curl normally displays a progress meter during operations, indicating the amount of transferred data, transfer speeds and estimated time left, etc. The progress meter displays the transfer rate in bytes per second. The suffixes -(k, M, G, T, P) are 1024 based. For example 1k is 1024 bytes. 1M is 1048576 -bytes. +(`k` for kilo, `M` for mega, `G` for giga, `T` for tera, and `P` for peta) are +1024 based. For example 1k is 1024 bytes. 1M is 1048576 bytes. curl displays this data to the terminal by default, so if you invoke curl to do an operation and it is about to write data to the terminal, it *disables* From 18e4fbad4c08b85dcc5b37997d156b954820bbc5 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 2 Oct 2025 14:41:41 +0200 Subject: [PATCH 0253/2408] tcp-nodelay.md: expand the documentation Instead of referring to another document. Closes #18811 --- docs/cmdline-opts/tcp-nodelay.md | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/docs/cmdline-opts/tcp-nodelay.md b/docs/cmdline-opts/tcp-nodelay.md index 6944d70142..8ef7f9416d 100644 --- a/docs/cmdline-opts/tcp-nodelay.md +++ b/docs/cmdline-opts/tcp-nodelay.md @@ -14,8 +14,18 @@ Example: # `--tcp-nodelay` -Turn on the TCP_NODELAY option. See the *curl_easy_setopt(3)* man page for -details about this option. +Turn on the TCP_NODELAY option. + +This option disables the Nagle algorithm on TCP connections. The purpose of +this algorithm is to minimize the number of small packets on the network +(where "small packets" means TCP segments less than the Maximum Segment Size +for the network). + +Maximizing the amount of data sent per TCP segment is good because it +amortizes the overhead of the send. However, in some cases small segments may +need to be sent without delay. This is less efficient than sending larger +amounts of data at a time, and can contribute to congestion on the network if +overdone. curl sets this option by default and you need to explicitly switch it off if you do not want it on (added in 7.50.2). From 84c4b485f38f339b71665f946216a2612a103e84 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 2 Oct 2025 17:07:05 +0200 Subject: [PATCH 0254/2408] time-cond.md: refer to the singular curl_getdate man page Closes #18816 --- docs/cmdline-opts/time-cond.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/cmdline-opts/time-cond.md b/docs/cmdline-opts/time-cond.md index 44cb166349..d902dd49d1 100644 --- a/docs/cmdline-opts/time-cond.md +++ b/docs/cmdline-opts/time-cond.md @@ -24,7 +24,7 @@ Request a file that has been modified later than the given time and date, or one that has been modified before that time. The date expression can be all sorts of date strings or if it does not match any internal ones, it is treated as a filename and curl tries to get the modification date (mtime) from that -file instead. See the *curl_getdate(3)* man pages for date expression details. +file instead. See the *curl_getdate(3)* man page for date expression details. Start the date expression with a dash (-) to make it request for a document that is older than the given date/time, default is a document that is newer From 06c0f8c5cd5da1b2cfe616f03ae0a187cdee18e6 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 2 Oct 2025 22:50:25 +0200 Subject: [PATCH 0255/2408] DEPRECATE.md: We remove the OpenSSL-QUIC backend in March 2026 URL: https://curl.se/mail/lib-2025-10/0000.html Closes #18820 --- docs/DEPRECATE.md | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/docs/DEPRECATE.md b/docs/DEPRECATE.md index 786b6a92c7..e74ccc56e8 100644 --- a/docs/DEPRECATE.md +++ b/docs/DEPRECATE.md @@ -55,6 +55,21 @@ free version risk being vulnerable. We remove support for this OpenSSL version from curl in June 2026. +## OpenSSL-QUIC + +OpenSSL-QUIC is what we call the curl QUIC backend that uses the OpenSSL QUIC +stack. + + - It is slower and uses more memory than the alternatives and is only + experimental in curl. + - It gets little attention from OpenSSL and we have no expectation of the + major flaws getting corrected anytime soon. + - No one has spoken up for keeping it + - curl users building with vanilla OpenSSL can still use QUIC through the + means of ngtcp2 + +We remove the OpenSSL-QUIC backend in March 2026. + ## Past removals - axTLS (removed in 7.63.0) From 0a3459ca51754ae54101c5aa0dab9a87a27a6aec Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 2 Oct 2025 23:00:24 +0200 Subject: [PATCH 0256/2408] DEPRECATE.md: remove OpenSSL 1.1.1 support already in December 2025 No sponsors == remove it Closes #18822 --- docs/DEPRECATE.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/DEPRECATE.md b/docs/DEPRECATE.md index e74ccc56e8..43c94875b1 100644 --- a/docs/DEPRECATE.md +++ b/docs/DEPRECATE.md @@ -53,7 +53,7 @@ We remove support for this OpenSSL version from curl in December 2025. OpenSSL and others only ship fixes to paying customers, meaning users of the free version risk being vulnerable. -We remove support for this OpenSSL version from curl in June 2026. +We remove support for this OpenSSL version from curl in December 2025. ## OpenSSL-QUIC From 2b1fda1fe6e91fee40dd70562fcb91d9ab1ba19b Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 3 Oct 2025 08:26:56 +0200 Subject: [PATCH 0257/2408] RELEASE-NOTES: synced --- RELEASE-NOTES | 55 ++++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 48 insertions(+), 7 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 3977134b83..232cb7a5f8 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -4,7 +4,7 @@ curl and libcurl 8.17.0 Command line options: 272 curl_easy_setopt() options: 308 Public functions in libcurl: 98 - Contributors: 3510 + Contributors: 3513 This release includes the following changes: @@ -12,6 +12,7 @@ This release includes the following changes: o krb5: drop support for Kerberos FTP [43] o libssh2: up the minimum requirement to 1.9.0 [85] o vssh: drop support for wolfSSH [58] + o wcurl: import v2025.09.27 [182] o write-out: make %header{} able to output *all* occurrences of a header [25] This release includes the following bugfixes: @@ -33,16 +34,19 @@ This release includes the following bugfixes: o build: show llvm/clang in platform flags and `buildinfo.txt` [126] o cf-h2-proxy: break loop on edge case [140] o cf-ip-happy: mention unix domain path, not port number [161] + o cf-socket: tweak a memcpy() to read better [177] o cf-socket: use the right byte order for ports in bindlocal [61] o cfilter: unlink and discard [46] o checksrc: catch banned functions when preceded by `(` [146] o checksrc: fix possible endless loop when detecting `BANNEDFUNC` [149] o cmake: add `CURL_CODE_COVERAGE` option [78] o cmake: clang detection tidy-ups [116] + o cmake: drop exclamation in comment looking like a name [160] o cmake: fix building docs when the base directory contains `.3` [18] o cmake: use modern alternatives for `get_filename_component()` [102] o cmake: use more `COMPILER_OPTIONS`, `LINK_OPTIONS` / `LINK_FLAGS` [152] o cmdline-docs: extended, clarified, refreshed [28] + o cmdline-opts/_PROGRESS.md: explain the suffixes [154] o configure: add "-mt" for pthread support on HP-UX [52] o cookie: avoid saving a cookie file if no transfer was done [11] o curl_easy_getinfo: error code on NULL arg [2] @@ -62,15 +66,21 @@ This release includes the following bugfixes: o easy_getinfo: check magic, Curl_close safety [3] o examples: fix two issues found by CodeQL [35] o examples: fix two more cases of `stat()` TOCTOU [147] + o form.md: drop reference to MANUAL [178] o ftp: fix ftp_do_more returning with *completep unset [122] o ftp: fix port number range loop for PORT commands [66] o gtls: avoid potential use of uninitialized variable in trace output [83] o hostip: remove leftover INT_MAX check in Curl_dnscache_prune [88] o http: handle user-defined connection headers [165] o httpsrr: free old pointers when storing new [57] + o INTERNALS: drop Winsock 2.2 from the dependency list [162] + o INTERNALS: specify minimum version for Heimdal: 7.1.0 [158] o ip-happy: do not set unnecessary timeout [95] + o ip-happy: prevent event-based stall on retry [155] o krb5: return appropriate error on send failures [22] o ldap: do not base64 encode zero length string [42] + o lib: fix build error and compiler warnings with verbose strings disabled [173] + o lib: remove personal names from comments [168] o lib: upgrade/multiplex handling [136] o libcurl-multi.md: added curl_multi_get_offt mention [53] o libcurl-security.md: mention long-running connections [6] @@ -91,6 +101,7 @@ This release includes the following bugfixes: o mbedtls: check result of setting ALPN [127] o mbedtls: handle WANT_WRITE from mbedtls_ssl_read() [145] o multi.h: add CURLMINFO_LASTENTRY [51] + o multi_ev: remove unnecessary data check that confuses analysers [167] o ngtcp2: check error code on connect failure [13] o ngtcp2: fix early return [131] o openldap: avoid indexing the result at -1 for blank responses [44] @@ -98,15 +109,18 @@ This release includes the following bugfixes: o openldap: check ldap_get_option() return codes [119] o openssl-quic: check results better [132] o openssl-quic: handle error in SSL_get_stream_read_error_code [129] + o openssl-quic: ignore unexpected streams opened by server [176] o openssl: clear retry flag on x509 error [130] o openssl: fail the transfer if ossl_certchain() fails [23] o openssl: make the asn1_object_dump name null terminated [56] o openssl: set io_need always [99] o OS400: fix a use-after-free/double-free case [142] + o pytest: skip specific tests for no-verbose builds [171] o quic: fix min TLS version handling [14] o quic: ignore EMSGSIZE on receive [4] o quiche: fix verbose message when ip quadruple cannot be obtained. [128] o quiche: when ingress processing fails, return that error code [103] + o runtests: tag tests that require curl verbose strings [172] o rustls: fix clang-tidy warning [107] o rustls: fix comment describing cr_recv() [117] o rustls: typecast variable for safer trace output [69] @@ -130,6 +144,7 @@ This release includes the following bugfixes: o socks_sspi: restore non-blocking socket on error paths [48] o ssl-sessions.md: mark option experimental [12] o sws: fix checking `sscanf()` return value [17] + o tcp-nodelay.md: expand the documentation [153] o telnet: make printsub require another byte input [21] o telnet: refuse IAC codes in content [111] o telnet: return error on crazy TTYPE or XDISPLOC lengths [123] @@ -144,6 +159,7 @@ This release includes the following bugfixes: o tidy-up: avoid using the reserved macro namespace [76] o tidy-up: update MS links, allow long URLs via `checksrc` [73] o tidy-up: URLs [101] + o time-cond.md: refer to the singular curl_getdate man page [148] o TODO: fix a typo [93] o TODO: remove already implemented or bad items [36] o tool: fix exponential retry delay [47] @@ -151,13 +167,17 @@ This release includes the following bugfixes: o tool_cb_hdr: size is always 1 [70] o tool_doswin: fix to use curl socket functions [108] o tool_getparam/set_rate: skip the multiplication on overflow [84] + o tool_getparam: always disable "lib-ids" for tracing [169] + o tool_getparam: warn if provided header looks malformed [179] o tool_operate: improve wording in retry message [37] o tool_operate: keep the progress meter for --out-null [33] o tool_progress: handle possible integer overflows [164] + o tool_progress: make max5data() use an algorithm [170] o transfer: avoid busy loop with tiny speed limit [100] o urldata: FILE is not a list-only protocol [9] o vtls: alpn setting, check proto parameter [134] o vtls_int.h: clarify data_pending [124] + o vtls_scache: fix race condition [157] o windows: replace `_beginthreadex()` with `CreateThread()` [80] o windows: stop passing unused, optional argument for Win9x compatibility [75] o wolfssl: check BIO read parameters [133] @@ -186,16 +206,17 @@ Planned upcoming removals include: This release would not have looked like this without help, code, reports and advice from friends like these: - Adam Light, Andrew Kirillov, Andrew Olsen, BobodevMm on github, - Christian Schmitz, Dan Fandrich, Daniel Stenberg, dependabot[bot], - divinity76 on github, Emilio Pozuelo Monfort, Ethan Everett, + Adam Light, Alice Lee Poetics, Andrew Kirillov, Andrew Olsen, + BobodevMm on github, Christian Schmitz, Dan Fandrich, Daniel Stenberg, + dependabot[bot], divinity76 on github, Emilio Pozuelo Monfort, Ethan Everett, Evgeny Grin (Karlson2k), fds242 on github, Howard Chu, Javier Blazquez, Jicea, jmaggard10 on github, Johannes Schindelin, Joseph Birr-Pixton, Joshua Rogers, kapsiR on github, kuchara on github, Marcel Raad, Michael Osipov, Michał Petryka, Mohamed Daahir, Nir Azkiel, Patrick Monnerat, - Ray Satiro, renovate[bot], rinsuki on github, Samuel Dionne-Riel, - Stanislav Fort, Stefan Eissing, Viktor Szakats - (35 contributors) + Pocs Norbert, Ray Satiro, renovate[bot], rinsuki on github, + Samuel Dionne-Riel, Samuel Henrique, Stanislav Fort, Stefan Eissing, + Viktor Szakats + (38 contributors) References to bug reports and discussions on issues: @@ -344,11 +365,31 @@ References to bug reports and discussions on issues: [145] = https://curl.se/bug/?i=18682 [146] = https://curl.se/bug/?i=18779 [147] = https://curl.se/bug/?i=18778 + [148] = https://curl.se/bug/?i=18816 [149] = https://curl.se/bug/?i=18775 [150] = https://curl.se/bug/?i=18510 [151] = https://curl.se/bug/?i=18774 [152] = https://curl.se/bug/?i=18762 + [153] = https://curl.se/bug/?i=18811 + [154] = https://curl.se/bug/?i=18817 + [155] = https://curl.se/bug/?i=18815 + [157] = https://curl.se/bug/?i=18806 + [158] = https://curl.se/bug/?i=18809 + [160] = https://curl.se/bug/?i=18810 [161] = https://curl.se/bug/?i=18749 + [162] = https://curl.se/bug/?i=18808 [163] = https://curl.se/bug/?i=18747 [164] = https://curl.se/bug/?i=18744 [165] = https://curl.se/bug/?i=18662 + [167] = https://curl.se/bug/?i=18804 + [168] = https://curl.se/bug/?i=18803 + [169] = https://curl.se/bug/?i=18805 + [170] = https://curl.se/bug/?i=18807 + [171] = https://curl.se/bug/?i=18801 + [172] = https://curl.se/bug/?i=18800 + [173] = https://curl.se/bug/?i=18799 + [176] = https://curl.se/bug/?i=18780 + [177] = https://curl.se/bug/?i=18787 + [178] = https://curl.se/bug/?i=18790 + [179] = https://curl.se/bug/?i=18793 + [182] = https://curl.se/bug/?i=18754 From 9cc1ee55a4a363e6a13408bfac58f4f7a17e625f Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 3 Oct 2025 08:30:55 +0200 Subject: [PATCH 0258/2408] RELEASE-NOTES: synced Add OpenSSL-QUIC as an item to get removed --- RELEASE-NOTES | 1 + 1 file changed, 1 insertion(+) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 232cb7a5f8..b638b559c4 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -197,6 +197,7 @@ Planned upcoming removals include: o Builds using VS2008 o OpenSSL 1.x support + o OpenSSL-QUIC o Support for c-ares versions before 1.16.0 o Support for Windows XP/2003 o Windows CE support From eefd03c572996e5de4dec4fe295ad6f103e0eefc Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Wed, 24 Sep 2025 10:19:46 +0200 Subject: [PATCH 0259/2408] ssl: support Apple SecTrust configurations - configure/cmake support for enabling the option - supported in OpenSSL and GnuTLS backends - when configured, Apple SecTrust is the default trust store for peer verification. When one of the CURLOPT_* for adding certificates is used, that default does not apply. - add documentation of build options and SSL use Closes #18703 --- .github/scripts/spellcheck.words | 1 + .github/workflows/configure-vs-cmake.yml | 4 +- .github/workflows/macos.yml | 9 +- CMakeLists.txt | 19 +- acinclude.m4 | 10 + configure.ac | 8 + docs/INSTALL-CMAKE.md | 1 + docs/INSTALL.md | 19 + docs/SSLCERTS.md | 54 +- docs/cmdline-opts/ca-native.md | 6 +- lib/Makefile.inc | 2 + lib/curl_config.h.cmake | 3 + lib/setopt.c | 14 +- lib/url.c | 30 - lib/urldata.h | 3 + lib/vquic/vquic-tls.c | 4 +- lib/vtls/apple.c | 297 ++++++++ lib/vtls/apple.h | 55 ++ lib/vtls/gtls.c | 386 ++++++----- lib/vtls/gtls.h | 3 +- lib/vtls/openssl.c | 832 ++++++++++++++--------- lib/vtls/openssl.h | 4 +- lib/vtls/vtls.c | 147 ++-- lib/vtls/vtls_scache.c | 2 +- m4/curl-apple-sectrust.m4 | 58 ++ tests/data/test305 | 2 +- tests/http/test_02_download.py | 2 + tests/http/test_07_upload.py | 2 + tests/http/test_17_ssl_use.py | 4 +- 29 files changed, 1377 insertions(+), 604 deletions(-) create mode 100644 lib/vtls/apple.c create mode 100644 lib/vtls/apple.h create mode 100644 m4/curl-apple-sectrust.m4 diff --git a/.github/scripts/spellcheck.words b/.github/scripts/spellcheck.words index fb4d9532e6..73e68f4884 100644 --- a/.github/scripts/spellcheck.words +++ b/.github/scripts/spellcheck.words @@ -743,6 +743,7 @@ scp SDK se SEB +SecTrust SEK selectable Serv diff --git a/.github/workflows/configure-vs-cmake.yml b/.github/workflows/configure-vs-cmake.yml index 984fccd592..b259daee51 100644 --- a/.github/workflows/configure-vs-cmake.yml +++ b/.github/workflows/configure-vs-cmake.yml @@ -92,13 +92,13 @@ jobs: run: | autoreconf -fi export PKG_CONFIG_DEBUG_SPEW=1 - mkdir bld-am && cd bld-am && ../configure --enable-static=no --with-openssl --without-libpsl --disable-ldap --with-brotli --with-zstd + mkdir bld-am && cd bld-am && ../configure --enable-static=no --with-openssl --without-libpsl --disable-ldap --with-brotli --with-zstd --with-apple-sectrust - name: 'run cmake' run: | cmake -B bld-cm -DCURL_WERROR=ON -DCURL_USE_LIBPSL=OFF -DCURL_DISABLE_LDAP=ON \ -DCMAKE_C_COMPILER_TARGET="$(uname -m | sed 's/arm64/aarch64/')-apple-darwin$(uname -r)" \ - -DCURL_USE_LIBSSH2=OFF + -DCURL_USE_LIBSSH2=OFF -DUSE_APPLE_SECTRUST=ON - name: 'configure log' run: cat bld-am/config.log 2>/dev/null || true diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index f731406bfb..931abc8693 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -265,6 +265,11 @@ jobs: install: libnghttp3 libngtcp2 install_steps: pytest configure: --enable-debug --with-openssl=/opt/homebrew/opt/openssl --with-ngtcp2 + - name: 'OpenSSL SecTrust' + compiler: clang + install: libnghttp3 libngtcp2 + install_steps: pytest + configure: --enable-debug --with-openssl=/opt/homebrew/opt/openssl --with-ngtcp2 --with-apple-sectrust - name: 'OpenSSL event-based' compiler: clang configure: --enable-debug --with-openssl=/opt/homebrew/opt/openssl @@ -275,9 +280,9 @@ jobs: configure: --enable-debug --disable-ldap --with-openssl=/opt/homebrew/opt/quictls LDFLAGS=-L/opt/homebrew/opt/quictls/lib macos-version-min: '10.15' # cmake - - name: 'OpenSSL gsasl rtmp AppleIDN' + - name: 'OpenSSL gsasl rtmp AppleIDN SecTrust' install: libnghttp3 libngtcp2 gsasl rtmpdump - generate: -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl -DCURL_USE_GSASL=ON -DUSE_LIBRTMP=ON -DUSE_APPLE_IDN=ON -DUSE_NGTCP2=ON -DCURL_DISABLE_VERBOSE_STRINGS=ON + generate: -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl -DCURL_USE_GSASL=ON -DUSE_LIBRTMP=ON -DUSE_APPLE_IDN=ON -DUSE_NGTCP2=ON -DCURL_DISABLE_VERBOSE_STRINGS=ON -DUSE_APPLE_SECTRUST=ON - name: 'MultiSSL AppleIDN clang-tidy +examples' compiler: clang install: llvm brotli zstd gnutls nettle libressl krb5 mbedtls gsasl rustls-ffi rtmpdump libssh fish diff --git a/CMakeLists.txt b/CMakeLists.txt index 115eaa5f34..3b5ed10f80 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -764,6 +764,23 @@ if(CURL_WINDOWS_SSPI AND NOT WINDOWS_STORE) set(USE_WINDOWS_SSPI ON) endif() +if(APPLE) + option(USE_APPLE_SECTRUST "Use Apple OS-native certificate verification" OFF) + if(USE_APPLE_SECTRUST) + find_library(COREFOUNDATION_FRAMEWORK NAMES "Security") + mark_as_advanced(COREFOUNDATION_FRAMEWORK) + if(NOT COREFOUNDATION_FRAMEWORK) + message(FATAL_ERROR "Security framework not found") + endif() + list(APPEND CURL_LIBS "-framework Security") + + set(_use_core_foundation_and_core_services ON) + message(STATUS "Apple OS-native certificate verification enabled") + endif() +else() + set(USE_APPLE_SECTRUST OFF) +endif() + if(_use_core_foundation_and_core_services) find_library(COREFOUNDATION_FRAMEWORK NAMES "CoreFoundation") mark_as_advanced(COREFOUNDATION_FRAMEWORK) @@ -1531,7 +1548,7 @@ if(_curl_ca_bundle_supported) unset(CURL_CA_BUNDLE CACHE) elseif(CURL_CA_BUNDLE STREQUAL "auto") unset(CURL_CA_BUNDLE CACHE) - if(NOT CMAKE_CROSSCOMPILING AND NOT WIN32) + if(NOT CMAKE_CROSSCOMPILING AND NOT WIN32 AND NOT USE_APPLE_SECTRUST) set(_curl_ca_bundle_autodetect TRUE) endif() else() diff --git a/acinclude.m4 b/acinclude.m4 index 7b26dfd466..517de0c4a6 100644 --- a/acinclude.m4 +++ b/acinclude.m4 @@ -1149,6 +1149,12 @@ AS_HELP_STRING([--without-ca-path], [Don't use a default CA path]), capath_warning=" (warning: certs not found)" check_capath="" + if test "x$APPLE_SECTRUST_ENABLED" = "x1"; then + ca_native="Apple SecTrust" + else + ca_native="no" + fi + if test "x$want_ca" != "xno" -a "x$want_ca" != "xunset" -a \ "x$want_capath" != "xno" -a "x$want_capath" != "xunset"; then dnl both given @@ -1162,6 +1168,10 @@ AS_HELP_STRING([--without-ca-path], [Don't use a default CA path]), dnl --with-ca-path given capath="$want_capath" ca="no" + elif test "x$ca_native" != "xno"; then + # native ca configured, do not look further + ca="no" + capath="no" else dnl First try auto-detecting a CA bundle, then a CA path. dnl Both auto-detections can be skipped by --without-ca-* diff --git a/configure.ac b/configure.ac index fddae6a630..5dde9f6c96 100644 --- a/configure.ac +++ b/configure.ac @@ -277,6 +277,12 @@ AS_HELP_STRING([--with-rustls=PATH],[where to look for Rustls, PATH points to th fi ]) +OPT_APPLE_SECTRUST=$curl_cv_apple +AC_ARG_WITH(apple-sectrust,dnl +AS_HELP_STRING([--with-apple-sectrust],[enable Apple OS native certificate verification]),[ + OPT_APPLE_SECTRUST=$withval + ]) + AC_PATH_PROG(PERL, perl,, $PATH:/usr/local/bin/perl:/usr/bin/:/usr/local/bin) AC_SUBST(PERL) AM_CONDITIONAL(PERL, test -n "$PERL") @@ -2016,6 +2022,7 @@ CURL_WITH_GNUTLS CURL_WITH_MBEDTLS CURL_WITH_WOLFSSL CURL_WITH_RUSTLS +CURL_WITH_APPLE_SECTRUST dnl link required libraries for USE_WIN32_CRYPTO or SCHANNEL_ENABLED if test "x$USE_WIN32_CRYPTO" = "x1" -o "x$SCHANNEL_ENABLED" = "x1"; then @@ -5588,6 +5595,7 @@ AC_MSG_NOTICE([Configured to build curl/libcurl: Verbose errors: ${curl_verbose_msg} Code coverage: ${curl_coverage_msg} SSPI: ${curl_sspi_msg} + ca native: ${ca_native} ca cert bundle: ${ca}${ca_warning} ca cert path: ${capath}${capath_warning} ca cert embed: ${CURL_CA_EMBED_msg} diff --git a/docs/INSTALL-CMAKE.md b/docs/INSTALL-CMAKE.md index 566fee7423..4c78752521 100644 --- a/docs/INSTALL-CMAKE.md +++ b/docs/INSTALL-CMAKE.md @@ -368,6 +368,7 @@ Details via CMake - `CURL_ZSTD`: Use zstd (`ON`, `OFF` or `AUTO`). Default: `AUTO` - `ENABLE_ARES`: Enable c-ares support. Default: `OFF` - `USE_APPLE_IDN`: Use Apple built-in IDN support. Default: `OFF` +- `USE_APPLE_SECTRUST`: Use Apple OS-native certificate verification. Default: `OFF` - `USE_LIBIDN2`: Use libidn2 for IDN support. Default: `ON` - `USE_LIBRTMP`: Enable librtmp from rtmpdump. Default: `OFF` - `USE_NGHTTP2`: Use nghttp2 library. Default: `ON` diff --git a/docs/INSTALL.md b/docs/INSTALL.md index 80fcb93216..453071afd5 100644 --- a/docs/INSTALL.md +++ b/docs/INSTALL.md @@ -153,6 +153,25 @@ conflicting identical symbol names. When you build with multiple TLS backends, you can select the active one at runtime when curl starts up. +### Selecting TLS Trust Anchors Defaults + +Verifying a server certificate established a chain of trust that needs to +start somewhere. Those "root" certificates make the set of Trust Anchors. + +While the build system tries to find good defaults on the platform you +use, you may specify these explicitly. The following options are provided: + + - `--with-ca-bundle=FILE`: the file that libcurl loads default root + certificates from. + - `--with-ca-path=DIRECTORY`: a directory in which root certificates files + are found. + - `--with-ca-embed=FILE`: a file read *at build time* and added to `libcurl`. + - `--with-ca-fallback`: an OpenSSL specific option for delegating default + trust anchor selection to what OpenSSL thinks is best, *if* there are +no other certificates configured by the application. + - `--with-apple-sectrust`: use the system "SecTrust" service on Apple + operating systems for verification. (Added in 8.17.0) + ## MultiSSL and HTTP/3 HTTP/3 needs QUIC and QUIC needs TLS. Building libcurl with HTTP/3 and QUIC diff --git a/docs/SSLCERTS.md b/docs/SSLCERTS.md index 4efb9cf00b..de39545534 100644 --- a/docs/SSLCERTS.md +++ b/docs/SSLCERTS.md @@ -8,8 +8,10 @@ SPDX-License-Identifier: curl ## Native vs file based -If curl was built with Schannel support, then curl uses the system native CA -store for verification. All other TLS libraries use a file based CA store by +If curl was built with Schannel support, then curl uses the Windows native CA +store for verification. On Apple operating systems, it is possible to use Apple's +"SecTrust" services for certain TLS backends, details below. +All other TLS libraries use a file based CA store by default. ## Verification @@ -71,8 +73,10 @@ another option to restrict search to the application's directory. ### Use the native store -In several environments, in particular on Windows, you can ask curl to use the -system's native CA store when verifying the certificate. +In several environments, in particular on Microsoft and Apple operating +systems, you can ask curl to use the system's native CA store when verifying +the certificate. Depending on how curl was built, this may already be the +default. With the curl command line tool: `--ca-native`. @@ -102,14 +106,46 @@ latest Firefox bundle. ## Native CA store -If curl was built with Schannel or was instructed to use the native CA Store, -then curl uses the certificates that are built into the OS. These are the same -certificates that appear in the Internet Options control panel (under Windows) -or Keychain Access application (under macOS). Any custom security rules for -certificates are honored. +### Windows + Schannel + +If curl was built with Schannel, then curl uses the certificates that are +built into the OS. These are the same certificates that appear in the +Internet Options control panel (under Windows). +Any custom security rules for certificates are honored. Schannel runs CRL checks on certificates unless peer verification is disabled. +### Apple + OpenSSL/GnuTLS + +When curl is built with Apple SecTrust enabled and uses an OpenSSL compatible +TLS backend or GnuTLS, the default verification is handled by that Apple +service. As in: + + curl https://example.com + +You may still provide your own certificates on the command line, such as: + + curl --cacert mycerts.pem https://example.com + +In this situation, Apple SecTrust is **not** used and verification is done +**only** with the trust anchors found in `mycerts.pem`. If you want **both** +Apple SecTrust and your own file to be considered, use: + + curl --ca-native --cacert mycerts.pem https://example.com + + +#### Other Combinations + +How well the use of native CA stores work in all other combinations depends +on the TLS backend and the OS. Many TLS backends offer functionality to access +the native CA on a range of operating systems. Some provide this only on specific +configurations. + +Specific support in curl exists for Windows and OpenSSL compatible TLS backends. +It tries to load the certificates from the Windows "CA" and "ROOT" stores for +transfers requesting the native CA. Due to Window's delayed population of those +stores, this might not always find all certificates. + ## HTTPS proxy curl can do HTTPS to the proxy separately from the connection to the server. diff --git a/docs/cmdline-opts/ca-native.md b/docs/cmdline-opts/ca-native.md index 7e833c9d15..a8e8c5e9a8 100644 --- a/docs/cmdline-opts/ca-native.md +++ b/docs/cmdline-opts/ca-native.md @@ -25,12 +25,14 @@ This option is independent of other CA certificate locations set at run time or build time. Those locations are searched in addition to the native CA store. This option works with OpenSSL and its forks (LibreSSL, BoringSSL, etc) on -Windows. (Added in 7.71.0) +Windows (Added in 7.71.0) and on Apple OS when libcurl is built with +Apple SecTrust enabled. (Added in 8.17.0) This option works with wolfSSL on Windows, Linux (Debian, Ubuntu, Gentoo, Fedora, RHEL), macOS, Android and iOS. (Added in 8.3.0) -This option works with GnuTLS. (Added in 8.5.0) +This option works with GnuTLS (Added in 8.5.0) and also uses Apple +SecTrust when libcurl is built with it. (Added in 8.17.0) This option works with rustls on Windows, macOS, Android and iOS. On Linux it is equivalent to using the Mozilla CA certificate bundle. When used with rustls diff --git a/lib/Makefile.inc b/lib/Makefile.inc index 1447e53a1e..ff8144fb5a 100644 --- a/lib/Makefile.inc +++ b/lib/Makefile.inc @@ -77,6 +77,7 @@ LIB_VAUTH_HFILES = \ vauth/vauth.h LIB_VTLS_CFILES = \ + vtls/apple.c \ vtls/cipher_suite.c \ vtls/gtls.c \ vtls/hostcheck.c \ @@ -94,6 +95,7 @@ LIB_VTLS_CFILES = \ vtls/x509asn1.c LIB_VTLS_HFILES = \ + vtls/apple.h \ vtls/cipher_suite.h \ vtls/gtls.h \ vtls/hostcheck.h \ diff --git a/lib/curl_config.h.cmake b/lib/curl_config.h.cmake index bc8c1cd487..521a439eef 100644 --- a/lib/curl_config.h.cmake +++ b/lib/curl_config.h.cmake @@ -788,6 +788,9 @@ ${SIZEOF_TIME_T_CODE} /* to enable Apple IDN */ #cmakedefine USE_APPLE_IDN 1 +/* to enable Apple OS-native certificate verification */ +#cmakedefine USE_APPLE_SECTRUST 1 + /* Define to 1 if OpenSSL has the SSL_CTX_set_srp_username function. */ #cmakedefine HAVE_OPENSSL_SRP 1 diff --git a/lib/setopt.c b/lib/setopt.c index 3f628c443c..1c9ee42d41 100644 --- a/lib/setopt.c +++ b/lib/setopt.c @@ -2206,6 +2206,7 @@ static CURLcode setopt_cptr(struct Curl_easy *data, CURLoption option, /* * Set CA info for SSL connection. Specify filename of the CA certificate */ + s->ssl.custom_cafile = TRUE; return Curl_setstropt(&s->str[STRING_SSL_CAFILE], ptr); #ifndef CURL_DISABLE_PROXY @@ -2214,6 +2215,7 @@ static CURLcode setopt_cptr(struct Curl_easy *data, CURLoption option, * Set CA info SSL connection for proxy. Specify filename of the * CA certificate */ + s->proxy_ssl.custom_cafile = TRUE; return Curl_setstropt(&s->str[STRING_SSL_CAFILE_PROXY], ptr); #endif @@ -2223,9 +2225,11 @@ static CURLcode setopt_cptr(struct Curl_easy *data, CURLoption option, * certificates which have been prepared using openssl c_rehash utility. */ #ifdef USE_SSL - if(Curl_ssl_supports(data, SSLSUPP_CA_PATH)) + if(Curl_ssl_supports(data, SSLSUPP_CA_PATH)) { /* This does not work on Windows. */ + s->ssl.custom_capath = TRUE; return Curl_setstropt(&s->str[STRING_SSL_CAPATH], ptr); + } #endif return CURLE_NOT_BUILT_IN; #ifndef CURL_DISABLE_PROXY @@ -2235,9 +2239,11 @@ static CURLcode setopt_cptr(struct Curl_easy *data, CURLoption option, * CA certificates which have been prepared using openssl c_rehash utility. */ #ifdef USE_SSL - if(Curl_ssl_supports(data, SSLSUPP_CA_PATH)) + if(Curl_ssl_supports(data, SSLSUPP_CA_PATH)) { /* This does not work on Windows. */ + s->proxy_ssl.custom_capath = TRUE; return Curl_setstropt(&s->str[STRING_SSL_CAPATH_PROXY], ptr); + } #endif return CURLE_NOT_BUILT_IN; #endif @@ -2900,8 +2906,10 @@ static CURLcode setopt_blob(struct Curl_easy *data, CURLoption option, * Specify entire PEM of the CA certificate */ #ifdef USE_SSL - if(Curl_ssl_supports(data, SSLSUPP_CAINFO_BLOB)) + if(Curl_ssl_supports(data, SSLSUPP_CAINFO_BLOB)) { + s->ssl.custom_cablob = TRUE; return Curl_setblobopt(&s->blobs[BLOB_CAINFO], blob); + } #endif return CURLE_NOT_BUILT_IN; case CURLOPT_ISSUERCERT_BLOB: diff --git a/lib/url.c b/lib/url.c index 41a63890e6..0dface920d 100644 --- a/lib/url.c +++ b/lib/url.c @@ -435,36 +435,6 @@ CURLcode Curl_init_userdefined(struct Curl_easy *data) set->socks5_gssapi_nec = FALSE; #endif - /* Set the default CA cert bundle/path detected/specified at build time. - * - * If Schannel is the selected SSL backend then these locations are ignored. - * We allow setting CA location for Schannel when explicitly specified by - * the user via CURLOPT_CAINFO / --cacert. - */ - if(Curl_ssl_backend() != CURLSSLBACKEND_SCHANNEL) { -#ifdef CURL_CA_BUNDLE - result = Curl_setstropt(&set->str[STRING_SSL_CAFILE], CURL_CA_BUNDLE); - if(result) - return result; -#ifndef CURL_DISABLE_PROXY - result = Curl_setstropt(&set->str[STRING_SSL_CAFILE_PROXY], - CURL_CA_BUNDLE); - if(result) - return result; -#endif -#endif -#ifdef CURL_CA_PATH - result = Curl_setstropt(&set->str[STRING_SSL_CAPATH], CURL_CA_PATH); - if(result) - return result; -#ifndef CURL_DISABLE_PROXY - result = Curl_setstropt(&set->str[STRING_SSL_CAPATH_PROXY], CURL_CA_PATH); - if(result) - return result; -#endif -#endif - } - /* set default minimum TLS version */ #ifdef USE_SSL Curl_setopt_SSLVERSION(data, CURLOPT_SSLVERSION, CURL_SSLVERSION_DEFAULT); diff --git a/lib/urldata.h b/lib/urldata.h index 3c7e634b00..d924b91194 100644 --- a/lib/urldata.h +++ b/lib/urldata.h @@ -285,6 +285,9 @@ struct ssl_config_data { BIT(native_ca_store); /* use the native ca store of operating system */ BIT(auto_client_cert); /* automatically locate and use a client certificate for authentication (Schannel) */ + BIT(custom_cafile); /* application has set custom CA file */ + BIT(custom_capath); /* application has set custom CA path */ + BIT(custom_cablob); /* application has set custom CA blob */ }; struct ssl_general_config { diff --git a/lib/vquic/vquic-tls.c b/lib/vquic/vquic-tls.c index 4bdd23c981..6576c5cd45 100644 --- a/lib/vquic/vquic-tls.c +++ b/lib/vquic/vquic-tls.c @@ -130,7 +130,7 @@ CURLcode Curl_vquic_tls_before_recv(struct curl_tls_ctx *ctx, { #ifdef USE_OPENSSL if(!ctx->ossl.x509_store_setup) { - CURLcode result = Curl_ssl_setup_x509_store(cf, data, ctx->ossl.ssl_ctx); + CURLcode result = Curl_ssl_setup_x509_store(cf, data, &ctx->ossl); if(result) return result; ctx->ossl.x509_store_setup = TRUE; @@ -170,7 +170,7 @@ CURLcode Curl_vquic_tls_verify_peer(struct curl_tls_ctx *ctx, result = Curl_ossl_check_peer_cert(cf, data, &ctx->ossl, peer); #elif defined(USE_GNUTLS) if(conn_config->verifyhost) { - result = Curl_gtls_verifyserver(data, ctx->gtls.session, + result = Curl_gtls_verifyserver(cf, data, ctx->gtls.session, conn_config, &data->set.ssl, peer, data->set.str[STRING_SSL_PINNEDPUBLICKEY]); if(result) diff --git a/lib/vtls/apple.c b/lib/vtls/apple.c new file mode 100644 index 0000000000..b565c8f031 --- /dev/null +++ b/lib/vtls/apple.c @@ -0,0 +1,297 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + * SPDX-License-Identifier: curl + * + ***************************************************************************/ + +/* This file is for implementing all "generic" SSL functions that all libcurl + internals should use. It is then responsible for calling the proper + "backend" function. + + SSL-functions in libcurl should call functions in this source file, and not + to any specific SSL-layer. + + Curl_ssl_ - prefix for generic ones + + Note that this source code uses the functions of the configured SSL + backend via the global Curl_ssl instance. + + "SSL/TLS Strong Encryption: An Introduction" + https://httpd.apache.org/docs/2.0/ssl/ssl_intro.html +*/ + +#include "../curl_setup.h" + +#include "../urldata.h" +#include "../cfilters.h" +#include "../curl_trc.h" +#include "vtls.h" +#include "apple.h" + +#if defined(USE_SSL) && defined(USE_APPLE_SECTRUST) +#include +#endif /* USE_SSL && USE_APPLE_SECTRUST */ + +/* The last #include files should be: */ +#include "../curl_memory.h" +#include "../memdebug.h" + + +#if defined(USE_SSL) && defined(USE_APPLE_SECTRUST) +#define SSL_SYSTEM_VERIFIER + +#if (defined(MAC_OS_X_VERSION_MAX_ALLOWED) \ + && MAC_OS_X_VERSION_MAX_ALLOWED >= 101400) \ + || (defined(__IPHONE_OS_VERSION_MAX_ALLOWED) \ + && __IPHONE_OS_VERSION_MAX_ALLOWED >= 120000) +#define SUPPORTS_SecTrustEvaluateWithError 1 +#endif + +#if defined(SUPPORTS_SecTrustEvaluateWithError) \ + && ((defined(MAC_OS_X_VERSION_MIN_REQUIRED) \ + && MAC_OS_X_VERSION_MIN_REQUIRED >= 101400) \ + || (defined(__IPHONE_OS_VERSION_MIN_REQUIRED) \ + && __IPHONE_OS_VERSION_MIN_REQUIRED >= 120000)) +#define REQUIRES_SecTrustEvaluateWithError 1 +#endif + +#if defined(SUPPORTS_SecTrustEvaluateWithError) \ + && !defined(HAVE_BUILTIN_AVAILABLE) \ + && !defined(REQUIRES_SecTrustEvaluateWithError) +#undef SUPPORTS_SecTrustEvaluateWithError +#endif + +#if (defined(MAC_OS_X_VERSION_MAX_ALLOWED) \ + && MAC_OS_X_VERSION_MAX_ALLOWED >= 100900) \ + || (defined(__IPHONE_OS_VERSION_MAX_ALLOWED) \ + && __IPHONE_OS_VERSION_MAX_ALLOWED >= 70000) +#define SUPPORTS_SecOCSP 1 +#endif + +CURLcode Curl_vtls_apple_verify(struct Curl_cfilter *cf, + struct Curl_easy *data, + struct ssl_peer *peer, + size_t num_certs, + Curl_vtls_get_cert_der *der_cb, + void *cb_user_data, + const unsigned char *ocsp_buf, + size_t ocsp_len) +{ + struct ssl_primary_config *conn_config = Curl_ssl_cf_get_primary_config(cf); + CURLcode result = CURLE_OK; + SecTrustRef trust = NULL; + SecPolicyRef policy = NULL; + CFMutableArrayRef policies = NULL; + CFMutableArrayRef cert_array = NULL; + CFStringRef host_str = NULL; + CFErrorRef error = NULL; + OSStatus status = noErr; + CFStringRef error_ref = NULL; + char *err_desc = NULL; + size_t i; + + if(conn_config->verifyhost) { + host_str = CFStringCreateWithCString(NULL, + peer->sni ? peer->sni : peer->hostname, kCFStringEncodingUTF8); + if(!host_str) { + result = CURLE_OUT_OF_MEMORY; + goto out; + } + } + + policies = CFArrayCreateMutable(NULL, 2, &kCFTypeArrayCallBacks); + if(!policies) { + result = CURLE_OUT_OF_MEMORY; + goto out; + } + + policy = SecPolicyCreateSSL(true, host_str); + if(!policy) { + result = CURLE_OUT_OF_MEMORY; + goto out; + } + + CFArrayAppendValue(policies, policy); + CFRelease(policy); + policy = NULL; + +#if defined(HAVE_BUILTIN_AVAILABLE) && defined(SUPPORTS_SecOCSP) + { + struct ssl_config_data *ssl_config = Curl_ssl_cf_get_config(cf, data); + if(!ssl_config->no_revoke) { + if(__builtin_available(macOS 10.9, iOS 7, tvOS 9, watchOS 2, *)) { + /* Even without this set, validation will seemingly-unavoidably fail + * for certificates that trustd already knows to be revoked. + * This policy further allows trustd to consult CRLs and OCSP data + * to determine revocation status (which it may then cache). */ + CFOptionFlags revocation_flags = kSecRevocationUseAnyAvailableMethod; +#if 0 + /* `revoke_best_effort` is off by default in libcurl. When we + * add `kSecRevocationRequirePositiveResponse` to the Apple + * Trust policies, it interprets this as it NEEDs a confirmation + * of a cert being NOT REVOKED. Which not in general available for + * certificates on the internet. + * It seems that applications using this policy are expected to PIN + * their certificate public keys or verification will fail. + * This does not seem to be what we want here. */ + if(!ssl_config->revoke_best_effort) { + revocation_flags |= kSecRevocationRequirePositiveResponse; + } +#endif + policy = SecPolicyCreateRevocation(revocation_flags); + if(!policy) { + result = CURLE_OUT_OF_MEMORY; + goto out; + } + + CFArrayAppendValue(policies, policy); + } + } + } +#endif + + cert_array = CFArrayCreateMutable(NULL, num_certs, &kCFTypeArrayCallBacks); + if(!cert_array) { + result = CURLE_OUT_OF_MEMORY; + goto out; + } + + for(i = 0; i < num_certs; i++) { + SecCertificateRef cert; + CFDataRef certdata; + unsigned char *der; + size_t der_len; + + result = der_cb(cf, data, cb_user_data, i, &der, &der_len); + if(result) + goto out; + + certdata = CFDataCreate(NULL, der, (CFIndex)der_len); + if(!certdata) { + result = CURLE_OUT_OF_MEMORY; + goto out; + } + + cert = SecCertificateCreateWithData(NULL, certdata); + CFRelease(certdata); + if(!cert) { + result = CURLE_OUT_OF_MEMORY; + goto out; + } + + CFArrayAppendValue(cert_array, cert); + CFRelease(cert); + } + + status = SecTrustCreateWithCertificates(cert_array, policies, &trust); + if(status != noErr || !trust) { + failf(data, "Apple SecTrust: failed to create validation trust"); + result = CURLE_PEER_FAILED_VERIFICATION; + goto out; + } + +#if defined(HAVE_BUILTIN_AVAILABLE) && defined(SUPPORTS_SecOCSP) + if(ocsp_len > 0) { + if(__builtin_available(macOS 10.9, iOS 7, tvOS 9, watchOS 2, *)) { + CFDataRef ocspdata = + CFDataCreate(NULL, ocsp_buf, (CFIndex)ocsp_len); + + status = SecTrustSetOCSPResponse(trust, ocspdata); + CFRelease(ocspdata); + if(status != noErr) { + failf(data, "Apple SecTrust: failed to set OCSP response: %i", + (int)status); + result = CURLE_PEER_FAILED_VERIFICATION; + goto out; + } + } + } +#else + (void)ocsp_buf; + (void)ocsp_len; +#endif + +#ifdef SUPPORTS_SecTrustEvaluateWithError +#if defined(HAVE_BUILTIN_AVAILABLE) + if(__builtin_available(macOS 10.14, iOS 12, tvOS 12, watchOS 5, *)) { +#else + if(1) { +#endif + result = SecTrustEvaluateWithError(trust, &error) ? + CURLE_OK : CURLE_PEER_FAILED_VERIFICATION; + if(error) { + CFIndex code = CFErrorGetCode(error); + error_ref = CFErrorCopyDescription(error); + + if(error_ref) { + CFIndex size = CFStringGetMaximumSizeForEncoding( + CFStringGetLength(error_ref), kCFStringEncodingUTF8); + err_desc = malloc(size + 1); + if(err_desc) { + if(!CFStringGetCString(error_ref, err_desc, size, + kCFStringEncodingUTF8)) { + free(err_desc); + err_desc = NULL; + } + } + } + infof(data, "Apple SecTrust failure %ld%s%s", code, + err_desc ? ": " : "", err_desc ? err_desc : ""); + } + } + else +#endif /* SUPPORTS_SecTrustEvaluateWithError */ + { +#ifndef REQUIRES_SecTrustEvaluateWithError + SecTrustResultType sec_result; + status = SecTrustEvaluate(trust, &sec_result); + + if(status != noErr) { + failf(data, "Apple SecTrust verification failed: error %i", (int)status); + } + else if((status == kSecTrustResultUnspecified) || + (status == kSecTrustResultProceed)) { + /* "unspecified" means system-trusted with no explicit user setting */ + result = CURLE_OK; + } +#endif /* REQUIRES_SecTrustEvaluateWithError */ + } + +out: + free(err_desc); + if(error_ref) + CFRelease(error_ref); + if(error) + CFRelease(error); + if(host_str) + CFRelease(host_str); + if(policies) + CFRelease(policies); + if(policy) + CFRelease(policy); + if(cert_array) + CFRelease(cert_array); + if(trust) + CFRelease(trust); + return result; +} + +#endif /* USE_SSL && USE_APPLE_SECTRUST */ diff --git a/lib/vtls/apple.h b/lib/vtls/apple.h new file mode 100644 index 0000000000..c965a449f1 --- /dev/null +++ b/lib/vtls/apple.h @@ -0,0 +1,55 @@ +#ifndef HEADER_CURL_VTLS_APPLE_H +#define HEADER_CURL_VTLS_APPLE_H +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) Jan Venekamp, + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + * SPDX-License-Identifier: curl + * + ***************************************************************************/ + +#include "../curl_setup.h" + +#if defined(USE_SSL) && defined(USE_APPLE_SECTRUST) +struct Curl_cfilter; +struct Curl_easy; +struct ssl_peer; + +/* Get the DER encoded i-th certificate in the server handshake */ +typedef CURLcode Curl_vtls_get_cert_der(struct Curl_cfilter *cf, + struct Curl_easy *data, + void *user_data, + size_t i, + unsigned char **pder, + size_t *pder_len); + +/* Ask Apple's Security framework to verify the certificate chain + * send by the peer. On CURLE_OK it has been verified. + */ +CURLcode Curl_vtls_apple_verify(struct Curl_cfilter *cf, + struct Curl_easy *data, + struct ssl_peer *peer, + size_t num_certs, + Curl_vtls_get_cert_der *der_cb, + void *cb_user_data, + const unsigned char *ocsp_buf, + size_t ocsp_len); +#endif /* USE_SSL && USE_APPLE_SECTRUST */ + +#endif /* HEADER_CURL_VTLS_APPLE_H */ diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index 2db73ca2d5..3d69ab1d1c 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -48,6 +48,7 @@ #include "vtls.h" #include "vtls_int.h" #include "vtls_scache.h" +#include "apple.h" #include "../vauth/vauth.h" #include "../parsedate.h" #include "../connect.h" /* for the connect timeout */ @@ -454,62 +455,75 @@ static CURLcode gtls_populate_creds(struct Curl_cfilter *cf, { struct ssl_primary_config *config = Curl_ssl_cf_get_primary_config(cf); struct ssl_config_data *ssl_config = Curl_ssl_cf_get_config(cf, data); + bool creds_are_empty = TRUE; int rc; - if(config->verifypeer) { - bool imported_native_ca = FALSE; - - if(ssl_config->native_ca_store) { - rc = gnutls_certificate_set_x509_system_trust(creds); - if(rc < 0) - infof(data, "error reading native ca store (%s), continuing anyway", - gnutls_strerror(rc)); - else { - infof(data, "found %d certificates in native ca store", rc); - if(rc > 0) - imported_native_ca = TRUE; - } - } - - if(config->CAfile) { - /* set the trusted CA cert bundle file */ - gnutls_certificate_set_verify_flags(creds, - GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT); - - rc = gnutls_certificate_set_x509_trust_file(creds, - config->CAfile, - GNUTLS_X509_FMT_PEM); - if(rc < 0) { - infof(data, "error reading ca cert file %s (%s)%s", - config->CAfile, gnutls_strerror(rc), - (imported_native_ca ? ", continuing anyway" : "")); - if(!imported_native_ca) { - ssl_config->certverifyresult = rc; - return CURLE_SSL_CACERT_BADFILE; - } - } - else - infof(data, "found %d certificates in %s", rc, config->CAfile); - } - - if(config->CApath) { - /* set the trusted CA cert directory */ - rc = gnutls_certificate_set_x509_trust_dir(creds, config->CApath, - GNUTLS_X509_FMT_PEM); - if(rc < 0) { - infof(data, "error reading ca cert file %s (%s)%s", - config->CApath, gnutls_strerror(rc), - (imported_native_ca ? ", continuing anyway" : "")); - if(!imported_native_ca) { - ssl_config->certverifyresult = rc; - return CURLE_SSL_CACERT_BADFILE; - } - } - else - infof(data, "found %d certificates in %s", rc, config->CApath); - } + if(!config->verifypeer) { + infof(data, "SSL Trust: peer verification disabled"); + return CURLE_OK; } + infof(data, "SSL Trust Anchors:"); + if(ssl_config->native_ca_store) { +#ifdef USE_APPLE_SECTRUST + infof(data, " Native: Apple SecTrust"); + creds_are_empty = FALSE; +#else + rc = gnutls_certificate_set_x509_system_trust(creds); + if(rc < 0) + infof(data, "error reading native ca store (%s), continuing anyway", + gnutls_strerror(rc)); + else { + infof(data, " Native: %d certificates from system trust", rc); + if(rc > 0) + creds_are_empty = FALSE; + } +#endif + } + + if(config->CAfile) { + /* set the trusted CA cert bundle file */ + gnutls_certificate_set_verify_flags(creds, + GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT); + + rc = gnutls_certificate_set_x509_trust_file(creds, + config->CAfile, + GNUTLS_X509_FMT_PEM); + creds_are_empty = creds_are_empty && (rc <= 0); + if(rc < 0) { + infof(data, "error reading ca cert file %s (%s)%s", + config->CAfile, gnutls_strerror(rc), + (creds_are_empty ? "" : ", continuing anyway")); + if(creds_are_empty) { + ssl_config->certverifyresult = rc; + return CURLE_SSL_CACERT_BADFILE; + } + } + else + infof(data, " CAfile: %d certificates in %s", rc, config->CAfile); + } + + if(config->CApath) { + /* set the trusted CA cert directory */ + rc = gnutls_certificate_set_x509_trust_dir(creds, config->CApath, + GNUTLS_X509_FMT_PEM); + creds_are_empty = creds_are_empty && (rc <= 0); + if(rc < 0) { + infof(data, "error reading ca cert file %s (%s)%s", + config->CApath, gnutls_strerror(rc), + (creds_are_empty ? "" : ", continuing anyway")); + if(creds_are_empty) { + ssl_config->certverifyresult = rc; + return CURLE_SSL_CACERT_BADFILE; + } + } + else + infof(data, " CApath: %d certificates in %s", rc, config->CApath); + } + + if(creds_are_empty) + infof(data, " no trust anchors configured"); + if(config->CRLfile) { /* set the CRL list file */ rc = gnutls_certificate_set_x509_crl_file(creds, config->CRLfile, @@ -520,7 +534,7 @@ static CURLcode gtls_populate_creds(struct Curl_cfilter *cf, return CURLE_SSL_CRL_BADFILE; } else - infof(data, "found %d CRL in %s", rc, config->CRLfile); + infof(data, " CRLfile: %d CRL in %s", rc, config->CRLfile); } return CURLE_OK; @@ -1520,31 +1534,76 @@ out: return result; } +struct gtls_cert_chain { + const gnutls_datum_t *certs; + unsigned int num_certs; +}; + +#ifdef USE_APPLE_SECTRUST +static CURLcode gtls_chain_get_der(struct Curl_cfilter *cf, + struct Curl_easy *data, + void *user_data, + size_t i, + unsigned char **pder, + size_t *pder_len) +{ + struct gtls_cert_chain *chain = user_data; + + (void)cf; + (void)data; + *pder_len = 0; + *pder = NULL; + + if(i >= chain->num_certs) + return CURLE_TOO_LARGE; + *pder = chain->certs[i].data; + *pder_len = (size_t)chain->certs[i].size; + return CURLE_OK; +} + +static CURLcode glts_apple_verify(struct Curl_cfilter *cf, + struct Curl_easy *data, + struct ssl_peer *peer, + struct gtls_cert_chain *chain, + bool *pverified) +{ + CURLcode result; + + result = Curl_vtls_apple_verify(cf, data, peer, chain->num_certs, + gtls_chain_get_der, chain, + NULL, 0); + *pverified = !result; + if(*pverified) + infof(data, " SSL certificate verified by Apple SecTrust."); + return result; +} +#endif /* USE_APPLE_SECTRUST */ + CURLcode -Curl_gtls_verifyserver(struct Curl_easy *data, +Curl_gtls_verifyserver(struct Curl_cfilter *cf, + struct Curl_easy *data, gnutls_session_t session, struct ssl_primary_config *config, struct ssl_config_data *ssl_config, struct ssl_peer *peer, const char *pinned_key) { - unsigned int cert_list_size; - const gnutls_datum_t *chainp; - unsigned int verify_status = 0; + struct gtls_cert_chain chain; gnutls_x509_crt_t x509_cert = NULL, x509_issuer = NULL; time_t certclock; int rc; CURLcode result = CURLE_OK; long * const certverifyresult = &ssl_config->certverifyresult; + (void)cf; /* This function will return the peer's raw certificate (chain) as sent by the peer. These certificates are in raw format (DER encoded for X.509). In case of a X.509 then a certificate list may be present. The first certificate in the list is the peer's certificate, following the issuer's certificate, then the issuer's issuer etc. */ - chainp = gnutls_certificate_get_peers(session, &cert_list_size); - if(!chainp) { + chain.certs = gnutls_certificate_get_peers(session, &chain.num_certs); + if(!chain.certs) { if(config->verifypeer || config->verifyhost || config->issuercert) { @@ -1567,16 +1626,16 @@ Curl_gtls_verifyserver(struct Curl_easy *data, infof(data, " common name: WARNING could not obtain"); } - if(data->set.ssl.certinfo && chainp) { + if(data->set.ssl.certinfo && chain.certs) { unsigned int i; - result = Curl_ssl_init_certinfo(data, (int)cert_list_size); + result = Curl_ssl_init_certinfo(data, (int)chain.num_certs); if(result) goto out; - for(i = 0; i < cert_list_size; i++) { - const char *beg = (const char *) chainp[i].data; - const char *end = beg + chainp[i].size; + for(i = 0; i < chain.num_certs; i++) { + const char *beg = (const char *) chain.certs[i].data; + const char *end = beg + chain.certs[i].size; result = Curl_extract_certinfo(data, (int)i, beg, end); if(result) @@ -1585,13 +1644,15 @@ Curl_gtls_verifyserver(struct Curl_easy *data, } if(config->verifypeer) { - /* This function will try to verify the peer's certificate and return its - status (trusted, invalid etc.). The value of status should be one or - more of the gnutls_certificate_status_t enumerated elements bitwise - or'd. To avoid denial of service attacks some default upper limits - regarding the certificate key size and chain size are set. To override - them use gnutls_certificate_set_verify_limits(). */ - + bool verified = FALSE; + unsigned int verify_status = 0; + /* This function will try to verify the peer's certificate and return + its status (trusted, invalid etc.). The value of status should be + one or more of the gnutls_certificate_status_t enumerated elements + bitwise or'd. To avoid denial of service attacks some default + upper limits regarding the certificate key size and chain size + are set. To override them use + gnutls_certificate_set_verify_limits(). */ rc = gnutls_certificate_verify_peers2(session, &verify_status); if(rc < 0) { failf(data, "server cert verify failed: %d", rc); @@ -1599,37 +1660,109 @@ Curl_gtls_verifyserver(struct Curl_easy *data, result = CURLE_SSL_CONNECT_ERROR; goto out; } - *certverifyresult = verify_status; + verified = !(verify_status & GNUTLS_CERT_INVALID); + if(verified) + infof(data, " SSL certificate verified by GnuTLS"); - /* verify_status is a bitmask of gnutls_certificate_status bits */ - if(verify_status & GNUTLS_CERT_INVALID) { +#ifdef USE_APPLE_SECTRUST + if(!verified && ssl_config->native_ca_store && + (verify_status & GNUTLS_CERT_SIGNER_NOT_FOUND)) { + result = glts_apple_verify(cf, data, peer, &chain, &verified); + if(result && (result != CURLE_PEER_FAILED_VERIFICATION)) + goto out; /* unexpected error */ + if(verified) { + infof(data, "SSL certificate verified via Apple SecTrust."); + *certverifyresult = 0; + } + } +#endif + + if(!verified) { + /* verify_status is a bitmask of gnutls_certificate_status bits */ + const char *cause = "certificate error, no details available"; + if(verify_status & GNUTLS_CERT_EXPIRED) + cause = "certificate has expired"; + else if(verify_status & GNUTLS_CERT_SIGNER_NOT_FOUND) + cause = "certificate signer not trusted"; + else if(verify_status & GNUTLS_CERT_INSECURE_ALGORITHM) + cause = "certificate uses insecure algorithm"; + else if(verify_status & GNUTLS_CERT_INVALID_OCSP_STATUS) + cause = "attached OCSP status response is invalid"; + failf(data, "SSL certificate verification failed: %s. (CAfile: %s " + "CRLfile: %s)", cause, + config->CAfile ? config->CAfile : "none", + ssl_config->primary.CRLfile ? + ssl_config->primary.CRLfile : "none"); + result = CURLE_PEER_FAILED_VERIFICATION; + goto out; + } + } + else + infof(data, " SSL certificate verification SKIPPED"); + + /* initialize an X.509 certificate structure. */ + gnutls_x509_crt_init(&x509_cert); + + if(chain.certs) + /* convert the given DER or PEM encoded Certificate to the native + gnutls_x509_crt_t format */ + gnutls_x509_crt_import(x509_cert, chain.certs, GNUTLS_X509_FMT_DER); + + /* Check for time-based validity */ + certclock = gnutls_x509_crt_get_expiration_time(x509_cert); + + if(certclock == (time_t)-1) { + if(config->verifypeer) { + failf(data, "server cert expiration date verify failed"); + *certverifyresult = GNUTLS_CERT_EXPIRED; + result = CURLE_SSL_CONNECT_ERROR; + goto out; + } + else + infof(data, " SSL certificate expiration date verify FAILED"); + } + else { + if(certclock < time(NULL)) { if(config->verifypeer) { - const char *cause = "certificate error, no details available"; - if(verify_status & GNUTLS_CERT_EXPIRED) - cause = "certificate has expired"; - else if(verify_status & GNUTLS_CERT_SIGNER_NOT_FOUND) - cause = "certificate signer not trusted"; - else if(verify_status & GNUTLS_CERT_INSECURE_ALGORITHM) - cause = "certificate uses insecure algorithm"; - else if(verify_status & GNUTLS_CERT_INVALID_OCSP_STATUS) - cause = "attached OCSP status response is invalid"; - failf(data, "server verification failed: %s. (CAfile: %s " - "CRLfile: %s)", cause, - config->CAfile ? config->CAfile : "none", - ssl_config->primary.CRLfile ? - ssl_config->primary.CRLfile : "none"); + failf(data, "server certificate expiration date has passed."); + *certverifyresult = GNUTLS_CERT_EXPIRED; result = CURLE_PEER_FAILED_VERIFICATION; goto out; } else - infof(data, " server certificate verification FAILED"); + infof(data, " SSL certificate expiration date FAILED"); } else - infof(data, " server certificate verification OK"); + infof(data, " SSL certificate expiration date OK"); + } + + certclock = gnutls_x509_crt_get_activation_time(x509_cert); + + if(certclock == (time_t)-1) { + if(config->verifypeer) { + failf(data, "server cert activation date verify failed"); + *certverifyresult = GNUTLS_CERT_NOT_ACTIVATED; + result = CURLE_SSL_CONNECT_ERROR; + goto out; + } + else + infof(data, " SSL certificate activation date verify FAILED"); + } + else { + if(certclock > time(NULL)) { + if(config->verifypeer) { + failf(data, "server certificate not activated yet."); + *certverifyresult = GNUTLS_CERT_NOT_ACTIVATED; + result = CURLE_PEER_FAILED_VERIFICATION; + goto out; + } + else + infof(data, " SSL certificate activation date FAILED"); + } + else + infof(data, " SSL certificate activation date OK"); } - else - infof(data, " server certificate verification SKIPPED"); if(config->verifystatus) { result = gtls_verify_ocsp_status(data, session); @@ -1637,15 +1770,7 @@ Curl_gtls_verifyserver(struct Curl_easy *data, goto out; } else - infof(data, " server certificate status verification SKIPPED"); - - /* initialize an X.509 certificate structure. */ - gnutls_x509_crt_init(&x509_cert); - - if(chainp) - /* convert the given DER or PEM encoded Certificate to the native - gnutls_x509_crt_t format */ - gnutls_x509_crt_import(x509_cert, chainp, GNUTLS_X509_FMT_DER); + infof(data, " SSL certificate status verification SKIPPED"); if(config->issuercert) { gnutls_datum_t issuerp; @@ -1660,7 +1785,7 @@ Curl_gtls_verifyserver(struct Curl_easy *data, result = CURLE_SSL_ISSUER_ERROR; goto out; } - infof(data, " server certificate issuer check OK (Issuer Cert: %s)", + infof(data, " SSL certificate issuer check OK (Issuer Cert: %s)", config->issuercert ? config->issuercert : "none"); } @@ -1725,61 +1850,6 @@ Curl_gtls_verifyserver(struct Curl_easy *data, if(result) goto out; - /* Check for time-based validity */ - certclock = gnutls_x509_crt_get_expiration_time(x509_cert); - - if(certclock == (time_t)-1) { - if(config->verifypeer) { - failf(data, "server cert expiration date verify failed"); - *certverifyresult = GNUTLS_CERT_EXPIRED; - result = CURLE_SSL_CONNECT_ERROR; - goto out; - } - else - infof(data, " server certificate expiration date verify FAILED"); - } - else { - if(certclock < time(NULL)) { - if(config->verifypeer) { - failf(data, "server certificate expiration date has passed."); - *certverifyresult = GNUTLS_CERT_EXPIRED; - result = CURLE_PEER_FAILED_VERIFICATION; - goto out; - } - else - infof(data, " server certificate expiration date FAILED"); - } - else - infof(data, " server certificate expiration date OK"); - } - - certclock = gnutls_x509_crt_get_activation_time(x509_cert); - - if(certclock == (time_t)-1) { - if(config->verifypeer) { - failf(data, "server cert activation date verify failed"); - *certverifyresult = GNUTLS_CERT_NOT_ACTIVATED; - result = CURLE_SSL_CONNECT_ERROR; - goto out; - } - else - infof(data, " server certificate activation date verify FAILED"); - } - else { - if(certclock > time(NULL)) { - if(config->verifypeer) { - failf(data, "server certificate not activated yet."); - *certverifyresult = GNUTLS_CERT_NOT_ACTIVATED; - result = CURLE_PEER_FAILED_VERIFICATION; - goto out; - } - else - infof(data, " server certificate activation date FAILED"); - } - else - infof(data, " server certificate activation date OK"); - } - if(pinned_key) { result = pkp_pin_peer_pubkey(data, x509_cert, pinned_key); if(result != CURLE_OK) { @@ -1814,7 +1884,7 @@ static CURLcode gtls_verifyserver(struct Curl_cfilter *cf, #endif CURLcode result; - result = Curl_gtls_verifyserver(data, session, conn_config, ssl_config, + result = Curl_gtls_verifyserver(cf, data, session, conn_config, ssl_config, &connssl->peer, pinned_key); if(result) goto out; diff --git a/lib/vtls/gtls.h b/lib/vtls/gtls.h index 01f8b43ac8..afbe51eb9c 100644 --- a/lib/vtls/gtls.h +++ b/lib/vtls/gtls.h @@ -100,7 +100,8 @@ CURLcode Curl_gtls_client_trust_setup(struct Curl_cfilter *cf, struct Curl_easy *data, struct gtls_ctx *gtls); -CURLcode Curl_gtls_verifyserver(struct Curl_easy *data, +CURLcode Curl_gtls_verifyserver(struct Curl_cfilter *cf, + struct Curl_easy *data, gnutls_session_t session, struct ssl_primary_config *config, struct ssl_config_data *ssl_config, diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 01c0b5513c..193723b649 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -67,6 +67,7 @@ #include "../strdup.h" #include "../strerror.h" #include "../curl_printf.h" +#include "apple.h" #include #include @@ -738,7 +739,7 @@ static int ossl_bio_cf_in_read(BIO *bio, char *buf, int blen) /* Before returning server replies to the SSL instance, we need * to have setup the x509 store or verification will fail. */ if(!octx->x509_store_setup) { - r2 = Curl_ssl_setup_x509_store(cf, data, octx->ssl_ctx); + r2 = Curl_ssl_setup_x509_store(cf, data, octx); if(r2) { BIO_clear_retry_flags(bio); octx->io_result = r2; @@ -1816,6 +1817,7 @@ static CURLcode client_cert(struct Curl_easy *data, return CURLE_OK; } +#ifndef CURL_DISABLE_VERBOSE_STRINGS /* returns non-zero on failure */ static CURLcode x509_name_oneline(X509_NAME *a, struct dynbuf *d) { @@ -1837,6 +1839,7 @@ static CURLcode x509_name_oneline(X509_NAME *a, struct dynbuf *d) } return result; } +#endif /** * Global SSL init @@ -2392,7 +2395,7 @@ static CURLcode ossl_verifyhost(struct Curl_easy *data, string and we cannot match it. */ Curl_cert_hostcheck(altptr, altlen, peer->hostname, hostlen)) { matched = TRUE; - infof(data, " subjectAltName: host \"%s\" matched cert's \"%.*s\"", + infof(data, " subjectAltName: \"%s\" matches cert's \"%.*s\"", peer->dispname, (int)altlen, altptr); } break; @@ -2403,7 +2406,7 @@ static CURLcode ossl_verifyhost(struct Curl_easy *data, if((altlen == addrlen) && !memcmp(altptr, &addr, altlen)) { matched = TRUE; infof(data, - " subjectAltName: host \"%s\" matched cert's IP address!", + " subjectAltName: \"%s\" matches cert's IP address!", peer->dispname); } break; @@ -3169,17 +3172,17 @@ static CURLcode load_cacert_from_memory(X509_STORE *store, } #ifdef USE_WIN32_CRYPTO -static CURLcode import_windows_cert_store(struct Curl_easy *data, - const char *name, - X509_STORE *store, - bool *imported) +static CURLcode ossl_win_load_store(struct Curl_easy *data, + const char *win_store, + X509_STORE *store, + bool *padded) { CURLcode result = CURLE_OK; HCERTSTORE hStore; - *imported = FALSE; + *padded = FALSE; - hStore = CertOpenSystemStoreA(0, name); + hStore = CertOpenSystemStoreA(0, win_store); if(hStore) { PCCERT_CONTEXT pContext = NULL; /* The array of enhanced key usage OIDs will vary per certificate and @@ -3295,7 +3298,7 @@ static CURLcode import_windows_cert_store(struct Curl_easy *data, #if defined(DEBUGBUILD) && !defined(CURL_DISABLE_VERBOSE_STRINGS) infof(data, "SSL: Imported cert"); #endif - *imported = TRUE; + *padded = TRUE; } X509_free(x509); } @@ -3310,125 +3313,181 @@ static CURLcode import_windows_cert_store(struct Curl_easy *data, return result; } + +static CURLcode ossl_windows_load_anchors(struct Curl_cfilter *cf, + struct Curl_easy *data, + X509_STORE *store, + bool *padded) +{ + /* Import certificates from the Windows root certificate store if + requested. + https://stackoverflow.com/questions/9507184/ + https://github.com/d3x0r/SACK/blob/master/src/netlib/ssl_layer.c#L1037 + https://datatracker.ietf.org/doc/html/rfc5280 */ + const char *win_stores[] = { + "ROOT", /* Trusted Root Certification Authorities */ + "CA" /* Intermediate Certification Authorities */ + }; + size_t i; + CURLcode result = CURLE_OK; + + *padded = FALSE; + for(i = 0; i < CURL_ARRAYSIZE(win_stores); ++i) { + bool store_added = FALSE; + result = ossl_win_load_store(data, win_stores[i], store, &store_added); + if(result) + return result; + if(store_added) { + CURL_TRC_CF(data, cf, "added trust anchors from Windows %s store", + win_stores[i]); + *padded = TRUE; + } + else + infof(data, "error importing Windows %s store, continuing anyway", + win_stores[i]); + } + return result; +} + +#endif /* USE_WIN32_CRYPTO */ + +static CURLcode ossl_load_trust_anchors(struct Curl_cfilter *cf, + struct Curl_easy *data, + struct ossl_ctx *octx, + X509_STORE *store) +{ + struct ssl_primary_config *conn_config = Curl_ssl_cf_get_primary_config(cf); + struct ssl_config_data *ssl_config = Curl_ssl_cf_get_config(cf, data); + CURLcode result = CURLE_OK; + const char * const ssl_cafile = + /* CURLOPT_CAINFO_BLOB overrides CURLOPT_CAINFO */ + (conn_config->ca_info_blob ? NULL : conn_config->CAfile); + const char * const ssl_capath = conn_config->CApath; + bool have_native_check = FALSE; + + octx->store_is_empty = TRUE; + if(ssl_config->native_ca_store) { +#ifdef USE_WIN32_CRYPTO + bool added = FALSE; + result = ossl_windows_load_anchors(cf, data, store, &added); + if(result) + return result; + if(added) { + infof(data, " Native: Windows System Stores ROOT+CA"); + octx->store_is_empty = FALSE; + } +#elif defined(USE_APPLE_SECTRUST) + infof(data, " Native: Apple SecTrust"); + have_native_check = TRUE; #endif + } + + if(conn_config->ca_info_blob) { + result = load_cacert_from_memory(store, conn_config->ca_info_blob); + if(result) { + failf(data, "error adding trust anchors from certificate blob: %d", + result); + return result; + } + infof(data, " CA Blob from configuration"); + octx->store_is_empty = FALSE; + } + + if(ssl_cafile || ssl_capath) { +#ifdef HAVE_OPENSSL3 + /* OpenSSL 3.0.0 has deprecated SSL_CTX_load_verify_locations */ + if(ssl_cafile) { + if(!X509_STORE_load_file(store, ssl_cafile)) { + if(octx->store_is_empty && !have_native_check) { + /* Fail if we insist on successfully verifying the server. */ + failf(data, "error adding trust anchors from file: %s", ssl_cafile); + return CURLE_SSL_CACERT_BADFILE; + } + else + infof(data, "error setting certificate file, continuing anyway"); + } + infof(data, " CAfile: %s", ssl_cafile); + octx->store_is_empty = FALSE; + } + if(ssl_capath) { + if(!X509_STORE_load_path(store, ssl_capath)) { + if(octx->store_is_empty && !have_native_check) { + /* Fail if we insist on successfully verifying the server. */ + failf(data, "error adding trust anchors from path: %s", ssl_capath); + return CURLE_SSL_CACERT_BADFILE; + } + else + infof(data, "error setting certificate path, continuing anyway"); + } + infof(data, " CApath: %s", ssl_capath); + octx->store_is_empty = FALSE; + } +#else + /* tell OpenSSL where to find CA certificates that are used to verify the + server's certificate. */ + if(!X509_STORE_load_locations(store, ssl_cafile, ssl_capath)) { + if(octx->store_is_empty && !have_native_check) { + /* Fail if we insist on successfully verifying the server. */ + failf(data, "error adding trust anchors from locations:" + " CAfile: %s CApath: %s", + ssl_cafile ? ssl_cafile : "none", + ssl_capath ? ssl_capath : "none"); + return CURLE_SSL_CACERT_BADFILE; + } + else { + infof(data, "error setting certificate verify locations," + " continuing anyway"); + } + } + if(ssl_cafile) + infof(data, " CAfile: %s", ssl_cafile); + if(ssl_capath) + infof(data, " CApath: %s", ssl_capath); + octx->store_is_empty = FALSE; +#endif + } + +#ifdef CURL_CA_FALLBACK + if(octx->store_is_empty) { + /* verifying the peer without any CA certificates will not + work so use OpenSSL's built-in default as fallback */ + X509_STORE_set_default_paths(store); + infof(data, " OpenSSL default paths (fallback)"); + octx->store_is_empty = FALSE; + } +#endif + if(octx->store_is_empty && !have_native_check) + infof(data, " no trust anchors configured"); + + return result; +} static CURLcode ossl_populate_x509_store(struct Curl_cfilter *cf, struct Curl_easy *data, + struct ossl_ctx *octx, X509_STORE *store) { struct ssl_primary_config *conn_config = Curl_ssl_cf_get_primary_config(cf); struct ssl_config_data *ssl_config = Curl_ssl_cf_get_config(cf, data); CURLcode result = CURLE_OK; X509_LOOKUP *lookup = NULL; - const struct curl_blob *ca_info_blob = conn_config->ca_info_blob; - const char * const ssl_cafile = - /* CURLOPT_CAINFO_BLOB overrides CURLOPT_CAINFO */ - (ca_info_blob ? NULL : conn_config->CAfile); - const char * const ssl_capath = conn_config->CApath; const char * const ssl_crlfile = ssl_config->primary.CRLfile; - const bool verifypeer = conn_config->verifypeer; - bool imported_native_ca = FALSE; - bool imported_ca_info_blob = FALSE; - CURL_TRC_CF(data, cf, "ossl_populate_x509_store, path=%s, blob=%d", - ssl_cafile ? ssl_cafile : "none", !!ca_info_blob); + CURL_TRC_CF(data, cf, "configuring OpenSSL's x509 trust store"); if(!store) return CURLE_OUT_OF_MEMORY; - if(verifypeer) { -#ifdef USE_WIN32_CRYPTO - /* Import certificates from the Windows root certificate store if - requested. - https://stackoverflow.com/questions/9507184/ - https://github.com/d3x0r/SACK/blob/master/src/netlib/ssl_layer.c#L1037 - https://datatracker.ietf.org/doc/html/rfc5280 */ - if(ssl_config->native_ca_store) { - const char *storeNames[] = { - "ROOT", /* Trusted Root Certification Authorities */ - "CA" /* Intermediate Certification Authorities */ - }; - size_t i; - for(i = 0; i < CURL_ARRAYSIZE(storeNames); ++i) { - bool imported = FALSE; - result = import_windows_cert_store(data, storeNames[i], store, - &imported); - if(result) - return result; - if(imported) { - infof(data, "successfully imported Windows %s store", storeNames[i]); - imported_native_ca = TRUE; - } - else - infof(data, "error importing Windows %s store, continuing anyway", - storeNames[i]); - } - } -#endif - if(ca_info_blob) { - result = load_cacert_from_memory(store, ca_info_blob); - if(result) { - failf(data, "error importing CA certificate blob"); - return result; - } - else { - imported_ca_info_blob = TRUE; - infof(data, "successfully imported CA certificate blob"); - } - } - - if(ssl_cafile || ssl_capath) { -#ifdef HAVE_OPENSSL3 - /* OpenSSL 3.0.0 has deprecated SSL_CTX_load_verify_locations */ - if(ssl_cafile && !X509_STORE_load_file(store, ssl_cafile)) { - if(!imported_native_ca && !imported_ca_info_blob) { - /* Fail if we insist on successfully verifying the server. */ - failf(data, "error setting certificate file: %s", ssl_cafile); - return CURLE_SSL_CACERT_BADFILE; - } - else - infof(data, "error setting certificate file, continuing anyway"); - } - if(ssl_capath && !X509_STORE_load_path(store, ssl_capath)) { - if(!imported_native_ca && !imported_ca_info_blob) { - /* Fail if we insist on successfully verifying the server. */ - failf(data, "error setting certificate path: %s", ssl_capath); - return CURLE_SSL_CACERT_BADFILE; - } - else - infof(data, "error setting certificate path, continuing anyway"); - } -#else - /* tell OpenSSL where to find CA certificates that are used to verify the - server's certificate. */ - if(!X509_STORE_load_locations(store, ssl_cafile, ssl_capath)) { - if(!imported_native_ca && !imported_ca_info_blob) { - /* Fail if we insist on successfully verifying the server. */ - failf(data, "error setting certificate verify locations:" - " CAfile: %s CApath: %s", - ssl_cafile ? ssl_cafile : "none", - ssl_capath ? ssl_capath : "none"); - return CURLE_SSL_CACERT_BADFILE; - } - else { - infof(data, "error setting certificate verify locations," - " continuing anyway"); - } - } -#endif - infof(data, " CAfile: %s", ssl_cafile ? ssl_cafile : "none"); - infof(data, " CApath: %s", ssl_capath ? ssl_capath : "none"); - } - -#ifdef CURL_CA_FALLBACK - if(!ssl_cafile && !ssl_capath && - !imported_native_ca && !imported_ca_info_blob) { - /* verifying the peer without any CA certificates will not - work so use OpenSSL's built-in default as fallback */ - X509_STORE_set_default_paths(store); - } -#endif + if(!conn_config->verifypeer) { + infof(data, "SSL Trust: peer verification disabled"); + return CURLE_OK; } + infof(data, "SSL Trust Anchors:"); + result = ossl_load_trust_anchors(cf, data, octx, store); + if(result) + return result; + + /* Does not make sense to load a CRL file without peer verification */ if(ssl_crlfile) { /* tell OpenSSL where to find CRL file that is used to check certificate * revocation */ @@ -3438,33 +3497,28 @@ static CURLcode ossl_populate_x509_store(struct Curl_cfilter *cf, failf(data, "error loading CRL file: %s", ssl_crlfile); return CURLE_SSL_CRL_BADFILE; } - /* Everything is fine. */ - infof(data, "successfully loaded CRL file:"); X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL); - - infof(data, " CRLfile: %s", ssl_crlfile); + infof(data, " CRLfile: %s", ssl_crlfile); } - if(verifypeer) { - /* Try building a chain using issuers in the trusted store first to avoid - problems with server-sent legacy intermediates. Newer versions of - OpenSSL do alternate chain checking by default but we do not know how to - determine that in a reliable manner. - https://web.archive.org/web/20190422050538/rt.openssl.org/Ticket/Display.html?id=3621 - */ - X509_STORE_set_flags(store, X509_V_FLAG_TRUSTED_FIRST); - if(!ssl_config->no_partialchain && !ssl_crlfile) { - /* Have intermediate certificates in the trust store be treated as - trust-anchors, in the same way as self-signed root CA certificates - are. This allows users to verify servers using the intermediate cert - only, instead of needing the whole chain. + /* Try building a chain using issuers in the trusted store first to avoid + problems with server-sent legacy intermediates. Newer versions of + OpenSSL do alternate chain checking by default but we do not know how to + determine that in a reliable manner. + https://web.archive.org/web/20190422050538/rt.openssl.org/Ticket/Display.html?id=3621 + */ + X509_STORE_set_flags(store, X509_V_FLAG_TRUSTED_FIRST); + if(!ssl_config->no_partialchain && !ssl_crlfile) { + /* Have intermediate certificates in the trust store be treated as + trust-anchors, in the same way as self-signed root CA certificates + are. This allows users to verify servers using the intermediate cert + only, instead of needing the whole chain. - Due to OpenSSL bug https://github.com/openssl/openssl/issues/5081 we - cannot do partial chains with a CRL check. - */ - X509_STORE_set_flags(store, X509_V_FLAG_PARTIAL_CHAIN); - } + Due to OpenSSL bug https://github.com/openssl/openssl/issues/5081 we + cannot do partial chains with a CRL check. + */ + X509_STORE_set_flags(store, X509_V_FLAG_PARTIAL_CHAIN); } return result; @@ -3479,6 +3533,7 @@ struct ossl_x509_share { char *CAfile; /* CAfile path used to generate X509 store */ X509_STORE *store; /* cached X509 store or NULL if none */ struct curltime time; /* when the cached store was created */ + BIT(store_is_empty); /* no certs/paths/blobs are in the store */ }; static void oss_x509_share_free(void *key, size_t key_len, void *p) @@ -3523,13 +3578,15 @@ ossl_cached_x509_store_different(struct Curl_cfilter *cf, } static X509_STORE *ossl_get_cached_x509_store(struct Curl_cfilter *cf, - const struct Curl_easy *data) + const struct Curl_easy *data, + bool *pempty) { struct Curl_multi *multi = data->multi; struct ossl_x509_share *share; X509_STORE *store = NULL; DEBUGASSERT(multi); + *pempty = TRUE; share = multi ? Curl_hash_pick(&multi->proto_hash, CURL_UNCONST(MPROTO_OSSL_X509_KEY), sizeof(MPROTO_OSSL_X509_KEY)-1) : NULL; @@ -3537,6 +3594,7 @@ static X509_STORE *ossl_get_cached_x509_store(struct Curl_cfilter *cf, !ossl_cached_x509_store_expired(data, share) && !ossl_cached_x509_store_different(cf, share)) { store = share->store; + *pempty = share->store_is_empty; } return store; @@ -3544,7 +3602,8 @@ static X509_STORE *ossl_get_cached_x509_store(struct Curl_cfilter *cf, static void ossl_set_cached_x509_store(struct Curl_cfilter *cf, const struct Curl_easy *data, - X509_STORE *store) + X509_STORE *store, + bool is_empty) { struct ssl_primary_config *conn_config = Curl_ssl_cf_get_primary_config(cf); struct Curl_multi *multi = data->multi; @@ -3588,19 +3647,20 @@ static void ossl_set_cached_x509_store(struct Curl_cfilter *cf, share->time = curlx_now(); share->store = store; + share->store_is_empty = is_empty; share->CAfile = CAfile; } } CURLcode Curl_ssl_setup_x509_store(struct Curl_cfilter *cf, struct Curl_easy *data, - SSL_CTX *ssl_ctx) + struct ossl_ctx *octx) { struct ssl_primary_config *conn_config = Curl_ssl_cf_get_primary_config(cf); struct ssl_config_data *ssl_config = Curl_ssl_cf_get_config(cf, data); CURLcode result = CURLE_OK; X509_STORE *cached_store; - bool cache_criteria_met; + bool cache_criteria_met, is_empty; /* Consider the X509 store cacheable if it comes exclusively from a CAfile, or no source is provided and we are falling back to OpenSSL's built-in @@ -3614,16 +3674,17 @@ CURLcode Curl_ssl_setup_x509_store(struct Curl_cfilter *cf, ERR_set_mark(); - cached_store = ossl_get_cached_x509_store(cf, data); + cached_store = ossl_get_cached_x509_store(cf, data, &is_empty); if(cached_store && cache_criteria_met && X509_STORE_up_ref(cached_store)) { - SSL_CTX_set_cert_store(ssl_ctx, cached_store); + SSL_CTX_set_cert_store(octx->ssl_ctx, cached_store); + octx->store_is_empty = is_empty; } else { - X509_STORE *store = SSL_CTX_get_cert_store(ssl_ctx); + X509_STORE *store = SSL_CTX_get_cert_store(octx->ssl_ctx); - result = ossl_populate_x509_store(cf, data, store); + result = ossl_populate_x509_store(cf, data, octx, store); if(result == CURLE_OK && cache_criteria_met) { - ossl_set_cached_x509_store(cf, data, store); + ossl_set_cached_x509_store(cf, data, store, octx->store_is_empty); } } @@ -3634,15 +3695,15 @@ CURLcode Curl_ssl_setup_x509_store(struct Curl_cfilter *cf, #else /* HAVE_SSL_X509_STORE_SHARE */ CURLcode Curl_ssl_setup_x509_store(struct Curl_cfilter *cf, struct Curl_easy *data, - SSL_CTX *ssl_ctx) + struct ossl_ctx *octx) { CURLcode result; X509_STORE *store; ERR_set_mark(); - store = SSL_CTX_get_cert_store(ssl_ctx); - result = ossl_populate_x509_store(cf, data, store); + store = SSL_CTX_get_cert_store(octx->ssl_ctx); + result = ossl_populate_x509_store(cf, data, octx, store); ERR_pop_to_mark(); @@ -3900,7 +3961,6 @@ static CURLcode ossl_init_ssl(struct ossl_ctx *octx, SSL_set_connect_state(octx->ssl); - octx->server_cert = NULL; if(peer->sni) { if(!SSL_set_tlsext_host_name(octx->ssl, peer->sni)) { failf(data, "Failed set SNI"); @@ -4004,7 +4064,6 @@ CURLcode Curl_ossl_ctx_init(struct ossl_ctx *octx, char * const ssl_cert = ssl_config->primary.clientcert; const struct curl_blob *ssl_cert_blob = ssl_config->primary.cert_blob; const char * const ssl_cert_type = ssl_config->cert_type; - const bool verifypeer = conn_config->verifypeer; unsigned int ssl_version_min; char error_buffer[256]; @@ -4238,12 +4297,11 @@ CURLcode Curl_ossl_ctx_init(struct ossl_ctx *octx, } #endif /* HAVE_OPENSSL_SRP && USE_TLS_SRP */ - /* OpenSSL always tries to verify the peer, this only says whether it should - * fail to connect if the verification fails, or if it should continue - * anyway. In the latter case the result of the verification is checked with - * SSL_get_verify_result() below. */ - SSL_CTX_set_verify(octx->ssl_ctx, - verifypeer ? SSL_VERIFY_PEER : SSL_VERIFY_NONE, NULL); + /* OpenSSL always tries to verify the peer. By setting the failure mode + * to NONE, we allow the connect to complete, regardless of the outcome. + * We then explicitly check the result and may try alternatives like + * Apple's SecTrust for verification. */ + SSL_CTX_set_verify(octx->ssl_ctx, SSL_VERIFY_NONE, NULL); /* Enable logging of secrets to the file specified in env SSLKEYLOGFILE. */ #ifdef HAVE_KEYLOG_CALLBACK @@ -4269,7 +4327,7 @@ CURLcode Curl_ossl_ctx_init(struct ossl_ctx *octx, * we need to do the full initialization before calling it. * See: #11800 */ if(!octx->x509_store_setup) { - result = Curl_ssl_setup_x509_store(cf, data, octx->ssl_ctx); + result = Curl_ssl_setup_x509_store(cf, data, octx); if(result) return result; octx->x509_store_setup = TRUE; @@ -4481,7 +4539,7 @@ static CURLcode ossl_connect_step2(struct Curl_cfilter *cf, if(!octx->x509_store_setup) { /* After having send off the ClientHello, we prepare the x509 * store to verify the coming certificate from the server */ - CURLcode result = Curl_ssl_setup_x509_store(cf, data, octx->ssl_ctx); + CURLcode result = Curl_ssl_setup_x509_store(cf, data, octx); if(result) return result; octx->x509_store_setup = TRUE; @@ -4762,6 +4820,9 @@ static void infof_certstack(struct Curl_easy *data, const SSL *ssl) int num_cert_levels; int cert_level; + if(!Curl_trc_is_verbose(data)) + return; + verify_result = SSL_get_verify_result(ssl); if(verify_result != X509_V_OK) certstack = SSL_get_peer_cert_chain(ssl); @@ -4818,7 +4879,229 @@ static void infof_certstack(struct Curl_easy *data, const SSL *ssl) #define infof_certstack(data, ssl) #endif +static CURLcode ossl_check_issuer(struct Curl_cfilter *cf, + struct Curl_easy *data, + X509 *server_cert) +{ + struct ssl_primary_config *conn_config = Curl_ssl_cf_get_primary_config(cf); + X509 *issuer = NULL; + BIO *fp = NULL; + char err_buf[256]=""; + bool strict = (conn_config->verifypeer || conn_config->verifyhost); + CURLcode result = CURLE_OK; + + /* e.g. match issuer name with provided issuer certificate */ + if(conn_config->issuercert_blob) { + fp = BIO_new_mem_buf(conn_config->issuercert_blob->data, + (int)conn_config->issuercert_blob->len); + if(!fp) { + failf(data, "BIO_new_mem_buf NULL, " OSSL_PACKAGE " error %s", + ossl_strerror(ERR_get_error(), err_buf, sizeof(err_buf))); + result = CURLE_OUT_OF_MEMORY; + goto out; + } + } + else if(conn_config->issuercert) { + fp = BIO_new(BIO_s_file()); + if(!fp) { + failf(data, "BIO_new return NULL, " OSSL_PACKAGE " error %s", + ossl_strerror(ERR_get_error(), err_buf, sizeof(err_buf))); + result = CURLE_OUT_OF_MEMORY; + goto out; + } + + if(BIO_read_filename(fp, conn_config->issuercert) <= 0) { + if(strict) + failf(data, "SSL: Unable to open issuer cert (%s)", + conn_config->issuercert); + result = CURLE_SSL_ISSUER_ERROR; + goto out; + } + } + + if(fp) { + issuer = PEM_read_bio_X509(fp, NULL, ZERO_NULL, NULL); + if(!issuer) { + if(strict) + failf(data, "SSL: Unable to read issuer cert (%s)", + conn_config->issuercert); + result = CURLE_SSL_ISSUER_ERROR; + goto out; + } + + if(X509_check_issued(issuer, server_cert) != X509_V_OK) { + if(strict) + failf(data, "SSL: Certificate issuer check failed (%s)", + conn_config->issuercert); + result = CURLE_SSL_ISSUER_ERROR; + goto out; + } + + infof(data, " SSL certificate issuer check ok (%s)", + conn_config->issuercert); + } + +out: + if(fp) + BIO_free(fp); + if(issuer) + X509_free(issuer); + return result; +} + +static CURLcode ossl_check_pinned_key(struct Curl_cfilter *cf, + struct Curl_easy *data, + X509 *server_cert) +{ + const char *ptr; + CURLcode result = CURLE_OK; + + (void)cf; +#ifndef CURL_DISABLE_PROXY + ptr = Curl_ssl_cf_is_proxy(cf) ? + data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] : + data->set.str[STRING_SSL_PINNEDPUBLICKEY]; +#else + ptr = data->set.str[STRING_SSL_PINNEDPUBLICKEY]; +#endif + if(ptr) { + result = ossl_pkp_pin_peer_pubkey(data, server_cert, ptr); + if(result) + failf(data, "SSL: public key does not match pinned public key"); + } + return result; +} + +#ifndef CURL_DISABLE_VERBOSE_STRINGS #define MAX_CERT_NAME_LENGTH 2048 +static CURLcode ossl_infof_cert(struct Curl_cfilter *cf, + struct Curl_easy *data, + X509 *server_cert) +{ + struct ssl_primary_config *conn_config = Curl_ssl_cf_get_primary_config(cf); + bool strict = (conn_config->verifypeer || conn_config->verifyhost); + BIO *mem = NULL; + struct dynbuf dname; + char err_buf[256] = ""; + char *buf; + long len; + CURLcode result = CURLE_OK; + + if(!Curl_trc_is_verbose(data)) + return CURLE_OK; + + curlx_dyn_init(&dname, MAX_CERT_NAME_LENGTH); + mem = BIO_new(BIO_s_mem()); + if(!mem) { + failf(data, "BIO_new return NULL, " OSSL_PACKAGE " error %s", + ossl_strerror(ERR_get_error(), err_buf, sizeof(err_buf))); + result = CURLE_OUT_OF_MEMORY; + goto out; + } + + infof(data, "%s certificate:", Curl_ssl_cf_is_proxy(cf) ? + "Proxy" : "Server"); + + result = x509_name_oneline(X509_get_subject_name(server_cert), &dname); + infof(data, " subject: %s", result ? "[NONE]" : curlx_dyn_ptr(&dname)); + + ASN1_TIME_print(mem, X509_get0_notBefore(server_cert)); + len = BIO_get_mem_data(mem, (char **) &buf); + infof(data, " start date: %.*s", (int)len, buf); + (void)BIO_reset(mem); + + ASN1_TIME_print(mem, X509_get0_notAfter(server_cert)); + len = BIO_get_mem_data(mem, (char **) &buf); + infof(data, " expire date: %.*s", (int)len, buf); + (void)BIO_reset(mem); + + result = x509_name_oneline(X509_get_issuer_name(server_cert), &dname); + if(result) { + if(strict) + failf(data, "SSL: could not get X509-issuer name"); + result = CURLE_PEER_FAILED_VERIFICATION; + goto out; + } + infof(data, " issuer: %s", curlx_dyn_ptr(&dname)); + +out: + BIO_free(mem); + curlx_dyn_free(&dname); + return result; +} +#endif /* ! CURL_DISABLE_VERBOSE_STRINGS */ + + +#ifdef USE_APPLE_SECTRUST +struct ossl_certs_ctx { + STACK_OF(X509) *sk; + size_t num_certs; +}; + +static CURLcode ossl_chain_get_der(struct Curl_cfilter *cf, + struct Curl_easy *data, + void *user_data, + size_t i, + unsigned char **pder, + size_t *pder_len) +{ + struct ossl_certs_ctx *chain = user_data; + X509 *cert; + int der_len; + + (void)cf; + (void)data; + *pder_len = 0; + *pder = NULL; + + if(i >= chain->num_certs) + return CURLE_TOO_LARGE; + cert = sk_X509_value(chain->sk, (int)i); + if(!cert) + return CURLE_FAILED_INIT; + der_len = i2d_X509(cert, pder); + if(der_len < 0) + return CURLE_FAILED_INIT; + *pder_len = (size_t)der_len; + return CURLE_OK; +} + +static CURLcode ossl_apple_verify(struct Curl_cfilter *cf, + struct Curl_easy *data, + struct ossl_ctx *octx, + struct ssl_peer *peer, + bool *pverified) +{ + struct ssl_primary_config *conn_config = Curl_ssl_cf_get_primary_config(cf); + struct ossl_certs_ctx chain; + long ocsp_len = 0; +#ifdef HAVE_BORINGSSL_LIKE + const uint8_t *ocsp_data = NULL; +#else + unsigned char *ocsp_data = NULL; +#endif + CURLcode result; + + memset(&chain, 0, sizeof(chain)); + chain.sk = SSL_get_peer_cert_chain(octx->ssl); + chain.num_certs = chain.sk ? sk_X509_num(chain.sk) : 0; + + if(!chain.num_certs && + (conn_config->verifypeer || conn_config->verifyhost)) { + failf(data, "SSL: could not get peer certificate"); + result = CURLE_PEER_FAILED_VERIFICATION; + } + + if(conn_config->verifystatus && !octx->reused_session) + ocsp_len = (long)SSL_get_tlsext_status_ocsp_resp(octx->ssl, &ocsp_data); + + result = Curl_vtls_apple_verify(cf, data, peer, chain.num_certs, + ossl_chain_get_der, &chain, + ocsp_data, ocsp_len); + *pverified = !result; + return result; +} +#endif /* USE_APPLE_SECTRUST */ CURLcode Curl_ossl_check_peer_cert(struct Curl_cfilter *cf, struct Curl_easy *data, @@ -4829,216 +5112,93 @@ CURLcode Curl_ossl_check_peer_cert(struct Curl_cfilter *cf, struct ssl_config_data *ssl_config = Curl_ssl_cf_get_config(cf, data); struct ssl_primary_config *conn_config = Curl_ssl_cf_get_primary_config(cf); CURLcode result = CURLE_OK; - long lerr; - X509 *issuer; - BIO *fp = NULL; - char error_buffer[256]=""; - const char *ptr; - BIO *mem = BIO_new(BIO_s_mem()); + long ossl_verify; bool strict = (conn_config->verifypeer || conn_config->verifyhost); - struct dynbuf dname; - - DEBUGASSERT(octx); - - curlx_dyn_init(&dname, MAX_CERT_NAME_LENGTH); - - if(!mem) { - failf(data, - "BIO_new return NULL, " OSSL_PACKAGE " error %s", - ossl_strerror(ERR_get_error(), error_buffer, - sizeof(error_buffer)) ); - return CURLE_OUT_OF_MEMORY; - } + X509 *server_cert; + bool verified = FALSE; if(data->set.ssl.certinfo && !octx->reused_session) { /* asked to gather certificate info. Reused sessions don't have cert chains */ result = ossl_certchain(data, octx->ssl); - if(result) { - BIO_free(mem); + if(result) return result; - } } - octx->server_cert = SSL_get1_peer_certificate(octx->ssl); - if(!octx->server_cert) { - BIO_free(mem); + server_cert = SSL_get1_peer_certificate(octx->ssl); + if(!server_cert) { if(!strict) - return CURLE_OK; + goto out; failf(data, "SSL: could not get peer certificate"); - return CURLE_PEER_FAILED_VERIFICATION; + result = CURLE_PEER_FAILED_VERIFICATION; + goto out; } - infof(data, "%s certificate:", - Curl_ssl_cf_is_proxy(cf) ? "Proxy" : "Server"); - - result = x509_name_oneline(X509_get_subject_name(octx->server_cert), - &dname); - infof(data, " subject: %s", result ? "[NONE]" : curlx_dyn_ptr(&dname)); - #ifndef CURL_DISABLE_VERBOSE_STRINGS - { - char *buf; - long len; - ASN1_TIME_print(mem, X509_get0_notBefore(octx->server_cert)); - len = BIO_get_mem_data(mem, (char **) &buf); - infof(data, " start date: %.*s", (int)len, buf); - (void)BIO_reset(mem); + result = ossl_infof_cert(cf, data, server_cert); + if(result) + goto out; + infof_certstack(data, octx->ssl); +#endif - ASN1_TIME_print(mem, X509_get0_notAfter(octx->server_cert)); - len = BIO_get_mem_data(mem, (char **) &buf); - infof(data, " expire date: %.*s", (int)len, buf); - (void)BIO_reset(mem); + if(conn_config->verifyhost) { + result = ossl_verifyhost(data, conn, peer, server_cert); + if(result) + goto out; + } + + ossl_verify = SSL_get_verify_result(octx->ssl); + ssl_config->certverifyresult = ossl_verify; + + verified = (ossl_verify == X509_V_OK); + if(verified) + infof(data, "SSL certificate verified via OpenSSL."); + +#ifdef USE_APPLE_SECTRUST + if(!verified && + conn_config->verifypeer && ssl_config->native_ca_store && + (ossl_verify == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY)) { + /* we verify using Apple SecTrust *unless* OpenSSL already verified. + * This may happen if the application intercepted the OpenSSL callback + * and installed its own. */ + result = ossl_apple_verify(cf, data, octx, peer, &verified); + if(result && (result != CURLE_PEER_FAILED_VERIFICATION)) + goto out; /* unexpected error */ + if(verified) { + infof(data, "SSL certificate verified via Apple SecTrust."); + ssl_config->certverifyresult = X509_V_OK; + } } #endif - BIO_free(mem); - - if(conn_config->verifyhost) { - result = ossl_verifyhost(data, conn, peer, octx->server_cert); - if(result) { - X509_free(octx->server_cert); - octx->server_cert = NULL; - curlx_dyn_free(&dname); - return result; - } - } - - result = x509_name_oneline(X509_get_issuer_name(octx->server_cert), - &dname); - if(result) { - if(strict) - failf(data, "SSL: could not get X509-issuer name"); + if(!verified) { + /* no trust established, report the OpenSSL status */ + failf(data, "SSL certificate OpenSSL verify result: %s (%ld)", + X509_verify_cert_error_string(ossl_verify), ossl_verify); result = CURLE_PEER_FAILED_VERIFICATION; + if(conn_config->verifypeer) + goto out; + infof(data, " SSL certificate verification failed, continuing anyway!"); } - else { - infof(data, " issuer: %s", curlx_dyn_ptr(&dname)); - curlx_dyn_free(&dname); - - /* We could do all sorts of certificate verification stuff here before - deallocating the certificate. */ - - /* e.g. match issuer name with provided issuer certificate */ - if(conn_config->issuercert || conn_config->issuercert_blob) { - if(conn_config->issuercert_blob) { - fp = BIO_new_mem_buf(conn_config->issuercert_blob->data, - (int)conn_config->issuercert_blob->len); - if(!fp) { - failf(data, - "BIO_new_mem_buf NULL, " OSSL_PACKAGE " error %s", - ossl_strerror(ERR_get_error(), error_buffer, - sizeof(error_buffer)) ); - X509_free(octx->server_cert); - octx->server_cert = NULL; - return CURLE_OUT_OF_MEMORY; - } - } - else { - fp = BIO_new(BIO_s_file()); - if(!fp) { - failf(data, - "BIO_new return NULL, " OSSL_PACKAGE " error %s", - ossl_strerror(ERR_get_error(), error_buffer, - sizeof(error_buffer)) ); - X509_free(octx->server_cert); - octx->server_cert = NULL; - return CURLE_OUT_OF_MEMORY; - } - - if(BIO_read_filename(fp, conn_config->issuercert) <= 0) { - if(strict) - failf(data, "SSL: Unable to open issuer cert (%s)", - conn_config->issuercert); - BIO_free(fp); - X509_free(octx->server_cert); - octx->server_cert = NULL; - return CURLE_SSL_ISSUER_ERROR; - } - } - - issuer = PEM_read_bio_X509(fp, NULL, ZERO_NULL, NULL); - if(!issuer) { - if(strict) - failf(data, "SSL: Unable to read issuer cert (%s)", - conn_config->issuercert); - BIO_free(fp); - X509_free(issuer); - X509_free(octx->server_cert); - octx->server_cert = NULL; - return CURLE_SSL_ISSUER_ERROR; - } - - if(X509_check_issued(issuer, octx->server_cert) != X509_V_OK) { - if(strict) - failf(data, "SSL: Certificate issuer check failed (%s)", - conn_config->issuercert); - BIO_free(fp); - X509_free(issuer); - X509_free(octx->server_cert); - octx->server_cert = NULL; - return CURLE_SSL_ISSUER_ERROR; - } - - infof(data, " SSL certificate issuer check ok (%s)", - conn_config->issuercert); - BIO_free(fp); - X509_free(issuer); - } - - lerr = SSL_get_verify_result(octx->ssl); - ssl_config->certverifyresult = lerr; - if(lerr != X509_V_OK) { - if(conn_config->verifypeer) { - /* We probably never reach this, because SSL_connect() will fail - and we return earlier if verifypeer is set? */ - if(strict) - failf(data, "SSL certificate verify result: %s (%ld)", - X509_verify_cert_error_string(lerr), lerr); - result = CURLE_PEER_FAILED_VERIFICATION; - } - else - infof(data, " SSL certificate verify result: %s (%ld)," - " continuing anyway.", - X509_verify_cert_error_string(lerr), lerr); - } - else - infof(data, " SSL certificate verify ok."); - } - infof_certstack(data, octx->ssl); #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_OCSP) if(conn_config->verifystatus && !octx->reused_session) { /* do not do this after Session ID reuse */ result = verifystatus(cf, data, octx); - if(result) { - X509_free(octx->server_cert); - octx->server_cert = NULL; - return result; - } - } -#endif - - if(!strict) - /* when not strict, we do not bother about the verify cert problems */ - result = CURLE_OK; - -#ifndef CURL_DISABLE_PROXY - ptr = Curl_ssl_cf_is_proxy(cf) ? - data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] : - data->set.str[STRING_SSL_PINNEDPUBLICKEY]; -#else - ptr = data->set.str[STRING_SSL_PINNEDPUBLICKEY]; -#endif - if(!result && ptr) { - result = ossl_pkp_pin_peer_pubkey(data, octx->server_cert, ptr); if(result) - failf(data, "SSL: public key does not match pinned public key"); + goto out; } +#endif - X509_free(octx->server_cert); - octx->server_cert = NULL; + result = ossl_check_issuer(cf, data, server_cert); + if(result) + goto out; + result = ossl_check_pinned_key(cf, data, server_cert); + +out: + X509_free(server_cert); return result; } diff --git a/lib/vtls/openssl.h b/lib/vtls/openssl.h index e263ee2eb2..021d754a62 100644 --- a/lib/vtls/openssl.h +++ b/lib/vtls/openssl.h @@ -71,7 +71,6 @@ struct ossl_ctx { /* these ones requires specific SSL-types */ SSL_CTX* ssl_ctx; SSL* ssl; - X509* server_cert; BIO_METHOD *bio_method; CURLcode io_result; /* result of last BIO cfilter operation */ /* blocked writes need to retry with same length, remember it */ @@ -82,6 +81,7 @@ struct ossl_ctx { bool keylog_done; #endif BIT(x509_store_setup); /* x509 store has been set up */ + BIT(store_is_empty); /* no certs/paths/blobs in x509 store */ BIT(reused_session); /* session-ID was reused for this */ }; @@ -122,7 +122,7 @@ extern const struct Curl_ssl Curl_ssl_openssl; */ CURLcode Curl_ssl_setup_x509_store(struct Curl_cfilter *cf, struct Curl_easy *data, - SSL_CTX *ssl_ctx); + struct ossl_ctx *octx); CURLcode Curl_ossl_ctx_configure(struct Curl_cfilter *cf, struct Curl_easy *data, diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c index 1b1f66cc6e..ccd567cd86 100644 --- a/lib/vtls/vtls.c +++ b/lib/vtls/vtls.c @@ -75,9 +75,14 @@ #include "../curlx/inet_pton.h" #include "../connect.h" #include "../select.h" +#include "../setopt.h" #include "../strdup.h" #include "../rand.h" +#ifdef USE_APPLE_SECTRUST +#include +#endif /* USE_APPLE_SECTRUST */ + /* The last #include files should be: */ #include "../curl_memory.h" #include "../memdebug.h" @@ -290,62 +295,100 @@ static void free_primary_ssl_config(struct ssl_primary_config *sslc) CURLcode Curl_ssl_easy_config_complete(struct Curl_easy *data) { - data->set.ssl.primary.CApath = data->set.str[STRING_SSL_CAPATH]; - data->set.ssl.primary.CAfile = data->set.str[STRING_SSL_CAFILE]; - data->set.ssl.primary.CRLfile = data->set.str[STRING_SSL_CRLFILE]; - data->set.ssl.primary.issuercert = data->set.str[STRING_SSL_ISSUERCERT]; - data->set.ssl.primary.issuercert_blob = data->set.blobs[BLOB_SSL_ISSUERCERT]; - data->set.ssl.primary.cipher_list = - data->set.str[STRING_SSL_CIPHER_LIST]; - data->set.ssl.primary.cipher_list13 = - data->set.str[STRING_SSL_CIPHER13_LIST]; - data->set.ssl.primary.signature_algorithms = - data->set.str[STRING_SSL_SIGNATURE_ALGORITHMS]; - data->set.ssl.primary.pinned_key = - data->set.str[STRING_SSL_PINNEDPUBLICKEY]; - data->set.ssl.primary.cert_blob = data->set.blobs[BLOB_CERT]; - data->set.ssl.primary.ca_info_blob = data->set.blobs[BLOB_CAINFO]; - data->set.ssl.primary.curves = data->set.str[STRING_SSL_EC_CURVES]; -#ifdef USE_TLS_SRP - data->set.ssl.primary.username = data->set.str[STRING_TLSAUTH_USERNAME]; - data->set.ssl.primary.password = data->set.str[STRING_TLSAUTH_PASSWORD]; + struct ssl_config_data *sslc = &data->set.ssl; +#if defined(CURL_CA_PATH) || defined(CURL_CA_BUNDLE) + struct UserDefined *set = &data->set; + CURLcode result; #endif - data->set.ssl.cert_type = data->set.str[STRING_CERT_TYPE]; - data->set.ssl.key = data->set.str[STRING_KEY]; - data->set.ssl.key_type = data->set.str[STRING_KEY_TYPE]; - data->set.ssl.key_passwd = data->set.str[STRING_KEY_PASSWD]; - data->set.ssl.primary.clientcert = data->set.str[STRING_CERT]; - data->set.ssl.key_blob = data->set.blobs[BLOB_KEY]; + + if(Curl_ssl_backend() != CURLSSLBACKEND_SCHANNEL) { +#ifdef USE_APPLE_SECTRUST + if(!sslc->custom_capath && !sslc->custom_cafile && !sslc->custom_cablob) + sslc->native_ca_store = TRUE; +#endif +#ifdef CURL_CA_PATH + if(!sslc->custom_capath && !set->str[STRING_SSL_CAPATH]) { + result = Curl_setstropt(&set->str[STRING_SSL_CAPATH], CURL_CA_PATH); + if(result) + return result; + } + sslc->primary.CApath = data->set.str[STRING_SSL_CAPATH]; +#endif +#ifdef CURL_CA_BUNDLE + if(!sslc->custom_cafile && !set->str[STRING_SSL_CAFILE]) { + result = Curl_setstropt(&set->str[STRING_SSL_CAFILE], CURL_CA_BUNDLE); + if(result) + return result; + } +#endif + } + sslc->primary.CAfile = data->set.str[STRING_SSL_CAFILE]; + sslc->primary.CRLfile = data->set.str[STRING_SSL_CRLFILE]; + sslc->primary.issuercert = data->set.str[STRING_SSL_ISSUERCERT]; + sslc->primary.issuercert_blob = data->set.blobs[BLOB_SSL_ISSUERCERT]; + sslc->primary.cipher_list = data->set.str[STRING_SSL_CIPHER_LIST]; + sslc->primary.cipher_list13 = data->set.str[STRING_SSL_CIPHER13_LIST]; + sslc->primary.signature_algorithms = + data->set.str[STRING_SSL_SIGNATURE_ALGORITHMS]; + sslc->primary.pinned_key = + data->set.str[STRING_SSL_PINNEDPUBLICKEY]; + sslc->primary.cert_blob = data->set.blobs[BLOB_CERT]; + sslc->primary.ca_info_blob = data->set.blobs[BLOB_CAINFO]; + sslc->primary.curves = data->set.str[STRING_SSL_EC_CURVES]; +#ifdef USE_TLS_SRP + sslc->primary.username = data->set.str[STRING_TLSAUTH_USERNAME]; + sslc->primary.password = data->set.str[STRING_TLSAUTH_PASSWORD]; +#endif + sslc->cert_type = data->set.str[STRING_CERT_TYPE]; + sslc->key = data->set.str[STRING_KEY]; + sslc->key_type = data->set.str[STRING_KEY_TYPE]; + sslc->key_passwd = data->set.str[STRING_KEY_PASSWD]; + sslc->primary.clientcert = data->set.str[STRING_CERT]; + sslc->key_blob = data->set.blobs[BLOB_KEY]; #ifndef CURL_DISABLE_PROXY - data->set.proxy_ssl.primary.CApath = data->set.str[STRING_SSL_CAPATH_PROXY]; - data->set.proxy_ssl.primary.CAfile = data->set.str[STRING_SSL_CAFILE_PROXY]; - data->set.proxy_ssl.primary.cipher_list = - data->set.str[STRING_SSL_CIPHER_LIST_PROXY]; - data->set.proxy_ssl.primary.cipher_list13 = - data->set.str[STRING_SSL_CIPHER13_LIST_PROXY]; - data->set.proxy_ssl.primary.pinned_key = - data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY]; - data->set.proxy_ssl.primary.cert_blob = data->set.blobs[BLOB_CERT_PROXY]; - data->set.proxy_ssl.primary.ca_info_blob = - data->set.blobs[BLOB_CAINFO_PROXY]; - data->set.proxy_ssl.primary.issuercert = - data->set.str[STRING_SSL_ISSUERCERT_PROXY]; - data->set.proxy_ssl.primary.issuercert_blob = - data->set.blobs[BLOB_SSL_ISSUERCERT_PROXY]; - data->set.proxy_ssl.primary.CRLfile = - data->set.str[STRING_SSL_CRLFILE_PROXY]; - data->set.proxy_ssl.cert_type = data->set.str[STRING_CERT_TYPE_PROXY]; - data->set.proxy_ssl.key = data->set.str[STRING_KEY_PROXY]; - data->set.proxy_ssl.key_type = data->set.str[STRING_KEY_TYPE_PROXY]; - data->set.proxy_ssl.key_passwd = data->set.str[STRING_KEY_PASSWD_PROXY]; - data->set.proxy_ssl.primary.clientcert = data->set.str[STRING_CERT_PROXY]; - data->set.proxy_ssl.key_blob = data->set.blobs[BLOB_KEY_PROXY]; + sslc = &data->set.proxy_ssl; + if(Curl_ssl_backend() != CURLSSLBACKEND_SCHANNEL) { +#ifdef USE_APPLE_SECTRUST + if(!sslc->custom_capath && !sslc->custom_cafile && !sslc->custom_cablob) + sslc->native_ca_store = TRUE; +#endif +#ifdef CURL_CA_PATH + if(!sslc->custom_capath && !set->str[STRING_SSL_CAPATH_PROXY]) { + result = Curl_setstropt(&set->str[STRING_SSL_CAPATH_PROXY], + CURL_CA_PATH); + if(result) + return result; + } + sslc->primary.CApath = data->set.str[STRING_SSL_CAPATH_PROXY]; +#endif +#ifdef CURL_CA_BUNDLE + if(!sslc->custom_cafile && !set->str[STRING_SSL_CAFILE_PROXY]) { + result = Curl_setstropt(&set->str[STRING_SSL_CAFILE_PROXY], + CURL_CA_BUNDLE); + if(result) + return result; + } +#endif + } + sslc->primary.CAfile = data->set.str[STRING_SSL_CAFILE_PROXY]; + sslc->primary.cipher_list = data->set.str[STRING_SSL_CIPHER_LIST_PROXY]; + sslc->primary.cipher_list13 = data->set.str[STRING_SSL_CIPHER13_LIST_PROXY]; + sslc->primary.pinned_key = data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY]; + sslc->primary.cert_blob = data->set.blobs[BLOB_CERT_PROXY]; + sslc->primary.ca_info_blob = data->set.blobs[BLOB_CAINFO_PROXY]; + sslc->primary.issuercert = data->set.str[STRING_SSL_ISSUERCERT_PROXY]; + sslc->primary.issuercert_blob = data->set.blobs[BLOB_SSL_ISSUERCERT_PROXY]; + sslc->primary.CRLfile = data->set.str[STRING_SSL_CRLFILE_PROXY]; + sslc->cert_type = data->set.str[STRING_CERT_TYPE_PROXY]; + sslc->key = data->set.str[STRING_KEY_PROXY]; + sslc->key_type = data->set.str[STRING_KEY_TYPE_PROXY]; + sslc->key_passwd = data->set.str[STRING_KEY_PASSWD_PROXY]; + sslc->primary.clientcert = data->set.str[STRING_CERT_PROXY]; + sslc->key_blob = data->set.blobs[BLOB_KEY_PROXY]; #ifdef USE_TLS_SRP - data->set.proxy_ssl.primary.username = - data->set.str[STRING_TLSAUTH_USERNAME_PROXY]; - data->set.proxy_ssl.primary.password = - data->set.str[STRING_TLSAUTH_PASSWORD_PROXY]; + sslc->primary.username = data->set.str[STRING_TLSAUTH_USERNAME_PROXY]; + sslc->primary.password = data->set.str[STRING_TLSAUTH_PASSWORD_PROXY]; #endif #endif /* CURL_DISABLE_PROXY */ diff --git a/lib/vtls/vtls_scache.c b/lib/vtls/vtls_scache.c index 74b2b20cf6..16e3f0314f 100644 --- a/lib/vtls/vtls_scache.c +++ b/lib/vtls/vtls_scache.c @@ -371,7 +371,7 @@ void Curl_ssl_scache_unlock(struct Curl_easy *data) static CURLcode cf_ssl_peer_key_add_path(struct dynbuf *buf, const char *name, - char *path, + const char *path, bool *is_local) { if(path && path[0]) { diff --git a/m4/curl-apple-sectrust.m4 b/m4/curl-apple-sectrust.m4 new file mode 100644 index 0000000000..792f719d38 --- /dev/null +++ b/m4/curl-apple-sectrust.m4 @@ -0,0 +1,58 @@ +#*************************************************************************** +# _ _ ____ _ +# Project ___| | | | _ \| | +# / __| | | | |_) | | +# | (__| |_| | _ <| |___ +# \___|\___/|_| \_\_____| +# +# Copyright (C) Daniel Stenberg, , et al. +# +# This software is licensed as described in the file COPYING, which +# you should have received as part of this distribution. The terms +# are also available at https://curl.se/docs/copyright.html. +# +# You may opt to use, copy, modify, merge, publish, distribute and/or sell +# copies of the Software, and permit persons to whom the Software is +# furnished to do so, under the terms of the COPYING file. +# +# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY +# KIND, either express or implied. +# +# SPDX-License-Identifier: curl +# +#*************************************************************************** + +AC_DEFUN([CURL_WITH_APPLE_SECTRUST], [ +AC_MSG_CHECKING([whether to enable Apple OS native certificate validation]) +if test "x$OPT_APPLE_SECTRUST" = xyes; then + AC_COMPILE_IFELSE([ + AC_LANG_PROGRAM([[ + #include + #include + ]],[[ + #if TARGET_OS_MAC + return 0; + #else + #error Not macOS + #endif + ]]) + ],[ + build_for_apple="yes" + ],[ + build_for_apple="no" + ]) + if test "x$build_for_apple" != "xno"; then + AC_MSG_RESULT(yes) + AC_DEFINE(USE_APPLE_SECTRUST, 1, [enable Apple OS certificate validation]) + APPLE_SECTRUST_ENABLED=1 + APPLE_SECTRUST_LDFLAGS='-framework CoreFoundation -framework CoreServices -framework Security' + LDFLAGS="$LDFLAGS $APPLE_SECTRUST_LDFLAGS" + LDFLAGSPC="$LDFLAGSPC $APPLE_SECTRUST_LDFLAGS" + else + AC_MSG_RESULT(no) + fi +else + AC_MSG_RESULT(no) +fi + +]) diff --git a/tests/data/test305 b/tests/data/test305 index 9e7dc8dcb0..2d4ffd1aab 100644 --- a/tests/data/test305 +++ b/tests/data/test305 @@ -19,7 +19,7 @@ https insecure HTTPS without permission -https://%HOSTIP:%HTTPSPORT/want/%TESTNUMBER --cacert moooo +https://%HOSTIP:%HTTPSPORT/want/%TESTNUMBER --cacert moooo --no-ca-native diff --git a/tests/http/test_02_download.py b/tests/http/test_02_download.py index 89bf7e1ab1..26da1d2fee 100644 --- a/tests/http/test_02_download.py +++ b/tests/http/test_02_download.py @@ -610,6 +610,8 @@ class TestDownload: pytest.skip("h3 not supported") if proto != 'h3' and sys.platform.startswith('darwin') and env.ci_run: pytest.skip('failing on macOS CI runners') + if proto == 'h3' and sys.platform.startswith('darwin') and env.curl_uses_lib('gnutls'): + pytest.skip('h3 gnutls early data failing on macOS') count = 2 docname = 'data-10k' # we want this test to always connect to nghttpx, since it is diff --git a/tests/http/test_07_upload.py b/tests/http/test_07_upload.py index 0868a406ab..d17d3a44ad 100644 --- a/tests/http/test_07_upload.py +++ b/tests/http/test_07_upload.py @@ -693,6 +693,8 @@ class TestUpload: pytest.skip("h3 not supported") if proto != 'h3' and sys.platform.startswith('darwin') and env.ci_run: pytest.skip('failing on macOS CI runners') + if proto == 'h3' and sys.platform.startswith('darwin') and env.curl_uses_lib('gnutls'): + pytest.skip('h3 gnutls early data failing on macOS') count = 2 # we want this test to always connect to nghttpx, since it is # the only server we have that supports TLS earlydata diff --git a/tests/http/test_17_ssl_use.py b/tests/http/test_17_ssl_use.py index b346281dfc..619ecd25e6 100644 --- a/tests/http/test_17_ssl_use.py +++ b/tests/http/test_17_ssl_use.py @@ -433,9 +433,9 @@ class TestSSLUse: exp_trace = None match_trace = None if env.curl_uses_lib('openssl') or env.curl_uses_lib('quictls'): - exp_trace = r'.*SSL certificate problem: certificate has expired$' + exp_trace = r'.*SSL certificate OpenSSL verify result: certificate has expired.*$' elif env.curl_uses_lib('gnutls'): - exp_trace = r'.*server verification failed: certificate has expired\..*' + exp_trace = r'.*SSL certificate verification failed: certificate has expired\..*' elif env.curl_uses_lib('wolfssl'): exp_trace = r'.*server verification failed: certificate has expired\.$' if exp_trace is not None: From 9aa8e9a783c43ed3fad244a98455ac2d7288909f Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Thu, 2 Oct 2025 14:20:05 +0200 Subject: [PATCH 0260/2408] vquic: handling of io improvements - better tracing of what system call is used and how often - ngtcp2: combine vquic_send into larger chunks - ngtcp2: define own PMTU values and enable MTU probing - ngtcp2: trace interesting remote transport parameters Closes #18812 --- lib/vquic/curl_ngtcp2.c | 149 ++++++++++++++++++++++++---------------- lib/vquic/vquic.c | 95 +++++++++++++++---------- 2 files changed, 147 insertions(+), 97 deletions(-) diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index 4998400d96..4a45c1f6db 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -410,13 +410,23 @@ static void qlog_callback(void *user_data, uint32_t flags, ctx->qlogfd = -1; } } - } static void quic_settings(struct cf_ngtcp2_ctx *ctx, struct Curl_easy *data, struct pkt_io_ctx *pktx) { +#ifdef NGTCP2_SETTINGS_V2x +static uint16_t mtu_probes[] = { + 1472, /* what h2o offers */ + 1452, /* what Caddy offers */ + 1454 - 48, /* The well known MTU used by a domestic optic fiber + service in Japan. */ + 1390 - 48, /* Typical Tunneled MTU */ + 1280 - 48, /* IPv6 minimum MTU */ + 1492 - 48, /* PPPoE */ +}; +#endif ngtcp2_settings *s = &ctx->settings; ngtcp2_transport_params *t = &ctx->transport_params; @@ -433,6 +443,12 @@ static void quic_settings(struct cf_ngtcp2_ctx *ctx, data->set.connecttimeout * NGTCP2_MILLISECONDS : QUIC_HANDSHAKE_TIMEOUT; s->max_window = 100 * ctx->max_stream_window; s->max_stream_window = 10 * ctx->max_stream_window; + s->no_pmtud = FALSE; +#ifdef NGTCP2_SETTINGS_V2x + s->pmtud_probes = mtu_probes; + s->pmtud_probeslen = CURL_ARRAYSIZE(mtu_probes); + s->max_tx_udp_payload_size = 64 * 1024; /* mtu_probes[0]; */ +#endif t->initial_max_data = 10 * ctx->max_stream_window; t->initial_max_stream_data_bidi_local = ctx->max_stream_window; @@ -468,8 +484,18 @@ static int cf_ngtcp2_handshake_completed(ngtcp2_conn *tconn, void *user_data) ctx->tls_vrfy_result = Curl_vquic_tls_verify_peer(&ctx->tls, cf, data, &ctx->peer); - CURL_TRC_CF(data, cf, "handshake complete after %dms", - (int)curlx_timediff(ctx->handshake_at, ctx->started_at)); + if(Curl_trc_is_verbose(data)) { + const ngtcp2_transport_params *rp; + rp = ngtcp2_conn_get_remote_transport_params(ctx->qconn); + CURL_TRC_CF(data, cf, "handshake complete after %dms, remote transport[" + "max_udp_payload=%" FMT_PRIu64 + ", initial_max_data=%" FMT_PRIu64 + "]", + (int)curlx_timediff(ctx->handshake_at, ctx->started_at), + (curl_uint64_t)rp->max_udp_payload_size, + (curl_uint64_t)rp->initial_max_data); + } + /* In case of earlydata, where we simulate being connected, update * the handshake time when we really did connect */ if(ctx->use_earlydata) @@ -1678,6 +1704,9 @@ static CURLcode recv_pkt(const unsigned char *pkt, size_t pktlen, ngtcp2_path path; int rv; + if(ecn) + CURL_TRC_CF(pktx->data, pktx->cf, "vquic_recv(len=%zu, ecn=%x)", + pktlen, ecn); ngtcp2_addr_init(&path.local, (struct sockaddr *)&ctx->q.local_addr, (socklen_t)ctx->q.local_addrlen); ngtcp2_addr_init(&path.remote, (struct sockaddr *)remote_addr, @@ -1696,7 +1725,6 @@ static CURLcode recv_pkt(const unsigned char *pkt, size_t pktlen, return CURLE_PEER_FAILED_VERIFICATION; return CURLE_RECV_ERROR; } - return CURLE_OK; } @@ -1712,6 +1740,10 @@ static CURLcode cf_progress_ingress(struct Curl_cfilter *cf, pktx_init(&local_pktx, cf, data); pktx = &local_pktx; } + else { + pktx_update_time(pktx, cf); + ngtcp2_path_storage_zero(&pktx->ps); + } result = Curl_vquic_tls_before_recv(&ctx->tls, cf, data); if(result) @@ -1831,9 +1863,10 @@ static CURLcode cf_progress_egress(struct Curl_cfilter *cf, { struct cf_ngtcp2_ctx *ctx = cf->ctx; size_t nread; - size_t max_payload_size, path_max_payload_size, max_pktcnt; + size_t max_payload_size, path_max_payload_size; size_t pktcnt = 0; size_t gsolen = 0; /* this disables gso until we have a clue */ + size_t send_quantum; CURLcode curlcode; struct pkt_io_ctx local_pktx; @@ -1869,71 +1902,69 @@ static CURLcode cf_progress_egress(struct Curl_cfilter *cf, max_payload_size = ngtcp2_conn_get_max_tx_udp_payload_size(ctx->qconn); path_max_payload_size = ngtcp2_conn_get_path_max_tx_udp_payload_size(ctx->qconn); - /* maximum number of packets buffered before we flush to the socket */ - max_pktcnt = CURLMIN(MAX_PKT_BURST, - ctx->q.sendbuf.chunk_size / max_payload_size); - + send_quantum = ngtcp2_conn_get_send_quantum(ctx->qconn); + CURL_TRC_CF(data, cf, "egress, collect and send packets, quantum=%zu", + send_quantum); for(;;) { /* add the next packet to send, if any, to our buffer */ curlcode = Curl_bufq_sipn(&ctx->q.sendbuf, max_payload_size, read_pkt_to_send, pktx, &nread); - if(curlcode) { - if(curlcode != CURLE_AGAIN) - return curlcode; - /* Nothing more to add, flush and leave */ - curlcode = vquic_send(cf, data, &ctx->q, gsolen); - if(curlcode) { - if(curlcode == CURLE_AGAIN) { - Curl_expire(data, 1, EXPIRE_QUIC); - return CURLE_OK; - } - return curlcode; + if(curlcode == CURLE_AGAIN) + break; + else if(curlcode) + return curlcode; + else { + size_t buflen = Curl_bufq_len(&ctx->q.sendbuf); + if((buflen >= send_quantum) || + ((buflen + gsolen) >= ctx->q.sendbuf.chunk_size)) + break; + DEBUGASSERT(nread > 0); + ++pktcnt; + if(pktcnt == 1) { + /* first packet in buffer. This is either of a known, "good" + * payload size or it is a PMTUD. We will see. */ + gsolen = nread; } - goto out; - } - - DEBUGASSERT(nread > 0); - if(pktcnt == 0) { - /* first packet in buffer. This is either of a known, "good" - * payload size or it is a PMTUD. We will see. */ - gsolen = nread; - } - else if(nread > gsolen || - (gsolen > path_max_payload_size && nread != gsolen)) { - /* The just added packet is a PMTUD *or* the one(s) before the - * just added were PMTUD and the last one is smaller. - * Flush the buffer before the last add. */ - curlcode = vquic_send_tail_split(cf, data, &ctx->q, - gsolen, nread, nread); - if(curlcode) { - if(curlcode == CURLE_AGAIN) { - Curl_expire(data, 1, EXPIRE_QUIC); - return CURLE_OK; + else if(nread > gsolen || + (gsolen > path_max_payload_size && nread != gsolen)) { + /* The just added packet is a PMTUD *or* the one(s) before the + * just added were PMTUD and the last one is smaller. + * Flush the buffer before the last add. */ + curlcode = vquic_send_tail_split(cf, data, &ctx->q, + gsolen, nread, nread); + if(curlcode) { + if(curlcode == CURLE_AGAIN) { + Curl_expire(data, 1, EXPIRE_QUIC); + return CURLE_OK; + } + return curlcode; } - return curlcode; + pktcnt = 0; } - pktcnt = 0; - continue; - } - - if(++pktcnt >= max_pktcnt || nread < gsolen) { - /* Reached MAX_PKT_BURST *or* - * the capacity of our buffer *or* - * last add was shorter than the previous ones, flush */ - curlcode = vquic_send(cf, data, &ctx->q, gsolen); - if(curlcode) { - if(curlcode == CURLE_AGAIN) { - Curl_expire(data, 1, EXPIRE_QUIC); - return CURLE_OK; - } - return curlcode; + else if(nread < gsolen) { + /* Reached MAX_PKT_BURST *or* + * the capacity of our buffer *or* + * last add was shorter than the previous ones, flush */ + break; } - /* pktbuf has been completely sent */ - pktcnt = 0; } } -out: + if(!Curl_bufq_is_empty(&ctx->q.sendbuf)) { + /* time to send */ + CURL_TRC_CF(data, cf, "egress, send collected %zu packets in %zu bytes", + pktcnt, Curl_bufq_len(&ctx->q.sendbuf)); + curlcode = vquic_send(cf, data, &ctx->q, gsolen); + if(curlcode) { + if(curlcode == CURLE_AGAIN) { + Curl_expire(data, 1, EXPIRE_QUIC); + return CURLE_OK; + } + return curlcode; + } + pktx_update_time(pktx, cf); + ngtcp2_conn_update_pkt_tx_time(ctx->qconn, pktx->ts); + } return CURLE_OK; } diff --git a/lib/vquic/vquic.c b/lib/vquic/vquic.c index c509819752..275ea8bccc 100644 --- a/lib/vquic/vquic.c +++ b/lib/vquic/vquic.c @@ -55,7 +55,7 @@ #if !defined(CURL_DISABLE_HTTP) && defined(USE_HTTP3) #define NW_CHUNK_SIZE (64 * 1024) -#define NW_SEND_CHUNKS 2 +#define NW_SEND_CHUNKS 1 int Curl_vquic_init(void) @@ -125,6 +125,7 @@ static CURLcode do_sendmsg(struct Curl_cfilter *cf, const uint8_t *pkt, size_t pktlen, size_t gsolen, size_t *psent) { + CURLcode result = CURLE_OK; #ifdef HAVE_SENDMSG struct iovec msg_iov; struct msghdr msg = {0}; @@ -181,12 +182,14 @@ static CURLcode do_sendmsg(struct Curl_cfilter *cf, FALLTHROUGH(); default: failf(data, "sendmsg() returned %zd (errno %d)", sent, SOCKERRNO); - return CURLE_SEND_ERROR; + result = CURLE_SEND_ERROR; + goto out; } } else if(pktlen != (size_t)sent) { failf(data, "sendmsg() sent only %zd/%zu bytes", sent, pktlen); - return CURLE_SEND_ERROR; + result = CURLE_SEND_ERROR; + goto out; } #else ssize_t sent; @@ -201,12 +204,14 @@ static CURLcode do_sendmsg(struct Curl_cfilter *cf, if(sent == -1) { if(SOCKERRNO == EAGAIN || SOCKERRNO == SOCKEWOULDBLOCK) { - return CURLE_AGAIN; + result = CURLE_AGAIN; + goto out; } else { failf(data, "send() returned %zd (errno %d)", sent, SOCKERRNO); if(SOCKERRNO != SOCKEMSGSIZE) { - return CURLE_SEND_ERROR; + result = CURLE_SEND_ERROR; + goto out; } /* UDP datagram is too large; caused by PMTUD. Just let it be lost. */ @@ -216,9 +221,16 @@ static CURLcode do_sendmsg(struct Curl_cfilter *cf, (void)cf; *psent = pktlen; - return CURLE_OK; +out: + return result; } +#ifdef HAVE_SENDMSG +#define VQUIC_SEND_METHOD "sendmsg" +#else +#define VQUIC_SEND_METHOD "send" +#endif + static CURLcode send_packet_no_gso(struct Curl_cfilter *cf, struct Curl_easy *data, struct cf_quic_ctx *qctx, @@ -226,19 +238,23 @@ static CURLcode send_packet_no_gso(struct Curl_cfilter *cf, size_t gsolen, size_t *psent) { const uint8_t *p, *end = pkt + pktlen; - size_t sent; + size_t sent, len, calls = 0; + CURLcode result = CURLE_OK; *psent = 0; for(p = pkt; p < end; p += gsolen) { - size_t len = CURLMIN(gsolen, (size_t)(end - p)); - CURLcode curlcode = do_sendmsg(cf, data, qctx, p, len, len, &sent); - if(curlcode != CURLE_OK) { - return curlcode; - } + len = CURLMIN(gsolen, (size_t)(end - p)); + result = do_sendmsg(cf, data, qctx, p, len, len, &sent); + if(result) + goto out; *psent += sent; + ++calls; } - +out: + CURL_TRC_CF(data, cf, "vquic_%s(len=%zu, gso=%zu, calls=%zu)" + " -> %d, sent=%zu", + VQUIC_SEND_METHOD, pktlen, gsolen, calls, result, *psent); return CURLE_OK; } @@ -266,6 +282,9 @@ static CURLcode vquic_send_packets(struct Curl_cfilter *cf, } else { result = do_sendmsg(cf, data, qctx, pkt, pktlen, gsolen, psent); + CURL_TRC_CF(data, cf, "vquic_%s(len=%zu, gso=%zu, calls=1)" + " -> %d, sent=%zu", + VQUIC_SEND_METHOD, pktlen, gsolen, result, *psent); } if(!result) qctx->last_io = qctx->last_op; @@ -289,8 +308,6 @@ CURLcode vquic_flush(struct Curl_cfilter *cf, struct Curl_easy *data, } result = vquic_send_packets(cf, data, qctx, buf, blen, gsolen, &sent); - CURL_TRC_CF(data, cf, "vquic_send(len=%zu, gso=%zu) -> %d, sent=%zu", - blen, gsolen, result, sent); if(result) { if(result == CURLE_AGAIN) { Curl_bufq_skip(&qctx->sendbuf, sent); @@ -369,7 +386,7 @@ static CURLcode recvmmsg_packets(struct Curl_cfilter *cf, struct mmsghdr mmsg[MMSG_NUM]; uint8_t msg_ctrl[MMSG_NUM * CMSG_SPACE(sizeof(int))]; struct sockaddr_storage remote_addr[MMSG_NUM]; - size_t total_nread = 0, pkts = 0; + size_t total_nread = 0, pkts = 0, calls = 0; int mcount, i, n; char errstr[STRERROR_LEN]; CURLcode result = CURLE_OK; @@ -424,7 +441,7 @@ static CURLcode recvmmsg_packets(struct Curl_cfilter *cf, goto out; } - CURL_TRC_CF(data, cf, "recvmmsg() -> %d packets", mcount); + ++calls; for(i = 0; i < mcount; ++i) { total_nread += mmsg[i].msg_len; @@ -454,8 +471,8 @@ static CURLcode recvmmsg_packets(struct Curl_cfilter *cf, out: if(total_nread || result) - CURL_TRC_CF(data, cf, "recvd %zu packets with %zu bytes -> %d", - pkts, total_nread, result); + CURL_TRC_CF(data, cf, "vquic_recvmmsg(len=%zu, packets=%zu, calls=%zu)" + " -> %d", total_nread, pkts, calls, result); Curl_multi_xfer_sockbuf_release(data, sockbuf); return result; } @@ -471,8 +488,9 @@ static CURLcode recvmsg_packets(struct Curl_cfilter *cf, struct msghdr msg; uint8_t buf[64*1024]; struct sockaddr_storage remote_addr; - size_t total_nread, pkts; - ssize_t nread; + size_t total_nread, pkts, calls; + ssize_t rc; + size_t nread; char errstr[STRERROR_LEN]; CURLcode result = CURLE_OK; uint8_t msg_ctrl[CMSG_SPACE(sizeof(int))]; @@ -481,7 +499,7 @@ static CURLcode recvmsg_packets(struct Curl_cfilter *cf, size_t offset, to; DEBUGASSERT(max_pkts > 0); - for(pkts = 0, total_nread = 0; pkts < max_pkts;) { + for(pkts = 0, total_nread = 0, calls = 0; pkts < max_pkts;) { /* fully initialise this on each call to `recvmsg()`. There seem to * operating systems out there that mess with `msg_iov.iov_len`. */ memset(&msg, 0, sizeof(msg)); @@ -494,10 +512,10 @@ static CURLcode recvmsg_packets(struct Curl_cfilter *cf, msg.msg_namelen = sizeof(remote_addr); msg.msg_controllen = sizeof(msg_ctrl); - while((nread = recvmsg(qctx->sockfd, &msg, 0)) == -1 && + while((rc = recvmsg(qctx->sockfd, &msg, 0)) == -1 && (SOCKERRNO == SOCKEINTR || SOCKERRNO == SOCKEMSGSIZE)) ; - if(nread == -1) { + if(rc == -1) { if(SOCKERRNO == EAGAIN || SOCKERRNO == SOCKEWOULDBLOCK) { goto out; } @@ -511,28 +529,28 @@ static CURLcode recvmsg_packets(struct Curl_cfilter *cf, } Curl_strerror(SOCKERRNO, errstr, sizeof(errstr)); failf(data, "QUIC: recvmsg() unexpectedly returned %zd (errno=%d; %s)", - nread, SOCKERRNO, errstr); + rc, SOCKERRNO, errstr); result = CURLE_RECV_ERROR; goto out; } - total_nread += (size_t)nread; + nread = (size_t)rc; + total_nread += nread; + ++calls; gso_size = vquic_msghdr_get_udp_gro(&msg); if(gso_size == 0) { - gso_size = (size_t)nread; + gso_size = nread; } - for(offset = 0; offset < (size_t)nread; offset = to) { + for(offset = 0; offset < nread; offset = to) { ++pkts; to = offset + gso_size; - if(to > (size_t)nread) { - pktlen = (size_t)nread - offset; - } - else { + if(to > nread) + pktlen = nread - offset; + else pktlen = gso_size; - } result = recv_cb(buf + offset, pktlen, msg.msg_name, msg.msg_namelen, 0, userp); @@ -543,8 +561,8 @@ static CURLcode recvmsg_packets(struct Curl_cfilter *cf, out: if(total_nread || result) - CURL_TRC_CF(data, cf, "recvd %zu packets with %zu bytes -> %d", - pkts, total_nread, result); + CURL_TRC_CF(data, cf, "vquic_recvmsg(len=%zu, packets=%zu, calls=%zu)" + " -> %d", total_nread, pkts, calls, result); return result; } @@ -559,7 +577,7 @@ static CURLcode recvfrom_packets(struct Curl_cfilter *cf, int bufsize = (int)sizeof(buf); struct sockaddr_storage remote_addr; socklen_t remote_addrlen = sizeof(remote_addr); - size_t total_nread, pkts; + size_t total_nread, pkts, calls = 0; ssize_t nread; char errstr[STRERROR_LEN]; CURLcode result = CURLE_OK; @@ -592,6 +610,7 @@ static CURLcode recvfrom_packets(struct Curl_cfilter *cf, } ++pkts; + ++calls; total_nread += (size_t)nread; result = recv_cb(buf, (size_t)nread, &remote_addr, remote_addrlen, 0, userp); @@ -601,8 +620,8 @@ static CURLcode recvfrom_packets(struct Curl_cfilter *cf, out: if(total_nread || result) - CURL_TRC_CF(data, cf, "recvd %zu packets with %zu bytes -> %d", - pkts, total_nread, result); + CURL_TRC_CF(data, cf, "vquic_recvfrom(len=%zu, packets=%zu, calls=%zu)" + " -> %d", total_nread, pkts, calls, result); return result; } #endif /* !HAVE_SENDMMSG && !HAVE_SENDMSG */ From 3b583ab7d72105e3bd80f602544e8c6795b13de3 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 3 Oct 2025 12:38:40 +0200 Subject: [PATCH 0261/2408] docs/cmdline-opts: drop double quotes from GLOBBING and URL examples It looks easier on the eye without them Closes #18829 --- docs/cmdline-opts/_GLOBBING.md | 14 +++++++------- docs/cmdline-opts/_URL.md | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/docs/cmdline-opts/_GLOBBING.md b/docs/cmdline-opts/_GLOBBING.md index 282356c3ef..c3c7951acb 100644 --- a/docs/cmdline-opts/_GLOBBING.md +++ b/docs/cmdline-opts/_GLOBBING.md @@ -6,31 +6,31 @@ or ranges within brackets. We call this "globbing". Provide a list with three different names like this: - "http://site.{one,two,three}.com" + http://site.{one,two,three}.com Do sequences of alphanumeric series by using [] as in: - "ftp://ftp.example.com/file[1-100].txt" + ftp://ftp.example.com/file[1-100].txt With leading zeroes: - "ftp://ftp.example.com/file[001-100].txt" + ftp://ftp.example.com/file[001-100].txt With letters through the alphabet: - "ftp://ftp.example.com/file[a-z].txt" + ftp://ftp.example.com/file[a-z].txt Nested sequences are not supported, but you can use several ones next to each other: - "http://example.com/archive[1996-1999]/vol[1-4]/part{a,b,c}.html" + http://example.com/archive[1996-1999]/vol[1-4]/part{a,b,c}.html You can specify a step counter for the ranges to get every Nth number or letter: - "http://example.com/file[1-100:10].txt" + http://example.com/file[1-100:10].txt - "http://example.com/file[a-z:2].txt" + http://example.com/file[a-z:2].txt When using [] or {} sequences when invoked from a command line prompt, you probably have to put the full URL within double quotes to avoid the shell from diff --git a/docs/cmdline-opts/_URL.md b/docs/cmdline-opts/_URL.md index 48ae02a556..580974f062 100644 --- a/docs/cmdline-opts/_URL.md +++ b/docs/cmdline-opts/_URL.md @@ -22,7 +22,7 @@ separate curl runs. Provide an IPv6 zone id in the URL with an escaped percentage sign. Like in - "http://[fe80::3%25eth0]/" + http://[fe80::3%25eth0]/ Everything provided on the command line that is not a command line option or its argument, curl assumes is a URL and treats it as such. From 4e2edde102a46305edc498879c1188b58bcc8403 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 3 Oct 2025 10:18:27 +0200 Subject: [PATCH 0262/2408] tool_progress: fix < 10000 output Follow-up to e49698925c7f90e Closes #18826 --- src/tool_progress.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/tool_progress.c b/src/tool_progress.c index b03fbf16a1..d29bfdc4da 100644 --- a/src/tool_progress.c +++ b/src/tool_progress.c @@ -34,8 +34,10 @@ static char *max5data(curl_off_t bytes, char *max5) /* a signed 64-bit value is 8192 petabytes maximum */ const char unit[] = { 'k', 'M', 'G', 'T', 'P', 0 }; int k = 0; - if(bytes < 100000) + if(bytes < 100000) { msnprintf(max5, 6, "%5" CURL_FORMAT_CURL_OFF_T, bytes); + return max5; + } do { curl_off_t nbytes = bytes / 1024; From 2e5993ab0812fd1a983738f6d6efbc7bb0806144 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 3 Oct 2025 11:43:10 +0200 Subject: [PATCH 0263/2408] GHA/checksrc: pass zizmor a GH token, fix warnings found For a complete, online, check. After this patch the check takes 30s, up from a fraction of a second. Also bump CodeQL actions to their latest version. Closes #18827 --- .github/workflows/checksrc.yml | 2 ++ .github/workflows/codeql.yml | 8 ++++---- .github/workflows/distcheck.yml | 2 +- 3 files changed, 7 insertions(+), 5 deletions(-) diff --git a/.github/workflows/checksrc.yml b/.github/workflows/checksrc.yml index 71ee031d68..71d096cac5 100644 --- a/.github/workflows/checksrc.yml +++ b/.github/workflows/checksrc.yml @@ -129,6 +129,8 @@ jobs: persist-credentials: false - name: 'zizmor GHA' + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)" zizmor --pedantic .github/workflows/*.yml diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index fe33518d8b..b1e20b4d2d 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -48,13 +48,13 @@ jobs: persist-credentials: false - name: 'initialize' - uses: github/codeql-action/init@303c0aef88fc2fe5ff6d63d3b1596bfd83dfa1f9 # v3 + uses: github/codeql-action/init@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5 with: languages: actions, python queries: security-extended - name: 'perform analysis' - uses: github/codeql-action/analyze@303c0aef88fc2fe5ff6d63d3b1596bfd83dfa1f9 # v3 + uses: github/codeql-action/analyze@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5 c: name: 'C' @@ -84,7 +84,7 @@ jobs: persist-credentials: false - name: 'initialize' - uses: github/codeql-action/init@303c0aef88fc2fe5ff6d63d3b1596bfd83dfa1f9 # v3 + uses: github/codeql-action/init@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5 with: languages: cpp build-mode: manual @@ -130,4 +130,4 @@ jobs: fi - name: 'perform analysis' - uses: github/codeql-action/analyze@303c0aef88fc2fe5ff6d63d3b1596bfd83dfa1f9 # v3 + uses: github/codeql-action/analyze@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5 diff --git a/.github/workflows/distcheck.yml b/.github/workflows/distcheck.yml index 7a1a4dad84..5a5c117ce1 100644 --- a/.github/workflows/distcheck.yml +++ b/.github/workflows/distcheck.yml @@ -49,7 +49,7 @@ jobs: - name: 'maketgz' run: SOURCE_DATE_EPOCH=1711526400 ./scripts/maketgz 99.98.97 - - uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4 + - uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1 with: name: 'release-tgz' path: 'curl-99.98.97.tar.gz' From 2313696e96c6c436f4b0c97361c45c5c0c8ae2b1 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 3 Oct 2025 11:55:38 +0000 Subject: [PATCH 0264/2408] GHA: update actions/upload-artifact action to v4.6.2 Closes #18830 --- .github/workflows/distcheck.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/distcheck.yml b/.github/workflows/distcheck.yml index 5a5c117ce1..9bc5565623 100644 --- a/.github/workflows/distcheck.yml +++ b/.github/workflows/distcheck.yml @@ -49,7 +49,7 @@ jobs: - name: 'maketgz' run: SOURCE_DATE_EPOCH=1711526400 ./scripts/maketgz 99.98.97 - - uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1 + - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: 'release-tgz' path: 'curl-99.98.97.tar.gz' From 4b8278fb3d0a43fecf66caa23ad1cd28f759de71 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 3 Oct 2025 10:51:46 +0200 Subject: [PATCH 0265/2408] progress: expand to use 6 characters per size Previously the progress meter used a maximum of five digits+letter in the progress meter output: up to 99999 bytes and then 9999k, 9999M etc. The output then used two spaces after the size between the next field in the display. This new approach uses one letter more with only one space in between the fields. It makes it possible to show up to 999999 bytes and then 99999k, 99999M etc. The function uses a single decimal when outputting a value less than 1000 in any unit. Like 999.9M. Closes #18828 --- lib/progress.c | 93 +++++++++++++++++++++----------------------------- 1 file changed, 38 insertions(+), 55 deletions(-) diff --git a/lib/progress.c b/lib/progress.c index fdae3194c5..2fa0fa1228 100644 --- a/lib/progress.c +++ b/lib/progress.c @@ -63,54 +63,37 @@ static void time2str(char *r, curl_off_t seconds) } /* The point of this function would be to return a string of the input data, - but never longer than 5 columns (+ one zero byte). + but never longer than 6 columns (+ one zero byte). Add suffix k, M, G when suitable... */ -static char *max5data(curl_off_t bytes, char *max5) +static char *max6data(curl_off_t bytes, char *max6) { -#define ONE_KILOBYTE (curl_off_t)1024 -#define ONE_MEGABYTE (1024 * ONE_KILOBYTE) -#define ONE_GIGABYTE (1024 * ONE_MEGABYTE) -#define ONE_TERABYTE (1024 * ONE_GIGABYTE) -#define ONE_PETABYTE (1024 * ONE_TERABYTE) + /* a signed 64-bit value is 8192 petabytes maximum */ + const char unit[] = { 'k', 'M', 'G', 'T', 'P', 0 }; + int k = 0; + if(bytes < 1000000) { + msnprintf(max6, 7, "%5" CURL_FORMAT_CURL_OFF_T, bytes); + return max6; + } - if(bytes < 100000) - msnprintf(max5, 6, "%5" FMT_OFF_T, bytes); - - else if(bytes < 10000 * ONE_KILOBYTE) - msnprintf(max5, 6, "%4" FMT_OFF_T "k", bytes/ONE_KILOBYTE); - - else if(bytes < 100 * ONE_MEGABYTE) - /* 'XX.XM' is good as long as we are less than 100 megs */ - msnprintf(max5, 6, "%2" FMT_OFF_T ".%0" - FMT_OFF_T "M", bytes/ONE_MEGABYTE, - (bytes%ONE_MEGABYTE) / (ONE_MEGABYTE/10) ); - - else if(bytes < 10000 * ONE_MEGABYTE) - /* 'XXXXM' is good until we are at 10000MB or above */ - msnprintf(max5, 6, "%4" FMT_OFF_T "M", bytes/ONE_MEGABYTE); - - else if(bytes < 100 * ONE_GIGABYTE) - /* 10000 MB - 100 GB, we show it as XX.XG */ - msnprintf(max5, 6, "%2" FMT_OFF_T ".%0" - FMT_OFF_T "G", bytes/ONE_GIGABYTE, - (bytes%ONE_GIGABYTE) / (ONE_GIGABYTE/10) ); - - else if(bytes < 10000 * ONE_GIGABYTE) - /* up to 10000GB, display without decimal: XXXXG */ - msnprintf(max5, 6, "%4" FMT_OFF_T "G", bytes/ONE_GIGABYTE); - - else if(bytes < 10000 * ONE_TERABYTE) - /* up to 10000TB, display without decimal: XXXXT */ - msnprintf(max5, 6, "%4" FMT_OFF_T "T", bytes/ONE_TERABYTE); - - else - /* up to 10000PB, display without decimal: XXXXP */ - msnprintf(max5, 6, "%4" FMT_OFF_T "P", bytes/ONE_PETABYTE); - - /* 16384 petabytes (16 exabytes) is the maximum a 64-bit unsigned number can - hold, but our data type is signed so 8192PB will be the maximum. */ - - return max5; + do { + curl_off_t nbytes = bytes / 1024; + if(nbytes < 1000) { + /* xxx.yU */ + msnprintf(max6, 7, "%3" CURL_FORMAT_CURL_OFF_T + ".%" CURL_FORMAT_CURL_OFF_T "%c", nbytes, + (bytes%1024) / (1024/10), unit[k]); + break; + } + else if(nbytes < 100000) { + /* xxxxxU */ + msnprintf(max6, 7, "%5" CURL_FORMAT_CURL_OFF_T "%c", nbytes, unit[k]); + break; + } + bytes = nbytes; + k++; + DEBUGASSERT(unit[k]); + } while(unit[k]); + return max6; } #endif @@ -503,7 +486,7 @@ static void pgrs_estimates(struct pgrs_dir *d, static void progress_meter(struct Curl_easy *data) { struct Progress *p = &data->progress; - char max5[6][10]; + char max6[6][7]; struct pgrs_estimate dl_estm; struct pgrs_estimate ul_estm; struct pgrs_estimate total_estm; @@ -561,21 +544,21 @@ static void progress_meter(struct Curl_easy *data) fprintf(data->set.err, "\r" - "%3" FMT_OFF_T " %s " - "%3" FMT_OFF_T " %s " - "%3" FMT_OFF_T " %s %s %s %s %s %s %s", + "%3" FMT_OFF_T " %s " + "%3" FMT_OFF_T " %s " + "%3" FMT_OFF_T " %s %s %s %s %s %s %s", total_estm.percent, /* 3 letters */ /* total % */ - max5data(total_expected_size, max5[2]), /* total size */ + max6data(total_expected_size, max6[2]), /* total size */ dl_estm.percent, /* 3 letters */ /* rcvd % */ - max5data(p->dl.cur_size, max5[0]), /* rcvd size */ + max6data(p->dl.cur_size, max6[0]), /* rcvd size */ ul_estm.percent, /* 3 letters */ /* xfer % */ - max5data(p->ul.cur_size, max5[1]), /* xfer size */ - max5data(p->dl.speed, max5[3]), /* avrg dl speed */ - max5data(p->ul.speed, max5[4]), /* avrg ul speed */ + max6data(p->ul.cur_size, max6[1]), /* xfer size */ + max6data(p->dl.speed, max6[3]), /* avrg dl speed */ + max6data(p->ul.speed, max6[4]), /* avrg ul speed */ time_total, /* 8 letters */ /* total time */ time_spent, /* 8 letters */ /* time spent */ time_left, /* 8 letters */ /* time left */ - max5data(p->current_speed, max5[5]) + max6data(p->current_speed, max6[5]) ); /* we flush the output stream to make it appear as soon as possible */ From e73759f1a9cc32c70a0eaa7c2db2beef1fb2f124 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 3 Oct 2025 14:27:28 +0200 Subject: [PATCH 0266/2408] GHA: show full versions next to pinned actions Also quotes to a configuration entry. Follow-up to 2e5993ab0812fd1a983738f6d6efbc7bb0806144 #18827 Closes #18832 --- .github/workflows/checkdocs.yml | 12 ++--- .github/workflows/checksrc.yml | 10 ++-- .github/workflows/codeql.yml | 4 +- .github/workflows/configure-vs-cmake.yml | 6 +-- .github/workflows/curl-for-win.yml | 10 ++-- .github/workflows/distcheck.yml | 24 +++++----- .github/workflows/hacktoberfest-accepted.yml | 2 +- .github/workflows/http3-linux.yml | 48 ++++++++++---------- .github/workflows/label.yml | 2 +- .github/workflows/linux-old.yml | 2 +- .github/workflows/linux.yml | 22 ++++----- .github/workflows/macos.yml | 8 ++-- .github/workflows/non-native.yml | 8 ++-- .github/workflows/windows.yml | 30 ++++++------ 14 files changed, 94 insertions(+), 94 deletions(-) diff --git a/.github/workflows/checkdocs.yml b/.github/workflows/checkdocs.yml index 3f802b5c4e..ad0c41e37a 100644 --- a/.github/workflows/checkdocs.yml +++ b/.github/workflows/checkdocs.yml @@ -39,7 +39,7 @@ jobs: # name: 'proselint' # runs-on: ubuntu-latest # steps: - # - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + # - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 # with: # persist-credentials: false # @@ -93,7 +93,7 @@ jobs: name: 'linkcheck' runs-on: ubuntu-latest steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -104,7 +104,7 @@ jobs: name: 'pyspelling' runs-on: ubuntu-latest steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -135,7 +135,7 @@ jobs: name: 'badwords, synopsis' runs-on: ubuntu-latest steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -151,7 +151,7 @@ jobs: name: 'man-examples' runs-on: ubuntu-latest steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -163,7 +163,7 @@ jobs: runs-on: ubuntu-24.04-arm timeout-minutes: 5 steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false diff --git a/.github/workflows/checksrc.yml b/.github/workflows/checksrc.yml index 71d096cac5..4ea1961412 100644 --- a/.github/workflows/checksrc.yml +++ b/.github/workflows/checksrc.yml @@ -36,7 +36,7 @@ jobs: name: 'checksrc' runs-on: ubuntu-latest steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -47,7 +47,7 @@ jobs: name: 'spellcheck, linters, REUSE' runs-on: ubuntu-latest steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -101,7 +101,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 3 steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -124,13 +124,13 @@ jobs: - name: 'install prereqs' run: HOMEBREW_NO_AUTO_UPDATE=1 /home/linuxbrew/.linuxbrew/bin/brew install shellcheck zizmor - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - name: 'zizmor GHA' env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_TOKEN: '${{ secrets.GITHUB_TOKEN }}' run: | eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)" zizmor --pedantic .github/workflows/*.yml diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index b1e20b4d2d..da12e575ab 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -43,7 +43,7 @@ jobs: permissions: security-events: write # To create/update security events steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -79,7 +79,7 @@ jobs: libnghttp2-dev libldap-dev heimdal-dev librtmp-dev libgnutls28-dev libwolfssl-dev HOMEBREW_NO_AUTO_UPDATE=1 /home/linuxbrew/.linuxbrew/bin/brew install c-ares gsasl libnghttp3 libngtcp2 mbedtls rustls-ffi - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false diff --git a/.github/workflows/configure-vs-cmake.yml b/.github/workflows/configure-vs-cmake.yml index b259daee51..35f5290d18 100644 --- a/.github/workflows/configure-vs-cmake.yml +++ b/.github/workflows/configure-vs-cmake.yml @@ -37,7 +37,7 @@ jobs: name: 'Linux' runs-on: ubuntu-latest steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -84,7 +84,7 @@ jobs: - name: 'toolchain versions' run: echo '::group::brew packages installed'; ls -l /opt/homebrew/opt; echo '::endgroup::' - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -133,7 +133,7 @@ jobs: sudo rm -f /var/lib/man-db/auto-update sudo apt-get -o Dpkg::Use-Pty=0 install mingw-w64 - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false diff --git a/.github/workflows/curl-for-win.yml b/.github/workflows/curl-for-win.yml index e29a2a66e8..91b0382a75 100644 --- a/.github/workflows/curl-for-win.yml +++ b/.github/workflows/curl-for-win.yml @@ -47,7 +47,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 10 steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false path: 'curl' @@ -76,7 +76,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 10 steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false path: 'curl' @@ -105,7 +105,7 @@ jobs: env: CW_JOBS: '4' steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false path: 'curl' @@ -123,7 +123,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 10 steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false path: 'curl' @@ -150,7 +150,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 10 steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false path: 'curl' diff --git a/.github/workflows/distcheck.yml b/.github/workflows/distcheck.yml index 9bc5565623..c6b4e775eb 100644 --- a/.github/workflows/distcheck.yml +++ b/.github/workflows/distcheck.yml @@ -28,7 +28,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 10 steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -75,7 +75,7 @@ jobs: timeout-minutes: 10 needs: maketgz-and-verify-in-tree steps: - - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5 + - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 with: name: 'release-tgz' @@ -99,7 +99,7 @@ jobs: timeout-minutes: 10 needs: maketgz-and-verify-in-tree steps: - - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5 + - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 with: name: 'release-tgz' @@ -125,7 +125,7 @@ jobs: timeout-minutes: 10 needs: maketgz-and-verify-in-tree steps: - - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5 + - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 with: name: 'release-tgz' @@ -149,7 +149,7 @@ jobs: timeout-minutes: 10 needs: maketgz-and-verify-in-tree steps: - - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5 + - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 with: name: 'release-tgz' @@ -170,7 +170,7 @@ jobs: timeout-minutes: 5 needs: maketgz-and-verify-in-tree steps: - - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5 + - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 with: name: 'release-tgz' @@ -192,7 +192,7 @@ jobs: timeout-minutes: 5 needs: maketgz-and-verify-in-tree steps: - - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5 + - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 with: name: 'release-tgz' @@ -214,11 +214,11 @@ jobs: timeout-minutes: 5 needs: maketgz-and-verify-in-tree steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5 + - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 with: name: 'release-tgz' @@ -230,7 +230,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 10 steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -267,7 +267,7 @@ jobs: matrix: image: [ubuntu-latest, macos-latest, windows-2022] steps: - - uses: msys2/setup-msys2@fb197b72ce45fb24f17bf3f807a388985654d1f2 # v2 + - uses: msys2/setup-msys2@fb197b72ce45fb24f17bf3f807a388985654d1f2 # v2.29.0 if: ${{ contains(matrix.image, 'windows') }} with: msystem: mingw64 @@ -302,7 +302,7 @@ jobs: printf '%s' ~/cmake-"${OLD_CMAKE_VERSION}"-Darwin-x86_64/CMake.app/Contents/bin/cmake > ~/old-cmake-path.txt fi - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false diff --git a/.github/workflows/hacktoberfest-accepted.yml b/.github/workflows/hacktoberfest-accepted.yml index 3aacbd6d0c..f934193a6e 100644 --- a/.github/workflows/hacktoberfest-accepted.yml +++ b/.github/workflows/hacktoberfest-accepted.yml @@ -26,7 +26,7 @@ jobs: issues: write # To edit labels on PRs pull-requests: write # To edit labels on PRs steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false fetch-depth: 100 diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index 5b1bd5fde6..09b03ef1e1 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -69,7 +69,7 @@ jobs: steps: - name: 'cache openssl' - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-openssl-http3 env: cache-name: cache-openssl-http3 @@ -78,7 +78,7 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.OPENSSL_VERSION }} - name: 'cache libressl' - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-libressl env: cache-name: cache-libressl @@ -87,7 +87,7 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.LIBRESSL_VERSION }} - name: 'cache awslc' - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-awslc env: cache-name: cache-awslc @@ -96,7 +96,7 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.AWSLC_VERSION }} - name: 'cache boringssl' - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-boringssl env: cache-name: cache-boringssl @@ -105,7 +105,7 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.BORINGSSL_VERSION }} - name: 'cache quictls' - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-quictls-no-deprecated env: cache-name: cache-quictls-no-deprecated @@ -114,7 +114,7 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.QUICTLS_VERSION }}-quic1 - name: 'cache gnutls' - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-gnutls env: cache-name: cache-gnutls @@ -123,7 +123,7 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.GNUTLS_VERSION }} - name: 'cache wolfssl' - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-wolfssl env: cache-name: cache-wolfssl @@ -132,7 +132,7 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.WOLFSSL_VERSION }} - name: 'cache nghttp3' - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-nghttp3 env: cache-name: cache-nghttp3 @@ -141,7 +141,7 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGHTTP3_VERSION }} - name: 'cache ngtcp2' - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-ngtcp2 env: cache-name: cache-ngtcp2 @@ -150,7 +150,7 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.OPENSSL_VERSION }}-${{ env.LIBRESSL_VERSION }}-${{ env.AWSLC_VERSION }}-${{ env.QUICTLS_VERSION }}-${{ env.GNUTLS_VERSION }}-${{ env.WOLFSSL_VERSION }} - name: 'cache ngtcp2 boringssl' - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-ngtcp2-boringssl env: cache-name: cache-ngtcp2-boringssl @@ -159,7 +159,7 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.BORINGSSL_VERSION }} - name: 'cache nghttp2' - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-nghttp2 env: cache-name: cache-nghttp2 @@ -517,7 +517,7 @@ jobs: - name: 'cache openssl' if: ${{ matrix.build.name == 'openssl' || matrix.build.name == 'openssl-quic' }} - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-openssl-http3 env: cache-name: cache-openssl-http3 @@ -527,7 +527,7 @@ jobs: fail-on-cache-miss: true - name: 'cache libressl' - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-libressl env: cache-name: cache-libressl @@ -537,7 +537,7 @@ jobs: fail-on-cache-miss: true - name: 'cache awslc' - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-awslc env: cache-name: cache-awslc @@ -547,7 +547,7 @@ jobs: fail-on-cache-miss: true - name: 'cache boringssl' - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-boringssl env: cache-name: cache-boringssl @@ -557,7 +557,7 @@ jobs: fail-on-cache-miss: true - name: 'cache quictls' - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-quictls-no-deprecated env: cache-name: cache-quictls-no-deprecated @@ -568,7 +568,7 @@ jobs: - name: 'cache gnutls' if: ${{ matrix.build.name == 'gnutls' }} - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-gnutls env: cache-name: cache-gnutls @@ -579,7 +579,7 @@ jobs: - name: 'cache wolfssl' if: ${{ matrix.build.name == 'wolfssl' }} - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-wolfssl env: cache-name: cache-wolfssl @@ -589,7 +589,7 @@ jobs: fail-on-cache-miss: true - name: 'cache nghttp3' - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-nghttp3 env: cache-name: cache-nghttp3 @@ -599,7 +599,7 @@ jobs: fail-on-cache-miss: true - name: 'cache ngtcp2' - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-ngtcp2 env: cache-name: cache-ngtcp2 @@ -609,7 +609,7 @@ jobs: fail-on-cache-miss: true - name: 'cache ngtcp2 boringssl' - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-ngtcp2-boringssl env: cache-name: cache-ngtcp2-boringssl @@ -619,7 +619,7 @@ jobs: fail-on-cache-miss: true - name: 'cache nghttp2' - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-nghttp2 env: cache-name: cache-nghttp2 @@ -630,7 +630,7 @@ jobs: - name: 'cache quiche' if: ${{ matrix.build.name == 'quiche' }} - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-quiche env: cache-name: cache-quiche @@ -659,7 +659,7 @@ jobs: # lib dir # /home/runner/quiche/quiche/deps/boringssl/src/lib - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false diff --git a/.github/workflows/label.yml b/.github/workflows/label.yml index cfafde14f7..f2050bd2ce 100644 --- a/.github/workflows/label.yml +++ b/.github/workflows/label.yml @@ -23,6 +23,6 @@ jobs: pull-requests: write # To edit labels on PRs steps: - - uses: actions/labeler@634933edcd8ababfe52f92936142cc22ac488b1b # v6 + - uses: actions/labeler@634933edcd8ababfe52f92936142cc22ac488b1b # v6.0.1 with: repo-token: '${{ secrets.GITHUB_TOKEN }}' diff --git a/.github/workflows/linux-old.yml b/.github/workflows/linux-old.yml index e7aad3c3e7..5cb292cafc 100644 --- a/.github/workflows/linux-old.yml +++ b/.github/workflows/linux-old.yml @@ -76,7 +76,7 @@ jobs: httrack --get https://deb.freexian.com/extended-lts/pool/main/g/gcc-8/libstdc++6_8.3.0-6_amd64.deb dpkg -i --force-depends libc6_*_amd64.deb libstdc++6_*_amd64.deb - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 3cdb9a47cd..ee9da7e9a3 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -373,7 +373,7 @@ jobs: - name: 'cache libressl' if: ${{ contains(matrix.build.install_steps, 'libressl') }} - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-libressl env: cache-name: cache-libressl @@ -393,7 +393,7 @@ jobs: - name: 'cache wolfssl (all)' if: ${{ contains(matrix.build.install_steps, 'wolfssl-all') }} - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-wolfssl-all env: cache-name: cache-wolfssl-all @@ -414,7 +414,7 @@ jobs: - name: 'cache wolfssl (opensslextra)' # does support `OPENSSL_COEXIST` if: ${{ contains(matrix.build.install_steps, 'wolfssl-opensslextra') }} - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-wolfssl-opensslextra env: cache-name: cache-wolfssl-opensslextra @@ -435,7 +435,7 @@ jobs: - name: 'cache mbedtls' if: ${{ contains(matrix.build.install_steps, 'mbedtls') }} - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-mbedtls env: cache-name: cache-mbedtls-threadsafe @@ -458,7 +458,7 @@ jobs: - name: 'cache openldap-static' if: ${{ contains(matrix.build.install_steps, 'openldap-static') }} - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-openldap-static env: cache-name: cache-openldap-static @@ -478,7 +478,7 @@ jobs: - name: 'cache openssl (thread sanitizer)' if: ${{ contains(matrix.build.install_steps, 'openssl-tsan') }} - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-openssl-tsan env: cache-name: cache-openssl-tsan @@ -497,7 +497,7 @@ jobs: - name: 'cache quictls' if: ${{ contains(matrix.build.install_steps, 'quictls') }} - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-quictls env: cache-name: cache-quictls @@ -516,7 +516,7 @@ jobs: - name: 'cache awslc' if: ${{ contains(matrix.build.install_steps, 'awslc') }} - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-awslc env: cache-name: cache-awslc @@ -536,7 +536,7 @@ jobs: - name: 'cache boringssl' if: ${{ contains(matrix.build.install_steps, 'boringssl') }} - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-boringssl env: cache-name: cache-boringssl @@ -557,7 +557,7 @@ jobs: - name: 'cache rustls' if: ${{ contains(matrix.build.install_steps, 'rustls') }} - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-rustls env: cache-name: cache-rustls @@ -590,7 +590,7 @@ jobs: source /opt/intel/oneapi/setvars.sh printenv >> "$GITHUB_ENV" - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index 931abc8693..87fc53d334 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -110,7 +110,7 @@ jobs: - name: 'cache libressl' if: ${{ contains(matrix.build.install_steps, 'libressl') }} - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-libressl env: cache-name: cache-libressl @@ -134,7 +134,7 @@ jobs: cmake --build . cmake --install . --verbose - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -388,7 +388,7 @@ jobs: echo '::group::macros predefined'; "${CC}" -dM -E - < /dev/null | sort || true; echo '::endgroup::' echo '::group::brew packages installed'; ls -l /opt/homebrew/opt; echo '::endgroup::' - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -635,7 +635,7 @@ jobs: echo '::group::macros predefined'; "${CC}" -dM -E - < /dev/null | sort || true; echo '::endgroup::' echo '::group::brew packages preinstalled'; ls -l /opt/homebrew/opt; echo '::endgroup::' - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false diff --git a/.github/workflows/non-native.yml b/.github/workflows/non-native.yml index 03abced26e..f0368a9240 100644 --- a/.github/workflows/non-native.yml +++ b/.github/workflows/non-native.yml @@ -47,7 +47,7 @@ jobs: matrix: arch: ['x86_64'] steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - name: 'cmake' @@ -92,7 +92,7 @@ jobs: matrix: arch: ['x86_64'] steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - name: 'cmake' @@ -142,7 +142,7 @@ jobs: - { build: 'cmake' , arch: 'arm64', compiler: 'clang' } fail-fast: false steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - name: '${{ matrix.build }}' @@ -261,7 +261,7 @@ jobs: fail-fast: false steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index e1219dfadc..b5e31ee9c1 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -53,7 +53,7 @@ jobs: steps: - name: 'install build prereqs' if: ${{ steps.cache-perl-win32-pkgs.outputs.cache-hit != 'true' }} - uses: msys2/setup-msys2@fb197b72ce45fb24f17bf3f807a388985654d1f2 # v2 + uses: msys2/setup-msys2@fb197b72ce45fb24f17bf3f807a388985654d1f2 # v2.29.0 with: msystem: msys install: gcc make @@ -62,7 +62,7 @@ jobs: run: perl --version | tee "$GITHUB_WORKSPACE"/perlversion - name: 'cache perl packages' - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-perl-win32-pkgs env: cache-name: cache-perl-win32-pkgs @@ -133,7 +133,7 @@ jobs: libnghttp2-devel ${{ matrix.install }} - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -282,7 +282,7 @@ jobs: - run: git config --global core.autocrlf input shell: pwsh - - uses: msys2/setup-msys2@fb197b72ce45fb24f17bf3f807a388985654d1f2 # v2 + - uses: msys2/setup-msys2@fb197b72ce45fb24f17bf3f807a388985654d1f2 # v2.29.0 if: ${{ matrix.sys == 'msys' }} with: msystem: ${{ matrix.sys }} @@ -298,7 +298,7 @@ jobs: libpsl-devel ${{ matrix.install }} - - uses: msys2/setup-msys2@fb197b72ce45fb24f17bf3f807a388985654d1f2 # v2 + - uses: msys2/setup-msys2@fb197b72ce45fb24f17bf3f807a388985654d1f2 # v2.29.0 if: ${{ matrix.sys != 'msys' }} with: msystem: ${{ matrix.sys }} @@ -311,7 +311,7 @@ jobs: mingw-w64-${{ matrix.env }}-c-ares ${{ matrix.install }} - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -433,7 +433,7 @@ jobs: - name: 'cache perl packages' if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' && matrix.sys != 'msys' }} - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-perl-win32-pkgs env: cache-name: cache-perl-win32-pkgs @@ -558,7 +558,7 @@ jobs: tflags: 'skipall' fail-fast: false steps: - - uses: msys2/setup-msys2@fb197b72ce45fb24f17bf3f807a388985654d1f2 # v2 + - uses: msys2/setup-msys2@fb197b72ce45fb24f17bf3f807a388985654d1f2 # v2.29.0 with: msystem: ${{ matrix.dir }} release: false @@ -570,7 +570,7 @@ jobs: ${{ matrix.install }} - name: 'cache compiler (gcc ${{ matrix.ver }}-${{ matrix.env }})' - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-compiler with: path: D:\my-cache @@ -594,7 +594,7 @@ jobs: - run: git config --global core.autocrlf input - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -663,7 +663,7 @@ jobs: - name: 'cache perl packages' if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-perl-win32-pkgs env: cache-name: cache-perl-win32-pkgs @@ -723,7 +723,7 @@ jobs: sudo rm -f /var/lib/man-db/auto-update sudo apt-get -o Dpkg::Use-Pty=0 install gcc-mingw-w64-x86-64-win32 - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -892,7 +892,7 @@ jobs: fail-fast: false steps: - - uses: msys2/setup-msys2@fb197b72ce45fb24f17bf3f807a388985654d1f2 # v2 + - uses: msys2/setup-msys2@fb197b72ce45fb24f17bf3f807a388985654d1f2 # v2.29.0 with: msystem: ${{ matrix.arch == 'arm64' && 'clangarm64' || 'ucrt64' }} release: ${{ contains(matrix.image, 'arm') }} @@ -914,7 +914,7 @@ jobs: timeout-minutes: 45 run: vcpkg x-set-installed ${MATRIX_INSTALL_VCPKG} --triplet="${MATRIX_ARCH}-${MATRIX_PLAT}" - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -1057,7 +1057,7 @@ jobs: - name: 'cache perl packages' if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-perl-win32-pkgs env: cache-name: cache-perl-win32-pkgs From 733c994b1e575d855a6bb59eb85e76a9f3884579 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Fri, 3 Oct 2025 14:15:04 +0200 Subject: [PATCH 0267/2408] doh: inherit new custom ssl flags The new custom_* flags in the SSL config need to be inherited when setting up the doh easy handle, so that defaults apply the same way as for the original easy handle. Closes #18831 --- lib/doh.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lib/doh.c b/lib/doh.c index a76f42207d..15e01357b8 100644 --- a/lib/doh.c +++ b/lib/doh.c @@ -377,6 +377,9 @@ static CURLcode doh_probe_run(struct Curl_easy *data, options should be added to check doh proxy insecure separately, CURLOPT_DOH_PROXY_SSL_VERIFYHOST and CURLOPT_DOH_PROXY_SSL_VERIFYPEER. */ + doh->set.ssl.custom_cafile = data->set.ssl.custom_cafile; + doh->set.ssl.custom_capath = data->set.ssl.custom_capath; + doh->set.ssl.custom_cablob = data->set.ssl.custom_cablob; if(data->set.str[STRING_SSL_CAFILE]) { ERROR_CHECK_SETOPT(CURLOPT_CAINFO, data->set.str[STRING_SSL_CAFILE]); From 7468faffc14e24a14e5f7badc6cc11e4459dc5aa Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 3 Oct 2025 21:15:33 +0200 Subject: [PATCH 0268/2408] Makefile.example: fix option order [ci skip] The `ld` linker is sensitive to this, and did not find libcurl symbol with the order before this patch. Seen with mingw-w64 gcc. Follow-up to f6ddc1fc1e25ff8ea866f90942719af898d0ef0c #18554 Closes #18835 --- docs/examples/Makefile.example | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/examples/Makefile.example b/docs/examples/Makefile.example index f2994e73e1..fbbca8a9a9 100644 --- a/docs/examples/Makefile.example +++ b/docs/examples/Makefile.example @@ -47,4 +47,4 @@ LIBS := -lcurl $(LIBS) # Link the target with all objects and libraries $(TARGET) : $(SRC) - $(CC) -o $(TARGET) $(CFLAGS) $(LDFLAGS) $(LIBS) $< + $(CC) $< $(CFLAGS) $(LDFLAGS) $(LIBS) -o $(TARGET) From 99433d06e696a869879213cc1c741b77d5f34b21 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 3 Oct 2025 15:54:06 +0000 Subject: [PATCH 0269/2408] GHA: update dependency google/boringssl to v0.20251002.0 Closes #18834 --- .github/workflows/http3-linux.yml | 2 +- .github/workflows/linux.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index 09b03ef1e1..c14a640097 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -48,7 +48,7 @@ env: # renovate: datasource=github-tags depName=awslabs/aws-lc versioning=semver registryUrl=https://github.com AWSLC_VERSION: 1.61.4 # renovate: datasource=github-tags depName=google/boringssl versioning=semver registryUrl=https://github.com - BORINGSSL_VERSION: 0.20250818.0 + BORINGSSL_VERSION: 0.20251002.0 # renovate: datasource=github-tags depName=gnutls/gnutls versioning=semver registryUrl=https://github.com GNUTLS_VERSION: 3.8.10 # renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?.+)-stable$ registryUrl=https://github.com diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index ee9da7e9a3..5b2b5e711c 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -46,7 +46,7 @@ env: # renovate: datasource=github-tags depName=awslabs/aws-lc versioning=semver registryUrl=https://github.com AWSLC_VERSION: 1.61.4 # renovate: datasource=github-tags depName=google/boringssl versioning=semver registryUrl=https://github.com - BORINGSSL_VERSION: 0.20250818.0 + BORINGSSL_VERSION: 0.20251002.0 # handled in renovate.json OPENSSL_VERSION: 3.6.0 # handled in renovate.json From fff36a360ed781ff1073bfc918747828d57face2 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 3 Oct 2025 03:12:39 +0200 Subject: [PATCH 0270/2408] checksrc: fix to handle `)` predecing a banned function Fixing: ``` Unmatched ) in regex; marked by <-- HERE in m/ \*buffer_len = \(ssize_t) <-- HERE strtol\(/ at /home/runner/work/curl/curl/scripts/checksrc.pl line 916, <$R> line 380. ``` Ref: https://github.com/curl/curl/actions/runs/18209824275/job/51848079550#step:3:5 Also add a test case. Follow-up to 684f4cdd3ef0cc41c547fce0e45d8a059a3058b3 #18779 Cherry-picked from #18823 Closes #18836 --- scripts/checksrc.pl | 1 + tests/data/test1185 | 8 ++++++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/scripts/checksrc.pl b/scripts/checksrc.pl index 0907c3f9ad..af705d10c4 100755 --- a/scripts/checksrc.pl +++ b/scripts/checksrc.pl @@ -908,6 +908,7 @@ sub scanfile { $prefix =~ s/\[/\\[/; $prefix =~ s/\]/\\]/; $prefix =~ s/\(/\\(/; + $prefix =~ s/\)/\\)/; $suff =~ s/\(/\\(/; $l =~ s/$prefix$bad$suff/$prefix$replace/; goto again; diff --git a/tests/data/test1185 b/tests/data/test1185 index 14a23dc01a..7323c59a0d 100644 --- a/tests/data/test1185 +++ b/tests/data/test1185 @@ -75,6 +75,7 @@ void startfunc(int a, int b) { if(a) b++; if(sprintf(buffer, "%s", moo)) {} + *buffer_len = (ssize_t)alsobad((char *)buffer, NULL, 16); // CPP comment ? @@ -197,7 +198,10 @@ void startfunc(int a, int b) { ./%LOGDIR/code1185.c:59:5: warning: use of sprintf is banned (BANNEDFUNC) if(sprintf(buffer, "%s", moo)) {} ^ -./%LOGDIR/code1185.c:61:2: warning: // comment (CPPCOMMENTS) +./%LOGDIR/code1185.c:60:25: warning: use of alsobad is banned (BANNEDFUNC) + *buffer_len = (ssize_t)alsobad((char *)buffer, NULL, 16); + ^ +./%LOGDIR/code1185.c:62:2: warning: // comment (CPPCOMMENTS) // CPP comment ? ^ ./%LOGDIR/code1185.c:1:1: error: Missing copyright statement (COPYRIGHT) @@ -206,7 +210,7 @@ void startfunc(int a, int b) { ./%LOGDIR/code1185.c:1:1: error: Missing closing comment (OPENCOMMENT) ^ -checksrc: 0 errors and 40 warnings +checksrc: 0 errors and 41 warnings 5 From 45438c8d6f8e70385d66c029568524e9e803c539 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 2 Oct 2025 21:33:48 +0200 Subject: [PATCH 0271/2408] checksrc: reduce directory-specific exceptions By making them defaults, then fixing and/or reshuffling remaining exceptions as necessary. - checksrc: ban by default: `snprintf`, `vsnprintf`, `sscanf`, `strtol`. - examples: replace `strtol` with `atoi` to avoid a checksrc exception. - tests/libtest: replace `strtol` with `atol`. - tests/server: replace most `strtol` with `atol`. - tests/server: replace most `strtoul` with `atol`/`atoi`. - tests/server: drop no longer used `util_ultous`. - fix typo in checksrc rules: `vsnprint` -> `vsnprintf`. - update local exceptions. Also: - examples: ban curl printf functions. They're discouraged in user code. - examples: replace curl printf with system printf. Add `snprintf` workaround for #include +#elif (_MSC_VER < 1900) +#define snprintf _snprintf #endif #ifdef _WIN32 @@ -162,8 +164,8 @@ int my_trace(CURL *handle, curl_infotype type, } secs = epoch_offset + tv.tv_sec; now = localtime(&secs); /* not thread safe but we do not care */ - curl_msnprintf(timebuf, sizeof(timebuf), "%02d:%02d:%02d.%06ld", - now->tm_hour, now->tm_min, now->tm_sec, (long)tv.tv_usec); + snprintf(timebuf, sizeof(timebuf), "%02d:%02d:%02d.%06ld", + now->tm_hour, now->tm_min, now->tm_sec, (long)tv.tv_usec); switch(type) { case CURLINFO_TEXT: @@ -215,7 +217,7 @@ static int setup(struct input *i, int num, const char *upload) hnd = i->hnd = NULL; i->num = num; - curl_msnprintf(filename, 128, "dl-%d", num); + snprintf(filename, sizeof(filename), "dl-%d", num); out = fopen(filename, "wb"); if(!out) { fprintf(stderr, "error: could not open file %s for writing: %s\n", upload, @@ -223,7 +225,7 @@ static int setup(struct input *i, int num, const char *upload) return 1; } - curl_msnprintf(url, 256, "https://localhost:8443/upload-%d", num); + snprintf(url, sizeof(url), "https://localhost:8443/upload-%d", num); i->in = fopen(upload, "rb"); if(!i->in) { diff --git a/docs/examples/synctime.c b/docs/examples/synctime.c index 8d7af7c8c4..dd21082446 100644 --- a/docs/examples/synctime.c +++ b/docs/examples/synctime.c @@ -72,15 +72,32 @@ */ #include -#include -#include -#ifdef _WIN32 -#include +#ifndef _WIN32 +int main(void) { printf("Platform not supported.\n"); return 1; } #else -#error "This example requires Windows." + +#if (defined(_WIN32_WINNT) && (_WIN32_WINNT >= 0x0602)) || \ + defined(WINAPI_FAMILY) +# include +# if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP) && \ + !WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP) +# define CURL_WINDOWS_UWP +# endif #endif +#ifdef CURL_WINDOWS_UWP +int main(void) { printf("Platform not supported.\n"); return 1; } +#else + +#include +#include + +#include + +#if defined(_MSC_VER) && (_MSC_VER < 1900) +#define snprintf _snprintf +#endif #define MAX_STRING 256 #define MAX_STRING1 MAX_STRING + 1 @@ -139,7 +156,7 @@ static size_t SyncTime_CURL_WriteHeader(void *ptr, size_t size, size_t nmemb, *TmpStr1 = 0; *TmpStr2 = 0; if(strlen((char *)(ptr)) > 50) /* Can prevent buffer overflow to - TmpStr1 & 2? */ + TmpStr1 & 2? */ AutoSyncTime = 0; else { int RetVal = sscanf((char *)(ptr), "Date: %25s %hu %s %hu %hu:%hu:%hu", @@ -305,7 +322,7 @@ int main(int argc, char *argv[]) tzonediffFloat = difftime(tt_local, tt_gmt); tzonediffWord = (int)(tzonediffFloat/3600.0); - if((double)(tzonediffWord * 3600) == tzonediffFloat) + if(tzonediffWord == (int)(tzonediffFloat/3600.0)) snprintf(tzoneBuf, sizeof(tzoneBuf), "%+03d'00'", tzonediffWord); else snprintf(tzoneBuf, sizeof(tzoneBuf), "%+03d'30'", tzonediffWord); @@ -358,3 +375,5 @@ int main(int argc, char *argv[]) } return RetValue; } +#endif /* CURL_WINDOWS_UWP */ +#endif /* _WIN32 */ diff --git a/docs/internals/CODE_STYLE.md b/docs/internals/CODE_STYLE.md index aef5103fed..0d072c04c3 100644 --- a/docs/internals/CODE_STYLE.md +++ b/docs/internals/CODE_STYLE.md @@ -362,6 +362,6 @@ This is the full list of functions generally banned. strtok_r strtol strtoul - vsnprint + vsnprintf vsprintf wcsdup diff --git a/lib/.checksrc b/lib/.checksrc index 22ca8e0b53..9b8d799ea2 100644 --- a/lib/.checksrc +++ b/lib/.checksrc @@ -1,5 +1 @@ -banfunc snprintf -banfunc sscanf banfunc strerror -banfunc strtol -banfunc vsnprint diff --git a/lib/curlx/.checksrc b/lib/curlx/.checksrc index 22ca8e0b53..9b8d799ea2 100644 --- a/lib/curlx/.checksrc +++ b/lib/curlx/.checksrc @@ -1,5 +1 @@ -banfunc snprintf -banfunc sscanf banfunc strerror -banfunc strtol -banfunc vsnprint diff --git a/lib/vauth/.checksrc b/lib/vauth/.checksrc index 22ca8e0b53..9b8d799ea2 100644 --- a/lib/vauth/.checksrc +++ b/lib/vauth/.checksrc @@ -1,5 +1 @@ -banfunc snprintf -banfunc sscanf banfunc strerror -banfunc strtol -banfunc vsnprint diff --git a/lib/vquic/.checksrc b/lib/vquic/.checksrc index 22ca8e0b53..9b8d799ea2 100644 --- a/lib/vquic/.checksrc +++ b/lib/vquic/.checksrc @@ -1,5 +1 @@ -banfunc snprintf -banfunc sscanf banfunc strerror -banfunc strtol -banfunc vsnprint diff --git a/lib/vssh/.checksrc b/lib/vssh/.checksrc index 22ca8e0b53..9b8d799ea2 100644 --- a/lib/vssh/.checksrc +++ b/lib/vssh/.checksrc @@ -1,5 +1 @@ -banfunc snprintf -banfunc sscanf banfunc strerror -banfunc strtol -banfunc vsnprint diff --git a/lib/vtls/.checksrc b/lib/vtls/.checksrc index 22ca8e0b53..9b8d799ea2 100644 --- a/lib/vtls/.checksrc +++ b/lib/vtls/.checksrc @@ -1,5 +1 @@ -banfunc snprintf -banfunc sscanf banfunc strerror -banfunc strtol -banfunc vsnprint diff --git a/scripts/checksrc.pl b/scripts/checksrc.pl index af705d10c4..637c0b7c8b 100755 --- a/scripts/checksrc.pl +++ b/scripts/checksrc.pl @@ -53,11 +53,15 @@ my %banfunc = ( "gets" => 1, "strtok" => 1, "sprintf" => 1, + "snprintf" => 1, "vsprintf" => 1, + "vsnprintf" => 1, + "sscanf" => 1, "strcat" => 1, "strncat" => 1, "strncpy" => 1, "strtok_r" => 1, + "strtol" => 1, "strtoul" => 1, "_mbscat" => 1, "_mbsncat" => 1, diff --git a/src/.checksrc b/src/.checksrc index 7b71afb236..946367c499 100644 --- a/src/.checksrc +++ b/src/.checksrc @@ -1,5 +1 @@ enable STDERR -banfunc snprintf -banfunc sscanf -banfunc strtol -banfunc vsnprint diff --git a/tests/libtest/cli_hx_download.c b/tests/libtest/cli_hx_download.c index 7a6a48c171..5ab4db024c 100644 --- a/tests/libtest/cli_hx_download.c +++ b/tests/libtest/cli_hx_download.c @@ -317,32 +317,32 @@ static CURLcode test_cli_hx_download(const char *URL) forbid_reuse_d = 1; break; case 'm': - max_parallel = (size_t)strtol(coptarg, NULL, 10); + max_parallel = (size_t)atol(coptarg); break; case 'n': - transfer_count_d = (size_t)strtol(coptarg, NULL, 10); + transfer_count_d = (size_t)atol(coptarg); break; case 'x': fresh_connect = 1; break; case 'A': - abort_offset = (size_t)strtol(coptarg, NULL, 10); + abort_offset = (size_t)atol(coptarg); break; case 'F': - fail_offset = (size_t)strtol(coptarg, NULL, 10); + fail_offset = (size_t)atol(coptarg); break; case 'M': - max_host_conns = (size_t)strtol(coptarg, NULL, 10); + max_host_conns = (size_t)atol(coptarg); break; case 'P': - pause_offset = (size_t)strtol(coptarg, NULL, 10); + pause_offset = (size_t)atol(coptarg); break; case 'r': free(resolve); resolve = strdup(coptarg); break; case 'T': - max_total_conns = (size_t)strtol(coptarg, NULL, 10); + max_total_conns = (size_t)atol(coptarg); break; case 'V': { if(!strcmp("http/1.1", coptarg)) diff --git a/tests/libtest/cli_hx_upload.c b/tests/libtest/cli_hx_upload.c index 40e486c41a..a0a6b95db8 100644 --- a/tests/libtest/cli_hx_upload.c +++ b/tests/libtest/cli_hx_upload.c @@ -257,22 +257,22 @@ static CURLcode test_cli_hx_upload(const char *URL) announce_length = 1; break; case 'm': - max_parallel = (size_t)strtol(coptarg, NULL, 10); + max_parallel = (size_t)atol(coptarg); break; case 'n': - transfer_count_u = (size_t)strtol(coptarg, NULL, 10); + transfer_count_u = (size_t)atol(coptarg); break; case 'A': - abort_offset = (size_t)strtol(coptarg, NULL, 10); + abort_offset = (size_t)atol(coptarg); break; case 'F': - fail_offset = (size_t)strtol(coptarg, NULL, 10); + fail_offset = (size_t)atol(coptarg); break; case 'M': method = coptarg; break; case 'P': - pause_offset = (size_t)strtol(coptarg, NULL, 10); + pause_offset = (size_t)atol(coptarg); break; case 'r': resolve = coptarg; @@ -281,7 +281,7 @@ static CURLcode test_cli_hx_upload(const char *URL) reuse_easy = 1; break; case 'S': - send_total = (size_t)strtol(coptarg, NULL, 10); + send_total = (size_t)atol(coptarg); break; case 'V': { if(!strcmp("http/1.1", coptarg)) diff --git a/tests/libtest/cli_ws_data.c b/tests/libtest/cli_ws_data.c index 32356552a8..26cecc19fe 100644 --- a/tests/libtest/cli_ws_data.c +++ b/tests/libtest/cli_ws_data.c @@ -431,13 +431,13 @@ static CURLcode test_cli_ws_data(const char *URL) res = CURLE_BAD_FUNCTION_ARGUMENT; goto cleanup; case 'c': - count = (size_t)strtol(coptarg, NULL, 10); + count = (size_t)atol(coptarg); break; case 'm': - plen_min = (size_t)strtol(coptarg, NULL, 10); + plen_min = (size_t)atol(coptarg); break; case 'M': - plen_max = (size_t)strtol(coptarg, NULL, 10); + plen_max = (size_t)atol(coptarg); break; default: test_ws_data_usage("invalid option"); diff --git a/tests/libtest/first.c b/tests/libtest/first.c index 49ec8a5f91..79baca331e 100644 --- a/tests/libtest/first.c +++ b/tests/libtest/first.c @@ -137,9 +137,8 @@ static void memory_tracking_init(void) /* if CURL_MEMLIMIT is set, this enables fail-on-alloc-number-N feature */ env = getenv("CURL_MEMLIMIT"); if(env) { - char *endptr; - long num = strtol(env, &endptr, 10); - if((endptr != env) && (endptr == env + strlen(env)) && (num > 0)) + long num = atol(env); + if(num > 0) curl_dbg_memlimit(num); } } diff --git a/tests/libtest/lib1560.c b/tests/libtest/lib1560.c index 1973d8a916..0071bb0f8b 100644 --- a/tests/libtest/lib1560.c +++ b/tests/libtest/lib1560.c @@ -1198,6 +1198,7 @@ static CURLUcode updateurl(CURLU *u, const char *cmd, unsigned int setflags) memset(value, 0, sizeof(value)); /* Avoid valgrind false positive. */ memcpy(buf, p, n); buf[n] = 0; + /* !checksrc! disable BANNEDFUNC 1 */ if(sscanf(buf, "%79[^=]=%79[^,]", part, value) == 2) { CURLUPart what = part2id(part); #if 0 diff --git a/tests/libtest/lib1568.c b/tests/libtest/lib1568.c index a2451486fd..695badc85c 100644 --- a/tests/libtest/lib1568.c +++ b/tests/libtest/lib1568.c @@ -39,7 +39,7 @@ static CURLcode test_lib1568(const char *URL) curl_easy_setopt(hnd, CURLOPT_USERAGENT, "lib1568"); curl_easy_setopt(hnd, CURLOPT_HTTPAUTH, CURLAUTH_DIGEST); curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L); - curl_easy_setopt(hnd, CURLOPT_PORT, strtol(libtest_arg2, NULL, 10)); + curl_easy_setopt(hnd, CURLOPT_PORT, atol(libtest_arg2)); ret = curl_easy_perform(hnd); diff --git a/tests/libtest/lib521.c b/tests/libtest/lib521.c index 32bf7b3022..c02c45a3c1 100644 --- a/tests/libtest/lib521.c +++ b/tests/libtest/lib521.c @@ -43,7 +43,7 @@ static CURLcode test_lib521(const char *URL) } test_setopt(curl, CURLOPT_URL, URL); - test_setopt(curl, CURLOPT_PORT, strtol(libtest_arg2, NULL, 10)); + test_setopt(curl, CURLOPT_PORT, atol(libtest_arg2)); test_setopt(curl, CURLOPT_USERPWD, "xxx:yyy"); test_setopt(curl, CURLOPT_VERBOSE, 1L); diff --git a/tests/libtest/lib562.c b/tests/libtest/lib562.c index 016dffe1bd..1c3bf8cff8 100644 --- a/tests/libtest/lib562.c +++ b/tests/libtest/lib562.c @@ -55,7 +55,7 @@ static CURLcode test_lib562(const char *URL) test_setopt(curl, CURLOPT_VERBOSE, 1L); /* set port number */ - test_setopt(curl, CURLOPT_PORT, strtol(libtest_arg2, NULL, 10)); + test_setopt(curl, CURLOPT_PORT, atol(libtest_arg2)); /* specify target */ test_setopt(curl, CURLOPT_URL, URL); diff --git a/tests/libtest/lib591.c b/tests/libtest/lib591.c index 77a038c7c3..c85c42b0c2 100644 --- a/tests/libtest/lib591.c +++ b/tests/libtest/lib591.c @@ -71,8 +71,7 @@ static CURLcode test_lib591(const char *URL) easy_setopt(easy, CURLOPT_FTPPORT, "-"); /* server connection timeout */ - easy_setopt(easy, CURLOPT_ACCEPTTIMEOUT_MS, - strtol(libtest_arg2, NULL, 10)*1000); + easy_setopt(easy, CURLOPT_ACCEPTTIMEOUT_MS, atol(libtest_arg2)*1000); multi_init(multi); diff --git a/tests/server/.checksrc b/tests/server/.checksrc index 29331433c2..d6506e1402 100644 --- a/tests/server/.checksrc +++ b/tests/server/.checksrc @@ -6,5 +6,7 @@ allowfunc getaddrinfo allowfunc open allowfunc recv allowfunc send +allowfunc snprintf allowfunc socket -allowfunc strtoul +allowfunc sscanf +allowfunc vsnprintf diff --git a/tests/server/dnsd.c b/tests/server/dnsd.c index dc49723da3..2d0ce35e6f 100644 --- a/tests/server/dnsd.c +++ b/tests/server/dnsd.c @@ -441,9 +441,7 @@ static int test_dnsd(int argc, char **argv) else if(!strcmp("--port", argv[arg])) { arg++; if(argc > arg) { - char *endptr; - unsigned long ulnum = strtoul(argv[arg], &endptr, 10); - port = util_ultous(ulnum); + port = (unsigned short)atoi(argv[arg]); arg++; } } diff --git a/tests/server/first.h b/tests/server/first.h index 44dd272ce2..4d3ae61de7 100644 --- a/tests/server/first.h +++ b/tests/server/first.h @@ -148,7 +148,6 @@ extern void restore_signal_handlers(bool keep_sigalrm); extern int bind_unix_socket(curl_socket_t sock, const char *unix_socket, struct sockaddr_un *sau); #endif -extern unsigned short util_ultous(unsigned long ulnum); extern curl_socket_t sockdaemon(curl_socket_t sock, unsigned short *listenport, const char *unix_socket, diff --git a/tests/server/mqttd.c b/tests/server/mqttd.c index 7f5abf1b5d..9414eef504 100644 --- a/tests/server/mqttd.c +++ b/tests/server/mqttd.c @@ -782,15 +782,13 @@ static int test_mqttd(int argc, char *argv[]) else if(!strcmp("--port", argv[arg])) { arg++; if(argc > arg) { - char *endptr; - unsigned long ulnum = strtoul(argv[arg], &endptr, 10); - if((endptr != argv[arg] + strlen(argv[arg])) || - ((ulnum != 0UL) && ((ulnum < 1025UL) || (ulnum > 65535UL)))) { + int inum = atoi(argv[arg]); + if(inum && ((inum < 1025) || (inum > 65535))) { fprintf(stderr, "mqttd: invalid --port argument (%s)\n", argv[arg]); return 0; } - server_port = util_ultous(ulnum); + server_port = (unsigned short)inum; arg++; } } diff --git a/tests/server/rtspd.c b/tests/server/rtspd.c index 67829922dc..0a4f9159c0 100644 --- a/tests/server/rtspd.c +++ b/tests/server/rtspd.c @@ -211,7 +211,7 @@ static int rtspd_ProcessRequest(struct rtspd_httprequest *req) while(*ptr && !ISDIGIT(*ptr)) ptr++; - req->testno = strtol(ptr, &ptr, 10); + req->testno = atol(ptr); if(req->testno > 10000) { req->partno = req->testno % 10000; @@ -358,7 +358,7 @@ static int rtspd_ProcessRequest(struct rtspd_httprequest *req) CONNECT line will be used as test number! */ char *portp = strchr(doc, ':'); if(portp && (*(portp + 1) != '\0') && ISDIGIT(*(portp + 1))) - req->testno = strtol(portp + 1, NULL, 10); + req->testno = atol(portp + 1); else req->testno = DOCNUMBER_CONNECT; } @@ -1045,9 +1045,7 @@ static int test_rtspd(int argc, char *argv[]) else if(!strcmp("--port", argv[arg])) { arg++; if(argc > arg) { - char *endptr; - unsigned long ulnum = strtoul(argv[arg], &endptr, 10); - port = util_ultous(ulnum); + port = (unsigned short)atol(argv[arg]); arg++; } } diff --git a/tests/server/sockfilt.c b/tests/server/sockfilt.c index a52efe0a1b..c6536fee4a 100644 --- a/tests/server/sockfilt.c +++ b/tests/server/sockfilt.c @@ -376,6 +376,7 @@ static bool read_data_block(unsigned char *buffer, ssize_t maxlen, buffer[5] = '\0'; + /* !checksrc! disable BANNEDFUNC 1 */ *buffer_len = (ssize_t)strtol((char *)buffer, NULL, 16); if(*buffer_len > maxlen) { logmsg("Buffer size (%zd bytes) too small for data size error " @@ -1278,9 +1279,7 @@ static int test_sockfilt(int argc, char *argv[]) else if(!strcmp("--port", argv[arg])) { arg++; if(argc > arg) { - char *endptr; - unsigned long ulnum = strtoul(argv[arg], &endptr, 10); - server_port = util_ultous(ulnum); + server_port = (unsigned short)atol(argv[arg]); arg++; } } @@ -1289,15 +1288,13 @@ static int test_sockfilt(int argc, char *argv[]) doing a passive server-style listening. */ arg++; if(argc > arg) { - char *endptr; - unsigned long ulnum = strtoul(argv[arg], &endptr, 10); - if((endptr != argv[arg] + strlen(argv[arg])) || - (ulnum < 1025UL) || (ulnum > 65535UL)) { + int inum = atoi(argv[arg]); + if(inum && ((inum < 1025) || (inum > 65535))) { fprintf(stderr, "sockfilt: invalid --connect argument (%s)\n", argv[arg]); return 0; } - server_connectport = util_ultous(ulnum); + server_connectport = (unsigned short)inum; arg++; } } diff --git a/tests/server/socksd.c b/tests/server/socksd.c index 4d599e16b6..06283e0424 100644 --- a/tests/server/socksd.c +++ b/tests/server/socksd.c @@ -108,7 +108,7 @@ static void socksd_resetdefaults(void) static unsigned short shortval(char *value) { - unsigned long num = strtoul(value, NULL, 10); + unsigned long num = (unsigned long)atol(value); return num & 0xffff; } @@ -831,9 +831,7 @@ static int test_socksd(int argc, char *argv[]) else if(!strcmp("--port", argv[arg])) { arg++; if(argc > arg) { - char *endptr; - unsigned long ulnum = strtoul(argv[arg], &endptr, 10); - server_port = util_ultous(ulnum); + server_port = (unsigned short)atol(argv[arg]); arg++; } } diff --git a/tests/server/sws.c b/tests/server/sws.c index a512a7a31e..20d2bf7632 100644 --- a/tests/server/sws.c +++ b/tests/server/sws.c @@ -389,7 +389,7 @@ static int sws_ProcessRequest(struct sws_httprequest *req) ptr++; /* skip the slash */ - req->testno = strtol(ptr, &ptr, 10); + req->testno = atol(ptr); if(req->testno > 10000) { req->partno = req->testno % 10000; @@ -430,6 +430,7 @@ static int sws_ProcessRequest(struct sws_httprequest *req) in the 'part' variable and use as test case number!! */ while(*p && (ISXDIGIT(*p) || (*p == ':') || (*p == '.'))) { char *endp; + /* !checksrc! disable BANNEDFUNC 1 */ part = strtoul(p, &endp, 16); if(ISXDIGIT(*p)) p = endp; @@ -449,11 +450,11 @@ static int sws_ProcessRequest(struct sws_httprequest *req) portp = strchr(doc, ':'); if(portp && (*(portp + 1) != '\0') && ISDIGIT(*(portp + 1))) { - unsigned long ulnum = strtoul(portp + 1, NULL, 10); - if(!ulnum || (ulnum > 65535UL)) + int inum = atoi(portp + 1); + if((inum <= 0) || (inum > 65535)) logmsg("Invalid CONNECT port received"); else - req->connect_port = util_ultous(ulnum); + req->connect_port = (unsigned short)inum; } logmsg("Port number: %d, test case number: %ld", @@ -490,7 +491,7 @@ static int sws_ProcessRequest(struct sws_httprequest *req) /* check for a Testno: header with the test case number */ char *testno = strstr(line, "\nTestno: "); if(testno) { - req->testno = strtol(&testno[9], NULL, 10); + req->testno = atol(&testno[9]); logmsg("Found test number %ld in Testno: header!", req->testno); } else { @@ -516,7 +517,7 @@ static int sws_ProcessRequest(struct sws_httprequest *req) while(*ptr && !ISDIGIT(*ptr)) ptr++; - req->testno = strtol(ptr, &ptr, 10); + req->testno = atol(ptr); if(req->testno > 10000) { req->partno = req->testno % 10000; @@ -2071,15 +2072,13 @@ static int test_sws(int argc, char *argv[]) else if(!strcmp("--port", argv[arg])) { arg++; if(argc > arg) { - char *endptr; - unsigned long ulnum = strtoul(argv[arg], &endptr, 10); - if((endptr != argv[arg] + strlen(argv[arg])) || - (ulnum && ((ulnum < 1025UL) || (ulnum > 65535UL)))) { + int inum = atoi(argv[arg]); + if(inum && ((inum < 1025) || (inum > 65535))) { fprintf(stderr, "sws: invalid --port argument (%s)\n", argv[arg]); return 0; } - port = util_ultous(ulnum); + port = (unsigned short)inum; arg++; } } @@ -2093,15 +2092,13 @@ static int test_sws(int argc, char *argv[]) else if(!strcmp("--keepalive", argv[arg])) { arg++; if(argc > arg) { - char *endptr; - unsigned long ulnum = strtoul(argv[arg], &endptr, 10); - if((endptr != argv[arg] + strlen(argv[arg])) || - (ulnum && (ulnum > 65535UL))) { + int inum = atoi(argv[arg]); + if(inum && (inum > 65535)) { fprintf(stderr, "sws: invalid --keepalive argument (%s), must " "be number of seconds\n", argv[arg]); return 0; } - keepalive_secs = util_ultous(ulnum); + keepalive_secs = (unsigned short)inum; arg++; } } diff --git a/tests/server/tftpd.c b/tests/server/tftpd.c index 193afac137..4c37685ab7 100644 --- a/tests/server/tftpd.c +++ b/tests/server/tftpd.c @@ -607,9 +607,7 @@ static int test_tftpd(int argc, char **argv) else if(!strcmp("--port", argv[arg])) { arg++; if(argc > arg) { - char *endptr; - unsigned long ulnum = strtoul(argv[arg], &endptr, 10); - port = util_ultous(ulnum); + port = (unsigned short)atol(argv[arg]); arg++; } } @@ -1100,7 +1098,7 @@ static int validate_access(struct testcase *test, ptr++; /* get the number */ - testno = strtol(ptr, &ptr, 10); + testno = atol(ptr); if(testno > 10000) { partno = testno % 10000; diff --git a/tests/server/util.c b/tests/server/util.c index 749e33003c..f4802745c8 100644 --- a/tests/server/util.c +++ b/tests/server/util.c @@ -133,7 +133,7 @@ void logmsg(const char *msg, ...) unsigned char byteval(char *value) { - unsigned long num = strtoul(value, NULL, 10); + unsigned int num = (unsigned int)atoi(value); return num & 0xff; } @@ -748,27 +748,6 @@ int bind_unix_socket(curl_socket_t sock, const char *unix_socket, } #endif -/* -** unsigned long to unsigned short -*/ -#define CURL_MASK_USHORT ((unsigned short)~0) -#define CURL_MASK_SSHORT (CURL_MASK_USHORT >> 1) - -unsigned short util_ultous(unsigned long ulnum) -{ -#ifdef __INTEL_COMPILER -# pragma warning(push) -# pragma warning(disable:810) /* conversion may lose significant bits */ -#endif - - DEBUGASSERT(ulnum <= (unsigned long) CURL_MASK_USHORT); - return (unsigned short)(ulnum & (unsigned long) CURL_MASK_USHORT); - -#ifdef __INTEL_COMPILER -# pragma warning(pop) -#endif -} - curl_socket_t sockdaemon(curl_socket_t sock, unsigned short *listenport, const char *unix_socket, From 4deea9396bc7dd25c6362fa746a57bf309c74ada Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 2 Oct 2025 16:01:15 +0200 Subject: [PATCH 0272/2408] tests: stop overriding system printf symbols To make the source code match the functions called at runtime. And to avoid the preprocessor trick that may introduces build issues. Before this patch, libtests, tunits and units were calling a mixture of curl and system printf calls, then transformed them all to curl printf calls by including `curl_printf.h`. Changes made: - tests: stop including `curl_printf.h`. - libtest: switch a couple of outlier system printf calls to curl printf. - unit: use more curl printf to avoid casts and show whole values. - unit: switch remaining calls to curl printf explicitly. - tunit: switch to call curl printf explicitly. - libtest, tunit, unit: ban system printf. - unit1307, unit1607, unit1609, unit1652, unit1655, unit3214: bump types/masks to avoid casts. After this patch: - libtests, tunits, units: use exclusively curl printf. (as before, but explicitly, without relying on redefinitions.) - servers: is unchanged (it can only use system printf). Closes #18814 --- REUSE.toml | 3 ++ tests/libtest/.checksrc | 8 +++++ tests/libtest/Makefile.am | 2 +- tests/libtest/first.h | 2 -- tests/libtest/lib1549.c | 4 +-- tests/tunit/.checksrc | 8 +++++ tests/tunit/Makefile.am | 2 +- tests/tunit/tool1394.c | 24 +++++++------- tests/tunit/tool1604.c | 55 ++++++++++++++++---------------- tests/tunit/tool1621.c | 5 +-- tests/unit/.checksrc | 8 +++++ tests/unit/Makefile.am | 2 +- tests/unit/unit1302.c | 26 +++++++-------- tests/unit/unit1307.c | 18 +++++------ tests/unit/unit1309.c | 14 ++++----- tests/unit/unit1323.c | 14 ++++----- tests/unit/unit1396.c | 4 +-- tests/unit/unit1607.c | 36 ++++++++++----------- tests/unit/unit1609.c | 28 ++++++++--------- tests/unit/unit1652.c | 8 ++--- tests/unit/unit1655.c | 4 +-- tests/unit/unit1658.c | 4 +-- tests/unit/unit1660.c | 4 +-- tests/unit/unit1664.c | 66 +++++++++++++++++++-------------------- tests/unit/unit2604.c | 14 ++++----- tests/unit/unit3214.c | 11 ++++--- 26 files changed, 200 insertions(+), 174 deletions(-) create mode 100644 tests/libtest/.checksrc create mode 100644 tests/tunit/.checksrc create mode 100644 tests/unit/.checksrc diff --git a/REUSE.toml b/REUSE.toml index 6e8a272e79..0d07c8b3e1 100644 --- a/REUSE.toml +++ b/REUSE.toml @@ -48,7 +48,10 @@ path = [ "lib/vssh/.checksrc", "lib/vtls/.checksrc", "src/.checksrc", + "tests/libtest/.checksrc", "tests/server/.checksrc", + "tests/tunit/.checksrc", + "tests/unit/.checksrc", ] SPDX-FileCopyrightText = "Daniel Stenberg, , et al." SPDX-License-Identifier = "curl" diff --git a/tests/libtest/.checksrc b/tests/libtest/.checksrc new file mode 100644 index 0000000000..a3f8f307e7 --- /dev/null +++ b/tests/libtest/.checksrc @@ -0,0 +1,8 @@ +banfunc aprintf +banfunc fprintf +banfunc msnprintf +banfunc mvsnprintf +banfunc printf +banfunc vaprintf +banfunc vfprintf +banfunc vprintf diff --git a/tests/libtest/Makefile.am b/tests/libtest/Makefile.am index b62a359eab..482e09d098 100644 --- a/tests/libtest/Makefile.am +++ b/tests/libtest/Makefile.am @@ -41,7 +41,7 @@ AM_CPPFLAGS = -I$(top_srcdir)/include \ # Get BUNDLE, FIRST_C, FIRST_H, UTILS_C, UTILS_H, CURLX_C, TESTS_C variables include Makefile.inc -EXTRA_DIST = CMakeLists.txt $(FIRST_C) $(FIRST_H) $(UTILS_C) $(UTILS_H) $(TESTS_C) \ +EXTRA_DIST = CMakeLists.txt .checksrc $(FIRST_C) $(FIRST_H) $(UTILS_C) $(UTILS_H) $(TESTS_C) \ test307.pl test610.pl test613.pl test1013.pl test1022.pl mk-lib1521.pl CFLAGS += @CURL_CFLAG_EXTRAS@ diff --git a/tests/libtest/first.h b/tests/libtest/first.h index 1592922e39..a902bdb8f0 100644 --- a/tests/libtest/first.h +++ b/tests/libtest/first.h @@ -52,8 +52,6 @@ extern int unitfail; /* for unittests */ #include #endif -#include "curl_printf.h" - /* GCC <4.6 does not support '#pragma GCC diagnostic push' and does not support 'pragma GCC diagnostic' inside functions. */ #if (defined(__GNUC__) && \ diff --git a/tests/libtest/lib1549.c b/tests/libtest/lib1549.c index b7bf010612..10d3183810 100644 --- a/tests/libtest/lib1549.c +++ b/tests/libtest/lib1549.c @@ -58,14 +58,14 @@ static CURLcode test_lib1549(const char *URL) /* a linked list of cookies in cookie file format */ struct curl_slist *each = cookies; while(each) { - printf("%s\n", each->data); + curl_mprintf("%s\n", each->data); each = each->next; num++; } /* we must free these cookies when we are done */ curl_slist_free_all(cookies); } - fprintf(stderr, "%d cookies\n", num); + curl_mfprintf(stderr, "%d cookies\n", num); } test_cleanup: diff --git a/tests/tunit/.checksrc b/tests/tunit/.checksrc new file mode 100644 index 0000000000..a3f8f307e7 --- /dev/null +++ b/tests/tunit/.checksrc @@ -0,0 +1,8 @@ +banfunc aprintf +banfunc fprintf +banfunc msnprintf +banfunc mvsnprintf +banfunc printf +banfunc vaprintf +banfunc vfprintf +banfunc vprintf diff --git a/tests/tunit/Makefile.am b/tests/tunit/Makefile.am index 219b7a1057..fea9d51152 100644 --- a/tests/tunit/Makefile.am +++ b/tests/tunit/Makefile.am @@ -43,7 +43,7 @@ AM_CPPFLAGS = -I$(top_srcdir)/include \ # Get BUNDLE, FIRST_C, TESTS_C variables include Makefile.inc -EXTRA_DIST = CMakeLists.txt README.md $(TESTS_C) +EXTRA_DIST = CMakeLists.txt .checksrc README.md $(TESTS_C) CFLAGS += @CURL_CFLAG_EXTRAS@ diff --git a/tests/tunit/tool1394.c b/tests/tunit/tool1394.c index 77a2021b0a..3a5256bae1 100644 --- a/tests/tunit/tool1394.c +++ b/tests/tunit/tool1394.c @@ -73,42 +73,42 @@ static CURLcode test_tool1394(const char *arg) if(p[1]) { if(certname) { if(strcmp(p[1], certname)) { - printf("expected certname '%s' but got '%s' " - "for -E param '%s'\n", p[1], certname, p[0]); + curl_mprintf("expected certname '%s' but got '%s' " + "for -E param '%s'\n", p[1], certname, p[0]); fail("assertion failure"); } } else { - printf("expected certname '%s' but got NULL " - "for -E param '%s'\n", p[1], p[0]); + curl_mprintf("expected certname '%s' but got NULL " + "for -E param '%s'\n", p[1], p[0]); fail("assertion failure"); } } else { if(certname) { - printf("expected certname NULL but got '%s' " - "for -E param '%s'\n", certname, p[0]); + curl_mprintf("expected certname NULL but got '%s' " + "for -E param '%s'\n", certname, p[0]); fail("assertion failure"); } } if(p[2]) { if(passphrase) { if(strcmp(p[2], passphrase)) { - printf("expected passphrase '%s' but got '%s'" - "for -E param '%s'\n", p[2], passphrase, p[0]); + curl_mprintf("expected passphrase '%s' but got '%s'" + "for -E param '%s'\n", p[2], passphrase, p[0]); fail("assertion failure"); } } else { - printf("expected passphrase '%s' but got NULL " - "for -E param '%s'\n", p[2], p[0]); + curl_mprintf("expected passphrase '%s' but got NULL " + "for -E param '%s'\n", p[2], p[0]); fail("assertion failure"); } } else { if(passphrase) { - printf("expected passphrase NULL but got '%s' " - "for -E param '%s'\n", passphrase, p[0]); + curl_mprintf("expected passphrase NULL but got '%s' " + "for -E param '%s'\n", passphrase, p[0]); fail("assertion failure"); } } diff --git a/tests/tunit/tool1604.c b/tests/tunit/tool1604.c index db7ed14124..3b6f006e7c 100644 --- a/tests/tunit/tool1604.c +++ b/tests/tunit/tool1604.c @@ -33,11 +33,11 @@ static char *getflagstr(int flags) { char *buf = malloc(256); if(buf) { - msnprintf(buf, 256, "%s,%s", - ((flags & SANITIZE_ALLOW_PATH) ? - "SANITIZE_ALLOW_PATH" : ""), - ((flags & SANITIZE_ALLOW_RESERVED) ? - "SANITIZE_ALLOW_RESERVED" : "")); + curl_msnprintf(buf, 256, "%s,%s", + ((flags & SANITIZE_ALLOW_PATH) ? + "SANITIZE_ALLOW_PATH" : ""), + ((flags & SANITIZE_ALLOW_RESERVED) ? + "SANITIZE_ALLOW_RESERVED" : "")); } return buf; } @@ -46,13 +46,12 @@ static char *getcurlcodestr(int cc) { char *buf = malloc(256); if(buf) { - msnprintf(buf, 256, "%s (%d)", - (cc == SANITIZE_ERR_OK ? "SANITIZE_ERR_OK" : - cc == SANITIZE_ERR_BAD_ARGUMENT ? "SANITIZE_ERR_BAD_ARGUMENT" : - cc == SANITIZE_ERR_INVALID_PATH ? "SANITIZE_ERR_INVALID_PATH" : - cc == SANITIZE_ERR_OUT_OF_MEMORY ? "SANITIZE_ERR_OUT_OF_MEMORY": - "unexpected error code - add name"), - cc); + curl_msnprintf(buf, 256, "%s (%d)", + (cc == SANITIZE_ERR_OK ? "SANITIZE_ERR_OK" : + cc == SANITIZE_ERR_BAD_ARGUMENT ? "SANITIZE_ERR_BAD_ARGUMENT" : + cc == SANITIZE_ERR_INVALID_PATH ? "SANITIZE_ERR_INVALID_PATH" : + cc == SANITIZE_ERR_OUT_OF_MEMORY ? "SANITIZE_ERR_OUT_OF_MEMORY" : + "unexpected error code - add name"), cc); } return buf; } @@ -225,21 +224,21 @@ static CURLcode test_tool1604(const char *arg) abort_unless(expected_ccstr, "out of memory"); unitfail++; - fprintf(stderr, "\n" - "%s:%d sanitize_file_name failed.\n" - "input: %s\n" - "flags: %s\n" - "output: %s\n" - "result: %s\n" - "expected output: %s\n" - "expected result: %s\n", - __FILE__, __LINE__, - data[i].input, - flagstr, - (output ? output : "(null)"), - received_ccstr, - (data[i].expected_output ? data[i].expected_output : "(null)"), - expected_ccstr); + curl_mfprintf(stderr, "\n" + "%s:%d sanitize_file_name failed.\n" + "input: %s\n" + "flags: %s\n" + "output: %s\n" + "result: %s\n" + "expected output: %s\n" + "expected result: %s\n", + __FILE__, __LINE__, + data[i].input, + flagstr, + output ? output : "(null)", + received_ccstr, + data[i].expected_output ? data[i].expected_output : "(null)", + expected_ccstr); free(output); free(flagstr); @@ -248,7 +247,7 @@ static CURLcode test_tool1604(const char *arg) } /* END sanitize_file_name */ #else - fprintf(stderr, "Skipped test not for this platform\n"); + curl_mfprintf(stderr, "Skipped test not for this platform\n"); #endif /* _WIN32 || MSDOS */ UNITTEST_END_SIMPLE diff --git a/tests/tunit/tool1621.c b/tests/tunit/tool1621.c index c7dfedddce..bb709cf39d 100644 --- a/tests/tunit/tool1621.c +++ b/tests/tunit/tool1621.c @@ -74,8 +74,9 @@ static CURLcode test_tool1621(const char *arg) const char *url = tests[i].input; char *stripped = stripcredentials(url); const char *strippedstr = stripped ? stripped : "(null)"; - printf("Test %u got input \"%s\", output: \"%s\", expected: \"%s\"\n", - i, tests[i].input, strippedstr, tests[i].output); + curl_mprintf("Test %u got input \"%s\", output: \"%s\", " + "expected: \"%s\"\n", + i, tests[i].input, strippedstr, tests[i].output); fail_if(strcmp(tests[i].output, strippedstr), tests[i].output); curl_free(stripped); diff --git a/tests/unit/.checksrc b/tests/unit/.checksrc new file mode 100644 index 0000000000..a3f8f307e7 --- /dev/null +++ b/tests/unit/.checksrc @@ -0,0 +1,8 @@ +banfunc aprintf +banfunc fprintf +banfunc msnprintf +banfunc mvsnprintf +banfunc printf +banfunc vaprintf +banfunc vfprintf +banfunc vprintf diff --git a/tests/unit/Makefile.am b/tests/unit/Makefile.am index 32c2f38955..1e9940f48a 100644 --- a/tests/unit/Makefile.am +++ b/tests/unit/Makefile.am @@ -42,7 +42,7 @@ AM_CPPFLAGS = -I$(top_srcdir)/include \ # Get BUNDLE, FIRST_C, TESTS_C variables include Makefile.inc -EXTRA_DIST = CMakeLists.txt README.md $(TESTS_C) +EXTRA_DIST = CMakeLists.txt .checksrc README.md $(TESTS_C) CFLAGS += @CURL_CFLAG_EXTRAS@ diff --git a/tests/unit/unit1302.c b/tests/unit/unit1302.c index a1676699f2..2c4404d727 100644 --- a/tests/unit/unit1302.c +++ b/tests/unit/unit1302.c @@ -137,7 +137,7 @@ static CURLcode test_unit1302(const char *arg) abort_unless(rc == CURLE_OK, "return code should be CURLE_OK"); abort_unless(olen == e->olen, "wrong output size"); if(memcmp(out, e->output, e->olen)) { - fprintf(stderr, "Test %u encoded badly\n", i); + curl_mfprintf(stderr, "Test %u encoded badly\n", i); unitfail++; } Curl_safefree(out); @@ -145,17 +145,17 @@ static CURLcode test_unit1302(const char *arg) /* then verify decode */ rc = curlx_base64_decode(e->output, &decoded, &dlen); if(rc != CURLE_OK) { - fprintf(stderr, "Test %u URL decode returned %d\n", i, (int)rc); + curl_mfprintf(stderr, "Test %u URL decode returned %d\n", i, (int)rc); unitfail++; } if(dlen != e->ilen) { - fprintf(stderr, "Test %u URL decode output length %d instead of %d\n", - i, (int)dlen, (int)e->ilen); + curl_mfprintf(stderr, "Test %u URL decode output length %zu " + "instead of %zu\n", i, dlen, e->ilen); unitfail++; } if(memcmp(decoded, e->input, dlen)) { - fprintf(stderr, "Test %u URL decoded badly. Got '%s', expected '%s'\n", - i, decoded, e->input); + curl_mfprintf(stderr, "Test %u URL decoded badly. Got '%s', " + "expected '%s'\n", i, decoded, e->input); unitfail++; } @@ -169,12 +169,12 @@ static CURLcode test_unit1302(const char *arg) rc = curlx_base64url_encode(e->input, e->ilen, &out, &olen); abort_unless(rc == CURLE_OK, "return code should be CURLE_OK"); if(olen != e->olen) { - fprintf(stderr, "Test %u URL encoded output length %d instead of %d\n", - i, (int)olen, (int)e->olen); + curl_mfprintf(stderr, "Test %u URL encoded output length %zu " + "instead of %zu\n", i, olen, e->olen); } if(out && memcmp(out, e->output, e->olen)) { - fprintf(stderr, "Test %u URL encoded badly. Got '%s', expected '%s'\n", - i, out, e->output); + curl_mfprintf(stderr, "Test %u URL encoded badly. Got '%s', " + "expected '%s'\n", i, out, e->output); unitfail++; } Curl_safefree(out); @@ -188,9 +188,9 @@ static CURLcode test_unit1302(const char *arg) /* then verify decode with illegal inputs */ rc = curlx_base64_decode(e->output, &decoded, &dlen); if(rc != CURLE_BAD_CONTENT_ENCODING) { - fprintf(stderr, "Test %u URL bad decoded badly. " - "Returned '%d', expected '%d'\n", - i, (int)rc, CURLE_BAD_CONTENT_ENCODING); + curl_mfprintf(stderr, "Test %u URL bad decoded badly. " + "Returned '%d', expected '%d'\n", + i, (int)rc, CURLE_BAD_CONTENT_ENCODING); unitfail++; } } diff --git a/tests/unit/unit1307.c b/tests/unit/unit1307.c index 6eb1d4826b..248adb99c2 100644 --- a/tests/unit/unit1307.c +++ b/tests/unit/unit1307.c @@ -264,7 +264,7 @@ static CURLcode test_unit1307(const char *arg) "a", NOMATCH|LINUX_FAIL} }; - int i; + size_t i; enum system { SYSTEM_CUSTOM, @@ -280,14 +280,14 @@ static CURLcode test_unit1307(const char *arg) #else machine = SYSTEM_LINUX; #endif - printf("Tested with system fnmatch(), %s-style\n", - machine == SYSTEM_LINUX ? "linux" : "mac"); + curl_mprintf("Tested with system fnmatch(), %s-style\n", + machine == SYSTEM_LINUX ? "linux" : "mac"); #else - printf("Tested with custom fnmatch()\n"); + curl_mprintf("Tested with custom fnmatch()\n"); machine = SYSTEM_CUSTOM; #endif - for(i = 0; i < (int)CURL_ARRAYSIZE(tests); i++) { + for(i = 0; i < CURL_ARRAYSIZE(tests); i++) { int result = tests[i].result; int rc = Curl_fnmatch(NULL, tests[i].pattern, tests[i].string); if(result & (LINUX_DIFFER|MAC_DIFFER)) { @@ -298,10 +298,10 @@ static CURLcode test_unit1307(const char *arg) result &= 0x03; /* filter off all high bits */ } if(rc != result) { - printf("Curl_fnmatch(\"%s\", \"%s\") should return %s (returns %s)" - " [%d]\n", - tests[i].pattern, tests[i].string, ret2name(result), - ret2name(rc), i); + curl_mprintf("Curl_fnmatch(\"%s\", \"%s\") should return %s (returns %s)" + " [%zu]\n", + tests[i].pattern, tests[i].string, ret2name(result), + ret2name(rc), i); fail("pattern mismatch"); } } diff --git a/tests/unit/unit1309.c b/tests/unit/unit1309.c index 35b38fd8b6..2e2af21f2c 100644 --- a/tests/unit/unit1309.c +++ b/tests/unit/unit1309.c @@ -36,10 +36,10 @@ static void splayprint(struct Curl_tree *t, int d, char output) splayprint(t->larger, d + 1, output); for(i = 0; i < d; i++) if(output) - printf(" "); + curl_mprintf(" "); if(output) { - printf("%ld.%ld[%d]", (long)t->key.tv_sec, (long)t->key.tv_usec, i); + curl_mprintf("%ld.%ld[%d]", (long)t->key.tv_sec, (long)t->key.tv_usec, i); } for(count = 0, node = t->samen; node != t; node = node->samen, count++) @@ -47,9 +47,9 @@ static void splayprint(struct Curl_tree *t, int d, char output) if(output) { if(count) - printf(" [%d more]\n", count); + curl_mprintf(" [%d more]\n", count); else - printf("\n"); + curl_mprintf("\n"); } splayprint(t->smaller, d + 1, output); @@ -86,14 +86,14 @@ static CURLcode test_unit1309(const char *arg) for(i = 0; i < NUM_NODES; i++) { int rem = (i + 7)%NUM_NODES; - printf("Tree look:\n"); + curl_mprintf("Tree look:\n"); splayprint(root, 0, 1); curl_mprintf("remove pointer %d, payload %zu\n", rem, *(size_t *)Curl_splayget(&nodes[rem])); rc = Curl_splayremove(root, &nodes[rem], &root); if(rc) { /* failed! */ - printf("remove %d failed!\n", rem); + curl_mprintf("remove %d failed!\n", rem); fail("remove"); } } @@ -117,7 +117,7 @@ static CURLcode test_unit1309(const char *arg) removed = NULL; for(i = 0; i <= 1100; i += 100) { - printf("Removing nodes not larger than %d\n", i); + curl_mprintf("Removing nodes not larger than %d\n", i); tv_now.tv_usec = i; root = Curl_splaygetbest(tv_now, root, &removed); while(removed) { diff --git a/tests/unit/unit1323.c b/tests/unit/unit1323.c index f53df89226..41d4fd31d3 100644 --- a/tests/unit/unit1323.c +++ b/tests/unit/unit1323.c @@ -45,13 +45,13 @@ static CURLcode test_unit1323(const char *arg) for(i = 0; i < CURL_ARRAYSIZE(tests); i++) { timediff_t result = curlx_timediff(tests[i].first, tests[i].second); if(result != tests[i].result) { - printf("%ld.%06u to %ld.%06u got %d, but expected %ld\n", - (long)tests[i].first.tv_sec, - tests[i].first.tv_usec, - (long)tests[i].second.tv_sec, - tests[i].second.tv_usec, - (int)result, - (long)tests[i].result); + curl_mprintf("%ld.%06u to %ld.%06u got %d, but expected %ld\n", + (long)tests[i].first.tv_sec, + tests[i].first.tv_usec, + (long)tests[i].second.tv_sec, + tests[i].second.tv_usec, + (int)result, + (long)tests[i].result); fail("unexpected result!"); } } diff --git a/tests/unit/unit1396.c b/tests/unit/unit1396.c index aa7ee93375..0b74afa84f 100644 --- a/tests/unit/unit1396.c +++ b/tests/unit/unit1396.c @@ -95,7 +95,7 @@ static CURLcode test_unit1396(const char *arg) fail_unless(!memcmp(out, list1[i].out, list1[i].outlen), "bad output data returned"); - printf("curl_easy_unescape test %d DONE\n", i); + curl_mprintf("curl_easy_unescape test %d DONE\n", i); curl_free(out); } @@ -110,7 +110,7 @@ static CURLcode test_unit1396(const char *arg) fail_unless(!memcmp(out, list2[i].out, list2[i].outlen), "bad output data returned"); - printf("curl_easy_escape test %d DONE (%s)\n", i, out); + curl_mprintf("curl_easy_escape test %d DONE (%s)\n", i, out); curl_free(out); } diff --git a/tests/unit/unit1607.c b/tests/unit/unit1607.c index ad0df33be8..dda6769782 100644 --- a/tests/unit/unit1607.c +++ b/tests/unit/unit1607.c @@ -102,14 +102,14 @@ static CURLcode test_unit1607(const char *arg) }, }; - int i; + size_t i; struct Curl_multi *multi = NULL; struct Curl_easy *easy = NULL; struct curl_slist *list = NULL; - for(i = 0; i < (int)CURL_ARRAYSIZE(tests); ++i) { - int j; - int addressnum = CURL_ARRAYSIZE(tests[i].address); + for(i = 0; i < CURL_ARRAYSIZE(tests); ++i) { + size_t j; + size_t addressnum = CURL_ARRAYSIZE(tests[i].address); struct Curl_addrinfo *addr; struct Curl_dns_entry *dns; void *entry_id; @@ -152,7 +152,7 @@ static CURLcode test_unit1607(const char *arg) if(addr && !Curl_addr2string(addr->ai_addr, addr->ai_addrlen, ipaddress, &port)) { - curl_mfprintf(stderr, "%s:%d tests[%d] failed. " + curl_mfprintf(stderr, "%s:%d tests[%zu] failed. " "getaddressinfo failed.\n", __FILE__, __LINE__, i); problem = true; @@ -160,24 +160,24 @@ static CURLcode test_unit1607(const char *arg) } if(addr && !tests[i].address[j]) { - curl_mfprintf(stderr, "%s:%d tests[%d] failed. the retrieved addr " - "is %s but tests[%d].address[%d] is NULL.\n", + curl_mfprintf(stderr, "%s:%d tests[%zu] failed. the retrieved addr " + "is %s but tests[%zu].address[%zu] is NULL.\n", __FILE__, __LINE__, i, ipaddress, i, j); problem = true; break; } if(!addr && tests[i].address[j]) { - curl_mfprintf(stderr, "%s:%d tests[%d] failed. the retrieved addr " - "is NULL but tests[%d].address[%d] is %s.\n", + curl_mfprintf(stderr, "%s:%d tests[%zu] failed. the retrieved addr " + "is NULL but tests[%zu].address[%zu] is %s.\n", __FILE__, __LINE__, i, i, j, tests[i].address[j]); problem = true; break; } if(!curl_strequal(ipaddress, tests[i].address[j])) { - curl_mfprintf(stderr, "%s:%d tests[%d] failed. the retrieved addr " - "%s is not equal to tests[%d].address[%d] %s.\n", + curl_mfprintf(stderr, "%s:%d tests[%zu] failed. the retrieved addr " + "%s is not equal to tests[%zu].address[%zu] %s.\n", __FILE__, __LINE__, i, ipaddress, i, j, tests[i].address[j]); problem = true; @@ -185,9 +185,9 @@ static CURLcode test_unit1607(const char *arg) } if(port != tests[i].port) { - curl_mfprintf(stderr, "%s:%d tests[%d] failed. the retrieved port " - "for tests[%d].address[%d] is %d " - "but tests[%d].port is %d.\n", + curl_mfprintf(stderr, "%s:%d tests[%zu] failed. the retrieved port " + "for tests[%zu].address[%zu] is %d " + "but tests[%zu].port is %d.\n", __FILE__, __LINE__, i, i, j, port, i, tests[i].port); problem = true; break; @@ -195,16 +195,16 @@ static CURLcode test_unit1607(const char *arg) if(dns->timestamp.tv_sec && tests[i].permanent) { curl_mfprintf(stderr, - "%s:%d tests[%d] failed. the timestamp is not zero " - "but tests[%d].permanent is TRUE\n", + "%s:%d tests[%zu] failed. the timestamp is not zero " + "but tests[%zu].permanent is TRUE\n", __FILE__, __LINE__, i, i); problem = true; break; } if(dns->timestamp.tv_sec == 0 && !tests[i].permanent) { - curl_mfprintf(stderr, "%s:%d tests[%d] failed. the timestamp is zero " - "but tests[%d].permanent is FALSE\n", + curl_mfprintf(stderr, "%s:%d tests[%zu] failed. the timestamp is zero " + "but tests[%zu].permanent is FALSE\n", __FILE__, __LINE__, i, i); problem = true; break; diff --git a/tests/unit/unit1609.c b/tests/unit/unit1609.c index 4485c3f046..26934d89bf 100644 --- a/tests/unit/unit1609.c +++ b/tests/unit/unit1609.c @@ -94,7 +94,7 @@ static CURLcode test_unit1609(const char *arg) }, }; - int i; + size_t i; struct Curl_multi *multi = NULL; struct Curl_easy *easy = NULL; struct curl_slist *list = NULL; @@ -103,9 +103,9 @@ static CURLcode test_unit1609(const char *arg) and also clean cache after the loop. In contrast,for example, test 1607 sets up and cleans cache on each iteration. */ - for(i = 0; i < (int)CURL_ARRAYSIZE(tests); ++i) { - int j; - int addressnum = CURL_ARRAYSIZE(tests[i].address); + for(i = 0; i < CURL_ARRAYSIZE(tests); ++i) { + size_t j; + size_t addressnum = CURL_ARRAYSIZE(tests[i].address); struct Curl_addrinfo *addr; struct Curl_dns_entry *dns; void *entry_id; @@ -152,31 +152,31 @@ static CURLcode test_unit1609(const char *arg) if(addr && !Curl_addr2string(addr->ai_addr, addr->ai_addrlen, ipaddress, &port)) { curl_mfprintf(stderr, - "%s:%d tests[%d] failed. Curl_addr2string failed.\n", + "%s:%d tests[%zu] failed. Curl_addr2string failed.\n", __FILE__, __LINE__, i); problem = true; break; } if(addr && !tests[i].address[j]) { - curl_mfprintf(stderr, "%s:%d tests[%d] failed. the retrieved addr " - "is %s but tests[%d].address[%d] is NULL.\n", + curl_mfprintf(stderr, "%s:%d tests[%zu] failed. the retrieved addr " + "is %s but tests[%zu].address[%zu] is NULL.\n", __FILE__, __LINE__, i, ipaddress, i, j); problem = true; break; } if(!addr && tests[i].address[j]) { - curl_mfprintf(stderr, "%s:%d tests[%d] failed. the retrieved addr " - "is NULL but tests[%d].address[%d] is %s.\n", + curl_mfprintf(stderr, "%s:%d tests[%zu] failed. the retrieved addr " + "is NULL but tests[%zu].address[%zu] is %s.\n", __FILE__, __LINE__, i, i, j, tests[i].address[j]); problem = true; break; } if(!curl_strequal(ipaddress, tests[i].address[j])) { - curl_mfprintf(stderr, "%s:%d tests[%d] failed. the retrieved addr " - "%s is not equal to tests[%d].address[%d] %s.\n", + curl_mfprintf(stderr, "%s:%d tests[%zu] failed. the retrieved addr " + "%s is not equal to tests[%zu].address[%zu] %s.\n", __FILE__, __LINE__, i, ipaddress, i, j, tests[i].address[j]); problem = true; @@ -184,9 +184,9 @@ static CURLcode test_unit1609(const char *arg) } if(port != tests[i].port) { - curl_mfprintf(stderr, "%s:%d tests[%d] failed. the retrieved port " - "for tests[%d].address[%d] is %d " - "but tests[%d].port is %d.\n", + curl_mfprintf(stderr, "%s:%d tests[%zu] failed. the retrieved port " + "for tests[%zu].address[%zu] is %d " + "but tests[%zu].port is %d.\n", __FILE__, __LINE__, i, i, j, port, i, tests[i].port); problem = true; break; diff --git a/tests/unit/unit1652.c b/tests/unit/unit1652.c index ad3014edca..0b3337f688 100644 --- a/tests/unit/unit1652.c +++ b/tests/unit/unit1652.c @@ -124,7 +124,7 @@ static CURLcode test_unit1652(const char *arg) memset(input, '\0', sizeof(input)); memset(input, 'A', 2045); Curl_infof(easy, "%s", input); - fprintf(stderr, "output len %d: %s", (int)strlen(output), output); + curl_mfprintf(stderr, "output len %zu: %s", strlen(output), output); /* output is input + \n */ fail_unless(strlen(output) == 2046, "No truncation of infof input"); fail_unless(verify(output, input) == 0, "No truncation of infof input"); @@ -134,7 +134,7 @@ static CURLcode test_unit1652(const char *arg) /* Just over the limit without newline for truncation via '...' */ memset(input + 2045, 'A', 4); Curl_infof(easy, "%s", input); - fprintf(stderr, "output len %d: %s", (int)strlen(output), output); + curl_mfprintf(stderr, "output len %zu: %s", strlen(output), output); fail_unless(strlen(output) == 2047, "Truncation of infof input 1"); fail_unless(output[sizeof(output) - 1] == '\0', "Truncation of infof input 1"); @@ -143,7 +143,7 @@ static CURLcode test_unit1652(const char *arg) memset(input + 2045, 'A', 4); memset(input + 2045 + 4, '\n', 1); Curl_infof(easy, "%s", input); - fprintf(stderr, "output len %d: %s", (int)strlen(output), output); + curl_mfprintf(stderr, "output len %zu: %s", strlen(output), output); fail_unless(strlen(output) == 2047, "Truncation of infof input 2"); fail_unless(output[sizeof(output) - 1] == '\0', "Truncation of infof input 2"); @@ -152,7 +152,7 @@ static CURLcode test_unit1652(const char *arg) memset(input, '\0', sizeof(input)); memset(input, 'A', sizeof(input) - 1); Curl_infof(easy, "%s", input); - fprintf(stderr, "output len %d: %s", (int)strlen(output), output); + curl_mfprintf(stderr, "output len %zu: %s", strlen(output), output); fail_unless(strlen(output) == 2047, "Truncation of infof input 3"); fail_unless(output[sizeof(output) - 1] == '\0', "Truncation of infof input 3"); diff --git a/tests/unit/unit1655.c b/tests/unit/unit1655.c index a22e087271..8b49fb32f8 100644 --- a/tests/unit/unit1655.c +++ b/tests/unit/unit1655.c @@ -67,7 +67,7 @@ static CURLcode test_unit1655(const char *arg) "this.is.an.otherwise-valid.hostname." "with-a-label-of-greater-length-than-the-sixty-three-characters-" "specified.in.the.RFCs."; - int i; + size_t i; struct test { const char *name; @@ -89,7 +89,7 @@ static CURLcode test_unit1655(const char *arg) { max, DOH_OK } /* expect buffer overwrite */ }; - for(i = 0; i < (int)(CURL_ARRAYSIZE(playlist)); i++) { + for(i = 0; i < CURL_ARRAYSIZE(playlist); i++) { const char *name = playlist[i].name; size_t olen = 100000; struct demo victim; diff --git a/tests/unit/unit1658.c b/tests/unit/unit1658.c index 0a6a2e71c1..6db1043092 100644 --- a/tests/unit/unit1658.c +++ b/tests/unit/unit1658.c @@ -514,7 +514,7 @@ static CURLcode test_unit1658(const char *arg) for(i = 0; i < CURL_ARRAYSIZE(t); i++) { struct Curl_https_rrinfo *hrr; - printf("test %i: %s\n", i, t[i].name); + curl_mprintf("test %u: %s\n", i, t[i].name); result = doh_resp_decode_httpsrr(easy, t[i].dns, t[i].len, &hrr); @@ -523,7 +523,7 @@ static CURLcode test_unit1658(const char *arg) /* is the output the expected? */ if(strcmp(rrbuffer, t[i].expect)) { - curl_mfprintf(stderr, "Test %s (%i) failed\n" + curl_mfprintf(stderr, "Test %s (%u) failed\n" "Expected: %s\n" "Received: %s\n", t[i].name, i, t[i].expect, rrbuffer); unitfail++; diff --git a/tests/unit/unit1660.c b/tests/unit/unit1660.c index 5c66b1831c..e74285d74e 100644 --- a/tests/unit/unit1660.c +++ b/tests/unit/unit1660.c @@ -38,7 +38,7 @@ static CURLcode test_unit1660(const char *arg) static void showsts(struct stsentry *e, const char *chost) { if(!e) - printf("'%s' is not HSTS\n", chost); + curl_mprintf("'%s' is not HSTS\n", chost); else { curl_mprintf("%s [%s]: %" CURL_FORMAT_CURL_OFF_T "%s\n", chost, e->host, e->expires, @@ -141,7 +141,7 @@ static CURLcode test_unit1660(const char *arg) continue; } else if(result) { - printf("Input %u: error %d\n", i, (int) result); + curl_mprintf("Input %u: error %d\n", i, (int) result); continue; } } diff --git a/tests/unit/unit1664.c b/tests/unit/unit1664.c index 72ae49676b..773bd8d386 100644 --- a/tests/unit/unit1664.c +++ b/tests/unit/unit1664.c @@ -57,26 +57,26 @@ static CURLcode test_unit1664(const char *arg) }; int i; - printf("curlx_str_word\n"); + curl_mprintf("curlx_str_word\n"); for(i = 0; wordparse[i]; i++) { struct Curl_str out; const char *line = wordparse[i]; const char *orgline = line; int rc = curlx_str_word(&line, &out, 7); - printf("%u: (\"%s\") %d, \"%.*s\" [%d], line %d\n", - i, orgline, rc, (int)out.len, out.str, (int)out.len, - (int)(line - orgline)); + curl_mprintf("%u: (\"%s\") %d, \"%.*s\" [%d], line %d\n", + i, orgline, rc, (int)out.len, out.str, (int)out.len, + (int)(line - orgline)); } - printf("curlx_str_until\n"); + curl_mprintf("curlx_str_until\n"); for(i = 0; wordparse[i]; i++) { struct Curl_str out; const char *line = wordparse[i]; const char *orgline = line; int rc = curlx_str_until(&line, &out, 7, 'd'); - printf("%u: (\"%s\") %d, \"%.*s\" [%d], line %d\n", - i, orgline, rc, (int)out.len, out.str, (int)out.len, - (int)(line - orgline)); + curl_mprintf("%u: (\"%s\") %d, \"%.*s\" [%d], line %d\n", + i, orgline, rc, (int)out.len, out.str, (int)out.len, + (int)(line - orgline)); } { @@ -96,15 +96,15 @@ static CURLcode test_unit1664(const char *arg) NULL }; - printf("curlx_str_quotedword\n"); + curl_mprintf("curlx_str_quotedword\n"); for(i = 0; qwords[i]; i++) { struct Curl_str out; const char *line = qwords[i]; const char *orgline = line; int rc = curlx_str_quotedword(&line, &out, 7); - printf("%u: (\"%s\") %d, \"%.*s\" [%d], line %d\n", - i, orgline, rc, (int)out.len, out.str, (int)out.len, - (int)(line - orgline)); + curl_mprintf("%u: (\"%s\") %d, \"%.*s\" [%d], line %d\n", + i, orgline, rc, (int)out.len, out.str, (int)out.len, + (int)(line - orgline)); } } @@ -119,13 +119,13 @@ static CURLcode test_unit1664(const char *arg) "", NULL }; - printf("curlx_str_single\n"); + curl_mprintf("curlx_str_single\n"); for(i = 0; single[i]; i++) { const char *line = single[i]; const char *orgline = line; int rc = curlx_str_single(&line, 'a'); - printf("%u: (\"%s\") %d, line %d\n", - i, orgline, rc, (int)(line - orgline)); + curl_mprintf("%u: (\"%s\") %d, line %d\n", + i, orgline, rc, (int)(line - orgline)); } } { @@ -141,13 +141,13 @@ static CURLcode test_unit1664(const char *arg) "", NULL }; - printf("curlx_str_singlespace\n"); + curl_mprintf("curlx_str_singlespace\n"); for(i = 0; single[i]; i++) { const char *line = single[i]; const char *orgline = line; int rc = curlx_str_singlespace(&line); - printf("%u: (\"%s\") %d, line %d\n", - i, orgline, rc, (int)(line - orgline)); + curl_mprintf("%u: (\"%s\") %d, line %d\n", + i, orgline, rc, (int)(line - orgline)); } } @@ -162,13 +162,13 @@ static CURLcode test_unit1664(const char *arg) "", NULL }; - printf("curlx_str_single\n"); + curl_mprintf("curlx_str_single\n"); for(i = 0; single[i]; i++) { const char *line = single[i]; const char *orgline = line; int rc = curlx_str_single(&line, 'a'); - printf("%u: (\"%s\") %d, line %d\n", - i, orgline, rc, (int)(line - orgline)); + curl_mprintf("%u: (\"%s\") %d, line %d\n", + i, orgline, rc, (int)(line - orgline)); } } { @@ -187,14 +187,14 @@ static CURLcode test_unit1664(const char *arg) "", NULL }; - printf("curlx_str_number\n"); + curl_mprintf("curlx_str_number\n"); for(i = 0; nums[i]; i++) { curl_off_t num; const char *line = nums[i]; const char *orgline = line; int rc = curlx_str_number(&line, &num, 1235); - printf("%u: (\"%s\") %d, [%u] line %d\n", - i, orgline, rc, (int)num, (int)(line - orgline)); + curl_mprintf("%u: (\"%s\") %d, [%u] line %d\n", + i, orgline, rc, (int)num, (int)(line - orgline)); } } @@ -219,7 +219,7 @@ static CURLcode test_unit1664(const char *arg) { "12", 10}, {NULL, 0} }; - printf("curlx_str_number varying max\n"); + curl_mprintf("curlx_str_number varying max\n"); for(i = 0; nums[i].str; i++) { curl_off_t num; const char *line = nums[i].str; @@ -259,7 +259,7 @@ static CURLcode test_unit1664(const char *arg) { "12", 16}, {NULL, 0} }; - printf("curlx_str_hex varying max\n"); + curl_mprintf("curlx_str_hex varying max\n"); for(i = 0; nums[i].str; i++) { curl_off_t num; const char *line = nums[i].str; @@ -294,7 +294,7 @@ static CURLcode test_unit1664(const char *arg) { "8", 10}, {NULL, 0} }; - printf("curlx_str_octal varying max\n"); + curl_mprintf("curlx_str_octal varying max\n"); for(i = 0; nums[i].str; i++) { curl_off_t num; const char *line = nums[i].str; @@ -330,7 +330,7 @@ static CURLcode test_unit1664(const char *arg) "999999999999999999", NULL }; - printf("curlx_str_number / max\n"); + curl_mprintf("curlx_str_number / max\n"); for(i = 0; nums[i]; i++) { curl_off_t num; const char *line = nums[i]; @@ -356,7 +356,7 @@ static CURLcode test_unit1664(const char *arg) "", NULL }; - printf("curlx_str_newline\n"); + curl_mprintf("curlx_str_newline\n"); for(i = 0; newl[i]; i++) { const char *line = newl[i]; const char *orgline = line; @@ -382,7 +382,7 @@ static CURLcode test_unit1664(const char *arg) "", NULL }; - printf("curlx_str_hex\n"); + curl_mprintf("curlx_str_hex\n"); for(i = 0; nums[i]; i++) { curl_off_t num; const char *line = nums[i]; @@ -409,7 +409,7 @@ static CURLcode test_unit1664(const char *arg) "", NULL }; - printf("curlx_str_octal\n"); + curl_mprintf("curlx_str_octal\n"); for(i = 0; nums[i]; i++) { curl_off_t num; const char *line = nums[i]; @@ -433,7 +433,7 @@ static CURLcode test_unit1664(const char *arg) "666666666666666666666", NULL }; - printf("curlx_str_octal / max\n"); + curl_mprintf("curlx_str_octal / max\n"); for(i = 0; nums[i]; i++) { curl_off_t num; const char *line = nums[i]; @@ -469,7 +469,7 @@ static CURLcode test_unit1664(const char *arg) "ABCDEF", NULL }; - printf("curlx_str_hex / max\n"); + curl_mprintf("curlx_str_hex / max\n"); for(i = 0; nums[i]; i++) { curl_off_t num; const char *line = nums[i]; diff --git a/tests/unit/unit2604.c b/tests/unit/unit2604.c index 9111edafb8..3d57f16c8f 100644 --- a/tests/unit/unit2604.c +++ b/tests/unit/unit2604.c @@ -83,21 +83,21 @@ static CURLcode test_unit2604(const char *arg) char *path; const char *cp = i == 0 ? cp0 : list[i].cp; CURLcode result = Curl_get_pathname(&cp, &path, list[i].home); - printf("%u - Curl_get_pathname(\"%s\", ... \"%s\") == %u\n", i, - list[i].cp, list[i].home, list[i].result); + curl_mprintf("%u - Curl_get_pathname(\"%s\", ... \"%s\") == %u\n", i, + list[i].cp, list[i].home, list[i].result); if(result != list[i].result) { - printf("... returned %d\n", result); + curl_mprintf("... returned %d\n", result); unitfail++; } if(!result) { if(cp && strcmp(cp, list[i].next)) { - printf("... cp points to '%s', not '%s' as expected \n", - cp, list[i].next); + curl_mprintf("... cp points to '%s', not '%s' as expected \n", + cp, list[i].next); unitfail++; } if(path && strcmp(path, list[i].expect)) { - printf("... gave '%s', not '%s' as expected \n", - path, list[i].expect); + curl_mprintf("... gave '%s', not '%s' as expected \n", + path, list[i].expect); unitfail++; } curl_free(path); diff --git a/tests/unit/unit3214.c b/tests/unit/unit3214.c index 34549fc296..08ce6fff39 100644 --- a/tests/unit/unit3214.c +++ b/tests/unit/unit3214.c @@ -28,14 +28,15 @@ static void checksize(const char *name, size_t size, size_t allowed) { if(size > allowed) { - fprintf(stderr, "BAD: struct %s is %d bytes, allowed to be %d", - name, (int)size, (int)allowed); - fprintf(stderr, ": %d bytes too big\n", (int)(size - allowed)); + curl_mfprintf(stderr, "BAD: struct %s is %zu bytes, " + "allowed to be %zu: %zu bytes too big\n", + name, size, allowed, size - allowed); unitfail++; } else { - printf("FINE: struct %s is %d bytes, allowed %d (margin: %d bytes)\n", - name, (int)size, (int)allowed, (int)(allowed - size)); + curl_mprintf("FINE: struct %s is %zu bytes, " + "allowed %zu (margin: %zu bytes)\n", + name, size, allowed, allowed - size); } } From c9edc26afedefc9ce338a72910b8bd9616e8ebca Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 4 Oct 2025 03:11:09 +0200 Subject: [PATCH 0273/2408] lib: drop unused include and duplicate guards Closes #18839 --- lib/curlx/winapi.c | 8 +------- lib/strerror.c | 4 ---- 2 files changed, 1 insertion(+), 11 deletions(-) diff --git a/lib/curlx/winapi.c b/lib/curlx/winapi.c index 6069424bec..7e3d1aa9ca 100644 --- a/lib/curlx/winapi.c +++ b/lib/curlx/winapi.c @@ -38,14 +38,13 @@ /* adjust for old MSVC */ #if defined(_MSC_VER) && (_MSC_VER < 1900) -# define SNPRINTF _snprintf +#define SNPRINTF _snprintf #else #define SNPRINTF snprintf #endif #endif /* !BUILDING_LIBCURL */ -#ifdef _WIN32 /* This is a helper function for Curl_strerror that converts Windows API error * codes (GetLastError) to error messages. * Returns NULL if no error message was found for error code. @@ -86,13 +85,10 @@ const char *curlx_get_winapi_error(int err, char *buf, size_t buflen) return *buf ? buf : NULL; } -#endif /* _WIN32 */ const char *curlx_winapi_strerror(DWORD err, char *buf, size_t buflen) { -#ifdef _WIN32 DWORD old_win_err = GetLastError(); -#endif int old_errno = errno; if(!buflen) @@ -125,10 +121,8 @@ const char *curlx_winapi_strerror(DWORD err, char *buf, size_t buflen) if(errno != old_errno) CURL_SETERRNO(old_errno); -#ifdef _WIN32 if(old_win_err != GetLastError()) SetLastError(old_win_err); -#endif return buf; } diff --git a/lib/strerror.c b/lib/strerror.c index f0f36ed1b7..cf0876564f 100644 --- a/lib/strerror.c +++ b/lib/strerror.c @@ -34,10 +34,6 @@ #include -#ifdef USE_LIBIDN2 -#include -#endif - #ifdef USE_WINDOWS_SSPI #include "curl_sspi.h" #endif From 56026dae0245841380a5d96093e4451cfd77e0d7 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 4 Oct 2025 04:12:17 +0200 Subject: [PATCH 0274/2408] openssl: fix build for v1.0.2 ``` lib/vtls/openssl.c: In function 'asn1_object_dump': lib/vtls/openssl.c:299:42: error: passing argument 3 of 'i2t_ASN1_OBJECT' discards 'const' qualifier from pointer target type [-Werror=discarded-qualifiers] 299 | int i = i2t_ASN1_OBJECT(buf, (int)len, a); | ^ In file included from /home/runner/djgpp/include/openssl/objects.h:965, from /home/runner/djgpp/include/openssl/evp.h:94, from /home/runner/djgpp/include/openssl/x509.h:73, from /home/runner/djgpp/include/openssl/ssl.h:156, from lib/curl_ntlm_core.c:71, from bld/lib/CMakeFiles/libcurl_static.dir/Unity/unity_0_c.c:88: /home/runner/djgpp/include/openssl/asn1.h:921:58: note: expected 'ASN1_OBJECT *' {aka 'struct asn1_object_st *'} but argument is of type 'const ASN1_OBJECT *' {aka 'const struct asn1_object_st *'} 921 | int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a); | ~~~~~~~~~~~~~^ ``` Ref: https://github.com/curl/curl/actions/runs/18236773678/job/51931937131?pr=18039 Follow-up to bb46d42407cd0503a9c499b4646af594a4db4947 #18647 Closes #18841 --- lib/vtls/openssl.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 193723b649..fd5529f5ab 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -296,7 +296,12 @@ do { \ static int asn1_object_dump(const ASN1_OBJECT *a, char *buf, size_t len) { - int i = i2t_ASN1_OBJECT(buf, (int)len, a); + int i; +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + i = i2t_ASN1_OBJECT(buf, (int)len, a); +#else + i = i2t_ASN1_OBJECT(buf, (int)len, CURL_UNCONST(a)); +#endif return (i >= (int)len); /* buffer too small */ } From ed1e72143a08ede124ae93b43c803609f967fdcb Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 4 Oct 2025 04:51:19 +0200 Subject: [PATCH 0275/2408] examples: drop unused `curl/mprintf.h` includes Follow-up to 45438c8d6f8e70385d66c029568524e9e803c539 #18823 Closes #18842 --- docs/examples/cookie_interface.c | 1 - docs/examples/http2-download.c | 1 - docs/examples/http2-serverpush.c | 1 - docs/examples/http2-upload.c | 1 - 4 files changed, 4 deletions(-) diff --git a/docs/examples/cookie_interface.c b/docs/examples/cookie_interface.c index 113429bbda..cb68977121 100644 --- a/docs/examples/cookie_interface.c +++ b/docs/examples/cookie_interface.c @@ -32,7 +32,6 @@ #include #include -#include #if defined(_MSC_VER) && (_MSC_VER < 1900) #define snprintf _snprintf diff --git a/docs/examples/http2-download.c b/docs/examples/http2-download.c index 68c4f45629..a524cac27f 100644 --- a/docs/examples/http2-download.c +++ b/docs/examples/http2-download.c @@ -36,7 +36,6 @@ /* curl stuff */ #include -#include #if defined(_MSC_VER) && (_MSC_VER < 1900) #define snprintf _snprintf diff --git a/docs/examples/http2-serverpush.c b/docs/examples/http2-serverpush.c index 734d35beb7..cea54e3af1 100644 --- a/docs/examples/http2-serverpush.c +++ b/docs/examples/http2-serverpush.c @@ -31,7 +31,6 @@ /* curl stuff */ #include -#include #if defined(_MSC_VER) && (_MSC_VER < 1900) #define snprintf _snprintf diff --git a/docs/examples/http2-upload.c b/docs/examples/http2-upload.c index dc474cc549..9508da694b 100644 --- a/docs/examples/http2-upload.c +++ b/docs/examples/http2-upload.c @@ -54,7 +54,6 @@ /* curl stuff */ #include -#include #ifndef CURLPIPE_MULTIPLEX /* This little trick makes sure that we do not enable pipelining for libcurls From 4535532ed36d2129b107ab357262072f82c2b34a Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 4 Oct 2025 04:33:49 +0200 Subject: [PATCH 0276/2408] examples: fix two build issues surfaced with WinCE Both may apply to rare non-WinCE Windows builds too. - fix gcc 4.4.0 preprocessor error: ``` docs/examples/http2-upload.c:43:8: error: "_MSC_VER" is not defined ``` Ref: https://github.com/curl/curl/actions/runs/18238150607/job/51935502616 - fix wrong header order: Inlcude `windows.h` after `winsock2.h` via `curl/curl.h`. Regressions from 45438c8d6f8e70385d66c029568524e9e803c539 #18823 Closes #18843 --- docs/examples/http2-upload.c | 6 ++++-- docs/examples/synctime.c | 3 ++- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/docs/examples/http2-upload.c b/docs/examples/http2-upload.c index 9508da694b..a22161d76d 100644 --- a/docs/examples/http2-upload.c +++ b/docs/examples/http2-upload.c @@ -40,8 +40,6 @@ #ifndef _MSC_VER #include #include -#elif (_MSC_VER < 1900) -#define snprintf _snprintf #endif #ifdef _WIN32 @@ -52,6 +50,10 @@ #define fileno _fileno #endif +#if defined(_MSC_VER) && (_MSC_VER < 1900) +#define snprintf _snprintf +#endif + /* curl stuff */ #include diff --git a/docs/examples/synctime.c b/docs/examples/synctime.c index dd21082446..d8264d012e 100644 --- a/docs/examples/synctime.c +++ b/docs/examples/synctime.c @@ -90,11 +90,12 @@ int main(void) { printf("Platform not supported.\n"); return 1; } int main(void) { printf("Platform not supported.\n"); return 1; } #else -#include #include #include +#include + #if defined(_MSC_VER) && (_MSC_VER < 1900) #define snprintf _snprintf #endif From c96bf36557ea2302e4cb838ee1e4bb9827fecee7 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 3 Oct 2025 16:40:28 +0200 Subject: [PATCH 0277/2408] GHA: drop quictls 3.3.0 builds in favor of openssl 3.5+ - http3-linux: move local nghttpx (nghttp2) build to openssl (from quictls). Also tried LibreSSL, but it made some HTTP/2 tests fails. - http3-linux: drop quictls ngtcp2 build. - http3-linux: build local openssl with `no-deprecated`. (previously tested in the quictls local build.) - http3-linux: explicitly disable LDAP in cmake openssl jobs. cmake builds auto-detect OpenLDAP (autotools don't), and when enabled, linking curl fails because system `libsasl.so` requires MD5 openssl functions, which are missing from openssl no-deprecated builds. - macos: move options tested in quictls jobs to other ones. - linux: drop unused quictls local build. (it was used for msh3.) Follow-up to 91138b014d960d2ef6ce9cd0ca237d0220b2458d #17729 - renovate: drop quictls bump detection. Closes #18833 --- .github/workflows/http3-linux.yml | 89 +++++++------------------------ .github/workflows/linux.yml | 21 -------- .github/workflows/macos.yml | 17 ++---- renovate.json | 14 ----- 4 files changed, 25 insertions(+), 116 deletions(-) diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index c14a640097..3d0fec9efb 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -41,8 +41,6 @@ env: CURL_CI: github # handled in renovate.json OPENSSL_VERSION: 3.6.0 - # handled in renovate.json - QUICTLS_VERSION: 3.3.0 # renovate: datasource=github-tags depName=libressl/portable versioning=semver registryUrl=https://github.com LIBRESSL_VERSION: 4.1.1 # renovate: datasource=github-tags depName=awslabs/aws-lc versioning=semver registryUrl=https://github.com @@ -70,12 +68,12 @@ jobs: steps: - name: 'cache openssl' uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 - id: cache-openssl-http3 + id: cache-openssl-http3-no-deprecated env: - cache-name: cache-openssl-http3 + cache-name: cache-openssl-http3-no-deprecated with: path: ~/openssl/build - key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.OPENSSL_VERSION }} + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.OPENSSL_VERSION }}-no-deprecated - name: 'cache libressl' uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 @@ -104,15 +102,6 @@ jobs: path: ~/boringssl/build key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.BORINGSSL_VERSION }} - - name: 'cache quictls' - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 - id: cache-quictls-no-deprecated - env: - cache-name: cache-quictls-no-deprecated - with: - path: ~/quictls/build - key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.QUICTLS_VERSION }}-quic1 - - name: 'cache gnutls' uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-gnutls @@ -147,7 +136,7 @@ jobs: cache-name: cache-ngtcp2 with: path: ~/ngtcp2/build - key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.OPENSSL_VERSION }}-${{ env.LIBRESSL_VERSION }}-${{ env.AWSLC_VERSION }}-${{ env.QUICTLS_VERSION }}-${{ env.GNUTLS_VERSION }}-${{ env.WOLFSSL_VERSION }} + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.OPENSSL_VERSION }}-${{ env.LIBRESSL_VERSION }}-${{ env.AWSLC_VERSION }}-${{ env.GNUTLS_VERSION }}-${{ env.WOLFSSL_VERSION }} - name: 'cache ngtcp2 boringssl' uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 @@ -165,15 +154,14 @@ jobs: cache-name: cache-nghttp2 with: path: ~/nghttp2/build - key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGHTTP2_VERSION }}-${{ env.QUICTLS_VERSION }}-${{ env.NGTCP2_VERSION }}-${{ env.NGHTTP3_VERSION }} + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGHTTP2_VERSION }}-${{ env.OPENSSL_VERSION }}-${{ env.NGTCP2_VERSION }}-${{ env.NGHTTP3_VERSION }} - id: settings if: >- - ${{ steps.cache-openssl-http3.outputs.cache-hit != 'true' || + ${{ steps.cache-openssl-http3-no-deprecated.outputs.cache-hit != 'true' || steps.cache-libressl.outputs.cache-hit != 'true' || steps.cache-awslc.outputs.cache-hit != 'true' || steps.cache-boringssl.outputs.cache-hit != 'true' || - steps.cache-quictls-no-deprecated.outputs.cache-hit != 'true' || steps.cache-gnutls.outputs.cache-hit != 'true' || steps.cache-wolfssl.outputs.cache-hit != 'true' || steps.cache-nghttp3.outputs.cache-hit != 'true' || @@ -199,12 +187,12 @@ jobs: echo 'CXX=g++-12' >> "$GITHUB_ENV" - name: 'build openssl' - if: ${{ steps.cache-openssl-http3.outputs.cache-hit != 'true' }} + if: ${{ steps.cache-openssl-http3-no-deprecated.outputs.cache-hit != 'true' }} run: | cd ~ git clone --quiet --depth=1 -b "openssl-${OPENSSL_VERSION}" https://github.com/openssl/openssl cd openssl - ./config --prefix="$PWD"/build --libdir=lib no-makedepend no-apps no-docs no-tests + ./config --prefix="$PWD"/build --libdir=lib no-makedepend no-apps no-docs no-tests no-deprecated make make -j1 install_sw @@ -241,16 +229,6 @@ jobs: cmake --build . cmake --install . - - name: 'build quictls' - if: ${{ steps.cache-quictls-no-deprecated.outputs.cache-hit != 'true' }} - run: | - cd ~ - git clone --quiet --depth=1 -b "openssl-${QUICTLS_VERSION}-quic1" https://github.com/quictls/openssl quictls - cd quictls - ./config no-deprecated --prefix="$PWD"/build --libdir=lib no-makedepend no-apps no-docs no-tests - make - make -j1 install_sw - - name: 'build gnutls' if: ${{ steps.cache-gnutls.outputs.cache-hit != 'true' }} run: | @@ -292,7 +270,7 @@ jobs: - name: 'build ngtcp2' if: ${{ steps.cache-ngtcp2.outputs.cache-hit != 'true' }} - # building 3 times to get crypto libs for ossl, libressl, quictls and awslc installed + # building twice to get crypto libs for ossl, libressl and awslc installed run: | cd ~ git clone --quiet --depth=1 -b "v${NGTCP2_VERSION}" https://github.com/ngtcp2/ngtcp2 @@ -302,10 +280,6 @@ jobs: PKG_CONFIG_PATH=/home/runner/libressl/build/lib/pkgconfig --enable-lib-only --with-openssl make install make clean - ./configure --disable-dependency-tracking --prefix="$PWD"/build \ - PKG_CONFIG_PATH=/home/runner/quictls/build/lib/pkgconfig --enable-lib-only --with-openssl - make install - make clean ./configure --disable-dependency-tracking --prefix="$PWD"/build \ PKG_CONFIG_PATH=/home/runner/openssl/build/lib/pkgconfig:/home/runner/gnutls/build/lib/pkgconfig:/home/runner/wolfssl/build/lib/pkgconfig \ --enable-lib-only --with-openssl --with-gnutls --with-wolfssl --with-boringssl \ @@ -337,8 +311,8 @@ jobs: # required (for nghttpx application): libc-ares-dev libev-dev zlib1g-dev # optional (for nghttpx application): libbrotli-dev ./configure --disable-dependency-tracking --prefix="$PWD"/build \ - PKG_CONFIG_PATH=/home/runner/quictls/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig \ - LDFLAGS=-Wl,-rpath,/home/runner/quictls/build/lib \ + PKG_CONFIG_PATH=/home/runner/openssl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig \ + LDFLAGS=-Wl,-rpath,/home/runner/openssl/build/lib \ --with-libbrotlienc --with-libbrotlidec \ --enable-app --enable-http3 make install @@ -367,8 +341,9 @@ jobs: install_steps: skipall PKG_CONFIG_PATH: /home/runner/openssl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig generate: >- - -DOPENSSL_ROOT_DIR=/home/runner/openssl/build - -DUSE_NGTCP2=ON -DCURL_DISABLE_NTLM=ON + -DOPENSSL_ROOT_DIR=/home/runner/openssl/build -DUSE_NGTCP2=ON + -DCURL_DISABLE_LDAP=ON + -DCURL_DISABLE_NTLM=ON -DCMAKE_UNITY_BUILD=ON - name: 'libressl' @@ -416,21 +391,6 @@ jobs: -DUSE_NGTCP2=ON -DCURL_DISABLE_NTLM=ON -DCMAKE_UNITY_BUILD=ON - - name: 'quictls' - install_steps: skipall - PKG_CONFIG_PATH: /home/runner/quictls/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig - configure: >- - LDFLAGS=-Wl,-rpath,/home/runner/quictls/build/lib - --with-ngtcp2 --disable-ntlm - --with-openssl=/home/runner/quictls/build --enable-ssls-export - --enable-unity - - - name: 'quictls' - PKG_CONFIG_PATH: /home/runner/quictls/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig - generate: >- - -DOPENSSL_ROOT_DIR=/home/runner/quictls/build - -DUSE_NGTCP2=ON -DCURL_DISABLE_NTLM=ON - - name: 'gnutls' install_packages: nettle-dev libp11-kit-dev install_steps: skipall @@ -476,6 +436,7 @@ jobs: PKG_CONFIG_PATH: /home/runner/openssl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig generate: >- -DOPENSSL_ROOT_DIR=/home/runner/openssl/build -DUSE_OPENSSL_QUIC=ON + -DCURL_DISABLE_LDAP=ON -DCURL_DISABLE_NTLM=ON -DCMAKE_UNITY_BUILD=ON @@ -518,12 +479,12 @@ jobs: - name: 'cache openssl' if: ${{ matrix.build.name == 'openssl' || matrix.build.name == 'openssl-quic' }} uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 - id: cache-openssl-http3 + id: cache-openssl-http3-no-deprecated env: - cache-name: cache-openssl-http3 + cache-name: cache-openssl-http3-no-deprecated with: path: ~/openssl/build - key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.OPENSSL_VERSION }} + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.OPENSSL_VERSION }}-no-deprecated fail-on-cache-miss: true - name: 'cache libressl' @@ -556,16 +517,6 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.BORINGSSL_VERSION }} fail-on-cache-miss: true - - name: 'cache quictls' - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 - id: cache-quictls-no-deprecated - env: - cache-name: cache-quictls-no-deprecated - with: - path: ~/quictls/build - key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.QUICTLS_VERSION }}-quic1 - fail-on-cache-miss: true - - name: 'cache gnutls' if: ${{ matrix.build.name == 'gnutls' }} uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 @@ -605,7 +556,7 @@ jobs: cache-name: cache-ngtcp2 with: path: ~/ngtcp2/build - key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.OPENSSL_VERSION }}-${{ env.LIBRESSL_VERSION }}-${{ env.AWSLC_VERSION }}-${{ env.QUICTLS_VERSION }}-${{ env.GNUTLS_VERSION }}-${{ env.WOLFSSL_VERSION }} + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.OPENSSL_VERSION }}-${{ env.LIBRESSL_VERSION }}-${{ env.AWSLC_VERSION }}-${{ env.GNUTLS_VERSION }}-${{ env.WOLFSSL_VERSION }} fail-on-cache-miss: true - name: 'cache ngtcp2 boringssl' @@ -625,7 +576,7 @@ jobs: cache-name: cache-nghttp2 with: path: ~/nghttp2/build - key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGHTTP2_VERSION }}-${{ env.QUICTLS_VERSION }}-${{ env.NGTCP2_VERSION }}-${{ env.NGHTTP3_VERSION }} + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGHTTP2_VERSION }}-${{ env.OPENSSL_VERSION }}-${{ env.NGTCP2_VERSION }}-${{ env.NGHTTP3_VERSION }} fail-on-cache-miss: true - name: 'cache quiche' diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 5b2b5e711c..d78789b8a1 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -49,8 +49,6 @@ env: BORINGSSL_VERSION: 0.20251002.0 # handled in renovate.json OPENSSL_VERSION: 3.6.0 - # handled in renovate.json - QUICTLS_VERSION: 3.3.0 # renovate: datasource=github-tags depName=rustls/rustls-ffi versioning=semver registryUrl=https://github.com RUSTLS_VERSION: 0.15.0 # handled in renovate.json @@ -495,25 +493,6 @@ jobs: make make -j1 install_sw - - name: 'cache quictls' - if: ${{ contains(matrix.build.install_steps, 'quictls') }} - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 - id: cache-quictls - env: - cache-name: cache-quictls - with: - path: ~/quictls - key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.QUICTLS_VERSION }}-quic1 - - - name: 'build quictls' - if: ${{ contains(matrix.build.install_steps, 'quictls') && steps.cache-quictls.outputs.cache-hit != 'true' }} - run: | - git clone --quiet --depth=1 -b "openssl-${QUICTLS_VERSION}-quic1" https://github.com/quictls/openssl - cd openssl - ./config --prefix=/home/runner/quictls --libdir=lib no-makedepend no-apps no-docs no-tests - make - make -j1 install_sw - - name: 'cache awslc' if: ${{ contains(matrix.build.install_steps, 'awslc') }} uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index 87fc53d334..c32b71439c 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -255,16 +255,17 @@ jobs: --without-nghttp2 --disable-ntlm --without-ssl --without-zlib --without-zstd macos-version-min: '10.15' # Catalina (2019) - - name: 'LibreSSL +examples' + - name: 'LibreSSL !ldap +examples' compiler: clang install: libressl install_steps: pytest - configure: --enable-debug --with-openssl=/opt/homebrew/opt/libressl - - name: 'OpenSSL' + configure: --enable-debug --with-openssl=/opt/homebrew/opt/libressl --disable-ldap + - name: 'OpenSSL 10.15' compiler: clang install: libnghttp3 libngtcp2 install_steps: pytest configure: --enable-debug --with-openssl=/opt/homebrew/opt/openssl --with-ngtcp2 + macos-version-min: '10.15' - name: 'OpenSSL SecTrust' compiler: clang install: libnghttp3 libngtcp2 @@ -274,11 +275,6 @@ jobs: compiler: clang configure: --enable-debug --with-openssl=/opt/homebrew/opt/openssl tflags: --test-event - - name: 'quictls libssh2 !ldap 10.15' - compiler: clang - install: quictls - configure: --enable-debug --disable-ldap --with-openssl=/opt/homebrew/opt/quictls LDFLAGS=-L/opt/homebrew/opt/quictls/lib - macos-version-min: '10.15' # cmake - name: 'OpenSSL gsasl rtmp AppleIDN SecTrust' install: libnghttp3 libngtcp2 gsasl rtmpdump @@ -306,9 +302,6 @@ jobs: -DCURL_USE_GSSAPI=ON -DGSS_ROOT_DIR=/opt/homebrew/opt/heimdal -DCURL_CLANG_TIDY=ON -DCLANG_TIDY=/opt/homebrew/opt/llvm/bin/clang-tidy - - name: 'quictls +static libssh +examples' - install: quictls libssh - generate: -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/quictls -DBUILD_STATIC_LIBS=ON -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=ON - name: 'LibreSSL openldap heimdal c-ares +examples' install: libressl heimdal openldap generate: -DENABLE_DEBUG=ON -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/libressl -DENABLE_ARES=ON -DCURL_USE_GSSAPI=ON -DGSS_ROOT_DIR=/opt/homebrew/opt/heimdal -DLDAP_INCLUDE_DIR=/opt/homebrew/opt/openldap/include -DLDAP_LIBRARY=/opt/homebrew/opt/openldap/lib/libldap.dylib -DLDAP_LBER_LIBRARY=/opt/homebrew/opt/openldap/lib/liblber.dylib @@ -370,7 +363,7 @@ jobs: while [[ $? == 0 ]]; do for i in 1 2 3; do if brew update && brew bundle install --file /tmp/Brewfile; then break 2; else echo Error: wait to try again; sleep 10; fi; done; false Too many retries; done - name: 'brew unlink openssl' - if: ${{ contains(matrix.build.install, 'aws-lc') || contains(matrix.build.install, 'libressl') || contains(matrix.build.install, 'quictls') }} + if: ${{ contains(matrix.build.install, 'aws-lc') || contains(matrix.build.install, 'libressl') }} run: | if [ -d /opt/homebrew/include/openssl ]; then brew unlink openssl diff --git a/renovate.json b/renovate.json index 1bc0309f3a..102bf42521 100644 --- a/renovate.json +++ b/renovate.json @@ -102,20 +102,6 @@ "versioningTemplate": "semver", "extractVersionTemplate": "^openssl-(?.*)$" }, - { - "customType": "regex", - "managerFilePatterns": [ - "/^.github/workflows/linux.yml$/", - "/^.github/workflows/http3-linux.yml$/" - ], - "matchStrings": [ - "QUICTLS_VERSION: (?.*)\\s" - ], - "datasourceTemplate": "github-tags", - "depNameTemplate": "quictls/openssl", - "versioningTemplate": "semver", - "extractVersionTemplate": "^openssl-(?.*)-quic1$" - }, { "customType": "regex", "managerFilePatterns": [ From 455d41d4605a3d7aacc97fd580a64648ca203698 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 4 Oct 2025 02:53:02 +0200 Subject: [PATCH 0278/2408] unit1664: drop casts, expand masks to full values Follow-up to 4deea9396bc7dd25c6362fa746a57bf309c74ada #18814 Closes #18838 --- tests/unit/unit1664.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/unit/unit1664.c b/tests/unit/unit1664.c index 773bd8d386..6903c70e92 100644 --- a/tests/unit/unit1664.c +++ b/tests/unit/unit1664.c @@ -193,8 +193,8 @@ static CURLcode test_unit1664(const char *arg) const char *line = nums[i]; const char *orgline = line; int rc = curlx_str_number(&line, &num, 1235); - curl_mprintf("%u: (\"%s\") %d, [%u] line %d\n", - i, orgline, rc, (int)num, (int)(line - orgline)); + curl_mprintf("%u: (\"%s\") %d, [%" CURL_FORMAT_CURL_OFF_T "] line %d\n", + i, orgline, rc, num, (int)(line - orgline)); } } @@ -388,8 +388,8 @@ static CURLcode test_unit1664(const char *arg) const char *line = nums[i]; const char *orgline = line; int rc = curlx_str_hex(&line, &num, 0x1235); - curl_mprintf("%u: (\"%s\") %d, [%u] line %d\n", - i, orgline, rc, (int)num, (int)(line - orgline)); + curl_mprintf("%u: (\"%s\") %d, [%" CURL_FORMAT_CURL_OFF_T "] line %d\n", + i, orgline, rc, num, (int)(line - orgline)); } } @@ -415,8 +415,8 @@ static CURLcode test_unit1664(const char *arg) const char *line = nums[i]; const char *orgline = line; int rc = curlx_str_octal(&line, &num, 01235); - curl_mprintf("%u: (\"%s\") %d, [%u] line %d\n", - i, orgline, rc, (int)num, (int)(line - orgline)); + curl_mprintf("%u: (\"%s\") %d, [%" CURL_FORMAT_CURL_OFF_T "] line %d\n", + i, orgline, rc, num, (int)(line - orgline)); } } From c7fb5858a59dfc433d5eefa08be3db249738fd28 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 4 Oct 2025 13:04:29 +0200 Subject: [PATCH 0279/2408] checksrc: fix possible endless loops/errors in the banned function logic By quoting the search expression to be replaced. This avoid the issue when the code leading up to a banned function contained regex characters that the script did not explicitly handle, e.g. `+`. Assisted-by: Daniel Stenberg Ref: https://perldoc.perl.org/functions/quotemeta Follow-up to dd37d6970cfd8b4cf47ebd469f03772813b92c23 #18775 Closes #18845 --- scripts/checksrc.pl | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/scripts/checksrc.pl b/scripts/checksrc.pl index 637c0b7c8b..54800ce12d 100755 --- a/scripts/checksrc.pl +++ b/scripts/checksrc.pl @@ -907,14 +907,9 @@ sub scanfile { checkwarn("BANNEDFUNC", $line, length($prefix), $file, $ol, "use of $bad is banned"); - my $replace = 'x' x (length($bad) + 1); - $prefix =~ s/\*/\\*/; - $prefix =~ s/\[/\\[/; - $prefix =~ s/\]/\\]/; - $prefix =~ s/\(/\\(/; - $prefix =~ s/\)/\\)/; - $suff =~ s/\(/\\(/; - $l =~ s/$prefix$bad$suff/$prefix$replace/; + my $search = quotemeta($prefix . $bad . $suff); + my $replace = $prefix . 'x' x (length($bad) + 1); + $l =~ s/$search/$replace/; goto again; } $l = $bl; # restore to pre-bannedfunc content From bb4326d72b3486181be4dccafec53f6e3567ed7c Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 4 Oct 2025 23:17:32 +0200 Subject: [PATCH 0280/2408] GHA: remove the hacktoberfest label action No one cares about hacktoberfest anymore. Closes #18849 --- .github/workflows/hacktoberfest-accepted.yml | 71 -------------------- 1 file changed, 71 deletions(-) delete mode 100644 .github/workflows/hacktoberfest-accepted.yml diff --git a/.github/workflows/hacktoberfest-accepted.yml b/.github/workflows/hacktoberfest-accepted.yml deleted file mode 100644 index f934193a6e..0000000000 --- a/.github/workflows/hacktoberfest-accepted.yml +++ /dev/null @@ -1,71 +0,0 @@ -# Copyright (C) Daniel Stenberg, , et al. -# -# SPDX-License-Identifier: curl - -name: 'Hacktoberfest' - -'on': - # this must not ever run on any other branch than master - push: - branches: - - master - -concurrency: - # this should not run in parallel, so just run one at a time - group: ${{ github.workflow }} - -permissions: {} - -jobs: - # add hacktoberfest-accepted label to PRs opened starting from September 30th - # till November 1st which are closed via commit reference from master branch. - merged: - name: 'Add hacktoberfest-accepted label' - runs-on: ubuntu-latest - permissions: - issues: write # To edit labels on PRs - pull-requests: write # To edit labels on PRs - steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - with: - persist-credentials: false - fetch-depth: 100 - - - name: 'Check whether repo participates in Hacktoberfest' - id: check - env: - GH_TOKEN: '${{ secrets.GITHUB_TOKEN }}' - run: | - gh config set prompt disabled && echo "label=$( - gh repo view --json repositoryTopics --jq '.repositoryTopics[].name' | grep '^hacktoberfest$')" >> "$GITHUB_OUTPUT" - - - name: 'Search relevant commit message lines starting with Closes/Merges' - if: ${{ steps.check.outputs.label == 'hacktoberfest' }} - env: - GITHUB_EVENT_BEFORE: '${{ github.event.before }}' - GITHUB_EVENT_AFTER: '${{ github.event.after }}' - run: | - git log --format=email "${GITHUB_EVENT_BEFORE}..${GITHUB_EVENT_AFTER}" | \ - grep -Ei '^Close[sd]? ' | sort | uniq | tee log - - - name: 'Search for number-based PR references' - if: ${{ steps.check.outputs.label == 'hacktoberfest' }} - env: - GH_TOKEN: '${{ secrets.GITHUB_TOKEN }}' - run: | - grep -Eo '#([0-9]+)' log | cut -d# -f2 | sort | uniq | xargs -t -n1 -I{} \ - gh pr view {} --json number,createdAt \ - --jq '{number, opened: .createdAt} | [.number, .opened] | join(":")' | tee /dev/stderr | \ - grep -Eo '^([0-9]+):[0-9]{4}-(09-30T|10-|11-01T)' | cut -d: -f1 | sort | uniq | xargs -t -n1 -I {} \ - gh pr edit {} --add-label 'hacktoberfest-accepted' - - - name: 'Search for URL-based PR references' - if: ${{ steps.check.outputs.label == 'hacktoberfest' }} - env: - GH_TOKEN: '${{ secrets.GITHUB_TOKEN }}' - run: | - grep -Eo 'github.com/(.+)/(.+)/pull/([0-9]+)' log | sort | uniq | xargs -t -n1 -I{} \ - gh pr view 'https://{}' --json number,createdAt \ - --jq '{number, opened: .createdAt} | [.number, .opened] | join(":")' | tee /dev/stderr | \ - grep -Eo '^([0-9]+):[0-9]{4}-(09-30T|10-|11-01T)' | cut -d: -f1 | sort | uniq | xargs -t -n1 -I {} \ - gh pr edit {} --add-label 'hacktoberfest-accepted' From c0febf66614d1468edecf6dab48333218b130ae1 Mon Sep 17 00:00:00 2001 From: Joshua Rogers Date: Sun, 5 Oct 2025 10:38:14 +0800 Subject: [PATCH 0281/2408] cpool: make bundle->dest an array; fix UB Replace `char *dest[1]` with a proper `char dest[1]` array in cpool_bundle. This removes undefined behavior from memcpy (writing past the declared object) while keeping the same key semantics: dest_len is strlen+1 (includes NUL), and hash add/delete calls remain unchanged. Closes #18850 --- lib/conncache.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/lib/conncache.c b/lib/conncache.c index 1393bb565b..a8fc51c213 100644 --- a/lib/conncache.c +++ b/lib/conncache.c @@ -79,7 +79,7 @@ struct cpool_bundle { struct Curl_llist conns; /* connections in the bundle */ size_t dest_len; /* total length of destination, including NUL */ - char *dest[1]; /* destination of bundle, allocated to keep dest_len bytes */ + char dest[1]; /* destination of bundle, allocated to keep dest_len bytes */ }; @@ -91,13 +91,13 @@ static void cpool_discard_conn(struct cpool *cpool, static struct cpool_bundle *cpool_bundle_create(const char *dest) { struct cpool_bundle *bundle; - size_t dest_len = strlen(dest); + size_t dest_len = strlen(dest) + 1; - bundle = calloc(1, sizeof(*bundle) + dest_len); + bundle = calloc(1, sizeof(*bundle) + dest_len - 1); if(!bundle) return NULL; Curl_llist_init(&bundle->conns, NULL); - bundle->dest_len = dest_len + 1; + bundle->dest_len = dest_len; memcpy(bundle->dest, dest, bundle->dest_len); return bundle; } @@ -320,7 +320,7 @@ static struct connectdata *cpool_get_oldest_idle(struct cpool *cpool) struct connectdata *oldest_idle = NULL; struct cpool_bundle *bundle; struct curltime now; - timediff_t highscore =- 1; + timediff_t highscore = -1; timediff_t score; now = curlx_now(); From eb8809270336225ef0266b01ca29191b88b1a3c7 Mon Sep 17 00:00:00 2001 From: Joshua Rogers Date: Sun, 5 Oct 2025 10:57:29 +0800 Subject: [PATCH 0282/2408] telnet: use pointer[0] for "unknown" option instead of pointer[i] MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit i is taken from pointer[length-2] (often the IAC byte) before we do length -= 2, so using pointer[i] indexes an arbitrary/stale byte unrelated to the option code. pointer[0] is the suboption’s option code per the telnet SB format, so printing pointer[0] yields correct, stable diagnostics. Closes #18851 --- lib/telnet.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/telnet.c b/lib/telnet.c index 66585d6f2a..ddc0b22cb6 100644 --- a/lib/telnet.c +++ b/lib/telnet.c @@ -732,7 +732,7 @@ static void printsub(struct Curl_easy *data, } } else - infof(data, "%d (unknown)", pointer[i]); + infof(data, "%d (unknown)", pointer[0]); switch(pointer[0]) { case CURL_TELOPT_NAWS: From da8f7ae096bc540dfc53c391b28229c885c31e99 Mon Sep 17 00:00:00 2001 From: Joshua Rogers Date: Sun, 5 Oct 2025 11:07:54 +0800 Subject: [PATCH 0283/2408] telnet: print DISPlay LOCation in printsub without mutating buffer Closes #18852 --- lib/telnet.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/telnet.c b/lib/telnet.c index ddc0b22cb6..90316a446c 100644 --- a/lib/telnet.c +++ b/lib/telnet.c @@ -759,8 +759,8 @@ static void printsub(struct Curl_easy *data, switch(pointer[0]) { case CURL_TELOPT_TTYPE: case CURL_TELOPT_XDISPLOC: - pointer[length] = 0; - infof(data, " \"%s\"", &pointer[2]); + infof(data, " \"%.*s\"", + (int)((length > 2) ? (length - 2) : 0), &pointer[2]); break; case CURL_TELOPT_NEW_ENVIRON: if(pointer[1] == CURL_TELQUAL_IS) { From 08331213055abac4417bc4a470f350a41d1a7659 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 5 Oct 2025 11:08:40 +0200 Subject: [PATCH 0284/2408] GHA/http3-linux: cleanup cache entry name after prev To avoid duplicate `no-deprecated` in the cache entry name. Follow-up to c96bf36557ea2302e4cb838ee1e4bb9827fecee7 #18833 Closes #18853 --- .github/workflows/http3-linux.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index 3d0fec9efb..c9495fe74e 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -73,7 +73,7 @@ jobs: cache-name: cache-openssl-http3-no-deprecated with: path: ~/openssl/build - key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.OPENSSL_VERSION }}-no-deprecated + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.OPENSSL_VERSION }} - name: 'cache libressl' uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 @@ -484,7 +484,7 @@ jobs: cache-name: cache-openssl-http3-no-deprecated with: path: ~/openssl/build - key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.OPENSSL_VERSION }}-no-deprecated + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.OPENSSL_VERSION }} fail-on-cache-miss: true - name: 'cache libressl' From 1ae5e44effe36bbe136439735de49b1e8dbaca0b Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 5 Oct 2025 18:36:06 +0200 Subject: [PATCH 0285/2408] strerror: drop workaround for SalfordC win32 header bug Follow-up to ccf43ce91dd9a56f30a4029377126e4c83c7f08a #15957 Closes #18857 --- lib/strerror.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/lib/strerror.c b/lib/strerror.c index cf0876564f..47c6572114 100644 --- a/lib/strerror.c +++ b/lib/strerror.c @@ -698,11 +698,9 @@ get_winsock_error(int err, char *buf, size_t len) case WSAEREMOTE: p = "Remote error"; break; -#ifdef WSAEDISCON /* missing in SalfordC! */ case WSAEDISCON: p = "Disconnected"; break; -#endif /* Extended Winsock errors */ case WSASYSNOTREADY: p = "Winsock library is not ready"; From b54b4697cad23fcf81577ce9e8f1ea18b8449427 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 5 Oct 2025 14:07:39 +0200 Subject: [PATCH 0286/2408] url: make Curl_init_userdefined return void It cannot actually return an error, so the parent function does not need to check for error and have an exit path that cannot be reached. Pointed out by CodeSonar Closes #18855 --- lib/easy.c | 2 +- lib/url.c | 23 ++++------------------- lib/url.h | 2 +- tests/unit/unit1620.c | 3 --- 4 files changed, 6 insertions(+), 24 deletions(-) diff --git a/lib/easy.c b/lib/easy.c index 0a4b6faf52..7a36034c03 100644 --- a/lib/easy.c +++ b/lib/easy.c @@ -1110,7 +1110,7 @@ void curl_easy_reset(CURL *d) /* zero out UserDefined data: */ Curl_freeset(data); memset(&data->set, 0, sizeof(struct UserDefined)); - (void)Curl_init_userdefined(data); + Curl_init_userdefined(data); /* zero out Progress data: */ memset(&data->progress, 0, sizeof(struct Progress)); diff --git a/lib/url.c b/lib/url.c index 0dface920d..ae4a6f6502 100644 --- a/lib/url.c +++ b/lib/url.c @@ -355,10 +355,9 @@ CURLcode Curl_close(struct Curl_easy **datap) * Initialize the UserDefined fields within a Curl_easy. * This may be safely called on a new or existing Curl_easy. */ -CURLcode Curl_init_userdefined(struct Curl_easy *data) +void Curl_init_userdefined(struct Curl_easy *data) { struct UserDefined *set = &data->set; - CURLcode result = CURLE_OK; set->out = stdout; /* default output to stdout */ set->in_set = stdin; /* default input from stdin */ @@ -476,8 +475,6 @@ CURLcode Curl_init_userdefined(struct Curl_easy *data) set->ws_raw_mode = FALSE; set->ws_no_auto_pong = FALSE; #endif - - return result; } /* easy->meta_hash destructor. Should never be called as elements @@ -501,7 +498,6 @@ static void easy_meta_freeentry(void *p) CURLcode Curl_open(struct Curl_easy **curl) { - CURLcode result; struct Curl_easy *data; /* simple start-up: alloc the struct, init it with zeroes and return */ @@ -532,21 +528,10 @@ CURLcode Curl_open(struct Curl_easy **curl) Curl_llist_init(&data->state.httphdrs, NULL); #endif Curl_netrc_init(&data->state.netrc); + Curl_init_userdefined(data); - result = Curl_init_userdefined(data); - - if(result) { - curlx_dyn_free(&data->state.headerb); - Curl_freeset(data); - Curl_req_free(&data->req, data); - Curl_hash_destroy(&data->meta_hash); - data->magic = 0; - free(data); - data = NULL; - } - else - *curl = data; - return result; + *curl = data; + return CURLE_OK; } void Curl_conn_free(struct Curl_easy *data, struct connectdata *conn) diff --git a/lib/url.h b/lib/url.h index 11a69d4157..82d869c5ff 100644 --- a/lib/url.h +++ b/lib/url.h @@ -31,7 +31,7 @@ CURLcode Curl_init_do(struct Curl_easy *data, struct connectdata *conn); CURLcode Curl_open(struct Curl_easy **curl); -CURLcode Curl_init_userdefined(struct Curl_easy *data); +void Curl_init_userdefined(struct Curl_easy *data); void Curl_freeset(struct Curl_easy *data); CURLcode Curl_uc_to_curlcode(CURLUcode uc); diff --git a/tests/unit/unit1620.c b/tests/unit/unit1620.c index 14b377b640..4851602eaa 100644 --- a/tests/unit/unit1620.c +++ b/tests/unit/unit1620.c @@ -97,9 +97,6 @@ static CURLcode test_unit1620(const char *arg) fail_unless(rc == CURLE_URL_MALFORMAT, "Curl_connect() failed to return CURLE_URL_MALFORMAT"); - rc = Curl_init_userdefined(empty); - fail_unless(rc == CURLE_OK, "Curl_userdefined() failed"); - rc = Curl_init_do(empty, empty->conn); fail_unless(rc == CURLE_OK, "Curl_init_do() failed"); From c93457f1f62568fafc844b5070d06330ca7b0f67 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 5 Oct 2025 20:36:21 +0200 Subject: [PATCH 0287/2408] tool_filetime: replace cast with the fitting printf mask (Windows) Follow-up to d25b0503795f1fbf557632ce870298f52f2a78c1 #2204 Closes #18858 --- src/tool_filetime.c | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/src/tool_filetime.c b/src/tool_filetime.c index 5912a5aa9a..b442fc2014 100644 --- a/src/tool_filetime.c +++ b/src/tool_filetime.c @@ -62,16 +62,14 @@ int getfiletime(const char *filename, curl_off_t *stamp) } } else { - warnf("Failed to get filetime: " - "GetFileTime failed: GetLastError %u", - (unsigned int)GetLastError()); + warnf("Failed to get filetime: GetFileTime failed: GetLastError %lu", + GetLastError()); } CloseHandle(hfile); } else if(GetLastError() != ERROR_FILE_NOT_FOUND) { - warnf("Failed to get filetime: " - "CreateFile failed: GetLastError %u", - (unsigned int)GetLastError()); + warnf("Failed to get filetime: CreateFile failed: GetLastError %lu", + GetLastError()); } #else struct_stat statbuf; @@ -117,15 +115,15 @@ void setfiletime(curl_off_t filetime, const char *filename) ft.dwHighDateTime = (DWORD)(converted >> 32); if(!SetFileTime(hfile, NULL, &ft, &ft)) { warnf("Failed to set filetime %" CURL_FORMAT_CURL_OFF_T - " on outfile: SetFileTime failed: GetLastError %u", - filetime, (unsigned int)GetLastError()); + " on outfile: SetFileTime failed: GetLastError %lu", + filetime, GetLastError()); } CloseHandle(hfile); } else { warnf("Failed to set filetime %" CURL_FORMAT_CURL_OFF_T - " on outfile: CreateFile failed: GetLastError %u", - filetime, (unsigned int)GetLastError()); + " on outfile: CreateFile failed: GetLastError %lu", + filetime, GetLastError()); } #elif defined(HAVE_UTIMES) From 4116e1d8028b30bfb0156b9b42042e0d930656f5 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 6 Oct 2025 00:10:13 +0200 Subject: [PATCH 0288/2408] unit1323: sync time types and printf masks, drop casts Closes #18860 --- tests/unit/unit1323.c | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/tests/unit/unit1323.c b/tests/unit/unit1323.c index 41d4fd31d3..a4e3eab2e1 100644 --- a/tests/unit/unit1323.c +++ b/tests/unit/unit1323.c @@ -30,14 +30,14 @@ static CURLcode test_unit1323(const char *arg) struct a { struct curltime first; struct curltime second; - time_t result; + timediff_t result; }; struct a tests[] = { - { {36762, 8345 }, {36761, 995926 }, 13 }, - { {36761, 995926 }, {36762, 8345 }, -13 }, - { {36761, 995926 }, {0, 0}, 36761995 }, - { {0, 0}, {36761, 995926 }, -36761995 }, + { {36762, 8345}, {36761, 995926}, 13 }, + { {36761, 995926}, {36762, 8345}, -13 }, + { {36761, 995926}, {0, 0}, 36761995 }, + { {0, 0}, {36761, 995926}, -36761995 }, }; size_t i; @@ -45,13 +45,14 @@ static CURLcode test_unit1323(const char *arg) for(i = 0; i < CURL_ARRAYSIZE(tests); i++) { timediff_t result = curlx_timediff(tests[i].first, tests[i].second); if(result != tests[i].result) { - curl_mprintf("%ld.%06u to %ld.%06u got %d, but expected %ld\n", + curl_mprintf("%ld.%06u to %ld.%06u got %" FMT_TIMEDIFF_T + ", but expected %" FMT_TIMEDIFF_T "\n", (long)tests[i].first.tv_sec, tests[i].first.tv_usec, (long)tests[i].second.tv_sec, tests[i].second.tv_usec, - (int)result, - (long)tests[i].result); + result, + tests[i].result); fail("unexpected result!"); } } From eaf66f18b72ee7c2c6e5e1120b70b14975dd66bd Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 4 Oct 2025 00:39:11 +0200 Subject: [PATCH 0289/2408] tests/server: replace banned functions with `curlx_str_hex` Replace an `strtol()` and `strtoul()` call, both used in hex mode, with `curlx_str_hex()`. Follow-up to 45438c8d6f8e70385d66c029568524e9e803c539 #18823 Closes #18837 --- tests/server/sockfilt.c | 11 +++++++++-- tests/server/sws.c | 14 ++++++-------- 2 files changed, 15 insertions(+), 10 deletions(-) diff --git a/tests/server/sockfilt.c b/tests/server/sockfilt.c index c6536fee4a..2ae681072e 100644 --- a/tests/server/sockfilt.c +++ b/tests/server/sockfilt.c @@ -371,13 +371,20 @@ static void lograw(unsigned char *buffer, ssize_t len) static bool read_data_block(unsigned char *buffer, ssize_t maxlen, ssize_t *buffer_len) { + curl_off_t value; + const char *endp; + if(!read_stdin(buffer, 5)) return FALSE; buffer[5] = '\0'; - /* !checksrc! disable BANNEDFUNC 1 */ - *buffer_len = (ssize_t)strtol((char *)buffer, NULL, 16); + endp = (char *)buffer; + if(curlx_str_hex(&endp, &value, 0xfffff)) { + logmsg("Failed to decode buffer size"); + return FALSE; + } + *buffer_len = (ssize_t)value; if(*buffer_len > maxlen) { logmsg("Buffer size (%zd bytes) too small for data size error " "(%zd bytes)", maxlen, *buffer_len); diff --git a/tests/server/sws.c b/tests/server/sws.c index 20d2bf7632..32e82891fe 100644 --- a/tests/server/sws.c +++ b/tests/server/sws.c @@ -413,7 +413,7 @@ static int sws_ProcessRequest(struct sws_httprequest *req) static char doc[MAXDOCNAMELEN]; if(sscanf(req->reqbuf, "CONNECT %" MAXDOCNAMELEN_TXT "s HTTP/%d.%d", doc, &prot_major, &prot_minor) == 3) { - char *portp = NULL; + const char *portp = NULL; logmsg("Received a CONNECT %s HTTP/%d.%d request", doc, prot_major, prot_minor); @@ -424,15 +424,13 @@ static int sws_ProcessRequest(struct sws_httprequest *req) req->open = FALSE; /* HTTP 1.0 closes connection by default */ if(doc[0] == '[') { - char *p = &doc[1]; - unsigned long part = 0; + const char *p = &doc[1]; + curl_off_t part = 0; /* scan through the hexgroups and store the value of the last group in the 'part' variable and use as test case number!! */ while(*p && (ISXDIGIT(*p) || (*p == ':') || (*p == '.'))) { - char *endp; - /* !checksrc! disable BANNEDFUNC 1 */ - part = strtoul(p, &endp, 16); - if(ISXDIGIT(*p)) + const char *endp = p; + if(!curlx_str_hex(&endp, &part, 0xffff)) p = endp; else p++; @@ -444,7 +442,7 @@ static int sws_ProcessRequest(struct sws_httprequest *req) else portp = p + 1; - req->testno = part; + req->testno = (long)part; } else portp = strchr(doc, ':'); From 34ad78da89c614aafb21033bac456a1c0f54921a Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 4 Oct 2025 03:10:37 +0200 Subject: [PATCH 0290/2408] curlx: move Curl_strerror, use in src and tests, ban `strerror` globally MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Also: - tests/server: replace local `sstrerror()` with `curlx_strerror()`. - tests/server: show the error code next to the string, where missing. - curlx: use `curl_msnprintf()` when building for src and tests. (units was already using it.) - lib: drop unused includes found along the way. - curlx_strerror(): avoid compiler warning (and another similar one): ``` In file included from servers.c:14: ../../lib/../../lib/curlx/strerr.c: In function ‘curlx_strerror’: ../../lib/../../lib/curlx/strerr.c:328:32: error: ‘snprintf’ output may be truncated before the last format character [-Werror=format-truncation=] 328 | SNPRINTF(buf, buflen, "%s", msg); | ^ ../../lib/../../lib/curlx/strerr.c:47:18: note: ‘snprintf’ output 1 or more bytes (assuming 2) into a destination of size 1 47 | #define SNPRINTF snprintf | ^ ../../lib/../../lib/curlx/strerr.c:328:7: note: in expansion of macro ‘SNPRINTF’ 328 | SNPRINTF(buf, buflen, "%s", msg); | ^~~~~~~~ ``` Follow-up to 45438c8d6f8e70385d66c029568524e9e803c539 #18823 Closes #18840 --- docs/examples/.checksrc | 1 + lib/.checksrc | 1 - lib/Makefile.inc | 2 + lib/cf-socket.c | 34 ++-- lib/curl_setup.h | 4 + lib/curlx/.checksrc | 1 - lib/curlx/curlx.h | 3 + lib/curlx/strerr.c | 361 +++++++++++++++++++++++++++++++++++++ lib/curlx/strerr.h | 29 +++ lib/curlx/winapi.c | 9 +- lib/ftp.c | 16 +- lib/strerror.c | 320 +------------------------------- lib/strerror.h | 5 - lib/tftp.c | 22 +-- lib/url.c | 4 +- lib/vauth/.checksrc | 1 - lib/vquic/.checksrc | 1 - lib/vquic/curl_ngtcp2.c | 1 - lib/vquic/curl_osslq.c | 4 +- lib/vquic/curl_quiche.c | 1 - lib/vquic/vquic.c | 8 +- lib/vssh/.checksrc | 1 - lib/vtls/.checksrc | 1 - lib/vtls/openssl.c | 12 +- lib/vtls/rustls.c | 6 +- scripts/checksrc.pl | 1 + src/Makefile.inc | 8 +- src/config2setopts.c | 10 +- src/tool_cb_wrt.c | 4 +- src/tool_filetime.c | 15 +- src/tool_formparse.c | 12 +- src/tool_operate.c | 21 ++- src/var.c | 4 +- tests/libtest/Makefile.inc | 8 +- tests/libtest/first.h | 20 +- tests/libtest/lib505.c | 5 +- tests/libtest/lib518.c | 6 +- tests/libtest/lib525.c | 5 +- tests/libtest/lib537.c | 6 +- tests/libtest/lib541.c | 5 +- tests/libtest/lib556.c | 3 +- tests/libtest/lib582.c | 5 +- tests/libtest/lib591.c | 3 +- tests/server/Makefile.inc | 3 +- tests/server/dnsd.c | 16 +- tests/server/first.h | 1 - tests/server/mqttd.c | 14 +- tests/server/rtspd.c | 53 +++--- tests/server/sockfilt.c | 20 +- tests/server/socksd.c | 16 +- tests/server/sws.c | 82 +++++---- tests/server/tftpd.c | 31 ++-- tests/server/util.c | 96 +++++----- 53 files changed, 751 insertions(+), 570 deletions(-) create mode 100644 lib/curlx/strerr.c create mode 100644 lib/curlx/strerr.h diff --git a/docs/examples/.checksrc b/docs/examples/.checksrc index a83f0edb9f..336e1928d2 100644 --- a/docs/examples/.checksrc +++ b/docs/examples/.checksrc @@ -7,6 +7,7 @@ allowfunc open allowfunc snprintf allowfunc socket allowfunc sscanf +allowfunc strerror banfunc curl_maprintf banfunc curl_mfprintf banfunc curl_mprintf diff --git a/lib/.checksrc b/lib/.checksrc index 9b8d799ea2..e69de29bb2 100644 --- a/lib/.checksrc +++ b/lib/.checksrc @@ -1 +0,0 @@ -banfunc strerror diff --git a/lib/Makefile.inc b/lib/Makefile.inc index ff8144fb5a..500c690561 100644 --- a/lib/Makefile.inc +++ b/lib/Makefile.inc @@ -31,6 +31,7 @@ LIB_CURLX_CFILES = \ curlx/inet_pton.c \ curlx/multibyte.c \ curlx/nonblock.c \ + curlx/strerr.c \ curlx/strparse.c \ curlx/timediff.c \ curlx/timeval.c \ @@ -49,6 +50,7 @@ LIB_CURLX_HFILES = \ curlx/inet_pton.h \ curlx/multibyte.h \ curlx/nonblock.h \ + curlx/strerr.h \ curlx/strparse.h \ curlx/timediff.h \ curlx/timeval.h \ diff --git a/lib/cf-socket.c b/lib/cf-socket.c index 8ed1116c07..34bcda68d7 100644 --- a/lib/cf-socket.c +++ b/lib/cf-socket.c @@ -62,7 +62,6 @@ #include "bufq.h" #include "sendf.h" #include "if2ip.h" -#include "strerror.h" #include "cfilters.h" #include "cf-socket.h" #include "connect.h" @@ -80,6 +79,7 @@ #include "strdup.h" #include "system_win32.h" #include "curlx/version_win32.h" +#include "curlx/strerr.h" #include "curlx/strparse.h" /* The last 3 #include files should be in this order */ @@ -114,7 +114,7 @@ static void tcpnodelay(struct Curl_easy *data, curl_socket_t sockfd) if(setsockopt(sockfd, level, TCP_NODELAY, (void *)&onoff, sizeof(onoff)) < 0) infof(data, "Could not set TCP_NODELAY: %s", - Curl_strerror(SOCKERRNO, buffer, sizeof(buffer))); + curlx_strerror(SOCKERRNO, buffer, sizeof(buffer))); #else (void)data; (void)sockfd; @@ -136,7 +136,7 @@ static void nosigpipe(struct Curl_easy *data, #ifndef CURL_DISABLE_VERBOSE_STRINGS char buffer[STRERROR_LEN]; infof(data, "Could not set SO_NOSIGPIPE: %s", - Curl_strerror(SOCKERRNO, buffer, sizeof(buffer))); + curlx_strerror(SOCKERRNO, buffer, sizeof(buffer))); #endif } } @@ -644,7 +644,7 @@ static CURLcode bindlocal(struct Curl_easy *data, struct connectdata *conn, char buffer[STRERROR_LEN]; data->state.os_errno = error = SOCKERRNO; failf(data, "Couldn't bind to interface '%s' with errno %d: %s", - iface, error, Curl_strerror(error, buffer, sizeof(buffer))); + iface, error, curlx_strerror(error, buffer, sizeof(buffer))); return CURLE_INTERFACE_FAILED; } break; @@ -747,8 +747,8 @@ static CURLcode bindlocal(struct Curl_easy *data, struct connectdata *conn, char buffer[STRERROR_LEN]; data->state.errorbuf = FALSE; data->state.os_errno = error = SOCKERRNO; - failf(data, "Couldn't bind to '%s' with errno %d: %s", - host, error, Curl_strerror(error, buffer, sizeof(buffer))); + failf(data, "Couldn't bind to '%s' with errno %d: %s", host, + error, curlx_strerror(error, buffer, sizeof(buffer))); return CURLE_INTERFACE_FAILED; } } @@ -799,7 +799,7 @@ static CURLcode bindlocal(struct Curl_easy *data, struct connectdata *conn, char buffer[STRERROR_LEN]; data->state.os_errno = error = SOCKERRNO; failf(data, "bind failed with errno %d: %s", - error, Curl_strerror(error, buffer, sizeof(buffer))); + error, curlx_strerror(error, buffer, sizeof(buffer))); } return CURLE_INTERFACE_FAILED; @@ -900,8 +900,8 @@ static CURLcode socket_connect_result(struct Curl_easy *data, #else { char buffer[STRERROR_LEN]; - infof(data, "Immediate connect fail for %s: %s", - ipaddress, Curl_strerror(error, buffer, sizeof(buffer))); + infof(data, "Immediate connect fail for %s: %s", ipaddress, + curlx_strerror(error, buffer, sizeof(buffer))); } #endif data->state.os_errno = error; @@ -1050,13 +1050,13 @@ static CURLcode set_local_ip(struct Curl_cfilter *cf, if(getsockname(ctx->sock, (struct sockaddr*) &ssloc, &slen)) { int error = SOCKERRNO; failf(data, "getsockname() failed with errno %d: %s", - error, Curl_strerror(error, buffer, sizeof(buffer))); + error, curlx_strerror(error, buffer, sizeof(buffer))); return CURLE_FAILED_INIT; } if(!Curl_addr2string((struct sockaddr*)&ssloc, slen, ctx->ip.local_ip, &ctx->ip.local_port)) { failf(data, "ssloc inet_ntop() failed with errno %d: %s", - errno, Curl_strerror(errno, buffer, sizeof(buffer))); + errno, curlx_strerror(errno, buffer, sizeof(buffer))); return CURLE_FAILED_INIT; } } @@ -1082,7 +1082,7 @@ static CURLcode set_remote_ip(struct Curl_cfilter *cf, ctx->error = errno; /* malformed address or bug in inet_ntop, try next address */ failf(data, "curl_sa_addr inet_ntop() failed with errno %d: %s", - errno, Curl_strerror(errno, buffer, sizeof(buffer))); + errno, curlx_strerror(errno, buffer, sizeof(buffer))); return CURLE_FAILED_INIT; } return CURLE_OK; @@ -1360,7 +1360,7 @@ out: infof(data, "connect to %s port %u from %s port %d failed: %s", ctx->ip.remote_ip, ctx->ip.remote_port, ctx->ip.local_ip, ctx->ip.local_port, - Curl_strerror(ctx->error, buffer, sizeof(buffer))); + curlx_strerror(ctx->error, buffer, sizeof(buffer))); } #endif } @@ -1498,7 +1498,7 @@ static CURLcode cf_socket_send(struct Curl_cfilter *cf, struct Curl_easy *data, else { char buffer[STRERROR_LEN]; failf(data, "Send failure: %s", - Curl_strerror(sockerr, buffer, sizeof(buffer))); + curlx_strerror(sockerr, buffer, sizeof(buffer))); data->state.os_errno = sockerr; result = CURLE_SEND_ERROR; } @@ -1566,7 +1566,7 @@ static CURLcode cf_socket_recv(struct Curl_cfilter *cf, struct Curl_easy *data, else { char buffer[STRERROR_LEN]; failf(data, "Recv failure: %s", - Curl_strerror(sockerr, buffer, sizeof(buffer))); + curlx_strerror(sockerr, buffer, sizeof(buffer))); data->state.os_errno = sockerr; result = CURLE_RECV_ERROR; } @@ -2037,13 +2037,13 @@ static void cf_tcp_set_accepted_remote_ip(struct Curl_cfilter *cf, if(getpeername(ctx->sock, (struct sockaddr*) &ssrem, &plen)) { int error = SOCKERRNO; failf(data, "getpeername() failed with errno %d: %s", - error, Curl_strerror(error, buffer, sizeof(buffer))); + error, curlx_strerror(error, buffer, sizeof(buffer))); return; } if(!Curl_addr2string((struct sockaddr*)&ssrem, plen, ctx->ip.remote_ip, &ctx->ip.remote_port)) { failf(data, "ssrem inet_ntop() failed with errno %d: %s", - errno, Curl_strerror(errno, buffer, sizeof(buffer))); + errno, curlx_strerror(errno, buffer, sizeof(buffer))); return; } #else diff --git a/lib/curl_setup.h b/lib/curl_setup.h index a741abde03..f6fe6535f4 100644 --- a/lib/curl_setup.h +++ b/lib/curl_setup.h @@ -950,6 +950,10 @@ endings either CRLF or LF so 't' is appropriate. #define CURL_ARRAYSIZE(A) (sizeof(A)/sizeof((A)[0])) +/* Buffer size for error messages retrieved via + curlx_strerror() and Curl_sspi_strerror() */ +#define STRERROR_LEN 256 + #ifndef CURL_DID_MEMORY_FUNC_TYPEDEFS /* only if not already done */ /* * The following memory function replacement typedef's are COPIED from diff --git a/lib/curlx/.checksrc b/lib/curlx/.checksrc index 9b8d799ea2..e69de29bb2 100644 --- a/lib/curlx/.checksrc +++ b/lib/curlx/.checksrc @@ -1 +0,0 @@ -banfunc strerror diff --git a/lib/curlx/curlx.h b/lib/curlx/curlx.h index 33ac72e8e1..480e91950d 100644 --- a/lib/curlx/curlx.h +++ b/lib/curlx/curlx.h @@ -58,6 +58,9 @@ #include "version_win32.h" /* provides curlx_verify_windows_version() */ +#include "strerr.h" +/* The curlx_strerror() function */ + #include "strparse.h" /* The curlx_str_* parsing functions */ diff --git a/lib/curlx/strerr.c b/lib/curlx/strerr.c new file mode 100644 index 0000000000..96dc9c8355 --- /dev/null +++ b/lib/curlx/strerr.c @@ -0,0 +1,361 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + * SPDX-License-Identifier: curl + * + ***************************************************************************/ + +#include "../curl_setup.h" + +#ifdef HAVE_STRERROR_R +# if (!defined(HAVE_POSIX_STRERROR_R) && \ + !defined(HAVE_GLIBC_STRERROR_R)) || \ + (defined(HAVE_POSIX_STRERROR_R) && defined(HAVE_GLIBC_STRERROR_R)) +# error "strerror_r MUST be either POSIX, glibc style" +# endif +#endif + +#include + +#ifndef WITHOUT_LIBCURL +#include +#define SNPRINTF curl_msnprintf +#else +/* when built for the test servers */ + +/* adjust for old MSVC */ +#if defined(_MSC_VER) && (_MSC_VER < 1900) +#define SNPRINTF _snprintf +#else +#define SNPRINTF snprintf +#endif +#endif /* !WITHOUT_LIBCURL */ + +#include "winapi.h" +#include "strerr.h" +/* The last 2 #include files should be in this order */ +#include "../curl_memory.h" +#include "../memdebug.h" + +#ifdef USE_WINSOCK +/* This is a helper function for curlx_strerror that converts Winsock error + * codes (WSAGetLastError) to error messages. + * Returns NULL if no error message was found for error code. + */ +static const char * +get_winsock_error(int err, char *buf, size_t len) +{ +#ifndef CURL_DISABLE_VERBOSE_STRINGS + const char *p; + size_t alen; +#endif + + if(!len) + return NULL; + + *buf = '\0'; + +#ifdef CURL_DISABLE_VERBOSE_STRINGS + (void)err; + return NULL; +#else + switch(err) { + case WSAEINTR: + p = "Call interrupted"; + break; + case WSAEBADF: + p = "Bad file"; + break; + case WSAEACCES: + p = "Bad access"; + break; + case WSAEFAULT: + p = "Bad argument"; + break; + case WSAEINVAL: + p = "Invalid arguments"; + break; + case WSAEMFILE: + p = "Out of file descriptors"; + break; + case WSAEWOULDBLOCK: + p = "Call would block"; + break; + case WSAEINPROGRESS: + case WSAEALREADY: + p = "Blocking call in progress"; + break; + case WSAENOTSOCK: + p = "Descriptor is not a socket"; + break; + case WSAEDESTADDRREQ: + p = "Need destination address"; + break; + case WSAEMSGSIZE: + p = "Bad message size"; + break; + case WSAEPROTOTYPE: + p = "Bad protocol"; + break; + case WSAENOPROTOOPT: + p = "Protocol option is unsupported"; + break; + case WSAEPROTONOSUPPORT: + p = "Protocol is unsupported"; + break; + case WSAESOCKTNOSUPPORT: + p = "Socket is unsupported"; + break; + case WSAEOPNOTSUPP: + p = "Operation not supported"; + break; + case WSAEAFNOSUPPORT: + p = "Address family not supported"; + break; + case WSAEPFNOSUPPORT: + p = "Protocol family not supported"; + break; + case WSAEADDRINUSE: + p = "Address already in use"; + break; + case WSAEADDRNOTAVAIL: + p = "Address not available"; + break; + case WSAENETDOWN: + p = "Network down"; + break; + case WSAENETUNREACH: + p = "Network unreachable"; + break; + case WSAENETRESET: + p = "Network has been reset"; + break; + case WSAECONNABORTED: + p = "Connection was aborted"; + break; + case WSAECONNRESET: + p = "Connection was reset"; + break; + case WSAENOBUFS: + p = "No buffer space"; + break; + case WSAEISCONN: + p = "Socket is already connected"; + break; + case WSAENOTCONN: + p = "Socket is not connected"; + break; + case WSAESHUTDOWN: + p = "Socket has been shut down"; + break; + case WSAETOOMANYREFS: + p = "Too many references"; + break; + case WSAETIMEDOUT: + p = "Timed out"; + break; + case WSAECONNREFUSED: + p = "Connection refused"; + break; + case WSAELOOP: + p = "Loop??"; + break; + case WSAENAMETOOLONG: + p = "Name too long"; + break; + case WSAEHOSTDOWN: + p = "Host down"; + break; + case WSAEHOSTUNREACH: + p = "Host unreachable"; + break; + case WSAENOTEMPTY: + p = "Not empty"; + break; + case WSAEPROCLIM: + p = "Process limit reached"; + break; + case WSAEUSERS: + p = "Too many users"; + break; + case WSAEDQUOT: + p = "Bad quota"; + break; + case WSAESTALE: + p = "Something is stale"; + break; + case WSAEREMOTE: + p = "Remote error"; + break; + case WSAEDISCON: + p = "Disconnected"; + break; + /* Extended Winsock errors */ + case WSASYSNOTREADY: + p = "Winsock library is not ready"; + break; + case WSANOTINITIALISED: + p = "Winsock library not initialised"; + break; + case WSAVERNOTSUPPORTED: + p = "Winsock version not supported"; + break; + + /* getXbyY() errors (already handled in herrmsg): + * Authoritative Answer: Host not found */ + case WSAHOST_NOT_FOUND: + p = "Host not found"; + break; + + /* Non-Authoritative: Host not found, or SERVERFAIL */ + case WSATRY_AGAIN: + p = "Host not found, try again"; + break; + + /* Non recoverable errors, FORMERR, REFUSED, NOTIMP */ + case WSANO_RECOVERY: + p = "Unrecoverable error in call to nameserver"; + break; + + /* Valid name, no data record of requested type */ + case WSANO_DATA: + p = "No data record of requested type"; + break; + + default: + return NULL; + } + alen = strlen(p); + if(alen < len) + strcpy(buf, p); + return buf; +#endif +} +#endif /* USE_WINSOCK */ + +/* + * Our thread-safe and smart strerror() replacement. + * + * The 'err' argument passed in to this function MUST be a true errno number + * as reported on this system. We do no range checking on the number before + * we pass it to the "number-to-message" conversion function and there might + * be systems that do not do proper range checking in there themselves. + * + * We do not do range checking (on systems other than Windows) since there is + * no good reliable and portable way to do it. + * + * On Windows different types of error codes overlap. This function has an + * order of preference when trying to match error codes: + * CRT (errno), Winsock (WSAGetLastError), Windows API (GetLastError). + * + * It may be more correct to call one of the variant functions instead: + * Call Curl_sspi_strerror if the error code is definitely Windows SSPI. + * Call curlx_winapi_strerror if the error code is definitely Windows API. + */ +const char *curlx_strerror(int err, char *buf, size_t buflen) +{ +#ifdef _WIN32 + DWORD old_win_err = GetLastError(); +#endif + int old_errno = errno; + char *p; + + if(!buflen) + return NULL; + +#ifndef _WIN32 + DEBUGASSERT(err >= 0); +#endif + + *buf = '\0'; + +#ifdef _WIN32 +#ifndef UNDER_CE + /* 'sys_nerr' is the maximum errno number, it is not widely portable */ + if(err >= 0 && err < sys_nerr) + SNPRINTF(buf, buflen, "%s", sys_errlist[err]); + else +#endif + { + if( +#ifdef USE_WINSOCK + !get_winsock_error(err, buf, buflen) && +#endif + !curlx_get_winapi_error(err, buf, buflen)) + SNPRINTF(buf, buflen, "Unknown error %d (%#x)", err, err); + } +#else /* !_WIN32 */ + +#if defined(HAVE_STRERROR_R) && defined(HAVE_POSIX_STRERROR_R) + /* + * The POSIX-style strerror_r() may set errno to ERANGE if insufficient + * storage is supplied via 'strerrbuf' and 'buflen' to hold the generated + * message string, or EINVAL if 'errnum' is not a valid error number. + */ + if(strerror_r(err, buf, buflen) && + buflen > sizeof("Unknown error ") + 20) { + if(buf[0] == '\0') + SNPRINTF(buf, buflen, "Unknown error %d", err); + } +#elif defined(HAVE_STRERROR_R) && defined(HAVE_GLIBC_STRERROR_R) + /* + * The glibc-style strerror_r() only *might* use the buffer we pass to + * the function, but it always returns the error message as a pointer, + * so we must copy that string unconditionally (if non-NULL). + */ + { + char buffer[256]; + char *msg = strerror_r(err, buffer, sizeof(buffer)); + if(msg && buflen > 1) + SNPRINTF(buf, buflen, "%s", msg); + else if(buflen > sizeof("Unknown error ") + 20) + SNPRINTF(buf, buflen, "Unknown error %d", err); + } +#else + { + /* !checksrc! disable BANNEDFUNC 1 */ + const char *msg = strerror(err); + if(msg && buflen > 1) + SNPRINTF(buf, buflen, "%s", msg); + else if(buflen > sizeof("Unknown error ") + 20) + SNPRINTF(buf, buflen, "Unknown error %d", err); + } +#endif + +#endif /* _WIN32 */ + + /* strip trailing '\r\n' or '\n'. */ + p = strrchr(buf, '\n'); + if(p && (p - buf) >= 2) + *p = '\0'; + p = strrchr(buf, '\r'); + if(p && (p - buf) >= 1) + *p = '\0'; + + if(errno != old_errno) + CURL_SETERRNO(old_errno); + +#ifdef _WIN32 + if(old_win_err != GetLastError()) + SetLastError(old_win_err); +#endif + + return buf; +} diff --git a/lib/curlx/strerr.h b/lib/curlx/strerr.h new file mode 100644 index 0000000000..4413e6738c --- /dev/null +++ b/lib/curlx/strerr.h @@ -0,0 +1,29 @@ +#ifndef HEADER_CURL_STRERR_H +#define HEADER_CURL_STRERR_H +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + * SPDX-License-Identifier: curl + * + ***************************************************************************/ + +const char *curlx_strerror(int err, char *buf, size_t buflen); + +#endif /* HEADER_CURL_STRERR_H */ diff --git a/lib/curlx/winapi.c b/lib/curlx/winapi.c index 7e3d1aa9ca..cc008e3087 100644 --- a/lib/curlx/winapi.c +++ b/lib/curlx/winapi.c @@ -25,12 +25,12 @@ /* * curlx_winapi_strerror: - * Variant of Curl_strerror if the error code is definitely Windows API. + * Variant of curlx_strerror if the error code is definitely Windows API. */ #ifdef _WIN32 #include "winapi.h" -#ifdef BUILDING_LIBCURL +#ifndef WITHOUT_LIBCURL #include #define SNPRINTF curl_msnprintf #else @@ -42,10 +42,9 @@ #else #define SNPRINTF snprintf #endif +#endif /* !WITHOUT_LIBCURL */ -#endif /* !BUILDING_LIBCURL */ - -/* This is a helper function for Curl_strerror that converts Windows API error +/* This is a helper function for curlx_strerror that converts Windows API error * codes (GetLastError) to error messages. * Returns NULL if no error message was found for error code. */ diff --git a/lib/ftp.c b/lib/ftp.c index 13b613bc1e..a3194c2a7b 100644 --- a/lib/ftp.c +++ b/lib/ftp.c @@ -58,7 +58,6 @@ #include "cfilters.h" #include "cf-socket.h" #include "connect.h" -#include "strerror.h" #include "curlx/inet_ntop.h" #include "curlx/inet_pton.h" #include "select.h" @@ -71,6 +70,7 @@ #include "http_proxy.h" #include "socks.h" #include "strdup.h" +#include "curlx/strerr.h" #include "curlx/strparse.h" /* The last 3 #include files should be in this order */ #include "curl_printf.h" @@ -1007,7 +1007,7 @@ static CURLcode ftp_state_use_port(struct Curl_easy *data, sslen = sizeof(ss); if(getsockname(conn->sock[FIRSTSOCKET], sa, &sslen)) { failf(data, "getsockname() failed: %s", - Curl_strerror(SOCKERRNO, buffer, sizeof(buffer))); + curlx_strerror(SOCKERRNO, buffer, sizeof(buffer))); goto out; } switch(sa->sa_family) { @@ -1054,7 +1054,7 @@ static CURLcode ftp_state_use_port(struct Curl_easy *data, } if(!ai) { failf(data, "socket failure: %s", - Curl_strerror(error, buffer, sizeof(buffer))); + curlx_strerror(error, buffer, sizeof(buffer))); goto out; } CURL_TRC_FTP(data, "[%s] ftp_state_use_port(), opened socket", @@ -1081,12 +1081,12 @@ static CURLcode ftp_state_use_port(struct Curl_easy *data, * the control connection instead and restart the port loop */ infof(data, "bind(port=%hu) on non-local address failed: %s", port, - Curl_strerror(error, buffer, sizeof(buffer))); + curlx_strerror(error, buffer, sizeof(buffer))); sslen = sizeof(ss); if(getsockname(conn->sock[FIRSTSOCKET], sa, &sslen)) { failf(data, "getsockname() failed: %s", - Curl_strerror(SOCKERRNO, buffer, sizeof(buffer))); + curlx_strerror(SOCKERRNO, buffer, sizeof(buffer))); goto out; } port = port_min; @@ -1095,7 +1095,7 @@ static CURLcode ftp_state_use_port(struct Curl_easy *data, } if(error != SOCKEADDRINUSE && error != SOCKEACCES) { failf(data, "bind(port=%hu) failed: %s", port, - Curl_strerror(error, buffer, sizeof(buffer))); + curlx_strerror(error, buffer, sizeof(buffer))); goto out; } } @@ -1118,7 +1118,7 @@ static CURLcode ftp_state_use_port(struct Curl_easy *data, sslen = sizeof(ss); if(getsockname(portsock, sa, &sslen)) { failf(data, "getsockname() failed: %s", - Curl_strerror(SOCKERRNO, buffer, sizeof(buffer))); + curlx_strerror(SOCKERRNO, buffer, sizeof(buffer))); goto out; } CURL_TRC_FTP(data, "[%s] ftp_state_use_port(), socket bound to port %d", @@ -1128,7 +1128,7 @@ static CURLcode ftp_state_use_port(struct Curl_easy *data, if(listen(portsock, 1)) { failf(data, "socket failure: %s", - Curl_strerror(SOCKERRNO, buffer, sizeof(buffer))); + curlx_strerror(SOCKERRNO, buffer, sizeof(buffer))); goto out; } CURL_TRC_FTP(data, "[%s] ftp_state_use_port(), listening on %d", diff --git a/lib/strerror.c b/lib/strerror.c index 47c6572114..c4545af888 100644 --- a/lib/strerror.c +++ b/lib/strerror.c @@ -24,15 +24,8 @@ #include "curl_setup.h" -#ifdef HAVE_STRERROR_R -# if (!defined(HAVE_POSIX_STRERROR_R) && \ - !defined(HAVE_GLIBC_STRERROR_R)) || \ - (defined(HAVE_POSIX_STRERROR_R) && defined(HAVE_GLIBC_STRERROR_R)) -# error "strerror_r MUST be either POSIX, glibc style" -# endif -#endif - #include +#include #ifdef USE_WINDOWS_SSPI #include "curl_sspi.h" @@ -40,8 +33,8 @@ #include "curlx/winapi.h" #include "strerror.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" + +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -548,315 +541,10 @@ curl_url_strerror(CURLUcode error) #endif } -#ifdef USE_WINSOCK -/* This is a helper function for Curl_strerror that converts Winsock error - * codes (WSAGetLastError) to error messages. - * Returns NULL if no error message was found for error code. - */ -static const char * -get_winsock_error(int err, char *buf, size_t len) -{ -#ifndef CURL_DISABLE_VERBOSE_STRINGS - const char *p; - size_t alen; -#endif - - if(!len) - return NULL; - - *buf = '\0'; - -#ifdef CURL_DISABLE_VERBOSE_STRINGS - (void)err; - return NULL; -#else - switch(err) { - case WSAEINTR: - p = "Call interrupted"; - break; - case WSAEBADF: - p = "Bad file"; - break; - case WSAEACCES: - p = "Bad access"; - break; - case WSAEFAULT: - p = "Bad argument"; - break; - case WSAEINVAL: - p = "Invalid arguments"; - break; - case WSAEMFILE: - p = "Out of file descriptors"; - break; - case WSAEWOULDBLOCK: - p = "Call would block"; - break; - case WSAEINPROGRESS: - case WSAEALREADY: - p = "Blocking call in progress"; - break; - case WSAENOTSOCK: - p = "Descriptor is not a socket"; - break; - case WSAEDESTADDRREQ: - p = "Need destination address"; - break; - case WSAEMSGSIZE: - p = "Bad message size"; - break; - case WSAEPROTOTYPE: - p = "Bad protocol"; - break; - case WSAENOPROTOOPT: - p = "Protocol option is unsupported"; - break; - case WSAEPROTONOSUPPORT: - p = "Protocol is unsupported"; - break; - case WSAESOCKTNOSUPPORT: - p = "Socket is unsupported"; - break; - case WSAEOPNOTSUPP: - p = "Operation not supported"; - break; - case WSAEAFNOSUPPORT: - p = "Address family not supported"; - break; - case WSAEPFNOSUPPORT: - p = "Protocol family not supported"; - break; - case WSAEADDRINUSE: - p = "Address already in use"; - break; - case WSAEADDRNOTAVAIL: - p = "Address not available"; - break; - case WSAENETDOWN: - p = "Network down"; - break; - case WSAENETUNREACH: - p = "Network unreachable"; - break; - case WSAENETRESET: - p = "Network has been reset"; - break; - case WSAECONNABORTED: - p = "Connection was aborted"; - break; - case WSAECONNRESET: - p = "Connection was reset"; - break; - case WSAENOBUFS: - p = "No buffer space"; - break; - case WSAEISCONN: - p = "Socket is already connected"; - break; - case WSAENOTCONN: - p = "Socket is not connected"; - break; - case WSAESHUTDOWN: - p = "Socket has been shut down"; - break; - case WSAETOOMANYREFS: - p = "Too many references"; - break; - case WSAETIMEDOUT: - p = "Timed out"; - break; - case WSAECONNREFUSED: - p = "Connection refused"; - break; - case WSAELOOP: - p = "Loop??"; - break; - case WSAENAMETOOLONG: - p = "Name too long"; - break; - case WSAEHOSTDOWN: - p = "Host down"; - break; - case WSAEHOSTUNREACH: - p = "Host unreachable"; - break; - case WSAENOTEMPTY: - p = "Not empty"; - break; - case WSAEPROCLIM: - p = "Process limit reached"; - break; - case WSAEUSERS: - p = "Too many users"; - break; - case WSAEDQUOT: - p = "Bad quota"; - break; - case WSAESTALE: - p = "Something is stale"; - break; - case WSAEREMOTE: - p = "Remote error"; - break; - case WSAEDISCON: - p = "Disconnected"; - break; - /* Extended Winsock errors */ - case WSASYSNOTREADY: - p = "Winsock library is not ready"; - break; - case WSANOTINITIALISED: - p = "Winsock library not initialised"; - break; - case WSAVERNOTSUPPORTED: - p = "Winsock version not supported"; - break; - - /* getXbyY() errors (already handled in herrmsg): - * Authoritative Answer: Host not found */ - case WSAHOST_NOT_FOUND: - p = "Host not found"; - break; - - /* Non-Authoritative: Host not found, or SERVERFAIL */ - case WSATRY_AGAIN: - p = "Host not found, try again"; - break; - - /* Non recoverable errors, FORMERR, REFUSED, NOTIMP */ - case WSANO_RECOVERY: - p = "Unrecoverable error in call to nameserver"; - break; - - /* Valid name, no data record of requested type */ - case WSANO_DATA: - p = "No data record of requested type"; - break; - - default: - return NULL; - } - alen = strlen(p); - if(alen < len) - strcpy(buf, p); - return buf; -#endif -} -#endif /* USE_WINSOCK */ - -/* - * Our thread-safe and smart strerror() replacement. - * - * The 'err' argument passed in to this function MUST be a true errno number - * as reported on this system. We do no range checking on the number before - * we pass it to the "number-to-message" conversion function and there might - * be systems that do not do proper range checking in there themselves. - * - * We do not do range checking (on systems other than Windows) since there is - * no good reliable and portable way to do it. - * - * On Windows different types of error codes overlap. This function has an - * order of preference when trying to match error codes: - * CRT (errno), Winsock (WSAGetLastError), Windows API (GetLastError). - * - * It may be more correct to call one of the variant functions instead: - * Call Curl_sspi_strerror if the error code is definitely Windows SSPI. - * Call curlx_winapi_strerror if the error code is definitely Windows API. - */ -const char *Curl_strerror(int err, char *buf, size_t buflen) -{ -#ifdef _WIN32 - DWORD old_win_err = GetLastError(); -#endif - int old_errno = errno; - char *p; - - if(!buflen) - return NULL; - -#ifndef _WIN32 - DEBUGASSERT(err >= 0); -#endif - - *buf = '\0'; - -#ifdef _WIN32 -#ifndef UNDER_CE - /* 'sys_nerr' is the maximum errno number, it is not widely portable */ - if(err >= 0 && err < sys_nerr) - curl_msnprintf(buf, buflen, "%s", sys_errlist[err]); - else -#endif - { - if( -#ifdef USE_WINSOCK - !get_winsock_error(err, buf, buflen) && -#endif - !curlx_get_winapi_error(err, buf, buflen)) - curl_msnprintf(buf, buflen, "Unknown error %d (%#x)", err, err); - } -#else /* not Windows coming up */ - -#if defined(HAVE_STRERROR_R) && defined(HAVE_POSIX_STRERROR_R) - /* - * The POSIX-style strerror_r() may set errno to ERANGE if insufficient - * storage is supplied via 'strerrbuf' and 'buflen' to hold the generated - * message string, or EINVAL if 'errnum' is not a valid error number. - */ - if(strerror_r(err, buf, buflen)) { - if('\0' == buf[0]) - curl_msnprintf(buf, buflen, "Unknown error %d", err); - } -#elif defined(HAVE_STRERROR_R) && defined(HAVE_GLIBC_STRERROR_R) - /* - * The glibc-style strerror_r() only *might* use the buffer we pass to - * the function, but it always returns the error message as a pointer, - * so we must copy that string unconditionally (if non-NULL). - */ - { - char buffer[256]; - char *msg = strerror_r(err, buffer, sizeof(buffer)); - if(msg) - curl_msnprintf(buf, buflen, "%s", msg); - else - curl_msnprintf(buf, buflen, "Unknown error %d", err); - } -#else - { - /* !checksrc! disable BANNEDFUNC 1 */ - const char *msg = strerror(err); - if(msg) - curl_msnprintf(buf, buflen, "%s", msg); - else - curl_msnprintf(buf, buflen, "Unknown error %d", err); - } -#endif - -#endif /* end of not Windows */ - - /* strip trailing '\r\n' or '\n'. */ - p = strrchr(buf, '\n'); - if(p && (p - buf) >= 2) - *p = '\0'; - p = strrchr(buf, '\r'); - if(p && (p - buf) >= 1) - *p = '\0'; - - if(errno != old_errno) - CURL_SETERRNO(old_errno); - -#ifdef _WIN32 - if(old_win_err != GetLastError()) - SetLastError(old_win_err); -#endif - - return buf; -} - #ifdef USE_WINDOWS_SSPI /* * Curl_sspi_strerror: - * Variant of Curl_strerror if the error code is definitely Windows SSPI. + * Variant of curlx_strerror if the error code is definitely Windows SSPI. */ const char *Curl_sspi_strerror(int err, char *buf, size_t buflen) { diff --git a/lib/strerror.h b/lib/strerror.h index 424fb5b7b5..2120726c9f 100644 --- a/lib/strerror.h +++ b/lib/strerror.h @@ -24,11 +24,6 @@ * ***************************************************************************/ -#include "urldata.h" - -#define STRERROR_LEN 256 /* a suitable length */ - -const char *Curl_strerror(int err, char *buf, size_t buflen); #ifdef USE_WINDOWS_SSPI const char *Curl_sspi_strerror(int err, char *buf, size_t buflen); #endif diff --git a/lib/tftp.c b/lib/tftp.c index ad2c84e660..b6bc5e9bdc 100644 --- a/lib/tftp.c +++ b/lib/tftp.c @@ -55,7 +55,6 @@ #include "tftp.h" #include "progress.h" #include "connect.h" -#include "strerror.h" #include "sockaddr.h" /* required for Curl_sockaddr_storage */ #include "multiif.h" #include "url.h" @@ -63,6 +62,7 @@ #include "speedcheck.h" #include "select.h" #include "escape.h" +#include "curlx/strerr.h" #include "curlx/strparse.h" /* The last 3 #include files should be in this order */ @@ -539,7 +539,7 @@ static CURLcode tftp_send_first(struct tftp_conn *state, free(filename); if(senddata != (ssize_t)sbytes) { char buffer[STRERROR_LEN]; - failf(data, "%s", Curl_strerror(SOCKERRNO, buffer, sizeof(buffer))); + failf(data, "%s", curlx_strerror(SOCKERRNO, buffer, sizeof(buffer))); return CURLE_SEND_ERROR; } break; @@ -622,7 +622,7 @@ static CURLcode tftp_rx(struct tftp_conn *state, tftp_event_t event) (struct sockaddr *)&state->remote_addr, state->remote_addrlen); if(sbytes < 0) { - failf(data, "%s", Curl_strerror(SOCKERRNO, buffer, sizeof(buffer))); + failf(data, "%s", curlx_strerror(SOCKERRNO, buffer, sizeof(buffer))); return CURLE_SEND_ERROR; } @@ -647,7 +647,7 @@ static CURLcode tftp_rx(struct tftp_conn *state, tftp_event_t event) (struct sockaddr *)&state->remote_addr, state->remote_addrlen); if(sbytes < 0) { - failf(data, "%s", Curl_strerror(SOCKERRNO, buffer, sizeof(buffer))); + failf(data, "%s", curlx_strerror(SOCKERRNO, buffer, sizeof(buffer))); return CURLE_SEND_ERROR; } @@ -673,7 +673,7 @@ static CURLcode tftp_rx(struct tftp_conn *state, tftp_event_t event) (struct sockaddr *)&state->remote_addr, state->remote_addrlen); if(sbytes < 0) { - failf(data, "%s", Curl_strerror(SOCKERRNO, buffer, sizeof(buffer))); + failf(data, "%s", curlx_strerror(SOCKERRNO, buffer, sizeof(buffer))); return CURLE_SEND_ERROR; } } @@ -750,8 +750,8 @@ static CURLcode tftp_tx(struct tftp_conn *state, tftp_event_t event) state->remote_addrlen); /* Check all sbytes were sent */ if(sbytes < 0) { - failf(data, "%s", Curl_strerror(SOCKERRNO, - buffer, sizeof(buffer))); + failf(data, "%s", + curlx_strerror(SOCKERRNO, buffer, sizeof(buffer))); result = CURLE_SEND_ERROR; } } @@ -795,7 +795,7 @@ static CURLcode tftp_tx(struct tftp_conn *state, tftp_event_t event) state->remote_addrlen); /* Check all sbytes were sent */ if(sbytes < 0) { - failf(data, "%s", Curl_strerror(SOCKERRNO, buffer, sizeof(buffer))); + failf(data, "%s", curlx_strerror(SOCKERRNO, buffer, sizeof(buffer))); return CURLE_SEND_ERROR; } /* Update the progress meter */ @@ -821,7 +821,7 @@ static CURLcode tftp_tx(struct tftp_conn *state, tftp_event_t event) state->remote_addrlen); /* Check all sbytes were sent */ if(sbytes < 0) { - failf(data, "%s", Curl_strerror(SOCKERRNO, buffer, sizeof(buffer))); + failf(data, "%s", curlx_strerror(SOCKERRNO, buffer, sizeof(buffer))); return CURLE_SEND_ERROR; } /* since this was a re-send, we remain at the still byte position */ @@ -1039,7 +1039,7 @@ static CURLcode tftp_connect(struct Curl_easy *data, bool *done) if(rc) { char buffer[STRERROR_LEN]; failf(data, "bind() failed; %s", - Curl_strerror(SOCKERRNO, buffer, sizeof(buffer))); + curlx_strerror(SOCKERRNO, buffer, sizeof(buffer))); return CURLE_COULDNT_CONNECT; } conn->bits.bound = TRUE; @@ -1257,7 +1257,7 @@ static CURLcode tftp_multi_statemach(struct Curl_easy *data, bool *done) /* bail out */ int error = SOCKERRNO; char buffer[STRERROR_LEN]; - failf(data, "%s", Curl_strerror(error, buffer, sizeof(buffer))); + failf(data, "%s", curlx_strerror(error, buffer, sizeof(buffer))); state->event = TFTP_EVENT_ERROR; } else if(rc) { diff --git a/lib/url.c b/lib/url.c index ae4a6f6502..2a46354c61 100644 --- a/lib/url.c +++ b/lib/url.c @@ -80,7 +80,6 @@ #include "progress.h" #include "cookie.h" #include "strcase.h" -#include "strerror.h" #include "escape.h" #include "share.h" #include "content_encoding.h" @@ -125,6 +124,7 @@ #include "altsvc.h" #include "curlx/dynbuf.h" #include "headers.h" +#include "curlx/strerr.h" #include "curlx/strparse.h" /* The last 3 #include files should be in this order */ #include "curl_printf.h" @@ -1743,7 +1743,7 @@ static void zonefrom_url(CURLU *uh, struct Curl_easy *data, #ifndef CURL_DISABLE_VERBOSE_STRINGS char buffer[STRERROR_LEN]; infof(data, "Invalid zoneid: %s; %s", zoneid, - Curl_strerror(errno, buffer, sizeof(buffer))); + curlx_strerror(errno, buffer, sizeof(buffer))); #endif } else diff --git a/lib/vauth/.checksrc b/lib/vauth/.checksrc index 9b8d799ea2..e69de29bb2 100644 --- a/lib/vauth/.checksrc +++ b/lib/vauth/.checksrc @@ -1 +0,0 @@ -banfunc strerror diff --git a/lib/vquic/.checksrc b/lib/vquic/.checksrc index 9b8d799ea2..e69de29bb2 100644 --- a/lib/vquic/.checksrc +++ b/lib/vquic/.checksrc @@ -1 +0,0 @@ -banfunc strerror diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index 4a45c1f6db..a85c9d7609 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -57,7 +57,6 @@ #include "../cf-socket.h" #include "../connect.h" #include "../progress.h" -#include "../strerror.h" #include "../curlx/dynbuf.h" #include "../http1.h" #include "../select.h" diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c index aea03c038f..1d7c3bce99 100644 --- a/lib/vquic/curl_osslq.c +++ b/lib/vquic/curl_osslq.c @@ -42,7 +42,6 @@ #include "../cf-socket.h" #include "../connect.h" #include "../progress.h" -#include "../strerror.h" #include "../curlx/dynbuf.h" #include "../http1.h" #include "../select.h" @@ -57,6 +56,7 @@ #include "curl_osslq.h" #include "../url.h" #include "../curlx/warnless.h" +#include "../curlx/strerr.h" /* The last 3 #include files should be in this order */ #include "../curl_printf.h" @@ -552,7 +552,7 @@ static CURLcode cf_osslq_ssl_err(struct Curl_cfilter *cf, Curl_cf_socket_peek(cf->next, data, NULL, NULL, &ip); if(sockerr && detail == SSL_ERROR_SYSCALL) - Curl_strerror(sockerr, extramsg, sizeof(extramsg)); + curlx_strerror(sockerr, extramsg, sizeof(extramsg)); failf(data, "QUIC connect: %s in connection to %s:%d (%s)", extramsg[0] ? extramsg : osslq_SSL_ERROR_to_str(detail), ctx->peer.dispname, ip.remote_port, ip.remote_ip); diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c index 5fb67f69f4..36691d09db 100644 --- a/lib/vquic/curl_quiche.c +++ b/lib/vquic/curl_quiche.c @@ -39,7 +39,6 @@ #include "../multiif.h" #include "../connect.h" #include "../progress.h" -#include "../strerror.h" #include "../select.h" #include "../http1.h" #include "vquic.h" diff --git a/lib/vquic/vquic.c b/lib/vquic/vquic.c index 275ea8bccc..91680915f3 100644 --- a/lib/vquic/vquic.c +++ b/lib/vquic/vquic.c @@ -43,7 +43,7 @@ #include "../rand.h" #include "vquic.h" #include "vquic_int.h" -#include "../strerror.h" +#include "../curlx/strerr.h" #include "../curlx/strparse.h" /* The last 3 #include files should be in this order */ @@ -434,7 +434,7 @@ static CURLcode recvmmsg_packets(struct Curl_cfilter *cf, result = CURLE_COULDNT_CONNECT; goto out; } - Curl_strerror(SOCKERRNO, errstr, sizeof(errstr)); + curlx_strerror(SOCKERRNO, errstr, sizeof(errstr)); failf(data, "QUIC: recvmmsg() unexpectedly returned %d (errno=%d; %s)", mcount, SOCKERRNO, errstr); result = CURLE_RECV_ERROR; @@ -527,7 +527,7 @@ static CURLcode recvmsg_packets(struct Curl_cfilter *cf, result = CURLE_COULDNT_CONNECT; goto out; } - Curl_strerror(SOCKERRNO, errstr, sizeof(errstr)); + curlx_strerror(SOCKERRNO, errstr, sizeof(errstr)); failf(data, "QUIC: recvmsg() unexpectedly returned %zd (errno=%d; %s)", rc, SOCKERRNO, errstr); result = CURLE_RECV_ERROR; @@ -602,7 +602,7 @@ static CURLcode recvfrom_packets(struct Curl_cfilter *cf, result = CURLE_COULDNT_CONNECT; goto out; } - Curl_strerror(SOCKERRNO, errstr, sizeof(errstr)); + curlx_strerror(SOCKERRNO, errstr, sizeof(errstr)); failf(data, "QUIC: recvfrom() unexpectedly returned %zd (errno=%d; %s)", nread, SOCKERRNO, errstr); result = CURLE_RECV_ERROR; diff --git a/lib/vssh/.checksrc b/lib/vssh/.checksrc index 9b8d799ea2..e69de29bb2 100644 --- a/lib/vssh/.checksrc +++ b/lib/vssh/.checksrc @@ -1 +0,0 @@ -banfunc strerror diff --git a/lib/vtls/.checksrc b/lib/vtls/.checksrc index 9b8d799ea2..e69de29bb2 100644 --- a/lib/vtls/.checksrc +++ b/lib/vtls/.checksrc @@ -1 +0,0 @@ -banfunc strerror diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index fd5529f5ab..0714ce7c6a 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -63,9 +63,9 @@ #include "hostcheck.h" #include "../transfer.h" #include "../multiif.h" +#include "../curlx/strerr.h" #include "../curlx/strparse.h" #include "../strdup.h" -#include "../strerror.h" #include "../curl_printf.h" #include "apple.h" @@ -4668,7 +4668,7 @@ static CURLcode ossl_connect_step2(struct Curl_cfilter *cf, int sockerr = SOCKERRNO; if(sockerr && detail == SSL_ERROR_SYSCALL) - Curl_strerror(sockerr, extramsg, sizeof(extramsg)); + curlx_strerror(sockerr, extramsg, sizeof(extramsg)); failf(data, OSSL_PACKAGE " SSL_connect: %s in connection to %s:%d ", extramsg[0] ? extramsg : SSL_ERROR_to_str(detail), connssl->peer.hostname, connssl->peer.port); @@ -5274,7 +5274,7 @@ static CURLcode ossl_send_earlydata(struct Curl_cfilter *cf, if(sslerror) ossl_strerror(sslerror, error_buffer, sizeof(error_buffer)); else if(sockerr) - Curl_strerror(sockerr, error_buffer, sizeof(error_buffer)); + curlx_strerror(sockerr, error_buffer, sizeof(error_buffer)); else msnprintf(error_buffer, sizeof(error_buffer), "%s", SSL_ERROR_to_str(err)); @@ -5460,7 +5460,7 @@ static CURLcode ossl_send(struct Curl_cfilter *cf, if(sslerror) ossl_strerror(sslerror, error_buffer, sizeof(error_buffer)); else if(sockerr) - Curl_strerror(sockerr, error_buffer, sizeof(error_buffer)); + curlx_strerror(sockerr, error_buffer, sizeof(error_buffer)); else msnprintf(error_buffer, sizeof(error_buffer), "%s", SSL_ERROR_to_str(err)); @@ -5557,7 +5557,7 @@ static CURLcode ossl_recv(struct Curl_cfilter *cf, if(sslerror) ossl_strerror(sslerror, error_buffer, sizeof(error_buffer)); else if(sockerr && err == SSL_ERROR_SYSCALL) - Curl_strerror(sockerr, error_buffer, sizeof(error_buffer)); + curlx_strerror(sockerr, error_buffer, sizeof(error_buffer)); else msnprintf(error_buffer, sizeof(error_buffer), "%s", SSL_ERROR_to_str(err)); @@ -5580,7 +5580,7 @@ static CURLcode ossl_recv(struct Curl_cfilter *cf, * the error in case of some weirdness in the OSSL stack */ int sockerr = SOCKERRNO; if(sockerr) - Curl_strerror(sockerr, error_buffer, sizeof(error_buffer)); + curlx_strerror(sockerr, error_buffer, sizeof(error_buffer)); else { msnprintf(error_buffer, sizeof(error_buffer), "Connection closed abruptly"); diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c index 70e109212d..ce7a4d5c9d 100644 --- a/lib/vtls/rustls.c +++ b/lib/vtls/rustls.c @@ -34,13 +34,13 @@ #include "../curlx/fopen.h" #include "../curlx/inet_pton.h" +#include "../curlx/strerr.h" #include "../urldata.h" #include "../sendf.h" #include "vtls.h" #include "vtls_int.h" #include "rustls.h" #include "keylog.h" -#include "../strerror.h" #include "cipher_suite.h" #include "x509asn1.h" @@ -171,7 +171,7 @@ static ssize_t tls_recv_more(struct Curl_cfilter *cf, else if(io_error) { char buffer[STRERROR_LEN]; failf(data, "reading from socket: %s", - Curl_strerror(io_error, buffer, sizeof(buffer))); + curlx_strerror(io_error, buffer, sizeof(buffer))); *err = CURLE_RECV_ERROR; return -1; } @@ -283,7 +283,7 @@ static CURLcode cr_flush_out(struct Curl_cfilter *cf, struct Curl_easy *data, else if(io_error) { char buffer[STRERROR_LEN]; failf(data, "writing to socket: %s", - Curl_strerror(io_error, buffer, sizeof(buffer))); + curlx_strerror(io_error, buffer, sizeof(buffer))); return CURLE_SEND_ERROR; } if(tlswritten == 0) { diff --git a/scripts/checksrc.pl b/scripts/checksrc.pl index 54800ce12d..017738ecdf 100755 --- a/scripts/checksrc.pl +++ b/scripts/checksrc.pl @@ -58,6 +58,7 @@ my %banfunc = ( "vsnprintf" => 1, "sscanf" => 1, "strcat" => 1, + "strerror" => 1, "strncat" => 1, "strncpy" => 1, "strtok_r" => 1, diff --git a/src/Makefile.inc b/src/Makefile.inc index 35f8e6fdee..d57d6c9125 100644 --- a/src/Makefile.inc +++ b/src/Makefile.inc @@ -38,12 +38,14 @@ CURLX_CFILES = \ ../lib/curlx/dynbuf.c \ ../lib/curlx/fopen.c \ ../lib/curlx/nonblock.c \ + ../lib/curlx/strerr.c \ ../lib/curlx/strparse.c \ ../lib/curlx/timediff.c \ ../lib/curlx/timeval.c \ ../lib/curlx/version_win32.c \ ../lib/curlx/wait.c \ - ../lib/curlx/warnless.c + ../lib/curlx/warnless.c \ + ../lib/curlx/winapi.c CURLX_HFILES = \ ../lib/curlx/binmode.h \ @@ -52,12 +54,14 @@ CURLX_HFILES = \ ../lib/curlx/dynbuf.h \ ../lib/curlx/fopen.h \ ../lib/curlx/nonblock.h \ + ../lib/curlx/strerr.h \ ../lib/curlx/strparse.h \ ../lib/curlx/timediff.h \ ../lib/curlx/timeval.h \ ../lib/curlx/version_win32.h \ ../lib/curlx/wait.h \ - ../lib/curlx/warnless.h + ../lib/curlx/warnless.h \ + ../lib/curlx/winapi.h CURL_CFILES = \ config2setopts.c \ diff --git a/src/config2setopts.c b/src/config2setopts.c index 533fe992d3..2a58b75772 100644 --- a/src/config2setopts.c +++ b/src/config2setopts.c @@ -83,9 +83,10 @@ static int sockopt_callback(void *clientp, curl_socket_t curlfd, #endif } if(result < 0) { + char buffer[STRERROR_LEN]; int error = errno; - warnf("Setting type of service to %d failed with errno %d: %s", - tos, error, strerror(error)); + warnf("Setting type of service to %d failed with errno %d: %s", tos, + error, curlx_strerror(error, buffer, sizeof(buffer))); } } #endif @@ -94,9 +95,10 @@ static int sockopt_callback(void *clientp, curl_socket_t curlfd, int priority = (int)config->vlan_priority; if(setsockopt(curlfd, SOL_SOCKET, SO_PRIORITY, (void *)&priority, sizeof(priority)) != 0) { + char buffer[STRERROR_LEN]; int error = errno; - warnf("VLAN priority %d failed with errno %d: %s", - priority, error, strerror(error)); + warnf("VLAN priority %d failed with errno %d: %s", priority, + error, curlx_strerror(error, buffer, sizeof(buffer))); } } #endif diff --git a/src/tool_cb_wrt.c b/src/tool_cb_wrt.c index 12e4417da4..724706b7a1 100644 --- a/src/tool_cb_wrt.c +++ b/src/tool_cb_wrt.c @@ -96,7 +96,9 @@ bool tool_create_output_file(struct OutStruct *outs, } if(!file) { - warnf("Failed to open the file %s: %s", fname, strerror(errno)); + char errbuf[STRERROR_LEN]; + warnf("Failed to open the file %s: %s", fname, + curlx_strerror(errno, errbuf, sizeof(errbuf))); return FALSE; } outs->s_isreg = TRUE; diff --git a/src/tool_filetime.c b/src/tool_filetime.c index b442fc2014..afd84c0138 100644 --- a/src/tool_filetime.c +++ b/src/tool_filetime.c @@ -77,8 +77,11 @@ int getfiletime(const char *filename, curl_off_t *stamp) *stamp = (curl_off_t)statbuf.st_mtime; rc = 0; } - else - warnf("Failed to get filetime: %s", strerror(errno)); + else { + char errbuf[STRERROR_LEN]; + warnf("Failed to get filetime: %s", + curlx_strerror(errno, errbuf, sizeof(errbuf))); + } #endif return rc; } @@ -131,8 +134,10 @@ void setfiletime(curl_off_t filetime, const char *filename) times[0].tv_sec = times[1].tv_sec = (time_t)filetime; times[0].tv_usec = times[1].tv_usec = 0; if(utimes(filename, times)) { + char errbuf[STRERROR_LEN]; warnf("Failed to set filetime %" CURL_FORMAT_CURL_OFF_T - " on '%s': %s", filetime, filename, strerror(errno)); + " on '%s': %s", filetime, filename, + curlx_strerror(errno, errbuf, sizeof(errbuf))); } #elif defined(HAVE_UTIME) @@ -140,8 +145,10 @@ void setfiletime(curl_off_t filetime, const char *filename) times.actime = (time_t)filetime; times.modtime = (time_t)filetime; if(utime(filename, ×)) { + char errbuf[STRERROR_LEN]; warnf("Failed to set filetime %" CURL_FORMAT_CURL_OFF_T - " on '%s': %s", filetime, filename, strerror(errno)); + " on '%s': %s", filetime, filename, + curlx_strerror(errno, errbuf, sizeof(errbuf))); } #endif } diff --git a/src/tool_formparse.c b/src/tool_formparse.c index f1f2f5b7e5..cd3cf52e3e 100644 --- a/src/tool_formparse.c +++ b/src/tool_formparse.c @@ -222,8 +222,9 @@ size_t tool_mime_stdin_read(char *buffer, /* Read from stdin. */ nitems = fread(buffer, 1, nitems, stdin); if(ferror(stdin)) { + char errbuf[STRERROR_LEN]; /* Show error only once. */ - warnf("stdin: %s", strerror(errno)); + warnf("stdin: %s", curlx_strerror(errno, errbuf, sizeof(errbuf))); return CURL_READFUNC_ABORT; } } @@ -444,8 +445,9 @@ static int read_field_headers(const char *filename, FILE *fp, switch(c) { case EOF: if(ferror(fp)) { + char errbuf[STRERROR_LEN]; errorf("Header file %s read error: %s", filename, - strerror(errno)); + curlx_strerror(errno, errbuf, sizeof(errbuf))); return -1; } return 0; /* Done. */ @@ -564,9 +566,11 @@ static int get_param_part(char endchar, sep = *p; *endpos = '\0'; fp = curlx_fopen(hdrfile, FOPEN_READTEXT); - if(!fp) + if(!fp) { + char errbuf[STRERROR_LEN]; warnf("Cannot read from %s: %s", hdrfile, - strerror(errno)); + curlx_strerror(errno, errbuf, sizeof(errbuf))); + } else { int i = read_field_headers(hdrfile, fp, &headers); diff --git a/src/tool_operate.c b/src/tool_operate.c index d4a6d4db42..2d539de7b5 100644 --- a/src/tool_operate.c +++ b/src/tool_operate.c @@ -604,9 +604,11 @@ static CURLcode post_per_transfer(struct per_transfer *per, /* Set file extended attributes */ if(!result && config->xattr && outs->fopened && outs->stream) { rc = fwrite_xattr(curl, per->url, fileno(outs->stream)); - if(rc) - warnf("Error setting extended attributes on '%s': %s", - outs->filename, strerror(errno)); + if(rc) { + char errbuf[STRERROR_LEN]; + warnf("Error setting extended attributes on '%s': %s", outs->filename, + curlx_strerror(errno, errbuf, sizeof(errbuf))); + } } if(!result && !outs->stream && !outs->bytes) { @@ -796,9 +798,11 @@ static CURLcode etag_compare(struct OperationConfig *config) /* open file for reading: */ FILE *file = curlx_fopen(config->etag_compare_file, FOPEN_READTEXT); - if(!file) + if(!file) { + char errbuf[STRERROR_LEN]; warnf("Failed to open %s: %s", config->etag_compare_file, - strerror(errno)); + curlx_strerror(errno, errbuf, sizeof(errbuf))); + } if((PARAM_OK == file2string(&etag_from_file, file)) && etag_from_file) { @@ -1068,8 +1072,11 @@ static void check_stdin_upload(struct OperationConfig *config, else per->infd = (int)f; #endif - if(curlx_nonblock((curl_socket_t)per->infd, TRUE) < 0) - warnf("fcntl failed on fd=%d: %s", per->infd, strerror(errno)); + if(curlx_nonblock((curl_socket_t)per->infd, TRUE) < 0) { + char errbuf[STRERROR_LEN]; + warnf("fcntl failed on fd=%d: %s", per->infd, + curlx_strerror(errno, errbuf, sizeof(errbuf))); + } } } diff --git a/src/var.c b/src/var.c index d279fdeb6e..79c8307248 100644 --- a/src/var.c +++ b/src/var.c @@ -457,7 +457,9 @@ ParameterError setvariable(const char *input) else { file = curlx_fopen(line, "rb"); if(!file) { - errorf("Failed to open %s: %s", line, strerror(errno)); + char errbuf[STRERROR_LEN]; + errorf("Failed to open %s: %s", line, + curlx_strerror(errno, errbuf, sizeof(errbuf))); err = PARAM_READ_ERROR; } } diff --git a/tests/libtest/Makefile.inc b/tests/libtest/Makefile.inc index c316a05269..d8735a44e1 100644 --- a/tests/libtest/Makefile.inc +++ b/tests/libtest/Makefile.inc @@ -34,14 +34,16 @@ UTILS_C = memptr.c testutil.c testtrace.c UTILS_H = testutil.h testtrace.h unitcheck.h CURLX_C = \ + ../../lib/curl_threads.c \ ../../lib/curlx/fopen.c \ - ../../lib/curlx/warnless.c \ ../../lib/curlx/multibyte.c \ + ../../lib/curlx/strerr.c \ ../../lib/curlx/timediff.c \ ../../lib/curlx/timeval.c \ - ../../lib/curl_threads.c \ ../../lib/curlx/version_win32.c \ - ../../lib/curlx/wait.c + ../../lib/curlx/wait.c \ + ../../lib/curlx/warnless.c \ + ../../lib/curlx/winapi.c # All libtest programs TESTS_C = \ diff --git a/tests/libtest/first.h b/tests/libtest/first.h index a902bdb8f0..52a6395ad1 100644 --- a/tests/libtest/first.h +++ b/tests/libtest/first.h @@ -427,15 +427,17 @@ void ws_close(CURL *curl); /* ---------------------------------------------------------------- */ -#define exe_select_test(A, B, C, D, E, Y, Z) do { \ - int ec; \ - if(select_wrapper((A), (B), (C), (D), (E)) == -1) { \ - ec = SOCKERRNO; \ - curl_mfprintf(stderr, "%s:%d select() failed, with " \ - "errno %d (%s)\n", \ - (Y), (Z), ec, strerror(ec)); \ - res = TEST_ERR_SELECT; \ - } \ +#define exe_select_test(A, B, C, D, E, Y, Z) do { \ + int ec; \ + if(select_wrapper((A), (B), (C), (D), (E)) == -1) { \ + char ecbuf[STRERROR_LEN]; \ + ec = SOCKERRNO; \ + curl_mfprintf(stderr, "%s:%d select() failed, with " \ + "errno %d (%s)\n", \ + (Y), (Z), \ + ec, curlx_strerror(ec, ecbuf, sizeof(ecbuf))); \ + res = TEST_ERR_SELECT; \ + } \ } while(0) #define res_select_test(A, B, C, D, E) \ diff --git a/tests/libtest/lib505.c b/tests/libtest/lib505.c index 71b79b2a24..b4f7702851 100644 --- a/tests/libtest/lib505.c +++ b/tests/libtest/lib505.c @@ -36,6 +36,7 @@ static CURLcode test_lib505(const char *URL) { CURL *curl; CURLcode res = CURLE_OK; + char errbuf[STRERROR_LEN]; FILE *hd_src; int hd; struct_stat file_info; @@ -54,7 +55,7 @@ static CURLcode test_lib505(const char *URL) hd_src = curlx_fopen(libtest_arg2, "rb"); if(!hd_src) { curl_mfprintf(stderr, "fopen failed with error (%d) %s\n", - errno, strerror(errno)); + errno, curlx_strerror(errno, errbuf, sizeof(errbuf))); curl_mfprintf(stderr, "Error opening file '%s'\n", libtest_arg2); return TEST_ERR_MAJOR_BAD; /* if this happens things are major weird */ } @@ -69,7 +70,7 @@ static CURLcode test_lib505(const char *URL) if(hd == -1) { /* can't open file, bail out */ curl_mfprintf(stderr, "fstat() failed with error (%d) %s\n", - errno, strerror(errno)); + errno, curlx_strerror(errno, errbuf, sizeof(errbuf))); curl_mfprintf(stderr, "Error opening file '%s'\n", libtest_arg2); curlx_fclose(hd_src); return TEST_ERR_MAJOR_BAD; diff --git a/tests/libtest/lib518.c b/tests/libtest/lib518.c index 007d261870..a2cb3471bf 100644 --- a/tests/libtest/lib518.c +++ b/tests/libtest/lib518.c @@ -51,9 +51,11 @@ static void t518_store_errmsg(const char *msg, int err) { if(!err) curl_msnprintf(t518_msgbuff, sizeof(t518_msgbuff), "%s", msg); - else + else { + char errbuf[STRERROR_LEN]; curl_msnprintf(t518_msgbuff, sizeof(t518_msgbuff), "%s, errno %d, %s", msg, - err, strerror(err)); + err, curlx_strerror(err, errbuf, sizeof(errbuf))); + } } static void t518_close_file_descriptors(void) diff --git a/tests/libtest/lib525.c b/tests/libtest/lib525.c index b34cd261af..55224eb76e 100644 --- a/tests/libtest/lib525.c +++ b/tests/libtest/lib525.c @@ -29,6 +29,7 @@ static CURLcode test_lib525(const char *URL) { CURLcode res = CURLE_OK; CURL *curl = NULL; + char errbuf[STRERROR_LEN]; FILE *hd_src = NULL; int hd; struct_stat file_info; @@ -45,7 +46,7 @@ static CURLcode test_lib525(const char *URL) hd_src = curlx_fopen(libtest_arg2, "rb"); if(!hd_src) { curl_mfprintf(stderr, "fopen failed with error (%d) %s\n", - errno, strerror(errno)); + errno, curlx_strerror(errno, errbuf, sizeof(errbuf))); curl_mfprintf(stderr, "Error opening file '%s'\n", libtest_arg2); return TEST_ERR_FOPEN; } @@ -60,7 +61,7 @@ static CURLcode test_lib525(const char *URL) if(hd == -1) { /* can't open file, bail out */ curl_mfprintf(stderr, "fstat() failed with error (%d) %s\n", - errno, strerror(errno)); + errno, curlx_strerror(errno, errbuf, sizeof(errbuf))); curl_mfprintf(stderr, "Error opening file '%s'\n", libtest_arg2); curlx_fclose(hd_src); return TEST_ERR_FSTAT; diff --git a/tests/libtest/lib537.c b/tests/libtest/lib537.c index b8bbfb7536..05d50cba7f 100644 --- a/tests/libtest/lib537.c +++ b/tests/libtest/lib537.c @@ -48,9 +48,11 @@ static void t537_store_errmsg(const char *msg, int err) { if(!err) curl_msnprintf(t537_msgbuff, sizeof(t537_msgbuff), "%s", msg); - else + else { + char errbuf[STRERROR_LEN]; curl_msnprintf(t537_msgbuff, sizeof(t537_msgbuff), "%s, errno %d, %s", msg, - err, strerror(err)); + err, curlx_strerror(err, errbuf, sizeof(errbuf))); + } } static void t537_close_file_descriptors(void) diff --git a/tests/libtest/lib541.c b/tests/libtest/lib541.c index 5e6e3c2f33..dfe585d9da 100644 --- a/tests/libtest/lib541.c +++ b/tests/libtest/lib541.c @@ -33,6 +33,7 @@ static CURLcode test_lib541(const char *URL) { CURL *curl; CURLcode res = CURLE_OK; + char errbuf[STRERROR_LEN]; FILE *hd_src; int hd; struct_stat file_info; @@ -45,7 +46,7 @@ static CURLcode test_lib541(const char *URL) hd_src = curlx_fopen(libtest_arg2, "rb"); if(!hd_src) { curl_mfprintf(stderr, "fopen failed with error (%d) %s\n", - errno, strerror(errno)); + errno, curlx_strerror(errno, errbuf, sizeof(errbuf))); curl_mfprintf(stderr, "Error opening file '%s'\n", libtest_arg2); return TEST_ERR_MAJOR_BAD; /* if this happens things are major weird */ } @@ -60,7 +61,7 @@ static CURLcode test_lib541(const char *URL) if(hd == -1) { /* can't open file, bail out */ curl_mfprintf(stderr, "fstat() failed with error (%d) %s\n", - errno, strerror(errno)); + errno, curlx_strerror(errno, errbuf, sizeof(errbuf))); curl_mfprintf(stderr, "Error opening file '%s'\n", libtest_arg2); curlx_fclose(hd_src); return TEST_ERR_MAJOR_BAD; diff --git a/tests/libtest/lib556.c b/tests/libtest/lib556.c index 7b155a2528..8239d26034 100644 --- a/tests/libtest/lib556.c +++ b/tests/libtest/lib556.c @@ -83,8 +83,9 @@ again: #else if((size_t)write(STDOUT_FILENO, buf, nread) != nread) { #endif + char errbuf[STRERROR_LEN]; curl_mfprintf(stderr, "write() failed: errno %d (%s)\n", - errno, strerror(errno)); + errno, curlx_strerror(errno, errbuf, sizeof(errbuf))); res = TEST_ERR_FAILURE; break; } diff --git a/tests/libtest/lib582.c b/tests/libtest/lib582.c index 9671c4b52f..187432ac0c 100644 --- a/tests/libtest/lib582.c +++ b/tests/libtest/lib582.c @@ -225,6 +225,7 @@ static CURLcode test_lib582(const char *URL) { CURLcode res = CURLE_OK; CURL *curl = NULL; + char errbuf[STRERROR_LEN]; FILE *hd_src = NULL; int hd; struct_stat file_info; @@ -246,7 +247,7 @@ static CURLcode test_lib582(const char *URL) hd_src = curlx_fopen(libtest_arg2, "rb"); if(!hd_src) { curl_mfprintf(stderr, "fopen() failed with error (%d) %s\n", - errno, strerror(errno)); + errno, curlx_strerror(errno, errbuf, sizeof(errbuf))); curl_mfprintf(stderr, "Error opening file '%s'\n", libtest_arg2); return TEST_ERR_FOPEN; } @@ -261,7 +262,7 @@ static CURLcode test_lib582(const char *URL) if(hd == -1) { /* can't open file, bail out */ curl_mfprintf(stderr, "fstat() failed with error (%d) %s\n", - errno, strerror(errno)); + errno, curlx_strerror(errno, errbuf, sizeof(errbuf))); curl_mfprintf(stderr, "Error opening file '%s'\n", libtest_arg2); curlx_fclose(hd_src); return TEST_ERR_FSTAT; diff --git a/tests/libtest/lib591.c b/tests/libtest/lib591.c index c85c42b0c2..c0d5b1a436 100644 --- a/tests/libtest/lib591.c +++ b/tests/libtest/lib591.c @@ -41,8 +41,9 @@ static CURLcode test_lib591(const char *URL) upload = curlx_fopen(libtest_arg3, "rb"); if(!upload) { + char errbuf[STRERROR_LEN]; curl_mfprintf(stderr, "fopen() failed with error (%d) %s\n", - errno, strerror(errno)); + errno, curlx_strerror(errno, errbuf, sizeof(errbuf))); curl_mfprintf(stderr, "Error opening file '%s'\n", libtest_arg3); return TEST_ERR_FOPEN; } diff --git a/tests/server/Makefile.inc b/tests/server/Makefile.inc index be35fe7c4f..bbdacc1a17 100644 --- a/tests/server/Makefile.inc +++ b/tests/server/Makefile.inc @@ -36,10 +36,11 @@ UTILS_H = CURLX_C = \ ../../lib/curlx/base64.c \ ../../lib/curlx/fopen.c \ - ../../lib/curlx/inet_pton.c \ ../../lib/curlx/inet_ntop.c \ + ../../lib/curlx/inet_pton.c \ ../../lib/curlx/multibyte.c \ ../../lib/curlx/nonblock.c \ + ../../lib/curlx/strerr.c \ ../../lib/curlx/strparse.c \ ../../lib/curlx/timediff.c \ ../../lib/curlx/timeval.c \ diff --git a/tests/server/dnsd.c b/tests/server/dnsd.c index 2d0ce35e6f..3f8f5b37a7 100644 --- a/tests/server/dnsd.c +++ b/tests/server/dnsd.c @@ -104,8 +104,10 @@ static int store_incoming(const unsigned char *data, size_t size, /* Open request dump file. */ server = fopen(dumpfile, "ab"); if(!server) { + char errbuf[STRERROR_LEN]; int error = errno; - logmsg("fopen() failed with error (%d) %s", error, strerror(error)); + logmsg("fopen() failed with error (%d) %s", + error, curlx_strerror(error, errbuf, sizeof(errbuf))); logmsg("Error opening file '%s'", dumpfile); return -1; } @@ -383,6 +385,7 @@ static int test_dnsd(int argc, char **argv) int flag; int rc; int error; + char errbuf[STRERROR_LEN]; int result = 0; pidname = ".dnsd.pid"; @@ -480,7 +483,8 @@ static int test_dnsd(int argc, char **argv) if(CURL_SOCKET_BAD == sock) { error = SOCKERRNO; - logmsg("Error creating socket (%d) %s", error, sstrerror(error)); + logmsg("Error creating socket (%d) %s", + error, curlx_strerror(error, errbuf, sizeof(errbuf))); result = 1; goto dnsd_cleanup; } @@ -490,7 +494,7 @@ static int test_dnsd(int argc, char **argv) (void *)&flag, sizeof(flag))) { error = SOCKERRNO; logmsg("setsockopt(SO_REUSEADDR) failed with error (%d) %s", - error, sstrerror(error)); + error, curlx_strerror(error, errbuf, sizeof(errbuf))); result = 1; goto dnsd_cleanup; } @@ -515,8 +519,8 @@ static int test_dnsd(int argc, char **argv) #endif /* USE_IPV6 */ if(rc) { error = SOCKERRNO; - logmsg("Error binding socket on port %hu (%d) %s", port, error, - sstrerror(error)); + logmsg("Error binding socket on port %hu (%d) %s", port, + error, curlx_strerror(error, errbuf, sizeof(errbuf))); result = 1; goto dnsd_cleanup; } @@ -538,7 +542,7 @@ static int test_dnsd(int argc, char **argv) if(getsockname(sock, &localaddr.sa, &la_size) < 0) { error = SOCKERRNO; logmsg("getsockname() failed with error (%d) %s", - error, sstrerror(error)); + error, curlx_strerror(error, errbuf, sizeof(errbuf))); sclose(sock); goto dnsd_cleanup; } diff --git a/tests/server/first.h b/tests/server/first.h index 4d3ae61de7..8e69a2b976 100644 --- a/tests/server/first.h +++ b/tests/server/first.h @@ -130,7 +130,6 @@ extern void logmsg(const char *msg, ...); extern void loghex(unsigned char *buffer, ssize_t len); extern unsigned char byteval(char *value); extern int win32_init(void); -extern const char *sstrerror(int err); extern FILE *test2fopen(long testno, const char *logdir2); extern curl_off_t our_getpid(void); extern int write_pidfile(const char *filename); diff --git a/tests/server/mqttd.c b/tests/server/mqttd.c index 9414eef504..acb427a37c 100644 --- a/tests/server/mqttd.c +++ b/tests/server/mqttd.c @@ -557,8 +557,10 @@ static curl_socket_t mqttit(curl_socket_t fd) logmsg("SUBSCRIBE to '%s' [%d]", topic, packet_id); stream = test2fopen(testno, logdir); if(!stream) { + char errbuf[STRERROR_LEN]; error = errno; - logmsg("fopen() failed with error (%d) %s", error, strerror(error)); + logmsg("fopen() failed with error (%d) %s", + error, curlx_strerror(error, errbuf, sizeof(errbuf))); logmsg("Couldn't open test file %ld", testno); goto end; } @@ -658,6 +660,7 @@ static bool mqttd_incoming(curl_socket_t listenfd) do { ssize_t rc; int error = 0; + char errbuf[STRERROR_LEN]; curl_socket_t sockfd = listenfd; int maxfd = (int)sockfd; @@ -686,7 +689,7 @@ static bool mqttd_incoming(curl_socket_t listenfd) if(rc < 0) { logmsg("select() failed with error (%d) %s", - error, strerror(error)); + error, curlx_strerror(error, errbuf, sizeof(errbuf))); return FALSE; } @@ -694,7 +697,8 @@ static bool mqttd_incoming(curl_socket_t listenfd) curl_socket_t newfd = accept(sockfd, NULL, NULL); if(CURL_SOCKET_BAD == newfd) { error = SOCKERRNO; - logmsg("accept() failed with error (%d) %s", error, sstrerror(error)); + logmsg("accept() failed with error (%d) %s", + error, curlx_strerror(error, errbuf, sizeof(errbuf))); } else { logmsg("====> Client connect, fd %ld. " @@ -720,6 +724,7 @@ static int test_mqttd(int argc, char *argv[]) int wroteportfile = 0; bool juggle_again; int error; + char errbuf[STRERROR_LEN]; int arg = 1; pidname = ".mqttd.pid"; @@ -825,7 +830,8 @@ static int test_mqttd(int argc, char *argv[]) if(CURL_SOCKET_BAD == sock) { error = SOCKERRNO; - logmsg("Error creating socket (%d) %s", error, sstrerror(error)); + logmsg("Error creating socket (%d) %s", + error, curlx_strerror(error, errbuf, sizeof(errbuf))); goto mqttd_cleanup; } diff --git a/tests/server/rtspd.c b/tests/server/rtspd.c index 0a4f9159c0..5e8bdc15ce 100644 --- a/tests/server/rtspd.c +++ b/tests/server/rtspd.c @@ -225,8 +225,10 @@ static int rtspd_ProcessRequest(struct rtspd_httprequest *req) stream = test2fopen(req->testno, logdir); if(!stream) { + char errbuf[STRERROR_LEN]; int error = errno; - logmsg("fopen() failed with error (%d) %s", error, strerror(error)); + logmsg("fopen() failed with error (%d) %s", + error, curlx_strerror(error, errbuf, sizeof(errbuf))); logmsg("Couldn't open test file %ld", req->testno); req->open = FALSE; /* closes connection */ return 1; /* done */ @@ -527,6 +529,7 @@ static void rtspd_storerequest(char *reqbuf, size_t totalsize) { int res; int error = 0; + char errbuf[STRERROR_LEN]; size_t written; size_t writeleft; FILE *dump; @@ -544,8 +547,8 @@ static void rtspd_storerequest(char *reqbuf, size_t totalsize) /* !checksrc! disable ERRNOVAR 1 */ } while(!dump && ((error = errno) == EINTR)); if(!dump) { - logmsg("Error opening file %s error (%d) %s", - dumpfile, error, strerror(error)); + logmsg("Error opening file %s error (%d) %s", dumpfile, + error, curlx_strerror(error, errbuf, sizeof(errbuf))); logmsg("Failed to write request input to %s", dumpfile); return; } @@ -564,8 +567,8 @@ static void rtspd_storerequest(char *reqbuf, size_t totalsize) if(writeleft == 0) logmsg("Wrote request (%zu bytes) input to %s", totalsize, dumpfile); else if(writeleft > 0) { - logmsg("Error writing file %s error (%d) %s", - dumpfile, error, strerror(error)); + logmsg("Error writing file %s error (%d) %s", dumpfile, + error, curlx_strerror(error, errbuf, sizeof(errbuf))); logmsg("Wrote only (%zu bytes) of (%zu bytes) request input to %s", totalsize-writeleft, totalsize, dumpfile); } @@ -574,14 +577,15 @@ storerequest_cleanup: res = fclose(dump); if(res) - logmsg("Error closing file %s error (%d) %s", - dumpfile, errno, strerror(errno)); + logmsg("Error closing file %s error (%d) %s", dumpfile, + errno, curlx_strerror(errno, errbuf, sizeof(errbuf))); } /* return 0 on success, non-zero on failure */ static int rtspd_get_request(curl_socket_t sock, struct rtspd_httprequest *req) { int error; + char errbuf[STRERROR_LEN]; int fail = 0; int done_processing = 0; char *reqbuf = req->reqbuf; @@ -642,7 +646,8 @@ static int rtspd_get_request(curl_socket_t sock, struct rtspd_httprequest *req) } else if(got < 0) { error = SOCKERRNO; - logmsg("recv() returned error (%d) %s", error, sstrerror(error)); + logmsg("recv() returned error (%d) %s", + error, curlx_strerror(error, errbuf, sizeof(errbuf))); fail = 1; } if(fail) { @@ -704,6 +709,7 @@ static int rtspd_send_doc(curl_socket_t sock, struct rtspd_httprequest *req) bool sendfailure = FALSE; size_t responsesize; int error = 0; + char errbuf[STRERROR_LEN]; int res; static char weare[256]; char responsedump[256]; @@ -788,7 +794,8 @@ static int rtspd_send_doc(curl_socket_t sock, struct rtspd_httprequest *req) snprintf(partbuf, sizeof(partbuf), "data%ld", req->partno); if(!stream) { error = errno; - logmsg("fopen() failed with error (%d) %s", error, strerror(error)); + logmsg("fopen() failed with error (%d) %s", + error, curlx_strerror(error, errbuf, sizeof(errbuf))); logmsg("Couldn't open test file"); return 0; } @@ -811,7 +818,8 @@ static int rtspd_send_doc(curl_socket_t sock, struct rtspd_httprequest *req) stream = test2fopen(req->testno, logdir); if(!stream) { error = errno; - logmsg("fopen() failed with error (%d) %s", error, strerror(error)); + logmsg("fopen() failed with error (%d) %s", + error, curlx_strerror(error, errbuf, sizeof(errbuf))); logmsg("Couldn't open test file"); free(ptr); return 0; @@ -851,7 +859,8 @@ static int rtspd_send_doc(curl_socket_t sock, struct rtspd_httprequest *req) dump = fopen(responsedump, "ab"); if(!dump) { error = errno; - logmsg("fopen() failed with error (%d) %s", error, strerror(error)); + logmsg("fopen() failed with error (%d) %s", + error, curlx_strerror(error, errbuf, sizeof(errbuf))); logmsg("Error opening file '%s'", responsedump); logmsg("couldn't create logfile '%s'", responsedump); free(ptr); @@ -907,8 +916,8 @@ static int rtspd_send_doc(curl_socket_t sock, struct rtspd_httprequest *req) res = fclose(dump); if(res) - logmsg("Error closing file %s error (%d) %s", - responsedump, errno, strerror(errno)); + logmsg("Error closing file %s error (%d) %s", responsedump, + errno, curlx_strerror(errno, errbuf, sizeof(errbuf))); if(got_exit_signal) { free(ptr); @@ -948,7 +957,7 @@ static int rtspd_send_doc(curl_socket_t sock, struct rtspd_httprequest *req) /* should not happen */ error = SOCKERRNO; logmsg("curlx_wait_ms() failed with error (%d) %s", - error, sstrerror(error)); + error, curlx_strerror(error, errbuf, sizeof(errbuf))); break; } } @@ -987,6 +996,7 @@ static int test_rtspd(int argc, char *argv[]) struct rtspd_httprequest req; int rc; int error; + char errbuf[STRERROR_LEN]; int arg = 1; memset(&req, 0, sizeof(req)); @@ -1092,7 +1102,8 @@ static int test_rtspd(int argc, char *argv[]) if(CURL_SOCKET_BAD == sock) { error = SOCKERRNO; - logmsg("Error creating socket (%d) %s", error, sstrerror(error)); + logmsg("Error creating socket (%d) %s", + error, curlx_strerror(error, errbuf, sizeof(errbuf))); goto server_cleanup; } @@ -1101,7 +1112,7 @@ static int test_rtspd(int argc, char *argv[]) (void *)&flag, sizeof(flag))) { error = SOCKERRNO; logmsg("setsockopt(SO_REUSEADDR) failed with error (%d) %s", - error, sstrerror(error)); + error, curlx_strerror(error, errbuf, sizeof(errbuf))); goto server_cleanup; } @@ -1125,8 +1136,8 @@ static int test_rtspd(int argc, char *argv[]) #endif /* USE_IPV6 */ if(rc) { error = SOCKERRNO; - logmsg("Error binding socket on port %hu (%d) %s", - port, error, sstrerror(error)); + logmsg("Error binding socket on port %hu (%d) %s", port, + error, curlx_strerror(error, errbuf, sizeof(errbuf))); goto server_cleanup; } @@ -1147,7 +1158,7 @@ static int test_rtspd(int argc, char *argv[]) if(getsockname(sock, &localaddr.sa, &la_size) < 0) { error = SOCKERRNO; logmsg("getsockname() failed with error (%d) %s", - error, sstrerror(error)); + error, curlx_strerror(error, errbuf, sizeof(errbuf))); sclose(sock); goto server_cleanup; } @@ -1180,7 +1191,7 @@ static int test_rtspd(int argc, char *argv[]) if(rc) { error = SOCKERRNO; logmsg("listen() failed with error (%d) %s", - error, sstrerror(error)); + error, curlx_strerror(error, errbuf, sizeof(errbuf))); goto server_cleanup; } @@ -1207,7 +1218,7 @@ static int test_rtspd(int argc, char *argv[]) if(CURL_SOCKET_BAD == msgsock) { error = SOCKERRNO; logmsg("MAJOR ERROR, accept() failed with error (%d) %s", - error, sstrerror(error)); + error, curlx_strerror(error, errbuf, sizeof(errbuf))); break; } diff --git a/tests/server/sockfilt.c b/tests/server/sockfilt.c index 2ae681072e..3f4c9ef8b0 100644 --- a/tests/server/sockfilt.c +++ b/tests/server/sockfilt.c @@ -200,6 +200,7 @@ static ssize_t fullread(int filedes, void *buffer, size_t nbytes) } if(rc < 0) { + char errbuf[STRERROR_LEN]; error = errno; /* !checksrc! disable ERRNOVAR 1 */ if((error == EINTR) || (error == EAGAIN)) @@ -211,7 +212,7 @@ static ssize_t fullread(int filedes, void *buffer, size_t nbytes) } logmsg("reading from file descriptor: %d,", filedes); logmsg("unrecoverable read() failure (%d) %s", - error, strerror(error)); + error, curlx_strerror(error, errbuf, sizeof(errbuf))); return -1; } @@ -253,13 +254,14 @@ static ssize_t fullwrite(int filedes, const void *buffer, size_t nbytes) } if(wc < 0) { + char errbuf[STRERROR_LEN]; error = errno; /* !checksrc! disable ERRNOVAR 1 */ if((error == EINTR) || (error == EAGAIN)) continue; logmsg("writing to file descriptor: %d,", filedes); logmsg("unrecoverable write() failure (%d) %s", - error, strerror(error)); + error, curlx_strerror(error, errbuf, sizeof(errbuf))); return -1; } @@ -947,6 +949,7 @@ static bool juggle(curl_socket_t *sockfdp, int maxfd = -99; ssize_t rc; int error = 0; + char errbuf[STRERROR_LEN]; unsigned char buffer[BUFFER_SIZE]; char data[16]; @@ -1067,7 +1070,7 @@ static bool juggle(curl_socket_t *sockfdp, if(rc < 0) { logmsg("select() failed with error (%d) %s", - error, sstrerror(error)); + error, curlx_strerror(error, errbuf, sizeof(errbuf))); return FALSE; } @@ -1172,7 +1175,8 @@ static bool juggle(curl_socket_t *sockfdp, curl_socket_t newfd = accept(sockfd, NULL, NULL); if(CURL_SOCKET_BAD == newfd) { error = SOCKERRNO; - logmsg("accept() failed with error (%d) %s", error, sstrerror(error)); + logmsg("accept() failed with error (%d) %s", + error, curlx_strerror(error, errbuf, sizeof(errbuf))); } else { logmsg("====> Client connect"); @@ -1226,6 +1230,7 @@ static int test_sockfilt(int argc, char *argv[]) bool juggle_again; int rc; int error; + char errbuf[STRERROR_LEN]; int arg = 1; enum sockmode mode = PASSIVE_LISTEN; /* default */ const char *addr = NULL; @@ -1345,7 +1350,8 @@ static int test_sockfilt(int argc, char *argv[]) if(CURL_SOCKET_BAD == sock) { error = SOCKERRNO; - logmsg("Error creating socket (%d) %s", error, sstrerror(error)); + logmsg("Error creating socket (%d) %s", + error, curlx_strerror(error, errbuf, sizeof(errbuf))); write_stdout("FAIL\n", 5); goto sockfilt_cleanup; } @@ -1382,8 +1388,8 @@ static int test_sockfilt(int argc, char *argv[]) } if(rc) { error = SOCKERRNO; - logmsg("Error connecting to port %hu (%d) %s", - server_connectport, error, sstrerror(error)); + logmsg("Error connecting to port %hu (%d) %s", server_connectport, + error, curlx_strerror(error, errbuf, sizeof(errbuf))); write_stdout("FAIL\n", 5); goto sockfilt_cleanup; } diff --git a/tests/server/socksd.c b/tests/server/socksd.c index 06283e0424..f16b1d79ed 100644 --- a/tests/server/socksd.c +++ b/tests/server/socksd.c @@ -209,9 +209,10 @@ static curl_socket_t socksconnect(unsigned short connectport, rc = connect(sock, &me.sa, sizeof(me.sa4)); if(rc) { + char errbuf[STRERROR_LEN]; int error = SOCKERRNO; - logmsg("Failed connecting to %s:%hu (%d) %s", - connectaddr, connectport, error, sstrerror(error)); + logmsg("Failed connecting to %s:%hu (%d) %s", connectaddr, connectport, + error, curlx_strerror(error, errbuf, sizeof(errbuf))); return CURL_SOCKET_BAD; } logmsg("Connected fine to %s:%d", connectaddr, connectport); @@ -621,6 +622,7 @@ static bool socksd_incoming(curl_socket_t listenfd) int i; ssize_t rc; int error = 0; + char errbuf[STRERROR_LEN]; curl_socket_t sockfd = listenfd; int maxfd = (int)sockfd; @@ -676,7 +678,7 @@ static bool socksd_incoming(curl_socket_t listenfd) if(rc < 0) { logmsg("select() failed with error (%d) %s", - error, sstrerror(error)); + error, curlx_strerror(error, errbuf, sizeof(errbuf))); return FALSE; } @@ -685,7 +687,7 @@ static bool socksd_incoming(curl_socket_t listenfd) if(CURL_SOCKET_BAD == newfd) { error = SOCKERRNO; logmsg("accept() failed with error (%d) %s", - error, sstrerror(error)); + error, curlx_strerror(error, errbuf, sizeof(errbuf))); } else { curl_socket_t remotefd; @@ -738,6 +740,7 @@ static int test_socksd(int argc, char *argv[]) int wroteportfile = 0; bool juggle_again; int error; + char errbuf[STRERROR_LEN]; int arg = 1; const char *unix_socket = NULL; @@ -870,7 +873,7 @@ static int test_socksd(int argc, char *argv[]) if(CURL_SOCKET_BAD == sock) { error = SOCKERRNO; logmsg("Error creating socket (%d) %s", - error, sstrerror(error)); + error, curlx_strerror(error, errbuf, sizeof(errbuf))); goto socks5_cleanup; } @@ -922,7 +925,8 @@ socks5_cleanup: #ifdef USE_UNIX_SOCKETS if(unlink_socket && socket_domain == AF_UNIX && unix_socket) { error = unlink(unix_socket); - logmsg("unlink(%s) = %d (%s)", unix_socket, error, strerror(error)); + logmsg("unlink(%s) = %d (%s)", unix_socket, + error, curlx_strerror(error, errbuf, sizeof(errbuf))); } #endif diff --git a/tests/server/sws.c b/tests/server/sws.c index 32e82891fe..1fbbb3c247 100644 --- a/tests/server/sws.c +++ b/tests/server/sws.c @@ -204,8 +204,10 @@ static int sws_parse_servercmd(struct sws_httprequest *req) req->connmon = FALSE; if(!stream) { + char errbuf[STRERROR_LEN]; error = errno; - logmsg("fopen() failed with error (%d) %s", error, strerror(error)); + logmsg("fopen() failed with error (%d) %s", + error, curlx_strerror(error, errbuf, sizeof(errbuf))); logmsg(" Couldn't open test file %ld", req->testno); req->open = FALSE; /* closes connection */ return 1; /* done */ @@ -706,6 +708,7 @@ static void sws_storerequest(const char *reqbuf, size_t totalsize) { int res; int error = 0; + char errbuf[STRERROR_LEN]; size_t written; size_t writeleft; FILE *dump; @@ -724,8 +727,8 @@ static void sws_storerequest(const char *reqbuf, size_t totalsize) /* !checksrc! disable ERRNOVAR 1 */ } while(!dump && ((error = errno) == EINTR)); if(!dump) { - logmsg("[2] Error opening file %s error (%d) %s", - dumpfile, error, strerror(error)); + logmsg("[2] Error opening file %s error (%d) %s", dumpfile, + error, curlx_strerror(error, errbuf, sizeof(errbuf))); logmsg("Failed to write request input "); return; } @@ -744,8 +747,8 @@ static void sws_storerequest(const char *reqbuf, size_t totalsize) if(writeleft == 0) logmsg("Wrote request (%zu bytes) input to %s", totalsize, dumpfile); else if(writeleft > 0) { - logmsg("Error writing file %s error (%d) %s", - dumpfile, error, strerror(error)); + logmsg("Error writing file %s error (%d) %s", dumpfile, + error, curlx_strerror(error, errbuf, sizeof(errbuf))); logmsg("Wrote only (%zu bytes) of (%zu bytes) request input to %s", totalsize-writeleft, totalsize, dumpfile); } @@ -754,8 +757,8 @@ storerequest_cleanup: res = fclose(dump); if(res) - logmsg("Error closing file %s error (%d) %s", - dumpfile, errno, strerror(errno)); + logmsg("Error closing file %s error (%d) %s", dumpfile, + errno, curlx_strerror(errno, errbuf, sizeof(errbuf))); } static void init_httprequest(struct sws_httprequest *req) @@ -883,12 +886,14 @@ static int sws_get_request(curl_socket_t sock, struct sws_httprequest *req) fail = 1; } else if(got < 0) { + char errbuf[STRERROR_LEN]; int error = SOCKERRNO; if(EAGAIN == error || SOCKEWOULDBLOCK == error) { /* nothing to read at the moment */ return 0; } - logmsg("recv() returned error (%d) %s", error, sstrerror(error)); + logmsg("recv() returned error (%d) %s", + error, curlx_strerror(error, errbuf, sizeof(errbuf))); fail = 1; } if(fail) { @@ -947,6 +952,7 @@ static int sws_send_doc(curl_socket_t sock, struct sws_httprequest *req) bool sendfailure = FALSE; size_t responsesize; int error = 0; + char errbuf[STRERROR_LEN]; int res; static char weare[256]; char responsedump[256]; @@ -1027,7 +1033,8 @@ static int sws_send_doc(curl_socket_t sock, struct sws_httprequest *req) stream = test2fopen(req->testno, logdir); if(!stream) { error = errno; - logmsg("fopen() failed with error (%d) %s", error, strerror(error)); + logmsg("fopen() failed with error (%d) %s", + error, curlx_strerror(error, errbuf, sizeof(errbuf))); return 0; } else { @@ -1049,7 +1056,8 @@ static int sws_send_doc(curl_socket_t sock, struct sws_httprequest *req) stream = test2fopen(req->testno, logdir); if(!stream) { error = errno; - logmsg("fopen() failed with error (%d) %s", error, strerror(error)); + logmsg("fopen() failed with error (%d) %s", + error, curlx_strerror(error, errbuf, sizeof(errbuf))); free(ptr); return 0; } @@ -1088,7 +1096,8 @@ static int sws_send_doc(curl_socket_t sock, struct sws_httprequest *req) dump = fopen(responsedump, "ab"); if(!dump) { error = errno; - logmsg("fopen() failed with error (%d) %s", error, strerror(error)); + logmsg("fopen() failed with error (%d) %s", + error, curlx_strerror(error, errbuf, sizeof(errbuf))); logmsg(" [5] Error opening file '%s'", responsedump); free(ptr); free(cmd); @@ -1140,8 +1149,8 @@ retry: res = fclose(dump); if(res) - logmsg("Error closing file %s error (%d) %s", - responsedump, errno, strerror(errno)); + logmsg("Error closing file %s error (%d) %s", responsedump, + errno, curlx_strerror(errno, errbuf, sizeof(errbuf))); if(got_exit_signal) { free(ptr); @@ -1181,7 +1190,7 @@ retry: /* should not happen */ error = SOCKERRNO; logmsg("curlx_wait_ms() failed with error (%d) %s", - error, sstrerror(error)); + error, curlx_strerror(error, errbuf, sizeof(errbuf))); break; } } @@ -1212,6 +1221,7 @@ static curl_socket_t connect_to(const char *ipaddr, unsigned short port) srvr_sockaddr_union_t serveraddr; curl_socket_t serverfd; int error; + char errbuf[STRERROR_LEN]; int rc = 0; const char *op_br = ""; const char *cl_br = ""; @@ -1234,7 +1244,7 @@ static curl_socket_t connect_to(const char *ipaddr, unsigned short port) if(CURL_SOCKET_BAD == serverfd) { error = SOCKERRNO; logmsg("Error creating socket for server connection (%d) %s", - error, sstrerror(error)); + error, curlx_strerror(error, errbuf, sizeof(errbuf))); return CURL_SOCKET_BAD; } @@ -1254,7 +1264,7 @@ static curl_socket_t connect_to(const char *ipaddr, unsigned short port) if(curlx_nonblock(serverfd, TRUE)) { error = SOCKERRNO; logmsg("curlx_nonblock(TRUE) failed with error (%d) %s", - error, sstrerror(error)); + error, curlx_strerror(error, errbuf, sizeof(errbuf))); sclose(serverfd); return CURL_SOCKET_BAD; } @@ -1336,8 +1346,8 @@ static curl_socket_t connect_to(const char *ipaddr, unsigned short port) } } error: - logmsg("Error connecting to server port %hu (%d) %s", - port, error, sstrerror(error)); + logmsg("Error connecting to server port %hu (%d) %s", port, + error, curlx_strerror(error, errbuf, sizeof(errbuf))); sclose(serverfd); return CURL_SOCKET_BAD; } @@ -1348,7 +1358,7 @@ success: if(curlx_nonblock(serverfd, FALSE)) { error = SOCKERRNO; logmsg("curlx_nonblock(FALSE) failed with error (%d) %s", - error, sstrerror(error)); + error, curlx_strerror(error, errbuf, sizeof(errbuf))); sclose(serverfd); return CURL_SOCKET_BAD; } @@ -1812,6 +1822,7 @@ static curl_socket_t accept_connection(curl_socket_t sock) { curl_socket_t msgsock = CURL_SOCKET_BAD; int error; + char errbuf[STRERROR_LEN]; int flag = 1; if(MAX_SOCKETS == num_sockets) { @@ -1834,14 +1845,14 @@ static curl_socket_t accept_connection(curl_socket_t sock) return 0; } logmsg("MAJOR ERROR, accept() failed with error (%d) %s", - error, sstrerror(error)); + error, curlx_strerror(error, errbuf, sizeof(errbuf))); return CURL_SOCKET_BAD; } if(curlx_nonblock(msgsock, TRUE)) { error = SOCKERRNO; logmsg("curlx_nonblock failed with error (%d) %s", - error, sstrerror(error)); + error, curlx_strerror(error, errbuf, sizeof(errbuf))); sclose(msgsock); return CURL_SOCKET_BAD; } @@ -1850,7 +1861,7 @@ static curl_socket_t accept_connection(curl_socket_t sock) (void *)&flag, sizeof(flag))) { error = SOCKERRNO; logmsg("setsockopt(SO_KEEPALIVE) failed with error (%d) %s", - error, sstrerror(error)); + error, curlx_strerror(error, errbuf, sizeof(errbuf))); sclose(msgsock); return CURL_SOCKET_BAD; } @@ -1977,6 +1988,7 @@ static int test_sws(int argc, char *argv[]) struct sws_httprequest *req = NULL; int rc = 0; int error; + char errbuf[STRERROR_LEN]; int arg = 1; const char *connecthost = "127.0.0.1"; char port_str[11]; @@ -2152,7 +2164,8 @@ static int test_sws(int argc, char *argv[]) if(CURL_SOCKET_BAD == sock) { error = SOCKERRNO; - logmsg("Error creating socket (%d) %s", error, sstrerror(error)); + logmsg("Error creating socket (%d) %s", + error, curlx_strerror(error, errbuf, sizeof(errbuf))); goto sws_cleanup; } @@ -2161,13 +2174,13 @@ static int test_sws(int argc, char *argv[]) (void *)&flag, sizeof(flag))) { error = SOCKERRNO; logmsg("setsockopt(SO_REUSEADDR) failed with error (%d) %s", - error, sstrerror(error)); + error, curlx_strerror(error, errbuf, sizeof(errbuf))); goto sws_cleanup; } if(curlx_nonblock(sock, TRUE)) { error = SOCKERRNO; logmsg("curlx_nonblock failed with error (%d) %s", - error, sstrerror(error)); + error, curlx_strerror(error, errbuf, sizeof(errbuf))); goto sws_cleanup; } @@ -2197,12 +2210,12 @@ static int test_sws(int argc, char *argv[]) error = SOCKERRNO; #ifdef USE_UNIX_SOCKETS if(socket_domain == AF_UNIX) - logmsg("Error binding socket on path %s (%d) %s", - unix_socket, error, sstrerror(error)); + logmsg("Error binding socket on path %s (%d) %s", unix_socket, + error, curlx_strerror(error, errbuf, sizeof(errbuf))); else #endif - logmsg("Error binding socket on port %hu (%d) %s", - port, error, sstrerror(error)); + logmsg("Error binding socket on port %hu (%d) %s", port, + error, curlx_strerror(error, errbuf, sizeof(errbuf))); goto sws_cleanup; } @@ -2223,7 +2236,7 @@ static int test_sws(int argc, char *argv[]) if(getsockname(sock, &localaddr.sa, &la_size) < 0) { error = SOCKERRNO; logmsg("getsockname() failed with error (%d) %s", - error, sstrerror(error)); + error, curlx_strerror(error, errbuf, sizeof(errbuf))); sclose(sock); goto sws_cleanup; } @@ -2261,7 +2274,8 @@ static int test_sws(int argc, char *argv[]) rc = listen(sock, 50); if(rc) { error = SOCKERRNO; - logmsg("listen() failed with error (%d) %s", error, sstrerror(error)); + logmsg("listen() failed with error (%d) %s", + error, curlx_strerror(error, errbuf, sizeof(errbuf))); goto sws_cleanup; } @@ -2341,7 +2355,8 @@ static int test_sws(int argc, char *argv[]) if(rc < 0) { error = SOCKERRNO; - logmsg("select() failed with error (%d) %s", error, sstrerror(error)); + logmsg("select() failed with error (%d) %s", + error, curlx_strerror(error, errbuf, sizeof(errbuf))); goto sws_cleanup; } @@ -2446,7 +2461,8 @@ sws_cleanup: #ifdef USE_UNIX_SOCKETS if(unlink_socket && socket_domain == AF_UNIX && unix_socket) { rc = unlink(unix_socket); - logmsg("unlink(%s) = %d (%s)", unix_socket, rc, strerror(rc)); + logmsg("unlink(%s) = %d (%s)", unix_socket, + rc, curlx_strerror(rc, errbuf, sizeof(errbuf))); } #endif diff --git a/tests/server/tftpd.c b/tests/server/tftpd.c index 4c37685ab7..64f005dfe5 100644 --- a/tests/server/tftpd.c +++ b/tests/server/tftpd.c @@ -130,7 +130,7 @@ struct formats { struct errmsg { int e_code; - const char *e_msg; + char e_msg[STRERROR_LEN]; }; typedef union { @@ -174,7 +174,7 @@ static struct errmsg errmsgs[] = { { TFTP_EBADID, "Unknown transfer ID" }, { TFTP_EEXISTS, "File already exists" }, { TFTP_ENOUSER, "No such user" }, - { -1, 0 } + { -1, "" } }; static const struct formats formata[] = { @@ -548,6 +548,7 @@ static int test_tftpd(int argc, char **argv) int flag; int rc; int error; + char errbuf[STRERROR_LEN]; struct testcase test; int result = 0; srvr_sockaddr_union_t from; @@ -654,7 +655,8 @@ static int test_tftpd(int argc, char **argv) if(CURL_SOCKET_BAD == sock) { error = SOCKERRNO; - logmsg("Error creating socket (%d) %s", error, sstrerror(error)); + logmsg("Error creating socket (%d) %s", + error, curlx_strerror(error, errbuf, sizeof(errbuf))); result = 1; goto tftpd_cleanup; } @@ -664,7 +666,7 @@ static int test_tftpd(int argc, char **argv) (void *)&flag, sizeof(flag))) { error = SOCKERRNO; logmsg("setsockopt(SO_REUSEADDR) failed with error (%d) %s", - error, sstrerror(error)); + error, curlx_strerror(error, errbuf, sizeof(errbuf))); result = 1; goto tftpd_cleanup; } @@ -689,8 +691,8 @@ static int test_tftpd(int argc, char **argv) #endif /* USE_IPV6 */ if(rc) { error = SOCKERRNO; - logmsg("Error binding socket on port %hu (%d) %s", port, error, - sstrerror(error)); + logmsg("Error binding socket on port %hu (%d) %s", port, + error, curlx_strerror(error, errbuf, sizeof(errbuf))); result = 1; goto tftpd_cleanup; } @@ -712,7 +714,7 @@ static int test_tftpd(int argc, char **argv) if(getsockname(sock, &localaddr.sa, &la_size) < 0) { error = SOCKERRNO; logmsg("getsockname() failed with error (%d) %s", - error, sstrerror(error)); + error, curlx_strerror(error, errbuf, sizeof(errbuf))); sclose(sock); goto tftpd_cleanup; } @@ -898,8 +900,10 @@ static int do_tftp(struct testcase *test, struct tftphdr *tp, ssize_t size) /* Open request dump file. */ server = fopen(dumpfile, "ab"); if(!server) { + char errbuf[STRERROR_LEN]; int error = errno; - logmsg("fopen() failed with error (%d) %s", error, strerror(error)); + logmsg("fopen() failed with error (%d) %s", + error, curlx_strerror(error, errbuf, sizeof(errbuf))); logmsg("Error opening file '%s'", dumpfile); return -1; } @@ -1005,8 +1009,10 @@ static int tftpd_parse_servercmd(struct testcase *req) stream = test2fopen(req->testno, logdir); if(!stream) { + char errbuf[STRERROR_LEN]; error = errno; - logmsg("fopen() failed with error (%d) %s", error, strerror(error)); + logmsg("fopen() failed with error (%d) %s", + error, curlx_strerror(error, errbuf, sizeof(errbuf))); logmsg(" Couldn't open test file %ld", req->testno); return 1; /* done */ } @@ -1107,7 +1113,6 @@ static int validate_access(struct testcase *test, else partno = 0; - logmsg("requested test number %ld part %ld", testno, partno); test->testno = testno; @@ -1120,8 +1125,10 @@ static int validate_access(struct testcase *test, snprintf(partbuf, sizeof(partbuf), "data%ld", partno); if(!stream) { + char errbuf[STRERROR_LEN]; int error = errno; - logmsg("fopen() failed with error (%d) %s", error, strerror(error)); + logmsg("fopen() failed with error (%d) %s", + error, curlx_strerror(error, errbuf, sizeof(errbuf))); logmsg("Couldn't open test file for test: %ld", testno); return TFTP_EACCESS; } @@ -1356,7 +1363,7 @@ static void nak(int error) if(pe->e_code == error) break; if(pe->e_code < 0) { - pe->e_msg = strerror(error - 100); + curlx_strerror(error - 100, pe->e_msg, sizeof(pe->e_msg)); tp->th_code = TFTP_EUNDEF; /* set 'undef' errorcode */ } length = (int)strlen(pe->e_msg); diff --git a/tests/server/util.c b/tests/server/util.c index f4802745c8..5abd308738 100644 --- a/tests/server/util.c +++ b/tests/server/util.c @@ -123,9 +123,10 @@ void logmsg(const char *msg, ...) fclose(logfp); } else { + char errbuf[STRERROR_LEN]; int error = errno; fprintf(stderr, "fopen() failed with error (%d) %s\n", - error, strerror(error)); + error, curlx_strerror(error, errbuf, sizeof(errbuf))); fprintf(stderr, "Error opening file '%s'\n", serverlogfile); fprintf(stderr, "Msg not logged: %s %s\n", timebuf, buffer); } @@ -189,15 +190,6 @@ int win32_init(void) atexit(win32_cleanup); return 0; } - -/* socket-safe strerror (works on Winsock errors, too) */ -const char *sstrerror(int err) -{ - static char buf[512]; - return curlx_winapi_strerror(err, buf, sizeof(buf)); -} -#else -#define sstrerror(e) strerror(e) #endif /* _WIN32 */ /* fopens the test case file */ @@ -246,7 +238,9 @@ int write_pidfile(const char *filename) pid = our_getpid(); pidfile = fopen(filename, "wb"); if(!pidfile) { - logmsg("Couldn't write pid file: %s %s", filename, strerror(errno)); + char errbuf[STRERROR_LEN]; + logmsg("Couldn't write pid file: %s (%d) %s", filename, + errno, curlx_strerror(errno, errbuf, sizeof(errbuf))); return 0; /* fail */ } fprintf(pidfile, "%ld\n", (long)pid); @@ -260,7 +254,9 @@ int write_portfile(const char *filename, int port) { FILE *portfile = fopen(filename, "wb"); if(!portfile) { - logmsg("Couldn't write port file: %s %s", filename, strerror(errno)); + char errbuf[STRERROR_LEN]; + logmsg("Couldn't write port file: %s (%d) %s", filename, + errno, curlx_strerror(errno, errbuf, sizeof(errbuf))); return 0; /* fail */ } fprintf(portfile, "%d\n", port); @@ -273,6 +269,7 @@ void set_advisor_read_lock(const char *filename) { FILE *lockfile; int error = 0; + char errbuf[STRERROR_LEN]; int res; do { @@ -280,15 +277,15 @@ void set_advisor_read_lock(const char *filename) /* !checksrc! disable ERRNOVAR 1 */ } while(!lockfile && ((error = errno) == EINTR)); if(!lockfile) { - logmsg("Error creating lock file %s error (%d) %s", - filename, error, strerror(error)); + logmsg("Error creating lock file %s error (%d) %s", filename, + error, curlx_strerror(error, errbuf, sizeof(errbuf))); return; } res = fclose(lockfile); if(res) - logmsg("Error closing lock file %s error (%d) %s", - filename, errno, strerror(errno)); + logmsg("Error closing lock file %s error (%d) %s", filename, + errno, curlx_strerror(errno, errbuf, sizeof(errbuf))); } void clear_advisor_read_lock(const char *filename) @@ -306,9 +303,11 @@ void clear_advisor_read_lock(const char *filename) res = unlink(filename); /* !checksrc! disable ERRNOVAR 1 */ } while(res && ((error = errno) == EINTR)); - if(res) - logmsg("Error removing lock file %s error (%d) %s", - filename, error, strerror(error)); + if(res) { + char errbuf[STRERROR_LEN]; + logmsg("Error removing lock file %s error (%d) %s", filename, + error, curlx_strerror(error, errbuf, sizeof(errbuf))); + } } /* vars used to keep around previous signal handlers */ @@ -566,6 +565,8 @@ static SIGHANDLER_T set_signal(int signum, SIGHANDLER_T handler, void install_signal_handlers(bool keep_sigalrm) { + char errbuf[STRERROR_LEN]; + (void)errbuf; #ifdef _WIN32 /* setup Windows exit event before any signal can trigger */ exit_event = CreateEvent(NULL, TRUE, FALSE, NULL); @@ -576,20 +577,23 @@ void install_signal_handlers(bool keep_sigalrm) /* ignore SIGHUP signal */ old_sighup_handler = set_signal(SIGHUP, SIG_IGN, FALSE); if(old_sighup_handler == SIG_ERR) - logmsg("cannot install SIGHUP handler: %s", strerror(errno)); + logmsg("cannot install SIGHUP handler: (%d) %s", + errno, curlx_strerror(errno, errbuf, sizeof(errbuf))); #endif #ifdef SIGPIPE /* ignore SIGPIPE signal */ old_sigpipe_handler = set_signal(SIGPIPE, SIG_IGN, FALSE); if(old_sigpipe_handler == SIG_ERR) - logmsg("cannot install SIGPIPE handler: %s", strerror(errno)); + logmsg("cannot install SIGPIPE handler: (%d) %s", + errno, curlx_strerror(errno, errbuf, sizeof(errbuf))); #endif #ifdef SIGALRM if(!keep_sigalrm) { /* ignore SIGALRM signal */ old_sigalrm_handler = set_signal(SIGALRM, SIG_IGN, FALSE); if(old_sigalrm_handler == SIG_ERR) - logmsg("cannot install SIGALRM handler: %s", strerror(errno)); + logmsg("cannot install SIGALRM handler: (%d) %s", + errno, curlx_strerror(errno, errbuf, sizeof(errbuf))); } #else (void)keep_sigalrm; @@ -598,19 +602,22 @@ void install_signal_handlers(bool keep_sigalrm) /* handle SIGINT signal with our exit_signal_handler */ old_sigint_handler = set_signal(SIGINT, exit_signal_handler, TRUE); if(old_sigint_handler == SIG_ERR) - logmsg("cannot install SIGINT handler: %s", strerror(errno)); + logmsg("cannot install SIGINT handler: (%d) %s", + errno, curlx_strerror(errno, errbuf, sizeof(errbuf))); #endif #ifdef SIGTERM /* handle SIGTERM signal with our exit_signal_handler */ old_sigterm_handler = set_signal(SIGTERM, exit_signal_handler, TRUE); if(old_sigterm_handler == SIG_ERR) - logmsg("cannot install SIGTERM handler: %s", strerror(errno)); + logmsg("cannot install SIGTERM handler: (%d) %s", + errno, curlx_strerror(errno, errbuf, sizeof(errbuf))); #endif #if defined(SIGBREAK) && defined(_WIN32) /* handle SIGBREAK signal with our exit_signal_handler */ old_sigbreak_handler = set_signal(SIGBREAK, exit_signal_handler, TRUE); if(old_sigbreak_handler == SIG_ERR) - logmsg("cannot install SIGBREAK handler: %s", strerror(errno)); + logmsg("cannot install SIGBREAK handler: (%d) %s", + errno, curlx_strerror(errno, errbuf, sizeof(errbuf))); #endif #ifdef _WIN32 #ifndef UNDER_CE @@ -687,6 +694,7 @@ int bind_unix_socket(curl_socket_t sock, const char *unix_socket, struct sockaddr_un *sau) { int error; + char errbuf[STRERROR_LEN]; int rc; size_t len = strlen(unix_socket); @@ -703,8 +711,8 @@ int bind_unix_socket(curl_socket_t sock, const char *unix_socket, /* socket already exists. Perhaps it is stale? */ curl_socket_t unixfd = socket(AF_UNIX, SOCK_STREAM, 0); if(CURL_SOCKET_BAD == unixfd) { - logmsg("Failed to create socket at %s (%d) %s", - unix_socket, SOCKERRNO, sstrerror(SOCKERRNO)); + logmsg("Failed to create socket at %s (%d) %s", unix_socket, + SOCKERRNO, curlx_strerror(SOCKERRNO, errbuf, sizeof(errbuf))); return -1; } /* check whether the server is alive */ @@ -712,8 +720,8 @@ int bind_unix_socket(curl_socket_t sock, const char *unix_socket, error = SOCKERRNO; sclose(unixfd); if(rc && error != SOCKECONNREFUSED) { - logmsg("Failed to connect to %s (%d) %s", - unix_socket, error, sstrerror(error)); + logmsg("Failed to connect to %s (%d) %s", unix_socket, + error, curlx_strerror(error, errbuf, sizeof(errbuf))); return rc; } /* socket server is not alive, now check if it was actually a socket. */ @@ -724,8 +732,8 @@ int bind_unix_socket(curl_socket_t sock, const char *unix_socket, rc = lstat(unix_socket, &statbuf); #endif if(rc) { - logmsg("Error binding socket, failed to stat %s (%d) %s", - unix_socket, errno, strerror(errno)); + logmsg("Error binding socket, failed to stat %s (%d) %s", unix_socket, + errno, curlx_strerror(errno, errbuf, sizeof(errbuf))); return rc; } #ifdef S_IFSOCK @@ -737,8 +745,8 @@ int bind_unix_socket(curl_socket_t sock, const char *unix_socket, /* dead socket, cleanup and retry bind */ rc = unlink(unix_socket); if(rc) { - logmsg("Error binding socket, failed to unlink %s (%d) %s", - unix_socket, errno, strerror(errno)); + logmsg("Error binding socket, failed to unlink %s (%d) %s", unix_socket, + errno, curlx_strerror(errno, errbuf, sizeof(errbuf))); return rc; } /* stale socket is gone, retry bind */ @@ -762,6 +770,7 @@ curl_socket_t sockdaemon(curl_socket_t sock, int delay = 20; int attempt = 0; int error = 0; + char errbuf[STRERROR_LEN]; #ifndef USE_UNIX_SOCKETS (void)unix_socket; @@ -775,14 +784,14 @@ curl_socket_t sockdaemon(curl_socket_t sock, if(rc) { error = SOCKERRNO; logmsg("setsockopt(SO_REUSEADDR) failed with error (%d) %s", - error, sstrerror(error)); + error, curlx_strerror(error, errbuf, sizeof(errbuf))); if(maxretr) { rc = curlx_wait_ms(delay); if(rc) { /* should not happen */ error = SOCKERRNO; logmsg("curlx_wait_ms() failed with error (%d) %s", - error, sstrerror(error)); + error, curlx_strerror(error, errbuf, sizeof(errbuf))); sclose(sock); return CURL_SOCKET_BAD; } @@ -799,7 +808,8 @@ curl_socket_t sockdaemon(curl_socket_t sock, if(rc) { logmsg("setsockopt(SO_REUSEADDR) failed %d times in %d ms. Error (%d) %s", - attempt, totdelay, error, strerror(error)); + attempt, totdelay, + error, curlx_strerror(error, errbuf, sizeof(errbuf))); logmsg("Continuing anyway..."); } @@ -836,12 +846,12 @@ curl_socket_t sockdaemon(curl_socket_t sock, error = SOCKERRNO; #ifdef USE_UNIX_SOCKETS if(socket_domain == AF_UNIX) - logmsg("Error binding socket on path %s (%d) %s", - unix_socket, error, sstrerror(error)); + logmsg("Error binding socket on path %s (%d) %s", unix_socket, + error, curlx_strerror(error, errbuf, sizeof(errbuf))); else #endif - logmsg("Error binding socket on port %hu (%d) %s", - *listenport, error, sstrerror(error)); + logmsg("Error binding socket on port %hu (%d) %s", *listenport, + error, curlx_strerror(error, errbuf, sizeof(errbuf))); sclose(sock); return CURL_SOCKET_BAD; } @@ -865,7 +875,7 @@ curl_socket_t sockdaemon(curl_socket_t sock, if(getsockname(sock, &localaddr.sa, &la_size) < 0) { error = SOCKERRNO; logmsg("getsockname() failed with error (%d) %s", - error, sstrerror(error)); + error, curlx_strerror(error, errbuf, sizeof(errbuf))); sclose(sock); return CURL_SOCKET_BAD; } @@ -902,8 +912,8 @@ curl_socket_t sockdaemon(curl_socket_t sock, rc = listen(sock, 5); if(rc) { error = SOCKERRNO; - logmsg("listen(%ld, 5) failed with error (%d) %s", - (long)sock, error, sstrerror(error)); + logmsg("listen(%ld, 5) failed with error (%d) %s", (long)sock, + error, curlx_strerror(error, errbuf, sizeof(errbuf))); sclose(sock); return CURL_SOCKET_BAD; } From db98daab05aec251bcb6615d2d38dfebec291736 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 4 Oct 2025 12:24:57 +0200 Subject: [PATCH 0291/2408] src: stop overriding system printf symbols Also: - tool_operate: use the socket printf mask, drop cast. Follow-up to 4deea9396bc7dd25c6362fa746a57bf309c74ada #18814 Closes #18844 --- src/.checksrc | 8 ++++ src/config2setopts.c | 3 +- src/curlinfo.c | 1 + src/tool_cb_dbg.c | 33 +++++++-------- src/tool_cb_hdr.c | 16 ++++---- src/tool_cb_prg.c | 4 +- src/tool_cfgable.h | 18 --------- src/tool_easysrc.c | 20 +++++----- src/tool_findfile.c | 6 +-- src/tool_getparam.c | 12 +++--- src/tool_help.c | 56 +++++++++++++------------- src/tool_ipfs.c | 8 ++-- src/tool_main.c | 2 +- src/tool_msgs.c | 10 ++--- src/tool_operate.c | 43 ++++++++++---------- src/tool_operhlp.c | 4 +- src/tool_paramhlp.c | 14 +++---- src/tool_parsecfg.c | 4 +- src/tool_progress.c | 86 ++++++++++++++++++++-------------------- src/tool_setopt.c | 8 ++-- src/tool_urlglob.c | 8 ++-- src/tool_vms.c | 8 ++-- src/tool_writeout.c | 32 +++++++-------- src/tool_writeout_json.c | 4 +- src/tool_xattr.c | 2 +- 25 files changed, 203 insertions(+), 207 deletions(-) diff --git a/src/.checksrc b/src/.checksrc index 946367c499..4a6b707084 100644 --- a/src/.checksrc +++ b/src/.checksrc @@ -1 +1,9 @@ enable STDERR +banfunc aprintf +banfunc fprintf +banfunc msnprintf +banfunc mvsnprintf +banfunc printf +banfunc vaprintf +banfunc vfprintf +banfunc vprintf diff --git a/src/config2setopts.c b/src/config2setopts.c index 2a58b75772..5921cd73ce 100644 --- a/src/config2setopts.c +++ b/src/config2setopts.c @@ -114,7 +114,8 @@ static char *ssl_backend(void) if(!already) { /* if there is no existing version */ const char *v = curl_version_info(CURLVERSION_NOW)->ssl_version; if(v) - msnprintf(ssl_ver, sizeof(ssl_ver), "%.*s", (int) strcspn(v, " "), v); + curl_msnprintf(ssl_ver, sizeof(ssl_ver), + "%.*s", (int)strcspn(v, " "), v); already = TRUE; } return ssl_ver; diff --git a/src/curlinfo.c b/src/curlinfo.c index 14eb2f88c3..da75a45876 100644 --- a/src/curlinfo.c +++ b/src/curlinfo.c @@ -246,6 +246,7 @@ int main(int argc, char **argv) (void)argv; for(i = 0; i < CURL_ARRAYSIZE(disabled); i++) + /* !checksrc! disable BANNEDFUNC 1 */ printf("%s\n", disabled[i]); return 0; diff --git a/src/tool_cb_dbg.c b/src/tool_cb_dbg.c index d9aa1ff07a..043daef26d 100644 --- a/src/tool_cb_dbg.c +++ b/src/tool_cb_dbg.c @@ -46,8 +46,8 @@ static const char *hms_for_sec(time_t tv_sec) if(tv_sec != cached_tv_sec) { /* !checksrc! disable BANNEDFUNC 1 */ struct tm *now = localtime(&tv_sec); /* not thread safe either */ - msnprintf(hms_buf, sizeof(hms_buf), "%02d:%02d:%02d", - now->tm_hour, now->tm_min, now->tm_sec); + curl_msnprintf(hms_buf, sizeof(hms_buf), "%02d:%02d:%02d", + now->tm_hour, now->tm_min, now->tm_sec); cached_tv_sec = tv_sec; } return hms_buf; @@ -64,7 +64,7 @@ static void log_line_start(FILE *log, const char *timebuf, "* ", "< ", "> ", "{ ", "} ", "{ ", "} " }; if((timebuf && *timebuf) || (idsbuf && *idsbuf)) - fprintf(log, "%s%s%s", timebuf, idsbuf, s_infotype[type]); + curl_mfprintf(log, "%s%s%s", timebuf, idsbuf, s_infotype[type]); else fputs(s_infotype[type], log); } @@ -96,8 +96,8 @@ int tool_debug_cb(CURL *handle, curl_infotype type, if(global->tracetime) { tv = tvrealnow(); - msnprintf(timebuf, sizeof(timebuf), "%s.%06ld ", - hms_for_sec(tv.tv_sec), (long)tv.tv_usec); + curl_msnprintf(timebuf, sizeof(timebuf), "%s.%06ld ", + hms_for_sec(tv.tv_sec), (long)tv.tv_usec); } else timebuf[0] = 0; @@ -106,11 +106,11 @@ int tool_debug_cb(CURL *handle, curl_infotype type, !curl_easy_getinfo(handle, CURLINFO_XFER_ID, &xfer_id) && xfer_id >= 0) { if(!curl_easy_getinfo(handle, CURLINFO_CONN_ID, &conn_id) && conn_id >= 0) { - msnprintf(idsbuf, sizeof(idsbuf), TRC_IDS_FORMAT_IDS_2, - xfer_id, conn_id); + curl_msnprintf(idsbuf, sizeof(idsbuf), TRC_IDS_FORMAT_IDS_2, + xfer_id, conn_id); } else { - msnprintf(idsbuf, sizeof(idsbuf), TRC_IDS_FORMAT_IDS_1, xfer_id); + curl_msnprintf(idsbuf, sizeof(idsbuf), TRC_IDS_FORMAT_IDS_1, xfer_id); } } else @@ -184,7 +184,7 @@ int tool_debug_cb(CURL *handle, curl_infotype type, ((output != tool_stderr) && (output != stdout))) { if(!newl) log_line_start(output, timebuf, idsbuf, type); - fprintf(output, "[%zu bytes data]\n", size); + curl_mfprintf(output, "[%zu bytes data]\n", size); newl = FALSE; traced_data = TRUE; } @@ -201,7 +201,7 @@ int tool_debug_cb(CURL *handle, curl_infotype type, switch(type) { case CURLINFO_TEXT: - fprintf(output, "%s%s* %.*s", timebuf, idsbuf, (int)size, data); + curl_mfprintf(output, "%s%s* %.*s", timebuf, idsbuf, (int)size, data); FALLTHROUGH(); default: /* in case a new one is introduced to shock us */ return 0; @@ -244,18 +244,18 @@ static void dump(const char *timebuf, const char *idsbuf, const char *text, /* without the hex output, we can fit more on screen */ width = 0x40; - fprintf(stream, "%s%s%s, %zu bytes (0x%zx)\n", timebuf, idsbuf, - text, size, size); + curl_mfprintf(stream, "%s%s%s, %zu bytes (0x%zx)\n", timebuf, idsbuf, + text, size, size); for(i = 0; i < size; i += width) { - fprintf(stream, "%04zx: ", i); + curl_mfprintf(stream, "%04zx: ", i); if(tracetype == TRACE_BIN) { /* hex not disabled, show it */ for(c = 0; c < width; c++) if(i + c < size) - fprintf(stream, "%02x ", ptr[i + c]); + curl_mfprintf(stream, "%02x ", ptr[i + c]); else fputs(" ", stream); } @@ -269,8 +269,9 @@ static void dump(const char *timebuf, const char *idsbuf, const char *text, break; } (void)infotype; - fprintf(stream, "%c", ((ptr[i + c] >= 0x20) && (ptr[i + c] < 0x7F)) ? - ptr[i + c] : UNPRINTABLE_CHAR); + curl_mfprintf(stream, "%c", + ((ptr[i + c] >= 0x20) && (ptr[i + c] < 0x7F)) ? + ptr[i + c] : UNPRINTABLE_CHAR); /* check again for 0D0A, to avoid an extra \n if it is at width */ if((tracetype == TRACE_ASCII) && (i + c + 2 < size) && (ptr[i + c + 1] == 0x0D) && diff --git a/src/tool_cb_hdr.c b/src/tool_cb_hdr.c index 7781e4dc3c..2ea8801705 100644 --- a/src/tool_cb_hdr.c +++ b/src/tool_cb_hdr.c @@ -217,8 +217,8 @@ size_t tool_header_cb(char *ptr, size_t size, size_t nmemb, void *userdata) } if(per->config->output_dir) { - outs->filename = aprintf("%s/%s", per->config->output_dir, - filename); + outs->filename = curl_maprintf("%s/%s", per->config->output_dir, + filename); free(filename); if(!outs->filename) return CURL_WRITEFUNC_ERROR; @@ -248,7 +248,7 @@ size_t tool_header_cb(char *ptr, size_t size, size_t nmemb, void *userdata) hdrcbdata->config->show_headers) { /* still awaiting the Content-Disposition header, store the header in memory. Since it is not null-terminated, we need an extra dance. */ - char *clone = aprintf("%.*s", (int)cb, str); + char *clone = curl_maprintf("%.*s", (int)cb, str); if(clone) { struct curl_slist *old = hdrcbdata->headlist; hdrcbdata->headlist = curl_slist_append(old, clone); @@ -295,7 +295,7 @@ size_t tool_header_cb(char *ptr, size_t size, size_t nmemb, void *userdata) value = memchr(ptr, ':', cb); if(value) { size_t namelen = value - ptr; - fprintf(outs->stream, BOLD "%.*s" BOLDOFF ":", (int)namelen, ptr); + curl_mfprintf(outs->stream, BOLD "%.*s" BOLDOFF ":", (int)namelen, ptr); #ifndef LINK fwrite(&value[1], cb - namelen - 1, 1, outs->stream); #else @@ -461,10 +461,10 @@ static void write_linked_location(CURL *curl, const char *location, !strcmp("https", scheme) || !strcmp("ftp", scheme) || !strcmp("ftps", scheme)) { - fprintf(stream, "%.*s" LINK "%s" LINKST "%.*s" LINKOFF, - space_skipped, location, - finalurl, - (int)loclen - space_skipped, loc); + curl_mfprintf(stream, "%.*s" LINK "%s" LINKST "%.*s" LINKOFF, + space_skipped, location, + finalurl, + (int)loclen - space_skipped, loc); goto locdone; } diff --git a/src/tool_cb_prg.c b/src/tool_cb_prg.c index c6ee6b2822..dd460a4bf6 100644 --- a/src/tool_cb_prg.c +++ b/src/tool_cb_prg.c @@ -208,12 +208,12 @@ int tool_progress_cb(void *clientp, num = MAX_BARLENGTH; memset(line, '#', num); line[num] = '\0'; - msnprintf(format, sizeof(format), "\r%%-%ds %%5.1f%%%%", barwidth); + curl_msnprintf(format, sizeof(format), "\r%%-%ds %%5.1f%%%%", barwidth); #ifdef __clang__ #pragma clang diagnostic push #pragma clang diagnostic ignored "-Wformat-nonliteral" #endif - fprintf(bar->out, format, line, percent); + curl_mfprintf(bar->out, format, line, percent); #ifdef __clang__ #pragma clang diagnostic pop #endif diff --git a/src/tool_cfgable.h b/src/tool_cfgable.h index 3b2ac93a74..7628370551 100644 --- a/src/tool_cfgable.h +++ b/src/tool_cfgable.h @@ -39,24 +39,6 @@ #endif #endif -/* make the tool use the libcurl *printf family */ -# undef printf -# undef fprintf -# undef msnprintf -# undef vprintf -# undef vfprintf -# undef mvsnprintf -# undef aprintf -# undef vaprintf -# define printf curl_mprintf -# define fprintf curl_mfprintf -# define msnprintf curl_msnprintf -# define vprintf curl_mvprintf -# define vfprintf curl_mvfprintf -# define mvsnprintf curl_mvsnprintf -# define aprintf curl_maprintf -# define vaprintf curl_mvaprintf - #define checkprefix(a,b) curl_strnequal(b, STRCONST(a)) #define tool_safefree(ptr) \ diff --git a/src/tool_easysrc.c b/src/tool_easysrc.c index bff251e6b0..65d01d5f85 100644 --- a/src/tool_easysrc.c +++ b/src/tool_easysrc.c @@ -109,7 +109,7 @@ CURLcode easysrc_addf(struct slist_wc **plist, const char *fmt, ...) char *bufp; va_list ap; va_start(ap, fmt); - bufp = vaprintf(fmt, ap); + bufp = curl_mvaprintf(fmt, ap); va_end(ap); if(!bufp) { ret = CURLE_OUT_OF_MEMORY; @@ -190,41 +190,41 @@ void dumpeasysrc(void) const char *c; for(i = 0; ((c = srchead[i]) != NULL); i++) - fprintf(out, "%s\n", c); + curl_mfprintf(out, "%s\n", c); /* Declare variables used for complex setopt values */ if(easysrc_decl) { for(ptr = easysrc_decl->first; ptr; ptr = ptr->next) - fprintf(out, " %s\n", ptr->data); + curl_mfprintf(out, " %s\n", ptr->data); } /* Set up complex values for setopt calls */ if(easysrc_data) { - fprintf(out, "\n"); + curl_mfprintf(out, "\n"); for(ptr = easysrc_data->first; ptr; ptr = ptr->next) - fprintf(out, " %s\n", ptr->data); + curl_mfprintf(out, " %s\n", ptr->data); } - fprintf(out, "\n"); + curl_mfprintf(out, "\n"); if(easysrc_code) { for(ptr = easysrc_code->first; ptr; ptr = ptr->next) { if(ptr->data[0]) { - fprintf(out, " %s\n", ptr->data); + curl_mfprintf(out, " %s\n", ptr->data); } else { - fprintf(out, "\n"); + curl_mfprintf(out, "\n"); } } } if(easysrc_clean) { for(ptr = easysrc_clean->first; ptr; ptr = ptr->next) - fprintf(out, " %s\n", ptr->data); + curl_mfprintf(out, " %s\n", ptr->data); } for(i = 0; ((c = srcend[i]) != NULL); i++) - fprintf(out, "%s\n", c); + curl_mfprintf(out, "%s\n", c); if(fopened) curlx_fclose(out); diff --git a/src/tool_findfile.c b/src/tool_findfile.c index 7705ab7d92..02898a8fb1 100644 --- a/src/tool_findfile.c +++ b/src/tool_findfile.c @@ -69,9 +69,9 @@ static char *checkhome(const char *home, const char *fname, bool dotscore) for(i = 0; i < (dotscore ? 2 : 1); i++) { char *c; if(dotscore) - c = aprintf("%s" DIR_CHAR "%c%s", home, pref[i], &fname[1]); + c = curl_maprintf("%s" DIR_CHAR "%c%s", home, pref[i], &fname[1]); else - c = aprintf("%s" DIR_CHAR "%s", home, fname); + c = curl_maprintf("%s" DIR_CHAR "%s", home, fname); if(c) { int fd = curlx_open(c, O_RDONLY); if(fd >= 0) { @@ -115,7 +115,7 @@ char *findfile(const char *fname, int dotscore) continue; } if(conf_list[i].append) { - char *c = aprintf("%s%s", home, conf_list[i].append); + char *c = curl_maprintf("%s%s", home, conf_list[i].append); curl_free(home); if(!c) return NULL; diff --git a/src/tool_getparam.c b/src/tool_getparam.c index 0fdd6373e5..a54d3f804c 100644 --- a/src/tool_getparam.c +++ b/src/tool_getparam.c @@ -751,8 +751,8 @@ static CURLcode set_trace_config(const char *token) } else { char buffer[64]; - msnprintf(buffer, sizeof(buffer), "%c%.*s,-lib-ids", toggle ? '+' : '-', - (int)len, name); + curl_msnprintf(buffer, sizeof(buffer), "%c%.*s,-lib-ids", + toggle ? '+' : '-', (int)len, name); result = curl_global_trace(buffer); if(result) goto out; @@ -1140,7 +1140,7 @@ static ParameterError parse_localport(struct OperationConfig *config, if(ISBLANK(*pp)) pp++; } - msnprintf(buffer, sizeof(buffer), "%.*s", (int)plen, nextarg); + curl_msnprintf(buffer, sizeof(buffer), "%.*s", (int)plen, nextarg); if(str2unummax(&config->localport, buffer, 65535)) return PARAM_BAD_USE; if(!pp) @@ -1222,7 +1222,7 @@ static ParameterError parse_ech(struct OperationConfig *config, curlx_fclose(file); if(err) return err; - config->ech_config = aprintf("ecl:%s",tmpcfg); + config->ech_config = curl_maprintf("ecl:%s",tmpcfg); free(tmpcfg); if(!config->ech_config) return PARAM_NO_MEM; @@ -1405,8 +1405,8 @@ static ParameterError parse_range(struct OperationConfig *config, char buffer[32]; warnf("A specified range MUST include at least one dash (-). " "Appending one for you"); - msnprintf(buffer, sizeof(buffer), "%" CURL_FORMAT_CURL_OFF_T "-", - value); + curl_msnprintf(buffer, sizeof(buffer), "%" CURL_FORMAT_CURL_OFF_T "-", + value); free(config->range); config->range = strdup(buffer); if(!config->range) diff --git a/src/tool_help.c b/src/tool_help.c index 58d3a2c1f2..7a3a4a3bf4 100644 --- a/src/tool_help.c +++ b/src/tool_help.c @@ -100,7 +100,7 @@ static void print_category(unsigned int category, unsigned int cols) else opt = 0; } - printf(" %-*s %s\n", (int)opt, helptext[i].opt, helptext[i].desc); + curl_mprintf(" %-*s %s\n", (int)opt, helptext[i].opt, helptext[i].desc); } } @@ -110,7 +110,7 @@ static int get_category_content(const char *category, unsigned int cols) unsigned int i; for(i = 0; i < CURL_ARRAYSIZE(categories); ++i) if(curl_strequal(categories[i].opt, category)) { - printf("%s: %s\n", categories[i].opt, categories[i].desc); + curl_mprintf("%s: %s\n", categories[i].opt, categories[i].desc); print_category(categories[i].category, cols); return 0; } @@ -122,7 +122,7 @@ static void get_categories(void) { unsigned int i; for(i = 0; i < CURL_ARRAYSIZE(categories); ++i) - printf(" %-11s %s\n", categories[i].opt, categories[i].desc); + curl_mprintf(" %-11s %s\n", categories[i].opt, categories[i].desc); } /* Prints all categories as a comma-separated list of given width */ @@ -135,18 +135,18 @@ static void get_categories_list(unsigned int width) if(i == CURL_ARRAYSIZE(categories) - 1) { /* final category */ if(col + len + 1 < width) - printf("%s.\n", categories[i].opt); + curl_mprintf("%s.\n", categories[i].opt); else /* start a new line first */ - printf("\n%s.\n", categories[i].opt); + curl_mprintf("\n%s.\n", categories[i].opt); } else if(col + len + 2 < width) { - printf("%s, ", categories[i].opt); + curl_mprintf("%s, ", categories[i].opt); col += len + 2; } else { /* start a new line first */ - printf("\n%s, ", categories[i].opt); + curl_mprintf("\n%s, ", categories[i].opt); col = len + 2; } } @@ -268,17 +268,17 @@ void tool_help(const char *category) else if(!category[2]) a = findshortopt(category[1]); if(!a) { - fprintf(tool_stderr, "Incorrect option name to show help for," - " see curl -h\n"); + curl_mfprintf(tool_stderr, "Incorrect option name to show help for," + " see curl -h\n"); } else { char cmdbuf[80]; if(a->letter != ' ') - msnprintf(cmdbuf, sizeof(cmdbuf), "\n -%c, --", a->letter); + curl_msnprintf(cmdbuf, sizeof(cmdbuf), "\n -%c, --", a->letter); else if(a->desc & ARG_NO) - msnprintf(cmdbuf, sizeof(cmdbuf), "\n --no-%s", a->lname); + curl_msnprintf(cmdbuf, sizeof(cmdbuf), "\n --no-%s", a->lname); else - msnprintf(cmdbuf, sizeof(cmdbuf), "\n %s", category); + curl_msnprintf(cmdbuf, sizeof(cmdbuf), "\n %s", category); #ifdef USE_MANUAL if(a->cmd == C_XATTR) /* this is the last option, which then ends when FILES starts */ @@ -288,8 +288,8 @@ void tool_help(const char *category) #endif } #else - fprintf(tool_stderr, "Cannot comply. " - "This curl was built without built-in manual\n"); + curl_mfprintf(tool_stderr, "Cannot comply. " + "This curl was built without built-in manual\n"); #endif } /* Otherwise print category and handle the case if the cat was not found */ @@ -312,15 +312,15 @@ void tool_version_info(void) { const char *const *builtin; if(is_debug()) - fprintf(tool_stderr, "WARNING: this libcurl is Debug-enabled, " - "do not use in production\n\n"); + curl_mfprintf(tool_stderr, "WARNING: this libcurl is Debug-enabled, " + "do not use in production\n\n"); - printf(CURL_ID "%s\n", curl_version()); + curl_mprintf(CURL_ID "%s\n", curl_version()); #ifdef CURL_PATCHSTAMP - printf("Release-Date: %s, security patched: %s\n", - LIBCURL_TIMESTAMP, CURL_PATCHSTAMP); + curl_mprintf("Release-Date: %s, security patched: %s\n", + LIBCURL_TIMESTAMP, CURL_PATCHSTAMP); #else - printf("Release-Date: %s\n", LIBCURL_TIMESTAMP); + curl_mprintf("Release-Date: %s\n", LIBCURL_TIMESTAMP); #endif if(built_in_protos[0]) { #ifndef CURL_DISABLE_IPFS @@ -339,15 +339,15 @@ void tool_version_info(void) } } #endif /* !CURL_DISABLE_IPFS */ - printf("Protocols:"); + curl_mprintf("Protocols:"); for(builtin = built_in_protos; *builtin; ++builtin) { /* Special case: do not list rtmp?* protocols. They may only appear together with "rtmp" */ if(!curl_strnequal(*builtin, "rtmp", 4) || !builtin[0][4]) - printf(" %s", *builtin); + curl_mprintf(" %s", *builtin); #ifndef CURL_DISABLE_IPFS if(insert && insert == *builtin) { - printf(" ipfs ipns"); + curl_mprintf(" ipfs ipns"); insert = NULL; } #endif /* !CURL_DISABLE_IPFS */ @@ -371,16 +371,16 @@ void tool_version_info(void) feat_ext[feat_ext_count] = NULL; qsort((void *)feat_ext, feat_ext_count, sizeof(*feat_ext), struplocompare4sort); - printf("Features:"); + curl_mprintf("Features:"); for(builtin = feat_ext; *builtin; ++builtin) - printf(" %s", *builtin); + curl_mprintf(" %s", *builtin); puts(""); /* newline */ free((void *)feat_ext); } } if(strcmp(CURL_VERSION, curlinfo->version)) { - printf("WARNING: curl and libcurl versions do not match. " - "Functionality may be affected.\n"); + curl_mprintf("WARNING: curl and libcurl versions do not match. " + "Functionality may be affected.\n"); } } @@ -395,7 +395,7 @@ void tool_list_engines(void) puts("Build-time engines:"); if(engines) { for(; engines; engines = engines->next) - printf(" %s\n", engines->data); + curl_mprintf(" %s\n", engines->data); } else { puts(" "); diff --git a/src/tool_ipfs.c b/src/tool_ipfs.c index c2f1b16523..13124133ea 100644 --- a/src/tool_ipfs.c +++ b/src/tool_ipfs.c @@ -76,14 +76,14 @@ static char *ipfs_gateway(void) if(!ipfs_path) { char *home = getenv("HOME"); if(home && *home) - ipfs_path = aprintf("%s/.ipfs/", home); + ipfs_path = curl_maprintf("%s/.ipfs/", home); /* fallback to "~/.ipfs", as that is the default location. */ } if(!ipfs_path || ensure_trailing_slash(&ipfs_path)) goto fail; - gateway_composed_file_path = aprintf("%sgateway", ipfs_path); + gateway_composed_file_path = curl_maprintf("%sgateway", ipfs_path); if(!gateway_composed_file_path) goto fail; @@ -233,8 +233,8 @@ CURLcode ipfs_url_rewrite(CURLU *uh, const char *protocol, char **url, /* ensure the gateway path ends with a trailing slash */ ensure_trailing_slash(&gwpath); - pathbuffer = aprintf("%s%s/%s%s", gwpath, protocol, cid, - inputpath ? inputpath : ""); + pathbuffer = curl_maprintf("%s%s/%s%s", gwpath, protocol, cid, + inputpath ? inputpath : ""); if(!pathbuffer) { goto clean; } diff --git a/src/tool_main.c b/src/tool_main.c index 0ad40dc29d..4e70c1081c 100644 --- a/src/tool_main.c +++ b/src/tool_main.c @@ -165,7 +165,7 @@ int main(int argc, char *argv[]) if(argc == 2 && !_tcscmp(argv[1], _T("--dump-module-paths"))) { struct curl_slist *item, *head = GetLoadedModulePaths(); for(item = head; item; item = item->next) - printf("%s\n", item->data); + curl_mprintf("%s\n", item->data); curl_slist_free_all(head); return head ? 0 : 1; } diff --git a/src/tool_msgs.c b/src/tool_msgs.c index de0c1431e2..f83cdc76c1 100644 --- a/src/tool_msgs.c +++ b/src/tool_msgs.c @@ -49,7 +49,7 @@ static void voutf(const char *prefix, char *ptr; char *print_buffer; - print_buffer = vaprintf(fmt, ap); + print_buffer = curl_mvaprintf(fmt, ap); if(!print_buffer) return; len = strlen(print_buffer); @@ -120,15 +120,15 @@ void helpf(const char *fmt, ...) va_start(ap, fmt); DEBUGASSERT(!strchr(fmt, '\n')); fputs("curl: ", tool_stderr); /* prefix it */ - vfprintf(tool_stderr, fmt, ap); + curl_mvfprintf(tool_stderr, fmt, ap); va_end(ap); fputs("\n", tool_stderr); /* newline it */ } - fprintf(tool_stderr, "curl: try 'curl --help' " + curl_mfprintf(tool_stderr, "curl: try 'curl --help' " #ifdef USE_MANUAL - "or 'curl --manual' " + "or 'curl --manual' " #endif - "for more information\n"); + "for more information\n"); } /* diff --git a/src/tool_operate.c b/src/tool_operate.c index 2d539de7b5..b49f45fd99 100644 --- a/src/tool_operate.c +++ b/src/tool_operate.c @@ -584,8 +584,8 @@ static CURLcode post_per_transfer(struct per_transfer *per, if(!config->synthetic_error && result && (!global->silent || global->showerror)) { const char *msg = per->errorbuffer; - fprintf(tool_stderr, "curl: (%d) %s\n", result, - msg[0] ? msg : curl_easy_strerror(result)); + curl_mfprintf(tool_stderr, "curl: (%d) %s\n", result, + msg[0] ? msg : curl_easy_strerror(result)); if(result == CURLE_PEER_FAILED_VERIFICATION) fputs(CURL_CA_CERT_ERRORMSG, tool_stderr); } @@ -595,9 +595,9 @@ static CURLcode post_per_transfer(struct per_transfer *per, curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &code); if(code >= 400) { if(!global->silent || global->showerror) - fprintf(tool_stderr, - "curl: (%d) The requested URL returned error: %ld\n", - CURLE_HTTP_RETURNED_ERROR, code); + curl_mfprintf(tool_stderr, + "curl: (%d) The requested URL returned error: %ld\n", + CURLE_HTTP_RETURNED_ERROR, code); result = CURLE_HTTP_RETURNED_ERROR; } } @@ -806,11 +806,11 @@ static CURLcode etag_compare(struct OperationConfig *config) if((PARAM_OK == file2string(&etag_from_file, file)) && etag_from_file) { - header = aprintf("If-None-Match: %s", etag_from_file); + header = curl_maprintf("If-None-Match: %s", etag_from_file); tool_safefree(etag_from_file); } else - header = aprintf("If-None-Match: \"\""); + header = curl_maprintf("If-None-Match: \"\""); if(!header) { if(file) @@ -955,7 +955,7 @@ static CURLcode setup_outfile(struct OperationConfig *config, DEBUGASSERT(per->outfile); if(config->output_dir && *config->output_dir) { - char *d = aprintf("%s/%s", config->output_dir, per->outfile); + char *d = curl_maprintf("%s/%s", config->output_dir, per->outfile); if(!d) return CURLE_WRITE_ERROR; free(per->outfile); @@ -1505,7 +1505,7 @@ static void on_uv_timeout(uv_timer_t *req) { struct datauv *uv = (struct datauv *) req->data; #if DEBUG_UV - fprintf(tool_stderr, "parallel_event: on_uv_timeout\n"); + curl_mfprintf(tool_stderr, "parallel_event: on_uv_timeout\n"); #endif if(uv && uv->s) { curl_multi_socket_action(uv->s->multi, CURL_SOCKET_TIMEOUT, 0, @@ -1520,7 +1520,7 @@ static int cb_timeout(CURLM *multi, long timeout_ms, void *userp) struct datauv *uv = userp; (void)multi; #if DEBUG_UV - fprintf(tool_stderr, "parallel_event: cb_timeout=%ld\n", timeout_ms); + curl_mfprintf(tool_stderr, "parallel_event: cb_timeout=%ld\n", timeout_ms); #endif if(timeout_ms < 0) uv_timer_stop(&uv->timeout); @@ -1571,8 +1571,8 @@ static int cb_socket(CURL *easy, curl_socket_t s, int action, (void)easy; #if DEBUG_UV - fprintf(tool_stderr, "parallel_event: cb_socket, fd=%d, action=%x, p=%p\n", - (int)s, action, socketp); + curl_mfprintf(tool_stderr, "parallel_event: cb_socket, " + "fd=%" FMT_SOCKET_T ", action=%x, p=%p\n", s, action, socketp); #endif switch(action) { case CURL_POLL_IN: @@ -1632,12 +1632,13 @@ static CURLcode parallel_event(struct parastate *s) while(!s->mcode && (s->still_running || s->more_transfers)) { #if DEBUG_UV - fprintf(tool_stderr, "parallel_event: uv_run(), mcode=%d, %d running, " - "%d more\n", s->mcode, uv.s->still_running, s->more_transfers); + curl_mfprintf(tool_stderr, "parallel_event: uv_run(), " + "mcode=%d, %d running, %d more\n", + s->mcode, uv.s->still_running, s->more_transfers); #endif uv_run(uv.loop, UV_RUN_DEFAULT); #if DEBUG_UV - fprintf(tool_stderr, "parallel_event: uv_run() returned\n"); + curl_mfprintf(tool_stderr, "parallel_event: uv_run() returned\n"); #endif result = check_finished(s); @@ -1680,8 +1681,8 @@ static CURLcode parallel_event(struct parastate *s) curl_multi_cleanup(s->multi); #if DEBUG_UV - fprintf(tool_stderr, "DONE parallel_event -> %d, mcode=%d, %d running, " - "%d more\n", + curl_mfprintf(tool_stderr, "DONE parallel_event -> %d, mcode=%d, " + "%d running, %d more\n", result, s->mcode, uv.s->still_running, s->more_transfers); #endif return result; @@ -1708,9 +1709,9 @@ static CURLcode check_finished(struct parastate *s) curl_multi_remove_handle(s->multi, easy); if(ended->abort && (tres == CURLE_ABORTED_BY_CALLBACK)) { - msnprintf(ended->errorbuffer, CURL_ERROR_SIZE, - "Transfer aborted due to critical error " - "in another transfer"); + curl_msnprintf(ended->errorbuffer, CURL_ERROR_SIZE, + "Transfer aborted due to critical error " + "in another transfer"); } tres = post_per_transfer(ended, tres, &retry, &delay); progress_finalize(ended); /* before it goes away */ @@ -2190,7 +2191,7 @@ CURLcode operate(int argc, argv_item_t argv[]) /* Check if we were asked to dump the embedded CA bundle */ else if(res == PARAM_CA_EMBED_REQUESTED) { #ifdef CURL_CA_EMBED - printf("%s", curl_ca_embed); + curl_mprintf("%s", curl_ca_embed); #endif } else if(res == PARAM_LIBCURL_UNSUPPORTED_PROTOCOL) diff --git a/src/tool_operhlp.c b/src/tool_operhlp.c index fdf6472369..a832390540 100644 --- a/src/tool_operhlp.c +++ b/src/tool_operhlp.c @@ -134,10 +134,10 @@ CURLcode add_file_name_to_url(CURL *curl, char **inurlp, const char *filename) char *newurl; if(ptr) /* there is a trailing slash on the path */ - newpath = aprintf("%s%s", path, encfile); + newpath = curl_maprintf("%s%s", path, encfile); else /* there is no trailing slash on the path */ - newpath = aprintf("%s/%s", path, encfile); + newpath = curl_maprintf("%s/%s", path, encfile); curl_free(encfile); diff --git a/src/tool_paramhlp.c b/src/tool_paramhlp.c index a1505115b3..85c24f2ea3 100644 --- a/src/tool_paramhlp.c +++ b/src/tool_paramhlp.c @@ -475,7 +475,7 @@ ParameterError proto2num(const char * const *val, char **ostr, const char *str) else { char buffer[32]; const char *p; - msnprintf(buffer, sizeof(buffer), "%.*s", (int)plen, str); + curl_msnprintf(buffer, sizeof(buffer), "%.*s", (int)plen, str); p = proto_token(buffer); @@ -584,13 +584,13 @@ static CURLcode checkpasswd(const char *kind, /* for what purpose */ /* build a nice-looking prompt */ if(!i && last) - msnprintf(prompt, sizeof(prompt), - "Enter %s password for user '%s':", - kind, *userpwd); + curl_msnprintf(prompt, sizeof(prompt), + "Enter %s password for user '%s':", + kind, *userpwd); else - msnprintf(prompt, sizeof(prompt), - "Enter %s password for user '%s' on URL #%zu:", - kind, *userpwd, i + 1); + curl_msnprintf(prompt, sizeof(prompt), + "Enter %s password for user '%s' on URL #%zu:", + kind, *userpwd, i + 1); /* get password */ getpass_r(prompt, passwd, sizeof(passwd)); diff --git a/src/tool_parsecfg.c b/src/tool_parsecfg.c index 632286530a..5cf3527ce2 100644 --- a/src/tool_parsecfg.c +++ b/src/tool_parsecfg.c @@ -156,7 +156,7 @@ int parseconfig(const char *filename) *line++ = '\0'; /* null-terminate, we have a local copy of the data */ #ifdef DEBUG_CONFIG - fprintf(tool_stderr, "GOT: %s\n", option); + curl_mfprintf(tool_stderr, "GOT: %s\n", option); #endif /* pass spaces and separator(s) */ @@ -204,7 +204,7 @@ int parseconfig(const char *filename) } #ifdef DEBUG_CONFIG - fprintf(tool_stderr, "PARAM: \"%s\"\n",(param ? param : "(null)")); + curl_mfprintf(tool_stderr, "PARAM: \"%s\"\n",(param ? param : "(null)")); #endif res = getparameter(option, param, &usedarg, config); config = global->last; diff --git a/src/tool_progress.c b/src/tool_progress.c index d29bfdc4da..2fcc7ff85e 100644 --- a/src/tool_progress.c +++ b/src/tool_progress.c @@ -35,7 +35,7 @@ static char *max5data(curl_off_t bytes, char *max5) const char unit[] = { 'k', 'M', 'G', 'T', 'P', 0 }; int k = 0; if(bytes < 100000) { - msnprintf(max5, 6, "%5" CURL_FORMAT_CURL_OFF_T, bytes); + curl_msnprintf(max5, 6, "%5" CURL_FORMAT_CURL_OFF_T, bytes); return max5; } @@ -43,14 +43,15 @@ static char *max5data(curl_off_t bytes, char *max5) curl_off_t nbytes = bytes / 1024; if(nbytes < 100) { /* display with a decimal */ - msnprintf(max5, 6, "%2" CURL_FORMAT_CURL_OFF_T ".%0" - CURL_FORMAT_CURL_OFF_T "%c", bytes/1024, - (bytes%1024) / (1024/10), unit[k]); + curl_msnprintf(max5, 6, "%2" CURL_FORMAT_CURL_OFF_T ".%0" + CURL_FORMAT_CURL_OFF_T "%c", bytes/1024, + (bytes%1024) / (1024/10), unit[k]); break; } else if(nbytes < 10000) { /* no decimals */ - msnprintf(max5, 6, "%4" CURL_FORMAT_CURL_OFF_T "%c", nbytes, unit[k]); + curl_msnprintf(max5, 6, "%4" CURL_FORMAT_CURL_OFF_T "%c", nbytes, + unit[k]); break; } bytes = nbytes; @@ -97,8 +98,9 @@ static void time2str(char *r, curl_off_t seconds) if(h <= 99) { curl_off_t m = (seconds - (h * 3600)) / 60; curl_off_t s = (seconds - (h * 3600)) - (m * 60); - msnprintf(r, 9, "%2" CURL_FORMAT_CURL_OFF_T ":%02" CURL_FORMAT_CURL_OFF_T - ":%02" CURL_FORMAT_CURL_OFF_T, h, m, s); + curl_msnprintf(r, 9, "%2" CURL_FORMAT_CURL_OFF_T + ":%02" CURL_FORMAT_CURL_OFF_T + ":%02" CURL_FORMAT_CURL_OFF_T, h, m, s); } else { /* this equals to more than 99 hours, switch to a more suitable output @@ -106,10 +108,10 @@ static void time2str(char *r, curl_off_t seconds) curl_off_t d = seconds / 86400; h = (seconds - (d * 86400)) / 3600; if(d <= 999) - msnprintf(r, 9, "%3" CURL_FORMAT_CURL_OFF_T - "d %02" CURL_FORMAT_CURL_OFF_T "h", d, h); + curl_msnprintf(r, 9, "%3" CURL_FORMAT_CURL_OFF_T + "d %02" CURL_FORMAT_CURL_OFF_T "h", d, h); else - msnprintf(r, 9, "%7" CURL_FORMAT_CURL_OFF_T "d", d); + curl_msnprintf(r, 9, "%7" CURL_FORMAT_CURL_OFF_T "d", d); } } @@ -204,16 +206,16 @@ bool progress_meter(CURLM *multi, } } if(dlknown && all_dltotal) - msnprintf(dlpercen, sizeof(dlpercen), "%3" CURL_FORMAT_CURL_OFF_T, - all_dlnow < (CURL_OFF_T_MAX/100) ? - (all_dlnow * 100 / all_dltotal) : - (all_dlnow / (all_dltotal/100))); + curl_msnprintf(dlpercen, sizeof(dlpercen), "%3" CURL_FORMAT_CURL_OFF_T, + all_dlnow < (CURL_OFF_T_MAX/100) ? + (all_dlnow * 100 / all_dltotal) : + (all_dlnow / (all_dltotal/100))); if(ulknown && all_ultotal) - msnprintf(ulpercen, sizeof(ulpercen), "%3" CURL_FORMAT_CURL_OFF_T, - all_ulnow < (CURL_OFF_T_MAX/100) ? - (all_ulnow * 100 / all_ultotal) : - (all_ulnow / (all_ultotal/100))); + curl_msnprintf(ulpercen, sizeof(ulpercen), "%3" CURL_FORMAT_CURL_OFF_T, + all_ulnow < (CURL_OFF_T_MAX/100) ? + (all_ulnow * 100 / all_ultotal) : + (all_ulnow / (all_ultotal/100))); /* get the transfer speed, the higher of the two */ @@ -266,31 +268,31 @@ bool progress_meter(CURLM *multi, (void)curl_multi_get_offt(multi, CURLMINFO_XFERS_ADDED, &xfers_added); (void)curl_multi_get_offt(multi, CURLMINFO_XFERS_RUNNING, &xfers_running); - fprintf(tool_stderr, - "\r" - "%-3s " /* percent downloaded */ - "%-3s " /* percent uploaded */ - "%s " /* Dled */ - "%s " /* Uled */ - "%5" CURL_FORMAT_CURL_OFF_T " " /* Xfers */ - "%5" CURL_FORMAT_CURL_OFF_T " " /* Live */ - " %s " /* Total time */ - "%s " /* Current time */ - "%s " /* Time left */ - "%s " /* Speed */ - "%5s" /* final newline */, + curl_mfprintf(tool_stderr, + "\r" + "%-3s " /* percent downloaded */ + "%-3s " /* percent uploaded */ + "%s " /* Dled */ + "%s " /* Uled */ + "%5" CURL_FORMAT_CURL_OFF_T " " /* Xfers */ + "%5" CURL_FORMAT_CURL_OFF_T " " /* Live */ + " %s " /* Total time */ + "%s " /* Current time */ + "%s " /* Time left */ + "%s " /* Speed */ + "%5s" /* final newline */, - dlpercen, /* 3 letters */ - ulpercen, /* 3 letters */ - max5data(all_dlnow, buffer[0]), - max5data(all_ulnow, buffer[1]), - xfers_added, - xfers_running, - time_total, - time_spent, - time_left, - max5data(speed, buffer[2]), /* speed */ - final ? "\n" :""); + dlpercen, /* 3 letters */ + ulpercen, /* 3 letters */ + max5data(all_dlnow, buffer[0]), + max5data(all_ulnow, buffer[1]), + xfers_added, + xfers_running, + time_total, + time_spent, + time_left, + max5data(speed, buffer[2]), /* speed */ + final ? "\n" :""); return TRUE; } return FALSE; diff --git a/src/tool_setopt.c b/src/tool_setopt.c index b1b3f0a8b7..c3e7213dc8 100644 --- a/src/tool_setopt.c +++ b/src/tool_setopt.c @@ -334,8 +334,8 @@ CURLcode tool_setopt_bitmask(CURL *curl, const char *name, CURLoption tag, char preamble[80]; unsigned long rest = (unsigned long)lval; const struct NameValueUnsigned *nv = NULL; - msnprintf(preamble, sizeof(preamble), - "curl_easy_setopt(hnd, %s, ", name); + curl_msnprintf(preamble, sizeof(preamble), + "curl_easy_setopt(hnd, %s, ", name); for(nv = nvlist; nv->name; nv++) { if((nv->value & ~ rest) == 0) { /* all value flags contained in rest */ @@ -345,8 +345,8 @@ CURLcode tool_setopt_bitmask(CURL *curl, const char *name, CURLoption tag, if(!rest || ret) break; /* handled them all */ /* replace with all spaces for continuation line */ - msnprintf(preamble, sizeof(preamble), "%*s", (int)strlen(preamble), - ""); + curl_msnprintf(preamble, sizeof(preamble), "%*s", + (int)strlen(preamble), ""); } } /* If any bits have no definition, output an explicit value. diff --git a/src/tool_urlglob.c b/src/tool_urlglob.c index ac836dcdff..4a28376e14 100644 --- a/src/tool_urlglob.c +++ b/src/tool_urlglob.c @@ -466,16 +466,16 @@ CURLcode glob_url(struct URLGlob *glob, char *url, curl_off_t *urlnum, char text[512]; const char *t; if(glob->pos) { - msnprintf(text, sizeof(text), "%s in URL position %zu:\n%s\n%*s^", - glob->error, - glob->pos, url, (int)glob->pos - 1, " "); + curl_msnprintf(text, sizeof(text), "%s in URL position %zu:\n%s\n%*s^", + glob->error, + glob->pos, url, (int)glob->pos - 1, " "); t = text; } else t = glob->error; /* send error description to the error-stream */ - fprintf(error, "curl: (%d) %s\n", res, t); + curl_mfprintf(error, "curl: (%d) %s\n", res, t); } /* it failed, we cleanup */ glob_cleanup(glob); diff --git a/src/tool_vms.c b/src/tool_vms.c index 5beb89d2ec..fac0cfc4dd 100644 --- a/src/tool_vms.c +++ b/src/tool_vms.c @@ -176,14 +176,14 @@ static void decc_init(void) } else { /* Invalid DECC feature value. */ - printf(" INVALID DECC FEATURE VALUE, %d: %d <= %s <= %d.\n", - feat_value, - feat_value_min, decc_feat_array[i].name, feat_value_max); + curl_mprintf(" INVALID DECC FEATURE VALUE, %d: %d <= %s <= %d.\n", + feat_value, + feat_value_min, decc_feat_array[i].name, feat_value_max); } } else { /* Invalid DECC feature name. */ - printf(" UNKNOWN DECC FEATURE: %s.\n", decc_feat_array[i].name); + curl_mprintf(" UNKNOWN DECC FEATURE: %s.\n", decc_feat_array[i].name); } } diff --git a/src/tool_writeout.c b/src/tool_writeout.c index eaeec152e4..cdfa23a752 100644 --- a/src/tool_writeout.c +++ b/src/tool_writeout.c @@ -176,14 +176,14 @@ static int writeTime(FILE *stream, const struct writeoutvar *wovar, us %= 1000000; if(use_json) - fprintf(stream, "\"%s\":", wovar->name); + curl_mfprintf(stream, "\"%s\":", wovar->name); - fprintf(stream, "%" CURL_FORMAT_CURL_OFF_TU - ".%06" CURL_FORMAT_CURL_OFF_TU, secs, us); + curl_mfprintf(stream, "%" CURL_FORMAT_CURL_OFF_TU + ".%06" CURL_FORMAT_CURL_OFF_TU, secs, us); } else { if(use_json) - fprintf(stream, "\"%s\":null", wovar->name); + curl_mfprintf(stream, "\"%s\":null", wovar->name); } return 1; /* return 1 if anything was written */ @@ -414,7 +414,7 @@ static int writeString(FILE *stream, const struct writeoutvar *wovar, DEBUGASSERT(!valid || strinfo); if(valid && strinfo) { if(use_json) { - fprintf(stream, "\"%s\":", wovar->name); + curl_mfprintf(stream, "\"%s\":", wovar->name); jsonWriteString(stream, strinfo, FALSE); } else @@ -422,7 +422,7 @@ static int writeString(FILE *stream, const struct writeoutvar *wovar, } else { if(use_json) - fprintf(stream, "\"%s\":null", wovar->name); + curl_mfprintf(stream, "\"%s\":null", wovar->name); } curl_free((char *)CURL_UNCONST(freestr)); @@ -470,17 +470,17 @@ static int writeLong(FILE *stream, const struct writeoutvar *wovar, if(valid) { if(use_json) - fprintf(stream, "\"%s\":%ld", wovar->name, longinfo); + curl_mfprintf(stream, "\"%s\":%ld", wovar->name, longinfo); else { if(wovar->id == VAR_HTTP_CODE || wovar->id == VAR_HTTP_CODE_PROXY) - fprintf(stream, "%03ld", longinfo); + curl_mfprintf(stream, "%03ld", longinfo); else - fprintf(stream, "%ld", longinfo); + curl_mfprintf(stream, "%ld", longinfo); } } else { if(use_json) - fprintf(stream, "\"%s\":null", wovar->name); + curl_mfprintf(stream, "\"%s\":null", wovar->name); } return 1; /* return 1 if anything was written */ @@ -516,13 +516,13 @@ static int writeOffset(FILE *stream, const struct writeoutvar *wovar, if(valid) { if(use_json) - fprintf(stream, "\"%s\":", wovar->name); + curl_mfprintf(stream, "\"%s\":", wovar->name); - fprintf(stream, "%" CURL_FORMAT_CURL_OFF_T, offinfo); + curl_mfprintf(stream, "%" CURL_FORMAT_CURL_OFF_T, offinfo); } else { if(use_json) - fprintf(stream, "\"%s\":null", wovar->name); + curl_mfprintf(stream, "\"%s\":null", wovar->name); } return 1; /* return 1 if anything was written */ @@ -796,9 +796,9 @@ void ourWriteOut(struct OperationConfig *config, struct per_transfer *per, } } else { - fprintf(tool_stderr, - "curl: unknown --write-out variable: '%.*s'\n", - (int)vlen, ptr); + curl_mfprintf(tool_stderr, + "curl: unknown --write-out variable: '%.*s'\n", + (int)vlen, ptr); } ptr = end + 1; /* pass the end */ } diff --git a/src/tool_writeout_json.c b/src/tool_writeout_json.c index cfa2d1c901..f3175edf95 100644 --- a/src/tool_writeout_json.c +++ b/src/tool_writeout_json.c @@ -112,9 +112,9 @@ void ourWriteOutJSON(FILE *stream, const struct writeoutvar mappings[], /* The variables are sorted in alphabetical order but as a special case curl_version (which is not actually a --write-out variable) is last. */ - fprintf(stream, "\"curl_version\":"); + curl_mfprintf(stream, "\"curl_version\":"); jsonWriteString(stream, curl_version(), FALSE); - fprintf(stream, "}"); + curl_mfprintf(stream, "}"); } void headerJSON(FILE *stream, struct per_transfer *per) diff --git a/src/tool_xattr.c b/src/tool_xattr.c index 346c805a40..fb0669106e 100644 --- a/src/tool_xattr.c +++ b/src/tool_xattr.c @@ -83,7 +83,7 @@ static int xattr(int fd, if(value) { #ifdef DEBUGBUILD if(getenv("CURL_FAKE_XATTR")) { - printf("%s => %s\n", attr, value); + curl_mprintf("%s => %s\n", attr, value); return 0; } #endif From e7a5184fa1ebcd68ead0e3e9b78340296acac350 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 6 Oct 2025 10:39:29 +0200 Subject: [PATCH 0292/2408] openssl: call SSL_get_error() with proper error The error function should be called with the return code from the previous call to SSL_shutdown() as argument. Closes #18872 --- lib/vtls/openssl.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 0714ce7c6a..409c9c0946 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -2169,14 +2169,16 @@ static CURLcode ossl_shutdown(struct Curl_cfilter *cf, /* SSL should now have started the shutdown from our side. Since it * was not complete, we are lacking the close notify from the server. */ if(send_shutdown && !(SSL_get_shutdown(octx->ssl) & SSL_SENT_SHUTDOWN)) { + int rc; ERR_clear_error(); CURL_TRC_CF(data, cf, "send SSL close notify"); - if(SSL_shutdown(octx->ssl) == 1) { + rc = SSL_shutdown(octx->ssl); + if(rc == 1) { CURL_TRC_CF(data, cf, "SSL shutdown finished"); *done = TRUE; goto out; } - if(SSL_ERROR_WANT_WRITE == SSL_get_error(octx->ssl, nread)) { + if(SSL_ERROR_WANT_WRITE == SSL_get_error(octx->ssl, rc)) { CURL_TRC_CF(data, cf, "SSL shutdown still wants to send"); connssl->io_need = CURL_SSL_IO_NEED_SEND; goto out; From e9ababe9aa4c1f7d727494d660650af934db523b Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 6 Oct 2025 02:33:49 +0200 Subject: [PATCH 0293/2408] windows: use native error code types more - curlx_get_winapi_error: accept DWORD (was: int), move casts one level up the callstack. - sspi: bump some types to `SECURITY_STATUS` (int -> LONG). - digest_sspi: drop unnecessary cast. Closes #18868 --- lib/curlx/strerr.c | 2 +- lib/curlx/winapi.c | 6 +++--- lib/curlx/winapi.h | 2 +- lib/strerror.c | 10 +++++----- lib/strerror.h | 2 +- lib/vauth/digest_sspi.c | 3 +-- lib/vauth/spnego_sspi.c | 37 +++++++++++++++++-------------------- lib/vauth/vauth.h | 2 +- 8 files changed, 30 insertions(+), 34 deletions(-) diff --git a/lib/curlx/strerr.c b/lib/curlx/strerr.c index 96dc9c8355..e5227554e5 100644 --- a/lib/curlx/strerr.c +++ b/lib/curlx/strerr.c @@ -298,7 +298,7 @@ const char *curlx_strerror(int err, char *buf, size_t buflen) #ifdef USE_WINSOCK !get_winsock_error(err, buf, buflen) && #endif - !curlx_get_winapi_error(err, buf, buflen)) + !curlx_get_winapi_error((DWORD)err, buf, buflen)) SNPRINTF(buf, buflen, "Unknown error %d (%#x)", err, err); } #else /* !_WIN32 */ diff --git a/lib/curlx/winapi.c b/lib/curlx/winapi.c index cc008e3087..6d94733bed 100644 --- a/lib/curlx/winapi.c +++ b/lib/curlx/winapi.c @@ -48,7 +48,7 @@ * codes (GetLastError) to error messages. * Returns NULL if no error message was found for error code. */ -const char *curlx_get_winapi_error(int err, char *buf, size_t buflen) +const char *curlx_get_winapi_error(DWORD err, char *buf, size_t buflen) { char *p; wchar_t wbuf[256]; @@ -64,7 +64,7 @@ const char *curlx_get_winapi_error(int err, char *buf, size_t buflen) expect the local codepage (eg fprintf, failf, infof). FormatMessageW -> wcstombs is used for Windows CE compatibility. */ if(FormatMessageW((FORMAT_MESSAGE_FROM_SYSTEM | - FORMAT_MESSAGE_IGNORE_INSERTS), NULL, (DWORD)err, + FORMAT_MESSAGE_IGNORE_INSERTS), NULL, err, LANG_NEUTRAL, wbuf, CURL_ARRAYSIZE(wbuf), NULL)) { size_t written = wcstombs(buf, wbuf, buflen - 1); if(written != (size_t)-1) @@ -96,7 +96,7 @@ const char *curlx_winapi_strerror(DWORD err, char *buf, size_t buflen) *buf = '\0'; #ifndef CURL_DISABLE_VERBOSE_STRINGS - if(!curlx_get_winapi_error((int)err, buf, buflen)) { + if(!curlx_get_winapi_error(err, buf, buflen)) { #if defined(__GNUC__) && __GNUC__ >= 7 #pragma GCC diagnostic push #pragma GCC diagnostic warning "-Wformat-truncation=1" diff --git a/lib/curlx/winapi.h b/lib/curlx/winapi.h index 76ddcc53b8..d30f5efa13 100644 --- a/lib/curlx/winapi.h +++ b/lib/curlx/winapi.h @@ -26,7 +26,7 @@ #ifdef _WIN32 #define WINAPI_ERROR_LEN 100 -const char *curlx_get_winapi_error(int err, char *buf, size_t buflen); +const char *curlx_get_winapi_error(DWORD err, char *buf, size_t buflen); const char *curlx_winapi_strerror(DWORD err, char *buf, size_t buflen); #endif diff --git a/lib/strerror.c b/lib/strerror.c index c4545af888..8d22ac9b34 100644 --- a/lib/strerror.c +++ b/lib/strerror.c @@ -546,7 +546,7 @@ curl_url_strerror(CURLUcode error) * Curl_sspi_strerror: * Variant of curlx_strerror if the error code is definitely Windows SSPI. */ -const char *Curl_sspi_strerror(int err, char *buf, size_t buflen) +const char *Curl_sspi_strerror(SECURITY_STATUS err, char *buf, size_t buflen) { #ifdef _WIN32 DWORD old_win_err = GetLastError(); @@ -656,17 +656,17 @@ const char *Curl_sspi_strerror(int err, char *buf, size_t buflen) if(err == SEC_E_ILLEGAL_MESSAGE) { curl_msnprintf(buf, buflen, - "SEC_E_ILLEGAL_MESSAGE (0x%08X) - This error usually " + "SEC_E_ILLEGAL_MESSAGE (0x%08lX) - This error usually " "occurs when a fatal SSL/TLS alert is received (e.g. " "handshake failed). More detail may be available in " "the Windows System event log.", err); } else { char msgbuf[256]; - if(curlx_get_winapi_error(err, msgbuf, sizeof(msgbuf))) - curl_msnprintf(buf, buflen, "%s (0x%08X) - %s", txt, err, msgbuf); + if(curlx_get_winapi_error((DWORD)err, msgbuf, sizeof(msgbuf))) + curl_msnprintf(buf, buflen, "%s (0x%08lX) - %s", txt, err, msgbuf); else - curl_msnprintf(buf, buflen, "%s (0x%08X)", txt, err); + curl_msnprintf(buf, buflen, "%s (0x%08lX)", txt, err); } #else diff --git a/lib/strerror.h b/lib/strerror.h index 2120726c9f..c52503ed93 100644 --- a/lib/strerror.h +++ b/lib/strerror.h @@ -25,7 +25,7 @@ ***************************************************************************/ #ifdef USE_WINDOWS_SSPI -const char *Curl_sspi_strerror(int err, char *buf, size_t buflen); +const char *Curl_sspi_strerror(SECURITY_STATUS err, char *buf, size_t buflen); #endif #endif /* HEADER_CURL_STRERROR_H */ diff --git a/lib/vauth/digest_sspi.c b/lib/vauth/digest_sspi.c index 2f4b8d4a1d..f231dabc81 100644 --- a/lib/vauth/digest_sspi.c +++ b/lib/vauth/digest_sspi.c @@ -473,8 +473,7 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data, if(status == SEC_E_OK) output_token_len = chlg_buf[4].cbBuffer; else { /* delete the context so a new one can be made */ - infof(data, "digest_sspi: MakeSignature failed, error 0x%08lx", - (long)status); + infof(data, "digest_sspi: MakeSignature failed, error 0x%08lx", status); Curl_pSecFn->DeleteSecurityContext(digest->http_context); Curl_safefree(digest->http_context); } diff --git a/lib/vauth/spnego_sspi.c b/lib/vauth/spnego_sspi.c index ae44523d32..935468f3a6 100644 --- a/lib/vauth/spnego_sspi.c +++ b/lib/vauth/spnego_sspi.c @@ -127,7 +127,7 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data, if(!nego->output_token) { /* Query the security package for Negotiate */ - nego->status = (DWORD)Curl_pSecFn->QuerySecurityPackageInfo( + nego->status = Curl_pSecFn->QuerySecurityPackageInfo( (TCHAR *)CURL_UNCONST(TEXT(SP_NAME_NEGOTIATE)), &SecurityPackage); if(nego->status != SEC_E_OK) { @@ -167,8 +167,7 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data, return CURLE_OUT_OF_MEMORY; /* Acquire our credentials handle */ - nego->status = (DWORD) - Curl_pSecFn->AcquireCredentialsHandle(NULL, + nego->status = Curl_pSecFn->AcquireCredentialsHandle(NULL, (TCHAR *)CURL_UNCONST(TEXT(SP_NAME_NEGOTIATE)), SECPKG_CRED_OUTBOUND, NULL, nego->p_identity, NULL, NULL, @@ -216,11 +215,10 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data, SEC_CHANNEL_BINDINGS channelBindings; SecPkgContext_Bindings pkgBindings; pkgBindings.Bindings = &channelBindings; - nego->status = (DWORD)Curl_pSecFn->QueryContextAttributes( + nego->status = Curl_pSecFn->QueryContextAttributes( nego->sslContext, SECPKG_ATTR_ENDPOINT_BINDINGS, - &pkgBindings - ); + &pkgBindings); if(nego->status == SEC_E_OK) { chlg_desc.cBuffers++; chlg_buf[1].BufferType = SECBUFFER_CHANNEL_BINDINGS; @@ -241,14 +239,14 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data, /* Generate our challenge-response message */ nego->status = - (DWORD)Curl_pSecFn->InitializeSecurityContext(nego->credentials, - chlg ? nego->context : NULL, - nego->spn, - ISC_REQ_CONFIDENTIALITY, - 0, SECURITY_NATIVE_DREP, - chlg ? &chlg_desc : NULL, - 0, nego->context, - &resp_desc, &attrs, NULL); + Curl_pSecFn->InitializeSecurityContext(nego->credentials, + chlg ? nego->context : NULL, + nego->spn, + ISC_REQ_CONFIDENTIALITY, + 0, SECURITY_NATIVE_DREP, + chlg ? &chlg_desc : NULL, + 0, nego->context, + &resp_desc, &attrs, NULL); /* Free the decoded challenge as it is not required anymore */ free(chlg); @@ -256,9 +254,9 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data, if(GSS_ERROR(nego->status)) { char buffer[STRERROR_LEN]; failf(data, "InitializeSecurityContext failed: %s", - Curl_sspi_strerror((int)nego->status, buffer, sizeof(buffer))); + Curl_sspi_strerror(nego->status, buffer, sizeof(buffer))); - if(nego->status == (DWORD)SEC_E_INSUFFICIENT_MEMORY) + if(nego->status == SEC_E_INSUFFICIENT_MEMORY) return CURLE_OUT_OF_MEMORY; return CURLE_AUTH_ERROR; @@ -266,14 +264,13 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data, if(nego->status == SEC_I_COMPLETE_NEEDED || nego->status == SEC_I_COMPLETE_AND_CONTINUE) { - nego->status = (DWORD)Curl_pSecFn->CompleteAuthToken(nego->context, - &resp_desc); + nego->status = Curl_pSecFn->CompleteAuthToken(nego->context, &resp_desc); if(GSS_ERROR(nego->status)) { char buffer[STRERROR_LEN]; failf(data, "CompleteAuthToken failed: %s", - Curl_sspi_strerror((int)nego->status, buffer, sizeof(buffer))); + Curl_sspi_strerror(nego->status, buffer, sizeof(buffer))); - if(nego->status == (DWORD)SEC_E_INSUFFICIENT_MEMORY) + if(nego->status == SEC_E_INSUFFICIENT_MEMORY) return CURLE_OUT_OF_MEMORY; return CURLE_AUTH_ERROR; diff --git a/lib/vauth/vauth.h b/lib/vauth/vauth.h index d9e73a0ed1..57fd27a6a7 100644 --- a/lib/vauth/vauth.h +++ b/lib/vauth/vauth.h @@ -317,7 +317,7 @@ struct negotiatedata { #ifdef SECPKG_ATTR_ENDPOINT_BINDINGS CtxtHandle *sslContext; #endif - DWORD status; + SECURITY_STATUS status; CredHandle *credentials; CtxtHandle *context; SEC_WINNT_AUTH_IDENTITY identity; From 762ce8801b2ff8cad340797c71b18be17b6c4de2 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Mon, 6 Oct 2025 13:05:14 +0200 Subject: [PATCH 0294/2408] quiche: fix possible leaks on teardown When the close of the quiche filter was never called, the destroy function did not release all allicated resources. When closing a quiche filter, set the connected flag to FALSE. Reported-by: Joshua Rogers Closes #18880 --- lib/vquic/curl_quiche.c | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c index 36691d09db..6534822c76 100644 --- a/lib/vquic/curl_quiche.c +++ b/lib/vquic/curl_quiche.c @@ -147,14 +147,22 @@ static void cf_quiche_ctx_free(struct cf_quiche_ctx *ctx) static void cf_quiche_ctx_close(struct cf_quiche_ctx *ctx) { - if(ctx->h3c) + if(ctx->h3c) { quiche_h3_conn_free(ctx->h3c); - if(ctx->h3config) + ctx->h3c = NULL; + } + if(ctx->h3config) { quiche_h3_config_free(ctx->h3config); - if(ctx->qconn) + ctx->h3config = NULL; + } + if(ctx->qconn) { quiche_conn_free(ctx->qconn); - if(ctx->cfg) + ctx->qconn = NULL; + } + if(ctx->cfg) { quiche_config_free(ctx->cfg); + ctx->cfg = NULL; + } } static CURLcode cf_flush_egress(struct Curl_cfilter *cf, @@ -1494,6 +1502,7 @@ static void cf_quiche_close(struct Curl_cfilter *cf, struct Curl_easy *data) bool done; (void)cf_quiche_shutdown(cf, data, &done); cf_quiche_ctx_close(cf->ctx); + cf->connected = FALSE; } } @@ -1501,6 +1510,7 @@ static void cf_quiche_destroy(struct Curl_cfilter *cf, struct Curl_easy *data) { (void)data; if(cf->ctx) { + cf_quiche_ctx_close(cf->ctx); cf_quiche_ctx_free(cf->ctx); cf->ctx = NULL; } From aae18c4bdc1a3bf5b6567825ef6439756f0c5b74 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 5 Oct 2025 23:19:13 +0200 Subject: [PATCH 0295/2408] tool_getparam: add --knownhosts To allow users to specify a known hosts file that is not the default one: ~/.ssh/known_hosts URL: https://github.com/curl/curl/discussions/18784 Closes #18859 --- docs/cmdline-opts/Makefile.inc | 1 + docs/cmdline-opts/knownhosts.md | 31 +++++++++++++++++++++++++++++++ docs/options-in-versions | 1 + src/config2setopts.c | 6 +++--- src/tool_cfgable.c | 1 + src/tool_cfgable.h | 3 +-- src/tool_getparam.c | 4 ++++ src/tool_getparam.h | 1 + src/tool_listhelp.c | 3 +++ src/tool_operate.c | 1 - tests/data/test1459 | 10 ++-------- 11 files changed, 48 insertions(+), 14 deletions(-) create mode 100644 docs/cmdline-opts/knownhosts.md diff --git a/docs/cmdline-opts/Makefile.inc b/docs/cmdline-opts/Makefile.inc index b8e88421a9..f7236af1b1 100644 --- a/docs/cmdline-opts/Makefile.inc +++ b/docs/cmdline-opts/Makefile.inc @@ -147,6 +147,7 @@ DPAGES = \ keepalive-time.md \ key-type.md \ key.md \ + knownhosts.md \ krb.md \ libcurl.md \ limit-rate.md \ diff --git a/docs/cmdline-opts/knownhosts.md b/docs/cmdline-opts/knownhosts.md new file mode 100644 index 0000000000..47095632df --- /dev/null +++ b/docs/cmdline-opts/knownhosts.md @@ -0,0 +1,31 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Long: knownhosts +Arg: +Protocols: SCP SFTP +Help: Specify knownhosts path +Category: ssh +Added: 8.17.0 +Multi: single +See-also: + - hostpubsha256 + - hostpubmd5 + - insecure + - key +Example: + - --knownhost filename --key here $URL +--- + +# `--knownhosts` + +When doing SCP and SFTP transfers, curl automatically checks a database +containing identification for all hosts it has ever been used with to verify +that the host it connects to is the same as previously. Host keys are stored +in such a known hosts file. curl uses the ~/.ssh/known_hosts in the user's +home directory by default. + +This option lets a user specify a specific file to check the host against. + +The known hosts check can be disabled with --insecure, but that makes the +transfer insecure and is strongly discouraged. diff --git a/docs/options-in-versions b/docs/options-in-versions index 6d2a9057fa..95d84a4bfe 100644 --- a/docs/options-in-versions +++ b/docs/options-in-versions @@ -111,6 +111,7 @@ --keepalive-time 7.18.0 --key 7.9.3 --key-type 7.9.3 +--knownhosts 8.17.0 --krb 7.3 --libcurl 7.16.1 --limit-rate 7.10 diff --git a/src/config2setopts.c b/src/config2setopts.c index 5921cd73ce..0a519ed048 100644 --- a/src/config2setopts.c +++ b/src/config2setopts.c @@ -195,7 +195,7 @@ static CURLcode ssh_setopts(struct OperationConfig *config, CURL *curl) my_setopt_long(curl, CURLOPT_SSH_COMPRESSION, 1); if(!config->insecure_ok) { - char *known = global->knownhosts; + char *known = config->knownhosts; if(!known) known = findfile(".ssh/known_hosts", FALSE); @@ -203,12 +203,12 @@ static CURLcode ssh_setopts(struct OperationConfig *config, CURL *curl) /* new in curl 7.19.6 */ result = my_setopt_str(curl, CURLOPT_SSH_KNOWNHOSTS, known); if(result) { - global->knownhosts = NULL; + config->knownhosts = NULL; curl_free(known); return result; } /* store it in global to avoid repeated checks */ - global->knownhosts = known; + config->knownhosts = known; } else if(!config->hostpubmd5 && !config->hostpubsha256) { errorf("Couldn't find a known_hosts file"); diff --git a/src/tool_cfgable.c b/src/tool_cfgable.c index e2df7cf91f..48148a88ad 100644 --- a/src/tool_cfgable.c +++ b/src/tool_cfgable.c @@ -189,6 +189,7 @@ static void free_config_fields(struct OperationConfig *config) tool_safefree(config->ech); tool_safefree(config->ech_config); tool_safefree(config->ech_public); + tool_safefree(config->knownhosts); } void config_free(struct OperationConfig *config) diff --git a/src/tool_cfgable.h b/src/tool_cfgable.h index 7628370551..3c67695124 100644 --- a/src/tool_cfgable.h +++ b/src/tool_cfgable.h @@ -94,6 +94,7 @@ struct OperationConfig { char *proxyuserpwd; char *proxy; char *noproxy; + char *knownhosts; char *mail_from; struct curl_slist *mail_rcpt; char *mail_auth; @@ -335,8 +336,6 @@ struct GlobalConfig { FILE *trace_stream; char *libcurl; /* Output libcurl code to this filename */ char *ssl_sessions; /* file to load/save SSL session tickets */ - char *knownhosts; /* known host path, if set. curl_free() - this */ struct tool_var *variables; struct OperationConfig *first; struct OperationConfig *current; diff --git a/src/tool_getparam.c b/src/tool_getparam.c index a54d3f804c..b533f41aa7 100644 --- a/src/tool_getparam.c +++ b/src/tool_getparam.c @@ -196,6 +196,7 @@ static const struct LongShort aliases[]= { {"keepalive-time", ARG_STRG, ' ', C_KEEPALIVE_TIME}, {"key", ARG_FILE, ' ', C_KEY}, {"key-type", ARG_STRG|ARG_TLS, ' ', C_KEY_TYPE}, + {"knownhosts", ARG_FILE, ' ', C_KNOWNHOSTS}, {"krb", ARG_STRG|ARG_DEPR, ' ', C_KRB}, {"krb4", ARG_STRG|ARG_DEPR, ' ', C_KRB4}, {"libcurl", ARG_STRG, ' ', C_LIBCURL}, @@ -2224,6 +2225,9 @@ static ParameterError opt_file(struct OperationConfig *config, case C_KEY: /* --key */ err = getstr(&config->key, nextarg, DENY_BLANK); break; + case C_KNOWNHOSTS: /* --knownhosts */ + err = getstr(&config->knownhosts, nextarg, DENY_BLANK); + break; case C_NETRC_FILE: /* --netrc-file */ err = getstr(&config->netrc_file, nextarg, DENY_BLANK); break; diff --git a/src/tool_getparam.h b/src/tool_getparam.h index a08bbac7b6..6b97b9c11f 100644 --- a/src/tool_getparam.h +++ b/src/tool_getparam.h @@ -139,6 +139,7 @@ typedef enum { C_KEEPALIVE_TIME, C_KEY, C_KEY_TYPE, + C_KNOWNHOSTS, C_KRB, C_KRB4, C_LIBCURL, diff --git a/src/tool_listhelp.c b/src/tool_listhelp.c index bd72dbe15c..c8e31e77a6 100644 --- a/src/tool_listhelp.c +++ b/src/tool_listhelp.c @@ -341,6 +341,9 @@ const struct helptxt helptext[] = { {" --key-type ", "Private key file type (DER/PEM/ENG)", CURLHELP_TLS}, + {" --knownhosts ", + "Specify knownhosts path", + CURLHELP_SSH}, {" --krb ", "Enable Kerberos with security ", CURLHELP_DEPRECATED}, diff --git a/src/tool_operate.c b/src/tool_operate.c index b49f45fd99..38482b496e 100644 --- a/src/tool_operate.c +++ b/src/tool_operate.c @@ -2273,7 +2273,6 @@ CURLcode operate(int argc, argv_item_t argv[]) } varcleanup(); - curl_free(global->knownhosts); return result; } diff --git a/tests/data/test1459 b/tests/data/test1459 index 335b265766..e4901d74f0 100644 --- a/tests/data/test1459 +++ b/tests/data/test1459 @@ -12,9 +12,6 @@ known_hosts sftp - -mkdir -p %PWD/%LOGDIR/test%TESTNUMBER.dir/.ssh - sftp !oldlibssh @@ -23,15 +20,12 @@ sftp SFTP with corrupted known_hosts --u : sftp://%HOSTIP:%SSHPORT/ -l +-u : sftp://%HOSTIP:%SSHPORT/ -l --knownhosts %LOGDIR/known%TESTNUMBER - + |1|qy29Y1x/+/F39AzdG5515YSSw+c=|iB2WX5jrU3ZTWc+ZfGau7HHEvBc= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAynDN8cDJ3xNzRjTNNGciSHSxpubxhZ6YnkLdp1TkrGW8n\ R93Ey5VtBeBblYTRlFXBWJgKFcTKBRJ/O4qBZwbUgt10AHj31i6h8NehfT19tR8wG/YCmj3KtYLHmwdzmW1edEL9G2NdX2KiKYv7/zuly3QvmP0QA0NhWkAz0KdWNM= - -CURL_HOME=%PWD/%LOGDIR/test%TESTNUMBER.dir - # Verify data after the test has been "shot" From a80dcb04e39bbec88a4ce271de06673b2cbbc142 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 6 Oct 2025 07:51:48 +0200 Subject: [PATCH 0296/2408] test1711: send a >64K mail with SMTP A failed attempt to reproduce #18798 Closes #18861 --- tests/data/Makefile.am | 2 +- tests/data/test1711 | 51 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 52 insertions(+), 1 deletion(-) create mode 100644 tests/data/test1711 diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am index 5063e0210f..f2c698c674 100644 --- a/tests/data/Makefile.am +++ b/tests/data/Makefile.am @@ -228,7 +228,7 @@ test1670 test1671 \ test1680 test1681 test1682 test1683 \ \ test1700 test1701 test1702 test1703 test1704 test1705 test1706 test1707 \ -test1708 test1709 test1710 \ +test1708 test1709 test1710 test1711 \ \ test1800 test1801 \ \ diff --git a/tests/data/test1711 b/tests/data/test1711 new file mode 100644 index 0000000000..077dd74be9 --- /dev/null +++ b/tests/data/test1711 @@ -0,0 +1,51 @@ + + + +SMTP + + + +# +# Server-side + + + +# +# Client-side + + +smtp + + +Send >64K over SMTP + + +From: different +To: another + +%repeat[5000 x test in body... ]% + + +smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -T %LOGDIR/email%TESTNUMBER + + + +# +# Verify data after the test has been "shot" + + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +DATA +QUIT + + +From: different +To: another + +%repeat[5000 x test in body... ]% +. + + + From c3adf63ee7a26bae6c45ba0e0ae977c4cabd394e Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 6 Oct 2025 09:02:09 +0200 Subject: [PATCH 0297/2408] libssh2: bail out on chgrp and chown number parsing errors Reported-by: Joshua Rogers Closes #18863 --- lib/vssh/libssh2.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c index 0b82b568b1..390602b35a 100644 --- a/lib/vssh/libssh2.c +++ b/lib/vssh/libssh2.c @@ -1303,11 +1303,11 @@ sftp_quote_stat(struct Curl_easy *data, if(!strncmp(cmd, "chgrp", 5)) { const char *p = sshc->quote_path1; curl_off_t gid; - (void)curlx_str_number(&p, &gid, ULONG_MAX); - sshp->quote_attrs.gid = (unsigned long)gid; - sshp->quote_attrs.flags = LIBSSH2_SFTP_ATTR_UIDGID; - if(sshp->quote_attrs.gid == 0 && !ISDIGIT(sshc->quote_path1[0]) && - !sshc->acceptfail) { + if(!curlx_str_number(&p, &gid, ULONG_MAX)) { + sshp->quote_attrs.gid = (unsigned long)gid; + sshp->quote_attrs.flags = LIBSSH2_SFTP_ATTR_UIDGID; + } + else if(!sshc->acceptfail) { failf(data, "Syntax error: chgrp gid not a number"); goto fail; } @@ -1327,11 +1327,11 @@ sftp_quote_stat(struct Curl_easy *data, else if(!strncmp(cmd, "chown", 5)) { const char *p = sshc->quote_path1; curl_off_t uid; - (void)curlx_str_number(&p, &uid, ULONG_MAX); - sshp->quote_attrs.uid = (unsigned long)uid; - sshp->quote_attrs.flags = LIBSSH2_SFTP_ATTR_UIDGID; - if(sshp->quote_attrs.uid == 0 && !ISDIGIT(sshc->quote_path1[0]) && - !sshc->acceptfail) { + if(!curlx_str_number(&p, &uid, ULONG_MAX)) { + sshp->quote_attrs.uid = (unsigned long)uid; + sshp->quote_attrs.flags = LIBSSH2_SFTP_ATTR_UIDGID; + } + else if(!sshc->acceptfail) { failf(data, "Syntax error: chown uid not a number"); goto fail; } From d4c033267740d8b2e65520c89f2c5b4e5a5ee174 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 6 Oct 2025 09:38:30 +0200 Subject: [PATCH 0298/2408] libssh2: clarify that sshp->path is always at least one byte Reported-by: Joshua Rogers Closes #18864 --- lib/vssh/curl_path.c | 1 + lib/vssh/ssh.h | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/vssh/curl_path.c b/lib/vssh/curl_path.c index 021e85faf8..7a0e5bffef 100644 --- a/lib/vssh/curl_path.c +++ b/lib/vssh/curl_path.c @@ -100,6 +100,7 @@ CURLcode Curl_getworkingpath(struct Curl_easy *data, } else *path = working_path; + DEBUGASSERT(*path && (*path)[0]); return CURLE_OK; } diff --git a/lib/vssh/ssh.h b/lib/vssh/ssh.h index 9a5f1b7e31..e09111e63f 100644 --- a/lib/vssh/ssh.h +++ b/lib/vssh/ssh.h @@ -120,7 +120,7 @@ typedef enum { Everything that is strictly related to a connection is banned from this struct. */ struct SSHPROTO { - char *path; /* the path we operate on */ + char *path; /* the path we operate on, at least one byte long */ #ifdef USE_LIBSSH2 struct dynbuf readdir_link; struct dynbuf readdir; From 0d68f482052595887c2e3cc0b0fcf830a6dbf354 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 6 Oct 2025 09:44:45 +0200 Subject: [PATCH 0299/2408] krb5_sspi: the chlg argument is NOT optional Fix the comment, add assert. Reported-by: Joshua Rogers Closes #18865 --- lib/vauth/krb5_sspi.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/vauth/krb5_sspi.c b/lib/vauth/krb5_sspi.c index 985f1c38fc..c1953e1145 100644 --- a/lib/vauth/krb5_sspi.c +++ b/lib/vauth/krb5_sspi.c @@ -238,7 +238,7 @@ CURLcode Curl_auth_create_gssapi_user_message(struct Curl_easy *data, * * data [in] - The session handle. * authzid [in] - The authorization identity if some. - * chlg [in] - The optional challenge message. + * chlg [in] - The challenge message. * krb5 [in/out] - The Kerberos 5 data struct being used and modified. * out [out] - The result storage. * @@ -273,6 +273,7 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data, #endif /* Ensure we have a valid challenge message */ + DEBUGASSERT(chlg); if(!Curl_bufref_len(chlg)) { infof(data, "GSSAPI handshake failure (empty security message)"); return CURLE_BAD_CONTENT_ENCODING; From 51b85bdc6cd48a55c75b03afcf1f057839564ae8 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 6 Oct 2025 03:02:24 +0200 Subject: [PATCH 0300/2408] windows: use consistent format when showing error codes For `GetLastError()` and `SECURITY_STATUS`: 0x-prefixed, 8-digit, lowercase, hex: 0x1234abcd Also: say `GetLastError()` instead of `errno` in one message. Closes #18877 --- lib/curlx/winapi.c | 2 +- lib/strerror.c | 6 +++--- lib/vauth/ntlm_sspi.c | 2 +- lib/vtls/schannel.c | 6 +++--- src/tool_doswin.c | 6 +++--- src/tool_filetime.c | 8 ++++---- tests/libtest/lib3026.c | 3 ++- 7 files changed, 17 insertions(+), 16 deletions(-) diff --git a/lib/curlx/winapi.c b/lib/curlx/winapi.c index 6d94733bed..de1218cec7 100644 --- a/lib/curlx/winapi.c +++ b/lib/curlx/winapi.c @@ -103,7 +103,7 @@ const char *curlx_winapi_strerror(DWORD err, char *buf, size_t buflen) #endif /* some GCC compilers cause false positive warnings if we allow this warning */ - SNPRINTF(buf, buflen, "Unknown error %lu (0x%08lX)", err, err); + SNPRINTF(buf, buflen, "Unknown error %lu (0x%08lx)", err, err); #if defined(__GNUC__) && __GNUC__ >= 7 #pragma GCC diagnostic pop #endif diff --git a/lib/strerror.c b/lib/strerror.c index 8d22ac9b34..5b82d7f965 100644 --- a/lib/strerror.c +++ b/lib/strerror.c @@ -656,7 +656,7 @@ const char *Curl_sspi_strerror(SECURITY_STATUS err, char *buf, size_t buflen) if(err == SEC_E_ILLEGAL_MESSAGE) { curl_msnprintf(buf, buflen, - "SEC_E_ILLEGAL_MESSAGE (0x%08lX) - This error usually " + "SEC_E_ILLEGAL_MESSAGE (0x%08lx) - This error usually " "occurs when a fatal SSL/TLS alert is received (e.g. " "handshake failed). More detail may be available in " "the Windows System event log.", err); @@ -664,9 +664,9 @@ const char *Curl_sspi_strerror(SECURITY_STATUS err, char *buf, size_t buflen) else { char msgbuf[256]; if(curlx_get_winapi_error((DWORD)err, msgbuf, sizeof(msgbuf))) - curl_msnprintf(buf, buflen, "%s (0x%08lX) - %s", txt, err, msgbuf); + curl_msnprintf(buf, buflen, "%s (0x%08lx) - %s", txt, err, msgbuf); else - curl_msnprintf(buf, buflen, "%s (0x%08lX)", txt, err); + curl_msnprintf(buf, buflen, "%s (0x%08lx)", txt, err); } #else diff --git a/lib/vauth/ntlm_sspi.c b/lib/vauth/ntlm_sspi.c index dff5fe8747..d421879161 100644 --- a/lib/vauth/ntlm_sspi.c +++ b/lib/vauth/ntlm_sspi.c @@ -313,7 +313,7 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data, &type_3_desc, &attrs, NULL); if(status != SEC_E_OK) { - infof(data, "NTLM handshake failure (type-3 message): Status=%lx", + infof(data, "NTLM handshake failure (type-3 message): Status=0x%08lx", status); if(status == SEC_E_INSUFFICIENT_MEMORY) diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index bf68321afe..c0e96c93bf 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -659,7 +659,7 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf, cert_showfilename_error); else failf(data, "schannel: Failed to import cert file %s, " - "last error is 0x%lx", + "last error is 0x%08lx", cert_showfilename_error, errorcode); return CURLE_SSL_CERTPROBLEM; } @@ -678,7 +678,7 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf, if(!client_certs[0]) { failf(data, "schannel: Failed to get certificate from file %s" - ", last error is 0x%lx", + ", last error is 0x%08lx", cert_showfilename_error, GetLastError()); CertCloseStore(cert_store, 0); return CURLE_SSL_CERTPROBLEM; @@ -700,7 +700,7 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf, char *path_utf8 = curlx_convert_tchar_to_UTF8(cert_store_path); failf(data, "schannel: Failed to open cert store %lx %s, " - "last error is 0x%lx", + "last error is 0x%08lx", cert_store_name, (path_utf8 ? path_utf8 : "(unknown)"), GetLastError()); diff --git a/src/tool_doswin.c b/src/tool_doswin.c index 51b6f34101..5cf58405b3 100644 --- a/src/tool_doswin.c +++ b/src/tool_doswin.c @@ -871,7 +871,7 @@ curl_socket_t win32_stdin_read_thread(void) 0, FALSE, DUPLICATE_SAME_ACCESS); if(!r) { - errorf("DuplicateHandle error: %08lx", GetLastError()); + errorf("DuplicateHandle error: 0x%08lx", GetLastError()); break; } @@ -882,7 +882,7 @@ curl_socket_t win32_stdin_read_thread(void) stdin_thread = CreateThread(NULL, 0, win_stdin_thread_func, tdata, 0, NULL); if(!stdin_thread) { - errorf("CreateThread error: %08lx", GetLastError()); + errorf("CreateThread error: 0x%08lx", GetLastError()); break; } @@ -908,7 +908,7 @@ curl_socket_t win32_stdin_read_thread(void) /* Set the stdin handle to read from the socket. */ if(SetStdHandle(STD_INPUT_HANDLE, (HANDLE)socket_r) == 0) { - errorf("SetStdHandle error: %08lx", GetLastError()); + errorf("SetStdHandle error: 0x%08lx", GetLastError()); break; } diff --git a/src/tool_filetime.c b/src/tool_filetime.c index afd84c0138..6dc2fbbe42 100644 --- a/src/tool_filetime.c +++ b/src/tool_filetime.c @@ -62,13 +62,13 @@ int getfiletime(const char *filename, curl_off_t *stamp) } } else { - warnf("Failed to get filetime: GetFileTime failed: GetLastError %lu", + warnf("Failed to get filetime: GetFileTime failed: GetLastError 0x%08lx", GetLastError()); } CloseHandle(hfile); } else if(GetLastError() != ERROR_FILE_NOT_FOUND) { - warnf("Failed to get filetime: CreateFile failed: GetLastError %lu", + warnf("Failed to get filetime: CreateFile failed: GetLastError 0x%08lx", GetLastError()); } #else @@ -118,14 +118,14 @@ void setfiletime(curl_off_t filetime, const char *filename) ft.dwHighDateTime = (DWORD)(converted >> 32); if(!SetFileTime(hfile, NULL, &ft, &ft)) { warnf("Failed to set filetime %" CURL_FORMAT_CURL_OFF_T - " on outfile: SetFileTime failed: GetLastError %lu", + " on outfile: SetFileTime failed: GetLastError 0x%08lx", filetime, GetLastError()); } CloseHandle(hfile); } else { warnf("Failed to set filetime %" CURL_FORMAT_CURL_OFF_T - " on outfile: CreateFile failed: GetLastError %lu", + " on outfile: CreateFile failed: GetLastError 0x%08lx", filetime, GetLastError()); } diff --git a/tests/libtest/lib3026.c b/tests/libtest/lib3026.c index 167fdd4d33..75d419cb58 100644 --- a/tests/libtest/lib3026.c +++ b/tests/libtest/lib3026.c @@ -59,7 +59,8 @@ static CURLcode test_lib3026(const char *URL) results[i] = CURL_LAST; /* initialize with invalid value */ th = CreateThread(NULL, 0, t3026_run_thread, &results[i], 0, NULL); if(!th) { - curl_mfprintf(stderr, "%s:%d Couldn't create thread, errno %lu\n", + curl_mfprintf(stderr, "%s:%d Couldn't create thread, " + "GetLastError 0x%08lx\n", __FILE__, __LINE__, GetLastError()); tid_count = i; test_failure = TEST_ERR_MAJOR_BAD; From decd7e157c51c6bd5599b6000f57a4ecbdd0e2f3 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 6 Oct 2025 08:22:39 +0200 Subject: [PATCH 0301/2408] cf-socket: always check Curl_cf_socket_peek() return code Make it trigger a warning if not. Reported-by: Joshua Rogers Closes #18862 --- lib/cf-socket.h | 2 +- lib/vquic/curl_ngtcp2.c | 9 ++++----- lib/vquic/curl_osslq.c | 18 +++++++++--------- lib/vquic/curl_quiche.c | 4 +++- lib/vquic/vquic.c | 18 +++++++++--------- 5 files changed, 26 insertions(+), 25 deletions(-) diff --git a/lib/cf-socket.h b/lib/cf-socket.h index 85b7e5631b..e5fc176ee1 100644 --- a/lib/cf-socket.h +++ b/lib/cf-socket.h @@ -158,7 +158,7 @@ CURLcode Curl_cf_socket_peek(struct Curl_cfilter *cf, struct Curl_easy *data, curl_socket_t *psock, const struct Curl_sockaddr_ex **paddr, - struct ip_quadruple *pip); + struct ip_quadruple *pip) WARN_UNUSED_RESULT; extern struct Curl_cftype Curl_cft_tcp; extern struct Curl_cftype Curl_cft_udp; diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index a85c9d7609..4c7a7857b5 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -2480,8 +2480,7 @@ static CURLcode cf_connect_start(struct Curl_cfilter *cf, if(result) return result; - Curl_cf_socket_peek(cf->next, data, &ctx->q.sockfd, &sockaddr, NULL); - if(!sockaddr) + if(Curl_cf_socket_peek(cf->next, data, &ctx->q.sockfd, &sockaddr, NULL)) return CURLE_QUIC_CONNECT_ERROR; ctx->q.local_addrlen = sizeof(ctx->q.local_addr); rv = getsockname(ctx->q.sockfd, (struct sockaddr *)&ctx->q.local_addr, @@ -2633,9 +2632,9 @@ out: if(result) { struct ip_quadruple ip; - Curl_cf_socket_peek(cf->next, data, NULL, NULL, &ip); - infof(data, "QUIC connect to %s port %u failed: %s", - ip.remote_ip, ip.remote_port, curl_easy_strerror(result)); + if(!Curl_cf_socket_peek(cf->next, data, NULL, NULL, &ip)) + infof(data, "QUIC connect to %s port %u failed: %s", + ip.remote_ip, ip.remote_port, curl_easy_strerror(result)); } #endif if(!result && ctx->qconn) { diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c index 1d7c3bce99..351519d65a 100644 --- a/lib/vquic/curl_osslq.c +++ b/lib/vquic/curl_osslq.c @@ -550,12 +550,12 @@ static CURLcode cf_osslq_ssl_err(struct Curl_cfilter *cf, int sockerr = SOCKERRNO; struct ip_quadruple ip; - Curl_cf_socket_peek(cf->next, data, NULL, NULL, &ip); if(sockerr && detail == SSL_ERROR_SYSCALL) curlx_strerror(sockerr, extramsg, sizeof(extramsg)); - failf(data, "QUIC connect: %s in connection to %s:%d (%s)", - extramsg[0] ? extramsg : osslq_SSL_ERROR_to_str(detail), - ctx->peer.dispname, ip.remote_port, ip.remote_ip); + if(!Curl_cf_socket_peek(cf->next, data, NULL, NULL, &ip)) + failf(data, "QUIC connect: %s in connection to %s:%d (%s)", + extramsg[0] ? extramsg : osslq_SSL_ERROR_to_str(detail), + ctx->peer.dispname, ip.remote_port, ip.remote_ip); } else { /* Could be a CERT problem */ @@ -1177,8 +1177,8 @@ static CURLcode cf_osslq_ctx_start(struct Curl_cfilter *cf, goto out; result = CURLE_QUIC_CONNECT_ERROR; - Curl_cf_socket_peek(cf->next, data, &ctx->q.sockfd, &peer_addr, NULL); - if(!peer_addr) + if(Curl_cf_socket_peek(cf->next, data, &ctx->q.sockfd, &peer_addr, NULL) || + !peer_addr) goto out; ctx->q.local_addrlen = sizeof(ctx->q.local_addr); @@ -1857,9 +1857,9 @@ out: if(result) { struct ip_quadruple ip; - Curl_cf_socket_peek(cf->next, data, NULL, NULL, &ip); - infof(data, "QUIC connect to %s port %u failed: %s", - ip.remote_ip, ip.remote_port, curl_easy_strerror(result)); + if(!Curl_cf_socket_peek(cf->next, data, NULL, NULL, &ip)) + infof(data, "QUIC connect to %s port %u failed: %s", + ip.remote_ip, ip.remote_port, curl_easy_strerror(result)); } #endif if(!result) diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c index 6534822c76..da67819abb 100644 --- a/lib/vquic/curl_quiche.c +++ b/lib/vquic/curl_quiche.c @@ -1303,7 +1303,9 @@ static CURLcode cf_quiche_ctx_open(struct Curl_cfilter *cf, if(result) return result; - Curl_cf_socket_peek(cf->next, data, &ctx->q.sockfd, &sockaddr, NULL); + if(Curl_cf_socket_peek(cf->next, data, &ctx->q.sockfd, &sockaddr, NULL)) + return CURLE_QUIC_CONNECT_ERROR; + ctx->q.local_addrlen = sizeof(ctx->q.local_addr); rv = getsockname(ctx->q.sockfd, (struct sockaddr *)&ctx->q.local_addr, &ctx->q.local_addrlen); diff --git a/lib/vquic/vquic.c b/lib/vquic/vquic.c index 91680915f3..d7ed7927be 100644 --- a/lib/vquic/vquic.c +++ b/lib/vquic/vquic.c @@ -428,9 +428,9 @@ static CURLcode recvmmsg_packets(struct Curl_cfilter *cf, } if(!cf->connected && SOCKERRNO == SOCKECONNREFUSED) { struct ip_quadruple ip; - Curl_cf_socket_peek(cf->next, data, NULL, NULL, &ip); - failf(data, "QUIC: connection to %s port %u refused", - ip.remote_ip, ip.remote_port); + if(!Curl_cf_socket_peek(cf->next, data, NULL, NULL, &ip)) + failf(data, "QUIC: connection to %s port %u refused", + ip.remote_ip, ip.remote_port); result = CURLE_COULDNT_CONNECT; goto out; } @@ -521,9 +521,9 @@ static CURLcode recvmsg_packets(struct Curl_cfilter *cf, } if(!cf->connected && SOCKERRNO == SOCKECONNREFUSED) { struct ip_quadruple ip; - Curl_cf_socket_peek(cf->next, data, NULL, NULL, &ip); - failf(data, "QUIC: connection to %s port %u refused", - ip.remote_ip, ip.remote_port); + if(!Curl_cf_socket_peek(cf->next, data, NULL, NULL, &ip)) + failf(data, "QUIC: connection to %s port %u refused", + ip.remote_ip, ip.remote_port); result = CURLE_COULDNT_CONNECT; goto out; } @@ -596,9 +596,9 @@ static CURLcode recvfrom_packets(struct Curl_cfilter *cf, } if(!cf->connected && SOCKERRNO == SOCKECONNREFUSED) { struct ip_quadruple ip; - Curl_cf_socket_peek(cf->next, data, NULL, NULL, &ip); - failf(data, "QUIC: connection to %s port %u refused", - ip.remote_ip, ip.remote_port); + if(!Curl_cf_socket_peek(cf->next, data, NULL, NULL, &ip)) + failf(data, "QUIC: connection to %s port %u refused", + ip.remote_ip, ip.remote_port); result = CURLE_COULDNT_CONNECT; goto out; } From 2f3cf17e339bfc27c55be22c6c72703ed3e5d696 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Mon, 6 Oct 2025 13:45:38 +0200 Subject: [PATCH 0302/2408] cf-socket: check params and remove accept procondition - creating a socket filter with NULL addrinfo fails with CURLE_BAD_FUNCTION_ARGUMENT - remove getsockname use before accept call, serves no purpose and did not lead to proper error before Reported-by: Joshua Rogers Closes #18882 --- lib/cf-socket.c | 28 +++++++++++++++------------- 1 file changed, 15 insertions(+), 13 deletions(-) diff --git a/lib/cf-socket.c b/lib/cf-socket.c index 34bcda68d7..aa79ac45a4 100644 --- a/lib/cf-socket.c +++ b/lib/cf-socket.c @@ -1761,6 +1761,11 @@ CURLcode Curl_cf_tcp_create(struct Curl_cfilter **pcf, (void)data; (void)conn; DEBUGASSERT(transport == TRNSPRT_TCP); + if(!ai) { + result = CURLE_BAD_FUNCTION_ARGUMENT; + goto out; + } + ctx = calloc(1, sizeof(*ctx)); if(!ctx) { result = CURLE_OUT_OF_MEMORY; @@ -1857,6 +1862,7 @@ static CURLcode cf_udp_connect(struct Curl_cfilter *cf, *done = TRUE; return CURLE_OK; } + *done = FALSE; if(ctx->sock == CURL_SOCKET_BAD) { result = cf_socket_open(cf, data); @@ -1873,10 +1879,6 @@ static CURLcode cf_udp_connect(struct Curl_cfilter *cf, FMT_SOCKET_T " (%s:%d)", ctx->sock, ctx->ip.local_ip, ctx->ip.local_port); } - else { - CURL_TRC_CF(data, cf, "cf_udp_connect(), opened socket=%" - FMT_SOCKET_T " (unconnected)", ctx->sock); - } *done = TRUE; cf->connected = TRUE; } @@ -2058,6 +2060,7 @@ static CURLcode cf_tcp_accept_connect(struct Curl_cfilter *cf, bool *done) { struct cf_socket_ctx *ctx = cf->ctx; + char errbuf[STRERROR_LEN]; #ifdef USE_IPV6 struct Curl_sockaddr_storage add; #else @@ -2076,6 +2079,7 @@ static CURLcode cf_tcp_accept_connect(struct Curl_cfilter *cf, return CURLE_OK; } + *done = FALSE; timeout_ms = cf_tcp_accept_timeleft(cf, data); if(timeout_ms < 0) { /* if a timeout was already reached, bail out */ @@ -2103,23 +2107,21 @@ static CURLcode cf_tcp_accept_connect(struct Curl_cfilter *cf, if(!incoming) { CURL_TRC_CF(data, cf, "nothing heard from the server yet"); - *done = FALSE; return CURLE_OK; } - if(!getsockname(ctx->sock, (struct sockaddr *) &add, &size)) { - size = sizeof(add); + size = sizeof(add); #ifdef HAVE_ACCEPT4 - s_accepted = CURL_ACCEPT4(ctx->sock, (struct sockaddr *) &add, &size, - SOCK_NONBLOCK | SOCK_CLOEXEC); + s_accepted = CURL_ACCEPT4(ctx->sock, (struct sockaddr *) &add, &size, + SOCK_NONBLOCK | SOCK_CLOEXEC); #else - s_accepted = CURL_ACCEPT(ctx->sock, (struct sockaddr *) &add, &size); + s_accepted = CURL_ACCEPT(ctx->sock, (struct sockaddr *) &add, &size); #endif - } if(CURL_SOCKET_BAD == s_accepted) { - failf(data, "Error accept()ing server connect"); - return CURLE_FTP_PORT_FAILED; + failf(data, "Error accept()ing server connect: %s", + curlx_strerror(SOCKERRNO, errbuf, sizeof(errbuf))); + return CURLE_FTP_ACCEPT_FAILED; } infof(data, "Connection accepted from server"); From 9e3c35a88e9433fcc7edae4323605025f232f0bb Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 6 Oct 2025 09:54:39 +0200 Subject: [PATCH 0303/2408] ftp: fix the 213 scanner memchr buffer limit argument Reported-by: Joshua Rogers Closes #18867 --- lib/ftp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/ftp.c b/lib/ftp.c index a3194c2a7b..10a61d3689 100644 --- a/lib/ftp.c +++ b/lib/ftp.c @@ -2319,7 +2319,7 @@ static CURLcode ftp_state_size_resp(struct Curl_easy *data, for all the digits at the end of the response and parse only those as a number. */ char *start = &buf[4]; - const char *fdigit = memchr(start, '\r', len); + const char *fdigit = memchr(start, '\r', len - 4); if(fdigit) { fdigit--; if(*fdigit == '\n') From 172e190c798645b9d04dd97ae0cf51b35317971e Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 6 Oct 2025 10:11:30 +0200 Subject: [PATCH 0304/2408] ftp: add extra buffer length check This adds an extra check that the buffer really has data enough (at least 4 bytes) to check for a status code before doing so. It *should* not be necessary, but this was pointed out by an analyzer and it feels better to make sure. Reported-by: Joshua Rogers Closes #18869 --- lib/ftp.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/lib/ftp.c b/lib/ftp.c index 10a61d3689..77db98c005 100644 --- a/lib/ftp.c +++ b/lib/ftp.c @@ -479,13 +479,14 @@ static CURLcode ftp_check_ctrl_on_data_wait(struct Curl_easy *data, infof(data, "Ctrl conn has data while waiting for data conn"); if(pp->overflow > 3) { const char *r = curlx_dyn_ptr(&pp->recvbuf); + size_t len = curlx_dyn_len(&pp->recvbuf); - DEBUGASSERT((pp->overflow + pp->nfinal) <= - curlx_dyn_len(&pp->recvbuf)); + DEBUGASSERT((pp->overflow + pp->nfinal) <= curlx_dyn_len(&pp->recvbuf)); /* move over the most recently handled response line */ r += pp->nfinal; + len -= pp->nfinal; - if(LASTLINE(r)) { + if((len > 3) && LASTLINE(r)) { curl_off_t status; if(!curlx_str_number(&r, &status, 999) && (status == 226)) { /* funny timing situation where we get the final message on the From 6ef4871f5d56d5d7e99dfb65d69bf47e9861887b Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 6 Oct 2025 10:20:45 +0200 Subject: [PATCH 0305/2408] ftp: improve fragile check for first digit > 3 In a case where rubbish would be sent in the line something that isn't a digit could be first in line and treated as less than '3'. Prevent this risk by first doing a check that the byte is a digit. Reported-by: Joshua Rogers Closes #18870 --- lib/ftp.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/lib/ftp.c b/lib/ftp.c index 77db98c005..402c13a07c 100644 --- a/lib/ftp.c +++ b/lib/ftp.c @@ -449,11 +449,14 @@ static CURLcode ftp_check_ctrl_on_data_wait(struct Curl_easy *data, bool response = FALSE; /* First check whether there is a cached response from server */ - if(curlx_dyn_len(&pp->recvbuf) && (*curlx_dyn_ptr(&pp->recvbuf) > '3')) { - /* Data connection could not be established, let's return */ - infof(data, "There is negative response in cache while serv connect"); - (void)getftpresponse(data, &nread, &ftpcode); - return CURLE_FTP_ACCEPT_FAILED; + if(curlx_dyn_len(&pp->recvbuf)) { + const char *l = curlx_dyn_ptr(&pp->recvbuf); + if(!ISDIGIT(*l) || (*l > '3')) { + /* Data connection could not be established, let's return */ + infof(data, "There is negative response in cache while serv connect"); + (void)getftpresponse(data, &nread, &ftpcode); + return CURLE_FTP_ACCEPT_FAILED; + } } if(pp->overflow) From 2b0e7cb7c677cef10d4d1baf2fc2116ff909a407 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 6 Oct 2025 10:34:22 +0200 Subject: [PATCH 0306/2408] ftp: remove misleading comments They indicated that sockets would not be closed but they are. Reported-by: Joshua Rogers Closes #18871 --- lib/ftp.c | 1 - 1 file changed, 1 deletion(-) diff --git a/lib/ftp.c b/lib/ftp.c index 402c13a07c..32d3c445df 100644 --- a/lib/ftp.c +++ b/lib/ftp.c @@ -2418,7 +2418,6 @@ static CURLcode ftp_state_stor_resp(struct Curl_easy *data, if(ftpcode >= 400) { failf(data, "Failed FTP upload: %0d", ftpcode); ftp_state(data, ftpc, FTP_STOP); - /* oops, we never close the sockets! */ return CURLE_UPLOAD_FAILED; } From 92a212568403d985a2614a7d206bf34b7a8fb827 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 6 Oct 2025 10:56:44 +0200 Subject: [PATCH 0307/2408] telnet: make bad_option() consider NULL a bad option too Follow-up to a72e1552f22 Closes #18873 --- lib/telnet.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/telnet.c b/lib/telnet.c index 90316a446c..259a0c8931 100644 --- a/lib/telnet.c +++ b/lib/telnet.c @@ -930,7 +930,7 @@ static CURLcode check_telnet_options(struct Curl_easy *data, rather just ban its use instead */ static bool bad_option(const char *data) { - return !!strchr(data, CURL_IAC); + return !data || !!strchr(data, CURL_IAC); } /* From ef1794e50e111dd4683b12875be7a685c63e44ca Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 6 Oct 2025 15:46:29 +0200 Subject: [PATCH 0308/2408] ldap: tidy-up types, fix error code confusion - fix `CURLcode` vs. LDAP result code confusion. Return `LDAP_NO_MEMORY` when `Curl_create_sspi_identity()` fails, since it can only return `CURLE_OUT_OF_MEMORY` as error. - use `ULONG` for result code on Windows. Drop casts. - use portable `curl_ldap_num_t`. Drop casts. - replace magic number 0 with `LDAP_SUCCESS`. - compare with `LDAP_SUCCESS` instead of assuming non-zero. (where necessary.) - add/fix `#endif` comments. - fix indentation. Closes #18888 --- lib/ldap.c | 119 +++++++++++++++++++++++++++-------------------------- 1 file changed, 61 insertions(+), 58 deletions(-) diff --git a/lib/ldap.c b/lib/ldap.c index 66cf8916d6..8a39c1a4be 100644 --- a/lib/ldap.c +++ b/lib/ldap.c @@ -98,6 +98,14 @@ #include "curl_memory.h" #include "memdebug.h" +#ifdef USE_WIN32_LDAP +#define FREE_ON_WINLDAP(x) curlx_unicodefree(x) +#define curl_ldap_num_t ULONG +#else +#define FREE_ON_WINLDAP(x) +#define curl_ldap_num_t int +#endif + #ifndef HAVE_LDAP_URL_PARSE /* Use our own implementation. */ @@ -127,14 +135,15 @@ struct ldap_urldesc { #undef LDAPURLDesc #define LDAPURLDesc struct ldap_urldesc -static int ldap_url_parse_low(struct Curl_easy *data, - const struct connectdata *conn, - LDAPURLDesc **ludp); +static curl_ldap_num_t ldap_url_parse_low(struct Curl_easy *data, + const struct connectdata *conn, + LDAPURLDesc **ludp); static void ldap_free_urldesc_low(LDAPURLDesc *ludp); #undef ldap_free_urldesc #define ldap_free_urldesc ldap_free_urldesc_low -#endif + +#endif /* !HAVE_LDAP_URL_PARSE */ #ifdef DEBUG_LDAP #define LDAP_TRACE(x) do { \ @@ -227,12 +236,12 @@ const struct Curl_handler Curl_handler_ldaps = { #ifdef USE_WIN32_LDAP #ifdef USE_WINDOWS_SSPI -static int ldap_win_bind_auth(LDAP *server, const char *user, - const char *passwd, unsigned long authflags) +static ULONG ldap_win_bind_auth(LDAP *server, const char *user, + const char *passwd, unsigned long authflags) { ULONG method = 0; SEC_WINNT_AUTH_IDENTITY cred; - int rc = LDAP_AUTH_METHOD_NOT_SUPPORTED; + ULONG rc = LDAP_AUTH_METHOD_NOT_SUPPORTED; memset(&cred, 0, sizeof(cred)); @@ -260,25 +269,27 @@ static int ldap_win_bind_auth(LDAP *server, const char *user, if(method && user && passwd) { CURLcode res = Curl_create_sspi_identity(user, passwd, &cred); - rc = (int)res; - if(!rc) { - rc = (int)ldap_bind_s(server, NULL, (TCHAR *)&cred, method); + if(!res) { + rc = ldap_bind_s(server, NULL, (TCHAR *)&cred, method); Curl_sspi_free_identity(&cred); } + else { + rc = LDAP_NO_MEMORY; + } } else { /* proceed with current user credentials */ method = LDAP_AUTH_NEGOTIATE; - rc = (int)ldap_bind_s(server, NULL, NULL, method); + rc = ldap_bind_s(server, NULL, NULL, method); } return rc; } #endif /* USE_WINDOWS_SSPI */ -static int ldap_win_bind(struct Curl_easy *data, LDAP *server, - const char *user, const char *passwd) +static ULONG ldap_win_bind(struct Curl_easy *data, LDAP *server, + const char *user, const char *passwd) { - int rc = LDAP_INVALID_CREDENTIALS; + ULONG rc = LDAP_INVALID_CREDENTIALS; PTCHAR inuser = NULL; PTCHAR inpass = NULL; @@ -287,14 +298,14 @@ static int ldap_win_bind(struct Curl_easy *data, LDAP *server, inuser = curlx_convert_UTF8_to_tchar(user); inpass = curlx_convert_UTF8_to_tchar(passwd); - rc = (int)ldap_simple_bind_s(server, inuser, inpass); + rc = ldap_simple_bind_s(server, inuser, inpass); curlx_unicodefree(inuser); curlx_unicodefree(inpass); } #ifdef USE_WINDOWS_SSPI else { - rc = (int)ldap_win_bind_auth(server, user, passwd, data->set.httpauth); + rc = ldap_win_bind_auth(server, user, passwd, data->set.httpauth); } #endif @@ -302,19 +313,10 @@ static int ldap_win_bind(struct Curl_easy *data, LDAP *server, } #endif /* USE_WIN32_LDAP */ -#ifdef USE_WIN32_LDAP -#define FREE_ON_WINLDAP(x) curlx_unicodefree(x) -#define curl_ldap_num_t ULONG -#else -#define FREE_ON_WINLDAP(x) -#define curl_ldap_num_t int -#endif - - static CURLcode ldap_do(struct Curl_easy *data, bool *done) { CURLcode result = CURLE_OK; - int rc = 0; + curl_ldap_num_t rc = LDAP_SUCCESS; LDAP *server = NULL; LDAPURLDesc *ludp = NULL; LDAPMessage *ldapmsg = NULL; @@ -349,7 +351,7 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done) rc = ldap_url_parse_low(data, conn, &ludp); #endif if(rc) { - failf(data, "Bad LDAP URL: %s", ldap_err2string((curl_ldap_num_t)rc)); + failf(data, "Bad LDAP URL: %s", ldap_err2string(rc)); result = CURLE_URL_MALFORMAT; goto quit; } @@ -391,7 +393,7 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done) /* Win32 LDAP SDK does not support insecure mode without CA! */ server = ldap_sslinit(host, (curl_ldap_num_t)ipquad.remote_port, 1); ldap_set_option(server, LDAP_OPT_SSL, LDAP_OPT_ON); -#else +#else /* !USE_WIN32_LDAP */ int ldap_option; char *ldap_ca = conn->ssl_config.CAfile; #ifdef LDAP_OPT_X_TLS @@ -412,7 +414,7 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done) rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_CACERTFILE, ldap_ca); if(rc != LDAP_SUCCESS) { failf(data, "LDAP local: ERROR setting PEM CA cert: %s", - ldap_err2string(rc)); + ldap_err2string(rc)); result = CURLE_SSL_CERTPROBLEM; goto quit; } @@ -424,7 +426,7 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done) rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, &ldap_option); if(rc != LDAP_SUCCESS) { failf(data, "LDAP local: ERROR setting cert verify mode: %s", - ldap_err2string(rc)); + ldap_err2string(rc)); result = CURLE_SSL_CERTPROBLEM; goto quit; } @@ -439,31 +441,32 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done) rc = ldap_set_option(server, LDAP_OPT_X_TLS, &ldap_option); if(rc != LDAP_SUCCESS) { failf(data, "LDAP local: ERROR setting SSL/TLS mode: %s", - ldap_err2string(rc)); + ldap_err2string(rc)); result = CURLE_SSL_CERTPROBLEM; goto quit; } -/* +#if 0 rc = ldap_start_tls_s(server, NULL, NULL); if(rc != LDAP_SUCCESS) { failf(data, "LDAP local: ERROR starting SSL/TLS mode: %s", - ldap_err2string(rc)); + ldap_err2string(rc)); result = CURLE_SSL_CERTPROBLEM; goto quit; } -*/ -#else +#endif + +#else /* !LDAP_OPT_X_TLS */ (void)ldap_option; (void)ldap_ca; /* we should probably never come up to here since configure should check in first place if we can support LDAP SSL/TLS */ failf(data, "LDAP local: SSL/TLS not supported with this version " - "of the OpenLDAP toolkit\n"); + "of the OpenLDAP toolkit\n"); result = CURLE_SSL_CERTPROBLEM; goto quit; -#endif -#endif -#endif /* CURL_LDAP_USE_SSL */ +#endif /* LDAP_OPT_X_TLS */ +#endif /* USE_WIN32_LDAP */ +#endif /* HAVE_LDAP_SSL */ } else if(data->set.use_ssl > CURLUSESSL_TRY) { failf(data, "LDAP local: explicit TLS not supported"); @@ -485,7 +488,7 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done) #else rc = ldap_simple_bind_s(server, user, passwd); #endif - if(!ldap_ssl && rc) { + if(!ldap_ssl && rc != LDAP_SUCCESS) { ldap_proto = LDAP_VERSION2; ldap_set_option(server, LDAP_OPT_PROTOCOL_VERSION, &ldap_proto); #ifdef USE_WIN32_LDAP @@ -494,10 +497,10 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done) rc = ldap_simple_bind_s(server, user, passwd); #endif } - if(rc) { + if(rc != LDAP_SUCCESS) { #ifdef USE_WIN32_LDAP failf(data, "LDAP local: bind via ldap_win_bind %s", - ldap_err2string((ULONG)rc)); + ldap_err2string(rc)); #else failf(data, "LDAP local: bind via ldap_simple_bind_s %s", ldap_err2string(rc)); @@ -507,12 +510,12 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done) } Curl_pgrsSetDownloadCounter(data, 0); - rc = (int)ldap_search_s(server, ludp->lud_dn, - (curl_ldap_num_t)ludp->lud_scope, - ludp->lud_filter, ludp->lud_attrs, 0, &ldapmsg); + rc = ldap_search_s(server, ludp->lud_dn, + (curl_ldap_num_t)ludp->lud_scope, + ludp->lud_filter, ludp->lud_attrs, 0, &ldapmsg); - if(rc && rc != LDAP_SIZELIMIT_EXCEEDED) { - failf(data, "LDAP remote: %s", ldap_err2string((curl_ldap_num_t)rc)); + if(rc != LDAP_SUCCESS && rc != LDAP_SIZELIMIT_EXCEEDED) { + failf(data, "LDAP remote: %s", ldap_err2string(rc)); result = CURLE_LDAP_SEARCH_FAILED; goto quit; } @@ -746,7 +749,7 @@ static void ldap_trace_low(const char *fmt, ...) vfprintf(stderr, fmt, args); va_end(args); } -#endif +#endif /* DEBUG_LDAP */ #ifndef HAVE_LDAP_URL_PARSE @@ -795,11 +798,11 @@ static size_t num_entries(const char *s) * * Defined in RFC4516 section 2. */ -static int ldap_url_parse2_low(struct Curl_easy *data, - const struct connectdata *conn, - LDAPURLDesc *ludp) +static curl_ldap_num_t ldap_url_parse2_low(struct Curl_easy *data, + const struct connectdata *conn, + LDAPURLDesc *ludp) { - int rc = LDAP_SUCCESS; + curl_ldap_num_t rc = LDAP_SUCCESS; char *p; char *path; char *q = NULL; @@ -1000,12 +1003,12 @@ quit: return rc; } -static int ldap_url_parse_low(struct Curl_easy *data, - const struct connectdata *conn, - LDAPURLDesc **ludpp) +static curl_ldap_num_t ldap_url_parse_low(struct Curl_easy *data, + const struct connectdata *conn, + LDAPURLDesc **ludpp) { LDAPURLDesc *ludp = calloc(1, sizeof(*ludp)); - int rc; + curl_ldap_num_t rc; *ludpp = NULL; if(!ludp) @@ -1047,10 +1050,10 @@ static void ldap_free_urldesc_low(LDAPURLDesc *ludp) free(ludp); } -#endif /* !HAVE_LDAP_URL_PARSE */ +#endif /* !HAVE_LDAP_URL_PARSE */ #if defined(__GNUC__) && defined(__APPLE__) #pragma GCC diagnostic pop #endif -#endif /* !CURL_DISABLE_LDAP && !USE_OPENLDAP */ +#endif /* !CURL_DISABLE_LDAP && !USE_OPENLDAP */ From beeb1ae762d60ed84695d874d979e5095649d29d Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 6 Oct 2025 20:00:55 +0200 Subject: [PATCH 0309/2408] GHA/configure-vs-cmake: reduce windows cross-toolchain apt installs Download size: 277 MB -> 65 MB (installed: 1293 MB -> 401 MB) Also as a workaround for Azure Ubuntu mirror slowdown issues: https://github.com/curl/curl/actions/runs/18289326469/job/52072333582?pr=18866 Follow-up to 0455d8772a1af20ce63c46c5738582aa9b1b8441 #18509 Closes #18896 --- .github/workflows/configure-vs-cmake.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/configure-vs-cmake.yml b/.github/workflows/configure-vs-cmake.yml index 35f5290d18..5c35051f6a 100644 --- a/.github/workflows/configure-vs-cmake.yml +++ b/.github/workflows/configure-vs-cmake.yml @@ -131,7 +131,7 @@ jobs: - name: 'install packages' run: | sudo rm -f /var/lib/man-db/auto-update - sudo apt-get -o Dpkg::Use-Pty=0 install mingw-w64 + sudo apt-get -o Dpkg::Use-Pty=0 install gcc-mingw-w64-x86-64-win32 - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: From 13f10add17da864069dd1c1709cab7c4cdbb41cf Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 6 Oct 2025 20:35:38 +0200 Subject: [PATCH 0310/2408] REUSE: bump reuse to v6, add more fences to fix issues Closes #18895 Closes #18897 --- .github/scripts/requirements.txt | 2 +- scripts/cd2cd | 2 ++ scripts/cd2nroff | 2 ++ scripts/managen | 4 ++++ 4 files changed, 9 insertions(+), 1 deletion(-) diff --git a/.github/scripts/requirements.txt b/.github/scripts/requirements.txt index 7cb10c47f8..c20a747673 100644 --- a/.github/scripts/requirements.txt +++ b/.github/scripts/requirements.txt @@ -5,5 +5,5 @@ cmakelang==0.6.13 codespell==2.4.1 pytype==2024.10.11 -reuse==5.1.1 +reuse==6.0.0 ruff==0.13.2 diff --git a/scripts/cd2cd b/scripts/cd2cd index f4748f5d9b..9356ade6e6 100755 --- a/scripts/cd2cd +++ b/scripts/cd2cd @@ -156,7 +156,9 @@ sub single { return 2; } if(!$spdx) { + # REUSE-IgnoreStart print STDERR "$f:$line:1:ERROR: no 'SPDX-License-Identifier:' field present\n"; + # REUSE-IgnoreEnd return 2; } last; diff --git a/scripts/cd2nroff b/scripts/cd2nroff index d7a5dfe7b0..950011173b 100755 --- a/scripts/cd2nroff +++ b/scripts/cd2nroff @@ -320,7 +320,9 @@ sub single { return 2; } if(!$spdx) { + # REUSE-IgnoreStart print STDERR "$f:$line:1:ERROR: no 'SPDX-License-Identifier:' field present\n"; + # REUSE-IgnoreEnd return 2; } if($section == 3) { diff --git a/scripts/managen b/scripts/managen index 4849fe8378..17c8677882 100755 --- a/scripts/managen +++ b/scripts/managen @@ -661,12 +661,14 @@ sub single { elsif(/^Experimental: yes/i) { $experimental=1; } + # REUSE-IgnoreStart elsif(/^C: (.*)/i) { $copyright=$1; } elsif(/^SPDX-License-Identifier: (.*)/i) { $spdx=$1; } + # REUSE-IgnoreEnd elsif(/^Help: *(.*)/i) { ; } @@ -697,7 +699,9 @@ sub single { return 2; } if(!$spdx) { + # REUSE-IgnoreStart print STDERR "$f:$line:1:ERROR: no 'SPDX-License-Identifier:' field present\n"; + # REUSE-IgnoreEnd return 2; } last; From b12da22db1f11da51082977dc21a7edee7858911 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 4 Oct 2025 12:58:49 +0200 Subject: [PATCH 0311/2408] lib: stop overriding system printf symbols After this patch, the codebase no longer overrides system printf functions. Instead it explicitly calls either the curl printf functions `curl_m*printf()` or the system ones using their original names. Also: - drop unused `curl_printf.h` includes. - checksrc: ban system printf functions, allow where necessary. Follow-up to db98daab05aec251bcb6615d2d38dfebec291736 #18844 Follow-up to 4deea9396bc7dd25c6362fa746a57bf309c74ada #18814 Closes #18866 --- REUSE.toml | 10 +- docs/examples/.checksrc | 2 + lib/.checksrc | 0 lib/Makefile.am | 5 +- lib/altsvc.c | 33 ++-- lib/asyn-ares.c | 5 +- lib/asyn-thrdd.c | 5 +- lib/bufq.c | 3 +- lib/cf-h1-proxy.c | 3 +- lib/cf-h2-proxy.c | 82 +++++----- lib/cf-haproxy.c | 3 +- lib/cf-https-connect.c | 3 +- lib/cf-ip-happy.c | 8 +- lib/cf-socket.c | 3 +- lib/cfilters.c | 3 +- lib/conncache.c | 11 +- lib/connect.c | 5 +- lib/content_encoding.c | 3 +- lib/cookie.c | 7 +- lib/cshutdn.c | 3 +- lib/curl_addrinfo.c | 4 +- lib/curl_fopen.c | 6 +- lib/curl_gssapi.c | 16 +- lib/curl_ntlm_core.c | 21 +-- lib/curl_printf.h | 27 ---- lib/curl_rtmp.c | 9 +- lib/curl_sasl.c | 4 +- lib/curl_setup.h | 4 +- lib/curl_trc.c | 27 ++-- lib/curlx/.checksrc | 0 lib/cw-out.c | 3 +- lib/cw-pause.c | 3 +- lib/dict.c | 6 +- lib/dllmain.c | 3 +- lib/doh.c | 10 +- lib/dynhds.c | 4 +- lib/easy.c | 41 +++-- lib/escape.c | 4 +- lib/fake_addrinfo.c | 5 +- lib/file.c | 26 +-- lib/formdata.c | 4 +- lib/ftp.c | 52 +++--- lib/ftplistparser.c | 3 +- lib/gopher.c | 6 +- lib/hash.c | 14 +- lib/headers.c | 3 +- lib/hostip.c | 5 +- lib/hostip4.c | 6 +- lib/hostip6.c | 15 +- lib/hsts.c | 21 ++- lib/http.c | 69 ++++---- lib/http1.c | 3 +- lib/http2.c | 89 ++++++----- lib/http_aws_sigv4.c | 128 ++++++++------- lib/http_chunks.c | 3 +- lib/http_digest.c | 12 +- lib/http_negotiate.c | 7 +- lib/http_ntlm.c | 15 +- lib/http_proxy.c | 7 +- lib/httpsrr.c | 3 +- lib/idn.c | 3 +- lib/if2ip.c | 8 +- lib/imap.c | 9 +- lib/ldap.c | 6 +- lib/md4.c | 3 +- lib/md5.c | 3 +- lib/memdebug.c | 9 +- lib/mime.c | 6 +- lib/mqtt.c | 5 +- lib/multi.c | 26 +-- lib/multi_ev.c | 4 +- lib/netrc.c | 7 +- lib/noproxy.c | 7 +- lib/openldap.c | 16 +- lib/pingpong.c | 3 +- lib/pop3.c | 6 +- lib/progress.c | 71 ++++---- lib/psl.c | 3 +- lib/rand.c | 3 +- lib/rename.c | 3 +- lib/request.c | 3 +- lib/rtsp.c | 17 +- lib/select.c | 4 +- lib/sendf.c | 3 +- lib/setopt.c | 3 +- lib/sha256.c | 3 +- lib/share.c | 3 +- lib/smb.c | 25 ++- lib/smtp.c | 13 +- lib/socketpair.c | 3 +- lib/socks.c | 3 +- lib/socks_gssapi.c | 7 +- lib/socks_sspi.c | 7 +- lib/telnet.c | 39 ++--- lib/tftp.c | 19 ++- lib/transfer.c | 5 +- lib/uint-bset.c | 3 +- lib/uint-spbset.c | 3 +- lib/uint-table.c | 3 +- lib/url.c | 35 ++-- lib/urlapi.c | 57 ++++--- lib/vauth/.checksrc | 0 lib/vauth/cleartext.c | 1 - lib/vauth/cram.c | 3 +- lib/vauth/digest.c | 98 ++++++------ lib/vauth/gsasl.c | 3 +- lib/vauth/krb5_gssapi.c | 1 - lib/vauth/ntlm.c | 293 +++++++++++++++++----------------- lib/vauth/oauth2.c | 11 +- lib/vauth/vauth.c | 9 +- lib/version.c | 35 ++-- lib/vquic/.checksrc | 0 lib/vquic/curl_ngtcp2.c | 11 +- lib/vquic/curl_osslq.c | 15 +- lib/vquic/curl_quiche.c | 7 +- lib/vquic/vquic-tls.c | 3 +- lib/vquic/vquic.c | 5 +- lib/vssh/.checksrc | 0 lib/vssh/libssh.c | 56 +++---- lib/vssh/libssh2.c | 63 ++++---- lib/vtls/.checksrc | 0 lib/vtls/cipher_suite.c | 7 +- lib/vtls/gtls.c | 27 ++-- lib/vtls/mbedtls.c | 11 +- lib/vtls/mbedtls_threadlock.c | 20 +-- lib/vtls/openssl.c | 64 ++++---- lib/vtls/rustls.c | 6 +- lib/vtls/schannel.c | 7 +- lib/vtls/schannel_verify.c | 1 - lib/vtls/vtls.c | 5 +- lib/vtls/vtls_scache.c | 1 - lib/vtls/wolfssl.c | 5 +- lib/vtls/x509asn1.c | 7 +- lib/ws.c | 3 +- packages/OS400/curlcl.c | 1 + scripts/.checksrc | 1 + scripts/Makefile.am | 2 +- scripts/checksrc.pl | 8 + src/.checksrc | 8 - tests/cmake/test.c | 1 + tests/libtest/.checksrc | 8 - tests/libtest/Makefile.am | 2 +- tests/server/.checksrc | 2 + tests/tunit/.checksrc | 8 - tests/tunit/Makefile.am | 2 +- tests/unit/.checksrc | 8 - tests/unit/Makefile.am | 2 +- 147 files changed, 1030 insertions(+), 1145 deletions(-) delete mode 100644 lib/.checksrc delete mode 100644 lib/curlx/.checksrc delete mode 100644 lib/vauth/.checksrc delete mode 100644 lib/vquic/.checksrc delete mode 100644 lib/vssh/.checksrc delete mode 100644 lib/vtls/.checksrc create mode 100644 scripts/.checksrc delete mode 100644 tests/libtest/.checksrc delete mode 100644 tests/tunit/.checksrc delete mode 100644 tests/unit/.checksrc diff --git a/REUSE.toml b/REUSE.toml index 0d07c8b3e1..d3b98edb48 100644 --- a/REUSE.toml +++ b/REUSE.toml @@ -41,17 +41,9 @@ path = [ "tests/valgrind.supp", # checksrc control files "docs/examples/.checksrc", - "lib/.checksrc", - "lib/curlx/.checksrc", - "lib/vauth/.checksrc", - "lib/vquic/.checksrc", - "lib/vssh/.checksrc", - "lib/vtls/.checksrc", + "scripts/.checksrc", "src/.checksrc", - "tests/libtest/.checksrc", "tests/server/.checksrc", - "tests/tunit/.checksrc", - "tests/unit/.checksrc", ] SPDX-FileCopyrightText = "Daniel Stenberg, , et al." SPDX-License-Identifier = "curl" diff --git a/docs/examples/.checksrc b/docs/examples/.checksrc index 336e1928d2..59899762bf 100644 --- a/docs/examples/.checksrc +++ b/docs/examples/.checksrc @@ -1,9 +1,11 @@ allowfunc fclose allowfunc fdopen allowfunc fopen +allowfunc fprintf allowfunc gmtime allowfunc localtime allowfunc open +allowfunc printf allowfunc snprintf allowfunc socket allowfunc sscanf diff --git a/lib/.checksrc b/lib/.checksrc deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/lib/Makefile.am b/lib/Makefile.am index 973876f501..784b7f35d6 100644 --- a/lib/Makefile.am +++ b/lib/Makefile.am @@ -28,12 +28,9 @@ include Makefile.inc CMAKE_DIST = CMakeLists.txt curl_config.h.cmake -CHECKSRC_DIST = .checksrc \ - curlx/.checksrc vauth/.checksrc vquic/.checksrc vssh/.checksrc vtls/.checksrc - EXTRA_DIST = config-mac.h config-os400.h config-plan9.h config-riscos.h \ config-win32.h curl_config.h.in $(LIB_RCFILES) libcurl.def \ - $(CMAKE_DIST) Makefile.soname optiontable.pl $(CHECKSRC_DIST) + $(CMAKE_DIST) Makefile.soname optiontable.pl lib_LTLIBRARIES = libcurl.la diff --git a/lib/altsvc.c b/lib/altsvc.c index 7e4c4b5c25..449bea8528 100644 --- a/lib/altsvc.c +++ b/lib/altsvc.c @@ -42,8 +42,7 @@ #include "curlx/strparse.h" #include "connect.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -270,23 +269,23 @@ static CURLcode altsvc_out(struct altsvc *as, FILE *fp) } } #endif - fprintf(fp, - "%s %s%s%s %u " - "%s %s%s%s %u " - "\"%d%02d%02d " - "%02d:%02d:%02d\" " - "%u %u\n", - Curl_alpnid2str(as->src.alpnid), - src6_pre, as->src.host, src6_post, - as->src.port, + curl_mfprintf(fp, + "%s %s%s%s %u " + "%s %s%s%s %u " + "\"%d%02d%02d " + "%02d:%02d:%02d\" " + "%u %u\n", + Curl_alpnid2str(as->src.alpnid), + src6_pre, as->src.host, src6_post, + as->src.port, - Curl_alpnid2str(as->dst.alpnid), - dst6_pre, as->dst.host, dst6_post, - as->dst.port, + Curl_alpnid2str(as->dst.alpnid), + dst6_pre, as->dst.host, dst6_post, + as->dst.port, - stamp.tm_year + 1900, stamp.tm_mon + 1, stamp.tm_mday, - stamp.tm_hour, stamp.tm_min, stamp.tm_sec, - as->persist, as->prio); + stamp.tm_year + 1900, stamp.tm_mon + 1, stamp.tm_mday, + stamp.tm_hour, stamp.tm_min, stamp.tm_sec, + as->persist, as->prio); return CURLE_OK; } diff --git a/lib/asyn-ares.c b/lib/asyn-ares.c index a9988806ac..236697695e 100644 --- a/lib/asyn-ares.c +++ b/lib/asyn-ares.c @@ -105,8 +105,7 @@ #define HTTPSRR_WORKS #endif -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -782,7 +781,7 @@ struct Curl_addrinfo *Curl_async_getaddrinfo(struct Curl_easy *data, * accordingly to save a call to getservbyname in inside C-Ares */ hints.ai_flags = ARES_AI_NUMERICSERV; - msnprintf(service, sizeof(service), "%d", port); + curl_msnprintf(service, sizeof(service), "%d", port); ares->num_pending = 1; ares_getaddrinfo(ares->channel, data->state.async.hostname, service, &hints, async_ares_addrinfo_cb, data); diff --git a/lib/asyn-thrdd.c b/lib/asyn-thrdd.c index 2aa16de728..dc13143e24 100644 --- a/lib/asyn-thrdd.c +++ b/lib/asyn-thrdd.c @@ -73,8 +73,7 @@ #endif #endif -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -220,7 +219,7 @@ static CURL_THREAD_RETURN_T CURL_STDCALL getaddrinfo_thread(void *arg) char service[12]; int rc; - msnprintf(service, sizeof(service), "%d", addr_ctx->port); + curl_msnprintf(service, sizeof(service), "%d", addr_ctx->port); rc = Curl_getaddrinfo_ex(addr_ctx->hostname, service, &addr_ctx->hints, &addr_ctx->res); diff --git a/lib/bufq.c b/lib/bufq.c index 5cfd7520f2..e429ccf8e3 100644 --- a/lib/bufq.c +++ b/lib/bufq.c @@ -25,8 +25,7 @@ #include "curl_setup.h" #include "bufq.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/cf-h1-proxy.c b/lib/cf-h1-proxy.c index 798d6e9f66..e65aa74ddb 100644 --- a/lib/cf-h1-proxy.c +++ b/lib/cf-h1-proxy.c @@ -46,8 +46,7 @@ #include "multiif.h" #include "curlx/strparse.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/cf-h2-proxy.c b/lib/cf-h2-proxy.c index 17a15c1d2a..8baa227aac 100644 --- a/lib/cf-h2-proxy.c +++ b/lib/cf-h2-proxy.c @@ -44,8 +44,7 @@ #include "select.h" #include "cf-h2-proxy.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -101,8 +100,8 @@ static CURLcode tunnel_stream_init(struct Curl_cfilter *cf, return result; ts->authority = /* host:port with IPv6 support */ - aprintf("%s%s%s:%d", ipv6_ip ? "[":"", hostname, - ipv6_ip ? "]" : "", port); + curl_maprintf("%s%s%s:%d", ipv6_ip ? "[":"", hostname, + ipv6_ip ? "]" : "", port); if(!ts->authority) return CURLE_OUT_OF_MEMORY; @@ -556,47 +555,47 @@ static int proxy_h2_fr_print(const nghttp2_frame *frame, { switch(frame->hd.type) { case NGHTTP2_DATA: { - return msnprintf(buffer, blen, - "FRAME[DATA, len=%d, eos=%d, padlen=%d]", - (int)frame->hd.length, - !!(frame->hd.flags & NGHTTP2_FLAG_END_STREAM), - (int)frame->data.padlen); + return curl_msnprintf(buffer, blen, + "FRAME[DATA, len=%d, eos=%d, padlen=%d]", + (int)frame->hd.length, + !!(frame->hd.flags & NGHTTP2_FLAG_END_STREAM), + (int)frame->data.padlen); } case NGHTTP2_HEADERS: { - return msnprintf(buffer, blen, - "FRAME[HEADERS, len=%d, hend=%d, eos=%d]", - (int)frame->hd.length, - !!(frame->hd.flags & NGHTTP2_FLAG_END_HEADERS), - !!(frame->hd.flags & NGHTTP2_FLAG_END_STREAM)); + return curl_msnprintf(buffer, blen, + "FRAME[HEADERS, len=%d, hend=%d, eos=%d]", + (int)frame->hd.length, + !!(frame->hd.flags & NGHTTP2_FLAG_END_HEADERS), + !!(frame->hd.flags & NGHTTP2_FLAG_END_STREAM)); } case NGHTTP2_PRIORITY: { - return msnprintf(buffer, blen, - "FRAME[PRIORITY, len=%d, flags=%d]", - (int)frame->hd.length, frame->hd.flags); + return curl_msnprintf(buffer, blen, + "FRAME[PRIORITY, len=%d, flags=%d]", + (int)frame->hd.length, frame->hd.flags); } case NGHTTP2_RST_STREAM: { - return msnprintf(buffer, blen, - "FRAME[RST_STREAM, len=%d, flags=%d, error=%u]", - (int)frame->hd.length, frame->hd.flags, - frame->rst_stream.error_code); + return curl_msnprintf(buffer, blen, + "FRAME[RST_STREAM, len=%d, flags=%d, error=%u]", + (int)frame->hd.length, frame->hd.flags, + frame->rst_stream.error_code); } case NGHTTP2_SETTINGS: { if(frame->hd.flags & NGHTTP2_FLAG_ACK) { - return msnprintf(buffer, blen, "FRAME[SETTINGS, ack=1]"); + return curl_msnprintf(buffer, blen, "FRAME[SETTINGS, ack=1]"); } - return msnprintf(buffer, blen, - "FRAME[SETTINGS, len=%d]", (int)frame->hd.length); + return curl_msnprintf(buffer, blen, + "FRAME[SETTINGS, len=%d]", (int)frame->hd.length); } case NGHTTP2_PUSH_PROMISE: - return msnprintf(buffer, blen, - "FRAME[PUSH_PROMISE, len=%d, hend=%d]", - (int)frame->hd.length, - !!(frame->hd.flags & NGHTTP2_FLAG_END_HEADERS)); + return curl_msnprintf(buffer, blen, + "FRAME[PUSH_PROMISE, len=%d, hend=%d]", + (int)frame->hd.length, + !!(frame->hd.flags & NGHTTP2_FLAG_END_HEADERS)); case NGHTTP2_PING: - return msnprintf(buffer, blen, - "FRAME[PING, len=%d, ack=%d]", - (int)frame->hd.length, - frame->hd.flags & NGHTTP2_FLAG_ACK); + return curl_msnprintf(buffer, blen, + "FRAME[PING, len=%d, ack=%d]", + (int)frame->hd.length, + frame->hd.flags & NGHTTP2_FLAG_ACK); case NGHTTP2_GOAWAY: { char scratch[128]; size_t s_len = CURL_ARRAYSIZE(scratch); @@ -605,19 +604,20 @@ static int proxy_h2_fr_print(const nghttp2_frame *frame, if(len) memcpy(scratch, frame->goaway.opaque_data, len); scratch[len] = '\0'; - return msnprintf(buffer, blen, "FRAME[GOAWAY, error=%d, reason='%s', " - "last_stream=%d]", frame->goaway.error_code, - scratch, frame->goaway.last_stream_id); + return curl_msnprintf(buffer, blen, + "FRAME[GOAWAY, error=%d, reason='%s', " + "last_stream=%d]", frame->goaway.error_code, + scratch, frame->goaway.last_stream_id); } case NGHTTP2_WINDOW_UPDATE: { - return msnprintf(buffer, blen, - "FRAME[WINDOW_UPDATE, incr=%d]", - frame->window_update.window_size_increment); + return curl_msnprintf(buffer, blen, + "FRAME[WINDOW_UPDATE, incr=%d]", + frame->window_update.window_size_increment); } default: - return msnprintf(buffer, blen, "FRAME[%d, len=%d, flags=%d]", - frame->hd.type, (int)frame->hd.length, - frame->hd.flags); + return curl_msnprintf(buffer, blen, "FRAME[%d, len=%d, flags=%d]", + frame->hd.type, (int)frame->hd.length, + frame->hd.flags); } } diff --git a/lib/cf-haproxy.c b/lib/cf-haproxy.c index 2d66efea90..3231791097 100644 --- a/lib/cf-haproxy.c +++ b/lib/cf-haproxy.c @@ -34,8 +34,7 @@ #include "multiif.h" #include "select.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/cf-https-connect.c b/lib/cf-https-connect.c index b4a4605295..5d6724dbc5 100644 --- a/lib/cf-https-connect.c +++ b/lib/cf-https-connect.c @@ -38,8 +38,7 @@ #include "select.h" #include "vquic/vquic.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/cf-ip-happy.c b/lib/cf-ip-happy.c index c0150dd087..f6675e275d 100644 --- a/lib/cf-ip-happy.c +++ b/lib/cf-ip-happy.c @@ -60,8 +60,7 @@ #include "select.h" #include "vquic/vquic.h" /* for quic cfilters */ -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -662,7 +661,8 @@ static CURLcode is_connected(struct Curl_cfilter *cf, #ifdef USE_UNIX_SOCKETS if(conn->unix_domain_socket) - msnprintf(viamsg, sizeof(viamsg), "over %s", conn->unix_domain_socket); + curl_msnprintf(viamsg, sizeof(viamsg), "over %s", + conn->unix_domain_socket); else #endif { @@ -673,7 +673,7 @@ static CURLcode is_connected(struct Curl_cfilter *cf, port = conn->conn_to_port; else port = conn->remote_port; - msnprintf(viamsg, sizeof(viamsg), "port %u", port); + curl_msnprintf(viamsg, sizeof(viamsg), "port %u", port); } failf(data, "Failed to connect to %s %s %s%s%safter " diff --git a/lib/cf-socket.c b/lib/cf-socket.c index aa79ac45a4..0182de67e8 100644 --- a/lib/cf-socket.c +++ b/lib/cf-socket.c @@ -82,8 +82,7 @@ #include "curlx/strerr.h" #include "curlx/strparse.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/cfilters.c b/lib/cfilters.c index 07f3c5f7b4..d0466f5fad 100644 --- a/lib/cfilters.c +++ b/lib/cfilters.c @@ -37,8 +37,7 @@ #include "curlx/warnless.h" #include "curlx/strparse.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/conncache.c b/lib/conncache.c index a8fc51c213..67e2a63d8a 100644 --- a/lib/conncache.c +++ b/lib/conncache.c @@ -45,8 +45,7 @@ #include "curlx/strparse.h" #include "uint-table.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -895,7 +894,7 @@ void Curl_cpool_print(struct cpool *cpool) if(!cpool) return; - fprintf(stderr, "=Bundle cache=\n"); + curl_mfprintf(stderr, "=Bundle cache=\n"); Curl_hash_start_iterate(cpool->dest2bundle, &iter); @@ -906,15 +905,15 @@ void Curl_cpool_print(struct cpool *cpool) bundle = he->ptr; - fprintf(stderr, "%s -", he->key); + curl_mfprintf(stderr, "%s -", he->key); curr = Curl_llist_head(bundle->conns); while(curr) { conn = Curl_node_elem(curr); - fprintf(stderr, " [%p %d]", (void *)conn, conn->refcount); + curl_mfprintf(stderr, " [%p %d]", (void *)conn, conn->refcount); curr = Curl_node_next(curr); } - fprintf(stderr, "\n"); + curl_mfprintf(stderr, "\n"); he = Curl_hash_next_element(&iter); } diff --git a/lib/connect.c b/lib/connect.c index 4f42fef0e8..efe6248214 100644 --- a/lib/connect.c +++ b/lib/connect.c @@ -75,8 +75,7 @@ #include "http_proxy.h" #include "socks.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -267,7 +266,7 @@ bool Curl_addr2string(struct sockaddr *sa, curl_socklen_t salen, case AF_UNIX: if(salen > (curl_socklen_t)sizeof(CURL_SA_FAMILY_T)) { su = (struct sockaddr_un*)sa; - msnprintf(addr, MAX_IPADR_LEN, "%s", su->sun_path); + curl_msnprintf(addr, MAX_IPADR_LEN, "%s", su->sun_path); } else addr[0] = 0; /* socket with no name */ diff --git a/lib/content_encoding.c b/lib/content_encoding.c index 3a0549c4b1..28cccacdb6 100644 --- a/lib/content_encoding.c +++ b/lib/content_encoding.c @@ -53,8 +53,7 @@ #include "content_encoding.h" #include "strdup.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/cookie.c b/lib/cookie.c index c5fbe1344d..59a841a303 100644 --- a/lib/cookie.c +++ b/lib/cookie.c @@ -89,8 +89,7 @@ Example set of cookies: #include "llist.h" #include "curlx/strparse.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -1479,7 +1478,7 @@ void Curl_cookie_cleanup(struct CookieInfo *ci) */ static char *get_netscape_format(const struct Cookie *co) { - return aprintf( + return curl_maprintf( "%s" /* httponly preamble */ "%s%s\t" /* domain */ "%s\t" /* tailmatch */ @@ -1575,7 +1574,7 @@ static CURLcode cookie_output(struct Curl_easy *data, error = CURLE_OUT_OF_MEMORY; goto error; } - fprintf(out, "%s\n", format_ptr); + curl_mfprintf(out, "%s\n", format_ptr); free(format_ptr); } diff --git a/lib/cshutdn.c b/lib/cshutdn.c index 1c144c6025..c2788e7780 100644 --- a/lib/cshutdn.c +++ b/lib/cshutdn.c @@ -42,8 +42,7 @@ #include "select.h" #include "curlx/strparse.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/curl_addrinfo.c b/lib/curl_addrinfo.c index c4ad71a02e..e26ee656bd 100644 --- a/lib/curl_addrinfo.c +++ b/lib/curl_addrinfo.c @@ -53,8 +53,8 @@ #include "fake_addrinfo.h" #include "curlx/inet_pton.h" #include "curlx/warnless.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" + +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/curl_fopen.c b/lib/curl_fopen.c index 5e25f0eab6..c41cff21cd 100644 --- a/lib/curl_fopen.c +++ b/lib/curl_fopen.c @@ -30,8 +30,8 @@ #include "urldata.h" #include "rand.h" #include "curl_fopen.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" + +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -122,7 +122,7 @@ CURLcode Curl_fopen(struct Curl_easy *data, const char *filename, if(dir) { /* The temp filename should not end up too long for the target file system */ - tempstore = aprintf("%s%s.tmp", dir, randbuf); + tempstore = curl_maprintf("%s%s.tmp", dir, randbuf); free(dir); } diff --git a/lib/curl_gssapi.c b/lib/curl_gssapi.c index 92b867f775..87f644a908 100644 --- a/lib/curl_gssapi.c +++ b/lib/curl_gssapi.c @@ -29,8 +29,7 @@ #include "curl_gssapi.h" #include "sendf.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -244,9 +243,10 @@ stub_gss_init_sec_context(OM_uint32 *min, } /* Token format: creds:target:type:padding */ - used = msnprintf(token, length, "%s:%.*s:%d:", creds, - (int)target_desc.length, (const char *)target_desc.value, - ctx->sent); + used = curl_msnprintf(token, length, "%s:%.*s:%d:", creds, + (int)target_desc.length, + (const char *)target_desc.value, + ctx->sent); gss_release_buffer(&minor_status, &target_desc); } @@ -387,9 +387,9 @@ static size_t display_gss_error(OM_uint32 status, int type, &status_string); if(maj_stat == GSS_S_COMPLETE && status_string.length > 0) { if(GSS_LOG_BUFFER_LEN > len + status_string.length + 3) { - len += msnprintf(buf + len, GSS_LOG_BUFFER_LEN - len, - "%.*s. ", (int)status_string.length, - (char *)status_string.value); + len += curl_msnprintf(buf + len, GSS_LOG_BUFFER_LEN - len, + "%.*s. ", (int)status_string.length, + (char *)status_string.value); } } gss_release_buffer(&min_stat, &status_string); diff --git a/lib/curl_ntlm_core.c b/lib/curl_ntlm_core.c index e040db2ab6..cf0e4dc288 100644 --- a/lib/curl_ntlm_core.c +++ b/lib/curl_ntlm_core.c @@ -119,8 +119,8 @@ #include "curl_endian.h" #include "curl_des.h" #include "curl_md4.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" + +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -567,14 +567,15 @@ CURLcode Curl_ntlm_core_mk_ntlmv2_resp(unsigned char *ntlmv2hash, return CURLE_OUT_OF_MEMORY; /* Create the BLOB structure */ - msnprintf((char *)ptr + HMAC_MD5_LENGTH, NTLMv2_BLOB_LEN, - "%c%c%c%c" /* NTLMv2_BLOB_SIGNATURE */ - "%c%c%c%c" /* Reserved = 0 */ - "%c%c%c%c%c%c%c%c", /* Timestamp */ - NTLMv2_BLOB_SIGNATURE[0], NTLMv2_BLOB_SIGNATURE[1], - NTLMv2_BLOB_SIGNATURE[2], NTLMv2_BLOB_SIGNATURE[3], - 0, 0, 0, 0, - LONGQUARTET(tw.dwLowDateTime), LONGQUARTET(tw.dwHighDateTime)); + curl_msnprintf((char *)ptr + HMAC_MD5_LENGTH, NTLMv2_BLOB_LEN, + "%c%c%c%c" /* NTLMv2_BLOB_SIGNATURE */ + "%c%c%c%c" /* Reserved = 0 */ + "%c%c%c%c%c%c%c%c", /* Timestamp */ + NTLMv2_BLOB_SIGNATURE[0], NTLMv2_BLOB_SIGNATURE[1], + NTLMv2_BLOB_SIGNATURE[2], NTLMv2_BLOB_SIGNATURE[3], + 0, 0, 0, 0, + LONGQUARTET(tw.dwLowDateTime), + LONGQUARTET(tw.dwHighDateTime)); memcpy(ptr + 32, challenge_client, 8); if(ntlm->target_info_len) diff --git a/lib/curl_printf.h b/lib/curl_printf.h index 6e0fa1fa8d..207ba7125d 100644 --- a/lib/curl_printf.h +++ b/lib/curl_printf.h @@ -24,8 +24,6 @@ * ***************************************************************************/ -#include - #define MERR_OK 0 #define MERR_MEM 1 #define MERR_TOO_LARGE 2 @@ -36,29 +34,4 @@ extern const unsigned char Curl_ldigits[]; /* Upper-case digits. */ extern const unsigned char Curl_udigits[]; -#ifdef BUILDING_LIBCURL - -/* - * This header should be included by ALL code in libcurl that uses any - * *rintf() functions. - */ - -# undef printf -# undef fprintf -# undef msnprintf -# undef vprintf -# undef vfprintf -# undef mvsnprintf -# undef aprintf -# undef vaprintf -# define printf curl_mprintf -# define fprintf curl_mfprintf -# define msnprintf curl_msnprintf -# define vprintf curl_mvprintf -# define vfprintf curl_mvfprintf -# define mvsnprintf curl_mvsnprintf -# define aprintf curl_maprintf -# define vaprintf curl_mvaprintf - -#endif /* BUILDING_LIBCURL */ #endif /* HEADER_CURL_PRINTF_H */ diff --git a/lib/curl_rtmp.c b/lib/curl_rtmp.c index baee79fbee..7006ca5eb9 100644 --- a/lib/curl_rtmp.c +++ b/lib/curl_rtmp.c @@ -37,8 +37,7 @@ #include #include -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -386,9 +385,9 @@ void Curl_rtmp_version(char *version, size_t len) else suff[0] = '\0'; - msnprintf(version, len, "librtmp/%d.%d%s", - RTMP_LIB_VERSION >> 16, (RTMP_LIB_VERSION >> 8) & 0xff, - suff); + curl_msnprintf(version, len, "librtmp/%d.%d%s", + RTMP_LIB_VERSION >> 16, (RTMP_LIB_VERSION >> 8) & 0xff, + suff); } #endif /* USE_LIBRTMP */ diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c index 9c86f3ea08..c907c2c27b 100644 --- a/lib/curl_sasl.c +++ b/lib/curl_sasl.c @@ -51,8 +51,8 @@ #include "curl_sasl.h" #include "curlx/warnless.h" #include "sendf.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" + +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/curl_setup.h b/lib/curl_setup.h index f6fe6535f4..694d14df4f 100644 --- a/lib/curl_setup.h +++ b/lib/curl_setup.h @@ -983,6 +983,8 @@ extern curl_calloc_callback Curl_ccalloc; #define Curl_safefree(ptr) \ do { free((ptr)); (ptr) = NULL;} while(0) +#include /* for CURL_EXTERN, mprintf.h */ + #ifdef CURLDEBUG #ifdef __clang__ # define ALLOC_FUNC __attribute__((__malloc__)) @@ -1007,8 +1009,6 @@ extern curl_calloc_callback Curl_ccalloc; # define ALLOC_SIZE2(n, s) #endif -#include /* for CURL_EXTERN */ - extern FILE *curl_dbg_logfile; /* memory functions */ diff --git a/lib/curl_trc.c b/lib/curl_trc.c index e04c425b32..7f234437f2 100644 --- a/lib/curl_trc.c +++ b/lib/curl_trc.c @@ -47,8 +47,7 @@ #include "vtls/vtls.h" #include "vquic/vquic.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -102,14 +101,14 @@ static size_t trc_print_ids(struct Curl_easy *data, char *buf, size_t maxlen) data->conn->connection_id : data->state.recent_conn_id; if(data->id >= 0) { if(cid >= 0) - return msnprintf(buf, maxlen, CURL_TRC_FMT_IDSDC, data->id, cid); + return curl_msnprintf(buf, maxlen, CURL_TRC_FMT_IDSDC, data->id, cid); else - return msnprintf(buf, maxlen, CURL_TRC_FMT_IDSD, data->id); + return curl_msnprintf(buf, maxlen, CURL_TRC_FMT_IDSD, data->id); } else if(cid >= 0) - return msnprintf(buf, maxlen, CURL_TRC_FMT_IDSC, cid); + return curl_msnprintf(buf, maxlen, CURL_TRC_FMT_IDSC, cid); else { - return msnprintf(buf, maxlen, "[x-x] "); + return curl_msnprintf(buf, maxlen, "[x-x] "); } } @@ -143,8 +142,8 @@ void Curl_debug(struct Curl_easy *data, curl_infotype type, if(CURL_TRC_IDS(data) && (size < TRC_LINE_MAX)) { len = trc_print_ids(data, buf, TRC_LINE_MAX); - len += msnprintf(buf + len, TRC_LINE_MAX - len, "%.*s", - (int)size, ptr); + len += curl_msnprintf(buf + len, TRC_LINE_MAX - len, "%.*s", + (int)size, ptr); len = trc_end_buf(buf, len, TRC_LINE_MAX, FALSE); Curl_set_in_callback(data, TRUE); (void)(*data->set.fdebug)(data, type, buf, len, data->set.debugdata); @@ -189,7 +188,7 @@ void Curl_failf(struct Curl_easy *data, const char *fmt, ...) size_t len; char error[CURL_ERROR_SIZE + 2]; va_start(ap, fmt); - len = mvsnprintf(error, CURL_ERROR_SIZE, fmt, ap); + len = curl_mvsnprintf(error, CURL_ERROR_SIZE, fmt, ap); if(data->set.errorbuffer && !data->state.errorbuf) { strcpy(data->set.errorbuffer, error); @@ -220,15 +219,15 @@ static void trc_infof(struct Curl_easy *data, if(CURL_TRC_IDS(data)) len += trc_print_ids(data, buf + len, TRC_LINE_MAX - len); if(feat) - len += msnprintf(buf + len, TRC_LINE_MAX - len, "[%s] ", feat->name); + len += curl_msnprintf(buf + len, TRC_LINE_MAX - len, "[%s] ", feat->name); if(opt_id) { if(opt_id_idx > 0) - len += msnprintf(buf + len, TRC_LINE_MAX - len, "[%s-%d] ", - opt_id, opt_id_idx); + len += curl_msnprintf(buf + len, TRC_LINE_MAX - len, "[%s-%d] ", + opt_id, opt_id_idx); else - len += msnprintf(buf + len, TRC_LINE_MAX - len, "[%s] ", opt_id); + len += curl_msnprintf(buf + len, TRC_LINE_MAX - len, "[%s] ", opt_id); } - len += mvsnprintf(buf + len, TRC_LINE_MAX - len, fmt, ap); + len += curl_mvsnprintf(buf + len, TRC_LINE_MAX - len, fmt, ap); len = trc_end_buf(buf, len, TRC_LINE_MAX, TRUE); trc_write(data, CURLINFO_TEXT, buf, len); } diff --git a/lib/curlx/.checksrc b/lib/curlx/.checksrc deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/lib/cw-out.c b/lib/cw-out.c index 6d988a00bf..7a9274b5f2 100644 --- a/lib/cw-out.c +++ b/lib/cw-out.c @@ -35,8 +35,7 @@ #include "cw-out.h" #include "cw-pause.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/cw-pause.c b/lib/cw-pause.c index 9b9554c551..1af4e8fa41 100644 --- a/lib/cw-pause.c +++ b/lib/cw-pause.c @@ -34,8 +34,7 @@ #include "sendf.h" #include "cw-pause.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/dict.c b/lib/dict.c index 819584f284..3296a45466 100644 --- a/lib/dict.c +++ b/lib/dict.c @@ -59,9 +59,9 @@ #include "escape.h" #include "progress.h" #include "dict.h" -#include "curl_printf.h" + +/* The last 2 #include files should be: */ #include "curl_memory.h" -/* The last #include file should be: */ #include "memdebug.h" @@ -144,7 +144,7 @@ static CURLcode sendf(struct Curl_easy *data, const char *fmt, ...) char *sptr; va_list ap; va_start(ap, fmt); - s = vaprintf(fmt, ap); /* returns an allocated string */ + s = curl_mvaprintf(fmt, ap); /* returns an allocated string */ va_end(ap); if(!s) return CURLE_OUT_OF_MEMORY; /* failure */ diff --git a/lib/dllmain.c b/lib/dllmain.c index 7ac457ae05..d871a52484 100644 --- a/lib/dllmain.c +++ b/lib/dllmain.c @@ -28,8 +28,7 @@ #include #endif -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/doh.c b/lib/doh.c index 15e01357b8..3dd7a2872d 100644 --- a/lib/doh.c +++ b/lib/doh.c @@ -41,8 +41,7 @@ #include "escape.h" #include "urlapi-int.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -513,7 +512,7 @@ struct Curl_addrinfo *Curl_doh(struct Curl_easy *data, /* Only use HTTPS RR for HTTP(S) transfers */ char *qname = NULL; if(port != PORT_HTTPS) { - qname = aprintf("_%d._https.%s", port, hostname); + qname = curl_maprintf("_%d._https.%s", port, hostname); if(!qname) goto error; } @@ -890,8 +889,9 @@ static void doh_show(struct Curl_easy *data, len = sizeof(buffer) - len; for(j = 0; j < 16; j += 2) { size_t l; - msnprintf(ptr, len, "%s%02x%02x", j ? ":" : "", d->addr[i].ip.v6[j], - d->addr[i].ip.v6[j + 1]); + curl_msnprintf(ptr, len, "%s%02x%02x", j ? ":" : "", + d->addr[i].ip.v6[j], + d->addr[i].ip.v6[j + 1]); l = strlen(ptr); len -= l; ptr += l; diff --git a/lib/dynhds.c b/lib/dynhds.c index dcb9193a8b..95d415bf0b 100644 --- a/lib/dynhds.c +++ b/lib/dynhds.c @@ -26,12 +26,12 @@ #include "dynhds.h" #include "strcase.h" -/* The last 3 #include files should be in this order */ #ifdef USE_NGHTTP2 #include #include #endif /* USE_NGHTTP2 */ -#include "curl_printf.h" + +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/easy.c b/lib/easy.c index 7a36034c03..877cf13b9b 100644 --- a/lib/easy.c +++ b/lib/easy.c @@ -80,8 +80,7 @@ #include "easy_lock.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -157,42 +156,42 @@ static CURLcode global_init(long flags, bool memoryfuncs) } if(Curl_trc_init()) { - DEBUGF(fprintf(stderr, "Error: Curl_trc_init failed\n")); + DEBUGF(curl_mfprintf(stderr, "Error: Curl_trc_init failed\n")); goto fail; } if(!Curl_ssl_init()) { - DEBUGF(fprintf(stderr, "Error: Curl_ssl_init failed\n")); + DEBUGF(curl_mfprintf(stderr, "Error: Curl_ssl_init failed\n")); goto fail; } if(!Curl_vquic_init()) { - DEBUGF(fprintf(stderr, "Error: Curl_vquic_init failed\n")); + DEBUGF(curl_mfprintf(stderr, "Error: Curl_vquic_init failed\n")); goto fail; } if(Curl_win32_init(flags)) { - DEBUGF(fprintf(stderr, "Error: win32_init failed\n")); + DEBUGF(curl_mfprintf(stderr, "Error: win32_init failed\n")); goto fail; } if(Curl_amiga_init()) { - DEBUGF(fprintf(stderr, "Error: Curl_amiga_init failed\n")); + DEBUGF(curl_mfprintf(stderr, "Error: Curl_amiga_init failed\n")); goto fail; } if(Curl_macos_init()) { - DEBUGF(fprintf(stderr, "Error: Curl_macos_init failed\n")); + DEBUGF(curl_mfprintf(stderr, "Error: Curl_macos_init failed\n")); goto fail; } if(Curl_async_global_init()) { - DEBUGF(fprintf(stderr, "Error: resolver_global_init failed\n")); + DEBUGF(curl_mfprintf(stderr, "Error: resolver_global_init failed\n")); goto fail; } if(Curl_ssh_init()) { - DEBUGF(fprintf(stderr, "Error: Curl_ssh_init failed\n")); + DEBUGF(curl_mfprintf(stderr, "Error: Curl_ssh_init failed\n")); goto fail; } @@ -361,7 +360,7 @@ CURL *curl_easy_init(void) result = global_init(CURL_GLOBAL_DEFAULT, TRUE); if(result) { /* something in the global init failed, return nothing */ - DEBUGF(fprintf(stderr, "Error: curl_global_init failed\n")); + DEBUGF(curl_mfprintf(stderr, "Error: curl_global_init failed\n")); global_init_unlock(); return NULL; } @@ -371,7 +370,7 @@ CURL *curl_easy_init(void) /* We use curl_open() with undefined URL so far */ result = Curl_open(&data); if(result) { - DEBUGF(fprintf(stderr, "Error: Curl_open failed\n")); + DEBUGF(curl_mfprintf(stderr, "Error: Curl_open failed\n")); return NULL; } @@ -407,7 +406,7 @@ static int events_timer(CURLM *multi, /* multi handle */ struct events *ev = userp; (void)multi; #if DEBUG_EV_POLL - fprintf(stderr, "events_timer: set timeout %ldms\n", timeout_ms); + curl_mfprintf(stderr, "events_timer: set timeout %ldms\n", timeout_ms); #endif ev->ms = timeout_ms; ev->msbump = TRUE; @@ -559,7 +558,7 @@ static unsigned int populate_fds(struct pollfd *fds, struct events *ev) f->events = m->socket.events; f->revents = 0; #if DEBUG_EV_POLL - fprintf(stderr, "poll() %d check socket %d\n", numfds, f->fd); + curl_mfprintf(stderr, "poll() %d check socket %d\n", numfds, f->fd); #endif f++; numfds++; @@ -579,19 +578,19 @@ static CURLcode poll_fds(struct events *ev, if(numfds) { /* wait for activity or timeout */ #if DEBUG_EV_POLL - fprintf(stderr, "poll(numfds=%u, timeout=%ldms)\n", numfds, ev->ms); + curl_mfprintf(stderr, "poll(numfds=%u, timeout=%ldms)\n", numfds, ev->ms); #endif *pollrc = Curl_poll(fds, numfds, ev->ms); #if DEBUG_EV_POLL - fprintf(stderr, "poll(numfds=%u, timeout=%ldms) -> %d\n", - numfds, ev->ms, *pollrc); + curl_mfprintf(stderr, "poll(numfds=%u, timeout=%ldms) -> %d\n", + numfds, ev->ms, *pollrc); #endif if(*pollrc < 0) return CURLE_UNRECOVERABLE_POLL; } else { #if DEBUG_EV_POLL - fprintf(stderr, "poll, but no fds, wait timeout=%ldms\n", ev->ms); + curl_mfprintf(stderr, "poll, but no fds, wait timeout=%ldms\n", ev->ms); #endif *pollrc = 0; if(ev->ms > 0) @@ -629,7 +628,7 @@ static CURLcode wait_or_timeout(struct Curl_multi *multi, struct events *ev) if(!pollrc) { /* timeout! */ ev->ms = 0; - /* fprintf(stderr, "call curl_multi_socket_action(TIMEOUT)\n"); */ + /* curl_mfprintf(stderr, "call curl_multi_socket_action(TIMEOUT)\n"); */ mcode = curl_multi_socket_action(multi, CURL_SOCKET_TIMEOUT, 0, &ev->running_handles); } @@ -658,8 +657,8 @@ static CURLcode wait_or_timeout(struct Curl_multi *multi, struct events *ev) timediff_t timediff = curlx_timediff(curlx_now(), before); if(timediff > 0) { #if DEBUG_EV_POLL - fprintf(stderr, "poll timeout %ldms not updated, decrease by " - "time spent %ldms\n", ev->ms, (long)timediff); + curl_mfprintf(stderr, "poll timeout %ldms not updated, decrease by " + "time spent %ldms\n", ev->ms, (long)timediff); #endif if(timediff > ev->ms) ev->ms = 0; diff --git a/lib/escape.c b/lib/escape.c index a292ba3b62..e7587e49b4 100644 --- a/lib/escape.c +++ b/lib/escape.c @@ -36,9 +36,9 @@ struct Curl_easy; #include "escape.h" #include "strdup.h" #include "curlx/strparse.h" - -/* The last 3 #include files should be in this order */ #include "curl_printf.h" + +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/fake_addrinfo.c b/lib/fake_addrinfo.c index 20d55ba2d1..80edf78648 100644 --- a/lib/fake_addrinfo.c +++ b/lib/fake_addrinfo.c @@ -31,8 +31,7 @@ #include #include -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -178,7 +177,7 @@ int r_getaddrinfo(const char *node, if(env) { rc = ares_set_servers_ports_csv(channel, env); if(rc) { - fprintf(stderr, "ares_set_servers_ports_csv failed: %d", rc); + curl_mfprintf(stderr, "ares_set_servers_ports_csv failed: %d", rc); /* Cleanup */ ares_destroy(channel); return EAI_MEMORY; /* we can't run */ diff --git a/lib/file.c b/lib/file.c index 2d5818a1db..fe07df5d2a 100644 --- a/lib/file.c +++ b/lib/file.c @@ -69,8 +69,8 @@ #include "curlx/fopen.h" #include "curlx/warnless.h" #include "curl_range.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" + +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -488,8 +488,8 @@ static CURLcode file_do(struct Curl_easy *data, bool *done) static const char accept_ranges[]= { "Accept-ranges: bytes\r\n" }; if(expected_size >= 0) { headerlen = - msnprintf(header, sizeof(header), "Content-Length: %" FMT_OFF_T "\r\n", - expected_size); + curl_msnprintf(header, sizeof(header), + "Content-Length: %" FMT_OFF_T "\r\n", expected_size); result = Curl_client_write(data, CLIENTWRITE_HEADER, header, headerlen); if(result) return result; @@ -507,15 +507,15 @@ static CURLcode file_do(struct Curl_easy *data, bool *done) /* format: "Tue, 15 Nov 1994 12:45:26 GMT" */ headerlen = - msnprintf(header, sizeof(header), - "Last-Modified: %s, %02d %s %4d %02d:%02d:%02d GMT\r\n", - Curl_wkday[tm->tm_wday ? tm->tm_wday-1 : 6], - tm->tm_mday, - Curl_month[tm->tm_mon], - tm->tm_year + 1900, - tm->tm_hour, - tm->tm_min, - tm->tm_sec); + curl_msnprintf(header, sizeof(header), + "Last-Modified: %s, %02d %s %4d %02d:%02d:%02d GMT\r\n", + Curl_wkday[tm->tm_wday ? tm->tm_wday-1 : 6], + tm->tm_mday, + Curl_month[tm->tm_mon], + tm->tm_year + 1900, + tm->tm_hour, + tm->tm_min, + tm->tm_sec); result = Curl_client_write(data, CLIENTWRITE_HEADER, header, headerlen); if(!result) /* end of headers */ diff --git a/lib/formdata.c b/lib/formdata.c index 475ca22fc8..a98384c18a 100644 --- a/lib/formdata.c +++ b/lib/formdata.c @@ -38,8 +38,8 @@ struct Curl_easy; #include "strdup.h" #include "rand.h" #include "curlx/warnless.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" + +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/ftp.c b/lib/ftp.c index 32d3c445df..c3b8aafbc5 100644 --- a/lib/ftp.c +++ b/lib/ftp.c @@ -72,8 +72,8 @@ #include "strdup.h" #include "curlx/strerr.h" #include "curlx/strparse.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" + +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -1209,7 +1209,7 @@ static CURLcode ftp_state_use_port(struct Curl_easy *data, source++; } *dest = 0; - msnprintf(dest, 20, ",%d,%d", (int)(port >> 8), (int)(port & 0xff)); + curl_msnprintf(dest, 20, ",%d,%d", (int)(port >> 8), (int)(port & 0xff)); result = Curl_pp_sendf(data, &ftpc->pp, "%s %s", mode[fcmd], target); if(result) { @@ -1422,12 +1422,12 @@ static CURLcode ftp_state_list(struct Curl_easy *data, } } - cmd = aprintf("%s%s%.*s", - data->set.str[STRING_CUSTOMREQUEST] ? - data->set.str[STRING_CUSTOMREQUEST] : - (data->state.list_only ? "NLST" : "LIST"), - lstArg ? " " : "", - lstArglen, lstArg ? lstArg : ""); + cmd = curl_maprintf("%s%s%.*s", + data->set.str[STRING_CUSTOMREQUEST] ? + data->set.str[STRING_CUSTOMREQUEST] : + (data->state.list_only ? "NLST" : "LIST"), + lstArg ? " " : "", + lstArglen, lstArg ? lstArg : ""); if(!cmd) return CURLE_OUT_OF_MEMORY; @@ -1887,7 +1887,7 @@ static CURLcode ftp_state_pasv_resp(struct Curl_easy *data, ftpc->newhost = control_address_dup(data, conn); } else - ftpc->newhost = aprintf("%u.%u.%u.%u", ip[0], ip[1], ip[2], ip[3]); + ftpc->newhost = curl_maprintf("%u.%u.%u.%u", ip[0], ip[1], ip[2], ip[3]); if(!ftpc->newhost) return CURLE_OUT_OF_MEMORY; @@ -2093,9 +2093,9 @@ static CURLcode ftp_state_mdtm_resp(struct Curl_easy *data, if(ftp_213_date(resp, &year, &month, &day, &hour, &minute, &second)) { /* we have a time, reformat it */ char timebuf[24]; - msnprintf(timebuf, sizeof(timebuf), - "%04d%02d%02d %02d:%02d:%02d GMT", - year, month, day, hour, minute, second); + curl_msnprintf(timebuf, sizeof(timebuf), + "%04d%02d%02d %02d:%02d:%02d GMT", + year, month, day, hour, minute, second); /* now, convert this into a time() value: */ if(!Curl_getdate_capped(timebuf, &data->info.filetime)) showtime = TRUE; @@ -2128,15 +2128,16 @@ static CURLcode ftp_state_mdtm_resp(struct Curl_easy *data, /* format: "Tue, 15 Nov 1994 12:45:26" */ headerbuflen = - msnprintf(headerbuf, sizeof(headerbuf), - "Last-Modified: %s, %02d %s %4d %02d:%02d:%02d GMT\r\n", - Curl_wkday[tm->tm_wday ? tm->tm_wday-1 : 6], - tm->tm_mday, - Curl_month[tm->tm_mon], - tm->tm_year + 1900, - tm->tm_hour, - tm->tm_min, - tm->tm_sec); + curl_msnprintf(headerbuf, sizeof(headerbuf), + "Last-Modified: %s, %02d %s %4d %02d:%02d:%02d " + "GMT\r\n", + Curl_wkday[tm->tm_wday ? tm->tm_wday-1 : 6], + tm->tm_mday, + Curl_month[tm->tm_mon], + tm->tm_year + 1900, + tm->tm_hour, + tm->tm_min, + tm->tm_sec); result = client_write_header(data, headerbuf, headerbuflen); if(result) return result; @@ -2349,8 +2350,9 @@ static CURLcode ftp_state_size_resp(struct Curl_easy *data, #ifdef CURL_FTP_HTTPSTYLE_HEAD if(filesize != -1) { char clbuf[128]; - int clbuflen = msnprintf(clbuf, sizeof(clbuf), - "Content-Length: %" FMT_OFF_T "\r\n", filesize); + int clbuflen = curl_msnprintf(clbuf, sizeof(clbuf), + "Content-Length: %" FMT_OFF_T "\r\n", + filesize); result = client_write_header(data, clbuf, clbuflen); if(result) return result; @@ -3937,7 +3939,7 @@ static CURLcode wc_statemach(struct Curl_easy *data, struct Curl_llist_node *head = Curl_llist_head(&wildcard->filelist); struct curl_fileinfo *finfo = Curl_node_elem(head); - char *tmp_path = aprintf("%s%s", wildcard->path, finfo->filename); + char *tmp_path = curl_maprintf("%s%s", wildcard->path, finfo->filename); if(!tmp_path) return CURLE_OUT_OF_MEMORY; diff --git a/lib/ftplistparser.c b/lib/ftplistparser.c index 360f7ae4fc..de573d3c57 100644 --- a/lib/ftplistparser.c +++ b/lib/ftplistparser.c @@ -52,8 +52,7 @@ #include "multiif.h" #include "curlx/strparse.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/gopher.c b/lib/gopher.c index 93db85e9d0..6ff47d58c7 100644 --- a/lib/gopher.c +++ b/lib/gopher.c @@ -40,9 +40,9 @@ #include "url.h" #include "escape.h" #include "curlx/warnless.h" -#include "curl_printf.h" + +/* The last 2 #include files should be: */ #include "curl_memory.h" -/* The last #include file should be: */ #include "memdebug.h" /* @@ -153,7 +153,7 @@ static CURLcode gopher_do(struct Curl_easy *data, bool *done) DEBUGASSERT(path); if(query) - gopherpath = aprintf("%s?%s", path, query); + gopherpath = curl_maprintf("%s?%s", path, query); else gopherpath = strdup(path); diff --git a/lib/hash.c b/lib/hash.c index 89f47ed71e..8312fbf050 100644 --- a/lib/hash.c +++ b/lib/hash.c @@ -51,16 +51,16 @@ void Curl_hash_print(struct Curl_hash *h, if(!h) return; - fprintf(stderr, "=Hash dump=\n"); + curl_mfprintf(stderr, "=Hash dump=\n"); Curl_hash_start_iterate(h, &iter); he = Curl_hash_next_element(&iter); while(he) { if(iter.slot_index != last_index) { - fprintf(stderr, "index %d:", (int)iter.slot_index); + curl_mfprintf(stderr, "index %d:", (int)iter.slot_index); if(last_index != UINT_MAX) { - fprintf(stderr, "\n"); + curl_mfprintf(stderr, "\n"); } last_index = iter.slot_index; } @@ -68,13 +68,13 @@ void Curl_hash_print(struct Curl_hash *h, if(func) func(he->ptr); else - fprintf(stderr, " [key=%.*s, he=%p, ptr=%p]", - (int)he->key_len, (char *)he->key, - (void *)he, (void *)he->ptr); + curl_mfprintf(stderr, " [key=%.*s, he=%p, ptr=%p]", + (int)he->key_len, (char *)he->key, + (void *)he, (void *)he->ptr); he = Curl_hash_next_element(&iter); } - fprintf(stderr, "\n"); + curl_mfprintf(stderr, "\n"); } #endif diff --git a/lib/headers.c b/lib/headers.c index 426d0e57b7..5a57257113 100644 --- a/lib/headers.c +++ b/lib/headers.c @@ -30,8 +30,7 @@ #include "headers.h" #include "curlx/strparse.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/hostip.c b/lib/hostip.c index da260d7130..ceea189732 100644 --- a/lib/hostip.c +++ b/lib/hostip.c @@ -64,8 +64,7 @@ #include "easy_lock.h" #include "curlx/strparse.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -176,7 +175,7 @@ create_dnscache_id(const char *name, len = buflen - 7; /* store and lower case the name */ Curl_strntolower(ptr, name, len); - return msnprintf(&ptr[len], 7, ":%u", port) + len; + return curl_msnprintf(&ptr[len], 7, ":%u", port) + len; } struct dnscache_prune_data { diff --git a/lib/hostip4.c b/lib/hostip4.c index 2c356f3464..e1ed007aaf 100644 --- a/lib/hostip4.c +++ b/lib/hostip4.c @@ -49,8 +49,8 @@ #include "hash.h" #include "share.h" #include "url.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" + +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -125,7 +125,7 @@ struct Curl_addrinfo *Curl_ipv4_resolve_r(const char *hostname, hints.ai_family = PF_INET; hints.ai_socktype = SOCK_STREAM; if(port) { - msnprintf(sbuf, sizeof(sbuf), "%d", port); + curl_msnprintf(sbuf, sizeof(sbuf), "%d", port); sbufptr = sbuf; } diff --git a/lib/hostip6.c b/lib/hostip6.c index 4c05f0247e..9419b9e4d5 100644 --- a/lib/hostip6.c +++ b/lib/hostip6.c @@ -52,8 +52,8 @@ #include "url.h" #include "curlx/inet_pton.h" #include "connect.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" + +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -62,13 +62,14 @@ #ifdef DEBUG_ADDRINFO static void dump_addrinfo(const struct Curl_addrinfo *ai) { - printf("dump_addrinfo:\n"); + curl_mprintf("dump_addrinfo:\n"); for(; ai; ai = ai->ai_next) { char buf[INET6_ADDRSTRLEN]; - printf(" fam %2d, CNAME %s, ", - ai->ai_family, ai->ai_canonname ? ai->ai_canonname : ""); + curl_mprintf(" fam %2d, CNAME %s, ", + ai->ai_family, + ai->ai_canonname ? ai->ai_canonname : ""); Curl_printable_address(ai, buf, sizeof(buf)); - printf("%s\n", buf); + curl_mprintf("%s\n", buf); } } #else @@ -122,7 +123,7 @@ struct Curl_addrinfo *Curl_sync_getaddrinfo(struct Curl_easy *data, #endif if(port) { - msnprintf(sbuf, sizeof(sbuf), "%d", port); + curl_msnprintf(sbuf, sizeof(sbuf), "%d", port); sbufptr = sbuf; } diff --git a/lib/hsts.c b/lib/hsts.c index b84a470f90..28989764b9 100644 --- a/lib/hsts.c +++ b/lib/hsts.c @@ -41,8 +41,7 @@ #include "strdup.h" #include "curlx/strparse.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -308,9 +307,9 @@ static CURLcode hsts_push(struct Curl_easy *data, if(result) return result; - msnprintf(e.expire, sizeof(e.expire), "%d%02d%02d %02d:%02d:%02d", - stamp.tm_year + 1900, stamp.tm_mon + 1, stamp.tm_mday, - stamp.tm_hour, stamp.tm_min, stamp.tm_sec); + curl_msnprintf(e.expire, sizeof(e.expire), "%d%02d%02d %02d:%02d:%02d", + stamp.tm_year + 1900, stamp.tm_mon + 1, stamp.tm_mday, + stamp.tm_hour, stamp.tm_min, stamp.tm_sec); } else strcpy(e.expire, UNLIMITED); @@ -331,14 +330,14 @@ static CURLcode hsts_out(struct stsentry *sts, FILE *fp) CURLcode result = Curl_gmtime((time_t)sts->expires, &stamp); if(result) return result; - fprintf(fp, "%s%s \"%d%02d%02d %02d:%02d:%02d\"\n", - sts->includeSubDomains ? ".": "", sts->host, - stamp.tm_year + 1900, stamp.tm_mon + 1, stamp.tm_mday, - stamp.tm_hour, stamp.tm_min, stamp.tm_sec); + curl_mfprintf(fp, "%s%s \"%d%02d%02d %02d:%02d:%02d\"\n", + sts->includeSubDomains ? ".": "", sts->host, + stamp.tm_year + 1900, stamp.tm_mon + 1, stamp.tm_mday, + stamp.tm_hour, stamp.tm_min, stamp.tm_sec); } else - fprintf(fp, "%s%s \"%s\"\n", - sts->includeSubDomains ? ".": "", sts->host, UNLIMITED); + curl_mfprintf(fp, "%s%s \"%s\"\n", + sts->includeSubDomains ? ".": "", sts->host, UNLIMITED); return CURLE_OK; } diff --git a/lib/http.c b/lib/http.c index 3479bb4ec9..aea19d5167 100644 --- a/lib/http.c +++ b/lib/http.c @@ -87,8 +87,7 @@ #include "curl_ctype.h" #include "curlx/strparse.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -337,7 +336,7 @@ static CURLcode http_output_basic(struct Curl_easy *data, bool proxy) pwd = data->state.aptr.passwd; } - out = aprintf("%s:%s", user ? user : "", pwd ? pwd : ""); + out = curl_maprintf("%s:%s", user ? user : "", pwd ? pwd : ""); if(!out) return CURLE_OUT_OF_MEMORY; @@ -351,9 +350,9 @@ static CURLcode http_output_basic(struct Curl_easy *data, bool proxy) } free(*userp); - *userp = aprintf("%sAuthorization: Basic %s\r\n", - proxy ? "Proxy-" : "", - authorization); + *userp = curl_maprintf("%sAuthorization: Basic %s\r\n", + proxy ? "Proxy-" : "", + authorization); free(authorization); if(!*userp) { result = CURLE_OUT_OF_MEMORY; @@ -381,8 +380,8 @@ static CURLcode http_output_bearer(struct Curl_easy *data) userp = &data->state.aptr.userpwd; free(*userp); - *userp = aprintf("Authorization: Bearer %s\r\n", - data->set.str[STRING_BEARER]); + *userp = curl_maprintf("Authorization: Bearer %s\r\n", + data->set.str[STRING_BEARER]); if(!*userp) { result = CURLE_OUT_OF_MEMORY; @@ -1795,16 +1794,16 @@ CURLcode Curl_add_timecondition(struct Curl_easy *data, */ /* format: "Tue, 15 Nov 1994 12:45:26 GMT" */ - msnprintf(datestr, sizeof(datestr), - "%s: %s, %02d %s %4d %02d:%02d:%02d GMT\r\n", - condp, - Curl_wkday[tm->tm_wday ? tm->tm_wday-1 : 6], - tm->tm_mday, - Curl_month[tm->tm_mon], - tm->tm_year + 1900, - tm->tm_hour, - tm->tm_min, - tm->tm_sec); + curl_msnprintf(datestr, sizeof(datestr), + "%s: %s, %02d %s %4d %02d:%02d:%02d GMT\r\n", + condp, + Curl_wkday[tm->tm_wday ? tm->tm_wday-1 : 6], + tm->tm_mday, + Curl_month[tm->tm_mon], + tm->tm_year + 1900, + tm->tm_hour, + tm->tm_min, + tm->tm_sec); result = curlx_dyn_add(req, datestr); return result; @@ -1936,7 +1935,7 @@ static CURLcode http_set_aptr_host(struct Curl_easy *data) #endif if(!curl_strequal("Host:", ptr)) { - aptr->host = aprintf("Host:%s\r\n", &ptr[5]); + aptr->host = curl_maprintf("Host:%s\r\n", &ptr[5]); if(!aptr->host) return CURLE_OUT_OF_MEMORY; } @@ -1952,13 +1951,14 @@ static CURLcode http_set_aptr_host(struct Curl_easy *data) (conn->remote_port == PORT_HTTP)) ) /* if(HTTPS on port 443) OR (HTTP on port 80) then do not include the port number in the host string */ - aptr->host = aprintf("Host: %s%s%s\r\n", conn->bits.ipv6_ip ? "[" : "", - host, conn->bits.ipv6_ip ? "]" : ""); + aptr->host = curl_maprintf("Host: %s%s%s\r\n", + conn->bits.ipv6_ip ? "[" : "", + host, conn->bits.ipv6_ip ? "]" : ""); else - aptr->host = aprintf("Host: %s%s%s:%d\r\n", - conn->bits.ipv6_ip ? "[" : "", - host, conn->bits.ipv6_ip ? "]" : "", - conn->remote_port); + aptr->host = curl_maprintf("Host: %s%s%s:%d\r\n", + conn->bits.ipv6_ip ? "[" : "", + host, conn->bits.ipv6_ip ? "]" : "", + conn->remote_port); if(!aptr->host) /* without Host: we cannot make a nice request */ @@ -2494,8 +2494,8 @@ static CURLcode http_range(struct Curl_easy *data, !Curl_checkheaders(data, STRCONST("Range"))) { /* if a line like this was already allocated, free the previous one */ free(data->state.aptr.rangeline); - data->state.aptr.rangeline = aprintf("Range: bytes=%s\r\n", - data->state.range); + data->state.aptr.rangeline = curl_maprintf("Range: bytes=%s\r\n", + data->state.range); } else if((httpreq == HTTPREQ_POST || httpreq == HTTPREQ_PUT) && !Curl_checkheaders(data, STRCONST("Content-Range"))) { @@ -2508,8 +2508,8 @@ static CURLcode http_range(struct Curl_easy *data, remote part so we tell the server (and act accordingly) that we upload the whole file (again) */ data->state.aptr.rangeline = - aprintf("Content-Range: bytes 0-%" FMT_OFF_T "/%" FMT_OFF_T "\r\n", - req_clen - 1, req_clen); + curl_maprintf("Content-Range: bytes 0-%" FMT_OFF_T "/" + "%" FMT_OFF_T "\r\n", req_clen - 1, req_clen); } else if(data->state.resume_from) { @@ -2521,15 +2521,16 @@ static CURLcode http_range(struct Curl_easy *data, data->state.infilesize : (data->state.resume_from + req_clen); data->state.aptr.rangeline = - aprintf("Content-Range: bytes %s%" FMT_OFF_T "/%" FMT_OFF_T "\r\n", - data->state.range, total_len-1, total_len); + curl_maprintf("Content-Range: bytes %s%" FMT_OFF_T "/" + "%" FMT_OFF_T "\r\n", + data->state.range, total_len-1, total_len); } else { /* Range was selected and then we just pass the incoming range and append total size */ data->state.aptr.rangeline = - aprintf("Content-Range: bytes %s/%" FMT_OFF_T "\r\n", - data->state.range, req_clen); + curl_maprintf("Content-Range: bytes %s/%" FMT_OFF_T "\r\n", + data->state.range, req_clen); } if(!data->state.aptr.rangeline) return CURLE_OUT_OF_MEMORY; @@ -2931,7 +2932,7 @@ CURLcode Curl_http(struct Curl_easy *data, bool *done) /* setup the authentication headers, how that method and host are known */ char *pq = NULL; if(data->state.up.query) { - pq = aprintf("%s?%s", data->state.up.path, data->state.up.query); + pq = curl_maprintf("%s?%s", data->state.up.path, data->state.up.query); if(!pq) return CURLE_OUT_OF_MEMORY; } diff --git a/lib/http1.c b/lib/http1.c index 537e6db2ff..098dd7cd64 100644 --- a/lib/http1.c +++ b/lib/http1.c @@ -32,8 +32,7 @@ #include "http1.h" #include "urlapi-int.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/http2.c b/lib/http2.c index c526bf0fa4..c33c633cf6 100644 --- a/lib/http2.c +++ b/lib/http2.c @@ -47,8 +47,8 @@ #include "transfer.h" #include "curlx/dynbuf.h" #include "headers.h" + /* The last 3 #include files should be in this order */ -#include "curl_printf.h" #include "curl_memory.h" #include "memdebug.h" @@ -734,7 +734,7 @@ static CURLcode http2_send_ping(struct Curl_cfilter *cf, void Curl_http2_ver(char *p, size_t len) { nghttp2_info *h2 = nghttp2_version(0); - (void)msnprintf(p, len, "nghttp2/%s", h2->version_str); + (void)curl_msnprintf(p, len, "nghttp2/%s", h2->version_str); } static CURLcode nw_out_flush(struct Curl_cfilter *cf, @@ -1214,48 +1214,48 @@ static int fr_print(const nghttp2_frame *frame, char *buffer, size_t blen) { switch(frame->hd.type) { case NGHTTP2_DATA: { - return msnprintf(buffer, blen, - "FRAME[DATA, len=%d, eos=%d, padlen=%d]", - (int)frame->hd.length, - !!(frame->hd.flags & NGHTTP2_FLAG_END_STREAM), - (int)frame->data.padlen); + return curl_msnprintf(buffer, blen, + "FRAME[DATA, len=%d, eos=%d, padlen=%d]", + (int)frame->hd.length, + !!(frame->hd.flags & NGHTTP2_FLAG_END_STREAM), + (int)frame->data.padlen); } case NGHTTP2_HEADERS: { - return msnprintf(buffer, blen, - "FRAME[HEADERS, len=%d, hend=%d, eos=%d]", - (int)frame->hd.length, - !!(frame->hd.flags & NGHTTP2_FLAG_END_HEADERS), - !!(frame->hd.flags & NGHTTP2_FLAG_END_STREAM)); + return curl_msnprintf(buffer, blen, + "FRAME[HEADERS, len=%d, hend=%d, eos=%d]", + (int)frame->hd.length, + !!(frame->hd.flags & NGHTTP2_FLAG_END_HEADERS), + !!(frame->hd.flags & NGHTTP2_FLAG_END_STREAM)); } case NGHTTP2_PRIORITY: { - return msnprintf(buffer, blen, - "FRAME[PRIORITY, len=%d, flags=%d]", - (int)frame->hd.length, frame->hd.flags); + return curl_msnprintf(buffer, blen, + "FRAME[PRIORITY, len=%d, flags=%d]", + (int)frame->hd.length, frame->hd.flags); } case NGHTTP2_RST_STREAM: { - return msnprintf(buffer, blen, - "FRAME[RST_STREAM, len=%d, flags=%d, error=%u]", - (int)frame->hd.length, frame->hd.flags, - frame->rst_stream.error_code); + return curl_msnprintf(buffer, blen, + "FRAME[RST_STREAM, len=%d, flags=%d, error=%u]", + (int)frame->hd.length, frame->hd.flags, + frame->rst_stream.error_code); } case NGHTTP2_SETTINGS: { if(frame->hd.flags & NGHTTP2_FLAG_ACK) { - return msnprintf(buffer, blen, "FRAME[SETTINGS, ack=1]"); + return curl_msnprintf(buffer, blen, "FRAME[SETTINGS, ack=1]"); } - return msnprintf(buffer, blen, - "FRAME[SETTINGS, len=%d]", (int)frame->hd.length); + return curl_msnprintf(buffer, blen, + "FRAME[SETTINGS, len=%d]", (int)frame->hd.length); } case NGHTTP2_PUSH_PROMISE: { - return msnprintf(buffer, blen, - "FRAME[PUSH_PROMISE, len=%d, hend=%d]", - (int)frame->hd.length, - !!(frame->hd.flags & NGHTTP2_FLAG_END_HEADERS)); + return curl_msnprintf(buffer, blen, + "FRAME[PUSH_PROMISE, len=%d, hend=%d]", + (int)frame->hd.length, + !!(frame->hd.flags & NGHTTP2_FLAG_END_HEADERS)); } case NGHTTP2_PING: { - return msnprintf(buffer, blen, - "FRAME[PING, len=%d, ack=%d]", - (int)frame->hd.length, - frame->hd.flags&NGHTTP2_FLAG_ACK); + return curl_msnprintf(buffer, blen, + "FRAME[PING, len=%d, ack=%d]", + (int)frame->hd.length, + frame->hd.flags&NGHTTP2_FLAG_ACK); } case NGHTTP2_GOAWAY: { char scratch[128]; @@ -1265,19 +1265,20 @@ static int fr_print(const nghttp2_frame *frame, char *buffer, size_t blen) if(len) memcpy(scratch, frame->goaway.opaque_data, len); scratch[len] = '\0'; - return msnprintf(buffer, blen, "FRAME[GOAWAY, error=%d, reason='%s', " - "last_stream=%d]", frame->goaway.error_code, - scratch, frame->goaway.last_stream_id); + return curl_msnprintf(buffer, blen, + "FRAME[GOAWAY, error=%d, reason='%s', " + "last_stream=%d]", frame->goaway.error_code, + scratch, frame->goaway.last_stream_id); } case NGHTTP2_WINDOW_UPDATE: { - return msnprintf(buffer, blen, - "FRAME[WINDOW_UPDATE, incr=%d]", - frame->window_update.window_size_increment); + return curl_msnprintf(buffer, blen, + "FRAME[WINDOW_UPDATE, incr=%d]", + frame->window_update.window_size_increment); } default: - return msnprintf(buffer, blen, "FRAME[%d, len=%d, flags=%d]", - frame->hd.type, (int)frame->hd.length, - frame->hd.flags); + return curl_msnprintf(buffer, blen, "FRAME[%d, len=%d, flags=%d]", + frame->hd.type, (int)frame->hd.length, + frame->hd.flags); } } @@ -1592,8 +1593,8 @@ static int on_header(nghttp2_session *session, const nghttp2_frame *frame, if(!strcmp(HTTP_PSEUDO_AUTHORITY, (const char *)name)) { /* pseudo headers are lower case */ int rc = 0; - char *check = aprintf("%s:%d", cf->conn->host.name, - cf->conn->remote_port); + char *check = curl_maprintf("%s:%d", cf->conn->host.name, + cf->conn->remote_port); if(!check) /* no memory */ return NGHTTP2_ERR_CALLBACK_FAILURE; @@ -1640,7 +1641,7 @@ static int on_header(nghttp2_session *session, const nghttp2_frame *frame, } stream->push_headers = headp; } - h = aprintf("%s:%s", name, value); + h = curl_maprintf("%s:%s", name, value); if(h) stream->push_headers[stream->push_headers_used++] = h; return 0; @@ -1671,8 +1672,8 @@ static int on_header(nghttp2_session *session, const nghttp2_frame *frame, cf_h2_header_error(cf, data_s, stream, result); return NGHTTP2_ERR_CALLBACK_FAILURE; } - msnprintf(buffer, sizeof(buffer), HTTP_PSEUDO_STATUS ":%u\r", - stream->status_code); + curl_msnprintf(buffer, sizeof(buffer), HTTP_PSEUDO_STATUS ":%u\r", + stream->status_code); result = Curl_headers_push(data_s, buffer, CURLH_PSEUDO); if(result) { cf_h2_header_error(cf, data_s, stream, result); diff --git a/lib/http_aws_sigv4.c b/lib/http_aws_sigv4.c index c62db499ca..f592f3844f 100644 --- a/lib/http_aws_sigv4.c +++ b/lib/http_aws_sigv4.c @@ -39,8 +39,7 @@ #include -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -245,14 +244,14 @@ static CURLcode make_headers(struct Curl_easy *data, struct curl_slist *l; bool again = TRUE; - msnprintf(date_hdr_key, DATE_HDR_KEY_LEN, "X-%.*s-Date", - (int)plen, provider1); + curl_msnprintf(date_hdr_key, DATE_HDR_KEY_LEN, "X-%.*s-Date", + (int)plen, provider1); /* provider1 ucfirst */ Curl_strntolower(&date_hdr_key[2], provider1, plen); date_hdr_key[2] = Curl_raw_toupper(provider1[0]); - msnprintf(date_full_hdr, DATE_FULL_HDR_LEN, - "x-%.*s-date:%s", (int)plen, provider1, timestamp); + curl_msnprintf(date_full_hdr, DATE_FULL_HDR_LEN, + "x-%.*s-date:%s", (int)plen, provider1, timestamp); /* provider1 lowercase */ Curl_strntolower(&date_full_hdr[2], provider1, plen); @@ -265,7 +264,7 @@ static CURLcode make_headers(struct Curl_easy *data, fullhost = Curl_memdup0(data->state.aptr.host, pos); } else - fullhost = aprintf("host:%s", hostname); + fullhost = curl_maprintf("host:%s", hostname); if(fullhost) head = Curl_slist_append_nodup(NULL, fullhost); @@ -329,7 +328,7 @@ static CURLcode make_headers(struct Curl_easy *data, if(!tmp_head) goto fail; head = tmp_head; - *date_header = aprintf("%s: %s\r\n", date_hdr_key, timestamp); + *date_header = curl_maprintf("%s: %s\r\n", date_hdr_key, timestamp); } else { const char *value; @@ -417,8 +416,8 @@ static const char *parse_content_sha_hdr(struct Curl_easy *data, const char *value; size_t len; - key_len = msnprintf(key, sizeof(key), "x-%.*s-content-sha256", - (int)plen, provider1); + key_len = curl_msnprintf(key, sizeof(key), "x-%.*s-content-sha256", + (int)plen, provider1); value = Curl_checkheaders(data, key, key_len); if(!value) @@ -490,8 +489,8 @@ static CURLcode calc_s3_payload_hash(struct Curl_easy *data, } /* format the required content-sha256 header */ - msnprintf(header, CONTENT_SHA256_HDR_LEN, - "x-%.*s-content-sha256: %s", (int)plen, provider1, sha_hex); + curl_msnprintf(header, CONTENT_SHA256_HDR_LEN, + "x-%.*s-content-sha256: %s", (int)plen, provider1, sha_hex); ret = CURLE_OK; fail: @@ -850,38 +849,41 @@ CURLcode Curl_output_aws_sigv4(struct Curl_easy *data) result = CURLE_OUT_OF_MEMORY; canonical_request = - aprintf("%s\n" /* HTTPRequestMethod */ - "%s\n" /* CanonicalURI */ - "%s\n" /* CanonicalQueryString */ - "%s\n" /* CanonicalHeaders */ - "%s\n" /* SignedHeaders */ - "%.*s", /* HashedRequestPayload in hex */ - method, - curlx_dyn_ptr(&canonical_path), - curlx_dyn_ptr(&canonical_query) ? - curlx_dyn_ptr(&canonical_query) : "", - curlx_dyn_ptr(&canonical_headers), - curlx_dyn_ptr(&signed_headers), - (int)payload_hash_len, payload_hash); + curl_maprintf("%s\n" /* HTTPRequestMethod */ + "%s\n" /* CanonicalURI */ + "%s\n" /* CanonicalQueryString */ + "%s\n" /* CanonicalHeaders */ + "%s\n" /* SignedHeaders */ + "%.*s", /* HashedRequestPayload in hex */ + method, + curlx_dyn_ptr(&canonical_path), + curlx_dyn_ptr(&canonical_query) ? + curlx_dyn_ptr(&canonical_query) : "", + curlx_dyn_ptr(&canonical_headers), + curlx_dyn_ptr(&signed_headers), + (int)payload_hash_len, payload_hash); if(!canonical_request) goto fail; infof(data, "aws_sigv4: Canonical request (enclosed in []) - [%s]", canonical_request); - request_type = aprintf("%.*s4_request", - (int)curlx_strlen(&provider0), curlx_str(&provider0)); + request_type = curl_maprintf("%.*s4_request", + (int)curlx_strlen(&provider0), + curlx_str(&provider0)); if(!request_type) goto fail; - /* provider0 is lowercased *after* aprintf() so that the buffer can be - written to */ + /* provider0 is lowercased *after* curl_maprintf() so that the buffer + can be written to */ Curl_strntolower(request_type, request_type, curlx_strlen(&provider0)); - credential_scope = aprintf("%s/%.*s/%.*s/%s", date, - (int)curlx_strlen(®ion), curlx_str(®ion), - (int)curlx_strlen(&service), curlx_str(&service), - request_type); + credential_scope = curl_maprintf("%s/%.*s/%.*s/%s", date, + (int)curlx_strlen(®ion), + curlx_str(®ion), + (int)curlx_strlen(&service), + curlx_str(&service), + request_type); if(!credential_scope) goto fail; @@ -895,14 +897,15 @@ CURLcode Curl_output_aws_sigv4(struct Curl_easy *data) * Google allows using RSA key instead of HMAC, so this code might change * in the future. For now we only support HMAC. */ - str_to_sign = aprintf("%.*s4-HMAC-SHA256\n" /* Algorithm */ - "%s\n" /* RequestDateTime */ - "%s\n" /* CredentialScope */ - "%s", /* HashedCanonicalRequest in hex */ - (int)curlx_strlen(&provider0), curlx_str(&provider0), - timestamp, - credential_scope, - sha_hex); + str_to_sign = curl_maprintf("%.*s4-HMAC-SHA256\n" /* Algorithm */ + "%s\n" /* RequestDateTime */ + "%s\n" /* CredentialScope */ + "%s", /* HashedCanonicalRequest in hex */ + (int)curlx_strlen(&provider0), + curlx_str(&provider0), + timestamp, + credential_scope, + sha_hex); if(!str_to_sign) goto fail; @@ -913,9 +916,9 @@ CURLcode Curl_output_aws_sigv4(struct Curl_easy *data) infof(data, "aws_sigv4: String to sign (enclosed in []) - [%s]", str_to_sign); - secret = aprintf("%.*s4%s", (int)curlx_strlen(&provider0), - curlx_str(&provider0), data->state.aptr.passwd ? - data->state.aptr.passwd : ""); + secret = curl_maprintf("%.*s4%s", (int)curlx_strlen(&provider0), + curlx_str(&provider0), data->state.aptr.passwd ? + data->state.aptr.passwd : ""); if(!secret) goto fail; /* make provider0 part done uppercase */ @@ -933,24 +936,25 @@ CURLcode Curl_output_aws_sigv4(struct Curl_easy *data) infof(data, "aws_sigv4: Signature - %s", sha_hex); - auth_headers = aprintf("Authorization: %.*s4-HMAC-SHA256 " - "Credential=%s/%s, " - "SignedHeaders=%s, " - "Signature=%s\r\n" - /* - * date_header is added here, only if it was not - * user-specified (using CURLOPT_HTTPHEADER). - * date_header includes \r\n - */ - "%s" - "%s", /* optional sha256 header includes \r\n */ - (int)curlx_strlen(&provider0), curlx_str(&provider0), - user, - credential_scope, - curlx_dyn_ptr(&signed_headers), - sha_hex, - date_header ? date_header : "", - content_sha256_hdr); + auth_headers = curl_maprintf("Authorization: %.*s4-HMAC-SHA256 " + "Credential=%s/%s, " + "SignedHeaders=%s, " + "Signature=%s\r\n" + /* + * date_header is added here, only if it was not + * user-specified (using CURLOPT_HTTPHEADER). + * date_header includes \r\n + */ + "%s" + "%s", /* optional sha256 header includes \r\n */ + (int)curlx_strlen(&provider0), + curlx_str(&provider0), + user, + credential_scope, + curlx_dyn_ptr(&signed_headers), + sha_hex, + date_header ? date_header : "", + content_sha256_hdr); if(!auth_headers) { goto fail; } diff --git a/lib/http_chunks.c b/lib/http_chunks.c index f735a820c7..005d34e7b9 100644 --- a/lib/http_chunks.c +++ b/lib/http_chunks.c @@ -27,7 +27,6 @@ #ifndef CURL_DISABLE_HTTP #include "urldata.h" /* it includes http_chunks.h */ -#include "curl_printf.h" #include "curl_trc.h" #include "sendf.h" /* for the client write stuff */ #include "curlx/dynbuf.h" @@ -584,7 +583,7 @@ static CURLcode add_chunk(struct Curl_easy *data, int hdlen; size_t n; - hdlen = msnprintf(hd, sizeof(hd), "%zx\r\n", nread); + hdlen = curl_msnprintf(hd, sizeof(hd), "%zx\r\n", nread); if(hdlen <= 0) return CURLE_READ_ERROR; /* On a soft-limited bufq, we do not need to check that all was written */ diff --git a/lib/http_digest.c b/lib/http_digest.c index f4e920706c..097c81fd71 100644 --- a/lib/http_digest.c +++ b/lib/http_digest.c @@ -32,8 +32,7 @@ #include "http_digest.h" #include "curlx/strparse.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -149,11 +148,11 @@ CURLcode Curl_output_digest(struct Curl_easy *data, if(tmp) { size_t urilen = tmp - (const char *)uripath; /* typecast is fine here since the value is always less than 32 bits */ - path = (unsigned char *) aprintf("%.*s", (int)urilen, uripath); + path = (unsigned char *)curl_maprintf("%.*s", (int)urilen, uripath); } } if(!tmp) - path = (unsigned char *) strdup((const char *) uripath); + path = (unsigned char *)strdup((const char *) uripath); if(!path) return CURLE_OUT_OF_MEMORY; @@ -164,9 +163,8 @@ CURLcode Curl_output_digest(struct Curl_easy *data, if(result) return result; - *allocuserpwd = aprintf("%sAuthorization: Digest %s\r\n", - proxy ? "Proxy-" : "", - response); + *allocuserpwd = curl_maprintf("%sAuthorization: Digest %s\r\n", + proxy ? "Proxy-" : "", response); free(response); if(!*allocuserpwd) return CURLE_OUT_OF_MEMORY; diff --git a/lib/http_negotiate.c b/lib/http_negotiate.c index 2c0b7e16d7..8a19c1ad87 100644 --- a/lib/http_negotiate.c +++ b/lib/http_negotiate.c @@ -34,8 +34,7 @@ #include "vtls/vtls.h" #include "curlx/strparse.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -219,8 +218,8 @@ CURLcode Curl_output_negotiate(struct Curl_easy *data, if(result) return result; - userp = aprintf("%sAuthorization: Negotiate %s\r\n", proxy ? "Proxy-" : "", - base64); + userp = curl_maprintf("%sAuthorization: Negotiate %s\r\n", + proxy ? "Proxy-" : "", base64); if(proxy) { #ifndef CURL_DISABLE_PROXY diff --git a/lib/http_ntlm.c b/lib/http_ntlm.c index a172eb848d..fa375b49bf 100644 --- a/lib/http_ntlm.c +++ b/lib/http_ntlm.c @@ -49,8 +49,7 @@ #include "curl_sspi.h" #endif -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -210,9 +209,9 @@ CURLcode Curl_output_ntlm(struct Curl_easy *data, bool proxy) Curl_bufref_len(&ntlmmsg), &base64, &len); if(!result) { free(*allocuserpwd); - *allocuserpwd = aprintf("%sAuthorization: NTLM %s\r\n", - proxy ? "Proxy-" : "", - base64); + *allocuserpwd = curl_maprintf("%sAuthorization: NTLM %s\r\n", + proxy ? "Proxy-" : "", + base64); free(base64); if(!*allocuserpwd) result = CURLE_OUT_OF_MEMORY; @@ -229,9 +228,9 @@ CURLcode Curl_output_ntlm(struct Curl_easy *data, bool proxy) Curl_bufref_len(&ntlmmsg), &base64, &len); if(!result) { free(*allocuserpwd); - *allocuserpwd = aprintf("%sAuthorization: NTLM %s\r\n", - proxy ? "Proxy-" : "", - base64); + *allocuserpwd = curl_maprintf("%sAuthorization: NTLM %s\r\n", + proxy ? "Proxy-" : "", + base64); free(base64); if(!*allocuserpwd) result = CURLE_OUT_OF_MEMORY; diff --git a/lib/http_proxy.c b/lib/http_proxy.c index b756efe711..845ba2e8f8 100644 --- a/lib/http_proxy.c +++ b/lib/http_proxy.c @@ -44,8 +44,7 @@ #include "vauth/vauth.h" #include "curlx/strparse.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -236,8 +235,8 @@ CURLcode Curl_http_proxy_create_CONNECT(struct httpreq **preq, if(result) goto out; - authority = aprintf("%s%s%s:%d", ipv6_ip ? "[" : "", hostname, - ipv6_ip ?"]" : "", port); + authority = curl_maprintf("%s%s%s:%d", ipv6_ip ? "[" : "", hostname, + ipv6_ip ?"]" : "", port); if(!authority) { result = CURLE_OUT_OF_MEMORY; goto out; diff --git a/lib/httpsrr.c b/lib/httpsrr.c index 8aa7f3b26e..ae2c106bce 100644 --- a/lib/httpsrr.c +++ b/lib/httpsrr.c @@ -33,8 +33,7 @@ #include "sendf.h" #include "strdup.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/idn.c b/lib/idn.c index bb6fd2cffc..7e324db6c4 100644 --- a/lib/idn.c +++ b/lib/idn.c @@ -45,8 +45,7 @@ #endif #endif /* USE_LIBIDN2 */ -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/if2ip.c b/lib/if2ip.c index e501921d06..79b0599106 100644 --- a/lib/if2ip.c +++ b/lib/if2ip.c @@ -54,8 +54,8 @@ #include "curlx/inet_ntop.h" #include "if2ip.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" + +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -153,7 +153,7 @@ if2ip_result_t Curl_if2ip(int af, } if(scopeid) - msnprintf(scope, sizeof(scope), "%%%u", scopeid); + curl_msnprintf(scope, sizeof(scope), "%%%u", scopeid); #endif } else @@ -162,7 +162,7 @@ if2ip_result_t Curl_if2ip(int af, &((struct sockaddr_in *)(void *)iface->ifa_addr)->sin_addr; res = IF2IP_FOUND; ip = curlx_inet_ntop(af, addr, ipstr, sizeof(ipstr)); - msnprintf(buf, buf_size, "%s%s", ip, scope); + curl_msnprintf(buf, buf_size, "%s%s", ip, scope); break; } } diff --git a/lib/imap.c b/lib/imap.c index 41aec8ffab..69e4e0c2c6 100644 --- a/lib/imap.c +++ b/lib/imap.c @@ -78,8 +78,7 @@ #include "curlx/warnless.h" #include "curl_ctype.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -1943,9 +1942,9 @@ static CURLcode imap_sendf(struct Curl_easy *data, DEBUGASSERT(fmt); /* Calculate the tag based on the connection ID and command ID */ - msnprintf(imapc->resptag, sizeof(imapc->resptag), "%c%03d", - 'A' + curlx_sltosi((long)(data->conn->connection_id % 26)), - ++imapc->cmdid); + curl_msnprintf(imapc->resptag, sizeof(imapc->resptag), "%c%03d", + 'A' + curlx_sltosi((long)(data->conn->connection_id % 26)), + ++imapc->cmdid); /* start with a blank buffer */ curlx_dyn_reset(&imapc->dyn); diff --git a/lib/ldap.c b/lib/ldap.c index 8a39c1a4be..be65ea2055 100644 --- a/lib/ldap.c +++ b/lib/ldap.c @@ -93,8 +93,8 @@ #include "curlx/multibyte.h" #include "curlx/base64.h" #include "connect.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" + +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -746,7 +746,7 @@ static void ldap_trace_low(const char *fmt, ...) return; va_start(args, fmt); - vfprintf(stderr, fmt, args); + curl_mvfprintf(stderr, fmt, args); va_end(args); } #endif /* DEBUG_LDAP */ diff --git a/lib/md4.c b/lib/md4.c index 241aadf14e..9db85786e1 100644 --- a/lib/md4.c +++ b/lib/md4.c @@ -82,8 +82,7 @@ #include #endif -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/md5.c b/lib/md5.c index e7d42ec1c0..0919240340 100644 --- a/lib/md5.c +++ b/lib/md5.c @@ -77,8 +77,7 @@ #include #endif -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/memdebug.c b/lib/memdebug.c index 0c9d156715..7ded52c1e9 100644 --- a/lib/memdebug.c +++ b/lib/memdebug.c @@ -31,8 +31,7 @@ #include "urldata.h" #include "curlx/fopen.h" /* for CURLX_FOPEN_LOW() */ -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -114,8 +113,8 @@ static bool countcheck(const char *func, int line, const char *source) curl_dbg_log("LIMIT %s:%d %s reached memlimit\n", source, line, func); /* log to stderr also */ - fprintf(stderr, "LIMIT %s:%d %s reached memlimit\n", - source, line, func); + curl_mfprintf(stderr, "LIMIT %s:%d %s reached memlimit\n", + source, line, func); fflush(curl_dbg_logfile); /* because it might crash now */ /* !checksrc! disable ERRNOVAR 1 */ CURL_SETERRNO(ENOMEM); @@ -469,7 +468,7 @@ void curl_dbg_log(const char *format, ...) return; va_start(ap, format); - nchars = mvsnprintf(buf, sizeof(buf), format, ap); + nchars = curl_mvsnprintf(buf, sizeof(buf), format, ap); va_end(ap); if(nchars > (int)sizeof(buf) - 1) diff --git a/lib/mime.c b/lib/mime.c index fe632604ed..b403d29b1f 100644 --- a/lib/mime.c +++ b/lib/mime.c @@ -49,8 +49,8 @@ struct Curl_easy; #include "rand.h" #include "slist.h" #include "curlx/dynbuf.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" + +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -1688,7 +1688,7 @@ CURLcode Curl_mime_add_header(struct curl_slist **slp, const char *fmt, ...) va_list ap; va_start(ap, fmt); - s = vaprintf(fmt, ap); + s = curl_mvaprintf(fmt, ap); va_end(ap); if(s) { diff --git a/lib/mqtt.c b/lib/mqtt.c index 01dd4e0a0d..c76ce0a229 100644 --- a/lib/mqtt.c +++ b/lib/mqtt.c @@ -38,12 +38,11 @@ #include "url.h" #include "escape.h" #include "curlx/warnless.h" -#include "curl_printf.h" -#include "curl_memory.h" #include "multiif.h" #include "rand.h" -/* The last #include file should be: */ +/* The last 2 #includes file should be: */ +#include "curl_memory.h" #include "memdebug.h" /* first byte is command. diff --git a/lib/multi.c b/lib/multi.c index 91d2f56d47..ced03eea9f 100644 --- a/lib/multi.c +++ b/lib/multi.c @@ -54,8 +54,8 @@ #include "socketpair.h" #include "socks.h" #include "urlapi-int.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" + +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -522,8 +522,8 @@ static void debug_print_sock_hash(void *p) { struct Curl_sh_entry *sh = (struct Curl_sh_entry *)p; - fprintf(stderr, " [readers %u][writers %u]", - sh->readers, sh->writers); + curl_mfprintf(stderr, " [readers %u][writers %u]", + sh->readers, sh->writers); } #endif @@ -4004,12 +4004,14 @@ static void multi_xfer_dump(struct Curl_multi *multi, unsigned int mid, (void)multi; if(!data) { - fprintf(stderr, "mid=%u, entry=NULL, bug in xfer table?\n", mid); + curl_mfprintf(stderr, "mid=%u, entry=NULL, bug in xfer table?\n", mid); } else { - fprintf(stderr, "mid=%u, magic=%s, p=%p, id=%" FMT_OFF_T ", url=%s\n", - mid, (data->magic == CURLEASY_MAGIC_NUMBER) ? "GOOD" : "BAD!", - (void *)data, data->id, data->state.url); + curl_mfprintf(stderr, "mid=%u, magic=%s, p=%p, id=%" FMT_OFF_T + ", url=%s\n", + mid, + (data->magic == CURLEASY_MAGIC_NUMBER) ? "GOOD" : "BAD!", + (void *)data, data->id, data->state.url); } } @@ -4017,15 +4019,15 @@ static void multi_xfer_tbl_dump(struct Curl_multi *multi) { unsigned int mid; void *entry; - fprintf(stderr, "=== multi xfer table (count=%u, capacity=%u\n", - Curl_uint_tbl_count(&multi->xfers), - Curl_uint_tbl_capacity(&multi->xfers)); + curl_mfprintf(stderr, "=== multi xfer table (count=%u, capacity=%u\n", + Curl_uint_tbl_count(&multi->xfers), + Curl_uint_tbl_capacity(&multi->xfers)); if(Curl_uint_tbl_first(&multi->xfers, &mid, &entry)) { multi_xfer_dump(multi, mid, entry); while(Curl_uint_tbl_next(&multi->xfers, mid, &mid, &entry)) multi_xfer_dump(multi, mid, entry); } - fprintf(stderr, "===\n"); + curl_mfprintf(stderr, "===\n"); fflush(stderr); } #endif /* DEBUGBUILD */ diff --git a/lib/multi_ev.c b/lib/multi_ev.c index f43423510f..ff755caa6a 100644 --- a/lib/multi_ev.c +++ b/lib/multi_ev.c @@ -40,8 +40,8 @@ #include "curlx/warnless.h" #include "multihandle.h" #include "socks.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" + +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/netrc.c b/lib/netrc.c index a227ffefcd..f06dff8ed5 100644 --- a/lib/netrc.c +++ b/lib/netrc.c @@ -42,8 +42,7 @@ #include "curlx/fopen.h" #include "curlx/strparse.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -437,7 +436,7 @@ NETRCcode Curl_parsenetrc(struct store_netrc *store, const char *host, return NETRC_FILE_MISSING; /* no home directory found (or possibly out of memory) */ - filealloc = aprintf("%s%s.netrc", home, DIR_CHAR); + filealloc = curl_maprintf("%s%s.netrc", home, DIR_CHAR); if(!filealloc) { free(homea); return NETRC_OUT_OF_MEMORY; @@ -448,7 +447,7 @@ NETRCcode Curl_parsenetrc(struct store_netrc *store, const char *host, #ifdef _WIN32 if(retcode == NETRC_FILE_MISSING) { /* fallback to the old-style "_netrc" file */ - filealloc = aprintf("%s%s_netrc", home, DIR_CHAR); + filealloc = curl_maprintf("%s%s_netrc", home, DIR_CHAR); if(!filealloc) { free(homea); return NETRC_OUT_OF_MEMORY; diff --git a/lib/noproxy.c b/lib/noproxy.c index 22b067ad1b..2983fa4a3a 100644 --- a/lib/noproxy.c +++ b/lib/noproxy.c @@ -64,9 +64,10 @@ UNITTEST bool Curl_cidr4_match(const char *ipv4, /* 1.2.3.4 address */ unsigned int haddr = htonl(address); unsigned int hcheck = htonl(check); #if 0 - fprintf(stderr, "Host %s (%x) network %s (%x) bits %u mask %x => %x\n", - ipv4, haddr, network, hcheck, bits, mask, - (haddr ^ hcheck) & mask); + curl_mfprintf(stderr, "Host %s (%x) network %s (%x) " + "bits %u mask %x => %x\n", + ipv4, haddr, network, hcheck, bits, mask, + (haddr ^ hcheck) & mask); #endif if((haddr ^ hcheck) & mask) return FALSE; diff --git a/lib/openldap.c b/lib/openldap.c index 6aa74e028f..72cfdc7039 100644 --- a/lib/openldap.c +++ b/lib/openldap.c @@ -52,8 +52,8 @@ #include "connect.h" #include "curl_sasl.h" #include "strcase.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" + +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -619,12 +619,12 @@ static CURLcode oldap_connect(struct Curl_easy *data, bool *done) if(result) goto out; - hosturl = aprintf("%s://%s%s%s:%d", - conn->handler->scheme, - conn->bits.ipv6_ip ? "[" : "", - conn->host.name, - conn->bits.ipv6_ip ? "]" : "", - conn->remote_port); + hosturl = curl_maprintf("%s://%s%s%s:%d", + conn->handler->scheme, + conn->bits.ipv6_ip ? "[" : "", + conn->host.name, + conn->bits.ipv6_ip ? "]" : "", + conn->remote_port); if(!hosturl) { result = CURLE_OUT_OF_MEMORY; goto out; diff --git a/lib/pingpong.c b/lib/pingpong.c index 195e059ed1..ddd4020894 100644 --- a/lib/pingpong.c +++ b/lib/pingpong.c @@ -39,8 +39,7 @@ #include "vtls/vtls.h" #include "strdup.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/pop3.c b/lib/pop3.c index f5ecfd178b..ce9f81e3d5 100644 --- a/lib/pop3.c +++ b/lib/pop3.c @@ -77,8 +77,8 @@ #include "curl_md5.h" #include "curlx/warnless.h" #include "strdup.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" + +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -600,7 +600,7 @@ static CURLcode pop3_perform_apop(struct Curl_easy *data, /* Convert the calculated 16 octet digest into a 32 byte hex string */ for(i = 0; i < MD5_DIGEST_LEN; i++) - msnprintf(&secret[2 * i], 3, "%02x", digest[i]); + curl_msnprintf(&secret[2 * i], 3, "%02x", digest[i]); result = Curl_pp_sendf(data, &pop3c->pp, "APOP %s %s", conn->user, secret); diff --git a/lib/progress.c b/lib/progress.c index 2fa0fa1228..7b473ef3ae 100644 --- a/lib/progress.c +++ b/lib/progress.c @@ -29,7 +29,6 @@ #include "multiif.h" #include "progress.h" #include "curlx/timeval.h" -#include "curl_printf.h" /* check rate limits within this many recent milliseconds, at minimum. */ #define MIN_RATE_LIMIT_PERIOD 3000 @@ -48,7 +47,8 @@ static void time2str(char *r, curl_off_t seconds) if(h <= 99) { curl_off_t m = (seconds - (h * 3600)) / 60; curl_off_t s = (seconds - (h * 3600)) - (m * 60); - msnprintf(r, 9, "%2" FMT_OFF_T ":%02" FMT_OFF_T ":%02" FMT_OFF_T, h, m, s); + curl_msnprintf(r, 9, "%2" FMT_OFF_T ":%02" FMT_OFF_T ":%02" FMT_OFF_T, + h, m, s); } else { /* this equals to more than 99 hours, switch to a more suitable output @@ -56,9 +56,9 @@ static void time2str(char *r, curl_off_t seconds) curl_off_t d = seconds / 86400; h = (seconds - (d * 86400)) / 3600; if(d <= 999) - msnprintf(r, 9, "%3" FMT_OFF_T "d %02" FMT_OFF_T "h", d, h); + curl_msnprintf(r, 9, "%3" FMT_OFF_T "d %02" FMT_OFF_T "h", d, h); else - msnprintf(r, 9, "%7" FMT_OFF_T "d", d); + curl_msnprintf(r, 9, "%7" FMT_OFF_T "d", d); } } @@ -71,7 +71,7 @@ static char *max6data(curl_off_t bytes, char *max6) const char unit[] = { 'k', 'M', 'G', 'T', 'P', 0 }; int k = 0; if(bytes < 1000000) { - msnprintf(max6, 7, "%5" CURL_FORMAT_CURL_OFF_T, bytes); + curl_msnprintf(max6, 7, "%5" CURL_FORMAT_CURL_OFF_T, bytes); return max6; } @@ -79,14 +79,15 @@ static char *max6data(curl_off_t bytes, char *max6) curl_off_t nbytes = bytes / 1024; if(nbytes < 1000) { /* xxx.yU */ - msnprintf(max6, 7, "%3" CURL_FORMAT_CURL_OFF_T - ".%" CURL_FORMAT_CURL_OFF_T "%c", nbytes, - (bytes%1024) / (1024/10), unit[k]); + curl_msnprintf(max6, 7, "%3" CURL_FORMAT_CURL_OFF_T + ".%" CURL_FORMAT_CURL_OFF_T "%c", nbytes, + (bytes%1024) / (1024/10), unit[k]); break; } else if(nbytes < 100000) { /* xxxxxU */ - msnprintf(max6, 7, "%5" CURL_FORMAT_CURL_OFF_T "%c", nbytes, unit[k]); + curl_msnprintf(max6, 7, "%5" CURL_FORMAT_CURL_OFF_T "%c", + nbytes, unit[k]); break; } bytes = nbytes; @@ -122,7 +123,7 @@ int Curl_pgrsDone(struct Curl_easy *data) if(!data->progress.hide && !data->progress.callback) /* only output if we do not use a progress callback and we are not * hidden */ - fprintf(data->set.err, "\n"); + curl_mfprintf(data->set.err, "\n"); data->progress.speeder_c = 0; /* reset the progress meter display */ return 0; @@ -500,15 +501,15 @@ static void progress_meter(struct Curl_easy *data) if(!p->headers_out) { if(data->state.resume_from) { - fprintf(data->set.err, - "** Resuming transfer from byte position %" FMT_OFF_T "\n", - data->state.resume_from); + curl_mfprintf(data->set.err, + "** Resuming transfer from byte position %" FMT_OFF_T "\n", + data->state.resume_from); } - fprintf(data->set.err, - " %% Total %% Received %% Xferd Average Speed " - "Time Time Time Current\n" - " Dload Upload " - "Total Spent Left Speed\n"); + curl_mfprintf(data->set.err, + " %% Total %% Received %% Xferd Average Speed " + "Time Time Time Current\n" + " Dload Upload " + "Total Spent Left Speed\n"); p->headers_out = TRUE; /* headers are shown */ } @@ -542,23 +543,23 @@ static void progress_meter(struct Curl_easy *data) /* Get the percentage of data transferred so far */ total_estm.percent = pgrs_est_percent(total_expected_size, total_cur_size); - fprintf(data->set.err, - "\r" - "%3" FMT_OFF_T " %s " - "%3" FMT_OFF_T " %s " - "%3" FMT_OFF_T " %s %s %s %s %s %s %s", - total_estm.percent, /* 3 letters */ /* total % */ - max6data(total_expected_size, max6[2]), /* total size */ - dl_estm.percent, /* 3 letters */ /* rcvd % */ - max6data(p->dl.cur_size, max6[0]), /* rcvd size */ - ul_estm.percent, /* 3 letters */ /* xfer % */ - max6data(p->ul.cur_size, max6[1]), /* xfer size */ - max6data(p->dl.speed, max6[3]), /* avrg dl speed */ - max6data(p->ul.speed, max6[4]), /* avrg ul speed */ - time_total, /* 8 letters */ /* total time */ - time_spent, /* 8 letters */ /* time spent */ - time_left, /* 8 letters */ /* time left */ - max6data(p->current_speed, max6[5]) + curl_mfprintf(data->set.err, + "\r" + "%3" FMT_OFF_T " %s " + "%3" FMT_OFF_T " %s " + "%3" FMT_OFF_T " %s %s %s %s %s %s %s", + total_estm.percent, /* 3 letters */ /* total % */ + max6data(total_expected_size, max6[2]), /* total size */ + dl_estm.percent, /* 3 letters */ /* rcvd % */ + max6data(p->dl.cur_size, max6[0]), /* rcvd size */ + ul_estm.percent, /* 3 letters */ /* xfer % */ + max6data(p->ul.cur_size, max6[1]), /* xfer size */ + max6data(p->dl.speed, max6[3]), /* avrg dl speed */ + max6data(p->ul.speed, max6[4]), /* avrg ul speed */ + time_total, /* 8 letters */ /* total time */ + time_spent, /* 8 letters */ /* time spent */ + time_left, /* 8 letters */ /* time left */ + max6data(p->current_speed, max6[5]) ); /* we flush the output stream to make it appear as soon as possible */ diff --git a/lib/psl.c b/lib/psl.c index a488a46e93..832d6d21b9 100644 --- a/lib/psl.c +++ b/lib/psl.c @@ -31,8 +31,7 @@ #include "psl.h" #include "share.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/rand.c b/lib/rand.c index 8b7f07ae40..cbfcbf2740 100644 --- a/lib/rand.c +++ b/lib/rand.c @@ -38,8 +38,7 @@ #include "rand.h" #include "escape.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/rename.c b/lib/rename.c index d3a46e0e6a..4c66ce4ed0 100644 --- a/lib/rename.c +++ b/lib/rename.c @@ -32,8 +32,7 @@ #include "curlx/multibyte.h" #include "curlx/timeval.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/request.c b/lib/request.c index 2d5ad95212..1fa568325b 100644 --- a/lib/request.c +++ b/lib/request.c @@ -36,8 +36,7 @@ #include "url.h" #include "curlx/strparse.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/rtsp.c b/lib/rtsp.c index 1d5f44f91b..3ede0fe62d 100644 --- a/lib/rtsp.c +++ b/lib/rtsp.c @@ -41,8 +41,8 @@ #include "cfilters.h" #include "strdup.h" #include "curlx/strparse.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" + +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -482,8 +482,8 @@ static CURLcode rtsp_do(struct Curl_easy *data, bool *done) if(data->set.str[STRING_RTSP_TRANSPORT]) { free(data->state.aptr.rtsp_transport); data->state.aptr.rtsp_transport = - aprintf("Transport: %s\r\n", - data->set.str[STRING_RTSP_TRANSPORT]); + curl_maprintf("Transport: %s\r\n", + data->set.str[STRING_RTSP_TRANSPORT]); if(!data->state.aptr.rtsp_transport) return CURLE_OUT_OF_MEMORY; } @@ -508,7 +508,8 @@ static CURLcode rtsp_do(struct Curl_easy *data, bool *done) data->set.str[STRING_ENCODING]) { free(data->state.aptr.accept_encoding); data->state.aptr.accept_encoding = - aprintf("Accept-Encoding: %s\r\n", data->set.str[STRING_ENCODING]); + curl_maprintf("Accept-Encoding: %s\r\n", + data->set.str[STRING_ENCODING]); if(!data->state.aptr.accept_encoding) { result = CURLE_OUT_OF_MEMORY; @@ -545,7 +546,8 @@ static CURLcode rtsp_do(struct Curl_easy *data, bool *done) /* Referrer */ Curl_safefree(data->state.aptr.ref); if(data->state.referer && !Curl_checkheaders(data, STRCONST("Referer"))) - data->state.aptr.ref = aprintf("Referer: %s\r\n", data->state.referer); + data->state.aptr.ref = curl_maprintf("Referer: %s\r\n", + data->state.referer); p_referrer = data->state.aptr.ref; @@ -561,7 +563,8 @@ static CURLcode rtsp_do(struct Curl_easy *data, bool *done) /* Check to see if there is a range set in the custom headers */ if(!Curl_checkheaders(data, STRCONST("Range")) && data->state.range) { free(data->state.aptr.rangeline); - data->state.aptr.rangeline = aprintf("Range: %s\r\n", data->state.range); + data->state.aptr.rangeline = curl_maprintf("Range: %s\r\n", + data->state.range); p_range = data->state.aptr.rangeline; } } diff --git a/lib/select.c b/lib/select.c index af78cb836b..7818082e75 100644 --- a/lib/select.c +++ b/lib/select.c @@ -45,8 +45,8 @@ #include "curlx/timediff.h" #include "curlx/wait.h" #include "curlx/warnless.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" + +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/sendf.c b/lib/sendf.c index a262d9036f..c6d8412762 100644 --- a/lib/sendf.c +++ b/lib/sendf.c @@ -56,8 +56,7 @@ #include "curlx/warnless.h" #include "ws.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/setopt.c b/lib/setopt.c index 1c9ee42d41..5558bded0a 100644 --- a/lib/setopt.c +++ b/lib/setopt.c @@ -55,8 +55,7 @@ #include "strdup.h" #include "escape.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/sha256.c b/lib/sha256.c index c5ed8b9c8f..2d0357189a 100644 --- a/lib/sha256.c +++ b/lib/sha256.c @@ -52,8 +52,7 @@ #include #endif -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/share.c b/lib/share.c index d1ab55eb27..711622a170 100644 --- a/lib/share.c +++ b/lib/share.c @@ -34,8 +34,7 @@ #include "hsts.h" #include "url.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/smb.c b/lib/smb.c index bf02119ea1..f7d06eb490 100644 --- a/lib/smb.c +++ b/lib/smb.c @@ -42,8 +42,7 @@ #include "escape.h" #include "curl_endian.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -718,12 +717,12 @@ static CURLcode smb_send_setup(struct Curl_easy *data) p += sizeof(lm); memcpy(p, nt, sizeof(nt)); p += sizeof(nt); - p += msnprintf(p, byte_count - sizeof(nt) - sizeof(lm), - "%s%c" /* user */ - "%s%c" /* domain */ - "%s%c" /* OS */ - "%s", /* client name */ - smbc->user, 0, smbc->domain, 0, CURL_OS, 0, CLIENTNAME); + p += curl_msnprintf(p, byte_count - sizeof(nt) - sizeof(lm), + "%s%c" /* user */ + "%s%c" /* domain */ + "%s%c" /* OS */ + "%s", /* client name */ + smbc->user, 0, smbc->domain, 0, CURL_OS, 0, CLIENTNAME); p++; /* count the final null-termination */ DEBUGASSERT(byte_count == (size_t)(p - msg.bytes)); msg.byte_count = smb_swap16((unsigned short)byte_count); @@ -750,11 +749,11 @@ static CURLcode smb_send_tree_connect(struct Curl_easy *data, msg.andx.command = SMB_COM_NO_ANDX_COMMAND; msg.pw_len = 0; - p += msnprintf(p, byte_count, - "\\\\%s\\" /* hostname */ - "%s%c" /* share */ - "%s", /* service */ - conn->host.name, smbc->share, 0, SERVICENAME); + p += curl_msnprintf(p, byte_count, + "\\\\%s\\" /* hostname */ + "%s%c" /* share */ + "%s", /* service */ + conn->host.name, smbc->share, 0, SERVICENAME); p++; /* count the final null-termination */ DEBUGASSERT(byte_count == (size_t)(p - msg.bytes)); msg.byte_count = smb_swap16((unsigned short)byte_count); diff --git a/lib/smtp.c b/lib/smtp.c index 84ff693a3c..8daf0ad89d 100644 --- a/lib/smtp.c +++ b/lib/smtp.c @@ -81,8 +81,7 @@ #include "idn.h" #include "curlx/strparse.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -712,14 +711,14 @@ static CURLcode smtp_perform_mail(struct Curl_easy *data, (!Curl_is_ASCII_name(host.name))); if(host.name) { - from = aprintf("<%s@%s>%s", address, host.name, suffix); + from = curl_maprintf("<%s@%s>%s", address, host.name, suffix); Curl_free_idnconverted_hostname(&host); } else /* An invalid mailbox was provided but we will simply let the server worry about that and reply with a 501 error */ - from = aprintf("<%s>%s", address, suffix); + from = curl_maprintf("<%s>%s", address, suffix); free(address); } @@ -754,14 +753,14 @@ static CURLcode smtp_perform_mail(struct Curl_easy *data, utf8 = TRUE; if(host.name) { - auth = aprintf("<%s@%s>%s", address, host.name, suffix); + auth = curl_maprintf("<%s@%s>%s", address, host.name, suffix); Curl_free_idnconverted_hostname(&host); } else /* An invalid mailbox was provided but we will simply let the server worry about it */ - auth = aprintf("<%s>%s", address, suffix); + auth = curl_maprintf("<%s>%s", address, suffix); free(address); } else @@ -806,7 +805,7 @@ static CURLcode smtp_perform_mail(struct Curl_easy *data, /* Calculate the optional SIZE parameter */ if(smtpc->size_supported && data->state.infilesize > 0) { - size = aprintf("%" FMT_OFF_T, data->state.infilesize); + size = curl_maprintf("%" FMT_OFF_T, data->state.infilesize); if(!size) { result = CURLE_OUT_OF_MEMORY; diff --git a/lib/socketpair.c b/lib/socketpair.c index d2fd41141b..45e908bbf3 100644 --- a/lib/socketpair.c +++ b/lib/socketpair.c @@ -134,8 +134,7 @@ int Curl_socketpair(int domain, int type, int protocol, #include "curlx/timeval.h" /* needed before select.h */ #include "select.h" /* for Curl_poll */ -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/socks.c b/lib/socks.c index da974ad6d8..ba7b28d04a 100644 --- a/lib/socks.c +++ b/lib/socks.c @@ -45,8 +45,7 @@ #include "curlx/inet_pton.h" #include "url.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/socks_gssapi.c b/lib/socks_gssapi.c index a88b6f7b75..5ad93441a8 100644 --- a/lib/socks_gssapi.c +++ b/lib/socks_gssapi.c @@ -37,8 +37,7 @@ #include "curlx/warnless.h" #include "strdup.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -160,8 +159,8 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, return CURLE_OUT_OF_MEMORY; service.length = serviceptr_length + strlen(conn->socks_proxy.host.name) + 1; - msnprintf(service.value, service.length + 1, "%s@%s", - serviceptr, conn->socks_proxy.host.name); + curl_msnprintf(service.value, service.length + 1, "%s@%s", + serviceptr, conn->socks_proxy.host.name); gss_major_status = gss_import_name(&gss_minor_status, &service, GSS_C_NT_HOSTBASED_SERVICE, &server); diff --git a/lib/socks_sspi.c b/lib/socks_sspi.c index 16e22d1f39..69b0004219 100644 --- a/lib/socks_sspi.c +++ b/lib/socks_sspi.c @@ -38,8 +38,8 @@ #include "curlx/multibyte.h" #include "curlx/warnless.h" #include "strdup.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" + +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -104,7 +104,8 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, if(strchr(service, '/')) service_name = strdup(service); else - service_name = aprintf("%s/%s", service, conn->socks_proxy.host.name); + service_name = curl_maprintf("%s/%s", + service, conn->socks_proxy.host.name); if(!service_name) return CURLE_OUT_OF_MEMORY; diff --git a/lib/telnet.c b/lib/telnet.c index 259a0c8931..1ae15d3704 100644 --- a/lib/telnet.c +++ b/lib/telnet.c @@ -60,8 +60,7 @@ #include "curlx/warnless.h" #include "curlx/strparse.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -814,7 +813,7 @@ static CURLcode check_telnet_options(struct Curl_easy *data, DEBUGF(infof(data, "set a non ASCII username in telnet")); return CURLE_BAD_FUNCTION_ARGUMENT; } - msnprintf(buffer, sizeof(buffer), "USER,%s", data->conn->user); + curl_msnprintf(buffer, sizeof(buffer), "USER,%s", data->conn->user); beg = curl_slist_append(tn->telnet_vars, buffer); if(!beg) { curl_slist_free_all(tn->telnet_vars); @@ -957,9 +956,10 @@ static CURLcode suboption(struct Curl_easy *data, struct TELNET *tn) failf(data, "Tool long telnet TTYPE"); return CURLE_SEND_ERROR; } - len = msnprintf((char *)temp, sizeof(temp), "%c%c%c%c%s%c%c", - CURL_IAC, CURL_SB, CURL_TELOPT_TTYPE, - CURL_TELQUAL_IS, tn->subopt_ttype, CURL_IAC, CURL_SE); + len = curl_msnprintf((char *)temp, sizeof(temp), "%c%c%c%c%s%c%c", + CURL_IAC, CURL_SB, CURL_TELOPT_TTYPE, + CURL_TELQUAL_IS, tn->subopt_ttype, CURL_IAC, + CURL_SE); bytes_written = swrite(conn->sock[FIRSTSOCKET], temp, len); if(bytes_written < 0) { @@ -976,9 +976,10 @@ static CURLcode suboption(struct Curl_easy *data, struct TELNET *tn) failf(data, "Tool long telnet XDISPLOC"); return CURLE_SEND_ERROR; } - len = msnprintf((char *)temp, sizeof(temp), "%c%c%c%c%s%c%c", - CURL_IAC, CURL_SB, CURL_TELOPT_XDISPLOC, - CURL_TELQUAL_IS, tn->subopt_xdisploc, CURL_IAC, CURL_SE); + len = curl_msnprintf((char *)temp, sizeof(temp), "%c%c%c%c%s%c%c", + CURL_IAC, CURL_SB, CURL_TELOPT_XDISPLOC, + CURL_TELQUAL_IS, tn->subopt_xdisploc, CURL_IAC, + CURL_SE); bytes_written = swrite(conn->sock[FIRSTSOCKET], temp, len); if(bytes_written < 0) { err = SOCKERRNO; @@ -987,9 +988,9 @@ static CURLcode suboption(struct Curl_easy *data, struct TELNET *tn) printsub(data, '>', &temp[2], len-2); break; case CURL_TELOPT_NEW_ENVIRON: - len = msnprintf((char *)temp, sizeof(temp), "%c%c%c%c", - CURL_IAC, CURL_SB, CURL_TELOPT_NEW_ENVIRON, - CURL_TELQUAL_IS); + len = curl_msnprintf((char *)temp, sizeof(temp), "%c%c%c%c", + CURL_IAC, CURL_SB, CURL_TELOPT_NEW_ENVIRON, + CURL_TELQUAL_IS); for(v = tn->telnet_vars; v; v = v->next) { size_t tmplen = (strlen(v->data) + 1); if(bad_option(v->data)) @@ -998,18 +999,18 @@ static CURLcode suboption(struct Curl_easy *data, struct TELNET *tn) if(len + tmplen < (int)sizeof(temp)-6) { char *s = strchr(v->data, ','); if(!s) - len += msnprintf((char *)&temp[len], sizeof(temp) - len, - "%c%s", CURL_NEW_ENV_VAR, v->data); + len += curl_msnprintf((char *)&temp[len], sizeof(temp) - len, + "%c%s", CURL_NEW_ENV_VAR, v->data); else { size_t vlen = s - v->data; - len += msnprintf((char *)&temp[len], sizeof(temp) - len, - "%c%.*s%c%s", CURL_NEW_ENV_VAR, - (int)vlen, v->data, CURL_NEW_ENV_VALUE, ++s); + len += curl_msnprintf((char *)&temp[len], sizeof(temp) - len, + "%c%.*s%c%s", CURL_NEW_ENV_VAR, + (int)vlen, v->data, CURL_NEW_ENV_VALUE, ++s); } } } - msnprintf((char *)&temp[len], sizeof(temp) - len, - "%c%c", CURL_IAC, CURL_SE); + curl_msnprintf((char *)&temp[len], sizeof(temp) - len, + "%c%c", CURL_IAC, CURL_SE); len += 2; bytes_written = swrite(conn->sock[FIRSTSOCKET], temp, len); if(bytes_written < 0) { diff --git a/lib/tftp.c b/lib/tftp.c index b6bc5e9bdc..b81fd3ee14 100644 --- a/lib/tftp.c +++ b/lib/tftp.c @@ -65,8 +65,7 @@ #include "curlx/strerr.h" #include "curlx/strparse.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -474,18 +473,18 @@ static CURLcode tftp_send_first(struct tftp_conn *state, return CURLE_TFTP_ILLEGAL; /* too long filename field */ } - msnprintf((char *)state->spacket.data + 2, - state->blksize, - "%s%c%s%c", filename, '\0', mode, '\0'); + curl_msnprintf((char *)state->spacket.data + 2, + state->blksize, + "%s%c%s%c", filename, '\0', mode, '\0'); sbytes = 4 + strlen(filename) + strlen(mode); /* optional addition of TFTP options */ if(!data->set.tftp_no_options) { char buf[64]; /* add tsize option */ - msnprintf(buf, sizeof(buf), "%" FMT_OFF_T, - data->state.upload && (data->state.infilesize != -1) ? - data->state.infilesize : 0); + curl_msnprintf(buf, sizeof(buf), "%" FMT_OFF_T, + data->state.upload && (data->state.infilesize != -1) ? + data->state.infilesize : 0); result = tftp_option_add(state, &sbytes, (char *)state->spacket.data + sbytes, @@ -495,7 +494,7 @@ static CURLcode tftp_send_first(struct tftp_conn *state, (char *)state->spacket.data + sbytes, buf); /* add blksize option */ - msnprintf(buf, sizeof(buf), "%d", state->requested_blksize); + curl_msnprintf(buf, sizeof(buf), "%d", state->requested_blksize); if(result == CURLE_OK) result = tftp_option_add(state, &sbytes, (char *)state->spacket.data + sbytes, @@ -505,7 +504,7 @@ static CURLcode tftp_send_first(struct tftp_conn *state, (char *)state->spacket.data + sbytes, buf); /* add timeout option */ - msnprintf(buf, sizeof(buf), "%d", state->retry_time); + curl_msnprintf(buf, sizeof(buf), "%d", state->retry_time); if(result == CURLE_OK) result = tftp_option_add(state, &sbytes, (char *)state->spacket.data + sbytes, diff --git a/lib/transfer.c b/lib/transfer.c index 62528d2275..e8c030687a 100644 --- a/lib/transfer.c +++ b/lib/transfer.c @@ -83,8 +83,7 @@ #include "setopt.h" #include "headers.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -623,7 +622,7 @@ CURLcode Curl_pretransfer(struct Curl_easy *data) if(data->set.str[STRING_USERAGENT]) { free(data->state.aptr.uagent); data->state.aptr.uagent = - aprintf("User-Agent: %s\r\n", data->set.str[STRING_USERAGENT]); + curl_maprintf("User-Agent: %s\r\n", data->set.str[STRING_USERAGENT]); if(!data->state.aptr.uagent) return CURLE_OUT_OF_MEMORY; } diff --git a/lib/uint-bset.c b/lib/uint-bset.c index 1c60f22adf..7b822344c1 100644 --- a/lib/uint-bset.c +++ b/lib/uint-bset.c @@ -25,8 +25,7 @@ #include "curl_setup.h" #include "uint-bset.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/uint-spbset.c b/lib/uint-spbset.c index d12cdcb4aa..2e8e2a139e 100644 --- a/lib/uint-spbset.c +++ b/lib/uint-spbset.c @@ -26,8 +26,7 @@ #include "uint-bset.h" #include "uint-spbset.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/uint-table.c b/lib/uint-table.c index 21bcb6e1cf..5077363ab0 100644 --- a/lib/uint-table.c +++ b/lib/uint-table.c @@ -25,8 +25,7 @@ #include "curl_setup.h" #include "uint-table.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/url.c b/lib/url.c index 2a46354c61..6a433b09ef 100644 --- a/lib/url.c +++ b/lib/url.c @@ -126,8 +126,8 @@ #include "headers.h" #include "curlx/strerr.h" #include "curlx/strparse.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" + +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -504,7 +504,7 @@ CURLcode Curl_open(struct Curl_easy **curl) data = calloc(1, sizeof(struct Curl_easy)); if(!data) { /* this is a serious error */ - DEBUGF(fprintf(stderr, "Error: calloc of Curl_easy failed\n")); + DEBUGF(curl_mfprintf(stderr, "Error: calloc of Curl_easy failed\n")); return CURLE_OUT_OF_MEMORY; } @@ -1785,8 +1785,9 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data, if(data->set.str[STRING_DEFAULT_PROTOCOL] && !Curl_is_absolute_url(data->state.url, NULL, 0, TRUE)) { - char *url = aprintf("%s://%s", data->set.str[STRING_DEFAULT_PROTOCOL], - data->state.url); + char *url = curl_maprintf("%s://%s", + data->set.str[STRING_DEFAULT_PROTOCOL], + data->state.url); if(!url) return CURLE_OUT_OF_MEMORY; if(data->state.url_alloc) @@ -1997,7 +1998,7 @@ static CURLcode setup_range(struct Curl_easy *data) free(s->range); if(s->resume_from) - s->range = aprintf("%" FMT_OFF_T "-", s->resume_from); + s->range = curl_maprintf("%" FMT_OFF_T "-", s->resume_from); else s->range = strdup(data->set.str[STRING_SET_RANGE]); @@ -2055,9 +2056,10 @@ static CURLcode setup_connection_internals(struct Curl_easy *data, } #ifdef USE_IPV6 - conn->destination = aprintf("%u/%d/%s", conn->scope_id, port, hostname); + conn->destination = curl_maprintf("%u/%d/%s", conn->scope_id, port, + hostname); #else - conn->destination = aprintf("%d/%s", port, hostname); + conn->destination = curl_maprintf("%d/%s", port, hostname); #endif if(!conn->destination) return CURLE_OUT_OF_MEMORY; @@ -2105,7 +2107,8 @@ static char *detect_proxy(struct Curl_easy *data, (void)data; #endif - msnprintf(proxy_env, sizeof(proxy_env), "%s_proxy", conn->handler->scheme); + curl_msnprintf(proxy_env, sizeof(proxy_env), "%s_proxy", + conn->handler->scheme); /* read the protocol proxy: */ proxy = curl_getenv(proxy_env); @@ -2323,7 +2326,7 @@ static CURLcode parse_proxy(struct Curl_easy *data, if(strcmp("/", path)) { is_unix_proxy = TRUE; free(host); - host = aprintf(UNIX_SOCKET_PREFIX"%s", path); + host = curl_maprintf(UNIX_SOCKET_PREFIX"%s", path); if(!host) { result = CURLE_OUT_OF_MEMORY; goto error; @@ -2671,7 +2674,7 @@ static CURLcode parse_remote_port(struct Curl_easy *data, char portbuf[16]; CURLUcode uc; conn->remote_port = data->set.use_port; - msnprintf(portbuf, sizeof(portbuf), "%d", conn->remote_port); + curl_msnprintf(portbuf, sizeof(portbuf), "%d", conn->remote_port); uc = curl_url_set(data->state.uh, CURLUPART_PORT, portbuf, 0); if(uc) return CURLE_OUT_OF_MEMORY; @@ -2982,10 +2985,10 @@ static CURLcode parse_connect_to_string(struct Curl_easy *data, else { /* check whether the URL's hostname matches */ size_t hostname_to_match_len; - char *hostname_to_match = aprintf("%s%s%s", - conn->bits.ipv6_ip ? "[" : "", - conn->host.name, - conn->bits.ipv6_ip ? "]" : ""); + char *hostname_to_match = curl_maprintf("%s%s%s", + conn->bits.ipv6_ip ? "[" : "", + conn->host.name, + conn->bits.ipv6_ip ? "]" : ""); if(!hostname_to_match) return CURLE_OUT_OF_MEMORY; hostname_to_match_len = strlen(hostname_to_match); @@ -3703,7 +3706,7 @@ static CURLcode create_conn(struct Curl_easy *data, */ result = Curl_ssl_conn_config_init(data, conn); if(result) { - DEBUGF(fprintf(stderr, "Error: init connection ssl config\n")); + DEBUGF(curl_mfprintf(stderr, "Error: init connection ssl config\n")); goto out; } diff --git a/lib/urlapi.c b/lib/urlapi.c index 7776645b4a..0a6ae5ba1a 100644 --- a/lib/urlapi.c +++ b/lib/urlapi.c @@ -37,8 +37,7 @@ #include "curlx/strparse.h" #include "curl_memrchr.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -461,7 +460,7 @@ UNITTEST CURLUcode Curl_parse_port(struct Curl_URL *u, struct dynbuf *host, u->portnum = (unsigned short) port; /* generate a new port number string to get rid of leading zeroes etc */ free(u->port); - u->port = aprintf("%" CURL_FORMAT_CURL_OFF_T, port); + u->port = curl_maprintf("%" CURL_FORMAT_CURL_OFF_T, port); if(!u->port) return CURLUE_OUT_OF_MEMORY; } @@ -1430,12 +1429,12 @@ static CURLUcode urlget_url(const CURLU *u, char **part, unsigned int flags) bool urlencode = (flags & CURLU_URLENCODE) ? 1 : 0; char portbuf[7]; if(u->scheme && curl_strequal("file", u->scheme)) { - url = aprintf("file://%s%s%s%s%s", - u->path, - show_query ? "?": "", - u->query ? u->query : "", - show_fragment ? "#": "", - u->fragment ? u->fragment : ""); + url = curl_maprintf("file://%s%s%s%s%s", + u->path, + show_query ? "?": "", + u->query ? u->query : "", + show_fragment ? "#": "", + u->fragment ? u->fragment : ""); } else if(!u->host) return CURLUE_NO_HOST; @@ -1454,7 +1453,7 @@ static CURLUcode urlget_url(const CURLU *u, char **part, unsigned int flags) /* there is no stored port number, but asked to deliver a default one for the scheme */ if(h) { - msnprintf(portbuf, sizeof(portbuf), "%u", h->defport); + curl_msnprintf(portbuf, sizeof(portbuf), "%u", h->defport); port = portbuf; } } @@ -1502,26 +1501,26 @@ static CURLUcode urlget_url(const CURLU *u, char **part, unsigned int flags) } if(!(flags & CURLU_NO_GUESS_SCHEME) || !u->guessed_scheme) - msnprintf(schemebuf, sizeof(schemebuf), "%s://", scheme); + curl_msnprintf(schemebuf, sizeof(schemebuf), "%s://", scheme); else schemebuf[0] = 0; - url = aprintf("%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s", - schemebuf, - u->user ? u->user : "", - u->password ? ":": "", - u->password ? u->password : "", - options ? ";" : "", - options ? options : "", - (u->user || u->password || options) ? "@": "", - allochost ? allochost : u->host, - port ? ":": "", - port ? port : "", - u->path ? u->path : "/", - show_query ? "?": "", - u->query ? u->query : "", - show_fragment ? "#": "", - u->fragment ? u->fragment : ""); + url = curl_maprintf("%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s", + schemebuf, + u->user ? u->user : "", + u->password ? ":": "", + u->password ? u->password : "", + options ? ";" : "", + options ? options : "", + (u->user || u->password || options) ? "@": "", + allochost ? allochost : u->host, + port ? ":": "", + port ? port : "", + u->path ? u->path : "/", + show_query ? "?": "", + u->query ? u->query : "", + show_fragment ? "#": "", + u->fragment ? u->fragment : ""); free(allochost); } if(!url) @@ -1580,7 +1579,7 @@ CURLUcode curl_url_get(const CURLU *u, CURLUPart what, a default one for the scheme */ const struct Curl_handler *h = Curl_get_scheme_handler(u->scheme); if(h) { - msnprintf(portbuf, sizeof(portbuf), "%u", h->defport); + curl_msnprintf(portbuf, sizeof(portbuf), "%u", h->defport); ptr = portbuf; } } @@ -1665,7 +1664,7 @@ static CURLUcode set_url_port(CURLU *u, const char *provided_port) if(curlx_str_number(&provided_port, &port, 0xffff) || *provided_port) /* weirdly provided number, not good! */ return CURLUE_BAD_PORT_NUMBER; - tmp = aprintf("%" CURL_FORMAT_CURL_OFF_T, port); + tmp = curl_maprintf("%" CURL_FORMAT_CURL_OFF_T, port); if(!tmp) return CURLUE_OUT_OF_MEMORY; free(u->port); diff --git a/lib/vauth/.checksrc b/lib/vauth/.checksrc deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/lib/vauth/cleartext.c b/lib/vauth/cleartext.c index ebf026fcf5..dcfb13912d 100644 --- a/lib/vauth/cleartext.c +++ b/lib/vauth/cleartext.c @@ -37,7 +37,6 @@ #include "vauth.h" #include "../curlx/warnless.h" #include "../sendf.h" -#include "../curl_printf.h" /* The last #include files should be: */ #include "../curl_memory.h" diff --git a/lib/vauth/cram.c b/lib/vauth/cram.c index 3586e1012d..2754ddc4a2 100644 --- a/lib/vauth/cram.c +++ b/lib/vauth/cram.c @@ -35,7 +35,6 @@ #include "../curl_hmac.h" #include "../curl_md5.h" #include "../curlx/warnless.h" -#include "../curl_printf.h" /* The last #include files should be: */ #include "../curl_memory.h" @@ -82,7 +81,7 @@ CURLcode Curl_auth_create_cram_md5_message(const struct bufref *chlg, Curl_HMAC_final(ctxt, digest); /* Generate the response */ - response = aprintf( + response = curl_maprintf( "%s %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", userp, digest[0], digest[1], digest[2], digest[3], digest[4], digest[5], digest[6], digest[7], digest[8], digest[9], digest[10], diff --git a/lib/vauth/digest.c b/lib/vauth/digest.c index 898629a958..4196ae725c 100644 --- a/lib/vauth/digest.c +++ b/lib/vauth/digest.c @@ -42,7 +42,6 @@ #include "../vtls/vtls.h" #include "../curlx/warnless.h" #include "../curlx/strparse.h" -#include "../curl_printf.h" #include "../rand.h" /* The last #include files should be: */ @@ -147,7 +146,7 @@ static void auth_digest_md5_to_ascii(unsigned char *source, /* 16 bytes */ { int i; for(i = 0; i < 16; i++) - msnprintf((char *) &dest[i * 2], 3, "%02x", source[i]); + curl_msnprintf((char *) &dest[i * 2], 3, "%02x", source[i]); } /* Convert sha256 or SHA-512/256 chunk to RFC7616 -suitable ASCII string */ @@ -156,7 +155,7 @@ static void auth_digest_sha256_to_ascii(unsigned char *source, /* 32 bytes */ { int i; for(i = 0; i < 32; i++) - msnprintf((char *) &dest[i * 2], 3, "%02x", source[i]); + curl_msnprintf((char *) &dest[i * 2], 3, "%02x", source[i]); } /* Perform quoted-string escaping as described in RFC2616 and its errata */ @@ -404,7 +403,7 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data, /* Convert calculated 16 octet hex into 32 bytes string */ for(i = 0; i < MD5_DIGEST_LEN; i++) - msnprintf(&HA1_hex[2 * i], 3, "%02x", digest[i]); + curl_msnprintf(&HA1_hex[2 * i], 3, "%02x", digest[i]); /* Generate our SPN */ spn = Curl_auth_build_spn(service, data->conn->host.name, NULL); @@ -427,7 +426,7 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data, Curl_MD5_final(ctxt, digest); for(i = 0; i < MD5_DIGEST_LEN; i++) - msnprintf(&HA2_hex[2 * i], 3, "%02x", digest[i]); + curl_msnprintf(&HA2_hex[2 * i], 3, "%02x", digest[i]); /* Now calculate the response hash */ ctxt = Curl_MD5_init(&Curl_DIGEST_MD5); @@ -457,14 +456,14 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data, Curl_MD5_final(ctxt, digest); for(i = 0; i < MD5_DIGEST_LEN; i++) - msnprintf(&resp_hash_hex[2 * i], 3, "%02x", digest[i]); + curl_msnprintf(&resp_hash_hex[2 * i], 3, "%02x", digest[i]); /* Generate the response */ - response = aprintf("username=\"%s\",realm=\"%s\",nonce=\"%s\"," - "cnonce=\"%s\",nc=\"%s\",digest-uri=\"%s\",response=%s," - "qop=%s", - userp, realm, nonce, - cnonce, nonceCount, spn, resp_hash_hex, qop); + response = curl_maprintf("username=\"%s\",realm=\"%s\",nonce=\"%s\"," + "cnonce=\"%s\",nc=\"%s\",digest-uri=\"%s\"," + "response=%s,qop=%s", + userp, realm, nonce, + cnonce, nonceCount, spn, resp_hash_hex, qop); free(spn); if(!response) return CURLE_OUT_OF_MEMORY; @@ -707,7 +706,8 @@ static CURLcode auth_create_digest_http_message( } if(digest->userhash) { - hashthis = aprintf("%s:%s", userp, digest->realm ? digest->realm : ""); + hashthis = curl_maprintf("%s:%s", userp, + digest->realm ? digest->realm : ""); if(!hashthis) return CURLE_OUT_OF_MEMORY; @@ -729,8 +729,8 @@ static CURLcode auth_create_digest_http_message( unq(nonce-value) ":" unq(cnonce-value) */ - hashthis = aprintf("%s:%s:%s", userp, digest->realm ? digest->realm : "", - passwdp); + hashthis = curl_maprintf("%s:%s:%s", userp, + digest->realm ? digest->realm : "", passwdp); if(!hashthis) return CURLE_OUT_OF_MEMORY; @@ -742,7 +742,7 @@ static CURLcode auth_create_digest_http_message( if(digest->algo & SESSION_ALGO) { /* nonce and cnonce are OUTSIDE the hash */ - tmp = aprintf("%s:%s:%s", ha1, digest->nonce, digest->cnonce); + tmp = curl_maprintf("%s:%s:%s", ha1, digest->nonce, digest->cnonce); if(!tmp) return CURLE_OUT_OF_MEMORY; @@ -766,7 +766,7 @@ static CURLcode auth_create_digest_http_message( 5.1.1 of RFC 2616) */ - hashthis = aprintf("%s:%s", request, uripath); + hashthis = curl_maprintf("%s:%s", request, uripath); if(!hashthis) return CURLE_OUT_OF_MEMORY; @@ -782,7 +782,7 @@ static CURLcode auth_create_digest_http_message( } convert_to_ascii(hashbuf, (unsigned char *)hashed); - hashthis2 = aprintf("%s:%s", hashthis, hashed); + hashthis2 = curl_maprintf("%s:%s", hashthis, hashed); free(hashthis); hashthis = hashthis2; } @@ -797,11 +797,11 @@ static CURLcode auth_create_digest_http_message( convert_to_ascii(hashbuf, ha2); if(digest->qop) { - hashthis = aprintf("%s:%s:%08x:%s:%s:%s", ha1, digest->nonce, digest->nc, - digest->cnonce, digest->qop, ha2); + hashthis = curl_maprintf("%s:%s:%08x:%s:%s:%s", ha1, digest->nonce, + digest->nc, digest->cnonce, digest->qop, ha2); } else { - hashthis = aprintf("%s:%s:%s", ha1, digest->nonce, ha2); + hashthis = curl_maprintf("%s:%s:%s", ha1, digest->nonce, ha2); } if(!hashthis) @@ -848,37 +848,37 @@ static CURLcode auth_create_digest_http_message( } if(digest->qop) { - response = aprintf("username=\"%s\", " - "realm=\"%s\", " - "nonce=\"%s\", " - "uri=\"%s\", " - "cnonce=\"%s\", " - "nc=%08x, " - "qop=%s, " - "response=\"%s\"", - userp_quoted, - realm_quoted, - nonce_quoted, - uripath, - digest->cnonce, - digest->nc, - digest->qop, - request_digest); + response = curl_maprintf("username=\"%s\", " + "realm=\"%s\", " + "nonce=\"%s\", " + "uri=\"%s\", " + "cnonce=\"%s\", " + "nc=%08x, " + "qop=%s, " + "response=\"%s\"", + userp_quoted, + realm_quoted, + nonce_quoted, + uripath, + digest->cnonce, + digest->nc, + digest->qop, + request_digest); /* Increment nonce-count to use another nc value for the next request */ digest->nc++; } else { - response = aprintf("username=\"%s\", " - "realm=\"%s\", " - "nonce=\"%s\", " - "uri=\"%s\", " - "response=\"%s\"", - userp_quoted, - realm_quoted, - nonce_quoted, - uripath, - request_digest); + response = curl_maprintf("username=\"%s\", " + "realm=\"%s\", " + "nonce=\"%s\", " + "uri=\"%s\", " + "response=\"%s\"", + userp_quoted, + realm_quoted, + nonce_quoted, + uripath, + request_digest); } free(nonce_quoted); free(realm_quoted); @@ -895,7 +895,7 @@ static CURLcode auth_create_digest_http_message( free(response); return CURLE_OUT_OF_MEMORY; } - tmp = aprintf("%s, opaque=\"%s\"", response, opaque_quoted); + tmp = curl_maprintf("%s, opaque=\"%s\"", response, opaque_quoted); free(response); free(opaque_quoted); if(!tmp) @@ -906,7 +906,7 @@ static CURLcode auth_create_digest_http_message( if(digest->algorithm) { /* Append the algorithm */ - tmp = aprintf("%s, algorithm=%s", response, digest->algorithm); + tmp = curl_maprintf("%s, algorithm=%s", response, digest->algorithm); free(response); if(!tmp) return CURLE_OUT_OF_MEMORY; @@ -916,7 +916,7 @@ static CURLcode auth_create_digest_http_message( if(digest->userhash) { /* Append the userhash */ - tmp = aprintf("%s, userhash=true", response); + tmp = curl_maprintf("%s, userhash=true", response); free(response); if(!tmp) return CURLE_OUT_OF_MEMORY; diff --git a/lib/vauth/gsasl.c b/lib/vauth/gsasl.c index 3684c8f4b2..8fbb62af80 100644 --- a/lib/vauth/gsasl.c +++ b/lib/vauth/gsasl.c @@ -36,8 +36,7 @@ #include -/* The last 3 #include files should be in this order */ -#include "../curl_printf.h" +/* The last 2 #include files should be in this order */ #include "../curl_memory.h" #include "../memdebug.h" diff --git a/lib/vauth/krb5_gssapi.c b/lib/vauth/krb5_gssapi.c index fd46619d84..70144e5514 100644 --- a/lib/vauth/krb5_gssapi.c +++ b/lib/vauth/krb5_gssapi.c @@ -36,7 +36,6 @@ #include "../urldata.h" #include "../curl_gssapi.h" #include "../sendf.h" -#include "../curl_printf.h" /* The last #include files should be: */ #include "../curl_memory.h" diff --git a/lib/vauth/ntlm.c b/lib/vauth/ntlm.c index 6164cd388b..791fc87d11 100644 --- a/lib/vauth/ntlm.c +++ b/lib/vauth/ntlm.c @@ -48,7 +48,6 @@ #include "vauth.h" #include "../curl_endian.h" -#include "../curl_printf.h" /* The last #include files should be: */ #include "../curl_memory.h" @@ -168,67 +167,67 @@ static void ntlm_print_flags(FILE *handle, unsigned long flags) { if(flags & NTLMFLAG_NEGOTIATE_UNICODE) - fprintf(handle, "NTLMFLAG_NEGOTIATE_UNICODE "); + curl_mfprintf(handle, "NTLMFLAG_NEGOTIATE_UNICODE "); if(flags & NTLMFLAG_NEGOTIATE_OEM) - fprintf(handle, "NTLMFLAG_NEGOTIATE_OEM "); + curl_mfprintf(handle, "NTLMFLAG_NEGOTIATE_OEM "); if(flags & NTLMFLAG_REQUEST_TARGET) - fprintf(handle, "NTLMFLAG_REQUEST_TARGET "); + curl_mfprintf(handle, "NTLMFLAG_REQUEST_TARGET "); if(flags & (1 << 3)) - fprintf(handle, "NTLMFLAG_UNKNOWN_3 "); + curl_mfprintf(handle, "NTLMFLAG_UNKNOWN_3 "); if(flags & NTLMFLAG_NEGOTIATE_SIGN) - fprintf(handle, "NTLMFLAG_NEGOTIATE_SIGN "); + curl_mfprintf(handle, "NTLMFLAG_NEGOTIATE_SIGN "); if(flags & NTLMFLAG_NEGOTIATE_SEAL) - fprintf(handle, "NTLMFLAG_NEGOTIATE_SEAL "); + curl_mfprintf(handle, "NTLMFLAG_NEGOTIATE_SEAL "); if(flags & NTLMFLAG_NEGOTIATE_DATAGRAM_STYLE) - fprintf(handle, "NTLMFLAG_NEGOTIATE_DATAGRAM_STYLE "); + curl_mfprintf(handle, "NTLMFLAG_NEGOTIATE_DATAGRAM_STYLE "); if(flags & NTLMFLAG_NEGOTIATE_LM_KEY) - fprintf(handle, "NTLMFLAG_NEGOTIATE_LM_KEY "); + curl_mfprintf(handle, "NTLMFLAG_NEGOTIATE_LM_KEY "); if(flags & NTLMFLAG_NEGOTIATE_NTLM_KEY) - fprintf(handle, "NTLMFLAG_NEGOTIATE_NTLM_KEY "); + curl_mfprintf(handle, "NTLMFLAG_NEGOTIATE_NTLM_KEY "); if(flags & (1 << 10)) - fprintf(handle, "NTLMFLAG_UNKNOWN_10 "); + curl_mfprintf(handle, "NTLMFLAG_UNKNOWN_10 "); if(flags & NTLMFLAG_NEGOTIATE_ANONYMOUS) - fprintf(handle, "NTLMFLAG_NEGOTIATE_ANONYMOUS "); + curl_mfprintf(handle, "NTLMFLAG_NEGOTIATE_ANONYMOUS "); if(flags & NTLMFLAG_NEGOTIATE_DOMAIN_SUPPLIED) - fprintf(handle, "NTLMFLAG_NEGOTIATE_DOMAIN_SUPPLIED "); + curl_mfprintf(handle, "NTLMFLAG_NEGOTIATE_DOMAIN_SUPPLIED "); if(flags & NTLMFLAG_NEGOTIATE_WORKSTATION_SUPPLIED) - fprintf(handle, "NTLMFLAG_NEGOTIATE_WORKSTATION_SUPPLIED "); + curl_mfprintf(handle, "NTLMFLAG_NEGOTIATE_WORKSTATION_SUPPLIED "); if(flags & NTLMFLAG_NEGOTIATE_LOCAL_CALL) - fprintf(handle, "NTLMFLAG_NEGOTIATE_LOCAL_CALL "); + curl_mfprintf(handle, "NTLMFLAG_NEGOTIATE_LOCAL_CALL "); if(flags & NTLMFLAG_NEGOTIATE_ALWAYS_SIGN) - fprintf(handle, "NTLMFLAG_NEGOTIATE_ALWAYS_SIGN "); + curl_mfprintf(handle, "NTLMFLAG_NEGOTIATE_ALWAYS_SIGN "); if(flags & NTLMFLAG_TARGET_TYPE_DOMAIN) - fprintf(handle, "NTLMFLAG_TARGET_TYPE_DOMAIN "); + curl_mfprintf(handle, "NTLMFLAG_TARGET_TYPE_DOMAIN "); if(flags & NTLMFLAG_TARGET_TYPE_SERVER) - fprintf(handle, "NTLMFLAG_TARGET_TYPE_SERVER "); + curl_mfprintf(handle, "NTLMFLAG_TARGET_TYPE_SERVER "); if(flags & NTLMFLAG_TARGET_TYPE_SHARE) - fprintf(handle, "NTLMFLAG_TARGET_TYPE_SHARE "); + curl_mfprintf(handle, "NTLMFLAG_TARGET_TYPE_SHARE "); if(flags & NTLMFLAG_NEGOTIATE_NTLM2_KEY) - fprintf(handle, "NTLMFLAG_NEGOTIATE_NTLM2_KEY "); + curl_mfprintf(handle, "NTLMFLAG_NEGOTIATE_NTLM2_KEY "); if(flags & NTLMFLAG_REQUEST_INIT_RESPONSE) - fprintf(handle, "NTLMFLAG_REQUEST_INIT_RESPONSE "); + curl_mfprintf(handle, "NTLMFLAG_REQUEST_INIT_RESPONSE "); if(flags & NTLMFLAG_REQUEST_ACCEPT_RESPONSE) - fprintf(handle, "NTLMFLAG_REQUEST_ACCEPT_RESPONSE "); + curl_mfprintf(handle, "NTLMFLAG_REQUEST_ACCEPT_RESPONSE "); if(flags & NTLMFLAG_REQUEST_NONNT_SESSION_KEY) - fprintf(handle, "NTLMFLAG_REQUEST_NONNT_SESSION_KEY "); + curl_mfprintf(handle, "NTLMFLAG_REQUEST_NONNT_SESSION_KEY "); if(flags & NTLMFLAG_NEGOTIATE_TARGET_INFO) - fprintf(handle, "NTLMFLAG_NEGOTIATE_TARGET_INFO "); + curl_mfprintf(handle, "NTLMFLAG_NEGOTIATE_TARGET_INFO "); if(flags & (1 << 24)) - fprintf(handle, "NTLMFLAG_UNKNOWN_24 "); + curl_mfprintf(handle, "NTLMFLAG_UNKNOWN_24 "); if(flags & (1 << 25)) - fprintf(handle, "NTLMFLAG_UNKNOWN_25 "); + curl_mfprintf(handle, "NTLMFLAG_UNKNOWN_25 "); if(flags & (1 << 26)) - fprintf(handle, "NTLMFLAG_UNKNOWN_26 "); + curl_mfprintf(handle, "NTLMFLAG_UNKNOWN_26 "); if(flags & (1 << 27)) - fprintf(handle, "NTLMFLAG_UNKNOWN_27 "); + curl_mfprintf(handle, "NTLMFLAG_UNKNOWN_27 "); if(flags & (1 << 28)) - fprintf(handle, "NTLMFLAG_UNKNOWN_28 "); + curl_mfprintf(handle, "NTLMFLAG_UNKNOWN_28 "); if(flags & NTLMFLAG_NEGOTIATE_128) - fprintf(handle, "NTLMFLAG_NEGOTIATE_128 "); + curl_mfprintf(handle, "NTLMFLAG_NEGOTIATE_128 "); if(flags & NTLMFLAG_NEGOTIATE_KEY_EXCHANGE) - fprintf(handle, "NTLMFLAG_NEGOTIATE_KEY_EXCHANGE "); + curl_mfprintf(handle, "NTLMFLAG_NEGOTIATE_KEY_EXCHANGE "); if(flags & NTLMFLAG_NEGOTIATE_56) - fprintf(handle, "NTLMFLAG_NEGOTIATE_56 "); + curl_mfprintf(handle, "NTLMFLAG_NEGOTIATE_56 "); } static void ntlm_print_hex(FILE *handle, const char *buf, size_t len) @@ -237,9 +236,9 @@ static void ntlm_print_hex(FILE *handle, const char *buf, size_t len) (void)handle; - fprintf(stderr, "0x"); + curl_mfprintf(stderr, "0x"); while(len-- > 0) - fprintf(stderr, "%02.2x", (unsigned int)*p++); + curl_mfprintf(stderr, "%02.2x", (unsigned int)*p++); } #else # define DEBUG_OUT(x) Curl_nop_stmt @@ -394,12 +393,12 @@ CURLcode Curl_auth_decode_ntlm_type2_message(struct Curl_easy *data, } DEBUG_OUT({ - fprintf(stderr, "**** TYPE2 header flags=0x%08.8lx ", ntlm->flags); + curl_mfprintf(stderr, "**** TYPE2 header flags=0x%08.8lx ", ntlm->flags); ntlm_print_flags(stderr, ntlm->flags); - fprintf(stderr, "\n nonce="); + curl_mfprintf(stderr, "\n nonce="); ntlm_print_hex(stderr, (char *)ntlm->nonce, 8); - fprintf(stderr, "\n****\n"); - fprintf(stderr, "**** Header %s\n ", header); + curl_mfprintf(stderr, "\n****\n"); + curl_mfprintf(stderr, "**** Header %s\n ", header); }); return result; @@ -475,37 +474,37 @@ CURLcode Curl_auth_create_ntlm_type1_message(struct Curl_easy *data, /* Clean up any former leftovers and initialise to defaults */ Curl_auth_cleanup_ntlm(ntlm); - ntlmbuf = aprintf(NTLMSSP_SIGNATURE "%c" - "\x01%c%c%c" /* 32-bit type = 1 */ - "%c%c%c%c" /* 32-bit NTLM flag field */ - "%c%c" /* domain length */ - "%c%c" /* domain allocated space */ - "%c%c" /* domain name offset */ - "%c%c" /* 2 zeroes */ - "%c%c" /* host length */ - "%c%c" /* host allocated space */ - "%c%c" /* hostname offset */ - "%c%c" /* 2 zeroes */ - "%s" /* hostname */ - "%s", /* domain string */ - 0, /* trailing zero */ - 0, 0, 0, /* part of type-1 long */ + ntlmbuf = curl_maprintf(NTLMSSP_SIGNATURE "%c" + "\x01%c%c%c" /* 32-bit type = 1 */ + "%c%c%c%c" /* 32-bit NTLM flag field */ + "%c%c" /* domain length */ + "%c%c" /* domain allocated space */ + "%c%c" /* domain name offset */ + "%c%c" /* 2 zeroes */ + "%c%c" /* host length */ + "%c%c" /* host allocated space */ + "%c%c" /* hostname offset */ + "%c%c" /* 2 zeroes */ + "%s" /* hostname */ + "%s", /* domain string */ + 0, /* trailing zero */ + 0, 0, 0, /* part of type-1 long */ - LONGQUARTET(NTLMFLAG_NEGOTIATE_OEM | - NTLMFLAG_REQUEST_TARGET | - NTLMFLAG_NEGOTIATE_NTLM_KEY | - NTLMFLAG_NEGOTIATE_NTLM2_KEY | - NTLMFLAG_NEGOTIATE_ALWAYS_SIGN), - SHORTPAIR(domlen), - SHORTPAIR(domlen), - SHORTPAIR(domoff), - 0, 0, - SHORTPAIR(hostlen), - SHORTPAIR(hostlen), - SHORTPAIR(hostoff), - 0, 0, - host, /* this is empty */ - domain /* this is empty */); + LONGQUARTET(NTLMFLAG_NEGOTIATE_OEM | + NTLMFLAG_REQUEST_TARGET | + NTLMFLAG_NEGOTIATE_NTLM_KEY | + NTLMFLAG_NEGOTIATE_NTLM2_KEY | + NTLMFLAG_NEGOTIATE_ALWAYS_SIGN), + SHORTPAIR(domlen), + SHORTPAIR(domlen), + SHORTPAIR(domoff), + 0, 0, + SHORTPAIR(hostlen), + SHORTPAIR(hostlen), + SHORTPAIR(hostoff), + 0, 0, + host, /* this is empty */ + domain /* this is empty */); if(!ntlmbuf) return CURLE_OUT_OF_MEMORY; @@ -514,25 +513,25 @@ CURLcode Curl_auth_create_ntlm_type1_message(struct Curl_easy *data, size = 32 + hostlen + domlen; DEBUG_OUT({ - fprintf(stderr, "* TYPE1 header flags=0x%02.2x%02.2x%02.2x%02.2x " - "0x%08.8x ", - LONGQUARTET(NTLMFLAG_NEGOTIATE_OEM | - NTLMFLAG_REQUEST_TARGET | - NTLMFLAG_NEGOTIATE_NTLM_KEY | - NTLMFLAG_NEGOTIATE_NTLM2_KEY | - NTLMFLAG_NEGOTIATE_ALWAYS_SIGN), - NTLMFLAG_NEGOTIATE_OEM | - NTLMFLAG_REQUEST_TARGET | - NTLMFLAG_NEGOTIATE_NTLM_KEY | - NTLMFLAG_NEGOTIATE_NTLM2_KEY | - NTLMFLAG_NEGOTIATE_ALWAYS_SIGN); + curl_mfprintf(stderr, "* TYPE1 header flags=0x%02.2x%02.2x%02.2x%02.2x " + "0x%08.8x ", + LONGQUARTET(NTLMFLAG_NEGOTIATE_OEM | + NTLMFLAG_REQUEST_TARGET | + NTLMFLAG_NEGOTIATE_NTLM_KEY | + NTLMFLAG_NEGOTIATE_NTLM2_KEY | + NTLMFLAG_NEGOTIATE_ALWAYS_SIGN), + NTLMFLAG_NEGOTIATE_OEM | + NTLMFLAG_REQUEST_TARGET | + NTLMFLAG_NEGOTIATE_NTLM_KEY | + NTLMFLAG_NEGOTIATE_NTLM2_KEY | + NTLMFLAG_NEGOTIATE_ALWAYS_SIGN); ntlm_print_flags(stderr, NTLMFLAG_NEGOTIATE_OEM | NTLMFLAG_REQUEST_TARGET | NTLMFLAG_NEGOTIATE_NTLM_KEY | NTLMFLAG_NEGOTIATE_NTLM2_KEY | NTLMFLAG_NEGOTIATE_ALWAYS_SIGN); - fprintf(stderr, "\n****\n"); + curl_mfprintf(stderr, "\n****\n"); }); Curl_bufref_set(out, ntlmbuf, size, curl_free); @@ -693,82 +692,84 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data, hostoff = useroff + userlen; /* Create the big type-3 message binary blob */ - size = msnprintf((char *)ntlmbuf, NTLM_BUFSIZE, - NTLMSSP_SIGNATURE "%c" - "\x03%c%c%c" /* 32-bit type = 3 */ + size = curl_msnprintf((char *)ntlmbuf, NTLM_BUFSIZE, + NTLMSSP_SIGNATURE "%c" + "\x03%c%c%c" /* 32-bit type = 3 */ - "%c%c" /* LanManager length */ - "%c%c" /* LanManager allocated space */ - "%c%c" /* LanManager offset */ - "%c%c" /* 2 zeroes */ + "%c%c" /* LanManager length */ + "%c%c" /* LanManager allocated space */ + "%c%c" /* LanManager offset */ + "%c%c" /* 2 zeroes */ - "%c%c" /* NT-response length */ - "%c%c" /* NT-response allocated space */ - "%c%c" /* NT-response offset */ - "%c%c" /* 2 zeroes */ + "%c%c" /* NT-response length */ + "%c%c" /* NT-response allocated space */ + "%c%c" /* NT-response offset */ + "%c%c" /* 2 zeroes */ - "%c%c" /* domain length */ - "%c%c" /* domain allocated space */ - "%c%c" /* domain name offset */ - "%c%c" /* 2 zeroes */ + "%c%c" /* domain length */ + "%c%c" /* domain allocated space */ + "%c%c" /* domain name offset */ + "%c%c" /* 2 zeroes */ - "%c%c" /* user length */ - "%c%c" /* user allocated space */ - "%c%c" /* user offset */ - "%c%c" /* 2 zeroes */ + "%c%c" /* user length */ + "%c%c" /* user allocated space */ + "%c%c" /* user offset */ + "%c%c" /* 2 zeroes */ - "%c%c" /* host length */ - "%c%c" /* host allocated space */ - "%c%c" /* host offset */ - "%c%c" /* 2 zeroes */ + "%c%c" /* host length */ + "%c%c" /* host allocated space */ + "%c%c" /* host offset */ + "%c%c" /* 2 zeroes */ - "%c%c" /* session key length (unknown purpose) */ - "%c%c" /* session key allocated space (unknown purpose) */ - "%c%c" /* session key offset (unknown purpose) */ - "%c%c" /* 2 zeroes */ + "%c%c" /* session key length (unknown purpose) */ + "%c%c" /* session key allocated space + (unknown purpose) */ + "%c%c" /* session key offset (unknown purpose) */ + "%c%c" /* 2 zeroes */ - "%c%c%c%c", /* flags */ + "%c%c%c%c", /* flags */ - /* domain string */ - /* user string */ - /* host string */ - /* LanManager response */ - /* NT response */ + /* domain string */ + /* user string */ + /* host string */ + /* LanManager response */ + /* NT response */ - 0, /* null-termination */ - 0, 0, 0, /* type-3 long, the 24 upper bits */ + 0, /* null-termination */ + 0, 0, 0, /* type-3 long, the 24 upper bits */ - SHORTPAIR(0x18), /* LanManager response length, twice */ - SHORTPAIR(0x18), - SHORTPAIR(lmrespoff), - 0x0, 0x0, + SHORTPAIR(0x18), /* LanManager response length, + twice */ + SHORTPAIR(0x18), + SHORTPAIR(lmrespoff), + 0x0, 0x0, - SHORTPAIR(ntresplen), /* NT-response length, twice */ - SHORTPAIR(ntresplen), - SHORTPAIR(ntrespoff), - 0x0, 0x0, + SHORTPAIR(ntresplen), /* NT-response length, twice */ + SHORTPAIR(ntresplen), + SHORTPAIR(ntrespoff), + 0x0, 0x0, - SHORTPAIR(domlen), - SHORTPAIR(domlen), - SHORTPAIR(domoff), - 0x0, 0x0, + SHORTPAIR(domlen), + SHORTPAIR(domlen), + SHORTPAIR(domoff), + 0x0, 0x0, - SHORTPAIR(userlen), - SHORTPAIR(userlen), - SHORTPAIR(useroff), - 0x0, 0x0, + SHORTPAIR(userlen), + SHORTPAIR(userlen), + SHORTPAIR(useroff), + 0x0, 0x0, - SHORTPAIR(hostlen), - SHORTPAIR(hostlen), - SHORTPAIR(hostoff), - 0x0, 0x0, + SHORTPAIR(hostlen), + SHORTPAIR(hostlen), + SHORTPAIR(hostoff), + 0x0, 0x0, - 0x0, 0x0, - 0x0, 0x0, - 0x0, 0x0, - 0x0, 0x0, + 0x0, 0x0, + 0x0, 0x0, + 0x0, 0x0, + 0x0, 0x0, - LONGQUARTET(ntlm->flags)); + LONGQUARTET(ntlm->flags)); DEBUGASSERT(size == 64); DEBUGASSERT(size == (size_t)lmrespoff); @@ -780,7 +781,7 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data, } DEBUG_OUT({ - fprintf(stderr, "**** TYPE3 header lmresp="); + curl_mfprintf(stderr, "**** TYPE3 header lmresp="); ntlm_print_hex(stderr, (char *)&ntlmbuf[lmrespoff], 0x18); }); @@ -794,17 +795,17 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data, size += ntresplen; DEBUG_OUT({ - fprintf(stderr, "\n ntresp="); + curl_mfprintf(stderr, "\n ntresp="); ntlm_print_hex(stderr, (char *)&ntlmbuf[ntrespoff], ntresplen); }); free(ntlmv2resp);/* Free the dynamic buffer allocated for NTLMv2 */ DEBUG_OUT({ - fprintf(stderr, "\n flags=0x%02.2x%02.2x%02.2x%02.2x 0x%08.8x ", - LONGQUARTET(ntlm->flags), ntlm->flags); + curl_mfprintf(stderr, "\n flags=0x%02.2x%02.2x%02.2x%02.2x 0x%08.8x ", + LONGQUARTET(ntlm->flags), ntlm->flags); ntlm_print_flags(stderr, ntlm->flags); - fprintf(stderr, "\n****\n"); + curl_mfprintf(stderr, "\n****\n"); }); /* Make sure that the domain, user and host strings fit in the diff --git a/lib/vauth/oauth2.c b/lib/vauth/oauth2.c index a84dc60daf..cf7addf535 100644 --- a/lib/vauth/oauth2.c +++ b/lib/vauth/oauth2.c @@ -35,7 +35,6 @@ #include "vauth.h" #include "../curlx/warnless.h" -#include "../curl_printf.h" /* The last #include files should be: */ #include "../curl_memory.h" @@ -67,11 +66,11 @@ CURLcode Curl_auth_create_oauth_bearer_message(const char *user, /* Generate the message */ if(port == 0 || port == 80) - oauth = aprintf("n,a=%s,\1host=%s\1auth=Bearer %s\1\1", user, host, - bearer); + oauth = curl_maprintf("n,a=%s,\1host=%s\1auth=Bearer %s\1\1", user, host, + bearer); else - oauth = aprintf("n,a=%s,\1host=%s\1port=%ld\1auth=Bearer %s\1\1", user, - host, port, bearer); + oauth = curl_maprintf("n,a=%s,\1host=%s\1port=%ld\1auth=Bearer %s\1\1", + user, host, port, bearer); if(!oauth) return CURLE_OUT_OF_MEMORY; @@ -98,7 +97,7 @@ CURLcode Curl_auth_create_xoauth_bearer_message(const char *user, struct bufref *out) { /* Generate the message */ - char *xoauth = aprintf("user=%s\1auth=Bearer %s\1\1", user, bearer); + char *xoauth = curl_maprintf("user=%s\1auth=Bearer %s\1\1", user, bearer); if(!xoauth) return CURLE_OUT_OF_MEMORY; diff --git a/lib/vauth/vauth.c b/lib/vauth/vauth.c index c6cf428572..6ee687dcab 100644 --- a/lib/vauth/vauth.c +++ b/lib/vauth/vauth.c @@ -30,7 +30,6 @@ #include "../strdup.h" #include "../urldata.h" #include "../curlx/multibyte.h" -#include "../curl_printf.h" #include "../url.h" /* The last #include files should be: */ @@ -62,11 +61,11 @@ char *Curl_auth_build_spn(const char *service, const char *host, /* Generate our SPN */ if(host && realm) - spn = aprintf("%s/%s@%s", service, host, realm); + spn = curl_maprintf("%s/%s@%s", service, host, realm); else if(host) - spn = aprintf("%s/%s", service, host); + spn = curl_maprintf("%s/%s", service, host); else if(realm) - spn = aprintf("%s@%s", service, realm); + spn = curl_maprintf("%s@%s", service, realm); /* Return our newly allocated SPN */ return spn; @@ -89,7 +88,7 @@ TCHAR *Curl_auth_build_spn(const char *service, const char *host, formulate the SPN instead. */ /* Generate our UTF8 based SPN */ - utf8_spn = aprintf("%s/%s", service, host); + utf8_spn = curl_maprintf("%s/%s", service, host); if(!utf8_spn) return NULL; diff --git a/lib/version.c b/lib/version.c index 8158f26e73..3798fed6e1 100644 --- a/lib/version.c +++ b/lib/version.c @@ -34,7 +34,6 @@ #include "http2.h" #include "vssh/ssh.h" #include "vquic/vquic.h" -#include "curl_printf.h" #include "easy_lock.h" #ifdef USE_ARES @@ -89,7 +88,7 @@ static void brotli_version(char *buf, size_t bufsz) unsigned int major = brotli_version >> 24; unsigned int minor = (brotli_version & 0x00FFFFFF) >> 12; unsigned int patch = brotli_version & 0x00000FFF; - (void)msnprintf(buf, bufsz, "brotli/%u.%u.%u", major, minor, patch); + (void)curl_msnprintf(buf, bufsz, "brotli/%u.%u.%u", major, minor, patch); } #endif @@ -100,7 +99,7 @@ static void zstd_version(char *buf, size_t bufsz) unsigned int major = version / (100 * 100); unsigned int minor = (version - (major * 100 * 100)) / 100; unsigned int patch = version - (major * 100 * 100) - (minor * 100); - (void)msnprintf(buf, bufsz, "zstd/%u.%u.%u", major, minor, patch); + (void)curl_msnprintf(buf, bufsz, "zstd/%u.%u.%u", major, minor, patch); } #endif @@ -116,13 +115,13 @@ static void oldap_version(char *buf, size_t bufsz) unsigned int minor = (((unsigned int)api.ldapai_vendor_version - major * 10000) - patch) / 100; - msnprintf(buf, bufsz, "%s/%u.%u.%u", - api.ldapai_vendor_name, major, minor, patch); + curl_msnprintf(buf, bufsz, "%s/%u.%u.%u", + api.ldapai_vendor_name, major, minor, patch); ldap_memfree(api.ldapai_vendor_name); ber_memvfree((void **)api.ldapai_extensions); } else - msnprintf(buf, bufsz, "OpenLDAP"); + curl_msnprintf(buf, bufsz, "OpenLDAP"); } #endif @@ -132,10 +131,10 @@ static void psl_version(char *buf, size_t bufsz) #if defined(PSL_VERSION_MAJOR) && (PSL_VERSION_MAJOR > 0 || \ PSL_VERSION_MINOR >= 11) int num = psl_check_version_number(0); - msnprintf(buf, bufsz, "libpsl/%d.%d.%d", - num >> 16, (num >> 8) & 0xff, num & 0xff); + curl_msnprintf(buf, bufsz, "libpsl/%d.%d.%d", + num >> 16, (num >> 8) & 0xff, num & 0xff); #else - msnprintf(buf, bufsz, "libpsl/%s", psl_get_version()); + curl_msnprintf(buf, bufsz, "libpsl/%s", psl_get_version()); #endif } #endif @@ -148,11 +147,11 @@ static void psl_version(char *buf, size_t bufsz) static void idn_version(char *buf, size_t bufsz) { #ifdef USE_LIBIDN2 - msnprintf(buf, bufsz, "libidn2/%s", idn2_check_version(NULL)); + curl_msnprintf(buf, bufsz, "libidn2/%s", idn2_check_version(NULL)); #elif defined(USE_WIN32_IDN) - msnprintf(buf, bufsz, "WinIDN"); + curl_msnprintf(buf, bufsz, "WinIDN"); #elif defined(USE_APPLE_IDN) - msnprintf(buf, bufsz, "AppleIDN"); + curl_msnprintf(buf, bufsz, "AppleIDN"); #endif } #endif @@ -219,7 +218,7 @@ char *curl_version(void) /* Override version string when environment variable CURL_VERSION is set */ const char *debugversion = getenv("CURL_VERSION"); if(debugversion) { - msnprintf(out, sizeof(out), "%s", debugversion); + curl_msnprintf(out, sizeof(out), "%s", debugversion); return out; } #endif @@ -230,7 +229,7 @@ char *curl_version(void) src[i++] = ssl_version; #endif #ifdef HAVE_LIBZ - msnprintf(z_version, sizeof(z_version), "zlib/%s", zlibVersion()); + curl_msnprintf(z_version, sizeof(z_version), "zlib/%s", zlibVersion()); src[i++] = z_version; #endif #ifdef HAVE_BROTLI @@ -242,8 +241,8 @@ char *curl_version(void) src[i++] = zstd_ver; #endif #ifdef USE_ARES - msnprintf(cares_version, sizeof(cares_version), - "c-ares/%s", ares_version(NULL)); + curl_msnprintf(cares_version, sizeof(cares_version), + "c-ares/%s", ares_version(NULL)); src[i++] = cares_version; #endif #ifdef USE_IDN @@ -271,8 +270,8 @@ char *curl_version(void) src[i++] = rtmp_version; #endif #ifdef USE_GSASL - msnprintf(gsasl_buf, sizeof(gsasl_buf), "libgsasl/%s", - gsasl_check_version(NULL)); + curl_msnprintf(gsasl_buf, sizeof(gsasl_buf), "libgsasl/%s", + gsasl_check_version(NULL)); src[i++] = gsasl_buf; #endif #ifdef USE_OPENLDAP diff --git a/lib/vquic/.checksrc b/lib/vquic/.checksrc deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index 4c7a7857b5..3a301f1b71 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -72,8 +72,7 @@ #include "../curlx/warnless.h" -/* The last 3 #include files should be in this order */ -#include "../curl_printf.h" +/* The last 2 #include files should be in this order */ #include "../curl_memory.h" #include "../memdebug.h" @@ -111,8 +110,8 @@ void Curl_ngtcp2_ver(char *p, size_t len) { const ngtcp2_info *ng2 = ngtcp2_version(0); const nghttp3_info *ht3 = nghttp3_version(0); - (void)msnprintf(p, len, "ngtcp2/%s nghttp3/%s", - ng2->version_str, ht3->version_str); + (void)curl_msnprintf(p, len, "ngtcp2/%s nghttp3/%s", + ng2->version_str, ht3->version_str); } struct cf_ngtcp2_ctx { @@ -389,9 +388,9 @@ static void quic_printf(void *user_data, const char *fmt, ...) (void)ctx; /* need an easy handle to infof() message */ va_list ap; va_start(ap, fmt); - vfprintf(stderr, fmt, ap); + curl_mvfprintf(stderr, fmt, ap); va_end(ap); - fprintf(stderr, "\n"); + curl_mfprintf(stderr, "\n"); } #endif diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c index 351519d65a..0862d68844 100644 --- a/lib/vquic/curl_osslq.c +++ b/lib/vquic/curl_osslq.c @@ -58,8 +58,7 @@ #include "../curlx/warnless.h" #include "../curlx/strerr.h" -/* The last 3 #include files should be in this order */ -#include "../curl_printf.h" +/* The last 2 #include files should be in this order */ #include "../curl_memory.h" #include "../memdebug.h" @@ -511,9 +510,9 @@ static CURLcode cf_osslq_ssl_err(struct Curl_cfilter *cf, lerr = SSL_get_verify_result(ctx->tls.ossl.ssl); if(lerr != X509_V_OK) { ssl_config->certverifyresult = lerr; - msnprintf(ebuf, sizeof(ebuf), - "SSL certificate problem: %s", - X509_verify_cert_error_string(lerr)); + curl_msnprintf(ebuf, sizeof(ebuf), + "SSL certificate problem: %s", + X509_verify_cert_error_string(lerr)); } else err_descr = "SSL certificate verification failed"; @@ -867,8 +866,8 @@ static int cb_h3_recv_header(nghttp3_conn *conn, int64_t sid, (const char *)h3val.base, h3val.len); if(result) return -1; - ncopy = msnprintf(line, sizeof(line), "HTTP/3 %03d \r\n", - stream->status_code); + ncopy = curl_msnprintf(line, sizeof(line), "HTTP/3 %03d \r\n", + stream->status_code); CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] status: %s", stream_id, line); result = write_resp_raw(cf, data, line, ncopy, FALSE); if(result) { @@ -2465,7 +2464,7 @@ bool Curl_conn_is_osslq(const struct Curl_easy *data, void Curl_osslq_ver(char *p, size_t len) { const nghttp3_info *ht3 = nghttp3_version(0); - (void)msnprintf(p, len, "nghttp3/%s", ht3->version_str); + (void)curl_msnprintf(p, len, "nghttp3/%s", ht3->version_str); } #endif /* !CURL_DISABLE_HTTP && USE_OPENSSL_QUIC && USE_NGHTTP3 */ diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c index da67819abb..f5fd20fccb 100644 --- a/lib/vquic/curl_quiche.c +++ b/lib/vquic/curl_quiche.c @@ -52,8 +52,7 @@ #include "../vtls/keylog.h" #include "../vtls/vtls.h" -/* The last 3 #include files should be in this order */ -#include "../curl_printf.h" +/* The last 2 #include files should be in this order */ #include "../curl_memory.h" #include "../memdebug.h" @@ -80,7 +79,7 @@ */ void Curl_quiche_ver(char *p, size_t len) { - (void)msnprintf(p, len, "quiche/%s", quiche_version()); + (void)curl_msnprintf(p, len, "quiche/%s", quiche_version()); } struct cf_quiche_ctx { @@ -109,7 +108,7 @@ static int debug_log_init = 0; static void quiche_debug_log(const char *line, void *argp) { (void)argp; - fprintf(stderr, "%s\n", line); + curl_mfprintf(stderr, "%s\n", line); } #endif diff --git a/lib/vquic/vquic-tls.c b/lib/vquic/vquic-tls.c index 6576c5cd45..fa89c0b809 100644 --- a/lib/vquic/vquic-tls.c +++ b/lib/vquic/vquic-tls.c @@ -53,8 +53,7 @@ #include "../vtls/vtls_scache.h" #include "vquic-tls.h" -/* The last 3 #include files should be in this order */ -#include "../curl_printf.h" +/* The last 2 #include files should be in this order */ #include "../curl_memory.h" #include "../memdebug.h" diff --git a/lib/vquic/vquic.c b/lib/vquic/vquic.c index d7ed7927be..f722c7e127 100644 --- a/lib/vquic/vquic.c +++ b/lib/vquic/vquic.c @@ -46,8 +46,7 @@ #include "../curlx/strerr.h" #include "../curlx/strparse.h" -/* The last 3 #include files should be in this order */ -#include "../curl_printf.h" +/* The last 2 #include files should be in this order */ #include "../curl_memory.h" #include "../memdebug.h" @@ -675,7 +674,7 @@ CURLcode Curl_qlogdir(struct Curl_easy *data, result = curlx_dyn_add(&fname, "/"); for(i = 0; (i < scidlen) && !result; i++) { char hex[3]; - msnprintf(hex, 3, "%02x", scid[i]); + curl_msnprintf(hex, 3, "%02x", scid[i]); result = curlx_dyn_add(&fname, hex); } if(!result) diff --git a/lib/vssh/.checksrc b/lib/vssh/.checksrc deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c index 0f51137e8c..78d7986a9e 100644 --- a/lib/vssh/libssh.c +++ b/lib/vssh/libssh.c @@ -76,8 +76,7 @@ #include #endif -/* The last 3 #include files should be in this order */ -#include "../curl_printf.h" +/* The last 2 #include files should be in this order */ #include "../curl_memory.h" #include "../memdebug.h" @@ -358,7 +357,7 @@ static int myssh_is_known(struct Curl_easy *data, struct ssh_conn *sshc) } for(i = 0; i < 16; i++) - msnprintf(&md5buffer[i*2], 3, "%02x", (unsigned char)hash[i]); + curl_msnprintf(&md5buffer[i*2], 3, "%02x", (unsigned char)hash[i]); infof(data, "SSH MD5 fingerprint: %s", md5buffer); @@ -602,7 +601,7 @@ static int myssh_in_SFTP_READDIR(struct Curl_easy *data, if(data->set.list_only) { char *tmpLine; - tmpLine = aprintf("%s\n", sshc->readdir_filename); + tmpLine = curl_maprintf("%s\n", sshc->readdir_filename); if(!tmpLine) { myssh_to(data, sshc, SSH_SFTP_CLOSE); sshc->actualcode = CURLE_OUT_OF_MEMORY; @@ -628,8 +627,8 @@ static int myssh_in_SFTP_READDIR(struct Curl_easy *data, if((sshc->readdir_attrs->flags & SSH_FILEXFER_ATTR_PERMISSIONS) && ((sshc->readdir_attrs->permissions & SSH_S_IFMT) == SSH_S_IFLNK)) { - sshc->readdir_linkPath = aprintf("%s%s", sshp->path, - sshc->readdir_filename); + sshc->readdir_linkPath = curl_maprintf("%s%s", sshp->path, + sshc->readdir_filename); if(!sshc->readdir_linkPath) { myssh_to(data, sshc, SSH_SFTP_CLOSE); @@ -766,24 +765,24 @@ static int myssh_in_SFTP_QUOTE_STATVFS(struct Curl_easy *data, #define CURL_LIBSSH_VFS_SIZE_MASK PRIu64 #endif CURLcode result = CURLE_OK; - char *tmp = aprintf("statvfs:\n" - "f_bsize: %" CURL_LIBSSH_VFS_SIZE_MASK "\n" - "f_frsize: %" CURL_LIBSSH_VFS_SIZE_MASK "\n" - "f_blocks: %" CURL_LIBSSH_VFS_SIZE_MASK "\n" - "f_bfree: %" CURL_LIBSSH_VFS_SIZE_MASK "\n" - "f_bavail: %" CURL_LIBSSH_VFS_SIZE_MASK "\n" - "f_files: %" CURL_LIBSSH_VFS_SIZE_MASK "\n" - "f_ffree: %" CURL_LIBSSH_VFS_SIZE_MASK "\n" - "f_favail: %" CURL_LIBSSH_VFS_SIZE_MASK "\n" - "f_fsid: %" CURL_LIBSSH_VFS_SIZE_MASK "\n" - "f_flag: %" CURL_LIBSSH_VFS_SIZE_MASK "\n" - "f_namemax: %" CURL_LIBSSH_VFS_SIZE_MASK "\n", - statvfs->f_bsize, statvfs->f_frsize, - statvfs->f_blocks, statvfs->f_bfree, - statvfs->f_bavail, statvfs->f_files, - statvfs->f_ffree, statvfs->f_favail, - statvfs->f_fsid, statvfs->f_flag, - statvfs->f_namemax); + char *tmp = curl_maprintf("statvfs:\n" + "f_bsize: %" CURL_LIBSSH_VFS_SIZE_MASK "\n" + "f_frsize: %" CURL_LIBSSH_VFS_SIZE_MASK "\n" + "f_blocks: %" CURL_LIBSSH_VFS_SIZE_MASK "\n" + "f_bfree: %" CURL_LIBSSH_VFS_SIZE_MASK "\n" + "f_bavail: %" CURL_LIBSSH_VFS_SIZE_MASK "\n" + "f_files: %" CURL_LIBSSH_VFS_SIZE_MASK "\n" + "f_ffree: %" CURL_LIBSSH_VFS_SIZE_MASK "\n" + "f_favail: %" CURL_LIBSSH_VFS_SIZE_MASK "\n" + "f_fsid: %" CURL_LIBSSH_VFS_SIZE_MASK "\n" + "f_flag: %" CURL_LIBSSH_VFS_SIZE_MASK "\n" + "f_namemax: %" CURL_LIBSSH_VFS_SIZE_MASK "\n", + statvfs->f_bsize, statvfs->f_frsize, + statvfs->f_blocks, statvfs->f_bfree, + statvfs->f_bavail, statvfs->f_files, + statvfs->f_ffree, statvfs->f_favail, + statvfs->f_fsid, statvfs->f_flag, + statvfs->f_namemax); sftp_statvfs_free(statvfs); if(!tmp) @@ -1577,7 +1576,8 @@ static int myssh_in_SFTP_QUOTE(struct Curl_easy *data, if(curl_strequal("pwd", cmd)) { /* output debug output if that is requested */ - char *tmp = aprintf("257 \"%s\" is current directory.\n", sshp->path); + char *tmp = curl_maprintf("257 \"%s\" is current directory.\n", + sshp->path); if(!tmp) { sshc->actualcode = CURLE_OUT_OF_MEMORY; myssh_to(data, sshc, SSH_SFTP_CLOSE); @@ -2564,7 +2564,7 @@ static CURLcode myssh_connect(struct Curl_easy *data, bool *done) if(conn->bits.ipv6_ip) { char ipv6[MAX_IPADR_LEN]; - msnprintf(ipv6, sizeof(ipv6), "[%s]", conn->host.name); + curl_msnprintf(ipv6, sizeof(ipv6), "[%s]", conn->host.name); rc = ssh_options_set(sshc->ssh_session, SSH_OPTIONS_HOST, ipv6); } else @@ -3150,7 +3150,7 @@ static CURLcode sftp_recv(struct Curl_easy *data, int sockindex, CURLcode Curl_ssh_init(void) { if(ssh_init()) { - DEBUGF(fprintf(stderr, "Error: libssh_init failed\n")); + DEBUGF(curl_mfprintf(stderr, "Error: libssh_init failed\n")); return CURLE_FAILED_INIT; } return CURLE_OK; @@ -3163,7 +3163,7 @@ void Curl_ssh_cleanup(void) void Curl_ssh_version(char *buffer, size_t buflen) { - (void)msnprintf(buffer, buflen, "libssh/%s", ssh_version(0)); + (void)curl_msnprintf(buffer, buflen, "libssh/%s", ssh_version(0)); } #endif /* USE_LIBSSH */ diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c index 390602b35a..8ad263e7f3 100644 --- a/lib/vssh/libssh2.c +++ b/lib/vssh/libssh2.c @@ -71,8 +71,7 @@ #include "../curlx/base64.h" /* for base64 encoding/decoding */ #include "../curl_sha256.h" -/* The last 3 #include files should be in this order */ -#include "../curl_printf.h" +/* The last 2 #include files should be in this order */ #include "../curl_memory.h" #include "../memdebug.h" @@ -174,11 +173,11 @@ kbd_callback(const char *name, int name_len, const char *instruction, struct Curl_easy *data = (struct Curl_easy *)*abstract; #ifdef CURL_LIBSSH2_DEBUG - fprintf(stderr, "name=%s\n", name); - fprintf(stderr, "name_len=%d\n", name_len); - fprintf(stderr, "instruction=%s\n", instruction); - fprintf(stderr, "instruction_len=%d\n", instruction_len); - fprintf(stderr, "num_prompts=%d\n", num_prompts); + curl_mfprintf(stderr, "name=%s\n", name); + curl_mfprintf(stderr, "name_len=%d\n", name_len); + curl_mfprintf(stderr, "instruction=%s\n", instruction); + curl_mfprintf(stderr, "instruction_len=%d\n", instruction_len); + curl_mfprintf(stderr, "num_prompts=%d\n", num_prompts); #else (void)name; (void)name_len; @@ -662,7 +661,8 @@ static CURLcode ssh_check_fingerprint(struct Curl_easy *data, /* The fingerprint points to static storage (!), do not free() it. */ int i; for(i = 0; i < 16; i++) { - msnprintf(&md5buffer[i*2], 3, "%02x", (unsigned char) fingerprint[i]); + curl_msnprintf(&md5buffer[i*2], 3, "%02x", + (unsigned char)fingerprint[i]); } infof(data, "SSH MD5 fingerprint: %s", md5buffer); @@ -871,7 +871,8 @@ static CURLcode sftp_quote(struct Curl_easy *data, if(curl_strequal("pwd", cmd)) { /* output debug output if that is requested */ - char *tmp = aprintf("257 \"%s\" is current directory.\n", sshp->path); + char *tmp = curl_maprintf("257 \"%s\" is current directory.\n", + sshp->path); if(!tmp) return CURLE_OUT_OF_MEMORY; Curl_debug(data, CURLINFO_HEADER_OUT, "PWD\n", 4); @@ -1193,12 +1194,12 @@ static CURLcode ssh_state_pkey_init(struct Curl_easy *data, /* If no private key file is specified, try some common paths. */ if(home) { /* Try ~/.ssh first. */ - sshc->rsa = aprintf("%s/.ssh/id_rsa", home); + sshc->rsa = curl_maprintf("%s/.ssh/id_rsa", home); if(!sshc->rsa) out_of_memory = TRUE; else if(curlx_stat(sshc->rsa, &sbuf)) { free(sshc->rsa); - sshc->rsa = aprintf("%s/.ssh/id_dsa", home); + sshc->rsa = curl_maprintf("%s/.ssh/id_dsa", home); if(!sshc->rsa) out_of_memory = TRUE; else if(curlx_stat(sshc->rsa, &sbuf)) { @@ -2234,24 +2235,24 @@ static CURLcode ssh_state_sftp_quote_statvfs(struct Curl_easy *data, #define CURL_LIBSSH2_VFS_SIZE_MASK "llu" #endif CURLcode result; - char *tmp = aprintf("statvfs:\n" - "f_bsize: %" CURL_LIBSSH2_VFS_SIZE_MASK "\n" - "f_frsize: %" CURL_LIBSSH2_VFS_SIZE_MASK "\n" - "f_blocks: %" CURL_LIBSSH2_VFS_SIZE_MASK "\n" - "f_bfree: %" CURL_LIBSSH2_VFS_SIZE_MASK "\n" - "f_bavail: %" CURL_LIBSSH2_VFS_SIZE_MASK "\n" - "f_files: %" CURL_LIBSSH2_VFS_SIZE_MASK "\n" - "f_ffree: %" CURL_LIBSSH2_VFS_SIZE_MASK "\n" - "f_favail: %" CURL_LIBSSH2_VFS_SIZE_MASK "\n" - "f_fsid: %" CURL_LIBSSH2_VFS_SIZE_MASK "\n" - "f_flag: %" CURL_LIBSSH2_VFS_SIZE_MASK "\n" - "f_namemax: %" CURL_LIBSSH2_VFS_SIZE_MASK "\n", - statvfs.f_bsize, statvfs.f_frsize, - statvfs.f_blocks, statvfs.f_bfree, - statvfs.f_bavail, statvfs.f_files, - statvfs.f_ffree, statvfs.f_favail, - statvfs.f_fsid, statvfs.f_flag, - statvfs.f_namemax); + char *tmp = curl_maprintf("statvfs:\n" + "f_bsize: %" CURL_LIBSSH2_VFS_SIZE_MASK "\n" + "f_frsize: %" CURL_LIBSSH2_VFS_SIZE_MASK "\n" + "f_blocks: %" CURL_LIBSSH2_VFS_SIZE_MASK "\n" + "f_bfree: %" CURL_LIBSSH2_VFS_SIZE_MASK "\n" + "f_bavail: %" CURL_LIBSSH2_VFS_SIZE_MASK "\n" + "f_files: %" CURL_LIBSSH2_VFS_SIZE_MASK "\n" + "f_ffree: %" CURL_LIBSSH2_VFS_SIZE_MASK "\n" + "f_favail: %" CURL_LIBSSH2_VFS_SIZE_MASK "\n" + "f_fsid: %" CURL_LIBSSH2_VFS_SIZE_MASK "\n" + "f_flag: %" CURL_LIBSSH2_VFS_SIZE_MASK "\n" + "f_namemax: %" CURL_LIBSSH2_VFS_SIZE_MASK "\n", + statvfs.f_bsize, statvfs.f_frsize, + statvfs.f_blocks, statvfs.f_bfree, + statvfs.f_bavail, statvfs.f_files, + statvfs.f_ffree, statvfs.f_favail, + statvfs.f_fsid, statvfs.f_flag, + statvfs.f_namemax); if(!tmp) { myssh_state(data, sshc, SSH_SFTP_CLOSE); sshc->nextstate = SSH_NO_STATE; @@ -3974,7 +3975,7 @@ static const char *sftp_libssh2_strerror(unsigned long err) CURLcode Curl_ssh_init(void) { if(libssh2_init(0)) { - DEBUGF(fprintf(stderr, "Error: libssh2_init failed\n")); + DEBUGF(curl_mfprintf(stderr, "Error: libssh2_init failed\n")); return CURLE_FAILED_INIT; } return CURLE_OK; @@ -3987,7 +3988,7 @@ void Curl_ssh_cleanup(void) void Curl_ssh_version(char *buffer, size_t buflen) { - (void)msnprintf(buffer, buflen, "libssh2/%s", libssh2_version(0)); + (void)curl_msnprintf(buffer, buflen, "libssh2/%s", libssh2_version(0)); } /* The SSH session is associated with the *CONNECTION* but the callback user diff --git a/lib/vtls/.checksrc b/lib/vtls/.checksrc deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/lib/vtls/cipher_suite.c b/lib/vtls/cipher_suite.c index 4bf60c1a4a..23fb3a3c5d 100644 --- a/lib/vtls/cipher_suite.c +++ b/lib/vtls/cipher_suite.c @@ -25,7 +25,6 @@ #if defined(USE_MBEDTLS) || defined(USE_RUSTLS) #include "cipher_suite.h" -#include "../curl_printf.h" #include /* @@ -630,9 +629,9 @@ static int cs_zip_to_str(const uint8_t zip[6], /* append the part string to the buffer */ if(i > 0) - r = msnprintf(&buf[len], buf_size - len, "%c%s", separator, entry); + r = curl_msnprintf(&buf[len], buf_size - len, "%c%s", separator, entry); else - r = msnprintf(&buf[len], buf_size - len, "%s", entry); + r = curl_msnprintf(&buf[len], buf_size - len, "%s", entry); if(r < 0) return -1; @@ -703,7 +702,7 @@ int Curl_cipher_suite_get_str(uint16_t id, char *buf, size_t buf_size, r = cs_zip_to_str(cs_list[j].zip, buf, buf_size); if(r < 0) - msnprintf(buf, buf_size, "TLS_UNKNOWN_0x%04x", id); + curl_msnprintf(buf, buf_size, "TLS_UNKNOWN_0x%04x", id); return r; } diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index 3d69ab1d1c..43edbd57ad 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -59,7 +59,6 @@ #include "../curlx/warnless.h" #include "x509asn1.h" #include "../multiif.h" -#include "../curl_printf.h" #include "../curl_memory.h" /* The last #include file should be: */ #include "../memdebug.h" @@ -70,7 +69,7 @@ #ifdef GTLSDEBUG static void tls_log_func(int level, const char *str) { - fprintf(stderr, "|<%d>| %s", level, str); + curl_mfprintf(stderr, "|<%d>| %s", level, str); } #endif static bool gtls_inited = FALSE; @@ -191,17 +190,17 @@ static void showtime(struct Curl_easy *data, if(result) return; - msnprintf(str, - sizeof(str), - " %s: %s, %02d %s %4d %02d:%02d:%02d GMT", - text, - Curl_wkday[tm->tm_wday ? tm->tm_wday-1 : 6], - tm->tm_mday, - Curl_month[tm->tm_mon], - tm->tm_year + 1900, - tm->tm_hour, - tm->tm_min, - tm->tm_sec); + curl_msnprintf(str, + sizeof(str), + " %s: %s, %02d %s %4d %02d:%02d:%02d GMT", + text, + Curl_wkday[tm->tm_wday ? tm->tm_wday-1 : 6], + tm->tm_mday, + Curl_month[tm->tm_mon], + tm->tm_year + 1900, + tm->tm_hour, + tm->tm_min, + tm->tm_sec); infof(data, "%s", str); } #endif @@ -2272,7 +2271,7 @@ out: size_t Curl_gtls_version(char *buffer, size_t size) { - return msnprintf(buffer, size, "GnuTLS/%s", gnutls_check_version(NULL)); + return curl_msnprintf(buffer, size, "GnuTLS/%s", gnutls_check_version(NULL)); } /* data might be NULL! */ diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c index aa7e8d67ef..3ff131b441 100644 --- a/lib/vtls/mbedtls.c +++ b/lib/vtls/mbedtls.c @@ -67,8 +67,7 @@ #include "mbedtls_threadlock.h" #include "../strdup.h" -/* The last 3 #include files should be in this order */ -#include "../curl_printf.h" +/* The last 2 #include files should be in this order */ #include "../curl_memory.h" #include "../memdebug.h" @@ -307,7 +306,7 @@ mbed_cipher_suite_get_str(uint16_t id, char *buf, size_t buf_size, bool prefer_rfc) { if(id == MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8) - msnprintf(buf, buf_size, "%s", "TLS_ECJPAKE_WITH_AES_128_CCM_8"); + curl_msnprintf(buf, buf_size, "%s", "TLS_ECJPAKE_WITH_AES_128_CCM_8"); else return Curl_cipher_suite_get_str(id, buf, buf_size, prefer_rfc); return 0; @@ -1336,10 +1335,10 @@ static size_t mbedtls_version(char *buffer, size_t size) #ifdef MBEDTLS_VERSION_C /* if mbedtls_version_get_number() is available it is better */ unsigned int version = mbedtls_version_get_number(); - return msnprintf(buffer, size, "mbedTLS/%u.%u.%u", version >> 24, - (version >> 16) & 0xff, (version >> 8) & 0xff); + return curl_msnprintf(buffer, size, "mbedTLS/%u.%u.%u", version >> 24, + (version >> 16) & 0xff, (version >> 8) & 0xff); #else - return msnprintf(buffer, size, "mbedTLS/%s", MBEDTLS_VERSION_STRING); + return curl_msnprintf(buffer, size, "mbedTLS/%s", MBEDTLS_VERSION_STRING); #endif } diff --git a/lib/vtls/mbedtls_threadlock.c b/lib/vtls/mbedtls_threadlock.c index 682c221852..ed70308b73 100644 --- a/lib/vtls/mbedtls_threadlock.c +++ b/lib/vtls/mbedtls_threadlock.c @@ -36,9 +36,9 @@ #endif #include "mbedtls_threadlock.h" -#include "../curl_printf.h" + +/* The last 2 #include files should be: */ #include "../curl_memory.h" -/* The last #include file should be: */ #include "../memdebug.h" /* number of thread locks */ @@ -96,14 +96,14 @@ int Curl_mbedtlsthreadlock_lock_function(int n) if(n < NUMT) { #if defined(USE_THREADS_POSIX) && defined(HAVE_PTHREAD_H) if(pthread_mutex_lock(&mutex_buf[n])) { - DEBUGF(fprintf(stderr, - "Error: mbedtlsthreadlock_lock_function failed\n")); + DEBUGF(curl_mfprintf(stderr, "Error: " + "mbedtlsthreadlock_lock_function failed\n")); return 0; /* pthread_mutex_lock failed */ } #elif defined(_WIN32) if(WaitForSingleObject(mutex_buf[n], INFINITE) == WAIT_FAILED) { - DEBUGF(fprintf(stderr, - "Error: mbedtlsthreadlock_lock_function failed\n")); + DEBUGF(curl_mfprintf(stderr, "Error: " + "mbedtlsthreadlock_lock_function failed\n")); return 0; /* pthread_mutex_lock failed */ } #endif /* USE_THREADS_POSIX && HAVE_PTHREAD_H */ @@ -116,14 +116,14 @@ int Curl_mbedtlsthreadlock_unlock_function(int n) if(n < NUMT) { #if defined(USE_THREADS_POSIX) && defined(HAVE_PTHREAD_H) if(pthread_mutex_unlock(&mutex_buf[n])) { - DEBUGF(fprintf(stderr, - "Error: mbedtlsthreadlock_unlock_function failed\n")); + DEBUGF(curl_mfprintf(stderr, "Error: " + "mbedtlsthreadlock_unlock_function failed\n")); return 0; /* pthread_mutex_unlock failed */ } #elif defined(_WIN32) if(!ReleaseMutex(mutex_buf[n])) { - DEBUGF(fprintf(stderr, - "Error: mbedtlsthreadlock_unlock_function failed\n")); + DEBUGF(curl_mfprintf(stderr, "Error: " + "mbedtlsthreadlock_unlock_function failed\n")); return 0; /* pthread_mutex_lock failed */ } #endif /* USE_THREADS_POSIX && HAVE_PTHREAD_H */ diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 409c9c0946..3145d4d203 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -66,7 +66,6 @@ #include "../curlx/strerr.h" #include "../curlx/strparse.h" #include "../strdup.h" -#include "../curl_printf.h" #include "apple.h" #include @@ -274,7 +273,7 @@ static CURLcode pubkey_show(struct Curl_easy *data, { char namebuf[32]; - msnprintf(namebuf, sizeof(namebuf), "%s(%s)", type, name); + curl_msnprintf(namebuf, sizeof(namebuf), "%s(%s)", type, name); if(bn) BN_print(mem, bn); @@ -2803,7 +2802,7 @@ static void ossl_trace(int direction, int ssl_ver, int content_type, case 0: break; default: - msnprintf(unknown, sizeof(unknown), "(%x)", ssl_ver); + curl_msnprintf(unknown, sizeof(unknown), "(%x)", ssl_ver); verstr = unknown; break; } @@ -2850,10 +2849,10 @@ static void ossl_trace(int direction, int ssl_ver, int content_type, msg_name = ssl_msg_type(ssl_ver, msg_type); } - txt_len = msnprintf(ssl_buf, sizeof(ssl_buf), - "%s (%s), %s, %s (%d):\n", - verstr, direction ? "OUT" : "IN", - tls_rt_name, msg_name, msg_type); + txt_len = curl_msnprintf(ssl_buf, sizeof(ssl_buf), + "%s (%s), %s, %s (%d):\n", + verstr, direction ? "OUT" : "IN", + tls_rt_name, msg_name, msg_type); Curl_debug(data, CURLINFO_TEXT, ssl_buf, (size_t)txt_len); } @@ -4866,7 +4865,8 @@ static void infof_certstack(struct Curl_easy *data, const SSL *ssl) char group_name[80] = ""; get_group_name = EVP_PKEY_get_group_name(current_pkey, group_name, sizeof(group_name), NULL); - msnprintf(group_name_final, sizeof(group_name_final), "/%s", group_name); + curl_msnprintf(group_name_final, sizeof(group_name_final), "/%s", + group_name); } type_name = current_pkey ? EVP_PKEY_get0_type_name(current_pkey) : NULL; #else @@ -5278,8 +5278,8 @@ static CURLcode ossl_send_earlydata(struct Curl_cfilter *cf, else if(sockerr) curlx_strerror(sockerr, error_buffer, sizeof(error_buffer)); else - msnprintf(error_buffer, sizeof(error_buffer), "%s", - SSL_ERROR_to_str(err)); + curl_msnprintf(error_buffer, sizeof(error_buffer), "%s", + SSL_ERROR_to_str(err)); failf(data, OSSL_PACKAGE " SSL_write:early_data: %s, errno %d", error_buffer, sockerr); @@ -5464,8 +5464,8 @@ static CURLcode ossl_send(struct Curl_cfilter *cf, else if(sockerr) curlx_strerror(sockerr, error_buffer, sizeof(error_buffer)); else - msnprintf(error_buffer, sizeof(error_buffer), "%s", - SSL_ERROR_to_str(err)); + curl_msnprintf(error_buffer, sizeof(error_buffer), "%s", + SSL_ERROR_to_str(err)); failf(data, OSSL_PACKAGE " SSL_write: %s, errno %d", error_buffer, sockerr); @@ -5561,8 +5561,8 @@ static CURLcode ossl_recv(struct Curl_cfilter *cf, else if(sockerr && err == SSL_ERROR_SYSCALL) curlx_strerror(sockerr, error_buffer, sizeof(error_buffer)); else - msnprintf(error_buffer, sizeof(error_buffer), "%s", - SSL_ERROR_to_str(err)); + curl_msnprintf(error_buffer, sizeof(error_buffer), "%s", + SSL_ERROR_to_str(err)); failf(data, OSSL_PACKAGE " SSL_read: %s, errno %d", error_buffer, sockerr); result = CURLE_RECV_ERROR; @@ -5584,8 +5584,8 @@ static CURLcode ossl_recv(struct Curl_cfilter *cf, if(sockerr) curlx_strerror(sockerr, error_buffer, sizeof(error_buffer)); else { - msnprintf(error_buffer, sizeof(error_buffer), - "Connection closed abruptly"); + curl_msnprintf(error_buffer, sizeof(error_buffer), + "Connection closed abruptly"); } failf(data, OSSL_PACKAGE " SSL_read: %s, errno %d", error_buffer, sockerr); @@ -5705,7 +5705,7 @@ size_t Curl_ossl_version(char *buffer, size_t size) if(curl_strnequal(ver, expected, sizeof(expected) - 1)) { ver += sizeof(expected) - 1; } - count = msnprintf(buffer, size, "%s/%s", OSSL_PACKAGE, ver); + count = curl_msnprintf(buffer, size, "%s/%s", OSSL_PACKAGE, ver); for(p = buffer; *p; ++p) { if(ISBLANK(*p)) *p = '_'; @@ -5713,17 +5713,17 @@ size_t Curl_ossl_version(char *buffer, size_t size) return count; #elif defined(OPENSSL_IS_BORINGSSL) #ifdef CURL_BORINGSSL_VERSION - return msnprintf(buffer, size, "%s/%s", - OSSL_PACKAGE, CURL_BORINGSSL_VERSION); + return curl_msnprintf(buffer, size, "%s/%s", + OSSL_PACKAGE, CURL_BORINGSSL_VERSION); #else - return msnprintf(buffer, size, OSSL_PACKAGE); + return curl_msnprintf(buffer, size, OSSL_PACKAGE); #endif #elif defined(OPENSSL_IS_AWSLC) - return msnprintf(buffer, size, "%s/%s", - OSSL_PACKAGE, AWSLC_VERSION_NUMBER_STRING); + return curl_msnprintf(buffer, size, "%s/%s", + OSSL_PACKAGE, AWSLC_VERSION_NUMBER_STRING); #elif defined(OPENSSL_VERSION_STRING) /* OpenSSL 3+ */ - return msnprintf(buffer, size, "%s/%s", - OSSL_PACKAGE, OpenSSL_version(OPENSSL_VERSION_STRING)); + return curl_msnprintf(buffer, size, "%s/%s", + OSSL_PACKAGE, OpenSSL_version(OPENSSL_VERSION_STRING)); #else /* not LibreSSL, BoringSSL and not using OpenSSL_version */ @@ -5746,16 +5746,16 @@ size_t Curl_ossl_version(char *buffer, size_t size) else sub[0]='\0'; - return msnprintf(buffer, size, "%s/%lx.%lx.%lx%s" + return curl_msnprintf(buffer, size, "%s/%lx.%lx.%lx%s" #ifdef OPENSSL_FIPS - "-fips" + "-fips" #endif - , - OSSL_PACKAGE, - (ssleay_value >> 28) & 0xf, - (ssleay_value >> 20) & 0xff, - (ssleay_value >> 12) & 0xff, - sub); + , + OSSL_PACKAGE, + (ssleay_value >> 28) & 0xf, + (ssleay_value >> 20) & 0xff, + (ssleay_value >> 12) & 0xff, + sub); #endif } diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c index ce7a4d5c9d..a3ab49a101 100644 --- a/lib/vtls/rustls.c +++ b/lib/vtls/rustls.c @@ -28,8 +28,6 @@ #ifdef USE_RUSTLS -#include "../curl_printf.h" - #include #include "../curlx/fopen.h" @@ -520,7 +518,7 @@ cr_keylog_log_cb(struct rustls_str label, (void)client_random_len; DEBUGASSERT(client_random_len == CLIENT_RANDOM_SIZE); /* Turning a "rustls_str" into a null delimited "c" string */ - msnprintf(clabel, label.len + 1, "%.*s", (int)label.len, label.data); + curl_msnprintf(clabel, label.len + 1, "%.*s", (int)label.len, label.data); Curl_tls_keylog_write(clabel, client_random, secret, secret_len); } @@ -1389,7 +1387,7 @@ cr_close(struct Curl_cfilter *cf, struct Curl_easy *data) static size_t cr_version(char *buffer, size_t size) { const struct rustls_str ver = rustls_version(); - return msnprintf(buffer, size, "%.*s", (int)ver.len, ver.data); + return curl_msnprintf(buffer, size, "%.*s", (int)ver.len, ver.data); } static CURLcode diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index c0e96c93bf..ae5834d843 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -52,7 +52,6 @@ #include "../curlx/multibyte.h" #include "../curlx/warnless.h" #include "x509asn1.h" -#include "../curl_printf.h" #include "../multiif.h" #include "../system_win32.h" #include "../curlx/version_win32.h" @@ -110,8 +109,8 @@ #define CERT_THUMBPRINT_DATA_LEN 20 /* Uncomment to force verbose output - * #define infof(x, y, ...) printf(y, __VA_ARGS__) - * #define failf(x, y, ...) printf(y, __VA_ARGS__) + * #define infof(x, y, ...) curl_mprintf(y, __VA_ARGS__) + * #define failf(x, y, ...) curl_mprintf(y, __VA_ARGS__) */ /* Offered when targeting Vista (XP SP2+) */ @@ -2586,7 +2585,7 @@ static void schannel_cleanup(void) static size_t schannel_version(char *buffer, size_t size) { - return msnprintf(buffer, size, "Schannel"); + return curl_msnprintf(buffer, size, "Schannel"); } static CURLcode schannel_random(struct Curl_easy *data, diff --git a/lib/vtls/schannel_verify.c b/lib/vtls/schannel_verify.c index f73d758ba1..e64a113ff2 100644 --- a/lib/vtls/schannel_verify.c +++ b/lib/vtls/schannel_verify.c @@ -46,7 +46,6 @@ #include "../strerror.h" #include "../curlx/winapi.h" #include "../curlx/multibyte.h" -#include "../curl_printf.h" #include "hostcheck.h" #include "../curlx/version_win32.h" diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c index ccd567cd86..b715dab035 100644 --- a/lib/vtls/vtls.c +++ b/lib/vtls/vtls.c @@ -71,7 +71,6 @@ #include "../curl_sha256.h" #include "../curlx/warnless.h" #include "../curlx/base64.h" -#include "../curl_printf.h" #include "../curlx/inet_pton.h" #include "../connect.h" #include "../select.h" @@ -1094,8 +1093,8 @@ static size_t multissl_version(char *buffer, size_t size) bool paren = (selected != available_backends[i]); if(available_backends[i]->version(vb, sizeof(vb))) { - p += msnprintf(p, end - p, "%s%s%s%s", (p != backends ? " " : ""), - (paren ? "(" : ""), vb, (paren ? ")" : "")); + p += curl_msnprintf(p, end - p, "%s%s%s%s", (p != backends ? " " : ""), + (paren ? "(" : ""), vb, (paren ? ")" : "")); } } diff --git a/lib/vtls/vtls_scache.c b/lib/vtls/vtls_scache.c index 16e3f0314f..763b474cfc 100644 --- a/lib/vtls/vtls_scache.c +++ b/lib/vtls/vtls_scache.c @@ -46,7 +46,6 @@ #include "../curl_sha256.h" #include "../rand.h" #include "../curlx/warnless.h" -#include "../curl_printf.h" #include "../strdup.h" /* The last #include files should be: */ diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c index ed02435676..6186ce985b 100644 --- a/lib/vtls/wolfssl.c +++ b/lib/vtls/wolfssl.c @@ -69,7 +69,6 @@ #include "../select.h" #include "../strdup.h" #include "x509asn1.h" -#include "../curl_printf.h" #include "../multiif.h" #include @@ -2056,9 +2055,9 @@ static CURLcode wssl_recv(struct Curl_cfilter *cf, size_t Curl_wssl_version(char *buffer, size_t size) { #if LIBWOLFSSL_VERSION_HEX >= 0x03006000 - return msnprintf(buffer, size, "wolfSSL/%s", wolfSSL_lib_version()); + return curl_msnprintf(buffer, size, "wolfSSL/%s", wolfSSL_lib_version()); #elif defined(WOLFSSL_VERSION) - return msnprintf(buffer, size, "wolfSSL/%s", WOLFSSL_VERSION); + return curl_msnprintf(buffer, size, "wolfSSL/%s", WOLFSSL_VERSION); #endif } diff --git a/lib/vtls/x509asn1.c b/lib/vtls/x509asn1.c index 96b7f5bd63..c5fc863515 100644 --- a/lib/vtls/x509asn1.c +++ b/lib/vtls/x509asn1.c @@ -49,8 +49,7 @@ #include "x509asn1.h" #include "../curlx/dynbuf.h" -/* The last 3 #include files should be in this order */ -#include "../curl_printf.h" +/* The last 2 #include files should be in this order */ #include "../curl_memory.h" #include "../memdebug.h" @@ -998,7 +997,7 @@ static int do_pubkey(struct Curl_easy *data, int certnum, infof(data, " ECC Public Key (%zu bits)", len); if(data->set.ssl.certinfo) { char q[sizeof(len) * 8 / 3 + 1]; - (void)msnprintf(q, sizeof(q), "%zu", len); + (void)curl_msnprintf(q, sizeof(q), "%zu", len); if(ssl_push_certinfo(data, certnum, "ECC Public Key", q)) return 1; } @@ -1033,7 +1032,7 @@ static int do_pubkey(struct Curl_easy *data, int certnum, infof(data, " RSA Public Key (%zu bits)", len); if(data->set.ssl.certinfo) { char r[sizeof(len) * 8 / 3 + 1]; - msnprintf(r, sizeof(r), "%zu", len); + curl_msnprintf(r, sizeof(r), "%zu", len); if(ssl_push_certinfo(data, certnum, "RSA Public Key", r)) return 1; } diff --git a/lib/ws.c b/lib/ws.c index 36c9c91f65..d3379c6502 100644 --- a/lib/ws.c +++ b/lib/ws.c @@ -42,8 +42,7 @@ #include "curlx/nonblock.h" #include "curlx/strparse.h" -/* The last 3 #include files should be in this order */ -#include "curl_printf.h" +/* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" diff --git a/packages/OS400/curlcl.c b/packages/OS400/curlcl.c index 02edcd63c0..ca497b351d 100644 --- a/packages/OS400/curlcl.c +++ b/packages/OS400/curlcl.c @@ -107,6 +107,7 @@ parse_command_line(const char *cmdargs, size_t len, } if(quote) { + /* !checksrc! disable BANNEDFUNC 1 */ fprintf(stderr, "Unterminated quote: %c\n", quote); return -1; } diff --git a/scripts/.checksrc b/scripts/.checksrc new file mode 100644 index 0000000000..84d62d2b75 --- /dev/null +++ b/scripts/.checksrc @@ -0,0 +1 @@ +allowfunc printf diff --git a/scripts/Makefile.am b/scripts/Makefile.am index a52581155d..da9b6b4b77 100644 --- a/scripts/Makefile.am +++ b/scripts/Makefile.am @@ -26,7 +26,7 @@ EXTRA_DIST = coverage.sh completion.pl firefox-db2pem.sh checksrc.pl checksrc-al mk-ca-bundle.pl mk-unity.pl schemetable.c cd2nroff nroff2cd cdall cd2cd managen \ dmaketgz maketgz release-tools.sh verify-release cmakelint.sh mdlinkcheck \ CMakeLists.txt perlcheck.sh pythonlint.sh randdisable wcurl top-complexity \ - extract-unit-protos + extract-unit-protos .checksrc dist_bin_SCRIPTS = wcurl diff --git a/scripts/checksrc.pl b/scripts/checksrc.pl index 017738ecdf..5a8c80ebfe 100755 --- a/scripts/checksrc.pl +++ b/scripts/checksrc.pl @@ -56,6 +56,14 @@ my %banfunc = ( "snprintf" => 1, "vsprintf" => 1, "vsnprintf" => 1, + "aprintf" => 1, + "fprintf" => 1, + "msnprintf" => 1, + "mvsnprintf" => 1, + "printf" => 1, + "vaprintf" => 1, + "vfprintf" => 1, + "vprintf" => 1, "sscanf" => 1, "strcat" => 1, "strerror" => 1, diff --git a/src/.checksrc b/src/.checksrc index 4a6b707084..946367c499 100644 --- a/src/.checksrc +++ b/src/.checksrc @@ -1,9 +1 @@ enable STDERR -banfunc aprintf -banfunc fprintf -banfunc msnprintf -banfunc mvsnprintf -banfunc printf -banfunc vaprintf -banfunc vfprintf -banfunc vprintf diff --git a/tests/cmake/test.c b/tests/cmake/test.c index 32f8826df0..72450eca63 100644 --- a/tests/cmake/test.c +++ b/tests/cmake/test.c @@ -27,6 +27,7 @@ int main(int argc, char **argv) { (void)argc; + /* !checksrc! disable BANNEDFUNC 1 */ printf("libcurl test: |%s|%s|\n", argv[0], curl_version()); return 0; } diff --git a/tests/libtest/.checksrc b/tests/libtest/.checksrc deleted file mode 100644 index a3f8f307e7..0000000000 --- a/tests/libtest/.checksrc +++ /dev/null @@ -1,8 +0,0 @@ -banfunc aprintf -banfunc fprintf -banfunc msnprintf -banfunc mvsnprintf -banfunc printf -banfunc vaprintf -banfunc vfprintf -banfunc vprintf diff --git a/tests/libtest/Makefile.am b/tests/libtest/Makefile.am index 482e09d098..b62a359eab 100644 --- a/tests/libtest/Makefile.am +++ b/tests/libtest/Makefile.am @@ -41,7 +41,7 @@ AM_CPPFLAGS = -I$(top_srcdir)/include \ # Get BUNDLE, FIRST_C, FIRST_H, UTILS_C, UTILS_H, CURLX_C, TESTS_C variables include Makefile.inc -EXTRA_DIST = CMakeLists.txt .checksrc $(FIRST_C) $(FIRST_H) $(UTILS_C) $(UTILS_H) $(TESTS_C) \ +EXTRA_DIST = CMakeLists.txt $(FIRST_C) $(FIRST_H) $(UTILS_C) $(UTILS_H) $(TESTS_C) \ test307.pl test610.pl test613.pl test1013.pl test1022.pl mk-lib1521.pl CFLAGS += @CURL_CFLAG_EXTRAS@ diff --git a/tests/server/.checksrc b/tests/server/.checksrc index d6506e1402..d4be12473a 100644 --- a/tests/server/.checksrc +++ b/tests/server/.checksrc @@ -1,9 +1,11 @@ allowfunc accept allowfunc fclose allowfunc fopen +allowfunc fprintf allowfunc freeaddrinfo allowfunc getaddrinfo allowfunc open +allowfunc printf allowfunc recv allowfunc send allowfunc snprintf diff --git a/tests/tunit/.checksrc b/tests/tunit/.checksrc deleted file mode 100644 index a3f8f307e7..0000000000 --- a/tests/tunit/.checksrc +++ /dev/null @@ -1,8 +0,0 @@ -banfunc aprintf -banfunc fprintf -banfunc msnprintf -banfunc mvsnprintf -banfunc printf -banfunc vaprintf -banfunc vfprintf -banfunc vprintf diff --git a/tests/tunit/Makefile.am b/tests/tunit/Makefile.am index fea9d51152..219b7a1057 100644 --- a/tests/tunit/Makefile.am +++ b/tests/tunit/Makefile.am @@ -43,7 +43,7 @@ AM_CPPFLAGS = -I$(top_srcdir)/include \ # Get BUNDLE, FIRST_C, TESTS_C variables include Makefile.inc -EXTRA_DIST = CMakeLists.txt .checksrc README.md $(TESTS_C) +EXTRA_DIST = CMakeLists.txt README.md $(TESTS_C) CFLAGS += @CURL_CFLAG_EXTRAS@ diff --git a/tests/unit/.checksrc b/tests/unit/.checksrc deleted file mode 100644 index a3f8f307e7..0000000000 --- a/tests/unit/.checksrc +++ /dev/null @@ -1,8 +0,0 @@ -banfunc aprintf -banfunc fprintf -banfunc msnprintf -banfunc mvsnprintf -banfunc printf -banfunc vaprintf -banfunc vfprintf -banfunc vprintf diff --git a/tests/unit/Makefile.am b/tests/unit/Makefile.am index 1e9940f48a..32c2f38955 100644 --- a/tests/unit/Makefile.am +++ b/tests/unit/Makefile.am @@ -42,7 +42,7 @@ AM_CPPFLAGS = -I$(top_srcdir)/include \ # Get BUNDLE, FIRST_C, TESTS_C variables include Makefile.inc -EXTRA_DIST = CMakeLists.txt .checksrc README.md $(TESTS_C) +EXTRA_DIST = CMakeLists.txt README.md $(TESTS_C) CFLAGS += @CURL_CFLAG_EXTRAS@ From 6f0e212f6e2746005fe63aab81f04d479bb8d01b Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 29 Sep 2025 12:36:14 +0200 Subject: [PATCH 0312/2408] tidy-up: miscellaneous (cont.) - examples: replace magic numbers with `sizeof()`. - typos: drop rules no longer needed after excluding tests/data. - typos: move an exception inline. - alpha-sort lists. - fix indentation, whitespace. Closes #18898 --- .github/scripts/typos.toml | 11 ++++------- .github/workflows/label.yml | 1 + configure.ac | 2 +- docs/examples/multi-event.c | 2 +- docs/examples/multi-uv.c | 2 +- lib/amigaos.c | 4 ++-- lib/cf-ip-happy.c | 6 +++--- lib/curl_trc.c | 1 + lib/rtsp.c | 2 +- lib/vauth/digest_sspi.c | 2 +- lib/vauth/ntlm_sspi.c | 2 +- lib/vquic/curl_ngtcp2.c | 4 ++-- lib/vtls/openssl.c | 6 +++--- src/Makefile.inc | 6 +++--- src/tool_operate.c | 2 +- tests/libtest/lib517.c | 2 +- tests/server/sockfilt.c | 4 ++-- 17 files changed, 29 insertions(+), 30 deletions(-) diff --git a/.github/scripts/typos.toml b/.github/scripts/typos.toml index 97c682b5b6..a84017cf53 100644 --- a/.github/scripts/typos.toml +++ b/.github/scripts/typos.toml @@ -9,13 +9,10 @@ extend-ignore-identifiers-re = [ "^(ECT0|ECT1|HELO|htpt|PASE)$", "^[A-Za-z0-9_-]*(EDE|GOST)[A-Z0-9_-]*$", # ciphers "^0x[0-9a-fA-F]+FUL$", # unsigned long hex literals ending with 'F' - "^[0-9a-zA-Z+]{64,}$", # possibly base64 - "^(Januar|eyeballers|HELO_smtp|kno22|MkTypLibCompatible|optin|passin|perfec|__SecURE|SMTP_HELO|v_alue)$", - "^(clen|req_clen|smtp_perform_helo|smtp_state_helo_resp|_stati64)$", - "^Tru64$", + "^(eyeballers|HELO_smtp|optin|passin|perfec|SMTP_HELO)$", + "^(clen|req_clen|smtp_perform_helo|smtp_state_helo_resp|Tru64|_stati64)$", "secur32", - # this should be limited to tests/http/*. Short for secure proxy. - "proxys", + "proxys", # this should be limited to tests/http/*. Short for secure proxy. ] extend-ignore-re = [ @@ -28,8 +25,8 @@ extend-exclude = [ ".github/scripts/spellcheck.words", "docs/THANKS", "packages/*", - "scripts/wcurl", "projects/Windows/tmpl/curl.vcxproj", "projects/Windows/tmpl/libcurl.vcxproj", + "scripts/wcurl", "tests/data/test*", ] diff --git a/.github/workflows/label.yml b/.github/workflows/label.yml index f2050bd2ce..a5f42f9d40 100644 --- a/.github/workflows/label.yml +++ b/.github/workflows/label.yml @@ -10,6 +10,7 @@ # https://github.com/actions/labeler name: 'Labeler' + 'on': [pull_request_target] # zizmor: ignore[dangerous-triggers] permissions: {} diff --git a/configure.ac b/configure.ac index 5dde9f6c96..c90606f507 100644 --- a/configure.ac +++ b/configure.ac @@ -281,7 +281,7 @@ OPT_APPLE_SECTRUST=$curl_cv_apple AC_ARG_WITH(apple-sectrust,dnl AS_HELP_STRING([--with-apple-sectrust],[enable Apple OS native certificate verification]),[ OPT_APPLE_SECTRUST=$withval - ]) +]) AC_PATH_PROG(PERL, perl,, $PATH:/usr/local/bin/perl:/usr/bin/:/usr/local/bin) AC_SUBST(PERL) diff --git a/docs/examples/multi-event.c b/docs/examples/multi-event.c index f2c3e87c2b..23dff05ed2 100644 --- a/docs/examples/multi-event.c +++ b/docs/examples/multi-event.c @@ -69,7 +69,7 @@ static void add_download(const char *url, int num) FILE *file; CURL *handle; - snprintf(filename, 50, "%d.download", num); + snprintf(filename, sizeof(filename), "%d.download", num); file = fopen(filename, "wb"); if(!file) { diff --git a/docs/examples/multi-uv.c b/docs/examples/multi-uv.c index 1a61745dfa..ee0ac0e1b3 100644 --- a/docs/examples/multi-uv.c +++ b/docs/examples/multi-uv.c @@ -85,7 +85,7 @@ static void add_download(const char *url, int num, CURLM *multi) FILE *file; CURL *handle; - snprintf(filename, 50, "%d.download", num); + snprintf(filename, sizeof(filename), "%d.download", num); file = fopen(filename, "wb"); if(!file) { diff --git a/lib/amigaos.c b/lib/amigaos.c index cc5d49f9b8..e51236d126 100644 --- a/lib/amigaos.c +++ b/lib/amigaos.c @@ -222,8 +222,8 @@ CURLcode Curl_amiga_init(void) return CURLE_FAILED_INIT; } - if(SocketBaseTags(SBTM_SETVAL(SBTC_ERRNOPTR(sizeof(errno))), (ULONG) &errno, - SBTM_SETVAL(SBTC_LOGTAGPTR), (ULONG) "curl", + if(SocketBaseTags(SBTM_SETVAL(SBTC_ERRNOPTR(sizeof(errno))), (ULONG)&errno, + SBTM_SETVAL(SBTC_LOGTAGPTR), (ULONG)"curl", TAG_DONE)) { CURL_AMIGA_REQUEST("SocketBaseTags ERROR"); return CURLE_FAILED_INIT; diff --git a/lib/cf-ip-happy.c b/lib/cf-ip-happy.c index f6675e275d..6b7130be83 100644 --- a/lib/cf-ip-happy.c +++ b/lib/cf-ip-happy.c @@ -412,9 +412,9 @@ evaluate: if(!more_possible) more_possible = cf_ai_iter_has_more(&bs->ipv6_iter); #endif - do_more = more_possible && - (curlx_timediff(now, bs->last_attempt_started) >= - bs->attempt_delay_ms); + do_more = more_possible && + (curlx_timediff(now, bs->last_attempt_started) >= + bs->attempt_delay_ms); if(do_more) CURL_TRC_CF(data, cf, "happy eyeballs timeout expired, " "start next attempt"); diff --git a/lib/curl_trc.c b/lib/curl_trc.c index 7f234437f2..0b91315e36 100644 --- a/lib/curl_trc.c +++ b/lib/curl_trc.c @@ -312,6 +312,7 @@ void Curl_trc_timer(struct Curl_easy *data, int tid, const char *fmt, ...) va_end(ap); } } + void Curl_trc_easy_timers(struct Curl_easy *data) { if(CURL_TRC_TIMER_is_verbose(data)) { diff --git a/lib/rtsp.c b/lib/rtsp.c index 3ede0fe62d..1f952a07cc 100644 --- a/lib/rtsp.c +++ b/lib/rtsp.c @@ -558,7 +558,7 @@ static CURLcode rtsp_do(struct Curl_easy *data, bool *done) * Go ahead and use the Range stuff supplied for HTTP */ if(data->state.use_range && - (rtspreq & (RTSPREQ_PLAY | RTSPREQ_PAUSE | RTSPREQ_RECORD))) { + (rtspreq & (RTSPREQ_PLAY | RTSPREQ_PAUSE | RTSPREQ_RECORD))) { /* Check to see if there is a range set in the custom headers */ if(!Curl_checkheaders(data, STRCONST("Range")) && data->state.range) { diff --git a/lib/vauth/digest_sspi.c b/lib/vauth/digest_sspi.c index f231dabc81..5bf3770565 100644 --- a/lib/vauth/digest_sspi.c +++ b/lib/vauth/digest_sspi.c @@ -364,7 +364,7 @@ CURLcode Curl_auth_decode_digest_http_message(const char *chlg, } /* Store the challenge for use later */ - digest->input_token = (BYTE *) Curl_memdup(chlg, chlglen + 1); + digest->input_token = (BYTE *)Curl_memdup(chlg, chlglen + 1); if(!digest->input_token) return CURLE_OUT_OF_MEMORY; diff --git a/lib/vauth/ntlm_sspi.c b/lib/vauth/ntlm_sspi.c index d421879161..071617182e 100644 --- a/lib/vauth/ntlm_sspi.c +++ b/lib/vauth/ntlm_sspi.c @@ -175,7 +175,7 @@ CURLcode Curl_auth_create_ntlm_type1_message(struct Curl_easy *data, ntlm->context, &type_1_desc, &attrs, NULL); if(status == SEC_I_COMPLETE_NEEDED || - status == SEC_I_COMPLETE_AND_CONTINUE) + status == SEC_I_COMPLETE_AND_CONTINUE) Curl_pSecFn->CompleteAuthToken(ntlm->context, &type_1_desc); else if(status == SEC_E_INSUFFICIENT_MEMORY) return CURLE_OUT_OF_MEMORY; diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index 3a301f1b71..7a26e2bf08 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -143,8 +143,8 @@ struct cf_ngtcp2_ctx { uint64_t max_bidi_streams; /* max bidi streams we can open */ size_t earlydata_max; /* max amount of early data supported by server on session reuse */ - size_t earlydata_skip; /* sending bytes to skip when earlydata - * is accepted by peer */ + size_t earlydata_skip; /* sending bytes to skip when earlydata + is accepted by peer */ CURLcode tls_vrfy_result; /* result of TLS peer verification */ int qlogfd; BIT(initialized); diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 3145d4d203..039eb51c9a 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -3358,9 +3358,9 @@ static CURLcode ossl_windows_load_anchors(struct Curl_cfilter *cf, #endif /* USE_WIN32_CRYPTO */ static CURLcode ossl_load_trust_anchors(struct Curl_cfilter *cf, - struct Curl_easy *data, - struct ossl_ctx *octx, - X509_STORE *store) + struct Curl_easy *data, + struct ossl_ctx *octx, + X509_STORE *store) { struct ssl_primary_config *conn_config = Curl_ssl_cf_get_primary_config(cf); struct ssl_config_data *ssl_config = Curl_ssl_cf_get_config(cf, data); diff --git a/src/Makefile.inc b/src/Makefile.inc index d57d6c9125..fa55837552 100644 --- a/src/Makefile.inc +++ b/src/Makefile.inc @@ -34,9 +34,9 @@ # the official API, but we reuse the code here to avoid duplication. CURLX_CFILES = \ ../lib/curlx/base64.c \ - ../lib/curlx/multibyte.c \ ../lib/curlx/dynbuf.c \ ../lib/curlx/fopen.c \ + ../lib/curlx/multibyte.c \ ../lib/curlx/nonblock.c \ ../lib/curlx/strerr.c \ ../lib/curlx/strparse.c \ @@ -48,11 +48,11 @@ CURLX_CFILES = \ ../lib/curlx/winapi.c CURLX_HFILES = \ - ../lib/curlx/binmode.h \ - ../lib/curlx/multibyte.h \ ../lib/curl_setup.h \ + ../lib/curlx/binmode.h \ ../lib/curlx/dynbuf.h \ ../lib/curlx/fopen.h \ + ../lib/curlx/multibyte.h \ ../lib/curlx/nonblock.h \ ../lib/curlx/strerr.h \ ../lib/curlx/strparse.h \ diff --git a/src/tool_operate.c b/src/tool_operate.c index 38482b496e..3c29d28ec3 100644 --- a/src/tool_operate.c +++ b/src/tool_operate.c @@ -999,7 +999,7 @@ static CURLcode setup_outfile(struct OperationConfig *config, /* open file for output, forcing VMS output format into stream mode which is needed for stat() call above to always work. */ FILE *file = curlx_fopen(outfile, "ab", - "ctx=stm", "rfm=stmlf", "rat=cr", "mrs=0"); + "ctx=stm", "rfm=stmlf", "rat=cr", "mrs=0"); #else /* open file for output: */ FILE *file = curlx_fopen(per->outfile, "ab"); diff --git a/tests/libtest/lib517.c b/tests/libtest/lib517.c index 85950dd866..01d3ac4bad 100644 --- a/tests/libtest/lib517.c +++ b/tests/libtest/lib517.c @@ -80,7 +80,7 @@ static CURLcode test_lib517(const char *URL) {"Sat, 15-Apr-17\"21:01:22\"GMT", 1492290082 }, {"Partyday, 18- April-07 22:50:12", -1 }, {"Partyday, 18 - Apri-07 22:50:12", -1 }, - {"Wednes, 1-Januar-2003 00:00:00 GMT", -1 }, + {"Wednes, 1-Januar-2003 00:00:00 GMT", -1 },/* spellchecker:disable-line */ {"Sat, 15-Apr-17 21:01:22", 1492290082 }, {"Sat, 15-Apr-17 21:01:22 GMT-2", 1492290082 }, {"Sat, 15-Apr-17 21:01:22 GMT BLAH", 1492290082 }, diff --git a/tests/server/sockfilt.c b/tests/server/sockfilt.c index 3f4c9ef8b0..48728bfd01 100644 --- a/tests/server/sockfilt.c +++ b/tests/server/sockfilt.c @@ -461,13 +461,13 @@ static DWORD WINAPI select_ws_wait_thread(void *lpParameter) size.QuadPart = 0; size.LowPart = GetFileSize(handle, &length); if((size.LowPart != INVALID_FILE_SIZE) || - (GetLastError() == NO_ERROR)) { + (GetLastError() == NO_ERROR)) { size.HighPart = (LONG)length; /* get the current position within the file */ pos.QuadPart = 0; pos.LowPart = SetFilePointer(handle, 0, &pos.HighPart, FILE_CURRENT); if((pos.LowPart != INVALID_SET_FILE_POINTER) || - (GetLastError() == NO_ERROR)) { + (GetLastError() == NO_ERROR)) { /* compare position with size, abort if not equal */ if(size.QuadPart == pos.QuadPart) { /* sleep and continue waiting */ From 5090cce01c259ec6d01d907f71be9c27ac960f91 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 6 Oct 2025 11:03:35 +0200 Subject: [PATCH 0313/2408] libssh2: fix return code for EAGAIN In disconnect Closes #18874 --- lib/vssh/libssh2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c index 8ad263e7f3..9f6fb8354a 100644 --- a/lib/vssh/libssh2.c +++ b/lib/vssh/libssh2.c @@ -2574,7 +2574,7 @@ static CURLcode ssh_state_session_disconnect(struct Curl_easy *data, if(sshc->ssh_channel) { rc = libssh2_channel_free(sshc->ssh_channel); if(rc == LIBSSH2_ERROR_EAGAIN) - return CURLE_OK; + return CURLE_AGAIN; if(rc < 0) { char *err_msg = NULL; From 22ae8ac8743beb396ed21bbf0a7245de87b81c29 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 6 Oct 2025 11:07:47 +0200 Subject: [PATCH 0314/2408] libssh2/sftp_realpath: change state consistently Change the state in this function at a single spot independent of success or not to simplify. Reported-by: Joshua Rogers Closes #18875 --- lib/vssh/libssh2.c | 19 ++++++++----------- 1 file changed, 8 insertions(+), 11 deletions(-) diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c index 9f6fb8354a..c73ecec949 100644 --- a/lib/vssh/libssh2.c +++ b/lib/vssh/libssh2.c @@ -1943,13 +1943,12 @@ static CURLcode ssh_state_sftp_realpath(struct Curl_easy *data, if(rc == LIBSSH2_ERROR_EAGAIN) return CURLE_AGAIN; + myssh_state(data, sshc, SSH_STOP); if(rc > 0) { free(sshc->homedir); sshc->homedir = strdup(sshp->readdir_filename); - if(!sshc->homedir) { - myssh_state(data, sshc, SSH_SFTP_CLOSE); + if(!sshc->homedir) return CURLE_OUT_OF_MEMORY; - } free(data->state.most_recent_ftp_entrypath); data->state.most_recent_ftp_entrypath = strdup(sshc->homedir); if(!data->state.most_recent_ftp_entrypath) @@ -1962,21 +1961,19 @@ static CURLcode ssh_state_sftp_realpath(struct Curl_easy *data, if(sftperr) result = sftp_libssh2_error_to_CURLE(sftperr); else - /* in this case, the error was not in the SFTP level but for example - a time-out or similar */ + /* in this case, the error was not in the SFTP level but for example a + time-out or similar */ result = CURLE_SSH; DEBUGF(infof(data, "error = %lu makes libcurl = %d", sftperr, (int)result)); - myssh_state(data, sshc, SSH_STOP); return result; } - /* This is the last step in the SFTP connect phase. Do note that while - we get the homedir here, we get the "workingpath" in the DO action - since the homedir will remain the same between request but the - working path will not. */ + /* This is the last step in the SFTP connect phase. Do note that while we + get the homedir here, we get the "workingpath" in the DO action since the + homedir will remain the same between request but the working path will + not. */ DEBUGF(infof(data, "SSH CONNECT phase done")); - myssh_state(data, sshc, SSH_STOP); return CURLE_OK; } From 3517053cf7d452e9be921ddfe58dfcd408216eb7 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 6 Oct 2025 12:27:36 +0200 Subject: [PATCH 0315/2408] curl_osslq: error out properly if BIO_ADDR_rawmake() fails Reported-by: Joshua Rogers Closes #18878 --- lib/vquic/curl_osslq.c | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c index 0862d68844..cda239a57d 100644 --- a/lib/vquic/curl_osslq.c +++ b/lib/vquic/curl_osslq.c @@ -185,6 +185,7 @@ static CURLcode make_bio_addr(BIO_ADDR **pbio_addr, (struct sockaddr_in6 * const)CURL_UNCONST(&addr->curl_sa_addr); if(!BIO_ADDR_rawmake(bio_addr, AF_INET6, &sin->sin6_addr, sizeof(sin->sin6_addr), sin->sin6_port)) { + goto out; } result = CURLE_OK; break; From 66f4c5699e8d1edc43717f11e203968db34b0a19 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 6 Oct 2025 12:43:40 +0200 Subject: [PATCH 0316/2408] test766: verify CURLOPT_SOCKOPTFUNCTION error on accept This test does active FTP with a socketopt callback that returns error for the CURLSOCKTYPE_ACCEPT "purpose" to make sure we test and exercise this error path - without leaks. Closes #18879 --- docs/libcurl/opts/CURLOPT_SOCKOPTFUNCTION.md | 14 +++-- tests/data/Makefile.am | 2 +- tests/data/test766 | 58 +++++++++++++++++ tests/libtest/Makefile.inc | 1 + tests/libtest/lib766.c | 66 ++++++++++++++++++++ 5 files changed, 134 insertions(+), 7 deletions(-) create mode 100644 tests/data/test766 create mode 100644 tests/libtest/lib766.c diff --git a/docs/libcurl/opts/CURLOPT_SOCKOPTFUNCTION.md b/docs/libcurl/opts/CURLOPT_SOCKOPTFUNCTION.md index a2ded45692..3467acf77f 100644 --- a/docs/libcurl/opts/CURLOPT_SOCKOPTFUNCTION.md +++ b/docs/libcurl/opts/CURLOPT_SOCKOPTFUNCTION.md @@ -64,12 +64,14 @@ CURLOPT_SOCKOPTDATA(3) function. Return *CURL_SOCKOPT_OK* from the callback on success. Return *CURL_SOCKOPT_ERROR* from the callback function to signal an unrecoverable error to the library and it closes the socket and returns -*CURLE_COULDNT_CONNECT*. Alternatively, the callback function can return -*CURL_SOCKOPT_ALREADY_CONNECTED*, to tell libcurl that the socket is -already connected and then libcurl does no attempt to connect. This allows an -application to pass in an already connected socket with -CURLOPT_OPENSOCKETFUNCTION(3) and then have this function make libcurl -not attempt to connect (again). +*CURLE_COULDNT_CONNECT* for *CURLSOCKTYPE_IPCXN* and +*CURLE_ABORTED_BY_CALLBACK* for *CURLSOCKTYPE_ACCEPT*. + +The callback function may return *CURL_SOCKOPT_ALREADY_CONNECTED* for +*CURLSOCKTYPE_IPCXN*, to tell libcurl that the socket is already connected and +then libcurl does no attempt to connect. This allows an application to pass in +an already connected socket with CURLOPT_OPENSOCKETFUNCTION(3) and then have +this function make libcurl not attempt to connect (again). # DEFAULT diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am index f2c698c674..0d2d47c99a 100644 --- a/tests/data/Makefile.am +++ b/tests/data/Makefile.am @@ -109,7 +109,7 @@ test727 test728 test729 test730 test731 test732 test733 test734 test735 \ test736 test737 test738 test739 test740 test741 test742 test743 test744 \ test745 test746 test747 test748 test749 test750 test751 test752 test753 \ test754 test755 test756 test757 test758 test759 test760 test761 test762 \ -test763 test764 test765 \ +test763 test764 test765 test766 \ \ test780 test781 test782 test783 test784 test785 test786 test787 test788 \ test789 test790 test791 test792 test793 test794 test796 test797 \ diff --git a/tests/data/test766 b/tests/data/test766 new file mode 100644 index 0000000000..9db96b7c05 --- /dev/null +++ b/tests/data/test766 @@ -0,0 +1,58 @@ + + + +FTP +PORT +CURLOPT_SOCKOPTFUNCTION + + + +# Server-side + + +hello + + + +# Client-side + + +ftp + + +lib%TESTNUMBER + + +FTP PORT with sockopt callback refusing the accept + + +ftp://%HOSTIP:%FTPPORT/path/%TESTNUMBER + + + +# Verify data after the test has been "shot" + +# Strip off parts of the EPRT command that might differ + +s/^EPRT \|1\|(.*)/EPRT \|1\|/ + +# The TYPE command might get sent so we ignore that + +^TYPE + + + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPRT |1| + + +# 42 == CURLE_ABORTED_BY_CALLBACK + +42 + + + + diff --git a/tests/libtest/Makefile.inc b/tests/libtest/Makefile.inc index d8735a44e1..cac833f26f 100644 --- a/tests/libtest/Makefile.inc +++ b/tests/libtest/Makefile.inc @@ -76,6 +76,7 @@ TESTS_C = \ lib694.c lib695.c \ lib751.c lib753.c lib758.c \ lib757.c \ + lib766.c \ lib1156.c \ lib1301.c lib1308.c \ lib1485.c \ diff --git a/tests/libtest/lib766.c b/tests/libtest/lib766.c new file mode 100644 index 0000000000..5cfc6bb270 --- /dev/null +++ b/tests/libtest/lib766.c @@ -0,0 +1,66 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + * SPDX-License-Identifier: curl + * + ***************************************************************************/ + +#include "first.h" + +#include "memdebug.h" + +static int sockopt_766(void *clientp, + curl_socket_t curlfd, + curlsocktype purpose) +{ + (void)clientp; + (void)curlfd; + if(purpose == CURLSOCKTYPE_ACCEPT) { + curl_mfprintf(stderr, + "Return error from CURLOPT_SOCKOPTFUNCTION callback\n"); + return 1; /* force error */ + } + return 0; +} + +static CURLcode test_lib766(const char *URL) +{ + CURL *easy = NULL; + CURLcode res = CURLE_OK; + + start_test_timing(); + + res_global_init(CURL_GLOBAL_ALL); + + easy_init(easy); + easy_setopt(easy, CURLOPT_VERBOSE, 1L); + easy_setopt(easy, CURLOPT_URL, URL); + easy_setopt(easy, CURLOPT_FTPPORT, "-"); + easy_setopt(easy, CURLOPT_SOCKOPTFUNCTION, sockopt_766); + + res = curl_easy_perform(easy); + +test_cleanup: + + curl_easy_cleanup(easy); + curl_global_cleanup(); + + return res; +} From 6c7fc22f9dc43ded7a952e66597a379f294f9d29 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 6 Oct 2025 13:05:01 +0200 Subject: [PATCH 0317/2408] pingpong: remove two old leftover debug infof() calls --- lib/pingpong.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/lib/pingpong.c b/lib/pingpong.c index ddd4020894..3f6da71eae 100644 --- a/lib/pingpong.c +++ b/lib/pingpong.c @@ -98,7 +98,6 @@ CURLcode Curl_pp_statemach(struct Curl_easy *data, return CURLE_OPERATION_TIMEDOUT; /* already too little time */ } - DEBUGF(infof(data, "pp_statematch, timeout=%" FMT_TIMEDIFF_T, timeout_ms)); if(block) { interval_ms = 1000; /* use 1 second timeout intervals */ if(timeout_ms < interval_ms) @@ -116,9 +115,6 @@ CURLcode Curl_pp_statemach(struct Curl_easy *data, /* We are receiving and there is data ready in the SSL library */ rc = 1; else { - DEBUGF(infof(data, "pp_statematch, select, timeout=%" FMT_TIMEDIFF_T - ", sendleft=%zu", - timeout_ms, pp->sendleft)); rc = Curl_socket_check(pp->sendleft ? CURL_SOCKET_BAD : sock, /* reading */ CURL_SOCKET_BAD, pp->sendleft ? sock : CURL_SOCKET_BAD, /* writing */ From 3b18aeb8bdba4bcc7eb942e39c542778d1cffbfa Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 6 Oct 2025 14:41:14 +0200 Subject: [PATCH 0318/2408] managen: verify the options used in example lines Also fix the --knownhosts typo Follow-up to aae18c4bdc1a3bf5 Reported-by: Daniel Terhorst-North URL: https://mas.to/@tastapod/115327102344617386 Closes #18884 --- docs/cmdline-opts/knownhosts.md | 2 +- scripts/managen | 23 +++++++++++++++++++++++ tests/data/test1705 | 4 ++-- tests/data/test1706 | 4 ++-- 4 files changed, 28 insertions(+), 5 deletions(-) diff --git a/docs/cmdline-opts/knownhosts.md b/docs/cmdline-opts/knownhosts.md index 47095632df..4b6386dd24 100644 --- a/docs/cmdline-opts/knownhosts.md +++ b/docs/cmdline-opts/knownhosts.md @@ -14,7 +14,7 @@ See-also: - insecure - key Example: - - --knownhost filename --key here $URL + - --knownhosts filename --key here $URL --- # `--knownhosts` diff --git a/scripts/managen b/scripts/managen index 17c8677882..0c75148fd1 100755 --- a/scripts/managen +++ b/scripts/managen @@ -880,6 +880,29 @@ sub single { if($examples[0]) { my $s =""; $s="s" if($examples[1]); + foreach my $e (@examples) { + my $check = $e; + # verify the used options + for my $e (split(/ /, $check)) { + if($e =~ /^-([^- ])/) { + my $opt = $1; + if(!$optshort{$opt}) { + print STDERR "$f:$line:1:ERROR: unknown option in ". + "example: -$opt\n"; + return 2; + } + } + elsif($e =~ /^--([^ =]*)/) { + my $opt = $1; + $opt =~ s/^expand-//g; + if(!$helplong{$opt}) { + print STDERR "$f:$line:1:ERROR: unknown option in ". + "example: '--$opt'\n"; + return 2; + } + } + } + } if($manpage) { print "\nExample$s:\n"; print ".nf\n"; diff --git a/tests/data/test1705 b/tests/data/test1705 index 7c21ffa349..26ddf3d4ad 100644 --- a/tests/data/test1705 +++ b/tests/data/test1705 @@ -52,7 +52,7 @@ See-also: - trace - trace-ascii Example: - - --verbose $URL + - --fakeitreal $URL --- # `--verbose` @@ -231,7 +231,7 @@ Disable it again with \-\-no-fakeitreal. Example: .nf -curl --verbose https://example.com +curl --fakeitreal https://example.com .fi This option is mutually exclusive with \fI\-\-trace\fP and \fI\-\-trace\-ascii\fP. diff --git a/tests/data/test1706 b/tests/data/test1706 index 6362678e9a..f821618d27 100644 --- a/tests/data/test1706 +++ b/tests/data/test1706 @@ -52,7 +52,7 @@ See-also: - trace - trace-ascii Example: - - --verbose $URL + - --fakeitreal $URL --- # `--verbose` @@ -196,7 +196,7 @@ DESCRIPTION effect. Disable it again with --no-fakeitreal. Example: - curl --verbose https://example.com + curl --fakeitreal https://example.com This option is mutually exclusive with --trace and --trace-ascii. See also --include, --silent, --trace and --trace-ascii. From 6d9636abd1deea39c7a79f042ca60652a815ddc8 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 6 Oct 2025 14:59:53 +0200 Subject: [PATCH 0319/2408] telnet: return error if WSAEventSelect fails Reported-by: Joshua Rogers Closes #18886 --- lib/telnet.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/telnet.c b/lib/telnet.c index 1ae15d3704..5144a1afa1 100644 --- a/lib/telnet.c +++ b/lib/telnet.c @@ -1371,7 +1371,7 @@ static CURLcode telnet_do(struct Curl_easy *data, bool *done) /* Tell Winsock what events we want to listen to */ if(WSAEventSelect(sockfd, event_handle, FD_READ|FD_CLOSE) == SOCKET_ERROR) { WSACloseEvent(event_handle); - return CURLE_OK; + return CURLE_RECV_ERROR; } /* The get the Windows file handle for stdin */ From e214b1450186538e1336aa1f9c7b90e197bed092 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 6 Oct 2025 15:01:48 +0200 Subject: [PATCH 0320/2408] telnet: send failure logged but not returned Return error correctly when sending fails. Reported-by: Joshua Rogers Closes #18887 --- lib/telnet.c | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/telnet.c b/lib/telnet.c index 5144a1afa1..6eb60706c9 100644 --- a/lib/telnet.c +++ b/lib/telnet.c @@ -984,6 +984,7 @@ static CURLcode suboption(struct Curl_easy *data, struct TELNET *tn) if(bytes_written < 0) { err = SOCKERRNO; failf(data,"Sending data failed (%d)",err); + return CURLE_SEND_ERROR; } printsub(data, '>', &temp[2], len-2); break; From 71b5e025903e2e6a7f4f2309a7e2930fed96fc0a Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 6 Oct 2025 16:10:27 +0200 Subject: [PATCH 0321/2408] mdlinkcheck: reject URLs containing quotes Those would be illegal anyway and would make the script misbehave Reported-by: Stanislav Fort Closes #18889 --- scripts/mdlinkcheck | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/scripts/mdlinkcheck b/scripts/mdlinkcheck index 925edc5294..bbd6ac4602 100755 --- a/scripts/mdlinkcheck +++ b/scripts/mdlinkcheck @@ -140,6 +140,10 @@ sub checkurl { print "check $url\n"; my $curlcmd="curl -ILfsm10 --retry 2 --retry-delay 5 -A \"Mozilla/curl.se link-probe\""; $url =~ s/\+/%2B/g; + if($url =~ /[\"\'\n]/) { + print STDERR "Bad URL in markdown: %s\n", $url{$url}; + return 1; # fail + } my @content = `$curlcmd \"$url\"`; if(!$content[0]) { print STDERR "FAIL\n"; From 1a3a5cb72038a0b70cb5721e9762734f1691aa6d Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 6 Oct 2025 16:53:27 +0200 Subject: [PATCH 0322/2408] noproxy: fix the IPV6 network mask pattern match It would mismatch if the network prefix length with was not divisible by 8. Extended test 1614 to verify Reported-by: Stanislav Fort Closes #18891 --- lib/noproxy.c | 2 +- tests/unit/unit1614.c | 22 ++++++++++++++++++++++ 2 files changed, 23 insertions(+), 1 deletion(-) diff --git a/lib/noproxy.c b/lib/noproxy.c index 2983fa4a3a..20a335993d 100644 --- a/lib/noproxy.c +++ b/lib/noproxy.c @@ -99,7 +99,7 @@ UNITTEST bool Curl_cidr6_match(const char *ipv6, return FALSE; if(bytes && memcmp(address, check, bytes)) return FALSE; - if(rest && !((address[bytes] ^ check[bytes]) & (0xff << (8 - rest)))) + if(rest && ((address[bytes] ^ check[bytes]) & (0xff << (8 - rest)))) return FALSE; return TRUE; diff --git a/tests/unit/unit1614.c b/tests/unit/unit1614.c index 4ee18df72f..9ba5f95ebb 100644 --- a/tests/unit/unit1614.c +++ b/tests/unit/unit1614.c @@ -111,6 +111,28 @@ static CURLcode test_unit1614(const char *arg) { "[::1]", "foo, bar, ::1/64", TRUE}, { "[::1]", "::1/64", TRUE}, { "[::1]", "::1/96", TRUE}, + { "[::1]", "::1/127", TRUE}, + { "[::1]", "::1/126", TRUE}, + { "[::1]", "::1/125", TRUE}, + { "[::1]", "::1/124", TRUE}, + { "[::1]", "::1/123", TRUE}, + { "[::1]", "::1/122", TRUE}, + { "[2001:db8:8000::1]", "2001:db8::/65", FALSE}, + { "[2001:db8:8000::1]", "2001:db8::/66", FALSE}, + { "[2001:db8:8000::1]", "2001:db8::/67", FALSE}, + { "[2001:db8:8000::1]", "2001:db8::/68", FALSE}, + { "[2001:db8:8000::1]", "2001:db8::/69", FALSE}, + { "[2001:db8:8000::1]", "2001:db8::/70", FALSE}, + { "[2001:db8:8000::1]", "2001:db8::/71", FALSE}, + { "[2001:db8:8000::1]", "2001:db8::/72", FALSE}, + { "[2001:db8::1]", "2001:db8::/65", TRUE}, + { "[2001:db8::1]", "2001:db8::/66", TRUE}, + { "[2001:db8::1]", "2001:db8::/67", TRUE}, + { "[2001:db8::1]", "2001:db8::/68", TRUE}, + { "[2001:db8::1]", "2001:db8::/69", TRUE}, + { "[2001:db8::1]", "2001:db8::/70", TRUE}, + { "[2001:db8::1]", "2001:db8::/71", TRUE}, + { "[2001:db8::1]", "2001:db8::/72", TRUE}, { "[::1]", "::1/129", FALSE}, { "bar", "foo, bar, ::1/64", TRUE}, { "BAr", "foo, bar, ::1/64", TRUE}, From f1ed50a51707847825eb988cfc739f79b5ceadc9 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 6 Oct 2025 17:23:18 +0200 Subject: [PATCH 0323/2408] tftp: don't pin or check address if recvfrom returns error Follow-up to c4f9977c66bbb05a837a7eb0300 Reported-by: Joshua Rogers Closes #18892 --- lib/tftp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/tftp.c b/lib/tftp.c index b81fd3ee14..baebe466a1 100644 --- a/lib/tftp.c +++ b/lib/tftp.c @@ -1105,7 +1105,7 @@ static CURLcode tftp_receive_packet(struct Curl_easy *data, 0, (struct sockaddr *)&remote_addr, &fromlen); - if(fromlen) { + if((state->rbytes >= 0) && fromlen) { if(state->remote_pinned) { /* pinned, verify that it comes from the same address */ if((state->remote_addrlen != fromlen) || From bc90f80556a731d31a60cbe76b82b3060bda48bc Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 6 Oct 2025 17:32:50 +0200 Subject: [PATCH 0324/2408] tftp: default timeout per block is now 15 seconds Down from the previous (rather ridiculous) 3600. Reported-by: Joshua Rogers Closes #18893 --- lib/tftp.c | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/lib/tftp.c b/lib/tftp.c index baebe466a1..56b7afda52 100644 --- a/lib/tftp.c +++ b/lib/tftp.c @@ -206,7 +206,7 @@ const struct Curl_handler Curl_handler_tftp = { **********************************************************/ static CURLcode tftp_set_timeouts(struct tftp_conn *state) { - time_t maxtime, timeout; + time_t timeout; timediff_t timeout_ms; bool start = (state->state == TFTP_STATE_START); @@ -219,13 +219,11 @@ static CURLcode tftp_set_timeouts(struct tftp_conn *state) return CURLE_OPERATION_TIMEDOUT; } - if(timeout_ms > 0) - maxtime = (time_t)(timeout_ms + 500) / 1000; - else - maxtime = 3600; /* use for calculating block timeouts */ - /* Set per-block timeout to total */ - timeout = maxtime; + if(timeout_ms > 0) + timeout = (time_t)(timeout_ms + 500) / 1000; + else + timeout = 15; /* Average reposting an ACK after 5 seconds */ state->retry_max = (int)timeout/5; From 3660e6da80764b7dc184af51556d158d5a352a48 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 6 Oct 2025 18:25:55 +0200 Subject: [PATCH 0325/2408] tftp: return error if it hits an illegal state Reported-by: Joshua Rogers Closes #18894 --- lib/tftp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/tftp.c b/lib/tftp.c index 56b7afda52..8279f29e65 100644 --- a/lib/tftp.c +++ b/lib/tftp.c @@ -564,7 +564,7 @@ static CURLcode tftp_send_first(struct tftp_conn *state, default: failf(state->data, "tftp_send_first: internal error"); - break; + return CURLE_TFTP_ILLEGAL; } return result; From 33380fa214d6ff9a0c1dc29b61aa6650b4ed3fa7 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 6 Oct 2025 23:05:10 +0200 Subject: [PATCH 0326/2408] telnet: ignore empty suboptions To avoid printing from en empty buffer Reported-by: Joshua Rogers Closes #18899 --- lib/telnet.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lib/telnet.c b/lib/telnet.c index 6eb60706c9..5c25bc2eaa 100644 --- a/lib/telnet.c +++ b/lib/telnet.c @@ -947,6 +947,9 @@ static CURLcode suboption(struct Curl_easy *data, struct TELNET *tn) int err; struct connectdata *conn = data->conn; + if(!CURL_SB_LEN(tn)) /* ignore empty suboption */ + return CURLE_OK; + printsub(data, '<', (unsigned char *)tn->subbuffer, CURL_SB_LEN(tn) + 2); switch(CURL_SB_GET(tn)) { case CURL_TELOPT_TTYPE: From 5e3725a7afe46fac093412f64193c807fcff1440 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 6 Oct 2025 23:59:33 +0200 Subject: [PATCH 0327/2408] RELEASE-NOTES: synced --- RELEASE-NOTES | 117 +++++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 106 insertions(+), 11 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index b638b559c4..846340aee1 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -1,16 +1,19 @@ curl and libcurl 8.17.0 Public curl releases: 271 - Command line options: 272 + Command line options: 273 curl_easy_setopt() options: 308 Public functions in libcurl: 98 - Contributors: 3513 + Contributors: 3514 This release includes the following changes: o build: drop the winbuild build system [81] o krb5: drop support for Kerberos FTP [43] o libssh2: up the minimum requirement to 1.9.0 [85] + o progress: expand to use 6 characters per size [234] + o ssl: support Apple SecTrust configurations [240] + o tool_getparam: add --knownhosts [204] o vssh: drop support for wolfSSH [58] o wcurl: import v2025.09.27 [182] o write-out: make %header{} able to output *all* occurrences of a header [25] @@ -34,11 +37,16 @@ This release includes the following bugfixes: o build: show llvm/clang in platform flags and `buildinfo.txt` [126] o cf-h2-proxy: break loop on edge case [140] o cf-ip-happy: mention unix domain path, not port number [161] + o cf-socket: always check Curl_cf_socket_peek() return code [198] + o cf-socket: check params and remove accept procondition [197] o cf-socket: tweak a memcpy() to read better [177] o cf-socket: use the right byte order for ports in bindlocal [61] o cfilter: unlink and discard [46] o checksrc: catch banned functions when preceded by `(` [146] o checksrc: fix possible endless loop when detecting `BANNEDFUNC` [149] + o checksrc: fix possible endless loops/errors in the banned function logic [220] + o checksrc: fix to handle `)` predecing a banned function [229] + o checksrc: reduce directory-specific exceptions [228] o cmake: add `CURL_CODE_COVERAGE` option [78] o cmake: clang detection tidy-ups [116] o cmake: drop exclamation in comment looking like a name [160] @@ -49,8 +57,10 @@ This release includes the following bugfixes: o cmdline-opts/_PROGRESS.md: explain the suffixes [154] o configure: add "-mt" for pthread support on HP-UX [52] o cookie: avoid saving a cookie file if no transfer was done [11] + o cpool: make bundle->dest an array; fix UB [218] o curl_easy_getinfo: error code on NULL arg [2] o curl_mem_undef.h: limit to `CURLDEBUG` for non-memalloc overrides [19] + o curl_osslq: error out properly if BIO_ADDR_rawmake() fails [184] o curl_slist_append.md: clarify that a NULL pointer is not acceptable [72] o CURLINFO_FTP_ENTRY_PATH.md: this is for SFTP as well [8] o CURLOPT_HEADER/WRITEFUNCTION.md: drop '* size' since size is always 1 [63] @@ -59,16 +69,23 @@ This release includes the following bugfixes: o CURLOPT_TIMECONDITION.md: works for FILE and FTP as well [27] o digest_sspi: fix two memory leaks in error branches [77] o dist: do not distribute `CI.md` [29] + o docs/cmdline-opts: drop double quotes from GLOBBING and URL examples [238] o docs/libcurl: clarify some timeout option behavior [15] o docs/libcurl: remove ancient version references [7] o docs/libcurl: use lowercase must [5] o docs: fix/tidy code fences [87] o easy_getinfo: check magic, Curl_close safety [3] + o examples: drop unused `curl/mprintf.h` includes [224] + o examples: fix two build issues surfaced with WinCE [223] o examples: fix two issues found by CodeQL [35] o examples: fix two more cases of `stat()` TOCTOU [147] o form.md: drop reference to MANUAL [178] + o ftp: add extra buffer length check [195] o ftp: fix ftp_do_more returning with *completep unset [122] o ftp: fix port number range loop for PORT commands [66] + o ftp: fix the 213 scanner memchr buffer limit argument [196] + o ftp: improve fragile check for first digit > 3 [194] + o ftp: remove misleading comments [193] o gtls: avoid potential use of uninitialized variable in trace output [83] o hostip: remove leftover INT_MAX check in Curl_dnscache_prune [88] o http: handle user-defined connection headers [165] @@ -78,14 +95,21 @@ This release includes the following bugfixes: o ip-happy: do not set unnecessary timeout [95] o ip-happy: prevent event-based stall on retry [155] o krb5: return appropriate error on send failures [22] + o krb5_sspi: the chlg argument is NOT optional [200] o ldap: do not base64 encode zero length string [42] + o ldap: tidy-up types, fix error code confusion [191] + o lib: drop unused include and duplicate guards [226] o lib: fix build error and compiler warnings with verbose strings disabled [173] o lib: remove personal names from comments [168] o lib: upgrade/multiplex handling [136] o libcurl-multi.md: added curl_multi_get_offt mention [53] o libcurl-security.md: mention long-running connections [6] + o libssh2/sftp_realpath: change state consistently [185] + o libssh2: bail out on chgrp and chown number parsing errors [202] + o libssh2: clarify that sshp->path is always at least one byte [201] o libssh2: drop two redundant null-terminations [26] o libssh2: error check and null-terminate in ssh_state_sftp_readdir_link() [34] + o libssh2: fix return code for EAGAIN [186] o libssh: acknowledge SSH_AGAIN in the SFTP state machine [89] o libssh: clarify myssh_block2waitfor [92] o libssh: drop two unused assignments [104] @@ -94,30 +118,38 @@ This release includes the following bugfixes: o libssh: fix range parsing error handling mistake [120] o libssh: react on errors from ssh_scp_read [24] o libssh: return out of memory correctly if aprintf fails [60] + o Makefile.example: fix option order [231] o Makefile.example: simplify and make it configurable [20] o managen: ignore version mentions < 7.66.0 [55] o managen: render better manpage references/links [54] o managen: strict protocol check [109] + o managen: verify the options used in example lines [181] o mbedtls: check result of setting ALPN [127] o mbedtls: handle WANT_WRITE from mbedtls_ssl_read() [145] + o mdlinkcheck: reject URLs containing quotes [174] o multi.h: add CURLMINFO_LASTENTRY [51] o multi_ev: remove unnecessary data check that confuses analysers [167] o ngtcp2: check error code on connect failure [13] o ngtcp2: fix early return [131] + o noproxy: fix the IPV6 network mask pattern match [166] o openldap: avoid indexing the result at -1 for blank responses [44] o openldap: check ber_sockbuf_add_io() return code [163] o openldap: check ldap_get_option() return codes [119] o openssl-quic: check results better [132] o openssl-quic: handle error in SSL_get_stream_read_error_code [129] o openssl-quic: ignore unexpected streams opened by server [176] + o openssl: call SSL_get_error() with proper error [207] o openssl: clear retry flag on x509 error [130] o openssl: fail the transfer if ossl_certchain() fails [23] + o openssl: fix build for v1.0.2 [225] o openssl: make the asn1_object_dump name null terminated [56] o openssl: set io_need always [99] o OS400: fix a use-after-free/double-free case [142] + o pingpong: remove two old leftover debug infof() calls o pytest: skip specific tests for no-verbose builds [171] o quic: fix min TLS version handling [14] o quic: ignore EMSGSIZE on receive [4] + o quiche: fix possible leaks on teardown [205] o quiche: fix verbose message when ip quadruple cannot be obtained. [128] o quiche: when ingress processing fails, return that error code [103] o runtests: tag tests that require curl verbose strings [172] @@ -143,16 +175,25 @@ This release includes the following bugfixes: o socks_sspi: fix memory cleanup calls [40] o socks_sspi: restore non-blocking socket on error paths [48] o ssl-sessions.md: mark option experimental [12] + o strerror: drop workaround for SalfordC win32 header bug [214] o sws: fix checking `sscanf()` return value [17] o tcp-nodelay.md: expand the documentation [153] + o telnet: ignore empty suboptions [86] + o telnet: make bad_option() consider NULL a bad option too [192] o telnet: make printsub require another byte input [21] + o telnet: print DISPlay LOCation in printsub without mutating buffer [216] o telnet: refuse IAC codes in content [111] + o telnet: return error if WSAEventSelect fails [180] o telnet: return error on crazy TTYPE or XDISPLOC lengths [123] + o telnet: send failure logged but not returned [175] + o telnet: use pointer[0] for "unknown" option instead of pointer[i] [217] o tests/server: drop unsafe `open()` override in signal handler (Windows) [151] o tftp: check and act on tftp_set_timeouts() returning error [38] + o tftp: default timeout per block is now 15 seconds [156] o tftp: handle tftp_multi_statemach() return code [65] o tftp: pin the first used address [110] o tftp: propagate expired timer from tftp_state_timeout() [39] + o tftp: return error if it hits an illegal state [138] o tftp: return error when sendto() fails [59] o tidy-up: `fcntl.h` includes [98] o tidy-up: assortment of small fixes [115] @@ -166,6 +207,7 @@ This release includes the following bugfixes: o tool_cb_hdr: fix fwrite check in header callback [49] o tool_cb_hdr: size is always 1 [70] o tool_doswin: fix to use curl socket functions [108] + o tool_filetime: replace cast with the fitting printf mask (Windows) [212] o tool_getparam/set_rate: skip the multiplication on overflow [84] o tool_getparam: always disable "lib-ids" for tracing [169] o tool_getparam: warn if provided header looks malformed [179] @@ -174,12 +216,18 @@ This release includes the following bugfixes: o tool_progress: handle possible integer overflows [164] o tool_progress: make max5data() use an algorithm [170] o transfer: avoid busy loop with tiny speed limit [100] + o unit1323: sync time types and printf masks, drop casts [211] + o unit1664: drop casts, expand masks to full values [221] + o url: make Curl_init_userdefined return void [213] o urldata: FILE is not a list-only protocol [9] + o vquic: handling of io improvements [239] o vtls: alpn setting, check proto parameter [134] o vtls_int.h: clarify data_pending [124] o vtls_scache: fix race condition [157] o windows: replace `_beginthreadex()` with `CreateThread()` [80] o windows: stop passing unused, optional argument for Win9x compatibility [75] + o windows: use consistent format when showing error codes [199] + o windows: use native error code types more [206] o wolfssl: check BIO read parameters [133] o wolfssl: fix error check in shutdown [105] o ws: clarify an error message [125] @@ -209,15 +257,15 @@ advice from friends like these: Adam Light, Alice Lee Poetics, Andrew Kirillov, Andrew Olsen, BobodevMm on github, Christian Schmitz, Dan Fandrich, Daniel Stenberg, - dependabot[bot], divinity76 on github, Emilio Pozuelo Monfort, Ethan Everett, - Evgeny Grin (Karlson2k), fds242 on github, Howard Chu, Javier Blazquez, - Jicea, jmaggard10 on github, Johannes Schindelin, Joseph Birr-Pixton, - Joshua Rogers, kapsiR on github, kuchara on github, Marcel Raad, - Michael Osipov, Michał Petryka, Mohamed Daahir, Nir Azkiel, Patrick Monnerat, - Pocs Norbert, Ray Satiro, renovate[bot], rinsuki on github, - Samuel Dionne-Riel, Samuel Henrique, Stanislav Fort, Stefan Eissing, - Viktor Szakats - (38 contributors) + Daniel Terhorst-North, dependabot[bot], divinity76 on github, + Emilio Pozuelo Monfort, Ethan Everett, Evgeny Grin (Karlson2k), + fds242 on github, Howard Chu, Javier Blazquez, Jicea, jmaggard10 on github, + Johannes Schindelin, Joseph Birr-Pixton, Joshua Rogers, kapsiR on github, + kuchara on github, Marcel Raad, Michael Osipov, Michał Petryka, + Mohamed Daahir, Nir Azkiel, Patrick Monnerat, Pocs Norbert, Ray Satiro, + renovate[bot], rinsuki on github, Samuel Dionne-Riel, Samuel Henrique, + Stanislav Fort, Stefan Eissing, Viktor Szakats + (39 contributors) References to bug reports and discussions on issues: @@ -306,6 +354,7 @@ References to bug reports and discussions on issues: [83] = https://curl.se/bug/?i=18620 [84] = https://curl.se/bug/?i=18624 [85] = https://curl.se/bug/?i=18612 + [86] = https://curl.se/bug/?i=18899 [87] = https://curl.se/bug/?i=18707 [88] = https://curl.se/bug/?i=18680 [89] = https://curl.se/bug/?i=18740 @@ -357,6 +406,7 @@ References to bug reports and discussions on issues: [135] = https://curl.se/bug/?i=18401 [136] = https://curl.se/bug/?i=18227 [137] = https://curl.se/bug/?i=18719 + [138] = https://curl.se/bug/?i=18894 [139] = https://curl.se/bug/?i=18714 [140] = https://curl.se/bug/?i=18715 [141] = https://curl.se/bug/?i=18776 @@ -374,6 +424,7 @@ References to bug reports and discussions on issues: [153] = https://curl.se/bug/?i=18811 [154] = https://curl.se/bug/?i=18817 [155] = https://curl.se/bug/?i=18815 + [156] = https://curl.se/bug/?i=18893 [157] = https://curl.se/bug/?i=18806 [158] = https://curl.se/bug/?i=18809 [160] = https://curl.se/bug/?i=18810 @@ -382,6 +433,7 @@ References to bug reports and discussions on issues: [163] = https://curl.se/bug/?i=18747 [164] = https://curl.se/bug/?i=18744 [165] = https://curl.se/bug/?i=18662 + [166] = https://curl.se/bug/?i=18891 [167] = https://curl.se/bug/?i=18804 [168] = https://curl.se/bug/?i=18803 [169] = https://curl.se/bug/?i=18805 @@ -389,8 +441,51 @@ References to bug reports and discussions on issues: [171] = https://curl.se/bug/?i=18801 [172] = https://curl.se/bug/?i=18800 [173] = https://curl.se/bug/?i=18799 + [174] = https://curl.se/bug/?i=18889 + [175] = https://curl.se/bug/?i=18887 [176] = https://curl.se/bug/?i=18780 [177] = https://curl.se/bug/?i=18787 [178] = https://curl.se/bug/?i=18790 [179] = https://curl.se/bug/?i=18793 + [180] = https://curl.se/bug/?i=18886 + [181] = https://curl.se/bug/?i=18884 [182] = https://curl.se/bug/?i=18754 + [184] = https://curl.se/bug/?i=18878 + [185] = https://curl.se/bug/?i=18875 + [186] = https://curl.se/bug/?i=18874 + [191] = https://curl.se/bug/?i=18888 + [192] = https://curl.se/bug/?i=18873 + [193] = https://curl.se/bug/?i=18871 + [194] = https://curl.se/bug/?i=18870 + [195] = https://curl.se/bug/?i=18869 + [196] = https://curl.se/bug/?i=18867 + [197] = https://curl.se/bug/?i=18882 + [198] = https://curl.se/bug/?i=18862 + [199] = https://curl.se/bug/?i=18877 + [200] = https://curl.se/bug/?i=18865 + [201] = https://curl.se/bug/?i=18864 + [202] = https://curl.se/bug/?i=18863 + [204] = https://curl.se/bug/?i=18859 + [205] = https://curl.se/bug/?i=18880 + [206] = https://curl.se/bug/?i=18868 + [207] = https://curl.se/bug/?i=18872 + [211] = https://curl.se/bug/?i=18860 + [212] = https://curl.se/bug/?i=18858 + [213] = https://curl.se/bug/?i=18855 + [214] = https://curl.se/bug/?i=18857 + [216] = https://curl.se/bug/?i=18852 + [217] = https://curl.se/bug/?i=18851 + [218] = https://curl.se/bug/?i=18850 + [220] = https://curl.se/bug/?i=18845 + [221] = https://curl.se/bug/?i=18838 + [223] = https://curl.se/bug/?i=18843 + [224] = https://curl.se/bug/?i=18842 + [225] = https://curl.se/bug/?i=18841 + [226] = https://curl.se/bug/?i=18839 + [228] = https://curl.se/bug/?i=18823 + [229] = https://curl.se/bug/?i=18836 + [231] = https://curl.se/bug/?i=18835 + [234] = https://curl.se/bug/?i=18828 + [238] = https://curl.se/bug/?i=18829 + [239] = https://curl.se/bug/?i=18812 + [240] = https://curl.se/bug/?i=18703 From 752090b9638dcec16d9a773eaa62651681f093b2 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 6 Oct 2025 16:19:21 +0200 Subject: [PATCH 0328/2408] examples/synctime: make the sscanf not overflow the local buffer If the incoming Date: header has a funky format. Bonus: remove bad null terminator assumptions for header Reported-by: Stanislav Fort Closes #18890 --- docs/examples/synctime.c | 58 ++++++++++++++-------------------------- 1 file changed, 20 insertions(+), 38 deletions(-) diff --git a/docs/examples/synctime.c b/docs/examples/synctime.c index d8264d012e..591761fe1c 100644 --- a/docs/examples/synctime.c +++ b/docs/examples/synctime.c @@ -55,20 +55,6 @@ * Usage: * This software synchronises your computer clock only when you issue * it with --synctime. By default, it only display the webserver's clock. - * - * Written by: Frank (contributed to libcurl) - * - * THE SOFTWARE IS PROVIDED "AS-IS" AND WITHOUT WARRANTY OF ANY KIND, - * EXPRESS, IMPLIED OR OTHERWISE, INCLUDING WITHOUT LIMITATION, ANY - * WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. - * - * IN NO EVENT SHALL THE AUTHOR OF THIS SOFTWARE BE LIABLE FOR - * ANY SPECIAL, INCIDENTAL, INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND, - * OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, - * WHETHER OR NOT ADVISED OF THE POSSIBILITY OF DAMAGE, AND ON ANY THEORY OF - * LIABILITY, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE - * OF THIS SOFTWARE. - * */ #include @@ -147,43 +133,39 @@ static size_t SyncTime_CURL_WriteHeader(void *ptr, size_t size, size_t nmemb, (void)stream; if(ShowAllHeader == 1) - fprintf(stderr, "%s", (char *)(ptr)); + fprintf(stderr, "%.*s", (int)nmemb, (char *)ptr); - if(strncmp((char *)(ptr), "Date:", 5) == 0) { + if(strncmp((char *)ptr, "Date:", 5) == 0) { if(ShowAllHeader == 0) - fprintf(stderr, "HTTP Server. %s", (char *)(ptr)); + fprintf(stderr, "HTTP Server. %.*s", (int)nmemb, (char *)ptr); if(AutoSyncTime == 1) { + int RetVal; *TmpStr1 = 0; *TmpStr2 = 0; - if(strlen((char *)(ptr)) > 50) /* Can prevent buffer overflow to - TmpStr1 & 2? */ - AutoSyncTime = 0; - else { - int RetVal = sscanf((char *)(ptr), "Date: %25s %hu %s %hu %hu:%hu:%hu", - TmpStr1, &SYSTime.wDay, TmpStr2, &SYSTime.wYear, - &SYSTime.wHour, &SYSTime.wMinute, - &SYSTime.wSecond); + RetVal = sscanf((char *)ptr, "Date: %25s %hu %25s %hu %hu:%hu:%hu", + TmpStr1, &SYSTime.wDay, TmpStr2, &SYSTime.wYear, + &SYSTime.wHour, &SYSTime.wMinute, + &SYSTime.wSecond); - if(RetVal == 7) { - int i; - SYSTime.wMilliseconds = 500; /* adjust to midpoint, 0.5 sec */ - for(i = 0; i < 12; i++) { - if(strcmp(MthStr[i], TmpStr2) == 0) { - SYSTime.wMonth = (WORD)(i + 1); - break; - } + if(RetVal == 7) { + int i; + SYSTime.wMilliseconds = 500; /* adjust to midpoint, 0.5 sec */ + for(i = 0; i < 12; i++) { + if(strcmp(MthStr[i], TmpStr2) == 0) { + SYSTime.wMonth = (WORD)(i + 1); + break; } - AutoSyncTime = 3; /* Computer clock is adjusted */ - } - else { - AutoSyncTime = 0; /* Error in sscanf() fields conversion */ } + AutoSyncTime = 3; /* Computer clock is adjusted */ + } + else { + AutoSyncTime = 0; /* Error in sscanf() fields conversion */ } } } - if(strncmp((char *)(ptr), "X-Cache: HIT", 12) == 0) { + if(strncmp((char *)ptr, "X-Cache: HIT", 12) == 0) { fprintf(stderr, "ERROR: HTTP Server data is cached." " Server Date is no longer valid.\n"); AutoSyncTime = 0; From f4e83a0adcc86abb9ecc8673e3abd91c215a6649 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Mon, 6 Oct 2025 13:16:55 +0200 Subject: [PATCH 0329/2408] ngtcp2: fix returns when TLS verify failed In both send/recv functions of the ngtcp2 filter, when TLS verification has failed, jump out by skipping ingress/egress handling. Reported-by: Joshua Rogers Closes #18881 --- lib/vquic/curl_ngtcp2.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index 7a26e2bf08..f397ec85ae 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -1329,7 +1329,7 @@ static CURLcode cf_ngtcp2_recv(struct Curl_cfilter *cf, struct Curl_easy *data, /* handshake verification failed in callback, do not recv anything */ if(ctx->tls_vrfy_result) { result = ctx->tls_vrfy_result; - goto out; + goto denied; } pktx_init(&pktx, cf, data); @@ -1361,7 +1361,7 @@ static CURLcode cf_ngtcp2_recv(struct Curl_cfilter *cf, struct Curl_easy *data, out: result = Curl_1st_err(result, cf_progress_egress(cf, data, &pktx)); result = Curl_1st_err(result, check_and_set_expiry(cf, data, &pktx)); - +denied: CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] cf_recv(blen=%zu) -> %d, %zu", stream ? stream->id : -1, blen, result, *pnread); CF_DATA_RESTORE(cf, save); @@ -1616,8 +1616,10 @@ static CURLcode cf_ngtcp2_send(struct Curl_cfilter *cf, struct Curl_easy *data, *pnwritten = 0; /* handshake verification failed in callback, do not send anything */ - if(ctx->tls_vrfy_result) - return ctx->tls_vrfy_result; + if(ctx->tls_vrfy_result) { + result = ctx->tls_vrfy_result; + goto denied; + } (void)eos; /* use for stream EOF and block handling */ result = cf_progress_ingress(cf, data, &pktx); @@ -1684,7 +1686,7 @@ static CURLcode cf_ngtcp2_send(struct Curl_cfilter *cf, struct Curl_easy *data, out: result = Curl_1st_err(result, check_and_set_expiry(cf, data, &pktx)); - +denied: CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] cf_send(len=%zu) -> %d, %zu", stream ? stream->id : -1, len, result, *pnwritten); CF_DATA_RESTORE(cf, save); From 357808f4addef44c2c48f17d067c114bc168a56d Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Mon, 1 Sep 2025 11:58:16 +0200 Subject: [PATCH 0330/2408] multi: add notifications API Add infrastructure to colled and dispatch notifications for transfers and the multi handle in general. Applications can register a callback and en-/disable notification type the are interested in. Without a callback installed, notifications are not collected. Same when a notification type has not been enabled. Memory allocation failures on adding notifications lead to a general multi failure state and result in CURLM_OUT_OF_MEMORY returned from curl_multi_perform() and curl_multi_socket*() invocations. Closes #18432 --- .github/scripts/spellcheck.curl | 3 +- docs/libcurl/Makefile.inc | 2 + docs/libcurl/curl_multi_notify_disable.md | 66 ++++++ docs/libcurl/curl_multi_notify_enable.md | 66 ++++++ docs/libcurl/curl_multi_setopt.md | 8 + docs/libcurl/opts/CURLMOPT_NOTIFYDATA.md | 72 +++++++ docs/libcurl/opts/CURLMOPT_NOTIFYFUNCTION.md | 129 +++++++++++ docs/libcurl/opts/Makefile.inc | 2 + docs/libcurl/symbols-in-versions | 4 + include/curl/multi.h | 27 +++ include/curl/typecheck-gcc.h | 13 +- lib/Makefile.inc | 2 + lib/libcurl.def | 2 + lib/multi.c | 63 +++++- lib/multi_ntfy.c | 212 +++++++++++++++++++ lib/multi_ntfy.h | 57 +++++ lib/multihandle.h | 4 + scripts/singleuse.pl | 2 + src/tool_operate.c | 66 +++--- tests/data/test1135 | 2 + tests/data/test3207 | 2 +- tests/data/test500 | 2 +- tests/http/testenv/curl.py | 3 + tests/unit/unit3214.c | 2 +- 24 files changed, 767 insertions(+), 44 deletions(-) create mode 100644 docs/libcurl/curl_multi_notify_disable.md create mode 100644 docs/libcurl/curl_multi_notify_enable.md create mode 100644 docs/libcurl/opts/CURLMOPT_NOTIFYDATA.md create mode 100644 docs/libcurl/opts/CURLMOPT_NOTIFYFUNCTION.md create mode 100644 lib/multi_ntfy.c create mode 100644 lib/multi_ntfy.h diff --git a/.github/scripts/spellcheck.curl b/.github/scripts/spellcheck.curl index c24edf2b3b..1d8be5ed3e 100644 --- a/.github/scripts/spellcheck.curl +++ b/.github/scripts/spellcheck.curl @@ -133,9 +133,10 @@ curl_multi_setopt curl_multi_assign curl_multi_get_handles curl_multi_get_offt +curl_multi_notify_disable +curl_multi_notify_enable curl_pushheader_bynum curl_pushheader_byname -curl_multi_waitfds curl_easy_option_by_name curl_easy_option_by_id curl_easy_option_next diff --git a/docs/libcurl/Makefile.inc b/docs/libcurl/Makefile.inc index 9bc665d1c6..6ac49d9fb2 100644 --- a/docs/libcurl/Makefile.inc +++ b/docs/libcurl/Makefile.inc @@ -78,6 +78,8 @@ man_MANS = \ curl_multi_get_offt.3 \ curl_multi_info_read.3 \ curl_multi_init.3 \ + curl_multi_notify_disable.3 \ + curl_multi_notify_enable.3 \ curl_multi_perform.3 \ curl_multi_poll.3 \ curl_multi_remove_handle.3 \ diff --git a/docs/libcurl/curl_multi_notify_disable.md b/docs/libcurl/curl_multi_notify_disable.md new file mode 100644 index 0000000000..f4f28ebbd3 --- /dev/null +++ b/docs/libcurl/curl_multi_notify_disable.md @@ -0,0 +1,66 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Title: curl_multi_notify_disable +Section: 3 +Source: libcurl +See-also: + - CURLMOPT_NOTIFYFUNCTION (3) + - CURLMOPT_NOTIFYDATA (3) + - curl_multi_notify_enable (3) +Protocol: + - All +Added-in: 8.17.0 +--- + +# NAME + +curl_multi_notify_disable - disable a notification type + +# SYNOPSIS + +~~~c +#include +CURLMcode curl_multi_notify_disable(CURLM *multi_handle, + unsigned int notification); +~~~ + +# DESCRIPTION + +Disables collecting the given notification type in the multi handle. A +callback function installed via CURLMOPT_NOTIFYFUNCTION(3) is no longer +called when this notification happens. + +Only when a notification callback is installed *and* a notification +is enabled are these collected and dispatched to the callback. + +Several notification types can be enabled at the same time. Disabling +an already disabled notification is not an error. + +A notification can be enabled again via curl_multi_notify_enable(3). + +# %PROTOCOLS% + +# EXAMPLE + +~~~c +int main(void) +{ + int rc; + CURLM *multi = curl_multi_init(); + + rc = curl_multi_notify_disable(multi, CURLM_NTFY_INFO_READ); +} +~~~ + +# %AVAILABILITY% + +# RETURN VALUE + +This function returns a CURLMcode indicating success or error. + +CURLM_OK (0) means everything was OK, non-zero means an error occurred, see +libcurl-errors(3). + +The return code is for the whole multi stack. Problems still might have +occurred on individual transfers even when one of these functions return OK. diff --git a/docs/libcurl/curl_multi_notify_enable.md b/docs/libcurl/curl_multi_notify_enable.md new file mode 100644 index 0000000000..d3ab02d2c7 --- /dev/null +++ b/docs/libcurl/curl_multi_notify_enable.md @@ -0,0 +1,66 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Title: curl_multi_notify_enable +Section: 3 +Source: libcurl +See-also: + - CURLMOPT_NOTIFYFUNCTION (3) + - CURLMOPT_NOTIFYDATA (3) + - curl_multi_notify_disable (3) +Protocol: + - All +Added-in: 8.17.0 +--- + +# NAME + +curl_multi_notify_enable - enable a notification type + +# SYNOPSIS + +~~~c +#include +CURLMcode curl_multi_notify_enable(CURLM *multi_handle, + unsigned int notification); +~~~ + +# DESCRIPTION + +Enables collecting the given notification type in the multi handle. A +callback function installed via CURLMOPT_NOTIFYFUNCTION(3) is called +when this notification happens. + +Only when a notification callback is installed *and* a notification +is enabled are these collected and dispatched to the callback. + +Several notification types can be enabled at the same time. Enabling +an already enabled notification is not an error. + +A notification can be disabled again via curl_multi_notify_disable(3). + +# %PROTOCOLS% + +# EXAMPLE + +~~~c +int main(void) +{ + int rc; + CURLM *multi = curl_multi_init(); + + rc = curl_multi_notify_enable(multi, CURLM_NTFY_INFO_READ); +} +~~~ + +# %AVAILABILITY% + +# RETURN VALUE + +This function returns a CURLMcode indicating success or error. + +CURLM_OK (0) means everything was OK, non-zero means an error occurred, see +libcurl-errors(3). + +The return code is for the whole multi stack. Problems still might have +occurred on individual transfers even when one of these functions return OK. diff --git a/docs/libcurl/curl_multi_setopt.md b/docs/libcurl/curl_multi_setopt.md index e646eced62..adb38e0de5 100644 --- a/docs/libcurl/curl_multi_setopt.md +++ b/docs/libcurl/curl_multi_setopt.md @@ -72,6 +72,14 @@ Max simultaneously open connections. See CURLMOPT_MAX_TOTAL_CONNECTIONS(3) Signal that the network has changed. See CURLMOPT_NETWORK_CHANGED(3) +## CURLMOPT_NOTIFYDATA + +Custom pointer passed to the notify callback. See CURLMOPT_NOTIFYDATA(3) + +## CURLMOPT_NOTIFYFUNCTION + +Callback that receives notifications. See CURLMOPT_NOTIFYFUNCTION(3) + ## CURLMOPT_PIPELINING Enable HTTP multiplexing. See CURLMOPT_PIPELINING(3) diff --git a/docs/libcurl/opts/CURLMOPT_NOTIFYDATA.md b/docs/libcurl/opts/CURLMOPT_NOTIFYDATA.md new file mode 100644 index 0000000000..3349c77fbe --- /dev/null +++ b/docs/libcurl/opts/CURLMOPT_NOTIFYDATA.md @@ -0,0 +1,72 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Title: CURLMOPT_NOTIFYDATA +Section: 3 +Source: libcurl +See-also: + - CURLMOPT_NOTIFYFUNCTION (3) + - curl_multi_notify_disable (3) + - curl_multi_notify_enable (3) +Protocol: + - All +Added-in: 8.17.0 +--- + +# NAME + +CURLMOPT_NOTIFYDATA - custom pointer passed to the notification callback + +# SYNOPSIS + +~~~c +#include + +CURLMcode curl_multi_setopt(CURLM *handle, CURLMOPT_NOTIFYDATA, void *pointer); +~~~ + +# DESCRIPTION + +A data *pointer* to pass to the notification callback set with the +CURLMOPT_NOTIFYFUNCTION(3) option. + +This pointer is not touched by libcurl but is only passed in as the +notification callback's **clientp** argument. + +# DEFAULT + +NULL + +# %PROTOCOLS% + +# EXAMPLE + +~~~c +struct priv { + void *ours; +}; + +static void ntfy_cb(CURLM *multi, unsigned int notification, + CURL *easy, void *ntfyp) +{ + struct priv *p = ntfyp; + printf("my ptr: %p\n", p->ours); + /* ... */ +} + +int main(void) +{ + struct priv setup; + CURLM *multi = curl_multi_init(); + /* ... use socket callback and custom pointer */ + curl_multi_setopt(multi, CURLMOPT_NOTIFYFUNCTION, ntfy_cb); + curl_multi_setopt(multi, CURLMOPT_NOTIFYDATA, &setup); + curl_multi_notify_enable(multi, CURLM_NTFY_INFO_READ); +} +~~~ + +# %AVAILABILITY% + +# RETURN VALUE + +Returns CURLM_OK. diff --git a/docs/libcurl/opts/CURLMOPT_NOTIFYFUNCTION.md b/docs/libcurl/opts/CURLMOPT_NOTIFYFUNCTION.md new file mode 100644 index 0000000000..979fea89a7 --- /dev/null +++ b/docs/libcurl/opts/CURLMOPT_NOTIFYFUNCTION.md @@ -0,0 +1,129 @@ +--- +c: Copyright (C) Daniel Stenberg, , et al. +SPDX-License-Identifier: curl +Title: CURLMOPT_NOTIFYFUNCTION +Section: 3 +Source: libcurl +See-also: + - CURLMOPT_NOTIFYDATA (3) + - curl_multi_socket_action (3) + - curl_multi_notify_disable (3) + - curl_multi_notify_enable (3) +Protocol: + - All +Added-in: 8.17.0 +--- + +# NAME + +CURLMOPT_NOTIFYFUNCTION - callback receiving notifications + +# SYNOPSIS + +~~~c +#include + +void ntfy_callback(CURLM *multi, /* multi handle */ + unsigned int notification, /* notification type */ + CURL *easy, /* easy handle */ + void *ntfyp); /* private ntfy pointer */ + +CURLMcode curl_multi_setopt(CURLM *handle, CURLMOPT_NOTIFYFUNCTION, ntfy_callback); +~~~ + +# DESCRIPTION + +Pass a pointer to your callback function, which should match the prototype +shown above. + +When the multi handle processes transfers, changes can be observed +by receiving notifications about them. This can eliminate the need to +constantly interrogate the multi handle to observe such changes to +act on them. + +Notifications are collected and dispatched to the application's callback +function at an appropriate time. + +The notify callback is different from other callbacks in that it +can use more libcurl API functions. Apart from curl_multi_perform(3), +curl_multi_socket(3), curl_multi_socket_action(3), curl_multi_socket_all(3) +and curl_multi_cleanup(3) it may call all other methods on the +multi and easy handles. This includes adding and removing easy +handles to/from the multi handle. + +This callback may get invoked at any time when interacting with libcurl. +This may even happen after all transfers are done and *may also* +happen *during* a call to curl_multi_cleanup(3) when cached connections +are shut down. + +# CALLBACK ARGUMENTS + +*multi* identifies the multi handle that triggered the notification. + +**notification** is the type of notification, e.g. what happened. The +following types are available: + +## CURLM_NTFY_INFO_READ + +When enabled via curl_multi_notify_enable(3), this informs the application +that there are new messages to be processed via curl_multi_info_read(3). + +This notification happens whenever a message is added to an empty +message stack in the multi handle and not for subsequent additions. The +notification callback is then expected to read all available message, +emptying the stack, so a subsequent addition triggers the notification +again. + +The *easy* handle passed is an internal handle. + +## CURLM_NTFY_EASY_DONE + +When enabled via curl_multi_notify_enable(3), this notification is triggered +when a an easy handle has finished. This happens both for +successful and failed transfers. + +The *easy* handle passed is the transfer that is done. This *may* be +an internal handle when DoH or other features are used. + +*easy* identifies the transfer involved. This may be one of the +application's own easy handle or an internal handle. + +**ntfyp** is set with CURLMOPT_NOTIFYDATA(3). + +# DEFAULT + +NULL (no callback) + +# %PROTOCOLS% + +# EXAMPLE + +~~~c +struct priv { + void *ours; +}; + +static void ntfy_cb(CURLM *multi, unsigned int notification, + CURL *easy, void *ntfyp) +{ + struct priv *p = ntfyp; + printf("my ptr: %p\n", p->ours); + /* ... */ +} + +int main(void) +{ + struct priv setup; + CURLM *multi = curl_multi_init(); + /* ... use socket callback and custom pointer */ + curl_multi_setopt(multi, CURLMOPT_NOTIFYFUNCTION, ntfy_cb); + curl_multi_setopt(multi, CURLMOPT_NOTIFYDATA, &setup); + curl_multi_notify_enable(multi, CURLM_NTFY_INFO_READ); +} +~~~ + +# %AVAILABILITY% + +# RETURN VALUE + +Returns CURLM_OK. diff --git a/docs/libcurl/opts/Makefile.inc b/docs/libcurl/opts/Makefile.inc index 98691cac3c..39192b6392 100644 --- a/docs/libcurl/opts/Makefile.inc +++ b/docs/libcurl/opts/Makefile.inc @@ -114,6 +114,8 @@ man_MANS = \ CURLMOPT_MAX_TOTAL_CONNECTIONS.3 \ CURLMOPT_MAXCONNECTS.3 \ CURLMOPT_NETWORK_CHANGED.3 \ + CURLMOPT_NOTIFYDATA.3 \ + CURLMOPT_NOTIFYFUNCTION.3 \ CURLMOPT_PIPELINING.3 \ CURLMOPT_PIPELINING_SERVER_BL.3 \ CURLMOPT_PIPELINING_SITE_BL.3 \ diff --git a/docs/libcurl/symbols-in-versions b/docs/libcurl/symbols-in-versions index 43435cb16b..75db554e2a 100644 --- a/docs/libcurl/symbols-in-versions +++ b/docs/libcurl/symbols-in-versions @@ -545,6 +545,8 @@ CURLM_BAD_SOCKET 7.15.4 CURLM_CALL_MULTI_PERFORM 7.9.6 CURLM_CALL_MULTI_SOCKET 7.15.5 CURLM_INTERNAL_ERROR 7.9.6 +CURLM_NTFY_EASY_DONE 8.17.0 +CURLM_NTFY_INFO_READ 8.17.0 CURLM_OK 7.9.6 CURLM_OUT_OF_MEMORY 7.9.6 CURLM_RECURSIVE_API_CALL 7.59.0 @@ -568,6 +570,8 @@ CURLMOPT_MAX_PIPELINE_LENGTH 7.30.0 CURLMOPT_MAX_TOTAL_CONNECTIONS 7.30.0 CURLMOPT_MAXCONNECTS 7.16.3 CURLMOPT_NETWORK_CHANGED 8.16.0 +CURLMOPT_NOTIFYDATA 8.17.0 +CURLMOPT_NOTIFYFUNCTION 8.17.0 CURLMOPT_PIPELINING 7.16.0 CURLMOPT_PIPELINING_SERVER_BL 7.30.0 CURLMOPT_PIPELINING_SITE_BL 7.30.0 diff --git a/include/curl/multi.h b/include/curl/multi.h index 99e4413c9f..c486a3a5cc 100644 --- a/include/curl/multi.h +++ b/include/curl/multi.h @@ -398,6 +398,12 @@ typedef enum { /* network has changed, adjust caches/connection reuse */ CURLOPT(CURLMOPT_NETWORK_CHANGED, CURLOPTTYPE_LONG, 17), + /* This is the notify callback function pointer */ + CURLOPT(CURLMOPT_NOTIFYFUNCTION, CURLOPTTYPE_FUNCTIONPOINT, 18), + + /* This is the argument passed to the notify callback */ + CURLOPT(CURLMOPT_NOTIFYDATA, CURLOPTTYPE_OBJECTPOINT, 19), + CURLMOPT_LASTENTRY /* the last unused */ } CURLMoption; @@ -520,6 +526,27 @@ CURL_EXTERN CURLMcode curl_multi_waitfds(CURLM *multi, unsigned int size, unsigned int *fd_count); +/* + * Notifications dispatched by a multi handle, when enabled. + */ +#define CURLM_NTFY_INFO_READ 0 +#define CURLM_NTFY_EASY_DONE 1 + +/* + * Callback to install via CURLMOPT_NOTIFYFUNCTION. + */ +typedef void (*curl_notify_callback)(CURLM *multi, + unsigned int notification, + CURL *easy, + void *user_data); + + +CURL_EXTERN CURLMcode curl_multi_notify_disable(CURLM *multi, + unsigned int notification); + +CURL_EXTERN CURLMcode curl_multi_notify_enable(CURLM *multi, + unsigned int notification); + #ifdef __cplusplus } /* end of extern "C" */ #endif diff --git a/include/curl/typecheck-gcc.h b/include/curl/typecheck-gcc.h index 07fba246d4..de2cfb715a 100644 --- a/include/curl/typecheck-gcc.h +++ b/include/curl/typecheck-gcc.h @@ -208,6 +208,9 @@ if(curlcheck_charpp_option(option)) \ if(!curlcheck_ptrptr(value, char)) \ Wcurl_multi_setopt_err_charpp(); \ + if((option) == CURLMOPT_NOTIFYFUNCTION) \ + if(!curlcheck_multintfy_cb(value)) \ + Wcurl_multi_setopt_err_ntfycb(); \ if((option) == CURLMOPT_PUSHFUNCTION) \ if(!curlcheck_multipush_cb(value)) \ Wcurl_multi_setopt_err_pushcb(); \ @@ -224,7 +227,8 @@ /* evaluates to true if the option takes a data argument to pass to a callback */ #define curlcheck_multicb_data_option(option) \ - ((option) == CURLMOPT_PUSHDATA || \ + ((option) == CURLMOPT_NOTIFYDATA || \ + (option) == CURLMOPT_PUSHDATA || \ (option) == CURLMOPT_SOCKETDATA || \ (option) == CURLMOPT_TIMERDATA || \ 0) @@ -250,6 +254,11 @@ (curlcheck_NULL(expr) || \ curlcheck_cb_compatible((expr), curl_push_callback)) +/* evaluates to true if expr is of type curl_push_callback */ +#define curlcheck_multintfy_cb(expr) \ + (curlcheck_NULL(expr) || \ + curlcheck_cb_compatible((expr), curl_notify_callback)) + /* * For now, just make sure that the functions are called with three arguments */ @@ -275,6 +284,8 @@ CURLWARNING(Wcurl_multi_setopt_err_charpp, "curl_multi_setopt expects a 'char **' argument") CURLWARNING(Wcurl_multi_setopt_err_pushcb, "curl_multi_setopt expects a curl_push_callback argument") +CURLWARNING(Wcurl_multi_setopt_err_ntfycb, + "curl_multi_setopt expects a curl_notify_callback argument") CURLWARNING(Wcurl_multi_setopt_err_socketcb, "curl_multi_setopt expects a curl_socket_callback argument") CURLWARNING(Wcurl_multi_setopt_err_timercb, diff --git a/lib/Makefile.inc b/lib/Makefile.inc index 500c690561..f06af2ca70 100644 --- a/lib/Makefile.inc +++ b/lib/Makefile.inc @@ -225,6 +225,7 @@ LIB_CFILES = \ mqtt.c \ multi.c \ multi_ev.c \ + multi_ntfy.c \ netrc.c \ noproxy.c \ openldap.c \ @@ -357,6 +358,7 @@ LIB_HFILES = \ mqtt.h \ multihandle.h \ multi_ev.h \ + multi_ntfy.h \ multiif.h \ netrc.h \ noproxy.h \ diff --git a/lib/libcurl.def b/lib/libcurl.def index d2f5d8318f..803f372041 100644 --- a/lib/libcurl.def +++ b/lib/libcurl.def @@ -57,6 +57,8 @@ curl_multi_get_handles curl_multi_get_offt curl_multi_info_read curl_multi_init +curl_multi_notify_disable +curl_multi_notify_enable curl_multi_perform curl_multi_poll curl_multi_remove_handle diff --git a/lib/multi.c b/lib/multi.c index ced03eea9f..58e384b68a 100644 --- a/lib/multi.c +++ b/lib/multi.c @@ -171,8 +171,15 @@ static void mstate(struct Curl_easy *data, CURLMstate state #endif data->mstate = state; - - if(state == MSTATE_COMPLETED) { + switch(state) { + case MSTATE_DONE: + CURLM_NTFY(data, CURLM_NTFY_EASY_DONE); + break; + case MSTATE_COMPLETED: + /* we sometimes directly jump to COMPLETED, trigger also a notification + * in that case. */ + if(oldstate < MSTATE_DONE) + CURLM_NTFY(data, CURLM_NTFY_EASY_DONE); /* changing to COMPLETED means it is in process and needs to go */ DEBUGASSERT(Curl_uint_bset_contains(&data->multi->process, data->mid)); Curl_uint_bset_remove(&data->multi->process, data->mid); @@ -182,6 +189,9 @@ static void mstate(struct Curl_easy *data, CURLMstate state /* free the transfer buffer when we have no more active transfers */ multi_xfer_bufs_free(data->multi); } + break; + default: + break; } /* if this state has an init-function, run it */ @@ -215,6 +225,8 @@ static void ph_freeentry(void *p) */ static void multi_addmsg(struct Curl_multi *multi, struct Curl_message *msg) { + if(!Curl_llist_count(&multi->msglist)) + CURLM_NTFY(multi->admin, CURLM_NTFY_INFO_READ); Curl_llist_append(&multi->msglist, msg, &msg->list); } @@ -232,6 +244,7 @@ struct Curl_multi *Curl_multi_handle(unsigned int xfer_table_size, multi->magic = CURL_MULTI_HANDLE; Curl_dnscache_init(&multi->dnscache, dnssize); + Curl_mntfy_init(multi); Curl_multi_ev_init(multi, ev_hashsize); Curl_uint_tbl_init(&multi->xfers, NULL); Curl_uint_bset_init(&multi->process); @@ -246,7 +259,8 @@ struct Curl_multi *Curl_multi_handle(unsigned int xfer_table_size, multi->max_concurrent_streams = 100; multi->last_timeout_ms = -1; - if(Curl_uint_bset_resize(&multi->process, xfer_table_size) || + if(Curl_mntfy_resize(multi) || + Curl_uint_bset_resize(&multi->process, xfer_table_size) || Curl_uint_bset_resize(&multi->pending, xfer_table_size) || Curl_uint_bset_resize(&multi->dirty, xfer_table_size) || Curl_uint_bset_resize(&multi->msgsent, xfer_table_size) || @@ -305,6 +319,7 @@ error: multi->admin->multi = NULL; Curl_close(&multi->admin); } + Curl_mntfy_cleanup(multi); Curl_uint_bset_destroy(&multi->process); Curl_uint_bset_destroy(&multi->dirty); @@ -2754,6 +2769,9 @@ CURLMcode curl_multi_perform(CURLM *m, int *running_handles) if(multi->in_callback) return CURLM_RECURSIVE_API_CALL; + if(multi->in_ntfy_callback) + return CURLM_RECURSIVE_API_CALL; + sigpipe_init(&pipe_st); if(Curl_uint_bset_first(&multi->process, &mid)) { CURL_TRC_M(multi->admin, "multi_perform(running=%u)", @@ -2785,6 +2803,9 @@ CURLMcode curl_multi_perform(CURLM *m, int *running_handles) if(multi_ischanged(m, TRUE)) process_pending_handles(m); + if(!returncode) + returncode = Curl_mntfy_dispatch_all(multi); + /* * Simply remove all expired timers from the splay since handles are dealt * with unconditionally by this function and curl_multi_timeout() requires @@ -2831,6 +2852,8 @@ CURLMcode curl_multi_cleanup(CURLM *m) unsigned int mid; if(multi->in_callback) return CURLM_RECURSIVE_API_CALL; + if(multi->in_ntfy_callback) + return CURLM_RECURSIVE_API_CALL; /* First remove all remaining easy handles, * close internal ones. admin handle is special */ @@ -2900,6 +2923,7 @@ CURLMcode curl_multi_cleanup(CURLM *m) #endif multi_xfer_bufs_free(multi); + Curl_mntfy_cleanup(multi); #ifdef DEBUGBUILD if(Curl_uint_tbl_count(&multi->xfers)) { multi_xfer_tbl_dump(multi); @@ -3180,6 +3204,9 @@ out: if(multi_ischanged(multi, TRUE)) process_pending_handles(multi); + if(!result) + result = Curl_mntfy_dispatch_all(multi); + if(running_handles) { unsigned int running = Curl_multi_xfers_running(multi); *running_handles = (running < INT_MAX) ? (int)running : INT_MAX; @@ -3269,6 +3296,12 @@ CURLMcode curl_multi_setopt(CURLM *m, } break; } + case CURLMOPT_NOTIFYFUNCTION: + multi->ntfy.ntfy_cb = va_arg(param, curl_notify_callback); + break; + case CURLMOPT_NOTIFYDATA: + multi->ntfy.ntfy_cb_data = va_arg(param, void *); + break; default: res = CURLM_UNKNOWN_OPTION; break; @@ -3285,6 +3318,8 @@ CURLMcode curl_multi_socket(CURLM *m, curl_socket_t s, int *running_handles) struct Curl_multi *multi = m; if(multi->in_callback) return CURLM_RECURSIVE_API_CALL; + if(multi->in_ntfy_callback) + return CURLM_RECURSIVE_API_CALL; return multi_socket(multi, FALSE, s, 0, running_handles); } @@ -3294,6 +3329,8 @@ CURLMcode curl_multi_socket_action(CURLM *m, curl_socket_t s, struct Curl_multi *multi = m; if(multi->in_callback) return CURLM_RECURSIVE_API_CALL; + if(multi->in_ntfy_callback) + return CURLM_RECURSIVE_API_CALL; return multi_socket(multi, FALSE, s, ev_bitmask, running_handles); } @@ -3302,6 +3339,8 @@ CURLMcode curl_multi_socket_all(CURLM *m, int *running_handles) struct Curl_multi *multi = m; if(multi->in_callback) return CURLM_RECURSIVE_API_CALL; + if(multi->in_ntfy_callback) + return CURLM_RECURSIVE_API_CALL; return multi_socket(multi, TRUE, CURL_SOCKET_BAD, 0, running_handles); } @@ -3996,6 +4035,24 @@ void Curl_multi_clear_dirty(struct Curl_easy *data) Curl_uint_bset_remove(&data->multi->dirty, data->mid); } +CURLMcode curl_multi_notify_enable(CURLM *m, unsigned int notification) +{ + struct Curl_multi *multi = m; + + if(!GOOD_MULTI_HANDLE(multi)) + return CURLM_BAD_HANDLE; + return Curl_mntfy_enable(multi, notification); +} + +CURLMcode curl_multi_notify_disable(CURLM *m, unsigned int notification) +{ + struct Curl_multi *multi = m; + + if(!GOOD_MULTI_HANDLE(multi)) + return CURLM_BAD_HANDLE; + return Curl_mntfy_disable(multi, notification); +} + #ifdef DEBUGBUILD static void multi_xfer_dump(struct Curl_multi *multi, unsigned int mid, void *entry) diff --git a/lib/multi_ntfy.c b/lib/multi_ntfy.c new file mode 100644 index 0000000000..95ce82f57d --- /dev/null +++ b/lib/multi_ntfy.c @@ -0,0 +1,212 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + * SPDX-License-Identifier: curl + * + ***************************************************************************/ + +#include "curl_setup.h" + +#include + +#include "urldata.h" +#include "curl_trc.h" +#include "multihandle.h" +#include "multiif.h" +#include "multi_ntfy.h" + +/* The last 3 #include files should be in this order */ +#include "curl_printf.h" +#include "curl_memory.h" +#include "memdebug.h" + + +struct mntfy_entry { + unsigned int mid; + unsigned int type; +}; + +#define CURL_MNTFY_CHUNK_SIZE 128 + +struct mntfy_chunk { + struct mntfy_chunk *next; + size_t r_offset; + size_t w_offset; + struct mntfy_entry entries[CURL_MNTFY_CHUNK_SIZE]; +}; + +static struct mntfy_chunk *mnfty_chunk_create(void) +{ + return calloc(1, sizeof(struct mntfy_chunk)); +} + +static void mnfty_chunk_destroy(struct mntfy_chunk *chunk) +{ + free(chunk); +} + +static void mnfty_chunk_reset(struct mntfy_chunk *chunk) +{ + memset(chunk, 0, sizeof(*chunk)); +} + +static bool mntfy_chunk_append(struct mntfy_chunk *chunk, + struct Curl_easy *data, + unsigned int type) +{ + struct mntfy_entry *e; + + if(chunk->w_offset >= CURL_MNTFY_CHUNK_SIZE) + return FALSE; + e = &chunk->entries[chunk->w_offset++]; + e->mid = data->mid; + e->type = type; + return TRUE; +} + +static struct mntfy_chunk *mntfy_non_full_tail(struct curl_multi_ntfy *mntfy) +{ + struct mntfy_chunk *chunk; + if(!mntfy->tail) { + chunk = mnfty_chunk_create(); + if(!chunk) + return NULL; + DEBUGASSERT(!mntfy->head); + mntfy->head = mntfy->tail = chunk; + return chunk; + } + else if(mntfy->tail->w_offset < CURL_MNTFY_CHUNK_SIZE) + return mntfy->tail; + else { /* tail is full. */ + chunk = mnfty_chunk_create(); + if(!chunk) + return NULL; + DEBUGASSERT(mntfy->head); + mntfy->tail->next = chunk; + mntfy->tail = chunk; + return chunk; + } +} + +static void mntfy_chunk_dispatch_all(struct Curl_multi *multi, + struct mntfy_chunk *chunk) +{ + struct mntfy_entry *e; + struct Curl_easy *data; + + if(multi->ntfy.ntfy_cb) { + while((chunk->r_offset < chunk->w_offset) && !multi->ntfy.failure) { + e = &chunk->entries[chunk->r_offset]; + data = e->mid ? Curl_multi_get_easy(multi, e->mid) : multi->admin; + /* only when notification has not been disabled in the meantime */ + if(data && Curl_uint_bset_contains(&multi->ntfy.enabled, e->type)) { + /* this may cause new notifications to be added! */ + CURL_TRC_M(multi->admin, "[NTFY] dispatch %d to xfer %u", + e->type, e->mid); + multi->ntfy.ntfy_cb(multi, e->type, data, multi->ntfy.ntfy_cb_data); + } + /* once dispatched, safe to increment */ + chunk->r_offset++; + } + } + mnfty_chunk_reset(chunk); +} + +void Curl_mntfy_init(struct Curl_multi *multi) +{ + memset(&multi->ntfy, 0, sizeof(multi->ntfy)); + Curl_uint_bset_init(&multi->ntfy.enabled); +} + +CURLMcode Curl_mntfy_resize(struct Curl_multi *multi) +{ + if(Curl_uint_bset_resize(&multi->ntfy.enabled, CURLM_NTFY_EASY_DONE + 1)) + return CURLM_OUT_OF_MEMORY; + return CURLM_OK; +} + +void Curl_mntfy_cleanup(struct Curl_multi *multi) +{ + while(multi->ntfy.head) { + struct mntfy_chunk *chunk = multi->ntfy.head; + multi->ntfy.head = chunk->next; + mnfty_chunk_destroy(chunk); + } + multi->ntfy.tail = NULL; + Curl_uint_bset_destroy(&multi->ntfy.enabled); +} + +CURLMcode Curl_mntfy_enable(struct Curl_multi *multi, unsigned int type) +{ + if(type > CURLM_NTFY_EASY_DONE) + return CURLM_UNKNOWN_OPTION; + Curl_uint_bset_add(&multi->ntfy.enabled, type); + return CURLM_OK; +} + +CURLMcode Curl_mntfy_disable(struct Curl_multi *multi, unsigned int type) +{ + if(type > CURLM_NTFY_EASY_DONE) + return CURLM_UNKNOWN_OPTION; + Curl_uint_bset_remove(&multi->ntfy.enabled, type); + return CURLM_OK; +} + +void Curl_mntfy_add(struct Curl_easy *data, unsigned int type) +{ + struct Curl_multi *multi = data ? data->multi : NULL; + if(multi && multi->ntfy.ntfy_cb && !multi->ntfy.failure && + Curl_uint_bset_contains(&multi->ntfy.enabled, type)) { + /* append to list of outstanding notifications */ + struct mntfy_chunk *tail = mntfy_non_full_tail(&multi->ntfy); + CURL_TRC_M(data, "[NTFY] add %d for xfer %u", type, data->mid); + if(tail) + mntfy_chunk_append(tail, data, type); + else + multi->ntfy.failure = CURLM_OUT_OF_MEMORY; + } +} + +CURLMcode Curl_mntfy_dispatch_all(struct Curl_multi *multi) +{ + DEBUGASSERT(!multi->in_ntfy_callback); + multi->in_ntfy_callback = TRUE; + while(multi->ntfy.head && !multi->ntfy.failure) { + struct mntfy_chunk *chunk = multi->ntfy.head; + /* this may cause new notifications to be added! */ + mntfy_chunk_dispatch_all(multi, chunk); + DEBUGASSERT(chunk->r_offset == chunk->w_offset); + + if(chunk == multi->ntfy.tail) /* last one, keep */ + break; + DEBUGASSERT(chunk->next); + DEBUGASSERT(multi->ntfy.head != multi->ntfy.tail); + multi->ntfy.head = chunk->next; + mnfty_chunk_destroy(chunk); + } + multi->in_ntfy_callback = FALSE; + + if(multi->ntfy.failure) { + CURLMcode result = multi->ntfy.failure; + multi->ntfy.failure = CURLM_OK; /* reset, once delivered */ + return result; + } + return CURLM_OK; +} diff --git a/lib/multi_ntfy.h b/lib/multi_ntfy.h new file mode 100644 index 0000000000..d920b3295d --- /dev/null +++ b/lib/multi_ntfy.h @@ -0,0 +1,57 @@ +#ifndef HEADER_CURL_MULTI_NTFY_H +#define HEADER_CURL_MULTI_NTFY_H +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + * SPDX-License-Identifier: curl + * + ***************************************************************************/ + +#include "uint-bset.h" + +struct Curl_easy; +struct Curl_multi; + +struct curl_multi_ntfy { + curl_notify_callback ntfy_cb; + void *ntfy_cb_data; + struct uint_bset enabled; + CURLMcode failure; + struct mntfy_chunk *head; + struct mntfy_chunk *tail; +}; + +void Curl_mntfy_init(struct Curl_multi *multi); +CURLMcode Curl_mntfy_resize(struct Curl_multi *multi); +void Curl_mntfy_cleanup(struct Curl_multi *multi); + +CURLMcode Curl_mntfy_enable(struct Curl_multi *multi, unsigned int type); +CURLMcode Curl_mntfy_disable(struct Curl_multi *multi, unsigned int type); + +void Curl_mntfy_add(struct Curl_easy *data, unsigned int type); + +#define CURLM_NTFY(d,t) \ + do { if((d) && (d)->multi && (d)->multi->ntfy.ntfy_cb) \ + Curl_mntfy_add((d), (t)); } while(0) + +CURLMcode Curl_mntfy_dispatch_all(struct Curl_multi *multi); + + +#endif /* HEADER_CURL_MULTI_NTFY_H */ diff --git a/lib/multihandle.h b/lib/multihandle.h index ae41044adc..69f977bb94 100644 --- a/lib/multihandle.h +++ b/lib/multihandle.h @@ -30,6 +30,7 @@ #include "cshutdn.h" #include "hostip.h" #include "multi_ev.h" +#include "multi_ntfy.h" #include "psl.h" #include "socketpair.h" #include "uint-bset.h" @@ -134,6 +135,8 @@ struct Curl_multi { /* multi event related things */ struct curl_multi_ev ev; + /* multi notification related things */ + struct curl_multi_ntfy ntfy; /* `proto_hash` is a general key-value store for protocol implementations * with the lifetime of the multi handle. The number of elements kept here @@ -178,6 +181,7 @@ struct Curl_multi { BIT(multiplexing); /* multiplexing wanted */ BIT(recheckstate); /* see Curl_multi_connchanged */ BIT(in_callback); /* true while executing a callback */ + BIT(in_ntfy_callback); /* true while dispatching notifications */ #ifdef USE_OPENSSL BIT(ssl_seeded); #endif diff --git a/scripts/singleuse.pl b/scripts/singleuse.pl index 2e8a8e0afd..b4cbe3ff4a 100755 --- a/scripts/singleuse.pl +++ b/scripts/singleuse.pl @@ -116,6 +116,8 @@ my %api = ( 'curl_multi_get_offt' => 'API', 'curl_multi_info_read' => 'API', 'curl_multi_init' => 'API', + 'curl_multi_notify_disable' => 'API', + 'curl_multi_notify_enable' => 'API', 'curl_multi_perform' => 'API', 'curl_multi_remove_handle' => 'API', 'curl_multi_setopt' => 'API', diff --git a/src/tool_operate.c b/src/tool_operate.c index 3c29d28ec3..fc5a965625 100644 --- a/src/tool_operate.c +++ b/src/tool_operate.c @@ -1464,26 +1464,8 @@ struct contextuv { struct datauv *uv; }; -static CURLcode check_finished(struct parastate *s); - -static void check_multi_info(struct datauv *uv) -{ - CURLcode result; - - result = check_finished(uv->s); - if(result && !uv->s->result) - uv->s->result = result; - - if(uv->s->more_transfers) { - result = add_parallel_transfers(uv->s->multi, uv->s->share, - &uv->s->more_transfers, - &uv->s->added_transfers); - if(result && !uv->s->result) - uv->s->result = result; - if(result) - uv_stop(uv->loop); - } -} +static void mnotify(CURLM *multi, unsigned int notification, + CURL *easy, void *user_data); /* callback from libuv on socket activity */ static void on_uv_socket(uv_poll_t *req, int status, int events) @@ -1510,7 +1492,6 @@ static void on_uv_timeout(uv_timer_t *req) if(uv && uv->s) { curl_multi_socket_action(uv->s->multi, CURL_SOCKET_TIMEOUT, 0, &uv->s->still_running); - check_multi_info(uv); } } @@ -1596,8 +1577,6 @@ static int cb_socket(CURL *easy, curl_socket_t s, int action, uv_poll_stop(&c->poll_handle); destroy_context(c); curl_multi_assign(uv->s->multi, s, NULL); - /* check if we can do more now */ - check_multi_info(uv); } break; default: @@ -1641,10 +1620,6 @@ static CURLcode parallel_event(struct parastate *s) curl_mfprintf(tool_stderr, "parallel_event: uv_run() returned\n"); #endif - result = check_finished(s); - if(result && !s->result) - s->result = result; - /* early exit called */ if(s->wrapitup) { if(s->still_running && !s->wrapitup_processed) { @@ -1657,13 +1632,6 @@ static CURLcode parallel_event(struct parastate *s) } break; } - - if(s->more_transfers) { - result = add_parallel_transfers(s->multi, s->share, &s->more_transfers, - &s->added_transfers); - if(result && !s->result) - s->result = result; - } } result = s->result; @@ -1758,6 +1726,27 @@ static CURLcode check_finished(struct parastate *s) return result; } +static void mnotify(CURLM *multi, unsigned int notification, + CURL *easy, void *user_data) +{ + struct parastate *s = user_data; + CURLcode result; + + (void)multi; + (void)easy; + + switch(notification) { + case CURLM_NTFY_INFO_READ: + result = check_finished(s); + /* remember first failure */ + if(result && !s->result) + s->result = result; + break; + default: + break; + } +} + static CURLcode parallel_transfers(CURLSH *share) { CURLcode result; @@ -1775,6 +1764,10 @@ static CURLcode parallel_transfers(CURLSH *share) if(!s->multi) return CURLE_OUT_OF_MEMORY; + (void)curl_multi_setopt(s->multi, CURLMOPT_NOTIFYFUNCTION, mnotify); + (void)curl_multi_setopt(s->multi, CURLMOPT_NOTIFYDATA, s); + (void)curl_multi_notify_enable(s->multi, CURLM_NTFY_INFO_READ); + result = add_parallel_transfers(s->multi, s->share, &s->more_transfers, &s->added_transfers); if(result) { @@ -1813,13 +1806,14 @@ static CURLcode parallel_transfers(CURLSH *share) s->mcode = curl_multi_poll(s->multi, NULL, 0, 1000, NULL); if(!s->mcode) s->mcode = curl_multi_perform(s->multi, &s->still_running); - if(!s->mcode) - result = check_finished(s); } (void)progress_meter(s->multi, &s->start, TRUE); } + /* Result is the first failed transfer - if there was one. */ + result = s->result; + /* Make sure to return some kind of error if there was a multi problem */ if(s->mcode) { result = (s->mcode == CURLM_OUT_OF_MEMORY) ? CURLE_OUT_OF_MEMORY : diff --git a/tests/data/test1135 b/tests/data/test1135 index 405d4b8fc3..51ec53e4d3 100644 --- a/tests/data/test1135 +++ b/tests/data/test1135 @@ -109,6 +109,8 @@ curl_multi_get_offt curl_pushheader_bynum curl_pushheader_byname curl_multi_waitfds +curl_multi_notify_disable +curl_multi_notify_enable curl_easy_option_by_name curl_easy_option_by_id curl_easy_option_next diff --git a/tests/data/test3207 b/tests/data/test3207 index 4c223699ee..7902d0ae29 100644 --- a/tests/data/test3207 +++ b/tests/data/test3207 @@ -172,7 +172,7 @@ https://localhost:%HTTPSPORT/%TESTNUMBER %CERTDIR/certs/test-ca.crt # Verify data after the test has been "shot" -Allocations: 13500 +Allocations: 13600 diff --git a/tests/data/test500 b/tests/data/test500 index 0b084ac003..7904110c7e 100644 --- a/tests/data/test500 +++ b/tests/data/test500 @@ -55,7 +55,7 @@ Accept: */* -Allocations: 81 +Allocations: 82 Maximum allocated: 33400 diff --git a/tests/http/testenv/curl.py b/tests/http/testenv/curl.py index f8e7b12a26..dcff774a63 100644 --- a/tests/http/testenv/curl.py +++ b/tests/http/testenv/curl.py @@ -126,6 +126,9 @@ class DTraceProfile: '-n', f'profile-97 /pid == {self._pid}/ {{ @[ustack()] = count(); }} tick-60s {{ exit(0); }}', '-o', f'{self._file}' ] + if sys.platform.startswith('darwin'): + # macOS seems to like this for producing symbols in user stacks + args.extend(['-p', f'{self._pid}']) self._proc = subprocess.Popen(args, text=True, cwd=self._run_dir, shell=False) assert self._proc diff --git a/tests/unit/unit3214.c b/tests/unit/unit3214.c index 08ce6fff39..d992a35dc0 100644 --- a/tests/unit/unit3214.c +++ b/tests/unit/unit3214.c @@ -43,7 +43,7 @@ static void checksize(const char *name, size_t size, size_t allowed) /* the maximum sizes we allow specific structs to grow to */ #define MAX_CURL_EASY 5800 #define MAX_CONNECTDATA 1300 -#define MAX_CURL_MULTI 750 +#define MAX_CURL_MULTI 850 #define MAX_CURL_HTTPPOST 112 #define MAX_CURL_SLIST 16 #define MAX_CURL_KHKEY 24 From 0061b2bfaabd29a10cf63898a3cceb3ef4ad914a Mon Sep 17 00:00:00 2001 From: Joshua Rogers Date: Tue, 7 Oct 2025 13:34:26 +0800 Subject: [PATCH 0331/2408] vquic: fix idle-timeout checks (ngtcp2 ms<-->ns), 64-bit log & honor 0=no-timeout (osslquic) Closes #18903 --- lib/vquic/curl_ngtcp2.c | 5 +++-- lib/vquic/curl_osslq.c | 7 ++++--- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index f397ec85ae..9851a087c1 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -2744,8 +2744,9 @@ static bool cf_ngtcp2_conn_is_alive(struct Curl_cfilter *cf, * it will close the connection when it expires. */ rp = ngtcp2_conn_get_remote_transport_params(ctx->qconn); if(rp && rp->max_idle_timeout) { - timediff_t idletime = curlx_timediff(curlx_now(), ctx->q.last_io); - if(idletime > 0 && (uint64_t)idletime > rp->max_idle_timeout) + timediff_t idletime_ms = curlx_timediff(curlx_now(), ctx->q.last_io); + if(idletime_ms > 0 && + ((uint64_t)idletime_ms * NGTCP2_MILLISECONDS) > rp->max_idle_timeout) goto out; } diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c index cda239a57d..474ed595cb 100644 --- a/lib/vquic/curl_osslq.c +++ b/lib/vquic/curl_osslq.c @@ -2251,10 +2251,11 @@ static bool cf_osslq_conn_is_alive(struct Curl_cfilter *cf, "assume connection is dead."); goto out; } - CURL_TRC_CF(data, cf, "negotiated idle timeout: %zums", (size_t)idle_ms); + CURL_TRC_CF(data, cf, "negotiated idle timeout: %" FMT_PRIu64 "ms", + (curl_uint64_t)idle_ms); idletime = curlx_timediff(curlx_now(), ctx->q.last_io); - if(idletime > 0 && (uint64_t)idletime > idle_ms) - goto out; + if(idle_ms != 0 && idletime > 0 && (uint64_t)idletime > idle_ms) + goto out; } #endif From 783df22e596f46c989cadba016d144514b68654c Mon Sep 17 00:00:00 2001 From: Joshua Rogers Date: Tue, 7 Oct 2025 15:48:36 +0800 Subject: [PATCH 0332/2408] vquic/ngtcp2: compare idle timeout in ms to avoid overflow Closes #18903 --- lib/vquic/curl_ngtcp2.c | 9 ++++++--- lib/vquic/curl_osslq.c | 4 ++-- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index 9851a087c1..af7f26eb39 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -2745,9 +2745,12 @@ static bool cf_ngtcp2_conn_is_alive(struct Curl_cfilter *cf, rp = ngtcp2_conn_get_remote_transport_params(ctx->qconn); if(rp && rp->max_idle_timeout) { timediff_t idletime_ms = curlx_timediff(curlx_now(), ctx->q.last_io); - if(idletime_ms > 0 && - ((uint64_t)idletime_ms * NGTCP2_MILLISECONDS) > rp->max_idle_timeout) - goto out; + if(idletime_ms > 0) { + uint64_t max_idle_ms = + (uint64_t)(rp->max_idle_timeout / NGTCP2_MILLISECONDS); + if((uint64_t)idletime_ms > max_idle_ms) + goto out; + } } if(!cf->next || !cf->next->cft->is_alive(cf->next, data, input_pending)) diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c index 474ed595cb..3fd2daf92f 100644 --- a/lib/vquic/curl_osslq.c +++ b/lib/vquic/curl_osslq.c @@ -2254,8 +2254,8 @@ static bool cf_osslq_conn_is_alive(struct Curl_cfilter *cf, CURL_TRC_CF(data, cf, "negotiated idle timeout: %" FMT_PRIu64 "ms", (curl_uint64_t)idle_ms); idletime = curlx_timediff(curlx_now(), ctx->q.last_io); - if(idle_ms != 0 && idletime > 0 && (uint64_t)idletime > idle_ms) - goto out; + if(idle_ms && idletime > 0 && (uint64_t)idletime > idle_ms) + goto out; } #endif From 4a6bdd5899005c25ce222dc21dcfd1a779544330 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 7 Oct 2025 12:04:03 +0200 Subject: [PATCH 0333/2408] examples/usercertinmem: avoid stripping const This API started accepting a const somewhere between OpenSSL 1.0.2b and 1.0.2t. It means this example, like the other similar one now works best with those versions or newer: ``` docs/examples/usercertinmem.c:100:33: error: cast from 'const char *' to 'char *' drops const qualifier [-Werror,-Wcast-qual] 100 | bio = BIO_new_mem_buf((char *)mypem, -1); | ^ docs/examples/usercertinmem.c:121:34: error: cast from 'const char *' to 'char *' drops const qualifier [-Werror,-Wcast-qual] 121 | kbio = BIO_new_mem_buf((char *)mykey, -1); | ^ ``` Closes #18908 --- docs/examples/usercertinmem.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/examples/usercertinmem.c b/docs/examples/usercertinmem.c index 670ae4dc71..50537ae25f 100644 --- a/docs/examples/usercertinmem.c +++ b/docs/examples/usercertinmem.c @@ -97,7 +97,7 @@ static CURLcode sslctx_function(CURL *curl, void *sslctx, void *pointer) (void)pointer; /* get a BIO */ - bio = BIO_new_mem_buf((char *)mypem, -1); + bio = BIO_new_mem_buf(mypem, -1); if(!bio) { printf("BIO_new_mem_buf failed\n"); @@ -118,7 +118,7 @@ static CURLcode sslctx_function(CURL *curl, void *sslctx, void *pointer) } /* create a bio for the RSA key */ - kbio = BIO_new_mem_buf((char *)mykey, -1); + kbio = BIO_new_mem_buf(mykey, -1); if(!kbio) { printf("BIO_new_mem_buf failed\n"); } From 089afd78cb5897adf5a42d8ccff01d7c32c8fada Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Mon, 6 Oct 2025 14:08:07 +0200 Subject: [PATCH 0334/2408] socks: handle premature close When expecting to receive a number of bytes during socks connect, treat an early connection close as error. Reported-by: Joshua Rogers Closes #18883 --- lib/socks.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/lib/socks.c b/lib/socks.c index ba7b28d04a..e7e545442a 100644 --- a/lib/socks.c +++ b/lib/socks.c @@ -254,8 +254,14 @@ static CURLproxycode socks_recv(struct socks_state *sx, curl_easy_strerror(result)); return CURLPX_RECV_CONNECT; } - else if(!nread) /* EOF */ + else if(!nread) { /* EOF */ + if(Curl_bufq_len(&sx->iobuf) < min_bytes) { + failf(data, "Failed to receive SOCKS response, " + "proxy closed connection"); + return CURLPX_RECV_CONNECT; + } break; + } } *done = TRUE; return CURLPX_OK; From 7ddbde4f731d6694f940320fe50a80b7f351229d Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 7 Oct 2025 14:04:12 +0200 Subject: [PATCH 0335/2408] cmake: build the "all" examples source list dynamically To allow building conditional examples, and to simplify by avoiding cmake-version dependent code. Follow-up to fe5225b5eaf3a1a0ce149023d38a9922a114798b #18209 Cherry-picked from #18909 Closes #18911 --- docs/examples/CMakeLists.txt | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/docs/examples/CMakeLists.txt b/docs/examples/CMakeLists.txt index bc0f3ce359..d86494c870 100644 --- a/docs/examples/CMakeLists.txt +++ b/docs/examples/CMakeLists.txt @@ -28,15 +28,14 @@ add_custom_target(curl-examples) curl_transform_makefile_inc("Makefile.inc" "${CMAKE_CURRENT_BINARY_DIR}/Makefile.inc.cmake") include("${CMAKE_CURRENT_BINARY_DIR}/Makefile.inc.cmake") +set(_all_src "") set(_all_canary "") set(_all "all") foreach(_target IN LISTS check_PROGRAMS _all) # keep '_all' last set(_target_name "curl-example-${_target}") if(_target STREQUAL "all") if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.12) - set(_examples_c "${check_PROGRAMS}") - list(TRANSFORM _examples_c APPEND ".c") - add_library(${_target_name} OBJECT EXCLUDE_FROM_ALL ${_examples_c}) + add_library(${_target_name} OBJECT EXCLUDE_FROM_ALL ${_all_src}) if(CMAKE_C_COMPILER_ID STREQUAL "MSVC") # MSVC but exclude clang-cl # CMake generates a static library for the OBJECT target. Silence these 'lib.exe' warnings: # warning LNK4006: main already defined in ....obj; second definition ignored @@ -49,16 +48,13 @@ foreach(_target IN LISTS check_PROGRAMS _all) # keep '_all' last endif() endif() else() - set(_examples_c "") - foreach(_src IN LISTS check_PROGRAMS) - list(APPEND _examples_c "${_src}.c") - endforeach() - add_library(${_target_name} STATIC EXCLUDE_FROM_ALL ${_examples_c}) + add_library(${_target_name} STATIC EXCLUDE_FROM_ALL ${_all_src}) endif() add_custom_target(curl-examples-build) # Special target to compile all tests quickly and build a single test to probe linkage add_dependencies(curl-examples-build ${_target_name} ${_all_canary}) # Include a full build of a single test else() set(_all_canary ${_target_name}) # Save the last test for the curl-examples-build target + list(APPEND _all_src "${_target}.c") add_executable(${_target_name} EXCLUDE_FROM_ALL "${_target}.c") add_dependencies(curl-examples ${_target_name}) endif() From 53be8166b2b16d9682a173f505188a79ca30fb11 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Tue, 7 Oct 2025 13:40:05 +0200 Subject: [PATCH 0336/2408] multi: notify rename, remove the last stragglers in the public API. Follow-up to 357808f4addef44c2c48f17d Closes #18910 --- docs/libcurl/curl_multi_notify_disable.md | 2 +- docs/libcurl/curl_multi_notify_enable.md | 2 +- docs/libcurl/opts/CURLMOPT_NOTIFYDATA.md | 2 +- docs/libcurl/opts/CURLMOPT_NOTIFYFUNCTION.md | 6 +++--- docs/libcurl/symbols-in-versions | 8 ++++---- include/curl/multi.h | 4 ++-- lib/multi.c | 6 +++--- lib/multi_ntfy.c | 6 +++--- src/tool_operate.c | 4 ++-- 9 files changed, 20 insertions(+), 20 deletions(-) diff --git a/docs/libcurl/curl_multi_notify_disable.md b/docs/libcurl/curl_multi_notify_disable.md index f4f28ebbd3..7228bfe89e 100644 --- a/docs/libcurl/curl_multi_notify_disable.md +++ b/docs/libcurl/curl_multi_notify_disable.md @@ -49,7 +49,7 @@ int main(void) int rc; CURLM *multi = curl_multi_init(); - rc = curl_multi_notify_disable(multi, CURLM_NTFY_INFO_READ); + rc = curl_multi_notify_disable(multi, CURLM_NOTIFY_INFO_READ); } ~~~ diff --git a/docs/libcurl/curl_multi_notify_enable.md b/docs/libcurl/curl_multi_notify_enable.md index d3ab02d2c7..095780dd09 100644 --- a/docs/libcurl/curl_multi_notify_enable.md +++ b/docs/libcurl/curl_multi_notify_enable.md @@ -49,7 +49,7 @@ int main(void) int rc; CURLM *multi = curl_multi_init(); - rc = curl_multi_notify_enable(multi, CURLM_NTFY_INFO_READ); + rc = curl_multi_notify_enable(multi, CURLM_NOTIFY_INFO_READ); } ~~~ diff --git a/docs/libcurl/opts/CURLMOPT_NOTIFYDATA.md b/docs/libcurl/opts/CURLMOPT_NOTIFYDATA.md index 3349c77fbe..539e4ce298 100644 --- a/docs/libcurl/opts/CURLMOPT_NOTIFYDATA.md +++ b/docs/libcurl/opts/CURLMOPT_NOTIFYDATA.md @@ -61,7 +61,7 @@ int main(void) /* ... use socket callback and custom pointer */ curl_multi_setopt(multi, CURLMOPT_NOTIFYFUNCTION, ntfy_cb); curl_multi_setopt(multi, CURLMOPT_NOTIFYDATA, &setup); - curl_multi_notify_enable(multi, CURLM_NTFY_INFO_READ); + curl_multi_notify_enable(multi, CURLM_NOTIFY_INFO_READ); } ~~~ diff --git a/docs/libcurl/opts/CURLMOPT_NOTIFYFUNCTION.md b/docs/libcurl/opts/CURLMOPT_NOTIFYFUNCTION.md index 979fea89a7..8e52065217 100644 --- a/docs/libcurl/opts/CURLMOPT_NOTIFYFUNCTION.md +++ b/docs/libcurl/opts/CURLMOPT_NOTIFYFUNCTION.md @@ -63,7 +63,7 @@ are shut down. **notification** is the type of notification, e.g. what happened. The following types are available: -## CURLM_NTFY_INFO_READ +## CURLM_NOTIFY_INFO_READ When enabled via curl_multi_notify_enable(3), this informs the application that there are new messages to be processed via curl_multi_info_read(3). @@ -76,7 +76,7 @@ again. The *easy* handle passed is an internal handle. -## CURLM_NTFY_EASY_DONE +## CURLM_NOTIFY_EASY_DONE When enabled via curl_multi_notify_enable(3), this notification is triggered when a an easy handle has finished. This happens both for @@ -118,7 +118,7 @@ int main(void) /* ... use socket callback and custom pointer */ curl_multi_setopt(multi, CURLMOPT_NOTIFYFUNCTION, ntfy_cb); curl_multi_setopt(multi, CURLMOPT_NOTIFYDATA, &setup); - curl_multi_notify_enable(multi, CURLM_NTFY_INFO_READ); + curl_multi_notify_enable(multi, CURLM_NOTIFY_INFO_READ); } ~~~ diff --git a/docs/libcurl/symbols-in-versions b/docs/libcurl/symbols-in-versions index 75db554e2a..c9b0d24e37 100644 --- a/docs/libcurl/symbols-in-versions +++ b/docs/libcurl/symbols-in-versions @@ -545,8 +545,8 @@ CURLM_BAD_SOCKET 7.15.4 CURLM_CALL_MULTI_PERFORM 7.9.6 CURLM_CALL_MULTI_SOCKET 7.15.5 CURLM_INTERNAL_ERROR 7.9.6 -CURLM_NTFY_EASY_DONE 8.17.0 -CURLM_NTFY_INFO_READ 8.17.0 +CURLM_NOTIFY_EASY_DONE 8.17.0 +CURLM_NOTIFY_INFO_READ 8.17.0 CURLM_OK 7.9.6 CURLM_OUT_OF_MEMORY 7.9.6 CURLM_RECURSIVE_API_CALL 7.59.0 @@ -570,8 +570,8 @@ CURLMOPT_MAX_PIPELINE_LENGTH 7.30.0 CURLMOPT_MAX_TOTAL_CONNECTIONS 7.30.0 CURLMOPT_MAXCONNECTS 7.16.3 CURLMOPT_NETWORK_CHANGED 8.16.0 -CURLMOPT_NOTIFYDATA 8.17.0 -CURLMOPT_NOTIFYFUNCTION 8.17.0 +CURLMOPT_NOTIFYDATA 8.17.0 +CURLMOPT_NOTIFYFUNCTION 8.17.0 CURLMOPT_PIPELINING 7.16.0 CURLMOPT_PIPELINING_SERVER_BL 7.30.0 CURLMOPT_PIPELINING_SITE_BL 7.30.0 diff --git a/include/curl/multi.h b/include/curl/multi.h index c486a3a5cc..38c44e3b5a 100644 --- a/include/curl/multi.h +++ b/include/curl/multi.h @@ -529,8 +529,8 @@ CURL_EXTERN CURLMcode curl_multi_waitfds(CURLM *multi, /* * Notifications dispatched by a multi handle, when enabled. */ -#define CURLM_NTFY_INFO_READ 0 -#define CURLM_NTFY_EASY_DONE 1 +#define CURLM_NOTIFY_INFO_READ 0 +#define CURLM_NOTIFY_EASY_DONE 1 /* * Callback to install via CURLMOPT_NOTIFYFUNCTION. diff --git a/lib/multi.c b/lib/multi.c index 58e384b68a..168d584cfb 100644 --- a/lib/multi.c +++ b/lib/multi.c @@ -173,13 +173,13 @@ static void mstate(struct Curl_easy *data, CURLMstate state data->mstate = state; switch(state) { case MSTATE_DONE: - CURLM_NTFY(data, CURLM_NTFY_EASY_DONE); + CURLM_NTFY(data, CURLM_NOTIFY_EASY_DONE); break; case MSTATE_COMPLETED: /* we sometimes directly jump to COMPLETED, trigger also a notification * in that case. */ if(oldstate < MSTATE_DONE) - CURLM_NTFY(data, CURLM_NTFY_EASY_DONE); + CURLM_NTFY(data, CURLM_NOTIFY_EASY_DONE); /* changing to COMPLETED means it is in process and needs to go */ DEBUGASSERT(Curl_uint_bset_contains(&data->multi->process, data->mid)); Curl_uint_bset_remove(&data->multi->process, data->mid); @@ -226,7 +226,7 @@ static void ph_freeentry(void *p) static void multi_addmsg(struct Curl_multi *multi, struct Curl_message *msg) { if(!Curl_llist_count(&multi->msglist)) - CURLM_NTFY(multi->admin, CURLM_NTFY_INFO_READ); + CURLM_NTFY(multi->admin, CURLM_NOTIFY_INFO_READ); Curl_llist_append(&multi->msglist, msg, &msg->list); } diff --git a/lib/multi_ntfy.c b/lib/multi_ntfy.c index 95ce82f57d..24a09176f2 100644 --- a/lib/multi_ntfy.c +++ b/lib/multi_ntfy.c @@ -137,7 +137,7 @@ void Curl_mntfy_init(struct Curl_multi *multi) CURLMcode Curl_mntfy_resize(struct Curl_multi *multi) { - if(Curl_uint_bset_resize(&multi->ntfy.enabled, CURLM_NTFY_EASY_DONE + 1)) + if(Curl_uint_bset_resize(&multi->ntfy.enabled, CURLM_NOTIFY_EASY_DONE + 1)) return CURLM_OUT_OF_MEMORY; return CURLM_OK; } @@ -155,7 +155,7 @@ void Curl_mntfy_cleanup(struct Curl_multi *multi) CURLMcode Curl_mntfy_enable(struct Curl_multi *multi, unsigned int type) { - if(type > CURLM_NTFY_EASY_DONE) + if(type > CURLM_NOTIFY_EASY_DONE) return CURLM_UNKNOWN_OPTION; Curl_uint_bset_add(&multi->ntfy.enabled, type); return CURLM_OK; @@ -163,7 +163,7 @@ CURLMcode Curl_mntfy_enable(struct Curl_multi *multi, unsigned int type) CURLMcode Curl_mntfy_disable(struct Curl_multi *multi, unsigned int type) { - if(type > CURLM_NTFY_EASY_DONE) + if(type > CURLM_NOTIFY_EASY_DONE) return CURLM_UNKNOWN_OPTION; Curl_uint_bset_remove(&multi->ntfy.enabled, type); return CURLM_OK; diff --git a/src/tool_operate.c b/src/tool_operate.c index fc5a965625..3ee64c3b84 100644 --- a/src/tool_operate.c +++ b/src/tool_operate.c @@ -1736,7 +1736,7 @@ static void mnotify(CURLM *multi, unsigned int notification, (void)easy; switch(notification) { - case CURLM_NTFY_INFO_READ: + case CURLM_NOTIFY_INFO_READ: result = check_finished(s); /* remember first failure */ if(result && !s->result) @@ -1766,7 +1766,7 @@ static CURLcode parallel_transfers(CURLSH *share) (void)curl_multi_setopt(s->multi, CURLMOPT_NOTIFYFUNCTION, mnotify); (void)curl_multi_setopt(s->multi, CURLMOPT_NOTIFYDATA, s); - (void)curl_multi_notify_enable(s->multi, CURLM_NTFY_INFO_READ); + (void)curl_multi_notify_enable(s->multi, CURLM_NOTIFY_INFO_READ); result = add_parallel_transfers(s->multi, s->share, &s->more_transfers, &s->added_transfers); From 6bb77140322565ca17f5a66aa5d8500d8d469cca Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 7 Oct 2025 13:54:17 +0200 Subject: [PATCH 0337/2408] examples: fix build issues in 'complicated' examples - cacertinmem: build cleanly with BoringSSL/AWS-LC. - cacertinmem: silence `-Wcast-function-type-strict`. - multi-uv: fix callback prototypes. - multithread, threaded-ssl: do not pass const as thread arg. - sessioninfo: fix suppressing deprecated feature warning. - usercertinmem: sync formatting with cacertinmem. Follow-up to 4a6bdd5899005c25ce222dc21dcfd1a779544330 #18908 Cherry-picked from #18909 Closes #18914 --- docs/examples/cacertinmem.c | 15 +++++++++++++-- docs/examples/multi-uv.c | 8 ++++---- docs/examples/multithread.c | 7 ++++--- docs/examples/sessioninfo.c | 7 +++++-- docs/examples/threaded-ssl.c | 7 ++++--- docs/examples/usercertinmem.c | 16 ++++++---------- 6 files changed, 36 insertions(+), 24 deletions(-) diff --git a/docs/examples/cacertinmem.c b/docs/examples/cacertinmem.c index ec12df58bf..6a2649b29b 100644 --- a/docs/examples/cacertinmem.c +++ b/docs/examples/cacertinmem.c @@ -34,6 +34,17 @@ #if defined(__GNUC__) || defined(__clang__) #pragma GCC diagnostic ignored "-Woverlength-strings" #endif +/* Silence warning when calling sk_X509_INFO_pop_free() */ +#if defined(__clang__) && __clang_major__ >= 16 +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wcast-function-type-strict" +#endif + +#if defined(OPENSSL_IS_BORINGSSL) || defined(OPENSSL_IS_AWSLC) +typedef size_t ossl_valsize_t; +#else +typedef int ossl_valsize_t; +#endif static size_t writefunction(void *ptr, size_t size, size_t nmemb, void *stream) { @@ -68,8 +79,8 @@ static CURLcode sslctx_function(CURL *curl, void *sslctx, void *pointer) "-----END CERTIFICATE-----\n"; BIO *cbio = BIO_new_mem_buf(mypem, sizeof(mypem)); - X509_STORE *cts = SSL_CTX_get_cert_store((SSL_CTX *)sslctx); - int i; + X509_STORE *cts = SSL_CTX_get_cert_store((SSL_CTX *)sslctx); + ossl_valsize_t i; STACK_OF(X509_INFO) *inf; (void)curl; diff --git a/docs/examples/multi-uv.c b/docs/examples/multi-uv.c index ee0ac0e1b3..07774c93eb 100644 --- a/docs/examples/multi-uv.c +++ b/docs/examples/multi-uv.c @@ -167,9 +167,9 @@ static void on_uv_timeout(uv_timer_t *req) } /* callback from libcurl to update the timeout expiry */ -static int cb_timeout(CURLM *multi, long timeout_ms, - struct datauv *uv) +static int cb_timeout(CURLM *multi, long timeout_ms, void *userp) { + struct datauv *uv = (struct datauv *)userp; (void)multi; if(timeout_ms < 0) uv_timer_stop(&uv->timeout); @@ -185,9 +185,9 @@ static int cb_timeout(CURLM *multi, long timeout_ms, /* callback from libcurl to update socket activity to wait for */ static int cb_socket(CURL *easy, curl_socket_t s, int action, - struct datauv *uv, - void *socketp) + void *userp, void *socketp) { + struct datauv *uv = (struct datauv *)userp; struct curl_context *curl_context; int events = 0; (void)easy; diff --git a/docs/examples/multithread.c b/docs/examples/multithread.c index ceee94022a..4cdb74fbe4 100644 --- a/docs/examples/multithread.c +++ b/docs/examples/multithread.c @@ -48,12 +48,13 @@ static const char * const urls[NUMT]= { "www.example" }; -static void *pull_one_url(void *url) +static void *pull_one_url(void *pindex) { + int i = *(int *)pindex; CURL *curl; curl = curl_easy_init(); - curl_easy_setopt(curl, CURLOPT_URL, url); + curl_easy_setopt(curl, CURLOPT_URL, urls[i]); curl_easy_perform(curl); /* ignores error */ curl_easy_cleanup(curl); @@ -79,7 +80,7 @@ int main(void) int error = pthread_create(&tid[i], NULL, /* default attributes please */ pull_one_url, - (void *)urls[i]); + (void *)&i); if(error) fprintf(stderr, "Couldn't run thread number %d, errno %d\n", i, error); else diff --git a/docs/examples/sessioninfo.c b/docs/examples/sessioninfo.c index 225b1ae5a5..5fbc1cc4df 100644 --- a/docs/examples/sessioninfo.c +++ b/docs/examples/sessioninfo.c @@ -29,6 +29,10 @@ /* Note that this example currently requires curl to be linked against GnuTLS (and this program must also be linked against -lgnutls). */ +#ifndef CURL_DISABLE_DEPRECATION +#define CURL_DISABLE_DEPRECATION +#endif + #include #include @@ -47,8 +51,7 @@ static size_t wrfu(void *ptr, size_t size, size_t nmemb, void *stream) (void)stream; (void)ptr; - res = CURL_IGNORE_DEPRECATION( - curl_easy_getinfo(curl, CURLINFO_TLS_SESSION, &info)); + res = curl_easy_getinfo(curl, CURLINFO_TLS_SESSION, &info); if(!res) { switch(info->backend) { diff --git a/docs/examples/threaded-ssl.c b/docs/examples/threaded-ssl.c index 161182eec1..6590e8b202 100644 --- a/docs/examples/threaded-ssl.c +++ b/docs/examples/threaded-ssl.c @@ -52,12 +52,13 @@ static const char * const urls[]= { "https://www4.example.com/", }; -static void *pull_one_url(void *url) +static void *pull_one_url(void *pindex) { + int i = *(int *)pindex; CURL *curl; curl = curl_easy_init(); - curl_easy_setopt(curl, CURLOPT_URL, url); + curl_easy_setopt(curl, CURLOPT_URL, urls[i]); /* this example does not verify the server's certificate, which means we might be downloading stuff from an impostor */ curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); @@ -82,7 +83,7 @@ int main(int argc, char **argv) int error = pthread_create(&tid[i], NULL, /* default attributes please */ pull_one_url, - (void *)urls[i]); + (void *)&i); if(error) fprintf(stderr, "Couldn't run thread number %d, errno %d\n", i, error); else diff --git a/docs/examples/usercertinmem.c b/docs/examples/usercertinmem.c index 50537ae25f..899895592e 100644 --- a/docs/examples/usercertinmem.c +++ b/docs/examples/usercertinmem.c @@ -22,7 +22,7 @@ * ***************************************************************************/ /* - * Use an in-memory user certificate and RSA key and retrieve an https page. + * Use an in-memory user certificate and RSA key and retrieve an HTTPS page. * */ /* Written by Ishan SinghLevett, based on Theo Borm's cacertinmem.c. @@ -47,7 +47,7 @@ static size_t writefunction(void *ptr, size_t size, size_t nmemb, void *stream) { - fwrite(ptr, size, nmemb, stream); + fwrite(ptr, size, nmemb, (FILE *)stream); return nmemb * size; } @@ -179,12 +179,10 @@ int main(void) /* first try: retrieve page without user certificate and key -> fails */ rv = curl_easy_perform(ch); - if(rv == CURLE_OK) { + if(rv == CURLE_OK) printf("*** transfer succeeded ***\n"); - } - else { + else printf("*** transfer failed ***\n"); - } /* second try: retrieve page using user certificate and key -> succeeds * load the certificate and key by installing a function doing the necessary @@ -192,12 +190,10 @@ int main(void) */ curl_easy_setopt(ch, CURLOPT_SSL_CTX_FUNCTION, sslctx_function); rv = curl_easy_perform(ch); - if(rv == CURLE_OK) { + if(rv == CURLE_OK) printf("*** transfer succeeded ***\n"); - } - else { + else printf("*** transfer failed ***\n"); - } curl_easy_cleanup(ch); curl_global_cleanup(); From 496802fdcf1b249bedb381b25d0c3b544dea569d Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 7 Oct 2025 16:00:59 +0200 Subject: [PATCH 0338/2408] multi: use CURLMNOTIFY_ as notification id prefix Since CURLM_ is already used as prefix for multi error codes, it makes it easier to detect and understand the difference between identifiers - and allows for scripts on the website and elsewhere to separate them properly. Follow-up to 53be8166b2b16d9682 Closes #18912 --- docs/libcurl/curl_multi_notify_disable.md | 2 +- docs/libcurl/curl_multi_notify_enable.md | 2 +- docs/libcurl/opts/CURLMOPT_NOTIFYDATA.md | 2 +- docs/libcurl/opts/CURLMOPT_NOTIFYFUNCTION.md | 6 ++-- docs/libcurl/symbols-in-versions | 30 ++++++++++---------- include/curl/multi.h | 5 ++-- lib/multi.c | 6 ++-- lib/multi_ntfy.c | 6 ++-- src/tool_operate.c | 4 +-- 9 files changed, 31 insertions(+), 32 deletions(-) diff --git a/docs/libcurl/curl_multi_notify_disable.md b/docs/libcurl/curl_multi_notify_disable.md index 7228bfe89e..11113a5898 100644 --- a/docs/libcurl/curl_multi_notify_disable.md +++ b/docs/libcurl/curl_multi_notify_disable.md @@ -49,7 +49,7 @@ int main(void) int rc; CURLM *multi = curl_multi_init(); - rc = curl_multi_notify_disable(multi, CURLM_NOTIFY_INFO_READ); + rc = curl_multi_notify_disable(multi, CURLMNOTIFY_INFO_READ); } ~~~ diff --git a/docs/libcurl/curl_multi_notify_enable.md b/docs/libcurl/curl_multi_notify_enable.md index 095780dd09..4a0da77714 100644 --- a/docs/libcurl/curl_multi_notify_enable.md +++ b/docs/libcurl/curl_multi_notify_enable.md @@ -49,7 +49,7 @@ int main(void) int rc; CURLM *multi = curl_multi_init(); - rc = curl_multi_notify_enable(multi, CURLM_NOTIFY_INFO_READ); + rc = curl_multi_notify_enable(multi, CURLMNOTIFY_INFO_READ); } ~~~ diff --git a/docs/libcurl/opts/CURLMOPT_NOTIFYDATA.md b/docs/libcurl/opts/CURLMOPT_NOTIFYDATA.md index 539e4ce298..deb4b5b95c 100644 --- a/docs/libcurl/opts/CURLMOPT_NOTIFYDATA.md +++ b/docs/libcurl/opts/CURLMOPT_NOTIFYDATA.md @@ -61,7 +61,7 @@ int main(void) /* ... use socket callback and custom pointer */ curl_multi_setopt(multi, CURLMOPT_NOTIFYFUNCTION, ntfy_cb); curl_multi_setopt(multi, CURLMOPT_NOTIFYDATA, &setup); - curl_multi_notify_enable(multi, CURLM_NOTIFY_INFO_READ); + curl_multi_notify_enable(multi, CURLMNOTIFY_INFO_READ); } ~~~ diff --git a/docs/libcurl/opts/CURLMOPT_NOTIFYFUNCTION.md b/docs/libcurl/opts/CURLMOPT_NOTIFYFUNCTION.md index 8e52065217..7ff2cb12e5 100644 --- a/docs/libcurl/opts/CURLMOPT_NOTIFYFUNCTION.md +++ b/docs/libcurl/opts/CURLMOPT_NOTIFYFUNCTION.md @@ -63,7 +63,7 @@ are shut down. **notification** is the type of notification, e.g. what happened. The following types are available: -## CURLM_NOTIFY_INFO_READ +## CURLMNOTIFY_INFO_READ When enabled via curl_multi_notify_enable(3), this informs the application that there are new messages to be processed via curl_multi_info_read(3). @@ -76,7 +76,7 @@ again. The *easy* handle passed is an internal handle. -## CURLM_NOTIFY_EASY_DONE +## CURLMNOTIFY_EASY_DONE When enabled via curl_multi_notify_enable(3), this notification is triggered when a an easy handle has finished. This happens both for @@ -118,7 +118,7 @@ int main(void) /* ... use socket callback and custom pointer */ curl_multi_setopt(multi, CURLMOPT_NOTIFYFUNCTION, ntfy_cb); curl_multi_setopt(multi, CURLMOPT_NOTIFYDATA, &setup); - curl_multi_notify_enable(multi, CURLM_NOTIFY_INFO_READ); + curl_multi_notify_enable(multi, CURLMNOTIFY_INFO_READ); } ~~~ diff --git a/docs/libcurl/symbols-in-versions b/docs/libcurl/symbols-in-versions index c9b0d24e37..e0e0a8e63a 100644 --- a/docs/libcurl/symbols-in-versions +++ b/docs/libcurl/symbols-in-versions @@ -234,6 +234,7 @@ CURLE_CONV_REQD 7.15.4 7.82.0 CURLE_COULDNT_CONNECT 7.1 CURLE_COULDNT_RESOLVE_HOST 7.1 CURLE_COULDNT_RESOLVE_PROXY 7.1 +CURLE_ECH_REQUIRED 8.8.0 CURLE_FAILED_INIT 7.1 CURLE_FILE_COULDNT_READ_FILE 7.1 CURLE_FILESIZE_EXCEEDED 7.10.8 @@ -337,7 +338,6 @@ CURLE_UNRECOVERABLE_POLL 7.84.0 CURLE_UNSUPPORTED_PROTOCOL 7.1 CURLE_UPLOAD_FAILED 7.16.3 CURLE_URL_MALFORMAT 7.1 -CURLE_ECH_REQUIRED 8.8.0 CURLE_URL_MALFORMAT_USER 7.1 7.17.0 CURLE_USE_SSL_FAILED 7.17.0 CURLE_WEIRD_SERVER_REPLY 7.51.0 @@ -360,8 +360,8 @@ CURLFINFOFLAG_KNOWN_SIZE 7.21.0 CURLFINFOFLAG_KNOWN_TIME 7.21.0 CURLFINFOFLAG_KNOWN_UID 7.21.0 CURLFOLLOW_ALL 8.13.0 -CURLFOLLOW_OBEYCODE 8.13.0 CURLFOLLOW_FIRSTONLY 8.13.0 +CURLFOLLOW_OBEYCODE 8.13.0 CURLFORM_ARRAY 7.9.1 7.56.0 CURLFORM_ARRAY_END 7.9.1 7.9.5 7.9.6 CURLFORM_ARRAY_START 7.9.1 7.9.5 7.9.6 @@ -466,9 +466,9 @@ CURLINFO_NONE 7.4.1 CURLINFO_NUM_CONNECTS 7.12.3 CURLINFO_OFF_T 7.55.0 CURLINFO_OS_ERRNO 7.12.2 +CURLINFO_POSTTRANSFER_TIME_T 8.10.0 CURLINFO_PRETRANSFER_TIME 7.4.1 CURLINFO_PRETRANSFER_TIME_T 7.61.0 -CURLINFO_POSTTRANSFER_TIME_T 8.10.0 CURLINFO_PRIMARY_IP 7.19.0 CURLINFO_PRIMARY_PORT 7.21.0 CURLINFO_PRIVATE 7.10.3 @@ -545,8 +545,6 @@ CURLM_BAD_SOCKET 7.15.4 CURLM_CALL_MULTI_PERFORM 7.9.6 CURLM_CALL_MULTI_SOCKET 7.15.5 CURLM_INTERNAL_ERROR 7.9.6 -CURLM_NOTIFY_EASY_DONE 8.17.0 -CURLM_NOTIFY_INFO_READ 8.17.0 CURLM_OK 7.9.6 CURLM_OUT_OF_MEMORY 7.9.6 CURLM_RECURSIVE_API_CALL 7.59.0 @@ -560,6 +558,8 @@ CURLMINFO_XFERS_CURRENT 8.16.0 CURLMINFO_XFERS_DONE 8.16.0 CURLMINFO_XFERS_PENDING 8.16.0 CURLMINFO_XFERS_RUNNING 8.16.0 +CURLMNOTIFY_EASY_DONE 8.17.0 +CURLMNOTIFY_INFO_READ 8.17.0 CURLMNWC_CLEAR_CONNS 8.16.0 CURLMNWC_CLEAR_DNS 8.16.0 CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE 7.30.0 @@ -594,10 +594,10 @@ CURLOPT_APPEND 7.17.0 CURLOPT_AUTOREFERER 7.1 CURLOPT_AWS_SIGV4 7.75.0 CURLOPT_BUFFERSIZE 7.10 +CURLOPT_CA_CACHE_TIMEOUT 7.87.0 CURLOPT_CAINFO 7.4.2 CURLOPT_CAINFO_BLOB 7.77.0 CURLOPT_CAPATH 7.9.8 -CURLOPT_CA_CACHE_TIMEOUT 7.87.0 CURLOPT_CERTINFO 7.19.1 CURLOPT_CHUNK_BGN_FUNCTION 7.21.0 CURLOPT_CHUNK_DATA 7.21.0 @@ -670,8 +670,8 @@ CURLOPT_FTPPORT 7.1 CURLOPT_FTPSSLAUTH 7.12.2 CURLOPT_GSSAPI_DELEGATION 7.22.0 CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS 7.59.0 -CURLOPT_HAPROXYPROTOCOL 7.60.0 CURLOPT_HAPROXY_CLIENT_IP 8.2.0 +CURLOPT_HAPROXYPROTOCOL 7.60.0 CURLOPT_HEADER 7.1 CURLOPT_HEADERDATA 7.10 CURLOPT_HEADERFUNCTION 7.7.2 @@ -719,7 +719,6 @@ CURLOPT_MAIL_FROM 7.20.0 CURLOPT_MAIL_RCPT 7.20.0 CURLOPT_MAIL_RCPT_ALLLOWFAILS 7.69.0 8.2.0 CURLOPT_MAIL_RCPT_ALLOWFAILS 8.2.0 -CURLOPT_QUICK_EXIT 7.87.0 CURLOPT_MAX_RECV_SPEED_LARGE 7.15.5 CURLOPT_MAX_SEND_SPEED_LARGE 7.15.5 CURLOPT_MAXAGE_CONN 7.65.0 @@ -800,6 +799,7 @@ CURLOPT_PROXYTYPE 7.10 CURLOPT_PROXYUSERNAME 7.19.1 CURLOPT_PROXYUSERPWD 7.1 CURLOPT_PUT 7.1 7.12.1 +CURLOPT_QUICK_EXIT 7.87.0 CURLOPT_QUOTE 7.1 CURLOPT_RANDOM_FILE 7.7 7.84.0 CURLOPT_RANGE 7.1 @@ -884,9 +884,9 @@ CURLOPT_STREAM_WEIGHT 7.46.0 CURLOPT_SUPPRESS_CONNECT_HEADERS 7.54.0 CURLOPT_TCP_FASTOPEN 7.49.0 CURLOPT_TCP_KEEPALIVE 7.25.0 +CURLOPT_TCP_KEEPCNT 8.9.0 CURLOPT_TCP_KEEPIDLE 7.25.0 CURLOPT_TCP_KEEPINTVL 7.25.0 -CURLOPT_TCP_KEEPCNT 8.9.0 CURLOPT_TCP_NODELAY 7.11.2 CURLOPT_TELNETOPTIONS 7.7 CURLOPT_TFTP_BLKSIZE 7.19.4 @@ -1072,11 +1072,11 @@ CURLSSLBACKEND_SECURETRANSPORT 7.64.1 8.15.0 CURLSSLBACKEND_WOLFSSL 7.49.0 CURLSSLOPT_ALLOW_BEAST 7.25.0 CURLSSLOPT_AUTO_CLIENT_CERT 7.77.0 +CURLSSLOPT_EARLYDATA 8.11.0 CURLSSLOPT_NATIVE_CA 7.71.0 CURLSSLOPT_NO_PARTIALCHAIN 7.68.0 CURLSSLOPT_NO_REVOKE 7.44.0 CURLSSLOPT_REVOKE_BEST_EFFORT 7.70.0 -CURLSSLOPT_EARLYDATA 8.11.0 CURLSSLSET_NO_BACKENDS 7.56.0 CURLSSLSET_OK 7.56.0 CURLSSLSET_TOO_LATE 7.56.0 @@ -1132,6 +1132,11 @@ CURLUE_UNKNOWN_PART 7.62.0 CURLUE_UNSUPPORTED_SCHEME 7.62.0 CURLUE_URLDECODE 7.62.0 CURLUE_USER_NOT_ALLOWED 7.62.0 +CURLULFLAG_ANSWERED 8.13.0 +CURLULFLAG_DELETED 8.13.0 +CURLULFLAG_DRAFT 8.13.0 +CURLULFLAG_FLAGGED 8.13.0 +CURLULFLAG_SEEN 8.13.0 CURLUPART_FRAGMENT 7.62.0 CURLUPART_HOST 7.62.0 CURLUPART_OPTIONS 7.62.0 @@ -1143,11 +1148,6 @@ CURLUPART_SCHEME 7.62.0 CURLUPART_URL 7.62.0 CURLUPART_USER 7.62.0 CURLUPART_ZONEID 7.65.0 -CURLULFLAG_ANSWERED 8.13.0 -CURLULFLAG_DELETED 8.13.0 -CURLULFLAG_DRAFT 8.13.0 -CURLULFLAG_FLAGGED 8.13.0 -CURLULFLAG_SEEN 8.13.0 CURLUSESSL_ALL 7.17.0 CURLUSESSL_CONTROL 7.17.0 CURLUSESSL_NONE 7.17.0 diff --git a/include/curl/multi.h b/include/curl/multi.h index 38c44e3b5a..4e30637ef5 100644 --- a/include/curl/multi.h +++ b/include/curl/multi.h @@ -529,8 +529,8 @@ CURL_EXTERN CURLMcode curl_multi_waitfds(CURLM *multi, /* * Notifications dispatched by a multi handle, when enabled. */ -#define CURLM_NOTIFY_INFO_READ 0 -#define CURLM_NOTIFY_EASY_DONE 1 +#define CURLMNOTIFY_INFO_READ 0 +#define CURLMNOTIFY_EASY_DONE 1 /* * Callback to install via CURLMOPT_NOTIFYFUNCTION. @@ -540,7 +540,6 @@ typedef void (*curl_notify_callback)(CURLM *multi, CURL *easy, void *user_data); - CURL_EXTERN CURLMcode curl_multi_notify_disable(CURLM *multi, unsigned int notification); diff --git a/lib/multi.c b/lib/multi.c index 168d584cfb..9ea8e9bc7f 100644 --- a/lib/multi.c +++ b/lib/multi.c @@ -173,13 +173,13 @@ static void mstate(struct Curl_easy *data, CURLMstate state data->mstate = state; switch(state) { case MSTATE_DONE: - CURLM_NTFY(data, CURLM_NOTIFY_EASY_DONE); + CURLM_NTFY(data, CURLMNOTIFY_EASY_DONE); break; case MSTATE_COMPLETED: /* we sometimes directly jump to COMPLETED, trigger also a notification * in that case. */ if(oldstate < MSTATE_DONE) - CURLM_NTFY(data, CURLM_NOTIFY_EASY_DONE); + CURLM_NTFY(data, CURLMNOTIFY_EASY_DONE); /* changing to COMPLETED means it is in process and needs to go */ DEBUGASSERT(Curl_uint_bset_contains(&data->multi->process, data->mid)); Curl_uint_bset_remove(&data->multi->process, data->mid); @@ -226,7 +226,7 @@ static void ph_freeentry(void *p) static void multi_addmsg(struct Curl_multi *multi, struct Curl_message *msg) { if(!Curl_llist_count(&multi->msglist)) - CURLM_NTFY(multi->admin, CURLM_NOTIFY_INFO_READ); + CURLM_NTFY(multi->admin, CURLMNOTIFY_INFO_READ); Curl_llist_append(&multi->msglist, msg, &msg->list); } diff --git a/lib/multi_ntfy.c b/lib/multi_ntfy.c index 24a09176f2..fe7cc0503a 100644 --- a/lib/multi_ntfy.c +++ b/lib/multi_ntfy.c @@ -137,7 +137,7 @@ void Curl_mntfy_init(struct Curl_multi *multi) CURLMcode Curl_mntfy_resize(struct Curl_multi *multi) { - if(Curl_uint_bset_resize(&multi->ntfy.enabled, CURLM_NOTIFY_EASY_DONE + 1)) + if(Curl_uint_bset_resize(&multi->ntfy.enabled, CURLMNOTIFY_EASY_DONE + 1)) return CURLM_OUT_OF_MEMORY; return CURLM_OK; } @@ -155,7 +155,7 @@ void Curl_mntfy_cleanup(struct Curl_multi *multi) CURLMcode Curl_mntfy_enable(struct Curl_multi *multi, unsigned int type) { - if(type > CURLM_NOTIFY_EASY_DONE) + if(type > CURLMNOTIFY_EASY_DONE) return CURLM_UNKNOWN_OPTION; Curl_uint_bset_add(&multi->ntfy.enabled, type); return CURLM_OK; @@ -163,7 +163,7 @@ CURLMcode Curl_mntfy_enable(struct Curl_multi *multi, unsigned int type) CURLMcode Curl_mntfy_disable(struct Curl_multi *multi, unsigned int type) { - if(type > CURLM_NOTIFY_EASY_DONE) + if(type > CURLMNOTIFY_EASY_DONE) return CURLM_UNKNOWN_OPTION; Curl_uint_bset_remove(&multi->ntfy.enabled, type); return CURLM_OK; diff --git a/src/tool_operate.c b/src/tool_operate.c index 3ee64c3b84..ca0d2e77f5 100644 --- a/src/tool_operate.c +++ b/src/tool_operate.c @@ -1736,7 +1736,7 @@ static void mnotify(CURLM *multi, unsigned int notification, (void)easy; switch(notification) { - case CURLM_NOTIFY_INFO_READ: + case CURLMNOTIFY_INFO_READ: result = check_finished(s); /* remember first failure */ if(result && !s->result) @@ -1766,7 +1766,7 @@ static CURLcode parallel_transfers(CURLSH *share) (void)curl_multi_setopt(s->multi, CURLMOPT_NOTIFYFUNCTION, mnotify); (void)curl_multi_setopt(s->multi, CURLMOPT_NOTIFYDATA, s); - (void)curl_multi_notify_enable(s->multi, CURLM_NOTIFY_INFO_READ); + (void)curl_multi_notify_enable(s->multi, CURLMNOTIFY_INFO_READ); result = add_parallel_transfers(s->multi, s->share, &s->more_transfers, &s->added_transfers); From 352d1dc6ab0af5bc7f88746cd059ceca6c1e9c0a Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 7 Oct 2025 16:18:22 +0200 Subject: [PATCH 0339/2408] CURLMOPT_NOTIFYFUNCTION.md: minor language polish - mention the possibility of new types in the future - s/a an/an Closes #18913 --- docs/libcurl/opts/CURLMOPT_NOTIFYFUNCTION.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/docs/libcurl/opts/CURLMOPT_NOTIFYFUNCTION.md b/docs/libcurl/opts/CURLMOPT_NOTIFYFUNCTION.md index 7ff2cb12e5..4091b1ae68 100644 --- a/docs/libcurl/opts/CURLMOPT_NOTIFYFUNCTION.md +++ b/docs/libcurl/opts/CURLMOPT_NOTIFYFUNCTION.md @@ -61,7 +61,8 @@ are shut down. *multi* identifies the multi handle that triggered the notification. **notification** is the type of notification, e.g. what happened. The -following types are available: +following types are available right now. In the future, new ones might be +added. ## CURLMNOTIFY_INFO_READ @@ -79,8 +80,8 @@ The *easy* handle passed is an internal handle. ## CURLMNOTIFY_EASY_DONE When enabled via curl_multi_notify_enable(3), this notification is triggered -when a an easy handle has finished. This happens both for -successful and failed transfers. +when an easy handle has finished. This happens both for successful and failed +transfers. The *easy* handle passed is the transfer that is done. This *may* be an internal handle when DoH or other features are used. From 0d573969de269cb58d85c73ad12d63cccf7b33dd Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Tue, 7 Oct 2025 12:05:08 +0200 Subject: [PATCH 0340/2408] osslq: set out idle timeout to 0 Similar to our ngtcp2 backend, set our idle timeout for the connection to 0, meaning we have no such timeout from our side. The effective idle timeout is then the one announced by the peer. Closes #18907 --- lib/vquic/curl_osslq.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c index 3fd2daf92f..4d72797199 100644 --- a/lib/vquic/curl_osslq.c +++ b/lib/vquic/curl_osslq.c @@ -288,7 +288,6 @@ struct cf_osslq_ctx { struct bufc_pool stream_bufcp; /* chunk pool for streams */ struct uint_hash streams; /* hash `data->mid` to `h3_stream_ctx` */ size_t max_stream_window; /* max flow window for one stream */ - uint64_t max_idle_ms; /* max idle time for QUIC connection */ SSL_POLL_ITEM *poll_items; /* Array for polling on writable state */ struct Curl_easy **curl_items; /* Array of easy objs */ size_t items_max; /* max elements in poll/curl_items */ @@ -1228,6 +1227,9 @@ static CURLcode cf_osslq_ctx_start(struct Curl_cfilter *cf, SSL_set_connect_state(ctx->tls.ossl.ssl); SSL_set_incoming_stream_policy(ctx->tls.ossl.ssl, SSL_INCOMING_STREAM_POLICY_ACCEPT, 0); + /* from our side, there is no idle timeout */ + SSL_set_value_uint(ctx->tls.ossl.ssl, + SSL_VALUE_CLASS_FEATURE_REQUEST, SSL_VALUE_QUIC_IDLE_TIMEOUT, 0); /* setup the H3 things on top of the QUIC connection */ result = cf_osslq_h3conn_init(ctx, ctx->tls.ossl.ssl, cf); @@ -2243,7 +2245,7 @@ static bool cf_osslq_conn_is_alive(struct Curl_cfilter *cf, /* Added in OpenSSL v3.3.x */ { timediff_t idletime; - uint64_t idle_ms = ctx->max_idle_ms; + uint64_t idle_ms = 0; if(!SSL_get_value_uint(ctx->tls.ossl.ssl, SSL_VALUE_CLASS_FEATURE_NEGOTIATED, SSL_VALUE_QUIC_IDLE_TIMEOUT, &idle_ms)) { From 88a1ab511ce0883c0c0429a74af754036cff5df8 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Tue, 7 Oct 2025 11:30:46 +0200 Subject: [PATCH 0341/2408] ngtcp2: fix handling of blocked stream data The stream blocking might not be the one of the current easy handle. Look up the stream to be marked as blocking via its stream_id in the internal hash. Theoretically, this does not have to be one of the h3 streams, so not finding it is not an error. Fixes #18905 Reported-by: Joshua Rogers Closes #18906 --- lib/vquic/curl_ngtcp2.c | 35 ++++++++++++++++++++++++++++++++--- 1 file changed, 32 insertions(+), 3 deletions(-) diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index af7f26eb39..b48d1af555 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -300,6 +300,35 @@ static CURLcode h3_data_setup(struct Curl_cfilter *cf, return CURLE_OK; } +struct cf_ngtcp2_sfind_ctx { + curl_int64_t stream_id; + struct h3_stream_ctx *stream; + unsigned int mid; +}; + +static bool cf_ngtcp2_sfind(unsigned int mid, void *value, void *user_data) +{ + struct cf_ngtcp2_sfind_ctx *fctx = user_data; + struct h3_stream_ctx *stream = value; + + if(fctx->stream_id == stream->id) { + fctx->mid = mid; + fctx->stream = stream; + return FALSE; + } + return TRUE; /* continue */ +} + +static struct h3_stream_ctx * +cf_ngtcp2_get_stream(struct cf_ngtcp2_ctx *ctx, curl_int64_t stream_id) +{ + struct cf_ngtcp2_sfind_ctx fctx; + fctx.stream_id = stream_id; + fctx.stream = NULL; + Curl_uint_hash_visit(&ctx->streams, cf_ngtcp2_sfind, &fctx); + return fctx.stream; +} + static void cf_ngtcp2_stream_close(struct Curl_cfilter *cf, struct Curl_easy *data, struct h3_stream_ctx *stream) @@ -1808,13 +1837,13 @@ static CURLcode read_pkt_to_send(void *userp, else if(n < 0) { switch(n) { case NGTCP2_ERR_STREAM_DATA_BLOCKED: { - struct h3_stream_ctx *stream = H3_STREAM_CTX(ctx, x->data); + struct h3_stream_ctx *stream; DEBUGASSERT(ndatalen == -1); nghttp3_conn_block_stream(ctx->h3conn, stream_id); CURL_TRC_CF(x->data, x->cf, "[%" FMT_PRId64 "] block quic flow", (curl_int64_t)stream_id); - DEBUGASSERT(stream); - if(stream) + stream = cf_ngtcp2_get_stream(ctx, stream_id); + if(stream) /* it might be not one of our h3 streams? */ stream->quic_flow_blocked = TRUE; n = 0; break; From df70a68984308952dcacf33d11593cb22ad80464 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 7 Oct 2025 12:36:49 +0200 Subject: [PATCH 0342/2408] cmake: support building some complicated examples, build them in CI Build these examples when the necessary dependencies are present: - cacertinmem, usercertinmem (OpenSSL/fork) - multi-uv (libuv) - multithread, threaded-ssl (pthread) - sessioninfo (GnuTLS) Indicate the necessary dependency via a `Required:` comment placed in the source file. A single dependency per source is supported as of now. The name of the dependency should match the variable used within the cmake scripts, which in turn matches the macro used in the config header. E.g. for GnuTLS it's `USE_GNUTLS`. Also: - GHA/macos: build examples in two job to test GnuTLS and pthread ones. - GHA/linux: enable libuv to test it with examples. Follow-up to 6bb77140322565ca17f5a66aa5d8500d8d469cca #18914 Closes #18909 --- .github/workflows/linux.yml | 4 ++-- .github/workflows/macos.yml | 4 ++-- docs/examples/CMakeLists.txt | 34 +++++++++++++++++++++++++++++++--- docs/examples/Makefile.am | 5 +++-- docs/examples/Makefile.inc | 16 ++++++++++------ docs/examples/cacertinmem.c | 2 ++ docs/examples/multi-uv.c | 4 +++- docs/examples/multithread.c | 2 ++ docs/examples/sessioninfo.c | 2 ++ docs/examples/threaded-ssl.c | 3 ++- docs/examples/usercertinmem.c | 2 ++ 11 files changed, 61 insertions(+), 17 deletions(-) diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index d78789b8a1..d01fb4a0b9 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -109,10 +109,10 @@ jobs: configure: CC=clang LDFLAGS=-Wl,-rpath,/home/runner/mbedtls/lib --with-mbedtls=/home/runner/mbedtls --enable-debug --with-fish-functions-dir --with-zsh-functions-dir - name: 'mbedtls' - install_packages: libnghttp2-dev + install_packages: libnghttp2-dev libuv1-dev install_steps: mbedtls PKG_CONFIG_PATH: /home/runner/mbedtls/lib/pkgconfig # Requires v3.6.0 - generate: -DCURL_USE_MBEDTLS=ON -DENABLE_DEBUG=ON + generate: -DCURL_USE_MBEDTLS=ON -DCURL_USE_LIBUV=ON -DENABLE_DEBUG=ON - name: 'mbedtls-pkg MultiSSL !pc' install_packages: libnghttp2-dev libmbedtls-dev diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index c32b71439c..b4bbc8ea79 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -276,7 +276,7 @@ jobs: configure: --enable-debug --with-openssl=/opt/homebrew/opt/openssl tflags: --test-event # cmake - - name: 'OpenSSL gsasl rtmp AppleIDN SecTrust' + - name: 'OpenSSL gsasl rtmp AppleIDN SecTrust +examples' install: libnghttp3 libngtcp2 gsasl rtmpdump generate: -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl -DCURL_USE_GSASL=ON -DUSE_LIBRTMP=ON -DUSE_APPLE_IDN=ON -DUSE_NGTCP2=ON -DCURL_DISABLE_VERBOSE_STRINGS=ON -DUSE_APPLE_SECTRUST=ON - name: 'MultiSSL AppleIDN clang-tidy +examples' @@ -314,7 +314,7 @@ jobs: install: brotli mbedtls zstd install_steps: codeset-test generate: -DCURL_USE_MBEDTLS=ON -DCURL_DISABLE_LDAP=ON -DCURL_DEFAULT_SSL_BACKEND=mbedtls -DCURL_USE_OPENSSL=ON -DUSE_APPLE_IDN=ON - - name: 'GnuTLS !ldap krb5' + - name: 'GnuTLS !ldap krb5 +examples' install: gnutls nettle krb5 generate: -DENABLE_DEBUG=ON -DCURL_USE_GNUTLS=ON -DCURL_USE_OPENSSL=OFF -DCURL_USE_GSSAPI=ON -DGSS_ROOT_DIR=/opt/homebrew/opt/krb5 -DCURL_DISABLE_LDAP=ON -DUSE_SSLS_EXPORT=ON - name: 'aws-lc' diff --git a/docs/examples/CMakeLists.txt b/docs/examples/CMakeLists.txt index d86494c870..c86e8439fd 100644 --- a/docs/examples/CMakeLists.txt +++ b/docs/examples/CMakeLists.txt @@ -24,14 +24,22 @@ add_custom_target(curl-examples) -# Get check_PROGRAMS variable +# Get check_PROGRAMS, COMPLICATED_MAY_BUILD, COMPLICATED_EXAMPLES variables curl_transform_makefile_inc("Makefile.inc" "${CMAKE_CURRENT_BINARY_DIR}/Makefile.inc.cmake") include("${CMAKE_CURRENT_BINARY_DIR}/Makefile.inc.cmake") +set(_with_deps "") set(_all_src "") set(_all_canary "") set(_all "all") -foreach(_target IN LISTS check_PROGRAMS _all) # keep '_all' last +foreach(_target IN LISTS COMPLICATED_MAY_BUILD check_PROGRAMS _all) # keep 'COMPLICATED_MAY_BUILD' first, and '_all' last + # Strip .c suffix from COMPLICATED_MAY_BUILD items + if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.20) + cmake_path(GET _target STEM _target) + else() + get_filename_component(_target "${_target}" NAME_WE) + endif() + set(_more_libs "") set(_target_name "curl-example-${_target}") if(_target STREQUAL "all") if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.12) @@ -50,16 +58,36 @@ foreach(_target IN LISTS check_PROGRAMS _all) # keep '_all' last else() add_library(${_target_name} STATIC EXCLUDE_FROM_ALL ${_all_src}) endif() + if(_with_deps) + set(_more_libs ${CURL_LIBS}) # If any examples required dependencies, link them + endif() add_custom_target(curl-examples-build) # Special target to compile all tests quickly and build a single test to probe linkage add_dependencies(curl-examples-build ${_target_name} ${_all_canary}) # Include a full build of a single test else() + # Check if the example requires a build option. Then check if that build option is enabled. + # If it is, link all dependencies to the example. + set(_requires_regex "/\\* Requires: ([A-Z0-9_]+) \\*/") + file(STRINGS "${_target}.c" _req REGEX "${_requires_regex}") + string(REGEX REPLACE "${_requires_regex}" "\\1" _req "${_req}") + if(_req) + if(${${_req}}) + string(APPEND _with_deps " ${_target}:${_req}") + set(_more_libs ${CURL_LIBS}) + else() + continue() # Option required, but not found + endif() + endif() set(_all_canary ${_target_name}) # Save the last test for the curl-examples-build target list(APPEND _all_src "${_target}.c") add_executable(${_target_name} EXCLUDE_FROM_ALL "${_target}.c") add_dependencies(curl-examples ${_target_name}) endif() - target_link_libraries(${_target_name} ${LIB_SELECTED} ${CURL_NETWORK_AND_TIME_LIBS}) + target_link_libraries(${_target_name} ${LIB_SELECTED} ${CURL_NETWORK_AND_TIME_LIBS} ${_more_libs}) target_compile_definitions(${_target_name} PRIVATE "CURL_NO_OLDIES" "$<$:WIN32_LEAN_AND_MEAN>" "$<$:_CRT_SECURE_NO_DEPRECATE>") set_target_properties(${_target_name} PROPERTIES OUTPUT_NAME "${_target}" PROJECT_LABEL "Example ${_target}" UNITY_BUILD OFF) endforeach() + +if(_with_deps) + message(STATUS "Enabled examples with dependencies:${_with_deps}") +endif() diff --git a/docs/examples/Makefile.am b/docs/examples/Makefile.am index 89ebcc9840..0885b925c4 100644 --- a/docs/examples/Makefile.am +++ b/docs/examples/Makefile.am @@ -24,7 +24,8 @@ AUTOMAKE_OPTIONS = foreign nostdinc -EXTRA_DIST = CMakeLists.txt .checksrc README.md Makefile.example $(COMPLICATED_EXAMPLES) +EXTRA_DIST = CMakeLists.txt .checksrc README.md Makefile.example \ + $(COMPLICATED_MAY_BUILD) $(COMPLICATED_EXAMPLES) # Specify our include paths here, and do it relative to $(top_srcdir) and # $(top_builddir), to ensure that these paths which belong to the library @@ -53,7 +54,7 @@ LDADD = $(top_builddir)/lib/libcurl.la # This might hold -Werror CFLAGS += @CURL_CFLAG_EXTRAS@ -# Get check_PROGRAMS variable +# Get check_PROGRAMS, COMPLICATED_MAY_BUILD, COMPLICATED_EXAMPLES variables include Makefile.inc all: $(check_PROGRAMS) diff --git a/docs/examples/Makefile.inc b/docs/examples/Makefile.inc index bb6e42971b..3bb68f25aa 100644 --- a/docs/examples/Makefile.inc +++ b/docs/examples/Makefile.inc @@ -140,10 +140,19 @@ check_PROGRAMS = \ websocket-cb \ websocket-updown +# These examples require external dependencies that may be available during +# the build. +COMPLICATED_MAY_BUILD = \ + cacertinmem.c \ + multi-uv.c \ + multithread.c \ + sessioninfo.c \ + threaded-ssl.c \ + usercertinmem.c + # These examples require external dependencies that may not be commonly # available on POSIX systems, so do not bother attempting to compile them here. COMPLICATED_EXAMPLES = \ - cacertinmem.c \ crawler.c \ ephiperfifo.c \ evhiperfifo.c \ @@ -152,11 +161,6 @@ COMPLICATED_EXAMPLES = \ htmltidy.c \ htmltitle.cpp \ multi-event.c \ - multi-uv.c \ - multithread.c \ - sessioninfo.c \ smooth-gtk-thread.c \ - threaded-ssl.c \ - usercertinmem.c \ version-check.pl \ xmlstream.c diff --git a/docs/examples/cacertinmem.c b/docs/examples/cacertinmem.c index 6a2649b29b..e552ce5d69 100644 --- a/docs/examples/cacertinmem.c +++ b/docs/examples/cacertinmem.c @@ -26,6 +26,8 @@ * */ +/* Requires: USE_OPENSSL */ + #include #include #include diff --git a/docs/examples/multi-uv.c b/docs/examples/multi-uv.c index 07774c93eb..8cebcd5e26 100644 --- a/docs/examples/multi-uv.c +++ b/docs/examples/multi-uv.c @@ -21,11 +21,11 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ - /* * multi_socket API using libuv * */ + /* Use the socket_action interface to download multiple files in parallel, powered by libuv. @@ -34,6 +34,8 @@ See https://docs.libuv.org/en/v1.x/index.html libuv API documentation */ +/* Requires: USE_LIBUV */ + #include #include #include diff --git a/docs/examples/multithread.c b/docs/examples/multithread.c index 4cdb74fbe4..b98977c443 100644 --- a/docs/examples/multithread.c +++ b/docs/examples/multithread.c @@ -26,6 +26,8 @@ * */ +/* Requires: HAVE_PTHREAD_H */ + #include #include #include diff --git a/docs/examples/sessioninfo.c b/docs/examples/sessioninfo.c index 5fbc1cc4df..b9b3a3c462 100644 --- a/docs/examples/sessioninfo.c +++ b/docs/examples/sessioninfo.c @@ -29,6 +29,8 @@ /* Note that this example currently requires curl to be linked against GnuTLS (and this program must also be linked against -lgnutls). */ +/* Requires: USE_GNUTLS */ + #ifndef CURL_DISABLE_DEPRECATION #define CURL_DISABLE_DEPRECATION #endif diff --git a/docs/examples/threaded-ssl.c b/docs/examples/threaded-ssl.c index 6590e8b202..3868899e4f 100644 --- a/docs/examples/threaded-ssl.c +++ b/docs/examples/threaded-ssl.c @@ -36,7 +36,8 @@ * https://github.com/curl/curl/blob/curl-7_88_1/docs/examples/threaded-ssl.c */ -#define USE_OPENSSL /* or USE_GNUTLS accordingly */ +/* Requires: HAVE_PTHREAD_H */ +/* Also requires TLS support to run */ #include #include diff --git a/docs/examples/usercertinmem.c b/docs/examples/usercertinmem.c index 899895592e..2a3c2b0006 100644 --- a/docs/examples/usercertinmem.c +++ b/docs/examples/usercertinmem.c @@ -31,6 +31,8 @@ * must be used in real circumstances when a secure connection is required. */ +/* Requires: USE_OPENSSL */ + #ifndef OPENSSL_SUPPRESS_DEPRECATED #define OPENSSL_SUPPRESS_DEPRECATED #endif From 9f52458e7d14a7185b39a8d1046e4935caeb0a54 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 7 Oct 2025 12:47:19 +0200 Subject: [PATCH 0343/2408] notify: use 'notify' in public header and docs Closes #18915 --- docs/libcurl/opts/CURLMOPT_NOTIFYDATA.md | 8 +++--- docs/libcurl/opts/CURLMOPT_NOTIFYFUNCTION.md | 20 +++++++------- include/curl/typecheck-gcc.h | 28 ++++++++++---------- 3 files changed, 28 insertions(+), 28 deletions(-) diff --git a/docs/libcurl/opts/CURLMOPT_NOTIFYDATA.md b/docs/libcurl/opts/CURLMOPT_NOTIFYDATA.md index deb4b5b95c..ad57cbea14 100644 --- a/docs/libcurl/opts/CURLMOPT_NOTIFYDATA.md +++ b/docs/libcurl/opts/CURLMOPT_NOTIFYDATA.md @@ -46,10 +46,10 @@ struct priv { void *ours; }; -static void ntfy_cb(CURLM *multi, unsigned int notification, - CURL *easy, void *ntfyp) +static void notify_cb(CURLM *multi, unsigned int notification, + CURL *easy, void *notifyp) { - struct priv *p = ntfyp; + struct priv *p = notifyp; printf("my ptr: %p\n", p->ours); /* ... */ } @@ -59,7 +59,7 @@ int main(void) struct priv setup; CURLM *multi = curl_multi_init(); /* ... use socket callback and custom pointer */ - curl_multi_setopt(multi, CURLMOPT_NOTIFYFUNCTION, ntfy_cb); + curl_multi_setopt(multi, CURLMOPT_NOTIFYFUNCTION, notify_cb); curl_multi_setopt(multi, CURLMOPT_NOTIFYDATA, &setup); curl_multi_notify_enable(multi, CURLMNOTIFY_INFO_READ); } diff --git a/docs/libcurl/opts/CURLMOPT_NOTIFYFUNCTION.md b/docs/libcurl/opts/CURLMOPT_NOTIFYFUNCTION.md index 4091b1ae68..0e10aa9187 100644 --- a/docs/libcurl/opts/CURLMOPT_NOTIFYFUNCTION.md +++ b/docs/libcurl/opts/CURLMOPT_NOTIFYFUNCTION.md @@ -23,12 +23,12 @@ CURLMOPT_NOTIFYFUNCTION - callback receiving notifications ~~~c #include -void ntfy_callback(CURLM *multi, /* multi handle */ - unsigned int notification, /* notification type */ - CURL *easy, /* easy handle */ - void *ntfyp); /* private ntfy pointer */ +void notify_callback(CURLM *multi, /* multi handle */ + unsigned int notification, /* notification type */ + CURL *easy, /* easy handle */ + void *notifyp); /* private notify pointer */ -CURLMcode curl_multi_setopt(CURLM *handle, CURLMOPT_NOTIFYFUNCTION, ntfy_callback); +CURLMcode curl_multi_setopt(CURLM *handle, CURLMOPT_NOTIFYFUNCTION, notify_callback); ~~~ # DESCRIPTION @@ -89,7 +89,7 @@ an internal handle when DoH or other features are used. *easy* identifies the transfer involved. This may be one of the application's own easy handle or an internal handle. -**ntfyp** is set with CURLMOPT_NOTIFYDATA(3). +**notifyp** is set with CURLMOPT_NOTIFYDATA(3). # DEFAULT @@ -104,10 +104,10 @@ struct priv { void *ours; }; -static void ntfy_cb(CURLM *multi, unsigned int notification, - CURL *easy, void *ntfyp) +static void notify_cb(CURLM *multi, unsigned int notification, + CURL *easy, void *notifyp) { - struct priv *p = ntfyp; + struct priv *p = notifyp; printf("my ptr: %p\n", p->ours); /* ... */ } @@ -117,7 +117,7 @@ int main(void) struct priv setup; CURLM *multi = curl_multi_init(); /* ... use socket callback and custom pointer */ - curl_multi_setopt(multi, CURLMOPT_NOTIFYFUNCTION, ntfy_cb); + curl_multi_setopt(multi, CURLMOPT_NOTIFYFUNCTION, notify_cb); curl_multi_setopt(multi, CURLMOPT_NOTIFYDATA, &setup); curl_multi_notify_enable(multi, CURLMNOTIFY_INFO_READ); } diff --git a/include/curl/typecheck-gcc.h b/include/curl/typecheck-gcc.h index de2cfb715a..063cea57e6 100644 --- a/include/curl/typecheck-gcc.h +++ b/include/curl/typecheck-gcc.h @@ -208,9 +208,9 @@ if(curlcheck_charpp_option(option)) \ if(!curlcheck_ptrptr(value, char)) \ Wcurl_multi_setopt_err_charpp(); \ - if((option) == CURLMOPT_NOTIFYFUNCTION) \ - if(!curlcheck_multintfy_cb(value)) \ - Wcurl_multi_setopt_err_ntfycb(); \ + if((option) == CURLMOPT_NOTIFYFUNCTION) \ + if(!curlcheck_multinotify_cb(value)) \ + Wcurl_multi_setopt_err_notifycb(); \ if((option) == CURLMOPT_PUSHFUNCTION) \ if(!curlcheck_multipush_cb(value)) \ Wcurl_multi_setopt_err_pushcb(); \ @@ -227,7 +227,7 @@ /* evaluates to true if the option takes a data argument to pass to a callback */ #define curlcheck_multicb_data_option(option) \ - ((option) == CURLMOPT_NOTIFYDATA || \ + ((option) == CURLMOPT_NOTIFYDATA || \ (option) == CURLMOPT_PUSHDATA || \ (option) == CURLMOPT_SOCKETDATA || \ (option) == CURLMOPT_TIMERDATA || \ @@ -250,13 +250,13 @@ curlcheck_cb_compatible((expr), curl_socket_callback)) /* evaluates to true if expr is of type curl_push_callback */ -#define curlcheck_multipush_cb(expr) \ - (curlcheck_NULL(expr) || \ +#define curlcheck_multipush_cb(expr) \ + (curlcheck_NULL(expr) || \ curlcheck_cb_compatible((expr), curl_push_callback)) /* evaluates to true if expr is of type curl_push_callback */ -#define curlcheck_multintfy_cb(expr) \ - (curlcheck_NULL(expr) || \ +#define curlcheck_multinotify_cb(expr) \ + (curlcheck_NULL(expr) || \ curlcheck_cb_compatible((expr), curl_notify_callback)) /* @@ -284,7 +284,7 @@ CURLWARNING(Wcurl_multi_setopt_err_charpp, "curl_multi_setopt expects a 'char **' argument") CURLWARNING(Wcurl_multi_setopt_err_pushcb, "curl_multi_setopt expects a curl_push_callback argument") -CURLWARNING(Wcurl_multi_setopt_err_ntfycb, +CURLWARNING(Wcurl_multi_setopt_err_notifycb, "curl_multi_setopt expects a curl_notify_callback argument") CURLWARNING(Wcurl_multi_setopt_err_socketcb, "curl_multi_setopt expects a curl_socket_callback argument") @@ -392,16 +392,16 @@ CURLWARNING(Wcurl_easy_getinfo_err_curl_off_t, /* groups of curl_easy_setops options that take the same type of argument */ /* evaluates to true if option takes a long argument */ -#define curlcheck_long_option(option) \ +#define curlcheck_long_option(option) \ (0 < (option) && (option) < CURLOPTTYPE_OBJECTPOINT) #define curlcheck_off_t_option(option) \ (((option) > CURLOPTTYPE_OFF_T) && ((option) < CURLOPTTYPE_BLOB)) /* option takes a CURL * argument */ -#define curlcheck_curl_option(option) \ - ((option) == CURLOPT_STREAM_DEPENDS || \ - (option) == CURLOPT_STREAM_DEPENDS_E || \ +#define curlcheck_curl_option(option) \ + ((option) == CURLOPT_STREAM_DEPENDS || \ + (option) == CURLOPT_STREAM_DEPENDS_E || \ 0) /* evaluates to true if option takes a char* argument */ @@ -684,7 +684,7 @@ CURLWARNING(Wcurl_easy_getinfo_err_curl_off_t, (curlcheck_ptr((expr), void) || \ curlcheck_ptr((expr), FILE)) #else /* be less strict */ -#define curlcheck_cb_data(expr) \ +#define curlcheck_cb_data(expr) \ curlcheck_any_ptr(expr) #endif From 1103ccb73e316ee830c9dbfe95218974a32418a3 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 7 Oct 2025 20:30:06 +0200 Subject: [PATCH 0344/2408] examples/sessioninfo: cast printf string mask length to int Found via `-Wformat-signedness`: ``` docs/examples/sessioninfo.c: In function 'wrfu': docs/examples/sessioninfo.c:75:53: error: field precision specifier '.*' expects argument of type 'int', but argument 4 has type 'unsigned int' [-Werror=format=] fprintf(stderr, "Certificate #%u: %.*s", i, dn.size, dn.data); ^ ``` Ref: https://github.com/curl/curl/actions/runs/18320729052/job/52172864438?pr=18343#step:13:30 Ref: https://github.com/curl/curl/actions/runs/18320729095/job/52172886899?pr=18343#step:19:27 Also: - drop unnecessary parenthesis. - scope variables. Ref: #18343 Closes #18918 --- docs/examples/sessioninfo.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/docs/examples/sessioninfo.c b/docs/examples/sessioninfo.c index b9b3a3c462..ed5f0e9e29 100644 --- a/docs/examples/sessioninfo.c +++ b/docs/examples/sessioninfo.c @@ -46,8 +46,6 @@ static CURL *curl; static size_t wrfu(void *ptr, size_t size, size_t nmemb, void *stream) { const struct curl_tlssessioninfo *info; - unsigned int cert_list_size; - const gnutls_datum_t *chainp; CURLcode res; (void)stream; @@ -56,11 +54,14 @@ static size_t wrfu(void *ptr, size_t size, size_t nmemb, void *stream) res = curl_easy_getinfo(curl, CURLINFO_TLS_SESSION, &info); if(!res) { + unsigned int cert_list_size; + const gnutls_datum_t *chainp; + switch(info->backend) { case CURLSSLBACKEND_GNUTLS: /* info->internals is now the gnutls_session_t */ chainp = gnutls_certificate_get_peers(info->internals, &cert_list_size); - if((chainp) && (cert_list_size)) { + if(chainp && cert_list_size) { unsigned int i; for(i = 0; i < cert_list_size; i++) { @@ -72,7 +73,8 @@ static size_t wrfu(void *ptr, size_t size, size_t nmemb, void *stream) gnutls_x509_crt_import(cert, &chainp[i], GNUTLS_X509_FMT_DER)) { if(GNUTLS_E_SUCCESS == gnutls_x509_crt_print(cert, GNUTLS_CRT_PRINT_FULL, &dn)) { - fprintf(stderr, "Certificate #%u: %.*s", i, dn.size, dn.data); + fprintf(stderr, "Certificate #%u: %.*s", i, + (int)dn.size, dn.data); gnutls_free(dn.data); } From 4bfd7a961521e1fd6aab7610e931d82a342781a8 Mon Sep 17 00:00:00 2001 From: Joshua Rogers Date: Tue, 7 Oct 2025 10:31:18 +0800 Subject: [PATCH 0345/2408] openssl: skip session resumption when verifystatus is set Resumed TLS sessions skip OCSP stapled-response verification. Force a full handshake so verifystatus() runs. Closes #18902 --- lib/vtls/openssl.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 039eb51c9a..fb5cc18362 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -3727,6 +3727,7 @@ ossl_init_session_and_alpns(struct ossl_ctx *octx, Curl_ossl_init_session_reuse_cb *sess_reuse_cb) { struct ssl_config_data *ssl_config = Curl_ssl_cf_get_config(cf, data); + struct ssl_primary_config *conn_cfg = Curl_ssl_cf_get_primary_config(cf); struct alpn_spec alpns; char error_buffer[256]; CURLcode result; @@ -3734,7 +3735,7 @@ ossl_init_session_and_alpns(struct ossl_ctx *octx, Curl_alpn_copy(&alpns, alpns_requested); octx->reused_session = FALSE; - if(ssl_config->primary.cache_session) { + if(ssl_config->primary.cache_session && !conn_cfg->verifystatus) { struct Curl_ssl_session *scs = NULL; result = Curl_ssl_scache_take(cf, data, peer->scache_key, &scs); From 4e77388a0bb3ff06e8f6c17995aaf943a019462f Mon Sep 17 00:00:00 2001 From: Joshua Rogers Date: Tue, 7 Oct 2025 13:59:09 +0800 Subject: [PATCH 0346/2408] h3/nghttp3: return NGHTTP3_ERR_CALLBACK_FAILURE from recv_header Closes #18904 --- lib/vquic/curl_ngtcp2.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index b48d1af555..0254f594ef 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -1142,7 +1142,7 @@ static int cb_h3_recv_header(nghttp3_conn *conn, int64_t sid, result = Curl_http_decode_status(&stream->status_code, (const char *)h3val.base, h3val.len); if(result) - return -1; + return NGHTTP3_ERR_CALLBACK_FAILURE; curlx_dyn_reset(&ctx->scratch); result = curlx_dyn_addn(&ctx->scratch, STRCONST("HTTP/3 ")); if(!result) @@ -1156,7 +1156,7 @@ static int cb_h3_recv_header(nghttp3_conn *conn, int64_t sid, CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] status: %s", stream_id, curlx_dyn_ptr(&ctx->scratch)); if(result) { - return -1; + return NGHTTP3_ERR_CALLBACK_FAILURE; } } else { From 38ab421f60f79f8dfd85f24a03c358a7a8431018 Mon Sep 17 00:00:00 2001 From: Joshua Rogers Date: Tue, 7 Oct 2025 13:59:29 +0800 Subject: [PATCH 0347/2408] h3/ngtcp2: close just-opened QUIC stream when submit_request fails Closes #18904 --- lib/vquic/curl_ngtcp2.c | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index 0254f594ef..68f346af78 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -1607,6 +1607,7 @@ static CURLcode h3_stream_open(struct Curl_cfilter *cf, "%d (%s)", stream->id, rc, nghttp3_strerror(rc)); break; } + cf_ngtcp2_stream_close(cf, data, stream); result = CURLE_SEND_ERROR; goto out; } From ab761794c1e6d124cd7c6dd2b337d7c433c1774e Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 8 Oct 2025 03:09:23 +0200 Subject: [PATCH 0348/2408] tests/server: drop pointless memory allocation overrides The code was overriding system memory allocation functions to a local jump table (declared in `curl_setup.h`). And setup that jump table to call the original system allocation functions. Also tested fine with cegcc/WinCE. The `_strdup` fallback was possibly required for an MSVC WinCE toolchain. Closes #18922 --- tests/server/Makefile.inc | 2 +- tests/server/memptr.c | 47 --------------------------------------- 2 files changed, 1 insertion(+), 48 deletions(-) delete mode 100644 tests/server/memptr.c diff --git a/tests/server/Makefile.inc b/tests/server/Makefile.inc index bbdacc1a17..c335e885b2 100644 --- a/tests/server/Makefile.inc +++ b/tests/server/Makefile.inc @@ -30,7 +30,7 @@ FIRST_C = first.c FIRST_H = first.h # Common files used by test programs -UTILS_C = memptr.c getpart.c util.c +UTILS_C = getpart.c util.c UTILS_H = CURLX_C = \ diff --git a/tests/server/memptr.c b/tests/server/memptr.c deleted file mode 100644 index 247bbf13ab..0000000000 --- a/tests/server/memptr.c +++ /dev/null @@ -1,47 +0,0 @@ -/*************************************************************************** - * _ _ ____ _ - * Project ___| | | | _ \| | - * / __| | | | |_) | | - * | (__| |_| | _ <| |___ - * \___|\___/|_| \_\_____| - * - * Copyright (C) Daniel Stenberg, , et al. - * - * This software is licensed as described in the file COPYING, which - * you should have received as part of this distribution. The terms - * are also available at https://curl.se/docs/copyright.html. - * - * You may opt to use, copy, modify, merge, publish, distribute and/or sell - * copies of the Software, and permit persons to whom the Software is - * furnished to do so, under the terms of the COPYING file. - * - * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY - * KIND, either express or implied. - * - * SPDX-License-Identifier: curl - * - ***************************************************************************/ -#include "first.h" - -#include "curl_memory.h" - -#ifdef UNDER_CE -#define system_strdup _strdup -#else -#define system_strdup strdup -#endif - -#if defined(_MSC_VER) && defined(_DLL) -# pragma warning(push) -# pragma warning(disable:4232) /* MSVC extension, dllimport identity */ -#endif - -curl_malloc_callback Curl_cmalloc = (curl_malloc_callback)malloc; -curl_free_callback Curl_cfree = (curl_free_callback)free; -curl_realloc_callback Curl_crealloc = (curl_realloc_callback)realloc; -curl_strdup_callback Curl_cstrdup = (curl_strdup_callback)system_strdup; -curl_calloc_callback Curl_ccalloc = (curl_calloc_callback)calloc; - -#if defined(_MSC_VER) && defined(_DLL) -# pragma warning(pop) -#endif From 82fd9edb0e0313f206b23f90a000164b52412072 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 8 Oct 2025 11:15:13 +0200 Subject: [PATCH 0349/2408] INSTALL-CMAKE.md: document useful build targets Closes #18927 --- docs/INSTALL-CMAKE.md | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/docs/INSTALL-CMAKE.md b/docs/INSTALL-CMAKE.md index 4c78752521..071c898882 100644 --- a/docs/INSTALL-CMAKE.md +++ b/docs/INSTALL-CMAKE.md @@ -499,6 +499,26 @@ the feature detection is performed. Note: These variables are internal and subject to change. +## Useful build targets + +- `testdeps`: Build test dependencies (servers, tools, test certificates). + Individual targets: `curlinfo`, `libtests`, `servers`, `tunits`, `units` + Test certificates: `build-certs`, `clean-certs` +- `tests`: Run tests (`runtests.pl`). Customize via the `TFLAGS` environment variable, e.g. `TFLAGS=1621`. + Other flavors: `test-am`, `test-ci`, `test-event`, `test-full`, `test-nonflaky`, `test-quiet`, `test-torture` +- `curl-pytest`: Run tests (pytest). + Other flavor: `curl-test-ci` +- `curl-examples`: Build examples + Individual targets: `curl-example-`, + where is the .c filename without extension. +- `curl-examples-build`: Build examples quickly but without the ability to run them (for build tests) +- `curl-man`: Build man pages (built by default unless disabled) +- `curl_uninstall`: Uninstall curl +- `curl-completion-fish`: Build shell completions for fish (built by default if enabled) +- `curl-completion-zsh`: Build shell completions for zsh (built by default if enabled) +- `curl-ca-bundle`: Build the CA bundle via `scripts/mk-ca-bundle.pl` +- `curl-ca-firefox`: Build the CA bundle via `scritps/firefox-db2pem.sh` + # Migrating from Visual Studio IDE Project Files We recommend using CMake to build curl with MSVC. From 0b54ce6ffc395148f2c43ce4664ecd9678f822bd Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 8 Oct 2025 13:37:29 +0200 Subject: [PATCH 0350/2408] INSTALL-CMAKE.md: fix typo in prev Not caught in original PR. Fixing it in CI separately. Follow-up 82fd9edb0e0313f206b23f90a000164b52412072 #18927 --- docs/INSTALL-CMAKE.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/INSTALL-CMAKE.md b/docs/INSTALL-CMAKE.md index 071c898882..a0430bbfa4 100644 --- a/docs/INSTALL-CMAKE.md +++ b/docs/INSTALL-CMAKE.md @@ -517,7 +517,7 @@ Note: These variables are internal and subject to change. - `curl-completion-fish`: Build shell completions for fish (built by default if enabled) - `curl-completion-zsh`: Build shell completions for zsh (built by default if enabled) - `curl-ca-bundle`: Build the CA bundle via `scripts/mk-ca-bundle.pl` -- `curl-ca-firefox`: Build the CA bundle via `scritps/firefox-db2pem.sh` +- `curl-ca-firefox`: Build the CA bundle via `scripts/firefox-db2pem.sh` # Migrating from Visual Studio IDE Project Files From 3800a26582af8b355e96cf80135ba7642e816ed6 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 8 Oct 2025 13:41:50 +0200 Subject: [PATCH 0351/2408] GHA/checksrc: also run on .md file changes To avoid missing e.g. codespell issue when updating Markdown files only, as in 82fd9edb0e0313f206b23f90a000164b52412072 #18927 Follow-up to 0b54ce6ffc395148f2c43ce4664ecd9678f822bd Closes #18935 --- .github/workflows/checksrc.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/checksrc.yml b/.github/workflows/checksrc.yml index 4ea1961412..a0337904f2 100644 --- a/.github/workflows/checksrc.yml +++ b/.github/workflows/checksrc.yml @@ -12,7 +12,6 @@ name: 'Source' - master - '*/ci' paths-ignore: - - '**/*.md' - '.circleci/**' - 'appveyor.*' - 'Dockerfile' @@ -22,7 +21,6 @@ name: 'Source' branches: - master paths-ignore: - - '**/*.md' - '.circleci/**' - 'appveyor.*' - 'Dockerfile' From 6a31e3137a1352aec528d768dee8d5a1c509f451 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 8 Oct 2025 14:36:22 +0200 Subject: [PATCH 0352/2408] GHA/dependabot: find more pip deps, tweak commit prefix Before this patch the Dependabot updater was only picking up `tests/requirements.txt`: https://github.com/curl/curl/network/updates/26616523/jobs Also prefix commit messages with `GHA:`. Bug: https://github.com/curl/curl/pull/18761#issuecomment-3381147189 Follow-up to b04137c1c6ed164594279c7d04b5e051634453ea #18761 Closes #18939 --- .github/dependabot.yml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index a21592ee3e..858b99e8e8 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -8,8 +8,15 @@ updates: directory: '/' schedule: interval: 'monthly' + commit-message: + prefix: 'GHA:' - package-ecosystem: 'pip' - directory: '/' + directories: + - '/.github/scripts' + - '/tests' + - '/tests/http' schedule: interval: 'monthly' + commit-message: + prefix: 'GHA:' From c951fe7e6daadf545016900267ca990d6476786e Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 8 Oct 2025 14:50:58 +0200 Subject: [PATCH 0353/2408] GHA/dependabot: tweak dir list to avoid a dupe, rename .txt file to avoid the bot It correctly picked all pips, but also picked `tests/http/requirements.txt` twice and also `.github/scripts/codespell-ignore.txt`. Try avoid these issues with this patch. Follow-up to 6a31e3137a1352aec528d768dee8d5a1c509f451 #18939 Closes #18946 --- .github/dependabot.yml | 1 - .../scripts/{codespell-ignore.txt => codespell-ignore.words} | 0 .github/scripts/codespell.sh | 2 +- .github/scripts/typos.toml | 2 +- 4 files changed, 2 insertions(+), 3 deletions(-) rename .github/scripts/{codespell-ignore.txt => codespell-ignore.words} (100%) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 858b99e8e8..bd5661bea4 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -15,7 +15,6 @@ updates: directories: - '/.github/scripts' - '/tests' - - '/tests/http' schedule: interval: 'monthly' commit-message: diff --git a/.github/scripts/codespell-ignore.txt b/.github/scripts/codespell-ignore.words similarity index 100% rename from .github/scripts/codespell-ignore.txt rename to .github/scripts/codespell-ignore.words diff --git a/.github/scripts/codespell.sh b/.github/scripts/codespell.sh index b373a7d210..6825b38c7e 100755 --- a/.github/scripts/codespell.sh +++ b/.github/scripts/codespell.sh @@ -15,5 +15,5 @@ codespell \ --skip 'packages/*' \ --skip 'scripts/wcurl' \ --ignore-regex '.*spellchecker:disable-line' \ - --ignore-words '.github/scripts/codespell-ignore.txt' \ + --ignore-words '.github/scripts/codespell-ignore.words' \ $(git ls-files) diff --git a/.github/scripts/typos.toml b/.github/scripts/typos.toml index a84017cf53..2be01d59f6 100644 --- a/.github/scripts/typos.toml +++ b/.github/scripts/typos.toml @@ -21,7 +21,7 @@ extend-ignore-re = [ [files] extend-exclude = [ - ".github/scripts/codespell-ignore.txt", + ".github/scripts/codespell-ignore.words", ".github/scripts/spellcheck.words", "docs/THANKS", "packages/*", From 29093f0ee832bbd65314f681429429e1840c6575 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 8 Oct 2025 12:46:51 +0000 Subject: [PATCH 0354/2408] GHA: bump dependencies - cryptography from 44.0.1 to 46.0.2 in tests/http - ruff from 0.13.2 to 0.14.0 in .github/scripts - reuse from 6.0.0 to 6.1.2 in .github/scripts - github/codeql-action from 3.30.5 to 4.30.7 Closes #18941 Closes #18942 Closes #18943 Closes #18945 Closes #18947 --- .github/scripts/requirements.txt | 4 ++-- .github/workflows/codeql.yml | 8 ++++---- tests/http/requirements.txt | 2 +- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/scripts/requirements.txt b/.github/scripts/requirements.txt index c20a747673..4533b2cfd7 100644 --- a/.github/scripts/requirements.txt +++ b/.github/scripts/requirements.txt @@ -5,5 +5,5 @@ cmakelang==0.6.13 codespell==2.4.1 pytype==2024.10.11 -reuse==6.0.0 -ruff==0.13.2 +reuse==6.1.2 +ruff==0.14.0 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index da12e575ab..cc882a51a3 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -48,13 +48,13 @@ jobs: persist-credentials: false - name: 'initialize' - uses: github/codeql-action/init@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5 + uses: github/codeql-action/init@e296a935590eb16afc0c0108289f68c87e2a89a5 # v4.30.7 with: languages: actions, python queries: security-extended - name: 'perform analysis' - uses: github/codeql-action/analyze@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5 + uses: github/codeql-action/analyze@e296a935590eb16afc0c0108289f68c87e2a89a5 # v4.30.7 c: name: 'C' @@ -84,7 +84,7 @@ jobs: persist-credentials: false - name: 'initialize' - uses: github/codeql-action/init@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5 + uses: github/codeql-action/init@e296a935590eb16afc0c0108289f68c87e2a89a5 # v4.30.7 with: languages: cpp build-mode: manual @@ -130,4 +130,4 @@ jobs: fi - name: 'perform analysis' - uses: github/codeql-action/analyze@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5 + uses: github/codeql-action/analyze@e296a935590eb16afc0c0108289f68c87e2a89a5 # v4.30.7 diff --git a/tests/http/requirements.txt b/tests/http/requirements.txt index 6a98723ac2..3b81a2ca13 100644 --- a/tests/http/requirements.txt +++ b/tests/http/requirements.txt @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: curl -cryptography==44.0.1 +cryptography==46.0.2 filelock==3.19.1 psutil==7.1.0 pytest==8.4.2 From bbce304c0bd4405cb2f5e484bded366764b1306e Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 8 Oct 2025 13:33:19 +0200 Subject: [PATCH 0355/2408] GHA/linux-old: dump logs on configure failure As done in other jobs, but here tailored to old cmake. The logs generated by ancient CMake aren't super useful though. Cherry-picked from #18932 Closes #18948 --- .github/workflows/linux-old.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/.github/workflows/linux-old.yml b/.github/workflows/linux-old.yml index 5cb292cafc..c1415a981a 100644 --- a/.github/workflows/linux-old.yml +++ b/.github/workflows/linux-old.yml @@ -89,6 +89,10 @@ jobs: VERBOSE=1 make install src/curl --disable --version + - name: 'cmake build-only configure log' + if: ${{ !cancelled() }} + run: cat bld-1/CMakeFiles/CMake*.log 2>/dev/null || true + - name: 'cmake build-only curl_config.h' run: | echo '::group::raw'; cat bld-1/lib/curl_config.h || true; echo '::endgroup::' @@ -104,6 +108,10 @@ jobs: -DCURL_USE_GNUTLS=ON -DENABLE_ARES=ON -DCURL_USE_GSSAPI=ON -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=OFF -DUSE_LIBRTMP=ON \ -DCURL_LIBCURL_VERSIONED_SYMBOLS=ON + - name: 'cmake configure log' + if: ${{ !cancelled() }} + run: cat bld-cares/CMakeFiles/CMake*.log 2>/dev/null || true + - name: 'cmake curl_config.h' run: | echo '::group::raw'; cat bld-cares/lib/curl_config.h || true; echo '::endgroup::' @@ -137,6 +145,10 @@ jobs: --with-gnutls --enable-ares --without-libssh2 --with-zstd --with-gssapi --with-librtmp \ --prefix="$PWD"/../curl-install-am + - name: 'autotools configure log' + if: ${{ !cancelled() }} + run: cat bld-am/config.log 2>/dev/null || true + - name: 'autotools curl_config.h' run: | echo '::group::raw'; cat bld-am/lib/curl_config.h || true; echo '::endgroup::' From 1f112242323848d0ebfc88ae97b139d18e7987f6 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 8 Oct 2025 18:49:51 +0200 Subject: [PATCH 0356/2408] cmake/FindGSS: fix `pkg-config` fallback logic for CMake <3.16 The documented `__VERSION` variables are empty in all tested versions since 3.7.2 to 4.1.2. Stop using it as a fallback for <3.16 versions, and replace with the undocumented, but working, `FindPkgConfig` internal variable `_pkg_check_modules_pkg_name`. It contains the module name which was found. In practice it caused that with CMake <3.16 + `pkg-config`, curl always detected the Heimdal flavor of GSS. Also: Delete a fallback version detection method, which was already marked with a question mark in comments, and used the same, always empty, CMake variables. Ref: https://cmake.org/cmake/help/v4.1/module/FindPkgConfig.html Bug: https://github.com/curl/curl/pull/18932#issuecomment-3381807070 Closes #18950 --- CMake/FindGSS.cmake | 16 ++++------------ 1 file changed, 4 insertions(+), 12 deletions(-) diff --git a/CMake/FindGSS.cmake b/CMake/FindGSS.cmake index 78a9194cd6..aa640c3342 100644 --- a/CMake/FindGSS.cmake +++ b/CMake/FindGSS.cmake @@ -277,25 +277,17 @@ if(NOT _gss_FOUND) # Not found by pkg-config. Let us take more traditional appr endif() endif() else() - # _gss_MODULE_NAME set since CMake 3.16 - if(_gss_MODULE_NAME STREQUAL _gnu_modname OR _gss_${_gnu_modname}_VERSION) + # _gss_MODULE_NAME set since CMake 3.16. + # _pkg_check_modules_pkg_name is undocumented and used as a fallback for CMake <3.16 versions. + if(_gss_MODULE_NAME STREQUAL _gnu_modname OR _pkg_check_modules_pkg_name STREQUAL _gnu_modname) set(GSS_FLAVOUR "GNU") set(GSS_PC_REQUIRES "gss") - if(NOT _gss_version) # for old CMake versions? - set(_gss_version ${_gss_${_gnu_modname}_VERSION}) - endif() - elseif(_gss_MODULE_NAME STREQUAL _mit_modname OR _gss_${_mit_modname}_VERSION) + elseif(_gss_MODULE_NAME STREQUAL _mit_modname OR _pkg_check_modules_pkg_name STREQUAL _mit_modname) set(GSS_FLAVOUR "MIT") set(GSS_PC_REQUIRES "mit-krb5-gssapi") - if(NOT _gss_version) # for old CMake versions? - set(_gss_version ${_gss_${_mit_modname}_VERSION}) - endif() else() set(GSS_FLAVOUR "Heimdal") set(GSS_PC_REQUIRES "heimdal-gssapi") - if(NOT _gss_version) # for old CMake versions? - set(_gss_version ${_gss_${_heimdal_modname}_VERSION}) - endif() endif() message(STATUS "Found GSS/${GSS_FLAVOUR} (via pkg-config): ${_gss_INCLUDE_DIRS} (found version \"${_gss_version}\")") endif() From ca789e09b53420dbc24ababec1ab44c88618f6d6 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Wed, 8 Oct 2025 14:44:23 +0200 Subject: [PATCH 0357/2408] wolfssl: no double get_error() detail Code was calling wolfSSL_get_error() on code that it had already retrieved with the same function. Remove that. Reported-by: Joshua Rogers Closes #18940 --- lib/vtls/wolfssl.c | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c index 6186ce985b..d4a0e066fa 100644 --- a/lib/vtls/wolfssl.c +++ b/lib/vtls/wolfssl.c @@ -1632,11 +1632,10 @@ static CURLcode wssl_send_earlydata(struct Curl_cfilter *cf, break; default: { char error_buffer[256]; - int detail = wolfSSL_get_error(wssl->ssl, err); CURL_TRC_CF(data, cf, "SSL send early data, error: '%s'(%d)", wssl_strerror((unsigned long)err, error_buffer, sizeof(error_buffer)), - detail); + err); result = CURLE_SEND_ERROR; break; } @@ -1878,7 +1877,6 @@ static CURLcode wssl_shutdown(struct Curl_cfilter *cf, char error_buffer[256]; int nread = -1, err; size_t i; - int detail; DEBUGASSERT(wctx); if(!wctx->ssl || cf->shutdown) { @@ -1959,11 +1957,10 @@ static CURLcode wssl_shutdown(struct Curl_cfilter *cf, connssl->io_need = CURL_SSL_IO_NEED_SEND; break; default: - detail = wolfSSL_get_error(wctx->ssl, err); CURL_TRC_CF(data, cf, "SSL shutdown, error: '%s'(%d)", wssl_strerror((unsigned long)err, error_buffer, sizeof(error_buffer)), - detail); + err); result = CURLE_RECV_ERROR; break; } From 0f02744c41fa4da0f25091dcce5c1e9e0c2220b5 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Wed, 8 Oct 2025 11:56:09 +0200 Subject: [PATCH 0358/2408] apple sectrust: check correct result on old OS versions On ancient Apple OS versions where SecTrustEvaluateWithError() is not available, the deprected SecTrustEvaluate() is used. In that code branch, the code checked the wong variable for the verified result. Closes #18929 --- lib/vtls/apple.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/vtls/apple.c b/lib/vtls/apple.c index b565c8f031..c96ebe037b 100644 --- a/lib/vtls/apple.c +++ b/lib/vtls/apple.c @@ -267,8 +267,8 @@ CURLcode Curl_vtls_apple_verify(struct Curl_cfilter *cf, if(status != noErr) { failf(data, "Apple SecTrust verification failed: error %i", (int)status); } - else if((status == kSecTrustResultUnspecified) || - (status == kSecTrustResultProceed)) { + else if((sec_result == kSecTrustResultUnspecified) || + (sec_result == kSecTrustResultProceed)) { /* "unspecified" means system-trusted with no explicit user setting */ result = CURLE_OK; } From 008078fc38991dcb5cfbf4b850f9acbf832dc618 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 8 Oct 2025 08:33:55 +0200 Subject: [PATCH 0359/2408] http: make Content-Length parser more WHATWG Return error if there is something after the number other than whitespace and newline. Allow comma separated numbers and repeated headers as long as the new value is the same as was set before. Add test 767 to 771 to verify. Reported-by: Ignat Loskutov Fixes #18921 Closes #18925 --- lib/http.c | 61 +++++++++++++++++++++++++++--------------- tests/data/Makefile.am | 2 +- tests/data/test767 | 58 +++++++++++++++++++++++++++++++++++++++ tests/data/test768 | 57 +++++++++++++++++++++++++++++++++++++++ tests/data/test769 | 53 ++++++++++++++++++++++++++++++++++++ tests/data/test770 | 58 +++++++++++++++++++++++++++++++++++++++ tests/data/test771 | 57 +++++++++++++++++++++++++++++++++++++++ 7 files changed, 324 insertions(+), 22 deletions(-) create mode 100644 tests/data/test767 create mode 100644 tests/data/test768 create mode 100644 tests/data/test769 create mode 100644 tests/data/test770 create mode 100644 tests/data/test771 diff --git a/lib/http.c b/lib/http.c index aea19d5167..6b1538a737 100644 --- a/lib/http.c +++ b/lib/http.c @@ -519,6 +519,7 @@ static CURLcode http_perhapsrewind(struct Curl_easy *data, /* We decided to abort the ongoing transfer */ streamclose(conn, "Mid-auth HTTP and much data left to send"); data->req.size = 0; /* do not download any more than 0 bytes */ + data->req.http_bodyless = TRUE; } return CURLE_OK; } @@ -3118,32 +3119,50 @@ static CURLcode http_header_c(struct Curl_easy *data, struct SingleRequest *k = &data->req; const char *v; - /* Check for Content-Length: header lines to get size */ + /* Check for Content-Length: header lines to get size. Browsers insist we + should accept multiple Content-Length headers and that a comma separated + list also is fine and then we should accept them all as long as they are + the same value. Different values trigger error. + */ v = (!k->http_bodyless && !data->set.ignorecl) ? HD_VAL(hd, hdlen, "Content-Length:") : NULL; if(v) { - curl_off_t contentlength; - int offt = curlx_str_numblanks(&v, &contentlength); + do { + curl_off_t contentlength; + int offt = curlx_str_numblanks(&v, &contentlength); - if(offt == STRE_OK) { - k->size = contentlength; - k->maxdownload = k->size; - } - else if(offt == STRE_OVERFLOW) { - /* out of range */ - if(data->set.max_filesize) { - failf(data, "Maximum file size exceeded"); - return CURLE_FILESIZE_EXCEEDED; + if(offt == STRE_OVERFLOW) { + /* out of range */ + if(data->set.max_filesize) { + failf(data, "Maximum file size exceeded"); + return CURLE_FILESIZE_EXCEEDED; + } + streamclose(conn, "overflow content-length"); + infof(data, "Overflow Content-Length: value"); + return CURLE_OK; } - streamclose(conn, "overflow content-length"); - infof(data, "Overflow Content-Length: value"); - } - else { - /* negative or just rubbish - bad HTTP */ - failf(data, "Invalid Content-Length: value"); - return CURLE_WEIRD_SERVER_REPLY; - } - return CURLE_OK; + else { + if((offt == STRE_OK) && + ((k->size == -1) || /* not set to something before */ + (k->size == contentlength))) { /* or the same value */ + + k->size = contentlength; + curlx_str_passblanks(&v); + + /* on a comma, loop and get the next instead */ + if(!curlx_str_single(&v, ',')) + continue; + + if(!curlx_str_newline(&v)) { + k->maxdownload = k->size; + return CURLE_OK; + } + } + /* negative, different value or just rubbish - bad HTTP */ + failf(data, "Invalid Content-Length: value"); + return CURLE_WEIRD_SERVER_REPLY; + } + } while(1); } v = (!k->http_bodyless && data->set.str[STRING_ENCODING]) ? HD_VAL(hd, hdlen, "Content-Encoding:") : NULL; diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am index 0d2d47c99a..11d9fb7cff 100644 --- a/tests/data/Makefile.am +++ b/tests/data/Makefile.am @@ -109,7 +109,7 @@ test727 test728 test729 test730 test731 test732 test733 test734 test735 \ test736 test737 test738 test739 test740 test741 test742 test743 test744 \ test745 test746 test747 test748 test749 test750 test751 test752 test753 \ test754 test755 test756 test757 test758 test759 test760 test761 test762 \ -test763 test764 test765 test766 \ +test763 test764 test765 test766 test767 test768 test769 test770 test771 \ \ test780 test781 test782 test783 test784 test785 test786 test787 test788 \ test789 test790 test791 test792 test793 test794 test796 test797 \ diff --git a/tests/data/test767 b/tests/data/test767 new file mode 100644 index 0000000000..0927be4f1b --- /dev/null +++ b/tests/data/test767 @@ -0,0 +1,58 @@ + + + +HTTP +HTTP GET + + + +# +# Server-side + + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes + +-foo- + + + +# +# Client-side + + +http + + +HTTP with two Content-Length response header fields same size + + +http://%HOSTIP:%HTTPPORT/%TESTNUMBER + + + +# +# Verify data after the test has been "shot" + + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + + + +Allocations: 135 +Maximum allocated: 136000 + + + diff --git a/tests/data/test768 b/tests/data/test768 new file mode 100644 index 0000000000..ced4353c30 --- /dev/null +++ b/tests/data/test768 @@ -0,0 +1,57 @@ + + + +HTTP +HTTP GET + + + +# +# Server-side + + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6badness +Content-Length: 44 +Connection: close +Content-Type: text/html +Funny-head: yesyes + +-foo- + + + +# +# Client-side + + +http + + +HTTP with letters after the number in Content-Length + + +http://%HOSTIP:%HTTPPORT/%TESTNUMBER + + + +# +# Verify data after the test has been "shot" + + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + + + +8 + + + diff --git a/tests/data/test769 b/tests/data/test769 new file mode 100644 index 0000000000..773d741e3f --- /dev/null +++ b/tests/data/test769 @@ -0,0 +1,53 @@ + + + +HTTP +HTTP GET + + + +# +# Server-side + + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes + +-foo- + + + +# +# Client-side + + +http + + +HTTP with space after Content-Length number + + +http://%HOSTIP:%HTTPPORT/%TESTNUMBER + + + +# +# Verify data after the test has been "shot" + + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + + + + diff --git a/tests/data/test770 b/tests/data/test770 new file mode 100644 index 0000000000..98e3850c4c --- /dev/null +++ b/tests/data/test770 @@ -0,0 +1,58 @@ + + + +HTTP +HTTP GET + + + +# +# Server-side + + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6,06,6 +Content-Length: 6, 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes + +-foo- + + + +# +# Client-side + + +http + + +HTTP with Content-Length headers using comma separated list + + +http://%HOSTIP:%HTTPPORT/%TESTNUMBER + + + +# +# Verify data after the test has been "shot" + + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + + + +Allocations: 135 +Maximum allocated: 136000 + + + diff --git a/tests/data/test771 b/tests/data/test771 new file mode 100644 index 0000000000..b57c87c88b --- /dev/null +++ b/tests/data/test771 @@ -0,0 +1,57 @@ + + + +HTTP +HTTP GET + + + +# +# Server-side + + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 44 +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes + +-foo- + + + +# +# Client-side + + +http + + +HTTP with two Content-Length headers using different sizes + + +http://%HOSTIP:%HTTPPORT/%TESTNUMBER + + + +# +# Verify data after the test has been "shot" + + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + + + +8 + + + From e4645c86b5d0692c6fc4aa413eeeefe601da0aed Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 8 Oct 2025 07:58:16 +0200 Subject: [PATCH 0360/2408] CURLOPT_COOKIEFILE.md: clarify when the cookies are loaded Closes #18924 --- docs/libcurl/opts/CURLOPT_COOKIEFILE.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docs/libcurl/opts/CURLOPT_COOKIEFILE.md b/docs/libcurl/opts/CURLOPT_COOKIEFILE.md index 676d728552..a4baf8febf 100644 --- a/docs/libcurl/opts/CURLOPT_COOKIEFILE.md +++ b/docs/libcurl/opts/CURLOPT_COOKIEFILE.md @@ -55,6 +55,9 @@ If you use this option multiple times, you add more files to read cookies from. Setting this option to NULL disables the cookie engine and clears the list of files to read cookies from. +The cookies are loaded from the specified file(s) when the transfer starts, +not when this option is set. + # SECURITY CONCERNS This document previously mentioned how specifying a non-existing file can also From d58b6009df5eb6e946423b33ce3dc10fa3f5a37f Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 8 Oct 2025 23:35:37 +0200 Subject: [PATCH 0361/2408] RELEASE-NOTES: synced --- RELEASE-NOTES | 62 +++++++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 53 insertions(+), 9 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 846340aee1..d80ceae5fc 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -3,14 +3,15 @@ curl and libcurl 8.17.0 Public curl releases: 271 Command line options: 273 curl_easy_setopt() options: 308 - Public functions in libcurl: 98 - Contributors: 3514 + Public functions in libcurl: 100 + Contributors: 3515 This release includes the following changes: o build: drop the winbuild build system [81] o krb5: drop support for Kerberos FTP [43] o libssh2: up the minimum requirement to 1.9.0 [85] + o multi: add notifications API [250] o progress: expand to use 6 characters per size [234] o ssl: support Apple SecTrust configurations [240] o tool_getparam: add --knownhosts [204] @@ -47,10 +48,13 @@ This release includes the following bugfixes: o checksrc: fix possible endless loops/errors in the banned function logic [220] o checksrc: fix to handle `)` predecing a banned function [229] o checksrc: reduce directory-specific exceptions [228] + o cmake/FindGSS: fix `pkg-config` fallback logic for CMake <3.16 [189] o cmake: add `CURL_CODE_COVERAGE` option [78] + o cmake: build the "all" examples source list dynamically [245] o cmake: clang detection tidy-ups [116] o cmake: drop exclamation in comment looking like a name [160] o cmake: fix building docs when the base directory contains `.3` [18] + o cmake: support building some complicated examples, build them in CI [235] o cmake: use modern alternatives for `get_filename_component()` [102] o cmake: use more `COMPILER_OPTIONS`, `LINK_OPTIONS` / `LINK_FLAGS` [152] o cmdline-docs: extended, clarified, refreshed [28] @@ -63,6 +67,7 @@ This release includes the following bugfixes: o curl_osslq: error out properly if BIO_ADDR_rawmake() fails [184] o curl_slist_append.md: clarify that a NULL pointer is not acceptable [72] o CURLINFO_FTP_ENTRY_PATH.md: this is for SFTP as well [8] + o CURLOPT_COOKIEFILE.md: clarify when the cookies are loaded [159] o CURLOPT_HEADER/WRITEFUNCTION.md: drop '* size' since size is always 1 [63] o CURLOPT_MAXLIFETIME_CONN: make default 24 hours [10] o CURLOPT_SSL_VERIFYHOST.md: add see-also to two other VERIFYHOST options [32] @@ -75,7 +80,11 @@ This release includes the following bugfixes: o docs/libcurl: use lowercase must [5] o docs: fix/tidy code fences [87] o easy_getinfo: check magic, Curl_close safety [3] + o examples/sessioninfo: cast printf string mask length to int [232] + o examples/synctime: make the sscanf not overflow the local buffer [252] + o examples/usercertinmem: avoid stripping const [247] o examples: drop unused `curl/mprintf.h` includes [224] + o examples: fix build issues in 'complicated' examples [243] o examples: fix two build issues surfaced with WinCE [223] o examples: fix two issues found by CodeQL [35] o examples: fix two more cases of `stat()` TOCTOU [147] @@ -89,7 +98,9 @@ This release includes the following bugfixes: o gtls: avoid potential use of uninitialized variable in trace output [83] o hostip: remove leftover INT_MAX check in Curl_dnscache_prune [88] o http: handle user-defined connection headers [165] + o http: make Content-Length parser more WHATWG [183] o httpsrr: free old pointers when storing new [57] + o INSTALL-CMAKE.md: document useful build targets [215] o INTERNALS: drop Winsock 2.2 from the dependency list [162] o INTERNALS: specify minimum version for Heimdal: 7.1.0 [158] o ip-happy: do not set unnecessary timeout [95] @@ -129,8 +140,13 @@ This release includes the following bugfixes: o mdlinkcheck: reject URLs containing quotes [174] o multi.h: add CURLMINFO_LASTENTRY [51] o multi_ev: remove unnecessary data check that confuses analysers [167] + o nghttp3: return NGHTTP3_ERR_CALLBACK_FAILURE from recv_header [227] o ngtcp2: check error code on connect failure [13] + o ngtcp2: close just-opened QUIC stream when submit_request fails [222] + o ngtcp2: compare idle timeout in ms to avoid overflow [248] o ngtcp2: fix early return [131] + o ngtcp2: fix handling of blocked stream data [236] + o ngtcp2: fix returns when TLS verify failed [251] o noproxy: fix the IPV6 network mask pattern match [166] o openldap: avoid indexing the result at -1 for blank responses [44] o openldap: check ber_sockbuf_add_io() return code [163] @@ -144,7 +160,9 @@ This release includes the following bugfixes: o openssl: fix build for v1.0.2 [225] o openssl: make the asn1_object_dump name null terminated [56] o openssl: set io_need always [99] + o openssl: skip session resumption when verifystatus is set [230] o OS400: fix a use-after-free/double-free case [142] + o osslq: set idle timeout to 0 [237] o pingpong: remove two old leftover debug infof() calls o pytest: skip specific tests for no-verbose builds [171] o quic: fix min TLS version handling [14] @@ -165,6 +183,7 @@ This release includes the following bugfixes: o smb: adjust buffer size checks [45] o smtp: check EHLO responses case insensitively [50] o socks: handle error in verbose trace gracefully [94] + o socks: handle premature close [246] o socks: make Curl_blockread_all return CURLcode [67] o socks: rewwork, cleaning up socks state handling [135] o socks_gssapi: make the gss_context a local variable [144] @@ -187,6 +206,7 @@ This release includes the following bugfixes: o telnet: return error on crazy TTYPE or XDISPLOC lengths [123] o telnet: send failure logged but not returned [175] o telnet: use pointer[0] for "unknown" option instead of pointer[i] [217] + o tests/server: drop pointless memory allocation overrides [219] o tests/server: drop unsafe `open()` override in signal handler (Windows) [151] o tftp: check and act on tftp_set_timeouts() returning error [38] o tftp: default timeout per block is now 15 seconds [156] @@ -220,6 +240,7 @@ This release includes the following bugfixes: o unit1664: drop casts, expand masks to full values [221] o url: make Curl_init_userdefined return void [213] o urldata: FILE is not a list-only protocol [9] + o vquic: fix idle-timeout checks (ms<-->ns), 64-bit log & honor 0=no-timeout [249] o vquic: handling of io improvements [239] o vtls: alpn setting, check proto parameter [134] o vtls_int.h: clarify data_pending [124] @@ -230,6 +251,7 @@ This release includes the following bugfixes: o windows: use native error code types more [206] o wolfssl: check BIO read parameters [133] o wolfssl: fix error check in shutdown [105] + o wolfssl: no double get_error() detail [188] o ws: clarify an error message [125] o ws: reject curl_ws_recv called with NULL buffer with a buflen [118] @@ -259,13 +281,13 @@ advice from friends like these: BobodevMm on github, Christian Schmitz, Dan Fandrich, Daniel Stenberg, Daniel Terhorst-North, dependabot[bot], divinity76 on github, Emilio Pozuelo Monfort, Ethan Everett, Evgeny Grin (Karlson2k), - fds242 on github, Howard Chu, Javier Blazquez, Jicea, jmaggard10 on github, - Johannes Schindelin, Joseph Birr-Pixton, Joshua Rogers, kapsiR on github, - kuchara on github, Marcel Raad, Michael Osipov, Michał Petryka, - Mohamed Daahir, Nir Azkiel, Patrick Monnerat, Pocs Norbert, Ray Satiro, - renovate[bot], rinsuki on github, Samuel Dionne-Riel, Samuel Henrique, - Stanislav Fort, Stefan Eissing, Viktor Szakats - (39 contributors) + fds242 on github, Howard Chu, Ignat Loskutov, Javier Blazquez, Jicea, + jmaggard10 on github, Johannes Schindelin, Joseph Birr-Pixton, Joshua Rogers, + kapsiR on github, kuchara on github, Marcel Raad, Michael Osipov, + Michał Petryka, Mohamed Daahir, Nir Azkiel, Patrick Monnerat, Pocs Norbert, + Ray Satiro, renovate[bot], rinsuki on github, Samuel Dionne-Riel, + Samuel Henrique, Stanislav Fort, Stefan Eissing, Viktor Szakats + (40 contributors) References to bug reports and discussions on issues: @@ -427,6 +449,7 @@ References to bug reports and discussions on issues: [156] = https://curl.se/bug/?i=18893 [157] = https://curl.se/bug/?i=18806 [158] = https://curl.se/bug/?i=18809 + [159] = https://curl.se/bug/?i=18924 [160] = https://curl.se/bug/?i=18810 [161] = https://curl.se/bug/?i=18749 [162] = https://curl.se/bug/?i=18808 @@ -450,9 +473,12 @@ References to bug reports and discussions on issues: [180] = https://curl.se/bug/?i=18886 [181] = https://curl.se/bug/?i=18884 [182] = https://curl.se/bug/?i=18754 + [183] = https://curl.se/bug/?i=18921 [184] = https://curl.se/bug/?i=18878 [185] = https://curl.se/bug/?i=18875 [186] = https://curl.se/bug/?i=18874 + [188] = https://curl.se/bug/?i=18940 + [189] = https://curl.se/bug/?i=18932 [191] = https://curl.se/bug/?i=18888 [192] = https://curl.se/bug/?i=18873 [193] = https://curl.se/bug/?i=18871 @@ -473,19 +499,37 @@ References to bug reports and discussions on issues: [212] = https://curl.se/bug/?i=18858 [213] = https://curl.se/bug/?i=18855 [214] = https://curl.se/bug/?i=18857 + [215] = https://curl.se/bug/?i=18927 [216] = https://curl.se/bug/?i=18852 [217] = https://curl.se/bug/?i=18851 [218] = https://curl.se/bug/?i=18850 + [219] = https://curl.se/bug/?i=18922 [220] = https://curl.se/bug/?i=18845 [221] = https://curl.se/bug/?i=18838 + [222] = https://curl.se/bug/?i=18904 [223] = https://curl.se/bug/?i=18843 [224] = https://curl.se/bug/?i=18842 [225] = https://curl.se/bug/?i=18841 [226] = https://curl.se/bug/?i=18839 + [227] = https://curl.se/bug/?i=18904 [228] = https://curl.se/bug/?i=18823 [229] = https://curl.se/bug/?i=18836 + [230] = https://curl.se/bug/?i=18902 [231] = https://curl.se/bug/?i=18835 + [232] = https://curl.se/bug/?i=18918 [234] = https://curl.se/bug/?i=18828 + [235] = https://curl.se/bug/?i=18909 + [236] = https://curl.se/bug/?i=18905 + [237] = https://curl.se/bug/?i=18907 [238] = https://curl.se/bug/?i=18829 [239] = https://curl.se/bug/?i=18812 [240] = https://curl.se/bug/?i=18703 + [243] = https://curl.se/bug/?i=18914 + [245] = https://curl.se/bug/?i=18911 + [246] = https://curl.se/bug/?i=18883 + [247] = https://curl.se/bug/?i=18908 + [248] = https://curl.se/bug/?i=18903 + [249] = https://curl.se/bug/?i=18903 + [250] = https://curl.se/bug/?i=18432 + [251] = https://curl.se/bug/?i=18881 + [252] = https://curl.se/bug/?i=18890 From 7c021fd14af3a4558bab8cb256abac77ac6148de Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 8 Oct 2025 21:40:07 +0200 Subject: [PATCH 0362/2408] cmake: minor Heimdal flavour detection fix Do not detect Heimdal if a single `H` character appears in the vendor string, require the full name: `Heimdal`. Cherry-picked from #18932 Closes #18951 --- CMake/FindGSS.cmake | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CMake/FindGSS.cmake b/CMake/FindGSS.cmake index aa640c3342..398e38aa98 100644 --- a/CMake/FindGSS.cmake +++ b/CMake/FindGSS.cmake @@ -164,7 +164,7 @@ if(NOT _gss_FOUND) # Not found by pkg-config. Let us take more traditional appr if(_gss_configure_failed) set(GSS_FLAVOUR "Heimdal") # most probably, should not really matter else() - if(_gss_vendor MATCHES "H|heimdal") + if(_gss_vendor MATCHES "Heimdal|heimdal") set(GSS_FLAVOUR "Heimdal") else() set(GSS_FLAVOUR "MIT") From 9fe8ba5c275002da7deb26f3d549fdda8944cf82 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 8 Oct 2025 19:07:03 +0200 Subject: [PATCH 0363/2408] GHA/linux-old: sync terminology with other jobs [ci skip] Cherry-picked from #18932 --- .github/workflows/linux-old.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/linux-old.yml b/.github/workflows/linux-old.yml index c1415a981a..6c5b18c2cf 100644 --- a/.github/workflows/linux-old.yml +++ b/.github/workflows/linux-old.yml @@ -100,7 +100,7 @@ jobs: # when this job can get a libssh version 0.9.0 or later, this should get # that enabled again - - name: 'cmake generate (out-of-tree, c-ares, zstd, gssapi)' + - name: 'cmake configure (out-of-tree, c-ares, zstd, gssapi)' run: | mkdir bld-cares cd bld-cares @@ -137,7 +137,7 @@ jobs: - name: 'autoreconf' run: autoreconf -if - - name: 'configure (out-of-tree, c-ares, zstd, gssapi)' + - name: 'autotools configure (out-of-tree, c-ares, zstd, gssapi)' run: | mkdir bld-am cd bld-am From cd7b45a3bbec0b43e87a9483a0fc8a82abaae956 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 9 Oct 2025 01:34:37 +0200 Subject: [PATCH 0364/2408] cmake/FindGSS: whitespace/formatting Sync format more with the rest of the Find modules. Cherry-picked from #18932 Closes #18957 --- CMake/FindGSS.cmake | 80 ++++++++++----------------------------------- 1 file changed, 17 insertions(+), 63 deletions(-) diff --git a/CMake/FindGSS.cmake b/CMake/FindGSS.cmake index 398e38aa98..18c84556c0 100644 --- a/CMake/FindGSS.cmake +++ b/CMake/FindGSS.cmake @@ -47,10 +47,7 @@ include(CheckIncludeFile) include(CheckIncludeFiles) include(CheckTypeSize) -set(_gss_root_hints - "${GSS_ROOT_DIR}" - "$ENV{GSS_ROOT_DIR}" -) +set(_gss_root_hints "${GSS_ROOT_DIR}" "$ENV{GSS_ROOT_DIR}") set(_gss_CFLAGS "") set(_gss_LIBRARY_DIRS "") @@ -69,37 +66,22 @@ if(NOT GSS_ROOT_DIR AND NOT "$ENV{GSS_ROOT_DIR}") endif() if(NOT _gss_FOUND) # Not found by pkg-config. Let us take more traditional approach. - find_file(_gss_configure_script - NAMES - "krb5-config" - HINTS - ${_gss_root_hints} - PATH_SUFFIXES - "bin" - NO_CMAKE_PATH - NO_CMAKE_ENVIRONMENT_PATH - ) - + find_file(_gss_configure_script NAMES "krb5-config" PATH_SUFFIXES "bin" HINTS ${_gss_root_hints} + NO_CMAKE_PATH NO_CMAKE_ENVIRONMENT_PATH) # If not found in user-supplied directories, maybe system knows better - find_file(_gss_configure_script - NAMES - "krb5-config" - PATH_SUFFIXES - "bin" - ) + find_file(_gss_configure_script NAMES "krb5-config" PATH_SUFFIXES "bin") if(_gss_configure_script) set(_gss_INCLUDE_DIRS "") set(_gss_LIBRARIES "") - execute_process( - COMMAND ${_gss_configure_script} "--cflags" "gssapi" + execute_process(COMMAND ${_gss_configure_script} "--cflags" "gssapi" OUTPUT_VARIABLE _gss_cflags_raw RESULT_VARIABLE _gss_configure_failed - OUTPUT_STRIP_TRAILING_WHITESPACE - ) + OUTPUT_STRIP_TRAILING_WHITESPACE) message(STATUS "FindGSS krb5-config --cflags: ${_gss_cflags_raw}") + if(NOT _gss_configure_failed) # 0 means success # Should also work in an odd case when multiple directories are given. string(STRIP "${_gss_cflags_raw}" _gss_cflags_raw) @@ -116,12 +98,10 @@ if(NOT _gss_FOUND) # Not found by pkg-config. Let us take more traditional appr endforeach() endif() - execute_process( - COMMAND ${_gss_configure_script} "--libs" "gssapi" + execute_process(COMMAND ${_gss_configure_script} "--libs" "gssapi" OUTPUT_VARIABLE _gss_lib_flags RESULT_VARIABLE _gss_configure_failed - OUTPUT_STRIP_TRAILING_WHITESPACE - ) + OUTPUT_STRIP_TRAILING_WHITESPACE) message(STATUS "FindGSS krb5-config --libs: ${_gss_lib_flags}") if(NOT _gss_configure_failed) # 0 means success @@ -141,24 +121,20 @@ if(NOT _gss_FOUND) # Not found by pkg-config. Let us take more traditional appr endforeach() endif() - execute_process( - COMMAND ${_gss_configure_script} "--version" + execute_process(COMMAND ${_gss_configure_script} "--version" OUTPUT_VARIABLE _gss_version RESULT_VARIABLE _gss_configure_failed - OUTPUT_STRIP_TRAILING_WHITESPACE - ) + OUTPUT_STRIP_TRAILING_WHITESPACE) # Older versions may not have the "--version" parameter. In this case we just do not care. if(_gss_configure_failed) set(_gss_version 0) endif() - execute_process( - COMMAND ${_gss_configure_script} "--vendor" + execute_process(COMMAND ${_gss_configure_script} "--vendor" OUTPUT_VARIABLE _gss_vendor RESULT_VARIABLE _gss_configure_failed - OUTPUT_STRIP_TRAILING_WHITESPACE - ) + OUTPUT_STRIP_TRAILING_WHITESPACE) # Older versions may not have the "--vendor" parameter. In this case we just do not care. if(_gss_configure_failed) @@ -173,13 +149,7 @@ if(NOT _gss_FOUND) # Not found by pkg-config. Let us take more traditional appr else() # Either there is no config script or we are on a platform that does not provide one (Windows?) - find_path(_gss_INCLUDE_DIRS NAMES "gssapi/gssapi.h" - HINTS - ${_gss_root_hints} - PATH_SUFFIXES - "include" - "inc" - ) + find_path(_gss_INCLUDE_DIRS NAMES "gssapi/gssapi.h" HINTS ${_gss_root_hints} PATH_SUFFIXES "include" "inc") if(_gss_INCLUDE_DIRS) # We have found something cmake_push_check_state() @@ -201,23 +171,12 @@ if(NOT _gss_FOUND) # Not found by pkg-config. Let us take more traditional appr cmake_pop_check_state() else() # I am not convinced if this is the right way but this is what autotools do at the moment - find_path(_gss_INCLUDE_DIRS NAMES "gssapi.h" - HINTS - ${_gss_root_hints} - PATH_SUFFIXES - "include" - "inc" - ) + find_path(_gss_INCLUDE_DIRS NAMES "gssapi.h" HINTS ${_gss_root_hints} PATH_SUFFIXES "include" "inc") if(_gss_INCLUDE_DIRS) set(GSS_FLAVOUR "Heimdal") else() - find_path(_gss_INCLUDE_DIRS NAMES "gss.h" - HINTS - ${_gss_root_hints} - PATH_SUFFIXES - "include" - ) + find_path(_gss_INCLUDE_DIRS NAMES "gss.h" HINTS ${_gss_root_hints} PATH_SUFFIXES "include") if(_gss_INCLUDE_DIRS) set(GSS_FLAVOUR "GNU") @@ -268,12 +227,7 @@ if(NOT _gss_FOUND) # Not found by pkg-config. Let us take more traditional appr endif() endif() - find_library(_gss_LIBRARIES NAMES ${_gss_libname} - HINTS - ${_gss_libdir_hints} - PATH_SUFFIXES - ${_gss_libdir_suffixes} - ) + find_library(_gss_LIBRARIES NAMES ${_gss_libname} HINTS ${_gss_libdir_hints} PATH_SUFFIXES ${_gss_libdir_suffixes}) endif() endif() else() From 8be9a26451d466571864a608bc48cc77746ff00d Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 8 Oct 2025 12:03:18 +0200 Subject: [PATCH 0365/2408] build: drop Heimdal support, update docs, replace with MIT Kerberos in CI The kerberos5 library Heimdal is one of three GSS libraries curl support. It has a memory leak triggered by the new test in #18917 and the project seems mostly abandoned. Drop support and steer users to the MIT krb5 or GNU GSS libraries. Co-authored-by: Daniel Stenberg Ref: #18928 Closes #18928 Closes #18932 --- .github/workflows/codeql.yml | 2 +- .github/workflows/linux-old.yml | 2 +- .github/workflows/linux.yml | 19 +++----- .github/workflows/macos.yml | 10 ++-- .github/workflows/non-native.yml | 6 +-- CMake/FindGSS.cmake | 80 ++++++++------------------------ CMakeLists.txt | 40 ++++++++-------- RELEASE-NOTES | 2 - configure.ac | 17 ++----- docs/INSTALL-CMAKE.md | 2 +- docs/INTERNALS.md | 1 - docs/KNOWN_BUGS | 15 ------ docs/TODO | 4 +- 13 files changed, 63 insertions(+), 137 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index cc882a51a3..58eaa35be5 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -76,7 +76,7 @@ jobs: sudo apt-get -o Dpkg::Use-Pty=0 update sudo rm -f /var/lib/man-db/auto-update sudo apt-get -o Dpkg::Use-Pty=0 install libpsl-dev libbrotli-dev libidn2-dev libssh2-1-dev libssh-dev \ - libnghttp2-dev libldap-dev heimdal-dev librtmp-dev libgnutls28-dev libwolfssl-dev + libnghttp2-dev libldap-dev libkrb5-dev librtmp-dev libgnutls28-dev libwolfssl-dev HOMEBREW_NO_AUTO_UPDATE=1 /home/linuxbrew/.linuxbrew/bin/brew install c-ares gsasl libnghttp3 libngtcp2 mbedtls rustls-ffi - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 diff --git a/.github/workflows/linux-old.yml b/.github/workflows/linux-old.yml index 6c5b18c2cf..fde23de811 100644 --- a/.github/workflows/linux-old.yml +++ b/.github/workflows/linux-old.yml @@ -68,7 +68,7 @@ jobs: dpkg -i freexian-archive-keyring_2022.06.08_all.deb echo 'deb http://deb.freexian.com/extended-lts stretch-lts main contrib non-free' | tee /etc/apt/sources.list.d/extended-lts.list apt-get -o Dpkg::Use-Pty=0 update - apt-get -o Dpkg::Use-Pty=0 install -y --no-install-suggests --no-install-recommends cmake make automake autoconf libtool gcc pkg-config libpsl-dev libzstd-dev zlib1g-dev libgnutls28-dev libc-ares-dev heimdal-dev libldap2-dev librtmp-dev stunnel4 groff + apt-get -o Dpkg::Use-Pty=0 install -y --no-install-suggests --no-install-recommends cmake make automake autoconf libtool gcc pkg-config libpsl-dev libzstd-dev zlib1g-dev libgnutls28-dev libc-ares-dev libkrb5-dev libldap2-dev librtmp-dev stunnel4 groff # GitHub's actions/checkout needs newer glibc and libstdc++. The latter also depends on # gcc-8-base, but it doesn't actually seem used in our situation and isn't available in # the main repo, so force the install. diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index d01fb4a0b9..da49ae67b5 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -69,13 +69,13 @@ jobs: fail-fast: false matrix: build: - - name: 'libressl heimdal' - install_packages: libidn2-dev libnghttp2-dev libldap-dev heimdal-dev + - name: 'libressl krb5' + install_packages: libidn2-dev libnghttp2-dev libldap-dev libkrb5-dev install_steps: libressl pytest codeset-test configure: LDFLAGS=-Wl,-rpath,/home/runner/libressl/lib --with-openssl=/home/runner/libressl --with-gssapi --enable-debug - - name: 'libressl heimdal valgrind' - install_packages: libnghttp2-dev libldap-dev heimdal-dev valgrind + - name: 'libressl krb5 valgrind' + install_packages: libnghttp2-dev libldap-dev libkrb5-dev valgrind install_steps: libressl generate: -DOPENSSL_ROOT_DIR=/home/runner/libressl -DCURL_USE_GSSAPI=ON -DENABLE_DEBUG=ON -DCURL_LIBCURL_VERSIONED_SYMBOLS=ON @@ -365,7 +365,7 @@ jobs: run: | apk add --no-cache build-base autoconf automake libtool perl openssl-dev \ libssh2-dev zlib-dev brotli-dev zstd-dev libidn2-dev openldap-dev \ - heimdal-dev libpsl-dev c-ares-dev \ + krb5-dev libpsl-dev c-ares-dev \ py3-impacket py3-asn1 py3-six py3-pycryptodomex \ perl-time-hires openssh stunnel sudo git openssl @@ -671,13 +671,8 @@ jobs: TEST_TARGET: ${{ matrix.build.torture && 'test-torture' || 'test-ci' }} TFLAGS: '${{ matrix.build.tflags }}' run: | - if [ "${TEST_TARGET}" = 'test-ci' ]; then - if [[ "${MATRIX_INSTALL_PACKAGES}" = *'valgrind'* ]]; then - TFLAGS+=' -j6' - if [[ "${MATRIX_INSTALL_PACKAGES}" = *'heimdal-dev'* ]]; then - TFLAGS+=' ~2056 ~2057 ~2077 ~2078' # memory leaks from Curl_auth_decode_spnego_message() -> gss_import_name() - fi - fi + if [ "${TEST_TARGET}" = 'test-ci' ] && [[ "${MATRIX_INSTALL_PACKAGES}" = *'valgrind'* ]]; then + TFLAGS+=' -j6' fi [ -f ~/venv/bin/activate ] && source ~/venv/bin/activate if [[ "${MATRIX_INSTALL_STEPS}" = *'codeset-test'* ]]; then diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index b4bbc8ea79..7e85cb71e1 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -294,17 +294,17 @@ jobs: - name: 'HTTP/3 clang-tidy' compiler: clang - install: llvm brotli zstd libnghttp3 libngtcp2 openldap heimdal + install: llvm brotli zstd libnghttp3 libngtcp2 openldap krb5 install_steps: clang-tidy skipall generate: >- -DCURL_USE_OPENSSL=ON -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl -DUSE_NGTCP2=ON -DLDAP_INCLUDE_DIR=/opt/homebrew/opt/openldap/include -DLDAP_LIBRARY=/opt/homebrew/opt/openldap/lib/libldap.dylib -DLDAP_LBER_LIBRARY=/opt/homebrew/opt/openldap/lib/liblber.dylib - -DCURL_USE_GSSAPI=ON -DGSS_ROOT_DIR=/opt/homebrew/opt/heimdal + -DCURL_USE_GSSAPI=ON -DGSS_ROOT_DIR=/opt/homebrew/opt/krb5 -DCURL_CLANG_TIDY=ON -DCLANG_TIDY=/opt/homebrew/opt/llvm/bin/clang-tidy - - name: 'LibreSSL openldap heimdal c-ares +examples' - install: libressl heimdal openldap - generate: -DENABLE_DEBUG=ON -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/libressl -DENABLE_ARES=ON -DCURL_USE_GSSAPI=ON -DGSS_ROOT_DIR=/opt/homebrew/opt/heimdal -DLDAP_INCLUDE_DIR=/opt/homebrew/opt/openldap/include -DLDAP_LIBRARY=/opt/homebrew/opt/openldap/lib/libldap.dylib -DLDAP_LBER_LIBRARY=/opt/homebrew/opt/openldap/lib/liblber.dylib + - name: 'LibreSSL openldap krb5 c-ares +examples' + install: libressl krb5 openldap + generate: -DENABLE_DEBUG=ON -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/libressl -DENABLE_ARES=ON -DCURL_USE_GSSAPI=ON -DGSS_ROOT_DIR=/opt/homebrew/opt/krb5 -DLDAP_INCLUDE_DIR=/opt/homebrew/opt/openldap/include -DLDAP_LIBRARY=/opt/homebrew/opt/openldap/lib/libldap.dylib -DLDAP_LBER_LIBRARY=/opt/homebrew/opt/openldap/lib/liblber.dylib - name: 'wolfSSL !ldap brotli zstd' install: brotli wolfssl zstd install_steps: pytest diff --git a/.github/workflows/non-native.yml b/.github/workflows/non-native.yml index f0368a9240..8dccb9e399 100644 --- a/.github/workflows/non-native.yml +++ b/.github/workflows/non-native.yml @@ -61,7 +61,7 @@ jobs: architecture: ${{ matrix.arch }} run: | # https://pkgsrc.se/ - time sudo pkgin -y install cmake ninja-build pkg-config perl brotli heimdal openldap-client libssh2 libidn2 libpsl nghttp2 py311-impacket + time sudo pkgin -y install cmake ninja-build pkg-config perl brotli mit-krb5 openldap-client libssh2 libidn2 libpsl nghttp2 py311-impacket time cmake -B bld -G Ninja \ -DCMAKE_INSTALL_PREFIX="$HOME"/curl-install \ -DCMAKE_UNITY_BUILD=ON \ @@ -164,10 +164,10 @@ jobs: # https://ports.freebsd.org/ if [ "${MATRIX_BUILD}" = 'cmake' ]; then time sudo pkg install -y cmake-core ninja perl5 \ - pkgconf brotli openldap26-client libidn2 libnghttp2 stunnel py311-impacket + pkgconf brotli krb5-devel openldap26-client libidn2 libnghttp2 stunnel py311-impacket else time sudo pkg install -y autoconf automake libtool \ - pkgconf brotli openldap26-client libidn2 libnghttp2 stunnel py311-impacket + pkgconf brotli krb5-devel openldap26-client libidn2 libnghttp2 stunnel py311-impacket export MAKEFLAGS=-j3 fi diff --git a/CMake/FindGSS.cmake b/CMake/FindGSS.cmake index 18c84556c0..21d756c2bc 100644 --- a/CMake/FindGSS.cmake +++ b/CMake/FindGSS.cmake @@ -29,8 +29,8 @@ # # Result variables: # -# - `GSS_FOUND`: System has the Heimdal library. -# - `GSS_FLAVOUR`: "GNU", "MIT" or "Heimdal" if anything found. +# - `GSS_FOUND`: System has a GSS library. +# - `GSS_FLAVOUR`: "GNU" or "MIT" if anything found. # - `GSS_INCLUDE_DIRS`: The GSS include directories. # - `GSS_LIBRARIES`: The GSS library names. # - `GSS_LIBRARY_DIRS`: The GSS library directories. @@ -41,7 +41,6 @@ set(_gnu_modname "gss") set(_mit_modname "mit-krb5-gssapi") -set(_heimdal_modname "heimdal-gssapi") include(CheckIncludeFile) include(CheckIncludeFiles) @@ -56,7 +55,7 @@ set(_gss_LIBRARY_DIRS "") if(NOT GSS_ROOT_DIR AND NOT "$ENV{GSS_ROOT_DIR}") if(CURL_USE_PKGCONFIG) find_package(PkgConfig QUIET) - pkg_search_module(_gss ${_gnu_modname} ${_mit_modname} ${_heimdal_modname}) + pkg_search_module(_gss ${_gnu_modname} ${_mit_modname}) list(APPEND _gss_root_hints "${_gss_PREFIX}") set(_gss_version "${_gss_VERSION}") endif() @@ -137,14 +136,8 @@ if(NOT _gss_FOUND) # Not found by pkg-config. Let us take more traditional appr OUTPUT_STRIP_TRAILING_WHITESPACE) # Older versions may not have the "--vendor" parameter. In this case we just do not care. - if(_gss_configure_failed) - set(GSS_FLAVOUR "Heimdal") # most probably, should not really matter - else() - if(_gss_vendor MATCHES "Heimdal|heimdal") - set(GSS_FLAVOUR "Heimdal") - else() - set(GSS_FLAVOUR "MIT") - endif() + if(NOT _gss_configure_failed AND NOT _gss_vendor MATCHES "Heimdal|heimdal") + set(GSS_FLAVOUR "MIT") # assume a default, should not really matter endif() else() # Either there is no config script or we are on a platform that does not provide one (Windows?) @@ -155,33 +148,19 @@ if(NOT _gss_FOUND) # Not found by pkg-config. Let us take more traditional appr cmake_push_check_state() list(APPEND CMAKE_REQUIRED_INCLUDES "${_gss_INCLUDE_DIRS}") check_include_files("gssapi/gssapi_generic.h;gssapi/gssapi_krb5.h" _gss_have_mit_headers) + cmake_pop_check_state() if(_gss_have_mit_headers) set(GSS_FLAVOUR "MIT") - else() - # Prevent compiling the header - just check if we can include it - list(APPEND CMAKE_REQUIRED_DEFINITIONS "-D__ROKEN_H__") - check_include_file("roken.h" _gss_have_roken_h) - - check_include_file("heimdal/roken.h" _gss_have_heimdal_roken_h) - if(_gss_have_roken_h OR _gss_have_heimdal_roken_h) - set(GSS_FLAVOUR "Heimdal") - endif() endif() - cmake_pop_check_state() else() # I am not convinced if this is the right way but this is what autotools do at the moment find_path(_gss_INCLUDE_DIRS NAMES "gssapi.h" HINTS ${_gss_root_hints} PATH_SUFFIXES "include" "inc") + find_path(_gss_INCLUDE_DIRS NAMES "gss.h" HINTS ${_gss_root_hints} PATH_SUFFIXES "include") if(_gss_INCLUDE_DIRS) - set(GSS_FLAVOUR "Heimdal") - else() - find_path(_gss_INCLUDE_DIRS NAMES "gss.h" HINTS ${_gss_root_hints} PATH_SUFFIXES "include") - - if(_gss_INCLUDE_DIRS) - set(GSS_FLAVOUR "GNU") - set(GSS_PC_REQUIRES "gss") - endif() + set(GSS_FLAVOUR "GNU") + set(GSS_PC_REQUIRES "gss") endif() endif() @@ -201,35 +180,32 @@ if(NOT _gss_FOUND) # Not found by pkg-config. Let us take more traditional appr list(APPEND _gss_libdir_suffixes "lib/AMD64") if(GSS_FLAVOUR STREQUAL "GNU") set(_gss_libname "gss") - elseif(GSS_FLAVOUR STREQUAL "MIT") + else() # MIT set(_gss_libname "gssapi64") - else() - set(_gss_libname "libgssapi") endif() else() list(APPEND _gss_libdir_suffixes "lib/i386") if(GSS_FLAVOUR STREQUAL "GNU") set(_gss_libname "gss") - elseif(GSS_FLAVOUR STREQUAL "MIT") + else() # MIT set(_gss_libname "gssapi32") - else() - set(_gss_libname "libgssapi") endif() endif() else() list(APPEND _gss_libdir_suffixes "lib;lib64") # those suffixes are not checked for HINTS if(GSS_FLAVOUR STREQUAL "GNU") set(_gss_libname "gss") - elseif(GSS_FLAVOUR STREQUAL "MIT") + else() # MIT set(_gss_libname "gssapi_krb5") - else() - set(_gss_libname "gssapi") endif() endif() find_library(_gss_LIBRARIES NAMES ${_gss_libname} HINTS ${_gss_libdir_hints} PATH_SUFFIXES ${_gss_libdir_suffixes}) endif() endif() + if(NOT GSS_FLAVOUR) + message(FATAL_ERROR "GNU or MIT GSS is required") + endif() else() # _gss_MODULE_NAME set since CMake 3.16. # _pkg_check_modules_pkg_name is undocumented and used as a fallback for CMake <3.16 versions. @@ -240,8 +216,7 @@ else() set(GSS_FLAVOUR "MIT") set(GSS_PC_REQUIRES "mit-krb5-gssapi") else() - set(GSS_FLAVOUR "Heimdal") - set(GSS_PC_REQUIRES "heimdal-gssapi") + message(FATAL_ERROR "GNU or MIT GSS is required") endif() message(STATUS "Found GSS/${GSS_FLAVOUR} (via pkg-config): ${_gss_INCLUDE_DIRS} (found version \"${_gss_version}\")") endif() @@ -254,25 +229,8 @@ set(GSS_LIBRARY_DIRS ${_gss_LIBRARY_DIRS}) set(GSS_CFLAGS ${_gss_CFLAGS}) set(GSS_VERSION ${_gss_version}) -if(GSS_FLAVOUR) - if(NOT GSS_VERSION AND GSS_FLAVOUR STREQUAL "Heimdal") - if(CMAKE_SIZEOF_VOID_P EQUAL 8) - set(_heimdal_manifest_file "Heimdal.Application.amd64.manifest") - else() - set(_heimdal_manifest_file "Heimdal.Application.x86.manifest") - endif() - - if(EXISTS "${GSS_INCLUDE_DIRS}/${_heimdal_manifest_file}") - file(STRINGS "${GSS_INCLUDE_DIRS}/${_heimdal_manifest_file}" _heimdal_version_str - REGEX "^.*version=\"[0-9]\\.[^\"]+\".*$") - - string(REGEX MATCH "[0-9]\\.[^\"]+" GSS_VERSION "${_heimdal_version_str}") - endif() - - if(NOT GSS_VERSION) - set(GSS_VERSION "Heimdal Unknown") - endif() - elseif(NOT GSS_VERSION AND GSS_FLAVOUR STREQUAL "MIT") +if(NOT GSS_VERSION) + if(GSS_FLAVOUR STREQUAL "MIT") if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.24) cmake_host_system_information(RESULT _mit_version QUERY WINDOWS_REGISTRY "HKLM/SOFTWARE/MIT/Kerberos/SDK/CurrentVersion" VALUE "VersionString") @@ -285,7 +243,7 @@ if(GSS_FLAVOUR) else() set(GSS_VERSION "MIT Unknown") endif() - elseif(NOT GSS_VERSION AND GSS_FLAVOUR STREQUAL "GNU") + else() # GNU if(GSS_INCLUDE_DIRS AND EXISTS "${GSS_INCLUDE_DIRS}/gss.h") set(_version_regex "#[\t ]*define[\t ]+GSS_VERSION[\t ]+\"([^\"]*)\"") file(STRINGS "${GSS_INCLUDE_DIRS}/gss.h" _version_str REGEX "${_version_regex}") diff --git a/CMakeLists.txt b/CMakeLists.txt index 3b5ed10f80..f711dff04a 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1442,36 +1442,36 @@ if(CURL_USE_GSSAPI) if(GSS_FLAVOUR STREQUAL "GNU") set(HAVE_GSSGNU 1) - else() + else() # MIT cmake_push_check_state() list(APPEND CMAKE_REQUIRED_INCLUDES "${GSS_INCLUDE_DIRS}") set(_include_list "") + check_include_file("gssapi/gssapi.h" HAVE_GSSAPI_GSSAPI_H) if(HAVE_GSSAPI_GSSAPI_H) list(APPEND _include_list "gssapi/gssapi.h") endif() + check_include_files("${_include_list};gssapi/gssapi_generic.h" HAVE_GSSAPI_GSSAPI_GENERIC_H) - - if(GSS_FLAVOUR STREQUAL "MIT") - check_include_files("${_include_list};gssapi/gssapi_krb5.h" _have_gssapi_gssapi_krb5_h) - if(HAVE_GSSAPI_GSSAPI_GENERIC_H) - list(APPEND _include_list "gssapi/gssapi_generic.h") - endif() - if(_have_gssapi_gssapi_krb5_h) - list(APPEND _include_list "gssapi/gssapi_krb5.h") - endif() - - if(NOT DEFINED HAVE_GSS_C_NT_HOSTBASED_SERVICE) - string(APPEND CMAKE_REQUIRED_FLAGS " ${GSS_CFLAGS}") - list(APPEND CMAKE_REQUIRED_LIBRARIES "${GSS_LIBRARIES}") - curl_required_libpaths("${GSS_LIBRARY_DIRS}") - check_symbol_exists("GSS_C_NT_HOSTBASED_SERVICE" "${_include_list}" HAVE_GSS_C_NT_HOSTBASED_SERVICE) - endif() - if(NOT HAVE_GSS_C_NT_HOSTBASED_SERVICE) - set(HAVE_OLD_GSSMIT ON) - endif() + check_include_files("${_include_list};gssapi/gssapi_krb5.h" _have_gssapi_gssapi_krb5_h) + if(HAVE_GSSAPI_GSSAPI_GENERIC_H) + list(APPEND _include_list "gssapi/gssapi_generic.h") endif() + if(_have_gssapi_gssapi_krb5_h) + list(APPEND _include_list "gssapi/gssapi_krb5.h") + endif() + + if(NOT DEFINED HAVE_GSS_C_NT_HOSTBASED_SERVICE) + string(APPEND CMAKE_REQUIRED_FLAGS " ${GSS_CFLAGS}") + list(APPEND CMAKE_REQUIRED_LIBRARIES "${GSS_LIBRARIES}") + curl_required_libpaths("${GSS_LIBRARY_DIRS}") + check_symbol_exists("GSS_C_NT_HOSTBASED_SERVICE" "${_include_list}" HAVE_GSS_C_NT_HOSTBASED_SERVICE) + endif() + if(NOT HAVE_GSS_C_NT_HOSTBASED_SERVICE) + set(HAVE_OLD_GSSMIT ON) + endif() + unset(_include_list) cmake_pop_check_state() endif() diff --git a/RELEASE-NOTES b/RELEASE-NOTES index d80ceae5fc..47c7dd5255 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -102,7 +102,6 @@ This release includes the following bugfixes: o httpsrr: free old pointers when storing new [57] o INSTALL-CMAKE.md: document useful build targets [215] o INTERNALS: drop Winsock 2.2 from the dependency list [162] - o INTERNALS: specify minimum version for Heimdal: 7.1.0 [158] o ip-happy: do not set unnecessary timeout [95] o ip-happy: prevent event-based stall on retry [155] o krb5: return appropriate error on send failures [22] @@ -448,7 +447,6 @@ References to bug reports and discussions on issues: [155] = https://curl.se/bug/?i=18815 [156] = https://curl.se/bug/?i=18893 [157] = https://curl.se/bug/?i=18806 - [158] = https://curl.se/bug/?i=18809 [159] = https://curl.se/bug/?i=18924 [160] = https://curl.se/bug/?i=18810 [161] = https://curl.se/bug/?i=18749 diff --git a/configure.ac b/configure.ac index c90606f507..c76be65e96 100644 --- a/configure.ac +++ b/configure.ac @@ -1840,7 +1840,7 @@ if test x"$want_gss" = xyes; then gnu_gss=yes ], [ - dnl not found, check Heimdal or MIT + dnl not found, check for MIT AC_CHECK_HEADERS([gssapi/gssapi.h], [], [not_mit=1]) AC_CHECK_HEADERS( [gssapi/gssapi_generic.h gssapi/gssapi_krb5.h], @@ -1853,15 +1853,8 @@ if test x"$want_gss" = xyes; then #endif ]) if test "x$not_mit" = "x1"; then - dnl MIT not found, check for Heimdal - AC_CHECK_HEADER(gssapi.h, - [], - [ - dnl no header found, disabling GSS - want_gss=no - AC_MSG_WARN(disabling GSS-API support since no header files were found) - ] - ) + dnl MIT not found + AC_MSG_ERROR([MIT or GNU GSS library required, but not found]) else dnl MIT found dnl check if we have a really old MIT Kerberos version (<= 1.2) @@ -1894,7 +1887,7 @@ fi if test x"$want_gss" = xyes; then AC_DEFINE(HAVE_GSSAPI, 1, [if you have GSS-API libraries]) HAVE_GSSAPI=1 - curl_gss_msg="enabled (MIT Kerberos/Heimdal)" + curl_gss_msg="enabled (MIT Kerberos)" link_pkgconfig='' if test -n "$gnu_gss"; then @@ -1961,8 +1954,6 @@ if test x"$want_gss" = xyes; then if test -n "$link_pkgconfig"; then if test -n "$gnu_gss"; then LIBCURL_PC_REQUIRES_PRIVATE="$LIBCURL_PC_REQUIRES_PRIVATE gss" - elif test "x$not_mit" = "x1"; then - LIBCURL_PC_REQUIRES_PRIVATE="$LIBCURL_PC_REQUIRES_PRIVATE heimdal-gssapi" else LIBCURL_PC_REQUIRES_PRIVATE="$LIBCURL_PC_REQUIRES_PRIVATE mit-krb5-gssapi" fi diff --git a/docs/INSTALL-CMAKE.md b/docs/INSTALL-CMAKE.md index a0430bbfa4..46215747e7 100644 --- a/docs/INSTALL-CMAKE.md +++ b/docs/INSTALL-CMAKE.md @@ -474,7 +474,7 @@ the parent project, ideally in the "extra" find package redirect file: Available variables: - `HAVE_GNUTLS_SRP`: `gnutls_srp_verifier` present in GnuTLS. -- `HAVE_GSS_C_NT_HOSTBASED_SERVICE`: `GSS_C_NT_HOSTBASED_SERVICE` present in GSS/Heimdal/Kerberos. +- `HAVE_GSS_C_NT_HOSTBASED_SERVICE`: `GSS_C_NT_HOSTBASED_SERVICE` present in GSS/Kerberos. - `HAVE_LDAP_INIT_FD`: `ldap_init_fd` present in LDAP library. - `HAVE_LDAP_URL_PARSE`: `ldap_url_parse` present in LDAP library. - `HAVE_OPENSSL_SRP`: `SSL_CTX_set_srp_username` present in OpenSSL (or fork). diff --git a/docs/INTERNALS.md b/docs/INTERNALS.md index 84b939f4dc..3ad1b3e8c2 100644 --- a/docs/INTERNALS.md +++ b/docs/INTERNALS.md @@ -36,7 +36,6 @@ versions of libs and build tools. - wolfSSL 3.4.6 - OpenLDAP 2.0 - MIT Kerberos 1.2.4 - - Heimdal 7.1.0 - nghttp2 1.15.0 ## Build tools diff --git a/docs/KNOWN_BUGS b/docs/KNOWN_BUGS index 5b7df42bda..c9beb28361 100644 --- a/docs/KNOWN_BUGS +++ b/docs/KNOWN_BUGS @@ -38,7 +38,6 @@ problems may have been fixed or changed somewhat since this was written. 5.2 curl-config --libs contains private details 5.3 LDFLAGS passed too late making libs linked incorrectly 5.6 Cygwin: make install installs curl-config.1 twice - 5.11 configure --with-gssapi with Heimdal is ignored on macOS 5.12 flaky CI builds 5.13 long paths are not fully supported on Windows 5.15 Unicode on Windows @@ -49,7 +48,6 @@ problems may have been fixed or changed somewhat since this was written. 6.5 NTLM does not support password with Unicode 'SECTION SIGN' character 6.6 libcurl can fail to try alternatives with --proxy-any 6.7 Do not clear digest for single realm - 6.8 Heimdal memory leaks 6.9 SHA-256 digest not supported in Windows SSPI builds 6.10 curl never completes Negotiate over HTTP 6.11 Negotiate on Windows fails @@ -238,12 +236,6 @@ problems may have been fixed or changed somewhat since this was written. https://github.com/curl/curl/issues/8839 -5.11 configure --with-gssapi with Heimdal is ignored on macOS - - ... unless you also pass --with-gssapi-libs - - https://github.com/curl/curl/issues/3841 - 5.12 flaky CI builds We run many CI builds for each commit and PR on github, and especially a @@ -342,13 +334,6 @@ problems may have been fixed or changed somewhat since this was written. https://github.com/curl/curl/issues/3267 -6.8 Heimdal memory leaks - - Running test 2077 and 2078 with curl built to do GSS with Heimdal causes - valgrind errors (memory leak). - - https://github.com/curl/curl/issues/14446 - 6.9 SHA-256 digest not supported in Windows SSPI builds Windows builds of curl that have SSPI enabled use the native Windows API calls diff --git a/docs/TODO b/docs/TODO index 4db3f5f4ed..65d735d1be 100644 --- a/docs/TODO +++ b/docs/TODO @@ -496,8 +496,8 @@ 4.6 GSSAPI via Windows SSPI In addition to currently supporting the SASL GSSAPI mechanism (Kerberos V5) - via third-party GSS-API libraries, such as Heimdal or MIT Kerberos, also add - support for GSSAPI authentication via Windows SSPI. + via third-party GSS-API libraries, such as MIT Kerberos, also add support + for GSSAPI authentication via Windows SSPI. 4.7 STAT for LIST without data connection From cc7b12347b06378cf5558636e15d3c19a48d836a Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Wed, 8 Oct 2025 13:30:12 +0200 Subject: [PATCH 0366/2408] quiche: handle tls fail correctly quiche receive may report a TLS failure after a verified handshake. That needs to lead to a transfer receive error. Reported-by: Joshua Rogers Closes #18934 --- lib/vquic/curl_quiche.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c index f5fd20fccb..1ae159bd4c 100644 --- a/lib/vquic/curl_quiche.c +++ b/lib/vquic/curl_quiche.c @@ -666,9 +666,11 @@ static CURLcode recv_pkt(const unsigned char *pkt, size_t pktlen, X509_verify_cert_error_string(verify_ok)); return CURLE_PEER_FAILED_VERIFICATION; } + failf(r->data, "ingress, quiche reports TLS fail"); + return CURLE_RECV_ERROR; } else { - failf(r->data, "quiche_conn_recv() == %zd", nread); + failf(r->data, "quiche reports error %zd on receive", nread); return CURLE_RECV_ERROR; } } From 0b4a7045000e00cc7c8f657861bf0e717bb08ce0 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Wed, 8 Oct 2025 13:44:32 +0200 Subject: [PATCH 0367/2408] vquic: sending non-gso packets fix for EAGAIN The function returned OK on EAGAIN and not the correct code. Reported-by: Joshua Rogers Closes #18936 --- lib/vquic/vquic.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/vquic/vquic.c b/lib/vquic/vquic.c index f722c7e127..30917b835a 100644 --- a/lib/vquic/vquic.c +++ b/lib/vquic/vquic.c @@ -254,7 +254,7 @@ out: CURL_TRC_CF(data, cf, "vquic_%s(len=%zu, gso=%zu, calls=%zu)" " -> %d, sent=%zu", VQUIC_SEND_METHOD, pktlen, gsolen, calls, result, *psent); - return CURLE_OK; + return result; } static CURLcode vquic_send_packets(struct Curl_cfilter *cf, From c0a279a8e91a279f6942775073d21d0e93041af6 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Wed, 8 Oct 2025 14:06:55 +0200 Subject: [PATCH 0368/2408] socks: deny server basic-auth if not configured When the server proposes BASIC authentication and curl does not have that configured, fail right away. Reported-by: Joshua Rogers Closes #18937 --- lib/socks.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/lib/socks.c b/lib/socks.c index e7e545442a..a0e1e6c042 100644 --- a/lib/socks.c +++ b/lib/socks.c @@ -681,8 +681,12 @@ static CURLproxycode socks5_check_resp0(struct socks_state *sx, return CURLPX_GSSAPI_PERMSG; case 2: /* regular name + password authentication */ - sxstate(sx, cf, data, SOCKS5_ST_AUTH_INIT); - return CURLPX_OK; + if(data->set.socks5auth & CURLAUTH_BASIC) { + sxstate(sx, cf, data, SOCKS5_ST_AUTH_INIT); + return CURLPX_OK; + } + failf(data, "BASIC authentication proposed but not enabled."); + return CURLPX_NO_AUTH; case 255: failf(data, "No authentication method was acceptable."); return CURLPX_NO_AUTH; From 391e3fbeeccb7311562f60fbd9db964bc5bf3ec7 Mon Sep 17 00:00:00 2001 From: Joshua Rogers Date: Thu, 9 Oct 2025 06:03:08 +0800 Subject: [PATCH 0369/2408] libssh/sftp: fix resume corruption by avoiding O_APPEND with rresume Opening the remote file with O_APPEND while attempting to resume causes all writes to be forced to EOF on servers/implementations where O_APPEND semantics override a prior seek(). As a result, sftp_seek64() is ignored and the resumed data is appended, duplicating/corrupting the file. Fix by: - Using O_WRONLY (without O_APPEND) when resume_from > 0. - Skipping the seek entirely if remote_append mode is requested. Closes #18952 --- lib/vssh/libssh.c | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c index 78d7986a9e..579eaeaa0d 100644 --- a/lib/vssh/libssh.c +++ b/lib/vssh/libssh.c @@ -1154,12 +1154,18 @@ static int myssh_in_UPLOAD_INIT(struct Curl_easy *data, } } - if(data->set.remote_append) - /* Try to open for append, but create if nonexisting */ - flags = O_WRONLY|O_CREAT|O_APPEND; - else if(data->state.resume_from > 0) - /* If we have restart position then open for append */ - flags = O_WRONLY|O_APPEND; + if(data->set.remote_append) { + /* True append mode: create if nonexisting */ + flags = O_WRONLY | O_CREAT | O_APPEND; + } + else if(data->state.resume_from > 0) { + /* + * Resume MUST NOT use O_APPEND. Many SFTP servers/impls force all + * writes to EOF when O_APPEND is set, ignoring a prior seek(). + * Open write-only and seek to the resume offset instead. + */ + flags = O_WRONLY; + } else /* Clear file before writing (normal behavior) */ flags = O_WRONLY|O_CREAT|O_TRUNC; @@ -1189,8 +1195,8 @@ static int myssh_in_UPLOAD_INIT(struct Curl_easy *data, } /* If we have a restart point then we need to seek to the correct - position. */ - if(data->state.resume_from > 0) { + position. Skip if in explicit remote append mode. */ + if(data->state.resume_from > 0 && !data->set.remote_append) { int seekerr = CURL_SEEKFUNC_OK; /* Let's read off the proper amount of bytes from the input. */ if(data->set.seek_func) { From dae19dd94a77dfc4568989cd84159b9502484b8b Mon Sep 17 00:00:00 2001 From: Joshua Rogers Date: Thu, 9 Oct 2025 06:06:40 +0800 Subject: [PATCH 0370/2408] libssh2/sftp: fix resume corruption by avoiding O_APPEND with rresume Opening the remote file with O_APPEND while attempting to resume causes all writes to be forced to EOF on servers/implementations where O_APPEND semantics override a prior seek(). As a result, sftp_seek64() is ignored and the resumed data is appended, duplicating/corrupting the file. Fix by: - Using O_WRONLY (without O_APPEND) when resume_from > 0. - Skipping the seek entirely if remote_append mode is requested. Closes #18952 --- lib/vssh/libssh2.c | 26 ++++++++++++++++---------- 1 file changed, 16 insertions(+), 10 deletions(-) diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c index c73ecec949..65ccd29923 100644 --- a/lib/vssh/libssh2.c +++ b/lib/vssh/libssh2.c @@ -1027,15 +1027,21 @@ sftp_upload_init(struct Curl_easy *data, } } - if(data->set.remote_append) - /* Try to open for append, but create if nonexisting */ - flags = LIBSSH2_FXF_WRITE|LIBSSH2_FXF_CREAT|LIBSSH2_FXF_APPEND; - else if(data->state.resume_from > 0) - /* If we have restart position then open for append */ - flags = LIBSSH2_FXF_WRITE|LIBSSH2_FXF_APPEND; - else + if(data->set.remote_append) { + /* True append mode: create if nonexisting */ + flags = LIBSSH2_FXF_WRITE | LIBSSH2_FXF_CREAT | LIBSSH2_FXF_APPEND; + } + else if(data->state.resume_from > 0) { + /* + * Resume MUST NOT use APPEND; some servers force writes to EOF when + * APPEND is set, ignoring a prior seek(). + */ + flags = LIBSSH2_FXF_WRITE; + } + else { /* Clear file before writing (normal behavior) */ - flags = LIBSSH2_FXF_WRITE|LIBSSH2_FXF_CREAT|LIBSSH2_FXF_TRUNC; + flags = LIBSSH2_FXF_WRITE | LIBSSH2_FXF_CREAT | LIBSSH2_FXF_TRUNC; + } sshc->sftp_handle = libssh2_sftp_open_ex(sshc->sftp_session, sshp->path, @@ -1093,8 +1099,8 @@ sftp_upload_init(struct Curl_easy *data, } /* If we have a restart point then we need to seek to the correct - position. */ - if(data->state.resume_from > 0) { + Skip if in explicit remote append mode. */ + if(data->state.resume_from > 0 && !data->set.remote_append) { int seekerr = CURL_SEEKFUNC_OK; /* Let's read off the proper amount of bytes from the input. */ if(data->set.seek_func) { From 93e91e965e80b94b559293b93d4fb3360b8281a3 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Wed, 8 Oct 2025 12:22:22 +0200 Subject: [PATCH 0371/2408] http2: check push header names by length first Reported-by: Joshua Rogers Closes #18930 --- lib/http2.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/http2.c b/lib/http2.c index c33c633cf6..ff53fc4b94 100644 --- a/lib/http2.c +++ b/lib/http2.c @@ -1590,7 +1590,8 @@ static int on_header(nghttp2_session *session, const nghttp2_frame *frame, if(frame->hd.type == NGHTTP2_PUSH_PROMISE) { char *h; - if(!strcmp(HTTP_PSEUDO_AUTHORITY, (const char *)name)) { + if((namelen == (sizeof(HTTP_PSEUDO_AUTHORITY)-1)) && + !strncmp(HTTP_PSEUDO_AUTHORITY, (const char *)name, namelen)) { /* pseudo headers are lower case */ int rc = 0; char *check = curl_maprintf("%s:%d", cf->conn->host.name, From 44a79d4f7afe52ca613516cf9dd5d83ac7d5c2c0 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Wed, 8 Oct 2025 12:28:14 +0200 Subject: [PATCH 0372/2408] http2: cleanup pushed newhandle on fail When nghttp2_session_set_stream_user_data() fails, clean up the new handle. Reported-by: Joshua Rogers Closes #18931 --- lib/http2.c | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/http2.c b/lib/http2.c index ff53fc4b94..43f4e9106c 100644 --- a/lib/http2.c +++ b/lib/http2.c @@ -1030,6 +1030,7 @@ static int push_promise(struct Curl_cfilter *cf, infof(data, "failed to set user_data for stream %u", newstream->id); DEBUGASSERT(0); + discard_newhandle(cf, newhandle); rv = CURL_PUSH_DENY; goto fail; } From f609b5738931d4fa9ef75e9f48a9d3a21dea1ffb Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Wed, 8 Oct 2025 13:06:48 +0200 Subject: [PATCH 0373/2408] http2: ingress handling edge cases Fix some edge cases around the `data_max_bytes` handling when processing ingress. Reported-by: Joshua Rogers Closes #18933 --- lib/http2.c | 29 ++++++++++++++++++----------- 1 file changed, 18 insertions(+), 11 deletions(-) diff --git a/lib/http2.c b/lib/http2.c index 43f4e9106c..4e2d59ff51 100644 --- a/lib/http2.c +++ b/lib/http2.c @@ -623,9 +623,8 @@ static int should_close_session(struct cf_h2_ctx *ctx) * This function returns 0 if it succeeds, or -1 and error code will * be assigned to *err. */ -static int h2_process_pending_input(struct Curl_cfilter *cf, - struct Curl_easy *data, - CURLcode *err) +static CURLcode h2_process_pending_input(struct Curl_cfilter *cf, + struct Curl_easy *data) { struct cf_h2_ctx *ctx = cf->ctx; const unsigned char *buf; @@ -633,12 +632,10 @@ static int h2_process_pending_input(struct Curl_cfilter *cf, ssize_t rv; while(Curl_bufq_peek(&ctx->inbufq, &buf, &blen)) { - rv = nghttp2_session_mem_recv(ctx->h2, (const uint8_t *)buf, blen); if(rv < 0) { failf(data, "nghttp2 recv error %zd: %s", rv, nghttp2_strerror((int)rv)); - *err = CURLE_HTTP2; - return -1; + return CURLE_HTTP2; } Curl_bufq_skip(&ctx->inbufq, (size_t)rv); if(Curl_bufq_is_empty(&ctx->inbufq)) { @@ -658,7 +655,7 @@ static int h2_process_pending_input(struct Curl_cfilter *cf, connclose(cf->conn, "http/2: No new requests allowed"); } - return 0; + return CURLE_OK; } /* @@ -690,7 +687,8 @@ static bool http2_connisalive(struct Curl_cfilter *cf, struct Curl_easy *data, if(!result) { CURL_TRC_CF(data, cf, "%zu bytes stray data read before trying " "h2 connection", nread); - if(h2_process_pending_input(cf, data, &result) < 0) + result = h2_process_pending_input(cf, data); + if(result) /* immediate error, considered dead */ alive = FALSE; else { @@ -2045,10 +2043,14 @@ static CURLcode h2_progress_ingress(struct Curl_cfilter *cf, if(!Curl_bufq_is_empty(&ctx->inbufq)) { CURL_TRC_CF(data, cf, "Process %zu bytes in connection buffer", Curl_bufq_len(&ctx->inbufq)); - if(h2_process_pending_input(cf, data, &result) < 0) + result = h2_process_pending_input(cf, data); + if(result) return result; } + if(!data_max_bytes) + data_max_bytes = H2_CHUNK_SIZE; + /* Receive data from the "lower" filters, e.g. network until * it is time to stop due to connection close or us not processing * all network input */ @@ -2063,6 +2065,10 @@ static CURLcode h2_progress_ingress(struct Curl_cfilter *cf, Curl_multi_mark_dirty(data); break; } + else if(!stream) { + DEBUGASSERT(0); + break; + } result = Curl_cf_recv_bufq(cf->next, data, &ctx->inbufq, 0, &nread); if(result) { @@ -2083,7 +2089,8 @@ static CURLcode h2_progress_ingress(struct Curl_cfilter *cf, data_max_bytes = (data_max_bytes > nread) ? (data_max_bytes - nread) : 0; } - if(h2_process_pending_input(cf, data, &result)) + result = h2_process_pending_input(cf, data); + if(result) return result; CURL_TRC_CF(data, cf, "[0] progress ingress: inbufg=%zu", Curl_bufq_len(&ctx->inbufq)); @@ -2546,7 +2553,7 @@ static CURLcode cf_h2_connect(struct Curl_cfilter *cf, } if(!first_time) { - result = h2_progress_ingress(cf, data, H2_CHUNK_SIZE); + result = h2_progress_ingress(cf, data, 0); if(result) goto out; } From 1ce6dff01a7d38618273e6fe20b73c4bc661e6ed Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 7 Oct 2025 07:49:00 +0200 Subject: [PATCH 0374/2408] openssl: fix peer certificate leak in channel binding Reported-by: Stanislav Fort Bug: https://hackerone.com/reports/3373640 Closes #18917 --- lib/vtls/openssl.c | 28 +++++++++++++++++----------- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index fb5cc18362..bd0e315fd8 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -5628,6 +5628,7 @@ static CURLcode ossl_get_channel_binding(struct Curl_easy *data, int sockindex, struct connectdata *conn = data->conn; struct Curl_cfilter *cf = conn->cfilter[sockindex]; struct ossl_ctx *octx = NULL; + CURLcode result = CURLE_OK; do { const struct Curl_cftype *cft = cf->cft; @@ -5649,15 +5650,15 @@ static CURLcode ossl_get_channel_binding(struct Curl_easy *data, int sockindex, } cert = SSL_get1_peer_certificate(octx->ssl); - if(!cert) { + if(!cert) /* No server certificate, don't do channel binding */ return CURLE_OK; - } if(!OBJ_find_sigid_algs(X509_get_signature_nid(cert), &algo_nid, NULL)) { failf(data, "Unable to find digest NID for certificate signature algorithm"); - return CURLE_SSL_INVALIDCERTSTATUS; + result = CURLE_SSL_INVALIDCERTSTATUS; + goto error; } /* https://datatracker.ietf.org/doc/html/rfc5929#section-4.1 */ @@ -5670,23 +5671,28 @@ static CURLcode ossl_get_channel_binding(struct Curl_easy *data, int sockindex, algo_name = OBJ_nid2sn(algo_nid); failf(data, "Could not find digest algorithm %s (NID %d)", algo_name ? algo_name : "(null)", algo_nid); - return CURLE_SSL_INVALIDCERTSTATUS; + result = CURLE_SSL_INVALIDCERTSTATUS; + goto error; } } if(!X509_digest(cert, algo_type, buf, &length)) { failf(data, "X509_digest() failed"); - return CURLE_SSL_INVALIDCERTSTATUS; + result = CURLE_SSL_INVALIDCERTSTATUS; + goto error; } /* Append "tls-server-end-point:" */ - if(curlx_dyn_addn(binding, prefix, sizeof(prefix) - 1) != CURLE_OK) - return CURLE_OUT_OF_MEMORY; - /* Append digest */ - if(curlx_dyn_addn(binding, buf, length)) - return CURLE_OUT_OF_MEMORY; + result = curlx_dyn_addn(binding, prefix, sizeof(prefix) - 1); + if(result) + goto error; - return CURLE_OK; + /* Append digest */ + result = curlx_dyn_addn(binding, buf, length); + +error: + X509_free(cert); + return result; #else /* No X509_get_signature_nid support */ (void)data; From 5d32c4fc7b559528a562a390c230f627fec94376 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 7 Oct 2025 09:22:05 +0200 Subject: [PATCH 0375/2408] test1582: verify the TLS channel binding cert memory leak fix --- tests/data/Makefile.am | 2 +- tests/data/test1582 | 54 ++++++++++++++++++++++++++++++++++ tests/libtest/Makefile.inc | 1 + tests/libtest/lib1582.c | 60 ++++++++++++++++++++++++++++++++++++++ 4 files changed, 116 insertions(+), 1 deletion(-) create mode 100644 tests/data/test1582 create mode 100644 tests/libtest/lib1582.c diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am index 11d9fb7cff..ce97740b9a 100644 --- a/tests/data/Makefile.am +++ b/tests/data/Makefile.am @@ -209,7 +209,7 @@ test1548 test1549 test1550 test1551 test1552 test1553 test1554 test1555 \ test1556 test1557 test1558 test1559 test1560 test1561 test1562 test1563 \ test1564 test1565 test1566 test1567 test1568 test1569 test1570 test1571 \ test1572 test1573 test1574 test1575 test1576 test1577 test1578 test1579 \ -test1580 test1581 \ +test1580 test1581 test1582 \ \ test1590 test1591 test1592 test1593 test1594 test1595 test1596 test1597 \ test1598 test1599 test1600 test1601 test1602 test1603 test1604 test1605 \ diff --git a/tests/data/test1582 b/tests/data/test1582 new file mode 100644 index 0000000000..146863fd69 --- /dev/null +++ b/tests/data/test1582 @@ -0,0 +1,54 @@ + + + +HTTPS +GSS-API + + + +# Server-side + + +HTTP/1.1 401 OK +Date: Tue, 09 Nov 2030 14:49:00 GMT +Server: test-server/fake +Content-Length: 7 +WWW-Authenticate: Negotiate + +nomnom + + + +# Client-side + + +SSL +GSS-API +OpenSSL + + +http +https + + +Negotiate over HTTPS with channel binding + + +lib%TESTNUMBER + + +https://%HOSTIP:%HTTPSPORT/ + + + + + +GET / HTTP/1.1 +Host: %HOSTIP:%HTTPSPORT +Accept: */* + + + + + + diff --git a/tests/libtest/Makefile.inc b/tests/libtest/Makefile.inc index cac833f26f..67ffabad0b 100644 --- a/tests/libtest/Makefile.inc +++ b/tests/libtest/Makefile.inc @@ -91,6 +91,7 @@ TESTS_C = \ lib1559.c lib1560.c lib1564.c lib1565.c \ lib1567.c lib1568.c lib1569.c lib1571.c \ lib1576.c \ + lib1582.c \ lib1591.c lib1592.c lib1593.c lib1594.c lib1597.c \ lib1598.c lib1599.c \ lib1662.c \ diff --git a/tests/libtest/lib1582.c b/tests/libtest/lib1582.c new file mode 100644 index 0000000000..0e209beee4 --- /dev/null +++ b/tests/libtest/lib1582.c @@ -0,0 +1,60 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + * SPDX-License-Identifier: curl + * + ***************************************************************************/ +#include "first.h" + +#include "memdebug.h" + +static CURLcode test_lib1582(const char *URL) +{ + CURLcode res; + CURL *curl; + + if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) { + curl_mfprintf(stderr, "curl_global_init() failed\n"); + return TEST_ERR_MAJOR_BAD; + } + + curl = curl_easy_init(); + if(!curl) { + curl_mfprintf(stderr, "curl_easy_init() failed\n"); + curl_global_cleanup(); + return TEST_ERR_MAJOR_BAD; + } + + test_setopt(curl, CURLOPT_HEADER, 1L); + test_setopt(curl, CURLOPT_VERBOSE, 1L); + test_setopt(curl, CURLOPT_URL, URL); + test_setopt(curl, CURLOPT_HTTPAUTH, (long)CURLAUTH_NEGOTIATE); + test_setopt(curl, CURLOPT_USERPWD, ":"); + test_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); + test_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L); + + res = curl_easy_perform(curl); + +test_cleanup: + curl_easy_cleanup(curl); + curl_global_cleanup(); + + return res; +} From 29d0a308b4537b315849a70b0010f4b0aea6dccb Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 9 Oct 2025 09:50:20 +0200 Subject: [PATCH 0376/2408] setopt: allow CURLOPT_DNS_CACHE_TIMEOUT set to -1 It is documented as valid. Regression from commit b059f7deaf3 shipped in 8.16.0 Reported-by: Andrei Kurushin Fixes #18959 Closes #18960 --- lib/setopt.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/lib/setopt.c b/lib/setopt.c index 5558bded0a..7097c7f7b0 100644 --- a/lib/setopt.c +++ b/lib/setopt.c @@ -879,7 +879,10 @@ static CURLcode setopt_long(struct Curl_easy *data, CURLoption option, switch(option) { case CURLOPT_DNS_CACHE_TIMEOUT: - return setopt_set_timeout_sec(&s->dns_cache_timeout_ms, arg); + if(arg != -1) + return setopt_set_timeout_sec(&s->dns_cache_timeout_ms, arg); + s->dns_cache_timeout_ms = -1; + break; case CURLOPT_CA_CACHE_TIMEOUT: if(Curl_ssl_supports(data, SSLSUPP_CA_CACHE)) { From 7ab9018ea70b1ced6737a755ac96b9a00eef4073 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 9 Oct 2025 10:15:41 +0200 Subject: [PATCH 0377/2408] mk-lib1521: verify the setopt options that accept -1 --- tests/libtest/mk-lib1521.pl | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/tests/libtest/mk-lib1521.pl b/tests/libtest/mk-lib1521.pl index e0a7d157d8..95a600c3d0 100755 --- a/tests/libtest/mk-lib1521.pl +++ b/tests/libtest/mk-lib1521.pl @@ -255,6 +255,12 @@ $allowednumerrors name, code, curl_easy_strerror(code), lineno); } +static void errneg(const char *name, CURLcode code, int lineno) +{ + curl_mprintf("%s set to -1 returned %d, \\"%s\\" on line %d\\n", + name, code, curl_easy_strerror(code), lineno); +} + static void errstring(const char *name, CURLcode code, int lineno) { /* allow this set of options to return CURLE_BAD_FUNCTION_ARGUMENT @@ -322,6 +328,23 @@ static bool bad_long(CURLcode res, int check) return 0; } +/* long options that should handle -1 */ +static bool bad_neg(int check) +{ + switch(check) { + case CURLOPT_DNS_CACHE_TIMEOUT: + case CURLOPT_INFILESIZE: + case CURLOPT_INFILESIZE_LARGE: + case CURLOPT_MAXREDIRS: + case CURLOPT_POSTFIELDSIZE: + case CURLOPT_POSTFIELDSIZE_LARGE: + case CURLOPT_RESUME_FROM: + case CURLOPT_RESUME_FROM_LARGE: + return TRUE; + } + return FALSE; +} + /* macro to check the first setopt of an option which then is allowed to get a non-existing function return code back */ #define present(x) ((x != CURLE_NOT_BUILT_IN) && (x != CURLE_UNKNOWN_OPTION)) @@ -456,6 +479,12 @@ MOO MOO ; + my $negcheck = < Date: Thu, 9 Oct 2025 09:07:27 +0200 Subject: [PATCH 0378/2408] hostip: don't store negative resolves due unrelated errors Like for: - OOM - resolver_start() returns error - DoH has problems Fixes #18953 Fixes #18954 Reported-by: Joshua Rogers Closes #18958 --- lib/hostip.c | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/lib/hostip.c b/lib/hostip.c index ceea189732..a6531c3171 100644 --- a/lib/hostip.c +++ b/lib/hostip.c @@ -846,6 +846,7 @@ CURLcode Curl_resolv(struct Curl_easy *data, int respwait = 0; bool is_ipaddr; size_t hostname_len; + bool keep_negative = TRUE; /* cache a negative result */ #ifndef CURL_DISABLE_DOH data->conn->bits.doh = FALSE; /* default is not */ @@ -887,8 +888,10 @@ CURLcode Curl_resolv(struct Curl_easy *data, st = data->set.resolver_start(resolver, NULL, data->set.resolver_start_client); Curl_set_in_callback(data, FALSE); - if(st) + if(st) { + keep_negative = FALSE; goto error; + } } /* shortcut literal IP addresses, if we are not told to resolve them. */ @@ -947,10 +950,11 @@ out: else if(addr) { /* we got a response, create a dns entry, add to cache, return */ dns = Curl_dnscache_mk_entry(data, addr, hostname, 0, port, FALSE); - if(!dns) - goto error; - if(Curl_dnscache_add(data, dns)) + if(!dns || Curl_dnscache_add(data, dns)) { + /* this is OOM or similar, don't store such negative resolves */ + keep_negative = FALSE; goto error; + } show_resolve_info(data, dns); *entry = dns; return CURLE_OK; @@ -966,7 +970,8 @@ error: Curl_resolv_unlink(data, &dns); *entry = NULL; Curl_async_shutdown(data); - store_negative_resolve(data, hostname, port); + if(keep_negative) + store_negative_resolve(data, hostname, port); return CURLE_COULDNT_RESOLVE_HOST; } @@ -1550,7 +1555,8 @@ CURLcode Curl_resolv_check(struct Curl_easy *data, result = Curl_async_is_resolved(data, dns); if(*dns) show_resolve_info(data, *dns); - if(result) + if((result == CURLE_COULDNT_RESOLVE_HOST) || + (result == CURLE_COULDNT_RESOLVE_PROXY)) store_negative_resolve(data, data->state.async.hostname, data->state.async.port); return result; From 56c892af1f46c7b1c803304ee62e524340007ab2 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 9 Oct 2025 12:36:43 +0200 Subject: [PATCH 0379/2408] examples/sessioninfo: do not disable security Also make it return the curl result code. Follow-up to df70a68984308952dcacf33d11593cb22ad80464 #18909 Closes #18969 --- docs/examples/sessioninfo.c | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/docs/examples/sessioninfo.c b/docs/examples/sessioninfo.c index ed5f0e9e29..bbdcfe8d23 100644 --- a/docs/examples/sessioninfo.c +++ b/docs/examples/sessioninfo.c @@ -96,25 +96,22 @@ static size_t wrfu(void *ptr, size_t size, size_t nmemb, void *stream) int main(void) { + CURLcode res = CURLE_OK; + curl_global_init(CURL_GLOBAL_DEFAULT); curl = curl_easy_init(); if(curl) { curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.com/"); - curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, wrfu); - - curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); - curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L); - curl_easy_setopt(curl, CURLOPT_VERBOSE, 0L); - (void)curl_easy_perform(curl); + res = curl_easy_perform(curl); curl_easy_cleanup(curl); } curl_global_cleanup(); - return 0; + return (int)res; } From e78185625f149d89c56ef32af580f1d122c2f42b Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 9 Oct 2025 12:51:08 +0200 Subject: [PATCH 0380/2408] examples: allow `vsnprintf` again Ref: https://github.com/curl/curl/pull/18668#issuecomment-3383422410 Follow-up to b12da22db1f11da51082977dc21a7edee7858911 #18866 Closes #18970 --- docs/examples/.checksrc | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/examples/.checksrc b/docs/examples/.checksrc index 59899762bf..c81d159768 100644 --- a/docs/examples/.checksrc +++ b/docs/examples/.checksrc @@ -10,6 +10,7 @@ allowfunc snprintf allowfunc socket allowfunc sscanf allowfunc strerror +allowfunc vsnprintf banfunc curl_maprintf banfunc curl_mfprintf banfunc curl_mprintf From 92ee9173685907ddf53eb57b61b5c4845ae00459 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 9 Oct 2025 12:54:17 +0200 Subject: [PATCH 0381/2408] examples: update `.gitignore` Follow-up to f6f62933e917b8b5c9a9394907ce4b69600214b4 #18264 Closes #18971 --- docs/examples/.gitignore | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/examples/.gitignore b/docs/examples/.gitignore index 4b78bd78dd..6d14f24cd1 100644 --- a/docs/examples/.gitignore +++ b/docs/examples/.gitignore @@ -35,7 +35,6 @@ getreferrer ghiper headerapi hiperfifo -href_extractor hsts-preload htmltidy http-options From 801ebf1e1a1415a869b00107a464a4492a98eb77 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 9 Oct 2025 13:48:06 +0200 Subject: [PATCH 0382/2408] GHA: rename config files to match pyspelling To make it more obvious what needs to be looked at when pyspelling is reporting an issue. Follow-up to 95e50ad69473d8229b85478a3f2138b7e632fbe8 #18756 Closes #18974 --- .github/scripts/codespell.sh | 2 +- .github/scripts/{spellcheck.words => pyspelling.words} | 0 .github/scripts/{spellcheck.yaml => pyspelling.yaml} | 0 .github/scripts/spacecheck.pl | 2 +- .github/scripts/typos.toml | 2 +- .github/workflows/checkdocs.yml | 4 ++-- 6 files changed, 5 insertions(+), 5 deletions(-) rename .github/scripts/{spellcheck.words => pyspelling.words} (100%) rename .github/scripts/{spellcheck.yaml => pyspelling.yaml} (100%) diff --git a/.github/scripts/codespell.sh b/.github/scripts/codespell.sh index 6825b38c7e..bbbbef5719 100755 --- a/.github/scripts/codespell.sh +++ b/.github/scripts/codespell.sh @@ -9,7 +9,7 @@ cd "$(dirname "${0}")"/../.. # shellcheck disable=SC2046 codespell \ - --skip '.github/scripts/spellcheck.words' \ + --skip '.github/scripts/pyspelling.words' \ --skip '.github/scripts/typos.toml' \ --skip 'docs/THANKS' \ --skip 'packages/*' \ diff --git a/.github/scripts/spellcheck.words b/.github/scripts/pyspelling.words similarity index 100% rename from .github/scripts/spellcheck.words rename to .github/scripts/pyspelling.words diff --git a/.github/scripts/spellcheck.yaml b/.github/scripts/pyspelling.yaml similarity index 100% rename from .github/scripts/spellcheck.yaml rename to .github/scripts/pyspelling.yaml diff --git a/.github/scripts/spacecheck.pl b/.github/scripts/spacecheck.pl index 7caf526327..fbd064db3b 100755 --- a/.github/scripts/spacecheck.pl +++ b/.github/scripts/spacecheck.pl @@ -53,7 +53,7 @@ my @non_ascii_allowed = ( my $non_ascii_allowed = join(', ', @non_ascii_allowed); my @non_ascii = ( - ".github/scripts/spellcheck.words", + ".github/scripts/pyspelling.words", ".mailmap", "RELEASE-NOTES", "docs/BINDINGS.md", diff --git a/.github/scripts/typos.toml b/.github/scripts/typos.toml index 2be01d59f6..28dcad73be 100644 --- a/.github/scripts/typos.toml +++ b/.github/scripts/typos.toml @@ -22,7 +22,7 @@ extend-ignore-re = [ [files] extend-exclude = [ ".github/scripts/codespell-ignore.words", - ".github/scripts/spellcheck.words", + ".github/scripts/pyspelling.words", "docs/THANKS", "packages/*", "projects/Windows/tmpl/curl.vcxproj", diff --git a/.github/workflows/checkdocs.yml b/.github/workflows/checkdocs.yml index ad0c41e37a..91ed7452d1 100644 --- a/.github/workflows/checkdocs.yml +++ b/.github/workflows/checkdocs.yml @@ -126,10 +126,10 @@ jobs: run: | source ~/venv/bin/activate # setup the custom wordlist - grep -v '^#' .github/scripts/spellcheck.words > wordlist.txt + grep -v '^#' .github/scripts/pyspelling.words > wordlist.txt aspell --version pyspelling --version - pyspelling --verbose --jobs 5 --config .github/scripts/spellcheck.yaml + pyspelling --verbose --jobs 5 --config .github/scripts/pyspelling.yaml badwords-synopsis: name: 'badwords, synopsis' From 83bed97ad85d2fb7a0be8079318e2ce003bb34a0 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Thu, 9 Oct 2025 09:55:38 +0200 Subject: [PATCH 0383/2408] rustls: pass the correct result to rustls_failf Reported-by: Joshua Rogers Closes #18961 --- lib/vtls/rustls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c index a3ab49a101..ff2dea82b6 100644 --- a/lib/vtls/rustls.c +++ b/lib/vtls/rustls.c @@ -1103,7 +1103,7 @@ cr_init_backend(struct Curl_cfilter *cf, struct Curl_easy *data, connssl->peer.hostname, &rconn); if(rr != RUSTLS_RESULT_OK) { - rustls_failf(data, result, "rustls_client_connection_new"); + rustls_failf(data, rr, "rustls_client_connection_new"); return CURLE_COULDNT_CONNECT; } DEBUGASSERT(rconn); From 9e2c582d6c4d676d34c56406301886784021e263 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Thu, 9 Oct 2025 11:42:43 +0200 Subject: [PATCH 0384/2408] memdup0: handle edge case When length is already SIZE_MAX, fail without allocating. Reported-by: Joshua Rogers Closes #18966 --- lib/strdup.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/strdup.c b/lib/strdup.c index 66fd7c60eb..3339e909ee 100644 --- a/lib/strdup.c +++ b/lib/strdup.c @@ -111,7 +111,7 @@ void *Curl_memdup(const void *src, size_t length) ***************************************************************************/ void *Curl_memdup0(const char *src, size_t length) { - char *buf = malloc(length + 1); + char *buf = (length < SIZE_MAX) ? malloc(length + 1) : NULL; if(!buf) return NULL; if(length) { From d1d5855689a29ee0ebc3ee5abd34959cfc8530d4 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Thu, 9 Oct 2025 10:26:30 +0200 Subject: [PATCH 0385/2408] openssl: add comments regarding OCSP verification To allow future reviewers of "security" reports to more easily find out why code is this way. Closes #18962 --- lib/vtls/openssl.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index bd0e315fd8..533acdaf8d 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -2589,6 +2589,9 @@ static CURLcode verifystatus(struct Curl_cfilter *cf, for(i = 0; i < (int)sk_X509_num(ch); i++) { X509 *issuer = sk_X509_value(ch, (ossl_valsize_t)i); if(X509_check_issued(issuer, cert) == X509_V_OK) { + /* Note to analysis tools: using SHA1 here is fine. The `id` + * generated is used as a hash lookup key, not as a verifier + * of the OCSP data itself. This all according to RFC 5019. */ id = OCSP_cert_to_id(EVP_sha1(), cert, issuer); break; } @@ -2611,7 +2614,14 @@ static CURLcode verifystatus(struct Curl_cfilter *cf, goto end; } - /* Validate the corresponding single OCSP response */ + /* Validate the OCSP response issuing and update times. + * - `thisupd` is the time the OCSP response was issued + * - `nextupd` is the time the OCSP response should be updated + * (valid life time assigned by the OCSP responder) + * - 3rd param: how many seconds of clock skew we allow between + * our clock and the instance that issued the OCSP response + * - 4th param: how many seconds in the past `thisupd` may be, with + * -1 meaning there is no limit. */ if(!OCSP_check_validity(thisupd, nextupd, 300L, -1L)) { failf(data, "OCSP response has expired"); result = CURLE_SSL_INVALIDCERTSTATUS; From e7247d86971c5ff559d87ccc55b5355d4224f59a Mon Sep 17 00:00:00 2001 From: Jay Satiro Date: Fri, 18 Oct 2024 14:12:31 -0400 Subject: [PATCH 0386/2408] tool_operate: keep failed partial download for retry auto-resume - Keep data from a failed download instead of discarding it on retry in some limited cases when we know it's ok (currently only HTTP 200/206). Prior to this change on failed transfer the tool truncated any outfile data written before retrying the transfer. This change adds an exception for HTTP downloads when the user requested auto-resume, because in that case we can keep the outfile data and resume from the new position. Reported-by: tkzv@users.noreply.github.com Fixes https://github.com/curl/curl/issues/18035 Closes https://github.com/curl/curl/pull/18665 --- src/tool_operate.c | 74 +++++++++++++++++++++++- tests/data/Makefile.am | 2 +- tests/data/test3035 | 127 +++++++++++++++++++++++++++++++++++++++++ 3 files changed, 200 insertions(+), 3 deletions(-) create mode 100644 tests/data/test3035 diff --git a/src/tool_operate.c b/src/tool_operate.c index ca0d2e77f5..1901ab3ac1 100644 --- a/src/tool_operate.c +++ b/src/tool_operate.c @@ -336,6 +336,32 @@ void single_transfer_cleanup(void) glob_cleanup(&state->inglob); } +/* Helper function for retrycheck. + * + * This function is a prerequisite check used to determine whether or not some + * already downloaded data (ie out->bytes written) can be safely resumed in a + * subsequent transfer. The conditions are somewhat pedantic to avoid any risk + * of data corruption. + * + * Specific HTTP limitations (scheme, method, response code, etc) are checked + * in retrycheck if this prerequisite check is met. + */ +static bool is_outfile_auto_resumable(struct OperationConfig *config, + struct per_transfer *per, + CURLcode result) +{ + struct OutStruct *outs = &per->outs; + return config->use_resume && config->resume_from_current && + config->resume_from >= 0 && outs->init == config->resume_from && + outs->bytes > 0 && outs->filename && outs->s_isreg && outs->fopened && + outs->stream && !ferror(outs->stream) && + !config->customrequest && !per->uploadfile && + (config->httpreq == TOOL_HTTPREQ_UNSPEC || + config->httpreq == TOOL_HTTPREQ_GET) && + /* CURLE_WRITE_ERROR could mean outs->bytes is not accurate */ + result != CURLE_WRITE_ERROR && result != CURLE_RANGE_ERROR; +} + static CURLcode retrycheck(struct OperationConfig *config, struct per_transfer *per, CURLcode result, @@ -353,7 +379,6 @@ static CURLcode retrycheck(struct OperationConfig *config, RETRY_FTP, RETRY_LAST /* not used */ } retry = RETRY_NO; - long response = 0; if((CURLE_OPERATION_TIMEDOUT == result) || (CURLE_COULDNT_RESOLVE_HOST == result) || (CURLE_COULDNT_RESOLVE_PROXY == result) || @@ -378,6 +403,7 @@ static CURLcode retrycheck(struct OperationConfig *config, scheme = proto_token(scheme); if(scheme == proto_http || scheme == proto_https) { /* This was HTTP(S) */ + long response = 0; curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &response); switch(response) { @@ -404,6 +430,7 @@ static CURLcode retrycheck(struct OperationConfig *config, } /* if CURLE_OK */ else if(result) { const char *scheme; + long response = 0; curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &response); curl_easy_getinfo(curl, CURLINFO_SCHEME, &scheme); @@ -432,6 +459,7 @@ static CURLcode retrycheck(struct OperationConfig *config, ": HTTP error", ": FTP error" }; + bool truncate = TRUE; /* truncate output file */ if(RETRY_HTTP == retry) { curl_easy_getinfo(curl, CURLINFO_RETRY_AFTER, &retry_after); @@ -482,7 +510,49 @@ static CURLcode retrycheck(struct OperationConfig *config, per->retry_remaining--; - if(outs->bytes && outs->filename && outs->stream) { + /* Skip truncation of outfile if auto-resume is enabled for download and + the partially received data is good. Only for HTTP GET requests in + limited circumstances. */ + if(is_outfile_auto_resumable(config, per, result)) { + long response = 0; + struct curl_header *header = NULL; + const char *method = NULL, *scheme = NULL; + + curl_easy_getinfo(curl, CURLINFO_EFFECTIVE_METHOD, &method); + curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &response); + curl_easy_getinfo(curl, CURLINFO_SCHEME, &scheme); + scheme = proto_token(scheme); + + if((scheme == proto_http || scheme == proto_https) && + method && !strcmp(method, "GET") && + ((response == 206 && config->resume_from) || + (response == 200 && + !curl_easy_header(curl, "Accept-Ranges", 0, + CURLH_HEADER, -1, &header) && + !strcmp(header->value, "bytes")))) { + + notef("Keeping %" CURL_FORMAT_CURL_OFF_T " bytes", outs->bytes); + if(fflush(outs->stream)) { + errorf("Failed to flush output file stream"); + return CURLE_WRITE_ERROR; + } + if(outs->bytes >= CURL_OFF_T_MAX - outs->init) { + errorf("Exceeded maximum supported file size (" + "%" CURL_FORMAT_CURL_OFF_T " + " + "%" CURL_FORMAT_CURL_OFF_T ")", + outs->init, outs->bytes); + return CURLE_WRITE_ERROR; + } + truncate = FALSE; + outs->init += outs->bytes; + outs->bytes = 0; + config->resume_from = outs->init; + curl_easy_setopt(curl, CURLOPT_RESUME_FROM_LARGE, + config->resume_from); + } + } + + if(truncate && outs->bytes && outs->filename && outs->stream) { #ifndef __MINGW32CE__ struct_stat fileinfo; diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am index ce97740b9a..99c287507f 100644 --- a/tests/data/Makefile.am +++ b/tests/data/Makefile.am @@ -275,7 +275,7 @@ test3000 test3001 test3002 test3003 test3004 test3005 test3006 test3007 \ test3008 test3009 test3010 test3011 test3012 test3013 test3014 test3015 \ test3016 test3017 test3018 test3019 test3020 test3021 test3022 test3023 \ test3024 test3025 test3026 test3027 test3028 test3029 test3030 test3031 \ -test3032 test3033 test3034 \ +test3032 test3033 test3034 test3035 \ \ test3100 test3101 test3102 test3103 test3104 test3105 \ \ diff --git a/tests/data/test3035 b/tests/data/test3035 new file mode 100644 index 0000000000..19fefa2318 --- /dev/null +++ b/tests/data/test3035 @@ -0,0 +1,127 @@ + + + +HTTP +HTTP GET +Content-Range +Resume +retry + + + +# Server-side + + +# +# the first chunk +# + +HTTP/1.1 200 OK swsbounce swsclose +Accept-Ranges: bytes +Content-Type: text/html +Content-Length: 26 + +abcde + + +# +# the second chunk +# + +HTTP/1.1 206 Partial Content swsbounce swsclose +Content-Type: text/html +Content-Length: 21 +Content-Range: bytes 5-25/26 + +fghijk + + +# +# some nonsense that curl should ignore as unresumable +# + +HTTP/1.1 404 Not Found swsbounce +Content-Type: text/html +Content-Length: 5 + +body + + +# +# some more nonsense that curl should ignore as unresumable +# + +HTTP/1.1 200 OK swsbounce +Accept-Ranges: bytes +Content-Type: text/html +Content-Length: 30 + +XXXXXXXXXXXXXXXXXXXXXXXXXXXXX + + +# +# the third chunk +# + +HTTP/1.1 206 Partial Content swsbounce swsclose +Content-Type: text/html +Content-Length: 15 +Content-Range: bytes 11-25/26 + +lmnopqrstuvwxyz + + + +# Client-side + + +http + + +HTTP retry failed download with keep data and auto-resume + + +--continue-at - --retry 4 --retry-delay 1 --retry-all-errors -o %LOGDIR/outfile%TESTNUMBER http://%HOSTIP:%HTTPPORT/%TESTNUMBER + + + +# Verify data after the test has been "shot" + + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Range: bytes=5- +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Range: bytes=11- +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Range: bytes=11- +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Range: bytes=11- +User-Agent: curl/%VERSION +Accept: */* + + + + +abcdefghijklmnopqrstuvwxyz + + + + From 0780de2625bf8bb3bcb0f88bbbc401b2750ec1bb Mon Sep 17 00:00:00 2001 From: Jay Satiro Date: Fri, 19 Sep 2025 22:12:05 -0400 Subject: [PATCH 0387/2408] examples: add an example for logging failed transfers - Add an example that demonstrates per-transfer verbose logging to memory. The transfer's log is written to disk only if the transfer fails. Closes https://github.com/curl/curl/pull/18668 --- docs/examples/.gitignore | 1 + docs/examples/Makefile.inc | 1 + docs/examples/log_failed_transfers.c | 335 +++++++++++++++++++++++++++ 3 files changed, 337 insertions(+) create mode 100644 docs/examples/log_failed_transfers.c diff --git a/docs/examples/.gitignore b/docs/examples/.gitignore index 6d14f24cd1..788eefe1ef 100644 --- a/docs/examples/.gitignore +++ b/docs/examples/.gitignore @@ -68,6 +68,7 @@ interface ipv6 keepalive localport +log_failed_transfers maxconnects multi-app multi-debugcallback diff --git a/docs/examples/Makefile.inc b/docs/examples/Makefile.inc index 3bb68f25aa..29c4e3e997 100644 --- a/docs/examples/Makefile.inc +++ b/docs/examples/Makefile.inc @@ -84,6 +84,7 @@ check_PROGRAMS = \ ipv6 \ keepalive \ localport \ + log_failed_transfers \ maxconnects \ multi-app \ multi-debugcallback \ diff --git a/docs/examples/log_failed_transfers.c b/docs/examples/log_failed_transfers.c new file mode 100644 index 0000000000..1ec6350510 --- /dev/null +++ b/docs/examples/log_failed_transfers.c @@ -0,0 +1,335 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + * SPDX-License-Identifier: curl + * + ***************************************************************************/ +/* + * Save failed transfer verbose log to disk + * + */ +/* + * + * This example demonstrates per-transfer verbose logging to memory. + * The transfer's log is written to disk only if the transfer fails. + * + */ + +#ifdef _WIN32 +#ifndef _CRT_SECURE_NO_WARNINGS +#define _CRT_SECURE_NO_WARNINGS +#endif +#include +#endif + +#include +#include +#include +#include +#include +#include + +#ifdef _WIN32 +#define strcasecmp _stricmp +#define strncasecmp _strnicmp +#define unlink _unlink +#else +#include +#include +#endif + +struct mem { + /* 'buf' points to memory contents that is always zero terminated so that it + can be treated like a string if appropriate. 'recent' points to the most + recent data written to 'buf'. */ + char *buf, *recent; + /* 'len' and 'allocsize' are the length and allocated size of 'buf' */ + size_t len, allocsize; +}; + +struct transfer { + const char *url, *bodyfile, *logfile; + struct mem log; + FILE *bodyfp; + CURL *curl; +}; + +static void mem_reset(struct mem *mem) +{ + free(mem->buf); + mem->buf = NULL; + mem->recent = NULL; + mem->len = 0; + mem->allocsize = 0; +} + +/* expand free buffer space to needed size. return -1 or 'needed'. */ +static int mem_need(struct mem *mem, size_t needed) +{ + char *newbuf; + size_t newsize; + + if(needed > (unsigned)INT_MAX) + return -1; + + if(needed <= (mem->allocsize - mem->len)) + return (int)needed; + + /* min 4k makes reallocations much less frequent when lengths are small */ + newsize = needed < 4096 ? 4096 : needed; + + newsize += mem->len; + + if(newsize < mem->len || newsize > (unsigned)INT_MAX) + return -1; + + newbuf = realloc(mem->buf, newsize); + + if(!newbuf) + return -1; + + if(mem->recent && mem->buf != newbuf) + mem->recent = newbuf + (mem->recent - mem->buf); + + mem->buf = newbuf; + mem->allocsize = newsize; + + return (int)needed; +} + +static int mem_addn(struct mem *mem, const char *buf, size_t len) +{ + if(len + 1 < len || mem_need(mem, len + 1) < 0) + return -1; + mem->recent = mem->buf + mem->len; + memcpy(mem->recent, buf, len); + mem->len += len; + mem->buf[mem->len] = '\0'; + return (int)len; +} + +static int mem_add(struct mem *mem, const char *str) +{ + return mem_addn(mem, str, strlen(str)); +} + +#if defined(__GNUC__) || defined(__clang__) +__attribute__ ((format (printf, 2, 3))) +#endif +static int mem_addf(struct mem *mem, const char *format, ...) +{ + int i, x; + va_list va; + + /* we need about 100 chars or less to write 95% of lines */ + x = 128; + + /* first try: there's probably enough memory to write everything. + second try: there's definitely enough memory to write everything. */ + for(i = 0; i < 2; ++i) { + if(x < 0 || mem_need(mem, (size_t)x + 1) < 0) + break; + + va_start(va, format); + x = vsnprintf(mem->buf + mem->len, mem->allocsize - mem->len, format, va); + va_end(va); + + if(x >= 0 && (size_t)x < (mem->allocsize - mem->len)) { + mem->recent = mem->buf + mem->len; + mem->len += (size_t)x; + return x; + } + +#ifdef _WIN32 + /* Not all versions of Windows CRT vsnprintf are compliant with C99. Some + return -1 if buffer too small. Try _vscprintf to get the needed size. */ + if(!i && x < 0) { + va_start(va, format); + x = _vscprintf(format, va); + va_end(va); + } +#endif + } + + if(mem->buf) + mem->buf[mem->len] = '\0'; + return -1; +} + +static int mydebug(CURL *handle, curl_infotype type, + char *data, size_t size, void *userdata) +{ + struct transfer *t = (struct transfer *)userdata; + static const char s_infotype[CURLINFO_END][3] = { + "* ", "< ", "> ", "{ ", "} ", "{ ", "} " }; + + (void)handle; + + switch(type) { + case CURLINFO_TEXT: + case CURLINFO_HEADER_OUT: + case CURLINFO_HEADER_IN: + /* mem_addn is faster than passing large data as %s to mem_addf */ + mem_addn(&t->log, s_infotype[type], 2); + mem_addn(&t->log, data, size); + if(!size || data[size - 1] != '\n') + mem_add(&t->log, "\n"); + break; + default: + break; + } + + return 0; +} + +static size_t mywrite(char *ptr, size_t size, size_t nmemb, void *userdata) +{ + struct transfer *t = (struct transfer *)userdata; + + return fwrite(ptr, size, nmemb, t->bodyfp); +} + +int main(void) +{ + unsigned i; + int total_failed = 0; + char errbuf[CURL_ERROR_SIZE] = { 0, }; + struct transfer transfer[2]; + + memset(transfer, 0, sizeof(transfer)); + + transfer[0].url = "https://httpbin.org/get"; + transfer[0].bodyfile = "200.txt"; + transfer[0].logfile = "200_transfer_log.txt"; + + transfer[1].url = "https://httpbin.org/status/400"; + transfer[1].bodyfile = "400.txt"; + transfer[1].logfile = "400_transfer_log.txt"; + + if(curl_global_init(CURL_GLOBAL_DEFAULT)) { + fprintf(stderr, "curl_global_init failed\n"); + return 1; + } + + /* You could enable global tracing for extra verbosity when verbosity is + enabled for a transfer. */ +#if 0 + curl_global_trace("all"); +#endif + + for(i = 0; i < sizeof(transfer)/sizeof(transfer[0]); ++i) { + int failed = 0; + struct transfer *t = &transfer[i]; + + t->curl = curl_easy_init(); + + if(!t->curl) { + fprintf(stderr, "curl_easy_init failed\n"); + curl_global_cleanup(); + return 1; + } + + curl_easy_setopt(t->curl, CURLOPT_URL, t->url); + + /* Enable following redirects */ + curl_easy_setopt(t->curl, CURLOPT_FOLLOWLOCATION, 1L); + + /* Enable verbose logging to memory */ + curl_easy_setopt(t->curl, CURLOPT_VERBOSE, 1L); + curl_easy_setopt(t->curl, CURLOPT_DEBUGFUNCTION, mydebug); + curl_easy_setopt(t->curl, CURLOPT_DEBUGDATA, t); + + /* Enable writing the body to a file */ + curl_easy_setopt(t->curl, CURLOPT_WRITEFUNCTION, mywrite); + curl_easy_setopt(t->curl, CURLOPT_WRITEDATA, t); + + /* Enable immediate error on HTTP status codes >= 400 in most cases, + instead of downloading the body to a file */ + curl_easy_setopt(t->curl, CURLOPT_FAILONERROR, 1L); + + /* Enable detailed error messages */ + curl_easy_setopt(t->curl, CURLOPT_ERRORBUFFER, errbuf); + + mem_addf(&t->log, "Downloading %s to file %s\n", t->url, t->bodyfile); + printf("%s", t->log.recent); + + /* Create the body file */ + t->bodyfp = fopen(t->bodyfile, "wb"); + + if(t->bodyfp) { + /* Perform the transfer */ + CURLcode result = curl_easy_perform(t->curl); + + /* Save the body file */ + fclose(t->bodyfp); + t->bodyfp = NULL; + + if(result == CURLE_OK) { + /* You could retrieve more information about the transfer here via + curl_easy_getinfo and mark the transfer as failed if needed. */ + mem_addf(&t->log, "Transfer successful.\n"); + fprintf(stderr, "%s", t->log.recent); + failed = 0; + } + else { + mem_addf(&t->log, "Transfer failed: (%d) %s\n", result, + (errbuf[0] ? errbuf : curl_easy_strerror(result))); + fprintf(stderr, "%s", t->log.recent); + failed = 1; + } + } + else { + mem_addf(&t->log, "Failed to create body output file %s: %s\n", + t->bodyfile, strerror(errno)); + fprintf(stderr, "%s", t->log.recent); + failed = 1; + } + + if(failed) { + FILE *fp = fopen(t->logfile, "wb"); + + if(fp && t->log.len == fwrite(t->log.buf, 1, t->log.len, fp)) + fprintf(stderr, "Transfer log written to %s\n", t->logfile); + else { + fprintf(stderr, "Failed to write transfer log to %s: %s\n", + t->logfile, strerror(errno)); + } + + if(fp) + fclose(fp); + + /* Depending on how the transfer failed a body file may or may not have + been written, and you may or may not want it. */ + unlink(t->bodyfile); + + ++total_failed; + } + + mem_reset(&t->log); + + curl_easy_cleanup(t->curl); + + t->curl = NULL; + + printf("\n"); + } + + return total_failed ? 1 : 0; +} From 1e6d507de779d52c6a614a8d50b561ed337bbef4 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 9 Oct 2025 13:18:05 +0200 Subject: [PATCH 0388/2408] schannel_verify: fix mem-leak in Curl_verify_host Reported-by: Stanislav Fort Closes #18972 --- lib/vtls/schannel_verify.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/lib/vtls/schannel_verify.c b/lib/vtls/schannel_verify.c index e64a113ff2..d72790e9df 100644 --- a/lib/vtls/schannel_verify.c +++ b/lib/vtls/schannel_verify.c @@ -611,8 +611,8 @@ CURLcode Curl_verify_host(struct Curl_cfilter *cf, sspi_status = Curl_pSecFn->QueryContextAttributes(&BACKEND->ctxt->ctxt_handle, - SECPKG_ATTR_REMOTE_CERT_CONTEXT, - &pCertContextServer); + SECPKG_ATTR_REMOTE_CERT_CONTEXT, + &pCertContextServer); if((sspi_status != SEC_E_OK) || !pCertContextServer) { char buffer[WINAPI_ERROR_LEN]; @@ -667,13 +667,14 @@ CURLcode Curl_verify_host(struct Curl_cfilter *cf, goto cleanup; } actual_len = cert_get_name_string(data, pCertContextServer, - (LPTSTR)cert_hostname_buff, len, alt_name_info, Win8_compat); + (LPTSTR)cert_hostname_buff, len, + alt_name_info, Win8_compat); /* Sanity check */ if(actual_len != len) { failf(data, - "schannel: CertGetNameString() returned certificate " - "name information of unexpected size"); + "schannel: CertGetNameString() returned certificate " + "name information of unexpected size"); goto cleanup; } @@ -684,7 +685,6 @@ CURLcode Curl_verify_host(struct Curl_cfilter *cf, while(cert_hostname_buff_index < len && cert_hostname_buff[cert_hostname_buff_index] != TEXT('\0') && result == CURLE_PEER_FAILED_VERIFICATION) { - char *cert_hostname; /* Comparing the cert name and the connection hostname encoded as UTF-8 @@ -692,15 +692,14 @@ CURLcode Curl_verify_host(struct Curl_cfilter *cf, * (or some equivalent) encoding */ cert_hostname = curlx_convert_tchar_to_UTF8( - &cert_hostname_buff[cert_hostname_buff_index]); + &cert_hostname_buff[cert_hostname_buff_index]); if(!cert_hostname) { result = CURLE_OUT_OF_MEMORY; } else { if(Curl_cert_hostcheck(cert_hostname, strlen(cert_hostname), conn_hostname, hostlen)) { - infof(data, - "schannel: connection hostname (%s) validated " + infof(data, "schannel: connection hostname (%s) validated " "against certificate name (%s)", conn_hostname, cert_hostname); result = CURLE_OK; @@ -736,6 +735,7 @@ CURLcode Curl_verify_host(struct Curl_cfilter *cf, } cleanup: + LocalFree(alt_name_info); Curl_safefree(cert_hostname_buff); if(pCertContextServer) From 2a2a2e5d107f1ad7fbb5e88dab03ed37c8177e76 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 9 Oct 2025 16:35:39 +0200 Subject: [PATCH 0389/2408] vauth/digest: improve the digest parser Previously, if for example the nonce would end with "realm=" etc it would get the wrong piece, due to the naive parser. Reported-by: Joshua Rogers Closes #18975 --- lib/vauth/digest.c | 57 ++++++++++++++++++++++++++++++---------------- 1 file changed, 37 insertions(+), 20 deletions(-) diff --git a/lib/vauth/digest.c b/lib/vauth/digest.c index 4196ae725c..0a0b3580ed 100644 --- a/lib/vauth/digest.c +++ b/lib/vauth/digest.c @@ -193,26 +193,43 @@ static char *auth_digest_string_quoted(const char *source) /* Retrieves the value for a corresponding key from the challenge string * returns TRUE if the key could be found, FALSE if it does not exists */ -static bool auth_digest_get_key_value(const char *chlg, - const char *key, - char *value, - size_t max_val_len, - char end_char) +static bool auth_digest_get_key_value(const char *chlg, const char *key, + char *buf, size_t buflen) { - char *find_pos; - size_t i; + /* keyword=[value],keyword2=[value] + The values may or may not be quoted. + */ - find_pos = strstr(chlg, key); - if(!find_pos) - return FALSE; + do { + struct Curl_str data; + struct Curl_str name; + if(!curlx_str_until(&chlg, &name, 64, '=') && + !curlx_str_single(&chlg, '=')) { + /* this is the key, get the value, possibly quoted */ + int rc = curlx_str_quotedword(&chlg, &data, 256); + if(rc == STRE_BEGQUOTE) + /* try unquoted until comma */ + rc = curlx_str_until(&chlg, &data, 256, ','); + if(rc) + return FALSE; /* weird */ - find_pos += strlen(key); + if(curlx_str_cmp(&name, key)) { + /* if this is our key, return the value */ + if(curlx_strlen(&data) >= buflen) + /* doesn't fit */ + return FALSE; + memcpy(buf, curlx_str(&data), curlx_strlen(&data)); + buf[curlx_strlen(&data)] = 0; + return TRUE; + } + if(curlx_str_single(&chlg, ',')) + return FALSE; + } + else /* odd syntax */ + break; + } while(1); - for(i = 0; *find_pos && *find_pos != end_char && i < max_val_len - 1; ++i) - value[i] = *find_pos++; - value[i] = '\0'; - - return TRUE; + return FALSE; } static CURLcode auth_digest_get_qop_values(const char *options, int *value) @@ -268,21 +285,21 @@ static CURLcode auth_decode_digest_md5_message(const struct bufref *chlgref, return CURLE_BAD_CONTENT_ENCODING; /* Retrieve nonce string from the challenge */ - if(!auth_digest_get_key_value(chlg, "nonce=\"", nonce, nlen, '\"')) + if(!auth_digest_get_key_value(chlg, "nonce", nonce, nlen)) return CURLE_BAD_CONTENT_ENCODING; /* Retrieve realm string from the challenge */ - if(!auth_digest_get_key_value(chlg, "realm=\"", realm, rlen, '\"')) { + if(!auth_digest_get_key_value(chlg, "realm", realm, rlen)) { /* Challenge does not have a realm, set empty string [RFC2831] page 6 */ *realm = '\0'; } /* Retrieve algorithm string from the challenge */ - if(!auth_digest_get_key_value(chlg, "algorithm=", alg, alen, ',')) + if(!auth_digest_get_key_value(chlg, "algorithm", alg, alen)) return CURLE_BAD_CONTENT_ENCODING; /* Retrieve qop-options string from the challenge */ - if(!auth_digest_get_key_value(chlg, "qop=\"", qop, qlen, '\"')) + if(!auth_digest_get_key_value(chlg, "qop", qop, qlen)) return CURLE_BAD_CONTENT_ENCODING; return CURLE_OK; From 2c6505e0ef9c0368e9acbef5662eb15e43328b65 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 9 Oct 2025 16:51:55 +0200 Subject: [PATCH 0390/2408] krb5_gssapi: fix memory leak on error path If a non-compliant amount of bytes is received, the function would return error without free. Reported-by: Joshua Rogers Closes #18976 --- lib/vauth/krb5_gssapi.c | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/vauth/krb5_gssapi.c b/lib/vauth/krb5_gssapi.c index 70144e5514..a414d0a359 100644 --- a/lib/vauth/krb5_gssapi.c +++ b/lib/vauth/krb5_gssapi.c @@ -225,6 +225,7 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data, /* Not 4 octets long so fail as per RFC4752 Section 3.1 */ if(output_token.length != 4) { infof(data, "GSSAPI handshake failure (invalid security data)"); + gss_release_buffer(&unused_status, &output_token); return CURLE_BAD_CONTENT_ENCODING; } From 435da1f849ad9a5e91b8e348d6830b0c546ac15a Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 9 Oct 2025 17:17:31 +0200 Subject: [PATCH 0391/2408] Curl_resolv: fix comment. 'entry' argument is not optional Reported-by: Joshua Rogers Closes #18979 --- lib/hostip.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/hostip.c b/lib/hostip.c index a6531c3171..41db274c5d 100644 --- a/lib/hostip.c +++ b/lib/hostip.c @@ -819,9 +819,9 @@ static CURLcode store_negative_resolve(struct Curl_easy *data, /* * Curl_resolv() is the main name resolve function within libcurl. It resolves - * a name and returns a pointer to the entry in the 'entry' argument (if one - * is provided). This function might return immediately if we are using asynch - * resolves. See the return codes. + * a name and returns a pointer to the entry in the 'entry' argument. This + * function might return immediately if we are using asynch resolves. See the + * return codes. * * The cache entry we return will get its 'inuse' counter increased when this * function is used. You MUST call Curl_resolv_unlink() later (when you are From 71585f9894cf97ed6719487cb03aa97d2f94b7cd Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 9 Oct 2025 17:23:56 +0200 Subject: [PATCH 0392/2408] asyn-ares: use the duped hostname pointer for all calls In one c-ares call the passed in pointer was used and not the new duplicated one. This is probably fine but might as well use the new pointer as all the other calls do, which will survive longer. Reported-by: Joshua Rogers Closes #18980 --- lib/asyn-ares.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/asyn-ares.c b/lib/asyn-ares.c index 236697695e..dcbed0129c 100644 --- a/lib/asyn-ares.c +++ b/lib/asyn-ares.c @@ -793,7 +793,7 @@ struct Curl_addrinfo *Curl_async_getaddrinfo(struct Curl_easy *data, /* The stack seems to be IPv6-enabled */ /* areschannel is already setup in the Curl_open() function */ CURL_TRC_DNS(data, "asyn-ares: fire off query for A"); - ares_gethostbyname(ares->channel, hostname, PF_INET, + ares_gethostbyname(ares->channel, data->state.async.hostname, PF_INET, async_ares_hostbyname_cb, data); CURL_TRC_DNS(data, "asyn-ares: fire off query for AAAA"); ares->num_pending = 2; From eb3a4314fee5e27dc815a6ef3df632718f6ea823 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 9 Oct 2025 22:10:32 +0200 Subject: [PATCH 0393/2408] RELEASE-NOTES: synced --- RELEASE-NOTES | 69 +++++++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 58 insertions(+), 11 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 47c7dd5255..44ef5ddfc1 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -8,6 +8,7 @@ curl and libcurl 8.17.0 This release includes the following changes: + o build: drop Heimdal support [267] o build: drop the winbuild build system [81] o krb5: drop support for Kerberos FTP [43] o libssh2: up the minimum requirement to 1.9.0 [85] @@ -22,6 +23,7 @@ This release includes the following changes: This release includes the following bugfixes: o ares: fix leak in tracing [91] + o asyn-ares: use the duped hostname pointer for all calls [158] o asyn-thrdd resolver: clear timeout when done [97] o asyn-thrdd: drop pthread_cancel [30] o autotools: add support for libgsasl auto-detection via pkg-config [112] @@ -49,11 +51,13 @@ This release includes the following bugfixes: o checksrc: fix to handle `)` predecing a banned function [229] o checksrc: reduce directory-specific exceptions [228] o cmake/FindGSS: fix `pkg-config` fallback logic for CMake <3.16 [189] + o cmake/FindGSS: whitespace/formatting [268] o cmake: add `CURL_CODE_COVERAGE` option [78] o cmake: build the "all" examples source list dynamically [245] o cmake: clang detection tidy-ups [116] o cmake: drop exclamation in comment looking like a name [160] o cmake: fix building docs when the base directory contains `.3` [18] + o cmake: minor Heimdal flavour detection fix [269] o cmake: support building some complicated examples, build them in CI [235] o cmake: use modern alternatives for `get_filename_component()` [102] o cmake: use more `COMPILER_OPTIONS`, `LINK_OPTIONS` / `LINK_FLAGS` [152] @@ -65,6 +69,7 @@ This release includes the following bugfixes: o curl_easy_getinfo: error code on NULL arg [2] o curl_mem_undef.h: limit to `CURLDEBUG` for non-memalloc overrides [19] o curl_osslq: error out properly if BIO_ADDR_rawmake() fails [184] + o Curl_resolv: fix comment. 'entry' argument is not optional [187] o curl_slist_append.md: clarify that a NULL pointer is not acceptable [72] o CURLINFO_FTP_ENTRY_PATH.md: this is for SFTP as well [8] o CURLOPT_COOKIEFILE.md: clarify when the cookies are loaded [159] @@ -81,6 +86,7 @@ This release includes the following bugfixes: o docs: fix/tidy code fences [87] o easy_getinfo: check magic, Curl_close safety [3] o examples/sessioninfo: cast printf string mask length to int [232] + o examples/sessioninfo: do not disable security [255] o examples/synctime: make the sscanf not overflow the local buffer [252] o examples/usercertinmem: avoid stripping const [247] o examples: drop unused `curl/mprintf.h` includes [224] @@ -96,7 +102,11 @@ This release includes the following bugfixes: o ftp: improve fragile check for first digit > 3 [194] o ftp: remove misleading comments [193] o gtls: avoid potential use of uninitialized variable in trace output [83] + o hostip: don't store negative resolves due unrelated errors [256] o hostip: remove leftover INT_MAX check in Curl_dnscache_prune [88] + o http2: check push header names by length first [261] + o http2: cleanup pushed newhandle on fail [260] + o http2: ingress handling edge cases [259] o http: handle user-defined connection headers [165] o http: make Content-Length parser more WHATWG [183] o httpsrr: free old pointers when storing new [57] @@ -105,6 +115,7 @@ This release includes the following bugfixes: o ip-happy: do not set unnecessary timeout [95] o ip-happy: prevent event-based stall on retry [155] o krb5: return appropriate error on send failures [22] + o krb5_gssapi: fix memory leak on error path [190] o krb5_sspi: the chlg argument is NOT optional [200] o ldap: do not base64 encode zero length string [42] o ldap: tidy-up types, fix error code confusion [191] @@ -114,6 +125,8 @@ This release includes the following bugfixes: o lib: upgrade/multiplex handling [136] o libcurl-multi.md: added curl_multi_get_offt mention [53] o libcurl-security.md: mention long-running connections [6] + o libssh/sftp: fix resume corruption by avoiding O_APPEND with rresume [263] + o libssh2/sftp: fix resume corruption by avoiding O_APPEND with rresume [262] o libssh2/sftp_realpath: change state consistently [185] o libssh2: bail out on chgrp and chown number parsing errors [202] o libssh2: clarify that sshp->path is always at least one byte [201] @@ -137,6 +150,7 @@ This release includes the following bugfixes: o mbedtls: check result of setting ALPN [127] o mbedtls: handle WANT_WRITE from mbedtls_ssl_read() [145] o mdlinkcheck: reject URLs containing quotes [174] + o memdup0: handle edge case [241] o multi.h: add CURLMINFO_LASTENTRY [51] o multi_ev: remove unnecessary data check that confuses analysers [167] o nghttp3: return NGHTTP3_ERR_CALLBACK_FAILURE from recv_header [227] @@ -157,6 +171,7 @@ This release includes the following bugfixes: o openssl: clear retry flag on x509 error [130] o openssl: fail the transfer if ossl_certchain() fails [23] o openssl: fix build for v1.0.2 [225] + o openssl: fix peer certificate leak in channel binding [258] o openssl: make the asn1_object_dump name null terminated [56] o openssl: set io_need always [99] o openssl: skip session resumption when verifystatus is set [230] @@ -168,19 +183,24 @@ This release includes the following bugfixes: o quic: ignore EMSGSIZE on receive [4] o quiche: fix possible leaks on teardown [205] o quiche: fix verbose message when ip quadruple cannot be obtained. [128] + o quiche: handle tls fail correctly [266] o quiche: when ingress processing fails, return that error code [103] o runtests: tag tests that require curl verbose strings [172] o rustls: fix clang-tidy warning [107] o rustls: fix comment describing cr_recv() [117] + o rustls: pass the correct result to rustls_failf [242] o rustls: typecast variable for safer trace output [69] o rustls: use %zu for size_t in failf() format string [121] o sasl: clear canceled mechanism instead of toggling it [41] o schannel: assign result before using it [62] + o schannel_verify: fix mem-leak in Curl_verify_host [208] o schannel_verify: use more human friendly error messages [96] o setopt: accept *_SSL_VERIFYHOST set to 2L [31] + o setopt: allow CURLOPT_DNS_CACHE_TIMEOUT set to -1 [257] o setopt: make CURLOPT_MAXREDIRS accept -1 (again) [1] o smb: adjust buffer size checks [45] o smtp: check EHLO responses case insensitively [50] + o socks: deny server basic-auth if not configured [264] o socks: handle error in verbose trace gracefully [94] o socks: handle premature close [246] o socks: make Curl_blockread_all return CURLcode [67] @@ -231,6 +251,7 @@ This release includes the following bugfixes: o tool_getparam: always disable "lib-ids" for tracing [169] o tool_getparam: warn if provided header looks malformed [179] o tool_operate: improve wording in retry message [37] + o tool_operate: keep failed partial download for retry auto-resume [210] o tool_operate: keep the progress meter for --out-null [33] o tool_progress: handle possible integer overflows [164] o tool_progress: make max5data() use an algorithm [170] @@ -239,8 +260,10 @@ This release includes the following bugfixes: o unit1664: drop casts, expand masks to full values [221] o url: make Curl_init_userdefined return void [213] o urldata: FILE is not a list-only protocol [9] + o vauth/digest: improve the digest parser [203] o vquic: fix idle-timeout checks (ms<-->ns), 64-bit log & honor 0=no-timeout [249] o vquic: handling of io improvements [239] + o vquic: sending non-gso packets fix for EAGAIN [265] o vtls: alpn setting, check proto parameter [134] o vtls_int.h: clarify data_pending [124] o vtls_scache: fix race condition [157] @@ -276,17 +299,18 @@ Planned upcoming removals include: This release would not have looked like this without help, code, reports and advice from friends like these: - Adam Light, Alice Lee Poetics, Andrew Kirillov, Andrew Olsen, - BobodevMm on github, Christian Schmitz, Dan Fandrich, Daniel Stenberg, - Daniel Terhorst-North, dependabot[bot], divinity76 on github, - Emilio Pozuelo Monfort, Ethan Everett, Evgeny Grin (Karlson2k), - fds242 on github, Howard Chu, Ignat Loskutov, Javier Blazquez, Jicea, - jmaggard10 on github, Johannes Schindelin, Joseph Birr-Pixton, Joshua Rogers, - kapsiR on github, kuchara on github, Marcel Raad, Michael Osipov, - Michał Petryka, Mohamed Daahir, Nir Azkiel, Patrick Monnerat, Pocs Norbert, - Ray Satiro, renovate[bot], rinsuki on github, Samuel Dionne-Riel, - Samuel Henrique, Stanislav Fort, Stefan Eissing, Viktor Szakats - (40 contributors) + Adam Light, Alice Lee Poetics, Andrei Kurushin, Andrew Kirillov, + Andrew Olsen, BobodevMm on github, Christian Schmitz, Dan Fandrich, + Daniel Stenberg, Daniel Terhorst-North, dependabot[bot], + divinity76 on github, Emilio Pozuelo Monfort, Ethan Everett, + Evgeny Grin (Karlson2k), fds242 on github, Howard Chu, Ignat Loskutov, + Javier Blazquez, Jicea, jmaggard10 on github, Johannes Schindelin, + Joseph Birr-Pixton, Joshua Rogers, kapsiR on github, kuchara on github, + Marcel Raad, Michael Osipov, Michał Petryka, Mohamed Daahir, Nir Azkiel, + Patrick Monnerat, Pocs Norbert, Ray Satiro, renovate[bot], rinsuki on github, + Samuel Dionne-Riel, Samuel Henrique, Stanislav Fort, Stefan Eissing, + tkzv on github, Viktor Szakats + (42 contributors) References to bug reports and discussions on issues: @@ -447,6 +471,7 @@ References to bug reports and discussions on issues: [155] = https://curl.se/bug/?i=18815 [156] = https://curl.se/bug/?i=18893 [157] = https://curl.se/bug/?i=18806 + [158] = https://curl.se/bug/?i=18980 [159] = https://curl.se/bug/?i=18924 [160] = https://curl.se/bug/?i=18810 [161] = https://curl.se/bug/?i=18749 @@ -475,8 +500,10 @@ References to bug reports and discussions on issues: [184] = https://curl.se/bug/?i=18878 [185] = https://curl.se/bug/?i=18875 [186] = https://curl.se/bug/?i=18874 + [187] = https://curl.se/bug/?i=18979 [188] = https://curl.se/bug/?i=18940 [189] = https://curl.se/bug/?i=18932 + [190] = https://curl.se/bug/?i=18976 [191] = https://curl.se/bug/?i=18888 [192] = https://curl.se/bug/?i=18873 [193] = https://curl.se/bug/?i=18871 @@ -489,10 +516,13 @@ References to bug reports and discussions on issues: [200] = https://curl.se/bug/?i=18865 [201] = https://curl.se/bug/?i=18864 [202] = https://curl.se/bug/?i=18863 + [203] = https://curl.se/bug/?i=18975 [204] = https://curl.se/bug/?i=18859 [205] = https://curl.se/bug/?i=18880 [206] = https://curl.se/bug/?i=18868 [207] = https://curl.se/bug/?i=18872 + [208] = https://curl.se/bug/?i=18972 + [210] = https://curl.se/bug/?i=18035 [211] = https://curl.se/bug/?i=18860 [212] = https://curl.se/bug/?i=18858 [213] = https://curl.se/bug/?i=18855 @@ -522,6 +552,8 @@ References to bug reports and discussions on issues: [238] = https://curl.se/bug/?i=18829 [239] = https://curl.se/bug/?i=18812 [240] = https://curl.se/bug/?i=18703 + [241] = https://curl.se/bug/?i=18966 + [242] = https://curl.se/bug/?i=18961 [243] = https://curl.se/bug/?i=18914 [245] = https://curl.se/bug/?i=18911 [246] = https://curl.se/bug/?i=18883 @@ -531,3 +563,18 @@ References to bug reports and discussions on issues: [250] = https://curl.se/bug/?i=18432 [251] = https://curl.se/bug/?i=18881 [252] = https://curl.se/bug/?i=18890 + [255] = https://curl.se/bug/?i=18969 + [256] = https://curl.se/bug/?i=18953 + [257] = https://curl.se/bug/?i=18959 + [258] = https://hackerone.com/reports/3373640 + [259] = https://curl.se/bug/?i=18933 + [260] = https://curl.se/bug/?i=18931 + [261] = https://curl.se/bug/?i=18930 + [262] = https://curl.se/bug/?i=18952 + [263] = https://curl.se/bug/?i=18952 + [264] = https://curl.se/bug/?i=18937 + [265] = https://curl.se/bug/?i=18936 + [266] = https://curl.se/bug/?i=18934 + [267] = https://curl.se/bug/?i=18928 + [268] = https://curl.se/bug/?i=18957 + [269] = https://curl.se/bug/?i=18951 From 6c0338115ae5f2cde96a9268f54e63fa725d0d7a Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 9 Oct 2025 22:32:09 +0200 Subject: [PATCH 0394/2408] ftp: simplify the 150/126 size scanner The file size is weirdly returned in a 150 or 126 response as "XXX bytes" mentioned somewhere in the response string. This is a rewrite of the size scanner to replace the strange strstr() + backwards search from before with a plain forward search until '[number] + " bytes"' is a match. Triggered by a report by Joshua Rogers about the previous parser. Closes #18984 --- lib/ftp.c | 33 +++++++++++---------------------- 1 file changed, 11 insertions(+), 22 deletions(-) diff --git a/lib/ftp.c b/lib/ftp.c index c3b8aafbc5..adcad3dd75 100644 --- a/lib/ftp.c +++ b/lib/ftp.c @@ -2496,30 +2496,19 @@ static CURLcode ftp_state_get_resp(struct Curl_easy *data, * those cases only confuses us. * * Example D above makes this parsing a little tricky */ - const char *bytes; - char *buf = curlx_dyn_ptr(&ftpc->pp.recvbuf); - bytes = strstr(buf, " bytes"); - if(bytes) { - long in = (long)(--bytes-buf); - /* this is a hint there is size information in there! ;-) */ - while(--in) { - /* scan for the left parenthesis and break there */ - if('(' == *bytes) - break; - /* skip only digits */ - if(!ISDIGIT(*bytes)) { - bytes = NULL; + size_t len = curlx_dyn_len(&ftpc->pp.recvbuf); + if(len >= 7) { /* "1 bytes" is 7 characters */ + size_t i; + for(i = 0; i < len - 7; i++) { + curl_off_t what; + char *buf = curlx_dyn_ptr(&ftpc->pp.recvbuf); + const char *c = &buf[i]; + if(!curlx_str_number(&c, &what, CURL_OFF_T_MAX) && + !curlx_str_single(&c, ' ') && + !strncmp(c, "bytes", 5)) { + size = what; break; } - /* one more estep backwards */ - bytes--; - } - /* if we have nothing but digits: */ - if(bytes) { - ++bytes; - /* get the number! */ - if(curlx_str_number(&bytes, &size, CURL_OFF_T_MAX)) - size = 1; } } } From d35bdfa8f28d646166592f607b8100b6c60be0f0 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 9 Oct 2025 22:50:01 +0200 Subject: [PATCH 0395/2408] openldap: fix memory-leak in error path The 'ber' pointer could escape a free if an early error occurred. Reported-by: Joshua Rogers Closes #18985 --- lib/openldap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/openldap.c b/lib/openldap.c index 72cfdc7039..92364e3e77 100644 --- a/lib/openldap.c +++ b/lib/openldap.c @@ -1216,7 +1216,6 @@ static CURLcode oldap_recv(struct Curl_easy *data, int sockindex, char *buf, break; } - ber_free(ber, 0); if(!result) result = client_write(data, STRCONST("\n"), NULL, 0, NULL, 0); @@ -1225,6 +1224,7 @@ static CURLcode oldap_recv(struct Curl_easy *data, int sockindex, char *buf, break; } + ber_free(ber, 0); ldap_msgfree(msg); return result; } From be5a5c10d49bfe35e7e2ccf63ae700abad786379 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 9 Oct 2025 22:57:29 +0200 Subject: [PATCH 0396/2408] openldap: fix memory-leak on oldap_do's exit path On SSL sockbuf setup failure in `oldap_do`, the 'lud' data would not be freed and instead leak. Reported-by: Joshua Rogers Closes #18986 --- lib/openldap.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/openldap.c b/lib/openldap.c index 92364e3e77..b84268dae7 100644 --- a/lib/openldap.c +++ b/lib/openldap.c @@ -988,8 +988,10 @@ static CURLcode oldap_do(struct Curl_easy *data, bool *done) Sockbuf *sb; /* re-install the libcurl SSL handlers into the sockbuf. */ if((ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, &sb) != LDAP_OPT_SUCCESS) || - ber_sockbuf_add_io(sb, &ldapsb_tls, LBER_SBIOD_LEVEL_TRANSPORT, data)) + ber_sockbuf_add_io(sb, &ldapsb_tls, LBER_SBIOD_LEVEL_TRANSPORT, data)) { + ldap_free_urldesc(lud); return CURLE_FAILED_INIT; + } } #endif From 0d560d00faaa6fa3ff3918d82c8fbd551452d17e Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 9 Oct 2025 17:15:02 +0200 Subject: [PATCH 0397/2408] kerberos: drop logic for MIT Kerberos <1.2.3 (pre-2002) versions curl requires 1.2.4 or newer. Also: - vms: stop defining `gss_nt_service_name`. Added in f9cf3de70b3a494f627eda6cccf6607616eaf449, symbol not used in curl code since 355bf01c828af16c47ab52bccb9ade769f8bf158. Closes #18978 --- CMakeLists.txt | 28 +-------------------- configure.ac | 23 ----------------- docs/INSTALL-CMAKE.md | 1 - lib/curl_config.h.cmake | 3 --- lib/curl_gssapi.h | 6 ----- packages/vms/generate_config_vms_h_curl.com | 5 ---- 6 files changed, 1 insertion(+), 65 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index f711dff04a..d1c8fa32c5 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1445,34 +1445,8 @@ if(CURL_USE_GSSAPI) else() # MIT cmake_push_check_state() list(APPEND CMAKE_REQUIRED_INCLUDES "${GSS_INCLUDE_DIRS}") - - set(_include_list "") - check_include_file("gssapi/gssapi.h" HAVE_GSSAPI_GSSAPI_H) - if(HAVE_GSSAPI_GSSAPI_H) - list(APPEND _include_list "gssapi/gssapi.h") - endif() - - check_include_files("${_include_list};gssapi/gssapi_generic.h" HAVE_GSSAPI_GSSAPI_GENERIC_H) - check_include_files("${_include_list};gssapi/gssapi_krb5.h" _have_gssapi_gssapi_krb5_h) - if(HAVE_GSSAPI_GSSAPI_GENERIC_H) - list(APPEND _include_list "gssapi/gssapi_generic.h") - endif() - if(_have_gssapi_gssapi_krb5_h) - list(APPEND _include_list "gssapi/gssapi_krb5.h") - endif() - - if(NOT DEFINED HAVE_GSS_C_NT_HOSTBASED_SERVICE) - string(APPEND CMAKE_REQUIRED_FLAGS " ${GSS_CFLAGS}") - list(APPEND CMAKE_REQUIRED_LIBRARIES "${GSS_LIBRARIES}") - curl_required_libpaths("${GSS_LIBRARY_DIRS}") - check_symbol_exists("GSS_C_NT_HOSTBASED_SERVICE" "${_include_list}" HAVE_GSS_C_NT_HOSTBASED_SERVICE) - endif() - if(NOT HAVE_GSS_C_NT_HOSTBASED_SERVICE) - set(HAVE_OLD_GSSMIT ON) - endif() - - unset(_include_list) + check_include_file("gssapi/gssapi_generic.h" HAVE_GSSAPI_GSSAPI_GENERIC_H) cmake_pop_check_state() endif() else() diff --git a/configure.ac b/configure.ac index c76be65e96..c8843b5b46 100644 --- a/configure.ac +++ b/configure.ac @@ -1855,29 +1855,6 @@ if test x"$want_gss" = xyes; then if test "x$not_mit" = "x1"; then dnl MIT not found AC_MSG_ERROR([MIT or GNU GSS library required, but not found]) - else - dnl MIT found - dnl check if we have a really old MIT Kerberos version (<= 1.2) - AC_MSG_CHECKING([if GSS-API headers declare GSS_C_NT_HOSTBASED_SERVICE]) - AC_COMPILE_IFELSE([ - AC_LANG_PROGRAM([[ - #include - #include - #include - ]],[[ - gss_import_name( - (OM_uint32 *)0, - (gss_buffer_t)0, - GSS_C_NT_HOSTBASED_SERVICE, - (gss_name_t *)0); - ]]) - ],[ - AC_MSG_RESULT([yes]) - ],[ - AC_MSG_RESULT([no]) - AC_DEFINE(HAVE_OLD_GSSMIT, 1, - [if you have an old MIT Kerberos version, lacking GSS_C_NT_HOSTBASED_SERVICE]) - ]) fi ] ) diff --git a/docs/INSTALL-CMAKE.md b/docs/INSTALL-CMAKE.md index 46215747e7..e5c6b0d375 100644 --- a/docs/INSTALL-CMAKE.md +++ b/docs/INSTALL-CMAKE.md @@ -474,7 +474,6 @@ the parent project, ideally in the "extra" find package redirect file: Available variables: - `HAVE_GNUTLS_SRP`: `gnutls_srp_verifier` present in GnuTLS. -- `HAVE_GSS_C_NT_HOSTBASED_SERVICE`: `GSS_C_NT_HOSTBASED_SERVICE` present in GSS/Kerberos. - `HAVE_LDAP_INIT_FD`: `ldap_init_fd` present in LDAP library. - `HAVE_LDAP_URL_PARSE`: `ldap_url_parse` present in LDAP library. - `HAVE_OPENSSL_SRP`: `SSL_CTX_set_srp_username` present in OpenSSL (or fork). diff --git a/lib/curl_config.h.cmake b/lib/curl_config.h.cmake index 521a439eef..9f37bbb6e2 100644 --- a/lib/curl_config.h.cmake +++ b/lib/curl_config.h.cmake @@ -421,9 +421,6 @@ /* Define to 1 if you have the header file. */ #cmakedefine HAVE_NET_IF_H 1 -/* if you have an old MIT gssapi library, lacking GSS_C_NT_HOSTBASED_SERVICE */ -#cmakedefine HAVE_OLD_GSSMIT 1 - /* Define to 1 if you have the `pipe' function. */ #cmakedefine HAVE_PIPE 1 diff --git a/lib/curl_gssapi.h b/lib/curl_gssapi.h index 2659f23460..6df7e059d3 100644 --- a/lib/curl_gssapi.h +++ b/lib/curl_gssapi.h @@ -51,12 +51,6 @@ OM_uint32 Curl_gss_delete_sec_context(OM_uint32 *min, void Curl_gss_log_error(struct Curl_easy *data, const char *prefix, OM_uint32 major, OM_uint32 minor); -/* Provide some definitions missing in old headers */ -#ifdef HAVE_OLD_GSSMIT -#define GSS_C_NT_HOSTBASED_SERVICE gss_nt_service_name -#define NCOMPAT 1 -#endif - /* Define our privacy and integrity protection values */ #define GSSAUTH_P_NONE 1 #define GSSAUTH_P_INTEGRITY 2 diff --git a/packages/vms/generate_config_vms_h_curl.com b/packages/vms/generate_config_vms_h_curl.com index 271ac60869..d7bc8bfc8f 100644 --- a/packages/vms/generate_config_vms_h_curl.com +++ b/packages/vms/generate_config_vms_h_curl.com @@ -337,11 +337,6 @@ $write cvh "#ifdef USE_UNIX_SOCKETS" $write cvh "#undef USE_UNIX_SOCKETS" $write cvh "#endif" $! -$write cvh "#ifndef HAVE_OLD_GSSMIT" -$write cvh "#define gss_nt_service_name GSS_C_NT_HOSTBASED_SERVICE" -$write cvh "#endif" -$! -$! $! Note: $! The CURL_EXTERN_SYMBOL is used for platforms that need the compiler $! to know about universal symbols. VMS does not need this support so From 69efbcaa03b99b927806af43752bcd5d667a676d Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 9 Oct 2025 23:03:18 +0200 Subject: [PATCH 0398/2408] ldap: avoid null ptr deref on failure ldap_get_dn() can return NULL on error Reported-by: Joshua Rogers Closes #18988 --- lib/ldap.c | 36 ++++++++++++------------------------ 1 file changed, 12 insertions(+), 24 deletions(-) diff --git a/lib/ldap.c b/lib/ldap.c index be65ea2055..2314bbf585 100644 --- a/lib/ldap.c +++ b/lib/ldap.c @@ -535,7 +535,7 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done) /* Get the DN and write it to the client */ { char *name; - size_t name_len; + size_t name_len = 0; #ifdef USE_WIN32_LDAP TCHAR *dn = ldap_get_dn(server, entryIterator); name = curlx_convert_tchar_to_UTF8(dn); @@ -549,32 +549,20 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done) #else char *dn = name = ldap_get_dn(server, entryIterator); #endif - name_len = strlen(name); - - result = Curl_client_write(data, CLIENTWRITE_BODY, "DN: ", 4); - if(result) { - FREE_ON_WINLDAP(name); - ldap_memfree(dn); - goto quit; + if(!name) + result = CURLE_FAILED_INIT; + else { + name_len = strlen(name); + result = Curl_client_write(data, CLIENTWRITE_BODY, "DN: ", 4); } - - result = Curl_client_write(data, CLIENTWRITE_BODY, name, name_len); - if(result) { - FREE_ON_WINLDAP(name); - ldap_memfree(dn); - goto quit; - } - - result = Curl_client_write(data, CLIENTWRITE_BODY, "\n", 1); - if(result) { - FREE_ON_WINLDAP(name); - ldap_memfree(dn); - - goto quit; - } - + if(!result) + result = Curl_client_write(data, CLIENTWRITE_BODY, name, name_len); + if(!result) + result = Curl_client_write(data, CLIENTWRITE_BODY, "\n", 1); FREE_ON_WINLDAP(name); ldap_memfree(dn); + if(result) + goto quit; } /* Get the attributes and write them to the client */ From c049c37acd074a61bbd07eebe25fdf32af575a2a Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 9 Oct 2025 23:21:37 +0200 Subject: [PATCH 0399/2408] libssh: make atime and mtime cap the timestamp instead of wrap The libssh API uses a 32 bit type for datestamp, so instead of just force-typecast it, make sure it gets capped at UINT_MAX if the value is larger. Reported-by: Joshua Rogers Closes #18989 --- lib/vssh/libssh.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c index 579eaeaa0d..544e682b77 100644 --- a/lib/vssh/libssh.c +++ b/lib/vssh/libssh.c @@ -1864,6 +1864,9 @@ static int myssh_in_SFTP_QUOTE_STAT(struct Curl_easy *data, sshc->actualcode = CURLE_QUOTE_ERROR; return SSH_NO_ERROR; } + if(date > UINT_MAX) + /* because the liubssh API can't deal with a larger value */ + date = UINT_MAX; if(!strncmp(cmd, "atime", 5)) sshc->quote_attrs->atime = (uint32_t)date; else /* mtime */ From e5950b2d372ac4f15f6b348227f462d4c3c4d37a Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 10 Oct 2025 02:49:46 +0200 Subject: [PATCH 0400/2408] kerberos: stop including `gssapi/gssapi_generic.h` It's a legacy MIT Kerberos header that's no longer used by curl since: 355bf01c828af16c47ab52bccb9ade769f8bf158 (2015-01-09) There were still mentions of it after this patch, when using versions <1.2.3, but those versions aren't supported since: 99185417952da30c8ddd82ab962fb58da96260b2 (2008-06-12) This header remains in use by autotools and cmake to detect MIT Kerberos (vs. Heimdal, which doesn't have it.) Ref: https://github.com/curl/curl/pull/18978#issuecomment-3387414995 Closes #18990 --- .github/scripts/cmp-config.pl | 1 + CMakeLists.txt | 1 - lib/curl_config.h.cmake | 3 --- lib/urldata.h | 3 --- lib/vauth/vauth.h | 3 --- 5 files changed, 1 insertion(+), 10 deletions(-) diff --git a/.github/scripts/cmp-config.pl b/.github/scripts/cmp-config.pl index 5fb8c0abdc..4284fcaee7 100755 --- a/.github/scripts/cmp-config.pl +++ b/.github/scripts/cmp-config.pl @@ -45,6 +45,7 @@ my %remove = ( '#define HAVE_BROTLI 1' => 1, '#define HAVE_BROTLI_DECODE_H 1' => 1, '#define HAVE_DLFCN_H 1' => 1, + '#define HAVE_GSSAPI_GSSAPI_GENERIC_H 1' => 1, '#define HAVE_GSSAPI_GSSAPI_KRB5_H 1' => 1, '#define HAVE_INTTYPES_H 1' => 1, '#define HAVE_LDAP_H 1' => 1, diff --git a/CMakeLists.txt b/CMakeLists.txt index d1c8fa32c5..387dd57dc2 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1446,7 +1446,6 @@ if(CURL_USE_GSSAPI) cmake_push_check_state() list(APPEND CMAKE_REQUIRED_INCLUDES "${GSS_INCLUDE_DIRS}") check_include_file("gssapi/gssapi.h" HAVE_GSSAPI_GSSAPI_H) - check_include_file("gssapi/gssapi_generic.h" HAVE_GSSAPI_GSSAPI_GENERIC_H) cmake_pop_check_state() endif() else() diff --git a/lib/curl_config.h.cmake b/lib/curl_config.h.cmake index 9f37bbb6e2..3f0bcf22ee 100644 --- a/lib/curl_config.h.cmake +++ b/lib/curl_config.h.cmake @@ -315,9 +315,6 @@ /* if you have the gssapi libraries */ #cmakedefine HAVE_GSSAPI 1 -/* Define to 1 if you have the header file. */ -#cmakedefine HAVE_GSSAPI_GSSAPI_GENERIC_H 1 - /* Define to 1 if you have the header file. */ #cmakedefine HAVE_GSSAPI_GSSAPI_H 1 diff --git a/lib/urldata.h b/lib/urldata.h index d924b91194..cdf028853e 100644 --- a/lib/urldata.h +++ b/lib/urldata.h @@ -195,9 +195,6 @@ typedef CURLcode (Curl_recv)(struct Curl_easy *data, /* transfer */ # else # include # endif -# ifdef HAVE_GSSAPI_GSSAPI_GENERIC_H -# include -# endif #endif #ifdef USE_LIBSSH2 diff --git a/lib/vauth/vauth.h b/lib/vauth/vauth.h index 57fd27a6a7..26e5adc628 100644 --- a/lib/vauth/vauth.h +++ b/lib/vauth/vauth.h @@ -241,9 +241,6 @@ CURLcode Curl_auth_create_xoauth_bearer_message(const char *user, # else # include # endif -# ifdef HAVE_GSSAPI_GSSAPI_GENERIC_H -# include -# endif #endif /* meta key for storing KRB5 meta at connection */ From 9442dd480e9fe4ded646287b5116be27a0cb4efd Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 10 Oct 2025 14:37:41 +0200 Subject: [PATCH 0401/2408] GHA/linux: test GNU GSS with autotools, cmake, valgrind and scan-build The cmake build is running runtests with valgrind. The autotools one is running scan-build. Also: - ignore two memleaks with GNU GSS detected by valgrind. - add comment on support status of `GSS_C_DELEG_POLICY_FLAG`. Closes #19008 --- .github/workflows/linux.yml | 10 +++++++--- lib/curl_gssapi.c | 2 +- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index da49ae67b5..e0e256fbb3 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -93,8 +93,8 @@ jobs: install_steps: wolfssl-opensslextra configure: LDFLAGS=-Wl,-rpath,/home/runner/wolfssl-opensslextra/lib --with-wolfssl=/home/runner/wolfssl-opensslextra --enable-ech --enable-debug - - name: 'mbedtls valgrind' - install_packages: libnghttp2-dev libidn2-dev libldap-dev valgrind + - name: 'mbedtls gss valgrind' + install_packages: libnghttp2-dev libidn2-dev libldap-dev libgss-dev valgrind install_steps: mbedtls generate: >- -DCURL_USE_MBEDTLS=ON -DENABLE_DEBUG=ON @@ -102,6 +102,7 @@ jobs: -DMBEDTLS_LIBRARY=/home/runner/mbedtls/lib/libmbedtls.a -DMBEDX509_LIBRARY=/home/runner/mbedtls/lib/libmbedx509.a -DMBEDCRYPTO_LIBRARY=/home/runner/mbedtls/lib/libmbedcrypto.a + -DCURL_USE_GSSAPI=ON - name: 'mbedtls clang' install_packages: libnghttp2-dev libldap-dev clang @@ -223,7 +224,7 @@ jobs: --enable-ech --with-gssapi --enable-ssls-export - name: 'scan-build' - install_packages: clang-tools clang libssl-dev libidn2-dev libssh2-1-dev libnghttp2-dev libldap-dev libkrb5-dev librtmp-dev libgnutls28-dev + install_packages: clang-tools clang libssl-dev libidn2-dev libssh2-1-dev libnghttp2-dev libldap-dev libgss-dev librtmp-dev libgnutls28-dev install_steps: skipall mbedtls rustls wolfssl-opensslextra install_steps_brew: gsasl CC: clang @@ -673,6 +674,9 @@ jobs: run: | if [ "${TEST_TARGET}" = 'test-ci' ] && [[ "${MATRIX_INSTALL_PACKAGES}" = *'valgrind'* ]]; then TFLAGS+=' -j6' + if [[ "${MATRIX_INSTALL_PACKAGES}" = *'libgss-dev'* ]]; then + TFLAGS+=' ~2077 ~2078' # memory leaks from Curl_auth_decode_spnego_message() -> gss_init_sec_context() + fi fi [ -f ~/venv/bin/activate ] && source ~/venv/bin/activate if [[ "${MATRIX_INSTALL_STEPS}" = *'codeset-test'* ]]; then diff --git a/lib/curl_gssapi.c b/lib/curl_gssapi.c index 87f644a908..42ccaa3e29 100644 --- a/lib/curl_gssapi.c +++ b/lib/curl_gssapi.c @@ -313,7 +313,7 @@ OM_uint32 Curl_gss_init_sec_context(struct Curl_easy *data, req_flags |= GSS_C_MUTUAL_FLAG; if(data->set.gssapi_delegation & CURLGSSAPI_DELEGATION_POLICY_FLAG) { -#ifdef GSS_C_DELEG_POLICY_FLAG +#ifdef GSS_C_DELEG_POLICY_FLAG /* MIT Kerberos 1.8+, missing from GNU GSS */ req_flags |= GSS_C_DELEG_POLICY_FLAG; #else infof(data, "WARNING: support for CURLGSSAPI_DELEGATION_POLICY_FLAG not " From fc9b215fde7f359a5a323f906f26b87d35ac654e Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 9 Oct 2025 13:34:56 +0200 Subject: [PATCH 0402/2408] CI.md: refresh Closes #18973 --- .github/scripts/pyspelling.words | 3 ++ docs/tests/CI.md | 78 ++++++++++++++------------------ 2 files changed, 38 insertions(+), 43 deletions(-) diff --git a/.github/scripts/pyspelling.words b/.github/scripts/pyspelling.words index 73e68f4884..a5c2809130 100644 --- a/.github/scripts/pyspelling.words +++ b/.github/scripts/pyspelling.words @@ -97,6 +97,7 @@ changeset CharConv charset charsets +checkdocs checksrc checksums chgrp @@ -293,6 +294,7 @@ getinfo GETing getpwuid ggcov +GHA Ghedini giga Gisle @@ -931,6 +933,7 @@ VC vcpkg vexxhost Viktor +virtualized Virtuozzo VLAN VM diff --git a/docs/tests/CI.md b/docs/tests/CI.md index 40c87ba14e..1730f1d189 100644 --- a/docs/tests/CI.md +++ b/docs/tests/CI.md @@ -11,19 +11,16 @@ large number of test suites. Every pull request is verified for each of the following: - - ... it still builds, warning-free, on Linux and macOS, with both - clang and gcc - - ... it still builds fine on Windows with several MSVC versions - - ... it still builds with cmake on Linux, with gcc and clang - - ... it follows rudimentary code style rules - - ... the test suite still runs 100% fine - - ... the release tarball (the "dist") still works - - ... it builds fine in-tree as well as out-of-tree - - ... code coverage does not shrink drastically - - ... different TLS backends still compile and pass tests + - it still builds, warning-free, on Linux, macOS, Windows, BSDs, with both + clang and gcc, autotools and cmake, out-of-tree and in-tree. + - it still builds fine on Windows with all supported MSVC versions + - it follows rudimentary code style rules + - the test suite still runs 100% fine + - the release tarball (the "dist") still works + - different TLS backends and options still compile and pass tests If the pull-request fails one of these tests, it shows up as a red X and you -are expected to fix the problem. If you do not understand when the issue is or +are expected to fix the problem. If you do not understand what the issue is or have other problems to fix the complaint, just ask and other project members can likely help out. @@ -31,59 +28,58 @@ Consider the following table while looking at pull request failures: | CI platform as shown in PR | State | What to look at next | | ----------------------------------- | ------ | -------------------------- | - | CI / CodeQL | stable | quality check results | - | CI / fuzzing | stable | fuzzing results | - | CI / macos ... | stable | all errors and failures | - | Code scanning results / CodeQL | stable | quality check results | - | FreeBSD FreeBSD: ... | stable | all errors and failures | - | LGTM analysis: Python | stable | new findings | - | LGTM analysis: C/C++ | stable | new findings | - | buildbot/curl_Schannel_ ... | stable | all errors and failures | - | AppVeyor | flaky | all errors and failures | + | Linux / macOS / Windows / ... | stable | all errors and failures | + | Fuzzer | stable | fuzzing results | + | Code analyzers | stable | new findings | + | checkdocs / checksrc / dist / ... | stable | all errors and failures | + | AppVeyor | stable | all errors and failures | + | buildbot/curl_Schannel ... | stable | all errors and failures | | curl.curl (linux ...) | stable | all errors and failures | - | curl.curl (windows ...) | flaky | repetitive errors/failures | - | CodeQL | stable | new findings | -Sometimes the tests fail due to a dependency service temporarily being offline -or otherwise unavailable, for example package downloads. In this case you can -just try to update your pull requests to rerun the tests later as described -below. +Sometimes the tests fail or run slowly due to a dependency service temporarily +having issues, for example package downloads, or virtualized (non-native) +environments. Sometimes a flaky failed test may occur in any jobs. + +Windows jobs have a number of flaky issues, most often, these: +- test run hanging and timing out after 20 minutes. +- test run aborting with 2304 (hex 0900) or 3840 (hex 0F00). +- test run crashing with fork errors. +- steps past the test run exiting with -1073741502 (hex C0000142). + +In these cases you can just try to update your pull requests to rerun the tests +later as described below. + +A detailed overview of test runs and results can be found on +[Test Clutch](https://testclutch.curl.se/). ## CI servers Here are the different CI environments that are currently in use, and how they are configured: -### GitHub Actions +### GitHub Actions (GHA) GitHub Actions runs the following tests: -- macOS tests with a variety of different compilation options +- Tests with a variety of different compilation options, OSes, CPUs. - Fuzz tests ([see the curl-fuzzer repo for more info](https://github.com/curl/curl-fuzzer)). -- CodeQL static analysis +- Static analysis and sanitizers: clang-tidy, scan-build, address sanitizer, + memory sanitizer, thread sanitizer, CodeQL, valgrind, torture tests. These are each configured in different files in `.github/workflows`. -### Azure - -Not used anymore. - -### AppVeyor +### AppVeyor CI AppVeyor runs a variety of different Windows builds, with different compilation options. -As of November 2021 `@bagder`, `@mback2k`, `@jay`, `@vszakats`, `@dfandrich` +As of October 2025 `@bagder`, `@mback2k`, `@jay`, `@vszakats`, `@dfandrich` and `@danielgustafsson` have administrator access to the AppVeyor CI environment. Additional admins/group members can be added on request. The tests are configured in `appveyor.yml`. -### Zuul - -Not used anymore. - ### Circle CI Circle CI runs a basic Linux test suite on Ubuntu for both x86 and ARM @@ -94,7 +90,3 @@ website](https://app.circleci.com/pipelines/github/curl/curl). `@bagder` has access to edit the "Project Settings" on that page. Additional admins/group members can be added on request. - -### Cirrus CI - -Not used anymore. From 0855f3070931c57c27180c48f7ada0336be977fc Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 10 Oct 2025 03:09:16 +0200 Subject: [PATCH 0403/2408] kerberos: bump minimum to 1.3 (2003-07-08), drop legacy logic Previous minimum was: 1.2.4 (2002-02-28) - assume `gssapi/gssapi.h` header for MIT Kerberos. Drop logic detecting this header, and drop alternate logic including a bare "gssapi.h". Bare `gssapi.h` is Heimdal-specific. MIT Kerberos added support for it for Heimdal compatibility on 2006-11-09, redirecting to `gssapi/gssapi.h`. MIT Kerberos supported the latter header in the 1990s already. Ref: 40e1a016f92903c731f07325bc1f9c6416ae1ac3 (2008-03-06) Ref: https://github.com/krb5/krb5/commit/d11935200186040132e05e2beaaba20a770ee3ef (2006-11-09) - configure.ac: stop using `HAVE_GSSAPI_GSSAPI_H`. Added in 2010 to support "ancient distros such as RHEL-3" where `gssapi/gssapi_krb5.h` did not include `gssapi/gssapi.h`. MIT Kerberos includes it since commit: https://github.com/krb5/krb5/commit/d9e959edfa8da7cab3bde96c9c4ca39beaf8db69 (2003-03-06) Released in 1.3 (2003-07-08). Bump minimum required version to avoid this issue. Reverts cca192e58f9ed7c4b33c1c991f69ff830c58b38f (2010-04-16) Ref: https://web.mit.edu/kerberos/dist/historic.html Ref: https://sources.debian.org/src/krb5/ Closes #18992 --- .github/scripts/cmp-config.pl | 1 + CMakeLists.txt | 5 ----- configure.ac | 11 ++--------- docs/INTERNALS.md | 2 +- lib/curl_config.h.cmake | 3 --- lib/urldata.h | 4 +--- lib/vauth/vauth.h | 4 +--- 7 files changed, 6 insertions(+), 24 deletions(-) diff --git a/.github/scripts/cmp-config.pl b/.github/scripts/cmp-config.pl index 4284fcaee7..3ad0570e28 100755 --- a/.github/scripts/cmp-config.pl +++ b/.github/scripts/cmp-config.pl @@ -46,6 +46,7 @@ my %remove = ( '#define HAVE_BROTLI_DECODE_H 1' => 1, '#define HAVE_DLFCN_H 1' => 1, '#define HAVE_GSSAPI_GSSAPI_GENERIC_H 1' => 1, + '#define HAVE_GSSAPI_GSSAPI_H 1' => 1, '#define HAVE_GSSAPI_GSSAPI_KRB5_H 1' => 1, '#define HAVE_INTTYPES_H 1' => 1, '#define HAVE_LDAP_H 1' => 1, diff --git a/CMakeLists.txt b/CMakeLists.txt index 387dd57dc2..b48b045284 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1442,11 +1442,6 @@ if(CURL_USE_GSSAPI) if(GSS_FLAVOUR STREQUAL "GNU") set(HAVE_GSSGNU 1) - else() # MIT - cmake_push_check_state() - list(APPEND CMAKE_REQUIRED_INCLUDES "${GSS_INCLUDE_DIRS}") - check_include_file("gssapi/gssapi.h" HAVE_GSSAPI_GSSAPI_H) - cmake_pop_check_state() endif() else() message(WARNING "GSSAPI has been requested, but no supporting libraries found. Skipping.") diff --git a/configure.ac b/configure.ac index c8843b5b46..0880552cfb 100644 --- a/configure.ac +++ b/configure.ac @@ -1841,17 +1841,10 @@ if test x"$want_gss" = xyes; then ], [ dnl not found, check for MIT - AC_CHECK_HEADERS([gssapi/gssapi.h], [], [not_mit=1]) AC_CHECK_HEADERS( - [gssapi/gssapi_generic.h gssapi/gssapi_krb5.h], + [gssapi/gssapi.h gssapi/gssapi_generic.h gssapi/gssapi_krb5.h], [], - [not_mit=1], - [ - AC_INCLUDES_DEFAULT - #ifdef HAVE_GSSAPI_GSSAPI_H - #include - #endif - ]) + [not_mit=1]) if test "x$not_mit" = "x1"; then dnl MIT not found AC_MSG_ERROR([MIT or GNU GSS library required, but not found]) diff --git a/docs/INTERNALS.md b/docs/INTERNALS.md index 3ad1b3e8c2..b6b00e924a 100644 --- a/docs/INTERNALS.md +++ b/docs/INTERNALS.md @@ -35,7 +35,7 @@ versions of libs and build tools. - libidn2 2.0.0 - wolfSSL 3.4.6 - OpenLDAP 2.0 - - MIT Kerberos 1.2.4 + - MIT Kerberos 1.3 - nghttp2 1.15.0 ## Build tools diff --git a/lib/curl_config.h.cmake b/lib/curl_config.h.cmake index 3f0bcf22ee..be6fe4176e 100644 --- a/lib/curl_config.h.cmake +++ b/lib/curl_config.h.cmake @@ -315,9 +315,6 @@ /* if you have the gssapi libraries */ #cmakedefine HAVE_GSSAPI 1 -/* Define to 1 if you have the header file. */ -#cmakedefine HAVE_GSSAPI_GSSAPI_H 1 - /* if you have the GNU gssapi libraries */ #cmakedefine HAVE_GSSGNU 1 diff --git a/lib/urldata.h b/lib/urldata.h index cdf028853e..b6b8f6f8fe 100644 --- a/lib/urldata.h +++ b/lib/urldata.h @@ -190,10 +190,8 @@ typedef CURLcode (Curl_recv)(struct Curl_easy *data, /* transfer */ #ifdef HAVE_GSSAPI # ifdef HAVE_GSSGNU # include -# elif defined HAVE_GSSAPI_GSSAPI_H -# include # else -# include +# include # endif #endif diff --git a/lib/vauth/vauth.h b/lib/vauth/vauth.h index 26e5adc628..9a33ca0c23 100644 --- a/lib/vauth/vauth.h +++ b/lib/vauth/vauth.h @@ -236,10 +236,8 @@ CURLcode Curl_auth_create_xoauth_bearer_message(const char *user, #ifdef HAVE_GSSAPI # ifdef HAVE_GSSGNU # include -# elif defined HAVE_GSSAPI_GSSAPI_H -# include # else -# include +# include # endif #endif From 05aa61fb3d7f026aeedbdf23b0f267a159317b54 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 10 Oct 2025 06:37:45 +0200 Subject: [PATCH 0404/2408] cmake/FindGSS: drop wrong header check for GNU GSS GNU GSS offers `gss.h`; do not check for `gssapi.h`. `gssapi.h` was originally published by Heimdal, and later MIT Kerberos also added it for Heimdal compatibility. Closes #18993 --- CMake/FindGSS.cmake | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/CMake/FindGSS.cmake b/CMake/FindGSS.cmake index 21d756c2bc..6bb5dac1b2 100644 --- a/CMake/FindGSS.cmake +++ b/CMake/FindGSS.cmake @@ -154,9 +154,7 @@ if(NOT _gss_FOUND) # Not found by pkg-config. Let us take more traditional appr set(GSS_FLAVOUR "MIT") endif() else() - # I am not convinced if this is the right way but this is what autotools do at the moment - find_path(_gss_INCLUDE_DIRS NAMES "gssapi.h" HINTS ${_gss_root_hints} PATH_SUFFIXES "include" "inc") - find_path(_gss_INCLUDE_DIRS NAMES "gss.h" HINTS ${_gss_root_hints} PATH_SUFFIXES "include") + find_path(_gss_INCLUDE_DIRS NAMES "gss.h" HINTS ${_gss_root_hints} PATH_SUFFIXES "include") if(_gss_INCLUDE_DIRS) set(GSS_FLAVOUR "GNU") From aeacf9a3e8efb6d93d33fe7cf7350e37c985a619 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 10 Oct 2025 06:43:41 +0200 Subject: [PATCH 0405/2408] cmake/FindGSS: dedupe pkg-config module strings Closes #18994 --- CMake/FindGSS.cmake | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CMake/FindGSS.cmake b/CMake/FindGSS.cmake index 6bb5dac1b2..36ad9ed572 100644 --- a/CMake/FindGSS.cmake +++ b/CMake/FindGSS.cmake @@ -158,7 +158,7 @@ if(NOT _gss_FOUND) # Not found by pkg-config. Let us take more traditional appr if(_gss_INCLUDE_DIRS) set(GSS_FLAVOUR "GNU") - set(GSS_PC_REQUIRES "gss") + set(GSS_PC_REQUIRES ${_gnu_modname}) endif() endif() @@ -209,10 +209,10 @@ else() # _pkg_check_modules_pkg_name is undocumented and used as a fallback for CMake <3.16 versions. if(_gss_MODULE_NAME STREQUAL _gnu_modname OR _pkg_check_modules_pkg_name STREQUAL _gnu_modname) set(GSS_FLAVOUR "GNU") - set(GSS_PC_REQUIRES "gss") + set(GSS_PC_REQUIRES ${_gnu_modname}) elseif(_gss_MODULE_NAME STREQUAL _mit_modname OR _pkg_check_modules_pkg_name STREQUAL _mit_modname) set(GSS_FLAVOUR "MIT") - set(GSS_PC_REQUIRES "mit-krb5-gssapi") + set(GSS_PC_REQUIRES ${_mit_modname}) else() message(FATAL_ERROR "GNU or MIT GSS is required") endif() From 7fecc009eacf2bd4815b4dd7b9ec082bca7a1bcc Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Wed, 8 Oct 2025 14:29:54 +0200 Subject: [PATCH 0406/2408] socks: advance iobuf instead of reset During the SOCKS connect phase, the `iobuf` is used to receive repsonses from the server. If the server sends more bytes than expected, the code discarded them silently. Fix this by advancing the iobuf only with the length consumed. Reported-by: Joshua Rogers Closes #18938 --- lib/socks.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/socks.c b/lib/socks.c index a0e1e6c042..10fca7b44c 100644 --- a/lib/socks.c +++ b/lib/socks.c @@ -432,7 +432,7 @@ static CURLproxycode socks4_check_resp(struct socks_state *sx, switch(resp[1]) { case 90: CURL_TRC_CF(data, cf, "SOCKS4%s request granted.", sx->socks4a ? "a" : ""); - Curl_bufq_reset(&sx->iobuf); + Curl_bufq_skip(&sx->iobuf, 8); return CURLPX_OK; case 91: failf(data, @@ -664,7 +664,7 @@ static CURLproxycode socks5_check_resp0(struct socks_state *sx, } auth_mode = resp[1]; - Curl_bufq_reset(&sx->iobuf); + Curl_bufq_skip(&sx->iobuf, 2); switch(auth_mode) { case 0: @@ -765,7 +765,7 @@ static CURLproxycode socks5_check_auth_resp(struct socks_state *sx, /* ignore the first (VER) byte */ auth_status = resp[1]; - Curl_bufq_reset(&sx->iobuf); + Curl_bufq_skip(&sx->iobuf, 2); if(auth_status) { failf(data, "User was rejected by the SOCKS5 server (%d %d).", From 4cc476b37fc9f9f402e107f8ff85c60bad8c19ab Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Thu, 9 Oct 2025 10:41:02 +0200 Subject: [PATCH 0407/2408] gnutls: check conversion of peer cert chain Check the result when converting the peer certificate chain into gnutls internal x590 data structure for errors. Reported-by: Joshua Rogers Closes #18964 --- lib/vtls/gtls.c | 29 +++++++++++++++++++++++------ 1 file changed, 23 insertions(+), 6 deletions(-) diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index 43edbd57ad..1c0a6fb2d6 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -1701,12 +1701,24 @@ Curl_gtls_verifyserver(struct Curl_cfilter *cf, infof(data, " SSL certificate verification SKIPPED"); /* initialize an X.509 certificate structure. */ - gnutls_x509_crt_init(&x509_cert); + if(gnutls_x509_crt_init(&x509_cert)) { + failf(data, "failed to init gnutls x509_crt"); + *certverifyresult = GNUTLS_E_NO_CERTIFICATE_FOUND; + result = CURLE_SSL_CONNECT_ERROR; + goto out; + } - if(chain.certs) + if(chain.certs) { /* convert the given DER or PEM encoded Certificate to the native gnutls_x509_crt_t format */ - gnutls_x509_crt_import(x509_cert, chain.certs, GNUTLS_X509_FMT_DER); + rc = gnutls_x509_crt_import(x509_cert, chain.certs, GNUTLS_X509_FMT_DER); + if(rc) { + failf(data, "error parsing server's certificate chain"); + *certverifyresult = GNUTLS_E_NO_CERTIFICATE_FOUND; + result = CURLE_SSL_CONNECT_ERROR; + goto out; + } + } /* Check for time-based validity */ certclock = gnutls_x509_crt_get_expiration_time(x509_cert); @@ -1773,10 +1785,15 @@ Curl_gtls_verifyserver(struct Curl_cfilter *cf, if(config->issuercert) { gnutls_datum_t issuerp; - gnutls_x509_crt_init(&x509_issuer); + if(gnutls_x509_crt_init(&x509_issuer)) { + failf(data, "failed to init gnutls x509_crt for issuer"); + result = CURLE_SSL_ISSUER_ERROR; + goto out; + } issuerp = load_file(config->issuercert); - gnutls_x509_crt_import(x509_issuer, &issuerp, GNUTLS_X509_FMT_PEM); - rc = (int)gnutls_x509_crt_check_issuer(x509_cert, x509_issuer); + rc = gnutls_x509_crt_import(x509_issuer, &issuerp, GNUTLS_X509_FMT_PEM); + if(!rc) + rc = (int)gnutls_x509_crt_check_issuer(x509_cert, x509_issuer); unload_file(issuerp); if(rc <= 0) { failf(data, "server certificate issuer check failed (IssuerCert: %s)", From a4d3c4e84720c3f2cb94fef1a4e680bb4b3e91a2 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Thu, 9 Oct 2025 11:23:42 +0200 Subject: [PATCH 0408/2408] ws: fix some edge cases Fix edge cases around handling of pending send frames and encoding frames with size_t/curl_off_t possible flowy things. Reported-by: Joshua Rogers Closes #18965 --- lib/ws.c | 43 ++++++++++++++++++++++++++++++++++++++----- 1 file changed, 38 insertions(+), 5 deletions(-) diff --git a/lib/ws.c b/lib/ws.c index d3379c6502..6c8f07e177 100644 --- a/lib/ws.c +++ b/lib/ws.c @@ -647,6 +647,22 @@ static CURLcode ws_enc_add_cntrl(struct Curl_easy *data, return CURLE_OK; } +static curl_off_t ws_payload_remain(curl_off_t payload_total, + curl_off_t payload_offset, + size_t payload_buffered) +{ + curl_off_t remain = payload_total - payload_offset; + if((payload_total < 0) || (payload_offset < 0) || (remain < 0)) + return -1; +#if SIZEOF_OFF_T <= SIZEOF_SIZE_T + if((curl_off_t)payload_buffered < 0) + return -1; +#endif + if(remain < (curl_off_t)payload_buffered) + return -1; + return remain - (curl_off_t)payload_buffered; +} + static CURLcode ws_cw_dec_next(const unsigned char *buf, size_t buflen, int frame_age, int frame_flags, curl_off_t payload_offset, @@ -658,11 +674,16 @@ static CURLcode ws_cw_dec_next(const unsigned char *buf, size_t buflen, struct Curl_easy *data = ctx->data; struct websocket *ws = ctx->ws; bool auto_pong = !data->set.ws_no_auto_pong; - curl_off_t remain = (payload_len - (payload_offset + buflen)); + curl_off_t remain; CURLcode result; (void)frame_age; *pnwritten = 0; + remain = ws_payload_remain(payload_len, payload_offset, buflen); + if(remain < 0) { + DEBUGASSERT(0); /* parameter mismatch */ + return CURLE_BAD_FUNCTION_ARGUMENT; + } if(auto_pong && (frame_flags & CURLWS_PING) && !remain) { /* auto-respond to PINGs, only works for single-frame payloads atm */ @@ -981,12 +1002,18 @@ static CURLcode ws_enc_add_pending(struct Curl_easy *data, result); goto out; } - /* our buffer should always be able to take in a control frame */ - DEBUGASSERT(n == ws->pending.payload_len); + if(n != ws->pending.payload_len) { + DEBUGASSERT(0); /* buffer should always be able to take all */ + CURL_TRC_WS(data, "ws_enc_cntrl(), error added only %zu/%zu payload,", + n, ws->pending.payload_len); + result = CURLE_SEND_ERROR; + goto out; + } + /* the frame should be complete now */ DEBUGASSERT(!ws->enc.payload_remain); + memset(&ws->pending, 0, sizeof(ws->pending)); out: - memset(&ws->pending, 0, sizeof(ws->pending)); return result; } @@ -1445,10 +1472,16 @@ static CURLcode ws_client_collect(const unsigned char *buf, size_t buflen, struct ws_collect *ctx = userp; struct Curl_easy *data = ctx->data; bool auto_pong = !data->set.ws_no_auto_pong; - curl_off_t remain = (payload_len - (payload_offset + buflen)); + curl_off_t remain; CURLcode result = CURLE_OK; *pnwritten = 0; + remain = ws_payload_remain(payload_len, payload_offset, buflen); + if(remain < 0) { + DEBUGASSERT(0); /* parameter mismatch */ + return CURLE_BAD_FUNCTION_ARGUMENT; + } + if(!ctx->bufidx) { /* first write */ ctx->frame_age = frame_age; From 9d7b532404181568de1611084bd9f446cd4a4d26 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Thu, 9 Oct 2025 12:19:49 +0200 Subject: [PATCH 0409/2408] cf-socket: set FD_CLOEXEC on all sockets opened Removed TODO item Reported-by: Joshua Rogers Closes #18968 --- docs/TODO | 9 --------- lib/cf-socket.c | 24 ++++++++++++++++++++---- 2 files changed, 20 insertions(+), 13 deletions(-) diff --git a/docs/TODO b/docs/TODO index 65d735d1be..6c3ba904e7 100644 --- a/docs/TODO +++ b/docs/TODO @@ -34,7 +34,6 @@ 1.20 SRV and URI DNS records 1.22 CURLINFO_PAUSE_STATE 1.25 Expose tried IP addresses that failed - 1.28 FD_CLOEXEC 1.30 config file parsing 1.31 erase secrets from heap/stack after use 1.32 add asynch getaddrinfo support @@ -349,14 +348,6 @@ https://github.com/curl/curl/issues/2126 -1.28 FD_CLOEXEC - - It sets the close-on-exec flag for the file descriptor, which causes the file - descriptor to be automatically (and atomically) closed when any of the - exec-family functions succeed. Should probably be set by default? - - https://github.com/curl/curl/issues/2252 - 1.30 config file parsing Consider providing an API, possibly in a separate companion library, for diff --git a/lib/cf-socket.c b/lib/cf-socket.c index 0182de67e8..758641e40d 100644 --- a/lib/cf-socket.c +++ b/lib/cf-socket.c @@ -371,6 +371,17 @@ static CURLcode socket_open(struct Curl_easy *data, /* no socket, no connection */ return CURLE_COULDNT_CONNECT; +#ifdef HAVE_FCNTL + if(fcntl(*sockfd, F_SETFD, FD_CLOEXEC) < 0) { + char errbuf[STRERROR_LEN]; + failf(data, "fcntl set CLOEXEC: %s", + curlx_strerror(SOCKERRNO, errbuf, sizeof(errbuf))); + close(*sockfd); + *sockfd = CURL_SOCKET_BAD; + return CURLE_COULDNT_CONNECT; + } +#endif + #if defined(USE_IPV6) && defined(HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID) if(data->conn->scope_id && (addr->family == AF_INET6)) { struct sockaddr_in6 * const sa6 = (void *)&addr->curl_sa_addr; @@ -2122,11 +2133,16 @@ static CURLcode cf_tcp_accept_connect(struct Curl_cfilter *cf, curlx_strerror(SOCKERRNO, errbuf, sizeof(errbuf))); return CURLE_FTP_ACCEPT_FAILED; } - - infof(data, "Connection accepted from server"); -#ifndef HAVE_ACCEPT4 - (void)curlx_nonblock(s_accepted, TRUE); /* enable non-blocking */ +#if !defined(HAVE_ACCEPT4) && defined(HAVE_FCNTL) + if((fcntl(s_accepted, F_SETFD, FD_CLOEXEC) < 0) || + (curlx_nonblock(s_accepted, TRUE) < 0)) { + failf(data, "fcntl set CLOEXEC/NONBLOCK: %s", + curlx_strerror(SOCKERRNO, errbuf, sizeof(errbuf))); + return CURLE_FTP_ACCEPT_FAILED; + } #endif + infof(data, "Connection accepted from server"); + /* Replace any filter on SECONDARY with one listening on this socket */ ctx->listening = FALSE; ctx->accepted = TRUE; From bf41be6292cf712315815c722aab2653a0ec827f Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Fri, 10 Oct 2025 09:48:52 +0200 Subject: [PATCH 0410/2408] conn: fix hostname move on connection reuse When reusing a connection, the `host` and `conn_to_host` hostname structs are moved from the template connection onto the existing one. There was a NULLing of a tempplate member missing in `conn_to_host` which could then lead to a double free. Make this struct move into a static function, doing the correct thing for both `struct hostname` in a connection. Reported-by: Joshua Rogers Closes #18995 --- lib/url.c | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/lib/url.c b/lib/url.c index 6a433b09ef..6d69fc11bf 100644 --- a/lib/url.c +++ b/lib/url.c @@ -3286,6 +3286,14 @@ static CURLcode resolve_server(struct Curl_easy *data, return CURLE_OK; } +static void url_move_hostname(struct hostname *dest, struct hostname *src) +{ + Curl_safefree(dest->rawalloc); + Curl_free_idnconverted_hostname(dest); + *dest = *src; + memset(src, 0, sizeof(*src)); +} + /* * Cleanup the connection `temp`, just allocated for `data`, before using the * previously `existing` one for `data`. All relevant info is copied over @@ -3340,15 +3348,9 @@ static void reuse_conn(struct Curl_easy *data, * used the original hostname in SNI to negotiate? Do we send * requests for another host through the different SNI? */ - Curl_free_idnconverted_hostname(&existing->host); - Curl_free_idnconverted_hostname(&existing->conn_to_host); - Curl_safefree(existing->host.rawalloc); - Curl_safefree(existing->conn_to_host.rawalloc); - existing->host = temp->host; - temp->host.rawalloc = NULL; - temp->host.encalloc = NULL; - existing->conn_to_host = temp->conn_to_host; - temp->conn_to_host.rawalloc = NULL; + url_move_hostname(&existing->host, &temp->host); + url_move_hostname(&existing->conn_to_host, &temp->conn_to_host); + existing->conn_to_port = temp->conn_to_port; existing->remote_port = temp->remote_port; free(existing->hostname_resolve); From 03448f477a0cfa3868dfd15a7b9278dcecf944a2 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Fri, 10 Oct 2025 10:15:38 +0200 Subject: [PATCH 0411/2408] thread: errno on thread creation When thread creation fails, the code uses `errno` to remember the cause. But pthread_create() never sets errno and gives the error as return value. Fix that by setting the return value into errno on failure. Windows: I think the ifdef was the wrong way around. Also set a generic Windows Error code on CE systems. Reported-by: Joshua Rogers Closes #18998 --- lib/curl_threads.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/lib/curl_threads.c b/lib/curl_threads.c index a585d26d3f..352e002a3d 100644 --- a/lib/curl_threads.c +++ b/lib/curl_threads.c @@ -60,14 +60,18 @@ curl_thread_t Curl_thread_create(CURL_THREAD_RETURN_T { curl_thread_t t = malloc(sizeof(pthread_t)); struct Curl_actual_call *ac = malloc(sizeof(struct Curl_actual_call)); + int rc; if(!(ac && t)) goto err; ac->func = func; ac->arg = arg; - if(pthread_create(t, NULL, curl_thread_create_thunk, ac) != 0) + rc = pthread_create(t, NULL, curl_thread_create_thunk, ac); + if(rc) { + CURL_SETERRNO(rc); goto err; + } return t; @@ -103,13 +107,15 @@ curl_thread_t Curl_thread_create(CURL_THREAD_RETURN_T { curl_thread_t t = CreateThread(NULL, 0, func, arg, 0, NULL); if(!t) { -#ifdef UNDER_CE +#ifndef UNDER_CE DWORD gle = GetLastError(); /* !checksrc! disable ERRNOVAR 1 */ int err = (gle == ERROR_ACCESS_DENIED || gle == ERROR_NOT_ENOUGH_MEMORY) ? EACCES : EINVAL; CURL_SETERRNO(err); +#else + CURL_SETERRNO(31); /* Windows ERROR_GEN_FAILURE */ #endif return curl_thread_t_null; } From 05fbe85e628ca697e7f3c59bd677024e3cec125c Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Fri, 10 Oct 2025 10:40:55 +0200 Subject: [PATCH 0412/2408] c-ares: when resolving failed, persist error Repeated calls to `Curl_async_is_resolved()` after a failure returned OK and not the error that was the result of the resolve fail. Reported-by: Joshua Rogers Closes #18999 --- lib/asyn-ares.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/lib/asyn-ares.c b/lib/asyn-ares.c index dcbed0129c..d39db23a7b 100644 --- a/lib/asyn-ares.c +++ b/lib/asyn-ares.c @@ -302,11 +302,13 @@ CURLcode Curl_async_is_resolved(struct Curl_easy *data, if(data->state.async.done) { *dns = data->state.async.dns; - return CURLE_OK; + return ares->result; } - if(Curl_ares_perform(ares->channel, 0) < 0) - return CURLE_UNRECOVERABLE_POLL; + if(Curl_ares_perform(ares->channel, 0) < 0) { + result = CURLE_UNRECOVERABLE_POLL; + goto out; + } #ifndef HAVE_CARES_GETADDRINFO /* Now that we have checked for any last minute results above, see if there @@ -371,6 +373,9 @@ CURLcode Curl_async_is_resolved(struct Curl_easy *data, result, *dns ? "" : "not "); async_ares_cleanup(data); } + +out: + ares->result = result; return result; } From 67c75b67125d09029288dd490050471c46c50ece Mon Sep 17 00:00:00 2001 From: Patrick Monnerat Date: Fri, 10 Oct 2025 15:55:50 +0200 Subject: [PATCH 0413/2408] os400: document threads handling in code. This is to clarify threads unavaibility check and handling for security bug busters unaware of OS400 specificities. Fixes #18967 Closes #19009 --- packages/OS400/os400sys.c | 22 +++++++++++++++++++--- 1 file changed, 19 insertions(+), 3 deletions(-) diff --git a/packages/OS400/os400sys.c b/packages/OS400/os400sys.c index bc227a0e69..40eca6edc2 100644 --- a/packages/OS400/os400sys.c +++ b/packages/OS400/os400sys.c @@ -158,6 +158,11 @@ get_buffer(struct buffer_t *buf, long size) } +/* + * Get buffer address for the given local key. + * This is always called though `Curl_thread_buffer' and when threads are + * NOT made available by the os, so no mutex lock/unlock occurs. + */ static char * buffer_unthreaded(localkey_t key, long size) { @@ -165,6 +170,12 @@ buffer_unthreaded(localkey_t key, long size) } +/* + * Get buffer address for the given local key, taking care of + * concurrent threads. + * This is always called though `Curl_thread_buffer' and when threads are + * made available by the os. + */ static char * buffer_threaded(localkey_t key, long size) { @@ -208,16 +219,21 @@ buffer_undef(localkey_t key, long size) /* Determine if we can use pthread-specific data. */ if(Curl_thread_buffer == buffer_undef) { /* If unchanged during lock. */ - if(!pthread_key_create(&thdkey, thdbufdestroy)) + /* OS400 interactive jobs do not support threads: check here. */ + if(!pthread_key_create(&thdkey, thdbufdestroy)) { + /* Threads are supported: use the thread-aware buffer procedure. */ Curl_thread_buffer = buffer_threaded; + } else { + /* No multi-threading available: allocate storage for single-thread + * buffer headers. */ locbufs = calloc((size_t) LK_LAST, sizeof(*locbufs)); if(!locbufs) { - pthread_mutex_unlock(&mutex); + pthread_mutex_unlock(&mutex); /* For symetry: will probably fail. */ return (char *) NULL; } else - Curl_thread_buffer = buffer_unthreaded; + Curl_thread_buffer = buffer_unthreaded; /* Use unthreaded version. */ } atexit(terminate); From 6e9246aeb321b3cbbe07a323dec39e6392a4cb71 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 10 Oct 2025 22:57:10 +0200 Subject: [PATCH 0414/2408] cmake/FindGSS: simplify/de-dupe lib setup - lib name is always `gss` with GNU GSS. - move lib name assigments to the detection blocks. Closes #19012 --- CMake/FindGSS.cmake | 43 ++++++++++++++++--------------------------- 1 file changed, 16 insertions(+), 27 deletions(-) diff --git a/CMake/FindGSS.cmake b/CMake/FindGSS.cmake index 36ad9ed572..db36cf2100 100644 --- a/CMake/FindGSS.cmake +++ b/CMake/FindGSS.cmake @@ -145,6 +145,8 @@ if(NOT _gss_FOUND) # Not found by pkg-config. Let us take more traditional appr find_path(_gss_INCLUDE_DIRS NAMES "gssapi/gssapi.h" HINTS ${_gss_root_hints} PATH_SUFFIXES "include" "inc") if(_gss_INCLUDE_DIRS) # We have found something + set(_gss_libdir_suffixes "") + cmake_push_check_state() list(APPEND CMAKE_REQUIRED_INCLUDES "${_gss_INCLUDE_DIRS}") check_include_files("gssapi/gssapi_generic.h;gssapi/gssapi_krb5.h" _gss_have_mit_headers) @@ -152,6 +154,18 @@ if(NOT _gss_FOUND) # Not found by pkg-config. Let us take more traditional appr if(_gss_have_mit_headers) set(GSS_FLAVOUR "MIT") + if(WIN32) + if(CMAKE_SIZEOF_VOID_P EQUAL 8) + list(APPEND _gss_libdir_suffixes "lib/AMD64") + set(_gss_libname "gssapi64") + else() + list(APPEND _gss_libdir_suffixes "lib/i386") + set(_gss_libname "gssapi32") + endif() + else() + list(APPEND _gss_libdir_suffixes "lib" "lib64") # those suffixes are not checked for HINTS + set(_gss_libname "gssapi_krb5") + endif() endif() else() find_path(_gss_INCLUDE_DIRS NAMES "gss.h" HINTS ${_gss_root_hints} PATH_SUFFIXES "include") @@ -159,12 +173,12 @@ if(NOT _gss_FOUND) # Not found by pkg-config. Let us take more traditional appr if(_gss_INCLUDE_DIRS) set(GSS_FLAVOUR "GNU") set(GSS_PC_REQUIRES ${_gnu_modname}) + set(_gss_libname "gss") endif() endif() - # If we have headers, check if we can link libraries + # If we have headers, look up libraries if(GSS_FLAVOUR) - set(_gss_libdir_suffixes "") set(_gss_libdir_hints ${_gss_root_hints}) if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.20) cmake_path(GET _gss_INCLUDE_DIRS PARENT_PATH _gss_calculated_potential_root) @@ -173,31 +187,6 @@ if(NOT _gss_FOUND) # Not found by pkg-config. Let us take more traditional appr endif() list(APPEND _gss_libdir_hints ${_gss_calculated_potential_root}) - if(WIN32) - if(CMAKE_SIZEOF_VOID_P EQUAL 8) - list(APPEND _gss_libdir_suffixes "lib/AMD64") - if(GSS_FLAVOUR STREQUAL "GNU") - set(_gss_libname "gss") - else() # MIT - set(_gss_libname "gssapi64") - endif() - else() - list(APPEND _gss_libdir_suffixes "lib/i386") - if(GSS_FLAVOUR STREQUAL "GNU") - set(_gss_libname "gss") - else() # MIT - set(_gss_libname "gssapi32") - endif() - endif() - else() - list(APPEND _gss_libdir_suffixes "lib;lib64") # those suffixes are not checked for HINTS - if(GSS_FLAVOUR STREQUAL "GNU") - set(_gss_libname "gss") - else() # MIT - set(_gss_libname "gssapi_krb5") - endif() - endif() - find_library(_gss_LIBRARIES NAMES ${_gss_libname} HINTS ${_gss_libdir_hints} PATH_SUFFIXES ${_gss_libdir_suffixes}) endif() endif() From f04e7a7eface29607981f81662d9dff429372134 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 10 Oct 2025 23:11:14 +0200 Subject: [PATCH 0415/2408] cmake: pre-fill three more type sizes on Windows Use `CMAKE_SIZEOF_VOID_P` to fill the size of three types that differ on 32 and 64-bit Windows: `curl_socket_t`, `size_t`, and on mingw-w64: `ssize_t`. `time_t` remains the only type needing detection at configuration time, with MSVC or mingw-w64. Ref: https://cmake.org/cmake/help/v4.1/variable/CMAKE_SIZEOF_VOID_P.html Closes #19013 --- CMake/win32-cache.cmake | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/CMake/win32-cache.cmake b/CMake/win32-cache.cmake index 058c35dd8d..8cb9b58b39 100644 --- a/CMake/win32-cache.cmake +++ b/CMake/win32-cache.cmake @@ -191,7 +191,8 @@ if(MINGW OR MSVC) curl_prefill_type_size("LONG_LONG" 8) curl_prefill_type_size("__INT64" 8) curl_prefill_type_size("CURL_OFF_T" 8) - # CURL_SOCKET_T, SIZE_T: 8 for _WIN64, 4 otherwise + curl_prefill_type_size("CURL_SOCKET_T" ${CMAKE_SIZEOF_VOID_P}) + curl_prefill_type_size("SIZE_T" ${CMAKE_SIZEOF_VOID_P}) # TIME_T: 8 for _WIN64 or UCRT or MSVC and not Windows CE, 4 otherwise # Also 4 for non-UCRT 32-bit when _USE_32BIT_TIME_T is set. # mingw-w64 sets _USE_32BIT_TIME_T unless __MINGW_USE_VC2005_COMPAT is explicit defined. @@ -200,7 +201,7 @@ if(MINGW OR MSVC) set(HAVE_FILE_OFFSET_BITS 0) curl_prefill_type_size("OFF_T" 4) else() - # SSIZE_T: 8 for _WIN64, 4 otherwise + curl_prefill_type_size("SSIZE_T" ${CMAKE_SIZEOF_VOID_P}) set(HAVE_FILE_OFFSET_BITS 1) # mingw-w64 v3+ curl_prefill_type_size("OFF_T" 8) # mingw-w64 v3+ endif() From 16f0d4ae3ad0a113dde0488b5119ec7ad03cf7d7 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 11 Oct 2025 00:11:16 +0200 Subject: [PATCH 0416/2408] curl_threads: delete WinCE fallback branch Both WinCE and Windows use `CreateThread()` now, so the use of `GetLastError()` works for both. Follow-up to 03448f477a0cfa3868dfd15a7b9278dcecf944a2 #18998 Follow-up to 1c49f2f26d0f200bb9de61f795f06a1bc56845e9 #18451 Follow-up to af0216251b94e751baa47146ac9609db70793b8e #1589 Closes #19015 --- lib/curl_threads.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/lib/curl_threads.c b/lib/curl_threads.c index 352e002a3d..68bfddddcb 100644 --- a/lib/curl_threads.c +++ b/lib/curl_threads.c @@ -107,16 +107,12 @@ curl_thread_t Curl_thread_create(CURL_THREAD_RETURN_T { curl_thread_t t = CreateThread(NULL, 0, func, arg, 0, NULL); if(!t) { -#ifndef UNDER_CE DWORD gle = GetLastError(); /* !checksrc! disable ERRNOVAR 1 */ int err = (gle == ERROR_ACCESS_DENIED || gle == ERROR_NOT_ENOUGH_MEMORY) ? EACCES : EINVAL; CURL_SETERRNO(err); -#else - CURL_SETERRNO(31); /* Windows ERROR_GEN_FAILURE */ -#endif return curl_thread_t_null; } return t; From b419f1fd8779277e7bf8c97f58708cf466c3ffe0 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 11 Oct 2025 00:27:36 +0200 Subject: [PATCH 0417/2408] examples/log_failed_transfers: make it build for WinCE - include `windows.h` after `winsock2.h` via `curl/curl.h`. - avoid `errno` for WinCE. - avoid `_vscprintf` for WinCE. Ref: 4535532ed36d2129b107ab357262072f82c2b34a #18843 Follow-up to 0780de2625bf8bb3bcb0f88bbbc401b2750ec1bb #18668 Closes #19016 --- docs/examples/log_failed_transfers.c | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/docs/examples/log_failed_transfers.c b/docs/examples/log_failed_transfers.c index 1ec6350510..66e1931677 100644 --- a/docs/examples/log_failed_transfers.c +++ b/docs/examples/log_failed_transfers.c @@ -32,14 +32,9 @@ * */ -#ifdef _WIN32 -#ifndef _CRT_SECURE_NO_WARNINGS -#define _CRT_SECURE_NO_WARNINGS -#endif -#include -#endif - +#ifndef UNDER_CE #include +#endif #include #include #include @@ -47,6 +42,10 @@ #include #ifdef _WIN32 +#ifndef _CRT_SECURE_NO_WARNINGS +#define _CRT_SECURE_NO_WARNINGS +#endif +#include #define strcasecmp _stricmp #define strncasecmp _strnicmp #define unlink _unlink @@ -157,7 +156,7 @@ static int mem_addf(struct mem *mem, const char *format, ...) return x; } -#ifdef _WIN32 +#if defined(_WIN32) && !defined(UNDER_CE) /* Not all versions of Windows CRT vsnprintf are compliant with C99. Some return -1 if buffer too small. Try _vscprintf to get the needed size. */ if(!i && x < 0) { @@ -296,9 +295,11 @@ int main(void) } } else { +#ifndef UNDER_CE mem_addf(&t->log, "Failed to create body output file %s: %s\n", t->bodyfile, strerror(errno)); fprintf(stderr, "%s", t->log.recent); +#endif failed = 1; } @@ -307,10 +308,12 @@ int main(void) if(fp && t->log.len == fwrite(t->log.buf, 1, t->log.len, fp)) fprintf(stderr, "Transfer log written to %s\n", t->logfile); +#ifndef UNDER_CE else { fprintf(stderr, "Failed to write transfer log to %s: %s\n", t->logfile, strerror(errno)); } +#endif if(fp) fclose(fp); From 66753bc1203167c2a07737963149e83d93e3788c Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 11 Oct 2025 15:44:10 +0200 Subject: [PATCH 0418/2408] RELEASE-NOTES: synced --- RELEASE-NOTES | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 44ef5ddfc1..4d5ce575ce 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -38,10 +38,12 @@ This release includes the following bugfixes: o build: avoid overriding system symbols for fopen functions [150] o build: avoid overriding system symbols for socket functions [68] o build: show llvm/clang in platform flags and `buildinfo.txt` [126] + o c-ares: when resolving failed, persist error [270] o cf-h2-proxy: break loop on edge case [140] o cf-ip-happy: mention unix domain path, not port number [161] o cf-socket: always check Curl_cf_socket_peek() return code [198] o cf-socket: check params and remove accept procondition [197] + o cf-socket: set FD_CLOEXEC on all sockets opened [273] o cf-socket: tweak a memcpy() to read better [177] o cf-socket: use the right byte order for ports in bindlocal [61] o cfilter: unlink and discard [46] @@ -50,7 +52,11 @@ This release includes the following bugfixes: o checksrc: fix possible endless loops/errors in the banned function logic [220] o checksrc: fix to handle `)` predecing a banned function [229] o checksrc: reduce directory-specific exceptions [228] + o CI.md: refresh [280] + o cmake/FindGSS: dedupe pkg-config module strings [277] + o cmake/FindGSS: drop wrong header check for GNU GSS [278] o cmake/FindGSS: fix `pkg-config` fallback logic for CMake <3.16 [189] + o cmake/FindGSS: simplify/de-dupe lib setup [253] o cmake/FindGSS: whitespace/formatting [268] o cmake: add `CURL_CODE_COVERAGE` option [78] o cmake: build the "all" examples source list dynamically [245] @@ -58,12 +64,14 @@ This release includes the following bugfixes: o cmake: drop exclamation in comment looking like a name [160] o cmake: fix building docs when the base directory contains `.3` [18] o cmake: minor Heimdal flavour detection fix [269] + o cmake: pre-fill three more type sizes on Windows [244] o cmake: support building some complicated examples, build them in CI [235] o cmake: use modern alternatives for `get_filename_component()` [102] o cmake: use more `COMPILER_OPTIONS`, `LINK_OPTIONS` / `LINK_FLAGS` [152] o cmdline-docs: extended, clarified, refreshed [28] o cmdline-opts/_PROGRESS.md: explain the suffixes [154] o configure: add "-mt" for pthread support on HP-UX [52] + o conn: fix hostname move on connection reuse [272] o cookie: avoid saving a cookie file if no transfer was done [11] o cpool: make bundle->dest an array; fix UB [218] o curl_easy_getinfo: error code on NULL arg [2] @@ -71,6 +79,7 @@ This release includes the following bugfixes: o curl_osslq: error out properly if BIO_ADDR_rawmake() fails [184] o Curl_resolv: fix comment. 'entry' argument is not optional [187] o curl_slist_append.md: clarify that a NULL pointer is not acceptable [72] + o curl_threads: delete WinCE fallback branch [233] o CURLINFO_FTP_ENTRY_PATH.md: this is for SFTP as well [8] o CURLOPT_COOKIEFILE.md: clarify when the cookies are loaded [159] o CURLOPT_HEADER/WRITEFUNCTION.md: drop '* size' since size is always 1 [63] @@ -101,6 +110,8 @@ This release includes the following bugfixes: o ftp: fix the 213 scanner memchr buffer limit argument [196] o ftp: improve fragile check for first digit > 3 [194] o ftp: remove misleading comments [193] + o ftp: simplify the 150/126 size scanner [288] + o gnutls: check conversion of peer cert chain [275] o gtls: avoid potential use of uninitialized variable in trace output [83] o hostip: don't store negative resolves due unrelated errors [256] o hostip: remove leftover INT_MAX check in Curl_dnscache_prune [88] @@ -114,9 +125,13 @@ This release includes the following bugfixes: o INTERNALS: drop Winsock 2.2 from the dependency list [162] o ip-happy: do not set unnecessary timeout [95] o ip-happy: prevent event-based stall on retry [155] + o kerberos: bump minimum to 1.3 (2003-07-08), drop legacy logic [279] + o kerberos: drop logic for MIT Kerberos <1.2.3 (pre-2002) versions [285] + o kerberos: stop including `gssapi/gssapi_generic.h` [282] o krb5: return appropriate error on send failures [22] o krb5_gssapi: fix memory leak on error path [190] o krb5_sspi: the chlg argument is NOT optional [200] + o ldap: avoid null ptr deref on failure [284] o ldap: do not base64 encode zero length string [42] o ldap: tidy-up types, fix error code confusion [191] o lib: drop unused include and duplicate guards [226] @@ -139,6 +154,7 @@ This release includes the following bugfixes: o libssh: error on bad chgrp number [71] o libssh: error on bad chown number and store the value [64] o libssh: fix range parsing error handling mistake [120] + o libssh: make atime and mtime cap the timestamp instead of wrap [283] o libssh: react on errors from ssh_scp_read [24] o libssh: return out of memory correctly if aprintf fails [60] o Makefile.example: fix option order [231] @@ -164,6 +180,8 @@ This release includes the following bugfixes: o openldap: avoid indexing the result at -1 for blank responses [44] o openldap: check ber_sockbuf_add_io() return code [163] o openldap: check ldap_get_option() return codes [119] + o openldap: fix memory-leak in error path [287] + o openldap: fix memory-leak on oldap_do's exit path [286] o openssl-quic: check results better [132] o openssl-quic: handle error in SSL_get_stream_read_error_code [129] o openssl-quic: ignore unexpected streams opened by server [176] @@ -175,6 +193,7 @@ This release includes the following bugfixes: o openssl: make the asn1_object_dump name null terminated [56] o openssl: set io_need always [99] o openssl: skip session resumption when verifystatus is set [230] + o os400: document threads handling in code. [254] o OS400: fix a use-after-free/double-free case [142] o osslq: set idle timeout to 0 [237] o pingpong: remove two old leftover debug infof() calls @@ -200,6 +219,7 @@ This release includes the following bugfixes: o setopt: make CURLOPT_MAXREDIRS accept -1 (again) [1] o smb: adjust buffer size checks [45] o smtp: check EHLO responses case insensitively [50] + o socks: advance iobuf instead of reset [276] o socks: deny server basic-auth if not configured [264] o socks: handle error in verbose trace gracefully [94] o socks: handle premature close [246] @@ -234,6 +254,7 @@ This release includes the following bugfixes: o tftp: propagate expired timer from tftp_state_timeout() [39] o tftp: return error if it hits an illegal state [138] o tftp: return error when sendto() fails [59] + o thread: errno on thread creation [271] o tidy-up: `fcntl.h` includes [98] o tidy-up: assortment of small fixes [115] o tidy-up: avoid using the reserved macro namespace [76] @@ -275,6 +296,7 @@ This release includes the following bugfixes: o wolfssl: fix error check in shutdown [105] o wolfssl: no double get_error() detail [188] o ws: clarify an error message [125] + o ws: fix some edge cases [274] o ws: reject curl_ws_recv called with NULL buffer with a buflen [118] This release includes the following known bugs: @@ -545,6 +567,7 @@ References to bug reports and discussions on issues: [230] = https://curl.se/bug/?i=18902 [231] = https://curl.se/bug/?i=18835 [232] = https://curl.se/bug/?i=18918 + [233] = https://curl.se/bug/?i=19015 [234] = https://curl.se/bug/?i=18828 [235] = https://curl.se/bug/?i=18909 [236] = https://curl.se/bug/?i=18905 @@ -555,6 +578,7 @@ References to bug reports and discussions on issues: [241] = https://curl.se/bug/?i=18966 [242] = https://curl.se/bug/?i=18961 [243] = https://curl.se/bug/?i=18914 + [244] = https://curl.se/bug/?i=19013 [245] = https://curl.se/bug/?i=18911 [246] = https://curl.se/bug/?i=18883 [247] = https://curl.se/bug/?i=18908 @@ -563,6 +587,8 @@ References to bug reports and discussions on issues: [250] = https://curl.se/bug/?i=18432 [251] = https://curl.se/bug/?i=18881 [252] = https://curl.se/bug/?i=18890 + [253] = https://curl.se/bug/?i=19012 + [254] = https://curl.se/bug/?i=18967 [255] = https://curl.se/bug/?i=18969 [256] = https://curl.se/bug/?i=18953 [257] = https://curl.se/bug/?i=18959 @@ -578,3 +604,21 @@ References to bug reports and discussions on issues: [267] = https://curl.se/bug/?i=18928 [268] = https://curl.se/bug/?i=18957 [269] = https://curl.se/bug/?i=18951 + [270] = https://curl.se/bug/?i=18999 + [271] = https://curl.se/bug/?i=18998 + [272] = https://curl.se/bug/?i=18995 + [273] = https://curl.se/bug/?i=18968 + [274] = https://curl.se/bug/?i=18965 + [275] = https://curl.se/bug/?i=18964 + [276] = https://curl.se/bug/?i=18938 + [277] = https://curl.se/bug/?i=18994 + [278] = https://curl.se/bug/?i=18993 + [279] = https://curl.se/bug/?i=18992 + [280] = https://curl.se/bug/?i=18973 + [282] = https://curl.se/bug/?i=18990 + [283] = https://curl.se/bug/?i=18989 + [284] = https://curl.se/bug/?i=18988 + [285] = https://curl.se/bug/?i=18978 + [286] = https://curl.se/bug/?i=18986 + [287] = https://curl.se/bug/?i=18985 + [288] = https://curl.se/bug/?i=18984 From 142d61a0ee71b2c58f8f03495fb43d83b478db64 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 10 Oct 2025 09:53:32 +0200 Subject: [PATCH 0419/2408] doswin: CloseHandle the thread on shutdown As this is in the tool shutdown the impact of it was nothing. Also, move two global variables to local. Follow-up to 9a2663322c330ff11275abafd612e9c Reported-by: Joshua Rogers Closes #18996 --- src/tool_doswin.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/tool_doswin.c b/src/tool_doswin.c index 5cf58405b3..8e9e5f023d 100644 --- a/src/tool_doswin.c +++ b/src/tool_doswin.c @@ -809,9 +809,6 @@ ThreadCleanup: } /* The background thread that reads and buffers the true stdin. */ -static HANDLE stdin_thread = NULL; -static curl_socket_t socket_r = CURL_SOCKET_BAD; - curl_socket_t win32_stdin_read_thread(void) { int result; @@ -819,6 +816,8 @@ curl_socket_t win32_stdin_read_thread(void) int rc = 0, socksize = 0; struct win_thread_data *tdata = NULL; SOCKADDR_IN selfaddr; + static HANDLE stdin_thread = NULL; + static curl_socket_t socket_r = CURL_SOCKET_BAD; if(socket_r != CURL_SOCKET_BAD) { assert(stdin_thread != NULL); @@ -930,6 +929,7 @@ curl_socket_t win32_stdin_read_thread(void) if(stdin_thread) { TerminateThread(stdin_thread, 1); + CloseHandle(stdin_thread); stdin_thread = NULL; } From b3f9c837d3906c8f8214e848139f544c777240ab Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 10 Oct 2025 23:54:15 +0200 Subject: [PATCH 0420/2408] asyn-ares: remove wrong comment about the callback argument Both the c-ares documentation and the c-ares source code contradict the previous comment (and mentions/contains no such restriction). Ref: #19001 Closes #19014 --- lib/asyn-ares.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/lib/asyn-ares.c b/lib/asyn-ares.c index d39db23a7b..040100acec 100644 --- a/lib/asyn-ares.c +++ b/lib/asyn-ares.c @@ -517,8 +517,6 @@ static void async_ares_hostbyname_cb(void *user_data, (void)timeouts; /* ignored */ if(ARES_EDESTRUCTION == status) - /* when this ares handle is getting destroyed, the 'arg' pointer may not - be valid so only defer it when we know the 'status' says its fine! */ return; if(ARES_SUCCESS == status) { From 1648f23ed367ecaaa66e4cc029dccf0733f52a9d Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 11 Oct 2025 22:54:54 +0200 Subject: [PATCH 0421/2408] socksd: remove --bindonly mention, there is no such option Reported-by: Joshua Rogers Closes #19026 --- tests/server/socksd.c | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/server/socksd.c b/tests/server/socksd.c index f16b1d79ed..1f2460ec29 100644 --- a/tests/server/socksd.c +++ b/tests/server/socksd.c @@ -851,7 +851,6 @@ static int test_socksd(int argc, char *argv[]) " --ipv4\n" " --ipv6\n" " --unix-socket [file]\n" - " --bindonly\n" " --port [port]\n"); return 0; } From d03a6b79b45921dead4d7848696bd1f1910d5970 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 11 Oct 2025 23:34:45 +0200 Subject: [PATCH 0422/2408] lib1514: fix return code mixup Reported-by: Joshua Rogers Closes #19027 --- tests/libtest/lib1514.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/tests/libtest/lib1514.c b/tests/libtest/lib1514.c index 265f47af08..fc7e33e3d3 100644 --- a/tests/libtest/lib1514.c +++ b/tests/libtest/lib1514.c @@ -55,7 +55,6 @@ static size_t t1514_read_cb(char *ptr, size_t size, size_t nmemb, void *userp) static CURLcode test_lib1514(const char *URL) { CURL *curl; - CURLcode result = CURLE_OK; CURLcode res = CURLE_OK; static char testdata[] = "dummy"; @@ -77,12 +76,12 @@ static CURLcode test_lib1514(const char *URL) easy_setopt(curl, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); } - result = curl_easy_perform(curl); + res = curl_easy_perform(curl); test_cleanup: curl_easy_cleanup(curl); curl_global_cleanup(); - return result; + return res; } From 44429da2e12ec660d000d3e3394900f03d4c3761 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Fri, 10 Oct 2025 11:28:29 +0200 Subject: [PATCH 0423/2408] smb: transfer debugassert to real check That also works for non-debug builds. Reported-by: Joshua Rogers Cloes #19003 --- lib/smb.c | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/lib/smb.c b/lib/smb.c index f7d06eb490..2aa8e96644 100644 --- a/lib/smb.c +++ b/lib/smb.c @@ -545,7 +545,7 @@ static CURLcode smb_recv_message(struct Curl_easy *data, char *buf = smbc->recv_buf; size_t bytes_read; size_t nbt_size; - size_t msg_size; + size_t msg_size = sizeof(struct smb_header); size_t len = MAX_MESSAGE_SIZE - smbc->got; CURLcode result; @@ -565,10 +565,19 @@ static CURLcode smb_recv_message(struct Curl_easy *data, nbt_size = Curl_read16_be((const unsigned char *) (buf + sizeof(unsigned short))) + sizeof(unsigned int); + if(nbt_size > MAX_MESSAGE_SIZE) { + failf(data, "too large NetBIOS frame size %zu", nbt_size); + return CURLE_RECV_ERROR; + } + else if(nbt_size < msg_size) { + /* Each SMB message must be at least this large, e.g. 32 bytes */ + failf(data, "too small NetBIOS frame size %zu", nbt_size); + return CURLE_RECV_ERROR; + } + if(smbc->got < nbt_size) return CURLE_OK; - msg_size = sizeof(struct smb_header); if(nbt_size >= msg_size + 1) { /* Add the word count */ msg_size += 1 + ((unsigned char) buf[msg_size]) * sizeof(unsigned short); @@ -577,7 +586,7 @@ static CURLcode smb_recv_message(struct Curl_easy *data, msg_size += sizeof(unsigned short) + Curl_read16_le((const unsigned char *)&buf[msg_size]); if(nbt_size < msg_size) - return CURLE_READ_ERROR; + return CURLE_RECV_ERROR; } } @@ -661,7 +670,10 @@ static CURLcode smb_send_message(struct Curl_easy *data, { smb_format_message(smbc, req, (struct smb_header *)smbc->send_buf, cmd, msg_len); - DEBUGASSERT((sizeof(struct smb_header) + msg_len) <= MAX_MESSAGE_SIZE); + if((sizeof(struct smb_header) + msg_len) > MAX_MESSAGE_SIZE) { + DEBUGASSERT(0); + return CURLE_SEND_ERROR; + } memcpy(smbc->send_buf + sizeof(struct smb_header), msg, msg_len); return smb_send(data, smbc, sizeof(struct smb_header) + msg_len, 0); From dd7762c309d8e1f6c633825747be7ab812699940 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Fri, 10 Oct 2025 12:00:29 +0200 Subject: [PATCH 0424/2408] libssh2: use sockindex consistently Although the protocol should only run on index 0, there was a mix of looked up sockindex and using constant 0 in tls send/recv. Reported-by: Joshua Rogers Closes #19004 --- lib/vssh/libssh2.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c index 65ccd29923..a92e7508d5 100644 --- a/lib/vssh/libssh2.c +++ b/lib/vssh/libssh2.c @@ -3207,12 +3207,12 @@ static ssize_t ssh_tls_recv(libssh2_socket_t sock, void *buffer, size_t length, int flags, void **abstract) { struct Curl_easy *data = (struct Curl_easy *)*abstract; + int sockindex = Curl_conn_sockindex(data, sock); size_t nread; CURLcode result; struct connectdata *conn = data->conn; - Curl_recv *backup = conn->recv[0]; + Curl_recv *backup = conn->recv[sockindex]; struct ssh_conn *sshc = Curl_conn_meta_get(conn, CURL_META_SSH_CONN); - int socknum = Curl_conn_sockindex(data, sock); (void)flags; if(!sshc) @@ -3220,9 +3220,9 @@ static ssize_t ssh_tls_recv(libssh2_socket_t sock, void *buffer, /* swap in the TLS reader function for this call only, and then swap back the SSH one again */ - conn->recv[0] = sshc->tls_recv; - result = Curl_conn_recv(data, socknum, buffer, length, &nread); - conn->recv[0] = backup; + conn->recv[sockindex] = sshc->tls_recv; + result = Curl_conn_recv(data, sockindex, buffer, length, &nread); + conn->recv[sockindex] = backup; if(result == CURLE_AGAIN) return -EAGAIN; /* magic return code for libssh2 */ else if(result) @@ -3235,12 +3235,12 @@ static ssize_t ssh_tls_send(libssh2_socket_t sock, const void *buffer, size_t length, int flags, void **abstract) { struct Curl_easy *data = (struct Curl_easy *)*abstract; + int sockindex = Curl_conn_sockindex(data, sock); size_t nwrite; CURLcode result; struct connectdata *conn = data->conn; - Curl_send *backup = conn->send[0]; + Curl_send *backup = conn->send[sockindex]; struct ssh_conn *sshc = Curl_conn_meta_get(conn, CURL_META_SSH_CONN); - int socknum = Curl_conn_sockindex(data, sock); (void)flags; if(!sshc) @@ -3248,9 +3248,9 @@ static ssize_t ssh_tls_send(libssh2_socket_t sock, const void *buffer, /* swap in the TLS writer function for this call only, and then swap back the SSH one again */ - conn->send[0] = sshc->tls_send; - result = Curl_conn_send(data, socknum, buffer, length, FALSE, &nwrite); - conn->send[0] = backup; + conn->send[sockindex] = sshc->tls_send; + result = Curl_conn_send(data, sockindex, buffer, length, FALSE, &nwrite); + conn->send[sockindex] = backup; if(result == CURLE_AGAIN) return -EAGAIN; /* magic return code for libssh2 */ else if(result) From 6e35eb4879ec2ee97f43da295f52c6841beeafae Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Fri, 10 Oct 2025 14:33:36 +0200 Subject: [PATCH 0425/2408] lib: SSL connection reuse Protocol handlers not flagging PROTOPT_SSL that allow reuse of existing SSL connections now need to carry the flag PROTOPT_SSL_REUSE. Add PROTOPT_SSL_REUSE to imap, ldap, pop3, smtp and ftp. Add tests the http: urls do not reuse https: connections and vice versa. Reported-by: Sakthi SK Fixes #19006 Closes #19007 --- lib/ftp.c | 2 +- lib/imap.c | 3 ++- lib/ldap.c | 2 +- lib/openldap.c | 2 +- lib/pop3.c | 2 +- lib/smtp.c | 2 +- lib/url.c | 9 +++++---- lib/urldata.h | 3 +++ tests/http/test_01_basic.py | 20 ++++++++++++++++++++ 9 files changed, 35 insertions(+), 10 deletions(-) diff --git a/lib/ftp.c b/lib/ftp.c index adcad3dd75..f633d21305 100644 --- a/lib/ftp.c +++ b/lib/ftp.c @@ -271,7 +271,7 @@ const struct Curl_handler Curl_handler_ftp = { CURLPROTO_FTP, /* family */ PROTOPT_DUAL | PROTOPT_CLOSEACTION | PROTOPT_NEEDSPWD | PROTOPT_NOURLQUERY | PROTOPT_PROXY_AS_HTTP | - PROTOPT_WILDCARD /* flags */ + PROTOPT_WILDCARD | PROTOPT_SSL_REUSE /* flags */ }; diff --git a/lib/imap.c b/lib/imap.c index 69e4e0c2c6..47757d3f29 100644 --- a/lib/imap.c +++ b/lib/imap.c @@ -209,7 +209,8 @@ const struct Curl_handler Curl_handler_imap = { CURLPROTO_IMAP, /* protocol */ CURLPROTO_IMAP, /* family */ PROTOPT_CLOSEACTION| /* flags */ - PROTOPT_URLOPTIONS + PROTOPT_URLOPTIONS| + PROTOPT_SSL_REUSE }; #ifdef USE_SSL diff --git a/lib/ldap.c b/lib/ldap.c index 2314bbf585..0b475d07bb 100644 --- a/lib/ldap.c +++ b/lib/ldap.c @@ -199,7 +199,7 @@ const struct Curl_handler Curl_handler_ldap = { PORT_LDAP, /* defport */ CURLPROTO_LDAP, /* protocol */ CURLPROTO_LDAP, /* family */ - PROTOPT_NONE /* flags */ + PROTOPT_SSL_REUSE /* flags */ }; #ifdef HAVE_LDAP_SSL diff --git a/lib/openldap.c b/lib/openldap.c index b84268dae7..fb771161d6 100644 --- a/lib/openldap.c +++ b/lib/openldap.c @@ -139,7 +139,7 @@ const struct Curl_handler Curl_handler_ldap = { PORT_LDAP, /* defport */ CURLPROTO_LDAP, /* protocol */ CURLPROTO_LDAP, /* family */ - PROTOPT_NONE /* flags */ + PROTOPT_SSL_REUSE /* flags */ }; #ifdef USE_SSL diff --git a/lib/pop3.c b/lib/pop3.c index ce9f81e3d5..dbcc2d198d 100644 --- a/lib/pop3.c +++ b/lib/pop3.c @@ -200,7 +200,7 @@ const struct Curl_handler Curl_handler_pop3 = { CURLPROTO_POP3, /* protocol */ CURLPROTO_POP3, /* family */ PROTOPT_CLOSEACTION | PROTOPT_NOURLQUERY | /* flags */ - PROTOPT_URLOPTIONS + PROTOPT_URLOPTIONS | PROTOPT_SSL_REUSE }; #ifdef USE_SSL diff --git a/lib/smtp.c b/lib/smtp.c index 8daf0ad89d..76ed4f280a 100644 --- a/lib/smtp.c +++ b/lib/smtp.c @@ -205,7 +205,7 @@ const struct Curl_handler Curl_handler_smtp = { CURLPROTO_SMTP, /* protocol */ CURLPROTO_SMTP, /* family */ PROTOPT_CLOSEACTION | PROTOPT_NOURLQUERY | /* flags */ - PROTOPT_URLOPTIONS + PROTOPT_URLOPTIONS | PROTOPT_SSL_REUSE }; #ifdef USE_SSL diff --git a/lib/url.c b/lib/url.c index 6d69fc11bf..f0fe7d3d41 100644 --- a/lib/url.c +++ b/lib/url.c @@ -932,15 +932,16 @@ static bool url_match_multiplex_limits(struct connectdata *conn, static bool url_match_ssl_use(struct connectdata *conn, struct url_conn_match *m) { - if(m->needle->handler->flags&PROTOPT_SSL) { + if(m->needle->handler->flags & PROTOPT_SSL) { /* We are looking for SSL, if `conn` does not do it, not a match. */ if(!Curl_conn_is_ssl(conn, FIRSTSOCKET)) return FALSE; } else if(Curl_conn_is_ssl(conn, FIRSTSOCKET)) { - /* We are not *requiring* SSL, however `conn` has it. If the - * protocol *family* is not the same, not a match. */ - if(get_protocol_family(conn->handler) != m->needle->handler->protocol) + /* If the protocol does not allow reuse of SSL connections OR + is of another protocol family, not a match. */ + if(!(m->needle->handler->flags & PROTOPT_SSL_REUSE) || + (get_protocol_family(conn->handler) != m->needle->handler->protocol)) return FALSE; } return TRUE; diff --git a/lib/urldata.h b/lib/urldata.h index b6b8f6f8fe..30bbbae416 100644 --- a/lib/urldata.h +++ b/lib/urldata.h @@ -578,6 +578,9 @@ struct Curl_handler { #define PROTOPT_USERPWDCTRL (1<<13) /* Allow "control bytes" (< 32 ASCII) in username and password */ #define PROTOPT_NOTCPPROXY (1<<14) /* this protocol cannot proxy over TCP */ +#define PROTOPT_SSL_REUSE (1<<15) /* this protocol may reuse an existing + SSL connection in the same family + without having PROTOPT_SSL. */ #define CONNCHECK_NONE 0 /* No checks */ #define CONNCHECK_ISDEAD (1<<0) /* Check if the connection is dead. */ diff --git a/tests/http/test_01_basic.py b/tests/http/test_01_basic.py index 4ac4e8e6e1..692bb3d7b2 100644 --- a/tests/http/test_01_basic.py +++ b/tests/http/test_01_basic.py @@ -273,3 +273,23 @@ class TestBasic: assert r.responses[0]['header']['request-te'] == te_out, f'{r.responses[0]}' else: assert 'request-te' not in r.responses[0]['header'], f'{r.responses[0]}' + + # check that an existing https: connection is not reused for http: + def test_01_18_tls_reuse(self, env: Env, httpd): + proto = 'h2' + curl = CurlClient(env=env) + url1 = f'https://{env.authority_for(env.domain1, proto)}/data.json' + url2 = f'http://{env.authority_for(env.domain1, proto)}/data.json' + r = curl.http_download(urls=[url1, url2], alpn_proto=proto, with_stats=True) + assert len(r.stats) == 2 + assert r.total_connects == 2, f'{r.dump_logs()}' + + # check that an existing http: connection is not reused for https: + def test_01_19_plain_reuse(self, env: Env, httpd): + proto = 'h2' + curl = CurlClient(env=env) + url1 = f'http://{env.domain1}:{env.http_port}/data.json' + url2 = f'https://{env.domain1}:{env.http_port}/data.json' + r = curl.http_download(urls=[url1, url2], alpn_proto=proto, with_stats=True) + assert len(r.stats) == 2 + assert r.total_connects == 2, f'{r.dump_logs()}' From 2b49d17cbacc6e919786c16019f3e330dc0f7605 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 11 Oct 2025 22:44:30 +0200 Subject: [PATCH 0426/2408] docs: expand on quoting rules for file names in SFTP quote Reported-by: Harry Sintonen Closes #19025 --- docs/cmdline-opts/quote.md | 9 ++++++--- docs/libcurl/opts/CURLOPT_QUOTE.md | 12 ++++++++---- 2 files changed, 14 insertions(+), 7 deletions(-) diff --git a/docs/cmdline-opts/quote.md b/docs/cmdline-opts/quote.md index 04a47424a0..a5563010c6 100644 --- a/docs/cmdline-opts/quote.md +++ b/docs/cmdline-opts/quote.md @@ -37,9 +37,12 @@ You must send syntactically correct FTP commands as RFC 959 defines to FTP servers, or one of the commands listed below to SFTP servers. SFTP is a binary protocol. Unlike for FTP, curl interprets SFTP quote commands -itself before sending them to the server. Filenames may be quoted shell-style -to embed spaces or special characters. Following is the list of all supported -SFTP quote commands: +itself before sending them to the server. Filenames must be provided within +double quotes to embed spaces, backslashes, quotes or double quotes. Within +double quotes the following escape sequences are available for that purpose: +\\, \", and \'. + +Following is the list of all supported SFTP quote commands: ## atime date file The atime command sets the last access time of the file named by the file diff --git a/docs/libcurl/opts/CURLOPT_QUOTE.md b/docs/libcurl/opts/CURLOPT_QUOTE.md index 5e00f45137..11b6997c68 100644 --- a/docs/libcurl/opts/CURLOPT_QUOTE.md +++ b/docs/libcurl/opts/CURLOPT_QUOTE.md @@ -52,11 +52,15 @@ libcurl does not inspect, parse or "understand" the commands passed to the server using this option. If you change connection state, working directory or similar using quote commands, libcurl does not know about it. -The path arguments for FTP or SFTP can use single or double quotes to -distinguish a space from being the parameter separator or being a part of the -path. e.g. rename with sftp using a quote command like this: +The path arguments for FTP or SFTP should use double quotes to distinguish a +space from being the parameter separator or being a part of the path. For +example, rename with sftp using a quote command like this: - "rename 'test/_upload.txt' 'test/Hello World.txt'" + rename "test/_upload.txt" "test/Hello World.txt" + +For SFTP, filenames must be provided within double quotes to embed spaces, +backslashes, quotes or double quotes. Within double quotes the following +escape sequences are available for that purpose: \\, \", and \'. # SFTP commands From 578706addec3d41cb5db64160d23795a95ca11d9 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 12 Oct 2025 11:05:46 +0200 Subject: [PATCH 0427/2408] libssh/libssh2: reject quote command lines with too much data If there is lingering letters left on the right side after the paths have been parsed, they are syntactically incorrect so returning error is the safe thing to do. Reported-by: Harry Sintonen Closes #19030 --- lib/vssh/libssh.c | 26 ++++++++++++++++++++++++++ lib/vssh/libssh2.c | 24 ++++++++++++++++++++++++ 2 files changed, 50 insertions(+) diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c index 544e682b77..69666c5388 100644 --- a/lib/vssh/libssh.c +++ b/lib/vssh/libssh.c @@ -1557,6 +1557,18 @@ static int myssh_in_SFTP_POSTQUOTE_INIT(struct Curl_easy *data, return SSH_NO_ERROR; } +static int return_quote_error(struct Curl_easy *data, + struct ssh_conn *sshc) +{ + failf(data, "Suspicious data after the command line"); + Curl_safefree(sshc->quote_path1); + Curl_safefree(sshc->quote_path2); + myssh_to(data, sshc, SSH_SFTP_CLOSE); + sshc->nextstate = SSH_NO_STATE; + sshc->actualcode = CURLE_QUOTE_ERROR; + return SSH_NO_ERROR; +} + static int myssh_in_SFTP_QUOTE(struct Curl_easy *data, struct ssh_conn *sshc, struct SSHPROTO *sshp) @@ -1665,6 +1677,8 @@ static int myssh_in_SFTP_QUOTE(struct Curl_easy *data, sshc->actualcode = result; return SSH_NO_ERROR; } + if(*cp) + return return_quote_error(data, sshc); sshc->quote_attrs = NULL; myssh_to(data, sshc, SSH_SFTP_QUOTE_STAT); return SSH_NO_ERROR; @@ -1686,10 +1700,14 @@ static int myssh_in_SFTP_QUOTE(struct Curl_easy *data, sshc->actualcode = result; return SSH_NO_ERROR; } + if(*cp) + return return_quote_error(data, sshc); myssh_to(data, sshc, SSH_SFTP_QUOTE_SYMLINK); return SSH_NO_ERROR; } else if(!strncmp(cmd, "mkdir ", 6)) { + if(*cp) + return return_quote_error(data, sshc); /* create dir */ myssh_to(data, sshc, SSH_SFTP_QUOTE_MKDIR); return SSH_NO_ERROR; @@ -1710,20 +1728,28 @@ static int myssh_in_SFTP_QUOTE(struct Curl_easy *data, sshc->actualcode = result; return SSH_NO_ERROR; } + if(*cp) + return return_quote_error(data, sshc); myssh_to(data, sshc, SSH_SFTP_QUOTE_RENAME); return SSH_NO_ERROR; } else if(!strncmp(cmd, "rmdir ", 6)) { /* delete dir */ + if(*cp) + return return_quote_error(data, sshc); myssh_to(data, sshc, SSH_SFTP_QUOTE_RMDIR); return SSH_NO_ERROR; } else if(!strncmp(cmd, "rm ", 3)) { + if(*cp) + return return_quote_error(data, sshc); myssh_to(data, sshc, SSH_SFTP_QUOTE_UNLINK); return SSH_NO_ERROR; } #ifdef HAS_STATVFS_SUPPORT else if(!strncmp(cmd, "statvfs ", 8)) { + if(*cp) + return return_quote_error(data, sshc); myssh_to(data, sshc, SSH_SFTP_QUOTE_STATVFS); return SSH_NO_ERROR; } diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c index a92e7508d5..ad416aba8e 100644 --- a/lib/vssh/libssh2.c +++ b/lib/vssh/libssh2.c @@ -843,6 +843,15 @@ static CURLcode ssh_force_knownhost_key_type(struct Curl_easy *data, return result; } +static CURLcode return_quote_error(struct Curl_easy *data, + struct ssh_conn *sshc) +{ + failf(data, "Suspicious data after the command line"); + Curl_safefree(sshc->quote_path1); + Curl_safefree(sshc->quote_path2); + return CURLE_QUOTE_ERROR; +} + static CURLcode sftp_quote(struct Curl_easy *data, struct ssh_conn *sshc, struct SSHPROTO *sshp) @@ -930,6 +939,9 @@ static CURLcode sftp_quote(struct Curl_easy *data, Curl_safefree(sshc->quote_path1); return result; } + if(*cp) + return_quote_error(data, sshc); + memset(&sshp->quote_attrs, 0, sizeof(LIBSSH2_SFTP_ATTRIBUTES)); myssh_state(data, sshc, SSH_SFTP_QUOTE_STAT); return result; @@ -946,10 +958,14 @@ static CURLcode sftp_quote(struct Curl_easy *data, Curl_safefree(sshc->quote_path1); return result; } + if(*cp) + return_quote_error(data, sshc); myssh_state(data, sshc, SSH_SFTP_QUOTE_SYMLINK); return result; } else if(!strncmp(cmd, "mkdir ", 6)) { + if(*cp) + return_quote_error(data, sshc); /* create dir */ myssh_state(data, sshc, SSH_SFTP_QUOTE_MKDIR); return result; @@ -965,19 +981,27 @@ static CURLcode sftp_quote(struct Curl_easy *data, Curl_safefree(sshc->quote_path1); return result; } + if(*cp) + return_quote_error(data, sshc); myssh_state(data, sshc, SSH_SFTP_QUOTE_RENAME); return result; } else if(!strncmp(cmd, "rmdir ", 6)) { + if(*cp) + return_quote_error(data, sshc); /* delete dir */ myssh_state(data, sshc, SSH_SFTP_QUOTE_RMDIR); return result; } else if(!strncmp(cmd, "rm ", 3)) { + if(*cp) + return_quote_error(data, sshc); myssh_state(data, sshc, SSH_SFTP_QUOTE_UNLINK); return result; } else if(!strncmp(cmd, "statvfs ", 8)) { + if(*cp) + return_quote_error(data, sshc); myssh_state(data, sshc, SSH_SFTP_QUOTE_STATVFS); return result; } From 1e90a63a49e9cbfea8ff52055576df1189b47a7d Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 12 Oct 2025 11:15:08 +0200 Subject: [PATCH 0428/2408] sws: pass in socket reference to allow function to close it The function service_connection() now passes in a reference to the socket instead of by value since the sub function http_connect() might close it and set *infdp = CURL_SOCKET_BAD. This would previously not be detected when service_connection() returned and potentially cause a double close of the socket. Reported-by: Joshua Rogers Closes #19031 --- tests/server/sws.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/server/sws.c b/tests/server/sws.c index 1fbbb3c247..caa5605534 100644 --- a/tests/server/sws.c +++ b/tests/server/sws.c @@ -1898,7 +1898,7 @@ static curl_socket_t accept_connection(curl_socket_t sock) /* returns 1 if the connection should be serviced again immediately, 0 if there is no data waiting, or < 0 if it should be closed */ -static int service_connection(curl_socket_t msgsock, +static int service_connection(curl_socket_t *msgsock, struct sws_httprequest *req, curl_socket_t listensock, const char *connecthost, @@ -1908,7 +1908,7 @@ static int service_connection(curl_socket_t msgsock, return -1; while(!req->done_processing) { - int rc = sws_get_request(msgsock, req); + int rc = sws_get_request(*msgsock, req); if(rc <= 0) { /* Nothing further to read now, possibly because the socket was closed */ return rc; @@ -1928,7 +1928,7 @@ static int service_connection(curl_socket_t msgsock, } } - sws_send_doc(msgsock, req); + sws_send_doc(*msgsock, req); if(got_exit_signal) return -1; @@ -1948,7 +1948,7 @@ static int service_connection(curl_socket_t msgsock, return 1; } else { - http_connect(&msgsock, listensock, connecthost, req->connect_port, + http_connect(msgsock, listensock, connecthost, req->connect_port, keepalive_secs); return -1; } @@ -2391,7 +2391,7 @@ static int test_sws(int argc, char *argv[]) /* Service this connection until it has nothing available */ do { - rc = service_connection(all_sockets[socket_idx], req, sock, + rc = service_connection(&all_sockets[socket_idx], req, sock, connecthost, keepalive_secs); if(got_exit_signal) goto sws_cleanup; From 1feeda422e4bf247d9181a06e5642ca5cc3bdfb2 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 12 Oct 2025 11:24:07 +0200 Subject: [PATCH 0429/2408] examples/synctime: fix null termination assumptions bonus: dont parse argv[0] for options Reported-by: Joshua Rogers Closes #19032 --- docs/examples/synctime.c | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/docs/examples/synctime.c b/docs/examples/synctime.c index 591761fe1c..071037a448 100644 --- a/docs/examples/synctime.c +++ b/docs/examples/synctime.c @@ -117,7 +117,6 @@ static SYSTEMTIME LOCALTime; #define HTTP_COMMAND_HEAD 0 #define HTTP_COMMAND_GET 1 - static size_t SyncTime_CURL_WriteOutput(void *ptr, size_t size, size_t nmemb, void *stream) { @@ -125,6 +124,7 @@ static size_t SyncTime_CURL_WriteOutput(void *ptr, size_t size, size_t nmemb, return nmemb * size; } +/* Remember: do not assume headers are passed on null terminated! */ static size_t SyncTime_CURL_WriteHeader(void *ptr, size_t size, size_t nmemb, void *stream) { @@ -135,18 +135,22 @@ static size_t SyncTime_CURL_WriteHeader(void *ptr, size_t size, size_t nmemb, if(ShowAllHeader == 1) fprintf(stderr, "%.*s", (int)nmemb, (char *)ptr); - if(strncmp((char *)ptr, "Date:", 5) == 0) { + if((nmemb >= 5) && !strncmp((char *)ptr, "Date:", 5)) { if(ShowAllHeader == 0) fprintf(stderr, "HTTP Server. %.*s", (int)nmemb, (char *)ptr); if(AutoSyncTime == 1) { - int RetVal; + int RetVal = 0; + char *field = ptr; *TmpStr1 = 0; *TmpStr2 = 0; - RetVal = sscanf((char *)ptr, "Date: %25s %hu %25s %hu %hu:%hu:%hu", - TmpStr1, &SYSTime.wDay, TmpStr2, &SYSTime.wYear, - &SYSTime.wHour, &SYSTime.wMinute, - &SYSTime.wSecond); + if(nmemb && (field[nmemb] == '\n')) { + field[nmemb] = 0; /* null terminated */ + RetVal = sscanf(field, "Date: %25s %hu %25s %hu %hu:%hu:%hu", + TmpStr1, &SYSTime.wDay, TmpStr2, &SYSTime.wYear, + &SYSTime.wHour, &SYSTime.wMinute, + &SYSTime.wSecond); + } if(RetVal == 7) { int i; @@ -165,7 +169,7 @@ static size_t SyncTime_CURL_WriteHeader(void *ptr, size_t size, size_t nmemb, } } - if(strncmp((char *)ptr, "X-Cache: HIT", 12) == 0) { + if((nmemb >= 12) && !strncmp((char *)ptr, "X-Cache: HIT", 12)) { fprintf(stderr, "ERROR: HTTP Server data is cached." " Server Date is no longer valid.\n"); AutoSyncTime = 0; @@ -251,7 +255,7 @@ int main(int argc, char *argv[]) conf_init(conf); if(argc > 1) { - int OptionIndex = 0; + int OptionIndex = 1; while(OptionIndex < argc) { if(strncmp(argv[OptionIndex], "--server=", 9) == 0) snprintf(conf->timeserver, MAX_STRING, "%s", &argv[OptionIndex][9]); From e90b2aaa7e9dce64c3d7416b17a7c2feb7208db3 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 12 Oct 2025 11:38:39 +0200 Subject: [PATCH 0430/2408] tftp: error requests for blank filenames Reported-by: Joshua Rogers Closes #19033 --- lib/tftp.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lib/tftp.c b/lib/tftp.c index 8279f29e65..0a9b8a8e87 100644 --- a/lib/tftp.c +++ b/lib/tftp.c @@ -460,6 +460,10 @@ static CURLcode tftp_send_first(struct tftp_conn *state, /* As RFC3617 describes the separator slash is not actually part of the filename so we skip the always-present first letter of the path string. */ + if(!state->data->state.up.path[1]) { + failf(data, "Missing filename"); + return CURLE_TFTP_ILLEGAL; + } result = Curl_urldecode(&state->data->state.up.path[1], 0, &filename, NULL, REJECT_ZERO); if(result) From cde85412d03a52ed801b1e936f43ac033af65cf0 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 13 Oct 2025 08:27:01 +0200 Subject: [PATCH 0431/2408] KNOWN_BUGS: We do not support auth-int for Digest using PUT or POST Closes #19038 --- docs/KNOWN_BUGS | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/KNOWN_BUGS b/docs/KNOWN_BUGS index c9beb28361..d4e4423094 100644 --- a/docs/KNOWN_BUGS +++ b/docs/KNOWN_BUGS @@ -43,6 +43,7 @@ problems may have been fixed or changed somewhat since this was written. 5.15 Unicode on Windows 6. Authentication + 6.1 Digest auth-int for PUT/POST 6.2 MIT Kerberos for Windows build 6.3 NTLM in system context uses wrong name 6.5 NTLM does not support password with Unicode 'SECTION SIGN' character @@ -301,6 +302,10 @@ problems may have been fixed or changed somewhat since this was written. 6. Authentication +6.1 Digest auth-int for PUT/POST + + We do not support auth-int for Digest using PUT or POST + 6.2 MIT Kerberos for Windows build libcurl fails to build with MIT Kerberos for Windows (KfW) due to KfW's From 56450ce26fa6ec05d1a1d63ee07efb9a204b656e Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 12 Oct 2025 23:48:14 +0200 Subject: [PATCH 0432/2408] tool_msgs: make errorf() show if --show-error Assisted-by: Mitchell Blank Jr Ref: #19029 Closes #19035 --- src/tool_msgs.c | 79 +++++++++++++++++++++++++------------------------ 1 file changed, 40 insertions(+), 39 deletions(-) diff --git a/src/tool_msgs.c b/src/tool_msgs.c index f83cdc76c1..896788745c 100644 --- a/src/tool_msgs.c +++ b/src/tool_msgs.c @@ -43,45 +43,43 @@ static void voutf(const char *prefix, va_list ap) { size_t width = (get_terminal_columns() - strlen(prefix)); + size_t len; + char *ptr; + char *print_buffer; DEBUGASSERT(!strchr(fmt, '\n')); - if(!global->silent) { - size_t len; - char *ptr; - char *print_buffer; - print_buffer = curl_mvaprintf(fmt, ap); - if(!print_buffer) - return; - len = strlen(print_buffer); + print_buffer = curl_mvaprintf(fmt, ap); + if(!print_buffer) + return; + len = strlen(print_buffer); - ptr = print_buffer; - while(len > 0) { - fputs(prefix, tool_stderr); + ptr = print_buffer; + while(len > 0) { + fputs(prefix, tool_stderr); - if(len > width) { - size_t cut = width-1; + if(len > width) { + size_t cut = width-1; - while(!ISBLANK(ptr[cut]) && cut) { - cut--; - } - if(cut == 0) - /* not a single cutting position was found, just cut it at the - max text width then! */ - cut = width-1; - - (void)fwrite(ptr, cut + 1, 1, tool_stderr); - fputs("\n", tool_stderr); - ptr += cut + 1; /* skip the space too */ - len -= cut + 1; - } - else { - fputs(ptr, tool_stderr); - fputs("\n", tool_stderr); - len = 0; + while(!ISBLANK(ptr[cut]) && cut) { + cut--; } + if(cut == 0) + /* not a single cutting position was found, just cut it at the + max text width then! */ + cut = width-1; + + (void)fwrite(ptr, cut + 1, 1, tool_stderr); + fputs("\n", tool_stderr); + ptr += cut + 1; /* skip the space too */ + len -= cut + 1; + } + else { + fputs(ptr, tool_stderr); + fputs("\n", tool_stderr); + len = 0; } - curl_free(print_buffer); } + curl_free(print_buffer); } /* @@ -90,11 +88,12 @@ static void voutf(const char *prefix, */ void notef(const char *fmt, ...) { - va_list ap; - va_start(ap, fmt); - if(global->tracetype) + if(global->tracetype) { + va_list ap; + va_start(ap, fmt); voutf(NOTE_PREFIX, fmt, ap); - va_end(ap); + va_end(ap); + } } /* @@ -103,10 +102,12 @@ void notef(const char *fmt, ...) */ void warnf(const char *fmt, ...) { - va_list ap; - va_start(ap, fmt); - voutf(WARN_PREFIX, fmt, ap); - va_end(ap); + if(!global->silent) { + va_list ap; + va_start(ap, fmt); + voutf(WARN_PREFIX, fmt, ap); + va_end(ap); + } } /* From 27375ca36489475796a0e533bea6b040b0712da0 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 12 Oct 2025 15:58:43 +0200 Subject: [PATCH 0433/2408] tool_getparam: make --fail and --fail-with-body override each other This allows users to put one of them in their .curlrc and still easily use the other one at will in command lines. The --no-* versions disable both of them. Reported-by: Mitchell Blank Jr Fixes #19029 Closes #19034 --- src/config2setopts.c | 2 +- src/tool_cfgable.h | 7 +++++-- src/tool_getparam.c | 24 +++++++++--------------- src/tool_operate.c | 5 ++--- tests/data/test360 | 26 +++++++++++++++++++++----- 5 files changed, 38 insertions(+), 26 deletions(-) diff --git a/src/config2setopts.c b/src/config2setopts.c index 0a519ed048..c367959ccb 100644 --- a/src/config2setopts.c +++ b/src/config2setopts.c @@ -851,7 +851,7 @@ CURLcode config2setopts(struct OperationConfig *config, if(result) return result; - my_setopt_long(curl, CURLOPT_FAILONERROR, config->failonerror); + my_setopt_long(curl, CURLOPT_FAILONERROR, config->fail == FAIL_WO_BODY); my_setopt_str(curl, CURLOPT_REQUEST_TARGET, config->request_target); my_setopt_long(curl, CURLOPT_UPLOAD, !!per->uploadfile); my_setopt_long(curl, CURLOPT_DIRLISTONLY, config->dirlistonly); diff --git a/src/tool_cfgable.h b/src/tool_cfgable.h index 3c67695124..630f23fd96 100644 --- a/src/tool_cfgable.h +++ b/src/tool_cfgable.h @@ -58,6 +58,10 @@ struct State { curl_off_t urlidx; /* index for globbed URLs */ }; +#define FAIL_NONE 0 +#define FAIL_WITH_BODY 1 +#define FAIL_WO_BODY 2 + struct OperationConfig { struct dynbuf postdata; char *useragent; @@ -223,6 +227,7 @@ struct OperationConfig { unsigned short porttouse; unsigned char ssl_version; /* 0 - 4, 0 being default */ unsigned char ssl_version_max; /* 0 - 4, 0 being default */ + unsigned char fail; /* NONE, with body, without body */ BIT(remote_name_all); /* --remote-name-all */ BIT(remote_time); BIT(cookiesession); /* new session? */ @@ -241,8 +246,6 @@ struct OperationConfig { BIT(ftp_append); /* APPE on ftp */ BIT(use_ascii); /* select ASCII or text transfer */ BIT(autoreferer); /* automatically set referer */ - BIT(failonerror); /* fail on (HTTP) errors */ - BIT(failwithbody); /* fail on (HTTP) errors but still store body */ BIT(show_headers); /* show headers to data output */ BIT(no_body); /* do not get the body */ BIT(dirlistonly); /* only get the FTP dir list */ diff --git a/src/tool_getparam.c b/src/tool_getparam.c index b533f41aa7..0cff5b558d 100644 --- a/src/tool_getparam.c +++ b/src/tool_getparam.c @@ -2037,14 +2037,6 @@ static ParameterError opt_bool(struct OperationConfig *config, case C_MAIL_RCPT_ALLOWFAILS: /* --mail-rcpt-allowfails */ config->mail_rcpt_allowfails = toggle; break; - case C_FAIL_WITH_BODY: /* --fail-with-body */ - config->failwithbody = toggle; - if(config->failonerror && config->failwithbody) { - errorf("You must select either --fail or " - "--fail-with-body, not both."); - return PARAM_BAD_USE; - } - break; case C_REMOVE_ON_ERROR: /* --remove-on-error */ if(config->use_resume && toggle) { errorf("--continue-at is mutually exclusive with --remove-on-error"); @@ -2052,13 +2044,15 @@ static ParameterError opt_bool(struct OperationConfig *config, } config->rm_partial = toggle; break; - case C_FAIL: /* --fail */ - config->failonerror = toggle; - if(config->failonerror && config->failwithbody) { - errorf("You must select either --fail or " - "--fail-with-body, not both."); - return PARAM_BAD_USE; - } + case C_FAIL: /* --fail without body */ + if(toggle && (config->fail == FAIL_WITH_BODY)) + warnf("--fail deselects --fail-with-body here"); + config->fail = toggle ? FAIL_WO_BODY : FAIL_NONE; + break; + case C_FAIL_WITH_BODY: /* --fail-with-body */ + if(toggle && (config->fail == FAIL_WO_BODY)) + warnf("--fail-with-body deselects --fail here"); + config->fail = toggle ? FAIL_WITH_BODY : FAIL_NONE; break; case C_GLOBOFF: /* --globoff */ config->globoff = toggle; diff --git a/src/tool_operate.c b/src/tool_operate.c index 1901ab3ac1..397b2159e1 100644 --- a/src/tool_operate.c +++ b/src/tool_operate.c @@ -393,8 +393,7 @@ static CURLcode retrycheck(struct OperationConfig *config, retry = RETRY_CONNREFUSED; } else if((CURLE_OK == result) || - ((config->failonerror || config->failwithbody) && - (CURLE_HTTP_RETURNED_ERROR == result))) { + (config->fail && (CURLE_HTTP_RETURNED_ERROR == result))) { /* If it returned OK. _or_ failonerror was enabled and it returned due to such an error, check for HTTP transient errors to retry on. */ @@ -659,7 +658,7 @@ static CURLcode post_per_transfer(struct per_transfer *per, if(result == CURLE_PEER_FAILED_VERIFICATION) fputs(CURL_CA_CERT_ERRORMSG, tool_stderr); } - else if(config->failwithbody) { + else if(config->fail == FAIL_WITH_BODY) { /* if HTTP response >= 400, return error */ long code = 0; curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &code); diff --git a/tests/data/test360 b/tests/data/test360 index b7d570d7b6..f98d03a036 100644 --- a/tests/data/test360 +++ b/tests/data/test360 @@ -6,7 +6,23 @@ -# Client-side + + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes + +-foo- + + + http @@ -15,14 +31,14 @@ http Error on both --fail-with-body and --fail -http://%HOSTIP:%HTTPPORT/%TESTNUMBER --fail-with-body --fail +http://%HOSTIP:%HTTPPORT/%TESTNUMBER --fail-with-body --fail --no-progress-meter # Verify data after the test has been "shot" - -2 - + +Warning: --fail deselects --fail-with-body here + From 67c4256f7e4f00d8e85b9a7da0b6004bfe5669e1 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 13 Oct 2025 08:41:38 +0200 Subject: [PATCH 0434/2408] pop3: function could get the ->transfer field wrong In pop3_perform(), pop3->transfer was derived from the old data->req.no_body. Then, pop3_perform_command() re-computed data->req.no_body. Now we instead call pop3_perform_command() first. Reported-by: Joshua Rogers Closes #19039 --- lib/pop3.c | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/lib/pop3.c b/lib/pop3.c index dbcc2d198d..a0fd881a79 100644 --- a/lib/pop3.c +++ b/lib/pop3.c @@ -1377,18 +1377,17 @@ static CURLcode pop3_perform(struct Curl_easy *data, bool *connected, DEBUGF(infof(data, "DO phase starts")); - if(data->req.no_body) { - /* Requested no body means no transfer */ - pop3->transfer = PPTRANSFER_INFO; - } - - *dophase_done = FALSE; /* not done yet */ - - /* Start the first command in the DO phase */ + /* Start the first command in the DO phase, may alter data->req.no_body */ result = pop3_perform_command(data); if(result) return result; + if(data->req.no_body) + /* Requested no body means no transfer */ + pop3->transfer = PPTRANSFER_INFO; + + *dophase_done = FALSE; /* not done yet */ + /* Run the state-machine */ result = pop3_multi_statemach(data, dophase_done); *connected = Curl_conn_is_connected(data->conn, FIRSTSOCKET); From e003c0b25934bd8875ce34df2e4141fe518356ae Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 13 Oct 2025 09:24:57 +0200 Subject: [PATCH 0435/2408] socks_sspi: remove the enforced mode clearing Reported-by: Joshua Rogers Closes #19040 --- lib/socks_sspi.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/lib/socks_sspi.c b/lib/socks_sspi.c index 69b0004219..54049e8c99 100644 --- a/lib/socks_sspi.c +++ b/lib/socks_sspi.c @@ -325,8 +325,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, infof(data, "SOCKS5 server supports GSS-API %s data protection.", (gss_enc == 0) ? "no" : ((gss_enc == 1) ? "integrity":"confidentiality") ); - /* force to no data protection, avoid encryption/decryption for now */ - gss_enc = 0; + /* * Sending the encryption type in clear seems wrong. It should be * protected with gss_seal()/gss_wrap(). See RFC1961 extract below From dee72fe31e3c07433b0f7c103bc416a65f572e03 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 13 Oct 2025 09:36:08 +0200 Subject: [PATCH 0436/2408] libssh2: fix EAGAIN return in ssh_state_auth_agent Reported-by: Joshua Rogers Closes #19042 --- lib/vssh/libssh2.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c index ad416aba8e..dfdb8526d6 100644 --- a/lib/vssh/libssh2.c +++ b/lib/vssh/libssh2.c @@ -1850,8 +1850,9 @@ static CURLcode ssh_state_auth_agent(struct Curl_easy *data, if(rc != LIBSSH2_ERROR_EAGAIN) { /* tried and failed? go to next identity */ sshc->sshagent_prev_identity = sshc->sshagent_identity; + return CURLE_OK; } - return CURLE_OK; + return CURLE_AGAIN; } } From 5e74b2df345c702359926b78fa8c32a08689058e Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 11 Oct 2025 10:48:23 +0200 Subject: [PATCH 0437/2408] REUSE: move copyright headers to `.checksrc` To make it simpler to move them around, create and delete them without syncing with `REUSE.toml`. Also: - checksrc: allow empty lines in `.checksrc`. - comment on why curl printfs are disallowed in examples. Closes #19024 --- REUSE.toml | 5 ----- docs/examples/.checksrc | 6 ++++++ scripts/.checksrc | 4 ++++ scripts/checksrc.pl | 4 ++++ src/.checksrc | 4 ++++ tests/server/.checksrc | 4 ++++ 6 files changed, 22 insertions(+), 5 deletions(-) diff --git a/REUSE.toml b/REUSE.toml index d3b98edb48..40531913af 100644 --- a/REUSE.toml +++ b/REUSE.toml @@ -39,11 +39,6 @@ path = [ "tests/certs/**", "tests/data/test**", "tests/valgrind.supp", - # checksrc control files - "docs/examples/.checksrc", - "scripts/.checksrc", - "src/.checksrc", - "tests/server/.checksrc", ] SPDX-FileCopyrightText = "Daniel Stenberg, , et al." SPDX-License-Identifier = "curl" diff --git a/docs/examples/.checksrc b/docs/examples/.checksrc index c81d159768..e35dccc726 100644 --- a/docs/examples/.checksrc +++ b/docs/examples/.checksrc @@ -1,3 +1,7 @@ +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl + allowfunc fclose allowfunc fdopen allowfunc fopen @@ -11,6 +15,8 @@ allowfunc socket allowfunc sscanf allowfunc strerror allowfunc vsnprintf + +# Use of curl printf functions is discouraged banfunc curl_maprintf banfunc curl_mfprintf banfunc curl_mprintf diff --git a/scripts/.checksrc b/scripts/.checksrc index 84d62d2b75..03e98fee89 100644 --- a/scripts/.checksrc +++ b/scripts/.checksrc @@ -1 +1,5 @@ +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl + allowfunc printf diff --git a/scripts/checksrc.pl b/scripts/checksrc.pl index 5a8c80ebfe..c424924e45 100755 --- a/scripts/checksrc.pl +++ b/scripts/checksrc.pl @@ -202,6 +202,10 @@ sub readlocalfile { if(/^\s*(#.*)/) { next; } + # Skip empty lines + elsif($_ eq '') { + next; + } elsif(/^enable ([A-Z]+)$/) { if(!defined($warnings_extended{$1})) { print STDERR "invalid warning specified in .checksrc: \"$1\"\n"; diff --git a/src/.checksrc b/src/.checksrc index 946367c499..bc97c06028 100644 --- a/src/.checksrc +++ b/src/.checksrc @@ -1 +1,5 @@ +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl + enable STDERR diff --git a/tests/server/.checksrc b/tests/server/.checksrc index d4be12473a..a4e094e1c9 100644 --- a/tests/server/.checksrc +++ b/tests/server/.checksrc @@ -1,3 +1,7 @@ +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl + allowfunc accept allowfunc fclose allowfunc fopen From 6d0fcdf2ed9942ad92665c2b96ab431c8829b53d Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 13 Oct 2025 09:45:28 +0200 Subject: [PATCH 0438/2408] libssh: catch a resume point larger than the size As it would otherwise trigger broken math Reported-by: Joshua Rogers Closes #19044 --- lib/vssh/libssh.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c index 69666c5388..6bb32643af 100644 --- a/lib/vssh/libssh.c +++ b/lib/vssh/libssh.c @@ -1239,6 +1239,10 @@ static int myssh_in_UPLOAD_INIT(struct Curl_easy *data, /* now, decrease the size of the read */ if(data->state.infilesize > 0) { + if(data->state.resume_from > data->state.infilesize) { + failf(data, "Resume point beyond size"); + return myssh_to_ERROR(data, sshc, CURLE_BAD_FUNCTION_ARGUMENT); + } data->state.infilesize -= data->state.resume_from; data->req.size = data->state.infilesize; Curl_pgrsSetUploadSize(data, data->state.infilesize); From f1828b54047dba804d04e4c0ebd402c6e9a11533 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 13 Oct 2025 09:40:38 +0200 Subject: [PATCH 0439/2408] libssh2: avoid risking using an uninitialized local struct field Reported-by: Joshua Rogers Closes #19043 --- lib/vssh/libssh2.c | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c index dfdb8526d6..ee468bb359 100644 --- a/lib/vssh/libssh2.c +++ b/lib/vssh/libssh2.c @@ -1428,6 +1428,7 @@ sftp_download_stat(struct Curl_easy *data, data->req.size = -1; data->req.maxdownload = -1; Curl_pgrsSetDownloadSize(data, -1); + attrs.filesize = 0; /* might be uninitialized but will be read below */ } else { curl_off_t size = attrs.filesize; From 6deea19eb4396e68b42b2b7d3b32aaba8f30b03b Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 13 Oct 2025 16:03:46 +0200 Subject: [PATCH 0440/2408] RELEASE-NOTES: synced --- RELEASE-NOTES | 53 ++++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 46 insertions(+), 7 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 4d5ce575ce..986a21bea7 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -4,7 +4,7 @@ curl and libcurl 8.17.0 Command line options: 273 curl_easy_setopt() options: 308 Public functions in libcurl: 100 - Contributors: 3515 + Contributors: 3517 This release includes the following changes: @@ -23,6 +23,7 @@ This release includes the following changes: This release includes the following bugfixes: o ares: fix leak in tracing [91] + o asyn-ares: remove wrong comment about the callback argument [306] o asyn-ares: use the duped hostname pointer for all calls [158] o asyn-thrdd resolver: clear timeout when done [97] o asyn-thrdd: drop pthread_cancel [30] @@ -92,10 +93,13 @@ This release includes the following bugfixes: o docs/libcurl: clarify some timeout option behavior [15] o docs/libcurl: remove ancient version references [7] o docs/libcurl: use lowercase must [5] + o docs: expand on quoting rules for file names in SFTP quote [300] o docs: fix/tidy code fences [87] + o doswin: CloseHandle the thread on shutdown [307] o easy_getinfo: check magic, Curl_close safety [3] o examples/sessioninfo: cast printf string mask length to int [232] o examples/sessioninfo: do not disable security [255] + o examples/synctime: fix null termination assumptions [297] o examples/synctime: make the sscanf not overflow the local buffer [252] o examples/usercertinmem: avoid stripping const [247] o examples: drop unused `curl/mprintf.h` includes [224] @@ -134,21 +138,28 @@ This release includes the following bugfixes: o ldap: avoid null ptr deref on failure [284] o ldap: do not base64 encode zero length string [42] o ldap: tidy-up types, fix error code confusion [191] + o lib1514: fix return code mixup [304] o lib: drop unused include and duplicate guards [226] o lib: fix build error and compiler warnings with verbose strings disabled [173] o lib: remove personal names from comments [168] + o lib: SSL connection reuse [301] o lib: upgrade/multiplex handling [136] o libcurl-multi.md: added curl_multi_get_offt mention [53] o libcurl-security.md: mention long-running connections [6] + o libssh/libssh2: reject quote command lines with too much data [299] o libssh/sftp: fix resume corruption by avoiding O_APPEND with rresume [263] o libssh2/sftp: fix resume corruption by avoiding O_APPEND with rresume [262] o libssh2/sftp_realpath: change state consistently [185] + o libssh2: avoid risking using an uninitialized local struct field [209] o libssh2: bail out on chgrp and chown number parsing errors [202] o libssh2: clarify that sshp->path is always at least one byte [201] o libssh2: drop two redundant null-terminations [26] o libssh2: error check and null-terminate in ssh_state_sftp_readdir_link() [34] + o libssh2: fix EAGAIN return in ssh_state_auth_agent [290] o libssh2: fix return code for EAGAIN [186] + o libssh2: use sockindex consistently [302] o libssh: acknowledge SSH_AGAIN in the SFTP state machine [89] + o libssh: catch a resume point larger than the size [281] o libssh: clarify myssh_block2waitfor [92] o libssh: drop two unused assignments [104] o libssh: error on bad chgrp number [71] @@ -197,6 +208,7 @@ This release includes the following bugfixes: o OS400: fix a use-after-free/double-free case [142] o osslq: set idle timeout to 0 [237] o pingpong: remove two old leftover debug infof() calls + o pop3: function could get the ->transfer field wrong [292] o pytest: skip specific tests for no-verbose builds [171] o quic: fix min TLS version handling [14] o quic: ignore EMSGSIZE on receive [4] @@ -218,6 +230,7 @@ This release includes the following bugfixes: o setopt: allow CURLOPT_DNS_CACHE_TIMEOUT set to -1 [257] o setopt: make CURLOPT_MAXREDIRS accept -1 (again) [1] o smb: adjust buffer size checks [45] + o smb: transfer debugassert to real check [303] o smtp: check EHLO responses case insensitively [50] o socks: advance iobuf instead of reset [276] o socks: deny server basic-auth if not configured [264] @@ -231,10 +244,13 @@ This release includes the following bugfixes: o socks_gssapi: remove the forced "no protection" [143] o socks_sspi: bail out on too long fields [137] o socks_sspi: fix memory cleanup calls [40] + o socks_sspi: remove the enforced mode clearing [291] o socks_sspi: restore non-blocking socket on error paths [48] + o socksd: remove --bindonly mention, there is no such option [305] o ssl-sessions.md: mark option experimental [12] o strerror: drop workaround for SalfordC win32 header bug [214] o sws: fix checking `sscanf()` return value [17] + o sws: pass in socket reference to allow function to close it [298] o tcp-nodelay.md: expand the documentation [153] o telnet: ignore empty suboptions [86] o telnet: make bad_option() consider NULL a bad option too [192] @@ -249,6 +265,7 @@ This release includes the following bugfixes: o tests/server: drop unsafe `open()` override in signal handler (Windows) [151] o tftp: check and act on tftp_set_timeouts() returning error [38] o tftp: default timeout per block is now 15 seconds [156] + o tftp: error requests for blank filenames [296] o tftp: handle tftp_multi_statemach() return code [65] o tftp: pin the first used address [110] o tftp: propagate expired timer from tftp_state_timeout() [39] @@ -270,7 +287,9 @@ This release includes the following bugfixes: o tool_filetime: replace cast with the fitting printf mask (Windows) [212] o tool_getparam/set_rate: skip the multiplication on overflow [84] o tool_getparam: always disable "lib-ids" for tracing [169] + o tool_getparam: make --fail and --fail-with-body override each other [293] o tool_getparam: warn if provided header looks malformed [179] + o tool_msgs: make errorf() show if --show-error [294] o tool_operate: improve wording in retry message [37] o tool_operate: keep failed partial download for retry auto-resume [210] o tool_operate: keep the progress meter for --out-null [33] @@ -325,14 +344,15 @@ advice from friends like these: Andrew Olsen, BobodevMm on github, Christian Schmitz, Dan Fandrich, Daniel Stenberg, Daniel Terhorst-North, dependabot[bot], divinity76 on github, Emilio Pozuelo Monfort, Ethan Everett, - Evgeny Grin (Karlson2k), fds242 on github, Howard Chu, Ignat Loskutov, - Javier Blazquez, Jicea, jmaggard10 on github, Johannes Schindelin, - Joseph Birr-Pixton, Joshua Rogers, kapsiR on github, kuchara on github, - Marcel Raad, Michael Osipov, Michał Petryka, Mohamed Daahir, Nir Azkiel, - Patrick Monnerat, Pocs Norbert, Ray Satiro, renovate[bot], rinsuki on github, + Evgeny Grin (Karlson2k), fds242 on github, Harry Sintonen, Howard Chu, + Ignat Loskutov, Javier Blazquez, Jicea, jmaggard10 on github, + Johannes Schindelin, Joseph Birr-Pixton, Joshua Rogers, kapsiR on github, + kuchara on github, Marcel Raad, Michael Osipov, Michał Petryka, + Mitchell Blank Jr, Mohamed Daahir, Nir Azkiel, Patrick Monnerat, + Pocs Norbert, Ray Satiro, renovate[bot], rinsuki on github, Sakthi SK, Samuel Dionne-Riel, Samuel Henrique, Stanislav Fort, Stefan Eissing, tkzv on github, Viktor Szakats - (42 contributors) + (45 contributors) References to bug reports and discussions on issues: @@ -544,6 +564,7 @@ References to bug reports and discussions on issues: [206] = https://curl.se/bug/?i=18868 [207] = https://curl.se/bug/?i=18872 [208] = https://curl.se/bug/?i=18972 + [209] = https://curl.se/bug/?i=19043 [210] = https://curl.se/bug/?i=18035 [211] = https://curl.se/bug/?i=18860 [212] = https://curl.se/bug/?i=18858 @@ -615,6 +636,7 @@ References to bug reports and discussions on issues: [278] = https://curl.se/bug/?i=18993 [279] = https://curl.se/bug/?i=18992 [280] = https://curl.se/bug/?i=18973 + [281] = https://curl.se/bug/?i=19044 [282] = https://curl.se/bug/?i=18990 [283] = https://curl.se/bug/?i=18989 [284] = https://curl.se/bug/?i=18988 @@ -622,3 +644,20 @@ References to bug reports and discussions on issues: [286] = https://curl.se/bug/?i=18986 [287] = https://curl.se/bug/?i=18985 [288] = https://curl.se/bug/?i=18984 + [290] = https://curl.se/bug/?i=19042 + [291] = https://curl.se/bug/?i=19040 + [292] = https://curl.se/bug/?i=19039 + [293] = https://curl.se/bug/?i=19029 + [294] = https://curl.se/bug/?i=19035 + [296] = https://curl.se/bug/?i=19033 + [297] = https://curl.se/bug/?i=19032 + [298] = https://curl.se/bug/?i=19031 + [299] = https://curl.se/bug/?i=19030 + [300] = https://curl.se/bug/?i=19025 + [301] = https://curl.se/bug/?i=19006 + [302] = https://curl.se/bug/?i=19004 + [303] = https://curl.se/bug/?i=19003 + [304] = https://curl.se/bug/?i=19027 + [305] = https://curl.se/bug/?i=19026 + [306] = https://curl.se/bug/?i=19014 + [307] = https://curl.se/bug/?i=18996 From 497b3f022e9031eaa134697a5f5542b9d5ea3611 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 13 Oct 2025 13:44:23 +0200 Subject: [PATCH 0441/2408] checksrc: allow disabling warnings on FIXME/TODO comments Follow-up to 71ace9f3c16a434385fc27b3e8bffb52deb6ccd1 Closes #19048 --- scripts/checksrc.pl | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/checksrc.pl b/scripts/checksrc.pl index c424924e45..7059d68575 100755 --- a/scripts/checksrc.pl +++ b/scripts/checksrc.pl @@ -134,6 +134,7 @@ my %warnings = ( 'EQUALSNULL' => 'if/while comparison with == NULL', 'ERRNOVAR' => 'use of bare errno define', 'EXCLAMATIONSPACE' => 'Whitespace after exclamation mark in expression', + 'FIXME' => 'FIXME or TODO comment', 'FOPENMODE' => 'fopen needs a macro for the mode string', 'INCLUDEDUP', => 'same file is included again', 'INDENTATION' => 'wrong start column for code', From 5cf0a6789da260518ed025d41d7dd6a7069fbfcd Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 13 Oct 2025 16:08:42 +0200 Subject: [PATCH 0442/2408] examples: call `curl_global_cleanup()` where missing Reported-by: Joshua Rogers (for `sepheaders.c`) Closes #19051 --- docs/examples/multi-uv.c | 2 ++ docs/examples/persistent.c | 2 ++ docs/examples/postit2-formadd.c | 3 +++ docs/examples/postit2.c | 3 +++ docs/examples/sepheaders.c | 2 ++ docs/examples/smooth-gtk-thread.c | 2 ++ docs/examples/synctime.c | 3 +++ docs/examples/threaded-ssl.c | 2 ++ 8 files changed, 19 insertions(+) diff --git a/docs/examples/multi-uv.c b/docs/examples/multi-uv.c index 8cebcd5e26..cc27668d57 100644 --- a/docs/examples/multi-uv.c +++ b/docs/examples/multi-uv.c @@ -252,5 +252,7 @@ int main(int argc, char **argv) uv_run(uv.loop, UV_RUN_DEFAULT); curl_multi_cleanup(uv.multi); + curl_global_cleanup(); + return 0; } diff --git a/docs/examples/persistent.c b/docs/examples/persistent.c index be5e8c33e6..ffcf343fbf 100644 --- a/docs/examples/persistent.c +++ b/docs/examples/persistent.c @@ -66,5 +66,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return 0; } diff --git a/docs/examples/postit2-formadd.c b/docs/examples/postit2-formadd.c index 0d9034612a..88fb924750 100644 --- a/docs/examples/postit2-formadd.c +++ b/docs/examples/postit2-formadd.c @@ -115,5 +115,8 @@ int main(int argc, char *argv[]) /* free slist */ curl_slist_free_all(headerlist); } + + curl_global_cleanup(); + return 0; } diff --git a/docs/examples/postit2.c b/docs/examples/postit2.c index 0f12cd4786..d16d3fccf6 100644 --- a/docs/examples/postit2.c +++ b/docs/examples/postit2.c @@ -100,5 +100,8 @@ int main(int argc, char *argv[]) /* free slist */ curl_slist_free_all(headerlist); } + + curl_global_cleanup(); + return 0; } diff --git a/docs/examples/sepheaders.c b/docs/examples/sepheaders.c index 31a3201241..8f48033a0d 100644 --- a/docs/examples/sepheaders.c +++ b/docs/examples/sepheaders.c @@ -91,5 +91,7 @@ int main(void) /* cleanup curl stuff */ curl_easy_cleanup(curl_handle); + curl_global_cleanup(); + return 0; } diff --git a/docs/examples/smooth-gtk-thread.c b/docs/examples/smooth-gtk-thread.c index 49a412d958..dc79276ba8 100644 --- a/docs/examples/smooth-gtk-thread.c +++ b/docs/examples/smooth-gtk-thread.c @@ -214,5 +214,7 @@ int main(int argc, char **argv) gdk_threads_leave(); printf("gdk_threads_leave\n"); + curl_global_cleanup(); + return 0; } diff --git a/docs/examples/synctime.c b/docs/examples/synctime.c index 071037a448..d5f5a5bfde 100644 --- a/docs/examples/synctime.c +++ b/docs/examples/synctime.c @@ -360,6 +360,9 @@ int main(int argc, char *argv[]) conf_init(conf); curl_easy_cleanup(curl); } + + curl_global_cleanup(); + return RetValue; } #endif /* CURL_WINDOWS_UWP */ diff --git a/docs/examples/threaded-ssl.c b/docs/examples/threaded-ssl.c index 3868899e4f..98377ee840 100644 --- a/docs/examples/threaded-ssl.c +++ b/docs/examples/threaded-ssl.c @@ -97,5 +97,7 @@ int main(int argc, char **argv) fprintf(stderr, "Thread %d terminated\n", i); } + curl_global_cleanup(); + return 0; } From 3049c8e0a0c31174a482dbfa46586aaed6ed9c3f Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 13 Oct 2025 16:18:40 +0200 Subject: [PATCH 0443/2408] examples: return `curl_easy_perform()` results Where missing. Or explicitly `(void)` it where we ignore it on purpose. Reported-by: Joshua Rogers (for `sepheaders.c`) Closes #19052 --- docs/examples/multithread.c | 2 +- docs/examples/sepheaders.c | 5 +++-- docs/examples/smooth-gtk-thread.c | 2 +- docs/examples/threaded-ssl.c | 2 +- docs/examples/url2file.c | 6 ++++-- 5 files changed, 10 insertions(+), 7 deletions(-) diff --git a/docs/examples/multithread.c b/docs/examples/multithread.c index b98977c443..a47758062f 100644 --- a/docs/examples/multithread.c +++ b/docs/examples/multithread.c @@ -57,7 +57,7 @@ static void *pull_one_url(void *pindex) curl = curl_easy_init(); curl_easy_setopt(curl, CURLOPT_URL, urls[i]); - curl_easy_perform(curl); /* ignores error */ + (void)curl_easy_perform(curl); /* ignores error */ curl_easy_cleanup(curl); return NULL; diff --git a/docs/examples/sepheaders.c b/docs/examples/sepheaders.c index 8f48033a0d..097183f821 100644 --- a/docs/examples/sepheaders.c +++ b/docs/examples/sepheaders.c @@ -38,6 +38,7 @@ static size_t write_data(void *ptr, size_t size, size_t nmemb, void *stream) int main(void) { + CURLcode res; CURL *curl_handle; static const char *headerfilename = "head.out"; FILE *headerfile; @@ -80,7 +81,7 @@ int main(void) curl_easy_setopt(curl_handle, CURLOPT_WRITEDATA, bodyfile); /* get it! */ - curl_easy_perform(curl_handle); + res = curl_easy_perform(curl_handle); /* close the header file */ fclose(headerfile); @@ -93,5 +94,5 @@ int main(void) curl_global_cleanup(); - return 0; + return (int)res; } diff --git a/docs/examples/smooth-gtk-thread.c b/docs/examples/smooth-gtk-thread.c index dc79276ba8..3b615cb344 100644 --- a/docs/examples/smooth-gtk-thread.c +++ b/docs/examples/smooth-gtk-thread.c @@ -80,7 +80,7 @@ static void run_one(gchar *http, int j) /* Write to the file */ curl_easy_setopt(curl, CURLOPT_WRITEDATA, outfile); curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_file); - curl_easy_perform(curl); + (void)curl_easy_perform(curl); fclose(outfile); curl_easy_cleanup(curl); diff --git a/docs/examples/threaded-ssl.c b/docs/examples/threaded-ssl.c index 98377ee840..fb60b7f160 100644 --- a/docs/examples/threaded-ssl.c +++ b/docs/examples/threaded-ssl.c @@ -64,7 +64,7 @@ static void *pull_one_url(void *pindex) might be downloading stuff from an impostor */ curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L); - curl_easy_perform(curl); /* ignores error */ + (void)curl_easy_perform(curl); /* ignores error */ curl_easy_cleanup(curl); return NULL; diff --git a/docs/examples/url2file.c b/docs/examples/url2file.c index 9ed7da5a84..c55d2a77c7 100644 --- a/docs/examples/url2file.c +++ b/docs/examples/url2file.c @@ -38,6 +38,8 @@ static size_t write_data(void *ptr, size_t size, size_t nmemb, void *stream) int main(int argc, char *argv[]) { + CURLcode res = CURLE_OK; + CURL *curl_handle; static const char *pagefilename = "page.out"; FILE *pagefile; @@ -72,7 +74,7 @@ int main(int argc, char *argv[]) curl_easy_setopt(curl_handle, CURLOPT_WRITEDATA, pagefile); /* get it! */ - curl_easy_perform(curl_handle); + res = curl_easy_perform(curl_handle); /* close the header file */ fclose(pagefile); @@ -83,5 +85,5 @@ int main(int argc, char *argv[]) curl_global_cleanup(); - return 0; + return (int)res; } From 4c7507daf913c2e7f3ff96b1ff92e467a3d2ece5 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 13 Oct 2025 16:30:18 +0200 Subject: [PATCH 0444/2408] examples: improve global init, error checks and returning errors - add `curl_global_init()` and `curl_global_cleanup()` where missing. - check the result of `curl_global_init()` where missing. - return the last curl error from `main()`. - drop Win32-specific socket initialization in favor of `curl_global_init()`. - rename some outliers to `res` for curl result code. - fix cleanup in some error cases. Inspired by Joshua's report on examples. Closes #19053 --- docs/examples/10-at-a-time.c | 5 +- docs/examples/address-scope.c | 10 ++- docs/examples/altsvc.c | 8 +- docs/examples/anyauthput.c | 8 +- docs/examples/block_ip.c | 5 +- docs/examples/cacertinmem.c | 26 +++--- docs/examples/certinfo.c | 6 +- docs/examples/chkspeed.c | 4 +- docs/examples/connect-to.c | 11 ++- docs/examples/cookie_interface.c | 5 +- docs/examples/crawler.c | 6 +- docs/examples/debug.c | 7 +- docs/examples/default-scheme.c | 7 +- docs/examples/ephiperfifo.c | 13 ++- docs/examples/evhiperfifo.c | 6 ++ docs/examples/externalsocket.c | 16 ++-- docs/examples/fileupload.c | 10 ++- docs/examples/ftp-delete.c | 7 +- docs/examples/ftp-wildcard.c | 113 +++++++++++------------- docs/examples/ftpget.c | 6 +- docs/examples/ftpgetinfo.c | 6 +- docs/examples/ftpgetresp.c | 11 ++- docs/examples/ftpsget.c | 6 +- docs/examples/ftpupload.c | 8 +- docs/examples/ftpuploadfrommem.c | 2 +- docs/examples/ftpuploadresume.c | 5 +- docs/examples/getinfo.c | 8 +- docs/examples/getinmemory.c | 8 +- docs/examples/getredirect.c | 7 +- docs/examples/getreferrer.c | 7 +- docs/examples/ghiper.c | 9 +- docs/examples/headerapi.c | 6 +- docs/examples/hiperfifo.c | 10 ++- docs/examples/hsts-preload.c | 8 +- docs/examples/htmltidy.c | 87 +++++++++--------- docs/examples/htmltitle.cpp | 13 +-- docs/examples/http-options.c | 6 +- docs/examples/http-post.c | 6 +- docs/examples/http2-download.c | 10 ++- docs/examples/http2-pushinmemory.c | 7 +- docs/examples/http2-serverpush.c | 8 +- docs/examples/http2-upload.c | 11 ++- docs/examples/http3-present.c | 4 +- docs/examples/http3.c | 6 +- docs/examples/httpcustomheader.c | 8 +- docs/examples/httpput-postfields.c | 6 +- docs/examples/httpput.c | 8 +- docs/examples/https.c | 7 +- docs/examples/imap-append.c | 7 +- docs/examples/imap-authzid.c | 7 +- docs/examples/imap-copy.c | 7 +- docs/examples/imap-create.c | 7 +- docs/examples/imap-delete.c | 7 +- docs/examples/imap-examine.c | 7 +- docs/examples/imap-fetch.c | 7 +- docs/examples/imap-list.c | 7 +- docs/examples/imap-lsub.c | 7 +- docs/examples/imap-multi.c | 58 ++++++------ docs/examples/imap-noop.c | 7 +- docs/examples/imap-search.c | 7 +- docs/examples/imap-ssl.c | 7 +- docs/examples/imap-store.c | 7 +- docs/examples/imap-tls.c | 7 +- docs/examples/interface.c | 7 +- docs/examples/ipv6.c | 7 +- docs/examples/keepalive.c | 7 +- docs/examples/localport.c | 7 +- docs/examples/log_failed_transfers.c | 8 +- docs/examples/maxconnects.c | 8 +- docs/examples/multi-app.c | 5 ++ docs/examples/multi-debugcallback.c | 6 ++ docs/examples/multi-double.c | 6 ++ docs/examples/multi-event.c | 7 +- docs/examples/multi-formadd.c | 5 ++ docs/examples/multi-legacy.c | 6 ++ docs/examples/multi-post.c | 5 ++ docs/examples/multi-single.c | 4 +- docs/examples/multi-uv.c | 6 +- docs/examples/multithread.c | 5 +- docs/examples/netrc.c | 7 +- docs/examples/persistent.c | 7 +- docs/examples/pop3-authzid.c | 7 +- docs/examples/pop3-dele.c | 7 +- docs/examples/pop3-list.c | 7 +- docs/examples/pop3-multi.c | 58 ++++++------ docs/examples/pop3-noop.c | 7 +- docs/examples/pop3-retr.c | 7 +- docs/examples/pop3-ssl.c | 7 +- docs/examples/pop3-stat.c | 7 +- docs/examples/pop3-tls.c | 7 +- docs/examples/pop3-top.c | 7 +- docs/examples/pop3-uidl.c | 7 +- docs/examples/post-callback.c | 2 +- docs/examples/postinmemory.c | 5 +- docs/examples/postit2-formadd.c | 4 +- docs/examples/postit2.c | 4 +- docs/examples/progressfunc.c | 6 +- docs/examples/protofeats.c | 4 +- docs/examples/range.c | 7 +- docs/examples/resolve.c | 6 +- docs/examples/rtsp-options.c | 6 +- docs/examples/sendrecv.c | 6 +- docs/examples/sepheaders.c | 87 +++++++++--------- docs/examples/sessioninfo.c | 6 +- docs/examples/sftpget.c | 7 +- docs/examples/sftpuploadresume.c | 5 +- docs/examples/shared-connection-cache.c | 9 +- docs/examples/simple.c | 6 +- docs/examples/simplepost.c | 12 ++- docs/examples/simplessl.c | 6 +- docs/examples/smooth-gtk-thread.c | 4 +- docs/examples/smtp-authzid.c | 7 +- docs/examples/smtp-expn.c | 7 +- docs/examples/smtp-mail.c | 7 +- docs/examples/smtp-mime.c | 7 +- docs/examples/smtp-multi.c | 98 ++++++++++---------- docs/examples/smtp-ssl.c | 7 +- docs/examples/smtp-tls.c | 7 +- docs/examples/smtp-vrfy.c | 9 +- docs/examples/synctime.c | 6 +- docs/examples/threaded-ssl.c | 5 +- docs/examples/unixsocket.c | 8 +- docs/examples/url2file.c | 9 +- docs/examples/urlapi.c | 8 +- docs/examples/usercertinmem.c | 15 ++-- docs/examples/websocket-cb.c | 8 +- docs/examples/websocket-updown.c | 55 ++++++------ docs/examples/websocket.c | 49 +++++----- docs/examples/xmlstream.c | 7 +- 129 files changed, 990 insertions(+), 485 deletions(-) diff --git a/docs/examples/10-at-a-time.c b/docs/examples/10-at-a-time.c index 38a0f24ac6..48e0030040 100644 --- a/docs/examples/10-at-a-time.c +++ b/docs/examples/10-at-a-time.c @@ -109,7 +109,10 @@ int main(void) int msgs_left = -1; int left = 0; - curl_global_init(CURL_GLOBAL_ALL); + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + cm = curl_multi_init(); /* Limit the amount of simultaneous connections curl should allow: */ diff --git a/docs/examples/address-scope.c b/docs/examples/address-scope.c index 43e9cf8986..82607e2df5 100644 --- a/docs/examples/address-scope.c +++ b/docs/examples/address-scope.c @@ -37,7 +37,10 @@ int main(void) #if !defined(_WIN32) && !defined(MSDOS) && !defined(__AMIGA__) /* Windows/MS-DOS users need to find how to use if_nametoindex() */ CURL *curl; - CURLcode res; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -57,6 +60,9 @@ int main(void) /* always cleanup */ curl_easy_cleanup(curl); } -#endif + curl_global_cleanup(); + return (int)res; +#else return 0; +#endif } diff --git a/docs/examples/altsvc.c b/docs/examples/altsvc.c index 8a1ae8ed3b..4021c90002 100644 --- a/docs/examples/altsvc.c +++ b/docs/examples/altsvc.c @@ -31,7 +31,10 @@ int main(void) { CURL *curl; - CURLcode res; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -54,5 +57,6 @@ int main(void) /* always cleanup */ curl_easy_cleanup(curl); } - return 0; + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/anyauthput.c b/docs/examples/anyauthput.c index 505d16b217..81bb1fb907 100644 --- a/docs/examples/anyauthput.c +++ b/docs/examples/anyauthput.c @@ -111,7 +111,11 @@ int main(int argc, char **argv) #endif /* In Windows, this inits the Winsock stuff */ - curl_global_init(CURL_GLOBAL_ALL); + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) { + fclose(fp); + return (int)res; + } /* get a curl handle */ curl = curl_easy_init(); @@ -161,5 +165,5 @@ int main(int argc, char **argv) fclose(fp); /* close the local file */ curl_global_cleanup(); - return 0; + return (int)res; } diff --git a/docs/examples/block_ip.c b/docs/examples/block_ip.c index 181cd8270d..b99fab58c3 100644 --- a/docs/examples/block_ip.c +++ b/docs/examples/block_ip.c @@ -301,9 +301,10 @@ int main(void) if(!filter) return 1; - if(curl_global_init(CURL_GLOBAL_DEFAULT)) { + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) { free(filter); - return 1; + return (int)res; } curl = curl_easy_init(); diff --git a/docs/examples/cacertinmem.c b/docs/examples/cacertinmem.c index e552ce5d69..d72dc49001 100644 --- a/docs/examples/cacertinmem.c +++ b/docs/examples/cacertinmem.c @@ -56,8 +56,6 @@ static size_t writefunction(void *ptr, size_t size, size_t nmemb, void *stream) static CURLcode sslctx_function(CURL *curl, void *sslctx, void *pointer) { - CURLcode rv = CURLE_ABORTED_BY_CALLBACK; - /** This example uses two (fake) certificates **/ /* replace the XXX with the actual CA certificates */ static const char mypem[] = @@ -89,14 +87,14 @@ static CURLcode sslctx_function(CURL *curl, void *sslctx, void *pointer) (void)pointer; if(!cts || !cbio) { - return rv; + return CURLE_ABORTED_BY_CALLBACK; } inf = PEM_X509_INFO_read_bio(cbio, NULL, NULL, NULL); if(!inf) { BIO_free(cbio); - return rv; + return CURLE_ABORTED_BY_CALLBACK; } for(i = 0; i < sk_X509_INFO_num(inf); i++) { @@ -112,16 +110,18 @@ static CURLcode sslctx_function(CURL *curl, void *sslctx, void *pointer) sk_X509_INFO_pop_free(inf, X509_INFO_free); BIO_free(cbio); - rv = CURLE_OK; - return rv; + return CURLE_OK; } int main(void) { CURL *ch; - CURLcode rv; + CURLcode res; + + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; - curl_global_init(CURL_GLOBAL_ALL); ch = curl_easy_init(); curl_easy_setopt(ch, CURLOPT_VERBOSE, 0L); curl_easy_setopt(ch, CURLOPT_HEADER, 0L); @@ -145,8 +145,8 @@ int main(void) /* first try: retrieve page without ca certificates -> should fail * unless libcurl was built --with-ca-fallback enabled at build-time */ - rv = curl_easy_perform(ch); - if(rv == CURLE_OK) + res = curl_easy_perform(ch); + if(res == CURLE_OK) printf("*** transfer succeeded ***\n"); else printf("*** transfer failed ***\n"); @@ -166,13 +166,13 @@ int main(void) * "modifications" to the SSL CONTEXT just before link init */ curl_easy_setopt(ch, CURLOPT_SSL_CTX_FUNCTION, sslctx_function); - rv = curl_easy_perform(ch); - if(rv == CURLE_OK) + res = curl_easy_perform(ch); + if(res == CURLE_OK) printf("*** transfer succeeded ***\n"); else printf("*** transfer failed ***\n"); curl_easy_cleanup(ch); curl_global_cleanup(); - return (int)rv; + return (int)res; } diff --git a/docs/examples/certinfo.c b/docs/examples/certinfo.c index 795be6c3d1..0443aa42f4 100644 --- a/docs/examples/certinfo.c +++ b/docs/examples/certinfo.c @@ -41,7 +41,9 @@ int main(void) CURL *curl; CURLcode res; - curl_global_init(CURL_GLOBAL_DEFAULT); + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -83,5 +85,5 @@ int main(void) curl_global_cleanup(); - return 0; + return (int)res; } diff --git a/docs/examples/chkspeed.c b/docs/examples/chkspeed.c index 32bd92005d..d4b2abbab8 100644 --- a/docs/examples/chkspeed.c +++ b/docs/examples/chkspeed.c @@ -156,7 +156,9 @@ int main(int argc, char *argv[]) } /* init libcurl */ - curl_global_init(CURL_GLOBAL_ALL); + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; /* init the curl session */ curl_handle = curl_easy_init(); diff --git a/docs/examples/connect-to.c b/docs/examples/connect-to.c index ad1e304649..253c531c42 100644 --- a/docs/examples/connect-to.c +++ b/docs/examples/connect-to.c @@ -30,8 +30,12 @@ int main(void) { + struct curl_slist *host; CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; /* Each single string should be written using the format @@ -41,8 +45,7 @@ int main(void) */ /* instead of curl.se:443, it resolves and uses example.com:443 but in other aspects work as if it still is curl.se */ - struct curl_slist *host = curl_slist_append(NULL, - "curl.se:443:example.com:443"); + host = curl_slist_append(NULL, "curl.se:443:example.com:443"); curl = curl_easy_init(); if(curl) { @@ -66,5 +69,7 @@ int main(void) curl_slist_free_all(host); + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/cookie_interface.c b/docs/examples/cookie_interface.c index cb68977121..cebbd3cdcf 100644 --- a/docs/examples/cookie_interface.c +++ b/docs/examples/cookie_interface.c @@ -72,7 +72,10 @@ main(void) CURL *curl; CURLcode res; - curl_global_init(CURL_GLOBAL_ALL); + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + curl = curl_easy_init(); if(curl) { char nline[512]; diff --git a/docs/examples/crawler.c b/docs/examples/crawler.c index 6b737652d4..a7ca5fa2fe 100644 --- a/docs/examples/crawler.c +++ b/docs/examples/crawler.c @@ -182,10 +182,14 @@ int main(void) int pending; int complete; int still_running; + CURLcode res; + + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; signal(SIGINT, sighandler); LIBXML_TEST_VERSION - curl_global_init(CURL_GLOBAL_DEFAULT); multi_handle = curl_multi_init(); curl_multi_setopt(multi_handle, CURLMOPT_MAX_TOTAL_CONNECTIONS, max_con); curl_multi_setopt(multi_handle, CURLMOPT_MAX_HOST_CONNECTIONS, 6L); diff --git a/docs/examples/debug.c b/docs/examples/debug.c index 5303c833f5..85fdea95d3 100644 --- a/docs/examples/debug.c +++ b/docs/examples/debug.c @@ -128,6 +128,10 @@ int main(void) CURLcode res; struct data config; + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + config.trace_ascii = 1; /* enable ASCII tracing */ curl = curl_easy_init(); @@ -151,5 +155,6 @@ int main(void) /* always cleanup */ curl_easy_cleanup(curl); } - return 0; + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/default-scheme.c b/docs/examples/default-scheme.c index 13e1e08fcb..b4ea5fa3bf 100644 --- a/docs/examples/default-scheme.c +++ b/docs/examples/default-scheme.c @@ -33,6 +33,10 @@ int main(void) CURL *curl; CURLcode res; + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + curl = curl_easy_init(); if(curl) { curl_easy_setopt(curl, CURLOPT_URL, "example.com"); @@ -53,5 +57,6 @@ int main(void) /* always cleanup */ curl_easy_cleanup(curl); } - return 0; + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/ephiperfifo.c b/docs/examples/ephiperfifo.c index 3fddb2b743..c22a360101 100644 --- a/docs/examples/ephiperfifo.c +++ b/docs/examples/ephiperfifo.c @@ -449,6 +449,7 @@ void sigint_handler(int signo) int main(int argc, char **argv) { + CURLcode res; struct GlobalInfo g; struct itimerspec its; struct epoll_event ev; @@ -456,6 +457,10 @@ int main(int argc, char **argv) (void)argc; (void)argv; + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + g_should_exit_ = 0; signal(SIGINT, sigint_handler); @@ -463,12 +468,14 @@ int main(int argc, char **argv) g.epfd = epoll_create1(EPOLL_CLOEXEC); if(g.epfd == -1) { perror("epoll_create1 failed"); + curl_global_cleanup(); return 1; } g.tfd = timerfd_create(CLOCK_MONOTONIC, TFD_NONBLOCK | TFD_CLOEXEC); if(g.tfd == -1) { perror("timerfd_create failed"); + curl_global_cleanup(); return 1; } @@ -481,8 +488,10 @@ int main(int argc, char **argv) ev.data.fd = g.tfd; epoll_ctl(g.epfd, EPOLL_CTL_ADD, g.tfd, &ev); - if(init_fifo(&g)) + if(init_fifo(&g)) { + curl_global_cleanup(); return 1; + } g.multi = curl_multi_init(); /* setup the generic multi interface options we want */ @@ -508,6 +517,7 @@ int main(int argc, char **argv) } else { perror("epoll_wait"); + curl_global_cleanup(); return 1; } } @@ -530,5 +540,6 @@ int main(int argc, char **argv) curl_multi_cleanup(g.multi); clean_fifo(&g); + curl_global_cleanup(); return 0; } diff --git a/docs/examples/evhiperfifo.c b/docs/examples/evhiperfifo.c index 364a0f42fe..79dfd34521 100644 --- a/docs/examples/evhiperfifo.c +++ b/docs/examples/evhiperfifo.c @@ -415,10 +415,15 @@ static int init_fifo(struct GlobalInfo *g) int main(int argc, char **argv) { + CURLcode res; struct GlobalInfo g; (void)argc; (void)argv; + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + memset(&g, 0, sizeof(g)); g.loop = ev_default_loop(0); @@ -439,5 +444,6 @@ int main(int argc, char **argv) ev_loop(g.loop, 0); curl_multi_cleanup(g.multi); + curl_global_cleanup(); return 0; } diff --git a/docs/examples/externalsocket.c b/docs/examples/externalsocket.c index 84c9ba4eb2..99e719b745 100644 --- a/docs/examples/externalsocket.c +++ b/docs/examples/externalsocket.c @@ -103,14 +103,9 @@ int main(void) struct sockaddr_in servaddr; /* socket address structure */ curl_socket_t sockfd; -#ifdef _WIN32 - WSADATA wsaData; - int initwsa = WSAStartup(MAKEWORD(2, 2), &wsaData); - if(initwsa) { - printf("WSAStartup failed: %d\n", initwsa); - return 1; - } -#endif + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -175,8 +170,7 @@ int main(void) } } -#ifdef _WIN32 - WSACleanup(); -#endif + curl_global_cleanup(); + return 0; } diff --git a/docs/examples/fileupload.c b/docs/examples/fileupload.c index 29c3c3c3c1..f827c68390 100644 --- a/docs/examples/fileupload.c +++ b/docs/examples/fileupload.c @@ -46,9 +46,15 @@ int main(void) curl_off_t speed_upload, total_time; FILE *fd; + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + fd = fopen("debugit", "rb"); /* open file to upload */ - if(!fd) + if(!fd) { + curl_global_cleanup(); return 1; /* cannot continue */ + } /* to get the file size */ #ifdef UNDER_CE @@ -58,6 +64,7 @@ int main(void) if(fstat(fileno(fd), &file_info) != 0) { #endif fclose(fd); + curl_global_cleanup(); return 1; /* cannot continue */ } @@ -100,5 +107,6 @@ int main(void) curl_easy_cleanup(curl); } fclose(fd); + curl_global_cleanup(); return 0; } diff --git a/docs/examples/ftp-delete.c b/docs/examples/ftp-delete.c index b879da48d3..f5c553ff68 100644 --- a/docs/examples/ftp-delete.c +++ b/docs/examples/ftp-delete.c @@ -37,14 +37,15 @@ static size_t my_fwrite(void *buffer, size_t size, size_t nmemb, void *stream) return size * nmemb; } - int main(void) { CURL *curl; CURLcode res; struct curl_slist *headerlist = NULL; - curl_global_init(CURL_GLOBAL_DEFAULT); + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -80,5 +81,5 @@ int main(void) curl_global_cleanup(); - return 0; + return (int)res; } diff --git a/docs/examples/ftp-wildcard.c b/docs/examples/ftp-wildcard.c index ddc6e4aae4..0861f2f048 100644 --- a/docs/examples/ftp-wildcard.c +++ b/docs/examples/ftp-wildcard.c @@ -32,67 +32,6 @@ struct callback_data { FILE *output; }; -static long file_is_coming(struct curl_fileinfo *finfo, - void *data, - int remains); - -static long file_is_downloaded(void *data); - -static size_t write_it(char *buff, size_t size, size_t nmemb, - void *cb_data); - -int main(int argc, char **argv) -{ - /* curl easy handle */ - CURL *handle; - - /* help data */ - struct callback_data data = { 0 }; - - /* global initialization */ - CURLcode rc = curl_global_init(CURL_GLOBAL_ALL); - if(rc) - return (int)rc; - - /* initialization of easy handle */ - handle = curl_easy_init(); - if(!handle) { - curl_global_cleanup(); - return CURLE_OUT_OF_MEMORY; - } - - /* turn on wildcard matching */ - curl_easy_setopt(handle, CURLOPT_WILDCARDMATCH, 1L); - - /* callback is called before download of concrete file started */ - curl_easy_setopt(handle, CURLOPT_CHUNK_BGN_FUNCTION, file_is_coming); - - /* callback is called after data from the file have been transferred */ - curl_easy_setopt(handle, CURLOPT_CHUNK_END_FUNCTION, file_is_downloaded); - - /* this callback writes contents into files */ - curl_easy_setopt(handle, CURLOPT_WRITEFUNCTION, write_it); - - /* put transfer data into callbacks */ - curl_easy_setopt(handle, CURLOPT_CHUNK_DATA, &data); - curl_easy_setopt(handle, CURLOPT_WRITEDATA, &data); - - /* curl_easy_setopt(handle, CURLOPT_VERBOSE, 1L); */ - - /* set a URL containing wildcard pattern (only in the last part) */ - if(argc == 2) - curl_easy_setopt(handle, CURLOPT_URL, argv[1]); - else - curl_easy_setopt(handle, CURLOPT_URL, "ftp://example.com/test/*"); - - /* and start transfer! */ - rc = curl_easy_perform(handle); - - curl_easy_cleanup(handle); - curl_global_cleanup(); - return (int)rc; -} - static long file_is_coming(struct curl_fileinfo *finfo, void *input, int remains) { @@ -151,3 +90,55 @@ static size_t write_it(char *buff, size_t size, size_t nmemb, written = fwrite(buff, size, nmemb, stdout); return written; } + +int main(int argc, char **argv) +{ + /* curl easy handle */ + CURL *handle; + + /* help data */ + struct callback_data data = { 0 }; + + /* global initialization */ + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + + /* initialization of easy handle */ + handle = curl_easy_init(); + if(!handle) { + curl_global_cleanup(); + return CURLE_OUT_OF_MEMORY; + } + + /* turn on wildcard matching */ + curl_easy_setopt(handle, CURLOPT_WILDCARDMATCH, 1L); + + /* callback is called before download of concrete file started */ + curl_easy_setopt(handle, CURLOPT_CHUNK_BGN_FUNCTION, file_is_coming); + + /* callback is called after data from the file have been transferred */ + curl_easy_setopt(handle, CURLOPT_CHUNK_END_FUNCTION, file_is_downloaded); + + /* this callback writes contents into files */ + curl_easy_setopt(handle, CURLOPT_WRITEFUNCTION, write_it); + + /* put transfer data into callbacks */ + curl_easy_setopt(handle, CURLOPT_CHUNK_DATA, &data); + curl_easy_setopt(handle, CURLOPT_WRITEDATA, &data); + + /* curl_easy_setopt(handle, CURLOPT_VERBOSE, 1L); */ + + /* set a URL containing wildcard pattern (only in the last part) */ + if(argc == 2) + curl_easy_setopt(handle, CURLOPT_URL, argv[1]); + else + curl_easy_setopt(handle, CURLOPT_URL, "ftp://example.com/test/*"); + + /* and start transfer! */ + res = curl_easy_perform(handle); + + curl_easy_cleanup(handle); + curl_global_cleanup(); + return (int)res; +} diff --git a/docs/examples/ftpget.c b/docs/examples/ftpget.c index 95369c1c02..f4ba1e52aa 100644 --- a/docs/examples/ftpget.c +++ b/docs/examples/ftpget.c @@ -57,7 +57,9 @@ int main(void) NULL }; - curl_global_init(CURL_GLOBAL_DEFAULT); + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -90,5 +92,5 @@ int main(void) curl_global_cleanup(); - return 0; + return (int)res; } diff --git a/docs/examples/ftpgetinfo.c b/docs/examples/ftpgetinfo.c index 485b26bddc..549d3003a8 100644 --- a/docs/examples/ftpgetinfo.c +++ b/docs/examples/ftpgetinfo.c @@ -49,7 +49,9 @@ int main(void) curl_off_t filesize = 0; const char *filename = strrchr(ftpurl, '/') + 1; - curl_global_init(CURL_GLOBAL_DEFAULT); + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -89,5 +91,5 @@ int main(void) curl_global_cleanup(); - return 0; + return (int)res; } diff --git a/docs/examples/ftpgetresp.c b/docs/examples/ftpgetresp.c index 7b40f77c94..7b6a6e3d2d 100644 --- a/docs/examples/ftpgetresp.c +++ b/docs/examples/ftpgetresp.c @@ -47,15 +47,22 @@ int main(void) FILE *ftpfile; FILE *respfile; + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + /* local filename to store the file as */ ftpfile = fopen(FTPBODY, "wb"); /* b is binary, needed on Windows */ - if(!ftpfile) + if(!ftpfile) { + curl_global_cleanup(); return 1; + } /* local filename to store the FTP server's response lines in */ respfile = fopen(FTPHEADERS, "wb"); /* b is binary, needed on Windows */ if(!respfile) { fclose(ftpfile); + curl_global_cleanup(); return 1; } @@ -81,5 +88,5 @@ int main(void) fclose(ftpfile); /* close the local file */ fclose(respfile); /* close the response file */ - return 0; + return (int)res; } diff --git a/docs/examples/ftpsget.c b/docs/examples/ftpsget.c index dfe80b9f8b..c2aee89c84 100644 --- a/docs/examples/ftpsget.c +++ b/docs/examples/ftpsget.c @@ -59,7 +59,9 @@ int main(void) NULL }; - curl_global_init(CURL_GLOBAL_DEFAULT); + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -97,5 +99,5 @@ int main(void) curl_global_cleanup(); - return 0; + return (int)res; } diff --git a/docs/examples/ftpupload.c b/docs/examples/ftpupload.c index 4f3b679226..7588a82953 100644 --- a/docs/examples/ftpupload.c +++ b/docs/examples/ftpupload.c @@ -109,7 +109,11 @@ int main(void) printf("Local file size: %lu bytes.\n", (unsigned long)fsize); /* In Windows, this inits the Winsock stuff */ - curl_global_init(CURL_GLOBAL_ALL); + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) { + fclose(hd_src); + return (int)res; + } /* get a curl handle */ curl = curl_easy_init(); @@ -155,5 +159,5 @@ int main(void) fclose(hd_src); /* close the local file */ curl_global_cleanup(); - return 0; + return (int)res; } diff --git a/docs/examples/ftpuploadfrommem.c b/docs/examples/ftpuploadfrommem.c index 3748d68a05..70242376ae 100644 --- a/docs/examples/ftpuploadfrommem.c +++ b/docs/examples/ftpuploadfrommem.c @@ -122,5 +122,5 @@ int main(void) curl_easy_cleanup(curl); } curl_global_cleanup(); - return 0; + return (int)res; } diff --git a/docs/examples/ftpuploadresume.c b/docs/examples/ftpuploadresume.c index 67495aec68..544b746873 100644 --- a/docs/examples/ftpuploadresume.c +++ b/docs/examples/ftpuploadresume.c @@ -154,7 +154,10 @@ int main(void) { CURL *curlhandle = NULL; - curl_global_init(CURL_GLOBAL_ALL); + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + curlhandle = curl_easy_init(); upload(curlhandle, "ftp://user:pass@example.com/path/file", "C:\\file", diff --git a/docs/examples/getinfo.c b/docs/examples/getinfo.c index 9c178c2c8c..d6257afa79 100644 --- a/docs/examples/getinfo.c +++ b/docs/examples/getinfo.c @@ -31,7 +31,10 @@ int main(void) { CURL *curl; - CURLcode res; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -50,5 +53,6 @@ int main(void) /* always cleanup */ curl_easy_cleanup(curl); } - return 0; + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/getinmemory.c b/docs/examples/getinmemory.c index 173247d915..589047097b 100644 --- a/docs/examples/getinmemory.c +++ b/docs/examples/getinmemory.c @@ -66,11 +66,13 @@ int main(void) struct MemoryStruct chunk; + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + chunk.memory = malloc(1); /* grown as needed by the realloc above */ chunk.size = 0; /* no data at this point */ - curl_global_init(CURL_GLOBAL_ALL); - /* init the curl session */ curl_handle = curl_easy_init(); @@ -114,5 +116,5 @@ int main(void) /* we are done with libcurl, so clean it up */ curl_global_cleanup(); - return 0; + return (int)res; } diff --git a/docs/examples/getredirect.c b/docs/examples/getredirect.c index 91c778d3c1..908cd5f850 100644 --- a/docs/examples/getredirect.c +++ b/docs/examples/getredirect.c @@ -35,6 +35,10 @@ int main(void) char *location; long response_code; + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + curl = curl_easy_init(); if(curl) { curl_easy_setopt(curl, CURLOPT_URL, "https://example.com"); @@ -68,5 +72,6 @@ int main(void) /* always cleanup */ curl_easy_cleanup(curl); } - return 0; + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/getreferrer.c b/docs/examples/getreferrer.c index c46f7825a0..ae42f4605f 100644 --- a/docs/examples/getreferrer.c +++ b/docs/examples/getreferrer.c @@ -32,10 +32,12 @@ int main(void) { CURL *curl; + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + curl = curl_easy_init(); if(curl) { - CURLcode res; - curl_easy_setopt(curl, CURLOPT_URL, "https://example.com"); curl_easy_setopt(curl, CURLOPT_REFERER, "https://example.org/referrer"); @@ -55,5 +57,6 @@ int main(void) /* always cleanup */ curl_easy_cleanup(curl); } + curl_global_cleanup(); return 0; } diff --git a/docs/examples/ghiper.c b/docs/examples/ghiper.c index 7d8449cdf0..50308fd47c 100644 --- a/docs/examples/ghiper.c +++ b/docs/examples/ghiper.c @@ -421,9 +421,15 @@ int main(void) int fd; GIOChannel* ch; + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + fd = init_fifo(); - if(fd == CURL_SOCKET_BAD) + if(fd == CURL_SOCKET_BAD) { + curl_global_cleanup(); return 1; + } ch = g_io_channel_unix_new(fd); g_io_add_watch(ch, G_IO_IN, fifo_cb, g); gmain = g_main_loop_new(NULL, FALSE); @@ -438,5 +444,6 @@ int main(void) g_main_loop_run(gmain); curl_multi_cleanup(g->multi); + curl_global_cleanup(); return 0; } diff --git a/docs/examples/headerapi.c b/docs/examples/headerapi.c index ede0c5cbda..428374bac6 100644 --- a/docs/examples/headerapi.c +++ b/docs/examples/headerapi.c @@ -40,9 +40,12 @@ int main(void) { CURL *curl; + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + curl = curl_easy_init(); if(curl) { - CURLcode res; struct curl_header *header; curl_easy_setopt(curl, CURLOPT_URL, "https://example.com"); /* example.com is redirected, so we tell libcurl to follow redirection */ @@ -77,5 +80,6 @@ int main(void) /* always cleanup */ curl_easy_cleanup(curl); } + curl_global_cleanup(); return 0; } diff --git a/docs/examples/hiperfifo.c b/docs/examples/hiperfifo.c index 1af1eb0c72..cc22e70abb 100644 --- a/docs/examples/hiperfifo.c +++ b/docs/examples/hiperfifo.c @@ -414,14 +414,21 @@ static void clean_fifo(struct GlobalInfo *g) int main(int argc, char **argv) { + CURLcode res; struct GlobalInfo g; (void)argc; (void)argv; + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + memset(&g, 0, sizeof(g)); g.evbase = event_base_new(); - if(init_fifo(&g)) + if(init_fifo(&g)) { + curl_global_cleanup(); return 1; + } g.multi = curl_multi_init(); evtimer_assign(&g.timer_event, g.evbase, timer_cb, &g); @@ -443,5 +450,6 @@ int main(int argc, char **argv) event_del(&g.timer_event); event_base_free(g.evbase); curl_multi_cleanup(g.multi); + curl_global_cleanup(); return 0; } diff --git a/docs/examples/hsts-preload.c b/docs/examples/hsts-preload.c index ba9fe87a94..303b17f525 100644 --- a/docs/examples/hsts-preload.c +++ b/docs/examples/hsts-preload.c @@ -80,7 +80,10 @@ static CURLSTScode hstswrite(CURL *easy, struct curl_hstsentry *e, int main(void) { CURL *curl; - CURLcode res; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -114,5 +117,6 @@ int main(void) /* always cleanup */ curl_easy_cleanup(curl); } - return 0; + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/htmltidy.c b/docs/examples/htmltidy.c index 498bb85bdc..952132fbc4 100644 --- a/docs/examples/htmltidy.c +++ b/docs/examples/htmltidy.c @@ -76,55 +76,58 @@ void dumpNode(TidyDoc doc, TidyNode tnod, int indent) int main(int argc, char **argv) { - if(argc == 2) { - CURL *curl; - char curl_errbuf[CURL_ERROR_SIZE]; - TidyDoc tdoc; - TidyBuffer docbuf = {0}; - TidyBuffer tidy_errbuf = {0}; - int err; + CURL *curl; + char curl_errbuf[CURL_ERROR_SIZE]; + TidyDoc tdoc; + TidyBuffer docbuf = {0}; + TidyBuffer tidy_errbuf = {0}; + CURLcode res; - curl = curl_easy_init(); - curl_easy_setopt(curl, CURLOPT_URL, argv[1]); - curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, curl_errbuf); - curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 0L); - curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); - curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); + if(argc != 2) { + printf("usage: %s \n", argv[0]); + return 1; + } - tdoc = tidyCreate(); - tidyOptSetBool(tdoc, TidyForceOutput, yes); /* try harder */ - tidyOptSetInt(tdoc, TidyWrapLen, 4096); - tidySetErrorBuffer(tdoc, &tidy_errbuf); - tidyBufInit(&docbuf); + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; - curl_easy_setopt(curl, CURLOPT_WRITEDATA, &docbuf); - err = curl_easy_perform(curl); - if(!err) { - err = tidyParseBuffer(tdoc, &docbuf); /* parse the input */ - if(err >= 0) { - err = tidyCleanAndRepair(tdoc); /* fix any problems */ - if(err >= 0) { - err = tidyRunDiagnostics(tdoc); /* load tidy error buffer */ - if(err >= 0) { - dumpNode(tdoc, tidyGetRoot(tdoc), 0); /* walk the tree */ - fprintf(stderr, "%s\n", tidy_errbuf.bp); /* show errors */ - } + curl = curl_easy_init(); + curl_easy_setopt(curl, CURLOPT_URL, argv[1]); + curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, curl_errbuf); + curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 0L); + curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); + + tdoc = tidyCreate(); + tidyOptSetBool(tdoc, TidyForceOutput, yes); /* try harder */ + tidyOptSetInt(tdoc, TidyWrapLen, 4096); + tidySetErrorBuffer(tdoc, &tidy_errbuf); + tidyBufInit(&docbuf); + + curl_easy_setopt(curl, CURLOPT_WRITEDATA, &docbuf); + res = curl_easy_perform(curl); + if(!res) { + res = tidyParseBuffer(tdoc, &docbuf); /* parse the input */ + if(res >= 0) { + res = tidyCleanAndRepair(tdoc); /* fix any problems */ + if(res >= 0) { + res = tidyRunDiagnostics(tdoc); /* load tidy error buffer */ + if(res >= 0) { + dumpNode(tdoc, tidyGetRoot(tdoc), 0); /* walk the tree */ + fprintf(stderr, "%s\n", tidy_errbuf.bp); /* show errors */ } } } - else - fprintf(stderr, "%s\n", curl_errbuf); - - /* clean-up */ - curl_easy_cleanup(curl); - tidyBufFree(&docbuf); - tidyBufFree(&tidy_errbuf); - tidyRelease(tdoc); - return err; - } else - printf("usage: %s \n", argv[0]); + fprintf(stderr, "%s\n", curl_errbuf); - return 0; + /* clean-up */ + curl_easy_cleanup(curl); + curl_global_cleanup(); + tidyBufFree(&docbuf); + tidyBufFree(&tidy_errbuf); + tidyRelease(tdoc); + return (int)res; } diff --git a/docs/examples/htmltitle.cpp b/docs/examples/htmltitle.cpp index 8d75f588fc..e4979ee859 100644 --- a/docs/examples/htmltitle.cpp +++ b/docs/examples/htmltitle.cpp @@ -263,7 +263,7 @@ static void parseHtml(const std::string &html, int main(int argc, char *argv[]) { CURL *conn = NULL; - CURLcode code; + CURLcode res; std::string title; // Ensure one argument is given @@ -273,21 +273,24 @@ int main(int argc, char *argv[]) return EXIT_FAILURE; } - curl_global_init(CURL_GLOBAL_DEFAULT); + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; // Initialize CURL connection if(!init(conn, argv[1])) { fprintf(stderr, "Connection initialization failed\n"); + curl_global_cleanup(); return EXIT_FAILURE; } // Retrieve content for the URL - code = curl_easy_perform(conn); + res = curl_easy_perform(conn); curl_easy_cleanup(conn); - if(code != CURLE_OK) { + if(res != CURLE_OK) { fprintf(stderr, "Failed to get '%s' [%s]\n", argv[1], errorBuffer); return EXIT_FAILURE; } @@ -298,5 +301,5 @@ int main(int argc, char *argv[]) // Display the extracted title printf("Title: %s\n", title.c_str()); - return EXIT_SUCCESS; + return (int)res; } diff --git a/docs/examples/http-options.c b/docs/examples/http-options.c index 586b55f12a..9520670bae 100644 --- a/docs/examples/http-options.c +++ b/docs/examples/http-options.c @@ -31,7 +31,10 @@ int main(void) { CURL *curl; - CURLcode res; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -55,5 +58,6 @@ int main(void) /* always cleanup */ curl_easy_cleanup(curl); } + curl_global_cleanup(); return 0; } diff --git a/docs/examples/http-post.c b/docs/examples/http-post.c index 901ee1e3f0..fb91822bb8 100644 --- a/docs/examples/http-post.c +++ b/docs/examples/http-post.c @@ -34,7 +34,9 @@ int main(void) CURLcode res; /* In Windows, this inits the Winsock stuff */ - curl_global_init(CURL_GLOBAL_ALL); + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; /* get a curl handle */ curl = curl_easy_init(); @@ -57,5 +59,5 @@ int main(void) curl_easy_cleanup(curl); } curl_global_cleanup(); - return 0; + return (int)res; } diff --git a/docs/examples/http2-download.c b/docs/examples/http2-download.c index a524cac27f..6343234667 100644 --- a/docs/examples/http2-download.c +++ b/docs/examples/http2-download.c @@ -190,11 +190,13 @@ static int setup(struct transfer *t, int num) */ int main(int argc, char **argv) { + CURLcode res; struct transfer trans[NUM_HANDLES]; CURLM *multi_handle; int i; int still_running = 0; /* keep number of running handles */ int num_transfers; + if(argc > 1) { /* if given a number, do that many transfers */ num_transfers = atoi(argv[1]); @@ -204,12 +206,18 @@ int main(int argc, char **argv) else num_transfers = 3; /* suitable default */ + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + /* init a multi stack */ multi_handle = curl_multi_init(); for(i = 0; i < num_transfers; i++) { - if(setup(&trans[i], i)) + if(setup(&trans[i], i)) { + curl_global_cleanup(); return 1; + } /* add the individual transfer */ curl_multi_add_handle(multi_handle, trans[i].easy); diff --git a/docs/examples/http2-pushinmemory.c b/docs/examples/http2-pushinmemory.c index 873883ca50..3e2b4af1c2 100644 --- a/docs/examples/http2-pushinmemory.c +++ b/docs/examples/http2-pushinmemory.c @@ -130,6 +130,10 @@ int main(void) int i; struct CURLMsg *m; + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + /* init a multi stack */ multi = curl_multi_init(); @@ -155,7 +159,6 @@ int main(void) if(mcode) break; - /* * When doing server push, libcurl itself created and added one or more * easy handles but *we* need to clean them up when they are done. @@ -173,8 +176,8 @@ int main(void) } - curl_multi_cleanup(multi); + curl_global_cleanup(); /* 'pushindex' is now the number of received transfers */ for(i = 0; i < pushindex; i++) { diff --git a/docs/examples/http2-serverpush.c b/docs/examples/http2-serverpush.c index cea54e3af1..0d0e991776 100644 --- a/docs/examples/http2-serverpush.c +++ b/docs/examples/http2-serverpush.c @@ -212,6 +212,7 @@ static int server_push_callback(CURL *parent, */ int main(int argc, char *argv[]) { + CURLcode res; CURL *easy; CURLM *multi_handle; int transfers = 1; /* we start with one */ @@ -221,6 +222,10 @@ int main(int argc, char *argv[]) if(argc == 2) url = argv[1]; + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + /* init a multi stack */ multi_handle = curl_multi_init(); @@ -229,6 +234,7 @@ int main(int argc, char *argv[]) /* set options */ if(setup(easy, url)) { fprintf(stderr, "failed\n"); + curl_global_cleanup(); return 1; } @@ -270,7 +276,7 @@ int main(int argc, char *argv[]) } while(transfers); /* as long as we have transfers going */ curl_multi_cleanup(multi_handle); - + curl_global_cleanup(); return 0; } diff --git a/docs/examples/http2-upload.c b/docs/examples/http2-upload.c index a22161d76d..9cc3c5652c 100644 --- a/docs/examples/http2-upload.c +++ b/docs/examples/http2-upload.c @@ -292,6 +292,7 @@ static int setup(struct input *i, int num, const char *upload) */ int main(int argc, char **argv) { + CURLcode res; struct input trans[NUM_HANDLES]; CURLM *multi_handle; int i; @@ -313,12 +314,18 @@ int main(int argc, char **argv) else num_transfers = 3; + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + /* init a multi stack */ multi_handle = curl_multi_init(); for(i = 0; i < num_transfers; i++) { - if(setup(&trans[i], i, filename)) + if(setup(&trans[i], i, filename)) { + curl_global_cleanup(); return 1; + } /* add the individual transfer */ curl_multi_add_handle(multi_handle, trans[i].hnd); @@ -348,5 +355,7 @@ int main(int argc, char **argv) curl_easy_cleanup(trans[i].hnd); } + curl_global_cleanup(); + return 0; } diff --git a/docs/examples/http3-present.c b/docs/examples/http3-present.c index 56ba0f5724..084f265c46 100644 --- a/docs/examples/http3-present.c +++ b/docs/examples/http3-present.c @@ -32,7 +32,9 @@ int main(void) { curl_version_info_data *ver; - curl_global_init(CURL_GLOBAL_ALL); + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; ver = curl_version_info(CURLVERSION_NOW); if(ver->features & CURL_VERSION_HTTP2) diff --git a/docs/examples/http3.c b/docs/examples/http3.c index 573ea20d2b..323f6d7d17 100644 --- a/docs/examples/http3.c +++ b/docs/examples/http3.c @@ -31,7 +31,10 @@ int main(void) { CURL *curl; - CURLcode res; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -50,5 +53,6 @@ int main(void) /* always cleanup */ curl_easy_cleanup(curl); } + curl_global_cleanup(); return 0; } diff --git a/docs/examples/httpcustomheader.c b/docs/examples/httpcustomheader.c index a3881674c1..0657313ddf 100644 --- a/docs/examples/httpcustomheader.c +++ b/docs/examples/httpcustomheader.c @@ -31,7 +31,10 @@ int main(void) { CURL *curl; - CURLcode res; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -68,5 +71,6 @@ int main(void) /* free the custom headers */ curl_slist_free_all(chunk); } - return 0; + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/httpput-postfields.c b/docs/examples/httpput-postfields.c index 5f410837b8..b855f454ae 100644 --- a/docs/examples/httpput-postfields.c +++ b/docs/examples/httpput-postfields.c @@ -58,7 +58,9 @@ int main(int argc, char **argv) url = argv[1]; /* In Windows, this inits the Winsock stuff */ - curl_global_init(CURL_GLOBAL_ALL); + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; /* get a curl handle */ curl = curl_easy_init(); @@ -100,5 +102,5 @@ int main(int argc, char **argv) } curl_global_cleanup(); - return 0; + return (int)res; } diff --git a/docs/examples/httpput.c b/docs/examples/httpput.c index 1951cb232e..2aef62fc67 100644 --- a/docs/examples/httpput.c +++ b/docs/examples/httpput.c @@ -101,7 +101,11 @@ int main(int argc, char **argv) } /* In Windows, this inits the Winsock stuff */ - curl_global_init(CURL_GLOBAL_ALL); + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) { + fclose(hd_src); + return (int)res; + } /* get a curl handle */ curl = curl_easy_init(); @@ -137,5 +141,5 @@ int main(int argc, char **argv) fclose(hd_src); /* close the local file */ curl_global_cleanup(); - return 0; + return (int)res; } diff --git a/docs/examples/https.c b/docs/examples/https.c index c1cba877df..23729afcaa 100644 --- a/docs/examples/https.c +++ b/docs/examples/https.c @@ -31,9 +31,10 @@ int main(void) { CURL *curl; - CURLcode res; - curl_global_init(CURL_GLOBAL_DEFAULT); + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -79,5 +80,5 @@ int main(void) curl_global_cleanup(); - return 0; + return (int)res; } diff --git a/docs/examples/imap-append.c b/docs/examples/imap-append.c index 1839deac1d..e8851ce977 100644 --- a/docs/examples/imap-append.c +++ b/docs/examples/imap-append.c @@ -87,7 +87,10 @@ static size_t payload_source(char *ptr, size_t size, size_t nmemb, void *userp) int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -126,5 +129,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/imap-authzid.c b/docs/examples/imap-authzid.c index eb615c6f3d..b7c2e43f99 100644 --- a/docs/examples/imap-authzid.c +++ b/docs/examples/imap-authzid.c @@ -39,7 +39,10 @@ int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -69,5 +72,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/imap-copy.c b/docs/examples/imap-copy.c index a221be0ca8..8adb8b8c6d 100644 --- a/docs/examples/imap-copy.c +++ b/docs/examples/imap-copy.c @@ -39,7 +39,10 @@ int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -69,5 +72,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/imap-create.c b/docs/examples/imap-create.c index 6a9b565345..51fbe5f142 100644 --- a/docs/examples/imap-create.c +++ b/docs/examples/imap-create.c @@ -39,7 +39,10 @@ int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -65,5 +68,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/imap-delete.c b/docs/examples/imap-delete.c index e43ab2e982..a7682f7664 100644 --- a/docs/examples/imap-delete.c +++ b/docs/examples/imap-delete.c @@ -39,7 +39,10 @@ int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -65,5 +68,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/imap-examine.c b/docs/examples/imap-examine.c index 34217bfa42..a46d450d21 100644 --- a/docs/examples/imap-examine.c +++ b/docs/examples/imap-examine.c @@ -39,7 +39,10 @@ int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -65,5 +68,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/imap-fetch.c b/docs/examples/imap-fetch.c index 416fe88096..937d3e05b8 100644 --- a/docs/examples/imap-fetch.c +++ b/docs/examples/imap-fetch.c @@ -39,7 +39,10 @@ int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -63,5 +66,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/imap-list.c b/docs/examples/imap-list.c index 0253b543e6..2d882503d0 100644 --- a/docs/examples/imap-list.c +++ b/docs/examples/imap-list.c @@ -39,7 +39,10 @@ int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -64,5 +67,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/imap-lsub.c b/docs/examples/imap-lsub.c index cf45a5fc2d..74472d42ec 100644 --- a/docs/examples/imap-lsub.c +++ b/docs/examples/imap-lsub.c @@ -39,7 +39,10 @@ int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -66,5 +69,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/imap-multi.c b/docs/examples/imap-multi.c index 42fa7381cd..e2d5dd4e9c 100644 --- a/docs/examples/imap-multi.c +++ b/docs/examples/imap-multi.c @@ -39,44 +39,48 @@ int main(void) { CURL *curl; - CURLM *mcurl; - int still_running = 1; - curl_global_init(CURL_GLOBAL_DEFAULT); + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); - if(!curl) - return 1; + if(curl) { + CURLM *mcurl; - mcurl = curl_multi_init(); - if(!mcurl) - return 2; + mcurl = curl_multi_init(); + if(mcurl) { + int still_running = 1; - /* Set username and password */ - curl_easy_setopt(curl, CURLOPT_USERNAME, "user"); - curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret"); + /* Set username and password */ + curl_easy_setopt(curl, CURLOPT_USERNAME, "user"); + curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret"); - /* This fetches message 1 from the user's inbox */ - curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com/INBOX/;UID=1"); + /* This fetches message 1 from the user's inbox */ + curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com/" + "INBOX/;UID=1"); - /* Tell the multi stack about our easy handle */ - curl_multi_add_handle(mcurl, curl); + /* Tell the multi stack about our easy handle */ + curl_multi_add_handle(mcurl, curl); - do { - CURLMcode mc = curl_multi_perform(mcurl, &still_running); + do { + CURLMcode mc = curl_multi_perform(mcurl, &still_running); - if(still_running) - /* wait for activity, timeout or "nothing" */ - mc = curl_multi_poll(mcurl, NULL, 0, 1000, NULL); + if(still_running) + /* wait for activity, timeout or "nothing" */ + mc = curl_multi_poll(mcurl, NULL, 0, 1000, NULL); - if(mc) - break; - } while(still_running); + if(mc) + break; + } while(still_running); + + /* Always cleanup */ + curl_multi_remove_handle(mcurl, curl); + curl_multi_cleanup(mcurl); + } + curl_easy_cleanup(curl); + } - /* Always cleanup */ - curl_multi_remove_handle(mcurl, curl); - curl_multi_cleanup(mcurl); - curl_easy_cleanup(curl); curl_global_cleanup(); return 0; diff --git a/docs/examples/imap-noop.c b/docs/examples/imap-noop.c index 9e5a3da2d5..1d8607590f 100644 --- a/docs/examples/imap-noop.c +++ b/docs/examples/imap-noop.c @@ -39,7 +39,10 @@ int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -65,5 +68,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/imap-search.c b/docs/examples/imap-search.c index 141b06f649..b4e1576b38 100644 --- a/docs/examples/imap-search.c +++ b/docs/examples/imap-search.c @@ -39,7 +39,10 @@ int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -69,5 +72,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/imap-ssl.c b/docs/examples/imap-ssl.c index e632c30e86..59edd130e5 100644 --- a/docs/examples/imap-ssl.c +++ b/docs/examples/imap-ssl.c @@ -40,7 +40,10 @@ int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -90,5 +93,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/imap-store.c b/docs/examples/imap-store.c index d04a6072cc..95d8f07476 100644 --- a/docs/examples/imap-store.c +++ b/docs/examples/imap-store.c @@ -39,7 +39,10 @@ int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -80,5 +83,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/imap-tls.c b/docs/examples/imap-tls.c index 8fbc96bb55..9009174ccf 100644 --- a/docs/examples/imap-tls.c +++ b/docs/examples/imap-tls.c @@ -40,7 +40,10 @@ int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -90,5 +93,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/interface.c b/docs/examples/interface.c index f1a2016ced..0698b6a8e2 100644 --- a/docs/examples/interface.c +++ b/docs/examples/interface.c @@ -31,7 +31,10 @@ int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -48,5 +51,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/ipv6.c b/docs/examples/ipv6.c index 1b698705d0..1a55d64049 100644 --- a/docs/examples/ipv6.c +++ b/docs/examples/ipv6.c @@ -31,7 +31,10 @@ int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -44,5 +47,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/keepalive.c b/docs/examples/keepalive.c index e06d7ff37b..8d55c71337 100644 --- a/docs/examples/keepalive.c +++ b/docs/examples/keepalive.c @@ -31,7 +31,10 @@ int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -54,5 +57,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/localport.c b/docs/examples/localport.c index 7e88ce48a7..2700457211 100644 --- a/docs/examples/localport.c +++ b/docs/examples/localport.c @@ -31,7 +31,10 @@ int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -49,5 +52,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/log_failed_transfers.c b/docs/examples/log_failed_transfers.c index 66e1931677..fe5f02f882 100644 --- a/docs/examples/log_failed_transfers.c +++ b/docs/examples/log_failed_transfers.c @@ -207,6 +207,7 @@ static size_t mywrite(char *ptr, size_t size, size_t nmemb, void *userdata) int main(void) { + CURLcode res; unsigned i; int total_failed = 0; char errbuf[CURL_ERROR_SIZE] = { 0, }; @@ -222,9 +223,10 @@ int main(void) transfer[1].bodyfile = "400.txt"; transfer[1].logfile = "400_transfer_log.txt"; - if(curl_global_init(CURL_GLOBAL_DEFAULT)) { + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) { fprintf(stderr, "curl_global_init failed\n"); - return 1; + return (int)res; } /* You could enable global tracing for extra verbosity when verbosity is @@ -334,5 +336,7 @@ int main(void) printf("\n"); } + curl_global_cleanup(); + return total_failed ? 1 : 0; } diff --git a/docs/examples/maxconnects.c b/docs/examples/maxconnects.c index 2e8e5b50a8..e89f971cf4 100644 --- a/docs/examples/maxconnects.c +++ b/docs/examples/maxconnects.c @@ -31,7 +31,10 @@ int main(void) { CURL *curl; - CURLcode res; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -62,5 +65,8 @@ int main(void) /* always cleanup */ curl_easy_cleanup(curl); } + + curl_global_cleanup(); + return 0; } diff --git a/docs/examples/multi-app.c b/docs/examples/multi-app.c index 5bbf580f82..8deee68370 100644 --- a/docs/examples/multi-app.c +++ b/docs/examples/multi-app.c @@ -52,6 +52,10 @@ int main(void) CURLMsg *msg; /* for picking up messages with the transfer status */ int msgs_left; /* how many messages are left */ + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + /* Allocate one curl handle per transfer */ for(i = 0; i < HANDLECOUNT; i++) handles[i] = curl_easy_init(); @@ -110,6 +114,7 @@ int main(void) } curl_multi_cleanup(multi_handle); + curl_global_cleanup(); return 0; } diff --git a/docs/examples/multi-debugcallback.c b/docs/examples/multi-debugcallback.c index 738732279d..a27c238a57 100644 --- a/docs/examples/multi-debugcallback.c +++ b/docs/examples/multi-debugcallback.c @@ -127,6 +127,10 @@ int main(void) int still_running = 0; /* keep number of running handles */ + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + http_handle = curl_easy_init(); /* set the options (I left out a few, you get the point anyway) */ @@ -157,5 +161,7 @@ int main(void) curl_easy_cleanup(http_handle); + curl_global_cleanup(); + return 0; } diff --git a/docs/examples/multi-double.c b/docs/examples/multi-double.c index 99bd736a9c..8c5c5d687a 100644 --- a/docs/examples/multi-double.c +++ b/docs/examples/multi-double.c @@ -42,6 +42,10 @@ int main(void) int still_running = 1; /* keep number of running handles */ + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + http_handle = curl_easy_init(); http_handle2 = curl_easy_init(); @@ -89,5 +93,7 @@ int main(void) curl_easy_cleanup(http_handle); curl_easy_cleanup(http_handle2); + curl_global_cleanup(); + return 0; } diff --git a/docs/examples/multi-event.c b/docs/examples/multi-event.c index 23dff05ed2..62dc73b33f 100644 --- a/docs/examples/multi-event.c +++ b/docs/examples/multi-event.c @@ -219,12 +219,15 @@ static int handle_socket(CURL *easy, curl_socket_t s, int action, void *userp, int main(int argc, char **argv) { + CURLcode res; + if(argc <= 1) return 0; - if(curl_global_init(CURL_GLOBAL_ALL)) { + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) { fprintf(stderr, "Could not init curl\n"); - return 1; + return (int)res; } base = event_base_new(); diff --git a/docs/examples/multi-formadd.c b/docs/examples/multi-formadd.c index 58c7e641c4..84312ffd16 100644 --- a/docs/examples/multi-formadd.c +++ b/docs/examples/multi-formadd.c @@ -48,6 +48,10 @@ int main(void) struct curl_slist *headerlist = NULL; static const char buf[] = "Expect:"; + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + CURL_IGNORE_DEPRECATION( /* Fill in the file upload field. This makes libcurl load data from the given file name when curl_easy_perform() is called. */ @@ -116,5 +120,6 @@ int main(void) /* free slist */ curl_slist_free_all(headerlist); } + curl_global_cleanup(); return 0; } diff --git a/docs/examples/multi-legacy.c b/docs/examples/multi-legacy.c index b0c37ea8d5..63c238f247 100644 --- a/docs/examples/multi-legacy.c +++ b/docs/examples/multi-legacy.c @@ -58,6 +58,10 @@ int main(void) CURLMsg *msg; /* for picking up messages with the transfer status */ int msgs_left; /* how many messages are left */ + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + /* Allocate one curl handle per transfer */ for(i = 0; i < HANDLECOUNT; i++) handles[i] = curl_easy_init(); @@ -187,5 +191,7 @@ int main(void) for(i = 0; i < HANDLECOUNT; i++) curl_easy_cleanup(handles[i]); + curl_global_cleanup(); + return 0; } diff --git a/docs/examples/multi-post.c b/docs/examples/multi-post.c index 84af48f4bf..45416b8511 100644 --- a/docs/examples/multi-post.c +++ b/docs/examples/multi-post.c @@ -43,6 +43,10 @@ int main(void) struct curl_slist *headerlist = NULL; static const char buf[] = "Expect:"; + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + curl = curl_easy_init(); multi_handle = curl_multi_init(); @@ -100,5 +104,6 @@ int main(void) /* free slist */ curl_slist_free_all(headerlist); } + curl_global_cleanup(); return 0; } diff --git a/docs/examples/multi-single.c b/docs/examples/multi-single.c index 0ead96f487..3ba26e79db 100644 --- a/docs/examples/multi-single.c +++ b/docs/examples/multi-single.c @@ -41,7 +41,9 @@ int main(void) CURLM *multi_handle; int still_running = 1; /* keep number of running handles */ - curl_global_init(CURL_GLOBAL_DEFAULT); + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; http_handle = curl_easy_init(); diff --git a/docs/examples/multi-uv.c b/docs/examples/multi-uv.c index cc27668d57..b4f5587c0f 100644 --- a/docs/examples/multi-uv.c +++ b/docs/examples/multi-uv.c @@ -226,13 +226,16 @@ static int cb_socket(CURL *easy, curl_socket_t s, int action, int main(int argc, char **argv) { + CURLcode res; struct datauv uv = { 0 }; int running_handles; if(argc <= 1) return 0; - curl_global_init(CURL_GLOBAL_ALL); + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; uv.loop = uv_default_loop(); uv_timer_init(uv.loop, &uv.timeout); @@ -251,6 +254,7 @@ int main(int argc, char **argv) curl_multi_socket_action(uv.multi, CURL_SOCKET_TIMEOUT, 0, &running_handles); uv_run(uv.loop, UV_RUN_DEFAULT); curl_multi_cleanup(uv.multi); + curl_global_cleanup(); curl_global_cleanup(); diff --git a/docs/examples/multithread.c b/docs/examples/multithread.c index a47758062f..5818dfebee 100644 --- a/docs/examples/multithread.c +++ b/docs/examples/multithread.c @@ -72,11 +72,14 @@ static void *pull_one_url(void *pindex) int main(void) { + CURLcode res; pthread_t tid[NUMT]; int i; /* Must initialize libcurl before any threads are started */ - curl_global_init(CURL_GLOBAL_ALL); + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; for(i = 0; i < NUMT; i++) { int error = pthread_create(&tid[i], diff --git a/docs/examples/netrc.c b/docs/examples/netrc.c index 42e1b6341e..148a7e422b 100644 --- a/docs/examples/netrc.c +++ b/docs/examples/netrc.c @@ -31,7 +31,10 @@ int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -45,5 +48,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/persistent.c b/docs/examples/persistent.c index ffcf343fbf..7cde055d69 100644 --- a/docs/examples/persistent.c +++ b/docs/examples/persistent.c @@ -32,9 +32,10 @@ int main(void) { CURL *curl; - CURLcode res; - curl_global_init(CURL_GLOBAL_ALL); + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -68,5 +69,5 @@ int main(void) curl_global_cleanup(); - return 0; + return (int)res; } diff --git a/docs/examples/pop3-authzid.c b/docs/examples/pop3-authzid.c index 3281b322bb..8cfe80bca2 100644 --- a/docs/examples/pop3-authzid.c +++ b/docs/examples/pop3-authzid.c @@ -39,7 +39,10 @@ int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -68,5 +71,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/pop3-dele.c b/docs/examples/pop3-dele.c index fe3795c245..84592da4f9 100644 --- a/docs/examples/pop3-dele.c +++ b/docs/examples/pop3-dele.c @@ -39,7 +39,10 @@ int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -68,5 +71,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/pop3-list.c b/docs/examples/pop3-list.c index 2cd44e41cd..05ecc66233 100644 --- a/docs/examples/pop3-list.c +++ b/docs/examples/pop3-list.c @@ -39,7 +39,10 @@ int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -62,5 +65,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/pop3-multi.c b/docs/examples/pop3-multi.c index 54eb7ecc32..4d418a7d09 100644 --- a/docs/examples/pop3-multi.c +++ b/docs/examples/pop3-multi.c @@ -38,46 +38,50 @@ int main(void) { + CURLcode res; CURL *curl; - CURLM *mcurl; - int still_running = 1; - curl_global_init(CURL_GLOBAL_DEFAULT); + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); - if(!curl) - return 1; + if(curl) { + CURLM *mcurl; - mcurl = curl_multi_init(); - if(!mcurl) - return 2; + mcurl = curl_multi_init(); + if(mcurl) { + int still_running = 1; - /* Set username and password */ - curl_easy_setopt(curl, CURLOPT_USERNAME, "user"); - curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret"); + /* Set username and password */ + curl_easy_setopt(curl, CURLOPT_USERNAME, "user"); + curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret"); - /* This retrieves message 1 from the user's mailbox */ - curl_easy_setopt(curl, CURLOPT_URL, "pop3://pop.example.com/1"); + /* This retrieves message 1 from the user's mailbox */ + curl_easy_setopt(curl, CURLOPT_URL, "pop3://pop.example.com/1"); - /* Tell the multi stack about our easy handle */ - curl_multi_add_handle(mcurl, curl); + /* Tell the multi stack about our easy handle */ + curl_multi_add_handle(mcurl, curl); - do { - CURLMcode mc = curl_multi_perform(mcurl, &still_running); + do { + CURLMcode mc = curl_multi_perform(mcurl, &still_running); - if(still_running) - /* wait for activity, timeout or "nothing" */ - mc = curl_multi_poll(mcurl, NULL, 0, 1000, NULL); + if(still_running) + /* wait for activity, timeout or "nothing" */ + mc = curl_multi_poll(mcurl, NULL, 0, 1000, NULL); - if(mc) - break; + if(mc) + break; - } while(still_running); + } while(still_running); + + /* Always cleanup */ + curl_multi_remove_handle(mcurl, curl); + curl_multi_cleanup(mcurl); + } + curl_easy_cleanup(curl); + } - /* Always cleanup */ - curl_multi_remove_handle(mcurl, curl); - curl_multi_cleanup(mcurl); - curl_easy_cleanup(curl); curl_global_cleanup(); return 0; diff --git a/docs/examples/pop3-noop.c b/docs/examples/pop3-noop.c index 16181d2875..0ab6eb2d14 100644 --- a/docs/examples/pop3-noop.c +++ b/docs/examples/pop3-noop.c @@ -39,7 +39,10 @@ int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -68,5 +71,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/pop3-retr.c b/docs/examples/pop3-retr.c index 8e690f972f..c89c77e5d6 100644 --- a/docs/examples/pop3-retr.c +++ b/docs/examples/pop3-retr.c @@ -39,7 +39,10 @@ int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -62,5 +65,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/pop3-ssl.c b/docs/examples/pop3-ssl.c index 23dd959ea0..63a9edca70 100644 --- a/docs/examples/pop3-ssl.c +++ b/docs/examples/pop3-ssl.c @@ -40,7 +40,10 @@ int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -89,5 +92,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/pop3-stat.c b/docs/examples/pop3-stat.c index 419859bfa6..afaf79c9a4 100644 --- a/docs/examples/pop3-stat.c +++ b/docs/examples/pop3-stat.c @@ -39,7 +39,10 @@ int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -68,5 +71,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/pop3-tls.c b/docs/examples/pop3-tls.c index b2f504c475..a4a7208986 100644 --- a/docs/examples/pop3-tls.c +++ b/docs/examples/pop3-tls.c @@ -40,7 +40,10 @@ int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -89,5 +92,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/pop3-top.c b/docs/examples/pop3-top.c index 7ceba881b2..7584503b0c 100644 --- a/docs/examples/pop3-top.c +++ b/docs/examples/pop3-top.c @@ -39,7 +39,10 @@ int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -65,5 +68,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/pop3-uidl.c b/docs/examples/pop3-uidl.c index 496e5b08d4..aec1034231 100644 --- a/docs/examples/pop3-uidl.c +++ b/docs/examples/pop3-uidl.c @@ -39,7 +39,10 @@ int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -65,5 +68,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/post-callback.c b/docs/examples/post-callback.c index fa0c575e65..7c5a87e9ac 100644 --- a/docs/examples/post-callback.c +++ b/docs/examples/post-callback.c @@ -79,7 +79,7 @@ int main(void) if(res != CURLE_OK) { fprintf(stderr, "curl_global_init() failed: %s\n", curl_easy_strerror(res)); - return 1; + return (int)res; } /* get a curl handle */ diff --git a/docs/examples/postinmemory.c b/docs/examples/postinmemory.c index cbdc77f75c..2a8f2b6dd0 100644 --- a/docs/examples/postinmemory.c +++ b/docs/examples/postinmemory.c @@ -63,10 +63,13 @@ int main(void) struct MemoryStruct chunk; static const char *postthis = "Field=1&Field=2&Field=3"; + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + chunk.memory = malloc(1); /* grown as needed by realloc above */ chunk.size = 0; /* no data at this point */ - curl_global_init(CURL_GLOBAL_ALL); curl = curl_easy_init(); if(curl) { curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.org/"); diff --git a/docs/examples/postit2-formadd.c b/docs/examples/postit2-formadd.c index 88fb924750..81f8bfd27c 100644 --- a/docs/examples/postit2-formadd.c +++ b/docs/examples/postit2-formadd.c @@ -57,7 +57,9 @@ int main(int argc, char *argv[]) struct curl_slist *headerlist = NULL; static const char buf[] = "Expect:"; - curl_global_init(CURL_GLOBAL_ALL); + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; CURL_IGNORE_DEPRECATION( /* Fill in the file upload field */ diff --git a/docs/examples/postit2.c b/docs/examples/postit2.c index d16d3fccf6..c42ea812c1 100644 --- a/docs/examples/postit2.c +++ b/docs/examples/postit2.c @@ -53,7 +53,9 @@ int main(int argc, char *argv[]) struct curl_slist *headerlist = NULL; static const char buf[] = "Expect:"; - curl_global_init(CURL_GLOBAL_ALL); + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { diff --git a/docs/examples/progressfunc.c b/docs/examples/progressfunc.c index e164f03ca5..012fd1e6ae 100644 --- a/docs/examples/progressfunc.c +++ b/docs/examples/progressfunc.c @@ -70,9 +70,12 @@ static int xferinfo(void *p, int main(void) { CURL *curl; - CURLcode res = CURLE_OK; struct myprogress prog; + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + curl = curl_easy_init(); if(curl) { prog.lastruntime = 0; @@ -93,5 +96,6 @@ int main(void) /* always cleanup */ curl_easy_cleanup(curl); } + curl_global_cleanup(); return (int)res; } diff --git a/docs/examples/protofeats.c b/docs/examples/protofeats.c index 3e762218ae..fef4a3798d 100644 --- a/docs/examples/protofeats.c +++ b/docs/examples/protofeats.c @@ -37,7 +37,9 @@ int main(void) curl_version_info_data *ver; const char *const *ptr; - curl_global_init(CURL_GLOBAL_ALL); + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; ver = curl_version_info(CURLVERSION_NOW); printf("Protocols:\n"); diff --git a/docs/examples/range.c b/docs/examples/range.c index c8229fca4d..ec85ed878d 100644 --- a/docs/examples/range.c +++ b/docs/examples/range.c @@ -30,7 +30,10 @@ int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -41,5 +44,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/resolve.c b/docs/examples/resolve.c index 6514e93d8d..4ccc3ff1d8 100644 --- a/docs/examples/resolve.c +++ b/docs/examples/resolve.c @@ -32,7 +32,6 @@ int main(void) { CURL *curl; - CURLcode res = CURLE_OK; /* Each single name resolve string should be written using the format HOST:PORT:ADDRESS where HOST is the name libcurl tries to resolve, PORT @@ -42,6 +41,10 @@ int main(void) struct curl_slist *host = curl_slist_append(NULL, "example.com:443:127.0.0.1"); + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + curl = curl_easy_init(); if(curl) { curl_easy_setopt(curl, CURLOPT_RESOLVE, host); @@ -53,6 +56,7 @@ int main(void) } curl_slist_free_all(host); + curl_global_cleanup(); return (int)res; } diff --git a/docs/examples/rtsp-options.c b/docs/examples/rtsp-options.c index d1ddbf01ff..50d5e2f27e 100644 --- a/docs/examples/rtsp-options.c +++ b/docs/examples/rtsp-options.c @@ -31,7 +31,10 @@ int main(void) { CURL *curl; - CURLcode res; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -51,5 +54,6 @@ int main(void) /* always cleanup */ curl_easy_cleanup(curl); } + curl_global_cleanup(); return 0; } diff --git a/docs/examples/sendrecv.c b/docs/examples/sendrecv.c index 8cbb5b0722..71faeb4ad3 100644 --- a/docs/examples/sendrecv.c +++ b/docs/examples/sendrecv.c @@ -83,6 +83,10 @@ int main(void) const char *request = "GET / HTTP/1.0\r\nHost: example.com\r\n\r\n"; size_t request_len = strlen(request); + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + /* A general note of caution here: if you are using curl_easy_recv() or curl_easy_send() to implement HTTP or _any_ other protocol libcurl supports "natively", you are doing it wrong and you should stop. @@ -93,7 +97,6 @@ int main(void) curl = curl_easy_init(); if(curl) { - CURLcode res; curl_socket_t sockfd; size_t nsent_total = 0; @@ -175,5 +178,6 @@ int main(void) /* always cleanup */ curl_easy_cleanup(curl); } + curl_global_cleanup(); return 0; } diff --git a/docs/examples/sepheaders.c b/docs/examples/sepheaders.c index 097183f821..cea07fd566 100644 --- a/docs/examples/sepheaders.c +++ b/docs/examples/sepheaders.c @@ -38,60 +38,65 @@ static size_t write_data(void *ptr, size_t size, size_t nmemb, void *stream) int main(void) { - CURLcode res; CURL *curl_handle; - static const char *headerfilename = "head.out"; - FILE *headerfile; - static const char *bodyfilename = "body.out"; - FILE *bodyfile; - curl_global_init(CURL_GLOBAL_ALL); + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; /* init the curl session */ curl_handle = curl_easy_init(); + if(curl_handle) { + static const char *headerfilename = "head.out"; + FILE *headerfile; + static const char *bodyfilename = "body.out"; + FILE *bodyfile; - /* set URL to get */ - curl_easy_setopt(curl_handle, CURLOPT_URL, "https://example.com"); + /* set URL to get */ + curl_easy_setopt(curl_handle, CURLOPT_URL, "https://example.com"); - /* no progress meter please */ - curl_easy_setopt(curl_handle, CURLOPT_NOPROGRESS, 1L); + /* no progress meter please */ + curl_easy_setopt(curl_handle, CURLOPT_NOPROGRESS, 1L); - /* send all data to this function */ - curl_easy_setopt(curl_handle, CURLOPT_WRITEFUNCTION, write_data); + /* send all data to this function */ + curl_easy_setopt(curl_handle, CURLOPT_WRITEFUNCTION, write_data); - /* open the header file */ - headerfile = fopen(headerfilename, "wb"); - if(!headerfile) { - curl_easy_cleanup(curl_handle); - return -1; - } + /* open the header file */ + headerfile = fopen(headerfilename, "wb"); + if(!headerfile) { + curl_easy_cleanup(curl_handle); + curl_global_cleanup(); + return -1; + } - /* open the body file */ - bodyfile = fopen(bodyfilename, "wb"); - if(!bodyfile) { - curl_easy_cleanup(curl_handle); + /* open the body file */ + bodyfile = fopen(bodyfilename, "wb"); + if(!bodyfile) { + curl_easy_cleanup(curl_handle); + fclose(headerfile); + curl_global_cleanup(); + return -1; + } + + /* we want the headers be written to this file handle */ + curl_easy_setopt(curl_handle, CURLOPT_HEADERDATA, headerfile); + + /* we want the body be written to this file handle instead of stdout */ + curl_easy_setopt(curl_handle, CURLOPT_WRITEDATA, bodyfile); + + /* get it! */ + res = curl_easy_perform(curl_handle); + + /* close the header file */ fclose(headerfile); - return -1; + + /* close the body file */ + fclose(bodyfile); + + /* cleanup curl stuff */ + curl_easy_cleanup(curl_handle); } - /* we want the headers be written to this file handle */ - curl_easy_setopt(curl_handle, CURLOPT_HEADERDATA, headerfile); - - /* we want the body be written to this file handle instead of stdout */ - curl_easy_setopt(curl_handle, CURLOPT_WRITEDATA, bodyfile); - - /* get it! */ - res = curl_easy_perform(curl_handle); - - /* close the header file */ - fclose(headerfile); - - /* close the body file */ - fclose(bodyfile); - - /* cleanup curl stuff */ - curl_easy_cleanup(curl_handle); - curl_global_cleanup(); return (int)res; diff --git a/docs/examples/sessioninfo.c b/docs/examples/sessioninfo.c index bbdcfe8d23..c7ea52ccc2 100644 --- a/docs/examples/sessioninfo.c +++ b/docs/examples/sessioninfo.c @@ -96,9 +96,9 @@ static size_t wrfu(void *ptr, size_t size, size_t nmemb, void *stream) int main(void) { - CURLcode res = CURLE_OK; - - curl_global_init(CURL_GLOBAL_DEFAULT); + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { diff --git a/docs/examples/sftpget.c b/docs/examples/sftpget.c index 4d33939a40..36653c5b82 100644 --- a/docs/examples/sftpget.c +++ b/docs/examples/sftpget.c @@ -62,13 +62,14 @@ static size_t my_fwrite(void *buffer, size_t size, size_t nmemb, int main(void) { CURL *curl; - CURLcode res; struct FtpFile ftpfile = { "yourfile.bin", /* name to store the file as if successful */ NULL }; - curl_global_init(CURL_GLOBAL_DEFAULT); + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -108,5 +109,5 @@ int main(void) curl_global_cleanup(); - return 0; + return (int)res; } diff --git a/docs/examples/sftpuploadresume.c b/docs/examples/sftpuploadresume.c index f1f7b0c275..4bb0f3e48e 100644 --- a/docs/examples/sftpuploadresume.c +++ b/docs/examples/sftpuploadresume.c @@ -125,7 +125,10 @@ int main(void) const char *filename = "filename"; CURL *curlhandle = NULL; - curl_global_init(CURL_GLOBAL_ALL); + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + curlhandle = curl_easy_init(); if(!sftpResumeUpload(curlhandle, remote, filename)) { diff --git a/docs/examples/shared-connection-cache.c b/docs/examples/shared-connection-cache.c index dc6805a9f1..a8549d7766 100644 --- a/docs/examples/shared-connection-cache.c +++ b/docs/examples/shared-connection-cache.c @@ -51,6 +51,10 @@ int main(void) CURLSH *share; int i; + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + share = curl_share_init(); curl_share_setopt(share, CURLSHOPT_SHARE, CURL_LOCK_DATA_CONNECT); @@ -63,8 +67,6 @@ int main(void) for(i = 0; i < 3; i++) { CURL *curl = curl_easy_init(); if(curl) { - CURLcode res; - curl_easy_setopt(curl, CURLOPT_URL, "https://curl.se/"); /* use the share object */ @@ -83,5 +85,6 @@ int main(void) } curl_share_cleanup(share); - return 0; + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/simple.c b/docs/examples/simple.c index 53c8e4754f..29ed14313e 100644 --- a/docs/examples/simple.c +++ b/docs/examples/simple.c @@ -31,7 +31,10 @@ int main(void) { CURL *curl; - CURLcode res; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -49,5 +52,6 @@ int main(void) /* always cleanup */ curl_easy_cleanup(curl); } + curl_global_cleanup(); return 0; } diff --git a/docs/examples/simplepost.c b/docs/examples/simplepost.c index 7ced982fe0..b1175ba924 100644 --- a/docs/examples/simplepost.c +++ b/docs/examples/simplepost.c @@ -31,11 +31,14 @@ int main(void) { - CURL *curl; - CURLcode res; - static const char *postthis = "moo mooo moo moo"; + CURL *curl; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + curl = curl_easy_init(); if(curl) { curl_easy_setopt(curl, CURLOPT_URL, "https://example.com"); @@ -54,5 +57,6 @@ int main(void) /* always cleanup */ curl_easy_cleanup(curl); } - return 0; + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/simplessl.c b/docs/examples/simplessl.c index 220dc62bcd..5da79a79a0 100644 --- a/docs/examples/simplessl.c +++ b/docs/examples/simplessl.c @@ -77,7 +77,11 @@ int main(void) if(!headerfile) return 1; - curl_global_init(CURL_GLOBAL_DEFAULT); + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) { + fclose(headerfile); + return (int)res; + } curl = curl_easy_init(); if(curl) { diff --git a/docs/examples/smooth-gtk-thread.c b/docs/examples/smooth-gtk-thread.c index 3b615cb344..29d134db47 100644 --- a/docs/examples/smooth-gtk-thread.c +++ b/docs/examples/smooth-gtk-thread.c @@ -169,7 +169,9 @@ int main(int argc, char **argv) GtkWidget *top_window, *outside_frame, *inside_frame, *progress_bar; /* Must initialize libcurl before any threads are started */ - curl_global_init(CURL_GLOBAL_ALL); + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; /* Init thread */ g_thread_init(NULL); diff --git a/docs/examples/smtp-authzid.c b/docs/examples/smtp-authzid.c index daaeab1694..addc17691e 100644 --- a/docs/examples/smtp-authzid.c +++ b/docs/examples/smtp-authzid.c @@ -95,10 +95,13 @@ static size_t payload_source(char *ptr, size_t size, size_t nmemb, void *userp) int main(void) { CURL *curl; - CURLcode res = CURLE_OK; struct curl_slist *recipients = NULL; struct upload_status upload_ctx = { 0 }; + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + curl = curl_easy_init(); if(curl) { /* This is the URL for your mailserver. In this example we connect to the @@ -158,5 +161,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/smtp-expn.c b/docs/examples/smtp-expn.c index 202d1d089f..baec49be69 100644 --- a/docs/examples/smtp-expn.c +++ b/docs/examples/smtp-expn.c @@ -42,9 +42,12 @@ int main(void) { CURL *curl; - CURLcode res; struct curl_slist *recipients = NULL; + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + curl = curl_easy_init(); if(curl) { /* This is the URL for your mailserver */ @@ -77,5 +80,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return 0; } diff --git a/docs/examples/smtp-mail.c b/docs/examples/smtp-mail.c index 29918de7ff..6583fc4709 100644 --- a/docs/examples/smtp-mail.c +++ b/docs/examples/smtp-mail.c @@ -92,10 +92,13 @@ static size_t payload_source(char *ptr, size_t size, size_t nmemb, void *userp) int main(void) { CURL *curl; - CURLcode res = CURLE_OK; struct curl_slist *recipients = NULL; struct upload_status upload_ctx = { 0 }; + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + curl = curl_easy_init(); if(curl) { /* This is the URL for your mailserver */ @@ -146,5 +149,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/smtp-mime.c b/docs/examples/smtp-mime.c index 7a2a9c618b..d26021ef34 100644 --- a/docs/examples/smtp-mime.c +++ b/docs/examples/smtp-mime.c @@ -71,7 +71,10 @@ static const char inline_html[] = int main(void) { CURL *curl; - CURLcode res = CURLE_OK; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -164,5 +167,7 @@ int main(void) curl_mime_free(mime); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/smtp-multi.c b/docs/examples/smtp-multi.c index 8837c57fd8..f7619465ee 100644 --- a/docs/examples/smtp-multi.c +++ b/docs/examples/smtp-multi.c @@ -85,68 +85,72 @@ static size_t payload_source(char *ptr, size_t size, size_t nmemb, void *userp) int main(void) { CURL *curl; - CURLM *mcurl; - int still_running = 1; - struct curl_slist *recipients = NULL; - struct upload_status upload_ctx = { 0 }; - curl_global_init(CURL_GLOBAL_DEFAULT); + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); - if(!curl) - return 1; + if(curl) { + CURLM *mcurl; - mcurl = curl_multi_init(); - if(!mcurl) - return 2; + mcurl = curl_multi_init(); + if(mcurl) { + int still_running = 1; + struct curl_slist *recipients = NULL; + struct upload_status upload_ctx = { 0 }; - /* This is the URL for your mailserver */ - curl_easy_setopt(curl, CURLOPT_URL, "smtp://mail.example.com"); + /* This is the URL for your mailserver */ + curl_easy_setopt(curl, CURLOPT_URL, "smtp://mail.example.com"); - /* Note that this option is not strictly required, omitting it results in - * libcurl sending the MAIL FROM command with empty sender data. All - * autoresponses should have an empty reverse-path, and should be directed - * to the address in the reverse-path which triggered them. Otherwise, they - * could cause an endless loop. See RFC 5321 Section 4.5.5 for more details. - */ - curl_easy_setopt(curl, CURLOPT_MAIL_FROM, FROM_MAIL); + /* Note that this option is not strictly required, omitting it results + * in libcurl sending the MAIL FROM command with empty sender data. All + * autoresponses should have an empty reverse-path, and should be + * directed to the address in the reverse-path which triggered them. + * Otherwise, they could cause an endless loop. See RFC 5321 Section + * 4.5.5 for more details. + */ + curl_easy_setopt(curl, CURLOPT_MAIL_FROM, FROM_MAIL); - /* Add two recipients, in this particular case they correspond to the - * To: and Cc: addressees in the header, but they could be any kind of - * recipient. */ - recipients = curl_slist_append(recipients, TO_MAIL); - recipients = curl_slist_append(recipients, CC_MAIL); - curl_easy_setopt(curl, CURLOPT_MAIL_RCPT, recipients); + /* Add two recipients, in this particular case they correspond to the + * To: and Cc: addressees in the header, but they could be any kind of + * recipient. */ + recipients = curl_slist_append(recipients, TO_MAIL); + recipients = curl_slist_append(recipients, CC_MAIL); + curl_easy_setopt(curl, CURLOPT_MAIL_RCPT, recipients); - /* We are using a callback function to specify the payload (the headers and - * body of the message). You could just use the CURLOPT_READDATA option to - * specify a FILE pointer to read from. */ - curl_easy_setopt(curl, CURLOPT_READFUNCTION, payload_source); - curl_easy_setopt(curl, CURLOPT_READDATA, &upload_ctx); - curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L); + /* We are using a callback function to specify the payload (the headers + * and body of the message). You could just use the CURLOPT_READDATA + * option to specify a FILE pointer to read from. */ + curl_easy_setopt(curl, CURLOPT_READFUNCTION, payload_source); + curl_easy_setopt(curl, CURLOPT_READDATA, &upload_ctx); + curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L); - /* Tell the multi stack about our easy handle */ - curl_multi_add_handle(mcurl, curl); + /* Tell the multi stack about our easy handle */ + curl_multi_add_handle(mcurl, curl); - do { - CURLMcode mc = curl_multi_perform(mcurl, &still_running); + do { + CURLMcode mc = curl_multi_perform(mcurl, &still_running); - if(still_running) - /* wait for activity, timeout or "nothing" */ - mc = curl_multi_poll(mcurl, NULL, 0, 1000, NULL); + if(still_running) + /* wait for activity, timeout or "nothing" */ + mc = curl_multi_poll(mcurl, NULL, 0, 1000, NULL); - if(mc) - break; + if(mc) + break; - } while(still_running); + } while(still_running); - /* Free the list of recipients */ - curl_slist_free_all(recipients); + /* Free the list of recipients */ + curl_slist_free_all(recipients); + + /* Always cleanup */ + curl_multi_remove_handle(mcurl, curl); + curl_multi_cleanup(mcurl); + } + curl_easy_cleanup(curl); + } - /* Always cleanup */ - curl_multi_remove_handle(mcurl, curl); - curl_multi_cleanup(mcurl); - curl_easy_cleanup(curl); curl_global_cleanup(); return 0; diff --git a/docs/examples/smtp-ssl.c b/docs/examples/smtp-ssl.c index c88b4fe7ca..f952441c9c 100644 --- a/docs/examples/smtp-ssl.c +++ b/docs/examples/smtp-ssl.c @@ -89,10 +89,13 @@ static size_t payload_source(char *ptr, size_t size, size_t nmemb, void *userp) int main(void) { CURL *curl; - CURLcode res = CURLE_OK; struct curl_slist *recipients = NULL; struct upload_status upload_ctx = { 0 }; + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + curl = curl_easy_init(); if(curl) { /* Set username and password */ @@ -166,5 +169,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/smtp-tls.c b/docs/examples/smtp-tls.c index 34a00bd548..3eaea9d879 100644 --- a/docs/examples/smtp-tls.c +++ b/docs/examples/smtp-tls.c @@ -89,10 +89,13 @@ static size_t payload_source(char *ptr, size_t size, size_t nmemb, void *userp) int main(void) { CURL *curl; - CURLcode res = CURLE_OK; struct curl_slist *recipients = NULL; struct upload_status upload_ctx = { 0 }; + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + curl = curl_easy_init(); if(curl) { /* Set username and password */ @@ -169,5 +172,7 @@ int main(void) curl_easy_cleanup(curl); } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/smtp-vrfy.c b/docs/examples/smtp-vrfy.c index 0135efef2d..76dd8069ad 100644 --- a/docs/examples/smtp-vrfy.c +++ b/docs/examples/smtp-vrfy.c @@ -45,9 +45,12 @@ int main(void) { CURL *curl; - CURLcode res; struct curl_slist *recipients = NULL; + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + curl = curl_easy_init(); if(curl) { /* This is the URL for your mailserver */ @@ -77,5 +80,7 @@ int main(void) curl_easy_cleanup(curl); } - return 0; + curl_global_cleanup(); + + return (int)res; } diff --git a/docs/examples/synctime.c b/docs/examples/synctime.c index d5f5a5bfde..da2c7ea0f3 100644 --- a/docs/examples/synctime.c +++ b/docs/examples/synctime.c @@ -245,6 +245,7 @@ static int conf_init(struct conf *conf) int main(int argc, char *argv[]) { + CURLcode res; CURL *curl; struct conf conf[1]; int RetValue; @@ -285,7 +286,10 @@ int main(int argc, char *argv[]) snprintf(conf->timeserver, MAX_STRING, "%s", DefaultTimeServer[0]); /* Init CURL before usage */ - curl_global_init(CURL_GLOBAL_ALL); + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + curl = curl_easy_init(); if(curl) { struct tm *lt; diff --git a/docs/examples/threaded-ssl.c b/docs/examples/threaded-ssl.c index fb60b7f160..7f09a76fc1 100644 --- a/docs/examples/threaded-ssl.c +++ b/docs/examples/threaded-ssl.c @@ -72,13 +72,16 @@ static void *pull_one_url(void *pindex) int main(int argc, char **argv) { + CURLcode res; pthread_t tid[NUMT]; int i; (void)argc; (void)argv; /* Must initialize libcurl before any threads are started */ - curl_global_init(CURL_GLOBAL_ALL); + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; for(i = 0; i < NUMT; i++) { int error = pthread_create(&tid[i], diff --git a/docs/examples/unixsocket.c b/docs/examples/unixsocket.c index 63acd4b6a2..738ffc2c97 100644 --- a/docs/examples/unixsocket.c +++ b/docs/examples/unixsocket.c @@ -41,7 +41,10 @@ int main(void) { CURL *curl; - CURLcode res; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -63,5 +66,6 @@ int main(void) /* always cleanup */ curl_easy_cleanup(curl); } - return 0; + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/url2file.c b/docs/examples/url2file.c index c55d2a77c7..2e8e225fce 100644 --- a/docs/examples/url2file.c +++ b/docs/examples/url2file.c @@ -38,8 +38,7 @@ static size_t write_data(void *ptr, size_t size, size_t nmemb, void *stream) int main(int argc, char *argv[]) { - CURLcode res = CURLE_OK; - + CURLcode res; CURL *curl_handle; static const char *pagefilename = "page.out"; FILE *pagefile; @@ -49,7 +48,11 @@ int main(int argc, char *argv[]) return 1; } - curl_global_init(CURL_GLOBAL_ALL); + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) { + fprintf(stderr, "Could not init curl\n"); + return (int)res; + } /* init the curl session */ curl_handle = curl_easy_init(); diff --git a/docs/examples/urlapi.c b/docs/examples/urlapi.c index 2ed78eb11f..8953146e4d 100644 --- a/docs/examples/urlapi.c +++ b/docs/examples/urlapi.c @@ -35,11 +35,14 @@ int main(void) { CURL *curl; - CURLcode res; CURLU *urlp; CURLUcode uc; + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + /* get a curl handle */ curl = curl_easy_init(); @@ -73,5 +76,6 @@ int main(void) cleanup: curl_url_cleanup(urlp); curl_easy_cleanup(curl); - return 0; + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/usercertinmem.c b/docs/examples/usercertinmem.c index 2a3c2b0006..d95e2a1cdd 100644 --- a/docs/examples/usercertinmem.c +++ b/docs/examples/usercertinmem.c @@ -157,7 +157,10 @@ static CURLcode sslctx_function(CURL *curl, void *sslctx, void *pointer) int main(void) { CURL *ch; - CURLcode rv; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl_global_init(CURL_GLOBAL_ALL); ch = curl_easy_init(); @@ -180,8 +183,8 @@ int main(void) curl_easy_setopt(ch, CURLOPT_SSLKEYTYPE, "PEM"); /* first try: retrieve page without user certificate and key -> fails */ - rv = curl_easy_perform(ch); - if(rv == CURLE_OK) + res = curl_easy_perform(ch); + if(res == CURLE_OK) printf("*** transfer succeeded ***\n"); else printf("*** transfer failed ***\n"); @@ -191,13 +194,13 @@ int main(void) * "modifications" to the SSL CONTEXT just before link init */ curl_easy_setopt(ch, CURLOPT_SSL_CTX_FUNCTION, sslctx_function); - rv = curl_easy_perform(ch); - if(rv == CURLE_OK) + res = curl_easy_perform(ch); + if(res == CURLE_OK) printf("*** transfer succeeded ***\n"); else printf("*** transfer failed ***\n"); curl_easy_cleanup(ch); curl_global_cleanup(); - return (int)rv; + return (int)res; } diff --git a/docs/examples/websocket-cb.c b/docs/examples/websocket-cb.c index 09d6c647dd..aa81d89ab1 100644 --- a/docs/examples/websocket-cb.c +++ b/docs/examples/websocket-cb.c @@ -44,7 +44,10 @@ static size_t writecb(char *b, size_t size, size_t nitems, void *p) int main(void) { CURL *curl; - CURLcode res; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); if(curl) { @@ -64,5 +67,6 @@ int main(void) /* always cleanup */ curl_easy_cleanup(curl); } - return 0; + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/websocket-updown.c b/docs/examples/websocket-updown.c index 0257c6077e..f95c151cac 100644 --- a/docs/examples/websocket-updown.c +++ b/docs/examples/websocket-updown.c @@ -87,39 +87,42 @@ int main(int argc, const char *argv[]) { CURL *easy; struct read_ctx rctx; - CURLcode res; const char *payload = "Hello, friend!"; + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + memset(&rctx, 0, sizeof(rctx)); easy = curl_easy_init(); - if(!easy) - return 1; + if(easy) { + if(argc == 2) + curl_easy_setopt(easy, CURLOPT_URL, argv[1]); + else + curl_easy_setopt(easy, CURLOPT_URL, "wss://example.com"); - if(argc == 2) - curl_easy_setopt(easy, CURLOPT_URL, argv[1]); - else - curl_easy_setopt(easy, CURLOPT_URL, "wss://example.com"); - - curl_easy_setopt(easy, CURLOPT_WRITEFUNCTION, writecb); - curl_easy_setopt(easy, CURLOPT_WRITEDATA, easy); - curl_easy_setopt(easy, CURLOPT_READFUNCTION, readcb); - /* tell curl that we want to send the payload */ - rctx.easy = easy; - rctx.blen = strlen(payload); - memcpy(rctx.buf, payload, rctx.blen); - curl_easy_setopt(easy, CURLOPT_READDATA, &rctx); - curl_easy_setopt(easy, CURLOPT_UPLOAD, 1L); + curl_easy_setopt(easy, CURLOPT_WRITEFUNCTION, writecb); + curl_easy_setopt(easy, CURLOPT_WRITEDATA, easy); + curl_easy_setopt(easy, CURLOPT_READFUNCTION, readcb); + /* tell curl that we want to send the payload */ + rctx.easy = easy; + rctx.blen = strlen(payload); + memcpy(rctx.buf, payload, rctx.blen); + curl_easy_setopt(easy, CURLOPT_READDATA, &rctx); + curl_easy_setopt(easy, CURLOPT_UPLOAD, 1L); - /* Perform the request, res gets the return code */ - res = curl_easy_perform(easy); - /* Check for errors */ - if(res != CURLE_OK) - fprintf(stderr, "curl_easy_perform() failed: %s\n", - curl_easy_strerror(res)); + /* Perform the request, res gets the return code */ + res = curl_easy_perform(easy); + /* Check for errors */ + if(res != CURLE_OK) + fprintf(stderr, "curl_easy_perform() failed: %s\n", + curl_easy_strerror(res)); - /* always cleanup */ - curl_easy_cleanup(easy); - return 0; + /* always cleanup */ + curl_easy_cleanup(easy); + } + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/websocket.c b/docs/examples/websocket.c index be676839f7..be6cff64a2 100644 --- a/docs/examples/websocket.c +++ b/docs/examples/websocket.c @@ -138,31 +138,34 @@ static CURLcode websocket(CURL *curl) int main(int argc, const char *argv[]) { CURL *curl; - CURLcode res; + + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; curl = curl_easy_init(); - if(!curl) { - return 1; /* memory failure */ + if(curl) { + if(argc == 2) + curl_easy_setopt(curl, CURLOPT_URL, argv[1]); + else + curl_easy_setopt(curl, CURLOPT_URL, "wss://example.com"); + + curl_easy_setopt(curl, CURLOPT_CONNECT_ONLY, 2L); /* websocket style */ + + /* Perform the request, res gets the return code */ + res = curl_easy_perform(curl); + /* Check for errors */ + if(res != CURLE_OK) + fprintf(stderr, "curl_easy_perform() failed: %s\n", + curl_easy_strerror(res)); + else { + /* connected and ready */ + res = websocket(curl); + } + + /* always cleanup */ + curl_easy_cleanup(curl); } - if(argc == 2) - curl_easy_setopt(curl, CURLOPT_URL, argv[1]); - else - curl_easy_setopt(curl, CURLOPT_URL, "wss://example.com"); - - curl_easy_setopt(curl, CURLOPT_CONNECT_ONLY, 2L); /* websocket style */ - - /* Perform the request, res gets the return code */ - res = curl_easy_perform(curl); - /* Check for errors */ - if(res != CURLE_OK) - fprintf(stderr, "curl_easy_perform() failed: %s\n", - curl_easy_strerror(res)); - else { - /* connected and ready */ - res = websocket(curl); - } - - /* always cleanup */ - curl_easy_cleanup(curl); + curl_global_cleanup(); return (int)res; } diff --git a/docs/examples/xmlstream.c b/docs/examples/xmlstream.c index 91c5387888..4f8401be4a 100644 --- a/docs/examples/xmlstream.c +++ b/docs/examples/xmlstream.c @@ -131,8 +131,11 @@ int main(void) XML_SetElementHandler(parser, startElement, endElement); XML_SetCharacterDataHandler(parser, characterDataHandler); + res = curl_global_init(CURL_GLOBAL_ALL); + if(res) + return (int)res; + /* Initialize a libcurl handle. */ - curl_global_init(CURL_GLOBAL_DEFAULT); curl_handle = curl_easy_init(); curl_easy_setopt(curl_handle, CURLOPT_URL, "https://www.w3schools.com/xml/simple.xml"); @@ -166,5 +169,5 @@ int main(void) curl_easy_cleanup(curl_handle); curl_global_cleanup(); - return 0; + return (int)res; } From 1ea99afdc70e2e198c764ee05b794e505d776010 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Tue, 14 Oct 2025 14:39:50 +0200 Subject: [PATCH 0445/2408] scorecard: add perf support on linux When calling scorecard with --flame to produce a flamegraph, use "perf" on linux platforms to do the measurements. Update the scorecard documentation about it. Closes #19058 --- docs/internals/SCORECARD.md | 19 ++--- tests/http/scorecard.py | 11 +-- tests/http/testenv/curl.py | 135 ++++++++++++++++++++++++++++-------- 3 files changed, 119 insertions(+), 46 deletions(-) diff --git a/docs/internals/SCORECARD.md b/docs/internals/SCORECARD.md index 7839e0b61f..5469597604 100644 --- a/docs/internals/SCORECARD.md +++ b/docs/internals/SCORECARD.md @@ -59,15 +59,9 @@ If you have configured curl with `--with-test-danted=` for a with arguments `--socks4` or `--socks5` to test performance with a SOCKS proxy involved. (Note: this does not work for HTTP/3) -## dtrace - -With the `--dtrace` option, scorecard produces a dtrace sample of the user stacks in `tests/http/gen/curl/curl.user_stacks`. On many platforms, `dtrace` requires **special permissions**. It is therefore invoked via `sudo` and you should make sure that sudo works for the run without prompting for a password. - -Note: the file is the trace of the last curl invocation by scorecard. Use the parameters to narrow down the runs to the particular case you are interested in. - ## flame graphs -With the excellent [Flame Graph](https://github.com/brendangregg/FlameGraph) by Brendan Gregg, scorecard can turn the `dtrace` samples into an interactive SVG. Set the environment variable `FLAMEGRAPH` to the location of your clone of that project and invoked scorecard with the `--flame` option. Like +With the excellent [Flame Graph](https://github.com/brendangregg/FlameGraph) by Brendan Gregg, scorecard can turn `perf`/`dtrace` samples into an interactive SVG. Either clone the `Flamegraph` repository next to your `curl` project or set the environment variable `FLAMEGRAPH` to the location of your clone. Then run scorecard with the `--flame` option, like ``` curl> FLAMEGRAPH=/Users/sei/projects/FlameGraph python3 tests/http/scorecard.py \ @@ -75,4 +69,13 @@ curl> FLAMEGRAPH=/Users/sei/projects/FlameGraph python3 tests/http/scorecard.py ``` and the SVG of the run is in `tests/http/gen/curl/curl.flamegraph.svg`. You can open that in Firefox and zoom in/out of stacks of interest. -Note: as with `dtrace`, the flame graph is for the last invocation of curl done by scorecard. +The flame graph is about the last run of `curl`. That is why you should add scorecard arguments +that restrict measurements to a single run. + +### Measures/Privileges + +The `--flame` option uses `perf` on linux and `dtrace` on macOS. Since both tools require special +privileges, they are run via the `sudo` command by scorecard. This means you need to issue a +`sudo` recently enough before running scorecard, so no new password check is needed. + +There is no support right now for measurements on other platforms. diff --git a/tests/http/scorecard.py b/tests/http/scorecard.py index 9c5417f1bf..d987fc586b 100644 --- a/tests/http/scorecard.py +++ b/tests/http/scorecard.py @@ -195,7 +195,6 @@ class ScoreRunner: curl_verbose: int, download_parallel: int = 0, server_addr: Optional[str] = None, - with_dtrace: bool = False, with_flame: bool = False, socks_args: Optional[List[str]] = None, limit_rate: Optional[str] = None): @@ -207,7 +206,6 @@ class ScoreRunner: self.server_port = server_port self._silent_curl = not curl_verbose self._download_parallel = download_parallel - self._with_dtrace = with_dtrace self._with_flame = with_flame self._socks_args = socks_args self._limit_rate = limit_rate @@ -220,7 +218,6 @@ class ScoreRunner: def mk_curl_client(self): return CurlClient(env=self.env, silent=self._silent_curl, server_addr=self.server_addr, - with_dtrace=self._with_dtrace, with_flame=self._with_flame, socks_args=self._socks_args) @@ -726,7 +723,6 @@ def run_score(args, protocol): verbose=args.verbose, curl_verbose=args.curl_verbose, download_parallel=args.download_parallel, - with_dtrace=args.dtrace, with_flame=args.flame, socks_args=socks_args, limit_rate=args.limit_rate) @@ -754,7 +750,6 @@ def run_score(args, protocol): server_port=server_port, verbose=args.verbose, curl_verbose=args.curl_verbose, download_parallel=args.download_parallel, - with_dtrace=args.dtrace, with_flame=args.flame, socks_args=socks_args, limit_rate=args.limit_rate) @@ -782,7 +777,7 @@ def run_score(args, protocol): server_port=server_port, verbose=args.verbose, curl_verbose=args.curl_verbose, download_parallel=args.download_parallel, - with_dtrace=args.dtrace, + with_flame=args.flame, socks_args=socks_args, limit_rate=args.limit_rate) card.setup_resources(server_docs, downloads) @@ -864,10 +859,8 @@ def main(): help="only start the servers") parser.add_argument("--remote", action='store', type=str, default=None, help="score against the remote server at :") - parser.add_argument("--dtrace", action='store_true', - default = False, help="produce dtrace of curl") parser.add_argument("--flame", action='store_true', - default = False, help="produce a flame graph on curl, implies --dtrace") + default = False, help="produce a flame graph on curl") parser.add_argument("--limit-rate", action='store', type=str, default=None, help="use curl's --limit-rate") diff --git a/tests/http/testenv/curl.py b/tests/http/testenv/curl.py index dcff774a63..dc885ab8cb 100644 --- a/tests/http/testenv/curl.py +++ b/tests/http/testenv/curl.py @@ -108,6 +108,42 @@ class RunProfile: f'stats={self.stats}]' +class PerfProfile: + + def __init__(self, pid: int, run_dir): + self._pid = pid + self._run_dir = run_dir + self._proc = None + self._rc = 0 + self._file = os.path.join(self._run_dir, 'curl.perf_stacks') + + def start(self): + if os.path.exists(self._file): + os.remove(self._file) + args = [ + 'sudo', 'perf', 'record', '-F', '99', '-p', f'{self._pid}', + '-g', '--', 'sleep', '60' + ] + self._proc = subprocess.Popen(args, text=True, cwd=self._run_dir, shell=False) + assert self._proc + + def finish(self): + if self._proc: + self._proc.terminate() + self._rc = self._proc.returncode + with open(self._file, 'w') as cout: + p = subprocess.run([ + 'sudo', 'perf', 'script' + ], stdout=cout, cwd=self._run_dir, shell=False) + rc = p.returncode + if rc != 0: + raise Exception(f'perf returned error {rc}') + + @property + def file(self): + return self._file + + class DTraceProfile: def __init__(self, pid: int, run_dir): @@ -115,7 +151,7 @@ class DTraceProfile: self._run_dir = run_dir self._proc = None self._rc = 0 - self._file = os.path.join(self._run_dir, 'curl.user_stacks') + self._file = os.path.join(self._run_dir, 'curl.dtrace_stacks') def start(self): if os.path.exists(self._file): @@ -503,6 +539,7 @@ class CurlClient: run_env: Optional[Dict[str, str]] = None, server_addr: Optional[str] = None, with_dtrace: bool = False, + with_perf: bool = False, with_flame: bool = False, socks_args: Optional[List[str]] = None): self.env = env @@ -514,9 +551,21 @@ class CurlClient: self._headerfile = f'{self._run_dir}/curl.headers' self._log_path = f'{self._run_dir}/curl.log' self._with_dtrace = with_dtrace + self._with_perf = with_perf self._with_flame = with_flame + self._fg_dir = None if self._with_flame: - self._with_dtrace = True + self._fg_dir = os.path.join(self.env.project_dir, '../FlameGraph') + if 'FLAMEGRAPH' in os.environ: + self._fg_dir = os.environ['FLAMEGRAPH'] + if not os.path.exists(self._fg_dir): + raise Exception(f'FlameGraph checkout not found in {self._fg_dir}, set env variable FLAMEGRAPH') + if sys.platform.startswith('linux'): + self._with_perf = True + elif sys.platform.startswith('darwin'): + self._with_dtrace = True + else: + raise Exception(f'flame graphs unsupported on {sys.platform}') self._socks_args = socks_args self._silent = silent self._run_env = run_env @@ -809,6 +858,7 @@ class CurlClient: exception = None profile = None tcpdump = None + perf = None dtrace = None if with_tcpdump: tcpdump = RunTcpDump(self.env, self._run_dir) @@ -826,7 +876,10 @@ class CurlClient: profile = RunProfile(p.pid, started_at, self._run_dir) if intext is not None and False: p.communicate(input=intext.encode(), timeout=1) - if self._with_dtrace: + if self._with_perf: + perf = PerfProfile(p.pid, self._run_dir) + perf.start() + elif self._with_dtrace: dtrace = DTraceProfile(p.pid, self._run_dir) dtrace.start() ptimeout = 0.0 @@ -860,10 +913,12 @@ class CurlClient: ended_at = datetime.now() if tcpdump: tcpdump.finish() + if perf: + perf.finish() if dtrace: dtrace.finish() - if self._with_flame and dtrace: - self._generate_flame(dtrace, args) + if self._with_flame: + self._generate_flame(args, dtrace=dtrace, perf=perf) coutput = open(self._stdoutfile).readlines() cerrput = open(self._stderrfile).readlines() return ExecResult(args=args, exit_code=exitcode, exception=exception, @@ -1004,37 +1059,59 @@ class CurlClient: fin_response(response) return r - def _generate_flame(self, dtrace: DTraceProfile, curl_args: List[str]): - log.info('generating flame graph from dtrace for this run') - if not os.path.exists(dtrace.file): - raise Exception(f'dtrace output file does not exist: {dtrace.file}') - if 'FLAMEGRAPH' not in os.environ: - raise Exception('Env variable FLAMEGRAPH not set') - fg_dir = os.environ['FLAMEGRAPH'] - if not os.path.exists(fg_dir): - raise Exception(f'FlameGraph directory not found: {fg_dir}') - - fg_collapse = os.path.join(fg_dir, 'stackcollapse.pl') + def _perf_collapse(self, perf: PerfProfile, file_err): + if not os.path.exists(perf.file): + raise Exception(f'dtrace output file does not exist: {perf.file}') + fg_collapse = os.path.join(self._fg_dir, 'stackcollapse-perf.pl') if not os.path.exists(fg_collapse): raise Exception(f'FlameGraph script not found: {fg_collapse}') + stacks_collapsed = f'{perf.file}.collapsed' + log.info(f'collapsing stacks into {stacks_collapsed}') + with open(stacks_collapsed, 'w') as cout, open(file_err, 'w') as cerr: + p = subprocess.run([ + fg_collapse, perf.file + ], stdout=cout, stderr=cerr, cwd=self._run_dir, shell=False) + rc = p.returncode + if rc != 0: + raise Exception(f'{fg_collapse} returned error {rc}') + return stacks_collapsed - fg_gen_flame = os.path.join(fg_dir, 'flamegraph.pl') - if not os.path.exists(fg_gen_flame): - raise Exception(f'FlameGraph script not found: {fg_gen_flame}') - - file_collapsed = f'{dtrace.file}.collapsed' - file_svg = os.path.join(self._run_dir, 'curl.flamegraph.svg') - file_err = os.path.join(self._run_dir, 'curl.flamegraph.stderr') - log.info('waiting a sec for dtrace to finish flusheing its buffers') - time.sleep(1) - log.info(f'collapsing stacks into {file_collapsed}') - with open(file_collapsed, 'w') as cout, open(file_err, 'w') as cerr: + def _dtrace_collapse(self, dtrace: DTraceProfile, file_err): + if not os.path.exists(dtrace.file): + raise Exception(f'dtrace output file does not exist: {dtrace.file}') + fg_collapse = os.path.join(self._fg_dir, 'stackcollapse.pl') + if not os.path.exists(fg_collapse): + raise Exception(f'FlameGraph script not found: {fg_collapse}') + stacks_collapsed = f'{dtrace.file}.collapsed' + log.info(f'collapsing stacks into {stacks_collapsed}') + with open(stacks_collapsed, 'w') as cout, open(file_err, 'a') as cerr: p = subprocess.run([ fg_collapse, dtrace.file ], stdout=cout, stderr=cerr, cwd=self._run_dir, shell=False) rc = p.returncode if rc != 0: raise Exception(f'{fg_collapse} returned error {rc}') + return stacks_collapsed + + def _generate_flame(self, curl_args: List[str], + dtrace: Optional[DTraceProfile] = None, + perf: Optional[PerfProfile] = None): + fg_gen_flame = os.path.join(self._fg_dir, 'flamegraph.pl') + file_svg = os.path.join(self._run_dir, 'curl.flamegraph.svg') + if not os.path.exists(fg_gen_flame): + raise Exception(f'FlameGraph script not found: {fg_gen_flame}') + + log.info('waiting a sec for perf/dtrace to finish flushing') + time.sleep(2) + log.info('generating flame graph for this run') + file_err = os.path.join(self._run_dir, 'curl.flamegraph.stderr') + if perf: + stacks_collapsed = self._perf_collapse(perf, file_err) + elif dtrace: + stacks_collapsed = self._dtrace_collapse(dtrace, file_err) + else: + raise Exception('no stacks measure given') + log.info(f'generating graph into {file_svg}') cmdline = ' '.join(curl_args) if len(cmdline) > 80: @@ -1043,11 +1120,11 @@ class CurlClient: else: title = cmdline subtitle = '' - with open(file_svg, 'w') as cout, open(file_err, 'w') as cerr: + with open(file_svg, 'w') as cout, open(file_err, 'a') as cerr: p = subprocess.run([ fg_gen_flame, '--colors', 'green', '--title', title, '--subtitle', subtitle, - file_collapsed + stacks_collapsed ], stdout=cout, stderr=cerr, cwd=self._run_dir, shell=False) rc = p.returncode if rc != 0: From 61dcb56743e5e4a6a014b6e30b6d61c75355ff17 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 14 Oct 2025 10:49:53 +0200 Subject: [PATCH 0446/2408] openldap: explain a const removing typecast Closes #19056 --- lib/openldap.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lib/openldap.c b/lib/openldap.c index fb771161d6..b8afe99529 100644 --- a/lib/openldap.c +++ b/lib/openldap.c @@ -468,6 +468,10 @@ static CURLcode oldap_perform_mechs(struct Curl_easy *data) if(!li) return CURLE_FAILED_INIT; + /* Casting away the const for the 3rd parameter that the LDAP API expects as + a non-const char ** is potentially unsafe but we believe the lack of + const in the API was an oversight and that no LDAP implementation + actually modifies the input. */ rc = ldap_search_ext(li->ld, "", LDAP_SCOPE_BASE, "(objectclass=*)", (char **)CURL_UNCONST(supportedSASLMechanisms), 0, NULL, NULL, NULL, 0, &li->msgid); From 64ed2ea1968e912439442dd3ad6addd8a2acfb84 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 13 Oct 2025 22:57:01 +0200 Subject: [PATCH 0447/2408] examples: check more errors, fix cleanups, scope variables Inspired by Joshua's report on examples. Closes #19055 --- docs/examples/10-at-a-time.c | 68 ++++++----- docs/examples/anyauthput.c | 7 +- docs/examples/cacertinmem.c | 95 ++++++++------- docs/examples/chkspeed.c | 95 ++++++++------- docs/examples/crawler.c | 93 +++++++------- docs/examples/debug.c | 12 +- docs/examples/ftpgetresp.c | 5 +- docs/examples/ftpupload.c | 4 +- docs/examples/ftpuploadresume.c | 8 +- docs/examples/getinmemory.c | 62 +++++----- docs/examples/ghiper.c | 18 +-- docs/examples/htmltidy.c | 49 ++++---- docs/examples/http2-download.c | 14 +-- docs/examples/http2-pushinmemory.c | 9 +- docs/examples/http2-serverpush.c | 12 +- docs/examples/http2-upload.c | 140 +++++++++++---------- docs/examples/multi-app.c | 85 +++++++------ docs/examples/multi-debugcallback.c | 54 +++++---- docs/examples/multi-double.c | 76 ++++++------ docs/examples/multi-event.c | 18 +-- docs/examples/multi-formadd.c | 70 ++++++----- docs/examples/multi-legacy.c | 182 ++++++++++++++-------------- docs/examples/multi-post.c | 95 ++++++++------- docs/examples/multi-single.c | 51 ++++---- docs/examples/multi-uv.c | 27 +++-- docs/examples/multithread.c | 10 +- docs/examples/postinmemory.c | 4 +- docs/examples/postit2.c | 13 +- docs/examples/progressfunc.c | 3 +- docs/examples/sftpuploadresume.c | 14 ++- docs/examples/smooth-gtk-thread.c | 18 +-- docs/examples/smtp-authzid.c | 5 +- docs/examples/smtp-expn.c | 3 +- docs/examples/smtp-mail.c | 5 +- docs/examples/smtp-ssl.c | 5 +- docs/examples/smtp-tls.c | 5 +- docs/examples/smtp-vrfy.c | 3 +- docs/examples/threaded-ssl.c | 18 +-- docs/examples/url2file.c | 47 +++---- docs/examples/urlapi.c | 10 +- docs/examples/usercertinmem.c | 67 +++++----- docs/examples/xmlstream.c | 80 ++++++------ 42 files changed, 874 insertions(+), 785 deletions(-) diff --git a/docs/examples/10-at-a-time.c b/docs/examples/10-at-a-time.c index 48e0030040..87971cbde6 100644 --- a/docs/examples/10-at-a-time.c +++ b/docs/examples/10-at-a-time.c @@ -104,52 +104,54 @@ static void add_transfer(CURLM *cm, unsigned int i, int *left) int main(void) { CURLM *cm; - CURLMsg *msg; - unsigned int transfers = 0; - int msgs_left = -1; - int left = 0; CURLcode res = curl_global_init(CURL_GLOBAL_ALL); if(res) return (int)res; cm = curl_multi_init(); + if(cm) { + CURLMsg *msg; + unsigned int transfers = 0; + int msgs_left = -1; + int left = 0; - /* Limit the amount of simultaneous connections curl should allow: */ - curl_multi_setopt(cm, CURLMOPT_MAXCONNECTS, (long)MAX_PARALLEL); + /* Limit the amount of simultaneous connections curl should allow: */ + curl_multi_setopt(cm, CURLMOPT_MAXCONNECTS, (long)MAX_PARALLEL); - for(transfers = 0; transfers < MAX_PARALLEL && transfers < NUM_URLS; - transfers++) - add_transfer(cm, transfers, &left); + for(transfers = 0; transfers < MAX_PARALLEL && transfers < NUM_URLS; + transfers++) + add_transfer(cm, transfers, &left); - do { - int still_alive = 1; - curl_multi_perform(cm, &still_alive); + do { + int still_alive = 1; + curl_multi_perform(cm, &still_alive); - /* !checksrc! disable EQUALSNULL 1 */ - while((msg = curl_multi_info_read(cm, &msgs_left)) != NULL) { - if(msg->msg == CURLMSG_DONE) { - char *url; - CURL *e = msg->easy_handle; - curl_easy_getinfo(msg->easy_handle, CURLINFO_PRIVATE, &url); - fprintf(stderr, "R: %d - %s <%s>\n", - msg->data.result, curl_easy_strerror(msg->data.result), url); - curl_multi_remove_handle(cm, e); - curl_easy_cleanup(e); - left--; + /* !checksrc! disable EQUALSNULL 1 */ + while((msg = curl_multi_info_read(cm, &msgs_left)) != NULL) { + if(msg->msg == CURLMSG_DONE) { + char *url; + CURL *e = msg->easy_handle; + curl_easy_getinfo(msg->easy_handle, CURLINFO_PRIVATE, &url); + fprintf(stderr, "R: %d - %s <%s>\n", + msg->data.result, curl_easy_strerror(msg->data.result), url); + curl_multi_remove_handle(cm, e); + curl_easy_cleanup(e); + left--; + } + else { + fprintf(stderr, "E: CURLMsg (%d)\n", msg->msg); + } + if(transfers < NUM_URLS) + add_transfer(cm, transfers++, &left); } - else { - fprintf(stderr, "E: CURLMsg (%d)\n", msg->msg); - } - if(transfers < NUM_URLS) - add_transfer(cm, transfers++, &left); - } - if(left) - curl_multi_wait(cm, NULL, 0, 1000, NULL); + if(left) + curl_multi_wait(cm, NULL, 0, 1000, NULL); - } while(left); + } while(left); - curl_multi_cleanup(cm); + curl_multi_cleanup(cm); + } curl_global_cleanup(); return EXIT_SUCCESS; diff --git a/docs/examples/anyauthput.c b/docs/examples/anyauthput.c index 81bb1fb907..8718ac98bb 100644 --- a/docs/examples/anyauthput.c +++ b/docs/examples/anyauthput.c @@ -105,10 +105,13 @@ int main(int argc, char **argv) #ifdef UNDER_CE /* !checksrc! disable BANNEDFUNC 1 */ - stat(file, &file_info); + if(stat(file, &file_info) != 0) { #else - fstat(fileno(fp), &file_info); + if(fstat(fileno(fp), &file_info) != 0) { #endif + fclose(fp); + return 1; /* cannot continue */ + } /* In Windows, this inits the Winsock stuff */ res = curl_global_init(CURL_GLOBAL_ALL); diff --git a/docs/examples/cacertinmem.c b/docs/examples/cacertinmem.c index d72dc49001..5855d872b6 100644 --- a/docs/examples/cacertinmem.c +++ b/docs/examples/cacertinmem.c @@ -116,63 +116,64 @@ static CURLcode sslctx_function(CURL *curl, void *sslctx, void *pointer) int main(void) { CURL *ch; - CURLcode res; - res = curl_global_init(CURL_GLOBAL_ALL); + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); if(res) return (int)res; ch = curl_easy_init(); - curl_easy_setopt(ch, CURLOPT_VERBOSE, 0L); - curl_easy_setopt(ch, CURLOPT_HEADER, 0L); - curl_easy_setopt(ch, CURLOPT_NOPROGRESS, 1L); - curl_easy_setopt(ch, CURLOPT_NOSIGNAL, 1L); - curl_easy_setopt(ch, CURLOPT_WRITEFUNCTION, writefunction); - curl_easy_setopt(ch, CURLOPT_WRITEDATA, stdout); - curl_easy_setopt(ch, CURLOPT_HEADERFUNCTION, writefunction); - curl_easy_setopt(ch, CURLOPT_HEADERDATA, stderr); - curl_easy_setopt(ch, CURLOPT_SSLCERTTYPE, "PEM"); - curl_easy_setopt(ch, CURLOPT_SSL_VERIFYPEER, 1L); - curl_easy_setopt(ch, CURLOPT_URL, "https://www.example.com/"); + if(ch) { + curl_easy_setopt(ch, CURLOPT_VERBOSE, 0L); + curl_easy_setopt(ch, CURLOPT_HEADER, 0L); + curl_easy_setopt(ch, CURLOPT_NOPROGRESS, 1L); + curl_easy_setopt(ch, CURLOPT_NOSIGNAL, 1L); + curl_easy_setopt(ch, CURLOPT_WRITEFUNCTION, writefunction); + curl_easy_setopt(ch, CURLOPT_WRITEDATA, stdout); + curl_easy_setopt(ch, CURLOPT_HEADERFUNCTION, writefunction); + curl_easy_setopt(ch, CURLOPT_HEADERDATA, stderr); + curl_easy_setopt(ch, CURLOPT_SSLCERTTYPE, "PEM"); + curl_easy_setopt(ch, CURLOPT_SSL_VERIFYPEER, 1L); + curl_easy_setopt(ch, CURLOPT_URL, "https://www.example.com/"); - /* Turn off the default CA locations, otherwise libcurl loads CA - * certificates from the locations that were detected/specified at - * build-time - */ - curl_easy_setopt(ch, CURLOPT_CAINFO, NULL); - curl_easy_setopt(ch, CURLOPT_CAPATH, NULL); + /* Turn off the default CA locations, otherwise libcurl loads CA + * certificates from the locations that were detected/specified at + * build-time + */ + curl_easy_setopt(ch, CURLOPT_CAINFO, NULL); + curl_easy_setopt(ch, CURLOPT_CAPATH, NULL); - /* first try: retrieve page without ca certificates -> should fail - * unless libcurl was built --with-ca-fallback enabled at build-time - */ - res = curl_easy_perform(ch); - if(res == CURLE_OK) - printf("*** transfer succeeded ***\n"); - else - printf("*** transfer failed ***\n"); + /* first try: retrieve page without ca certificates -> should fail + * unless libcurl was built --with-ca-fallback enabled at build-time + */ + res = curl_easy_perform(ch); + if(res == CURLE_OK) + printf("*** transfer succeeded ***\n"); + else + printf("*** transfer failed ***\n"); - /* use a fresh connection (optional) this option seriously impacts - * performance of multiple transfers but it is necessary order to - * demonstrate this example. recall that the ssl ctx callback is only called - * _before_ an SSL connection is established, therefore it does not affect - * existing verified SSL connections already in the connection cache - * associated with this handle. normally you would set the ssl ctx function - * before making any transfers, and not use this option. - */ - curl_easy_setopt(ch, CURLOPT_FRESH_CONNECT, 1L); + /* use a fresh connection (optional) this option seriously impacts + * performance of multiple transfers but it is necessary order to + * demonstrate this example. recall that the ssl ctx callback is only + * called _before_ an SSL connection is established, therefore it does not + * affect existing verified SSL connections already in the connection cache + * associated with this handle. normally you would set the ssl ctx function + * before making any transfers, and not use this option. + */ + curl_easy_setopt(ch, CURLOPT_FRESH_CONNECT, 1L); - /* second try: retrieve page using cacerts' certificate -> succeeds to load - * the certificate by installing a function doing the necessary - * "modifications" to the SSL CONTEXT just before link init - */ - curl_easy_setopt(ch, CURLOPT_SSL_CTX_FUNCTION, sslctx_function); - res = curl_easy_perform(ch); - if(res == CURLE_OK) - printf("*** transfer succeeded ***\n"); - else - printf("*** transfer failed ***\n"); + /* second try: retrieve page using cacerts' certificate -> succeeds to load + * the certificate by installing a function doing the necessary + * "modifications" to the SSL CONTEXT just before link init + */ + curl_easy_setopt(ch, CURLOPT_SSL_CTX_FUNCTION, sslctx_function); + res = curl_easy_perform(ch); + if(res == CURLE_OK) + printf("*** transfer succeeded ***\n"); + else + printf("*** transfer failed ***\n"); - curl_easy_cleanup(ch); + curl_easy_cleanup(ch); + } curl_global_cleanup(); return (int)res; } diff --git a/docs/examples/chkspeed.c b/docs/examples/chkspeed.c index d4b2abbab8..996db393f5 100644 --- a/docs/examples/chkspeed.c +++ b/docs/examples/chkspeed.c @@ -162,62 +162,67 @@ int main(int argc, char *argv[]) /* init the curl session */ curl_handle = curl_easy_init(); + if(curl_handle) { - /* specify URL to get */ - curl_easy_setopt(curl_handle, CURLOPT_URL, url); + /* specify URL to get */ + curl_easy_setopt(curl_handle, CURLOPT_URL, url); - /* send all data to this function */ - curl_easy_setopt(curl_handle, CURLOPT_WRITEFUNCTION, WriteCallback); + /* send all data to this function */ + curl_easy_setopt(curl_handle, CURLOPT_WRITEFUNCTION, WriteCallback); - /* some servers do not like requests that are made without a user-agent - field, so we provide one */ - curl_easy_setopt(curl_handle, CURLOPT_USERAGENT, - "libcurl-speedchecker/" CHKSPEED_VERSION); + /* some servers do not like requests that are made without a user-agent + field, so we provide one */ + curl_easy_setopt(curl_handle, CURLOPT_USERAGENT, + "libcurl-speedchecker/" CHKSPEED_VERSION); - /* get it! */ - res = curl_easy_perform(curl_handle); + /* get it! */ + res = curl_easy_perform(curl_handle); - if(CURLE_OK == res) { - curl_off_t val; + if(CURLE_OK == res) { + curl_off_t val; - /* check for bytes downloaded */ - res = curl_easy_getinfo(curl_handle, CURLINFO_SIZE_DOWNLOAD_T, &val); - if((CURLE_OK == res) && (val > 0)) - printf("Data downloaded: %lu bytes.\n", (unsigned long)val); - - /* check for total download time */ - res = curl_easy_getinfo(curl_handle, CURLINFO_TOTAL_TIME_T, &val); - if((CURLE_OK == res) && (val > 0)) - printf("Total download time: %lu.%06lu sec.\n", - (unsigned long)(val / 1000000), (unsigned long)(val % 1000000)); - - /* check for average download speed */ - res = curl_easy_getinfo(curl_handle, CURLINFO_SPEED_DOWNLOAD_T, &val); - if((CURLE_OK == res) && (val > 0)) - printf("Average download speed: %lu kbyte/sec.\n", - (unsigned long)(val / 1024)); - - if(prtall) { - /* check for name resolution time */ - res = curl_easy_getinfo(curl_handle, CURLINFO_NAMELOOKUP_TIME_T, &val); + /* check for bytes downloaded */ + res = curl_easy_getinfo(curl_handle, CURLINFO_SIZE_DOWNLOAD_T, &val); if((CURLE_OK == res) && (val > 0)) - printf("Name lookup time: %lu.%06lu sec.\n", - (unsigned long)(val / 1000000), (unsigned long)(val % 1000000)); + printf("Data downloaded: %lu bytes.\n", (unsigned long)val); - /* check for connect time */ - res = curl_easy_getinfo(curl_handle, CURLINFO_CONNECT_TIME_T, &val); + /* check for total download time */ + res = curl_easy_getinfo(curl_handle, CURLINFO_TOTAL_TIME_T, &val); if((CURLE_OK == res) && (val > 0)) - printf("Connect time: %lu.%06lu sec.\n", - (unsigned long)(val / 1000000), (unsigned long)(val % 1000000)); + printf("Total download time: %lu.%06lu sec.\n", + (unsigned long)(val / 1000000), + (unsigned long)(val % 1000000)); + + /* check for average download speed */ + res = curl_easy_getinfo(curl_handle, CURLINFO_SPEED_DOWNLOAD_T, &val); + if((CURLE_OK == res) && (val > 0)) + printf("Average download speed: %lu kbyte/sec.\n", + (unsigned long)(val / 1024)); + + if(prtall) { + /* check for name resolution time */ + res = curl_easy_getinfo(curl_handle, CURLINFO_NAMELOOKUP_TIME_T, &val); + if((CURLE_OK == res) && (val > 0)) + printf("Name lookup time: %lu.%06lu sec.\n", + (unsigned long)(val / 1000000), + (unsigned long)(val % 1000000)); + + /* check for connect time */ + res = curl_easy_getinfo(curl_handle, CURLINFO_CONNECT_TIME_T, &val); + if((CURLE_OK == res) && (val > 0)) + printf("Connect time: %lu.%06lu sec.\n", + (unsigned long)(val / 1000000), + (unsigned long)(val % 1000000)); + } + } + else { + fprintf(stderr, "Error while fetching '%s' : %s\n", + url, curl_easy_strerror(res)); } - } - else { - fprintf(stderr, "Error while fetching '%s' : %s\n", - url, curl_easy_strerror(res)); - } - /* cleanup curl stuff */ - curl_easy_cleanup(curl_handle); + /* cleanup curl stuff */ + curl_easy_cleanup(curl_handle); + } /* we are done with libcurl, so clean it up */ curl_global_cleanup(); diff --git a/docs/examples/crawler.c b/docs/examples/crawler.c index a7ca5fa2fe..e8dbf244f9 100644 --- a/docs/examples/crawler.c +++ b/docs/examples/crawler.c @@ -191,67 +191,70 @@ int main(void) signal(SIGINT, sighandler); LIBXML_TEST_VERSION multi_handle = curl_multi_init(); - curl_multi_setopt(multi_handle, CURLMOPT_MAX_TOTAL_CONNECTIONS, max_con); - curl_multi_setopt(multi_handle, CURLMOPT_MAX_HOST_CONNECTIONS, 6L); + if(multi_handle) { + curl_multi_setopt(multi_handle, CURLMOPT_MAX_TOTAL_CONNECTIONS, max_con); + curl_multi_setopt(multi_handle, CURLMOPT_MAX_HOST_CONNECTIONS, 6L); - /* enables http/2 if available */ + /* enables http/2 if available */ #ifdef CURLPIPE_MULTIPLEX - curl_multi_setopt(multi_handle, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX); + curl_multi_setopt(multi_handle, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX); #endif - /* sets html start page */ - curl_multi_add_handle(multi_handle, make_handle(start_page)); + /* sets html start page */ + curl_multi_add_handle(multi_handle, make_handle(start_page)); - pending = 0; - complete = 0; - still_running = 1; - while(still_running && !pending_interrupt) { - int numfds; - CURLMsg *m; + pending = 0; + complete = 0; + still_running = 1; + while(still_running && !pending_interrupt) { + int numfds; + CURLMsg *m; - curl_multi_wait(multi_handle, NULL, 0, 1000, &numfds); - curl_multi_perform(multi_handle, &still_running); + curl_multi_wait(multi_handle, NULL, 0, 1000, &numfds); + curl_multi_perform(multi_handle, &still_running); - /* See how the transfers went */ - m = NULL; - while((m = curl_multi_info_read(multi_handle, &msgs_left))) { - if(m->msg == CURLMSG_DONE) { - CURL *handle = m->easy_handle; - char *url; - struct memory *mem; - curl_easy_getinfo(handle, CURLINFO_PRIVATE, &mem); - curl_easy_getinfo(handle, CURLINFO_EFFECTIVE_URL, &url); - if(m->data.result == CURLE_OK) { - long res_status; - curl_easy_getinfo(handle, CURLINFO_RESPONSE_CODE, &res_status); - if(res_status == 200) { - char *ctype; - curl_easy_getinfo(handle, CURLINFO_CONTENT_TYPE, &ctype); - printf("[%d] HTTP 200 (%s): %s\n", complete, ctype, url); - if(is_html(ctype) && mem->size > 100) { - if(pending < max_requests && (complete + pending) < max_total) { - pending += follow_links(multi_handle, mem, url); - still_running = 1; + /* See how the transfers went */ + m = NULL; + while((m = curl_multi_info_read(multi_handle, &msgs_left))) { + if(m->msg == CURLMSG_DONE) { + CURL *handle = m->easy_handle; + char *url; + struct memory *mem; + curl_easy_getinfo(handle, CURLINFO_PRIVATE, &mem); + curl_easy_getinfo(handle, CURLINFO_EFFECTIVE_URL, &url); + if(m->data.result == CURLE_OK) { + long res_status; + curl_easy_getinfo(handle, CURLINFO_RESPONSE_CODE, &res_status); + if(res_status == 200) { + char *ctype; + curl_easy_getinfo(handle, CURLINFO_CONTENT_TYPE, &ctype); + printf("[%d] HTTP 200 (%s): %s\n", complete, ctype, url); + if(is_html(ctype) && mem->size > 100) { + if(pending < max_requests && + (complete + pending) < max_total) { + pending += follow_links(multi_handle, mem, url); + still_running = 1; + } } } + else { + printf("[%d] HTTP %d: %s\n", complete, (int) res_status, url); + } } else { - printf("[%d] HTTP %d: %s\n", complete, (int) res_status, url); + printf("[%d] Connection failure: %s\n", complete, url); } + curl_multi_remove_handle(multi_handle, handle); + curl_easy_cleanup(handle); + free(mem->buf); + free(mem); + complete++; + pending--; } - else { - printf("[%d] Connection failure: %s\n", complete, url); - } - curl_multi_remove_handle(multi_handle, handle); - curl_easy_cleanup(handle); - free(mem->buf); - free(mem); - complete++; - pending--; } } + curl_multi_cleanup(multi_handle); } - curl_multi_cleanup(multi_handle); curl_global_cleanup(); return 0; } diff --git a/docs/examples/debug.c b/docs/examples/debug.c index 85fdea95d3..3c8355df05 100644 --- a/docs/examples/debug.c +++ b/docs/examples/debug.c @@ -32,10 +32,8 @@ struct data { char trace_ascii; /* 1 or 0 */ }; -static -void dump(const char *text, - FILE *stream, unsigned char *ptr, size_t size, - char nohex) +static void dump(const char *text, FILE *stream, unsigned char *ptr, + size_t size, char nohex) { size_t i; size_t c; @@ -83,10 +81,8 @@ void dump(const char *text, fflush(stream); } -static -int my_trace(CURL *handle, curl_infotype type, - char *data, size_t size, - void *userp) +static int my_trace(CURL *handle, curl_infotype type, + char *data, size_t size, void *userp) { struct data *config = (struct data *)userp; const char *text; diff --git a/docs/examples/ftpgetresp.c b/docs/examples/ftpgetresp.c index 7b6a6e3d2d..6dce4ab749 100644 --- a/docs/examples/ftpgetresp.c +++ b/docs/examples/ftpgetresp.c @@ -30,8 +30,7 @@ * in a separate file using our own callback! * */ -static size_t -write_response(void *ptr, size_t size, size_t nmemb, void *data) +static size_t write_response(void *ptr, size_t size, size_t nmemb, void *data) { FILE *writehere = (FILE *)data; return fwrite(ptr, size, nmemb, writehere); @@ -88,5 +87,7 @@ int main(void) fclose(ftpfile); /* close the local file */ fclose(respfile); /* close the response file */ + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/ftpupload.c b/docs/examples/ftpupload.c index 7588a82953..2bfb51f66e 100644 --- a/docs/examples/ftpupload.c +++ b/docs/examples/ftpupload.c @@ -84,8 +84,8 @@ int main(void) curl_off_t fsize; struct curl_slist *headerlist = NULL; - static const char buf_1 [] = "RNFR " UPLOAD_FILE_AS; - static const char buf_2 [] = "RNTO " RENAME_FILE_TO; + static const char buf_1[] = "RNFR " UPLOAD_FILE_AS; + static const char buf_2[] = "RNTO " RENAME_FILE_TO; /* get a FILE * of the file */ hd_src = fopen(LOCAL_FILE, "rb"); diff --git a/docs/examples/ftpuploadresume.c b/docs/examples/ftpuploadresume.c index 544b746873..13df8541a2 100644 --- a/docs/examples/ftpuploadresume.c +++ b/docs/examples/ftpuploadresume.c @@ -159,11 +159,13 @@ int main(void) return (int)res; curlhandle = curl_easy_init(); + if(curlhandle) { - upload(curlhandle, "ftp://user:pass@example.com/path/file", "C:\\file", - 0, 3); + upload(curlhandle, "ftp://user:pass@example.com/path/file", "C:\\file", + 0, 3); - curl_easy_cleanup(curlhandle); + curl_easy_cleanup(curlhandle); + } curl_global_cleanup(); return 0; diff --git a/docs/examples/getinmemory.c b/docs/examples/getinmemory.c index 589047097b..aa31654c16 100644 --- a/docs/examples/getinmemory.c +++ b/docs/examples/getinmemory.c @@ -38,8 +38,8 @@ struct MemoryStruct { size_t size; }; -static size_t -WriteMemoryCallback(void *contents, size_t size, size_t nmemb, void *userp) +static size_t WriteMemoryCallback(void *contents, size_t size, size_t nmemb, + void *userp) { size_t realsize = size * nmemb; struct MemoryStruct *mem = (struct MemoryStruct *)userp; @@ -75,41 +75,43 @@ int main(void) /* init the curl session */ curl_handle = curl_easy_init(); + if(curl_handle) { - /* specify URL to get */ - curl_easy_setopt(curl_handle, CURLOPT_URL, "https://www.example.com/"); + /* specify URL to get */ + curl_easy_setopt(curl_handle, CURLOPT_URL, "https://www.example.com/"); - /* send all data to this function */ - curl_easy_setopt(curl_handle, CURLOPT_WRITEFUNCTION, WriteMemoryCallback); + /* send all data to this function */ + curl_easy_setopt(curl_handle, CURLOPT_WRITEFUNCTION, WriteMemoryCallback); - /* we pass our 'chunk' struct to the callback function */ - curl_easy_setopt(curl_handle, CURLOPT_WRITEDATA, (void *)&chunk); + /* we pass our 'chunk' struct to the callback function */ + curl_easy_setopt(curl_handle, CURLOPT_WRITEDATA, (void *)&chunk); - /* some servers do not like requests that are made without a user-agent - field, so we provide one */ - curl_easy_setopt(curl_handle, CURLOPT_USERAGENT, "libcurl-agent/1.0"); + /* some servers do not like requests that are made without a user-agent + field, so we provide one */ + curl_easy_setopt(curl_handle, CURLOPT_USERAGENT, "libcurl-agent/1.0"); - /* get it! */ - res = curl_easy_perform(curl_handle); + /* get it! */ + res = curl_easy_perform(curl_handle); - /* check for errors */ - if(res != CURLE_OK) { - fprintf(stderr, "curl_easy_perform() failed: %s\n", - curl_easy_strerror(res)); + /* check for errors */ + if(res != CURLE_OK) { + fprintf(stderr, "curl_easy_perform() failed: %s\n", + curl_easy_strerror(res)); + } + else { + /* + * Now, our chunk.memory points to a memory block that is chunk.size + * bytes big and contains the remote file. + * + * Do something nice with it! + */ + + printf("%lu bytes retrieved\n", (unsigned long)chunk.size); + } + + /* cleanup curl stuff */ + curl_easy_cleanup(curl_handle); } - else { - /* - * Now, our chunk.memory points to a memory block that is chunk.size - * bytes big and contains the remote file. - * - * Do something nice with it! - */ - - printf("%lu bytes retrieved\n", (unsigned long)chunk.size); - } - - /* cleanup curl stuff */ - curl_easy_cleanup(curl_handle); free(chunk.memory); diff --git a/docs/examples/ghiper.c b/docs/examples/ghiper.c index 50308fd47c..e9844fc89e 100644 --- a/docs/examples/ghiper.c +++ b/docs/examples/ghiper.c @@ -434,16 +434,18 @@ int main(void) g_io_add_watch(ch, G_IO_IN, fifo_cb, g); gmain = g_main_loop_new(NULL, FALSE); g->multi = curl_multi_init(); - curl_multi_setopt(g->multi, CURLMOPT_SOCKETFUNCTION, sock_cb); - curl_multi_setopt(g->multi, CURLMOPT_SOCKETDATA, g); - curl_multi_setopt(g->multi, CURLMOPT_TIMERFUNCTION, update_timeout_cb); - curl_multi_setopt(g->multi, CURLMOPT_TIMERDATA, g); + if(g->multi) { + curl_multi_setopt(g->multi, CURLMOPT_SOCKETFUNCTION, sock_cb); + curl_multi_setopt(g->multi, CURLMOPT_SOCKETDATA, g); + curl_multi_setopt(g->multi, CURLMOPT_TIMERFUNCTION, update_timeout_cb); + curl_multi_setopt(g->multi, CURLMOPT_TIMERDATA, g); - /* we do not call any curl_multi_socket*() function yet as we have no handles - added! */ + /* we do not call any curl_multi_socket*() function yet as we have no + handles added! */ - g_main_loop_run(gmain); - curl_multi_cleanup(g->multi); + g_main_loop_run(gmain); + curl_multi_cleanup(g->multi); + } curl_global_cleanup(); return 0; } diff --git a/docs/examples/htmltidy.c b/docs/examples/htmltidy.c index 952132fbc4..0bf3155570 100644 --- a/docs/examples/htmltidy.c +++ b/docs/examples/htmltidy.c @@ -92,42 +92,47 @@ int main(int argc, char **argv) if(res) return (int)res; - curl = curl_easy_init(); - curl_easy_setopt(curl, CURLOPT_URL, argv[1]); - curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, curl_errbuf); - curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 0L); - curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); - curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); - tdoc = tidyCreate(); tidyOptSetBool(tdoc, TidyForceOutput, yes); /* try harder */ tidyOptSetInt(tdoc, TidyWrapLen, 4096); tidySetErrorBuffer(tdoc, &tidy_errbuf); tidyBufInit(&docbuf); - curl_easy_setopt(curl, CURLOPT_WRITEDATA, &docbuf); - res = curl_easy_perform(curl); - if(!res) { - res = tidyParseBuffer(tdoc, &docbuf); /* parse the input */ - if(res >= 0) { - res = tidyCleanAndRepair(tdoc); /* fix any problems */ + curl = curl_easy_init(); + if(curl) { + curl_easy_setopt(curl, CURLOPT_URL, argv[1]); + curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, curl_errbuf); + curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 0L); + curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); + + curl_easy_setopt(curl, CURLOPT_WRITEDATA, &docbuf); + res = curl_easy_perform(curl); + if(!res) { + res = tidyParseBuffer(tdoc, &docbuf); /* parse the input */ if(res >= 0) { - res = tidyRunDiagnostics(tdoc); /* load tidy error buffer */ + res = tidyCleanAndRepair(tdoc); /* fix any problems */ if(res >= 0) { - dumpNode(tdoc, tidyGetRoot(tdoc), 0); /* walk the tree */ - fprintf(stderr, "%s\n", tidy_errbuf.bp); /* show errors */ + res = tidyRunDiagnostics(tdoc); /* load tidy error buffer */ + if(res >= 0) { + dumpNode(tdoc, tidyGetRoot(tdoc), 0); /* walk the tree */ + fprintf(stderr, "%s\n", tidy_errbuf.bp); /* show errors */ + } } } } - } - else - fprintf(stderr, "%s\n", curl_errbuf); + else + fprintf(stderr, "%s\n", curl_errbuf); + + /* clean-up */ + curl_easy_cleanup(curl); + } - /* clean-up */ - curl_easy_cleanup(curl); - curl_global_cleanup(); tidyBufFree(&docbuf); tidyBufFree(&tidy_errbuf); tidyRelease(tdoc); + + curl_global_cleanup(); + return (int)res; } diff --git a/docs/examples/http2-download.c b/docs/examples/http2-download.c index 6343234667..06902415e1 100644 --- a/docs/examples/http2-download.c +++ b/docs/examples/http2-download.c @@ -56,9 +56,8 @@ struct transfer { #define NUM_HANDLES 1000 -static -void dump(const char *text, unsigned int num, unsigned char *ptr, size_t size, - char nohex) +static void dump(const char *text, unsigned int num, unsigned char *ptr, + size_t size, char nohex) { size_t i; size_t c; @@ -105,10 +104,8 @@ void dump(const char *text, unsigned int num, unsigned char *ptr, size_t size, } } -static -int my_trace(CURL *handle, curl_infotype type, - char *data, size_t size, - void *userp) +static int my_trace(CURL *handle, curl_infotype type, + char *data, size_t size, void *userp) { const char *text; struct transfer *t = (struct transfer *)userp; @@ -210,6 +207,8 @@ int main(int argc, char **argv) if(res) return (int)res; + memset(trans, 0, sizeof(trans)); + /* init a multi stack */ multi_handle = curl_multi_init(); @@ -242,6 +241,7 @@ int main(int argc, char **argv) } curl_multi_cleanup(multi_handle); + curl_global_cleanup(); return 0; } diff --git a/docs/examples/http2-pushinmemory.c b/docs/examples/http2-pushinmemory.c index 3e2b4af1c2..85bf0e34a7 100644 --- a/docs/examples/http2-pushinmemory.c +++ b/docs/examples/http2-pushinmemory.c @@ -37,8 +37,7 @@ struct Memory { size_t size; }; -static size_t -write_cb(void *contents, size_t size, size_t nmemb, void *userp) +static size_t write_cb(void *contents, size_t size, size_t nmemb, void *userp) { size_t realsize = size * nmemb; struct Memory *mem = (struct Memory *)userp; @@ -125,10 +124,8 @@ int main(void) { CURL *easy; CURLM *multi; - int still_running; /* keep number of running handles */ int transfers = 1; /* we start with one */ int i; - struct CURLMsg *m; CURLcode res = curl_global_init(CURL_GLOBAL_ALL); if(res) @@ -150,7 +147,10 @@ int main(void) curl_multi_setopt(multi, CURLMOPT_PUSHDATA, &transfers); while(transfers) { + struct CURLMsg *m; + int still_running; /* keep number of running handles */ int rc; + CURLMcode mcode = curl_multi_perform(multi, &still_running); if(mcode) break; @@ -173,7 +173,6 @@ int main(void) curl_easy_cleanup(e); } } while(m); - } curl_multi_cleanup(multi); diff --git a/docs/examples/http2-serverpush.c b/docs/examples/http2-serverpush.c index 0d0e991776..e97be991a8 100644 --- a/docs/examples/http2-serverpush.c +++ b/docs/examples/http2-serverpush.c @@ -40,9 +40,7 @@ #error "too old libcurl, cannot do HTTP/2 server push!" #endif -static -void dump(const char *text, unsigned char *ptr, size_t size, - char nohex) +static void dump(const char *text, unsigned char *ptr, size_t size, char nohex) { size_t i; size_t c; @@ -89,10 +87,8 @@ void dump(const char *text, unsigned char *ptr, size_t size, } } -static -int my_trace(CURL *handle, curl_infotype type, - char *data, size_t size, - void *userp) +static int my_trace(CURL *handle, curl_infotype type, + char *data, size_t size, void *userp) { const char *text; (void)handle; @@ -216,7 +212,6 @@ int main(int argc, char *argv[]) CURL *easy; CURLM *multi_handle; int transfers = 1; /* we start with one */ - struct CURLMsg *m; const char *url = "https://localhost:8443/index.html"; if(argc == 2) @@ -246,6 +241,7 @@ int main(int argc, char *argv[]) curl_multi_setopt(multi_handle, CURLMOPT_PUSHDATA, &transfers); do { + struct CURLMsg *m; int still_running; /* keep number of running handles */ CURLMcode mc = curl_multi_perform(multi_handle, &still_running); diff --git a/docs/examples/http2-upload.c b/docs/examples/http2-upload.c index 9cc3c5652c..55162c03a3 100644 --- a/docs/examples/http2-upload.c +++ b/docs/examples/http2-upload.c @@ -68,8 +68,7 @@ #ifdef _MSC_VER #define gettimeofday(a, b) my_gettimeofday((a), (b)) -static -int my_gettimeofday(struct timeval *tp, void *tzp) +static int my_gettimeofday(struct timeval *tp, void *tzp) { (void)tzp; if(tp) { @@ -89,14 +88,14 @@ int my_gettimeofday(struct timeval *tp, void *tzp) struct input { FILE *in; + FILE *out; size_t bytes_read; /* count up */ CURL *hnd; int num; }; -static -void dump(const char *text, int num, unsigned char *ptr, size_t size, - char nohex) +static void dump(const char *text, int num, unsigned char *ptr, size_t size, + char nohex) { size_t i; size_t c; @@ -142,10 +141,8 @@ void dump(const char *text, int num, unsigned char *ptr, size_t size, } } -static -int my_trace(CURL *handle, curl_infotype type, - char *data, size_t size, - void *userp) +static int my_trace(CURL *handle, curl_infotype type, char *data, + size_t size, void *userp) { char timebuf[60]; const char *text; @@ -208,7 +205,6 @@ static size_t read_callback(char *ptr, size_t size, size_t nmemb, void *userp) static int setup(struct input *i, int num, const char *upload) { - FILE *out; char url[256]; char filename[128]; struct stat file_info; @@ -219,8 +215,8 @@ static int setup(struct input *i, int num, const char *upload) i->num = num; snprintf(filename, sizeof(filename), "dl-%d", num); - out = fopen(filename, "wb"); - if(!out) { + i->out = fopen(filename, "wb"); + if(!i->out) { fprintf(stderr, "error: could not open file %s for writing: %s\n", upload, strerror(errno)); return 1; @@ -232,7 +228,8 @@ static int setup(struct input *i, int num, const char *upload) if(!i->in) { fprintf(stderr, "error: could not open file %s for reading: %s\n", upload, strerror(errno)); - fclose(out); + fclose(i->out); + i->out = NULL; return 1; } @@ -244,46 +241,49 @@ static int setup(struct input *i, int num, const char *upload) #endif fprintf(stderr, "error: could not stat file %s: %s\n", upload, strerror(errno)); - fclose(out); + fclose(i->out); + i->out = NULL; return 1; } uploadsize = file_info.st_size; hnd = i->hnd = curl_easy_init(); + if(hnd) { - /* write to this file */ - curl_easy_setopt(hnd, CURLOPT_WRITEDATA, out); + /* write to this file */ + curl_easy_setopt(hnd, CURLOPT_WRITEDATA, i->out); - /* we want to use our own read function */ - curl_easy_setopt(hnd, CURLOPT_READFUNCTION, read_callback); - /* read from this file */ - curl_easy_setopt(hnd, CURLOPT_READDATA, i); - /* provide the size of the upload */ - curl_easy_setopt(hnd, CURLOPT_INFILESIZE_LARGE, uploadsize); + /* we want to use our own read function */ + curl_easy_setopt(hnd, CURLOPT_READFUNCTION, read_callback); + /* read from this file */ + curl_easy_setopt(hnd, CURLOPT_READDATA, i); + /* provide the size of the upload */ + curl_easy_setopt(hnd, CURLOPT_INFILESIZE_LARGE, uploadsize); - /* send in the URL to store the upload as */ - curl_easy_setopt(hnd, CURLOPT_URL, url); + /* send in the URL to store the upload as */ + curl_easy_setopt(hnd, CURLOPT_URL, url); - /* upload please */ - curl_easy_setopt(hnd, CURLOPT_UPLOAD, 1L); + /* upload please */ + curl_easy_setopt(hnd, CURLOPT_UPLOAD, 1L); - /* please be verbose */ - curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L); - curl_easy_setopt(hnd, CURLOPT_DEBUGFUNCTION, my_trace); - curl_easy_setopt(hnd, CURLOPT_DEBUGDATA, i); + /* please be verbose */ + curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L); + curl_easy_setopt(hnd, CURLOPT_DEBUGFUNCTION, my_trace); + curl_easy_setopt(hnd, CURLOPT_DEBUGDATA, i); - /* HTTP/2 please */ - curl_easy_setopt(hnd, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0); + /* HTTP/2 please */ + curl_easy_setopt(hnd, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0); - /* we use a self-signed test server, skip verification during debugging */ - curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYPEER, 0L); - curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYHOST, 0L); + /* we use a self-signed test server, skip verification during debugging */ + curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYPEER, 0L); + curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYHOST, 0L); #if (CURLPIPE_MULTIPLEX > 0) - /* wait for pipe connection to confirm */ - curl_easy_setopt(hnd, CURLOPT_PIPEWAIT, 1L); + /* wait for pipe connection to confirm */ + curl_easy_setopt(hnd, CURLOPT_PIPEWAIT, 1L); #endif + } return 0; } @@ -296,7 +296,6 @@ int main(int argc, char **argv) struct input trans[NUM_HANDLES]; CURLM *multi_handle; int i; - int still_running = 0; /* keep number of running handles */ const char *filename = "index.html"; int num_transfers; @@ -318,41 +317,54 @@ int main(int argc, char **argv) if(res) return (int)res; + memset(trans, 0, sizeof(trans)); + /* init a multi stack */ multi_handle = curl_multi_init(); + if(multi_handle) { - for(i = 0; i < num_transfers; i++) { - if(setup(&trans[i], i, filename)) { - curl_global_cleanup(); - return 1; + int still_running = 0; /* keep number of running handles */ + + for(i = 0; i < num_transfers; i++) { + if(setup(&trans[i], i, filename)) { + curl_global_cleanup(); + return 1; + } + + /* add the individual transfer */ + curl_multi_add_handle(multi_handle, trans[i].hnd); } - /* add the individual transfer */ - curl_multi_add_handle(multi_handle, trans[i].hnd); + curl_multi_setopt(multi_handle, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX); + + /* We do HTTP/2 so let's stick to one connection per host */ + curl_multi_setopt(multi_handle, CURLMOPT_MAX_HOST_CONNECTIONS, 1L); + + do { + CURLMcode mc = curl_multi_perform(multi_handle, &still_running); + + if(still_running) + /* wait for activity, timeout or "nothing" */ + mc = curl_multi_poll(multi_handle, NULL, 0, 1000, NULL); + + if(mc) + break; + + } while(still_running); + + for(i = 0; i < num_transfers; i++) + curl_multi_remove_handle(multi_handle, trans[i].hnd); + + curl_multi_cleanup(multi_handle); } - curl_multi_setopt(multi_handle, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX); - - /* We do HTTP/2 so let's stick to one connection per host */ - curl_multi_setopt(multi_handle, CURLMOPT_MAX_HOST_CONNECTIONS, 1L); - - do { - CURLMcode mc = curl_multi_perform(multi_handle, &still_running); - - if(still_running) - /* wait for activity, timeout or "nothing" */ - mc = curl_multi_poll(multi_handle, NULL, 0, 1000, NULL); - - if(mc) - break; - - } while(still_running); - - curl_multi_cleanup(multi_handle); - for(i = 0; i < num_transfers; i++) { - curl_multi_remove_handle(multi_handle, trans[i].hnd); curl_easy_cleanup(trans[i].hnd); + + if(trans[i].in) + fclose(trans[i].in); + if(trans[i].out) + fclose(trans[i].out); } curl_global_cleanup(); diff --git a/docs/examples/multi-app.c b/docs/examples/multi-app.c index 8deee68370..7dab0b04f1 100644 --- a/docs/examples/multi-app.c +++ b/docs/examples/multi-app.c @@ -37,21 +37,17 @@ * Download an HTTP file and upload an FTP file simultaneously. */ -#define HANDLECOUNT 2 /* Number of simultaneous transfers */ #define HTTP_HANDLE 0 /* Index for the HTTP transfer */ #define FTP_HANDLE 1 /* Index for the FTP transfer */ +#define HANDLECOUNT 2 /* Number of simultaneous transfers */ int main(void) { CURL *handles[HANDLECOUNT]; CURLM *multi_handle; - int still_running = 1; /* keep number of running handles */ int i; - CURLMsg *msg; /* for picking up messages with the transfer status */ - int msgs_left; /* how many messages are left */ - CURLcode res = curl_global_init(CURL_GLOBAL_ALL); if(res) return (int)res; @@ -68,52 +64,63 @@ int main(void) /* init a multi stack */ multi_handle = curl_multi_init(); + if(multi_handle) { - /* add the individual transfers */ - for(i = 0; i < HANDLECOUNT; i++) - curl_multi_add_handle(multi_handle, handles[i]); + int still_running = 1; /* keep number of running handles */ - while(still_running) { - CURLMcode mc = curl_multi_perform(multi_handle, &still_running); + CURLMsg *msg; /* for picking up messages with the transfer status */ + int msgs_left; /* how many messages are left */ - if(still_running) - /* wait for activity, timeout or "nothing" */ - mc = curl_multi_poll(multi_handle, NULL, 0, 1000, NULL); + /* add the individual transfers */ + for(i = 0; i < HANDLECOUNT; i++) + curl_multi_add_handle(multi_handle, handles[i]); - if(mc) - break; - } - /* See how the transfers went */ - /* !checksrc! disable EQUALSNULL 1 */ - while((msg = curl_multi_info_read(multi_handle, &msgs_left)) != NULL) { - if(msg->msg == CURLMSG_DONE) { - int idx; + while(still_running) { + CURLMcode mc = curl_multi_perform(multi_handle, &still_running); - /* Find out which handle this message is about */ - for(idx = 0; idx < HANDLECOUNT; idx++) { - int found = (msg->easy_handle == handles[idx]); - if(found) + if(still_running) + /* wait for activity, timeout or "nothing" */ + mc = curl_multi_poll(multi_handle, NULL, 0, 1000, NULL); + + if(mc) + break; + } + + /* See how the transfers went */ + /* !checksrc! disable EQUALSNULL 1 */ + while((msg = curl_multi_info_read(multi_handle, &msgs_left)) != NULL) { + if(msg->msg == CURLMSG_DONE) { + int idx; + + /* Find out which handle this message is about */ + for(idx = 0; idx < HANDLECOUNT; idx++) { + int found = (msg->easy_handle == handles[idx]); + if(found) + break; + } + + switch(idx) { + case HTTP_HANDLE: + printf("HTTP transfer completed with status %d\n", msg->data.result); break; - } - - switch(idx) { - case HTTP_HANDLE: - printf("HTTP transfer completed with status %d\n", msg->data.result); - break; - case FTP_HANDLE: - printf("FTP transfer completed with status %d\n", msg->data.result); - break; + case FTP_HANDLE: + printf("FTP transfer completed with status %d\n", msg->data.result); + break; + } } } + + /* remove the transfers */ + for(i = 0; i < HANDLECOUNT; i++) + curl_multi_remove_handle(multi_handle, handles[i]); + + curl_multi_cleanup(multi_handle); } - /* remove the transfers and cleanup the handles */ - for(i = 0; i < HANDLECOUNT; i++) { - curl_multi_remove_handle(multi_handle, handles[i]); + /* Free the curl handles */ + for(i = 0; i < HANDLECOUNT; i++) curl_easy_cleanup(handles[i]); - } - curl_multi_cleanup(multi_handle); curl_global_cleanup(); return 0; diff --git a/docs/examples/multi-debugcallback.c b/docs/examples/multi-debugcallback.c index a27c238a57..278a5b4a2e 100644 --- a/docs/examples/multi-debugcallback.c +++ b/docs/examples/multi-debugcallback.c @@ -83,10 +83,9 @@ static void dump(const char *text, FILE *stream, unsigned char *ptr, fflush(stream); } -static -int my_trace(CURL *handle, curl_infotype type, - unsigned char *data, size_t size, - void *userp) +static int my_trace(CURL *handle, curl_infotype type, + unsigned char *data, size_t size, + void *userp) { const char *text; @@ -123,43 +122,48 @@ int my_trace(CURL *handle, curl_infotype type, int main(void) { CURL *http_handle; - CURLM *multi_handle; - - int still_running = 0; /* keep number of running handles */ CURLcode res = curl_global_init(CURL_GLOBAL_ALL); if(res) return (int)res; http_handle = curl_easy_init(); + if(http_handle) { - /* set the options (I left out a few, you get the point anyway) */ - curl_easy_setopt(http_handle, CURLOPT_URL, "https://www.example.com/"); + CURLM *multi_handle; - curl_easy_setopt(http_handle, CURLOPT_DEBUGFUNCTION, my_trace); - curl_easy_setopt(http_handle, CURLOPT_VERBOSE, 1L); + /* set the options (I left out a few, you get the point anyway) */ + curl_easy_setopt(http_handle, CURLOPT_URL, "https://www.example.com/"); - /* init a multi stack */ - multi_handle = curl_multi_init(); + curl_easy_setopt(http_handle, CURLOPT_DEBUGFUNCTION, my_trace); + curl_easy_setopt(http_handle, CURLOPT_VERBOSE, 1L); - /* add the individual transfers */ - curl_multi_add_handle(multi_handle, http_handle); + /* init a multi stack */ + multi_handle = curl_multi_init(); + if(multi_handle) { - do { - CURLMcode mc = curl_multi_perform(multi_handle, &still_running); + int still_running = 0; /* keep number of running handles */ - if(still_running) - /* wait for activity, timeout or "nothing" */ - mc = curl_multi_poll(multi_handle, NULL, 0, 1000, NULL); + /* add the individual transfers */ + curl_multi_add_handle(multi_handle, http_handle); - if(mc) - break; + do { + CURLMcode mc = curl_multi_perform(multi_handle, &still_running); - } while(still_running); + if(still_running) + /* wait for activity, timeout or "nothing" */ + mc = curl_multi_poll(multi_handle, NULL, 0, 1000, NULL); - curl_multi_cleanup(multi_handle); + if(mc) + break; - curl_easy_cleanup(http_handle); + } while(still_running); + + curl_multi_cleanup(multi_handle); + } + + curl_easy_cleanup(http_handle); + } curl_global_cleanup(); diff --git a/docs/examples/multi-double.c b/docs/examples/multi-double.c index 8c5c5d687a..71ac7422d6 100644 --- a/docs/examples/multi-double.c +++ b/docs/examples/multi-double.c @@ -38,9 +38,6 @@ int main(void) { CURL *http_handle; CURL *http_handle2; - CURLM *multi_handle; - - int still_running = 1; /* keep number of running handles */ CURLcode res = curl_global_init(CURL_GLOBAL_ALL); if(res) @@ -49,47 +46,58 @@ int main(void) http_handle = curl_easy_init(); http_handle2 = curl_easy_init(); - /* set options */ - curl_easy_setopt(http_handle, CURLOPT_URL, "https://www.example.com/"); + if(http_handle && + http_handle2) { - /* set options */ - curl_easy_setopt(http_handle2, CURLOPT_URL, "http://localhost/"); + CURLM *multi_handle; - /* init a multi stack */ - multi_handle = curl_multi_init(); + /* set options */ + curl_easy_setopt(http_handle, CURLOPT_URL, "https://www.example.com/"); - /* add the individual transfers */ - curl_multi_add_handle(multi_handle, http_handle); - curl_multi_add_handle(multi_handle, http_handle2); + /* set options */ + curl_easy_setopt(http_handle2, CURLOPT_URL, "http://localhost/"); - while(still_running) { - CURLMsg *msg; - int queued; - CURLMcode mc = curl_multi_perform(multi_handle, &still_running); + /* init a multi stack */ + multi_handle = curl_multi_init(); + if(multi_handle) { - if(still_running) - /* wait for activity, timeout or "nothing" */ - mc = curl_multi_poll(multi_handle, NULL, 0, 1000, NULL); + int still_running = 1; /* keep number of running handles */ - if(mc) - break; + /* add the individual transfers */ + curl_multi_add_handle(multi_handle, http_handle); + curl_multi_add_handle(multi_handle, http_handle2); - do { - msg = curl_multi_info_read(multi_handle, &queued); - if(msg) { - if(msg->msg == CURLMSG_DONE) { - /* a transfer ended */ - fprintf(stderr, "Transfer completed\n"); - } + while(still_running) { + CURLMsg *msg; + int queued; + + CURLMcode mc = curl_multi_perform(multi_handle, &still_running); + + if(still_running) + /* wait for activity, timeout or "nothing" */ + mc = curl_multi_poll(multi_handle, NULL, 0, 1000, NULL); + + if(mc) + break; + + do { + msg = curl_multi_info_read(multi_handle, &queued); + if(msg) { + if(msg->msg == CURLMSG_DONE) { + /* a transfer ended */ + fprintf(stderr, "Transfer completed\n"); + } + } + } while(msg); } - } while(msg); + + curl_multi_remove_handle(multi_handle, http_handle); + curl_multi_remove_handle(multi_handle, http_handle2); + + curl_multi_cleanup(multi_handle); + } } - curl_multi_remove_handle(multi_handle, http_handle); - curl_multi_remove_handle(multi_handle, http_handle2); - - curl_multi_cleanup(multi_handle); - curl_easy_cleanup(http_handle); curl_easy_cleanup(http_handle2); diff --git a/docs/examples/multi-event.c b/docs/examples/multi-event.c index 62dc73b33f..af77101b63 100644 --- a/docs/examples/multi-event.c +++ b/docs/examples/multi-event.c @@ -234,16 +234,18 @@ int main(int argc, char **argv) timeout = evtimer_new(base, on_timeout, NULL); curl_handle = curl_multi_init(); - curl_multi_setopt(curl_handle, CURLMOPT_SOCKETFUNCTION, handle_socket); - curl_multi_setopt(curl_handle, CURLMOPT_TIMERFUNCTION, start_timeout); + if(curl_handle) { + curl_multi_setopt(curl_handle, CURLMOPT_SOCKETFUNCTION, handle_socket); + curl_multi_setopt(curl_handle, CURLMOPT_TIMERFUNCTION, start_timeout); - while(argc-- > 1) { - add_download(argv[argc], argc); + while(argc-- > 1) { + add_download(argv[argc], argc); + } + + event_base_dispatch(base); + + curl_multi_cleanup(curl_handle); } - - event_base_dispatch(base); - - curl_multi_cleanup(curl_handle); event_free(timeout); event_base_free(base); diff --git a/docs/examples/multi-formadd.c b/docs/examples/multi-formadd.c index 84312ffd16..08d852ec65 100644 --- a/docs/examples/multi-formadd.c +++ b/docs/examples/multi-formadd.c @@ -40,9 +40,6 @@ int main(void) { CURL *curl; - CURLM *multi_handle; - int still_running = 0; - struct curl_httppost *formpost = NULL; struct curl_httppost *lastptr = NULL; struct curl_slist *headerlist = NULL; @@ -76,50 +73,59 @@ int main(void) CURLFORM_END); ) - curl = curl_easy_init(); - multi_handle = curl_multi_init(); - /* initialize custom header list (stating that Expect: 100-continue is not wanted */ headerlist = curl_slist_append(headerlist, buf); - if(curl && multi_handle) { - /* what URL that receives this POST */ - curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.com/upload.cgi"); - curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); + curl = curl_easy_init(); + if(curl) { + CURLM *multi_handle; - curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headerlist); - CURL_IGNORE_DEPRECATION( - curl_easy_setopt(curl, CURLOPT_HTTPPOST, formpost); - ) + multi_handle = curl_multi_init(); + if(multi_handle) { - curl_multi_add_handle(multi_handle, curl); + int still_running = 0; - do { - CURLMcode mc = curl_multi_perform(multi_handle, &still_running); + /* what URL that receives this POST */ + curl_easy_setopt(curl, CURLOPT_URL, + "https://www.example.com/upload.cgi"); + curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); - if(still_running) - /* wait for activity, timeout or "nothing" */ - mc = curl_multi_poll(multi_handle, NULL, 0, 1000, NULL); + curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headerlist); + CURL_IGNORE_DEPRECATION( + curl_easy_setopt(curl, CURLOPT_HTTPPOST, formpost); + ) - if(mc) - break; + curl_multi_add_handle(multi_handle, curl); - } while(still_running); + do { + CURLMcode mc = curl_multi_perform(multi_handle, &still_running); - curl_multi_cleanup(multi_handle); + if(still_running) + /* wait for activity, timeout or "nothing" */ + mc = curl_multi_poll(multi_handle, NULL, 0, 1000, NULL); + + if(mc) + break; + + } while(still_running); + + curl_multi_cleanup(multi_handle); + } /* always cleanup */ curl_easy_cleanup(curl); - - CURL_IGNORE_DEPRECATION( - /* then cleanup the formpost chain */ - curl_formfree(formpost); - ) - - /* free slist */ - curl_slist_free_all(headerlist); } + + CURL_IGNORE_DEPRECATION( + /* then cleanup the formpost chain */ + curl_formfree(formpost); + ) + + /* free slist */ + curl_slist_free_all(headerlist); + curl_global_cleanup(); + return 0; } diff --git a/docs/examples/multi-legacy.c b/docs/examples/multi-legacy.c index 63c238f247..19821ad6d3 100644 --- a/docs/examples/multi-legacy.c +++ b/docs/examples/multi-legacy.c @@ -43,21 +43,17 @@ * Download an HTTP file and upload an FTP file simultaneously. */ -#define HANDLECOUNT 2 /* Number of simultaneous transfers */ #define HTTP_HANDLE 0 /* Index for the HTTP transfer */ #define FTP_HANDLE 1 /* Index for the FTP transfer */ +#define HANDLECOUNT 2 /* Number of simultaneous transfers */ int main(void) { CURL *handles[HANDLECOUNT]; CURLM *multi_handle; - int still_running = 0; /* keep number of running handles */ int i; - CURLMsg *msg; /* for picking up messages with the transfer status */ - int msgs_left; /* how many messages are left */ - CURLcode res = curl_global_init(CURL_GLOBAL_ALL); if(res) return (int)res; @@ -74,124 +70,132 @@ int main(void) /* init a multi stack */ multi_handle = curl_multi_init(); + if(multi_handle) { - /* add the individual transfers */ - for(i = 0; i < HANDLECOUNT; i++) - curl_multi_add_handle(multi_handle, handles[i]); + int still_running = 0; /* keep number of running handles */ - /* we start some action by calling perform right away */ - curl_multi_perform(multi_handle, &still_running); + CURLMsg *msg; /* for picking up messages with the transfer status */ + int msgs_left; /* how many messages are left */ - while(still_running) { - struct timeval timeout; - int rc; /* select() return code */ - CURLMcode mc; /* curl_multi_fdset() return code */ + /* add the individual transfers */ + for(i = 0; i < HANDLECOUNT; i++) + curl_multi_add_handle(multi_handle, handles[i]); - fd_set fdread; - fd_set fdwrite; - fd_set fdexcep; - int maxfd = -1; + /* we start some action by calling perform right away */ + curl_multi_perform(multi_handle, &still_running); - long curl_timeo = -1; + while(still_running) { - FD_ZERO(&fdread); - FD_ZERO(&fdwrite); - FD_ZERO(&fdexcep); + struct timeval timeout; + int rc; /* select() return code */ + CURLMcode mc; /* curl_multi_fdset() return code */ - /* set a suitable timeout to play around with */ - timeout.tv_sec = 1; - timeout.tv_usec = 0; + fd_set fdread; + fd_set fdwrite; + fd_set fdexcep; + int maxfd = -1; - curl_multi_timeout(multi_handle, &curl_timeo); - if(curl_timeo >= 0) { + long curl_timeo = -1; + + FD_ZERO(&fdread); + FD_ZERO(&fdwrite); + FD_ZERO(&fdexcep); + + /* set a suitable timeout to play around with */ + timeout.tv_sec = 1; + timeout.tv_usec = 0; + + curl_multi_timeout(multi_handle, &curl_timeo); + if(curl_timeo >= 0) { #if defined(MSDOS) || defined(__AMIGA__) - timeout.tv_sec = (time_t)(curl_timeo / 1000); + timeout.tv_sec = (time_t)(curl_timeo / 1000); #else - timeout.tv_sec = curl_timeo / 1000; + timeout.tv_sec = curl_timeo / 1000; #endif - if(timeout.tv_sec > 1) - timeout.tv_sec = 1; - else + if(timeout.tv_sec > 1) + timeout.tv_sec = 1; + else #if defined(MSDOS) || defined(__AMIGA__) - timeout.tv_usec = (time_t)(curl_timeo % 1000) * 1000; + timeout.tv_usec = (time_t)(curl_timeo % 1000) * 1000; #else - timeout.tv_usec = (int)(curl_timeo % 1000) * 1000; + timeout.tv_usec = (int)(curl_timeo % 1000) * 1000; #endif - } + } - /* get file descriptors from the transfers */ - mc = curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd); + /* get file descriptors from the transfers */ + mc = curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd); - if(mc != CURLM_OK) { - fprintf(stderr, "curl_multi_fdset() failed, code %d.\n", mc); - break; - } + if(mc != CURLM_OK) { + fprintf(stderr, "curl_multi_fdset() failed, code %d.\n", mc); + break; + } - /* On success the value of maxfd is guaranteed to be >= -1. We call - select(maxfd + 1, ...); specially in case of (maxfd == -1) there are - no fds ready yet so we call select(0, ...) --or Sleep() on Windows-- - to sleep 100ms, which is the minimum suggested value in the - curl_multi_fdset() doc. */ + /* On success the value of maxfd is guaranteed to be >= -1. We call + select(maxfd + 1, ...); specially in case of (maxfd == -1) there are + no fds ready yet so we call select(0, ...) --or Sleep() on Windows-- + to sleep 100ms, which is the minimum suggested value in the + curl_multi_fdset() doc. */ - if(maxfd == -1) { + if(maxfd == -1) { #ifdef _WIN32 - Sleep(100); - rc = 0; + Sleep(100); + rc = 0; #else - /* Portable sleep for platforms other than Windows. */ - struct timeval wait = {0}; - wait.tv_usec = 100 * 1000; /* 100ms */ - rc = select(0, NULL, NULL, NULL, &wait); + /* Portable sleep for platforms other than Windows. */ + struct timeval wait = {0}; + wait.tv_usec = 100 * 1000; /* 100ms */ + rc = select(0, NULL, NULL, NULL, &wait); #endif - } - else { - /* Note that on some platforms 'timeout' may be modified by select(). - If you need access to the original value save a copy beforehand. */ - rc = select(maxfd + 1, &fdread, &fdwrite, &fdexcep, &timeout); + } + else { + /* Note that on some platforms 'timeout' may be modified by select(). + If you need access to the original value save a copy beforehand. */ + rc = select(maxfd + 1, &fdread, &fdwrite, &fdexcep, &timeout); + } + + switch(rc) { + case -1: + /* select error */ + break; + case 0: /* timeout */ + default: /* action */ + curl_multi_perform(multi_handle, &still_running); + break; + } } - switch(rc) { - case -1: - /* select error */ - break; - case 0: /* timeout */ - default: /* action */ - curl_multi_perform(multi_handle, &still_running); - break; - } - } + /* See how the transfers went */ + /* !checksrc! disable EQUALSNULL 1 */ + while((msg = curl_multi_info_read(multi_handle, &msgs_left)) != NULL) { + if(msg->msg == CURLMSG_DONE) { + int idx; - /* See how the transfers went */ - /* !checksrc! disable EQUALSNULL 1 */ - while((msg = curl_multi_info_read(multi_handle, &msgs_left)) != NULL) { - if(msg->msg == CURLMSG_DONE) { - int idx; + /* Find out which handle this message is about */ + for(idx = 0; idx < HANDLECOUNT; idx++) { + int found = (msg->easy_handle == handles[idx]); + if(found) + break; + } - /* Find out which handle this message is about */ - for(idx = 0; idx < HANDLECOUNT; idx++) { - int found = (msg->easy_handle == handles[idx]); - if(found) + switch(idx) { + case HTTP_HANDLE: + printf("HTTP transfer completed with status %d\n", msg->data.result); break; - } - - switch(idx) { - case HTTP_HANDLE: - printf("HTTP transfer completed with status %d\n", msg->data.result); - break; - case FTP_HANDLE: - printf("FTP transfer completed with status %d\n", msg->data.result); - break; + case FTP_HANDLE: + printf("FTP transfer completed with status %d\n", msg->data.result); + break; + } } } - } - curl_multi_cleanup(multi_handle); + curl_multi_cleanup(multi_handle); + } /* Free the curl handles */ for(i = 0; i < HANDLECOUNT; i++) curl_easy_cleanup(handles[i]); - curl_global_cleanup(); + curl_global_cleanup(); return 0; } diff --git a/docs/examples/multi-post.c b/docs/examples/multi-post.c index 45416b8511..ac7d2f5252 100644 --- a/docs/examples/multi-post.c +++ b/docs/examples/multi-post.c @@ -33,77 +33,82 @@ int main(void) { - CURL *curl; - - CURLM *multi_handle; - int still_running = 0; - curl_mime *form = NULL; curl_mimepart *field = NULL; struct curl_slist *headerlist = NULL; static const char buf[] = "Expect:"; + CURL *curl; + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); if(res) return (int)res; curl = curl_easy_init(); - multi_handle = curl_multi_init(); + if(curl) { + CURLM *multi_handle; - if(curl && multi_handle) { - /* Create the form */ - form = curl_mime_init(curl); + multi_handle = curl_multi_init(); + if(multi_handle) { + int still_running = 0; - /* Fill in the file upload field */ - field = curl_mime_addpart(form); - curl_mime_name(field, "sendfile"); - curl_mime_filedata(field, "multi-post.c"); + /* Create the form */ + form = curl_mime_init(curl); - /* Fill in the filename field */ - field = curl_mime_addpart(form); - curl_mime_name(field, "filename"); - curl_mime_data(field, "multi-post.c", CURL_ZERO_TERMINATED); + /* Fill in the file upload field */ + field = curl_mime_addpart(form); + curl_mime_name(field, "sendfile"); + curl_mime_filedata(field, "multi-post.c"); - /* Fill in the submit field too, even if this is rarely needed */ - field = curl_mime_addpart(form); - curl_mime_name(field, "submit"); - curl_mime_data(field, "send", CURL_ZERO_TERMINATED); + /* Fill in the filename field */ + field = curl_mime_addpart(form); + curl_mime_name(field, "filename"); + curl_mime_data(field, "multi-post.c", CURL_ZERO_TERMINATED); - /* initialize custom header list (stating that Expect: 100-continue is not - wanted */ - headerlist = curl_slist_append(headerlist, buf); + /* Fill in the submit field too, even if this is rarely needed */ + field = curl_mime_addpart(form); + curl_mime_name(field, "submit"); + curl_mime_data(field, "send", CURL_ZERO_TERMINATED); - /* what URL that receives this POST */ - curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.com/upload.cgi"); - curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); + /* initialize custom header list (stating that Expect: 100-continue is + not wanted */ + headerlist = curl_slist_append(headerlist, buf); - curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headerlist); - curl_easy_setopt(curl, CURLOPT_MIMEPOST, form); + /* what URL that receives this POST */ + curl_easy_setopt(curl, CURLOPT_URL, + "https://www.example.com/upload.cgi"); + curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); - curl_multi_add_handle(multi_handle, curl); + curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headerlist); + curl_easy_setopt(curl, CURLOPT_MIMEPOST, form); - do { - CURLMcode mc = curl_multi_perform(multi_handle, &still_running); + curl_multi_add_handle(multi_handle, curl); - if(still_running) - /* wait for activity, timeout or "nothing" */ - mc = curl_multi_poll(multi_handle, NULL, 0, 1000, NULL); + do { + CURLMcode mc = curl_multi_perform(multi_handle, &still_running); - if(mc) - break; - } while(still_running); + if(still_running) + /* wait for activity, timeout or "nothing" */ + mc = curl_multi_poll(multi_handle, NULL, 0, 1000, NULL); - curl_multi_cleanup(multi_handle); + if(mc) + break; + } while(still_running); + + curl_multi_cleanup(multi_handle); + } /* always cleanup */ curl_easy_cleanup(curl); - - /* then cleanup the form */ - curl_mime_free(form); - - /* free slist */ - curl_slist_free_all(headerlist); } + + /* then cleanup the form */ + curl_mime_free(form); + + /* free slist */ + curl_slist_free_all(headerlist); + curl_global_cleanup(); + return 0; } diff --git a/docs/examples/multi-single.c b/docs/examples/multi-single.c index 3ba26e79db..50736c7201 100644 --- a/docs/examples/multi-single.c +++ b/docs/examples/multi-single.c @@ -38,43 +38,48 @@ int main(void) { CURL *http_handle; - CURLM *multi_handle; - int still_running = 1; /* keep number of running handles */ CURLcode res = curl_global_init(CURL_GLOBAL_ALL); if(res) return (int)res; http_handle = curl_easy_init(); + if(http_handle) { - /* set the options (I left out a few, you get the point anyway) */ - curl_easy_setopt(http_handle, CURLOPT_URL, "https://www.example.com/"); + CURLM *multi_handle; + int still_running = 1; /* keep number of running handles */ - /* init a multi stack */ - multi_handle = curl_multi_init(); + /* set the options (I left out a few, you get the point anyway) */ + curl_easy_setopt(http_handle, CURLOPT_URL, "https://www.example.com/"); - /* add the individual transfers */ - curl_multi_add_handle(multi_handle, http_handle); + /* init a multi stack */ + multi_handle = curl_multi_init(); + if(multi_handle) { - do { - CURLMcode mc = curl_multi_perform(multi_handle, &still_running); + /* add the individual transfers */ + curl_multi_add_handle(multi_handle, http_handle); - if(!mc) - /* wait for activity, timeout or "nothing" */ - mc = curl_multi_poll(multi_handle, NULL, 0, 1000, NULL); + do { + CURLMcode mc = curl_multi_perform(multi_handle, &still_running); - if(mc) { - fprintf(stderr, "curl_multi_poll() failed, code %d.\n", (int)mc); - break; + if(!mc) + /* wait for activity, timeout or "nothing" */ + mc = curl_multi_poll(multi_handle, NULL, 0, 1000, NULL); + + if(mc) { + fprintf(stderr, "curl_multi_poll() failed, code %d.\n", (int)mc); + break; + } + + } while(still_running); + + curl_multi_remove_handle(multi_handle, http_handle); + + curl_multi_cleanup(multi_handle); } - } while(still_running); - - curl_multi_remove_handle(multi_handle, http_handle); - - curl_easy_cleanup(http_handle); - - curl_multi_cleanup(multi_handle); + curl_easy_cleanup(http_handle); + } curl_global_cleanup(); diff --git a/docs/examples/multi-uv.c b/docs/examples/multi-uv.c index b4f5587c0f..d2f18348e6 100644 --- a/docs/examples/multi-uv.c +++ b/docs/examples/multi-uv.c @@ -241,21 +241,22 @@ int main(int argc, char **argv) uv_timer_init(uv.loop, &uv.timeout); uv.multi = curl_multi_init(); - curl_multi_setopt(uv.multi, CURLMOPT_SOCKETFUNCTION, cb_socket); - curl_multi_setopt(uv.multi, CURLMOPT_SOCKETDATA, &uv); - curl_multi_setopt(uv.multi, CURLMOPT_TIMERFUNCTION, cb_timeout); - curl_multi_setopt(uv.multi, CURLMOPT_TIMERDATA, &uv); + if(uv.multi) { + curl_multi_setopt(uv.multi, CURLMOPT_SOCKETFUNCTION, cb_socket); + curl_multi_setopt(uv.multi, CURLMOPT_SOCKETDATA, &uv); + curl_multi_setopt(uv.multi, CURLMOPT_TIMERFUNCTION, cb_timeout); + curl_multi_setopt(uv.multi, CURLMOPT_TIMERDATA, &uv); - while(argc-- > 1) { - add_download(argv[argc], argc, uv.multi); + while(argc-- > 1) { + add_download(argv[argc], argc, uv.multi); + } + + /* kickstart the thing */ + curl_multi_socket_action(uv.multi, CURL_SOCKET_TIMEOUT, 0, + &running_handles); + uv_run(uv.loop, UV_RUN_DEFAULT); + curl_multi_cleanup(uv.multi); } - - /* kickstart the thing */ - curl_multi_socket_action(uv.multi, CURL_SOCKET_TIMEOUT, 0, &running_handles); - uv_run(uv.loop, UV_RUN_DEFAULT); - curl_multi_cleanup(uv.multi); - curl_global_cleanup(); - curl_global_cleanup(); return 0; diff --git a/docs/examples/multithread.c b/docs/examples/multithread.c index 5818dfebee..36836ef475 100644 --- a/docs/examples/multithread.c +++ b/docs/examples/multithread.c @@ -52,13 +52,15 @@ static const char * const urls[NUMT]= { static void *pull_one_url(void *pindex) { - int i = *(int *)pindex; CURL *curl; curl = curl_easy_init(); - curl_easy_setopt(curl, CURLOPT_URL, urls[i]); - (void)curl_easy_perform(curl); /* ignores error */ - curl_easy_cleanup(curl); + if(curl) { + int i = *(int *)pindex; + curl_easy_setopt(curl, CURLOPT_URL, urls[i]); + (void)curl_easy_perform(curl); /* ignores error */ + curl_easy_cleanup(curl); + } return NULL; } diff --git a/docs/examples/postinmemory.c b/docs/examples/postinmemory.c index 2a8f2b6dd0..50b3b6fe7b 100644 --- a/docs/examples/postinmemory.c +++ b/docs/examples/postinmemory.c @@ -35,8 +35,8 @@ struct MemoryStruct { size_t size; }; -static size_t -WriteMemoryCallback(void *contents, size_t size, size_t nmemb, void *userp) +static size_t WriteMemoryCallback(void *contents, size_t size, size_t nmemb, + void *userp) { size_t realsize = size * nmemb; struct MemoryStruct *mem = (struct MemoryStruct *)userp; diff --git a/docs/examples/postit2.c b/docs/examples/postit2.c index c42ea812c1..57c7c86e3a 100644 --- a/docs/examples/postit2.c +++ b/docs/examples/postit2.c @@ -46,19 +46,18 @@ int main(int argc, char *argv[]) { CURL *curl; - CURLcode res; - curl_mime *form = NULL; - curl_mimepart *field = NULL; - struct curl_slist *headerlist = NULL; - static const char buf[] = "Expect:"; - - res = curl_global_init(CURL_GLOBAL_ALL); + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); if(res) return (int)res; curl = curl_easy_init(); if(curl) { + curl_mime *form = NULL; + curl_mimepart *field = NULL; + struct curl_slist *headerlist = NULL; + static const char buf[] = "Expect:"; + /* Create the form */ form = curl_mime_init(curl); diff --git a/docs/examples/progressfunc.c b/docs/examples/progressfunc.c index 012fd1e6ae..35adc6c82d 100644 --- a/docs/examples/progressfunc.c +++ b/docs/examples/progressfunc.c @@ -70,7 +70,6 @@ static int xferinfo(void *p, int main(void) { CURL *curl; - struct myprogress prog; CURLcode res = curl_global_init(CURL_GLOBAL_ALL); if(res) @@ -78,6 +77,8 @@ int main(void) curl = curl_easy_init(); if(curl) { + struct myprogress prog; + prog.lastruntime = 0; prog.curl = curl; diff --git a/docs/examples/sftpuploadresume.c b/docs/examples/sftpuploadresume.c index 4bb0f3e48e..8745abe78b 100644 --- a/docs/examples/sftpuploadresume.c +++ b/docs/examples/sftpuploadresume.c @@ -121,8 +121,6 @@ static int sftpResumeUpload(CURL *curlhandle, const char *remotepath, int main(void) { - const char *remote = "sftp://user:pass@example.com/path/filename"; - const char *filename = "filename"; CURL *curlhandle = NULL; CURLcode res = curl_global_init(CURL_GLOBAL_ALL); @@ -130,12 +128,16 @@ int main(void) return (int)res; curlhandle = curl_easy_init(); + if(curlhandle) { + const char *remote = "sftp://user:pass@example.com/path/filename"; + const char *filename = "filename"; - if(!sftpResumeUpload(curlhandle, remote, filename)) { - printf("resumed upload using curl %s failed\n", curl_version()); + if(!sftpResumeUpload(curlhandle, remote, filename)) { + printf("resumed upload using curl %s failed\n", curl_version()); + } + + curl_easy_cleanup(curlhandle); } - - curl_easy_cleanup(curlhandle); curl_global_cleanup(); return 0; diff --git a/docs/examples/smooth-gtk-thread.c b/docs/examples/smooth-gtk-thread.c index 29d134db47..5a0bb2d05e 100644 --- a/docs/examples/smooth-gtk-thread.c +++ b/docs/examples/smooth-gtk-thread.c @@ -67,22 +67,24 @@ size_t write_file(void *ptr, size_t size, size_t nmemb, FILE *stream) static void run_one(gchar *http, int j) { - FILE *outfile = fopen(urls[j], "wb"); CURL *curl; curl = curl_easy_init(); if(curl) { printf("j = %d\n", j); - /* Set the URL and transfer type */ - curl_easy_setopt(curl, CURLOPT_URL, http); + FILE *outfile = fopen(urls[j], "wb"); + if(outfile) { + /* Set the URL and transfer type */ + curl_easy_setopt(curl, CURLOPT_URL, http); - /* Write to the file */ - curl_easy_setopt(curl, CURLOPT_WRITEDATA, outfile); - curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_file); - (void)curl_easy_perform(curl); + /* Write to the file */ + curl_easy_setopt(curl, CURLOPT_WRITEDATA, outfile); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_file); + (void)curl_easy_perform(curl); - fclose(outfile); + fclose(outfile); + } curl_easy_cleanup(curl); } } diff --git a/docs/examples/smtp-authzid.c b/docs/examples/smtp-authzid.c index addc17691e..758a7fdaaf 100644 --- a/docs/examples/smtp-authzid.c +++ b/docs/examples/smtp-authzid.c @@ -95,8 +95,6 @@ static size_t payload_source(char *ptr, size_t size, size_t nmemb, void *userp) int main(void) { CURL *curl; - struct curl_slist *recipients = NULL; - struct upload_status upload_ctx = { 0 }; CURLcode res = curl_global_init(CURL_GLOBAL_ALL); if(res) @@ -104,6 +102,9 @@ int main(void) curl = curl_easy_init(); if(curl) { + struct curl_slist *recipients = NULL; + struct upload_status upload_ctx = { 0 }; + /* This is the URL for your mailserver. In this example we connect to the smtp-submission port as we require an authenticated connection. */ curl_easy_setopt(curl, CURLOPT_URL, "smtp://mail.example.com:587"); diff --git a/docs/examples/smtp-expn.c b/docs/examples/smtp-expn.c index baec49be69..727880d619 100644 --- a/docs/examples/smtp-expn.c +++ b/docs/examples/smtp-expn.c @@ -42,7 +42,6 @@ int main(void) { CURL *curl; - struct curl_slist *recipients = NULL; CURLcode res = curl_global_init(CURL_GLOBAL_ALL); if(res) @@ -50,6 +49,8 @@ int main(void) curl = curl_easy_init(); if(curl) { + struct curl_slist *recipients = NULL; + /* This is the URL for your mailserver */ curl_easy_setopt(curl, CURLOPT_URL, "smtp://mail.example.com"); diff --git a/docs/examples/smtp-mail.c b/docs/examples/smtp-mail.c index 6583fc4709..d3f4346b8c 100644 --- a/docs/examples/smtp-mail.c +++ b/docs/examples/smtp-mail.c @@ -92,8 +92,6 @@ static size_t payload_source(char *ptr, size_t size, size_t nmemb, void *userp) int main(void) { CURL *curl; - struct curl_slist *recipients = NULL; - struct upload_status upload_ctx = { 0 }; CURLcode res = curl_global_init(CURL_GLOBAL_ALL); if(res) @@ -101,6 +99,9 @@ int main(void) curl = curl_easy_init(); if(curl) { + struct curl_slist *recipients = NULL; + struct upload_status upload_ctx = { 0 }; + /* This is the URL for your mailserver */ curl_easy_setopt(curl, CURLOPT_URL, "smtp://mail.example.com"); diff --git a/docs/examples/smtp-ssl.c b/docs/examples/smtp-ssl.c index f952441c9c..ca73b73fca 100644 --- a/docs/examples/smtp-ssl.c +++ b/docs/examples/smtp-ssl.c @@ -89,8 +89,6 @@ static size_t payload_source(char *ptr, size_t size, size_t nmemb, void *userp) int main(void) { CURL *curl; - struct curl_slist *recipients = NULL; - struct upload_status upload_ctx = { 0 }; CURLcode res = curl_global_init(CURL_GLOBAL_ALL); if(res) @@ -98,6 +96,9 @@ int main(void) curl = curl_easy_init(); if(curl) { + struct curl_slist *recipients = NULL; + struct upload_status upload_ctx = { 0 }; + /* Set username and password */ curl_easy_setopt(curl, CURLOPT_USERNAME, "user"); curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret"); diff --git a/docs/examples/smtp-tls.c b/docs/examples/smtp-tls.c index 3eaea9d879..4f7379529c 100644 --- a/docs/examples/smtp-tls.c +++ b/docs/examples/smtp-tls.c @@ -89,8 +89,6 @@ static size_t payload_source(char *ptr, size_t size, size_t nmemb, void *userp) int main(void) { CURL *curl; - struct curl_slist *recipients = NULL; - struct upload_status upload_ctx = { 0 }; CURLcode res = curl_global_init(CURL_GLOBAL_ALL); if(res) @@ -98,6 +96,9 @@ int main(void) curl = curl_easy_init(); if(curl) { + struct curl_slist *recipients = NULL; + struct upload_status upload_ctx = { 0 }; + /* Set username and password */ curl_easy_setopt(curl, CURLOPT_USERNAME, "user"); curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret"); diff --git a/docs/examples/smtp-vrfy.c b/docs/examples/smtp-vrfy.c index 76dd8069ad..33d439ec9c 100644 --- a/docs/examples/smtp-vrfy.c +++ b/docs/examples/smtp-vrfy.c @@ -45,7 +45,6 @@ int main(void) { CURL *curl; - struct curl_slist *recipients = NULL; CURLcode res = curl_global_init(CURL_GLOBAL_ALL); if(res) @@ -53,6 +52,8 @@ int main(void) curl = curl_easy_init(); if(curl) { + struct curl_slist *recipients = NULL; + /* This is the URL for your mailserver */ curl_easy_setopt(curl, CURLOPT_URL, "smtp://mail.example.com"); diff --git a/docs/examples/threaded-ssl.c b/docs/examples/threaded-ssl.c index 7f09a76fc1..5d984a670a 100644 --- a/docs/examples/threaded-ssl.c +++ b/docs/examples/threaded-ssl.c @@ -55,17 +55,19 @@ static const char * const urls[]= { static void *pull_one_url(void *pindex) { - int i = *(int *)pindex; CURL *curl; curl = curl_easy_init(); - curl_easy_setopt(curl, CURLOPT_URL, urls[i]); - /* this example does not verify the server's certificate, which means we - might be downloading stuff from an impostor */ - curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); - curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L); - (void)curl_easy_perform(curl); /* ignores error */ - curl_easy_cleanup(curl); + if(curl) { + int i = *(int *)pindex; + curl_easy_setopt(curl, CURLOPT_URL, urls[i]); + /* this example does not verify the server's certificate, which means we + might be downloading stuff from an impostor */ + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L); + (void)curl_easy_perform(curl); /* ignores error */ + curl_easy_cleanup(curl); + } return NULL; } diff --git a/docs/examples/url2file.c b/docs/examples/url2file.c index 2e8e225fce..8e9e01db15 100644 --- a/docs/examples/url2file.c +++ b/docs/examples/url2file.c @@ -38,10 +38,10 @@ static size_t write_data(void *ptr, size_t size, size_t nmemb, void *stream) int main(int argc, char *argv[]) { + static const char *pagefilename = "page.out"; + CURLcode res; CURL *curl_handle; - static const char *pagefilename = "page.out"; - FILE *pagefile; if(argc < 2) { printf("Usage: %s \n", argv[0]); @@ -56,36 +56,39 @@ int main(int argc, char *argv[]) /* init the curl session */ curl_handle = curl_easy_init(); + if(curl_handle) { + FILE *pagefile; - /* set URL to get here */ - curl_easy_setopt(curl_handle, CURLOPT_URL, argv[1]); + /* set URL to get here */ + curl_easy_setopt(curl_handle, CURLOPT_URL, argv[1]); - /* Switch on full protocol/debug output while testing */ - curl_easy_setopt(curl_handle, CURLOPT_VERBOSE, 1L); + /* Switch on full protocol/debug output while testing */ + curl_easy_setopt(curl_handle, CURLOPT_VERBOSE, 1L); - /* disable progress meter, set to 0L to enable it */ - curl_easy_setopt(curl_handle, CURLOPT_NOPROGRESS, 1L); + /* disable progress meter, set to 0L to enable it */ + curl_easy_setopt(curl_handle, CURLOPT_NOPROGRESS, 1L); - /* send all data to this function */ - curl_easy_setopt(curl_handle, CURLOPT_WRITEFUNCTION, write_data); + /* send all data to this function */ + curl_easy_setopt(curl_handle, CURLOPT_WRITEFUNCTION, write_data); - /* open the file */ - pagefile = fopen(pagefilename, "wb"); - if(pagefile) { + /* open the file */ + pagefile = fopen(pagefilename, "wb"); + if(pagefile) { - /* write the page body to this file handle */ - curl_easy_setopt(curl_handle, CURLOPT_WRITEDATA, pagefile); + /* write the page body to this file handle */ + curl_easy_setopt(curl_handle, CURLOPT_WRITEDATA, pagefile); - /* get it! */ - res = curl_easy_perform(curl_handle); + /* get it! */ + res = curl_easy_perform(curl_handle); - /* close the header file */ - fclose(pagefile); + /* close the header file */ + fclose(pagefile); + } + + /* cleanup curl stuff */ + curl_easy_cleanup(curl_handle); } - /* cleanup curl stuff */ - curl_easy_cleanup(curl_handle); - curl_global_cleanup(); return (int)res; diff --git a/docs/examples/urlapi.c b/docs/examples/urlapi.c index 8953146e4d..82ef3e19aa 100644 --- a/docs/examples/urlapi.c +++ b/docs/examples/urlapi.c @@ -34,8 +34,7 @@ int main(void) { - CURL *curl; - + CURL *curl = NULL; CURLU *urlp; CURLUcode uc; @@ -43,9 +42,6 @@ int main(void) if(res) return (int)res; - /* get a curl handle */ - curl = curl_easy_init(); - /* init Curl URL */ urlp = curl_url(); uc = curl_url_set(urlp, CURLUPART_URL, @@ -56,6 +52,8 @@ int main(void) goto cleanup; } + /* get a curl handle */ + curl = curl_easy_init(); if(curl) { /* set urlp to use as working URL */ curl_easy_setopt(curl, CURLOPT_CURLU, urlp); @@ -69,8 +67,6 @@ int main(void) if(res != CURLE_OK) fprintf(stderr, "curl_easy_perform() failed: %s\n", curl_easy_strerror(res)); - - goto cleanup; } cleanup: diff --git a/docs/examples/usercertinmem.c b/docs/examples/usercertinmem.c index d95e2a1cdd..c53fcde9cb 100644 --- a/docs/examples/usercertinmem.c +++ b/docs/examples/usercertinmem.c @@ -162,45 +162,46 @@ int main(void) if(res) return (int)res; - curl_global_init(CURL_GLOBAL_ALL); ch = curl_easy_init(); - curl_easy_setopt(ch, CURLOPT_VERBOSE, 0L); - curl_easy_setopt(ch, CURLOPT_HEADER, 0L); - curl_easy_setopt(ch, CURLOPT_NOPROGRESS, 1L); - curl_easy_setopt(ch, CURLOPT_NOSIGNAL, 1L); - curl_easy_setopt(ch, CURLOPT_WRITEFUNCTION, writefunction); - curl_easy_setopt(ch, CURLOPT_WRITEDATA, stdout); - curl_easy_setopt(ch, CURLOPT_HEADERFUNCTION, writefunction); - curl_easy_setopt(ch, CURLOPT_HEADERDATA, stderr); - curl_easy_setopt(ch, CURLOPT_SSLCERTTYPE, "PEM"); + if(ch) { + curl_easy_setopt(ch, CURLOPT_VERBOSE, 0L); + curl_easy_setopt(ch, CURLOPT_HEADER, 0L); + curl_easy_setopt(ch, CURLOPT_NOPROGRESS, 1L); + curl_easy_setopt(ch, CURLOPT_NOSIGNAL, 1L); + curl_easy_setopt(ch, CURLOPT_WRITEFUNCTION, writefunction); + curl_easy_setopt(ch, CURLOPT_WRITEDATA, stdout); + curl_easy_setopt(ch, CURLOPT_HEADERFUNCTION, writefunction); + curl_easy_setopt(ch, CURLOPT_HEADERDATA, stderr); + curl_easy_setopt(ch, CURLOPT_SSLCERTTYPE, "PEM"); - /* both VERIFYPEER and VERIFYHOST are set to 0 in this case because there is - no CA certificate */ + /* both VERIFYPEER and VERIFYHOST are set to 0 in this case because there + is no CA certificate */ - curl_easy_setopt(ch, CURLOPT_SSL_VERIFYPEER, 0L); - curl_easy_setopt(ch, CURLOPT_SSL_VERIFYHOST, 0L); - curl_easy_setopt(ch, CURLOPT_URL, "https://www.example.com/"); - curl_easy_setopt(ch, CURLOPT_SSLKEYTYPE, "PEM"); + curl_easy_setopt(ch, CURLOPT_SSL_VERIFYPEER, 0L); + curl_easy_setopt(ch, CURLOPT_SSL_VERIFYHOST, 0L); + curl_easy_setopt(ch, CURLOPT_URL, "https://www.example.com/"); + curl_easy_setopt(ch, CURLOPT_SSLKEYTYPE, "PEM"); - /* first try: retrieve page without user certificate and key -> fails */ - res = curl_easy_perform(ch); - if(res == CURLE_OK) - printf("*** transfer succeeded ***\n"); - else - printf("*** transfer failed ***\n"); + /* first try: retrieve page without user certificate and key -> fails */ + res = curl_easy_perform(ch); + if(res == CURLE_OK) + printf("*** transfer succeeded ***\n"); + else + printf("*** transfer failed ***\n"); - /* second try: retrieve page using user certificate and key -> succeeds - * load the certificate and key by installing a function doing the necessary - * "modifications" to the SSL CONTEXT just before link init - */ - curl_easy_setopt(ch, CURLOPT_SSL_CTX_FUNCTION, sslctx_function); - res = curl_easy_perform(ch); - if(res == CURLE_OK) - printf("*** transfer succeeded ***\n"); - else - printf("*** transfer failed ***\n"); + /* second try: retrieve page using user certificate and key -> succeeds + * load the certificate and key by installing a function doing + * the necessary "modifications" to the SSL CONTEXT just before link init + */ + curl_easy_setopt(ch, CURLOPT_SSL_CTX_FUNCTION, sslctx_function); + res = curl_easy_perform(ch); + if(res == CURLE_OK) + printf("*** transfer succeeded ***\n"); + else + printf("*** transfer failed ***\n"); - curl_easy_cleanup(ch); + curl_easy_cleanup(ch); + } curl_global_cleanup(); return (int)res; } diff --git a/docs/examples/xmlstream.c b/docs/examples/xmlstream.c index 4f8401be4a..1131a3ce9e 100644 --- a/docs/examples/xmlstream.c +++ b/docs/examples/xmlstream.c @@ -117,56 +117,60 @@ static size_t parseStreamCallback(void *contents, size_t length, size_t nmemb, int main(void) { CURL *curl_handle; - CURLcode res; - XML_Parser parser; - struct ParserStruct state; - /* Initialize the state structure for parsing. */ - memset(&state, 0, sizeof(state)); - state.ok = 1; - - /* Initialize a namespace-aware parser. */ - parser = XML_ParserCreateNS(NULL, '\0'); - XML_SetUserData(parser, &state); - XML_SetElementHandler(parser, startElement, endElement); - XML_SetCharacterDataHandler(parser, characterDataHandler); - - res = curl_global_init(CURL_GLOBAL_ALL); + CURLcode res = curl_global_init(CURL_GLOBAL_ALL); if(res) return (int)res; /* Initialize a libcurl handle. */ curl_handle = curl_easy_init(); - curl_easy_setopt(curl_handle, CURLOPT_URL, - "https://www.w3schools.com/xml/simple.xml"); - curl_easy_setopt(curl_handle, CURLOPT_WRITEFUNCTION, parseStreamCallback); - curl_easy_setopt(curl_handle, CURLOPT_WRITEDATA, (void *)parser); + if(curl) { + XML_Parser parser; + struct ParserStruct state; - printf("Depth Characters Closing Tag\n"); + /* Initialize the state structure for parsing. */ + memset(&state, 0, sizeof(state)); + state.ok = 1; - /* Perform the request and any follow-up parsing. */ - res = curl_easy_perform(curl_handle); - if(res != CURLE_OK) { - fprintf(stderr, "curl_easy_perform() failed: %s\n", - curl_easy_strerror(res)); - } - else if(state.ok) { - /* Expat requires one final call to finalize parsing. */ - if(XML_Parse(parser, NULL, 0, 1) == 0) { - enum XML_Error error_code = XML_GetErrorCode(parser); - fprintf(stderr, "Finalizing parsing failed with error code %d (%s).\n", - error_code, XML_ErrorString(error_code)); + /* Initialize a namespace-aware parser. */ + parser = XML_ParserCreateNS(NULL, '\0'); + XML_SetUserData(parser, &state); + XML_SetElementHandler(parser, startElement, endElement); + XML_SetCharacterDataHandler(parser, characterDataHandler); + + curl_easy_setopt(curl_handle, CURLOPT_URL, + "https://www.w3schools.com/xml/simple.xml"); + curl_easy_setopt(curl_handle, CURLOPT_WRITEFUNCTION, parseStreamCallback); + curl_easy_setopt(curl_handle, CURLOPT_WRITEDATA, (void *)parser); + + printf("Depth Characters Closing Tag\n"); + + /* Perform the request and any follow-up parsing. */ + res = curl_easy_perform(curl_handle); + if(res != CURLE_OK) { + fprintf(stderr, "curl_easy_perform() failed: %s\n", + curl_easy_strerror(res)); } - else { - printf(" --------------\n"); - printf(" %lu tags total\n", state.tags); + else if(state.ok) { + /* Expat requires one final call to finalize parsing. */ + if(XML_Parse(parser, NULL, 0, 1) == 0) { + enum XML_Error error_code = XML_GetErrorCode(parser); + fprintf(stderr, "Finalizing parsing failed with error code %d (%s).\n", + error_code, XML_ErrorString(error_code)); + } + else { + printf(" --------------\n"); + printf(" %lu tags total\n", state.tags); + } } + + /* Clean up. */ + free(state.characters.memory); + XML_ParserFree(parser); + + curl_easy_cleanup(curl_handle); } - /* Clean up. */ - free(state.characters.memory); - XML_ParserFree(parser); - curl_easy_cleanup(curl_handle); curl_global_cleanup(); return (int)res; From fe06127dedfc0047c9e748658f23d52f32117055 Mon Sep 17 00:00:00 2001 From: Jay Satiro Date: Fri, 10 Oct 2025 15:42:27 -0400 Subject: [PATCH 0448/2408] tool_operate: retry on HTTP response codes 522 and 524 - Treat HTTP response codes 522 and 524 as a transient error since Cloudflare may use them instead of 504 to signal timeout. For example here is a 522 error message from Cloudflare: "The initial connection between Cloudflare's network and the origin web server timed out. As a result, the web page can not be displayed." Prior to this change the curl tool did not retry on HTTP response codes 522 and 524 when --retry was used. Fixes https://github.com/curl/curl/discussions/16143 Closes https://github.com/curl/curl/pull/19011 --- docs/cmdline-opts/retry.md | 4 ++-- src/tool_operate.c | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/docs/cmdline-opts/retry.md b/docs/cmdline-opts/retry.md index f55d8edcca..4d9e83cd5f 100644 --- a/docs/cmdline-opts/retry.md +++ b/docs/cmdline-opts/retry.md @@ -20,8 +20,8 @@ Example: If a transient error is returned when curl tries to perform a transfer, it retries this number of times before giving up. Setting the number to 0 makes curl do no retries (which is the default). Transient error means either: a -timeout, an FTP 4xx response code or an HTTP 408, 429, 500, 502, 503 or 504 -response code. +timeout, an FTP 4xx response code or an HTTP 408, 429, 500, 502, 503, 504, 522 +or 524 response code. When curl is about to retry a transfer, it first waits one second and then for all forthcoming retries it doubles the waiting time until it reaches 10 diff --git a/src/tool_operate.c b/src/tool_operate.c index 397b2159e1..c7d01bb59a 100644 --- a/src/tool_operate.c +++ b/src/tool_operate.c @@ -412,6 +412,8 @@ static CURLcode retrycheck(struct OperationConfig *config, case 502: /* Bad Gateway */ case 503: /* Service Unavailable */ case 504: /* Gateway Timeout */ + case 522: /* Connection Timed Out (Cloudflare) */ + case 524: /* Proxy Read Timeout (Cloudflare) */ retry = RETRY_HTTP; /* * At this point, we have already written data to the output From 97ae9ec8efe05bd0d82bbf9ee127c46bfae40c8c Mon Sep 17 00:00:00 2001 From: Jay Satiro Date: Sun, 12 Oct 2025 18:35:22 -0400 Subject: [PATCH 0449/2408] ws: fix type conversion check - Fix logic that checks whether a size_t will fit in a curl_off_t. Reported-by: Viktor Szakats Fixes https://github.com/curl/curl/issues/19017 Closes https://github.com/curl/curl/pull/19036 --- lib/ws.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/ws.c b/lib/ws.c index 6c8f07e177..ec79235550 100644 --- a/lib/ws.c +++ b/lib/ws.c @@ -654,8 +654,8 @@ static curl_off_t ws_payload_remain(curl_off_t payload_total, curl_off_t remain = payload_total - payload_offset; if((payload_total < 0) || (payload_offset < 0) || (remain < 0)) return -1; -#if SIZEOF_OFF_T <= SIZEOF_SIZE_T - if((curl_off_t)payload_buffered < 0) +#if SIZEOF_SIZE_T >= SIZEOF_CURL_OFF_T + if(payload_buffered > (size_t)CURL_OFF_T_MAX) return -1; #endif if(remain < (curl_off_t)payload_buffered) From 9441127394a697412f826c737b4e6e53bbc1a1c4 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 14 Oct 2025 18:08:27 +0200 Subject: [PATCH 0450/2408] http: look for trailing 'type=' in ftp:// without strstr - it could find a wrong string - this is faster Closes #19065 --- lib/http.c | 37 ++++++++++++++++++------------------- 1 file changed, 18 insertions(+), 19 deletions(-) diff --git a/lib/http.c b/lib/http.c index 6b1538a737..850bfaefa6 100644 --- a/lib/http.c +++ b/lib/http.c @@ -2040,27 +2040,26 @@ static CURLcode http_target(struct Curl_easy *data, if(result) return result; - if(curl_strequal("ftp", data->state.up.scheme)) { - if(data->set.proxy_transfer_mode) { - /* when doing ftp, append ;type= if not present */ - char *type = strstr(path, ";type="); - if(type && type[6] && type[7] == 0) { - switch(Curl_raw_toupper(type[6])) { - case 'A': - case 'D': - case 'I': - break; - default: - type = NULL; - } - } - if(!type) { - result = curlx_dyn_addf(r, ";type=%c", - data->state.prefer_ascii ? 'a' : 'i'); - if(result) - return result; + if(curl_strequal("ftp", data->state.up.scheme) && + data->set.proxy_transfer_mode) { + /* when doing ftp, append ;type= if not present */ + size_t len = strlen(path); + bool type_present = FALSE; + if((len >= 7) && !memcmp(&path[len - 7], ";type=", 6)) { + switch(Curl_raw_toupper(path[len - 1])) { + case 'A': + case 'D': + case 'I': + type_present = TRUE; + break; } } + if(!type_present) { + result = curlx_dyn_addf(r, ";type=%c", + data->state.prefer_ascii ? 'a' : 'i'); + if(result) + return result; + } } } From ae5fb4188deac102ee8d2b7cdd192f06340b04f0 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 14 Oct 2025 17:40:18 +0200 Subject: [PATCH 0451/2408] lib: reduce use of data->conn-> If there are more than two of them in a function, use a local 'conn' variable instead. Closes #19063 --- lib/cfilters.c | 9 +++++---- lib/connect.c | 11 ++++++----- lib/http.c | 23 +++++++++++++---------- lib/multi.c | 46 +++++++++++++++++++++++++--------------------- lib/vssh/libssh.c | 16 +++++++++------- lib/vssh/libssh2.c | 7 ++++--- 6 files changed, 62 insertions(+), 50 deletions(-) diff --git a/lib/cfilters.c b/lib/cfilters.c index d0466f5fad..bd060f43dc 100644 --- a/lib/cfilters.c +++ b/lib/cfilters.c @@ -932,13 +932,14 @@ Curl_conn_get_remote_addr(struct Curl_easy *data, int sockindex) void Curl_conn_forget_socket(struct Curl_easy *data, int sockindex) { - if(data->conn && CONN_SOCK_IDX_VALID(sockindex)) { - struct Curl_cfilter *cf = data->conn->cfilter[sockindex]; + struct connectdata *conn = data->conn; + if(conn && CONN_SOCK_IDX_VALID(sockindex)) { + struct Curl_cfilter *cf = conn->cfilter[sockindex]; if(cf) (void)Curl_conn_cf_cntrl(cf, data, TRUE, CF_CTRL_FORGET_SOCKET, 0, NULL); - fake_sclose(data->conn->sock[sockindex]); - data->conn->sock[sockindex] = CURL_SOCKET_BAD; + fake_sclose(conn->sock[sockindex]); + conn->sock[sockindex] = CURL_SOCKET_BAD; } } diff --git a/lib/connect.c b/lib/connect.c index efe6248214..1c31209567 100644 --- a/lib/connect.c +++ b/lib/connect.c @@ -158,20 +158,21 @@ void Curl_shutdown_start(struct Curl_easy *data, int sockindex, int timeout_ms, struct curltime *nowp) { struct curltime now; + struct connectdata *conn = data->conn; - DEBUGASSERT(data->conn); + DEBUGASSERT(conn); if(!nowp) { now = curlx_now(); nowp = &now; } - data->conn->shutdown.start[sockindex] = *nowp; - data->conn->shutdown.timeout_ms = (timeout_ms > 0) ? + conn->shutdown.start[sockindex] = *nowp; + conn->shutdown.timeout_ms = (timeout_ms > 0) ? (timediff_t)timeout_ms : ((data->set.shutdowntimeout > 0) ? data->set.shutdowntimeout : DEFAULT_SHUTDOWN_TIMEOUT_MS); /* Set a timer, unless we operate on the admin handle */ - if(data->mid && (data->conn->shutdown.timeout_ms > 0)) - Curl_expire_ex(data, nowp, data->conn->shutdown.timeout_ms, + if(data->mid && (conn->shutdown.timeout_ms > 0)) + Curl_expire_ex(data, nowp, conn->shutdown.timeout_ms, EXPIRE_SHUTDOWN); } diff --git a/lib/http.c b/lib/http.c index 850bfaefa6..db37995a12 100644 --- a/lib/http.c +++ b/lib/http.c @@ -1977,6 +1977,9 @@ static CURLcode http_target(struct Curl_easy *data, CURLcode result = CURLE_OK; const char *path = data->state.up.path; const char *query = data->state.up.query; +#ifndef CURL_DISABLE_PROXY + struct connectdata *conn = data->conn; +#endif if(data->set.str[STRING_TARGET]) { path = data->set.str[STRING_TARGET]; @@ -1984,7 +1987,7 @@ static CURLcode http_target(struct Curl_easy *data, } #ifndef CURL_DISABLE_PROXY - if(data->conn->bits.httpproxy && !data->conn->bits.tunnel_proxy) { + if(conn->bits.httpproxy && !conn->bits.tunnel_proxy) { /* Using a proxy but does not tunnel through it */ /* The path sent to the proxy is in fact the entire URL. But if the remote @@ -1998,8 +2001,8 @@ static CURLcode http_target(struct Curl_easy *data, if(!h) return CURLE_OUT_OF_MEMORY; - if(data->conn->host.dispname != data->conn->host.name) { - uc = curl_url_set(h, CURLUPART_HOST, data->conn->host.name, 0); + if(conn->host.dispname != conn->host.name) { + uc = curl_url_set(h, CURLUPART_HOST, conn->host.name, 0); if(uc) { curl_url_cleanup(h); return CURLE_OUT_OF_MEMORY; @@ -2746,6 +2749,7 @@ static CURLcode http_add_hd(struct Curl_easy *data, Curl_HttpReq httpreq) { CURLcode result = CURLE_OK; + struct connectdata *conn = data->conn; switch(id) { case H1_HD_REQUEST: /* add the main request stuff */ @@ -2818,8 +2822,8 @@ static CURLcode http_add_hd(struct Curl_easy *data, #ifndef CURL_DISABLE_PROXY case H1_HD_PROXY_CONNECTION: - if(data->conn->bits.httpproxy && - !data->conn->bits.tunnel_proxy && + if(conn->bits.httpproxy && + !conn->bits.tunnel_proxy && !Curl_checkheaders(data, STRCONST("Proxy-Connection")) && !Curl_checkProxyheaders(data, data->conn, STRCONST("Proxy-Connection"))) result = curlx_dyn_add(req, "Proxy-Connection: Keep-Alive\r\n"); @@ -2832,11 +2836,10 @@ static CURLcode http_add_hd(struct Curl_easy *data, #ifndef CURL_DISABLE_ALTSVC case H1_HD_ALT_USED: - if(data->conn->bits.altused && - !Curl_checkheaders(data, STRCONST("Alt-Used"))) + if(conn->bits.altused && !Curl_checkheaders(data, STRCONST("Alt-Used"))) result = curlx_dyn_addf(req, "Alt-Used: %s:%d\r\n", - data->conn->conn_to_host.name, - data->conn->conn_to_port); + conn->conn_to_host.name, + conn->conn_to_port); break; #endif @@ -2849,7 +2852,7 @@ static CURLcode http_add_hd(struct Curl_easy *data, result = Curl_http2_request_upgrade(req, data); } #ifndef CURL_DISABLE_WEBSOCKETS - if(!result && data->conn->handler->protocol&(CURLPROTO_WS|CURLPROTO_WSS)) + if(!result && conn->handler->protocol&(CURLPROTO_WS|CURLPROTO_WSS)) result = Curl_ws_request(data, req); #endif break; diff --git a/lib/multi.c b/lib/multi.c index 9ea8e9bc7f..ca7c1bdd95 100644 --- a/lib/multi.c +++ b/lib/multi.c @@ -939,11 +939,12 @@ static CURLcode mstate_connecting_pollset(struct Curl_easy *data, static CURLcode mstate_protocol_pollset(struct Curl_easy *data, struct easy_pollset *ps) { - if(data->conn) { + struct connectdata *conn = data->conn; + if(conn) { curl_socket_t sockfd; - if(data->conn->handler->proto_pollset) - return data->conn->handler->proto_pollset(data, ps); - sockfd = data->conn->sock[FIRSTSOCKET]; + if(conn->handler->proto_pollset) + return conn->handler->proto_pollset(data, ps); + sockfd = conn->sock[FIRSTSOCKET]; if(sockfd != CURL_SOCKET_BAD) { /* Default is to wait to something from the server */ return Curl_pollset_change(data, ps, sockfd, CURL_POLL_IN, 0); @@ -955,13 +956,14 @@ static CURLcode mstate_protocol_pollset(struct Curl_easy *data, static CURLcode mstate_do_pollset(struct Curl_easy *data, struct easy_pollset *ps) { - if(data->conn) { - if(data->conn->handler->doing_pollset) - return data->conn->handler->doing_pollset(data, ps); - else if(CONN_SOCK_IDX_VALID(data->conn->send_idx)) { + struct connectdata *conn = data->conn; + if(conn) { + if(conn->handler->doing_pollset) + return conn->handler->doing_pollset(data, ps); + else if(CONN_SOCK_IDX_VALID(conn->send_idx)) { /* Default is that we want to send something to the server */ return Curl_pollset_add_out( - data, ps, data->conn->sock[data->conn->send_idx]); + data, ps, conn->sock[conn->send_idx]); } } return CURLE_OK; @@ -970,13 +972,14 @@ static CURLcode mstate_do_pollset(struct Curl_easy *data, static CURLcode mstate_domore_pollset(struct Curl_easy *data, struct easy_pollset *ps) { - if(data->conn) { - if(data->conn->handler->domore_pollset) - return data->conn->handler->domore_pollset(data, ps); - else if(CONN_SOCK_IDX_VALID(data->conn->send_idx)) { + struct connectdata *conn = data->conn; + if(conn) { + if(conn->handler->domore_pollset) + return conn->handler->domore_pollset(data, ps); + else if(CONN_SOCK_IDX_VALID(conn->send_idx)) { /* Default is that we want to send something to the server */ return Curl_pollset_add_out( - data, ps, data->conn->sock[data->conn->send_idx]); + data, ps, conn->sock[conn->send_idx]); } } return CURLE_OK; @@ -985,22 +988,23 @@ static CURLcode mstate_domore_pollset(struct Curl_easy *data, static CURLcode mstate_perform_pollset(struct Curl_easy *data, struct easy_pollset *ps) { - if(!data->conn) + struct connectdata *conn = data->conn; + if(!conn) return CURLE_OK; - else if(data->conn->handler->perform_pollset) - return data->conn->handler->perform_pollset(data, ps); + else if(conn->handler->perform_pollset) + return conn->handler->perform_pollset(data, ps); else { /* Default is to obey the data->req.keepon flags for send/recv */ CURLcode result = CURLE_OK; - if(CURL_WANT_RECV(data) && CONN_SOCK_IDX_VALID(data->conn->recv_idx)) { + if(CURL_WANT_RECV(data) && CONN_SOCK_IDX_VALID(conn->recv_idx)) { result = Curl_pollset_add_in( - data, ps, data->conn->sock[data->conn->recv_idx]); + data, ps, conn->sock[conn->recv_idx]); } if(!result && Curl_req_want_send(data) && - CONN_SOCK_IDX_VALID(data->conn->send_idx)) { + CONN_SOCK_IDX_VALID(conn->send_idx)) { result = Curl_pollset_add_out( - data, ps, data->conn->sock[data->conn->send_idx]); + data, ps, conn->sock[conn->send_idx]); } return result; } diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c index 6bb32643af..3741db20dc 100644 --- a/lib/vssh/libssh.c +++ b/lib/vssh/libssh.c @@ -1105,6 +1105,7 @@ static int myssh_in_AUTH_PASS(struct Curl_easy *data, static int myssh_in_AUTH_DONE(struct Curl_easy *data, struct ssh_conn *sshc) { + struct connectdata *conn = data->conn; if(!sshc->authed) { failf(data, "Authentication failure"); return myssh_to_ERROR(data, sshc, CURLE_LOGIN_DENIED); @@ -1113,10 +1114,10 @@ static int myssh_in_AUTH_DONE(struct Curl_easy *data, /* At this point we have an authenticated ssh session. */ infof(data, "Authentication complete"); Curl_pgrsTime(data, TIMER_APPCONNECT); /* SSH is connected */ - data->conn->recv_idx = FIRSTSOCKET; - data->conn->send_idx = -1; + conn->recv_idx = FIRSTSOCKET; + conn->send_idx = -1; - if(data->conn->handler->protocol == CURLPROTO_SFTP) { + if(conn->handler->protocol == CURLPROTO_SFTP) { myssh_to(data, sshc, SSH_SFTP_INIT); return SSH_NO_ERROR; } @@ -2428,14 +2429,15 @@ static CURLcode myssh_pollset(struct Curl_easy *data, struct easy_pollset *ps) { int flags = 0; - if(data->conn->waitfor & KEEP_RECV) + struct connectdata *conn = data->conn; + if(conn->waitfor & KEEP_RECV) flags |= CURL_POLL_IN; - if(data->conn->waitfor & KEEP_SEND) + if(conn->waitfor & KEEP_SEND) flags |= CURL_POLL_OUT; - if(!data->conn->waitfor) + if(!conn->waitfor) flags |= CURL_POLL_OUT; return flags ? - Curl_pollset_change(data, ps, data->conn->sock[FIRSTSOCKET], flags, 0) : + Curl_pollset_change(data, ps, conn->sock[FIRSTSOCKET], flags, 0) : CURLE_OK; } diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c index ee468bb359..dc972dc9e6 100644 --- a/lib/vssh/libssh2.c +++ b/lib/vssh/libssh2.c @@ -3061,12 +3061,13 @@ static CURLcode ssh_pollset(struct Curl_easy *data, struct easy_pollset *ps) { int flags = 0; - if(data->conn->waitfor & KEEP_RECV) + struct connectdata *conn = data->conn; + if(conn->waitfor & KEEP_RECV) flags |= CURL_POLL_IN; - if(data->conn->waitfor & KEEP_SEND) + if(conn->waitfor & KEEP_SEND) flags |= CURL_POLL_OUT; return flags ? - Curl_pollset_change(data, ps, data->conn->sock[FIRSTSOCKET], flags, 0) : + Curl_pollset_change(data, ps, conn->sock[FIRSTSOCKET], flags, 0) : CURLE_OK; } From 5ac3541cb4ef3b721ce98cf0212b1195ff4c0568 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 15 Oct 2025 08:27:48 +0200 Subject: [PATCH 0452/2408] ftp: replace strstr() in ;type= handling Since it needs to be a trailing piece of the path avoiding strstr() is faster and more reliable. Also stopped checking the host name since it cannot actually be there since quite a long while back. The URL parser doesn't allow such a hostname. Moved the check into its own subfunction too. Closes #19069 --- lib/ftp.c | 59 ++++++++++++++++++++++++++++--------------------------- 1 file changed, 30 insertions(+), 29 deletions(-) diff --git a/lib/ftp.c b/lib/ftp.c index f633d21305..58b34eab6d 100644 --- a/lib/ftp.c +++ b/lib/ftp.c @@ -4420,10 +4420,38 @@ static void ftp_conn_dtor(void *key, size_t klen, void *entry) free(ftpc); } +static void type_url_check(struct Curl_easy *data, struct FTP *ftp) +{ + size_t len = strlen(ftp->path); + /* FTP URLs support an extension like ";type=" that + * we will try to get now! */ + if((len >= 7) && !memcmp(&ftp->path[len - 7], ";type=", 6)) { + char *type = &ftp->path[len - 7]; + char command = Curl_raw_toupper(type[6]); + + *type = 0; /* cut it off */ + + switch(command) { + case 'A': /* ASCII mode */ + data->state.prefer_ascii = TRUE; + break; + + case 'D': /* directory mode */ + data->state.list_only = TRUE; + break; + + case 'I': /* binary mode */ + default: + /* switch off ASCII */ + data->state.prefer_ascii = FALSE; + break; + } + } +} + static CURLcode ftp_setup_connection(struct Curl_easy *data, struct connectdata *conn) { - char *type; struct FTP *ftp; CURLcode result = CURLE_OK; struct ftp_conn *ftpc; @@ -4458,34 +4486,7 @@ static CURLcode ftp_setup_connection(struct Curl_easy *data, ftp->path = &data->state.up.path[1]; /* do not include the initial slash */ - /* FTP URLs support an extension like ";type=" that - * we will try to get now! */ - type = strstr(ftp->path, ";type="); - - if(!type) - type = strstr(conn->host.rawalloc, ";type="); - - if(type) { - char command; - *type = 0; /* it was in the middle of the hostname */ - command = Curl_raw_toupper(type[6]); - - switch(command) { - case 'A': /* ASCII mode */ - data->state.prefer_ascii = TRUE; - break; - - case 'D': /* directory mode */ - data->state.list_only = TRUE; - break; - - case 'I': /* binary mode */ - default: - /* switch off ASCII */ - data->state.prefer_ascii = FALSE; - break; - } - } + type_url_check(data, ftp); /* get some initial data into the ftp struct */ ftp->transfer = PPTRANSFER_BODY; From be852e39b25a4abbb7e5ecbe89d72f410ccfb3a8 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 15 Oct 2025 08:42:20 +0200 Subject: [PATCH 0453/2408] tftp: check for trailing ";mode=" in URL without strstr RFC 3617 defines two specific modes, "netascii" and "octet". This code now checks only for those trailing ones - and not in the hostname since they can't be there anymore. Assisted-by: Jay Satiro Closes #19070 --- docs/cmdline-opts/use-ascii.md | 9 +++++---- lib/tftp.c | 36 ++++++++++------------------------ src/tool_listhelp.c | 2 +- tests/data/test1093 | 4 ++-- 4 files changed, 18 insertions(+), 33 deletions(-) diff --git a/docs/cmdline-opts/use-ascii.md b/docs/cmdline-opts/use-ascii.md index 30cc860b0a..4dba446ffe 100644 --- a/docs/cmdline-opts/use-ascii.md +++ b/docs/cmdline-opts/use-ascii.md @@ -4,8 +4,8 @@ SPDX-License-Identifier: curl Short: B Long: use-ascii Help: Use ASCII/text transfer -Protocols: FTP LDAP -Category: ftp output ldap +Protocols: FTP LDAP TFTP +Category: ftp output ldap tftp Added: 5.0 Multi: boolean See-also: @@ -18,5 +18,6 @@ Example: # `--use-ascii` Enable ASCII transfer mode. For FTP, this can also be enforced by using a URL -that ends with `;type=A`. This option causes data sent to stdout to be in text -mode for Win32 systems. +that ends with `;type=A`. For TFTP, this can also be enforced by using a URL +that ends with `;mode=netascii`. This option causes data sent to stdout to be +in text mode for Win32 systems. diff --git a/lib/tftp.c b/lib/tftp.c index 0a9b8a8e87..d9d978c24e 100644 --- a/lib/tftp.c +++ b/lib/tftp.c @@ -1379,35 +1379,19 @@ static CURLcode tftp_do(struct Curl_easy *data, bool *done) static CURLcode tftp_setup_connection(struct Curl_easy *data, struct connectdata *conn) { - char *type; + char *path = data->state.up.path; + size_t len = strlen(path); conn->transport_wanted = TRNSPRT_UDP; - /* TFTP URLs support an extension like ";mode=" that - * we will try to get now! */ - type = strstr(data->state.up.path, ";mode="); - - if(!type) - type = strstr(conn->host.rawalloc, ";mode="); - - if(type) { - char command; - *type = 0; /* it was in the middle of the hostname */ - command = Curl_raw_toupper(type[6]); - - switch(command) { - case 'A': /* ASCII mode */ - case 'N': /* NETASCII mode */ - data->state.prefer_ascii = TRUE; - break; - - case 'O': /* octet mode */ - case 'I': /* binary mode */ - default: - /* switch off ASCII */ - data->state.prefer_ascii = FALSE; - break; - } + /* TFTP URLs support a trailing ";mode=netascii" or ";mode=octet" */ + if((len >= 14) && !memcmp(&path[len - 14], ";mode=netascii", 14)) { + data->state.prefer_ascii = TRUE; + path[len - 14] = 0; /* cut it there */ + } + else if((len >= 11) && !memcmp(&path[len - 11], ";mode=octet", 11)) { + data->state.prefer_ascii = FALSE; + path[len - 11] = 0; /* cut it there */ } return CURLE_OK; diff --git a/src/tool_listhelp.c b/src/tool_listhelp.c index c8e31e77a6..21019c7de1 100644 --- a/src/tool_listhelp.c +++ b/src/tool_listhelp.c @@ -834,7 +834,7 @@ const struct helptxt helptext[] = { CURLHELP_HTTP | CURLHELP_POST | CURLHELP_UPLOAD}, {"-B, --use-ascii", "Use ASCII/text transfer", - CURLHELP_FTP | CURLHELP_OUTPUT | CURLHELP_LDAP}, + CURLHELP_FTP | CURLHELP_OUTPUT | CURLHELP_LDAP | CURLHELP_TFTP}, {"-u, --user ", "Server user and password", CURLHELP_IMPORTANT | CURLHELP_AUTH}, diff --git a/tests/data/test1093 b/tests/data/test1093 index 1bed99bec1..a135876ae0 100644 --- a/tests/data/test1093 +++ b/tests/data/test1093 @@ -25,10 +25,10 @@ returned tftp -TFTP retrieve with mode=i +TFTP retrieve with mode=octet -"tftp://%HOSTIP:%TFTPPORT//%TESTNUMBER;mode=i" --use-ascii +"tftp://%HOSTIP:%TFTPPORT//%TESTNUMBER;mode=octet" --use-ascii From 182a5a9aae7290332792b14100db1a9451f75ab5 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Tue, 14 Oct 2025 15:53:37 +0200 Subject: [PATCH 0454/2408] quic: remove data_idle handling The transfer loop used to check the socket and if no poll events were seen, triggered a "DATA_IDLE" event into the filters to let them schedule times/do things anyway. Since we no longer check the socket, the filters have been called already and the DATA_IDLE event is unnecessary work. Remove it. Closes #19060 --- lib/cfilters.c | 7 ------- lib/cfilters.h | 8 +------- lib/transfer.c | 22 +++++----------------- lib/vquic/curl_ngtcp2.c | 10 ---------- lib/vquic/curl_osslq.c | 8 -------- lib/vquic/curl_quiche.c | 9 --------- 6 files changed, 6 insertions(+), 58 deletions(-) diff --git a/lib/cfilters.c b/lib/cfilters.c index bd060f43dc..2ef5d75d43 100644 --- a/lib/cfilters.c +++ b/lib/cfilters.c @@ -966,13 +966,6 @@ CURLcode Curl_conn_ev_data_setup(struct Curl_easy *data) CF_CTRL_DATA_SETUP, 0, NULL); } -CURLcode Curl_conn_ev_data_idle(struct Curl_easy *data) -{ - return cf_cntrl_all(data->conn, data, FALSE, - CF_CTRL_DATA_IDLE, 0, NULL); -} - - CURLcode Curl_conn_flush(struct Curl_easy *data, int sockindex) { if(!CONN_SOCK_IDX_VALID(sockindex)) diff --git a/lib/cfilters.h b/lib/cfilters.h index af38191a93..2fab300b21 100644 --- a/lib/cfilters.h +++ b/lib/cfilters.h @@ -118,7 +118,7 @@ typedef CURLcode Curl_cft_conn_keep_alive(struct Curl_cfilter *cf, */ /* data event arg1 arg2 return */ #define CF_CTRL_DATA_SETUP 4 /* 0 NULL first fail */ -#define CF_CTRL_DATA_IDLE 5 /* 0 NULL first fail */ +/* unused now 5 */ #define CF_CTRL_DATA_PAUSE 6 /* on/off NULL first fail */ #define CF_CTRL_DATA_DONE 7 /* premature NULL ignored */ #define CF_CTRL_DATA_DONE_SEND 8 /* 0 NULL ignored */ @@ -539,12 +539,6 @@ CURLcode Curl_cf_send_bufq(struct Curl_cfilter *cf, */ CURLcode Curl_conn_ev_data_setup(struct Curl_easy *data); -/** - * Notify connection filters that now would be a good time to - * perform any idle, e.g. time related, actions. - */ -CURLcode Curl_conn_ev_data_idle(struct Curl_easy *data); - /** * Notify connection filters that the transfer represented by `data` * is done with sending data (e.g. has uploaded everything). diff --git a/lib/transfer.c b/lib/transfer.c index e8c030687a..d20440fec7 100644 --- a/lib/transfer.c +++ b/lib/transfer.c @@ -244,8 +244,7 @@ static ssize_t xfer_recv_resp(struct Curl_easy *data, * buffer) */ static CURLcode sendrecv_dl(struct Curl_easy *data, - struct SingleRequest *k, - int *didwhat) + struct SingleRequest *k) { struct connectdata *conn = data->conn; CURLcode result = CURLE_OK; @@ -309,7 +308,6 @@ static CURLcode sendrecv_dl(struct Curl_easy *data, /* We only get a 0-length receive at the end of the response */ blen = (size_t)nread; is_eos = (blen == 0); - *didwhat |= KEEP_RECV; if(!blen) { /* if we receive 0 or less here, either the data transfer is done or the @@ -369,17 +367,15 @@ out: /* * Send data to upload to the server, when the socket is writable. */ -static CURLcode sendrecv_ul(struct Curl_easy *data, int *didwhat) +static CURLcode sendrecv_ul(struct Curl_easy *data) { /* We should not get here when the sending is already done. It * probably means that someone set `data-req.keepon |= KEEP_SEND` * when it should not. */ DEBUGASSERT(!Curl_req_done_sending(data)); - if(!Curl_req_done_sending(data)) { - *didwhat |= KEEP_SEND; + if(!Curl_req_done_sending(data)) return Curl_req_send_more(data); - } return CURLE_OK; } @@ -391,7 +387,6 @@ CURLcode Curl_sendrecv(struct Curl_easy *data, struct curltime *nowp) { struct SingleRequest *k = &data->req; CURLcode result = CURLE_OK; - int didwhat = 0; DEBUGASSERT(nowp); if(Curl_xfer_is_blocked(data)) { @@ -402,21 +397,14 @@ CURLcode Curl_sendrecv(struct Curl_easy *data, struct curltime *nowp) /* We go ahead and do a read if we have a readable socket or if the stream was rewound (in which case we have data in a buffer) */ if(k->keepon & KEEP_RECV) { - result = sendrecv_dl(data, k, &didwhat); + result = sendrecv_dl(data, k); if(result || data->req.done) goto out; } /* If we still have writing to do, we check if we have a writable socket. */ if(Curl_req_want_send(data) || (data->req.keepon & KEEP_SEND_TIMED)) { - result = sendrecv_ul(data, &didwhat); - if(result) - goto out; - } - - if(!didwhat) { - /* Transfer wanted to send/recv, but nothing was possible. */ - result = Curl_conn_ev_data_idle(data); + result = sendrecv_ul(data); if(result) goto out; } diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index 68f346af78..53665b1a3d 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -2040,16 +2040,6 @@ static CURLcode cf_ngtcp2_cntrl(struct Curl_cfilter *cf, } break; } - case CF_CTRL_DATA_IDLE: { - struct h3_stream_ctx *stream = H3_STREAM_CTX(ctx, data); - CURL_TRC_CF(data, cf, "data idle"); - if(stream && !stream->closed) { - result = check_and_set_expiry(cf, data, NULL); - if(result) - CURL_TRC_CF(data, cf, "data idle, check_and_set_expiry -> %d", result); - } - break; - } case CF_CTRL_CONN_INFO_UPDATE: if(!cf->sockindex && cf->connected) { cf->conn->httpversion_seen = 30; diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c index 4d72797199..a490743462 100644 --- a/lib/vquic/curl_osslq.c +++ b/lib/vquic/curl_osslq.c @@ -2207,14 +2207,6 @@ static CURLcode cf_osslq_cntrl(struct Curl_cfilter *cf, } break; } - case CF_CTRL_DATA_IDLE: { - struct h3_stream_ctx *stream = H3_STREAM_CTX(ctx, data); - CURL_TRC_CF(data, cf, "data idle"); - if(stream && !stream->closed) { - result = check_and_set_expiry(cf, data); - } - break; - } case CF_CTRL_CONN_INFO_UPDATE: if(!cf->sockindex && cf->connected) { cf->conn->httpversion_seen = 30; diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c index 1ae159bd4c..55f6e79ebe 100644 --- a/lib/vquic/curl_quiche.c +++ b/lib/vquic/curl_quiche.c @@ -1232,15 +1232,6 @@ static CURLcode cf_quiche_cntrl(struct Curl_cfilter *cf, } break; } - case CF_CTRL_DATA_IDLE: { - struct h3_stream_ctx *stream = H3_STREAM_CTX(ctx, data); - if(stream && !stream->closed) { - result = cf_flush_egress(cf, data); - if(result) - CURL_TRC_CF(data, cf, "data idle, flush egress -> %d", result); - } - break; - } case CF_CTRL_CONN_INFO_UPDATE: if(!cf->sockindex && cf->connected) { cf->conn->httpversion_seen = 30; From 5e46318414590c99fc98709598e5e3441d63648b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Emre=20=C3=87al=C4=B1=C5=9Fkan?= Date: Tue, 14 Oct 2025 21:35:54 +0300 Subject: [PATCH 0455/2408] transfer: reset retry count on each request Reported-by: plv1313 on github Fixes #18926 Closes #19066 --- lib/easy.c | 1 - lib/transfer.c | 8 ++++++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/lib/easy.c b/lib/easy.c index 877cf13b9b..793a18f33e 100644 --- a/lib/easy.c +++ b/lib/easy.c @@ -1119,7 +1119,6 @@ void curl_easy_reset(CURL *d) data->progress.hide = TRUE; data->state.current_speed = -1; /* init to negative == impossible */ - data->state.retrycount = 0; /* reset the retry counter */ data->state.recent_conn_id = -1; /* clear remembered connection id */ /* zero out authentication data: */ diff --git a/lib/transfer.c b/lib/transfer.c index d20440fec7..d7014aab87 100644 --- a/lib/transfer.c +++ b/lib/transfer.c @@ -481,6 +481,14 @@ CURLcode Curl_pretransfer(struct Curl_easy *data) { CURLcode result = CURLE_OK; + /* Reset the retry count at the start of each request. + * If the retry count is not reset, when the connection drops, + * it will not enter the retry mechanism on CONN_MAX_RETRIES + 1 attempts + * and will immediately throw + * "Connection died, tried CONN_MAX_RETRIES times before giving up". + * By resetting it here, we ensure each new request starts fresh. */ + data->state.retrycount = 0; + if(!data->set.str[STRING_SET_URL] && !data->set.uh) { /* we cannot do anything without URL */ failf(data, "No URL set"); From 62961d6cc57deb9beeba32d0ccdbdeec40eea096 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 14 Oct 2025 14:43:46 +0200 Subject: [PATCH 0456/2408] lib: stop NULL-checking conn->passwd and ->user They always point to a string. The string might be zero length. Closes #19059 --- lib/ftp.c | 2 +- lib/pop3.c | 3 +-- lib/vssh/libssh2.c | 9 ++------- 3 files changed, 4 insertions(+), 10 deletions(-) diff --git a/lib/ftp.c b/lib/ftp.c index 58b34eab6d..fd957a2bb4 100644 --- a/lib/ftp.c +++ b/lib/ftp.c @@ -2606,7 +2606,7 @@ static CURLcode ftp_state_user_resp(struct Curl_easy *data, /* 331 Password required for ... (the server requires to send the user's password too) */ result = Curl_pp_sendf(data, &ftpc->pp, "PASS %s", - data->conn->passwd ? data->conn->passwd : ""); + data->conn->passwd); if(!result) ftp_state(data, ftpc, FTP_PASS); } diff --git a/lib/pop3.c b/lib/pop3.c index a0fd881a79..2fd496cb31 100644 --- a/lib/pop3.c +++ b/lib/pop3.c @@ -1057,8 +1057,7 @@ static CURLcode pop3_state_user_resp(struct Curl_easy *data, int pop3code, } else /* Send the PASS command */ - result = Curl_pp_sendf(data, &pop3c->pp, "PASS %s", - conn->passwd ? conn->passwd : ""); + result = Curl_pp_sendf(data, &pop3c->pp, "PASS %s", conn->passwd); if(!result) pop3_state(data, POP3_PASS); diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c index dc972dc9e6..f9160944be 100644 --- a/lib/vssh/libssh2.c +++ b/lib/vssh/libssh2.c @@ -3335,14 +3335,9 @@ static CURLcode ssh_connect(struct Curl_easy *data, bool *done) function to make the reuse checks properly be able to check this bit. */ connkeep(conn, "SSH default"); - if(conn->user) - infof(data, "User: '%s'", conn->user); - else - infof(data, "User: NULL"); + infof(data, "User: '%s'", conn->user); #ifdef CURL_LIBSSH2_DEBUG - if(conn->passwd) { - infof(data, "Password: %s", conn->passwd); - } + infof(data, "Password: %s", conn->passwd); sock = conn->sock[FIRSTSOCKET]; #endif /* CURL_LIBSSH2_DEBUG */ From b7f2355b8b5cfa137aa2848c4ace951a317718f9 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 15 Oct 2025 10:48:42 +0200 Subject: [PATCH 0457/2408] urldata: make 'retrycount' a single byte Since it only counts up to 5 Closes #19071 --- lib/urldata.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/urldata.h b/lib/urldata.h index 30bbbae416..e181e294bb 100644 --- a/lib/urldata.h +++ b/lib/urldata.h @@ -980,8 +980,6 @@ struct UrlState { char *first_host; int first_remote_port; curl_prot_t first_remote_protocol; - - int retrycount; /* number of retries on a new connection */ int os_errno; /* filled in with errno whenever an error occurs */ long followlocation; /* redirect counter */ int requests; /* request counter: redirects + authentication retakes */ @@ -1103,6 +1101,8 @@ struct UrlState { #ifndef CURL_DISABLE_HTTP struct http_negotiation http_neg; #endif + unsigned char retrycount; /* number of retries on a new connection, up to + CONN_MAX_RETRIES */ unsigned char httpreq; /* Curl_HttpReq; what kind of HTTP request (if any) is this */ unsigned int creds_from:2; /* where is the server credentials originating From f8cd64e3abaae0ea7289c380362571060d0a1160 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 15 Oct 2025 10:56:47 +0200 Subject: [PATCH 0458/2408] urldata: make redirect counter 16 bit Instead of long (up to 64-bit) as the maximum allowed value set since b059f7deaf3 is 0x7fff. Saves 2 or 6 bytes. Closes #19072 --- lib/urldata.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/urldata.h b/lib/urldata.h index e181e294bb..c7e19201fe 100644 --- a/lib/urldata.h +++ b/lib/urldata.h @@ -981,7 +981,6 @@ struct UrlState { int first_remote_port; curl_prot_t first_remote_protocol; int os_errno; /* filled in with errno whenever an error occurs */ - long followlocation; /* redirect counter */ int requests; /* request counter: redirects + authentication retakes */ #ifdef HAVE_SIGNAL /* storage for the previous bag^H^H^HSIGPIPE signal handler :-) */ @@ -1101,6 +1100,7 @@ struct UrlState { #ifndef CURL_DISABLE_HTTP struct http_negotiation http_neg; #endif + unsigned short followlocation; /* redirect counter */ unsigned char retrycount; /* number of retries on a new connection, up to CONN_MAX_RETRIES */ unsigned char httpreq; /* Curl_HttpReq; what kind of HTTP request (if any) From 71d5525113171903deb9b97cc1913c30f515cc63 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 16 Oct 2025 08:32:57 +0200 Subject: [PATCH 0459/2408] connect: remove redundant condition in shutdown start Pointed out by CodeSonar Closes #19079 --- lib/connect.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/connect.c b/lib/connect.c index 1c31209567..5dc4e2fc74 100644 --- a/lib/connect.c +++ b/lib/connect.c @@ -171,7 +171,7 @@ void Curl_shutdown_start(struct Curl_easy *data, int sockindex, ((data->set.shutdowntimeout > 0) ? data->set.shutdowntimeout : DEFAULT_SHUTDOWN_TIMEOUT_MS); /* Set a timer, unless we operate on the admin handle */ - if(data->mid && (conn->shutdown.timeout_ms > 0)) + if(data->mid) Curl_expire_ex(data, nowp, conn->shutdown.timeout_ms, EXPIRE_SHUTDOWN); } From 79553fb7c65668e0df4afade0f76a19a31dd1157 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 16 Oct 2025 09:01:17 +0200 Subject: [PATCH 0460/2408] RELEASE-NOTES: synced --- RELEASE-NOTES | 44 ++++++++++++++++++++++++++++++++++++++------ 1 file changed, 38 insertions(+), 6 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 986a21bea7..0930a2719e 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -4,7 +4,7 @@ curl and libcurl 8.17.0 Command line options: 273 curl_easy_setopt() options: 308 Public functions in libcurl: 100 - Contributors: 3517 + Contributors: 3519 This release includes the following changes: @@ -48,6 +48,7 @@ This release includes the following bugfixes: o cf-socket: tweak a memcpy() to read better [177] o cf-socket: use the right byte order for ports in bindlocal [61] o cfilter: unlink and discard [46] + o checksrc: allow disabling warnings on FIXME/TODO comments [324] o checksrc: catch banned functions when preceded by `(` [146] o checksrc: fix possible endless loop when detecting `BANNEDFUNC` [149] o checksrc: fix possible endless loops/errors in the banned function logic [220] @@ -73,6 +74,7 @@ This release includes the following bugfixes: o cmdline-opts/_PROGRESS.md: explain the suffixes [154] o configure: add "-mt" for pthread support on HP-UX [52] o conn: fix hostname move on connection reuse [272] + o connect: remove redundant condition in shutdown start [289] o cookie: avoid saving a cookie file if no transfer was done [11] o cpool: make bundle->dest an array; fix UB [218] o curl_easy_getinfo: error code on NULL arg [2] @@ -102,11 +104,15 @@ This release includes the following bugfixes: o examples/synctime: fix null termination assumptions [297] o examples/synctime: make the sscanf not overflow the local buffer [252] o examples/usercertinmem: avoid stripping const [247] + o examples: call `curl_global_cleanup()` where missing [323] + o examples: check more errors, fix cleanups, scope variables [318] o examples: drop unused `curl/mprintf.h` includes [224] o examples: fix build issues in 'complicated' examples [243] o examples: fix two build issues surfaced with WinCE [223] o examples: fix two issues found by CodeQL [35] o examples: fix two more cases of `stat()` TOCTOU [147] + o examples: improve global init, error checks and returning errors [321] + o examples: return `curl_easy_perform()` results [322] o form.md: drop reference to MANUAL [178] o ftp: add extra buffer length check [195] o ftp: fix ftp_do_more returning with *completep unset [122] @@ -114,6 +120,7 @@ This release includes the following bugfixes: o ftp: fix the 213 scanner memchr buffer limit argument [196] o ftp: improve fragile check for first digit > 3 [194] o ftp: remove misleading comments [193] + o ftp: replace strstr() in ;type= handling [313] o ftp: simplify the 150/126 size scanner [288] o gnutls: check conversion of peer cert chain [275] o gtls: avoid potential use of uninitialized variable in trace output [83] @@ -123,6 +130,7 @@ This release includes the following bugfixes: o http2: cleanup pushed newhandle on fail [260] o http2: ingress handling edge cases [259] o http: handle user-defined connection headers [165] + o http: look for trailing 'type=' in ftp:// without strstr [315] o http: make Content-Length parser more WHATWG [183] o httpsrr: free old pointers when storing new [57] o INSTALL-CMAKE.md: document useful build targets [215] @@ -143,6 +151,7 @@ This release includes the following bugfixes: o lib: fix build error and compiler warnings with verbose strings disabled [173] o lib: remove personal names from comments [168] o lib: SSL connection reuse [301] + o lib: stop NULL-checking conn->passwd and ->user [309] o lib: upgrade/multiplex handling [136] o libcurl-multi.md: added curl_multi_get_offt mention [53] o libcurl-security.md: mention long-running connections [6] @@ -212,6 +221,7 @@ This release includes the following bugfixes: o pytest: skip specific tests for no-verbose builds [171] o quic: fix min TLS version handling [14] o quic: ignore EMSGSIZE on receive [4] + o quic: remove data_idle handling [311] o quiche: fix possible leaks on teardown [205] o quiche: fix verbose message when ip quadruple cannot be obtained. [128] o quiche: handle tls fail correctly [266] @@ -264,6 +274,7 @@ This release includes the following bugfixes: o tests/server: drop pointless memory allocation overrides [219] o tests/server: drop unsafe `open()` override in signal handler (Windows) [151] o tftp: check and act on tftp_set_timeouts() returning error [38] + o tftp: check for trailing ";mode=" in URL without strstr [312] o tftp: default timeout per block is now 15 seconds [156] o tftp: error requests for blank filenames [296] o tftp: handle tftp_multi_statemach() return code [65] @@ -293,13 +304,17 @@ This release includes the following bugfixes: o tool_operate: improve wording in retry message [37] o tool_operate: keep failed partial download for retry auto-resume [210] o tool_operate: keep the progress meter for --out-null [33] + o tool_operate: retry on HTTP response codes 522 and 524 [317] o tool_progress: handle possible integer overflows [164] o tool_progress: make max5data() use an algorithm [170] o transfer: avoid busy loop with tiny speed limit [100] + o transfer: reset retry count on each request [310] o unit1323: sync time types and printf masks, drop casts [211] o unit1664: drop casts, expand masks to full values [221] o url: make Curl_init_userdefined return void [213] o urldata: FILE is not a list-only protocol [9] + o urldata: make 'retrycount' a single byte [308] + o urldata: make redirect counter 16 bit [295] o vauth/digest: improve the digest parser [203] o vquic: fix idle-timeout checks (ms<-->ns), 64-bit log & honor 0=no-timeout [249] o vquic: handling of io improvements [239] @@ -316,6 +331,7 @@ This release includes the following bugfixes: o wolfssl: no double get_error() detail [188] o ws: clarify an error message [125] o ws: fix some edge cases [274] + o ws: fix type conversion check [316] o ws: reject curl_ws_recv called with NULL buffer with a buflen [118] This release includes the following known bugs: @@ -343,16 +359,16 @@ advice from friends like these: Adam Light, Alice Lee Poetics, Andrei Kurushin, Andrew Kirillov, Andrew Olsen, BobodevMm on github, Christian Schmitz, Dan Fandrich, Daniel Stenberg, Daniel Terhorst-North, dependabot[bot], - divinity76 on github, Emilio Pozuelo Monfort, Ethan Everett, + divinity76 on github, Emilio Pozuelo Monfort, Emre Çalışkan, Ethan Everett, Evgeny Grin (Karlson2k), fds242 on github, Harry Sintonen, Howard Chu, Ignat Loskutov, Javier Blazquez, Jicea, jmaggard10 on github, Johannes Schindelin, Joseph Birr-Pixton, Joshua Rogers, kapsiR on github, kuchara on github, Marcel Raad, Michael Osipov, Michał Petryka, Mitchell Blank Jr, Mohamed Daahir, Nir Azkiel, Patrick Monnerat, - Pocs Norbert, Ray Satiro, renovate[bot], rinsuki on github, Sakthi SK, - Samuel Dionne-Riel, Samuel Henrique, Stanislav Fort, Stefan Eissing, - tkzv on github, Viktor Szakats - (45 contributors) + plv1313 on github, Pocs Norbert, Ray Satiro, renovate[bot], + rinsuki on github, Sakthi SK, Samuel Dionne-Riel, Samuel Henrique, + Stanislav Fort, Stefan Eissing, tkzv on github, Viktor Szakats + (47 contributors) References to bug reports and discussions on issues: @@ -644,11 +660,13 @@ References to bug reports and discussions on issues: [286] = https://curl.se/bug/?i=18986 [287] = https://curl.se/bug/?i=18985 [288] = https://curl.se/bug/?i=18984 + [289] = https://curl.se/bug/?i=19079 [290] = https://curl.se/bug/?i=19042 [291] = https://curl.se/bug/?i=19040 [292] = https://curl.se/bug/?i=19039 [293] = https://curl.se/bug/?i=19029 [294] = https://curl.se/bug/?i=19035 + [295] = https://curl.se/bug/?i=19072 [296] = https://curl.se/bug/?i=19033 [297] = https://curl.se/bug/?i=19032 [298] = https://curl.se/bug/?i=19031 @@ -661,3 +679,17 @@ References to bug reports and discussions on issues: [305] = https://curl.se/bug/?i=19026 [306] = https://curl.se/bug/?i=19014 [307] = https://curl.se/bug/?i=18996 + [308] = https://curl.se/bug/?i=19071 + [309] = https://curl.se/bug/?i=19059 + [310] = https://curl.se/bug/?i=18926 + [311] = https://curl.se/bug/?i=19060 + [312] = https://curl.se/bug/?i=19070 + [313] = https://curl.se/bug/?i=19069 + [315] = https://curl.se/bug/?i=19065 + [316] = https://curl.se/bug/?i=19017 + [317] = https://curl.se/bug/?i=16143 + [318] = https://curl.se/bug/?i=19055 + [321] = https://curl.se/bug/?i=19053 + [322] = https://curl.se/bug/?i=19052 + [323] = https://curl.se/bug/?i=19051 + [324] = https://curl.se/bug/?i=19048 From c37ed9a11e57c2f416ab29c5fda8d6bd813acd89 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Tue, 14 Oct 2025 12:13:24 +0200 Subject: [PATCH 0461/2408] apple sectrust: add to features It should be visible in the feature list that libcurl is build with Apple SecTrust enabled. Closes #19057 --- CMakeLists.txt | 4 ++++ configure.ac | 4 ++++ docs/libcurl/curl_version_info.md | 7 +++++++ lib/version.c | 3 +++ lib/vtls/apple.c | 8 ++++---- lib/vtls/apple.h | 4 ++-- lib/vtls/vtls.c | 2 +- m4/curl-apple-sectrust.m4 | 7 +++++-- 8 files changed, 30 insertions(+), 9 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index b48b045284..bb2dc54f1d 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -767,6 +767,9 @@ endif() if(APPLE) option(USE_APPLE_SECTRUST "Use Apple OS-native certificate verification" OFF) if(USE_APPLE_SECTRUST) + if(NOT CURL_USE_OPENSSL AND NOT CURL_USE_GNUTLS) + message(FATAL_ERROR "Apple SecTrust is only supported with Openssl/GnuTLS") + endif() find_library(COREFOUNDATION_FRAMEWORK NAMES "Security") mark_as_advanced(COREFOUNDATION_FRAMEWORK) if(NOT COREFOUNDATION_FRAMEWORK) @@ -2173,6 +2176,7 @@ curl_add_if("HTTPSRR" _ssl_enabled AND USE_HTTPSRR) curl_add_if("PSL" USE_LIBPSL) curl_add_if("CAcert" CURL_CA_EMBED_SET) curl_add_if("SSLS-EXPORT" _ssl_enabled AND USE_SSLS_EXPORT) +curl_add_if("AppleSecTrust" USE_APPLE_SECTRUST AND _ssl_enabled AND (USE_OPENSSL OR USE_GNUTLS)) if(_items) if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.13) list(SORT _items CASE INSENSITIVE) diff --git a/configure.ac b/configure.ac index 0880552cfb..3b4ebf9649 100644 --- a/configure.ac +++ b/configure.ac @@ -5304,6 +5304,10 @@ if test "x$OPENSSL_ENABLED" = "x1" -o -n "$SSL_ENABLED"; then fi fi +if test "x$APPLE_SECTRUST_ENABLED" = "x1"; then + SUPPORT_FEATURES="$SUPPORT_FEATURES AppleSecTrust" +fi + if test "x$want_httpsrr" != "xno"; then SUPPORT_FEATURES="$SUPPORT_FEATURES HTTPSRR" fi diff --git a/docs/libcurl/curl_version_info.md b/docs/libcurl/curl_version_info.md index a9c97b39c5..3620f60ca6 100644 --- a/docs/libcurl/curl_version_info.md +++ b/docs/libcurl/curl_version_info.md @@ -159,6 +159,13 @@ entry. HTTP Alt-Svc parsing and the associated options (Added in 7.64.1) +## `AppleSecTrust` + +*features* mask bit: non-existent + +libcurl was built with support for Apple's SecTrust service to verify +server certificates (Added in 8.17.0). + ## `AsynchDNS` *features* mask bit: CURL_VERSION_ASYNCHDNS diff --git a/lib/version.c b/lib/version.c index 3798fed6e1..7c9ac12fb9 100644 --- a/lib/version.c +++ b/lib/version.c @@ -523,6 +523,9 @@ static const struct feat features_table[] = { #ifdef USE_LIBPSL FEATURE("PSL", NULL, CURL_VERSION_PSL), #endif +#ifdef USE_APPLE_SECTRUST + FEATURE("AppleSecTrust", NULL, 0), +#endif #ifdef USE_SPNEGO FEATURE("SPNEGO", NULL, CURL_VERSION_SPNEGO), #endif diff --git a/lib/vtls/apple.c b/lib/vtls/apple.c index c96ebe037b..87d5208d73 100644 --- a/lib/vtls/apple.c +++ b/lib/vtls/apple.c @@ -46,16 +46,16 @@ #include "vtls.h" #include "apple.h" -#if defined(USE_SSL) && defined(USE_APPLE_SECTRUST) +#ifdef USE_APPLE_SECTRUST #include -#endif /* USE_SSL && USE_APPLE_SECTRUST */ +#endif /* The last #include files should be: */ #include "../curl_memory.h" #include "../memdebug.h" -#if defined(USE_SSL) && defined(USE_APPLE_SECTRUST) +#ifdef USE_APPLE_SECTRUST #define SSL_SYSTEM_VERIFIER #if (defined(MAC_OS_X_VERSION_MAX_ALLOWED) \ @@ -294,4 +294,4 @@ out: return result; } -#endif /* USE_SSL && USE_APPLE_SECTRUST */ +#endif /* USE_APPLE_SECTRUST */ diff --git a/lib/vtls/apple.h b/lib/vtls/apple.h index c965a449f1..3d84f87822 100644 --- a/lib/vtls/apple.h +++ b/lib/vtls/apple.h @@ -26,7 +26,7 @@ #include "../curl_setup.h" -#if defined(USE_SSL) && defined(USE_APPLE_SECTRUST) +#ifdef USE_APPLE_SECTRUST struct Curl_cfilter; struct Curl_easy; struct ssl_peer; @@ -50,6 +50,6 @@ CURLcode Curl_vtls_apple_verify(struct Curl_cfilter *cf, void *cb_user_data, const unsigned char *ocsp_buf, size_t ocsp_len); -#endif /* USE_SSL && USE_APPLE_SECTRUST */ +#endif /* USE_APPLE_SECTRUST */ #endif /* HEADER_CURL_VTLS_APPLE_H */ diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c index b715dab035..7ee9699dbf 100644 --- a/lib/vtls/vtls.c +++ b/lib/vtls/vtls.c @@ -80,7 +80,7 @@ #ifdef USE_APPLE_SECTRUST #include -#endif /* USE_APPLE_SECTRUST */ +#endif /* The last #include files should be: */ #include "../curl_memory.h" diff --git a/m4/curl-apple-sectrust.m4 b/m4/curl-apple-sectrust.m4 index 792f719d38..7ed2aa1e5b 100644 --- a/m4/curl-apple-sectrust.m4 +++ b/m4/curl-apple-sectrust.m4 @@ -41,7 +41,10 @@ if test "x$OPT_APPLE_SECTRUST" = xyes; then ],[ build_for_apple="no" ]) - if test "x$build_for_apple" != "xno"; then + if test "x$build_for_apple" == "xno"; then + AC_MSG_ERROR([Apple SecTrust can only be enabled for Apple OS targets]) + fi + if test "x$OPENSSL_ENABLED" == "x1" -o "x$GNUTLS_ENABLED" == "x1"; then AC_MSG_RESULT(yes) AC_DEFINE(USE_APPLE_SECTRUST, 1, [enable Apple OS certificate validation]) APPLE_SECTRUST_ENABLED=1 @@ -49,7 +52,7 @@ if test "x$OPT_APPLE_SECTRUST" = xyes; then LDFLAGS="$LDFLAGS $APPLE_SECTRUST_LDFLAGS" LDFLAGSPC="$LDFLAGSPC $APPLE_SECTRUST_LDFLAGS" else - AC_MSG_RESULT(no) + AC_MSG_ERROR([Apple SecTrust is only supported for OpenSSL/GnuTLS builds]) fi else AC_MSG_RESULT(no) From 9c36eace607190d2e3931b04c8a36ee7c4b0120a Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 16 Oct 2025 05:33:12 +0200 Subject: [PATCH 0462/2408] autotools: drop detection of ancient OpenSSL libs `RSAglue` and `rsaref` Closes #19078 --- m4/curl-openssl.m4 | 17 +---------------- 1 file changed, 1 insertion(+), 16 deletions(-) diff --git a/m4/curl-openssl.m4 b/m4/curl-openssl.m4 index c421fbae88..56245c9c2a 100644 --- a/m4/curl-openssl.m4 +++ b/m4/curl-openssl.m4 @@ -209,22 +209,7 @@ if test "x$OPT_OPENSSL" != xno; then AC_CHECK_LIB(ssl, SSL_connect) - if test "$ac_cv_lib_ssl_SSL_connect" != yes; then - dnl we didn't find the SSL lib, try the RSAglue/rsaref stuff - AC_MSG_CHECKING(for ssl with RSAglue/rsaref libs in use); - OLIBS=$LIBS - LIBS="-lRSAglue -lrsaref $LIBS" - AC_CHECK_LIB(ssl, SSL_connect) - if test "$ac_cv_lib_ssl_SSL_connect" != yes; then - dnl still no SSL_connect - AC_MSG_RESULT(no) - LIBS=$OLIBS - else - AC_MSG_RESULT(yes) - fi - - else - + if test "$ac_cv_lib_ssl_SSL_connect" = yes; then dnl Have the libraries--check for OpenSSL headers AC_CHECK_HEADERS(openssl/x509.h openssl/rsa.h openssl/crypto.h \ openssl/pem.h openssl/ssl.h openssl/err.h, From 1a81a8e478ec426316c98e24a30d16df483ed8db Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 15 Oct 2025 15:06:08 +0200 Subject: [PATCH 0463/2408] version: add GSS backend name and version MIT Kerberos version detection is implemented for autotools and cmake. Examples: ``` curl 8.17.0-DEV (x86_64-pc-linux-gnu) ... mbedTLS/3.6.4 libidn2/2.3.7 nghttp2/1.59.0 libgss/1.0.4 OpenLDAP/2.6.7 curl 8.17.0-DEV (x86_64-pc-linux-gnu) ... LibreSSL/4.1.1 libidn2/2.3.7 nghttp2/1.59.0 mit-krb5/1.20.1 OpenLDAP/2.6.7 curl 8.17.0-DEV (x86_64-pc-linux-gnu) ... LibreSSL/4.1.1 libidn2/2.3.7 nghttp2/1.59.0 mit-krb5 OpenLDAP/2.6.7 curl 8.17.0-DEV (x86_64-pc-linux-gnu) ... LibreSSL/4.1.1 nghttp2/1.59.0 mit-krb5/1.20.1 OpenLDAP/2.6.7 curl 8.17.0-DEV (aarch64e-apple-darwin24.6.0) ... GnuTLS/3.8.10 libidn2/2.3.8 libssh2/1.11.1 nghttp2/1.67.1 mit-krb5/1.22.1 ``` Also: - cmake/FindGSS: strip project name ("Kerberos 5 release") from the version string when detected via `krb5-config`. Closes #19073 --- CMake/FindGSS.cmake | 3 +++ CMakeLists.txt | 2 ++ configure.ac | 12 ++++++++++++ lib/curl_config.h.cmake | 3 +++ lib/version.c | 23 +++++++++++++++++++++++ 5 files changed, 43 insertions(+) diff --git a/CMake/FindGSS.cmake b/CMake/FindGSS.cmake index db36cf2100..1661f208d2 100644 --- a/CMake/FindGSS.cmake +++ b/CMake/FindGSS.cmake @@ -128,6 +128,9 @@ if(NOT _gss_FOUND) # Not found by pkg-config. Let us take more traditional appr # Older versions may not have the "--version" parameter. In this case we just do not care. if(_gss_configure_failed) set(_gss_version 0) + else() + # Strip prefix string to leave the version number only + string(REPLACE "Kerberos 5 release " "" _gss_version "${_gss_version}") endif() execute_process(COMMAND ${_gss_configure_script} "--vendor" diff --git a/CMakeLists.txt b/CMakeLists.txt index bb2dc54f1d..65eaaf670a 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1445,6 +1445,8 @@ if(CURL_USE_GSSAPI) if(GSS_FLAVOUR STREQUAL "GNU") set(HAVE_GSSGNU 1) + elseif(GSS_VERSION) # MIT + set(CURL_KRB5_VERSION "\"${GSS_VERSION}\"") endif() else() message(WARNING "GSSAPI has been requested, but no supporting libraries found. Skipping.") diff --git a/configure.ac b/configure.ac index 3b4ebf9649..999ab122a3 100644 --- a/configure.ac +++ b/configure.ac @@ -1909,6 +1909,18 @@ if test x"$want_gss" = xyes; then fi fi fi + gss_version="" + if test -n "$host_alias" -a -f "$GSSAPI_ROOT/bin/$host_alias-krb5-config"; then + gss_version=`$GSSAPI_ROOT/bin/$host_alias-krb5-config --version | $SED 's/Kerberos 5 release //'` + elif test "$PKGCONFIG" != "no"; then + gss_version=`$PKGCONFIG --modversion mit-krb5-gssapi` + elif test -f "$KRB5CONFIG"; then + gss_version=`$KRB5CONFIG --version | $SED 's/Kerberos 5 release //'` + fi + if test -n "$gss_version"; then + AC_MSG_NOTICE([GSS-API MIT Kerberos version detected: $gss_version]) + AC_DEFINE_UNQUOTED([CURL_KRB5_VERSION], ["$gss_version"], [MIT Kerberos version]) + fi else LDFLAGS="$LDFLAGS $GSSAPI_LIB_DIR" LDFLAGSPC="$LDFLAGSPC $GSSAPI_LIB_DIR" diff --git a/lib/curl_config.h.cmake b/lib/curl_config.h.cmake index be6fe4176e..1fabc24c18 100644 --- a/lib/curl_config.h.cmake +++ b/lib/curl_config.h.cmake @@ -318,6 +318,9 @@ /* if you have the GNU gssapi libraries */ #cmakedefine HAVE_GSSGNU 1 +/* MIT Kerberos version */ +#cmakedefine CURL_KRB5_VERSION ${CURL_KRB5_VERSION} + /* Define to 1 if you have the header file. */ #cmakedefine HAVE_IFADDRS_H 1 diff --git a/lib/version.c b/lib/version.c index 7c9ac12fb9..4c7e5712f0 100644 --- a/lib/version.c +++ b/lib/version.c @@ -77,6 +77,14 @@ #include #endif +#ifdef HAVE_GSSAPI +# ifdef HAVE_GSSGNU +# include +# else +# include +# endif +#endif + #ifdef USE_OPENLDAP #include #endif @@ -208,6 +216,9 @@ char *curl_version(void) #ifdef USE_GSASL char gsasl_buf[30]; #endif +#ifdef HAVE_GSSAPI + char gss_buf[40]; +#endif #ifdef USE_OPENLDAP char ldap_buf[30]; #endif @@ -274,6 +285,18 @@ char *curl_version(void) gsasl_check_version(NULL)); src[i++] = gsasl_buf; #endif +#ifdef HAVE_GSSAPI +#ifdef HAVE_GSSGNU + curl_msnprintf(gss_buf, sizeof(gss_buf), "libgss/%s", + GSS_VERSION); +#elif defined(CURL_KRB5_VERSION) + curl_msnprintf(gss_buf, sizeof(gss_buf), "mit-krb5/%s", + CURL_KRB5_VERSION); +#else + curl_msnprintf(gss_buf, sizeof(gss_buf), "mit-krb5"); +#endif + src[i++] = gss_buf; +#endif /* HAVE_GSSAPI */ #ifdef USE_OPENLDAP oldap_version(ldap_buf, sizeof(ldap_buf)); src[i++] = ldap_buf; From 800b0bec18e9c77e35912fac8321c791d7b57863 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 16 Oct 2025 16:29:56 +0200 Subject: [PATCH 0464/2408] GHA: bump LibreSSL to 4.2.0 Also move back URLs to GitHub, sources are available there again. Ref: https://github.com/libressl/portable/releases/tag/v4.2.0 Ref: https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-4.2.0-relnotes.txt Ref: #19050 Ref: #19081 Closes #19082 --- .github/workflows/http3-linux.yml | 4 ++-- .github/workflows/linux.yml | 4 ++-- .github/workflows/macos.yml | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index c9495fe74e..ae220eb3e8 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -42,7 +42,7 @@ env: # handled in renovate.json OPENSSL_VERSION: 3.6.0 # renovate: datasource=github-tags depName=libressl/portable versioning=semver registryUrl=https://github.com - LIBRESSL_VERSION: 4.1.1 + LIBRESSL_VERSION: 4.2.0 # renovate: datasource=github-tags depName=awslabs/aws-lc versioning=semver registryUrl=https://github.com AWSLC_VERSION: 1.61.4 # renovate: datasource=github-tags depName=google/boringssl versioning=semver registryUrl=https://github.com @@ -201,7 +201,7 @@ jobs: run: | cd ~ curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \ - "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-${LIBRESSL_VERSION}.tar.gz" | tar -xz + --location "https://github.com/libressl/portable/releases/download/v${LIBRESSL_VERSION}/libressl-${LIBRESSL_VERSION}.tar.gz" | tar -xz cd "libressl-${LIBRESSL_VERSION}" cmake -B . -G Ninja -DLIBRESSL_APPS=OFF -DLIBRESSL_TESTS=OFF -DCMAKE_INSTALL_PREFIX=/home/runner/libressl/build cmake --build . diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index e0e256fbb3..71390502dc 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -38,7 +38,7 @@ env: CURL_CI: github CURL_CLANG_TIDYFLAGS: '-checks=-clang-analyzer-security.insecureAPI.bzero,-clang-analyzer-security.insecureAPI.strcpy,-clang-analyzer-optin.performance.Padding,-clang-analyzer-security.ArrayBound,-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling,-clang-analyzer-valist.Uninitialized' # renovate: datasource=github-tags depName=libressl/portable versioning=semver registryUrl=https://github.com - LIBRESSL_VERSION: 4.1.1 + LIBRESSL_VERSION: 4.2.0 # renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?.+)-stable$ registryUrl=https://github.com WOLFSSL_VERSION: 5.8.2 # renovate: datasource=github-tags depName=Mbed-TLS/mbedtls versioning=semver registryUrl=https://github.com @@ -384,7 +384,7 @@ jobs: if: ${{ contains(matrix.build.install_steps, 'libressl') && steps.cache-libressl.outputs.cache-hit != 'true' }} run: | curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \ - "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-${LIBRESSL_VERSION}.tar.gz" | tar -xz + --location "https://github.com/libressl/portable/releases/download/v${LIBRESSL_VERSION}/libressl-${LIBRESSL_VERSION}.tar.gz" | tar -xz cd "libressl-${LIBRESSL_VERSION}" cmake -B . -G Ninja -DLIBRESSL_APPS=OFF -DLIBRESSL_TESTS=OFF -DCMAKE_INSTALL_PREFIX=/home/runner/libressl cmake --build . diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index 7e85cb71e1..2ac37381ea 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -59,7 +59,7 @@ jobs: MATRIX_BUILD: ${{ matrix.build.generate && 'cmake' || 'autotools' }} MATRIX_OPTIONS: ${{ matrix.build.options }} # renovate: datasource=github-tags depName=libressl/portable versioning=semver registryUrl=https://github.com - LIBRESSL_VERSION: 4.1.1 + LIBRESSL_VERSION: 4.2.0 strategy: fail-fast: false matrix: @@ -122,7 +122,7 @@ jobs: if: ${{ contains(matrix.build.install_steps, 'libressl') && steps.cache-libressl.outputs.cache-hit != 'true' }} run: | curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 60 --retry 3 --retry-connrefused \ - "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-${LIBRESSL_VERSION}.tar.gz" | tar -xz + --location "https://github.com/libressl/portable/releases/download/v${LIBRESSL_VERSION}/libressl-${LIBRESSL_VERSION}.tar.gz" | tar -xz cd "libressl-${LIBRESSL_VERSION}" cmake -B . -G Ninja \ -DCMAKE_INSTALL_PREFIX=/Users/runner/libressl \ From c8d6643df212791edee705a94c890335dac8762b Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 16 Oct 2025 18:10:41 +0200 Subject: [PATCH 0465/2408] GHA/windows: stop installing Perl `Win32-Process*` modules It's complex and did not help stabilizing CI runs. Hard to say, but I'm suspicious it's related to the CI errors -1073741502, 0xC0000142, seen in the 'build examples' and 'disk space used' steps. Ref: #18526 Reverts 52775a7fb4ba63d66d60067dea4a5293fb7c55a1 #18296 Closes #19083 --- .github/workflows/windows.yml | 124 ---------------------------------- 1 file changed, 124 deletions(-) diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index b5e31ee9c1..28143fdc5a 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -39,63 +39,6 @@ env: CURL_CI: github jobs: - build-cache: - name: 'Build caches' - runs-on: ${{ matrix.image }} - timeout-minutes: 15 - defaults: - run: - shell: msys2 {0} - strategy: - fail-fast: false - matrix: - image: [windows-2022, windows-11-arm] - steps: - - name: 'install build prereqs' - if: ${{ steps.cache-perl-win32-pkgs.outputs.cache-hit != 'true' }} - uses: msys2/setup-msys2@fb197b72ce45fb24f17bf3f807a388985654d1f2 # v2.29.0 - with: - msystem: msys - install: gcc make - - - name: 'perl version' - run: perl --version | tee "$GITHUB_WORKSPACE"/perlversion - - - name: 'cache perl packages' - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 - id: cache-perl-win32-pkgs - env: - cache-name: cache-perl-win32-pkgs - with: - path: C:\perl-win32-pkgs - key: ${{ runner.os }}-${{ runner.arch }}-build-${{ env.cache-name }}-${{ hashFiles('perlversion') }} - - - name: 'build perl packages' - if: ${{ steps.cache-perl-win32-pkgs.outputs.cache-hit != 'true' }} - run: | - cd /c - mkdir perl-win32-pkgs - cd perl-win32-pkgs - sed -i.bak 's/#define I_CRYPT//g' /usr/lib/perl5/core_perl/CORE/config.h - - # https://metacpan.org/pod/Win32::Process - curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \ - --location "https://cpan.metacpan.org/authors/id/J/JD/JDB/Win32-Process-0.17.tar.gz" | tar -xz - cd Win32-Process-0.17 - perl Makefile.PL - sed -i.bak 's/-lcrypt//g' Makefile - make - cd .. - - # https://metacpan.org/pod/Win32::Process::List - curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \ - --location "https://cpan.metacpan.org/authors/id/R/RP/RPAGITSCH/Win32-Process-List-0.09.tar.gz" | tar -xz - cd Win32-Process-List-0.09 - perl Makefile.PL - sed -i.bak 's/-lcrypt//g' Makefile - make - cd .. - cygwin: name: "cygwin, ${{ matrix.build == 'cmake' && 'CM' || 'AM' }} ${{ matrix.platform }} ${{ matrix.name }}" runs-on: windows-2022 @@ -242,8 +185,6 @@ jobs: msys2: # both msys and mingw-w64 name: "${{ matrix.sys == 'msys' && 'msys2' || 'mingw' }}, ${{ matrix.build == 'cmake' && 'CM' || 'AM' }} ${{ matrix.env }} ${{ matrix.name }} ${{ matrix.test }}" - needs: - - build-cache runs-on: ${{ matrix.image || 'windows-2022' }} timeout-minutes: 15 defaults: @@ -431,37 +372,6 @@ jobs: /c/ProgramData/chocolatey/choco.exe install --yes --no-progress --limit-output --timeout 180 --force stunnel || true perl --version | tee "$GITHUB_WORKSPACE"/perlversion - - name: 'cache perl packages' - if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' && matrix.sys != 'msys' }} - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 - id: cache-perl-win32-pkgs - env: - cache-name: cache-perl-win32-pkgs - with: - path: C:\perl-win32-pkgs - key: ${{ runner.os }}-${{ runner.arch }}-build-${{ env.cache-name }}-${{ hashFiles('perlversion') }} - - - name: 'install test prereqs perl' - if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} - timeout-minutes: 5 - run: &perl-win32-pkgs-install | - perl --version - if [ -d /c/perl-win32-pkgs ]; then - pushd /c/perl-win32-pkgs - pushd Win32-Process-0.17 - install -D blib/arch/auto/Win32/Process/Process.dll /usr/lib/perl5/site_perl/auto/Win32/Process/Process.dll - install -D blib/lib/Win32/Process.pm /usr/lib/perl5/site_perl/Win32/Process.pm - popd - pushd Win32-Process-List-0.09 - install -D blib/arch/auto/Win32/Process/List/List.dll /usr/lib/perl5/site_perl/auto/Win32/Process/List/List.dll - install -D blib/lib/auto/Win32/Process/List/autosplit.ix /usr/lib/perl5/site_perl/auto/Win32/Process/List/autosplit.ix - install -D blib/lib/Win32/Process/List.pm /usr/lib/perl5/site_perl/Win32/Process/List.pm - install -D blib/lib/Win32/Process/processes.pl /usr/lib/perl5/site_perl/Win32/Process/processes.pl - popd - popd - fi - perl -MWin32::Process -MWin32::Process::List -e 1 && echo '! Modules loading OK.' || echo '! Failed to load modules.' - - name: 'run tests' if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} timeout-minutes: 10 @@ -503,8 +413,6 @@ jobs: mingw-w64-standalone-downloads: name: 'dl-mingw, CM ${{ matrix.ver }}-${{ matrix.env }} ${{ matrix.name }}' - needs: - - build-cache runs-on: windows-2022 timeout-minutes: 15 defaults: @@ -661,21 +569,6 @@ jobs: python3 -m pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary -r tests/requirements.txt perl --version | tee "$GITHUB_WORKSPACE"/perlversion - - name: 'cache perl packages' - if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 - id: cache-perl-win32-pkgs - env: - cache-name: cache-perl-win32-pkgs - with: - path: C:\perl-win32-pkgs - key: ${{ runner.os }}-${{ runner.arch }}-build-${{ env.cache-name }}-${{ hashFiles('perlversion') }} - - - name: 'install test prereqs perl' - if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} - timeout-minutes: 5 - run: *perl-win32-pkgs-install - - name: 'run tests' if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} timeout-minutes: 10 @@ -802,8 +695,6 @@ jobs: msvc: name: 'msvc, CM ${{ matrix.arch }}-${{ matrix.plat }} ${{ matrix.name }}' - needs: - - build-cache runs-on: ${{ matrix.image || 'windows-2022' }} timeout-minutes: 15 defaults: @@ -1055,21 +946,6 @@ jobs: fi perl --version | tee "$GITHUB_WORKSPACE"/perlversion - - name: 'cache perl packages' - if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 - id: cache-perl-win32-pkgs - env: - cache-name: cache-perl-win32-pkgs - with: - path: C:\perl-win32-pkgs - key: ${{ runner.os }}-${{ runner.arch }}-build-${{ env.cache-name }}-${{ hashFiles('perlversion') }} - - - name: 'install test prereqs perl' - if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} - timeout-minutes: 5 - run: *perl-win32-pkgs-install - - name: 'run tests' if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} timeout-minutes: 10 From 3c0604bba46286b7ac6915ed19bb47bc3273c97a Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 15 Oct 2025 20:22:20 +0200 Subject: [PATCH 0466/2408] GHA: sync up `curl -V` step descriptions Also to make it easier to recognize. Also: - GHA/linux-old: split steps to match other jobs. - GHA: add `--disable` where missing. Closes #19084 --- .github/workflows/http3-linux.yml | 4 ++-- .github/workflows/linux-old.yml | 26 ++++++++++++++++---------- .github/workflows/linux.yml | 4 ++-- .github/workflows/macos.yml | 4 ++-- .github/workflows/windows.yml | 8 ++++---- 5 files changed, 26 insertions(+), 20 deletions(-) diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index ae220eb3e8..38d2fb6ac0 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -661,8 +661,8 @@ jobs: make -C bld V=1 fi - - name: 'check curl -V output' - run: bld/src/curl -V + - name: 'curl -V' + run: bld/src/curl --disable -V - name: 'build tests' if: ${{ !contains(matrix.build.install_steps, 'skipall') }} diff --git a/.github/workflows/linux-old.yml b/.github/workflows/linux-old.yml index fde23de811..e145633708 100644 --- a/.github/workflows/linux-old.yml +++ b/.github/workflows/linux-old.yml @@ -80,14 +80,18 @@ jobs: with: persist-credentials: false - - name: 'cmake build-only (out-of-tree)' + - name: 'cmake build-only configure (out-of-tree)' run: | mkdir bld-1 cd bld-1 cmake .. -DCMAKE_UNITY_BUILD=ON -DCURL_WERROR=ON -DBUILD_SHARED_LIBS=ON \ -DCURL_USE_GNUTLS=ON -DENABLE_ARES=OFF -DCURL_ZSTD=OFF -DCURL_USE_GSSAPI=OFF -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=OFF -DUSE_LIBRTMP=ON - VERBOSE=1 make install - src/curl --disable --version + + - name: 'cmake build-only build' + run: VERBOSE=1 make -C bld-1 install + + - name: 'cmake build-only curl -V' + run: bld-1/src/curl --disable --version - name: 'cmake build-only configure log' if: ${{ !cancelled() }} @@ -118,9 +122,10 @@ jobs: grep -F '#define' bld-cares/lib/curl_config.h | sort || true - name: 'cmake build' - run: | - make -C bld-cares - bld-cares/src/curl --disable --version + run: make -C bld-cares + + - name: 'cmake curl -V' + run: bld-cares/src/curl --disable --version - name: 'cmake install' run: make -C bld-cares install @@ -135,7 +140,7 @@ jobs: run: make -C bld-cares curl-examples-build - name: 'autoreconf' - run: autoreconf -if + run: autoreconf -fi - name: 'autotools configure (out-of-tree, c-ares, zstd, gssapi)' run: | @@ -155,9 +160,10 @@ jobs: grep -F '#define' bld-am/lib/curl_config.h | sort || true - name: 'autotools build' - run: | - make -C bld-am - bld-am/src/curl --disable --version + run: make -C bld-am + + - name: 'autotools curl -V' + run: bld-am/src/curl --disable --version - name: 'autotools install' run: make -C bld-am install diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 71390502dc..2d674dc195 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -638,9 +638,9 @@ jobs: fi ./scripts/singleuse.pl --unit "${libcurla}" - - name: 'check curl -V output' + - name: 'curl -V' if: ${{ matrix.build.make-custom-target != 'tidy' }} - run: bld/src/curl -V + run: bld/src/curl --disable -V - name: 'curl install' run: | diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index 2ac37381ea..1e9f2408a8 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -461,7 +461,7 @@ jobs: make -C bld V=1 fi - - name: 'curl version' + - name: 'curl -V' run: bld/src/curl --disable --version - name: 'curl install' @@ -705,5 +705,5 @@ jobs: make -C bld V=1 fi - - name: 'curl version' + - name: 'curl -V' run: bld/src/curl --disable --version diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index 28143fdc5a..975b592c7c 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -130,7 +130,7 @@ jobs: make -C bld V=1 install fi - - name: 'curl version' + - name: 'curl -V' timeout-minutes: 1 run: | PATH=/usr/bin @@ -332,7 +332,7 @@ jobs: make -C bld V=1 install fi - - name: 'curl version' + - name: 'curl -V' timeout-minutes: 1 run: | if [ "${MATRIX_BUILD}" = 'cmake' ]; then @@ -547,7 +547,7 @@ jobs: PATH="/d/my-cache/${MATRIX_DIR}/bin:$PATH" cmake --build bld - - name: 'curl version' + - name: 'curl -V' timeout-minutes: 1 run: | /usr/bin/find . \( -name '*.exe' -o -name '*.dll' -o -name '*.a' \) -exec file '{}' \; @@ -907,7 +907,7 @@ jobs: timeout-minutes: 5 run: cmake --build bld --config "${MATRIX_TYPE}" --parallel 5 - - name: 'curl version' + - name: 'curl -V' timeout-minutes: 1 run: | /usr/bin/find . \( -name '*.exe' -o -name '*.dll' -o -name '*.lib' -o -name '*.pdb' \) -exec file '{}' \; From c8aaa5d2f21f9eba973f8cfac12621819502102f Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 15 Oct 2025 19:45:48 +0200 Subject: [PATCH 0467/2408] scripts: pass `--` before passing xargs Also: - GHA/checkdocs: escape `.` in -E regex expression. Closes #19076 --- .github/workflows/appveyor-status.yml | 2 +- .github/workflows/checkdocs.yml | 2 +- scripts/cmakelint.sh | 3 ++- scripts/firefox-db2pem.sh | 2 +- scripts/perlcheck.sh | 2 +- 5 files changed, 6 insertions(+), 5 deletions(-) diff --git a/.github/workflows/appveyor-status.yml b/.github/workflows/appveyor-status.yml index 5269f3ca65..48e11b0e3d 100644 --- a/.github/workflows/appveyor-status.yml +++ b/.github/workflows/appveyor-status.yml @@ -29,7 +29,7 @@ jobs: APPVEYOR_REPOSITORY: ${{ github.event.repository.full_name }} GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | - echo "${APPVEYOR_TARGET_URL}" | sed 's/\/project\//\/api\/projects\//' | xargs -t -n1 curl -s | \ + echo "${APPVEYOR_TARGET_URL}" | sed 's/\/project\//\/api\/projects\//' | xargs -t -n1 curl -s -- | \ jq -c '.build.jobs[] | {target_url: ($target_url + "/job/" + .jobId), context: (.name | sub("^(Environment: )?"; "AppVeyor / ")), state: (.status | sub("queued"; "pending") diff --git a/.github/workflows/checkdocs.yml b/.github/workflows/checkdocs.yml index 91ed7452d1..58f5f29f8b 100644 --- a/.github/workflows/checkdocs.yml +++ b/.github/workflows/checkdocs.yml @@ -69,7 +69,7 @@ jobs: # run: git ls-files -z '*.md' | xargs -0 -n1 .github/scripts/trimmarkdownheader.pl # # - name: 'check prose' - # run: git ls-files -z '*.md' | grep -Evz 'CHECKSRC.md|DISTROS.md|curl_mprintf.md|CURLOPT_INTERFACE.md|interface.md' | xargs -0 proselint README + # run: git ls-files -z '*.md' | grep -Evz 'CHECKSRC\.md|DISTROS\.md|curl_mprintf\.md|CURLOPT_INTERFACE\.md|interface\.md' | xargs -0 proselint -- README # # # This is for CHECKSRC and files with aggressive exclamation mark needs # - name: 'create second proselint config' diff --git a/scripts/cmakelint.sh b/scripts/cmakelint.sh index 788f087305..9462081f21 100755 --- a/scripts/cmakelint.sh +++ b/scripts/cmakelint.sh @@ -77,4 +77,5 @@ cd "$(dirname "$0")"/.. --max-branches 12 \ --max-arguments 5 \ --max-localvars 15 \ - --max-statements 50 + --max-statements 50 \ + -- diff --git a/scripts/firefox-db2pem.sh b/scripts/firefox-db2pem.sh index 2a4b9ceace..c774ab9107 100755 --- a/scripts/firefox-db2pem.sh +++ b/scripts/firefox-db2pem.sh @@ -57,5 +57,5 @@ sed -e 's/ *[CcGTPpu]*,[CcGTPpu]*,[CcGTPpu]* *$//' -e 's/\(.*\)/"\1"/' | \ sort | \ while read -r nickname; \ do echo "$nickname" | sed -e "s/Builtin Object Token://g"; \ - echo "$nickname" | xargs -I{} certutil -d "$db" -L -a -n {} ; \ + echo "$nickname" | xargs -I{} certutil -d "$db" -L -a -n -- {} ; \ done >> "$out" diff --git a/scripts/perlcheck.sh b/scripts/perlcheck.sh index 7de0f6dbb5..7ec23983d5 100755 --- a/scripts/perlcheck.sh +++ b/scripts/perlcheck.sh @@ -48,4 +48,4 @@ echo "parallel: ${procs}" # strip off the leading ./ to make the grep regexes work properly find . -type f \( -name '*.pl' -o -name '*.pm' \) | sed 's@^\./@@' fi -} | xargs -n 1 -P "${procs}" perl -c -Itests +} | xargs -n 1 -P "${procs}" perl -c -Itests -- From da06621d617ab498a989afe75b7c2a4193d619e4 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 15 Oct 2025 19:46:35 +0200 Subject: [PATCH 0468/2408] firefox-db2pem.sh: add macOS support, tidy-ups Cherry-picked from #19076 Closes #19086 --- scripts/firefox-db2pem.sh | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/scripts/firefox-db2pem.sh b/scripts/firefox-db2pem.sh index c774ab9107..634e429b50 100755 --- a/scripts/firefox-db2pem.sh +++ b/scripts/firefox-db2pem.sh @@ -32,7 +32,11 @@ set -eu -db=$(ls -1d "$HOME"/.mozilla/firefox/*default*) +if [ -d "$HOME/Library/Application Support"/Firefox/Profiles ]; then + db=$(ls -1d "$HOME/Library/Application Support"/Firefox/Profiles/*default*) +else + db=$(ls -1d "$HOME"/.mozilla/firefox/*default*) +fi out="${1:-}" if test -z "$out"; then @@ -55,7 +59,7 @@ certutil -L -h 'Builtin Object Token' -d "$db" | \ grep ' *[CcGTPpu]*,[CcGTPpu]*,[CcGTPpu]* *$' | \ sed -e 's/ *[CcGTPpu]*,[CcGTPpu]*,[CcGTPpu]* *$//' -e 's/\(.*\)/"\1"/' | \ sort | \ -while read -r nickname; \ - do echo "$nickname" | sed -e "s/Builtin Object Token://g"; \ - echo "$nickname" | xargs -I{} certutil -d "$db" -L -a -n -- {} ; \ +while read -r nickname; do + echo "$nickname" | sed 's/Builtin Object Token://g' + echo "$nickname" | xargs -I{} certutil -d "$db" -L -a -n {} done >> "$out" From f91be14bfb79021e3b9ba769955c1f2c4351e9bf Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 16 Oct 2025 21:47:42 +0200 Subject: [PATCH 0469/2408] openldap: limit max incoming size Set the maximum allowed size of an incoming LDAP message, which to OpenLDAP means that it allows malloc() up to this size. If not set, there is no limit and we instead risk a malloc() failure. The limit is arbitrarily set to 256K as I can't figure out what a reasonable value should be. OpenLDAP docs: https://openldap.org/software/man.cgi?query=lber-sockbuf&apropos=0&sektion=0&manpath=OpenLDAP+2.6-Release&arch=default&format=html Bug: https://issues.oss-fuzz.com/issues/432441303 Closes #19087 --- lib/openldap.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/lib/openldap.c b/lib/openldap.c index b8afe99529..1b26b6e1b4 100644 --- a/lib/openldap.c +++ b/lib/openldap.c @@ -659,6 +659,19 @@ static CURLcode oldap_connect(struct Curl_easy *data, bool *done) /* Do not chase referrals. */ ldap_set_option(li->ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF); + { + ber_len_t max = 256*1024; + Sockbuf *sb; + if(ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, (void **)&sb) || + /* Set the maximum allowed size of an incoming message, which to + OpenLDAP means that it will malloc() memory up to this size. If not + set, there is no limit and we instead risk a malloc() failure. */ + ber_sockbuf_ctrl(sb, LBER_SB_OPT_SET_MAX_INCOMING, &max)) { + result = CURLE_FAILED_INIT; + goto out; + } + } + #ifdef USE_SSL if(Curl_conn_is_ssl(conn, FIRSTSOCKET)) { result = oldap_ssl_connect(data, OLDAP_SSL); From f5f4710a260699b85c3b2d09e5bf886e8884fb29 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 17 Oct 2025 09:31:55 +0200 Subject: [PATCH 0470/2408] examples/websocket: fix use of uninitialized rlen Pointed out by ZeroPath Closes #19088 --- docs/examples/websocket.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/examples/websocket.c b/docs/examples/websocket.c index be6cff64a2..0063f1b59c 100644 --- a/docs/examples/websocket.c +++ b/docs/examples/websocket.c @@ -64,7 +64,7 @@ static CURLcode ping(CURL *curl, const char *send_payload) static CURLcode recv_pong(CURL *curl, const char *expected_payload) { - size_t rlen; + size_t rlen = 0; const struct curl_ws_frame *meta; char buffer[256]; CURLcode res; From 7e12139719e310e68b7eb2729eff859b4a5d3883 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 17 Oct 2025 09:58:20 +0200 Subject: [PATCH 0471/2408] imap: treat capabilities case insensitively Reported-by: Joshua Rogers Fixes #19089 Closes #19090 --- lib/imap.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/imap.c b/lib/imap.c index 47757d3f29..0feaedf5ac 100644 --- a/lib/imap.c +++ b/lib/imap.c @@ -1056,19 +1056,19 @@ static CURLcode imap_state_capability_resp(struct Curl_easy *data, wordlen++; /* Does the server support the STARTTLS capability? */ - if(wordlen == 8 && !memcmp(line, "STARTTLS", 8)) + if(wordlen == 8 && curl_strnequal(line, "STARTTLS", 8)) imapc->tls_supported = TRUE; /* Has the server explicitly disabled clear text authentication? */ - else if(wordlen == 13 && !memcmp(line, "LOGINDISABLED", 13)) + else if(wordlen == 13 && curl_strnequal(line, "LOGINDISABLED", 13)) imapc->login_disabled = TRUE; /* Does the server support the SASL-IR capability? */ - else if(wordlen == 7 && !memcmp(line, "SASL-IR", 7)) + else if(wordlen == 7 && curl_strnequal(line, "SASL-IR", 7)) imapc->ir_supported = TRUE; /* Do we have a SASL based authentication mechanism? */ - else if(wordlen > 5 && !memcmp(line, "AUTH=", 5)) { + else if(wordlen > 5 && curl_strnequal(line, "AUTH=", 5)) { size_t llen; unsigned short mechbit; From 3a305831d1a9d10b2bfd4fa3939ed41275fee7f7 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 15 Oct 2025 21:01:46 +0200 Subject: [PATCH 0472/2408] mbedtls: add support for 4.0.0 After this patch libcurl requires (as already documented) the `curl_global_init()` call when using the `curl_formadd()` API with mbedTLS. Note: NTLM is not supported with mbedTLS 4+, because it lacks the necessary crypto primitive: DES. Also: - lib: de-dupe mbedTLS minimum version checks into `curl_setup.h`. - lib: initialize PSA Crypto as part of `curl_global_init()`. For MD5, SHA-256, `curl_formadd()`, and MultiSSL builds with mbedTLS but where mbedTLS isn't the default backend. - lib1308: fix to call `curl_global_init()` (for the Form API). - curl_ntlm_core: disable with mbedTLS 4+. - md4: disable mbedTLS implementation when building against 4.x. - md5: use mbedTLS PSA Crypto API when available, otherwise use the default local implementation. - sha256: use mbedTLS PSA Crypto API when available, otherwise use the default local implementation. - vtls/mbedtls: drop PSA Crypto initialization in favor of `curl_global_init()`. - vtls/mbedtls: use PSA Crypto random API with all mbedTLS versions. - vtls/mbedtls: do the same for the SHA-256 callback. - autotools: detect mbedTLS 4+, and disable NTLM for 3.x. - cmake: disable NTLM for mbedTLS 3.x. - GHA/linux: keep building mbedTLS 3.x manually and use it in an existing job, while also enabling pytest in it. - GHA/linux: bump to mbedTLS 4.0.0. Closes #19075 Closes #19074 Refs: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-4.0.0 https://github.com/Mbed-TLS/mbedtls/blob/mbedtls-4.0.0/docs/4.0-migration-guide.md https://github.com/Mbed-TLS/mbedtls/blob/mbedtls-4.0.0/tf-psa-crypto/docs/1.0-migration-guide.md [404] https://github.com/Mbed-TLS/TF-PSA-Crypto/blob/tf-psa-crypto-1.0.0/docs/1.0-migration-guide.md https://github.com/Mbed-TLS/TF-PSA-Crypto/blob/tf-psa-crypto-1.0.0/docs/psa-transition.md https://github.com/Mbed-TLS/TF-PSA-Crypto/tree/627f727bbed3d9319ed548f1c0839a29c223414e/docs/4.0-migration-guide Closes #19077 --- .github/workflows/linux.yml | 39 +++++++++--- CMakeLists.txt | 2 +- configure.ac | 4 +- lib/curl_ntlm_core.c | 20 ++++--- lib/curl_setup.h | 10 +++- lib/easy.c | 29 +++++++++ lib/md4.c | 12 ++-- lib/md5.c | 30 +++++----- lib/sha256.c | 29 +++++---- lib/vtls/mbedtls.c | 115 ++++++++++++++++++++---------------- m4/curl-mbedtls.m4 | 19 ++++++ tests/libtest/lib1308.c | 15 +++-- 12 files changed, 218 insertions(+), 106 deletions(-) diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 2d674dc195..527c9ce607 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -42,7 +42,9 @@ env: # renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?.+)-stable$ registryUrl=https://github.com WOLFSSL_VERSION: 5.8.2 # renovate: datasource=github-tags depName=Mbed-TLS/mbedtls versioning=semver registryUrl=https://github.com - MBEDTLS_VERSION: 3.6.4 + MBEDTLS_VERSION: 4.0.0 + # renovate: datasource=github-tags depName=Mbed-TLS/mbedtls versioning=semver:^3.0.0 registryUrl=https://github.com + MBEDTLS_VERSION_PREV: 3.6.4 # renovate: datasource=github-tags depName=awslabs/aws-lc versioning=semver registryUrl=https://github.com AWSLC_VERSION: 1.61.4 # renovate: datasource=github-tags depName=google/boringssl versioning=semver registryUrl=https://github.com @@ -109,10 +111,10 @@ jobs: install_steps: mbedtls pytest configure: CC=clang LDFLAGS=-Wl,-rpath,/home/runner/mbedtls/lib --with-mbedtls=/home/runner/mbedtls --enable-debug --with-fish-functions-dir --with-zsh-functions-dir - - name: 'mbedtls' + - name: 'mbedtls-prev' install_packages: libnghttp2-dev libuv1-dev - install_steps: mbedtls - PKG_CONFIG_PATH: /home/runner/mbedtls/lib/pkgconfig # Requires v3.6.0 + install_steps: mbedtls-prev pytest + PKG_CONFIG_PATH: /home/runner/mbedtls-prev/lib/pkgconfig # Requires v3.6.0 generate: -DCURL_USE_MBEDTLS=ON -DCURL_USE_LIBUV=ON -DENABLE_DEBUG=ON - name: 'mbedtls-pkg MultiSSL !pc' @@ -435,7 +437,7 @@ jobs: - name: 'cache mbedtls' if: ${{ contains(matrix.build.install_steps, 'mbedtls') }} uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 - id: cache-mbedtls + id: cache-mbedtls-threadsafe env: cache-name: cache-mbedtls-threadsafe with: @@ -443,7 +445,7 @@ jobs: key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.MBEDTLS_VERSION }} - name: 'build mbedtls' - if: ${{ contains(matrix.build.install_steps, 'mbedtls') && steps.cache-mbedtls.outputs.cache-hit != 'true' }} + if: ${{ contains(matrix.build.install_steps, 'mbedtls') && steps.cache-mbedtls-threadsafe.outputs.cache-hit != 'true' }} run: | curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \ --location "https://github.com/Mbed-TLS/mbedtls/releases/download/mbedtls-${MBEDTLS_VERSION}/mbedtls-${MBEDTLS_VERSION}.tar.bz2" | tar -xj @@ -455,7 +457,30 @@ jobs: cmake --build . cmake --install . - - name: 'cache openldap-static' + - name: 'cache mbedtls (prev)' + if: ${{ contains(matrix.build.install_steps, 'mbedtls-prev') }} + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 + id: cache-mbedtls-threadsafe-prev + env: + cache-name: cache-mbedtls-threadsafe-prev + with: + path: ~/mbedtls-prev + key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.MBEDTLS_VERSION }} + + - name: 'build mbedtls (prev)' + if: ${{ contains(matrix.build.install_steps, 'mbedtls-prev') && steps.cache-mbedtls-threadsafe-prev.outputs.cache-hit != 'true' }} + run: | + curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \ + --location "https://github.com/Mbed-TLS/mbedtls/releases/download/mbedtls-${MBEDTLS_VERSION_PREV}/mbedtls-${MBEDTLS_VERSION_PREV}.tar.bz2" | tar -xj + cd "mbedtls-${MBEDTLS_VERSION_PREV}" + ./scripts/config.py set MBEDTLS_THREADING_C + ./scripts/config.py set MBEDTLS_THREADING_PTHREAD + cmake -B . -G Ninja -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_POSITION_INDEPENDENT_CODE=ON -DCMAKE_INSTALL_PREFIX=/home/runner/mbedtls-prev \ + -DENABLE_PROGRAMS=OFF -DENABLE_TESTING=OFF + cmake --build . + cmake --install . + + - name: 'cache openldap (static)' if: ${{ contains(matrix.build.install_steps, 'openldap-static') }} uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 id: cache-openldap-static diff --git a/CMakeLists.txt b/CMakeLists.txt index 65eaaf670a..b6aff6ce7c 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -2083,7 +2083,7 @@ endmacro() # These conditions must match those in lib/curl_setup.h. if(NOT CURL_DISABLE_NTLM AND (USE_OPENSSL OR - USE_MBEDTLS OR + (USE_MBEDTLS AND MBEDTLS_VERSION VERSION_LESS 4.0.0) OR USE_GNUTLS OR USE_WIN32_CRYPTO OR (USE_WOLFSSL AND HAVE_WOLFSSL_DES_ECB_ENCRYPT))) diff --git a/configure.ac b/configure.ac index 999ab122a3..97d0310497 100644 --- a/configure.ac +++ b/configure.ac @@ -5252,11 +5252,13 @@ fi use_curl_ntlm_core=no if test "x$CURL_DISABLE_NTLM" != "x1"; then - if test "x$OPENSSL_ENABLED" = "x1" -o "x$MBEDTLS_ENABLED" = "x1" \ + if test "x$OPENSSL_ENABLED" = "x1" \ -o "x$GNUTLS_ENABLED" = "x1" \ -o "x$USE_WIN32_CRYPTO" = "x1" \ -o "x$HAVE_WOLFSSL_DES_ECB_ENCRYPT" = "x1"; then use_curl_ntlm_core=yes + elif test "x$MBEDTLS_ENABLED" = "x1" && test "$mbedtls_4" = "0"; then + use_curl_ntlm_core=yes fi if test "x$use_curl_ntlm_core" = "xyes" \ diff --git a/lib/curl_ntlm_core.c b/lib/curl_ntlm_core.c index cf0e4dc288..a81e97f0ce 100644 --- a/lib/curl_ntlm_core.c +++ b/lib/curl_ntlm_core.c @@ -38,10 +38,9 @@ 1. USE_OPENSSL 2. USE_WOLFSSL 3. USE_GNUTLS - 4. - - 5. USE_MBEDTLS - 6. USE_OS400CRYPTO - 7. USE_WIN32_CRYPTO + 4. USE_MBEDTLS + 5. USE_OS400CRYPTO + 6. USE_WIN32_CRYPTO This ensures that: - the same SSL branch gets activated throughout this source @@ -61,6 +60,11 @@ #ifndef NO_DES3 #define USE_OPENSSL_DES #endif +#elif defined(USE_MBEDTLS) + #include + #if MBEDTLS_VERSION_NUMBER < 0x04000000 + #define USE_MBEDTLS_DES + #endif #endif #ifdef USE_OPENSSL_DES @@ -97,7 +101,7 @@ # include -#elif defined(USE_MBEDTLS) +#elif defined(USE_MBEDTLS_DES) # include @@ -178,7 +182,7 @@ static void setup_des_key(const unsigned char *key_56, des_set_key(des, (const uint8_t *) key); } -#elif defined(USE_MBEDTLS) +#elif defined(USE_MBEDTLS_DES) static bool encrypt_des(const unsigned char *in, unsigned char *out, const unsigned char *key_56) @@ -305,7 +309,7 @@ void Curl_ntlm_core_lm_resp(const unsigned char *keys, des_encrypt(&des, 8, results + 8, plaintext); setup_des_key(keys + 14, &des); des_encrypt(&des, 8, results + 16, plaintext); -#elif defined(USE_MBEDTLS) || defined(USE_OS400CRYPTO) || \ +#elif defined(USE_MBEDTLS_DES) || defined(USE_OS400CRYPTO) || \ defined(USE_WIN32_CRYPTO) encrypt_des(plaintext, results, keys); encrypt_des(plaintext, results + 8, keys + 7); @@ -353,7 +357,7 @@ CURLcode Curl_ntlm_core_mk_lm_hash(const char *password, des_encrypt(&des, 8, lmbuffer, magic); setup_des_key(pw + 7, &des); des_encrypt(&des, 8, lmbuffer + 8, magic); -#elif defined(USE_MBEDTLS) || defined(USE_OS400CRYPTO) || \ +#elif defined(USE_MBEDTLS_DES) || defined(USE_OS400CRYPTO) || \ defined(USE_WIN32_CRYPTO) encrypt_des(magic, lmbuffer, pw); encrypt_des(magic, lmbuffer + 8, pw + 7); diff --git a/lib/curl_setup.h b/lib/curl_setup.h index 694d14df4f..4934baa22b 100644 --- a/lib/curl_setup.h +++ b/lib/curl_setup.h @@ -737,6 +737,13 @@ # endif #endif +#ifdef USE_MBEDTLS +#include +#if MBEDTLS_VERSION_NUMBER < 0x03020000 + #error "mbedTLS 3.2.0 or later required" +#endif +#endif + #if defined(USE_WOLFSSL) && defined(USE_GNUTLS) /* Avoid defining unprefixed wolfSSL SHA macros colliding with nettle ones */ #define NO_OLD_WC_NAMES @@ -756,8 +763,9 @@ /* Single point where USE_NTLM definition might be defined */ #ifndef CURL_DISABLE_NTLM -# if defined(USE_OPENSSL) || defined(USE_MBEDTLS) || \ +# if defined(USE_OPENSSL) || \ defined(USE_GNUTLS) || \ + (defined(USE_MBEDTLS) && MBEDTLS_VERSION_NUMBER < 0x04000000) || \ defined(USE_OS400CRYPTO) || defined(USE_WIN32_CRYPTO) || \ (defined(USE_WOLFSSL) && defined(HAVE_WOLFSSL_DES_ECB_ENCRYPT)) # define USE_CURL_NTLM_CORE diff --git a/lib/easy.c b/lib/easy.c index 793a18f33e..f12a8b143f 100644 --- a/lib/easy.c +++ b/lib/easy.c @@ -80,6 +80,10 @@ #include "easy_lock.h" +#ifdef USE_MBEDTLS +#include +#endif + /* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -137,6 +141,24 @@ curl_calloc_callback Curl_ccalloc = (curl_calloc_callback)calloc; static char *leakpointer; #endif +static CURLcode crypto_init(void) +{ +#ifdef USE_MBEDTLS + psa_status_t status; + status = psa_crypto_init(); + if(status != PSA_SUCCESS) + return CURLE_FAILED_INIT; +#endif + return CURLE_OK; +} + +static void crypto_cleanup(void) +{ +#ifdef USE_MBEDTLS + mbedtls_psa_crypto_free(); +#endif +} + /** * curl_global_init() globally initializes curl given a bitwise set of the * different features of what to initialize. @@ -160,6 +182,11 @@ static CURLcode global_init(long flags, bool memoryfuncs) goto fail; } + if(crypto_init()) { + DEBUGF(curl_mfprintf(stderr, "Error: crypto_init failed\n")); + goto fail; + } + if(!Curl_ssl_init()) { DEBUGF(curl_mfprintf(stderr, "Error: Curl_ssl_init failed\n")); goto fail; @@ -298,6 +325,8 @@ void curl_global_cleanup(void) Curl_ssh_cleanup(); + crypto_cleanup(); + #ifdef DEBUGBUILD free(leakpointer); #endif diff --git a/lib/md4.c b/lib/md4.c index 9db85786e1..5d0908eade 100644 --- a/lib/md4.c +++ b/lib/md4.c @@ -53,11 +53,11 @@ #ifdef USE_MBEDTLS #include -#if MBEDTLS_VERSION_NUMBER < 0x03020000 - #error "mbedTLS 3.2.0 or later required" -#endif +#if MBEDTLS_VERSION_NUMBER < 0x04000000 && defined(MBEDTLS_MD4_C) +#define USE_MBEDTLS_MD4 #include -#endif /* USE_MBEDTLS */ +#endif +#endif /* When OpenSSL or wolfSSL is available, we use their MD4 functions. */ #if defined(USE_WOLFSSL) && !defined(WOLFSSL_NO_MD4) @@ -78,7 +78,7 @@ #include #elif defined(USE_GNUTLS) #include -#elif(defined(USE_MBEDTLS) && defined(MBEDTLS_MD4_C)) +#elif defined(USE_MBEDTLS_MD4) #include #endif @@ -187,7 +187,7 @@ static void MD4_Final(unsigned char *result, MD4_CTX *ctx) md4_digest(ctx, MD4_DIGEST_SIZE, result); } -#elif(defined(USE_MBEDTLS) && defined(MBEDTLS_MD4_C)) +#elif defined(USE_MBEDTLS_MD4) struct md4_ctx { void *data; diff --git a/lib/md5.c b/lib/md5.c index 0919240340..897bd1b1a4 100644 --- a/lib/md5.c +++ b/lib/md5.c @@ -34,13 +34,6 @@ #include "curl_hmac.h" #include "curlx/warnless.h" -#ifdef USE_MBEDTLS -#include -#if MBEDTLS_VERSION_NUMBER < 0x03020000 - #error "mbedTLS 3.2.0 or later required" -#endif -#endif /* USE_MBEDTLS */ - #ifdef USE_OPENSSL #include #if !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_DEPRECATED_3_0) @@ -55,14 +48,21 @@ #endif #endif +#ifdef USE_MBEDTLS + #include + #if defined(PSA_WANT_ALG_MD5) && PSA_WANT_ALG_MD5 /* mbedTLS 4+ */ + #define USE_MBEDTLS_MD5 + #endif +#endif + #ifdef USE_GNUTLS #include #elif defined(USE_OPENSSL_MD5) #include #elif defined(USE_WOLFSSL_MD5) #include -#elif defined(USE_MBEDTLS) -#include +#elif defined(USE_MBEDTLS_MD5) +#include #elif (defined(__MAC_OS_X_VERSION_MAX_ALLOWED) && \ (__MAC_OS_X_VERSION_MAX_ALLOWED >= 1040) && \ defined(__MAC_OS_X_VERSION_MIN_REQUIRED) && \ @@ -152,13 +152,14 @@ static void my_md5_final(unsigned char *digest, void *ctx) (void)wolfSSL_MD5_Final(digest, ctx); } -#elif defined(USE_MBEDTLS) +#elif defined(USE_MBEDTLS_MD5) -typedef mbedtls_md5_context my_md5_ctx; +typedef psa_hash_operation_t my_md5_ctx; static CURLcode my_md5_init(void *ctx) { - if(mbedtls_md5_starts(ctx)) + memset(ctx, 0, sizeof(my_md5_ctx)); + if(psa_hash_setup(ctx, PSA_ALG_MD5) != PSA_SUCCESS) return CURLE_OUT_OF_MEMORY; return CURLE_OK; } @@ -167,12 +168,13 @@ static void my_md5_update(void *ctx, const unsigned char *data, unsigned int length) { - (void)mbedtls_md5_update(ctx, data, length); + (void)psa_hash_update(ctx, data, length); } static void my_md5_final(unsigned char *digest, void *ctx) { - (void)mbedtls_md5_finish(ctx, digest); + size_t actual_length; + (void)psa_hash_finish(ctx, digest, 16, &actual_length); } #elif defined(AN_APPLE_OS) diff --git a/lib/sha256.c b/lib/sha256.c index 2d0357189a..cf8e98a550 100644 --- a/lib/sha256.c +++ b/lib/sha256.c @@ -32,16 +32,19 @@ #include "curl_sha256.h" #include "curl_hmac.h" +#ifdef USE_MBEDTLS + #include + #if defined(PSA_WANT_ALG_SHA_256) && PSA_WANT_ALG_SHA_256 /* mbedTLS 4+ */ + #define USE_MBEDTLS_SHA256 + #endif +#endif + #ifdef USE_OPENSSL #include #elif defined(USE_GNUTLS) #include -#elif defined(USE_MBEDTLS) -#include -#if MBEDTLS_VERSION_NUMBER < 0x03020000 - #error "mbedTLS 3.2.0 or later required" -#endif -#include +#elif defined(USE_MBEDTLS_SHA256) +#include #elif (defined(__MAC_OS_X_VERSION_MAX_ALLOWED) && \ (__MAC_OS_X_VERSION_MAX_ALLOWED >= 1040)) || \ (defined(__IPHONE_OS_VERSION_MAX_ALLOWED) && \ @@ -126,13 +129,15 @@ static void my_sha256_final(unsigned char *digest, void *ctx) sha256_digest(ctx, SHA256_DIGEST_SIZE, digest); } -#elif defined(USE_MBEDTLS) +#elif defined(USE_MBEDTLS_SHA256) -typedef mbedtls_sha256_context my_sha256_ctx; +typedef psa_hash_operation_t my_sha256_ctx; static CURLcode my_sha256_init(void *ctx) { - (void)mbedtls_sha256_starts(ctx, 0); + memset(ctx, 0, sizeof(my_sha256_ctx)); + if(psa_hash_setup(ctx, PSA_ALG_SHA_256) != PSA_SUCCESS) + return CURLE_OUT_OF_MEMORY; return CURLE_OK; } @@ -140,12 +145,14 @@ static void my_sha256_update(void *ctx, const unsigned char *data, unsigned int length) { - (void)mbedtls_sha256_update(ctx, data, length); + (void)psa_hash_update(ctx, data, length); } static void my_sha256_final(unsigned char *digest, void *ctx) { - (void)mbedtls_sha256_finish(ctx, digest); + size_t actual_length; + (void)psa_hash_finish(ctx, digest, CURL_SHA256_DIGEST_LENGTH, + &actual_length); } #elif defined(AN_APPLE_OS) diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c index 3ff131b441..ebb8a4abc0 100644 --- a/lib/vtls/mbedtls.c +++ b/lib/vtls/mbedtls.c @@ -37,17 +37,21 @@ /* #define MBEDTLS_DEBUG */ #include -#if MBEDTLS_VERSION_NUMBER < 0x03020000 - #error "mbedTLS 3.2.0 or later required" -#endif +#include #include #include #include +#include + +#if MBEDTLS_VERSION_NUMBER < 0x04000000 +#define CURL_MBEDTLS_DRBG +#endif #include +#ifdef CURL_MBEDTLS_DRBG #include #include -#include +#endif #ifdef MBEDTLS_DEBUG #include #endif @@ -77,8 +81,10 @@ #endif struct mbed_ssl_backend_data { +#ifdef CURL_MBEDTLS_DRBG mbedtls_ctr_drbg_context ctr_drbg; mbedtls_entropy_context entropy; +#endif mbedtls_ssl_context ssl; mbedtls_x509_crt cacert; mbedtls_x509_crt clicert; @@ -106,7 +112,7 @@ struct mbed_ssl_backend_data { #define mbedtls_strerror(a,b,c) b[0] = 0 #endif -#ifdef HAS_THREADING_SUPPORT +#if defined(CURL_MBEDTLS_DRBG) && defined(HAS_THREADING_SUPPORT) static mbedtls_entropy_context ts_entropy; static int entropy_init_initialized = 0; @@ -144,7 +150,7 @@ static int entropy_func_mutex(void *data, unsigned char *output, size_t len) return ret; } -#endif /* HAS_THREADING_SUPPORT */ +#endif /* CURL_MBEDTLS_DRBG && HAS_THREADING_SUPPORT */ #ifdef MBEDTLS_DEBUG static void mbed_debug(void *context, int level, const char *f_name, @@ -538,6 +544,7 @@ mbed_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data) return CURLE_NOT_BUILT_IN; } +#ifdef CURL_MBEDTLS_DRBG #ifdef HAS_THREADING_SUPPORT mbedtls_ctr_drbg_init(&backend->ctr_drbg); @@ -562,6 +569,7 @@ mbed_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data) return CURLE_FAILED_INIT; } #endif /* HAS_THREADING_SUPPORT */ +#endif /* CURL_MBEDTLS_DRBG */ /* Load the trusted CA */ mbedtls_x509_crt_init(&backend->cacert); @@ -665,6 +673,17 @@ mbed_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data) if(ssl_config->key || ssl_config->key_blob) { if(ssl_config->key) { #ifdef MBEDTLS_FS_IO +#if MBEDTLS_VERSION_NUMBER >= 0x04000000 + ret = mbedtls_pk_parse_keyfile(&backend->pk, ssl_config->key, + ssl_config->key_passwd); + if(ret == 0 && !(mbedtls_pk_can_do_psa(&backend->pk, + PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH), + PSA_KEY_USAGE_SIGN_HASH) || + mbedtls_pk_can_do_psa(&backend->pk, + MBEDTLS_PK_ALG_ECDSA(PSA_ALG_ANY_HASH), + PSA_KEY_USAGE_SIGN_HASH))) + ret = MBEDTLS_ERR_PK_TYPE_MISMATCH; +#else ret = mbedtls_pk_parse_keyfile(&backend->pk, ssl_config->key, ssl_config->key_passwd, mbedtls_ctr_drbg_random, @@ -672,6 +691,7 @@ mbed_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data) if(ret == 0 && !(mbedtls_pk_can_do(&backend->pk, MBEDTLS_PK_RSA) || mbedtls_pk_can_do(&backend->pk, MBEDTLS_PK_ECKEY))) ret = MBEDTLS_ERR_PK_TYPE_MISMATCH; +#endif if(ret) { mbedtls_strerror(ret, errorbuf, sizeof(errorbuf)); @@ -689,6 +709,18 @@ mbed_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data) const unsigned char *key_data = (const unsigned char *)ssl_key_blob->data; const char *passwd = ssl_config->key_passwd; +#if MBEDTLS_VERSION_NUMBER >= 0x04000000 + ret = mbedtls_pk_parse_key(&backend->pk, key_data, ssl_key_blob->len, + (const unsigned char *)passwd, + passwd ? strlen(passwd) : 0); + if(ret == 0 && !(mbedtls_pk_can_do_psa(&backend->pk, + PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH), + PSA_KEY_USAGE_SIGN_HASH) || + mbedtls_pk_can_do_psa(&backend->pk, + MBEDTLS_PK_ALG_ECDSA(PSA_ALG_ANY_HASH), + PSA_KEY_USAGE_SIGN_HASH))) + ret = MBEDTLS_ERR_PK_TYPE_MISMATCH; +#else ret = mbedtls_pk_parse_key(&backend->pk, key_data, ssl_key_blob->len, (const unsigned char *)passwd, passwd ? strlen(passwd) : 0, @@ -697,6 +729,7 @@ mbed_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data) if(ret == 0 && !(mbedtls_pk_can_do(&backend->pk, MBEDTLS_PK_RSA) || mbedtls_pk_can_do(&backend->pk, MBEDTLS_PK_ECKEY))) ret = MBEDTLS_ERR_PK_TYPE_MISMATCH; +#endif if(ret) { mbedtls_strerror(ret, errorbuf, sizeof(errorbuf)); @@ -746,8 +779,9 @@ mbed_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data) return CURLE_SSL_CONNECT_ERROR; } -#ifdef MBEDTLS_SSL_SESSION_TICKETS - /* New in mbedTLS 3.6.1, need to enable, default is now disabled */ +#if MBEDTLS_VERSION_NUMBER < 0x04000000 && defined(MBEDTLS_SSL_SESSION_TICKETS) + /* New in mbedTLS 3.6.1, need to enable, default is now disabled. + 4.0.0 enabled it by default for TLSv1.3. */ mbedtls_ssl_conf_tls13_enable_signal_new_session_tickets(&backend->config, MBEDTLS_SSL_TLS1_3_SIGNAL_NEW_SESSION_TICKETS_ENABLED); #endif @@ -769,8 +803,10 @@ mbed_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data) if(ret != CURLE_OK) return ret; +#ifdef CURL_MBEDTLS_DRBG mbedtls_ssl_conf_rng(&backend->config, mbedtls_ctr_drbg_random, &backend->ctr_drbg); +#endif ret = mbedtls_ssl_setup(&backend->ssl, &backend->config); if(ret) { @@ -1272,10 +1308,12 @@ static void mbedtls_close(struct Curl_cfilter *cf, struct Curl_easy *data) Curl_safefree(backend->ciphersuites); mbedtls_ssl_config_free(&backend->config); mbedtls_ssl_free(&backend->ssl); +#ifdef CURL_MBEDTLS_DRBG mbedtls_ctr_drbg_free(&backend->ctr_drbg); #ifndef HAS_THREADING_SUPPORT mbedtls_entropy_free(&backend->entropy); -#endif /* HAS_THREADING_SUPPORT */ +#endif /* !HAS_THREADING_SUPPORT */ +#endif backend->initialized = FALSE; } } @@ -1346,33 +1384,12 @@ static size_t mbedtls_version(char *buffer, size_t size) static CURLcode mbedtls_random(struct Curl_easy *data, unsigned char *entropy, size_t length) { -#ifdef MBEDTLS_CTR_DRBG_C - int ret; - mbedtls_entropy_context ctr_entropy; - mbedtls_ctr_drbg_context ctr_drbg; - mbedtls_entropy_init(&ctr_entropy); - mbedtls_ctr_drbg_init(&ctr_drbg); + psa_status_t status; (void)data; - ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, - &ctr_entropy, NULL, 0); + status = psa_generate_random(entropy, length); - if(!ret) - ret = mbedtls_ctr_drbg_random(&ctr_drbg, entropy, length); - - mbedtls_ctr_drbg_free(&ctr_drbg); - mbedtls_entropy_free(&ctr_entropy); - - return ret == 0 ? CURLE_OK : CURLE_FAILED_INIT; -#elif defined(MBEDTLS_HAVEGE_C) - mbedtls_havege_state hs; - mbedtls_havege_init(&hs); - mbedtls_havege_random(&hs, entropy, length); - mbedtls_havege_free(&hs); - return CURLE_OK; -#else - return CURLE_NOT_BUILT_IN; -#endif + return status == PSA_SUCCESS ? CURLE_OK : CURLE_FAILED_INIT; } static CURLcode mbedtls_connect(struct Curl_cfilter *cf, @@ -1434,29 +1451,15 @@ static int mbedtls_init(void) { if(!Curl_mbedtlsthreadlock_thread_setup()) return 0; -#ifdef HAS_THREADING_SUPPORT +#if defined(CURL_MBEDTLS_DRBG) && defined(HAS_THREADING_SUPPORT) entropy_init_mutex(&ts_entropy); #endif -#ifdef MBEDTLS_USE_PSA_CRYPTO /* requires mbedTLS 3.6.0+ */ - { - int ret; -#ifdef HAS_THREADING_SUPPORT - Curl_mbedtlsthreadlock_lock_function(0); -#endif - ret = psa_crypto_init(); -#ifdef HAS_THREADING_SUPPORT - Curl_mbedtlsthreadlock_unlock_function(0); -#endif - if(ret != PSA_SUCCESS) - return 0; - } -#endif /* MBEDTLS_USE_PSA_CRYPTO */ return 1; } static void mbedtls_cleanup(void) { -#ifdef HAS_THREADING_SUPPORT +#if defined(CURL_MBEDTLS_DRBG) && defined(HAS_THREADING_SUPPORT) entropy_cleanup_mutex(&ts_entropy); #endif (void)Curl_mbedtlsthreadlock_thread_cleanup(); @@ -1479,11 +1482,19 @@ static CURLcode mbedtls_sha256sum(const unsigned char *input, unsigned char *sha256sum, size_t sha256len) { - (void)sha256len; - /* returns 0 on success, otherwise failure */ - if(mbedtls_sha256(input, inputlen, sha256sum, 0) != 0) +#if defined(PSA_WANT_ALG_SHA_256) && PSA_WANT_ALG_SHA_256 /* mbedTLS 4+ */ + psa_status_t status; + size_t sha256len_actual; + status = psa_hash_compute(PSA_ALG_SHA_256, input, inputlen, + sha256sum, sha256len, + &sha256len_actual); + if(status != PSA_SUCCESS) return CURLE_BAD_FUNCTION_ARGUMENT; return CURLE_OK; +#else + (void)sha256len; + return Curl_sha256it(sha256sum, input, inputlen); +#endif } static void *mbedtls_get_internals(struct ssl_connect_data *connssl, diff --git a/m4/curl-mbedtls.m4 b/m4/curl-mbedtls.m4 index 519c29d79a..55152c5408 100644 --- a/m4/curl-mbedtls.m4 +++ b/m4/curl-mbedtls.m4 @@ -106,6 +106,25 @@ if test "x$OPT_MBEDTLS" != xno; then if false; then LIBCURL_PC_REQUIRES_PRIVATE="$LIBCURL_PC_REQUIRES_PRIVATE mbedtls mbedx509 mbedcrypto" fi + + mbedtls_4=0 + AC_MSG_CHECKING([for mbedTLS >= v4]) + AC_COMPILE_IFELSE([ + AC_LANG_PROGRAM([[ + #include + ]],[[ + #if (MBEDTLS_VERSION_NUMBER >= 0x04000000) + return 0; + #else + #error older than 4 + #endif + ]]) + ],[ + mbedtls_4=1 + AC_MSG_RESULT([yes]) + ],[ + AC_MSG_RESULT([no]) + ]) fi fi dnl mbedTLS not disabled diff --git a/tests/libtest/lib1308.c b/tests/libtest/lib1308.c index 8e83462a7a..1455b0b0df 100644 --- a/tests/libtest/lib1308.c +++ b/tests/libtest/lib1308.c @@ -43,12 +43,15 @@ static CURLcode test_lib1308(const char *URL) { int errorcount = 0; CURLFORMcode rc; - int res; + CURLcode res = CURLE_OK; + int formres = 0; struct curl_httppost *post = NULL; struct curl_httppost *last = NULL; size_t total_size = 0; char buffer[] = "test buffer"; + global_init(CURL_GLOBAL_ALL); + rc = curl_formadd(&post, &last, CURLFORM_COPYNAME, "name", CURLFORM_COPYCONTENTS, "content", CURLFORM_END); t1308_fail_unless(rc == 0, "curl_formadd returned error"); @@ -66,8 +69,8 @@ static CURLcode test_lib1308(const char *URL) CURLFORM_PTRCONTENTS, buffer, CURLFORM_END); t1308_fail_unless(rc == 0, "curl_formadd returned error"); - res = curl_formget(post, &total_size, print_httppost_callback); - t1308_fail_unless(res == 0, "curl_formget returned error"); + formres = curl_formget(post, &total_size, print_httppost_callback); + t1308_fail_unless(formres == 0, "curl_formget returned error"); t1308_fail_unless(total_size == 518, "curl_formget got wrong size back"); @@ -83,12 +86,14 @@ static CURLcode test_lib1308(const char *URL) CURLFORM_END); t1308_fail_unless(rc == 0, "curl_formadd returned error"); - res = curl_formget(post, &total_size, print_httppost_callback); + formres = curl_formget(post, &total_size, print_httppost_callback); - t1308_fail_unless(res == 0, "curl_formget returned error"); + t1308_fail_unless(formres == 0, "curl_formget returned error"); t1308_fail_unless(total_size == 899, "curl_formget got wrong size back"); curl_formfree(post); + curl_global_cleanup(); + return errorcount ? TEST_ERR_FAILURE : CURLE_OK; } From c4db9eb491b3652235ddb5b18425c08b29da0408 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 17 Oct 2025 11:24:36 +0200 Subject: [PATCH 0473/2408] rustls: limit snprintf proper in cr_keylog_log_cb() It should limit the size to the size of the target array, not the incoming data. Pointed out by ZeroPath Closes #19095 --- lib/vtls/rustls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c index ff2dea82b6..38e8a697a8 100644 --- a/lib/vtls/rustls.c +++ b/lib/vtls/rustls.c @@ -518,7 +518,7 @@ cr_keylog_log_cb(struct rustls_str label, (void)client_random_len; DEBUGASSERT(client_random_len == CLIENT_RANDOM_SIZE); /* Turning a "rustls_str" into a null delimited "c" string */ - curl_msnprintf(clabel, label.len + 1, "%.*s", (int)label.len, label.data); + curl_msnprintf(clabel, sizeof(clabel), "%.*s", (int)label.len, label.data); Curl_tls_keylog_write(clabel, client_random, secret, secret_len); } From e2a4de8a607d3c7f52918ef50ab6411c753fa2ce Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 17 Oct 2025 11:18:49 +0200 Subject: [PATCH 0474/2408] openssl: better return code checks when logging cert data Pointed out by ZeroPath Closes #19094 --- lib/vtls/openssl.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 533acdaf8d..04bab2cbf1 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -4845,6 +4845,8 @@ static void infof_certstack(struct Curl_easy *data, const SSL *ssl) certstack = SSL_get_peer_cert_chain(ssl); else certstack = SSL_get0_verified_chain(ssl); + if(!certstack) + return; num_cert_levels = sk_X509_num(certstack); for(cert_level = 0; cert_level < num_cert_levels; cert_level++) { @@ -4860,12 +4862,17 @@ static void infof_certstack(struct Curl_easy *data, const SSL *ssl) const char *type_name; current_cert = sk_X509_value(certstack, cert_level); + if(!current_cert) + continue; + + current_pkey = X509_get0_pubkey(current_cert); + if(!current_pkey) + continue; X509_get0_signature(NULL, &palg_cert, current_cert); X509_ALGOR_get0(&paobj_cert, NULL, NULL, palg_cert); OBJ_obj2txt(cert_algorithm, sizeof(cert_algorithm), paobj_cert, 0); - current_pkey = X509_get0_pubkey(current_cert); key_bits = EVP_PKEY_bits(current_pkey); #ifndef HAVE_OPENSSL3 #define EVP_PKEY_get_security_bits EVP_PKEY_security_bits From 2719aa36b5cf7e638b1b4a0e5c69eb3068d5689d Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Fri, 17 Oct 2025 11:48:35 +0200 Subject: [PATCH 0475/2408] test_16: adjust timing expectations In MOST protocols and runs, the 'pretransfer' time is less than the 'starttransfer'. E.g. request being sent before response comes in. However, when curl is starved of cpu a server response might start streaming in before the multi-state transitioned to DID (and recorded the 'pretransfer' time). Do no longer check that 'pretransfer' is less or equal 'starttransfer'. Check that is is less or equal to the total time instead. Closes #19096 --- tests/http/test_16_info.py | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/tests/http/test_16_info.py b/tests/http/test_16_info.py index ac4f4cc866..53e335e950 100644 --- a/tests/http/test_16_info.py +++ b/tests/http/test_16_info.py @@ -160,9 +160,12 @@ class TestInfo: for key in ['time_appconnect', 'time_connect', 'time_namelookup']: assert s[key] < s['time_pretransfer'], f'time "{key}" larger than' \ f'"time_pretransfer": {s}' - # assert transfer start is after pretransfer - assert s['time_pretransfer'] <= s['time_starttransfer'], f'"time_pretransfer" '\ - f'greater than "time_starttransfer", {s}' + # assert transfer total is after pretransfer. + # (in MOST situations, pretransfer is before starttransfer, BUT + # in protocols like HTTP we might get a server response already before + # we transition to multi state DID.) + assert s['time_pretransfer'] <= s['time_total'], f'"time_pretransfer" '\ + f'greater than "time_total", {s}' # assert that transfer start is before total assert s['time_starttransfer'] <= s['time_total'], f'"time_starttransfer" '\ f'greater than "time_total", {s}' From f221cdeabe7d4f1b123b9306feed8e3b8fe6abb0 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Fri, 17 Oct 2025 10:59:11 +0200 Subject: [PATCH 0476/2408] ngtcp2: add a comment explaining write result handling The choice to continue processing incoming data although the writeout of the headers/data failed is not obvious. Add a comment explaining why this is done. Closes #19093 --- lib/vquic/curl_ngtcp2.c | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index 53665b1a3d..56ca976b9f 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -1018,8 +1018,12 @@ static void h3_xfer_write_resp_hd(struct Curl_cfilter *cf, struct h3_stream_ctx *stream, const char *buf, size_t blen, bool eos) { - - /* If we already encountered an error, skip further writes */ + /* This function returns no error intentionally, but records + * the result at the stream, skipping further writes once the + * `result` of the transfer is known. + * The stream is subsequently cancelled "higher up" in the filter's + * send/recv callbacks. Closing the stream here leads to SEND/RECV + * errors in other places that then overwrite the transfer's result. */ if(!stream->xfer_result) { stream->xfer_result = Curl_xfer_write_resp_hd(data, buf, blen, eos); if(stream->xfer_result) @@ -1033,8 +1037,12 @@ static void h3_xfer_write_resp(struct Curl_cfilter *cf, struct h3_stream_ctx *stream, const char *buf, size_t blen, bool eos) { - - /* If we already encountered an error, skip further writes */ + /* This function returns no error intentionally, but records + * the result at the stream, skipping further writes once the + * `result` of the transfer is known. + * The stream is subsequently cancelled "higher up" in the filter's + * send/recv callbacks. Closing the stream here leads to SEND/RECV + * errors in other places that then overwrite the transfer's result. */ if(!stream->xfer_result) { stream->xfer_result = Curl_xfer_write_resp(data, buf, blen, eos); /* If the transfer write is errored, we do not want any more data */ From 3df71e6dc23e80466c2d448ceb7dc070addbea67 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 17 Oct 2025 10:12:50 +0200 Subject: [PATCH 0477/2408] openssl: fail if more than MAX_ALLOWED_CERT_AMOUNT certs Detect and prevent abuse or mistakes. Limit set to 100. Closes #19091 --- lib/vtls/openssl.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 04bab2cbf1..d51022b664 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -349,6 +349,8 @@ static CURLcode X509V3_ext(struct Curl_easy *data, return result; } +#define MAX_ALLOWED_CERT_AMOUNT 100 + static CURLcode ossl_certchain(struct Curl_easy *data, SSL *ssl) { CURLcode result; @@ -364,6 +366,11 @@ static CURLcode ossl_certchain(struct Curl_easy *data, SSL *ssl) return CURLE_SSL_CONNECT_ERROR; numcerts = sk_X509_num(sk); + if(numcerts > MAX_ALLOWED_CERT_AMOUNT) { + failf(data, "%d certificates is more than allowed (%u)", (int)numcerts, + MAX_ALLOWED_CERT_AMOUNT); + return CURLE_SSL_CONNECT_ERROR; + } result = Curl_ssl_init_certinfo(data, (int)numcerts); if(result) From 9568109f71be2625c0bb6c4883e01042819b0f36 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 17 Oct 2025 08:41:40 +0000 Subject: [PATCH 0478/2408] GHA: update ngtcp2/ngtcp2 to v1.17.0 Closes #19092 --- .github/workflows/http3-linux.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index 38d2fb6ac0..8971fc4e54 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -54,7 +54,7 @@ env: # renovate: datasource=github-tags depName=ngtcp2/nghttp3 versioning=semver registryUrl=https://github.com NGHTTP3_VERSION: 1.12.0 # renovate: datasource=github-tags depName=ngtcp2/ngtcp2 versioning=semver registryUrl=https://github.com - NGTCP2_VERSION: 1.16.0 + NGTCP2_VERSION: 1.17.0 # renovate: datasource=github-tags depName=nghttp2/nghttp2 versioning=semver registryUrl=https://github.com NGHTTP2_VERSION: 1.67.1 # renovate: datasource=github-tags depName=cloudflare/quiche versioning=semver registryUrl=https://github.com From 6296b9d383850bf603fb750e727dc2064b80fe69 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 17 Oct 2025 13:05:58 +0200 Subject: [PATCH 0479/2408] tool_ipfs: simplify the ipfs gateway logic - make sure memory allocated by libcurl is freed with curl_free() - drop the ensure_trailing_slash complexity Closes #19097 --- src/tool_ipfs.c | 108 ++++++++++++++++-------------------------------- 1 file changed, 35 insertions(+), 73 deletions(-) diff --git a/src/tool_ipfs.c b/src/tool_ipfs.c index 13124133ea..1f77dad47f 100644 --- a/src/tool_ipfs.c +++ b/src/tool_ipfs.c @@ -30,100 +30,70 @@ #include "tool_ipfs.h" #include "memdebug.h" /* keep this as LAST include */ -/* ensure input ends in slash */ -static CURLcode ensure_trailing_slash(char **input) +/* input string ends in slash? */ +static bool has_trailing_slash(const char *input) { - if(*input && **input) { - size_t len = strlen(*input); - if(((*input)[len - 1] != '/')) { - struct dynbuf dyn; - curlx_dyn_init(&dyn, len + 2); - - if(curlx_dyn_addn(&dyn, *input, len)) { - tool_safefree(*input); - return CURLE_OUT_OF_MEMORY; - } - - tool_safefree(*input); - - if(curlx_dyn_addn(&dyn, "/", 1)) - return CURLE_OUT_OF_MEMORY; - - *input = curlx_dyn_ptr(&dyn); - } - } - - return CURLE_OK; + size_t len = strlen(input); + return (len && input[len - 1] == '/'); } static char *ipfs_gateway(void) { - char *ipfs_path = NULL; - char *gateway_composed_file_path = NULL; - FILE *gateway_file = NULL; - char *gateway = curl_getenv("IPFS_GATEWAY"); + char *ipfs_path_c = NULL; + char *gateway_composed_c = NULL; + FILE *gfile = NULL; + char *gateway_env = getenv("IPFS_GATEWAY"); - /* Gateway is found from environment variable. */ - if(gateway) { - if(ensure_trailing_slash(&gateway)) - goto fail; - return gateway; - } + if(gateway_env) + return strdup(gateway_env); /* Try to find the gateway in the IPFS data folder. */ - ipfs_path = curl_getenv("IPFS_PATH"); + ipfs_path_c = curl_getenv("IPFS_PATH"); - if(!ipfs_path) { + if(!ipfs_path_c) { char *home = getenv("HOME"); - if(home && *home) - ipfs_path = curl_maprintf("%s/.ipfs/", home); /* fallback to "~/.ipfs", as that is the default location. */ + if(home && *home) + ipfs_path_c = curl_maprintf("%s/.ipfs/", home); + if(!ipfs_path_c) + goto fail; } - if(!ipfs_path || ensure_trailing_slash(&ipfs_path)) + gateway_composed_c = + curl_maprintf("%s%sgateway", ipfs_path_c, + has_trailing_slash(ipfs_path_c) ? "" : "/"); + + if(!gateway_composed_c) goto fail; - gateway_composed_file_path = curl_maprintf("%sgateway", ipfs_path); + gfile = curlx_fopen(gateway_composed_c, FOPEN_READTEXT); + curl_free(gateway_composed_c); - if(!gateway_composed_file_path) - goto fail; - - gateway_file = curlx_fopen(gateway_composed_file_path, FOPEN_READTEXT); - tool_safefree(gateway_composed_file_path); - - if(gateway_file) { + if(gfile) { int c; struct dynbuf dyn; + char *gateway = NULL; curlx_dyn_init(&dyn, MAX_GATEWAY_URL_LEN); /* get the first line of the gateway file, ignore the rest */ - while((c = getc(gateway_file)) != EOF && c != '\n' && c != '\r') { + while((c = getc(gfile)) != EOF && c != '\n' && c != '\r') { char c_char = (char)c; if(curlx_dyn_addn(&dyn, &c_char, 1)) goto fail; } - curlx_fclose(gateway_file); - gateway_file = NULL; - if(curlx_dyn_len(&dyn)) gateway = curlx_dyn_ptr(&dyn); - if(gateway) - ensure_trailing_slash(&gateway); - - if(!gateway) - goto fail; - - tool_safefree(ipfs_path); + curl_free(ipfs_path_c); + curlx_fclose(gfile); return gateway; } fail: - if(gateway_file) - curlx_fclose(gateway_file); - tool_safefree(gateway); - tool_safefree(ipfs_path); + if(gfile) + curlx_fclose(gfile); + curl_free(ipfs_path_c); return NULL; } @@ -161,20 +131,13 @@ CURLcode ipfs_url_rewrite(CURLU *uh, const char *protocol, char **url, * if we do have something but if it is an invalid url. */ if(config->ipfs_gateway) { - /* ensure the gateway ends in a trailing / */ - if(ensure_trailing_slash(&config->ipfs_gateway) != CURLE_OK) { - result = CURLE_OUT_OF_MEMORY; - goto clean; - } - if(!curl_url_set(gatewayurl, CURLUPART_URL, config->ipfs_gateway, - CURLU_GUESS_SCHEME)) { + CURLU_GUESS_SCHEME)) { gateway = strdup(config->ipfs_gateway); if(!gateway) { result = CURLE_URL_MALFORMAT; goto clean; } - } else { result = CURLE_BAD_FUNCTION_ARGUMENT; @@ -182,7 +145,6 @@ CURLcode ipfs_url_rewrite(CURLU *uh, const char *protocol, char **url, } } else { - /* this is ensured to end in a trailing / within ipfs_gateway() */ gateway = ipfs_gateway(); if(!gateway) { result = CURLE_FILE_COULDNT_READ_FILE; @@ -230,10 +192,10 @@ CURLcode ipfs_url_rewrite(CURLU *uh, const char *protocol, char **url, if(inputpath && (inputpath[0] == '/') && !inputpath[1]) *inputpath = '\0'; - /* ensure the gateway path ends with a trailing slash */ - ensure_trailing_slash(&gwpath); - pathbuffer = curl_maprintf("%s%s/%s%s", gwpath, protocol, cid, + pathbuffer = curl_maprintf("%s%s%s/%s%s", gwpath, + has_trailing_slash(gwpath) ? "" : "/", + protocol, cid, inputpath ? inputpath : ""); if(!pathbuffer) { goto clean; From fbff1d5b9071283024253ddf48e81547f6474394 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 17 Oct 2025 14:27:58 +0200 Subject: [PATCH 0480/2408] openssl: avoid overwriting 'result' after error Follow-up to eefd03c572996e5de4dec4fe295ad6f Pointed out by ZeroPath https://zeropath.com/ Closes #19099 --- lib/vtls/openssl.c | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index d51022b664..43fa417a35 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -5106,12 +5106,6 @@ static CURLcode ossl_apple_verify(struct Curl_cfilter *cf, { struct ssl_primary_config *conn_config = Curl_ssl_cf_get_primary_config(cf); struct ossl_certs_ctx chain; - long ocsp_len = 0; -#ifdef HAVE_BORINGSSL_LIKE - const uint8_t *ocsp_data = NULL; -#else - unsigned char *ocsp_data = NULL; -#endif CURLcode result; memset(&chain, 0, sizeof(chain)); @@ -5123,13 +5117,20 @@ static CURLcode ossl_apple_verify(struct Curl_cfilter *cf, failf(data, "SSL: could not get peer certificate"); result = CURLE_PEER_FAILED_VERIFICATION; } + else { +#ifdef HAVE_BORINGSSL_LIKE + const uint8_t *ocsp_data = NULL; +#else + unsigned char *ocsp_data = NULL; +#endif + long ocsp_len = 0; + if(conn_config->verifystatus && !octx->reused_session) + ocsp_len = (long)SSL_get_tlsext_status_ocsp_resp(octx->ssl, &ocsp_data); - if(conn_config->verifystatus && !octx->reused_session) - ocsp_len = (long)SSL_get_tlsext_status_ocsp_resp(octx->ssl, &ocsp_data); - - result = Curl_vtls_apple_verify(cf, data, peer, chain.num_certs, - ossl_chain_get_der, &chain, - ocsp_data, ocsp_len); + result = Curl_vtls_apple_verify(cf, data, peer, chain.num_certs, + ossl_chain_get_der, &chain, + ocsp_data, ocsp_len); + } *pverified = !result; return result; } From c0564ceb3a51feb0f5c5236809aa8420644b1fc7 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 17 Oct 2025 13:23:46 +0200 Subject: [PATCH 0481/2408] cf-socket: if FD_CLOEXEC fails on accepted socket, cleanup Follow-up to 9d7b532404181568de1611084bd9f Pointed out by ZeroPath Closes #19098 --- lib/cf-socket.c | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/cf-socket.c b/lib/cf-socket.c index 758641e40d..40df786baf 100644 --- a/lib/cf-socket.c +++ b/lib/cf-socket.c @@ -2138,6 +2138,7 @@ static CURLcode cf_tcp_accept_connect(struct Curl_cfilter *cf, (curlx_nonblock(s_accepted, TRUE) < 0)) { failf(data, "fcntl set CLOEXEC/NONBLOCK: %s", curlx_strerror(SOCKERRNO, errbuf, sizeof(errbuf))); + Curl_socket_close(data, cf->conn, s_accepted); return CURLE_FTP_ACCEPT_FAILED; } #endif From 4fb12f289189e8113967e9c9da09958fd8bfa4cb Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 17 Oct 2025 14:41:08 +0200 Subject: [PATCH 0482/2408] mime: fix use of fseek() Avoid the possible 64-bit offset truncation when used on systems with small 'long', like Windows. bonus: make mime_open_file() return bool Pointed out by ZeroPath Closes #19100 --- lib/formdata.c | 16 +--------------- lib/mime.c | 21 +++++++++++++++++---- lib/mime.h | 1 + 3 files changed, 19 insertions(+), 19 deletions(-) diff --git a/lib/formdata.c b/lib/formdata.c index a98384c18a..382fd221dc 100644 --- a/lib/formdata.c +++ b/lib/formdata.c @@ -771,20 +771,6 @@ static CURLcode setname(curl_mimepart *part, const char *name, size_t len) return res; } -/* wrap call to fseeko so it matches the calling convention of callback */ -static int fseeko_wrapper(void *stream, curl_off_t offset, int whence) -{ -#if defined(_WIN32) && defined(USE_WIN32_LARGE_FILES) - return _fseeki64(stream, (__int64)offset, whence); -#elif defined(HAVE_FSEEKO) && defined(HAVE_DECL_FSEEKO) - return fseeko(stream, (off_t)offset, whence); -#else - if(offset > LONG_MAX) - return -1; - return fseek(stream, (long)offset, whence); -#endif -} - /* * Curl_getformdata() converts a linked list of "meta data" into a mime * structure. The input list is in 'post', while the output is stored in @@ -874,7 +860,7 @@ CURLcode Curl_getformdata(CURL *data, #endif result = curl_mime_data_cb(part, (curl_off_t) -1, (curl_read_callback) fread, - fseeko_wrapper, + Curl_fseeko, NULL, (void *) stdin); #if defined(__clang__) && __clang_major__ >= 16 #pragma clang diagnostic pop diff --git a/lib/mime.c b/lib/mime.c index b403d29b1f..baca30049f 100644 --- a/lib/mime.c +++ b/lib/mime.c @@ -271,6 +271,19 @@ static char *Curl_basename(char *path) #define basename(x) Curl_basename((x)) #endif +int Curl_fseeko(void *stream, curl_off_t offset, int whence) +{ +#if defined(_WIN32) && defined(USE_WIN32_LARGE_FILES) + return _fseeki64(stream, (__int64)offset, whence); +#elif defined(HAVE_FSEEKO) && defined(HAVE_DECL_FSEEKO) + return fseeko(stream, (off_t)offset, whence); +#else + if(offset > LONG_MAX) + return -1; + return fseek(stream, (long)offset, whence); +#endif +} + /* Set readback state. */ static void mimesetstate(struct mime_state *state, @@ -703,14 +716,14 @@ static void mime_mem_free(void *ptr) /* Named file callbacks. */ /* Argument is a pointer to the mime part. */ -static int mime_open_file(curl_mimepart *part) +static bool mime_open_file(curl_mimepart *part) { /* Open a MIMEKIND_FILE part. */ if(part->fp) - return 0; + return FALSE; part->fp = fopen_read(part->data, "rb"); - return part->fp ? 0 : -1; + return part->fp ? FALSE : TRUE; } static size_t mime_file_read(char *buffer, size_t size, size_t nitems, @@ -737,7 +750,7 @@ static int mime_file_seek(void *instream, curl_off_t offset, int whence) if(mime_open_file(part)) return CURL_SEEKFUNC_FAIL; - return fseek(part->fp, (long) offset, whence) ? + return Curl_fseeko(part->fp, offset, whence) ? CURL_SEEKFUNC_CANTSEEK : CURL_SEEKFUNC_OK; } diff --git a/lib/mime.h b/lib/mime.h index 5073a38f70..dc6f0d4af1 100644 --- a/lib/mime.h +++ b/lib/mime.h @@ -138,6 +138,7 @@ CURLcode Curl_mime_add_header(struct curl_slist **slp, const char *fmt, ...) !defined(CURL_DISABLE_IMAP)) /* Prototypes. */ +int Curl_fseeko(void *stream, curl_off_t offset, int whence); void Curl_mime_initpart(struct curl_mimepart *part); void Curl_mime_cleanpart(struct curl_mimepart *part); CURLcode Curl_mime_duppart(struct Curl_easy *data, From 74147acd175d0faf7e1a8f04c905351fd43aad12 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 16 Oct 2025 18:19:42 +0000 Subject: [PATCH 0483/2408] GHA: update dependency ruff to v0.14.1 Closes #19085 --- .github/scripts/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/scripts/requirements.txt b/.github/scripts/requirements.txt index 4533b2cfd7..564c3605ad 100644 --- a/.github/scripts/requirements.txt +++ b/.github/scripts/requirements.txt @@ -6,4 +6,4 @@ cmakelang==0.6.13 codespell==2.4.1 pytype==2024.10.11 reuse==6.1.2 -ruff==0.14.0 +ruff==0.14.1 From 14e4d9c3c7fad13611a608fe2f9c4ed4139130e7 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 17 Oct 2025 15:52:15 +0200 Subject: [PATCH 0484/2408] setopt: fix unused variable warning in minimal build Found via: #17961 Closes #19102 --- lib/setopt.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/lib/setopt.c b/lib/setopt.c index 7097c7f7b0..3c3adb06a9 100644 --- a/lib/setopt.c +++ b/lib/setopt.c @@ -870,7 +870,12 @@ static CURLcode value_range(long *value, long below_error, long min, long max) static CURLcode setopt_long(struct Curl_easy *data, CURLoption option, long arg) { +#if !defined(CURL_DISABLE_PROXY) || \ + !defined(CURL_DISABLE_HTTP) || \ + defined(HAVE_GSSAPI) || \ + defined(USE_IPV6) unsigned long uarg = (unsigned long)arg; +#endif bool set = FALSE; CURLcode result = setopt_bool(data, option, arg, &set); struct UserDefined *s = &data->set; @@ -1097,7 +1102,7 @@ static CURLcode setopt_long(struct Curl_easy *data, CURLoption option, #ifdef HAVE_GSSAPI case CURLOPT_GSSAPI_DELEGATION: - s->gssapi_delegation = (unsigned char)uarg& + s->gssapi_delegation = (unsigned char)uarg & (CURLGSSAPI_DELEGATION_POLICY_FLAG|CURLGSSAPI_DELEGATION_FLAG); break; #endif From 1d01d4975f540f3a363b38e1296aead62130fc6d Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Mon, 13 Oct 2025 11:32:17 +0200 Subject: [PATCH 0485/2408] socks_sspi: use the correct free function When freeing buffers allocated by SSPI, use its own function, not free(). Reported-by: Joshua Rogers Closes #19046 --- lib/socks_sspi.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/lib/socks_sspi.c b/lib/socks_sspi.c index 54049e8c99..1077019b11 100644 --- a/lib/socks_sspi.c +++ b/lib/socks_sspi.c @@ -590,9 +590,12 @@ error: Curl_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer); if(names.sUserName) Curl_pSecFn->FreeContextBuffer(names.sUserName); - free(sspi_w_token[0].pvBuffer); - free(sspi_w_token[1].pvBuffer); - free(sspi_w_token[2].pvBuffer); + if(sspi_w_token[0].pvBuffer) + Curl_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer); + if(sspi_w_token[1].pvBuffer) + Curl_pSecFn->FreeContextBuffer(sspi_w_token[1].pvBuffer); + if(sspi_w_token[2].pvBuffer) + Curl_pSecFn->FreeContextBuffer(sspi_w_token[2].pvBuffer); free(etbuf); return result; } From 5cefb455d47db9965aa56288533489e495a123c5 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Fri, 17 Oct 2025 13:50:49 +0200 Subject: [PATCH 0486/2408] quic: improve UDP GRO receives Closes #19101 --- lib/vquic/curl_ngtcp2.c | 41 +++++++++++++---------- lib/vquic/curl_quiche.c | 74 ++++++++++++++++++++++------------------- lib/vquic/vquic.c | 69 +++++++++++++++----------------------- lib/vquic/vquic_int.h | 11 +++--- 4 files changed, 96 insertions(+), 99 deletions(-) diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index 56ca976b9f..b395cd0827 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -1731,37 +1731,43 @@ denied: return result; } -static CURLcode recv_pkt(const unsigned char *pkt, size_t pktlen, - struct sockaddr_storage *remote_addr, - socklen_t remote_addrlen, int ecn, - void *userp) +static CURLcode cf_ngtcp2_recv_pkts(const unsigned char *buf, size_t buflen, + size_t gso_size, + struct sockaddr_storage *remote_addr, + socklen_t remote_addrlen, int ecn, + void *userp) { struct pkt_io_ctx *pktx = userp; struct cf_ngtcp2_ctx *ctx = pktx->cf->ctx; ngtcp2_pkt_info pi; ngtcp2_path path; + size_t offset, pktlen; int rv; if(ecn) - CURL_TRC_CF(pktx->data, pktx->cf, "vquic_recv(len=%zu, ecn=%x)", - pktlen, ecn); + CURL_TRC_CF(pktx->data, pktx->cf, "vquic_recv(len=%zu, gso=%zu, ecn=%x)", + buflen, gso_size, ecn); ngtcp2_addr_init(&path.local, (struct sockaddr *)&ctx->q.local_addr, (socklen_t)ctx->q.local_addrlen); ngtcp2_addr_init(&path.remote, (struct sockaddr *)remote_addr, remote_addrlen); pi.ecn = (uint8_t)ecn; - rv = ngtcp2_conn_read_pkt(ctx->qconn, &path, &pi, pkt, pktlen, pktx->ts); - if(rv) { - CURL_TRC_CF(pktx->data, pktx->cf, "ingress, read_pkt -> %s (%d)", - ngtcp2_strerror(rv), rv); - cf_ngtcp2_err_set(pktx->cf, pktx->data, rv); + for(offset = 0; offset < buflen; offset += gso_size) { + pktlen = ((offset + gso_size) <= buflen) ? gso_size : (buflen - offset); + rv = ngtcp2_conn_read_pkt(ctx->qconn, &path, &pi, + buf + offset, pktlen, pktx->ts); + if(rv) { + CURL_TRC_CF(pktx->data, pktx->cf, "ingress, read_pkt -> %s (%d)", + ngtcp2_strerror(rv), rv); + cf_ngtcp2_err_set(pktx->cf, pktx->data, rv); - if(rv == NGTCP2_ERR_CRYPTO) - /* this is a "TLS problem", but a failed certificate verification - is a common reason for this */ - return CURLE_PEER_FAILED_VERIFICATION; - return CURLE_RECV_ERROR; + if(rv == NGTCP2_ERR_CRYPTO) + /* this is a "TLS problem", but a failed certificate verification + is a common reason for this */ + return CURLE_PEER_FAILED_VERIFICATION; + return CURLE_RECV_ERROR; + } } return CURLE_OK; } @@ -1787,7 +1793,8 @@ static CURLcode cf_progress_ingress(struct Curl_cfilter *cf, if(result) return result; - return vquic_recv_packets(cf, data, &ctx->q, 1000, recv_pkt, pktx); + return vquic_recv_packets(cf, data, &ctx->q, 1000, + cf_ngtcp2_recv_pkts, pktx); } /** diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c index 55f6e79ebe..877a230e04 100644 --- a/lib/vquic/curl_quiche.c +++ b/lib/vquic/curl_quiche.c @@ -625,58 +625,63 @@ struct recv_ctx { int pkts; }; -static CURLcode recv_pkt(const unsigned char *pkt, size_t pktlen, - struct sockaddr_storage *remote_addr, - socklen_t remote_addrlen, int ecn, - void *userp) +static CURLcode cf_quiche_recv_pkts(const unsigned char *buf, size_t buflen, + size_t gso_size, + struct sockaddr_storage *remote_addr, + socklen_t remote_addrlen, int ecn, + void *userp) { struct recv_ctx *r = userp; struct cf_quiche_ctx *ctx = r->cf->ctx; quiche_recv_info recv_info; + size_t pktlen, offset; ssize_t nread; (void)ecn; - ++r->pkts; recv_info.to = (struct sockaddr *)&ctx->q.local_addr; recv_info.to_len = ctx->q.local_addrlen; recv_info.from = (struct sockaddr *)remote_addr; recv_info.from_len = remote_addrlen; - nread = quiche_conn_recv(ctx->qconn, - (unsigned char *)CURL_UNCONST(pkt), pktlen, - &recv_info); - if(nread < 0) { - if(QUICHE_ERR_DONE == nread) { - if(quiche_conn_is_draining(ctx->qconn)) { - CURL_TRC_CF(r->data, r->cf, "ingress, connection is draining"); + for(offset = 0; offset < buflen; offset += gso_size) { + pktlen = ((offset + gso_size) <= buflen) ? gso_size : (buflen - offset); + nread = quiche_conn_recv(ctx->qconn, + (unsigned char *)CURL_UNCONST(buf + offset), + pktlen, &recv_info); + if(nread < 0) { + if(QUICHE_ERR_DONE == nread) { + if(quiche_conn_is_draining(ctx->qconn)) { + CURL_TRC_CF(r->data, r->cf, "ingress, connection is draining"); + return CURLE_RECV_ERROR; + } + if(quiche_conn_is_closed(ctx->qconn)) { + CURL_TRC_CF(r->data, r->cf, "ingress, connection is closed"); + return CURLE_RECV_ERROR; + } + CURL_TRC_CF(r->data, r->cf, "ingress, quiche is DONE"); + return CURLE_OK; + } + else if(QUICHE_ERR_TLS_FAIL == nread) { + long verify_ok = SSL_get_verify_result(ctx->tls.ossl.ssl); + if(verify_ok != X509_V_OK) { + failf(r->data, "SSL certificate problem: %s", + X509_verify_cert_error_string(verify_ok)); + return CURLE_PEER_FAILED_VERIFICATION; + } + failf(r->data, "ingress, quiche reports TLS fail"); return CURLE_RECV_ERROR; } - if(quiche_conn_is_closed(ctx->qconn)) { - CURL_TRC_CF(r->data, r->cf, "ingress, connection is closed"); + else { + failf(r->data, "quiche reports error %zd on receive", nread); return CURLE_RECV_ERROR; } - CURL_TRC_CF(r->data, r->cf, "ingress, quiche is DONE"); - return CURLE_OK; } - else if(QUICHE_ERR_TLS_FAIL == nread) { - long verify_ok = SSL_get_verify_result(ctx->tls.ossl.ssl); - if(verify_ok != X509_V_OK) { - failf(r->data, "SSL certificate problem: %s", - X509_verify_cert_error_string(verify_ok)); - return CURLE_PEER_FAILED_VERIFICATION; - } - failf(r->data, "ingress, quiche reports TLS fail"); - return CURLE_RECV_ERROR; + else if((size_t)nread < pktlen) { + CURL_TRC_CF(r->data, r->cf, "ingress, quiche only read %zd/%zu bytes", + nread, pktlen); } - else { - failf(r->data, "quiche reports error %zd on receive", nread); - return CURLE_RECV_ERROR; - } - } - else if((size_t)nread < pktlen) { - CURL_TRC_CF(r->data, r->cf, "ingress, quiche only read %zd/%zu bytes", - nread, pktlen); + ++r->pkts; } return CURLE_OK; @@ -698,7 +703,8 @@ static CURLcode cf_process_ingress(struct Curl_cfilter *cf, rctx.data = data; rctx.pkts = 0; - result = vquic_recv_packets(cf, data, &ctx->q, 1000, recv_pkt, &rctx); + result = vquic_recv_packets(cf, data, &ctx->q, 1000, + cf_quiche_recv_pkts, &rctx); if(result) return result; diff --git a/lib/vquic/vquic.c b/lib/vquic/vquic.c index 30917b835a..24ba8a97e4 100644 --- a/lib/vquic/vquic.c +++ b/lib/vquic/vquic.c @@ -378,9 +378,16 @@ static CURLcode recvmmsg_packets(struct Curl_cfilter *cf, struct Curl_easy *data, struct cf_quic_ctx *qctx, size_t max_pkts, - vquic_recv_pkt_cb *recv_cb, void *userp) + vquic_recv_pkts_cb *recv_cb, void *userp) { +#if defined(__linux__) && defined(UDP_GRO) #define MMSG_NUM 16 +#define UDP_GRO_CNT_MAX 64 +#else +#define MMSG_NUM 64 +#define UDP_GRO_CNT_MAX 1 +#endif +#define MSG_BUF_SIZE (UDP_GRO_CNT_MAX * 1500) struct iovec msg_iov[MMSG_NUM]; struct mmsghdr mmsg[MMSG_NUM]; uint8_t msg_ctrl[MMSG_NUM * CMSG_SPACE(sizeof(int))]; @@ -390,17 +397,15 @@ static CURLcode recvmmsg_packets(struct Curl_cfilter *cf, char errstr[STRERROR_LEN]; CURLcode result = CURLE_OK; size_t gso_size; - size_t pktlen; - size_t offset, to; char *sockbuf = NULL; - uint8_t (*bufs)[64*1024] = NULL; + uint8_t (*bufs)[MSG_BUF_SIZE] = NULL; DEBUGASSERT(max_pkts > 0); - result = Curl_multi_xfer_sockbuf_borrow(data, MMSG_NUM * sizeof(bufs[0]), + result = Curl_multi_xfer_sockbuf_borrow(data, MMSG_NUM * MSG_BUF_SIZE, &sockbuf); if(result) goto out; - bufs = (uint8_t (*)[64*1024])sockbuf; + bufs = (uint8_t (*)[MSG_BUF_SIZE])sockbuf; total_nread = 0; while(pkts < max_pkts) { @@ -449,22 +454,12 @@ static CURLcode recvmmsg_packets(struct Curl_cfilter *cf, gso_size = mmsg[i].msg_len; } - for(offset = 0; offset < mmsg[i].msg_len; offset = to) { - ++pkts; - - to = offset + gso_size; - if(to > mmsg[i].msg_len) { - pktlen = mmsg[i].msg_len - offset; - } - else { - pktlen = gso_size; - } - - result = recv_cb(bufs[i] + offset, pktlen, mmsg[i].msg_hdr.msg_name, - mmsg[i].msg_hdr.msg_namelen, 0, userp); - if(result) - goto out; - } + result = recv_cb(bufs[i], mmsg[i].msg_len, gso_size, + mmsg[i].msg_hdr.msg_name, + mmsg[i].msg_hdr.msg_namelen, 0, userp); + if(result) + goto out; + pkts += (mmsg[i].msg_len + gso_size - 1) / gso_size; } } @@ -481,7 +476,7 @@ static CURLcode recvmsg_packets(struct Curl_cfilter *cf, struct Curl_easy *data, struct cf_quic_ctx *qctx, size_t max_pkts, - vquic_recv_pkt_cb *recv_cb, void *userp) + vquic_recv_pkts_cb *recv_cb, void *userp) { struct iovec msg_iov; struct msghdr msg; @@ -494,8 +489,6 @@ static CURLcode recvmsg_packets(struct Curl_cfilter *cf, CURLcode result = CURLE_OK; uint8_t msg_ctrl[CMSG_SPACE(sizeof(int))]; size_t gso_size; - size_t pktlen; - size_t offset, to; DEBUGASSERT(max_pkts > 0); for(pkts = 0, total_nread = 0, calls = 0; pkts < max_pkts;) { @@ -542,20 +535,10 @@ static CURLcode recvmsg_packets(struct Curl_cfilter *cf, gso_size = nread; } - for(offset = 0; offset < nread; offset = to) { - ++pkts; - - to = offset + gso_size; - if(to > nread) - pktlen = nread - offset; - else - pktlen = gso_size; - - result = - recv_cb(buf + offset, pktlen, msg.msg_name, msg.msg_namelen, 0, userp); - if(result) - goto out; - } + result = recv_cb(buf, nread, gso_size, + msg.msg_name, msg.msg_namelen, 0, userp); + if(result) + goto out; } out: @@ -570,7 +553,7 @@ static CURLcode recvfrom_packets(struct Curl_cfilter *cf, struct Curl_easy *data, struct cf_quic_ctx *qctx, size_t max_pkts, - vquic_recv_pkt_cb *recv_cb, void *userp) + vquic_recv_pkts_cb *recv_cb, void *userp) { uint8_t buf[64*1024]; int bufsize = (int)sizeof(buf); @@ -611,8 +594,8 @@ static CURLcode recvfrom_packets(struct Curl_cfilter *cf, ++pkts; ++calls; total_nread += (size_t)nread; - result = recv_cb(buf, (size_t)nread, &remote_addr, remote_addrlen, - 0, userp); + result = recv_cb(buf, (size_t)nread, (size_t)nread, + &remote_addr, remote_addrlen, 0, userp); if(result) goto out; } @@ -629,7 +612,7 @@ CURLcode vquic_recv_packets(struct Curl_cfilter *cf, struct Curl_easy *data, struct cf_quic_ctx *qctx, size_t max_pkts, - vquic_recv_pkt_cb *recv_cb, void *userp) + vquic_recv_pkts_cb *recv_cb, void *userp) { CURLcode result; #ifdef HAVE_SENDMMSG diff --git a/lib/vquic/vquic_int.h b/lib/vquic/vquic_int.h index 38189beb70..4e5959a4f8 100644 --- a/lib/vquic/vquic_int.h +++ b/lib/vquic/vquic_int.h @@ -78,16 +78,17 @@ CURLcode vquic_flush(struct Curl_cfilter *cf, struct Curl_easy *data, struct cf_quic_ctx *qctx); -typedef CURLcode vquic_recv_pkt_cb(const unsigned char *pkt, size_t pktlen, - struct sockaddr_storage *remote_addr, - socklen_t remote_addrlen, int ecn, - void *userp); +typedef CURLcode vquic_recv_pkts_cb(const unsigned char *buf, size_t buflen, + size_t gso_size, + struct sockaddr_storage *remote_addr, + socklen_t remote_addrlen, int ecn, + void *userp); CURLcode vquic_recv_packets(struct Curl_cfilter *cf, struct Curl_easy *data, struct cf_quic_ctx *qctx, size_t max_pkts, - vquic_recv_pkt_cb *recv_cb, void *userp); + vquic_recv_pkts_cb *recv_cb, void *userp); #endif /* !USE_HTTP3 */ From 373855a4da0882ccb07a1b80b3754c80acc0d502 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 17 Oct 2025 17:26:45 +0200 Subject: [PATCH 0487/2408] GHA/curl-for-win: add minimal Linux build A bit more minimal build than the one used for trurl. To stress test a build with most features disabled. Costs 40 seconds, of which 6 is the build, rest is installing tools. Ref: https://github.com/curl/curl-for-win/commit/5b385001d5f89886553cf83aa3f2f24476a865f4 Ref: https://github.com/curl/curl-for-win/commit/3ee10692c73a61522cabb3a4d2e94eb228249250 Follow-up to 5af2457848357141b3b3c67f7a45a4964ec25233 #17818 Closes #17961 --- .github/workflows/curl-for-win.yml | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/.github/workflows/curl-for-win.yml b/.github/workflows/curl-for-win.yml index 91b0382a75..a029ba8344 100644 --- a/.github/workflows/curl-for-win.yml +++ b/.github/workflows/curl-for-win.yml @@ -71,6 +71,33 @@ jobs: "${DOCKER_IMAGE_STABLE}" \ sh -c ./_ci-linux-debian.sh + linux-glibc-gcc-minimal: # use gcc to minimize installed packages + name: 'Linux gcc glibc minimal' + runs-on: ubuntu-latest + timeout-minutes: 5 + steps: + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + with: + persist-credentials: false + path: 'curl' + fetch-depth: 8 + - name: 'build' + run: | + git clone --depth 1 https://github.com/curl/curl-for-win + mv curl-for-win/* . + export CW_CONFIG='-main-werror-unitybatch-prefill-zero-osnotls-osnoidn-nohttp-nocurltool-linux-x64-gcc' + export CW_REVISION="${GITHUB_SHA}" + . ./_versions.sh + sudo podman image trust set --type reject default + sudo podman image trust set --type accept docker.io/library + time podman pull "${DOCKER_IMAGE}" + podman images --digests + time podman run --volume "$(pwd):$(pwd)" --workdir "$(pwd)" \ + --env-file <(env | grep -a -E \ + '^(CW_|GITHUB_)') \ + "${DOCKER_IMAGE}" \ + sh -c ./_ci-linux-debian.sh + linux-musl-llvm: name: 'Linux llvm MUSL (amd64, riscv64)' runs-on: ubuntu-latest From e9455ea523d91c8f6f29c3ae1f37500f0b637204 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 17 Oct 2025 17:05:08 +0200 Subject: [PATCH 0488/2408] rustls: make read_file_into not reject good files For files with sizes using an exact multiple of 256 bytes, the final successful read(s) filled the buffer(s) and the subsequent fread returned 0 for EOF, which caused read_file_into to fail. Now, it needs to return 0 and not be EOF to be an error. Follow-up to dd95a49d493d55db38b352fdbda2 Pointed out by ZeroPath Closes #19104 --- lib/vtls/rustls.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c index 38e8a697a8..ebd94213d4 100644 --- a/lib/vtls/rustls.c +++ b/lib/vtls/rustls.c @@ -404,8 +404,8 @@ read_file_into(const char *filename, for(;;) { uint8_t buf[256]; const size_t rr = fread(buf, 1, sizeof(buf), f); - if(rr == 0 || - CURLE_OK != curlx_dyn_addn(out, buf, rr)) { + if((!rr && !feof(f)) || + curlx_dyn_addn(out, buf, rr)) { curlx_fclose(f); return 0; } From 25eb34dd3e7fedb400d3e5b99920936db6711b1e Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 17 Oct 2025 16:54:57 +0200 Subject: [PATCH 0489/2408] KNOWN_BUGS: SOCKS-SSPI discards the security context Also make the verbose log say it Pointed out by ZeroPath Closes #19103 --- docs/KNOWN_BUGS | 10 ++++++++++ lib/socks_sspi.c | 2 +- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/docs/KNOWN_BUGS b/docs/KNOWN_BUGS index d4e4423094..15ca40102a 100644 --- a/docs/KNOWN_BUGS +++ b/docs/KNOWN_BUGS @@ -67,6 +67,7 @@ problems may have been fixed or changed somewhat since this was written. 10. Connection 10.1 --interface with link-scoped IPv6 address 10.2 Does not acknowledge getaddrinfo sorting policy + 10.3 SOCKS-SSPI discards the security context 11. Internals 11.1 gssapi library name + version is missing in curl_version_info() @@ -444,6 +445,15 @@ problems may have been fixed or changed somewhat since this was written. https://github.com/curl/curl/issues/16718 + +10.3 SOCKS-SSPI discards the security context + + After a successful SSPI/GSS-API exchange, the function queries and logs the + authenticated username and reports the supported data-protection level, but + then immediately deletes the negotiated SSPI security context and frees the + credentials before returning. The negotiated context is not stored on the + connection and is therefore never used to protect later SOCKS5 traffic. + 11. Internals 11.1 gssapi library name + version is missing in curl_version_info() diff --git a/lib/socks_sspi.c b/lib/socks_sspi.c index 1077019b11..d4837708a7 100644 --- a/lib/socks_sspi.c +++ b/lib/socks_sspi.c @@ -562,7 +562,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, } (void)curlx_nonblock(sock, TRUE); - infof(data, "SOCKS5 access with%s protection granted.", + infof(data, "SOCKS5 access with%s protection granted BUT NOT USED.", (socksreq[0] == 0) ? "out GSS-API data": ((socksreq[0] == 1) ? " GSS-API integrity" : " GSS-API confidentiality")); From 87b72b81829f8ef8fc0a243667cb7aea9d0c1c6e Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 14 Oct 2025 17:43:48 +0200 Subject: [PATCH 0490/2408] krb5: fix `output_token` allocators in the GSS debug stub (Windows) Before this patch system `malloc()`/`free()` were used to allocate the buffer returned in the `output_token` object from the debug stub of `gss_init_sec_context()` when enabled via `CURL_STUB_GSS_CREDS` in debug-enabled libcurl builds. This object is later released via stock `gss_release_buffer()`, which, in the Windows builds of MIT Kerberos, doesn't use the system `free()`, but the Win32 `HeapFree()`. Fix it by using the GSS alloc/free macros: `gssalloc_malloc()` and `gssalloc_free()` from `gssapi_alloc.h`. To make this work without MIT Kerberos feature detection, use a canary macro to detect a version which installs `gssapi_alloc.h` for Windows. For <1.15 (2016-11-30) releases, that do not install it, disable the GSS debug stub in libcurl. Strictly speaking, non-Windows builds would also need to use GSS allocators, but, detecting support for `gssapi_alloc.h` is impossible without build-level logic. Built-level logic is complex and overkill, and MIT Kerberos, as of 1.22.1, uses standard malloc/free on non-Windows platforms anyway. (except in GSS debug builds.) Follow-up to 73840836a51c443e6b5d385014ce1c8f5be3e02b #17752 Closes #19064 --- lib/curl_gssapi.c | 44 ++++++++++++++++++++++++++++++++------------ 1 file changed, 32 insertions(+), 12 deletions(-) diff --git a/lib/curl_gssapi.c b/lib/curl_gssapi.c index 42ccaa3e29..74128559c1 100644 --- a/lib/curl_gssapi.c +++ b/lib/curl_gssapi.c @@ -29,6 +29,28 @@ #include "curl_gssapi.h" #include "sendf.h" +#ifdef DEBUGBUILD +#if defined(HAVE_GSSGNU) || !defined(_WIN32) +/* To avoid memdebug macro replacement, wrap the name in parentheses to call + the original version. It is freed via the GSS API gss_release_buffer(). */ +#define Curl_gss_alloc (malloc) +#define Curl_gss_free (free) +#define CURL_GSS_STUB +/* For correctness this would be required for all platforms, not only Windows, + but, as of v1.22.1, MIT Kerberos uses a special allocator only for Windows, + and the availability of 'gssapi/gssapi_alloc.h' is difficult to detect, + because GSS headers are not versioned, and there is also no other macro to + indicate 1.18+ vs. previous versions. On Windows we can use 'GSS_S_BAD_MIC'. + */ +#elif defined(_WIN32) && defined(GSS_S_BAD_MIC) /* MIT Kerberos 1.15+ */ +/* MIT Kerberos 1.10+ (Windows), 1.18+ (all platforms), missing from GNU GSS */ +#include +#define Curl_gss_alloc gssalloc_malloc +#define Curl_gss_free gssalloc_free +#define CURL_GSS_STUB +#endif +#endif /* DEBUGBUILD */ + /* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -51,7 +73,7 @@ gss_OID_desc Curl_krb5_mech_oid CURL_ALIGN8 = { 9, CURL_UNCONST("\x2a\x86\x48\x86\xf7\x12\x01\x02\x02") }; -#ifdef DEBUGBUILD +#ifdef CURL_GSS_STUB enum min_err_code { STUB_GSS_OK = 0, STUB_GSS_NO_MEMORY, @@ -212,9 +234,7 @@ stub_gss_init_sec_context(OM_uint32 *min, ctx->flags = req_flags; } - /* To avoid memdebug macro replacement, wrap the name in parentheses to call - the original version. It is freed via the GSS API gss_release_buffer(). */ - token = (malloc)(length); + token = Curl_gss_alloc(length); if(!token) { free(ctx); *min = STUB_GSS_NO_MEMORY; @@ -229,14 +249,14 @@ stub_gss_init_sec_context(OM_uint32 *min, major_status = gss_display_name(&minor_status, target_name, &target_desc, &name_type); if(GSS_ERROR(major_status)) { - (free)(token); + Curl_gss_free(token); free(ctx); *min = STUB_GSS_NO_MEMORY; return GSS_S_FAILURE; } if(strlen(creds) + target_desc.length + 5 >= sizeof(ctx->creds)) { - (free)(token); + Curl_gss_free(token); free(ctx); *min = STUB_GSS_NO_MEMORY; return GSS_S_FAILURE; @@ -252,7 +272,7 @@ stub_gss_init_sec_context(OM_uint32 *min, } if(used >= length) { - (free)(token); + Curl_gss_free(token); free(ctx); *min = STUB_GSS_NO_MEMORY; return GSS_S_FAILURE; @@ -294,7 +314,7 @@ stub_gss_delete_sec_context(OM_uint32 *min, return GSS_S_COMPLETE; } -#endif /* DEBUGBUILD */ +#endif /* CURL_GSS_STUB */ OM_uint32 Curl_gss_init_sec_context(struct Curl_easy *data, OM_uint32 *minor_status, @@ -324,7 +344,7 @@ OM_uint32 Curl_gss_init_sec_context(struct Curl_easy *data, if(data->set.gssapi_delegation & CURLGSSAPI_DELEGATION_FLAG) req_flags |= GSS_C_DELEG_FLAG; -#ifdef DEBUGBUILD +#ifdef CURL_GSS_STUB if(getenv("CURL_STUB_GSS_CREDS")) return stub_gss_init_sec_context(minor_status, GSS_C_NO_CREDENTIAL, /* cred_handle */ @@ -339,7 +359,7 @@ OM_uint32 Curl_gss_init_sec_context(struct Curl_easy *data, output_token, ret_flags, NULL /* time_rec */); -#endif /* DEBUGBUILD */ +#endif /* CURL_GSS_STUB */ return gss_init_sec_context(minor_status, GSS_C_NO_CREDENTIAL, /* cred_handle */ @@ -360,12 +380,12 @@ OM_uint32 Curl_gss_delete_sec_context(OM_uint32 *min, gss_ctx_id_t *context, gss_buffer_t output_token) { -#ifdef DEBUGBUILD +#ifdef CURL_GSS_STUB if(getenv("CURL_STUB_GSS_CREDS")) return stub_gss_delete_sec_context(min, (struct stub_gss_ctx_id_t_desc **)context, output_token); -#endif /* DEBUGBUILD */ +#endif /* CURL_GSS_STUB */ return gss_delete_sec_context(min, context, output_token); } From 480ff0cf584413814955a45da84957f37ba02d1a Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 17 Oct 2025 18:23:11 +0200 Subject: [PATCH 0491/2408] INSTALL: update the list of known operating systems curl has run on Closes #19106 --- docs/INSTALL.md | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/docs/INSTALL.md b/docs/INSTALL.md index 453071afd5..0fe724390c 100644 --- a/docs/INSTALL.md +++ b/docs/INSTALL.md @@ -650,22 +650,22 @@ This is a probably incomplete list of known CPU architectures and operating systems that curl has been compiled for. If you know a system curl compiles and runs on, that is not listed, please let us know. -## 104 Operating Systems +## 108 Operating Systems - AIX, AmigaOS, Android, ArcoOS, Aros, Atari FreeMiNT, BeOS, Blackberry - 10, Blackberry Tablet OS, Cell OS, CheriBSD, Chrome OS, Cisco IOS, + AIX, AmigaOS, Android, ArcaOS, Aros, Atari FreeMiNT, BeOS, Blackberry 10, + Blackberry Tablet OS, Cell OS, Cesium, CheriBSD, Chrome OS, Cisco IOS, DG/UX, DR DOS, Dragonfly BSD, eCOS, FreeBSD, FreeDOS, FreeRTOS, Fuchsia, Garmin OS, Genode, Haiku, HardenedBSD, HP-UX, Hurd, IBM I, illumos, - Integrity, iOS, ipadOS, IRIX, Linux, Lua RTOS, Mac OS 9, macOS, Maemo, - Mbed, Meego, Micrium, MINIX, Minoca, Moblin, MorphOS, MPE/iX, MS-DOS, - NCR MP-RAS, NetBSD, Netware, NextStep, Nintendo 3DS Nintendo Switch, - NonStop OS, NuttX, OpenBSD, OpenStep, Orbis OS, OS/2, OS21, Plan 9, - PlayStation Portable, QNX, Qubes OS, ReactOS, Redox, RISC OS, ROS, - RTEMS, Sailfish OS, SCO Unix, Serenity, SINIX-Z, SkyOS, software, - Solaris, Sortix, SunOS, Syllable OS, Symbian, Tizen, TPF, Tru64, tvOS, - ucLinux, Ultrix, UNICOS, UnixWare, VMS, vxWorks, watchOS, Wear OS, - WebOS, Wii system Wii U, Windows CE, Windows, Xbox System, Xenix, z/OS, - z/TPF, z/VM, z/VSE, Zephyr + Integrity, iOS, ipadOS, IRIX, KasperskyOS, Linux, Lua RTOS, Mac OS 9, + macOS, Maemo, Mbed, Meego, Micrium, MINIX, Minoca, Moblin, MorphOS, + MPE/iX, MS-DOS, NCR MP-RAS, NetBSD, Netware, NextStep, Nintendo 3DS, + Nintendo Switch, NonStop OS, NuttX, OpenBSD, OpenStep, Orbis OS, OS/2, + OS21, PikeOS, Plan 9, PlayStation Portable, QNX, Qubes OS, ReactOS, Redox, + RISC OS, ROS, RTEMS, Sailfish OS, SCO Unix, Serenity, SINIX-Z, SkyOS, + SmartOS, Solaris, Sortix, SunOS, Syllable OS, Symbian, Tizen, TPF, Tru64, + tvOS, ucLinux, Ultrix, UNICOS, UnixWare, visionOS, VMS, vxWorks, watchOS, + Wear OS, WebOS, Wii System Software, Wii U, Windows, Windows CE, + Xbox System, Xenix, z/OS, z/TPF, z/VM, z/VSE, Zephyr ## 28 CPU Architectures From d6c39cd2cb3a182f93f94cbff180dc29bfee461c Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 17 Oct 2025 17:55:15 +0200 Subject: [PATCH 0492/2408] curl.h: remove incorrect comment about CURLOPT_PINNEDPUBLICKEY Bug: https://curl.se/mail/lib-2025-10/0018.html Reported-by: curl.stunt430 Closes #19105 --- include/curl/curl.h | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/include/curl/curl.h b/include/curl/curl.h index 49552558dd..917b101420 100644 --- a/include/curl/curl.h +++ b/include/curl/curl.h @@ -1953,8 +1953,7 @@ typedef enum { /* Pass in a bitmask of "header options" */ CURLOPT(CURLOPT_HEADEROPT, CURLOPTTYPE_VALUES, 229), - /* The public key in DER form used to validate the peer public key - this option is used only if SSL_VERIFYPEER is true */ + /* The public key used to validate the peer public key */ CURLOPT(CURLOPT_PINNEDPUBLICKEY, CURLOPTTYPE_STRINGPOINT, 230), /* Path to Unix domain socket */ From e29706d6e24f7327d3b3393b1f93b06aef642e7b Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 17 Oct 2025 22:47:28 +0200 Subject: [PATCH 0493/2408] mbedtls: move the crypto init into the vtls init function Follow-up to 3a305831d1a9d10b2bfd4fa3939 Closes #19108 --- lib/easy.c | 29 ----------------------------- lib/vtls/mbedtls.c | 5 +++++ 2 files changed, 5 insertions(+), 29 deletions(-) diff --git a/lib/easy.c b/lib/easy.c index f12a8b143f..793a18f33e 100644 --- a/lib/easy.c +++ b/lib/easy.c @@ -80,10 +80,6 @@ #include "easy_lock.h" -#ifdef USE_MBEDTLS -#include -#endif - /* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" @@ -141,24 +137,6 @@ curl_calloc_callback Curl_ccalloc = (curl_calloc_callback)calloc; static char *leakpointer; #endif -static CURLcode crypto_init(void) -{ -#ifdef USE_MBEDTLS - psa_status_t status; - status = psa_crypto_init(); - if(status != PSA_SUCCESS) - return CURLE_FAILED_INIT; -#endif - return CURLE_OK; -} - -static void crypto_cleanup(void) -{ -#ifdef USE_MBEDTLS - mbedtls_psa_crypto_free(); -#endif -} - /** * curl_global_init() globally initializes curl given a bitwise set of the * different features of what to initialize. @@ -182,11 +160,6 @@ static CURLcode global_init(long flags, bool memoryfuncs) goto fail; } - if(crypto_init()) { - DEBUGF(curl_mfprintf(stderr, "Error: crypto_init failed\n")); - goto fail; - } - if(!Curl_ssl_init()) { DEBUGF(curl_mfprintf(stderr, "Error: Curl_ssl_init failed\n")); goto fail; @@ -325,8 +298,6 @@ void curl_global_cleanup(void) Curl_ssh_cleanup(); - crypto_cleanup(); - #ifdef DEBUGBUILD free(leakpointer); #endif diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c index ebb8a4abc0..5ee0c814fd 100644 --- a/lib/vtls/mbedtls.c +++ b/lib/vtls/mbedtls.c @@ -1449,6 +1449,10 @@ static CURLcode mbedtls_connect(struct Curl_cfilter *cf, */ static int mbedtls_init(void) { + psa_status_t status; + status = psa_crypto_init(); + if(status != PSA_SUCCESS) + return 0; if(!Curl_mbedtlsthreadlock_thread_setup()) return 0; #if defined(CURL_MBEDTLS_DRBG) && defined(HAS_THREADING_SUPPORT) @@ -1463,6 +1467,7 @@ static void mbedtls_cleanup(void) entropy_cleanup_mutex(&ts_entropy); #endif (void)Curl_mbedtlsthreadlock_thread_cleanup(); + mbedtls_psa_crypto_free(); } static bool mbedtls_data_pending(struct Curl_cfilter *cf, From c921f6d05271e83c62ee6b2e142d76198900c4a4 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 17 Oct 2025 23:14:37 +0200 Subject: [PATCH 0494/2408] wolfssl: fix resource leak in verify_pinned error paths Pointed out by ZeroPath Closes #19110 --- lib/vtls/wolfssl.c | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c index d4a0e066fa..d2bb3eb49e 100644 --- a/lib/vtls/wolfssl.c +++ b/lib/vtls/wolfssl.c @@ -1546,6 +1546,8 @@ CURLcode Curl_wssl_verify_pinned(struct Curl_cfilter *cf, struct Curl_easy *data, struct wssl_ctx *wssl) { + WOLFSSL_X509 *x509 = NULL; + CURLcode result = CURLE_OK; #ifndef CURL_DISABLE_PROXY const char * const pinnedpubkey = Curl_ssl_cf_is_proxy(cf) ? data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] : @@ -1557,50 +1559,48 @@ CURLcode Curl_wssl_verify_pinned(struct Curl_cfilter *cf, if(pinnedpubkey) { #ifdef KEEP_PEER_CERT - WOLFSSL_X509 *x509; const char *x509_der; int x509_der_len; struct Curl_X509certificate x509_parsed; struct Curl_asn1Element *pubkey; - CURLcode result; + + result = CURLE_SSL_PINNEDPUBKEYNOTMATCH; x509 = wolfSSL_get_peer_certificate(wssl->ssl); if(!x509) { failf(data, "SSL: failed retrieving server certificate"); - return CURLE_SSL_PINNEDPUBKEYNOTMATCH; + goto end; } x509_der = (const char *)wolfSSL_X509_get_der(x509, &x509_der_len); if(!x509_der) { failf(data, "SSL: failed retrieving ASN.1 server certificate"); - return CURLE_SSL_PINNEDPUBKEYNOTMATCH; + goto end; } memset(&x509_parsed, 0, sizeof(x509_parsed)); if(Curl_parseX509(&x509_parsed, x509_der, x509_der + x509_der_len)) - return CURLE_SSL_PINNEDPUBKEYNOTMATCH; + goto end; pubkey = &x509_parsed.subjectPublicKeyInfo; if(!pubkey->header || pubkey->end <= pubkey->header) { failf(data, "SSL: failed retrieving public key from server certificate"); - return CURLE_SSL_PINNEDPUBKEYNOTMATCH; + goto end; } - result = Curl_pin_peer_pubkey(data, - pinnedpubkey, + result = Curl_pin_peer_pubkey(data, pinnedpubkey, (const unsigned char *)pubkey->header, (size_t)(pubkey->end - pubkey->header)); - wolfSSL_FreeX509(x509); - if(result) { + if(result) failf(data, "SSL: public key does not match pinned public key"); - return result; - } #else failf(data, "Library lacks pinning support built-in"); return CURLE_NOT_BUILT_IN; #endif } - return CURLE_OK; +end: + wolfSSL_FreeX509(x509); + return result; } #ifdef WOLFSSL_EARLY_DATA From 3087511b0fb11ce9199aca0e7fe77ca3403b25b3 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 17 Oct 2025 23:39:16 +0200 Subject: [PATCH 0495/2408] RELEASE-NOTES: synced --- RELEASE-NOTES | 110 +++++++++++++++++++++++++++++++++++--------------- 1 file changed, 77 insertions(+), 33 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 0930a2719e..740cfc9df2 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -4,7 +4,7 @@ curl and libcurl 8.17.0 Command line options: 273 curl_easy_setopt() options: 308 Public functions in libcurl: 100 - Contributors: 3519 + Contributors: 3520 This release includes the following changes: @@ -28,17 +28,18 @@ This release includes the following bugfixes: o asyn-thrdd resolver: clear timeout when done [97] o asyn-thrdd: drop pthread_cancel [30] o autotools: add support for libgsasl auto-detection via pkg-config [112] - o autotools: capitalize 'Rustls' in the log output [106] - o autotools: fix duplicate `UNIX` and `BSD` flags in `buildinfo.txt` [113] - o autotools: fix silly mistake in clang detection for `buildinfo.txt` [114] - o autotools: make `--enable-code-coverage` support llvm/clang [79] + o autotools: capitalize Rustls in the log output [106] + o autotools: drop detection of ancient OpenSSL libs RSAglue and rsaref [354] + o autotools: fix duplicate UNIX and BSD flags in buildinfo.txt [113] + o autotools: fix silly mistake in clang detection for buildinfo.txt [114] + o autotools: make --enable-code-coverage support llvm/clang [79] o aws-lc: re-enable large read-ahead with v1.61.0 again [16] o base64: accept zero length argument to base64_encode [82] - o build: address some `-Weverything` warnings, update picky warnings [74] - o build: avoid overriding system `open` and `stat` symbols [141] + o build: address some -Weverything warnings, update picky warnings [74] + o build: avoid overriding system open and stat symbols [141] o build: avoid overriding system symbols for fopen functions [150] o build: avoid overriding system symbols for socket functions [68] - o build: show llvm/clang in platform flags and `buildinfo.txt` [126] + o build: show llvm/clang in platform flags and buildinfo.txt [126] o c-ares: when resolving failed, persist error [270] o cf-h2-proxy: break loop on edge case [140] o cf-ip-happy: mention unix domain path, not port number [161] @@ -49,27 +50,27 @@ This release includes the following bugfixes: o cf-socket: use the right byte order for ports in bindlocal [61] o cfilter: unlink and discard [46] o checksrc: allow disabling warnings on FIXME/TODO comments [324] - o checksrc: catch banned functions when preceded by `(` [146] - o checksrc: fix possible endless loop when detecting `BANNEDFUNC` [149] - o checksrc: fix possible endless loops/errors in the banned function logic [220] - o checksrc: fix to handle `)` predecing a banned function [229] + o checksrc: catch banned functions when preceded by ( [146] + o checksrc: fix possible endless loop when detecting BANNEDFUNC [149] + o checksrc: fix possible endless loops in the banned function logic [220] + o checksrc: fix to handle ) predecing a banned function [229] o checksrc: reduce directory-specific exceptions [228] o CI.md: refresh [280] o cmake/FindGSS: dedupe pkg-config module strings [277] o cmake/FindGSS: drop wrong header check for GNU GSS [278] - o cmake/FindGSS: fix `pkg-config` fallback logic for CMake <3.16 [189] + o cmake/FindGSS: fix pkg-config fallback logic for CMake <3.16 [189] o cmake/FindGSS: simplify/de-dupe lib setup [253] o cmake/FindGSS: whitespace/formatting [268] - o cmake: add `CURL_CODE_COVERAGE` option [78] + o cmake: add CURL_CODE_COVERAGE option [78] o cmake: build the "all" examples source list dynamically [245] o cmake: clang detection tidy-ups [116] o cmake: drop exclamation in comment looking like a name [160] - o cmake: fix building docs when the base directory contains `.3` [18] + o cmake: fix building docs when the base directory contains .3 [18] o cmake: minor Heimdal flavour detection fix [269] o cmake: pre-fill three more type sizes on Windows [244] o cmake: support building some complicated examples, build them in CI [235] - o cmake: use modern alternatives for `get_filename_component()` [102] - o cmake: use more `COMPILER_OPTIONS`, `LINK_OPTIONS` / `LINK_FLAGS` [152] + o cmake: use modern alternatives for get_filename_component() [102] + o cmake: use more COMPILER_OPTIONS, LINK_OPTIONS / LINK_FLAGS [152] o cmdline-docs: extended, clarified, refreshed [28] o cmdline-opts/_PROGRESS.md: explain the suffixes [154] o configure: add "-mt" for pthread support on HP-UX [52] @@ -77,8 +78,9 @@ This release includes the following bugfixes: o connect: remove redundant condition in shutdown start [289] o cookie: avoid saving a cookie file if no transfer was done [11] o cpool: make bundle->dest an array; fix UB [218] + o curl.h: remove incorrect comment about CURLOPT_PINNEDPUBLICKEY [320] o curl_easy_getinfo: error code on NULL arg [2] - o curl_mem_undef.h: limit to `CURLDEBUG` for non-memalloc overrides [19] + o curl_mem_undef.h: limit to CURLDEBUG for non-memalloc overrides [19] o curl_osslq: error out properly if BIO_ADDR_rawmake() fails [184] o Curl_resolv: fix comment. 'entry' argument is not optional [187] o curl_slist_append.md: clarify that a NULL pointer is not acceptable [72] @@ -90,7 +92,7 @@ This release includes the following bugfixes: o CURLOPT_SSL_VERIFYHOST.md: add see-also to two other VERIFYHOST options [32] o CURLOPT_TIMECONDITION.md: works for FILE and FTP as well [27] o digest_sspi: fix two memory leaks in error branches [77] - o dist: do not distribute `CI.md` [29] + o dist: do not distribute CI.md [29] o docs/cmdline-opts: drop double quotes from GLOBBING and URL examples [238] o docs/libcurl: clarify some timeout option behavior [15] o docs/libcurl: remove ancient version references [7] @@ -104,15 +106,17 @@ This release includes the following bugfixes: o examples/synctime: fix null termination assumptions [297] o examples/synctime: make the sscanf not overflow the local buffer [252] o examples/usercertinmem: avoid stripping const [247] - o examples: call `curl_global_cleanup()` where missing [323] + o examples/websocket: fix use of uninitialized rlen [346] + o examples: call curl_global_cleanup() where missing [323] o examples: check more errors, fix cleanups, scope variables [318] - o examples: drop unused `curl/mprintf.h` includes [224] + o examples: drop unused curl/mprintf.h includes [224] o examples: fix build issues in 'complicated' examples [243] o examples: fix two build issues surfaced with WinCE [223] o examples: fix two issues found by CodeQL [35] - o examples: fix two more cases of `stat()` TOCTOU [147] + o examples: fix two more cases of stat() TOCTOU [147] o examples: improve global init, error checks and returning errors [321] - o examples: return `curl_easy_perform()` results [322] + o examples: return curl_easy_perform() results [322] + o firefox-db2pem.sh: add macOS support, tidy-ups [348] o form.md: drop reference to MANUAL [178] o ftp: add extra buffer length check [195] o ftp: fix ftp_do_more returning with *completep unset [122] @@ -133,13 +137,16 @@ This release includes the following bugfixes: o http: look for trailing 'type=' in ftp:// without strstr [315] o http: make Content-Length parser more WHATWG [183] o httpsrr: free old pointers when storing new [57] + o imap: treat capabilities case insensitively [345] o INSTALL-CMAKE.md: document useful build targets [215] + o INSTALL: update the list of known operating systems [325] o INTERNALS: drop Winsock 2.2 from the dependency list [162] o ip-happy: do not set unnecessary timeout [95] o ip-happy: prevent event-based stall on retry [155] o kerberos: bump minimum to 1.3 (2003-07-08), drop legacy logic [279] o kerberos: drop logic for MIT Kerberos <1.2.3 (pre-2002) versions [285] - o kerberos: stop including `gssapi/gssapi_generic.h` [282] + o kerberos: stop including gssapi/gssapi_generic.h [282] + o krb5: fix output_token allocators in the GSS debug stub (Windows) [326] o krb5: return appropriate error on send failures [22] o krb5_gssapi: fix memory leak on error path [190] o krb5_sspi: the chlg argument is NOT optional [200] @@ -148,7 +155,7 @@ This release includes the following bugfixes: o ldap: tidy-up types, fix error code confusion [191] o lib1514: fix return code mixup [304] o lib: drop unused include and duplicate guards [226] - o lib: fix build error and compiler warnings with verbose strings disabled [173] + o lib: fix build error with verbose strings disabled [173] o lib: remove personal names from comments [168] o lib: SSL connection reuse [301] o lib: stop NULL-checking conn->passwd and ->user [309] @@ -183,13 +190,16 @@ This release includes the following bugfixes: o managen: render better manpage references/links [54] o managen: strict protocol check [109] o managen: verify the options used in example lines [181] + o mbedtls: add support for 4.0.0 [344] o mbedtls: check result of setting ALPN [127] o mbedtls: handle WANT_WRITE from mbedtls_ssl_read() [145] o mdlinkcheck: reject URLs containing quotes [174] o memdup0: handle edge case [241] + o mime: fix use of fseek() [334] o multi.h: add CURLMINFO_LASTENTRY [51] o multi_ev: remove unnecessary data check that confuses analysers [167] o nghttp3: return NGHTTP3_ERR_CALLBACK_FAILURE from recv_header [227] + o ngtcp2: add a comment explaining write result handling [340] o ngtcp2: check error code on connect failure [13] o ngtcp2: close just-opened QUIC stream when submit_request fails [222] o ngtcp2: compare idle timeout in ms to avoid overflow [248] @@ -202,11 +212,14 @@ This release includes the following bugfixes: o openldap: check ldap_get_option() return codes [119] o openldap: fix memory-leak in error path [287] o openldap: fix memory-leak on oldap_do's exit path [286] + o openldap: limit max incoming size [347] o openssl-quic: check results better [132] o openssl-quic: handle error in SSL_get_stream_read_error_code [129] o openssl-quic: ignore unexpected streams opened by server [176] + o openssl: better return code checks when logging cert data [342] o openssl: call SSL_get_error() with proper error [207] o openssl: clear retry flag on x509 error [130] + o openssl: fail if more than MAX_ALLOWED_CERT_AMOUNT certs [339] o openssl: fail the transfer if ossl_certchain() fails [23] o openssl: fix build for v1.0.2 [225] o openssl: fix peer certificate leak in channel binding [258] @@ -221,6 +234,7 @@ This release includes the following bugfixes: o pytest: skip specific tests for no-verbose builds [171] o quic: fix min TLS version handling [14] o quic: ignore EMSGSIZE on receive [4] + o quic: improve UDP GRO receives [330] o quic: remove data_idle handling [311] o quiche: fix possible leaks on teardown [205] o quiche: fix verbose message when ip quadruple cannot be obtained. [128] @@ -229,6 +243,8 @@ This release includes the following bugfixes: o runtests: tag tests that require curl verbose strings [172] o rustls: fix clang-tidy warning [107] o rustls: fix comment describing cr_recv() [117] + o rustls: limit snprintf proper in cr_keylog_log_cb() [343] + o rustls: make read_file_into not reject good files [328] o rustls: pass the correct result to rustls_failf [242] o rustls: typecast variable for safer trace output [69] o rustls: use %zu for size_t in failf() format string [121] @@ -236,8 +252,10 @@ This release includes the following bugfixes: o schannel: assign result before using it [62] o schannel_verify: fix mem-leak in Curl_verify_host [208] o schannel_verify: use more human friendly error messages [96] + o scripts: pass -- before passing xargs [349] o setopt: accept *_SSL_VERIFYHOST set to 2L [31] o setopt: allow CURLOPT_DNS_CACHE_TIMEOUT set to -1 [257] + o setopt: fix unused variable warning in minimal build [332] o setopt: make CURLOPT_MAXREDIRS accept -1 (again) [1] o smb: adjust buffer size checks [45] o smb: transfer debugassert to real check [303] @@ -256,10 +274,11 @@ This release includes the following bugfixes: o socks_sspi: fix memory cleanup calls [40] o socks_sspi: remove the enforced mode clearing [291] o socks_sspi: restore non-blocking socket on error paths [48] + o socks_sspi: use the correct free function [331] o socksd: remove --bindonly mention, there is no such option [305] o ssl-sessions.md: mark option experimental [12] o strerror: drop workaround for SalfordC win32 header bug [214] - o sws: fix checking `sscanf()` return value [17] + o sws: fix checking sscanf() return value [17] o sws: pass in socket reference to allow function to close it [298] o tcp-nodelay.md: expand the documentation [153] o telnet: ignore empty suboptions [86] @@ -272,7 +291,7 @@ This release includes the following bugfixes: o telnet: send failure logged but not returned [175] o telnet: use pointer[0] for "unknown" option instead of pointer[i] [217] o tests/server: drop pointless memory allocation overrides [219] - o tests/server: drop unsafe `open()` override in signal handler (Windows) [151] + o tests/server: drop unsafe open() override in signal handler (Windows) [151] o tftp: check and act on tftp_set_timeouts() returning error [38] o tftp: check for trailing ";mode=" in URL without strstr [312] o tftp: default timeout per block is now 15 seconds [156] @@ -283,10 +302,10 @@ This release includes the following bugfixes: o tftp: return error if it hits an illegal state [138] o tftp: return error when sendto() fails [59] o thread: errno on thread creation [271] - o tidy-up: `fcntl.h` includes [98] + o tidy-up: fcntl.h includes [98] o tidy-up: assortment of small fixes [115] o tidy-up: avoid using the reserved macro namespace [76] - o tidy-up: update MS links, allow long URLs via `checksrc` [73] + o tidy-up: update MS links, allow long URLs via checksrc [73] o tidy-up: URLs [101] o time-cond.md: refer to the singular curl_getdate man page [148] o TODO: fix a typo [93] @@ -300,6 +319,7 @@ This release includes the following bugfixes: o tool_getparam: always disable "lib-ids" for tracing [169] o tool_getparam: make --fail and --fail-with-body override each other [293] o tool_getparam: warn if provided header looks malformed [179] + o tool_ipfs: simplify the ipfs gateway logic [337] o tool_msgs: make errorf() show if --show-error [294] o tool_operate: improve wording in retry message [37] o tool_operate: keep failed partial download for retry auto-resume [210] @@ -316,18 +336,20 @@ This release includes the following bugfixes: o urldata: make 'retrycount' a single byte [308] o urldata: make redirect counter 16 bit [295] o vauth/digest: improve the digest parser [203] + o version: add GSS backend name and version [353] o vquic: fix idle-timeout checks (ms<-->ns), 64-bit log & honor 0=no-timeout [249] o vquic: handling of io improvements [239] o vquic: sending non-gso packets fix for EAGAIN [265] o vtls: alpn setting, check proto parameter [134] o vtls_int.h: clarify data_pending [124] o vtls_scache: fix race condition [157] - o windows: replace `_beginthreadex()` with `CreateThread()` [80] + o windows: replace _beginthreadex() with CreateThread() [80] o windows: stop passing unused, optional argument for Win9x compatibility [75] o windows: use consistent format when showing error codes [199] o windows: use native error code types more [206] o wolfssl: check BIO read parameters [133] o wolfssl: fix error check in shutdown [105] + o wolfssl: fix resource leak in verify_pinned error paths [314] o wolfssl: no double get_error() detail [188] o ws: clarify an error message [125] o ws: fix some edge cases [274] @@ -357,8 +379,8 @@ This release would not have looked like this without help, code, reports and advice from friends like these: Adam Light, Alice Lee Poetics, Andrei Kurushin, Andrew Kirillov, - Andrew Olsen, BobodevMm on github, Christian Schmitz, Dan Fandrich, - Daniel Stenberg, Daniel Terhorst-North, dependabot[bot], + Andrew Olsen, BobodevMm on github, Christian Schmitz, curl.stunt430, + Dan Fandrich, Daniel Stenberg, Daniel Terhorst-North, dependabot[bot], divinity76 on github, Emilio Pozuelo Monfort, Emre Çalışkan, Ethan Everett, Evgeny Grin (Karlson2k), fds242 on github, Harry Sintonen, Howard Chu, Ignat Loskutov, Javier Blazquez, Jicea, jmaggard10 on github, @@ -368,7 +390,7 @@ advice from friends like these: plv1313 on github, Pocs Norbert, Ray Satiro, renovate[bot], rinsuki on github, Sakthi SK, Samuel Dionne-Riel, Samuel Henrique, Stanislav Fort, Stefan Eissing, tkzv on github, Viktor Szakats - (47 contributors) + (48 contributors) References to bug reports and discussions on issues: @@ -685,11 +707,33 @@ References to bug reports and discussions on issues: [311] = https://curl.se/bug/?i=19060 [312] = https://curl.se/bug/?i=19070 [313] = https://curl.se/bug/?i=19069 + [314] = https://curl.se/bug/?i=19110 [315] = https://curl.se/bug/?i=19065 [316] = https://curl.se/bug/?i=19017 [317] = https://curl.se/bug/?i=16143 [318] = https://curl.se/bug/?i=19055 + [320] = https://curl.se/mail/lib-2025-10/0018.html [321] = https://curl.se/bug/?i=19053 [322] = https://curl.se/bug/?i=19052 [323] = https://curl.se/bug/?i=19051 [324] = https://curl.se/bug/?i=19048 + [325] = https://curl.se/bug/?i=19106 + [326] = https://curl.se/bug/?i=19064 + [328] = https://curl.se/bug/?i=19104 + [330] = https://curl.se/bug/?i=19101 + [331] = https://curl.se/bug/?i=19046 + [332] = https://curl.se/bug/?i=19102 + [334] = https://curl.se/bug/?i=19100 + [337] = https://curl.se/bug/?i=19097 + [339] = https://curl.se/bug/?i=19091 + [340] = https://curl.se/bug/?i=19093 + [342] = https://curl.se/bug/?i=19094 + [343] = https://curl.se/bug/?i=19095 + [344] = https://curl.se/bug/?i=19077 + [345] = https://curl.se/bug/?i=19089 + [346] = https://curl.se/bug/?i=19088 + [347] = https://issues.oss-fuzz.com/issues/432441303 + [348] = https://curl.se/bug/?i=19086 + [349] = https://curl.se/bug/?i=19076 + [353] = https://curl.se/bug/?i=19073 + [354] = https://curl.se/bug/?i=19078 From b9b8a7a5df552d4e5929d4d7e38490b9aef642a9 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 18 Oct 2025 00:01:26 +0200 Subject: [PATCH 0496/2408] openssl: fix resource leak in provider error path Pointed out by ZeroPath Closes #19111 --- lib/vtls/openssl.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 43fa417a35..2868ea85ec 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -1473,6 +1473,8 @@ static int providerload(struct Curl_easy *data, OSSL_STORE_CTX *store = OSSL_STORE_open_ex(cert_file, data->state.libctx, NULL, NULL, NULL, NULL, NULL, NULL); + int rc; + if(!store) { failf(data, "Failed to open OpenSSL store: %s", ossl_strerror(ERR_get_error(), error_buffer, @@ -1501,13 +1503,15 @@ static int providerload(struct Curl_easy *data, return 0; } - if(SSL_CTX_use_certificate(ctx, cert) != 1) { + rc = SSL_CTX_use_certificate(ctx, cert); + X509_free(cert); /* we do not need the handle any more... */ + + if(rc != 1) { failf(data, "unable to set client certificate [%s]", ossl_strerror(ERR_get_error(), error_buffer, sizeof(error_buffer))); return 0; } - X509_free(cert); /* we do not need the handle any more... */ } else { failf(data, "crypto provider not set, cannot load certificate"); From f32451c12bb7fa4738d8c9cf6d7cd09ee876434b Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 17 Oct 2025 18:31:52 +0200 Subject: [PATCH 0497/2408] curlx: promote `Curl_fseeko()` to `curlx_fseek()`, use it in `src` - tool_formparse: replace truncated `fseek` with `curlx_fseek`. - tool_operate: replace truncated `fseek` with `curlx_fseek`. - tool_paramhlp: replace local duplicate `myfseek`, with `curlx_fseek`. Follow-up to 4fb12f289189e8113967e9c9da09958fd8bfa4cb #19100 Closes #19107 --- lib/curlx/fopen.c | 16 +++++++++++++++- lib/curlx/fopen.h | 2 ++ lib/formdata.c | 3 ++- lib/mime.c | 15 +-------------- lib/mime.h | 1 - src/tool_formparse.c | 2 +- src/tool_operate.c | 6 ++---- src/tool_paramhlp.c | 15 +-------------- 8 files changed, 24 insertions(+), 36 deletions(-) diff --git a/lib/curlx/fopen.c b/lib/curlx/fopen.c index 22c7259c70..cc164c8c29 100644 --- a/lib/curlx/fopen.c +++ b/lib/curlx/fopen.c @@ -32,9 +32,23 @@ #include "../curl_setup.h" +#include "fopen.h" + +int curlx_fseek(void *stream, curl_off_t offset, int whence) +{ +#if defined(_WIN32) && defined(USE_WIN32_LARGE_FILES) + return _fseeki64(stream, (__int64)offset, whence); +#elif defined(HAVE_FSEEKO) && defined(HAVE_DECL_FSEEKO) + return fseeko(stream, (off_t)offset, whence); +#else + if(offset > LONG_MAX) + return -1; + return fseek(stream, (long)offset, whence); +#endif +} + #if defined(_WIN32) && !defined(UNDER_CE) -#include "fopen.h" #include "multibyte.h" /* declare GetFullPathNameW for mingw-w64 UWP builds targeting old windows */ diff --git a/lib/curlx/fopen.h b/lib/curlx/fopen.h index b44cbbdfce..51f4dbca17 100644 --- a/lib/curlx/fopen.h +++ b/lib/curlx/fopen.h @@ -32,6 +32,8 @@ #include /* for open() and attributes */ #endif +int curlx_fseek(void *stream, curl_off_t offset, int whence); + #if defined(_WIN32) && !defined(UNDER_CE) FILE *curlx_win32_fopen(const char *filename, const char *mode); int curlx_win32_stat(const char *path, struct_stat *buffer); diff --git a/lib/formdata.c b/lib/formdata.c index 382fd221dc..74a73028cd 100644 --- a/lib/formdata.c +++ b/lib/formdata.c @@ -37,6 +37,7 @@ struct Curl_easy; #include "sendf.h" #include "strdup.h" #include "rand.h" +#include "curlx/fopen.h" #include "curlx/warnless.h" /* The last 2 #include files should be in this order */ @@ -860,7 +861,7 @@ CURLcode Curl_getformdata(CURL *data, #endif result = curl_mime_data_cb(part, (curl_off_t) -1, (curl_read_callback) fread, - Curl_fseeko, + curlx_fseek, NULL, (void *) stdin); #if defined(__clang__) && __clang_major__ >= 16 #pragma clang diagnostic pop diff --git a/lib/mime.c b/lib/mime.c index baca30049f..0a56b07bc5 100644 --- a/lib/mime.c +++ b/lib/mime.c @@ -271,19 +271,6 @@ static char *Curl_basename(char *path) #define basename(x) Curl_basename((x)) #endif -int Curl_fseeko(void *stream, curl_off_t offset, int whence) -{ -#if defined(_WIN32) && defined(USE_WIN32_LARGE_FILES) - return _fseeki64(stream, (__int64)offset, whence); -#elif defined(HAVE_FSEEKO) && defined(HAVE_DECL_FSEEKO) - return fseeko(stream, (off_t)offset, whence); -#else - if(offset > LONG_MAX) - return -1; - return fseek(stream, (long)offset, whence); -#endif -} - /* Set readback state. */ static void mimesetstate(struct mime_state *state, @@ -750,7 +737,7 @@ static int mime_file_seek(void *instream, curl_off_t offset, int whence) if(mime_open_file(part)) return CURL_SEEKFUNC_FAIL; - return Curl_fseeko(part->fp, offset, whence) ? + return curlx_fseek(part->fp, offset, whence) ? CURL_SEEKFUNC_CANTSEEK : CURL_SEEKFUNC_OK; } diff --git a/lib/mime.h b/lib/mime.h index dc6f0d4af1..5073a38f70 100644 --- a/lib/mime.h +++ b/lib/mime.h @@ -138,7 +138,6 @@ CURLcode Curl_mime_add_header(struct curl_slist **slp, const char *fmt, ...) !defined(CURL_DISABLE_IMAP)) /* Prototypes. */ -int Curl_fseeko(void *stream, curl_off_t offset, int whence); void Curl_mime_initpart(struct curl_mimepart *part); void Curl_mime_cleanpart(struct curl_mimepart *part); CURLcode Curl_mime_duppart(struct Curl_easy *data, diff --git a/src/tool_formparse.c b/src/tool_formparse.c index cd3cf52e3e..0f0962ce0d 100644 --- a/src/tool_formparse.c +++ b/src/tool_formparse.c @@ -248,7 +248,7 @@ int tool_mime_stdin_seek(void *instream, curl_off_t offset, int whence) if(offset < 0) return CURL_SEEKFUNC_CANTSEEK; if(!sip->data) { - if(fseek(stdin, (long) (offset + sip->origin), SEEK_SET)) + if(curlx_fseek(stdin, offset + sip->origin, SEEK_SET)) return CURL_SEEKFUNC_CANTSEEK; } sip->curpos = offset; diff --git a/src/tool_operate.c b/src/tool_operate.c index c7d01bb59a..00a98b360b 100644 --- a/src/tool_operate.c +++ b/src/tool_operate.c @@ -584,10 +584,8 @@ static CURLcode retrycheck(struct OperationConfig *config, rc = fseek(outs->stream, 0, SEEK_END); #else /* ftruncate is not available, so just reposition the file - to the location we would have truncated it. This will not - work properly with large files on 32-bit systems, but - most of those will have ftruncate. */ - rc = fseek(outs->stream, (long)outs->init, SEEK_SET); + to the location we would have truncated it. */ + rc = curlx_fseek(outs->stream, outs->init, SEEK_SET); #endif if(rc) { errorf("Failed seeking to end of file"); diff --git a/src/tool_paramhlp.c b/src/tool_paramhlp.c index 85c24f2ea3..fda0539878 100644 --- a/src/tool_paramhlp.c +++ b/src/tool_paramhlp.c @@ -119,19 +119,6 @@ ParameterError file2string(char **bufp, FILE *file) return PARAM_OK; } -static int myfseek(void *stream, curl_off_t offset, int whence) -{ -#if defined(_WIN32) && defined(USE_WIN32_LARGE_FILES) - return _fseeki64(stream, (__int64)offset, whence); -#elif defined(HAVE_FSEEKO) && defined(HAVE_DECL_FSEEKO) - return fseeko(stream, (off_t)offset, whence); -#else - if(offset > LONG_MAX) - return -1; - return fseek(stream, (long)offset, whence); -#endif -} - ParameterError file2memory_range(char **bufp, size_t *size, FILE *file, curl_off_t starto, curl_off_t endo) { @@ -143,7 +130,7 @@ ParameterError file2memory_range(char **bufp, size_t *size, FILE *file, if(starto) { if(file != stdin) { - if(myfseek(file, starto, SEEK_SET)) + if(curlx_fseek(file, starto, SEEK_SET)) return PARAM_READ_ERROR; offset = starto; } From f847d2ed0244319ee6b5e9b054c39077e62388ad Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 18 Oct 2025 11:58:36 +0200 Subject: [PATCH 0498/2408] tool_formparse: rewrite the headers file parser The -F option allows users to provide a file with a set of headers for a specific formpost section. This code used old handcrafted parsing logic that potentially could do wrong. Rewrite to use my_get_line() and dynbuf. Supports longer lines and should be more solid parsing code. Gets somewhat complicated by the (unwise) feature that allows "folding" of header lines in the file: if a line starts with a space it should be appended to the previous. The previous code trimmed spurious CR characters wherever they would occur in a line but this version does not. It does not seem like something we want or that users would expect. Test 646 uses this feature. Closes #19113 --- src/tool_formparse.c | 105 +++++++++++++++++++++---------------------- tests/data/test646 | 2 +- 2 files changed, 53 insertions(+), 54 deletions(-) diff --git a/src/tool_formparse.c b/src/tool_formparse.c index 0f0962ce0d..004ad6ff4c 100644 --- a/src/tool_formparse.c +++ b/src/tool_formparse.c @@ -28,6 +28,7 @@ #include "tool_getparam.h" #include "tool_paramhlp.h" #include "tool_formparse.h" +#include "tool_parsecfg.h" #include "memdebug.h" /* keep this as LAST include */ @@ -417,65 +418,63 @@ static int slist_append(struct curl_slist **plist, const char *data) } /* Read headers from a file and append to list. */ -static int read_field_headers(const char *filename, FILE *fp, - struct curl_slist **pheaders) +static int read_field_headers(FILE *fp, struct curl_slist **pheaders) { - size_t hdrlen = 0; - size_t pos = 0; - bool incomment = FALSE; - int lineno = 1; - char hdrbuf[999] = ""; /* Max. header length + 1. */ + struct dynbuf line; + bool error = FALSE; + int err = 0; - for(;;) { - int c = getc(fp); - if(c == EOF || (!pos && !ISSPACE(c))) { - /* Strip and flush the current header. */ - while(hdrlen && ISSPACE(hdrbuf[hdrlen - 1])) - hdrlen--; - if(hdrlen) { - hdrbuf[hdrlen] = '\0'; - if(slist_append(pheaders, hdrbuf)) { - errorf("Out of memory for field headers"); - return -1; - } - hdrlen = 0; + curlx_dyn_init(&line, 8092); + while(my_get_line(fp, &line, &error)) { + const char *ptr = curlx_dyn_ptr(&line); + size_t len = curlx_dyn_len(&line); + bool folded = FALSE; + if(ptr[0] == '#') /* comment */ + continue; + else if(ptr[0] == ' ') /* a continuation from the line before */ + folded = TRUE; + /* trim off trailing CRLFs and whitespaces */ + while(len && (ISNEWLINE(ptr[len -1]) || ISBLANK(ptr[len - 1]))) + len--; + + if(!len) + continue; + curlx_dyn_setlen(&line, len); /* set the new length */ + + if(folded && *pheaders) { + /* append this new line onto the previous line */ + struct dynbuf amend; + struct curl_slist *l = *pheaders; + curlx_dyn_init(&amend, 8092); + /* find the last node */ + while(l && l->next) + l = l->next; + /* add both parts */ + if(curlx_dyn_add(&amend, l->data) || curlx_dyn_addn(&amend, ptr, len)) { + err = -1; + break; + } + curl_free(l->data); + /* we use maprintf here to make it a libcurl alloc, to match the previous + curl_slist_append */ + l->data = curl_maprintf("%s", curlx_dyn_ptr(&amend)); + curlx_dyn_free(&amend); + if(!l->data) { + errorf("Out of memory for field headers"); + err = 1; } } - - switch(c) { - case EOF: - if(ferror(fp)) { - char errbuf[STRERROR_LEN]; - errorf("Header file %s read error: %s", filename, - curlx_strerror(errno, errbuf, sizeof(errbuf))); - return -1; - } - return 0; /* Done. */ - case '\r': - continue; /* Ignore. */ - case '\n': - pos = 0; - incomment = FALSE; - lineno++; - continue; - case '#': - if(!pos) - incomment = TRUE; + else { + err = slist_append(pheaders, ptr); + } + if(err) { + errorf("Out of memory for field headers"); + err = -1; break; } - - pos++; - if(!incomment) { - if(hdrlen == sizeof(hdrbuf) - 1) { - warnf("File %s line %d: header too long (truncated)", - filename, lineno); - c = ' '; - } - if(hdrlen <= sizeof(hdrbuf) - 1) - hdrbuf[hdrlen++] = (char) c; - } } - /* NOTREACHED */ + curlx_dyn_free(&line); + return err; } static int get_param_part(char endchar, @@ -572,7 +571,7 @@ static int get_param_part(char endchar, curlx_strerror(errno, errbuf, sizeof(errbuf))); } else { - int i = read_field_headers(hdrfile, fp, &headers); + int i = read_field_headers(fp, &headers); curlx_fclose(fp); if(i) { diff --git a/tests/data/test646 b/tests/data/test646 index 4f26dbdf92..fe86e32775 100644 --- a/tests/data/test646 +++ b/tests/data/test646 @@ -42,7 +42,7 @@ It may contain any type of data. X-fileheader1: This is a header from a file # This line is another comment. It precedes a folded header. -X-fileheader2: This is #a +X-fileheader2: This is #a folded header From 8de898414c422ed56980dd4ac3a0125bc6fec5c5 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 18 Oct 2025 12:11:09 +0200 Subject: [PATCH 0499/2408] openssl: free UI_METHOD on exit path In providercheck(), when failing to open the "store", the exit path would not previously free the created UI_METHOD and instead leak this resource. Pointed out by ZeroPath Closes #19114 --- lib/vtls/openssl.c | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 2868ea85ec..66c0fbfabd 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -1328,6 +1328,7 @@ static int providercheck(struct Curl_easy *data, failf(data, "Failed to open OpenSSL store: %s", ossl_strerror(ERR_get_error(), error_buffer, sizeof(error_buffer))); + UI_destroy_method(ui_method); return 0; } if(OSSL_STORE_expect(store, OSSL_STORE_INFO_PKEY) != 1) { From f30f1307c1d9d70a96557359f039ba7ef9b077fb Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 18 Oct 2025 13:08:53 +0200 Subject: [PATCH 0500/2408] cmake: fix Linux pre-fills for non-glibc (when `_CURL_PREFILL=ON`) - do not pre-fill `HAVE_LINUX_TCP_H` on Linux. `linux/tcp.h` is a Linux kernel userspace header. It's likely installed when using glibc and likely missing by default when using something else, e.g. MUSL (e.g. on Alpine). Therefore always detect it for Linux targets, and only pre-fill it for non-Linux ones. - do not pre-fill `HAVE_GLIBC_STRERROR_R` on Linux. To fix it for non-glibc envs, e.g. MUSL (e.g. on Alpine). Note, the pre-fill option is a disabled by default, internal option and strongly not recommended outside of curl development. Closes #19116 --- CMake/unix-cache.cmake | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CMake/unix-cache.cmake b/CMake/unix-cache.cmake index 2c85626a49..a0369e84e5 100644 --- a/CMake/unix-cache.cmake +++ b/CMake/unix-cache.cmake @@ -142,7 +142,7 @@ set(HAVE_GETRLIMIT 1) set(HAVE_GETSOCKNAME 1) set(HAVE_GETTIMEOFDAY 1) if(CMAKE_SYSTEM_NAME STREQUAL "Linux") - set(HAVE_GLIBC_STRERROR_R 1) + # Depends on C library. else() set(HAVE_GLIBC_STRERROR_R 0) endif() @@ -164,7 +164,7 @@ else() endif() set(HAVE_LIBGEN_H 1) if(CMAKE_SYSTEM_NAME STREQUAL "Linux") - set(HAVE_LINUX_TCP_H 1) + # Requires Linux kernel userspace headers. Expected with glibc. May be missing by default with MUSL. else() set(HAVE_LINUX_TCP_H 0) endif() From a000444cb0917b490a7a1635e51be3ac5bf61b3e Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 18 Oct 2025 14:25:08 +0200 Subject: [PATCH 0501/2408] cmake: fix Linux pre-fill `HAVE_POSIX_STRERROR_R` (when `_CURL_PREFILL=ON`) It depends on C library. Follow-up to f30f1307c1d9d70a96557359f039ba7ef9b077fb #19116 --- CMake/unix-cache.cmake | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CMake/unix-cache.cmake b/CMake/unix-cache.cmake index a0369e84e5..556e871a03 100644 --- a/CMake/unix-cache.cmake +++ b/CMake/unix-cache.cmake @@ -204,7 +204,7 @@ endif() set(HAVE_POLL 1) set(HAVE_POLL_H 1) if(CMAKE_SYSTEM_NAME STREQUAL "Linux") - set(HAVE_POSIX_STRERROR_R 0) + # Depends on C library. else() set(HAVE_POSIX_STRERROR_R 1) endif() From bff9679a016d18d6b87e773d8a45ac4a2f3be7aa Mon Sep 17 00:00:00 2001 From: Joshua Rogers Date: Sun, 19 Oct 2025 02:37:18 +0800 Subject: [PATCH 0502/2408] schannel_verify: do not call infof with an appended \n Discovered by ZeroPath Closes #19123 --- lib/vtls/schannel_verify.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/vtls/schannel_verify.c b/lib/vtls/schannel_verify.c index d72790e9df..a508494484 100644 --- a/lib/vtls/schannel_verify.c +++ b/lib/vtls/schannel_verify.c @@ -576,7 +576,7 @@ CURLcode Curl_verify_host(struct Curl_cfilter *cf, conn_hostname, strlen(conn_hostname))) { infof(data, "schannel: connection hostname (%s) validated " - "against certificate name (%s)\n", + "against certificate name (%s)", conn_hostname, cert_hostname); result = CURLE_OK; } From 9021e42c0274853d8166d7ec616212f148a8dc07 Mon Sep 17 00:00:00 2001 From: Joshua Rogers Date: Sun, 19 Oct 2025 02:00:52 +0800 Subject: [PATCH 0503/2408] ldap: do not pass a \n to failf() Discovered by ZeroPath Closes #19122 --- lib/ldap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/ldap.c b/lib/ldap.c index 0b475d07bb..322c870bc2 100644 --- a/lib/ldap.c +++ b/lib/ldap.c @@ -461,7 +461,7 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done) /* we should probably never come up to here since configure should check in first place if we can support LDAP SSL/TLS */ failf(data, "LDAP local: SSL/TLS not supported with this version " - "of the OpenLDAP toolkit\n"); + "of the OpenLDAP toolkit"); result = CURLE_SSL_CERTPROBLEM; goto quit; #endif /* LDAP_OPT_X_TLS */ From c567b37548066b664ac06ad155a819b53b27ad1c Mon Sep 17 00:00:00 2001 From: Joshua Rogers Date: Sun, 19 Oct 2025 00:42:52 +0800 Subject: [PATCH 0504/2408] src/var: remove dead code Discovered by ZeroPath Closes #19119 --- src/var.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/src/var.c b/src/var.c index 79c8307248..87f33af282 100644 --- a/src/var.c +++ b/src/var.c @@ -446,11 +446,8 @@ ParameterError setvariable(const char *input) /* read from file or stdin */ FILE *file; bool use_stdin; - struct dynbuf fname; line++; - curlx_dyn_init(&fname, MAX_FILENAME); - use_stdin = !strcmp(line, "-"); if(use_stdin) file = stdin; @@ -469,7 +466,6 @@ ParameterError setvariable(const char *input) if(clen) contalloc = TRUE; } - curlx_dyn_free(&fname); if(!use_stdin && file) curlx_fclose(file); if(err) From 023e453032a3b0d12c81b030f7935ac92e554011 Mon Sep 17 00:00:00 2001 From: Joshua Rogers Date: Sun, 19 Oct 2025 00:47:11 +0800 Subject: [PATCH 0505/2408] openldap: do not pass newline to infof() Discovered by ZeroPath Closes #19120 --- lib/openldap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/openldap.c b/lib/openldap.c index 1b26b6e1b4..d7eefaa677 100644 --- a/lib/openldap.c +++ b/lib/openldap.c @@ -746,7 +746,7 @@ static CURLcode oldap_state_mechs_resp(struct Curl_easy *data, case LDAP_RES_SEARCH_RESULT: switch(code) { case LDAP_SIZELIMIT_EXCEEDED: - infof(data, "Too many authentication mechanisms\n"); + infof(data, "Too many authentication mechanisms"); FALLTHROUGH(); case LDAP_SUCCESS: case LDAP_NO_RESULTS_RETURNED: From ea1eaa6f7c2c88f8c74ca9b454a8b7e7be1d7171 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 18 Oct 2025 13:09:50 +0200 Subject: [PATCH 0506/2408] tool_paramhlp: remove outdated comment in str2tls_max() The function does not take positive number as input. It takes TLS version strings. Pointed out by ZeroPath Closes #19115 --- src/tool_paramhlp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/tool_paramhlp.c b/src/tool_paramhlp.c index fda0539878..9f54704ea2 100644 --- a/src/tool_paramhlp.c +++ b/src/tool_paramhlp.c @@ -715,7 +715,7 @@ CURLcode get_args(struct OperationConfig *config, const size_t i) /* * Parse the string and modify ssl_version in the val argument. Return PARAM_OK - * on success, otherwise a parameter error enum. ONLY ACCEPTS POSITIVE NUMBERS! + * on success, otherwise a parameter error enum. * * Since this function gets called with the 'nextarg' pointer from within the * getparameter a lot, we must check it for NULL before accessing the str From 0217aca9f3d5e63edf63613e8ac3b5738147dc53 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 18 Oct 2025 22:33:46 +0200 Subject: [PATCH 0507/2408] lib: remove newlines from failf() calls Closes #19124 --- lib/vauth/gsasl.c | 8 ++++---- lib/vquic/curl_ngtcp2.c | 2 +- lib/vquic/curl_osslq.c | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/lib/vauth/gsasl.c b/lib/vauth/gsasl.c index 8fbb62af80..119c392cda 100644 --- a/lib/vauth/gsasl.c +++ b/lib/vauth/gsasl.c @@ -48,7 +48,7 @@ bool Curl_auth_gsasl_is_supported(struct Curl_easy *data, res = gsasl_init(&gsasl->ctx); if(res != GSASL_OK) { - failf(data, "gsasl init: %s\n", gsasl_strerror(res)); + failf(data, "gsasl init: %s", gsasl_strerror(res)); return FALSE; } @@ -73,7 +73,7 @@ CURLcode Curl_auth_gsasl_start(struct Curl_easy *data, gsasl_property_set(gsasl->client, GSASL_AUTHID, userp); #if GSASL_VERSION_NUMBER >= 0x010b00 if(res != GSASL_OK) { - failf(data, "setting AUTHID failed: %s\n", gsasl_strerror(res)); + failf(data, "setting AUTHID failed: %s", gsasl_strerror(res)); return CURLE_OUT_OF_MEMORY; } #endif @@ -84,7 +84,7 @@ CURLcode Curl_auth_gsasl_start(struct Curl_easy *data, gsasl_property_set(gsasl->client, GSASL_PASSWORD, passwdp); #if GSASL_VERSION_NUMBER >= 0x010b00 if(res != GSASL_OK) { - failf(data, "setting PASSWORD failed: %s\n", gsasl_strerror(res)); + failf(data, "setting PASSWORD failed: %s", gsasl_strerror(res)); return CURLE_OUT_OF_MEMORY; } #endif @@ -107,7 +107,7 @@ CURLcode Curl_auth_gsasl_token(struct Curl_easy *data, (const char *) Curl_bufref_ptr(chlg), Curl_bufref_len(chlg), &response, &outlen); if(res != GSASL_OK && res != GSASL_NEEDS_MORE) { - failf(data, "GSASL step: %s\n", gsasl_strerror(res)); + failf(data, "GSASL step: %s", gsasl_strerror(res)); return CURLE_BAD_CONTENT_ENCODING; } diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index b395cd0827..421611520a 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -1888,7 +1888,7 @@ static CURLcode read_pkt_to_send(void *userp, /* we add the amount of data bytes to the flow windows */ int rv = nghttp3_conn_add_write_offset(ctx->h3conn, stream_id, ndatalen); if(rv) { - failf(x->data, "nghttp3_conn_add_write_offset returned error: %s\n", + failf(x->data, "nghttp3_conn_add_write_offset returned error: %s", nghttp3_strerror(rv)); return CURLE_SEND_ERROR; } diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c index a490743462..84b89e93af 100644 --- a/lib/vquic/curl_osslq.c +++ b/lib/vquic/curl_osslq.c @@ -1661,14 +1661,14 @@ static CURLcode h3_send_streams(struct Curl_cfilter *cf, ctx->q.last_io = curlx_now(); rv = nghttp3_conn_add_write_offset(ctx->h3.conn, s->id, acked_len); if(rv && rv != NGHTTP3_ERR_STREAM_NOT_FOUND) { - failf(data, "nghttp3_conn_add_write_offset returned error: %s\n", + failf(data, "nghttp3_conn_add_write_offset returned error: %s", nghttp3_strerror(rv)); result = CURLE_SEND_ERROR; goto out; } rv = nghttp3_conn_add_ack_offset(ctx->h3.conn, s->id, acked_len); if(rv && rv != NGHTTP3_ERR_STREAM_NOT_FOUND) { - failf(data, "nghttp3_conn_add_ack_offset returned error: %s\n", + failf(data, "nghttp3_conn_add_ack_offset returned error: %s", nghttp3_strerror(rv)); result = CURLE_SEND_ERROR; goto out; From e4ec666a3d742202c06e76a97934f97f2bc7588c Mon Sep 17 00:00:00 2001 From: JimFuller-RedHat Date: Sat, 18 Oct 2025 11:21:15 +0200 Subject: [PATCH 0508/2408] examples/chkspeed: portable printing when outputting curl_off_t values Closes #19112 --- docs/examples/chkspeed.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/docs/examples/chkspeed.c b/docs/examples/chkspeed.c index 996db393f5..efa2b0d5ea 100644 --- a/docs/examples/chkspeed.c +++ b/docs/examples/chkspeed.c @@ -184,20 +184,22 @@ int main(int argc, char *argv[]) /* check for bytes downloaded */ res = curl_easy_getinfo(curl_handle, CURLINFO_SIZE_DOWNLOAD_T, &val); if((CURLE_OK == res) && (val > 0)) - printf("Data downloaded: %lu bytes.\n", (unsigned long)val); + printf("Data downloaded: %" CURL_FORMAT_CURL_OFF_T " bytes.\n", val); /* check for total download time */ res = curl_easy_getinfo(curl_handle, CURLINFO_TOTAL_TIME_T, &val); if((CURLE_OK == res) && (val > 0)) - printf("Total download time: %lu.%06lu sec.\n", - (unsigned long)(val / 1000000), - (unsigned long)(val % 1000000)); + printf("Total download time: %" CURL_FORMAT_CURL_OFF_T + ".%06" CURL_FORMAT_CURL_OFF_T " sec.\n", + val / 1000000, + val % 1000000); /* check for average download speed */ res = curl_easy_getinfo(curl_handle, CURLINFO_SPEED_DOWNLOAD_T, &val); if((CURLE_OK == res) && (val > 0)) - printf("Average download speed: %lu kbyte/sec.\n", - (unsigned long)(val / 1024)); + printf("Average download speed: %" + CURL_FORMAT_CURL_OFF_T " kbyte/sec.\n", + val / 1024); if(prtall) { /* check for name resolution time */ From e779650a86c74166954eac22ad995bbad8fd7dc6 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 19 Oct 2025 01:24:49 +0200 Subject: [PATCH 0509/2408] GHA/curl-for-win: update container image envs Follow-up to https://github.com/curl/curl-for-win/commit/1f31ff06ad389f48059641ffb995af8261ba0233 Closes #19129 --- .github/workflows/curl-for-win.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/curl-for-win.yml b/.github/workflows/curl-for-win.yml index a029ba8344..0873885787 100644 --- a/.github/workflows/curl-for-win.yml +++ b/.github/workflows/curl-for-win.yml @@ -63,12 +63,12 @@ jobs: export CW_GCCSUFFIX='-12' sudo podman image trust set --type reject default sudo podman image trust set --type accept docker.io/library - time podman pull "${DOCKER_IMAGE_STABLE}" + time podman pull "${OCI_IMAGE_DEBIAN_STABLE}" podman images --digests time podman run --volume "$(pwd):$(pwd)" --workdir "$(pwd)" \ --env-file <(env | grep -a -E \ '^(CW_|GITHUB_)') \ - "${DOCKER_IMAGE_STABLE}" \ + "${OCI_IMAGE_DEBIAN_STABLE}" \ sh -c ./_ci-linux-debian.sh linux-glibc-gcc-minimal: # use gcc to minimize installed packages @@ -90,12 +90,12 @@ jobs: . ./_versions.sh sudo podman image trust set --type reject default sudo podman image trust set --type accept docker.io/library - time podman pull "${DOCKER_IMAGE}" + time podman pull "${OCI_IMAGE_DEBIAN}" podman images --digests time podman run --volume "$(pwd):$(pwd)" --workdir "$(pwd)" \ --env-file <(env | grep -a -E \ '^(CW_|GITHUB_)') \ - "${DOCKER_IMAGE}" \ + "${OCI_IMAGE_DEBIAN}" \ sh -c ./_ci-linux-debian.sh linux-musl-llvm: @@ -117,12 +117,12 @@ jobs: . ./_versions.sh sudo podman image trust set --type reject default sudo podman image trust set --type accept docker.io/library - time podman pull "${DOCKER_IMAGE}" + time podman pull "${OCI_IMAGE_DEBIAN}" podman images --digests time podman run --volume "$(pwd):$(pwd)" --workdir "$(pwd)" \ --env-file <(env | grep -a -E \ '^(CW_|GITHUB_)') \ - "${DOCKER_IMAGE}" \ + "${OCI_IMAGE_DEBIAN}" \ sh -c ./_ci-linux-debian.sh mac-clang: @@ -164,12 +164,12 @@ jobs: . ./_versions.sh sudo podman image trust set --type reject default sudo podman image trust set --type accept docker.io/library - time podman pull "${DOCKER_IMAGE}" + time podman pull "${OCI_IMAGE_DEBIAN}" podman images --digests time podman run --volume "$(pwd):$(pwd)" --workdir "$(pwd)" \ --env-file <(env | grep -a -E \ '^(CW_|GITHUB_)') \ - "${DOCKER_IMAGE}" \ + "${OCI_IMAGE_DEBIAN}" \ sh -c ./_ci-linux-debian.sh win-gcc-libssh-zlibold-x64: @@ -191,10 +191,10 @@ jobs: . ./_versions.sh sudo podman image trust set --type reject default sudo podman image trust set --type accept docker.io/library - time podman pull "${DOCKER_IMAGE}" + time podman pull "${OCI_IMAGE_DEBIAN}" podman images --digests time podman run --volume "$(pwd):$(pwd)" --workdir "$(pwd)" \ --env-file <(env | grep -a -E \ '^(CW_|GITHUB_)') \ - "${DOCKER_IMAGE}" \ + "${OCI_IMAGE_DEBIAN}" \ sh -c ./_ci-linux-debian.sh From 66e3ff5d0e3aa9ded372f540a5f5bfd83238a958 Mon Sep 17 00:00:00 2001 From: Joshua Rogers Date: Sun, 19 Oct 2025 00:25:45 +0800 Subject: [PATCH 0510/2408] schannel: fix memory leak - Do not leak memory on failed setting algorithm cipher list. Discovered by ZeroPath. - Do not free backend->cred after failed AcquireCredentialsHandle. backend->cred is always freed later, during cleanup. Closes https://github.com/curl/curl/pull/19118 --- lib/vtls/schannel.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index ae5834d843..9b2b1e702e 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -818,6 +818,8 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf, result = set_ssl_ciphers(&schannel_cred, ciphers, algIds); if(result) { failf(data, "schannel: Failed setting algorithm cipher list"); + if(client_certs[0]) + CertFreeCertificateContext(client_certs[0]); return result; } } @@ -845,7 +847,6 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf, char buffer[STRERROR_LEN]; failf(data, "schannel: AcquireCredentialsHandle failed: %s", Curl_sspi_strerror(sspi_status, buffer, sizeof(buffer))); - Curl_safefree(backend->cred); switch(sspi_status) { case SEC_E_INSUFFICIENT_MEMORY: return CURLE_OUT_OF_MEMORY; From e0798466a819245549a2041f4230a1dbd12a079d Mon Sep 17 00:00:00 2001 From: Tatsuhiro Tsujikawa Date: Sun, 19 Oct 2025 13:44:37 +0900 Subject: [PATCH 0511/2408] ngtcp2: adopt ngtcp2_conn_get_stream_user_data if available Adopt ngtcp2_conn_get_stream_user_data which has been available since ngtcp2 v1.17.0. This improves the time complexity of searching h3_stream_ctx from O(n) to O(1) where n is the number of stream. Closes #19132 --- lib/vquic/curl_ngtcp2.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index 421611520a..9478b8d0f3 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -300,6 +300,7 @@ static CURLcode h3_data_setup(struct Curl_cfilter *cf, return CURLE_OK; } +#if NGTCP2_VERSION_NUM < 0x011100 struct cf_ngtcp2_sfind_ctx { curl_int64_t stream_id; struct h3_stream_ctx *stream; @@ -328,6 +329,20 @@ cf_ngtcp2_get_stream(struct cf_ngtcp2_ctx *ctx, curl_int64_t stream_id) Curl_uint_hash_visit(&ctx->streams, cf_ngtcp2_sfind, &fctx); return fctx.stream; } +#else +static struct h3_stream_ctx *cf_ngtcp2_get_stream(struct cf_ngtcp2_ctx *ctx, + curl_int64_t stream_id) +{ + struct Curl_easy *data = + ngtcp2_conn_get_stream_user_data(ctx->qconn, stream_id); + + if(!data) { + return NULL; + } + + return H3_STREAM_CTX(ctx, data); +} +#endif static void cf_ngtcp2_stream_close(struct Curl_cfilter *cf, struct Curl_easy *data, From 6550dd0f3d98ff27db9001090d72ee84558d3e4a Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 18 Oct 2025 23:41:26 +0200 Subject: [PATCH 0512/2408] wolfssl: clear variable to avoid uninitialized use Pointed out by ZeroPath Closes #19126 --- lib/vtls/wolfssl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c index d2bb3eb49e..fe63097f9c 100644 --- a/lib/vtls/wolfssl.c +++ b/lib/vtls/wolfssl.c @@ -357,7 +357,7 @@ static int wssl_bio_cf_in_read(WOLFSSL_BIO *bio, char *buf, int blen) struct ssl_connect_data *connssl = cf->ctx; struct wssl_ctx *wssl = (struct wssl_ctx *)connssl->backend; struct Curl_easy *data = CF_DATA_CURRENT(cf); - size_t nread; + size_t nread = 0; CURLcode result = CURLE_OK; DEBUGASSERT(data); From f03e7c1d645823db285e483ba2e3dde633d38dde Mon Sep 17 00:00:00 2001 From: Jochen Sprickerhof Date: Sun, 19 Oct 2025 09:40:35 +0200 Subject: [PATCH 0513/2408] openldap: fix limit max incoming size test logic Use LDAP_OPT_SUCCESS for ldap_get_option, as done in the other calls. ber_sockbuf_ctrl returns 1 on success so reverse the logic. Follow-up to f91be14bfb Closes #19138 --- lib/openldap.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/openldap.c b/lib/openldap.c index d7eefaa677..dbf2f5f4f3 100644 --- a/lib/openldap.c +++ b/lib/openldap.c @@ -662,11 +662,11 @@ static CURLcode oldap_connect(struct Curl_easy *data, bool *done) { ber_len_t max = 256*1024; Sockbuf *sb; - if(ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, (void **)&sb) || + if((ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, &sb) != LDAP_OPT_SUCCESS) || /* Set the maximum allowed size of an incoming message, which to OpenLDAP means that it will malloc() memory up to this size. If not set, there is no limit and we instead risk a malloc() failure. */ - ber_sockbuf_ctrl(sb, LBER_SB_OPT_SET_MAX_INCOMING, &max)) { + !ber_sockbuf_ctrl(sb, LBER_SB_OPT_SET_MAX_INCOMING, &max)) { result = CURLE_FAILED_INIT; goto out; } From 8d302ec93647ec7a57fdf8a6a1d2f7ac2af07fac Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 19 Oct 2025 12:17:45 +0200 Subject: [PATCH 0514/2408] socks: avoid UAF risk in error path The code obtained a pointer resp via Curl_bufq_peek(), but called Curl_bufq_skip() before it would access them in the failf() call. The Curl_bufq_skip() call can trigger prune_head which may free or recycle the chunk that resp points into. Pointed out by ZeroPath Closes #19139 --- lib/socks.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/lib/socks.c b/lib/socks.c index 10fca7b44c..d146b12abc 100644 --- a/lib/socks.c +++ b/lib/socks.c @@ -765,13 +765,12 @@ static CURLproxycode socks5_check_auth_resp(struct socks_state *sx, /* ignore the first (VER) byte */ auth_status = resp[1]; - Curl_bufq_skip(&sx->iobuf, 2); - if(auth_status) { failf(data, "User was rejected by the SOCKS5 server (%d %d).", resp[0], resp[1]); return CURLPX_USER_REJECTED; } + Curl_bufq_skip(&sx->iobuf, 2); return CURLPX_OK; } From f6334f379d7f8885ae0d212b4d0168388b314037 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 19 Oct 2025 10:53:16 +0200 Subject: [PATCH 0515/2408] examples: replace casts with `curl_off_t` printf masks Follow-up to e4ec666a3d742202c06e76a97934f97f2bc7588c #19112 Closes #19133 --- docs/examples/chkspeed.c | 18 ++++++++++-------- docs/examples/fileupload.c | 10 ++++++---- docs/examples/ftpupload.c | 2 +- docs/examples/progressfunc.c | 17 +++++++++++------ docs/examples/sftpuploadresume.c | 2 +- 5 files changed, 29 insertions(+), 20 deletions(-) diff --git a/docs/examples/chkspeed.c b/docs/examples/chkspeed.c index efa2b0d5ea..6cb1304c87 100644 --- a/docs/examples/chkspeed.c +++ b/docs/examples/chkspeed.c @@ -197,24 +197,26 @@ int main(int argc, char *argv[]) /* check for average download speed */ res = curl_easy_getinfo(curl_handle, CURLINFO_SPEED_DOWNLOAD_T, &val); if((CURLE_OK == res) && (val > 0)) - printf("Average download speed: %" - CURL_FORMAT_CURL_OFF_T " kbyte/sec.\n", + printf("Average download speed: " + "%" CURL_FORMAT_CURL_OFF_T " kbyte/sec.\n", val / 1024); if(prtall) { /* check for name resolution time */ res = curl_easy_getinfo(curl_handle, CURLINFO_NAMELOOKUP_TIME_T, &val); if((CURLE_OK == res) && (val > 0)) - printf("Name lookup time: %lu.%06lu sec.\n", - (unsigned long)(val / 1000000), - (unsigned long)(val % 1000000)); + printf("Name lookup time: %" CURL_FORMAT_CURL_OFF_T + ".%06" CURL_FORMAT_CURL_OFF_T " sec.\n", + val / 1000000, + val % 1000000); /* check for connect time */ res = curl_easy_getinfo(curl_handle, CURLINFO_CONNECT_TIME_T, &val); if((CURLE_OK == res) && (val > 0)) - printf("Connect time: %lu.%06lu sec.\n", - (unsigned long)(val / 1000000), - (unsigned long)(val % 1000000)); + printf("Connect time: %" CURL_FORMAT_CURL_OFF_T + ".%06" CURL_FORMAT_CURL_OFF_T " sec.\n", + val / 1000000, + val % 1000000); } } else { diff --git a/docs/examples/fileupload.c b/docs/examples/fileupload.c index f827c68390..03dd323bda 100644 --- a/docs/examples/fileupload.c +++ b/docs/examples/fileupload.c @@ -98,10 +98,12 @@ int main(void) curl_easy_getinfo(curl, CURLINFO_SPEED_UPLOAD_T, &speed_upload); curl_easy_getinfo(curl, CURLINFO_TOTAL_TIME_T, &total_time); - fprintf(stderr, "Speed: %lu bytes/sec during %lu.%06lu seconds\n", - (unsigned long)speed_upload, - (unsigned long)(total_time / 1000000), - (unsigned long)(total_time % 1000000)); + fprintf(stderr, "Speed: %" CURL_FORMAT_CURL_OFF_T " bytes/sec during " + "%" CURL_FORMAT_CURL_OFF_T + ".%06" CURL_FORMAT_CURL_OFF_T " seconds\n", + speed_upload, + total_time / 1000000, + total_time % 1000000); } /* always cleanup */ curl_easy_cleanup(curl); diff --git a/docs/examples/ftpupload.c b/docs/examples/ftpupload.c index 2bfb51f66e..db3fbfde50 100644 --- a/docs/examples/ftpupload.c +++ b/docs/examples/ftpupload.c @@ -106,7 +106,7 @@ int main(void) } fsize = file_info.st_size; - printf("Local file size: %lu bytes.\n", (unsigned long)fsize); + printf("Local file size: %" CURL_FORMAT_CURL_OFF_T " bytes.\n", fsize); /* In Windows, this inits the Winsock stuff */ res = curl_global_init(CURL_GLOBAL_ALL); diff --git a/docs/examples/progressfunc.c b/docs/examples/progressfunc.c index 35adc6c82d..052620dcdf 100644 --- a/docs/examples/progressfunc.c +++ b/docs/examples/progressfunc.c @@ -53,14 +53,19 @@ static int xferinfo(void *p, be used */ if((curtime - myp->lastruntime) >= MINIMAL_PROGRESS_FUNCTIONALITY_INTERVAL) { myp->lastruntime = curtime; - fprintf(stderr, "TOTAL TIME: %lu.%06lu\r\n", - (unsigned long)(curtime / 1000000), - (unsigned long)(curtime % 1000000)); + fprintf(stderr, "TOTAL TIME: %" CURL_FORMAT_CURL_OFF_T + ".%06" CURL_FORMAT_CURL_OFF_T "\r\n", + curtime / 1000000, + curtime % 1000000); } - fprintf(stderr, "UP: %lu of %lu DOWN: %lu of %lu\r\n", - (unsigned long)ulnow, (unsigned long)ultotal, - (unsigned long)dlnow, (unsigned long)dltotal); + fprintf(stderr, + "UP: " + "%" CURL_FORMAT_CURL_OFF_T " of %" CURL_FORMAT_CURL_OFF_T " " + "DOWN: " + "%" CURL_FORMAT_CURL_OFF_T " of %" CURL_FORMAT_CURL_OFF_T "\r\n", + ulnow, ultotal, + dlnow, dltotal); if(dlnow > STOP_DOWNLOAD_AFTER_THIS_MANY_BYTES) return 1; diff --git a/docs/examples/sftpuploadresume.c b/docs/examples/sftpuploadresume.c index 8745abe78b..d9cff10567 100644 --- a/docs/examples/sftpuploadresume.c +++ b/docs/examples/sftpuploadresume.c @@ -68,7 +68,7 @@ static curl_off_t sftpGetRemoteFileSize(const char *i_remoteFile) &remoteFileSizeByte); if(result) return -1; - printf("filesize: %lu\n", (unsigned long)remoteFileSizeByte); + printf("filesize: %" CURL_FORMAT_CURL_OFF_T "\n", remoteFileSizeByte); } curl_easy_cleanup(curlHandlePtr); From fffc16dd9c4ad063ecee2ac073266120b203e136 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 19 Oct 2025 11:28:15 +0200 Subject: [PATCH 0516/2408] smtp: return value ignored Return value from Curl_client_write was overwritten by smtp_perform_command making errors ignored. Pointed out by ZeroPath Closes #19136 --- lib/smtp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/smtp.c b/lib/smtp.c index 76ed4f280a..30f8535765 100644 --- a/lib/smtp.c +++ b/lib/smtp.c @@ -1136,7 +1136,7 @@ static CURLcode smtp_state_command_resp(struct Curl_easy *data, if(!data->req.no_body) result = Curl_client_write(data, CLIENTWRITE_BODY, line, len); - if(smtpcode != 1) { + if(!result && (smtpcode != 1)) { if(smtp->rcpt) { smtp->rcpt = smtp->rcpt->next; From 026498df4349f779d70241fe628e64af3959d98c Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 13 Oct 2025 22:46:49 +0200 Subject: [PATCH 0517/2408] mod_curltest: tidy-ups and small fixes - honor request id (`id=`) in `curltest/put` and `curltest/sslinfo` handlers. - do not truncate `max_upload` input parameter. - delete unused variables. - formatting. Inspired by Joshua's report on tests. Closes #19061 --- .../http/testenv/mod_curltest/mod_curltest.c | 31 ++++++++----------- 1 file changed, 13 insertions(+), 18 deletions(-) diff --git a/tests/http/testenv/mod_curltest/mod_curltest.c b/tests/http/testenv/mod_curltest/mod_curltest.c index d9ff9152c8..e354e5a469 100644 --- a/tests/http/testenv/mod_curltest/mod_curltest.c +++ b/tests/http/testenv/mod_curltest/mod_curltest.c @@ -610,7 +610,7 @@ static int curltest_put_handler(request_rec *r) } } else if(!strcmp("max_upload", arg)) { - rbody_max_len = (int)apr_atoi64(val); + rbody_max_len = (apr_off_t)apr_atoi64(val); continue; } } @@ -629,6 +629,7 @@ static int curltest_put_handler(request_rec *r) apr_table_unset(r->headers_out, "Content-Length"); /* Discourage content-encodings */ apr_table_unset(r->headers_out, "Content-Encoding"); + apr_table_setn(r->headers_out, "request-id", request_id); apr_table_setn(r->subprocess_env, "no-brotli", "1"); apr_table_setn(r->subprocess_env, "no-gzip", "1"); @@ -674,9 +675,9 @@ static int curltest_put_handler(request_rec *r) } cleanup: - if(rv == APR_SUCCESS - || r->status != HTTP_OK - || c->aborted) { + if(rv == APR_SUCCESS || + r->status != HTTP_OK || + c->aborted) { ap_log_rerror(APLOG_MARK, APLOG_TRACE1, rv, r, "put_handler: done"); return OK; } @@ -694,13 +695,7 @@ static int curltest_1_1_required(request_rec *r) apr_bucket_brigade *bb; apr_bucket *b; apr_status_t rv; - char buffer[16*1024]; const char *ct; - const char *request_id = "none"; - apr_time_t chunk_delay = 0; - apr_array_header_t *args = NULL; - long l; - int i; if(strcmp(r->handler, "curltest-1_1-required")) { return DECLINED; @@ -744,9 +739,9 @@ static int curltest_1_1_required(request_rec *r) rv = ap_pass_brigade(r->output_filters, bb); cleanup: - if(rv == APR_SUCCESS - || r->status != HTTP_OK - || c->aborted) { + if(rv == APR_SUCCESS || + r->status != HTTP_OK || + c->aborted) { ap_log_rerror(APLOG_MARK, APLOG_TRACE1, rv, r, "1_1_handler: done"); return OK; } @@ -774,10 +769,8 @@ static int curltest_sslinfo_handler(request_rec *r) apr_bucket_brigade *bb; apr_bucket *b; apr_status_t rv; - apr_array_header_t *args = NULL; const char *request_id = NULL; int close_conn = 0; - long l; int i; if(strcmp(r->handler, "curltest-sslinfo")) { @@ -821,6 +814,8 @@ static int curltest_sslinfo_handler(request_rec *r) apr_table_unset(r->headers_out, "Content-Length"); /* Discourage content-encodings */ apr_table_unset(r->headers_out, "Content-Encoding"); + if(request_id) + apr_table_setn(r->headers_out, "request-id", request_id); apr_table_setn(r->subprocess_env, "no-brotli", "1"); apr_table_setn(r->subprocess_env, "no-gzip", "1"); @@ -856,9 +851,9 @@ static int curltest_sslinfo_handler(request_rec *r) cleanup: if(close_conn) r->connection->keepalive = AP_CONN_CLOSE; - if(rv == APR_SUCCESS - || r->status != HTTP_OK - || c->aborted) { + if(rv == APR_SUCCESS || + r->status != HTTP_OK || + c->aborted) { ap_log_rerror(APLOG_MARK, APLOG_TRACE1, rv, r, "1_1_handler: done"); return OK; } From 990a23bb97915567415d5857ee6d862a1528f1af Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 19 Oct 2025 11:24:46 +0200 Subject: [PATCH 0518/2408] libssh: return the proper error for readdir problems The code would return without setting sshc->actualcode or returning the CURLcode error. Reported by ZeroPath Closes #19135 --- lib/vssh/libssh.c | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c index 3741db20dc..e2574b6817 100644 --- a/lib/vssh/libssh.c +++ b/lib/vssh/libssh.c @@ -613,6 +613,7 @@ static int myssh_in_SFTP_READDIR(struct Curl_easy *data, if(result) { myssh_to(data, sshc, SSH_STOP); + sshc->actualcode = result; return SSH_NO_ERROR; } From 769ccb4d4261a75c8a4236fbe7dc3e27956db1c9 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 19 Oct 2025 13:09:42 +0200 Subject: [PATCH 0519/2408] curl_get_line: enhance the API To make sure callers can properly differentiate between errors and know cleanly when EOF happens. Updated all users and unit test 3200. Triggered by a remark by ZeroPath Closes #19140 --- lib/altsvc.c | 16 ++++++----- lib/cookie.c | 30 +++++++++++++-------- lib/curl_get_line.c | 62 +++++++++++++++---------------------------- lib/curl_get_line.h | 2 +- lib/hsts.c | 26 ++++++++++-------- lib/netrc.c | 31 +++++++++++++--------- tests/unit/unit3200.c | 55 +++++++++++++++++++------------------- 7 files changed, 112 insertions(+), 110 deletions(-) diff --git a/lib/altsvc.c b/lib/altsvc.c index 449bea8528..d9933f2298 100644 --- a/lib/altsvc.c +++ b/lib/altsvc.c @@ -228,14 +228,18 @@ static CURLcode altsvc_load(struct altsvcinfo *asi, const char *file) fp = curlx_fopen(file, FOPEN_READTEXT); if(fp) { + bool eof = FALSE; struct dynbuf buf; curlx_dyn_init(&buf, MAX_ALTSVC_LINE); - while(Curl_get_line(&buf, fp)) { - const char *lineptr = curlx_dyn_ptr(&buf); - curlx_str_passblanks(&lineptr); - if(curlx_str_single(&lineptr, '#')) - altsvc_add(asi, lineptr); - } + do { + result = Curl_get_line(&buf, fp, &eof); + if(!result) { + const char *lineptr = curlx_dyn_ptr(&buf); + curlx_str_passblanks(&lineptr); + if(curlx_str_single(&lineptr, '#')) + altsvc_add(asi, lineptr); + } + } while(!result && !eof); curlx_dyn_free(&buf); /* free the line buffer */ curlx_fclose(fp); } diff --git a/lib/cookie.c b/lib/cookie.c index 59a841a303..98c13e6218 100644 --- a/lib/cookie.c +++ b/lib/cookie.c @@ -1205,19 +1205,27 @@ struct CookieInfo *Curl_cookie_init(struct Curl_easy *data, ci->running = FALSE; /* this is not running, this is init */ if(fp) { struct dynbuf buf; + bool eof = FALSE; + CURLcode result; curlx_dyn_init(&buf, MAX_COOKIE_LINE); - while(Curl_get_line(&buf, fp)) { - const char *lineptr = curlx_dyn_ptr(&buf); - bool headerline = FALSE; - if(checkprefix("Set-Cookie:", lineptr)) { - /* This is a cookie line, get it! */ - lineptr += 11; - headerline = TRUE; - curlx_str_passblanks(&lineptr); - } + do { + result = Curl_get_line(&buf, fp, &eof); + if(!result) { + const char *lineptr = curlx_dyn_ptr(&buf); + bool headerline = FALSE; + if(checkprefix("Set-Cookie:", lineptr)) { + /* This is a cookie line, get it! */ + lineptr += 11; + headerline = TRUE; + curlx_str_passblanks(&lineptr); + } - Curl_cookie_add(data, ci, headerline, TRUE, lineptr, NULL, NULL, TRUE); - } + (void)Curl_cookie_add(data, ci, headerline, TRUE, lineptr, NULL, + NULL, TRUE); + /* File reading cookie failures are not propagated back to the + caller because there is no way to do that */ + } + } while(!result && !eof); curlx_dyn_free(&buf); /* free the line buffer */ /* diff --git a/lib/curl_get_line.c b/lib/curl_get_line.c index 4b1c6c3e09..b1b4021221 100644 --- a/lib/curl_get_line.c +++ b/lib/curl_get_line.c @@ -32,63 +32,43 @@ /* The last #include file should be: */ #include "memdebug.h" -static int appendnl(struct dynbuf *buf) -{ - CURLcode result = curlx_dyn_addn(buf, "\n", 1); - if(result) - /* too long line or out of memory */ - return 0; /* error */ - return 1; /* all good */ -} +#define appendnl(b) \ + curlx_dyn_addn(buf, "\n", 1) /* - * Curl_get_line() makes sure to only return complete whole lines that end - * newlines. + * Curl_get_line() returns only complete whole lines that end with newline. + * When 'eof' is set TRUE, the last line has been read. */ -int Curl_get_line(struct dynbuf *buf, FILE *input) +CURLcode Curl_get_line(struct dynbuf *buf, FILE *input, bool *eof) { CURLcode result; char buffer[128]; curlx_dyn_reset(buf); while(1) { - char *b = fgets(buffer, sizeof(buffer), input); size_t rlen; + char *b = fgets(buffer, sizeof(buffer), input); - if(b) { - rlen = strlen(b); - - if(!rlen) - break; + *eof = feof(input); + rlen = b ? strlen(b) : 0; + if(rlen) { result = curlx_dyn_addn(buf, b, rlen); if(result) /* too long line or out of memory */ - return 0; /* error */ - - else if(b[rlen-1] == '\n') - /* end of the line */ - return 1; /* all good */ - - else if(feof(input)) - /* append a newline */ - return appendnl(buf); - } - else { - rlen = curlx_dyn_len(buf); - if(rlen) { - b = curlx_dyn_ptr(buf); - - if(b[rlen-1] != '\n') - /* append a newline */ - return appendnl(buf); - - return 1; /* all good */ - } - else - break; + return result; } + /* now check the full line */ + rlen = curlx_dyn_len(buf); + b = curlx_dyn_ptr(buf); + if(rlen && (b[rlen-1] == '\n')) + /* LF at end of the line */ + return CURLE_OK; /* all good */ + if(*eof) + /* append a newline */ + return appendnl(buf); + /* otherwise get next line to append */ } - return 0; + return CURLE_FAILED_INIT; } #endif /* if not disabled */ diff --git a/lib/curl_get_line.h b/lib/curl_get_line.h index d4877123f2..176d5f7a30 100644 --- a/lib/curl_get_line.h +++ b/lib/curl_get_line.h @@ -27,6 +27,6 @@ #include "curlx/dynbuf.h" /* Curl_get_line() returns complete lines that end with a newline. */ -int Curl_get_line(struct dynbuf *buf, FILE *input); +CURLcode Curl_get_line(struct dynbuf *buf, FILE *input, bool *eof); #endif /* HEADER_CURL_GET_LINE_H */ diff --git a/lib/hsts.c b/lib/hsts.c index 28989764b9..4e41155f30 100644 --- a/lib/hsts.c +++ b/lib/hsts.c @@ -526,20 +526,24 @@ static CURLcode hsts_load(struct hsts *h, const char *file) fp = curlx_fopen(file, FOPEN_READTEXT); if(fp) { struct dynbuf buf; + bool eof = FALSE; curlx_dyn_init(&buf, MAX_HSTS_LINE); - while(Curl_get_line(&buf, fp)) { - const char *lineptr = curlx_dyn_ptr(&buf); - curlx_str_passblanks(&lineptr); + do { + result = Curl_get_line(&buf, fp, &eof); + if(!result) { + const char *lineptr = curlx_dyn_ptr(&buf); + curlx_str_passblanks(&lineptr); - /* - * Skip empty or commented lines, since we know the line will have a - * trailing newline from Curl_get_line we can treat length 1 as empty. - */ - if((*lineptr == '#') || strlen(lineptr) <= 1) - continue; + /* + * Skip empty or commented lines, since we know the line will have a + * trailing newline from Curl_get_line we can treat length 1 as empty. + */ + if((*lineptr == '#') || strlen(lineptr) <= 1) + continue; - hsts_add(h, lineptr); - } + hsts_add(h, lineptr); + } + } while(!result && !eof); curlx_dyn_free(&buf); /* free the line buffer */ curlx_fclose(fp); } diff --git a/lib/netrc.c b/lib/netrc.c index f06dff8ed5..1309d30942 100644 --- a/lib/netrc.c +++ b/lib/netrc.c @@ -81,22 +81,27 @@ static NETRCcode file2memory(const char *filename, struct dynbuf *filebuf) curlx_dyn_init(&linebuf, MAX_NETRC_LINE); if(file) { + CURLcode result = CURLE_OK; + bool eof; ret = NETRC_OK; - while(Curl_get_line(&linebuf, file)) { - CURLcode result; - const char *line = curlx_dyn_ptr(&linebuf); - /* skip comments on load */ - curlx_str_passblanks(&line); - if(*line == '#') - continue; - result = curlx_dyn_add(filebuf, line); - if(result) { - ret = curl2netrc(result); - goto done; + do { + const char *line; + result = Curl_get_line(&linebuf, file, &eof); + if(!result) { + line = curlx_dyn_ptr(&linebuf); + /* skip comments on load */ + curlx_str_passblanks(&line); + if(*line == '#') + continue; + result = curlx_dyn_add(filebuf, line); } - } + if(result) { + curlx_dyn_free(filebuf); + ret = curl2netrc(result); + break; + } + } while(!eof); } -done: curlx_dyn_free(&linebuf); if(file) curlx_fclose(file); diff --git a/tests/unit/unit3200.c b/tests/unit/unit3200.c index 5c3e4d14ad..15abba25db 100644 --- a/tests/unit/unit3200.c +++ b/tests/unit/unit3200.c @@ -76,12 +76,13 @@ static CURLcode test_unit3200(const char *arg) #endif size_t i; - int rc = 0; + CURLcode result = CURLE_OK; for(i = 0; i < CURL_ARRAYSIZE(filecontents); i++) { FILE *fp; struct dynbuf buf; size_t len = 4096; char *line; + bool eof; curlx_dyn_init(&buf, len); fp = curlx_fopen(arg, "wb"); @@ -95,63 +96,63 @@ static CURLcode test_unit3200(const char *arg) curl_mfprintf(stderr, "Test %zd...", i); switch(i) { case 0: - rc = Curl_get_line(&buf, fp); + result = Curl_get_line(&buf, fp, &eof); line = curlx_dyn_ptr(&buf); - fail_unless(rc && line && !strcmp("LINE1\n", line), + fail_unless(!result && line && !strcmp("LINE1\n", line), "First line failed (1)"); - rc = Curl_get_line(&buf, fp); + result = Curl_get_line(&buf, fp, &eof); line = curlx_dyn_ptr(&buf); - fail_unless(rc && line && !strcmp("LINE2 NEWLINE\n", line), + fail_unless(!result && line && !strcmp("LINE2 NEWLINE\n", line), "Second line failed (1)"); - rc = Curl_get_line(&buf, fp); - abort_unless(!curlx_dyn_len(&buf), "Missed EOF (1)"); + result = Curl_get_line(&buf, fp, &eof); + abort_unless(eof, "Missed EOF (1)"); break; case 1: - rc = Curl_get_line(&buf, fp); + result = Curl_get_line(&buf, fp, &eof); line = curlx_dyn_ptr(&buf); - fail_unless(rc && line && !strcmp("LINE1\n", line), + fail_unless(!result && line && !strcmp("LINE1\n", line), "First line failed (2)"); - rc = Curl_get_line(&buf, fp); + result = Curl_get_line(&buf, fp, &eof); line = curlx_dyn_ptr(&buf); - fail_unless(rc && line && !strcmp("LINE2 NONEWLINE\n", line), + fail_unless(!result && line && !strcmp("LINE2 NONEWLINE\n", line), "Second line failed (2)"); - rc = Curl_get_line(&buf, fp); - abort_unless(!curlx_dyn_len(&buf), "Missed EOF (2)"); + result = Curl_get_line(&buf, fp, &eof); + abort_unless(eof, "Missed EOF (2)"); break; case 2: - rc = Curl_get_line(&buf, fp); + result = Curl_get_line(&buf, fp, &eof); line = curlx_dyn_ptr(&buf); - fail_unless(rc && line && !strcmp("LINE1\n", line), + fail_unless(!result && line && !strcmp("LINE1\n", line), "First line failed (3)"); - rc = Curl_get_line(&buf, fp); + result = Curl_get_line(&buf, fp, &eof); fail_unless(!curlx_dyn_len(&buf), "Did not detect max read on EOF (3)"); break; case 3: - rc = Curl_get_line(&buf, fp); + result = Curl_get_line(&buf, fp, &eof); line = curlx_dyn_ptr(&buf); - fail_unless(rc && line && !strcmp("LINE1\n", line), + fail_unless(!result && line && !strcmp("LINE1\n", line), "First line failed (4)"); - rc = Curl_get_line(&buf, fp); + result = Curl_get_line(&buf, fp, &eof); fail_unless(!curlx_dyn_len(&buf), "Did not ignore partial on EOF (4)"); break; case 4: - rc = Curl_get_line(&buf, fp); + result = Curl_get_line(&buf, fp, &eof); line = curlx_dyn_ptr(&buf); - fail_unless(rc && line && !strcmp("LINE1\n", line), + fail_unless(!result && line && !strcmp("LINE1\n", line), "First line failed (5)"); - rc = Curl_get_line(&buf, fp); + result = Curl_get_line(&buf, fp, &eof); fail_unless(!curlx_dyn_len(&buf), "Did not bail out on too long line"); break; case 5: - rc = Curl_get_line(&buf, fp); + result = Curl_get_line(&buf, fp, &eof); line = curlx_dyn_ptr(&buf); - fail_unless(rc && line && !strcmp("LINE1\x1aTEST\n", line), + fail_unless(!result && line && !strcmp("LINE1\x1aTEST\n", line), "Missed/Misinterpreted ^Z (6)"); - rc = Curl_get_line(&buf, fp); - abort_unless(!curlx_dyn_len(&buf), "Missed EOF (6)"); + result = Curl_get_line(&buf, fp, &eof); + abort_unless(eof, "Missed EOF (6)"); break; default: abort_unless(1, "Unknown case"); @@ -161,7 +162,7 @@ static CURLcode test_unit3200(const char *arg) curlx_fclose(fp); curl_mfprintf(stderr, "OK\n"); } - return (CURLcode)rc; + return result; #endif From 976333dd4052855c22369e89e60a80a9cf925161 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 19 Oct 2025 15:06:39 +0200 Subject: [PATCH 0520/2408] curl_path: make sure just whitespace is illegal This function could previously accidentally return true and a NULL path if only whitespace was provided as argument. Also, make it stricter and do not allow CR or LF within the string. Use more strparse parsing. Drop the comment saying this is from OpenSSH as it has now been rewritten since then. Closes #19141 --- lib/vssh/curl_path.c | 89 ++++++++++++++++++------------------------- tests/unit/unit2604.c | 4 ++ 2 files changed, 42 insertions(+), 51 deletions(-) diff --git a/lib/vssh/curl_path.c b/lib/vssh/curl_path.c index 7a0e5bffef..44ea3d07a5 100644 --- a/lib/vssh/curl_path.c +++ b/lib/vssh/curl_path.c @@ -28,6 +28,7 @@ #include "curl_path.h" #include +#include "../curlx/strparse.h" #include "../curl_memory.h" #include "../escape.h" #include "../memdebug.h" @@ -105,32 +106,11 @@ CURLcode Curl_getworkingpath(struct Curl_easy *data, return CURLE_OK; } -/* The original get_pathname() function came from OpenSSH sftp.c version - 4.6p1. */ -/* - * Copyright (c) 2001-2004 Damien Miller - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - #define MAX_PATHLENGTH 65535 /* arbitrary long */ CURLcode Curl_get_pathname(const char **cpp, char **path, const char *homedir) { - const char *cp = *cpp, *end; - char quot; - unsigned int i; - static const char WHITESPACE[] = " \t\r\n"; + const char *cp = *cpp; struct dynbuf out; CURLcode result; @@ -143,48 +123,37 @@ CURLcode Curl_get_pathname(const char **cpp, char **path, const char *homedir) curlx_dyn_init(&out, MAX_PATHLENGTH); /* Ignore leading whitespace */ - cp += strspn(cp, WHITESPACE); + curlx_str_passblanks(&cp); /* Check for quoted filenames */ if(*cp == '\"' || *cp == '\'') { - quot = *cp++; + char quot = *cp++; /* Search for terminating quote, unescape some chars */ - for(i = 0; i <= strlen(cp); i++) { - if(cp[i] == quot) { /* Found quote */ - i++; - break; - } - if(cp[i] == '\0') { /* End of string */ + while(*cp != quot) { + if(!*cp) /* End of string */ goto fail; - } - if(cp[i] == '\\') { /* Escaped characters */ - i++; - if(cp[i] != '\'' && cp[i] != '\"' && - cp[i] != '\\') { + + if(*cp == '\\') { /* Escaped characters */ + cp++; + if(*cp != '\'' && *cp != '\"' && *cp != '\\') goto fail; - } } - result = curlx_dyn_addn(&out, &cp[i], 1); + result = curlx_dyn_addn(&out, cp, 1); if(result) return result; + cp++; } + cp++; /* pass the end quote */ if(!curlx_dyn_len(&out)) goto fail; - /* return pointer to second parameter if it exists */ - *cpp = &cp[i] + strspn(&cp[i], WHITESPACE); } else { - /* Read to end of filename - either to whitespace or terminator */ - end = strpbrk(cp, WHITESPACE); - if(!end) - end = strchr(cp, '\0'); - - /* return pointer to second parameter if it exists */ - *cpp = end + strspn(end, WHITESPACE); - + struct Curl_str word; + bool content = FALSE; + int rc; /* Handling for relative path - prepend home directory */ if(cp[0] == '/' && cp[1] == '~' && cp[2] == '/') { result = curlx_dyn_add(&out, homedir); @@ -193,12 +162,30 @@ CURLcode Curl_get_pathname(const char **cpp, char **path, const char *homedir) if(result) return result; cp += 3; + content = TRUE; + } + /* Read to end of filename - either to whitespace or terminator */ + rc = curlx_str_word(&cp, &word, MAX_PATHLENGTH); + if(rc) { + if(rc == STRE_BIG) + return CURLE_TOO_LARGE; + else if(!content) + /* no path, no word, this is incorrect */ + goto fail; + } + else { + /* append the word */ + result = curlx_dyn_addn(&out, curlx_str(&word), curlx_strlen(&word)); + if(result) + return result; } - /* Copy path name up until first "whitespace" */ - result = curlx_dyn_addn(&out, cp, (end - cp)); - if(result) - return result; } + /* skip whitespace */ + curlx_str_passblanks(&cp); + + /* return pointer to second parameter if it exists */ + *cpp = cp; + *path = curlx_dyn_ptr(&out); return CURLE_OK; diff --git a/tests/unit/unit2604.c b/tests/unit/unit2604.c index 3d57f16c8f..7cb82bbcf1 100644 --- a/tests/unit/unit2604.c +++ b/tests/unit/unit2604.c @@ -68,6 +68,10 @@ static CURLcode test_unit2604(const char *arg) { "\"\" c", "", "", "", CURLE_QUOTE_ERROR}, { "foo\"", "foo\"", "", "/", CURLE_OK}, { "foo \"", "foo", "\"", "/", CURLE_OK}, + { " \t\t \t ", "", "", "/", CURLE_QUOTE_ERROR}, + { " ", "", "", "/", CURLE_QUOTE_ERROR}, + { "", "", "", "/", CURLE_QUOTE_ERROR}, + { " \r \n ", "\r", "\n ", "/", CURLE_OK}, { NULL, NULL, NULL, NULL, CURLE_OK } }; From d8a7aad061f96efa0ea93a01845fb66abc256280 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 19 Oct 2025 21:15:55 +0200 Subject: [PATCH 0521/2408] GHA/windows: drop `git config core.autocrlf input` steps CI works without it now. For an inexplicable reason, this single `git` command took 9 seconds per job, making this patch save more than 2 minutes per workflow run. It was also the only step using PowerShell. Closes #19150 --- .github/workflows/windows.yml | 7 ------- 1 file changed, 7 deletions(-) diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index 975b592c7c..60eafaa4c0 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -57,8 +57,6 @@ jobs: - { build: 'cmake' , platform: 'x86_64', tflags: '' , config: '-DENABLE_DEBUG=ON -DCURL_USE_OPENSSL=ON -DENABLE_THREADED_RESOLVER=OFF', install: 'libssl-devel libssh2-devel', name: 'openssl' } fail-fast: false steps: - - run: git config --global core.autocrlf input - shell: pwsh - uses: cygwin/cygwin-install-action@f2009323764960f80959895c7bc3bb30210afe4d # v6 with: platform: ${{ matrix.platform }} @@ -220,9 +218,6 @@ jobs: - { build: 'cmake' , sys: 'mingw32' , env: 'i686' , tflags: 'skiprun', config: '-DENABLE_DEBUG=OFF -DBUILD_SHARED_LIBS=ON -DCURL_USE_SCHANNEL=ON -DENABLE_UNICODE=ON', install: 'mingw-w64-i686-libssh2', type: 'Release', name: 'schannel R' } fail-fast: false steps: - - run: git config --global core.autocrlf input - shell: pwsh - - uses: msys2/setup-msys2@fb197b72ce45fb24f17bf3f807a388985654d1f2 # v2.29.0 if: ${{ matrix.sys == 'msys' }} with: @@ -500,8 +495,6 @@ jobs: rm -r -f pack.bin ls -l - - run: git config --global core.autocrlf input - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false From 55e0526566f9ea452dec6e443bcd3c358b76b977 Mon Sep 17 00:00:00 2001 From: Yedaya Katsman Date: Sun, 19 Oct 2025 21:26:17 +0300 Subject: [PATCH 0522/2408] openssl: fix unable do typo in failf() calls Closes #19149 --- lib/vtls/openssl.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 66c0fbfabd..c580d6cc67 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -1251,7 +1251,7 @@ static int enginecheck(struct Curl_easy *data, UI_METHOD *ui_method = UI_create_method(OSSL_UI_METHOD_CAST("curl user interface")); if(!ui_method) { - failf(data, "unable do create " OSSL_PACKAGE " user-interface method"); + failf(data, "unable to create " OSSL_PACKAGE " user-interface method"); return 0; } UI_method_set_opener(ui_method, UI_method_get_opener(UI_OpenSSL())); @@ -1313,7 +1313,7 @@ static int providercheck(struct Curl_easy *data, UI_METHOD *ui_method = UI_create_method(OSSL_UI_METHOD_CAST("curl user interface")); if(!ui_method) { - failf(data, "unable do create " OSSL_PACKAGE " user-interface method"); + failf(data, "unable to create " OSSL_PACKAGE " user-interface method"); return 0; } UI_method_set_opener(ui_method, UI_method_get_opener(UI_OpenSSL())); From 7f19fa98199f967bda2ddb1da1d889c6eafcc14b Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 19 Oct 2025 16:40:11 +0200 Subject: [PATCH 0523/2408] lib: add asserts that hostname has content For all network related protocols there must be a non-blank hostname used. This change adds a few asserts in some places to make debug/tests catch mistakes if any such would slip in. Closes #19146 --- lib/doh.c | 1 + lib/hostip.c | 4 +++- lib/socks.c | 2 ++ 3 files changed, 6 insertions(+), 1 deletion(-) diff --git a/lib/doh.c b/lib/doh.c index 3dd7a2872d..8cdecf4657 100644 --- a/lib/doh.c +++ b/lib/doh.c @@ -458,6 +458,7 @@ struct Curl_addrinfo *Curl_doh(struct Curl_easy *data, DEBUGASSERT(conn); DEBUGASSERT(!data->state.async.doh); + DEBUGASSERT(hostname && hostname[0]); if(data->state.async.doh) Curl_doh_cleanup(data); diff --git a/lib/hostip.c b/lib/hostip.c index 41db274c5d..055ea78b48 100644 --- a/lib/hostip.c +++ b/lib/hostip.c @@ -858,6 +858,7 @@ CURLcode Curl_resolv(struct Curl_easy *data, /* We should intentionally error and not resolve .onion TLDs */ hostname_len = strlen(hostname); + DEBUGASSERT(hostname_len); if(hostname_len >= 7 && (curl_strequal(&hostname[hostname_len - 6], ".onion") || curl_strequal(&hostname[hostname_len - 7], ".onion."))) { @@ -982,7 +983,7 @@ CURLcode Curl_resolv_blocking(struct Curl_easy *data, struct Curl_dns_entry **dnsentry) { CURLcode result; - + DEBUGASSERT(hostname && *hostname); *dnsentry = NULL; result = Curl_resolv(data, hostname, port, ip_version, FALSE, dnsentry); switch(result) { @@ -1060,6 +1061,7 @@ CURLcode Curl_resolv_timeout(struct Curl_easy *data, #endif /* USE_ALARM_TIMEOUT */ CURLcode result; + DEBUGASSERT(hostname && *hostname); *entry = NULL; if(timeoutms < 0) diff --git a/lib/socks.c b/lib/socks.c index d146b12abc..238e140b06 100644 --- a/lib/socks.c +++ b/lib/socks.c @@ -331,6 +331,7 @@ static CURLproxycode socks4_resolving(struct socks_state *sx, if(sx->start_resolving) { /* need to resolve hostname to add destination address */ sx->start_resolving = FALSE; + DEBUGASSERT(sx->hostname && *sx->hostname); result = Curl_resolv(data, sx->hostname, sx->remote_port, cf->conn->ip_version, TRUE, &dns); @@ -858,6 +859,7 @@ static CURLproxycode socks5_resolving(struct socks_state *sx, if(sx->start_resolving) { /* need to resolve hostname to add destination address */ sx->start_resolving = FALSE; + DEBUGASSERT(sx->hostname && *sx->hostname); result = Curl_resolv(data, sx->hostname, sx->remote_port, cf->conn->ip_version, TRUE, &dns); From 4c636b2dc1fb94e554f8885e595888a20cca11fc Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 19 Oct 2025 16:12:56 +0200 Subject: [PATCH 0524/2408] tool_operate: return error on strdup() failure In src/tool_operate.c inside the Windows safe-search branch (#ifdef CURL_CA_SEARCH_SAFE), the code assigns config->cacert = strdup(cacert); at line 2076 without checking whether strdup returned NULL. This would allow the code to continue with the wrong value set, causing possible confusion. Pointed out by ZeroPath Closes #19145 --- src/tool_operate.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/tool_operate.c b/src/tool_operate.c index 00a98b360b..0c03114d40 100644 --- a/src/tool_operate.c +++ b/src/tool_operate.c @@ -2072,6 +2072,10 @@ static CURLcode cacertpaths(struct OperationConfig *config) if(cafile) { curlx_fclose(cafile); config->cacert = strdup(cacert); + if(!config->cacert) { + result = CURLE_OUT_OF_MEMORY; + goto fail; + } } #elif !defined(CURL_WINDOWS_UWP) && !defined(UNDER_CE) && \ !defined(CURL_DISABLE_CA_SEARCH) From d3b2ba92c7ed587d48afd1bbc58de19eab6645bf Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 18 Oct 2025 23:34:52 +0200 Subject: [PATCH 0525/2408] rustls: exit on error In init_config_builder_verifier() the call to rustls_root_cert_store_builder_build() set result on failure but did not return. Pointed out by ZeroPath Closes #19125 --- lib/vtls/rustls.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c index ebd94213d4..2173b3be88 100644 --- a/lib/vtls/rustls.c +++ b/lib/vtls/rustls.c @@ -746,6 +746,9 @@ init_config_builder_verifier(struct Curl_easy *data, if(rr != RUSTLS_RESULT_OK) { rustls_failf(data, rr, "failed to build trusted root certificate store"); result = CURLE_SSL_CACERT_BADFILE; + if(result) { + goto cleanup; + } } verifier_builder = rustls_web_pki_server_cert_verifier_builder_new(roots); @@ -754,7 +757,7 @@ init_config_builder_verifier(struct Curl_easy *data, result = init_config_builder_verifier_crl(data, conn_config, verifier_builder); - if(result != CURLE_OK) { + if(result) { goto cleanup; } } From 00cb679c04ef9e0f30bd99c9dcc58c1e1928c01a Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 19 Oct 2025 15:25:52 +0200 Subject: [PATCH 0526/2408] openssl: remove dead code A condition in infof_certstack() would always equal true after a previous change. Follow-up to e2a4de8a607d3c7f52918ef50ab6411c75 Pointed out by Coverity Closes #19142 --- lib/vtls/openssl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index c580d6cc67..f62f99cc86 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -4898,7 +4898,7 @@ static void infof_certstack(struct Curl_easy *data, const SSL *ssl) curl_msnprintf(group_name_final, sizeof(group_name_final), "/%s", group_name); } - type_name = current_pkey ? EVP_PKEY_get0_type_name(current_pkey) : NULL; + type_name = EVP_PKEY_get0_type_name(current_pkey); #else get_group_name = 0; type_name = NULL; From 8504c41e2c61475355318a89446891c375b86aec Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 19 Oct 2025 15:59:09 +0200 Subject: [PATCH 0527/2408] tool_cb_rea: use poll instead of select if available - poll doesn't have the FD_SETSIZE problem - select: if socket >= FD_SETSIZE, skip the call Closes #19143 --- src/tool_cb_rea.c | 90 ++++++++++++++++++++++++++++------------------- 1 file changed, 53 insertions(+), 37 deletions(-) diff --git a/src/tool_cb_rea.c b/src/tool_cb_rea.c index b7bd9a7227..b5c6143845 100644 --- a/src/tool_cb_rea.c +++ b/src/tool_cb_rea.c @@ -26,6 +26,11 @@ #ifdef HAVE_SYS_SELECT_H #include #endif +#ifdef HAVE_POLL_H +#include +#elif defined(HAVE_SYS_POLL_H) +#include +#endif #include "tool_cfgable.h" #include "tool_cb_rea.h" @@ -35,6 +40,49 @@ #include "memdebug.h" /* keep this as LAST include */ +#ifndef _WIN32 +/* Wait up to a number of milliseconds for socket activity. This function + waits on read activity on a file descriptor that is not a socket which + makes it not work with select() or poll() on Windows. */ +static bool waitfd(int waitms, int fd) +{ +#ifdef HAVE_POLL + struct pollfd set; + + set.fd = fd; + set.events = POLLIN; + set.revents = 0; + if(poll(&set, 1, (int)waitms)) + return TRUE; /* timeout */ + return FALSE; +#else + fd_set bits; + struct timeval timeout; + + if(fd >= FD_SETSIZE) + /* can't wait! */ + return FALSE; + + /* wait this long at the most */ + timeout.tv_sec = waitms / 1000; + timeout.tv_usec = (int)((waitms % 1000) * 1000); + + FD_ZERO(&bits); +#ifdef __DJGPP__ +#pragma GCC diagnostic push +#pragma GCC diagnostic ignored "-Warith-conversion" +#endif + FD_SET(fd, &bits); +#ifdef __DJGPP__ +#pragma GCC diagnostic pop +#endif + if(!select(fd + 1, &bits, NULL, NULL, &timeout)) + return TRUE; /* timeout */ + return FALSE; +#endif +} +#endif + /* ** callback for CURLOPT_READFUNCTION */ @@ -59,28 +107,11 @@ size_t tool_read_cb(char *buffer, size_t sz, size_t nmemb, void *userdata) /* timeout */ return 0; #ifndef _WIN32 - /* this logic waits on read activity on a file descriptor that is not a - socket which makes it not work with select() on Windows */ else { - fd_set bits; - struct timeval timeout; - long wait = config->timeout_ms - msdelta; - - /* wait this long at the most */ - timeout.tv_sec = wait/1000; - timeout.tv_usec = (int)((wait%1000)*1000); - - FD_ZERO(&bits); -#ifdef __DJGPP__ -#pragma GCC diagnostic push -#pragma GCC diagnostic ignored "-Warith-conversion" -#endif - FD_SET(per->infd, &bits); -#ifdef __DJGPP__ -#pragma GCC diagnostic pop -#endif - if(!select(per->infd + 1, &bits, NULL, NULL, &timeout)) - return 0; /* timeout */ + long w = config->timeout_ms - msdelta; + if(w > INT_MAX) + w = INT_MAX; + waitfd((int)w, per->infd); } #endif } @@ -154,22 +185,7 @@ int tool_readbusy_cb(void *clientp, if(config->readbusy) { if(ulprev == ulnow) { #ifndef _WIN32 - fd_set bits; - struct timeval timeout; - /* wait this long at the most */ - timeout.tv_sec = 0; - timeout.tv_usec = 1000; - - FD_ZERO(&bits); -#ifdef __DJGPP__ -#pragma GCC diagnostic push -#pragma GCC diagnostic ignored "-Warith-conversion" -#endif - FD_SET(per->infd, &bits); -#ifdef __DJGPP__ -#pragma GCC diagnostic pop -#endif - select(per->infd + 1, &bits, NULL, NULL, &timeout); + waitfd(1, per->infd); #else /* sleep */ curlx_wait_ms(1); From c21655e7ff243e5b9924c19a061e5e5ab70958b8 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 19 Oct 2025 17:00:06 +0200 Subject: [PATCH 0528/2408] tool_filetime: cap crazy filetimes instead of erroring Also cap the minimum allowed timestamp now. Closes #19147 --- src/tool_filetime.c | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/src/tool_filetime.c b/src/tool_filetime.c index 6dc2fbbe42..041cc4dbd6 100644 --- a/src/tool_filetime.c +++ b/src/tool_filetime.c @@ -96,13 +96,17 @@ void setfiletime(curl_off_t filetime, const char *filename) HANDLE hfile; TCHAR *tchar_filename = curlx_convert_UTF8_to_tchar(filename); - /* 910670515199 is the maximum Unix filetime that can be used as a - Windows FILETIME without overflow: 30827-12-31T23:59:59. */ + /* 910670515199 is the maximum Unix filetime that can be used as a Windows + FILETIME without overflow: 30827-12-31T23:59:59. */ if(filetime > 910670515199) { - warnf("Failed to set filetime %" CURL_FORMAT_CURL_OFF_T - " on outfile: overflow", filetime); - curlx_unicodefree(tchar_filename); - return; + filetime = 910670515199; + warnf("Capping set filetime to max to avoid overflow"); + } + else if(filetime < -6857222400) { + /* dates before 14 september 1752 (pre-Gregorian calendar) are not + accurate */ + filetime = -6857222400; + warnf("Capping set filetime to minimum to avoid overflow"); } hfile = CreateFile(tchar_filename, FILE_WRITE_ATTRIBUTES, From 3986149c0405d9d4f33fe1dc9c485e0f362c0a05 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 20 Oct 2025 00:24:15 +0200 Subject: [PATCH 0529/2408] GHA/windows: delete remains of Perl `Win32-Process*` caching Follow-up to c8d6643df212791edee705a94c890335dac8762b #19083 --- .github/workflows/windows.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index 60eafaa4c0..242d1e3e44 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -365,7 +365,6 @@ jobs: run: | /usr/bin/pacman --noconfirm --noprogressbar --sync --needed openssh /c/ProgramData/chocolatey/choco.exe install --yes --no-progress --limit-output --timeout 180 --force stunnel || true - perl --version | tee "$GITHUB_WORKSPACE"/perlversion - name: 'run tests' if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} @@ -560,7 +559,6 @@ jobs: run: | /c/ProgramData/chocolatey/choco.exe install --yes --no-progress --limit-output --timeout 180 --force stunnel || true python3 -m pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary -r tests/requirements.txt - perl --version | tee "$GITHUB_WORKSPACE"/perlversion - name: 'run tests' if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} @@ -937,7 +935,6 @@ jobs: if [ "${MATRIX_IMAGE}" != 'windows-11-arm' ]; then # save 30-60 seconds, to counteract the slower test run step python3 -m pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary -r tests/requirements.txt fi - perl --version | tee "$GITHUB_WORKSPACE"/perlversion - name: 'run tests' if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} From 0bb25cdbb78d9052a57b8147f3f399f6045b3238 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 20 Oct 2025 00:34:56 +0200 Subject: [PATCH 0530/2408] curl_easy_setopt.md: add missing CURLOPT_POSTFIELDS It was mistakenly removed in 8dab7465a594b1fb4b (shipped in 8.9.0) Also fix test 1139 which should have detected this but didn't due to a bad regex check. Reported-by: Jonathan Cardoso Fixes #19151 Closes #119152 --- docs/libcurl/curl_easy_setopt.md | 4 ++++ tests/test1139.pl | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/docs/libcurl/curl_easy_setopt.md b/docs/libcurl/curl_easy_setopt.md index 430c3c14ab..49c57fb11f 100644 --- a/docs/libcurl/curl_easy_setopt.md +++ b/docs/libcurl/curl_easy_setopt.md @@ -686,6 +686,10 @@ Port number to connect to. See CURLOPT_PORT(3) Make an HTTP POST. See CURLOPT_POST(3) +## CURLOPT_POSTFIELDS + +Send a POST with this data - does not copy it. See CURLOPT_POSTFIELDS(3) + ## CURLOPT_POSTFIELDSIZE The POST data is this big. See CURLOPT_POSTFIELDSIZE(3) diff --git a/tests/test1139.pl b/tests/test1139.pl index cabb893d69..cebf58ccf2 100755 --- a/tests/test1139.pl +++ b/tests/test1139.pl @@ -90,7 +90,7 @@ sub scanmdpage { } } foreach my $m (@words) { - my @g = grep(/$m/, @m); + my @g = grep(/$m\b/, @m); if(!$g[0]) { print STDERR "Missing mention of $m in $file\n"; $errors++; From b5cdfcf8e2d460a6ef11a2ca6e09e228d5741b9b Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 20 Oct 2025 08:53:49 +0200 Subject: [PATCH 0531/2408] RELEASE-NOTES: synced --- RELEASE-NOTES | 70 ++++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 61 insertions(+), 9 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 740cfc9df2..d583733305 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -66,6 +66,8 @@ This release includes the following bugfixes: o cmake: clang detection tidy-ups [116] o cmake: drop exclamation in comment looking like a name [160] o cmake: fix building docs when the base directory contains .3 [18] + o cmake: fix Linux pre-fill `HAVE_POSIX_STRERROR_R` (when `_CURL_PREFILL=ON`) + o cmake: fix Linux pre-fills for non-glibc (when `_CURL_PREFILL=ON`) [372] o cmake: minor Heimdal flavour detection fix [269] o cmake: pre-fill three more type sizes on Windows [244] o cmake: support building some complicated examples, build them in CI [235] @@ -80,8 +82,10 @@ This release includes the following bugfixes: o cpool: make bundle->dest an array; fix UB [218] o curl.h: remove incorrect comment about CURLOPT_PINNEDPUBLICKEY [320] o curl_easy_getinfo: error code on NULL arg [2] + o curl_easy_setopt.md: add missing CURLOPT_POSTFIELDS [319] o curl_mem_undef.h: limit to CURLDEBUG for non-memalloc overrides [19] o curl_osslq: error out properly if BIO_ADDR_rawmake() fails [184] + o curl_path: make sure just whitespace is illegal [351] o Curl_resolv: fix comment. 'entry' argument is not optional [187] o curl_slist_append.md: clarify that a NULL pointer is not acceptable [72] o curl_threads: delete WinCE fallback branch [233] @@ -101,6 +105,7 @@ This release includes the following bugfixes: o docs: fix/tidy code fences [87] o doswin: CloseHandle the thread on shutdown [307] o easy_getinfo: check magic, Curl_close safety [3] + o examples/chkspeed: portable printing when outputting curl_off_t values [365] o examples/sessioninfo: cast printf string mask length to int [232] o examples/sessioninfo: do not disable security [255] o examples/synctime: fix null termination assumptions [297] @@ -115,6 +120,7 @@ This release includes the following bugfixes: o examples: fix two issues found by CodeQL [35] o examples: fix two more cases of stat() TOCTOU [147] o examples: improve global init, error checks and returning errors [321] + o examples: replace casts with `curl_off_t` printf masks [358] o examples: return curl_easy_perform() results [322] o firefox-db2pem.sh: add macOS support, tidy-ups [348] o form.md: drop reference to MANUAL [178] @@ -152,10 +158,12 @@ This release includes the following bugfixes: o krb5_sspi: the chlg argument is NOT optional [200] o ldap: avoid null ptr deref on failure [284] o ldap: do not base64 encode zero length string [42] + o ldap: do not pass a \n to failf() [370] o ldap: tidy-up types, fix error code confusion [191] o lib1514: fix return code mixup [304] o lib: drop unused include and duplicate guards [226] o lib: fix build error with verbose strings disabled [173] + o lib: remove newlines from failf() calls [366] o lib: remove personal names from comments [168] o lib: SSL connection reuse [301] o lib: stop NULL-checking conn->passwd and ->user [309] @@ -184,6 +192,7 @@ This release includes the following bugfixes: o libssh: make atime and mtime cap the timestamp instead of wrap [283] o libssh: react on errors from ssh_scp_read [24] o libssh: return out of memory correctly if aprintf fails [60] + o libssh: return the proper error for readdir problems [355] o Makefile.example: fix option order [231] o Makefile.example: simplify and make it configurable [20] o managen: ignore version mentions < 7.66.0 [55] @@ -200,6 +209,7 @@ This release includes the following bugfixes: o multi_ev: remove unnecessary data check that confuses analysers [167] o nghttp3: return NGHTTP3_ERR_CALLBACK_FAILURE from recv_header [227] o ngtcp2: add a comment explaining write result handling [340] + o ngtcp2: adopt ngtcp2_conn_get_stream_user_data if available [362] o ngtcp2: check error code on connect failure [13] o ngtcp2: close just-opened QUIC stream when submit_request fails [222] o ngtcp2: compare idle timeout in ms to avoid overflow [248] @@ -210,6 +220,7 @@ This release includes the following bugfixes: o openldap: avoid indexing the result at -1 for blank responses [44] o openldap: check ber_sockbuf_add_io() return code [163] o openldap: check ldap_get_option() return codes [119] + o openldap: do not pass newline to infof() [368] o openldap: fix memory-leak in error path [287] o openldap: fix memory-leak on oldap_do's exit path [286] o openldap: limit max incoming size [347] @@ -223,6 +234,9 @@ This release includes the following bugfixes: o openssl: fail the transfer if ossl_certchain() fails [23] o openssl: fix build for v1.0.2 [225] o openssl: fix peer certificate leak in channel binding [258] + o openssl: fix resource leak in provider error path [376] + o openssl: fix unable do typo in failf() calls [341] + o openssl: free UI_METHOD on exit path [373] o openssl: make the asn1_object_dump name null terminated [56] o openssl: set io_need always [99] o openssl: skip session resumption when verifystatus is set [230] @@ -241,6 +255,7 @@ This release includes the following bugfixes: o quiche: handle tls fail correctly [266] o quiche: when ingress processing fails, return that error code [103] o runtests: tag tests that require curl verbose strings [172] + o rustls: exit on error [335] o rustls: fix clang-tidy warning [107] o rustls: fix comment describing cr_recv() [117] o rustls: limit snprintf proper in cr_keylog_log_cb() [343] @@ -250,6 +265,8 @@ This release includes the following bugfixes: o rustls: use %zu for size_t in failf() format string [121] o sasl: clear canceled mechanism instead of toggling it [41] o schannel: assign result before using it [62] + o schannel: fix memory leak [363] + o schannel_verify: do not call infof with an appended \n [371] o schannel_verify: fix mem-leak in Curl_verify_host [208] o schannel_verify: use more human friendly error messages [96] o scripts: pass -- before passing xargs [349] @@ -260,7 +277,9 @@ This release includes the following bugfixes: o smb: adjust buffer size checks [45] o smb: transfer debugassert to real check [303] o smtp: check EHLO responses case insensitively [50] + o smtp: return value ignored [357] o socks: advance iobuf instead of reset [276] + o socks: avoid UAF risk in error path [359] o socks: deny server basic-auth if not configured [264] o socks: handle error in verbose trace gracefully [94] o socks: handle premature close [246] @@ -276,6 +295,7 @@ This release includes the following bugfixes: o socks_sspi: restore non-blocking socket on error paths [48] o socks_sspi: use the correct free function [331] o socksd: remove --bindonly mention, there is no such option [305] + o src/var: remove dead code [369] o ssl-sessions.md: mark option experimental [12] o strerror: drop workaround for SalfordC win32 header bug [214] o sws: fix checking sscanf() return value [17] @@ -302,9 +322,9 @@ This release includes the following bugfixes: o tftp: return error if it hits an illegal state [138] o tftp: return error when sendto() fails [59] o thread: errno on thread creation [271] - o tidy-up: fcntl.h includes [98] o tidy-up: assortment of small fixes [115] o tidy-up: avoid using the reserved macro namespace [76] + o tidy-up: fcntl.h includes [98] o tidy-up: update MS links, allow long URLs via checksrc [73] o tidy-up: URLs [101] o time-cond.md: refer to the singular curl_getdate man page [148] @@ -313,8 +333,11 @@ This release includes the following bugfixes: o tool: fix exponential retry delay [47] o tool_cb_hdr: fix fwrite check in header callback [49] o tool_cb_hdr: size is always 1 [70] + o tool_cb_rea: use poll instead of select if available [329] o tool_doswin: fix to use curl socket functions [108] + o tool_filetime: cap crazy filetimes instead of erroring [327] o tool_filetime: replace cast with the fitting printf mask (Windows) [212] + o tool_formparse: rewrite the headers file parser [374] o tool_getparam/set_rate: skip the multiplication on overflow [84] o tool_getparam: always disable "lib-ids" for tracing [169] o tool_getparam: make --fail and --fail-with-body override each other [293] @@ -325,6 +348,8 @@ This release includes the following bugfixes: o tool_operate: keep failed partial download for retry auto-resume [210] o tool_operate: keep the progress meter for --out-null [33] o tool_operate: retry on HTTP response codes 522 and 524 [317] + o tool_operate: return error on strdup() failure [336] + o tool_paramhlp: remove outdated comment in str2tls_max() [367] o tool_progress: handle possible integer overflows [164] o tool_progress: make max5data() use an algorithm [170] o transfer: avoid busy loop with tiny speed limit [100] @@ -348,6 +373,7 @@ This release includes the following bugfixes: o windows: use consistent format when showing error codes [199] o windows: use native error code types more [206] o wolfssl: check BIO read parameters [133] + o wolfssl: clear variable to avoid uninitialized use [361] o wolfssl: fix error check in shutdown [105] o wolfssl: fix resource leak in verify_pinned error paths [314] o wolfssl: no double get_error() detail [188] @@ -383,14 +409,15 @@ advice from friends like these: Dan Fandrich, Daniel Stenberg, Daniel Terhorst-North, dependabot[bot], divinity76 on github, Emilio Pozuelo Monfort, Emre Çalışkan, Ethan Everett, Evgeny Grin (Karlson2k), fds242 on github, Harry Sintonen, Howard Chu, - Ignat Loskutov, Javier Blazquez, Jicea, jmaggard10 on github, - Johannes Schindelin, Joseph Birr-Pixton, Joshua Rogers, kapsiR on github, - kuchara on github, Marcel Raad, Michael Osipov, Michał Petryka, - Mitchell Blank Jr, Mohamed Daahir, Nir Azkiel, Patrick Monnerat, - plv1313 on github, Pocs Norbert, Ray Satiro, renovate[bot], - rinsuki on github, Sakthi SK, Samuel Dionne-Riel, Samuel Henrique, - Stanislav Fort, Stefan Eissing, tkzv on github, Viktor Szakats - (48 contributors) + Ignat Loskutov, James Fuller, Javier Blazquez, Jicea, jmaggard10 on github, + Jochen Sprickerhof, Johannes Schindelin, Jonathan Cardoso Machado, + Joseph Birr-Pixton, Joshua Rogers, kapsiR on github, kuchara on github, + Marcel Raad, Michael Osipov, Michał Petryka, Mitchell Blank Jr, + Mohamed Daahir, Nir Azkiel, Patrick Monnerat, plv1313 on github, + Pocs Norbert, Ray Satiro, renovate[bot], rinsuki on github, Sakthi SK, + Samuel Dionne-Riel, Samuel Henrique, Stanislav Fort, Stefan Eissing, + Tatsuhiro Tsujikawa, tkzv on github, Viktor Szakats, Yedaya Katsman + (53 contributors) References to bug reports and discussions on issues: @@ -712,6 +739,7 @@ References to bug reports and discussions on issues: [316] = https://curl.se/bug/?i=19017 [317] = https://curl.se/bug/?i=16143 [318] = https://curl.se/bug/?i=19055 + [319] = https://curl.se/bug/?i=19151 [320] = https://curl.se/mail/lib-2025-10/0018.html [321] = https://curl.se/bug/?i=19053 [322] = https://curl.se/bug/?i=19052 @@ -719,14 +747,19 @@ References to bug reports and discussions on issues: [324] = https://curl.se/bug/?i=19048 [325] = https://curl.se/bug/?i=19106 [326] = https://curl.se/bug/?i=19064 + [327] = https://curl.se/bug/?i=19147 [328] = https://curl.se/bug/?i=19104 + [329] = https://curl.se/bug/?i=19143 [330] = https://curl.se/bug/?i=19101 [331] = https://curl.se/bug/?i=19046 [332] = https://curl.se/bug/?i=19102 [334] = https://curl.se/bug/?i=19100 + [335] = https://curl.se/bug/?i=19125 + [336] = https://curl.se/bug/?i=19145 [337] = https://curl.se/bug/?i=19097 [339] = https://curl.se/bug/?i=19091 [340] = https://curl.se/bug/?i=19093 + [341] = https://curl.se/bug/?i=19149 [342] = https://curl.se/bug/?i=19094 [343] = https://curl.se/bug/?i=19095 [344] = https://curl.se/bug/?i=19077 @@ -735,5 +768,24 @@ References to bug reports and discussions on issues: [347] = https://issues.oss-fuzz.com/issues/432441303 [348] = https://curl.se/bug/?i=19086 [349] = https://curl.se/bug/?i=19076 + [351] = https://curl.se/bug/?i=19141 [353] = https://curl.se/bug/?i=19073 [354] = https://curl.se/bug/?i=19078 + [355] = https://curl.se/bug/?i=19135 + [357] = https://curl.se/bug/?i=19136 + [358] = https://curl.se/bug/?i=19133 + [359] = https://curl.se/bug/?i=19139 + [361] = https://curl.se/bug/?i=19126 + [362] = https://curl.se/bug/?i=19132 + [363] = https://curl.se/bug/?i=19118 + [365] = https://curl.se/bug/?i=19112 + [366] = https://curl.se/bug/?i=19124 + [367] = https://curl.se/bug/?i=19115 + [368] = https://curl.se/bug/?i=19120 + [369] = https://curl.se/bug/?i=19119 + [370] = https://curl.se/bug/?i=19122 + [371] = https://curl.se/bug/?i=19123 + [372] = https://curl.se/bug/?i=19116 + [373] = https://curl.se/bug/?i=19114 + [374] = https://curl.se/bug/?i=19113 + [376] = https://curl.se/bug/?i=19111 From f21d70e76c1c66cb2f59886e8ad52bffe1d66ed9 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 20 Oct 2025 08:47:43 +0200 Subject: [PATCH 0532/2408] HTTP3: clarify the status for "old" OpenSSL, not current Closes #19153 --- docs/HTTP3.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/docs/HTTP3.md b/docs/HTTP3.md index 2047d4ad2e..b3ddcbaaf8 100644 --- a/docs/HTTP3.md +++ b/docs/HTTP3.md @@ -93,8 +93,9 @@ Build curl: ## Build with quictls -OpenSSL does not offer the required APIs for building a QUIC client. You need -to use a TLS library that has such APIs and that works with *ngtcp2*. +OpenSSL before version 3.5 does not offer the required APIs for building a +QUIC client. You need to use a TLS library that has such APIs and that works +with *ngtcp2*. Build quictls (any `+quic` tagged version works): From cbd7823fd163c20e6b010977972dc7f7f180c709 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 20 Oct 2025 09:09:50 +0200 Subject: [PATCH 0533/2408] RELEASE-NOTES: fix typo --- RELEASE-NOTES | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index d583733305..0091217686 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -335,7 +335,7 @@ This release includes the following bugfixes: o tool_cb_hdr: size is always 1 [70] o tool_cb_rea: use poll instead of select if available [329] o tool_doswin: fix to use curl socket functions [108] - o tool_filetime: cap crazy filetimes instead of erroring [327] + o tool_filetime: cap crazy file times instead of erroring [327] o tool_filetime: replace cast with the fitting printf mask (Windows) [212] o tool_formparse: rewrite the headers file parser [374] o tool_getparam/set_rate: skip the multiplication on overflow [84] From 9596c4a2587a9e512ea46fbd7b6fc1ecb878590f Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 19 Oct 2025 10:59:38 +0200 Subject: [PATCH 0534/2408] http: return error for a second Location: header Unless it is identical to the previous one. Follow-up to dbcaa0065719acc0383 Adjusted test 580, added test 772 and 773 Fixes #19130 Reported-by: Jakub Stasiak Closes #19134 --- lib/http.c | 42 ++++++++++++++++++++-------------- tests/data/Makefile.am | 2 +- tests/data/test580 | 11 +++++++++ tests/data/test772 | 52 ++++++++++++++++++++++++++++++++++++++++++ tests/data/test773 | 49 +++++++++++++++++++++++++++++++++++++++ 5 files changed, 138 insertions(+), 18 deletions(-) create mode 100644 tests/data/test772 create mode 100644 tests/data/test773 diff --git a/lib/http.c b/lib/http.c index db37995a12..2d5da2e0e1 100644 --- a/lib/http.c +++ b/lib/http.c @@ -3265,9 +3265,7 @@ static CURLcode http_header_l(struct Curl_easy *data, data->info.filetime = k->timeofdoc; return CURLE_OK; } - if((k->httpcode >= 300 && k->httpcode < 400) && - HD_IS(hd, hdlen, "Location:") && - !data->req.location) { + if(HD_IS(hd, hdlen, "Location:")) { /* this is the URL that the server advises us to use instead */ char *location = Curl_copy_header_value(hd); if(!location) @@ -3276,23 +3274,33 @@ static CURLcode http_header_l(struct Curl_easy *data, /* ignore empty data */ free(location); else { - data->req.location = location; + if(data->req.location && + strcmp(data->req.location, location)) { + failf(data, "Multiple Location headers"); + free(location); + return CURLE_WEIRD_SERVER_REPLY; + } + else { + free(data->req.location); + data->req.location = location; - if(data->set.http_follow_mode) { - CURLcode result; - DEBUGASSERT(!data->req.newurl); - data->req.newurl = strdup(data->req.location); /* clone */ - if(!data->req.newurl) - return CURLE_OUT_OF_MEMORY; + if((k->httpcode >= 300 && k->httpcode < 400) && + data->set.http_follow_mode) { + CURLcode result; + DEBUGASSERT(!data->req.newurl); + data->req.newurl = strdup(data->req.location); /* clone */ + if(!data->req.newurl) + return CURLE_OUT_OF_MEMORY; - /* some cases of POST and PUT etc needs to rewind the data - stream at this point */ - result = http_perhapsrewind(data, conn); - if(result) - return result; + /* some cases of POST and PUT etc needs to rewind the data + stream at this point */ + result = http_perhapsrewind(data, conn); + if(result) + return result; - /* mark the next request as a followed location: */ - data->state.this_is_a_follow = TRUE; + /* mark the next request as a followed location: */ + data->state.this_is_a_follow = TRUE; + } } } } diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am index 99c287507f..9984e92839 100644 --- a/tests/data/Makefile.am +++ b/tests/data/Makefile.am @@ -110,7 +110,7 @@ test736 test737 test738 test739 test740 test741 test742 test743 test744 \ test745 test746 test747 test748 test749 test750 test751 test752 test753 \ test754 test755 test756 test757 test758 test759 test760 test761 test762 \ test763 test764 test765 test766 test767 test768 test769 test770 test771 \ -\ +test772 test773 \ test780 test781 test782 test783 test784 test785 test786 test787 test788 \ test789 test790 test791 test792 test793 test794 test796 test797 \ \ diff --git a/tests/data/test580 b/tests/data/test580 index 63cd0ca0de..c7f4bcfcd7 100644 --- a/tests/data/test580 +++ b/tests/data/test580 @@ -20,6 +20,14 @@ Connection: close Location: and there's a second one too! / moo.html + +HTTP/1.1 302 eat this! +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Location: this-is-the-first.html +Content-Length: 0 +Connection: close + # Client-side @@ -51,5 +59,8 @@ Host: %HOSTIP:%HTTPPORT Accept: */* + +8 + diff --git a/tests/data/test772 b/tests/data/test772 new file mode 100644 index 0000000000..f3b1d954e8 --- /dev/null +++ b/tests/data/test772 @@ -0,0 +1,52 @@ + + + +HTTP +HTTP GET +Location + + + +# +# Server-side + + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 0 +Connection: close +Location: this +Location: that + + + + +# +# Client-side + + +http + + +HTTP with two Location: headers triggers error + + +http://%HOSTIP:%HTTPPORT/%TESTNUMBER + + + +# +# Verify data after the test has been "shot" + + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + + + +8 + + + diff --git a/tests/data/test773 b/tests/data/test773 new file mode 100644 index 0000000000..42d28dadd3 --- /dev/null +++ b/tests/data/test773 @@ -0,0 +1,49 @@ + + + +HTTP +HTTP GET +Location + + + +# +# Server-side + + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 0 +Connection: close +Location: this +Location: this + + + + +# +# Client-side + + +http + + +HTTP with two identical Location: headers triggers no error + + +http://%HOSTIP:%HTTPPORT/%TESTNUMBER + + + +# +# Verify data after the test has been "shot" + + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + + + + From 104299195e1676488f3c156a24b134fb33cf6e06 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 20 Oct 2025 09:12:09 +0200 Subject: [PATCH 0535/2408] curl_get_line: the final return cannot be reached Follow-up to 769ccb4d4261a75c8a4236f Pointed out by CodeSonar Closes #19154 --- lib/curl_get_line.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/curl_get_line.c b/lib/curl_get_line.c index b1b4021221..d5ab7b8427 100644 --- a/lib/curl_get_line.c +++ b/lib/curl_get_line.c @@ -68,7 +68,7 @@ CURLcode Curl_get_line(struct dynbuf *buf, FILE *input, bool *eof) return appendnl(buf); /* otherwise get next line to append */ } - return CURLE_FAILED_INIT; + /* UNREACHABLE */ } #endif /* if not disabled */ From d2af9c9a08340487a699e4d1949637f777415535 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 20 Oct 2025 10:02:33 +0200 Subject: [PATCH 0536/2408] INSTALL.md: add another OS (Azure Sphere) Closes #19155 --- docs/INSTALL.md | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/docs/INSTALL.md b/docs/INSTALL.md index 0fe724390c..dfbc1eebfd 100644 --- a/docs/INSTALL.md +++ b/docs/INSTALL.md @@ -650,22 +650,22 @@ This is a probably incomplete list of known CPU architectures and operating systems that curl has been compiled for. If you know a system curl compiles and runs on, that is not listed, please let us know. -## 108 Operating Systems +## 109 Operating Systems - AIX, AmigaOS, Android, ArcaOS, Aros, Atari FreeMiNT, BeOS, Blackberry 10, - Blackberry Tablet OS, Cell OS, Cesium, CheriBSD, Chrome OS, Cisco IOS, - DG/UX, DR DOS, Dragonfly BSD, eCOS, FreeBSD, FreeDOS, FreeRTOS, Fuchsia, - Garmin OS, Genode, Haiku, HardenedBSD, HP-UX, Hurd, IBM I, illumos, - Integrity, iOS, ipadOS, IRIX, KasperskyOS, Linux, Lua RTOS, Mac OS 9, - macOS, Maemo, Mbed, Meego, Micrium, MINIX, Minoca, Moblin, MorphOS, - MPE/iX, MS-DOS, NCR MP-RAS, NetBSD, Netware, NextStep, Nintendo 3DS, - Nintendo Switch, NonStop OS, NuttX, OpenBSD, OpenStep, Orbis OS, OS/2, - OS21, PikeOS, Plan 9, PlayStation Portable, QNX, Qubes OS, ReactOS, Redox, - RISC OS, ROS, RTEMS, Sailfish OS, SCO Unix, Serenity, SINIX-Z, SkyOS, - SmartOS, Solaris, Sortix, SunOS, Syllable OS, Symbian, Tizen, TPF, Tru64, - tvOS, ucLinux, Ultrix, UNICOS, UnixWare, visionOS, VMS, vxWorks, watchOS, - Wear OS, WebOS, Wii System Software, Wii U, Windows, Windows CE, - Xbox System, Xenix, z/OS, z/TPF, z/VM, z/VSE, Zephyr + AIX, AmigaOS, Android, ArcaOS, Aros, Atari FreeMiNT, Azure Sphere, BeOS, + Blackberry 10, Blackberry Tablet OS, Cell OS, Cesium, CheriBSD, Chrome OS, + Cisco IOS, DG/UX, DR DOS, Dragonfly BSD, eCOS, FreeBSD, FreeDOS, FreeRTOS, + Fuchsia, Garmin OS, Genode, Haiku, HardenedBSD, HP-UX, Hurd, IBM I, + illumos, Integrity, iOS, ipadOS, IRIX, KasperskyOS, Linux, Lua RTOS, + Mac OS 9, macOS, Maemo, Mbed, Meego, Micrium, MINIX, Minoca, Moblin, + MorphOS, MPE/iX, MS-DOS, NCR MP-RAS, NetBSD, Netware, NextStep, + Nintendo 3DS, Nintendo Switch, NonStop OS, NuttX, OpenBSD, OpenStep, + Orbis OS, OS/2, OS21, PikeOS, Plan 9, PlayStation Portable, QNX, Qubes OS, + ReactOS, Redox, RISC OS, ROS, RTEMS, Sailfish OS, SCO Unix, Serenity, + SINIX-Z, SkyOS, SmartOS, Solaris, Sortix, SunOS, Syllable OS, Symbian, + Tizen, TPF, Tru64, tvOS, ucLinux, Ultrix, UNICOS, UnixWare, visionOS, VMS, + vxWorks, watchOS, Wear OS, WebOS, Wii System Software, Wii U, Windows, + Windows CE, Xbox System, Xenix, z/OS, z/TPF, z/VM, z/VSE, Zephyr ## 28 CPU Architectures From 1876ed6296c8b07ad82310e4838f6036b2421315 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 19 Oct 2025 11:38:30 +0200 Subject: [PATCH 0537/2408] cf-socket: make set_local_ip void, and remove failf() No callers of this function checked the return code, meaning failures are not lethal == using failf was wrong, and it can just as well return void. Closes #19137 --- lib/cf-socket.c | 19 ++++++++----------- 1 file changed, 8 insertions(+), 11 deletions(-) diff --git a/lib/cf-socket.c b/lib/cf-socket.c index 40df786baf..4a6bdb6244 100644 --- a/lib/cf-socket.c +++ b/lib/cf-socket.c @@ -1042,10 +1042,12 @@ static void cf_socket_destroy(struct Curl_cfilter *cf, struct Curl_easy *data) cf->ctx = NULL; } -static CURLcode set_local_ip(struct Curl_cfilter *cf, - struct Curl_easy *data) +static void set_local_ip(struct Curl_cfilter *cf, + struct Curl_easy *data) { struct cf_socket_ctx *ctx = cf->ctx; + ctx->ip.local_ip[0] = 0; + ctx->ip.local_port = -1; #ifdef HAVE_GETSOCKNAME if((ctx->sock != CURL_SOCKET_BAD) && @@ -1059,23 +1061,18 @@ static CURLcode set_local_ip(struct Curl_cfilter *cf, memset(&ssloc, 0, sizeof(ssloc)); if(getsockname(ctx->sock, (struct sockaddr*) &ssloc, &slen)) { int error = SOCKERRNO; - failf(data, "getsockname() failed with errno %d: %s", + infof(data, "getsockname() failed with errno %d: %s", error, curlx_strerror(error, buffer, sizeof(buffer))); - return CURLE_FAILED_INIT; } - if(!Curl_addr2string((struct sockaddr*)&ssloc, slen, - ctx->ip.local_ip, &ctx->ip.local_port)) { - failf(data, "ssloc inet_ntop() failed with errno %d: %s", + else if(!Curl_addr2string((struct sockaddr*)&ssloc, slen, + ctx->ip.local_ip, &ctx->ip.local_port)) { + infof(data, "ssloc inet_ntop() failed with errno %d: %s", errno, curlx_strerror(errno, buffer, sizeof(buffer))); - return CURLE_FAILED_INIT; } } #else (void)data; - ctx->ip.local_ip[0] = 0; - ctx->ip.local_port = -1; #endif - return CURLE_OK; } static CURLcode set_remote_ip(struct Curl_cfilter *cf, From 97dd1da8d014964cebf50a13b0454453a2bfd651 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 20 Oct 2025 12:57:51 +0200 Subject: [PATCH 0538/2408] Makefile.example: bump default example from FTP to HTTPS To have a chance to work out of the box, securely. (assuming a TLS backend with CA certs setup.) Closes #19160 --- docs/examples/Makefile.example | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/examples/Makefile.example b/docs/examples/Makefile.example index fbbca8a9a9..632c78dd13 100644 --- a/docs/examples/Makefile.example +++ b/docs/examples/Makefile.example @@ -22,7 +22,7 @@ # ########################################################################### -SRC ?= ftpget.c +SRC ?= https.c # What to call the final executable TARGET ?= example From a041bf6ca2339ad273a8057aa3bc6605c6706fc5 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 20 Oct 2025 13:23:34 +0200 Subject: [PATCH 0539/2408] Makefile.example: make default options more likely to work - replace default libpaths with more common ones. - drop Solaris network libs. Closes #19161 --- docs/examples/Makefile.example | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/examples/Makefile.example b/docs/examples/Makefile.example index 632c78dd13..4031aa2e43 100644 --- a/docs/examples/Makefile.example +++ b/docs/examples/Makefile.example @@ -36,12 +36,12 @@ CFLAGS ?= -g # This should point to a directory that holds libcurl, if it is not in the # system's standard lib dir # We also set a -L to include the directory where we have the OpenSSL libraries -LDFLAGS ?= -L/home/dast/lib -L/usr/local/ssl/lib +LDFLAGS ?= -L/usr/lib -L/usr/local/lib # We need -lsocket and -lnsl when on Solaris # We need -lssl and -lcrypto when using libcurl with TLS support # We need -lpthread for the pthread example -LIBS ?= -lsocket -lnsl -lssl -lcrypto +LIBS ?= -lssl -lcrypto # We need -lcurl for the curl stuff LIBS := -lcurl $(LIBS) From ccec2fae1bb4a41c5215b59dfdd90583bc19a572 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 20 Oct 2025 14:02:06 +0200 Subject: [PATCH 0540/2408] GHA/curl-for-win: drop libssh Switch back to default libssh2. The distribution server has reliability issues (this time it works locally though): ``` ++ curl [...] --output pkg.bin https://www.libssh.org/files/0.11/libssh-0.11.3.tar.xz --output pkg.sig https://www.libssh.org/files/0.11/libssh-0.11.3.tar.xz.asc curl: (92) HTTP/2 stream 1 was not closed cleanly: INTERNAL_ERROR (err 2) [4x] ``` Ref: https://github.com/curl/curl/actions/runs/18651134321/job/53169147048#step:3:2391 There is also no official mirror that I know of. Ref: af8e1aa4b06e9dc78a559b485348e5464bd5cff5 #18257 Closes #19162 --- .github/workflows/curl-for-win.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/curl-for-win.yml b/.github/workflows/curl-for-win.yml index 0873885787..a068f773d5 100644 --- a/.github/workflows/curl-for-win.yml +++ b/.github/workflows/curl-for-win.yml @@ -172,8 +172,8 @@ jobs: "${OCI_IMAGE_DEBIAN}" \ sh -c ./_ci-linux-debian.sh - win-gcc-libssh-zlibold-x64: - name: 'Windows gcc libssh zlib-classic (x64)' + win-gcc-zlibold-x64: + name: 'Windows gcc zlib-classic (x64)' runs-on: ubuntu-latest timeout-minutes: 10 steps: @@ -186,7 +186,7 @@ jobs: run: | git clone --depth 1 https://github.com/curl/curl-for-win mv curl-for-win/* . - export CW_CONFIG='-main-werror-unitybatch-win-x64-gcc-libssh1-zlibold' + export CW_CONFIG='-main-werror-unitybatch-win-x64-gcc-zlibold' export CW_REVISION="${GITHUB_SHA}" . ./_versions.sh sudo podman image trust set --type reject default From e7818999dbeff5acb00c032860d2259a1c5f9c5b Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 10 Oct 2025 17:44:25 +0200 Subject: [PATCH 0541/2408] socks_gssapi: replace `gss_release_buffer()` with curl free for buffers owned by libcurl Before this patch, this code used to call `gss_release_buffer()` on objects with buffers allocated via curl's allocator. `gss_release_buffer()` calls system (or Win32) free on these buffers, which may mismatch with curl's allocator. To fix it, align these calls with the pattern used in vauth modules, by replacing `gss_release_buffer()` with curl free to release the buffers. Use `Curl_safefree()` to set the freed pointer to NULL, as `gss_release_buffer()` did. Also: use object length var when allocating. Reported-by: Joshua Rogers Closes #19018 --- lib/socks_gssapi.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/lib/socks_gssapi.c b/lib/socks_gssapi.c index 5ad93441a8..9b0b31792b 100644 --- a/lib/socks_gssapi.c +++ b/lib/socks_gssapi.c @@ -166,7 +166,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, GSS_C_NT_HOSTBASED_SERVICE, &server); } - gss_release_buffer(&gss_status, &service); /* clear allocated memory */ + Curl_safefree(service.value); if(check_gss_err(data, gss_major_status, gss_minor_status, "gss_import_name()")) { @@ -192,7 +192,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, &gss_ret_flags); if(gss_token != GSS_C_NO_BUFFER) - gss_release_buffer(&gss_status, &gss_recv_token); + Curl_safefree(gss_recv_token.value); if(check_gss_err(data, gss_major_status, gss_minor_status, "gss_init_sec_context") || /* the size needs to fit in a 16 bit field */ @@ -276,7 +276,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, us_length = ntohs(us_length); gss_recv_token.length = us_length; - gss_recv_token.value = malloc(us_length); + gss_recv_token.value = malloc(gss_recv_token.length); if(!gss_recv_token.value) { failf(data, "Could not allocate memory for GSS-API authentication " @@ -292,7 +292,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, if(result || (actualread != us_length)) { failf(data, "Failed to receive GSS-API authentication token."); gss_release_name(&gss_status, &server); - gss_release_buffer(&gss_status, &gss_recv_token); + Curl_safefree(gss_recv_token.value); Curl_gss_delete_sec_context(&gss_status, &gss_context, NULL); return CURLE_COULDNT_CONNECT; } @@ -391,7 +391,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, } else { gss_send_token.length = 1; - gss_send_token.value = Curl_memdup(&gss_enc, 1); + gss_send_token.value = Curl_memdup(&gss_enc, gss_send_token.length); if(!gss_send_token.value) { Curl_gss_delete_sec_context(&gss_status, &gss_context, NULL); return CURLE_OUT_OF_MEMORY; @@ -402,13 +402,13 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, &gss_conf_state, &gss_w_token); if(check_gss_err(data, gss_major_status, gss_minor_status, "gss_wrap")) { - gss_release_buffer(&gss_status, &gss_send_token); + Curl_safefree(gss_send_token.value); gss_release_buffer(&gss_status, &gss_w_token); Curl_gss_delete_sec_context(&gss_status, &gss_context, NULL); failf(data, "Failed to wrap GSS-API encryption value into token."); return CURLE_COULDNT_CONNECT; } - gss_release_buffer(&gss_status, &gss_send_token); + Curl_safefree(gss_send_token.value); us_length = htons((unsigned short)gss_w_token.length); memcpy(socksreq + 2, &us_length, sizeof(short)); @@ -481,7 +481,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, if(result || (actualread != us_length)) { failf(data, "Failed to receive GSS-API encryption type."); - gss_release_buffer(&gss_status, &gss_recv_token); + Curl_safefree(gss_recv_token.value); Curl_gss_delete_sec_context(&gss_status, &gss_context, NULL); return CURLE_COULDNT_CONNECT; } @@ -492,13 +492,13 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, 0, GSS_C_QOP_DEFAULT); if(check_gss_err(data, gss_major_status, gss_minor_status, "gss_unwrap")) { - gss_release_buffer(&gss_status, &gss_recv_token); + Curl_safefree(gss_recv_token.value); gss_release_buffer(&gss_status, &gss_w_token); Curl_gss_delete_sec_context(&gss_status, &gss_context, NULL); failf(data, "Failed to unwrap GSS-API encryption value into token."); return CURLE_COULDNT_CONNECT; } - gss_release_buffer(&gss_status, &gss_recv_token); + Curl_safefree(gss_recv_token.value); if(gss_w_token.length != 1) { failf(data, "Invalid GSS-API encryption response length (%zu).", @@ -515,13 +515,13 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, if(gss_recv_token.length != 1) { failf(data, "Invalid GSS-API encryption response length (%zu).", gss_recv_token.length); - gss_release_buffer(&gss_status, &gss_recv_token); + Curl_safefree(gss_recv_token.value); Curl_gss_delete_sec_context(&gss_status, &gss_context, NULL); return CURLE_COULDNT_CONNECT; } memcpy(socksreq, gss_recv_token.value, gss_recv_token.length); - gss_release_buffer(&gss_status, &gss_recv_token); + Curl_safefree(gss_recv_token.value); } (void)curlx_nonblock(sock, TRUE); From 4be9db7bc8c7b604e9288f7deaec48f61bbc61e0 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Mon, 20 Oct 2025 12:17:31 +0200 Subject: [PATCH 0542/2408] http: accept duplicate location with same value When a server sends a Location: header repeat with the same location, ignore the repeats silently. Follow-up to 9596c4a2587a9e512ea46f Closes #19159 --- lib/http.c | 44 ++++++++++++++++++++++---------------------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/lib/http.c b/lib/http.c index 2d5da2e0e1..172a091668 100644 --- a/lib/http.c +++ b/lib/http.c @@ -3270,37 +3270,37 @@ static CURLcode http_header_l(struct Curl_easy *data, char *location = Curl_copy_header_value(hd); if(!location) return CURLE_OUT_OF_MEMORY; - if(!*location) - /* ignore empty data */ + if(!*location || + (data->req.location && !strcmp(data->req.location, location))) { + /* ignore empty header, or exact repeat of a previous one */ free(location); + return CURLE_OK; + } else { - if(data->req.location && - strcmp(data->req.location, location)) { + /* has value and is not an exact repeat */ + if(data->req.location) { failf(data, "Multiple Location headers"); free(location); return CURLE_WEIRD_SERVER_REPLY; } - else { - free(data->req.location); - data->req.location = location; + data->req.location = location; - if((k->httpcode >= 300 && k->httpcode < 400) && - data->set.http_follow_mode) { - CURLcode result; - DEBUGASSERT(!data->req.newurl); - data->req.newurl = strdup(data->req.location); /* clone */ - if(!data->req.newurl) - return CURLE_OUT_OF_MEMORY; + if((k->httpcode >= 300 && k->httpcode < 400) && + data->set.http_follow_mode) { + CURLcode result; + DEBUGASSERT(!data->req.newurl); + data->req.newurl = strdup(data->req.location); /* clone */ + if(!data->req.newurl) + return CURLE_OUT_OF_MEMORY; - /* some cases of POST and PUT etc needs to rewind the data - stream at this point */ - result = http_perhapsrewind(data, conn); - if(result) - return result; + /* some cases of POST and PUT etc needs to rewind the data + stream at this point */ + result = http_perhapsrewind(data, conn); + if(result) + return result; - /* mark the next request as a followed location: */ - data->state.this_is_a_follow = TRUE; - } + /* mark the next request as a followed location: */ + data->state.this_is_a_follow = TRUE; } } } From dbff3eec456d86386be4cebb89cbe4dfc21a06b6 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Mon, 20 Oct 2025 11:51:20 +0200 Subject: [PATCH 0543/2408] cf-socket: give information when unable to open socket Give ERRNO explanation in a failf() when unable to open a socket. Helps in finding out what the issue preventing your curl to work really is. Just had a wrong ulimit after a sys update. Closes #19158 --- lib/cf-socket.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/lib/cf-socket.c b/lib/cf-socket.c index 4a6bdb6244..92fe433a69 100644 --- a/lib/cf-socket.c +++ b/lib/cf-socket.c @@ -344,6 +344,8 @@ static CURLcode socket_open(struct Curl_easy *data, struct Curl_sockaddr_ex *addr, curl_socket_t *sockfd) { + char errbuf[STRERROR_LEN]; + DEBUGASSERT(data); DEBUGASSERT(data->conn); if(data->set.fopensocket) { @@ -367,13 +369,15 @@ static CURLcode socket_open(struct Curl_easy *data, *sockfd = CURL_SOCKET(addr->family, addr->socktype, addr->protocol); } - if(*sockfd == CURL_SOCKET_BAD) + if(*sockfd == CURL_SOCKET_BAD) { /* no socket, no connection */ + failf(data, "failed to open socket: %s", + curlx_strerror(SOCKERRNO, errbuf, sizeof(errbuf))); return CURLE_COULDNT_CONNECT; + } #ifdef HAVE_FCNTL if(fcntl(*sockfd, F_SETFD, FD_CLOEXEC) < 0) { - char errbuf[STRERROR_LEN]; failf(data, "fcntl set CLOEXEC: %s", curlx_strerror(SOCKERRNO, errbuf, sizeof(errbuf))); close(*sockfd); From 921ff012636c99f9f8bce946a29cb4d158621a20 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 21 Oct 2025 00:22:49 +0200 Subject: [PATCH 0544/2408] cmake: two minor tidy-ups - flatten an if tree. - fix a typo in comment. Closes #19171 --- CMake/PickyWarnings.cmake | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/CMake/PickyWarnings.cmake b/CMake/PickyWarnings.cmake index bdd226e924..d46c878d46 100644 --- a/CMake/PickyWarnings.cmake +++ b/CMake/PickyWarnings.cmake @@ -29,12 +29,10 @@ set(_picky_nocheck "") # not to pass to feature checks if(CURL_WERROR) if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.24) set(CMAKE_COMPILE_WARNING_AS_ERROR ON) - else() - if(MSVC) - list(APPEND _picky_nocheck "-WX") - else() # llvm/clang and gcc style options - list(APPEND _picky_nocheck "-Werror") - endif() + elseif(MSVC) + list(APPEND _picky_nocheck "-WX") + else() # llvm/clang and gcc-style options + list(APPEND _picky_nocheck "-Werror") endif() if((CMAKE_C_COMPILER_ID STREQUAL "GNU" AND From 1afdb65b554bf6ae601998965053efc0f1e82460 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 21 Oct 2025 00:11:00 +0200 Subject: [PATCH 0545/2408] INSTALL-CMAKE.md: fix descriptions for LDAP dependency options After introducing the local FindLDAP module, these options work the same way as with other dependencies. Follow-up to 49f2a23d509645d534cbb2e2ffbd6347fac6e59e #15273 Closes #19170 --- docs/INSTALL-CMAKE.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/INSTALL-CMAKE.md b/docs/INSTALL-CMAKE.md index e5c6b0d375..1c5fee1b0d 100644 --- a/docs/INSTALL-CMAKE.md +++ b/docs/INSTALL-CMAKE.md @@ -405,9 +405,9 @@ Details via CMake - `CARES_LIBRARY`: Path to `cares` library. - `DL_LIBRARY`: Path to `dl` library. (for Rustls) - `GSS_ROOT_DIR`: Set this variable to the root installation of GSS. (also supported as environment) -- `LDAP_LIBRARY`: Name or full path to `ldap` library. Default: `ldap` -- `LDAP_LBER_LIBRARY`: Name or full path to `lber` library. Default: `lber` -- `LDAP_INCLUDE_DIR`: Path to LDAP include directory. +- `LDAP_INCLUDE_DIR`: The LDAP include directory. +- `LDAP_LIBRARY`: Path to `ldap` library. +- `LDAP_LBER_LIBRARY`: Path to `lber` library. - `LIBGSASL_INCLUDE_DIR`: The libgsasl include directory. - `LIBGSASL_LIBRARY`: Path to `libgsasl` library. - `LIBIDN2_INCLUDE_DIR`: The libidn2 include directory. From b4f57c804573016ac7eb0a43e6af0f427a556571 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 21 Oct 2025 01:26:58 +0200 Subject: [PATCH 0546/2408] cmake: inline linter instructions To avoid it applying to all the rest of the script. Follow-up to b761eb5addb9e29b2ee0e5841633c09d1fd77704 #17576 Closes #19172 --- CMakeLists.txt | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index b6aff6ce7c..cdd580ab59 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -2013,9 +2013,8 @@ endif() # (= regenerate it). function(curl_transform_makefile_inc _input_file _output_file) file(READ ${_input_file} _makefile_inc_text) - # cmake-lint: disable=W0106 - string(REPLACE "$(top_srcdir)" "\${PROJECT_SOURCE_DIR}" _makefile_inc_text ${_makefile_inc_text}) - string(REPLACE "$(top_builddir)" "\${PROJECT_BINARY_DIR}" _makefile_inc_text ${_makefile_inc_text}) + string(REPLACE "$(top_srcdir)" "\${PROJECT_SOURCE_DIR}" _makefile_inc_text ${_makefile_inc_text}) # cmake-lint: disable=W0106 + string(REPLACE "$(top_builddir)" "\${PROJECT_BINARY_DIR}" _makefile_inc_text ${_makefile_inc_text}) # cmake-lint: disable=W0106 string(REGEX REPLACE "\\\\\n" "!^!^!" _makefile_inc_text ${_makefile_inc_text}) string(REGEX REPLACE "([a-zA-Z_][a-zA-Z0-9_]*)[\t ]*=[\t ]*([^\n]*)" "set(\\1 \\2)" _makefile_inc_text ${_makefile_inc_text}) From 9e198618dea14231488005b53c7800d4e80e2dce Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 20 Oct 2025 22:46:56 +0200 Subject: [PATCH 0547/2408] tool_parsecfg: detect and error on recursive --config use The config file parser now has a maximum level of inclusions allowed (5) to detect and prevent recursive inclusions of itself leading to badness. Bonus: clean up return code handling from the config parser. Test 774 verifies Closes #19168 --- src/tool_getparam.c | 23 +++++++++++++++-------- src/tool_getparam.h | 5 +++-- src/tool_helpers.c | 2 -- src/tool_operate.c | 2 +- src/tool_parsecfg.c | 37 ++++++++++++++++++++++--------------- src/tool_parsecfg.h | 4 +++- tests/data/Makefile.am | 2 +- tests/data/test2080 | 2 +- tests/data/test462 | 2 +- tests/data/test774 | 25 +++++++++++++++++++++++++ 10 files changed, 72 insertions(+), 32 deletions(-) create mode 100644 tests/data/test774 diff --git a/src/tool_getparam.c b/src/tool_getparam.c index 0cff5b558d..5624d3cd76 100644 --- a/src/tool_getparam.c +++ b/src/tool_getparam.c @@ -2167,7 +2167,8 @@ static ParameterError opt_bool(struct OperationConfig *config, /* opt_file handles file options */ static ParameterError opt_file(struct OperationConfig *config, const struct LongShort *a, - const char *nextarg) + const char *nextarg, + int max_recursive) { ParameterError err = PARAM_OK; if((nextarg[0] == '-') && nextarg[1]) { @@ -2189,9 +2190,13 @@ static ParameterError opt_file(struct OperationConfig *config, GetFileAndPassword(nextarg, &config->cert, &config->key_passwd); break; case C_CONFIG: /* --config */ - if(parseconfig(nextarg)) { - errorf("cannot read config from '%s'", nextarg); - err = PARAM_READ_ERROR; + if(--max_recursive < 0) { + errorf("Max config file recursion level reached (%u)", + CONFIG_MAX_LEVELS); + err = PARAM_BAD_USE; + } + else { + err = parseconfig(nextarg, max_recursive); } break; case C_CRLFILE: /* --crlfile */ @@ -2831,7 +2836,8 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */ const char *nextarg, /* NULL if unset */ bool *usedarg, /* set to TRUE if the arg has been used */ - struct OperationConfig *config) + struct OperationConfig *config, + int max_recursive) { const char *parse = NULL; bool longopt = FALSE; @@ -2962,7 +2968,7 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */ "Maybe ASCII was intended?", nextarg); } if(ARGTYPE(a->desc) == ARG_FILE) - err = opt_file(config, a, nextarg); + err = opt_file(config, a, nextarg, max_recursive); else /* if(ARGTYPE(a->desc) == ARG_STRG) */ err = opt_string(config, a, nextarg); if(a->desc & ARG_CLEAR) @@ -3020,7 +3026,8 @@ ParameterError parse_args(int argc, argv_item_t argv[]) } } - result = getparameter(orig_opt, nextarg, &passarg, config); + result = getparameter(orig_opt, nextarg, &passarg, config, + CONFIG_MAX_LEVELS); unicodefree(nextarg); config = global->last; @@ -3056,7 +3063,7 @@ ParameterError parse_args(int argc, argv_item_t argv[]) bool used; /* Just add the URL please */ - result = getparameter("--url", orig_opt, &used, config); + result = getparameter("--url", orig_opt, &used, config, 0); } if(!result) { diff --git a/src/tool_getparam.h b/src/tool_getparam.h index 6b97b9c11f..6b37cc50eb 100644 --- a/src/tool_getparam.h +++ b/src/tool_getparam.h @@ -335,7 +335,6 @@ struct LongShort { typedef enum { PARAM_OK = 0, - PARAM_OPTION_AMBIGUOUS, PARAM_OPTION_UNKNOWN, PARAM_REQUIRES_PARAMETER, PARAM_BAD_USE, @@ -358,6 +357,7 @@ typedef enum { PARAM_EXPAND_ERROR, /* --expand problem */ PARAM_BLANK_STRING, PARAM_VAR_SYNTAX, /* --variable syntax error */ + PARAM_RECURSION, PARAM_LAST } ParameterError; @@ -368,7 +368,8 @@ const struct LongShort *findshortopt(char letter); ParameterError getparameter(const char *flag, const char *nextarg, bool *usedarg, - struct OperationConfig *config); + struct OperationConfig *config, + int max_recursive); #ifdef UNITTESTS void parse_cert_parameter(const char *cert_parameter, diff --git a/src/tool_helpers.c b/src/tool_helpers.c index fbf3f1c932..b36bd4af1d 100644 --- a/src/tool_helpers.c +++ b/src/tool_helpers.c @@ -40,8 +40,6 @@ const char *param2text(ParameterError error) return "had unsupported trailing garbage"; case PARAM_OPTION_UNKNOWN: return "is unknown"; - case PARAM_OPTION_AMBIGUOUS: - return "is ambiguous"; case PARAM_REQUIRES_PARAMETER: return "requires parameter"; case PARAM_BAD_USE: diff --git a/src/tool_operate.c b/src/tool_operate.c index 0c03114d40..1c00351729 100644 --- a/src/tool_operate.c +++ b/src/tool_operate.c @@ -2221,7 +2221,7 @@ CURLcode operate(int argc, argv_item_t argv[]) if((argc == 1) || (first_arg && strncmp(first_arg, "-q", 2) && strcmp(first_arg, "--disable"))) { - parseconfig(NULL); /* ignore possible failure */ + parseconfig(NULL, CONFIG_MAX_LEVELS); /* ignore possible failure */ /* If we had no arguments then make sure a url was specified in .curlrc */ if((argc < 2) && (!global->first->url_list)) { diff --git a/src/tool_parsecfg.c b/src/tool_parsecfg.c index 5cf3527ce2..03f9930c5d 100644 --- a/src/tool_parsecfg.c +++ b/src/tool_parsecfg.c @@ -81,11 +81,11 @@ static int unslashquote(const char *line, struct dynbuf *param) #define MAX_CONFIG_LINE_LENGTH (10*1024*1024) /* return 0 on everything-is-fine, and non-zero otherwise */ -int parseconfig(const char *filename) +ParameterError parseconfig(const char *filename, int max_recursive) { FILE *file = NULL; bool usedarg = FALSE; - int rc = 0; + ParameterError err = PARAM_OK; struct OperationConfig *config = global->last; char *pathalloc = NULL; @@ -96,7 +96,7 @@ int parseconfig(const char *filename) file = curlx_fopen(curlrc, FOPEN_READTEXT); if(!file) { free(curlrc); - return 1; + return PARAM_READ_ERROR; } filename = pathalloc = curlrc; } @@ -133,12 +133,12 @@ int parseconfig(const char *filename) curlx_dyn_init(&pbuf, MAX_CONFIG_LINE_LENGTH); DEBUGASSERT(filename); - while(!rc && my_get_line(file, &buf, &fileerror)) { + while(!err && my_get_line(file, &buf, &fileerror)) { ParameterError res; lineno++; line = curlx_dyn_ptr(&buf); if(!line) { - rc = 1; /* out of memory */ + err = PARAM_NO_MEM; /* out of memory */ break; } @@ -166,9 +166,11 @@ int parseconfig(const char *filename) /* the parameter starts here (unless quoted) */ if(*line == '\"') { /* quoted parameter, do the quote dance */ - rc = unslashquote(++line, &pbuf); - if(rc) + int rc = unslashquote(++line, &pbuf); + if(rc) { + err = PARAM_BAD_USE; break; + } param = curlx_dyn_len(&pbuf) ? curlx_dyn_ptr(&pbuf) : CURL_UNCONST(""); } else { @@ -206,7 +208,7 @@ int parseconfig(const char *filename) #ifdef DEBUG_CONFIG curl_mfprintf(tool_stderr, "PARAM: \"%s\"\n",(param ? param : "(null)")); #endif - res = getparameter(option, param, &usedarg, config); + res = getparameter(option, param, &usedarg, config, max_recursive); config = global->last; if(!res && param && *param && !usedarg) @@ -240,10 +242,12 @@ int parseconfig(const char *filename) res != PARAM_VERSION_INFO_REQUESTED && res != PARAM_ENGINES_REQUESTED && res != PARAM_CA_EMBED_REQUESTED) { - const char *reason = param2text(res); - errorf("%s:%d: '%s' %s", - filename, lineno, option, reason); - rc = (int)res; + /* only show error in the first level config call */ + if(max_recursive == CONFIG_MAX_LEVELS) { + const char *reason = param2text(res); + errorf("%s:%d: '%s' %s", filename, lineno, option, reason); + } + err = res; } } } @@ -252,13 +256,16 @@ int parseconfig(const char *filename) if(file != stdin) curlx_fclose(file); if(fileerror) - rc = 1; + err = PARAM_READ_ERROR; } else - rc = 1; /* could not open the file */ + err = PARAM_READ_ERROR; /* could not open the file */ + + if((err == PARAM_READ_ERROR) && filename) + errorf("cannot read config from '%s'", filename); free(pathalloc); - return rc; + return err; } diff --git a/src/tool_parsecfg.h b/src/tool_parsecfg.h index 46977d8edd..3aad9bdd9c 100644 --- a/src/tool_parsecfg.h +++ b/src/tool_parsecfg.h @@ -25,7 +25,9 @@ ***************************************************************************/ #include "tool_setup.h" -int parseconfig(const char *filename); +/* only allow this many levels of recursive --config use */ +#define CONFIG_MAX_LEVELS 5 +ParameterError parseconfig(const char *filename, int max_recursive); bool my_get_line(FILE *fp, struct dynbuf *db, bool *error); #endif /* HEADER_CURL_TOOL_PARSECFG_H */ diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am index 9984e92839..21d20151d3 100644 --- a/tests/data/Makefile.am +++ b/tests/data/Makefile.am @@ -110,7 +110,7 @@ test736 test737 test738 test739 test740 test741 test742 test743 test744 \ test745 test746 test747 test748 test749 test750 test751 test752 test753 \ test754 test755 test756 test757 test758 test759 test760 test761 test762 \ test763 test764 test765 test766 test767 test768 test769 test770 test771 \ -test772 test773 \ +test772 test773 test774 \ test780 test781 test782 test783 test784 test785 test786 test787 test788 \ test789 test790 test791 test792 test793 test794 test796 test797 \ \ diff --git a/tests/data/test2080 b/tests/data/test2080 index d49bd5c453..44d16b6ee3 100644 --- a/tests/data/test2080 +++ b/tests/data/test2080 @@ -30,7 +30,7 @@ config file with overly long option # the used option in the config file is too long -26 +2 diff --git a/tests/data/test462 b/tests/data/test462 index fdbce3b462..3fbcae7313 100644 --- a/tests/data/test462 +++ b/tests/data/test462 @@ -30,7 +30,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -K %LOGDIR/cmd # Verify data after the test has been "shot" -26 +2 diff --git a/tests/data/test774 b/tests/data/test774 new file mode 100644 index 0000000000..758ad0de8d --- /dev/null +++ b/tests/data/test774 @@ -0,0 +1,25 @@ + + + +--config + + + + + +config file recursively including itself + + +--config %LOGDIR/cmd + + +http://%HOSTIP:%HTTPPORT/ -K %LOGDIR/cmd + + + + + +2 + + + From 1966c86d71eb90beeeb3ccbefd6321bd64992553 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 20 Oct 2025 15:51:39 +0200 Subject: [PATCH 0548/2408] cmake: add and use local FindGnuTLS module Replacing a combination of custom logic in the main script and relying on CMake's built-in Find module, with code and behavior used for the rest of dependencies. Also to: - add version detection in the non-pkg-config path. - make `GNUTLS_INCLUDE_DIR` and `GNUTLS_LIBRARY` take precedence over pkg-config. As with other dependencies. - document the above two configuration options. - prepare for #16973, which originally introduced this local Find module. The local module is doing largely the same as CMake's built-in FindGnuTLS. Differences: - honors `CURL_USE_PKGCONFIG`. - returns GnuTLS version for non-pkg-config detection. - consistently returns `GNUTLS_VERSION`. (CMake's built-in uses s different name in <3.16.) - CMake 3.16+ returns an imported target. curl supports 3.7, therefore we may only use it conditionally, which isn't worth it. Cherry-picked from #16973 Closes #19163 --- CMake/FindGnuTLS.cmake | 83 ++++++++++++++++++++++++++++++++++++++++++ CMakeLists.txt | 30 +++++++-------- Makefile.am | 1 + docs/INSTALL-CMAKE.md | 2 + 4 files changed, 99 insertions(+), 17 deletions(-) create mode 100644 CMake/FindGnuTLS.cmake diff --git a/CMake/FindGnuTLS.cmake b/CMake/FindGnuTLS.cmake new file mode 100644 index 0000000000..5b564fd9b2 --- /dev/null +++ b/CMake/FindGnuTLS.cmake @@ -0,0 +1,83 @@ +#*************************************************************************** +# _ _ ____ _ +# Project ___| | | | _ \| | +# / __| | | | |_) | | +# | (__| |_| | _ <| |___ +# \___|\___/|_| \_\_____| +# +# Copyright (C) Daniel Stenberg, , et al. +# +# This software is licensed as described in the file COPYING, which +# you should have received as part of this distribution. The terms +# are also available at https://curl.se/docs/copyright.html. +# +# You may opt to use, copy, modify, merge, publish, distribute and/or sell +# copies of the Software, and permit persons to whom the Software is +# furnished to do so, under the terms of the COPYING file. +# +# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY +# KIND, either express or implied. +# +# SPDX-License-Identifier: curl +# +########################################################################### +# Find the GnuTLS library +# +# Input variables: +# +# - `GNUTLS_INCLUDE_DIR`: The GnuTLS include directory. +# - `GNUTLS_LIBRARY`: Path to `gnutls` library. +# +# Result variables: +# +# - `GNUTLS_FOUND`: System has GnuTLS. +# - `GNUTLS_INCLUDE_DIRS`: The GnuTLS include directories. +# - `GNUTLS_LIBRARIES`: The GnuTLS library names. +# - `GNUTLS_LIBRARY_DIRS`: The GnuTLS library directories. +# - `GNUTLS_PC_REQUIRES`: The GnuTLS pkg-config packages. +# - `GNUTLS_CFLAGS`: Required compiler flags. +# - `GNUTLS_VERSION`: Version of GnuTLS. + +set(GNUTLS_PC_REQUIRES "gnutls") + +if(CURL_USE_PKGCONFIG AND + NOT DEFINED GNUTLS_INCLUDE_DIR AND + NOT DEFINED GNUTLS_LIBRARY) + find_package(PkgConfig QUIET) + pkg_check_modules(GNUTLS ${GNUTLS_PC_REQUIRES}) +endif() + +if(GNUTLS_FOUND) + set(GnuTLS_FOUND TRUE) + string(REPLACE ";" " " GNUTLS_CFLAGS "${GNUTLS_CFLAGS}") + message(STATUS "Found GnuTLS (via pkg-config): ${GNUTLS_INCLUDE_DIRS} (found version \"${GNUTLS_VERSION}\")") +else() + find_path(GNUTLS_INCLUDE_DIR NAMES "gnutls/gnutls.h") + find_library(GNUTLS_LIBRARY NAMES "gnutls" "libgnutls") + + unset(GNUTLS_VERSION CACHE) + if(GNUTLS_INCLUDE_DIR AND EXISTS "${GNUTLS_INCLUDE_DIR}/gnutls/gnutls.h") + set(_version_regex "#[\t ]*define[\t ]+GNUTLS_VERSION[\t ]+\"([^\"]*)\"") + file(STRINGS "${GNUTLS_INCLUDE_DIR}/gnutls/gnutls.h" _version_str REGEX "${_version_regex}") + string(REGEX REPLACE "${_version_regex}" "\\1" _version_str "${_version_str}") + set(GNUTLS_VERSION "${_version_str}") + unset(_version_regex) + unset(_version_str) + endif() + + include(FindPackageHandleStandardArgs) + find_package_handle_standard_args(GnuTLS + REQUIRED_VARS + GNUTLS_INCLUDE_DIR + GNUTLS_LIBRARY + VERSION_VAR + GNUTLS_VERSION + ) + + if(GNUTLS_FOUND) + set(GNUTLS_INCLUDE_DIRS ${GNUTLS_INCLUDE_DIR}) + set(GNUTLS_LIBRARIES ${GNUTLS_LIBRARY}) + endif() + + mark_as_advanced(GNUTLS_INCLUDE_DIR GNUTLS_LIBRARY) +endif() diff --git a/CMakeLists.txt b/CMakeLists.txt index cdd580ab59..2986902c02 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -890,27 +890,23 @@ if(CURL_USE_WOLFSSL) endif() if(CURL_USE_GNUTLS) - if(CURL_USE_PKGCONFIG) - find_package(PkgConfig QUIET) - pkg_check_modules(GNUTLS "gnutls") - if(GNUTLS_FOUND) - set(GNUTLS_LIBRARIES ${GNUTLS_LINK_LIBRARIES}) - string(REPLACE ";" " " GNUTLS_CFLAGS "${GNUTLS_CFLAGS}") - if(GNUTLS_CFLAGS) - string(APPEND CMAKE_C_FLAGS " ${GNUTLS_CFLAGS}") - endif() - endif() - endif() - if(NOT GNUTLS_FOUND) - find_package(GnuTLS REQUIRED) + find_package(GnuTLS REQUIRED) + list(APPEND CURL_LIBS ${GNUTLS_LIBRARIES}) + list(APPEND CURL_LIBDIRS ${GNUTLS_LIBRARY_DIRS}) + list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${GNUTLS_PC_REQUIRES}) + include_directories(SYSTEM ${GNUTLS_INCLUDE_DIRS}) + link_directories(${GNUTLS_LIBRARY_DIRS}) + if(GNUTLS_CFLAGS) + string(APPEND CMAKE_C_FLAGS " ${GNUTLS_CFLAGS}") endif() + find_package(Nettle REQUIRED) set(_ssl_enabled ON) set(USE_GNUTLS ON) - list(APPEND CURL_LIBS ${GNUTLS_LIBRARIES} ${NETTLE_LIBRARIES}) - list(APPEND CURL_LIBDIRS ${GNUTLS_LIBRARY_DIRS} ${NETTLE_LIBRARY_DIRS}) - list(APPEND LIBCURL_PC_REQUIRES_PRIVATE "gnutls" ${NETTLE_PC_REQUIRES}) - include_directories(SYSTEM ${GNUTLS_INCLUDE_DIRS} ${NETTLE_INCLUDE_DIRS}) + list(APPEND CURL_LIBS ${NETTLE_LIBRARIES}) + list(APPEND CURL_LIBDIRS ${NETTLE_LIBRARY_DIRS}) + list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${NETTLE_PC_REQUIRES}) + include_directories(SYSTEM ${NETTLE_INCLUDE_DIRS}) link_directories(${NETTLE_LIBRARY_DIRS}) if(NETTLE_CFLAGS) string(APPEND CMAKE_C_FLAGS " ${NETTLE_CFLAGS}") diff --git a/Makefile.am b/Makefile.am index 7687385416..7b2f05f92e 100644 --- a/Makefile.am +++ b/Makefile.am @@ -34,6 +34,7 @@ CMAKE_DIST = \ CMake/CurlTests.c \ CMake/FindBrotli.cmake \ CMake/FindCares.cmake \ + CMake/FindGnuTLS.cmake \ CMake/FindGSS.cmake \ CMake/FindLDAP.cmake \ CMake/FindLibgsasl.cmake \ diff --git a/docs/INSTALL-CMAKE.md b/docs/INSTALL-CMAKE.md index 1c5fee1b0d..a2a73050b0 100644 --- a/docs/INSTALL-CMAKE.md +++ b/docs/INSTALL-CMAKE.md @@ -404,6 +404,8 @@ Details via CMake - `CARES_INCLUDE_DIR`: The c-ares include directory. - `CARES_LIBRARY`: Path to `cares` library. - `DL_LIBRARY`: Path to `dl` library. (for Rustls) +- `GNUTLS_INCLUDE_DIR`: The GnuTLS include directory. +- `GNUTLS_LIBRARY`: Path to `gnutls` library. - `GSS_ROOT_DIR`: Set this variable to the root installation of GSS. (also supported as environment) - `LDAP_INCLUDE_DIR`: The LDAP include directory. - `LDAP_LIBRARY`: Path to `ldap` library. From 38c19edd67e705066379530bdc28ea6c25aba8df Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 20 Oct 2025 23:11:53 +0200 Subject: [PATCH 0549/2408] cmake: say 'absolute path' in option descriptions and docs To not have to guess. Also to sync with autotools, which already uses this wording. Also: - replace the stray term 'folder' with 'directory' for consistency. - store help text in a temp variable to avoid overly long strings (mandatory in CMake <4.2.0 and can't be trivially split), also to avoid repeating this string 4 times. Ref: https://cmake.org/cmake/help/v4.2/command/set.html Closes #19169 --- CMake/FindBrotli.cmake | 6 +- CMake/FindCares.cmake | 4 +- CMake/FindGSS.cmake | 4 +- CMake/FindGnuTLS.cmake | 4 +- CMake/FindLDAP.cmake | 6 +- CMake/FindLibgsasl.cmake | 4 +- CMake/FindLibidn2.cmake | 4 +- CMake/FindLibpsl.cmake | 4 +- CMake/FindLibrtmp.cmake | 4 +- CMake/FindLibssh.cmake | 4 +- CMake/FindLibssh2.cmake | 4 +- CMake/FindLibuv.cmake | 4 +- CMake/FindMbedTLS.cmake | 8 +-- CMake/FindNGHTTP2.cmake | 4 +- CMake/FindNGHTTP3.cmake | 4 +- CMake/FindNGTCP2.cmake | 16 ++--- CMake/FindNettle.cmake | 4 +- CMake/FindQuiche.cmake | 4 +- CMake/FindRustls.cmake | 4 +- CMake/FindWolfSSL.cmake | 4 +- CMake/FindZstd.cmake | 4 +- CMakeLists.txt | 18 +++--- docs/INSTALL-CMAKE.md | 134 +++++++++++++++++++-------------------- 23 files changed, 129 insertions(+), 127 deletions(-) diff --git a/CMake/FindBrotli.cmake b/CMake/FindBrotli.cmake index 690b5a9c27..c129a76567 100644 --- a/CMake/FindBrotli.cmake +++ b/CMake/FindBrotli.cmake @@ -25,9 +25,9 @@ # # Input variables: # -# - `BROTLI_INCLUDE_DIR`: The brotli include directory. -# - `BROTLICOMMON_LIBRARY`: Path to `brotlicommon` library. -# - `BROTLIDEC_LIBRARY`: Path to `brotlidec` library. +# - `BROTLI_INCLUDE_DIR`: Absolute path to brotli include directory. +# - `BROTLICOMMON_LIBRARY`: Absolute path to `brotlicommon` library. +# - `BROTLIDEC_LIBRARY`: Absolute path to `brotlidec` library. # # Result variables: # diff --git a/CMake/FindCares.cmake b/CMake/FindCares.cmake index cc47e2d331..ae2db52d85 100644 --- a/CMake/FindCares.cmake +++ b/CMake/FindCares.cmake @@ -25,8 +25,8 @@ # # Input variables: # -# - `CARES_INCLUDE_DIR`: The c-ares include directory. -# - `CARES_LIBRARY`: Path to `cares` library. +# - `CARES_INCLUDE_DIR`: Absolute path to c-ares include directory. +# - `CARES_LIBRARY`: Absolute path to `cares` library. # # Result variables: # diff --git a/CMake/FindGSS.cmake b/CMake/FindGSS.cmake index 1661f208d2..89545aa741 100644 --- a/CMake/FindGSS.cmake +++ b/CMake/FindGSS.cmake @@ -25,7 +25,7 @@ # # Input variables: # -# - `GSS_ROOT_DIR`: Set this variable to the root installation of GSS. (also supported as environment) +# - `GSS_ROOT_DIR`: Absolute path to the root installation of GSS. (also supported as environment) # # Result variables: # @@ -253,7 +253,7 @@ find_package_handle_standard_args(GSS VERSION_VAR GSS_VERSION FAIL_MESSAGE - "Could NOT find GSS, try to set the path to GSS root folder in the system variable GSS_ROOT_DIR" + "Could NOT find GSS, try to set the absolute path to GSS installation root directory in the environment variable GSS_ROOT_DIR" ) mark_as_advanced( diff --git a/CMake/FindGnuTLS.cmake b/CMake/FindGnuTLS.cmake index 5b564fd9b2..4de4f82eee 100644 --- a/CMake/FindGnuTLS.cmake +++ b/CMake/FindGnuTLS.cmake @@ -25,8 +25,8 @@ # # Input variables: # -# - `GNUTLS_INCLUDE_DIR`: The GnuTLS include directory. -# - `GNUTLS_LIBRARY`: Path to `gnutls` library. +# - `GNUTLS_INCLUDE_DIR`: Absolute path to GnuTLS include directory. +# - `GNUTLS_LIBRARY`: Absolute path to `gnutls` library. # # Result variables: # diff --git a/CMake/FindLDAP.cmake b/CMake/FindLDAP.cmake index fdc6d7be94..36ff08e397 100644 --- a/CMake/FindLDAP.cmake +++ b/CMake/FindLDAP.cmake @@ -25,9 +25,9 @@ # # Input variables: # -# - `LDAP_INCLUDE_DIR`: The ldap include directory. -# - `LDAP_LIBRARY`: Path to `ldap` library. -# - `LDAP_LBER_LIBRARY`: Path to `lber` library. +# - `LDAP_INCLUDE_DIR`: Absolute path to ldap include directory. +# - `LDAP_LIBRARY`: Absolute path to `ldap` library. +# - `LDAP_LBER_LIBRARY`: Absolute path to `lber` library. # # Result variables: # diff --git a/CMake/FindLibgsasl.cmake b/CMake/FindLibgsasl.cmake index 878d651883..e584f75371 100644 --- a/CMake/FindLibgsasl.cmake +++ b/CMake/FindLibgsasl.cmake @@ -25,8 +25,8 @@ # # Input variables: # -# - `LIBGSASL_INCLUDE_DIR`: The libgsasl include directory. -# - `LIBGSASL_LIBRARY`: Path to `libgsasl` library. +# - `LIBGSASL_INCLUDE_DIR`: Absolute path to libgsasl include directory. +# - `LIBGSASL_LIBRARY`: Absolute path to `libgsasl` library. # # Result variables: # diff --git a/CMake/FindLibidn2.cmake b/CMake/FindLibidn2.cmake index f8f00f0c79..9112428f37 100644 --- a/CMake/FindLibidn2.cmake +++ b/CMake/FindLibidn2.cmake @@ -25,8 +25,8 @@ # # Input variables: # -# - `LIBIDN2_INCLUDE_DIR`: The libidn2 include directory. -# - `LIBIDN2_LIBRARY`: Path to `libidn2` library. +# - `LIBIDN2_INCLUDE_DIR`: Absolute path to libidn2 include directory. +# - `LIBIDN2_LIBRARY`: Absolute path to `libidn2` library. # # Result variables: # diff --git a/CMake/FindLibpsl.cmake b/CMake/FindLibpsl.cmake index d6fde4b2d0..13740fa9b3 100644 --- a/CMake/FindLibpsl.cmake +++ b/CMake/FindLibpsl.cmake @@ -25,8 +25,8 @@ # # Input variables: # -# - `LIBPSL_INCLUDE_DIR`: The libpsl include directory. -# - `LIBPSL_LIBRARY`: Path to `libpsl` library. +# - `LIBPSL_INCLUDE_DIR`: Absolute path to libpsl include directory. +# - `LIBPSL_LIBRARY`: Absolute path to `libpsl` library. # # Result variables: # diff --git a/CMake/FindLibrtmp.cmake b/CMake/FindLibrtmp.cmake index 50fc9692bd..be975794b7 100644 --- a/CMake/FindLibrtmp.cmake +++ b/CMake/FindLibrtmp.cmake @@ -25,8 +25,8 @@ # # Input variables: # -# - `LIBRTMP_INCLUDE_DIR`: The librtmp include directory. -# - `LIBRTMP_LIBRARY`: Path to `librtmp` library. +# - `LIBRTMP_INCLUDE_DIR`: Absolute path to librtmp include directory. +# - `LIBRTMP_LIBRARY`: Absolute path to `librtmp` library. # # Result variables: # diff --git a/CMake/FindLibssh.cmake b/CMake/FindLibssh.cmake index e2b27d975c..cb895aa8d7 100644 --- a/CMake/FindLibssh.cmake +++ b/CMake/FindLibssh.cmake @@ -25,8 +25,8 @@ # # Input variables: # -# - `LIBSSH_INCLUDE_DIR`: The libssh include directory. -# - `LIBSSH_LIBRARY`: Path to libssh library. +# - `LIBSSH_INCLUDE_DIR`: Absolute path to libssh include directory. +# - `LIBSSH_LIBRARY`: Absolute path to `libssh` library. # # Result variables: # diff --git a/CMake/FindLibssh2.cmake b/CMake/FindLibssh2.cmake index 0b81ecb3cf..08415533e0 100644 --- a/CMake/FindLibssh2.cmake +++ b/CMake/FindLibssh2.cmake @@ -25,8 +25,8 @@ # # Input variables: # -# - `LIBSSH2_INCLUDE_DIR`: The libssh2 include directory. -# - `LIBSSH2_LIBRARY`: Path to `libssh2` library. +# - `LIBSSH2_INCLUDE_DIR`: Absolute path to libssh2 include directory. +# - `LIBSSH2_LIBRARY`: Absolute path to `libssh2` library. # # Result variables: # diff --git a/CMake/FindLibuv.cmake b/CMake/FindLibuv.cmake index b16b3554f6..2565ba3a38 100644 --- a/CMake/FindLibuv.cmake +++ b/CMake/FindLibuv.cmake @@ -25,8 +25,8 @@ # # Input variables: # -# - `LIBUV_INCLUDE_DIR`: The libuv include directory. -# - `LIBUV_LIBRARY`: Path to `libuv` library. +# - `LIBUV_INCLUDE_DIR`: Absolute path to libuv include directory. +# - `LIBUV_LIBRARY`: Absolute path to `libuv` library. # # Result variables: # diff --git a/CMake/FindMbedTLS.cmake b/CMake/FindMbedTLS.cmake index 4b5a6121f1..e1bee7dc4c 100644 --- a/CMake/FindMbedTLS.cmake +++ b/CMake/FindMbedTLS.cmake @@ -25,10 +25,10 @@ # # Input variables: # -# - `MBEDTLS_INCLUDE_DIR`: The mbedTLS include directory. -# - `MBEDTLS_LIBRARY`: Path to `mbedtls` library. -# - `MBEDX509_LIBRARY`: Path to `mbedx509` library. -# - `MBEDCRYPTO_LIBRARY`: Path to `mbedcrypto` library. +# - `MBEDTLS_INCLUDE_DIR`: Absolute path to mbedTLS include directory. +# - `MBEDTLS_LIBRARY`: Absolute path to `mbedtls` library. +# - `MBEDX509_LIBRARY`: Absolute path to `mbedx509` library. +# - `MBEDCRYPTO_LIBRARY`: Absolute path to `mbedcrypto` library. # # Result variables: # diff --git a/CMake/FindNGHTTP2.cmake b/CMake/FindNGHTTP2.cmake index b8f37fdaeb..1ccf641589 100644 --- a/CMake/FindNGHTTP2.cmake +++ b/CMake/FindNGHTTP2.cmake @@ -25,8 +25,8 @@ # # Input variables: # -# - `NGHTTP2_INCLUDE_DIR`: The nghttp2 include directory. -# - `NGHTTP2_LIBRARY`: Path to `nghttp2` library. +# - `NGHTTP2_INCLUDE_DIR`: Absolute path to nghttp2 include directory. +# - `NGHTTP2_LIBRARY`: Absolute path to `nghttp2` library. # # Result variables: # diff --git a/CMake/FindNGHTTP3.cmake b/CMake/FindNGHTTP3.cmake index 99edd19955..fba2c5779b 100644 --- a/CMake/FindNGHTTP3.cmake +++ b/CMake/FindNGHTTP3.cmake @@ -25,8 +25,8 @@ # # Input variables: # -# - `NGHTTP3_INCLUDE_DIR`: The nghttp3 include directory. -# - `NGHTTP3_LIBRARY`: Path to `nghttp3` library. +# - `NGHTTP3_INCLUDE_DIR`: Absolute path to nghttp3 include directory. +# - `NGHTTP3_LIBRARY`: Absolute path to `nghttp3` library. # # Result variables: # diff --git a/CMake/FindNGTCP2.cmake b/CMake/FindNGTCP2.cmake index eb4358ef00..d3d3835213 100644 --- a/CMake/FindNGTCP2.cmake +++ b/CMake/FindNGTCP2.cmake @@ -35,14 +35,14 @@ # # Input variables: # -# - `NGTCP2_INCLUDE_DIR`: The ngtcp2 include directory. -# - `NGTCP2_LIBRARY`: Path to `ngtcp2` library. -# - `NGTCP2_CRYPTO_BORINGSSL_LIBRARY`: Path to `ngtcp2_crypto_boringssl` library. -# - `NGTCP2_CRYPTO_GNUTLS_LIBRARY`: Path to `ngtcp2_crypto_gnutls` library. -# - `NGTCP2_CRYPTO_LIBRESSL_LIBRARY`: Path to `ngtcp2_crypto_libressl` library. -# - `NGTCP2_CRYPTO_OSSL_LIBRARY`: Path to `ngtcp2_crypto_ossl` library. -# - `NGTCP2_CRYPTO_QUICTLS_LIBRARY`: Path to `ngtcp2_crypto_quictls` library. -# - `NGTCP2_CRYPTO_WOLFSSL_LIBRARY`: Path to `ngtcp2_crypto_wolfssl` library. +# - `NGTCP2_INCLUDE_DIR`: Absolute path to ngtcp2 include directory. +# - `NGTCP2_LIBRARY`: Absolute path to `ngtcp2` library. +# - `NGTCP2_CRYPTO_BORINGSSL_LIBRARY`: Absolute path to `ngtcp2_crypto_boringssl` library. +# - `NGTCP2_CRYPTO_GNUTLS_LIBRARY`: Absolute path to `ngtcp2_crypto_gnutls` library. +# - `NGTCP2_CRYPTO_LIBRESSL_LIBRARY`: Absolute path to `ngtcp2_crypto_libressl` library. +# - `NGTCP2_CRYPTO_OSSL_LIBRARY`: Absolute path to `ngtcp2_crypto_ossl` library. +# - `NGTCP2_CRYPTO_QUICTLS_LIBRARY`: Absolute path to `ngtcp2_crypto_quictls` library. +# - `NGTCP2_CRYPTO_WOLFSSL_LIBRARY`: Absolute path to `ngtcp2_crypto_wolfssl` library. # # Result variables: # diff --git a/CMake/FindNettle.cmake b/CMake/FindNettle.cmake index c2decf6e7b..7f2f69c1ca 100644 --- a/CMake/FindNettle.cmake +++ b/CMake/FindNettle.cmake @@ -25,8 +25,8 @@ # # Input variables: # -# - `NETTLE_INCLUDE_DIR`: The nettle include directory. -# - `NETTLE_LIBRARY`: Path to `nettle` library. +# - `NETTLE_INCLUDE_DIR`: Absolute path to nettle include directory. +# - `NETTLE_LIBRARY`: Absolute path to `nettle` library. # # Result variables: # diff --git a/CMake/FindQuiche.cmake b/CMake/FindQuiche.cmake index 6939c64e0f..934cf9f69f 100644 --- a/CMake/FindQuiche.cmake +++ b/CMake/FindQuiche.cmake @@ -25,8 +25,8 @@ # # Input variables: # -# - `QUICHE_INCLUDE_DIR`: The quiche include directory. -# - `QUICHE_LIBRARY`: Path to `quiche` library. +# - `QUICHE_INCLUDE_DIR`: Absolute path to quiche include directory. +# - `QUICHE_LIBRARY`: Absolute path to `quiche` library. # # Result variables: # diff --git a/CMake/FindRustls.cmake b/CMake/FindRustls.cmake index 564b08ce15..a29ce5fa09 100644 --- a/CMake/FindRustls.cmake +++ b/CMake/FindRustls.cmake @@ -25,8 +25,8 @@ # # Input variables: # -# - `RUSTLS_INCLUDE_DIR`: The Rustls include directory. -# - `RUSTLS_LIBRARY`: Path to `rustls` library. +# - `RUSTLS_INCLUDE_DIR`: Absolute path to Rustls include directory. +# - `RUSTLS_LIBRARY`: Absolute path to `rustls` library. # # Result variables: # diff --git a/CMake/FindWolfSSL.cmake b/CMake/FindWolfSSL.cmake index 87b640a1f2..4d172c029a 100644 --- a/CMake/FindWolfSSL.cmake +++ b/CMake/FindWolfSSL.cmake @@ -25,8 +25,8 @@ # # Input variables: # -# - `WOLFSSL_INCLUDE_DIR`: The wolfSSL include directory. -# - `WOLFSSL_LIBRARY`: Path to `wolfssl` library. +# - `WOLFSSL_INCLUDE_DIR`: Absolute path to wolfSSL include directory. +# - `WOLFSSL_LIBRARY`: Absolute path to `wolfssl` library. # # Result variables: # diff --git a/CMake/FindZstd.cmake b/CMake/FindZstd.cmake index 0ea1fef467..655f0cc700 100644 --- a/CMake/FindZstd.cmake +++ b/CMake/FindZstd.cmake @@ -25,8 +25,8 @@ # # Input variables: # -# - `ZSTD_INCLUDE_DIR`: The zstd include directory. -# - `ZSTD_LIBRARY`: Path to `zstd` library. +# - `ZSTD_INCLUDE_DIR`: Absolute path to zstd include directory. +# - `ZSTD_LIBRARY`: Absolute path to `zstd` library. # # Result variables: # diff --git a/CMakeLists.txt b/CMakeLists.txt index 2986902c02..3a6a731426 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -645,7 +645,7 @@ elseif(DOS) include_directories(SYSTEM "${WATT_ROOT}/inc") list(APPEND CMAKE_REQUIRED_INCLUDES "${WATT_ROOT}/inc") else() - message(FATAL_ERROR "Set WATT_ROOT variable to the root installation of Watt-32.") + message(FATAL_ERROR "Set WATT_ROOT variable to the absolute path to the root installation of Watt-32.") endif() elseif(AMIGA) if(AMISSL_INCLUDE_DIR AND AMISSL_STUBS_LIBRARY AND AMISSL_AUTO_LIBRARY) @@ -1498,14 +1498,16 @@ endif() # CA handling # if(_curl_ca_bundle_supported) + set(_ca_opt_desc "Set 'none' to disable or 'auto' for auto-detection. Defaults to 'auto'.") + set(CURL_CA_BUNDLE "auto" CACHE - STRING "Path to the CA bundle. Set 'none' to disable or 'auto' for auto-detection. Defaults to 'auto'.") + STRING "Absolute path to the CA bundle. ${_ca_opt_desc}") set(CURL_CA_FALLBACK OFF CACHE BOOL "Use built-in CA store of OpenSSL. Defaults to OFF") set(CURL_CA_PATH "auto" CACHE - STRING "Location of default CA path. Set 'none' to disable or 'auto' for auto-detection. Defaults to 'auto'.") + STRING "Absolute path to a directory containing CA certificates stored individually. ${_ca_opt_desc}") set(CURL_CA_EMBED "" CACHE - STRING "Path to the CA bundle to embed in the curl tool.") + STRING "Absolute path to the CA bundle to embed in the curl tool.") if(CURL_CA_FALLBACK AND NOT CURL_USE_OPENSSL) message(FATAL_ERROR "CURL_CA_FALLBACK only works with OpenSSL.") @@ -1556,8 +1558,8 @@ if(_curl_ca_bundle_supported) if(EXISTS "${_search_ca_bundle_path}") message(STATUS "Found CA bundle: ${_search_ca_bundle_path}") set(CURL_CA_BUNDLE "${_search_ca_bundle_path}" CACHE - STRING "Path to the CA bundle. Set 'none' to disable or 'auto' for auto-detection. Defaults to 'auto'.") - set(CURL_CA_BUNDLE_SET TRUE CACHE BOOL "Path to the CA bundle has been set") + STRING "Absolute path to the CA bundle. ${_ca_opt_desc}") + set(CURL_CA_BUNDLE_SET TRUE CACHE BOOL "Absolute path to the CA bundle has been set") break() endif() endforeach() @@ -1570,8 +1572,8 @@ if(_curl_ca_bundle_supported) unset(_curl_ca_files_found) message(STATUS "Found CA path: ${_search_ca_path}") set(CURL_CA_PATH "${_search_ca_path}" CACHE - STRING "Location of default CA path. Set 'none' to disable or 'auto' for auto-detection. Defaults to 'auto'.") - set(CURL_CA_PATH_SET TRUE CACHE BOOL "Path to the CA bundle has been set") + STRING "Absolute path to a directory containing CA certificates stored individually. ${_ca_opt_desc}") + set(CURL_CA_PATH_SET TRUE CACHE BOOL "Absolute path to the CA bundle has been set") endif() endif() endif() diff --git a/docs/INSTALL-CMAKE.md b/docs/INSTALL-CMAKE.md index a2a73050b0..996ba698d0 100644 --- a/docs/INSTALL-CMAKE.md +++ b/docs/INSTALL-CMAKE.md @@ -255,10 +255,10 @@ target_link_libraries(my_target PRIVATE CURL::libcurl) ## CA bundle options -- `CURL_CA_BUNDLE`: Path to the CA bundle. Set `none` to disable or `auto` for auto-detection. Default: `auto` -- `CURL_CA_EMBED`: Path to the CA bundle to embed in the curl tool. Default: (disabled) +- `CURL_CA_BUNDLE`: Absolute path to the CA bundle. Set `none` to disable or `auto` for auto-detection. Default: `auto` +- `CURL_CA_EMBED`: Absolute path to the CA bundle to embed in the curl tool. Default: (disabled) - `CURL_CA_FALLBACK`: Use built-in CA store of OpenSSL. Default: `OFF` -- `CURL_CA_PATH`: Location of default CA path. Set `none` to disable or `auto` for auto-detection. Default: `auto` +- `CURL_CA_PATH`: Absolute path to a directory containing CA certificates stored individually. Set `none` to disable or `auto` for auto-detection. Default: `auto` - `CURL_CA_SEARCH_SAFE`: Enable safe CA bundle search (within the curl tool directory) on Windows. Default: `OFF` ## Enabling features @@ -379,13 +379,13 @@ Details via CMake ## Dependency options (via CMake) -- `OPENSSL_ROOT_DIR`: Set this variable to the root installation of OpenSSL (and forks). -- `OPENSSL_INCLUDE_DIR`: The OpenSSL include directory. -- `OPENSSL_SSL_LIBRARY`: Path to `ssl` library. With MSVC, CMake uses variables `SSL_EAY_DEBUG`/`SSL_EAY_RELEASE` instead. -- `OPENSSL_CRYPTO_LIBRARY`: Path to `crypto` library. With MSVC, CMake uses variables `LIB_EAY_DEBUG`/`LIB_EAY_RELEASE` instead. +- `OPENSSL_ROOT_DIR`: Absolute path to the root installation of OpenSSL (and forks). +- `OPENSSL_INCLUDE_DIR`: Absolute path to OpenSSL include directory. +- `OPENSSL_SSL_LIBRARY`: Absolute path to `ssl` library. With MSVC, CMake uses variables `SSL_EAY_DEBUG`/`SSL_EAY_RELEASE` instead. +- `OPENSSL_CRYPTO_LIBRARY`: Absolute path to `crypto` library. With MSVC, CMake uses variables `LIB_EAY_DEBUG`/`LIB_EAY_RELEASE` instead. - `OPENSSL_USE_STATIC_LIBS`: Look for static OpenSSL libraries. -- `ZLIB_INCLUDE_DIR`: The zlib include directory. -- `ZLIB_LIBRARY`: Path to `zlib` library. +- `ZLIB_INCLUDE_DIR`: Absolute path to zlib include directory. +- `ZLIB_LIBRARY`: Absolute path to `zlib` library. - `ZLIB_USE_STATIC_LIBS`: Look for static ZLIB library (requires CMake v3.24). ## Dependency options (tools) @@ -395,64 +395,64 @@ Details via CMake ## Dependency options (libraries) -- `AMISSL_INCLUDE_DIR`: The AmiSSL include directory. -- `AMISSL_STUBS_LIBRARY`: Path to `amisslstubs` library. -- `AMISSL_AUTO_LIBRARY`: Path to `amisslauto` library. -- `BROTLI_INCLUDE_DIR`: The brotli include directory. -- `BROTLICOMMON_LIBRARY`: Path to `brotlicommon` library. -- `BROTLIDEC_LIBRARY`: Path to `brotlidec` library. -- `CARES_INCLUDE_DIR`: The c-ares include directory. -- `CARES_LIBRARY`: Path to `cares` library. -- `DL_LIBRARY`: Path to `dl` library. (for Rustls) -- `GNUTLS_INCLUDE_DIR`: The GnuTLS include directory. -- `GNUTLS_LIBRARY`: Path to `gnutls` library. -- `GSS_ROOT_DIR`: Set this variable to the root installation of GSS. (also supported as environment) -- `LDAP_INCLUDE_DIR`: The LDAP include directory. -- `LDAP_LIBRARY`: Path to `ldap` library. -- `LDAP_LBER_LIBRARY`: Path to `lber` library. -- `LIBGSASL_INCLUDE_DIR`: The libgsasl include directory. -- `LIBGSASL_LIBRARY`: Path to `libgsasl` library. -- `LIBIDN2_INCLUDE_DIR`: The libidn2 include directory. -- `LIBIDN2_LIBRARY`: Path to `libidn2` library. -- `LIBPSL_INCLUDE_DIR`: The libpsl include directory. -- `LIBPSL_LIBRARY`: Path to `libpsl` library. -- `LIBRTMP_INCLUDE_DIR`: The librtmp include directory. -- `LIBRTMP_LIBRARY`: Path to `librtmp` library. -- `LIBSSH_INCLUDE_DIR`: The libssh include directory. -- `LIBSSH_LIBRARY`: Path to `libssh` library. -- `LIBSSH2_INCLUDE_DIR`: The libssh2 include directory. -- `LIBSSH2_LIBRARY`: Path to `libssh2` library. -- `LIBUV_INCLUDE_DIR`: The libuv include directory. -- `LIBUV_LIBRARY`: Path to `libuv` library. -- `MATH_LIBRARY`: Path to `m` library. (for Rustls, wolfSSL) -- `MBEDTLS_INCLUDE_DIR`: The mbedTLS include directory. -- `MBEDTLS_LIBRARY`: Path to `mbedtls` library. -- `MBEDX509_LIBRARY`: Path to `mbedx509` library. -- `MBEDCRYPTO_LIBRARY`: Path to `mbedcrypto` library. -- `NGHTTP2_INCLUDE_DIR`: The nghttp2 include directory. -- `NGHTTP2_LIBRARY`: Path to `nghttp2` library. -- `NGHTTP3_INCLUDE_DIR`: The nghttp3 include directory. -- `NGHTTP3_LIBRARY`: Path to `nghttp3` library. -- `NGTCP2_INCLUDE_DIR`: The ngtcp2 include directory. -- `NGTCP2_LIBRARY`: Path to `ngtcp2` library. -- `NGTCP2_CRYPTO_BORINGSSL_LIBRARY`: Path to `ngtcp2_crypto_boringssl` library. (also for AWS-LC) -- `NGTCP2_CRYPTO_GNUTLS_LIBRARY`: Path to `ngtcp2_crypto_gnutls` library. -- `NGTCP2_CRYPTO_LIBRESSL_LIBRARY`: Path to `ngtcp2_crypto_libressl` library. (requires ngtcp2 1.15.0+) -- `NGTCP2_CRYPTO_OSSL_LIBRARY`: Path to `ngtcp2_crypto_ossl` library. -- `NGTCP2_CRYPTO_QUICTLS_LIBRARY`: Path to `ngtcp2_crypto_quictls` library. (also for LibreSSL with ngtcp2 <1.15.0) -- `NGTCP2_CRYPTO_WOLFSSL_LIBRARY`: Path to `ngtcp2_crypto_wolfssl` library. -- `NETTLE_INCLUDE_DIR`: The nettle include directory. -- `NETTLE_LIBRARY`: Path to `nettle` library. -- `PTHREAD_LIBRARY`: Path to `pthread` library. (for Rustls) -- `QUICHE_INCLUDE_DIR`: The quiche include directory. -- `QUICHE_LIBRARY`: Path to `quiche` library. -- `RUSTLS_INCLUDE_DIR`: The Rustls include directory. -- `RUSTLS_LIBRARY`: Path to `rustls` library. -- `WATT_ROOT`: Set this variable to the root installation of Watt-32. -- `WOLFSSL_INCLUDE_DIR`: The wolfSSL include directory. -- `WOLFSSL_LIBRARY`: Path to `wolfssl` library. -- `ZSTD_INCLUDE_DIR`: The zstd include directory. -- `ZSTD_LIBRARY`: Path to `zstd` library. +- `AMISSL_INCLUDE_DIR`: Absolute path to AmiSSL include directory. +- `AMISSL_STUBS_LIBRARY`: Absolute path to `amisslstubs` library. +- `AMISSL_AUTO_LIBRARY`: Absolute path to `amisslauto` library. +- `BROTLI_INCLUDE_DIR`: Absolute path to brotli include directory. +- `BROTLICOMMON_LIBRARY`: Absolute path to `brotlicommon` library. +- `BROTLIDEC_LIBRARY`: Absolute path to `brotlidec` library. +- `CARES_INCLUDE_DIR`: Absolute path to c-ares include directory. +- `CARES_LIBRARY`: Absolute path to `cares` library. +- `DL_LIBRARY`: Absolute path to `dl` library. (for Rustls) +- `GNUTLS_INCLUDE_DIR`: Absolute path to GnuTLS include directory. +- `GNUTLS_LIBRARY`: Absolute path to `gnutls` library. +- `GSS_ROOT_DIR`: Absolute path to the root installation of GSS. (also supported as environment) +- `LDAP_INCLUDE_DIR`: Absolute path to LDAP include directory. +- `LDAP_LIBRARY`: Absolute path to `ldap` library. +- `LDAP_LBER_LIBRARY`: Absolute path to `lber` library. +- `LIBGSASL_INCLUDE_DIR`: Absolute path to libgsasl include directory. +- `LIBGSASL_LIBRARY`: Absolute path to `libgsasl` library. +- `LIBIDN2_INCLUDE_DIR`: Absolute path to libidn2 include directory. +- `LIBIDN2_LIBRARY`: Absolute path to `libidn2` library. +- `LIBPSL_INCLUDE_DIR`: Absolute path to libpsl include directory. +- `LIBPSL_LIBRARY`: Absolute path to `libpsl` library. +- `LIBRTMP_INCLUDE_DIR`: Absolute path to librtmp include directory. +- `LIBRTMP_LIBRARY`: Absolute path to `librtmp` library. +- `LIBSSH_INCLUDE_DIR`: Absolute path to libssh include directory. +- `LIBSSH_LIBRARY`: Absolute path to `libssh` library. +- `LIBSSH2_INCLUDE_DIR`: Absolute path to libssh2 include directory. +- `LIBSSH2_LIBRARY`: Absolute path to `libssh2` library. +- `LIBUV_INCLUDE_DIR`: Absolute path to libuv include directory. +- `LIBUV_LIBRARY`: Absolute path to `libuv` library. +- `MATH_LIBRARY`: Absolute path to `m` library. (for Rustls, wolfSSL) +- `MBEDTLS_INCLUDE_DIR`: Absolute path to mbedTLS include directory. +- `MBEDTLS_LIBRARY`: Absolute path to `mbedtls` library. +- `MBEDX509_LIBRARY`: Absolute path to `mbedx509` library. +- `MBEDCRYPTO_LIBRARY`: Absolute path to `mbedcrypto` library. +- `NGHTTP2_INCLUDE_DIR`: Absolute path to nghttp2 include directory. +- `NGHTTP2_LIBRARY`: Absolute path to `nghttp2` library. +- `NGHTTP3_INCLUDE_DIR`: Absolute path to nghttp3 include directory. +- `NGHTTP3_LIBRARY`: Absolute path to `nghttp3` library. +- `NGTCP2_INCLUDE_DIR`: Absolute path to ngtcp2 include directory. +- `NGTCP2_LIBRARY`: Absolute path to `ngtcp2` library. +- `NGTCP2_CRYPTO_BORINGSSL_LIBRARY`: Absolute path to `ngtcp2_crypto_boringssl` library. (also for AWS-LC) +- `NGTCP2_CRYPTO_GNUTLS_LIBRARY`: Absolute path to `ngtcp2_crypto_gnutls` library. +- `NGTCP2_CRYPTO_LIBRESSL_LIBRARY`: Absolute path to `ngtcp2_crypto_libressl` library. (requires ngtcp2 1.15.0+) +- `NGTCP2_CRYPTO_OSSL_LIBRARY`: Absolute path to `ngtcp2_crypto_ossl` library. +- `NGTCP2_CRYPTO_QUICTLS_LIBRARY`: Absolute path to `ngtcp2_crypto_quictls` library. (also for LibreSSL with ngtcp2 <1.15.0) +- `NGTCP2_CRYPTO_WOLFSSL_LIBRARY`: Absolute path to `ngtcp2_crypto_wolfssl` library. +- `NETTLE_INCLUDE_DIR`: Absolute path to nettle include directory. +- `NETTLE_LIBRARY`: Absolute path to `nettle` library. +- `PTHREAD_LIBRARY`: Absolute path to `pthread` library. (for Rustls) +- `QUICHE_INCLUDE_DIR`: Absolute path to quiche include directory. +- `QUICHE_LIBRARY`: Absolute path to `quiche` library. +- `RUSTLS_INCLUDE_DIR`: Absolute path to Rustls include directory. +- `RUSTLS_LIBRARY`: Absolute path to `rustls` library. +- `WATT_ROOT`: Absolute path to the root installation of Watt-32. +- `WOLFSSL_INCLUDE_DIR`: Absolute path to wolfSSL include directory. +- `WOLFSSL_LIBRARY`: Absolute path to `wolfssl` library. +- `ZSTD_INCLUDE_DIR`: Absolute path to zstd include directory. +- `ZSTD_LIBRARY`: Absolute path to `zstd` library. ## Test tools From 76d28525509c2c06786fc9b8d2e2e8536dceb3bc Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 21 Oct 2025 13:33:18 +0200 Subject: [PATCH 0550/2408] hmac: free memory properly on errors If one of the hmac init calls fail, Curl_HMAC_init previously would return without first freeing the allocated HMAC_context. Fixes #19176 Reported-by: WangDaLei on github Closes #19177 --- lib/hmac.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/lib/hmac.c b/lib/hmac.c index 5e7dd0df0c..7842f0601b 100644 --- a/lib/hmac.c +++ b/lib/hmac.c @@ -74,7 +74,7 @@ Curl_HMAC_init(const struct HMAC_params *hashparams, /* If the key is too long, replace it by its hash digest. */ if(keylen > hashparams->maxkeylen) { if(hashparams->hinit(ctxt->hashctxt1)) - return NULL; + goto fail; hashparams->hupdate(ctxt->hashctxt1, key, keylen); hkey = (unsigned char *) ctxt->hashctxt2 + hashparams->ctxtsize; hashparams->hfinal(hkey, ctxt->hashctxt1); @@ -85,7 +85,7 @@ Curl_HMAC_init(const struct HMAC_params *hashparams, /* Prime the two hash contexts with the modified key. */ if(hashparams->hinit(ctxt->hashctxt1) || hashparams->hinit(ctxt->hashctxt2)) - return NULL; + goto fail; for(i = 0; i < keylen; i++) { b = (unsigned char)(*key ^ hmac_ipad); @@ -101,6 +101,10 @@ Curl_HMAC_init(const struct HMAC_params *hashparams, /* Done, return pointer to HMAC context. */ return ctxt; + +fail: + free(ctxt); + return NULL; } int Curl_HMAC_update(struct HMAC_context *ctxt, From 40f7cd2bdd14e09b9bb1b4ddefc8b5e5ce71865a Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Tue, 21 Oct 2025 13:51:10 +0200 Subject: [PATCH 0551/2408] mime: fix unpausing of readers MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When unpausing a transfer, check if the reader pause state differs in addition to the "keepon" flags. Reported-by: 包布丁 Fixes #18848 Closes #19178 --- lib/easy.c | 3 +- lib/sendf.c | 1 + tests/http/test_07_upload.py | 19 ++++++++++ tests/http/testenv/httpd.py | 6 ++- .../http/testenv/mod_curltest/mod_curltest.c | 15 ++++++++ tests/libtest/cli_hx_upload.c | 38 +++++++++++++------ 6 files changed, 68 insertions(+), 14 deletions(-) diff --git a/lib/easy.c b/lib/easy.c index 793a18f33e..4236a01d87 100644 --- a/lib/easy.c +++ b/lib/easy.c @@ -1165,7 +1165,8 @@ CURLcode curl_easy_pause(CURL *d, int action) send_paused = Curl_xfer_send_is_paused(data); send_paused_new = (action & CURLPAUSE_SEND); - if(send_paused != send_paused_new) { + if((send_paused != send_paused_new) || + (send_paused_new != Curl_creader_is_paused(data))) { changed = TRUE; result = Curl_1st_err(result, Curl_xfer_pause_send(data, send_paused_new)); } diff --git a/lib/sendf.c b/lib/sendf.c index c6d8412762..7307f872df 100644 --- a/lib/sendf.c +++ b/lib/sendf.c @@ -1442,6 +1442,7 @@ CURLcode Curl_creader_unpause(struct Curl_easy *data) while(reader) { result = reader->crt->cntrl(data, reader, CURL_CRCNTRL_UNPAUSE); + CURL_TRC_READ(data, "unpausing %s -> %d", reader->crt->name, result); if(result) break; reader = reader->next; diff --git a/tests/http/test_07_upload.py b/tests/http/test_07_upload.py index d17d3a44ad..c2377d41e4 100644 --- a/tests/http/test_07_upload.py +++ b/tests/http/test_07_upload.py @@ -671,6 +671,25 @@ class TestUpload: ]) r.check_stats(count=1, http_status=200, exitcode=0) + @pytest.mark.parametrize("proto", ['http/1.1']) + def test_07_63_upload_exp100_paused(self, env: Env, httpd, nghttpx, proto): + read_delay = 1 + url = f'https://{env.authority_for(env.domain1, proto)}/curltest/echo?id=[0-0]'\ + f'&read_delay={read_delay}s' + upload_size = 128 * 1024 + client = LocalClient(name='cli_hx_upload', env=env) + if not client.exists(): + pytest.skip(f'example client not built: {client.name}') + r = client.run(args=[ + '-n', '1', + '-S', f'{upload_size}', + '-P', '1', + '-M', 'MIME', + '-r', f'{env.domain1}:{env.port_for(proto)}:127.0.0.1', + '-V', proto, url + ]) + r.check_exit_code(0) + # nghttpx is the only server we have that supports TLS early data and # has a limit of 16k it announces @pytest.mark.skipif(condition=not Env.have_nghttpx(), reason="no nghttpx") diff --git a/tests/http/testenv/httpd.py b/tests/http/testenv/httpd.py index d9f535dd22..740237abc4 100644 --- a/tests/http/testenv/httpd.py +++ b/tests/http/testenv/httpd.py @@ -575,11 +575,13 @@ class Httpd: return local_dir = os.path.dirname(inspect.getfile(Httpd)) out_dir = os.path.join(self.env.gen_dir, 'mod_curltest') + in_source = os.path.join(local_dir, 'mod_curltest/mod_curltest.c') out_source = os.path.join(out_dir, 'mod_curltest.c') if not os.path.exists(out_dir): os.mkdir(out_dir) - if not os.path.exists(out_source): - shutil.copy(os.path.join(local_dir, 'mod_curltest/mod_curltest.c'), out_source) + if not os.path.exists(out_source) or \ + os.stat(in_source).st_mtime > os.stat(out_source).st_mtime: + shutil.copy(in_source, out_source) p = subprocess.run([ self.env.apxs, '-c', out_source ], capture_output=True, cwd=out_dir) diff --git a/tests/http/testenv/mod_curltest/mod_curltest.c b/tests/http/testenv/mod_curltest/mod_curltest.c index e354e5a469..17d0688ace 100644 --- a/tests/http/testenv/mod_curltest/mod_curltest.c +++ b/tests/http/testenv/mod_curltest/mod_curltest.c @@ -188,6 +188,7 @@ static int curltest_echo_handler(request_rec *r) char buffer[8192]; const char *ct; apr_off_t die_after_len = -1, total_read_len = 0; + apr_time_t read_delay = 0; int just_die = 0, die_after_100 = 0; long l; @@ -221,6 +222,12 @@ static int curltest_echo_handler(request_rec *r) die_after_100 = 1; continue; } + else if(!strcmp("read_delay", arg)) { + rv = duration_parse(&read_delay, val, "s"); + if(APR_SUCCESS == rv) { + continue; + } + } } } } @@ -258,6 +265,12 @@ static int curltest_echo_handler(request_rec *r) apr_table_setn(r->headers_out, "Request-TE", apr_table_get(r->headers_in, "TE")); + if(read_delay) { + ap_log_rerror(APLOG_MARK, APLOG_TRACE1, 0, r, + "put_handler: read_delay"); + apr_sleep(read_delay); + } + bb = apr_brigade_create(r->pool, c->bucket_alloc); /* copy any request body into the response */ rv = ap_setup_client_block(r, REQUEST_CHUNKED_DECHUNK); @@ -637,6 +650,8 @@ static int curltest_put_handler(request_rec *r) ap_set_content_type(r, ct ? ct : "text/plain"); if(read_delay) { + ap_log_rerror(APLOG_MARK, APLOG_TRACE1, 0, r, + "put_handler: read_delay"); apr_sleep(read_delay); } bb = apr_brigade_create(r->pool, c->bucket_alloc); diff --git a/tests/libtest/cli_hx_upload.c b/tests/libtest/cli_hx_upload.c index a0a6b95db8..5d9c2f26f8 100644 --- a/tests/libtest/cli_hx_upload.c +++ b/tests/libtest/cli_hx_upload.c @@ -33,6 +33,7 @@ struct transfer_u { CURL *easy; const char *method; char filename[128]; + curl_mime *mime; FILE *out; curl_off_t send_total; curl_off_t recv_size; @@ -158,18 +159,28 @@ static int setup_hx_upload(CURL *hnd, const char *url, struct transfer_u *t, if(use_earlydata) curl_easy_setopt(hnd, CURLOPT_SSL_OPTIONS, CURLSSLOPT_EARLYDATA); - if(!t->method || !strcmp("PUT", t->method)) - curl_easy_setopt(hnd, CURLOPT_UPLOAD, 1L); - else if(!strcmp("POST", t->method)) - curl_easy_setopt(hnd, CURLOPT_POST, 1L); - else { - curl_mfprintf(stderr, "unsupported method '%s'\n", t->method); - return 1; + if(!strcmp("MIME", t->method)) { + curl_mimepart *part; + t->mime = curl_mime_init(hnd); + part = curl_mime_addpart(t->mime); + curl_mime_name(part, "file"); + curl_mime_data_cb(part, -1, my_read_cb, NULL, NULL, t); + curl_easy_setopt(hnd, CURLOPT_MIMEPOST, t->mime); + } + else { + if(!t->method || !strcmp("PUT", t->method)) + curl_easy_setopt(hnd, CURLOPT_UPLOAD, 1L); + else if(!strcmp("POST", t->method)) + curl_easy_setopt(hnd, CURLOPT_POST, 1L); + else { + curl_mfprintf(stderr, "unsupported method '%s'\n", t->method); + return 1; + } + curl_easy_setopt(hnd, CURLOPT_READFUNCTION, my_read_cb); + curl_easy_setopt(hnd, CURLOPT_READDATA, t); + if(announce_length) + curl_easy_setopt(hnd, CURLOPT_INFILESIZE_LARGE, t->send_total); } - curl_easy_setopt(hnd, CURLOPT_READFUNCTION, my_read_cb); - curl_easy_setopt(hnd, CURLOPT_READDATA, t); - if(announce_length) - curl_easy_setopt(hnd, CURLOPT_INFILESIZE_LARGE, t->send_total); curl_easy_setopt(hnd, CURLOPT_NOPROGRESS, 0L); curl_easy_setopt(hnd, CURLOPT_XFERINFOFUNCTION, my_progress_u_cb); @@ -488,6 +499,7 @@ static CURLcode test_cli_hx_upload(const char *URL) } while(active_transfers); /* as long as we have transfers going */ + curl_mfprintf(stderr, "all transfers done, cleanup multi\n"); curl_multi_cleanup(multi_handle); } @@ -501,9 +513,13 @@ static CURLcode test_cli_hx_upload(const char *URL) curl_easy_cleanup(t->easy); t->easy = NULL; } + if(t->mime) { + curl_mime_free(t->mime); + } } free(transfer_u); curl_share_cleanup(share); + curl_slist_free_all(host); return CURLE_OK; } From 48df7b29d905314c2c0c3b4b3f949569a490d3aa Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 20 Oct 2025 11:34:25 +0200 Subject: [PATCH 0552/2408] cookie: only count accepted cookies in Curl_cookie_add The counter used to stop accepting cookies after a certain amount has been received in a single response would previously also count some cookies that were not actually accepted as they were discarded after the counter was increased. Starting now, the counter is increased only for cookies that were accepted. Pointed out by ZeroPath Closes #19157 --- lib/cookie.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/cookie.c b/lib/cookie.c index 98c13e6218..9b89b7df70 100644 --- a/lib/cookie.c +++ b/lib/cookie.c @@ -750,7 +750,6 @@ parse_cookie_header(struct Curl_easy *data, if(!co->name) return CERR_BAD; - data->req.setcookies++; return CERR_OK; } @@ -1140,6 +1139,9 @@ Curl_cookie_add(struct Curl_easy *data, if(co->expires && (co->expires < ci->next_expiration)) ci->next_expiration = co->expires; + if(httpheader) + data->req.setcookies++; + return co; fail: freecookie(co); From 09f857803f5373e7a4052a488131b8bbea1bc453 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 21 Oct 2025 15:08:53 +0200 Subject: [PATCH 0553/2408] INSTALL-CMAKE.md: add manual configuration examples Closes #19179 --- docs/INSTALL-CMAKE.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/docs/INSTALL-CMAKE.md b/docs/INSTALL-CMAKE.md index 996ba698d0..c622b83920 100644 --- a/docs/INSTALL-CMAKE.md +++ b/docs/INSTALL-CMAKE.md @@ -454,6 +454,22 @@ Details via CMake - `ZSTD_INCLUDE_DIR`: Absolute path to zstd include directory. - `ZSTD_LIBRARY`: Absolute path to `zstd` library. +Examples: + +- `-DLIBPSL_INCLUDE_DIR=/path/to/libpl/include`, + which directory contains `libpsl.h`. + No ending slash or backslash is necessary. + +- `-DNGHTTP3_INCLUDE_DIR=/path/to/libnghttp3/include`, + which directory contains an `nghttp3` subdirectory with `.h` files in it. + +- `-DLIBPSL_LIBRARY=/path/to/libpsl/lib/libpsl.a` + Always a single library, with its complete filename, as-is on the file system. + +- `-DOPENSSL_ROOT_DIR=/path/to/openssl`, + which directory (typically) contains `include` and `lib` subdirectories. + No ending slash or backslash is necessary. + ## Test tools - `APXS`: Default: `apxs` From ea6455b7a4ed3dca3b2f03d6a0ae3ba101c16160 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 21 Oct 2025 15:22:43 +0200 Subject: [PATCH 0554/2408] spelling: subdirectories Closes #19180 --- .github/scripts/badwords.txt | 1 + docs/cmdline-opts/list-only.md | 2 +- packages/vms/curl_gnv_build_steps.txt | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/scripts/badwords.txt b/.github/scripts/badwords.txt index 741e5376fc..492ea32537 100644 --- a/.github/scripts/badwords.txt +++ b/.github/scripts/badwords.txt @@ -46,6 +46,7 @@ there's:there is \. But: Rewrite it somehow? \. So : Rewrite without "so" ? dir :directory +sub-director:subdirector can't:cannot that's:that is web page:webpage diff --git a/docs/cmdline-opts/list-only.md b/docs/cmdline-opts/list-only.md index 2800a8f793..eb52d88849 100644 --- a/docs/cmdline-opts/list-only.md +++ b/docs/cmdline-opts/list-only.md @@ -24,7 +24,7 @@ used like this, the option causes an NLST command to be sent to the server instead of LIST. Note: Some FTP servers list only files in their response to NLST; they do not -include sub-directories and symbolic links. +include subdirectories and symbolic links. When listing an SFTP directory, this switch forces a name-only view, one per line. This is especially useful if the user wants to machine-parse the diff --git a/packages/vms/curl_gnv_build_steps.txt b/packages/vms/curl_gnv_build_steps.txt index b7ea95219b..46c2c6e0a6 100644 --- a/packages/vms/curl_gnv_build_steps.txt +++ b/packages/vms/curl_gnv_build_steps.txt @@ -48,7 +48,7 @@ VMS_ROOT: is for the source files that are specific to OpenVMS. Note, you should create the VMS_ROOT: directory tree even if it is initially empty. This is where you should put edits if you are making changes. -LCL_ROOT: is manually created to have the same base and sub-directories as +LCL_ROOT: is manually created to have the same base and subdirectories as SRC_ROOT: and VMS_ROOT: The logical name REF_ROOT: may be defined to be a search list for From 30734e48d6719590967a6f3db31b02c5edbf2d9c Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 21 Oct 2025 05:33:33 +0000 Subject: [PATCH 0555/2408] Dockerfile: update debian:bookworm-slim Docker digest to 78d2f66 Closes #19173 --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 88a356bb88..fc5bf9e1ef 100644 --- a/Dockerfile +++ b/Dockerfile @@ -24,7 +24,7 @@ # $ ./scripts/maketgz 8.7.1 # To update, get the latest digest e.g. from https://hub.docker.com/_/debian/tags -FROM debian:bookworm-slim@sha256:7e490910eea2861b9664577a96b54ce68ea3e02ce7f51d89cb0103a6f9c386e0 +FROM debian:bookworm-slim@sha256:78d2f66e0fec9e5a39fb2c72ea5e052b548df75602b5215ed01a17171529f706 RUN apt-get update -qq && apt-get install -qq -y --no-install-recommends \ build-essential make autoconf automake libtool git perl zip zlib1g-dev gawk && \ From 7d5d0645e5562f65005488fbc7fd270a71239a5f Mon Sep 17 00:00:00 2001 From: x2018 Date: Wed, 22 Oct 2025 02:03:29 +0800 Subject: [PATCH 0556/2408] http: unify error handling in Curl_http() Closes #19182 --- lib/http.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/http.c b/lib/http.c index 172a091668..44d36b9a84 100644 --- a/lib/http.c +++ b/lib/http.c @@ -2936,8 +2936,10 @@ CURLcode Curl_http(struct Curl_easy *data, bool *done) char *pq = NULL; if(data->state.up.query) { pq = curl_maprintf("%s?%s", data->state.up.path, data->state.up.query); - if(!pq) - return CURLE_OUT_OF_MEMORY; + if(!pq) { + result = CURLE_OUT_OF_MEMORY; + goto out; + } } result = Curl_http_output_auth(data, data->conn, method, httpreq, (pq ? pq : data->state.up.path), FALSE); From 7295546447af980adacb37553a276cb1c782ba23 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 21 Oct 2025 23:43:30 +0200 Subject: [PATCH 0557/2408] hostip: fix infof() output for non-ipv6 builds using IPv6 address Pointed out by ZeroPath Closes #19184 --- lib/hostip.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/hostip.c b/lib/hostip.c index 055ea78b48..d4b1b87e7a 100644 --- a/lib/hostip.c +++ b/lib/hostip.c @@ -1352,9 +1352,9 @@ CURLcode Curl_loadhostpairs(struct Curl_easy *data) } } #ifndef USE_IPV6 - if(memchr(target.str, ':', target.len)) { - infof(data, "Ignoring resolve address '%s', missing IPv6 support.", - address); + if(memchr(curlx_str(&target), ':', curlx_strlen(&target))) { + infof(data, "Ignoring resolve address '%.*s', missing IPv6 support.", + (int)curlx_strlen(&target), curlx_str(&target)); if(curlx_str_single(&host, ',')) goto err; continue; From 68e63a7997e33dd6393c60fe9157023c70b57fc3 Mon Sep 17 00:00:00 2001 From: x2018 Date: Wed, 22 Oct 2025 13:24:55 +0800 Subject: [PATCH 0558/2408] curl_path: add curlx_dyn_free() on an error path Follow-up to 976333dd4052855c22369e89 Closes #19183 --- lib/vssh/curl_path.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/vssh/curl_path.c b/lib/vssh/curl_path.c index 44ea3d07a5..a6d572520f 100644 --- a/lib/vssh/curl_path.c +++ b/lib/vssh/curl_path.c @@ -167,8 +167,10 @@ CURLcode Curl_get_pathname(const char **cpp, char **path, const char *homedir) /* Read to end of filename - either to whitespace or terminator */ rc = curlx_str_word(&cp, &word, MAX_PATHLENGTH); if(rc) { - if(rc == STRE_BIG) + if(rc == STRE_BIG) { + curlx_dyn_free(&out); return CURLE_TOO_LARGE; + } else if(!content) /* no path, no word, this is incorrect */ goto fail; From f8ba00fe9ddb88827e212a9ebf8dd8293b5a1cb8 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 22 Oct 2025 09:55:34 +0200 Subject: [PATCH 0559/2408] RELEASE-NOTES: synced --- RELEASE-NOTES | 51 +++++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 41 insertions(+), 10 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 0091217686..01d0511d4c 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -4,7 +4,7 @@ curl and libcurl 8.17.0 Command line options: 273 curl_easy_setopt() options: 308 Public functions in libcurl: 100 - Contributors: 3520 + Contributors: 3523 This release includes the following changes: @@ -45,6 +45,7 @@ This release includes the following bugfixes: o cf-ip-happy: mention unix domain path, not port number [161] o cf-socket: always check Curl_cf_socket_peek() return code [198] o cf-socket: check params and remove accept procondition [197] + o cf-socket: make set_local_ip void, and remove failf() [390] o cf-socket: set FD_CLOEXEC on all sockets opened [273] o cf-socket: tweak a memcpy() to read better [177] o cf-socket: use the right byte order for ports in bindlocal [61] @@ -61,6 +62,7 @@ This release includes the following bugfixes: o cmake/FindGSS: fix pkg-config fallback logic for CMake <3.16 [189] o cmake/FindGSS: simplify/de-dupe lib setup [253] o cmake/FindGSS: whitespace/formatting [268] + o cmake: add and use local FindGnuTLS module [379] o cmake: add CURL_CODE_COVERAGE option [78] o cmake: build the "all" examples source list dynamically [245] o cmake: clang detection tidy-ups [116] @@ -70,6 +72,7 @@ This release includes the following bugfixes: o cmake: fix Linux pre-fills for non-glibc (when `_CURL_PREFILL=ON`) [372] o cmake: minor Heimdal flavour detection fix [269] o cmake: pre-fill three more type sizes on Windows [244] + o cmake: say 'absolute path' in option descriptions and docs [378] o cmake: support building some complicated examples, build them in CI [235] o cmake: use modern alternatives for get_filename_component() [102] o cmake: use more COMPILER_OPTIONS, LINK_OPTIONS / LINK_FLAGS [152] @@ -79,6 +82,7 @@ This release includes the following bugfixes: o conn: fix hostname move on connection reuse [272] o connect: remove redundant condition in shutdown start [289] o cookie: avoid saving a cookie file if no transfer was done [11] + o cookie: only count accepted cookies in Curl_cookie_add [364] o cpool: make bundle->dest an array; fix UB [218] o curl.h: remove incorrect comment about CURLOPT_PINNEDPUBLICKEY [320] o curl_easy_getinfo: error code on NULL arg [2] @@ -134,17 +138,23 @@ This release includes the following bugfixes: o ftp: simplify the 150/126 size scanner [288] o gnutls: check conversion of peer cert chain [275] o gtls: avoid potential use of uninitialized variable in trace output [83] + o hmac: free memory properly on errors [377] o hostip: don't store negative resolves due unrelated errors [256] + o hostip: fix infof() output for non-ipv6 builds using IPv6 address [338] o hostip: remove leftover INT_MAX check in Curl_dnscache_prune [88] o http2: check push header names by length first [261] o http2: cleanup pushed newhandle on fail [260] o http2: ingress handling edge cases [259] + o HTTP3: clarify the status for "old" OpenSSL, not current [394] o http: handle user-defined connection headers [165] o http: look for trailing 'type=' in ftp:// without strstr [315] o http: make Content-Length parser more WHATWG [183] + o http: return error for a second Location: header [393] o httpsrr: free old pointers when storing new [57] o imap: treat capabilities case insensitively [345] + o INSTALL-CMAKE.md: add manual configuration examples [360] o INSTALL-CMAKE.md: document useful build targets [215] + o INSTALL-CMAKE.md: fix descriptions for LDAP dependency options [382] o INSTALL: update the list of known operating systems [325] o INTERNALS: drop Winsock 2.2 from the dependency list [162] o ip-happy: do not set unnecessary timeout [95] @@ -193,7 +203,9 @@ This release includes the following bugfixes: o libssh: react on errors from ssh_scp_read [24] o libssh: return out of memory correctly if aprintf fails [60] o libssh: return the proper error for readdir problems [355] + o Makefile.example: bump default example from FTP to HTTPS [389] o Makefile.example: fix option order [231] + o Makefile.example: make default options more likely to work [388] o Makefile.example: simplify and make it configurable [20] o managen: ignore version mentions < 7.66.0 [55] o managen: render better manpage references/links [54] @@ -204,6 +216,7 @@ This release includes the following bugfixes: o mbedtls: handle WANT_WRITE from mbedtls_ssl_read() [145] o mdlinkcheck: reject URLs containing quotes [174] o memdup0: handle edge case [241] + o mime: fix unpausing of readers [375] o mime: fix use of fseek() [334] o multi.h: add CURLMINFO_LASTENTRY [51] o multi_ev: remove unnecessary data check that confuses analysers [167] @@ -289,6 +302,7 @@ This release includes the following bugfixes: o socks_gssapi: reject too long tokens [90] o socks_gssapi: remove superfluous releases of the gss_recv_token [139] o socks_gssapi: remove the forced "no protection" [143] + o socks_gssapi: replace `gss_release_buffer()` with curl free [386] o socks_sspi: bail out on too long fields [137] o socks_sspi: fix memory cleanup calls [40] o socks_sspi: remove the enforced mode clearing [291] @@ -350,6 +364,7 @@ This release includes the following bugfixes: o tool_operate: retry on HTTP response codes 522 and 524 [317] o tool_operate: return error on strdup() failure [336] o tool_paramhlp: remove outdated comment in str2tls_max() [367] + o tool_parsecfg: detect and error on recursive --config use [380] o tool_progress: handle possible integer overflows [164] o tool_progress: make max5data() use an algorithm [170] o transfer: avoid busy loop with tiny speed limit [100] @@ -409,15 +424,16 @@ advice from friends like these: Dan Fandrich, Daniel Stenberg, Daniel Terhorst-North, dependabot[bot], divinity76 on github, Emilio Pozuelo Monfort, Emre Çalışkan, Ethan Everett, Evgeny Grin (Karlson2k), fds242 on github, Harry Sintonen, Howard Chu, - Ignat Loskutov, James Fuller, Javier Blazquez, Jicea, jmaggard10 on github, - Jochen Sprickerhof, Johannes Schindelin, Jonathan Cardoso Machado, - Joseph Birr-Pixton, Joshua Rogers, kapsiR on github, kuchara on github, - Marcel Raad, Michael Osipov, Michał Petryka, Mitchell Blank Jr, - Mohamed Daahir, Nir Azkiel, Patrick Monnerat, plv1313 on github, - Pocs Norbert, Ray Satiro, renovate[bot], rinsuki on github, Sakthi SK, - Samuel Dionne-Riel, Samuel Henrique, Stanislav Fort, Stefan Eissing, - Tatsuhiro Tsujikawa, tkzv on github, Viktor Szakats, Yedaya Katsman - (53 contributors) + Ignat Loskutov, Jakub Stasiak, James Fuller, Javier Blazquez, Jicea, + jmaggard10 on github, Jochen Sprickerhof, Johannes Schindelin, + Jonathan Cardoso Machado, Joseph Birr-Pixton, Joshua Rogers, + kapsiR on github, kuchara on github, Marcel Raad, Michael Osipov, + Michał Petryka, Mitchell Blank Jr, Mohamed Daahir, Nir Azkiel, + Patrick Monnerat, plv1313 on github, Pocs Norbert, Ray Satiro, renovate[bot], + rinsuki on github, Sakthi SK, Samuel Dionne-Riel, Samuel Henrique, + Stanislav Fort, Stefan Eissing, Tatsuhiro Tsujikawa, tkzv on github, + Viktor Szakats, WangDaLei on github, Xiaoke Wang, Yedaya Katsman, 包布丁 + (57 contributors) References to bug reports and discussions on issues: @@ -757,6 +773,7 @@ References to bug reports and discussions on issues: [335] = https://curl.se/bug/?i=19125 [336] = https://curl.se/bug/?i=19145 [337] = https://curl.se/bug/?i=19097 + [338] = https://curl.se/bug/?i=19184 [339] = https://curl.se/bug/?i=19091 [340] = https://curl.se/bug/?i=19093 [341] = https://curl.se/bug/?i=19149 @@ -775,9 +792,11 @@ References to bug reports and discussions on issues: [357] = https://curl.se/bug/?i=19136 [358] = https://curl.se/bug/?i=19133 [359] = https://curl.se/bug/?i=19139 + [360] = https://curl.se/bug/?i=19179 [361] = https://curl.se/bug/?i=19126 [362] = https://curl.se/bug/?i=19132 [363] = https://curl.se/bug/?i=19118 + [364] = https://curl.se/bug/?i=19157 [365] = https://curl.se/bug/?i=19112 [366] = https://curl.se/bug/?i=19124 [367] = https://curl.se/bug/?i=19115 @@ -788,4 +807,16 @@ References to bug reports and discussions on issues: [372] = https://curl.se/bug/?i=19116 [373] = https://curl.se/bug/?i=19114 [374] = https://curl.se/bug/?i=19113 + [375] = https://curl.se/bug/?i=18848 [376] = https://curl.se/bug/?i=19111 + [377] = https://curl.se/bug/?i=19176 + [378] = https://curl.se/bug/?i=19169 + [379] = https://curl.se/bug/?i=19163 + [380] = https://curl.se/bug/?i=19168 + [382] = https://curl.se/bug/?i=19170 + [386] = https://curl.se/bug/?i=19018 + [388] = https://curl.se/bug/?i=19161 + [389] = https://curl.se/bug/?i=19160 + [390] = https://curl.se/bug/?i=19137 + [393] = https://curl.se/bug/?i=19130 + [394] = https://curl.se/bug/?i=19153 From 9c313b61b419c8a6c92420f77da67de8d287ff8a Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Wed, 22 Oct 2025 10:00:53 +0200 Subject: [PATCH 0560/2408] ftp: check errors on remote ip for data connection Obtaining the remote ip of the control connection to be used for the data connection can fail. Check that and fail the transfer when that does not work. Triggered by an OSS-Fuzz issue. Closes #19185 --- lib/ftp.c | 41 ++++++++++++++++++++++++++--------------- 1 file changed, 26 insertions(+), 15 deletions(-) diff --git a/lib/ftp.c b/lib/ftp.c index fd957a2bb4..0fab17c1c1 100644 --- a/lib/ftp.c +++ b/lib/ftp.c @@ -1771,23 +1771,32 @@ static CURLcode ftp_epsv_disable(struct Curl_easy *data, } -static char *control_address_dup(struct Curl_easy *data, - struct connectdata *conn) +static CURLcode ftp_control_addr_dup(struct Curl_easy *data, + struct ftp_conn *ftpc) { - struct ip_quadruple ipquad; - bool is_ipv6; + struct connectdata *conn = data->conn; + struct ip_quadruple ipquad; + bool is_ipv6; /* Returns the control connection IP address. If a proxy tunnel is used, returns the original hostname instead, because the effective control connection address is the proxy address, not the ftp host. */ + free(ftpc->newhost); #ifndef CURL_DISABLE_PROXY if(conn->bits.tunnel_proxy || conn->bits.socksproxy) - return strdup(conn->host.name); + ftpc->newhost = strdup(conn->host.name); + else #endif - if(!Curl_conn_get_ip_info(data, conn, FIRSTSOCKET, &is_ipv6, &ipquad)) - return strdup(ipquad.remote_ip); - return NULL; + if(!Curl_conn_get_ip_info(data, conn, FIRSTSOCKET, &is_ipv6, &ipquad) && + *ipquad.remote_ip) + ftpc->newhost = strdup(ipquad.remote_ip); + else { + /* failed to get the remote_ip of the DATA connection */ + failf(data, "unable to get peername of DATA connection"); + return CURLE_FAILED_INIT; + } + return ftpc->newhost ? CURLE_OK : CURLE_OUT_OF_MEMORY; } static bool match_pasv_6nums(const char *p, @@ -1840,9 +1849,9 @@ static CURLcode ftp_state_pasv_resp(struct Curl_easy *data, return CURLE_FTP_WEIRD_PASV_REPLY; } ftpc->newport = (unsigned short)num; - ftpc->newhost = control_address_dup(data, conn); - if(!ftpc->newhost) - return CURLE_OUT_OF_MEMORY; + result = ftp_control_addr_dup(data, ftpc); + if(result) + return result; } else ptr = NULL; @@ -1884,7 +1893,9 @@ static CURLcode ftp_state_pasv_resp(struct Curl_easy *data, infof(data, "Skip %u.%u.%u.%u for data connection, reuse %s instead", ip[0], ip[1], ip[2], ip[3], conn->host.name); - ftpc->newhost = control_address_dup(data, conn); + result = ftp_control_addr_dup(data, ftpc); + if(result) + return result; } else ftpc->newhost = curl_maprintf("%u.%u.%u.%u", ip[0], ip[1], ip[2], ip[3]); @@ -1938,9 +1949,9 @@ static CURLcode ftp_state_pasv_resp(struct Curl_easy *data, /* postponed address resolution in case of tcp fastopen */ if(conn->bits.tcp_fastopen && !conn->bits.reuse && !ftpc->newhost[0]) { free(ftpc->newhost); - ftpc->newhost = control_address_dup(data, conn); - if(!ftpc->newhost) - return CURLE_OUT_OF_MEMORY; + result = ftp_control_addr_dup(data, ftpc); + if(result) + return result; } (void)Curl_resolv_blocking(data, ftpc->newhost, ftpc->newport, From fcae0733a7c55e712955b0f6df24fc8412023e2d Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Wed, 22 Oct 2025 10:39:58 +0200 Subject: [PATCH 0561/2408] gnutls: fix re-handshake comments With GnuTLS, a GNUTLS_E_REHANDSHAKE can be a renegotiate in TLSv1.2 or a key update in TLSv1.3. This had been made non-blocking in a1850ad7debe33fded6367e34d5c06be4d51f58e but the comment warning about a blocking call was not updated. Closes #19187 --- lib/vtls/gtls.c | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index 1c0a6fb2d6..19c2ce893f 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -239,8 +239,8 @@ static void unload_file(gnutls_datum_t data) /* this function does an SSL/TLS (re-)handshake */ -static CURLcode handshake(struct Curl_cfilter *cf, - struct Curl_easy *data) +static CURLcode cf_gtls_handshake(struct Curl_cfilter *cf, + struct Curl_easy *data) { struct ssl_connect_data *connssl = cf->ctx; struct gtls_ssl_backend_data *backend = @@ -2005,7 +2005,7 @@ static CURLcode gtls_connect_common(struct Curl_cfilter *cf, DEBUGASSERT((connssl->earlydata_state == ssl_earlydata_none) || (connssl->earlydata_state == ssl_earlydata_sent)); #endif - result = handshake(cf, data); + result = cf_gtls_handshake(cf, data); if(result) goto out; connssl->connecting_state = ssl_connect_3; @@ -2265,11 +2265,10 @@ static CURLcode gtls_recv(struct Curl_cfilter *cf, goto out; } else if(nread == GNUTLS_E_REHANDSHAKE) { - /* BLOCKING call, this is bad but a work-around for now. Fixing this "the - proper way" takes a whole lot of work. */ - result = handshake(cf, data); + /* Either TLSv1.2 renegotiate or a TLSv1.3 session key update. */ + result = cf_gtls_handshake(cf, data); if(!result) - result = CURLE_AGAIN; /* then return as if this was a wouldblock */ + result = CURLE_AGAIN; /* make us get called again. */ goto out; } else { From bb78c45407e9ad5fc1884d3b5fa9a16bde8af3d7 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Wed, 22 Oct 2025 10:12:54 +0200 Subject: [PATCH 0562/2408] vquic: fix recvmsg loop for max_pkts The parameter `max_pkts` was not checked in the recvmsg() implementation of vquic_recv_packets() as the packter counter was never increased. This led to the loop running until an EAGAIN was encountered. Which, in any real case scenario, does no harm as long as libcurl is ingesting packets faster than a server is able to send them. However on a slow device and a fast network this could happen and allow a denial of serice. Not a real regression as the vulnerable code has never been released. libcurl 8.16.0 does not have this bug. Closes #19186 --- lib/vquic/vquic.c | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/vquic/vquic.c b/lib/vquic/vquic.c index 24ba8a97e4..7533001eaf 100644 --- a/lib/vquic/vquic.c +++ b/lib/vquic/vquic.c @@ -539,6 +539,7 @@ static CURLcode recvmsg_packets(struct Curl_cfilter *cf, msg.msg_name, msg.msg_namelen, 0, userp); if(result) goto out; + pkts += (nread + gso_size - 1) / gso_size; } out: From fb6a4802d7a76d8e36652bedbf6c03270b541974 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 22 Oct 2025 11:25:42 +0200 Subject: [PATCH 0563/2408] imap: parse and use UIDVALIDITY as a number Instead of a string. Saves a malloc, adds earlier format check. RFC 3501 section 2.3.1.1 documents the value as a 32-bit value. Closes #19188 --- lib/imap.c | 109 +++++++++++++++++++++++------------------------------ 1 file changed, 47 insertions(+), 62 deletions(-) diff --git a/lib/imap.c b/lib/imap.c index 0feaedf5ac..8cbda96a05 100644 --- a/lib/imap.c +++ b/lib/imap.c @@ -115,8 +115,8 @@ struct imap_conn { struct SASL sasl; /* SASL-related parameters */ struct dynbuf dyn; /* for the IMAP commands */ char *mailbox; /* The last selected mailbox */ - char *mailbox_uidvalidity; /* UIDVALIDITY parsed from select response */ imapstate state; /* Always use imap.c:state() to change state! */ + unsigned int mb_uidvalidity; /* UIDVALIDITY parsed from select response */ char resptag[5]; /* Response tag to wait for */ unsigned char preftype; /* Preferred authentication type */ unsigned char cmdid; /* Last used command ID */ @@ -125,6 +125,7 @@ struct imap_conn { BIT(tls_supported); /* StartTLS capability supported by server */ BIT(login_disabled); /* LOGIN command disabled by server */ BIT(ir_supported); /* Initial response supported by server */ + BIT(mb_uidvalidity_set); }; /* This IMAP struct is used in the Curl_easy. All IMAP data that is @@ -134,7 +135,6 @@ struct imap_conn { struct IMAP { curl_pp_transfer transfer; char *mailbox; /* Mailbox to select */ - char *uidvalidity; /* UIDVALIDITY to check in select */ char *uid; /* Message UID to fetch */ char *mindex; /* Index in mail box of mail to fetch */ char *section; /* Message SECTION to fetch */ @@ -142,6 +142,8 @@ struct IMAP { char *query; /* Query to search for */ char *custom; /* Custom request */ char *custom_params; /* Parameters for the custom request */ + unsigned int uidvalidity; /* UIDVALIDITY to check in select */ + BIT(uidvalidity_set); }; @@ -780,7 +782,6 @@ static CURLcode imap_perform_select(struct Curl_easy *data, /* Invalidate old information as we are switching mailboxes */ Curl_safefree(imapc->mailbox); - Curl_safefree(imapc->mailbox_uidvalidity); /* Check we have a mailbox */ if(!imap->mailbox) { @@ -1222,24 +1223,19 @@ static CURLcode imap_state_select_resp(struct Curl_easy *data, if(imapcode == '*') { /* See if this is an UIDVALIDITY response */ if(checkprefix("OK [UIDVALIDITY ", line + 2)) { - size_t len = 0; + curl_off_t value; const char *p = &line[2] + strlen("OK [UIDVALIDITY "); - while((len < 20) && p[len] && ISDIGIT(p[len])) - len++; - if(len && (p[len] == ']')) { - struct dynbuf uid; - curlx_dyn_init(&uid, 20); - if(curlx_dyn_addn(&uid, p, len)) - return CURLE_OUT_OF_MEMORY; - free(imapc->mailbox_uidvalidity); - imapc->mailbox_uidvalidity = curlx_dyn_ptr(&uid); + if(!curlx_str_number(&p, &value, UINT_MAX)) { + imapc->mb_uidvalidity = (unsigned int)value; + imapc->mb_uidvalidity_set = TRUE; } + } } else if(imapcode == IMAP_RESP_OK) { /* Check if the UIDVALIDITY has been specified and matches */ - if(imap->uidvalidity && imapc->mailbox_uidvalidity && - !curl_strequal(imap->uidvalidity, imapc->mailbox_uidvalidity)) { + if(imap->uidvalidity_set && imapc->mb_uidvalidity_set && + (imap->uidvalidity != imapc->mb_uidvalidity)) { failf(data, "Mailbox UIDVALIDITY has changed"); result = CURLE_REMOTE_FILE_NOT_FOUND; } @@ -1690,8 +1686,8 @@ static CURLcode imap_perform(struct Curl_easy *data, bool *connected, has already been selected on this connection */ if(imap->mailbox && imapc->mailbox && curl_strequal(imap->mailbox, imapc->mailbox) && - (!imap->uidvalidity || !imapc->mailbox_uidvalidity || - curl_strequal(imap->uidvalidity, imapc->mailbox_uidvalidity))) + (!imap->uidvalidity_set || !imapc->mb_uidvalidity_set || + (imap->uidvalidity == imapc->mb_uidvalidity))) selected = TRUE; /* Start the first command in the DO phase */ @@ -1861,7 +1857,6 @@ static CURLcode imap_regular_transfer(struct Curl_easy *data, static void imap_easy_reset(struct IMAP *imap) { Curl_safefree(imap->mailbox); - Curl_safefree(imap->uidvalidity); Curl_safefree(imap->uid); Curl_safefree(imap->mindex); Curl_safefree(imap->section); @@ -1890,7 +1885,6 @@ static void imap_conn_dtor(void *key, size_t klen, void *entry) Curl_pp_disconnect(&imapc->pp); curlx_dyn_free(&imapc->dyn); Curl_safefree(imapc->mailbox); - Curl_safefree(imapc->mailbox_uidvalidity); free(imapc); } @@ -2177,54 +2171,45 @@ static CURLcode imap_parse_url_path(struct Curl_easy *data, DEBUGF(infof(data, "IMAP URL parameter '%s' = '%s'", name, value)); - /* Process the known hierarchical parameters (UIDVALIDITY, UID, SECTION and - PARTIAL) stripping of the trailing slash character if it is present. + /* Process the known hierarchical parameters (UIDVALIDITY, UID, SECTION + and PARTIAL) stripping of the trailing slash character if it is + present. Note: Unknown parameters trigger a URL_MALFORMAT error. */ - if(curl_strequal(name, "UIDVALIDITY") && !imap->uidvalidity) { - if(valuelen > 0 && value[valuelen - 1] == '/') - value[valuelen - 1] = '\0'; - - imap->uidvalidity = value; - value = NULL; + if(valuelen > 0 && value[valuelen - 1] == '/') + value[valuelen - 1] = '\0'; + if(valuelen) { + if(curl_strequal(name, "UIDVALIDITY") && !imap->uidvalidity_set) { + curl_off_t num; + const char *p = (const char *)value; + if(!curlx_str_number(&p, &num, UINT_MAX)) { + imap->uidvalidity = (unsigned int)num; + imap->uidvalidity_set = TRUE; + } + free(value); + } + else if(curl_strequal(name, "UID") && !imap->uid) { + imap->uid = value; + } + else if(curl_strequal(name, "MAILINDEX") && !imap->mindex) { + imap->mindex = value; + } + else if(curl_strequal(name, "SECTION") && !imap->section) { + imap->section = value; + } + else if(curl_strequal(name, "PARTIAL") && !imap->partial) { + imap->partial = value; + } + else { + free(name); + free(value); + return CURLE_URL_MALFORMAT; + } } - else if(curl_strequal(name, "UID") && !imap->uid) { - if(valuelen > 0 && value[valuelen - 1] == '/') - value[valuelen - 1] = '\0'; - - imap->uid = value; - value = NULL; - } - else if(curl_strequal(name, "MAILINDEX") && !imap->mindex) { - if(valuelen > 0 && value[valuelen - 1] == '/') - value[valuelen - 1] = '\0'; - - imap->mindex = value; - value = NULL; - } - else if(curl_strequal(name, "SECTION") && !imap->section) { - if(valuelen > 0 && value[valuelen - 1] == '/') - value[valuelen - 1] = '\0'; - - imap->section = value; - value = NULL; - } - else if(curl_strequal(name, "PARTIAL") && !imap->partial) { - if(valuelen > 0 && value[valuelen - 1] == '/') - value[valuelen - 1] = '\0'; - - imap->partial = value; - value = NULL; - } - else { - free(name); + else + /* blank? */ free(value); - - return CURLE_URL_MALFORMAT; - } - free(name); - free(value); } /* Does the URL contain a query parameter? Only valid when we have a mailbox From 61156f792105597991b5286de76fb5226082dfe4 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 22 Oct 2025 13:08:21 +0200 Subject: [PATCH 0564/2408] ftp: remove 'newhost' and 'newport' from the ftp_conn struct They are only needed locally, no need to keep them around. Closes #19190 --- lib/ftp.c | 74 +++++++++++++++++++++++++++++-------------------------- lib/ftp.h | 4 --- 2 files changed, 39 insertions(+), 39 deletions(-) diff --git a/lib/ftp.c b/lib/ftp.c index 0fab17c1c1..1d33a96b10 100644 --- a/lib/ftp.c +++ b/lib/ftp.c @@ -334,7 +334,6 @@ static void freedirs(struct ftp_conn *ftpc) ftpc->dirdepth = 0; Curl_safefree(ftpc->rawpath); ftpc->file = NULL; - Curl_safefree(ftpc->newhost); } #ifdef CURL_PREFER_LF_LINEENDS @@ -1772,7 +1771,7 @@ static CURLcode ftp_epsv_disable(struct Curl_easy *data, static CURLcode ftp_control_addr_dup(struct Curl_easy *data, - struct ftp_conn *ftpc) + char **newhostp) { struct connectdata *conn = data->conn; struct ip_quadruple ipquad; @@ -1782,21 +1781,21 @@ static CURLcode ftp_control_addr_dup(struct Curl_easy *data, If a proxy tunnel is used, returns the original hostname instead, because the effective control connection address is the proxy address, not the ftp host. */ - free(ftpc->newhost); #ifndef CURL_DISABLE_PROXY if(conn->bits.tunnel_proxy || conn->bits.socksproxy) - ftpc->newhost = strdup(conn->host.name); + *newhostp = strdup(conn->host.name); else #endif if(!Curl_conn_get_ip_info(data, conn, FIRSTSOCKET, &is_ipv6, &ipquad) && *ipquad.remote_ip) - ftpc->newhost = strdup(ipquad.remote_ip); + *newhostp = strdup(ipquad.remote_ip); else { /* failed to get the remote_ip of the DATA connection */ failf(data, "unable to get peername of DATA connection"); - return CURLE_FAILED_INIT; + *newhostp = NULL; + return CURLE_FTP_CANT_GET_HOST; } - return ftpc->newhost ? CURLE_OK : CURLE_OUT_OF_MEMORY; + return *newhostp ? CURLE_OK : CURLE_OUT_OF_MEMORY; } static bool match_pasv_6nums(const char *p, @@ -1826,12 +1825,11 @@ static CURLcode ftp_state_pasv_resp(struct Curl_easy *data, struct Curl_dns_entry *dns = NULL; unsigned short connectport; /* the local port connect() should use! */ struct pingpong *pp = &ftpc->pp; + char *newhost = NULL; + unsigned short newport = 0; char *str = curlx_dyn_ptr(&pp->recvbuf) + 4; /* start on the first letter */ - /* if we come here again, make sure the former name is cleared */ - Curl_safefree(ftpc->newhost); - if((ftpc->count1 == 0) && (ftpcode == 229)) { /* positive EPSV response */ @@ -1848,8 +1846,8 @@ static CURLcode ftp_state_pasv_resp(struct Curl_easy *data, failf(data, "Illegal port number in EPSV reply"); return CURLE_FTP_WEIRD_PASV_REPLY; } - ftpc->newport = (unsigned short)num; - result = ftp_control_addr_dup(data, ftpc); + newport = (unsigned short)num; + result = ftp_control_addr_dup(data, &newhost); if(result) return result; } @@ -1893,17 +1891,17 @@ static CURLcode ftp_state_pasv_resp(struct Curl_easy *data, infof(data, "Skip %u.%u.%u.%u for data connection, reuse %s instead", ip[0], ip[1], ip[2], ip[3], conn->host.name); - result = ftp_control_addr_dup(data, ftpc); + result = ftp_control_addr_dup(data, &newhost); if(result) return result; } else - ftpc->newhost = curl_maprintf("%u.%u.%u.%u", ip[0], ip[1], ip[2], ip[3]); + newhost = curl_maprintf("%u.%u.%u.%u", ip[0], ip[1], ip[2], ip[3]); - if(!ftpc->newhost) + if(!newhost) return CURLE_OUT_OF_MEMORY; - ftpc->newport = (unsigned short)(((ip[4] << 8) + ip[5]) & 0xffff); + newport = (unsigned short)(((ip[4] << 8) + ip[5]) & 0xffff); } else if(ftpc->count1 == 0) { /* EPSV failed, move on to PASV */ @@ -1937,31 +1935,31 @@ static CURLcode ftp_state_pasv_resp(struct Curl_easy *data, if(!dns) { failf(data, "cannot resolve proxy host %s:%hu", host_name, connectport); - return CURLE_COULDNT_RESOLVE_PROXY; + result = CURLE_COULDNT_RESOLVE_PROXY; + goto error; } } else #endif { /* normal, direct, ftp connection */ - DEBUGASSERT(ftpc->newhost); + DEBUGASSERT(newhost); /* postponed address resolution in case of tcp fastopen */ - if(conn->bits.tcp_fastopen && !conn->bits.reuse && !ftpc->newhost[0]) { - free(ftpc->newhost); - result = ftp_control_addr_dup(data, ftpc); + if(conn->bits.tcp_fastopen && !conn->bits.reuse && !newhost[0]) { + free(newhost); + result = ftp_control_addr_dup(data, &newhost); if(result) - return result; + goto error; } - (void)Curl_resolv_blocking(data, ftpc->newhost, ftpc->newport, - conn->ip_version, &dns); - connectport = ftpc->newport; /* we connect to the remote port */ + (void)Curl_resolv_blocking(data, newhost, newport, conn->ip_version, &dns); + connectport = newport; /* we connect to the remote port */ if(!dns) { - failf(data, "cannot resolve new host %s:%hu", - ftpc->newhost, connectport); - return CURLE_FTP_CANT_GET_HOST; + failf(data, "cannot resolve new host %s:%hu", newhost, connectport); + result = CURLE_FTP_CANT_GET_HOST; + goto error; } } @@ -1970,10 +1968,12 @@ static CURLcode ftp_state_pasv_resp(struct Curl_easy *data, CURL_CF_SSL_ENABLE : CURL_CF_SSL_DISABLE); if(result) { - if(ftpc->count1 == 0 && ftpcode == 229) + if(ftpc->count1 == 0 && ftpcode == 229) { + free(newhost); return ftp_epsv_disable(data, ftpc, conn); + } - return result; + goto error; } @@ -1985,17 +1985,21 @@ static CURLcode ftp_state_pasv_resp(struct Curl_easy *data, if(data->set.verbose) /* this just dumps information about this second connection */ - ftp_pasv_verbose(data, dns->addr, ftpc->newhost, connectport); + ftp_pasv_verbose(data, dns->addr, newhost, connectport); free(conn->secondaryhostname); - conn->secondary_port = ftpc->newport; - conn->secondaryhostname = strdup(ftpc->newhost); - if(!conn->secondaryhostname) - return CURLE_OUT_OF_MEMORY; + conn->secondary_port = newport; + conn->secondaryhostname = strdup(newhost); + if(!conn->secondaryhostname) { + result = CURLE_OUT_OF_MEMORY; + goto error; + } conn->bits.do_more = TRUE; ftp_state(data, ftpc, FTP_STOP); /* this phase is completed */ +error: + free(newhost); return result; } diff --git a/lib/ftp.h b/lib/ftp.h index fdbb4b0539..76326331b4 100644 --- a/lib/ftp.h +++ b/lib/ftp.h @@ -133,8 +133,6 @@ struct ftp_conn { const char *file; /* url-decoded filename (or path), points into rawpath */ char *rawpath; /* URL decoded, allocated, version of the path */ struct pathcomp *dirs; /* allocated array for path components */ - char *newhost; /* the (allocated) IP addr or hostname to connect the data - connection to */ char *prevpath; /* url-decoded conn->path from the previous transfer */ char transfertype; /* set by ftp_transfertype for use by Curl_client_write()a and others (A/I or zero) */ @@ -148,8 +146,6 @@ struct ftp_conn { int count1; /* general purpose counter for the state machine */ int count2; /* general purpose counter for the state machine */ int count3; /* general purpose counter for the state machine */ - unsigned short newport; /* the port of 'newhost' to connect the data - connection to */ ftpstate state; /* always use ftp.c:state() to change state! */ ftpstate state_saved; /* transfer type saved to be reloaded after data connection is established */ From 4d93592a26e31ea5632b98281225807b9f938460 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 22 Oct 2025 13:22:21 +0200 Subject: [PATCH 0565/2408] ftp: reduce size of some struct fields Closes #19191 --- lib/ftp.c | 4 +++- lib/ftp.h | 14 +++++++++----- 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/lib/ftp.c b/lib/ftp.c index 1d33a96b10..cd8903e1b3 100644 --- a/lib/ftp.c +++ b/lib/ftp.c @@ -4169,6 +4169,8 @@ static size_t numof_slashes(const char *str) return num; } +#define FTP_MAX_DIR_DEPTH 1000 + /*********************************************************************** * * ftp_parse_url_path() @@ -4242,7 +4244,7 @@ CURLcode ftp_parse_url_path(struct Curl_easy *data, /* number of entries to allocate for the 'dirs' array */ size_t dirAlloc = numof_slashes(rawPath); - if(dirAlloc >= 1000) + if(dirAlloc >= FTP_MAX_DIR_DEPTH) /* suspiciously deep dir hierarchy */ return CURLE_URL_MALFORMAT; diff --git a/lib/ftp.h b/lib/ftp.h index 76326331b4..d06738f113 100644 --- a/lib/ftp.h +++ b/lib/ftp.h @@ -141,14 +141,18 @@ struct ftp_conn { curl_off_t known_filesize; /* file size is different from -1, if wildcard LIST parsing was done and wc_statemach set it */ - int dirdepth; /* number of entries used in the 'dirs' array */ - int cwdcount; /* number of CWD commands issued */ int count1; /* general purpose counter for the state machine */ int count2; /* general purpose counter for the state machine */ int count3; /* general purpose counter for the state machine */ - ftpstate state; /* always use ftp.c:state() to change state! */ - ftpstate state_saved; /* transfer type saved to be reloaded after data - connection is established */ + unsigned short dirdepth; /* number of entries used in the 'dirs' array, + < FTP_MAX_DIR_DEPTH */ + unsigned short cwdcount; /* number of CWD commands issued, + < FTP_MAX_DIR_DEPTH */ + unsigned char state; /* (ftpstate enum) always use ftp.c:state() to change + state! */ + unsigned char state_saved; /* (ftpstate enum) transfer type saved to be + reloaded after data connection is + established */ unsigned char use_ssl; /* if AUTH TLS is to be attempted etc, for FTP or IMAP or POP3 or others! (type: curl_usessl)*/ unsigned char ccc; /* ccc level for this connection */ From 96717dea4c0ba8da7ef85190300f7eaeaa4b7d62 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 22 Oct 2025 18:57:32 +0200 Subject: [PATCH 0566/2408] GHA/labeler: add FindGnuTLS.cmake Follow-up to 1966c86d71eb90beeeb3ccbefd6321bd64992553 #19163 Cherry-picked from #16973 --- .github/labeler.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/labeler.yml b/.github/labeler.yml index 982055f16a..770b293e3f 100644 --- a/.github/labeler.yml +++ b/.github/labeler.yml @@ -451,6 +451,7 @@ TLS: - all: - changed-files: - any-glob-to-all-files: "{\ + CMake/FindGnuTLS.cmake,\ CMake/FindMbedTLS.cmake,\ CMake/FindWolfSSL.cmake,\ CMake/FindRustls.cmake,\ From a8f16da712402733609943b5da003af5baa058e6 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 22 Oct 2025 14:55:32 +0200 Subject: [PATCH 0567/2408] ftp: remove the state_saved struct field It was not necessary. Its only purpose was to know if an upload is done, and that information is already available elsewhere. Closes #19192 --- lib/ftp.c | 9 +++------ lib/ftp.h | 3 --- 2 files changed, 3 insertions(+), 9 deletions(-) diff --git a/lib/ftp.c b/lib/ftp.c index cd8903e1b3..8025d80f21 100644 --- a/lib/ftp.c +++ b/lib/ftp.c @@ -533,7 +533,7 @@ static CURLcode ftp_initiate_transfer(struct Curl_easy *data, if(result || !connected) return result; - if(ftpc->state_saved == FTP_STOR) { + if(data->state.upload) { /* When we know we are uploading a specified file, we can get the file size prior to the actual upload. */ Curl_pgrsSetUploadSize(data, data->state.infilesize); @@ -2428,7 +2428,7 @@ static CURLcode ftp_state_rest_resp(struct Curl_easy *data, static CURLcode ftp_state_stor_resp(struct Curl_easy *data, struct ftp_conn *ftpc, - int ftpcode, ftpstate instate) + int ftpcode) { CURLcode result = CURLE_OK; @@ -2438,8 +2438,6 @@ static CURLcode ftp_state_stor_resp(struct Curl_easy *data, return CURLE_UPLOAD_FAILED; } - ftpc->state_saved = instate; - /* PORT means we are now awaiting the server to connect to us. */ if(data->set.ftp_use_port) { bool connected; @@ -2541,7 +2539,6 @@ static CURLcode ftp_state_get_resp(struct Curl_easy *data, infof(data, "Getting file with size: %" FMT_OFF_T, size); /* FTP download: */ - ftpc->state_saved = instate; ftpc->retr_size_saved = size; if(data->set.ftp_use_port) { @@ -3142,7 +3139,7 @@ static CURLcode ftp_pp_statemachine(struct Curl_easy *data, break; case FTP_STOR: - result = ftp_state_stor_resp(data, ftpc, ftpcode, ftpc->state); + result = ftp_state_stor_resp(data, ftpc, ftpcode); break; case FTP_QUIT: diff --git a/lib/ftp.h b/lib/ftp.h index d06738f113..e09aadabc3 100644 --- a/lib/ftp.h +++ b/lib/ftp.h @@ -150,9 +150,6 @@ struct ftp_conn { < FTP_MAX_DIR_DEPTH */ unsigned char state; /* (ftpstate enum) always use ftp.c:state() to change state! */ - unsigned char state_saved; /* (ftpstate enum) transfer type saved to be - reloaded after data connection is - established */ unsigned char use_ssl; /* if AUTH TLS is to be attempted etc, for FTP or IMAP or POP3 or others! (type: curl_usessl)*/ unsigned char ccc; /* ccc level for this connection */ From d51d19bd06529207aedc87ecde154ef57427f655 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 22 Oct 2025 22:54:28 +0200 Subject: [PATCH 0568/2408] ftp: remove the retr_size_saved struct field It was basically a duplicate of data->req.size already Closes #19194 --- lib/ftp.c | 20 +++++++++----------- lib/ftp.h | 1 - 2 files changed, 9 insertions(+), 12 deletions(-) diff --git a/lib/ftp.c b/lib/ftp.c index 8025d80f21..5b96f63ad6 100644 --- a/lib/ftp.c +++ b/lib/ftp.c @@ -548,7 +548,7 @@ static CURLcode ftp_initiate_transfer(struct Curl_easy *data, } else { /* FTP download, shutdown, do not ignore errors */ - Curl_xfer_setup_recv(data, SECONDARYSOCKET, ftpc->retr_size_saved); + Curl_xfer_setup_recv(data, SECONDARYSOCKET, data->req.size); Curl_xfer_set_shutdown(data, TRUE, FALSE); } @@ -2486,7 +2486,7 @@ static CURLcode ftp_state_get_resp(struct Curl_easy *data, E: 125 Data connection already open; Transfer starting. */ - curl_off_t size = -1; /* default unknown size */ + data->req.size = -1; /* default unknown size */ /* @@ -2519,27 +2519,25 @@ static CURLcode ftp_state_get_resp(struct Curl_easy *data, if(!curlx_str_number(&c, &what, CURL_OFF_T_MAX) && !curlx_str_single(&c, ' ') && !strncmp(c, "bytes", 5)) { - size = what; + data->req.size = what; break; } } } } else if(ftp->downloadsize > -1) - size = ftp->downloadsize; + data->req.size = ftp->downloadsize; - if(size > data->req.maxdownload && data->req.maxdownload > 0) - size = data->req.size = data->req.maxdownload; + if(data->req.size > data->req.maxdownload && data->req.maxdownload > 0) + data->req.size = data->req.maxdownload; else if((instate != FTP_LIST) && (data->state.prefer_ascii)) - size = -1; /* kludge for servers that understate ASCII mode file size */ + data->req.size = -1; /* for servers that understate ASCII mode file + size */ infof(data, "Maxdownload = %" FMT_OFF_T, data->req.maxdownload); if(instate != FTP_LIST) - infof(data, "Getting file with size: %" FMT_OFF_T, size); - - /* FTP download: */ - ftpc->retr_size_saved = size; + infof(data, "Getting file with size: %" FMT_OFF_T, data->req.size); if(data->set.ftp_use_port) { bool connected; diff --git a/lib/ftp.h b/lib/ftp.h index e09aadabc3..8d5f9c2031 100644 --- a/lib/ftp.h +++ b/lib/ftp.h @@ -136,7 +136,6 @@ struct ftp_conn { char *prevpath; /* url-decoded conn->path from the previous transfer */ char transfertype; /* set by ftp_transfertype for use by Curl_client_write()a and others (A/I or zero) */ - curl_off_t retr_size_saved; /* Size of retrieved file saved */ char *server_os; /* The target server operating system. */ curl_off_t known_filesize; /* file size is different from -1, if wildcard LIST parsing was done and wc_statemach set From 9e15b0763809bf6f43b1862d561be0c58a69365a Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 23 Oct 2025 00:53:09 +0200 Subject: [PATCH 0569/2408] openssl: only try engine/provider if a certificate file/name is provided Bug: https://issues.oss-fuzz.com/issues/435278402 Closes #19197 --- lib/vtls/openssl.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index f62f99cc86..336902b951 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -1721,12 +1721,12 @@ static CURLcode client_cert(struct Curl_easy *data, break; case SSL_FILETYPE_ENGINE: - if(!engineload(data, ctx, cert_file)) + if(!cert_file || !engineload(data, ctx, cert_file)) return CURLE_SSL_CERTPROBLEM; break; case SSL_FILETYPE_PROVIDER: - if(!providerload(data, ctx, cert_file)) + if(!cert_file || !providerload(data, ctx, cert_file)) return CURLE_SSL_CERTPROBLEM; break; From 28ebaf86ce7d524f8b8088560d70039582acfe32 Mon Sep 17 00:00:00 2001 From: x2018 Date: Wed, 22 Oct 2025 19:07:57 +0800 Subject: [PATCH 0570/2408] cw-out: unify the error handling pattern in cw_out_do_write to proper set the error status and release resource Closes #19195 --- lib/cw-out.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/cw-out.c b/lib/cw-out.c index 7a9274b5f2..1f40316492 100644 --- a/lib/cw-out.c +++ b/lib/cw-out.c @@ -403,7 +403,7 @@ static CURLcode cw_out_do_write(struct cw_out_ctx *ctx, /* still have buffered data, append and flush */ result = cw_out_append(ctx, data, otype, buf, blen); if(result) - return result; + goto out; result = cw_out_flush_chain(ctx, data, &ctx->buf, flush_all); if(result) goto out; From 6032b8f2a22aa5af3cc99ceaf67311b19b6dddd1 Mon Sep 17 00:00:00 2001 From: x2018 Date: Wed, 22 Oct 2025 21:45:07 +0800 Subject: [PATCH 0571/2408] vtls: unify the error handling in ssl_cf_connect(). Check preference at first, then init peer and do connect. Also fixes CF_DATA_RESTORE. Closes #19196 --- lib/vtls/vtls.c | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c index 7ee9699dbf..115559b70d 100644 --- a/lib/vtls/vtls.c +++ b/lib/vtls/vtls.c @@ -1365,6 +1365,15 @@ static CURLcode ssl_cf_connect(struct Curl_cfilter *cf, DEBUGASSERT(connssl); *done = FALSE; + + if(!connssl->prefs_checked) { + if(!ssl_prefs_check(data)) { + result = CURLE_SSL_CONNECT_ERROR; + goto out; + } + connssl->prefs_checked = TRUE; + } + if(!connssl->peer.hostname) { char tls_id[80]; connssl->ssl_impl->version(tls_id, sizeof(tls_id) - 1); @@ -1373,12 +1382,6 @@ static CURLcode ssl_cf_connect(struct Curl_cfilter *cf, goto out; } - if(!connssl->prefs_checked) { - if(!ssl_prefs_check(data)) - return CURLE_SSL_CONNECT_ERROR; - connssl->prefs_checked = TRUE; - } - result = connssl->ssl_impl->do_connect(cf, data, done); if(!result && *done) { From d922db880c5235eeba481c5be2484d68f610dfff Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 22 Oct 2025 07:54:33 +0200 Subject: [PATCH 0572/2408] ntlm: improved error path on bad incoming NTLM TYPE3 message No leaks Reported-by: Tim Becker Closes #19198 --- lib/vauth/ntlm.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/lib/vauth/ntlm.c b/lib/vauth/ntlm.c index 791fc87d11..d860fbbd50 100644 --- a/lib/vauth/ntlm.c +++ b/lib/vauth/ntlm.c @@ -788,7 +788,8 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data, /* ntresplen + size should not be risking an integer overflow here */ if(ntresplen + size > sizeof(ntlmbuf)) { failf(data, "incoming NTLM message too big"); - return CURLE_OUT_OF_MEMORY; + result = CURLE_TOO_LARGE; + goto error; } DEBUGASSERT(size == (size_t)ntrespoff); memcpy(&ntlmbuf[size], ptr_ntresp, ntresplen); @@ -799,8 +800,6 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data, ntlm_print_hex(stderr, (char *)&ntlmbuf[ntrespoff], ntresplen); }); - free(ntlmv2resp);/* Free the dynamic buffer allocated for NTLMv2 */ - DEBUG_OUT({ curl_mfprintf(stderr, "\n flags=0x%02.2x%02.2x%02.2x%02.2x 0x%08.8x ", LONGQUARTET(ntlm->flags), ntlm->flags); @@ -811,8 +810,9 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data, /* Make sure that the domain, user and host strings fit in the buffer before we copy them there. */ if(size + userlen + domlen + hostlen >= NTLM_BUFSIZE) { - failf(data, "user + domain + hostname too big"); - return CURLE_OUT_OF_MEMORY; + failf(data, "user + domain + hostname too big for NTLM"); + result = CURLE_TOO_LARGE; + goto error; } DEBUGASSERT(size == domoff); @@ -842,6 +842,9 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data, /* Return the binary blob. */ result = Curl_bufref_memdup(out, ntlmbuf, size); +error: + free(ntlmv2resp);/* Free the dynamic buffer allocated for NTLMv2 */ + Curl_auth_cleanup_ntlm(ntlm); return result; From 41e6b45eddf5b1a9cdba49f5d1b0294ade373f20 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 22 Oct 2025 07:57:26 +0200 Subject: [PATCH 0573/2408] test775: verify NTLM with too long user name set --- tests/data/Makefile.am | 2 +- tests/data/test775 | 67 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 68 insertions(+), 1 deletion(-) create mode 100644 tests/data/test775 diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am index 21d20151d3..3fc7ccc0c6 100644 --- a/tests/data/Makefile.am +++ b/tests/data/Makefile.am @@ -110,7 +110,7 @@ test736 test737 test738 test739 test740 test741 test742 test743 test744 \ test745 test746 test747 test748 test749 test750 test751 test752 test753 \ test754 test755 test756 test757 test758 test759 test760 test761 test762 \ test763 test764 test765 test766 test767 test768 test769 test770 test771 \ -test772 test773 test774 \ +test772 test773 test774 test775 \ test780 test781 test782 test783 test784 test785 test786 test787 test788 \ test789 test790 test791 test792 test793 test794 test796 test797 \ \ diff --git a/tests/data/test775 b/tests/data/test775 new file mode 100644 index 0000000000..d9f5b122f2 --- /dev/null +++ b/tests/data/test775 @@ -0,0 +1,67 @@ + + + +HTTP +HTTP NTLM auth +NTLM + + +# Server-side + + +# This is supposed to be returned when the server gets a first +# Authorization: NTLM line passed-in from the client + +HTTP/1.1 401 Now gimme that second request of crap +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + +This is not the real page either! + + + +HTTP/1.1 401 Now gimme that second request of crap +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + + + + + +# Client-side + + +NTLM +SSL +!SSPI + + +http + + +HTTP with NTLM with too long user name + + +http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuserAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA:testpass --ntlm + + + +# Verify data after the test has been "shot" + + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +User-Agent: curl/%VERSION +Accept: */* + + + +100 + + + From a7ece53e96baa014911f4f4a757b78559f91d19d Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 23 Oct 2025 09:22:19 +0200 Subject: [PATCH 0574/2408] test776: NTLM with too long NTMLv2 ntresplen --- tests/data/Makefile.am | 2 +- tests/data/test776 | 51 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 52 insertions(+), 1 deletion(-) create mode 100644 tests/data/test776 diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am index 3fc7ccc0c6..4c13c14fd9 100644 --- a/tests/data/Makefile.am +++ b/tests/data/Makefile.am @@ -110,7 +110,7 @@ test736 test737 test738 test739 test740 test741 test742 test743 test744 \ test745 test746 test747 test748 test749 test750 test751 test752 test753 \ test754 test755 test756 test757 test758 test759 test760 test761 test762 \ test763 test764 test765 test766 test767 test768 test769 test770 test771 \ -test772 test773 test774 test775 \ +test772 test773 test774 test775 test776 \ test780 test781 test782 test783 test784 test785 test786 test787 test788 \ test789 test790 test791 test792 test793 test794 test796 test797 \ \ diff --git a/tests/data/test776 b/tests/data/test776 new file mode 100644 index 0000000000..214cd5028e --- /dev/null +++ b/tests/data/test776 @@ -0,0 +1,51 @@ + + + +HTTP +HTTP GET +HTTP NTLM auth +NTLM + + + + + +HTTP/1.1 401 Authorization Required swsclose +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAAAAAAAAAAABAIgAAQIDBAUGBwgAAAAAAAAAAP////8wAAAAAgD3/0F%repeat[21841 x BQUF]%BQUEAAAAA +Content-Length: 0 + + + + +# Client-side + + +NTLM +!SSPI + + +http + + +HTTP with NTLM with too long NTMLv2 ntresplen + + +http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u user:pass --ntlm + + + +# Verify data after the test has been "shot" + + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +User-Agent: curl/%VERSION +Accept: */* + + + +100 + + + From 0a79a599a9c09f7173e82eec23607742667a9944 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Wed, 22 Oct 2025 12:37:59 +0200 Subject: [PATCH 0575/2408] transfer: fix retry for empty downloads on reuse When a reused connection did transfer 0 bytes, it assumed the transfer had failed and needed a retry. Add a check for data->red.done, so we can successfully accept the transfer of a 0-length file via SFTP. Add test case 1583 to verfiy. Fix SFTP disconnect debug trace when there was nothing to disconnect (like when reusing a connection). Fixes #19165 Reported-by: Alexander Blach Closes #19189 --- lib/transfer.c | 24 +++++++++++++++--------- lib/vssh/libssh2.c | 20 +++++++++----------- tests/data/Makefile.am | 2 +- tests/data/test1583 | 37 +++++++++++++++++++++++++++++++++++++ tests/data/test613 | 1 + tests/data/test614 | 1 + tests/libtest/test613.pl | 9 +++++++++ 7 files changed, 73 insertions(+), 21 deletions(-) create mode 100644 tests/data/test1583 diff --git a/lib/transfer.c b/lib/transfer.c index d7014aab87..0269a4c250 100644 --- a/lib/transfer.c +++ b/lib/transfer.c @@ -254,6 +254,7 @@ static CURLcode sendrecv_dl(struct Curl_easy *data, curl_off_t total_received = 0; bool is_multiplex = FALSE; bool rcvd_eagain = FALSE; + bool is_eos = FALSE; result = Curl_multi_xfer_buf_borrow(data, &xfer_buf, &xfer_blen); if(result) @@ -262,7 +263,6 @@ static CURLcode sendrecv_dl(struct Curl_easy *data, /* This is where we loop until we have read everything there is to read or we get a CURLE_AGAIN */ do { - bool is_eos = FALSE; size_t bytestoread; ssize_t nread; @@ -309,9 +309,14 @@ static CURLcode sendrecv_dl(struct Curl_easy *data, blen = (size_t)nread; is_eos = (blen == 0); - if(!blen) { - /* if we receive 0 or less here, either the data transfer is done or the - server closed the connection and we bail out from this! */ + if(!blen && (conn->recv[FIRSTSOCKET] == Curl_cf_recv)) { + /* if we receive 0 or less here and the protocol handler did not + replace the connection's `recv` callback, either the data transfer + is done or the server closed the connection and + we bail out from this! + With a `recv` replacement, we assume the protocol handler knows + what it is doing and a 0-length receive is fine. For example, + SFTP downloads of an empty file would show this. See #19165. */ if(is_multiplex) DEBUGF(infof(data, "nread == 0, stream closed, bailing")); else @@ -340,9 +345,9 @@ static CURLcode sendrecv_dl(struct Curl_easy *data, } while(maxloops--); - if(!Curl_xfer_is_blocked(data) && + if(!is_eos && !Curl_xfer_is_blocked(data) && (!rcvd_eagain || data_pending(data, rcvd_eagain))) { - /* Did not read until EAGAIN or there is still data pending + /* Did not read until EAGAIN/EOS or there is still data pending * in buffers. Mark as read-again via simulated SELECT results. */ Curl_multi_mark_dirty(data); CURL_TRC_M(data, "sendrecv_dl() no EAGAIN/pending data, mark as dirty"); @@ -662,9 +667,10 @@ CURLcode Curl_retry_request(struct Curl_easy *data, char **url) !(conn->handler->protocol&(PROTO_FAMILY_HTTP|CURLPROTO_RTSP))) return CURLE_OK; - if((data->req.bytecount + data->req.headerbytecount == 0) && - conn->bits.reuse && - (!data->req.no_body || (conn->handler->protocol & PROTO_FAMILY_HTTP)) + if(conn->bits.reuse && + (data->req.bytecount + data->req.headerbytecount == 0) && + ((!data->req.no_body && !data->req.done) || + (conn->handler->protocol & PROTO_FAMILY_HTTP)) #ifndef CURL_DISABLE_RTSP && (data->set.rtspreq != RTSPREQ_RECEIVE) #endif diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c index f9160944be..c0335db9c1 100644 --- a/lib/vssh/libssh2.c +++ b/lib/vssh/libssh2.c @@ -3837,18 +3837,16 @@ static CURLcode sftp_disconnect(struct Curl_easy *data, struct SSHPROTO *sshp = Curl_meta_get(data, CURL_META_SSH_EASY); (void)dead_connection; - DEBUGF(infof(data, "SSH DISCONNECT starts now")); - - if(sshc && sshc->ssh_session && sshp) { - /* only if there is a session still around to use! */ - myssh_state(data, sshc, SSH_SFTP_SHUTDOWN); - result = ssh_block_statemach(data, sshc, sshp, TRUE); - } - - DEBUGF(infof(data, "SSH DISCONNECT is done")); - if(sshc) + if(sshc) { + if(sshc->ssh_session && sshp) { + /* only if there is a session still around to use! */ + DEBUGF(infof(data, "SSH DISCONNECT starts now")); + myssh_state(data, sshc, SSH_SFTP_SHUTDOWN); + result = ssh_block_statemach(data, sshc, sshp, TRUE); + DEBUGF(infof(data, "SSH DISCONNECT is done -> %d", result)); + } sshc_cleanup(sshc, data, TRUE); - + } return result; } diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am index 4c13c14fd9..595943fb67 100644 --- a/tests/data/Makefile.am +++ b/tests/data/Makefile.am @@ -209,7 +209,7 @@ test1548 test1549 test1550 test1551 test1552 test1553 test1554 test1555 \ test1556 test1557 test1558 test1559 test1560 test1561 test1562 test1563 \ test1564 test1565 test1566 test1567 test1568 test1569 test1570 test1571 \ test1572 test1573 test1574 test1575 test1576 test1577 test1578 test1579 \ -test1580 test1581 test1582 \ +test1580 test1581 test1582 test1583 \ \ test1590 test1591 test1592 test1593 test1594 test1595 test1596 test1597 \ test1598 test1599 test1600 test1601 test1602 test1603 test1604 test1605 \ diff --git a/tests/data/test1583 b/tests/data/test1583 new file mode 100644 index 0000000000..b266d7eea8 --- /dev/null +++ b/tests/data/test1583 @@ -0,0 +1,37 @@ + + + +SFTP + + + +# +# Server-side + + + +# +# Client-side + + +sftp + + +%PERL %SRCDIR/libtest/test613.pl prepare %PWD/%LOGDIR/test%TESTNUMBER.dir + + +SFTP dir and empty file + + +--key %LOGDIR/server/curl_client_key --pubkey %LOGDIR/server/curl_client_key.pub -u %USER: --insecure sftp://%HOSTIP:%SSHPORT%SFTP_PWD/%LOGDIR/test%TESTNUMBER.dir/ --next --key %LOGDIR/server/curl_client_key --pubkey %LOGDIR/server/curl_client_key.pub -u %USER: --insecure sftp://%HOSTIP:%SSHPORT%SFTP_PWD/%LOGDIR/test%TESTNUMBER.dir/emptyfile.txt + + + +# +# Verify data after the test has been "shot" + + +0 + + + diff --git a/tests/data/test613 b/tests/data/test613 index 9161bafd46..92c7905065 100644 --- a/tests/data/test613 +++ b/tests/data/test613 @@ -11,6 +11,7 @@ directory d????????? N U U N ??? N NN:NN asubdir +-rw??????? 1 U U 0 Jan 1 2000 emptyfile.txt -rw??????? 1 U U 37 Jan 1 2000 plainfile.txt -r-??????? 1 U U 47 Dec 31 2000 rofile.txt diff --git a/tests/data/test614 b/tests/data/test614 index ad270c6c85..a113ecdd45 100644 --- a/tests/data/test614 +++ b/tests/data/test614 @@ -12,6 +12,7 @@ directory d????????? N U U N ??? N NN:NN asubdir +-rw??????? 1 U U 0 Jan 1 2000 emptyfile.txt -r-??????? 1 U U 37 Jan 1 2000 plainfile.txt -r-??????? 1 U U 47 Dec 31 2000 rofile.txt diff --git a/tests/libtest/test613.pl b/tests/libtest/test613.pl index 48179833f3..d45e2e4e96 100755 --- a/tests/libtest/test613.pl +++ b/tests/libtest/test613.pl @@ -59,6 +59,14 @@ if($ARGV[0] eq "prepare") { utime time, timegm(0,0,12,1,0,100), "plainfile.txt"; chmod 0666, "plainfile.txt"; + open(FILE, ">emptyfile.txt") || errout "$!"; + binmode FILE; + close(FILE); + # The mtime is specifically chosen to be an even number so that it can be + # represented exactly on a FAT file system. + utime time, timegm(0,0,12,1,0,100), "emptyfile.txt"; + chmod 0666, "emptyfile.txt"; + open(FILE, ">rofile.txt") || errout "$!"; binmode FILE; print FILE "Read-only test file to support curl test suite\n"; @@ -83,6 +91,7 @@ elsif($ARGV[0] eq "postprocess") { } chmod 0666, "$dirname/rofile.txt"; unlink "$dirname/rofile.txt"; + unlink "$dirname/emptyfile.txt"; unlink "$dirname/plainfile.txt"; rmdir "$dirname/asubdir"; From a330117bb05f6b68f066a748177bfba13c4da35b Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Wed, 22 Oct 2025 15:04:53 +0200 Subject: [PATCH 0576/2408] smtp: fix EOB handling SMTP automatically appends a \n.\n to an upload if there is not already one at the end of the input. The implementation had a bug where this did not happen, depending on read size and buffering. Change test 900 to reproduce the failure. The bug only happened for mail body input of known length, where EOS was known on the last chunk read. Change test 900 to use an input file and make it large enough. Fixes #18798 Closes #19193 Reported-by: madoe on github --- lib/smtp.c | 51 ++++++++++++++++++++++++++-------------------- tests/data/test900 | 10 ++++++--- 2 files changed, 36 insertions(+), 25 deletions(-) diff --git a/lib/smtp.c b/lib/smtp.c index 30f8535765..3d4f36364b 100644 --- a/lib/smtp.c +++ b/lib/smtp.c @@ -1927,6 +1927,7 @@ struct cr_eob_ctx { size_t eob; /* Number of bytes of the EOB (End Of Body) that have been received so far */ BIT(read_eos); /* we read an EOS from the next reader */ + BIT(processed_eos); /* we read and processed an EOS */ BIT(eos); /* we have returned an EOS */ }; @@ -1967,6 +1968,8 @@ static CURLcode cr_eob_read(struct Curl_easy *data, if(!ctx->read_eos && Curl_bufq_is_empty(&ctx->buf)) { /* Get more and convert it when needed */ result = Curl_creader_read(data, reader->next, buf, blen, &nread, &eos); + CURL_TRC_SMTP(data, "cr_eob_read, next_read(len=%zu) -> %d, %zu eos=%d", + blen, result, nread, eos); if(result) return result; @@ -2010,31 +2013,34 @@ static CURLcode cr_eob_read(struct Curl_easy *data, return result; } } - - if(ctx->read_eos) { - /* if we last matched a CRLF or if the data was empty, add ".\r\n" - * to end the body. If we sent something and it did not end with "\r\n", - * add "\r\n.\r\n" to end the body */ - const char *eob = SMTP_EOB; - switch(ctx->n_eob) { - case 2: - /* seen a CRLF at the end, just add the remainder */ - eob = &SMTP_EOB[2]; - break; - case 3: - /* ended with '\r\n.', we should escape the last '.' */ - eob = "." SMTP_EOB; - break; - default: - break; - } - result = Curl_bufq_cwrite(&ctx->buf, eob, strlen(eob), &n); - if(result) - return result; - } } *peos = FALSE; + + if(ctx->read_eos && !ctx->processed_eos) { + /* if we last matched a CRLF or if the data was empty, add ".\r\n" + * to end the body. If we sent something and it did not end with "\r\n", + * add "\r\n.\r\n" to end the body */ + const char *eob = SMTP_EOB; + CURL_TRC_SMTP(data, "auto-ending mail body with '\\r\\n.\\r\\n'"); + switch(ctx->n_eob) { + case 2: + /* seen a CRLF at the end, just add the remainder */ + eob = &SMTP_EOB[2]; + break; + case 3: + /* ended with '\r\n.', we should escape the last '.' */ + eob = "." SMTP_EOB; + break; + default: + break; + } + result = Curl_bufq_cwrite(&ctx->buf, eob, strlen(eob), &n); + if(result) + return result; + ctx->processed_eos = TRUE; + } + if(!Curl_bufq_is_empty(&ctx->buf)) { result = Curl_bufq_cread(&ctx->buf, buf, blen, pnread); } @@ -2043,6 +2049,7 @@ static CURLcode cr_eob_read(struct Curl_easy *data, if(ctx->read_eos && Curl_bufq_is_empty(&ctx->buf)) { /* no more data, read all, done. */ + CURL_TRC_SMTP(data, "mail body complete, returning EOS"); ctx->eos = TRUE; } *peos = ctx->eos; diff --git a/tests/data/test900 b/tests/data/test900 index 371544b765..f3aae4b631 100644 --- a/tests/data/test900 +++ b/tests/data/test900 @@ -19,14 +19,16 @@ smtp SMTP - + From: different To: another body - +%repeat[6553 x 0123456789]% + + -smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -T - +smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -T %LOGDIR/mail%TESTNUMBER @@ -45,6 +47,8 @@ From: different To: another body +%repeat[6553 x 0123456789]% + . From 9752d5fe0b935b0742792c0a3469de7c5a9d4226 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 23 Oct 2025 10:51:03 +0200 Subject: [PATCH 0577/2408] netrc: when the cached file is discarded, unmark it as loaded Pointed out by ZeroPath Closes #19199 --- lib/netrc.c | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/netrc.c b/lib/netrc.c index 1309d30942..9c5c6c7f20 100644 --- a/lib/netrc.c +++ b/lib/netrc.c @@ -362,6 +362,7 @@ out: } else { curlx_dyn_free(filebuf); + store->loaded = FALSE; if(!specific_login) free(login); free(password); From 2edce4406594fb30b04acc4e079fa19d5c1f53ec Mon Sep 17 00:00:00 2001 From: Theo Buehler Date: Thu, 23 Oct 2025 13:12:48 +0200 Subject: [PATCH 0578/2408] vtls: remove call to PKCS12_PBE_add() Curl is one of the last callers of PKCS12_PBE_add(). It has been a noop since OpenSSL 0.9.8k (2006) stubbed it out when moving the built-in PBE algorithms to a static table: https://github.com/openssl/openssl/commit/b8f702a0affa2087758230967b55df504a176774 Closes #19201 --- lib/setup-vms.h | 1 - lib/vtls/openssl.c | 2 -- 2 files changed, 3 deletions(-) diff --git a/lib/setup-vms.h b/lib/setup-vms.h index 0fd5e542b7..e3777ded6e 100644 --- a/lib/setup-vms.h +++ b/lib/setup-vms.h @@ -257,7 +257,6 @@ static struct passwd *vms_getpwuid(uid_t uid) #endif #define PEM_read_X509 PEM_READ_X509 #define PEM_write_bio_X509 PEM_WRITE_BIO_X509 -#define PKCS12_PBE_add PKCS12_PBE_ADD #define PKCS12_free PKCS12_FREE #define PKCS12_parse PKCS12_PARSE #define RAND_add RAND_ADD diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 336902b951..535e4118da 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -1578,8 +1578,6 @@ static int pkcs12load(struct Curl_easy *data, return 0; } - PKCS12_PBE_add(); - if(!PKCS12_parse(p12, key_passwd, &pri, &x509, &ca)) { failf(data, "could not parse PKCS12 file, check password, " OSSL_PACKAGE From 0d1d35fa346907dc3a289a477962ee6b58205cbe Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 23 Oct 2025 11:16:03 +0200 Subject: [PATCH 0579/2408] http: only accept ';' as a separator for custom headers When parsing incoming headers, they need to have a plain normal colon. Previously out of convenience we used the same parser function for both cases (incoming + custom set headers via the API) which made the function too liberal for incoming HTTP traffic. Closes #19200 --- lib/http.c | 74 ++++++++++++++++++++++++++++++++++++++---------------- 1 file changed, 52 insertions(+), 22 deletions(-) diff --git a/lib/http.c b/lib/http.c index 44d36b9a84..0b55796dc5 100644 --- a/lib/http.c +++ b/lib/http.c @@ -277,14 +277,13 @@ static bool http_header_is_empty(const char *header) /* * Strip off leading and trailing whitespace from the value in the given HTTP - * header line and return a strdup()ed copy. Returns NULL in case of - * allocation failure or bad input. Returns an empty string if the header - * value consists entirely of whitespace. + * header line and return a strdup()ed copy in 'valp' - returns an empty + * string if the header value consists entirely of whitespace. * - * If the header is provided as "name;", ending with a semicolon, it must - * return a blank string. + * If the header is provided as "name;", ending with a semicolon, it returns a + * blank string. */ -char *Curl_copy_header_value(const char *header) +static CURLcode copy_custom_value(const char *header, char **valp) { struct Curl_str out; @@ -294,9 +293,37 @@ char *Curl_copy_header_value(const char *header) curlx_str_untilnl(&header, &out, MAX_HTTP_RESP_HEADER_SIZE); curlx_str_trimblanks(&out); - return Curl_memdup0(curlx_str(&out), curlx_strlen(&out)); + *valp = Curl_memdup0(curlx_str(&out), curlx_strlen(&out)); + if(*valp) + return CURLE_OK; + return CURLE_OUT_OF_MEMORY; } /* bad input */ + *valp = NULL; + return CURLE_BAD_FUNCTION_ARGUMENT; +} + +/* + * Strip off leading and trailing whitespace from the value in the given HTTP + * header line and return a strdup()ed copy in 'valp' - returns an empty + * string if the header value consists entirely of whitespace. + * + * This function MUST be used after the header has already been confirmed to + * lead with "word:". + */ +char *Curl_copy_header_value(const char *header) +{ + struct Curl_str out; + + /* find the end of the header name */ + if(!curlx_str_until(&header, &out, MAX_HTTP_RESP_HEADER_SIZE, ':') && + !curlx_str_single(&header, ':')) { + curlx_str_untilnl(&header, &out, MAX_HTTP_RESP_HEADER_SIZE); + curlx_str_trimblanks(&out); + return Curl_memdup0(curlx_str(&out), curlx_strlen(&out)); + } + /* bad input, should never happen */ + DEBUGASSERT(0); return NULL; } @@ -1906,9 +1933,10 @@ static CURLcode http_set_aptr_host(struct Curl_easy *data) custom Host: header if this is NOT a redirect, as setting Host: in the redirected request is being out on thin ice. Except if the hostname is the same as the first one! */ - char *cookiehost = Curl_copy_header_value(ptr); - if(!cookiehost) - return CURLE_OUT_OF_MEMORY; + char *cookiehost; + CURLcode result = copy_custom_value(ptr, &cookiehost); + if(result) + return result; if(!*cookiehost) /* ignore empty data */ free(cookiehost); @@ -2657,7 +2685,6 @@ static CURLcode http_add_connection_hd(struct Curl_easy *data, const char *sep = "Connection: "; CURLcode result = CURLE_OK; size_t rlen = curlx_dyn_len(req); - char *value; bool skip; /* Add the 1st custom "Connection: " header, if there is one */ @@ -2665,9 +2692,10 @@ static CURLcode http_add_connection_hd(struct Curl_easy *data, if(curl_strnequal(head->data, "Connection", 10) && Curl_headersep(head->data[10]) && !http_header_is_empty(head->data)) { - value = Curl_copy_header_value(head->data); - if(!value) - return CURLE_OUT_OF_MEMORY; + char *value; + result = copy_custom_value(head->data, &value); + if(result) + return result; result = curlx_dyn_addf(req, "%s%s", sep, value); sep = ", "; free(value); @@ -3346,11 +3374,11 @@ static CURLcode http_header_p(struct Curl_easy *data, #endif if((407 == k->httpcode) && HD_IS(hd, hdlen, "Proxy-authenticate:")) { char *auth = Curl_copy_header_value(hd); - CURLcode result; - if(!auth) - return CURLE_OUT_OF_MEMORY; - result = Curl_http_input_auth(data, TRUE, auth); - free(auth); + CURLcode result = auth ? CURLE_OK : CURLE_OUT_OF_MEMORY; + if(!result) { + result = Curl_http_input_auth(data, TRUE, auth); + free(auth); + } return result; } #ifdef USE_SPNEGO @@ -3525,9 +3553,11 @@ static CURLcode http_header_w(struct Curl_easy *data, if((401 == k->httpcode) && HD_IS(hd, hdlen, "WWW-Authenticate:")) { char *auth = Curl_copy_header_value(hd); if(!auth) - return CURLE_OUT_OF_MEMORY; - result = Curl_http_input_auth(data, FALSE, auth); - free(auth); + result = CURLE_OUT_OF_MEMORY; + else { + result = Curl_http_input_auth(data, FALSE, auth); + free(auth); + } } return result; } From 3ac38a6b80e16f5885e629b35cb5a36a006ea8a5 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 23 Oct 2025 15:10:30 +0200 Subject: [PATCH 0580/2408] md4: drop mbedtls implementation (not available in mbedtls v3+) Follow-up to 01a2308236ffd4a13a45c3d9850a66a602839af6 #18254 Closes #19202 --- lib/md4.c | 43 ------------------------------------------- 1 file changed, 43 deletions(-) diff --git a/lib/md4.c b/lib/md4.c index 5d0908eade..083ecb0d48 100644 --- a/lib/md4.c +++ b/lib/md4.c @@ -51,14 +51,6 @@ #endif #endif -#ifdef USE_MBEDTLS -#include -#if MBEDTLS_VERSION_NUMBER < 0x04000000 && defined(MBEDTLS_MD4_C) -#define USE_MBEDTLS_MD4 -#include -#endif -#endif - /* When OpenSSL or wolfSSL is available, we use their MD4 functions. */ #if defined(USE_WOLFSSL) && !defined(WOLFSSL_NO_MD4) #include @@ -78,8 +70,6 @@ #include #elif defined(USE_GNUTLS) #include -#elif defined(USE_MBEDTLS_MD4) -#include #endif /* The last 2 #include files should be in this order */ @@ -187,39 +177,6 @@ static void MD4_Final(unsigned char *result, MD4_CTX *ctx) md4_digest(ctx, MD4_DIGEST_SIZE, result); } -#elif defined(USE_MBEDTLS_MD4) - -struct md4_ctx { - void *data; - unsigned long size; -}; -typedef struct md4_ctx MD4_CTX; - -static int MD4_Init(MD4_CTX *ctx) -{ - ctx->data = NULL; - ctx->size = 0; - return 1; -} - -static void MD4_Update(MD4_CTX *ctx, const void *data, unsigned long size) -{ - if(!ctx->data) { - ctx->data = Curl_memdup(data, size); - if(ctx->data) - ctx->size = size; - } -} - -static void MD4_Final(unsigned char *result, MD4_CTX *ctx) -{ - if(ctx->data) { - mbedtls_md4(ctx->data, ctx->size, result); - Curl_safefree(ctx->data); - ctx->size = 0; - } -} - #else /* When no other crypto library is available, or the crypto library does not * support MD4, we use this code segment this implementation of it From 3692cd837e327bad414769a4af8a73efaeb864f2 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 23 Oct 2025 16:00:46 +0200 Subject: [PATCH 0581/2408] schannel: replace a run-time condition with an assert For detecting a bad function argument that probably also would cause a compiler warning. Closes #19203 --- lib/vtls/schannel.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index 9b2b1e702e..2e29ea2f18 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -1711,15 +1711,11 @@ schannel_recv_renegotiate(struct Curl_cfilter *cf, struct Curl_easy *data, failf(data, "schannel: unexpected call to schannel_recv_renegotiate"); return CURLE_SSL_CONNECT_ERROR; } - + DEBUGASSERT(caller <= SCH_RENEG_CALLER_IS_SEND); if(caller == SCH_RENEG_CALLER_IS_RECV) SCH_DEV(infof(data, "schannel: renegotiation caller is schannel_recv")); - else if(caller == SCH_RENEG_CALLER_IS_SEND) + else SCH_DEV(infof(data, "schannel: renegotiation caller is schannel_send")); - else { - failf(data, "schannel: unknown caller for schannel_recv_renegotiate"); - return CURLE_SSL_CONNECT_ERROR; - } sockfd = Curl_conn_cf_get_socket(cf, data); From 48d314f262f865d645004f345e1e4b3bb7f6b738 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 23 Oct 2025 16:20:01 +0200 Subject: [PATCH 0582/2408] connect: for CONNECT_ONLY, CURLOPT_TIMEOUT does not apply Since using CONNECT_ONLY is by defintion only a connect, we make the timeleft function return 0 after the connection is done so that it does not - surprisingly - timeout later. Fixes #18991 Reported-by: Pavel P Closes #19204 --- lib/connect.c | 6 +++--- lib/pingpong.c | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/connect.c b/lib/connect.c index 5dc4e2fc74..e3295524b0 100644 --- a/lib/connect.c +++ b/lib/connect.c @@ -123,7 +123,7 @@ timediff_t Curl_timeleft(struct Curl_easy *data, before the connect timeout expires and we must acknowledge whichever timeout that is reached first. The total timeout is set per entire operation, while the connect timeout is set per connect. */ - if(data->set.timeout <= 0 && !duringconnect) + if((!data->set.timeout || data->set.connect_only) && !duringconnect) return 0; /* no timeout in place or checked, return "no limit" */ if(!nowp) { @@ -131,9 +131,9 @@ timediff_t Curl_timeleft(struct Curl_easy *data, nowp = &now; } - if(data->set.timeout > 0) { + if(data->set.timeout) { timeleft_ms = data->set.timeout - - curlx_timediff(*nowp, data->progress.t_startop); + curlx_timediff(*nowp, data->progress.t_startop); if(!timeleft_ms) timeleft_ms = -1; /* 0 is "no limit", fake 1 ms expiry */ if(!duringconnect) diff --git a/lib/pingpong.c b/lib/pingpong.c index 3f6da71eae..0a15e33f0a 100644 --- a/lib/pingpong.c +++ b/lib/pingpong.c @@ -64,7 +64,7 @@ timediff_t Curl_pp_state_timeout(struct Curl_easy *data, full response to arrive before we bail out */ timeout_ms = response_time - curlx_timediff(now, pp->response); - if((data->set.timeout > 0) && !disconnecting) { + if(data->set.timeout && !disconnecting) { /* if timeout is requested, find out how much overall remains */ timediff_t timeout2_ms = Curl_timeleft(data, &now, FALSE); /* pick the lowest number */ From e51966d9df6d92308f813a0f7a2dd95f20e09936 Mon Sep 17 00:00:00 2001 From: Dalei Date: Fri, 24 Oct 2025 08:02:47 +0000 Subject: [PATCH 0583/2408] tool_cfgable: remove superfluous free calls Fixes #19213 Closes #19214 --- src/tool_cfgable.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/tool_cfgable.c b/src/tool_cfgable.c index 48148a88ad..29d5ecc782 100644 --- a/src/tool_cfgable.c +++ b/src/tool_cfgable.c @@ -184,8 +184,6 @@ static void free_config_fields(struct OperationConfig *config) tool_safefree(config->ftp_account); tool_safefree(config->ftp_alternative_to_user); tool_safefree(config->aws_sigv4); - tool_safefree(config->proto_str); - tool_safefree(config->proto_redir_str); tool_safefree(config->ech); tool_safefree(config->ech_config); tool_safefree(config->ech_public); From 576f9f7c07f0635b2f1614e1056bf80742b6dbe3 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 24 Oct 2025 08:55:01 +0200 Subject: [PATCH 0584/2408] cfilters: check return code from Curl_pollset_set_out_only() I added WARN_UNUSED_RESULT to two of the cfilter functions to make this mistake harder to slip in next time. Pointed out by CodeSonar Closes #19211 --- lib/cfilters.c | 5 +++-- lib/select.h | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/lib/cfilters.c b/lib/cfilters.c index 2ef5d75d43..090365fdd6 100644 --- a/lib/cfilters.c +++ b/lib/cfilters.c @@ -542,8 +542,9 @@ CURLcode Curl_conn_connect(struct Curl_easy *data, Curl_pollfds_reset(&cpfds); /* In general, we want to send after connect, wait on that. */ if(sockfd != CURL_SOCKET_BAD) - Curl_pollset_set_out_only(data, &ps, sockfd); - result = Curl_conn_adjust_pollset(data, data->conn, &ps); + result = Curl_pollset_set_out_only(data, &ps, sockfd); + if(!result) + result = Curl_conn_adjust_pollset(data, data->conn, &ps); if(result) goto out; result = Curl_pollfds_add_ps(&cpfds, &ps); diff --git a/lib/select.h b/lib/select.h index a23921ceb9..c1f975e9d7 100644 --- a/lib/select.h +++ b/lib/select.h @@ -154,11 +154,12 @@ void Curl_pollset_move(struct easy_pollset *to, struct easy_pollset *from); */ CURLcode Curl_pollset_change(struct Curl_easy *data, struct easy_pollset *ps, curl_socket_t sock, - int add_flags, int remove_flags); + int add_flags, + int remove_flags) WARN_UNUSED_RESULT; CURLcode Curl_pollset_set(struct Curl_easy *data, struct easy_pollset *ps, curl_socket_t sock, - bool do_in, bool do_out); + bool do_in, bool do_out) WARN_UNUSED_RESULT; #define Curl_pollset_add_in(data, ps, sock) \ Curl_pollset_change((data), (ps), (sock), CURL_POLL_IN, 0) From ab590ba62f4974b2f51cdbd7ee42d93b0f81568f Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 24 Oct 2025 09:22:40 +0200 Subject: [PATCH 0585/2408] TODO: a fixed FTP directory listing format Closes #19212 --- docs/TODO | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/docs/TODO b/docs/TODO index 6c3ba904e7..add6819eae 100644 --- a/docs/TODO +++ b/docs/TODO @@ -54,6 +54,7 @@ 4. FTP 4.1 HOST + 4.2 A fixed directory listing format 4.6 GSSAPI via Windows SSPI 4.7 STAT for LIST without data connection 4.8 Passive transfer could try other IP addresses @@ -484,6 +485,16 @@ https://datatracker.ietf.org/doc/html/rfc7151 +4.2 A fixed directory listing format + + Since listing the contents of a remove directory with FTP is returning the + list in a format and style the server likes without any estblished or even + defactor standard existing, it would be a feature to users if curl could + parse the directory listing and output a general curl format that is fixed + and the same, independent of the server's choice. This would allow users to + better and more reliably extract information about remote content via FTP + directory listings. + 4.6 GSSAPI via Windows SSPI In addition to currently supporting the SASL GSSAPI mechanism (Kerberos V5) From 1de4a9a5fb09198a39040ffdbb93cea0d68cce85 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 24 Oct 2025 00:55:37 +0200 Subject: [PATCH 0586/2408] mbedtls: fix building with <3.6.1 ``` lib/vtls/mbedtls.c:786:3: error: call to undeclared function 'mbedtls_ssl_conf_tls13_enable_signal_new_session_tickets'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration] 786 | mbedtls_ssl_conf_tls13_enable_signal_new_session_tickets(&backend->config, | ^ lib/vtls/mbedtls.c:787:5: error: use of undeclared identifier 'MBEDTLS_SSL_TLS1_3_SIGNAL_NEW_SESSION_TICKETS_ENABLED'; did you mean 'MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET_FLUSH'? 787 | MBEDTLS_SSL_TLS1_3_SIGNAL_NEW_SESSION_TICKETS_ENABLED); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET_FLUSH dep/mbedtls-3.4.0/_pkg/include/mbedtls/ssl.h:700:5: note: 'MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET_FLUSH' declared here 700 | MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET_FLUSH, | ^ 2 errors generated. ``` Regression from d63e40f8e6298efaabae57c714ef8df57c54474d #18271 (8.16.0) Closes #19208 --- lib/vtls/mbedtls.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c index 5ee0c814fd..89157f655f 100644 --- a/lib/vtls/mbedtls.c +++ b/lib/vtls/mbedtls.c @@ -779,7 +779,8 @@ mbed_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data) return CURLE_SSL_CONNECT_ERROR; } -#if MBEDTLS_VERSION_NUMBER < 0x04000000 && defined(MBEDTLS_SSL_SESSION_TICKETS) +#if defined(MBEDTLS_SSL_SESSION_TICKETS) && \ + MBEDTLS_VERSION_NUMBER >= 0x03060100 && MBEDTLS_VERSION_NUMBER < 0x04000000 /* New in mbedTLS 3.6.1, need to enable, default is now disabled. 4.0.0 enabled it by default for TLSv1.3. */ mbedtls_ssl_conf_tls13_enable_signal_new_session_tickets(&backend->config, From 4a6fbd5e1dd584c85c4936a1bfd08f2b12a2ea4b Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 23 Oct 2025 22:08:53 +0200 Subject: [PATCH 0587/2408] NTLM: disable if DES support missing from OpenSSL or mbedTLS Make autotools and cmake detect DES support in OpenSSL and mbedTLS. Forward feature macros to C and omit NTLM from the feature preview list. Use the feature macros in source. This ensure that `-V` output matches the preview. OpenSSL doesn't support DES when built with `no-des` or `no-deprecated`. mbedTLS 4.x no longer supports it, and it's possible to disable it in <4 with `scripts/config.py unset MBEDTLS_DES_C`. Before this patch this worked for mbedTLS 4 only, and with a regression for pending PR #16973. Also: - drop NTLM feature check from `curl_setup.h` in favour of autotools/ cmake feature macros. This makes `curl_setup.h` no longer need to include an mbedTLS header, which in turn makes tests/server build without depending on mbedTLS. Fixing, in #16973: ``` In file included from tests/server/first.h:40, from bld/tests/server/servers.c:3: lib/curl_setup.h:741:10: fatal error: mbedtls/version.h: No such file or directory 741 | #include | ^~~~~~~~~~~~~~~~~~~ ``` Ref: https://github.com/curl/curl/actions/runs/18689537893/job/53291322012?pr=16973 Ref: #19181 (initial fix idea) Follow-up to 3a305831d1a9d10b2bfd4fa3939ed41275fee7f7 #19077 - move back mbedTLS header include and version check from `curl_setup.h` to each source which consumes mbedTLS. - GHA/http3-linux: drop workaround that disabled NTLM for `no-deprecated` OpenSSL builds. Follow-up to 006977859dcc4b8670878bd669276d778a2715bb #12384 - curl_ntlm_core: drop pointless macro `CURL_NTLM_NOT_SUPPORTED`. Follow-up to 006977859dcc4b8670878bd669276d778a2715bb #12384 Closes #19206 --- .github/workflows/http3-linux.yml | 34 +++++++++---------------------- CMakeLists.txt | 19 +++++++++++++++-- configure.ac | 7 +++---- docs/INSTALL-CMAKE.md | 2 ++ lib/curl_config.h.cmake | 10 +++++++-- lib/curl_ntlm_core.c | 34 +++++++++++++------------------ lib/curl_setup.h | 11 ++-------- lib/md5.c | 4 ++++ lib/sha256.c | 4 ++++ lib/vtls/mbedtls.c | 3 +++ m4/curl-mbedtls.m4 | 23 +++++---------------- m4/curl-openssl.m4 | 23 +++++++++++++++++++++ 12 files changed, 95 insertions(+), 79 deletions(-) diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index 8971fc4e54..668de7ede4 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -334,8 +334,7 @@ jobs: PKG_CONFIG_PATH: /home/runner/openssl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig configure: >- LDFLAGS=-Wl,-rpath,/home/runner/openssl/build/lib - --with-ngtcp2 --disable-ntlm - --with-openssl=/home/runner/openssl/build --enable-ssls-export + --with-openssl=/home/runner/openssl/build --with-ngtcp2 --enable-ssls-export - name: 'openssl' install_steps: skipall @@ -343,7 +342,6 @@ jobs: generate: >- -DOPENSSL_ROOT_DIR=/home/runner/openssl/build -DUSE_NGTCP2=ON -DCURL_DISABLE_LDAP=ON - -DCURL_DISABLE_NTLM=ON -DCMAKE_UNITY_BUILD=ON - name: 'libressl' @@ -351,29 +349,25 @@ jobs: PKG_CONFIG_PATH: /home/runner/libressl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig configure: >- LDFLAGS=-Wl,-rpath,/home/runner/libressl/build/lib - --with-ngtcp2 --disable-ntlm - --with-openssl=/home/runner/libressl/build --enable-ssls-export + --with-openssl=/home/runner/libressl/build --with-ngtcp2 --enable-ssls-export --enable-unity - name: 'libressl' PKG_CONFIG_PATH: /home/runner/libressl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig generate: >- - -DOPENSSL_ROOT_DIR=/home/runner/libressl/build - -DUSE_NGTCP2=ON -DCURL_DISABLE_NTLM=ON + -DOPENSSL_ROOT_DIR=/home/runner/libressl/build -DUSE_NGTCP2=ON - name: 'awslc' install_steps: skipall PKG_CONFIG_PATH: /home/runner/awslc/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig configure: >- LDFLAGS=-Wl,-rpath,/home/runner/awslc/build/lib - --with-ngtcp2 --disable-ntlm - --with-openssl=/home/runner/awslc/build --enable-ssls-export + --with-openssl=/home/runner/awslc/build --with-ngtcp2 --enable-ssls-export - name: 'awslc' PKG_CONFIG_PATH: /home/runner/awslc/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig generate: >- - -DOPENSSL_ROOT_DIR=/home/runner/awslc/build -DBUILD_SHARED_LIBS=OFF - -DUSE_NGTCP2=ON -DCURL_DISABLE_NTLM=ON + -DOPENSSL_ROOT_DIR=/home/runner/awslc/build -DUSE_NGTCP2=ON -DBUILD_SHARED_LIBS=OFF -DCMAKE_UNITY_BUILD=ON - name: 'boringssl' @@ -381,14 +375,12 @@ jobs: PKG_CONFIG_PATH: /home/runner/boringssl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2-boringssl/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig configure: >- LDFLAGS=-Wl,-rpath,/home/runner/boringssl/build/lib - --with-ngtcp2 --disable-ntlm - --with-openssl=/home/runner/boringssl/build --enable-ssls-export + --with-openssl=/home/runner/boringssl/build --with-ngtcp2 --enable-ssls-export - name: 'boringssl' PKG_CONFIG_PATH: /home/runner/boringssl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2-boringssl/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig generate: >- - -DOPENSSL_ROOT_DIR=/home/runner/boringssl/build -DBUILD_SHARED_LIBS=OFF - -DUSE_NGTCP2=ON -DCURL_DISABLE_NTLM=ON + -DOPENSSL_ROOT_DIR=/home/runner/boringssl/build -DUSE_NGTCP2=ON -DBUILD_SHARED_LIBS=OFF -DCMAKE_UNITY_BUILD=ON - name: 'gnutls' @@ -397,15 +389,13 @@ jobs: PKG_CONFIG_PATH: /home/runner/gnutls/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig configure: >- LDFLAGS=-Wl,-rpath,/home/runner/gnutls/build/lib - --with-ngtcp2 - --with-gnutls=/home/runner/gnutls/build --enable-ssls-export + --with-gnutls=/home/runner/gnutls/build --with-ngtcp2 --enable-ssls-export - name: 'gnutls' install_packages: nettle-dev libp11-kit-dev PKG_CONFIG_PATH: /home/runner/gnutls/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig generate: >- - -DCURL_USE_GNUTLS=ON - -DUSE_NGTCP2=ON -DCURL_DISABLE_NTLM=ON + -DCURL_USE_GNUTLS=ON -DUSE_NGTCP2=ON -DCMAKE_UNITY_BUILD=ON - name: 'wolfssl' @@ -413,9 +403,7 @@ jobs: PKG_CONFIG_PATH: /home/runner/wolfssl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig configure: >- LDFLAGS=-Wl,-rpath,/home/runner/wolfssl/build/lib - --with-ngtcp2 - --with-wolfssl=/home/runner/wolfssl/build - --enable-ech --enable-ssls-export + --with-wolfssl=/home/runner/wolfssl/build --with-ngtcp2 --enable-ech --enable-ssls-export --enable-unity - name: 'wolfssl' @@ -429,7 +417,6 @@ jobs: PKG_CONFIG_PATH: /home/runner/openssl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig configure: >- LDFLAGS=-Wl,-rpath,/home/runner/openssl/build/lib - --disable-ntlm --with-openssl=/home/runner/openssl/build --with-openssl-quic - name: 'openssl-quic' @@ -437,7 +424,6 @@ jobs: generate: >- -DOPENSSL_ROOT_DIR=/home/runner/openssl/build -DUSE_OPENSSL_QUIC=ON -DCURL_DISABLE_LDAP=ON - -DCURL_DISABLE_NTLM=ON -DCMAKE_UNITY_BUILD=ON - name: 'quiche' diff --git a/CMakeLists.txt b/CMakeLists.txt index 3a6a731426..da3b99cff4 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -868,6 +868,18 @@ if(CURL_USE_MBEDTLS) set(_valid_default_ssl_backend TRUE) endif() set(_curl_ca_bundle_supported TRUE) + + if(MBEDTLS_VERSION VERSION_GREATER_EQUAL 4.0.0) + set(HAVE_MBEDTLS_DES_CRYPT_ECB 0) # pre-fill detection result + endif() + if(NOT DEFINED HAVE_MBEDTLS_DES_CRYPT_ECB) + cmake_push_check_state() + list(APPEND CMAKE_REQUIRED_INCLUDES "${MBEDTLS_INCLUDE_DIRS}") + list(APPEND CMAKE_REQUIRED_LIBRARIES "${MBEDTLS_LIBRARIES}") + curl_required_libpaths("${MBEDTLS_LIBRARY_DIRS}") + check_function_exists("mbedtls_des_crypt_ecb" HAVE_MBEDTLS_DES_CRYPT_ECB) # in mbedTLS <4 + cmake_pop_check_state() + endif() endif() if(CURL_USE_WOLFSSL) @@ -1075,6 +1087,9 @@ if(USE_WOLFSSL) endif() if(USE_OPENSSL) + if(NOT DEFINED HAVE_DES_ECB_ENCRYPT) + curl_openssl_check_exists("DES_ecb_encrypt" "openssl/des.h" HAVE_DES_ECB_ENCRYPT) + endif() if(NOT DEFINED HAVE_SSL_SET0_WBIO) curl_openssl_check_exists("SSL_set0_wbio" HAVE_SSL_SET0_WBIO) endif() @@ -2079,8 +2094,8 @@ endmacro() # NTLM support requires crypto functions from various SSL libs. # These conditions must match those in lib/curl_setup.h. if(NOT CURL_DISABLE_NTLM AND - (USE_OPENSSL OR - (USE_MBEDTLS AND MBEDTLS_VERSION VERSION_LESS 4.0.0) OR + ((USE_OPENSSL AND HAVE_DES_ECB_ENCRYPT) OR + (USE_MBEDTLS AND HAVE_MBEDTLS_DES_CRYPT_ECB) OR USE_GNUTLS OR USE_WIN32_CRYPTO OR (USE_WOLFSSL AND HAVE_WOLFSSL_DES_ECB_ENCRYPT))) diff --git a/configure.ac b/configure.ac index 97d0310497..cc16f4120a 100644 --- a/configure.ac +++ b/configure.ac @@ -5252,12 +5252,11 @@ fi use_curl_ntlm_core=no if test "x$CURL_DISABLE_NTLM" != "x1"; then - if test "x$OPENSSL_ENABLED" = "x1" \ + if test "x$HAVE_DES_ECB_ENCRYPT" = "x1" \ -o "x$GNUTLS_ENABLED" = "x1" \ -o "x$USE_WIN32_CRYPTO" = "x1" \ - -o "x$HAVE_WOLFSSL_DES_ECB_ENCRYPT" = "x1"; then - use_curl_ntlm_core=yes - elif test "x$MBEDTLS_ENABLED" = "x1" && test "$mbedtls_4" = "0"; then + -o "x$HAVE_WOLFSSL_DES_ECB_ENCRYPT" = "x1" \ + -o "x$HAVE_MBEDTLS_DES_CRYPT_ECB" = "x1"; then use_curl_ntlm_core=yes fi diff --git a/docs/INSTALL-CMAKE.md b/docs/INSTALL-CMAKE.md index c622b83920..4b9b85326f 100644 --- a/docs/INSTALL-CMAKE.md +++ b/docs/INSTALL-CMAKE.md @@ -491,9 +491,11 @@ the parent project, ideally in the "extra" find package redirect file: Available variables: +- `HAVE_DES_ECB_ENCRYPT`: `DES_ecb_encrypt` present in OpenSSL (or fork). - `HAVE_GNUTLS_SRP`: `gnutls_srp_verifier` present in GnuTLS. - `HAVE_LDAP_INIT_FD`: `ldap_init_fd` present in LDAP library. - `HAVE_LDAP_URL_PARSE`: `ldap_url_parse` present in LDAP library. +- `HAVE_MBEDTLS_DES_CRYPT_ECB`: `mbedtls_des_crypt_ecb` present in mbedTLS <4. - `HAVE_OPENSSL_SRP`: `SSL_CTX_set_srp_username` present in OpenSSL (or fork). - `HAVE_QUICHE_CONN_SET_QLOG_FD`: `quiche_conn_set_qlog_fd` present in quiche. - `HAVE_RUSTLS_SUPPORTED_HPKE`: `rustls_supported_hpke` present in Rustls (unused if Rustls is detected via `pkg-config`). diff --git a/lib/curl_config.h.cmake b/lib/curl_config.h.cmake index 1fabc24c18..88b991d7ef 100644 --- a/lib/curl_config.h.cmake +++ b/lib/curl_config.h.cmake @@ -673,6 +673,9 @@ ${SIZEOF_TIME_T_CODE} /* if mbedTLS is enabled */ #cmakedefine USE_MBEDTLS 1 +/* if mbedTLS <4 has the mbedtls_des_crypt_ecb function. */ +#cmakedefine HAVE_MBEDTLS_DES_CRYPT_ECB 1 + /* if Rustls is enabled */ #cmakedefine USE_RUSTLS 1 @@ -801,7 +804,10 @@ ${SIZEOF_TIME_T_CODE} #cmakedefine USE_ECH 1 /* Define to 1 if you have the wolfSSL_CTX_GenerateEchConfig function. */ -#cmakedefine HAVE_WOLFSSL_CTX_GENERATEECHCONFIG +#cmakedefine HAVE_WOLFSSL_CTX_GENERATEECHCONFIG 1 /* Define to 1 if you have the SSL_set1_ech_config_list function. */ -#cmakedefine HAVE_SSL_SET1_ECH_CONFIG_LIST +#cmakedefine HAVE_SSL_SET1_ECH_CONFIG_LIST 1 + +/* Define to 1 if OpenSSL has the DES_ecb_encrypt function. */ +#cmakedefine HAVE_DES_ECB_ENCRYPT 1 diff --git a/lib/curl_ntlm_core.c b/lib/curl_ntlm_core.c index a81e97f0ce..be273f0c90 100644 --- a/lib/curl_ntlm_core.c +++ b/lib/curl_ntlm_core.c @@ -50,21 +50,19 @@ in NTLM type-3 messages. */ -#ifdef USE_OPENSSL - #include - #if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0) - #define USE_OPENSSL_DES - #endif -#elif defined(USE_WOLFSSL) - #include - #ifndef NO_DES3 - #define USE_OPENSSL_DES - #endif -#elif defined(USE_MBEDTLS) - #include - #if MBEDTLS_VERSION_NUMBER < 0x04000000 - #define USE_MBEDTLS_DES - #endif +#ifdef USE_MBEDTLS +#include +#if MBEDTLS_VERSION_NUMBER < 0x03020000 + #error "mbedTLS 3.2.0 or later required" +#endif +#endif + +#if defined(USE_OPENSSL) && defined(HAVE_DES_ECB_ENCRYPT) + #define USE_OPENSSL_DES +#elif defined(USE_WOLFSSL) && defined(HAVE_WOLFSSL_DES_ECB_ENCRYPT) + #define USE_OPENSSL_DES +#elif defined(USE_MBEDTLS) && defined(HAVE_MBEDTLS_DES_CRYPT_ECB) + #define USE_MBEDTLS_DES #endif #ifdef USE_OPENSSL_DES @@ -79,6 +77,7 @@ # endif # define DESKEY(x) &x #else +# include # include # include # include @@ -111,7 +110,6 @@ # include #else # error "cannot compile NTLM support without a crypto library with DES." -# define CURL_NTLM_NOT_SUPPORTED #endif #include "urldata.h" @@ -128,7 +126,6 @@ #include "curl_memory.h" #include "memdebug.h" -#ifndef CURL_NTLM_NOT_SUPPORTED /* * Turns a 56-bit key into being 64-bit wide. */ @@ -143,7 +140,6 @@ static void extend_key_56_to_64(const unsigned char *key_56, char *key) key[6] = (char)(((key_56[5] << 2) & 0xFF) | (key_56[6] >> 6)); key[7] = (char) ((key_56[6] << 1) & 0xFF); } -#endif #ifdef USE_OPENSSL_DES /* @@ -328,11 +324,9 @@ CURLcode Curl_ntlm_core_mk_lm_hash(const char *password, unsigned char *lmbuffer /* 21 bytes */) { unsigned char pw[14]; -#ifndef CURL_NTLM_NOT_SUPPORTED static const unsigned char magic[] = { 0x4B, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25 /* i.e. KGS!@#$% */ }; -#endif size_t len = CURLMIN(strlen(password), 14); Curl_strntoupper((char *)pw, password, len); diff --git a/lib/curl_setup.h b/lib/curl_setup.h index 4934baa22b..7c033623c5 100644 --- a/lib/curl_setup.h +++ b/lib/curl_setup.h @@ -737,13 +737,6 @@ # endif #endif -#ifdef USE_MBEDTLS -#include -#if MBEDTLS_VERSION_NUMBER < 0x03020000 - #error "mbedTLS 3.2.0 or later required" -#endif -#endif - #if defined(USE_WOLFSSL) && defined(USE_GNUTLS) /* Avoid defining unprefixed wolfSSL SHA macros colliding with nettle ones */ #define NO_OLD_WC_NAMES @@ -763,9 +756,9 @@ /* Single point where USE_NTLM definition might be defined */ #ifndef CURL_DISABLE_NTLM -# if defined(USE_OPENSSL) || \ +# if (defined(USE_OPENSSL) && defined(HAVE_DES_ECB_ENCRYPT)) || \ defined(USE_GNUTLS) || \ - (defined(USE_MBEDTLS) && MBEDTLS_VERSION_NUMBER < 0x04000000) || \ + (defined(USE_MBEDTLS) && defined(HAVE_MBEDTLS_DES_CRYPT_ECB)) || \ defined(USE_OS400CRYPTO) || defined(USE_WIN32_CRYPTO) || \ (defined(USE_WOLFSSL) && defined(HAVE_WOLFSSL_DES_ECB_ENCRYPT)) # define USE_CURL_NTLM_CORE diff --git a/lib/md5.c b/lib/md5.c index 897bd1b1a4..d99554a4aa 100644 --- a/lib/md5.c +++ b/lib/md5.c @@ -49,6 +49,10 @@ #endif #ifdef USE_MBEDTLS + #include + #if MBEDTLS_VERSION_NUMBER < 0x03020000 + #error "mbedTLS 3.2.0 or later required" + #endif #include #if defined(PSA_WANT_ALG_MD5) && PSA_WANT_ALG_MD5 /* mbedTLS 4+ */ #define USE_MBEDTLS_MD5 diff --git a/lib/sha256.c b/lib/sha256.c index cf8e98a550..f7bb545613 100644 --- a/lib/sha256.c +++ b/lib/sha256.c @@ -33,6 +33,10 @@ #include "curl_hmac.h" #ifdef USE_MBEDTLS + #include + #if MBEDTLS_VERSION_NUMBER < 0x03020000 + #error "mbedTLS 3.2.0 or later required" + #endif #include #if defined(PSA_WANT_ALG_SHA_256) && PSA_WANT_ALG_SHA_256 /* mbedTLS 4+ */ #define USE_MBEDTLS_SHA256 diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c index 89157f655f..5a2310d115 100644 --- a/lib/vtls/mbedtls.c +++ b/lib/vtls/mbedtls.c @@ -37,6 +37,9 @@ /* #define MBEDTLS_DEBUG */ #include +#if MBEDTLS_VERSION_NUMBER < 0x03020000 + #error "mbedTLS 3.2.0 or later required" +#endif #include #include #include diff --git a/m4/curl-mbedtls.m4 b/m4/curl-mbedtls.m4 index 55152c5408..573db4c3ab 100644 --- a/m4/curl-mbedtls.m4 +++ b/m4/curl-mbedtls.m4 @@ -107,24 +107,11 @@ if test "x$OPT_MBEDTLS" != xno; then LIBCURL_PC_REQUIRES_PRIVATE="$LIBCURL_PC_REQUIRES_PRIVATE mbedtls mbedx509 mbedcrypto" fi - mbedtls_4=0 - AC_MSG_CHECKING([for mbedTLS >= v4]) - AC_COMPILE_IFELSE([ - AC_LANG_PROGRAM([[ - #include - ]],[[ - #if (MBEDTLS_VERSION_NUMBER >= 0x04000000) - return 0; - #else - #error older than 4 - #endif - ]]) - ],[ - mbedtls_4=1 - AC_MSG_RESULT([yes]) - ],[ - AC_MSG_RESULT([no]) - ]) + dnl Check DES support in mbedTLS <4. + AC_CHECK_FUNCS(mbedtls_des_crypt_ecb) + if test "$ac_cv_func_mbedtls_des_crypt_ecb" = 'yes'; then + HAVE_MBEDTLS_DES_CRYPT_ECB=1 + fi fi fi dnl mbedTLS not disabled diff --git a/m4/curl-openssl.m4 b/m4/curl-openssl.m4 index 56245c9c2a..5175bb85d2 100644 --- a/m4/curl-openssl.m4 +++ b/m4/curl-openssl.m4 @@ -340,6 +340,29 @@ if test X"$OPT_OPENSSL" != Xno && AC_MSG_ERROR([--with-openssl was given but OpenSSL could not be detected]) fi +dnl --- +dnl We check OpenSSL for DES support. +dnl --- +if test "$OPENSSL_ENABLED" = "1"; then + AC_MSG_CHECKING([for DES support in OpenSSL]) + AC_LINK_IFELSE([ + AC_LANG_PROGRAM([[ + #ifndef OPENSSL_SUPPRESS_DEPRECATED + #define OPENSSL_SUPPRESS_DEPRECATED + #endif + #include + ]],[[ + DES_ecb_encrypt(0, 0, 0, DES_ENCRYPT); + ]]) + ],[ + AC_MSG_RESULT([yes]) + AC_DEFINE(HAVE_DES_ECB_ENCRYPT, 1, [if you have the function DES_ecb_encrypt]) + HAVE_DES_ECB_ENCRYPT=1 + ],[ + AC_MSG_RESULT([no]) + ]) +fi + dnl --- dnl We require OpenSSL with SRP support. dnl --- From c96b7c4636b03c0a9c4e8303852553c4217446ee Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 24 Oct 2025 02:28:46 +0200 Subject: [PATCH 0588/2408] des: merge curl_des into `curl_ntlm_core.c` `curl_des.c` contained a single, short, function `Curl_des_set_odd_parity()`, called from `curl_ntlm_core.c` alone. Move it there, and define it only when needed. Follow-up to 300876a7a62ff598c3be359e45a00b79cf9944ad Follow-up to 8cc70db2db5f58e519a1bdfed266ca6514013145 Closes #19209 --- .github/labeler.yml | 2 +- lib/Makefile.inc | 2 -- lib/curl_des.c | 68 -------------------------------------------- lib/curl_des.h | 39 ------------------------- lib/curl_ntlm_core.c | 48 ++++++++++++++++++++++++++++--- 5 files changed, 45 insertions(+), 114 deletions(-) delete mode 100644 lib/curl_des.c delete mode 100644 lib/curl_des.h diff --git a/.github/labeler.yml b/.github/labeler.yml index 770b293e3f..75ea8686da 100644 --- a/.github/labeler.yml +++ b/.github/labeler.yml @@ -162,9 +162,9 @@ cryptography: docs/libcurl/opts/CURLOPT_EGDSOCKET*,\ lib/*sha256*,\ lib/*sha512*,\ - lib/curl_des.*,\ lib/curl_hmac.*,\ lib/curl_md?.*,\ + lib/curl_ntlm_core.*,\ lib/md?.*,\ lib/rand.*\ }" diff --git a/lib/Makefile.inc b/lib/Makefile.inc index f06af2ca70..8b506febcf 100644 --- a/lib/Makefile.inc +++ b/lib/Makefile.inc @@ -160,7 +160,6 @@ LIB_CFILES = \ cookie.c \ cshutdn.c \ curl_addrinfo.c \ - curl_des.c \ curl_endian.c \ curl_fnmatch.c \ curl_fopen.c \ @@ -290,7 +289,6 @@ LIB_HFILES = \ cookie.h \ curl_addrinfo.h \ curl_ctype.h \ - curl_des.h \ curl_endian.h \ curl_fnmatch.h \ curl_fopen.h \ diff --git a/lib/curl_des.c b/lib/curl_des.c deleted file mode 100644 index a202dd3fe4..0000000000 --- a/lib/curl_des.c +++ /dev/null @@ -1,68 +0,0 @@ -/*************************************************************************** - * _ _ ____ _ - * Project ___| | | | _ \| | - * / __| | | | |_) | | - * | (__| |_| | _ <| |___ - * \___|\___/|_| \_\_____| - * - * Copyright (C) Steve Holme, . - * - * This software is licensed as described in the file COPYING, which - * you should have received as part of this distribution. The terms - * are also available at https://curl.se/docs/copyright.html. - * - * You may opt to use, copy, modify, merge, publish, distribute and/or sell - * copies of the Software, and permit persons to whom the Software is - * furnished to do so, under the terms of the COPYING file. - * - * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY - * KIND, either express or implied. - * - * SPDX-License-Identifier: curl - * - ***************************************************************************/ - -#include "curl_setup.h" - -#if defined(USE_CURL_NTLM_CORE) && \ - (defined(USE_GNUTLS) || \ - defined(USE_OS400CRYPTO) || \ - defined(USE_WIN32_CRYPTO)) - -#include "curl_des.h" - -/* - * Curl_des_set_odd_parity() - * - * This is used to apply odd parity to the given byte array. It is typically - * used by when a cryptography engine does not have its own version. - * - * The function is a port of the Java based oddParity() function over at: - * - * https://davenport.sourceforge.net/ntlm.html - * - * Parameters: - * - * bytes [in/out] - The data whose parity bits are to be adjusted for - * odd parity. - * len [out] - The length of the data. - */ -void Curl_des_set_odd_parity(unsigned char *bytes, size_t len) -{ - size_t i; - - for(i = 0; i < len; i++) { - unsigned char b = bytes[i]; - - bool needs_parity = (((b >> 7) ^ (b >> 6) ^ (b >> 5) ^ - (b >> 4) ^ (b >> 3) ^ (b >> 2) ^ - (b >> 1)) & 0x01) == 0; - - if(needs_parity) - bytes[i] |= 0x01; - else - bytes[i] &= 0xfe; - } -} - -#endif diff --git a/lib/curl_des.h b/lib/curl_des.h deleted file mode 100644 index c50aaf45b1..0000000000 --- a/lib/curl_des.h +++ /dev/null @@ -1,39 +0,0 @@ -#ifndef HEADER_CURL_DES_H -#define HEADER_CURL_DES_H -/*************************************************************************** - * _ _ ____ _ - * Project ___| | | | _ \| | - * / __| | | | |_) | | - * | (__| |_| | _ <| |___ - * \___|\___/|_| \_\_____| - * - * Copyright (C) Steve Holme, . - * - * This software is licensed as described in the file COPYING, which - * you should have received as part of this distribution. The terms - * are also available at https://curl.se/docs/copyright.html. - * - * You may opt to use, copy, modify, merge, publish, distribute and/or sell - * copies of the Software, and permit persons to whom the Software is - * furnished to do so, under the terms of the COPYING file. - * - * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY - * KIND, either express or implied. - * - * SPDX-License-Identifier: curl - * - ***************************************************************************/ - -#include "curl_setup.h" - -#if defined(USE_CURL_NTLM_CORE) && \ - (defined(USE_GNUTLS) || \ - defined(USE_OS400CRYPTO) || \ - defined(USE_WIN32_CRYPTO)) - -/* Applies odd parity to the given byte array */ -void Curl_des_set_odd_parity(unsigned char *bytes, size_t length); - -#endif - -#endif /* HEADER_CURL_DES_H */ diff --git a/lib/curl_ntlm_core.c b/lib/curl_ntlm_core.c index be273f0c90..72a0f24b77 100644 --- a/lib/curl_ntlm_core.c +++ b/lib/curl_ntlm_core.c @@ -99,6 +99,7 @@ #elif defined(USE_GNUTLS) # include +# define USE_CURL_DES_SET_ODD_PARITY #elif defined(USE_MBEDTLS_DES) @@ -106,8 +107,10 @@ #elif defined(USE_OS400CRYPTO) # include "cipher.mih" /* mih/cipher */ +# define USE_CURL_DES_SET_ODD_PARITY #elif defined(USE_WIN32_CRYPTO) # include +# define USE_CURL_DES_SET_ODD_PARITY #else # error "cannot compile NTLM support without a crypto library with DES." #endif @@ -119,13 +122,50 @@ #include "curl_hmac.h" #include "curlx/warnless.h" #include "curl_endian.h" -#include "curl_des.h" #include "curl_md4.h" /* The last 2 #include files should be in this order */ #include "curl_memory.h" #include "memdebug.h" +#ifdef USE_CURL_DES_SET_ODD_PARITY +/* + * curl_des_set_odd_parity() + * + * Copyright (C) Steve Holme, + * + * This is used to apply odd parity to the given byte array. It is typically + * used by when a cryptography engine does not have its own version. + * + * The function is a port of the Java based oddParity() function over at: + * + * https://davenport.sourceforge.net/ntlm.html + * + * Parameters: + * + * bytes [in/out] - The data whose parity bits are to be adjusted for + * odd parity. + * len [out] - The length of the data. + */ +static void curl_des_set_odd_parity(unsigned char *bytes, size_t len) +{ + size_t i; + + for(i = 0; i < len; i++) { + unsigned char b = bytes[i]; + + bool needs_parity = (((b >> 7) ^ (b >> 6) ^ (b >> 5) ^ + (b >> 4) ^ (b >> 3) ^ (b >> 2) ^ + (b >> 1)) & 0x01) == 0; + + if(needs_parity) + bytes[i] |= 0x01; + else + bytes[i] &= 0xfe; + } +} +#endif /* USE_CURL_DES_SET_ODD_PARITY */ + /* * Turns a 56-bit key into being 64-bit wide. */ @@ -172,7 +212,7 @@ static void setup_des_key(const unsigned char *key_56, extend_key_56_to_64(key_56, key); /* Set the key parity to odd */ - Curl_des_set_odd_parity((unsigned char *) key, sizeof(key)); + curl_des_set_odd_parity((unsigned char *) key, sizeof(key)); /* Set the key */ des_set_key(des, (const uint8_t *) key); @@ -214,7 +254,7 @@ static bool encrypt_des(const unsigned char *in, unsigned char *out, extend_key_56_to_64(key_56, ctl.Crypto_Key); /* Set the key parity to odd */ - Curl_des_set_odd_parity((unsigned char *) ctl.Crypto_Key, ctl.Data_Len); + curl_des_set_odd_parity((unsigned char *) ctl.Crypto_Key, ctl.Data_Len); /* Perform the encryption */ _CIPHER((_SPCPTR *) &out, &ctl, (_SPCPTR *) &in); @@ -252,7 +292,7 @@ static bool encrypt_des(const unsigned char *in, unsigned char *out, extend_key_56_to_64(key_56, blob.key); /* Set the key parity to odd */ - Curl_des_set_odd_parity((unsigned char *) blob.key, sizeof(blob.key)); + curl_des_set_odd_parity((unsigned char *) blob.key, sizeof(blob.key)); /* Import the key */ if(!CryptImportKey(hprov, (BYTE *) &blob, sizeof(blob), 0, 0, &hkey)) { From 82fa9862dfa3083d4014d6dcfb721a7278e66f0b Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 24 Oct 2025 13:02:55 +0200 Subject: [PATCH 0589/2408] GHA: set `concurrency:` where missing To silence zizmor 1.16.0 warnings. Also: - http3-linux: replace hard-coded workflow name with variable. Follow-up to a8174176b5425c5692b55b78e40aef3a2331155f #13841 - codeql: set `cancel-in-progress: true`. zizmor apparently does not allow `false` in pedantic mode anymore: https://github.com/zizmorcore/zizmor/pull/1227 - codeql: sync concurrency setting with the rest of the jobs. (I'm not sure this is correct, or why it was previously special-cased.) Expressions used (before and after this patch): - `group: ${{ github.workflow }}-${{ github.event.sha }}-${{ github.event.target_url }}` for GHA/appveyor-status. - `group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}` for all the rest. Ref: https://github.com/curl/curl/actions/runs/18776245057/job/53571438139?pr=19209 Closes #19215 --- .github/workflows/checksrc.yml | 4 ++++ .github/workflows/codeql.yml | 3 ++- .github/workflows/configure-vs-cmake.yml | 4 ++++ .github/workflows/fuzz.yml | 4 ++++ .github/workflows/http3-linux.yml | 3 +-- .github/workflows/label.yml | 4 ++++ .github/workflows/linux-old.yml | 4 ++++ 7 files changed, 23 insertions(+), 3 deletions(-) diff --git a/.github/workflows/checksrc.yml b/.github/workflows/checksrc.yml index a0337904f2..bd930f8ff1 100644 --- a/.github/workflows/checksrc.yml +++ b/.github/workflows/checksrc.yml @@ -27,6 +27,10 @@ name: 'Source' - 'plan9/**' - 'tests/data/**' +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} + cancel-in-progress: true + permissions: {} jobs: diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 58eaa35be5..5cbde8de05 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -32,7 +32,8 @@ name: 'CodeQL' - cron: '0 0 * * 4' concurrency: - group: ${{ github.workflow }} + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} + cancel-in-progress: true permissions: {} diff --git a/.github/workflows/configure-vs-cmake.yml b/.github/workflows/configure-vs-cmake.yml index 5c35051f6a..ade83e0c60 100644 --- a/.github/workflows/configure-vs-cmake.yml +++ b/.github/workflows/configure-vs-cmake.yml @@ -30,6 +30,10 @@ name: 'configure-vs-cmake' - '.github/scripts/cmp-config.pl' - '.github/workflows/configure-vs-cmake.yml' +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} + cancel-in-progress: true + permissions: {} jobs: diff --git a/.github/workflows/fuzz.yml b/.github/workflows/fuzz.yml index 1c466160fc..98cdd8a97d 100644 --- a/.github/workflows/fuzz.yml +++ b/.github/workflows/fuzz.yml @@ -35,6 +35,10 @@ name: 'Fuzzer' - 'projects/**' - 'tests/data/**' +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} + cancel-in-progress: true + permissions: {} jobs: diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index 668de7ede4..b29a3076f9 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -30,8 +30,7 @@ name: 'Linux HTTP/3' - 'projects/**' concurrency: - # Hardcoded workflow filename as workflow name above is just Linux again - group: http3-${{ github.event.pull_request.number || github.sha }} + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} cancel-in-progress: true permissions: {} diff --git a/.github/workflows/label.yml b/.github/workflows/label.yml index a5f42f9d40..0c169e6075 100644 --- a/.github/workflows/label.yml +++ b/.github/workflows/label.yml @@ -13,6 +13,10 @@ name: 'Labeler' 'on': [pull_request_target] # zizmor: ignore[dangerous-triggers] +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} + cancel-in-progress: true + permissions: {} jobs: diff --git a/.github/workflows/linux-old.yml b/.github/workflows/linux-old.yml index e145633708..198f90c538 100644 --- a/.github/workflows/linux-old.yml +++ b/.github/workflows/linux-old.yml @@ -43,6 +43,10 @@ name: 'Old Linux' - 'plan9/**' - 'projects/**' +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} + cancel-in-progress: true + permissions: {} env: From 87ab1cd255b8e70d0379f42d8ee2f25815400ec7 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 24 Oct 2025 13:44:44 +0200 Subject: [PATCH 0590/2408] GHA/fuzz: try fixing concurrency group deadlock ``` Fuzzer Canceling since a deadlock was detected for concurrency group: 'Fuzzer-82fa9862dfa3083d4014d6dcfb721a7278e66f0b' between a top level workflow and 'Fuzzing' ``` https://github.com/curl/curl/actions/runs/18778617351 Follow-up to 82fa9862dfa3083d4014d6dcfb721a7278e66f0b #19215 --- .github/workflows/fuzz.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/fuzz.yml b/.github/workflows/fuzz.yml index 98cdd8a97d..eb4bd0dc88 100644 --- a/.github/workflows/fuzz.yml +++ b/.github/workflows/fuzz.yml @@ -36,7 +36,8 @@ name: 'Fuzzer' - 'tests/data/**' concurrency: - group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} + # Hard-coded workflow name to avoid colliding with curl-fuzzer's group + group: curl-fuzz-${{ github.event.pull_request.number || github.sha }} cancel-in-progress: true permissions: {} From 7d0261c2288ac52dd8a59ac14ebe823a564ce1ed Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 24 Oct 2025 13:49:51 +0200 Subject: [PATCH 0591/2408] GHA/checksrc: extend zizmor to Dependabot, set cooldown periods Closes #19216 --- .github/dependabot.yml | 7 +++++++ .github/workflows/checksrc.yml | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index bd5661bea4..a6b58f1e62 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -8,6 +8,8 @@ updates: directory: '/' schedule: interval: 'monthly' + cooldown: + default-days: 7 commit-message: prefix: 'GHA:' @@ -17,5 +19,10 @@ updates: - '/tests' schedule: interval: 'monthly' + cooldown: + default-days: 7 + semver-major-days: 15 + semver-minor-days: 7 + semver-patch-days: 3 commit-message: prefix: 'GHA:' diff --git a/.github/workflows/checksrc.yml b/.github/workflows/checksrc.yml index bd930f8ff1..05dcc2ec91 100644 --- a/.github/workflows/checksrc.yml +++ b/.github/workflows/checksrc.yml @@ -135,7 +135,7 @@ jobs: GH_TOKEN: '${{ secrets.GITHUB_TOKEN }}' run: | eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)" - zizmor --pedantic .github/workflows/*.yml + zizmor --pedantic .github/workflows/*.yml .github/dependabot.yml - name: 'shellcheck CI' run: | From e0d6ecdf01c029c3498fe8081116dfb4707fe296 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 24 Oct 2025 12:02:18 +0000 Subject: [PATCH 0592/2408] GHA: bump pips - cryptography from 46.0.2 to 46.0.3 in /tests - filelock from 3.19.1 to 3.20.0 in /tests - psutil from 7.1.0 to 7.1.1 in /tests Closes #19217 Closes #19218 Closes #19219 --- tests/http/requirements.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/http/requirements.txt b/tests/http/requirements.txt index 3b81a2ca13..bc872085c6 100644 --- a/tests/http/requirements.txt +++ b/tests/http/requirements.txt @@ -2,9 +2,9 @@ # # SPDX-License-Identifier: curl -cryptography==46.0.2 -filelock==3.19.1 -psutil==7.1.0 +cryptography==46.0.3 +filelock==3.20.0 +psutil==7.1.1 pytest==8.4.2 pytest-xdist==3.8.0 websockets==15.0.1 From f4293cd81e9ed8cacee186161fd5294bdfe063dd Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 24 Oct 2025 14:57:52 +0200 Subject: [PATCH 0593/2408] GHA/dependabot: group updates To avoid update spam and PR that can't be applied on top of each other. Ref: #19217 #19218 #19219 Closes #19220 --- .github/dependabot.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index a6b58f1e62..e9126e58d3 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -10,6 +10,10 @@ updates: interval: 'monthly' cooldown: default-days: 7 + groups: + actions-deps: + patterns: + - '*' commit-message: prefix: 'GHA:' @@ -24,5 +28,9 @@ updates: semver-major-days: 15 semver-minor-days: 7 semver-patch-days: 3 + groups: + actions-deps: + patterns: + - '*' commit-message: prefix: 'GHA:' From 207a74206bb64ed06a9c33d132036712dfaa2e48 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 24 Oct 2025 18:34:35 +0200 Subject: [PATCH 0594/2408] mbedtls: fix building with sha-256 missing from PSA Fixing: ``` lib/vtls/mbedtls.c:1505:10: error: call to undeclared function 'Curl_sha256it'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration] 1505 | return Curl_sha256it(sha256sum, input, inputlen); | ^ 1 error generated. ``` with mbedTLS configuration: ``` tf-psa-crypto/scripts/config.py unset PSA_WANT_ALG_SHA_256 tf-psa-crypto/scripts/config.py unset PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS tf-psa-crypto/scripts/config.py unset MBEDTLS_LMS_C ``` Follow-up to 3a305831d1a9d10b2bfd4fa3939ed41275fee7f7 #19077 Closes #19223 --- lib/vtls/mbedtls.c | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c index 5a2310d115..89d4eff64e 100644 --- a/lib/vtls/mbedtls.c +++ b/lib/vtls/mbedtls.c @@ -73,6 +73,7 @@ #include "../multiif.h" #include "mbedtls_threadlock.h" #include "../strdup.h" +#include "../curl_sha256.h" /* The last 2 #include files should be in this order */ #include "../curl_memory.h" From 833da09b53fa99b1cd83154e4a5febf584d7c040 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 24 Oct 2025 18:41:20 +0200 Subject: [PATCH 0595/2408] vtls: drop duplicate `CURL_SHA256_DIGEST_LENGTH` definition Closes #19224 --- lib/vtls/schannel.c | 1 + lib/vtls/schannel_int.h | 1 + lib/vtls/vtls.h | 4 ---- 3 files changed, 2 insertions(+), 4 deletions(-) diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index 2e29ea2f18..0178659f9a 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -58,6 +58,7 @@ #include "../rand.h" #include "../curlx/strparse.h" #include "../progress.h" +#include "../curl_sha256.h" /* The last #include file should be: */ #include "../curl_memory.h" diff --git a/lib/vtls/schannel_int.h b/lib/vtls/schannel_int.h index f9adb58294..05116dfa1a 100644 --- a/lib/vtls/schannel_int.h +++ b/lib/vtls/schannel_int.h @@ -29,6 +29,7 @@ #ifdef USE_SCHANNEL #include "vtls.h" +#include "../curl_sha256.h" #if defined(_MSC_VER) && (_MSC_VER <= 1600) /* Workaround for warning: diff --git a/lib/vtls/vtls.h b/lib/vtls/vtls.h index c62b8ae258..180333e63c 100644 --- a/lib/vtls/vtls.h +++ b/lib/vtls/vtls.h @@ -99,10 +99,6 @@ CURLsslset Curl_init_sslset_nolock(curl_sslbackend id, const char *name, #define MAX_PINNED_PUBKEY_SIZE 1048576 /* 1MB */ #endif -#ifndef CURL_SHA256_DIGEST_LENGTH -#define CURL_SHA256_DIGEST_LENGTH 32 /* fixed size */ -#endif - curl_sslbackend Curl_ssl_backend(void); /** From 2b30d29c3c1b6fbda1c50e91c2948bb1986f4bd8 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 24 Oct 2025 18:03:52 +0200 Subject: [PATCH 0596/2408] autotools: merge `if`s in GnuTLS/OpenSSL feature detection Closes #19222 --- m4/curl-gnutls.m4 | 16 ++++++---------- m4/curl-openssl.m4 | 30 ++++++++++++------------------ 2 files changed, 18 insertions(+), 28 deletions(-) diff --git a/m4/curl-gnutls.m4 b/m4/curl-gnutls.m4 index fb98f8d8fb..0872ee52b6 100644 --- a/m4/curl-gnutls.m4 +++ b/m4/curl-gnutls.m4 @@ -137,11 +137,10 @@ if test "x$OPT_GNUTLS" != xno; then test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg" fi -dnl --- -dnl Check which crypto backend GnuTLS uses -dnl --- - if test "$GNUTLS_ENABLED" = "1"; then + dnl --- + dnl Check which crypto backend GnuTLS uses + dnl --- USE_GNUTLS_NETTLE= # First check if we can detect either crypto library via transitive linking AC_CHECK_LIB(gnutls, nettle_MD5Init, [ USE_GNUTLS_NETTLE=1 ]) @@ -154,17 +153,14 @@ if test "$GNUTLS_ENABLED" = "1"; then AC_MSG_ERROR([GnuTLS found, but nettle was not found]) fi LIBS="-lnettle $LIBS" -fi -dnl --- -dnl We require GnuTLS with SRP support. -dnl --- -if test "$GNUTLS_ENABLED" = "1"; then + dnl --- + dnl We require GnuTLS with SRP support. + dnl --- AC_CHECK_LIB(gnutls, gnutls_srp_verifier, [ AC_DEFINE(HAVE_GNUTLS_SRP, 1, [if you have the function gnutls_srp_verifier]) HAVE_GNUTLS_SRP=1 ]) fi - ]) diff --git a/m4/curl-openssl.m4 b/m4/curl-openssl.m4 index 5175bb85d2..18c929e2b2 100644 --- a/m4/curl-openssl.m4 +++ b/m4/curl-openssl.m4 @@ -340,10 +340,10 @@ if test X"$OPT_OPENSSL" != Xno && AC_MSG_ERROR([--with-openssl was given but OpenSSL could not be detected]) fi -dnl --- -dnl We check OpenSSL for DES support. -dnl --- if test "$OPENSSL_ENABLED" = "1"; then + dnl --- + dnl We check OpenSSL for DES support. + dnl --- AC_MSG_CHECKING([for DES support in OpenSSL]) AC_LINK_IFELSE([ AC_LANG_PROGRAM([[ @@ -361,12 +361,10 @@ if test "$OPENSSL_ENABLED" = "1"; then ],[ AC_MSG_RESULT([no]) ]) -fi -dnl --- -dnl We require OpenSSL with SRP support. -dnl --- -if test "$OPENSSL_ENABLED" = "1"; then + dnl --- + dnl We require OpenSSL with SRP support. + dnl --- AC_MSG_CHECKING([for SRP support in OpenSSL]) AC_LINK_IFELSE([ AC_LANG_PROGRAM([[ @@ -385,12 +383,10 @@ if test "$OPENSSL_ENABLED" = "1"; then ],[ AC_MSG_RESULT([no]) ]) -fi -dnl --- -dnl Whether the OpenSSL configuration will be loaded automatically -dnl --- -if test X"$OPENSSL_ENABLED" = X"1"; then + dnl --- + dnl Whether the OpenSSL configuration will be loaded automatically + dnl --- AC_ARG_ENABLE(openssl-auto-load-config, AS_HELP_STRING([--enable-openssl-auto-load-config],[Enable automatic loading of OpenSSL configuration]) AS_HELP_STRING([--disable-openssl-auto-load-config],[Disable automatic loading of OpenSSL configuration]), @@ -399,12 +395,10 @@ AS_HELP_STRING([--disable-openssl-auto-load-config],[Disable automatic loading o AC_DEFINE(CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG, 1, [if the OpenSSL configuration won't be loaded automatically]) fi ]) -fi -dnl --- -dnl We may use OpenSSL QUIC. -dnl --- -if test "$OPENSSL_ENABLED" = "1"; then + dnl --- + dnl We may use OpenSSL QUIC. + dnl --- AC_MSG_CHECKING([for QUIC support and OpenSSL >= 3.3]) AC_LINK_IFELSE([ AC_LANG_PROGRAM([[ From 3fc727751f8cc5af5a2bac8fda995ecf19c6b6c6 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 24 Oct 2025 18:46:50 +0200 Subject: [PATCH 0597/2408] lib: delete unused crypto header includes Tested OK with full non-unity CI run. Closes #19225 --- lib/curl_ntlm_core.c | 2 -- lib/curl_sasl.c | 1 - lib/md4.c | 1 - lib/vauth/ntlm.c | 1 - lib/vssh/libssh2.c | 1 - lib/vtls/vtls.c | 1 - 6 files changed, 7 deletions(-) diff --git a/lib/curl_ntlm_core.c b/lib/curl_ntlm_core.c index 72a0f24b77..9c5e804779 100644 --- a/lib/curl_ntlm_core.c +++ b/lib/curl_ntlm_core.c @@ -69,7 +69,6 @@ #ifdef USE_OPENSSL # include -# include # include # include # ifdef OPENSSL_IS_AWSLC /* for versions 1.2.0 to 1.30.1 */ @@ -79,7 +78,6 @@ #else # include # include -# include # include # include # ifdef OPENSSL_COEXIST diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c index c907c2c27b..043786f73f 100644 --- a/lib/curl_sasl.c +++ b/lib/curl_sasl.c @@ -43,7 +43,6 @@ #include "urldata.h" #include "curlx/base64.h" -#include "curl_md5.h" #include "vauth/vauth.h" #include "cfilters.h" #include "vtls/vtls.h" diff --git a/lib/md4.c b/lib/md4.c index 083ecb0d48..d86a24628c 100644 --- a/lib/md4.c +++ b/lib/md4.c @@ -28,7 +28,6 @@ #include -#include "strdup.h" #include "curl_md4.h" #include "curlx/warnless.h" diff --git a/lib/vauth/ntlm.c b/lib/vauth/ntlm.c index d860fbbd50..4b793b7cdb 100644 --- a/lib/vauth/ntlm.c +++ b/lib/vauth/ntlm.c @@ -40,7 +40,6 @@ #include "../curl_ntlm_core.h" #include "../curl_gethostname.h" #include "../curlx/multibyte.h" -#include "../curl_md5.h" #include "../curlx/warnless.h" #include "../rand.h" #include "../vtls/vtls.h" diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c index c0335db9c1..bd444c7b87 100644 --- a/lib/vssh/libssh2.c +++ b/lib/vssh/libssh2.c @@ -69,7 +69,6 @@ #include "curl_path.h" #include "../curlx/strparse.h" #include "../curlx/base64.h" /* for base64 encoding/decoding */ -#include "../curl_sha256.h" /* The last 2 #include files should be in this order */ #include "../curl_memory.h" diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c index 115559b70d..973e4b2c01 100644 --- a/lib/vtls/vtls.c +++ b/lib/vtls/vtls.c @@ -67,7 +67,6 @@ #include "../multiif.h" #include "../curlx/fopen.h" #include "../curlx/timeval.h" -#include "../curl_md5.h" #include "../curl_sha256.h" #include "../curlx/warnless.h" #include "../curlx/base64.h" From 543b78652a37695c3429d981639b38f37bdef52e Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 24 Oct 2025 21:12:37 +0200 Subject: [PATCH 0598/2408] curl_ngtcp2: fix `-Wunreachable-code` with H3 !verbose !unity clang Not tested in default CI. macOS / CM clang OpenSSL gsasl rtmp AppleIDN SecTrust +examples, macOS / CM llvm@18 OpenSSL gsasl rtmp AppleIDN SecTrust +examples: ``` lib/vquic/curl_ngtcp2.c:530:5: error: code will never be executed [-Werror,-Wunreachable-code] 530 | const ngtcp2_transport_params *rp; | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 1 error generated. ``` Ref: https://github.com/curl/curl/actions/runs/18787154442/job/53608230871?pr=19225#step:11:183 Confirmed fixed via #19225 Closes #19226 --- lib/vquic/curl_ngtcp2.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index 9478b8d0f3..36265b7371 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -526,6 +526,7 @@ static int cf_ngtcp2_handshake_completed(ngtcp2_conn *tconn, void *user_data) ctx->tls_vrfy_result = Curl_vquic_tls_verify_peer(&ctx->tls, cf, data, &ctx->peer); +#ifndef CURL_DISABLE_VERBOSE_STRINGS if(Curl_trc_is_verbose(data)) { const ngtcp2_transport_params *rp; rp = ngtcp2_conn_get_remote_transport_params(ctx->qconn); @@ -537,6 +538,7 @@ static int cf_ngtcp2_handshake_completed(ngtcp2_conn *tconn, void *user_data) (curl_uint64_t)rp->max_udp_payload_size, (curl_uint64_t)rp->initial_max_data); } +#endif /* In case of earlydata, where we simulate being connected, update * the handshake time when we really did connect */ From 71d1eec675b3b7629a6f5dc4609b231ce60ade2a Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 7 Oct 2025 12:49:02 +0200 Subject: [PATCH 0599/2408] tidy-up: miscellaneous - cmake/Find*: make double quotes consistent. - drop redundant parenthesis. - GHA/checksrc: sync a step name with others. - whitespace. Closes #19233 --- .github/workflows/checksrc.yml | 2 +- .github/workflows/non-native.yml | 4 ++-- CMake/FindBrotli.cmake | 2 +- CMake/FindLDAP.cmake | 2 +- CMake/FindMbedTLS.cmake | 2 +- CMake/FindNGTCP2.cmake | 2 +- docs/examples/log_failed_transfers.c | 2 +- docs/examples/usercertinmem.c | 2 +- include/curl/curl.h | 8 ++++---- lib/ldap.c | 4 ++-- lib/urldata.h | 30 ++++++++++++++-------------- lib/vauth/ntlm.c | 2 +- 12 files changed, 31 insertions(+), 31 deletions(-) diff --git a/.github/workflows/checksrc.yml b/.github/workflows/checksrc.yml index 05dcc2ec91..c5b918aa8e 100644 --- a/.github/workflows/checksrc.yml +++ b/.github/workflows/checksrc.yml @@ -53,7 +53,7 @@ jobs: with: persist-credentials: false - - name: 'install' + - name: 'install prereqs' run: | python3 -m venv ~/venv ~/venv/bin/pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary \ diff --git a/.github/workflows/non-native.yml b/.github/workflows/non-native.yml index 8dccb9e399..71829ec302 100644 --- a/.github/workflows/non-native.yml +++ b/.github/workflows/non-native.yml @@ -138,8 +138,8 @@ jobs: include: - { build: 'autotools', arch: 'x86_64', compiler: 'clang' } - { build: 'cmake' , arch: 'x86_64', compiler: 'clang', options: '-DCMAKE_UNITY_BUILD=OFF', desc: ' !unity !runtests !examples' } - - { build: 'autotools', arch: 'arm64', compiler: 'clang' } - - { build: 'cmake' , arch: 'arm64', compiler: 'clang' } + - { build: 'autotools', arch: 'arm64' , compiler: 'clang' } + - { build: 'cmake' , arch: 'arm64' , compiler: 'clang' } fail-fast: false steps: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 diff --git a/CMake/FindBrotli.cmake b/CMake/FindBrotli.cmake index c129a76567..d2b50d9621 100644 --- a/CMake/FindBrotli.cmake +++ b/CMake/FindBrotli.cmake @@ -51,7 +51,7 @@ endif() if(BROTLI_FOUND) set(Brotli_FOUND TRUE) - set(BROTLI_VERSION "${BROTLI_libbrotlicommon_VERSION}") + set(BROTLI_VERSION ${BROTLI_libbrotlicommon_VERSION}) string(REPLACE ";" " " BROTLI_CFLAGS "${BROTLI_CFLAGS}") message(STATUS "Found Brotli (via pkg-config): ${BROTLI_INCLUDE_DIRS} (found version \"${BROTLI_VERSION}\")") else() diff --git a/CMake/FindLDAP.cmake b/CMake/FindLDAP.cmake index 36ff08e397..0a897aa13f 100644 --- a/CMake/FindLDAP.cmake +++ b/CMake/FindLDAP.cmake @@ -50,7 +50,7 @@ if(CURL_USE_PKGCONFIG AND endif() if(LDAP_FOUND) - set(LDAP_VERSION "${LDAP_ldap_VERSION}") + set(LDAP_VERSION ${LDAP_ldap_VERSION}) string(REPLACE ";" " " LDAP_CFLAGS "${LDAP_CFLAGS}") message(STATUS "Found LDAP (via pkg-config): ${LDAP_INCLUDE_DIRS} (found version \"${LDAP_VERSION}\")") else() diff --git a/CMake/FindMbedTLS.cmake b/CMake/FindMbedTLS.cmake index e1bee7dc4c..11b4f076f4 100644 --- a/CMake/FindMbedTLS.cmake +++ b/CMake/FindMbedTLS.cmake @@ -59,7 +59,7 @@ endif() if(MBEDTLS_FOUND) set(MbedTLS_FOUND TRUE) - set(MBEDTLS_VERSION "${MBEDTLS_mbedtls_VERSION}") + set(MBEDTLS_VERSION ${MBEDTLS_mbedtls_VERSION}) string(REPLACE ";" " " MBEDTLS_CFLAGS "${MBEDTLS_CFLAGS}") message(STATUS "Found MbedTLS (via pkg-config): ${MBEDTLS_INCLUDE_DIRS} (found version \"${MBEDTLS_VERSION}\")") else() diff --git a/CMake/FindNGTCP2.cmake b/CMake/FindNGTCP2.cmake index d3d3835213..cda3b0e08c 100644 --- a/CMake/FindNGTCP2.cmake +++ b/CMake/FindNGTCP2.cmake @@ -86,7 +86,7 @@ if(CURL_USE_PKGCONFIG AND endif() if(NGTCP2_FOUND) - set(NGTCP2_VERSION "${NGTCP2_libngtcp2_VERSION}") + set(NGTCP2_VERSION ${NGTCP2_libngtcp2_VERSION}) string(REPLACE ";" " " NGTCP2_CFLAGS "${NGTCP2_CFLAGS}") message(STATUS "Found NGTCP2 (via pkg-config): ${NGTCP2_INCLUDE_DIRS} (found version \"${NGTCP2_VERSION}\")") else() diff --git a/docs/examples/log_failed_transfers.c b/docs/examples/log_failed_transfers.c index fe5f02f882..9237f69b32 100644 --- a/docs/examples/log_failed_transfers.c +++ b/docs/examples/log_failed_transfers.c @@ -130,7 +130,7 @@ static int mem_add(struct mem *mem, const char *str) } #if defined(__GNUC__) || defined(__clang__) -__attribute__ ((format (printf, 2, 3))) +__attribute__((format(printf, 2, 3))) #endif static int mem_addf(struct mem *mem, const char *format, ...) { diff --git a/docs/examples/usercertinmem.c b/docs/examples/usercertinmem.c index c53fcde9cb..0fb5ab0de9 100644 --- a/docs/examples/usercertinmem.c +++ b/docs/examples/usercertinmem.c @@ -176,9 +176,9 @@ int main(void) /* both VERIFYPEER and VERIFYHOST are set to 0 in this case because there is no CA certificate */ - curl_easy_setopt(ch, CURLOPT_SSL_VERIFYPEER, 0L); curl_easy_setopt(ch, CURLOPT_SSL_VERIFYHOST, 0L); + curl_easy_setopt(ch, CURLOPT_URL, "https://www.example.com/"); curl_easy_setopt(ch, CURLOPT_SSLKEYTYPE, "PEM"); diff --git a/include/curl/curl.h b/include/curl/curl.h index 917b101420..9e07527dc9 100644 --- a/include/curl/curl.h +++ b/include/curl/curl.h @@ -401,12 +401,12 @@ typedef int (*curl_seek_callback)(void *instream, #define CURL_TRAILERFUNC_ABORT 1 typedef size_t (*curl_read_callback)(char *buffer, - size_t size, - size_t nitems, - void *instream); + size_t size, + size_t nitems, + void *instream); typedef int (*curl_trailer_callback)(struct curl_slist **list, - void *userdata); + void *userdata); typedef enum { CURLSOCKTYPE_IPCXN, /* socket created for a specific IP connection */ diff --git a/lib/ldap.c b/lib/ldap.c index 322c870bc2..8db1f41338 100644 --- a/lib/ldap.c +++ b/lib/ldap.c @@ -399,8 +399,8 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done) #ifdef LDAP_OPT_X_TLS if(conn->ssl_config.verifypeer) { /* OpenLDAP SDK supports BASE64 files. */ - if((data->set.ssl.cert_type) && - (!curl_strequal(data->set.ssl.cert_type, "PEM"))) { + if(data->set.ssl.cert_type && + !curl_strequal(data->set.ssl.cert_type, "PEM")) { failf(data, "LDAP local: ERROR OpenLDAP only supports PEM cert-type"); result = CURLE_SSL_CERTPROBLEM; goto quit; diff --git a/lib/urldata.h b/lib/urldata.h index c7e19201fe..19f96bbc17 100644 --- a/lib/urldata.h +++ b/lib/urldata.h @@ -419,12 +419,12 @@ struct hostname { * Flags on the keepon member of the Curl_transfer_keeper */ -#define KEEP_NONE 0 -#define KEEP_RECV (1<<0) /* there is or may be data to read */ -#define KEEP_SEND (1<<1) /* there is or may be data to write */ -#define KEEP_RECV_HOLD (1<<2) /* when set, no reading should be done but there - might still be data to read */ -#define KEEP_SEND_HOLD (1<<3) /* when set, no writing should be done but there +#define KEEP_NONE 0 +#define KEEP_RECV (1<<0) /* there is or may be data to read */ +#define KEEP_SEND (1<<1) /* there is or may be data to write */ +#define KEEP_RECV_HOLD (1<<2) /* when set, no reading should be done but there + might still be data to read */ +#define KEEP_SEND_HOLD (1<<3) /* when set, no writing should be done but there might still be data to write */ #define KEEP_RECV_PAUSE (1<<4) /* reading is paused */ #define KEEP_SEND_PAUSE (1<<5) /* writing is paused */ @@ -543,10 +543,10 @@ struct Curl_handler { followtype type); int defport; /* Default port. */ - curl_prot_t protocol; /* See CURLPROTO_* - this needs to be the single - specific protocol bit */ - curl_prot_t family; /* single bit for protocol family; basically the - non-TLS name of the protocol this is */ + curl_prot_t protocol; /* See CURLPROTO_* - this needs to be the single + specific protocol bit */ + curl_prot_t family; /* single bit for protocol family; basically the + non-TLS name of the protocol this is */ unsigned int flags; /* Extra particular characteristics, see PROTOPT_* */ }; @@ -574,13 +574,13 @@ struct Curl_handler { #define PROTOPT_PROXY_AS_HTTP (1<<11) /* allow this non-HTTP scheme over a HTTP proxy as HTTP proxies may know this protocol and act as a gateway */ -#define PROTOPT_WILDCARD (1<<12) /* protocol supports wildcard matching */ +#define PROTOPT_WILDCARD (1<<12) /* protocol supports wildcard matching */ #define PROTOPT_USERPWDCTRL (1<<13) /* Allow "control bytes" (< 32 ASCII) in username and password */ -#define PROTOPT_NOTCPPROXY (1<<14) /* this protocol cannot proxy over TCP */ -#define PROTOPT_SSL_REUSE (1<<15) /* this protocol may reuse an existing - SSL connection in the same family - without having PROTOPT_SSL. */ +#define PROTOPT_NOTCPPROXY (1<<14) /* this protocol cannot proxy over TCP */ +#define PROTOPT_SSL_REUSE (1<<15) /* this protocol may reuse an existing + SSL connection in the same family + without having PROTOPT_SSL. */ #define CONNCHECK_NONE 0 /* No checks */ #define CONNCHECK_ISDEAD (1<<0) /* Check if the connection is dead. */ diff --git a/lib/vauth/ntlm.c b/lib/vauth/ntlm.c index 4b793b7cdb..1e9b629d8f 100644 --- a/lib/vauth/ntlm.c +++ b/lib/vauth/ntlm.c @@ -842,7 +842,7 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data, result = Curl_bufref_memdup(out, ntlmbuf, size); error: - free(ntlmv2resp);/* Free the dynamic buffer allocated for NTLMv2 */ + free(ntlmv2resp); /* Free the dynamic buffer allocated for NTLMv2 */ Curl_auth_cleanup_ntlm(ntlm); From a13d811044a52fee79acffe8dc67e9a547792267 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 24 Oct 2025 19:21:18 +0200 Subject: [PATCH 0600/2408] lib: delete unused header includes `escape.h`, `getinfo.h`, `strdup.h`. Tested OK with full non-unity CI run. Closes #19231 --- lib/asyn-ares.c | 1 - lib/asyn-thrdd.c | 1 - lib/content_encoding.c | 1 - lib/escape.c | 1 - lib/file.c | 1 - lib/fileinfo.c | 1 - lib/gopher.c | 1 - lib/http2.c | 1 - lib/mqtt.c | 1 - lib/pingpong.c | 1 - lib/sendf.c | 1 - lib/socks_sspi.c | 1 - lib/vquic/curl_ngtcp2.c | 1 - lib/vquic/curl_osslq.c | 1 - lib/vquic/curl_quiche.c | 1 - lib/vssh/libssh.c | 3 --- lib/vssh/libssh2.c | 3 --- lib/vtls/vtls.c | 1 - lib/vtls/vtls_scache.c | 1 - 19 files changed, 23 deletions(-) diff --git a/lib/asyn-ares.c b/lib/asyn-ares.c index 040100acec..094d703ec0 100644 --- a/lib/asyn-ares.c +++ b/lib/asyn-ares.c @@ -61,7 +61,6 @@ #include "progress.h" #include "curlx/timediff.h" #include "httpsrr.h" -#include "strdup.h" #include #include /* really old c-ares did not include this by diff --git a/lib/asyn-thrdd.c b/lib/asyn-thrdd.c index dc13143e24..cb19f86452 100644 --- a/lib/asyn-thrdd.c +++ b/lib/asyn-thrdd.c @@ -64,7 +64,6 @@ #include "multiif.h" #include "curl_threads.h" #include "select.h" -#include "strdup.h" #ifdef USE_ARES #include diff --git a/lib/content_encoding.c b/lib/content_encoding.c index 28cccacdb6..b724b576b4 100644 --- a/lib/content_encoding.c +++ b/lib/content_encoding.c @@ -51,7 +51,6 @@ #include "sendf.h" #include "http.h" #include "content_encoding.h" -#include "strdup.h" /* The last 2 #include files should be in this order */ #include "curl_memory.h" diff --git a/lib/escape.c b/lib/escape.c index e7587e49b4..2064f4d05f 100644 --- a/lib/escape.c +++ b/lib/escape.c @@ -34,7 +34,6 @@ struct Curl_easy; #include "urldata.h" #include "curlx/warnless.h" #include "escape.h" -#include "strdup.h" #include "curlx/strparse.h" #include "curl_printf.h" diff --git a/lib/file.c b/lib/file.c index fe07df5d2a..f45a487c90 100644 --- a/lib/file.c +++ b/lib/file.c @@ -61,7 +61,6 @@ #include "escape.h" #include "file.h" #include "speedcheck.h" -#include "getinfo.h" #include "multiif.h" #include "transfer.h" #include "url.h" diff --git a/lib/fileinfo.c b/lib/fileinfo.c index 47cdb102e3..bddd3fe6fb 100644 --- a/lib/fileinfo.c +++ b/lib/fileinfo.c @@ -26,7 +26,6 @@ #ifndef CURL_DISABLE_FTP -#include "strdup.h" #include "fileinfo.h" #include "curl_memory.h" /* The last #include file should be: */ diff --git a/lib/gopher.c b/lib/gopher.c index 6ff47d58c7..3a6c73e6a2 100644 --- a/lib/gopher.c +++ b/lib/gopher.c @@ -35,7 +35,6 @@ #include "progress.h" #include "gopher.h" #include "select.h" -#include "strdup.h" #include "vtls/vtls.h" #include "url.h" #include "escape.h" diff --git a/lib/http2.c b/lib/http2.c index 4e2d59ff51..36bfd61033 100644 --- a/lib/http2.c +++ b/lib/http2.c @@ -42,7 +42,6 @@ #include "cfilters.h" #include "connect.h" #include "rand.h" -#include "strdup.h" #include "curlx/strparse.h" #include "transfer.h" #include "curlx/dynbuf.h" diff --git a/lib/mqtt.c b/lib/mqtt.c index c76ce0a229..0bf956c05b 100644 --- a/lib/mqtt.c +++ b/lib/mqtt.c @@ -34,7 +34,6 @@ #include "progress.h" #include "mqtt.h" #include "select.h" -#include "strdup.h" #include "url.h" #include "escape.h" #include "curlx/warnless.h" diff --git a/lib/pingpong.c b/lib/pingpong.c index 0a15e33f0a..ac22e2e340 100644 --- a/lib/pingpong.c +++ b/lib/pingpong.c @@ -37,7 +37,6 @@ #include "pingpong.h" #include "multiif.h" #include "vtls/vtls.h" -#include "strdup.h" /* The last 2 #include files should be in this order */ #include "curl_memory.h" diff --git a/lib/sendf.c b/lib/sendf.c index 7307f872df..f2c29956d1 100644 --- a/lib/sendf.c +++ b/lib/sendf.c @@ -50,7 +50,6 @@ #include "multiif.h" #include "strerror.h" #include "select.h" -#include "strdup.h" #include "http2.h" #include "progress.h" #include "curlx/warnless.h" diff --git a/lib/socks_sspi.c b/lib/socks_sspi.c index d4837708a7..a7aa81b75d 100644 --- a/lib/socks_sspi.c +++ b/lib/socks_sspi.c @@ -37,7 +37,6 @@ #include "curl_sspi.h" #include "curlx/multibyte.h" #include "curlx/warnless.h" -#include "strdup.h" /* The last 2 #include files should be in this order */ #include "curl_memory.h" diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index 36265b7371..3b918cd870 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -50,7 +50,6 @@ #include "../url.h" #include "../uint-hash.h" #include "../sendf.h" -#include "../strdup.h" #include "../rand.h" #include "../multiif.h" #include "../cfilters.h" diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c index 84b89e93af..e30cfc648a 100644 --- a/lib/vquic/curl_osslq.c +++ b/lib/vquic/curl_osslq.c @@ -35,7 +35,6 @@ #include "../urldata.h" #include "../hash.h" #include "../sendf.h" -#include "../strdup.h" #include "../rand.h" #include "../multiif.h" #include "../cfilters.h" diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c index 877a230e04..a2ab24bae7 100644 --- a/lib/vquic/curl_quiche.c +++ b/lib/vquic/curl_quiche.c @@ -34,7 +34,6 @@ #include "../cfilters.h" #include "../cf-socket.h" #include "../sendf.h" -#include "../strdup.h" #include "../rand.h" #include "../multiif.h" #include "../connect.h" diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c index e2574b6817..df466dac4c 100644 --- a/lib/vssh/libssh.c +++ b/lib/vssh/libssh.c @@ -51,13 +51,10 @@ #include "../hostip.h" #include "../progress.h" #include "../transfer.h" -#include "../escape.h" #include "../http.h" /* for HTTP proxy tunnel stuff */ #include "ssh.h" #include "../url.h" #include "../speedcheck.h" -#include "../getinfo.h" -#include "../strdup.h" #include "../vtls/vtls.h" #include "../cfilters.h" #include "../connect.h" diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c index bd444c7b87..18e3cdb1d5 100644 --- a/lib/vssh/libssh2.c +++ b/lib/vssh/libssh2.c @@ -50,13 +50,10 @@ #include "../hostip.h" #include "../progress.h" #include "../transfer.h" -#include "../escape.h" #include "../http.h" /* for HTTP proxy tunnel stuff */ #include "ssh.h" #include "../url.h" #include "../speedcheck.h" -#include "../getinfo.h" -#include "../strdup.h" #include "../vtls/vtls.h" #include "../cfilters.h" #include "../connect.h" diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c index 973e4b2c01..3cd60e91b9 100644 --- a/lib/vtls/vtls.c +++ b/lib/vtls/vtls.c @@ -74,7 +74,6 @@ #include "../connect.h" #include "../select.h" #include "../setopt.h" -#include "../strdup.h" #include "../rand.h" #ifdef USE_APPLE_SECTRUST diff --git a/lib/vtls/vtls_scache.c b/lib/vtls/vtls_scache.c index 763b474cfc..8203baa903 100644 --- a/lib/vtls/vtls_scache.c +++ b/lib/vtls/vtls_scache.c @@ -46,7 +46,6 @@ #include "../curl_sha256.h" #include "../rand.h" #include "../curlx/warnless.h" -#include "../strdup.h" /* The last #include files should be: */ #include "../curl_memory.h" From af8c98a0f3cae04b38c3555545eb9619dd91db09 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 24 Oct 2025 20:56:14 +0000 Subject: [PATCH 0601/2408] GHA: bump GitHub artifact Actions - actions/download-artifact: v5.0.0 -> v6.0.0 - actions/upload-artifact: v4.6.2 -> v5.0.0 Closes #19232 --- .github/workflows/distcheck.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/distcheck.yml b/.github/workflows/distcheck.yml index c6b4e775eb..fef5de4f7b 100644 --- a/.github/workflows/distcheck.yml +++ b/.github/workflows/distcheck.yml @@ -49,7 +49,7 @@ jobs: - name: 'maketgz' run: SOURCE_DATE_EPOCH=1711526400 ./scripts/maketgz 99.98.97 - - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: 'release-tgz' path: 'curl-99.98.97.tar.gz' @@ -75,7 +75,7 @@ jobs: timeout-minutes: 10 needs: maketgz-and-verify-in-tree steps: - - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 + - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: name: 'release-tgz' @@ -99,7 +99,7 @@ jobs: timeout-minutes: 10 needs: maketgz-and-verify-in-tree steps: - - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 + - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: name: 'release-tgz' @@ -125,7 +125,7 @@ jobs: timeout-minutes: 10 needs: maketgz-and-verify-in-tree steps: - - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 + - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: name: 'release-tgz' @@ -149,7 +149,7 @@ jobs: timeout-minutes: 10 needs: maketgz-and-verify-in-tree steps: - - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 + - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: name: 'release-tgz' @@ -170,7 +170,7 @@ jobs: timeout-minutes: 5 needs: maketgz-and-verify-in-tree steps: - - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 + - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: name: 'release-tgz' @@ -192,7 +192,7 @@ jobs: timeout-minutes: 5 needs: maketgz-and-verify-in-tree steps: - - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 + - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: name: 'release-tgz' @@ -218,7 +218,7 @@ jobs: with: persist-credentials: false - - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 + - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: name: 'release-tgz' From a3793ee7e3b08c361ab8511beba053c23655ce94 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 24 Oct 2025 23:21:27 +0200 Subject: [PATCH 0602/2408] GHA/windows: delete MSYS2 ARM64 workaround Follow-up to 5249b99a70be6d5689092e3cbe1f938e98124569 #18438 Follow-up to c4e776cafa22533fe8a6113a39f6a9f624e8c467 #17103 Closes #19234 --- .github/workflows/windows.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index 242d1e3e44..1090857fe2 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -238,7 +238,6 @@ jobs: if: ${{ matrix.sys != 'msys' }} with: msystem: ${{ matrix.sys }} - update: ${{ matrix.sys == 'clangarm64' }} # delete this line on next msys2/setup-msys2 bump install: >- mingw-w64-${{ matrix.env }}-cc mingw-w64-${{ matrix.env }}-${{ matrix.build }} ${{ matrix.build == 'autotools' && 'make' || '' }} From 3e12ed955bd54b738fa882b29dd8439fe919af4c Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 23 Oct 2025 16:25:24 +0200 Subject: [PATCH 0603/2408] schannel: lower the maximum allowed time to block to 7 seconds During TLS renegotiation, the schannel_recv_renegotiate() function is allowed to block for a short while. Reduce the maximum allowed time to block from 10 minutes down to 7 seconds. Closes #19205 --- lib/vtls/schannel.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index 0178659f9a..0561d6fbdd 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -1691,6 +1691,8 @@ enum schannel_renegotiate_caller_t { SCH_RENEG_CALLER_IS_SEND }; +#define MAX_RENEG_BLOCK_TIME (7 * 1000) /* 7 seconds in milliseconds */ + /* This function renegotiates the connection due to a server request received by schannel_recv. This function returns CURLE_AGAIN if the renegotiation is incomplete. In that case, we remain in the renegotiation (connecting) stage @@ -1702,7 +1704,6 @@ schannel_recv_renegotiate(struct Curl_cfilter *cf, struct Curl_easy *data, { CURLcode result; curl_socket_t sockfd; - const timediff_t max_renegotiate_ms = 5 * 60 * 1000; /* 5 minutes */ struct ssl_connect_data *connssl = cf->ctx; struct schannel_ssl_backend_data *backend = (struct schannel_ssl_backend_data *)connssl->backend; @@ -1743,7 +1744,7 @@ schannel_recv_renegotiate(struct Curl_cfilter *cf, struct Curl_easy *data, timediff_t elapsed; elapsed = curlx_timediff(curlx_now(), rs->start_time); - if(elapsed >= max_renegotiate_ms) { + if(elapsed >= MAX_RENEG_BLOCK_TIME) { failf(data, "schannel: renegotiation timeout"); result = CURLE_SSL_CONNECT_ERROR; break; @@ -1810,12 +1811,12 @@ schannel_recv_renegotiate(struct Curl_cfilter *cf, struct Curl_easy *data, } elapsed = curlx_timediff(curlx_now(), rs->start_time); - if(elapsed >= max_renegotiate_ms) { + if(elapsed >= MAX_RENEG_BLOCK_TIME) { failf(data, "schannel: renegotiation timeout"); result = CURLE_SSL_CONNECT_ERROR; break; } - remaining = max_renegotiate_ms - elapsed; + remaining = MAX_RENEG_BLOCK_TIME - elapsed; if(blocking) { timeout = Curl_timeleft(data, NULL, FALSE); From 6f36d58c25ae0b88e55f8a2c34c422d0a1f9295f Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 25 Oct 2025 17:55:58 +0200 Subject: [PATCH 0604/2408] RELEASE-NOTES: synced --- RELEASE-NOTES | 89 ++++++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 74 insertions(+), 15 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 01d0511d4c..673a61052a 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -4,7 +4,7 @@ curl and libcurl 8.17.0 Command line options: 273 curl_easy_setopt() options: 308 Public functions in libcurl: 100 - Contributors: 3523 + Contributors: 3529 This release includes the following changes: @@ -33,6 +33,7 @@ This release includes the following bugfixes: o autotools: fix duplicate UNIX and BSD flags in buildinfo.txt [113] o autotools: fix silly mistake in clang detection for buildinfo.txt [114] o autotools: make --enable-code-coverage support llvm/clang [79] + o autotools: merge `if`s in GnuTLS/OpenSSL feature detection [385] o aws-lc: re-enable large read-ahead with v1.61.0 again [16] o base64: accept zero length argument to base64_encode [82] o build: address some -Weverything warnings, update picky warnings [74] @@ -50,6 +51,7 @@ This release includes the following bugfixes: o cf-socket: tweak a memcpy() to read better [177] o cf-socket: use the right byte order for ports in bindlocal [61] o cfilter: unlink and discard [46] + o cfilters: check return code from Curl_pollset_set_out_only() [402] o checksrc: allow disabling warnings on FIXME/TODO comments [324] o checksrc: catch banned functions when preceded by ( [146] o checksrc: fix possible endless loop when detecting BANNEDFUNC [149] @@ -80,6 +82,7 @@ This release includes the following bugfixes: o cmdline-opts/_PROGRESS.md: explain the suffixes [154] o configure: add "-mt" for pthread support on HP-UX [52] o conn: fix hostname move on connection reuse [272] + o connect: for CONNECT_ONLY, CURLOPT_TIMEOUT does not apply [404] o connect: remove redundant condition in shutdown start [289] o cookie: avoid saving a cookie file if no transfer was done [11] o cookie: only count accepted cookies in Curl_cookie_add [364] @@ -88,6 +91,7 @@ This release includes the following bugfixes: o curl_easy_getinfo: error code on NULL arg [2] o curl_easy_setopt.md: add missing CURLOPT_POSTFIELDS [319] o curl_mem_undef.h: limit to CURLDEBUG for non-memalloc overrides [19] + o curl_ngtcp2: fix `-Wunreachable-code` with H3 !verbose !unity clang [383] o curl_osslq: error out properly if BIO_ADDR_rawmake() fails [184] o curl_path: make sure just whitespace is illegal [351] o Curl_resolv: fix comment. 'entry' argument is not optional [187] @@ -99,6 +103,7 @@ This release includes the following bugfixes: o CURLOPT_MAXLIFETIME_CONN: make default 24 hours [10] o CURLOPT_SSL_VERIFYHOST.md: add see-also to two other VERIFYHOST options [32] o CURLOPT_TIMECONDITION.md: works for FILE and FTP as well [27] + o cw-out: unify the error handling pattern in cw_out_do_write [414] o digest_sspi: fix two memory leaks in error branches [77] o dist: do not distribute CI.md [29] o docs/cmdline-opts: drop double quotes from GLOBBING and URL examples [238] @@ -129,14 +134,20 @@ This release includes the following bugfixes: o firefox-db2pem.sh: add macOS support, tidy-ups [348] o form.md: drop reference to MANUAL [178] o ftp: add extra buffer length check [195] + o ftp: check errors on remote ip for data connection [423] o ftp: fix ftp_do_more returning with *completep unset [122] o ftp: fix port number range loop for PORT commands [66] o ftp: fix the 213 scanner memchr buffer limit argument [196] o ftp: improve fragile check for first digit > 3 [194] + o ftp: reduce size of some struct fields [418] + o ftp: remove 'newhost' and 'newport' from the ftp_conn struct [419] o ftp: remove misleading comments [193] + o ftp: remove the retr_size_saved struct field [416] + o ftp: remove the state_saved struct field [417] o ftp: replace strstr() in ;type= handling [313] o ftp: simplify the 150/126 size scanner [288] o gnutls: check conversion of peer cert chain [275] + o gnutls: fix re-handshake comments [422] o gtls: avoid potential use of uninitialized variable in trace output [83] o hmac: free memory properly on errors [377] o hostip: don't store negative resolves due unrelated errors [256] @@ -149,8 +160,10 @@ This release includes the following bugfixes: o http: handle user-defined connection headers [165] o http: look for trailing 'type=' in ftp:// without strstr [315] o http: make Content-Length parser more WHATWG [183] + o http: only accept ';' as a separator for custom headers [407] o http: return error for a second Location: header [393] o httpsrr: free old pointers when storing new [57] + o imap: parse and use UIDVALIDITY as a number [420] o imap: treat capabilities case insensitively [345] o INSTALL-CMAKE.md: add manual configuration examples [360] o INSTALL-CMAKE.md: document useful build targets [215] @@ -171,6 +184,7 @@ This release includes the following bugfixes: o ldap: do not pass a \n to failf() [370] o ldap: tidy-up types, fix error code confusion [191] o lib1514: fix return code mixup [304] + o lib: delete unused crypto header includes [384] o lib: drop unused include and duplicate guards [226] o lib: fix build error with verbose strings disabled [173] o lib: remove newlines from failf() calls [366] @@ -213,13 +227,17 @@ This release includes the following bugfixes: o managen: verify the options used in example lines [181] o mbedtls: add support for 4.0.0 [344] o mbedtls: check result of setting ALPN [127] + o mbedtls: fix building with <3.6.1 [400] + o mbedtls: fix building with sha-256 missing from PSA [391] o mbedtls: handle WANT_WRITE from mbedtls_ssl_read() [145] + o md4: drop mbedtls implementation (not available in mbedtls v3+) [406] o mdlinkcheck: reject URLs containing quotes [174] o memdup0: handle edge case [241] o mime: fix unpausing of readers [375] o mime: fix use of fseek() [334] o multi.h: add CURLMINFO_LASTENTRY [51] o multi_ev: remove unnecessary data check that confuses analysers [167] + o netrc: when the cached file is discarded, unmark it as loaded [409] o nghttp3: return NGHTTP3_ERR_CALLBACK_FAILURE from recv_header [227] o ngtcp2: add a comment explaining write result handling [340] o ngtcp2: adopt ngtcp2_conn_get_stream_user_data if available [362] @@ -230,6 +248,8 @@ This release includes the following bugfixes: o ngtcp2: fix handling of blocked stream data [236] o ngtcp2: fix returns when TLS verify failed [251] o noproxy: fix the IPV6 network mask pattern match [166] + o NTLM: disable if DES support missing from OpenSSL or mbedTLS [399] + o ntlm: improved error path on bad incoming NTLM TYPE3 message [412] o openldap: avoid indexing the result at -1 for blank responses [44] o openldap: check ber_sockbuf_add_io() return code [163] o openldap: check ldap_get_option() return codes [119] @@ -251,6 +271,7 @@ This release includes the following bugfixes: o openssl: fix unable do typo in failf() calls [341] o openssl: free UI_METHOD on exit path [373] o openssl: make the asn1_object_dump name null terminated [56] + o openssl: only try engine/provider if a cert file/name is provided [415] o openssl: set io_need always [99] o openssl: skip session resumption when verifystatus is set [230] o os400: document threads handling in code. [254] @@ -279,6 +300,7 @@ This release includes the following bugfixes: o sasl: clear canceled mechanism instead of toggling it [41] o schannel: assign result before using it [62] o schannel: fix memory leak [363] + o schannel: lower the maximum allowed time to block to 7 seconds [333] o schannel_verify: do not call infof with an appended \n [371] o schannel_verify: fix mem-leak in Curl_verify_host [208] o schannel_verify: use more human friendly error messages [96] @@ -290,6 +312,7 @@ This release includes the following bugfixes: o smb: adjust buffer size checks [45] o smb: transfer debugassert to real check [303] o smtp: check EHLO responses case insensitively [50] + o smtp: fix EOB handling [410] o smtp: return value ignored [357] o socks: advance iobuf instead of reset [276] o socks: avoid UAF risk in error path [359] @@ -348,6 +371,7 @@ This release includes the following bugfixes: o tool_cb_hdr: fix fwrite check in header callback [49] o tool_cb_hdr: size is always 1 [70] o tool_cb_rea: use poll instead of select if available [329] + o tool_cfgable: remove superfluous free calls [403] o tool_doswin: fix to use curl socket functions [108] o tool_filetime: cap crazy file times instead of erroring [327] o tool_filetime: replace cast with the fitting printf mask (Windows) [212] @@ -368,6 +392,7 @@ This release includes the following bugfixes: o tool_progress: handle possible integer overflows [164] o tool_progress: make max5data() use an algorithm [170] o transfer: avoid busy loop with tiny speed limit [100] + o transfer: fix retry for empty downloads on reuse [411] o transfer: reset retry count on each request [310] o unit1323: sync time types and printf masks, drop casts [211] o unit1664: drop casts, expand masks to full values [221] @@ -378,9 +403,13 @@ This release includes the following bugfixes: o vauth/digest: improve the digest parser [203] o version: add GSS backend name and version [353] o vquic: fix idle-timeout checks (ms<-->ns), 64-bit log & honor 0=no-timeout [249] + o vquic: fix recvmsg loop for max_pkts [421] o vquic: handling of io improvements [239] o vquic: sending non-gso packets fix for EAGAIN [265] o vtls: alpn setting, check proto parameter [134] + o vtls: drop duplicate `CURL_SHA256_DIGEST_LENGTH` definition [387] + o vtls: remove call to PKCS12_PBE_add() [408] + o vtls: unify the error handling in ssl_cf_connect(). [413] o vtls_int.h: clarify data_pending [124] o vtls_scache: fix race condition [157] o windows: replace _beginthreadex() with CreateThread() [80] @@ -419,21 +448,22 @@ Planned upcoming removals include: This release would not have looked like this without help, code, reports and advice from friends like these: - Adam Light, Alice Lee Poetics, Andrei Kurushin, Andrew Kirillov, - Andrew Olsen, BobodevMm on github, Christian Schmitz, curl.stunt430, - Dan Fandrich, Daniel Stenberg, Daniel Terhorst-North, dependabot[bot], - divinity76 on github, Emilio Pozuelo Monfort, Emre Çalışkan, Ethan Everett, - Evgeny Grin (Karlson2k), fds242 on github, Harry Sintonen, Howard Chu, - Ignat Loskutov, Jakub Stasiak, James Fuller, Javier Blazquez, Jicea, - jmaggard10 on github, Jochen Sprickerhof, Johannes Schindelin, + Adam Light, Alexander Blach, Alice Lee Poetics, Andrei Kurushin, + Andrew Kirillov, Andrew Olsen, BobodevMm on github, Christian Schmitz, + curl.stunt430, Dalei, Dan Fandrich, Daniel Stenberg, Daniel Terhorst-North, + dependabot[bot], divinity76 on github, Emilio Pozuelo Monfort, Emre Çalışkan, + Ethan Everett, Evgeny Grin (Karlson2k), fds242 on github, Harry Sintonen, + Howard Chu, Ignat Loskutov, Jakub Stasiak, James Fuller, Javier Blazquez, + Jicea, jmaggard10 on github, Jochen Sprickerhof, Johannes Schindelin, Jonathan Cardoso Machado, Joseph Birr-Pixton, Joshua Rogers, - kapsiR on github, kuchara on github, Marcel Raad, Michael Osipov, - Michał Petryka, Mitchell Blank Jr, Mohamed Daahir, Nir Azkiel, - Patrick Monnerat, plv1313 on github, Pocs Norbert, Ray Satiro, renovate[bot], - rinsuki on github, Sakthi SK, Samuel Dionne-Riel, Samuel Henrique, - Stanislav Fort, Stefan Eissing, Tatsuhiro Tsujikawa, tkzv on github, - Viktor Szakats, WangDaLei on github, Xiaoke Wang, Yedaya Katsman, 包布丁 - (57 contributors) + kapsiR on github, kuchara on github, madoe on github, Marcel Raad, + Michael Osipov, Michał Petryka, Mitchell Blank Jr, Mohamed Daahir, + Nir Azkiel, Patrick Monnerat, Pavel P, plv1313 on github, Pocs Norbert, + Ray Satiro, renovate[bot], rinsuki on github, Sakthi SK, Samuel Dionne-Riel, + Samuel Henrique, Stanislav Fort, Stefan Eissing, Tatsuhiro Tsujikawa, + Theo Buehler, Tim Becker, tkzv on github, Viktor Szakats, + WangDaLei on github, Xiaoke Wang, Yedaya Katsman, 包布丁 + (63 contributors) References to bug reports and discussions on issues: @@ -769,6 +799,7 @@ References to bug reports and discussions on issues: [330] = https://curl.se/bug/?i=19101 [331] = https://curl.se/bug/?i=19046 [332] = https://curl.se/bug/?i=19102 + [333] = https://curl.se/bug/?i=19205 [334] = https://curl.se/bug/?i=19100 [335] = https://curl.se/bug/?i=19125 [336] = https://curl.se/bug/?i=19145 @@ -814,9 +845,37 @@ References to bug reports and discussions on issues: [379] = https://curl.se/bug/?i=19163 [380] = https://curl.se/bug/?i=19168 [382] = https://curl.se/bug/?i=19170 + [383] = https://curl.se/bug/?i=19226 + [384] = https://curl.se/bug/?i=19225 + [385] = https://curl.se/bug/?i=19222 [386] = https://curl.se/bug/?i=19018 + [387] = https://curl.se/bug/?i=19224 [388] = https://curl.se/bug/?i=19161 [389] = https://curl.se/bug/?i=19160 [390] = https://curl.se/bug/?i=19137 + [391] = https://curl.se/bug/?i=19223 [393] = https://curl.se/bug/?i=19130 [394] = https://curl.se/bug/?i=19153 + [399] = https://curl.se/bug/?i=19206 + [400] = https://curl.se/bug/?i=19208 + [402] = https://curl.se/bug/?i=19211 + [403] = https://curl.se/bug/?i=19213 + [404] = https://curl.se/bug/?i=18991 + [406] = https://curl.se/bug/?i=19202 + [407] = https://curl.se/bug/?i=19200 + [408] = https://curl.se/bug/?i=19201 + [409] = https://curl.se/bug/?i=19199 + [410] = https://curl.se/bug/?i=18798 + [411] = https://curl.se/bug/?i=19165 + [412] = https://curl.se/bug/?i=19198 + [413] = https://curl.se/bug/?i=19196 + [414] = https://curl.se/bug/?i=19195 + [415] = https://issues.oss-fuzz.com/issues/435278402 + [416] = https://curl.se/bug/?i=19194 + [417] = https://curl.se/bug/?i=19192 + [418] = https://curl.se/bug/?i=19191 + [419] = https://curl.se/bug/?i=19190 + [420] = https://curl.se/bug/?i=19188 + [421] = https://curl.se/bug/?i=19186 + [422] = https://curl.se/bug/?i=19187 + [423] = https://curl.se/bug/?i=19185 From c59bf9018633fadf253c44d3bf63ea67cc1ed76e Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 25 Oct 2025 09:42:00 +0000 Subject: [PATCH 0605/2408] GHA: update nghttp2/nghttp2 to v1.68.0 Closes #19238 --- .github/workflows/http3-linux.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index b29a3076f9..c532a35c15 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -55,7 +55,7 @@ env: # renovate: datasource=github-tags depName=ngtcp2/ngtcp2 versioning=semver registryUrl=https://github.com NGTCP2_VERSION: 1.17.0 # renovate: datasource=github-tags depName=nghttp2/nghttp2 versioning=semver registryUrl=https://github.com - NGHTTP2_VERSION: 1.67.1 + NGHTTP2_VERSION: 1.68.0 # renovate: datasource=github-tags depName=cloudflare/quiche versioning=semver registryUrl=https://github.com QUICHE_VERSION: 0.24.6 From 18119eb91654e689d3a402e7c5bd8a2c184ac08a Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 25 Oct 2025 10:45:39 +0200 Subject: [PATCH 0606/2408] ECH.md: make OpenSSL branch clone instructions work Closes #19237 --- docs/ECH.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/docs/ECH.md b/docs/ECH.md index d39f4b2f36..b40cd17e78 100644 --- a/docs/ECH.md +++ b/docs/ECH.md @@ -22,9 +22,8 @@ To build the OpenSSL project's ECH feature branch: ```sh cd $HOME/code -git clone https://github.com/openssl/openssl +git clone https://github.com/openssl/openssl --branch feature/ech cd openssl -git checkout feature/ech ./config --libdir=lib --prefix=$HOME/code/openssl-local-inst ...stuff... make -j8 From 4f03e3fcbd2857be1821fbac4875592c2a81feff Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 20 Oct 2025 22:23:39 +0200 Subject: [PATCH 0607/2408] socks_gssapi: also reset buffer length after free To mimic this behavior of the previously used `gss_release_buffer()`. Some or all of these zero assignments may be redundant. Follow-up to e7818999dbeff5acb00c032860d2259a1c5f9c5b #19018 Closes #19167 --- lib/socks_gssapi.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/lib/socks_gssapi.c b/lib/socks_gssapi.c index 9b0b31792b..34380ae9a0 100644 --- a/lib/socks_gssapi.c +++ b/lib/socks_gssapi.c @@ -167,6 +167,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, } Curl_safefree(service.value); + service.length = 0; if(check_gss_err(data, gss_major_status, gss_minor_status, "gss_import_name()")) { @@ -191,8 +192,10 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, TRUE, &gss_ret_flags); - if(gss_token != GSS_C_NO_BUFFER) + if(gss_token != GSS_C_NO_BUFFER) { Curl_safefree(gss_recv_token.value); + gss_recv_token.length = 0; + } if(check_gss_err(data, gss_major_status, gss_minor_status, "gss_init_sec_context") || /* the size needs to fit in a 16 bit field */ @@ -293,6 +296,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, failf(data, "Failed to receive GSS-API authentication token."); gss_release_name(&gss_status, &server); Curl_safefree(gss_recv_token.value); + gss_recv_token.length = 0; Curl_gss_delete_sec_context(&gss_status, &gss_context, NULL); return CURLE_COULDNT_CONNECT; } @@ -403,12 +407,14 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, if(check_gss_err(data, gss_major_status, gss_minor_status, "gss_wrap")) { Curl_safefree(gss_send_token.value); + gss_send_token.length = 0; gss_release_buffer(&gss_status, &gss_w_token); Curl_gss_delete_sec_context(&gss_status, &gss_context, NULL); failf(data, "Failed to wrap GSS-API encryption value into token."); return CURLE_COULDNT_CONNECT; } Curl_safefree(gss_send_token.value); + gss_send_token.length = 0; us_length = htons((unsigned short)gss_w_token.length); memcpy(socksreq + 2, &us_length, sizeof(short)); @@ -482,6 +488,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, if(result || (actualread != us_length)) { failf(data, "Failed to receive GSS-API encryption type."); Curl_safefree(gss_recv_token.value); + gss_recv_token.length = 0; Curl_gss_delete_sec_context(&gss_status, &gss_context, NULL); return CURLE_COULDNT_CONNECT; } @@ -493,12 +500,14 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, if(check_gss_err(data, gss_major_status, gss_minor_status, "gss_unwrap")) { Curl_safefree(gss_recv_token.value); + gss_recv_token.length = 0; gss_release_buffer(&gss_status, &gss_w_token); Curl_gss_delete_sec_context(&gss_status, &gss_context, NULL); failf(data, "Failed to unwrap GSS-API encryption value into token."); return CURLE_COULDNT_CONNECT; } Curl_safefree(gss_recv_token.value); + gss_recv_token.length = 0; if(gss_w_token.length != 1) { failf(data, "Invalid GSS-API encryption response length (%zu).", @@ -516,12 +525,14 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, failf(data, "Invalid GSS-API encryption response length (%zu).", gss_recv_token.length); Curl_safefree(gss_recv_token.value); + gss_recv_token.length = 0; Curl_gss_delete_sec_context(&gss_status, &gss_context, NULL); return CURLE_COULDNT_CONNECT; } memcpy(socksreq, gss_recv_token.value, gss_recv_token.length); Curl_safefree(gss_recv_token.value); + gss_recv_token.length = 0; } (void)curlx_nonblock(sock, TRUE); From b602de775ed59f6f40c76c5b928ba677613c3923 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 25 Oct 2025 22:28:01 +0200 Subject: [PATCH 0608/2408] test776: set as 'flaky' I have not figured out why, but having this test failing in CI every so often is disturbing. Reported-by: Viktor Szakatas Fixes #19235 Closes #19243 --- tests/data/test776 | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/data/test776 b/tests/data/test776 index 214cd5028e..fc4f06d6f7 100644 --- a/tests/data/test776 +++ b/tests/data/test776 @@ -5,6 +5,7 @@ HTTP HTTP GET HTTP NTLM auth NTLM +flaky From a49e4e3d16991465144558f405b2d7972824abb0 Mon Sep 17 00:00:00 2001 From: TheBitBrine Date: Sun, 26 Oct 2025 03:15:07 +0000 Subject: [PATCH 0609/2408] pop3: fix CAPA response termination detection The code was checking if a line starts with '.', which would incorrectly match capability names starting with dots. Per RFC 2449, the terminator must be a line containing only a single dot. RFC 2449 also explicitly excludes '.' from valid capability name starting characters, so this is purely theoretical, but the code should match the spec. Changed to check for exact match: line length of 3 with '.\r' or length 2 with '.\n' to handle both CRLF and LF-only servers. (Mistake detected with ZeroPath) Fixes #19228 Reported-by: Joshua Rogers Closes #19245 --- lib/pop3.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/pop3.c b/lib/pop3.c index 2fd496cb31..c6b6ed659c 100644 --- a/lib/pop3.c +++ b/lib/pop3.c @@ -323,8 +323,10 @@ static bool pop3_endofresp(struct Curl_easy *data, struct connectdata *conn, /* Are we processing CAPA command responses? */ if(pop3c->state == POP3_CAPA) { - /* Do we have the terminating line? */ - if(len >= 1 && line[0] == '.') + /* Do we have the terminating line? Per RFC 2449 this is a line + containing only a single dot */ + if((len == 3 && line[0] == '.' && line[1] == '\r') || + (len == 2 && line[0] == '.' && line[1] == '\n')) /* Treat the response as a success */ *resp = '+'; else From ab20bb47cf4c4869d7f7e82c9492dd738f52bacd Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 27 Oct 2025 07:02:39 +0100 Subject: [PATCH 0610/2408] GHA/linux: make OpenLDAP local build smaller By disabling its `slapd` component, that's not needed for curl. Cache size: 2.7 -> 1.7 MB Also merge two `make` invocations. Closes #19250 --- .github/workflows/linux.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 527c9ce607..e28354c257 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -496,8 +496,7 @@ jobs: curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \ --location "https://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-${OPENLDAP_VERSION}.tgz" | tar -xz cd "openldap-${OPENLDAP_VERSION}" - ./configure --enable-static --disable-shared --prefix=/home/runner/openldap-static - make + ./configure --enable-static --disable-shared --disable-slapd --prefix=/home/runner/openldap-static make install - name: 'cache openssl (thread sanitizer)' From fb0c014e30e5f4de7aa0d566c52c836a6423da29 Mon Sep 17 00:00:00 2001 From: Samuel Henrique Date: Sun, 26 Oct 2025 17:34:46 +0000 Subject: [PATCH 0611/2408] wcurl: sync to +dev snapshot Closes #19247 --- scripts/wcurl | 36 +++++++++++++++++++++++++++++------- 1 file changed, 29 insertions(+), 7 deletions(-) diff --git a/scripts/wcurl b/scripts/wcurl index 1014779e13..b1a06efe58 100755 --- a/scripts/wcurl +++ b/scripts/wcurl @@ -29,7 +29,7 @@ # Stop on errors and on usage of unset variables. set -eu -VERSION="2025.09.27" +VERSION="2025.09.27+dev" PROGRAM_NAME="$(basename "$0")" readonly PROGRAM_NAME @@ -65,7 +65,7 @@ Options: multiple times, only the last value is considered. --no-decode-filename: Don't percent-decode the output filename, even if the percent-encoding in - the URL was done by wcurl, e.g.: The URL contained whitespaces. + the URL was done by wcurl, e.g.: The URL contained whitespace. --dry-run: Don't actually execute curl, just print what would be invoked. @@ -77,7 +77,7 @@ Options: instead forwarded to the curl invocation. : URL to be downloaded. Anything that is not a parameter is considered - an URL. Whitespaces are percent-encoded and the URL is passed to curl, which + an URL. Whitespace is percent-encoded and the URL is passed to curl, which then performs the parsing. May be specified more than once. _EOF_ } @@ -113,6 +113,13 @@ readonly PER_URL_PARAMETERS="\ --remote-time \ --retry 5 " +# Valid percent-encode codes that are considered unsafe to be decoded. +# This is a list of space-separated percent-encoded uppercase +# characters. +# 2F = / +# 5C = \ +readonly UNSAFE_PERCENT_ENCODE="2F 5C" + # Whether to invoke curl or not. DRY_RUN="false" @@ -137,6 +144,20 @@ is_subset_of() esac } +# Indicate via exit code whether the HTML code given in the first +# parameter is safe to be decoded. +is_safe_percent_encode() +{ + upper_str=$(printf "%s" "${1}" | tr "[:lower:]" "[:upper:]") + for unsafe in ${UNSAFE_PERCENT_ENCODE}; do + if [ "${unsafe}" = "${upper_str}" ]; then + return 1 + fi + done + + return 0 +} + # Print the given string percent-decoded. percent_decode() { @@ -151,9 +172,10 @@ percent_decode() decode_out="${decode_out}${decode_hex2}" # Skip decoding if this is a control character (00-1F). # Skip decoding if DECODE_FILENAME is not "true". - if is_subset_of "${decode_hex1}" "23456789abcdefABCDEF" \ + if [ "${DECODE_FILENAME}" = "true" ] \ + && is_subset_of "${decode_hex1}" "23456789abcdefABCDEF" \ && is_subset_of "${decode_hex2}" "0123456789abcdefABCDEF" \ - && [ "${DECODE_FILENAME}" = "true" ]; then + && is_safe_percent_encode "${decode_out}"; then # Use printf to decode it into octal and then decode it to the final format. decode_out="$(printf "%b" "\\$(printf %o "0x${decode_hex1}${decode_hex2}")")" fi @@ -301,7 +323,7 @@ while [ -n "${1-}" ]; do # This is the start of the list of URLs. shift for url in "$@"; do - # Encode whitespaces into %20, since wget supports those URLs. + # Encode whitespace into %20, since wget supports those URLs. newurl=$(printf "%s\n" "${url}" | sed 's/ /%20/g') URLS="${URLS} ${newurl}" done @@ -314,7 +336,7 @@ while [ -n "${1-}" ]; do *) # This must be a URL. - # Encode whitespaces into %20, since wget supports those URLs. + # Encode whitespace into %20, since wget supports those URLs. newurl=$(printf "%s\n" "${1}" | sed 's/ /%20/g') URLS="${URLS} ${newurl}" ;; From cdd945e486392dd9f337e8e0edd6d6f7d8ddc524 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 25 Oct 2025 18:48:36 +0200 Subject: [PATCH 0612/2408] http_proxy: fix adding custom proxy headers Reported-by: Joshua Rogers Fixes #19227 Closes #19239 --- lib/http_proxy.c | 111 ++++++++++++++++++++--------------------------- 1 file changed, 47 insertions(+), 64 deletions(-) diff --git a/lib/http_proxy.c b/lib/http_proxy.c index 845ba2e8f8..f6e546b9fd 100644 --- a/lib/http_proxy.c +++ b/lib/http_proxy.c @@ -48,18 +48,11 @@ #include "curl_memory.h" #include "memdebug.h" -static bool hd_name_eq(const char *n1, size_t n1len, - const char *n2, size_t n2len) -{ - return (n1len == n2len) ? curl_strnequal(n1, n2, n1len) : FALSE; -} - static CURLcode dynhds_add_custom(struct Curl_easy *data, bool is_connect, int httpversion, struct dynhds *hds) { struct connectdata *conn = data->conn; - const char *ptr; struct curl_slist *h[2]; struct curl_slist *headers; int numlists = 1; /* by default */ @@ -95,86 +88,76 @@ static CURLcode dynhds_add_custom(struct Curl_easy *data, /* loop through one or two lists */ for(i = 0; i < numlists; i++) { for(headers = h[i]; headers; headers = headers->next) { - const char *name, *value; - size_t namelen, valuelen; + struct Curl_str name; + const char *value = NULL; + size_t valuelen = 0; + const char *ptr = headers->data; /* There are 2 quirks in place for custom headers: * 1. setting only 'name:' to suppress a header from being sent * 2. setting only 'name;' to send an empty (illegal) header */ - ptr = strchr(headers->data, ':'); - if(ptr) { - name = headers->data; - namelen = ptr - headers->data; - ptr++; /* pass the colon */ - curlx_str_passblanks(&ptr); - if(*ptr) { - value = ptr; - valuelen = strlen(value); + if(!curlx_str_cspn(&ptr, &name, ";:")) { + if(!curlx_str_single(&ptr, ':')) { + curlx_str_passblanks(&ptr); + if(*ptr) { + value = ptr; + valuelen = strlen(value); + } + else { + /* quirk #1, suppress this header */ + continue; + } } - else { - /* quirk #1, suppress this header */ + else if(!curlx_str_single(&ptr, ';')) { + curlx_str_passblanks(&ptr); + if(!*ptr) { + /* quirk #2, send an empty header */ + value = ""; + valuelen = 0; + } + else { + /* this may be used for something else in the future, + * ignore this for now */ + continue; + } + } + else + /* neither : nor ; in provided header value. We ignore this + * silently */ continue; - } } - else { - ptr = strchr(headers->data, ';'); + else + /* no name, move on */ + continue; - if(!ptr) { - /* neither : nor ; in provided header value. We seem - * to ignore this silently */ - continue; - } - - name = headers->data; - namelen = ptr - headers->data; - ptr++; /* pass the semicolon */ - curlx_str_passblanks(&ptr); - if(!*ptr) { - /* quirk #2, send an empty header */ - value = ""; - valuelen = 0; - } - else { - /* this may be used for something else in the future, - * ignore this for now */ - continue; - } - } - - DEBUGASSERT(name && value); + DEBUGASSERT(curlx_strlen(&name) && value); if(data->state.aptr.host && /* a Host: header was sent already, do not pass on any custom Host: header as that will produce *two* in the same request! */ - hd_name_eq(name, namelen, STRCONST("Host:"))) - ; + curlx_str_casecompare(&name, "Host")); else if(data->state.httpreq == HTTPREQ_POST_FORM && /* this header (extended by formdata.c) is sent later */ - hd_name_eq(name, namelen, STRCONST("Content-Type:"))) - ; + curlx_str_casecompare(&name, "Content-Type")); else if(data->state.httpreq == HTTPREQ_POST_MIME && /* this header is sent later */ - hd_name_eq(name, namelen, STRCONST("Content-Type:"))) - ; + curlx_str_casecompare(&name, "Content-Type")); else if(data->req.authneg && /* while doing auth neg, do not allow the custom length since we will force length zero then */ - hd_name_eq(name, namelen, STRCONST("Content-Length:"))) - ; + curlx_str_casecompare(&name, "Content-Length")); else if((httpversion >= 20) && - hd_name_eq(name, namelen, STRCONST("Transfer-Encoding:"))) - /* HTTP/2 and HTTP/3 do not support chunked requests */ - ; - else if((hd_name_eq(name, namelen, STRCONST("Authorization:")) || - hd_name_eq(name, namelen, STRCONST("Cookie:"))) && + curlx_str_casecompare(&name, "Transfer-Encoding")); + /* HTTP/2 and HTTP/3 do not support chunked requests */ + else if((curlx_str_casecompare(&name, "Authorization") || + curlx_str_casecompare(&name, "Cookie")) && /* be careful of sending this potentially sensitive header to other hosts */ - !Curl_auth_allowed_to_host(data)) - ; + !Curl_auth_allowed_to_host(data)); else { - CURLcode result; - - result = Curl_dynhds_add(hds, name, namelen, value, valuelen); + CURLcode result = + Curl_dynhds_add(hds, curlx_str(&name), curlx_strlen(&name), + value, valuelen); if(result) return result; } From f9dfabb42a79616d00fac48ac3deae28d797a856 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 25 Oct 2025 18:58:49 +0200 Subject: [PATCH 0613/2408] test1802: test --proxy-headers and --headers setting user-agent --- tests/data/Makefile.am | 2 +- tests/data/test1802 | 63 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 64 insertions(+), 1 deletion(-) create mode 100644 tests/data/test1802 diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am index 595943fb67..1d7445363d 100644 --- a/tests/data/Makefile.am +++ b/tests/data/Makefile.am @@ -230,7 +230,7 @@ test1680 test1681 test1682 test1683 \ test1700 test1701 test1702 test1703 test1704 test1705 test1706 test1707 \ test1708 test1709 test1710 test1711 \ \ -test1800 test1801 \ +test1800 test1801 test1802 \ \ test1900 test1901 test1902 test1903 test1904 test1905 test1906 test1907 \ test1908 test1909 test1910 test1911 test1912 test1913 test1914 test1915 \ diff --git a/tests/data/test1802 b/tests/data/test1802 new file mode 100644 index 0000000000..61f6426a90 --- /dev/null +++ b/tests/data/test1802 @@ -0,0 +1,63 @@ + + + +HTTP +HTTP CONNECT + + + + + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Accept-Ranges: bytes +Content-Length: 6 +Connection: close +Content-Type: text/html + +-foo- + + +HTTP/1.1 200 fine +Connection: close +Content-Length: 0 + + + + +# +# Client-side + + +ftp +proxy + + +http + + +HTTP CONNECT with custom headers for proxy and server + + +http://hello/wanted/page -p -x %HOSTIP:%HTTPPORT --header "User-Agent: myapp/1.0" --proxy-header "User-Agent: Benjamin/2" --proxy-header "Host: todeloo" --header "Host: foo" + + + +# +# Verify data after the test has been "shot" + + + +CONNECT hello:80 HTTP/1.1 +Proxy-Connection: Keep-Alive +User-Agent: Benjamin/2 +Host: todeloo + +GET /wanted/page HTTP/1.1 +Host: foo +Accept: */* +User-Agent: myapp/1.0 + + + + From 6c97ff8c120f2ba3d4c6f1ceb7ca834cb98d808e Mon Sep 17 00:00:00 2001 From: x2018 Date: Mon, 27 Oct 2025 22:29:38 +0800 Subject: [PATCH 0614/2408] socks: properly maintain the status of 'done' Closes #19255 --- lib/socks.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/socks.c b/lib/socks.c index 238e140b06..9936aaf5bb 100644 --- a/lib/socks.c +++ b/lib/socks.c @@ -1248,8 +1248,10 @@ static CURLcode socks_proxy_cf_connect(struct Curl_cfilter *cf, if(!sx) { cf->ctx = sx = calloc(1, sizeof(*sx)); - if(!sx) - return CURLE_OUT_OF_MEMORY; + if(!sx) { + result = CURLE_OUT_OF_MEMORY; + goto out; + } /* for the secondary socket (FTP), use the "connect to host" * but ignore the "connect to port" (use the secondary port) From 2bb33c18a7fb041aa6831846210e4a9bbf45322f Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 27 Oct 2025 14:16:26 +0100 Subject: [PATCH 0615/2408] pingpong: change repsonse timeout to one minute It was previously two minutes by default and sometimes one minute. Removes a struct field. Closes #19254 --- lib/ftp.c | 6 ------ lib/pingpong.c | 4 ++-- lib/pingpong.h | 3 --- lib/urldata.h | 2 +- 4 files changed, 3 insertions(+), 12 deletions(-) diff --git a/lib/ftp.c b/lib/ftp.c index 5b96f63ad6..3ac8db6813 100644 --- a/lib/ftp.c +++ b/lib/ftp.c @@ -3364,15 +3364,9 @@ static CURLcode ftp_done(struct Curl_easy *data, CURLcode status, * data has been transferred. This happens when doing through NATs etc that * abandon old silent connections. */ - timediff_t old_time = pp->response_time; - - pp->response_time = 60*1000; /* give it only a minute for now */ pp->response = curlx_now(); /* timeout relative now */ - result = getftpresponse(data, &nread, &ftpcode); - pp->response_time = old_time; /* set this back to previous value */ - if(!nread && (CURLE_OPERATION_TIMEDOUT == result)) { failf(data, "control connection looks dead"); ftpc->ctl_valid = FALSE; /* mark control connection as bad */ diff --git a/lib/pingpong.c b/lib/pingpong.c index ac22e2e340..470199a6ff 100644 --- a/lib/pingpong.c +++ b/lib/pingpong.c @@ -50,8 +50,8 @@ timediff_t Curl_pp_state_timeout(struct Curl_easy *data, struct pingpong *pp, bool disconnecting) { timediff_t timeout_ms; /* in milliseconds */ - timediff_t response_time = (data->set.server_response_timeout > 0) ? - data->set.server_response_timeout : pp->response_time; + timediff_t response_time = data->set.server_response_timeout ? + data->set.server_response_timeout : RESP_TIMEOUT; struct curltime now = curlx_now(); /* if CURLOPT_SERVER_RESPONSE_TIMEOUT is set, use that to determine diff --git a/lib/pingpong.h b/lib/pingpong.h index 5db96c4345..bd723b1c9b 100644 --- a/lib/pingpong.h +++ b/lib/pingpong.h @@ -53,8 +53,6 @@ struct pingpong { size_t sendsize; /* total size of the sendthis buffer */ struct curltime response; /* set to Curl_now() when a command has been sent off, used to time-out response reading */ - timediff_t response_time; /* When no timeout is given, this is the amount of - milliseconds we await for a server response. */ struct dynbuf sendbuf; struct dynbuf recvbuf; size_t overflow; /* number of bytes left after a final response line */ @@ -75,7 +73,6 @@ struct pingpong { #define PINGPONG_SETUP(pp,s,e) \ do { \ - (pp)->response_time = RESP_TIMEOUT; \ (pp)->statemachine = s; \ (pp)->endofresp = e; \ } while(0) diff --git a/lib/urldata.h b/lib/urldata.h index 19f96bbc17..f79ccca0ac 100644 --- a/lib/urldata.h +++ b/lib/urldata.h @@ -127,7 +127,7 @@ typedef unsigned int curl_prot_t; #define MAX_IPADR_LEN sizeof("ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255") /* Default FTP/IMAP etc response timeout in milliseconds */ -#define RESP_TIMEOUT (120*1000) +#define RESP_TIMEOUT (60*1000) /* Max string input length is a precaution against abuse and to detect junk input easier and better. */ From 692c7f133e6f9a5053a87b1fffbf3c41697a7742 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Mon, 27 Oct 2025 12:16:59 +0100 Subject: [PATCH 0616/2408] TLS: IP address verification, extend test Change the test certificate to carry a altname 'dns:127.0.0.1' which should *not* match in test_17_05_bad_ip_addr. wolfSSL: since `wolfSSL_check_domain_name()` does not differentiate between DNS and IP names, use if only for DNS names. For IP addresses, get the peer certificate after the handshake and check that using wolfSSL_X509_check_ip_asc(). Unfortunately, this succeeds where it should not, as wolfSSL internally used the same check code for both cases. So, skip the test case until wolfSSL fixes that. Reported-by: Joshua Rogers Closes #19252 --- lib/vquic/vquic-tls.c | 13 +++++++++---- lib/vtls/wolfssl.c | 28 +++++++++++++++++++++++----- tests/http/test_02_download.py | 2 ++ tests/http/test_07_upload.py | 2 ++ tests/http/test_17_ssl_use.py | 21 +++++++++++++++++++++ tests/http/testenv/certs.py | 14 +++++++++----- tests/http/testenv/env.py | 1 + 7 files changed, 67 insertions(+), 14 deletions(-) diff --git a/lib/vquic/vquic-tls.c b/lib/vquic/vquic-tls.c index fa89c0b809..f4ef06c33b 100644 --- a/lib/vquic/vquic-tls.c +++ b/lib/vquic/vquic-tls.c @@ -178,12 +178,17 @@ CURLcode Curl_vquic_tls_verify_peer(struct curl_tls_ctx *ctx, #elif defined(USE_WOLFSSL) (void)data; if(conn_config->verifyhost) { - char *snihost = peer->sni ? peer->sni : peer->hostname; WOLFSSL_X509* cert = wolfSSL_get_peer_certificate(ctx->wssl.ssl); - if(wolfSSL_X509_check_host(cert, snihost, strlen(snihost), 0, NULL) - == WOLFSSL_FAILURE) { + if(!cert) + result = CURLE_OUT_OF_MEMORY; + else if(peer->sni && + (wolfSSL_X509_check_host(cert, peer->sni, strlen(peer->sni), 0, NULL) + == WOLFSSL_FAILURE)) + result = CURLE_PEER_FAILED_VERIFICATION; + else if(!peer->sni && + (wolfSSL_X509_check_ip_asc(cert, peer->hostname, 0) + == WOLFSSL_FAILURE)) result = CURLE_PEER_FAILED_VERIFICATION; - } wolfSSL_X509_free(cert); } if(!result) diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c index fe63097f9c..1efb5dc370 100644 --- a/lib/vtls/wolfssl.c +++ b/lib/vtls/wolfssl.c @@ -1491,11 +1491,10 @@ wssl_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data) } #endif - /* Enable RFC2818 checks */ - if(conn_config->verifyhost) { - char *snihost = connssl->peer.sni ? - connssl->peer.sni : connssl->peer.hostname; - if(wolfSSL_check_domain_name(wssl->ssl, snihost) != + /* Enable RFC2818 checks on domain names. This cannot check + * IP addresses which we need to do extra after the handshake. */ + if(conn_config->verifyhost && connssl->peer.sni) { + if(wolfSSL_check_domain_name(wssl->ssl, connssl->peer.sni) != WOLFSSL_SUCCESS) { return CURLE_SSL_CONNECT_ERROR; } @@ -1719,6 +1718,25 @@ static CURLcode wssl_handshake(struct Curl_cfilter *cf, detail = wolfSSL_get_error(wssl->ssl, ret); CURL_TRC_CF(data, cf, "wolfSSL_connect() -> %d, detail=%d", ret, detail); + /* On a successful handshake with an IP address, do an extra check + * on the peer certificate */ + if(ret == WOLFSSL_SUCCESS && + conn_config->verifyhost && + !connssl->peer.sni) { + /* we have an IP address as host name. */ + WOLFSSL_X509* cert = wolfSSL_get_peer_certificate(wssl->ssl); + if(!cert) { + failf(data, "unable to get peer certificate"); + return CURLE_PEER_FAILED_VERIFICATION; + } + ret = wolfSSL_X509_check_ip_asc(cert, connssl->peer.hostname, 0); + CURL_TRC_CF(data, cf, "check peer certificate for IP match on %s -> %d", + connssl->peer.hostname, ret); + if(ret != WOLFSSL_SUCCESS) + detail = DOMAIN_NAME_MISMATCH; + wolfSSL_X509_free(cert); + } + if(ret == WOLFSSL_SUCCESS) { return CURLE_OK; } diff --git a/tests/http/test_02_download.py b/tests/http/test_02_download.py index 26da1d2fee..574401cb72 100644 --- a/tests/http/test_02_download.py +++ b/tests/http/test_02_download.py @@ -610,6 +610,8 @@ class TestDownload: pytest.skip("h3 not supported") if proto != 'h3' and sys.platform.startswith('darwin') and env.ci_run: pytest.skip('failing on macOS CI runners') + if proto == 'h3' and sys.platform.startswith('darwin') and env.curl_uses_lib('wolfssl'): + pytest.skip('h3 wolfssl early data failing on macOS') if proto == 'h3' and sys.platform.startswith('darwin') and env.curl_uses_lib('gnutls'): pytest.skip('h3 gnutls early data failing on macOS') count = 2 diff --git a/tests/http/test_07_upload.py b/tests/http/test_07_upload.py index c2377d41e4..fa2ef272d7 100644 --- a/tests/http/test_07_upload.py +++ b/tests/http/test_07_upload.py @@ -712,6 +712,8 @@ class TestUpload: pytest.skip("h3 not supported") if proto != 'h3' and sys.platform.startswith('darwin') and env.ci_run: pytest.skip('failing on macOS CI runners') + if proto == 'h3' and sys.platform.startswith('darwin') and env.curl_uses_lib('wolfssl'): + pytest.skip('h3 wolfssl early data failing on macOS') if proto == 'h3' and sys.platform.startswith('darwin') and env.curl_uses_lib('gnutls'): pytest.skip('h3 gnutls early data failing on macOS') count = 2 diff --git a/tests/http/test_17_ssl_use.py b/tests/http/test_17_ssl_use.py index 619ecd25e6..d0af093af0 100644 --- a/tests/http/test_17_ssl_use.py +++ b/tests/http/test_17_ssl_use.py @@ -186,6 +186,27 @@ class TestSSLUse: r = curl.http_get(url=url, alpn_proto=proto) assert r.exit_code == 60, f'{r}' + # use IP address that is in cert as DNS name (not really legal) + @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3']) + def test_17_05_very_bad_ip_addr(self, env: Env, proto, + httpd, configures_httpd, + nghttpx, configures_nghttpx): + if proto == 'h3' and not env.have_h3(): + pytest.skip("h3 not supported") + if env.curl_uses_lib('mbedtls'): + pytest.skip("mbedtls falsely verifies a DNS: altname as IP address") + if env.curl_uses_lib('wolfssl'): + pytest.skip("wolfSSL falsely verifies a DNS: altname as IP address") + httpd.set_domain1_cred_name('domain1-very-bad') + httpd.reload_if_config_changed() + if proto == 'h3': + nghttpx.set_cred_name('domain1-very-bad') + nghttpx.reload_if_config_changed() + curl = CurlClient(env=env) + url = f'https://127.0.0.1:{env.port_for(proto)}/curltest/sslinfo' + r = curl.http_get(url=url, alpn_proto=proto) + assert r.exit_code == 60, f'{r}' + # use localhost for connect @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3']) def test_17_06_localhost(self, env: Env, proto, httpd, nghttpx): diff --git a/tests/http/testenv/certs.py b/tests/http/testenv/certs.py index bfb7287eee..e59b1ea147 100644 --- a/tests/http/testenv/certs.py +++ b/tests/http/testenv/certs.py @@ -459,11 +459,15 @@ class TestCA: def _add_leaf_usages(csr: Any, domains: List[str], issuer: Credentials) -> Any: names = [] for name in domains: - try: - names.append(x509.IPAddress(ipaddress.ip_address(name))) - # TODO: specify specific exceptions here - except: # noqa: E722 - names.append(x509.DNSName(name)) + m = re.match(r'dns:(.+)', name) + if m: + names.append(x509.DNSName(m.group(1))) + else: + try: + names.append(x509.IPAddress(ipaddress.ip_address(name))) + # TODO: specify specific exceptions here + except: # noqa: E722 + names.append(x509.DNSName(name)) return csr.add_extension( x509.BasicConstraints(ca=False, path_length=None), diff --git a/tests/http/testenv/env.py b/tests/http/testenv/env.py index 0cd9101342..ff8741530b 100644 --- a/tests/http/testenv/env.py +++ b/tests/http/testenv/env.py @@ -188,6 +188,7 @@ class EnvConfig: self.cert_specs = [ CertificateSpec(domains=[self.domain1, self.domain1brotli, 'localhost', '127.0.0.1'], key_type='rsa2048'), CertificateSpec(name='domain1-no-ip', domains=[self.domain1, self.domain1brotli], key_type='rsa2048'), + CertificateSpec(name='domain1-very-bad', domains=[self.domain1, 'dns:127.0.0.1'], key_type='rsa2048'), CertificateSpec(domains=[self.domain2], key_type='rsa2048'), CertificateSpec(domains=[self.ftp_domain], key_type='rsa2048'), CertificateSpec(domains=[self.proxy_domain, '127.0.0.1'], key_type='rsa2048'), From 05eea37e78e8e429437699749eb692cd0325d909 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 27 Oct 2025 16:37:03 +0100 Subject: [PATCH 0617/2408] CURLOPT_SERVER_RESPONSE_TIMEOUT*: add default and see-also Also move the old name mention to a HISTORY section Closes #19258 --- docs/libcurl/opts/CURLOPT_SERVER_RESPONSE_TIMEOUT.md | 9 ++++++--- docs/libcurl/opts/CURLOPT_SERVER_RESPONSE_TIMEOUT_MS.md | 3 ++- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/docs/libcurl/opts/CURLOPT_SERVER_RESPONSE_TIMEOUT.md b/docs/libcurl/opts/CURLOPT_SERVER_RESPONSE_TIMEOUT.md index 30ae25b42a..85695316e6 100644 --- a/docs/libcurl/opts/CURLOPT_SERVER_RESPONSE_TIMEOUT.md +++ b/docs/libcurl/opts/CURLOPT_SERVER_RESPONSE_TIMEOUT.md @@ -5,6 +5,7 @@ Title: CURLOPT_SERVER_RESPONSE_TIMEOUT Section: 3 Source: libcurl See-also: + - CURLOPT_SERVER_RESPONSE_TIMEOUT_MS (3) - CURLOPT_CONNECTTIMEOUT (3) - CURLOPT_LOW_SPEED_LIMIT (3) - CURLOPT_TIMEOUT (3) @@ -40,11 +41,9 @@ connection is considered dead and the transfer fails. It is recommended that if used in conjunction with CURLOPT_TIMEOUT(3), you set CURLOPT_SERVER_RESPONSE_TIMEOUT(3) to a value smaller than CURLOPT_TIMEOUT(3). -This option was formerly known as CURLOPT_FTP_RESPONSE_TIMEOUT. - # DEFAULT -None +60 seconds # %PROTOCOLS% @@ -66,6 +65,10 @@ int main(void) } ~~~ +# HISTORY + +This option was formerly known as CURLOPT_FTP_RESPONSE_TIMEOUT. + # %AVAILABILITY% # RETURN VALUE diff --git a/docs/libcurl/opts/CURLOPT_SERVER_RESPONSE_TIMEOUT_MS.md b/docs/libcurl/opts/CURLOPT_SERVER_RESPONSE_TIMEOUT_MS.md index 267659cde2..98d93fe5dc 100644 --- a/docs/libcurl/opts/CURLOPT_SERVER_RESPONSE_TIMEOUT_MS.md +++ b/docs/libcurl/opts/CURLOPT_SERVER_RESPONSE_TIMEOUT_MS.md @@ -5,6 +5,7 @@ Title: CURLOPT_SERVER_RESPONSE_TIMEOUT_MS Section: 3 Source: libcurl See-also: + - CURLOPT_SERVER_RESPONSE_TIMEOUT (3) - CURLOPT_CONNECTTIMEOUT (3) - CURLOPT_LOW_SPEED_LIMIT (3) - CURLOPT_TIMEOUT (3) @@ -47,7 +48,7 @@ This is the millisecond version of CURLOPT_SERVER_RESPONSE_TIMEOUT(3). # DEFAULT -None +60000 milliseconds # %PROTOCOLS% From 73811b4c51a959696b38f7b872afbebd230e6f06 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 27 Oct 2025 16:40:52 +0100 Subject: [PATCH 0618/2408] header: see-also --proxy-header and vice versa Closes #19259 --- docs/cmdline-opts/header.md | 1 + docs/cmdline-opts/proxy-header.md | 1 + 2 files changed, 2 insertions(+) diff --git a/docs/cmdline-opts/header.md b/docs/cmdline-opts/header.md index 66816aac53..7af86aba18 100644 --- a/docs/cmdline-opts/header.md +++ b/docs/cmdline-opts/header.md @@ -12,6 +12,7 @@ Multi: append See-also: - user-agent - referer + - proxy-header Example: - -H "X-First-Name: Joe" $URL - -H "User-Agent: yes-please/2000" $URL diff --git a/docs/cmdline-opts/proxy-header.md b/docs/cmdline-opts/proxy-header.md index 3edf6c9a90..459eb462f6 100644 --- a/docs/cmdline-opts/proxy-header.md +++ b/docs/cmdline-opts/proxy-header.md @@ -10,6 +10,7 @@ Category: proxy Multi: append See-also: - proxy + - header Example: - --proxy-header "X-First-Name: Joe" -x http://proxy $URL - --proxy-header "User-Agent: surprise" -x http://proxy $URL From fa49c50ac359bc3ac7c76e86e0be0fe9a0cb6b7c Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 27 Oct 2025 19:23:37 +0100 Subject: [PATCH 0619/2408] tests/server/dnsd: fix potential buffer overflow When handling incoming DNS packets. Reported-by: Joshua Rogers Closes #19261 --- tests/server/dnsd.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/tests/server/dnsd.c b/tests/server/dnsd.c index 3f8f5b37a7..93edcb2397 100644 --- a/tests/server/dnsd.c +++ b/tests/server/dnsd.c @@ -83,7 +83,7 @@ static const char *type2string(unsigned short qtype) * Return query (qname + type + class), type and id. */ static int store_incoming(const unsigned char *data, size_t size, - unsigned char *qbuf, size_t *qlen, + unsigned char *qbuf, size_t qbuflen, size_t *qlen, unsigned short *qtype, unsigned short *idp) { FILE *server; @@ -159,6 +159,12 @@ static int store_incoming(const unsigned char *data, size_t size, (void) get16bit(&data, &size); *qlen = qsize - size; /* total size of the query */ + if(*qlen > qbuflen) { + logmsg("dnsd: query too large: %lu > %lu", + (unsigned long)*qlen, (unsigned long)qbuflen); + fclose(server); + return -1; + } memcpy(qbuf, qptr, *qlen); } else @@ -616,7 +622,7 @@ static int test_dnsd(int argc, char **argv) per test case */ read_instructions(); - store_incoming(inbuffer, n, qbuf, &qlen, &qtype, &id); + store_incoming(inbuffer, n, qbuf, sizeof(qbuf), &qlen, &qtype, &id); set_advisor_read_lock(loglockfile); serverlogslocked = 1; From bc9977021773e299c560e4afc60d623fd882825b Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 28 Oct 2025 09:37:39 +0100 Subject: [PATCH 0620/2408] singleuse.pl: fix string warning "Use of uninitialized value $unittests in concatenation on line 170" Closes #19266 --- scripts/singleuse.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/singleuse.pl b/scripts/singleuse.pl index b4cbe3ff4a..3ce5dda442 100755 --- a/scripts/singleuse.pl +++ b/scripts/singleuse.pl @@ -36,7 +36,7 @@ use strict; use warnings; -my $unittests; +my $unittests=""; if(@ARGV && $ARGV[0] eq "--unit") { $unittests = "tests/unit "; shift @ARGV; From 02113a6307a5f9ffcafd60604fba22b750942da5 Mon Sep 17 00:00:00 2001 From: x2018 Date: Tue, 28 Oct 2025 13:16:36 +0800 Subject: [PATCH 0621/2408] Curl_resolv: explicitly set *entry to NULL at the top Closes #19263 --- lib/hostip.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/hostip.c b/lib/hostip.c index d4b1b87e7a..7e2551d8f3 100644 --- a/lib/hostip.c +++ b/lib/hostip.c @@ -848,6 +848,8 @@ CURLcode Curl_resolv(struct Curl_easy *data, size_t hostname_len; bool keep_negative = TRUE; /* cache a negative result */ + *entry = NULL; + #ifndef CURL_DISABLE_DOH data->conn->bits.doh = FALSE; /* default is not */ #else @@ -969,7 +971,6 @@ out: error: if(dns) Curl_resolv_unlink(data, &dns); - *entry = NULL; Curl_async_shutdown(data); if(keep_negative) store_negative_resolve(data, hostname, port); From 9308ea22e8299fb79f4acd0398829cbe37a3fb1c Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 28 Oct 2025 11:56:03 +0100 Subject: [PATCH 0622/2408] cookie: remove the temporary file on (all) errors Fixes #19267 Reported-by: Harry Sintonen Closes #19268 --- lib/cookie.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/cookie.c b/lib/cookie.c index 9b89b7df70..35b252971d 100644 --- a/lib/cookie.c +++ b/lib/cookie.c @@ -1595,7 +1595,6 @@ static CURLcode cookie_output(struct Curl_easy *data, curlx_fclose(out); out = NULL; if(tempstore && Curl_rename(tempstore, filename)) { - unlink(tempstore); error = CURLE_WRITE_ERROR; goto error; } @@ -1612,7 +1611,10 @@ static CURLcode cookie_output(struct Curl_easy *data, error: if(out && !use_stdout) curlx_fclose(out); - free(tempstore); + if(tempstore) { + unlink(tempstore); + free(tempstore); + } return error; } From 875ea98c360df34dd757eb7e1e62a1cb2d177da8 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 28 Oct 2025 09:05:25 +0100 Subject: [PATCH 0623/2408] schannel: handle Curl_conn_cf_send() errors better Avoid a resource leak in the error path. Reported-by: Joshua Rogers Closes #19265 --- lib/vtls/schannel.c | 115 ++++++++++++++++++++++++-------------------- 1 file changed, 64 insertions(+), 51 deletions(-) diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index 0561d6fbdd..376d1a67ea 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -1113,6 +1113,41 @@ schannel_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data) return CURLE_OK; } +static CURLcode schannel_error(struct Curl_easy *data, + SECURITY_STATUS sspi_status) +{ + char buffer[STRERROR_LEN]; + switch(sspi_status) { + case SEC_E_INSUFFICIENT_MEMORY: + failf(data, "schannel: next InitializeSecurityContext failed: %s", + Curl_sspi_strerror(sspi_status, buffer, sizeof(buffer))); + return CURLE_OUT_OF_MEMORY; + case SEC_E_WRONG_PRINCIPAL: + failf(data, "schannel: SNI or certificate check failed: %s", + Curl_sspi_strerror(sspi_status, buffer, sizeof(buffer))); + return CURLE_PEER_FAILED_VERIFICATION; + case SEC_E_UNTRUSTED_ROOT: + failf(data, "schannel: %s", + Curl_sspi_strerror(sspi_status, buffer, sizeof(buffer))); + return CURLE_PEER_FAILED_VERIFICATION; +#if 0 + case SEC_E_INVALID_HANDLE: + case SEC_E_INVALID_TOKEN: + case SEC_E_LOGON_DENIED: + case SEC_E_TARGET_UNKNOWN: + case SEC_E_NO_AUTHENTICATING_AUTHORITY: + case SEC_E_INTERNAL_ERROR: + case SEC_E_NO_CREDENTIALS: + case SEC_E_UNSUPPORTED_FUNCTION: + case SEC_E_APPLICATION_PROTOCOL_MISMATCH: +#endif + default: + failf(data, "schannel: next InitializeSecurityContext failed: %s", + Curl_sspi_strerror(sspi_status, buffer, sizeof(buffer))); + return CURLE_SSL_CONNECT_ERROR; + } +} + static CURLcode schannel_connect_step2(struct Curl_cfilter *cf, struct Curl_easy *data) { @@ -1266,28 +1301,18 @@ schannel_connect_step2(struct Curl_cfilter *cf, struct Curl_easy *data) Curl_safefree(inbuf[0].pvBuffer); /* check if the handshake was incomplete */ - if(sspi_status == SEC_E_INCOMPLETE_MESSAGE) { + switch(sspi_status) { + case SEC_E_INCOMPLETE_MESSAGE: backend->encdata_is_incomplete = TRUE; connssl->io_need = CURL_SSL_IO_NEED_RECV; DEBUGF(infof(data, "schannel: received incomplete message, need more data")); return CURLE_OK; - } - /* If the server has requested a client certificate, attempt to continue - the handshake without one. This will allow connections to servers which - request a client certificate but do not require it. */ - if(sspi_status == SEC_I_INCOMPLETE_CREDENTIALS && - !(backend->req_flags & ISC_REQ_USE_SUPPLIED_CREDS)) { - backend->req_flags |= ISC_REQ_USE_SUPPLIED_CREDS; - connssl->io_need = CURL_SSL_IO_NEED_SEND; - DEBUGF(infof(data, - "schannel: a client certificate has been requested")); - return CURLE_OK; - } - - /* check if the handshake needs to be continued */ - if(sspi_status == SEC_I_CONTINUE_NEEDED || sspi_status == SEC_E_OK) { + case SEC_I_CONTINUE_NEEDED: + case SEC_E_OK: + /* check if the handshake needs to be continued */ + result = CURLE_OK; for(i = 0; i < 3; i++) { /* search for handshake tokens that need to be send */ if(outbuf[i].BufferType == SECBUFFER_TOKEN && outbuf[i].cbBuffer > 0) { @@ -1301,47 +1326,35 @@ schannel_connect_step2(struct Curl_cfilter *cf, struct Curl_easy *data) if(result || (outbuf[i].cbBuffer != written)) { failf(data, "schannel: failed to send next handshake data: " "sent %zu of %lu bytes", written, outbuf[i].cbBuffer); - return CURLE_SSL_CONNECT_ERROR; + result = CURLE_SSL_CONNECT_ERROR; } } - + } + for(i = 0; i < 3; i++) { /* free obsolete buffer */ - if(outbuf[i].pvBuffer) { + if(outbuf[i].pvBuffer) Curl_pSecFn->FreeContextBuffer(outbuf[i].pvBuffer); - } } - } - else { - char buffer[STRERROR_LEN]; - switch(sspi_status) { - case SEC_E_INSUFFICIENT_MEMORY: - failf(data, "schannel: next InitializeSecurityContext failed: %s", - Curl_sspi_strerror(sspi_status, buffer, sizeof(buffer))); - return CURLE_OUT_OF_MEMORY; - case SEC_E_WRONG_PRINCIPAL: - failf(data, "schannel: SNI or certificate check failed: %s", - Curl_sspi_strerror(sspi_status, buffer, sizeof(buffer))); - return CURLE_PEER_FAILED_VERIFICATION; - case SEC_E_UNTRUSTED_ROOT: - failf(data, "schannel: %s", - Curl_sspi_strerror(sspi_status, buffer, sizeof(buffer))); - return CURLE_PEER_FAILED_VERIFICATION; -#if 0 - case SEC_E_INVALID_HANDLE: - case SEC_E_INVALID_TOKEN: - case SEC_E_LOGON_DENIED: - case SEC_E_TARGET_UNKNOWN: - case SEC_E_NO_AUTHENTICATING_AUTHORITY: - case SEC_E_INTERNAL_ERROR: - case SEC_E_NO_CREDENTIALS: - case SEC_E_UNSUPPORTED_FUNCTION: - case SEC_E_APPLICATION_PROTOCOL_MISMATCH: -#endif - default: - failf(data, "schannel: next InitializeSecurityContext failed: %s", - Curl_sspi_strerror(sspi_status, buffer, sizeof(buffer))); - return CURLE_SSL_CONNECT_ERROR; + if(result) + return result; + break; + + case SEC_I_INCOMPLETE_CREDENTIALS: + if(!(backend->req_flags & ISC_REQ_USE_SUPPLIED_CREDS)) { + /* If the server has requested a client certificate, attempt to + continue the handshake without one. This will allow connections to + servers which request a client certificate but do not require + it. */ + backend->req_flags |= ISC_REQ_USE_SUPPLIED_CREDS; + connssl->io_need = CURL_SSL_IO_NEED_SEND; + DEBUGF(infof(data, + "schannel: a client certificate has been requested")); + return CURLE_OK; } + FALLTHROUGH(); + + default: + return schannel_error(data, sspi_status); } /* check if there was additional remaining encrypted data */ From fe9e0115b1572f5fd39503ed266efc1097f96b09 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 27 Oct 2025 17:18:25 +0100 Subject: [PATCH 0624/2408] tests: reduce max allowed allocations for four tests and completely remove the check for one Closes #19260 --- tests/data/test1 | 2 +- tests/data/test142 | 1 + tests/data/test440 | 2 +- tests/data/test767 | 2 +- tests/data/test770 | 4 ---- 5 files changed, 4 insertions(+), 7 deletions(-) diff --git a/tests/data/test1 b/tests/data/test1 index 4368eb78be..5c3c318be5 100644 --- a/tests/data/test1 +++ b/tests/data/test1 @@ -50,7 +50,7 @@ Accept: */* -Allocations: 135 +Allocations: 120 Maximum allocated: 136000 diff --git a/tests/data/test142 b/tests/data/test142 index cb03b832af..f59555642e 100644 --- a/tests/data/test142 +++ b/tests/data/test142 @@ -188,6 +188,7 @@ QUIT Allocations: 170 +Maximum allocated: 150000 diff --git a/tests/data/test440 b/tests/data/test440 index 81cf738473..7da9a8bd3c 100644 --- a/tests/data/test440 +++ b/tests/data/test440 @@ -74,7 +74,7 @@ https://this.hsts.example./%TESTNUMBER 56 -Allocations: 1100 +Allocations: 145 diff --git a/tests/data/test767 b/tests/data/test767 index 0927be4f1b..2695e3bffa 100644 --- a/tests/data/test767 +++ b/tests/data/test767 @@ -51,7 +51,7 @@ Accept: */* -Allocations: 135 +Allocations: 120 Maximum allocated: 136000 diff --git a/tests/data/test770 b/tests/data/test770 index 98e3850c4c..89ba5b1a80 100644 --- a/tests/data/test770 +++ b/tests/data/test770 @@ -50,9 +50,5 @@ User-Agent: curl/%VERSION Accept: */* - -Allocations: 135 -Maximum allocated: 136000 - From ba85f9d60579d38cd588ecdd3e0e6e306e6c4380 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 28 Oct 2025 23:33:16 +0100 Subject: [PATCH 0625/2408] RELEASE-NOTES: synced --- RELEASE-NOTES | 32 ++++++++++++++++++++++++++++---- 1 file changed, 28 insertions(+), 4 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 673a61052a..792ef742c6 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -4,7 +4,7 @@ curl and libcurl 8.17.0 Command line options: 273 curl_easy_setopt() options: 308 Public functions in libcurl: 100 - Contributors: 3529 + Contributors: 3531 This release includes the following changes: @@ -86,6 +86,7 @@ This release includes the following bugfixes: o connect: remove redundant condition in shutdown start [289] o cookie: avoid saving a cookie file if no transfer was done [11] o cookie: only count accepted cookies in Curl_cookie_add [364] + o cookie: remove the temporary file on (all) errors [356] o cpool: make bundle->dest an array; fix UB [218] o curl.h: remove incorrect comment about CURLOPT_PINNEDPUBLICKEY [320] o curl_easy_getinfo: error code on NULL arg [2] @@ -101,6 +102,7 @@ This release includes the following bugfixes: o CURLOPT_COOKIEFILE.md: clarify when the cookies are loaded [159] o CURLOPT_HEADER/WRITEFUNCTION.md: drop '* size' since size is always 1 [63] o CURLOPT_MAXLIFETIME_CONN: make default 24 hours [10] + o CURLOPT_SERVER_RESPONSE_TIMEOUT*: add default and see-also [397] o CURLOPT_SSL_VERIFYHOST.md: add see-also to two other VERIFYHOST options [32] o CURLOPT_TIMECONDITION.md: works for FILE and FTP as well [27] o cw-out: unify the error handling pattern in cw_out_do_write [414] @@ -114,6 +116,7 @@ This release includes the following bugfixes: o docs: fix/tidy code fences [87] o doswin: CloseHandle the thread on shutdown [307] o easy_getinfo: check magic, Curl_close safety [3] + o ECH.md: make OpenSSL branch clone instructions work [430] o examples/chkspeed: portable printing when outputting curl_off_t values [365] o examples/sessioninfo: cast printf string mask length to int [232] o examples/sessioninfo: do not disable security [255] @@ -149,6 +152,7 @@ This release includes the following bugfixes: o gnutls: check conversion of peer cert chain [275] o gnutls: fix re-handshake comments [422] o gtls: avoid potential use of uninitialized variable in trace output [83] + o header.md: see-also --proxy-header and vice versa [396] o hmac: free memory properly on errors [377] o hostip: don't store negative resolves due unrelated errors [256] o hostip: fix infof() output for non-ipv6 builds using IPv6 address [338] @@ -162,6 +166,7 @@ This release includes the following bugfixes: o http: make Content-Length parser more WHATWG [183] o http: only accept ';' as a separator for custom headers [407] o http: return error for a second Location: header [393] + o http_proxy: fix adding custom proxy headers [424] o httpsrr: free old pointers when storing new [57] o imap: parse and use UIDVALIDITY as a number [420] o imap: treat capabilities case insensitively [345] @@ -278,6 +283,7 @@ This release includes the following bugfixes: o OS400: fix a use-after-free/double-free case [142] o osslq: set idle timeout to 0 [237] o pingpong: remove two old leftover debug infof() calls + o pop3: fix CAPA response termination detection [427] o pop3: function could get the ->transfer field wrong [292] o pytest: skip specific tests for no-verbose builds [171] o quic: fix min TLS version handling [14] @@ -300,6 +306,7 @@ This release includes the following bugfixes: o sasl: clear canceled mechanism instead of toggling it [41] o schannel: assign result before using it [62] o schannel: fix memory leak [363] + o schannel: handle Curl_conn_cf_send() errors better [352] o schannel: lower the maximum allowed time to block to 7 seconds [333] o schannel_verify: do not call infof with an appended \n [371] o schannel_verify: fix mem-leak in Curl_verify_host [208] @@ -309,6 +316,7 @@ This release includes the following bugfixes: o setopt: allow CURLOPT_DNS_CACHE_TIMEOUT set to -1 [257] o setopt: fix unused variable warning in minimal build [332] o setopt: make CURLOPT_MAXREDIRS accept -1 (again) [1] + o singleuse.pl: fix string warning [392] o smb: adjust buffer size checks [45] o smb: transfer debugassert to real check [303] o smtp: check EHLO responses case insensitively [50] @@ -320,7 +328,9 @@ This release includes the following bugfixes: o socks: handle error in verbose trace gracefully [94] o socks: handle premature close [246] o socks: make Curl_blockread_all return CURLcode [67] + o socks: properly maintain the status of 'done' [405] o socks: rewwork, cleaning up socks state handling [135] + o socks_gssapi: also reset buffer length after free [429] o socks_gssapi: make the gss_context a local variable [144] o socks_gssapi: reject too long tokens [90] o socks_gssapi: remove superfluous releases of the gss_recv_token [139] @@ -365,6 +375,7 @@ This release includes the following bugfixes: o tidy-up: update MS links, allow long URLs via checksrc [73] o tidy-up: URLs [101] o time-cond.md: refer to the singular curl_getdate man page [148] + o TLS: IP address verification, extend test [398] o TODO: fix a typo [93] o TODO: remove already implemented or bad items [36] o tool: fix exponential retry delay [47] @@ -412,6 +423,7 @@ This release includes the following bugfixes: o vtls: unify the error handling in ssl_cf_connect(). [413] o vtls_int.h: clarify data_pending [124] o vtls_scache: fix race condition [157] + o wcurl: sync to +dev snapshot [425] o windows: replace _beginthreadex() with CreateThread() [80] o windows: stop passing unused, optional argument for Win9x compatibility [75] o windows: use consistent format when showing error codes [199] @@ -461,9 +473,9 @@ advice from friends like these: Nir Azkiel, Patrick Monnerat, Pavel P, plv1313 on github, Pocs Norbert, Ray Satiro, renovate[bot], rinsuki on github, Sakthi SK, Samuel Dionne-Riel, Samuel Henrique, Stanislav Fort, Stefan Eissing, Tatsuhiro Tsujikawa, - Theo Buehler, Tim Becker, tkzv on github, Viktor Szakats, - WangDaLei on github, Xiaoke Wang, Yedaya Katsman, 包布丁 - (63 contributors) + TheBitBrine, Theo Buehler, Tim Becker, tkzv on github, Viktor Szakatas, + Viktor Szakats, WangDaLei on github, Xiaoke Wang, Yedaya Katsman, 包布丁 + (65 contributors) References to bug reports and discussions on issues: @@ -817,9 +829,11 @@ References to bug reports and discussions on issues: [348] = https://curl.se/bug/?i=19086 [349] = https://curl.se/bug/?i=19076 [351] = https://curl.se/bug/?i=19141 + [352] = https://curl.se/bug/?i=19265 [353] = https://curl.se/bug/?i=19073 [354] = https://curl.se/bug/?i=19078 [355] = https://curl.se/bug/?i=19135 + [356] = https://curl.se/bug/?i=19267 [357] = https://curl.se/bug/?i=19136 [358] = https://curl.se/bug/?i=19133 [359] = https://curl.se/bug/?i=19139 @@ -854,13 +868,18 @@ References to bug reports and discussions on issues: [389] = https://curl.se/bug/?i=19160 [390] = https://curl.se/bug/?i=19137 [391] = https://curl.se/bug/?i=19223 + [392] = https://curl.se/bug/?i=19266 [393] = https://curl.se/bug/?i=19130 [394] = https://curl.se/bug/?i=19153 + [396] = https://curl.se/bug/?i=19259 + [397] = https://curl.se/bug/?i=19258 + [398] = https://curl.se/bug/?i=19252 [399] = https://curl.se/bug/?i=19206 [400] = https://curl.se/bug/?i=19208 [402] = https://curl.se/bug/?i=19211 [403] = https://curl.se/bug/?i=19213 [404] = https://curl.se/bug/?i=18991 + [405] = https://curl.se/bug/?i=19255 [406] = https://curl.se/bug/?i=19202 [407] = https://curl.se/bug/?i=19200 [408] = https://curl.se/bug/?i=19201 @@ -879,3 +898,8 @@ References to bug reports and discussions on issues: [421] = https://curl.se/bug/?i=19186 [422] = https://curl.se/bug/?i=19187 [423] = https://curl.se/bug/?i=19185 + [424] = https://curl.se/bug/?i=19227 + [425] = https://curl.se/bug/?i=19247 + [427] = https://curl.se/bug/?i=19228 + [429] = https://curl.se/bug/?i=19167 + [430] = https://curl.se/bug/?i=19237 From 0ba006601ffa813388bf4b4f01a181767fbdad15 Mon Sep 17 00:00:00 2001 From: Jay Satiro Date: Sun, 19 Oct 2025 11:42:37 -0400 Subject: [PATCH 0626/2408] tool_operate: move the checks that skip ca cert detection - Move the checks into the function that needs them, cacertpaths(). Prior to this change the caller made the determination whether to skip calling cacertpaths for cert detection. However for posterity it is better to have the checks in cacertpaths since other code could call it. Closes https://github.com/curl/curl/pull/19148 --- src/tool_operate.c | 59 ++++++++++++++++++++++------------------------ 1 file changed, 28 insertions(+), 31 deletions(-) diff --git a/src/tool_operate.c b/src/tool_operate.c index 1c00351729..f290a288de 100644 --- a/src/tool_operate.c +++ b/src/tool_operate.c @@ -2032,35 +2032,54 @@ static CURLcode is_using_schannel(int *pusing) * environment-specified filename is found then check for CA bundle default * filename curl-ca-bundle.crt in the user's PATH. * + * If the user has set a CA cert/path or disabled peer verification (including + * for DoH, so completely disabled) then these locations are ignored. + * * If Schannel is the selected SSL backend then these locations are ignored. * We allow setting CA location for Schannel only when explicitly specified by * the user via CURLOPT_CAINFO / --cacert. */ - static CURLcode cacertpaths(struct OperationConfig *config) { - CURLcode result = CURLE_OUT_OF_MEMORY; - char *env = curl_getenv("CURL_CA_BUNDLE"); + char *env; + CURLcode result; + int using_schannel; + + if(!feature_ssl || config->cacert || config->capath || + (config->insecure_ok && (!config->doh_url || config->doh_insecure_ok))) + return CURLE_OK; + + result = is_using_schannel(&using_schannel); + if(result || using_schannel) + return result; + + env = curl_getenv("CURL_CA_BUNDLE"); if(env) { config->cacert = strdup(env); curl_free(env); - if(!config->cacert) + if(!config->cacert) { + result = CURLE_OUT_OF_MEMORY; goto fail; + } } else { env = curl_getenv("SSL_CERT_DIR"); if(env) { config->capath = strdup(env); curl_free(env); - if(!config->capath) + if(!config->capath) { + result = CURLE_OUT_OF_MEMORY; goto fail; + } } env = curl_getenv("SSL_CERT_FILE"); if(env) { config->cacert = strdup(env); curl_free(env); - if(!config->cacert) + if(!config->cacert) { + result = CURLE_OUT_OF_MEMORY; goto fail; + } } } @@ -2087,7 +2106,7 @@ static CURLcode cacertpaths(struct OperationConfig *config) #endif return CURLE_OK; fail: - free(config->capath); + Curl_safefree(config->capath); return result; } @@ -2106,30 +2125,8 @@ static CURLcode transfer_per_config(struct OperationConfig *config, return CURLE_FAILED_INIT; } - /* On Windows we cannot set the path to curl-ca-bundle.crt at compile time. - * We look for the file in two ways: - * 1: look at the environment variable CURL_CA_BUNDLE for a path - * 2: if #1 is not found, use the Windows API function SearchPath() - * to find it along the app's path (includes app's dir and CWD) - * - * We support the environment variable thing for non-Windows platforms - * too. Just for the sake of it. - */ - if(feature_ssl && - !config->cacert && - !config->capath && - (!config->insecure_ok || (config->doh_url && !config->doh_insecure_ok))) { - int using_schannel = -1; - - result = is_using_schannel(&using_schannel); - - /* With the addition of CAINFO support for Schannel, this search could - * find a certificate bundle that was previously ignored. To maintain - * backward compatibility, only perform this search if not using Schannel. - */ - if(!result && !using_schannel) - result = cacertpaths(config); - } + if(!result) + result = cacertpaths(config); if(!result) { result = single_transfer(config, share, added, skipped); From c82a70628dea815364ed41f30e2f6b8eb87f9fdd Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Mon, 27 Oct 2025 10:33:41 +0100 Subject: [PATCH 0627/2408] ssl-session-cache: check use on config and availability Replace the check if a ssl session cache is configured with a function checking if it is configured *and* if an ssl session cache is available. During normal operations, a session cache is always there, however for "connect-only" transfers this might not be the case. When such transfers receive new sessions/tickets, they need to silently discard those and not fail. Reported-by: Marc Aldorasi Fixes https://github.com/curl/curl/issues/18983 Closes https://github.com/curl/curl/pull/19251 --- lib/vquic/curl_ngtcp2.c | 7 +++---- lib/vtls/gtls.c | 3 +-- lib/vtls/mbedtls.c | 5 ++--- lib/vtls/openssl.c | 7 +++---- lib/vtls/schannel.c | 5 ++--- lib/vtls/vtls_scache.c | 9 +++++++++ lib/vtls/vtls_scache.h | 6 ++++++ lib/vtls/wolfssl.c | 4 ++-- 8 files changed, 28 insertions(+), 18 deletions(-) diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index 3b918cd870..3493f996ce 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -2384,7 +2384,6 @@ static CURLcode cf_ngtcp2_tls_ctx_setup(struct Curl_cfilter *cf, void *user_data) { struct curl_tls_ctx *ctx = user_data; - struct ssl_config_data *ssl_config = Curl_ssl_cf_get_config(cf, data); #ifdef USE_OPENSSL #if defined(OPENSSL_IS_BORINGSSL) || defined(OPENSSL_IS_AWSLC) @@ -2401,7 +2400,7 @@ static CURLcode cf_ngtcp2_tls_ctx_setup(struct Curl_cfilter *cf, return CURLE_FAILED_INIT; } #endif /* !OPENSSL_IS_BORINGSSL && !OPENSSL_IS_AWSLC */ - if(ssl_config->primary.cache_session) { + if(Curl_ssl_scache_use(cf, data)) { /* Enable the session cache because it is a prerequisite for the * "new session" callback. Use the "external storage" mode to prevent * OpenSSL from creating an internal session cache. @@ -2417,7 +2416,7 @@ static CURLcode cf_ngtcp2_tls_ctx_setup(struct Curl_cfilter *cf, failf(data, "ngtcp2_crypto_gnutls_configure_client_session failed"); return CURLE_FAILED_INIT; } - if(ssl_config->primary.cache_session) { + if(Curl_ssl_scache_use(cf, data)) { gnutls_handshake_set_hook_function(ctx->gtls.session, GNUTLS_HANDSHAKE_ANY, GNUTLS_HOOK_POST, quic_gtls_handshake_cb); @@ -2428,7 +2427,7 @@ static CURLcode cf_ngtcp2_tls_ctx_setup(struct Curl_cfilter *cf, failf(data, "ngtcp2_crypto_wolfssl_configure_client_context failed"); return CURLE_FAILED_INIT; } - if(ssl_config->primary.cache_session) { + if(Curl_ssl_scache_use(cf, data)) { /* Register to get notified when a new session is received */ wolfSSL_CTX_sess_set_new_cb(ctx->wssl.ssl_ctx, wssl_quic_new_session_cb); } diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index 19c2ce893f..c79f192e82 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -684,14 +684,13 @@ CURLcode Curl_gtls_cache_session(struct Curl_cfilter *cf, unsigned char *quic_tp, size_t quic_tp_len) { - struct ssl_config_data *ssl_config = Curl_ssl_cf_get_config(cf, data); struct Curl_ssl_session *sc_session; unsigned char *sdata, *qtp_clone = NULL; size_t sdata_len = 0; size_t earlydata_max = 0; CURLcode result = CURLE_OK; - if(!ssl_config->primary.cache_session) + if(!Curl_ssl_scache_use(cf, data)) return CURLE_OK; /* we always unconditionally get the session id here, as even if we diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c index 89d4eff64e..ea8981b3cd 100644 --- a/lib/vtls/mbedtls.c +++ b/lib/vtls/mbedtls.c @@ -859,7 +859,7 @@ mbed_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data) #endif /* Check if there is a cached ID we can/should use here! */ - if(ssl_config->primary.cache_session) { + if(Curl_ssl_scache_use(cf, data)) { struct Curl_ssl_session *sc_session = NULL; CURLcode result; @@ -1086,7 +1086,6 @@ mbed_new_session(struct Curl_cfilter *cf, struct Curl_easy *data) struct ssl_connect_data *connssl = cf->ctx; struct mbed_ssl_backend_data *backend = (struct mbed_ssl_backend_data *)connssl->backend; - struct ssl_config_data *ssl_config = Curl_ssl_cf_get_config(cf, data); mbedtls_ssl_session session; bool msession_alloced = FALSE; struct Curl_ssl_session *sc_session = NULL; @@ -1097,7 +1096,7 @@ mbed_new_session(struct Curl_cfilter *cf, struct Curl_easy *data) int ret; DEBUGASSERT(backend); - if(!ssl_config->primary.cache_session) + if(!Curl_ssl_scache_use(cf, data)) return CURLE_OK; mbedtls_ssl_session_init(&session); diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 535e4118da..838c024221 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -3056,7 +3056,6 @@ CURLcode Curl_ossl_add_session(struct Curl_cfilter *cf, unsigned char *quic_tp, size_t quic_tp_len) { - const struct ssl_config_data *config; unsigned char *der_session_buf = NULL; unsigned char *qtp_clone = NULL; CURLcode result = CURLE_OK; @@ -3064,8 +3063,7 @@ CURLcode Curl_ossl_add_session(struct Curl_cfilter *cf, if(!cf || !data) goto out; - config = Curl_ssl_cf_get_config(cf, data); - if(config->primary.cache_session) { + if(Curl_ssl_scache_use(cf, data)) { struct Curl_ssl_session *sc_session = NULL; size_t der_session_size; unsigned char *der_session_ptr; @@ -3755,7 +3753,7 @@ ossl_init_session_and_alpns(struct ossl_ctx *octx, Curl_alpn_copy(&alpns, alpns_requested); octx->reused_session = FALSE; - if(ssl_config->primary.cache_session && !conn_cfg->verifystatus) { + if(Curl_ssl_scache_use(cf, data) && !conn_cfg->verifystatus) { struct Curl_ssl_session *scs = NULL; result = Curl_ssl_scache_take(cf, data, peer->scache_key, &scs); @@ -3797,6 +3795,7 @@ ossl_init_session_and_alpns(struct ossl_ctx *octx, } } #else + (void)ssl_config; (void)sess_reuse_cb; #endif } diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index 376d1a67ea..55a99b3b43 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -927,7 +927,7 @@ schannel_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data) backend->cred = NULL; /* check for an existing reusable credential handle */ - if(ssl_config->primary.cache_session) { + if(Curl_ssl_scache_use(cf, data)) { struct Curl_schannel_cred *old_cred; Curl_ssl_scache_lock(data); old_cred = Curl_ssl_scache_get_obj(cf, data, connssl->peer.scache_key); @@ -1530,7 +1530,6 @@ schannel_connect_step3(struct Curl_cfilter *cf, struct Curl_easy *data) struct ssl_connect_data *connssl = cf->ctx; struct schannel_ssl_backend_data *backend = (struct schannel_ssl_backend_data *)connssl->backend; - struct ssl_config_data *ssl_config = Curl_ssl_cf_get_config(cf, data); CURLcode result = CURLE_OK; SECURITY_STATUS sspi_status = SEC_E_OK; CERT_CONTEXT *ccert_context = NULL; @@ -1598,7 +1597,7 @@ schannel_connect_step3(struct Curl_cfilter *cf, struct Curl_easy *data) #endif /* save the current session data for possible reuse */ - if(ssl_config->primary.cache_session) { + if(Curl_ssl_scache_use(cf, data)) { Curl_ssl_scache_lock(data); /* Up ref count since call takes ownership */ backend->cred->refcount++; diff --git a/lib/vtls/vtls_scache.c b/lib/vtls/vtls_scache.c index 8203baa903..b9abc6e3fa 100644 --- a/lib/vtls/vtls_scache.c +++ b/lib/vtls/vtls_scache.c @@ -353,6 +353,15 @@ void Curl_ssl_scache_destroy(struct Curl_ssl_scache *scache) } } +bool Curl_ssl_scache_use(struct Curl_cfilter *cf, struct Curl_easy *data) +{ + if(cf_ssl_scache_get(data)) { + struct ssl_config_data *ssl_config = Curl_ssl_cf_get_config(cf, data); + return ssl_config ? ssl_config->primary.cache_session : FALSE; + } + return FALSE; +} + /* Lock shared SSL session data */ void Curl_ssl_scache_lock(struct Curl_easy *data) { diff --git a/lib/vtls/vtls_scache.h b/lib/vtls/vtls_scache.h index deedccfe8c..445f210549 100644 --- a/lib/vtls/vtls_scache.h +++ b/lib/vtls/vtls_scache.h @@ -65,6 +65,12 @@ CURLcode Curl_ssl_peer_key_make(struct Curl_cfilter *cf, const char *tls_id, char **ppeer_key); +/* Return if there is a session cache shall be used. + * An ssl session might not be configured or not available for + * "connect-only" transfers. + */ +bool Curl_ssl_scache_use(struct Curl_cfilter *cf, struct Curl_easy *data); + /* Lock session cache mutex. * Call this before calling other Curl_ssl_*session* functions * Caller should unlock this mutex as soon as possible, as it may block diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c index 1efb5dc370..9639709fdb 100644 --- a/lib/vtls/wolfssl.c +++ b/lib/vtls/wolfssl.c @@ -1257,7 +1257,7 @@ CURLcode Curl_wssl_ctx_init(struct wssl_ctx *wctx, } #endif - if(ssl_config->primary.cache_session && (transport != TRNSPRT_QUIC)) { + if(Curl_ssl_scache_use(cf, data) && (transport != TRNSPRT_QUIC)) { /* Register to get notified when a new session is received */ wolfSSL_CTX_sess_set_new_cb(wctx->ssl_ctx, wssl_vtls_new_session_cb); } @@ -1316,7 +1316,7 @@ CURLcode Curl_wssl_ctx_init(struct wssl_ctx *wctx, #endif /* Check if there is a cached ID we can/should use here! */ - if(ssl_config->primary.cache_session) { + if(Curl_ssl_scache_use(cf, data)) { /* Set session from cache if there is one */ (void)wssl_setup_session(cf, data, wctx, &alpns, peer->scache_key, sess_reuse_cb); From d3e7bef1efd6c9683cb5ed8cf8782c83439d0674 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 27 Oct 2025 15:33:24 +0000 Subject: [PATCH 0628/2408] GHA: update reuse to v6.2.0 Closes #19257 --- .github/scripts/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/scripts/requirements.txt b/.github/scripts/requirements.txt index 564c3605ad..a0c5c4d4be 100644 --- a/.github/scripts/requirements.txt +++ b/.github/scripts/requirements.txt @@ -5,5 +5,5 @@ cmakelang==0.6.13 codespell==2.4.1 pytype==2024.10.11 -reuse==6.1.2 +reuse==6.2.0 ruff==0.14.1 From 614895c0450828edbedf667acb496de6cdceb8f1 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 27 Oct 2025 20:57:13 +0000 Subject: [PATCH 0629/2408] GHA: update pyspelling to v2.12 Closes #19262 --- .github/scripts/requirements-docs.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/scripts/requirements-docs.txt b/.github/scripts/requirements-docs.txt index bd50e5010e..fa26c105d0 100644 --- a/.github/scripts/requirements-docs.txt +++ b/.github/scripts/requirements-docs.txt @@ -2,4 +2,4 @@ # # SPDX-License-Identifier: curl -pyspelling==2.11 +pyspelling==2.12 From a97f9d41cc01c733cec085008d644397ee6edd74 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 29 Oct 2025 09:11:09 +0100 Subject: [PATCH 0630/2408] openldap/ldap; check for binary attribute case insensitively This bug was found with ZeroPath Fixes #19240 Reported-by: Joshua Rogers Closes #19273 --- lib/ldap.c | 2 +- lib/openldap.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/ldap.c b/lib/ldap.c index 8db1f41338..f0bc2f2a37 100644 --- a/lib/ldap.c +++ b/lib/ldap.c @@ -623,7 +623,7 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done) } if((attr_len > 7) && - (strcmp(";binary", attr + (attr_len - 7)) == 0)) { + curl_strequal(";binary", attr + (attr_len - 7)) ) { /* Binary attribute, encode to base64. */ if(vals[i]->bv_len) { result = curlx_base64_encode(vals[i]->bv_val, vals[i]->bv_len, diff --git a/lib/openldap.c b/lib/openldap.c index dbf2f5f4f3..f06587f017 100644 --- a/lib/openldap.c +++ b/lib/openldap.c @@ -1096,7 +1096,6 @@ static CURLcode oldap_recv(struct Curl_easy *data, int sockindex, char *buf, BerElement *ber = NULL; struct timeval tv = {0, 0}; struct berval bv, *bvals; - bool binary = FALSE; CURLcode result = CURLE_AGAIN; int code; char *info = NULL; @@ -1167,6 +1166,7 @@ static CURLcode oldap_recv(struct Curl_easy *data, int sockindex, char *buf, rc == LDAP_SUCCESS; rc = ldap_get_attribute_ber(li->ld, msg, ber, &bv, &bvals)) { int i; + bool binary; if(!bv.bv_val) break; @@ -1180,7 +1180,7 @@ static CURLcode oldap_recv(struct Curl_easy *data, int sockindex, char *buf, } binary = bv.bv_len > 7 && - !strncmp(bv.bv_val + bv.bv_len - 7, ";binary", 7); + curl_strnequal(bv.bv_val + bv.bv_len - 7, ";binary", 7); for(i = 0; bvals[i].bv_val != NULL; i++) { bool binval = FALSE; From 446dae5bfe3277d9458321f6888d7e214f832a21 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Wed, 29 Oct 2025 09:48:50 +0100 Subject: [PATCH 0631/2408] ngtcp2: overwrite rate-limits defaults In pytests test_08 with the Caddy server, the new rate-limiting in ngtcp2 did close the connection because it found "too many" stream data packet repeats. It is unclear if this is some Caddy issue or if the ngtcp2 implementaton is wrong. Or if curl can do anything here. Reported as https://github.com/ngtcp2/ngtcp2/issues/1850 This PR overwrites the ratelimit defaults in ngtcp2 with ten times increased values. This makes the errors disappear on macOS. Enable test_08_04/05 in CI again to see if there are any issues to be found there. (We had those disabled before having parallel pytests.) Closes #19274 --- lib/vquic/curl_ngtcp2.c | 20 ++++---------------- tests/http/test_08_caddy.py | 3 --- 2 files changed, 4 insertions(+), 19 deletions(-) diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index 3493f996ce..f72f6630f5 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -457,17 +457,6 @@ static void quic_settings(struct cf_ngtcp2_ctx *ctx, struct Curl_easy *data, struct pkt_io_ctx *pktx) { -#ifdef NGTCP2_SETTINGS_V2x -static uint16_t mtu_probes[] = { - 1472, /* what h2o offers */ - 1452, /* what Caddy offers */ - 1454 - 48, /* The well known MTU used by a domestic optic fiber - service in Japan. */ - 1390 - 48, /* Typical Tunneled MTU */ - 1280 - 48, /* IPv6 minimum MTU */ - 1492 - 48, /* PPPoE */ -}; -#endif ngtcp2_settings *s = &ctx->settings; ngtcp2_transport_params *t = &ctx->transport_params; @@ -485,12 +474,11 @@ static uint16_t mtu_probes[] = { s->max_window = 100 * ctx->max_stream_window; s->max_stream_window = 10 * ctx->max_stream_window; s->no_pmtud = FALSE; -#ifdef NGTCP2_SETTINGS_V2x - s->pmtud_probes = mtu_probes; - s->pmtud_probeslen = CURL_ARRAYSIZE(mtu_probes); - s->max_tx_udp_payload_size = 64 * 1024; /* mtu_probes[0]; */ +#ifdef NGTCP2_SETTINGS_V3 + /* try ten times the ngtcp2 defaults here for problems with Caddy */ + s->glitch_ratelim_burst = 1000 * 10; + s->glitch_ratelim_rate = 33 * 10; #endif - t->initial_max_data = 10 * ctx->max_stream_window; t->initial_max_stream_data_bidi_local = ctx->max_stream_window; t->initial_max_stream_data_bidi_remote = ctx->max_stream_window; diff --git a/tests/http/test_08_caddy.py b/tests/http/test_08_caddy.py index 3073607e04..319ffeb962 100644 --- a/tests/http/test_08_caddy.py +++ b/tests/http/test_08_caddy.py @@ -108,7 +108,6 @@ class TestCaddy: # download 5MB files sequentially @pytest.mark.skipif(condition=Env().slow_network, reason="not suitable for slow network tests") - @pytest.mark.skipif(condition=Env().ci_run, reason="not suitable for CI runs") @pytest.mark.parametrize("proto", ['h2', 'h3']) def test_08_04a_download_10mb_sequential(self, env: Env, caddy: Caddy, proto): if proto == 'h3' and not env.have_h3_curl(): @@ -121,7 +120,6 @@ class TestCaddy: # download 10MB files sequentially @pytest.mark.skipif(condition=Env().slow_network, reason="not suitable for slow network tests") - @pytest.mark.skipif(condition=Env().ci_run, reason="not suitable for CI runs") @pytest.mark.parametrize("proto", ['h2', 'h3']) def test_08_04b_download_10mb_sequential(self, env: Env, caddy: Caddy, proto): if proto == 'h3' and not env.have_h3_curl(): @@ -135,7 +133,6 @@ class TestCaddy: # download 10MB files parallel @pytest.mark.skipif(condition=Env().slow_network, reason="not suitable for slow network tests") @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3']) - @pytest.mark.skipif(condition=Env().ci_run, reason="not suitable for CI runs") def test_08_05_download_1mb_parallel(self, env: Env, caddy: Caddy, proto): if proto == 'h3' and not env.have_h3_curl(): pytest.skip("h3 not supported in curl") From 7973cb0b3ef2f2de677e65bc29062c122536262b Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 29 Oct 2025 13:31:23 +0100 Subject: [PATCH 0632/2408] http: fix `-Wunreachable-code` in !websockets !unity builds Also requires non-unity build. Possibly more non-default options are necessary to reproduce. Seen with llvm/clang. ``` lib/http.c:1856:15: error: code will never be executed [-Werror,-Wunreachable-code] 1856 | httpreq = HTTPREQ_GET; | ^~~~~~~~~~~ 1 error generated. ``` Closes #19275 --- lib/http.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/lib/http.c b/lib/http.c index 0b55796dc5..b8a4edef61 100644 --- a/lib/http.c +++ b/lib/http.c @@ -1852,9 +1852,12 @@ void Curl_http_method(struct Curl_easy *data, { Curl_HttpReq httpreq = (Curl_HttpReq)data->state.httpreq; const char *request; +#ifndef CURL_DISABLE_WEBSOCKETS if(data->conn->handler->protocol&(CURLPROTO_WS|CURLPROTO_WSS)) httpreq = HTTPREQ_GET; - else if((data->conn->handler->protocol&(PROTO_FAMILY_HTTP|CURLPROTO_FTP)) && + else +#endif + if((data->conn->handler->protocol&(PROTO_FAMILY_HTTP|CURLPROTO_FTP)) && data->state.upload) httpreq = HTTPREQ_PUT; From 25aee8648ab1c8c5db03db0d3494523491511772 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 29 Oct 2025 14:18:11 +0100 Subject: [PATCH 0633/2408] http: fix `-Wunused-variable` in !alt-svc !proxy !ws builds ``` lib/http.c:2783:23: error: unused variable 'conn' [-Werror,-Wunused-variable] 2783 | struct connectdata *conn = data->conn; | ^~~~ 1 error generated. ``` Closes #19276 --- lib/http.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lib/http.c b/lib/http.c index b8a4edef61..16d619951f 100644 --- a/lib/http.c +++ b/lib/http.c @@ -2780,7 +2780,11 @@ static CURLcode http_add_hd(struct Curl_easy *data, Curl_HttpReq httpreq) { CURLcode result = CURLE_OK; +#if !defined(CURL_DISABLE_ALTSVC) || \ + !defined(CURL_DISABLE_PROXY) || \ + !defined(CURL_DISABLE_WEBSOCKETS) struct connectdata *conn = data->conn; +#endif switch(id) { case H1_HD_REQUEST: /* add the main request stuff */ From e64c28e243d797da4ef76d6e89598f7fc2da8869 Mon Sep 17 00:00:00 2001 From: TheBitBrine Date: Sun, 26 Oct 2025 04:39:02 +0000 Subject: [PATCH 0634/2408] imap: fix custom FETCH commands to handle literal responses Custom IMAP commands using -X (e.g. 'FETCH 123 BODY[1]') were only returning the first line of responses containing literals, instead of the full multi-line body data. The issue was that custom commands route through imap_perform_list() and imap_state_listsearch_resp(), which didn't detect or handle IMAP literal syntax {size}. This commit adds literal detection to imap_state_listsearch_resp(): - Detects literal syntax {size} in untagged responses - Writes the response header line containing the literal marker - Handles any literal body data already in the pingpong buffer - Sets up transfer layer to read remaining literal data from socket - Configures maxdownload and transfer size to include header + body - Initializes pp->overflow to 0 when no buffered data present - Modifies imap_done() to transition to FETCH_FINAL for custom commands that set up downloads Test 841 and 3206 verify. Fixes #18847 Reported-by: BohwaZ Bug: https://github.com/curl/curl/issues/18847 Closes #19246 --- lib/imap.c | 104 ++++++++++++++++- tests/data/Makefile.am | 2 +- tests/data/test3206 | 248 +++++++++++++++++++++++++++++++++++++++++ tests/data/test841 | 5 + 4 files changed, 352 insertions(+), 7 deletions(-) create mode 100644 tests/data/test3206 diff --git a/lib/imap.c b/lib/imap.c index 8cbda96a05..1902619a6f 100644 --- a/lib/imap.c +++ b/lib/imap.c @@ -1197,8 +1197,97 @@ static CURLcode imap_state_listsearch_resp(struct Curl_easy *data, (void)instate; - if(imapcode == '*') - result = Curl_client_write(data, CLIENTWRITE_BODY, line, len); + if(imapcode == '*') { + /* Check if this response contains a literal (e.g. FETCH responses with + body data). Literal syntax is {size}\r\n */ + const char *cr = memchr(line, '\r', len); + size_t line_len = cr ? (size_t)(cr - line) : len; + const char *ptr = memchr(line, '{', line_len); + if(ptr) { + curl_off_t size = 0; + bool parsed = FALSE; + ptr++; + if(!curlx_str_number(&ptr, &size, CURL_OFF_T_MAX) && + !curlx_str_single(&ptr, '}')) + parsed = TRUE; + + if(parsed) { + struct pingpong *pp = &imapc->pp; + size_t buffer_len = curlx_dyn_len(&pp->recvbuf); + size_t after_header = buffer_len - pp->nfinal; + + /* This is a literal response, setup to receive the body data */ + infof(data, "Found %" FMT_OFF_T " bytes to download", size); + /* Progress size includes both header line and literal body */ + Curl_pgrsSetDownloadSize(data, size + len); + + /* First write the header line */ + result = Curl_client_write(data, CLIENTWRITE_BODY, line, len); + if(result) + return result; + + /* Handle data already in buffer after the header line */ + if(after_header > 0) { + /* There is already data in the buffer that is part of the literal + body or subsequent responses */ + size_t chunk = after_header; + + /* Keep only the data after the header line */ + curlx_dyn_tail(&pp->recvbuf, chunk); + pp->nfinal = 0; /* done */ + + /* Limit chunk to the literal size */ + if(chunk > (size_t)size) + chunk = (size_t)size; + + if(chunk) { + /* Write the literal body data */ + result = Curl_client_write(data, CLIENTWRITE_BODY, + curlx_dyn_ptr(&pp->recvbuf), chunk); + if(result) + return result; + } + + /* Handle remaining data in buffer (either more literal data or + subsequent responses) */ + if(after_header > chunk) { + /* Keep the data after the literal body */ + pp->overflow = after_header - chunk; + curlx_dyn_tail(&pp->recvbuf, pp->overflow); + } + else { + pp->overflow = 0; + curlx_dyn_reset(&pp->recvbuf); + } + } + else { + /* No data in buffer yet, reset overflow */ + pp->overflow = 0; + } + + if(data->req.bytecount == size + (curl_off_t)len) + /* All data already transferred (header + literal body) */ + Curl_xfer_setup_nop(data); + else { + /* Setup to receive the literal body data. + maxdownload and transfer size include both header line and + literal body */ + data->req.maxdownload = size + len; + Curl_xfer_setup_recv(data, FIRSTSOCKET, size + len); + } + /* End of DO phase */ + imap_state(data, imapc, IMAP_STOP); + } + else { + /* Failed to parse literal, just write the line */ + result = Curl_client_write(data, CLIENTWRITE_BODY, line, len); + } + } + else { + /* No literal, just write the line as-is */ + result = Curl_client_write(data, CLIENTWRITE_BODY, line, len); + } + } else if(imapcode != IMAP_RESP_OK) result = CURLE_QUOTE_ERROR; else @@ -1631,10 +1720,13 @@ static CURLcode imap_done(struct Curl_easy *data, CURLcode status, connclose(conn, "IMAP done with bad status"); /* marked for closure */ result = status; /* use the already set error code */ } - else if(!data->set.connect_only && !imap->custom && - (imap->uid || imap->mindex || data->state.upload || - IS_MIME_POST(data))) { - /* Handle responses after FETCH or APPEND transfer has finished */ + else if(!data->set.connect_only && + ((!imap->custom && (imap->uid || imap->mindex)) || + (imap->custom && data->req.maxdownload > 0) || + data->state.upload || IS_MIME_POST(data))) { + /* Handle responses after FETCH or APPEND transfer has finished. + For custom commands, check if we set up a download which indicates + a FETCH-like command with literal data. */ if(!data->state.upload && !IS_MIME_POST(data)) imap_state(data, imapc, IMAP_FETCH_FINAL); diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am index 1d7445363d..22d6eca235 100644 --- a/tests/data/Makefile.am +++ b/tests/data/Makefile.am @@ -279,7 +279,7 @@ test3032 test3033 test3034 test3035 \ \ test3100 test3101 test3102 test3103 test3104 test3105 \ \ -test3200 test3201 test3202 test3203 test3204 test3205 test3207 test3208 \ +test3200 test3201 test3202 test3203 test3204 test3205 test3206 test3207 test3208 \ test3209 test3210 test3211 test3212 test3213 test3214 test3215 \ test4000 test4001 diff --git a/tests/data/test3206 b/tests/data/test3206 new file mode 100644 index 0000000000..2bcb82e152 --- /dev/null +++ b/tests/data/test3206 @@ -0,0 +1,248 @@ + + + +IMAP +Clear Text +FETCH +CUSTOMREQUEST + + + +# +# Server-side + + +Line 001: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 002: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 003: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 004: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 005: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 006: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 007: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 008: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 009: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 010: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 011: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 012: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 013: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 014: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 015: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 016: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 017: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 018: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 019: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 020: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 021: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 022: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 023: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 024: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 025: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 026: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 027: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 028: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 029: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 030: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 031: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 032: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 033: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 034: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 035: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 036: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 037: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 038: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 039: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 040: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 041: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 042: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 043: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 044: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 045: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 046: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 047: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 048: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 049: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 050: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 051: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 052: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 053: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 054: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 055: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 056: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 057: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 058: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 059: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 060: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 061: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 062: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 063: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 064: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 065: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 066: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 067: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 068: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 069: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 070: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 071: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 072: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 073: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 074: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 075: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 076: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 077: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 078: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 079: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 080: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 081: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 082: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 083: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 084: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 085: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 086: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 087: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 088: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 089: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 090: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 091: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 092: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 093: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 094: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 095: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 096: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 097: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 098: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 099: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 100: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX + + + +* 456 FETCH (BODY[TEXT] {7101} +Line 001: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 002: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 003: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 004: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 005: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 006: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 007: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 008: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 009: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 010: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 011: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 012: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 013: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 014: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 015: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 016: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 017: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 018: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 019: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 020: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 021: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 022: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 023: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 024: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 025: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 026: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 027: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 028: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 029: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 030: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 031: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 032: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 033: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 034: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 035: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 036: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 037: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 038: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 039: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 040: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 041: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 042: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 043: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 044: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 045: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 046: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 047: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 048: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 049: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 050: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 051: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 052: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 053: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 054: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 055: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 056: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 057: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 058: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 059: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 060: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 061: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 062: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 063: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 064: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 065: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 066: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 067: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 068: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 069: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 070: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 071: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 072: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 073: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 074: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 075: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 076: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 077: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 078: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 079: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 080: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 081: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 082: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 083: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 084: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 085: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 086: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 087: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 088: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 089: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 090: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 091: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 092: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 093: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 094: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 095: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 096: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 097: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 098: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 099: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX +Line 100: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX + + + + +# +# Client-side + + +imap + + +IMAP custom FETCH with larger literal response (~7KB) + + + imap://%HOSTIP:%IMAPPORT/%TESTNUMBER/ -u user:secret -X 'FETCH 456 BODY[TEXT]' + + + +# +# Verify data after the test has been "shot" + + +A001 CAPABILITY +A002 LOGIN user secret +A003 SELECT %TESTNUMBER +A004 FETCH 456 BODY[TEXT] +A005 LOGOUT + + + diff --git a/tests/data/test841 b/tests/data/test841 index cc1d075fbc..debf6cfb84 100644 --- a/tests/data/test841 +++ b/tests/data/test841 @@ -20,6 +20,11 @@ body * 123 FETCH (BODY[1] {70} +body + ++ Curl did not used to like this line +-- + yours sincerely From 55d4767876eae8678ab069082aa7fe8fe316a021 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 30 Oct 2025 08:53:09 +0100 Subject: [PATCH 0635/2408] tests: use %repeat[] to make tests smaller Avoid putting huge chunks of repeated texts in test cases. test3206, test1060, test1061 and test22 Closes #19279 --- tests/data/test1060 | 805 +------------------------------------------- tests/data/test1061 | 803 +------------------------------------------ tests/data/test22 | 4 +- tests/data/test3206 | 206 +----------- 4 files changed, 10 insertions(+), 1808 deletions(-) diff --git a/tests/data/test1060 b/tests/data/test1060 index 50ce55a87f..b64e202e81 100644 --- a/tests/data/test1060 +++ b/tests/data/test1060 @@ -17,809 +17,10 @@ HTTP proxy Digest auth HTTP/1.1 407 Authorization Required to proxy me my dear Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345" -Content-Length: 40000 +Content-Length: 35701 X-tra-long-header: %repeat[16080 x a]% -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa +%repeat[700 x And you should ignore this data. aaaaaaaaaaaaaaaa %0a]% # this is returned when we get a GET! @@ -844,7 +45,7 @@ Server: no HTTP/1.1 407 Authorization Required to proxy me my dear Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345" -Content-Length: 40000 +Content-Length: 35701 X-tra-long-header: %repeat[16080 x a]% HTTP/1.1 200 OK diff --git a/tests/data/test1061 b/tests/data/test1061 index 9e2402a584..1ec22f9426 100644 --- a/tests/data/test1061 +++ b/tests/data/test1061 @@ -21,807 +21,8 @@ Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345" Transfer-Encoding: chunked X-tra-long-header: %repeat[16080 x a]% -9c40 -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -And you should ignore this data. aaaaaaaaaaaaaaaa -end of 1 KB aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa +9c41 +%repeat[800 x And you should ignore this data. aaaaaaaaaaaaaaa %0a]% 0 diff --git a/tests/data/test22 b/tests/data/test22 index b594a9cf74..9007782793 100644 --- a/tests/data/test22 +++ b/tests/data/test22 @@ -25,14 +25,14 @@ http get HTTP with URL > 10000 bytes -%HOSTIP:%HTTPPORT/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/%TESTNUMBER +%HOSTIP:%HTTPPORT/%repeat[11000 x a]%/%TESTNUMBER # Verify data after the test has been "shot" -GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/%TESTNUMBER HTTP/1.1 +GET /%repeat[11000 x a]%/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION Accept: */* diff --git a/tests/data/test3206 b/tests/data/test3206 index 2bcb82e152..d47494a866 100644 --- a/tests/data/test3206 +++ b/tests/data/test3206 @@ -12,211 +12,11 @@ CUSTOMREQUEST # Server-side -Line 001: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 002: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 003: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 004: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 005: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 006: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 007: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 008: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 009: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 010: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 011: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 012: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 013: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 014: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 015: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 016: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 017: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 018: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 019: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 020: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 021: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 022: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 023: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 024: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 025: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 026: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 027: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 028: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 029: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 030: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 031: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 032: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 033: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 034: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 035: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 036: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 037: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 038: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 039: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 040: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 041: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 042: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 043: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 044: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 045: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 046: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 047: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 048: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 049: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 050: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 051: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 052: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 053: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 054: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 055: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 056: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 057: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 058: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 059: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 060: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 061: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 062: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 063: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 064: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 065: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 066: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 067: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 068: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 069: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 070: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 071: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 072: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 073: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 074: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 075: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 076: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 077: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 078: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 079: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 080: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 081: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 082: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 083: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 084: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 085: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 086: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 087: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 088: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 089: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 090: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 091: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 092: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 093: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 094: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 095: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 096: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 097: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 098: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 099: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 100: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX - +%repeat[120 x Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX%0d]% -* 456 FETCH (BODY[TEXT] {7101} -Line 001: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 002: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 003: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 004: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 005: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 006: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 007: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 008: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 009: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 010: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 011: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 012: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 013: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 014: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 015: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 016: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 017: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 018: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 019: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 020: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 021: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 022: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 023: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 024: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 025: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 026: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 027: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 028: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 029: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 030: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 031: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 032: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 033: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 034: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 035: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 036: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 037: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 038: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 039: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 040: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 041: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 042: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 043: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 044: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 045: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 046: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 047: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 048: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 049: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 050: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 051: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 052: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 053: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 054: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 055: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 056: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 057: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 058: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 059: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 060: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 061: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 062: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 063: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 064: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 065: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 066: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 067: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 068: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 069: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 070: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 071: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 072: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 073: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 074: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 075: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 076: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 077: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 078: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 079: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 080: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 081: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 082: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 083: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 084: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 085: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 086: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 087: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 088: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 089: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 090: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 091: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 092: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 093: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 094: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 095: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 096: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 097: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 098: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 099: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX -Line 100: Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX - +* 456 FETCH (BODY[TEXT] {7201} +%repeat[120 x Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX%0d]% From c1f1b66d78f27ab17f073c1ce3af595975b6e662 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 30 Oct 2025 08:44:51 +0100 Subject: [PATCH 0636/2408] pop3: check for CAPA responses case insensitively Reported by ZeroPath Closes #19278 --- lib/pop3.c | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/lib/pop3.c b/lib/pop3.c index c6b6ed659c..affd64276c 100644 --- a/lib/pop3.c +++ b/lib/pop3.c @@ -878,15 +878,15 @@ static CURLcode pop3_state_capa_resp(struct Curl_easy *data, int pop3code, /* Do we have an untagged continuation response? */ if(pop3code == '*') { /* Does the server support the STLS capability? */ - if(len >= 4 && !memcmp(line, "STLS", 4)) + if(len >= 4 && curl_strnequal(line, "STLS", 4)) pop3c->tls_supported = TRUE; /* Does the server support clear text authentication? */ - else if(len >= 4 && !memcmp(line, "USER", 4)) + else if(len >= 4 && curl_strnequal(line, "USER", 4)) pop3c->authtypes |= POP3_TYPE_CLEARTEXT; /* Does the server support SASL based authentication? */ - else if(len >= 5 && !memcmp(line, "SASL ", 5)) { + else if(len >= 5 && curl_strnequal(line, "SASL ", 5)) { pop3c->authtypes |= POP3_TYPE_SASL; /* Advance past the SASL keyword */ @@ -896,13 +896,10 @@ static CURLcode pop3_state_capa_resp(struct Curl_easy *data, int pop3code, /* Loop through the data line */ for(;;) { size_t llen; - size_t wordlen; + size_t wordlen = 0; unsigned short mechbit; - while(len && - (*line == ' ' || *line == '\t' || - *line == '\r' || *line == '\n')) { - + while(len && (ISBLANK(*line) || ISNEWLINE(*line))) { line++; len--; } @@ -911,9 +908,8 @@ static CURLcode pop3_state_capa_resp(struct Curl_easy *data, int pop3code, break; /* Extract the word */ - for(wordlen = 0; wordlen < len && line[wordlen] != ' ' && - line[wordlen] != '\t' && line[wordlen] != '\r' && - line[wordlen] != '\n';) + while(wordlen < len && !ISBLANK(line[wordlen]) && + !ISNEWLINE(line[wordlen])) wordlen++; /* Test the word for a matching authentication mechanism */ From fbc4d59151dc4a56052f3a92da3682dc97b32148 Mon Sep 17 00:00:00 2001 From: x2018 Date: Tue, 28 Oct 2025 23:35:45 +0800 Subject: [PATCH 0637/2408] conncache: prevent integer overflow in maxconnects calculation Closes #19271 --- lib/conncache.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/lib/conncache.c b/lib/conncache.c index 67e2a63d8a..5c4bc357cc 100644 --- a/lib/conncache.c +++ b/lib/conncache.c @@ -531,12 +531,19 @@ static bool cpool_foreach(struct Curl_easy *data, bool Curl_cpool_conn_now_idle(struct Curl_easy *data, struct connectdata *conn) { - unsigned int maxconnects = !data->multi->maxconnects ? - (Curl_multi_xfers_running(data->multi) * 4) : data->multi->maxconnects; + unsigned int maxconnects; struct connectdata *oldest_idle = NULL; struct cpool *cpool = cpool_get_instance(data); bool kept = TRUE; + if(!data->multi->maxconnects) { + unsigned int running = Curl_multi_xfers_running(data->multi); + maxconnects = (running <= UINT_MAX / 4) ? running * 4 : UINT_MAX; + } + else { + maxconnects = data->multi->maxconnects; + } + conn->lastused = curlx_now(); /* it was used up until now */ if(cpool && maxconnects) { /* may be called form a callback already under lock */ From 80258309b26546e27837432b0121f4e65e74b030 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 30 Oct 2025 14:42:03 +0100 Subject: [PATCH 0638/2408] lib: reduce memcpy calls socks_gssapi: the malloc + memcpy was superflous and can be skipped cleartext: avoid malloc + three memcpy with aprintf() digest_sspi: use memdup0 instead of malloc + memcpy vtls: use memdup0 instead of malloc + memcpy Closes #19282 --- lib/socks_gssapi.c | 16 +++------------- lib/vauth/cleartext.c | 41 +++++++++++++++-------------------------- lib/vauth/digest_sspi.c | 13 ++----------- lib/vtls/vtls.c | 5 ++--- 4 files changed, 22 insertions(+), 53 deletions(-) diff --git a/lib/socks_gssapi.c b/lib/socks_gssapi.c index 34380ae9a0..929132f570 100644 --- a/lib/socks_gssapi.c +++ b/lib/socks_gssapi.c @@ -126,7 +126,6 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, gss_name_t server = GSS_C_NO_NAME; gss_name_t gss_client_name = GSS_C_NO_NAME; unsigned short us_length; - char *user = NULL; unsigned char socksreq[4]; /* room for GSS-API exchange header only */ const char *serviceptr = data->set.str[STRING_PROXY_SERVICE_NAME] ? data->set.str[STRING_PROXY_SERVICE_NAME] : "rcmd"; @@ -327,21 +326,12 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, failf(data, "Failed to determine username."); return CURLE_COULDNT_CONNECT; } - user = malloc(gss_send_token.length + 1); - if(!user) { - Curl_gss_delete_sec_context(&gss_status, &gss_context, NULL); - gss_release_name(&gss_status, &gss_client_name); - gss_release_buffer(&gss_status, &gss_send_token); - return CURLE_OUT_OF_MEMORY; - } - memcpy(user, gss_send_token.value, gss_send_token.length); - user[gss_send_token.length] = '\0'; + infof(data, "SOCKS5 server authenticated user %.*s with GSS-API.", + (int)gss_send_token.length, (char *)gss_send_token.value); + gss_release_name(&gss_status, &gss_client_name); gss_release_buffer(&gss_status, &gss_send_token); - infof(data, "SOCKS5 server authenticated user %s with GSS-API.",user); - free(user); - user = NULL; /* Do encryption */ socksreq[0] = 1; /* GSS-API subnegotiation version */ diff --git a/lib/vauth/cleartext.c b/lib/vauth/cleartext.c index dcfb13912d..884ebce0f2 100644 --- a/lib/vauth/cleartext.c +++ b/lib/vauth/cleartext.c @@ -62,35 +62,24 @@ CURLcode Curl_auth_create_plain_message(const char *authzid, const char *passwd, struct bufref *out) { - char *plainauth; - size_t plainlen; - size_t zlen; - size_t clen; - size_t plen; + size_t len; + char *auth; - zlen = (authzid == NULL ? 0 : strlen(authzid)); - clen = strlen(authcid); - plen = strlen(passwd); + size_t zlen = (authzid == NULL ? 0 : strlen(authzid)); + size_t clen = strlen(authcid); + size_t plen = strlen(passwd); - /* Compute binary message length. Check for overflows. */ - if((zlen > SIZE_MAX/4) || (clen > SIZE_MAX/4) || - (plen > (SIZE_MAX/2 - 2))) + if((zlen > CURL_MAX_INPUT_LENGTH) || (clen > CURL_MAX_INPUT_LENGTH) || + (plen > CURL_MAX_INPUT_LENGTH)) + return CURLE_TOO_LARGE; + + len = zlen + clen + plen + 2; + + auth = curl_maprintf("%s%c%s%c%s", authzid ? authzid : "", '\0', + authcid, '\0', passwd); + if(!auth) return CURLE_OUT_OF_MEMORY; - plainlen = zlen + clen + plen + 2; - - plainauth = malloc(plainlen + 1); - if(!plainauth) - return CURLE_OUT_OF_MEMORY; - - /* Calculate the reply */ - if(zlen) - memcpy(plainauth, authzid, zlen); - plainauth[zlen] = '\0'; - memcpy(plainauth + zlen + 1, authcid, clen); - plainauth[zlen + clen + 1] = '\0'; - memcpy(plainauth + zlen + clen + 2, passwd, plen); - plainauth[plainlen] = '\0'; - Curl_bufref_set(out, plainauth, plainlen, curl_free); + Curl_bufref_set(out, auth, len, curl_free); return CURLE_OK; } diff --git a/lib/vauth/digest_sspi.c b/lib/vauth/digest_sspi.c index 5bf3770565..9441ee26fc 100644 --- a/lib/vauth/digest_sspi.c +++ b/lib/vauth/digest_sspi.c @@ -629,24 +629,15 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data, Curl_sspi_free_identity(p_identity); } - resp = malloc(output_token_len + 1); + resp = Curl_memdup0((const char *)output_token, output_token_len); + free(output_token); if(!resp) { - free(output_token); - return CURLE_OUT_OF_MEMORY; } - /* Copy the generated response */ - memcpy(resp, output_token, output_token_len); - resp[output_token_len] = 0; - /* Return the response */ *outptr = resp; *outlen = output_token_len; - - /* Free the response buffer */ - free(output_token); - return CURLE_OK; } diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c index 3cd60e91b9..22d820b160 100644 --- a/lib/vtls/vtls.c +++ b/lib/vtls/vtls.c @@ -75,6 +75,7 @@ #include "../select.h" #include "../setopt.h" #include "../rand.h" +#include "../strdup.h" #ifdef USE_APPLE_SECTRUST #include @@ -2060,11 +2061,9 @@ CURLcode Curl_alpn_set_negotiated(struct Curl_cfilter *cf, result = CURLE_SSL_CONNECT_ERROR; goto out; } - connssl->negotiated.alpn = malloc(proto_len + 1); + connssl->negotiated.alpn = Curl_memdup0((const char *)proto, proto_len); if(!connssl->negotiated.alpn) return CURLE_OUT_OF_MEMORY; - memcpy(connssl->negotiated.alpn, proto, proto_len); - connssl->negotiated.alpn[proto_len] = 0; } if(proto && proto_len) { From c5de083bcc92e8edecbb4214b0ca5107496a80f6 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 30 Oct 2025 11:32:15 +0100 Subject: [PATCH 0639/2408] base64: make base64_encode() error on too long input The maximum size is set to 16MB. It should not possible to call this function with this large input, but this is a precaution to catch mistakes and replaces the earlier check on architectures with small size_t. Closes #19280 --- lib/curlx/base64.c | 8 ++++---- lib/curlx/base64.h | 4 ++++ 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/lib/curlx/base64.c b/lib/curlx/base64.c index 5f6887bd5c..ef07243dd3 100644 --- a/lib/curlx/base64.c +++ b/lib/curlx/base64.c @@ -184,10 +184,10 @@ static CURLcode base64_encode(const char *table64, if(!insize) return CURLE_OK; -#if SIZEOF_SIZE_T == 4 - if(insize > UINT_MAX/4) - return CURLE_OUT_OF_MEMORY; -#endif + /* safety precaution */ + DEBUGASSERT(insize <= CURL_MAX_BASE64_INPUT); + if(insize > CURL_MAX_BASE64_INPUT) + return CURLE_TOO_LARGE; base64data = output = malloc((insize + 2) / 3 * 4 + 1); if(!output) diff --git a/lib/curlx/base64.h b/lib/curlx/base64.h index 026f80e4d3..31cfcb36e7 100644 --- a/lib/curlx/base64.h +++ b/lib/curlx/base64.h @@ -33,4 +33,8 @@ CURLcode curlx_base64_decode(const char *src, extern const char Curl_base64encdec[]; +/* maximum input length acceptable to base64 encode, here to catch and prevent + mistakes */ +#define CURL_MAX_BASE64_INPUT 16000000 + #endif /* HEADER_CURL_BASE64_H */ From a83eae4d53911aa7fb9396a76b027165f9e63f61 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 30 Oct 2025 14:41:48 +0000 Subject: [PATCH 0640/2408] GHA: update libressl/portable to v4.2.1 Closes #19283 --- .github/workflows/http3-linux.yml | 2 +- .github/workflows/linux.yml | 2 +- .github/workflows/macos.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index c532a35c15..ff24d0fa4b 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -41,7 +41,7 @@ env: # handled in renovate.json OPENSSL_VERSION: 3.6.0 # renovate: datasource=github-tags depName=libressl/portable versioning=semver registryUrl=https://github.com - LIBRESSL_VERSION: 4.2.0 + LIBRESSL_VERSION: 4.2.1 # renovate: datasource=github-tags depName=awslabs/aws-lc versioning=semver registryUrl=https://github.com AWSLC_VERSION: 1.61.4 # renovate: datasource=github-tags depName=google/boringssl versioning=semver registryUrl=https://github.com diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index e28354c257..6eeb6b697e 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -38,7 +38,7 @@ env: CURL_CI: github CURL_CLANG_TIDYFLAGS: '-checks=-clang-analyzer-security.insecureAPI.bzero,-clang-analyzer-security.insecureAPI.strcpy,-clang-analyzer-optin.performance.Padding,-clang-analyzer-security.ArrayBound,-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling,-clang-analyzer-valist.Uninitialized' # renovate: datasource=github-tags depName=libressl/portable versioning=semver registryUrl=https://github.com - LIBRESSL_VERSION: 4.2.0 + LIBRESSL_VERSION: 4.2.1 # renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?.+)-stable$ registryUrl=https://github.com WOLFSSL_VERSION: 5.8.2 # renovate: datasource=github-tags depName=Mbed-TLS/mbedtls versioning=semver registryUrl=https://github.com diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index 1e9f2408a8..00d8fabcbb 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -59,7 +59,7 @@ jobs: MATRIX_BUILD: ${{ matrix.build.generate && 'cmake' || 'autotools' }} MATRIX_OPTIONS: ${{ matrix.build.options }} # renovate: datasource=github-tags depName=libressl/portable versioning=semver registryUrl=https://github.com - LIBRESSL_VERSION: 4.2.0 + LIBRESSL_VERSION: 4.2.1 strategy: fail-fast: false matrix: From eb22e37060a8f3ad4fd9511db136c1edbb3b2a85 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 30 Oct 2025 12:57:06 +0100 Subject: [PATCH 0641/2408] tests: use %repeat[] to make tests smaller (cont.) tests: 46, 265, 304, 316, 397, 443, 551, 552, 559, 651, 742, 775, 1003, 1005, 1006, 1008, 1062, 1070, 1086, 1112, 1151, 1160, 1178, 1192, 1193, 1205, 1237, 3207. Total `test*` size reduction: 2,395,537 -> 2,165,631 bytes. Follow-up to 55d4767876eae8678ab069082aa7fe8fe316a021 #19279 Closes #19281 --- tests/data/test1003 | 2 +- tests/data/test1005 | 2 +- tests/data/test1006 | 2 +- tests/data/test1008 | 2 +- tests/data/test1062 | 2 +- tests/data/test1070 | 2 +- tests/data/test1086 | 51 +---------------- tests/data/test1112 | 51 +---------------- tests/data/test1151 | 12 ++-- tests/data/test1160 | 2 +- tests/data/test1178 | 2 +- tests/data/test1192 | 6 +- tests/data/test1193 | 21 +------ tests/data/test1205 | 2 +- tests/data/test1237 | 2 +- tests/data/test265 | 2 +- tests/data/test304 | 4 +- tests/data/test316 | 131 +------------------------------------------- tests/data/test3207 | 131 +------------------------------------------- tests/data/test397 | 131 +------------------------------------------- tests/data/test443 | 42 +++++++------- tests/data/test46 | 4 +- tests/data/test551 | 6 +- tests/data/test552 | 4 +- tests/data/test559 | 4 +- tests/data/test651 | 2 +- tests/data/test742 | 8 +-- tests/data/test775 | 2 +- 28 files changed, 67 insertions(+), 565 deletions(-) diff --git a/tests/data/test1003 b/tests/data/test1003 index 06cfbb61b0..c4a1bb001a 100644 --- a/tests/data/test1003 +++ b/tests/data/test1003 @@ -14,7 +14,7 @@ mooo # a ~17000 bytes response string to CWD to make sure the ftp parser deals # with it nicely -REPLY CWD 250 CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB +REPLY CWD 250 C%repeat[16998 x A]%B diff --git a/tests/data/test1005 b/tests/data/test1005 index 28af85f40e..1827fbdc8c 100644 --- a/tests/data/test1005 +++ b/tests/data/test1005 @@ -14,7 +14,7 @@ mooo # a long set of response strings to CWD to make sure the ftp parser deals # with it nicely -REPLY CWD 250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250 Finally, here is the response +REPLY CWD %repeat[226 x 250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n]%250 Finally, here is the response diff --git a/tests/data/test1006 b/tests/data/test1006 index b3d0936724..13d426d053 100644 --- a/tests/data/test1006 +++ b/tests/data/test1006 @@ -15,7 +15,7 @@ mooo # with it nicely. The length hits a boundary condition that may make curl # hang. -REPLY CWD 250-AAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250 Finally, here is the response +REPLY CWD 250-AAAAAAAAAAAAAAAAAAAAAAAAA\r\n%repeat[218 x 250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n]%250 Finally, here is the response diff --git a/tests/data/test1008 b/tests/data/test1008 index fee52702fb..4535d65076 100644 --- a/tests/data/test1008 +++ b/tests/data/test1008 @@ -26,7 +26,7 @@ Transfer-Encoding: chunked 20 And you should ignore this data. FA0 -XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX +%repeat[4000 x X]% 0 diff --git a/tests/data/test1062 b/tests/data/test1062 index 31a27a9473..c603345701 100644 --- a/tests/data/test1062 +++ b/tests/data/test1062 @@ -15,7 +15,7 @@ mooo # a long set of response strings to CWD to make sure the ftp parser deals # with it nicely -REPLY CWD 250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n250-A Exactly fill curl's buffer\r\n250 Finally, here is the response, boundary condition +REPLY CWD %repeat[218 x 250-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n]%250-A Exactly fill curl's buffer\r\n250 Finally, here is the response, boundary condition diff --git a/tests/data/test1070 b/tests/data/test1070 index 18c2df3adc..a2665039bb 100644 --- a/tests/data/test1070 +++ b/tests/data/test1070 @@ -41,7 +41,7 @@ rather large (larger than your typical TCP packet) so that not all of it can nor will be sent in one go as that is kind of the point of this test! Here's 2000 x 'O': -OOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO +%repeat[2000 x O]% diff --git a/tests/data/test1086 b/tests/data/test1086 index ae5e7a093e..8b7828fb2f 100644 --- a/tests/data/test1086 +++ b/tests/data/test1086 @@ -23,56 +23,7 @@ REPLY PWD 257 "/" REPLY TYPE 200 OK -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. +%repeat[50 x Long chunk of data that couldn't possibly be sent in the time allotted.%0a]% diff --git a/tests/data/test1112 b/tests/data/test1112 index 0790d0352b..2ef60a9eb7 100644 --- a/tests/data/test1112 +++ b/tests/data/test1112 @@ -23,56 +23,7 @@ REPLY PWD 257 "/" REPLY TYPE 200 OK -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. -Long chunk of data that couldn't possibly be sent in the time allotted. +%repeat[50 x Long chunk of data that couldn't possibly be sent in the time allotted.%0a]% diff --git a/tests/data/test1151 b/tests/data/test1151 index 2da611ebfa..dd916a6133 100644 --- a/tests/data/test1151 +++ b/tests/data/test1151 @@ -22,10 +22,10 @@ Server: test-server/fake Content-Type: text/html Funny-head: yesyes swsclose Set-Cookie: foobar=name; domain=127.0.0.1; path=/; -Set-Cookie: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB; domain=127.0.0.1; path=/; -Set-Cookie: CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC=BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB; domain=127.0.0.1; path=/; -Set-Cookie: DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD=E; domain=127.0.0.1; path=/; -Set-Cookie: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF=E; domain=127.0.0.1; path=/; +Set-Cookie: %repeat[3000 x A]%=%repeat[1096 x B]%; domain=127.0.0.1; path=/; +Set-Cookie: %repeat[3000 x C]%=%repeat[1097 x B]%; domain=127.0.0.1; path=/; +Set-Cookie: %repeat[4096 x D]%=E; domain=127.0.0.1; path=/; +Set-Cookie: %repeat[4094 x F]%=E; domain=127.0.0.1; path=/; @@ -60,8 +60,8 @@ Accept: */* # https://curl.se/docs/http-cookies.html # This file was generated by libcurl! Edit at your own risk. -127.0.0.1 FALSE / FALSE 0 FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF E -127.0.0.1 FALSE / FALSE 0 AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB +127.0.0.1 FALSE / FALSE 0 %repeat[4094 x F]% E +127.0.0.1 FALSE / FALSE 0 %repeat[3000 x A]% %repeat[1096 x B]% 127.0.0.1 FALSE / FALSE 0 foobar name diff --git a/tests/data/test1160 b/tests/data/test1160 index c24decedca..d503945fe3 100644 --- a/tests/data/test1160 +++ b/tests/data/test1160 @@ -15,7 +15,7 @@ cookies HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Content-Length: 0 -Set-Cookie: ____________%hex[%ff]hex%= ; %hex[%ff]hex% zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz%hex[%86%85%85%80]hex%zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz%hex[%fa]hex%zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz%hex[%f3%a0%81%96]hex%zzzzzzzzzzzz~zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz%hex[%b6]hex%zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz +Set-Cookie: ____________%hex[%ff]hex%= ;%repeat[117 x %20]%%hex[%ff]hex%%repeat[2602 x %20]%%repeat[434 x z]%%hex[%86%85%85%80]hex%%repeat[49 x z]%%hex[%fa]hex%%repeat[540 x z]%%hex[%f3%a0%81%96]hex%zzzzzzzzzzzz~%repeat[82 x z]%%hex[%b6]hex%%repeat[364 x z]% diff --git a/tests/data/test1178 b/tests/data/test1178 index ac42ee52de..52eea37fec 100644 --- a/tests/data/test1178 +++ b/tests/data/test1178 @@ -30,7 +30,7 @@ HTTP proxy auth with credentials longer than 256 bytes # 400 x 'A' : 600 x 'B' ... -http://%HOSTIP:%HTTPPORT/we/want/that/page/%TESTNUMBER -x http://%HOSTIP:%HTTPPORT -U AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA:BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB +http://%HOSTIP:%HTTPPORT/we/want/that/page/%TESTNUMBER -x http://%HOSTIP:%HTTPPORT -U %repeat[400 x A]%:%repeat[600 x B]% proxy diff --git a/tests/data/test1192 b/tests/data/test1192 index 47036ab83e..c1b1fd7900 100644 --- a/tests/data/test1192 +++ b/tests/data/test1192 @@ -30,7 +30,7 @@ mqtt MQTT SUBSCRIBE 2k topic -mqtt://%HOSTIP:%MQTTPORT/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/%TESTNUMBER +mqtt://%HOSTIP:%MQTTPORT/%repeat[2048 x A]%/%TESTNUMBER @@ -47,9 +47,9 @@ s/^(.* 00044d5154540402003c000c6375726c).*/$1/ client CONNECT 18 00044d5154540402003c000c6375726c server CONNACK 2 20020000 -client SUBSCRIBE 80a 0001080541414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141412f3131393200 +client SUBSCRIBE 80a 000108054%repeat[2047 x 14]%12f3131393200 server SUBACK 3 9003000100 -server PUBLISH 80d 308d10080541414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141412f3131393268656c6c6f0a +server PUBLISH 80d 308d1008054%repeat[2047 x 14]%12f3131393268656c6c6f0a server DISCONNECT 0 e000 diff --git a/tests/data/test1193 b/tests/data/test1193 index 531efa2597..5e6b1c82e7 100644 --- a/tests/data/test1193 +++ b/tests/data/test1193 @@ -29,26 +29,7 @@ MQTT PUBLISH 2k payload mqtt://%HOSTIP:%MQTTPORT/%TESTNUMBER -d @%LOGDIR/payload%TESTNUMBER -123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 -123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 -123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 -123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 -123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 -123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 -123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 -123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 -123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 -123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 -123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 -123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 -123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 -123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 -123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 -123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 -123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 -123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 -123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 -123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 +%repeat[20 x 123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789%0a]% diff --git a/tests/data/test1205 b/tests/data/test1205 index 5a7fb7dc51..547ef0d1d1 100644 --- a/tests/data/test1205 +++ b/tests/data/test1205 @@ -14,7 +14,7 @@ HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Content-Length: 6 Connection: close -Funny-head: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAendofthem +Funny-head: %repeat[18000 x A]%endofthem -foo- diff --git a/tests/data/test1237 b/tests/data/test1237 index 9fc2377df7..e81d872aa9 100644 --- a/tests/data/test1237 +++ b/tests/data/test1237 @@ -27,7 +27,7 @@ http URL with 1000+ letter user name + password -"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA:BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB@%HOSTIP:%HTTPPORT/%TESTNUMBER" +"%repeat[1000 x A]%:%repeat[1002 x B]%@%HOSTIP:%HTTPPORT/%TESTNUMBER" diff --git a/tests/data/test265 b/tests/data/test265 index fd0a09717f..6b407b24dd 100644 --- a/tests/data/test265 +++ b/tests/data/test265 @@ -21,7 +21,7 @@ Connection: Keep-Alive Content-Length: 1033 And you should ignore this data. -QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ +%repeat[999 x Q]% # This is supposed to be returned when the server gets the second diff --git a/tests/data/test304 b/tests/data/test304 index 2283192e22..b7f7588c25 100644 --- a/tests/data/test304 +++ b/tests/data/test304 @@ -35,7 +35,7 @@ HTTPS multipart formpost # We create this file before the command is invoked! -aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa +%repeat[1000 x a]% @@ -64,7 +64,7 @@ curl Content-Disposition: form-data; name="file"; filename="test%TESTNUMBER.txt" Content-Type: text/plain -aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa +%repeat[1000 x a]% ------------------------------qrstuvwxyz0123456789AB-- diff --git a/tests/data/test316 b/tests/data/test316 index 0ac38bde36..3036c836b1 100644 --- a/tests/data/test316 +++ b/tests/data/test316 @@ -23,7 +23,7 @@ Content-Length: 31 %hex[%1b%7f%40%00%64%f1%98%cf%28%1a%eb%af%c7%12%ac%41%ab%42%62%51%f3%c8%ea%d9%7b%9f%dc%1b%00%48%00%0a]hex% - + HTTP/1.1 200 OK Date: Mon, 29 Nov 2004 21:56:53 GMT Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 @@ -32,134 +32,7 @@ Content-Type: text/html; charset=ISO-8859-1 Content-Encoding: br Content-Length: 31 -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +%repeat[128 x 0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF%0a]% diff --git a/tests/data/test3207 b/tests/data/test3207 index 7902d0ae29..4806ef5474 100644 --- a/tests/data/test3207 +++ b/tests/data/test3207 @@ -16,135 +16,8 @@ Content-Length: 29 run 1: foobar and so on fun! - -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! -run 1: foobar and so on fun! + +%repeat[128 x run 1: foobar and so on fun!%0a]% diff --git a/tests/data/test397 b/tests/data/test397 index 7528cd3559..f05fe21970 100644 --- a/tests/data/test397 +++ b/tests/data/test397 @@ -24,7 +24,7 @@ Content-Length: 47 %hex[%04%00%7c%9f%60%78%00%04%1a%1d%d2%ab%4d%3a%97%82%af%b9%9c]hex% - + HTTP/1.1 200 OK Date: Mon, 29 Nov 2004 21:56:53 GMT Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 @@ -33,134 +33,7 @@ Content-Type: text/html; charset=ISO-8859-1 Content-Encoding: zstd Content-Length: 47 -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF +%repeat[128 x 0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF%0a]% diff --git a/tests/data/test443 b/tests/data/test443 index 975d8fdaee..cbc8685ac2 100644 --- a/tests/data/test443 +++ b/tests/data/test443 @@ -41,26 +41,26 @@ Cookie header in request no longer than 8K http://attack.invalid:%HTTPPORT/a/b/%TESTNUMBER -b %LOGDIR/cookie%TESTNUMBER --resolve attack.invalid:%HTTPPORT:%HOSTIP -L -attack.invalid TRUE / FALSE 0 huge-1 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-1 -attack.invalid TRUE / FALSE 0 huge-2 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-2 -attack.invalid TRUE / FALSE 0 huge-3 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-3 -attack.invalid TRUE / FALSE 0 huge-4 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-4 -attack.invalid TRUE / FALSE 0 huge-5 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-5 -attack.invalid TRUE / FALSE 0 huge-6 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-6 -attack.invalid TRUE / FALSE 0 huge-7 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-7 -attack.invalid TRUE / FALSE 0 huge-8 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-8 -attack.invalid TRUE / FALSE 0 huge-9 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-9 -attack.invalid TRUE / FALSE 0 huge-10 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-10 -attack.invalid TRUE / FALSE 0 huge-11 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-11 -attack.invalid TRUE / FALSE 0 huge-12 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-12 -attack.invalid TRUE / FALSE 0 huge-13 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-13 -attack.invalid TRUE / FALSE 0 huge-14 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-14 -attack.invalid TRUE / FALSE 0 huge-15 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-15 -attack.invalid TRUE / FALSE 0 huge-16 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-16 -attack.invalid TRUE / FALSE 0 huge-17 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-17 -attack.invalid TRUE / FALSE 0 huge-18 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-18 -attack.invalid TRUE / FALSE 0 huge-19 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-19 -attack.invalid TRUE / FALSE 0 huge-20 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-20 +attack.invalid TRUE / FALSE 0 huge-1 %repeat[500 x a]%-1 +attack.invalid TRUE / FALSE 0 huge-2 %repeat[500 x a]%-2 +attack.invalid TRUE / FALSE 0 huge-3 %repeat[500 x a]%-3 +attack.invalid TRUE / FALSE 0 huge-4 %repeat[500 x a]%-4 +attack.invalid TRUE / FALSE 0 huge-5 %repeat[500 x a]%-5 +attack.invalid TRUE / FALSE 0 huge-6 %repeat[500 x a]%-6 +attack.invalid TRUE / FALSE 0 huge-7 %repeat[500 x a]%-7 +attack.invalid TRUE / FALSE 0 huge-8 %repeat[500 x a]%-8 +attack.invalid TRUE / FALSE 0 huge-9 %repeat[500 x a]%-9 +attack.invalid TRUE / FALSE 0 huge-10 %repeat[500 x a]%-10 +attack.invalid TRUE / FALSE 0 huge-11 %repeat[500 x a]%-11 +attack.invalid TRUE / FALSE 0 huge-12 %repeat[500 x a]%-12 +attack.invalid TRUE / FALSE 0 huge-13 %repeat[500 x a]%-13 +attack.invalid TRUE / FALSE 0 huge-14 %repeat[500 x a]%-14 +attack.invalid TRUE / FALSE 0 huge-15 %repeat[500 x a]%-15 +attack.invalid TRUE / FALSE 0 huge-16 %repeat[500 x a]%-16 +attack.invalid TRUE / FALSE 0 huge-17 %repeat[500 x a]%-17 +attack.invalid TRUE / FALSE 0 huge-18 %repeat[500 x a]%-18 +attack.invalid TRUE / FALSE 0 huge-19 %repeat[500 x a]%-19 +attack.invalid TRUE / FALSE 0 huge-20 %repeat[500 x a]%-20 cookies @@ -75,7 +75,7 @@ GET /a/b/%TESTNUMBER HTTP/1.1 Host: attack.invalid:%HTTPPORT User-Agent: curl/%VERSION Accept: */* -Cookie: huge-20=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-20; huge-19=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-19; huge-18=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-18; huge-17=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-17; huge-16=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-16; huge-15=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-15; huge-14=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-14; huge-13=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-13; huge-12=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-12; huge-11=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-11; huge-10=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-10; huge-9=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-9; huge-8=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-8; huge-7=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-7; huge-6=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-6 +Cookie: huge-20=%repeat[500 x a]%-20; huge-19=%repeat[500 x a]%-19; huge-18=%repeat[500 x a]%-18; huge-17=%repeat[500 x a]%-17; huge-16=%repeat[500 x a]%-16; huge-15=%repeat[500 x a]%-15; huge-14=%repeat[500 x a]%-14; huge-13=%repeat[500 x a]%-13; huge-12=%repeat[500 x a]%-12; huge-11=%repeat[500 x a]%-11; huge-10=%repeat[500 x a]%-10; huge-9=%repeat[500 x a]%-9; huge-8=%repeat[500 x a]%-8; huge-7=%repeat[500 x a]%-7; huge-6=%repeat[500 x a]%-6 diff --git a/tests/data/test46 b/tests/data/test46 index 0a0e84914f..cb4bc518dc 100644 --- a/tests/data/test46 +++ b/tests/data/test46 @@ -24,7 +24,7 @@ Set-Cookie: ckyPersistent=permanent; expires=Fri, 13-Feb-2037 11:56:27 GMT; path Set-Cookie: ckySession=temporary; path=/ Set-Cookie: ASPSESSIONIDQGGQQSJJ=GKNBDIFAAOFDPDAIEAKDIBKE; path=/ Set-Cookie: justaname=; path=/; -Set-Cookie: simplyhuge=zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz +Set-Cookie: simplyhuge=%repeat[3998 x z]% Cache-control: private Content-Length: 41 @@ -87,7 +87,7 @@ Cookie: empty=; mooo2=indeed2; mooo=indeed # https://curl.se/docs/http-cookies.html # This file was generated by libcurl! Edit at your own risk. -domain..tld FALSE /want/ FALSE 0 simplyhuge zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz +domain..tld FALSE /want/ FALSE 0 simplyhuge %repeat[3998 x z]% domain..tld FALSE / FALSE 0 justaname domain..tld FALSE / FALSE 0 ASPSESSIONIDQGGQQSJJ GKNBDIFAAOFDPDAIEAKDIBKE domain..tld FALSE / FALSE 0 ckySession temporary diff --git a/tests/data/test551 b/tests/data/test551 index c7a560e812..74ed907545 100644 --- a/tests/data/test551 +++ b/tests/data/test551 @@ -17,7 +17,7 @@ HTTP proxy Digest auth HTTP/1.1 407 Authorization Required swsclose Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Proxy-Authenticate: Digest realm="something fun to read", nonce="AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" +Proxy-Authenticate: Digest realm="something fun to read", nonce="%repeat[400 x A]%" Content-Type: text/html; charset=iso-8859-1 Connection: close @@ -38,7 +38,7 @@ Contents of that page you requested, sir. HTTP/1.1 407 Authorization Required swsclose Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Proxy-Authenticate: Digest realm="something fun to read", nonce="AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" +Proxy-Authenticate: Digest realm="something fun to read", nonce="%repeat[400 x A]%" Content-Type: text/html; charset=iso-8859-1 Connection: close @@ -87,7 +87,7 @@ Content-Type: application/x-www-form-urlencoded this is the blurb we want to upload POST http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 Host: test.remote.example.com -Proxy-Authorization: Digest username="s1lly", realm="something fun to read", nonce="AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA", uri="/path/%TESTNUMBER", response="3325240726fbdaf1e61f3a0dd40b930c" +Proxy-Authorization: Digest username="s1lly", realm="something fun to read", nonce="%repeat[400 x A]%", uri="/path/%TESTNUMBER", response="3325240726fbdaf1e61f3a0dd40b930c" Accept: */* Proxy-Connection: Keep-Alive Content-Length: 36 diff --git a/tests/data/test552 b/tests/data/test552 index b38a6b5e29..114fe5e0dc 100644 --- a/tests/data/test552 +++ b/tests/data/test552 @@ -19,7 +19,7 @@ HTTP proxy Digest auth HTTP/1.1 407 Authorization Required swsclose Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Proxy-Authenticate: Digest realm="something fun to read", nonce="AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" +Proxy-Authenticate: Digest realm="something fun to read", nonce="%repeat[400 x A]%" Content-Type: text/html; charset=iso-8859-1 Connection: close @@ -79,7 +79,7 @@ Content-Type: application/x-www-form-urlencoded %repeat[7000 x test data%00]%POST http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 Host: test.remote.example.com -Proxy-Authorization: Digest username="s1lly", realm="something fun to read", nonce="AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA", uri="/path/%TESTNUMBER", response="be7aedc47d821b6d847c445ded782c43" +Proxy-Authorization: Digest username="s1lly", realm="something fun to read", nonce="%repeat[400 x A]%", uri="/path/%TESTNUMBER", response="be7aedc47d821b6d847c445ded782c43" Accept: */* Proxy-Connection: Keep-Alive Content-Length: 70000 diff --git a/tests/data/test559 b/tests/data/test559 index 982209ce9d..1cd494fac8 100644 --- a/tests/data/test559 +++ b/tests/data/test559 @@ -19,9 +19,9 @@ Accept-Ranges: bytes Content-Length: 2049 Connection: close Content-Type: text/html -Silly-header: ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ +Silly-header: %repeat[511 x Z]% -ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ +%repeat[2048 x Z]% diff --git a/tests/data/test651 b/tests/data/test651 index 48e42df617..cf19bfc34a 100644 --- a/tests/data/test651 +++ b/tests/data/test651 @@ -68,7 +68,7 @@ Content-Type: multipart/form-data; boundary=---------------------------- ------------------------------ Content-Disposition: form-data; name="hello" -AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ +%repeat[1000 x A]%%repeat[1000 x B]%%repeat[1000 x C]%%repeat[1000 x D]%%repeat[1000 x E]%%repeat[1000 x F]%%repeat[1000 x G]%%repeat[1000 x H]%%repeat[1000 x I]%%repeat[1000 x J]%%repeat[1000 x K]%%repeat[1000 x L]%%repeat[1000 x M]%%repeat[1000 x N]%%repeat[1000 x O]%%repeat[1000 x P]%%repeat[999 x Q]% -------------------------------- diff --git a/tests/data/test742 b/tests/data/test742 index 34e284d18d..5f56a1a500 100644 --- a/tests/data/test742 +++ b/tests/data/test742 @@ -26,8 +26,8 @@ Funny-head: yesyes # method 2 is SOCKS5 asking for user+password method 2 -user aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -password bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb +user %repeat[255 x a]% +password %repeat[255 x b]% backendport %HTTPPORT @@ -45,7 +45,7 @@ SOCKS5-hostname with max length credentials and max host name length # target a port that won't work without the SOCKS magic -http://cccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc:%HTTPPORT -x socks5h://aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb@%HOSTIP:%SOCKSPORT +http://%repeat[254 x c]%:%HTTPPORT -x socks5h://%repeat[255 x a]%:%repeat[255 x b]%@%HOSTIP:%SOCKSPORT proxy @@ -57,7 +57,7 @@ proxy GET / HTTP/1.1 -Host: cccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc:%HTTPPORT +Host: %repeat[254 x c]%:%HTTPPORT User-Agent: curl/%VERSION Accept: */* diff --git a/tests/data/test775 b/tests/data/test775 index d9f5b122f2..7b5c3696dc 100644 --- a/tests/data/test775 +++ b/tests/data/test775 @@ -46,7 +46,7 @@ http HTTP with NTLM with too long user name -http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuserAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA:testpass --ntlm +http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser%repeat[1100 x A]%:testpass --ntlm From 1afc4bb76890e24266aca5d86c2c083ac3666adf Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 30 Oct 2025 18:18:22 +0100 Subject: [PATCH 0642/2408] tool/var: explain how the null termination byte is there Closes #19287 --- src/var.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/var.c b/src/var.c index 87f33af282..94d79695ac 100644 --- a/src/var.c +++ b/src/var.c @@ -362,6 +362,7 @@ static ParameterError addvariable(const char *name, p = calloc(1, sizeof(struct tool_var) + nlen); if(p) { memcpy(p->name, name, nlen); + /* the null termination byte is already present from above */ p->content = contalloc ? content : memdup0(content, clen); if(p->content) { From d2e8acfaa6effaa31dee91aea25ec1c54e6fa5c4 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 30 Oct 2025 23:21:00 +0100 Subject: [PATCH 0643/2408] test1100: fix missing `` section To make it actually run. Also fix the NTLM expected result, also syncing it with other tests. Follow-up to e6b21d422e631a7c0cc81abf956af179b3b4c5e8 #6037 Closes #19288 --- tests/data/test1100 | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/data/test1100 b/tests/data/test1100 index 13eaeb3177..10bf811edd 100644 --- a/tests/data/test1100 +++ b/tests/data/test1100 @@ -80,6 +80,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --ntlm -L -d "stuff to # Verify data after the test has been "shot" + POST /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= @@ -90,7 +91,7 @@ Content-Type: application/x-www-form-urlencoded POST /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyY3VybGhvc3Q= +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= User-Agent: curl/%VERSION Accept: */* Content-Length: 18 @@ -101,5 +102,6 @@ Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION Accept: */* + From 5bf9445315f0964a4848ef08ef0f2bf3ce4c3567 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 31 Oct 2025 03:41:53 +0100 Subject: [PATCH 0644/2408] ftp: fix leaking internal buffer `newhost` on error Pointed out by TIOBE scanner via Coverity 2025.3.0. Closes #19290 --- lib/ftp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/ftp.c b/lib/ftp.c index 3ac8db6813..4858ae230f 100644 --- a/lib/ftp.c +++ b/lib/ftp.c @@ -1925,7 +1925,7 @@ static CURLcode ftp_state_pasv_resp(struct Curl_easy *data, result = Curl_conn_get_ip_info(data, data->conn, FIRSTSOCKET, &is_ipv6, &ipquad); if(result) - return result; + goto error; (void)Curl_resolv_blocking(data, host_name, ipquad.remote_port, is_ipv6 ? CURL_IPRESOLVE_V6 : CURL_IPRESOLVE_V4, From 4b85e489a45c81b235d3e47d1524cbe1d6b25b06 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 31 Oct 2025 03:33:14 +0100 Subject: [PATCH 0645/2408] examples/http2-serverpush: fix file handle leaks Also: - tests/libtest/cli_h2_serverpush: re-sync formatting. Previously fixed in tests based on a local clang-tidy v20 report. Pointed out by TIOBE scanner via Coverity 2025.3.0. Follow-up to 83a8818cfebe5f2a4bab5c9ddc55fd64b5629296 #17706 Closes #19291 --- docs/examples/http2-serverpush.c | 47 +++++++++++++++++-------------- tests/libtest/cli_h2_serverpush.c | 21 +++++++------- 2 files changed, 36 insertions(+), 32 deletions(-) diff --git a/docs/examples/http2-serverpush.c b/docs/examples/http2-serverpush.c index e97be991a8..c12a5f7d2e 100644 --- a/docs/examples/http2-serverpush.c +++ b/docs/examples/http2-serverpush.c @@ -40,6 +40,8 @@ #error "too old libcurl, cannot do HTTP/2 server push!" #endif +static FILE *out_download; + static void dump(const char *text, unsigned char *ptr, size_t size, char nohex) { size_t i; @@ -127,21 +129,13 @@ static int my_trace(CURL *handle, curl_infotype type, static int setup(CURL *hnd, const char *url) { - FILE *out = fopen(OUTPUTFILE, "wb"); - if(!out) - /* failed */ - return 1; - - /* write to this file */ - curl_easy_setopt(hnd, CURLOPT_WRITEDATA, out); + out_download = fopen(OUTPUTFILE, "wb"); + if(!out_download) + return 1; /* failed */ /* set the same URL */ curl_easy_setopt(hnd, CURLOPT_URL, url); - /* please be verbose */ - curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L); - curl_easy_setopt(hnd, CURLOPT_DEBUGFUNCTION, my_trace); - /* HTTP/2 please */ curl_easy_setopt(hnd, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0); @@ -149,13 +143,22 @@ static int setup(CURL *hnd, const char *url) curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYPEER, 0L); curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYHOST, 0L); -#if (CURLPIPE_MULTIPLEX > 0) + /* write to this file */ + curl_easy_setopt(hnd, CURLOPT_WRITEDATA, out_download); + + /* please be verbose */ + curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L); + curl_easy_setopt(hnd, CURLOPT_DEBUGFUNCTION, my_trace); + +#if CURLPIPE_MULTIPLEX > 0 /* wait for pipe connection to confirm */ curl_easy_setopt(hnd, CURLOPT_PIPEWAIT, 1L); #endif return 0; /* all is good */ } +static FILE *out_push; + /* called when there is an incoming push */ static int server_push_callback(CURL *parent, CURL *easy, @@ -167,7 +170,6 @@ static int server_push_callback(CURL *parent, size_t i; int *transfers = (int *)userp; char filename[128]; - FILE *out; static unsigned int count = 0; (void)parent; @@ -175,15 +177,15 @@ static int server_push_callback(CURL *parent, snprintf(filename, sizeof(filename), "push%u", count++); /* here's a new stream, save it in a new file for each new push */ - out = fopen(filename, "wb"); - if(!out) { + out_push = fopen(filename, "wb"); + if(!out_push) { /* if we cannot save it, deny it */ fprintf(stderr, "Failed to create output file for push\n"); return CURL_PUSH_DENY; } /* write to this file */ - curl_easy_setopt(easy, CURLOPT_WRITEDATA, out); + curl_easy_setopt(easy, CURLOPT_WRITEDATA, out_push); fprintf(stderr, "**** push callback approves stream %u, got %lu headers!\n", count, (unsigned long)num_headers); @@ -199,10 +201,10 @@ static int server_push_callback(CURL *parent, } (*transfers)++; /* one more */ + return CURL_PUSH_OK; } - /* * Download a file over HTTP/2, take care of server push. */ @@ -233,13 +235,13 @@ int main(int argc, char *argv[]) return 1; } - /* add the easy transfer */ - curl_multi_add_handle(multi_handle, easy); - curl_multi_setopt(multi_handle, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX); curl_multi_setopt(multi_handle, CURLMOPT_PUSHFUNCTION, server_push_callback); curl_multi_setopt(multi_handle, CURLMOPT_PUSHDATA, &transfers); + /* add the easy transfer */ + curl_multi_add_handle(multi_handle, easy); + do { struct CURLMsg *m; int still_running; /* keep number of running handles */ @@ -257,7 +259,6 @@ int main(int argc, char *argv[]) * created and added one or more easy handles but we need to clean them up * when we are done. */ - do { int msgq = 0; m = curl_multi_info_read(multi_handle, &msgq); @@ -274,5 +275,9 @@ int main(int argc, char *argv[]) curl_multi_cleanup(multi_handle); curl_global_cleanup(); + fclose(out_download); + if(out_push) + fclose(out_push); + return 0; } diff --git a/tests/libtest/cli_h2_serverpush.c b/tests/libtest/cli_h2_serverpush.c index a865fdfd8f..10d369faaf 100644 --- a/tests/libtest/cli_h2_serverpush.c +++ b/tests/libtest/cli_h2_serverpush.c @@ -54,7 +54,7 @@ static int setup_h2_serverpush(CURL *hnd, const char *url) static FILE *out_push; -/* called when there's an incoming push */ +/* called when there is an incoming push */ static int server_push_callback(CURL *parent, CURL *easy, size_t num_headers, @@ -66,9 +66,9 @@ static int server_push_callback(CURL *parent, int *transfers = (int *)userp; char filename[128]; static unsigned int count = 0; - int rv; (void)parent; + curl_msnprintf(filename, sizeof(filename) - 1, "push%u", count++); /* here's a new stream, save it in a new file for each new push */ @@ -76,8 +76,7 @@ static int server_push_callback(CURL *parent, if(!out_push) { /* if we cannot save it, deny it */ curl_mfprintf(stderr, "Failed to create output file for push\n"); - rv = CURL_PUSH_DENY; - goto out; + return CURL_PUSH_DENY; } /* write to this file */ @@ -98,10 +97,8 @@ static int server_push_callback(CURL *parent, } (*transfers)++; /* one more */ - rv = CURL_PUSH_OK; -out: - return rv; + return CURL_PUSH_OK; } /* @@ -112,7 +109,6 @@ static CURLcode test_cli_h2_serverpush(const char *URL) CURL *easy; CURLM *multi_handle; int transfers = 1; /* we start with one */ - struct CURLMsg *m; debug_config.nohex = TRUE; debug_config.tracetime = FALSE; @@ -123,9 +119,6 @@ static CURLcode test_cli_h2_serverpush(const char *URL) } multi_handle = curl_multi_init(); - curl_multi_setopt(multi_handle, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX); - curl_multi_setopt(multi_handle, CURLMOPT_PUSHFUNCTION, server_push_callback); - curl_multi_setopt(multi_handle, CURLMOPT_PUSHDATA, &transfers); easy = curl_easy_init(); if(setup_h2_serverpush(easy, URL)) { @@ -134,8 +127,14 @@ static CURLcode test_cli_h2_serverpush(const char *URL) return (CURLcode)1; } + curl_multi_setopt(multi_handle, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX); + curl_multi_setopt(multi_handle, CURLMOPT_PUSHFUNCTION, server_push_callback); + curl_multi_setopt(multi_handle, CURLMOPT_PUSHDATA, &transfers); + curl_multi_add_handle(multi_handle, easy); + do { + struct CURLMsg *m; int still_running; /* keep number of running handles */ CURLMcode mc = curl_multi_perform(multi_handle, &still_running); From 869143b19402845855e8a0c36eb0ee67127f7a24 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 31 Oct 2025 04:22:42 +0100 Subject: [PATCH 0646/2408] examples: fix more potential resource leaks, and more Also: - delete dead code. - sync `http2-download.c` and `http2-upload.c` sources. - simplessl: fix constant expression. - simplessl: avoid `expression is constant` VS2010 warning, drop pragma. - replace large stack buffers with dynamic allocation. - http2-download: fix to fill transfer number. Some of these were pointed out by TIOBE scanner via Coverity 2025.3.0. Closes #19292 --- docs/examples/10-at-a-time.c | 14 +-- docs/examples/http2-download.c | 98 +++++++++++-------- docs/examples/http2-serverpush.c | 13 ++- docs/examples/http2-upload.c | 162 ++++++++++++++++--------------- docs/examples/sftpuploadresume.c | 35 ++++--- docs/examples/simplessl.c | 141 +++++++++++++-------------- docs/examples/smtp-authzid.c | 17 ++-- docs/examples/smtp-mail.c | 17 ++-- docs/examples/smtp-multi.c | 17 ++-- docs/examples/smtp-ssl.c | 17 ++-- docs/examples/smtp-tls.c | 17 ++-- 11 files changed, 276 insertions(+), 272 deletions(-) diff --git a/docs/examples/10-at-a-time.c b/docs/examples/10-at-a-time.c index 87971cbde6..ec38592671 100644 --- a/docs/examples/10-at-a-time.c +++ b/docs/examples/10-at-a-time.c @@ -80,7 +80,7 @@ static const char *urls[] = { "https://www.un.org", }; -#define MAX_PARALLEL 10 /* number of simultaneous transfers */ +#define MAX_PARALLEL 10 /* number of simultaneous transfers */ #define NUM_URLS sizeof(urls)/sizeof(char *) static size_t write_cb(char *data, size_t n, size_t l, void *userp) @@ -88,16 +88,18 @@ static size_t write_cb(char *data, size_t n, size_t l, void *userp) /* take care of the data here, ignored in this example */ (void)data; (void)userp; - return n*l; + return n * l; } static void add_transfer(CURLM *cm, unsigned int i, int *left) { CURL *eh = curl_easy_init(); - curl_easy_setopt(eh, CURLOPT_WRITEFUNCTION, write_cb); - curl_easy_setopt(eh, CURLOPT_URL, urls[i]); - curl_easy_setopt(eh, CURLOPT_PRIVATE, urls[i]); - curl_multi_add_handle(cm, eh); + if(eh) { + curl_easy_setopt(eh, CURLOPT_WRITEFUNCTION, write_cb); + curl_easy_setopt(eh, CURLOPT_URL, urls[i]); + curl_easy_setopt(eh, CURLOPT_PRIVATE, urls[i]); + curl_multi_add_handle(cm, eh); + } (*left)++; } diff --git a/docs/examples/http2-download.c b/docs/examples/http2-download.c index 06902415e1..15bb9fa1a5 100644 --- a/docs/examples/http2-download.c +++ b/docs/examples/http2-download.c @@ -34,13 +34,13 @@ #include #endif -/* curl stuff */ -#include - #if defined(_MSC_VER) && (_MSC_VER < 1900) #define snprintf _snprintf #endif +/* curl stuff */ +#include + #ifndef CURLPIPE_MULTIPLEX /* This little trick makes sure that we do not enable pipelining for libcurls old enough to not have this symbol. It is _not_ defined to zero in a recent @@ -49,26 +49,23 @@ #endif struct transfer { - CURL *easy; - unsigned int num; FILE *out; + CURL *easy; + int num; }; -#define NUM_HANDLES 1000 - -static void dump(const char *text, unsigned int num, unsigned char *ptr, +static void dump(const char *text, int num, unsigned char *ptr, size_t size, char nohex) { size_t i; size_t c; - unsigned int width = 0x10; if(nohex) /* without the hex output, we can fit more on screen */ width = 0x40; - fprintf(stderr, "%u %s, %lu bytes (0x%lx)\n", + fprintf(stderr, "%d %s, %lu bytes (0x%lx)\n", num, text, (unsigned long)size, (unsigned long)size); for(i = 0; i < size; i += width) { @@ -109,12 +106,12 @@ static int my_trace(CURL *handle, curl_infotype type, { const char *text; struct transfer *t = (struct transfer *)userp; - unsigned int num = t->num; + int num = t->num; (void)handle; switch(type) { case CURLINFO_TEXT: - fprintf(stderr, "== %u Info: %s", num, data); + fprintf(stderr, "== [%d] Info: %s", num, data); return 0; case CURLINFO_HEADER_OUT: text = "=> Send header"; @@ -145,12 +142,12 @@ static int my_trace(CURL *handle, curl_infotype type, static int setup(struct transfer *t, int num) { char filename[128]; - CURL *hnd; + CURL *easy; - hnd = t->easy = curl_easy_init(); + easy = t->easy = NULL; + t->num = num; snprintf(filename, sizeof(filename), "dl-%d", num); - t->out = fopen(filename, "wb"); if(!t->out) { fprintf(stderr, "error: could not open file %s for writing: %s\n", @@ -158,27 +155,31 @@ static int setup(struct transfer *t, int num) return 1; } - /* write to this file */ - curl_easy_setopt(hnd, CURLOPT_WRITEDATA, t->out); + easy = t->easy = curl_easy_init(); + if(easy) { - /* set the same URL */ - curl_easy_setopt(hnd, CURLOPT_URL, "https://localhost:8443/index.html"); + /* write to this file */ + curl_easy_setopt(easy, CURLOPT_WRITEDATA, t->out); - /* please be verbose */ - curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L); - curl_easy_setopt(hnd, CURLOPT_DEBUGFUNCTION, my_trace); - curl_easy_setopt(hnd, CURLOPT_DEBUGDATA, t); + /* set the same URL */ + curl_easy_setopt(easy, CURLOPT_URL, "https://localhost:8443/index.html"); - /* enlarge the receive buffer for potentially higher transfer speeds */ - curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 100000L); + /* please be verbose */ + curl_easy_setopt(easy, CURLOPT_VERBOSE, 1L); + curl_easy_setopt(easy, CURLOPT_DEBUGFUNCTION, my_trace); + curl_easy_setopt(easy, CURLOPT_DEBUGDATA, t); - /* HTTP/2 please */ - curl_easy_setopt(hnd, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0); + /* enlarge the receive buffer for potentially higher transfer speeds */ + curl_easy_setopt(easy, CURLOPT_BUFFERSIZE, 100000L); + + /* HTTP/2 please */ + curl_easy_setopt(easy, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0); #if (CURLPIPE_MULTIPLEX > 0) - /* wait for pipe connection to confirm */ - curl_easy_setopt(hnd, CURLOPT_PIPEWAIT, 1L); + /* wait for pipe connection to confirm */ + curl_easy_setopt(easy, CURLOPT_PIPEWAIT, 1L); #endif + } return 0; } @@ -188,8 +189,8 @@ static int setup(struct transfer *t, int num) int main(int argc, char **argv) { CURLcode res; - struct transfer trans[NUM_HANDLES]; - CURLM *multi_handle; + struct transfer *trans; + CURLM *multi_handle = NULL; int i; int still_running = 0; /* keep number of running handles */ int num_transfers; @@ -197,25 +198,30 @@ int main(int argc, char **argv) if(argc > 1) { /* if given a number, do that many transfers */ num_transfers = atoi(argv[1]); - if((num_transfers < 1) || (num_transfers > NUM_HANDLES)) - num_transfers = 3; /* a suitable low default */ + if((num_transfers < 1) || (num_transfers > 1000)) + num_transfers = 3; /* a suitable low default */ } else - num_transfers = 3; /* suitable default */ + num_transfers = 3; /* a suitable low default */ res = curl_global_init(CURL_GLOBAL_ALL); if(res) return (int)res; - memset(trans, 0, sizeof(trans)); + trans = calloc(num_transfers, sizeof(*trans)); + if(!trans) { + fprintf(stderr, "error allocating transfer structs\n"); + goto error; + } /* init a multi stack */ multi_handle = curl_multi_init(); + if(!multi_handle) + goto error; for(i = 0; i < num_transfers; i++) { if(setup(&trans[i], i)) { - curl_global_cleanup(); - return 1; + goto error; } /* add the individual transfer */ @@ -233,14 +239,24 @@ int main(int argc, char **argv) if(mc) break; + } while(still_running); - for(i = 0; i < num_transfers; i++) { - curl_multi_remove_handle(multi_handle, trans[i].easy); - curl_easy_cleanup(trans[i].easy); +error: + + if(multi_handle) { + for(i = 0; i < num_transfers; i++) { + curl_multi_remove_handle(multi_handle, trans[i].easy); + curl_easy_cleanup(trans[i].easy); + + if(trans[i].out) + fclose(trans[i].out); + } + curl_multi_cleanup(multi_handle); } - curl_multi_cleanup(multi_handle); + free(trans); + curl_global_cleanup(); return 0; diff --git a/docs/examples/http2-serverpush.c b/docs/examples/http2-serverpush.c index c12a5f7d2e..8c261e9aed 100644 --- a/docs/examples/http2-serverpush.c +++ b/docs/examples/http2-serverpush.c @@ -225,14 +225,15 @@ int main(int argc, char *argv[]) /* init a multi stack */ multi_handle = curl_multi_init(); + if(!multi_handle) + goto error; easy = curl_easy_init(); /* set options */ - if(setup(easy, url)) { + if(!easy || setup(easy, url)) { fprintf(stderr, "failed\n"); - curl_global_cleanup(); - return 1; + goto error; } curl_multi_setopt(multi_handle, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX); @@ -272,7 +273,11 @@ int main(int argc, char *argv[]) } while(transfers); /* as long as we have transfers going */ - curl_multi_cleanup(multi_handle); +error: + + if(multi_handle) + curl_multi_cleanup(multi_handle); + curl_global_cleanup(); fclose(out_download); diff --git a/docs/examples/http2-upload.c b/docs/examples/http2-upload.c index 55162c03a3..fda941c49f 100644 --- a/docs/examples/http2-upload.c +++ b/docs/examples/http2-upload.c @@ -64,8 +64,6 @@ #define CURLPIPE_MULTIPLEX 0L #endif -#define NUM_HANDLES 1000 - #ifdef _MSC_VER #define gettimeofday(a, b) my_gettimeofday((a), (b)) static int my_gettimeofday(struct timeval *tp, void *tzp) @@ -90,12 +88,12 @@ struct input { FILE *in; FILE *out; size_t bytes_read; /* count up */ - CURL *hnd; + CURL *easy; int num; }; -static void dump(const char *text, int num, unsigned char *ptr, size_t size, - char nohex) +static void dump(const char *text, int num, unsigned char *ptr, + size_t size, char nohex) { size_t i; size_t c; @@ -141,8 +139,8 @@ static void dump(const char *text, int num, unsigned char *ptr, size_t size, } } -static int my_trace(CURL *handle, curl_infotype type, char *data, - size_t size, void *userp) +static int my_trace(CURL *handle, curl_infotype type, + char *data, size_t size, void *userp) { char timebuf[60]; const char *text; @@ -203,33 +201,33 @@ static size_t read_callback(char *ptr, size_t size, size_t nmemb, void *userp) return retcode; } -static int setup(struct input *i, int num, const char *upload) +static int setup(struct input *t, int num, const char *upload) { char url[256]; char filename[128]; struct stat file_info; curl_off_t uploadsize; - CURL *hnd; + CURL *easy; - hnd = i->hnd = NULL; + easy = t->easy = NULL; - i->num = num; + t->num = num; snprintf(filename, sizeof(filename), "dl-%d", num); - i->out = fopen(filename, "wb"); - if(!i->out) { - fprintf(stderr, "error: could not open file %s for writing: %s\n", upload, - strerror(errno)); + t->out = fopen(filename, "wb"); + if(!t->out) { + fprintf(stderr, "error: could not open file %s for writing: %s\n", + upload, strerror(errno)); return 1; } snprintf(url, sizeof(url), "https://localhost:8443/upload-%d", num); - i->in = fopen(upload, "rb"); - if(!i->in) { - fprintf(stderr, "error: could not open file %s for reading: %s\n", upload, - strerror(errno)); - fclose(i->out); - i->out = NULL; + t->in = fopen(upload, "rb"); + if(!t->in) { + fprintf(stderr, "error: could not open file %s for reading: %s\n", + upload, strerror(errno)); + fclose(t->out); + t->out = NULL; return 1; } @@ -237,51 +235,51 @@ static int setup(struct input *i, int num, const char *upload) /* !checksrc! disable BANNEDFUNC 1 */ if(stat(upload, &file_info) != 0) { #else - if(fstat(fileno(i->in), &file_info) != 0) { + if(fstat(fileno(t->in), &file_info) != 0) { #endif - fprintf(stderr, "error: could not stat file %s: %s\n", upload, - strerror(errno)); - fclose(i->out); - i->out = NULL; + fprintf(stderr, "error: could not stat file %s: %s\n", + upload, strerror(errno)); + fclose(t->out); + t->out = NULL; return 1; } uploadsize = file_info.st_size; - hnd = i->hnd = curl_easy_init(); - if(hnd) { + easy = t->easy = curl_easy_init(); + if(easy) { /* write to this file */ - curl_easy_setopt(hnd, CURLOPT_WRITEDATA, i->out); + curl_easy_setopt(easy, CURLOPT_WRITEDATA, t->out); /* we want to use our own read function */ - curl_easy_setopt(hnd, CURLOPT_READFUNCTION, read_callback); + curl_easy_setopt(easy, CURLOPT_READFUNCTION, read_callback); /* read from this file */ - curl_easy_setopt(hnd, CURLOPT_READDATA, i); + curl_easy_setopt(easy, CURLOPT_READDATA, t); /* provide the size of the upload */ - curl_easy_setopt(hnd, CURLOPT_INFILESIZE_LARGE, uploadsize); + curl_easy_setopt(easy, CURLOPT_INFILESIZE_LARGE, uploadsize); /* send in the URL to store the upload as */ - curl_easy_setopt(hnd, CURLOPT_URL, url); + curl_easy_setopt(easy, CURLOPT_URL, url); /* upload please */ - curl_easy_setopt(hnd, CURLOPT_UPLOAD, 1L); + curl_easy_setopt(easy, CURLOPT_UPLOAD, 1L); /* please be verbose */ - curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L); - curl_easy_setopt(hnd, CURLOPT_DEBUGFUNCTION, my_trace); - curl_easy_setopt(hnd, CURLOPT_DEBUGDATA, i); + curl_easy_setopt(easy, CURLOPT_VERBOSE, 1L); + curl_easy_setopt(easy, CURLOPT_DEBUGFUNCTION, my_trace); + curl_easy_setopt(easy, CURLOPT_DEBUGDATA, t); /* HTTP/2 please */ - curl_easy_setopt(hnd, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0); + curl_easy_setopt(easy, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0); /* we use a self-signed test server, skip verification during debugging */ - curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYPEER, 0L); - curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYHOST, 0L); + curl_easy_setopt(easy, CURLOPT_SSL_VERIFYPEER, 0L); + curl_easy_setopt(easy, CURLOPT_SSL_VERIFYHOST, 0L); #if (CURLPIPE_MULTIPLEX > 0) /* wait for pipe connection to confirm */ - curl_easy_setopt(hnd, CURLOPT_PIPEWAIT, 1L); + curl_easy_setopt(easy, CURLOPT_PIPEWAIT, 1L); #endif } return 0; @@ -293,79 +291,83 @@ static int setup(struct input *i, int num, const char *upload) int main(int argc, char **argv) { CURLcode res; - struct input trans[NUM_HANDLES]; - CURLM *multi_handle; + struct input *trans; + CURLM *multi_handle = NULL; int i; const char *filename = "index.html"; + int still_running = 0; /* keep number of running handles */ int num_transfers; if(argc > 1) { /* if given a number, do that many transfers */ num_transfers = atoi(argv[1]); - - if(!num_transfers || (num_transfers > NUM_HANDLES)) - num_transfers = 3; /* a suitable low default */ + if((num_transfers < 1) || (num_transfers > 1000)) + num_transfers = 3; /* a suitable low default */ if(argc > 2) /* if given a file name, upload this! */ filename = argv[2]; } else - num_transfers = 3; + num_transfers = 3; /* a suitable low default */ res = curl_global_init(CURL_GLOBAL_ALL); if(res) return (int)res; - memset(trans, 0, sizeof(trans)); + trans = calloc(num_transfers, sizeof(*trans)); + if(!trans) { + fprintf(stderr, "error allocating transfer structs\n"); + goto error; + } /* init a multi stack */ multi_handle = curl_multi_init(); - if(multi_handle) { + if(!multi_handle) + goto error; - int still_running = 0; /* keep number of running handles */ - - for(i = 0; i < num_transfers; i++) { - if(setup(&trans[i], i, filename)) { - curl_global_cleanup(); - return 1; - } - - /* add the individual transfer */ - curl_multi_add_handle(multi_handle, trans[i].hnd); + for(i = 0; i < num_transfers; i++) { + if(setup(&trans[i], i, filename)) { + goto error; } - curl_multi_setopt(multi_handle, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX); + /* add the individual transfer */ + curl_multi_add_handle(multi_handle, trans[i].easy); + } - /* We do HTTP/2 so let's stick to one connection per host */ - curl_multi_setopt(multi_handle, CURLMOPT_MAX_HOST_CONNECTIONS, 1L); + curl_multi_setopt(multi_handle, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX); - do { - CURLMcode mc = curl_multi_perform(multi_handle, &still_running); + /* We do HTTP/2 so let's stick to one connection per host */ + curl_multi_setopt(multi_handle, CURLMOPT_MAX_HOST_CONNECTIONS, 1L); - if(still_running) - /* wait for activity, timeout or "nothing" */ - mc = curl_multi_poll(multi_handle, NULL, 0, 1000, NULL); + do { + CURLMcode mc = curl_multi_perform(multi_handle, &still_running); - if(mc) - break; + if(still_running) + /* wait for activity, timeout or "nothing" */ + mc = curl_multi_poll(multi_handle, NULL, 0, 1000, NULL); - } while(still_running); + if(mc) + break; - for(i = 0; i < num_transfers; i++) - curl_multi_remove_handle(multi_handle, trans[i].hnd); + } while(still_running); +error: + + if(multi_handle) { + for(i = 0; i < num_transfers; i++) { + curl_multi_remove_handle(multi_handle, trans[i].easy); + curl_easy_cleanup(trans[i].easy); + + if(trans[i].in) + fclose(trans[i].in); + if(trans[i].out) + fclose(trans[i].out); + } curl_multi_cleanup(multi_handle); } - for(i = 0; i < num_transfers; i++) { - curl_easy_cleanup(trans[i].hnd); - - if(trans[i].in) - fclose(trans[i].in); - if(trans[i].out) - fclose(trans[i].out); - } + free(trans); curl_global_cleanup(); diff --git a/docs/examples/sftpuploadresume.c b/docs/examples/sftpuploadresume.c index d9cff10567..fa42859672 100644 --- a/docs/examples/sftpuploadresume.c +++ b/docs/examples/sftpuploadresume.c @@ -49,28 +49,31 @@ static size_t readfunc(char *ptr, size_t size, size_t nmemb, void *stream) */ static curl_off_t sftpGetRemoteFileSize(const char *i_remoteFile) { - CURLcode result = CURLE_GOT_NOTHING; curl_off_t remoteFileSizeByte = -1; CURL *curlHandlePtr = curl_easy_init(); - curl_easy_setopt(curlHandlePtr, CURLOPT_VERBOSE, 1L); + if(curlHandlePtr) { + CURLcode result; - curl_easy_setopt(curlHandlePtr, CURLOPT_URL, i_remoteFile); - curl_easy_setopt(curlHandlePtr, CURLOPT_NOPROGRESS, 1L); - curl_easy_setopt(curlHandlePtr, CURLOPT_NOBODY, 1L); - curl_easy_setopt(curlHandlePtr, CURLOPT_HEADER, 1L); - curl_easy_setopt(curlHandlePtr, CURLOPT_FILETIME, 1L); + curl_easy_setopt(curlHandlePtr, CURLOPT_VERBOSE, 1L); - result = curl_easy_perform(curlHandlePtr); - if(CURLE_OK == result) { - result = curl_easy_getinfo(curlHandlePtr, - CURLINFO_CONTENT_LENGTH_DOWNLOAD_T, - &remoteFileSizeByte); - if(result) - return -1; - printf("filesize: %" CURL_FORMAT_CURL_OFF_T "\n", remoteFileSizeByte); + curl_easy_setopt(curlHandlePtr, CURLOPT_URL, i_remoteFile); + curl_easy_setopt(curlHandlePtr, CURLOPT_NOPROGRESS, 1L); + curl_easy_setopt(curlHandlePtr, CURLOPT_NOBODY, 1L); + curl_easy_setopt(curlHandlePtr, CURLOPT_HEADER, 1L); + curl_easy_setopt(curlHandlePtr, CURLOPT_FILETIME, 1L); + + result = curl_easy_perform(curlHandlePtr); + if(CURLE_OK == result) { + result = curl_easy_getinfo(curlHandlePtr, + CURLINFO_CONTENT_LENGTH_DOWNLOAD_T, + &remoteFileSizeByte); + if(result) + return -1; + printf("filesize: %" CURL_FORMAT_CURL_OFF_T "\n", remoteFileSizeByte); + } + curl_easy_cleanup(curlHandlePtr); } - curl_easy_cleanup(curlHandlePtr); return remoteFileSizeByte; } diff --git a/docs/examples/simplessl.c b/docs/examples/simplessl.c index 5da79a79a0..9fc2e41484 100644 --- a/docs/examples/simplessl.c +++ b/docs/examples/simplessl.c @@ -49,7 +49,7 @@ int main(void) { - CURL *curl; + CURL *curl = NULL; CURLcode res; FILE *headerfile; const char *pPassphrase = NULL; @@ -61,98 +61,89 @@ int main(void) const char *pKeyName; const char *pKeyType; - const char *pEngine; - #ifdef USE_ENGINE pKeyName = "rsa_test"; pKeyType = "ENG"; - pEngine = "chil"; /* for nCipher HSM... */ #else pKeyName = "testkey.pem"; pKeyType = "PEM"; - pEngine = NULL; #endif - headerfile = fopen(pHeaderFile, "wb"); - if(!headerfile) - return 1; - res = curl_global_init(CURL_GLOBAL_ALL); if(res) { - fclose(headerfile); return (int)res; } + headerfile = fopen(pHeaderFile, "wb"); + if(!headerfile) + goto error; + curl = curl_easy_init(); - if(curl) { - /* what call to write: */ - curl_easy_setopt(curl, CURLOPT_URL, "HTTPS://secure.site.example"); - curl_easy_setopt(curl, CURLOPT_HEADERDATA, headerfile); + if(!curl) + goto error; -#ifdef _MSC_VER -#pragma warning(push) -#pragma warning(disable:4127) /* conditional expression is constant */ -#endif - do { /* dummy loop, just to break out from */ - if(pEngine) { - /* use crypto engine */ - if(curl_easy_setopt(curl, CURLOPT_SSLENGINE, pEngine) != CURLE_OK) { - /* load the crypto engine */ - fprintf(stderr, "cannot set crypto engine\n"); - break; - } - if(curl_easy_setopt(curl, CURLOPT_SSLENGINE_DEFAULT, 1L) != CURLE_OK) { - /* set the crypto engine as default */ - /* only needed for the first time you load - an engine in a curl object... */ - fprintf(stderr, "cannot set crypto engine as default\n"); - break; - } - } - /* cert is stored PEM coded in file... */ - /* since PEM is default, we needn't set it for PEM */ - curl_easy_setopt(curl, CURLOPT_SSLCERTTYPE, "PEM"); + /* what call to write: */ + curl_easy_setopt(curl, CURLOPT_URL, "HTTPS://secure.site.example"); + curl_easy_setopt(curl, CURLOPT_HEADERDATA, headerfile); - /* set the cert for client authentication */ - curl_easy_setopt(curl, CURLOPT_SSLCERT, pCertFile); - - /* sorry, for engine we must set the passphrase - (if the key has one...) */ - if(pPassphrase) - curl_easy_setopt(curl, CURLOPT_KEYPASSWD, pPassphrase); - - /* if we use a key stored in a crypto engine, - we must set the key type to "ENG" */ - curl_easy_setopt(curl, CURLOPT_SSLKEYTYPE, pKeyType); - - /* set the private key (file or ID in engine) */ - curl_easy_setopt(curl, CURLOPT_SSLKEY, pKeyName); - - /* set the file with the certs validating the server */ - curl_easy_setopt(curl, CURLOPT_CAINFO, pCACertFile); - - /* disconnect if we cannot validate server's cert */ - curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 1L); - - /* Perform the request, res gets the return code */ - res = curl_easy_perform(curl); - /* Check for errors */ - if(res != CURLE_OK) - fprintf(stderr, "curl_easy_perform() failed: %s\n", - curl_easy_strerror(res)); - - /* we are done... */ - } while(0); -#ifdef _MSC_VER -#pragma warning(pop) -#endif - /* always cleanup */ - curl_easy_cleanup(curl); +#ifdef USE_ENGINE + /* use crypto engine. nCipher HSM... */ + if(curl_easy_setopt(curl, CURLOPT_SSLENGINE, "chil") != CURLE_OK) { + /* load the crypto engine */ + fprintf(stderr, "cannot set crypto engine\n"); + goto error; } + if(curl_easy_setopt(curl, CURLOPT_SSLENGINE_DEFAULT, 1L) != CURLE_OK) { + /* set the crypto engine as default */ + /* only needed for the first time you load + an engine in a curl object... */ + fprintf(stderr, "cannot set crypto engine as default\n"); + goto error; + } +#endif + + /* cert is stored PEM coded in file... */ + /* since PEM is default, we needn't set it for PEM */ + curl_easy_setopt(curl, CURLOPT_SSLCERTTYPE, "PEM"); + + /* set the cert for client authentication */ + curl_easy_setopt(curl, CURLOPT_SSLCERT, pCertFile); + + /* sorry, for engine we must set the passphrase + (if the key has one...) */ + if(pPassphrase) + curl_easy_setopt(curl, CURLOPT_KEYPASSWD, pPassphrase); + + /* if we use a key stored in a crypto engine, + we must set the key type to "ENG" */ + curl_easy_setopt(curl, CURLOPT_SSLKEYTYPE, pKeyType); + + /* set the private key (file or ID in engine) */ + curl_easy_setopt(curl, CURLOPT_SSLKEY, pKeyName); + + /* set the file with the certs validating the server */ + curl_easy_setopt(curl, CURLOPT_CAINFO, pCACertFile); + + /* disconnect if we cannot validate server's cert */ + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 1L); + + /* Perform the request, res gets the return code */ + res = curl_easy_perform(curl); + /* Check for errors */ + if(res != CURLE_OK) + fprintf(stderr, "curl_easy_perform() failed: %s\n", + curl_easy_strerror(res)); + +error: + + /* always cleanup */ + if(curl) + curl_easy_cleanup(curl); + + if(headerfile) + fclose(headerfile); curl_global_cleanup(); - fclose(headerfile); - - return 0; + return (int)res; } diff --git a/docs/examples/smtp-authzid.c b/docs/examples/smtp-authzid.c index 758a7fdaaf..1fb1176b2a 100644 --- a/docs/examples/smtp-authzid.c +++ b/docs/examples/smtp-authzid.c @@ -72,6 +72,7 @@ static size_t payload_source(char *ptr, size_t size, size_t nmemb, void *userp) struct upload_status *upload_ctx = (struct upload_status *)userp; const char *data; size_t room = size * nmemb; + size_t len; if((size == 0) || (nmemb == 0) || ((size*nmemb) < 1)) { return 0; @@ -79,17 +80,13 @@ static size_t payload_source(char *ptr, size_t size, size_t nmemb, void *userp) data = &payload_text[upload_ctx->bytes_read]; - if(data) { - size_t len = strlen(data); - if(room < len) - len = room; - memcpy(ptr, data, len); - upload_ctx->bytes_read += len; + len = strlen(data); + if(room < len) + len = room; + memcpy(ptr, data, len); + upload_ctx->bytes_read += len; - return len; - } - - return 0; + return len; } int main(void) diff --git a/docs/examples/smtp-mail.c b/docs/examples/smtp-mail.c index d3f4346b8c..d41fc07b80 100644 --- a/docs/examples/smtp-mail.c +++ b/docs/examples/smtp-mail.c @@ -69,6 +69,7 @@ static size_t payload_source(char *ptr, size_t size, size_t nmemb, void *userp) struct upload_status *upload_ctx = (struct upload_status *)userp; const char *data; size_t room = size * nmemb; + size_t len; if((size == 0) || (nmemb == 0) || ((size*nmemb) < 1)) { return 0; @@ -76,17 +77,13 @@ static size_t payload_source(char *ptr, size_t size, size_t nmemb, void *userp) data = &payload_text[upload_ctx->bytes_read]; - if(data) { - size_t len = strlen(data); - if(room < len) - len = room; - memcpy(ptr, data, len); - upload_ctx->bytes_read += len; + len = strlen(data); + if(room < len) + len = room; + memcpy(ptr, data, len); + upload_ctx->bytes_read += len; - return len; - } - - return 0; + return len; } int main(void) diff --git a/docs/examples/smtp-multi.c b/docs/examples/smtp-multi.c index f7619465ee..0973378e0f 100644 --- a/docs/examples/smtp-multi.c +++ b/docs/examples/smtp-multi.c @@ -62,6 +62,7 @@ static size_t payload_source(char *ptr, size_t size, size_t nmemb, void *userp) struct upload_status *upload_ctx = (struct upload_status *)userp; const char *data; size_t room = size * nmemb; + size_t len; if((size == 0) || (nmemb == 0) || ((size*nmemb) < 1)) { return 0; @@ -69,17 +70,13 @@ static size_t payload_source(char *ptr, size_t size, size_t nmemb, void *userp) data = &payload_text[upload_ctx->bytes_read]; - if(data) { - size_t len = strlen(data); - if(room < len) - len = room; - memcpy(ptr, data, len); - upload_ctx->bytes_read += len; + len = strlen(data); + if(room < len) + len = room; + memcpy(ptr, data, len); + upload_ctx->bytes_read += len; - return len; - } - - return 0; + return len; } int main(void) diff --git a/docs/examples/smtp-ssl.c b/docs/examples/smtp-ssl.c index ca73b73fca..31ef81eae1 100644 --- a/docs/examples/smtp-ssl.c +++ b/docs/examples/smtp-ssl.c @@ -66,6 +66,7 @@ static size_t payload_source(char *ptr, size_t size, size_t nmemb, void *userp) struct upload_status *upload_ctx = (struct upload_status *)userp; const char *data; size_t room = size * nmemb; + size_t len; if((size == 0) || (nmemb == 0) || ((size*nmemb) < 1)) { return 0; @@ -73,17 +74,13 @@ static size_t payload_source(char *ptr, size_t size, size_t nmemb, void *userp) data = &payload_text[upload_ctx->bytes_read]; - if(data) { - size_t len = strlen(data); - if(room < len) - len = room; - memcpy(ptr, data, len); - upload_ctx->bytes_read += len; + len = strlen(data); + if(room < len) + len = room; + memcpy(ptr, data, len); + upload_ctx->bytes_read += len; - return len; - } - - return 0; + return len; } int main(void) diff --git a/docs/examples/smtp-tls.c b/docs/examples/smtp-tls.c index 4f7379529c..5d9214455e 100644 --- a/docs/examples/smtp-tls.c +++ b/docs/examples/smtp-tls.c @@ -66,6 +66,7 @@ static size_t payload_source(char *ptr, size_t size, size_t nmemb, void *userp) struct upload_status *upload_ctx = (struct upload_status *)userp; const char *data; size_t room = size * nmemb; + size_t len; if((size == 0) || (nmemb == 0) || ((size*nmemb) < 1)) { return 0; @@ -73,17 +74,13 @@ static size_t payload_source(char *ptr, size_t size, size_t nmemb, void *userp) data = &payload_text[upload_ctx->bytes_read]; - if(data) { - size_t len = strlen(data); - if(room < len) - len = room; - memcpy(ptr, data, len); - upload_ctx->bytes_read += len; + len = strlen(data); + if(room < len) + len = room; + memcpy(ptr, data, len); + upload_ctx->bytes_read += len; - return len; - } - - return 0; + return len; } int main(void) From 4d2a05d3fe8ba4db9168b03057029ea5ce7dab77 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 30 Oct 2025 15:46:17 +0100 Subject: [PATCH 0647/2408] tests: use `crlf=yes` attribute more To make special newlines more explicit and visible. Mostly in `` sections, some in `` and ``. Reducing the number of `tests/data/test*`: - CRLF newlines from 21535 to 11337. - files with mixed newlines from 1335 to 707. Also delete empty `` sections. Closes #19284 --- tests/data/test100 | 18 +- tests/data/test1000 | 12 +- tests/data/test1003 | 20 +- tests/data/test1004 | 12 +- tests/data/test1005 | 20 +- tests/data/test1006 | 20 +- tests/data/test101 | 16 +- tests/data/test1010 | 20 +- tests/data/test1011 | 26 +- tests/data/test1012 | 30 +-- tests/data/test1015 | 16 +- tests/data/test102 | 20 +- tests/data/test1021 | 46 ++-- tests/data/test1024 | 34 +-- tests/data/test1025 | 38 +-- tests/data/test1028 | 28 +- tests/data/test1029 | 12 +- tests/data/test103 | 22 +- tests/data/test1031 | 22 +- tests/data/test1032 | 14 +- tests/data/test1033 | 12 +- tests/data/test1036 | 22 +- tests/data/test1037 | 20 +- tests/data/test1038 | 18 +- tests/data/test1039 | 18 +- tests/data/test104 | 22 +- tests/data/test1040 | 14 +- tests/data/test1042 | 14 +- tests/data/test1043 | 14 +- tests/data/test1044 | 20 +- tests/data/test1045 | 12 +- tests/data/test1046 | 12 +- tests/data/test1047 | 16 +- tests/data/test1048 | 16 +- tests/data/test105 | 18 +- tests/data/test1054 | 30 +-- tests/data/test1056 | 22 +- tests/data/test1057 | 22 +- tests/data/test1058 | 14 +- tests/data/test1059 | 12 +- tests/data/test106 | 22 +- tests/data/test1060 | 34 +-- tests/data/test1061 | 34 +-- tests/data/test1062 | 20 +- tests/data/test1066 | 22 +- tests/data/test1067 | 26 +- tests/data/test107 | 16 +- tests/data/test1070 | 18 +- tests/data/test1074 | 22 +- tests/data/test1076 | 30 +-- tests/data/test1077 | 26 +- tests/data/test1078 | 22 +- tests/data/test1079 | 24 +- tests/data/test108 | 22 +- tests/data/test1080 | 22 +- tests/data/test1081 | 22 +- tests/data/test1082 | 12 +- tests/data/test1083 | 12 +- tests/data/test1086 | 16 +- tests/data/test1087 | 40 +-- tests/data/test1088 | 42 +-- tests/data/test1089 | 22 +- tests/data/test109 | 16 +- tests/data/test1090 | 22 +- tests/data/test1091 | 24 +- tests/data/test1092 | 14 +- tests/data/test1095 | 24 +- tests/data/test1096 | 26 +- tests/data/test1097 | 28 +- tests/data/test11 | 22 +- tests/data/test110 | 22 +- tests/data/test1100 | 44 +-- tests/data/test1101 | 14 +- tests/data/test1102 | 24 +- tests/data/test1103 | 20 +- tests/data/test1104 | 28 +- tests/data/test1105 | 16 +- tests/data/test1106 | 14 +- tests/data/test1107 | 20 +- tests/data/test1108 | 10 +- tests/data/test1109 | 12 +- tests/data/test111 | 16 +- tests/data/test1110 | 12 +- tests/data/test1111 | 12 +- tests/data/test1112 | 20 +- tests/data/test1113 | 78 +++--- tests/data/test1115 | 12 +- tests/data/test1116 | 12 +- tests/data/test1117 | 26 +- tests/data/test1118 | 12 +- tests/data/test112 | 16 +- tests/data/test1120 | 10 +- tests/data/test1121 | 12 +- tests/data/test1122 | 16 +- tests/data/test1123 | 16 +- tests/data/test1124 | 16 +- tests/data/test1125 | 16 +- tests/data/test1126 | 14 +- tests/data/test1127 | 14 +- tests/data/test1128 | 26 +- tests/data/test1129 | 34 +-- tests/data/test113 | 4 +- tests/data/test1130 | 34 +-- tests/data/test1131 | 30 +-- tests/data/test1137 | 18 +- tests/data/test114 | 6 +- tests/data/test1141 | 26 +- tests/data/test1142 | 14 +- tests/data/test1143 | 12 +- tests/data/test1144 | 12 +- tests/data/test1147 | 16 +- tests/data/test1148 | 12 +- tests/data/test1149 | 30 +-- tests/data/test115 | 14 +- tests/data/test1150 | 26 +- tests/data/test1151 | 12 +- tests/data/test1152 | 18 +- tests/data/test1153 | 18 +- tests/data/test1154 | 12 +- tests/data/test1155 | 12 +- tests/data/test1157 | 12 +- tests/data/test1159 | 12 +- tests/data/test1160 | 12 +- tests/data/test1161 | 12 +- tests/data/test1162 | 20 +- tests/data/test1163 | 20 +- tests/data/test1164 | 12 +- tests/data/test1166 | 22 +- tests/data/test1168 | 26 +- tests/data/test117 | 16 +- tests/data/test1170 | 16 +- tests/data/test1171 | 16 +- tests/data/test1172 | 12 +- tests/data/test1174 | 12 +- tests/data/test1176 | 12 +- tests/data/test1178 | 16 +- tests/data/test118 | 20 +- tests/data/test1180 | 14 +- tests/data/test1181 | 14 +- tests/data/test1183 | 12 +- tests/data/test1184 | 22 +- tests/data/test1187 | 38 +-- tests/data/test1188 | 22 +- tests/data/test119 | 16 +- tests/data/test1197 | 26 +- tests/data/test12 | 14 +- tests/data/test120 | 22 +- tests/data/test1200 | 4 +- tests/data/test1201 | 4 +- tests/data/test1202 | 4 +- tests/data/test1203 | 4 +- tests/data/test1204 | 24 +- tests/data/test1205 | 12 +- tests/data/test121 | 22 +- tests/data/test1210 | 12 +- tests/data/test1212 | 14 +- tests/data/test1213 | 14 +- tests/data/test1214 | 14 +- tests/data/test1215 | 30 +-- tests/data/test1216 | 28 +- tests/data/test1217 | 30 +-- tests/data/test1218 | 40 +-- tests/data/test1219 | 14 +- tests/data/test122 | 18 +- tests/data/test1221 | 16 +- tests/data/test1223 | 12 +- tests/data/test1224 | 20 +- tests/data/test1225 | 34 +-- tests/data/test1226 | 20 +- tests/data/test1227 | 18 +- tests/data/test1228 | 28 +- tests/data/test1229 | 24 +- tests/data/test123 | 14 +- tests/data/test1230 | 22 +- tests/data/test1231 | 22 +- tests/data/test1232 | 26 +- tests/data/test1233 | 20 +- tests/data/test1235 | 42 +-- tests/data/test1237 | 14 +- tests/data/test1239 | 14 +- tests/data/test124 | 20 +- tests/data/test1240 | 22 +- tests/data/test1241 | 26 +- tests/data/test1244 | 14 +- tests/data/test1245 | 12 +- tests/data/test1246 | 26 +- tests/data/test1248 | 14 +- tests/data/test1249 | 14 +- tests/data/test1250 | 14 +- tests/data/test1251 | 14 +- tests/data/test1252 | 12 +- tests/data/test1253 | 14 +- tests/data/test1254 | 14 +- tests/data/test1255 | 12 +- tests/data/test1256 | 14 +- tests/data/test1257 | 14 +- tests/data/test1258 | 24 +- tests/data/test1259 | 14 +- tests/data/test126 | 22 +- tests/data/test1261 | 12 +- tests/data/test1262 | 14 +- tests/data/test1265 | 12 +- tests/data/test1266 | 12 +- tests/data/test1267 | 12 +- tests/data/test127 | 24 +- tests/data/test1270 | 12 +- tests/data/test1271 | 12 +- tests/data/test1272 | 4 +- tests/data/test1273 | 14 +- tests/data/test1274 | 12 +- tests/data/test1277 | 18 +- tests/data/test128 | 32 +-- tests/data/test1280 | 42 +-- tests/data/test1282 | 6 +- tests/data/test1283 | 12 +- tests/data/test1284 | 32 +-- tests/data/test1286 | 36 +-- tests/data/test1287 | 12 +- tests/data/test1288 | 12 +- tests/data/test129 | 12 +- tests/data/test1290 | 12 +- tests/data/test1292 | 12 +- tests/data/test1293 | 26 +- tests/data/test1294 | 14 +- tests/data/test1295 | 18 +- tests/data/test1296 | 14 +- tests/data/test1297 | 12 +- tests/data/test1298 | 14 +- tests/data/test1299 | 14 +- tests/data/test13 | 12 +- tests/data/test130 | 16 +- tests/data/test131 | 16 +- tests/data/test1310 | 12 +- tests/data/test1311 | 12 +- tests/data/test1312 | 12 +- tests/data/test1313 | 12 +- tests/data/test1314 | 26 +- tests/data/test1316 | 16 +- tests/data/test1317 | 12 +- tests/data/test1318 | 22 +- tests/data/test1319 | 12 +- tests/data/test132 | 16 +- tests/data/test1320 | 24 +- tests/data/test1321 | 12 +- tests/data/test1322 | 12 +- tests/data/test1324 | 12 +- tests/data/test1325 | 30 +-- tests/data/test1326 | 6 +- tests/data/test1327 | 6 +- tests/data/test1328 | 22 +- tests/data/test133 | 16 +- tests/data/test1331 | 30 +-- tests/data/test1332 | 30 +-- tests/data/test1333 | 20 +- tests/data/test1334 | 12 +- tests/data/test1335 | 12 +- tests/data/test1336 | 12 +- tests/data/test1337 | 12 +- tests/data/test1338 | 12 +- tests/data/test1339 | 12 +- tests/data/test134 | 16 +- tests/data/test1340 | 12 +- tests/data/test1341 | 12 +- tests/data/test1342 | 12 +- tests/data/test1343 | 12 +- tests/data/test1344 | 12 +- tests/data/test1345 | 12 +- tests/data/test1346 | 12 +- tests/data/test1347 | 12 +- tests/data/test1348 | 20 +- tests/data/test1349 | 20 +- tests/data/test135 | 22 +- tests/data/test1350 | 20 +- tests/data/test1351 | 20 +- tests/data/test1352 | 20 +- tests/data/test1353 | 20 +- tests/data/test1354 | 20 +- tests/data/test1355 | 20 +- tests/data/test1356 | 20 +- tests/data/test1357 | 20 +- tests/data/test1358 | 20 +- tests/data/test1359 | 20 +- tests/data/test136 | 18 +- tests/data/test1360 | 20 +- tests/data/test1361 | 20 +- tests/data/test1362 | 20 +- tests/data/test1363 | 20 +- tests/data/test1364 | 12 +- tests/data/test1365 | 12 +- tests/data/test1366 | 12 +- tests/data/test1367 | 12 +- tests/data/test1368 | 12 +- tests/data/test1369 | 12 +- tests/data/test137 | 22 +- tests/data/test1370 | 12 +- tests/data/test1371 | 12 +- tests/data/test1372 | 12 +- tests/data/test1373 | 12 +- tests/data/test1374 | 12 +- tests/data/test1375 | 12 +- tests/data/test1376 | 12 +- tests/data/test1377 | 12 +- tests/data/test1378 | 20 +- tests/data/test1379 | 20 +- tests/data/test138 | 22 +- tests/data/test1380 | 20 +- tests/data/test1381 | 20 +- tests/data/test1382 | 20 +- tests/data/test1383 | 20 +- tests/data/test1384 | 20 +- tests/data/test1385 | 20 +- tests/data/test1386 | 20 +- tests/data/test1387 | 20 +- tests/data/test1388 | 20 +- tests/data/test1389 | 20 +- tests/data/test139 | 22 +- tests/data/test1390 | 20 +- tests/data/test1391 | 20 +- tests/data/test1392 | 20 +- tests/data/test1393 | 20 +- tests/data/test14 | 12 +- tests/data/test140 | 14 +- tests/data/test1400 | 12 +- tests/data/test1401 | 20 +- tests/data/test1402 | 16 +- tests/data/test1403 | 12 +- tests/data/test1405 | 30 +-- tests/data/test1406 | 26 +- tests/data/test1407 | 12 +- tests/data/test1408 | 24 +- tests/data/test141 | 20 +- tests/data/test1411 | 14 +- tests/data/test1412 | 46 ++-- tests/data/test1413 | 22 +- tests/data/test1415 | 14 +- tests/data/test1416 | 12 +- tests/data/test1417 | 12 +- tests/data/test142 | 318 +++++++++++----------- tests/data/test1420 | 12 +- tests/data/test1422 | 12 +- tests/data/test1423 | 12 +- tests/data/test1424 | 14 +- tests/data/test1425 | 12 +- tests/data/test1426 | 12 +- tests/data/test1428 | 16 +- tests/data/test1429 | 12 +- tests/data/test143 | 22 +- tests/data/test1430 | 12 +- tests/data/test1431 | 12 +- tests/data/test1432 | 12 +- tests/data/test1433 | 12 +- tests/data/test1434 | 14 +- tests/data/test1435 | 12 +- tests/data/test1436 | 32 +-- tests/data/test1437 | 24 +- tests/data/test1438 | 12 +- tests/data/test1439 | 12 +- tests/data/test144 | 16 +- tests/data/test1443 | 12 +- tests/data/test1444 | 20 +- tests/data/test1448 | 22 +- tests/data/test1449 | 12 +- tests/data/test145 | 16 +- tests/data/test1455 | 16 +- tests/data/test1456 | 14 +- tests/data/test1457 | 12 +- tests/data/test1458 | 12 +- tests/data/test146 | 32 +-- tests/data/test1465 | 16 +- tests/data/test1466 | 12 +- tests/data/test1467 | 12 +- tests/data/test1468 | 12 +- tests/data/test147 | 28 +- tests/data/test1470 | 12 +- tests/data/test1473 | 12 +- tests/data/test1475 | 14 +- tests/data/test1479 | 22 +- tests/data/test148 | 16 +- tests/data/test1480 | 12 +- tests/data/test1481 | 14 +- tests/data/test1482 | 12 +- tests/data/test1483 | 12 +- tests/data/test1484 | 12 +- tests/data/test1485 | 10 +- tests/data/test1487 | 12 +- tests/data/test149 | 26 +- tests/data/test1492 | 12 +- tests/data/test1493 | 12 +- tests/data/test1494 | 12 +- tests/data/test1495 | 12 +- tests/data/test1496 | 12 +- tests/data/test1497 | 22 +- tests/data/test1499 | 22 +- tests/data/test15 | 12 +- tests/data/test150 | 26 +- tests/data/test1501 | 18 +- tests/data/test1502 | 10 +- tests/data/test1503 | 10 +- tests/data/test1504 | 10 +- tests/data/test1505 | 10 +- tests/data/test1506 | 82 +++--- tests/data/test1507 | 10 +- tests/data/test151 | 12 +- tests/data/test1510 | 34 +-- tests/data/test1512 | 18 +- tests/data/test1513 | 2 - tests/data/test1514 | 40 +-- tests/data/test1517 | 14 +- tests/data/test1518 | 2 - tests/data/test1519 | 2 - tests/data/test152 | 12 +- tests/data/test1520 | 36 +-- tests/data/test153 | 58 ++-- tests/data/test1531 | 14 +- tests/data/test1532 | 10 +- tests/data/test1533 | 50 ++-- tests/data/test1534 | 10 +- tests/data/test1535 | 10 +- tests/data/test1536 | 10 +- tests/data/test1540 | 10 +- tests/data/test1541 | 10 +- tests/data/test1542 | 34 +-- tests/data/test1543 | 18 +- tests/data/test1546 | 16 +- tests/data/test1547 | 18 +- tests/data/test1551 | 34 +-- tests/data/test1552 | 2 - tests/data/test1553 | 2 - tests/data/test1555 | 2 - tests/data/test1556 | 10 +- tests/data/test1561 | 22 +- tests/data/test1562 | 34 +-- tests/data/test1563 | 12 +- tests/data/test1566 | 14 +- tests/data/test1567 | 34 +-- tests/data/test1568 | 24 +- tests/data/test1569 | 26 +- tests/data/test157 | 12 +- tests/data/test1570 | 26 +- tests/data/test1571 | 2 +- tests/data/test1572 | 2 +- tests/data/test1575 | 2 +- tests/data/test1576 | 2 +- tests/data/test1577 | 2 +- tests/data/test1578 | 2 +- tests/data/test158 | 26 +- tests/data/test1580 | 2 +- tests/data/test1581 | 2 +- tests/data/test1582 | 10 +- tests/data/test159 | 14 +- tests/data/test1591 | 30 +-- tests/data/test1593 | 10 +- tests/data/test1594 | 10 +- tests/data/test1595 | 10 +- tests/data/test1596 | 10 +- tests/data/test1598 | 28 +- tests/data/test16 | 16 +- tests/data/test160 | 22 +- tests/data/test161 | 16 +- tests/data/test1613 | 16 +- tests/data/test1617 | 18 +- tests/data/test162 | 16 +- tests/data/test1631 | 18 +- tests/data/test1632 | 24 +- tests/data/test1633 | 50 ++-- tests/data/test1634 | 22 +- tests/data/test1635 | 22 +- tests/data/test164 | 14 +- tests/data/test165 | 26 +- tests/data/test167 | 32 +-- tests/data/test1670 | 12 +- tests/data/test168 | 44 +-- tests/data/test169 | 44 +-- tests/data/test17 | 12 +- tests/data/test170 | 18 +- tests/data/test1700 | 22 +- tests/data/test1701 | 16 +- tests/data/test1702 | 12 +- tests/data/test1704 | 18 +- tests/data/test171 | 14 +- tests/data/test1711 | 12 +- tests/data/test172 | 14 +- tests/data/test174 | 16 +- tests/data/test175 | 30 +-- tests/data/test176 | 32 +-- tests/data/test177 | 16 +- tests/data/test178 | 12 +- tests/data/test179 | 16 +- tests/data/test1800 | 18 +- tests/data/test1801 | 18 +- tests/data/test182 | 18 +- tests/data/test183 | 26 +- tests/data/test184 | 26 +- tests/data/test185 | 26 +- tests/data/test186 | 38 +-- tests/data/test187 | 22 +- tests/data/test188 | 26 +- tests/data/test189 | 26 +- tests/data/test190 | 10 +- tests/data/test1904 | 12 +- tests/data/test1905 | 10 +- tests/data/test1906 | 10 +- tests/data/test1907 | 10 +- tests/data/test1908 | 18 +- tests/data/test1909 | 22 +- tests/data/test191 | 18 +- tests/data/test1910 | 22 +- tests/data/test1919 | 22 +- tests/data/test192 | 12 +- tests/data/test193 | 22 +- tests/data/test1933 | 12 +- tests/data/test1934 | 12 +- tests/data/test1935 | 12 +- tests/data/test1936 | 12 +- tests/data/test1937 | 14 +- tests/data/test195 | 6 +- tests/data/test1955 | 20 +- tests/data/test1956 | 14 +- tests/data/test1957 | 14 +- tests/data/test1958 | 14 +- tests/data/test1959 | 14 +- tests/data/test196 | 10 +- tests/data/test1964 | 12 +- tests/data/test197 | 22 +- tests/data/test1970 | 16 +- tests/data/test1971 | 22 +- tests/data/test1972 | 26 +- tests/data/test1974 | 14 +- tests/data/test1975 | 22 +- tests/data/test1977 | 26 +- tests/data/test198 | 22 +- tests/data/test199 | 22 +- tests/data/test2 | 14 +- tests/data/test2005 | 14 +- tests/data/test2023 | 52 ++-- tests/data/test2024 | 52 ++-- tests/data/test2025 | 82 +++--- tests/data/test2026 | 68 ++--- tests/data/test2027 | 78 +++--- tests/data/test2028 | 98 +++---- tests/data/test2029 | 72 ++--- tests/data/test2030 | 82 +++--- tests/data/test2031 | 102 +++---- tests/data/test2032 | 42 +-- tests/data/test2033 | 12 +- tests/data/test2034 | 12 +- tests/data/test2037 | 12 +- tests/data/test2039 | 16 +- tests/data/test2040 | 24 +- tests/data/test2041 | 12 +- tests/data/test2046 | 22 +- tests/data/test2047 | 26 +- tests/data/test2049 | 42 +-- tests/data/test2050 | 12 +- tests/data/test2051 | 32 +-- tests/data/test2052 | 22 +- tests/data/test2053 | 22 +- tests/data/test2054 | 42 +-- tests/data/test2055 | 12 +- tests/data/test2056 | 14 +- tests/data/test2057 | 26 +- tests/data/test2061 | 24 +- tests/data/test2062 | 24 +- tests/data/test2063 | 24 +- tests/data/test2064 | 24 +- tests/data/test2065 | 24 +- tests/data/test2066 | 24 +- tests/data/test2067 | 32 +-- tests/data/test2068 | 32 +-- tests/data/test2069 | 32 +-- tests/data/test207 | 12 +- tests/data/test2070 | 12 +- tests/data/test2073 | 42 +-- tests/data/test2074 | 14 +- tests/data/test2076 | 24 +- tests/data/test2078 | 16 +- tests/data/test2079 | 12 +- tests/data/test2081 | 28 +- tests/data/test2087 | 12 +- tests/data/test2088 | 12 +- tests/data/test2089 | 12 +- tests/data/test209 | 36 +-- tests/data/test210 | 28 +- tests/data/test2100 | 82 +++--- tests/data/test211 | 30 +-- tests/data/test213 | 40 +-- tests/data/test214 | 12 +- tests/data/test215 | 26 +- tests/data/test216 | 26 +- tests/data/test217 | 12 +- tests/data/test22 | 12 +- tests/data/test220 | 14 +- tests/data/test221 | 14 +- tests/data/test222 | 14 +- tests/data/test223 | 14 +- tests/data/test224 | 14 +- tests/data/test227 | 30 +-- tests/data/test228 | 20 +- tests/data/test229 | 8 +- tests/data/test230 | 14 +- tests/data/test2300 | 20 +- tests/data/test2301 | 20 +- tests/data/test2302 | 20 +- tests/data/test2303 | 20 +- tests/data/test2304 | 2 +- tests/data/test2306 | 18 +- tests/data/test2308 | 10 +- tests/data/test2309 | 14 +- tests/data/test232 | 14 +- tests/data/test233 | 32 +-- tests/data/test234 | 34 +-- tests/data/test235 | 18 +- tests/data/test236 | 18 +- tests/data/test237 | 10 +- tests/data/test238 | 12 +- tests/data/test239 | 38 +-- tests/data/test24 | 12 +- tests/data/test240 | 12 +- tests/data/test2401 | 20 +- tests/data/test2404 | 46 ++-- tests/data/test2405 | 2 - tests/data/test241 | 12 +- tests/data/test242 | 14 +- tests/data/test243 | 54 ++-- tests/data/test244 | 16 +- tests/data/test245 | 32 +-- tests/data/test246 | 32 +-- tests/data/test247 | 12 +- tests/data/test248 | 18 +- tests/data/test249 | 14 +- tests/data/test25 | 62 ++--- tests/data/test250 | 16 +- tests/data/test2501 | 18 +- tests/data/test2502 | 46 ++-- tests/data/test251 | 16 +- tests/data/test252 | 16 +- tests/data/test254 | 16 +- tests/data/test256 | 18 +- tests/data/test257 | 42 +-- tests/data/test26 | 12 +- tests/data/test260 | 12 +- tests/data/test261 | 18 +- tests/data/test262 | 12 +- tests/data/test263 | 14 +- tests/data/test264 | 16 +- tests/data/test265 | 40 +-- tests/data/test266 | 12 +- tests/data/test267 | 42 +-- tests/data/test269 | 12 +- tests/data/test27 | 36 +-- tests/data/test270 | 18 +- tests/data/test273 | 24 +- tests/data/test274 | 12 +- tests/data/test276 | 22 +- tests/data/test277 | 26 +- tests/data/test278 | 16 +- tests/data/test279 | 16 +- tests/data/test28 | 22 +- tests/data/test280 | 20 +- tests/data/test282 | 12 +- tests/data/test287 | 12 +- tests/data/test29 | 12 +- tests/data/test290 | 16 +- tests/data/test291 | 18 +- tests/data/test292 | 12 +- tests/data/test293 | 12 +- tests/data/test294 | 20 +- tests/data/test295 | 6 +- tests/data/test296 | 24 +- tests/data/test297 | 20 +- tests/data/test298 | 18 +- tests/data/test299 | 16 +- tests/data/test3 | 18 +- tests/data/test30 | 12 +- tests/data/test300 | 12 +- tests/data/test3000 | 12 +- tests/data/test3001 | 12 +- tests/data/test3002 | 32 +-- tests/data/test3003 | 32 +-- tests/data/test3004 | 32 +-- tests/data/test3005 | 32 +-- tests/data/test3006 | 18 +- tests/data/test3007 | 10 +- tests/data/test3008 | 12 +- tests/data/test3009 | 12 +- tests/data/test301 | 14 +- tests/data/test3011 | 12 +- tests/data/test3012 | 12 +- tests/data/test3013 | 22 +- tests/data/test3014 | 12 +- tests/data/test3015 | 22 +- tests/data/test3023 | 12 +- tests/data/test3024 | 12 +- tests/data/test3027 | 20 +- tests/data/test3028 | 14 +- tests/data/test303 | 12 +- tests/data/test3031 | 12 +- tests/data/test3032 | 42 +-- tests/data/test3035 | 60 ++--- tests/data/test306 | 12 +- tests/data/test307 | 12 +- tests/data/test309 | 22 +- tests/data/test31 | 12 +- tests/data/test310 | 12 +- tests/data/test3100 | 20 +- tests/data/test3101 | 20 +- tests/data/test3102 | 10 +- tests/data/test314 | 14 +- tests/data/test315 | 14 +- tests/data/test316 | 14 +- tests/data/test317 | 32 +-- tests/data/test318 | 34 +-- tests/data/test319 | 12 +- tests/data/test320 | 2 - tests/data/test3201 | 16 +- tests/data/test3202 | 14 +- tests/data/test3204 | 14 +- tests/data/test3206 | 12 +- tests/data/test3215 | 24 +- tests/data/test325 | 12 +- tests/data/test326 | 12 +- tests/data/test327 | 24 +- tests/data/test328 | 12 +- tests/data/test329 | 26 +- tests/data/test330 | 28 +- tests/data/test331 | 28 +- tests/data/test334 | 12 +- tests/data/test335 | 44 +-- tests/data/test336 | 24 +- tests/data/test337 | 24 +- tests/data/test339 | 12 +- tests/data/test34 | 12 +- tests/data/test340 | 8 +- tests/data/test341 | 14 +- tests/data/test342 | 14 +- tests/data/test343 | 14 +- tests/data/test344 | 14 +- tests/data/test345 | 14 +- tests/data/test346 | 18 +- tests/data/test347 | 12 +- tests/data/test348 | 16 +- tests/data/test349 | 12 +- tests/data/test350 | 18 +- tests/data/test351 | 16 +- tests/data/test352 | 18 +- tests/data/test353 | 16 +- tests/data/test354 | 16 +- tests/data/test355 | 12 +- tests/data/test356 | 12 +- tests/data/test36 | 12 +- tests/data/test361 | 22 +- tests/data/test362 | 18 +- tests/data/test363 | 16 +- tests/data/test365 | 12 +- tests/data/test366 | 12 +- tests/data/test367 | 14 +- tests/data/test368 | 14 +- tests/data/test369 | 12 +- tests/data/test37 | 12 +- tests/data/test371 | 12 +- tests/data/test372 | 12 +- tests/data/test373 | 12 +- tests/data/test374 | 12 +- tests/data/test376 | 12 +- tests/data/test379 | 12 +- tests/data/test38 | 14 +- tests/data/test380 | 16 +- tests/data/test381 | 16 +- tests/data/test383 | 16 +- tests/data/test385 | 16 +- tests/data/test386 | 26 +- tests/data/test387 | 16 +- tests/data/test389 | 12 +- tests/data/test391 | 22 +- tests/data/test392 | 24 +- tests/data/test393 | 12 +- tests/data/test394 | 12 +- tests/data/test395 | 12 +- tests/data/test396 | 14 +- tests/data/test397 | 14 +- tests/data/test398 | 12 +- tests/data/test4 | 38 +-- tests/data/test40 | 22 +- tests/data/test400 | 20 +- tests/data/test4000 | 12 +- tests/data/test401 | 20 +- tests/data/test402 | 6 +- tests/data/test403 | 22 +- tests/data/test406 | 20 +- tests/data/test407 | 32 +-- tests/data/test408 | 26 +- tests/data/test409 | 20 +- tests/data/test410 | 14 +- tests/data/test412 | 14 +- tests/data/test413 | 14 +- tests/data/test414 | 34 +-- tests/data/test415 | 12 +- tests/data/test416 | 16 +- tests/data/test417 | 12 +- tests/data/test42 | 22 +- tests/data/test43 | 26 +- tests/data/test430 | 50 ++-- tests/data/test431 | 50 ++-- tests/data/test432 | 50 ++-- tests/data/test433 | 18 +- tests/data/test434 | 12 +- tests/data/test435 | 22 +- tests/data/test436 | 18 +- tests/data/test437 | 12 +- tests/data/test440 | 12 +- tests/data/test441 | 12 +- tests/data/test442 | 14 +- tests/data/test443 | 14 +- tests/data/test444 | 12 +- tests/data/test45 | 22 +- tests/data/test457 | 12 +- tests/data/test46 | 14 +- tests/data/test47 | 12 +- tests/data/test471 | 22 +- tests/data/test473 | 12 +- tests/data/test475 | 16 +- tests/data/test476 | 16 +- tests/data/test477 | 22 +- tests/data/test478 | 16 +- tests/data/test479 | 30 +-- tests/data/test483 | 8 +- tests/data/test486 | 28 +- tests/data/test49 | 22 +- tests/data/test493 | 12 +- tests/data/test494 | 18 +- tests/data/test495 | 14 +- tests/data/test5 | 14 +- tests/data/test50 | 22 +- tests/data/test500 | 10 +- tests/data/test505 | 20 +- tests/data/test51 | 22 +- tests/data/test510 | 36 +-- tests/data/test511 | 16 +- tests/data/test512 | 10 +- tests/data/test514 | 10 +- tests/data/test515 | 14 +- tests/data/test516 | 12 +- tests/data/test518 | 10 +- tests/data/test519 | 22 +- tests/data/test52 | 22 +- tests/data/test520 | 20 +- tests/data/test521 | 18 +- tests/data/test522 | 12 +- tests/data/test523 | 14 +- tests/data/test524 | 8 +- tests/data/test525 | 18 +- tests/data/test526 | 38 +-- tests/data/test527 | 38 +-- tests/data/test528 | 34 +-- tests/data/test529 | 18 +- tests/data/test53 | 14 +- tests/data/test530 | 2 - tests/data/test531 | 18 +- tests/data/test532 | 38 +-- tests/data/test533 | 26 +- tests/data/test534 | 20 +- tests/data/test535 | 18 +- tests/data/test537 | 10 +- tests/data/test538 | 6 +- tests/data/test539 | 30 +-- tests/data/test54 | 12 +- tests/data/test541 | 20 +- tests/data/test542 | 16 +- tests/data/test546 | 26 +- tests/data/test549 | 12 +- tests/data/test55 | 22 +- tests/data/test550 | 12 +- tests/data/test556 | 8 +- tests/data/test56 | 24 +- tests/data/test560 | 10 +- tests/data/test561 | 12 +- tests/data/test562 | 16 +- tests/data/test563 | 12 +- tests/data/test564 | 20 +- tests/data/test565 | 54 ++-- tests/data/test566 | 10 +- tests/data/test567 | 12 +- tests/data/test569 | 50 ++-- tests/data/test57 | 12 +- tests/data/test570 | 24 +- tests/data/test573 | 10 +- tests/data/test574 | 78 +++--- tests/data/test575 | 122 ++++----- tests/data/test580 | 10 +- tests/data/test581 | 10 +- tests/data/test584 | 34 +-- tests/data/test585 | 10 +- tests/data/test586 | 18 +- tests/data/test589 | 12 +- tests/data/test59 | 12 +- tests/data/test590 | 36 +-- tests/data/test595 | 18 +- tests/data/test597 | 8 +- tests/data/test598 | 24 +- tests/data/test6 | 14 +- tests/data/test61 | 12 +- tests/data/test62 | 26 +- tests/data/test627 | 2 - tests/data/test63 | 16 +- tests/data/test64 | 24 +- tests/data/test644 | 22 +- tests/data/test646 | 12 +- tests/data/test647 | 10 +- tests/data/test648 | 52 ++-- tests/data/test649 | 10 +- tests/data/test65 | 24 +- tests/data/test650 | 14 +- tests/data/test651 | 24 +- tests/data/test652 | 632 ++++++++++++++++++++++---------------------- tests/data/test653 | 46 ++-- tests/data/test658 | 10 +- tests/data/test659 | 12 +- tests/data/test66 | 12 +- tests/data/test660 | 4 +- tests/data/test661 | 70 ++--- tests/data/test662 | 26 +- tests/data/test663 | 26 +- tests/data/test667 | 44 +-- tests/data/test669 | 34 +-- tests/data/test67 | 26 +- tests/data/test670 | 24 +- tests/data/test671 | 24 +- tests/data/test672 | 24 +- tests/data/test673 | 24 +- tests/data/test674 | 18 +- tests/data/test675 | 26 +- tests/data/test676 | 24 +- tests/data/test677 | 6 +- tests/data/test678 | 12 +- tests/data/test679 | 14 +- tests/data/test68 | 26 +- tests/data/test681 | 12 +- tests/data/test682 | 14 +- tests/data/test683 | 14 +- tests/data/test684 | 14 +- tests/data/test685 | 14 +- tests/data/test687 | 12 +- tests/data/test688 | 12 +- tests/data/test689 | 12 +- tests/data/test69 | 36 +-- tests/data/test693 | 12 +- tests/data/test695 | 62 ++--- tests/data/test696 | 14 +- tests/data/test698 | 26 +- tests/data/test7 | 12 +- tests/data/test70 | 24 +- tests/data/test700 | 12 +- tests/data/test701 | 12 +- tests/data/test706 | 16 +- tests/data/test707 | 16 +- tests/data/test708 | 12 +- tests/data/test709 | 12 +- tests/data/test710 | 12 +- tests/data/test711 | 18 +- tests/data/test712 | 18 +- tests/data/test713 | 18 +- tests/data/test714 | 18 +- tests/data/test715 | 18 +- tests/data/test717 | 12 +- tests/data/test718 | 12 +- tests/data/test719 | 12 +- tests/data/test72 | 24 +- tests/data/test720 | 12 +- tests/data/test721 | 12 +- tests/data/test73 | 12 +- tests/data/test74 | 22 +- tests/data/test742 | 12 +- tests/data/test744 | 12 +- tests/data/test753 | 20 +- tests/data/test754 | 28 +- tests/data/test756 | 22 +- tests/data/test757 | 62 ++--- tests/data/test762 | 12 +- tests/data/test77 | 14 +- tests/data/test775 | 14 +- tests/data/test78 | 14 +- tests/data/test79 | 14 +- tests/data/test794 | 2 +- tests/data/test796 | 2 +- tests/data/test797 | 2 +- tests/data/test799 | 12 +- tests/data/test8 | 14 +- tests/data/test80 | 12 +- tests/data/test800 | 12 +- tests/data/test801 | 12 +- tests/data/test802 | 12 +- tests/data/test803 | 10 +- tests/data/test804 | 14 +- tests/data/test805 | 30 +-- tests/data/test806 | 10 +- tests/data/test807 | 10 +- tests/data/test808 | 10 +- tests/data/test809 | 10 +- tests/data/test81 | 30 +-- tests/data/test810 | 12 +- tests/data/test811 | 10 +- tests/data/test812 | 10 +- tests/data/test813 | 10 +- tests/data/test814 | 12 +- tests/data/test815 | 14 +- tests/data/test816 | 14 +- tests/data/test817 | 10 +- tests/data/test818 | 10 +- tests/data/test819 | 14 +- tests/data/test82 | 16 +- tests/data/test820 | 16 +- tests/data/test821 | 14 +- tests/data/test822 | 16 +- tests/data/test823 | 16 +- tests/data/test824 | 14 +- tests/data/test825 | 12 +- tests/data/test826 | 14 +- tests/data/test827 | 14 +- tests/data/test828 | 12 +- tests/data/test83 | 14 +- tests/data/test830 | 8 +- tests/data/test831 | 10 +- tests/data/test832 | 8 +- tests/data/test833 | 18 +- tests/data/test834 | 20 +- tests/data/test835 | 18 +- tests/data/test836 | 22 +- tests/data/test837 | 14 +- tests/data/test838 | 14 +- tests/data/test839 | 12 +- tests/data/test84 | 16 +- tests/data/test840 | 12 +- tests/data/test841 | 12 +- tests/data/test842 | 14 +- tests/data/test843 | 12 +- tests/data/test844 | 8 +- tests/data/test845 | 8 +- tests/data/test846 | 10 +- tests/data/test847 | 12 +- tests/data/test848 | 14 +- tests/data/test849 | 8 +- tests/data/test85 | 18 +- tests/data/test850 | 12 +- tests/data/test851 | 12 +- tests/data/test852 | 12 +- tests/data/test853 | 12 +- tests/data/test854 | 12 +- tests/data/test855 | 12 +- tests/data/test856 | 8 +- tests/data/test857 | 12 +- tests/data/test858 | 12 +- tests/data/test859 | 12 +- tests/data/test86 | 32 +-- tests/data/test860 | 12 +- tests/data/test861 | 12 +- tests/data/test862 | 12 +- tests/data/test863 | 12 +- tests/data/test864 | 10 +- tests/data/test865 | 12 +- tests/data/test866 | 14 +- tests/data/test867 | 12 +- tests/data/test868 | 14 +- tests/data/test869 | 14 +- tests/data/test870 | 12 +- tests/data/test871 | 10 +- tests/data/test872 | 12 +- tests/data/test873 | 12 +- tests/data/test874 | 10 +- tests/data/test876 | 8 +- tests/data/test877 | 10 +- tests/data/test878 | 8 +- tests/data/test879 | 16 +- tests/data/test880 | 18 +- tests/data/test881 | 16 +- tests/data/test882 | 22 +- tests/data/test883 | 12 +- tests/data/test884 | 12 +- tests/data/test885 | 10 +- tests/data/test886 | 10 +- tests/data/test887 | 12 +- tests/data/test888 | 10 +- tests/data/test889 | 10 +- tests/data/test89 | 50 ++-- tests/data/test890 | 8 +- tests/data/test891 | 8 +- tests/data/test892 | 12 +- tests/data/test893 | 8 +- tests/data/test895 | 12 +- tests/data/test897 | 12 +- tests/data/test898 | 30 +-- tests/data/test90 | 70 ++--- tests/data/test900 | 12 +- tests/data/test901 | 36 +-- tests/data/test902 | 26 +- tests/data/test903 | 22 +- tests/data/test904 | 24 +- tests/data/test905 | 22 +- tests/data/test906 | 24 +- tests/data/test907 | 24 +- tests/data/test908 | 22 +- tests/data/test909 | 24 +- tests/data/test91 | 36 +-- tests/data/test910 | 24 +- tests/data/test911 | 16 +- tests/data/test912 | 24 +- tests/data/test913 | 8 +- tests/data/test914 | 8 +- tests/data/test915 | 24 +- tests/data/test916 | 10 +- tests/data/test917 | 32 +-- tests/data/test918 | 12 +- tests/data/test919 | 20 +- tests/data/test92 | 58 ++-- tests/data/test920 | 22 +- tests/data/test921 | 22 +- tests/data/test922 | 20 +- tests/data/test923 | 8 +- tests/data/test924 | 8 +- tests/data/test925 | 8 +- tests/data/test926 | 8 +- tests/data/test927 | 8 +- tests/data/test928 | 8 +- tests/data/test929 | 8 +- tests/data/test93 | 14 +- tests/data/test930 | 8 +- tests/data/test932 | 8 +- tests/data/test933 | 10 +- tests/data/test934 | 8 +- tests/data/test935 | 26 +- tests/data/test936 | 28 +- tests/data/test937 | 26 +- tests/data/test938 | 36 +-- tests/data/test939 | 20 +- tests/data/test94 | 12 +- tests/data/test940 | 18 +- tests/data/test941 | 40 +-- tests/data/test942 | 22 +- tests/data/test943 | 22 +- tests/data/test944 | 20 +- tests/data/test945 | 20 +- tests/data/test946 | 22 +- tests/data/test947 | 20 +- tests/data/test948 | 10 +- tests/data/test949 | 8 +- tests/data/test950 | 8 +- tests/data/test951 | 18 +- tests/data/test952 | 18 +- tests/data/test953 | 22 +- tests/data/test954 | 8 +- tests/data/test955 | 8 +- tests/data/test956 | 10 +- tests/data/test957 | 8 +- tests/data/test958 | 8 +- tests/data/test959 | 8 +- tests/data/test960 | 10 +- tests/data/test961 | 8 +- tests/data/test962 | 24 +- tests/data/test963 | 24 +- tests/data/test964 | 8 +- tests/data/test965 | 24 +- tests/data/test966 | 24 +- tests/data/test967 | 8 +- tests/data/test968 | 8 +- tests/data/test969 | 16 +- tests/data/test973 | 34 +-- tests/data/test974 | 28 +- tests/data/test975 | 34 +-- tests/data/test976 | 30 +-- tests/data/test980 | 6 +- tests/data/test981 | 6 +- tests/data/test982 | 6 +- tests/data/test983 | 4 +- tests/data/test984 | 4 +- tests/data/test987 | 24 +- tests/data/test988 | 28 +- tests/data/test989 | 12 +- tests/data/test99 | 14 +- tests/data/test992 | 22 +- tests/data/test993 | 12 +- tests/data/test997 | 22 +- tests/data/test998 | 30 +-- tests/data/test999 | 28 +- 1182 files changed, 11433 insertions(+), 11453 deletions(-) diff --git a/tests/data/test100 b/tests/data/test100 index b7554383ea..152633ba80 100644 --- a/tests/data/test100 +++ b/tests/data/test100 @@ -41,15 +41,15 @@ ftp://%HOSTIP:%FTPPORT/test-%TESTNUMBER/ # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD test-%TESTNUMBER -EPSV -TYPE A -LIST -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD test-%TESTNUMBER +EPSV +TYPE A +LIST +QUIT diff --git a/tests/data/test1000 b/tests/data/test1000 index fe94010ac3..e679207d30 100644 --- a/tests/data/test1000 +++ b/tests/data/test1000 @@ -31,12 +31,12 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER/ -I # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD %TESTNUMBER +QUIT diff --git a/tests/data/test1003 b/tests/data/test1003 index c4a1bb001a..a4104d216b 100644 --- a/tests/data/test1003 +++ b/tests/data/test1003 @@ -33,16 +33,16 @@ ftp://%HOSTIP:%FTPPORT/path/%TESTNUMBER # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1004 b/tests/data/test1004 index 33faaafb19..d7c0ae5176 100644 --- a/tests/data/test1004 +++ b/tests/data/test1004 @@ -46,12 +46,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --proxy "" # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1005 b/tests/data/test1005 index 1827fbdc8c..356de5a556 100644 --- a/tests/data/test1005 +++ b/tests/data/test1005 @@ -33,16 +33,16 @@ ftp://%HOSTIP:%FTPPORT/path/%TESTNUMBER # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1006 b/tests/data/test1006 index 13d426d053..a714a899bc 100644 --- a/tests/data/test1006 +++ b/tests/data/test1006 @@ -34,16 +34,16 @@ ftp://%HOSTIP:%FTPPORT/path/%TESTNUMBER # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test101 b/tests/data/test101 index 3febc5e72a..6f0d79efce 100644 --- a/tests/data/test101 +++ b/tests/data/test101 @@ -43,14 +43,14 @@ ftp://%HOSTIP:%FTPPORT/ -P %CLIENTIP ^PORT \d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3} ^EPRT \|1\|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\|\d{1,5}\| - -USER anonymous -PASS ftp@example.com -PWD -PORT 127,0,0,1,243,212 -TYPE A -LIST -QUIT + +USER anonymous +PASS ftp@example.com +PWD +PORT 127,0,0,1,243,212 +TYPE A +LIST +QUIT diff --git a/tests/data/test1010 b/tests/data/test1010 index d45efdc8a5..7f5701d32e 100644 --- a/tests/data/test1010 +++ b/tests/data/test1010 @@ -42,16 +42,16 @@ ftp://%HOSTIP:%FTPPORT//list/this/path/%TESTNUMBER/ ftp://%HOSTIP:%FTPPORT//list # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE A -LIST /list/this/path/%TESTNUMBER -EPSV -LIST /list/this/path/%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE A +LIST /list/this/path/%TESTNUMBER +EPSV +LIST /list/this/path/%TESTNUMBER +QUIT diff --git a/tests/data/test1011 b/tests/data/test1011 index d6a3d1aa7d..0ef87ae1a6 100644 --- a/tests/data/test1011 +++ b/tests/data/test1011 @@ -56,19 +56,19 @@ http://%HOSTIP:%HTTPPORT/blah/%TESTNUMBER -L -d "moo" # # Verify data after the test has been "shot" - -POST /blah/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 3 -Content-Type: application/x-www-form-urlencoded - -mooGET /blah/moo.html&testcase=/%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +POST /blah/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 3 +Content-Type: application/x-www-form-urlencoded + +mooGET /blah/moo.html&testcase=/%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1012 b/tests/data/test1012 index da6ec61922..5ced62b24d 100644 --- a/tests/data/test1012 +++ b/tests/data/test1012 @@ -56,21 +56,21 @@ http://%HOSTIP:%HTTPPORT/blah/%TESTNUMBER -L -d "moo" --post301 # # Verify data after the test has been "shot" - -POST /blah/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 3 -Content-Type: application/x-www-form-urlencoded - -mooPOST /blah/moo.html&testcase=/%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 3 -Content-Type: application/x-www-form-urlencoded - + +POST /blah/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 3 +Content-Type: application/x-www-form-urlencoded + +mooPOST /blah/moo.html&testcase=/%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 3 +Content-Type: application/x-www-form-urlencoded + moo diff --git a/tests/data/test1015 b/tests/data/test1015 index fc26149121..52a7d3e957 100644 --- a/tests/data/test1015 +++ b/tests/data/test1015 @@ -38,14 +38,14 @@ content to _?!#$'|<> # # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 119 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 119 +Content-Type: application/x-www-form-urlencoded + my+name+is+moo%5B%5D&y e s=s_i_r&v_alue=content+to+_%3F%21%23%24%27%7C%3C%3E%0A&content+to+_%3F%21%23%24%27%7C%3C%3E%0A diff --git a/tests/data/test102 b/tests/data/test102 index 7037986f46..99fda2dcc9 100644 --- a/tests/data/test102 +++ b/tests/data/test102 @@ -37,16 +37,16 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -PASV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +PASV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1021 b/tests/data/test1021 index bb34615fd6..25fb2bfc3c 100644 --- a/tests/data/test1021 +++ b/tests/data/test1021 @@ -106,29 +106,29 @@ http://test.remote.example.com.%TESTNUMBER:%HTTPPORT/path/%TESTNUMBER0002 --prox # Verify data after the test has been "shot" - -CONNECT test.remote.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 -Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - -CONNECT test.remote.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 -Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT -Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - -CONNECT test.remote.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 -Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT -Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - -GET /path/%TESTNUMBER0002 HTTP/1.1 -Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +CONNECT test.remote.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 +Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + +CONNECT test.remote.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 +Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT +Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + +CONNECT test.remote.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 +Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT +Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + +GET /path/%TESTNUMBER0002 HTTP/1.1 +Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1024 b/tests/data/test1024 index 55deec98bb..24c5e6ca67 100644 --- a/tests/data/test1024 +++ b/tests/data/test1024 @@ -84,23 +84,23 @@ cookies # Verify data after the test has been "shot" - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /data/%TESTNUMBER0002.txt HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /want/%TESTNUMBER0003.txt HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Cookie: firstcookie=want - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /data/%TESTNUMBER0002.txt HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /want/%TESTNUMBER0003.txt HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Cookie: firstcookie=want + diff --git a/tests/data/test1025 b/tests/data/test1025 index 762e34a835..c08a157d57 100644 --- a/tests/data/test1025 +++ b/tests/data/test1025 @@ -84,25 +84,25 @@ cookies # Verify data after the test has been "shot" - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Cookie: forcedcookie=yes - -GET /data/%TESTNUMBER0002.txt HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Cookie: forcedcookie=yes - -GET /want/%TESTNUMBER0003.txt HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Cookie: firstcookie=want; forcedcookie=yes - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Cookie: forcedcookie=yes + +GET /data/%TESTNUMBER0002.txt HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Cookie: forcedcookie=yes + +GET /want/%TESTNUMBER0003.txt HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Cookie: firstcookie=want; forcedcookie=yes + diff --git a/tests/data/test1028 b/tests/data/test1028 index 3e36597322..81728c6864 100644 --- a/tests/data/test1028 +++ b/tests/data/test1028 @@ -52,20 +52,20 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER0001 -L # # Verify data after the test has been "shot" - -GET /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE %TESTNUMBER0002 -RETR %TESTNUMBER0002 -QUIT + +GET /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +SIZE %TESTNUMBER0002 +RETR %TESTNUMBER0002 +QUIT HTTP/1.1 302 OK diff --git a/tests/data/test1029 b/tests/data/test1029 index da393cb41b..f37146a747 100644 --- a/tests/data/test1029 +++ b/tests/data/test1029 @@ -36,12 +36,12 @@ http://%HOSTIP:%HTTPPORT/we/want/our/%TESTNUMBER -w '%{redirect_url} %{url} %{ex # Verify data after the test has been "shot" - -GET /we/want/our/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /we/want/our/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 301 This is a weirdo text message swsclose diff --git a/tests/data/test103 b/tests/data/test103 index 52e5645bc0..d6283c62bb 100644 --- a/tests/data/test103 +++ b/tests/data/test103 @@ -38,17 +38,17 @@ ftp://%HOSTIP:%FTPPORT/a/path/%TESTNUMBER -P - ^PORT \d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3} ^EPRT \|1\|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\|\d{1,5}\| - -USER anonymous -PASS ftp@example.com -PWD -CWD a -CWD path -PORT 127,0,0,1,0,0 -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD a +CWD path +PORT 127,0,0,1,0,0 +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1031 b/tests/data/test1031 index 305a0f7eb5..39f374b058 100644 --- a/tests/data/test1031 +++ b/tests/data/test1031 @@ -59,17 +59,17 @@ http://%HOSTIP:%HTTPPORT/want/this/%TESTNUMBER -L # Verify data after the test has been "shot" - -GET /want/this/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /want/this/%TESTNUMBER?coolsite=yes/%TESTNUMBER0002.txt HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /want/this/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /want/this/%TESTNUMBER?coolsite=yes/%TESTNUMBER0002.txt HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1032 b/tests/data/test1032 index 5456542ae3..d6d4f9ec4c 100644 --- a/tests/data/test1032 +++ b/tests/data/test1032 @@ -42,13 +42,13 @@ HTTP HEAD with --range # # Verify data after the test has been "shot" - -HEAD /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Range: bytes=1-3 -User-Agent: curl/%VERSION -Accept: */* - + +HEAD /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Range: bytes=1-3 +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1033 b/tests/data/test1033 index b19bf1ce96..460e7f8806 100644 --- a/tests/data/test1033 +++ b/tests/data/test1033 @@ -47,12 +47,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1036 b/tests/data/test1036 index f777a6ff7d..b5aeea8dd9 100644 --- a/tests/data/test1036 +++ b/tests/data/test1036 @@ -40,17 +40,17 @@ This is the start!! # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -PASV -TYPE I -SIZE %TESTNUMBER -REST 20 -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +PASV +TYPE I +SIZE %TESTNUMBER +REST 20 +RETR %TESTNUMBER +QUIT This is the start!! diff --git a/tests/data/test1037 b/tests/data/test1037 index 18c9e5266a..d540a00373 100644 --- a/tests/data/test1037 +++ b/tests/data/test1037 @@ -39,16 +39,16 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER -C - # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -PASV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +PASV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1038 b/tests/data/test1038 index c2e60a0a49..294c7b94c1 100644 --- a/tests/data/test1038 +++ b/tests/data/test1038 @@ -34,15 +34,15 @@ worx? # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -APPE %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +APPE %TESTNUMBER +QUIT cr@p******** that we're gonna upload diff --git a/tests/data/test1039 b/tests/data/test1039 index a032c2f9ab..6637c5721b 100644 --- a/tests/data/test1039 +++ b/tests/data/test1039 @@ -34,15 +34,15 @@ worx? # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -STOR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +STOR %TESTNUMBER +QUIT this is the *****cr@p******** that we're gonna upload diff --git a/tests/data/test104 b/tests/data/test104 index 3674f1da0a..fda73d0ee5 100644 --- a/tests/data/test104 +++ b/tests/data/test104 @@ -27,17 +27,17 @@ ftp://%HOSTIP:%FTPPORT/a/path/%TESTNUMBER --head # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD a -CWD path -MDTM %TESTNUMBER -TYPE I -SIZE %TESTNUMBER -REST 0 -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD a +CWD path +MDTM %TESTNUMBER +TYPE I +SIZE %TESTNUMBER +REST 0 +QUIT diff --git a/tests/data/test1040 b/tests/data/test1040 index bd1e5b0e32..18dab6c578 100644 --- a/tests/data/test1040 +++ b/tests/data/test1040 @@ -65,13 +65,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -C - # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Range: bytes=100- -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Range: bytes=100- +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1042 b/tests/data/test1042 index a2a5c62f36..3fb798048f 100644 --- a/tests/data/test1042 +++ b/tests/data/test1042 @@ -80,13 +80,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -C 200 33 - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Range: bytes=200- -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Range: bytes=200- +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1043 b/tests/data/test1043 index ea850a1f97..d3ca56b037 100644 --- a/tests/data/test1043 +++ b/tests/data/test1043 @@ -70,13 +70,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -C - # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Range: bytes=40- -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Range: bytes=40- +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1044 b/tests/data/test1044 index 471f099a3f..5486b344ed 100644 --- a/tests/data/test1044 +++ b/tests/data/test1044 @@ -38,16 +38,16 @@ ftp://%HOSTIP:%FTPPORT/blalbla/%TESTNUMBER -I # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD blalbla -MDTM %TESTNUMBER -TYPE I -SIZE %TESTNUMBER -REST 0 -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD blalbla +MDTM %TESTNUMBER +TYPE I +SIZE %TESTNUMBER +REST 0 +QUIT Last-Modified: Sat, 26 Jul 2008 10:26:59 GMT diff --git a/tests/data/test1045 b/tests/data/test1045 index e8745bf2de..6fdfbfe205 100644 --- a/tests/data/test1045 +++ b/tests/data/test1045 @@ -39,12 +39,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --interface %CLIENTIP # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1046 b/tests/data/test1046 index fd05b3d535..3cf9d57bca 100644 --- a/tests/data/test1046 +++ b/tests/data/test1046 @@ -43,12 +43,12 @@ HTTP-IPv6 GET with numeric localhost --interface # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOST6IP:%HTTP6PORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOST6IP:%HTTP6PORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1047 b/tests/data/test1047 index b863bd0061..772cd4d17b 100644 --- a/tests/data/test1047 +++ b/tests/data/test1047 @@ -43,14 +43,14 @@ ftp://%HOSTIP:%FTPPORT/ --interface %CLIENTIP # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE A -LIST -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE A +LIST +QUIT diff --git a/tests/data/test1048 b/tests/data/test1048 index cf90020fef..3a58d7b51e 100644 --- a/tests/data/test1048 +++ b/tests/data/test1048 @@ -48,14 +48,14 @@ FTP-IPv6 dir list PASV with localhost --interface # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE A -LIST -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE A +LIST +QUIT diff --git a/tests/data/test105 b/tests/data/test105 index 2a26ac7eca..f0a5e4bc2a 100644 --- a/tests/data/test105 +++ b/tests/data/test105 @@ -37,15 +37,15 @@ ftp://userdude:passfellow@%HOSTIP:%FTPPORT/%TESTNUMBER --use-ascii # Verify data after the test has been "shot" - -USER userdude -PASS passfellow -PWD -EPSV -PASV -TYPE A -RETR %TESTNUMBER -QUIT + +USER userdude +PASS passfellow +PWD +EPSV +PASV +TYPE A +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1054 b/tests/data/test1054 index b0425e545c..49ca87ba33 100644 --- a/tests/data/test1054 +++ b/tests/data/test1054 @@ -58,21 +58,21 @@ http://%HOSTIP:%HTTPPORT/blah/%TESTNUMBER -L -d @%LOGDIR/test%TESTNUMBER.txt --p # # Verify data after the test has been "shot" - -POST /blah/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 10 -Content-Type: application/x-www-form-urlencoded - -field=dataPOST /blah/moo/testcase/%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 10 -Content-Type: application/x-www-form-urlencoded - + +POST /blah/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 10 +Content-Type: application/x-www-form-urlencoded + +field=dataPOST /blah/moo/testcase/%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 10 +Content-Type: application/x-www-form-urlencoded + field=data diff --git a/tests/data/test1056 b/tests/data/test1056 index 302b9c5412..c0b74ec83f 100644 --- a/tests/data/test1056 +++ b/tests/data/test1056 @@ -66,17 +66,17 @@ http://%HOSTIP:%HTTPPORT/we/are/all/twits/%TESTNUMBER -L # # Verify data after the test has been "shot" - -GET /we/are/all/twits/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /moo/%TESTNUMBER0002 HTTP/1.1 -Host: %HOST6IP:%HTTP6PORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /we/are/all/twits/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /moo/%TESTNUMBER0002 HTTP/1.1 +Host: %HOST6IP:%HTTP6PORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1057 b/tests/data/test1057 index a7cb3bc61e..0a6f1bcd09 100644 --- a/tests/data/test1057 +++ b/tests/data/test1057 @@ -36,17 +36,17 @@ FTP retrieve a byte-range relative to end of file # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -REST 52 -RETR %TESTNUMBER -ABOR -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +REST 52 +RETR %TESTNUMBER +ABOR +QUIT diff --git a/tests/data/test1058 b/tests/data/test1058 index 794d2ef22a..ec7a59c80b 100644 --- a/tests/data/test1058 +++ b/tests/data/test1058 @@ -39,13 +39,13 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -r -101 # Verify data after the test has been "shot" - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Range: bytes=-101 -User-Agent: curl/%VERSION -Accept: */* - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Range: bytes=-101 +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1059 b/tests/data/test1059 index 5da753e594..44a3ed8a53 100644 --- a/tests/data/test1059 +++ b/tests/data/test1059 @@ -46,12 +46,12 @@ ftp://test-number:%TESTNUMBER/wanted/page -p -x %HOSTIP:%HTTPPORT 56 - -CONNECT test-number:%TESTNUMBER HTTP/1.1 -Host: test-number:%TESTNUMBER -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - + +CONNECT test-number:%TESTNUMBER HTTP/1.1 +Host: test-number:%TESTNUMBER +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test106 b/tests/data/test106 index b5e1e6929b..3e1784c1d6 100644 --- a/tests/data/test106 +++ b/tests/data/test106 @@ -35,17 +35,17 @@ FTP GET with type=A style ASCII URL using %20 codes # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD / -CWD path with spaces -CWD and things2 -EPSV -TYPE A -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD / +CWD path with spaces +CWD and things2 +EPSV +TYPE A +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1060 b/tests/data/test1060 index b64e202e81..d87124a7f5 100644 --- a/tests/data/test1060 +++ b/tests/data/test1060 @@ -83,23 +83,23 @@ http://test.remote.haxx.se.%TESTNUMBER:8990/path/%TESTNUMBER0002 --proxy http:// # Verify data after the test has been "shot" - -CONNECT test.remote.haxx.se.%TESTNUMBER:8990 HTTP/1.1 -Host: test.remote.haxx.se.%TESTNUMBER:8990 -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - -CONNECT test.remote.haxx.se.%TESTNUMBER:8990 HTTP/1.1 -Host: test.remote.haxx.se.%TESTNUMBER:8990 -Proxy-Authorization: Digest username="silly", realm="weirdorealm", nonce="12345", uri="test.remote.haxx.se.%TESTNUMBER:8990", response="e1fbed39c26f4efe284adc0e576ff638" -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - -GET /path/%TESTNUMBER0002 HTTP/1.1 -Host: test.remote.haxx.se.%TESTNUMBER:8990 -User-Agent: curl/%VERSION -Accept: */* - + +CONNECT test.remote.haxx.se.%TESTNUMBER:8990 HTTP/1.1 +Host: test.remote.haxx.se.%TESTNUMBER:8990 +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + +CONNECT test.remote.haxx.se.%TESTNUMBER:8990 HTTP/1.1 +Host: test.remote.haxx.se.%TESTNUMBER:8990 +Proxy-Authorization: Digest username="silly", realm="weirdorealm", nonce="12345", uri="test.remote.haxx.se.%TESTNUMBER:8990", response="e1fbed39c26f4efe284adc0e576ff638" +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + +GET /path/%TESTNUMBER0002 HTTP/1.1 +Host: test.remote.haxx.se.%TESTNUMBER:8990 +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1061 b/tests/data/test1061 index 1ec22f9426..46ad8f98f7 100644 --- a/tests/data/test1061 +++ b/tests/data/test1061 @@ -88,23 +88,23 @@ http://test.remote.haxx.se.%TESTNUMBER:8990/path/%TESTNUMBER0002 --proxy http:// # Verify data after the test has been "shot" - -CONNECT test.remote.haxx.se.%TESTNUMBER:8990 HTTP/1.1 -Host: test.remote.haxx.se.%TESTNUMBER:8990 -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - -CONNECT test.remote.haxx.se.%TESTNUMBER:8990 HTTP/1.1 -Host: test.remote.haxx.se.%TESTNUMBER:8990 -Proxy-Authorization: Digest username="silly", realm="weirdorealm", nonce="12345", uri="test.remote.haxx.se.%TESTNUMBER:8990", response="4e23449fa93224834299e7282a70472c" -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - -GET /path/%TESTNUMBER0002 HTTP/1.1 -Host: test.remote.haxx.se.%TESTNUMBER:8990 -User-Agent: curl/%VERSION -Accept: */* - + +CONNECT test.remote.haxx.se.%TESTNUMBER:8990 HTTP/1.1 +Host: test.remote.haxx.se.%TESTNUMBER:8990 +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + +CONNECT test.remote.haxx.se.%TESTNUMBER:8990 HTTP/1.1 +Host: test.remote.haxx.se.%TESTNUMBER:8990 +Proxy-Authorization: Digest username="silly", realm="weirdorealm", nonce="12345", uri="test.remote.haxx.se.%TESTNUMBER:8990", response="4e23449fa93224834299e7282a70472c" +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + +GET /path/%TESTNUMBER0002 HTTP/1.1 +Host: test.remote.haxx.se.%TESTNUMBER:8990 +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1062 b/tests/data/test1062 index c603345701..5b8c36f55f 100644 --- a/tests/data/test1062 +++ b/tests/data/test1062 @@ -34,16 +34,16 @@ ftp://%HOSTIP:%FTPPORT/path/%TESTNUMBER # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1066 b/tests/data/test1066 index 5b2b178f09..7ac4903d1f 100644 --- a/tests/data/test1066 +++ b/tests/data/test1066 @@ -41,17 +41,17 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER http://%HOSTIP:%HTTPPORT/want/%TESTNUM # Verify data after the test has been "shot" - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /want/%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /want/%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 200 OK diff --git a/tests/data/test1067 b/tests/data/test1067 index 8bb2233e36..85a5f8bc3f 100644 --- a/tests/data/test1067 +++ b/tests/data/test1067 @@ -59,19 +59,19 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER --silent --location --referer "firston # Verify data after the test has been "shot" - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Referer: firstone.html - -GET /want/data/%TESTNUMBER0002.txt?coolsite=yes HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Referer: http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Referer: firstone.html + +GET /want/data/%TESTNUMBER0002.txt?coolsite=yes HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Referer: http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER + |http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER| diff --git a/tests/data/test107 b/tests/data/test107 index a741b7667f..48ef6cc7c4 100644 --- a/tests/data/test107 +++ b/tests/data/test107 @@ -38,14 +38,14 @@ that FTP works so does it? - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -STOR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +STOR %TESTNUMBER +QUIT diff --git a/tests/data/test1070 b/tests/data/test1070 index a2665039bb..7f2b4fb09b 100644 --- a/tests/data/test1070 +++ b/tests/data/test1070 @@ -48,15 +48,15 @@ Here's 2000 x 'O': # # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Expect: 100-continue -Content-Length: 2313 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Expect: 100-continue +Content-Length: 2313 +Content-Type: application/x-www-form-urlencoded + This creates diff --git a/tests/data/test1074 b/tests/data/test1074 index 183d51a571..77d4caac72 100644 --- a/tests/data/test1074 +++ b/tests/data/test1074 @@ -60,17 +60,17 @@ Connection: close surprise2 - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /wantmore/%TESTNUMBER0001 HTTP/1.0 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /wantmore/%TESTNUMBER0001 HTTP/1.0 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1076 b/tests/data/test1076 index 258d14e6a8..8613a9a922 100644 --- a/tests/data/test1076 +++ b/tests/data/test1076 @@ -56,21 +56,21 @@ http://%HOSTIP:%HTTPPORT/blah/%TESTNUMBER -L -d "moo" --post302 # # Verify data after the test has been "shot" - -POST /blah/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 3 -Content-Type: application/x-www-form-urlencoded - -mooPOST /blah/moo.html&testcase=/%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 3 -Content-Type: application/x-www-form-urlencoded - + +POST /blah/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 3 +Content-Type: application/x-www-form-urlencoded + +mooPOST /blah/moo.html&testcase=/%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 3 +Content-Type: application/x-www-form-urlencoded + moo diff --git a/tests/data/test1077 b/tests/data/test1077 index 5162eb3420..847aa013d2 100644 --- a/tests/data/test1077 +++ b/tests/data/test1077 @@ -57,19 +57,19 @@ FTP over HTTP proxy with downgrade to HTTP 1.0 # # Verify data after the test has been "shot" - -GET ftp://%HOSTIP:%HTTPPORT/we/want/that/page/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET ftp://%HOSTIP:%HTTPPORT/we/want/that/page/%TESTNUMBER0002 HTTP/1.0 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET ftp://%HOSTIP:%HTTPPORT/we/want/that/page/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET ftp://%HOSTIP:%HTTPPORT/we/want/that/page/%TESTNUMBER0002 HTTP/1.0 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test1078 b/tests/data/test1078 index 97b30853fc..9ec0f44eec 100644 --- a/tests/data/test1078 +++ b/tests/data/test1078 @@ -60,17 +60,17 @@ User-Agent: curl/%VERSION Proxy-Connection: Keep-Alive - -GET /we/want/that/page/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /we/want/that/page/%TESTNUMBER HTTP/1.0 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /we/want/that/page/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /we/want/that/page/%TESTNUMBER HTTP/1.0 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 200 Mighty fine indeed diff --git a/tests/data/test1079 b/tests/data/test1079 index 83de2aedbf..418a25db0a 100644 --- a/tests/data/test1079 +++ b/tests/data/test1079 @@ -59,18 +59,18 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --digest 52 - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/%TESTNUMBER", response="e340c7cdca0950462070f46ee139e9f7" -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/%TESTNUMBER", response="e340c7cdca0950462070f46ee139e9f7" +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test108 b/tests/data/test108 index 20ef6577ed..b639781b59 100644 --- a/tests/data/test108 +++ b/tests/data/test108 @@ -36,17 +36,17 @@ Moooooooooooo ^PORT \d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3} ^EPRT \|1\|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\|\d{1,5}\| - -USER anonymous -PASS ftp@example.com -PWD -CWD CWD -CWD STOR -CWD RETR -PORT 127,0,0,1,5,109 -TYPE I -STOR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD CWD +CWD STOR +CWD RETR +PORT 127,0,0,1,5,109 +TYPE I +STOR %TESTNUMBER +QUIT Moooooooooooo diff --git a/tests/data/test1080 b/tests/data/test1080 index 6b9dd5a136..6848f61bf0 100644 --- a/tests/data/test1080 +++ b/tests/data/test1080 @@ -36,17 +36,17 @@ http://%HOSTIP:%HTTPPORT/we/want/our/%TESTNUMBER http://%HOSTIP:%HTTPPORT/we/wan # Verify data after the test has been "shot" - -GET /we/want/our/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /we/want/our/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /we/want/our/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /we/want/our/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 301 This is a weirdo text message swsclose diff --git a/tests/data/test1081 b/tests/data/test1081 index 557be4fe65..418804d330 100644 --- a/tests/data/test1081 +++ b/tests/data/test1081 @@ -44,17 +44,17 @@ http://%HOSTIP:%HTTPPORT/we/want/our/%TESTNUMBER http://%HOSTIP:%HTTPPORT/we/wan # Verify data after the test has been "shot" - -GET /we/want/our/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /we/want/our/%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /we/want/our/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /we/want/our/%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 301 This is a weirdo text message swsclose diff --git a/tests/data/test1082 b/tests/data/test1082 index 40e7b6a70c..cc9d461cfe 100644 --- a/tests/data/test1082 +++ b/tests/data/test1082 @@ -42,12 +42,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -4 --interface 127.0.0.1 # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1083 b/tests/data/test1083 index dae302b110..eb3fc7cfc3 100644 --- a/tests/data/test1083 +++ b/tests/data/test1083 @@ -46,12 +46,12 @@ HTTP-IPv6 GET with ip6-localhost --interface # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOST6IP:%HTTP6PORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOST6IP:%HTTP6PORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1086 b/tests/data/test1086 index 8b7828fb2f..562ebbad92 100644 --- a/tests/data/test1086 +++ b/tests/data/test1086 @@ -49,14 +49,14 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER -m 5 28 - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER diff --git a/tests/data/test1087 b/tests/data/test1087 index daf4c80949..6891fd1b84 100644 --- a/tests/data/test1087 +++ b/tests/data/test1087 @@ -88,26 +88,26 @@ proxy # # Verify data after the test has been "shot" - -GET http://first.host.it.is/we/want/that/page/%TESTNUMBER1000 HTTP/1.1 -Host: first.host.it.is -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://first.host.it.is/we/want/that/page/%TESTNUMBER1000 HTTP/1.1 -Host: first.host.it.is -Authorization: Basic %b64[iam:myself]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://goto.second.host.now/%TESTNUMBER1002 HTTP/1.1 -Host: goto.second.host.now -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://first.host.it.is/we/want/that/page/%TESTNUMBER1000 HTTP/1.1 +Host: first.host.it.is +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://first.host.it.is/we/want/that/page/%TESTNUMBER1000 HTTP/1.1 +Host: first.host.it.is +Authorization: Basic %b64[iam:myself]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://goto.second.host.now/%TESTNUMBER1002 HTTP/1.1 +Host: goto.second.host.now +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test1088 b/tests/data/test1088 index 11a88fc40a..08d418a72e 100644 --- a/tests/data/test1088 +++ b/tests/data/test1088 @@ -89,27 +89,27 @@ proxy # # Verify data after the test has been "shot" - -GET http://first.host.it.is/we/want/that/page/%TESTNUMBER1000 HTTP/1.1 -Host: first.host.it.is -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://first.host.it.is/we/want/that/page/%TESTNUMBER1000 HTTP/1.1 -Host: first.host.it.is -Authorization: Basic %b64[iam:myself]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://goto.second.host.now/%TESTNUMBER1002 HTTP/1.1 -Host: goto.second.host.now -Authorization: Basic %b64[iam:myself]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://first.host.it.is/we/want/that/page/%TESTNUMBER1000 HTTP/1.1 +Host: first.host.it.is +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://first.host.it.is/we/want/that/page/%TESTNUMBER1000 HTTP/1.1 +Host: first.host.it.is +Authorization: Basic %b64[iam:myself]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://goto.second.host.now/%TESTNUMBER1002 HTTP/1.1 +Host: goto.second.host.now +Authorization: Basic %b64[iam:myself]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test1089 b/tests/data/test1089 index c36f21cbbe..b65f0ddd4f 100644 --- a/tests/data/test1089 +++ b/tests/data/test1089 @@ -50,17 +50,17 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w "%{num_connects}\n%{num_redirects}\n%{si # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test109 b/tests/data/test109 index d466437f21..19e22caf82 100644 --- a/tests/data/test109 +++ b/tests/data/test109 @@ -31,14 +31,14 @@ Moooooooooooo # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -APPE %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +APPE %TESTNUMBER +QUIT Moooooooooooo diff --git a/tests/data/test1090 b/tests/data/test1090 index ffd81bc610..454913ac1b 100644 --- a/tests/data/test1090 +++ b/tests/data/test1090 @@ -57,17 +57,17 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w "%{num_connects}\n%{num_redirects}\n%{si # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1091 b/tests/data/test1091 index 445d31655f..47eb46a112 100644 --- a/tests/data/test1091 +++ b/tests/data/test1091 @@ -30,18 +30,18 @@ FTP URL with type=i # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD / -CWD tmp -CWD moo -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD / +CWD tmp +CWD moo +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1092 b/tests/data/test1092 index 3d7b741ea7..2c5fbb81cd 100644 --- a/tests/data/test1092 +++ b/tests/data/test1092 @@ -43,13 +43,13 @@ FTP with type=i over HTTP proxy # # Verify data after the test has been "shot" - -GET ftp://%HOSTIP:%HTTPPORT/we/want/that/page/%TESTNUMBER;type=i HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET ftp://%HOSTIP:%HTTPPORT/we/want/that/page/%TESTNUMBER;type=i HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test1095 b/tests/data/test1095 index 8e23ae6a3a..942aa0e10c 100644 --- a/tests/data/test1095 +++ b/tests/data/test1095 @@ -66,18 +66,18 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --digest # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="test \"this\" realm!!", nonce="1053604145", uri="/%TESTNUMBER", response="df3246f44d2bc8de0e9f8fc4d7cf6e95" -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="test \"this\" realm!!", nonce="1053604145", uri="/%TESTNUMBER", response="df3246f44d2bc8de0e9f8fc4d7cf6e95" +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1096 b/tests/data/test1096 index e7b1639247..6a3818c073 100644 --- a/tests/data/test1096 +++ b/tests/data/test1096 @@ -33,19 +33,19 @@ ftp://%HOSTIP:%FTPPORT/dir/%TESTNUMBER ftp://%HOSTIP:%FTPPORT/dir/%TESTNUMBER 78 - -USER anonymous -PASS ftp@example.com -PWD -CWD dir -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -EPSV -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD dir +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +EPSV +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1097 b/tests/data/test1097 index 106a8537b8..84b9300d49 100644 --- a/tests/data/test1097 +++ b/tests/data/test1097 @@ -59,20 +59,20 @@ http://test.a.galaxy.far.far.away.%TESTNUMBER:%HTTPPORT/%TESTNUMBER --proxy http # Verify data after the test has been "shot" - -CONNECT test.a.galaxy.far.far.away.%TESTNUMBER:%HTTPPORT HTTP/1.1 -Host: test.a.galaxy.far.far.away.%TESTNUMBER:%HTTPPORT -Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - -POST /%TESTNUMBER HTTP/1.1 -Host: test.a.galaxy.far.far.away.%TESTNUMBER:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 11 -Content-Type: application/x-www-form-urlencoded - + +CONNECT test.a.galaxy.far.far.away.%TESTNUMBER:%HTTPPORT HTTP/1.1 +Host: test.a.galaxy.far.far.away.%TESTNUMBER:%HTTPPORT +Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + +POST /%TESTNUMBER HTTP/1.1 +Host: test.a.galaxy.far.far.away.%TESTNUMBER:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 11 +Content-Type: application/x-www-form-urlencoded + dummy=value diff --git a/tests/data/test11 b/tests/data/test11 index 5affc6bde2..60164d6d62 100644 --- a/tests/data/test11 +++ b/tests/data/test11 @@ -59,17 +59,17 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -L # Verify data after the test has been "shot" - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /want/data/%TESTNUMBER0002.txt?coolsite=yes HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /want/data/%TESTNUMBER0002.txt?coolsite=yes HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test110 b/tests/data/test110 index e53fcd1377..f8418fbbca 100644 --- a/tests/data/test110 +++ b/tests/data/test110 @@ -36,17 +36,17 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER -C 20 # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -PASV -TYPE I -SIZE %TESTNUMBER -REST 20 -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +PASV +TYPE I +SIZE %TESTNUMBER +REST 20 +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1100 b/tests/data/test1100 index 10bf811edd..500a05b31a 100644 --- a/tests/data/test1100 +++ b/tests/data/test1100 @@ -80,28 +80,28 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --ntlm -L -d "stuff to # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 0 -Content-Type: application/x-www-form-urlencoded - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 18 -Content-Type: application/x-www-form-urlencoded - -stuff to send awayGET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 0 +Content-Type: application/x-www-form-urlencoded + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 18 +Content-Type: application/x-www-form-urlencoded + +stuff to send awayGET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1101 b/tests/data/test1101 index e70f256abc..9e2dff25be 100644 --- a/tests/data/test1101 +++ b/tests/data/test1101 @@ -42,13 +42,13 @@ http://user:secret@%HOSTIP:%HTTPPORT/gimme/%TESTNUMBER # Verify data after the test has been "shot" - -GET /gimme/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[user:secret]b64% -User-Agent: curl/%VERSION -Accept: */* - + +GET /gimme/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[user:secret]b64% +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1102 b/tests/data/test1102 index 16994d9533..aacb156903 100644 --- a/tests/data/test1102 +++ b/tests/data/test1102 @@ -34,18 +34,18 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -SYST -SITE NAMEFMT 1 -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +SYST +SITE NAMEFMT 1 +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1103 b/tests/data/test1103 index a53b504bdc..6041787107 100644 --- a/tests/data/test1103 +++ b/tests/data/test1103 @@ -33,16 +33,16 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -SYST -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +SYST +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1104 b/tests/data/test1104 index 9c5d659bc3..c0fabfc1d5 100644 --- a/tests/data/test1104 +++ b/tests/data/test1104 @@ -69,20 +69,20 @@ proxy # Verify data after the test has been "shot" - -GET http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://%HOSTIP:%HTTPPORT/want/data/%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Cookie: test2=true - + +GET http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://%HOSTIP:%HTTPPORT/want/data/%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Cookie: test2=true + diff --git a/tests/data/test1105 b/tests/data/test1105 index 68922dc770..cb828bf048 100644 --- a/tests/data/test1105 +++ b/tests/data/test1105 @@ -45,14 +45,14 @@ local-http # Verify data after the test has been "shot" - -POST /we/want/%TESTNUMBER?parm1=this*that/other/thing&parm2=foobar/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 33 -Content-Type: application/x-www-form-urlencoded - + +POST /we/want/%TESTNUMBER?parm1=this*that/other/thing&parm2=foobar/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 33 +Content-Type: application/x-www-form-urlencoded + userid=myname&password=mypassword diff --git a/tests/data/test1106 b/tests/data/test1106 index e3acdac16b..e8bb0a52af 100644 --- a/tests/data/test1106 +++ b/tests/data/test1106 @@ -44,13 +44,13 @@ ftp://%HOSTIP:23456/%TESTNUMBER # Verify data after the test has been "shot" - -GET ftp://%HOSTIP:23456/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:23456 -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET ftp://%HOSTIP:23456/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:23456 +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test1107 b/tests/data/test1107 index 8b31c76f83..3eeb0457e4 100644 --- a/tests/data/test1107 +++ b/tests/data/test1107 @@ -38,16 +38,16 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER --ftp-pret # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -PRET RETR %TESTNUMBER -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +PRET RETR %TESTNUMBER +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1108 b/tests/data/test1108 index c6008af300..107ef8d55c 100644 --- a/tests/data/test1108 +++ b/tests/data/test1108 @@ -31,11 +31,11 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER --ftp-pret # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -PRET RETR %TESTNUMBER + +USER anonymous +PASS ftp@example.com +PWD +PRET RETR %TESTNUMBER # we expect that the server doesn't understand PRET diff --git a/tests/data/test1109 b/tests/data/test1109 index 93aa9e4dbc..da640789f7 100644 --- a/tests/data/test1109 +++ b/tests/data/test1109 @@ -33,12 +33,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER#test # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test111 b/tests/data/test111 index a46f7aef1d..4044fdd41d 100644 --- a/tests/data/test111 +++ b/tests/data/test111 @@ -32,14 +32,14 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER -C 2000 36 - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +QUIT diff --git a/tests/data/test1110 b/tests/data/test1110 index 165a8acd86..d2dfcc4f35 100644 --- a/tests/data/test1110 +++ b/tests/data/test1110 @@ -34,12 +34,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER?q=foobar#fragment # Verify data after the test has been "shot" - -GET /%TESTNUMBER?q=foobar HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER?q=foobar HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1111 b/tests/data/test1111 index 157cd2751c..f68668a520 100644 --- a/tests/data/test1111 +++ b/tests/data/test1111 @@ -34,12 +34,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER?q=foobar#fragment#fragment2 # Verify data after the test has been "shot" - -GET /%TESTNUMBER?q=foobar HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER?q=foobar HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1112 b/tests/data/test1112 index 2ef60a9eb7..8d42cea80f 100644 --- a/tests/data/test1112 +++ b/tests/data/test1112 @@ -52,16 +52,16 @@ FTPS download with strict timeout and slow data transfer 28 - -USER anonymous -PASS ftp@example.com -PBSZ 0 -PROT C -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER + +USER anonymous +PASS ftp@example.com +PBSZ 0 +PROT C +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER diff --git a/tests/data/test1113 b/tests/data/test1113 index 744c012ee1..474c6aadc4 100644 --- a/tests/data/test1113 +++ b/tests/data/test1113 @@ -40,45 +40,45 @@ FTP wildcard download - changed fnmatch, 2x perform (DOS LIST response) 0 # THERE SHOULD NOT BE "SIZE"! and one "USER/PASS" - -USER anonymous -PASS ftp@example.com -PWD -CWD fully_simulated -CWD DOS -EPSV -TYPE A -LIST -EPSV -TYPE I -RETR chmod1 -EPSV -RETR chmod2 -EPSV -RETR chmod3 -EPSV -RETR empty_file.dat -EPSV -RETR file.txt -EPSV -RETR someothertext.txt -EPSV -TYPE A -LIST -EPSV -TYPE I -RETR chmod1 -EPSV -RETR chmod2 -EPSV -RETR chmod3 -EPSV -RETR empty_file.dat -EPSV -RETR file.txt -EPSV -RETR someothertext.txt -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD fully_simulated +CWD DOS +EPSV +TYPE A +LIST +EPSV +TYPE I +RETR chmod1 +EPSV +RETR chmod2 +EPSV +RETR chmod3 +EPSV +RETR empty_file.dat +EPSV +RETR file.txt +EPSV +RETR someothertext.txt +EPSV +TYPE A +LIST +EPSV +TYPE I +RETR chmod1 +EPSV +RETR chmod2 +EPSV +RETR chmod3 +EPSV +RETR empty_file.dat +EPSV +RETR file.txt +EPSV +RETR someothertext.txt +QUIT This file should have permissions 444 diff --git a/tests/data/test1115 b/tests/data/test1115 index 40ce7c15e1..176570992e 100644 --- a/tests/data/test1115 +++ b/tests/data/test1115 @@ -39,12 +39,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1116 b/tests/data/test1116 index 8feed326ea..0775bb42db 100644 --- a/tests/data/test1116 +++ b/tests/data/test1116 @@ -60,12 +60,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -D %LOGDIR/heads%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 200 funky chunky! diff --git a/tests/data/test1117 b/tests/data/test1117 index 67df822c9e..c133501027 100644 --- a/tests/data/test1117 +++ b/tests/data/test1117 @@ -69,19 +69,19 @@ Content-Type: text/plain partial body - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Range: bytes=10-22 -User-Agent: curl/%VERSION -Accept: */* - -GET /wantmore/%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Range: bytes=10-22 -User-Agent: curl/%VERSION -Accept: */* - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Range: bytes=10-22 +User-Agent: curl/%VERSION +Accept: */* + +GET /wantmore/%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Range: bytes=10-22 +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1118 b/tests/data/test1118 index 3daa8a63e7..13f686f403 100644 --- a/tests/data/test1118 +++ b/tests/data/test1118 @@ -42,12 +42,12 @@ http://%HOSTIP:%HTTPPORT?email=name@example.com/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /?email=name@example.com/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /?email=name@example.com/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test112 b/tests/data/test112 index 41bbc025d9..9a73da35a5 100644 --- a/tests/data/test112 +++ b/tests/data/test112 @@ -31,14 +31,14 @@ worx? # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -APPE %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +APPE %TESTNUMBER +QUIT gonna upload diff --git a/tests/data/test1120 b/tests/data/test1120 index 464b8ac097..9a96aed2bc 100644 --- a/tests/data/test1120 +++ b/tests/data/test1120 @@ -32,11 +32,11 @@ ftp://%HOSTIP:%FTPPORT/a/path/%TESTNUMBER # Verify data after the test has been "shot" # Strip all valid kinds of PORT and EPRT that curl can send - -USER anonymous -PASS ftp@example.com -PWD -CWD a + +USER anonymous +PASS ftp@example.com +PWD +CWD a # CURLE_OPERATION_TIMEDOUT is 28 diff --git a/tests/data/test1121 b/tests/data/test1121 index 3eec862d6d..0804c59e26 100644 --- a/tests/data/test1121 +++ b/tests/data/test1121 @@ -34,12 +34,12 @@ HTTP multiple provided Host: headers # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: host1 -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: host1 +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1122 b/tests/data/test1122 index d0ce3ffaf0..cbd74b2ea9 100644 --- a/tests/data/test1122 +++ b/tests/data/test1122 @@ -61,14 +61,14 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --tr-encoding # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -TE: gzip -Connection: TE - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +TE: gzip +Connection: TE + diff --git a/tests/data/test1123 b/tests/data/test1123 index a01aae69be..2a1b10605f 100644 --- a/tests/data/test1123 +++ b/tests/data/test1123 @@ -171,14 +171,14 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --tr-encoding # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -TE: gzip -Connection: TE - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +TE: gzip +Connection: TE + diff --git a/tests/data/test1124 b/tests/data/test1124 index fdc172398f..33415aab79 100644 --- a/tests/data/test1124 +++ b/tests/data/test1124 @@ -62,14 +62,14 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --tr-encoding # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -TE: gzip -Connection: TE - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +TE: gzip +Connection: TE + diff --git a/tests/data/test1125 b/tests/data/test1125 index 3b4d58b2e6..1f1f153835 100644 --- a/tests/data/test1125 +++ b/tests/data/test1125 @@ -61,14 +61,14 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --tr-encoding -H "Connection: close" # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -TE: gzip -Connection: close, TE - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +TE: gzip +Connection: close, TE + diff --git a/tests/data/test1126 b/tests/data/test1126 index b25820b0cf..9fb7c5a832 100644 --- a/tests/data/test1126 +++ b/tests/data/test1126 @@ -38,13 +38,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -z "dec 12 12:00:00 1999 GMT" # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -If-Modified-Since: Sun, 12 Dec 1999 12:00:00 GMT - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +If-Modified-Since: Sun, 12 Dec 1999 12:00:00 GMT + diff --git a/tests/data/test1127 b/tests/data/test1127 index fa3ee85fe7..8f2b6b1103 100644 --- a/tests/data/test1127 +++ b/tests/data/test1127 @@ -47,13 +47,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -z "dec 12 12:00:00 1999 GMT" # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -If-Modified-Since: Sun, 12 Dec 1999 12:00:00 GMT - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +If-Modified-Since: Sun, 12 Dec 1999 12:00:00 GMT + diff --git a/tests/data/test1128 b/tests/data/test1128 index 37b5b522ed..977ed4d8be 100644 --- a/tests/data/test1128 +++ b/tests/data/test1128 @@ -48,19 +48,19 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER http://%HOSTIP:%HTTPPORT/%TESTNUMBER0001 -z # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -If-Modified-Since: Sun, 12 Dec 1999 12:00:00 GMT - -GET /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -If-Modified-Since: Sun, 12 Dec 1999 12:00:00 GMT - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +If-Modified-Since: Sun, 12 Dec 1999 12:00:00 GMT + +GET /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +If-Modified-Since: Sun, 12 Dec 1999 12:00:00 GMT + diff --git a/tests/data/test1129 b/tests/data/test1129 index 99e390c500..44b0f3ab82 100644 --- a/tests/data/test1129 +++ b/tests/data/test1129 @@ -74,23 +74,23 @@ Content-Type: text/html -foo- - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 1053700 -Content-Type: application/x-www-form-urlencoded -Expect: 100-continue - -POST /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 1053700 -Content-Type: application/x-www-form-urlencoded -Expect: 100-continue - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 1053700 +Content-Type: application/x-www-form-urlencoded +Expect: 100-continue + +POST /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 1053700 +Content-Type: application/x-www-form-urlencoded +Expect: 100-continue + Maximum allocated: 3200000 diff --git a/tests/data/test113 b/tests/data/test113 index 1c0a8b246c..463da9c624 100644 --- a/tests/data/test113 +++ b/tests/data/test113 @@ -30,8 +30,8 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER 67 - -USER anonymous + +USER anonymous diff --git a/tests/data/test1130 b/tests/data/test1130 index bdab216d81..59ca8c52eb 100644 --- a/tests/data/test1130 +++ b/tests/data/test1130 @@ -75,23 +75,23 @@ Content-Type: text/html -foo- - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Expect: 100-continue -Content-Length: 100 -Content-Type: application/x-www-form-urlencoded - -POST /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Expect: 100-continue -Content-Length: 100 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Expect: 100-continue +Content-Length: 100 +Content-Type: application/x-www-form-urlencoded + +POST /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Expect: 100-continue +Content-Length: 100 +Content-Type: application/x-www-form-urlencoded + diff --git a/tests/data/test1131 b/tests/data/test1131 index 20ad5cfd85..e9c37395e5 100644 --- a/tests/data/test1131 +++ b/tests/data/test1131 @@ -75,21 +75,21 @@ Content-Type: text/html FAILURE2 - -PUT /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Expect: 100-continue -Content-Length: 100 - -PUT /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Expect: 100-continue -Content-Length: 100 - + +PUT /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Expect: 100-continue +Content-Length: 100 + +PUT /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Expect: 100-continue +Content-Length: 100 + diff --git a/tests/data/test1137 b/tests/data/test1137 index cb20aee313..241f740aa7 100644 --- a/tests/data/test1137 +++ b/tests/data/test1137 @@ -38,15 +38,15 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER --ignore-content-length # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -PASV -TYPE I -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +PASV +TYPE I +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test114 b/tests/data/test114 index 8a545f2a85..ce43a93d4f 100644 --- a/tests/data/test114 +++ b/tests/data/test114 @@ -30,9 +30,9 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER 67 - -USER anonymous -PASS ftp@example.com + +USER anonymous +PASS ftp@example.com diff --git a/tests/data/test1141 b/tests/data/test1141 index 727cbcd565..68eea75dc2 100644 --- a/tests/data/test1141 +++ b/tests/data/test1141 @@ -54,19 +54,19 @@ proxy # Verify data after the test has been "shot" - -GET http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://foo.example.com/want/%TESTNUMBER0001 HTTP/1.1 -Host: foo.example.com -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://foo.example.com/want/%TESTNUMBER0001 HTTP/1.1 +Host: foo.example.com +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test1142 b/tests/data/test1142 index c35190006f..64793147cc 100644 --- a/tests/data/test1142 +++ b/tests/data/test1142 @@ -49,13 +49,13 @@ proxy # Verify data after the test has been "shot" - -GET http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + # 3, CURLE_URL_MALFORMAT for the four slashes diff --git a/tests/data/test1143 b/tests/data/test1143 index e9053b1794..b845a65762 100644 --- a/tests/data/test1143 +++ b/tests/data/test1143 @@ -37,12 +37,12 @@ MSYS2_ARG_CONV_EXCL=http:/ # Verify data after the test has been "shot" - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1144 b/tests/data/test1144 index be51dae13d..7915cb610b 100644 --- a/tests/data/test1144 +++ b/tests/data/test1144 @@ -54,12 +54,12 @@ HTTP HEAD, receive no headers only body # # Verify data after the test has been "shot" - -HEAD /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +HEAD /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + 8 diff --git a/tests/data/test1147 b/tests/data/test1147 index 9298e48a18..5f27abc59b 100644 --- a/tests/data/test1147 +++ b/tests/data/test1147 @@ -51,14 +51,14 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -H @%LOGDIR/heads%TESTNUMBER.txt # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -One: 1 -Two: 2 - And A Funny One : wohoo - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +One: 1 +Two: 2 + And A Funny One : wohoo + diff --git a/tests/data/test1148 b/tests/data/test1148 index 5653ef6104..ba37c8dd30 100644 --- a/tests/data/test1148 +++ b/tests/data/test1148 @@ -41,12 +41,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -# --stderr %LOGDIR/stderrlog%TESTNUMBER # - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # Check that the progress finished at 100% and has the right bar width. diff --git a/tests/data/test1149 b/tests/data/test1149 index d4e97d540d..f5239aea25 100644 --- a/tests/data/test1149 +++ b/tests/data/test1149 @@ -42,21 +42,21 @@ ftp://%HOSTIP:%FTPPORT/list/this/path/%TESTNUMBER/ --ftp-method multicwd --next # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD list -CWD this -CWD path -CWD %TESTNUMBER -EPSV -TYPE A -LIST -CWD / -EPSV -LIST list/this/path/%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD list +CWD this +CWD path +CWD %TESTNUMBER +EPSV +TYPE A +LIST +CWD / +EPSV +LIST list/this/path/%TESTNUMBER +QUIT diff --git a/tests/data/test115 b/tests/data/test115 index 22f75c0b6e..62ec4ea827 100644 --- a/tests/data/test115 +++ b/tests/data/test115 @@ -32,13 +32,13 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER 13 - -USER anonymous -PASS ftp@example.com -PWD -EPSV -PASV -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +PASV +QUIT diff --git a/tests/data/test1150 b/tests/data/test1150 index cafc00cd07..e4d0ed01a6 100644 --- a/tests/data/test1150 +++ b/tests/data/test1150 @@ -39,19 +39,19 @@ proxy # Verify data after the test has been "shot" - -GET http://test.remote.example.com.%TESTNUMBER:150/path HTTP/1.1 -Host: test.remote.example.com.%TESTNUMBER:150 -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://test.remote.example.com.%TESTNUMBER:1234/path/ HTTP/1.1 -Host: test.remote.example.com.%TESTNUMBER:1234 -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://test.remote.example.com.%TESTNUMBER:150/path HTTP/1.1 +Host: test.remote.example.com.%TESTNUMBER:150 +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://test.remote.example.com.%TESTNUMBER:1234/path/ HTTP/1.1 +Host: test.remote.example.com.%TESTNUMBER:1234 +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test1151 b/tests/data/test1151 index dd916a6133..f8b14ebb4e 100644 --- a/tests/data/test1151 +++ b/tests/data/test1151 @@ -48,12 +48,12 @@ cookies # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # Netscape HTTP Cookie File diff --git a/tests/data/test1152 b/tests/data/test1152 index 1823bab4a9..f02104f2cf 100644 --- a/tests/data/test1152 +++ b/tests/data/test1152 @@ -45,15 +45,15 @@ ftp://%HOSTIP:%FTPPORT/test-%TESTNUMBER/ # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD test-%TESTNUMBER -EPSV -TYPE A -LIST -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD test-%TESTNUMBER +EPSV +TYPE A +LIST +QUIT diff --git a/tests/data/test1153 b/tests/data/test1153 index a74b1838ce..5198092bce 100644 --- a/tests/data/test1153 +++ b/tests/data/test1153 @@ -45,15 +45,15 @@ ftp://%HOSTIP:%FTPPORT/test-%TESTNUMBER/ # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD test-%TESTNUMBER -EPSV -TYPE A -LIST -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD test-%TESTNUMBER +EPSV +TYPE A +LIST +QUIT diff --git a/tests/data/test1154 b/tests/data/test1154 index bd08ce26c1..27bfc17ae4 100644 --- a/tests/data/test1154 +++ b/tests/data/test1154 @@ -40,12 +40,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # 100 == CURLE_TOO_LARGE diff --git a/tests/data/test1155 b/tests/data/test1155 index 579328d925..195028a4d4 100644 --- a/tests/data/test1155 +++ b/tests/data/test1155 @@ -37,12 +37,12 @@ cookies # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # Netscape HTTP Cookie File diff --git a/tests/data/test1157 b/tests/data/test1157 index 4e246e7031..b13536773f 100644 --- a/tests/data/test1157 +++ b/tests/data/test1157 @@ -45,12 +45,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -H @%LOGDIR/heads%TESTNUMBER.txt # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1159 b/tests/data/test1159 index 6ef2e4ad66..769e84db3c 100644 --- a/tests/data/test1159 +++ b/tests/data/test1159 @@ -36,12 +36,12 @@ http://%HOSTIP:%HTTPPORT/we/want/our/%TESTNUMBER -w '%{redirect_url}\n' # Verify data after the test has been "shot" - -GET /we/want/our/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /we/want/our/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 301 This is a weirdo text message swsclose diff --git a/tests/data/test1160 b/tests/data/test1160 index d503945fe3..b5b55a4d29 100644 --- a/tests/data/test1160 +++ b/tests/data/test1160 @@ -38,12 +38,12 @@ cookies # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # Netscape HTTP Cookie File diff --git a/tests/data/test1161 b/tests/data/test1161 index dd8f9c9ebf..4dbb0a4a7b 100644 --- a/tests/data/test1161 +++ b/tests/data/test1161 @@ -37,12 +37,12 @@ cookies # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # Netscape HTTP Cookie File diff --git a/tests/data/test1162 b/tests/data/test1162 index b6b394139e..9f8f931936 100644 --- a/tests/data/test1162 +++ b/tests/data/test1162 @@ -37,16 +37,16 @@ MSYS2_ARG_CONV_EXCL=ftp:// - -USER anonymous -PASS ftp@example.com -PWD -CWD fully_simulated -CWD DOS -EPSV -TYPE A -LIST -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD fully_simulated +CWD DOS +EPSV +TYPE A +LIST +QUIT # 78 == CURLE_REMOTE_FILE_NOT_FOUND diff --git a/tests/data/test1163 b/tests/data/test1163 index a109b511bc..006e612f98 100644 --- a/tests/data/test1163 +++ b/tests/data/test1163 @@ -33,16 +33,16 @@ FTP wildcard with pattern ending with an open-bracket - -USER anonymous -PASS ftp@example.com -PWD -CWD fully_simulated -CWD DOS -EPSV -TYPE A -LIST -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD fully_simulated +CWD DOS +EPSV +TYPE A +LIST +QUIT # 78 == CURLE_REMOTE_FILE_NOT_FOUND diff --git a/tests/data/test1164 b/tests/data/test1164 index 40422da8b7..c5c25d339d 100644 --- a/tests/data/test1164 +++ b/tests/data/test1164 @@ -31,12 +31,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w '%{size_download}\n' --http0.9 # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + 208 diff --git a/tests/data/test1166 b/tests/data/test1166 index 92e8ff4046..6720c09d31 100644 --- a/tests/data/test1166 +++ b/tests/data/test1166 @@ -36,17 +36,17 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER http://%HOSTIP:%HTTPPORT/want/%TESTNUM # Verify data after the test has been "shot" - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1168 b/tests/data/test1168 index 2bba7eccd3..04403597de 100644 --- a/tests/data/test1168 +++ b/tests/data/test1168 @@ -59,19 +59,19 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -L -u "catmai#d:#DZaRJYrixKE*gFY" # Verify data after the test has been "shot" - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[catmai#d:#DZaRJYrixKE*gFY]b64% -User-Agent: curl/%VERSION -Accept: */* - -GET /data/%TESTNUMBER0002.txt HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[catmai#d:#DZaRJYrixKE*gFY]b64% -User-Agent: curl/%VERSION -Accept: */* - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[catmai#d:#DZaRJYrixKE*gFY]b64% +User-Agent: curl/%VERSION +Accept: */* + +GET /data/%TESTNUMBER0002.txt HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[catmai#d:#DZaRJYrixKE*gFY]b64% +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test117 b/tests/data/test117 index 3bd5cb57f1..8811dd9536 100644 --- a/tests/data/test117 +++ b/tests/data/test117 @@ -31,14 +31,14 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER 17 - -USER anonymous -PASS ftp@example.com -PWD -EPSV -PASV -TYPE I -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +PASV +TYPE I +QUIT diff --git a/tests/data/test1170 b/tests/data/test1170 index d6271714bd..499044e399 100644 --- a/tests/data/test1170 +++ b/tests/data/test1170 @@ -61,14 +61,14 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --tr-encoding -H "Connection:" # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -TE: gzip -Connection: TE - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +TE: gzip +Connection: TE + diff --git a/tests/data/test1171 b/tests/data/test1171 index 486aadb94b..5dd570add8 100644 --- a/tests/data/test1171 +++ b/tests/data/test1171 @@ -61,14 +61,14 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --tr-encoding -H "Connection;" # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -TE: gzip -Connection: TE - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +TE: gzip +Connection: TE + diff --git a/tests/data/test1172 b/tests/data/test1172 index 0de4713d39..6afe814c04 100644 --- a/tests/data/test1172 +++ b/tests/data/test1172 @@ -33,12 +33,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --no-http0.9 # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # unsupported protocol diff --git a/tests/data/test1174 b/tests/data/test1174 index 48938a7be3..21dd5d54b6 100644 --- a/tests/data/test1174 +++ b/tests/data/test1174 @@ -33,12 +33,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # unsupported protocol diff --git a/tests/data/test1176 b/tests/data/test1176 index 86d23a2ccc..6bfe6a6f6a 100644 --- a/tests/data/test1176 +++ b/tests/data/test1176 @@ -41,12 +41,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -o '%LOGDIR/base-#0' # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 200 OK diff --git a/tests/data/test1178 b/tests/data/test1178 index 52eea37fec..6f5fdd7161 100644 --- a/tests/data/test1178 +++ b/tests/data/test1178 @@ -40,14 +40,14 @@ proxy # # Verify data after the test has been "shot" - -GET http://%HOSTIP:%HTTPPORT/we/want/that/page/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Proxy-Authorization: Basic %b64[AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA:BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://%HOSTIP:%HTTPPORT/we/want/that/page/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Proxy-Authorization: Basic %b64[AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA:BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test118 b/tests/data/test118 index 9b5b8708eb..190dc79c12 100644 --- a/tests/data/test118 +++ b/tests/data/test118 @@ -34,16 +34,16 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER 19 - -USER anonymous -PASS ftp@example.com -PWD -EPSV -PASV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +PASV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1180 b/tests/data/test1180 index d04542ef96..8607f82552 100644 --- a/tests/data/test1180 +++ b/tests/data/test1180 @@ -36,13 +36,13 @@ HTTP GET request with proxy and -H "Proxy-Connection: keep-alive" - -GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test1181 b/tests/data/test1181 index 9cdf3fa464..8fe4587dfc 100644 --- a/tests/data/test1181 +++ b/tests/data/test1181 @@ -36,13 +36,13 @@ HTTP GET request with proxy and "Proxy-Connection: Keep-Alive" - -GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test1183 b/tests/data/test1183 index 5f795ed666..34cba4aa51 100644 --- a/tests/data/test1183 +++ b/tests/data/test1183 @@ -37,12 +37,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify that the %TESTNUMBER has been resolved to %TESTNUMBER - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1184 b/tests/data/test1184 index 268da350fb..0f5d8c91f0 100644 --- a/tests/data/test1184 +++ b/tests/data/test1184 @@ -71,17 +71,17 @@ User-Agent: curl/%VERSION Proxy-Connection: Keep-Alive - -GET /we/want/that/page/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP.%TESTNUMBER:%HTTPPORT -Accept: */* -User-Agent: %TESTNUMBER-agent - -GET /we/want/that/page/%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP.%TESTNUMBER:%HTTPPORT -Accept: */* -User-Agent: %TESTNUMBER-agent - + +GET /we/want/that/page/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP.%TESTNUMBER:%HTTPPORT +Accept: */* +User-Agent: %TESTNUMBER-agent + +GET /we/want/that/page/%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP.%TESTNUMBER:%HTTPPORT +Accept: */* +User-Agent: %TESTNUMBER-agent + HTTP/1.1 200 Mighty fine indeed diff --git a/tests/data/test1187 b/tests/data/test1187 index aaa8d107b3..5fbf4efd34 100644 --- a/tests/data/test1187 +++ b/tests/data/test1187 @@ -41,26 +41,26 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr s/^--------------------------[A-Za-z0-9]*/------------------------------/ s/boundary=------------------------[A-Za-z0-9]*/boundary=----------------------------/ - -EHLO %TESTNUMBER -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +DATA +QUIT - -Content-Type: multipart/mixed; boundary=---------------------------- -Mime-Version: 1.0 - ------------------------------- - -This is the mail text ------------------------------- -Content-Disposition: attachment; filename="strange\\file\"name" - -File content --------------------------------- -. + +Content-Type: multipart/mixed; boundary=---------------------------- +Mime-Version: 1.0 + +------------------------------ + +This is the mail text +------------------------------ +Content-Disposition: attachment; filename="strange\\file\"name" + +File content +-------------------------------- +. diff --git a/tests/data/test1188 b/tests/data/test1188 index 702856245d..6c7f8261e2 100644 --- a/tests/data/test1188 +++ b/tests/data/test1188 @@ -32,17 +32,17 @@ http # Verify data after the test has been "shot" - -GET /we/want/our/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /we/want/our/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /we/want/our/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /we/want/our/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + 0 says 22 The requested URL returned error: 404 diff --git a/tests/data/test119 b/tests/data/test119 index 4426def0bd..8ddb2e2ef3 100644 --- a/tests/data/test119 +++ b/tests/data/test119 @@ -38,14 +38,14 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER -P - ^PORT \d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3} ^EPRT \|1\|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\|\d{1,5}\| - -USER anonymous -PASS ftp@example.com -PWD -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1197 b/tests/data/test1197 index 22bf8dbbe8..2daf7939d8 100644 --- a/tests/data/test1197 +++ b/tests/data/test1197 @@ -50,19 +50,19 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w "%{method}\n" -L -d "twinkle twinkle lit # # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 27 -Content-Type: application/x-www-form-urlencoded - -twinkle twinkle little starGET /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 27 +Content-Type: application/x-www-form-urlencoded + +twinkle twinkle little starGET /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test12 b/tests/data/test12 index 48380a1e9b..71cfdb6e68 100644 --- a/tests/data/test12 +++ b/tests/data/test12 @@ -42,13 +42,13 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -r 100-200 # Verify data after the test has been "shot" - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Range: bytes=100-200 -User-Agent: curl/%VERSION -Accept: */* - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Range: bytes=100-200 +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test120 b/tests/data/test120 index 64628b6599..7799f5644a 100644 --- a/tests/data/test120 +++ b/tests/data/test120 @@ -37,17 +37,17 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER -Q "-DELE file" # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -PASV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -DELE file -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +PASV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +DELE file +QUIT diff --git a/tests/data/test1200 b/tests/data/test1200 index 342077b8a5..bf40f1c8a4 100644 --- a/tests/data/test1200 +++ b/tests/data/test1200 @@ -32,8 +32,8 @@ gopher://%HOSTIP:%GOPHERPORT/1/%TESTNUMBER # # Verify data after the test has been "shot" - -/%TESTNUMBER + +/%TESTNUMBER diff --git a/tests/data/test1201 b/tests/data/test1201 index f4c1a48386..aec07681e1 100644 --- a/tests/data/test1201 +++ b/tests/data/test1201 @@ -32,8 +32,8 @@ gopher://%HOSTIP:%GOPHERPORT/1/selector/SELECTOR/%TESTNUMBER # # Verify data after the test has been "shot" - -/selector/SELECTOR/%TESTNUMBER + +/selector/SELECTOR/%TESTNUMBER diff --git a/tests/data/test1202 b/tests/data/test1202 index ab1d51c0f8..586e658d66 100644 --- a/tests/data/test1202 +++ b/tests/data/test1202 @@ -33,8 +33,8 @@ Gopher query # # Verify data after the test has been "shot" - -/the/search/engine query succeeded/%TESTNUMBER + +/the/search/engine query succeeded/%TESTNUMBER diff --git a/tests/data/test1203 b/tests/data/test1203 index 267fc15cb7..29f9bed0ad 100644 --- a/tests/data/test1203 +++ b/tests/data/test1203 @@ -36,8 +36,8 @@ Gopher IPv6 index # # Verify data after the test has been "shot" - -/moo/%TESTNUMBER + +/moo/%TESTNUMBER diff --git a/tests/data/test1204 b/tests/data/test1204 index 97bebe7ba6..89d14ad1f8 100644 --- a/tests/data/test1204 +++ b/tests/data/test1204 @@ -61,18 +61,18 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --anyauth # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[testuser:testpass]b64% -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[testuser:testpass]b64% +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1205 b/tests/data/test1205 index 547ef0d1d1..6fa833893a 100644 --- a/tests/data/test1205 +++ b/tests/data/test1205 @@ -37,12 +37,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test121 b/tests/data/test121 index 3625d0e3e0..6d18f564b3 100644 --- a/tests/data/test121 +++ b/tests/data/test121 @@ -35,17 +35,17 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER -Q "-DELE after_transfer" -Q "DELE before_tra # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -DELE before_transfer -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -DELE after_transfer -QUIT + +USER anonymous +PASS ftp@example.com +PWD +DELE before_transfer +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +DELE after_transfer +QUIT diff --git a/tests/data/test1210 b/tests/data/test1210 index 09f830c72b..d709a6f72a 100644 --- a/tests/data/test1210 +++ b/tests/data/test1210 @@ -38,12 +38,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER?junk -J -O --output-dir %LOGDIR # # Verify data after the test has been "shot" - -GET /%TESTNUMBER?junk HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER?junk HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + 12345 diff --git a/tests/data/test1212 b/tests/data/test1212 index e67878d906..fa7add1677 100644 --- a/tests/data/test1212 +++ b/tests/data/test1212 @@ -40,13 +40,13 @@ http://user:secret@%HOSTIP:%HTTPPORT/ulion/%TESTNUMBER --socks5 non-existing-hos # Verify data after the test has been "shot" - -GET /ulion/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[user:secret]b64% -User-Agent: curl/%VERSION -Accept: */* - + +GET /ulion/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[user:secret]b64% +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1213 b/tests/data/test1213 index 195329ecb2..9a511c0022 100644 --- a/tests/data/test1213 +++ b/tests/data/test1213 @@ -42,13 +42,13 @@ proxy # Verify data after the test has been "shot" - -GET http://we.want.that.site.com.%TESTNUMBER/ HTTP/1.1 -Host: we.want.that.site.com.%TESTNUMBER -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://we.want.that.site.com.%TESTNUMBER/ HTTP/1.1 +Host: we.want.that.site.com.%TESTNUMBER +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test1214 b/tests/data/test1214 index fc8a94eaf7..b80d0071c2 100644 --- a/tests/data/test1214 +++ b/tests/data/test1214 @@ -42,13 +42,13 @@ proxy # Verify data after the test has been "shot" - -GET http://we.want.that.site.com.%TESTNUMBER/?moo=foo HTTP/1.1 -Host: we.want.that.site.com.%TESTNUMBER -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://we.want.that.site.com.%TESTNUMBER/?moo=foo HTTP/1.1 +Host: we.want.that.site.com.%TESTNUMBER +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test1215 b/tests/data/test1215 index 31c8723913..c405ce04d0 100644 --- a/tests/data/test1215 +++ b/tests/data/test1215 @@ -76,21 +76,21 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --ntlm --proxy http:// # Verify data after the test has been "shot" - -GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test1216 b/tests/data/test1216 index 6341ba473c..7301aa571c 100644 --- a/tests/data/test1216 +++ b/tests/data/test1216 @@ -47,20 +47,20 @@ proxy # Verify data after the test has been "shot" - -GET http://example.fake/c/%TESTNUMBER HTTP/1.1 -Host: example.fake -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Cookie: moo3=indeed; moo2=indeed - -GET http://bexample.fake/c/%TESTNUMBER HTTP/1.1 -Host: bexample.fake -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://example.fake/c/%TESTNUMBER HTTP/1.1 +Host: example.fake +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Cookie: moo3=indeed; moo2=indeed + +GET http://bexample.fake/c/%TESTNUMBER HTTP/1.1 +Host: bexample.fake +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test1217 b/tests/data/test1217 index 691c88e732..86e1f3693a 100644 --- a/tests/data/test1217 +++ b/tests/data/test1217 @@ -37,21 +37,21 @@ ftp://%HOSTIP:%FTPPORT/get/file/%TESTNUMBER ftp://%HOSTIP:%FTPPORT/get/file/agai ^PORT \d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3} ^EPRT \|1\|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\|\d{1,5}\| - -USER anonymous -PASS ftp@example.com -PWD -CWD get/file -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -CWD /this/is/the/path -CWD get/file/again -EPSV -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD get/file +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +CWD /this/is/the/path +CWD get/file/again +EPSV +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1218 b/tests/data/test1218 index afbc2b5646..8b0aa9cf58 100644 --- a/tests/data/test1218 +++ b/tests/data/test1218 @@ -40,26 +40,26 @@ proxy # Verify data after the test has been "shot" - -GET http://example.fake/c/%TESTNUMBER HTTP/1.1 -Host: example.fake -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://example.fake/c/%TESTNUMBER HTTP/1.1 -Host: example.fake -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Cookie: bug=fixed - -GET http://bexample.fake/c/%TESTNUMBER HTTP/1.1 -Host: bexample.fake -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://example.fake/c/%TESTNUMBER HTTP/1.1 +Host: example.fake +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://example.fake/c/%TESTNUMBER HTTP/1.1 +Host: example.fake +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Cookie: bug=fixed + +GET http://bexample.fake/c/%TESTNUMBER HTTP/1.1 +Host: bexample.fake +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test1219 b/tests/data/test1219 index 454654399b..23ffe3bd64 100644 --- a/tests/data/test1219 +++ b/tests/data/test1219 @@ -37,13 +37,13 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test122 b/tests/data/test122 index 1f007c1ce0..7aacf2aa0f 100644 --- a/tests/data/test122 +++ b/tests/data/test122 @@ -31,15 +31,15 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER -C 5 # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -PASV -TYPE I -SIZE %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +PASV +TYPE I +SIZE %TESTNUMBER +QUIT diff --git a/tests/data/test1221 b/tests/data/test1221 index c2fd7a5ddd..565e83073a 100644 --- a/tests/data/test1221 +++ b/tests/data/test1221 @@ -39,14 +39,14 @@ content to _?!#$'|<> # # Verify data after the test has been "shot" - -POST /%TESTNUMBER?my+name+is+moo%5b%5d&yes=s+i+r&v_alue=content+to+_%3f%21%23%24%27%7c%3c%3e%0a&content+to+_%3f%21%23%24%27%7c%3c%3e%0a&%3d%3d HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 24 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER?my+name+is+moo%5b%5d&yes=s+i+r&v_alue=content+to+_%3f%21%23%24%27%7c%3c%3e%0a&content+to+_%3f%21%23%24%27%7c%3c%3e%0a&%3d%3d HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 24 +Content-Type: application/x-www-form-urlencoded + start=once+upon+the+time diff --git a/tests/data/test1223 b/tests/data/test1223 index 6c1ee00189..11b0206ee1 100644 --- a/tests/data/test1223 +++ b/tests/data/test1223 @@ -37,12 +37,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w 'IP %{remote_ip} and PORT %{remote_port} # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 200 OK diff --git a/tests/data/test1224 b/tests/data/test1224 index 64ba4482c5..904fe38932 100644 --- a/tests/data/test1224 +++ b/tests/data/test1224 @@ -34,16 +34,16 @@ ftp://%HOSTIP:%FTPPORT//%TESTNUMBER # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD / -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD / +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1225 b/tests/data/test1225 index b20363c3e4..51cdaa0a02 100644 --- a/tests/data/test1225 +++ b/tests/data/test1225 @@ -34,23 +34,23 @@ ftp://%HOSTIP:%FTPPORT//foo/%TESTNUMBER ftp://%HOSTIP:%FTPPORT//foo/bar/%TESTNUM # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD / -CWD foo -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -CWD / -CWD foo -CWD bar -EPSV -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD / +CWD foo +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +CWD / +CWD foo +CWD bar +EPSV +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1226 b/tests/data/test1226 index 08e706b9b0..8e7c471916 100644 --- a/tests/data/test1226 +++ b/tests/data/test1226 @@ -34,16 +34,16 @@ ftp://%HOSTIP:%FTPPORT//%TESTNUMBER --ftp-method singlecwd # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD / -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD / +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1227 b/tests/data/test1227 index 30477a46a0..3c3fbfeb7a 100644 --- a/tests/data/test1227 +++ b/tests/data/test1227 @@ -34,15 +34,15 @@ ftp://%HOSTIP:%FTPPORT//%TESTNUMBER --ftp-method nocwd # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE /%TESTNUMBER -RETR /%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +SIZE /%TESTNUMBER +RETR /%TESTNUMBER +QUIT diff --git a/tests/data/test1228 b/tests/data/test1228 index a4df51c46c..64f49257af 100644 --- a/tests/data/test1228 +++ b/tests/data/test1228 @@ -39,20 +39,20 @@ proxy # Verify data after the test has been "shot" - -GET http://example.fake/hoge/%TESTNUMBER HTTP/1.1 -Host: example.fake -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://example.fake/hogege/ HTTP/1.1 -Host: example.fake -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Cookie: path1=root - + +GET http://example.fake/hoge/%TESTNUMBER HTTP/1.1 +Host: example.fake +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://example.fake/hogege/ HTTP/1.1 +Host: example.fake +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Cookie: path1=root + diff --git a/tests/data/test1229 b/tests/data/test1229 index cc179499ad..c225e7d472 100644 --- a/tests/data/test1229 +++ b/tests/data/test1229 @@ -66,18 +66,18 @@ http://%5cuser%22:password@%HOSTIP:%HTTPPORT/%TESTNUMBER --digest # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="\\user\"", realm="testrealm", nonce="1053604145", uri="/%TESTNUMBER", response="f2694d426040712584c156d3de72b8d6" -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="\\user\"", realm="testrealm", nonce="1053604145", uri="/%TESTNUMBER", response="f2694d426040712584c156d3de72b8d6" +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test123 b/tests/data/test123 index 8ccd69cf68..249f89ab55 100644 --- a/tests/data/test123 +++ b/tests/data/test123 @@ -28,13 +28,13 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER -T %LOGDIR/upload%TESTNUMBER -C 51 # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +QUIT diff --git a/tests/data/test1230 b/tests/data/test1230 index fbcff60393..507580d1c3 100644 --- a/tests/data/test1230 +++ b/tests/data/test1230 @@ -62,17 +62,17 @@ http://[1234:1234:1234::4ce]:%HTTPPORT/wanted/page/%TESTNUMBER -p -x %HOSTIP:%HT # # Verify data after the test has been "shot" - -CONNECT [1234:1234:1234::4ce]:%HTTPPORT HTTP/1.1 -Host: [1234:1234:1234::4ce]:%HTTPPORT -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - -GET /wanted/page/%TESTNUMBER HTTP/1.1 -Host: [1234:1234:1234::4ce]:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +CONNECT [1234:1234:1234::4ce]:%HTTPPORT HTTP/1.1 +Host: [1234:1234:1234::4ce]:%HTTPPORT +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + +GET /wanted/page/%TESTNUMBER HTTP/1.1 +Host: [1234:1234:1234::4ce]:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1231 b/tests/data/test1231 index 2c7c8bb000..5573bfc1ae 100644 --- a/tests/data/test1231 +++ b/tests/data/test1231 @@ -44,17 +44,17 @@ http://%HOSTIP:%HTTPPORT/../../hej/but/who/../%TESTNUMBER?stupid=me/../%TESTNUMB # # Verify data after the test has been "shot" - -GET /hej/but/%TESTNUMBER?stupid=me/../%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /hej/but/%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /hej/but/%TESTNUMBER?stupid=me/../%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /hej/but/%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1232 b/tests/data/test1232 index 28d2eee735..278c4e4bd9 100644 --- a/tests/data/test1232 +++ b/tests/data/test1232 @@ -49,19 +49,19 @@ proxy # # Verify data after the test has been "shot" - -GET http://test.remote.haxx.se.%TESTNUMBER:8990/hej/but/%TESTNUMBER?stupid=me/../%TESTNUMBER HTTP/1.1 -Host: test.remote.haxx.se.%TESTNUMBER:8990 -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://test.remote.haxx.se.%TESTNUMBER:8990/hej/but/%TESTNUMBER0001 HTTP/1.1 -Host: test.remote.haxx.se.%TESTNUMBER:8990 -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://test.remote.haxx.se.%TESTNUMBER:8990/hej/but/%TESTNUMBER?stupid=me/../%TESTNUMBER HTTP/1.1 +Host: test.remote.haxx.se.%TESTNUMBER:8990 +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://test.remote.haxx.se.%TESTNUMBER:8990/hej/but/%TESTNUMBER0001 HTTP/1.1 +Host: test.remote.haxx.se.%TESTNUMBER:8990 +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test1233 b/tests/data/test1233 index 9563533496..e8b45cd040 100644 --- a/tests/data/test1233 +++ b/tests/data/test1233 @@ -32,16 +32,16 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -PASV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +PASV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1235 b/tests/data/test1235 index 56664f3f0e..553d597795 100644 --- a/tests/data/test1235 +++ b/tests/data/test1235 @@ -40,27 +40,27 @@ multiple requests using {}{} in the URL # Verify data after the test has been "shot" - -GET /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 200 OK diff --git a/tests/data/test1237 b/tests/data/test1237 index e81d872aa9..2dec456bb4 100644 --- a/tests/data/test1237 +++ b/tests/data/test1237 @@ -33,13 +33,13 @@ URL with 1000+ letter user name + password # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA:BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB]b64% -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA:BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB]b64% +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1239 b/tests/data/test1239 index 601f45459d..5f430220f3 100644 --- a/tests/data/test1239 +++ b/tests/data/test1239 @@ -41,13 +41,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -z "-dec 12 12:00:00 1999 GMT" -w '%{respon # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -If-Unmodified-Since: Sun, 12 Dec 1999 12:00:00 GMT - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +If-Unmodified-Since: Sun, 12 Dec 1999 12:00:00 GMT + HTTP/1.1 200 OK diff --git a/tests/data/test124 b/tests/data/test124 index d2717949c9..e89f8c557d 100644 --- a/tests/data/test124 +++ b/tests/data/test124 @@ -32,16 +32,16 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -PASV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +PASV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1240 b/tests/data/test1240 index 5e99f8aff0..59656d6ca1 100644 --- a/tests/data/test1240 +++ b/tests/data/test1240 @@ -31,17 +31,17 @@ glob [0-1] with stuff after range (7.33.0 regression) # Verify data after the test has been "shot" - -GET /00/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /01/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /00/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /01/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1241 b/tests/data/test1241 index e114ad326a..d6ea187601 100644 --- a/tests/data/test1241 +++ b/tests/data/test1241 @@ -48,19 +48,19 @@ proxy # # Verify data after the test has been "shot" - -GET http://test.remote.haxx.se.%TESTNUMBER:8990/../../hej/but/who/../%TESTNUMBER?stupid=me/../%TESTNUMBER HTTP/1.1 -Host: test.remote.haxx.se.%TESTNUMBER:8990 -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://test.remote.haxx.se.%TESTNUMBER:8990/../../hej/but/who/../%TESTNUMBER0001 HTTP/1.1 -Host: test.remote.haxx.se.%TESTNUMBER:8990 -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://test.remote.haxx.se.%TESTNUMBER:8990/../../hej/but/who/../%TESTNUMBER?stupid=me/../%TESTNUMBER HTTP/1.1 +Host: test.remote.haxx.se.%TESTNUMBER:8990 +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://test.remote.haxx.se.%TESTNUMBER:8990/../../hej/but/who/../%TESTNUMBER0001 HTTP/1.1 +Host: test.remote.haxx.se.%TESTNUMBER:8990 +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test1244 b/tests/data/test1244 index fa8ac90753..238c0c609f 100644 --- a/tests/data/test1244 +++ b/tests/data/test1244 @@ -50,13 +50,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -x %HOSTIP:%HTTPPORT --next http://%HOSTIP: 56 - -GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test1245 b/tests/data/test1245 index 0814e7dc32..ad096eaca5 100644 --- a/tests/data/test1245 +++ b/tests/data/test1245 @@ -42,12 +42,12 @@ ftp # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # 1 - Protocol ftp not supported or disabled in libcurl diff --git a/tests/data/test1246 b/tests/data/test1246 index 7723192fa1..33859c4695 100644 --- a/tests/data/test1246 +++ b/tests/data/test1246 @@ -48,19 +48,19 @@ proxy # # Verify data after the test has been "shot" - -GET http://test.remote.haxx.se.%TESTNUMBER:%HTTPPORT/ HTTP/1.1 -Host: test.remote.haxx.se.%TESTNUMBER:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://no-scheme-url.com.%TESTNUMBER:%HTTPPORT/ HTTP/1.1 -Host: no-scheme-url.com.%TESTNUMBER:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://test.remote.haxx.se.%TESTNUMBER:%HTTPPORT/ HTTP/1.1 +Host: test.remote.haxx.se.%TESTNUMBER:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://no-scheme-url.com.%TESTNUMBER:%HTTPPORT/ HTTP/1.1 +Host: no-scheme-url.com.%TESTNUMBER:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test1248 b/tests/data/test1248 index 515b873519..4e9a5ae483 100644 --- a/tests/data/test1248 +++ b/tests/data/test1248 @@ -38,13 +38,13 @@ http://user:secret@%HOSTIP:%HTTPPORT/%TESTNUMBER --proxy http://dummy:%NOLISTENP # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[user:secret]b64% -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[user:secret]b64% +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1249 b/tests/data/test1249 index 83c79bff84..00ffa64aee 100644 --- a/tests/data/test1249 +++ b/tests/data/test1249 @@ -41,13 +41,13 @@ http://user:secret@%HOSTIP:%HTTPPORT/%TESTNUMBER --proxy http://dummy:%NOLISTENP # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[user:secret]b64% -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[user:secret]b64% +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1250 b/tests/data/test1250 index 905810a451..cc82fe9f57 100644 --- a/tests/data/test1250 +++ b/tests/data/test1250 @@ -39,13 +39,13 @@ http://user:secret@%HOSTIP:%HTTPPORT/%TESTNUMBER --noproxy %HOSTIP --max-time 5 # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[user:secret]b64% -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[user:secret]b64% +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1251 b/tests/data/test1251 index 3f1503575b..4703d6a434 100644 --- a/tests/data/test1251 +++ b/tests/data/test1251 @@ -40,13 +40,13 @@ http://user:secret@%HOSTIP:%HTTPPORT/%TESTNUMBER --max-time 5 # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[user:secret]b64% -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[user:secret]b64% +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1252 b/tests/data/test1252 index 0da6012d57..6daa4b1671 100644 --- a/tests/data/test1252 +++ b/tests/data/test1252 @@ -42,12 +42,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --proxy http://%HOSTIP:%HTTPPORT --noproxy # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1253 b/tests/data/test1253 index f6c4153f86..615a5c0d99 100644 --- a/tests/data/test1253 +++ b/tests/data/test1253 @@ -42,13 +42,13 @@ proxy # Verify data after the test has been "shot" - -GET http://somewhere.example.com/%TESTNUMBER HTTP/1.1 -Host: somewhere.example.com -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://somewhere.example.com/%TESTNUMBER HTTP/1.1 +Host: somewhere.example.com +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test1254 b/tests/data/test1254 index 07e77ed2a2..56299ffac2 100644 --- a/tests/data/test1254 +++ b/tests/data/test1254 @@ -42,13 +42,13 @@ proxy # Verify data after the test has been "shot" - -GET http://somewhere.example.com/%TESTNUMBER HTTP/1.1 -Host: somewhere.example.com -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://somewhere.example.com/%TESTNUMBER HTTP/1.1 +Host: somewhere.example.com +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test1255 b/tests/data/test1255 index 9316051b99..78f0b47cff 100644 --- a/tests/data/test1255 +++ b/tests/data/test1255 @@ -41,12 +41,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --noproxy %HOSTIP # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1256 b/tests/data/test1256 index b5dd610c0d..312b3ad6be 100644 --- a/tests/data/test1256 +++ b/tests/data/test1256 @@ -44,13 +44,13 @@ proxy # Verify data after the test has been "shot" - -GET http://somewhere.example.com/%TESTNUMBER HTTP/1.1 -Host: somewhere.example.com -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://somewhere.example.com/%TESTNUMBER HTTP/1.1 +Host: somewhere.example.com +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test1257 b/tests/data/test1257 index 47245e9dd0..2812b9f032 100644 --- a/tests/data/test1257 +++ b/tests/data/test1257 @@ -44,13 +44,13 @@ proxy # Verify data after the test has been "shot" - -GET http://somewhere.example.com/%TESTNUMBER HTTP/1.1 -Host: somewhere.example.com -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://somewhere.example.com/%TESTNUMBER HTTP/1.1 +Host: somewhere.example.com +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test1258 b/tests/data/test1258 index ae4a33e4b2..81518de97e 100644 --- a/tests/data/test1258 +++ b/tests/data/test1258 @@ -39,18 +39,18 @@ cookies # Verify data after the test has been "shot" - -GET /we/want/%TESTNUMBER HTTP/1.1 -Host: localhost -User-Agent: curl/%VERSION -Accept: */* - -GET /we/want?hoge=fuga HTTP/1.1 -Host: localhost -User-Agent: curl/%VERSION -Accept: */* -Cookie: I-am=here - + +GET /we/want/%TESTNUMBER HTTP/1.1 +Host: localhost +User-Agent: curl/%VERSION +Accept: */* + +GET /we/want?hoge=fuga HTTP/1.1 +Host: localhost +User-Agent: curl/%VERSION +Accept: */* +Cookie: I-am=here + diff --git a/tests/data/test1259 b/tests/data/test1259 index 981e8d77b7..4b98a5e467 100644 --- a/tests/data/test1259 +++ b/tests/data/test1259 @@ -33,13 +33,13 @@ HTTP URL with semicolon in password # Verify data after the test has been "shot" - -GET /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[user:pass]b64%O3dvcmQ= -User-Agent: curl/%VERSION -Accept: */* - + +GET /we/want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[user:pass]b64%O3dvcmQ= +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test126 b/tests/data/test126 index b830fc7781..f23feaabac 100644 --- a/tests/data/test126 +++ b/tests/data/test126 @@ -32,17 +32,17 @@ ftp://%HOSTIP:%FTPPORT/blalbla/lululul/%TESTNUMBER # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD blalbla -CWD lululul -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD blalbla +CWD lululul +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1261 b/tests/data/test1261 index 17a8af82c0..7cfb8d762c 100644 --- a/tests/data/test1261 +++ b/tests/data/test1261 @@ -36,12 +36,12 @@ http://%HOSTIP:%HTTPPORT/we/want/our/%TESTNUMBER -w '%{redirect_url}\n' --locati # Verify data after the test has been "shot" - -GET /we/want/our/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /we/want/our/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # CURLE_TOO_MANY_REDIRECTS diff --git a/tests/data/test1262 b/tests/data/test1262 index 0a7046ce93..d094f3ece5 100644 --- a/tests/data/test1262 +++ b/tests/data/test1262 @@ -28,13 +28,13 @@ ftp://%HOSTIP:%FTPPORT/blalbla/%TESTNUMBER -z "-1 jan 2001" - -USER anonymous -PASS ftp@example.com -PWD -CWD blalbla -MDTM %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD blalbla +MDTM %TESTNUMBER +QUIT diff --git a/tests/data/test1265 b/tests/data/test1265 index d5cc00b710..05dea24063 100644 --- a/tests/data/test1265 +++ b/tests/data/test1265 @@ -46,12 +46,12 @@ http://%HOST6IP:%HTTP6PORT/%TESTNUMBER # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOST6IP:%HTTP6PORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOST6IP:%HTTP6PORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1266 b/tests/data/test1266 index 83975116dc..733724c75a 100644 --- a/tests/data/test1266 +++ b/tests/data/test1266 @@ -33,12 +33,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --http0.9 # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1267 b/tests/data/test1267 index 42cf40c31d..b94ea3dc2e 100644 --- a/tests/data/test1267 +++ b/tests/data/test1267 @@ -33,12 +33,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --http0.9 # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test127 b/tests/data/test127 index ebf122d018..72f813649c 100644 --- a/tests/data/test127 +++ b/tests/data/test127 @@ -29,18 +29,18 @@ ftp://%HOSTIP:%FTPPORT/path/to/file/%TESTNUMBER --disable-epsv # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -CWD to -CWD file -PASV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +CWD to +CWD file +PASV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1270 b/tests/data/test1270 index 1e1fa67bb5..22e056d9c8 100644 --- a/tests/data/test1270 +++ b/tests/data/test1270 @@ -41,12 +41,12 @@ http://%HOSTIP:%HTTPPORT/we/want/our/%TESTNUMBER -w '%{redirect_url}\n' -s # Verify data after the test has been "shot" - -GET /we/want/our/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /we/want/our/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1271 b/tests/data/test1271 index 3cc994b716..2e3f3128a2 100644 --- a/tests/data/test1271 +++ b/tests/data/test1271 @@ -35,12 +35,12 @@ http://%HOSTIP:%HTTPPORT/we/want/our/%TESTNUMBER -w @%LOGDIR/blank%TESTNUMBER # Verify data after the test has been "shot" - -GET /we/want/our/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /we/want/our/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1272 b/tests/data/test1272 index 41fc3ef76f..ea2dd0331c 100644 --- a/tests/data/test1272 +++ b/tests/data/test1272 @@ -36,8 +36,8 @@ Gophers index # # Verify data after the test has been "shot" - -/%TESTNUMBER + +/%TESTNUMBER diff --git a/tests/data/test1273 b/tests/data/test1273 index fb5d47b2d4..c78ea02943 100644 --- a/tests/data/test1273 +++ b/tests/data/test1273 @@ -69,13 +69,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -C - -f # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Range: bytes=100- -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Range: bytes=100- +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1274 b/tests/data/test1274 index 1568c1aa6f..dd53c15964 100644 --- a/tests/data/test1274 +++ b/tests/data/test1274 @@ -43,12 +43,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -D %LOGDIR/out%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 200 OK diff --git a/tests/data/test1277 b/tests/data/test1277 index 52a0f675a2..7c7554bf0f 100644 --- a/tests/data/test1277 +++ b/tests/data/test1277 @@ -178,15 +178,15 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --tr-encoding --compressed s/^Accept-Encoding: [a-zA-Z, ]*/Accept-Encoding: xxx/ - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -TE: gzip -Accept-Encoding: xxx -Connection: TE - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +TE: gzip +Accept-Encoding: xxx +Connection: TE + diff --git a/tests/data/test128 b/tests/data/test128 index 089717da79..86a48f0f73 100644 --- a/tests/data/test128 +++ b/tests/data/test128 @@ -35,23 +35,23 @@ the # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -STOR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +STOR %TESTNUMBER +QUIT - -file -with Unix newlines -meant to be -converted -with -the ---crlf option + +file +with Unix newlines +meant to be +converted +with +the +--crlf option diff --git a/tests/data/test1280 b/tests/data/test1280 index 081cbbe547..5d2023357e 100644 --- a/tests/data/test1280 +++ b/tests/data/test1280 @@ -33,27 +33,27 @@ http://%HOSTIP:%HTTPPORT/[a-d]/%TESTNUMBER # Verify data after the test has been "shot" - -GET /a/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /b/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /c/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /d/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /a/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /b/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /c/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /d/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1282 b/tests/data/test1282 index a54166be96..ba5d545dca 100644 --- a/tests/data/test1282 +++ b/tests/data/test1282 @@ -29,9 +29,9 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com + +USER anonymous +PASS ftp@example.com # 67 == CURLE_LOGIN_DENIED diff --git a/tests/data/test1283 b/tests/data/test1283 index 1e8e9d4474..93bca79a1c 100644 --- a/tests/data/test1283 +++ b/tests/data/test1283 @@ -36,12 +36,12 @@ http://%HOSTIP:%HTTPPORT/[a-a][1-1][b-b:1][2-2:1]/%TESTNUMBER -o "%LOGDIR/outfil # Verify data after the test has been "shot" - -GET /a1b2/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /a1b2/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 200 OK diff --git a/tests/data/test1284 b/tests/data/test1284 index 925150b6e7..a319b0cf47 100644 --- a/tests/data/test1284 +++ b/tests/data/test1284 @@ -67,22 +67,22 @@ HTTP POST --digest with user-specified Content-Length header # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 0 -Content-Type: application/x-www-form-urlencoded - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/%TESTNUMBER", response="5763079608de439072861a59ac733515" -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 11 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 0 +Content-Type: application/x-www-form-urlencoded + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/%TESTNUMBER", response="5763079608de439072861a59ac733515" +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 11 +Content-Type: application/x-www-form-urlencoded + junkelijunk diff --git a/tests/data/test1286 b/tests/data/test1286 index b8b47e7ef5..90f5e40be7 100644 --- a/tests/data/test1286 +++ b/tests/data/test1286 @@ -89,24 +89,24 @@ HTTP GET --digest increasing nonce-count if(s/^(Authorization: Digest )([^\r\n]+)(\r?\n)$//) { $_ = $1 . join(', ', map { s/^(cnonce=)"[a-zA-Z0-9+\/=]+"$/$1REMOVED/; s/^(response=)"[a-f0-9]{32}"$/$1REMOVED/; s/^qop="auth"$/qop=auth/; $_ } sort split(/, */, $2)) . $3; } - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest cnonce=REMOVED, nc=00000001, nonce="1053604144", qop=auth, realm="testrealm", response=REMOVED, uri="/%TESTNUMBER", username="auser" -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest cnonce=REMOVED, nc=00000002, nonce="1053604144", qop=auth, realm="testrealm", response=REMOVED, uri="/%TESTNUMBER0001", username="auser" -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest cnonce=REMOVED, nc=00000001, nonce="1053604144", qop=auth, realm="testrealm", response=REMOVED, uri="/%TESTNUMBER", username="auser" +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest cnonce=REMOVED, nc=00000002, nonce="1053604144", qop=auth, realm="testrealm", response=REMOVED, uri="/%TESTNUMBER0001", username="auser" +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1287 b/tests/data/test1287 index c9d2a6cb2d..314f1efe03 100644 --- a/tests/data/test1287 +++ b/tests/data/test1287 @@ -76,12 +76,12 @@ User-Agent: curl/%VERSION Proxy-Connection: Keep-Alive - -GET /we/want/that/page/%TESTNUMBER HTTP/1.1 -Host: test.%TESTNUMBER:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /we/want/that/page/%TESTNUMBER HTTP/1.1 +Host: test.%TESTNUMBER:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + * Ignoring Content-Length in CONNECT 200 response diff --git a/tests/data/test1288 b/tests/data/test1288 index e94bd5104d..0581d0e7b0 100644 --- a/tests/data/test1288 +++ b/tests/data/test1288 @@ -59,12 +59,12 @@ User-Agent: curl/%VERSION Proxy-Connection: Keep-Alive - -GET /we/want/that/page/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /we/want/that/page/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # This test is structured to test all the expectations of diff --git a/tests/data/test129 b/tests/data/test129 index 22e071d3e1..c01842f07d 100644 --- a/tests/data/test129 +++ b/tests/data/test129 @@ -42,12 +42,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # CURLE_UNSUPPORTED_PROTOCOL diff --git a/tests/data/test1290 b/tests/data/test1290 index 959247863e..293a2131c8 100644 --- a/tests/data/test1290 +++ b/tests/data/test1290 @@ -35,12 +35,12 @@ Verify URL globbing ignores [] # Verify data after the test has been "shot" - -GET /we/want/[]/page/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /we/want/[]/page/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1292 b/tests/data/test1292 index e674bfd89c..71b2aefa21 100644 --- a/tests/data/test1292 +++ b/tests/data/test1292 @@ -37,12 +37,12 @@ Replaced internal headers with a blank one # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: -User-Agent: curl/%VERSION -Accept: - + +GET /%TESTNUMBER HTTP/1.1 +Host: +User-Agent: curl/%VERSION +Accept: + diff --git a/tests/data/test1293 b/tests/data/test1293 index afecfaf2f9..ec71b8a6a5 100644 --- a/tests/data/test1293 +++ b/tests/data/test1293 @@ -50,19 +50,19 @@ http://0 http://%HOSTIP:%HTTPPORT/%TESTNUMBER -F= s/^--------------------------[A-Za-z0-9]*/------------------------------/ s/boundary=------------------------[A-Za-z0-9]*/boundary=----------------------------/ - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 138 -Content-Type: multipart/form-data; boundary=---------------------------- - ------------------------------- -Content-Disposition: form-data - - --------------------------------- + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 138 +Content-Type: multipart/form-data; boundary=---------------------------- + +------------------------------ +Content-Disposition: form-data + + +-------------------------------- diff --git a/tests/data/test1294 b/tests/data/test1294 index 58e2d379e0..887023959b 100644 --- a/tests/data/test1294 +++ b/tests/data/test1294 @@ -51,13 +51,13 @@ http://%HOSTIP:%HTTPPORT/0123456790123456790123456790123456790123456790123456790 # # Verify data after the test has been "shot" - -GET /012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Among other public buildings in a certain town, which for many reasons it will be prudent to refrain from mentioning, and to which I will assign no fictitious name, there is one anciently common to most towns, great or small to ___, a workhouse; and in this workhouse was born; on a day and date which I need not trouble myself to repeat, inasmuch as it can be of no possible consequence to the reader, in this stage of the business at all events; the item of mortality whose name is prefixed to the head of this chapter: 511 - + +GET /012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Among other public buildings in a certain town, which for many reasons it will be prudent to refrain from mentioning, and to which I will assign no fictitious name, there is one anciently common to most towns, great or small to ___, a workhouse; and in this workhouse was born; on a day and date which I need not trouble myself to repeat, inasmuch as it can be of no possible consequence to the reader, in this stage of the business at all events; the item of mortality whose name is prefixed to the head of this chapter: 511 + diff --git a/tests/data/test1295 b/tests/data/test1295 index 5c963cae43..bfd13c73f6 100644 --- a/tests/data/test1295 +++ b/tests/data/test1295 @@ -51,15 +51,15 @@ http://%HOSTIP:%HTTPPORT/0123456790123456790123456790123456790123456790123456790 # # Verify data after the test has been "shot" - -POST /012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679: 300 -Content-Length: 165 -Content-Type: application/x-www-form-urlencoded - + +POST /012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679: 300 +Content-Length: 165 +Content-Type: application/x-www-form-urlencoded + Mr. Sherlock Holmes, who was usually very late in the mornings, save upon those not infrequent occasions when he was up all night, was seated at the breakfast table. diff --git a/tests/data/test1296 b/tests/data/test1296 index 316cc63bd7..253c8c6c7a 100644 --- a/tests/data/test1296 +++ b/tests/data/test1296 @@ -41,13 +41,13 @@ http://user%0aname:password@%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[user%0aname:password]b64% -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[user%0aname:password]b64% +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1297 b/tests/data/test1297 index 386154af30..eda49ba5f9 100644 --- a/tests/data/test1297 +++ b/tests/data/test1297 @@ -50,12 +50,12 @@ User-Agent: curl/%VERSION Proxy-Connection: Keep-Alive - -GET /we/want/that/page/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /we/want/that/page/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # 52 - got nothing diff --git a/tests/data/test1298 b/tests/data/test1298 index cebe4a9f71..60c1b7b17e 100644 --- a/tests/data/test1298 +++ b/tests/data/test1298 @@ -42,13 +42,13 @@ HTTP GET special path with --request-target # # Verify data after the test has been "shot" - -GET XXX HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Testno: %TESTNUMBER - + +GET XXX HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Testno: %TESTNUMBER + diff --git a/tests/data/test1299 b/tests/data/test1299 index 11ac0c41f7..a0781bc9e5 100644 --- a/tests/data/test1299 +++ b/tests/data/test1299 @@ -41,13 +41,13 @@ Send "OPTIONS *" with --request-target # # Verify data after the test has been "shot" - -OPTIONS * HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Testno: %TESTNUMBER - + +OPTIONS * HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Testno: %TESTNUMBER + diff --git a/tests/data/test13 b/tests/data/test13 index b8bcf16494..90c53724d8 100644 --- a/tests/data/test13 +++ b/tests/data/test13 @@ -31,12 +31,12 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -X DELETE # Verify data after the test has been "shot" - -DELETE /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +DELETE /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test130 b/tests/data/test130 index 2c4dfe85eb..91bde49106 100644 --- a/tests/data/test130 +++ b/tests/data/test130 @@ -50,14 +50,14 @@ default login userdef password passwddef # # Verify data after the test has been "shot" - -USER user1 -PASS passwd1 -PWD -EPSV -TYPE A -LIST -QUIT + +USER user1 +PASS passwd1 +PWD +EPSV +TYPE A +LIST +QUIT diff --git a/tests/data/test131 b/tests/data/test131 index 4a73de2850..4cff26ac5c 100644 --- a/tests/data/test131 +++ b/tests/data/test131 @@ -47,14 +47,14 @@ machine %HOSTIP login user2 password passwd2 # # Verify data after the test has been "shot" - -USER user2 -PASS passwd2 -PWD -EPSV -TYPE A -LIST -QUIT + +USER user2 +PASS passwd2 +PWD +EPSV +TYPE A +LIST +QUIT diff --git a/tests/data/test1310 b/tests/data/test1310 index 49bb0d36df..4d164596c9 100644 --- a/tests/data/test1310 +++ b/tests/data/test1310 @@ -40,12 +40,12 @@ http://%HOSTIP:%HTTPPORT/junk -J -O --show-headers --output-dir %LOGDIR # # Verify data after the test has been "shot" - -GET /junk HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /junk HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 200 OK diff --git a/tests/data/test1311 b/tests/data/test1311 index 1a14547ced..e5942fe1d6 100644 --- a/tests/data/test1311 +++ b/tests/data/test1311 @@ -39,12 +39,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -J -O --output-dir %LOGDIR # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + 12345 diff --git a/tests/data/test1312 b/tests/data/test1312 index b67fdded79..fcf3cbc0a1 100644 --- a/tests/data/test1312 +++ b/tests/data/test1312 @@ -39,12 +39,12 @@ HTTP GET with -J, Content-Disposition and ; in filename # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + 12345 diff --git a/tests/data/test1313 b/tests/data/test1313 index 922dbc7613..16ce2bbf10 100644 --- a/tests/data/test1313 +++ b/tests/data/test1313 @@ -39,12 +39,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -J -O --output-dir %LOGDIR # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + 12345 diff --git a/tests/data/test1314 b/tests/data/test1314 index 40cd18971c..3043466de3 100644 --- a/tests/data/test1314 +++ b/tests/data/test1314 @@ -63,19 +63,19 @@ proxy # Verify data after the test has been "shot" - -GET http://firstplace.example.com/want/%TESTNUMBER HTTP/1.1 -Host: firstplace.example.com -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://somewhere.example.com/reply/%TESTNUMBER HTTP/1.1 -Host: somewhere.example.com -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://firstplace.example.com/want/%TESTNUMBER HTTP/1.1 +Host: firstplace.example.com +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://somewhere.example.com/reply/%TESTNUMBER HTTP/1.1 +Host: somewhere.example.com +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test1316 b/tests/data/test1316 index 2218b6e147..08d9ec7b85 100644 --- a/tests/data/test1316 +++ b/tests/data/test1316 @@ -60,14 +60,14 @@ ftp://ftp.%TESTNUMBER:%FTPPORT/ -p -x %HOSTIP:%PROXYPORT # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE A -LIST -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE A +LIST +QUIT diff --git a/tests/data/test1317 b/tests/data/test1317 index 6ef065280d..d81358997e 100644 --- a/tests/data/test1317 +++ b/tests/data/test1317 @@ -43,12 +43,12 @@ HTTP with --resolve # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: example.com:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: example.com:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1318 b/tests/data/test1318 index b7cc434eb3..18188785d2 100644 --- a/tests/data/test1318 +++ b/tests/data/test1318 @@ -43,17 +43,17 @@ HTTP with --resolve and same host name using different cases # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: MiXeDcAsE.cOm:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0001 HTTP/1.1 -Host: mixedcase.com:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: MiXeDcAsE.cOm:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0001 HTTP/1.1 +Host: mixedcase.com:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1319 b/tests/data/test1319 index 2dd8870955..a4b32eec21 100644 --- a/tests/data/test1319 +++ b/tests/data/test1319 @@ -63,12 +63,12 @@ pop3://pop.%TESTNUMBER:%POP3PORT/%TESTNUMBER -p -x %HOSTIP:%PROXYPORT -u user:se # # Verify data after the test has been "shot" - -CAPA -USER user -PASS secret -RETR %TESTNUMBER -QUIT + +CAPA +USER user +PASS secret +RETR %TESTNUMBER +QUIT CONNECT pop.%TESTNUMBER:%POP3PORT HTTP/1.1 diff --git a/tests/data/test132 b/tests/data/test132 index 77d47c8fd2..d9b89436eb 100644 --- a/tests/data/test132 +++ b/tests/data/test132 @@ -47,14 +47,14 @@ machine %HOSTIP login user2 password passwd2 # # Verify data after the test has been "shot" - -USER mary -PASS mark -PWD -EPSV -TYPE A -LIST -QUIT + +USER mary +PASS mark +PWD +EPSV +TYPE A +LIST +QUIT diff --git a/tests/data/test1320 b/tests/data/test1320 index 9237ea5722..5061e8bed7 100644 --- a/tests/data/test1320 +++ b/tests/data/test1320 @@ -46,19 +46,19 @@ smtp://smtp.%TESTNUMBER:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +DATA +QUIT - -From: different -To: another - -body -. + +From: different +To: another + +body +. CONNECT smtp.%TESTNUMBER:%SMTPPORT HTTP/1.1 diff --git a/tests/data/test1321 b/tests/data/test1321 index 4fe83fefbb..0ccd858c0d 100644 --- a/tests/data/test1321 +++ b/tests/data/test1321 @@ -59,12 +59,12 @@ IMAP FETCH tunneled through HTTP proxy # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 LOGIN user secret -A003 SELECT %TESTNUMBER -A004 FETCH 1 BODY[] -A005 LOGOUT + +A001 CAPABILITY +A002 LOGIN user secret +A003 SELECT %TESTNUMBER +A004 FETCH 1 BODY[] +A005 LOGOUT CONNECT imap.%TESTNUMBER:%IMAPPORT HTTP/1.1 diff --git a/tests/data/test1322 b/tests/data/test1322 index a709527109..6f87503432 100644 --- a/tests/data/test1322 +++ b/tests/data/test1322 @@ -44,12 +44,12 @@ HTTP with --resolve and hostname with trailing dot # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: example.com.:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: example.com.:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1324 b/tests/data/test1324 index 7669da7b67..30b404fe23 100644 --- a/tests/data/test1324 +++ b/tests/data/test1324 @@ -48,12 +48,12 @@ HTTP with --resolve and [ipv6address] # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: example.com:%HTTP6PORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: example.com:%HTTP6PORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1325 b/tests/data/test1325 index 67b31d58fe..622981bd45 100644 --- a/tests/data/test1325 +++ b/tests/data/test1325 @@ -58,21 +58,21 @@ http://%HOSTIP:%HTTPPORT/we/%TESTNUMBER -L -d "moo" # # Verify data after the test has been "shot" - -POST /we/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 3 -Content-Type: application/x-www-form-urlencoded - -mooPOST /we/%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 3 -Content-Type: application/x-www-form-urlencoded - + +POST /we/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 3 +Content-Type: application/x-www-form-urlencoded + +mooPOST /we/%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 3 +Content-Type: application/x-www-form-urlencoded + moo diff --git a/tests/data/test1326 b/tests/data/test1326 index 89e5a79c73..c712faea6f 100644 --- a/tests/data/test1326 +++ b/tests/data/test1326 @@ -40,9 +40,9 @@ telnet://%HOSTIP:%HTTPPORT --upload-file - # # Verify data after the test has been "shot" - -GET /we/want/%TESTNUMBER HTTP/1.0 - + +GET /we/want/%TESTNUMBER HTTP/1.0 + diff --git a/tests/data/test1327 b/tests/data/test1327 index c54f2a8898..cf1c9c7fbd 100644 --- a/tests/data/test1327 +++ b/tests/data/test1327 @@ -39,9 +39,9 @@ telnet://%HOSTIP:%HTTPPORT -T %LOGDIR/%TESTNUMBER.txt # # Verify data after the test has been "shot" - -GET /we/want/%TESTNUMBER HTTP/1.0 - + +GET /we/want/%TESTNUMBER HTTP/1.0 + diff --git a/tests/data/test1328 b/tests/data/test1328 index e913e19cea..b650946a41 100644 --- a/tests/data/test1328 +++ b/tests/data/test1328 @@ -54,17 +54,17 @@ HTTP GET a globbed range with -f # # Verify data after the test has been "shot" - -GET /%TESTNUMBER0000 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER0000 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test133 b/tests/data/test133 index 4a2c46cde4..c125ed9f04 100644 --- a/tests/data/test133 +++ b/tests/data/test133 @@ -47,14 +47,14 @@ machine %HOSTIP login mary password drfrank # # Verify data after the test has been "shot" - -USER mary -PASS drfrank -PWD -EPSV -TYPE A -LIST -QUIT + +USER mary +PASS drfrank +PWD +EPSV +TYPE A +LIST +QUIT diff --git a/tests/data/test1331 b/tests/data/test1331 index ed74623112..9c211cf366 100644 --- a/tests/data/test1331 +++ b/tests/data/test1331 @@ -72,21 +72,21 @@ proxy # Verify data after the test has been "shot" - -GET http://z.x.com/%TESTNUMBER HTTP/1.1 -Host: z.x.com -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://z.x.com/%TESTNUMBER HTTP/1.1 -Host: z.x.com -Proxy-Authorization: Basic %b64[myname:mypassword]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Cookie: proxycookie=weirdo - + +GET http://z.x.com/%TESTNUMBER HTTP/1.1 +Host: z.x.com +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://z.x.com/%TESTNUMBER HTTP/1.1 +Host: z.x.com +Proxy-Authorization: Basic %b64[myname:mypassword]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Cookie: proxycookie=weirdo + diff --git a/tests/data/test1332 b/tests/data/test1332 index 8352940823..c852d84b5d 100644 --- a/tests/data/test1332 +++ b/tests/data/test1332 @@ -57,21 +57,21 @@ http://%HOSTIP:%HTTPPORT/blah/%TESTNUMBER -L -d "moo" --post303 # # Verify data after the test has been "shot" - -POST /blah/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 3 -Content-Type: application/x-www-form-urlencoded - -mooPOST /blah/moo.html&testcase=/%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 3 -Content-Type: application/x-www-form-urlencoded - + +POST /blah/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 3 +Content-Type: application/x-www-form-urlencoded + +mooPOST /blah/moo.html&testcase=/%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 3 +Content-Type: application/x-www-form-urlencoded + moo diff --git a/tests/data/test1333 b/tests/data/test1333 index 5a5dd63a2d..050b041163 100644 --- a/tests/data/test1333 +++ b/tests/data/test1333 @@ -38,16 +38,16 @@ HTTP POST zero length, chunked-encoded # # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Transfer-Encoding: chunked -Content-Type: application/x-www-form-urlencoded - -0 - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Transfer-Encoding: chunked +Content-Type: application/x-www-form-urlencoded + +0 + diff --git a/tests/data/test1334 b/tests/data/test1334 index 1a13864c2e..2c12a7ce7a 100644 --- a/tests/data/test1334 +++ b/tests/data/test1334 @@ -37,12 +37,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -O -D %LOGDIR/heads%TESTNUMBER --output-dir # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1335 b/tests/data/test1335 index 146ff6d918..f98e879d41 100644 --- a/tests/data/test1335 +++ b/tests/data/test1335 @@ -37,12 +37,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -O -D - --output-dir="%LOGDIR" # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1336 b/tests/data/test1336 index dd93b5f9fc..fabb3cf068 100644 --- a/tests/data/test1336 +++ b/tests/data/test1336 @@ -38,12 +38,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -O -D %LOGDIR/heads%TESTNUMBER --output-dir # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1337 b/tests/data/test1337 index 5dbddeea61..9781562420 100644 --- a/tests/data/test1337 +++ b/tests/data/test1337 @@ -38,12 +38,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -O -D - --output-dir %LOGDIR # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1338 b/tests/data/test1338 index bc7b641e6e..beb58447cd 100644 --- a/tests/data/test1338 +++ b/tests/data/test1338 @@ -38,12 +38,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -J -O -D %LOGDIR/heads%TESTNUMBER --output- # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1339 b/tests/data/test1339 index a3533841d1..f6ee7ac057 100644 --- a/tests/data/test1339 +++ b/tests/data/test1339 @@ -38,12 +38,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -J -O -D - --output-dir %LOGDIR # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test134 b/tests/data/test134 index 207e4f5d47..57403acf90 100644 --- a/tests/data/test134 +++ b/tests/data/test134 @@ -49,14 +49,14 @@ machine %HOSTIP login user2 password passwd2 # # Verify data after the test has been "shot" - -USER romulus -PASS rhemus -PWD -EPSV -TYPE A -LIST -QUIT + +USER romulus +PASS rhemus +PWD +EPSV +TYPE A +LIST +QUIT diff --git a/tests/data/test1340 b/tests/data/test1340 index 9b6c092da3..91072c0aac 100644 --- a/tests/data/test1340 +++ b/tests/data/test1340 @@ -39,12 +39,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -J -O -D %LOGDIR/heads%TESTNUMBER -w "curl # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1341 b/tests/data/test1341 index 74cfd3b354..0dcd2d03a8 100644 --- a/tests/data/test1341 +++ b/tests/data/test1341 @@ -39,12 +39,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -J -O -D - -w "curl saved to filename %{fil # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1342 b/tests/data/test1342 index 6d039f7ee3..15e1f8ece0 100644 --- a/tests/data/test1342 +++ b/tests/data/test1342 @@ -37,12 +37,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -i -O -D %LOGDIR/heads%TESTNUMBER --output- # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1343 b/tests/data/test1343 index c6a18f2ba7..66401d1415 100644 --- a/tests/data/test1343 +++ b/tests/data/test1343 @@ -37,12 +37,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -i -O -D - --output-dir %LOGDIR # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1344 b/tests/data/test1344 index de440520e0..50d9456932 100644 --- a/tests/data/test1344 +++ b/tests/data/test1344 @@ -38,12 +38,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -i -O -D %LOGDIR/heads%TESTNUMBER --output- # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1345 b/tests/data/test1345 index a093e5d8cf..ac5cb063dd 100644 --- a/tests/data/test1345 +++ b/tests/data/test1345 @@ -38,12 +38,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -i -O -D - --output-dir %LOGDIR # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1346 b/tests/data/test1346 index af2a35cbab..81b170ecb9 100644 --- a/tests/data/test1346 +++ b/tests/data/test1346 @@ -37,12 +37,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -i -O --output-dir %LOGDIR # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1347 b/tests/data/test1347 index bbef9f409c..e1e14cf568 100644 --- a/tests/data/test1347 +++ b/tests/data/test1347 @@ -38,12 +38,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -i -O --output-dir %LOGDIR # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1348 b/tests/data/test1348 index b99ab58f8d..e072169f85 100644 --- a/tests/data/test1348 +++ b/tests/data/test1348 @@ -29,16 +29,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -O --output-dir %LOGDIR # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test1349 b/tests/data/test1349 index 03f91ae23a..63c06e2983 100644 --- a/tests/data/test1349 +++ b/tests/data/test1349 @@ -29,16 +29,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -O -D %LOGDIR/heads%TESTNUMBER --out # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test135 b/tests/data/test135 index 3dc1d531f5..2780c03354 100644 --- a/tests/data/test135 +++ b/tests/data/test135 @@ -38,17 +38,17 @@ FTP retrieve a byte-range # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -REST 4 -RETR %TESTNUMBER -ABOR -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +REST 4 +RETR %TESTNUMBER +ABOR +QUIT diff --git a/tests/data/test1350 b/tests/data/test1350 index 60d3620773..5d7a365394 100644 --- a/tests/data/test1350 +++ b/tests/data/test1350 @@ -29,16 +29,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -O -D - --output-dir %LOGDIR # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test1351 b/tests/data/test1351 index 05a22ce629..d05f9b026c 100644 --- a/tests/data/test1351 +++ b/tests/data/test1351 @@ -30,16 +30,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -O -J -D %LOGDIR/heads%TESTNUMBER -- # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test1352 b/tests/data/test1352 index ae94e5aad4..db093ab72b 100644 --- a/tests/data/test1352 +++ b/tests/data/test1352 @@ -30,16 +30,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -O -J -D - --output-dir %LOGDIR # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test1353 b/tests/data/test1353 index 45aad1c4ba..45308f1cf1 100644 --- a/tests/data/test1353 +++ b/tests/data/test1353 @@ -29,16 +29,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -O -i -D %LOGDIR/heads%TESTNUMBER -- # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test1354 b/tests/data/test1354 index c7ff933cc1..dfba8ba3a5 100644 --- a/tests/data/test1354 +++ b/tests/data/test1354 @@ -29,16 +29,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -O -i -D - --output-dir %LOGDIR # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test1355 b/tests/data/test1355 index 7158a6e99f..30f40eac39 100644 --- a/tests/data/test1355 +++ b/tests/data/test1355 @@ -29,16 +29,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -O -i --output-dir %LOGDIR # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test1356 b/tests/data/test1356 index e690747f16..55161e1437 100644 --- a/tests/data/test1356 +++ b/tests/data/test1356 @@ -37,16 +37,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -O --output-dir %LOGDIR # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test1357 b/tests/data/test1357 index 926fd538d9..25ce6b24b7 100644 --- a/tests/data/test1357 +++ b/tests/data/test1357 @@ -37,16 +37,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -O -D %LOGDIR/heads%TESTNUMBER --out # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test1358 b/tests/data/test1358 index 14fc95afee..c5e3ce80fb 100644 --- a/tests/data/test1358 +++ b/tests/data/test1358 @@ -37,16 +37,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -O -D - --output-dir %LOGDIR # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test1359 b/tests/data/test1359 index c26ac187b4..e7d0058600 100644 --- a/tests/data/test1359 +++ b/tests/data/test1359 @@ -38,16 +38,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -O -J -D %LOGDIR/heads%TESTNUMBER -- # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test136 b/tests/data/test136 index ef0b2c49ac..949ae2ebb2 100644 --- a/tests/data/test136 +++ b/tests/data/test136 @@ -28,15 +28,15 @@ FTP with user and no password # Verify data after the test has been "shot" - -USER user -PASS -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER user +PASS +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1360 b/tests/data/test1360 index a7ed493023..794ba64536 100644 --- a/tests/data/test1360 +++ b/tests/data/test1360 @@ -38,16 +38,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -O -J -D - --output-dir %LOGDIR # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test1361 b/tests/data/test1361 index 18c9f5f08c..13138941d7 100644 --- a/tests/data/test1361 +++ b/tests/data/test1361 @@ -37,16 +37,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -O -i -D %LOGDIR/heads%TESTNUMBER -- # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test1362 b/tests/data/test1362 index 261950969b..1ffa1a2e9a 100644 --- a/tests/data/test1362 +++ b/tests/data/test1362 @@ -37,16 +37,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -O -i -D - --output-dir %LOGDIR # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test1363 b/tests/data/test1363 index 022940257d..876304a39c 100644 --- a/tests/data/test1363 +++ b/tests/data/test1363 @@ -37,16 +37,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -O -i --output-dir %LOGDIR # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test1364 b/tests/data/test1364 index 2b3b566f6a..05b10105bb 100644 --- a/tests/data/test1364 +++ b/tests/data/test1364 @@ -37,12 +37,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -o %LOGDIR/outfile%TESTNUMBER -D %LOGDIR/he # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1365 b/tests/data/test1365 index 1a28a77ede..8643199f2d 100644 --- a/tests/data/test1365 +++ b/tests/data/test1365 @@ -37,12 +37,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -o %LOGDIR/outfile%TESTNUMBER -D - # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1366 b/tests/data/test1366 index 1107c22811..2b8d65ed20 100644 --- a/tests/data/test1366 +++ b/tests/data/test1366 @@ -38,12 +38,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -o %LOGDIR/outfile%TESTNUMBER -D %LOGDIR/he # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1367 b/tests/data/test1367 index 5d1efa3a95..d665b770d1 100644 --- a/tests/data/test1367 +++ b/tests/data/test1367 @@ -38,12 +38,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -o %LOGDIR/outfile%TESTNUMBER -D - # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1368 b/tests/data/test1368 index c9ee021691..cbe8d64d6b 100644 --- a/tests/data/test1368 +++ b/tests/data/test1368 @@ -38,12 +38,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -J -o %LOGDIR/outfile%TESTNUMBER -D %LOGDIR # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1369 b/tests/data/test1369 index 93627e6a48..bc818ce774 100644 --- a/tests/data/test1369 +++ b/tests/data/test1369 @@ -38,12 +38,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -J -o %LOGDIR/outfile%TESTNUMBER -D - # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test137 b/tests/data/test137 index 33b93589ec..43c4fcebf1 100644 --- a/tests/data/test137 +++ b/tests/data/test137 @@ -31,17 +31,17 @@ ftp://%HOSTIP:%FTPPORT/blalbla/lululul/%TESTNUMBER # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD blalbla -CWD lululul -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD blalbla +CWD lululul +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1370 b/tests/data/test1370 index 637444c540..0a08c0b8e3 100644 --- a/tests/data/test1370 +++ b/tests/data/test1370 @@ -39,12 +39,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -J -o %LOGDIR/outfile%TESTNUMBER -D %LOGDIR # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1371 b/tests/data/test1371 index d05c1a15bf..145a0a7a53 100644 --- a/tests/data/test1371 +++ b/tests/data/test1371 @@ -39,12 +39,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -J -o %LOGDIR/outfile%TESTNUMBER -D - # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1372 b/tests/data/test1372 index a39a243c99..c005a39a74 100644 --- a/tests/data/test1372 +++ b/tests/data/test1372 @@ -37,12 +37,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -i -o %LOGDIR/outfile%TESTNUMBER -D %LOGDIR # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1373 b/tests/data/test1373 index 7d94775d6f..33634c92fb 100644 --- a/tests/data/test1373 +++ b/tests/data/test1373 @@ -37,12 +37,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -i -o %LOGDIR/outfile%TESTNUMBER -D - # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1374 b/tests/data/test1374 index 95af862faa..6dda004788 100644 --- a/tests/data/test1374 +++ b/tests/data/test1374 @@ -38,12 +38,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -i -o %LOGDIR/outfile%TESTNUMBER -D %LOGDIR # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1375 b/tests/data/test1375 index f56a7d90b3..c226dc566f 100644 --- a/tests/data/test1375 +++ b/tests/data/test1375 @@ -38,12 +38,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -i -o %LOGDIR/outfile%TESTNUMBER -D - # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1376 b/tests/data/test1376 index 5b3280b033..ce11a423b7 100644 --- a/tests/data/test1376 +++ b/tests/data/test1376 @@ -37,12 +37,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -i -o %LOGDIR/outfile%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1377 b/tests/data/test1377 index 4bdc864bc1..52495d524b 100644 --- a/tests/data/test1377 +++ b/tests/data/test1377 @@ -38,12 +38,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -i -o %LOGDIR/outfile%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1378 b/tests/data/test1378 index 199679cab6..42e0c46541 100644 --- a/tests/data/test1378 +++ b/tests/data/test1378 @@ -29,16 +29,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -o %LOGDIR/download%TESTNUMBER # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test1379 b/tests/data/test1379 index 39b66ebe3b..5faf44ac1b 100644 --- a/tests/data/test1379 +++ b/tests/data/test1379 @@ -29,16 +29,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -o %LOGDIR/download%TESTNUMBER -D %L # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test138 b/tests/data/test138 index db3b6ec7df..765039d70c 100644 --- a/tests/data/test138 +++ b/tests/data/test138 @@ -34,17 +34,17 @@ ftp://%HOSTIP:%FTPPORT/blalbla/lululul/%TESTNUMBER # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD blalbla -CWD lululul -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD blalbla +CWD lululul +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1380 b/tests/data/test1380 index cca8020eb0..02db86ac27 100644 --- a/tests/data/test1380 +++ b/tests/data/test1380 @@ -29,16 +29,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -o %LOGDIR/download%TESTNUMBER -D - # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test1381 b/tests/data/test1381 index 3455369a98..4ae53c38cb 100644 --- a/tests/data/test1381 +++ b/tests/data/test1381 @@ -30,16 +30,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -o %LOGDIR/download%TESTNUMBER -J -D # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test1382 b/tests/data/test1382 index 78d05a3215..bce914faa6 100644 --- a/tests/data/test1382 +++ b/tests/data/test1382 @@ -30,16 +30,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -o %LOGDIR/download%TESTNUMBER -J -D # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test1383 b/tests/data/test1383 index 96c3e9a278..23a9ec55ba 100644 --- a/tests/data/test1383 +++ b/tests/data/test1383 @@ -29,16 +29,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -o %LOGDIR/download%TESTNUMBER -i -D # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test1384 b/tests/data/test1384 index 4251c42a1e..459a4e0236 100644 --- a/tests/data/test1384 +++ b/tests/data/test1384 @@ -29,16 +29,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -o %LOGDIR/download%TESTNUMBER -i -D # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test1385 b/tests/data/test1385 index c14ddba20f..33a5bb75de 100644 --- a/tests/data/test1385 +++ b/tests/data/test1385 @@ -29,16 +29,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -o %LOGDIR/download%TESTNUMBER -i # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test1386 b/tests/data/test1386 index 72f13ca582..622afb41c0 100644 --- a/tests/data/test1386 +++ b/tests/data/test1386 @@ -37,16 +37,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -o %LOGDIR/download%TESTNUMBER # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test1387 b/tests/data/test1387 index 43c28cc582..44b7d8aea2 100644 --- a/tests/data/test1387 +++ b/tests/data/test1387 @@ -37,16 +37,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -o %LOGDIR/download%TESTNUMBER -D %L # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test1388 b/tests/data/test1388 index 0a3c173e50..6bb7997279 100644 --- a/tests/data/test1388 +++ b/tests/data/test1388 @@ -37,16 +37,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -o %LOGDIR/download%TESTNUMBER -D - # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test1389 b/tests/data/test1389 index 0c648309e5..5c6979bd31 100644 --- a/tests/data/test1389 +++ b/tests/data/test1389 @@ -38,16 +38,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -o %LOGDIR/download%TESTNUMBER -J -D # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test139 b/tests/data/test139 index 160f628e2c..bde3f2d3b4 100644 --- a/tests/data/test139 +++ b/tests/data/test139 @@ -31,17 +31,17 @@ ftp://%HOSTIP:%FTPPORT/blalbla/%TESTNUMBER -z "1 jan 1989" # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD blalbla -MDTM %TESTNUMBER -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD blalbla +MDTM %TESTNUMBER +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1390 b/tests/data/test1390 index 6b3f4dad3e..e263fef969 100644 --- a/tests/data/test1390 +++ b/tests/data/test1390 @@ -38,16 +38,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -o %LOGDIR/download%TESTNUMBER -J -D # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test1391 b/tests/data/test1391 index 447a578291..063294b8e7 100644 --- a/tests/data/test1391 +++ b/tests/data/test1391 @@ -37,16 +37,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -o %LOGDIR/download%TESTNUMBER -i -D # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test1392 b/tests/data/test1392 index 4af7966889..824cc214c2 100644 --- a/tests/data/test1392 +++ b/tests/data/test1392 @@ -37,16 +37,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -o %LOGDIR/download%TESTNUMBER -i -D # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test1393 b/tests/data/test1393 index 492da66fc0..08946ee9ec 100644 --- a/tests/data/test1393 +++ b/tests/data/test1393 @@ -37,16 +37,16 @@ ftp://%HOSTIP:%FTPPORT/path/file%TESTNUMBER -o %LOGDIR/download%TESTNUMBER -i # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE file%TESTNUMBER -RETR file%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE file%TESTNUMBER +RETR file%TESTNUMBER +QUIT diff --git a/tests/data/test14 b/tests/data/test14 index 1bffda78d7..32ff62746e 100644 --- a/tests/data/test14 +++ b/tests/data/test14 @@ -30,12 +30,12 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -i --head # Verify data after the test has been "shot" - -HEAD /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +HEAD /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test140 b/tests/data/test140 index 5e29f5c7c7..0910ff3dc2 100644 --- a/tests/data/test140 +++ b/tests/data/test140 @@ -30,13 +30,13 @@ ftp://%HOSTIP:%FTPPORT/blalbla/%TESTNUMBER -z "1 jan 2004" # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD blalbla -MDTM %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD blalbla +MDTM %TESTNUMBER +QUIT diff --git a/tests/data/test1400 b/tests/data/test1400 index 4a9e1e66a5..1ff85505ca 100644 --- a/tests/data/test1400 +++ b/tests/data/test1400 @@ -40,12 +40,12 @@ http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER --libcurl %LOGDIR/test%TESTNUMBER.c # Verify data after the test has been "shot" - -GET /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /we/want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + s/(USERAGENT, \")[^\"]+/${1}stripped/ diff --git a/tests/data/test1401 b/tests/data/test1401 index bb5a7a97ac..5cb90eeacb 100644 --- a/tests/data/test1401 +++ b/tests/data/test1401 @@ -48,16 +48,16 @@ http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER --libcurl %LOGDIR/test%TESTNUMBER.c # Verify data after the test has been "shot" - -GET /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[fake:user]b64% -User-Agent: MyUA -Accept: */* -Cookie: chocolate=chip -X-Files: Mulder -X-Men: cyclops, iceman - + +GET /we/want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[fake:user]b64% +User-Agent: MyUA +Accept: */* +Cookie: chocolate=chip +X-Files: Mulder +X-Men: cyclops, iceman + # CURLOPT_SSL_VERIFYPEER, SSH_KNOWNHOSTS and HTTP_VERSION vary with diff --git a/tests/data/test1402 b/tests/data/test1402 index c973e7d8f8..9c0330532d 100644 --- a/tests/data/test1402 +++ b/tests/data/test1402 @@ -41,14 +41,14 @@ http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER --libcurl %LOGDIR/test%TESTNUMBER.c # Verify data after the test has been "shot" - -POST /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 16 -Content-Type: application/x-www-form-urlencoded - + +POST /we/want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 16 +Content-Type: application/x-www-form-urlencoded + foo=bar&baz=quux diff --git a/tests/data/test1403 b/tests/data/test1403 index a03da1d6d6..a6e56d9ff0 100644 --- a/tests/data/test1403 +++ b/tests/data/test1403 @@ -41,12 +41,12 @@ http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER --libcurl %LOGDIR/test%TESTNUMBER.c # Verify data after the test has been "shot" - -GET /we/want/%TESTNUMBER?foo=bar&baz=quux HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /we/want/%TESTNUMBER?foo=bar&baz=quux HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # curl's default user-agent varies with version, libraries etc. diff --git a/tests/data/test1405 b/tests/data/test1405 index b4560aa052..1860f408c8 100644 --- a/tests/data/test1405 +++ b/tests/data/test1405 @@ -45,21 +45,21 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER -Q "NOOP 1" -Q "+NOOP 2" -Q "-NOOP 3" -Q "*FA # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -NOOP 1 -FAIL -EPSV -PASV -TYPE I -NOOP 2 -FAIL HARD -SIZE %TESTNUMBER -RETR %TESTNUMBER -NOOP 3 -QUIT + +USER anonymous +PASS ftp@example.com +PWD +NOOP 1 +FAIL +EPSV +PASV +TYPE I +NOOP 2 +FAIL HARD +SIZE %TESTNUMBER +RETR %TESTNUMBER +NOOP 3 +QUIT /********* Sample code generated by the curl command line tool ********** diff --git a/tests/data/test1406 b/tests/data/test1406 index a41276c45d..bee4b337a4 100644 --- a/tests/data/test1406 +++ b/tests/data/test1406 @@ -47,20 +47,20 @@ ftp # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -MAIL FROM: SIZE=38 -RCPT TO: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +MAIL FROM: SIZE=38 +RCPT TO: +RCPT TO: +DATA +QUIT - -From: different -To: another - -body -. + +From: different +To: another + +body +. /********* Sample code generated by the curl command line tool ********** diff --git a/tests/data/test1407 b/tests/data/test1407 index 94724a6fae..cb838fc067 100644 --- a/tests/data/test1407 +++ b/tests/data/test1407 @@ -42,12 +42,12 @@ ftp # # Verify data after the test has been "shot" - -CAPA -USER user -PASS secret -LIST %TESTNUMBER -QUIT + +CAPA +USER user +PASS secret +LIST %TESTNUMBER +QUIT /********* Sample code generated by the curl command line tool ********** diff --git a/tests/data/test1408 b/tests/data/test1408 index 5c7f6493df..d46634ebee 100644 --- a/tests/data/test1408 +++ b/tests/data/test1408 @@ -56,18 +56,18 @@ HTTP receive cookies over IPV6 # # Verify data after the test has been "shot" - -GET /path/%TESTNUMBER0001 HTTP/1.1 -Host: %HOST6IP:%HTTP6PORT -User-Agent: curl/%VERSION -Accept: */* - -GET /path/%TESTNUMBER0002 HTTP/1.1 -Host: %HOST6IP:%HTTP6PORT -User-Agent: curl/%VERSION -Accept: */* -Cookie: time=1 - + +GET /path/%TESTNUMBER0001 HTTP/1.1 +Host: %HOST6IP:%HTTP6PORT +User-Agent: curl/%VERSION +Accept: */* + +GET /path/%TESTNUMBER0002 HTTP/1.1 +Host: %HOST6IP:%HTTP6PORT +User-Agent: curl/%VERSION +Accept: */* +Cookie: time=1 + diff --git a/tests/data/test141 b/tests/data/test141 index 425a98f2a6..7a7b4f648b 100644 --- a/tests/data/test141 +++ b/tests/data/test141 @@ -32,16 +32,16 @@ ftp://%HOSTIP:%FTPPORT/blalbla/%TESTNUMBER -I # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD blalbla -MDTM %TESTNUMBER -TYPE I -SIZE %TESTNUMBER -REST 0 -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD blalbla +MDTM %TESTNUMBER +TYPE I +SIZE %TESTNUMBER +REST 0 +QUIT Last-Modified: Wed, 09 Apr 2003 10:26:59 GMT diff --git a/tests/data/test1411 b/tests/data/test1411 index 9c75a225cc..f70cfa4856 100644 --- a/tests/data/test1411 +++ b/tests/data/test1411 @@ -46,13 +46,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -T %LOGDIR/empty%TESTNUMBER # # Verify data after the test has been "shot" - -PUT /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 0 - + +PUT /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 0 + diff --git a/tests/data/test1412 b/tests/data/test1412 index 56e016a0c0..7b665f12ab 100644 --- a/tests/data/test1412 +++ b/tests/data/test1412 @@ -101,29 +101,29 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --anyauth http://%HOST # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="gimme all yer s3cr3ts", nonce="11223344", uri="/%TESTNUMBER", response="0390dbe89e31adca0413d11f91f30e7f" -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="gimme all yer s3cr3ts", nonce="11223344", uri="/%TESTNUMBER0001", response="0085df91870374c8bf4e94415e7fbf8e" -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="gimme all yer s3cr3ts", nonce="11223344", uri="/%TESTNUMBER", response="0390dbe89e31adca0413d11f91f30e7f" +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="gimme all yer s3cr3ts", nonce="11223344", uri="/%TESTNUMBER0001", response="0085df91870374c8bf4e94415e7fbf8e" +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1413 b/tests/data/test1413 index 1ab4c1a818..c88f769824 100644 --- a/tests/data/test1413 +++ b/tests/data/test1413 @@ -56,17 +56,17 @@ http://%HOSTIP:%HTTPPORT/this/%TESTNUMBER -L # # Verify data after the test has been "shot" - -GET /this/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /this/moo.html/%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /this/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /this/moo.html/%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1415 b/tests/data/test1415 index 1e7090092f..cfccdf3974 100644 --- a/tests/data/test1415 +++ b/tests/data/test1415 @@ -64,13 +64,13 @@ proxy # Verify data after the test has been "shot" - -GET http://example.com/we/want/%TESTNUMBER HTTP/1.1 -Host: example.com -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://example.com/we/want/%TESTNUMBER HTTP/1.1 +Host: example.com +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test1416 b/tests/data/test1416 index 1af3b61f08..d0efdf665d 100644 --- a/tests/data/test1416 +++ b/tests/data/test1416 @@ -44,12 +44,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # 56 = CURLE_RECV_ERROR diff --git a/tests/data/test1417 b/tests/data/test1417 index 7c9be16b6e..558da7da1e 100644 --- a/tests/data/test1417 +++ b/tests/data/test1417 @@ -56,12 +56,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -D %LOGDIR/heads%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 200 funky chunky! diff --git a/tests/data/test142 b/tests/data/test142 index f59555642e..ffabe95ccf 100644 --- a/tests/data/test142 +++ b/tests/data/test142 @@ -26,165 +26,165 @@ ftp://%HOSTIP:%FTPPORT/part1/part2/part3/part4/part5/part6/part7/part8/part9/par # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD part1 -CWD part2 -CWD part3 -CWD part4 -CWD part5 -CWD part6 -CWD part7 -CWD part8 -CWD part9 -CWD part10 -CWD part11 -CWD part12 -CWD part13 -CWD part14 -CWD part15 -CWD part16 -CWD part17 -CWD part18 -CWD part19 -CWD part20 -CWD part21 -CWD part22 -CWD part23 -CWD part24 -CWD part25 -CWD part26 -CWD part27 -CWD part28 -CWD part29 -CWD part30 -CWD part31 -CWD part32 -CWD part33 -CWD part34 -CWD part35 -CWD part36 -CWD part37 -CWD part38 -CWD part39 -CWD part40 -CWD part41 -CWD part42 -CWD part43 -CWD part44 -CWD part45 -CWD part46 -CWD part47 -CWD part48 -CWD part49 -CWD part50 -CWD part51 -CWD part52 -CWD part53 -CWD part54 -CWD part55 -CWD part56 -CWD part57 -CWD part58 -CWD part59 -CWD part60 -CWD part61 -CWD part62 -CWD part63 -CWD part64 -CWD part65 -CWD part66 -CWD part67 -CWD part68 -CWD part69 -CWD part70 -CWD part71 -CWD part72 -CWD part73 -CWD part74 -CWD part75 -CWD part76 -CWD part77 -CWD part78 -CWD part79 -CWD part80 -CWD part81 -CWD part82 -CWD part83 -CWD part84 -CWD part85 -CWD part86 -CWD part87 -CWD part88 -CWD part89 -CWD part90 -CWD part91 -CWD part92 -CWD part93 -CWD part94 -CWD part95 -CWD part96 -CWD part97 -CWD part98 -CWD part99 -CWD part100 -CWD part101 -CWD part102 -CWD part103 -CWD part104 -CWD part105 -CWD part106 -CWD part107 -CWD part108 -CWD part109 -CWD part110 -CWD part111 -CWD part112 -CWD part113 -CWD part114 -CWD part115 -CWD part116 -CWD part117 -CWD part118 -CWD part119 -CWD part120 -CWD part121 -CWD part122 -CWD part123 -CWD part124 -CWD part125 -CWD part126 -CWD part127 -CWD part128 -CWD part129 -CWD part130 -CWD part131 -CWD part132 -CWD part133 -CWD part134 -CWD part135 -CWD part136 -CWD part137 -CWD part138 -CWD part139 -CWD part140 -CWD part141 -CWD part142 -CWD part143 -CWD part144 -CWD part145 -CWD part146 -CWD part147 -CWD part148 -CWD part149 -CWD part150 -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD part1 +CWD part2 +CWD part3 +CWD part4 +CWD part5 +CWD part6 +CWD part7 +CWD part8 +CWD part9 +CWD part10 +CWD part11 +CWD part12 +CWD part13 +CWD part14 +CWD part15 +CWD part16 +CWD part17 +CWD part18 +CWD part19 +CWD part20 +CWD part21 +CWD part22 +CWD part23 +CWD part24 +CWD part25 +CWD part26 +CWD part27 +CWD part28 +CWD part29 +CWD part30 +CWD part31 +CWD part32 +CWD part33 +CWD part34 +CWD part35 +CWD part36 +CWD part37 +CWD part38 +CWD part39 +CWD part40 +CWD part41 +CWD part42 +CWD part43 +CWD part44 +CWD part45 +CWD part46 +CWD part47 +CWD part48 +CWD part49 +CWD part50 +CWD part51 +CWD part52 +CWD part53 +CWD part54 +CWD part55 +CWD part56 +CWD part57 +CWD part58 +CWD part59 +CWD part60 +CWD part61 +CWD part62 +CWD part63 +CWD part64 +CWD part65 +CWD part66 +CWD part67 +CWD part68 +CWD part69 +CWD part70 +CWD part71 +CWD part72 +CWD part73 +CWD part74 +CWD part75 +CWD part76 +CWD part77 +CWD part78 +CWD part79 +CWD part80 +CWD part81 +CWD part82 +CWD part83 +CWD part84 +CWD part85 +CWD part86 +CWD part87 +CWD part88 +CWD part89 +CWD part90 +CWD part91 +CWD part92 +CWD part93 +CWD part94 +CWD part95 +CWD part96 +CWD part97 +CWD part98 +CWD part99 +CWD part100 +CWD part101 +CWD part102 +CWD part103 +CWD part104 +CWD part105 +CWD part106 +CWD part107 +CWD part108 +CWD part109 +CWD part110 +CWD part111 +CWD part112 +CWD part113 +CWD part114 +CWD part115 +CWD part116 +CWD part117 +CWD part118 +CWD part119 +CWD part120 +CWD part121 +CWD part122 +CWD part123 +CWD part124 +CWD part125 +CWD part126 +CWD part127 +CWD part128 +CWD part129 +CWD part130 +CWD part131 +CWD part132 +CWD part133 +CWD part134 +CWD part135 +CWD part136 +CWD part137 +CWD part138 +CWD part139 +CWD part140 +CWD part141 +CWD part142 +CWD part143 +CWD part144 +CWD part145 +CWD part146 +CWD part147 +CWD part148 +CWD part149 +CWD part150 +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT Allocations: 170 diff --git a/tests/data/test1420 b/tests/data/test1420 index 2cc7039062..c3c3f6ffc8 100644 --- a/tests/data/test1420 +++ b/tests/data/test1420 @@ -48,12 +48,12 @@ ftp # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 LOGIN user secret -A003 SELECT %TESTNUMBER -A004 FETCH 1 BODY[] -A005 LOGOUT + +A001 CAPABILITY +A002 LOGIN user secret +A003 SELECT %TESTNUMBER +A004 FETCH 1 BODY[] +A005 LOGOUT /********* Sample code generated by the curl command line tool ********** diff --git a/tests/data/test1422 b/tests/data/test1422 index 9aa95bf273..3d57e77d2f 100644 --- a/tests/data/test1422 +++ b/tests/data/test1422 @@ -41,12 +41,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -J -O file://%FILE_PWD/%LOGDIR/name%TESTNUM # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1423 b/tests/data/test1423 index 16a4cf31fc..a49a04cbdd 100644 --- a/tests/data/test1423 +++ b/tests/data/test1423 @@ -37,12 +37,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -o %LOGDIR/outfile%TESTNUMBER file://%FILE_ # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1424 b/tests/data/test1424 index 640582549d..806906a633 100644 --- a/tests/data/test1424 +++ b/tests/data/test1424 @@ -57,13 +57,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -z "dec 12 11:00:00 1999 GMT" -o %LOGDIR/ou # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -If-Modified-Since: Sun, 12 Dec 1999 11:00:00 GMT - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +If-Modified-Since: Sun, 12 Dec 1999 11:00:00 GMT + diff --git a/tests/data/test1425 b/tests/data/test1425 index 63032181b2..681b06f6a6 100644 --- a/tests/data/test1425 +++ b/tests/data/test1425 @@ -49,12 +49,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 200 OK diff --git a/tests/data/test1426 b/tests/data/test1426 index 737c7514f1..407a499dab 100644 --- a/tests/data/test1426 +++ b/tests/data/test1426 @@ -49,12 +49,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --output - # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 200 OK diff --git a/tests/data/test1428 b/tests/data/test1428 index 51d7721bce..5636f04710 100644 --- a/tests/data/test1428 +++ b/tests/data/test1428 @@ -68,14 +68,14 @@ Proxy-Connection: Keep-Alive header-type: proxy - -GET /we/want/that/page/%TESTNUMBER HTTP/1.1 -Host: test.%TESTNUMBER:%HTTPPORT -Authorization: Basic %b64[iam:my:;self]b64% -User-Agent: curl/%VERSION -Accept: */* -header-type: server - + +GET /we/want/that/page/%TESTNUMBER HTTP/1.1 +Host: test.%TESTNUMBER:%HTTPPORT +Authorization: Basic %b64[iam:my:;self]b64% +User-Agent: curl/%VERSION +Accept: */* +header-type: server + diff --git a/tests/data/test1429 b/tests/data/test1429 index 3d8dce1a95..d313bc4b89 100644 --- a/tests/data/test1429 +++ b/tests/data/test1429 @@ -57,12 +57,12 @@ Funny-head: yesyes -foo- 999 - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test143 b/tests/data/test143 index ed89e70dec..205cc1fc6d 100644 --- a/tests/data/test143 +++ b/tests/data/test143 @@ -28,17 +28,17 @@ FTP URL with type=a # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD / -CWD tmp -CWD moo -EPSV -TYPE A -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD / +CWD tmp +CWD moo +EPSV +TYPE A +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1430 b/tests/data/test1430 index 11db3ccbfc..ebf025101e 100644 --- a/tests/data/test1430 +++ b/tests/data/test1430 @@ -40,12 +40,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # 1 - CURLE_UNSUPPORTED_PROTOCOL # Due to invalid HTTP response code diff --git a/tests/data/test1431 b/tests/data/test1431 index 3f396a4a21..b8a1b01dd4 100644 --- a/tests/data/test1431 +++ b/tests/data/test1431 @@ -40,12 +40,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + 1 diff --git a/tests/data/test1432 b/tests/data/test1432 index 4789057a1b..971e854178 100644 --- a/tests/data/test1432 +++ b/tests/data/test1432 @@ -41,12 +41,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + 1 diff --git a/tests/data/test1433 b/tests/data/test1433 index aec6181a1e..852e056f70 100644 --- a/tests/data/test1433 +++ b/tests/data/test1433 @@ -41,12 +41,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + 1 diff --git a/tests/data/test1434 b/tests/data/test1434 index b6f775e0f6..92e7dbaa85 100644 --- a/tests/data/test1434 +++ b/tests/data/test1434 @@ -76,13 +76,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -C 100 # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Range: bytes=100- -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Range: bytes=100- +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1435 b/tests/data/test1435 index 321ea4c022..01726bad2f 100644 --- a/tests/data/test1435 +++ b/tests/data/test1435 @@ -33,12 +33,12 @@ simple HTTP GET over Unix socket - -GET /%TESTNUMBER HTTP/1.1 -Host: server-interpreted.example.com -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: server-interpreted.example.com +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1436 b/tests/data/test1436 index f82384e58d..dbb00f5ee0 100644 --- a/tests/data/test1436 +++ b/tests/data/test1436 @@ -47,22 +47,22 @@ HTTP requests with multiple connections over Unix socket - -GET /%TESTNUMBER0001 HTTP/1.1 -Host: one.example.com -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0002 HTTP/1.1 -Host: two.example.com -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0003 HTTP/1.1 -Host: one.example.com -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER0001 HTTP/1.1 +Host: one.example.com +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0002 HTTP/1.1 +Host: two.example.com +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0003 HTTP/1.1 +Host: one.example.com +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 200 OK diff --git a/tests/data/test1437 b/tests/data/test1437 index ad8fa080e1..9d11839087 100644 --- a/tests/data/test1437 +++ b/tests/data/test1437 @@ -66,18 +66,18 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --digest # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/%TESTNUMBER", response="4376eb639bf8e7343a6e7b56e1b89c4f", algorithm=MD5 -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/%TESTNUMBER", response="4376eb639bf8e7343a6e7b56e1b89c4f", algorithm=MD5 +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1438 b/tests/data/test1438 index cbf19550d0..d099d91824 100644 --- a/tests/data/test1438 +++ b/tests/data/test1438 @@ -46,12 +46,12 @@ Content-Type: text/plain testdata http - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1439 b/tests/data/test1439 index 9a9196e4b6..17776a452b 100644 --- a/tests/data/test1439 +++ b/tests/data/test1439 @@ -45,12 +45,12 @@ Content-Type: text/plain testdata 1.1 - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test144 b/tests/data/test144 index be2ca5c8c5..644cddda8b 100644 --- a/tests/data/test144 +++ b/tests/data/test144 @@ -36,14 +36,14 @@ ftp://%HOSTIP:%FTPPORT/ -P - -l ^PORT \d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3} ^EPRT \|1\|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\|\d{1,5}\| - -USER anonymous -PASS ftp@example.com -PWD -PORT 127,0,0,1,243,212 -TYPE A -NLST -QUIT + +USER anonymous +PASS ftp@example.com +PWD +PORT 127,0,0,1,243,212 +TYPE A +NLST +QUIT diff --git a/tests/data/test1443 b/tests/data/test1443 index c42480ae87..125627043d 100644 --- a/tests/data/test1443 +++ b/tests/data/test1443 @@ -41,12 +41,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -O --remote-time --output-dir %LOGDIR # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + 12345 diff --git a/tests/data/test1444 b/tests/data/test1444 index 2f4c8d0687..bbe80e1297 100644 --- a/tests/data/test1444 +++ b/tests/data/test1444 @@ -32,16 +32,16 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER --remote-time # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -MDTM %TESTNUMBER -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +MDTM %TESTNUMBER +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT # Verify the mtime of the file. The mtime is specifically chosen to be an even # number so that it can be represented exactly on a FAT file system. diff --git a/tests/data/test1448 b/tests/data/test1448 index f7ff09f952..dfc761ee84 100644 --- a/tests/data/test1448 +++ b/tests/data/test1448 @@ -57,17 +57,17 @@ http://%hex[%c3%a5%c3%a4%c3%b6]hex%.se:%HTTPPORT/%TESTNUMBER --resolve xn--4cab6 # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: xn--4cab6c.se:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0001 HTTP/1.1 -Host: xn--4cab6c.se:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: xn--4cab6c.se:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0001 HTTP/1.1 +Host: xn--4cab6c.se:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1449 b/tests/data/test1449 index 0b9de0192c..a65c705811 100644 --- a/tests/data/test1449 +++ b/tests/data/test1449 @@ -27,12 +27,12 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER -r 36893488147419103232- # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +QUIT diff --git a/tests/data/test145 b/tests/data/test145 index 53f3f631d7..388c854f4b 100644 --- a/tests/data/test145 +++ b/tests/data/test145 @@ -38,14 +38,14 @@ ftp://%HOSTIP:%FTPPORT/ -P - -l ^PORT \d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3} ^EPRT \|1\|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\|\d{1,5}\| - -USER anonymous -PASS ftp@example.com -PWD -PORT 127,0,0,1,243,212 -TYPE A -NLST -QUIT + +USER anonymous +PASS ftp@example.com +PWD +PORT 127,0,0,1,243,212 +TYPE A +NLST +QUIT diff --git a/tests/data/test1455 b/tests/data/test1455 index 23b76ff78a..5fa09e1c27 100644 --- a/tests/data/test1455 +++ b/tests/data/test1455 @@ -50,14 +50,14 @@ proxy s/^PROXY TCP4 %CLIENTIP %HOSTIP (\d*) %HTTPPORT/proxy-line/ - -proxy-line -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Testno: %TESTNUMBER - + +proxy-line +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Testno: %TESTNUMBER + diff --git a/tests/data/test1456 b/tests/data/test1456 index d846b41ebc..6f1b0260d5 100644 --- a/tests/data/test1456 +++ b/tests/data/test1456 @@ -55,13 +55,13 @@ proxy s/PROXY TCP6 ::1 ::1 (\d+) (\d+)/PROXY TCP6 ::1 ::1 $2/ - -PROXY TCP6 ::1 ::1 %HTTP6PORT -GET /%TESTNUMBER HTTP/1.1 -Host: %HOST6IP:%HTTP6PORT -User-Agent: curl/%VERSION -Accept: */* - + +PROXY TCP6 ::1 ::1 %HTTP6PORT +GET /%TESTNUMBER HTTP/1.1 +Host: %HOST6IP:%HTTP6PORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1457 b/tests/data/test1457 index 235b8404ab..c25133a964 100644 --- a/tests/data/test1457 +++ b/tests/data/test1457 @@ -49,12 +49,12 @@ line1line3 line2 - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1458 b/tests/data/test1458 index 785ceae16f..45ff971b0a 100644 --- a/tests/data/test1458 +++ b/tests/data/test1458 @@ -43,12 +43,12 @@ HTTP with wildcard --resolve # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: example.com:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: example.com:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test146 b/tests/data/test146 index 803fbfc4d7..af72284da9 100644 --- a/tests/data/test146 +++ b/tests/data/test146 @@ -34,22 +34,22 @@ ftp://%HOSTIP:%FTPPORT/first/dir/here/%TESTNUMBER ftp://%HOSTIP:%FTPPORT/%TESTNU ^PORT \d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3} ^EPRT \|1\|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\|\d{1,5}\| - -USER anonymous -PASS ftp@example.com -PWD -CWD first -CWD dir -CWD here -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -CWD / -EPSV -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD first +CWD dir +CWD here +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +CWD / +EPSV +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1465 b/tests/data/test1465 index b521d2f31f..bef59be3c0 100644 --- a/tests/data/test1465 +++ b/tests/data/test1465 @@ -45,14 +45,14 @@ http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER --libcurl %LOGDIR/test%TESTNUMBER.c # Verify data after the test has been "shot" - -POST /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 24 -Content-Type: application/x-www-form-urlencoded - + +POST /we/want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 24 +Content-Type: application/x-www-form-urlencoded + %hex[ab%81cd%00e\"?%0D%0A%09%01fghi%1Ajklm%FD]hex% diff --git a/tests/data/test1466 b/tests/data/test1466 index 315974ad41..dda651ff46 100644 --- a/tests/data/test1466 +++ b/tests/data/test1466 @@ -34,12 +34,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1467 b/tests/data/test1467 index 568670a71a..cf77bcbb4e 100644 --- a/tests/data/test1467 +++ b/tests/data/test1467 @@ -49,12 +49,12 @@ HTTP GET via SOCKS5 proxy via Unix sockets # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1468 b/tests/data/test1468 index 9836434d4a..a39e1e64a6 100644 --- a/tests/data/test1468 +++ b/tests/data/test1468 @@ -50,12 +50,12 @@ http://this.is.a.host.name:%HTTPPORT/%TESTNUMBER --proxy socks5h://localhost%SOC # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: this.is.a.host.name:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: this.is.a.host.name:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + atyp 3 => this.is.a.host.name diff --git a/tests/data/test147 b/tests/data/test147 index 769043d489..9b17219f5e 100644 --- a/tests/data/test147 +++ b/tests/data/test147 @@ -36,20 +36,20 @@ ftp://%HOSTIP:%FTPPORT/first/dir/here/%TESTNUMBER --ftp-create-dirs ^PORT \d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3} ^EPRT \|1\|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\|\d{1,5}\| - -USER anonymous -PASS ftp@example.com -PWD -CWD first -MKD first -CWD first -CWD dir -CWD here -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD first +MKD first +CWD first +CWD dir +CWD here +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1470 b/tests/data/test1470 index 5c3d743434..54adeb6138 100644 --- a/tests/data/test1470 +++ b/tests/data/test1470 @@ -51,12 +51,12 @@ https://this.is.a.host.name:%HTTPSPORT/%TESTNUMBER --insecure --proxy socks5h:// # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: this.is.a.host.name:%HTTPSPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: this.is.a.host.name:%HTTPSPORT +User-Agent: curl/%VERSION +Accept: */* + atyp 3 => this.is.a.host.name diff --git a/tests/data/test1473 b/tests/data/test1473 index 4c0190cea0..1e21534c29 100644 --- a/tests/data/test1473 +++ b/tests/data/test1473 @@ -39,12 +39,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1475 b/tests/data/test1475 index f88ef74ee2..2b483cb0ae 100644 --- a/tests/data/test1475 +++ b/tests/data/test1475 @@ -71,13 +71,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -C - -f # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Range: bytes=100- -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Range: bytes=100- +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1479 b/tests/data/test1479 index 3677b67380..68dc2b758c 100644 --- a/tests/data/test1479 +++ b/tests/data/test1479 @@ -41,17 +41,17 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER http://%HOSTIP:%HTTPPORT/%TESTNUMBER0002 # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # weird_server_reply diff --git a/tests/data/test148 b/tests/data/test148 index 051d31a9de..7ff578336f 100644 --- a/tests/data/test148 +++ b/tests/data/test148 @@ -36,14 +36,14 @@ ftp://%HOSTIP:%FTPPORT/attempt/to/get/this/%TESTNUMBER --ftp-create-dirs 9 - -USER anonymous -PASS ftp@example.com -PWD -CWD attempt -MKD attempt -CWD attempt -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD attempt +MKD attempt +CWD attempt +QUIT diff --git a/tests/data/test1480 b/tests/data/test1480 index 0f51f12b64..6eea750483 100644 --- a/tests/data/test1480 +++ b/tests/data/test1480 @@ -37,12 +37,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # weird_server_reply diff --git a/tests/data/test1481 b/tests/data/test1481 index 87aada2873..8f63141b87 100644 --- a/tests/data/test1481 +++ b/tests/data/test1481 @@ -42,13 +42,13 @@ http://moo/ --libcurl %LOGDIR/test%TESTNUMBER.c --tls-max 1.3 --proxy-tlsv1 -x h # Verify data after the test has been "shot" - -GET http://moo/ HTTP/1.1 -Host: moo -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://moo/ HTTP/1.1 +Host: moo +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + s/(USERAGENT, \")[^\"]+/${1}stripped/ diff --git a/tests/data/test1482 b/tests/data/test1482 index 2a322f6a86..30353e2909 100644 --- a/tests/data/test1482 +++ b/tests/data/test1482 @@ -60,12 +60,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -D %LOGDIR/heads%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 200 funky chunky! diff --git a/tests/data/test1483 b/tests/data/test1483 index 60ff2104b2..88827a2cc8 100644 --- a/tests/data/test1483 +++ b/tests/data/test1483 @@ -62,12 +62,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -D %LOGDIR/heads%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 200 funky chunky! diff --git a/tests/data/test1484 b/tests/data/test1484 index 52de029a08..7cdce889dd 100644 --- a/tests/data/test1484 +++ b/tests/data/test1484 @@ -42,12 +42,12 @@ HTTP HEAD with response body to ignore # # Verify data after the test has been "shot" - -HEAD /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +HEAD /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1485 b/tests/data/test1485 index d89362f465..d36705bbf1 100644 --- a/tests/data/test1485 +++ b/tests/data/test1485 @@ -41,11 +41,11 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + diff --git a/tests/data/test1487 b/tests/data/test1487 index a3eac5dbad..3a0c8e8356 100644 --- a/tests/data/test1487 +++ b/tests/data/test1487 @@ -39,12 +39,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -J -O --output-dir %LOGDIR # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + 12345 diff --git a/tests/data/test149 b/tests/data/test149 index 404922b296..dfb16cfd85 100644 --- a/tests/data/test149 +++ b/tests/data/test149 @@ -32,19 +32,19 @@ send away this contents ^PORT \d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3} ^EPRT \|1\|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\|\d{1,5}\| - -USER anonymous -PASS ftp@example.com -PWD -CWD dir1 -EPSV -TYPE I -STOR %TESTNUMBER -CWD / -CWD dir2 -EPSV -STOR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD dir1 +EPSV +TYPE I +STOR %TESTNUMBER +CWD / +CWD dir2 +EPSV +STOR %TESTNUMBER +QUIT send away this contents diff --git a/tests/data/test1492 b/tests/data/test1492 index 2e7e1f32ae..b2ef8f50d5 100644 --- a/tests/data/test1492 +++ b/tests/data/test1492 @@ -40,12 +40,12 @@ http://%HOSTIP:%HTTPPORT/junk%TESTNUMBER -J -O --show-headers --output-dir %LOGD # # Verify data after the test has been "shot" - -GET /junk%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /junk%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 200 OK diff --git a/tests/data/test1493 b/tests/data/test1493 index f1d1fba5eb..9179737811 100644 --- a/tests/data/test1493 +++ b/tests/data/test1493 @@ -57,12 +57,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -D %LOGDIR/heads%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 200 funky chunky! diff --git a/tests/data/test1494 b/tests/data/test1494 index 5546831c09..67b8dc3322 100644 --- a/tests/data/test1494 +++ b/tests/data/test1494 @@ -38,12 +38,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -D %LOGDIR/heads%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1495 b/tests/data/test1495 index 2c0f33f8df..de725b7b4e 100644 --- a/tests/data/test1495 +++ b/tests/data/test1495 @@ -38,12 +38,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -D %LOGDIR/heads%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + 61 diff --git a/tests/data/test1496 b/tests/data/test1496 index dda32606f3..d669dedaa9 100644 --- a/tests/data/test1496 +++ b/tests/data/test1496 @@ -38,12 +38,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -D %LOGDIR/heads%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + 61 diff --git a/tests/data/test1497 b/tests/data/test1497 index 94b19a2514..6e8caef8d6 100644 --- a/tests/data/test1497 +++ b/tests/data/test1497 @@ -44,17 +44,17 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --retry 3 -o /dev/null # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1499 b/tests/data/test1499 index 9d79e1a38c..cb432f7c53 100644 --- a/tests/data/test1499 +++ b/tests/data/test1499 @@ -59,17 +59,17 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER http://%HOSTIP:%HTTPPORT/%TESTNUMBER -D %LO # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test15 b/tests/data/test15 index ba24d2e0b2..ec065e38fa 100644 --- a/tests/data/test15 +++ b/tests/data/test15 @@ -44,12 +44,12 @@ Content-Length: 26 Repeated nonsense-headers http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER 200 26 - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test150 b/tests/data/test150 index fb906bf4bc..a06c6421da 100644 --- a/tests/data/test150 +++ b/tests/data/test150 @@ -74,19 +74,19 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --ntlm --fail # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1501 b/tests/data/test1501 index 195c17998c..3382b87a85 100644 --- a/tests/data/test1501 +++ b/tests/data/test1501 @@ -42,15 +42,15 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER/ 0 - -USER anonymous -PASS ftp@example.com -PWD -CWD %TESTNUMBER -EPSV -TYPE A -LIST -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD %TESTNUMBER +EPSV +TYPE A +LIST +QUIT diff --git a/tests/data/test1502 b/tests/data/test1502 index e2639f404a..c4c378c59e 100644 --- a/tests/data/test1502 +++ b/tests/data/test1502 @@ -45,11 +45,11 @@ http://google.com:%HTTPPORT/%TESTNUMBER %HTTPPORT %HOSTIP # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: google.com:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: google.com:%HTTPPORT +Accept: */* + diff --git a/tests/data/test1503 b/tests/data/test1503 index c387b8d3c5..fe5783e311 100644 --- a/tests/data/test1503 +++ b/tests/data/test1503 @@ -45,11 +45,11 @@ http://google.com:%HTTPPORT/%TESTNUMBER %HTTPPORT %HOSTIP # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: google.com:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: google.com:%HTTPPORT +Accept: */* + diff --git a/tests/data/test1504 b/tests/data/test1504 index 916a40ba8c..3a9de6804e 100644 --- a/tests/data/test1504 +++ b/tests/data/test1504 @@ -45,11 +45,11 @@ http://google.com:%HTTPPORT/%TESTNUMBER %HTTPPORT %HOSTIP # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: google.com:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: google.com:%HTTPPORT +Accept: */* + diff --git a/tests/data/test1505 b/tests/data/test1505 index 61e634641a..500abdf127 100644 --- a/tests/data/test1505 +++ b/tests/data/test1505 @@ -45,11 +45,11 @@ http://google.com:%HTTPPORT/%TESTNUMBER %HTTPPORT %HOSTIP # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: google.com:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: google.com:%HTTPPORT +Accept: */* + diff --git a/tests/data/test1506 b/tests/data/test1506 index af581ae6bf..b08d1aeadf 100644 --- a/tests/data/test1506 +++ b/tests/data/test1506 @@ -9,36 +9,36 @@ verbose logs # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 47 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 47 + file contents should appear once for each file - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 47 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 47 + file contents should appear once for each file - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 47 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 47 + file contents should appear once for each file - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 47 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 47 + file contents should appear once for each file @@ -64,23 +64,23 @@ HTTP GET connection cache limit (CURLMOPT_MAXCONNECTS) # Verify data after the test has been "shot" - -GET /path/%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /path/%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /path/%TESTNUMBER0003 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /path/%TESTNUMBER0004 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /path/%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /path/%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /path/%TESTNUMBER0003 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /path/%TESTNUMBER0004 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + ^Host:.* diff --git a/tests/data/test1507 b/tests/data/test1507 index e1eb12bc36..afc8712056 100644 --- a/tests/data/test1507 +++ b/tests/data/test1507 @@ -39,11 +39,11 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -MAIL FROM:<%TESTNUMBER-realuser@example.com> -RCPT TO:<%TESTNUMBER-recipient@example.com> -DATA + +EHLO %TESTNUMBER +MAIL FROM:<%TESTNUMBER-realuser@example.com> +RCPT TO:<%TESTNUMBER-recipient@example.com> +DATA diff --git a/tests/data/test151 b/tests/data/test151 index 98035f8b47..f50672cf19 100644 --- a/tests/data/test151 +++ b/tests/data/test151 @@ -34,12 +34,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1510 b/tests/data/test1510 index 4a80b7a1d2..447f6d00d8 100644 --- a/tests/data/test1510 +++ b/tests/data/test1510 @@ -61,23 +61,23 @@ HTTP GET connection cache limit (CURLOPT_MAXCONNECTS) # Verify data after the test has been "shot" - -GET /path/%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /path/%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /path/%TESTNUMBER0003 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /path/%TESTNUMBER0004 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /path/%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /path/%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /path/%TESTNUMBER0003 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /path/%TESTNUMBER0004 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + ^Host:.* diff --git a/tests/data/test1512 b/tests/data/test1512 index a0e321432b..ff21e11aba 100644 --- a/tests/data/test1512 +++ b/tests/data/test1512 @@ -60,15 +60,15 @@ GLOBAL CACHE test over two easy performs # Verify data after the test has been "shot" - -GET /path/%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /path/%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /path/%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /path/%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + ^Host:.* diff --git a/tests/data/test1513 b/tests/data/test1513 index 90c32229f7..6957761af9 100644 --- a/tests/data/test1513 +++ b/tests/data/test1513 @@ -37,8 +37,6 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - - # 42 == CURLE_ABORTED_BY_CALLBACK 42 diff --git a/tests/data/test1514 b/tests/data/test1514 index b34406e072..571ee6daa6 100644 --- a/tests/data/test1514 +++ b/tests/data/test1514 @@ -39,26 +39,26 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Content-Length header is not present # Transfer-Encoding header is added automatically - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Transfer-Encoding: chunked -Content-Type: application/x-www-form-urlencoded -Expect: 100-continue - -1 -d -1 -u -1 -m -1 -m -1 -y -0 - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Transfer-Encoding: chunked +Content-Type: application/x-www-form-urlencoded +Expect: 100-continue + +1 +d +1 +u +1 +m +1 +m +1 +y +0 + diff --git a/tests/data/test1517 b/tests/data/test1517 index 18d1fcaf2f..d2c477593c 100644 --- a/tests/data/test1517 +++ b/tests/data/test1517 @@ -62,13 +62,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER s/^(this is what we post to the silly web server)(\r)?\n// - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Length: 45 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Length: 45 +Content-Type: application/x-www-form-urlencoded + 0 diff --git a/tests/data/test1518 b/tests/data/test1518 index ea5304d1b6..09a7efb014 100644 --- a/tests/data/test1518 +++ b/tests/data/test1518 @@ -46,8 +46,6 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER - - res 0 status 302 diff --git a/tests/data/test1519 b/tests/data/test1519 index f57f68544a..d284bd9660 100644 --- a/tests/data/test1519 +++ b/tests/data/test1519 @@ -46,8 +46,6 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER - - res 0 status 302 diff --git a/tests/data/test152 b/tests/data/test152 index 31c2360192..aa5cf971de 100644 --- a/tests/data/test152 +++ b/tests/data/test152 @@ -35,12 +35,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --fail # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + 22 diff --git a/tests/data/test1520 b/tests/data/test1520 index c360cabc75..eb398f414a 100644 --- a/tests/data/test1520 +++ b/tests/data/test1520 @@ -39,25 +39,25 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +DATA +QUIT - -From: different -To: another - - -.. -.. - -.. - -body -. + +From: different +To: another + + +.. +.. + +.. + +body +. diff --git a/tests/data/test153 b/tests/data/test153 index a38cce6fa9..44c06ca5b5 100644 --- a/tests/data/test153 +++ b/tests/data/test153 @@ -91,35 +91,35 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER0001 -u testuser:testpass --digest http://%H ^Authorization.*cnonce - -GET /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/%TESTNUMBER0001", response="f4f83139396995bac665f24a1f1055c7" -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/%TESTNUMBER0002", response="f84511b014fdd0ba6494f42871079c32" -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="999999", uri="/%TESTNUMBER0002", cnonce="MTA4MzIr", nc="00000001", qop="auth", response="25291c357671604a16c0242f56721c07", algorithm=MD5 -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/%TESTNUMBER0001", response="f4f83139396995bac665f24a1f1055c7" +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/%TESTNUMBER0002", response="f84511b014fdd0ba6494f42871079c32" +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="999999", uri="/%TESTNUMBER0002", cnonce="MTA4MzIr", nc="00000001", qop="auth", response="25291c357671604a16c0242f56721c07", algorithm=MD5 +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 401 Authorization Required swsclose diff --git a/tests/data/test1531 b/tests/data/test1531 index f80056ab06..865aeda1f8 100644 --- a/tests/data/test1531 +++ b/tests/data/test1531 @@ -25,13 +25,13 @@ CURLOPT_POSTFIELDS with binary data set after multi_add_handle # it should be detected and an error should be reported - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Length: 8 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Length: 8 +Content-Type: application/x-www-form-urlencoded + %hex[%2eabc%00xyz]hex% diff --git a/tests/data/test1532 b/tests/data/test1532 index 582f05a5bc..fddfe5675d 100644 --- a/tests/data/test1532 +++ b/tests/data/test1532 @@ -36,11 +36,11 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + 0 diff --git a/tests/data/test1533 b/tests/data/test1533 index a957bebbc7..e0d85669ef 100644 --- a/tests/data/test1533 +++ b/tests/data/test1533 @@ -43,31 +43,31 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER 41 - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Length: 3 -Content-Type: application/x-www-form-urlencoded - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Length: 3 -Content-Type: application/x-www-form-urlencoded - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Length: 3 -Content-Type: application/x-www-form-urlencoded - -aaaPOST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Length: 3 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Length: 3 +Content-Type: application/x-www-form-urlencoded + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Length: 3 +Content-Type: application/x-www-form-urlencoded + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Length: 3 +Content-Type: application/x-www-form-urlencoded + +aaaPOST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Length: 3 +Content-Type: application/x-www-form-urlencoded + aaa diff --git a/tests/data/test1534 b/tests/data/test1534 index 0f98ad6043..d35b5cb1c5 100644 --- a/tests/data/test1534 +++ b/tests/data/test1534 @@ -38,11 +38,11 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + 0 diff --git a/tests/data/test1535 b/tests/data/test1535 index 477f3fac28..dac9b2c85c 100644 --- a/tests/data/test1535 +++ b/tests/data/test1535 @@ -37,11 +37,11 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + 0 diff --git a/tests/data/test1536 b/tests/data/test1536 index ea7ce3966a..111e07766f 100644 --- a/tests/data/test1536 +++ b/tests/data/test1536 @@ -37,11 +37,11 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + 0 diff --git a/tests/data/test1540 b/tests/data/test1540 index dc1aa7011e..c3d918b4da 100644 --- a/tests/data/test1540 +++ b/tests/data/test1540 @@ -57,11 +57,11 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + diff --git a/tests/data/test1541 b/tests/data/test1541 index 9b29f43534..9b7a479d5b 100644 --- a/tests/data/test1541 +++ b/tests/data/test1541 @@ -64,11 +64,11 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + diff --git a/tests/data/test1542 b/tests/data/test1542 index e9061a8f2b..cdde885ce7 100644 --- a/tests/data/test1542 +++ b/tests/data/test1542 @@ -39,23 +39,23 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + == Info: Connection #0 to host %HOSTIP:%HTTPPORT left intact diff --git a/tests/data/test1543 b/tests/data/test1543 index 3aefe57ef1..798b273e32 100644 --- a/tests/data/test1543 +++ b/tests/data/test1543 @@ -52,15 +52,15 @@ CURLOPT_CURLU, URL with space and CURLINFO_EFFECTIVE_URL # # Verify data after the test has been "shot" - -GET /%20/with/%20space/%20/file HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /%20/with/%20space/%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%20/with/%20space/%20/file HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /%20/with/%20space/%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + res 0 diff --git a/tests/data/test1546 b/tests/data/test1546 index b83b7ee95f..facd309475 100644 --- a/tests/data/test1546 +++ b/tests/data/test1546 @@ -47,14 +47,14 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --tr-encoding # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -TE: gzip -Connection: TE - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +TE: gzip +Connection: TE + 61 diff --git a/tests/data/test1547 b/tests/data/test1547 index 067b3568ed..7e1625aa4b 100644 --- a/tests/data/test1547 +++ b/tests/data/test1547 @@ -42,15 +42,15 @@ ftp://%HOSTIP:%FTPPORT/test-%TESTNUMBER/ -P %CLIENTIP --ftp-pasv # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD test-%TESTNUMBER -EPSV -TYPE A -LIST -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD test-%TESTNUMBER +EPSV +TYPE A +LIST +QUIT diff --git a/tests/data/test1551 b/tests/data/test1551 index 8af8d6641e..78999e8833 100644 --- a/tests/data/test1551 +++ b/tests/data/test1551 @@ -47,23 +47,23 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + diff --git a/tests/data/test1552 b/tests/data/test1552 index fd35ca1f61..6e89c9c1e8 100644 --- a/tests/data/test1552 +++ b/tests/data/test1552 @@ -46,7 +46,5 @@ lib%TESTNUMBER # # Verify data after the test has been "shot" - - diff --git a/tests/data/test1553 b/tests/data/test1553 index 0c01ab3e69..1086330737 100644 --- a/tests/data/test1553 +++ b/tests/data/test1553 @@ -51,7 +51,5 @@ imap://non-existing-host.haxx.se:%IMAPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - - diff --git a/tests/data/test1555 b/tests/data/test1555 index e3c7e55c69..b224f7c0ed 100644 --- a/tests/data/test1555 +++ b/tests/data/test1555 @@ -37,8 +37,6 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - - # 42 == CURLE_ABORTED_BY_CALLBACK 42 diff --git a/tests/data/test1556 b/tests/data/test1556 index 80254da2d4..49ca0d90ad 100644 --- a/tests/data/test1556 +++ b/tests/data/test1556 @@ -46,11 +46,11 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + -foo- diff --git a/tests/data/test1561 b/tests/data/test1561 index 1341d12130..aea133c628 100644 --- a/tests/data/test1561 +++ b/tests/data/test1561 @@ -76,17 +76,17 @@ Cookies set over HTTP can't override secure ones - -GET /%TESTNUMBER0001 HTTP/1.1 -Host: www.example.com -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0002 HTTP/1.1 -Host: www.example.com -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER0001 HTTP/1.1 +Host: www.example.com +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0002 HTTP/1.1 +Host: www.example.com +User-Agent: curl/%VERSION +Accept: */* + # Netscape HTTP Cookie File diff --git a/tests/data/test1562 b/tests/data/test1562 index 88e442f7b2..cfcc430985 100644 --- a/tests/data/test1562 +++ b/tests/data/test1562 @@ -48,23 +48,23 @@ Expire secure cookies over HTTPS - -GET /%TESTNUMBER0001 HTTP/1.1 -Host: www.example.com -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0002 HTTP/1.1 -Host: www.example.com -User-Agent: curl/%VERSION -Accept: */* -Cookie: foo=123 - -GET /%TESTNUMBER0001 HTTP/1.1 -Host: www.example.com -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER0001 HTTP/1.1 +Host: www.example.com +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0002 HTTP/1.1 +Host: www.example.com +User-Agent: curl/%VERSION +Accept: */* +Cookie: foo=123 + +GET /%TESTNUMBER0001 HTTP/1.1 +Host: www.example.com +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1563 b/tests/data/test1563 index 6bf3ad905b..ab089213f3 100644 --- a/tests/data/test1563 +++ b/tests/data/test1563 @@ -36,12 +36,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER0001 -L -H "Host: www.example.com" 1 - -GET /%TESTNUMBER0001 HTTP/1.1 -Host: www.example.com -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER0001 HTTP/1.1 +Host: www.example.com +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1566 b/tests/data/test1566 index be047dcebb..b348352ebb 100644 --- a/tests/data/test1566 +++ b/tests/data/test1566 @@ -46,13 +46,13 @@ downloaded already # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -If-None-Match: "123456" - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +If-None-Match: "123456" + # verify that the target file is untouched diff --git a/tests/data/test1567 b/tests/data/test1567 index 68b1fe2110..486d3eb9fb 100644 --- a/tests/data/test1567 +++ b/tests/data/test1567 @@ -48,23 +48,23 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + diff --git a/tests/data/test1568 b/tests/data/test1568 index 899d9b59f1..896077517a 100644 --- a/tests/data/test1568 +++ b/tests/data/test1568 @@ -71,18 +71,18 @@ http://%HOSTIP/%TESTNUMBER %HTTPPORT # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: lib%TESTNUMBER -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/%TESTNUMBER", response="9cbbd857a37e45f2bcad5c7d088191df" -User-Agent: lib%TESTNUMBER -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: lib%TESTNUMBER +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/%TESTNUMBER", response="9cbbd857a37e45f2bcad5c7d088191df" +User-Agent: lib%TESTNUMBER +Accept: */* + diff --git a/tests/data/test1569 b/tests/data/test1569 index 159a813919..b5d16e0622 100644 --- a/tests/data/test1569 +++ b/tests/data/test1569 @@ -40,19 +40,19 @@ lib%TESTNUMBER # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -PASV -TYPE A -RETR %TESTNUMBER -PASV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +PASV +TYPE A +RETR %TESTNUMBER +PASV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test157 b/tests/data/test157 index 5ab45ec05b..a29112175a 100644 --- a/tests/data/test157 +++ b/tests/data/test157 @@ -34,12 +34,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --anyauth # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1570 b/tests/data/test1570 index 713ab5ea77..57dc6b077e 100644 --- a/tests/data/test1570 +++ b/tests/data/test1570 @@ -40,19 +40,19 @@ lib1569 # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -PASV -TYPE A -NLST -PASV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +PASV +TYPE A +NLST +PASV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1571 b/tests/data/test1571 index e75423a73c..440711b39e 100644 --- a/tests/data/test1571 +++ b/tests/data/test1571 @@ -78,7 +78,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER ^User-Agent:.* - + IGLOO /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test1572 b/tests/data/test1572 index 4c2329506e..968f76a9b8 100644 --- a/tests/data/test1572 +++ b/tests/data/test1572 @@ -78,7 +78,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER ^User-Agent:.* - + IGLOO /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test1575 b/tests/data/test1575 index 1d1e4b7ed3..5e44ca5ad4 100644 --- a/tests/data/test1575 +++ b/tests/data/test1575 @@ -78,7 +78,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER ^User-Agent:.* - + IGLOO /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test1576 b/tests/data/test1576 index 3b243bc632..459218fecc 100644 --- a/tests/data/test1576 +++ b/tests/data/test1576 @@ -78,7 +78,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER ^User-Agent:.* - + CURL /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test1577 b/tests/data/test1577 index d5ff6a725d..e26d1c44ee 100644 --- a/tests/data/test1577 +++ b/tests/data/test1577 @@ -78,7 +78,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER %TESTNUMBER ^User-Agent:.* - + CURL /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test1578 b/tests/data/test1578 index ba43782506..ede98d89cf 100644 --- a/tests/data/test1578 +++ b/tests/data/test1578 @@ -78,7 +78,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER ^User-Agent:.* - + CURL /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test158 b/tests/data/test158 index db3a49b7f5..89def179cc 100644 --- a/tests/data/test158 +++ b/tests/data/test158 @@ -37,19 +37,19 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -F name=daniel ^Content-Type: multipart/form-data.* ^-----------------------.* - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 157 -Content-Type: multipart/form-data; boundary=----------------------------4f12fcdaa3bc - -------------------------------4f12fcdaa3bc -Content-Disposition: form-data; name="name" - -daniel -------------------------------4f12fcdaa3bc-- + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 157 +Content-Type: multipart/form-data; boundary=----------------------------4f12fcdaa3bc + +------------------------------4f12fcdaa3bc +Content-Disposition: form-data; name="name" + +daniel +------------------------------4f12fcdaa3bc-- 52 diff --git a/tests/data/test1580 b/tests/data/test1580 index 629cf1ab45..70b0f512f7 100644 --- a/tests/data/test1580 +++ b/tests/data/test1580 @@ -78,7 +78,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER 1578 ^User-Agent:.* - + CURL /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test1581 b/tests/data/test1581 index 98c78b613a..c2f800c18f 100644 --- a/tests/data/test1581 +++ b/tests/data/test1581 @@ -78,7 +78,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER ^User-Agent:.* - + IGLOO /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test1582 b/tests/data/test1582 index 146863fd69..e446c7508f 100644 --- a/tests/data/test1582 +++ b/tests/data/test1582 @@ -42,11 +42,11 @@ https://%HOSTIP:%HTTPSPORT/ - -GET / HTTP/1.1 -Host: %HOSTIP:%HTTPSPORT -Accept: */* - + +GET / HTTP/1.1 +Host: %HOSTIP:%HTTPSPORT +Accept: */* + diff --git a/tests/data/test159 b/tests/data/test159 index cc183855a7..b81faa17ac 100644 --- a/tests/data/test159 +++ b/tests/data/test159 @@ -60,13 +60,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --ntlm -0 # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.0 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.0 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1591 b/tests/data/test1591 index 738696db1c..f5971e8f29 100644 --- a/tests/data/test1591 +++ b/tests/data/test1591 @@ -40,21 +40,21 @@ more than one byte # Verify data after the test has been "shot" - -PUT /bzz/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Transfer-Encoding: chunked -Trailer: my-super-awesome-trailer, my-other-awesome-trailer -Expect: 100-continue - -e -Hello Cloud! - -0 -my-super-awesome-trailer: trail1 -my-other-awesome-trailer: trail2 - + +PUT /bzz/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Transfer-Encoding: chunked +Trailer: my-super-awesome-trailer, my-other-awesome-trailer +Expect: 100-continue + +e +Hello Cloud! + +0 +my-super-awesome-trailer: trail1 +my-other-awesome-trailer: trail2 + diff --git a/tests/data/test1593 b/tests/data/test1593 index 60d9f0b87d..daf70afa4e 100644 --- a/tests/data/test1593 +++ b/tests/data/test1593 @@ -36,11 +36,11 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Note here the lack of If-Modified-Since - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + diff --git a/tests/data/test1594 b/tests/data/test1594 index a93f89d374..24128d257f 100644 --- a/tests/data/test1594 +++ b/tests/data/test1594 @@ -36,11 +36,11 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + Retry-After 22 diff --git a/tests/data/test1595 b/tests/data/test1595 index 4dade7c199..6b11a8d7b8 100644 --- a/tests/data/test1595 +++ b/tests/data/test1595 @@ -35,11 +35,11 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + Retry-After 0 diff --git a/tests/data/test1596 b/tests/data/test1596 index 2f4084a28b..376fb5ebb8 100644 --- a/tests/data/test1596 +++ b/tests/data/test1596 @@ -36,11 +36,11 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + # Retry-After time is limited to 6 hours (21600 seconds) diff --git a/tests/data/test1598 b/tests/data/test1598 index eb0ade1040..a85c124692 100644 --- a/tests/data/test1598 +++ b/tests/data/test1598 @@ -40,20 +40,20 @@ more than one byte # Verify data after the test has been "shot" - -POST /bzz/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Trailer: my-super-awesome-trailer, my-other-awesome-trailer -Transfer-Encoding: chunked -Content-Type: application/x-www-form-urlencoded - -11 -xxx=yyy&aaa=bbbbb -0 -my-super-awesome-trailer: trail1 -my-other-awesome-trailer: trail2 - + +POST /bzz/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Trailer: my-super-awesome-trailer, my-other-awesome-trailer +Transfer-Encoding: chunked +Content-Type: application/x-www-form-urlencoded + +11 +xxx=yyy&aaa=bbbbb +0 +my-super-awesome-trailer: trail1 +my-other-awesome-trailer: trail2 + diff --git a/tests/data/test16 b/tests/data/test16 index be3fc8853c..5184c202ea 100644 --- a/tests/data/test16 +++ b/tests/data/test16 @@ -40,14 +40,14 @@ proxy # Verify data after the test has been "shot" - -GET http://we.want.that.site.com/%TESTNUMBER HTTP/1.1 -Host: we.want.that.site.com -Proxy-Authorization: Basic %b64[fake@user:loooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooong]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://we.want.that.site.com/%TESTNUMBER HTTP/1.1 +Host: we.want.that.site.com +Proxy-Authorization: Basic %b64[fake@user:loooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooong]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test160 b/tests/data/test160 index e74a40b66a..957dbd7fa2 100644 --- a/tests/data/test160 +++ b/tests/data/test160 @@ -57,17 +57,17 @@ Connection: close surprise2 - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /wantmore/%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /wantmore/%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test161 b/tests/data/test161 index d8d7793761..201fe52bfa 100644 --- a/tests/data/test161 +++ b/tests/data/test161 @@ -34,14 +34,14 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER # This doesn't send QUIT because of known bug: # "7.8 Premature transfer end but healthy control channel" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER # CURLE_PARTIAL_FILE = 18 diff --git a/tests/data/test1613 b/tests/data/test1613 index 040fae3301..fce1cb370a 100644 --- a/tests/data/test1613 +++ b/tests/data/test1613 @@ -40,14 +40,14 @@ proxy - -OPTIONS * HTTP/1.1 -Host: www.example.org -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Testno: %TESTNUMBER - + +OPTIONS * HTTP/1.1 +Host: www.example.org +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Testno: %TESTNUMBER + diff --git a/tests/data/test1617 b/tests/data/test1617 index 0fe967bd27..623dd84a44 100644 --- a/tests/data/test1617 +++ b/tests/data/test1617 @@ -61,15 +61,15 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --tr-encoding -H "Connection: this" -H "Con # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -TE: gzip -Connection: this, TE -Connection: that - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +TE: gzip +Connection: this, TE +Connection: that + diff --git a/tests/data/test162 b/tests/data/test162 index ec0cd2545a..8de635b044 100644 --- a/tests/data/test162 +++ b/tests/data/test162 @@ -44,14 +44,14 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --proxy http://%HOSTIP:%HTTPPORT --proxy-us # Verify data after the test has been "shot" - -GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + 22 diff --git a/tests/data/test1631 b/tests/data/test1631 index e838700fe7..161952caad 100644 --- a/tests/data/test1631 +++ b/tests/data/test1631 @@ -73,15 +73,15 @@ User-Agent: curl Proxy-Connection: Keep-Alive - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1632 b/tests/data/test1632 index 9d877f8f87..81be080063 100644 --- a/tests/data/test1632 +++ b/tests/data/test1632 @@ -88,18 +88,18 @@ User-Agent: curl Proxy-Connection: Keep-Alive - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -EPSV -SIZE %TESTNUMBER0002 -RETR %TESTNUMBER0002 -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +EPSV +SIZE %TESTNUMBER0002 +RETR %TESTNUMBER0002 +QUIT diff --git a/tests/data/test1633 b/tests/data/test1633 index 0752575942..8934fab29d 100644 --- a/tests/data/test1633 +++ b/tests/data/test1633 @@ -69,31 +69,31 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -d moo --retry 1 -L # # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 3 -Content-Type: application/x-www-form-urlencoded - -mooGET /%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 3 -Content-Type: application/x-www-form-urlencoded - -mooGET /%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 3 +Content-Type: application/x-www-form-urlencoded + +mooGET /%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 3 +Content-Type: application/x-www-form-urlencoded + +mooGET /%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1634 b/tests/data/test1634 index ee7a50871a..50dfec7fcc 100644 --- a/tests/data/test1634 +++ b/tests/data/test1634 @@ -55,17 +55,17 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --retry 1 --fail # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1635 b/tests/data/test1635 index 751d46232c..a3a1c82e47 100644 --- a/tests/data/test1635 +++ b/tests/data/test1635 @@ -44,17 +44,17 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --retry 1 --fail-with-body # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + moo diff --git a/tests/data/test164 b/tests/data/test164 index 83f7a107a1..b68876dbde 100644 --- a/tests/data/test164 +++ b/tests/data/test164 @@ -54,13 +54,13 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -r 0-10,12-15 # Verify data after the test has been "shot" - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Range: bytes=0-10,12-15 -User-Agent: curl/%VERSION -Accept: */* - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Range: bytes=0-10,12-15 +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test165 b/tests/data/test165 index 4996a3564f..9c686b685d 100644 --- a/tests/data/test165 +++ b/tests/data/test165 @@ -46,19 +46,19 @@ http://www.%hex[%c3%a5%c3%a4%c3%b6]hex%.se/page/%TESTNUMBER -x %HOSTIP:%HTTPPORT # # Verify data after the test has been "shot" - -GET http://www.xn--4cab6c.se/page/%TESTNUMBER HTTP/1.1 -Host: www.xn--4cab6c.se -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://www.xn--groe-xna.de/page/%TESTNUMBER HTTP/1.1 -Host: www.xn--groe-xna.de -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://www.xn--4cab6c.se/page/%TESTNUMBER HTTP/1.1 +Host: www.xn--4cab6c.se +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://www.xn--groe-xna.de/page/%TESTNUMBER HTTP/1.1 +Host: www.xn--groe-xna.de +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test167 b/tests/data/test167 index 7221e3c323..cf5358bc21 100644 --- a/tests/data/test167 +++ b/tests/data/test167 @@ -58,22 +58,22 @@ http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER --proxy http://% # Verify data after the test has been "shot" - -GET http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER HTTP/1.1 -Host: data.from.server.requiring.digest.hohoho.com -Proxy-Authorization: Basic %b64[foo:bar]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER HTTP/1.1 -Host: data.from.server.requiring.digest.hohoho.com -Proxy-Authorization: Basic %b64[foo:bar]b64% -Authorization: Digest username="digest", realm="weirdorealm", nonce="12345", uri="/%TESTNUMBER", response="304c55b19dbcb9c7e7a3354abd11ba1b" -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER HTTP/1.1 +Host: data.from.server.requiring.digest.hohoho.com +Proxy-Authorization: Basic %b64[foo:bar]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER HTTP/1.1 +Host: data.from.server.requiring.digest.hohoho.com +Proxy-Authorization: Basic %b64[foo:bar]b64% +Authorization: Digest username="digest", realm="weirdorealm", nonce="12345", uri="/%TESTNUMBER", response="304c55b19dbcb9c7e7a3354abd11ba1b" +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test1670 b/tests/data/test1670 index 34d79f766f..ba46bda1bd 100644 --- a/tests/data/test1670 +++ b/tests/data/test1670 @@ -47,12 +47,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w '%header{etag} %header{nope} %header{DAT # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + "21025-dc7-39462498" Tue, 09 Nov 2010 14:49:00 GMT diff --git a/tests/data/test168 b/tests/data/test168 index db4473ce98..4a6ea11b5e 100644 --- a/tests/data/test168 +++ b/tests/data/test168 @@ -72,28 +72,28 @@ http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER --proxy http://% # Verify data after the test has been "shot" - -GET http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER HTTP/1.1 -Host: data.from.server.requiring.digest.hohoho.com -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER HTTP/1.1 -Host: data.from.server.requiring.digest.hohoho.com -Proxy-Authorization: Digest username="foo", realm="weirdorealm", nonce="12345", uri="/%TESTNUMBER", response="fb8608e00ad9239a3dedb14bc8575976" -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER HTTP/1.1 -Host: data.from.server.requiring.digest.hohoho.com -Proxy-Authorization: Digest username="foo", realm="weirdorealm", nonce="12345", uri="/%TESTNUMBER", response="fb8608e00ad9239a3dedb14bc8575976" -Authorization: Digest username="digest", realm="realmweirdo", nonce="123456", uri="/%TESTNUMBER", response="bfecb43898f3db12543650d45493313b" -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER HTTP/1.1 +Host: data.from.server.requiring.digest.hohoho.com +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER HTTP/1.1 +Host: data.from.server.requiring.digest.hohoho.com +Proxy-Authorization: Digest username="foo", realm="weirdorealm", nonce="12345", uri="/%TESTNUMBER", response="fb8608e00ad9239a3dedb14bc8575976" +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER HTTP/1.1 +Host: data.from.server.requiring.digest.hohoho.com +Proxy-Authorization: Digest username="foo", realm="weirdorealm", nonce="12345", uri="/%TESTNUMBER", response="fb8608e00ad9239a3dedb14bc8575976" +Authorization: Digest username="digest", realm="realmweirdo", nonce="123456", uri="/%TESTNUMBER", response="bfecb43898f3db12543650d45493313b" +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test169 b/tests/data/test169 index 8a2bb108a9..0b296a496e 100644 --- a/tests/data/test169 +++ b/tests/data/test169 @@ -93,28 +93,28 @@ http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER --proxy http://% # Verify data after the test has been "shot" - -GET http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER HTTP/1.1 -Host: data.from.server.requiring.digest.hohoho.com -Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER HTTP/1.1 -Host: data.from.server.requiring.digest.hohoho.com -Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER HTTP/1.1 -Host: data.from.server.requiring.digest.hohoho.com -Authorization: Digest username="digest", realm="r e a l m", nonce="abcdef", uri="/%TESTNUMBER", response="89b737a4b6eefde285c093c92e9bd6ea" -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER HTTP/1.1 +Host: data.from.server.requiring.digest.hohoho.com +Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER HTTP/1.1 +Host: data.from.server.requiring.digest.hohoho.com +Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER HTTP/1.1 +Host: data.from.server.requiring.digest.hohoho.com +Authorization: Digest username="digest", realm="r e a l m", nonce="abcdef", uri="/%TESTNUMBER", response="89b737a4b6eefde285c093c92e9bd6ea" +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test17 b/tests/data/test17 index 67d2a9fcc7..97a37d85cf 100644 --- a/tests/data/test17 +++ b/tests/data/test17 @@ -43,12 +43,12 @@ request MOOO # Verify data after the test has been "shot" - -MOOO /that.site.com/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: agent007 license to drill -Accept: */* - + +MOOO /that.site.com/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: agent007 license to drill +Accept: */* + diff --git a/tests/data/test170 b/tests/data/test170 index f8c7357e68..7bfb06fcb8 100644 --- a/tests/data/test170 +++ b/tests/data/test170 @@ -34,15 +34,15 @@ http://a.galaxy.far.far.away/%TESTNUMBER --proxy http://%HOSTIP:%HTTPPORT --prox # Verify data after the test has been "shot" - -POST http://a.galaxy.far.far.away/%TESTNUMBER HTTP/1.1 -Host: a.galaxy.far.far.away -Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 0 - + +POST http://a.galaxy.far.far.away/%TESTNUMBER HTTP/1.1 +Host: a.galaxy.far.far.away +Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Content-Length: 0 + # 52 is CURLE_GOT_NOTHING diff --git a/tests/data/test1700 b/tests/data/test1700 index be5644db5a..7ebc98790e 100644 --- a/tests/data/test1700 +++ b/tests/data/test1700 @@ -59,17 +59,17 @@ http://%HOSTIP:%HTTP2PORT/%TESTNUMBER --http2 http://%HOSTIP:%HTTP2PORT/%TESTNUM ^X-Forwarded-Proto:.* ^Via:.* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTP2PORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTP2PORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTP2PORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTP2PORT +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 101 Switching Protocols diff --git a/tests/data/test1701 b/tests/data/test1701 index 469026d79d..4af318b7ea 100644 --- a/tests/data/test1701 +++ b/tests/data/test1701 @@ -50,14 +50,14 @@ http://%HOSTIP:%HTTP2PORT/%TESTNUMBER --http2 -d "datatosend" ^X-Forwarded-Proto:.* ^Via:.* - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTP2PORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 10 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTP2PORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 10 +Content-Type: application/x-www-form-urlencoded + datatosend diff --git a/tests/data/test1702 b/tests/data/test1702 index ce4a1c04d4..6b7496c1b5 100644 --- a/tests/data/test1702 +++ b/tests/data/test1702 @@ -49,12 +49,12 @@ http://%HOSTIP:%HTTP2PORT/%TESTNUMBER --http2 --head ^X-Forwarded-Proto:.* ^Via:.* - -HEAD /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTP2PORT -User-Agent: curl/%VERSION -Accept: */* - + +HEAD /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTP2PORT +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 101 Switching Protocols diff --git a/tests/data/test1704 b/tests/data/test1704 index 324551a068..8fd7ee57b5 100644 --- a/tests/data/test1704 +++ b/tests/data/test1704 @@ -47,15 +47,15 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --http2 ^X-Forwarded-Proto:.* ^Via:.* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Upgrade: h2c -HTTP2-Settings: AAMAAABkAAQAAQAAAAIAAAAA -Connection: Upgrade, HTTP2-Settings - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Upgrade: h2c +HTTP2-Settings: AAMAAABkAAQAAQAAAAIAAAAA +Connection: Upgrade, HTTP2-Settings + # CURLE_WEIRD_SERVER_REPLY (8) diff --git a/tests/data/test171 b/tests/data/test171 index a03ec8a688..d913d1191e 100644 --- a/tests/data/test171 +++ b/tests/data/test171 @@ -41,13 +41,13 @@ proxy # Verify data after the test has been "shot" - -GET http://z.x.com/%TESTNUMBER HTTP/1.1 -Host: z.x.com -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://z.x.com/%TESTNUMBER HTTP/1.1 +Host: z.x.com +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + # Netscape HTTP Cookie File diff --git a/tests/data/test1711 b/tests/data/test1711 index 077dd74be9..72016e3557 100644 --- a/tests/data/test1711 +++ b/tests/data/test1711 @@ -40,12 +40,12 @@ RCPT TO: DATA QUIT - -From: different -To: another - -%repeat[5000 x test in body... ]% -. + +From: different +To: another + +%repeat[5000 x test in body... ]% +. diff --git a/tests/data/test172 b/tests/data/test172 index 3a9a9ed664..5bdfbebcf8 100644 --- a/tests/data/test172 +++ b/tests/data/test172 @@ -45,13 +45,13 @@ cookies # Verify data after the test has been "shot" - -GET /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Cookie: nodomain=value; partmatch=present; tool=curl; name=fool - + +GET /we/want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Cookie: nodomain=value; partmatch=present; tool=curl; name=fool + diff --git a/tests/data/test174 b/tests/data/test174 index 399164425d..f07db6ac22 100644 --- a/tests/data/test174 +++ b/tests/data/test174 @@ -35,14 +35,14 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --anyauth -d "junkelij # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 11 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 11 +Content-Type: application/x-www-form-urlencoded + junkelijunk diff --git a/tests/data/test175 b/tests/data/test175 index 2af0a9b843..1b5bb7fa9b 100644 --- a/tests/data/test175 +++ b/tests/data/test175 @@ -63,21 +63,21 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u auser:apasswd --digest -d "junkelijunk" # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 0 -Content-Type: application/x-www-form-urlencoded - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 11 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 0 +Content-Type: application/x-www-form-urlencoded + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 11 +Content-Type: application/x-www-form-urlencoded + junkelijunk diff --git a/tests/data/test176 b/tests/data/test176 index f86fa7f677..3d34b38b88 100644 --- a/tests/data/test176 +++ b/tests/data/test176 @@ -64,22 +64,22 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u auser:apasswd --ntlm -d "junkelijunk" # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 0 -Content-Type: application/x-www-form-urlencoded - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 11 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 0 +Content-Type: application/x-www-form-urlencoded + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 11 +Content-Type: application/x-www-form-urlencoded + junkelijunk diff --git a/tests/data/test177 b/tests/data/test177 index 2034876d90..27bbfd83d4 100644 --- a/tests/data/test177 +++ b/tests/data/test177 @@ -39,14 +39,14 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u auser:apasswd --digest -d "junkelijunk" # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 0 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 0 +Content-Type: application/x-www-form-urlencoded + diff --git a/tests/data/test178 b/tests/data/test178 index afff507273..60f93bf92f 100644 --- a/tests/data/test178 +++ b/tests/data/test178 @@ -41,12 +41,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # weird_server_reply diff --git a/tests/data/test179 b/tests/data/test179 index e3869b7fbf..7a91b34fc6 100644 --- a/tests/data/test179 +++ b/tests/data/test179 @@ -46,14 +46,14 @@ proxy # Verify data after the test has been "shot" - -GET http://supertrooper.fake/c/%TESTNUMBER HTTP/1.1 -Host: supertrooper.fake -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Cookie: moo2=indeed - + +GET http://supertrooper.fake/c/%TESTNUMBER HTTP/1.1 +Host: supertrooper.fake +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Cookie: moo2=indeed + diff --git a/tests/data/test1800 b/tests/data/test1800 index 222437e8e1..56a40806db 100644 --- a/tests/data/test1800 +++ b/tests/data/test1800 @@ -42,15 +42,15 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --http2 - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Upgrade: %H2CVER -HTTP2-Settings: AAMAAABkAAQAAQAAAAIAAAAA -Connection: Upgrade, HTTP2-Settings - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Upgrade: %H2CVER +HTTP2-Settings: AAMAAABkAAQAAQAAAAIAAAAA +Connection: Upgrade, HTTP2-Settings + diff --git a/tests/data/test1801 b/tests/data/test1801 index a65a2d5d45..d5499b3cb9 100644 --- a/tests/data/test1801 +++ b/tests/data/test1801 @@ -49,15 +49,15 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --http2 - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Connection: Upgrade, HTTP2-Settings -Upgrade: %H2CVER -HTTP2-Settings: AAMAAABkAARAAAAAAAIAAAAA - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Connection: Upgrade, HTTP2-Settings +Upgrade: %H2CVER +HTTP2-Settings: AAMAAABkAARAAAAAAAIAAAAA + # CURLE_HTTP2: Send failure: Broken pipe diff --git a/tests/data/test182 b/tests/data/test182 index cb1e4f0c20..90a0885455 100644 --- a/tests/data/test182 +++ b/tests/data/test182 @@ -29,15 +29,15 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test183 b/tests/data/test183 index ba0df8c2fe..f13ff2af43 100644 --- a/tests/data/test183 +++ b/tests/data/test183 @@ -37,19 +37,19 @@ proxy # Verify data after the test has been "shot" - -GET http://deathstar.another.galaxy/%TESTNUMBER HTTP/1.1 -Host: deathstar.another.galaxy -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://a.galaxy.far.far.away/%TESTNUMBER HTTP/1.1 -Host: a.galaxy.far.far.away -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://deathstar.another.galaxy/%TESTNUMBER HTTP/1.1 +Host: deathstar.another.galaxy +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://a.galaxy.far.far.away/%TESTNUMBER HTTP/1.1 +Host: a.galaxy.far.far.away +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test184 b/tests/data/test184 index 95c9e288b7..19d81cb03a 100644 --- a/tests/data/test184 +++ b/tests/data/test184 @@ -57,19 +57,19 @@ proxy # Verify data after the test has been "shot" - -GET http://deathstar.another.galaxy/%TESTNUMBER HTTP/1.1 -Host: another.visitor.stay.a.while.stay.foreeeeeever -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://yet.another.host/%TESTNUMBER HTTP/1.1 -Host: yet.another.host -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://deathstar.another.galaxy/%TESTNUMBER HTTP/1.1 +Host: another.visitor.stay.a.while.stay.foreeeeeever +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://yet.another.host/%TESTNUMBER HTTP/1.1 +Host: yet.another.host +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test185 b/tests/data/test185 index 81093d2b06..66bba00bf7 100644 --- a/tests/data/test185 +++ b/tests/data/test185 @@ -57,19 +57,19 @@ proxy # Verify data after the test has been "shot" - -GET http://deathstar.another.galaxy/%TESTNUMBER HTTP/1.1 -Host: another.visitor.stay.a.while.stay.foreeeeeever -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://deathstar.another.galaxy/go/west/%TESTNUMBER HTTP/1.1 -Host: another.visitor.stay.a.while.stay.foreeeeeever -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://deathstar.another.galaxy/%TESTNUMBER HTTP/1.1 +Host: another.visitor.stay.a.while.stay.foreeeeeever +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://deathstar.another.galaxy/go/west/%TESTNUMBER HTTP/1.1 +Host: another.visitor.stay.a.while.stay.foreeeeeever +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test186 b/tests/data/test186 index 006de79047..ea9d4d1145 100644 --- a/tests/data/test186 +++ b/tests/data/test186 @@ -41,25 +41,25 @@ http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER -F "name=daniel;type=moo/foo-.4" -F ^(Content-Type: multipart/form-data;|------------).* - -POST /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 341 -Content-Type: multipart/form-data; boundary=----------------------------212d9006ceb5 - -------------------------------212d9006ceb5 -Content-Disposition: form-data; name="name" -Content-Type: moo/foo-.4 - -daniel -------------------------------212d9006ceb5 -Content-Disposition: form-data; name="html" -Content-Type: text/html;charset=verymoo - -hello -------------------------------212d9006ceb5-- + +POST /we/want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 341 +Content-Type: multipart/form-data; boundary=----------------------------212d9006ceb5 + +------------------------------212d9006ceb5 +Content-Disposition: form-data; name="name" +Content-Type: moo/foo-.4 + +daniel +------------------------------212d9006ceb5 +Content-Disposition: form-data; name="html" +Content-Type: text/html;charset=verymoo + +hello +------------------------------212d9006ceb5-- diff --git a/tests/data/test187 b/tests/data/test187 index aff3a9d1ad..823bcdc471 100644 --- a/tests/data/test187 +++ b/tests/data/test187 @@ -60,17 +60,17 @@ http://%HOSTIP:%HTTPPORT?oh=what-weird=test/%TESTNUMBER -L # Verify data after the test has been "shot" - -GET /?oh=what-weird=test/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /root/%TESTNUMBER0002.txt?coolsite=yes HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /?oh=what-weird=test/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /root/%TESTNUMBER0002.txt?coolsite=yes HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test188 b/tests/data/test188 index 00d29990f8..43fa70e726 100644 --- a/tests/data/test188 +++ b/tests/data/test188 @@ -57,19 +57,19 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -C 50 -L # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Range: bytes=50- -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Range: bytes=50- -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Range: bytes=50- +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Range: bytes=50- +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test189 b/tests/data/test189 index f4ff1fa366..6ca4b66e17 100644 --- a/tests/data/test189 +++ b/tests/data/test189 @@ -51,19 +51,19 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -C 50 -L # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Range: bytes=50- -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Range: bytes=50- -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Range: bytes=50- +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Range: bytes=50- +User-Agent: curl/%VERSION +Accept: */* + # 33 is CURLE_RANGE_ERROR diff --git a/tests/data/test190 b/tests/data/test190 index 033152f380..2bd225ed9c 100644 --- a/tests/data/test190 +++ b/tests/data/test190 @@ -37,11 +37,11 @@ ftp://%HOSTIP:%FTPPORT/path/to/file/%TESTNUMBER -m 10 28 - -USER anonymous -PASS ftp@example.com -PWD -CWD path + +USER anonymous +PASS ftp@example.com +PWD +CWD path diff --git a/tests/data/test1904 b/tests/data/test1904 index 8f005365f6..4d359e4200 100644 --- a/tests/data/test1904 +++ b/tests/data/test1904 @@ -68,12 +68,12 @@ User-Agent: curl/%VERSION Proxy-Connection: Keep-Alive - -GET /we/want/that/page/%TESTNUMBER HTTP/1.1 -Host: test.%TESTNUMBER:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /we/want/that/page/%TESTNUMBER HTTP/1.1 +Host: test.%TESTNUMBER:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1905 b/tests/data/test1905 index a17425e42d..f335a0113b 100644 --- a/tests/data/test1905 +++ b/tests/data/test1905 @@ -42,11 +42,11 @@ cookies # Verify data after the test has been "shot" - -GET /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /we/want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + # Netscape HTTP Cookie File diff --git a/tests/data/test1906 b/tests/data/test1906 index 6769d0cdb0..5a6eb71326 100644 --- a/tests/data/test1906 +++ b/tests/data/test1906 @@ -39,11 +39,11 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + diff --git a/tests/data/test1907 b/tests/data/test1907 index 31a4cbc2d0..d92427cced 100644 --- a/tests/data/test1907 +++ b/tests/data/test1907 @@ -37,11 +37,11 @@ lib%TESTNUMBER # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + Effective URL: http://%HOSTIP:%HTTPPORT/%TESTNUMBER diff --git a/tests/data/test1908 b/tests/data/test1908 index fe0b5d626a..a49c49db22 100644 --- a/tests/data/test1908 +++ b/tests/data/test1908 @@ -57,15 +57,15 @@ lib%TESTNUMBER # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + # strip out the (dynamic) expire date from the file so that the rest diff --git a/tests/data/test1909 b/tests/data/test1909 index 2d868cc0bb..bcce977df6 100644 --- a/tests/data/test1909 +++ b/tests/data/test1909 @@ -43,17 +43,17 @@ HTTP GET --retry-all-errors to overcome partial transfer # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test191 b/tests/data/test191 index 0293693631..b1cbb266a2 100644 --- a/tests/data/test191 +++ b/tests/data/test191 @@ -27,15 +27,15 @@ FTP URL with ?-letters in username and password # Verify data after the test has been "shot" - -USER use?r -PASS pass?word -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER use?r +PASS pass?word +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1910 b/tests/data/test1910 index 2653690200..8485119e65 100644 --- a/tests/data/test1910 +++ b/tests/data/test1910 @@ -49,17 +49,17 @@ lib%TESTNUMBER # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[user%0aname:pass%0aword]b64% -Accept: */* - -GET /%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[user%0aname:pass%0aword]b64% -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[user%0aname:pass%0aword]b64% +Accept: */* + +GET /%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[user%0aname:pass%0aword]b64% +Accept: */* + diff --git a/tests/data/test1919 b/tests/data/test1919 index b5f4bb17c2..ad2f851db8 100644 --- a/tests/data/test1919 +++ b/tests/data/test1919 @@ -35,17 +35,17 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Bearer c4e448d652a961fda0ab64f882c8c161d5985f805d45d80c9ddca1 -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Bearer c4e448d652a961fda0ab64f882c8c161d5985f805d45d80c9ddca1 -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Bearer c4e448d652a961fda0ab64f882c8c161d5985f805d45d80c9ddca1 +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Bearer c4e448d652a961fda0ab64f882c8c161d5985f805d45d80c9ddca1 +Accept: */* + diff --git a/tests/data/test192 b/tests/data/test192 index 12ed68db64..76912d227a 100644 --- a/tests/data/test192 +++ b/tests/data/test192 @@ -36,12 +36,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w "%{num_connects}\n" # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test193 b/tests/data/test193 index 9e4dac0448..398127d522 100644 --- a/tests/data/test193 +++ b/tests/data/test193 @@ -48,17 +48,17 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w "%{num_connects}\n" -L # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1933 b/tests/data/test1933 index ef4013caa4..15bbb9af73 100644 --- a/tests/data/test1933 +++ b/tests/data/test1933 @@ -59,12 +59,12 @@ http://xxx:yyy@127.0.0.1:9000/%TESTNUMBER/testapi/test 127.0.0.1:9000:%HOSTIP:%H ^Content-Type:.* ^Accept:.* - -GET /%TESTNUMBER/testapi/test HTTP/1.1 -Host: 127.0.0.1:9000 -Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/0/127/xxx4_request, SignedHeaders=content-type;host;x-xxx-date, Signature=3d8e00a02e437211a596143dcd590fcc805b731365c68f7f48951ea6eda39c4f -X-Xxx-Date: 19700101T000000Z - + +GET /%TESTNUMBER/testapi/test HTTP/1.1 +Host: 127.0.0.1:9000 +Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/0/127/xxx4_request, SignedHeaders=content-type;host;x-xxx-date, Signature=3d8e00a02e437211a596143dcd590fcc805b731365c68f7f48951ea6eda39c4f +X-Xxx-Date: 19700101T000000Z + diff --git a/tests/data/test1934 b/tests/data/test1934 index 86553a4633..7aa3575e9f 100644 --- a/tests/data/test1934 +++ b/tests/data/test1934 @@ -59,12 +59,12 @@ http://127.0.0.1:9000/%TESTNUMBER/testapi/test 127.0.0.1:9000:%HOSTIP:%HTTPPORT ^Content-Type:.* ^Accept:.* - -GET /%TESTNUMBER/testapi/test HTTP/1.1 -Host: 127.0.0.1:9000 -Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/0/127/xxx4_request, SignedHeaders=content-type;host;x-yyy-date, Signature=cf8dc9a4af903a1a9bb1385d8e2366d780afb501e266436598438395e502d58c -X-Yyy-Date: 19700101T000000Z - + +GET /%TESTNUMBER/testapi/test HTTP/1.1 +Host: 127.0.0.1:9000 +Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/0/127/xxx4_request, SignedHeaders=content-type;host;x-yyy-date, Signature=cf8dc9a4af903a1a9bb1385d8e2366d780afb501e266436598438395e502d58c +X-Yyy-Date: 19700101T000000Z + diff --git a/tests/data/test1935 b/tests/data/test1935 index 26701aee8d..26c9425376 100644 --- a/tests/data/test1935 +++ b/tests/data/test1935 @@ -59,12 +59,12 @@ http://127.0.0.1:9000/%TESTNUMBER/testapi/test 127.0.0.1:9000:%HOSTIP:%HTTPPORT ^Content-Type:.* ^Accept:.* - -GET /%TESTNUMBER/testapi/test HTTP/1.1 -Host: 127.0.0.1:9000 -Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/rrr/127/xxx4_request, SignedHeaders=content-type;host;x-yyy-date, Signature=a0b11b97b54689428d4188b788ed32865d607822d85d3e91cf06141f479dac0b -X-Yyy-Date: 19700101T000000Z - + +GET /%TESTNUMBER/testapi/test HTTP/1.1 +Host: 127.0.0.1:9000 +Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/rrr/127/xxx4_request, SignedHeaders=content-type;host;x-yyy-date, Signature=a0b11b97b54689428d4188b788ed32865d607822d85d3e91cf06141f479dac0b +X-Yyy-Date: 19700101T000000Z + diff --git a/tests/data/test1936 b/tests/data/test1936 index 0d100c55e1..2628b92305 100644 --- a/tests/data/test1936 +++ b/tests/data/test1936 @@ -59,12 +59,12 @@ http://127.0.0.1:9000/%TESTNUMBER/testapi/test 127.0.0.1:9000:%HOSTIP:%HTTPPORT ^Content-Type:.* ^Accept:.* - -GET /%TESTNUMBER/testapi/test HTTP/1.1 -Host: 127.0.0.1:9000 -Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/rrr/sss/xxx4_request, SignedHeaders=content-type;host;x-yyy-date, Signature=026b713d76b0789bd224c5e41322f74eed088f8a22fd15183ca68376c575c5b0 -X-Yyy-Date: 19700101T000000Z - + +GET /%TESTNUMBER/testapi/test HTTP/1.1 +Host: 127.0.0.1:9000 +Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/rrr/sss/xxx4_request, SignedHeaders=content-type;host;x-yyy-date, Signature=026b713d76b0789bd224c5e41322f74eed088f8a22fd15183ca68376c575c5b0 +X-Yyy-Date: 19700101T000000Z + diff --git a/tests/data/test1937 b/tests/data/test1937 index b1bd518a9f..816b9c18d7 100644 --- a/tests/data/test1937 +++ b/tests/data/test1937 @@ -60,13 +60,13 @@ http://127.0.0.1:9000/%TESTNUMBER/testapi/test 127.0.0.1:9000:%HOSTIP:%HTTPPORT ^Content-Type:.* ^Accept:.* - -POST /%TESTNUMBER/testapi/test HTTP/1.1 -Host: 127.0.0.1:9000 -Authorization: PROVIDER14-HMAC-SHA256 Credential=keyId/19700101/region/service/provider14_request, SignedHeaders=content-type;host;x-provider2-date, Signature=4928ccf97a9e71fe27f91db5a3b3c943b6080d25e6f4df8593d4c38e7d1e849b -X-Provider2-Date: 19700101T000000Z -Content-Length: 8 - + +POST /%TESTNUMBER/testapi/test HTTP/1.1 +Host: 127.0.0.1:9000 +Authorization: PROVIDER14-HMAC-SHA256 Credential=keyId/19700101/region/service/provider14_request, SignedHeaders=content-type;host;x-provider2-date, Signature=4928ccf97a9e71fe27f91db5a3b3c943b6080d25e6f4df8593d4c38e7d1e849b +X-Provider2-Date: 19700101T000000Z +Content-Length: 8 + postData diff --git a/tests/data/test195 b/tests/data/test195 index be0c206d67..5662bc5597 100644 --- a/tests/data/test195 +++ b/tests/data/test195 @@ -30,9 +30,9 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER 67 - -USER anonymous -PASS ftp@example.com + +USER anonymous +PASS ftp@example.com diff --git a/tests/data/test1955 b/tests/data/test1955 index 67de2a1e8d..2266529bbe 100644 --- a/tests/data/test1955 +++ b/tests/data/test1955 @@ -59,16 +59,16 @@ http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPP ^Content-Type:.* ^Accept:.* - -GET /aws_sigv4/testapi/test HTTP/1.1 -Host: exam.ple.com:9000 -Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/ple/exam/xxx4_request, SignedHeaders=content-type;host;tesmixcase;test2;test3;test_space;x-xxx-date, Signature=dd39202e9fb7b836ebf2abb83b114cae11ff3b6a169f0c64b290a774a873db9d -X-Xxx-Date: 19700101T000000Z -test3: 1234 -test2: -test_space: t s m end -tesMixCase: MixCase - + +GET /aws_sigv4/testapi/test HTTP/1.1 +Host: exam.ple.com:9000 +Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/ple/exam/xxx4_request, SignedHeaders=content-type;host;tesmixcase;test2;test3;test_space;x-xxx-date, Signature=dd39202e9fb7b836ebf2abb83b114cae11ff3b6a169f0c64b290a774a873db9d +X-Xxx-Date: 19700101T000000Z +test3: 1234 +test2: +test_space: t s m end +tesMixCase: MixCase + diff --git a/tests/data/test1956 b/tests/data/test1956 index 84b2a81e02..a53e57c44d 100644 --- a/tests/data/test1956 +++ b/tests/data/test1956 @@ -59,13 +59,13 @@ http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPP ^Content-Type:.* ^Accept:.* - -GET /aws_sigv4/testapi/test HTTP/1.1 -Host: exam.ple.com:9000 -Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/ple/exam/xxx4_request, SignedHeaders=content-type;host;x-xxx-content-sha256;x-xxx-date, Signature=dfe78c8846a9b7d65d1eb4c1d6ea7bc886650d03f3568088cb8d5b4c3778287f -X-Xxx-Date: 19700101T000000Z -X-Xxx-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 - + +GET /aws_sigv4/testapi/test HTTP/1.1 +Host: exam.ple.com:9000 +Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/ple/exam/xxx4_request, SignedHeaders=content-type;host;x-xxx-content-sha256;x-xxx-date, Signature=dfe78c8846a9b7d65d1eb4c1d6ea7bc886650d03f3568088cb8d5b4c3778287f +X-Xxx-Date: 19700101T000000Z +X-Xxx-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 + diff --git a/tests/data/test1957 b/tests/data/test1957 index 2f538cc8e2..b30d9acdd3 100644 --- a/tests/data/test1957 +++ b/tests/data/test1957 @@ -59,13 +59,13 @@ http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPP ^Content-Type:.* ^Accept:.* - -GET /aws_sigv4/testapi/test HTTP/1.1 -Host: exam.ple.com:9000 -Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/ple/exam/xxx4_request, SignedHeaders=content-type;host;x-xxx-content-sha256;x-xxx-date, Signature=25b4cac711ea8f65010c485d3778885f5f3870d0b8ff0b3ab58a8d7eeab991ff -X-Xxx-Date: 19700101T000000Z -X-Xxx-Content-Sha256: arbitrary - + +GET /aws_sigv4/testapi/test HTTP/1.1 +Host: exam.ple.com:9000 +Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/ple/exam/xxx4_request, SignedHeaders=content-type;host;x-xxx-content-sha256;x-xxx-date, Signature=25b4cac711ea8f65010c485d3778885f5f3870d0b8ff0b3ab58a8d7eeab991ff +X-Xxx-Date: 19700101T000000Z +X-Xxx-Content-Sha256: arbitrary + diff --git a/tests/data/test1958 b/tests/data/test1958 index 27be746d37..239a11eccb 100644 --- a/tests/data/test1958 +++ b/tests/data/test1958 @@ -59,13 +59,13 @@ http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPP ^Content-Type:.* ^Accept:.* - -GET /aws_sigv4/testapi/test HTTP/1.1 -Host: exam.ple.com:9000 -Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/ple/exam/xxx4_request, SignedHeaders=content-type;host;x-xxx-content-sha256;x-xxx-date, Signature=25b4cac711ea8f65010c485d3778885f5f3870d0b8ff0b3ab58a8d7eeab991ff -X-Xxx-Date: 19700101T000000Z -X-Xxx-Content-Sha256: arbitrary - + +GET /aws_sigv4/testapi/test HTTP/1.1 +Host: exam.ple.com:9000 +Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/ple/exam/xxx4_request, SignedHeaders=content-type;host;x-xxx-content-sha256;x-xxx-date, Signature=25b4cac711ea8f65010c485d3778885f5f3870d0b8ff0b3ab58a8d7eeab991ff +X-Xxx-Date: 19700101T000000Z +X-Xxx-Content-Sha256: arbitrary + diff --git a/tests/data/test1959 b/tests/data/test1959 index c6c15cadf4..46ef85a678 100644 --- a/tests/data/test1959 +++ b/tests/data/test1959 @@ -59,13 +59,13 @@ http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPP ^Content-Type:.* ^Accept:.* - -GET /aws_sigv4/testapi/test HTTP/1.1 -Host: exam.ple.com:9000 -Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/ple/exam/xxx4_request, SignedHeaders=content-type;host;x-xxx-content-sha256;x-xxx-date, Signature=7b343a4aa55d73ffc05005d84480bc705a3367373ed8cae1a1c0fbd2b3aa0483 -X-Xxx-Date: 19700101T000000Z -X-Xxx-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 - + +GET /aws_sigv4/testapi/test HTTP/1.1 +Host: exam.ple.com:9000 +Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/ple/exam/xxx4_request, SignedHeaders=content-type;host;x-xxx-content-sha256;x-xxx-date, Signature=7b343a4aa55d73ffc05005d84480bc705a3367373ed8cae1a1c0fbd2b3aa0483 +X-Xxx-Date: 19700101T000000Z +X-Xxx-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 + diff --git a/tests/data/test196 b/tests/data/test196 index c72cbebf49..60083affe3 100644 --- a/tests/data/test196 +++ b/tests/data/test196 @@ -32,11 +32,11 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER --retry 1 -w '%{num_retries}\n' 67 - -USER anonymous -PASS ftp@example.com -USER anonymous -PASS ftp@example.com + +USER anonymous +PASS ftp@example.com +USER anonymous +PASS ftp@example.com 1 diff --git a/tests/data/test1964 b/tests/data/test1964 index cd148faf71..b005bbf932 100644 --- a/tests/data/test1964 +++ b/tests/data/test1964 @@ -58,12 +58,12 @@ http://xxx:yyy@127.0.0.1:9000/%TESTNUMBER/testapi/test 127.0.0.1:9000:%HOSTIP:%H ^Content-Type:.* ^Accept:.* - -GET /%TESTNUMBER/testapi/test HTTP/1.1 -Host: 127.0.0.1:9000 -Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/0/127/xxx4_request, SignedHeaders=content-type;host;x-xxx-date, Signature=35da102c1df68f2ef85ade08ecc212fa663a66e3a973146f6578a5c5426e9669 -X-Xxx-Date: 19700101T000000Z - + +GET /%TESTNUMBER/testapi/test HTTP/1.1 +Host: 127.0.0.1:9000 +Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/0/127/xxx4_request, SignedHeaders=content-type;host;x-xxx-date, Signature=35da102c1df68f2ef85ade08ecc212fa663a66e3a973146f6578a5c5426e9669 +X-Xxx-Date: 19700101T000000Z + diff --git a/tests/data/test197 b/tests/data/test197 index d940b0dc38..31f132f8fd 100644 --- a/tests/data/test197 +++ b/tests/data/test197 @@ -44,17 +44,17 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --retry 1000 # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1970 b/tests/data/test1970 index 106a0e3162..b3d3a36a0e 100644 --- a/tests/data/test1970 +++ b/tests/data/test1970 @@ -59,14 +59,14 @@ http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPP ^Content-Type:.* ^Accept:.* - -PUT /aws_sigv4/testapi/test HTTP/1.1 -Host: exam.ple.com:9000 -Authorization: AWS4-HMAC-SHA256 Credential=xxx/19700101/us-east-1/s3/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=a028756f42a859122e9609c1f90cae4b272d6b03bf60d9fd354138176dfa2260 -X-Amz-Date: 19700101T000000Z -x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 -Content-Length: 0 - + +PUT /aws_sigv4/testapi/test HTTP/1.1 +Host: exam.ple.com:9000 +Authorization: AWS4-HMAC-SHA256 Credential=xxx/19700101/us-east-1/s3/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=a028756f42a859122e9609c1f90cae4b272d6b03bf60d9fd354138176dfa2260 +X-Amz-Date: 19700101T000000Z +x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 +Content-Length: 0 + diff --git a/tests/data/test1971 b/tests/data/test1971 index d6f5507933..57cb834e95 100644 --- a/tests/data/test1971 +++ b/tests/data/test1971 @@ -52,17 +52,17 @@ http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPP ^Content-Type:.* ^Accept:.* - -PUT /aws_sigv4/testapi/test HTTP/1.1 -Host: exam.ple.com:9000 -Authorization: AWS4-HMAC-SHA256 Credential=xxx/19700101/us-east-1/s3/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=4a6e9b4af0542ffb83744c6852f8e1bfec14f2a67e6f6f037b39f172f79d62af -X-Amz-Date: 19700101T000000Z -x-amz-content-sha256: UNSIGNED-PAYLOAD -Transfer-Encoding: chunked -Expect: 100-continue - -0 - + +PUT /aws_sigv4/testapi/test HTTP/1.1 +Host: exam.ple.com:9000 +Authorization: AWS4-HMAC-SHA256 Credential=xxx/19700101/us-east-1/s3/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=4a6e9b4af0542ffb83744c6852f8e1bfec14f2a67e6f6f037b39f172f79d62af +X-Amz-Date: 19700101T000000Z +x-amz-content-sha256: UNSIGNED-PAYLOAD +Transfer-Encoding: chunked +Expect: 100-continue + +0 + diff --git a/tests/data/test1972 b/tests/data/test1972 index 5a07d544d4..7b4168d119 100644 --- a/tests/data/test1972 +++ b/tests/data/test1972 @@ -62,19 +62,19 @@ http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPP ^Content-Type:.* ^Accept:.* - -POST /aws_sigv4/testapi/test HTTP/1.1 -Host: exam.ple.com:9000 -Authorization: AWS4-HMAC-SHA256 Credential=xxx/19700101/us-east-1/s3/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=eaee0f1c5984ad5d81c8bc7805f28c7b83b35322de654b2ace18cb8cf6d5a9cb -X-Amz-Date: 19700101T000000Z -x-amz-content-sha256: UNSIGNED-PAYLOAD -Content-Length: 154 - ---------------------------qrstuvwxyz0123456789AB -Content-Disposition: attachment; name="foo" - -bar ---------------------------qrstuvwxyz0123456789AB-- + +POST /aws_sigv4/testapi/test HTTP/1.1 +Host: exam.ple.com:9000 +Authorization: AWS4-HMAC-SHA256 Credential=xxx/19700101/us-east-1/s3/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=eaee0f1c5984ad5d81c8bc7805f28c7b83b35322de654b2ace18cb8cf6d5a9cb +X-Amz-Date: 19700101T000000Z +x-amz-content-sha256: UNSIGNED-PAYLOAD +Content-Length: 154 + +--------------------------qrstuvwxyz0123456789AB +Content-Disposition: attachment; name="foo" + +bar +--------------------------qrstuvwxyz0123456789AB-- diff --git a/tests/data/test1974 b/tests/data/test1974 index b184ca4b5a..f91606e362 100644 --- a/tests/data/test1974 +++ b/tests/data/test1974 @@ -59,13 +59,13 @@ http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPP ^Content-Type:.* ^Accept:.* - -GET /aws_sigv4/testapi/test HTTP/1.1 -Host: exam.ple.com:9000 -Authorization: AWS4-HMAC-SHA256 Credential=xxx/19700101/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=e6270423932feafe9b00ca5d60c9ed566be649f9ca9676144288273945153021 -X-Amz-Date: 19700101T000000Z -x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 - + +GET /aws_sigv4/testapi/test HTTP/1.1 +Host: exam.ple.com:9000 +Authorization: AWS4-HMAC-SHA256 Credential=xxx/19700101/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=e6270423932feafe9b00ca5d60c9ed566be649f9ca9676144288273945153021 +X-Amz-Date: 19700101T000000Z +x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 + diff --git a/tests/data/test1975 b/tests/data/test1975 index 1e980c5a82..92fd563da8 100644 --- a/tests/data/test1975 +++ b/tests/data/test1975 @@ -52,17 +52,17 @@ http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPP ^Content-Type:.* ^Accept:.* - -PUT /aws_sigv4/testapi/test HTTP/1.1 -Host: exam.ple.com:9000 -Authorization: AWS4-HMAC-SHA256 Credential=xxx/19700101/us-east-1/s3/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=a028756f42a859122e9609c1f90cae4b272d6b03bf60d9fd354138176dfa2260 -X-Amz-Date: 19700101T000000Z -Transfer-Encoding: chunked -X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 -Expect: 100-continue - -0 - + +PUT /aws_sigv4/testapi/test HTTP/1.1 +Host: exam.ple.com:9000 +Authorization: AWS4-HMAC-SHA256 Credential=xxx/19700101/us-east-1/s3/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=a028756f42a859122e9609c1f90cae4b272d6b03bf60d9fd354138176dfa2260 +X-Amz-Date: 19700101T000000Z +Transfer-Encoding: chunked +X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 +Expect: 100-continue + +0 + diff --git a/tests/data/test1977 b/tests/data/test1977 index c105c46662..f2c1ead986 100644 --- a/tests/data/test1977 +++ b/tests/data/test1977 @@ -44,19 +44,19 @@ effective URL: http://%HOSTIP:%HTTPPORT/%TESTNUMBER effective URL: http://%HOSTIP:%HTTPPORT/%TESTNUMBER?foo effective URL: http://%HOSTIP:%HTTPPORT/%TESTNUMBER?foo&bar - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /%TESTNUMBER?foo HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /%TESTNUMBER?foo&bar HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /%TESTNUMBER?foo HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /%TESTNUMBER?foo&bar HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + diff --git a/tests/data/test198 b/tests/data/test198 index 95b1f99e1c..e1e81aee51 100644 --- a/tests/data/test198 +++ b/tests/data/test198 @@ -53,17 +53,17 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --retry 1000 # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test199 b/tests/data/test199 index 1289fd2d9b..4965d3ce93 100644 --- a/tests/data/test199 +++ b/tests/data/test199 @@ -42,17 +42,17 @@ HTTP with -d, -G and {} # # Verify data after the test has been "shot" - -GET /%TESTNUMBER?foo=moo&moo=poo HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER?foo=moo&moo=poo HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER?foo=moo&moo=poo HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER?foo=moo&moo=poo HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test2 b/tests/data/test2 index 86ec605dba..79d2cf9b7c 100644 --- a/tests/data/test2 +++ b/tests/data/test2 @@ -36,13 +36,13 @@ HTTP GET with user and password # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[fake:user]b64% -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[fake:user]b64% +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test2005 b/tests/data/test2005 index 91e256298a..51e90782a9 100644 --- a/tests/data/test2005 +++ b/tests/data/test2005 @@ -43,13 +43,13 @@ machine example.com # # Verify data after the test has been "shot" - -GET / HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[:5up3r53cr37]b64% -User-Agent: curl/%VERSION -Accept: */* - + +GET / HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[:5up3r53cr37]b64% +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test2023 b/tests/data/test2023 index 9c3cc94c0a..3626499be1 100644 --- a/tests/data/test2023 +++ b/tests/data/test2023 @@ -119,32 +119,32 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER basic basic # Verify data after the test has been "shot" - -GET /%TESTNUMBER0100 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[testuser:wrongpass]b64% -Accept: */* - -GET /%TESTNUMBER0200 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[testuser:testpass]b64% -Accept: */* - -GET /%TESTNUMBER0300 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[testuser:wrongpass]b64% -Accept: */* - -GET /%TESTNUMBER0400 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[testuser:wrongpass]b64% -Accept: */* - -GET /%TESTNUMBER0500 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[testuser:testpass]b64% -Accept: */* - + +GET /%TESTNUMBER0100 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[testuser:wrongpass]b64% +Accept: */* + +GET /%TESTNUMBER0200 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[testuser:testpass]b64% +Accept: */* + +GET /%TESTNUMBER0300 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[testuser:wrongpass]b64% +Accept: */* + +GET /%TESTNUMBER0400 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[testuser:wrongpass]b64% +Accept: */* + +GET /%TESTNUMBER0500 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[testuser:testpass]b64% +Accept: */* + diff --git a/tests/data/test2024 b/tests/data/test2024 index e79285bc7b..b2d6f729ae 100644 --- a/tests/data/test2024 +++ b/tests/data/test2024 @@ -134,32 +134,32 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER basic digest # Verify data after the test has been "shot" - -GET /%TESTNUMBER0100 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[testuser:wrongpass]b64% -Accept: */* - -GET /%TESTNUMBER0200 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/%TESTNUMBER0200", response="ed646c565f79e2dd9fa37cb5a621213c" -Accept: */* - -GET /%TESTNUMBER0300 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[testuser:wrongpass]b64% -Accept: */* - -GET /%TESTNUMBER0400 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/%TESTNUMBER0400", response="9741ced8caacc6124770187b36f007c5" -Accept: */* - -GET /%TESTNUMBER0500 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="3", uri="/%TESTNUMBER0500", response="5bc77ec8c2d443b27a1b55f1fd8fbb13" -Accept: */* - + +GET /%TESTNUMBER0100 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[testuser:wrongpass]b64% +Accept: */* + +GET /%TESTNUMBER0200 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/%TESTNUMBER0200", response="ed646c565f79e2dd9fa37cb5a621213c" +Accept: */* + +GET /%TESTNUMBER0300 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[testuser:wrongpass]b64% +Accept: */* + +GET /%TESTNUMBER0400 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/%TESTNUMBER0400", response="9741ced8caacc6124770187b36f007c5" +Accept: */* + +GET /%TESTNUMBER0500 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="3", uri="/%TESTNUMBER0500", response="5bc77ec8c2d443b27a1b55f1fd8fbb13" +Accept: */* + diff --git a/tests/data/test2025 b/tests/data/test2025 index 7982b68d22..9f6dd4176d 100644 --- a/tests/data/test2025 +++ b/tests/data/test2025 @@ -216,47 +216,47 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER basic ntlm # Verify data after the test has been "shot" - -GET /%TESTNUMBER0100 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[testuser:wrongpass]b64% -Accept: */* - -GET /%TESTNUMBER0200 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -Accept: */* - -GET /%TESTNUMBER0200 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyV09SS1NUQVRJT04= -Accept: */* - -GET /%TESTNUMBER0300 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[testuser:wrongpass]b64% -Accept: */* - -GET /%TESTNUMBER0400 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -Accept: */* - -GET /%TESTNUMBER0400 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyV09SS1NUQVRJT04= -Accept: */* - -GET /%TESTNUMBER0500 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -Accept: */* - -GET /%TESTNUMBER0500 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyV09SS1NUQVRJT04= -Accept: */* - + +GET /%TESTNUMBER0100 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[testuser:wrongpass]b64% +Accept: */* + +GET /%TESTNUMBER0200 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +Accept: */* + +GET /%TESTNUMBER0200 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyV09SS1NUQVRJT04= +Accept: */* + +GET /%TESTNUMBER0300 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[testuser:wrongpass]b64% +Accept: */* + +GET /%TESTNUMBER0400 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +Accept: */* + +GET /%TESTNUMBER0400 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyV09SS1NUQVRJT04= +Accept: */* + +GET /%TESTNUMBER0500 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +Accept: */* + +GET /%TESTNUMBER0500 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyV09SS1NUQVRJT04= +Accept: */* + diff --git a/tests/data/test2026 b/tests/data/test2026 index ee434319d4..e3b5e946cc 100644 --- a/tests/data/test2026 +++ b/tests/data/test2026 @@ -170,40 +170,40 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER digest basic # Verify data after the test has been "shot" - -GET /%TESTNUMBER0100 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /%TESTNUMBER0100 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/%TESTNUMBER0100", response="5f992a2e761ab926256419f7c685f85b" -Accept: */* - -GET /%TESTNUMBER0200 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[testuser:testpass]b64% -Accept: */* - -GET /%TESTNUMBER0300 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /%TESTNUMBER0300 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="3", uri="/%TESTNUMBER0300", response="132242e602882251929be93228c830ae" -Accept: */* - -GET /%TESTNUMBER0400 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[testuser:wrongpass]b64% -Accept: */* - -GET /%TESTNUMBER0500 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[testuser:testpass]b64% -Accept: */* - + +GET /%TESTNUMBER0100 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /%TESTNUMBER0100 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/%TESTNUMBER0100", response="5f992a2e761ab926256419f7c685f85b" +Accept: */* + +GET /%TESTNUMBER0200 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[testuser:testpass]b64% +Accept: */* + +GET /%TESTNUMBER0300 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /%TESTNUMBER0300 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="3", uri="/%TESTNUMBER0300", response="132242e602882251929be93228c830ae" +Accept: */* + +GET /%TESTNUMBER0400 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[testuser:wrongpass]b64% +Accept: */* + +GET /%TESTNUMBER0500 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[testuser:testpass]b64% +Accept: */* + diff --git a/tests/data/test2027 b/tests/data/test2027 index 259e439504..b4ca0e327d 100644 --- a/tests/data/test2027 +++ b/tests/data/test2027 @@ -193,45 +193,45 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER digest digest # Verify data after the test has been "shot" - -GET /%TESTNUMBER0100 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /%TESTNUMBER0100 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/%TESTNUMBER0100", response="f7fd60eefaff5225971bf9b3d80d6ba6" -Accept: */* - -GET /%TESTNUMBER0200 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/%TESTNUMBER0200", response="785ca3ef511999f7e9c178195f5b388c" -Accept: */* - -GET /%TESTNUMBER0300 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /%TESTNUMBER0300 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="4", uri="/%TESTNUMBER0300", response="4c735d2360fd6848e7cb32a11ae3612b" -Accept: */* - -GET /%TESTNUMBER0400 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/%TESTNUMBER0400", response="f5906785511fb60a2af8b1cd53008ead" -Accept: */* - -GET /%TESTNUMBER0400 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/%TESTNUMBER0400", response="f5906785511fb60a2af8b1cd53008ead" -Accept: */* - -GET /%TESTNUMBER0500 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="7", uri="/%TESTNUMBER0500", response="8ef4d935fd964a46c3965c0863b52cf1" -Accept: */* - + +GET /%TESTNUMBER0100 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /%TESTNUMBER0100 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/%TESTNUMBER0100", response="f7fd60eefaff5225971bf9b3d80d6ba6" +Accept: */* + +GET /%TESTNUMBER0200 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/%TESTNUMBER0200", response="785ca3ef511999f7e9c178195f5b388c" +Accept: */* + +GET /%TESTNUMBER0300 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /%TESTNUMBER0300 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="4", uri="/%TESTNUMBER0300", response="4c735d2360fd6848e7cb32a11ae3612b" +Accept: */* + +GET /%TESTNUMBER0400 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/%TESTNUMBER0400", response="f5906785511fb60a2af8b1cd53008ead" +Accept: */* + +GET /%TESTNUMBER0400 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/%TESTNUMBER0400", response="f5906785511fb60a2af8b1cd53008ead" +Accept: */* + +GET /%TESTNUMBER0500 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="7", uri="/%TESTNUMBER0500", response="8ef4d935fd964a46c3965c0863b52cf1" +Accept: */* + diff --git a/tests/data/test2028 b/tests/data/test2028 index 461d7ba6a8..ef87640ac8 100644 --- a/tests/data/test2028 +++ b/tests/data/test2028 @@ -253,55 +253,55 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER digest ntlm # Verify data after the test has been "shot" - -GET /%TESTNUMBER0100 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /%TESTNUMBER0100 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/%TESTNUMBER0100", response="53c80666f5e3a4a55f92a66aaf0078bb" -Accept: */* - -GET /%TESTNUMBER0200 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -Accept: */* - -GET /%TESTNUMBER0200 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyV09SS1NUQVRJT04= -Accept: */* - -GET /%TESTNUMBER0300 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /%TESTNUMBER0300 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="4", uri="/%TESTNUMBER0300", response="1aa5d90da9803ca12d04b24e0f19476e" -Accept: */* - -GET /%TESTNUMBER0400 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -Accept: */* - -GET /%TESTNUMBER0400 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyV09SS1NUQVRJT04= -Accept: */* - -GET /%TESTNUMBER0500 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -Accept: */* - -GET /%TESTNUMBER0500 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyV09SS1NUQVRJT04= -Accept: */* - + +GET /%TESTNUMBER0100 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /%TESTNUMBER0100 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/%TESTNUMBER0100", response="53c80666f5e3a4a55f92a66aaf0078bb" +Accept: */* + +GET /%TESTNUMBER0200 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +Accept: */* + +GET /%TESTNUMBER0200 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyV09SS1NUQVRJT04= +Accept: */* + +GET /%TESTNUMBER0300 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /%TESTNUMBER0300 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="4", uri="/%TESTNUMBER0300", response="1aa5d90da9803ca12d04b24e0f19476e" +Accept: */* + +GET /%TESTNUMBER0400 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +Accept: */* + +GET /%TESTNUMBER0400 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyV09SS1NUQVRJT04= +Accept: */* + +GET /%TESTNUMBER0500 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +Accept: */* + +GET /%TESTNUMBER0500 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyV09SS1NUQVRJT04= +Accept: */* + diff --git a/tests/data/test2029 b/tests/data/test2029 index 7adadaa57e..9b43d0f87f 100644 --- a/tests/data/test2029 +++ b/tests/data/test2029 @@ -189,42 +189,42 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER ntlm basic # Verify data after the test has been "shot" - -GET /%TESTNUMBER0100 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -Accept: */* - -GET /%TESTNUMBER0100 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyV09SS1NUQVRJT04= -Accept: */* - -GET /%TESTNUMBER0200 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[testuser:testpass]b64% -Accept: */* - -GET /%TESTNUMBER0300 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -Accept: */* - -GET /%TESTNUMBER0300 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyV09SS1NUQVRJT04= -Accept: */* - -GET /%TESTNUMBER0400 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[testuser:wrongpass]b64% -Accept: */* - -GET /%TESTNUMBER0500 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[testuser:testpass]b64% -Accept: */* - + +GET /%TESTNUMBER0100 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +Accept: */* + +GET /%TESTNUMBER0100 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyV09SS1NUQVRJT04= +Accept: */* + +GET /%TESTNUMBER0200 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[testuser:testpass]b64% +Accept: */* + +GET /%TESTNUMBER0300 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +Accept: */* + +GET /%TESTNUMBER0300 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyV09SS1NUQVRJT04= +Accept: */* + +GET /%TESTNUMBER0400 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[testuser:wrongpass]b64% +Accept: */* + +GET /%TESTNUMBER0500 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[testuser:testpass]b64% +Accept: */* + diff --git a/tests/data/test2030 b/tests/data/test2030 index 4961e668d6..2baee67311 100644 --- a/tests/data/test2030 +++ b/tests/data/test2030 @@ -242,47 +242,47 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER ntlm digest # Verify data after the test has been "shot" - -GET /%TESTNUMBER0100 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -Accept: */* - -GET /%TESTNUMBER0100 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyV09SS1NUQVRJT04= -Accept: */* - -GET /%TESTNUMBER0200 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/%TESTNUMBER0200", response="2f2d784ba53a0a307758a90e98d25c27" -Accept: */* - -GET /%TESTNUMBER0300 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -Accept: */* - -GET /%TESTNUMBER0300 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyV09SS1NUQVRJT04= -Accept: */* - -GET /%TESTNUMBER0400 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/%TESTNUMBER0400", response="d6262e9147db08c62ff2f53b515861e8" -Accept: */* - -GET /%TESTNUMBER0400 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/%TESTNUMBER0400", response="d6262e9147db08c62ff2f53b515861e8" -Accept: */* - -GET /%TESTNUMBER0500 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="7", uri="/%TESTNUMBER0500", response="198757e61163a779cf24ed4c49c1ad7d" -Accept: */* - + +GET /%TESTNUMBER0100 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +Accept: */* + +GET /%TESTNUMBER0100 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyV09SS1NUQVRJT04= +Accept: */* + +GET /%TESTNUMBER0200 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/%TESTNUMBER0200", response="2f2d784ba53a0a307758a90e98d25c27" +Accept: */* + +GET /%TESTNUMBER0300 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +Accept: */* + +GET /%TESTNUMBER0300 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyV09SS1NUQVRJT04= +Accept: */* + +GET /%TESTNUMBER0400 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/%TESTNUMBER0400", response="d6262e9147db08c62ff2f53b515861e8" +Accept: */* + +GET /%TESTNUMBER0400 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/%TESTNUMBER0400", response="d6262e9147db08c62ff2f53b515861e8" +Accept: */* + +GET /%TESTNUMBER0500 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="7", uri="/%TESTNUMBER0500", response="198757e61163a779cf24ed4c49c1ad7d" +Accept: */* + diff --git a/tests/data/test2031 b/tests/data/test2031 index b464b0b7a2..1d3b168e5f 100644 --- a/tests/data/test2031 +++ b/tests/data/test2031 @@ -255,57 +255,57 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER ntlm ntlm # Verify data after the test has been "shot" - -GET /%TESTNUMBER0100 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -Accept: */* - -GET /%TESTNUMBER0100 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyV09SS1NUQVRJT04= -Accept: */* - -GET /%TESTNUMBER0200 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -Accept: */* - -GET /%TESTNUMBER0200 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyV09SS1NUQVRJT04= -Accept: */* - -GET /%TESTNUMBER0300 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -Accept: */* - -GET /%TESTNUMBER0300 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyV09SS1NUQVRJT04= -Accept: */* - -GET /%TESTNUMBER0400 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -Accept: */* - -GET /%TESTNUMBER0400 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyV09SS1NUQVRJT04= -Accept: */* - -GET /%TESTNUMBER0500 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -Accept: */* - -GET /%TESTNUMBER0500 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyV09SS1NUQVRJT04= -Accept: */* - + +GET /%TESTNUMBER0100 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +Accept: */* + +GET /%TESTNUMBER0100 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyV09SS1NUQVRJT04= +Accept: */* + +GET /%TESTNUMBER0200 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +Accept: */* + +GET /%TESTNUMBER0200 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyV09SS1NUQVRJT04= +Accept: */* + +GET /%TESTNUMBER0300 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +Accept: */* + +GET /%TESTNUMBER0300 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyV09SS1NUQVRJT04= +Accept: */* + +GET /%TESTNUMBER0400 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +Accept: */* + +GET /%TESTNUMBER0400 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyV09SS1NUQVRJT04= +Accept: */* + +GET /%TESTNUMBER0500 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +Accept: */* + +GET /%TESTNUMBER0500 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyV09SS1NUQVRJT04= +Accept: */* + diff --git a/tests/data/test2032 b/tests/data/test2032 index 06aa1ebfac..403ca15363 100644 --- a/tests/data/test2032 +++ b/tests/data/test2032 @@ -88,27 +88,27 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -GET /%TESTNUMBER0100 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[testuser:testpass]b64% -Accept: */* - -GET /%TESTNUMBER0100 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[testuser:testpass]b64% -Accept: */* - -GET /%TESTNUMBER0200 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -Accept: */* - -GET /%TESTNUMBER0200 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyV09SS1NUQVRJT04= -Accept: */* - + +GET /%TESTNUMBER0100 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[testuser:testpass]b64% +Accept: */* + +GET /%TESTNUMBER0100 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[testuser:testpass]b64% +Accept: */* + +GET /%TESTNUMBER0200 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +Accept: */* + +GET /%TESTNUMBER0200 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyV09SS1NUQVRJT04= +Accept: */* + diff --git a/tests/data/test2033 b/tests/data/test2033 index 2973eb8987..447e8c5330 100644 --- a/tests/data/test2033 +++ b/tests/data/test2033 @@ -47,12 +47,12 @@ CURL_SSL_BACKEND=schannel # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: localhost:%HTTPSPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: localhost:%HTTPSPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test2034 b/tests/data/test2034 index adb4f17671..a2ecffdb41 100644 --- a/tests/data/test2034 +++ b/tests/data/test2034 @@ -43,12 +43,12 @@ simple HTTPS GET with DER public key pinning # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: localhost:%HTTPSPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: localhost:%HTTPSPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test2037 b/tests/data/test2037 index 9f229cfd3e..138f573004 100644 --- a/tests/data/test2037 +++ b/tests/data/test2037 @@ -43,12 +43,12 @@ simple HTTPS GET with PEM public key pinning # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: localhost:%HTTPSPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: localhost:%HTTPSPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test2039 b/tests/data/test2039 index 7cab984ce5..c7e7acb63f 100644 --- a/tests/data/test2039 +++ b/tests/data/test2039 @@ -48,14 +48,14 @@ machine %HOSTIP login user2 password passwd2 # # Verify data after the test has been "shot" - -USER userdef -PASS passwddef -PWD -EPSV -TYPE A -LIST -QUIT + +USER userdef +PASS passwddef +PWD +EPSV +TYPE A +LIST +QUIT diff --git a/tests/data/test2040 b/tests/data/test2040 index 6537d193e3..ab7987cb2b 100644 --- a/tests/data/test2040 +++ b/tests/data/test2040 @@ -47,18 +47,18 @@ HTTP Basic authorization, then without authorization # Verify data after the test has been "shot" - -GET /%TESTNUMBER0100 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[testuser:testpass]b64% -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0200 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER0100 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[testuser:testpass]b64% +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0200 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + Finally, this is the real page! diff --git a/tests/data/test2041 b/tests/data/test2041 index 71112c27f8..75da98ba9e 100644 --- a/tests/data/test2041 +++ b/tests/data/test2041 @@ -43,12 +43,12 @@ simple HTTPS GET with base64-sha256 public key pinning # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: localhost:%HTTPSPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: localhost:%HTTPSPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test2046 b/tests/data/test2046 index 555515aa4a..4eb6ce6999 100644 --- a/tests/data/test2046 +++ b/tests/data/test2046 @@ -57,17 +57,17 @@ http://%hex[%c3%a5%c3%a4%c3%b6]hex%.se:%HTTPPORT/%TESTNUMBER --resolve xn--4cab6 # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: xn--4cab6c.se:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0001 HTTP/1.1 -Host: xn--4cab6c.se:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: xn--4cab6c.se:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0001 HTTP/1.1 +Host: xn--4cab6c.se:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test2047 b/tests/data/test2047 index 9c671b1785..ac934a6f76 100644 --- a/tests/data/test2047 +++ b/tests/data/test2047 @@ -58,19 +58,19 @@ http://%hex[%c3%a5%c3%a4%c3%b6]hex%.se/%TESTNUMBER -x %HOSTIP:%HTTPPORT -w "%{nu # # Verify data after the test has been "shot" - -GET http://xn--4cab6c.se/%TESTNUMBER HTTP/1.1 -Host: xn--4cab6c.se -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://xn--4cab6c.se/%TESTNUMBER0001 HTTP/1.1 -Host: xn--4cab6c.se -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://xn--4cab6c.se/%TESTNUMBER HTTP/1.1 +Host: xn--4cab6c.se +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://xn--4cab6c.se/%TESTNUMBER0001 HTTP/1.1 +Host: xn--4cab6c.se +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test2049 b/tests/data/test2049 index 98be38bee6..31513551ac 100644 --- a/tests/data/test2049 +++ b/tests/data/test2049 @@ -38,27 +38,27 @@ http://www1.example.com:8081/%TESTNUMBER --connect-to ::%HOSTIP:%HTTPPORT --next # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: www1.example.com:8081 -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: www2.example.com:8082 -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: www3.example.com:8083 -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: www4.example.com:8084 -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: www1.example.com:8081 +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: www2.example.com:8082 +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: www3.example.com:8083 +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: www4.example.com:8084 +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test2050 b/tests/data/test2050 index ed4713f9a5..202ea39106 100644 --- a/tests/data/test2050 +++ b/tests/data/test2050 @@ -68,12 +68,12 @@ User-Agent: curl/%VERSION Proxy-Connection: Keep-Alive - -GET /%TESTNUMBER HTTP/1.1 -Host: www.example.com.%TESTNUMBER -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: www.example.com.%TESTNUMBER +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test2051 b/tests/data/test2051 index ce76cc93c0..b11d3c452b 100644 --- a/tests/data/test2051 +++ b/tests/data/test2051 @@ -38,22 +38,22 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w "%{num_connects}\n" --next --connect-to # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test2052 b/tests/data/test2052 index 18fc7c5ebf..60b45402b2 100644 --- a/tests/data/test2052 +++ b/tests/data/test2052 @@ -39,17 +39,17 @@ http://www.example.com:%HTTPPORT/%TESTNUMBER --resolve www.example.com:%HTTPPORT # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: www.example.com:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: www.example.com:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: www.example.com:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: www.example.com:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test2053 b/tests/data/test2053 index a416d52868..ac35ed37e5 100644 --- a/tests/data/test2053 +++ b/tests/data/test2053 @@ -38,17 +38,17 @@ http://10.0.0.1:8081/%TESTNUMBER --connect-to 10.0.0.1:8081:%HOSTIP:%HTTPPORT -- # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: 10.0.0.1:8081 -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: [fc00::1]:8082 -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: 10.0.0.1:8081 +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: [fc00::1]:8082 +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test2054 b/tests/data/test2054 index 8217444e53..59ec523bb7 100644 --- a/tests/data/test2054 +++ b/tests/data/test2054 @@ -38,27 +38,27 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --connect-to foo::bar: --connect-to :123::4 # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: www.example.com:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:8083 -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: www.example.com:8084 -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: www.example.com:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:8083 +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: www.example.com:8084 +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test2055 b/tests/data/test2055 index 4710970ffd..dca5630263 100644 --- a/tests/data/test2055 +++ b/tests/data/test2055 @@ -69,12 +69,12 @@ User-Agent: curl/%VERSION Proxy-Connection: Keep-Alive - -GET /%TESTNUMBER HTTP/1.1 -Host: www.example.com.%TESTNUMBER -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: www.example.com.%TESTNUMBER +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test2056 b/tests/data/test2056 index 3833663c10..9d0db1d747 100644 --- a/tests/data/test2056 +++ b/tests/data/test2056 @@ -51,13 +51,13 @@ CURL_STUB_GSS_CREDS="KRB5_Alice" # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Negotiate %b64["KRB5_Alice":HTTP@127.0.0.1:1:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA]b64% -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Negotiate %b64["KRB5_Alice":HTTP@127.0.0.1:1:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA]b64% +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test2057 b/tests/data/test2057 index 7e45ae1214..e9b6133343 100644 --- a/tests/data/test2057 +++ b/tests/data/test2057 @@ -67,19 +67,19 @@ CURL_STUB_GSS_CREDS="NTLM_Alice" # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Negotiate %b64["NTLM_Alice":HTTP@127.0.0.1:2:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA]b64% -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Negotiate %b64["NTLM_Alice":HTTP@127.0.0.1:3:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA]b64% -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Negotiate %b64["NTLM_Alice":HTTP@127.0.0.1:2:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA]b64% +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Negotiate %b64["NTLM_Alice":HTTP@127.0.0.1:3:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA]b64% +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test2061 b/tests/data/test2061 index 605d827be7..26a2869712 100644 --- a/tests/data/test2061 +++ b/tests/data/test2061 @@ -66,18 +66,18 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --digest # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/%TESTNUMBER", response="9dc55255f1a2537b838311674b621d45346b862a81631bb20e4ce356ef25062d", algorithm=SHA-256 -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/%TESTNUMBER", response="9dc55255f1a2537b838311674b621d45346b862a81631bb20e4ce356ef25062d", algorithm=SHA-256 +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test2062 b/tests/data/test2062 index 039354382d..3f8eedc7b4 100644 --- a/tests/data/test2062 +++ b/tests/data/test2062 @@ -66,18 +66,18 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --digest # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/%TESTNUMBER", response="9d3256ee6526ec40dd48743bb48e51ee9baba587c78f15c3a86166242150af98", algorithm=SHA-512-256 -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/%TESTNUMBER", response="9d3256ee6526ec40dd48743bb48e51ee9baba587c78f15c3a86166242150af98", algorithm=SHA-512-256 +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test2063 b/tests/data/test2063 index 07e12f3c77..cc4c4c2fb0 100644 --- a/tests/data/test2063 +++ b/tests/data/test2063 @@ -66,18 +66,18 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --digest # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="75af8a3500f771e58a52093a25e7905d6e428a511285c12ea1420c73078dfd61", realm="testrealm", nonce="1053604145", uri="/%TESTNUMBER", response="6c470aec384ab1d4e12d3ce1f5b08303d8cad177e52ebe50ec1a3e141adb0cdc", algorithm=SHA-256, userhash=true -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="75af8a3500f771e58a52093a25e7905d6e428a511285c12ea1420c73078dfd61", realm="testrealm", nonce="1053604145", uri="/%TESTNUMBER", response="6c470aec384ab1d4e12d3ce1f5b08303d8cad177e52ebe50ec1a3e141adb0cdc", algorithm=SHA-256, userhash=true +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test2064 b/tests/data/test2064 index d314270464..54102887e3 100644 --- a/tests/data/test2064 +++ b/tests/data/test2064 @@ -66,18 +66,18 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:test2pass --digest # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="2053604145", uri="/%TESTNUMBER", response="a9c3ec1036068b336cbabefe9dfcad52ee8b89bc7c91ddbb5bb415c6acdf38a5", algorithm=SHA-256 -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="2053604145", uri="/%TESTNUMBER", response="a9c3ec1036068b336cbabefe9dfcad52ee8b89bc7c91ddbb5bb415c6acdf38a5", algorithm=SHA-256 +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test2065 b/tests/data/test2065 index 5365cac3fd..c15341049a 100644 --- a/tests/data/test2065 +++ b/tests/data/test2065 @@ -66,18 +66,18 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:test2pass --digest # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="2053604145", uri="/%TESTNUMBER", response="0373a49d7d352ff54884faaf762fc6c89281b4112ad8fcbbe1d1ee52dcf7a802", algorithm=SHA-512-256 -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="2053604145", uri="/%TESTNUMBER", response="0373a49d7d352ff54884faaf762fc6c89281b4112ad8fcbbe1d1ee52dcf7a802", algorithm=SHA-512-256 +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test2066 b/tests/data/test2066 index 8f5f7aa8a4..3a43fbb2be 100644 --- a/tests/data/test2066 +++ b/tests/data/test2066 @@ -66,18 +66,18 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:test2pass --digest # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="75af8a3500f771e58a52093a25e7905d6e428a511285c12ea1420c73078dfd61", realm="testrealm", nonce="2053604145", uri="/%TESTNUMBER", response="374a35326cc09e7d1ec3165aee9de01cae46daac33d8999aa1f483fa7882b86c", algorithm=SHA-256, userhash=true -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="75af8a3500f771e58a52093a25e7905d6e428a511285c12ea1420c73078dfd61", realm="testrealm", nonce="2053604145", uri="/%TESTNUMBER", response="374a35326cc09e7d1ec3165aee9de01cae46daac33d8999aa1f483fa7882b86c", algorithm=SHA-256, userhash=true +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test2067 b/tests/data/test2067 index 20120e1873..12f2ff18e6 100644 --- a/tests/data/test2067 +++ b/tests/data/test2067 @@ -67,22 +67,22 @@ HTTP POST --digest with SHA256 and user-specified Content-Length header # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 0 -Content-Type: application/x-www-form-urlencoded - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/%TESTNUMBER", response="67b97af219c92fa7e8685e5bebb8e74892f6c6792e911c52bd2dfbf0b49272eb", algorithm=SHA-256 -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 11 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 0 +Content-Type: application/x-www-form-urlencoded + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/%TESTNUMBER", response="67b97af219c92fa7e8685e5bebb8e74892f6c6792e911c52bd2dfbf0b49272eb", algorithm=SHA-256 +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 11 +Content-Type: application/x-www-form-urlencoded + junkelijunk diff --git a/tests/data/test2068 b/tests/data/test2068 index 867330e135..a19faf2f87 100644 --- a/tests/data/test2068 +++ b/tests/data/test2068 @@ -67,22 +67,22 @@ HTTP POST Digest with SHA-512-256, userhash and set Content-Length # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 0 -Content-Type: application/x-www-form-urlencoded - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/%TESTNUMBER", response="0ba2f7ec8045446588eea82bb0c3812aedb05f4eac8883ea65040a52e9c5629e", algorithm=SHA-512-256 -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 11 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 0 +Content-Type: application/x-www-form-urlencoded + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/%TESTNUMBER", response="0ba2f7ec8045446588eea82bb0c3812aedb05f4eac8883ea65040a52e9c5629e", algorithm=SHA-512-256 +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 11 +Content-Type: application/x-www-form-urlencoded + junkelijunk diff --git a/tests/data/test2069 b/tests/data/test2069 index 650726d17c..06e444f17a 100644 --- a/tests/data/test2069 +++ b/tests/data/test2069 @@ -67,22 +67,22 @@ HTTP POST Digest with SHA-256, userhash and set Content-Length header # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 0 -Content-Type: application/x-www-form-urlencoded - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="fddc3bc7b753b73ab0848fd83cb20cbbca971258eb8d20c941dd5e0b010d66be", realm="testrealm", nonce="1053604144", uri="/%TESTNUMBER", response="9a29f1dab407e62daa7121185f9f12db6177415e03f35d9a881550095a83378d", algorithm=SHA-256, userhash=true -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 11 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 0 +Content-Type: application/x-www-form-urlencoded + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="fddc3bc7b753b73ab0848fd83cb20cbbca971258eb8d20c941dd5e0b010d66be", realm="testrealm", nonce="1053604144", uri="/%TESTNUMBER", response="9a29f1dab407e62daa7121185f9f12db6177415e03f35d9a881550095a83378d", algorithm=SHA-256, userhash=true +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 11 +Content-Type: application/x-www-form-urlencoded + junkelijunk diff --git a/tests/data/test207 b/tests/data/test207 index 4c0e0c72ea..193926f08b 100644 --- a/tests/data/test207 +++ b/tests/data/test207 @@ -48,12 +48,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # curl: (18) transfer closed with outstanding read data remaining diff --git a/tests/data/test2070 b/tests/data/test2070 index c2c0cdee9a..0769d1af0f 100644 --- a/tests/data/test2070 +++ b/tests/data/test2070 @@ -46,12 +46,12 @@ CURL_SSL_BACKEND=schannel # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: localhost:%HTTPSPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: localhost:%HTTPSPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test2073 b/tests/data/test2073 index 8eea265536..6000c7db6e 100644 --- a/tests/data/test2073 +++ b/tests/data/test2073 @@ -47,27 +47,27 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -F 'name=a;filename=a.pdf' --next http://%H ^(Content-Type: multipart/form-data;|------------).* - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 201 - -Content-Disposition: form-data; name="name"; filename="a.pdf" -Content-Type: application/pdf - -a -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 196 - -Content-Disposition: form-data; name="name"; filename="b.jpg" -Content-Type: image/jpeg - -b + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 201 + +Content-Disposition: form-data; name="name"; filename="a.pdf" +Content-Type: application/pdf + +a +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 196 + +Content-Disposition: form-data; name="name"; filename="b.jpg" +Content-Type: image/jpeg + +b diff --git a/tests/data/test2074 b/tests/data/test2074 index 1ef3480b5c..9e3d26d4da 100644 --- a/tests/data/test2074 +++ b/tests/data/test2074 @@ -43,13 +43,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --oauth2-bearer mF_9.B5f-4.1JqM # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Bearer mF_9.B5f-4.1JqM -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Bearer mF_9.B5f-4.1JqM +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test2076 b/tests/data/test2076 index 6ef44c2c72..cb5e911da9 100644 --- a/tests/data/test2076 +++ b/tests/data/test2076 @@ -58,18 +58,18 @@ HTTP with digest auth and URI contains query # Verify data after the test has been "shot" - -GET /%TESTNUMBER?query HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER?query HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/%TESTNUMBER?query", response="5758bd3bbde7f33236e6ccd278eb59af" -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER?query HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER?query HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/%TESTNUMBER?query", response="5758bd3bbde7f33236e6ccd278eb59af" +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test2078 b/tests/data/test2078 index ec1277e5ef..de1f1cf5c2 100644 --- a/tests/data/test2078 +++ b/tests/data/test2078 @@ -38,14 +38,14 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --negotiate --data name=value 0 - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 10 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 10 +Content-Type: application/x-www-form-urlencoded + name=value diff --git a/tests/data/test2079 b/tests/data/test2079 index 117a712c3f..0e2cf01a24 100644 --- a/tests/data/test2079 +++ b/tests/data/test2079 @@ -47,12 +47,12 @@ CURL_SSL_BACKEND=schannel # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: localhost:%HTTPSPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: localhost:%HTTPSPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test2081 b/tests/data/test2081 index 7aad416215..421b475886 100644 --- a/tests/data/test2081 +++ b/tests/data/test2081 @@ -42,20 +42,20 @@ http://user:pass@%HOSTIP:%HTTPPORT/we/want/our/%TESTNUMBER#anchor --location --r # Verify data after the test has been "shot" - -GET /we/want/our/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[user:pass]b64% -User-Agent: curl/%VERSION -Accept: */* - -GET /we/want/our/data/%TESTNUMBER0002.txt?coolsite=yes HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[user:pass]b64% -User-Agent: curl/%VERSION -Accept: */* -Referer: http://%HOSTIP:%HTTPPORT/we/want/our/%TESTNUMBER - + +GET /we/want/our/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[user:pass]b64% +User-Agent: curl/%VERSION +Accept: */* + +GET /we/want/our/data/%TESTNUMBER0002.txt?coolsite=yes HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[user:pass]b64% +User-Agent: curl/%VERSION +Accept: */* +Referer: http://%HOSTIP:%HTTPPORT/we/want/our/%TESTNUMBER + HTTP/1.1 301 This is a weirdo text message swsclose diff --git a/tests/data/test2087 b/tests/data/test2087 index f347bbc61b..bffab46fa2 100644 --- a/tests/data/test2087 +++ b/tests/data/test2087 @@ -47,12 +47,12 @@ CURL_SSL_BACKEND=schannel # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: localhost:%HTTPSPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: localhost:%HTTPSPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test2088 b/tests/data/test2088 index 71839ee37c..b318e674c9 100644 --- a/tests/data/test2088 +++ b/tests/data/test2088 @@ -42,12 +42,12 @@ HTTPS GET with client authentication (mtls) # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: localhost:%HTTPS-MTLSPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: localhost:%HTTPS-MTLSPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test2089 b/tests/data/test2089 index aee93abf6e..5a64225d91 100644 --- a/tests/data/test2089 +++ b/tests/data/test2089 @@ -42,12 +42,12 @@ HTTPS GET with client authentication (mtls) and --insecure # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: localhost:%HTTPS-MTLSPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: localhost:%HTTPS-MTLSPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test209 b/tests/data/test209 index 887d04fbee..3a9c1218a8 100644 --- a/tests/data/test209 +++ b/tests/data/test209 @@ -92,24 +92,24 @@ http://test.remote.example.com.%TESTNUMBER:%HTTPPORT/path/%TESTNUMBER0002 --prox # Verify data after the test has been "shot" - -CONNECT test.remote.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 -Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT -Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - -CONNECT test.remote.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 -Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT -Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - -GET /path/%TESTNUMBER0002 HTTP/1.1 -Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +CONNECT test.remote.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 +Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT +Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + +CONNECT test.remote.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 +Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT +Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + +GET /path/%TESTNUMBER0002 HTTP/1.1 +Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test210 b/tests/data/test210 index 1ee313d76a..954ec03648 100644 --- a/tests/data/test210 +++ b/tests/data/test210 @@ -33,20 +33,20 @@ data blobb # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD a -CWD path -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -EPSV -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD a +CWD path +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +EPSV +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test2100 b/tests/data/test2100 index efe54a6bc7..a5e809c6ef 100644 --- a/tests/data/test2100 +++ b/tests/data/test2100 @@ -69,49 +69,49 @@ http://foo.example.com:%HTTPPORT/%TESTNUMBER --doh-url http://%HOSTIP:%HTTPPORT/ s/com\x00\x00(\x1c|\x01)/com-00-00!/g; - + %if HTTPSRR -POST /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Type: application/dns-message -Content-Length: 33 - -%hex[%00%00%01%00%00%01%00%00%00%00%00%00%03foo%07example%03com-00-00!%00%01]hex%POST /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Type: application/dns-message -Content-Length: 33 - -%hex[%00%00%01%00%00%01%00%00%00%00%00%00%03foo%07example%03com-00-00!%00%01]hex%POST /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Type: application/dns-message -Content-Length: 47 - -%hex[%00%00%01%00%00%01%00%00%00%00%00%00%06_%HTTPPORT%06_https%03foo%07example%03com%00%00A%00%01]hex%GET /%TESTNUMBER HTTP/1.1 -Host: foo.example.com:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - +POST /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Type: application/dns-message +Content-Length: 33 + +%hex[%00%00%01%00%00%01%00%00%00%00%00%00%03foo%07example%03com-00-00!%00%01]hex%POST /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Type: application/dns-message +Content-Length: 33 + +%hex[%00%00%01%00%00%01%00%00%00%00%00%00%03foo%07example%03com-00-00!%00%01]hex%POST /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Type: application/dns-message +Content-Length: 47 + +%hex[%00%00%01%00%00%01%00%00%00%00%00%00%06_%HTTPPORT%06_https%03foo%07example%03com%00%00A%00%01]hex%GET /%TESTNUMBER HTTP/1.1 +Host: foo.example.com:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + %else -POST /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Type: application/dns-message -Content-Length: 33 - -%hex[%00%00%01%00%00%01%00%00%00%00%00%00%03foo%07example%03com-00-00!%00%01]hex%POST /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Type: application/dns-message -Content-Length: 33 - -%hex[%00%00%01%00%00%01%00%00%00%00%00%00%03foo%07example%03com-00-00!%00%01]hex%GET /%TESTNUMBER HTTP/1.1 -Host: foo.example.com:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - +POST /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Type: application/dns-message +Content-Length: 33 + +%hex[%00%00%01%00%00%01%00%00%00%00%00%00%03foo%07example%03com-00-00!%00%01]hex%POST /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Type: application/dns-message +Content-Length: 33 + +%hex[%00%00%01%00%00%01%00%00%00%00%00%00%03foo%07example%03com-00-00!%00%01]hex%GET /%TESTNUMBER HTTP/1.1 +Host: foo.example.com:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + %endif diff --git a/tests/data/test211 b/tests/data/test211 index 6830727ab6..3e6a8f9ada 100644 --- a/tests/data/test211 +++ b/tests/data/test211 @@ -34,21 +34,21 @@ data blobb # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD a -CWD path -EPSV -PASV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -PASV -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD a +CWD path +EPSV +PASV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +PASV +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test213 b/tests/data/test213 index 877d9276ce..7780b231c1 100644 --- a/tests/data/test213 +++ b/tests/data/test213 @@ -92,26 +92,26 @@ http://test.remote.example.com.%TESTNUMBER:%HTTPPORT/path/%TESTNUMBER0002 --prox # Verify data after the test has been "shot" - -CONNECT test.remote.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.0 -Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT -Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - -CONNECT test.remote.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.0 -Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT -Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - -POST /path/%TESTNUMBER0002 HTTP/1.1 -Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 6 -Content-Type: application/x-www-form-urlencoded - + +CONNECT test.remote.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.0 +Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT +Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + +CONNECT test.remote.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.0 +Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT +Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + +POST /path/%TESTNUMBER0002 HTTP/1.1 +Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 6 +Content-Type: application/x-www-form-urlencoded + postit diff --git a/tests/data/test214 b/tests/data/test214 index 846b46458e..76c328ac98 100644 --- a/tests/data/test214 +++ b/tests/data/test214 @@ -40,12 +40,12 @@ MSYS2_ARG_CONV_EXCL=http:// # # Verify data after the test has been "shot" - -GET /{}\/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /{}\/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test215 b/tests/data/test215 index 058639f272..f06bca11fa 100644 --- a/tests/data/test215 +++ b/tests/data/test215 @@ -38,19 +38,19 @@ ftp://%HOSTIP:%FTPPORT/a/path/%TESTNUMBER/ ftp://%HOSTIP:%FTPPORT/a/path/%TESTNU # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD a -CWD path -CWD %TESTNUMBER -EPSV -TYPE A -LIST -EPSV -LIST -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD a +CWD path +CWD %TESTNUMBER +EPSV +TYPE A +LIST +EPSV +LIST +QUIT diff --git a/tests/data/test216 b/tests/data/test216 index 1be87c0d1e..5fbc6153ef 100644 --- a/tests/data/test216 +++ b/tests/data/test216 @@ -27,19 +27,19 @@ upload this file twice # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD a -CWD path -CWD %TESTNUMBER -EPSV -TYPE I -STOR upload.%TESTNUMBER -EPSV -STOR ..anotherup.%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD a +CWD path +CWD %TESTNUMBER +EPSV +TYPE I +STOR upload.%TESTNUMBER +EPSV +STOR ..anotherup.%TESTNUMBER +QUIT diff --git a/tests/data/test217 b/tests/data/test217 index cb6c6738b6..07bbeac46f 100644 --- a/tests/data/test217 +++ b/tests/data/test217 @@ -41,12 +41,12 @@ proxy # Verify data after the test has been "shot" - -CONNECT test.remote.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 -Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - + +CONNECT test.remote.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 +Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + # CURLE_RECV_ERROR diff --git a/tests/data/test22 b/tests/data/test22 index 9007782793..2141182295 100644 --- a/tests/data/test22 +++ b/tests/data/test22 @@ -31,12 +31,12 @@ get HTTP with URL > 10000 bytes # Verify data after the test has been "shot" - -GET /%repeat[11000 x a]%/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%repeat[11000 x a]%/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test220 b/tests/data/test220 index b87ad7ee22..48cd0af3be 100644 --- a/tests/data/test220 +++ b/tests/data/test220 @@ -61,13 +61,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --compressed s/^Accept-Encoding: [a-zA-Z, ]*/Accept-Encoding: xxx/ - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Accept-Encoding: xxx - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Accept-Encoding: xxx + diff --git a/tests/data/test221 b/tests/data/test221 index c5d8fa456b..d51d730f75 100644 --- a/tests/data/test221 +++ b/tests/data/test221 @@ -61,13 +61,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --compressed s/^Accept-Encoding: [a-zA-Z, ]*/Accept-Encoding: xxx/ - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Accept-Encoding: xxx - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Accept-Encoding: xxx + 61 diff --git a/tests/data/test222 b/tests/data/test222 index 1a1fe89492..f01c017f83 100644 --- a/tests/data/test222 +++ b/tests/data/test222 @@ -172,13 +172,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --compressed s/^Accept-Encoding: [a-zA-Z, ]*/Accept-Encoding: xxx/ - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Accept-Encoding: xxx - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Accept-Encoding: xxx + diff --git a/tests/data/test223 b/tests/data/test223 index ba62b2ca75..bcdc415d18 100644 --- a/tests/data/test223 +++ b/tests/data/test223 @@ -60,13 +60,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --compressed s/^Accept-Encoding: [a-zA-Z, ]*/Accept-Encoding: xxx/ - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Accept-Encoding: xxx - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Accept-Encoding: xxx + 61 diff --git a/tests/data/test224 b/tests/data/test224 index 99400cd1d8..cf86731113 100644 --- a/tests/data/test224 +++ b/tests/data/test224 @@ -58,13 +58,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --compressed s/^Accept-Encoding: [a-zA-Z, ]*/Accept-Encoding: xxx/ - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Accept-Encoding: xxx - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Accept-Encoding: xxx + diff --git a/tests/data/test227 b/tests/data/test227 index f7b445185d..e0a6af9f76 100644 --- a/tests/data/test227 +++ b/tests/data/test227 @@ -37,21 +37,21 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER -Q "NOOP 1" -Q "+NOOP 2" -Q "-NOOP 3" -Q "*FA # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -NOOP 1 -FAIL -EPSV -PASV -TYPE I -NOOP 2 -FAIL HARD -SIZE %TESTNUMBER -RETR %TESTNUMBER -NOOP 3 -QUIT + +USER anonymous +PASS ftp@example.com +PWD +NOOP 1 +FAIL +EPSV +PASV +TYPE I +NOOP 2 +FAIL HARD +SIZE %TESTNUMBER +RETR %TESTNUMBER +NOOP 3 +QUIT diff --git a/tests/data/test228 b/tests/data/test228 index 8e7d73ff0c..e9acda8ddb 100644 --- a/tests/data/test228 +++ b/tests/data/test228 @@ -37,16 +37,16 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER --ftp-account "one count" # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -ACCT one count -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +ACCT one count +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test229 b/tests/data/test229 index 71da135fc0..9b79392a96 100644 --- a/tests/data/test229 +++ b/tests/data/test229 @@ -29,10 +29,10 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER --ftp-account "one count" # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -ACCT one count + +USER anonymous +PASS ftp@example.com +ACCT one count 11 diff --git a/tests/data/test230 b/tests/data/test230 index 47663ad294..3dc478fc99 100644 --- a/tests/data/test230 +++ b/tests/data/test230 @@ -172,13 +172,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --compressed s/^Accept-Encoding: [a-zA-Z, ]*/Accept-Encoding: xxx/ - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Accept-Encoding: xxx - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Accept-Encoding: xxx + diff --git a/tests/data/test2300 b/tests/data/test2300 index 8b28774686..33460cdd4b 100644 --- a/tests/data/test2300 +++ b/tests/data/test2300 @@ -47,16 +47,16 @@ WebSockets upgrade only # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Upgrade: websocket -Sec-WebSocket-Version: 13 -Sec-WebSocket-Key: NDMyMTUzMjE2MzIxNzMyMQ== -Connection: Upgrade - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Upgrade: websocket +Sec-WebSocket-Version: 13 +Sec-WebSocket-Key: NDMyMTUzMjE2MzIxNzMyMQ== +Connection: Upgrade + 52 diff --git a/tests/data/test2301 b/tests/data/test2301 index 1b968c7672..1762a2c57f 100644 --- a/tests/data/test2301 +++ b/tests/data/test2301 @@ -52,16 +52,16 @@ ws://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: webbie-sox/3 -Accept: */* -Upgrade: websocket -Sec-WebSocket-Version: 13 -Sec-WebSocket-Key: NDMyMTUzMjE2MzIxNzMyMQ== -Connection: Upgrade - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: webbie-sox/3 +Accept: */* +Upgrade: websocket +Sec-WebSocket-Version: 13 +Sec-WebSocket-Key: NDMyMTUzMjE2MzIxNzMyMQ== +Connection: Upgrade + %hex[%8a%00]hex% diff --git a/tests/data/test2302 b/tests/data/test2302 index 8e2d34877f..117b5a7ebf 100644 --- a/tests/data/test2302 +++ b/tests/data/test2302 @@ -53,16 +53,16 @@ ws://%HOSTIP:%HTTPPORT/%TESTNUMBER # PONG with no data and the 32 bit mask # - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: webbie-sox/3 -Accept: */* -Upgrade: websocket -Sec-WebSocket-Version: 13 -Sec-WebSocket-Key: NDMyMTUzMjE2MzIxNzMyMQ== -Connection: Upgrade - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: webbie-sox/3 +Accept: */* +Upgrade: websocket +Sec-WebSocket-Version: 13 +Sec-WebSocket-Key: NDMyMTUzMjE2MzIxNzMyMQ== +Connection: Upgrade + %hex[%8a%808321]hex% diff --git a/tests/data/test2303 b/tests/data/test2303 index 8ad45cbeca..cfb1f0d6cd 100644 --- a/tests/data/test2303 +++ b/tests/data/test2303 @@ -43,16 +43,16 @@ ws://%HOSTIP:%HTTPPORT/%TESTNUMBER - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: webbie-sox/3 -Accept: */* -Upgrade: websocket -Sec-WebSocket-Version: 13 -Sec-WebSocket-Key: NDMyMTUzMjE2MzIxNzMyMQ== -Connection: Upgrade - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: webbie-sox/3 +Accept: */* +Upgrade: websocket +Sec-WebSocket-Version: 13 +Sec-WebSocket-Key: NDMyMTUzMjE2MzIxNzMyMQ== +Connection: Upgrade + # 22 == CURLE_HTTP_RETURNED_ERROR diff --git a/tests/data/test2304 b/tests/data/test2304 index 8ed75d96a9..47c81b2a96 100644 --- a/tests/data/test2304 +++ b/tests/data/test2304 @@ -52,7 +52,7 @@ ws://%HOSTIP:%HTTPPORT/%TESTNUMBER # PONG with no data and the 32 bit mask # - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: websocket/%TESTNUMBER diff --git a/tests/data/test2306 b/tests/data/test2306 index 620f7b5ecc..0f7bd541df 100644 --- a/tests/data/test2306 +++ b/tests/data/test2306 @@ -54,15 +54,15 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER http://%HOSTIP:%HTTPPORT/%TESTNUMBER0002 # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + diff --git a/tests/data/test2308 b/tests/data/test2308 index 3881d353db..c4e35ad8cc 100644 --- a/tests/data/test2308 +++ b/tests/data/test2308 @@ -44,11 +44,11 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + Returned 23, should be 23. diff --git a/tests/data/test2309 b/tests/data/test2309 index 4ba78ee91e..3763822d0e 100644 --- a/tests/data/test2309 +++ b/tests/data/test2309 @@ -54,13 +54,13 @@ password $y$j9T$WUVjiVvDbRAWafDLs6cab1$01NX.oaZKf5lw8MR2Nk9Yaxv4CqbE0IaDF.GpGxPu - -GET http://github.com/ HTTP/1.1 -Host: github.com -Authorization: Basic %b64[daniel:$y$j9T$WUVjiVvDbRAWafDLs6cab1$01NX.oaZKf5lw8MR2Nk9Yaxv4CqbE0IaDF.GpGxPul1]b64% -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://github.com/ HTTP/1.1 +Host: github.com +Authorization: Basic %b64[daniel:$y$j9T$WUVjiVvDbRAWafDLs6cab1$01NX.oaZKf5lw8MR2Nk9Yaxv4CqbE0IaDF.GpGxPul1]b64% +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test232 b/tests/data/test232 index 7f39d7a2fe..25cab8372b 100644 --- a/tests/data/test232 +++ b/tests/data/test232 @@ -172,13 +172,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --compressed s/^Accept-Encoding: [a-zA-Z, ]*/Accept-Encoding: xxx/ - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Accept-Encoding: xxx - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Accept-Encoding: xxx + diff --git a/tests/data/test233 b/tests/data/test233 index fa83d750d1..3b55200e20 100644 --- a/tests/data/test233 +++ b/tests/data/test233 @@ -75,22 +75,22 @@ proxy # # Verify data after the test has been "shot" - -GET http://first.host.it.is/we/want/that/page/%TESTNUMBER HTTP/1.1 -Host: first.host.it.is -Proxy-Authorization: Basic %b64[testing:this]b64% -Authorization: Basic %b64[iam:myself]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://goto.second.host.now/%TESTNUMBER0002 HTTP/1.1 -Host: goto.second.host.now -Proxy-Authorization: Basic %b64[testing:this]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://first.host.it.is/we/want/that/page/%TESTNUMBER HTTP/1.1 +Host: first.host.it.is +Proxy-Authorization: Basic %b64[testing:this]b64% +Authorization: Basic %b64[iam:myself]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://goto.second.host.now/%TESTNUMBER0002 HTTP/1.1 +Host: goto.second.host.now +Proxy-Authorization: Basic %b64[testing:this]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test234 b/tests/data/test234 index 2902da1528..b3b06cc6be 100644 --- a/tests/data/test234 +++ b/tests/data/test234 @@ -77,23 +77,23 @@ proxy # # Verify data after the test has been "shot" - -GET http://first.host.it.is/we/want/that/page/%TESTNUMBER HTTP/1.1 -Host: first.host.it.is -Proxy-Authorization: Basic %b64[testing:this]b64% -Authorization: Basic %b64[iam:myself]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://goto.second.host.now/%TESTNUMBER0002 HTTP/1.1 -Host: goto.second.host.now -Proxy-Authorization: Basic %b64[testing:this]b64% -Authorization: Basic %b64[iam:myself]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://first.host.it.is/we/want/that/page/%TESTNUMBER HTTP/1.1 +Host: first.host.it.is +Proxy-Authorization: Basic %b64[testing:this]b64% +Authorization: Basic %b64[iam:myself]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://goto.second.host.now/%TESTNUMBER0002 HTTP/1.1 +Host: goto.second.host.now +Proxy-Authorization: Basic %b64[testing:this]b64% +Authorization: Basic %b64[iam:myself]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test235 b/tests/data/test235 index 7081a776c8..651dd55cd1 100644 --- a/tests/data/test235 +++ b/tests/data/test235 @@ -33,15 +33,15 @@ worx? # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -STOR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +STOR %TESTNUMBER +QUIT this is the *****crap******** that we're gonna upload diff --git a/tests/data/test236 b/tests/data/test236 index a66fa046d9..735b5bf583 100644 --- a/tests/data/test236 +++ b/tests/data/test236 @@ -34,15 +34,15 @@ Test data # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -STOR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +STOR %TESTNUMBER +QUIT # (25) Failed FTP upload: 550 diff --git a/tests/data/test237 b/tests/data/test237 index 010f4f4322..fe407993fa 100644 --- a/tests/data/test237 +++ b/tests/data/test237 @@ -34,11 +34,11 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER --disable-epsv 14 - -USER anonymous -PASS ftp@example.com -PWD -PASV + +USER anonymous +PASS ftp@example.com +PWD +PASV diff --git a/tests/data/test238 b/tests/data/test238 index 6e2af83d7e..bd01546ea6 100644 --- a/tests/data/test238 +++ b/tests/data/test238 @@ -31,12 +31,12 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER 13 - -USER anonymous -PASS ftp@example.com -PWD -EPSV -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +QUIT diff --git a/tests/data/test239 b/tests/data/test239 index 230fcc31ad..6bd571b7e2 100644 --- a/tests/data/test239 +++ b/tests/data/test239 @@ -67,25 +67,25 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --proxy http://%HOSTIP:%HTTPPORT --proxy-us # Verify data after the test has been "shot" - -POST http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 0 -Content-Type: application/x-www-form-urlencoded - -POST http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 6 -Content-Type: application/x-www-form-urlencoded - + +POST http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Content-Length: 0 +Content-Type: application/x-www-form-urlencoded + +POST http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Content-Length: 6 +Content-Type: application/x-www-form-urlencoded + postit diff --git a/tests/data/test24 b/tests/data/test24 index 888c635733..ae343baa59 100644 --- a/tests/data/test24 +++ b/tests/data/test24 @@ -31,12 +31,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --fail --silent --show-error # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + 22 diff --git a/tests/data/test240 b/tests/data/test240 index 75bd4bb3de..d4d3551b82 100644 --- a/tests/data/test240 +++ b/tests/data/test240 @@ -45,12 +45,12 @@ HTTP-IPv6 GET # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOST6IP:%HTTP6PORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOST6IP:%HTTP6PORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test2401 b/tests/data/test2401 index 8f686e8503..979a8b2356 100644 --- a/tests/data/test2401 +++ b/tests/data/test2401 @@ -55,16 +55,16 @@ server: nghttpx via: 1.1 nghttpx - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTP2TLSPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 3 -Content-Type: application/x-www-form-urlencoded -X-Forwarded-Proto: https -Via: 2 nghttpx - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTP2TLSPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 3 +Content-Type: application/x-www-form-urlencoded +X-Forwarded-Proto: https +Via: 2 nghttpx + moo diff --git a/tests/data/test2404 b/tests/data/test2404 index 881a32120f..3a5901e8f3 100644 --- a/tests/data/test2404 +++ b/tests/data/test2404 @@ -11,35 +11,35 @@ verbose logs # Server-side -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: server.example.com -Content-Length: 47 - +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: server.example.com +Content-Length: 47 + file contents should appear once for each file - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: server.example.com -Content-Length: 47 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: server.example.com +Content-Length: 47 + file contents should appear once for each file - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: server.example.com -Content-Length: 47 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: server.example.com +Content-Length: 47 + file contents should appear once for each file - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: server.example.com -Content-Length: 47 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: server.example.com +Content-Length: 47 + file contents should appear once for each file diff --git a/tests/data/test2405 b/tests/data/test2405 index 8489156e73..ee25b1de53 100644 --- a/tests/data/test2405 +++ b/tests/data/test2405 @@ -44,7 +44,5 @@ http://%HOSTIP:%HTTP2PORT/%TESTNUMBER # Verify data after the test has been "shot" - - diff --git a/tests/data/test241 b/tests/data/test241 index f8cf6e9a43..66161f6569 100644 --- a/tests/data/test241 +++ b/tests/data/test241 @@ -43,12 +43,12 @@ HTTP-IPv6 GET (using ip6-localhost) # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: ip6-localhost:%HTTP6PORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: ip6-localhost:%HTTP6PORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test242 b/tests/data/test242 index 2e9f89165a..62be5173cc 100644 --- a/tests/data/test242 +++ b/tests/data/test242 @@ -40,13 +40,13 @@ HTTP-IPv6 GET with username+password in URL # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOST6IP:%HTTP6PORT -Authorization: Basic %b64[foobar:barfoo]b64% -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOST6IP:%HTTP6PORT +Authorization: Basic %b64[foobar:barfoo]b64% +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test243 b/tests/data/test243 index 3952571b6e..273bd05492 100644 --- a/tests/data/test243 +++ b/tests/data/test243 @@ -88,33 +88,33 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --proxy http://%HOSTIP:%HTTPPORT --proxy-us # Verify data after the test has been "shot" - -POST http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 6 -Content-Type: application/x-www-form-urlencoded - -postitPOST http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 0 -Content-Type: application/x-www-form-urlencoded - -POST http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 6 -Content-Type: application/x-www-form-urlencoded - + +POST http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Content-Length: 6 +Content-Type: application/x-www-form-urlencoded + +postitPOST http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Content-Length: 0 +Content-Type: application/x-www-form-urlencoded + +POST http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Content-Length: 6 +Content-Type: application/x-www-form-urlencoded + postit diff --git a/tests/data/test244 b/tests/data/test244 index 782be2be40..a54ce3f6a5 100644 --- a/tests/data/test244 +++ b/tests/data/test244 @@ -41,14 +41,14 @@ FTP dir listing with nocwd and URL encoded path # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE A -LIST fir#t/third/%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE A +LIST fir#t/third/%TESTNUMBER +QUIT diff --git a/tests/data/test245 b/tests/data/test245 index da26369215..da95cc5a6b 100644 --- a/tests/data/test245 +++ b/tests/data/test245 @@ -64,22 +64,22 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u auser:apasswd --digest -d "junkelijunk" # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 0 -Content-Type: application/x-www-form-urlencoded - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/%TESTNUMBER", response="379a439b1737ba257c1d2f103914b18b" -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 11 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 0 +Content-Type: application/x-www-form-urlencoded + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/%TESTNUMBER", response="379a439b1737ba257c1d2f103914b18b" +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 11 +Content-Type: application/x-www-form-urlencoded + junkelijunk diff --git a/tests/data/test246 b/tests/data/test246 index 3ab338213c..9f2ab74353 100644 --- a/tests/data/test246 +++ b/tests/data/test246 @@ -74,22 +74,22 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u auser:apasswd --digest -d "junkelijunk" # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 0 -Content-Type: application/x-www-form-urlencoded - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/%TESTNUMBER", response="761e6fc9a760c39d587092e8d840e740" -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 11 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 0 +Content-Type: application/x-www-form-urlencoded + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/%TESTNUMBER", response="761e6fc9a760c39d587092e8d840e740" +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 11 +Content-Type: application/x-www-form-urlencoded + junkelijunk diff --git a/tests/data/test247 b/tests/data/test247 index 8b154f419b..43401696c4 100644 --- a/tests/data/test247 +++ b/tests/data/test247 @@ -35,12 +35,12 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER -T %LOGDIR/test%TESTNUMBER.txt -z "apr 1 2005 # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -MDTM %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +MDTM %TESTNUMBER +QUIT diff --git a/tests/data/test248 b/tests/data/test248 index b497dd7af2..f7d15cd630 100644 --- a/tests/data/test248 +++ b/tests/data/test248 @@ -44,15 +44,15 @@ that FTP works so does it? - -USER anonymous -PASS ftp@example.com -PWD -MDTM %TESTNUMBER -EPSV -TYPE I -STOR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +MDTM %TESTNUMBER +EPSV +TYPE I +STOR %TESTNUMBER +QUIT diff --git a/tests/data/test249 b/tests/data/test249 index 82b0a1406c..6f671080c1 100644 --- a/tests/data/test249 +++ b/tests/data/test249 @@ -40,13 +40,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -z "dec 12 12:00:00 1999 GMT" # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -If-Modified-Since: Sun, 12 Dec 1999 12:00:00 GMT - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +If-Modified-Since: Sun, 12 Dec 1999 12:00:00 GMT + diff --git a/tests/data/test25 b/tests/data/test25 index b00ef84ece..f641da93bb 100644 --- a/tests/data/test25 +++ b/tests/data/test25 @@ -73,37 +73,37 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -L --max-redirs 5 # Verify data after the test has been "shot" - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /want/data/reply/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /want/data/reply/data/reply/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /want/data/reply/data/reply/data/reply/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /want/data/reply/data/reply/data/reply/data/reply/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /want/data/reply/data/reply/data/reply/data/reply/data/reply/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /want/data/reply/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /want/data/reply/data/reply/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /want/data/reply/data/reply/data/reply/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /want/data/reply/data/reply/data/reply/data/reply/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /want/data/reply/data/reply/data/reply/data/reply/data/reply/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test250 b/tests/data/test250 index 4f01ea79a3..550aca257a 100644 --- a/tests/data/test250 +++ b/tests/data/test250 @@ -46,14 +46,14 @@ ftp://%HOSTIP:%FTPPORT/ # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE A -LIST -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE A +LIST +QUIT diff --git a/tests/data/test2501 b/tests/data/test2501 index d05395754d..6de5b755c1 100644 --- a/tests/data/test2501 +++ b/tests/data/test2501 @@ -54,15 +54,15 @@ funny-head: yesyes via: 1.1 nghttpx - -POST https://%HOSTIP:%HTTP3PORT/2501 HTTP/1.1 -Host: %HOSTIP:%HTTP3PORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 3 -Content-Type: application/x-www-form-urlencoded -Via: 3 nghttpx - + +POST https://%HOSTIP:%HTTP3PORT/2501 HTTP/1.1 +Host: %HOSTIP:%HTTP3PORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 3 +Content-Type: application/x-www-form-urlencoded +Via: 3 nghttpx + moo diff --git a/tests/data/test2502 b/tests/data/test2502 index 8625ee7b74..b878e2c9ec 100644 --- a/tests/data/test2502 +++ b/tests/data/test2502 @@ -11,35 +11,35 @@ verbose logs # Server-side -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: server.example.com -Content-Length: 47 - +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: server.example.com +Content-Length: 47 + file contents should appear once for each file - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: server.example.com -Content-Length: 47 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: server.example.com +Content-Length: 47 + file contents should appear once for each file - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: server.example.com -Content-Length: 47 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: server.example.com +Content-Length: 47 + file contents should appear once for each file - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: server.example.com -Content-Length: 47 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: server.example.com +Content-Length: 47 + file contents should appear once for each file diff --git a/tests/data/test251 b/tests/data/test251 index 9ed8c94880..a743b2824f 100644 --- a/tests/data/test251 +++ b/tests/data/test251 @@ -46,14 +46,14 @@ ftp://%HOSTIP:%FTPPORT/ -P %CLIENTIP ^PORT \d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3} ^EPRT \|1\|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\|\d{1,5}\| - -USER anonymous -PASS ftp@example.com -PWD -PORT 127,0,0,1,243,212 -TYPE A -LIST -QUIT + +USER anonymous +PASS ftp@example.com +PWD +PORT 127,0,0,1,243,212 +TYPE A +LIST +QUIT diff --git a/tests/data/test252 b/tests/data/test252 index 1480ee1ec1..77fb9246bb 100644 --- a/tests/data/test252 +++ b/tests/data/test252 @@ -45,14 +45,14 @@ FTP IPv6 dir list PASV # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE A -LIST -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE A +LIST +QUIT diff --git a/tests/data/test254 b/tests/data/test254 index 90b58a0b30..6325484245 100644 --- a/tests/data/test254 +++ b/tests/data/test254 @@ -46,14 +46,14 @@ FTP IPv6 dir list PASV and --disable-epsv # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE A -LIST -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE A +LIST +QUIT diff --git a/tests/data/test256 b/tests/data/test256 index aa60459548..e8ac36b5aa 100644 --- a/tests/data/test256 +++ b/tests/data/test256 @@ -45,15 +45,15 @@ proxy 33 - -GET http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Proxy-Authorization: Basic %b64[daniel:stenberg]b64% -Range: bytes=78- -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Proxy-Authorization: Basic %b64[daniel:stenberg]b64% +Range: bytes=78- +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + # the download target file must remain untouched diff --git a/tests/data/test257 b/tests/data/test257 index 4a245b0120..4ffb7a6f32 100644 --- a/tests/data/test257 +++ b/tests/data/test257 @@ -85,27 +85,27 @@ machine anotherone.com login user2 password passwd2 # Verify data after the test has been "shot" - -GET http://supersite.com/want/%TESTNUMBER HTTP/1.1 -Host: supersite.com -Authorization: Basic %b64[user1:passwd1]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://anotherone.com/%TESTNUMBER0002 HTTP/1.1 -Host: anotherone.com -Authorization: Basic %b64[user2:passwd2]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://athird.com/%TESTNUMBER0003 HTTP/1.1 -Host: athird.com -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://supersite.com/want/%TESTNUMBER HTTP/1.1 +Host: supersite.com +Authorization: Basic %b64[user1:passwd1]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://anotherone.com/%TESTNUMBER0002 HTTP/1.1 +Host: anotherone.com +Authorization: Basic %b64[user2:passwd2]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://athird.com/%TESTNUMBER0003 HTTP/1.1 +Host: athird.com +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test26 b/tests/data/test26 index 9e334bc5b5..438109516d 100644 --- a/tests/data/test26 +++ b/tests/data/test26 @@ -31,12 +31,12 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -o - -o - # Verify data after the test has been "shot" - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test260 b/tests/data/test260 index b72d6cd166..41a8a7a634 100644 --- a/tests/data/test260 +++ b/tests/data/test260 @@ -42,12 +42,12 @@ HTTP GET URL without slash but with question mark # # Verify data after the test has been "shot" - -GET /?%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /?%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test261 b/tests/data/test261 index d5f940372e..59cc16fec2 100644 --- a/tests/data/test261 +++ b/tests/data/test261 @@ -34,15 +34,15 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test262 b/tests/data/test262 index fae51caeae..6b5ad6204e 100644 --- a/tests/data/test262 +++ b/tests/data/test262 @@ -41,12 +41,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + 8 diff --git a/tests/data/test263 b/tests/data/test263 index 6487025297..e1fbe036ca 100644 --- a/tests/data/test263 +++ b/tests/data/test263 @@ -41,13 +41,13 @@ HTTP-IPv6 GET with proxy specified using IPv6-numerical address # # Verify data after the test has been "shot" - -GET http://veryveryremotesite.com/%TESTNUMBER HTTP/1.1 -Host: veryveryremotesite.com -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://veryveryremotesite.com/%TESTNUMBER HTTP/1.1 +Host: veryveryremotesite.com +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test264 b/tests/data/test264 index 8eae539bdc..cb1ad053b3 100644 --- a/tests/data/test264 +++ b/tests/data/test264 @@ -37,14 +37,14 @@ proxy # Verify data after the test has been "shot" - -GET http://we.want.that.site.com/%TESTNUMBER HTTP/1.1 -Host: we.want.that.site.com -Proxy-Authorization: Basic %b64[fake:user]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://we.want.that.site.com/%TESTNUMBER HTTP/1.1 +Host: we.want.that.site.com +Proxy-Authorization: Basic %b64[fake:user]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test265 b/tests/data/test265 index 6b407b24dd..75d943f0f7 100644 --- a/tests/data/test265 +++ b/tests/data/test265 @@ -95,26 +95,26 @@ http://test.remote.example.com.%TESTNUMBER:%HTTPPORT/path/%TESTNUMBER0002 --prox # Verify data after the test has been "shot" - -CONNECT test.remote.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 -Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT -Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - -CONNECT test.remote.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 -Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT -Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - -POST /path/%TESTNUMBER0002 HTTP/1.1 -Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 6 -Content-Type: application/x-www-form-urlencoded - + +CONNECT test.remote.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 +Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT +Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + +CONNECT test.remote.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 +Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT +Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + +POST /path/%TESTNUMBER0002 HTTP/1.1 +Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 6 +Content-Type: application/x-www-form-urlencoded + postit diff --git a/tests/data/test266 b/tests/data/test266 index 8604c609b8..aa974b628b 100644 --- a/tests/data/test266 +++ b/tests/data/test266 @@ -60,12 +60,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -D %LOGDIR/heads%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 200 funky chunky! diff --git a/tests/data/test267 b/tests/data/test267 index f24c7f6a91..60f8878cbf 100644 --- a/tests/data/test267 +++ b/tests/data/test267 @@ -73,27 +73,27 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --ntlm -d "data" -H "H # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -User-Agent: curl/%VERSION -Accept: */* -Header1: yes -Header2: no -Content-Length: 0 -Content-Type: application/x-www-form-urlencoded - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= -User-Agent: curl/%VERSION -Accept: */* -Header1: yes -Header2: no -Content-Length: 4 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +User-Agent: curl/%VERSION +Accept: */* +Header1: yes +Header2: no +Content-Length: 0 +Content-Type: application/x-www-form-urlencoded + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +User-Agent: curl/%VERSION +Accept: */* +Header1: yes +Header2: no +Content-Length: 4 +Content-Type: application/x-www-form-urlencoded + data diff --git a/tests/data/test269 b/tests/data/test269 index e9e7843d44..1533ef7eeb 100644 --- a/tests/data/test269 +++ b/tests/data/test269 @@ -40,12 +40,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --ignore-content-length # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test27 b/tests/data/test27 index 75c73acc2b..f9ec0cf051 100644 --- a/tests/data/test27 +++ b/tests/data/test27 @@ -36,24 +36,24 @@ cookies # Verify data after the test has been "shot" - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Cookie: thewinneris=nowayyouwin - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Cookie: thewinneris=nowayyouwin - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Cookie: thewinneris=nowayyouwin + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Cookie: thewinneris=nowayyouwin + diff --git a/tests/data/test270 b/tests/data/test270 index efa183f155..6f1db343a7 100644 --- a/tests/data/test270 +++ b/tests/data/test270 @@ -36,15 +36,15 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER --ftp-skip-pasv-ip --disable-epsv # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -PASV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +PASV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test273 b/tests/data/test273 index eb7ab1cc6a..e3629c1843 100644 --- a/tests/data/test273 +++ b/tests/data/test273 @@ -66,18 +66,18 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --digest # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/%TESTNUMBER", response="576ae57b1db0039f8c0de43ef58e49e3" -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/%TESTNUMBER", response="576ae57b1db0039f8c0de43ef58e49e3" +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test274 b/tests/data/test274 index bb72006148..685bd0854a 100644 --- a/tests/data/test274 +++ b/tests/data/test274 @@ -34,12 +34,12 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -L --max-redirs 0 # Verify data after the test has been "shot" - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test276 b/tests/data/test276 index 6814f9ed7b..f71a2de427 100644 --- a/tests/data/test276 +++ b/tests/data/test276 @@ -59,17 +59,17 @@ HTTP Location: following with multiple question marks in URLs # Verify data after the test has been "shot" - -GET /want?uri=http://anything/%TESTNUMBER?secondq/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /data/%TESTNUMBER0002.txt?coolsite=http://anotherurl/?a_second/%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /want?uri=http://anything/%TESTNUMBER?secondq/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /data/%TESTNUMBER0002.txt?coolsite=http://anotherurl/?a_second/%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test277 b/tests/data/test277 index 69a17fea5e..0f8cdaa3e0 100644 --- a/tests/data/test277 +++ b/tests/data/test277 @@ -40,19 +40,19 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -F name=daniel -H "Content-Type: text/ s/^--------------------------[A-Za-z0-9]*/--------------------------/ s/boundary=------------------------[A-Za-z0-9]*/boundary=------------------------/ - -POST /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 158 -Content-Type: text/info; boundary=------------------------ - --------------------------- -Content-Disposition: attachment; name="name" - -daniel ----------------------------- + +POST /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 158 +Content-Type: text/info; boundary=------------------------ + +-------------------------- +Content-Disposition: attachment; name="name" + +daniel +---------------------------- diff --git a/tests/data/test278 b/tests/data/test278 index eebd2e4623..102815aae0 100644 --- a/tests/data/test278 +++ b/tests/data/test278 @@ -37,14 +37,14 @@ proxy # Verify data after the test has been "shot" - -GET http://we.want.that.site.com/%TESTNUMBER HTTP/1.1 -Host: we.want.that.site.com -Proxy-Authorization: Basic %b64[fake:]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://we.want.that.site.com/%TESTNUMBER HTTP/1.1 +Host: we.want.that.site.com +Proxy-Authorization: Basic %b64[fake:]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test279 b/tests/data/test279 index 627be88f91..579e13f809 100644 --- a/tests/data/test279 +++ b/tests/data/test279 @@ -38,14 +38,14 @@ proxy # Verify data after the test has been "shot" - -GET http://we.want.that.site.com/%TESTNUMBER HTTP/1.1 -Host: we.want.that.site.com -Proxy-Authorization: Basic %b64[fake:]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://we.want.that.site.com/%TESTNUMBER HTTP/1.1 +Host: we.want.that.site.com +Proxy-Authorization: Basic %b64[fake:]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test28 b/tests/data/test28 index 667d8f97f6..979868cea3 100644 --- a/tests/data/test28 +++ b/tests/data/test28 @@ -58,17 +58,17 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -L # Verify data after the test has been "shot" - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /online/1,1795,Welcome,00.html/%TESTNUMBER0002.txt?logout=TRUE HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /online/1,1795,Welcome,00.html/%TESTNUMBER0002.txt?logout=TRUE HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test280 b/tests/data/test280 index 1aee4b517f..9959188dad 100644 --- a/tests/data/test280 +++ b/tests/data/test280 @@ -46,16 +46,16 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER/ --ftp-alternative-to-user "USER replacement" # # Verify data after the test has been "shot" - -USER anonymous -USER replacement -PASS ftp@example.com -PWD -CWD %TESTNUMBER -EPSV -TYPE A -LIST -QUIT + +USER anonymous +USER replacement +PASS ftp@example.com +PWD +CWD %TESTNUMBER +EPSV +TYPE A +LIST +QUIT diff --git a/tests/data/test282 b/tests/data/test282 index 68d3b428cb..e5b1321be2 100644 --- a/tests/data/test282 +++ b/tests/data/test282 @@ -32,12 +32,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test287 b/tests/data/test287 index 85d557ec96..1bc6654ba3 100644 --- a/tests/data/test287 +++ b/tests/data/test287 @@ -37,12 +37,12 @@ proxy # Verify data after the test has been "shot" - -CONNECT test.remote.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 -Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT -Proxy-Connection: Keep-Alive -User-Agent: looser/2007 - + +CONNECT test.remote.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 +Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT +Proxy-Connection: Keep-Alive +User-Agent: looser/2007 + # CURLE_RECV_ERROR diff --git a/tests/data/test29 b/tests/data/test29 index 689ac43ee1..b99b02f04c 100644 --- a/tests/data/test29 +++ b/tests/data/test29 @@ -39,12 +39,12 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -m 2 # Verify data after the test has been "shot" - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + 28 diff --git a/tests/data/test290 b/tests/data/test290 index e7048a5384..99f7299c8b 100644 --- a/tests/data/test290 +++ b/tests/data/test290 @@ -30,14 +30,14 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER --max-filesize 30 63 - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +QUIT diff --git a/tests/data/test291 b/tests/data/test291 index 05cc2b444a..33ddb32ba3 100644 --- a/tests/data/test291 +++ b/tests/data/test291 @@ -33,15 +33,15 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER --max-filesize 100 # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test292 b/tests/data/test292 index 0ae74a9bc0..02159882e4 100644 --- a/tests/data/test292 +++ b/tests/data/test292 @@ -43,12 +43,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --max-filesize 1000 # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test293 b/tests/data/test293 index 04f9899910..3b2fc4d9ee 100644 --- a/tests/data/test293 +++ b/tests/data/test293 @@ -47,12 +47,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --max-filesize 2 63 - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test294 b/tests/data/test294 index 67108aedb9..55d08f053f 100644 --- a/tests/data/test294 +++ b/tests/data/test294 @@ -47,16 +47,16 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER/ --ftp-account "data for acct" # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -ACCT data for acct -PWD -CWD %TESTNUMBER -EPSV -TYPE A -LIST -QUIT + +USER anonymous +PASS ftp@example.com +ACCT data for acct +PWD +CWD %TESTNUMBER +EPSV +TYPE A +LIST +QUIT diff --git a/tests/data/test295 b/tests/data/test295 index ebb1a36976..ff5f89169d 100644 --- a/tests/data/test295 +++ b/tests/data/test295 @@ -37,9 +37,9 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER/ 67 - -USER anonymous -PASS ftp@example.com + +USER anonymous +PASS ftp@example.com diff --git a/tests/data/test296 b/tests/data/test296 index c88ec99bf7..8f38eab457 100644 --- a/tests/data/test296 +++ b/tests/data/test296 @@ -31,18 +31,18 @@ FTP CWD with --ftp-method multicwd # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD first -CWD second -CWD third -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD first +CWD second +CWD third +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test297 b/tests/data/test297 index 99c10d3e13..e361425398 100644 --- a/tests/data/test297 +++ b/tests/data/test297 @@ -31,16 +31,16 @@ FTP CWD with --ftp-method singlecwd # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD first/second/third -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD first/second/third +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test298 b/tests/data/test298 index 5188c85477..5af79e7ff9 100644 --- a/tests/data/test298 +++ b/tests/data/test298 @@ -31,15 +31,15 @@ FTP CWD with --ftp-method nocwd # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE first/second/third/%TESTNUMBER -RETR first/second/third/%TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +SIZE first/second/third/%TESTNUMBER +RETR first/second/third/%TESTNUMBER +QUIT diff --git a/tests/data/test299 b/tests/data/test299 index 932e065b8b..6de5234d2b 100644 --- a/tests/data/test299 +++ b/tests/data/test299 @@ -39,14 +39,14 @@ FTP over HTTP proxy with user:pass not in url # Verify data after the test has been "shot" - -GET ftp://michal:aybabtu@host.com/we/want/%TESTNUMBER HTTP/1.1 -Host: host.com:21 -Authorization: Basic %b64[michal:aybabtu]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET ftp://michal:aybabtu@host.com/we/want/%TESTNUMBER HTTP/1.1 +Host: host.com:21 +Authorization: Basic %b64[michal:aybabtu]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test3 b/tests/data/test3 index a7cb4f8839..fbf60558c0 100644 --- a/tests/data/test3 +++ b/tests/data/test3 @@ -43,15 +43,15 @@ HTTP POST with auth and contents but with content-length set to 0 # # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[fake:-user]b64% -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 37 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[fake:-user]b64% +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 37 +Content-Type: application/x-www-form-urlencoded + fooo=mooo&pooo=clue&doo=%20%20%20++++ diff --git a/tests/data/test30 b/tests/data/test30 index 6d6a7f6452..5facba61b3 100644 --- a/tests/data/test30 +++ b/tests/data/test30 @@ -27,12 +27,12 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER # Verify data after the test has been "shot" - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + 52 diff --git a/tests/data/test300 b/tests/data/test300 index 3dbf0f01d9..53c9450337 100644 --- a/tests/data/test300 +++ b/tests/data/test300 @@ -40,12 +40,12 @@ simple HTTPS GET # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPSPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPSPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test3000 b/tests/data/test3000 index e46012d278..9fd21ec507 100644 --- a/tests/data/test3000 +++ b/tests/data/test3000 @@ -42,12 +42,12 @@ HTTPS localhost, first subaltname matches, CN does not match # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: localhost:%HTTPSPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: localhost:%HTTPSPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test3001 b/tests/data/test3001 index ce53eb9aa0..e4732d1cba 100644 --- a/tests/data/test3001 +++ b/tests/data/test3001 @@ -42,12 +42,12 @@ HTTPS localhost, last subject alt name matches, CN does not match # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: localhost:%HTTPSPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: localhost:%HTTPSPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test3002 b/tests/data/test3002 index 206bb7d4d9..21d799b183 100644 --- a/tests/data/test3002 +++ b/tests/data/test3002 @@ -33,23 +33,23 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt-allowfails --mail-rcpt invalid. # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -MAIL FROM: -RCPT TO: -RCPT TO: -RCPT TO: -RCPT TO: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +RCPT TO: +RCPT TO: +RCPT TO: +RCPT TO: +DATA +QUIT - -From: different -To: another - -body -. + +From: different +To: another + +body +. diff --git a/tests/data/test3003 b/tests/data/test3003 index dea4bd6517..a0b4d67202 100644 --- a/tests/data/test3003 +++ b/tests/data/test3003 @@ -33,23 +33,23 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt-allowfails --mail-rcpt recipien # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -MAIL FROM: -RCPT TO: -RCPT TO: -RCPT TO: -RCPT TO: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +RCPT TO: +RCPT TO: +RCPT TO: +RCPT TO: +DATA +QUIT - -From: different -To: another - -body -. + +From: different +To: another + +body +. diff --git a/tests/data/test3004 b/tests/data/test3004 index a995ddee54..30f67cbc74 100644 --- a/tests/data/test3004 +++ b/tests/data/test3004 @@ -33,23 +33,23 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt-allowfails --mail-rcpt recipien # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -MAIL FROM: -RCPT TO: -RCPT TO: -RCPT TO: -RCPT TO: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +RCPT TO: +RCPT TO: +RCPT TO: +RCPT TO: +DATA +QUIT - -From: different -To: another - -body -. + +From: different +To: another + +body +. diff --git a/tests/data/test3005 b/tests/data/test3005 index 8fd3330622..cfe63acdfb 100644 --- a/tests/data/test3005 +++ b/tests/data/test3005 @@ -33,23 +33,23 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt-allowfails --mail-rcpt invalid. # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -MAIL FROM: -RCPT TO: -RCPT TO: -RCPT TO: -RCPT TO: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +RCPT TO: +RCPT TO: +RCPT TO: +RCPT TO: +DATA +QUIT - -From: different -To: another - -body -. + +From: different +To: another + +body +. diff --git a/tests/data/test3006 b/tests/data/test3006 index 5ebf0bdf16..0d0449d913 100644 --- a/tests/data/test3006 +++ b/tests/data/test3006 @@ -37,15 +37,15 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt-allowfails --mail-rcpt invalid. 55 - -EHLO %TESTNUMBER -MAIL FROM: -RCPT TO: -RCPT TO: -RCPT TO: -RCPT TO: -RCPT TO: -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +RCPT TO: +RCPT TO: +RCPT TO: +RCPT TO: +QUIT diff --git a/tests/data/test3007 b/tests/data/test3007 index 9a4aede6f8..2cbc4f9a6f 100644 --- a/tests/data/test3007 +++ b/tests/data/test3007 @@ -37,11 +37,11 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt-allowfails --mail-rcpt invalid. 55 - -EHLO %TESTNUMBER -MAIL FROM: -RCPT TO: -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +QUIT diff --git a/tests/data/test3008 b/tests/data/test3008 index 51afb047e8..7701a2c33c 100644 --- a/tests/data/test3008 +++ b/tests/data/test3008 @@ -43,12 +43,12 @@ http://%HOSTIP:%HTTPPORT/this/is/the/%TESTNUMBER -O --output-dir %PWD/%LOGDIR # # Verify data after the test has been "shot" - -GET /this/is/the/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /this/is/the/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + -foo- diff --git a/tests/data/test3009 b/tests/data/test3009 index 213e8ae682..96e9d8035f 100644 --- a/tests/data/test3009 +++ b/tests/data/test3009 @@ -43,12 +43,12 @@ http://%HOSTIP:%HTTPPORT/this/is/the/%TESTNUMBER -O --output-dir %PWD/not-there # # Verify data after the test has been "shot" - -GET /this/is/the/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /this/is/the/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + 23 diff --git a/tests/data/test301 b/tests/data/test301 index af394784ec..76a5a61ade 100644 --- a/tests/data/test301 +++ b/tests/data/test301 @@ -40,13 +40,13 @@ HTTPS GET with user and password # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPSPORT -Authorization: Basic %b64[fake:user]b64% -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPSPORT +Authorization: Basic %b64[fake:user]b64% +User-Agent: curl/%VERSION +Accept: */* + [insert full protocol verifiction dump here] diff --git a/tests/data/test3011 b/tests/data/test3011 index f5b2f1d8c6..6933b584ab 100644 --- a/tests/data/test3011 +++ b/tests/data/test3011 @@ -43,12 +43,12 @@ http://%HOSTIP:%HTTPPORT/this/is/the/%TESTNUMBER -O --output-dir %PWD/%LOGDIR/tm # # Verify data after the test has been "shot" - -GET /this/is/the/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /this/is/the/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + -foo- diff --git a/tests/data/test3012 b/tests/data/test3012 index a9c9505874..5b98c0c4e2 100644 --- a/tests/data/test3012 +++ b/tests/data/test3012 @@ -47,12 +47,12 @@ http://%HOSTIP:%HTTPPORT/this/is/the/%TESTNUMBER -OJR --output-dir %PWD/%LOGDIR # # Verify data after the test has been "shot" - -GET /this/is/the/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /this/is/the/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + -foo- diff --git a/tests/data/test3013 b/tests/data/test3013 index 183667e682..305e435eb5 100644 --- a/tests/data/test3013 +++ b/tests/data/test3013 @@ -46,17 +46,17 @@ http://%HOSTIP:%HTTPPORT/this/is/the/%TESTNUMBER -O --output-dir %PWD/%LOGDIR ht # # Verify data after the test has been "shot" - -GET /this/is/the/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /another/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /this/is/the/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /another/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + -foo- diff --git a/tests/data/test3014 b/tests/data/test3014 index eb5c705716..7a6686495d 100644 --- a/tests/data/test3014 +++ b/tests/data/test3014 @@ -45,12 +45,12 @@ Content-Type: text/plain testdata 4 - -GET /1439 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /1439 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test3015 b/tests/data/test3015 index 41e0640bc2..b2697aa3e0 100644 --- a/tests/data/test3015 +++ b/tests/data/test3015 @@ -57,17 +57,17 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w "%{num_headers}\n" -L -o%DEV_NULL # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test3023 b/tests/data/test3023 index b4210bf482..c5ee22f7d7 100644 --- a/tests/data/test3023 +++ b/tests/data/test3023 @@ -46,12 +46,12 @@ CURL_SSL_BACKEND=schannel # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: localhost:%HTTPSPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: localhost:%HTTPSPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test3024 b/tests/data/test3024 index 7e4b5bb6f4..76bd4481a5 100644 --- a/tests/data/test3024 +++ b/tests/data/test3024 @@ -46,12 +46,12 @@ CURL_SSL_BACKEND=schannel # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: localhost:%HTTPSPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: localhost:%HTTPSPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test3027 b/tests/data/test3027 index 05a811f4e8..aaa3e54704 100644 --- a/tests/data/test3027 +++ b/tests/data/test3027 @@ -40,16 +40,16 @@ data blobb # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -MDTM %TESTNUMBER -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +MDTM %TESTNUMBER +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test3028 b/tests/data/test3028 index bc69e862af..7929f52c07 100644 --- a/tests/data/test3028 +++ b/tests/data/test3028 @@ -60,13 +60,13 @@ Proxy-Connection: Keep-Alive - -proxy-line -GET /page HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +proxy-line +GET /page HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test303 b/tests/data/test303 index f2aad9dfb7..c5c6613cb2 100644 --- a/tests/data/test303 +++ b/tests/data/test303 @@ -43,12 +43,12 @@ HTTPS with 8 secs timeout # Verify data after the test has been "shot" - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPSPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPSPORT +User-Agent: curl/%VERSION +Accept: */* + 28 diff --git a/tests/data/test3031 b/tests/data/test3031 index 58edc376dd..b8da69e5fd 100644 --- a/tests/data/test3031 +++ b/tests/data/test3031 @@ -43,12 +43,12 @@ http://%HOSTIP:%HTTPPORT/this/is/the/%TESTNUMBER --dump-header %PWD/%LOGDIR/tmp/ # # Verify data after the test has been "shot" - -GET /this/is/the/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /this/is/the/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 200 OK diff --git a/tests/data/test3032 b/tests/data/test3032 index 985ff4ff64..067e43c02a 100644 --- a/tests/data/test3032 +++ b/tests/data/test3032 @@ -86,27 +86,27 @@ HTTP redirect loop 3x swsbounce test # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test3035 b/tests/data/test3035 index 19fefa2318..98fe7c5fd0 100644 --- a/tests/data/test3035 +++ b/tests/data/test3035 @@ -87,36 +87,36 @@ HTTP retry failed download with keep data and auto-resume # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Range: bytes=5- -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Range: bytes=11- -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Range: bytes=11- -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Range: bytes=11- -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Range: bytes=5- +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Range: bytes=11- +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Range: bytes=11- +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Range: bytes=11- +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test306 b/tests/data/test306 index e0b5f90752..6fac104547 100644 --- a/tests/data/test306 +++ b/tests/data/test306 @@ -52,12 +52,12 @@ HTTPS GET, receive no headers only data! # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPSPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPSPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test307 b/tests/data/test307 index 650daaea1c..3d796bfc01 100644 --- a/tests/data/test307 +++ b/tests/data/test307 @@ -43,12 +43,12 @@ simple HTTPS GET with openssl engine # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPSPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPSPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test309 b/tests/data/test309 index 29058d4c96..33e36fce00 100644 --- a/tests/data/test309 +++ b/tests/data/test309 @@ -65,17 +65,17 @@ HTTP Location: redirect to HTTPS URL # Verify data after the test has been "shot" - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /data/%TESTNUMBER0002.txt?coolsite=yes HTTP/1.1 -Host: %HOSTIP:%HTTPSPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /data/%TESTNUMBER0002.txt?coolsite=yes HTTP/1.1 +Host: %HOSTIP:%HTTPSPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test31 b/tests/data/test31 index 8de7adc783..b8b09b8d0f 100644 --- a/tests/data/test31 +++ b/tests/data/test31 @@ -99,12 +99,12 @@ local-http # Verify data after the test has been "shot" - -GET /we/want/%TESTNUMBER HTTP/1.1 -Host: test31.curl:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /we/want/%TESTNUMBER HTTP/1.1 +Host: test31.curl:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # Netscape HTTP Cookie File diff --git a/tests/data/test310 b/tests/data/test310 index f2415a329f..f58b673782 100644 --- a/tests/data/test310 +++ b/tests/data/test310 @@ -42,12 +42,12 @@ simple HTTPS GET # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: localhost:%HTTPSPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: localhost:%HTTPSPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test3100 b/tests/data/test3100 index 32ce6d3bed..cd8dd0a3a1 100644 --- a/tests/data/test3100 +++ b/tests/data/test3100 @@ -69,16 +69,16 @@ rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -DESCRIBE rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER RTSP/1.0 -CSeq: 1 -Accept: application/sdp - -DESCRIBE rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER RTSP/1.0 -CSeq: 2 -Accept: application/sdp -Authorization: Basic %b64[user:pass]b64%d29yZA== - + +DESCRIBE rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER RTSP/1.0 +CSeq: 1 +Accept: application/sdp + +DESCRIBE rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER RTSP/1.0 +CSeq: 2 +Accept: application/sdp +Authorization: Basic %b64[user:pass]b64%d29yZA== + diff --git a/tests/data/test3101 b/tests/data/test3101 index d5fd882db0..7d4dae7f64 100644 --- a/tests/data/test3101 +++ b/tests/data/test3101 @@ -72,16 +72,16 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[user:pass]b64%d29yZA== -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[user:pass]b64%d29yZA== +Accept: */* + diff --git a/tests/data/test3102 b/tests/data/test3102 index 9142c46460..779642fbb0 100644 --- a/tests/data/test3102 +++ b/tests/data/test3102 @@ -38,11 +38,11 @@ https://%HOSTIP:%HTTPSPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPSPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPSPORT +Accept: */* + diff --git a/tests/data/test314 b/tests/data/test314 index 287ccb886e..5970391cc5 100644 --- a/tests/data/test314 +++ b/tests/data/test314 @@ -174,13 +174,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --compressed s/^Accept-Encoding: [a-zA-Z, ]*/Accept-Encoding: xxx/ - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Accept-Encoding: xxx - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Accept-Encoding: xxx + diff --git a/tests/data/test315 b/tests/data/test315 index 9be36dc0f2..4b1c443c3f 100644 --- a/tests/data/test315 +++ b/tests/data/test315 @@ -60,13 +60,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --compressed s/^Accept-Encoding: [a-zA-Z, ]*/Accept-Encoding: xxx/ - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Accept-Encoding: xxx - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Accept-Encoding: xxx + 61 diff --git a/tests/data/test316 b/tests/data/test316 index 3036c836b1..12b9fd378d 100644 --- a/tests/data/test316 +++ b/tests/data/test316 @@ -60,13 +60,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --compressed s/^Accept-Encoding: [a-zA-Z, ]*/Accept-Encoding: xxx/ - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Accept-Encoding: xxx - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Accept-Encoding: xxx + diff --git a/tests/data/test317 b/tests/data/test317 index e510c98b45..435b99d970 100644 --- a/tests/data/test317 +++ b/tests/data/test317 @@ -75,22 +75,22 @@ proxy # # Verify data after the test has been "shot" - -GET http://first.host.it.is/we/want/that/page/%TESTNUMBER HTTP/1.1 -Host: first.host.it.is -Proxy-Authorization: Basic %b64[testing:this]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Authorization: s3cr3t - -GET http://goto.second.host.now/%TESTNUMBER0002 HTTP/1.1 -Host: goto.second.host.now -Proxy-Authorization: Basic %b64[testing:this]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://first.host.it.is/we/want/that/page/%TESTNUMBER HTTP/1.1 +Host: first.host.it.is +Proxy-Authorization: Basic %b64[testing:this]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Authorization: s3cr3t + +GET http://goto.second.host.now/%TESTNUMBER0002 HTTP/1.1 +Host: goto.second.host.now +Proxy-Authorization: Basic %b64[testing:this]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test318 b/tests/data/test318 index 9f712782be..cdbde8a105 100644 --- a/tests/data/test318 +++ b/tests/data/test318 @@ -75,23 +75,23 @@ proxy # # Verify data after the test has been "shot" - -GET http://first.host.it.is/we/want/that/page/%TESTNUMBER HTTP/1.1 -Host: first.host.it.is -Proxy-Authorization: Basic %b64[testing:this]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Authorization: s3cr3t - -GET http://goto.second.host.now/%TESTNUMBER0002 HTTP/1.1 -Host: goto.second.host.now -Proxy-Authorization: Basic %b64[testing:this]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Authorization: s3cr3t - + +GET http://first.host.it.is/we/want/that/page/%TESTNUMBER HTTP/1.1 +Host: first.host.it.is +Proxy-Authorization: Basic %b64[testing:this]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Authorization: s3cr3t + +GET http://goto.second.host.now/%TESTNUMBER0002 HTTP/1.1 +Host: goto.second.host.now +Proxy-Authorization: Basic %b64[testing:this]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Authorization: s3cr3t + diff --git a/tests/data/test319 b/tests/data/test319 index d6ad42e9b1..12da8ecbed 100644 --- a/tests/data/test319 +++ b/tests/data/test319 @@ -48,12 +48,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --raw # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test320 b/tests/data/test320 index edf74bc585..60290b835f 100644 --- a/tests/data/test320 +++ b/tests/data/test320 @@ -56,8 +56,6 @@ simple TLS-SRP HTTPS GET, check user in response # Verify data after the test has been "shot" - - HTTP/1.0 200 OK Content-type: text/html diff --git a/tests/data/test3201 b/tests/data/test3201 index 730da8d932..ddbf9bc24b 100644 --- a/tests/data/test3201 +++ b/tests/data/test3201 @@ -50,14 +50,14 @@ proxy s/^PROXY TCP4 192.168.1.1 %HOSTIP (\d*) %HTTPPORT/proxy-line/ - -proxy-line -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Testno: %TESTNUMBER - + +proxy-line +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Testno: %TESTNUMBER + diff --git a/tests/data/test3202 b/tests/data/test3202 index 48a74e132c..d4ea6a33c3 100644 --- a/tests/data/test3202 +++ b/tests/data/test3202 @@ -55,13 +55,13 @@ proxy s/^PROXY TCP6 2001:db8:: ::1 (\d*) %HTTP6PORT/proxy-line/ - -proxy-line -GET /%TESTNUMBER HTTP/1.1 -Host: %HOST6IP:%HTTP6PORT -User-Agent: curl/%VERSION -Accept: */* - + +proxy-line +GET /%TESTNUMBER HTTP/1.1 +Host: %HOST6IP:%HTTP6PORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test3204 b/tests/data/test3204 index 8cc9c2f5b5..25450cb00a 100644 --- a/tests/data/test3204 +++ b/tests/data/test3204 @@ -37,13 +37,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --etag-compare %LOGDIR/etag%TESTNUMBER --et # Verify that the file still exists with the correct etag value. - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -If-None-Match: "21025-dc7-39462498" - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +If-None-Match: "21025-dc7-39462498" + "21025-dc7-39462498" diff --git a/tests/data/test3206 b/tests/data/test3206 index d47494a866..1acc2c729d 100644 --- a/tests/data/test3206 +++ b/tests/data/test3206 @@ -37,12 +37,12 @@ IMAP custom FETCH with larger literal response (~7KB) # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 LOGIN user secret -A003 SELECT %TESTNUMBER -A004 FETCH 456 BODY[TEXT] -A005 LOGOUT + +A001 CAPABILITY +A002 LOGIN user secret +A003 SELECT %TESTNUMBER +A004 FETCH 456 BODY[TEXT] +A005 LOGOUT diff --git a/tests/data/test3215 b/tests/data/test3215 index 70c12e9d36..8eab081f52 100644 --- a/tests/data/test3215 +++ b/tests/data/test3215 @@ -38,19 +38,19 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt " NOTIFY # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -MAIL FROM: RET=HDRS -RCPT TO: NOTIFY=SUCCESS,FAILURE -DATA -QUIT + +EHLO %TESTNUMBER +MAIL FROM: RET=HDRS +RCPT TO: NOTIFY=SUCCESS,FAILURE +DATA +QUIT - -From: different -To: another - -body -. + +From: different +To: another + +body +. diff --git a/tests/data/test325 b/tests/data/test325 index 4f58262520..c18f6dfe20 100644 --- a/tests/data/test325 +++ b/tests/data/test325 @@ -49,12 +49,12 @@ HTTPS with attempted redirect to denied HTTP # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPSPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPSPORT +User-Agent: curl/%VERSION +Accept: */* + # 1 - Protocol http not supported or disabled in libcurl diff --git a/tests/data/test326 b/tests/data/test326 index 920a9c1af6..656fbf8b72 100644 --- a/tests/data/test326 +++ b/tests/data/test326 @@ -53,12 +53,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --raw # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test327 b/tests/data/test327 index 6e86c3722b..91849746c4 100644 --- a/tests/data/test327 +++ b/tests/data/test327 @@ -52,18 +52,18 @@ cookies # Verify data after the test has been "shot" - -GET /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /we/want/%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Cookie: foobar=name - + +GET /we/want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /we/want/%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Cookie: foobar=name + # Netscape HTTP Cookie File diff --git a/tests/data/test328 b/tests/data/test328 index cb891b044f..2cde3b22fb 100644 --- a/tests/data/test328 +++ b/tests/data/test328 @@ -44,12 +44,12 @@ http://%HOSTIP:%HTTPPORT/hello/%TESTNUMBER --compressed ^Accept-Encoding:.* - -GET /hello/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /hello/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test329 b/tests/data/test329 index 93135c5ec1..4d3b721e22 100644 --- a/tests/data/test329 +++ b/tests/data/test329 @@ -59,19 +59,19 @@ cookies # Verify data after the test has been "shot" - -GET /we/want/%TESTNUMBER HTTP/1.1 -Host: host.foo.com -User-Agent: curl/%VERSION -Accept: */* -Cookie: tester=yes; test=no - -GET /we/want/%TESTNUMBER0002 HTTP/1.1 -Host: host.foo.com -User-Agent: curl/%VERSION -Accept: */* -Cookie: tester=yes - + +GET /we/want/%TESTNUMBER HTTP/1.1 +Host: host.foo.com +User-Agent: curl/%VERSION +Accept: */* +Cookie: tester=yes; test=no + +GET /we/want/%TESTNUMBER0002 HTTP/1.1 +Host: host.foo.com +User-Agent: curl/%VERSION +Accept: */* +Cookie: tester=yes + diff --git a/tests/data/test330 b/tests/data/test330 index 4344e2d4b2..0e6d21defb 100644 --- a/tests/data/test330 +++ b/tests/data/test330 @@ -74,20 +74,20 @@ proxy # # Verify data after the test has been "shot" - -GET http://first.host.it.is/we/want/that/page/%TESTNUMBER HTTP/1.1 -Host: first.host.it.is -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Cookie: test=yes - -GET http://goto.second.host.now/%TESTNUMBER0002 HTTP/1.1 -Host: goto.second.host.now -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://first.host.it.is/we/want/that/page/%TESTNUMBER HTTP/1.1 +Host: first.host.it.is +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Cookie: test=yes + +GET http://goto.second.host.now/%TESTNUMBER0002 HTTP/1.1 +Host: goto.second.host.now +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test331 b/tests/data/test331 index 8ab268203f..6d656ac734 100644 --- a/tests/data/test331 +++ b/tests/data/test331 @@ -50,20 +50,20 @@ proxy # Verify data after the test has been "shot" - -GET http://moo/we/want/%TESTNUMBER HTTP/1.1 -Host: moo -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://moo/we/want/%TESTNUMBER0002 HTTP/1.1 -Host: moo -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Cookie: moo=yes - + +GET http://moo/we/want/%TESTNUMBER HTTP/1.1 +Host: moo +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://moo/we/want/%TESTNUMBER0002 HTTP/1.1 +Host: moo +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Cookie: moo=yes + diff --git a/tests/data/test334 b/tests/data/test334 index 159335093b..b6194e09be 100644 --- a/tests/data/test334 +++ b/tests/data/test334 @@ -31,12 +31,12 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER # Verify data after the test has been "shot" - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test335 b/tests/data/test335 index 327296df32..c4057953d2 100644 --- a/tests/data/test335 +++ b/tests/data/test335 @@ -74,28 +74,28 @@ http://digest:a-lot@data.from.server.requiring.digest.hohoho.com/%TESTNUMBER --p # Verify data after the test has been "shot" - -GET http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER HTTP/1.1 -Host: data.from.server.requiring.digest.hohoho.com -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER HTTP/1.1 -Host: data.from.server.requiring.digest.hohoho.com -Proxy-Authorization: Digest username="foo", realm="weirdorealm", nonce="12345", uri="/%TESTNUMBER", response="f61609cd8f5bb205ef4e169b2c5626cb" -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER HTTP/1.1 -Host: data.from.server.requiring.digest.hohoho.com -Proxy-Authorization: Digest username="foo", realm="weirdorealm", nonce="12345", uri="/%TESTNUMBER", response="f61609cd8f5bb205ef4e169b2c5626cb" -Authorization: Digest username="digest", realm="realmweirdo", nonce="123456", uri="/%TESTNUMBER", response="ea0f4cb7a119a1a6f6c6c6c2e4190860" -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER HTTP/1.1 +Host: data.from.server.requiring.digest.hohoho.com +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER HTTP/1.1 +Host: data.from.server.requiring.digest.hohoho.com +Proxy-Authorization: Digest username="foo", realm="weirdorealm", nonce="12345", uri="/%TESTNUMBER", response="f61609cd8f5bb205ef4e169b2c5626cb" +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER HTTP/1.1 +Host: data.from.server.requiring.digest.hohoho.com +Proxy-Authorization: Digest username="foo", realm="weirdorealm", nonce="12345", uri="/%TESTNUMBER", response="f61609cd8f5bb205ef4e169b2c5626cb" +Authorization: Digest username="digest", realm="realmweirdo", nonce="123456", uri="/%TESTNUMBER", response="ea0f4cb7a119a1a6f6c6c6c2e4190860" +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test336 b/tests/data/test336 index f50b42adb3..ddf4266b46 100644 --- a/tests/data/test336 +++ b/tests/data/test336 @@ -41,18 +41,18 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER --range 3-6 # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -PASV -TYPE I -SIZE %TESTNUMBER -REST 3 -RETR %TESTNUMBER -ABOR -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +PASV +TYPE I +SIZE %TESTNUMBER +REST 3 +RETR %TESTNUMBER +ABOR +QUIT diff --git a/tests/data/test337 b/tests/data/test337 index d44a712fbb..a54f964e10 100644 --- a/tests/data/test337 +++ b/tests/data/test337 @@ -41,18 +41,18 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER --range 3-6 # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -PASV -TYPE I -SIZE %TESTNUMBER -REST 3 -RETR %TESTNUMBER -ABOR -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +PASV +TYPE I +SIZE %TESTNUMBER +REST 3 +RETR %TESTNUMBER +ABOR +QUIT diff --git a/tests/data/test339 b/tests/data/test339 index 8c43402757..29205e0431 100644 --- a/tests/data/test339 +++ b/tests/data/test339 @@ -46,12 +46,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --etag-save %LOGDIR/etag%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + W/"asdf" diff --git a/tests/data/test34 b/tests/data/test34 index 5d81a5a8f7..bda5a23fc5 100644 --- a/tests/data/test34 +++ b/tests/data/test34 @@ -52,12 +52,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test340 b/tests/data/test340 index c003e42afa..d971a07c09 100644 --- a/tests/data/test340 +++ b/tests/data/test340 @@ -28,10 +28,10 @@ FTP using %00 in path with singlecwd # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD + +USER anonymous +PASS ftp@example.com +PWD 3 diff --git a/tests/data/test341 b/tests/data/test341 index b6e429a222..3a5f82ea24 100644 --- a/tests/data/test341 +++ b/tests/data/test341 @@ -46,13 +46,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --etag-compare %LOGDIR/etag%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -If-None-Match: "" - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +If-None-Match: "" + diff --git a/tests/data/test342 b/tests/data/test342 index 79f6025635..14d343998d 100644 --- a/tests/data/test342 +++ b/tests/data/test342 @@ -44,13 +44,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --etag-compare %LOGDIR/etag%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -If-None-Match: "21025-dc7-39462498" - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +If-None-Match: "21025-dc7-39462498" + diff --git a/tests/data/test343 b/tests/data/test343 index dd13708ce8..c23c308053 100644 --- a/tests/data/test343 +++ b/tests/data/test343 @@ -44,13 +44,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --etag-compare %LOGDIR/etag%TESTNUMBER --et # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -If-None-Match: "21025-dc7-39462498" - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +If-None-Match: "21025-dc7-39462498" + "21025-dc7-11111" diff --git a/tests/data/test344 b/tests/data/test344 index 197c00489b..06e70c8597 100644 --- a/tests/data/test344 +++ b/tests/data/test344 @@ -41,13 +41,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --etag-compare %LOGDIR/etag%TESTNUMBER --et # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -If-None-Match: "" - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +If-None-Match: "" + "21025-dc7-11111" diff --git a/tests/data/test345 b/tests/data/test345 index c6da676a83..5fbd2dfd9f 100644 --- a/tests/data/test345 +++ b/tests/data/test345 @@ -44,13 +44,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --etag-compare %LOGDIR/etag%TESTNUMBER --et # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -If-None-Match: "21025-dc7-39462498" - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +If-None-Match: "21025-dc7-39462498" + "21025-dc7-11111" diff --git a/tests/data/test346 b/tests/data/test346 index a94da860b0..0f67cfb339 100644 --- a/tests/data/test346 +++ b/tests/data/test346 @@ -44,15 +44,15 @@ HTTP GET over proxy with credentials using blank passwords # - -GET http://remote.example/%TESTNUMBER HTTP/1.1 -Host: remote.example -Proxy-Authorization: Basic %b64[puser:]b64% -Authorization: Basic %b64[suser:]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://remote.example/%TESTNUMBER HTTP/1.1 +Host: remote.example +Proxy-Authorization: Basic %b64[puser:]b64% +Authorization: Basic %b64[suser:]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test347 b/tests/data/test347 index 606335c0d0..dae91d3ca2 100644 --- a/tests/data/test347 +++ b/tests/data/test347 @@ -46,12 +46,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --etag-save %LOGDIR/etag%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test348 b/tests/data/test348 index 55e9d608dd..108e089444 100644 --- a/tests/data/test348 +++ b/tests/data/test348 @@ -44,14 +44,14 @@ that FTP works so does it? - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -STOR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +STOR %TESTNUMBER +QUIT # 70 - CURLE_REMOTE_DISK_FULL diff --git a/tests/data/test349 b/tests/data/test349 index c1106f2ac3..6dc32dbbf5 100644 --- a/tests/data/test349 +++ b/tests/data/test349 @@ -31,12 +31,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --fail-with-body # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + 22 diff --git a/tests/data/test350 b/tests/data/test350 index 3eb8b80aa6..9bc9237836 100644 --- a/tests/data/test350 +++ b/tests/data/test350 @@ -41,15 +41,15 @@ ftp://%HOSTIP:%FTPPORT// --ftp-method multicwd # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD / -EPSV -TYPE A -LIST -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD / +EPSV +TYPE A +LIST +QUIT diff --git a/tests/data/test351 b/tests/data/test351 index ffa93e3e29..4ac29ecee6 100644 --- a/tests/data/test351 +++ b/tests/data/test351 @@ -41,14 +41,14 @@ ftp://%HOSTIP:%FTPPORT// --ftp-method nocwd # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE A -LIST / -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE A +LIST / +QUIT diff --git a/tests/data/test352 b/tests/data/test352 index 0cc4d69fd1..2311bfa457 100644 --- a/tests/data/test352 +++ b/tests/data/test352 @@ -41,15 +41,15 @@ ftp://%HOSTIP:%FTPPORT// --ftp-method singlecwd # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD / -EPSV -TYPE A -LIST -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD / +EPSV +TYPE A +LIST +QUIT diff --git a/tests/data/test353 b/tests/data/test353 index a94828bd6b..4b48899263 100644 --- a/tests/data/test353 +++ b/tests/data/test353 @@ -41,14 +41,14 @@ ftp://%HOSTIP:%FTPPORT/ --ftp-method singlecwd # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE A -LIST -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE A +LIST +QUIT diff --git a/tests/data/test354 b/tests/data/test354 index dc6d732d8b..641cd01f8b 100644 --- a/tests/data/test354 +++ b/tests/data/test354 @@ -37,14 +37,14 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -USER anonymous -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test355 b/tests/data/test355 index 67f7777ff5..ffb7cbc3c1 100644 --- a/tests/data/test355 +++ b/tests/data/test355 @@ -44,12 +44,12 @@ h1 example.com 80 h1 %HOSTIP %HTTPPORT "20290222 22:19:28" 0 0 # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test356 b/tests/data/test356 index 8d7cd45b17..d723b3953d 100644 --- a/tests/data/test356 +++ b/tests/data/test356 @@ -50,12 +50,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --alt-svc "%LOGDIR/altsvc-%TESTNUMBER" # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # strip out the (dynamic) expire date from the file so that the rest diff --git a/tests/data/test36 b/tests/data/test36 index 1f055726bc..efe23719a8 100644 --- a/tests/data/test36 +++ b/tests/data/test36 @@ -52,12 +52,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER 56 - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test361 b/tests/data/test361 index 4fbf3d5ea2..c9642fbbfa 100644 --- a/tests/data/test361 +++ b/tests/data/test361 @@ -31,17 +31,17 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER http://%HOSTIP:%HTTPPORT/%TESTNUMBER --fail # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + 22 diff --git a/tests/data/test362 b/tests/data/test362 index e8ce9731ed..2259211adc 100644 --- a/tests/data/test362 +++ b/tests/data/test362 @@ -37,15 +37,15 @@ that FTP works so does it? - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -STOR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +STOR %TESTNUMBER +QUIT diff --git a/tests/data/test363 b/tests/data/test363 index d2d9661f70..489d2cf6f1 100644 --- a/tests/data/test363 +++ b/tests/data/test363 @@ -74,14 +74,14 @@ User-Agent: curl/%VERSION Proxy-Connection: Keep-Alive - -POST /we/want/that/page/%TESTNUMBER HTTP/1.1 -Host: test.%TESTNUMBER:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 27 -Content-Type: application/x-www-form-urlencoded - + +POST /we/want/that/page/%TESTNUMBER HTTP/1.1 +Host: test.%TESTNUMBER:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 27 +Content-Type: application/x-www-form-urlencoded + datatopost=ohthatsfunyesyes diff --git a/tests/data/test365 b/tests/data/test365 index 40f0540bcc..847023011d 100644 --- a/tests/data/test365 +++ b/tests/data/test365 @@ -54,12 +54,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test366 b/tests/data/test366 index d2193ff14a..8fcdbc4d91 100644 --- a/tests/data/test366 +++ b/tests/data/test366 @@ -37,12 +37,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --retry 2 --retry-max-time 10 # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test367 b/tests/data/test367 index bd3bc0a887..fd3252f31e 100644 --- a/tests/data/test367 +++ b/tests/data/test367 @@ -36,13 +36,13 @@ http://:example@%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[:example]b64% -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[:example]b64% +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test368 b/tests/data/test368 index 69b63e94f6..d49d1ccf30 100644 --- a/tests/data/test368 +++ b/tests/data/test368 @@ -37,13 +37,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -r 4 # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Range: bytes=4- -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Range: bytes=4- +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test369 b/tests/data/test369 index 17a6b4480a..9810d0a5b9 100644 --- a/tests/data/test369 +++ b/tests/data/test369 @@ -36,12 +36,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --etag-save %LOGDIR/nowhere/etag%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test37 b/tests/data/test37 index d5e79824c6..ee2ac76e28 100644 --- a/tests/data/test37 +++ b/tests/data/test37 @@ -33,12 +33,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER 52 - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test371 b/tests/data/test371 index b58237f359..d31454f07b 100644 --- a/tests/data/test371 +++ b/tests/data/test371 @@ -42,12 +42,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -o %LOGDIR/dump -o %LOGDIR/dump2 --no-progr # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + Warning: Got more output options than URLs diff --git a/tests/data/test372 b/tests/data/test372 index e1cf356ddd..fcc07822ed 100644 --- a/tests/data/test372 +++ b/tests/data/test372 @@ -35,12 +35,12 @@ proxy - -GET /binary-zero-in-data-section/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /binary-zero-in-data-section/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + 0 diff --git a/tests/data/test373 b/tests/data/test373 index 5a51fe968f..99bfaf3ac9 100644 --- a/tests/data/test373 +++ b/tests/data/test373 @@ -64,12 +64,12 @@ http://%HOSTIP:%HTTPPORT/chunked-transfer-encoding/%TESTNUMBER - -GET /chunked-transfer-encoding/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /chunked-transfer-encoding/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + 0 diff --git a/tests/data/test374 b/tests/data/test374 index d85bb7855f..daec117af9 100644 --- a/tests/data/test374 +++ b/tests/data/test374 @@ -35,12 +35,12 @@ http://%HOSTIP:%HTTPPORT/gif/%TESTNUMBER - -GET /gif/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /gif/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + 0 diff --git a/tests/data/test376 b/tests/data/test376 index 6913788a3b..d2affc1de5 100644 --- a/tests/data/test376 +++ b/tests/data/test376 @@ -45,12 +45,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -o %LOGDIR/save-%TESTNUMBER --remove-on-err 18 - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # the file should be empty now diff --git a/tests/data/test379 b/tests/data/test379 index 0d727ccf26..d465e90901 100644 --- a/tests/data/test379 +++ b/tests/data/test379 @@ -48,12 +48,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -o %LOGDIR/save --remove-on-error --no-clob 18 - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # this file should be untouched diff --git a/tests/data/test38 b/tests/data/test38 index abd2d3e362..3346f6cf6f 100644 --- a/tests/data/test38 +++ b/tests/data/test38 @@ -41,13 +41,13 @@ download on. 33 - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Range: bytes=78- -User-Agent: curl/%VERSION -Accept: */* - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Range: bytes=78- +User-Agent: curl/%VERSION +Accept: */* + # the download target file must remain untouched diff --git a/tests/data/test380 b/tests/data/test380 index f9ccafdabc..6fe29288b6 100644 --- a/tests/data/test380 +++ b/tests/data/test380 @@ -48,14 +48,14 @@ machine %HOSTIP login mary password yram # # Verify data after the test has been "shot" - -USER mary -PASS yram -PWD -EPSV -TYPE A -LIST -QUIT + +USER mary +PASS yram +PWD +EPSV +TYPE A +LIST +QUIT diff --git a/tests/data/test381 b/tests/data/test381 index 41b9eb779c..9ec9b5a89b 100644 --- a/tests/data/test381 +++ b/tests/data/test381 @@ -52,14 +52,14 @@ machine %HOSTIP login mary password yram # # Verify data after the test has been "shot" - -USER mary -PASS drfrank -PWD -EPSV -TYPE A -LIST -QUIT + +USER mary +PASS drfrank +PWD +EPSV +TYPE A +LIST +QUIT diff --git a/tests/data/test383 b/tests/data/test383 index 2094460db3..2f4191ad8d 100644 --- a/tests/data/test383 +++ b/tests/data/test383 @@ -42,14 +42,14 @@ HTTP with --json # # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Content-Type: application/json -Accept: application/json -Content-Length: 21 - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Content-Type: application/json +Accept: application/json +Content-Length: 21 + { "drink": "coffee" } diff --git a/tests/data/test385 b/tests/data/test385 index c28a9f08f6..fbcebc7ab4 100644 --- a/tests/data/test385 +++ b/tests/data/test385 @@ -42,14 +42,14 @@ HTTP with --json x 2 # # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Content-Type: drinks/hot -Accept: application/json -Content-Length: 41 - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Content-Type: drinks/hot +Accept: application/json +Content-Length: 41 + { "drink": "coffee", "crunch": "cookie" } diff --git a/tests/data/test386 b/tests/data/test386 index c49d75b2aa..c267ef62ae 100644 --- a/tests/data/test386 +++ b/tests/data/test386 @@ -56,19 +56,19 @@ HTTP with --json + --next # # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Content-Type: application/json -Accept: application/json -Content-Length: 21 - -{ "drink": "coffee" }GET /%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Content-Type: application/json +Accept: application/json +Content-Length: 21 + +{ "drink": "coffee" }GET /%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test387 b/tests/data/test387 index a6d2ab03fc..b07096263e 100644 --- a/tests/data/test387 +++ b/tests/data/test387 @@ -38,14 +38,14 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -sS --tr-encoding # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -TE: gzip -Connection: TE - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +TE: gzip +Connection: TE + # CURLE_BAD_CONTENT_ENCODING is 61 diff --git a/tests/data/test389 b/tests/data/test389 index a38d70eef6..069515ac80 100644 --- a/tests/data/test389 +++ b/tests/data/test389 @@ -46,12 +46,12 @@ local-http # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: curlmachine.localhost:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: curlmachine.localhost:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test391 b/tests/data/test391 index 279c562de3..55d5405502 100644 --- a/tests/data/test391 +++ b/tests/data/test391 @@ -56,17 +56,17 @@ http://%HOSTIP:%HTTPPORT/../../%TESTNUMBER --path-as-is -L # # Verify data after the test has been "shot" - -GET /../../%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /../../%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test392 b/tests/data/test392 index a9f756d948..be0a526400 100644 --- a/tests/data/test392 +++ b/tests/data/test392 @@ -45,18 +45,18 @@ local-http # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: localhost:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: localhost:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Cookie: foobar=name - + +GET /%TESTNUMBER HTTP/1.1 +Host: localhost:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: localhost:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Cookie: foobar=name + diff --git a/tests/data/test393 b/tests/data/test393 index a9cad70792..11f273a6c7 100644 --- a/tests/data/test393 +++ b/tests/data/test393 @@ -47,12 +47,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --max-filesize 2000000 63 - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test394 b/tests/data/test394 index 3533447f57..5f797d9794 100644 --- a/tests/data/test394 +++ b/tests/data/test394 @@ -46,12 +46,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER 8 - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test395 b/tests/data/test395 index 8dbd4e964d..e3626eb82b 100644 --- a/tests/data/test395 +++ b/tests/data/test395 @@ -42,12 +42,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test396 b/tests/data/test396 index f5606dde77..4e57778cf1 100644 --- a/tests/data/test396 +++ b/tests/data/test396 @@ -171,13 +171,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --compressed s/^Accept-Encoding: [a-zA-Z, ]*/Accept-Encoding: xxx/ - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Accept-Encoding: xxx - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Accept-Encoding: xxx + diff --git a/tests/data/test397 b/tests/data/test397 index f05fe21970..40f1495fc5 100644 --- a/tests/data/test397 +++ b/tests/data/test397 @@ -61,13 +61,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --compressed s/^Accept-Encoding: [a-zA-Z, ]*/Accept-Encoding: xxx/ - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Accept-Encoding: xxx - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Accept-Encoding: xxx + diff --git a/tests/data/test398 b/tests/data/test398 index eab125272c..6b52e0e558 100644 --- a/tests/data/test398 +++ b/tests/data/test398 @@ -46,12 +46,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + 8 diff --git a/tests/data/test4 b/tests/data/test4 index 58e1650b07..06012cca86 100644 --- a/tests/data/test4 +++ b/tests/data/test4 @@ -37,25 +37,25 @@ Replaced internal and added custom HTTP headers # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -extra-header: here -Accept: replaced -X-Custom-Header: -X-Test: foo; -X-Test2: foo; - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -extra-header: here -Accept: replaced -X-Custom-Header: -X-Test: foo; -X-Test2: foo; - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +extra-header: here +Accept: replaced +X-Custom-Header: +X-Test: foo; +X-Test2: foo; + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +extra-header: here +Accept: replaced +X-Custom-Header: +X-Test: foo; +X-Test2: foo; + diff --git a/tests/data/test40 b/tests/data/test40 index 16e9426c86..5d8d8c1e45 100644 --- a/tests/data/test40 +++ b/tests/data/test40 @@ -56,17 +56,17 @@ http://%HOSTIP:%HTTPPORT/we/are/all/twits/%TESTNUMBER -L # # Verify data after the test has been "shot" - -GET /we/are/all/twits/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /we/are/all/moo.html/?name=d+a+niel&testcase=/%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /we/are/all/twits/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /we/are/all/moo.html/?name=d+a+niel&testcase=/%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test400 b/tests/data/test400 index 47fdd49e3e..32f85f856e 100644 --- a/tests/data/test400 +++ b/tests/data/test400 @@ -45,16 +45,16 @@ FTPS dir list PASV unencrypted data # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PBSZ 0 -PROT C -PWD -EPSV -TYPE A -LIST -QUIT + +USER anonymous +PASS ftp@example.com +PBSZ 0 +PROT C +PWD +EPSV +TYPE A +LIST +QUIT diff --git a/tests/data/test4000 b/tests/data/test4000 index 0f9e0d528f..49382c9363 100644 --- a/tests/data/test4000 +++ b/tests/data/test4000 @@ -40,12 +40,12 @@ HTTPS GET with ECH GREASE # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPSPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPSPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test401 b/tests/data/test401 index 8ff16a5c0d..27752cd8d9 100644 --- a/tests/data/test401 +++ b/tests/data/test401 @@ -42,16 +42,16 @@ that FTPS works so does it? - -USER anonymous -PASS ftp@example.com -PBSZ 0 -PROT C -PWD -EPSV -TYPE I -STOR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PBSZ 0 +PROT C +PWD +EPSV +TYPE I +STOR %TESTNUMBER +QUIT diff --git a/tests/data/test402 b/tests/data/test402 index a62267dd15..a038efd3c8 100644 --- a/tests/data/test402 +++ b/tests/data/test402 @@ -28,9 +28,9 @@ FTP SSL required on non-SSL server 64 - -AUTH SSL -AUTH TLS + +AUTH SSL +AUTH TLS diff --git a/tests/data/test403 b/tests/data/test403 index f451bf8f43..20609c2d13 100644 --- a/tests/data/test403 +++ b/tests/data/test403 @@ -47,17 +47,17 @@ FTPS with CCC not supported by server # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PBSZ 0 -PROT C -CCC -PWD -EPSV -TYPE A -LIST -QUIT + +USER anonymous +PASS ftp@example.com +PBSZ 0 +PROT C +CCC +PWD +EPSV +TYPE A +LIST +QUIT diff --git a/tests/data/test406 b/tests/data/test406 index 9cd5047d85..0e1b70ebfc 100644 --- a/tests/data/test406 +++ b/tests/data/test406 @@ -50,16 +50,16 @@ FTPS dir list, PORT with specified IP ^PORT \d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3} ^EPRT \|1\|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\|\d{1,5}\| - -USER anonymous -PASS ftp@example.com -PBSZ 0 -PROT C -PWD -PORT 127,0,0,1,243,212 -TYPE A -LIST -QUIT + +USER anonymous +PASS ftp@example.com +PBSZ 0 +PROT C +PWD +PORT 127,0,0,1,243,212 +TYPE A +LIST +QUIT diff --git a/tests/data/test407 b/tests/data/test407 index 33a07cd126..edbd188c6e 100644 --- a/tests/data/test407 +++ b/tests/data/test407 @@ -39,22 +39,22 @@ data blobb # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PBSZ 0 -PROT C -PWD -CWD a -CWD path -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -EPSV -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PBSZ 0 +PROT C +PWD +CWD a +CWD path +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +EPSV +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test408 b/tests/data/test408 index 13c9c51179..e60c771617 100644 --- a/tests/data/test408 +++ b/tests/data/test408 @@ -40,19 +40,19 @@ Moooooooooooo ^PORT \d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3} ^EPRT \|1\|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\|\d{1,5}\| - -USER anonymous -PASS ftp@example.com -PBSZ 0 -PROT C -PWD -CWD CWD -CWD STOR -CWD RETR -PORT 127,0,0,1,5,109 -TYPE I -STOR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PBSZ 0 +PROT C +PWD +CWD CWD +CWD STOR +CWD RETR +PORT 127,0,0,1,5,109 +TYPE I +STOR %TESTNUMBER +QUIT Moooooooooooo diff --git a/tests/data/test409 b/tests/data/test409 index f7a014248c..872261b28f 100644 --- a/tests/data/test409 +++ b/tests/data/test409 @@ -42,16 +42,16 @@ that FTP works so does it? - -USER anonymous -PASS ftp@example.com -PBSZ 0 -PROT C -PWD -EPSV -TYPE I -STOR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PBSZ 0 +PROT C +PWD +EPSV +TYPE I +STOR %TESTNUMBER +QUIT diff --git a/tests/data/test410 b/tests/data/test410 index f947fcdc1d..85885a4d89 100644 --- a/tests/data/test410 +++ b/tests/data/test410 @@ -43,13 +43,13 @@ Long: %repeat[3500 x header content]% # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPSPORT -User-Agent: curl/%VERSION -Accept: */* -Long: %repeat[3500 x header content]% - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPSPORT +User-Agent: curl/%VERSION +Accept: */* +Long: %repeat[3500 x header content]% + diff --git a/tests/data/test412 b/tests/data/test412 index 4c90c98ec1..3a6c183603 100644 --- a/tests/data/test412 +++ b/tests/data/test412 @@ -52,13 +52,13 @@ h1 whohoo 12345 h1 %HOSTIP %HTTPPORT "20290222 22:19:28" 0 0 # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: whohoo.:12345 -User-Agent: curl/%VERSION -Accept: */* -Alt-Used: %HOSTIP:%HTTPPORT - + +GET /%TESTNUMBER HTTP/1.1 +Host: whohoo.:12345 +User-Agent: curl/%VERSION +Accept: */* +Alt-Used: %HOSTIP:%HTTPPORT + diff --git a/tests/data/test413 b/tests/data/test413 index 913a444d9f..392dbc16f0 100644 --- a/tests/data/test413 +++ b/tests/data/test413 @@ -52,13 +52,13 @@ h1 whohoo. 12345 h1 %HOSTIP %HTTPPORT "20290222 22:19:28" 0 0 # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: whohoo:12345 -User-Agent: curl/%VERSION -Accept: */* -Alt-Used: %HOSTIP:%HTTPPORT - + +GET /%TESTNUMBER HTTP/1.1 +Host: whohoo:12345 +User-Agent: curl/%VERSION +Accept: */* +Alt-Used: %HOSTIP:%HTTPPORT + diff --git a/tests/data/test414 b/tests/data/test414 index 8a697ae125..7e84a8c939 100644 --- a/tests/data/test414 +++ b/tests/data/test414 @@ -62,23 +62,23 @@ https://attack.invalid:%HTTPSPORT/a/b/%TESTNUMBER --insecure -c %LOGDIR/cookie%T # # Verify data after the test has been "shot" - -GET /a/b/%TESTNUMBER HTTP/1.1 -Host: attack.invalid:%HTTPSPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /a/b/%TESTNUMBER0002 HTTP/1.1 -Host: attack.invalid:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /a/b/%TESTNUMBER0003 HTTP/1.1 -Host: attack.invalid:%HTTPSPORT -User-Agent: curl/%VERSION -Accept: */* -Cookie: SESSIONID=originaltoken; second=originaltoken - + +GET /a/b/%TESTNUMBER HTTP/1.1 +Host: attack.invalid:%HTTPSPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /a/b/%TESTNUMBER0002 HTTP/1.1 +Host: attack.invalid:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /a/b/%TESTNUMBER0003 HTTP/1.1 +Host: attack.invalid:%HTTPSPORT +User-Agent: curl/%VERSION +Accept: */* +Cookie: SESSIONID=originaltoken; second=originaltoken + diff --git a/tests/data/test415 b/tests/data/test415 index f0cecd267f..0692dc54c9 100644 --- a/tests/data/test415 +++ b/tests/data/test415 @@ -41,12 +41,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # built-in curl returns weird_server_reply diff --git a/tests/data/test416 b/tests/data/test416 index b6b10b3df2..50397a2052 100644 --- a/tests/data/test416 +++ b/tests/data/test416 @@ -38,14 +38,14 @@ FTP growing file support # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test417 b/tests/data/test417 index 5ac1755542..c8f5997b67 100644 --- a/tests/data/test417 +++ b/tests/data/test417 @@ -38,12 +38,12 @@ https - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPSPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPSPORT +User-Agent: curl/%VERSION +Accept: */* + s/^(.*):(.*)[\r\n]*// diff --git a/tests/data/test42 b/tests/data/test42 index 85a4c88c65..36263e2987 100644 --- a/tests/data/test42 +++ b/tests/data/test42 @@ -56,17 +56,17 @@ http://%HOSTIP:%HTTPPORT/we/are/all/twits/%TESTNUMBER -L # # Verify data after the test has been "shot" - -GET /we/are/all/twits/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /we/are/all/m%20o%20o.html/%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /we/are/all/twits/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /we/are/all/m%20o%20o.html/%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test43 b/tests/data/test43 index 1c36f1c60c..57e22eba0f 100644 --- a/tests/data/test43 +++ b/tests/data/test43 @@ -63,19 +63,19 @@ proxy # Verify data after the test has been "shot" - -GET http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://%HOSTIP:%HTTPPORT/want/data/%TESTNUMBER0002.txt?coolsite=yes HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://%HOSTIP:%HTTPPORT/want/data/%TESTNUMBER0002.txt?coolsite=yes HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test430 b/tests/data/test430 index 377c2d48b9..fb68dcf3f7 100644 --- a/tests/data/test430 +++ b/tests/data/test430 @@ -70,31 +70,31 @@ Three -K uses with --next and --data in each # # Verify data after the test has been "shot" - -POST /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -a: a -Content-Length: 1 -Content-Type: application/x-www-form-urlencoded - -aPOST /%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -b: b -Content-Length: 1 -Content-Type: application/x-www-form-urlencoded - -bPOST /%TESTNUMBER0003 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -c: c -Content-Length: 1 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +a: a +Content-Length: 1 +Content-Type: application/x-www-form-urlencoded + +aPOST /%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +b: b +Content-Length: 1 +Content-Type: application/x-www-form-urlencoded + +bPOST /%TESTNUMBER0003 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +c: c +Content-Length: 1 +Content-Type: application/x-www-form-urlencoded + c diff --git a/tests/data/test431 b/tests/data/test431 index 9622d64e1d..54bf7ae6ec 100644 --- a/tests/data/test431 +++ b/tests/data/test431 @@ -64,31 +64,31 @@ Two -K uses with --next and then one on cmdline # # Verify data after the test has been "shot" - -POST /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -a: a -Content-Length: 1 -Content-Type: application/x-www-form-urlencoded - -aPOST /%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -b: b -Content-Length: 1 -Content-Type: application/x-www-form-urlencoded - -bPOST /%TESTNUMBER0003 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -c: c -Content-Length: 1 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +a: a +Content-Length: 1 +Content-Type: application/x-www-form-urlencoded + +aPOST /%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +b: b +Content-Length: 1 +Content-Type: application/x-www-form-urlencoded + +bPOST /%TESTNUMBER0003 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +c: c +Content-Length: 1 +Content-Type: application/x-www-form-urlencoded + c diff --git a/tests/data/test432 b/tests/data/test432 index 02a46111d3..5b0066f7d3 100644 --- a/tests/data/test432 +++ b/tests/data/test432 @@ -69,31 +69,31 @@ Use -K with --next and --config from within # # Verify data after the test has been "shot" - -POST /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -a: a -Content-Length: 1 -Content-Type: application/x-www-form-urlencoded - -aPOST /%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -b: b -Content-Length: 1 -Content-Type: application/x-www-form-urlencoded - -bPOST /%TESTNUMBER0003 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -c: c -Content-Length: 1 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +a: a +Content-Length: 1 +Content-Type: application/x-www-form-urlencoded + +aPOST /%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +b: b +Content-Length: 1 +Content-Type: application/x-www-form-urlencoded + +bPOST /%TESTNUMBER0003 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +c: c +Content-Length: 1 +Content-Type: application/x-www-form-urlencoded + c diff --git a/tests/data/test433 b/tests/data/test433 index d063c43161..4d91fdce6b 100644 --- a/tests/data/test433 +++ b/tests/data/test433 @@ -44,15 +44,15 @@ Verify XDG_CONFIG_HOME use to find curlrc # # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -a: a -Content-Length: 11 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +a: a +Content-Length: 11 +Content-Type: application/x-www-form-urlencoded + curlrc read diff --git a/tests/data/test434 b/tests/data/test434 index 63d8ce7c6e..274380dfa6 100644 --- a/tests/data/test434 +++ b/tests/data/test434 @@ -35,12 +35,12 @@ http # - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test435 b/tests/data/test435 index 4d13ebb81e..d5cdfbbbd7 100644 --- a/tests/data/test435 +++ b/tests/data/test435 @@ -33,17 +33,17 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w 'lo # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # replace the number with a fixed string since the port number is not diff --git a/tests/data/test436 b/tests/data/test436 index dfd39f2b39..4371c84d48 100644 --- a/tests/data/test436 +++ b/tests/data/test436 @@ -44,15 +44,15 @@ Find .curlrc in .config/curlrc via CURL_HOME # # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -a: a -Content-Length: 11 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +a: a +Content-Length: 11 +Content-Type: application/x-www-form-urlencoded + curlrc read diff --git a/tests/data/test437 b/tests/data/test437 index 1322fb0594..7611be8257 100644 --- a/tests/data/test437 +++ b/tests/data/test437 @@ -48,12 +48,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --alt-svc "%LOGDIR/altsvc-%TESTNUMBER" # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # strip out the (dynamic) expire date from the file so that the rest diff --git a/tests/data/test440 b/tests/data/test440 index 7da9a8bd3c..238e3b3f4d 100644 --- a/tests/data/test440 +++ b/tests/data/test440 @@ -52,12 +52,12 @@ test-duphandle # we let it CONNECT to the server to confirm HSTS but deny from there - -CONNECT this.hsts.example.:443 HTTP/1.1 -Host: this.hsts.example.:443 -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - + +CONNECT this.hsts.example.:443 HTTP/1.1 +Host: this.hsts.example.:443 +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + HTTP/1.1 403 not OK at all diff --git a/tests/data/test441 b/tests/data/test441 index 02aca4d0e0..2cdd9f318c 100644 --- a/tests/data/test441 +++ b/tests/data/test441 @@ -51,12 +51,12 @@ test-duphandle # we let it CONNECT to the server to confirm HSTS but deny from there - -CONNECT this.hsts.example:443 HTTP/1.1 -Host: this.hsts.example:443 -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - + +CONNECT this.hsts.example:443 HTTP/1.1 +Host: this.hsts.example:443 +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + HTTP/1.1 403 not OK at all diff --git a/tests/data/test442 b/tests/data/test442 index fb881d3b67..1f29ad3bc6 100644 --- a/tests/data/test442 +++ b/tests/data/test442 @@ -201,13 +201,13 @@ cookies # # Verify data after the test has been "shot" - -GET /a/b/%TESTNUMBER HTTP/1.1 -Host: attack.invalid:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Cookie: name150=could-be-large-150; name149=could-be-large-149; name148=could-be-large-148; name147=could-be-large-147; name146=could-be-large-146; name145=could-be-large-145; name144=could-be-large-144; name143=could-be-large-143; name142=could-be-large-142; name141=could-be-large-141; name140=could-be-large-140; name139=could-be-large-139; name138=could-be-large-138; name137=could-be-large-137; name136=could-be-large-136; name135=could-be-large-135; name134=could-be-large-134; name133=could-be-large-133; name132=could-be-large-132; name131=could-be-large-131; name130=could-be-large-130; name129=could-be-large-129; name128=could-be-large-128; name127=could-be-large-127; name126=could-be-large-126; name125=could-be-large-125; name124=could-be-large-124; name123=could-be-large-123; name122=could-be-large-122; name121=could-be-large-121; name120=could-be-large-120; name119=could-be-large-119; name118=could-be-large-118; name117=could-be-large-117; name116=could-be-large-116; name115=could-be-large-115; name114=could-be-large-114; name113=could-be-large-113; name112=could-be-large-112; name111=could-be-large-111; name110=could-be-large-110; name109=could-be-large-109; name108=could-be-large-108; name107=could-be-large-107; name106=could-be-large-106; name105=could-be-large-105; name104=could-be-large-104; name103=could-be-large-103; name102=could-be-large-102; name101=could-be-large-101; name100=could-be-large-100; name99=could-be-large-99; name98=could-be-large-98; name97=could-be-large-97; name96=could-be-large-96; name95=could-be-large-95; name94=could-be-large-94; name93=could-be-large-93; name92=could-be-large-92; name91=could-be-large-91; name90=could-be-large-90; name89=could-be-large-89; name88=could-be-large-88; name87=could-be-large-87; name86=could-be-large-86; name85=could-be-large-85; name84=could-be-large-84; name83=could-be-large-83; name82=could-be-large-82; name81=could-be-large-81; name80=could-be-large-80; name79=could-be-large-79; name78=could-be-large-78; name77=could-be-large-77; name76=could-be-large-76; name75=could-be-large-75; name74=could-be-large-74; name73=could-be-large-73; name72=could-be-large-72; name71=could-be-large-71; name70=could-be-large-70; name69=could-be-large-69; name68=could-be-large-68; name67=could-be-large-67; name66=could-be-large-66; name65=could-be-large-65; name64=could-be-large-64; name63=could-be-large-63; name62=could-be-large-62; name61=could-be-large-61; name60=could-be-large-60; name59=could-be-large-59; name58=could-be-large-58; name57=could-be-large-57; name56=could-be-large-56; name55=could-be-large-55; name54=could-be-large-54; name53=could-be-large-53; name52=could-be-large-52; name51=could-be-large-51; name50=could-be-large-50; name49=could-be-large-49; name48=could-be-large-48; name47=could-be-large-47; name46=could-be-large-46; name45=could-be-large-45; name44=could-be-large-44; name43=could-be-large-43; name42=could-be-large-42; name41=could-be-large-41; name40=could-be-large-40; name39=could-be-large-39; name38=could-be-large-38; name37=could-be-large-37; name36=could-be-large-36; name35=could-be-large-35; name34=could-be-large-34; name33=could-be-large-33; name32=could-be-large-32; name31=could-be-large-31; name30=could-be-large-30; name29=could-be-large-29; name28=could-be-large-28; name27=could-be-large-27; name26=could-be-large-26; name25=could-be-large-25; name24=could-be-large-24; name23=could-be-large-23; name22=could-be-large-22; name21=could-be-large-21; name20=could-be-large-20; name19=could-be-large-19; name18=could-be-large-18; name17=could-be-large-17; name16=could-be-large-16; name15=could-be-large-15; name14=could-be-large-14; name13=could-be-large-13; name12=could-be-large-12; name11=could-be-large-11; name10=could-be-large-10; name9=could-be-large-9; name8=could-be-large-8; name7=could-be-large-7; name6=could-be-large-6; name5=could-be-large-5; name4=could-be-large-4; name3=could-be-large-3; name2=could-be-large-2; name1=could-be-large-1 - + +GET /a/b/%TESTNUMBER HTTP/1.1 +Host: attack.invalid:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Cookie: name150=could-be-large-150; name149=could-be-large-149; name148=could-be-large-148; name147=could-be-large-147; name146=could-be-large-146; name145=could-be-large-145; name144=could-be-large-144; name143=could-be-large-143; name142=could-be-large-142; name141=could-be-large-141; name140=could-be-large-140; name139=could-be-large-139; name138=could-be-large-138; name137=could-be-large-137; name136=could-be-large-136; name135=could-be-large-135; name134=could-be-large-134; name133=could-be-large-133; name132=could-be-large-132; name131=could-be-large-131; name130=could-be-large-130; name129=could-be-large-129; name128=could-be-large-128; name127=could-be-large-127; name126=could-be-large-126; name125=could-be-large-125; name124=could-be-large-124; name123=could-be-large-123; name122=could-be-large-122; name121=could-be-large-121; name120=could-be-large-120; name119=could-be-large-119; name118=could-be-large-118; name117=could-be-large-117; name116=could-be-large-116; name115=could-be-large-115; name114=could-be-large-114; name113=could-be-large-113; name112=could-be-large-112; name111=could-be-large-111; name110=could-be-large-110; name109=could-be-large-109; name108=could-be-large-108; name107=could-be-large-107; name106=could-be-large-106; name105=could-be-large-105; name104=could-be-large-104; name103=could-be-large-103; name102=could-be-large-102; name101=could-be-large-101; name100=could-be-large-100; name99=could-be-large-99; name98=could-be-large-98; name97=could-be-large-97; name96=could-be-large-96; name95=could-be-large-95; name94=could-be-large-94; name93=could-be-large-93; name92=could-be-large-92; name91=could-be-large-91; name90=could-be-large-90; name89=could-be-large-89; name88=could-be-large-88; name87=could-be-large-87; name86=could-be-large-86; name85=could-be-large-85; name84=could-be-large-84; name83=could-be-large-83; name82=could-be-large-82; name81=could-be-large-81; name80=could-be-large-80; name79=could-be-large-79; name78=could-be-large-78; name77=could-be-large-77; name76=could-be-large-76; name75=could-be-large-75; name74=could-be-large-74; name73=could-be-large-73; name72=could-be-large-72; name71=could-be-large-71; name70=could-be-large-70; name69=could-be-large-69; name68=could-be-large-68; name67=could-be-large-67; name66=could-be-large-66; name65=could-be-large-65; name64=could-be-large-64; name63=could-be-large-63; name62=could-be-large-62; name61=could-be-large-61; name60=could-be-large-60; name59=could-be-large-59; name58=could-be-large-58; name57=could-be-large-57; name56=could-be-large-56; name55=could-be-large-55; name54=could-be-large-54; name53=could-be-large-53; name52=could-be-large-52; name51=could-be-large-51; name50=could-be-large-50; name49=could-be-large-49; name48=could-be-large-48; name47=could-be-large-47; name46=could-be-large-46; name45=could-be-large-45; name44=could-be-large-44; name43=could-be-large-43; name42=could-be-large-42; name41=could-be-large-41; name40=could-be-large-40; name39=could-be-large-39; name38=could-be-large-38; name37=could-be-large-37; name36=could-be-large-36; name35=could-be-large-35; name34=could-be-large-34; name33=could-be-large-33; name32=could-be-large-32; name31=could-be-large-31; name30=could-be-large-30; name29=could-be-large-29; name28=could-be-large-28; name27=could-be-large-27; name26=could-be-large-26; name25=could-be-large-25; name24=could-be-large-24; name23=could-be-large-23; name22=could-be-large-22; name21=could-be-large-21; name20=could-be-large-20; name19=could-be-large-19; name18=could-be-large-18; name17=could-be-large-17; name16=could-be-large-16; name15=could-be-large-15; name14=could-be-large-14; name13=could-be-large-13; name12=could-be-large-12; name11=could-be-large-11; name10=could-be-large-10; name9=could-be-large-9; name8=could-be-large-8; name7=could-be-large-7; name6=could-be-large-6; name5=could-be-large-5; name4=could-be-large-4; name3=could-be-large-3; name2=could-be-large-2; name1=could-be-large-1 + Allocations: 1100 diff --git a/tests/data/test443 b/tests/data/test443 index cbc8685ac2..ae9218325a 100644 --- a/tests/data/test443 +++ b/tests/data/test443 @@ -70,13 +70,13 @@ cookies # # Verify data after the test has been "shot" - -GET /a/b/%TESTNUMBER HTTP/1.1 -Host: attack.invalid:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Cookie: huge-20=%repeat[500 x a]%-20; huge-19=%repeat[500 x a]%-19; huge-18=%repeat[500 x a]%-18; huge-17=%repeat[500 x a]%-17; huge-16=%repeat[500 x a]%-16; huge-15=%repeat[500 x a]%-15; huge-14=%repeat[500 x a]%-14; huge-13=%repeat[500 x a]%-13; huge-12=%repeat[500 x a]%-12; huge-11=%repeat[500 x a]%-11; huge-10=%repeat[500 x a]%-10; huge-9=%repeat[500 x a]%-9; huge-8=%repeat[500 x a]%-8; huge-7=%repeat[500 x a]%-7; huge-6=%repeat[500 x a]%-6 - + +GET /a/b/%TESTNUMBER HTTP/1.1 +Host: attack.invalid:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Cookie: huge-20=%repeat[500 x a]%-20; huge-19=%repeat[500 x a]%-19; huge-18=%repeat[500 x a]%-18; huge-17=%repeat[500 x a]%-17; huge-16=%repeat[500 x a]%-16; huge-15=%repeat[500 x a]%-15; huge-14=%repeat[500 x a]%-14; huge-13=%repeat[500 x a]%-13; huge-12=%repeat[500 x a]%-12; huge-11=%repeat[500 x a]%-11; huge-10=%repeat[500 x a]%-10; huge-9=%repeat[500 x a]%-9; huge-8=%repeat[500 x a]%-8; huge-7=%repeat[500 x a]%-7; huge-6=%repeat[500 x a]%-6 + diff --git a/tests/data/test444 b/tests/data/test444 index 8df990280a..a9759c73b0 100644 --- a/tests/data/test444 +++ b/tests/data/test444 @@ -126,12 +126,12 @@ cookies # # Verify data after the test has been "shot" - -GET /a/b/%TESTNUMBER HTTP/1.1 -Host: attack.invalid:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /a/b/%TESTNUMBER HTTP/1.1 +Host: attack.invalid:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # Netscape HTTP Cookie File diff --git a/tests/data/test45 b/tests/data/test45 index e7c3b65926..254c3afe97 100644 --- a/tests/data/test45 +++ b/tests/data/test45 @@ -59,17 +59,17 @@ simple HTTP Location: without protocol in initial URL # Verify data after the test has been "shot" - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /want/data.cgi?moo=http://&/%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /want/data.cgi?moo=http://&/%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test457 b/tests/data/test457 index aa391d7fd0..79175fcd4c 100644 --- a/tests/data/test457 +++ b/tests/data/test457 @@ -53,12 +53,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --max-filesize 143 # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # curl: (63) Exceeded the maximum allowed file size (143) diff --git a/tests/data/test46 b/tests/data/test46 index cb4bc518dc..30d88b973d 100644 --- a/tests/data/test46 +++ b/tests/data/test46 @@ -74,13 +74,13 @@ cookies # Verify data after the test has been "shot" - -GET /want/%TESTNUMBER HTTP/1.1 -Host: domain..tld:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Cookie: empty=; mooo2=indeed2; mooo=indeed - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: domain..tld:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Cookie: empty=; mooo2=indeed2; mooo=indeed + # Netscape HTTP Cookie File diff --git a/tests/data/test47 b/tests/data/test47 index 42086999b4..addde5c391 100644 --- a/tests/data/test47 +++ b/tests/data/test47 @@ -35,12 +35,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -0 # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.0 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.0 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test471 b/tests/data/test471 index 4a08fed278..02e273ca3b 100644 --- a/tests/data/test471 +++ b/tests/data/test471 @@ -54,17 +54,17 @@ Reject HTTP/1.1 to HTTP/2 switch on the same connection # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # curl: (1) Version mismatch (from HTTP/1 to HTTP/2) diff --git a/tests/data/test473 b/tests/data/test473 index 874813c4e6..8a1a10a6cd 100644 --- a/tests/data/test473 +++ b/tests/data/test473 @@ -47,12 +47,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --etag-save %LOGDIR/etag%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + W/"asdf" diff --git a/tests/data/test475 b/tests/data/test475 index 32ad8071f5..852dbcb448 100644 --- a/tests/data/test475 +++ b/tests/data/test475 @@ -33,14 +33,14 @@ FTP PASV upload ASCII file %repeat[1750 x a line of text used for verifying this !%0a]% - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE A -STOR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE A +STOR %TESTNUMBER +QUIT diff --git a/tests/data/test476 b/tests/data/test476 index 792488fd17..b53104b116 100644 --- a/tests/data/test476 +++ b/tests/data/test476 @@ -29,14 +29,14 @@ FTP PASV upload ASCII file already using CRLF %repeat[1750 x a line of text used for verifying this !%0a]% - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE A -STOR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE A +STOR %TESTNUMBER +QUIT diff --git a/tests/data/test477 b/tests/data/test477 index 12843918ef..ab0eac0c81 100644 --- a/tests/data/test477 +++ b/tests/data/test477 @@ -51,17 +51,17 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --max-filesize 5 -L # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test478 b/tests/data/test478 index 6558363f50..510eb19696 100644 --- a/tests/data/test478 +++ b/tests/data/test478 @@ -60,14 +60,14 @@ login debbie - -GET http://github.com/ HTTP/1.1 -Host: github.com -Authorization: Basic %b64[debbie:second%0D]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://github.com/ HTTP/1.1 +Host: github.com +Authorization: Basic %b64[debbie:second%0D]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test479 b/tests/data/test479 index d7ce4652fa..0dfa730ad4 100644 --- a/tests/data/test479 +++ b/tests/data/test479 @@ -87,21 +87,21 @@ default - -GET http://a.com/ HTTP/1.1 -Host: a.com -Authorization: Basic %b64[alice:alicespassword]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://b.com/%TESTNUMBER0002 HTTP/1.1 -Host: b.com -Authorization: Basic %b64[bob:]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://a.com/ HTTP/1.1 +Host: a.com +Authorization: Basic %b64[alice:alicespassword]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://b.com/%TESTNUMBER0002 HTTP/1.1 +Host: b.com +Authorization: Basic %b64[bob:]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test483 b/tests/data/test483 index 5d86f467d0..57fd109778 100644 --- a/tests/data/test483 +++ b/tests/data/test483 @@ -12,10 +12,10 @@ cookies HTTP/1.1 200 OK -Set-Cookie: name=value; expires=Fri Feb 13 11:56:27 GMT 2132 -Set-Cookie: name2=value; expires=Fri Feb 13 11:56:27 ; 2132 -Set-Cookie: name3=value; expires=Fri Feb 13 11:56:27 ...................................................GMT 2132 -Set-Cookie: name4=value; expires=Fri Feb 13 11:56:27 ....................................................GMT 2132 +Set-Cookie: name=value; expires=Fri Feb 13 11:56:27 GMT 2132 +Set-Cookie: name2=value; expires=Fri Feb 13 11:56:27 ; 2132 +Set-Cookie: name3=value; expires=Fri Feb 13 11:56:27 ...................................................GMT 2132 +Set-Cookie: name4=value; expires=Fri Feb 13 11:56:27 ....................................................GMT 2132 Accept-Ranges: bytes Content-Length: 6 Connection: close diff --git a/tests/data/test486 b/tests/data/test486 index 53efae597a..0bcd045eb4 100644 --- a/tests/data/test486 +++ b/tests/data/test486 @@ -86,20 +86,20 @@ default - -GET http://a.com/ HTTP/1.1 -Host: a.com -Authorization: Basic %b64[alice:alicespassword]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://b.com/%TESTNUMBER0002 HTTP/1.1 -Host: b.com -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://a.com/ HTTP/1.1 +Host: a.com +Authorization: Basic %b64[alice:alicespassword]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://b.com/%TESTNUMBER0002 HTTP/1.1 +Host: b.com +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test49 b/tests/data/test49 index 996cf018bd..ff2f41b3c1 100644 --- a/tests/data/test49 +++ b/tests/data/test49 @@ -56,17 +56,17 @@ http://%HOSTIP:%HTTPPORT/we/are/all/twits/%TESTNUMBER -L # # Verify data after the test has been "shot" - -GET /we/are/all/twits/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /we/are/all/moo.html/%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /we/are/all/twits/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /we/are/all/moo.html/%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test493 b/tests/data/test493 index d157f0355f..67083721d6 100644 --- a/tests/data/test493 +++ b/tests/data/test493 @@ -50,12 +50,12 @@ test-duphandle # we let it CONNECT to the server to confirm HSTS but deny from there - -CONNECT this.hsts.example:443 HTTP/1.1 -Host: this.hsts.example:443 -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - + +CONNECT this.hsts.example:443 HTTP/1.1 +Host: this.hsts.example:443 +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + HTTP/1.1 403 not OK at all diff --git a/tests/data/test494 b/tests/data/test494 index 648318729d..ed4717a4d5 100644 --- a/tests/data/test494 +++ b/tests/data/test494 @@ -46,15 +46,15 @@ machine %HOSTIP login user1 password passwd1 # # Verify data after the test has been "shot" - -USER user1 -PASS passwd1 -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER user1 +PASS passwd1 +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test495 b/tests/data/test495 index d7313bac3c..60b24b97ee 100644 --- a/tests/data/test495 +++ b/tests/data/test495 @@ -44,13 +44,13 @@ http://foo%40bar:secret@%HOSTIP:%HTTPPORT/%TESTNUMBER --netrc-optional # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[foo@bar:secret]b64% -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[foo@bar:secret]b64% +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test5 b/tests/data/test5 index 8d4078fb77..25d887b496 100644 --- a/tests/data/test5 +++ b/tests/data/test5 @@ -39,13 +39,13 @@ proxy # # Verify data after the test has been "shot" - -GET http://%HOSTIP:%HTTPPORT/we/want/that/page/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://%HOSTIP:%HTTPPORT/we/want/that/page/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test50 b/tests/data/test50 index ce4fd16601..6b8f86a6c7 100644 --- a/tests/data/test50 +++ b/tests/data/test50 @@ -56,17 +56,17 @@ http://%HOSTIP:%HTTPPORT/we/are/all/twits/%TESTNUMBER -L # # Verify data after the test has been "shot" - -GET /we/are/all/twits/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /we/are/moo.html/%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /we/are/all/twits/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /we/are/moo.html/%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test500 b/tests/data/test500 index 7904110c7e..d09cc4fdbd 100644 --- a/tests/data/test500 +++ b/tests/data/test500 @@ -48,11 +48,11 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER %LOGDIR/ip%TESTNUMBER IP %HOSTIP - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + Allocations: 82 diff --git a/tests/data/test505 b/tests/data/test505 index 53a9d47927..d7ecebce18 100644 --- a/tests/data/test505 +++ b/tests/data/test505 @@ -52,16 +52,16 @@ upload works? - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -STOR %TESTNUMBER -RNFR %TESTNUMBER -RNTO %TESTNUMBER-forreal -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +STOR %TESTNUMBER +RNFR %TESTNUMBER +RNTO %TESTNUMBER-forreal +QUIT diff --git a/tests/data/test51 b/tests/data/test51 index 277da000fb..d66df67444 100644 --- a/tests/data/test51 +++ b/tests/data/test51 @@ -56,17 +56,17 @@ http://%HOSTIP:%HTTPPORT/we/are/all/twits/%TESTNUMBER -L # # Verify data after the test has been "shot" - -GET /we/are/all/twits/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /we/are/all/twits/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test510 b/tests/data/test510 index ed16920dd7..7864293100 100644 --- a/tests/data/test510 +++ b/tests/data/test510 @@ -42,24 +42,24 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Transfer-Encoding: chunked -Content-Type: application/x-www-form-urlencoded -Expect: 100-continue - -3 -one -3 -two -5 -three -1d -and a final longer crap: four -0 - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Transfer-Encoding: chunked +Content-Type: application/x-www-form-urlencoded +Expect: 100-continue + +3 +one +3 +two +5 +three +1d +and a final longer crap: four +0 + diff --git a/tests/data/test511 b/tests/data/test511 index adcabe8bda..a07c9e43f8 100644 --- a/tests/data/test511 +++ b/tests/data/test511 @@ -39,14 +39,14 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER 78 - -USER anonymous -PASS ftp@example.com -PWD -MDTM %TESTNUMBER -TYPE I -SIZE %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +MDTM %TESTNUMBER +TYPE I +SIZE %TESTNUMBER +QUIT diff --git a/tests/data/test512 b/tests/data/test512 index 8935a12c77..79e198af18 100644 --- a/tests/data/test512 +++ b/tests/data/test512 @@ -40,11 +40,11 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + diff --git a/tests/data/test514 b/tests/data/test514 index fcf1a07ca3..2f3a01eb5d 100644 --- a/tests/data/test514 +++ b/tests/data/test514 @@ -44,11 +44,11 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -HEAD /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +HEAD /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + diff --git a/tests/data/test515 b/tests/data/test515 index 9bf6131edd..1009900cc9 100644 --- a/tests/data/test515 +++ b/tests/data/test515 @@ -39,13 +39,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Length: 0 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Length: 0 +Content-Type: application/x-www-form-urlencoded + diff --git a/tests/data/test516 b/tests/data/test516 index e8b522c32d..fcadb706bc 100644 --- a/tests/data/test516 +++ b/tests/data/test516 @@ -44,12 +44,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Length: 0 - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Length: 0 + diff --git a/tests/data/test518 b/tests/data/test518 index 2fa7bfb5ca..0e730664cd 100644 --- a/tests/data/test518 +++ b/tests/data/test518 @@ -54,11 +54,11 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + disable diff --git a/tests/data/test519 b/tests/data/test519 index 53f2f19487..2e38372b48 100644 --- a/tests/data/test519 +++ b/tests/data/test519 @@ -62,17 +62,17 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[monster:underbed]b64% -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[anothermonster:inwardrobe]b64% -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[monster:underbed]b64% +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[anothermonster:inwardrobe]b64% +Accept: */* + diff --git a/tests/data/test52 b/tests/data/test52 index e636ed959c..b867966362 100644 --- a/tests/data/test52 +++ b/tests/data/test52 @@ -56,17 +56,17 @@ http://%HOSTIP:%HTTPPORT/we/are/all/twits/%TESTNUMBER -L # # Verify data after the test has been "shot" - -GET /we/are/all/twits/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /we/are/all/twits/%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /we/are/all/twits/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /we/are/all/twits/%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test520 b/tests/data/test520 index 6a27bb3f8e..6709cef01f 100644 --- a/tests/data/test520 +++ b/tests/data/test520 @@ -38,16 +38,16 @@ ftp://%HOSTIP:%FTPPORT/520 # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -MDTM 520 -EPSV -TYPE I -SIZE 520 -RETR 520 -QUIT + +USER anonymous +PASS ftp@example.com +PWD +MDTM 520 +EPSV +TYPE I +SIZE 520 +RETR 520 +QUIT diff --git a/tests/data/test521 b/tests/data/test521 index 90473b33a0..c35c08967e 100644 --- a/tests/data/test521 +++ b/tests/data/test521 @@ -44,15 +44,15 @@ ftp://%HOSTIP/%TESTNUMBER/ %FTPPORT # # Verify data after the test has been "shot" - -USER xxx -PASS yyy -PWD -CWD %TESTNUMBER -EPSV -TYPE A -LIST -QUIT + +USER xxx +PASS yyy +PWD +CWD %TESTNUMBER +EPSV +TYPE A +LIST +QUIT diff --git a/tests/data/test522 b/tests/data/test522 index cc849f47a6..1c4b179686 100644 --- a/tests/data/test522 +++ b/tests/data/test522 @@ -43,12 +43,12 @@ http://%HOSTIP/%TESTNUMBER %HTTPPORT # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[xxx:yyy]b64% -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[xxx:yyy]b64% +Accept: */* + hello diff --git a/tests/data/test523 b/tests/data/test523 index f414bf81d9..fc4b5272e1 100644 --- a/tests/data/test523 +++ b/tests/data/test523 @@ -49,13 +49,13 @@ proxy # # Verify data after the test has been "shot" - -GET http://www.example.com:19999/%TESTNUMBER HTTP/1.1 -Host: www.example.com:19999 -Authorization: Basic %b64[xxx:yyy]b64% -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://www.example.com:19999/%TESTNUMBER HTTP/1.1 +Host: www.example.com:19999 +Authorization: Basic %b64[xxx:yyy]b64% +Accept: */* +Proxy-Connection: Keep-Alive + hello diff --git a/tests/data/test524 b/tests/data/test524 index 3b383003fb..ca365c4722 100644 --- a/tests/data/test524 +++ b/tests/data/test524 @@ -32,10 +32,10 @@ ftp://%HOSTIP:%FTPPORT/path/to/ # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD + +USER anonymous +PASS ftp@example.com +PWD # 3 is CURLE_URL_MALFORMAT diff --git a/tests/data/test525 b/tests/data/test525 index 2b96a7fd96..f22f437e61 100644 --- a/tests/data/test525 +++ b/tests/data/test525 @@ -41,15 +41,15 @@ Moooooooooooo ^PORT \d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3} ^EPRT \|1\|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\|\d{1,5}\| - -USER anonymous -PASS ftp@example.com -PWD -CWD path -PORT 127,0,0,1,5,109 -TYPE I -STOR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +PORT 127,0,0,1,5,109 +TYPE I +STOR %TESTNUMBER +QUIT Moooooooooooo diff --git a/tests/data/test526 b/tests/data/test526 index 85b24d5db9..e8b7c45a54 100644 --- a/tests/data/test526 +++ b/tests/data/test526 @@ -39,25 +39,25 @@ ftp://%HOSTIP:%FTPPORT/path/%TESTNUMBER # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -EPSV -SIZE %TESTNUMBER -RETR %TESTNUMBER -EPSV -SIZE %TESTNUMBER -RETR %TESTNUMBER -EPSV -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +EPSV +SIZE %TESTNUMBER +RETR %TESTNUMBER +EPSV +SIZE %TESTNUMBER +RETR %TESTNUMBER +EPSV +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test527 b/tests/data/test527 index 3cfe7998cc..de764a5449 100644 --- a/tests/data/test527 +++ b/tests/data/test527 @@ -39,25 +39,25 @@ ftp://%HOSTIP:%FTPPORT/path/%TESTNUMBER # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -EPSV -SIZE %TESTNUMBER -RETR %TESTNUMBER -EPSV -SIZE %TESTNUMBER -RETR %TESTNUMBER -EPSV -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +EPSV +SIZE %TESTNUMBER +RETR %TESTNUMBER +EPSV +SIZE %TESTNUMBER +RETR %TESTNUMBER +EPSV +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test528 b/tests/data/test528 index 7cb9e8b114..0889b69980 100644 --- a/tests/data/test528 +++ b/tests/data/test528 @@ -43,23 +43,23 @@ http://%HOSTIP:%HTTPPORT/path/%TESTNUMBER # Verify data after the test has been "shot" - -GET /path/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /path/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /path/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /path/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /path/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /path/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /path/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /path/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + diff --git a/tests/data/test529 b/tests/data/test529 index 1c21c15efe..1626af9ba0 100644 --- a/tests/data/test529 +++ b/tests/data/test529 @@ -41,15 +41,15 @@ Moooooooooooo ^PORT \d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3} ^EPRT \|1\|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\|\d{1,5}\| - -USER anonymous -PASS ftp@example.com -PWD -CWD path -PORT 127,0,0,1,5,109 -TYPE I -STOR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +PORT 127,0,0,1,5,109 +TYPE I +STOR %TESTNUMBER +QUIT Moooooooooooo diff --git a/tests/data/test53 b/tests/data/test53 index 0bbc5d6373..5a018ab492 100644 --- a/tests/data/test53 +++ b/tests/data/test53 @@ -43,13 +43,13 @@ cookies # Verify data after the test has been "shot" - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Cookie: mooo=indeed - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Cookie: mooo=indeed + diff --git a/tests/data/test530 b/tests/data/test530 index 42e27a0d83..32ffbcab5a 100644 --- a/tests/data/test530 +++ b/tests/data/test530 @@ -43,7 +43,5 @@ http://%HOSTIP:%HTTPPORT/file%TESTNUMBER # Verify data after the test has been "shot" - - diff --git a/tests/data/test531 b/tests/data/test531 index 59501d5ead..e018d7d60c 100644 --- a/tests/data/test531 +++ b/tests/data/test531 @@ -44,15 +44,15 @@ don't upload this ^PORT \d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3} ^EPRT \|1\|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\|\d{1,5}\| - -USER anonymous -PASS ftp@example.com -PWD -CWD path -PORT 127,0,0,1,5,109 -TYPE I -STOR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +PORT 127,0,0,1,5,109 +TYPE I +STOR %TESTNUMBER +QUIT diff --git a/tests/data/test532 b/tests/data/test532 index ac97e89b9c..b65d6ead62 100644 --- a/tests/data/test532 +++ b/tests/data/test532 @@ -39,25 +39,25 @@ ftp://%HOSTIP:%FTPPORT/path/%TESTNUMBER # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -EPSV -SIZE %TESTNUMBER -RETR %TESTNUMBER -EPSV -SIZE %TESTNUMBER -RETR %TESTNUMBER -EPSV -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +EPSV +SIZE %TESTNUMBER +RETR %TESTNUMBER +EPSV +SIZE %TESTNUMBER +RETR %TESTNUMBER +EPSV +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test533 b/tests/data/test533 index 1dbceb6dd3..86554ba726 100644 --- a/tests/data/test533 +++ b/tests/data/test533 @@ -37,19 +37,19 @@ ftp://%HOSTIP:%FTPPORT/path/%TESTNUMBER ftp://%HOSTIP:%FTPPORT/path/%TESTNUMBER # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -EPSV -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +EPSV +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test534 b/tests/data/test534 index 0e0f35abdd..aa02dfbb3f 100644 --- a/tests/data/test534 +++ b/tests/data/test534 @@ -38,16 +38,16 @@ ftp://non-existing-host.haxx.se/path/%TESTNUMBER ftp://%HOSTIP:%FTPPORT/path/%TE # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test535 b/tests/data/test535 index aa52197767..50dfcffd49 100644 --- a/tests/data/test535 +++ b/tests/data/test535 @@ -55,15 +55,15 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER http://%HOSTIP:%HTTPPORT/%TESTNUMBER0001 # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + diff --git a/tests/data/test537 b/tests/data/test537 index c227a72cb1..0fa0ef7cd8 100644 --- a/tests/data/test537 +++ b/tests/data/test537 @@ -54,11 +54,11 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + Maximum allocated: 3200000 diff --git a/tests/data/test538 b/tests/data/test538 index e411db88f5..8f7b04f8e4 100644 --- a/tests/data/test538 +++ b/tests/data/test538 @@ -37,9 +37,9 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER 41 - -USER anonymous -PASS ftp@example.com + +USER anonymous +PASS ftp@example.com diff --git a/tests/data/test539 b/tests/data/test539 index 7985a52347..b98fb4b908 100644 --- a/tests/data/test539 +++ b/tests/data/test539 @@ -43,21 +43,21 @@ ftp://%HOSTIP:%FTPPORT/path/to/the/file/%TESTNUMBER ftp://%HOSTIP:%FTPPORT/path/ # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path/to/the/file -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -SYST -CWD / -EPSV -SIZE path/to/the/file/%TESTNUMBER0001 -RETR path/to/the/file/%TESTNUMBER0001 -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path/to/the/file +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +SYST +CWD / +EPSV +SIZE path/to/the/file/%TESTNUMBER0001 +RETR path/to/the/file/%TESTNUMBER0001 +QUIT diff --git a/tests/data/test54 b/tests/data/test54 index 8a463118cc..478e52a32c 100644 --- a/tests/data/test54 +++ b/tests/data/test54 @@ -32,12 +32,12 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -L # Verify data after the test has been "shot" - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test541 b/tests/data/test541 index 787faa3d98..f10ce2dadd 100644 --- a/tests/data/test541 +++ b/tests/data/test541 @@ -43,16 +43,16 @@ works? - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -STOR %TESTNUMBER -EPSV -STOR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +STOR %TESTNUMBER +EPSV +STOR %TESTNUMBER +QUIT diff --git a/tests/data/test542 b/tests/data/test542 index b39b1b30d1..0974f0292c 100644 --- a/tests/data/test542 +++ b/tests/data/test542 @@ -44,14 +44,14 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER # There's no MTDM in the protocol here since this code doesn't ask for the # time/date of the file - -USER anonymous -PASS ftp@example.com -PWD -TYPE I -SIZE %TESTNUMBER -REST 0 -QUIT + +USER anonymous +PASS ftp@example.com +PWD +TYPE I +SIZE %TESTNUMBER +REST 0 +QUIT diff --git a/tests/data/test546 b/tests/data/test546 index f8f01641a0..5fb7c0c096 100644 --- a/tests/data/test546 +++ b/tests/data/test546 @@ -44,19 +44,19 @@ ftp://%HOSTIP:%FTPPORT/path/%TESTNUMBER ftp://%HOSTIP:%FTPPORT/path/%TESTNUMBER # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -EPSV -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +EPSV +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT data diff --git a/tests/data/test549 b/tests/data/test549 index 95b2def5cf..070bfcdfd3 100644 --- a/tests/data/test549 +++ b/tests/data/test549 @@ -49,12 +49,12 @@ ftp://www.example.com/moo/%TESTNUMBER http://%HOSTIP:%HTTPPORT # # Verify data after the test has been "shot" - -GET ftp://www.example.com/moo/%TESTNUMBER;type=i HTTP/1.1 -Host: www.example.com:21 -Accept: */* -Proxy-Connection: Keep-Alive - + +GET ftp://www.example.com/moo/%TESTNUMBER;type=i HTTP/1.1 +Host: www.example.com:21 +Accept: */* +Proxy-Connection: Keep-Alive + hello diff --git a/tests/data/test55 b/tests/data/test55 index ea014f4aae..dd8a9d4f6b 100644 --- a/tests/data/test55 +++ b/tests/data/test55 @@ -48,17 +48,17 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -L - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test550 b/tests/data/test550 index a4ee2b49b2..e0d0b1b16f 100644 --- a/tests/data/test550 +++ b/tests/data/test550 @@ -49,12 +49,12 @@ ftp://www.example.com/moo/%TESTNUMBER http://%HOSTIP:%HTTPPORT ascii # # Verify data after the test has been "shot" - -GET ftp://www.example.com/moo/%TESTNUMBER;type=a HTTP/1.1 -Host: www.example.com:21 -Accept: */* -Proxy-Connection: Keep-Alive - + +GET ftp://www.example.com/moo/%TESTNUMBER;type=a HTTP/1.1 +Host: www.example.com:21 +Accept: */* +Proxy-Connection: Keep-Alive + hello diff --git a/tests/data/test556 b/tests/data/test556 index e531f012ea..d8abd14988 100644 --- a/tests/data/test556 +++ b/tests/data/test556 @@ -38,10 +38,10 @@ http://%HOSTIP:%HTTPPORT # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: ninja - + +GET /%TESTNUMBER HTTP/1.1 +Host: ninja + diff --git a/tests/data/test56 b/tests/data/test56 index 32590f27c7..5ced385bb0 100644 --- a/tests/data/test56 +++ b/tests/data/test56 @@ -44,18 +44,18 @@ header "Transfer-Encoding: chunked" # Verify data after the test has been "shot" - -POST /that.site.com/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: %repeat[99999 x a]% -Accept: */* -Transfer-Encoding: chunked -Content-Type: application/x-www-form-urlencoded - -c -we post this -0 - + +POST /that.site.com/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: %repeat[99999 x a]% +Accept: */* +Transfer-Encoding: chunked +Content-Type: application/x-www-form-urlencoded + +c +we post this +0 + diff --git a/tests/data/test560 b/tests/data/test560 index 30641a1668..cdcf674f8f 100644 --- a/tests/data/test560 +++ b/tests/data/test560 @@ -43,11 +43,11 @@ https://%HOSTIP:%HTTPSPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPSPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPSPORT +Accept: */* + diff --git a/tests/data/test561 b/tests/data/test561 index 09e381745c..5bd07e49d1 100644 --- a/tests/data/test561 +++ b/tests/data/test561 @@ -50,12 +50,12 @@ FTP RETR with CURLOPT_PROXY_TRANSFER_MODE, ASCII transfer and type=i # # Verify data after the test has been "shot" - -GET ftp://www.example.com/moo/%TESTNUMBER;type=i HTTP/1.1 -Host: www.example.com:21 -Accept: */* -Proxy-Connection: Keep-Alive - + +GET ftp://www.example.com/moo/%TESTNUMBER;type=i HTTP/1.1 +Host: www.example.com:21 +Accept: */* +Proxy-Connection: Keep-Alive + hello diff --git a/tests/data/test562 b/tests/data/test562 index d1793891d0..d7871f18ec 100644 --- a/tests/data/test562 +++ b/tests/data/test562 @@ -39,14 +39,14 @@ FTP a type=A URL and CURLOPT_PORT set # There's no MTDM in the protocol here since this code doesn't ask for the # time/date of the file - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE A -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE A +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test563 b/tests/data/test563 index b7c61db768..c109e9f80f 100644 --- a/tests/data/test563 +++ b/tests/data/test563 @@ -48,12 +48,12 @@ ftp_proxy=http://%HOSTIP:%HTTPPORT/ # Verify data after the test has been "shot" - -GET ftp://%HOSTIP:%FTPPORT/%TESTNUMBER;type=A HTTP/1.1 -Host: %HOSTIP:%FTPPORT -Accept: */* -Proxy-Connection: Keep-Alive - + +GET ftp://%HOSTIP:%FTPPORT/%TESTNUMBER;type=A HTTP/1.1 +Host: %HOSTIP:%FTPPORT +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test564 b/tests/data/test564 index 96a6f9b1a6..6dad35318b 100644 --- a/tests/data/test564 +++ b/tests/data/test564 @@ -45,16 +45,16 @@ proxy # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD path -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT data diff --git a/tests/data/test565 b/tests/data/test565 index b8e418ec7b..736946c86a 100644 --- a/tests/data/test565 +++ b/tests/data/test565 @@ -78,33 +78,33 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Transfer-Encoding: chunked -Content-Type: application/x-www-form-urlencoded - -0 - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="foo", realm="testrealm", nonce="1053604144", uri="/%TESTNUMBER", response="877424f750af047634dbd94f9933217b" -Accept: */* -Transfer-Encoding: chunked -Content-Type: application/x-www-form-urlencoded -Expect: 100-continue - -3 -one -3 -two -5 -three -1d -and a final longer crap: four -0 - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Transfer-Encoding: chunked +Content-Type: application/x-www-form-urlencoded + +0 + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="foo", realm="testrealm", nonce="1053604144", uri="/%TESTNUMBER", response="877424f750af047634dbd94f9933217b" +Accept: */* +Transfer-Encoding: chunked +Content-Type: application/x-www-form-urlencoded +Expect: 100-continue + +3 +one +3 +two +5 +three +1d +and a final longer crap: four +0 + diff --git a/tests/data/test566 b/tests/data/test566 index 1ff92f4e21..ccfedd826c 100644 --- a/tests/data/test566 +++ b/tests/data/test566 @@ -47,11 +47,11 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER %LOGDIR/ip%TESTNUMBER CL 0 - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + diff --git a/tests/data/test567 b/tests/data/test567 index f6cdec42a1..940ac7d001 100644 --- a/tests/data/test567 +++ b/tests/data/test567 @@ -37,12 +37,12 @@ rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER - -OPTIONS rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER RTSP/1.0 -CSeq: 1 -User-Agent: test%TESTNUMBER -Test-Number: %TESTNUMBER - + +OPTIONS rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER RTSP/1.0 +CSeq: 1 +User-Agent: test%TESTNUMBER +Test-Number: %TESTNUMBER + diff --git a/tests/data/test569 b/tests/data/test569 index b70e9083ca..103672bd01 100644 --- a/tests/data/test569 +++ b/tests/data/test569 @@ -74,31 +74,31 @@ rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER %LOGDIR/idfile%TESTNUMBER.txt ^If-Modified-Since:.* - -SETUP rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0001 RTSP/1.0 -CSeq: 1 -Transport: Fake/NotReal/JustATest;foo=baz - -TEARDOWN rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0002 RTSP/1.0 -CSeq: 2 -Session: 00.+1-am-aSe55ion_id\$yes-i-am\$ - -SETUP rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0003 RTSP/1.0 -CSeq: 3 -Transport: Fake/NotReal/JustATest;foo=baz - -TEARDOWN rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0004 RTSP/1.0 -CSeq: 4 -Session: \$extraspaces - -SETUP rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0005 RTSP/1.0 -CSeq: 5 -Transport: Fake/NotReal/JustATest;foo=baz - -TEARDOWN rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0006 RTSP/1.0 -CSeq: 6 -Session: A - + +SETUP rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0001 RTSP/1.0 +CSeq: 1 +Transport: Fake/NotReal/JustATest;foo=baz + +TEARDOWN rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0002 RTSP/1.0 +CSeq: 2 +Session: 00.+1-am-aSe55ion_id\$yes-i-am\$ + +SETUP rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0003 RTSP/1.0 +CSeq: 3 +Transport: Fake/NotReal/JustATest;foo=baz + +TEARDOWN rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0004 RTSP/1.0 +CSeq: 4 +Session: \$extraspaces + +SETUP rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0005 RTSP/1.0 +CSeq: 5 +Transport: Fake/NotReal/JustATest;foo=baz + +TEARDOWN rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0006 RTSP/1.0 +CSeq: 6 +Session: A + Got Session ID: [00.+1-am-aSe55ion_id\$yes-i-am\$] diff --git a/tests/data/test57 b/tests/data/test57 index f177f08eb4..d3360096b9 100644 --- a/tests/data/test57 +++ b/tests/data/test57 @@ -35,12 +35,12 @@ HTTP content-type with spaces in text/html; charset=ISO-8859-4 - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test570 b/tests/data/test570 index c1a0348559..318beee096 100644 --- a/tests/data/test570 +++ b/tests/data/test570 @@ -58,18 +58,18 @@ rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER ^If-Modified-Since:.* - -OPTIONS rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0001 RTSP/1.0 -CSeq: 1 - -SETUP rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0002 RTSP/1.0 -CSeq: 999 -Transport: RAW/RAW/UDP;unicast;client_port=3056-3057 - -PLAY rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0003 RTSP/1.0 -CSeq: 1000 -Session: asdf - + +OPTIONS rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0001 RTSP/1.0 +CSeq: 1 + +SETUP rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0002 RTSP/1.0 +CSeq: 999 +Transport: RAW/RAW/UDP;unicast;client_port=3056-3057 + +PLAY rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0003 RTSP/1.0 +CSeq: 1000 +Session: asdf + diff --git a/tests/data/test573 b/tests/data/test573 index 67e806dcdf..82669b36f7 100644 --- a/tests/data/test573 +++ b/tests/data/test573 @@ -45,11 +45,11 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + diff --git a/tests/data/test574 b/tests/data/test574 index 1b185e98a9..861b3072e3 100644 --- a/tests/data/test574 +++ b/tests/data/test574 @@ -37,45 +37,45 @@ ftp://%HOSTIP:%FTPPORT/fully_simulated/UNIX/*.txt 0 # THERE SHOULD NOT BE "SIZE"! and one "USER/PASS" - -USER anonymous -PASS ftp@example.com -PWD -CWD fully_simulated -CWD UNIX -EPSV -TYPE A -LIST -EPSV -TYPE I -RETR chmod1 -EPSV -RETR chmod2 -EPSV -RETR chmod3 -EPSV -RETR empty_file.dat -EPSV -RETR file.txt -EPSV -RETR someothertext.txt -EPSV -TYPE A -LIST -EPSV -TYPE I -RETR chmod1 -EPSV -RETR chmod2 -EPSV -RETR chmod3 -EPSV -RETR empty_file.dat -EPSV -RETR file.txt -EPSV -RETR someothertext.txt -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD fully_simulated +CWD UNIX +EPSV +TYPE A +LIST +EPSV +TYPE I +RETR chmod1 +EPSV +RETR chmod2 +EPSV +RETR chmod3 +EPSV +RETR empty_file.dat +EPSV +RETR file.txt +EPSV +RETR someothertext.txt +EPSV +TYPE A +LIST +EPSV +TYPE I +RETR chmod1 +EPSV +RETR chmod2 +EPSV +RETR chmod3 +EPSV +RETR empty_file.dat +EPSV +RETR file.txt +EPSV +RETR someothertext.txt +QUIT This file should have permissions 444 diff --git a/tests/data/test575 b/tests/data/test575 index b1725a9b2a..c093c96c4f 100644 --- a/tests/data/test575 +++ b/tests/data/test575 @@ -35,67 +35,67 @@ ftp://%HOSTIP:%FTPPORT/fully_simulated/UNIX/* 0 - -USER anonymous -PASS ftp@example.com -PWD -CWD fully_simulated -CWD UNIX -EPSV -TYPE A -LIST -EPSV -TYPE I -RETR chmod1 -EPSV -RETR chmod2 -EPSV -RETR chmod3 -EPSV -RETR empty_file.dat -EPSV -RETR file.txt -EPSV -RETR someothertext.txt -EPSV -TYPE A -LIST -EPSV -TYPE I -RETR chmod1 -EPSV -RETR chmod2 -EPSV -RETR chmod3 -EPSV -RETR empty_file.dat -EPSV -RETR file.txt -EPSV -RETR someothertext.txt -QUIT -USER anonymous -PASS ftp@example.com -PWD -CWD fully_simulated -CWD UNIX -EPSV -TYPE A -LIST -EPSV -TYPE I -RETR chmod1 -EPSV -RETR chmod2 -EPSV -RETR chmod3 -EPSV -RETR empty_file.dat -EPSV -RETR file.txt -EPSV -RETR someothertext.txt -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD fully_simulated +CWD UNIX +EPSV +TYPE A +LIST +EPSV +TYPE I +RETR chmod1 +EPSV +RETR chmod2 +EPSV +RETR chmod3 +EPSV +RETR empty_file.dat +EPSV +RETR file.txt +EPSV +RETR someothertext.txt +EPSV +TYPE A +LIST +EPSV +TYPE I +RETR chmod1 +EPSV +RETR chmod2 +EPSV +RETR chmod3 +EPSV +RETR empty_file.dat +EPSV +RETR file.txt +EPSV +RETR someothertext.txt +QUIT +USER anonymous +PASS ftp@example.com +PWD +CWD fully_simulated +CWD UNIX +EPSV +TYPE A +LIST +EPSV +TYPE I +RETR chmod1 +EPSV +RETR chmod2 +EPSV +RETR chmod3 +EPSV +RETR empty_file.dat +EPSV +RETR file.txt +EPSV +RETR someothertext.txt +QUIT This file should have permissions 444 diff --git a/tests/data/test580 b/tests/data/test580 index c7f4bcfcd7..ad6b73b33d 100644 --- a/tests/data/test580 +++ b/tests/data/test580 @@ -53,11 +53,11 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + 8 diff --git a/tests/data/test581 b/tests/data/test581 index e784e72ea5..81844771fb 100644 --- a/tests/data/test581 +++ b/tests/data/test581 @@ -45,11 +45,11 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + diff --git a/tests/data/test584 b/tests/data/test584 index 81c9b84037..56c72c7246 100644 --- a/tests/data/test584 +++ b/tests/data/test584 @@ -62,23 +62,23 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER s/^--------------------------[A-Za-z0-9]*/--------------------------/ s/boundary=------------------------[A-Za-z0-9]*/boundary=------------------------/ - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Length: 156 -Content-Type: multipart/form-data; boundary=------------------------ - --------------------------- -Content-Disposition: form-data; name="fake" - -party ----------------------------- -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Length: 0 - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Length: 156 +Content-Type: multipart/form-data; boundary=------------------------ + +-------------------------- +Content-Disposition: form-data; name="fake" + +party +---------------------------- +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Length: 0 + diff --git a/tests/data/test585 b/tests/data/test585 index e5138cdb17..a9d4f61d16 100644 --- a/tests/data/test585 +++ b/tests/data/test585 @@ -56,11 +56,11 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + diff --git a/tests/data/test586 b/tests/data/test586 index d441ff5ecf..85971a0800 100644 --- a/tests/data/test586 +++ b/tests/data/test586 @@ -45,15 +45,15 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test589 b/tests/data/test589 index c798c0eed9..0846661aa7 100644 --- a/tests/data/test589 +++ b/tests/data/test589 @@ -44,12 +44,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Length: 0 - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Length: 0 + diff --git a/tests/data/test59 b/tests/data/test59 index b86b02d3d0..6ccb1ce37f 100644 --- a/tests/data/test59 +++ b/tests/data/test59 @@ -34,12 +34,12 @@ HTTP URL with slash but with "parameter" # # Verify data after the test has been "shot" - -GET /?mooo/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /?mooo/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test590 b/tests/data/test590 index 00ef1b1901..09c2c065a2 100644 --- a/tests/data/test590 +++ b/tests/data/test590 @@ -90,24 +90,24 @@ http://test.remote.example.com/path/%TESTNUMBER http://%HOSTIP:%HTTPPORT # Verify data after the test has been "shot" - -GET http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 -Host: test.remote.example.com -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 -Host: test.remote.example.com -Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 -Host: test.remote.example.com -Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAAAgACAHAAAAALAAsAcgAAAAAAAAAAAAAAhoIBAAQt1KW5CgG4YdWWcfXyfXBz1ZMCzYp37xYjBiAizmw58O6eQS7yR66eqYGWeSwl9W1lV09SS1NUQVRJT04= -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 +Host: test.remote.example.com +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 +Host: test.remote.example.com +Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 +Host: test.remote.example.com +Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAAAgACAHAAAAALAAsAcgAAAAAAAAAAAAAAhoIBAAQt1KW5CgG4YdWWcfXyfXBz1ZMCzYp37xYjBiAizmw58O6eQS7yR66eqYGWeSwl9W1lV09SS1NUQVRJT04= +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test595 b/tests/data/test595 index 65f23f7ead..969879ad35 100644 --- a/tests/data/test595 +++ b/tests/data/test595 @@ -43,15 +43,15 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER %LOGDIR/ip%TESTNUMBER # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test597 b/tests/data/test597 index 5402d29b1f..6888e40973 100644 --- a/tests/data/test597 +++ b/tests/data/test597 @@ -27,10 +27,10 @@ ftp://%HOSTIP:%FTPPORT # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD + +USER anonymous +PASS ftp@example.com +PWD diff --git a/tests/data/test598 b/tests/data/test598 index 7a6601b9af..74ed46bac4 100644 --- a/tests/data/test598 +++ b/tests/data/test598 @@ -66,18 +66,18 @@ cookies # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: the-moo agent next generation -Accept: */* -Referer: http://example.com/the-moo -Cookie: name=moo - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: the-moo agent next generation +Accept: */* +Referer: http://example.com/the-moo +Cookie: name=moo + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + diff --git a/tests/data/test6 b/tests/data/test6 index 9c5db36d99..225c92833c 100644 --- a/tests/data/test6 +++ b/tests/data/test6 @@ -38,13 +38,13 @@ cookies # Verify data after the test has been "shot" - -GET /we/want/that/page/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Cookie: name=contents;name2=content2;name3=content3 - + +GET /we/want/that/page/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Cookie: name=contents;name2=content2;name3=content3 + diff --git a/tests/data/test61 b/tests/data/test61 index 2cb5963ff4..22d22c88a8 100644 --- a/tests/data/test61 +++ b/tests/data/test61 @@ -59,12 +59,12 @@ cookies # Verify data after the test has been "shot" - -GET /we/want/%TESTNUMBER HTTP/1.1 -Host: www.host.foo.com -User-Agent: curl/%VERSION -Accept: */* - + +GET /we/want/%TESTNUMBER HTTP/1.1 +Host: www.host.foo.com +User-Agent: curl/%VERSION +Accept: */* + # Netscape HTTP Cookie File diff --git a/tests/data/test62 b/tests/data/test62 index 97cef4afac..ec47b60f07 100644 --- a/tests/data/test62 +++ b/tests/data/test62 @@ -49,19 +49,19 @@ cookies # Verify data after the test has been "shot" - -GET /we/want/%TESTNUMBER HTTP/1.1 -Host: www.host.foo.com -User-Agent: curl/%VERSION -Accept: */* -Cookie: test2=yes; test=yes - -GET /we/want/%TESTNUMBER?hoge=fuga HTTP/1.1 -Host: www.host.foo.com -User-Agent: curl/%VERSION -Accept: */* -Cookie: test2=yes; test=yes - + +GET /we/want/%TESTNUMBER HTTP/1.1 +Host: www.host.foo.com +User-Agent: curl/%VERSION +Accept: */* +Cookie: test2=yes; test=yes + +GET /we/want/%TESTNUMBER?hoge=fuga HTTP/1.1 +Host: www.host.foo.com +User-Agent: curl/%VERSION +Accept: */* +Cookie: test2=yes; test=yes + diff --git a/tests/data/test627 b/tests/data/test627 index aab25791f2..a8d3ed3372 100644 --- a/tests/data/test627 +++ b/tests/data/test627 @@ -34,8 +34,6 @@ Dummy test file for remove test # # Verify data after the test has been "shot" - - %PERL %SRCDIR/libtest/test610.pl gone %PWD/%LOGDIR/test%TESTNUMBER.txt diff --git a/tests/data/test63 b/tests/data/test63 index 81d6ffc7e6..6056edaedc 100644 --- a/tests/data/test63 +++ b/tests/data/test63 @@ -41,14 +41,14 @@ proxy # Verify data after the test has been "shot" - -GET http://we.want.that.site.com/%TESTNUMBER HTTP/1.1 -Host: we.want.that.site.com -Proxy-Authorization: Basic %b64[fake:user]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://we.want.that.site.com/%TESTNUMBER HTTP/1.1 +Host: we.want.that.site.com +Proxy-Authorization: Basic %b64[fake:user]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test64 b/tests/data/test64 index d56b2514c9..34f49b69ff 100644 --- a/tests/data/test64 +++ b/tests/data/test64 @@ -66,18 +66,18 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --digest # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/%TESTNUMBER", response="c55f7f30d83d774a3d2dcacf725abaca" -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/%TESTNUMBER", response="c55f7f30d83d774a3d2dcacf725abaca" +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test644 b/tests/data/test644 index b055763a39..017b98d6e9 100644 --- a/tests/data/test644 +++ b/tests/data/test644 @@ -65,17 +65,17 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --xattr -L -o %LOGDIR/out%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /data/%TESTNUMBER0002.txt?coolsite=yes HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /data/%TESTNUMBER0002.txt?coolsite=yes HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + user.creator => curl diff --git a/tests/data/test646 b/tests/data/test646 index fe86e32775..67ef66498d 100644 --- a/tests/data/test646 +++ b/tests/data/test646 @@ -54,12 +54,12 @@ X-fileheader2: This is #a s/^--------------------------[A-Za-z0-9]*/------------------------------/ s/boundary=------------------------[A-Za-z0-9]*/boundary=----------------------------/ - -EHLO %TESTNUMBER -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +DATA +QUIT Content-Type: multipart/mixed; boundary=---------------------------- diff --git a/tests/data/test647 b/tests/data/test647 index 8cac4577e1..0e3d242cd7 100644 --- a/tests/data/test647 +++ b/tests/data/test647 @@ -42,11 +42,11 @@ It may contain any type of data. s/^--------------------------[A-Za-z0-9]*/------------------------------/ s/boundary=------------------------[A-Za-z0-9]*/boundary=----------------------------/ - -A001 CAPABILITY -A002 LOGIN user secret -A003 APPEND %TESTNUMBER (\Seen) {940} -A004 LOGOUT + +A001 CAPABILITY +A002 LOGIN user secret +A003 APPEND %TESTNUMBER (\Seen) {940} +A004 LOGOUT Content-Type: multipart/mixed; boundary=---------------------------- diff --git a/tests/data/test648 b/tests/data/test648 index 992a3dbc5e..f472f9f876 100644 --- a/tests/data/test648 +++ b/tests/data/test648 @@ -46,33 +46,33 @@ It may contain any type of data and will be encoded in base64 for transfer. s/^--------------------------[A-Za-z0-9]*/------------------------------/ s/boundary=------------------------[A-Za-z0-9]*/boundary=----------------------------/ - -EHLO %TESTNUMBER -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +DATA +QUIT - -Content-Type: multipart/mixed; boundary=---------------------------- -Mime-Version: 1.0 -From: different -To: another - ------------------------------- -Content-Transfer-Encoding: quoted-printable -Content-disposition: "inline" - -This is the email inline text with a very long line containing the special = -character =3D and that should be split by encoder. ------------------------------- -Content-Disposition: attachment; filename="test%TESTNUMBER.txt" -Content-Transfer-Encoding: base64 - -VGhpcyBpcyBhbiBhdHRhY2hlZCBmaWxlLgoKSXQgbWF5IGNvbnRhaW4gYW55IHR5cGUgb2YgZGF0 -YSBhbmQgd2lsbCBiZSBlbmNvZGVkIGluIGJhc2U2NCBmb3IgdHJhbnNmZXIuCg== --------------------------------- -. + +Content-Type: multipart/mixed; boundary=---------------------------- +Mime-Version: 1.0 +From: different +To: another + +------------------------------ +Content-Transfer-Encoding: quoted-printable +Content-disposition: "inline" + +This is the email inline text with a very long line containing the special = +character =3D and that should be split by encoder. +------------------------------ +Content-Disposition: attachment; filename="test%TESTNUMBER.txt" +Content-Transfer-Encoding: base64 + +VGhpcyBpcyBhbiBhdHRhY2hlZCBmaWxlLgoKSXQgbWF5IGNvbnRhaW4gYW55IHR5cGUgb2YgZGF0 +YSBhbmQgd2lsbCBiZSBlbmNvZGVkIGluIGJhc2U2NCBmb3IgdHJhbnNmZXIuCg== +-------------------------------- +. diff --git a/tests/data/test649 b/tests/data/test649 index 371f00bfdc..ea3c9c3447 100644 --- a/tests/data/test649 +++ b/tests/data/test649 @@ -42,11 +42,11 @@ It contains at least an 8-bit byte value. # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -MAIL FROM: -RCPT TO: -DATA + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +DATA 26 diff --git a/tests/data/test65 b/tests/data/test65 index 8f82c92b4b..300b9ad5cb 100644 --- a/tests/data/test65 +++ b/tests/data/test65 @@ -66,18 +66,18 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:test2pass --digest # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="2053604145", uri="/%TESTNUMBER", response="66d68d3251f1839576ba7c766cf9205b" -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="2053604145", uri="/%TESTNUMBER", response="66d68d3251f1839576ba7c766cf9205b" +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test650 b/tests/data/test650 index acd2c5f194..4c0107ae64 100644 --- a/tests/data/test650 +++ b/tests/data/test650 @@ -10,14 +10,14 @@ FORM # # Server-side - -HTTP/1.1 301 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html + +HTTP/1.1 301 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html Location: /%TESTNUMBER0002 - + hello diff --git a/tests/data/test651 b/tests/data/test651 index cf19bfc34a..a3691f88e9 100644 --- a/tests/data/test651 +++ b/tests/data/test651 @@ -58,18 +58,18 @@ s/boundary=------------------------[A-Za-z0-9]*/boundary=----------------------- # Note that the stripping above removes 12 bytes from every occurrence of the # boundary string and since 5 of them are in the body contents, we see # (5*12) == 60 bytes less - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Length: 17151 -Content-Type: multipart/form-data; boundary=---------------------------- - ------------------------------- -Content-Disposition: form-data; name="hello" - -%repeat[1000 x A]%%repeat[1000 x B]%%repeat[1000 x C]%%repeat[1000 x D]%%repeat[1000 x E]%%repeat[1000 x F]%%repeat[1000 x G]%%repeat[1000 x H]%%repeat[1000 x I]%%repeat[1000 x J]%%repeat[1000 x K]%%repeat[1000 x L]%%repeat[1000 x M]%%repeat[1000 x N]%%repeat[1000 x O]%%repeat[1000 x P]%%repeat[999 x Q]% --------------------------------- + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Length: 17151 +Content-Type: multipart/form-data; boundary=---------------------------- + +------------------------------ +Content-Disposition: form-data; name="hello" + +%repeat[1000 x A]%%repeat[1000 x B]%%repeat[1000 x C]%%repeat[1000 x D]%%repeat[1000 x E]%%repeat[1000 x F]%%repeat[1000 x G]%%repeat[1000 x H]%%repeat[1000 x I]%%repeat[1000 x J]%%repeat[1000 x K]%%repeat[1000 x L]%%repeat[1000 x M]%%repeat[1000 x N]%%repeat[1000 x O]%%repeat[1000 x P]%%repeat[999 x Q]% +-------------------------------- diff --git a/tests/data/test652 b/tests/data/test652 index 31ec7b821d..25e5a6d9e3 100644 --- a/tests/data/test652 +++ b/tests/data/test652 @@ -39,323 +39,323 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER s/^--------------------------[A-Za-z0-9]*/------------------------------/ s/boundary=------------------------[A-Za-z0-9]*/boundary=----------------------------/ - -EHLO %TESTNUMBER -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +DATA +QUIT - -Content-Type: multipart/mixed; boundary=---------------------------- -Mime-Version: 1.0 - ------------------------------- -Content-Disposition: attachment; filename="myfile.jpg" -Content-Type: image/jpeg -Content-Transfer-Encoding: base64 - -QUFBQUFBQUFBQUJCQkJCQkJCQkJDQ0NDQ0NDQ0NDREREREREREREREVFRUVFRUVFRUVGRkZGRkZG -RkZGR0dHR0dHR0dHR0hISEhISEhISEhJSUlJSUlJSUlJSkpKSkpKSkpKSktLS0tLS0tLS0tMTExM -TExMTExMTU1NTU1NTU1NTU5OTk5OTk5OTk5PT09PT09PT09PUFBQUFBQUFBQUFFRUVFRUVFRUVFS -UlJSUlJSUlJSU1NTU1NTU1NTU1RUVFRUVFRUVFRVVVVVVVVVVVVVVlZWVlZWVlZWVldXV1dXV1dX -V1dYWFhYWFhYWFhYWVlZWVlZWVlZWVpaWlpaWlpaWlpBQUFBQUFBQUFBQkJCQkJCQkJCQkNDQ0ND -Q0NDQ0NERERERERERERERUVFRUVFRUVFRUZGRkZGRkZGRkZHR0dHR0dHR0dHSEhISEhISEhISElJ -SUlJSUlJSUlKSkpKSkpKSkpKS0tLS0tLS0tLS0xMTExMTExMTExNTU1NTU1NTU1NTk5OTk5OTk5O -Tk9PT09PT09PT09QUFBQUFBQUFBQUVFRUVFRUVFRUVJSUlJSUlJSUlJTU1NTU1NTU1NTVFRUVFRU -VFRUVFVVVVVVVVVVVVVWVlZWVlZWVlZWV1dXV1dXV1dXV1hYWFhYWFhYWFhZWVlZWVlZWVlZWlpa -WlpaWlpaWkFBQUFBQUFBQUFCQkJCQkJCQkJCQ0NDQ0NDQ0NDQ0RERERERERERERFRUVFRUVFRUVF -RkZGRkZGRkZGRkdHR0dHR0dHR0dISEhISEhISEhISUlJSUlJSUlJSUpKSkpKSkpKSkpLS0tLS0tL -S0tLTExMTExMTExMTE1NTU1NTU1NTU1OTk5OTk5OTk5OT09PT09PT09PT1BQUFBQUFBQUFBRUVFR -UVFRUVFRUlJSUlJSUlJSUlNTU1NTU1NTU1NUVFRUVFRUVFRUVVVVVVVVVVVVVVZWVlZWVlZWVlZX -V1dXV1dXV1dXWFhYWFhYWFhYWFlZWVlZWVlZWVlaWlpaWlpaWlpaQUFBQUFBQUFBQUJCQkJCQkJC -QkJDQ0NDQ0NDQ0NDREREREREREREREVFRUVFRUVFRUVGRkZGRkZGRkZGR0dHR0dHR0dHR0hISEhI -SEhISEhJSUlJSUlJSUlJSkpKSkpKSkpKSktLS0tLS0tLS0tMTExMTExMTExMTU1NTU1NTU1NTU5O -Tk5OTk5OTk5PT09PT09PT09PUFBQUFBQUFBQUFFRUVFRUVFRUVFSUlJSUlJSUlJSU1NTU1NTU1NT -U1RUVFRUVFRUVFRVVVVVVVVVVVVVVlZWVlZWVlZWVldXV1dXV1dXV1dYWFhYWFhYWFhYWVlZWVlZ -WVlZWVpaWlpaWlpaWlpBQUFBQUFBQUFBQkJCQkJCQkJCQkNDQ0NDQ0NDQ0NERERERERERERERUVF -RUVFRUVFRUZGRkZGRkZGRkZHR0dHR0dHR0dHSEhISEhISEhISElJSUlJSUlJSUlKSkpKSkpKSkpK -S0tLS0tLS0tLS0xMTExMTExMTExNTU1NTU1NTU1NTk5OTk5OTk5OTk9PT09PT09PT09QUFBQUFBQ -UFBQUVFRUVFRUVFRUVJSUlJSUlJSUlJTU1NTU1NTU1NTVFRUVFRUVFRUVFVVVVVVVVVVVVVWVlZW -VlZWVlZWV1dXV1dXV1dXV1hYWFhYWFhYWFhZWVlZWVlZWVlZWlpaWlpaWlpaWkFBQUFBQUFBQUFC -QkJCQkJCQkJCQ0NDQ0NDQ0NDQ0RERERERERERERFRUVFRUVFRUVFRkZGRkZGRkZGRkdHR0dHR0dH -R0dISEhISEhISEhISUlJSUlJSUlJSUpKSkpKSkpKSkpLS0tLS0tLS0tLTExMTExMTExMTE1NTU1N -TU1NTU1OTk5OTk5OTk5OT09PT09PT09PT1BQUFBQUFBQUFBRUVFRUVFRUVFRUlJSUlJSUlJSUlNT -U1NTU1NTU1NUVFRUVFRUVFRUVVVVVVVVVVVVVVZWVlZWVlZWVlZXV1dXV1dXV1dXWFhYWFhYWFhY -WFlZWVlZWVlZWVlaWlpaWlpaWlpaQUFBQUFBQUFBQUJCQkJCQkJCQkJDQ0NDQ0NDQ0NDRERERERE -REREREVFRUVFRUVFRUVGRkZGRkZGRkZGR0dHR0dHR0dHR0hISEhISEhISEhJSUlJSUlJSUlJSkpK -SkpKSkpKSktLS0tLS0tLS0tMTExMTExMTExMTU1NTU1NTU1NTU5OTk5OTk5OTk5PT09PT09PT09P -UFBQUFBQUFBQUFFRUVFRUVFRUVFSUlJSUlJSUlJSU1NTU1NTU1NTU1RUVFRUVFRUVFRVVVVVVVVV -VVVVVlZWVlZWVlZWVldXV1dXV1dXV1dYWFhYWFhYWFhYWVlZWVlZWVlZWVpaWlpaWlpaWlpBQUFB -QUFBQUFBQkJCQkJCQkJCQkNDQ0NDQ0NDQ0NERERERERERERERUVFRUVFRUVFRUZGRkZGRkZGRkZH -R0dHR0dHR0dHSEhISEhISEhISElJSUlJSUlJSUlKSkpKSkpKSkpKS0tLS0tLS0tLS0xMTExMTExM -TExNTU1NTU1NTU1NTk5OTk5OTk5OTk9PT09PT09PT09QUFBQUFBQUFBQUVFRUVFRUVFRUVJSUlJS -UlJSUlJTU1NTU1NTU1NTVFRUVFRUVFRUVFVVVVVVVVVVVVVWVlZWVlZWVlZWV1dXV1dXV1dXV1hY -WFhYWFhYWFhZWVlZWVlZWVlZWlpaWlpaWlpaWkFBQUFBQUFBQUFCQkJCQkJCQkJCQ0NDQ0NDQ0ND -Q0RERERERERERERFRUVFRUVFRUVFRkZGRkZGRkZGRkdHR0dHR0dHR0dISEhISEhISEhISUlJSUlJ -SUlJSUpKSkpKSkpKSkpLS0tLS0tLS0tLTExMTExMTExMTE1NTU1NTU1NTU1OTk5OTk5OTk5OT09P -T09PT09PT1BQUFBQUFBQUFBRUVFRUVFRUVFRUlJSUlJSUlJSUlNTU1NTU1NTU1NUVFRUVFRUVFRU -VVVVVVVVVVVVVVZWVlZWVlZWVlZXV1dXV1dXV1dXWFhYWFhYWFhYWFlZWVlZWVlZWVlaWlpaWlpa -WlpaQUFBQUFBQUFBQUJCQkJCQkJCQkJDQ0NDQ0NDQ0NDREREREREREREREVFRUVFRUVFRUVGRkZG -RkZGRkZGR0dHR0dHR0dHR0hISEhISEhISEhJSUlJSUlJSUlJSkpKSkpKSkpKSktLS0tLS0tLS0tM -TExMTExMTExMTU1NTU1NTU1NTU5OTk5OTk5OTk5PT09PT09PT09PUFBQUFBQUFBQUFFRUVFRUVFR -UVFSUlJSUlJSUlJSU1NTU1NTU1NTU1RUVFRUVFRUVFRVVVVVVVVVVVVVVlZWVlZWVlZWVldXV1dX -V1dXV1dYWFhYWFhYWFhYWVlZWVlZWVlZWVpaWlpaWlpaWlpBQUFBQUFBQUFBQkJCQkJCQkJCQkND -Q0NDQ0NDQ0NERERERERERERERUVFRUVFRUVFRUZGRkZGRkZGRkZHR0dHR0dHR0dHSEhISEhISEhI -SElJSUlJSUlJSUlKSkpKSkpKSkpKS0tLS0tLS0tLS0xMTExMTExMTExNTU1NTU1NTU1NTk5OTk5O -Tk5OTk9PT09PT09PT09QUFBQUFBQUFBQUVFRUVFRUVFRUVJSUlJSUlJSUlJTU1NTU1NTU1NTVFRU -VFRUVFRUVFVVVVVVVVVVVVVWVlZWVlZWVlZWV1dXV1dXV1dXV1hYWFhYWFhYWFhZWVlZWVlZWVlZ -WlpaWlpaWlpaWkFBQUFBQUFBQUFCQkJCQkJCQkJCQ0NDQ0NDQ0NDQ0RERERERERERERFRUVFRUVF -RUVFRkZGRkZGRkZGRkdHR0dHR0dHR0dISEhISEhISEhISUlJSUlJSUlJSUpKSkpKSkpKSkpLS0tL -S0tLS0tLTExMTExMTExMTE1NTU1NTU1NTU1OTk5OTk5OTk5OT09PT09PT09PT1BQUFBQUFBQUFBR -UVFRUVFRUVFRUlJSUlJSUlJSUlNTU1NTU1NTU1NUVFRUVFRUVFRUVVVVVVVVVVVVVVZWVlZWVlZW -VlZXV1dXV1dXV1dXWFhYWFhYWFhYWFlZWVlZWVlZWVlaWlpaWlpaWlpaQUFBQUFBQUFBQUJCQkJC -QkJCQkJDQ0NDQ0NDQ0NDREREREREREREREVFRUVFRUVFRUVGRkZGRkZGRkZGR0dHR0dHR0dHR0hI -SEhISEhISEhJSUlJSUlJSUlJSkpKSkpKSkpKSktLS0tLS0tLS0tMTExMTExMTExMTU1NTU1NTU1N -TU5OTk5OTk5OTk5PT09PT09PT09PUFBQUFBQUFBQUFFRUVFRUVFRUVFSUlJSUlJSUlJSU1NTU1NT -U1NTU1RUVFRUVFRUVFRVVVVVVVVVVVVVVlZWVlZWVlZWVldXV1dXV1dXV1dYWFhYWFhYWFhYWVlZ -WVlZWVlZWVpaWlpaWlpaWlpBQUFBQUFBQUFBQkJCQkJCQkJCQkNDQ0NDQ0NDQ0NERERERERERERE -RUVFRUVFRUVFRUZGRkZGRkZGRkZHR0dHR0dHR0dHSEhISEhISEhISElJSUlJSUlJSUlKSkpKSkpK -SkpKS0tLS0tLS0tLS0xMTExMTExMTExNTU1NTU1NTU1NTk5OTk5OTk5OTk9PT09PT09PT09QUFBQ -UFBQUFBQUVFRUVFRUVFRUVJSUlJSUlJSUlJTU1NTU1NTU1NTVFRUVFRUVFRUVFVVVVVVVVVVVVVW -VlZWVlZWVlZWV1dXV1dXV1dXV1hYWFhYWFhYWFhZWVlZWVlZWVlZWlpaWlpaWlpaWkFBQUFBQUFB -QUFCQkJCQkJCQkJCQ0NDQ0NDQ0NDQ0RERERERERERERFRUVFRUVFRUVFRkZGRkZGRkZGRkdHR0dH -R0dHR0dISEhISEhISEhISUlJSUlJSUlJSUpKSkpKSkpKSkpLS0tLS0tLS0tLTExMTExMTExMTE1N -TU1NTU1NTU1OTk5OTk5OTk5OT09PT09PT09PT1BQUFBQUFBQUFBRUVFRUVFRUVFRUlJSUlJSUlJS -UlNTU1NTU1NTU1NUVFRUVFRUVFRUVVVVVVVVVVVVVVZWVlZWVlZWVlZXV1dXV1dXV1dXWFhYWFhY -WFhYWFlZWVlZWVlZWVlaWlpaWlpaWlpaQUFBQUFBQUFBQUJCQkJCQkJCQkJDQ0NDQ0NDQ0NDRERE -REREREREREVFRUVFRUVFRUVGRkZGRkZGRkZGR0dHR0dHR0dHR0hISEhISEhISEhJSUlJSUlJSUlJ -SkpKSkpKSkpKSktLS0tLS0tLS0tMTExMTExMTExMTU1NTU1NTU1NTU5OTk5OTk5OTk5PT09PT09P -T09PUFBQUFBQUFBQUFFRUVFRUVFRUVFSUlJSUlJSUlJSU1NTU1NTU1NTU1RUVFRUVFRUVFRVVVVV -VVVVVVVVVlZWVlZWVlZWVldXV1dXV1dXV1dYWFhYWFhYWFhYWVlZWVlZWVlZWVpaWlpaWlpaWlpB -QUFBQUFBQUFBQkJCQkJCQkJCQkNDQ0NDQ0NDQ0NERERERERERERERUVFRUVFRUVFRUZGRkZGRkZG -RkZHR0dHR0dHR0dHSEhISEhISEhISElJSUlJSUlJSUlKSkpKSkpKSkpKS0tLS0tLS0tLS0xMTExM -TExMTExNTU1NTU1NTU1NTk5OTk5OTk5OTk9PT09PT09PT09QUFBQUFBQUFBQUVFRUVFRUVFRUVJS -UlJSUlJSUlJTU1NTU1NTU1NTVFRUVFRUVFRUVFVVVVVVVVVVVVVWVlZWVlZWVlZWV1dXV1dXV1dX -V1hYWFhYWFhYWFhZWVlZWVlZWVlZWlpaWlpaWlpaWkFBQUFBQUFBQUFCQkJCQkJCQkJCQ0NDQ0ND -Q0NDQ0RERERERERERERFRUVFRUVFRUVFRkZGRkZGRkZGRkdHR0dHR0dHR0dISEhISEhISEhISUlJ -SUlJSUlJSUpKSkpKSkpKSkpLS0tLS0tLS0tLTExMTExMTExMTE1NTU1NTU1NTU1OTk5OTk5OTk5O -T09PT09PT09PT1BQUFBQUFBQUFBRUVFRUVFRUVFRUlJSUlJSUlJSUlNTU1NTU1NTU1NUVFRUVFRU -VFRUVVVVVVVVVVVVVVZWVlZWVlZWVlZXV1dXV1dXV1dXWFhYWFhYWFhYWFlZWVlZWVlZWVlaWlpa -WlpaWlpaQUFBQUFBQUFBQUJCQkJCQkJCQkJDQ0NDQ0NDQ0NDREREREREREREREVFRUVFRUVFRUVG -RkZGRkZGRkZGR0dHR0dHR0dHR0hISEhISEhISEhJSUlJSUlJSUlJSkpKSkpKSkpKSktLS0tLS0tL -S0tMTExMTExMTExMTU1NTU1NTU1NTU5OTk5OTk5OTk5PT09PT09PT09PUFBQUFBQUFBQUFFRUVFR -UVFRUVFSUlJSUlJSUlJSU1NTU1NTU1NTU1RUVFRUVFRUVFRVVVVVVVVVVVVVVlZWVlZWVlZWVldX -V1dXV1dXV1dYWFhYWFhYWFhYWVlZWVlZWVlZWVpaWlpaWlpaWlpBQUFBQUFBQUFBQkJCQkJCQkJC -QkNDQ0NDQ0NDQ0NERERERERERERERUVFRUVFRUVFRUZGRkZGRkZGRkZHR0dHR0dHR0dHSEhISEhI -SEhISElJSUlJSUlJSUlKSkpKSkpKSkpKS0tLS0tLS0tLS0xMTExMTExMTExNTU1NTU1NTU1NTk5O -Tk5OTk5OTk9PT09PT09PT09QUFBQUFBQUFBQUVFRUVFRUVFRUVJSUlJSUlJSUlJTU1NTU1NTU1NT -VFRUVFRUVFRUVFVVVVVVVVVVVVVWVlZWVlZWVlZWV1dXV1dXV1dXV1hYWFhYWFhYWFhZWVlZWVlZ -WVlZWlpaWlpaWlpaWkFBQUFBQUFBQUFCQkJCQkJCQkJCQ0NDQ0NDQ0NDQ0RERERERERERERFRUVF -RUVFRUVFRkZGRkZGRkZGRkdHR0dHR0dHR0dISEhISEhISEhISUlJSUlJSUlJSUpKSkpKSkpKSkpL -S0tLS0tLS0tLTExMTExMTExMTE1NTU1NTU1NTU1OTk5OTk5OTk5OT09PT09PT09PT1BQUFBQUFBQ -UFBRUVFRUVFRUVFRUlJSUlJSUlJSUlNTU1NTU1NTU1NUVFRUVFRUVFRUVVVVVVVVVVVVVVZWVlZW -VlZWVlZXV1dXV1dXV1dXWFhYWFhYWFhYWFlZWVlZWVlZWVlaWlpaWlpaWlpaQUFBQUFBQUFBQUJC -QkJCQkJCQkJDQ0NDQ0NDQ0NDREREREREREREREVFRUVFRUVFRUVGRkZGRkZGRkZGR0dHR0dHR0dH -R0hISEhISEhISEhJSUlJSUlJSUlJSkpKSkpKSkpKSktLS0tLS0tLS0tMTExMTExMTExMTU1NTU1N -TU1NTU5OTk5OTk5OTk5PT09PT09PT09PUFBQUFBQUFBQUFFRUVFRUVFRUVFSUlJSUlJSUlJSU1NT -U1NTU1NTU1RUVFRUVFRUVFRVVVVVVVVVVVVVVlZWVlZWVlZWVldXV1dXV1dXV1dYWFhYWFhYWFhY -WVlZWVlZWVlZWVpaWlpaWlpaWlpBQUFBQUFBQUFBQkJCQkJCQkJCQkNDQ0NDQ0NDQ0NERERERERE -RERERUVFRUVFRUVFRUZGRkZGRkZGRkZHR0dHR0dHR0dHSEhISEhISEhISElJSUlJSUlJSUlKSkpK -SkpKSkpKS0tLS0tLS0tLS0xMTExMTExMTExNTU1NTU1NTU1NTk5OTk5OTk5OTk9PT09PT09PT09Q -UFBQUFBQUFBQUVFRUVFRUVFRUVJSUlJSUlJSUlJTU1NTU1NTU1NTVFRUVFRUVFRUVFVVVVVVVVVV -VVVWVlZWVlZWVlZWV1dXV1dXV1dXV1hYWFhYWFhYWFhZWVlZWVlZWVlZWlpaWlpaWlpaWkFBQUFB -QUFBQUFCQkJCQkJCQkJCQ0NDQ0NDQ0NDQ0RERERERERERERFRUVFRUVFRUVFRkZGRkZGRkZGRkdH -R0dHR0dHR0dISEhISEhISEhISUlJSUlJSUlJSUpKSkpKSkpKSkpLS0tLS0tLS0tLTExMTExMTExM -TE1NTU1NTU1NTU1OTk5OTk5OTk5OT09PT09PT09PT1BQUFBQUFBQUFBRUVFRUVFRUVFRUlJSUlJS -UlJSUlNTU1NTU1NTU1NUVFRUVFRUVFRUVVVVVVVVVVVVVVZWVlZWVlZWVlZXV1dXV1dXV1dXWFhY -WFhYWFhYWFlZWVlZWVlZWVlaWlpaWlpaWlpaQUFBQUFBQUFBQUJCQkJCQkJCQkJDQ0NDQ0NDQ0ND -REREREREREREREVFRUVFRUVFRUVGRkZGRkZGRkZGR0dHR0dHR0dHR0hISEhISEhISEhJSUlJSUlJ -SUlJSkpKSkpKSkpKSktLS0tLS0tLS0tMTExMTExMTExMTU1NTU1NTU1NTU5OTk5OTk5OTk5PT09P -T09PT09PUFBQUFBQUFBQUFFRUVFRUVFRUVFSUlJSUlJSUlJSU1NTU1NTU1NTU1RUVFRUVFRUVFRV -VVVVVVVVVVVVVlZWVlZWVlZWVldXV1dXV1dXV1dYWFhYWFhYWFhYWVlZWVlZWVlZWVpaWlpaWlpa -WlpBQUFBQUFBQUFBQkJCQkJCQkJCQkNDQ0NDQ0NDQ0NERERERERERERERUVFRUVFRUVFRUZGRkZG -RkZGRkZHR0dHR0dHR0dHSEhISEhISEhISElJSUlJSUlJSUlKSkpKSkpKSkpKS0tLS0tLS0tLS0xM -TExMTExMTExNTU1NTU1NTU1NTk5OTk5OTk5OTk9PT09PT09PT09QUFBQUFBQUFBQUVFRUVFRUVFR -UVJSUlJSUlJSUlJTU1NTU1NTU1NTVFRUVFRUVFRUVFVVVVVVVVVVVVVWVlZWVlZWVlZWV1dXV1dX -V1dXV1hYWFhYWFhYWFhZWVlZWVlZWVlZWlpaWlpaWlpaWkFBQUFBQUFBQUFCQkJCQkJCQkJCQ0ND -Q0NDQ0NDQ0RERERERERERERFRUVFRUVFRUVFRkZGRkZGRkZGRkdHR0dHR0dHR0dISEhISEhISEhI -SUlJSUlJSUlJSUpKSkpKSkpKSkpLS0tLS0tLS0tLTExMTExMTExMTE1NTU1NTU1NTU1OTk5OTk5O -Tk5OT09PT09PT09PT1BQUFBQUFBQUFBRUVFRUVFRUVFRUlJSUlJSUlJSUlNTU1NTU1NTU1NUVFRU -VFRUVFRUVVVVVVVVVVVVVVZWVlZWVlZWVlZXV1dXV1dXV1dXWFhYWFhYWFhYWFlZWVlZWVlZWVla -WlpaWlpaWlpaQUFBQUFBQUFBQUJCQkJCQkJCQkJDQ0NDQ0NDQ0NDREREREREREREREVFRUVFRUVF -RUVGRkZGRkZGRkZGR0dHR0dHR0dHR0hISEhISEhISEhJSUlJSUlJSUlJSkpKSkpKSkpKSktLS0tL -S0tLS0tMTExMTExMTExMTU1NTU1NTU1NTU5OTk5OTk5OTk5PT09PT09PT09PUFBQUFBQUFBQUFFR -UVFRUVFRUVFSUlJSUlJSUlJSU1NTU1NTU1NTU1RUVFRUVFRUVFRVVVVVVVVVVVVVVlZWVlZWVlZW -VldXV1dXV1dXV1dYWFhYWFhYWFhYWVlZWVlZWVlZWVpaWlpaWlpaWlpBQUFBQUFBQUFBQkJCQkJC -QkJCQkNDQ0NDQ0NDQ0NERERERERERERERUVFRUVFRUVFRUZGRkZGRkZGRkZHR0dHR0dHR0dHSEhI -SEhISEhISElJSUlJSUlJSUlKSkpKSkpKSkpKS0tLS0tLS0tLS0xMTExMTExMTExNTU1NTU1NTU1N -Tk5OTk5OTk5OTk9PT09PT09PT09QUFBQUFBQUFBQUVFRUVFRUVFRUVJSUlJSUlJSUlJTU1NTU1NT -U1NTVFRUVFRUVFRUVFVVVVVVVVVVVVVWVlZWVlZWVlZWV1dXV1dXV1dXV1hYWFhYWFhYWFhZWVlZ -WVlZWVlZWlpaWlpaWlpaWkFBQUFBQUFBQUFCQkJCQkJCQkJCQ0NDQ0NDQ0NDQ0RERERERERERERF -RUVFRUVFRUVFRkZGRkZGRkZGRkdHR0dHR0dHR0dISEhISEhISEhISUlJSUlJSUlJSUpKSkpKSkpK -SkpLS0tLS0tLS0tLTExMTExMTExMTE1NTU1NTU1NTU1OTk5OTk5OTk5OT09PT09PT09PT1BQUFBQ -UFBQUFBRUVFRUVFRUVFRUlJSUlJSUlJSUlNTU1NTU1NTU1NUVFRUVFRUVFRUVVVVVVVVVVVVVVZW -VlZWVlZWVlZXV1dXV1dXV1dXWFhYWFhYWFhYWFlZWVlZWVlZWVlaWlpaWlpaWlpaQUFBQUFBQUFB -QUJCQkJCQkJCQkJDQ0NDQ0NDQ0NDREREREREREREREVFRUVFRUVFRUVGRkZGRkZGRkZGR0dHR0dH -R0dHR0hISEhISEhISEhJSUlJSUlJSUlJSkpKSkpKSkpKSktLS0tLS0tLS0tMTExMTExMTExMTU1N -TU1NTU1NTU5OTk5OTk5OTk5PT09PT09PT09PUFBQUFBQUFBQUFFRUVFRUVFRUVFSUlJSUlJSUlJS -U1NTU1NTU1NTU1RUVFRUVFRUVFRVVVVVVVVVVVVVVlZWVlZWVlZWVldXV1dXV1dXV1dYWFhYWFhY -WFhYWVlZWVlZWVlZWVpaWlpaWlpaWlpBQUFBQUFBQUFBQkJCQkJCQkJCQkNDQ0NDQ0NDQ0NERERE -RERERERERUVFRUVFRUVFRUZGRkZGRkZGRkZHR0dHR0dHR0dHSEhISEhISEhISElJSUlJSUlJSUlK -SkpKSkpKSkpKS0tLS0tLS0tLS0xMTExMTExMTExNTU1NTU1NTU1NTk5OTk5OTk5OTk9PT09PT09P -T09QUFBQUFBQUFBQUVFRUVFRUVFRUVJSUlJSUlJSUlJTU1NTU1NTU1NTVFRUVFRUVFRUVFVVVVVV -VVVVVVVWVlZWVlZWVlZWV1dXV1dXV1dXV1hYWFhYWFhYWFhZWVlZWVlZWVlZWlpaWlpaWlpaWkFB -QUFBQUFBQUFCQkJCQkJCQkJCQ0NDQ0NDQ0NDQ0RERERERERERERFRUVFRUVFRUVFRkZGRkZGRkZG -RkdHR0dHR0dHR0dISEhISEhISEhISUlJSUlJSUlJSUpKSkpKSkpKSkpLS0tLS0tLS0tLTExMTExM -TExMTE1NTU1NTU1NTU1OTk5OTk5OTk5OT09PT09PT09PT1BQUFBQUFBQUFBRUVFRUVFRUVFRUlJS -UlJSUlJSUlNTU1NTU1NTU1NUVFRUVFRUVFRUVVVVVVVVVVVVVVZWVlZWVlZWVlZXV1dXV1dXV1dX -WFhYWFhYWFhYWFlZWVlZWVlZWVlaWlpaWlpaWlpaQUFBQUFBQUFBQUJCQkJCQkJCQkJDQ0NDQ0ND -Q0NDREREREREREREREVFRUVFRUVFRUVGRkZGRkZGRkZGR0dHR0dHR0dHR0hISEhISEhISEhJSUlJ -SUlJSUlJSkpKSkpKSkpKSktLS0tLS0tLS0tMTExMTExMTExMTU1NTU1NTU1NTU5OTk5OTk5OTk5P -T09PT09PT09PUFBQUFBQUFBQUFFRUVFRUVFRUVFSUlJSUlJSUlJSU1NTU1NTU1NTU1RUVFRUVFRU -VFRVVVVVVVVVVVVVVlZWVlZWVlZWVldXV1dXV1dXV1dYWFhYWFhYWFhYWVlZWVlZWVlZWVpaWlpa -WlpaWlpBQUFBQUFBQUFBQkJCQkJCQkJCQkNDQ0NDQ0NDQ0NERERERERERERERUVFRUVFRUVFRUZG -RkZGRkZGRkZHR0dHR0dHR0dHSEhISEhISEhISElJSUlJSUlJSUlKSkpKSkpKSkpKS0tLS0tLS0tL -S0xMTExMTExMTExNTU1NTU1NTU1NTk5OTk5OTk5OTk9PT09PT09PT09QUFBQUFBQUFBQUVFRUVFR -UVFRUVJSUlJSUlJSUlJTU1NTU1NTU1NTVFRUVFRUVFRUVFVVVVVVVVVVVVVWVlZWVlZWVlZWV1dX -V1dXV1dXV1hYWFhYWFhYWFhZWVlZWVlZWVlZWlpaWlpaWlpaWkFBQUFBQUFBQUFCQkJCQkJCQkJC -Q0NDQ0NDQ0NDQ0RERERERERERERFRUVFRUVFRUVFRkZGRkZGRkZGRkdHR0dHR0dHR0dISEhISEhI -SEhISUlJSUlJSUlJSUpKSkpKSkpKSkpLS0tLS0tLS0tLTExMTExMTExMTE1NTU1NTU1NTU1OTk5O -Tk5OTk5OT09PT09PT09PT1BQUFBQUFBQUFBRUVFRUVFRUVFRUlJSUlJSUlJSUlNTU1NTU1NTU1NU -VFRUVFRUVFRUVVVVVVVVVVVVVVZWVlZWVlZWVlZXV1dXV1dXV1dXWFhYWFhYWFhYWFlZWVlZWVlZ -WVlaWlpaWlpaWlpaQUFBQUFBQUFBQUJCQkJCQkJCQkJDQ0NDQ0NDQ0NDREREREREREREREVFRUVF -RUVFRUVGRkZGRkZGRkZGR0dHR0dHR0dHR0hISEhISEhISEhJSUlJSUlJSUlJSkpKSkpKSkpKSktL -S0tLS0tLS0tMTExMTExMTExMTU1NTU1NTU1NTU5OTk5OTk5OTk5PT09PT09PT09PUFBQUFBQUFBQ -UFFRUVFRUVFRUVFSUlJSUlJSUlJSU1NTU1NTU1NTU1RUVFRUVFRUVFRVVVVVVVVVVVVVVlZWVlZW -VlZWVldXV1dXV1dXV1dYWFhYWFhYWFhYWVlZWVlZWVlZWVpaWlpaWlpaWlpBQUFBQUFBQUFBQkJC -QkJCQkJCQkNDQ0NDQ0NDQ0NERERERERERERERUVFRUVFRUVFRUZGRkZGRkZGRkZHR0dHR0dHR0dH -SEhISEhISEhISElJSUlJSUlJSUlKSkpKSkpKSkpKS0tLS0tLS0tLS0xMTExMTExMTExNTU1NTU1N -TU1NTk5OTk5OTk5OTk9PT09PT09PT09QUFBQUFBQUFBQUVFRUVFRUVFRUVJSUlJSUlJSUlJTU1NT -U1NTU1NTVFRUVFRUVFRUVFVVVVVVVVVVVVVWVlZWVlZWVlZWV1dXV1dXV1dXV1hYWFhYWFhYWFhZ -WVlZWVlZWVlZWlpaWlpaWlpaWkFBQUFBQUFBQUFCQkJCQkJCQkJCQ0NDQ0NDQ0NDQ0RERERERERE -RERFRUVFRUVFRUVFRkZGRkZGRkZGRkdHR0dHR0dHR0dISEhISEhISEhISUlJSUlJSUlJSUpKSkpK -SkpKSkpLS0tLS0tLS0tLTExMTExMTExMTE1NTU1NTU1NTU1OTk5OTk5OTk5OT09PT09PT09PT1BQ -UFBQUFBQUFBRUVFRUVFRUVFRUlJSUlJSUlJSUlNTU1NTU1NTU1NUVFRUVFRUVFRUVVVVVVVVVVVV -VVZWVlZWVlZWVlZXV1dXV1dXV1dXWFhYWFhYWFhYWFlZWVlZWVlZWVlaWlpaWlpaWlpaQUFBQUFB -QUFBQUJCQkJCQkJCQkJDQ0NDQ0NDQ0NDREREREREREREREVFRUVFRUVFRUVGRkZGRkZGRkZGR0dH -R0dHR0dHR0hISEhISEhISEhJSUlJSUlJSUlJSkpKSkpKSkpKSktLS0tLS0tLS0tMTExMTExMTExM -TU1NTU1NTU1NTU5OTk5OTk5OTk5PT09PT09PT09PUFBQUFBQUFBQUFFRUVFRUVFRUVFSUlJSUlJS -UlJSU1NTU1NTU1NTU1RUVFRUVFRUVFRVVVVVVVVVVVVVVlZWVlZWVlZWVldXV1dXV1dXV1dYWFhY -WFhYWFhYWVlZWVlZWVlZWVpaWlpaWlpaWlpBQUFBQUFBQUFBQkJCQkJCQkJCQkNDQ0NDQ0NDQ0NE -RERERERERERERUVFRUVFRUVFRUZGRkZGRkZGRkZHR0dHR0dHR0dHSEhISEhISEhISElJSUlJSUlJ -SUlKSkpKSkpKSkpKS0tLS0tLS0tLS0xMTExMTExMTExNTU1NTU1NTU1NTk5OTk5OTk5OTk9PT09P -T09PT09QUFBQUFBQUFBQUVFRUVFRUVFRUVJSUlJSUlJSUlJTU1NTU1NTU1NTVFRUVFRUVFRUVFVV -VVVVVVVVVVVWVlZWVlZWVlZWV1dXV1dXV1dXV1hYWFhYWFhYWFhZWVlZWVlZWVlZWlpaWlpaWlpa -WkFBQUFBQUFBQUFCQkJCQkJCQkJCQ0NDQ0NDQ0NDQ0RERERERERERERFRUVFRUVFRUVFRkZGRkZG -RkZGRkdHR0dHR0dHR0dISEhISEhISEhISUlJSUlJSUlJSUpKSkpKSkpKSkpLS0tLS0tLS0tLTExM -TExMTExMTE1NTU1NTU1NTU1OTk5OTk5OTk5OT09PT09PT09PT1BQUFBQUFBQUFBRUVFRUVFRUVFR -UlJSUlJSUlJSUlNTU1NTU1NTU1NUVFRUVFRUVFRUVVVVVVVVVVVVVVZWVlZWVlZWVlZXV1dXV1dX -V1dXWFhYWFhYWFhYWFlZWVlZWVlZWVlaWlpaWlpaWlpaQUFBQUFBQUFBQUJCQkJCQkJCQkJDQ0ND -Q0NDQ0NDREREREREREREREVFRUVFRUVFRUVGRkZGRkZGRkZGR0dHR0dHR0dHR0hISEhISEhISEhJ -SUlJSUlJSUlJSkpKSkpKSkpKSktLS0tLS0tLS0tMTExMTExMTExMTU1NTU1NTU1NTU5OTk5OTk5O -Tk5PT09PT09PT09PUFBQUFBQUFBQUFFRUVFRUVFRUVFSUlJSUlJSUlJSU1NTU1NTU1NTU1RUVFRU -VFRUVFRVVVVVVVVVVVVVVlZWVlZWVlZWVldXV1dXV1dXV1dYWFhYWFhYWFhYWVlZWVlZWVlZWVpa -WlpaWlpaWlpBQUFBQUFBQUFBQkJCQkJCQkJCQkNDQ0NDQ0NDQ0NERERERERERERERUVFRUVFRUVF -RUZGRkZGRkZGRkZHR0dHR0dHR0dHSEhISEhISEhISElJSUlJSUlJSUlKSkpKSkpKSkpKS0tLS0tL -S0tLS0xMTExMTExMTExNTU1NTU1NTU1NTk5OTk5OTk5OTk9PT09PT09PT09QUFBQUFBQUFBQUVFR -UVFRUVFRUVJSUlJSUlJSUlJTU1NTU1NTU1NTVFRUVFRUVFRUVFVVVVVVVVVVVVVWVlZWVlZWVlZW -V1dXV1dXV1dXV1hYWFhYWFhYWFhZWVlZWVlZWVlZWlpaWlpaWlpaWkFBQUFBQUFBQUFCQkJCQkJC -QkJCQ0NDQ0NDQ0NDQ0RERERERERERERFRUVFRUVFRUVFRkZGRkZGRkZGRkdHR0dHR0dHR0dISEhI -SEhISEhISUlJSUlJSUlJSUpKSkpKSkpKSkpLS0tLS0tLS0tLTExMTExMTExMTE1NTU1NTU1NTU1O -Tk5OTk5OTk5OT09PT09PT09PT1BQUFBQUFBQUFBRUVFRUVFRUVFRUlJSUlJSUlJSUlNTU1NTU1NT -U1NUVFRUVFRUVFRUVVVVVVVVVVVVVVZWVlZWVlZWVlZXV1dXV1dXV1dXWFhYWFhYWFhYWFlZWVlZ -WVlZWVlaWlpaWlpaWlpaQUFBQUFBQUFBQUJCQkJCQkJCQkJDQ0NDQ0NDQ0NDREREREREREREREVF -RUVFRUVFRUVGRkZGRkZGRkZGR0dHR0dHR0dHR0hISEhISEhISEhJSUlJSUlJSUlJSkpKSkpKSkpK -SktLS0tLS0tLS0tMTExMTExMTExMTU1NTU1NTU1NTU5OTk5OTk5OTk5PT09PT09PT09PUFBQUFBQ -UFBQUFFRUVFRUVFRUVFSUlJSUlJSUlJSU1NTU1NTU1NTU1RUVFRUVFRUVFRVVVVVVVVVVVVVVlZW -VlZWVlZWVldXV1dXV1dXV1dYWFhYWFhYWFhYWVlZWVlZWVlZWVpaWlpaWlpaWlpBQUFBQUFBQUFB -QkJCQkJCQkJCQkNDQ0NDQ0NDQ0NERERERERERERERUVFRUVFRUVFRUZGRkZGRkZGRkZHR0dHR0dH -R0dHSEhISEhISEhISElJSUlJSUlJSUlKSkpKSkpKSkpKS0tLS0tLS0tLS0xMTExMTExMTExNTU1N -TU1NTU1NTk5OTk5OTk5OTk9PT09PT09PT09QUFBQUFBQUFBQUVFRUVFRUVFRUVJSUlJSUlJSUlJT -U1NTU1NTU1NTVFRUVFRUVFRUVFVVVVVVVVVVVVVWVlZWVlZWVlZWV1dXV1dXV1dXV1hYWFhYWFhY -WFhZWVlZWVlZWVlZWlpaWlpaWlpaWkFBQUFBQUFBQUFCQkJCQkJCQkJCQ0NDQ0NDQ0NDQ0RERERE -RERERERFRUVFRUVFRUVFRkZGRkZGRkZGRkdHR0dHR0dHR0dISEhISEhISEhISUlJSUlJSUlJSUpK -SkpKSkpKSkpLS0tLS0tLS0tLTExMTExMTExMTE1NTU1NTU1NTU1OTk5OTk5OTk5OT09PT09PT09P -T1BQUFBQUFBQUFBRUVFRUVFRUVFRUlJSUlJSUlJSUlNTU1NTU1NTU1NUVFRUVFRUVFRUVVVVVVVV -VVVVVVZWVlZWVlZWVlZXV1dXV1dXV1dXWFhYWFhYWFhYWFlZWVlZWVlZWVlaWlpaWlpaWlpaQUFB -QUFBQUFBQUJCQkJCQkJCQkJDQ0NDQ0NDQ0NDREREREREREREREVFRUVFRUVFRUVGRkZGRkZGRkZG -R0dHR0dHR0dHR0hISEhISEhISEhJSUlJSUlJSUlJSkpKSkpKSkpKSktLS0tLS0tLS0tMTExMTExM -TExMTU1NTU1NTU1NTU5OTk5OTk5OTk5PT09PT09PT09PUFBQUFBQUFBQUFFRUVFRUVFRUVFSUlJS -UlJSUlJSU1NTU1NTU1NTU1RUVFRUVFRUVFRVVVVVVVVVVVVVVlZWVlZWVlZWVldXV1dXV1dXV1dY -WFhYWFhYWFhYWVlZWVlZWVlZWVpaWlpaWlpaWlpBQUFBQUFBQUFBQkJCQkJCQkJCQkNDQ0NDQ0ND -Q0NERERERERERERERUVFRUVFRUVFRUZGRkZGRkZGRkZHR0dHR0dHR0dHSEhISEhISEhISElJSUlJ -SUlJSUlKSkpKSkpKSkpKS0tLS0tLS0tLS0xMTExMTExMTExNTU1NTU1NTU1NTk5OTk5OTk5OTk9P -T09PT09PT09QUFBQUFBQUFBQUVFRUVFRUVFRUVJSUlJSUlJSUlJTU1NTU1NTU1NTVFRUVFRUVFRU -VFVVVVVVVVVVVVVWVlZWVlZWVlZWV1dXV1dXV1dXV1hYWFhYWFhYWFhZWVlZWVlZWVlZWlpaWlpa -WlpaWkFBQUFBQUFBQUFCQkJCQkJCQkJCQ0NDQ0NDQ0NDQ0RERERERERERERFRUVFRUVFRUVFRkZG -RkZGRkZGRkdHR0dHR0dHR0dISEhISEhISEhISUlJSUlJSUlJSUpKSkpKSkpKSkpLS0tLS0tLS0tL -TExMTExMTExMTE1NTU1NTU1NTU1OTk5OTk5OTk5OT09PT09PT09PT1BQUFBQUFBQUFBRUVFRUVFR -UVFRUlJSUlJSUlJSUlNTU1NTU1NTU1NUVFRUVFRUVFRUVVVVVVVVVVVVVVZWVlZWVlZWVlZXV1dX -V1dXV1dXWFhYWFhYWFhYWFlZWVlZWVlZWVlaWlpaWlpaWlpaQUFBQUFBQUFBQUJCQkJCQkJCQkJD -Q0NDQ0NDQ0NDREREREREREREREVFRUVFRUVFRUVGRkZGRkZGRkZGR0dHR0dHR0dHR0hISEhISEhI -SEhJSUlJSUlJSUlJSkpKSkpKSkpKSktLS0tLS0tLS0tMTExMTExMTExMTU1NTU1NTU1NTU5OTk5O -Tk5OTk5PT09PT09PT09PUFBQUFBQUFBQUFFRUVFRUVFRUVFSUlJSUlJSUlJSU1NTU1NTU1NTU1RU -VFRUVFRUVFRVVVVVVVVVVVVVVlZWVlZWVlZWVldXV1dXV1dXV1dYWFhYWFhYWFhYWVlZWVlZWVlZ -WVpaWlpaWlpaWlpBQUFBQUFBQUFBQkJCQkJCQkJCQkNDQ0NDQ0NDQ0NERERERERERERERUVFRUVF -RUVFRUZGRkZGRkZGRkZHR0dHR0dHR0dHSEhISEhISEhISElJSUlJSUlJSUlKSkpKSkpKSkpKS0tL -S0tLS0tLS0xMTExMTExMTExNTU1NTU1NTU1NTk5OTk5OTk5OTk9PT09PT09PT09QUFBQUFBQUFBQ -UVFRUVFRUVFRUVJSUlJSUlJSUlJTU1NTU1NTU1NTVFRUVFRUVFRUVFVVVVVVVVVVVVVWVlZWVlZW -VlZWV1dXV1dXV1dXV1hYWFhYWFhYWFhZWVlZWVlZWVlZWlpaWlpaWlpaWkFBQUFBQUFBQUFCQkJC -QkJCQkJCQ0NDQ0NDQ0NDQ0RERERERERERERFRUVFRUVFRUVFRkZGRkZGRkZGRkdHR0dHR0dHR0dI -SEhISEhISEhISUlJSUlJSUlJSUpKSkpKSkpKSkpLS0tLS0tLS0tLTExMTExMTExMTE1NTU1NTU1N -TU1OTk5OTk5OTk5OT09PT09PT09PT1BQUFBQUFBQUFBRUVFRUVFRUVFRUlJSUlJSUlJSUlNTU1NT -U1NTU1NUVFRUVFRUVFRUVVVVVVVVVVVVVVZWVlZWVlZWVlZXV1dXV1dXV1dXWFhYWFhYWFhYWFlZ -WVlZWVlZWVlaWlpaWlpaWlpaQUFBQUFBQUFBQUJCQkJCQkJCQkJDQ0NDQ0NDQ0NDRERERERERERE -REVFRUVFRUVFRUVGRkZGRkZGRkZGR0dHR0dHR0dHR0hISEhISEhISEhJSUlJSUlJSUlJSkpKSkpK -SkpKSktLS0tLS0tLS0tMTExMTExMTExMTU1NTU1NTU1NTU5OTk5OTk5OTk5PT09PT09PT09PUFBQ -UFBQUFBQUFFRUVFRUVFRUVFSUlJSUlJSUlJSU1NTU1NTU1NTU1RUVFRUVFRUVFRVVVVVVVVVVVVV -VlZWVlZWVlZWVldXV1dXV1dXV1dYWFhYWFhYWFhYWVlZWVlZWVlZWVpaWlpaWlpaWlpBQUFBQUFB -QUFBQkJCQkJCQkJCQkNDQ0NDQ0NDQ0NERERERERERERERUVFRUVFRUVFRUZGRkZGRkZGRkZHR0dH -R0dHR0dHSEhISEhISEhISElJSUlJSUlJSUlKSkpKSkpKSkpKS0tLS0tLS0tLS0xMTExMTExMTExN -TU1NTU1NTU1NTk5OTk5OTk5OTk9PT09PT09PT09QUFBQUFBQUFBQUVFRUVFRUVFRUVJSUlJSUlJS -UlJTU1NTU1NTU1NTVFRUVFRUVFRUVFVVVVVVVVVVVVVWVlZWVlZWVlZWV1dXV1dXV1dXV1hYWFhY -WFhYWFhZWVlZWVlZWVlZWlpaWlpaWlpaWkFBQUFBQUFBQUFCQkJCQkJCQkJCQ0NDQ0NDQ0NDQ0RE -RERERERERERFRUVFRUVFRUVFRkZGRkZGRkZGRkdHR0dHR0dHR0dISEhISEhISEhISUlJSUlJSUlJ -SUpKSkpKSkpKSkpLS0tLS0tLS0tLTExMTExMTExMTE1NTU1NTU1NTU1OTk5OTk5OTk5OT09PT09P -T09PT1BQUFBQUFBQUFBRUVFRUVFRUVFRUlJSUlJSUlJSUlNTU1NTU1NTU1NUVFRUVFRUVFRUVVVV -VVVVVVVVVVZWVlZWVlZWVlZXV1dXV1dXV1dXWFhYWFhYWFhYWFlZWVlZWVlZWVlaWlpaWlpaWlpa -QUFBQUFBQUFBQUJCQkJCQkJCQkJDQ0NDQ0NDQ0NDREREREREREREREVFRUVFRUVFRUVGRkZGRkZG -RkZGR0dHR0dHR0dHR0hISEhISEhISEhJSUlJSUlJSUlJSkpKSkpKSkpKSktLS0tLS0tLS0tMTExM -TExMTExMTU1NTU1NTU1NTU5OTk5OTk5OTk5PT09PT09PT09PUFBQUFBQUFBQUFFRUVFRUVFRUVFS -UlJSUlJSUlJSU1NTU1NTU1NTU1RUVFRUVFRUVFRVVVVVVVVVVVVVVlZWVlZWVlZWVldXV1dXV1dX -V1dYWFhYWFhYWFhYWVlZWVlZWVlZWVpaWlpaWlpaWlpBQUFBQUFBQUFBQkJCQkJCQkJCQkNDQ0ND -Q0NDQ0NERERERERERERERUVFRUVFRUVFRUZGRkZGRkZGRkZHR0dHR0dHR0dHSEhISEhISEhISElJ -SUlJSUlJSUlKSkpKSkpKSkpKS0tLS0tLS0tLS0xMTExMTExMTExNTU1NTU1NTU1NTk5OTk5OTk5O -Tk9PT09PT09PT09QUFBQUFBQUFBQUVFRUVFRUVFRUVJSUlJSUlJSUlJTU1NTU1NTU1NTVFRUVFRU -VFRUVFVVVVVVVVVVVVVWVlZWVlZWVlZWV1dXV1dXV1dXV1hYWFhYWFhYWFhZWVlZWVlZWVlZWlpa -WlpaWlpaWkFBQUFBQUFBQUFCQkJCQkJCQkJCQ0NDQ0NDQ0NDQ0RERERERERERERFRUVFRUVFRUVF -RkZGRkZGRkZGRkdHR0dHR0dHR0dISEhISEhISEhISUlJSUlJSUlJSUpKSkpKSkpKSkpLS0tLS0tL -S0tLTExMTExMTExMTE1NTU1NTU1NTU1OTk5OTk5OTk5OT09PT09PT09PT1BQUFBQUFBQUFBRUVFR -UVFRUVFRUlJSUlJSUlJSUlNTU1NTU1NTU1NUVFRUVFRUVFRUVVVVVVVVVVVVVVZWVlZWVlZWVlZX -V1dXV1dXV1dXWFhYWFhYWFhYWFlZWVlZWVlZWVlaWlpaWlpaWlpaQUFBQUFBQUFBQUJCQkJCQkJC -QkJDQ0NDQ0NDQ0NDREREREREREREREVFRUVFRUVFRUVGRkZGRkZGRkZGR0dHR0dHR0dHR0hISEhI -SEhISEhJSUlJSUlJSUlJSkpKSkpKSkpKSktLS0tLS0tLS0tMTExMTExMTExMTU1NTU1NTU1NTU5O -Tk5OTk5OTk5PT09PT09PT09PUFBQUFBQUFBQUFFRUVFRUVFRUVFSUlJSUlJSUlJSU1NTU1NTU1NT -U1RUVFRUVFRUVFRVVVVVVVVVVVVVVlZWVlZWVlZWVldXV1dXV1dXV1dYWFhYWFhYWFhYWVlZWVlZ -WVlZWVpaWlpaWlpaWlpBQUFBQUFBQUFBQkJCQkJCQkJCQkNDQ0NDQ0NDQ0NERERERERERERERUVF -RUVFRUVFRUZGRkZGRkZGRkZHR0dHR0dHR0dHSEhISEhISEhISElJSUlJSUlJSUlKSkpKSkpKSkpK -S0tLS0tLS0tLS0xMTExMTExMTExNTU1NTU1NTU1NTk5OTk5OTk5OTk9PT09PT09PT09QUFBQUFBQ -UFBQUVFRUVFRUVFRUVJSUlJSUlJSUlJTU1NTU1NTU1NTVFRUVFRUVFRUVFVVVVVVVVVVVVVWVlZW -VlZWVlZWV1dXV1dXV1dXV1hYWFhYWFhYWFhZWVlZWVlZWVlZWlpaWlpaWlpaWkFBQUFBQUFBQUFC -QkJCQkJCQkJCQ0NDQ0NDQ0NDQ0RERERERERERERFRUVFRUVFRUVFRkZGRkZGRkZGRkdHR0dHR0dH -R0dISEhISEhISEhISUlJSUlJSUlJSUpKSkpKSkpKSkpLS0tLS0tLS0tLTExMTExMTExMTE1NTU1N -TU1NTU1OTk5OTk5OTk5OT09PT09PT09PT1BQUFBQUFBQUFBRUVFRUVFRUVFRUlJSUlJSUlJSUlNT -U1NTU1NTU1NUVFRUVFRUVFRUVVVVVVVVVVVVVVZWVlZWVlZWVlZXV1dXV1dXV1dXWFhYWFhYWFhY -WFlZWVlZWVlZWVlaWlpaWlpaWlpaQUFBQUFBQUFBQUJCQkJCQkJCQkJDQ0NDQ0NDQ0NDRERERERE -REREREVFRUVFRUVFRUVGRkZGRkZGRkZGR0dHR0dHR0dHR0hISEhISEhISEhJSUlJSUlJSUlJSkpK -SkpKSkpKSktLS0tLS0tLS0tMTExMTExMTExMTU1NTU1NTU1NTU5OTk5OTk5OTk5PT09PT09PT09P -UFBQUFBQUFBQUFFRUVFRUVFRUVFSUlJSUlJSUlJSU1NTU1NTU1NTU1RUVFRUVFRUVFRVVVVVVVVV -VVVVVlZWVlZWVlZWVldXV1dXV1dXV1dYWFhYWFhYWFhYWVlZWVlZWVlZWVpaWlpaWlpaWlpBQUFB -QUFBQUFBQkJCQkJCQkJCQkNDQ0NDQ0NDQ0NERERERERERERERUVFRUVFRUVFRUZGRkZGRkZGRkZH -R0dHR0dHR0dHSEhISEhISEhISElJSUlJSUlJSUlKSkpKSkpKSkpKS0tLS0tLS0tLS0xMTExMTExM -TExNTU1NTU1NTU1NTk5OTk5OTk5OTk9PT09PT09PT09QUFBQUFBQUFBQUVFRUVFRUVFRUVJSUlJS -UlJSUlJTU1NTU1NTU1NTVFRUVFRUVFRUVFVVVVVVVVVVVVVWVlZWVlZWVlZWV1dXV1dXV1dXV1hY -WFhYWFhYWFhZWVlZWVlZWVlZWlpaWlpaWlpaWkFBQUFBQUFBQUFCQkJCQkJCQkJCQ0NDQ0NDQ0ND -Q0RERERERERERERFRUVFRUVFRUVFRkZGRkZGRkZGRkdHR0dHR0dHR0dISEhISEhISEhISUlJSUlJ -SUlJSUpKSkpKSkpKSko= --------------------------------- -. + +Content-Type: multipart/mixed; boundary=---------------------------- +Mime-Version: 1.0 + +------------------------------ +Content-Disposition: attachment; filename="myfile.jpg" +Content-Type: image/jpeg +Content-Transfer-Encoding: base64 + +QUFBQUFBQUFBQUJCQkJCQkJCQkJDQ0NDQ0NDQ0NDREREREREREREREVFRUVFRUVFRUVGRkZGRkZG +RkZGR0dHR0dHR0dHR0hISEhISEhISEhJSUlJSUlJSUlJSkpKSkpKSkpKSktLS0tLS0tLS0tMTExM +TExMTExMTU1NTU1NTU1NTU5OTk5OTk5OTk5PT09PT09PT09PUFBQUFBQUFBQUFFRUVFRUVFRUVFS +UlJSUlJSUlJSU1NTU1NTU1NTU1RUVFRUVFRUVFRVVVVVVVVVVVVVVlZWVlZWVlZWVldXV1dXV1dX +V1dYWFhYWFhYWFhYWVlZWVlZWVlZWVpaWlpaWlpaWlpBQUFBQUFBQUFBQkJCQkJCQkJCQkNDQ0ND +Q0NDQ0NERERERERERERERUVFRUVFRUVFRUZGRkZGRkZGRkZHR0dHR0dHR0dHSEhISEhISEhISElJ +SUlJSUlJSUlKSkpKSkpKSkpKS0tLS0tLS0tLS0xMTExMTExMTExNTU1NTU1NTU1NTk5OTk5OTk5O +Tk9PT09PT09PT09QUFBQUFBQUFBQUVFRUVFRUVFRUVJSUlJSUlJSUlJTU1NTU1NTU1NTVFRUVFRU +VFRUVFVVVVVVVVVVVVVWVlZWVlZWVlZWV1dXV1dXV1dXV1hYWFhYWFhYWFhZWVlZWVlZWVlZWlpa +WlpaWlpaWkFBQUFBQUFBQUFCQkJCQkJCQkJCQ0NDQ0NDQ0NDQ0RERERERERERERFRUVFRUVFRUVF +RkZGRkZGRkZGRkdHR0dHR0dHR0dISEhISEhISEhISUlJSUlJSUlJSUpKSkpKSkpKSkpLS0tLS0tL +S0tLTExMTExMTExMTE1NTU1NTU1NTU1OTk5OTk5OTk5OT09PT09PT09PT1BQUFBQUFBQUFBRUVFR +UVFRUVFRUlJSUlJSUlJSUlNTU1NTU1NTU1NUVFRUVFRUVFRUVVVVVVVVVVVVVVZWVlZWVlZWVlZX +V1dXV1dXV1dXWFhYWFhYWFhYWFlZWVlZWVlZWVlaWlpaWlpaWlpaQUFBQUFBQUFBQUJCQkJCQkJC +QkJDQ0NDQ0NDQ0NDREREREREREREREVFRUVFRUVFRUVGRkZGRkZGRkZGR0dHR0dHR0dHR0hISEhI +SEhISEhJSUlJSUlJSUlJSkpKSkpKSkpKSktLS0tLS0tLS0tMTExMTExMTExMTU1NTU1NTU1NTU5O +Tk5OTk5OTk5PT09PT09PT09PUFBQUFBQUFBQUFFRUVFRUVFRUVFSUlJSUlJSUlJSU1NTU1NTU1NT +U1RUVFRUVFRUVFRVVVVVVVVVVVVVVlZWVlZWVlZWVldXV1dXV1dXV1dYWFhYWFhYWFhYWVlZWVlZ +WVlZWVpaWlpaWlpaWlpBQUFBQUFBQUFBQkJCQkJCQkJCQkNDQ0NDQ0NDQ0NERERERERERERERUVF +RUVFRUVFRUZGRkZGRkZGRkZHR0dHR0dHR0dHSEhISEhISEhISElJSUlJSUlJSUlKSkpKSkpKSkpK +S0tLS0tLS0tLS0xMTExMTExMTExNTU1NTU1NTU1NTk5OTk5OTk5OTk9PT09PT09PT09QUFBQUFBQ +UFBQUVFRUVFRUVFRUVJSUlJSUlJSUlJTU1NTU1NTU1NTVFRUVFRUVFRUVFVVVVVVVVVVVVVWVlZW +VlZWVlZWV1dXV1dXV1dXV1hYWFhYWFhYWFhZWVlZWVlZWVlZWlpaWlpaWlpaWkFBQUFBQUFBQUFC +QkJCQkJCQkJCQ0NDQ0NDQ0NDQ0RERERERERERERFRUVFRUVFRUVFRkZGRkZGRkZGRkdHR0dHR0dH +R0dISEhISEhISEhISUlJSUlJSUlJSUpKSkpKSkpKSkpLS0tLS0tLS0tLTExMTExMTExMTE1NTU1N +TU1NTU1OTk5OTk5OTk5OT09PT09PT09PT1BQUFBQUFBQUFBRUVFRUVFRUVFRUlJSUlJSUlJSUlNT +U1NTU1NTU1NUVFRUVFRUVFRUVVVVVVVVVVVVVVZWVlZWVlZWVlZXV1dXV1dXV1dXWFhYWFhYWFhY +WFlZWVlZWVlZWVlaWlpaWlpaWlpaQUFBQUFBQUFBQUJCQkJCQkJCQkJDQ0NDQ0NDQ0NDRERERERE +REREREVFRUVFRUVFRUVGRkZGRkZGRkZGR0dHR0dHR0dHR0hISEhISEhISEhJSUlJSUlJSUlJSkpK +SkpKSkpKSktLS0tLS0tLS0tMTExMTExMTExMTU1NTU1NTU1NTU5OTk5OTk5OTk5PT09PT09PT09P +UFBQUFBQUFBQUFFRUVFRUVFRUVFSUlJSUlJSUlJSU1NTU1NTU1NTU1RUVFRUVFRUVFRVVVVVVVVV +VVVVVlZWVlZWVlZWVldXV1dXV1dXV1dYWFhYWFhYWFhYWVlZWVlZWVlZWVpaWlpaWlpaWlpBQUFB +QUFBQUFBQkJCQkJCQkJCQkNDQ0NDQ0NDQ0NERERERERERERERUVFRUVFRUVFRUZGRkZGRkZGRkZH +R0dHR0dHR0dHSEhISEhISEhISElJSUlJSUlJSUlKSkpKSkpKSkpKS0tLS0tLS0tLS0xMTExMTExM +TExNTU1NTU1NTU1NTk5OTk5OTk5OTk9PT09PT09PT09QUFBQUFBQUFBQUVFRUVFRUVFRUVJSUlJS +UlJSUlJTU1NTU1NTU1NTVFRUVFRUVFRUVFVVVVVVVVVVVVVWVlZWVlZWVlZWV1dXV1dXV1dXV1hY +WFhYWFhYWFhZWVlZWVlZWVlZWlpaWlpaWlpaWkFBQUFBQUFBQUFCQkJCQkJCQkJCQ0NDQ0NDQ0ND +Q0RERERERERERERFRUVFRUVFRUVFRkZGRkZGRkZGRkdHR0dHR0dHR0dISEhISEhISEhISUlJSUlJ +SUlJSUpKSkpKSkpKSkpLS0tLS0tLS0tLTExMTExMTExMTE1NTU1NTU1NTU1OTk5OTk5OTk5OT09P +T09PT09PT1BQUFBQUFBQUFBRUVFRUVFRUVFRUlJSUlJSUlJSUlNTU1NTU1NTU1NUVFRUVFRUVFRU +VVVVVVVVVVVVVVZWVlZWVlZWVlZXV1dXV1dXV1dXWFhYWFhYWFhYWFlZWVlZWVlZWVlaWlpaWlpa +WlpaQUFBQUFBQUFBQUJCQkJCQkJCQkJDQ0NDQ0NDQ0NDREREREREREREREVFRUVFRUVFRUVGRkZG +RkZGRkZGR0dHR0dHR0dHR0hISEhISEhISEhJSUlJSUlJSUlJSkpKSkpKSkpKSktLS0tLS0tLS0tM +TExMTExMTExMTU1NTU1NTU1NTU5OTk5OTk5OTk5PT09PT09PT09PUFBQUFBQUFBQUFFRUVFRUVFR +UVFSUlJSUlJSUlJSU1NTU1NTU1NTU1RUVFRUVFRUVFRVVVVVVVVVVVVVVlZWVlZWVlZWVldXV1dX +V1dXV1dYWFhYWFhYWFhYWVlZWVlZWVlZWVpaWlpaWlpaWlpBQUFBQUFBQUFBQkJCQkJCQkJCQkND +Q0NDQ0NDQ0NERERERERERERERUVFRUVFRUVFRUZGRkZGRkZGRkZHR0dHR0dHR0dHSEhISEhISEhI +SElJSUlJSUlJSUlKSkpKSkpKSkpKS0tLS0tLS0tLS0xMTExMTExMTExNTU1NTU1NTU1NTk5OTk5O +Tk5OTk9PT09PT09PT09QUFBQUFBQUFBQUVFRUVFRUVFRUVJSUlJSUlJSUlJTU1NTU1NTU1NTVFRU +VFRUVFRUVFVVVVVVVVVVVVVWVlZWVlZWVlZWV1dXV1dXV1dXV1hYWFhYWFhYWFhZWVlZWVlZWVlZ +WlpaWlpaWlpaWkFBQUFBQUFBQUFCQkJCQkJCQkJCQ0NDQ0NDQ0NDQ0RERERERERERERFRUVFRUVF +RUVFRkZGRkZGRkZGRkdHR0dHR0dHR0dISEhISEhISEhISUlJSUlJSUlJSUpKSkpKSkpKSkpLS0tL +S0tLS0tLTExMTExMTExMTE1NTU1NTU1NTU1OTk5OTk5OTk5OT09PT09PT09PT1BQUFBQUFBQUFBR +UVFRUVFRUVFRUlJSUlJSUlJSUlNTU1NTU1NTU1NUVFRUVFRUVFRUVVVVVVVVVVVVVVZWVlZWVlZW +VlZXV1dXV1dXV1dXWFhYWFhYWFhYWFlZWVlZWVlZWVlaWlpaWlpaWlpaQUFBQUFBQUFBQUJCQkJC +QkJCQkJDQ0NDQ0NDQ0NDREREREREREREREVFRUVFRUVFRUVGRkZGRkZGRkZGR0dHR0dHR0dHR0hI +SEhISEhISEhJSUlJSUlJSUlJSkpKSkpKSkpKSktLS0tLS0tLS0tMTExMTExMTExMTU1NTU1NTU1N +TU5OTk5OTk5OTk5PT09PT09PT09PUFBQUFBQUFBQUFFRUVFRUVFRUVFSUlJSUlJSUlJSU1NTU1NT +U1NTU1RUVFRUVFRUVFRVVVVVVVVVVVVVVlZWVlZWVlZWVldXV1dXV1dXV1dYWFhYWFhYWFhYWVlZ +WVlZWVlZWVpaWlpaWlpaWlpBQUFBQUFBQUFBQkJCQkJCQkJCQkNDQ0NDQ0NDQ0NERERERERERERE +RUVFRUVFRUVFRUZGRkZGRkZGRkZHR0dHR0dHR0dHSEhISEhISEhISElJSUlJSUlJSUlKSkpKSkpK +SkpKS0tLS0tLS0tLS0xMTExMTExMTExNTU1NTU1NTU1NTk5OTk5OTk5OTk9PT09PT09PT09QUFBQ +UFBQUFBQUVFRUVFRUVFRUVJSUlJSUlJSUlJTU1NTU1NTU1NTVFRUVFRUVFRUVFVVVVVVVVVVVVVW +VlZWVlZWVlZWV1dXV1dXV1dXV1hYWFhYWFhYWFhZWVlZWVlZWVlZWlpaWlpaWlpaWkFBQUFBQUFB +QUFCQkJCQkJCQkJCQ0NDQ0NDQ0NDQ0RERERERERERERFRUVFRUVFRUVFRkZGRkZGRkZGRkdHR0dH +R0dHR0dISEhISEhISEhISUlJSUlJSUlJSUpKSkpKSkpKSkpLS0tLS0tLS0tLTExMTExMTExMTE1N +TU1NTU1NTU1OTk5OTk5OTk5OT09PT09PT09PT1BQUFBQUFBQUFBRUVFRUVFRUVFRUlJSUlJSUlJS +UlNTU1NTU1NTU1NUVFRUVFRUVFRUVVVVVVVVVVVVVVZWVlZWVlZWVlZXV1dXV1dXV1dXWFhYWFhY +WFhYWFlZWVlZWVlZWVlaWlpaWlpaWlpaQUFBQUFBQUFBQUJCQkJCQkJCQkJDQ0NDQ0NDQ0NDRERE +REREREREREVFRUVFRUVFRUVGRkZGRkZGRkZGR0dHR0dHR0dHR0hISEhISEhISEhJSUlJSUlJSUlJ +SkpKSkpKSkpKSktLS0tLS0tLS0tMTExMTExMTExMTU1NTU1NTU1NTU5OTk5OTk5OTk5PT09PT09P +T09PUFBQUFBQUFBQUFFRUVFRUVFRUVFSUlJSUlJSUlJSU1NTU1NTU1NTU1RUVFRUVFRUVFRVVVVV +VVVVVVVVVlZWVlZWVlZWVldXV1dXV1dXV1dYWFhYWFhYWFhYWVlZWVlZWVlZWVpaWlpaWlpaWlpB +QUFBQUFBQUFBQkJCQkJCQkJCQkNDQ0NDQ0NDQ0NERERERERERERERUVFRUVFRUVFRUZGRkZGRkZG +RkZHR0dHR0dHR0dHSEhISEhISEhISElJSUlJSUlJSUlKSkpKSkpKSkpKS0tLS0tLS0tLS0xMTExM +TExMTExNTU1NTU1NTU1NTk5OTk5OTk5OTk9PT09PT09PT09QUFBQUFBQUFBQUVFRUVFRUVFRUVJS +UlJSUlJSUlJTU1NTU1NTU1NTVFRUVFRUVFRUVFVVVVVVVVVVVVVWVlZWVlZWVlZWV1dXV1dXV1dX +V1hYWFhYWFhYWFhZWVlZWVlZWVlZWlpaWlpaWlpaWkFBQUFBQUFBQUFCQkJCQkJCQkJCQ0NDQ0ND +Q0NDQ0RERERERERERERFRUVFRUVFRUVFRkZGRkZGRkZGRkdHR0dHR0dHR0dISEhISEhISEhISUlJ +SUlJSUlJSUpKSkpKSkpKSkpLS0tLS0tLS0tLTExMTExMTExMTE1NTU1NTU1NTU1OTk5OTk5OTk5O +T09PT09PT09PT1BQUFBQUFBQUFBRUVFRUVFRUVFRUlJSUlJSUlJSUlNTU1NTU1NTU1NUVFRUVFRU +VFRUVVVVVVVVVVVVVVZWVlZWVlZWVlZXV1dXV1dXV1dXWFhYWFhYWFhYWFlZWVlZWVlZWVlaWlpa +WlpaWlpaQUFBQUFBQUFBQUJCQkJCQkJCQkJDQ0NDQ0NDQ0NDREREREREREREREVFRUVFRUVFRUVG +RkZGRkZGRkZGR0dHR0dHR0dHR0hISEhISEhISEhJSUlJSUlJSUlJSkpKSkpKSkpKSktLS0tLS0tL +S0tMTExMTExMTExMTU1NTU1NTU1NTU5OTk5OTk5OTk5PT09PT09PT09PUFBQUFBQUFBQUFFRUVFR +UVFRUVFSUlJSUlJSUlJSU1NTU1NTU1NTU1RUVFRUVFRUVFRVVVVVVVVVVVVVVlZWVlZWVlZWVldX +V1dXV1dXV1dYWFhYWFhYWFhYWVlZWVlZWVlZWVpaWlpaWlpaWlpBQUFBQUFBQUFBQkJCQkJCQkJC +QkNDQ0NDQ0NDQ0NERERERERERERERUVFRUVFRUVFRUZGRkZGRkZGRkZHR0dHR0dHR0dHSEhISEhI +SEhISElJSUlJSUlJSUlKSkpKSkpKSkpKS0tLS0tLS0tLS0xMTExMTExMTExNTU1NTU1NTU1NTk5O +Tk5OTk5OTk9PT09PT09PT09QUFBQUFBQUFBQUVFRUVFRUVFRUVJSUlJSUlJSUlJTU1NTU1NTU1NT +VFRUVFRUVFRUVFVVVVVVVVVVVVVWVlZWVlZWVlZWV1dXV1dXV1dXV1hYWFhYWFhYWFhZWVlZWVlZ +WVlZWlpaWlpaWlpaWkFBQUFBQUFBQUFCQkJCQkJCQkJCQ0NDQ0NDQ0NDQ0RERERERERERERFRUVF +RUVFRUVFRkZGRkZGRkZGRkdHR0dHR0dHR0dISEhISEhISEhISUlJSUlJSUlJSUpKSkpKSkpKSkpL +S0tLS0tLS0tLTExMTExMTExMTE1NTU1NTU1NTU1OTk5OTk5OTk5OT09PT09PT09PT1BQUFBQUFBQ +UFBRUVFRUVFRUVFRUlJSUlJSUlJSUlNTU1NTU1NTU1NUVFRUVFRUVFRUVVVVVVVVVVVVVVZWVlZW +VlZWVlZXV1dXV1dXV1dXWFhYWFhYWFhYWFlZWVlZWVlZWVlaWlpaWlpaWlpaQUFBQUFBQUFBQUJC +QkJCQkJCQkJDQ0NDQ0NDQ0NDREREREREREREREVFRUVFRUVFRUVGRkZGRkZGRkZGR0dHR0dHR0dH +R0hISEhISEhISEhJSUlJSUlJSUlJSkpKSkpKSkpKSktLS0tLS0tLS0tMTExMTExMTExMTU1NTU1N +TU1NTU5OTk5OTk5OTk5PT09PT09PT09PUFBQUFBQUFBQUFFRUVFRUVFRUVFSUlJSUlJSUlJSU1NT +U1NTU1NTU1RUVFRUVFRUVFRVVVVVVVVVVVVVVlZWVlZWVlZWVldXV1dXV1dXV1dYWFhYWFhYWFhY +WVlZWVlZWVlZWVpaWlpaWlpaWlpBQUFBQUFBQUFBQkJCQkJCQkJCQkNDQ0NDQ0NDQ0NERERERERE +RERERUVFRUVFRUVFRUZGRkZGRkZGRkZHR0dHR0dHR0dHSEhISEhISEhISElJSUlJSUlJSUlKSkpK +SkpKSkpKS0tLS0tLS0tLS0xMTExMTExMTExNTU1NTU1NTU1NTk5OTk5OTk5OTk9PT09PT09PT09Q +UFBQUFBQUFBQUVFRUVFRUVFRUVJSUlJSUlJSUlJTU1NTU1NTU1NTVFRUVFRUVFRUVFVVVVVVVVVV +VVVWVlZWVlZWVlZWV1dXV1dXV1dXV1hYWFhYWFhYWFhZWVlZWVlZWVlZWlpaWlpaWlpaWkFBQUFB +QUFBQUFCQkJCQkJCQkJCQ0NDQ0NDQ0NDQ0RERERERERERERFRUVFRUVFRUVFRkZGRkZGRkZGRkdH +R0dHR0dHR0dISEhISEhISEhISUlJSUlJSUlJSUpKSkpKSkpKSkpLS0tLS0tLS0tLTExMTExMTExM +TE1NTU1NTU1NTU1OTk5OTk5OTk5OT09PT09PT09PT1BQUFBQUFBQUFBRUVFRUVFRUVFRUlJSUlJS +UlJSUlNTU1NTU1NTU1NUVFRUVFRUVFRUVVVVVVVVVVVVVVZWVlZWVlZWVlZXV1dXV1dXV1dXWFhY +WFhYWFhYWFlZWVlZWVlZWVlaWlpaWlpaWlpaQUFBQUFBQUFBQUJCQkJCQkJCQkJDQ0NDQ0NDQ0ND +REREREREREREREVFRUVFRUVFRUVGRkZGRkZGRkZGR0dHR0dHR0dHR0hISEhISEhISEhJSUlJSUlJ +SUlJSkpKSkpKSkpKSktLS0tLS0tLS0tMTExMTExMTExMTU1NTU1NTU1NTU5OTk5OTk5OTk5PT09P +T09PT09PUFBQUFBQUFBQUFFRUVFRUVFRUVFSUlJSUlJSUlJSU1NTU1NTU1NTU1RUVFRUVFRUVFRV +VVVVVVVVVVVVVlZWVlZWVlZWVldXV1dXV1dXV1dYWFhYWFhYWFhYWVlZWVlZWVlZWVpaWlpaWlpa +WlpBQUFBQUFBQUFBQkJCQkJCQkJCQkNDQ0NDQ0NDQ0NERERERERERERERUVFRUVFRUVFRUZGRkZG +RkZGRkZHR0dHR0dHR0dHSEhISEhISEhISElJSUlJSUlJSUlKSkpKSkpKSkpKS0tLS0tLS0tLS0xM +TExMTExMTExNTU1NTU1NTU1NTk5OTk5OTk5OTk9PT09PT09PT09QUFBQUFBQUFBQUVFRUVFRUVFR +UVJSUlJSUlJSUlJTU1NTU1NTU1NTVFRUVFRUVFRUVFVVVVVVVVVVVVVWVlZWVlZWVlZWV1dXV1dX +V1dXV1hYWFhYWFhYWFhZWVlZWVlZWVlZWlpaWlpaWlpaWkFBQUFBQUFBQUFCQkJCQkJCQkJCQ0ND +Q0NDQ0NDQ0RERERERERERERFRUVFRUVFRUVFRkZGRkZGRkZGRkdHR0dHR0dHR0dISEhISEhISEhI +SUlJSUlJSUlJSUpKSkpKSkpKSkpLS0tLS0tLS0tLTExMTExMTExMTE1NTU1NTU1NTU1OTk5OTk5O +Tk5OT09PT09PT09PT1BQUFBQUFBQUFBRUVFRUVFRUVFRUlJSUlJSUlJSUlNTU1NTU1NTU1NUVFRU +VFRUVFRUVVVVVVVVVVVVVVZWVlZWVlZWVlZXV1dXV1dXV1dXWFhYWFhYWFhYWFlZWVlZWVlZWVla +WlpaWlpaWlpaQUFBQUFBQUFBQUJCQkJCQkJCQkJDQ0NDQ0NDQ0NDREREREREREREREVFRUVFRUVF +RUVGRkZGRkZGRkZGR0dHR0dHR0dHR0hISEhISEhISEhJSUlJSUlJSUlJSkpKSkpKSkpKSktLS0tL +S0tLS0tMTExMTExMTExMTU1NTU1NTU1NTU5OTk5OTk5OTk5PT09PT09PT09PUFBQUFBQUFBQUFFR +UVFRUVFRUVFSUlJSUlJSUlJSU1NTU1NTU1NTU1RUVFRUVFRUVFRVVVVVVVVVVVVVVlZWVlZWVlZW +VldXV1dXV1dXV1dYWFhYWFhYWFhYWVlZWVlZWVlZWVpaWlpaWlpaWlpBQUFBQUFBQUFBQkJCQkJC +QkJCQkNDQ0NDQ0NDQ0NERERERERERERERUVFRUVFRUVFRUZGRkZGRkZGRkZHR0dHR0dHR0dHSEhI +SEhISEhISElJSUlJSUlJSUlKSkpKSkpKSkpKS0tLS0tLS0tLS0xMTExMTExMTExNTU1NTU1NTU1N +Tk5OTk5OTk5OTk9PT09PT09PT09QUFBQUFBQUFBQUVFRUVFRUVFRUVJSUlJSUlJSUlJTU1NTU1NT +U1NTVFRUVFRUVFRUVFVVVVVVVVVVVVVWVlZWVlZWVlZWV1dXV1dXV1dXV1hYWFhYWFhYWFhZWVlZ +WVlZWVlZWlpaWlpaWlpaWkFBQUFBQUFBQUFCQkJCQkJCQkJCQ0NDQ0NDQ0NDQ0RERERERERERERF +RUVFRUVFRUVFRkZGRkZGRkZGRkdHR0dHR0dHR0dISEhISEhISEhISUlJSUlJSUlJSUpKSkpKSkpK +SkpLS0tLS0tLS0tLTExMTExMTExMTE1NTU1NTU1NTU1OTk5OTk5OTk5OT09PT09PT09PT1BQUFBQ +UFBQUFBRUVFRUVFRUVFRUlJSUlJSUlJSUlNTU1NTU1NTU1NUVFRUVFRUVFRUVVVVVVVVVVVVVVZW +VlZWVlZWVlZXV1dXV1dXV1dXWFhYWFhYWFhYWFlZWVlZWVlZWVlaWlpaWlpaWlpaQUFBQUFBQUFB +QUJCQkJCQkJCQkJDQ0NDQ0NDQ0NDREREREREREREREVFRUVFRUVFRUVGRkZGRkZGRkZGR0dHR0dH +R0dHR0hISEhISEhISEhJSUlJSUlJSUlJSkpKSkpKSkpKSktLS0tLS0tLS0tMTExMTExMTExMTU1N +TU1NTU1NTU5OTk5OTk5OTk5PT09PT09PT09PUFBQUFBQUFBQUFFRUVFRUVFRUVFSUlJSUlJSUlJS +U1NTU1NTU1NTU1RUVFRUVFRUVFRVVVVVVVVVVVVVVlZWVlZWVlZWVldXV1dXV1dXV1dYWFhYWFhY +WFhYWVlZWVlZWVlZWVpaWlpaWlpaWlpBQUFBQUFBQUFBQkJCQkJCQkJCQkNDQ0NDQ0NDQ0NERERE +RERERERERUVFRUVFRUVFRUZGRkZGRkZGRkZHR0dHR0dHR0dHSEhISEhISEhISElJSUlJSUlJSUlK +SkpKSkpKSkpKS0tLS0tLS0tLS0xMTExMTExMTExNTU1NTU1NTU1NTk5OTk5OTk5OTk9PT09PT09P +T09QUFBQUFBQUFBQUVFRUVFRUVFRUVJSUlJSUlJSUlJTU1NTU1NTU1NTVFRUVFRUVFRUVFVVVVVV +VVVVVVVWVlZWVlZWVlZWV1dXV1dXV1dXV1hYWFhYWFhYWFhZWVlZWVlZWVlZWlpaWlpaWlpaWkFB +QUFBQUFBQUFCQkJCQkJCQkJCQ0NDQ0NDQ0NDQ0RERERERERERERFRUVFRUVFRUVFRkZGRkZGRkZG +RkdHR0dHR0dHR0dISEhISEhISEhISUlJSUlJSUlJSUpKSkpKSkpKSkpLS0tLS0tLS0tLTExMTExM +TExMTE1NTU1NTU1NTU1OTk5OTk5OTk5OT09PT09PT09PT1BQUFBQUFBQUFBRUVFRUVFRUVFRUlJS +UlJSUlJSUlNTU1NTU1NTU1NUVFRUVFRUVFRUVVVVVVVVVVVVVVZWVlZWVlZWVlZXV1dXV1dXV1dX +WFhYWFhYWFhYWFlZWVlZWVlZWVlaWlpaWlpaWlpaQUFBQUFBQUFBQUJCQkJCQkJCQkJDQ0NDQ0ND +Q0NDREREREREREREREVFRUVFRUVFRUVGRkZGRkZGRkZGR0dHR0dHR0dHR0hISEhISEhISEhJSUlJ +SUlJSUlJSkpKSkpKSkpKSktLS0tLS0tLS0tMTExMTExMTExMTU1NTU1NTU1NTU5OTk5OTk5OTk5P +T09PT09PT09PUFBQUFBQUFBQUFFRUVFRUVFRUVFSUlJSUlJSUlJSU1NTU1NTU1NTU1RUVFRUVFRU +VFRVVVVVVVVVVVVVVlZWVlZWVlZWVldXV1dXV1dXV1dYWFhYWFhYWFhYWVlZWVlZWVlZWVpaWlpa +WlpaWlpBQUFBQUFBQUFBQkJCQkJCQkJCQkNDQ0NDQ0NDQ0NERERERERERERERUVFRUVFRUVFRUZG +RkZGRkZGRkZHR0dHR0dHR0dHSEhISEhISEhISElJSUlJSUlJSUlKSkpKSkpKSkpKS0tLS0tLS0tL +S0xMTExMTExMTExNTU1NTU1NTU1NTk5OTk5OTk5OTk9PT09PT09PT09QUFBQUFBQUFBQUVFRUVFR +UVFRUVJSUlJSUlJSUlJTU1NTU1NTU1NTVFRUVFRUVFRUVFVVVVVVVVVVVVVWVlZWVlZWVlZWV1dX +V1dXV1dXV1hYWFhYWFhYWFhZWVlZWVlZWVlZWlpaWlpaWlpaWkFBQUFBQUFBQUFCQkJCQkJCQkJC +Q0NDQ0NDQ0NDQ0RERERERERERERFRUVFRUVFRUVFRkZGRkZGRkZGRkdHR0dHR0dHR0dISEhISEhI +SEhISUlJSUlJSUlJSUpKSkpKSkpKSkpLS0tLS0tLS0tLTExMTExMTExMTE1NTU1NTU1NTU1OTk5O +Tk5OTk5OT09PT09PT09PT1BQUFBQUFBQUFBRUVFRUVFRUVFRUlJSUlJSUlJSUlNTU1NTU1NTU1NU +VFRUVFRUVFRUVVVVVVVVVVVVVVZWVlZWVlZWVlZXV1dXV1dXV1dXWFhYWFhYWFhYWFlZWVlZWVlZ +WVlaWlpaWlpaWlpaQUFBQUFBQUFBQUJCQkJCQkJCQkJDQ0NDQ0NDQ0NDREREREREREREREVFRUVF +RUVFRUVGRkZGRkZGRkZGR0dHR0dHR0dHR0hISEhISEhISEhJSUlJSUlJSUlJSkpKSkpKSkpKSktL +S0tLS0tLS0tMTExMTExMTExMTU1NTU1NTU1NTU5OTk5OTk5OTk5PT09PT09PT09PUFBQUFBQUFBQ +UFFRUVFRUVFRUVFSUlJSUlJSUlJSU1NTU1NTU1NTU1RUVFRUVFRUVFRVVVVVVVVVVVVVVlZWVlZW +VlZWVldXV1dXV1dXV1dYWFhYWFhYWFhYWVlZWVlZWVlZWVpaWlpaWlpaWlpBQUFBQUFBQUFBQkJC +QkJCQkJCQkNDQ0NDQ0NDQ0NERERERERERERERUVFRUVFRUVFRUZGRkZGRkZGRkZHR0dHR0dHR0dH +SEhISEhISEhISElJSUlJSUlJSUlKSkpKSkpKSkpKS0tLS0tLS0tLS0xMTExMTExMTExNTU1NTU1N +TU1NTk5OTk5OTk5OTk9PT09PT09PT09QUFBQUFBQUFBQUVFRUVFRUVFRUVJSUlJSUlJSUlJTU1NT +U1NTU1NTVFRUVFRUVFRUVFVVVVVVVVVVVVVWVlZWVlZWVlZWV1dXV1dXV1dXV1hYWFhYWFhYWFhZ +WVlZWVlZWVlZWlpaWlpaWlpaWkFBQUFBQUFBQUFCQkJCQkJCQkJCQ0NDQ0NDQ0NDQ0RERERERERE +RERFRUVFRUVFRUVFRkZGRkZGRkZGRkdHR0dHR0dHR0dISEhISEhISEhISUlJSUlJSUlJSUpKSkpK +SkpKSkpLS0tLS0tLS0tLTExMTExMTExMTE1NTU1NTU1NTU1OTk5OTk5OTk5OT09PT09PT09PT1BQ +UFBQUFBQUFBRUVFRUVFRUVFRUlJSUlJSUlJSUlNTU1NTU1NTU1NUVFRUVFRUVFRUVVVVVVVVVVVV +VVZWVlZWVlZWVlZXV1dXV1dXV1dXWFhYWFhYWFhYWFlZWVlZWVlZWVlaWlpaWlpaWlpaQUFBQUFB +QUFBQUJCQkJCQkJCQkJDQ0NDQ0NDQ0NDREREREREREREREVFRUVFRUVFRUVGRkZGRkZGRkZGR0dH +R0dHR0dHR0hISEhISEhISEhJSUlJSUlJSUlJSkpKSkpKSkpKSktLS0tLS0tLS0tMTExMTExMTExM +TU1NTU1NTU1NTU5OTk5OTk5OTk5PT09PT09PT09PUFBQUFBQUFBQUFFRUVFRUVFRUVFSUlJSUlJS +UlJSU1NTU1NTU1NTU1RUVFRUVFRUVFRVVVVVVVVVVVVVVlZWVlZWVlZWVldXV1dXV1dXV1dYWFhY +WFhYWFhYWVlZWVlZWVlZWVpaWlpaWlpaWlpBQUFBQUFBQUFBQkJCQkJCQkJCQkNDQ0NDQ0NDQ0NE +RERERERERERERUVFRUVFRUVFRUZGRkZGRkZGRkZHR0dHR0dHR0dHSEhISEhISEhISElJSUlJSUlJ +SUlKSkpKSkpKSkpKS0tLS0tLS0tLS0xMTExMTExMTExNTU1NTU1NTU1NTk5OTk5OTk5OTk9PT09P +T09PT09QUFBQUFBQUFBQUVFRUVFRUVFRUVJSUlJSUlJSUlJTU1NTU1NTU1NTVFRUVFRUVFRUVFVV +VVVVVVVVVVVWVlZWVlZWVlZWV1dXV1dXV1dXV1hYWFhYWFhYWFhZWVlZWVlZWVlZWlpaWlpaWlpa +WkFBQUFBQUFBQUFCQkJCQkJCQkJCQ0NDQ0NDQ0NDQ0RERERERERERERFRUVFRUVFRUVFRkZGRkZG +RkZGRkdHR0dHR0dHR0dISEhISEhISEhISUlJSUlJSUlJSUpKSkpKSkpKSkpLS0tLS0tLS0tLTExM +TExMTExMTE1NTU1NTU1NTU1OTk5OTk5OTk5OT09PT09PT09PT1BQUFBQUFBQUFBRUVFRUVFRUVFR +UlJSUlJSUlJSUlNTU1NTU1NTU1NUVFRUVFRUVFRUVVVVVVVVVVVVVVZWVlZWVlZWVlZXV1dXV1dX +V1dXWFhYWFhYWFhYWFlZWVlZWVlZWVlaWlpaWlpaWlpaQUFBQUFBQUFBQUJCQkJCQkJCQkJDQ0ND +Q0NDQ0NDREREREREREREREVFRUVFRUVFRUVGRkZGRkZGRkZGR0dHR0dHR0dHR0hISEhISEhISEhJ +SUlJSUlJSUlJSkpKSkpKSkpKSktLS0tLS0tLS0tMTExMTExMTExMTU1NTU1NTU1NTU5OTk5OTk5O +Tk5PT09PT09PT09PUFBQUFBQUFBQUFFRUVFRUVFRUVFSUlJSUlJSUlJSU1NTU1NTU1NTU1RUVFRU +VFRUVFRVVVVVVVVVVVVVVlZWVlZWVlZWVldXV1dXV1dXV1dYWFhYWFhYWFhYWVlZWVlZWVlZWVpa +WlpaWlpaWlpBQUFBQUFBQUFBQkJCQkJCQkJCQkNDQ0NDQ0NDQ0NERERERERERERERUVFRUVFRUVF +RUZGRkZGRkZGRkZHR0dHR0dHR0dHSEhISEhISEhISElJSUlJSUlJSUlKSkpKSkpKSkpKS0tLS0tL +S0tLS0xMTExMTExMTExNTU1NTU1NTU1NTk5OTk5OTk5OTk9PT09PT09PT09QUFBQUFBQUFBQUVFR +UVFRUVFRUVJSUlJSUlJSUlJTU1NTU1NTU1NTVFRUVFRUVFRUVFVVVVVVVVVVVVVWVlZWVlZWVlZW +V1dXV1dXV1dXV1hYWFhYWFhYWFhZWVlZWVlZWVlZWlpaWlpaWlpaWkFBQUFBQUFBQUFCQkJCQkJC +QkJCQ0NDQ0NDQ0NDQ0RERERERERERERFRUVFRUVFRUVFRkZGRkZGRkZGRkdHR0dHR0dHR0dISEhI +SEhISEhISUlJSUlJSUlJSUpKSkpKSkpKSkpLS0tLS0tLS0tLTExMTExMTExMTE1NTU1NTU1NTU1O +Tk5OTk5OTk5OT09PT09PT09PT1BQUFBQUFBQUFBRUVFRUVFRUVFRUlJSUlJSUlJSUlNTU1NTU1NT +U1NUVFRUVFRUVFRUVVVVVVVVVVVVVVZWVlZWVlZWVlZXV1dXV1dXV1dXWFhYWFhYWFhYWFlZWVlZ +WVlZWVlaWlpaWlpaWlpaQUFBQUFBQUFBQUJCQkJCQkJCQkJDQ0NDQ0NDQ0NDREREREREREREREVF +RUVFRUVFRUVGRkZGRkZGRkZGR0dHR0dHR0dHR0hISEhISEhISEhJSUlJSUlJSUlJSkpKSkpKSkpK +SktLS0tLS0tLS0tMTExMTExMTExMTU1NTU1NTU1NTU5OTk5OTk5OTk5PT09PT09PT09PUFBQUFBQ +UFBQUFFRUVFRUVFRUVFSUlJSUlJSUlJSU1NTU1NTU1NTU1RUVFRUVFRUVFRVVVVVVVVVVVVVVlZW +VlZWVlZWVldXV1dXV1dXV1dYWFhYWFhYWFhYWVlZWVlZWVlZWVpaWlpaWlpaWlpBQUFBQUFBQUFB +QkJCQkJCQkJCQkNDQ0NDQ0NDQ0NERERERERERERERUVFRUVFRUVFRUZGRkZGRkZGRkZHR0dHR0dH +R0dHSEhISEhISEhISElJSUlJSUlJSUlKSkpKSkpKSkpKS0tLS0tLS0tLS0xMTExMTExMTExNTU1N +TU1NTU1NTk5OTk5OTk5OTk9PT09PT09PT09QUFBQUFBQUFBQUVFRUVFRUVFRUVJSUlJSUlJSUlJT +U1NTU1NTU1NTVFRUVFRUVFRUVFVVVVVVVVVVVVVWVlZWVlZWVlZWV1dXV1dXV1dXV1hYWFhYWFhY +WFhZWVlZWVlZWVlZWlpaWlpaWlpaWkFBQUFBQUFBQUFCQkJCQkJCQkJCQ0NDQ0NDQ0NDQ0RERERE +RERERERFRUVFRUVFRUVFRkZGRkZGRkZGRkdHR0dHR0dHR0dISEhISEhISEhISUlJSUlJSUlJSUpK +SkpKSkpKSkpLS0tLS0tLS0tLTExMTExMTExMTE1NTU1NTU1NTU1OTk5OTk5OTk5OT09PT09PT09P +T1BQUFBQUFBQUFBRUVFRUVFRUVFRUlJSUlJSUlJSUlNTU1NTU1NTU1NUVFRUVFRUVFRUVVVVVVVV +VVVVVVZWVlZWVlZWVlZXV1dXV1dXV1dXWFhYWFhYWFhYWFlZWVlZWVlZWVlaWlpaWlpaWlpaQUFB +QUFBQUFBQUJCQkJCQkJCQkJDQ0NDQ0NDQ0NDREREREREREREREVFRUVFRUVFRUVGRkZGRkZGRkZG +R0dHR0dHR0dHR0hISEhISEhISEhJSUlJSUlJSUlJSkpKSkpKSkpKSktLS0tLS0tLS0tMTExMTExM +TExMTU1NTU1NTU1NTU5OTk5OTk5OTk5PT09PT09PT09PUFBQUFBQUFBQUFFRUVFRUVFRUVFSUlJS +UlJSUlJSU1NTU1NTU1NTU1RUVFRUVFRUVFRVVVVVVVVVVVVVVlZWVlZWVlZWVldXV1dXV1dXV1dY +WFhYWFhYWFhYWVlZWVlZWVlZWVpaWlpaWlpaWlpBQUFBQUFBQUFBQkJCQkJCQkJCQkNDQ0NDQ0ND +Q0NERERERERERERERUVFRUVFRUVFRUZGRkZGRkZGRkZHR0dHR0dHR0dHSEhISEhISEhISElJSUlJ +SUlJSUlKSkpKSkpKSkpKS0tLS0tLS0tLS0xMTExMTExMTExNTU1NTU1NTU1NTk5OTk5OTk5OTk9P +T09PT09PT09QUFBQUFBQUFBQUVFRUVFRUVFRUVJSUlJSUlJSUlJTU1NTU1NTU1NTVFRUVFRUVFRU +VFVVVVVVVVVVVVVWVlZWVlZWVlZWV1dXV1dXV1dXV1hYWFhYWFhYWFhZWVlZWVlZWVlZWlpaWlpa +WlpaWkFBQUFBQUFBQUFCQkJCQkJCQkJCQ0NDQ0NDQ0NDQ0RERERERERERERFRUVFRUVFRUVFRkZG +RkZGRkZGRkdHR0dHR0dHR0dISEhISEhISEhISUlJSUlJSUlJSUpKSkpKSkpKSkpLS0tLS0tLS0tL +TExMTExMTExMTE1NTU1NTU1NTU1OTk5OTk5OTk5OT09PT09PT09PT1BQUFBQUFBQUFBRUVFRUVFR +UVFRUlJSUlJSUlJSUlNTU1NTU1NTU1NUVFRUVFRUVFRUVVVVVVVVVVVVVVZWVlZWVlZWVlZXV1dX +V1dXV1dXWFhYWFhYWFhYWFlZWVlZWVlZWVlaWlpaWlpaWlpaQUFBQUFBQUFBQUJCQkJCQkJCQkJD +Q0NDQ0NDQ0NDREREREREREREREVFRUVFRUVFRUVGRkZGRkZGRkZGR0dHR0dHR0dHR0hISEhISEhI +SEhJSUlJSUlJSUlJSkpKSkpKSkpKSktLS0tLS0tLS0tMTExMTExMTExMTU1NTU1NTU1NTU5OTk5O +Tk5OTk5PT09PT09PT09PUFBQUFBQUFBQUFFRUVFRUVFRUVFSUlJSUlJSUlJSU1NTU1NTU1NTU1RU +VFRUVFRUVFRVVVVVVVVVVVVVVlZWVlZWVlZWVldXV1dXV1dXV1dYWFhYWFhYWFhYWVlZWVlZWVlZ +WVpaWlpaWlpaWlpBQUFBQUFBQUFBQkJCQkJCQkJCQkNDQ0NDQ0NDQ0NERERERERERERERUVFRUVF +RUVFRUZGRkZGRkZGRkZHR0dHR0dHR0dHSEhISEhISEhISElJSUlJSUlJSUlKSkpKSkpKSkpKS0tL +S0tLS0tLS0xMTExMTExMTExNTU1NTU1NTU1NTk5OTk5OTk5OTk9PT09PT09PT09QUFBQUFBQUFBQ +UVFRUVFRUVFRUVJSUlJSUlJSUlJTU1NTU1NTU1NTVFRUVFRUVFRUVFVVVVVVVVVVVVVWVlZWVlZW +VlZWV1dXV1dXV1dXV1hYWFhYWFhYWFhZWVlZWVlZWVlZWlpaWlpaWlpaWkFBQUFBQUFBQUFCQkJC +QkJCQkJCQ0NDQ0NDQ0NDQ0RERERERERERERFRUVFRUVFRUVFRkZGRkZGRkZGRkdHR0dHR0dHR0dI +SEhISEhISEhISUlJSUlJSUlJSUpKSkpKSkpKSkpLS0tLS0tLS0tLTExMTExMTExMTE1NTU1NTU1N +TU1OTk5OTk5OTk5OT09PT09PT09PT1BQUFBQUFBQUFBRUVFRUVFRUVFRUlJSUlJSUlJSUlNTU1NT +U1NTU1NUVFRUVFRUVFRUVVVVVVVVVVVVVVZWVlZWVlZWVlZXV1dXV1dXV1dXWFhYWFhYWFhYWFlZ +WVlZWVlZWVlaWlpaWlpaWlpaQUFBQUFBQUFBQUJCQkJCQkJCQkJDQ0NDQ0NDQ0NDRERERERERERE +REVFRUVFRUVFRUVGRkZGRkZGRkZGR0dHR0dHR0dHR0hISEhISEhISEhJSUlJSUlJSUlJSkpKSkpK +SkpKSktLS0tLS0tLS0tMTExMTExMTExMTU1NTU1NTU1NTU5OTk5OTk5OTk5PT09PT09PT09PUFBQ +UFBQUFBQUFFRUVFRUVFRUVFSUlJSUlJSUlJSU1NTU1NTU1NTU1RUVFRUVFRUVFRVVVVVVVVVVVVV +VlZWVlZWVlZWVldXV1dXV1dXV1dYWFhYWFhYWFhYWVlZWVlZWVlZWVpaWlpaWlpaWlpBQUFBQUFB +QUFBQkJCQkJCQkJCQkNDQ0NDQ0NDQ0NERERERERERERERUVFRUVFRUVFRUZGRkZGRkZGRkZHR0dH +R0dHR0dHSEhISEhISEhISElJSUlJSUlJSUlKSkpKSkpKSkpKS0tLS0tLS0tLS0xMTExMTExMTExN +TU1NTU1NTU1NTk5OTk5OTk5OTk9PT09PT09PT09QUFBQUFBQUFBQUVFRUVFRUVFRUVJSUlJSUlJS +UlJTU1NTU1NTU1NTVFRUVFRUVFRUVFVVVVVVVVVVVVVWVlZWVlZWVlZWV1dXV1dXV1dXV1hYWFhY +WFhYWFhZWVlZWVlZWVlZWlpaWlpaWlpaWkFBQUFBQUFBQUFCQkJCQkJCQkJCQ0NDQ0NDQ0NDQ0RE +RERERERERERFRUVFRUVFRUVFRkZGRkZGRkZGRkdHR0dHR0dHR0dISEhISEhISEhISUlJSUlJSUlJ +SUpKSkpKSkpKSkpLS0tLS0tLS0tLTExMTExMTExMTE1NTU1NTU1NTU1OTk5OTk5OTk5OT09PT09P +T09PT1BQUFBQUFBQUFBRUVFRUVFRUVFRUlJSUlJSUlJSUlNTU1NTU1NTU1NUVFRUVFRUVFRUVVVV +VVVVVVVVVVZWVlZWVlZWVlZXV1dXV1dXV1dXWFhYWFhYWFhYWFlZWVlZWVlZWVlaWlpaWlpaWlpa +QUFBQUFBQUFBQUJCQkJCQkJCQkJDQ0NDQ0NDQ0NDREREREREREREREVFRUVFRUVFRUVGRkZGRkZG +RkZGR0dHR0dHR0dHR0hISEhISEhISEhJSUlJSUlJSUlJSkpKSkpKSkpKSktLS0tLS0tLS0tMTExM +TExMTExMTU1NTU1NTU1NTU5OTk5OTk5OTk5PT09PT09PT09PUFBQUFBQUFBQUFFRUVFRUVFRUVFS +UlJSUlJSUlJSU1NTU1NTU1NTU1RUVFRUVFRUVFRVVVVVVVVVVVVVVlZWVlZWVlZWVldXV1dXV1dX +V1dYWFhYWFhYWFhYWVlZWVlZWVlZWVpaWlpaWlpaWlpBQUFBQUFBQUFBQkJCQkJCQkJCQkNDQ0ND +Q0NDQ0NERERERERERERERUVFRUVFRUVFRUZGRkZGRkZGRkZHR0dHR0dHR0dHSEhISEhISEhISElJ +SUlJSUlJSUlKSkpKSkpKSkpKS0tLS0tLS0tLS0xMTExMTExMTExNTU1NTU1NTU1NTk5OTk5OTk5O +Tk9PT09PT09PT09QUFBQUFBQUFBQUVFRUVFRUVFRUVJSUlJSUlJSUlJTU1NTU1NTU1NTVFRUVFRU +VFRUVFVVVVVVVVVVVVVWVlZWVlZWVlZWV1dXV1dXV1dXV1hYWFhYWFhYWFhZWVlZWVlZWVlZWlpa +WlpaWlpaWkFBQUFBQUFBQUFCQkJCQkJCQkJCQ0NDQ0NDQ0NDQ0RERERERERERERFRUVFRUVFRUVF +RkZGRkZGRkZGRkdHR0dHR0dHR0dISEhISEhISEhISUlJSUlJSUlJSUpKSkpKSkpKSkpLS0tLS0tL +S0tLTExMTExMTExMTE1NTU1NTU1NTU1OTk5OTk5OTk5OT09PT09PT09PT1BQUFBQUFBQUFBRUVFR +UVFRUVFRUlJSUlJSUlJSUlNTU1NTU1NTU1NUVFRUVFRUVFRUVVVVVVVVVVVVVVZWVlZWVlZWVlZX +V1dXV1dXV1dXWFhYWFhYWFhYWFlZWVlZWVlZWVlaWlpaWlpaWlpaQUFBQUFBQUFBQUJCQkJCQkJC +QkJDQ0NDQ0NDQ0NDREREREREREREREVFRUVFRUVFRUVGRkZGRkZGRkZGR0dHR0dHR0dHR0hISEhI +SEhISEhJSUlJSUlJSUlJSkpKSkpKSkpKSktLS0tLS0tLS0tMTExMTExMTExMTU1NTU1NTU1NTU5O +Tk5OTk5OTk5PT09PT09PT09PUFBQUFBQUFBQUFFRUVFRUVFRUVFSUlJSUlJSUlJSU1NTU1NTU1NT +U1RUVFRUVFRUVFRVVVVVVVVVVVVVVlZWVlZWVlZWVldXV1dXV1dXV1dYWFhYWFhYWFhYWVlZWVlZ +WVlZWVpaWlpaWlpaWlpBQUFBQUFBQUFBQkJCQkJCQkJCQkNDQ0NDQ0NDQ0NERERERERERERERUVF +RUVFRUVFRUZGRkZGRkZGRkZHR0dHR0dHR0dHSEhISEhISEhISElJSUlJSUlJSUlKSkpKSkpKSkpK +S0tLS0tLS0tLS0xMTExMTExMTExNTU1NTU1NTU1NTk5OTk5OTk5OTk9PT09PT09PT09QUFBQUFBQ +UFBQUVFRUVFRUVFRUVJSUlJSUlJSUlJTU1NTU1NTU1NTVFRUVFRUVFRUVFVVVVVVVVVVVVVWVlZW +VlZWVlZWV1dXV1dXV1dXV1hYWFhYWFhYWFhZWVlZWVlZWVlZWlpaWlpaWlpaWkFBQUFBQUFBQUFC +QkJCQkJCQkJCQ0NDQ0NDQ0NDQ0RERERERERERERFRUVFRUVFRUVFRkZGRkZGRkZGRkdHR0dHR0dH +R0dISEhISEhISEhISUlJSUlJSUlJSUpKSkpKSkpKSkpLS0tLS0tLS0tLTExMTExMTExMTE1NTU1N +TU1NTU1OTk5OTk5OTk5OT09PT09PT09PT1BQUFBQUFBQUFBRUVFRUVFRUVFRUlJSUlJSUlJSUlNT +U1NTU1NTU1NUVFRUVFRUVFRUVVVVVVVVVVVVVVZWVlZWVlZWVlZXV1dXV1dXV1dXWFhYWFhYWFhY +WFlZWVlZWVlZWVlaWlpaWlpaWlpaQUFBQUFBQUFBQUJCQkJCQkJCQkJDQ0NDQ0NDQ0NDRERERERE +REREREVFRUVFRUVFRUVGRkZGRkZGRkZGR0dHR0dHR0dHR0hISEhISEhISEhJSUlJSUlJSUlJSkpK +SkpKSkpKSktLS0tLS0tLS0tMTExMTExMTExMTU1NTU1NTU1NTU5OTk5OTk5OTk5PT09PT09PT09P +UFBQUFBQUFBQUFFRUVFRUVFRUVFSUlJSUlJSUlJSU1NTU1NTU1NTU1RUVFRUVFRUVFRVVVVVVVVV +VVVVVlZWVlZWVlZWVldXV1dXV1dXV1dYWFhYWFhYWFhYWVlZWVlZWVlZWVpaWlpaWlpaWlpBQUFB +QUFBQUFBQkJCQkJCQkJCQkNDQ0NDQ0NDQ0NERERERERERERERUVFRUVFRUVFRUZGRkZGRkZGRkZH +R0dHR0dHR0dHSEhISEhISEhISElJSUlJSUlJSUlKSkpKSkpKSkpKS0tLS0tLS0tLS0xMTExMTExM +TExNTU1NTU1NTU1NTk5OTk5OTk5OTk9PT09PT09PT09QUFBQUFBQUFBQUVFRUVFRUVFRUVJSUlJS +UlJSUlJTU1NTU1NTU1NTVFRUVFRUVFRUVFVVVVVVVVVVVVVWVlZWVlZWVlZWV1dXV1dXV1dXV1hY +WFhYWFhYWFhZWVlZWVlZWVlZWlpaWlpaWlpaWkFBQUFBQUFBQUFCQkJCQkJCQkJCQ0NDQ0NDQ0ND +Q0RERERERERERERFRUVFRUVFRUVFRkZGRkZGRkZGRkdHR0dHR0dHR0dISEhISEhISEhISUlJSUlJ +SUlJSUpKSkpKSkpKSko= +-------------------------------- +. diff --git a/tests/data/test653 b/tests/data/test653 index 33885f17fa..350f84bc3a 100644 --- a/tests/data/test653 +++ b/tests/data/test653 @@ -68,29 +68,29 @@ s/boundary=------------------------[A-Za-z0-9]*/boundary=----------------------- # Note that the stripping above removes 12 bytes from every occurrence of the # boundary string and since 5 of them are in the body contents, we see # (5*12) == 60 bytes less - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Length: 162 -Content-Type: multipart/form-data; boundary=---------------------------- - ------------------------------- -Content-Disposition: form-data; name="name" - -short value --------------------------------- -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Length: 179 -Content-Type: multipart/form-data; boundary=---------------------------- - ------------------------------- -Content-Disposition: form-data; name="name" - -long value for length change --------------------------------- + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Length: 162 +Content-Type: multipart/form-data; boundary=---------------------------- + +------------------------------ +Content-Disposition: form-data; name="name" + +short value +-------------------------------- +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Length: 179 +Content-Type: multipart/form-data; boundary=---------------------------- + +------------------------------ +Content-Disposition: form-data; name="name" + +long value for length change +-------------------------------- diff --git a/tests/data/test658 b/tests/data/test658 index 32ca29db49..e7889236f7 100644 --- a/tests/data/test658 +++ b/tests/data/test658 @@ -38,11 +38,11 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + diff --git a/tests/data/test659 b/tests/data/test659 index 5cad5eadcd..10adb14762 100644 --- a/tests/data/test659 +++ b/tests/data/test659 @@ -42,12 +42,12 @@ proxy - -GET http://www.example.com/ HTTP/1.1 -Host: www.example.com -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://www.example.com/ HTTP/1.1 +Host: www.example.com +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test66 b/tests/data/test66 index d4e20c0fe4..0a255fe844 100644 --- a/tests/data/test66 +++ b/tests/data/test66 @@ -29,12 +29,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --http0.9 # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test660 b/tests/data/test660 index 8fdf879d9a..db3db9bed8 100644 --- a/tests/data/test660 +++ b/tests/data/test660 @@ -27,8 +27,8 @@ imap://%HOSTIP:%IMAPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -A001 CAPABILITY + +A001 CAPABILITY diff --git a/tests/data/test661 b/tests/data/test661 index 5965bd8aea..2714e6fda3 100644 --- a/tests/data/test661 +++ b/tests/data/test661 @@ -33,41 +33,41 @@ ftp://%HOSTIP:%FTPPORT/ # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -CWD /folderA -EPSV -TYPE I -RETR %TESTNUMBER -CWD /folderB -EPSV -RETR %TESTNUMBER -QUIT -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -RETR /folderA/%TESTNUMBER -CWD /folderB -EPSV -RETR %TESTNUMBER -EPSV -RETR /folderA/%TESTNUMBER -QUIT -USER anonymous -PASS ftp@example.com -PWD -SYST -QUIT -USER anonymous -PASS ftp@example.com -PWD -SYST -SYST -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD /folderA +EPSV +TYPE I +RETR %TESTNUMBER +CWD /folderB +EPSV +RETR %TESTNUMBER +QUIT +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +RETR /folderA/%TESTNUMBER +CWD /folderB +EPSV +RETR %TESTNUMBER +EPSV +RETR /folderA/%TESTNUMBER +QUIT +USER anonymous +PASS ftp@example.com +PWD +SYST +QUIT +USER anonymous +PASS ftp@example.com +PWD +SYST +SYST +QUIT diff --git a/tests/data/test662 b/tests/data/test662 index a1d501fd2d..29bbb58914 100644 --- a/tests/data/test662 +++ b/tests/data/test662 @@ -60,19 +60,19 @@ proxy # # Verify data after the test has been "shot" - -GET http://example.com/please/gimme/%TESTNUMBER HTTP/1.1 -Host: example.com -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://example.net/tes%20t%20case=/%TESTNUMBER0002 HTTP/1.1 -Host: example.net -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://example.com/please/gimme/%TESTNUMBER HTTP/1.1 +Host: example.com +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://example.net/tes%20t%20case=/%TESTNUMBER0002 HTTP/1.1 +Host: example.net +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test663 b/tests/data/test663 index 313910aa6b..a6e9ef56e3 100644 --- a/tests/data/test663 +++ b/tests/data/test663 @@ -64,19 +64,19 @@ proxy # # Verify data after the test has been "shot" - -GET http://example.com/gimme/%TESTNUMBER?foobar HTTP/1.1 -Host: example.com -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://example.net/there/tes%20t%20case=/%TESTNUMBER0002?+yes+no HTTP/1.1 -Host: example.net -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://example.com/gimme/%TESTNUMBER?foobar HTTP/1.1 +Host: example.com +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://example.net/there/tes%20t%20case=/%TESTNUMBER0002?+yes+no HTTP/1.1 +Host: example.net +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test667 b/tests/data/test667 index e7298094d0..9164adbaed 100644 --- a/tests/data/test667 +++ b/tests/data/test667 @@ -61,28 +61,28 @@ s/boundary=------------------------[A-Za-z0-9]*/boundary=----------------------- # Note that the stripping above removes 12 bytes from every occurrence of the # boundary string and since 5 of them are in the body contents, we see # (5*12) == 60 bytes less - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Transfer-Encoding: chunked -Content-Type: multipart/form-data; boundary=---------------------------- -Expect: 100-continue - -85 ------------------------------- -Content-Disposition: form-data; name="field" -Content-Transfer-Encoding: base64 - - -4 -ZHVt -3a -bXk= --------------------------------- - -0 - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Transfer-Encoding: chunked +Content-Type: multipart/form-data; boundary=---------------------------- +Expect: 100-continue + +85 +------------------------------ +Content-Disposition: form-data; name="field" +Content-Transfer-Encoding: base64 + + +4 +ZHVt +3a +bXk= +-------------------------------- + +0 + diff --git a/tests/data/test669 b/tests/data/test669 index 620aa3393d..8bc19f15bf 100644 --- a/tests/data/test669 +++ b/tests/data/test669 @@ -41,23 +41,23 @@ http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER -H 'Content-type: multipart/form-da s/^--------------------------[A-Za-z0-9]*/------------------------------/ s/boundary=------------------------[A-Za-z0-9]*/boundary=----------------------------/ - -POST /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 260 -Content-Type: multipart/form-data; charset=utf-8; boundary=---------------------------- - ------------------------------- -Content-Disposition: form-data; name="name" - -daniel ------------------------------- -Content-Disposition: form-data; name="tool" - -curl --------------------------------- + +POST /we/want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 260 +Content-Type: multipart/form-data; charset=utf-8; boundary=---------------------------- + +------------------------------ +Content-Disposition: form-data; name="name" + +daniel +------------------------------ +Content-Disposition: form-data; name="tool" + +curl +-------------------------------- diff --git a/tests/data/test67 b/tests/data/test67 index b2790099dd..48ba236890 100644 --- a/tests/data/test67 +++ b/tests/data/test67 @@ -73,19 +73,19 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --ntlm # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test670 b/tests/data/test670 index 94910b5362..bb06fbba8a 100644 --- a/tests/data/test670 +++ b/tests/data/test670 @@ -58,18 +58,18 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER s/^--------------------------[A-Za-z0-9]*/------------------------------/ s/boundary=------------------------[A-Za-z0-9]*/boundary=----------------------------/ - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Length: 154 -Content-Type: multipart/form-data; boundary=---------------------------- - ------------------------------- -Content-Disposition: form-data; name="field" - -AB --------------------------------- + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Length: 154 +Content-Type: multipart/form-data; boundary=---------------------------- + +------------------------------ +Content-Disposition: form-data; name="field" + +AB +-------------------------------- diff --git a/tests/data/test671 b/tests/data/test671 index 310a902b14..4a288c852e 100644 --- a/tests/data/test671 +++ b/tests/data/test671 @@ -58,18 +58,18 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER s/^--------------------------[A-Za-z0-9]*/------------------------------/ s/boundary=------------------------[A-Za-z0-9]*/boundary=----------------------------/ - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Length: 154 -Content-Type: multipart/form-data; boundary=---------------------------- - ------------------------------- -Content-Disposition: form-data; name="field" - -AB --------------------------------- + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Length: 154 +Content-Type: multipart/form-data; boundary=---------------------------- + +------------------------------ +Content-Disposition: form-data; name="field" + +AB +-------------------------------- diff --git a/tests/data/test672 b/tests/data/test672 index e295b2f07b..c57e030a33 100644 --- a/tests/data/test672 +++ b/tests/data/test672 @@ -58,18 +58,18 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER s/^--------------------------[A-Za-z0-9]*/------------------------------/ s/boundary=------------------------[A-Za-z0-9]*/boundary=----------------------------/ - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Length: 154 -Content-Type: multipart/form-data; boundary=---------------------------- - ------------------------------- -Content-Disposition: form-data; name="field" - -AB --------------------------------- + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Length: 154 +Content-Type: multipart/form-data; boundary=---------------------------- + +------------------------------ +Content-Disposition: form-data; name="field" + +AB +-------------------------------- diff --git a/tests/data/test673 b/tests/data/test673 index e4db3cf83a..c599647bb9 100644 --- a/tests/data/test673 +++ b/tests/data/test673 @@ -58,18 +58,18 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER s/^--------------------------[A-Za-z0-9]*/------------------------------/ s/boundary=------------------------[A-Za-z0-9]*/boundary=----------------------------/ - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Length: 154 -Content-Type: multipart/form-data; boundary=---------------------------- - ------------------------------- -Content-Disposition: form-data; name="field" - -AB --------------------------------- + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Length: 154 +Content-Type: multipart/form-data; boundary=---------------------------- + +------------------------------ +Content-Disposition: form-data; name="field" + +AB +-------------------------------- diff --git a/tests/data/test674 b/tests/data/test674 index 2043b3d4ae..315fe98b65 100644 --- a/tests/data/test674 +++ b/tests/data/test674 @@ -39,15 +39,15 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + diff --git a/tests/data/test675 b/tests/data/test675 index 6688cacc94..5d82c52f9b 100644 --- a/tests/data/test675 +++ b/tests/data/test675 @@ -37,19 +37,19 @@ proxy # Verify data after the test has been "shot" - -GET /user1/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[user1:foo1]b64% -User-Agent: curl/%VERSION -Accept: */* - -GET /user2/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[user2:foo2]b64% -User-Agent: curl/%VERSION -Accept: */* - + +GET /user1/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[user1:foo1]b64% +User-Agent: curl/%VERSION +Accept: */* + +GET /user2/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[user2:foo2]b64% +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test676 b/tests/data/test676 index 031395eb8e..d2f01d0e31 100644 --- a/tests/data/test676 +++ b/tests/data/test676 @@ -69,18 +69,18 @@ cookies # # Verify data after the test has been "shot" - -GET /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: the-moo agent next generation -Accept: */* -Cookie: proven=yes - -GET /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: the-moo agent next generation -Accept: */* - + +GET /we/want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: the-moo agent next generation +Accept: */* +Cookie: proven=yes + +GET /we/want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: the-moo agent next generation +Accept: */* + diff --git a/tests/data/test677 b/tests/data/test677 index 166be89543..29f5af5d5c 100644 --- a/tests/data/test677 +++ b/tests/data/test677 @@ -35,9 +35,9 @@ imap://%HOSTIP:%IMAPPORT/677 # # Verify data after the test has been "shot" - -A001 CAPABILITY -A1 IDLE + +A001 CAPABILITY +A1 IDLE diff --git a/tests/data/test678 b/tests/data/test678 index ea91ae6aec..4f3ed70235 100644 --- a/tests/data/test678 +++ b/tests/data/test678 @@ -48,12 +48,12 @@ https://localhost:%HTTPSPORT/%TESTNUMBER %CERTDIR/certs/test-ca.crt # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: localhost:%HTTPSPORT -User-Agent: CURLOPT_CAINFO_BLOB -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: localhost:%HTTPSPORT +User-Agent: CURLOPT_CAINFO_BLOB +Accept: */* + diff --git a/tests/data/test679 b/tests/data/test679 index e57401be46..2c739eebf3 100644 --- a/tests/data/test679 +++ b/tests/data/test679 @@ -44,13 +44,13 @@ machine %HOSTIP login user1 password "with spaces and \"\n\r\t\a" # # Verify data after the test has been "shot" - -GET / HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[user1:with%20spaces%20and%20"%0a%0d%09a]b64% -User-Agent: curl/%VERSION -Accept: */* - + +GET / HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[user1:with%20spaces%20and%20"%0a%0d%09a]b64% +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test68 b/tests/data/test68 index b6d8f67cb5..3a1a159360 100644 --- a/tests/data/test68 +++ b/tests/data/test68 @@ -72,19 +72,19 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --ntlm # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test681 b/tests/data/test681 index d98393ddbf..1640b900d3 100644 --- a/tests/data/test681 +++ b/tests/data/test681 @@ -37,12 +37,12 @@ http # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + -foo- diff --git a/tests/data/test682 b/tests/data/test682 index fc21899185..748c39a3b6 100644 --- a/tests/data/test682 +++ b/tests/data/test682 @@ -41,13 +41,13 @@ machine %HOSTIP login user2 password passwd2 # # Verify data after the test has been "shot" - -GET / HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[user1:passwd1]b64% -User-Agent: curl/%VERSION -Accept: */* - + +GET / HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[user1:passwd1]b64% +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test683 b/tests/data/test683 index 9eb250fbd7..4b4048a42e 100644 --- a/tests/data/test683 +++ b/tests/data/test683 @@ -41,13 +41,13 @@ machine %HOSTIP login user2 password passwd2 # # Verify data after the test has been "shot" - -GET / HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[user2:passwd2]b64% -User-Agent: curl/%VERSION -Accept: */* - + +GET / HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[user2:passwd2]b64% +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test684 b/tests/data/test684 index a63424e250..a64844b6bf 100644 --- a/tests/data/test684 +++ b/tests/data/test684 @@ -40,13 +40,13 @@ machine %HOSTIP password 5up3r53cr37 # # Verify data after the test has been "shot" - -GET / HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[:5up3r53cr37]b64% -User-Agent: curl/%VERSION -Accept: */* - + +GET / HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[:5up3r53cr37]b64% +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test685 b/tests/data/test685 index bdb2124b4b..f93fe644b1 100644 --- a/tests/data/test685 +++ b/tests/data/test685 @@ -40,13 +40,13 @@ machine %HOSTIP password 5up3r53cr37 # # Verify data after the test has been "shot" - + +GET / HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[user:5up3r53cr37]b64% +User-Agent: curl/%VERSION +Accept: */* + -GET / HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[user:5up3r53cr37]b64% -User-Agent: curl/%VERSION -Accept: */* - diff --git a/tests/data/test687 b/tests/data/test687 index 28b8bee7ea..516d670be2 100644 --- a/tests/data/test687 +++ b/tests/data/test687 @@ -47,12 +47,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --xattr -o %LOGDIR/out%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + user.creator => curl diff --git a/tests/data/test688 b/tests/data/test688 index 6fbd339fc0..e8e7852b20 100644 --- a/tests/data/test688 +++ b/tests/data/test688 @@ -47,12 +47,12 @@ basic --xattr with -O # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + user.creator => curl diff --git a/tests/data/test689 b/tests/data/test689 index 31f81983d1..61e57fce4a 100644 --- a/tests/data/test689 +++ b/tests/data/test689 @@ -37,12 +37,12 @@ rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER - -OPTIONS rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER RTSP/1.0 -CSeq: 1 -User-Agent: test567 -Test-Number: 567 - + +OPTIONS rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER RTSP/1.0 +CSeq: 1 +User-Agent: test567 +Test-Number: 567 + # 85 == CURLE_RTSP_CSEQ_ERROR diff --git a/tests/data/test69 b/tests/data/test69 index 1df70f3d9c..bfd4de8c12 100644 --- a/tests/data/test69 +++ b/tests/data/test69 @@ -89,24 +89,24 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --anyauth # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test693 b/tests/data/test693 index d7bd193ac2..dd2b3d3ce1 100644 --- a/tests/data/test693 +++ b/tests/data/test693 @@ -47,12 +47,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --etag-save %LOGDIR/moo/boo/etag%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + W/"asdf" diff --git a/tests/data/test695 b/tests/data/test695 index 8910af0775..90bd0ede78 100644 --- a/tests/data/test695 +++ b/tests/data/test695 @@ -42,37 +42,37 @@ http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER s/^--------------------------[A-Za-z0-9]*/------------------------------/ s/boundary=------------------------[A-Za-z0-9]*/boundary=----------------------------/ - -POST /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Length: 196 -Content-Type: multipart/form-data; boundary=---------------------------- - ------------------------------- -Content-Disposition: form-data; name="data" -Content-Type: text/html - -hello --------------------------------- -POST /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Length: 423 -Content-Type: multipart/form-data; boundary=---------------------------- - ------------------------------- -Content-Disposition: form-data -Content-Type: multipart/mixed; boundary=---------------------------- - ------------------------------- -Content-Disposition: attachment; name="data" -Content-Type: text/html - -hello --------------------------------- - --------------------------------- + +POST /we/want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Length: 196 +Content-Type: multipart/form-data; boundary=---------------------------- + +------------------------------ +Content-Disposition: form-data; name="data" +Content-Type: text/html + +hello +-------------------------------- +POST /we/want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Length: 423 +Content-Type: multipart/form-data; boundary=---------------------------- + +------------------------------ +Content-Disposition: form-data +Content-Type: multipart/mixed; boundary=---------------------------- + +------------------------------ +Content-Disposition: attachment; name="data" +Content-Type: text/html + +hello +-------------------------------- + +-------------------------------- diff --git a/tests/data/test696 b/tests/data/test696 index 2b53c4fc98..8862b163f2 100644 --- a/tests/data/test696 +++ b/tests/data/test696 @@ -54,13 +54,13 @@ Connection: close -foo- - -GET /556 HTTP/1.1 -Host: ninja - -GET /556 HTTP/1.1 -Host: ninja - + +GET /556 HTTP/1.1 +Host: ninja + +GET /556 HTTP/1.1 +Host: ninja + diff --git a/tests/data/test698 b/tests/data/test698 index 10cf42cea9..3335e3875d 100644 --- a/tests/data/test698 +++ b/tests/data/test698 @@ -37,19 +37,19 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER --ftp-account "one count" ftp://%HOSTIP:%FTPP # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -ACCT one count -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -EPSV -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +ACCT one count +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +EPSV +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test7 b/tests/data/test7 index e98d5f5b1b..5bd0705c41 100644 --- a/tests/data/test7 +++ b/tests/data/test7 @@ -38,12 +38,12 @@ http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER -b none -D %LOGDIR/heads%TESTNUMBER # Verify data after the test has been "shot" - -GET /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /we/want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 200 OK diff --git a/tests/data/test70 b/tests/data/test70 index 5d44a28e85..a4ea92b2c1 100644 --- a/tests/data/test70 +++ b/tests/data/test70 @@ -69,18 +69,18 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --anyauth # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="1053604199", uri="/%TESTNUMBER", response="2c9a6f00af0d86497b177b90e90c688a" -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="1053604199", uri="/%TESTNUMBER", response="2c9a6f00af0d86497b177b90e90c688a" +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test700 b/tests/data/test700 index fb59098354..9a2160bbbc 100644 --- a/tests/data/test700 +++ b/tests/data/test700 @@ -47,12 +47,12 @@ HTTP GET via SOCKS4 proxy # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test701 b/tests/data/test701 index b7a9091a98..dcd9d442bf 100644 --- a/tests/data/test701 +++ b/tests/data/test701 @@ -47,12 +47,12 @@ HTTP GET via SOCKS5 proxy # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test706 b/tests/data/test706 index faafd90385..ff57dcefc6 100644 --- a/tests/data/test706 +++ b/tests/data/test706 @@ -47,14 +47,14 @@ FTP dir list PASV via SOCKS4 # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE A -LIST -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE A +LIST +QUIT diff --git a/tests/data/test707 b/tests/data/test707 index 2c41dfea70..3e411ce7ac 100644 --- a/tests/data/test707 +++ b/tests/data/test707 @@ -47,14 +47,14 @@ FTP dir list PASV via SOCKS5 # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE A -LIST -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE A +LIST +QUIT diff --git a/tests/data/test708 b/tests/data/test708 index d6797dc65f..9fd664ff45 100644 --- a/tests/data/test708 +++ b/tests/data/test708 @@ -50,12 +50,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test709 b/tests/data/test709 index 2b2b952c18..72c7aec17c 100644 --- a/tests/data/test709 +++ b/tests/data/test709 @@ -51,12 +51,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test710 b/tests/data/test710 index 02033831b6..b9defa6f62 100644 --- a/tests/data/test710 +++ b/tests/data/test710 @@ -47,12 +47,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --proxy socks5://%HOSTIP:%SOCKSPORT # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test711 b/tests/data/test711 index 355ca0e51e..9317adb8b8 100644 --- a/tests/data/test711 +++ b/tests/data/test711 @@ -43,15 +43,15 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test712 b/tests/data/test712 index 7bcc2a1bbb..e78767bc56 100644 --- a/tests/data/test712 +++ b/tests/data/test712 @@ -37,15 +37,15 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER --proxy socks5://%HOSTIP:%SOCKSPORT # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test713 b/tests/data/test713 index 44820a78ff..b7ad8cdf0e 100644 --- a/tests/data/test713 +++ b/tests/data/test713 @@ -38,15 +38,15 @@ ftp://ftp.example.com/%TESTNUMBER --connect-to ::%HOSTIP:%FTPPORT --proxy socks5 # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test714 b/tests/data/test714 index a38400bb80..b24af1e4af 100644 --- a/tests/data/test714 +++ b/tests/data/test714 @@ -57,15 +57,15 @@ ftp://ftp.example.com.%TESTNUMBER/%TESTNUMBER --connect-to ::connect.example.com # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test715 b/tests/data/test715 index 6f9670af54..0574030330 100644 --- a/tests/data/test715 +++ b/tests/data/test715 @@ -59,15 +59,15 @@ ftp://ftp.example.com.%TESTNUMBER/%TESTNUMBER --connect-to ::connect.example.com # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test717 b/tests/data/test717 index 54ab955680..58e3045e56 100644 --- a/tests/data/test717 +++ b/tests/data/test717 @@ -55,12 +55,12 @@ proxy # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:1 -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:1 +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test718 b/tests/data/test718 index dcbf7d77a1..95c81e1680 100644 --- a/tests/data/test718 +++ b/tests/data/test718 @@ -47,12 +47,12 @@ http://test.remote.haxx.se.%TESTNUMBER:8990/path/%TESTNUMBER0002 --proxy http:// # Verify data after the test has been "shot" - -CONNECT test.remote.haxx.se.%TESTNUMBER:8990 HTTP/1.1 -Host: test.remote.haxx.se.%TESTNUMBER:8990 -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - + +CONNECT test.remote.haxx.se.%TESTNUMBER:8990 HTTP/1.1 +Host: test.remote.haxx.se.%TESTNUMBER:8990 +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + 56 diff --git a/tests/data/test719 b/tests/data/test719 index 454460983d..366ea27ee4 100644 --- a/tests/data/test719 +++ b/tests/data/test719 @@ -49,12 +49,12 @@ http://[2200::33]:%HTTPPORT/%TESTNUMBER --proxy socks5h://%HOSTIP:%SOCKSPORT # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: [2200::33]:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: [2200::33]:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + atyp 4 => 22 00 00 00 00 00 00 00 00 00 00 00 00 00 00 33 diff --git a/tests/data/test72 b/tests/data/test72 index 775642f8cd..ba7d137b21 100644 --- a/tests/data/test72 +++ b/tests/data/test72 @@ -68,18 +68,18 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --anyauth # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="1053604199", uri="/%TESTNUMBER", response="9fcd1330377365a09bbcb33b2cbb25bd" -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="1053604199", uri="/%TESTNUMBER", response="9fcd1330377365a09bbcb33b2cbb25bd" +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test720 b/tests/data/test720 index 709656a280..b146a2bf54 100644 --- a/tests/data/test720 +++ b/tests/data/test720 @@ -48,12 +48,12 @@ http://12.34.56.78:%HTTPPORT/%TESTNUMBER --proxy socks5h://%HOSTIP:%SOCKSPORT # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: 12.34.56.78:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: 12.34.56.78:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + atyp 1 => 12.34.56.78 diff --git a/tests/data/test721 b/tests/data/test721 index db63a8f6b5..c70d560722 100644 --- a/tests/data/test721 +++ b/tests/data/test721 @@ -48,12 +48,12 @@ http://this.is.a.host.name:%HTTPPORT/%TESTNUMBER --proxy socks5h://%HOSTIP:%SOCK # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: this.is.a.host.name:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: this.is.a.host.name:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + atyp 3 => this.is.a.host.name diff --git a/tests/data/test73 b/tests/data/test73 index 1edcbdcb90..e131ec6f0d 100644 --- a/tests/data/test73 +++ b/tests/data/test73 @@ -38,12 +38,12 @@ cookies # Verify data after the test has been "shot" - -GET /we/want/%TESTNUMBER HTTP/1.1 -Host: host.NOT_DISCLOSED.se -User-Agent: curl/%VERSION -Accept: */* - + +GET /we/want/%TESTNUMBER HTTP/1.1 +Host: host.NOT_DISCLOSED.se +User-Agent: curl/%VERSION +Accept: */* + # Netscape HTTP Cookie File diff --git a/tests/data/test74 b/tests/data/test74 index d9316f0e67..31179af990 100644 --- a/tests/data/test74 +++ b/tests/data/test74 @@ -50,17 +50,17 @@ HTTP, urlglob {}-retrieval and -o #[num] usage # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.0 200 OK diff --git a/tests/data/test742 b/tests/data/test742 index 5f56a1a500..70720d7a49 100644 --- a/tests/data/test742 +++ b/tests/data/test742 @@ -55,12 +55,12 @@ proxy # # Verify data after the test has been "shot" - -GET / HTTP/1.1 -Host: %repeat[254 x c]%:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET / HTTP/1.1 +Host: %repeat[254 x c]%:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test744 b/tests/data/test744 index fbb1cf9516..704a53a448 100644 --- a/tests/data/test744 +++ b/tests/data/test744 @@ -68,12 +68,12 @@ Host: foo.host:%HTTPPORT Proxy-Connection: Keep-Alive - -GET /%TESTNUMBER HTTP/1.1 -Host: foo.host:%HTTPPORT -Authorization: Basic %b64[foo:baaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaar]b64% -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: foo.host:%HTTPPORT +Authorization: Basic %b64[foo:baaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaar]b64% +Accept: */* + diff --git a/tests/data/test753 b/tests/data/test753 index 3913567205..250a80c506 100644 --- a/tests/data/test753 +++ b/tests/data/test753 @@ -30,16 +30,16 @@ CURL_FTP_PWD_STOP=1 # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE 753 -QUIT + +USER anonymous +PASS ftp@example.com +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +SIZE 753 +QUIT diff --git a/tests/data/test754 b/tests/data/test754 index 42234bab22..2aa1e9db0c 100644 --- a/tests/data/test754 +++ b/tests/data/test754 @@ -42,20 +42,20 @@ ftp://%HOSTIP:%FTPPORT/path/ -Q "NOOP 1" -Q "+NOOP 2" -Q "-NOOP 3" -Q "*FAIL" -Q # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -NOOP 1 -FAIL -CWD path -EPSV -TYPE A -NOOP 2 -FAIL HARD -LIST -NOOP 3 -QUIT + +USER anonymous +PASS ftp@example.com +PWD +NOOP 1 +FAIL +CWD path +EPSV +TYPE A +NOOP 2 +FAIL HARD +LIST +NOOP 3 +QUIT diff --git a/tests/data/test756 b/tests/data/test756 index a205c19772..56038a66d8 100644 --- a/tests/data/test756 +++ b/tests/data/test756 @@ -47,17 +47,17 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER http://%HOSTIP:%HTTPPORT/want/%TESTNUM # Verify data after the test has been "shot" - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /want/%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /want/%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 200 OK diff --git a/tests/data/test757 b/tests/data/test757 index 9cf9b2c3b1..c4f5566c1e 100644 --- a/tests/data/test757 +++ b/tests/data/test757 @@ -42,37 +42,37 @@ http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER s/^--------------------------[A-Za-z0-9]*/------------------------------/ s/boundary=------------------------[A-Za-z0-9]*/boundary=----------------------------/ - -POST /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Length: 200 -Content-Type: multipart/form-data; boundary=---------------------------- - ------------------------------- -Content-Disposition: form-data; name="data" -Content-Type: text/html - -fun-times --------------------------------- -POST /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Length: 427 -Content-Type: multipart/form-data; boundary=---------------------------- - ------------------------------- -Content-Disposition: form-data -Content-Type: multipart/mixed; boundary=---------------------------- - ------------------------------- -Content-Disposition: attachment; name="data" -Content-Type: text/html - -fun-times --------------------------------- - --------------------------------- + +POST /we/want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Length: 200 +Content-Type: multipart/form-data; boundary=---------------------------- + +------------------------------ +Content-Disposition: form-data; name="data" +Content-Type: text/html + +fun-times +-------------------------------- +POST /we/want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Length: 427 +Content-Type: multipart/form-data; boundary=---------------------------- + +------------------------------ +Content-Disposition: form-data +Content-Type: multipart/mixed; boundary=---------------------------- + +------------------------------ +Content-Disposition: attachment; name="data" +Content-Type: text/html + +fun-times +-------------------------------- + +-------------------------------- diff --git a/tests/data/test762 b/tests/data/test762 index 62ce9e6325..2d7aedcf7f 100644 --- a/tests/data/test762 +++ b/tests/data/test762 @@ -38,12 +38,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -O --remote-time --output-dir %LOGDIR # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + 12345 diff --git a/tests/data/test77 b/tests/data/test77 index baa9bfc360..bde62adce3 100644 --- a/tests/data/test77 +++ b/tests/data/test77 @@ -42,13 +42,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -z "dec 12 12:00:00 1999 GMT" # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -If-Modified-Since: Sun, 12 Dec 1999 12:00:00 GMT - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +If-Modified-Since: Sun, 12 Dec 1999 12:00:00 GMT + diff --git a/tests/data/test775 b/tests/data/test775 index 7b5c3696dc..6a03ad8fee 100644 --- a/tests/data/test775 +++ b/tests/data/test775 @@ -52,13 +52,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser%repeat[1100 x A]%:testpass --nt # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +User-Agent: curl/%VERSION +Accept: */* + 100 diff --git a/tests/data/test78 b/tests/data/test78 index d52fb15548..545adca001 100644 --- a/tests/data/test78 +++ b/tests/data/test78 @@ -54,13 +54,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -z "dec 12 11:00:00 1999 GMT" # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -If-Modified-Since: Sun, 12 Dec 1999 11:00:00 GMT - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +If-Modified-Since: Sun, 12 Dec 1999 11:00:00 GMT + diff --git a/tests/data/test79 b/tests/data/test79 index e836b3bf5c..8a52c09f98 100644 --- a/tests/data/test79 +++ b/tests/data/test79 @@ -42,13 +42,13 @@ ftp://%HOSTIP:%HTTPPORT/we/want/that/page/%TESTNUMBER -x %HOSTIP:%HTTPPORT # # Verify data after the test has been "shot" - -GET ftp://%HOSTIP:%HTTPPORT/we/want/that/page/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET ftp://%HOSTIP:%HTTPPORT/we/want/that/page/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test794 b/tests/data/test794 index b6af9677ad..479f1b1be2 100644 --- a/tests/data/test794 +++ b/tests/data/test794 @@ -75,7 +75,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --no-progress-meter -X IGLOO -d moo --locat ^User-Agent:.* - + IGLOO /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test796 b/tests/data/test796 index 2e0c4077b4..bfef4bd07d 100644 --- a/tests/data/test796 +++ b/tests/data/test796 @@ -75,7 +75,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -X IGLOO -d moo --follow ^User-Agent:.* - + IGLOO /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test797 b/tests/data/test797 index b0602c1302..5c28f3ccd7 100644 --- a/tests/data/test797 +++ b/tests/data/test797 @@ -75,7 +75,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -X IGLOO -d moo --follow ^User-Agent:.* - + IGLOO /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test799 b/tests/data/test799 index e8563a598f..ec6d94ca8a 100644 --- a/tests/data/test799 +++ b/tests/data/test799 @@ -42,12 +42,12 @@ IMAP with --login-options 'AUTH=+LOGIN' # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 LOGIN user secret -A003 SELECT %TESTNUMBER -A004 FETCH 1 BODY[] -A005 LOGOUT + +A001 CAPABILITY +A002 LOGIN user secret +A003 SELECT %TESTNUMBER +A004 FETCH 1 BODY[] +A005 LOGOUT diff --git a/tests/data/test8 b/tests/data/test8 index 5ed328bbed..ee1263eba4 100644 --- a/tests/data/test8 +++ b/tests/data/test8 @@ -88,13 +88,13 @@ cookies # Verify data after the test has been "shot" - -GET /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Cookie: name with space=is weird but; trailingspace=removed; cookie=perhaps; cookie=yes; foobar=name; blexp=yesyes; cookie9=junk-- - + +GET /we/want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Cookie: name with space=is weird but; trailingspace=removed; cookie=perhaps; cookie=yes; foobar=name; blexp=yesyes; cookie9=junk-- + diff --git a/tests/data/test80 b/tests/data/test80 index 2ffcd8987f..c840527bf1 100644 --- a/tests/data/test80 +++ b/tests/data/test80 @@ -70,12 +70,12 @@ Proxy-Authorization: Basic %b64[youare:yourself]b64% Proxy-Connection: Keep-Alive - -GET /we/want/that/page/%TESTNUMBER HTTP/1.1 -Host: test.%TESTNUMBER:%HTTPPORT -Authorization: Basic %b64[iam:myself]b64% -Accept: */* - + +GET /we/want/that/page/%TESTNUMBER HTTP/1.1 +Host: test.%TESTNUMBER:%HTTPPORT +Authorization: Basic %b64[iam:myself]b64% +Accept: */* + diff --git a/tests/data/test800 b/tests/data/test800 index a2daf240a7..11a3f87784 100644 --- a/tests/data/test800 +++ b/tests/data/test800 @@ -38,12 +38,12 @@ IMAP FETCH message # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 LOGIN "\"user" "sec\"ret{" -A003 SELECT %TESTNUMBER -A004 FETCH 1 BODY[] -A005 LOGOUT + +A001 CAPABILITY +A002 LOGIN "\"user" "sec\"ret{" +A003 SELECT %TESTNUMBER +A004 FETCH 1 BODY[] +A005 LOGOUT diff --git a/tests/data/test801 b/tests/data/test801 index 9b68d62a86..0fda1c2504 100644 --- a/tests/data/test801 +++ b/tests/data/test801 @@ -35,12 +35,12 @@ IMAP FETCH message by MAILINDEX and SECTION # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 LOGIN user secret -A003 SELECT %TESTNUMBER -A004 FETCH 123 BODY[1] -A005 LOGOUT + +A001 CAPABILITY +A002 LOGIN user secret +A003 SELECT %TESTNUMBER +A004 FETCH 123 BODY[1] +A005 LOGOUT diff --git a/tests/data/test802 b/tests/data/test802 index 1e2e35bfa0..8d93c79225 100644 --- a/tests/data/test802 +++ b/tests/data/test802 @@ -36,12 +36,12 @@ IMAP SELECT UIDVALIDITY Success # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 LOGIN user secret -A003 SELECT %TESTNUMBER -A004 FETCH 123 BODY[TEXT] -A005 LOGOUT + +A001 CAPABILITY +A002 LOGIN user secret +A003 SELECT %TESTNUMBER +A004 FETCH 123 BODY[TEXT] +A005 LOGOUT diff --git a/tests/data/test803 b/tests/data/test803 index 6fb00eb0a6..d5bd7b19f9 100644 --- a/tests/data/test803 +++ b/tests/data/test803 @@ -35,11 +35,11 @@ IMAP SELECT UIDVALIDITY Failure 78 - -A001 CAPABILITY -A002 LOGIN user secret -A003 SELECT %TESTNUMBER -A004 LOGOUT + +A001 CAPABILITY +A002 LOGIN user secret +A003 SELECT %TESTNUMBER +A004 LOGOUT diff --git a/tests/data/test804 b/tests/data/test804 index 9d6c7e94e9..f755a262ae 100644 --- a/tests/data/test804 +++ b/tests/data/test804 @@ -35,13 +35,13 @@ IMAP doesn't perform SELECT if reusing the same mailbox # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 LOGIN user secret -A003 SELECT %TESTNUMBER -A004 FETCH 123 BODY[1] -A005 FETCH 456 BODY[2.3] -A006 LOGOUT + +A001 CAPABILITY +A002 LOGIN user secret +A003 SELECT %TESTNUMBER +A004 FETCH 123 BODY[1] +A005 FETCH 456 BODY[2.3] +A006 LOGOUT diff --git a/tests/data/test805 b/tests/data/test805 index 7370e63604..8953d58680 100644 --- a/tests/data/test805 +++ b/tests/data/test805 @@ -41,22 +41,22 @@ Hello Joe, do you think we can meet at 3:30 tomorrow? # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 LOGIN user secret -A003 APPEND %TESTNUMBER (\Seen) {295} -A004 LOGOUT + +A001 CAPABILITY +A002 LOGIN user secret +A003 APPEND %TESTNUMBER (\Seen) {295} +A004 LOGOUT - -Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST) -From: Fred Foobar -Subject: afternoon meeting -To: joe@example.com -Message-Id: -MIME-Version: 1.0 -Content-Type: TEXT/PLAIN; CHARSET=US-ASCII - -Hello Joe, do you think we can meet at 3:30 tomorrow? + +Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST) +From: Fred Foobar +Subject: afternoon meeting +To: joe@example.com +Message-Id: +MIME-Version: 1.0 +Content-Type: TEXT/PLAIN; CHARSET=US-ASCII + +Hello Joe, do you think we can meet at 3:30 tomorrow? diff --git a/tests/data/test806 b/tests/data/test806 index adfbc11212..6b7e6ff7fe 100644 --- a/tests/data/test806 +++ b/tests/data/test806 @@ -34,11 +34,11 @@ imap://%HOSTIP:%IMAPPORT/%TESTNUMBER -u user:secret # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 LOGIN user secret -A003 LIST "%TESTNUMBER" * -A004 LOGOUT + +A001 CAPABILITY +A002 LOGIN user secret +A003 LIST "%TESTNUMBER" * +A004 LOGOUT diff --git a/tests/data/test807 b/tests/data/test807 index 80a1044da0..5da8105914 100644 --- a/tests/data/test807 +++ b/tests/data/test807 @@ -35,11 +35,11 @@ imap://%HOSTIP:%IMAPPORT -u user:secret -X 'LSUB "%TESTNUMBER" *' # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 LOGIN user secret -A003 LSUB "%TESTNUMBER" * -A004 LOGOUT + +A001 CAPABILITY +A002 LOGIN user secret +A003 LSUB "%TESTNUMBER" * +A004 LOGOUT diff --git a/tests/data/test808 b/tests/data/test808 index 542f87e6d6..6795143d4d 100644 --- a/tests/data/test808 +++ b/tests/data/test808 @@ -39,11 +39,11 @@ imap://%HOSTIP:%IMAPPORT -u user:secret -X 'EXAMINE %TESTNUMBER' # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 LOGIN user secret -A003 EXAMINE %TESTNUMBER -A004 LOGOUT + +A001 CAPABILITY +A002 LOGIN user secret +A003 EXAMINE %TESTNUMBER +A004 LOGOUT diff --git a/tests/data/test809 b/tests/data/test809 index 25635d21f0..af4c808419 100644 --- a/tests/data/test809 +++ b/tests/data/test809 @@ -33,11 +33,11 @@ imap://%HOSTIP:%IMAPPORT -u user:secret -X 'STATUS %TESTNUMBER (UIDNEXT MESSAGES # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 LOGIN user secret -A003 STATUS %TESTNUMBER (UIDNEXT MESSAGES) -A004 LOGOUT + +A001 CAPABILITY +A002 LOGIN user secret +A003 STATUS %TESTNUMBER (UIDNEXT MESSAGES) +A004 LOGOUT diff --git a/tests/data/test81 b/tests/data/test81 index f692f34f46..27f1247a97 100644 --- a/tests/data/test81 +++ b/tests/data/test81 @@ -73,21 +73,21 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --proxy-user testuser:testpass -x http://%H # Verify data after the test has been "shot" - -GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test810 b/tests/data/test810 index 37d76f6ba0..af9a310f7a 100644 --- a/tests/data/test810 +++ b/tests/data/test810 @@ -32,12 +32,12 @@ imap://%HOSTIP:%IMAPPORT/%TESTNUMBER?NEW -u user:secret # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 LOGIN user secret -A003 SELECT %TESTNUMBER -A004 SEARCH NEW -A005 LOGOUT + +A001 CAPABILITY +A002 LOGIN user secret +A003 SELECT %TESTNUMBER +A004 SEARCH NEW +A005 LOGOUT diff --git a/tests/data/test811 b/tests/data/test811 index e2520c3319..5f51502244 100644 --- a/tests/data/test811 +++ b/tests/data/test811 @@ -30,11 +30,11 @@ imap://%HOSTIP:%IMAPPORT -u user:secret -X 'CREATE %TESTNUMBER' # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 LOGIN user secret -A003 CREATE %TESTNUMBER -A004 LOGOUT + +A001 CAPABILITY +A002 LOGIN user secret +A003 CREATE %TESTNUMBER +A004 LOGOUT diff --git a/tests/data/test812 b/tests/data/test812 index 0180e023e8..f51b71dad5 100644 --- a/tests/data/test812 +++ b/tests/data/test812 @@ -30,11 +30,11 @@ imap://%HOSTIP:%IMAPPORT -u user:secret -X 'DELETE %TESTNUMBER' # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 LOGIN user secret -A003 DELETE %TESTNUMBER -A004 LOGOUT + +A001 CAPABILITY +A002 LOGIN user secret +A003 DELETE %TESTNUMBER +A004 LOGOUT diff --git a/tests/data/test813 b/tests/data/test813 index 674d308fd7..741b4968fb 100644 --- a/tests/data/test813 +++ b/tests/data/test813 @@ -30,11 +30,11 @@ imap://%HOSTIP:%IMAPPORT -u user:secret -X 'RENAME 666 %TESTNUMBER' # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 LOGIN user secret -A003 RENAME 666 %TESTNUMBER -A004 LOGOUT + +A001 CAPABILITY +A002 LOGIN user secret +A003 RENAME 666 %TESTNUMBER +A004 LOGOUT diff --git a/tests/data/test814 b/tests/data/test814 index e73b0e894a..df10a65592 100644 --- a/tests/data/test814 +++ b/tests/data/test814 @@ -30,12 +30,12 @@ imap://%HOSTIP:%IMAPPORT/%TESTNUMBER -u user:secret -X 'CHECK' # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 LOGIN user secret -A003 SELECT %TESTNUMBER -A004 CHECK -A005 LOGOUT + +A001 CAPABILITY +A002 LOGIN user secret +A003 SELECT %TESTNUMBER +A004 CHECK +A005 LOGOUT diff --git a/tests/data/test815 b/tests/data/test815 index 04daef90f0..57af869fa3 100644 --- a/tests/data/test815 +++ b/tests/data/test815 @@ -34,13 +34,13 @@ imap://%HOSTIP:%IMAPPORT/%TESTNUMBER -X 'STORE 123 +Flags \Deleted' -u user:secr # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 LOGIN user secret -A003 SELECT %TESTNUMBER -A004 STORE 123 +Flags \Deleted -A005 CLOSE -A006 LOGOUT + +A001 CAPABILITY +A002 LOGIN user secret +A003 SELECT %TESTNUMBER +A004 STORE 123 +Flags \Deleted +A005 CLOSE +A006 LOGOUT diff --git a/tests/data/test816 b/tests/data/test816 index b6054cacfc..c45cc1172f 100644 --- a/tests/data/test816 +++ b/tests/data/test816 @@ -37,13 +37,13 @@ imap://%HOSTIP:%IMAPPORT/%TESTNUMBER -X 'STORE 123 +Flags \Deleted' -u user:secr # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 LOGIN user secret -A003 SELECT %TESTNUMBER -A004 STORE 123 +Flags \Deleted -A005 EXPUNGE -A006 LOGOUT + +A001 CAPABILITY +A002 LOGIN user secret +A003 SELECT %TESTNUMBER +A004 STORE 123 +Flags \Deleted +A005 EXPUNGE +A006 LOGOUT diff --git a/tests/data/test817 b/tests/data/test817 index c608f65b0f..ce5b0adb45 100644 --- a/tests/data/test817 +++ b/tests/data/test817 @@ -30,11 +30,11 @@ imap://%HOSTIP:%IMAPPORT -u user:secret -X 'COPY 123 %TESTNUMBER' # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 LOGIN user secret -A003 COPY 123 %TESTNUMBER -A004 LOGOUT + +A001 CAPABILITY +A002 LOGIN user secret +A003 COPY 123 %TESTNUMBER +A004 LOGOUT diff --git a/tests/data/test818 b/tests/data/test818 index dd917ea399..e096b13fd4 100644 --- a/tests/data/test818 +++ b/tests/data/test818 @@ -36,11 +36,11 @@ imap://%HOSTIP:%IMAPPORT -X NOOP -u user:secret # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 LOGIN user secret -A003 NOOP -A004 LOGOUT + +A001 CAPABILITY +A002 LOGIN user secret +A003 NOOP +A004 LOGOUT diff --git a/tests/data/test819 b/tests/data/test819 index 50ff226691..81f0277c45 100644 --- a/tests/data/test819 +++ b/tests/data/test819 @@ -44,13 +44,13 @@ IMAP plain authentication # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 AUTHENTICATE PLAIN -AHVzZXIAc2VjcmV0 -A003 SELECT %TESTNUMBER -A004 FETCH 1 BODY[] -A005 LOGOUT + +A001 CAPABILITY +A002 AUTHENTICATE PLAIN +AHVzZXIAc2VjcmV0 +A003 SELECT %TESTNUMBER +A004 FETCH 1 BODY[] +A005 LOGOUT diff --git a/tests/data/test82 b/tests/data/test82 index c343d0a2de..6974bc3a1f 100644 --- a/tests/data/test82 +++ b/tests/data/test82 @@ -41,14 +41,14 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --proxy-user testuser:testpass -x http://%H # Verify data after the test has been "shot" - -GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Proxy-Authorization: Basic %b64[testuser:testpass]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Proxy-Authorization: Basic %b64[testuser:testpass]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test820 b/tests/data/test820 index 80ac25f27d..e617e241bf 100644 --- a/tests/data/test820 +++ b/tests/data/test820 @@ -44,14 +44,14 @@ IMAP login authentication # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 AUTHENTICATE LOGIN -dXNlcg== -c2VjcmV0 -A003 SELECT %TESTNUMBER -A004 FETCH 1 BODY[] -A005 LOGOUT + +A001 CAPABILITY +A002 AUTHENTICATE LOGIN +dXNlcg== +c2VjcmV0 +A003 SELECT %TESTNUMBER +A004 FETCH 1 BODY[] +A005 LOGOUT diff --git a/tests/data/test821 b/tests/data/test821 index 4179220800..2b928fe1d0 100644 --- a/tests/data/test821 +++ b/tests/data/test821 @@ -48,13 +48,13 @@ IMAP CRAM-MD5 authentication # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 AUTHENTICATE CRAM-MD5 -dXNlciA3MDMxNzI1NTk5ZmRiYjVkNDEyNjg5YWEzMjNlM2UwYg== -A003 SELECT %TESTNUMBER -A004 FETCH 1 BODY[] -A005 LOGOUT + +A001 CAPABILITY +A002 AUTHENTICATE CRAM-MD5 +dXNlciA3MDMxNzI1NTk5ZmRiYjVkNDEyNjg5YWEzMjNlM2UwYg== +A003 SELECT %TESTNUMBER +A004 FETCH 1 BODY[] +A005 LOGOUT diff --git a/tests/data/test822 b/tests/data/test822 index 61db77dc3c..4f4859544d 100644 --- a/tests/data/test822 +++ b/tests/data/test822 @@ -50,14 +50,14 @@ IMAP NTLM authentication # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 AUTHENTICATE NTLM -TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= -A003 SELECT %TESTNUMBER -A004 FETCH 1 BODY[] -A005 LOGOUT + +A001 CAPABILITY +A002 AUTHENTICATE NTLM +TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +A003 SELECT %TESTNUMBER +A004 FETCH 1 BODY[] +A005 LOGOUT diff --git a/tests/data/test823 b/tests/data/test823 index 91d75fed4a..aef99f0f0b 100644 --- a/tests/data/test823 +++ b/tests/data/test823 @@ -54,14 +54,14 @@ IMAP DIGEST-MD5 authentication # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 AUTHENTICATE DIGEST-MD5 -dXNlcm5hbWU9InVzZXIiLHJlYWxtPSJjdXJsIixub25jZT0iNTMwMGQxN2ExZDY5NWJkNDExZTRjZGY5NmY5NTQ4YzIzY2VkNjE3NSIsY25vbmNlPSIzNDMzMzIzMTM1MzMzMjMxMzYzMzMyMzEzNzMzMzIzMSIsbmM9IjAwMDAwMDAxIixkaWdlc3QtdXJpPSJpbWFwLzEyNy4wLjAuMSIscmVzcG9uc2U9YmU2MzgyNDkzNjJkN2FhMGUzNTM4NTA3Njc1MWFiNDgscW9wPWF1dGg= - -A003 SELECT %TESTNUMBER -A004 FETCH 1 BODY[] -A005 LOGOUT + +A001 CAPABILITY +A002 AUTHENTICATE DIGEST-MD5 +dXNlcm5hbWU9InVzZXIiLHJlYWxtPSJjdXJsIixub25jZT0iNTMwMGQxN2ExZDY5NWJkNDExZTRjZGY5NmY5NTQ4YzIzY2VkNjE3NSIsY25vbmNlPSIzNDMzMzIzMTM1MzMzMjMxMzYzMzMyMzEzNzMzMzIzMSIsbmM9IjAwMDAwMDAxIixkaWdlc3QtdXJpPSJpbWFwLzEyNy4wLjAuMSIscmVzcG9uc2U9YmU2MzgyNDkzNjJkN2FhMGUzNTM4NTA3Njc1MWFiNDgscW9wPWF1dGg= + +A003 SELECT %TESTNUMBER +A004 FETCH 1 BODY[] +A005 LOGOUT diff --git a/tests/data/test824 b/tests/data/test824 index 0abda22b0a..b2d16dc9c8 100644 --- a/tests/data/test824 +++ b/tests/data/test824 @@ -44,13 +44,13 @@ IMAP OAuth 2.0 (XOAUTH2) authentication # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 AUTHENTICATE XOAUTH2 -dXNlcj11c2VyAWF1dGg9QmVhcmVyIG1GXzkuQjVmLTQuMUpxTQEB -A003 SELECT %TESTNUMBER -A004 FETCH 1 BODY[] -A005 LOGOUT + +A001 CAPABILITY +A002 AUTHENTICATE XOAUTH2 +dXNlcj11c2VyAWF1dGg9QmVhcmVyIG1GXzkuQjVmLTQuMUpxTQEB +A003 SELECT %TESTNUMBER +A004 FETCH 1 BODY[] +A005 LOGOUT diff --git a/tests/data/test825 b/tests/data/test825 index 64d57f5feb..9f5336e377 100644 --- a/tests/data/test825 +++ b/tests/data/test825 @@ -45,12 +45,12 @@ IMAP plain authentication with initial response # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 AUTHENTICATE PLAIN AHVzZXIAc2VjcmV0 -A003 SELECT %TESTNUMBER -A004 FETCH 1 BODY[] -A005 LOGOUT + +A001 CAPABILITY +A002 AUTHENTICATE PLAIN AHVzZXIAc2VjcmV0 +A003 SELECT %TESTNUMBER +A004 FETCH 1 BODY[] +A005 LOGOUT diff --git a/tests/data/test826 b/tests/data/test826 index b3b0dc335f..9f49957e7d 100644 --- a/tests/data/test826 +++ b/tests/data/test826 @@ -45,13 +45,13 @@ IMAP login authentication with initial response # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 AUTHENTICATE LOGIN dXNlcg== -c2VjcmV0 -A003 SELECT %TESTNUMBER -A004 FETCH 1 BODY[] -A005 LOGOUT + +A001 CAPABILITY +A002 AUTHENTICATE LOGIN dXNlcg== +c2VjcmV0 +A003 SELECT %TESTNUMBER +A004 FETCH 1 BODY[] +A005 LOGOUT diff --git a/tests/data/test827 b/tests/data/test827 index 493775381f..58a89015bb 100644 --- a/tests/data/test827 +++ b/tests/data/test827 @@ -51,13 +51,13 @@ IMAP NTLM authentication with initial response # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 AUTHENTICATE NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= -A003 SELECT %TESTNUMBER -A004 FETCH 1 BODY[] -A005 LOGOUT + +A001 CAPABILITY +A002 AUTHENTICATE NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +A003 SELECT %TESTNUMBER +A004 FETCH 1 BODY[] +A005 LOGOUT diff --git a/tests/data/test828 b/tests/data/test828 index a3548464e8..cda2e33258 100644 --- a/tests/data/test828 +++ b/tests/data/test828 @@ -45,12 +45,12 @@ IMAP OAuth 2.0 (XOAUTH2) authentication with initial response # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 AUTHENTICATE XOAUTH2 dXNlcj11c2VyAWF1dGg9QmVhcmVyIG1GXzkuQjVmLTQuMUpxTQEB -A003 SELECT %TESTNUMBER -A004 FETCH 1 BODY[] -A005 LOGOUT + +A001 CAPABILITY +A002 AUTHENTICATE XOAUTH2 dXNlcj11c2VyAWF1dGg9QmVhcmVyIG1GXzkuQjVmLTQuMUpxTQEB +A003 SELECT %TESTNUMBER +A004 FETCH 1 BODY[] +A005 LOGOUT diff --git a/tests/data/test83 b/tests/data/test83 index 1d138ce10a..b6e89a65fb 100644 --- a/tests/data/test83 +++ b/tests/data/test83 @@ -67,13 +67,13 @@ User-Agent: curl/%VERSION Proxy-Connection: Keep-Alive - -GET /we/want/that/page/%TESTNUMBER HTTP/1.1 -Host: test.%TESTNUMBER:%HTTPPORT -Authorization: Basic %b64[iam:my:;self]b64% -User-Agent: curl/%VERSION -Accept: */* - + +GET /we/want/that/page/%TESTNUMBER HTTP/1.1 +Host: test.%TESTNUMBER:%HTTPPORT +Authorization: Basic %b64[iam:my:;self]b64% +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test830 b/tests/data/test830 index 1465406e1b..8124e1a13c 100644 --- a/tests/data/test830 +++ b/tests/data/test830 @@ -48,10 +48,10 @@ IMAP CRAM-MD5 graceful cancellation # # The multi interface considers a broken "CONNECT" as a prematurely broken # transfer and such a connection will not get a "LOGOUT" - -A001 CAPABILITY -A002 AUTHENTICATE CRAM-MD5 -* + +A001 CAPABILITY +A002 AUTHENTICATE CRAM-MD5 +* diff --git a/tests/data/test831 b/tests/data/test831 index 1ef3d45c41..c095bcda5d 100644 --- a/tests/data/test831 +++ b/tests/data/test831 @@ -49,11 +49,11 @@ IMAP NTLM graceful cancellation # # The multi interface considers a broken "CONNECT" as a prematurely broken # transfer and such a connection will not get a "LOGOUT" - -A001 CAPABILITY -A002 AUTHENTICATE NTLM -TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -* + +A001 CAPABILITY +A002 AUTHENTICATE NTLM +TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +* diff --git a/tests/data/test832 b/tests/data/test832 index 5787bbc797..f5a0323e3a 100644 --- a/tests/data/test832 +++ b/tests/data/test832 @@ -50,10 +50,10 @@ IMAP DIGEST-MD5 graceful cancellation # # The multi interface considers a broken "CONNECT" as a prematurely broken # transfer and such a connection will not get a "LOGOUT" - -A001 CAPABILITY -A002 AUTHENTICATE DIGEST-MD5 -* + +A001 CAPABILITY +A002 AUTHENTICATE DIGEST-MD5 +* diff --git a/tests/data/test833 b/tests/data/test833 index bda66c514c..f8a204deb2 100644 --- a/tests/data/test833 +++ b/tests/data/test833 @@ -52,15 +52,15 @@ IMAP CRAM-MD5 authentication with SASL downgrade # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 AUTHENTICATE CRAM-MD5 -* -A003 AUTHENTICATE PLAIN -AHVzZXIAc2VjcmV0 -A004 SELECT %TESTNUMBER -A005 FETCH 1 BODY[] -A006 LOGOUT + +A001 CAPABILITY +A002 AUTHENTICATE CRAM-MD5 +* +A003 AUTHENTICATE PLAIN +AHVzZXIAc2VjcmV0 +A004 SELECT %TESTNUMBER +A005 FETCH 1 BODY[] +A006 LOGOUT diff --git a/tests/data/test834 b/tests/data/test834 index ccdf0d1fdb..fdfcde8834 100644 --- a/tests/data/test834 +++ b/tests/data/test834 @@ -53,16 +53,16 @@ IMAP NTLM authentication with SASL downgrade # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 AUTHENTICATE NTLM -TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -* -A003 AUTHENTICATE PLAIN -AHVzZXIAc2VjcmV0 -A004 SELECT %TESTNUMBER -A005 FETCH 1 BODY[] -A006 LOGOUT + +A001 CAPABILITY +A002 AUTHENTICATE NTLM +TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +* +A003 AUTHENTICATE PLAIN +AHVzZXIAc2VjcmV0 +A004 SELECT %TESTNUMBER +A005 FETCH 1 BODY[] +A006 LOGOUT diff --git a/tests/data/test835 b/tests/data/test835 index aa3a446706..b1e0f34225 100644 --- a/tests/data/test835 +++ b/tests/data/test835 @@ -54,15 +54,15 @@ IMAP DIGEST-MD5 authentication with SASL downgrade # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 AUTHENTICATE DIGEST-MD5 -* -A003 AUTHENTICATE PLAIN -AHVzZXIAc2VjcmV0 -A004 SELECT %TESTNUMBER -A005 FETCH 1 BODY[] -A006 LOGOUT + +A001 CAPABILITY +A002 AUTHENTICATE DIGEST-MD5 +* +A003 AUTHENTICATE PLAIN +AHVzZXIAc2VjcmV0 +A004 SELECT %TESTNUMBER +A005 FETCH 1 BODY[] +A006 LOGOUT diff --git a/tests/data/test836 b/tests/data/test836 index 821d5392bb..cdcb0e9a9b 100644 --- a/tests/data/test836 +++ b/tests/data/test836 @@ -43,17 +43,17 @@ IMAP multiple connection authentication # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 LOGIN user.one secret -A003 SELECT %TESTNUMBER -A004 FETCH 1 BODY[] -A005 LOGOUT -B001 CAPABILITY -B002 LOGIN user.two secret -B003 SELECT %TESTNUMBER -B004 FETCH 2 BODY[] -B005 LOGOUT + +A001 CAPABILITY +A002 LOGIN user.one secret +A003 SELECT %TESTNUMBER +A004 FETCH 1 BODY[] +A005 LOGOUT +B001 CAPABILITY +B002 LOGIN user.two secret +B003 SELECT %TESTNUMBER +B004 FETCH 2 BODY[] +B005 LOGOUT diff --git a/tests/data/test837 b/tests/data/test837 index 74b575a6ed..b5735ea099 100644 --- a/tests/data/test837 +++ b/tests/data/test837 @@ -44,13 +44,13 @@ IMAP external authentication # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 AUTHENTICATE EXTERNAL -dXNlcg== -A003 SELECT %TESTNUMBER -A004 FETCH 1 BODY[] -A005 LOGOUT + +A001 CAPABILITY +A002 AUTHENTICATE EXTERNAL +dXNlcg== +A003 SELECT %TESTNUMBER +A004 FETCH 1 BODY[] +A005 LOGOUT diff --git a/tests/data/test838 b/tests/data/test838 index c6081fb638..bbd282289d 100644 --- a/tests/data/test838 +++ b/tests/data/test838 @@ -44,13 +44,13 @@ IMAP external authentication without credentials # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 AUTHENTICATE EXTERNAL -= -A003 SELECT %TESTNUMBER -A004 FETCH 1 BODY[] -A005 LOGOUT + +A001 CAPABILITY +A002 AUTHENTICATE EXTERNAL += +A003 SELECT %TESTNUMBER +A004 FETCH 1 BODY[] +A005 LOGOUT diff --git a/tests/data/test839 b/tests/data/test839 index 9f443b42aa..8350c414bf 100644 --- a/tests/data/test839 +++ b/tests/data/test839 @@ -45,12 +45,12 @@ IMAP external authentication with initial response # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 AUTHENTICATE EXTERNAL dXNlcg== -A003 SELECT %TESTNUMBER -A004 FETCH 1 BODY[] -A005 LOGOUT + +A001 CAPABILITY +A002 AUTHENTICATE EXTERNAL dXNlcg== +A003 SELECT %TESTNUMBER +A004 FETCH 1 BODY[] +A005 LOGOUT diff --git a/tests/data/test84 b/tests/data/test84 index 2cbd8a575d..9dca293375 100644 --- a/tests/data/test84 +++ b/tests/data/test84 @@ -41,14 +41,14 @@ proxy # # Verify data after the test has been "shot" - -GET http://%HOSTIP:%HTTPPORT/we/want/that/page/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[iam:myself]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://%HOSTIP:%HTTPPORT/we/want/that/page/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[iam:myself]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test840 b/tests/data/test840 index 48fd32a349..612e1119eb 100644 --- a/tests/data/test840 +++ b/tests/data/test840 @@ -45,12 +45,12 @@ IMAP external authentication with initial response without credentials # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 AUTHENTICATE EXTERNAL = -A003 SELECT %TESTNUMBER -A004 FETCH 1 BODY[] -A005 LOGOUT + +A001 CAPABILITY +A002 AUTHENTICATE EXTERNAL = +A003 SELECT %TESTNUMBER +A004 FETCH 1 BODY[] +A005 LOGOUT diff --git a/tests/data/test841 b/tests/data/test841 index debf6cfb84..eee632f555 100644 --- a/tests/data/test841 +++ b/tests/data/test841 @@ -45,12 +45,12 @@ IMAP custom request doesn't check continuation data # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 LOGIN user secret -A003 SELECT %TESTNUMBER -A004 FETCH 123 BODY[1] -A005 LOGOUT + +A001 CAPABILITY +A002 LOGIN user secret +A003 SELECT %TESTNUMBER +A004 FETCH 123 BODY[1] +A005 LOGOUT diff --git a/tests/data/test842 b/tests/data/test842 index 1cea6e39d3..e66d5b1aa6 100644 --- a/tests/data/test842 +++ b/tests/data/test842 @@ -47,13 +47,13 @@ IMAP OAuth 2.0 (OAUTHBEARER) authentication # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 AUTHENTICATE OAUTHBEARER -%b64[n,a=user,%01host=127.0.0.1%01port=%IMAPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% -A003 SELECT %TESTNUMBER -A004 FETCH 1 BODY[] -A005 LOGOUT + +A001 CAPABILITY +A002 AUTHENTICATE OAUTHBEARER +%b64[n,a=user,%01host=127.0.0.1%01port=%IMAPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% +A003 SELECT %TESTNUMBER +A004 FETCH 1 BODY[] +A005 LOGOUT diff --git a/tests/data/test843 b/tests/data/test843 index 774c4c5e74..fa8df84c8f 100644 --- a/tests/data/test843 +++ b/tests/data/test843 @@ -46,12 +46,12 @@ IMAP OAuth 2.0 (OAUTHBEARER) authentication with initial response # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 AUTHENTICATE OAUTHBEARER %b64[n,a=user,%01host=127.0.0.1%01port=%IMAPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% -A003 SELECT %TESTNUMBER -A004 FETCH 1 BODY[] -A005 LOGOUT + +A001 CAPABILITY +A002 AUTHENTICATE OAUTHBEARER %b64[n,a=user,%01host=127.0.0.1%01port=%IMAPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% +A003 SELECT %TESTNUMBER +A004 FETCH 1 BODY[] +A005 LOGOUT diff --git a/tests/data/test844 b/tests/data/test844 index fd65d750c6..caa324638a 100644 --- a/tests/data/test844 +++ b/tests/data/test844 @@ -43,10 +43,10 @@ IMAP OAuth 2.0 (OAUTHBEARER) failure as continuation # # The multi interface considers a broken "CONNECT" as a prematurely broken # transfer and such a connection will not get a "LOGOUT" - -A001 CAPABILITY -A002 AUTHENTICATE OAUTHBEARER -%b64[n,a=user,%01host=127.0.0.1%01port=%IMAPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% + +A001 CAPABILITY +A002 AUTHENTICATE OAUTHBEARER +%b64[n,a=user,%01host=127.0.0.1%01port=%IMAPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% diff --git a/tests/data/test845 b/tests/data/test845 index c9cae6d65a..f68be7d67c 100644 --- a/tests/data/test845 +++ b/tests/data/test845 @@ -45,10 +45,10 @@ IMAP OAuth 2.0 (OAUTHBEARER) failure as continuation with initial response # # The multi interface considers a broken "CONNECT" as a prematurely broken # transfer and such a connection will not get a "LOGOUT" - -A001 CAPABILITY -A002 AUTHENTICATE OAUTHBEARER %b64[n,a=user,%01host=127.0.0.1%01port=%IMAPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% -%b64[%01]b64% + +A001 CAPABILITY +A002 AUTHENTICATE OAUTHBEARER %b64[n,a=user,%01host=127.0.0.1%01port=%IMAPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% +%b64[%01]b64% diff --git a/tests/data/test846 b/tests/data/test846 index 49c391ffe9..bbbc92c51a 100644 --- a/tests/data/test846 +++ b/tests/data/test846 @@ -40,11 +40,11 @@ IMAP PREAUTH response # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 SELECT %TESTNUMBER -A003 FETCH 1 BODY[] -A004 LOGOUT + +A001 CAPABILITY +A002 SELECT %TESTNUMBER +A003 FETCH 1 BODY[] +A004 LOGOUT diff --git a/tests/data/test847 b/tests/data/test847 index 6972f45fb1..b78cad1189 100644 --- a/tests/data/test847 +++ b/tests/data/test847 @@ -38,12 +38,12 @@ IMAP FETCH message # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 LOGIN "\"user" "sec\"ret{" -A003 SELECT %TESTNUMBER -A004 UID FETCH 1 BODY[] -A005 LOGOUT + +A001 CAPABILITY +A002 LOGIN "\"user" "sec\"ret{" +A003 SELECT %TESTNUMBER +A004 UID FETCH 1 BODY[] +A005 LOGOUT diff --git a/tests/data/test848 b/tests/data/test848 index a0d5a29e7d..32f589d525 100644 --- a/tests/data/test848 +++ b/tests/data/test848 @@ -44,13 +44,13 @@ IMAP plain authentication with alternative authorization identity # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 AUTHENTICATE PLAIN -c2hhcmVkLW1haWxib3gAdXNlcgBzZWNyZXQ= -A003 SELECT %TESTNUMBER -A004 FETCH 1 BODY[] -A005 LOGOUT + +A001 CAPABILITY +A002 AUTHENTICATE PLAIN +c2hhcmVkLW1haWxib3gAdXNlcgBzZWNyZXQ= +A003 SELECT %TESTNUMBER +A004 FETCH 1 BODY[] +A005 LOGOUT diff --git a/tests/data/test849 b/tests/data/test849 index e092da3904..3e771c2ffd 100644 --- a/tests/data/test849 +++ b/tests/data/test849 @@ -42,10 +42,10 @@ IMAP plain auth with alt authorization identity (Not authorized) # # The multi interface considers a broken "CONNECT" as a prematurely broken # transfer and such a connection will not get a "LOGOUT" - -A001 CAPABILITY -A002 AUTHENTICATE PLAIN -dXJzZWwAa3VydAB4aXBqM3BsbXE= + +A001 CAPABILITY +A002 AUTHENTICATE PLAIN +dXJzZWwAa3VydAB4aXBqM3BsbXE= diff --git a/tests/data/test85 b/tests/data/test85 index 2acc87cb06..ab9c2287db 100644 --- a/tests/data/test85 +++ b/tests/data/test85 @@ -44,15 +44,15 @@ proxy # # Verify data after the test has been "shot" - -GET http://%HOSTIP:%HTTPPORT/we/want/that/page/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Proxy-Authorization: Basic %b64[testing:this]b64% -Authorization: Basic %b64[iam:myself]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://%HOSTIP:%HTTPPORT/we/want/that/page/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Proxy-Authorization: Basic %b64[testing:this]b64% +Authorization: Basic %b64[iam:myself]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test850 b/tests/data/test850 index f0a9f17d65..c9cf2ffae6 100644 --- a/tests/data/test850 +++ b/tests/data/test850 @@ -38,12 +38,12 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret # # Verify data after the test has been "shot" - -CAPA -USER user -PASS secret -RETR %TESTNUMBER -QUIT + +CAPA +USER user +PASS secret +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test851 b/tests/data/test851 index 3f24c14b34..abecf7daa7 100644 --- a/tests/data/test851 +++ b/tests/data/test851 @@ -33,12 +33,12 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -l -u user:secret # # Verify data after the test has been "shot" - -CAPA -USER user -PASS secret -LIST %TESTNUMBER -QUIT + +CAPA +USER user +PASS secret +LIST %TESTNUMBER +QUIT diff --git a/tests/data/test852 b/tests/data/test852 index ed433862bf..87e47d67ae 100644 --- a/tests/data/test852 +++ b/tests/data/test852 @@ -36,12 +36,12 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -l -u user:secret 8 - -CAPA -USER user -PASS secret -LIST %TESTNUMBER -QUIT + +CAPA +USER user +PASS secret +LIST %TESTNUMBER +QUIT diff --git a/tests/data/test853 b/tests/data/test853 index 3b57e7d086..29c4580452 100644 --- a/tests/data/test853 +++ b/tests/data/test853 @@ -42,12 +42,12 @@ pop3://%HOSTIP:%POP3PORT/ -u user:secret # # Verify data after the test has been "shot" - -CAPA -USER user -PASS secret -LIST -QUIT + +CAPA +USER user +PASS secret +LIST +QUIT diff --git a/tests/data/test854 b/tests/data/test854 index acb32b01f3..4491153803 100644 --- a/tests/data/test854 +++ b/tests/data/test854 @@ -34,12 +34,12 @@ pop3://%HOSTIP:%POP3PORT/ -u user:secret # # Verify data after the test has been "shot" - -CAPA -USER user -PASS secret -LIST -QUIT + +CAPA +USER user +PASS secret +LIST +QUIT diff --git a/tests/data/test855 b/tests/data/test855 index c7c10be651..9e95cad273 100644 --- a/tests/data/test855 +++ b/tests/data/test855 @@ -36,12 +36,12 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret 8 - -CAPA -USER user -PASS secret -RETR %TESTNUMBER -QUIT + +CAPA +USER user +PASS secret +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test856 b/tests/data/test856 index c107612dee..4de4d7270f 100644 --- a/tests/data/test856 +++ b/tests/data/test856 @@ -39,10 +39,10 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:wrong # # The multi interface considers a broken "CONNECT" as a prematurely broken # transfer and such a connection will not get a "QUIT" - -CAPA -USER user -PASS wrong + +CAPA +USER user +PASS wrong diff --git a/tests/data/test857 b/tests/data/test857 index 5868a2d57f..6d1e7daddc 100644 --- a/tests/data/test857 +++ b/tests/data/test857 @@ -49,12 +49,12 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret # # Verify data after the test has been "shot" - -CAPA -USER user -PASS secret -RETR %TESTNUMBER -QUIT + +CAPA +USER user +PASS secret +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test858 b/tests/data/test858 index f119100ecd..0362bb81fe 100644 --- a/tests/data/test858 +++ b/tests/data/test858 @@ -30,12 +30,12 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret -X DELE -I # # Verify data after the test has been "shot" - -CAPA -USER user -PASS secret -DELE %TESTNUMBER -QUIT + +CAPA +USER user +PASS secret +DELE %TESTNUMBER +QUIT diff --git a/tests/data/test859 b/tests/data/test859 index 11ffc068e5..0603d643ea 100644 --- a/tests/data/test859 +++ b/tests/data/test859 @@ -30,12 +30,12 @@ pop3://%HOSTIP:%POP3PORT -u user:secret -X STAT -I # # Verify data after the test has been "shot" - -CAPA -USER user -PASS secret -STAT -QUIT + +CAPA +USER user +PASS secret +STAT +QUIT diff --git a/tests/data/test86 b/tests/data/test86 index ba9c90d7a8..a0e562736f 100644 --- a/tests/data/test86 +++ b/tests/data/test86 @@ -64,22 +64,22 @@ HTTP, urlglob []-retrieval and -o #[num] usage # # Verify data after the test has been "shot" - -GET /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0003 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0003 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + # we check the second file diff --git a/tests/data/test860 b/tests/data/test860 index 5e1f3f611b..10e931f7f2 100644 --- a/tests/data/test860 +++ b/tests/data/test860 @@ -30,12 +30,12 @@ pop3://%HOSTIP:%POP3PORT -u user:secret -X NOOP -I # # Verify data after the test has been "shot" - -CAPA -USER user -PASS secret -NOOP -QUIT + +CAPA +USER user +PASS secret +NOOP +QUIT diff --git a/tests/data/test861 b/tests/data/test861 index 65b44c1cc0..c40d06af14 100644 --- a/tests/data/test861 +++ b/tests/data/test861 @@ -41,12 +41,12 @@ pop3://%HOSTIP:%POP3PORT -u user:secret -X UIDL # # Verify data after the test has been "shot" - -CAPA -USER user -PASS secret -UIDL -QUIT + +CAPA +USER user +PASS secret +UIDL +QUIT diff --git a/tests/data/test862 b/tests/data/test862 index ab0feaa483..73c50ff061 100644 --- a/tests/data/test862 +++ b/tests/data/test862 @@ -39,12 +39,12 @@ pop3://%HOSTIP:%POP3PORT -u user:secret -X 'TOP %TESTNUMBER 0' # # Verify data after the test has been "shot" - -CAPA -USER user -PASS secret -TOP %TESTNUMBER 0 -QUIT + +CAPA +USER user +PASS secret +TOP %TESTNUMBER 0 +QUIT diff --git a/tests/data/test863 b/tests/data/test863 index f7b288baa6..a246652fd9 100644 --- a/tests/data/test863 +++ b/tests/data/test863 @@ -30,12 +30,12 @@ pop3://%HOSTIP:%POP3PORT -u user:secret -X RSET -I # # Verify data after the test has been "shot" - -CAPA -USER user -PASS secret -RSET -QUIT + +CAPA +USER user +PASS secret +RSET +QUIT diff --git a/tests/data/test864 b/tests/data/test864 index 233764f64e..d2ddb8dee9 100644 --- a/tests/data/test864 +++ b/tests/data/test864 @@ -45,11 +45,11 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret # # Verify data after the test has been "shot" - -CAPA -APOP user 7501b4cdc224d469940e65e7b5e4d6eb -RETR %TESTNUMBER -QUIT + +CAPA +APOP user 7501b4cdc224d469940e65e7b5e4d6eb +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test865 b/tests/data/test865 index 59bf1c154b..f88ba45ed4 100644 --- a/tests/data/test865 +++ b/tests/data/test865 @@ -46,12 +46,12 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret # # Verify data after the test has been "shot" - -CAPA -AUTH PLAIN -AHVzZXIAc2VjcmV0 -RETR %TESTNUMBER -QUIT + +CAPA +AUTH PLAIN +AHVzZXIAc2VjcmV0 +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test866 b/tests/data/test866 index adab0d8960..2ea66bab38 100644 --- a/tests/data/test866 +++ b/tests/data/test866 @@ -46,13 +46,13 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret # # Verify data after the test has been "shot" - -CAPA -AUTH LOGIN -dXNlcg== -c2VjcmV0 -RETR %TESTNUMBER -QUIT + +CAPA +AUTH LOGIN +dXNlcg== +c2VjcmV0 +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test867 b/tests/data/test867 index 76ad1aa57c..4db0704c64 100644 --- a/tests/data/test867 +++ b/tests/data/test867 @@ -50,12 +50,12 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret # # Verify data after the test has been "shot" - -CAPA -AUTH CRAM-MD5 -dXNlciA3MDMxNzI1NTk5ZmRiYjVkNDEyNjg5YWEzMjNlM2UwYg== -RETR %TESTNUMBER -QUIT + +CAPA +AUTH CRAM-MD5 +dXNlciA3MDMxNzI1NTk5ZmRiYjVkNDEyNjg5YWEzMjNlM2UwYg== +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test868 b/tests/data/test868 index 6807fa56f1..59284154c9 100644 --- a/tests/data/test868 +++ b/tests/data/test868 @@ -52,13 +52,13 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u testuser:testpass # # Verify data after the test has been "shot" - -CAPA -AUTH NTLM -TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= -RETR %TESTNUMBER -QUIT + +CAPA +AUTH NTLM +TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test869 b/tests/data/test869 index b6f91a266a..588be6f3a1 100644 --- a/tests/data/test869 +++ b/tests/data/test869 @@ -56,13 +56,13 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret # # Verify data after the test has been "shot" - -CAPA -AUTH DIGEST-MD5 -dXNlcm5hbWU9InVzZXIiLHJlYWxtPSJjdXJsIixub25jZT0iNTMwMGQxN2ExZDY5NWJkNDExZTRjZGY5NmY5NTQ4YzIzY2VkNjE3NSIsY25vbmNlPSIzNDMzMzIzMTM1MzMzMjMxMzYzMzMyMzEzNzMzMzIzMSIsbmM9IjAwMDAwMDAxIixkaWdlc3QtdXJpPSJwb3AvMTI3LjAuMC4xIixyZXNwb25zZT0xODMxNTU0OGM3ZjNhMzdlNzE2ZmE4ZTkwZGZhYjliNixxb3A9YXV0aA== - -RETR %TESTNUMBER -QUIT + +CAPA +AUTH DIGEST-MD5 +dXNlcm5hbWU9InVzZXIiLHJlYWxtPSJjdXJsIixub25jZT0iNTMwMGQxN2ExZDY5NWJkNDExZTRjZGY5NmY5NTQ4YzIzY2VkNjE3NSIsY25vbmNlPSIzNDMzMzIzMTM1MzMzMjMxMzYzMzMyMzEzNzMzMzIzMSIsbmM9IjAwMDAwMDAxIixkaWdlc3QtdXJpPSJwb3AvMTI3LjAuMC4xIixyZXNwb25zZT0xODMxNTU0OGM3ZjNhMzdlNzE2ZmE4ZTkwZGZhYjliNixxb3A9YXV0aA== + +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test870 b/tests/data/test870 index b1329da9aa..d0870d3909 100644 --- a/tests/data/test870 +++ b/tests/data/test870 @@ -46,12 +46,12 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user --oauth2-bearer mF_9.B5f-4.1JqM # # Verify data after the test has been "shot" - -CAPA -AUTH XOAUTH2 -dXNlcj11c2VyAWF1dGg9QmVhcmVyIG1GXzkuQjVmLTQuMUpxTQEB -RETR %TESTNUMBER -QUIT + +CAPA +AUTH XOAUTH2 +dXNlcj11c2VyAWF1dGg9QmVhcmVyIG1GXzkuQjVmLTQuMUpxTQEB +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test871 b/tests/data/test871 index 38335177d4..e0afbee001 100644 --- a/tests/data/test871 +++ b/tests/data/test871 @@ -46,11 +46,11 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret --sasl-ir # # Verify data after the test has been "shot" - -CAPA -AUTH PLAIN AHVzZXIAc2VjcmV0 -RETR %TESTNUMBER -QUIT + +CAPA +AUTH PLAIN AHVzZXIAc2VjcmV0 +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test872 b/tests/data/test872 index f6c5974262..439bbf6b14 100644 --- a/tests/data/test872 +++ b/tests/data/test872 @@ -46,12 +46,12 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret --sasl-ir # # Verify data after the test has been "shot" - -CAPA -AUTH LOGIN dXNlcg== -c2VjcmV0 -RETR %TESTNUMBER -QUIT + +CAPA +AUTH LOGIN dXNlcg== +c2VjcmV0 +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test873 b/tests/data/test873 index 0f5f3be9b1..e6ac4057d6 100644 --- a/tests/data/test873 +++ b/tests/data/test873 @@ -52,12 +52,12 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u testuser:testpass --sasl-ir # # Verify data after the test has been "shot" - -CAPA -AUTH NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= -RETR %TESTNUMBER -QUIT + +CAPA +AUTH NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test874 b/tests/data/test874 index 810bc49d17..cbb1fbe137 100644 --- a/tests/data/test874 +++ b/tests/data/test874 @@ -46,11 +46,11 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user --oauth2-bearer mF_9.B5f-4.1JqM --s # # Verify data after the test has been "shot" - -CAPA -AUTH XOAUTH2 dXNlcj11c2VyAWF1dGg9QmVhcmVyIG1GXzkuQjVmLTQuMUpxTQEB -RETR %TESTNUMBER -QUIT + +CAPA +AUTH XOAUTH2 dXNlcj11c2VyAWF1dGg9QmVhcmVyIG1GXzkuQjVmLTQuMUpxTQEB +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test876 b/tests/data/test876 index 3cbed8b5ee..85ea5fe3b1 100644 --- a/tests/data/test876 +++ b/tests/data/test876 @@ -49,10 +49,10 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret # # The multi interface considers a broken "CONNECT" as a prematurely broken # transfer and such a connection will not get a "QUIT" - -CAPA -AUTH CRAM-MD5 -* + +CAPA +AUTH CRAM-MD5 +* diff --git a/tests/data/test877 b/tests/data/test877 index e2cb4b3765..8f4ac37be1 100644 --- a/tests/data/test877 +++ b/tests/data/test877 @@ -50,11 +50,11 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u testuser:testpass # # The multi interface considers a broken "CONNECT" as a prematurely broken # transfer and such a connection will not get a "QUIT" - -CAPA -AUTH NTLM -TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -* + +CAPA +AUTH NTLM +TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +* diff --git a/tests/data/test878 b/tests/data/test878 index fe578c816f..a12e96f02e 100644 --- a/tests/data/test878 +++ b/tests/data/test878 @@ -51,10 +51,10 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret # # The multi interface considers a broken "CONNECT" as a prematurely broken # transfer and such a connection will not get a "QUIT" - -CAPA -AUTH DIGEST-MD5 -* + +CAPA +AUTH DIGEST-MD5 +* diff --git a/tests/data/test879 b/tests/data/test879 index cdf25d02a1..75aed2ba3d 100644 --- a/tests/data/test879 +++ b/tests/data/test879 @@ -54,14 +54,14 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret # # Verify data after the test has been "shot" - -CAPA -AUTH CRAM-MD5 -* -AUTH PLAIN -AHVzZXIAc2VjcmV0 -RETR %TESTNUMBER -QUIT + +CAPA +AUTH CRAM-MD5 +* +AUTH PLAIN +AHVzZXIAc2VjcmV0 +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test880 b/tests/data/test880 index 21536d81f5..bb92f7f296 100644 --- a/tests/data/test880 +++ b/tests/data/test880 @@ -55,15 +55,15 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret # # Verify data after the test has been "shot" - -CAPA -AUTH NTLM -TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -* -AUTH PLAIN -AHVzZXIAc2VjcmV0 -RETR %TESTNUMBER -QUIT + +CAPA +AUTH NTLM +TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +* +AUTH PLAIN +AHVzZXIAc2VjcmV0 +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test881 b/tests/data/test881 index a197cb1e60..16caf49a31 100644 --- a/tests/data/test881 +++ b/tests/data/test881 @@ -56,14 +56,14 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret # # Verify data after the test has been "shot" - -CAPA -AUTH DIGEST-MD5 -* -AUTH PLAIN -AHVzZXIAc2VjcmV0 -RETR %TESTNUMBER -QUIT + +CAPA +AUTH DIGEST-MD5 +* +AUTH PLAIN +AHVzZXIAc2VjcmV0 +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test882 b/tests/data/test882 index b4fa465340..bfecd45070 100644 --- a/tests/data/test882 +++ b/tests/data/test882 @@ -42,17 +42,17 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER001 -u user.one:secret -: pop3://%HOSTIP:%PO # # Verify data after the test has been "shot" - -CAPA -USER user.one -PASS secret -RETR %TESTNUMBER001 -QUIT -CAPA -USER user.two -PASS secret -RETR %TESTNUMBER002 -QUIT + +CAPA +USER user.one +PASS secret +RETR %TESTNUMBER001 +QUIT +CAPA +USER user.two +PASS secret +RETR %TESTNUMBER002 +QUIT diff --git a/tests/data/test883 b/tests/data/test883 index 943d278248..a82a762dc6 100644 --- a/tests/data/test883 +++ b/tests/data/test883 @@ -46,12 +46,12 @@ POP3 external authentication # # Verify data after the test has been "shot" - -CAPA -AUTH EXTERNAL -dXNlcg== -RETR %TESTNUMBER -QUIT + +CAPA +AUTH EXTERNAL +dXNlcg== +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test884 b/tests/data/test884 index 611649c2d2..ebe013fe27 100644 --- a/tests/data/test884 +++ b/tests/data/test884 @@ -46,12 +46,12 @@ POP3 external authentication without credentials # # Verify data after the test has been "shot" - -CAPA -AUTH EXTERNAL -= -RETR %TESTNUMBER -QUIT + +CAPA +AUTH EXTERNAL += +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test885 b/tests/data/test885 index 6d2383874f..16c6810bcf 100644 --- a/tests/data/test885 +++ b/tests/data/test885 @@ -46,11 +46,11 @@ POP3 external authentication with initial response # # Verify data after the test has been "shot" - -CAPA -AUTH EXTERNAL dXNlcg== -RETR %TESTNUMBER -QUIT + +CAPA +AUTH EXTERNAL dXNlcg== +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test886 b/tests/data/test886 index e926fe21a1..f6de7c1db1 100644 --- a/tests/data/test886 +++ b/tests/data/test886 @@ -46,11 +46,11 @@ POP3 external authentication with initial response without credentials # # Verify data after the test has been "shot" - -CAPA -AUTH EXTERNAL = -RETR %TESTNUMBER -QUIT + +CAPA +AUTH EXTERNAL = +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test887 b/tests/data/test887 index ada1ce1a6b..bb40d1b9ce 100644 --- a/tests/data/test887 +++ b/tests/data/test887 @@ -47,12 +47,12 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user --oauth2-bearer mF_9.B5f-4.1JqM # # Verify data after the test has been "shot" - -CAPA -AUTH OAUTHBEARER -%b64[n,a=user,%01host=127.0.0.1%01port=%POP3PORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% -RETR %TESTNUMBER -QUIT + +CAPA +AUTH OAUTHBEARER +%b64[n,a=user,%01host=127.0.0.1%01port=%POP3PORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test888 b/tests/data/test888 index 289f8137e1..2d89a3cf3b 100644 --- a/tests/data/test888 +++ b/tests/data/test888 @@ -47,11 +47,11 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user --oauth2-bearer mF_9.B5f-4.1JqM --s # # Verify data after the test has been "shot" - -CAPA -AUTH OAUTHBEARER %b64[n,a=user,%01host=127.0.0.1%01port=%POP3PORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% -RETR %TESTNUMBER -QUIT + +CAPA +AUTH OAUTHBEARER %b64[n,a=user,%01host=127.0.0.1%01port=%POP3PORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test889 b/tests/data/test889 index 36d0e32d1f..c2982dc17d 100644 --- a/tests/data/test889 +++ b/tests/data/test889 @@ -46,11 +46,11 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user --oauth2-bearer mF_9.B5f-4.1JqM # # The multi interface considers a broken "CONNECT" as a prematurely broken # transfer and such a connection will not get a "QUIT" - -CAPA -AUTH OAUTHBEARER -%b64[n,a=user,%01host=127.0.0.1%01port=%POP3PORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% -AQ== + +CAPA +AUTH OAUTHBEARER +%b64[n,a=user,%01host=127.0.0.1%01port=%POP3PORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% +AQ== diff --git a/tests/data/test89 b/tests/data/test89 index fb621ae2b9..f1a7a539e2 100644 --- a/tests/data/test89 +++ b/tests/data/test89 @@ -106,31 +106,31 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --ntlm -L # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= -User-Agent: curl/%VERSION -Accept: */* - -GET /you/%TESTNUMBER0010 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -User-Agent: curl/%VERSION -Accept: */* - -GET /you/%TESTNUMBER0010 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +User-Agent: curl/%VERSION +Accept: */* + +GET /you/%TESTNUMBER0010 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +User-Agent: curl/%VERSION +Accept: */* + +GET /you/%TESTNUMBER0010 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test890 b/tests/data/test890 index 70ac504597..9107a32e22 100644 --- a/tests/data/test890 +++ b/tests/data/test890 @@ -46,10 +46,10 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user --oauth2-bearer mF_9.B5f-4.1JqM --s # # The multi interface considers a broken "CONNECT" as a prematurely broken # transfer and such a connection will not get a "QUIT" - -CAPA -AUTH OAUTHBEARER %b64[n,a=user,%01host=127.0.0.1%01port=%POP3PORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% -AQ== + +CAPA +AUTH OAUTHBEARER %b64[n,a=user,%01host=127.0.0.1%01port=%POP3PORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% +AQ== diff --git a/tests/data/test891 b/tests/data/test891 index 6d02428005..b0de3be183 100644 --- a/tests/data/test891 +++ b/tests/data/test891 @@ -35,10 +35,10 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret # # Verify data after the test has been "shot" - -CAPA -AUTH CRAM-MD5 -dXNlciA1YzhkYjAzZjA0Y2VjMGY0M2JjYjA2MDAyMzkxNDE5MA== + +CAPA +AUTH CRAM-MD5 +dXNlciA1YzhkYjAzZjA0Y2VjMGY0M2JjYjA2MDAyMzkxNDE5MA== # CURLE_LOGIN_DENIED diff --git a/tests/data/test892 b/tests/data/test892 index c77b35da8a..67f9711568 100644 --- a/tests/data/test892 +++ b/tests/data/test892 @@ -46,12 +46,12 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret --sasl-authzid shared-mailbo # # Verify data after the test has been "shot" - -CAPA -AUTH PLAIN -c2hhcmVkLW1haWxib3gAdXNlcgBzZWNyZXQ= -RETR %TESTNUMBER -QUIT + +CAPA +AUTH PLAIN +c2hhcmVkLW1haWxib3gAdXNlcgBzZWNyZXQ= +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test893 b/tests/data/test893 index 021b4d5257..3db486b0d0 100644 --- a/tests/data/test893 +++ b/tests/data/test893 @@ -44,10 +44,10 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u kurt:xipj3plmq --sasl-authzid ursel # # The multi interface considers a broken "CONNECT" as a prematurely broken # transfer and such a connection will not get a "QUIT" - -CAPA -AUTH PLAIN -dXJzZWwAa3VydAB4aXBqM3BsbXE= + +CAPA +AUTH PLAIN +dXJzZWwAa3VydAB4aXBqM3BsbXE= diff --git a/tests/data/test895 b/tests/data/test895 index dbf17fdc40..79f9a9984e 100644 --- a/tests/data/test895 +++ b/tests/data/test895 @@ -39,12 +39,12 @@ IMAP with --login-options 'AUTH=*' # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 LOGIN "\"user" "sec\"ret{" -A003 SELECT %TESTNUMBER -A004 FETCH 1 BODY[] -A005 LOGOUT + +A001 CAPABILITY +A002 LOGIN "\"user" "sec\"ret{" +A003 SELECT %TESTNUMBER +A004 FETCH 1 BODY[] +A005 LOGOUT diff --git a/tests/data/test897 b/tests/data/test897 index fe7e1e70a0..8e59d75d14 100644 --- a/tests/data/test897 +++ b/tests/data/test897 @@ -38,12 +38,12 @@ IMAP and envelope meta data after body transfer # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 LOGIN user secret -A003 SELECT %TESTNUMBER -A004 FETCH 123 BODY[1] -A005 LOGOUT + +A001 CAPABILITY +A002 LOGIN user secret +A003 SELECT %TESTNUMBER +A004 FETCH 123 BODY[1] +A005 LOGOUT _ _ ____ _ diff --git a/tests/data/test898 b/tests/data/test898 index 4d22862d4a..78213414e5 100644 --- a/tests/data/test898 +++ b/tests/data/test898 @@ -74,21 +74,21 @@ HTTP with custom auth and cookies redirected to HTTP on a diff port # # Verify data after the test has been "shot" - -GET http://firsthost.com/ HTTP/1.1 -Host: firsthost.com -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Authorization: Basic %b64[joe:secret]b64% -Cookie: userpwd=am9lOnNlY3JldA== - -GET http://firsthost.com:9999/a/path/%TESTNUMBER0002 HTTP/1.1 -Host: firsthost.com:9999 -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://firsthost.com/ HTTP/1.1 +Host: firsthost.com +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Authorization: Basic %b64[joe:secret]b64% +Cookie: userpwd=am9lOnNlY3JldA== + +GET http://firsthost.com:9999/a/path/%TESTNUMBER0002 HTTP/1.1 +Host: firsthost.com:9999 +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test90 b/tests/data/test90 index b043ce0431..98c4073766 100644 --- a/tests/data/test90 +++ b/tests/data/test90 @@ -144,41 +144,41 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --anyauth -L # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= -User-Agent: curl/%VERSION -Accept: */* - -GET /you/%TESTNUMBER0010 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /you/%TESTNUMBER0010 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -User-Agent: curl/%VERSION -Accept: */* - -GET /you/%TESTNUMBER0010 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +User-Agent: curl/%VERSION +Accept: */* + +GET /you/%TESTNUMBER0010 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /you/%TESTNUMBER0010 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +User-Agent: curl/%VERSION +Accept: */* + +GET /you/%TESTNUMBER0010 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test900 b/tests/data/test900 index f3aae4b631..14644401b3 100644 --- a/tests/data/test900 +++ b/tests/data/test900 @@ -35,12 +35,12 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +DATA +QUIT From: different diff --git a/tests/data/test901 b/tests/data/test901 index a97233d871..043f3fad49 100644 --- a/tests/data/test901 +++ b/tests/data/test901 @@ -39,25 +39,25 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +DATA +QUIT - -From: different -To: another - - -.. -.. - -.. - -body -. + +From: different +To: another + + +.. +.. + +.. + +body +. diff --git a/tests/data/test902 b/tests/data/test902 index 961fc7bfbf..809a15d03f 100644 --- a/tests/data/test902 +++ b/tests/data/test902 @@ -38,20 +38,20 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -HELO %TESTNUMBER -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +HELO %TESTNUMBER +MAIL FROM: +RCPT TO: +DATA +QUIT - -From: different -To: another - -body -. + +From: different +To: another + +body +. diff --git a/tests/data/test903 b/tests/data/test903 index f4d616ec67..fb2ff01278 100644 --- a/tests/data/test903 +++ b/tests/data/test903 @@ -39,18 +39,18 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -AUTH PLAIN -AHVzZXIAc2VjcmV0 -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +AUTH PLAIN +AHVzZXIAc2VjcmV0 +MAIL FROM: +RCPT TO: +DATA +QUIT - -mail body -. + +mail body +. diff --git a/tests/data/test904 b/tests/data/test904 index b5916ef419..ee797b1600 100644 --- a/tests/data/test904 +++ b/tests/data/test904 @@ -39,19 +39,19 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -AUTH LOGIN -dXNlcg== -c2VjcmV0 -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +AUTH LOGIN +dXNlcg== +c2VjcmV0 +MAIL FROM: +RCPT TO: +DATA +QUIT - -mail body -. + +mail body +. diff --git a/tests/data/test905 b/tests/data/test905 index 9f8d417a44..15114e5b5a 100644 --- a/tests/data/test905 +++ b/tests/data/test905 @@ -43,18 +43,18 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -AUTH CRAM-MD5 -dXNlciA3MDMxNzI1NTk5ZmRiYjVkNDEyNjg5YWEzMjNlM2UwYg== -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +AUTH CRAM-MD5 +dXNlciA3MDMxNzI1NTk5ZmRiYjVkNDEyNjg5YWEzMjNlM2UwYg== +MAIL FROM: +RCPT TO: +DATA +QUIT - -mail body -. + +mail body +. diff --git a/tests/data/test906 b/tests/data/test906 index 863dce698c..5e3ea35ceb 100644 --- a/tests/data/test906 +++ b/tests/data/test906 @@ -45,19 +45,19 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -AUTH NTLM -TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +AUTH NTLM +TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +MAIL FROM: +RCPT TO: +DATA +QUIT - -mail body -. + +mail body +. diff --git a/tests/data/test907 b/tests/data/test907 index 9fddbc0de8..3bd4612dd8 100644 --- a/tests/data/test907 +++ b/tests/data/test907 @@ -49,19 +49,19 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -AUTH DIGEST-MD5 -dXNlcm5hbWU9InVzZXIiLHJlYWxtPSJjdXJsIixub25jZT0iNTMwMGQxN2ExZDY5NWJkNDExZTRjZGY5NmY5NTQ4YzIzY2VkNjE3NSIsY25vbmNlPSIzNDMzMzIzMTM1MzMzMjMxMzYzMzMyMzEzNzMzMzIzMSIsbmM9IjAwMDAwMDAxIixkaWdlc3QtdXJpPSJzbXRwLzEyNy4wLjAuMSIscmVzcG9uc2U9YTI3YzQzOTVmMzM4Njc0M2JlMTIyMDdiN2QxMTIxYzUscW9wPWF1dGg= - -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +AUTH DIGEST-MD5 +dXNlcm5hbWU9InVzZXIiLHJlYWxtPSJjdXJsIixub25jZT0iNTMwMGQxN2ExZDY5NWJkNDExZTRjZGY5NmY5NTQ4YzIzY2VkNjE3NSIsY25vbmNlPSIzNDMzMzIzMTM1MzMzMjMxMzYzMzMyMzEzNzMzMzIzMSIsbmM9IjAwMDAwMDAxIixkaWdlc3QtdXJpPSJzbXRwLzEyNy4wLjAuMSIscmVzcG9uc2U9YTI3YzQzOTVmMzM4Njc0M2JlMTIyMDdiN2QxMTIxYzUscW9wPWF1dGg= + +MAIL FROM: +RCPT TO: +DATA +QUIT - -mail body -. + +mail body +. diff --git a/tests/data/test908 b/tests/data/test908 index 202977a64a..d1a1bdbdc7 100644 --- a/tests/data/test908 +++ b/tests/data/test908 @@ -39,18 +39,18 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -AUTH XOAUTH2 -dXNlcj11c2VyAWF1dGg9QmVhcmVyIG1GXzkuQjVmLTQuMUpxTQEB -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +AUTH XOAUTH2 +dXNlcj11c2VyAWF1dGg9QmVhcmVyIG1GXzkuQjVmLTQuMUpxTQEB +MAIL FROM: +RCPT TO: +DATA +QUIT - -mail body -. + +mail body +. diff --git a/tests/data/test909 b/tests/data/test909 index e054e49351..2c543fe1af 100644 --- a/tests/data/test909 +++ b/tests/data/test909 @@ -33,19 +33,19 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +DATA +QUIT - -From: different -To: another - -body -. + +From: different +To: another + +body +. diff --git a/tests/data/test91 b/tests/data/test91 index 37d8e4e36c..cd15c80e1c 100644 --- a/tests/data/test91 +++ b/tests/data/test91 @@ -90,24 +90,24 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --anyauth -u mydomain\\myself:secret # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAgACABwAAAABgAGAHgAAAALAAsAfgAAAAAAAAAAAAAAhoIBAMIyJpR5mHpg2FZha5kRaFZ9436GAxPu0C5llxexSQ5QzVkiLSfkcpVyRgCXXqR+Am15ZG9tYWlubXlzZWxmV09SS1NUQVRJT04= -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAgACABwAAAABgAGAHgAAAALAAsAfgAAAAAAAAAAAAAAhoIBAMIyJpR5mHpg2FZha5kRaFZ9436GAxPu0C5llxexSQ5QzVkiLSfkcpVyRgCXXqR+Am15ZG9tYWlubXlzZWxmV09SS1NUQVRJT04= +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test910 b/tests/data/test910 index 521318ace5..21a3ef2044 100644 --- a/tests/data/test910 +++ b/tests/data/test910 @@ -33,19 +33,19 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +DATA +QUIT - -From: different -To: another - -body -. + +From: different +To: another + +body +. diff --git a/tests/data/test911 b/tests/data/test911 index b0c5d0eb82..0ee44f2b84 100644 --- a/tests/data/test911 +++ b/tests/data/test911 @@ -32,15 +32,15 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +DATA +QUIT - -. + +. diff --git a/tests/data/test912 b/tests/data/test912 index 4977a4e821..b45d603f9d 100644 --- a/tests/data/test912 +++ b/tests/data/test912 @@ -37,19 +37,19 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -MAIL FROM: SIZE=38 -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +MAIL FROM: SIZE=38 +RCPT TO: +DATA +QUIT - -From: different -To: another - -body -. + +From: different +To: another + +body +. diff --git a/tests/data/test913 b/tests/data/test913 index a0aed0072b..81a46ca2bd 100644 --- a/tests/data/test913 +++ b/tests/data/test913 @@ -41,10 +41,10 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr 55 - -EHLO %TESTNUMBER -MAIL FROM: SIZE=38 -QUIT + +EHLO %TESTNUMBER +MAIL FROM: SIZE=38 +QUIT diff --git a/tests/data/test914 b/tests/data/test914 index 56ae524b0a..2595dbccff 100644 --- a/tests/data/test914 +++ b/tests/data/test914 @@ -40,10 +40,10 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr 55 - -EHLO %TESTNUMBER -MAIL FROM: -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +QUIT diff --git a/tests/data/test915 b/tests/data/test915 index 9211c34079..6b76e62f13 100644 --- a/tests/data/test915 +++ b/tests/data/test915 @@ -33,19 +33,19 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com -T - # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -MAIL FROM:<> -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +MAIL FROM:<> +RCPT TO: +DATA +QUIT - -From: different -To: another - -body -. + +From: different +To: another + +body +. diff --git a/tests/data/test916 b/tests/data/test916 index 677a647fd3..138277d580 100644 --- a/tests/data/test916 +++ b/tests/data/test916 @@ -37,11 +37,11 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt invalid --mail-from sender@exam 55 - -EHLO %TESTNUMBER -MAIL FROM: -RCPT TO: -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +QUIT diff --git a/tests/data/test917 b/tests/data/test917 index d53fbd10c3..8607758aa5 100644 --- a/tests/data/test917 +++ b/tests/data/test917 @@ -33,23 +33,23 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient.one@example.com --mai # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -MAIL FROM: -RCPT TO: -RCPT TO: -RCPT TO: -RCPT TO: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +RCPT TO: +RCPT TO: +RCPT TO: +RCPT TO: +DATA +QUIT - -From: different -To: another - -body -. + +From: different +To: another + +body +. diff --git a/tests/data/test918 b/tests/data/test918 index c49128fa91..54485cbb20 100644 --- a/tests/data/test918 +++ b/tests/data/test918 @@ -37,12 +37,12 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient.one@example.com --mai 55 - -EHLO %TESTNUMBER -MAIL FROM: -RCPT TO: -RCPT TO: -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +RCPT TO: +QUIT diff --git a/tests/data/test919 b/tests/data/test919 index 833a67c97b..7448b8a173 100644 --- a/tests/data/test919 +++ b/tests/data/test919 @@ -39,17 +39,17 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -AUTH PLAIN AHVzZXIAc2VjcmV0 -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +AUTH PLAIN AHVzZXIAc2VjcmV0 +MAIL FROM: +RCPT TO: +DATA +QUIT - -mail body -. + +mail body +. diff --git a/tests/data/test92 b/tests/data/test92 index f6250d1962..341f16b230 100644 --- a/tests/data/test92 +++ b/tests/data/test92 @@ -10,32 +10,32 @@ Resume # Server-side - -HTTP/1.1 416 Requested Range Not Satisfiable -Date: Fri, 24 Oct 2003 21:33:12 GMT -Server: Apache/1.3.19 (Unix) (Red-Hat/Linux) mod_ssl/2.8.1 OpenSSL/0.9.6 PHP/4.3.1 -Last-Modified: Fri, 24 Oct 2003 18:01:23 GMT -ETag: "ab57a-507-3f9968f3" -Accept-Ranges: bytes -Content-Length: 4 -Content-Range: bytes */87 -Content-Type: image/gif - + +HTTP/1.1 416 Requested Range Not Satisfiable +Date: Fri, 24 Oct 2003 21:33:12 GMT +Server: Apache/1.3.19 (Unix) (Red-Hat/Linux) mod_ssl/2.8.1 OpenSSL/0.9.6 PHP/4.3.1 +Last-Modified: Fri, 24 Oct 2003 18:01:23 GMT +ETag: "ab57a-507-3f9968f3" +Accept-Ranges: bytes +Content-Length: 4 +Content-Range: bytes */87 +Content-Type: image/gif + bad # The body should be ignored. - -HTTP/1.1 416 Requested Range Not Satisfiable -Date: Fri, 24 Oct 2003 21:33:12 GMT -Server: Apache/1.3.19 (Unix) (Red-Hat/Linux) mod_ssl/2.8.1 OpenSSL/0.9.6 PHP/4.3.1 -Last-Modified: Fri, 24 Oct 2003 18:01:23 GMT -ETag: "ab57a-507-3f9968f3" -Accept-Ranges: bytes -Content-Length: 4 -Content-Range: bytes */87 -Content-Type: image/gif - + +HTTP/1.1 416 Requested Range Not Satisfiable +Date: Fri, 24 Oct 2003 21:33:12 GMT +Server: Apache/1.3.19 (Unix) (Red-Hat/Linux) mod_ssl/2.8.1 OpenSSL/0.9.6 PHP/4.3.1 +Last-Modified: Fri, 24 Oct 2003 18:01:23 GMT +ETag: "ab57a-507-3f9968f3" +Accept-Ranges: bytes +Content-Length: 4 +Content-Range: bytes */87 +Content-Type: image/gif + @@ -54,13 +54,13 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -C 87 # Verify data after the test has been "shot" - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Range: bytes=87- -User-Agent: curl/%VERSION -Accept: */* - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Range: bytes=87- +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test920 b/tests/data/test920 index ac9af7d7bf..1445db2413 100644 --- a/tests/data/test920 +++ b/tests/data/test920 @@ -39,18 +39,18 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -AUTH LOGIN dXNlcg== -c2VjcmV0 -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +AUTH LOGIN dXNlcg== +c2VjcmV0 +MAIL FROM: +RCPT TO: +DATA +QUIT - -mail body -. + +mail body +. diff --git a/tests/data/test921 b/tests/data/test921 index 36820ceb74..fbf338081e 100644 --- a/tests/data/test921 +++ b/tests/data/test921 @@ -45,18 +45,18 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -AUTH NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +AUTH NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +MAIL FROM: +RCPT TO: +DATA +QUIT - -mail body -. + +mail body +. diff --git a/tests/data/test922 b/tests/data/test922 index 554c0965a5..76d891296f 100644 --- a/tests/data/test922 +++ b/tests/data/test922 @@ -39,17 +39,17 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -AUTH XOAUTH2 dXNlcj11c2VyAWF1dGg9QmVhcmVyIG1GXzkuQjVmLTQuMUpxTQEB -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +AUTH XOAUTH2 dXNlcj11c2VyAWF1dGg9QmVhcmVyIG1GXzkuQjVmLTQuMUpxTQEB +MAIL FROM: +RCPT TO: +DATA +QUIT - -mail body -. + +mail body +. diff --git a/tests/data/test923 b/tests/data/test923 index 19cdd9667e..85cc5be4e3 100644 --- a/tests/data/test923 +++ b/tests/data/test923 @@ -28,10 +28,10 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -VRFY recipient -QUIT + +EHLO %TESTNUMBER +VRFY recipient +QUIT diff --git a/tests/data/test924 b/tests/data/test924 index 3a37a5e3c8..5554258370 100644 --- a/tests/data/test924 +++ b/tests/data/test924 @@ -34,10 +34,10 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt smith # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -VRFY smith -QUIT + +EHLO %TESTNUMBER +VRFY smith +QUIT diff --git a/tests/data/test925 b/tests/data/test925 index 073f1e3a9b..7640230969 100644 --- a/tests/data/test925 +++ b/tests/data/test925 @@ -31,10 +31,10 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt user@example.net # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -VRFY user@example.net -QUIT + +EHLO %TESTNUMBER +VRFY user@example.net +QUIT diff --git a/tests/data/test926 b/tests/data/test926 index 4e9623ceb5..8b76424a6f 100644 --- a/tests/data/test926 +++ b/tests/data/test926 @@ -35,10 +35,10 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient 8 - -EHLO %TESTNUMBER -VRFY recipient -QUIT + +EHLO %TESTNUMBER +VRFY recipient +QUIT diff --git a/tests/data/test927 b/tests/data/test927 index fb86a19401..f2edc050f9 100644 --- a/tests/data/test927 +++ b/tests/data/test927 @@ -34,10 +34,10 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt Friends -X EXPN # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -EXPN Friends -QUIT + +EHLO %TESTNUMBER +EXPN Friends +QUIT diff --git a/tests/data/test928 b/tests/data/test928 index 4c5ab9eafb..33ae7b7d00 100644 --- a/tests/data/test928 +++ b/tests/data/test928 @@ -32,10 +32,10 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -HELP -QUIT + +EHLO %TESTNUMBER +HELP +QUIT diff --git a/tests/data/test929 b/tests/data/test929 index 1274921f9b..956f5fc9b4 100644 --- a/tests/data/test929 +++ b/tests/data/test929 @@ -29,10 +29,10 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER -X NOOP -I # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -NOOP -QUIT + +EHLO %TESTNUMBER +NOOP +QUIT diff --git a/tests/data/test93 b/tests/data/test93 index 83d2b61022..1d6cdcc95b 100644 --- a/tests/data/test93 +++ b/tests/data/test93 @@ -39,13 +39,13 @@ proxy # # Verify data after the test has been "shot" - -GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test930 b/tests/data/test930 index 94a9257761..628777526d 100644 --- a/tests/data/test930 +++ b/tests/data/test930 @@ -29,10 +29,10 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER -X RSET -I # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -RSET -QUIT + +EHLO %TESTNUMBER +RSET +QUIT diff --git a/tests/data/test932 b/tests/data/test932 index e2c9b29a8b..2ea2b0910f 100644 --- a/tests/data/test932 +++ b/tests/data/test932 @@ -48,10 +48,10 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # The multi interface considers a broken "CONNECT" as a prematurely broken # transfer and such a connection will not get a "QUIT" - -EHLO %TESTNUMBER -AUTH CRAM-MD5 -* + +EHLO %TESTNUMBER +AUTH CRAM-MD5 +* diff --git a/tests/data/test933 b/tests/data/test933 index 3c25ffa5ca..3c3a5c6be6 100644 --- a/tests/data/test933 +++ b/tests/data/test933 @@ -49,11 +49,11 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # The multi interface considers a broken "CONNECT" as a prematurely broken # transfer and such a connection will not get a "QUIT" - -EHLO %TESTNUMBER -AUTH NTLM -TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -* + +EHLO %TESTNUMBER +AUTH NTLM +TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +* diff --git a/tests/data/test934 b/tests/data/test934 index 891232e5b8..3f74a625e3 100644 --- a/tests/data/test934 +++ b/tests/data/test934 @@ -50,10 +50,10 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # The multi interface considers a broken "CONNECT" as a prematurely broken # transfer and such a connection will not get a "QUIT" - -EHLO %TESTNUMBER -AUTH DIGEST-MD5 -* + +EHLO %TESTNUMBER +AUTH DIGEST-MD5 +* diff --git a/tests/data/test935 b/tests/data/test935 index 57a4c36ca5..dd13a6294b 100644 --- a/tests/data/test935 +++ b/tests/data/test935 @@ -47,20 +47,20 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -AUTH CRAM-MD5 -* -AUTH PLAIN -AHVzZXIAc2VjcmV0 -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +AUTH CRAM-MD5 +* +AUTH PLAIN +AHVzZXIAc2VjcmV0 +MAIL FROM: +RCPT TO: +DATA +QUIT - -mail body -. + +mail body +. diff --git a/tests/data/test936 b/tests/data/test936 index 723cebca37..f829b25e9b 100644 --- a/tests/data/test936 +++ b/tests/data/test936 @@ -48,21 +48,21 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -AUTH NTLM -TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -* -AUTH PLAIN -AHVzZXIAc2VjcmV0 -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +AUTH NTLM +TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +* +AUTH PLAIN +AHVzZXIAc2VjcmV0 +MAIL FROM: +RCPT TO: +DATA +QUIT - -mail body -. + +mail body +. diff --git a/tests/data/test937 b/tests/data/test937 index ddd2037e84..8a3bfcd4b6 100644 --- a/tests/data/test937 +++ b/tests/data/test937 @@ -49,20 +49,20 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -AUTH DIGEST-MD5 -* -AUTH PLAIN -AHVzZXIAc2VjcmV0 -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +AUTH DIGEST-MD5 +* +AUTH PLAIN +AHVzZXIAc2VjcmV0 +MAIL FROM: +RCPT TO: +DATA +QUIT - -mail body -. + +mail body +. diff --git a/tests/data/test938 b/tests/data/test938 index 475572b070..af1d4c834a 100644 --- a/tests/data/test938 +++ b/tests/data/test938 @@ -41,25 +41,25 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER001 --mail-rcpt recipient@example.com --mail # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER001 -AUTH PLAIN -dXNlci5vbmUAdXNlci5vbmUAc2VjcmV0 -MAIL FROM: -RCPT TO: -DATA -QUIT -EHLO %TESTNUMBER002 -AUTH PLAIN -dXNlci50d28AdXNlci50d28Ac2VjcmV0 -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER001 +AUTH PLAIN +dXNlci5vbmUAdXNlci5vbmUAc2VjcmV0 +MAIL FROM: +RCPT TO: +DATA +QUIT +EHLO %TESTNUMBER002 +AUTH PLAIN +dXNlci50d28AdXNlci50d28Ac2VjcmV0 +MAIL FROM: +RCPT TO: +DATA +QUIT - -mail body -. + +mail body +. diff --git a/tests/data/test939 b/tests/data/test939 index e1424d2ddb..d0e284574f 100644 --- a/tests/data/test939 +++ b/tests/data/test939 @@ -34,17 +34,17 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -HELO %TESTNUMBER -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +HELO %TESTNUMBER +MAIL FROM: +RCPT TO: +DATA +QUIT - -mail body -. + +mail body +. diff --git a/tests/data/test94 b/tests/data/test94 index eb745d1df4..4840bd1f42 100644 --- a/tests/data/test94 +++ b/tests/data/test94 @@ -45,12 +45,12 @@ https://test.anything.really.com:%TESTNUMBER --proxy1.0 %HOSTIP:%HTTPPORT 56 - -CONNECT test.anything.really.com:%TESTNUMBER HTTP/1.0 -Host: test.anything.really.com:%TESTNUMBER -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - + +CONNECT test.anything.really.com:%TESTNUMBER HTTP/1.0 +Host: test.anything.really.com:%TESTNUMBER +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test940 b/tests/data/test940 index afc9da0c93..eb9d4a6fb9 100644 --- a/tests/data/test940 +++ b/tests/data/test940 @@ -30,16 +30,16 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +DATA +QUIT - -mail body -. + +mail body +. diff --git a/tests/data/test941 b/tests/data/test941 index 7b7669fdd9..36544e43c8 100644 --- a/tests/data/test941 +++ b/tests/data/test941 @@ -42,27 +42,27 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +DATA +QUIT - -From: different -To: another - -email -headers and body -with Unix newlines -meant to be -converted -with -the ---crlf option -%repeat[650 x 0123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 %0a]% -. + +From: different +To: another + +email +headers and body +with Unix newlines +meant to be +converted +with +the +--crlf option +%repeat[650 x 0123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789%0d%0a]% +. diff --git a/tests/data/test942 b/tests/data/test942 index 2286c20e6f..ba9b9a19eb 100644 --- a/tests/data/test942 +++ b/tests/data/test942 @@ -39,18 +39,18 @@ mail body # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -AUTH EXTERNAL -dXNlcg== -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +AUTH EXTERNAL +dXNlcg== +MAIL FROM: +RCPT TO: +DATA +QUIT - -mail body -. + +mail body +. diff --git a/tests/data/test943 b/tests/data/test943 index 80e935fede..426beae6e6 100644 --- a/tests/data/test943 +++ b/tests/data/test943 @@ -39,18 +39,18 @@ mail body # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -AUTH EXTERNAL -= -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +AUTH EXTERNAL += +MAIL FROM: +RCPT TO: +DATA +QUIT - -mail body -. + +mail body +. diff --git a/tests/data/test944 b/tests/data/test944 index 0dfaefb716..f87fb3b3e4 100644 --- a/tests/data/test944 +++ b/tests/data/test944 @@ -39,17 +39,17 @@ mail body # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -AUTH EXTERNAL dXNlcg== -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +AUTH EXTERNAL dXNlcg== +MAIL FROM: +RCPT TO: +DATA +QUIT - -mail body -. + +mail body +. diff --git a/tests/data/test945 b/tests/data/test945 index 5b64127644..239c3270d3 100644 --- a/tests/data/test945 +++ b/tests/data/test945 @@ -39,17 +39,17 @@ mail body # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -AUTH EXTERNAL = -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +AUTH EXTERNAL = +MAIL FROM: +RCPT TO: +DATA +QUIT - -mail body -. + +mail body +. diff --git a/tests/data/test946 b/tests/data/test946 index b306180aaa..6c1765bec4 100644 --- a/tests/data/test946 +++ b/tests/data/test946 @@ -40,18 +40,18 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -AUTH OAUTHBEARER -%b64[n,a=user,%01host=127.0.0.1%01port=%SMTPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +AUTH OAUTHBEARER +%b64[n,a=user,%01host=127.0.0.1%01port=%SMTPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% +MAIL FROM: +RCPT TO: +DATA +QUIT - -mail body -. + +mail body +. diff --git a/tests/data/test947 b/tests/data/test947 index 5ca2be6714..c7e4c25037 100644 --- a/tests/data/test947 +++ b/tests/data/test947 @@ -40,17 +40,17 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -AUTH OAUTHBEARER %b64[n,a=user,%01host=127.0.0.1%01port=%SMTPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +AUTH OAUTHBEARER %b64[n,a=user,%01host=127.0.0.1%01port=%SMTPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% +MAIL FROM: +RCPT TO: +DATA +QUIT - -mail body -. + +mail body +. diff --git a/tests/data/test948 b/tests/data/test948 index 9b6aefdc63..c072b3a25c 100644 --- a/tests/data/test948 +++ b/tests/data/test948 @@ -48,11 +48,11 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # The multi interface considers a broken "CONNECT" as a prematurely broken # transfer and such a connection will not get a "QUIT" - -EHLO %TESTNUMBER -AUTH OAUTHBEARER -%b64[n,a=user,%01host=127.0.0.1%01port=%SMTPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% -AQ== + +EHLO %TESTNUMBER +AUTH OAUTHBEARER +%b64[n,a=user,%01host=127.0.0.1%01port=%SMTPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% +AQ== diff --git a/tests/data/test949 b/tests/data/test949 index 0a6be43b37..24fdaa4e2a 100644 --- a/tests/data/test949 +++ b/tests/data/test949 @@ -48,10 +48,10 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # The multi interface considers a broken "CONNECT" as a prematurely broken # transfer and such a connection will not get a "QUIT" - -EHLO %TESTNUMBER -AUTH OAUTHBEARER %b64[n,a=user,%01host=127.0.0.1%01port=%SMTPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% -AQ== + +EHLO %TESTNUMBER +AUTH OAUTHBEARER %b64[n,a=user,%01host=127.0.0.1%01port=%SMTPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% +AQ== diff --git a/tests/data/test950 b/tests/data/test950 index 6628f00434..670cf8f7e5 100644 --- a/tests/data/test950 +++ b/tests/data/test950 @@ -34,10 +34,10 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient --request "vrfy" # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -vrfy recipient -QUIT + +EHLO %TESTNUMBER +vrfy recipient +QUIT diff --git a/tests/data/test951 b/tests/data/test951 index 2b93150471..c703d3d6ad 100644 --- a/tests/data/test951 +++ b/tests/data/test951 @@ -30,16 +30,16 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +DATA +QUIT - -..This first line starts with a dot -. + +..This first line starts with a dot +. diff --git a/tests/data/test952 b/tests/data/test952 index 716310df65..e78cd3569a 100644 --- a/tests/data/test952 +++ b/tests/data/test952 @@ -30,16 +30,16 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +DATA +QUIT - -.. -. + +.. +. diff --git a/tests/data/test953 b/tests/data/test953 index f293f896e8..e5a1ad8d79 100644 --- a/tests/data/test953 +++ b/tests/data/test953 @@ -39,18 +39,18 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -AUTH PLAIN -dXJzZWwAa3VydAB4aXBqM3BsbXE= -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +AUTH PLAIN +dXJzZWwAa3VydAB4aXBqM3BsbXE= +MAIL FROM: +RCPT TO: +DATA +QUIT - -mail body -. + +mail body +. diff --git a/tests/data/test954 b/tests/data/test954 index b8376669ce..58292372f3 100644 --- a/tests/data/test954 +++ b/tests/data/test954 @@ -46,10 +46,10 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # The multi interface considers a broken "CONNECT" as a prematurely broken # transfer and such a connection will not get a "QUIT" - -EHLO %TESTNUMBER -AUTH PLAIN -dXJzZWwAa3VydAB4aXBqM3BsbXE= + +EHLO %TESTNUMBER +AUTH PLAIN +dXJzZWwAa3VydAB4aXBqM3BsbXE= diff --git a/tests/data/test955 b/tests/data/test955 index 633c2e369d..adb5558bc6 100644 --- a/tests/data/test955 +++ b/tests/data/test955 @@ -47,10 +47,10 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr 55 - -EHLO %TESTNUMBER -MAIL FROM: -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +QUIT diff --git a/tests/data/test956 b/tests/data/test956 index 9472e96e15..fb78275a91 100644 --- a/tests/data/test956 +++ b/tests/data/test956 @@ -44,11 +44,11 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt St%hex[%c3%b6]hex%dmottagaren@e 55 - -EHLO %TESTNUMBER -MAIL FROM: -RCPT TO: -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +QUIT diff --git a/tests/data/test957 b/tests/data/test957 index 671d73bbf2..1656416c8a 100644 --- a/tests/data/test957 +++ b/tests/data/test957 @@ -39,10 +39,10 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt Anv%hex[%c3%a4]hex%ndaren 8 - -EHLO %TESTNUMBER -VRFY Anv%hex[%c3%a4]hex%ndaren -QUIT + +EHLO %TESTNUMBER +VRFY Anv%hex[%c3%a4]hex%ndaren +QUIT diff --git a/tests/data/test958 b/tests/data/test958 index 203254bfc2..4809f6bf25 100644 --- a/tests/data/test958 +++ b/tests/data/test958 @@ -39,10 +39,10 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt Anv%hex[%c3%a4]hex%ndaren@examp 8 - -EHLO %TESTNUMBER -VRFY Anv%hex[%c3%a4]hex%ndaren@example.com -QUIT + +EHLO %TESTNUMBER +VRFY Anv%hex[%c3%a4]hex%ndaren@example.com +QUIT diff --git a/tests/data/test959 b/tests/data/test959 index 5693e34944..07736ff0a9 100644 --- a/tests/data/test959 +++ b/tests/data/test959 @@ -48,10 +48,10 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr 55 - -EHLO %TESTNUMBER -MAIL FROM: -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +QUIT diff --git a/tests/data/test960 b/tests/data/test960 index ced2ba0b54..52013ac5cf 100644 --- a/tests/data/test960 +++ b/tests/data/test960 @@ -45,11 +45,11 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@%hex[%c3%a5%c3%a4%c3% 55 - -EHLO %TESTNUMBER -MAIL FROM: -RCPT TO: -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +QUIT diff --git a/tests/data/test961 b/tests/data/test961 index c52d5df344..a78059450c 100644 --- a/tests/data/test961 +++ b/tests/data/test961 @@ -40,10 +40,10 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt user@%hex[%c3%a5%c3%a4%c3%b6]he 8 - -EHLO %TESTNUMBER -VRFY user@%hex[%c3%a5%c3%a4%c3%b6]hex%.se -QUIT + +EHLO %TESTNUMBER +VRFY user@%hex[%c3%a5%c3%a4%c3%b6]hex%.se +QUIT diff --git a/tests/data/test962 b/tests/data/test962 index 3f737b65ea..4625b01138 100644 --- a/tests/data/test962 +++ b/tests/data/test962 @@ -42,19 +42,19 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +DATA +QUIT - -From: different -To: another - -body -. + +From: different +To: another + +body +. diff --git a/tests/data/test963 b/tests/data/test963 index bce626c5e3..06245f6080 100644 --- a/tests/data/test963 +++ b/tests/data/test963 @@ -42,19 +42,19 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@%hex[%c3%a5%c3%a4%c3% # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +DATA +QUIT - -From: different -To: another - -body -. + +From: different +To: another + +body +. diff --git a/tests/data/test964 b/tests/data/test964 index 04e5b1c152..bf802faa0c 100644 --- a/tests/data/test964 +++ b/tests/data/test964 @@ -37,10 +37,10 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt user@%hex[%c3%a5%c3%a4%c3%b6]he # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -VRFY user@xn--4cab6c.se -QUIT + +EHLO %TESTNUMBER +VRFY user@xn--4cab6c.se +QUIT diff --git a/tests/data/test965 b/tests/data/test965 index 601db62fe0..0bf35b8357 100644 --- a/tests/data/test965 +++ b/tests/data/test965 @@ -45,19 +45,19 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -MAIL FROM: SMTPUTF8 -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +MAIL FROM: SMTPUTF8 +RCPT TO: +DATA +QUIT - -From: different -To: another - -body -. + +From: different +To: another + +body +. diff --git a/tests/data/test966 b/tests/data/test966 index 646e807589..3a12b8bf96 100644 --- a/tests/data/test966 +++ b/tests/data/test966 @@ -45,19 +45,19 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt St%hex[%c3%b6]hex%dmottagaren@% # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -MAIL FROM: SMTPUTF8 -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +MAIL FROM: SMTPUTF8 +RCPT TO: +DATA +QUIT - -From: different -To: another - -body -. + +From: different +To: another + +body +. diff --git a/tests/data/test967 b/tests/data/test967 index 7cacbcbdd2..b067e9684b 100644 --- a/tests/data/test967 +++ b/tests/data/test967 @@ -43,10 +43,10 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt Anv%hex[%c3%a4]hex%ndaren@%hex[ # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -VRFY Anv%hex[%c3%a4]hex%ndaren@xn--4cab6c.se SMTPUTF8 -QUIT + +EHLO %TESTNUMBER +VRFY Anv%hex[%c3%a4]hex%ndaren@xn--4cab6c.se SMTPUTF8 +QUIT diff --git a/tests/data/test968 b/tests/data/test968 index 4df600483b..2ec5f76e95 100644 --- a/tests/data/test968 +++ b/tests/data/test968 @@ -40,10 +40,10 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt Anv%hex[%c3%a4]hex%ndaren # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -VRFY Anv%hex[%c3%a4]hex%ndaren SMTPUTF8 -QUIT + +EHLO %TESTNUMBER +VRFY Anv%hex[%c3%a4]hex%ndaren SMTPUTF8 +QUIT diff --git a/tests/data/test969 b/tests/data/test969 index c7bffb9b8f..00311d5f19 100644 --- a/tests/data/test969 +++ b/tests/data/test969 @@ -14,10 +14,10 @@ IDN CAPA SMTPUTF8 - -250-Joe Smith -250-Harry Smith -250 Melvin Smith + +250-Joe Smith +250-Harry Smith +250 Melvin Smith @@ -42,10 +42,10 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt Friends -X EXPN # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -EXPN Friends SMTPUTF8 -QUIT + +EHLO %TESTNUMBER +EXPN Friends SMTPUTF8 +QUIT diff --git a/tests/data/test973 b/tests/data/test973 index edf2973ebe..64e3702f20 100644 --- a/tests/data/test973 +++ b/tests/data/test973 @@ -66,23 +66,23 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -L -u joe:secret # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[joe:secret]b64% -User-Agent: curl/%VERSION -Accept: */* - -USER anonymous -PASS ftp@example.com -PWD -CWD a -CWD path -EPSV -TYPE I -SIZE %TESTNUMBER0002 -RETR %TESTNUMBER0002 -QUIT + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[joe:secret]b64% +User-Agent: curl/%VERSION +Accept: */* + +USER anonymous +PASS ftp@example.com +PWD +CWD a +CWD path +EPSV +TYPE I +SIZE %TESTNUMBER0002 +RETR %TESTNUMBER0002 +QUIT diff --git a/tests/data/test974 b/tests/data/test974 index d62933df56..04575181a3 100644 --- a/tests/data/test974 +++ b/tests/data/test974 @@ -72,20 +72,20 @@ HTTP with auth redirected to HTTP on a diff port w/o auth # # Verify data after the test has been "shot" - -GET http://firsthost.com/ HTTP/1.1 -Host: firsthost.com -Authorization: Basic %b64[joe:secret]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://firsthost.com:9999/a/path/%TESTNUMBER0002 HTTP/1.1 -Host: firsthost.com:9999 -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://firsthost.com/ HTTP/1.1 +Host: firsthost.com +Authorization: Basic %b64[joe:secret]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://firsthost.com:9999/a/path/%TESTNUMBER0002 HTTP/1.1 +Host: firsthost.com:9999 +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test975 b/tests/data/test975 index 971e35d340..b29b2a929d 100644 --- a/tests/data/test975 +++ b/tests/data/test975 @@ -66,23 +66,23 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --location-trusted -u joe:secret # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[joe:secret]b64% -User-Agent: curl/%VERSION -Accept: */* - -USER joe -PASS secret -PWD -CWD a -CWD path -EPSV -TYPE I -SIZE %TESTNUMBER0002 -RETR %TESTNUMBER0002 -QUIT + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[joe:secret]b64% +User-Agent: curl/%VERSION +Accept: */* + +USER joe +PASS secret +PWD +CWD a +CWD path +EPSV +TYPE I +SIZE %TESTNUMBER0002 +RETR %TESTNUMBER0002 +QUIT diff --git a/tests/data/test976 b/tests/data/test976 index 264444a56e..8150a90736 100644 --- a/tests/data/test976 +++ b/tests/data/test976 @@ -72,21 +72,21 @@ HTTP with auth redirected to HTTP on a diff port --location-trusted # # Verify data after the test has been "shot" - -GET http://firsthost.com/ HTTP/1.1 -Host: firsthost.com -Authorization: Basic %b64[joe:secret]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://firsthost.com:9999/a/path/%TESTNUMBER0002 HTTP/1.1 -Host: firsthost.com:9999 -Authorization: Basic %b64[joe:secret]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://firsthost.com/ HTTP/1.1 +Host: firsthost.com +Authorization: Basic %b64[joe:secret]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://firsthost.com:9999/a/path/%TESTNUMBER0002 HTTP/1.1 +Host: firsthost.com:9999 +Authorization: Basic %b64[joe:secret]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test980 b/tests/data/test980 index 8a52559472..9f35730ac2 100644 --- a/tests/data/test980 +++ b/tests/data/test980 @@ -44,9 +44,9 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr 8 - -EHLO %TESTNUMBER -STARTTLS + +EHLO %TESTNUMBER +STARTTLS diff --git a/tests/data/test981 b/tests/data/test981 index 02a03fd2f9..94de9dfbea 100644 --- a/tests/data/test981 +++ b/tests/data/test981 @@ -51,9 +51,9 @@ Hello Joe, do you think we can meet at 3:30 tomorrow? 8 - -A001 CAPABILITY -A002 STARTTLS + +A001 CAPABILITY +A002 STARTTLS diff --git a/tests/data/test982 b/tests/data/test982 index 2f5eccc0a4..6098b7255a 100644 --- a/tests/data/test982 +++ b/tests/data/test982 @@ -49,9 +49,9 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret --ssl 8 - -CAPA -STLS + +CAPA +STLS diff --git a/tests/data/test983 b/tests/data/test983 index a4294495d0..7a05471a19 100644 --- a/tests/data/test983 +++ b/tests/data/test983 @@ -45,8 +45,8 @@ works 8 - -AUTH SSL + +AUTH SSL diff --git a/tests/data/test984 b/tests/data/test984 index 314a24e6cb..e79efdf84b 100644 --- a/tests/data/test984 +++ b/tests/data/test984 @@ -49,8 +49,8 @@ Hello Joe, do you think we can meet at 3:30 tomorrow? 64 - -A001 CAPABILITY + +A001 CAPABILITY diff --git a/tests/data/test987 b/tests/data/test987 index c58ae77e13..4a0a08b429 100644 --- a/tests/data/test987 +++ b/tests/data/test987 @@ -34,19 +34,19 @@ body # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +MAIL FROM: +RCPT TO: +DATA +QUIT - -From: different -To: another - -body -. + +From: different +To: another + +body +. diff --git a/tests/data/test988 b/tests/data/test988 index 46b09fff94..06ba311084 100644 --- a/tests/data/test988 +++ b/tests/data/test988 @@ -9,14 +9,14 @@ FETCH # # Server-side - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely @@ -37,12 +37,12 @@ IMAPS FETCH with redundant explicit SSL request # # Verify data after the test has been "shot" - -A001 CAPABILITY -A002 LOGIN "\"user" "sec\"ret{" -A003 SELECT %TESTNUMBER -A004 FETCH 1 BODY[] -A005 LOGOUT + +A001 CAPABILITY +A002 LOGIN "\"user" "sec\"ret{" +A003 SELECT %TESTNUMBER +A004 FETCH 1 BODY[] +A005 LOGOUT diff --git a/tests/data/test989 b/tests/data/test989 index c7bf249460..dad0291dfd 100644 --- a/tests/data/test989 +++ b/tests/data/test989 @@ -37,12 +37,12 @@ POP3S RETR with redundant explicit SSL request # # Verify data after the test has been "shot" - -CAPA -USER user -PASS secret -RETR %TESTNUMBER -QUIT + +CAPA +USER user +PASS secret +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test99 b/tests/data/test99 index b0e769a7e3..e9e887df2f 100644 --- a/tests/data/test99 +++ b/tests/data/test99 @@ -55,13 +55,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -C 9999999999 33 - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Range: bytes=9999999999- -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Range: bytes=9999999999- +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test992 b/tests/data/test992 index a4b24376f3..2a5d15181e 100644 --- a/tests/data/test992 +++ b/tests/data/test992 @@ -37,18 +37,18 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr # # Verify data after the test has been "shot" - -EHLO %TESTNUMBER -AUTH XOAUTH2 -dXNlcj11c2VyAWF1dGg9QmVhcmVyIG1GXzkuQjVmLTQuMUpxTQEB -MAIL FROM: -RCPT TO: -DATA -QUIT + +EHLO %TESTNUMBER +AUTH XOAUTH2 +dXNlcj11c2VyAWF1dGg9QmVhcmVyIG1GXzkuQjVmLTQuMUpxTQEB +MAIL FROM: +RCPT TO: +DATA +QUIT - -mail body -. + +mail body +. diff --git a/tests/data/test993 b/tests/data/test993 index 2f5607b679..e0f0b9ebcf 100644 --- a/tests/data/test993 +++ b/tests/data/test993 @@ -31,12 +31,12 @@ pop3://%HOSTIP:%POP3PORT/ -u user:secret # # Verify data after the test has been "shot" - -CAPA -USER user -PASS secret -LIST -QUIT + +CAPA +USER user +PASS secret +LIST +QUIT Allocations: 2200 diff --git a/tests/data/test997 b/tests/data/test997 index 2883330f85..b17cde4d4d 100644 --- a/tests/data/test997 +++ b/tests/data/test997 @@ -12,11 +12,11 @@ RFC2449 # # Server-side - -CAPA TOP USER - - - + +CAPA TOP USER + + + # @@ -36,12 +36,12 @@ pop3://%HOSTIP:%POP3PORT -u user:secret -X 'STAT' # # Verify data after the test has been "shot" - -CAPA -USER user -PASS secret -STAT -QUIT + +CAPA +USER user +PASS secret +STAT +QUIT diff --git a/tests/data/test998 b/tests/data/test998 index efb03cac4c..88d3cb55ea 100644 --- a/tests/data/test998 +++ b/tests/data/test998 @@ -69,21 +69,21 @@ HTTP with auth in URL redirected to another host # # Verify data after the test has been "shot" - -GET http://somewhere.example/998 HTTP/1.1 -Host: somewhere.example -Authorization: Basic %b64[alberto:einstein]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://somewhere.else.example/a/path/9980002 HTTP/1.1 -Host: somewhere.else.example -Authorization: Basic %b64[alberto:einstein]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://somewhere.example/998 HTTP/1.1 +Host: somewhere.example +Authorization: Basic %b64[alberto:einstein]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://somewhere.else.example/a/path/9980002 HTTP/1.1 +Host: somewhere.else.example +Authorization: Basic %b64[alberto:einstein]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test999 b/tests/data/test999 index c0dc52328d..cee697e3a2 100644 --- a/tests/data/test999 +++ b/tests/data/test999 @@ -59,20 +59,20 @@ HTTP with auth in first URL but not second # # Verify data after the test has been "shot" - -GET http://somewhere.example/%TESTNUMBER HTTP/1.1 -Host: somewhere.example -Authorization: Basic %b64[alberto:einstein]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://somewhere.else.example/%TESTNUMBER HTTP/1.1 -Host: somewhere.else.example -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://somewhere.example/%TESTNUMBER HTTP/1.1 +Host: somewhere.example +Authorization: Basic %b64[alberto:einstein]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://somewhere.else.example/%TESTNUMBER HTTP/1.1 +Host: somewhere.else.example +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + From 2147de554d3408c6c563dd33f7b70d88fb728a9c Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 30 Oct 2025 19:24:13 +0100 Subject: [PATCH 0648/2408] test429: use `%repeat[]%` Follow-up to eb22e37060a8f3ad4fd9511db136c1edbb3b2a85 #19281 Follow-up to 55d4767876eae8678ab069082aa7fe8fe316a021 #19279 Closes #19296 --- tests/data/test429 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/data/test429 b/tests/data/test429 index 4091d1be0d..8dd75be04f 100644 --- a/tests/data/test429 +++ b/tests/data/test429 @@ -33,13 +33,13 @@ Funny-head: yesyes http -FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF=contents2023 +%repeat[129 x F]%=contents2023 Expand environment variable in config file - too long name ---expand-data {{FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF}} +--expand-data {{%repeat[129 x F]%}} http://%HOSTIP:%HTTPPORT/%TESTNUMBER -K %LOGDIR/cmd @@ -57,7 +57,7 @@ Accept: */* Content-Length: 133 Content-Type: application/x-www-form-urlencoded -{{FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF}} +{{%repeat[129 x F]%}} From 26e3f004696e59ec9021858da78cb26194cf264e Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 31 Oct 2025 14:35:32 +0100 Subject: [PATCH 0649/2408] test446, 1034, 1160: set US-ASCII encoding in XML header To match the ASCII-7 requirement for curl test data files. Follow-up to 9243ed59b387a90940fa4a16ebfd99ad7d6c2f63 #17329 Follow-up to 87ba80a6df1dfd7ceaaa52352c9f23afff0ed513 Closes #19297 --- tests/data/test1034 | 2 +- tests/data/test1160 | 2 +- tests/data/test446 | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/data/test1034 b/tests/data/test1034 index 2dab1ab441..b99368fb9f 100644 --- a/tests/data/test1034 +++ b/tests/data/test1034 @@ -1,4 +1,4 @@ - + diff --git a/tests/data/test1160 b/tests/data/test1160 index b5b55a4d29..eb0dad216e 100644 --- a/tests/data/test1160 +++ b/tests/data/test1160 @@ -1,4 +1,4 @@ - + diff --git a/tests/data/test446 b/tests/data/test446 index 7f98912560..be7bad0e96 100644 --- a/tests/data/test446 +++ b/tests/data/test446 @@ -1,4 +1,4 @@ - + From 1e85cb4b7b88c2b2a21ff425eee071128106b085 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Fri, 31 Oct 2025 13:46:18 +0100 Subject: [PATCH 0650/2408] scp/sftp: fix disconnect When a SCP/SFTP connection calls the protocol handler disconnect, it required the connections *and* the easy handles SSH meta data to be present. When the disconnect is called with an admin handle, the easy meta data is not present, which prevented the shutdown to run. The easy meta data is however not necessary to run the shutdown state machine. Calling it with a NULL `sshp` is fine. To avoid any mixups, check `sshp` in state operations that need it. Fixes #19293 Reported-by: And-yW on github Closes #19295 --- lib/vssh/libssh.c | 61 +++++++++++++++++------- lib/vssh/libssh2.c | 113 ++++++++++++++++++++++++++++++--------------- 2 files changed, 120 insertions(+), 54 deletions(-) diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c index df466dac4c..af3767ca71 100644 --- a/lib/vssh/libssh.c +++ b/lib/vssh/libssh.c @@ -1979,13 +1979,15 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data, rc = myssh_in_SFTP_REALPATH(data, sshc); break; case SSH_SFTP_QUOTE_INIT: - rc = myssh_in_SFTP_QUOTE_INIT(data, sshc, sshp); + rc = sshp ? myssh_in_SFTP_QUOTE_INIT(data, sshc, sshp) : + CURLE_FAILED_INIT; break; case SSH_SFTP_POSTQUOTE_INIT: rc = myssh_in_SFTP_POSTQUOTE_INIT(data, sshc); break; case SSH_SFTP_QUOTE: - rc = myssh_in_SFTP_QUOTE(data, sshc, sshp); + rc = sshp ? myssh_in_SFTP_QUOTE(data, sshc, sshp) : + CURLE_FAILED_INIT; break; case SSH_SFTP_NEXT_QUOTE: rc = myssh_in_SFTP_NEXT_QUOTE(data, sshc); @@ -2115,7 +2117,10 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data, case SSH_SFTP_FILETIME: { sftp_attributes attrs; - + if(!sshp) { + result = CURLE_FAILED_INIT; + break; + } attrs = sftp_stat(sshc->sftp_session, sshp->path); if(attrs) { data->info.filetime = attrs->mtime; @@ -2129,20 +2134,27 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data, case SSH_SFTP_TRANS_INIT: if(data->state.upload) myssh_to(data, sshc, SSH_SFTP_UPLOAD_INIT); - else { + else if(sshp) { if(sshp->path[strlen(sshp->path)-1] == '/') myssh_to(data, sshc, SSH_SFTP_READDIR_INIT); else myssh_to(data, sshc, SSH_SFTP_DOWNLOAD_INIT); } + else + result = CURLE_FAILED_INIT; break; case SSH_SFTP_UPLOAD_INIT: - rc = myssh_in_UPLOAD_INIT(data, sshc, sshp); + rc = sshp ? myssh_in_UPLOAD_INIT(data, sshc, sshp) : + CURLE_FAILED_INIT; break; case SSH_SFTP_CREATE_DIRS_INIT: - if(strlen(sshp->path) > 1) { + if(!sshp) { + result = CURLE_FAILED_INIT; + break; + } + else if(strlen(sshp->path) > 1) { sshc->slash_pos = sshp->path + 1; /* ignore the leading '/' */ myssh_to(data, sshc, SSH_SFTP_CREATE_DIRS); } @@ -2153,7 +2165,11 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data, case SSH_SFTP_CREATE_DIRS: sshc->slash_pos = strchr(sshc->slash_pos, '/'); - if(sshc->slash_pos) { + if(!sshp) { + result = CURLE_FAILED_INIT; + break; + } + else if(sshc->slash_pos) { *sshc->slash_pos = 0; infof(data, "Creating directory '%s'", sshp->path); @@ -2165,6 +2181,10 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data, case SSH_SFTP_CREATE_DIRS_MKDIR: /* 'mode' - parameter is preliminary - default to 0644 */ + if(!sshp) { + result = CURLE_FAILED_INIT; + break; + } rc = sftp_mkdir(sshc->sftp_session, sshp->path, (mode_t)data->set.new_directory_perms); *sshc->slash_pos = '/'; @@ -2188,10 +2208,12 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data, break; case SSH_SFTP_READDIR_INIT: - rc = myssh_in_SFTP_READDIR_INIT(data, sshc, sshp); + rc = sshp ? myssh_in_SFTP_READDIR_INIT(data, sshc, sshp) : + CURLE_FAILED_INIT; break; case SSH_SFTP_READDIR: - rc = myssh_in_SFTP_READDIR(data, sshc, sshp); + rc = sshp ? myssh_in_SFTP_READDIR(data, sshc, sshp) : + CURLE_FAILED_INIT; break; case SSH_SFTP_READDIR_LINK: rc = myssh_in_SFTP_READDIR_LINK(data, sshc); @@ -2203,19 +2225,25 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data, rc = myssh_in_SFTP_READDIR_DONE(data, sshc); break; case SSH_SFTP_DOWNLOAD_INIT: - rc = myssh_in_SFTP_DOWNLOAD_INIT(data, sshc, sshp); + rc = sshp ? myssh_in_SFTP_DOWNLOAD_INIT(data, sshc, sshp) : + CURLE_FAILED_INIT; break; case SSH_SFTP_DOWNLOAD_STAT: rc = myssh_in_SFTP_DOWNLOAD_STAT(data, sshc); break; case SSH_SFTP_CLOSE: - rc = myssh_in_SFTP_CLOSE(data, sshc, sshp); + rc = sshp ? myssh_in_SFTP_CLOSE(data, sshc, sshp) : + CURLE_FAILED_INIT; break; case SSH_SFTP_SHUTDOWN: rc = myssh_in_SFTP_SHUTDOWN(data, sshc); break; case SSH_SCP_TRANS_INIT: + if(!sshp) { + result = CURLE_FAILED_INIT; + break; + } result = Curl_getworkingpath(data, sshc->homedir, &sshp->path); if(result) { sshc->actualcode = result; @@ -2252,7 +2280,10 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data, break; case SSH_SCP_UPLOAD_INIT: - + if(!sshp) { + result = CURLE_FAILED_INIT; + break; + } rc = ssh_scp_init(sshc->scp_session); if(rc != SSH_OK) { err_msg = ssh_get_error(sshc->ssh_session); @@ -2832,11 +2863,9 @@ static CURLcode scp_disconnect(struct Curl_easy *data, struct SSHPROTO *sshp = Curl_meta_get(data, CURL_META_SSH_EASY); (void)dead_connection; - if(sshc && sshc->ssh_session && sshp) { + if(sshc && sshc->ssh_session) { /* only if there is a session still around to use! */ - myssh_to(data, sshc, SSH_SESSION_DISCONNECT); - result = myssh_block_statemach(data, sshc, sshp, TRUE); } @@ -3012,7 +3041,7 @@ static CURLcode sftp_disconnect(struct Curl_easy *data, DEBUGF(infof(data, "SSH DISCONNECT starts now")); - if(sshc && sshc->ssh_session && sshp) { + if(sshc && sshc->ssh_session) { /* only if there is a session still around to use! */ myssh_to(data, sshc, SSH_SFTP_SHUTDOWN); result = myssh_block_statemach(data, sshc, sshp, TRUE); diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c index 18e3cdb1d5..5990da25bf 100644 --- a/lib/vssh/libssh2.c +++ b/lib/vssh/libssh2.c @@ -826,7 +826,7 @@ static CURLcode ssh_force_knownhost_key_type(struct Curl_easy *data, char *errmsg = NULL; int errlen; libssh2_session_last_error(sshc->ssh_session, &errmsg, &errlen, 0); - failf(data, "libssh2: %s", errmsg); + failf(data, "libssh2 method '%s' failed: %s", hostkey_method, errmsg); result = libssh2_session_error_to_CURLE(rc); } } @@ -2721,11 +2721,13 @@ static CURLcode ssh_statemachine(struct Curl_easy *data, break; case SSH_SFTP_REALPATH: - result = ssh_state_sftp_realpath(data, sshc, sshp); + result = sshp ? ssh_state_sftp_realpath(data, sshc, sshp) : + CURLE_FAILED_INIT; break; case SSH_SFTP_QUOTE_INIT: - result = ssh_state_sftp_quote_init(data, sshc, sshp); + result = sshp ? ssh_state_sftp_quote_init(data, sshc, sshp) : + CURLE_FAILED_INIT; break; case SSH_SFTP_POSTQUOTE_INIT: @@ -2733,7 +2735,8 @@ static CURLcode ssh_statemachine(struct Curl_easy *data, break; case SSH_SFTP_QUOTE: - result = ssh_state_sftp_quote(data, sshc, sshp); + result = sshp ? ssh_state_sftp_quote(data, sshc, sshp) : + CURLE_FAILED_INIT; break; case SSH_SFTP_NEXT_QUOTE: @@ -2741,11 +2744,13 @@ static CURLcode ssh_statemachine(struct Curl_easy *data, break; case SSH_SFTP_QUOTE_STAT: - result = ssh_state_sftp_quote_stat(data, sshc, sshp, block); + result = sshp ? ssh_state_sftp_quote_stat(data, sshc, sshp, block) : + CURLE_FAILED_INIT; break; case SSH_SFTP_QUOTE_SETSTAT: - result = ssh_state_sftp_quote_setstat(data, sshc, sshp); + result = sshp ? ssh_state_sftp_quote_setstat(data, sshc, sshp) : + CURLE_FAILED_INIT; break; case SSH_SFTP_QUOTE_SYMLINK: @@ -2784,10 +2789,15 @@ static CURLcode ssh_statemachine(struct Curl_easy *data, case SSH_SFTP_FILETIME: { LIBSSH2_SFTP_ATTRIBUTES attrs; + int rc; - int rc = libssh2_sftp_stat_ex(sshc->sftp_session, sshp->path, - curlx_uztoui(strlen(sshp->path)), - LIBSSH2_SFTP_STAT, &attrs); + if(!sshp) { + result = CURLE_FAILED_INIT; + break; + } + rc = libssh2_sftp_stat_ex(sshc->sftp_session, sshp->path, + curlx_uztoui(strlen(sshp->path)), + LIBSSH2_SFTP_STAT, &attrs); if(rc == LIBSSH2_ERROR_EAGAIN) { result = CURLE_AGAIN; break; @@ -2803,16 +2813,19 @@ static CURLcode ssh_statemachine(struct Curl_easy *data, case SSH_SFTP_TRANS_INIT: if(data->state.upload) myssh_state(data, sshc, SSH_SFTP_UPLOAD_INIT); - else { + else if(sshp) { if(sshp->path[strlen(sshp->path)-1] == '/') myssh_state(data, sshc, SSH_SFTP_READDIR_INIT); else myssh_state(data, sshc, SSH_SFTP_DOWNLOAD_INIT); } + else + result = CURLE_FAILED_INIT; break; case SSH_SFTP_UPLOAD_INIT: - result = sftp_upload_init(data, sshc, sshp, block); + result = sshp ? sftp_upload_init(data, sshc, sshp, block) : + CURLE_FAILED_INIT; if(result) { myssh_state(data, sshc, SSH_SFTP_CLOSE); sshc->nextstate = SSH_NO_STATE; @@ -2820,7 +2833,9 @@ static CURLcode ssh_statemachine(struct Curl_easy *data, break; case SSH_SFTP_CREATE_DIRS_INIT: - if(strlen(sshp->path) > 1) { + if(!sshp) + result = CURLE_FAILED_INIT; + else if(strlen(sshp->path) > 1) { sshc->slash_pos = sshp->path + 1; /* ignore the leading '/' */ myssh_state(data, sshc, SSH_SFTP_CREATE_DIRS); } @@ -2830,6 +2845,10 @@ static CURLcode ssh_statemachine(struct Curl_easy *data, break; case SSH_SFTP_CREATE_DIRS: + if(!sshp) { + result = CURLE_FAILED_INIT; + break; + } sshc->slash_pos = strchr(sshc->slash_pos, '/'); if(sshc->slash_pos) { *sshc->slash_pos = 0; @@ -2842,25 +2861,33 @@ static CURLcode ssh_statemachine(struct Curl_easy *data, break; case SSH_SFTP_CREATE_DIRS_MKDIR: - result = ssh_state_sftp_create_dirs_mkdir(data, sshc, sshp); + result = sshp ? ssh_state_sftp_create_dirs_mkdir(data, sshc, sshp) : + CURLE_FAILED_INIT; break; case SSH_SFTP_READDIR_INIT: - result = ssh_state_sftp_readdir_init(data, sshc, sshp); + result = sshp ? ssh_state_sftp_readdir_init(data, sshc, sshp) : + CURLE_FAILED_INIT; break; case SSH_SFTP_READDIR: - result = sftp_readdir(data, sshc, sshp, block); + result = sshp ? sftp_readdir(data, sshc, sshp, block) : + CURLE_FAILED_INIT; if(result) { myssh_state(data, sshc, SSH_SFTP_CLOSE); } break; case SSH_SFTP_READDIR_LINK: - result = ssh_state_sftp_readdir_link(data, sshc, sshp); + result = sshp ? ssh_state_sftp_readdir_link(data, sshc, sshp) : + CURLE_FAILED_INIT; break; case SSH_SFTP_READDIR_BOTTOM: + if(!sshp) { + result = CURLE_FAILED_INIT; + break; + } result = curlx_dyn_addn(&sshp->readdir, "\n", 1); if(!result) result = Curl_client_write(data, CLIENTWRITE_BODY, @@ -2890,11 +2917,13 @@ static CURLcode ssh_statemachine(struct Curl_easy *data, break; case SSH_SFTP_DOWNLOAD_INIT: - result = ssh_state_sftp_download_init(data, sshc, sshp); + result = sshp ? ssh_state_sftp_download_init(data, sshc, sshp) : + CURLE_FAILED_INIT; break; case SSH_SFTP_DOWNLOAD_STAT: - result = sftp_download_stat(data, sshc, sshp, block); + result = sshp ? sftp_download_stat(data, sshc, sshp, block) : + CURLE_FAILED_INIT; if(result) { myssh_state(data, sshc, SSH_SFTP_CLOSE); sshc->nextstate = SSH_NO_STATE; @@ -2902,7 +2931,8 @@ static CURLcode ssh_statemachine(struct Curl_easy *data, break; case SSH_SFTP_CLOSE: - result = ssh_state_sftp_close(data, sshc, sshp); + result = sshp ? ssh_state_sftp_close(data, sshc, sshp) : + CURLE_FAILED_INIT; break; case SSH_SFTP_SHUTDOWN: @@ -2910,7 +2940,8 @@ static CURLcode ssh_statemachine(struct Curl_easy *data, break; case SSH_SCP_TRANS_INIT: - result = Curl_getworkingpath(data, sshc->homedir, &sshp->path); + result = sshp ? Curl_getworkingpath(data, sshc->homedir, &sshp->path) : + CURLE_FAILED_INIT; if(result) { myssh_state(data, sshc, SSH_STOP); break; @@ -2931,11 +2962,13 @@ static CURLcode ssh_statemachine(struct Curl_easy *data, break; case SSH_SCP_UPLOAD_INIT: - result = ssh_state_scp_upload_init(data, sshc, sshp); + result = sshp ? ssh_state_scp_upload_init(data, sshc, sshp) : + CURLE_FAILED_INIT; break; case SSH_SCP_DOWNLOAD_INIT: - result = ssh_state_scp_download_init(data, sshc, sshp); + result = sshp ? ssh_state_scp_download_init(data, sshc, sshp) : + CURLE_FAILED_INIT; break; case SSH_SCP_DONE: @@ -3559,9 +3592,6 @@ static CURLcode sshc_cleanup(struct ssh_conn *sshc, struct Curl_easy *data, if(sshc->ssh_agent) { rc = libssh2_agent_disconnect(sshc->ssh_agent); - if(!block && (rc == LIBSSH2_ERROR_EAGAIN)) - return CURLE_AGAIN; - if((rc < 0) && data) { char *err_msg = NULL; (void)libssh2_session_last_error(sshc->ssh_session, @@ -3569,6 +3599,9 @@ static CURLcode sshc_cleanup(struct ssh_conn *sshc, struct Curl_easy *data, infof(data, "Failed to disconnect from libssh2 agent: %d %s", rc, err_msg); } + if(!block && (rc == LIBSSH2_ERROR_EAGAIN)) + return CURLE_AGAIN; + libssh2_agent_free(sshc->ssh_agent); sshc->ssh_agent = NULL; @@ -3580,23 +3613,20 @@ static CURLcode sshc_cleanup(struct ssh_conn *sshc, struct Curl_easy *data, if(sshc->sftp_handle) { rc = libssh2_sftp_close(sshc->sftp_handle); - if(!block && (rc == LIBSSH2_ERROR_EAGAIN)) - return CURLE_AGAIN; - if((rc < 0) && data) { char *err_msg = NULL; (void)libssh2_session_last_error(sshc->ssh_session, &err_msg, NULL, 0); infof(data, "Failed to close libssh2 file: %d %s", rc, err_msg); } + if(!block && (rc == LIBSSH2_ERROR_EAGAIN)) + return CURLE_AGAIN; + sshc->sftp_handle = NULL; } if(sshc->ssh_channel) { rc = libssh2_channel_free(sshc->ssh_channel); - if(!block && (rc == LIBSSH2_ERROR_EAGAIN)) - return CURLE_AGAIN; - if((rc < 0) && data) { char *err_msg = NULL; (void)libssh2_session_last_error(sshc->ssh_session, @@ -3604,30 +3634,37 @@ static CURLcode sshc_cleanup(struct ssh_conn *sshc, struct Curl_easy *data, infof(data, "Failed to free libssh2 scp subsystem: %d %s", rc, err_msg); } + if(!block && (rc == LIBSSH2_ERROR_EAGAIN)) + return CURLE_AGAIN; + sshc->ssh_channel = NULL; } if(sshc->sftp_session) { rc = libssh2_sftp_shutdown(sshc->sftp_session); + if((rc < 0) && data) { + char *err_msg = NULL; + (void)libssh2_session_last_error(sshc->ssh_session, + &err_msg, NULL, 0); + infof(data, "Failed to stop libssh2 sftp subsystem: %d %s", rc, err_msg); + } if(!block && (rc == LIBSSH2_ERROR_EAGAIN)) return CURLE_AGAIN; - if((rc < 0) && data) - infof(data, "Failed to stop libssh2 sftp subsystem"); sshc->sftp_session = NULL; } if(sshc->ssh_session) { rc = libssh2_session_free(sshc->ssh_session); - if(!block && (rc == LIBSSH2_ERROR_EAGAIN)) - return CURLE_AGAIN; - if((rc < 0) && data) { char *err_msg = NULL; (void)libssh2_session_last_error(sshc->ssh_session, &err_msg, NULL, 0); infof(data, "Failed to free libssh2 session: %d %s", rc, err_msg); } + if(!block && (rc == LIBSSH2_ERROR_EAGAIN)) + return CURLE_AGAIN; + sshc->ssh_session = NULL; } @@ -3661,7 +3698,7 @@ static CURLcode scp_disconnect(struct Curl_easy *data, struct SSHPROTO *sshp = Curl_meta_get(data, CURL_META_SSH_EASY); (void)dead_connection; - if(sshc && sshc->ssh_session && sshp) { + if(sshc && sshc->ssh_session) { /* only if there is a session still around to use! */ myssh_state(data, sshc, SSH_SESSION_DISCONNECT); result = ssh_block_statemach(data, sshc, sshp, TRUE); @@ -3834,7 +3871,7 @@ static CURLcode sftp_disconnect(struct Curl_easy *data, (void)dead_connection; if(sshc) { - if(sshc->ssh_session && sshp) { + if(sshc->ssh_session) { /* only if there is a session still around to use! */ DEBUGF(infof(data, "SSH DISCONNECT starts now")); myssh_state(data, sshc, SSH_SFTP_SHUTDOWN); From c887a3f2f265b90e326efe140ff97dcd7280e180 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 25 Oct 2025 11:06:40 +0200 Subject: [PATCH 0651/2408] BINDINGS.md: point flaky URL to archive.org To avoid linkcheck CI fails. It was failing regularly in the last months. --- docs/BINDINGS.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/BINDINGS.md b/docs/BINDINGS.md index a72482cf8d..61652fc34f 100644 --- a/docs/BINDINGS.md +++ b/docs/BINDINGS.md @@ -100,7 +100,7 @@ Bailiff and Bálint Szilakszi, [PostgreSQL](https://github.com/RekGRpth/pg_curl) - cURL client for PostgreSQL -[PureBasic](https://www.purebasic.com/documentation/http/index.html) uses libcurl in its "native" HTTP subsystem +[PureBasic](https://web.archive.org/web/20250325015028/www.purebasic.com/documentation/http/index.html) uses libcurl in its "native" HTTP subsystem [Python](http://pycurl.io/) PycURL by Kjetil Jacobsen From 031322385310560ff5143078e9ddd4b434b358ca Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 31 Oct 2025 16:28:13 +0100 Subject: [PATCH 0652/2408] RELEASE-NOTES: synced --- RELEASE-NOTES | 58 ++++++++++++++++++++++++++++++++++++++------------- 1 file changed, 43 insertions(+), 15 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 792ef742c6..c740a65029 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -4,7 +4,7 @@ curl and libcurl 8.17.0 Command line options: 273 curl_easy_setopt() options: 308 Public functions in libcurl: 100 - Contributors: 3531 + Contributors: 3533 This release includes the following changes: @@ -82,6 +82,7 @@ This release includes the following bugfixes: o cmdline-opts/_PROGRESS.md: explain the suffixes [154] o configure: add "-mt" for pthread support on HP-UX [52] o conn: fix hostname move on connection reuse [272] + o conncache: prevent integer overflow in maxconnects calculation [438] o connect: for CONNECT_ONLY, CURLOPT_TIMEOUT does not apply [404] o connect: remove redundant condition in shutdown start [289] o cookie: avoid saving a cookie file if no transfer was done [11] @@ -118,6 +119,7 @@ This release includes the following bugfixes: o easy_getinfo: check magic, Curl_close safety [3] o ECH.md: make OpenSSL branch clone instructions work [430] o examples/chkspeed: portable printing when outputting curl_off_t values [365] + o examples/http2-serverpush: fix file handle leaks [428] o examples/sessioninfo: cast printf string mask length to int [232] o examples/sessioninfo: do not disable security [255] o examples/synctime: fix null termination assumptions [297] @@ -128,6 +130,7 @@ This release includes the following bugfixes: o examples: check more errors, fix cleanups, scope variables [318] o examples: drop unused curl/mprintf.h includes [224] o examples: fix build issues in 'complicated' examples [243] + o examples: fix more potential resource leaks, and more [426] o examples: fix two build issues surfaced with WinCE [223] o examples: fix two issues found by CodeQL [35] o examples: fix two more cases of stat() TOCTOU [147] @@ -161,6 +164,8 @@ This release includes the following bugfixes: o http2: cleanup pushed newhandle on fail [260] o http2: ingress handling edge cases [259] o HTTP3: clarify the status for "old" OpenSSL, not current [394] + o http: fix `-Wunreachable-code` in !websockets !unity builds [443] + o http: fix `-Wunused-variable` in !alt-svc !proxy !ws builds [442] o http: handle user-defined connection headers [165] o http: look for trailing 'type=' in ftp:// without strstr [315] o http: make Content-Length parser more WHATWG [183] @@ -168,6 +173,7 @@ This release includes the following bugfixes: o http: return error for a second Location: header [393] o http_proxy: fix adding custom proxy headers [424] o httpsrr: free old pointers when storing new [57] + o imap: fix custom FETCH commands to handle literal responses [441] o imap: parse and use UIDVALIDITY as a number [420] o imap: treat capabilities case insensitively [345] o INSTALL-CMAKE.md: add manual configuration examples [360] @@ -252,9 +258,11 @@ This release includes the following bugfixes: o ngtcp2: fix early return [131] o ngtcp2: fix handling of blocked stream data [236] o ngtcp2: fix returns when TLS verify failed [251] + o ngtcp2: overwrite rate-limits defaults [444] o noproxy: fix the IPV6 network mask pattern match [166] o NTLM: disable if DES support missing from OpenSSL or mbedTLS [399] o ntlm: improved error path on bad incoming NTLM TYPE3 message [412] + o openldap/ldap; check for binary attribute case insensitively [445] o openldap: avoid indexing the result at -1 for blank responses [44] o openldap: check ber_sockbuf_add_io() return code [163] o openldap: check ldap_get_option() return codes [119] @@ -283,6 +291,7 @@ This release includes the following bugfixes: o OS400: fix a use-after-free/double-free case [142] o osslq: set idle timeout to 0 [237] o pingpong: remove two old leftover debug infof() calls + o pop3: check for CAPA responses case insensitively [439] o pop3: fix CAPA response termination detection [427] o pop3: function could get the ->transfer field wrong [292] o pytest: skip specific tests for no-verbose builds [171] @@ -311,6 +320,7 @@ This release includes the following bugfixes: o schannel_verify: do not call infof with an appended \n [371] o schannel_verify: fix mem-leak in Curl_verify_host [208] o schannel_verify: use more human friendly error messages [96] + o scp/sftp: fix disconnect [350] o scripts: pass -- before passing xargs [349] o setopt: accept *_SSL_VERIFYHOST set to 2L [31] o setopt: allow CURLOPT_DNS_CACHE_TIMEOUT set to -1 [257] @@ -343,6 +353,7 @@ This release includes the following bugfixes: o socks_sspi: use the correct free function [331] o socksd: remove --bindonly mention, there is no such option [305] o src/var: remove dead code [369] + o ssl-session-cache: check use on config and availability [448] o ssl-sessions.md: mark option experimental [12] o strerror: drop workaround for SalfordC win32 header bug [214] o sws: fix checking sscanf() return value [17] @@ -357,6 +368,7 @@ This release includes the following bugfixes: o telnet: return error on crazy TTYPE or XDISPLOC lengths [123] o telnet: send failure logged but not returned [175] o telnet: use pointer[0] for "unknown" option instead of pointer[i] [217] + o test1100: fix missing `` section [432] o tests/server: drop pointless memory allocation overrides [219] o tests/server: drop unsafe open() override in signal handler (Windows) [151] o tftp: check and act on tftp_set_timeouts() returning error [38] @@ -396,6 +408,7 @@ This release includes the following bugfixes: o tool_operate: improve wording in retry message [37] o tool_operate: keep failed partial download for retry auto-resume [210] o tool_operate: keep the progress meter for --out-null [33] + o tool_operate: move the checks that skip ca cert detection [449] o tool_operate: retry on HTTP response codes 522 and 524 [317] o tool_operate: return error on strdup() failure [336] o tool_paramhlp: remove outdated comment in str2tls_max() [367] @@ -461,21 +474,23 @@ This release would not have looked like this without help, code, reports and advice from friends like these: Adam Light, Alexander Blach, Alice Lee Poetics, Andrei Kurushin, - Andrew Kirillov, Andrew Olsen, BobodevMm on github, Christian Schmitz, - curl.stunt430, Dalei, Dan Fandrich, Daniel Stenberg, Daniel Terhorst-North, - dependabot[bot], divinity76 on github, Emilio Pozuelo Monfort, Emre Çalışkan, - Ethan Everett, Evgeny Grin (Karlson2k), fds242 on github, Harry Sintonen, - Howard Chu, Ignat Loskutov, Jakub Stasiak, James Fuller, Javier Blazquez, - Jicea, jmaggard10 on github, Jochen Sprickerhof, Johannes Schindelin, + Andrew Kirillov, Andrew Olsen, And-yW on github, BobodevMm on github, BohwaZ, + Christian Schmitz, curl.stunt430, Dalei, Dan Fandrich, Daniel Stenberg, + Daniel Terhorst-North, dependabot[bot], divinity76 on github, + Emilio Pozuelo Monfort, Emre Çalışkan, Ethan Everett, + Evgeny Grin (Karlson2k), fds242 on github, Harry Sintonen, Howard Chu, + Ignat Loskutov, Jakub Stasiak, James Fuller, Javier Blazquez, Jicea, + jmaggard10 on github, Jochen Sprickerhof, Johannes Schindelin, Jonathan Cardoso Machado, Joseph Birr-Pixton, Joshua Rogers, - kapsiR on github, kuchara on github, madoe on github, Marcel Raad, - Michael Osipov, Michał Petryka, Mitchell Blank Jr, Mohamed Daahir, - Nir Azkiel, Patrick Monnerat, Pavel P, plv1313 on github, Pocs Norbert, - Ray Satiro, renovate[bot], rinsuki on github, Sakthi SK, Samuel Dionne-Riel, - Samuel Henrique, Stanislav Fort, Stefan Eissing, Tatsuhiro Tsujikawa, - TheBitBrine, Theo Buehler, Tim Becker, tkzv on github, Viktor Szakatas, - Viktor Szakats, WangDaLei on github, Xiaoke Wang, Yedaya Katsman, 包布丁 - (65 contributors) + kapsiR on github, kuchara on github, madoe on github, Marc Aldorasi, + Marcel Raad, Michael Osipov, Michał Petryka, Mitchell Blank Jr, + Mohamed Daahir, Nir Azkiel, Patrick Monnerat, Pavel P, plv1313 on github, + Pocs Norbert, Ray Satiro, renovate[bot], rinsuki on github, Sakthi SK, + Samuel Dionne-Riel, Samuel Henrique, Stanislav Fort, Stefan Eissing, + Tatsuhiro Tsujikawa, TheBitBrine, Theo Buehler, Tim Becker, tkzv on github, + Viktor Szakatas, Viktor Szakats, WangDaLei on github, Xiaoke Wang, + Yedaya Katsman, 包布丁 + (68 contributors) References to bug reports and discussions on issues: @@ -828,6 +843,7 @@ References to bug reports and discussions on issues: [347] = https://issues.oss-fuzz.com/issues/432441303 [348] = https://curl.se/bug/?i=19086 [349] = https://curl.se/bug/?i=19076 + [350] = https://curl.se/bug/?i=19293 [351] = https://curl.se/bug/?i=19141 [352] = https://curl.se/bug/?i=19265 [353] = https://curl.se/bug/?i=19073 @@ -900,6 +916,18 @@ References to bug reports and discussions on issues: [423] = https://curl.se/bug/?i=19185 [424] = https://curl.se/bug/?i=19227 [425] = https://curl.se/bug/?i=19247 + [426] = https://curl.se/bug/?i=19292 [427] = https://curl.se/bug/?i=19228 + [428] = https://curl.se/bug/?i=19291 [429] = https://curl.se/bug/?i=19167 [430] = https://curl.se/bug/?i=19237 + [432] = https://curl.se/bug/?i=19288 + [438] = https://curl.se/bug/?i=19271 + [439] = https://curl.se/bug/?i=19278 + [441] = https://curl.se/bug/?i=18847 + [442] = https://curl.se/bug/?i=19276 + [443] = https://curl.se/bug/?i=19275 + [444] = https://curl.se/bug/?i=19274 + [445] = https://curl.se/bug/?i=19240 + [448] = https://curl.se/bug/?i=18983 + [449] = https://curl.se/bug/?i=19148 From 928363f28ca533d743adcb70597c3e30917c6cbd Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 31 Oct 2025 14:42:30 +0100 Subject: [PATCH 0653/2408] examples: consistent variable naming across examples - 'CURL *' handles are called 'curl' - 'CURLM *' handles are called 'multi' - write callbacks are called 'write_cb' - read callbacs are called 'read_cb' - CURLcode variables are called 'res' It makes the examples look and feel more consistent. It allows for easier copy and pasting between examples. Closes #19299 --- docs/examples/10-at-a-time.c | 42 ++++++------ docs/examples/anyauthput.c | 4 +- docs/examples/cacertinmem.c | 54 +++++++-------- docs/examples/certinfo.c | 4 +- docs/examples/chkspeed.c | 28 ++++---- docs/examples/crawler.c | 90 ++++++++++++------------- docs/examples/debug.c | 4 +- docs/examples/ephiperfifo.c | 56 ++++++++------- docs/examples/evhiperfifo.c | 54 +++++++-------- docs/examples/externalsocket.c | 4 +- docs/examples/ftp-delete.c | 4 +- docs/examples/ftp-wildcard.c | 30 ++++----- docs/examples/ftpget.c | 4 +- docs/examples/ftpsget.c | 4 +- docs/examples/ftpupload.c | 4 +- docs/examples/ftpuploadfrommem.c | 4 +- docs/examples/ftpuploadresume.c | 71 ++++++++++--------- docs/examples/getinmemory.c | 20 +++--- docs/examples/ghiper.c | 54 +++++++-------- docs/examples/hiperfifo.c | 52 +++++++------- docs/examples/hsts-preload.c | 8 +-- docs/examples/htmltitle.cpp | 44 ++++++------ docs/examples/http2-download.c | 52 +++++++------- docs/examples/http2-pushinmemory.c | 34 +++++----- docs/examples/http2-serverpush.c | 62 ++++++++--------- docs/examples/http2-upload.c | 66 +++++++++--------- docs/examples/httpput.c | 4 +- docs/examples/imap-append.c | 4 +- docs/examples/imap-multi.c | 16 ++--- docs/examples/log_failed_transfers.c | 8 +-- docs/examples/multi-app.c | 32 ++++----- docs/examples/multi-debugcallback.c | 32 ++++----- docs/examples/multi-double.c | 41 ++++++----- docs/examples/multi-event.c | 50 +++++++------- docs/examples/multi-formadd.c | 14 ++-- docs/examples/multi-legacy.c | 34 +++++----- docs/examples/multi-post.c | 14 ++-- docs/examples/multi-single.c | 26 +++---- docs/examples/multi-uv.c | 28 ++++---- docs/examples/pop3-multi.c | 16 ++--- docs/examples/post-callback.c | 4 +- docs/examples/postinmemory.c | 4 +- docs/examples/sepheaders.c | 26 +++---- docs/examples/sessioninfo.c | 4 +- docs/examples/sftpget.c | 4 +- docs/examples/sftpuploadresume.c | 48 ++++++------- docs/examples/shared-connection-cache.c | 8 +-- docs/examples/smooth-gtk-thread.c | 4 +- docs/examples/smtp-authzid.c | 4 +- docs/examples/smtp-mail.c | 4 +- docs/examples/smtp-multi.c | 20 +++--- docs/examples/smtp-ssl.c | 4 +- docs/examples/smtp-tls.c | 4 +- docs/examples/synctime.c | 4 +- docs/examples/url2file.c | 22 +++--- docs/examples/usercertinmem.c | 40 +++++------ docs/examples/websocket-cb.c | 8 +-- docs/examples/websocket-updown.c | 38 +++++------ docs/examples/xmlstream.c | 18 ++--- 59 files changed, 715 insertions(+), 725 deletions(-) diff --git a/docs/examples/10-at-a-time.c b/docs/examples/10-at-a-time.c index ec38592671..bddcd15637 100644 --- a/docs/examples/10-at-a-time.c +++ b/docs/examples/10-at-a-time.c @@ -91,68 +91,68 @@ static size_t write_cb(char *data, size_t n, size_t l, void *userp) return n * l; } -static void add_transfer(CURLM *cm, unsigned int i, int *left) +static void add_transfer(CURLM *multi, unsigned int i, int *left) { - CURL *eh = curl_easy_init(); - if(eh) { - curl_easy_setopt(eh, CURLOPT_WRITEFUNCTION, write_cb); - curl_easy_setopt(eh, CURLOPT_URL, urls[i]); - curl_easy_setopt(eh, CURLOPT_PRIVATE, urls[i]); - curl_multi_add_handle(cm, eh); + CURL *curl = curl_easy_init(); + if(curl) { + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); + curl_easy_setopt(curl, CURLOPT_URL, urls[i]); + curl_easy_setopt(curl, CURLOPT_PRIVATE, urls[i]); + curl_multi_add_handle(multi, curl); } (*left)++; } int main(void) { - CURLM *cm; + CURLM *multi; CURLcode res = curl_global_init(CURL_GLOBAL_ALL); if(res) return (int)res; - cm = curl_multi_init(); - if(cm) { + multi = curl_multi_init(); + if(multi) { CURLMsg *msg; unsigned int transfers = 0; int msgs_left = -1; int left = 0; /* Limit the amount of simultaneous connections curl should allow: */ - curl_multi_setopt(cm, CURLMOPT_MAXCONNECTS, (long)MAX_PARALLEL); + curl_multi_setopt(multi, CURLMOPT_MAXCONNECTS, (long)MAX_PARALLEL); for(transfers = 0; transfers < MAX_PARALLEL && transfers < NUM_URLS; transfers++) - add_transfer(cm, transfers, &left); + add_transfer(multi, transfers, &left); do { int still_alive = 1; - curl_multi_perform(cm, &still_alive); + curl_multi_perform(multi, &still_alive); /* !checksrc! disable EQUALSNULL 1 */ - while((msg = curl_multi_info_read(cm, &msgs_left)) != NULL) { + while((msg = curl_multi_info_read(multi, &msgs_left)) != NULL) { if(msg->msg == CURLMSG_DONE) { char *url; - CURL *e = msg->easy_handle; - curl_easy_getinfo(msg->easy_handle, CURLINFO_PRIVATE, &url); + CURL *curl = msg->easy_handle; + curl_easy_getinfo(curl, CURLINFO_PRIVATE, &url); fprintf(stderr, "R: %d - %s <%s>\n", msg->data.result, curl_easy_strerror(msg->data.result), url); - curl_multi_remove_handle(cm, e); - curl_easy_cleanup(e); + curl_multi_remove_handle(multi, curl); + curl_easy_cleanup(curl); left--; } else { fprintf(stderr, "E: CURLMsg (%d)\n", msg->msg); } if(transfers < NUM_URLS) - add_transfer(cm, transfers++, &left); + add_transfer(multi, transfers++, &left); } if(left) - curl_multi_wait(cm, NULL, 0, 1000, NULL); + curl_multi_wait(multi, NULL, 0, 1000, NULL); } while(left); - curl_multi_cleanup(cm); + curl_multi_cleanup(multi); } curl_global_cleanup(); diff --git a/docs/examples/anyauthput.c b/docs/examples/anyauthput.c index 8718ac98bb..c905b8b459 100644 --- a/docs/examples/anyauthput.c +++ b/docs/examples/anyauthput.c @@ -69,7 +69,7 @@ static int my_seek(void *userp, curl_off_t offset, int origin) } /* read callback function, fread() look alike */ -static size_t read_callback(char *ptr, size_t size, size_t nmemb, void *stream) +static size_t read_cb(char *ptr, size_t size, size_t nmemb, void *stream) { size_t nread; @@ -124,7 +124,7 @@ int main(int argc, char **argv) curl = curl_easy_init(); if(curl) { /* we want to use our own read function */ - curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_callback); + curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_cb); /* which file to upload */ curl_easy_setopt(curl, CURLOPT_READDATA, (void *) fp); diff --git a/docs/examples/cacertinmem.c b/docs/examples/cacertinmem.c index 5855d872b6..15b11a3b61 100644 --- a/docs/examples/cacertinmem.c +++ b/docs/examples/cacertinmem.c @@ -48,7 +48,7 @@ typedef size_t ossl_valsize_t; typedef int ossl_valsize_t; #endif -static size_t writefunction(void *ptr, size_t size, size_t nmemb, void *stream) +static size_t write_cb(void *ptr, size_t size, size_t nmemb, void *stream) { fwrite(ptr, size, nmemb, (FILE *)stream); return nmemb * size; @@ -115,37 +115,37 @@ static CURLcode sslctx_function(CURL *curl, void *sslctx, void *pointer) int main(void) { - CURL *ch; + CURL *curl; CURLcode res = curl_global_init(CURL_GLOBAL_ALL); if(res) return (int)res; - ch = curl_easy_init(); - if(ch) { - curl_easy_setopt(ch, CURLOPT_VERBOSE, 0L); - curl_easy_setopt(ch, CURLOPT_HEADER, 0L); - curl_easy_setopt(ch, CURLOPT_NOPROGRESS, 1L); - curl_easy_setopt(ch, CURLOPT_NOSIGNAL, 1L); - curl_easy_setopt(ch, CURLOPT_WRITEFUNCTION, writefunction); - curl_easy_setopt(ch, CURLOPT_WRITEDATA, stdout); - curl_easy_setopt(ch, CURLOPT_HEADERFUNCTION, writefunction); - curl_easy_setopt(ch, CURLOPT_HEADERDATA, stderr); - curl_easy_setopt(ch, CURLOPT_SSLCERTTYPE, "PEM"); - curl_easy_setopt(ch, CURLOPT_SSL_VERIFYPEER, 1L); - curl_easy_setopt(ch, CURLOPT_URL, "https://www.example.com/"); + curl = curl_easy_init(); + if(curl) { + curl_easy_setopt(curl, CURLOPT_VERBOSE, 0L); + curl_easy_setopt(curl, CURLOPT_HEADER, 0L); + curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 1L); + curl_easy_setopt(curl, CURLOPT_NOSIGNAL, 1L); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); + curl_easy_setopt(curl, CURLOPT_WRITEDATA, stdout); + curl_easy_setopt(curl, CURLOPT_HEADERFUNCTION, write_cb); + curl_easy_setopt(curl, CURLOPT_HEADERDATA, stderr); + curl_easy_setopt(curl, CURLOPT_SSLCERTTYPE, "PEM"); + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 1L); + curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.com/"); /* Turn off the default CA locations, otherwise libcurl loads CA * certificates from the locations that were detected/specified at * build-time */ - curl_easy_setopt(ch, CURLOPT_CAINFO, NULL); - curl_easy_setopt(ch, CURLOPT_CAPATH, NULL); + curl_easy_setopt(curl, CURLOPT_CAINFO, NULL); + curl_easy_setopt(curl, CURLOPT_CAPATH, NULL); /* first try: retrieve page without ca certificates -> should fail * unless libcurl was built --with-ca-fallback enabled at build-time */ - res = curl_easy_perform(ch); + res = curl_easy_perform(curl); if(res == CURLE_OK) printf("*** transfer succeeded ***\n"); else @@ -155,24 +155,24 @@ int main(void) * performance of multiple transfers but it is necessary order to * demonstrate this example. recall that the ssl ctx callback is only * called _before_ an SSL connection is established, therefore it does not - * affect existing verified SSL connections already in the connection cache - * associated with this handle. normally you would set the ssl ctx function - * before making any transfers, and not use this option. + * affect existing verified SSL connections already in the connection + * cache associated with this handle. normally you would set the ssl ctx + * function before making any transfers, and not use this option. */ - curl_easy_setopt(ch, CURLOPT_FRESH_CONNECT, 1L); + curl_easy_setopt(curl, CURLOPT_FRESH_CONNECT, 1L); - /* second try: retrieve page using cacerts' certificate -> succeeds to load - * the certificate by installing a function doing the necessary + /* second try: retrieve page using cacerts' certificate -> succeeds to + * load the certificate by installing a function doing the necessary * "modifications" to the SSL CONTEXT just before link init */ - curl_easy_setopt(ch, CURLOPT_SSL_CTX_FUNCTION, sslctx_function); - res = curl_easy_perform(ch); + curl_easy_setopt(curl, CURLOPT_SSL_CTX_FUNCTION, sslctx_function); + res = curl_easy_perform(curl); if(res == CURLE_OK) printf("*** transfer succeeded ***\n"); else printf("*** transfer failed ***\n"); - curl_easy_cleanup(ch); + curl_easy_cleanup(curl); } curl_global_cleanup(); return (int)res; diff --git a/docs/examples/certinfo.c b/docs/examples/certinfo.c index 0443aa42f4..3176d0a1fc 100644 --- a/docs/examples/certinfo.c +++ b/docs/examples/certinfo.c @@ -29,7 +29,7 @@ #include -static size_t wrfu(void *ptr, size_t size, size_t nmemb, void *stream) +static size_t write_cb(void *ptr, size_t size, size_t nmemb, void *stream) { (void)stream; (void)ptr; @@ -49,7 +49,7 @@ int main(void) if(curl) { curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.com/"); - curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, wrfu); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L); diff --git a/docs/examples/chkspeed.c b/docs/examples/chkspeed.c index 6cb1304c87..ea71e6ad70 100644 --- a/docs/examples/chkspeed.c +++ b/docs/examples/chkspeed.c @@ -52,7 +52,7 @@ #define CHKSPEED_VERSION "1.0" -static size_t WriteCallback(void *ptr, size_t size, size_t nmemb, void *data) +static size_t write_cb(void *ptr, size_t size, size_t nmemb, void *data) { /* we are not interested in the downloaded bytes itself, so we only return the size we would have saved ... */ @@ -63,7 +63,7 @@ static size_t WriteCallback(void *ptr, size_t size, size_t nmemb, void *data) int main(int argc, char *argv[]) { - CURL *curl_handle; + CURL *curl; CURLcode res; int prtall = 0, prtsep = 0, prttime = 0; const char *url = URL_1M; @@ -161,33 +161,33 @@ int main(int argc, char *argv[]) return (int)res; /* init the curl session */ - curl_handle = curl_easy_init(); - if(curl_handle) { + curl = curl_easy_init(); + if(curl) { /* specify URL to get */ - curl_easy_setopt(curl_handle, CURLOPT_URL, url); + curl_easy_setopt(curl, CURLOPT_URL, url); /* send all data to this function */ - curl_easy_setopt(curl_handle, CURLOPT_WRITEFUNCTION, WriteCallback); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); /* some servers do not like requests that are made without a user-agent field, so we provide one */ - curl_easy_setopt(curl_handle, CURLOPT_USERAGENT, + curl_easy_setopt(curl, CURLOPT_USERAGENT, "libcurl-speedchecker/" CHKSPEED_VERSION); /* get it! */ - res = curl_easy_perform(curl_handle); + res = curl_easy_perform(curl); if(CURLE_OK == res) { curl_off_t val; /* check for bytes downloaded */ - res = curl_easy_getinfo(curl_handle, CURLINFO_SIZE_DOWNLOAD_T, &val); + res = curl_easy_getinfo(curl, CURLINFO_SIZE_DOWNLOAD_T, &val); if((CURLE_OK == res) && (val > 0)) printf("Data downloaded: %" CURL_FORMAT_CURL_OFF_T " bytes.\n", val); /* check for total download time */ - res = curl_easy_getinfo(curl_handle, CURLINFO_TOTAL_TIME_T, &val); + res = curl_easy_getinfo(curl, CURLINFO_TOTAL_TIME_T, &val); if((CURLE_OK == res) && (val > 0)) printf("Total download time: %" CURL_FORMAT_CURL_OFF_T ".%06" CURL_FORMAT_CURL_OFF_T " sec.\n", @@ -195,7 +195,7 @@ int main(int argc, char *argv[]) val % 1000000); /* check for average download speed */ - res = curl_easy_getinfo(curl_handle, CURLINFO_SPEED_DOWNLOAD_T, &val); + res = curl_easy_getinfo(curl, CURLINFO_SPEED_DOWNLOAD_T, &val); if((CURLE_OK == res) && (val > 0)) printf("Average download speed: " "%" CURL_FORMAT_CURL_OFF_T " kbyte/sec.\n", @@ -203,7 +203,7 @@ int main(int argc, char *argv[]) if(prtall) { /* check for name resolution time */ - res = curl_easy_getinfo(curl_handle, CURLINFO_NAMELOOKUP_TIME_T, &val); + res = curl_easy_getinfo(curl, CURLINFO_NAMELOOKUP_TIME_T, &val); if((CURLE_OK == res) && (val > 0)) printf("Name lookup time: %" CURL_FORMAT_CURL_OFF_T ".%06" CURL_FORMAT_CURL_OFF_T " sec.\n", @@ -211,7 +211,7 @@ int main(int argc, char *argv[]) val % 1000000); /* check for connect time */ - res = curl_easy_getinfo(curl_handle, CURLINFO_CONNECT_TIME_T, &val); + res = curl_easy_getinfo(curl, CURLINFO_CONNECT_TIME_T, &val); if((CURLE_OK == res) && (val > 0)) printf("Connect time: %" CURL_FORMAT_CURL_OFF_T ".%06" CURL_FORMAT_CURL_OFF_T " sec.\n", @@ -225,7 +225,7 @@ int main(int argc, char *argv[]) } /* cleanup curl stuff */ - curl_easy_cleanup(curl_handle); + curl_easy_cleanup(curl); } /* we are done with libcurl, so clean it up */ diff --git a/docs/examples/crawler.c b/docs/examples/crawler.c index e8dbf244f9..c56ad5ab3c 100644 --- a/docs/examples/crawler.c +++ b/docs/examples/crawler.c @@ -60,7 +60,7 @@ struct memory { size_t size; }; -static size_t grow_buffer(void *contents, size_t sz, size_t nmemb, void *ctx) +static size_t write_cb(void *contents, size_t sz, size_t nmemb, void *ctx) { size_t realsize = sz * nmemb; struct memory *mem = (struct memory*) ctx; @@ -78,48 +78,48 @@ static size_t grow_buffer(void *contents, size_t sz, size_t nmemb, void *ctx) static CURL *make_handle(const char *url) { - CURL *handle = curl_easy_init(); + CURL *curl = curl_easy_init(); struct memory *mem; /* Important: use HTTP2 over HTTPS */ - curl_easy_setopt(handle, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2TLS); - curl_easy_setopt(handle, CURLOPT_URL, url); + curl_easy_setopt(curl, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2TLS); + curl_easy_setopt(curl, CURLOPT_URL, url); /* buffer body */ mem = malloc(sizeof(*mem)); mem->size = 0; mem->buf = malloc(1); - curl_easy_setopt(handle, CURLOPT_WRITEFUNCTION, grow_buffer); - curl_easy_setopt(handle, CURLOPT_WRITEDATA, mem); - curl_easy_setopt(handle, CURLOPT_PRIVATE, mem); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); + curl_easy_setopt(curl, CURLOPT_WRITEDATA, mem); + curl_easy_setopt(curl, CURLOPT_PRIVATE, mem); /* For completeness */ - curl_easy_setopt(handle, CURLOPT_ACCEPT_ENCODING, ""); - curl_easy_setopt(handle, CURLOPT_TIMEOUT, 5L); - curl_easy_setopt(handle, CURLOPT_FOLLOWLOCATION, 1L); + curl_easy_setopt(curl, CURLOPT_ACCEPT_ENCODING, ""); + curl_easy_setopt(curl, CURLOPT_TIMEOUT, 5L); + curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L); /* only allow redirects to HTTP and HTTPS URLs */ - curl_easy_setopt(handle, CURLOPT_REDIR_PROTOCOLS_STR, "http,https"); - curl_easy_setopt(handle, CURLOPT_AUTOREFERER, 1L); - curl_easy_setopt(handle, CURLOPT_MAXREDIRS, 10L); + curl_easy_setopt(curl, CURLOPT_REDIR_PROTOCOLS_STR, "http,https"); + curl_easy_setopt(curl, CURLOPT_AUTOREFERER, 1L); + curl_easy_setopt(curl, CURLOPT_MAXREDIRS, 10L); /* each transfer needs to be done within 20 seconds! */ - curl_easy_setopt(handle, CURLOPT_TIMEOUT_MS, 20000L); + curl_easy_setopt(curl, CURLOPT_TIMEOUT_MS, 20000L); /* connect fast or fail */ - curl_easy_setopt(handle, CURLOPT_CONNECTTIMEOUT_MS, 2000L); + curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT_MS, 2000L); /* skip files larger than a gigabyte */ - curl_easy_setopt(handle, CURLOPT_MAXFILESIZE_LARGE, + curl_easy_setopt(curl, CURLOPT_MAXFILESIZE_LARGE, (curl_off_t)1024*1024*1024); - curl_easy_setopt(handle, CURLOPT_COOKIEFILE, ""); - curl_easy_setopt(handle, CURLOPT_FILETIME, 1L); - curl_easy_setopt(handle, CURLOPT_USERAGENT, "mini crawler"); - curl_easy_setopt(handle, CURLOPT_HTTPAUTH, CURLAUTH_ANY); - curl_easy_setopt(handle, CURLOPT_UNRESTRICTED_AUTH, 1L); - curl_easy_setopt(handle, CURLOPT_PROXYAUTH, CURLAUTH_ANY); - curl_easy_setopt(handle, CURLOPT_EXPECT_100_TIMEOUT_MS, 0L); - return handle; + curl_easy_setopt(curl, CURLOPT_COOKIEFILE, ""); + curl_easy_setopt(curl, CURLOPT_FILETIME, 1L); + curl_easy_setopt(curl, CURLOPT_USERAGENT, "mini crawler"); + curl_easy_setopt(curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY); + curl_easy_setopt(curl, CURLOPT_UNRESTRICTED_AUTH, 1L); + curl_easy_setopt(curl, CURLOPT_PROXYAUTH, CURLAUTH_ANY); + curl_easy_setopt(curl, CURLOPT_EXPECT_100_TIMEOUT_MS, 0L); + return curl; } /* HREF finder implemented in libxml2 but could be any HTML parser */ -static size_t follow_links(CURLM *multi_handle, struct memory *mem, +static size_t follow_links(CURLM *multi, struct memory *mem, const char *url) { int opts = HTML_PARSE_NOBLANKS | HTML_PARSE_NOERROR | \ @@ -160,7 +160,7 @@ static size_t follow_links(CURLM *multi_handle, struct memory *mem, if(!link || strlen(link) < 20) continue; if(!strncmp(link, "http://", 7) || !strncmp(link, "https://", 8)) { - curl_multi_add_handle(multi_handle, make_handle(link)); + curl_multi_add_handle(multi, make_handle(link)); if(count++ == max_link_per_page) break; } @@ -177,7 +177,7 @@ static int is_html(char *ctype) int main(void) { - CURLM *multi_handle; + CURLM *multi; int msgs_left; int pending; int complete; @@ -190,18 +190,18 @@ int main(void) signal(SIGINT, sighandler); LIBXML_TEST_VERSION - multi_handle = curl_multi_init(); - if(multi_handle) { - curl_multi_setopt(multi_handle, CURLMOPT_MAX_TOTAL_CONNECTIONS, max_con); - curl_multi_setopt(multi_handle, CURLMOPT_MAX_HOST_CONNECTIONS, 6L); + multi = curl_multi_init(); + if(multi) { + curl_multi_setopt(multi, CURLMOPT_MAX_TOTAL_CONNECTIONS, max_con); + curl_multi_setopt(multi, CURLMOPT_MAX_HOST_CONNECTIONS, 6L); /* enables http/2 if available */ #ifdef CURLPIPE_MULTIPLEX - curl_multi_setopt(multi_handle, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX); + curl_multi_setopt(multi, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX); #endif /* sets html start page */ - curl_multi_add_handle(multi_handle, make_handle(start_page)); + curl_multi_add_handle(multi, make_handle(start_page)); pending = 0; complete = 0; @@ -210,29 +210,29 @@ int main(void) int numfds; CURLMsg *m; - curl_multi_wait(multi_handle, NULL, 0, 1000, &numfds); - curl_multi_perform(multi_handle, &still_running); + curl_multi_wait(multi, NULL, 0, 1000, &numfds); + curl_multi_perform(multi, &still_running); /* See how the transfers went */ m = NULL; - while((m = curl_multi_info_read(multi_handle, &msgs_left))) { + while((m = curl_multi_info_read(multi, &msgs_left))) { if(m->msg == CURLMSG_DONE) { - CURL *handle = m->easy_handle; + CURL *curl = m->easy_handle; char *url; struct memory *mem; - curl_easy_getinfo(handle, CURLINFO_PRIVATE, &mem); - curl_easy_getinfo(handle, CURLINFO_EFFECTIVE_URL, &url); + curl_easy_getinfo(curl, CURLINFO_PRIVATE, &mem); + curl_easy_getinfo(curl, CURLINFO_EFFECTIVE_URL, &url); if(m->data.result == CURLE_OK) { long res_status; - curl_easy_getinfo(handle, CURLINFO_RESPONSE_CODE, &res_status); + curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &res_status); if(res_status == 200) { char *ctype; - curl_easy_getinfo(handle, CURLINFO_CONTENT_TYPE, &ctype); + curl_easy_getinfo(curl, CURLINFO_CONTENT_TYPE, &ctype); printf("[%d] HTTP 200 (%s): %s\n", complete, ctype, url); if(is_html(ctype) && mem->size > 100) { if(pending < max_requests && (complete + pending) < max_total) { - pending += follow_links(multi_handle, mem, url); + pending += follow_links(multi_curl, mem, url); still_running = 1; } } @@ -244,8 +244,8 @@ int main(void) else { printf("[%d] Connection failure: %s\n", complete, url); } - curl_multi_remove_handle(multi_handle, handle); - curl_easy_cleanup(handle); + curl_multi_remove_handle(multi, curl); + curl_easy_cleanup(curl); free(mem->buf); free(mem); complete++; @@ -253,7 +253,7 @@ int main(void) } } } - curl_multi_cleanup(multi_handle); + curl_multi_cleanup(multi); } curl_global_cleanup(); return 0; diff --git a/docs/examples/debug.c b/docs/examples/debug.c index 3c8355df05..ff522b0ce1 100644 --- a/docs/examples/debug.c +++ b/docs/examples/debug.c @@ -81,12 +81,12 @@ static void dump(const char *text, FILE *stream, unsigned char *ptr, fflush(stream); } -static int my_trace(CURL *handle, curl_infotype type, +static int my_trace(CURL *curl, curl_infotype type, char *data, size_t size, void *userp) { struct data *config = (struct data *)userp; const char *text; - (void)handle; + (void)curl; switch(type) { case CURLINFO_TEXT: diff --git a/docs/examples/ephiperfifo.c b/docs/examples/ephiperfifo.c index c22a360101..026967f3ec 100644 --- a/docs/examples/ephiperfifo.c +++ b/docs/examples/ephiperfifo.c @@ -90,7 +90,7 @@ struct GlobalInfo { /* Information associated with a specific easy handle */ struct ConnInfo { - CURL *easy; + CURL *curl; char *url; struct GlobalInfo *global; char error[CURL_ERROR_SIZE]; @@ -99,7 +99,7 @@ struct ConnInfo { /* Information associated with a specific socket */ struct SockInfo { curl_socket_t sockfd; - CURL *easy; + CURL *curl; int action; long timeout; struct GlobalInfo *global; @@ -172,20 +172,18 @@ static void check_multi_info(struct GlobalInfo *g) CURLMsg *msg; int msgs_left; struct ConnInfo *conn; - CURL *easy; - CURLcode res; fprintf(MSG_OUT, "REMAINING: %d\n", g->still_running); while((msg = curl_multi_info_read(g->multi, &msgs_left))) { if(msg->msg == CURLMSG_DONE) { - easy = msg->easy_handle; - res = msg->data.result; - curl_easy_getinfo(easy, CURLINFO_PRIVATE, &conn); - curl_easy_getinfo(easy, CURLINFO_EFFECTIVE_URL, &eff_url); + CURL *curl = msg->easy_handle; + CURLcode res = msg->data.result; + curl_easy_getinfo(curl, CURLINFO_PRIVATE, &conn); + curl_easy_getinfo(curl, CURLINFO_EFFECTIVE_URL, &eff_url); fprintf(MSG_OUT, "DONE: %s => (%d) %s\n", eff_url, res, conn->error); - curl_multi_remove_handle(g->multi, easy); + curl_multi_remove_handle(g->multi, curl); free(conn->url); - curl_easy_cleanup(easy); + curl_easy_cleanup(curl); free(conn); } } @@ -270,7 +268,7 @@ static void setsock(struct SockInfo *f, curl_socket_t s, CURL *e, int act, f->sockfd = s; f->action = act; - f->easy = e; + f->curl = e; ev.events = kind; ev.data.fd = s; @@ -280,13 +278,13 @@ static void setsock(struct SockInfo *f, curl_socket_t s, CURL *e, int act, } /* Initialize a new SockInfo structure */ -static void addsock(curl_socket_t s, CURL *easy, int action, +static void addsock(curl_socket_t s, CURL *curl, int action, struct GlobalInfo *g) { struct SockInfo *fdp = (struct SockInfo*)calloc(1, sizeof(struct SockInfo)); fdp->global = g; - setsock(fdp, s, easy, action, g); + setsock(fdp, s, curl, action, g); curl_multi_assign(g->multi, s, fdp); } @@ -347,28 +345,28 @@ static void new_conn(const char *url, struct GlobalInfo *g) conn = (struct ConnInfo*)calloc(1, sizeof(*conn)); conn->error[0] = '\0'; - conn->easy = curl_easy_init(); - if(!conn->easy) { + conn->curl = curl_easy_init(); + if(!conn->curl) { fprintf(MSG_OUT, "curl_easy_init() failed, exiting!\n"); exit(2); } conn->global = g; conn->url = strdup(url); - curl_easy_setopt(conn->easy, CURLOPT_URL, conn->url); - curl_easy_setopt(conn->easy, CURLOPT_WRITEFUNCTION, write_cb); - curl_easy_setopt(conn->easy, CURLOPT_WRITEDATA, conn); - curl_easy_setopt(conn->easy, CURLOPT_VERBOSE, 1L); - curl_easy_setopt(conn->easy, CURLOPT_ERRORBUFFER, conn->error); - curl_easy_setopt(conn->easy, CURLOPT_PRIVATE, conn); - curl_easy_setopt(conn->easy, CURLOPT_NOPROGRESS, 0L); - curl_easy_setopt(conn->easy, CURLOPT_PROGRESSFUNCTION, prog_cb); - curl_easy_setopt(conn->easy, CURLOPT_PROGRESSDATA, conn); - curl_easy_setopt(conn->easy, CURLOPT_FOLLOWLOCATION, 1L); - curl_easy_setopt(conn->easy, CURLOPT_LOW_SPEED_TIME, 3L); - curl_easy_setopt(conn->easy, CURLOPT_LOW_SPEED_LIMIT, 10L); + curl_easy_setopt(conn->curl, CURLOPT_URL, conn->url); + curl_easy_setopt(conn->curl, CURLOPT_WRITEFUNCTION, write_cb); + curl_easy_setopt(conn->curl, CURLOPT_WRITEDATA, conn); + curl_easy_setopt(conn->curl, CURLOPT_VERBOSE, 1L); + curl_easy_setopt(conn->curl, CURLOPT_ERRORBUFFER, conn->error); + curl_easy_setopt(conn->curl, CURLOPT_PRIVATE, conn); + curl_easy_setopt(conn->curl, CURLOPT_NOPROGRESS, 0L); + curl_easy_setopt(conn->curl, CURLOPT_PROGRESSFUNCTION, prog_cb); + curl_easy_setopt(conn->curl, CURLOPT_PROGRESSDATA, conn); + curl_easy_setopt(conn->curl, CURLOPT_FOLLOWLOCATION, 1L); + curl_easy_setopt(conn->curl, CURLOPT_LOW_SPEED_TIME, 3L); + curl_easy_setopt(conn->curl, CURLOPT_LOW_SPEED_LIMIT, 10L); fprintf(MSG_OUT, - "Adding easy %p to multi %p (%s)\n", conn->easy, g->multi, url); - rc = curl_multi_add_handle(g->multi, conn->easy); + "Adding easy %p to multi %p (%s)\n", conn->curl, g->multi, url); + rc = curl_multi_add_handle(g->multi, conn->curl); mcode_or_die("new_conn: curl_multi_add_handle", rc); /* note that the add_handle() sets a timeout to trigger soon so that the diff --git a/docs/examples/evhiperfifo.c b/docs/examples/evhiperfifo.c index 79dfd34521..21f188549b 100644 --- a/docs/examples/evhiperfifo.c +++ b/docs/examples/evhiperfifo.c @@ -90,7 +90,7 @@ struct GlobalInfo { /* Information associated with a specific easy handle */ struct ConnInfo { - CURL *easy; + CURL *curl; char *url; struct GlobalInfo *global; char error[CURL_ERROR_SIZE]; @@ -99,7 +99,7 @@ struct ConnInfo { /* Information associated with a specific socket */ struct SockInfo { curl_socket_t sockfd; - CURL *easy; + CURL *curl; int action; long timeout; struct ev_io ev; @@ -169,20 +169,18 @@ static void check_multi_info(struct GlobalInfo *g) CURLMsg *msg; int msgs_left; struct ConnInfo *conn; - CURL *easy; - CURLcode res; fprintf(MSG_OUT, "REMAINING: %d\n", g->still_running); while((msg = curl_multi_info_read(g->multi, &msgs_left))) { if(msg->msg == CURLMSG_DONE) { - easy = msg->easy_handle; - res = msg->data.result; - curl_easy_getinfo(easy, CURLINFO_PRIVATE, &conn); - curl_easy_getinfo(easy, CURLINFO_EFFECTIVE_URL, &eff_url); + CURL *curl = msg->easy_handle; + CURLcode res = msg->data.result; + curl_easy_getinfo(curl, CURLINFO_PRIVATE, &conn); + curl_easy_getinfo(curl, CURLINFO_EFFECTIVE_URL, &eff_url); fprintf(MSG_OUT, "DONE: %s => (%d) %s\n", eff_url, res, conn->error); - curl_multi_remove_handle(g->multi, easy); + curl_multi_remove_handle(g->multi, curl); free(conn->url); - curl_easy_cleanup(easy); + curl_easy_cleanup(curl); free(conn); } } @@ -247,7 +245,7 @@ static void setsock(struct SockInfo *f, curl_socket_t s, CURL *e, int act, f->sockfd = s; f->action = act; - f->easy = e; + f->curl = e; if(f->evset) ev_io_stop(g->loop, &f->ev); ev_io_init(&f->ev, event_cb, f->sockfd, kind); @@ -257,13 +255,13 @@ static void setsock(struct SockInfo *f, curl_socket_t s, CURL *e, int act, } /* Initialize a new SockInfo structure */ -static void addsock(curl_socket_t s, CURL *easy, int action, +static void addsock(curl_socket_t s, CURL *curl, int action, struct GlobalInfo *g) { struct SockInfo *fdp = calloc(1, sizeof(struct SockInfo)); fdp->global = g; - setsock(fdp, s, easy, action, g); + setsock(fdp, s, curl, action, g); curl_multi_assign(g->multi, s, fdp); } @@ -330,28 +328,28 @@ static void new_conn(const char *url, struct GlobalInfo *g) conn = calloc(1, sizeof(*conn)); conn->error[0]='\0'; - conn->easy = curl_easy_init(); - if(!conn->easy) { + conn->curl = curl_easy_init(); + if(!conn->curl) { fprintf(MSG_OUT, "curl_easy_init() failed, exiting!\n"); exit(2); } conn->global = g; conn->url = strdup(url); - curl_easy_setopt(conn->easy, CURLOPT_URL, conn->url); - curl_easy_setopt(conn->easy, CURLOPT_WRITEFUNCTION, write_cb); - curl_easy_setopt(conn->easy, CURLOPT_WRITEDATA, conn); - curl_easy_setopt(conn->easy, CURLOPT_VERBOSE, 1L); - curl_easy_setopt(conn->easy, CURLOPT_ERRORBUFFER, conn->error); - curl_easy_setopt(conn->easy, CURLOPT_PRIVATE, conn); - curl_easy_setopt(conn->easy, CURLOPT_NOPROGRESS, 0L); - curl_easy_setopt(conn->easy, CURLOPT_XFERINFOFUNCTION, xferinfo_cb); - curl_easy_setopt(conn->easy, CURLOPT_PROGRESSDATA, conn); - curl_easy_setopt(conn->easy, CURLOPT_LOW_SPEED_TIME, 3L); - curl_easy_setopt(conn->easy, CURLOPT_LOW_SPEED_LIMIT, 10L); + curl_easy_setopt(conn->curl, CURLOPT_URL, conn->url); + curl_easy_setopt(conn->curl, CURLOPT_WRITEFUNCTION, write_cb); + curl_easy_setopt(conn->curl, CURLOPT_WRITEDATA, conn); + curl_easy_setopt(conn->curl, CURLOPT_VERBOSE, 1L); + curl_easy_setopt(conn->curl, CURLOPT_ERRORBUFFER, conn->error); + curl_easy_setopt(conn->curl, CURLOPT_PRIVATE, conn); + curl_easy_setopt(conn->curl, CURLOPT_NOPROGRESS, 0L); + curl_easy_setopt(conn->curl, CURLOPT_XFERINFOFUNCTION, xferinfo_cb); + curl_easy_setopt(conn->curl, CURLOPT_PROGRESSDATA, conn); + curl_easy_setopt(conn->curl, CURLOPT_LOW_SPEED_TIME, 3L); + curl_easy_setopt(conn->curl, CURLOPT_LOW_SPEED_LIMIT, 10L); fprintf(MSG_OUT, - "Adding easy %p to multi %p (%s)\n", conn->easy, g->multi, url); - rc = curl_multi_add_handle(g->multi, conn->easy); + "Adding easy %p to multi %p (%s)\n", conn->curl, g->multi, url); + rc = curl_multi_add_handle(g->multi, conn->curl); mcode_or_die("new_conn: curl_multi_add_handle", rc); /* note that add_handle() sets a timeout to trigger soon so that the diff --git a/docs/examples/externalsocket.c b/docs/examples/externalsocket.c index 99e719b745..7415cff81f 100644 --- a/docs/examples/externalsocket.c +++ b/docs/examples/externalsocket.c @@ -60,7 +60,7 @@ #define INADDR_NONE 0xffffffff #endif -static size_t write_data(void *ptr, size_t size, size_t nmemb, void *stream) +static size_t write_cb(void *ptr, size_t size, size_t nmemb, void *stream) { size_t written = fwrite(ptr, size, nmemb, (FILE *)stream); return written; @@ -143,7 +143,7 @@ int main(void) curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 1L); /* send all data to this function */ - curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_data); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); /* call this function to get a socket */ curl_easy_setopt(curl, CURLOPT_OPENSOCKETFUNCTION, opensocket); diff --git a/docs/examples/ftp-delete.c b/docs/examples/ftp-delete.c index f5c553ff68..e43dd30f2f 100644 --- a/docs/examples/ftp-delete.c +++ b/docs/examples/ftp-delete.c @@ -30,7 +30,7 @@ * */ -static size_t my_fwrite(void *buffer, size_t size, size_t nmemb, void *stream) +static size_t write_cb(void *buffer, size_t size, size_t nmemb, void *stream) { (void)buffer; (void)stream; @@ -54,7 +54,7 @@ int main(void) */ curl_easy_setopt(curl, CURLOPT_URL, "ftp://ftp.example.com/"); /* Define our callback to get called when there is data to be written */ - curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, my_fwrite); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); /* Switch on full protocol/debug output */ curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); diff --git a/docs/examples/ftp-wildcard.c b/docs/examples/ftp-wildcard.c index 0861f2f048..79386f9834 100644 --- a/docs/examples/ftp-wildcard.c +++ b/docs/examples/ftp-wildcard.c @@ -78,7 +78,7 @@ static long file_is_downloaded(void *input) return CURL_CHUNK_END_FUNC_OK; } -static size_t write_it(char *buff, size_t size, size_t nmemb, +static size_t write_cb(char *buff, size_t size, size_t nmemb, void *cb_data) { struct callback_data *data = cb_data; @@ -94,7 +94,7 @@ static size_t write_it(char *buff, size_t size, size_t nmemb, int main(int argc, char **argv) { /* curl easy handle */ - CURL *handle; + CURL *curl; /* help data */ struct callback_data data = { 0 }; @@ -105,40 +105,40 @@ int main(int argc, char **argv) return (int)res; /* initialization of easy handle */ - handle = curl_easy_init(); - if(!handle) { + curl = curl_easy_init(); + if(!curl) { curl_global_cleanup(); return CURLE_OUT_OF_MEMORY; } /* turn on wildcard matching */ - curl_easy_setopt(handle, CURLOPT_WILDCARDMATCH, 1L); + curl_easy_setopt(curl, CURLOPT_WILDCARDMATCH, 1L); /* callback is called before download of concrete file started */ - curl_easy_setopt(handle, CURLOPT_CHUNK_BGN_FUNCTION, file_is_coming); + curl_easy_setopt(curl, CURLOPT_CHUNK_BGN_FUNCTION, file_is_coming); /* callback is called after data from the file have been transferred */ - curl_easy_setopt(handle, CURLOPT_CHUNK_END_FUNCTION, file_is_downloaded); + curl_easy_setopt(curl, CURLOPT_CHUNK_END_FUNCTION, file_is_downloaded); /* this callback writes contents into files */ - curl_easy_setopt(handle, CURLOPT_WRITEFUNCTION, write_it); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); /* put transfer data into callbacks */ - curl_easy_setopt(handle, CURLOPT_CHUNK_DATA, &data); - curl_easy_setopt(handle, CURLOPT_WRITEDATA, &data); + curl_easy_setopt(curl, CURLOPT_CHUNK_DATA, &data); + curl_easy_setopt(curl, CURLOPT_WRITEDATA, &data); - /* curl_easy_setopt(handle, CURLOPT_VERBOSE, 1L); */ + /* curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); */ /* set a URL containing wildcard pattern (only in the last part) */ if(argc == 2) - curl_easy_setopt(handle, CURLOPT_URL, argv[1]); + curl_easy_setopt(curl, CURLOPT_URL, argv[1]); else - curl_easy_setopt(handle, CURLOPT_URL, "ftp://example.com/test/*"); + curl_easy_setopt(curl, CURLOPT_URL, "ftp://example.com/test/*"); /* and start transfer! */ - res = curl_easy_perform(handle); + res = curl_easy_perform(curl); - curl_easy_cleanup(handle); + curl_easy_cleanup(curl); curl_global_cleanup(); return (int)res; } diff --git a/docs/examples/ftpget.c b/docs/examples/ftpget.c index f4ba1e52aa..391324bf64 100644 --- a/docs/examples/ftpget.c +++ b/docs/examples/ftpget.c @@ -35,7 +35,7 @@ struct FtpFile { FILE *stream; }; -static size_t my_fwrite(void *buffer, size_t size, size_t nmemb, void *stream) +static size_t write_cb(void *buffer, size_t size, size_t nmemb, void *stream) { struct FtpFile *out = (struct FtpFile *)stream; if(!out->stream) { @@ -69,7 +69,7 @@ int main(void) curl_easy_setopt(curl, CURLOPT_URL, "ftp://ftp.example.com/curl/curl-7.9.2.tar.gz"); /* Define our callback to get called when there is data to be written */ - curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, my_fwrite); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); /* Set a pointer to our struct to pass to the callback */ curl_easy_setopt(curl, CURLOPT_WRITEDATA, &ftpfile); diff --git a/docs/examples/ftpsget.c b/docs/examples/ftpsget.c index c2aee89c84..f39046885e 100644 --- a/docs/examples/ftpsget.c +++ b/docs/examples/ftpsget.c @@ -36,7 +36,7 @@ struct FtpFile { FILE *stream; }; -static size_t my_fwrite(void *buffer, size_t size, size_t nmemb, +static size_t write_cb(void *buffer, size_t size, size_t nmemb, void *stream) { struct FtpFile *out = (struct FtpFile *)stream; @@ -73,7 +73,7 @@ int main(void) curl_easy_setopt(curl, CURLOPT_URL, "ftp://user@server/home/user/file.txt"); /* Define our callback to get called when there is data to be written */ - curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, my_fwrite); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); /* Set a pointer to our struct to pass to the callback */ curl_easy_setopt(curl, CURLOPT_WRITEDATA, &ftpfile); diff --git a/docs/examples/ftpupload.c b/docs/examples/ftpupload.c index db3fbfde50..0df41005f5 100644 --- a/docs/examples/ftpupload.c +++ b/docs/examples/ftpupload.c @@ -59,7 +59,7 @@ you MUST also provide a read callback with CURLOPT_READFUNCTION. Failing to do so might give you a crash since a DLL may not use the variable's memory when passed in to it from an app like this. */ -static size_t read_callback(char *ptr, size_t size, size_t nmemb, void *stream) +static size_t read_cb(char *ptr, size_t size, size_t nmemb, void *stream) { unsigned long nread; /* in real-world cases, this would probably get this data differently @@ -123,7 +123,7 @@ int main(void) headerlist = curl_slist_append(headerlist, buf_2); /* we want to use our own read function */ - curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_callback); + curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_cb); /* enable uploading */ curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L); diff --git a/docs/examples/ftpuploadfrommem.c b/docs/examples/ftpuploadfrommem.c index 70242376ae..3ae71fa4ab 100644 --- a/docs/examples/ftpuploadfrommem.c +++ b/docs/examples/ftpuploadfrommem.c @@ -45,7 +45,7 @@ struct WriteThis { size_t sizeleft; }; -static size_t read_callback(char *ptr, size_t size, size_t nmemb, void *userp) +static size_t read_cb(char *ptr, size_t size, size_t nmemb, void *userp) { struct WriteThis *upload = (struct WriteThis *)userp; size_t max = size*nmemb; @@ -99,7 +99,7 @@ int main(void) curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L); /* we want to use our own read function */ - curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_callback); + curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_cb); /* pointer to pass to our read function */ curl_easy_setopt(curl, CURLOPT_READDATA, &upload); diff --git a/docs/examples/ftpuploadresume.c b/docs/examples/ftpuploadresume.c index 13df8541a2..ea972ec193 100644 --- a/docs/examples/ftpuploadresume.c +++ b/docs/examples/ftpuploadresume.c @@ -45,7 +45,7 @@ static size_t getcontentlengthfunc(void *ptr, size_t size, size_t nmemb, } /* discard downloaded data */ -static size_t discardfunc(void *ptr, size_t size, size_t nmemb, void *stream) +static size_t write_cb(void *ptr, size_t size, size_t nmemb, void *stream) { (void)ptr; (void)stream; @@ -53,7 +53,7 @@ static size_t discardfunc(void *ptr, size_t size, size_t nmemb, void *stream) } /* read data to upload */ -static size_t readfunc(char *ptr, size_t size, size_t nmemb, void *stream) +static size_t read_cb(char *ptr, size_t size, size_t nmemb, void *stream) { FILE *f = stream; size_t n; @@ -67,12 +67,12 @@ static size_t readfunc(char *ptr, size_t size, size_t nmemb, void *stream) } -static int upload(CURL *curlhandle, const char *remotepath, +static int upload(CURL *curl, const char *remotepath, const char *localpath, long timeout, long tries) { FILE *f; long uploaded_len = 0; - CURLcode r = CURLE_GOT_NOTHING; + CURLcode res = CURLE_GOT_NOTHING; int c; f = fopen(localpath, "rb"); @@ -83,32 +83,32 @@ static int upload(CURL *curlhandle, const char *remotepath, return 0; } - curl_easy_setopt(curlhandle, CURLOPT_UPLOAD, 1L); + curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L); - curl_easy_setopt(curlhandle, CURLOPT_URL, remotepath); + curl_easy_setopt(curl, CURLOPT_URL, remotepath); if(timeout) - curl_easy_setopt(curlhandle, CURLOPT_SERVER_RESPONSE_TIMEOUT, timeout); + curl_easy_setopt(curl, CURLOPT_SERVER_RESPONSE_TIMEOUT, timeout); - curl_easy_setopt(curlhandle, CURLOPT_HEADERFUNCTION, getcontentlengthfunc); - curl_easy_setopt(curlhandle, CURLOPT_HEADERDATA, &uploaded_len); + curl_easy_setopt(curl, CURLOPT_HEADERFUNCTION, getcontentlengthfunc); + curl_easy_setopt(curl, CURLOPT_HEADERDATA, &uploaded_len); - curl_easy_setopt(curlhandle, CURLOPT_WRITEFUNCTION, discardfunc); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); - curl_easy_setopt(curlhandle, CURLOPT_READFUNCTION, readfunc); - curl_easy_setopt(curlhandle, CURLOPT_READDATA, f); + curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_cb); + curl_easy_setopt(curl, CURLOPT_READDATA, f); /* enable active mode */ - curl_easy_setopt(curlhandle, CURLOPT_FTPPORT, "-"); + curl_easy_setopt(curl, CURLOPT_FTPPORT, "-"); /* allow the server no more than 7 seconds to connect back */ - curl_easy_setopt(curlhandle, CURLOPT_ACCEPTTIMEOUT_MS, 7000L); + curl_easy_setopt(curl, CURLOPT_ACCEPTTIMEOUT_MS, 7000L); - curl_easy_setopt(curlhandle, CURLOPT_FTP_CREATE_MISSING_DIRS, 1L); + curl_easy_setopt(curl, CURLOPT_FTP_CREATE_MISSING_DIRS, 1L); - curl_easy_setopt(curlhandle, CURLOPT_VERBOSE, 1L); + curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); - for(c = 0; (r != CURLE_OK) && (c < tries); c++) { + for(c = 0; (res != CURLE_OK) && (c < tries); c++) { /* are we resuming? */ if(c) { /* yes */ /* determine the length of the file already written */ @@ -116,55 +116,52 @@ static int upload(CURL *curlhandle, const char *remotepath, /* * With NOBODY and NOHEADER, libcurl issues a SIZE command, but the only * way to retrieve the result is to parse the returned Content-Length - * header. Thus, getcontentlengthfunc(). We need discardfunc() above + * header. Thus, getcontentlengthfunc(). We need write_cb() above * because HEADER dumps the headers to stdout without it. */ - curl_easy_setopt(curlhandle, CURLOPT_NOBODY, 1L); - curl_easy_setopt(curlhandle, CURLOPT_HEADER, 1L); + curl_easy_setopt(curl, CURLOPT_NOBODY, 1L); + curl_easy_setopt(curl, CURLOPT_HEADER, 1L); - r = curl_easy_perform(curlhandle); - if(r != CURLE_OK) + res = curl_easy_perform(curl); + if(res != CURLE_OK) continue; - curl_easy_setopt(curlhandle, CURLOPT_NOBODY, 0L); - curl_easy_setopt(curlhandle, CURLOPT_HEADER, 0L); + curl_easy_setopt(curl, CURLOPT_NOBODY, 0L); + curl_easy_setopt(curl, CURLOPT_HEADER, 0L); fseek(f, uploaded_len, SEEK_SET); - curl_easy_setopt(curlhandle, CURLOPT_APPEND, 1L); + curl_easy_setopt(curl, CURLOPT_APPEND, 1L); } else { /* no */ - curl_easy_setopt(curlhandle, CURLOPT_APPEND, 0L); + curl_easy_setopt(curl, CURLOPT_APPEND, 0L); } - r = curl_easy_perform(curlhandle); + res = curl_easy_perform(curl); } fclose(f); - if(r == CURLE_OK) + if(res == CURLE_OK) return 1; else { - fprintf(stderr, "%s\n", curl_easy_strerror(r)); + fprintf(stderr, "%s\n", curl_easy_strerror(res)); return 0; } } int main(void) { - CURL *curlhandle = NULL; + CURL *curl = NULL; CURLcode res = curl_global_init(CURL_GLOBAL_ALL); if(res) return (int)res; - curlhandle = curl_easy_init(); - if(curlhandle) { - - upload(curlhandle, "ftp://user:pass@example.com/path/file", "C:\\file", - 0, 3); - - curl_easy_cleanup(curlhandle); + curl = curl_easy_init(); + if(curl) { + upload(curl, "ftp://user:pass@example.com/path/file", "C:\\file", 0, 3); + curl_easy_cleanup(curl); } curl_global_cleanup(); diff --git a/docs/examples/getinmemory.c b/docs/examples/getinmemory.c index aa31654c16..025ebe67a5 100644 --- a/docs/examples/getinmemory.c +++ b/docs/examples/getinmemory.c @@ -38,7 +38,7 @@ struct MemoryStruct { size_t size; }; -static size_t WriteMemoryCallback(void *contents, size_t size, size_t nmemb, +static size_t write_cb(void *contents, size_t size, size_t nmemb, void *userp) { size_t realsize = size * nmemb; @@ -61,7 +61,7 @@ static size_t WriteMemoryCallback(void *contents, size_t size, size_t nmemb, int main(void) { - CURL *curl_handle; + CURL *curl; CURLcode res; struct MemoryStruct chunk; @@ -74,24 +74,24 @@ int main(void) chunk.size = 0; /* no data at this point */ /* init the curl session */ - curl_handle = curl_easy_init(); - if(curl_handle) { + curl = curl_easy_init(); + if(curl) { /* specify URL to get */ - curl_easy_setopt(curl_handle, CURLOPT_URL, "https://www.example.com/"); + curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.com/"); /* send all data to this function */ - curl_easy_setopt(curl_handle, CURLOPT_WRITEFUNCTION, WriteMemoryCallback); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); /* we pass our 'chunk' struct to the callback function */ - curl_easy_setopt(curl_handle, CURLOPT_WRITEDATA, (void *)&chunk); + curl_easy_setopt(curl, CURLOPT_WRITEDATA, (void *)&chunk); /* some servers do not like requests that are made without a user-agent field, so we provide one */ - curl_easy_setopt(curl_handle, CURLOPT_USERAGENT, "libcurl-agent/1.0"); + curl_easy_setopt(curl, CURLOPT_USERAGENT, "libcurl-agent/1.0"); /* get it! */ - res = curl_easy_perform(curl_handle); + res = curl_easy_perform(curl); /* check for errors */ if(res != CURLE_OK) { @@ -110,7 +110,7 @@ int main(void) } /* cleanup curl stuff */ - curl_easy_cleanup(curl_handle); + curl_easy_cleanup(curl); } free(chunk.memory); diff --git a/docs/examples/ghiper.c b/docs/examples/ghiper.c index e9844fc89e..61771c7ad7 100644 --- a/docs/examples/ghiper.c +++ b/docs/examples/ghiper.c @@ -78,7 +78,7 @@ struct GlobalInfo { /* Information associated with a specific easy handle */ struct ConnInfo { - CURL *easy; + CURL *curl; char *url; struct GlobalInfo *global; char error[CURL_ERROR_SIZE]; @@ -87,7 +87,7 @@ struct ConnInfo { /* Information associated with a specific socket */ struct SockInfo { curl_socket_t sockfd; - CURL *easy; + CURL *curl; int action; long timeout; GIOChannel *ch; @@ -124,16 +124,16 @@ static void check_multi_info(struct GlobalInfo *g) MSG_OUT("REMAINING: %d\n", g->still_running); while((msg = curl_multi_info_read(g->multi, &msgs_left))) { if(msg->msg == CURLMSG_DONE) { - CURL *easy = msg->easy_handle; + CURL *curl = msg->easy_handle; CURLcode res = msg->data.result; char *eff_url; struct ConnInfo *conn; - curl_easy_getinfo(easy, CURLINFO_PRIVATE, &conn); - curl_easy_getinfo(easy, CURLINFO_EFFECTIVE_URL, &eff_url); + curl_easy_getinfo(curl, CURLINFO_PRIVATE, &conn); + curl_easy_getinfo(curl, CURLINFO_EFFECTIVE_URL, &eff_url); MSG_OUT("DONE: %s => (%d) %s\n", eff_url, res, conn->error); - curl_multi_remove_handle(g->multi, easy); + curl_multi_remove_handle(g->multi, curl); free(conn->url); - curl_easy_cleanup(easy); + curl_easy_cleanup(curl); free(conn); } } @@ -223,7 +223,7 @@ static void setsock(struct SockInfo *f, curl_socket_t s, CURL *e, int act, f->sockfd = s; f->action = act; - f->easy = e; + f->curl = e; if(f->ev) { g_source_remove(f->ev); } @@ -231,14 +231,14 @@ static void setsock(struct SockInfo *f, curl_socket_t s, CURL *e, int act, } /* Initialize a new SockInfo structure */ -static void addsock(curl_socket_t s, CURL *easy, int action, +static void addsock(curl_socket_t s, CURL *curl, int action, struct GlobalInfo *g) { struct SockInfo *fdp = g_malloc0(sizeof(struct SockInfo)); fdp->global = g; fdp->ch = g_io_channel_unix_new(s); - setsock(fdp, s, easy, action, g); + setsock(fdp, s, curl, action, g); curl_multi_assign(g->multi, s, fdp); } @@ -301,29 +301,29 @@ static void new_conn(const char *url, struct GlobalInfo *g) conn = g_malloc0(sizeof(*conn)); conn->error[0] = '\0'; - conn->easy = curl_easy_init(); - if(!conn->easy) { + conn->curl = curl_easy_init(); + if(!conn->curl) { MSG_OUT("curl_easy_init() failed, exiting!\n"); exit(2); } conn->global = g; conn->url = g_strdup(url); - curl_easy_setopt(conn->easy, CURLOPT_URL, conn->url); - curl_easy_setopt(conn->easy, CURLOPT_WRITEFUNCTION, write_cb); - curl_easy_setopt(conn->easy, CURLOPT_WRITEDATA, &conn); - curl_easy_setopt(conn->easy, CURLOPT_VERBOSE, SHOW_VERBOSE); - curl_easy_setopt(conn->easy, CURLOPT_ERRORBUFFER, conn->error); - curl_easy_setopt(conn->easy, CURLOPT_PRIVATE, conn); - curl_easy_setopt(conn->easy, CURLOPT_NOPROGRESS, SHOW_PROGRESS ? 0L : 1L); - curl_easy_setopt(conn->easy, CURLOPT_XFERINFOFUNCTION, xferinfo_cb); - curl_easy_setopt(conn->easy, CURLOPT_PROGRESSDATA, conn); - curl_easy_setopt(conn->easy, CURLOPT_FOLLOWLOCATION, 1L); - curl_easy_setopt(conn->easy, CURLOPT_CONNECTTIMEOUT, 30L); - curl_easy_setopt(conn->easy, CURLOPT_LOW_SPEED_LIMIT, 1L); - curl_easy_setopt(conn->easy, CURLOPT_LOW_SPEED_TIME, 30L); + curl_easy_setopt(conn->curl, CURLOPT_URL, conn->url); + curl_easy_setopt(conn->curl, CURLOPT_WRITEFUNCTION, write_cb); + curl_easy_setopt(conn->curl, CURLOPT_WRITEDATA, &conn); + curl_easy_setopt(conn->curl, CURLOPT_VERBOSE, SHOW_VERBOSE); + curl_easy_setopt(conn->curl, CURLOPT_ERRORBUFFER, conn->error); + curl_easy_setopt(conn->curl, CURLOPT_PRIVATE, conn); + curl_easy_setopt(conn->curl, CURLOPT_NOPROGRESS, SHOW_PROGRESS ? 0L : 1L); + curl_easy_setopt(conn->curl, CURLOPT_XFERINFOFUNCTION, xferinfo_cb); + curl_easy_setopt(conn->curl, CURLOPT_PROGRESSDATA, conn); + curl_easy_setopt(conn->curl, CURLOPT_FOLLOWLOCATION, 1L); + curl_easy_setopt(conn->curl, CURLOPT_CONNECTTIMEOUT, 30L); + curl_easy_setopt(conn->curl, CURLOPT_LOW_SPEED_LIMIT, 1L); + curl_easy_setopt(conn->curl, CURLOPT_LOW_SPEED_TIME, 30L); - MSG_OUT("Adding easy %p to multi %p (%s)\n", conn->easy, g->multi, url); - rc = curl_multi_add_handle(g->multi, conn->easy); + MSG_OUT("Adding easy %p to multi %p (%s)\n", conn->curl, g->multi, url); + rc = curl_multi_add_handle(g->multi, conn->curl); mcode_or_die("new_conn: curl_multi_add_handle", rc); /* note that add_handle() sets a timeout to trigger soon so that the diff --git a/docs/examples/hiperfifo.c b/docs/examples/hiperfifo.c index cc22e70abb..314d7dd9d9 100644 --- a/docs/examples/hiperfifo.c +++ b/docs/examples/hiperfifo.c @@ -90,7 +90,7 @@ struct GlobalInfo { /* Information associated with a specific easy handle */ struct ConnInfo { - CURL *easy; + CURL *curl; char *url; struct GlobalInfo *global; char error[CURL_ERROR_SIZE]; @@ -99,7 +99,7 @@ struct ConnInfo { /* Information associated with a specific socket */ struct SockInfo { curl_socket_t sockfd; - CURL *easy; + CURL *curl; int action; long timeout; struct event ev; @@ -162,20 +162,18 @@ static void check_multi_info(struct GlobalInfo *g) CURLMsg *msg; int msgs_left; struct ConnInfo *conn; - CURL *easy; - CURLcode res; fprintf(MSG_OUT, "REMAINING: %d\n", g->still_running); while((msg = curl_multi_info_read(g->multi, &msgs_left))) { if(msg->msg == CURLMSG_DONE) { - easy = msg->easy_handle; - res = msg->data.result; - curl_easy_getinfo(easy, CURLINFO_PRIVATE, &conn); - curl_easy_getinfo(easy, CURLINFO_EFFECTIVE_URL, &eff_url); + CURL *curl = msg->easy_handle; + CURLcode res = msg->data.result; + curl_easy_getinfo(curl, CURLINFO_PRIVATE, &conn); + curl_easy_getinfo(curl, CURLINFO_EFFECTIVE_URL, &eff_url); fprintf(MSG_OUT, "DONE: %s => (%d) %s\n", eff_url, res, conn->error); - curl_multi_remove_handle(g->multi, easy); + curl_multi_remove_handle(g->multi, curl); free(conn->url); - curl_easy_cleanup(easy); + curl_easy_cleanup(curl); free(conn); } } @@ -240,7 +238,7 @@ static void setsock(struct SockInfo *f, curl_socket_t s, CURL *e, int act, f->sockfd = s; f->action = act; - f->easy = e; + f->curl = e; if(event_initialized(&f->ev)) { event_del(&f->ev); } @@ -249,13 +247,13 @@ static void setsock(struct SockInfo *f, curl_socket_t s, CURL *e, int act, } /* Initialize a new SockInfo structure */ -static void addsock(curl_socket_t s, CURL *easy, int action, +static void addsock(curl_socket_t s, CURL *curl, int action, struct GlobalInfo *g) { struct SockInfo *fdp = calloc(1, sizeof(struct SockInfo)); fdp->global = g; - setsock(fdp, s, easy, action, g); + setsock(fdp, s, curl, action, g); curl_multi_assign(g->multi, s, fdp); } @@ -317,26 +315,26 @@ static void new_conn(const char *url, struct GlobalInfo *g) conn = calloc(1, sizeof(*conn)); conn->error[0] = '\0'; - conn->easy = curl_easy_init(); - if(!conn->easy) { + conn->curl = curl_easy_init(); + if(!conn->curl) { fprintf(MSG_OUT, "curl_easy_init() failed, exiting!\n"); exit(2); } conn->global = g; conn->url = strdup(url); - curl_easy_setopt(conn->easy, CURLOPT_URL, conn->url); - curl_easy_setopt(conn->easy, CURLOPT_WRITEFUNCTION, write_cb); - curl_easy_setopt(conn->easy, CURLOPT_WRITEDATA, conn); - curl_easy_setopt(conn->easy, CURLOPT_VERBOSE, 1L); - curl_easy_setopt(conn->easy, CURLOPT_ERRORBUFFER, conn->error); - curl_easy_setopt(conn->easy, CURLOPT_PRIVATE, conn); - curl_easy_setopt(conn->easy, CURLOPT_NOPROGRESS, 0L); - curl_easy_setopt(conn->easy, CURLOPT_XFERINFOFUNCTION, xferinfo_cb); - curl_easy_setopt(conn->easy, CURLOPT_PROGRESSDATA, conn); - curl_easy_setopt(conn->easy, CURLOPT_FOLLOWLOCATION, 1L); + curl_easy_setopt(conn->curl, CURLOPT_URL, conn->url); + curl_easy_setopt(conn->curl, CURLOPT_WRITEFUNCTION, write_cb); + curl_easy_setopt(conn->curl, CURLOPT_WRITEDATA, conn); + curl_easy_setopt(conn->curl, CURLOPT_VERBOSE, 1L); + curl_easy_setopt(conn->curl, CURLOPT_ERRORBUFFER, conn->error); + curl_easy_setopt(conn->curl, CURLOPT_PRIVATE, conn); + curl_easy_setopt(conn->curl, CURLOPT_NOPROGRESS, 0L); + curl_easy_setopt(conn->curl, CURLOPT_XFERINFOFUNCTION, xferinfo_cb); + curl_easy_setopt(conn->curl, CURLOPT_PROGRESSDATA, conn); + curl_easy_setopt(conn->curl, CURLOPT_FOLLOWLOCATION, 1L); fprintf(MSG_OUT, - "Adding easy %p to multi %p (%s)\n", conn->easy, g->multi, url); - rc = curl_multi_add_handle(g->multi, conn->easy); + "Adding easy %p to multi %p (%s)\n", conn->curl, g->multi, url); + rc = curl_multi_add_handle(g->multi, conn->curl); mcode_or_die("new_conn: curl_multi_add_handle", rc); /* note that the add_handle() sets a time-out to trigger soon so that diff --git a/docs/examples/hsts-preload.c b/docs/examples/hsts-preload.c index 303b17f525..a775ec9778 100644 --- a/docs/examples/hsts-preload.c +++ b/docs/examples/hsts-preload.c @@ -46,13 +46,13 @@ struct state { /* "read" is from the point of the library, it wants data from us. One domain entry per invoke. */ -static CURLSTScode hstsread(CURL *easy, struct curl_hstsentry *e, +static CURLSTScode hstsread(CURL *curl, struct curl_hstsentry *e, void *userp) { const char *host; const char *expire; struct state *s = (struct state *)userp; - (void)easy; + (void)curl; host = preload_hosts[s->index].name; expire = preload_hosts[s->index++].exp; @@ -67,10 +67,10 @@ static CURLSTScode hstsread(CURL *easy, struct curl_hstsentry *e, return CURLSTS_OK; } -static CURLSTScode hstswrite(CURL *easy, struct curl_hstsentry *e, +static CURLSTScode hstswrite(CURL *curl, struct curl_hstsentry *e, struct curl_index *i, void *userp) { - (void)easy; + (void)curl; (void)userp; /* we have no custom input */ printf("[%u/%u] %s %s\n", (unsigned int)i->index, (unsigned int)i->total, e->name, e->expire); diff --git a/docs/examples/htmltitle.cpp b/docs/examples/htmltitle.cpp index e4979ee859..2251a215e8 100644 --- a/docs/examples/htmltitle.cpp +++ b/docs/examples/htmltitle.cpp @@ -86,43 +86,43 @@ static size_t writer(char *data, size_t size, size_t nmemb, // libcurl connection initialization // -static bool init(CURL *&conn, const char *url) +static bool init(CURL *&curl, const char *url) { - CURLcode code; + CURLcode res; - conn = curl_easy_init(); + curl = curl_easy_init(); - if(conn == NULL) { - fprintf(stderr, "Failed to create CURL connection\n"); + if(!curl) { + fprintf(stderr, "Failed to create CURL handle\n"); return false; } - code = curl_easy_setopt(conn, CURLOPT_ERRORBUFFER, errorBuffer); - if(code != CURLE_OK) { - fprintf(stderr, "Failed to set error buffer [%d]\n", code); + res = curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, errorBuffer); + if(res != CURLE_OK) { + fprintf(stderr, "Failed to set error buffer [%d]\n", res); return false; } - code = curl_easy_setopt(conn, CURLOPT_URL, url); - if(code != CURLE_OK) { + res = curl_easy_setopt(curl, CURLOPT_URL, url); + if(res != CURLE_OK) { fprintf(stderr, "Failed to set URL [%s]\n", errorBuffer); return false; } - code = curl_easy_setopt(conn, CURLOPT_FOLLOWLOCATION, 1L); - if(code != CURLE_OK) { + res = curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L); + if(res != CURLE_OK) { fprintf(stderr, "Failed to set redirect option [%s]\n", errorBuffer); return false; } - code = curl_easy_setopt(conn, CURLOPT_WRITEFUNCTION, writer); - if(code != CURLE_OK) { + res = curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, writer); + if(res != CURLE_OK) { fprintf(stderr, "Failed to set writer [%s]\n", errorBuffer); return false; } - code = curl_easy_setopt(conn, CURLOPT_WRITEDATA, &buffer); - if(code != CURLE_OK) { + res = curl_easy_setopt(curl, CURLOPT_WRITEDATA, &buffer); + if(res != CURLE_OK) { fprintf(stderr, "Failed to set write data [%s]\n", errorBuffer); return false; } @@ -262,7 +262,7 @@ static void parseHtml(const std::string &html, int main(int argc, char *argv[]) { - CURL *conn = NULL; + CURL *curl = NULL; CURLcode res; std::string title; @@ -277,18 +277,18 @@ int main(int argc, char *argv[]) if(res) return (int)res; - // Initialize CURL connection + // Initialize CURL handle - if(!init(conn, argv[1])) { - fprintf(stderr, "Connection initialization failed\n"); + if(!init(curl, argv[1])) { + fprintf(stderr, "Handle initialization failed\n"); curl_global_cleanup(); return EXIT_FAILURE; } // Retrieve content for the URL - res = curl_easy_perform(conn); - curl_easy_cleanup(conn); + res = curl_easy_perform(curl); + curl_easy_cleanup(curl); if(res != CURLE_OK) { fprintf(stderr, "Failed to get '%s' [%s]\n", argv[1], errorBuffer); diff --git a/docs/examples/http2-download.c b/docs/examples/http2-download.c index 15bb9fa1a5..efc7472153 100644 --- a/docs/examples/http2-download.c +++ b/docs/examples/http2-download.c @@ -50,7 +50,7 @@ struct transfer { FILE *out; - CURL *easy; + CURL *curl; int num; }; @@ -101,13 +101,13 @@ static void dump(const char *text, int num, unsigned char *ptr, } } -static int my_trace(CURL *handle, curl_infotype type, +static int my_trace(CURL *curl, curl_infotype type, char *data, size_t size, void *userp) { const char *text; struct transfer *t = (struct transfer *)userp; int num = t->num; - (void)handle; + (void)curl; switch(type) { case CURLINFO_TEXT: @@ -142,9 +142,9 @@ static int my_trace(CURL *handle, curl_infotype type, static int setup(struct transfer *t, int num) { char filename[128]; - CURL *easy; + CURL *curl; - easy = t->easy = NULL; + curl = t->curl = NULL; t->num = num; snprintf(filename, sizeof(filename), "dl-%d", num); @@ -155,29 +155,29 @@ static int setup(struct transfer *t, int num) return 1; } - easy = t->easy = curl_easy_init(); - if(easy) { + curl = t->curl = curl_easy_init(); + if(curl) { /* write to this file */ - curl_easy_setopt(easy, CURLOPT_WRITEDATA, t->out); + curl_easy_setopt(curl, CURLOPT_WRITEDATA, t->out); /* set the same URL */ - curl_easy_setopt(easy, CURLOPT_URL, "https://localhost:8443/index.html"); + curl_easy_setopt(curl, CURLOPT_URL, "https://localhost:8443/index.html"); /* please be verbose */ - curl_easy_setopt(easy, CURLOPT_VERBOSE, 1L); - curl_easy_setopt(easy, CURLOPT_DEBUGFUNCTION, my_trace); - curl_easy_setopt(easy, CURLOPT_DEBUGDATA, t); + curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); + curl_easy_setopt(curl, CURLOPT_DEBUGFUNCTION, my_trace); + curl_easy_setopt(curl, CURLOPT_DEBUGDATA, t); /* enlarge the receive buffer for potentially higher transfer speeds */ - curl_easy_setopt(easy, CURLOPT_BUFFERSIZE, 100000L); + curl_easy_setopt(curl, CURLOPT_BUFFERSIZE, 100000L); /* HTTP/2 please */ - curl_easy_setopt(easy, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0); + curl_easy_setopt(curl, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0); #if (CURLPIPE_MULTIPLEX > 0) /* wait for pipe connection to confirm */ - curl_easy_setopt(easy, CURLOPT_PIPEWAIT, 1L); + curl_easy_setopt(curl, CURLOPT_PIPEWAIT, 1L); #endif } return 0; @@ -190,7 +190,7 @@ int main(int argc, char **argv) { CURLcode res; struct transfer *trans; - CURLM *multi_handle = NULL; + CURLM *multi = NULL; int i; int still_running = 0; /* keep number of running handles */ int num_transfers; @@ -215,8 +215,8 @@ int main(int argc, char **argv) } /* init a multi stack */ - multi_handle = curl_multi_init(); - if(!multi_handle) + multi = curl_multi_init(); + if(!multi) goto error; for(i = 0; i < num_transfers; i++) { @@ -225,17 +225,17 @@ int main(int argc, char **argv) } /* add the individual transfer */ - curl_multi_add_handle(multi_handle, trans[i].easy); + curl_multi_add_handle(multi, trans[i].curl); } - curl_multi_setopt(multi_handle, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX); + curl_multi_setopt(multi, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX); do { - CURLMcode mc = curl_multi_perform(multi_handle, &still_running); + CURLMcode mc = curl_multi_perform(multi, &still_running); if(still_running) /* wait for activity, timeout or "nothing" */ - mc = curl_multi_poll(multi_handle, NULL, 0, 1000, NULL); + mc = curl_multi_poll(multi, NULL, 0, 1000, NULL); if(mc) break; @@ -244,15 +244,15 @@ int main(int argc, char **argv) error: - if(multi_handle) { + if(multi) { for(i = 0; i < num_transfers; i++) { - curl_multi_remove_handle(multi_handle, trans[i].easy); - curl_easy_cleanup(trans[i].easy); + curl_multi_remove_handle(multi, trans[i].curl); + curl_easy_cleanup(trans[i].curl); if(trans[i].out) fclose(trans[i].out); } - curl_multi_cleanup(multi_handle); + curl_multi_cleanup(multi); } free(trans); diff --git a/docs/examples/http2-pushinmemory.c b/docs/examples/http2-pushinmemory.c index 85bf0e34a7..e15f151697 100644 --- a/docs/examples/http2-pushinmemory.c +++ b/docs/examples/http2-pushinmemory.c @@ -66,30 +66,30 @@ static void init_memory(struct Memory *chunk) chunk->size = 0; /* no data at this point */ } -static void setup(CURL *hnd) +static void setup(CURL *curl) { /* set the same URL */ - curl_easy_setopt(hnd, CURLOPT_URL, "https://localhost:8443/index.html"); + curl_easy_setopt(curl, CURLOPT_URL, "https://localhost:8443/index.html"); /* HTTP/2 please */ - curl_easy_setopt(hnd, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0); + curl_easy_setopt(curl, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0); /* we use a self-signed test server, skip verification during debugging */ - curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYPEER, 0L); - curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYHOST, 0L); + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L); /* write data to a struct */ - curl_easy_setopt(hnd, CURLOPT_WRITEFUNCTION, write_cb); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); init_memory(&files[0]); - curl_easy_setopt(hnd, CURLOPT_WRITEDATA, &files[0]); + curl_easy_setopt(curl, CURLOPT_WRITEDATA, &files[0]); /* wait for pipe connection to confirm */ - curl_easy_setopt(hnd, CURLOPT_PIPEWAIT, 1L); + curl_easy_setopt(curl, CURLOPT_PIPEWAIT, 1L); } /* called when there is an incoming push */ static int server_push_callback(CURL *parent, - CURL *easy, + CURL *curl, size_t num_headers, struct curl_pushheaders *headers, void *userp) @@ -105,7 +105,7 @@ static int server_push_callback(CURL *parent, /* write to this buffer */ init_memory(&files[pushindex]); - curl_easy_setopt(easy, CURLOPT_WRITEDATA, &files[pushindex]); + curl_easy_setopt(curl, CURLOPT_WRITEDATA, &files[pushindex]); pushindex++; headp = curl_pushheader_byname(headers, ":path"); @@ -122,7 +122,7 @@ static int server_push_callback(CURL *parent, */ int main(void) { - CURL *easy; + CURL *curl; CURLM *multi; int transfers = 1; /* we start with one */ int i; @@ -134,13 +134,13 @@ int main(void) /* init a multi stack */ multi = curl_multi_init(); - easy = curl_easy_init(); + curl = curl_easy_init(); /* set options */ - setup(easy); + setup(curl); /* add the easy transfer */ - curl_multi_add_handle(multi, easy); + curl_multi_add_handle(multi, curl); curl_multi_setopt(multi, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX); curl_multi_setopt(multi, CURLMOPT_PUSHFUNCTION, server_push_callback); @@ -167,10 +167,10 @@ int main(void) int msgq = 0; m = curl_multi_info_read(multi, &msgq); if(m && (m->msg == CURLMSG_DONE)) { - CURL *e = m->easy_handle; + curl = m->easy_handle; transfers--; - curl_multi_remove_handle(multi, e); - curl_easy_cleanup(e); + curl_multi_remove_handle(multi, curl); + curl_easy_cleanup(curl); } } while(m); } diff --git a/docs/examples/http2-serverpush.c b/docs/examples/http2-serverpush.c index 8c261e9aed..d501f24199 100644 --- a/docs/examples/http2-serverpush.c +++ b/docs/examples/http2-serverpush.c @@ -89,11 +89,11 @@ static void dump(const char *text, unsigned char *ptr, size_t size, char nohex) } } -static int my_trace(CURL *handle, curl_infotype type, +static int my_trace(CURL *curl, curl_infotype type, char *data, size_t size, void *userp) { const char *text; - (void)handle; + (void)curl; (void)userp; switch(type) { case CURLINFO_TEXT: @@ -127,32 +127,32 @@ static int my_trace(CURL *handle, curl_infotype type, #define OUTPUTFILE "dl" -static int setup(CURL *hnd, const char *url) +static int setup(CURL *curl, const char *url) { out_download = fopen(OUTPUTFILE, "wb"); if(!out_download) return 1; /* failed */ /* set the same URL */ - curl_easy_setopt(hnd, CURLOPT_URL, url); + curl_easy_setopt(curl, CURLOPT_URL, url); /* HTTP/2 please */ - curl_easy_setopt(hnd, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0); + curl_easy_setopt(curl, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0); /* we use a self-signed test server, skip verification during debugging */ - curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYPEER, 0L); - curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYHOST, 0L); + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L); /* write to this file */ - curl_easy_setopt(hnd, CURLOPT_WRITEDATA, out_download); + curl_easy_setopt(curl, CURLOPT_WRITEDATA, out_download); /* please be verbose */ - curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L); - curl_easy_setopt(hnd, CURLOPT_DEBUGFUNCTION, my_trace); + curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); + curl_easy_setopt(curl, CURLOPT_DEBUGFUNCTION, my_trace); #if CURLPIPE_MULTIPLEX > 0 /* wait for pipe connection to confirm */ - curl_easy_setopt(hnd, CURLOPT_PIPEWAIT, 1L); + curl_easy_setopt(curl, CURLOPT_PIPEWAIT, 1L); #endif return 0; /* all is good */ } @@ -161,7 +161,7 @@ static FILE *out_push; /* called when there is an incoming push */ static int server_push_callback(CURL *parent, - CURL *easy, + CURL *curl, size_t num_headers, struct curl_pushheaders *headers, void *userp) @@ -185,7 +185,7 @@ static int server_push_callback(CURL *parent, } /* write to this file */ - curl_easy_setopt(easy, CURLOPT_WRITEDATA, out_push); + curl_easy_setopt(curl, CURLOPT_WRITEDATA, out_push); fprintf(stderr, "**** push callback approves stream %u, got %lu headers!\n", count, (unsigned long)num_headers); @@ -211,8 +211,8 @@ static int server_push_callback(CURL *parent, int main(int argc, char *argv[]) { CURLcode res; - CURL *easy; - CURLM *multi_handle; + CURL *curl; + CURLM *multi; int transfers = 1; /* we start with one */ const char *url = "https://localhost:8443/index.html"; @@ -224,33 +224,33 @@ int main(int argc, char *argv[]) return (int)res; /* init a multi stack */ - multi_handle = curl_multi_init(); - if(!multi_handle) + multi = curl_multi_init(); + if(!multi) goto error; - easy = curl_easy_init(); + curl = curl_easy_init(); /* set options */ - if(!easy || setup(easy, url)) { + if(!curl || setup(curl, url)) { fprintf(stderr, "failed\n"); goto error; } - curl_multi_setopt(multi_handle, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX); - curl_multi_setopt(multi_handle, CURLMOPT_PUSHFUNCTION, server_push_callback); - curl_multi_setopt(multi_handle, CURLMOPT_PUSHDATA, &transfers); + curl_multi_setopt(multi, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX); + curl_multi_setopt(multi, CURLMOPT_PUSHFUNCTION, server_push_callback); + curl_multi_setopt(multi, CURLMOPT_PUSHDATA, &transfers); /* add the easy transfer */ - curl_multi_add_handle(multi_handle, easy); + curl_multi_add_handle(multi, curl); do { struct CURLMsg *m; int still_running; /* keep number of running handles */ - CURLMcode mc = curl_multi_perform(multi_handle, &still_running); + CURLMcode mc = curl_multi_perform(multi, &still_running); if(still_running) /* wait for activity, timeout or "nothing" */ - mc = curl_multi_poll(multi_handle, NULL, 0, 1000, NULL); + mc = curl_multi_poll(multi, NULL, 0, 1000, NULL); if(mc) break; @@ -262,12 +262,12 @@ int main(int argc, char *argv[]) */ do { int msgq = 0; - m = curl_multi_info_read(multi_handle, &msgq); + m = curl_multi_info_read(multi, &msgq); if(m && (m->msg == CURLMSG_DONE)) { - CURL *e = m->easy_handle; + curl = m->easy_handle; transfers--; - curl_multi_remove_handle(multi_handle, e); - curl_easy_cleanup(e); + curl_multi_remove_handle(multi, curl); + curl_easy_cleanup(curl); } } while(m); @@ -275,8 +275,8 @@ int main(int argc, char *argv[]) error: - if(multi_handle) - curl_multi_cleanup(multi_handle); + if(multi) + curl_multi_cleanup(multi); curl_global_cleanup(); diff --git a/docs/examples/http2-upload.c b/docs/examples/http2-upload.c index fda941c49f..2bff0d0506 100644 --- a/docs/examples/http2-upload.c +++ b/docs/examples/http2-upload.c @@ -88,7 +88,7 @@ struct input { FILE *in; FILE *out; size_t bytes_read; /* count up */ - CURL *easy; + CURL *curl; int num; }; @@ -139,7 +139,7 @@ static void dump(const char *text, int num, unsigned char *ptr, } } -static int my_trace(CURL *handle, curl_infotype type, +static int my_trace(CURL *curl, curl_infotype type, char *data, size_t size, void *userp) { char timebuf[60]; @@ -151,7 +151,7 @@ static int my_trace(CURL *handle, curl_infotype type, struct timeval tv; time_t secs; struct tm *now; - (void)handle; + (void)curl; gettimeofday(&tv, NULL); if(!known_offset) { @@ -193,7 +193,7 @@ static int my_trace(CURL *handle, curl_infotype type, return 0; } -static size_t read_callback(char *ptr, size_t size, size_t nmemb, void *userp) +static size_t read_cb(char *ptr, size_t size, size_t nmemb, void *userp) { struct input *i = userp; size_t retcode = fread(ptr, size, nmemb, i->in); @@ -207,9 +207,9 @@ static int setup(struct input *t, int num, const char *upload) char filename[128]; struct stat file_info; curl_off_t uploadsize; - CURL *easy; + CURL *curl; - easy = t->easy = NULL; + curl = t->curl = NULL; t->num = num; snprintf(filename, sizeof(filename), "dl-%d", num); @@ -246,40 +246,40 @@ static int setup(struct input *t, int num, const char *upload) uploadsize = file_info.st_size; - easy = t->easy = curl_easy_init(); - if(easy) { + curl = t->curl = curl_easy_init(); + if(curl) { /* write to this file */ - curl_easy_setopt(easy, CURLOPT_WRITEDATA, t->out); + curl_easy_setopt(curl, CURLOPT_WRITEDATA, t->out); /* we want to use our own read function */ - curl_easy_setopt(easy, CURLOPT_READFUNCTION, read_callback); + curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_cb); /* read from this file */ - curl_easy_setopt(easy, CURLOPT_READDATA, t); + curl_easy_setopt(curl, CURLOPT_READDATA, t); /* provide the size of the upload */ - curl_easy_setopt(easy, CURLOPT_INFILESIZE_LARGE, uploadsize); + curl_easy_setopt(curl, CURLOPT_INFILESIZE_LARGE, uploadsize); /* send in the URL to store the upload as */ - curl_easy_setopt(easy, CURLOPT_URL, url); + curl_easy_setopt(curl, CURLOPT_URL, url); /* upload please */ - curl_easy_setopt(easy, CURLOPT_UPLOAD, 1L); + curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L); /* please be verbose */ - curl_easy_setopt(easy, CURLOPT_VERBOSE, 1L); - curl_easy_setopt(easy, CURLOPT_DEBUGFUNCTION, my_trace); - curl_easy_setopt(easy, CURLOPT_DEBUGDATA, t); + curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); + curl_easy_setopt(curl, CURLOPT_DEBUGFUNCTION, my_trace); + curl_easy_setopt(curl, CURLOPT_DEBUGDATA, t); /* HTTP/2 please */ - curl_easy_setopt(easy, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0); + curl_easy_setopt(curl, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0); /* we use a self-signed test server, skip verification during debugging */ - curl_easy_setopt(easy, CURLOPT_SSL_VERIFYPEER, 0L); - curl_easy_setopt(easy, CURLOPT_SSL_VERIFYHOST, 0L); + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L); #if (CURLPIPE_MULTIPLEX > 0) /* wait for pipe connection to confirm */ - curl_easy_setopt(easy, CURLOPT_PIPEWAIT, 1L); + curl_easy_setopt(curl, CURLOPT_PIPEWAIT, 1L); #endif } return 0; @@ -292,7 +292,7 @@ int main(int argc, char **argv) { CURLcode res; struct input *trans; - CURLM *multi_handle = NULL; + CURLM *multi = NULL; int i; const char *filename = "index.html"; int still_running = 0; /* keep number of running handles */ @@ -322,8 +322,8 @@ int main(int argc, char **argv) } /* init a multi stack */ - multi_handle = curl_multi_init(); - if(!multi_handle) + multi = curl_multi_init(); + if(!multi) goto error; for(i = 0; i < num_transfers; i++) { @@ -332,20 +332,20 @@ int main(int argc, char **argv) } /* add the individual transfer */ - curl_multi_add_handle(multi_handle, trans[i].easy); + curl_multi_add_handle(multi, trans[i].curl); } - curl_multi_setopt(multi_handle, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX); + curl_multi_setopt(multi, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX); /* We do HTTP/2 so let's stick to one connection per host */ - curl_multi_setopt(multi_handle, CURLMOPT_MAX_HOST_CONNECTIONS, 1L); + curl_multi_setopt(multi, CURLMOPT_MAX_HOST_CONNECTIONS, 1L); do { - CURLMcode mc = curl_multi_perform(multi_handle, &still_running); + CURLMcode mc = curl_multi_perform(multi, &still_running); if(still_running) /* wait for activity, timeout or "nothing" */ - mc = curl_multi_poll(multi_handle, NULL, 0, 1000, NULL); + mc = curl_multi_poll(multi, NULL, 0, 1000, NULL); if(mc) break; @@ -354,17 +354,17 @@ int main(int argc, char **argv) error: - if(multi_handle) { + if(multi) { for(i = 0; i < num_transfers; i++) { - curl_multi_remove_handle(multi_handle, trans[i].easy); - curl_easy_cleanup(trans[i].easy); + curl_multi_remove_handle(multi, trans[i].curl); + curl_easy_cleanup(trans[i].curl); if(trans[i].in) fclose(trans[i].in); if(trans[i].out) fclose(trans[i].out); } - curl_multi_cleanup(multi_handle); + curl_multi_cleanup(multi); } free(trans); diff --git a/docs/examples/httpput.c b/docs/examples/httpput.c index 2aef62fc67..794ea99ae5 100644 --- a/docs/examples/httpput.c +++ b/docs/examples/httpput.c @@ -48,7 +48,7 @@ * http://www.apacheweek.com/features/put */ -static size_t read_callback(char *ptr, size_t size, size_t nmemb, void *stream) +static size_t read_cb(char *ptr, size_t size, size_t nmemb, void *stream) { size_t retcode; unsigned long nread; @@ -111,7 +111,7 @@ int main(int argc, char **argv) curl = curl_easy_init(); if(curl) { /* we want to use our own read function */ - curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_callback); + curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_cb); /* enable uploading (implies PUT over HTTP) */ curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L); diff --git a/docs/examples/imap-append.c b/docs/examples/imap-append.c index e8851ce977..c78462a508 100644 --- a/docs/examples/imap-append.c +++ b/docs/examples/imap-append.c @@ -59,7 +59,7 @@ struct upload_status { size_t bytes_read; }; -static size_t payload_source(char *ptr, size_t size, size_t nmemb, void *userp) +static size_t read_cb(char *ptr, size_t size, size_t nmemb, void *userp) { struct upload_status *upload_ctx = (struct upload_status *)userp; const char *data; @@ -108,7 +108,7 @@ int main(void) /* In this case, we are using a callback function to specify the data. You * could just use the CURLOPT_READDATA option to specify a FILE pointer to * read from. */ - curl_easy_setopt(curl, CURLOPT_READFUNCTION, payload_source); + curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_cb); curl_easy_setopt(curl, CURLOPT_READDATA, &upload_ctx); curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L); diff --git a/docs/examples/imap-multi.c b/docs/examples/imap-multi.c index e2d5dd4e9c..56a9147bc8 100644 --- a/docs/examples/imap-multi.c +++ b/docs/examples/imap-multi.c @@ -46,10 +46,10 @@ int main(void) curl = curl_easy_init(); if(curl) { - CURLM *mcurl; + CURLM *multi; - mcurl = curl_multi_init(); - if(mcurl) { + multi = curl_multi_init(); + if(multi) { int still_running = 1; /* Set username and password */ @@ -61,22 +61,22 @@ int main(void) "INBOX/;UID=1"); /* Tell the multi stack about our easy handle */ - curl_multi_add_handle(mcurl, curl); + curl_multi_add_handle(multi, curl); do { - CURLMcode mc = curl_multi_perform(mcurl, &still_running); + CURLMcode mc = curl_multi_perform(multi, &still_running); if(still_running) /* wait for activity, timeout or "nothing" */ - mc = curl_multi_poll(mcurl, NULL, 0, 1000, NULL); + mc = curl_multi_poll(multi, NULL, 0, 1000, NULL); if(mc) break; } while(still_running); /* Always cleanup */ - curl_multi_remove_handle(mcurl, curl); - curl_multi_cleanup(mcurl); + curl_multi_remove_handle(multi, curl); + curl_multi_cleanup(multi); } curl_easy_cleanup(curl); } diff --git a/docs/examples/log_failed_transfers.c b/docs/examples/log_failed_transfers.c index 9237f69b32..c9c0009763 100644 --- a/docs/examples/log_failed_transfers.c +++ b/docs/examples/log_failed_transfers.c @@ -172,14 +172,14 @@ static int mem_addf(struct mem *mem, const char *format, ...) return -1; } -static int mydebug(CURL *handle, curl_infotype type, +static int mydebug(CURL *curl, curl_infotype type, char *data, size_t size, void *userdata) { struct transfer *t = (struct transfer *)userdata; static const char s_infotype[CURLINFO_END][3] = { "* ", "< ", "> ", "{ ", "} ", "{ ", "} " }; - (void)handle; + (void)curl; switch(type) { case CURLINFO_TEXT: @@ -198,7 +198,7 @@ static int mydebug(CURL *handle, curl_infotype type, return 0; } -static size_t mywrite(char *ptr, size_t size, size_t nmemb, void *userdata) +static size_t write_cb(char *ptr, size_t size, size_t nmemb, void *userdata) { struct transfer *t = (struct transfer *)userdata; @@ -258,7 +258,7 @@ int main(void) curl_easy_setopt(t->curl, CURLOPT_DEBUGDATA, t); /* Enable writing the body to a file */ - curl_easy_setopt(t->curl, CURLOPT_WRITEFUNCTION, mywrite); + curl_easy_setopt(t->curl, CURLOPT_WRITEFUNCTION, write_cb); curl_easy_setopt(t->curl, CURLOPT_WRITEDATA, t); /* Enable immediate error on HTTP status codes >= 400 in most cases, diff --git a/docs/examples/multi-app.c b/docs/examples/multi-app.c index 7dab0b04f1..8c0d8b4041 100644 --- a/docs/examples/multi-app.c +++ b/docs/examples/multi-app.c @@ -43,8 +43,8 @@ int main(void) { - CURL *handles[HANDLECOUNT]; - CURLM *multi_handle; + CURL *curl[HANDLECOUNT]; + CURLM *multi; int i; @@ -54,17 +54,17 @@ int main(void) /* Allocate one curl handle per transfer */ for(i = 0; i < HANDLECOUNT; i++) - handles[i] = curl_easy_init(); + curl[i] = curl_easy_init(); /* set the options (I left out a few, you get the point anyway) */ - curl_easy_setopt(handles[HTTP_HANDLE], CURLOPT_URL, "https://example.com"); + curl_easy_setopt(curl[HTTP_HANDLE], CURLOPT_URL, "https://example.com"); - curl_easy_setopt(handles[FTP_HANDLE], CURLOPT_URL, "ftp://example.com"); - curl_easy_setopt(handles[FTP_HANDLE], CURLOPT_UPLOAD, 1L); + curl_easy_setopt(curl[FTP_HANDLE], CURLOPT_URL, "ftp://example.com"); + curl_easy_setopt(curl[FTP_HANDLE], CURLOPT_UPLOAD, 1L); /* init a multi stack */ - multi_handle = curl_multi_init(); - if(multi_handle) { + multi = curl_multi_init(); + if(multi) { int still_running = 1; /* keep number of running handles */ @@ -73,14 +73,14 @@ int main(void) /* add the individual transfers */ for(i = 0; i < HANDLECOUNT; i++) - curl_multi_add_handle(multi_handle, handles[i]); + curl_multi_add_handle(multi, curl[i]); while(still_running) { - CURLMcode mc = curl_multi_perform(multi_handle, &still_running); + CURLMcode mc = curl_multi_perform(multi, &still_running); if(still_running) /* wait for activity, timeout or "nothing" */ - mc = curl_multi_poll(multi_handle, NULL, 0, 1000, NULL); + mc = curl_multi_poll(multi, NULL, 0, 1000, NULL); if(mc) break; @@ -88,13 +88,13 @@ int main(void) /* See how the transfers went */ /* !checksrc! disable EQUALSNULL 1 */ - while((msg = curl_multi_info_read(multi_handle, &msgs_left)) != NULL) { + while((msg = curl_multi_info_read(multi, &msgs_left)) != NULL) { if(msg->msg == CURLMSG_DONE) { int idx; /* Find out which handle this message is about */ for(idx = 0; idx < HANDLECOUNT; idx++) { - int found = (msg->easy_handle == handles[idx]); + int found = (msg->easy_handle == curl[idx]); if(found) break; } @@ -112,14 +112,14 @@ int main(void) /* remove the transfers */ for(i = 0; i < HANDLECOUNT; i++) - curl_multi_remove_handle(multi_handle, handles[i]); + curl_multi_remove_handle(multi, curl[i]); - curl_multi_cleanup(multi_handle); + curl_multi_cleanup(multi); } /* Free the curl handles */ for(i = 0; i < HANDLECOUNT; i++) - curl_easy_cleanup(handles[i]); + curl_easy_cleanup(curl[i]); curl_global_cleanup(); diff --git a/docs/examples/multi-debugcallback.c b/docs/examples/multi-debugcallback.c index 278a5b4a2e..758cfca1de 100644 --- a/docs/examples/multi-debugcallback.c +++ b/docs/examples/multi-debugcallback.c @@ -83,14 +83,14 @@ static void dump(const char *text, FILE *stream, unsigned char *ptr, fflush(stream); } -static int my_trace(CURL *handle, curl_infotype type, +static int my_trace(CURL *curl, curl_infotype type, unsigned char *data, size_t size, void *userp) { const char *text; (void)userp; - (void)handle; + (void)curl; switch(type) { case CURLINFO_TEXT: @@ -121,48 +121,48 @@ static int my_trace(CURL *handle, curl_infotype type, */ int main(void) { - CURL *http_handle; + CURL *curl; CURLcode res = curl_global_init(CURL_GLOBAL_ALL); if(res) return (int)res; - http_handle = curl_easy_init(); - if(http_handle) { + curl = curl_easy_init(); + if(curl) { - CURLM *multi_handle; + CURLM *multi; /* set the options (I left out a few, you get the point anyway) */ - curl_easy_setopt(http_handle, CURLOPT_URL, "https://www.example.com/"); + curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.com/"); - curl_easy_setopt(http_handle, CURLOPT_DEBUGFUNCTION, my_trace); - curl_easy_setopt(http_handle, CURLOPT_VERBOSE, 1L); + curl_easy_setopt(curl, CURLOPT_DEBUGFUNCTION, my_trace); + curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); /* init a multi stack */ - multi_handle = curl_multi_init(); - if(multi_handle) { + multi = curl_multi_init(); + if(multi) { int still_running = 0; /* keep number of running handles */ /* add the individual transfers */ - curl_multi_add_handle(multi_handle, http_handle); + curl_multi_add_handle(multi, curl); do { - CURLMcode mc = curl_multi_perform(multi_handle, &still_running); + CURLMcode mc = curl_multi_perform(multi, &still_running); if(still_running) /* wait for activity, timeout or "nothing" */ - mc = curl_multi_poll(multi_handle, NULL, 0, 1000, NULL); + mc = curl_multi_poll(multi, NULL, 0, 1000, NULL); if(mc) break; } while(still_running); - curl_multi_cleanup(multi_handle); + curl_multi_cleanup(multi); } - curl_easy_cleanup(http_handle); + curl_easy_cleanup(curl); } curl_global_cleanup(); diff --git a/docs/examples/multi-double.c b/docs/examples/multi-double.c index 71ac7422d6..1149f21b78 100644 --- a/docs/examples/multi-double.c +++ b/docs/examples/multi-double.c @@ -36,52 +36,51 @@ */ int main(void) { - CURL *http_handle; - CURL *http_handle2; + CURL *curl; + CURL *curl2; CURLcode res = curl_global_init(CURL_GLOBAL_ALL); if(res) return (int)res; - http_handle = curl_easy_init(); - http_handle2 = curl_easy_init(); + curl = curl_easy_init(); + curl2 = curl_easy_init(); - if(http_handle && - http_handle2) { + if(curl && curl2) { - CURLM *multi_handle; + CURLM *multi; /* set options */ - curl_easy_setopt(http_handle, CURLOPT_URL, "https://www.example.com/"); + curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.com/"); /* set options */ - curl_easy_setopt(http_handle2, CURLOPT_URL, "http://localhost/"); + curl_easy_setopt(curl2, CURLOPT_URL, "http://localhost/"); /* init a multi stack */ - multi_handle = curl_multi_init(); - if(multi_handle) { + multi = curl_multi_init(); + if(multi) { int still_running = 1; /* keep number of running handles */ /* add the individual transfers */ - curl_multi_add_handle(multi_handle, http_handle); - curl_multi_add_handle(multi_handle, http_handle2); + curl_multi_add_handle(multi, curl); + curl_multi_add_handle(multi, curl2); while(still_running) { CURLMsg *msg; int queued; - CURLMcode mc = curl_multi_perform(multi_handle, &still_running); + CURLMcode mc = curl_multi_perform(multi, &still_running); if(still_running) /* wait for activity, timeout or "nothing" */ - mc = curl_multi_poll(multi_handle, NULL, 0, 1000, NULL); + mc = curl_multi_poll(multi, NULL, 0, 1000, NULL); if(mc) break; do { - msg = curl_multi_info_read(multi_handle, &queued); + msg = curl_multi_info_read(multi, &queued); if(msg) { if(msg->msg == CURLMSG_DONE) { /* a transfer ended */ @@ -91,15 +90,15 @@ int main(void) } while(msg); } - curl_multi_remove_handle(multi_handle, http_handle); - curl_multi_remove_handle(multi_handle, http_handle2); + curl_multi_remove_handle(multi, curl); + curl_multi_remove_handle(multi, curl2); - curl_multi_cleanup(multi_handle); + curl_multi_cleanup(multi); } } - curl_easy_cleanup(http_handle); - curl_easy_cleanup(http_handle2); + curl_easy_cleanup(curl); + curl_easy_cleanup(curl2); curl_global_cleanup(); diff --git a/docs/examples/multi-event.c b/docs/examples/multi-event.c index af77101b63..abf907afe5 100644 --- a/docs/examples/multi-event.c +++ b/docs/examples/multi-event.c @@ -33,7 +33,7 @@ #include static struct event_base *base; -static CURLM *curl_handle; +static CURLM *multi; static struct event *timeout; struct curl_context { @@ -67,7 +67,7 @@ static void add_download(const char *url, int num) { char filename[50]; FILE *file; - CURL *handle; + CURL *curl; snprintf(filename, sizeof(filename), "%d.download", num); @@ -77,11 +77,11 @@ static void add_download(const char *url, int num) return; } - handle = curl_easy_init(); - curl_easy_setopt(handle, CURLOPT_WRITEDATA, file); - curl_easy_setopt(handle, CURLOPT_PRIVATE, file); - curl_easy_setopt(handle, CURLOPT_URL, url); - curl_multi_add_handle(curl_handle, handle); + curl = curl_easy_init(); + curl_easy_setopt(curl, CURLOPT_WRITEDATA, file); + curl_easy_setopt(curl, CURLOPT_PRIVATE, file); + curl_easy_setopt(curl, CURLOPT_URL, url); + curl_multi_add_handle(multi, curl); fprintf(stderr, "Added download %s -> %s\n", url, filename); } @@ -90,10 +90,10 @@ static void check_multi_info(void) char *done_url; CURLMsg *message; int pending; - CURL *easy_handle; + CURL *curl; FILE *file; - while((message = curl_multi_info_read(curl_handle, &pending))) { + while((message = curl_multi_info_read(multi, &pending))) { switch(message->msg) { case CURLMSG_DONE: /* Do not use message data after calling curl_multi_remove_handle() and @@ -101,14 +101,14 @@ static void check_multi_info(void) "WARNING: The data the returned pointer points to does not survive calling curl_multi_cleanup, curl_multi_remove_handle or curl_easy_cleanup." */ - easy_handle = message->easy_handle; + curl = message->easy_handle; - curl_easy_getinfo(easy_handle, CURLINFO_EFFECTIVE_URL, &done_url); - curl_easy_getinfo(easy_handle, CURLINFO_PRIVATE, &file); + curl_easy_getinfo(curl, CURLINFO_EFFECTIVE_URL, &done_url); + curl_easy_getinfo(curl, CURLINFO_PRIVATE, &file); printf("%s DONE\n", done_url); - curl_multi_remove_handle(curl_handle, easy_handle); - curl_easy_cleanup(easy_handle); + curl_multi_remove_handle(multi, curl); + curl_easy_cleanup(curl); if(file) { fclose(file); } @@ -136,7 +136,7 @@ static void curl_perform(int fd, short event, void *arg) context = (struct curl_context *) arg; - curl_multi_socket_action(curl_handle, context->sockfd, flags, + curl_multi_socket_action(multi, context->sockfd, flags, &running_handles); check_multi_info(); @@ -148,7 +148,7 @@ static void on_timeout(evutil_socket_t fd, short events, void *arg) (void)fd; (void)events; (void)arg; - curl_multi_socket_action(curl_handle, CURL_SOCKET_TIMEOUT, 0, + curl_multi_socket_action(multi, CURL_SOCKET_TIMEOUT, 0, &running_handles); check_multi_info(); } @@ -172,13 +172,13 @@ static int start_timeout(CURLM *multi, long timeout_ms, void *userp) return 0; } -static int handle_socket(CURL *easy, curl_socket_t s, int action, void *userp, +static int handle_socket(CURL *curl, curl_socket_t s, int action, void *userp, void *socketp) { struct curl_context *curl_context; int events = 0; - (void)easy; + (void)curl; (void)userp; switch(action) { @@ -188,7 +188,7 @@ static int handle_socket(CURL *easy, curl_socket_t s, int action, void *userp, curl_context = socketp ? (struct curl_context *) socketp : create_curl_context(s); - curl_multi_assign(curl_handle, s, (void *) curl_context); + curl_multi_assign(multi, s, (void *) curl_context); if(action != CURL_POLL_IN) events |= EV_WRITE; @@ -207,7 +207,7 @@ static int handle_socket(CURL *easy, curl_socket_t s, int action, void *userp, if(socketp) { event_del(((struct curl_context*) socketp)->event); destroy_curl_context((struct curl_context*) socketp); - curl_multi_assign(curl_handle, s, NULL); + curl_multi_assign(multi, s, NULL); } break; default: @@ -233,10 +233,10 @@ int main(int argc, char **argv) base = event_base_new(); timeout = evtimer_new(base, on_timeout, NULL); - curl_handle = curl_multi_init(); - if(curl_handle) { - curl_multi_setopt(curl_handle, CURLMOPT_SOCKETFUNCTION, handle_socket); - curl_multi_setopt(curl_handle, CURLMOPT_TIMERFUNCTION, start_timeout); + multi = curl_multi_init(); + if(multi) { + curl_multi_setopt(multi, CURLMOPT_SOCKETFUNCTION, handle_socket); + curl_multi_setopt(multi, CURLMOPT_TIMERFUNCTION, start_timeout); while(argc-- > 1) { add_download(argv[argc], argc); @@ -244,7 +244,7 @@ int main(int argc, char **argv) event_base_dispatch(base); - curl_multi_cleanup(curl_handle); + curl_multi_cleanup(multi); } event_free(timeout); event_base_free(base); diff --git a/docs/examples/multi-formadd.c b/docs/examples/multi-formadd.c index 08d852ec65..7a1b9eb95d 100644 --- a/docs/examples/multi-formadd.c +++ b/docs/examples/multi-formadd.c @@ -79,10 +79,10 @@ int main(void) curl = curl_easy_init(); if(curl) { - CURLM *multi_handle; + CURLM *multi; - multi_handle = curl_multi_init(); - if(multi_handle) { + multi = curl_multi_init(); + if(multi) { int still_running = 0; @@ -96,21 +96,21 @@ int main(void) curl_easy_setopt(curl, CURLOPT_HTTPPOST, formpost); ) - curl_multi_add_handle(multi_handle, curl); + curl_multi_add_handle(multi, curl); do { - CURLMcode mc = curl_multi_perform(multi_handle, &still_running); + CURLMcode mc = curl_multi_perform(multi, &still_running); if(still_running) /* wait for activity, timeout or "nothing" */ - mc = curl_multi_poll(multi_handle, NULL, 0, 1000, NULL); + mc = curl_multi_poll(multi, NULL, 0, 1000, NULL); if(mc) break; } while(still_running); - curl_multi_cleanup(multi_handle); + curl_multi_cleanup(multi); } /* always cleanup */ diff --git a/docs/examples/multi-legacy.c b/docs/examples/multi-legacy.c index 19821ad6d3..93b50c169f 100644 --- a/docs/examples/multi-legacy.c +++ b/docs/examples/multi-legacy.c @@ -49,8 +49,8 @@ int main(void) { - CURL *handles[HANDLECOUNT]; - CURLM *multi_handle; + CURL *curl[HANDLECOUNT]; + CURLM *multi; int i; @@ -60,17 +60,17 @@ int main(void) /* Allocate one curl handle per transfer */ for(i = 0; i < HANDLECOUNT; i++) - handles[i] = curl_easy_init(); + curl[i] = curl_easy_init(); /* set the options (I left out a few, you get the point anyway) */ - curl_easy_setopt(handles[HTTP_HANDLE], CURLOPT_URL, "https://example.com"); + curl_easy_setopt(curl[HTTP_HANDLE], CURLOPT_URL, "https://example.com"); - curl_easy_setopt(handles[FTP_HANDLE], CURLOPT_URL, "ftp://example.com"); - curl_easy_setopt(handles[FTP_HANDLE], CURLOPT_UPLOAD, 1L); + curl_easy_setopt(curl[FTP_HANDLE], CURLOPT_URL, "ftp://example.com"); + curl_easy_setopt(curl[FTP_HANDLE], CURLOPT_UPLOAD, 1L); /* init a multi stack */ - multi_handle = curl_multi_init(); - if(multi_handle) { + multi = curl_multi_init(); + if(multi) { int still_running = 0; /* keep number of running handles */ @@ -79,10 +79,10 @@ int main(void) /* add the individual transfers */ for(i = 0; i < HANDLECOUNT; i++) - curl_multi_add_handle(multi_handle, handles[i]); + curl_multi_add_handle(multi, curl[i]); /* we start some action by calling perform right away */ - curl_multi_perform(multi_handle, &still_running); + curl_multi_perform(multi, &still_running); while(still_running) { @@ -105,7 +105,7 @@ int main(void) timeout.tv_sec = 1; timeout.tv_usec = 0; - curl_multi_timeout(multi_handle, &curl_timeo); + curl_multi_timeout(multi, &curl_timeo); if(curl_timeo >= 0) { #if defined(MSDOS) || defined(__AMIGA__) timeout.tv_sec = (time_t)(curl_timeo / 1000); @@ -123,7 +123,7 @@ int main(void) } /* get file descriptors from the transfers */ - mc = curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd); + mc = curl_multi_fdset(multi, &fdread, &fdwrite, &fdexcep, &maxfd); if(mc != CURLM_OK) { fprintf(stderr, "curl_multi_fdset() failed, code %d.\n", mc); @@ -159,20 +159,20 @@ int main(void) break; case 0: /* timeout */ default: /* action */ - curl_multi_perform(multi_handle, &still_running); + curl_multi_perform(multi, &still_running); break; } } /* See how the transfers went */ /* !checksrc! disable EQUALSNULL 1 */ - while((msg = curl_multi_info_read(multi_handle, &msgs_left)) != NULL) { + while((msg = curl_multi_info_read(multi, &msgs_left)) != NULL) { if(msg->msg == CURLMSG_DONE) { int idx; /* Find out which handle this message is about */ for(idx = 0; idx < HANDLECOUNT; idx++) { - int found = (msg->easy_handle == handles[idx]); + int found = (msg->easy_handle == curl[idx]); if(found) break; } @@ -188,12 +188,12 @@ int main(void) } } - curl_multi_cleanup(multi_handle); + curl_multi_cleanup(multi); } /* Free the curl handles */ for(i = 0; i < HANDLECOUNT; i++) - curl_easy_cleanup(handles[i]); + curl_easy_cleanup(curl[i]); curl_global_cleanup(); diff --git a/docs/examples/multi-post.c b/docs/examples/multi-post.c index ac7d2f5252..c6cb60e898 100644 --- a/docs/examples/multi-post.c +++ b/docs/examples/multi-post.c @@ -46,10 +46,10 @@ int main(void) curl = curl_easy_init(); if(curl) { - CURLM *multi_handle; + CURLM *multi; - multi_handle = curl_multi_init(); - if(multi_handle) { + multi = curl_multi_init(); + if(multi) { int still_running = 0; /* Create the form */ @@ -82,20 +82,20 @@ int main(void) curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headerlist); curl_easy_setopt(curl, CURLOPT_MIMEPOST, form); - curl_multi_add_handle(multi_handle, curl); + curl_multi_add_handle(multi, curl); do { - CURLMcode mc = curl_multi_perform(multi_handle, &still_running); + CURLMcode mc = curl_multi_perform(multi, &still_running); if(still_running) /* wait for activity, timeout or "nothing" */ - mc = curl_multi_poll(multi_handle, NULL, 0, 1000, NULL); + mc = curl_multi_poll(multi, NULL, 0, 1000, NULL); if(mc) break; } while(still_running); - curl_multi_cleanup(multi_handle); + curl_multi_cleanup(multi); } /* always cleanup */ diff --git a/docs/examples/multi-single.c b/docs/examples/multi-single.c index 50736c7201..ee2676bae3 100644 --- a/docs/examples/multi-single.c +++ b/docs/examples/multi-single.c @@ -37,34 +37,34 @@ */ int main(void) { - CURL *http_handle; + CURL *curl; CURLcode res = curl_global_init(CURL_GLOBAL_ALL); if(res) return (int)res; - http_handle = curl_easy_init(); - if(http_handle) { + curl = curl_easy_init(); + if(curl) { - CURLM *multi_handle; + CURLM *multi; int still_running = 1; /* keep number of running handles */ /* set the options (I left out a few, you get the point anyway) */ - curl_easy_setopt(http_handle, CURLOPT_URL, "https://www.example.com/"); + curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.com/"); /* init a multi stack */ - multi_handle = curl_multi_init(); - if(multi_handle) { + multi = curl_multi_init(); + if(multi) { /* add the individual transfers */ - curl_multi_add_handle(multi_handle, http_handle); + curl_multi_add_handle(multi, curl); do { - CURLMcode mc = curl_multi_perform(multi_handle, &still_running); + CURLMcode mc = curl_multi_perform(multi, &still_running); if(!mc) /* wait for activity, timeout or "nothing" */ - mc = curl_multi_poll(multi_handle, NULL, 0, 1000, NULL); + mc = curl_multi_poll(multi, NULL, 0, 1000, NULL); if(mc) { fprintf(stderr, "curl_multi_poll() failed, code %d.\n", (int)mc); @@ -73,12 +73,12 @@ int main(void) } while(still_running); - curl_multi_remove_handle(multi_handle, http_handle); + curl_multi_remove_handle(multi, curl); - curl_multi_cleanup(multi_handle); + curl_multi_cleanup(multi); } - curl_easy_cleanup(http_handle); + curl_easy_cleanup(curl); } curl_global_cleanup(); diff --git a/docs/examples/multi-uv.c b/docs/examples/multi-uv.c index d2f18348e6..de6beda210 100644 --- a/docs/examples/multi-uv.c +++ b/docs/examples/multi-uv.c @@ -85,7 +85,7 @@ static void add_download(const char *url, int num, CURLM *multi) { char filename[50]; FILE *file; - CURL *handle; + CURL *curl; snprintf(filename, sizeof(filename), "%d.download", num); @@ -95,11 +95,11 @@ static void add_download(const char *url, int num, CURLM *multi) return; } - handle = curl_easy_init(); - curl_easy_setopt(handle, CURLOPT_WRITEDATA, file); - curl_easy_setopt(handle, CURLOPT_PRIVATE, file); - curl_easy_setopt(handle, CURLOPT_URL, url); - curl_multi_add_handle(multi, handle); + curl = curl_easy_init(); + curl_easy_setopt(curl, CURLOPT_WRITEDATA, file); + curl_easy_setopt(curl, CURLOPT_PRIVATE, file); + curl_easy_setopt(curl, CURLOPT_URL, url); + curl_multi_add_handle(multi, curl); fprintf(stderr, "Added download %s -> %s\n", url, filename); } @@ -108,7 +108,7 @@ static void check_multi_info(struct curl_context *context) char *done_url; CURLMsg *message; int pending; - CURL *easy_handle; + CURL *curl; FILE *file; while((message = curl_multi_info_read(context->uv->multi, &pending))) { @@ -119,14 +119,14 @@ static void check_multi_info(struct curl_context *context) "WARNING: The data the returned pointer points to does not survive calling curl_multi_cleanup, curl_multi_remove_handle or curl_easy_cleanup." */ - easy_handle = message->easy_handle; + curl = message->easy_handle; - curl_easy_getinfo(easy_handle, CURLINFO_EFFECTIVE_URL, &done_url); - curl_easy_getinfo(easy_handle, CURLINFO_PRIVATE, &file); + curl_easy_getinfo(curl, CURLINFO_EFFECTIVE_URL, &done_url); + curl_easy_getinfo(curl, CURLINFO_PRIVATE, &file); printf("%s DONE\n", done_url); - curl_multi_remove_handle(context->uv->multi, easy_handle); - curl_easy_cleanup(easy_handle); + curl_multi_remove_handle(context->uv->multi, curl); + curl_easy_cleanup(curl); if(file) { fclose(file); } @@ -186,13 +186,13 @@ static int cb_timeout(CURLM *multi, long timeout_ms, void *userp) } /* callback from libcurl to update socket activity to wait for */ -static int cb_socket(CURL *easy, curl_socket_t s, int action, +static int cb_socket(CURL *curl, curl_socket_t s, int action, void *userp, void *socketp) { struct datauv *uv = (struct datauv *)userp; struct curl_context *curl_context; int events = 0; - (void)easy; + (void)curl; switch(action) { case CURL_POLL_IN: diff --git a/docs/examples/pop3-multi.c b/docs/examples/pop3-multi.c index 4d418a7d09..d88d119349 100644 --- a/docs/examples/pop3-multi.c +++ b/docs/examples/pop3-multi.c @@ -47,10 +47,10 @@ int main(void) curl = curl_easy_init(); if(curl) { - CURLM *mcurl; + CURLM *multi; - mcurl = curl_multi_init(); - if(mcurl) { + multi = curl_multi_init(); + if(multi) { int still_running = 1; /* Set username and password */ @@ -61,14 +61,14 @@ int main(void) curl_easy_setopt(curl, CURLOPT_URL, "pop3://pop.example.com/1"); /* Tell the multi stack about our easy handle */ - curl_multi_add_handle(mcurl, curl); + curl_multi_add_handle(multi, curl); do { - CURLMcode mc = curl_multi_perform(mcurl, &still_running); + CURLMcode mc = curl_multi_perform(multi, &still_running); if(still_running) /* wait for activity, timeout or "nothing" */ - mc = curl_multi_poll(mcurl, NULL, 0, 1000, NULL); + mc = curl_multi_poll(multi, NULL, 0, 1000, NULL); if(mc) break; @@ -76,8 +76,8 @@ int main(void) } while(still_running); /* Always cleanup */ - curl_multi_remove_handle(mcurl, curl); - curl_multi_cleanup(mcurl); + curl_multi_remove_handle(multi, curl); + curl_multi_cleanup(multi); } curl_easy_cleanup(curl); } diff --git a/docs/examples/post-callback.c b/docs/examples/post-callback.c index 7c5a87e9ac..ed5b4b1972 100644 --- a/docs/examples/post-callback.c +++ b/docs/examples/post-callback.c @@ -43,7 +43,7 @@ struct WriteThis { size_t sizeleft; }; -static size_t read_callback(char *dest, size_t size, size_t nmemb, void *userp) +static size_t read_cb(char *dest, size_t size, size_t nmemb, void *userp) { struct WriteThis *wt = (struct WriteThis *)userp; size_t buffer_size = size*nmemb; @@ -92,7 +92,7 @@ int main(void) curl_easy_setopt(curl, CURLOPT_POST, 1L); /* we want to use our own read function */ - curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_callback); + curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_cb); /* pointer to pass to our read function */ curl_easy_setopt(curl, CURLOPT_READDATA, &wt); diff --git a/docs/examples/postinmemory.c b/docs/examples/postinmemory.c index 50b3b6fe7b..a6ff7fa377 100644 --- a/docs/examples/postinmemory.c +++ b/docs/examples/postinmemory.c @@ -35,7 +35,7 @@ struct MemoryStruct { size_t size; }; -static size_t WriteMemoryCallback(void *contents, size_t size, size_t nmemb, +static size_t write_cb(void *contents, size_t size, size_t nmemb, void *userp) { size_t realsize = size * nmemb; @@ -75,7 +75,7 @@ int main(void) curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.org/"); /* send all data to this function */ - curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, WriteMemoryCallback); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); /* we pass our 'chunk' struct to the callback function */ curl_easy_setopt(curl, CURLOPT_WRITEDATA, (void *)&chunk); diff --git a/docs/examples/sepheaders.c b/docs/examples/sepheaders.c index cea07fd566..85938dc223 100644 --- a/docs/examples/sepheaders.c +++ b/docs/examples/sepheaders.c @@ -30,7 +30,7 @@ #include -static size_t write_data(void *ptr, size_t size, size_t nmemb, void *stream) +static size_t write_cb(void *ptr, size_t size, size_t nmemb, void *stream) { size_t written = fwrite(ptr, size, nmemb, (FILE *)stream); return written; @@ -38,33 +38,33 @@ static size_t write_data(void *ptr, size_t size, size_t nmemb, void *stream) int main(void) { - CURL *curl_handle; + CURL *curl; CURLcode res = curl_global_init(CURL_GLOBAL_ALL); if(res) return (int)res; /* init the curl session */ - curl_handle = curl_easy_init(); - if(curl_handle) { + curl = curl_easy_init(); + if(curl) { static const char *headerfilename = "head.out"; FILE *headerfile; static const char *bodyfilename = "body.out"; FILE *bodyfile; /* set URL to get */ - curl_easy_setopt(curl_handle, CURLOPT_URL, "https://example.com"); + curl_easy_setopt(curl, CURLOPT_URL, "https://example.com"); /* no progress meter please */ - curl_easy_setopt(curl_handle, CURLOPT_NOPROGRESS, 1L); + curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 1L); /* send all data to this function */ - curl_easy_setopt(curl_handle, CURLOPT_WRITEFUNCTION, write_data); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); /* open the header file */ headerfile = fopen(headerfilename, "wb"); if(!headerfile) { - curl_easy_cleanup(curl_handle); + curl_easy_cleanup(curl); curl_global_cleanup(); return -1; } @@ -72,20 +72,20 @@ int main(void) /* open the body file */ bodyfile = fopen(bodyfilename, "wb"); if(!bodyfile) { - curl_easy_cleanup(curl_handle); + curl_easy_cleanup(curl); fclose(headerfile); curl_global_cleanup(); return -1; } /* we want the headers be written to this file handle */ - curl_easy_setopt(curl_handle, CURLOPT_HEADERDATA, headerfile); + curl_easy_setopt(curl, CURLOPT_HEADERDATA, headerfile); /* we want the body be written to this file handle instead of stdout */ - curl_easy_setopt(curl_handle, CURLOPT_WRITEDATA, bodyfile); + curl_easy_setopt(curl, CURLOPT_WRITEDATA, bodyfile); /* get it! */ - res = curl_easy_perform(curl_handle); + res = curl_easy_perform(curl); /* close the header file */ fclose(headerfile); @@ -94,7 +94,7 @@ int main(void) fclose(bodyfile); /* cleanup curl stuff */ - curl_easy_cleanup(curl_handle); + curl_easy_cleanup(curl); } curl_global_cleanup(); diff --git a/docs/examples/sessioninfo.c b/docs/examples/sessioninfo.c index c7ea52ccc2..e90b387da0 100644 --- a/docs/examples/sessioninfo.c +++ b/docs/examples/sessioninfo.c @@ -43,7 +43,7 @@ static CURL *curl; -static size_t wrfu(void *ptr, size_t size, size_t nmemb, void *stream) +static size_t write_cb(void *ptr, size_t size, size_t nmemb, void *stream) { const struct curl_tlssessioninfo *info; CURLcode res; @@ -103,7 +103,7 @@ int main(void) curl = curl_easy_init(); if(curl) { curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.com/"); - curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, wrfu); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); curl_easy_setopt(curl, CURLOPT_VERBOSE, 0L); res = curl_easy_perform(curl); diff --git a/docs/examples/sftpget.c b/docs/examples/sftpget.c index 36653c5b82..5eaf3416e8 100644 --- a/docs/examples/sftpget.c +++ b/docs/examples/sftpget.c @@ -45,7 +45,7 @@ struct FtpFile { FILE *stream; }; -static size_t my_fwrite(void *buffer, size_t size, size_t nmemb, +static size_t write_cb(void *buffer, size_t size, size_t nmemb, void *stream) { struct FtpFile *out = (struct FtpFile *)stream; @@ -79,7 +79,7 @@ int main(void) curl_easy_setopt(curl, CURLOPT_URL, "sftp://user@server/home/user/file.txt"); /* Define our callback to get called when there is data to be written */ - curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, my_fwrite); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); /* Set a pointer to our struct to pass to the callback */ curl_easy_setopt(curl, CURLOPT_WRITEDATA, &ftpfile); diff --git a/docs/examples/sftpuploadresume.c b/docs/examples/sftpuploadresume.c index fa42859672..c15d103b5f 100644 --- a/docs/examples/sftpuploadresume.c +++ b/docs/examples/sftpuploadresume.c @@ -31,7 +31,7 @@ #include /* read data to upload */ -static size_t readfunc(char *ptr, size_t size, size_t nmemb, void *stream) +static size_t read_cb(char *ptr, size_t size, size_t nmemb, void *stream) { FILE *f = (FILE *)stream; size_t n; @@ -50,36 +50,36 @@ static size_t readfunc(char *ptr, size_t size, size_t nmemb, void *stream) static curl_off_t sftpGetRemoteFileSize(const char *i_remoteFile) { curl_off_t remoteFileSizeByte = -1; - CURL *curlHandlePtr = curl_easy_init(); + CURL *curl = curl_easy_init(); - if(curlHandlePtr) { + if(curl) { CURLcode result; - curl_easy_setopt(curlHandlePtr, CURLOPT_VERBOSE, 1L); + curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); - curl_easy_setopt(curlHandlePtr, CURLOPT_URL, i_remoteFile); - curl_easy_setopt(curlHandlePtr, CURLOPT_NOPROGRESS, 1L); - curl_easy_setopt(curlHandlePtr, CURLOPT_NOBODY, 1L); - curl_easy_setopt(curlHandlePtr, CURLOPT_HEADER, 1L); - curl_easy_setopt(curlHandlePtr, CURLOPT_FILETIME, 1L); + curl_easy_setopt(curl, CURLOPT_URL, i_remoteFile); + curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 1L); + curl_easy_setopt(curl, CURLOPT_NOBODY, 1L); + curl_easy_setopt(curl, CURLOPT_HEADER, 1L); + curl_easy_setopt(curl, CURLOPT_FILETIME, 1L); - result = curl_easy_perform(curlHandlePtr); + result = curl_easy_perform(curl); if(CURLE_OK == result) { - result = curl_easy_getinfo(curlHandlePtr, + result = curl_easy_getinfo(curl, CURLINFO_CONTENT_LENGTH_DOWNLOAD_T, &remoteFileSizeByte); if(result) return -1; printf("filesize: %" CURL_FORMAT_CURL_OFF_T "\n", remoteFileSizeByte); } - curl_easy_cleanup(curlHandlePtr); + curl_easy_cleanup(curl); } return remoteFileSizeByte; } -static int sftpResumeUpload(CURL *curlhandle, const char *remotepath, +static int sftpResumeUpload(CURL *curl, const char *remotepath, const char *localpath) { FILE *f = NULL; @@ -99,18 +99,18 @@ static int sftpResumeUpload(CURL *curlhandle, const char *remotepath, return 0; } - curl_easy_setopt(curlhandle, CURLOPT_UPLOAD, 1L); - curl_easy_setopt(curlhandle, CURLOPT_URL, remotepath); - curl_easy_setopt(curlhandle, CURLOPT_READFUNCTION, readfunc); - curl_easy_setopt(curlhandle, CURLOPT_READDATA, f); + curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L); + curl_easy_setopt(curl, CURLOPT_URL, remotepath); + curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_cb); + curl_easy_setopt(curl, CURLOPT_READDATA, f); #if defined(_WIN32) && !defined(UNDER_CE) _fseeki64(f, remoteFileSizeByte, SEEK_SET); #else fseek(f, (long)remoteFileSizeByte, SEEK_SET); #endif - curl_easy_setopt(curlhandle, CURLOPT_APPEND, 1L); - result = curl_easy_perform(curlhandle); + curl_easy_setopt(curl, CURLOPT_APPEND, 1L); + result = curl_easy_perform(curl); fclose(f); @@ -124,22 +124,22 @@ static int sftpResumeUpload(CURL *curlhandle, const char *remotepath, int main(void) { - CURL *curlhandle = NULL; + CURL *curl = NULL; CURLcode res = curl_global_init(CURL_GLOBAL_ALL); if(res) return (int)res; - curlhandle = curl_easy_init(); - if(curlhandle) { + curl = curl_easy_init(); + if(curl) { const char *remote = "sftp://user:pass@example.com/path/filename"; const char *filename = "filename"; - if(!sftpResumeUpload(curlhandle, remote, filename)) { + if(!sftpResumeUpload(curl, remote, filename)) { printf("resumed upload using curl %s failed\n", curl_version()); } - curl_easy_cleanup(curlhandle); + curl_easy_cleanup(curl); } curl_global_cleanup(); diff --git a/docs/examples/shared-connection-cache.c b/docs/examples/shared-connection-cache.c index a8549d7766..4af62fee94 100644 --- a/docs/examples/shared-connection-cache.c +++ b/docs/examples/shared-connection-cache.c @@ -28,19 +28,19 @@ #include #include -static void my_lock(CURL *handle, curl_lock_data data, +static void my_lock(CURL *curl, curl_lock_data data, curl_lock_access laccess, void *useptr) { - (void)handle; + (void)curl; (void)data; (void)laccess; (void)useptr; fprintf(stderr, "-> Mutex lock\n"); } -static void my_unlock(CURL *handle, curl_lock_data data, void *useptr) +static void my_unlock(CURL *curl, curl_lock_data data, void *useptr) { - (void)handle; + (void)curl; (void)data; (void)useptr; fprintf(stderr, "<- Mutex unlock\n"); diff --git a/docs/examples/smooth-gtk-thread.c b/docs/examples/smooth-gtk-thread.c index 5a0bb2d05e..0fcffe2501 100644 --- a/docs/examples/smooth-gtk-thread.c +++ b/docs/examples/smooth-gtk-thread.c @@ -60,7 +60,7 @@ const char * const urls[]= { "90030" }; -size_t write_file(void *ptr, size_t size, size_t nmemb, FILE *stream) +size_t write_cb(void *ptr, size_t size, size_t nmemb, FILE *stream) { return fwrite(ptr, size, nmemb, stream); } @@ -80,7 +80,7 @@ static void run_one(gchar *http, int j) /* Write to the file */ curl_easy_setopt(curl, CURLOPT_WRITEDATA, outfile); - curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_file); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); (void)curl_easy_perform(curl); fclose(outfile); diff --git a/docs/examples/smtp-authzid.c b/docs/examples/smtp-authzid.c index 1fb1176b2a..539997d945 100644 --- a/docs/examples/smtp-authzid.c +++ b/docs/examples/smtp-authzid.c @@ -67,7 +67,7 @@ struct upload_status { size_t bytes_read; }; -static size_t payload_source(char *ptr, size_t size, size_t nmemb, void *userp) +static size_t read_cb(char *ptr, size_t size, size_t nmemb, void *userp) { struct upload_status *upload_ctx = (struct upload_status *)userp; const char *data; @@ -133,7 +133,7 @@ int main(void) /* We are using a callback function to specify the payload (the headers and * body of the message). You could just use the CURLOPT_READDATA option to * specify a FILE pointer to read from. */ - curl_easy_setopt(curl, CURLOPT_READFUNCTION, payload_source); + curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_cb); curl_easy_setopt(curl, CURLOPT_READDATA, &upload_ctx); curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L); diff --git a/docs/examples/smtp-mail.c b/docs/examples/smtp-mail.c index d41fc07b80..39aa86a818 100644 --- a/docs/examples/smtp-mail.c +++ b/docs/examples/smtp-mail.c @@ -64,7 +64,7 @@ struct upload_status { size_t bytes_read; }; -static size_t payload_source(char *ptr, size_t size, size_t nmemb, void *userp) +static size_t read_cb(char *ptr, size_t size, size_t nmemb, void *userp) { struct upload_status *upload_ctx = (struct upload_status *)userp; const char *data; @@ -121,7 +121,7 @@ int main(void) /* We are using a callback function to specify the payload (the headers and * body of the message). You could just use the CURLOPT_READDATA option to * specify a FILE pointer to read from. */ - curl_easy_setopt(curl, CURLOPT_READFUNCTION, payload_source); + curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_cb); curl_easy_setopt(curl, CURLOPT_READDATA, &upload_ctx); curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L); diff --git a/docs/examples/smtp-multi.c b/docs/examples/smtp-multi.c index 0973378e0f..3dabfbb980 100644 --- a/docs/examples/smtp-multi.c +++ b/docs/examples/smtp-multi.c @@ -57,7 +57,7 @@ struct upload_status { size_t bytes_read; }; -static size_t payload_source(char *ptr, size_t size, size_t nmemb, void *userp) +static size_t read_cb(char *ptr, size_t size, size_t nmemb, void *userp) { struct upload_status *upload_ctx = (struct upload_status *)userp; const char *data; @@ -89,10 +89,10 @@ int main(void) curl = curl_easy_init(); if(curl) { - CURLM *mcurl; + CURLM *multi; - mcurl = curl_multi_init(); - if(mcurl) { + multi = curl_multi_init(); + if(multi) { int still_running = 1; struct curl_slist *recipients = NULL; struct upload_status upload_ctx = { 0 }; @@ -119,19 +119,19 @@ int main(void) /* We are using a callback function to specify the payload (the headers * and body of the message). You could just use the CURLOPT_READDATA * option to specify a FILE pointer to read from. */ - curl_easy_setopt(curl, CURLOPT_READFUNCTION, payload_source); + curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_cb); curl_easy_setopt(curl, CURLOPT_READDATA, &upload_ctx); curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L); /* Tell the multi stack about our easy handle */ - curl_multi_add_handle(mcurl, curl); + curl_multi_add_handle(multi, curl); do { - CURLMcode mc = curl_multi_perform(mcurl, &still_running); + CURLMcode mc = curl_multi_perform(multi, &still_running); if(still_running) /* wait for activity, timeout or "nothing" */ - mc = curl_multi_poll(mcurl, NULL, 0, 1000, NULL); + mc = curl_multi_poll(multi, NULL, 0, 1000, NULL); if(mc) break; @@ -142,8 +142,8 @@ int main(void) curl_slist_free_all(recipients); /* Always cleanup */ - curl_multi_remove_handle(mcurl, curl); - curl_multi_cleanup(mcurl); + curl_multi_remove_handle(multi, curl); + curl_multi_cleanup(multi); } curl_easy_cleanup(curl); } diff --git a/docs/examples/smtp-ssl.c b/docs/examples/smtp-ssl.c index 31ef81eae1..5391f3e222 100644 --- a/docs/examples/smtp-ssl.c +++ b/docs/examples/smtp-ssl.c @@ -61,7 +61,7 @@ struct upload_status { size_t bytes_read; }; -static size_t payload_source(char *ptr, size_t size, size_t nmemb, void *userp) +static size_t read_cb(char *ptr, size_t size, size_t nmemb, void *userp) { struct upload_status *upload_ctx = (struct upload_status *)userp; const char *data; @@ -143,7 +143,7 @@ int main(void) /* We are using a callback function to specify the payload (the headers and * body of the message). You could just use the CURLOPT_READDATA option to * specify a FILE pointer to read from. */ - curl_easy_setopt(curl, CURLOPT_READFUNCTION, payload_source); + curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_cb); curl_easy_setopt(curl, CURLOPT_READDATA, &upload_ctx); curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L); diff --git a/docs/examples/smtp-tls.c b/docs/examples/smtp-tls.c index 5d9214455e..b2ea769b21 100644 --- a/docs/examples/smtp-tls.c +++ b/docs/examples/smtp-tls.c @@ -61,7 +61,7 @@ struct upload_status { size_t bytes_read; }; -static size_t payload_source(char *ptr, size_t size, size_t nmemb, void *userp) +static size_t read_cb(char *ptr, size_t size, size_t nmemb, void *userp) { struct upload_status *upload_ctx = (struct upload_status *)userp; const char *data; @@ -145,7 +145,7 @@ int main(void) /* We are using a callback function to specify the payload (the headers and * body of the message). You could just use the CURLOPT_READDATA option to * specify a FILE pointer to read from. */ - curl_easy_setopt(curl, CURLOPT_READFUNCTION, payload_source); + curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_cb); curl_easy_setopt(curl, CURLOPT_READDATA, &upload_ctx); curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L); diff --git a/docs/examples/synctime.c b/docs/examples/synctime.c index da2c7ea0f3..43fe5d312e 100644 --- a/docs/examples/synctime.c +++ b/docs/examples/synctime.c @@ -117,7 +117,7 @@ static SYSTEMTIME LOCALTime; #define HTTP_COMMAND_HEAD 0 #define HTTP_COMMAND_GET 1 -static size_t SyncTime_CURL_WriteOutput(void *ptr, size_t size, size_t nmemb, +static size_t write_cb(void *ptr, size_t size, size_t nmemb, void *stream) { fwrite(ptr, size, nmemb, stream); @@ -187,7 +187,7 @@ static void SyncTime_CURL_Init(CURL *curl, const char *proxy_port, curl_easy_setopt(curl, CURLOPT_PROXYUSERPWD, proxy_user_password); curl_easy_setopt(curl, CURLOPT_USERAGENT, SYNCTIME_UA); - curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, SyncTime_CURL_WriteOutput); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); curl_easy_setopt(curl, CURLOPT_HEADERFUNCTION, SyncTime_CURL_WriteHeader); } diff --git a/docs/examples/url2file.c b/docs/examples/url2file.c index 8e9e01db15..a0523f62db 100644 --- a/docs/examples/url2file.c +++ b/docs/examples/url2file.c @@ -30,7 +30,7 @@ #include -static size_t write_data(void *ptr, size_t size, size_t nmemb, void *stream) +static size_t write_cb(void *ptr, size_t size, size_t nmemb, void *stream) { size_t written = fwrite(ptr, size, nmemb, (FILE *)stream); return written; @@ -41,7 +41,7 @@ int main(int argc, char *argv[]) static const char *pagefilename = "page.out"; CURLcode res; - CURL *curl_handle; + CURL *curl; if(argc < 2) { printf("Usage: %s \n", argv[0]); @@ -55,38 +55,38 @@ int main(int argc, char *argv[]) } /* init the curl session */ - curl_handle = curl_easy_init(); - if(curl_handle) { + curl = curl_easy_init(); + if(curl) { FILE *pagefile; /* set URL to get here */ - curl_easy_setopt(curl_handle, CURLOPT_URL, argv[1]); + curl_easy_setopt(curl, CURLOPT_URL, argv[1]); /* Switch on full protocol/debug output while testing */ - curl_easy_setopt(curl_handle, CURLOPT_VERBOSE, 1L); + curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); /* disable progress meter, set to 0L to enable it */ - curl_easy_setopt(curl_handle, CURLOPT_NOPROGRESS, 1L); + curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 1L); /* send all data to this function */ - curl_easy_setopt(curl_handle, CURLOPT_WRITEFUNCTION, write_data); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); /* open the file */ pagefile = fopen(pagefilename, "wb"); if(pagefile) { /* write the page body to this file handle */ - curl_easy_setopt(curl_handle, CURLOPT_WRITEDATA, pagefile); + curl_easy_setopt(curl, CURLOPT_WRITEDATA, pagefile); /* get it! */ - res = curl_easy_perform(curl_handle); + res = curl_easy_perform(curl); /* close the header file */ fclose(pagefile); } /* cleanup curl stuff */ - curl_easy_cleanup(curl_handle); + curl_easy_cleanup(curl); } curl_global_cleanup(); diff --git a/docs/examples/usercertinmem.c b/docs/examples/usercertinmem.c index 0fb5ab0de9..175dae1151 100644 --- a/docs/examples/usercertinmem.c +++ b/docs/examples/usercertinmem.c @@ -156,34 +156,34 @@ static CURLcode sslctx_function(CURL *curl, void *sslctx, void *pointer) int main(void) { - CURL *ch; + CURL *curl; CURLcode res = curl_global_init(CURL_GLOBAL_ALL); if(res) return (int)res; - ch = curl_easy_init(); - if(ch) { - curl_easy_setopt(ch, CURLOPT_VERBOSE, 0L); - curl_easy_setopt(ch, CURLOPT_HEADER, 0L); - curl_easy_setopt(ch, CURLOPT_NOPROGRESS, 1L); - curl_easy_setopt(ch, CURLOPT_NOSIGNAL, 1L); - curl_easy_setopt(ch, CURLOPT_WRITEFUNCTION, writefunction); - curl_easy_setopt(ch, CURLOPT_WRITEDATA, stdout); - curl_easy_setopt(ch, CURLOPT_HEADERFUNCTION, writefunction); - curl_easy_setopt(ch, CURLOPT_HEADERDATA, stderr); - curl_easy_setopt(ch, CURLOPT_SSLCERTTYPE, "PEM"); + curl = curl_easy_init(); + if(curl) { + curl_easy_setopt(curl, CURLOPT_VERBOSE, 0L); + curl_easy_setopt(curl, CURLOPT_HEADER, 0L); + curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 1L); + curl_easy_setopt(curl, CURLOPT_NOSIGNAL, 1L); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, writefunction); + curl_easy_setopt(curl, CURLOPT_WRITEDATA, stdout); + curl_easy_setopt(curl, CURLOPT_HEADERFUNCTION, writefunction); + curl_easy_setopt(curl, CURLOPT_HEADERDATA, stderr); + curl_easy_setopt(curl, CURLOPT_SSLCERTTYPE, "PEM"); /* both VERIFYPEER and VERIFYHOST are set to 0 in this case because there is no CA certificate */ - curl_easy_setopt(ch, CURLOPT_SSL_VERIFYPEER, 0L); - curl_easy_setopt(ch, CURLOPT_SSL_VERIFYHOST, 0L); + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L); - curl_easy_setopt(ch, CURLOPT_URL, "https://www.example.com/"); - curl_easy_setopt(ch, CURLOPT_SSLKEYTYPE, "PEM"); + curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.com/"); + curl_easy_setopt(curl, CURLOPT_SSLKEYTYPE, "PEM"); /* first try: retrieve page without user certificate and key -> fails */ - res = curl_easy_perform(ch); + res = curl_easy_perform(curl); if(res == CURLE_OK) printf("*** transfer succeeded ***\n"); else @@ -193,14 +193,14 @@ int main(void) * load the certificate and key by installing a function doing * the necessary "modifications" to the SSL CONTEXT just before link init */ - curl_easy_setopt(ch, CURLOPT_SSL_CTX_FUNCTION, sslctx_function); - res = curl_easy_perform(ch); + curl_easy_setopt(curl, CURLOPT_SSL_CTX_FUNCTION, sslctx_function); + res = curl_easy_perform(curl); if(res == CURLE_OK) printf("*** transfer succeeded ***\n"); else printf("*** transfer failed ***\n"); - curl_easy_cleanup(ch); + curl_easy_cleanup(curl); } curl_global_cleanup(); return (int)res; diff --git a/docs/examples/websocket-cb.c b/docs/examples/websocket-cb.c index aa81d89ab1..78899826fb 100644 --- a/docs/examples/websocket-cb.c +++ b/docs/examples/websocket-cb.c @@ -28,11 +28,11 @@ #include #include -static size_t writecb(char *b, size_t size, size_t nitems, void *p) +static size_t write_cb(char *b, size_t size, size_t nitems, void *p) { - CURL *easy = p; + CURL *curl = p; size_t i; - const struct curl_ws_frame *frame = curl_ws_meta(easy); + const struct curl_ws_frame *frame = curl_ws_meta(curl); fprintf(stderr, "Type: %s\n", frame->flags & CURLWS_BINARY ? "binary" : "text"); fprintf(stderr, "Bytes: %u", (unsigned int)(nitems * size)); @@ -53,7 +53,7 @@ int main(void) if(curl) { curl_easy_setopt(curl, CURLOPT_URL, "wss://example.com"); - curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, writecb); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); /* pass the easy handle to the callback */ curl_easy_setopt(curl, CURLOPT_WRITEDATA, curl); diff --git a/docs/examples/websocket-updown.c b/docs/examples/websocket-updown.c index f95c151cac..88d7b6e6e9 100644 --- a/docs/examples/websocket-updown.c +++ b/docs/examples/websocket-updown.c @@ -29,12 +29,12 @@ #include #include -static size_t writecb(char *b, size_t size, size_t nitems, void *p) +static size_t write_cb(char *b, size_t size, size_t nitems, void *p) { - CURL *easy = p; + CURL *curl = p; size_t i; unsigned int blen = (unsigned int)(nitems * size); - const struct curl_ws_frame *frame = curl_ws_meta(easy); + const struct curl_ws_frame *frame = curl_ws_meta(curl); fprintf(stderr, "Type: %s\n", frame->flags & CURLWS_BINARY ? "binary" : "text"); if(frame->flags & CURLWS_BINARY) { @@ -49,13 +49,13 @@ static size_t writecb(char *b, size_t size, size_t nitems, void *p) } struct read_ctx { - CURL *easy; + CURL *curl; char buf[1024]; size_t blen; size_t nsent; }; -static size_t readcb(char *buf, size_t nitems, size_t buflen, void *p) +static size_t read_cb(char *buf, size_t nitems, size_t buflen, void *p) { struct read_ctx *ctx = p; size_t len = nitems * buflen; @@ -65,7 +65,7 @@ static size_t readcb(char *buf, size_t nitems, size_t buflen, void *p) if(!ctx->nsent) { /* On first call, set the FRAME information to be used (it defaults * to CURLWS_BINARY otherwise). */ - result = curl_ws_start_frame(ctx->easy, CURLWS_TEXT, + result = curl_ws_start_frame(ctx->curl, CURLWS_TEXT, (curl_off_t)ctx->blen); if(result) { fprintf(stderr, "error starting frame: %d\n", result); @@ -85,7 +85,7 @@ static size_t readcb(char *buf, size_t nitems, size_t buflen, void *p) int main(int argc, const char *argv[]) { - CURL *easy; + CURL *curl; struct read_ctx rctx; const char *payload = "Hello, friend!"; @@ -95,33 +95,33 @@ int main(int argc, const char *argv[]) memset(&rctx, 0, sizeof(rctx)); - easy = curl_easy_init(); - if(easy) { + curl = curl_easy_init(); + if(curl) { if(argc == 2) - curl_easy_setopt(easy, CURLOPT_URL, argv[1]); + curl_easy_setopt(curl, CURLOPT_URL, argv[1]); else - curl_easy_setopt(easy, CURLOPT_URL, "wss://example.com"); + curl_easy_setopt(curl, CURLOPT_URL, "wss://example.com"); - curl_easy_setopt(easy, CURLOPT_WRITEFUNCTION, writecb); - curl_easy_setopt(easy, CURLOPT_WRITEDATA, easy); - curl_easy_setopt(easy, CURLOPT_READFUNCTION, readcb); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); + curl_easy_setopt(curl, CURLOPT_WRITEDATA, curl); + curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_cb); /* tell curl that we want to send the payload */ - rctx.easy = easy; + rctx.curl = curl; rctx.blen = strlen(payload); memcpy(rctx.buf, payload, rctx.blen); - curl_easy_setopt(easy, CURLOPT_READDATA, &rctx); - curl_easy_setopt(easy, CURLOPT_UPLOAD, 1L); + curl_easy_setopt(curl, CURLOPT_READDATA, &rctx); + curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L); /* Perform the request, res gets the return code */ - res = curl_easy_perform(easy); + res = curl_easy_perform(curl); /* Check for errors */ if(res != CURLE_OK) fprintf(stderr, "curl_easy_perform() failed: %s\n", curl_easy_strerror(res)); /* always cleanup */ - curl_easy_cleanup(easy); + curl_easy_cleanup(curl); } curl_global_cleanup(); return (int)res; diff --git a/docs/examples/xmlstream.c b/docs/examples/xmlstream.c index 1131a3ce9e..04fc3afd85 100644 --- a/docs/examples/xmlstream.c +++ b/docs/examples/xmlstream.c @@ -95,8 +95,8 @@ static void endElement(void *userData, const XML_Char *name) printf("%5lu %10lu %s\n", state->depth, state->characters.size, name); } -static size_t parseStreamCallback(void *contents, size_t length, size_t nmemb, - void *userp) +static size_t write_cb(void *contents, size_t length, size_t nmemb, + void *userp) { XML_Parser parser = (XML_Parser) userp; size_t real_size = length * nmemb; @@ -116,14 +116,14 @@ static size_t parseStreamCallback(void *contents, size_t length, size_t nmemb, int main(void) { - CURL *curl_handle; + CURL *curl; CURLcode res = curl_global_init(CURL_GLOBAL_ALL); if(res) return (int)res; /* Initialize a libcurl handle. */ - curl_handle = curl_easy_init(); + curl = curl_easy_init(); if(curl) { XML_Parser parser; struct ParserStruct state; @@ -138,15 +138,15 @@ int main(void) XML_SetElementHandler(parser, startElement, endElement); XML_SetCharacterDataHandler(parser, characterDataHandler); - curl_easy_setopt(curl_handle, CURLOPT_URL, + curl_easy_setopt(curl, CURLOPT_URL, "https://www.w3schools.com/xml/simple.xml"); - curl_easy_setopt(curl_handle, CURLOPT_WRITEFUNCTION, parseStreamCallback); - curl_easy_setopt(curl_handle, CURLOPT_WRITEDATA, (void *)parser); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); + curl_easy_setopt(curl, CURLOPT_WRITEDATA, (void *)parser); printf("Depth Characters Closing Tag\n"); /* Perform the request and any follow-up parsing. */ - res = curl_easy_perform(curl_handle); + res = curl_easy_perform(curl); if(res != CURLE_OK) { fprintf(stderr, "curl_easy_perform() failed: %s\n", curl_easy_strerror(res)); @@ -168,7 +168,7 @@ int main(void) free(state.characters.memory); XML_ParserFree(parser); - curl_easy_cleanup(curl_handle); + curl_easy_cleanup(curl); } curl_global_cleanup(); From d29f14b9cf0d38f3887b6eadc71af16903bc7f5b Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 31 Oct 2025 00:55:13 +0100 Subject: [PATCH 0654/2408] tests: replace significant invisible spaces with macros To make them explicit, visible, avoid being accidentally trimmed. Also prevents Git warnings, e.g. on `git am`. Also: - runtests: add support for `%spc%` and `%tab%` macros. - test59: delete non-significant line-ending space. - spacecheck.pl: drop line-ending whitespace exception for tests. Closes #19300 --- .github/scripts/spacecheck.pl | 7 +------ docs/tests/FILEFORMAT.md | 8 ++++++++ tests/data/test1029 | 2 +- tests/data/test1070 | 2 +- tests/data/test1185 | 8 ++++---- tests/data/test136 | 2 +- tests/data/test1461 | 4 ++-- tests/data/test1654 | 2 +- tests/data/test1664 | 2 +- tests/data/test17 | 2 +- tests/data/test188 | 4 ++-- tests/data/test189 | 4 ++-- tests/data/test1940 | 8 ++++---- tests/data/test1941 | 2 +- tests/data/test1942 | 2 +- tests/data/test1944 | 2 +- tests/data/test1945 | 2 +- tests/data/test1946 | 2 +- tests/data/test1947 | 2 +- tests/data/test1955 | 2 +- tests/data/test1958 | 2 +- tests/data/test2302 | 2 +- tests/data/test2306 | 2 +- tests/data/test2400 | 2 +- tests/data/test2403 | 2 +- tests/data/test2406 | 2 +- tests/data/test2500 | 2 +- tests/data/test2503 | 2 +- tests/data/test378 | 2 +- tests/data/test4 | 4 ++-- tests/data/test421 | 2 +- tests/data/test459 | 2 +- tests/data/test46 | 8 ++++---- tests/data/test54 | 2 +- tests/data/test57 | 2 +- tests/data/test59 | 2 +- tests/data/test689 | 4 ++-- tests/data/test769 | 2 +- tests/data/test792 | 2 +- tests/data/test793 | 2 +- tests/testutil.pm | 3 +++ 41 files changed, 64 insertions(+), 58 deletions(-) diff --git a/.github/scripts/spacecheck.pl b/.github/scripts/spacecheck.pl index fbd064db3b..fc1bf8f76c 100755 --- a/.github/scripts/spacecheck.pl +++ b/.github/scripts/spacecheck.pl @@ -42,10 +42,6 @@ my @need_crlf = ( "\\.(bat|sln)\$", ); -my @space_at_eol = ( - "^tests/data/test", -); - my @non_ascii_allowed = ( '\xC3\xB6', # UTF-8 for https://codepoints.net/U+00F6 LATIN SMALL LETTER O WITH DIAERESIS ); @@ -129,8 +125,7 @@ while(my $filename = <$git_ls_files>) { push @err, "content: must use LF EOL for this file type"; } - if(!fn_match($filename, @space_at_eol) && - $content =~ /[ \t]\n/) { + if($content =~ /[ \t]\n/) { my $line; for my $l (split(/\n/, $content)) { $line++; diff --git a/docs/tests/FILEFORMAT.md b/docs/tests/FILEFORMAT.md index 91aa9a5870..cbc9221056 100644 --- a/docs/tests/FILEFORMAT.md +++ b/docs/tests/FILEFORMAT.md @@ -76,6 +76,14 @@ For example, to insert the word hello 100 times: %repeat[100 x hello]% +## Whitespace + +To add significant whitespace characters at the end of the line, or to empty +lines: + + %spc% + %tab% + ## Insert capped epoch days Mostly to test capped cookie expire dates: `%days[NUM]` inserts the number of diff --git a/tests/data/test1029 b/tests/data/test1029 index f37146a747..d019bff7b1 100644 --- a/tests/data/test1029 +++ b/tests/data/test1029 @@ -50,7 +50,7 @@ Content-Length: 62 Connection: close This server reply is for testing a simple Location: following -http://%HOSTIP:%HTTPPORT/we/want/our/data/%TESTNUMBER0002.txt?coolsite=yes http://%HOSTIP:%HTTPPORT/we/want/our/%TESTNUMBER 0 +http://%HOSTIP:%HTTPPORT/we/want/our/data/%TESTNUMBER0002.txt?coolsite=yes http://%HOSTIP:%HTTPPORT/we/want/our/%TESTNUMBER 0%spc% diff --git a/tests/data/test1070 b/tests/data/test1070 index 7f2b4fb09b..f199e71d4b 100644 --- a/tests/data/test1070 +++ b/tests/data/test1070 @@ -57,7 +57,7 @@ Expect: 100-continue Content-Length: 2313 Content-Type: application/x-www-form-urlencoded -This creates +This creates%spc% diff --git a/tests/data/test1185 b/tests/data/test1185 index 7323c59a0d..c00e982301 100644 --- a/tests/data/test1185 +++ b/tests/data/test1185 @@ -91,7 +91,7 @@ void startfunc(int a, int b) { ./%LOGDIR/code1185.c:4:82: warning: Longer than 79 columns (LONGLINE) int hello; /*------------------------------------------------------------------*/ ./%LOGDIR/code1185.c:5:4: error: Contains TAB character (TABS) - int tab; + int%tab%tab; ^ ./%LOGDIR/code1185.c:7:13: warning: func with space (SPACEBEFOREPAREN) int a = func (); @@ -118,7 +118,7 @@ void startfunc(int a, int b) { } else { ^ ./%LOGDIR/code1185.c:24:11: warning: missing space after close paren (PARENBRACE) - if(a == 2){ + if(a == 2){%spc%%spc% ^ ./%LOGDIR/code1185.c:28:14: warning: no space before semicolon (SPACESEMICOLON) func_return() ; @@ -205,10 +205,10 @@ void startfunc(int a, int b) { // CPP comment ? ^ ./%LOGDIR/code1185.c:1:1: error: Missing copyright statement (COPYRIGHT) - +%spc% ^ ./%LOGDIR/code1185.c:1:1: error: Missing closing comment (OPENCOMMENT) - +%spc% ^ checksrc: 0 errors and 41 warnings diff --git a/tests/data/test136 b/tests/data/test136 index 949ae2ebb2..70537719cc 100644 --- a/tests/data/test136 +++ b/tests/data/test136 @@ -30,7 +30,7 @@ FTP with user and no password USER user -PASS +PASS%spc% PWD EPSV TYPE I diff --git a/tests/data/test1461 b/tests/data/test1461 index 79b370bc18..71de31772d 100644 --- a/tests/data/test1461 +++ b/tests/data/test1461 @@ -47,8 +47,8 @@ Usage: curl [options...] This is not the full help; this menu is split into categories. Use "--help category" to get an overview of all categories, which are: -auth, connection, curl, deprecated, dns, file, ftp, global, http, imap, ldap, -output, pop3, post, proxy, scp, sftp, smtp, ssh, telnet, tftp, timeout, tls, +auth, connection, curl, deprecated, dns, file, ftp, global, http, imap, ldap,%spc% +output, pop3, post, proxy, scp, sftp, smtp, ssh, telnet, tftp, timeout, tls,%spc% upload, verbose. Use "--help all" to list all options Use "--help [option]" to view documentation for a given option diff --git a/tests/data/test1654 b/tests/data/test1654 index 5659277ce3..3b88236441 100644 --- a/tests/data/test1654 +++ b/tests/data/test1654 @@ -27,7 +27,7 @@ h2 example.com 443 h3 shiny.example.com 8443 "20191231 00:00:00" 0 0 # a comment h2 foo.example.com 443 h3 shiny.example.com 8443 "20291231 23:30:00" 0 0 h1 example.com 443 h3 shiny.example.com 8443 "20121231 00:00:01" 0 0 - h3 example.com 443 h3 shiny.example.com 8443 "20131231 00:00:00" 0 0 +%tab%h3 example.com 443 h3 shiny.example.com 8443 "20131231 00:00:00" 0 0 # also a comment bad example.com 443 h3 shiny.example.com 8443 "20191231 00:00:00" 0 0 rubbish diff --git a/tests/data/test1664 b/tests/data/test1664 index b36ef3597d..ea126a3be7 100644 --- a/tests/data/test1664 +++ b/tests/data/test1664 @@ -68,7 +68,7 @@ curlx_str_singlespace 3: ("b") 5, line 0 4: ("\") 5, line 0 5: (" ") 0, line 1 -6: (" ") 5, line 0 +6: ("%tab%") 5, line 0 7: (" ") 5, line 0 8: ("") 5, line 0 diff --git a/tests/data/test17 b/tests/data/test17 index 97a37d85cf..c8c0a19b77 100644 --- a/tests/data/test17 +++ b/tests/data/test17 @@ -46,7 +46,7 @@ request MOOO MOOO /that.site.com/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT -User-Agent: agent007 license to drill +User-Agent: agent007 license to drill%tab% Accept: */* diff --git a/tests/data/test188 b/tests/data/test188 index 43fa70e726..2fca251129 100644 --- a/tests/data/test188 +++ b/tests/data/test188 @@ -19,7 +19,7 @@ Content-Length: 3 OK -HTTP/1.1 200 OK +HTTP/1.1 200 OK%spc% Connection: close Content-Length: 15 Content-Range: bytes 50- @@ -32,7 +32,7 @@ HTTP/1.1 301 OK swsbounce Location: /%TESTNUMBER Content-Length: 3 -HTTP/1.1 200 OK +HTTP/1.1 200 OK%spc% Connection: close Content-Length: 15 Content-Range: bytes 50- diff --git a/tests/data/test189 b/tests/data/test189 index 6ca4b66e17..d3cd0f2b2c 100644 --- a/tests/data/test189 +++ b/tests/data/test189 @@ -16,7 +16,7 @@ Content-Length: 3 OK -HTTP/1.1 200 OK +HTTP/1.1 200 OK%spc% Connection: close Content-Length: 15 @@ -28,7 +28,7 @@ HTTP/1.1 301 OK swsbounce Location: /%TESTNUMBER Content-Length: 3 -HTTP/1.1 200 OK +HTTP/1.1 200 OK%spc% Connection: close Content-Length: 15 diff --git a/tests/data/test1940 b/tests/data/test1940 index f4c6dd1a1a..d15bf1d5b6 100644 --- a/tests/data/test1940 +++ b/tests/data/test1940 @@ -10,10 +10,10 @@ curl_easy_header HTTP/1.1 200 OK Date: Thu, 09 Nov 2010 14:49:00 GMT -Server: test with trailing space +Server: test with trailing space%repeat[5 x ]% Content-Type: text/html Fold: is - folding a + folding a%repeat[5 x ]% line Content-Length: 0 Set-Cookie: onecookie=data; @@ -59,8 +59,8 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER - Set-Cookie == secondcookie=2data; (1/3) - Set-Cookie == cookie3=data3; (2/3) Fold == is folding a line - Blank == - Blank2 == + Blank ==%spc% + Blank2 ==%spc% diff --git a/tests/data/test1941 b/tests/data/test1941 index fe3f1de391..9ef4b3b1e4 100644 --- a/tests/data/test1941 +++ b/tests/data/test1941 @@ -11,7 +11,7 @@ CONNECT HTTP/1.1 200 OK Date: Thu, 09 Nov 2010 14:49:00 GMT -Server: test with trailing space +Server: test with trailing space%repeat[5 x ]% Content-Type: text/html Content-Length: 0 Set-Cookie: onecookie=data; diff --git a/tests/data/test1942 b/tests/data/test1942 index 9079800990..7729ff80e6 100644 --- a/tests/data/test1942 +++ b/tests/data/test1942 @@ -15,7 +15,7 @@ Server: maybe different HTTP/1.1 200 OK Date: Thu, 09 Nov 2010 14:49:00 GMT -Server: test with trailing space +Server: test with trailing space%repeat[5 x ]% Content-Type: text/html Content-Length: 0 Set-Cookie: onecookie=data; diff --git a/tests/data/test1944 b/tests/data/test1944 index ad0920d4ae..a5c1673c79 100644 --- a/tests/data/test1944 +++ b/tests/data/test1944 @@ -10,7 +10,7 @@ curl_easy_header HTTP/1.1 302 OK Date: Thu, 01 Nov 2001 14:49:00 GMT -Server: test with trailing space +Server: test with trailing space%repeat[5 x ]% Content-Type: text/html Content-Length: 0 Set-Cookie: onecookie=data; diff --git a/tests/data/test1945 b/tests/data/test1945 index 86fa147adc..1b30965f60 100644 --- a/tests/data/test1945 +++ b/tests/data/test1945 @@ -11,7 +11,7 @@ CONNECT HTTP/1.1 200 OK Date: Thu, 09 Nov 2010 14:49:00 GMT -Server: test with trailing space +Server: test with trailing space%repeat[5 x ]% Content-Type: text/html Content-Length: 0 Set-Cookie: onecookie=data; diff --git a/tests/data/test1946 b/tests/data/test1946 index 20854e16ba..35ca1672bd 100644 --- a/tests/data/test1946 +++ b/tests/data/test1946 @@ -10,7 +10,7 @@ curl_easy_header HTTP/1.1 302 OK Date: Thu, 01 Nov 2001 14:49:00 GMT -Server: test with trailing space +Server: test with trailing space%repeat[5 x ]% Content-Type: text/html Content-Length: 0 Set-Cookie: onecookie=data; diff --git a/tests/data/test1947 b/tests/data/test1947 index f159e4d51c..49e28c14aa 100644 --- a/tests/data/test1947 +++ b/tests/data/test1947 @@ -10,7 +10,7 @@ curl_easy_nextheader HTTP/1.1 302 OK Date: Thu, 01 Nov 2001 14:49:00 GMT -Server: test with trailing space +Server: test with trailing space%repeat[5 x ]% Content-Type: text/html Content-Length: 0 Set-Cookie: onecookie=data; diff --git a/tests/data/test1955 b/tests/data/test1955 index 2266529bbe..be23a9d628 100644 --- a/tests/data/test1955 +++ b/tests/data/test1955 @@ -66,7 +66,7 @@ Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/ple/exam/xxx4_request, S X-Xxx-Date: 19700101T000000Z test3: 1234 test2: -test_space: t s m end +test_space: t%tab%s m%tab% end%repeat[4 x ]% tesMixCase: MixCase diff --git a/tests/data/test1958 b/tests/data/test1958 index 239a11eccb..23aa849444 100644 --- a/tests/data/test1958 +++ b/tests/data/test1958 @@ -64,7 +64,7 @@ GET /aws_sigv4/testapi/test HTTP/1.1 Host: exam.ple.com:9000 Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/ple/exam/xxx4_request, SignedHeaders=content-type;host;x-xxx-content-sha256;x-xxx-date, Signature=25b4cac711ea8f65010c485d3778885f5f3870d0b8ff0b3ab58a8d7eeab991ff X-Xxx-Date: 19700101T000000Z -X-Xxx-Content-Sha256: arbitrary +X-Xxx-Content-Sha256: %tab%arbitrary%spc% diff --git a/tests/data/test2302 b/tests/data/test2302 index 117b5a7ebf..0b3a7d524e 100644 --- a/tests/data/test2302 +++ b/tests/data/test2302 @@ -66,7 +66,7 @@ Connection: Upgrade %hex[%8a%808321]hex% -68 65 6c 6c 6f +68 65 6c 6c 6f%spc% RECFLAGS: 1 diff --git a/tests/data/test2306 b/tests/data/test2306 index 0f7bd541df..c6bbdb0f2b 100644 --- a/tests/data/test2306 +++ b/tests/data/test2306 @@ -24,7 +24,7 @@ Funny-head: yesyes HTTP/1.1 200 OK swsclose - Access-Control-Allow-Origin: * +%tab%Access-Control-Allow-Origin: * Connection: Keep-Alive Content-Type: text/html; charset=utf-8 Date: Wed, 10 May 2023 14:58:08 GMT diff --git a/tests/data/test2400 b/tests/data/test2400 index 9d53f68b96..cb68a11e21 100644 --- a/tests/data/test2400 +++ b/tests/data/test2400 @@ -50,7 +50,7 @@ HTTP/2 GET over HTTPS # Verify data after the test has been "shot" -HTTP/2 200 +HTTP/2 200%spc% date: Tue, 09 Nov 2010 14:49:00 GMT content-length: 6 content-type: text/html diff --git a/tests/data/test2403 b/tests/data/test2403 index 5901866265..dec03cd51c 100644 --- a/tests/data/test2403 +++ b/tests/data/test2403 @@ -51,7 +51,7 @@ HTTP/2 GET using %{header_json} # Verify data after the test has been "shot" -HTTP/2 200 +HTTP/2 200%spc% date: Tue, 09 Nov 2010 14:49:00 GMT content-length: 6 content-type: text/html diff --git a/tests/data/test2406 b/tests/data/test2406 index bc6cc41ad2..a6db9233ef 100644 --- a/tests/data/test2406 +++ b/tests/data/test2406 @@ -49,7 +49,7 @@ HTTP/2 over HTTPS with -f # Verify data after the test has been "shot" -HTTP/2 404 +HTTP/2 404%spc% date: Tue, 09 Nov 2010 14:49:00 GMT content-length: 6 content-type: text/html diff --git a/tests/data/test2500 b/tests/data/test2500 index 8bcb5e0c62..ad6f0b7e1a 100644 --- a/tests/data/test2500 +++ b/tests/data/test2500 @@ -58,7 +58,7 @@ Accept: */* -HTTP/3 200 +HTTP/3 200%spc% date: Tue, 09 Nov 2010 14:49:00 GMT last-modified: Tue, 13 Jun 2000 12:10:00 GMT etag: "21025-dc7-39462498" diff --git a/tests/data/test2503 b/tests/data/test2503 index f95486ce0f..28a1f973b5 100644 --- a/tests/data/test2503 +++ b/tests/data/test2503 @@ -50,7 +50,7 @@ HTTP/3 header-api # Verify data after the test has been "shot" -HTTP/3 200 +HTTP/3 200%spc% date: Tue, 09 Nov 2010 14:49:00 GMT content-length: 6 content-type: text/html diff --git a/tests/data/test378 b/tests/data/test378 index 9777b878b9..e15e97e6e0 100644 --- a/tests/data/test378 +++ b/tests/data/test378 @@ -29,7 +29,7 @@ Reject using -T and -d at once 2 -Warning: You can only select one HTTP request method! You asked for both PUT +Warning: You can only select one HTTP request method! You asked for both PUT%spc% Warning: (-T, --upload-file) and POST (-d, --data). diff --git a/tests/data/test4 b/tests/data/test4 index 06012cca86..4f57f8dd62 100644 --- a/tests/data/test4 +++ b/tests/data/test4 @@ -44,7 +44,7 @@ User-Agent: curl/%VERSION extra-header: here Accept: replaced X-Custom-Header: -X-Test: foo; +X-Test: foo;%spc% X-Test2: foo; GET /%TESTNUMBER HTTP/1.1 @@ -53,7 +53,7 @@ User-Agent: curl/%VERSION extra-header: here Accept: replaced X-Custom-Header: -X-Test: foo; +X-Test: foo;%spc% X-Test2: foo; diff --git a/tests/data/test421 b/tests/data/test421 index 2c79c1f8f1..b9483e6ba0 100644 --- a/tests/data/test421 +++ b/tests/data/test421 @@ -21,7 +21,7 @@ referrer-policy: strict-origin-when-cross-origin access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS access-control-max-age: 1728000 access-control-allow-headers: Authorization, Content-Type, AuthorizationOauth, X-EARLY-ACCESS -access-control-expose-headers: +access-control-expose-headers:%spc% vary: Accept etag: W/"2678f9ab2ba550d164e7cc014aefd31e" cache-control: max-age=0, private, must-revalidate diff --git a/tests/data/test459 b/tests/data/test459 index 198e67d2a3..d1f1ba261c 100644 --- a/tests/data/test459 +++ b/tests/data/test459 @@ -56,7 +56,7 @@ Content-Type: application/x-www-form-urlencoded arg -Warning: %LOGDIR/config:1: warning: 'data' uses unquoted whitespace. This may +Warning: %LOGDIR/config:1: warning: 'data' uses unquoted whitespace. This may%spc% Warning: cause side-effects. Consider double quotes. diff --git a/tests/data/test46 b/tests/data/test46 index 30d88b973d..d426503fe7 100644 --- a/tests/data/test46 +++ b/tests/data/test46 @@ -65,7 +65,7 @@ www.loser.com FALSE / FALSE 2139150993 UID 99 domain..tld FALSE / FALSE 2139150993 mooo indeed #HttpOnly_domain..tld FALSE /want FALSE 2139150993 mooo2 indeed2 %endif -domain..tld FALSE /want FALSE 0 empty +domain..tld FALSE /want FALSE 0 empty%tab% cookies @@ -88,18 +88,18 @@ Cookie: empty=; mooo2=indeed2; mooo=indeed # This file was generated by libcurl! Edit at your own risk. domain..tld FALSE /want/ FALSE 0 simplyhuge %repeat[3998 x z]% -domain..tld FALSE / FALSE 0 justaname +domain..tld FALSE / FALSE 0 justaname%tab% domain..tld FALSE / FALSE 0 ASPSESSIONIDQGGQQSJJ GKNBDIFAAOFDPDAIEAKDIBKE domain..tld FALSE / FALSE 0 ckySession temporary domain..tld FALSE / FALSE %days[400] ckyPersistent permanent %if large-time -domain..tld FALSE /want FALSE 0 empty +domain..tld FALSE /want FALSE 0 empty%tab% #HttpOnly_domain..tld FALSE /want FALSE 22139150993 mooo2 indeed2 domain..tld FALSE / FALSE 22139150993 mooo indeed www.loser.com FALSE / FALSE 22139150993 UID 99 www.fake.come FALSE / FALSE 22147483647 cookiecliente si %else -domain..tld FALSE /want FALSE 0 empty +domain..tld FALSE /want FALSE 0 empty%tab% #HttpOnly_domain..tld FALSE /want FALSE 2139150993 mooo2 indeed2 domain..tld FALSE / FALSE 2139150993 mooo indeed www.loser.com FALSE / FALSE 2139150993 UID 99 diff --git a/tests/data/test54 b/tests/data/test54 index 478e52a32c..c0be2d624e 100644 --- a/tests/data/test54 +++ b/tests/data/test54 @@ -11,7 +11,7 @@ followlocation HTTP/1.1 302 This is a weirdo text message swsclose Connection: close -Location: +Location:%spc% This server reply is for testing diff --git a/tests/data/test57 b/tests/data/test57 index d3360096b9..a28d6321e2 100644 --- a/tests/data/test57 +++ b/tests/data/test57 @@ -12,7 +12,7 @@ HTTP GET HTTP/1.1 200 OK swsclose Funny-head: yesyes -Content-Type: text/html; charset=ISO-8859-4 +Content-Type: text/html; charset=ISO-8859-4%repeat[3 x ]% diff --git a/tests/data/test59 b/tests/data/test59 index 6ccb1ce37f..4211b4e6d2 100644 --- a/tests/data/test59 +++ b/tests/data/test59 @@ -13,7 +13,7 @@ HTTP/1.0 200 OK swsclose Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake -hej +hej diff --git a/tests/data/test689 b/tests/data/test689 index 61e57fce4a..141e92a9e6 100644 --- a/tests/data/test689 +++ b/tests/data/test689 @@ -11,9 +11,9 @@ OPTIONS # Server-side -RTSP/1.0 786 +RTSP/1.0 786%repeat[10 x ]% -RTSP/ +RTSP/%repeat[10 x ]% diff --git a/tests/data/test769 b/tests/data/test769 index 773d741e3f..189bf95d81 100644 --- a/tests/data/test769 +++ b/tests/data/test769 @@ -16,7 +16,7 @@ Server: test-server/fake Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT ETag: "21025-dc7-39462498" Accept-Ranges: bytes -Content-Length: 6 +Content-Length: 6%repeat[5 x ]% Connection: close Content-Type: text/html Funny-head: yesyes diff --git a/tests/data/test792 b/tests/data/test792 index a7656e4781..b3630b5058 100644 --- a/tests/data/test792 +++ b/tests/data/test792 @@ -36,7 +36,7 @@ machine %HOSTIP login username password%hex[%00]hex% hello USER username -PASS +PASS%spc% PWD EPSV TYPE I diff --git a/tests/data/test793 b/tests/data/test793 index ad68a0f4e1..3a3e16e087 100644 --- a/tests/data/test793 +++ b/tests/data/test793 @@ -36,7 +36,7 @@ machine %HOSTIP login username "password"%hex[%00]hex% hello USER username -PASS +PASS%spc% PWD EPSV TYPE I diff --git a/tests/testutil.pm b/tests/testutil.pm index 3477d5bb57..92f031ded3 100644 --- a/tests/testutil.pm +++ b/tests/testutil.pm @@ -147,6 +147,9 @@ sub subbase64 { $$thing =~ s/%%DAYS%%/%alternatives[$d,$d2]/; } + $$thing =~ s/%spc%/ /g; # space + $$thing =~ s/%tab%/\t/g; # horizontal tab + # include a file $$thing =~ s/%include ([^%]*)%[\n\r]+/includefile($1)/ge; } From 70f240b2ed835a5f88968f1ea2e0239f9724c9f0 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 31 Oct 2025 17:36:27 +0100 Subject: [PATCH 0655/2408] tests/libtest/cli*: fix init/deinit, leaks, and more - add global init and deinit where missing. - check global init success. - improve cleaning up on error codepaths. - drop `CLI_ERR()` macro, that could quit. Also make error messages tell the reason. Closes #19309 --- tests/libtest/cli_h2_pausing.c | 73 ++++++++++++++++---------- tests/libtest/cli_h2_serverpush.c | 34 +++++++++--- tests/libtest/cli_h2_upgrade_extreme.c | 13 +++-- tests/libtest/cli_hx_download.c | 59 +++++++++++++-------- tests/libtest/cli_hx_upload.c | 67 ++++++++++++++--------- tests/libtest/cli_tls_session_reuse.c | 20 ++++--- tests/libtest/cli_upload_pausing.c | 41 +++++++++------ tests/libtest/cli_ws_data.c | 27 +++++----- tests/libtest/cli_ws_pingpong.c | 17 +++--- 9 files changed, 224 insertions(+), 127 deletions(-) diff --git a/tests/libtest/cli_h2_pausing.c b/tests/libtest/cli_h2_pausing.c index 8cc440daac..c3a51cf4da 100644 --- a/tests/libtest/cli_h2_pausing.c +++ b/tests/libtest/cli_h2_pausing.c @@ -80,21 +80,15 @@ static size_t cb(char *data, size_t size, size_t nmemb, void *clientp) return realsize; } -#define CLI_ERR() \ - do { \ - curl_mfprintf(stderr, "something unexpected went wrong - bailing out!\n");\ - return (CURLcode)2; \ - } while(0) - static CURLcode test_cli_h2_pausing(const char *URL) { struct handle handles[2]; - CURLM *multi_handle; + CURLM *multi_handle = NULL; int still_running = 1, msgs_left, numfds; size_t i; CURLMsg *msg; int rounds = 0; - CURLcode rc = CURLE_OK; + CURLcode result = CURLE_OK; CURLU *cu; struct curl_slist *resolve = NULL; char resolve_buf[1024]; @@ -139,25 +133,35 @@ static CURLcode test_cli_h2_pausing(const char *URL) } url = test_argv[0]; - curl_global_init(CURL_GLOBAL_DEFAULT); + if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) { + curl_mfprintf(stderr, "curl_global_init() failed\n"); + return (CURLcode)3; + } + curl_global_trace("ids,time,http/2,http/3"); + memset(handles, 0, sizeof(handles)); + cu = curl_url(); if(!cu) { curl_mfprintf(stderr, "out of memory\n"); - return (CURLcode)1; + result = (CURLcode)1; + goto cleanup; } if(curl_url_set(cu, CURLUPART_URL, url, 0)) { curl_mfprintf(stderr, "not a URL: '%s'\n", url); - return (CURLcode)1; + result = (CURLcode)1; + goto cleanup; } if(curl_url_get(cu, CURLUPART_HOST, &host, 0)) { curl_mfprintf(stderr, "could not get host of '%s'\n", url); - return (CURLcode)1; + result = (CURLcode)1; + goto cleanup; } if(curl_url_get(cu, CURLUPART_PORT, &port, 0)) { curl_mfprintf(stderr, "could not get port of '%s'\n", url); - return (CURLcode)1; + result = (CURLcode)1; + goto cleanup; } memset(&resolve, 0, sizeof(resolve)); curl_msnprintf(resolve_buf, sizeof(resolve_buf)-1, "%s:%s:127.0.0.1", @@ -183,24 +187,35 @@ static CURLcode test_cli_h2_pausing(const char *URL) curl_easy_setopt(handles[i].h, CURLOPT_RESOLVE, resolve) != CURLE_OK || curl_easy_setopt(handles[i].h, CURLOPT_PIPEWAIT, 1L) || curl_easy_setopt(handles[i].h, CURLOPT_URL, url) != CURLE_OK) { - CLI_ERR(); + curl_mfprintf(stderr, "failed configuring easy handle - bailing out\n"); + result = (CURLcode)2; + goto cleanup; } curl_easy_setopt(handles[i].h, CURLOPT_HTTP_VERSION, http_version); } multi_handle = curl_multi_init(); - if(!multi_handle) - CLI_ERR(); + if(!multi_handle) { + curl_mfprintf(stderr, "curl_multi_init() failed - bailing out\n"); + result = (CURLcode)2; + goto cleanup; + } for(i = 0; i < CURL_ARRAYSIZE(handles); i++) { - if(curl_multi_add_handle(multi_handle, handles[i].h) != CURLM_OK) - CLI_ERR(); + if(curl_multi_add_handle(multi_handle, handles[i].h) != CURLM_OK) { + curl_mfprintf(stderr, "curl_multi_add_handle() failed - bailing out\n"); + result = (CURLcode)2; + goto cleanup; + } } for(rounds = 0;; rounds++) { curl_mfprintf(stderr, "INFO: multi_perform round %d\n", rounds); - if(curl_multi_perform(multi_handle, &still_running) != CURLM_OK) - CLI_ERR(); + if(curl_multi_perform(multi_handle, &still_running) != CURLM_OK) { + curl_mfprintf(stderr, "curl_multi_perform() failed - bailing out\n"); + result = (CURLcode)2; + goto cleanup; + } if(!still_running) { int as_expected = 1; @@ -228,13 +243,16 @@ static CURLcode test_cli_h2_pausing(const char *URL) if(!as_expected) { curl_mfprintf(stderr, "ERROR: handles not in expected state " "after %d rounds\n", rounds); - rc = (CURLcode)1; + result = (CURLcode)1; } break; } - if(curl_multi_poll(multi_handle, NULL, 0, 100, &numfds) != CURLM_OK) - CLI_ERR(); + if(curl_multi_poll(multi_handle, NULL, 0, 100, &numfds) != CURLM_OK) { + curl_mfprintf(stderr, "curl_multi_poll() failed - bailing out\n"); + result = (CURLcode)2; + goto cleanup; + } /* !checksrc! disable EQUALSNULL 1 */ while((msg = curl_multi_info_read(multi_handle, &msgs_left)) != NULL) { @@ -246,8 +264,8 @@ static CURLcode test_cli_h2_pausing(const char *URL) "resumed=%d, result %d - wtf?\n", i, handles[i].paused, handles[i].resumed, msg->data.result); - rc = (CURLcode)1; - goto out; + result = (CURLcode)1; + goto cleanup; } } } @@ -278,7 +296,8 @@ static CURLcode test_cli_h2_pausing(const char *URL) } } -out: +cleanup: + for(i = 0; i < CURL_ARRAYSIZE(handles); i++) { curl_multi_remove_handle(multi_handle, handles[i].h); curl_easy_cleanup(handles[i].h); @@ -291,5 +310,5 @@ out: curl_multi_cleanup(multi_handle); curl_global_cleanup(); - return rc; + return result; } diff --git a/tests/libtest/cli_h2_serverpush.c b/tests/libtest/cli_h2_serverpush.c index 10d369faaf..59688447b1 100644 --- a/tests/libtest/cli_h2_serverpush.c +++ b/tests/libtest/cli_h2_serverpush.c @@ -26,7 +26,7 @@ #include "testtrace.h" #include "memdebug.h" -static FILE *out_download; +static FILE *out_download = NULL; static int setup_h2_serverpush(CURL *hnd, const char *url) { @@ -52,7 +52,7 @@ static int setup_h2_serverpush(CURL *hnd, const char *url) return 0; /* all is good */ } -static FILE *out_push; +static FILE *out_push = NULL; /* called when there is an incoming push */ static int server_push_callback(CURL *parent, @@ -106,9 +106,10 @@ static int server_push_callback(CURL *parent, */ static CURLcode test_cli_h2_serverpush(const char *URL) { - CURL *easy; + CURL *easy = NULL; CURLM *multi_handle; int transfers = 1; /* we start with one */ + CURLcode result = CURLE_OK; debug_config.nohex = TRUE; debug_config.tracetime = FALSE; @@ -118,13 +119,27 @@ static CURLcode test_cli_h2_serverpush(const char *URL) return (CURLcode)2; } + if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) { + curl_mfprintf(stderr, "curl_global_init() failed\n"); + return (CURLcode)3; + } + multi_handle = curl_multi_init(); + if(!multi_handle) { + result = (CURLcode)1; + goto cleanup; + } easy = curl_easy_init(); + if(!easy) { + result = (CURLcode)1; + goto cleanup; + } + if(setup_h2_serverpush(easy, URL)) { - curlx_fclose(out_download); curl_mfprintf(stderr, "failed\n"); - return (CURLcode)1; + result = (CURLcode)1; + goto cleanup; } curl_multi_setopt(multi_handle, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX); @@ -163,11 +178,16 @@ static CURLcode test_cli_h2_serverpush(const char *URL) } while(transfers); /* as long as we have transfers going */ +cleanup: + curl_multi_cleanup(multi_handle); - curlx_fclose(out_download); + if(out_download) + curlx_fclose(out_download); if(out_push) curlx_fclose(out_push); - return CURLE_OK; + curl_global_cleanup(); + + return result; } diff --git a/tests/libtest/cli_h2_upgrade_extreme.c b/tests/libtest/cli_h2_upgrade_extreme.c index f6b277424f..7dc8f67816 100644 --- a/tests/libtest/cli_h2_upgrade_extreme.c +++ b/tests/libtest/cli_h2_upgrade_extreme.c @@ -43,13 +43,18 @@ static CURLcode test_cli_h2_upgrade_extreme(const char *URL) CURLMsg *msg; int msgs_in_queue; char range[128]; - CURLcode exitcode = (CURLcode)1; + CURLcode result = (CURLcode)1; if(!URL) { curl_mfprintf(stderr, "need URL as argument\n"); return (CURLcode)2; } + if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) { + curl_mfprintf(stderr, "curl_global_init() failed\n"); + return (CURLcode)3; + } + multi = curl_multi_init(); if(!multi) { curl_mfprintf(stderr, "curl_multi_init failed\n"); @@ -144,7 +149,7 @@ static CURLcode test_cli_h2_upgrade_extreme(const char *URL) } while(running_handles > 0 || start_count); curl_mfprintf(stderr, "exiting\n"); - exitcode = CURLE_OK; + result = CURLE_OK; cleanup: @@ -161,5 +166,7 @@ cleanup: curl_multi_cleanup(multi); } - return exitcode; + curl_global_cleanup(); + + return result; } diff --git a/tests/libtest/cli_hx_download.c b/tests/libtest/cli_hx_download.c index 5ab4db024c..a12d0e95c2 100644 --- a/tests/libtest/cli_hx_download.c +++ b/tests/libtest/cli_hx_download.c @@ -278,9 +278,9 @@ static void usage_hx_download(const char *msg) */ static CURLcode test_cli_hx_download(const char *URL) { - CURLM *multi_handle; + CURLM *multi_handle = NULL; struct CURLMsg *m; - CURLSH *share; + CURLSH *share = NULL; const char *url; size_t i, n, max_parallel = 1; size_t active_transfers; @@ -288,7 +288,7 @@ static CURLcode test_cli_hx_download(const char *URL) size_t abort_offset = 0; size_t fail_offset = 0; int abort_paused = 0, use_earlydata = 0; - struct transfer_d *t; + struct transfer_d *t = NULL; long http_version = CURL_HTTP_VERSION_2_0; int ch; struct curl_slist *host = NULL; @@ -306,7 +306,7 @@ static CURLcode test_cli_hx_download(const char *URL) case 'h': usage_hx_download(NULL); result = (CURLcode)2; - goto cleanup; + goto optcleanup; case 'a': abort_paused = 1; break; @@ -354,29 +354,34 @@ static CURLcode test_cli_hx_download(const char *URL) else { usage_hx_download("invalid http version"); result = (CURLcode)1; - goto cleanup; + goto optcleanup; } break; } default: usage_hx_download("invalid option"); result = (CURLcode)1; - goto cleanup; + goto optcleanup; } } test_argc -= coptind; test_argv += coptind; - curl_global_init(CURL_GLOBAL_DEFAULT); curl_global_trace("ids,time,http/2,http/3"); if(test_argc != 1) { usage_hx_download("not enough arguments"); result = (CURLcode)2; - goto cleanup; + goto optcleanup; } url = test_argv[0]; + if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) { + curl_mfprintf(stderr, "curl_global_init() failed\n"); + result = (CURLcode)3; + goto optcleanup; + } + if(resolve) host = curl_slist_append(NULL, resolve); @@ -525,28 +530,36 @@ static CURLcode test_cli_hx_download(const char *URL) } while(active_transfers); /* as long as we have transfers going */ +cleanup: + curl_multi_cleanup(multi_handle); - for(i = 0; i < transfer_count_d; ++i) { - t = &transfer_d[i]; - if(t->out) { - curlx_fclose(t->out); - t->out = NULL; + if(transfer_d) { + for(i = 0; i < transfer_count_d; ++i) { + t = &transfer_d[i]; + if(t->out) { + curlx_fclose(t->out); + t->out = NULL; + } + if(t->easy) { + curl_easy_cleanup(t->easy); + t->easy = NULL; + } + if(t->result) + result = t->result; + else /* on success we expect ssl to have been checked */ + assert(t->checked_ssl); } - if(t->easy) { - curl_easy_cleanup(t->easy); - t->easy = NULL; - } - if(t->result) - result = t->result; - else /* on success we expect ssl to have been checked */ - assert(t->checked_ssl); + free(transfer_d); } - free(transfer_d); curl_share_cleanup(share); curl_slist_free_all(host); -cleanup: + + curl_global_cleanup(); + +optcleanup: + free(resolve); return result; diff --git a/tests/libtest/cli_hx_upload.c b/tests/libtest/cli_hx_upload.c index 5d9c2f26f8..646836cb37 100644 --- a/tests/libtest/cli_hx_upload.c +++ b/tests/libtest/cli_hx_upload.c @@ -241,11 +241,12 @@ static CURLcode test_cli_hx_upload(const char *URL) int reuse_easy = 0; int use_earlydata = 0; int announce_length = 0; - struct transfer_u *t; + struct transfer_u *t = NULL; long http_version = CURL_HTTP_VERSION_2_0; struct curl_slist *host = NULL; const char *resolve = NULL; int ch; + CURLcode result = CURLE_OK; (void)URL; @@ -320,22 +321,27 @@ static CURLcode test_cli_hx_upload(const char *URL) return (CURLcode)2; } - curl_global_init(CURL_GLOBAL_DEFAULT); - curl_global_trace("ids,time,http/2,http/3"); - if(test_argc != 1) { usage_hx_upload("not enough arguments"); return (CURLcode)2; } url = test_argv[0]; + if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) { + curl_mfprintf(stderr, "curl_global_init() failed\n"); + return (CURLcode)3; + } + + curl_global_trace("ids,time,http/2,http/3"); + if(resolve) host = curl_slist_append(NULL, resolve); share = curl_share_init(); if(!share) { curl_mfprintf(stderr, "error allocating share\n"); - return (CURLcode)1; + result = (CURLcode)1; + goto cleanup; } curl_share_setopt(share, CURLSHOPT_SHARE, CURL_LOCK_DATA_COOKIE); curl_share_setopt(share, CURLSHOPT_SHARE, CURL_LOCK_DATA_DNS); @@ -347,7 +353,8 @@ static CURLcode test_cli_hx_upload(const char *URL) transfer_u = calloc(transfer_count_u, sizeof(*transfer_u)); if(!transfer_u) { curl_mfprintf(stderr, "error allocating transfer structs\n"); - return (CURLcode)1; + result = (CURLcode)1; + goto cleanup; } active_transfers = 0; @@ -363,18 +370,20 @@ static CURLcode test_cli_hx_upload(const char *URL) if(reuse_easy) { CURL *easy = curl_easy_init(); - CURLcode rc = CURLE_OK; if(!easy) { curl_mfprintf(stderr, "failed to init easy handle\n"); - return (CURLcode)1; + result = (CURLcode)1; + goto cleanup; } for(i = 0; i < transfer_count_u; ++i) { + CURLcode rc; t = &transfer_u[i]; t->easy = easy; if(setup_hx_upload(t->easy, url, t, http_version, host, share, use_earlydata, announce_length)) { curl_mfprintf(stderr, "[t-%zu] FAILED setup\n", i); - return (CURLcode)1; + result = (CURLcode)1; + goto cleanup; } curl_mfprintf(stderr, "[t-%zu] STARTING\n", t->idx); @@ -396,7 +405,8 @@ static CURLcode test_cli_hx_upload(const char *URL) if(!t->easy || setup_hx_upload(t->easy, url, t, http_version, host, share, use_earlydata, announce_length)) { curl_mfprintf(stderr, "[t-%zu] FAILED setup\n", i); - return (CURLcode)1; + result = (CURLcode)1; + goto cleanup; } curl_multi_add_handle(multi_handle, t->easy); t->started = 1; @@ -482,7 +492,8 @@ static CURLcode test_cli_hx_upload(const char *URL) host, share, use_earlydata, announce_length)) { curl_mfprintf(stderr, "[t-%zu] FAILED setup\n", i); - return (CURLcode)1; + result = (CURLcode)1; + goto cleanup; } curl_multi_add_handle(multi_handle, t->easy); t->started = 1; @@ -503,23 +514,29 @@ static CURLcode test_cli_hx_upload(const char *URL) curl_multi_cleanup(multi_handle); } - for(i = 0; i < transfer_count_u; ++i) { - t = &transfer_u[i]; - if(t->out) { - curlx_fclose(t->out); - t->out = NULL; - } - if(t->easy) { - curl_easy_cleanup(t->easy); - t->easy = NULL; - } - if(t->mime) { - curl_mime_free(t->mime); +cleanup: + + if(transfer_u) { + for(i = 0; i < transfer_count_u; ++i) { + t = &transfer_u[i]; + if(t->out) { + curlx_fclose(t->out); + t->out = NULL; + } + if(t->easy) { + curl_easy_cleanup(t->easy); + t->easy = NULL; + } + if(t->mime) { + curl_mime_free(t->mime); + } } + free(transfer_u); } - free(transfer_u); + curl_share_cleanup(share); curl_slist_free_all(host); + curl_global_cleanup(); - return CURLE_OK; + return result; } diff --git a/tests/libtest/cli_tls_session_reuse.c b/tests/libtest/cli_tls_session_reuse.c index b0b2456ce9..21f2c2da80 100644 --- a/tests/libtest/cli_tls_session_reuse.c +++ b/tests/libtest/cli_tls_session_reuse.c @@ -109,13 +109,18 @@ static CURLcode test_cli_tls_session_reuse(const char *URL) int add_more, waits, ongoing = 0; char *host = NULL, *port = NULL; long http_version = CURL_HTTP_VERSION_1_1; - CURLcode exitcode = (CURLcode)1; + CURLcode result = (CURLcode)1; if(!URL || !libtest_arg2) { curl_mfprintf(stderr, "need args: URL proto\n"); return (CURLcode)2; } + if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) { + curl_mfprintf(stderr, "curl_global_init() failed\n"); + return (CURLcode)3; + } + if(!strcmp("h2", libtest_arg2)) http_version = CURL_HTTP_VERSION_2; else if(!strcmp("h3", libtest_arg2)) @@ -124,7 +129,8 @@ static CURLcode test_cli_tls_session_reuse(const char *URL) cu = curl_url(); if(!cu) { curl_mfprintf(stderr, "out of memory\n"); - return (CURLcode)1; + result = (CURLcode)1; + goto cleanup; } if(curl_url_set(cu, CURLUPART_URL, URL, 0)) { curl_mfprintf(stderr, "not a URL: '%s'\n", URL); @@ -230,12 +236,12 @@ static CURLcode test_cli_tls_session_reuse(const char *URL) if(!tse_found_tls_session) { curl_mfprintf(stderr, "CURLINFO_TLS_SSL_PTR not found during run\n"); - exitcode = CURLE_FAILED_INIT; + result = CURLE_FAILED_INIT; goto cleanup; } curl_mfprintf(stderr, "exiting\n"); - exitcode = CURLE_OK; + result = CURLE_OK; cleanup: @@ -255,7 +261,9 @@ cleanup: curl_slist_free_all(resolve); curl_free(host); curl_free(port); - curl_url_cleanup(cu); + if(cu) + curl_url_cleanup(cu); + curl_global_cleanup(); - return exitcode; + return result; } diff --git a/tests/libtest/cli_upload_pausing.c b/tests/libtest/cli_upload_pausing.c index a6a74eeade..971157c313 100644 --- a/tests/libtest/cli_upload_pausing.c +++ b/tests/libtest/cli_upload_pausing.c @@ -85,8 +85,8 @@ static void usage_upload_pausing(const char *msg) static CURLcode test_cli_upload_pausing(const char *URL) { - CURL *curl; - CURLcode rc = CURLE_OK; + CURL *curl = NULL; + CURLcode result = CURLE_OK; CURLU *cu; struct curl_slist *resolve = NULL; char resolve_buf[1024]; @@ -126,25 +126,33 @@ static CURLcode test_cli_upload_pausing(const char *URL) } url = test_argv[0]; - curl_global_init(CURL_GLOBAL_DEFAULT); + if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) { + curl_mfprintf(stderr, "curl_global_init() failed\n"); + return (CURLcode)3; + } + curl_global_trace("ids,time"); cu = curl_url(); if(!cu) { curl_mfprintf(stderr, "out of memory\n"); - return (CURLcode)1; + result = (CURLcode)1; + goto cleanup; } if(curl_url_set(cu, CURLUPART_URL, url, 0)) { curl_mfprintf(stderr, "not a URL: '%s'\n", url); - return (CURLcode)1; + result = (CURLcode)1; + goto cleanup; } if(curl_url_get(cu, CURLUPART_HOST, &host, 0)) { curl_mfprintf(stderr, "could not get host of '%s'\n", url); - return (CURLcode)1; + result = (CURLcode)1; + goto cleanup; } if(curl_url_get(cu, CURLUPART_PORT, &port, 0)) { curl_mfprintf(stderr, "could not get port of '%s'\n", url); - return (CURLcode)1; + result = (CURLcode)1; + goto cleanup; } memset(&resolve, 0, sizeof(resolve)); curl_msnprintf(resolve_buf, sizeof(resolve_buf)-1, "%s:%s:127.0.0.1", @@ -154,7 +162,8 @@ static CURLcode test_cli_upload_pausing(const char *URL) curl = curl_easy_init(); if(!curl) { curl_mfprintf(stderr, "out of memory\n"); - return (CURLcode)1; + result = (CURLcode)1; + goto cleanup; } /* We want to use our own read function. */ curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_callback); @@ -181,23 +190,25 @@ static CURLcode test_cli_upload_pausing(const char *URL) curl_easy_setopt(curl, CURLOPT_DEBUGFUNCTION, cli_debug_cb) != CURLE_OK || curl_easy_setopt(curl, CURLOPT_RESOLVE, resolve) != CURLE_OK) { curl_mfprintf(stderr, "something unexpected went wrong - bailing out!\n"); - return (CURLcode)2; + result = (CURLcode)2; + goto cleanup; } curl_easy_setopt(curl, CURLOPT_URL, url); curl_easy_setopt(curl, CURLOPT_HTTP_VERSION, http_version); - rc = curl_easy_perform(curl); + result = curl_easy_perform(curl); - if(curl) { +cleanup: + + if(curl) curl_easy_cleanup(curl); - } - curl_slist_free_all(resolve); curl_free(host); curl_free(port); - curl_url_cleanup(cu); + if(cu) + curl_url_cleanup(cu); curl_global_cleanup(); - return rc; + return result; } diff --git a/tests/libtest/cli_ws_data.c b/tests/libtest/cli_ws_data.c index 26cecc19fe..7223f99c4f 100644 --- a/tests/libtest/cli_ws_data.c +++ b/tests/libtest/cli_ws_data.c @@ -411,7 +411,7 @@ static void test_ws_data_usage(const char *msg) static CURLcode test_cli_ws_data(const char *URL) { #ifndef CURL_DISABLE_WEBSOCKETS - CURLcode res = CURLE_OK; + CURLcode result = CURLE_OK; const char *url; size_t plen_min = 0, plen_max = 0, count = 1; int ch, model = 2; @@ -428,8 +428,7 @@ static CURLcode test_cli_ws_data(const char *URL) break; case 'h': test_ws_data_usage(NULL); - res = CURLE_BAD_FUNCTION_ARGUMENT; - goto cleanup; + return CURLE_BAD_FUNCTION_ARGUMENT; case 'c': count = (size_t)atol(coptarg); break; @@ -441,8 +440,7 @@ static CURLcode test_cli_ws_data(const char *URL) break; default: test_ws_data_usage("invalid option"); - res = CURLE_BAD_FUNCTION_ARGUMENT; - goto cleanup; + return CURLE_BAD_FUNCTION_ARGUMENT; } } test_argc -= coptind; @@ -454,27 +452,28 @@ static CURLcode test_cli_ws_data(const char *URL) if(plen_max < plen_min) { curl_mfprintf(stderr, "maxlen must be >= minlen, got %zu-%zu\n", plen_min, plen_max); - res = CURLE_BAD_FUNCTION_ARGUMENT; - goto cleanup; + return CURLE_BAD_FUNCTION_ARGUMENT; } if(test_argc != 1) { test_ws_data_usage(NULL); - res = CURLE_BAD_FUNCTION_ARGUMENT; - goto cleanup; + return CURLE_BAD_FUNCTION_ARGUMENT; } url = test_argv[0]; - curl_global_init(CURL_GLOBAL_ALL); + if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) { + curl_mfprintf(stderr, "curl_global_init() failed\n"); + return (CURLcode)3; + } if(model == 1) - res = test_ws_data_m1_echo(url, plen_min, plen_max); + result = test_ws_data_m1_echo(url, plen_min, plen_max); else - res = test_ws_data_m2_echo(url, count, plen_min, plen_max); + result = test_ws_data_m2_echo(url, count, plen_min, plen_max); -cleanup: curl_global_cleanup(); - return res; + + return result; #else /* !CURL_DISABLE_WEBSOCKETS */ (void)URL; diff --git a/tests/libtest/cli_ws_pingpong.c b/tests/libtest/cli_ws_pingpong.c index 80707c9585..995c1e3f7c 100644 --- a/tests/libtest/cli_ws_pingpong.c +++ b/tests/libtest/cli_ws_pingpong.c @@ -56,7 +56,7 @@ static CURLcode test_cli_ws_pingpong(const char *URL) { #ifndef CURL_DISABLE_WEBSOCKETS CURL *curl; - CURLcode res = CURLE_OK; + CURLcode result = CURLE_OK; const char *payload; if(!URL || !libtest_arg2) { @@ -65,7 +65,10 @@ static CURLcode test_cli_ws_pingpong(const char *URL) } payload = libtest_arg2; - curl_global_init(CURL_GLOBAL_ALL); + if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) { + curl_mfprintf(stderr, "curl_global_init() failed\n"); + return (CURLcode)3; + } curl = curl_easy_init(); if(curl) { @@ -75,16 +78,16 @@ static CURLcode test_cli_ws_pingpong(const char *URL) curl_easy_setopt(curl, CURLOPT_USERAGENT, "ws-pingpong"); curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); curl_easy_setopt(curl, CURLOPT_CONNECT_ONLY, 2L); /* websocket style */ - res = curl_easy_perform(curl); - curl_mfprintf(stderr, "curl_easy_perform() returned %u\n", res); - if(res == CURLE_OK) - res = pingpong(curl, payload); + result = curl_easy_perform(curl); + curl_mfprintf(stderr, "curl_easy_perform() returned %u\n", result); + if(result == CURLE_OK) + result = pingpong(curl, payload); /* always cleanup */ curl_easy_cleanup(curl); } curl_global_cleanup(); - return res; + return result; #else /* !CURL_DISABLE_WEBSOCKETS */ (void)URL; From 9c0b239ec1e970c8da2806c0550eb09ad4478232 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 31 Oct 2025 21:17:31 +0100 Subject: [PATCH 0656/2408] spelling: fix new finds by typos-cli 1.39.0 Closes #19312 --- lib/cfilters.h | 2 +- lib/ws.c | 2 +- tests/server/rtspd.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/cfilters.h b/lib/cfilters.h index 2fab300b21..6cb4a6909c 100644 --- a/lib/cfilters.h +++ b/lib/cfilters.h @@ -513,7 +513,7 @@ CURLcode Curl_cf_send(struct Curl_easy *data, int sockindex, /** * Receive bytes from connection filter `cf` into `bufq`. - * Convenience wrappter around `Curl_bufq_sipn()`, + * Convenience wrapper around `Curl_bufq_sipn()`, * so users do not have to implement a callback. */ CURLcode Curl_cf_recv_bufq(struct Curl_cfilter *cf, diff --git a/lib/ws.c b/lib/ws.c index ec79235550..683841ecbb 100644 --- a/lib/ws.c +++ b/lib/ws.c @@ -990,7 +990,7 @@ static CURLcode ws_enc_add_pending(struct Curl_easy *data, (curl_off_t)ws->pending.payload_len, &ws->sendbuf); if(result) { - CURL_TRC_WS(data, "ws_enc_cntrl(), error addiong head: %d", + CURL_TRC_WS(data, "ws_enc_cntrl(), error adding head: %d", result); goto out; } diff --git a/tests/server/rtspd.c b/tests/server/rtspd.c index 5e8bdc15ce..d13b8ff9a9 100644 --- a/tests/server/rtspd.c +++ b/tests/server/rtspd.c @@ -631,7 +631,7 @@ static int rtspd_get_request(curl_socket_t sock, struct rtspd_httprequest *req) else { if(req->skip) /* we are instructed to not read the entire thing, so we make sure to - only read what we're supposed to and NOT read the enire thing the + only read what we're supposed to and NOT read the entire thing the client wants to send! */ got = sread(sock, reqbuf + req->offset, req->cl); else From d646d5a130993b8c438aa193463556e5efb2a54b Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 31 Oct 2025 17:09:31 +0100 Subject: [PATCH 0657/2408] openssl: fix the ocsp len arg to Curl_vtls_apple_verify If it has no data, pass in a zero. Fixes #19303 Reported-by: Harry Sintonen Closes #19305 --- lib/vtls/openssl.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 838c024221..a2b2da00e0 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -5129,6 +5129,10 @@ static CURLcode ossl_apple_verify(struct Curl_cfilter *cf, if(conn_config->verifystatus && !octx->reused_session) ocsp_len = (long)SSL_get_tlsext_status_ocsp_resp(octx->ssl, &ocsp_data); + /* SSL_get_tlsext_status_ocsp_resp() returns the length of the OCSP + response data or -1 if there is no OCSP response data. */ + if(ocsp_len < 0) + ocsp_len = 0; /* no data available */ result = Curl_vtls_apple_verify(cf, data, peer, chain.num_certs, ossl_chain_get_der, &chain, ocsp_data, ocsp_len); From b4630ed8faef1834e2b64f30acc24e5101d4d2fb Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Fri, 31 Oct 2025 17:57:53 +0100 Subject: [PATCH 0658/2408] sectrust: fix verifystatus via sectrust When openssl does not verify the certificate, but apple sectrust does, we also pass it the ocsp stapled response when configured and available. When openssl does not verify the cert chain, it will also not be able to verify the ocsp stapling. Do not call it if sectrust is the verifier of the cert chain. Fixes #19307 Reported-by: Harry Sintonen Closes #19308 --- lib/vtls/openssl.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index a2b2da00e0..5796960c6c 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -5155,6 +5155,9 @@ CURLcode Curl_ossl_check_peer_cert(struct Curl_cfilter *cf, bool strict = (conn_config->verifypeer || conn_config->verifyhost); X509 *server_cert; bool verified = FALSE; +#ifdef USE_APPLE_SECTRUST + bool sectrust_verified = FALSE; +#endif if(data->set.ssl.certinfo && !octx->reused_session) { /* asked to gather certificate info. Reused sessions don't have cert @@ -5207,6 +5210,7 @@ CURLcode Curl_ossl_check_peer_cert(struct Curl_cfilter *cf, if(verified) { infof(data, "SSL certificate verified via Apple SecTrust."); ssl_config->certverifyresult = X509_V_OK; + sectrust_verified = TRUE; } } #endif @@ -5222,7 +5226,13 @@ CURLcode Curl_ossl_check_peer_cert(struct Curl_cfilter *cf, } #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_OCSP) - if(conn_config->verifystatus && !octx->reused_session) { + if(conn_config->verifystatus && +#ifdef USE_APPLE_SECTRUST + !sectrust_verified && /* already verified via apple sectrust, cannot + * verifystate via OpenSSL in that case as it + * does not have the trust anchors */ +#endif + !octx->reused_session) { /* do not do this after Session ID reuse */ result = verifystatus(cf, data, octx); if(result) From d4d7139e70affc5f667d12d7e9c9d5bb71ae61ca Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 31 Oct 2025 17:22:36 +0100 Subject: [PATCH 0659/2408] openssl: combine all the x509-store flags ... intead of overwriting the previous ones in ossl_populate_x509_store() Pointed out by ZeroPath Closes #19306 --- lib/vtls/openssl.c | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 5796960c6c..c8c33198c0 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -3496,6 +3496,7 @@ static CURLcode ossl_populate_x509_store(struct Curl_cfilter *cf, CURLcode result = CURLE_OK; X509_LOOKUP *lookup = NULL; const char * const ssl_crlfile = ssl_config->primary.CRLfile; + unsigned long x509flags = 0; CURL_TRC_CF(data, cf, "configuring OpenSSL's x509 trust store"); if(!store) @@ -3521,8 +3522,7 @@ static CURLcode ossl_populate_x509_store(struct Curl_cfilter *cf, failf(data, "error loading CRL file: %s", ssl_crlfile); return CURLE_SSL_CRL_BADFILE; } - X509_STORE_set_flags(store, - X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL); + x509flags = X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL; infof(data, " CRLfile: %s", ssl_crlfile); } @@ -3532,18 +3532,20 @@ static CURLcode ossl_populate_x509_store(struct Curl_cfilter *cf, determine that in a reliable manner. https://web.archive.org/web/20190422050538/rt.openssl.org/Ticket/Display.html?id=3621 */ - X509_STORE_set_flags(store, X509_V_FLAG_TRUSTED_FIRST); + x509flags |= X509_V_FLAG_TRUSTED_FIRST; + if(!ssl_config->no_partialchain && !ssl_crlfile) { /* Have intermediate certificates in the trust store be treated as - trust-anchors, in the same way as self-signed root CA certificates - are. This allows users to verify servers using the intermediate cert - only, instead of needing the whole chain. + trust-anchors, in the same way as self-signed root CA certificates are. + This allows users to verify servers using the intermediate cert only, + instead of needing the whole chain. Due to OpenSSL bug https://github.com/openssl/openssl/issues/5081 we cannot do partial chains with a CRL check. */ - X509_STORE_set_flags(store, X509_V_FLAG_PARTIAL_CHAIN); + x509flags |= X509_V_FLAG_PARTIAL_CHAIN; } + (void)X509_STORE_set_flags(store, x509flags); return result; } From 27f55383fb9e3e8e84eaa06caaf164288a6b01ae Mon Sep 17 00:00:00 2001 From: x2018 Date: Fri, 31 Oct 2025 23:58:52 +0800 Subject: [PATCH 0660/2408] schannel: properly close the certfile on error Closes #19304 --- lib/vtls/schannel.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index 55a99b3b43..50b81f6725 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -581,6 +581,8 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf, " for %s", blob ? "(memory blob)" : data->set.ssl.primary.clientcert); curlx_unicodefree(cert_path); + if(fInCert) + curlx_fclose(fInCert); return CURLE_SSL_CERTPROBLEM; } From c35a87d7768716bb270f5b161cbdf7e664d74f4b Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Fri, 31 Oct 2025 16:44:38 +0100 Subject: [PATCH 0661/2408] scorecard: more params for upload tests Add --upload-parallel=n for controlling upload parallelism. Make upload processing similar to download processing. Closes #19302 --- tests/http/scorecard.py | 28 ++++++++++++++++++++-------- 1 file changed, 20 insertions(+), 8 deletions(-) diff --git a/tests/http/scorecard.py b/tests/http/scorecard.py index d987fc586b..6afb9c7401 100644 --- a/tests/http/scorecard.py +++ b/tests/http/scorecard.py @@ -194,6 +194,7 @@ class ScoreRunner: verbose: int, curl_verbose: int, download_parallel: int = 0, + upload_parallel: int = 0, server_addr: Optional[str] = None, with_flame: bool = False, socks_args: Optional[List[str]] = None, @@ -206,6 +207,7 @@ class ScoreRunner: self.server_port = server_port self._silent_curl = not curl_verbose self._download_parallel = download_parallel + self._upload_parallel = upload_parallel self._with_flame = with_flame self._socks_args = socks_args self._limit_rate = limit_rate @@ -472,11 +474,13 @@ class ScoreRunner: def uploads(self, count: int, fsizes: List[int], meta: Dict[str, Any]) -> Dict[str, Any]: nsamples = meta['samples'] - max_parallel = self._download_parallel if self._download_parallel > 0 else count - url = f'https://{self.env.domain2}:{self.server_port}/curltest/put' - cols = ['size', 'single'] + max_parallel = self._upload_parallel if self._upload_parallel > 0 else count + cols = ['size'] + if not self._upload_parallel: + cols.append('single') + if count > 1: + cols.append(f'serial({count})') if count > 1: - cols.append(f'serial({count})') cols.append(f'parallel({count}x{max_parallel})') rows = [] for fsize in fsizes: @@ -484,14 +488,16 @@ class ScoreRunner: 'val': fsize, 'sval': Card.fmt_size(fsize) }] + self.info(f'{row[0]["sval"]} uploads...') + url = f'https://{self.env.domain2}:{self.server_port}/curltest/put' fname = f'upload{row[0]["sval"]}.data' fpath = self._make_docs_file(docs_dir=self.env.gen_dir, fname=fname, fsize=fsize) - - self.info(f'{row[0]["sval"]} uploads...') - row.append(self.ul_single(url=url, fpath=fpath, nsamples=nsamples)) + if 'single' in cols: + row.append(self.ul_single(url=url, fpath=fpath, nsamples=nsamples)) if count > 1: - row.append(self.ul_serial(url=url, fpath=fpath, count=count, nsamples=nsamples)) + if 'single' in cols: + row.append(self.ul_serial(url=url, fpath=fpath, count=count, nsamples=nsamples)) row.append(self.ul_parallel(url=url, fpath=fpath, count=count, nsamples=nsamples)) rows.append(row) self.info('done.\n') @@ -723,6 +729,7 @@ def run_score(args, protocol): verbose=args.verbose, curl_verbose=args.curl_verbose, download_parallel=args.download_parallel, + upload_parallel=args.upload_parallel, with_flame=args.flame, socks_args=socks_args, limit_rate=args.limit_rate) @@ -750,6 +757,7 @@ def run_score(args, protocol): server_port=server_port, verbose=args.verbose, curl_verbose=args.curl_verbose, download_parallel=args.download_parallel, + upload_parallel=args.upload_parallel, with_flame=args.flame, socks_args=socks_args, limit_rate=args.limit_rate) @@ -777,6 +785,7 @@ def run_score(args, protocol): server_port=server_port, verbose=args.verbose, curl_verbose=args.curl_verbose, download_parallel=args.download_parallel, + upload_parallel=args.upload_parallel, with_flame=args.flame, socks_args=socks_args, limit_rate=args.limit_rate) @@ -887,6 +896,9 @@ def main(): parser.add_argument("--upload-count", action='store', type=int, metavar='number', default=50, help="perform that many uploads") + parser.add_argument("--upload-parallel", action='store', type=int, + metavar='number', default=0, + help="perform that many uploads in parallel (default all)") parser.add_argument("-r", "--requests", action='store_true', default=False, help="evaluate requests") From d2f0a0e7961301a2d1181ed7e3926201d60870a0 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 31 Oct 2025 18:36:43 +0100 Subject: [PATCH 0662/2408] tests/libtest: consistent variable naming for easy/multi/share handles Follow-up to 928363f28ca533d743adcb70597c3e30917c6cbd #19299 Closes #19311 --- tests/libtest/cli_h2_pausing.c | 56 +++++------ tests/libtest/cli_h2_serverpush.c | 60 ++++++------ tests/libtest/cli_h2_upgrade_extreme.c | 32 +++---- tests/libtest/cli_hx_download.c | 104 ++++++++++----------- tests/libtest/cli_hx_upload.c | 124 ++++++++++++------------- tests/libtest/cli_tls_session_reuse.c | 42 ++++----- tests/libtest/cli_ws_data.c | 36 +++---- tests/libtest/lib1485.c | 28 +++--- tests/libtest/lib1500.c | 12 +-- tests/libtest/lib1501.c | 24 ++--- tests/libtest/lib1502.c | 36 +++---- tests/libtest/lib1506.c | 16 ++-- tests/libtest/lib1507.c | 18 ++-- tests/libtest/lib1508.c | 6 +- tests/libtest/lib1515.c | 35 +++---- tests/libtest/lib1523.c | 28 +++--- tests/libtest/lib1531.c | 30 +++--- tests/libtest/lib1533.c | 6 +- tests/libtest/lib1540.c | 36 +++---- tests/libtest/lib1541.c | 58 ++++++------ tests/libtest/lib1542.c | 24 ++--- tests/libtest/lib1545.c | 14 +-- tests/libtest/lib1550.c | 10 +- tests/libtest/lib1552.c | 16 ++-- tests/libtest/lib1553.c | 32 +++---- tests/libtest/lib1554.c | 8 +- tests/libtest/lib1557.c | 18 ++-- tests/libtest/lib1565.c | 26 +++--- tests/libtest/lib1568.c | 26 +++--- tests/libtest/lib1569.c | 18 ++-- tests/libtest/lib1592.c | 12 +-- tests/libtest/lib1662.c | 34 +++---- tests/libtest/lib1900.c | 22 ++--- tests/libtest/lib1903.c | 22 ++--- tests/libtest/lib1905.c | 50 +++++----- tests/libtest/lib1908.c | 28 +++--- tests/libtest/lib1910.c | 18 ++-- tests/libtest/lib1911.c | 10 +- tests/libtest/lib1913.c | 16 ++-- tests/libtest/lib1915.c | 72 +++++++------- tests/libtest/lib1939.c | 14 +-- tests/libtest/lib1940.c | 34 +++---- tests/libtest/lib1945.c | 26 +++--- tests/libtest/lib2032.c | 38 ++++---- tests/libtest/lib2301.c | 4 +- tests/libtest/lib2302.c | 6 +- tests/libtest/lib2306.c | 16 ++-- tests/libtest/lib2402.c | 16 ++-- tests/libtest/lib2404.c | 16 ++-- tests/libtest/lib2405.c | 58 ++++++------ tests/libtest/lib2502.c | 16 ++-- tests/libtest/lib3027.c | 16 ++-- tests/libtest/lib3033.c | 18 ++-- tests/libtest/lib3105.c | 14 +-- tests/libtest/lib3207.c | 8 +- tests/libtest/lib502.c | 22 ++--- tests/libtest/lib503.c | 36 +++---- tests/libtest/lib504.c | 32 +++---- tests/libtest/lib506.c | 8 +- tests/libtest/lib507.c | 12 +-- tests/libtest/lib525.c | 18 ++-- tests/libtest/lib526.c | 24 ++--- tests/libtest/lib530.c | 46 ++++----- tests/libtest/lib533.c | 16 ++-- tests/libtest/lib540.c | 75 +++++++-------- tests/libtest/lib543.c | 14 +-- tests/libtest/lib544.c | 6 +- tests/libtest/lib547.c | 4 +- tests/libtest/lib552.c | 4 +- tests/libtest/lib555.c | 18 ++-- tests/libtest/lib560.c | 28 +++--- tests/libtest/lib564.c | 12 +-- tests/libtest/lib573.c | 32 +++---- tests/libtest/lib575.c | 40 ++++---- tests/libtest/lib576.c | 22 ++--- tests/libtest/lib582.c | 45 ++++----- tests/libtest/lib583.c | 12 +-- tests/libtest/lib586.c | 8 +- tests/libtest/lib591.c | 20 ++-- tests/libtest/lib597.c | 16 ++-- tests/libtest/lib643.c | 8 +- tests/libtest/lib653.c | 22 ++--- tests/libtest/lib654.c | 32 +++---- tests/libtest/lib658.c | 14 +-- tests/libtest/lib659.c | 14 +-- tests/libtest/lib667.c | 18 ++-- tests/libtest/lib668.c | 18 ++-- tests/libtest/lib670.c | 36 +++---- tests/libtest/lib674.c | 20 ++-- tests/libtest/lib678.c | 9 +- tests/libtest/lib751.c | 32 +++---- tests/libtest/lib753.c | 64 ++++++------- tests/libtest/lib758.c | 52 ++++++----- tests/libtest/lib766.c | 16 ++-- tests/libtest/testtrace.c | 12 +-- tests/libtest/testtrace.h | 4 +- 96 files changed, 1258 insertions(+), 1246 deletions(-) diff --git a/tests/libtest/cli_h2_pausing.c b/tests/libtest/cli_h2_pausing.c index c3a51cf4da..692b0a3211 100644 --- a/tests/libtest/cli_h2_pausing.c +++ b/tests/libtest/cli_h2_pausing.c @@ -46,7 +46,7 @@ struct handle int resumed; int errored; int fail_write; - CURL *h; + CURL *curl; }; static size_t cb(char *data, size_t size, size_t nmemb, void *clientp) @@ -56,7 +56,7 @@ static size_t cb(char *data, size_t size, size_t nmemb, void *clientp) curl_off_t totalsize; (void)data; - if(curl_easy_getinfo(handle->h, CURLINFO_CONTENT_LENGTH_DOWNLOAD_T, + if(curl_easy_getinfo(handle->curl, CURLINFO_CONTENT_LENGTH_DOWNLOAD_T, &totalsize) == CURLE_OK) curl_mfprintf(stderr, "INFO: [%zu] write, " "Content-Length %" CURL_FORMAT_CURL_OFF_T "\n", @@ -83,7 +83,7 @@ static size_t cb(char *data, size_t size, size_t nmemb, void *clientp) static CURLcode test_cli_h2_pausing(const char *URL) { struct handle handles[2]; - CURLM *multi_handle = NULL; + CURLM *multi = NULL; int still_running = 1, msgs_left, numfds; size_t i; CURLMsg *msg; @@ -174,35 +174,39 @@ static CURLcode test_cli_h2_pausing(const char *URL) handles[i].resumed = 0; handles[i].errored = 0; handles[i].fail_write = 1; - handles[i].h = curl_easy_init(); - if(!handles[i].h || - curl_easy_setopt(handles[i].h, CURLOPT_WRITEFUNCTION, cb) != CURLE_OK || - curl_easy_setopt(handles[i].h, CURLOPT_WRITEDATA, &handles[i]) + handles[i].curl = curl_easy_init(); + if(!handles[i].curl || + curl_easy_setopt(handles[i].curl, CURLOPT_WRITEFUNCTION, cb) != CURLE_OK || - curl_easy_setopt(handles[i].h, CURLOPT_FOLLOWLOCATION, 1L) != CURLE_OK || - curl_easy_setopt(handles[i].h, CURLOPT_VERBOSE, 1L) != CURLE_OK || - curl_easy_setopt(handles[i].h, CURLOPT_DEBUGFUNCTION, cli_debug_cb) + curl_easy_setopt(handles[i].curl, CURLOPT_WRITEDATA, &handles[i]) != CURLE_OK || - curl_easy_setopt(handles[i].h, CURLOPT_SSL_VERIFYPEER, 0L) != CURLE_OK || - curl_easy_setopt(handles[i].h, CURLOPT_RESOLVE, resolve) != CURLE_OK || - curl_easy_setopt(handles[i].h, CURLOPT_PIPEWAIT, 1L) || - curl_easy_setopt(handles[i].h, CURLOPT_URL, url) != CURLE_OK) { + curl_easy_setopt(handles[i].curl, CURLOPT_FOLLOWLOCATION, 1L) + != CURLE_OK || + curl_easy_setopt(handles[i].curl, CURLOPT_VERBOSE, 1L) != CURLE_OK || + curl_easy_setopt(handles[i].curl, CURLOPT_DEBUGFUNCTION, cli_debug_cb) + != CURLE_OK || + curl_easy_setopt(handles[i].curl, CURLOPT_SSL_VERIFYPEER, 0L) + != CURLE_OK || + curl_easy_setopt(handles[i].curl, CURLOPT_RESOLVE, resolve) + != CURLE_OK || + curl_easy_setopt(handles[i].curl, CURLOPT_PIPEWAIT, 1L) != CURLE_OK || + curl_easy_setopt(handles[i].curl, CURLOPT_URL, url) != CURLE_OK) { curl_mfprintf(stderr, "failed configuring easy handle - bailing out\n"); result = (CURLcode)2; goto cleanup; } - curl_easy_setopt(handles[i].h, CURLOPT_HTTP_VERSION, http_version); + curl_easy_setopt(handles[i].curl, CURLOPT_HTTP_VERSION, http_version); } - multi_handle = curl_multi_init(); - if(!multi_handle) { + multi = curl_multi_init(); + if(!multi) { curl_mfprintf(stderr, "curl_multi_init() failed - bailing out\n"); result = (CURLcode)2; goto cleanup; } for(i = 0; i < CURL_ARRAYSIZE(handles); i++) { - if(curl_multi_add_handle(multi_handle, handles[i].h) != CURLM_OK) { + if(curl_multi_add_handle(multi, handles[i].curl) != CURLM_OK) { curl_mfprintf(stderr, "curl_multi_add_handle() failed - bailing out\n"); result = (CURLcode)2; goto cleanup; @@ -211,7 +215,7 @@ static CURLcode test_cli_h2_pausing(const char *URL) for(rounds = 0;; rounds++) { curl_mfprintf(stderr, "INFO: multi_perform round %d\n", rounds); - if(curl_multi_perform(multi_handle, &still_running) != CURLM_OK) { + if(curl_multi_perform(multi, &still_running) != CURLM_OK) { curl_mfprintf(stderr, "curl_multi_perform() failed - bailing out\n"); result = (CURLcode)2; goto cleanup; @@ -248,17 +252,17 @@ static CURLcode test_cli_h2_pausing(const char *URL) break; } - if(curl_multi_poll(multi_handle, NULL, 0, 100, &numfds) != CURLM_OK) { + if(curl_multi_poll(multi, NULL, 0, 100, &numfds) != CURLM_OK) { curl_mfprintf(stderr, "curl_multi_poll() failed - bailing out\n"); result = (CURLcode)2; goto cleanup; } /* !checksrc! disable EQUALSNULL 1 */ - while((msg = curl_multi_info_read(multi_handle, &msgs_left)) != NULL) { + while((msg = curl_multi_info_read(multi, &msgs_left)) != NULL) { if(msg->msg == CURLMSG_DONE) { for(i = 0; i < CURL_ARRAYSIZE(handles); i++) { - if(msg->easy_handle == handles[i].h) { + if(msg->easy_handle == handles[i].curl) { if(handles[i].paused != 1 || !handles[i].resumed) { curl_mfprintf(stderr, "ERROR: [%zu] done, paused=%d, " "resumed=%d, result %d - wtf?\n", i, @@ -291,7 +295,7 @@ static CURLcode test_cli_h2_pausing(const char *URL) for(i = 0; i < CURL_ARRAYSIZE(handles); i++) { curl_mfprintf(stderr, "INFO: [%zu] resumed\n", i); handles[i].resumed = 1; - curl_easy_pause(handles[i].h, CURLPAUSE_CONT); + curl_easy_pause(handles[i].curl, CURLPAUSE_CONT); } } } @@ -299,15 +303,15 @@ static CURLcode test_cli_h2_pausing(const char *URL) cleanup: for(i = 0; i < CURL_ARRAYSIZE(handles); i++) { - curl_multi_remove_handle(multi_handle, handles[i].h); - curl_easy_cleanup(handles[i].h); + curl_multi_remove_handle(multi, handles[i].curl); + curl_easy_cleanup(handles[i].curl); } curl_slist_free_all(resolve); curl_free(host); curl_free(port); curl_url_cleanup(cu); - curl_multi_cleanup(multi_handle); + curl_multi_cleanup(multi); curl_global_cleanup(); return result; diff --git a/tests/libtest/cli_h2_serverpush.c b/tests/libtest/cli_h2_serverpush.c index 59688447b1..6936b3b0d6 100644 --- a/tests/libtest/cli_h2_serverpush.c +++ b/tests/libtest/cli_h2_serverpush.c @@ -28,26 +28,26 @@ static FILE *out_download = NULL; -static int setup_h2_serverpush(CURL *hnd, const char *url) +static int setup_h2_serverpush(CURL *curl, const char *url) { out_download = curlx_fopen("download_0.data", "wb"); if(!out_download) return 1; /* failed */ - curl_easy_setopt(hnd, CURLOPT_URL, url); - curl_easy_setopt(hnd, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0); - curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYPEER, 0L); - curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYHOST, 0L); + curl_easy_setopt(curl, CURLOPT_URL, url); + curl_easy_setopt(curl, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0); + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L); - curl_easy_setopt(hnd, CURLOPT_WRITEDATA, out_download); + curl_easy_setopt(curl, CURLOPT_WRITEDATA, out_download); /* please be verbose */ - curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L); - curl_easy_setopt(hnd, CURLOPT_DEBUGFUNCTION, libtest_debug_cb); - curl_easy_setopt(hnd, CURLOPT_DEBUGDATA, &debug_config); + curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); + curl_easy_setopt(curl, CURLOPT_DEBUGFUNCTION, libtest_debug_cb); + curl_easy_setopt(curl, CURLOPT_DEBUGDATA, &debug_config); /* wait for pipe connection to confirm */ - curl_easy_setopt(hnd, CURLOPT_PIPEWAIT, 1L); + curl_easy_setopt(curl, CURLOPT_PIPEWAIT, 1L); return 0; /* all is good */ } @@ -56,7 +56,7 @@ static FILE *out_push = NULL; /* called when there is an incoming push */ static int server_push_callback(CURL *parent, - CURL *easy, + CURL *curl, size_t num_headers, struct curl_pushheaders *headers, void *userp) @@ -80,7 +80,7 @@ static int server_push_callback(CURL *parent, } /* write to this file */ - curl_easy_setopt(easy, CURLOPT_WRITEDATA, out_push); + curl_easy_setopt(curl, CURLOPT_WRITEDATA, out_push); curl_mfprintf(stderr, "**** push callback approves stream %u, " "got %zu headers!\n", count, num_headers); @@ -106,8 +106,8 @@ static int server_push_callback(CURL *parent, */ static CURLcode test_cli_h2_serverpush(const char *URL) { - CURL *easy = NULL; - CURLM *multi_handle; + CURL *curl = NULL; + CURLM *multi; int transfers = 1; /* we start with one */ CURLcode result = CURLE_OK; @@ -124,38 +124,38 @@ static CURLcode test_cli_h2_serverpush(const char *URL) return (CURLcode)3; } - multi_handle = curl_multi_init(); - if(!multi_handle) { + multi = curl_multi_init(); + if(!multi) { result = (CURLcode)1; goto cleanup; } - easy = curl_easy_init(); - if(!easy) { + curl = curl_easy_init(); + if(!curl) { result = (CURLcode)1; goto cleanup; } - if(setup_h2_serverpush(easy, URL)) { + if(setup_h2_serverpush(curl, URL)) { curl_mfprintf(stderr, "failed\n"); result = (CURLcode)1; goto cleanup; } - curl_multi_setopt(multi_handle, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX); - curl_multi_setopt(multi_handle, CURLMOPT_PUSHFUNCTION, server_push_callback); - curl_multi_setopt(multi_handle, CURLMOPT_PUSHDATA, &transfers); + curl_multi_setopt(multi, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX); + curl_multi_setopt(multi, CURLMOPT_PUSHFUNCTION, server_push_callback); + curl_multi_setopt(multi, CURLMOPT_PUSHDATA, &transfers); - curl_multi_add_handle(multi_handle, easy); + curl_multi_add_handle(multi, curl); do { struct CURLMsg *m; int still_running; /* keep number of running handles */ - CURLMcode mc = curl_multi_perform(multi_handle, &still_running); + CURLMcode mc = curl_multi_perform(multi, &still_running); if(still_running) /* wait for activity, timeout or "nothing" */ - mc = curl_multi_poll(multi_handle, NULL, 0, 1000, NULL); + mc = curl_multi_poll(multi, NULL, 0, 1000, NULL); if(mc) break; @@ -167,12 +167,12 @@ static CURLcode test_cli_h2_serverpush(const char *URL) */ do { int msgq = 0; - m = curl_multi_info_read(multi_handle, &msgq); + m = curl_multi_info_read(multi, &msgq); if(m && (m->msg == CURLMSG_DONE)) { - CURL *e = m->easy_handle; + CURL *easy = m->easy_handle; transfers--; - curl_multi_remove_handle(multi_handle, e); - curl_easy_cleanup(e); + curl_multi_remove_handle(multi, easy); + curl_easy_cleanup(easy); } } while(m); @@ -180,7 +180,7 @@ static CURLcode test_cli_h2_serverpush(const char *URL) cleanup: - curl_multi_cleanup(multi_handle); + curl_multi_cleanup(multi); if(out_download) curlx_fclose(out_download); diff --git a/tests/libtest/cli_h2_upgrade_extreme.c b/tests/libtest/cli_h2_upgrade_extreme.c index 7dc8f67816..eb05493800 100644 --- a/tests/libtest/cli_h2_upgrade_extreme.c +++ b/tests/libtest/cli_h2_upgrade_extreme.c @@ -37,7 +37,7 @@ static size_t write_h2_upg_extreme_cb(char *ptr, size_t size, size_t nmemb, static CURLcode test_cli_h2_upgrade_extreme(const char *URL) { CURLM *multi = NULL; - CURL *easy; + CURL *curl; CURLMcode mc; int running_handles = 0, start_count, numfds; CURLMsg *msg; @@ -64,33 +64,33 @@ static CURLcode test_cli_h2_upgrade_extreme(const char *URL) start_count = 200; do { if(start_count) { - easy = curl_easy_init(); - if(!easy) { + curl = curl_easy_init(); + if(!curl) { curl_mfprintf(stderr, "curl_easy_init failed\n"); goto cleanup; } - curl_easy_setopt(easy, CURLOPT_VERBOSE, 1L); - curl_easy_setopt(easy, CURLOPT_DEBUGFUNCTION, cli_debug_cb); - curl_easy_setopt(easy, CURLOPT_URL, URL); - curl_easy_setopt(easy, CURLOPT_NOSIGNAL, 1L); - curl_easy_setopt(easy, CURLOPT_AUTOREFERER, 1L); - curl_easy_setopt(easy, CURLOPT_FAILONERROR, 1L); - curl_easy_setopt(easy, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0); - curl_easy_setopt(easy, CURLOPT_WRITEFUNCTION, write_h2_upg_extreme_cb); - curl_easy_setopt(easy, CURLOPT_WRITEDATA, NULL); - curl_easy_setopt(easy, CURLOPT_HTTPGET, 1L); + curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); + curl_easy_setopt(curl, CURLOPT_DEBUGFUNCTION, cli_debug_cb); + curl_easy_setopt(curl, CURLOPT_URL, URL); + curl_easy_setopt(curl, CURLOPT_NOSIGNAL, 1L); + curl_easy_setopt(curl, CURLOPT_AUTOREFERER, 1L); + curl_easy_setopt(curl, CURLOPT_FAILONERROR, 1L); + curl_easy_setopt(curl, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_h2_upg_extreme_cb); + curl_easy_setopt(curl, CURLOPT_WRITEDATA, NULL); + curl_easy_setopt(curl, CURLOPT_HTTPGET, 1L); curl_msnprintf(range, sizeof(range), "%" CURL_FORMAT_CURL_OFF_TU "-" "%" CURL_FORMAT_CURL_OFF_TU, (curl_off_t)0, (curl_off_t)16384); - curl_easy_setopt(easy, CURLOPT_RANGE, range); + curl_easy_setopt(curl, CURLOPT_RANGE, range); - mc = curl_multi_add_handle(multi, easy); + mc = curl_multi_add_handle(multi, curl); if(mc != CURLM_OK) { curl_mfprintf(stderr, "curl_multi_add_handle: %s\n", curl_multi_strerror(mc)); - curl_easy_cleanup(easy); + curl_easy_cleanup(curl); goto cleanup; } --start_count; diff --git a/tests/libtest/cli_hx_download.c b/tests/libtest/cli_hx_download.c index a12d0e95c2..b7ad5912a9 100644 --- a/tests/libtest/cli_hx_download.c +++ b/tests/libtest/cli_hx_download.c @@ -51,7 +51,7 @@ static int verbose_d = 1; struct transfer_d { size_t idx; - CURL *easy; + CURL *curl; char filename[128]; FILE *out; curl_off_t recv_size; @@ -70,11 +70,11 @@ static size_t transfer_count_d = 1; static struct transfer_d *transfer_d; static int forbid_reuse_d = 0; -static struct transfer_d *get_transfer_for_easy_d(CURL *easy) +static struct transfer_d *get_transfer_for_easy_d(CURL *curl) { size_t i; for(i = 0; i < transfer_count_d; ++i) { - if(easy == transfer_d[i].easy) + if(curl == transfer_d[i].curl) return &transfer_d[i]; } return NULL; @@ -143,7 +143,7 @@ static int my_progress_d_cb(void *userdata, CURLcode res; t->checked_ssl = TRUE; - res = curl_easy_getinfo(t->easy, CURLINFO_TLS_SSL_PTR, &tls); + res = curl_easy_getinfo(t->curl, CURLINFO_TLS_SSL_PTR, &tls); if(res) { curl_mfprintf(stderr, "[t-%zu] info CURLINFO_TLS_SSL_PTR failed: %d\n", t->idx, res); @@ -212,40 +212,40 @@ static int my_progress_d_cb(void *userdata, return 0; } -static int setup_hx_download(CURL *hnd, const char *url, struct transfer_d *t, +static int setup_hx_download(CURL *curl, const char *url, struct transfer_d *t, long http_version, struct curl_slist *host, CURLSH *share, int use_earlydata, int fresh_connect) { - curl_easy_setopt(hnd, CURLOPT_SHARE, share); - curl_easy_setopt(hnd, CURLOPT_URL, url); - curl_easy_setopt(hnd, CURLOPT_HTTP_VERSION, http_version); - curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYPEER, 0L); - curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYHOST, 0L); - curl_easy_setopt(hnd, CURLOPT_ACCEPT_ENCODING, ""); - curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, (long)(128 * 1024)); - curl_easy_setopt(hnd, CURLOPT_WRITEFUNCTION, my_write_d_cb); - curl_easy_setopt(hnd, CURLOPT_WRITEDATA, t); - curl_easy_setopt(hnd, CURLOPT_NOPROGRESS, 0L); - curl_easy_setopt(hnd, CURLOPT_XFERINFOFUNCTION, my_progress_d_cb); - curl_easy_setopt(hnd, CURLOPT_XFERINFODATA, t); + curl_easy_setopt(curl, CURLOPT_SHARE, share); + curl_easy_setopt(curl, CURLOPT_URL, url); + curl_easy_setopt(curl, CURLOPT_HTTP_VERSION, http_version); + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L); + curl_easy_setopt(curl, CURLOPT_ACCEPT_ENCODING, ""); + curl_easy_setopt(curl, CURLOPT_BUFFERSIZE, (long)(128 * 1024)); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, my_write_d_cb); + curl_easy_setopt(curl, CURLOPT_WRITEDATA, t); + curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 0L); + curl_easy_setopt(curl, CURLOPT_XFERINFOFUNCTION, my_progress_d_cb); + curl_easy_setopt(curl, CURLOPT_XFERINFODATA, t); if(use_earlydata) - curl_easy_setopt(hnd, CURLOPT_SSL_OPTIONS, CURLSSLOPT_EARLYDATA); + curl_easy_setopt(curl, CURLOPT_SSL_OPTIONS, CURLSSLOPT_EARLYDATA); if(forbid_reuse_d) - curl_easy_setopt(hnd, CURLOPT_FORBID_REUSE, 1L); + curl_easy_setopt(curl, CURLOPT_FORBID_REUSE, 1L); if(host) - curl_easy_setopt(hnd, CURLOPT_RESOLVE, host); + curl_easy_setopt(curl, CURLOPT_RESOLVE, host); if(fresh_connect) - curl_easy_setopt(hnd, CURLOPT_FRESH_CONNECT, 1L); + curl_easy_setopt(curl, CURLOPT_FRESH_CONNECT, 1L); /* please be verbose */ if(verbose_d) { - curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L); - curl_easy_setopt(hnd, CURLOPT_DEBUGFUNCTION, cli_debug_cb); + curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); + curl_easy_setopt(curl, CURLOPT_DEBUGFUNCTION, cli_debug_cb); } /* wait for pipe connection to confirm */ - curl_easy_setopt(hnd, CURLOPT_PIPEWAIT, 1L); + curl_easy_setopt(curl, CURLOPT_PIPEWAIT, 1L); return 0; /* all is good */ } @@ -278,7 +278,7 @@ static void usage_hx_download(const char *msg) */ static CURLcode test_cli_hx_download(const char *URL) { - CURLM *multi_handle = NULL; + CURLM *multi = NULL; struct CURLMsg *m; CURLSH *share = NULL; const char *url; @@ -405,11 +405,11 @@ static CURLcode test_cli_hx_download(const char *URL) goto cleanup; } - multi_handle = curl_multi_init(); - curl_multi_setopt(multi_handle, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX); - curl_multi_setopt(multi_handle, CURLMOPT_MAX_TOTAL_CONNECTIONS, + multi = curl_multi_init(); + curl_multi_setopt(multi, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX); + curl_multi_setopt(multi, CURLMOPT_MAX_TOTAL_CONNECTIONS, (long)max_total_conns); - curl_multi_setopt(multi_handle, CURLMOPT_MAX_HOST_CONNECTIONS, + curl_multi_setopt(multi, CURLMOPT_MAX_HOST_CONNECTIONS, (long)max_host_conns); active_transfers = 0; @@ -424,15 +424,15 @@ static CURLcode test_cli_hx_download(const char *URL) n = (max_parallel < transfer_count_d) ? max_parallel : transfer_count_d; for(i = 0; i < n; ++i) { t = &transfer_d[i]; - t->easy = curl_easy_init(); - if(!t->easy || - setup_hx_download(t->easy, url, t, http_version, host, share, + t->curl = curl_easy_init(); + if(!t->curl || + setup_hx_download(t->curl, url, t, http_version, host, share, use_earlydata, fresh_connect)) { curl_mfprintf(stderr, "[t-%zu] FAILED setup\n", i); result = (CURLcode)1; goto cleanup; } - curl_multi_add_handle(multi_handle, t->easy); + curl_multi_add_handle(multi, t->curl); t->started = 1; ++active_transfers; curl_mfprintf(stderr, "[t-%zu] STARTED\n", t->idx); @@ -440,11 +440,11 @@ static CURLcode test_cli_hx_download(const char *URL) do { int still_running; /* keep number of running handles */ - CURLMcode mc = curl_multi_perform(multi_handle, &still_running); + CURLMcode mc = curl_multi_perform(multi, &still_running); if(still_running) { /* wait for activity, timeout or "nothing" */ - mc = curl_multi_poll(multi_handle, NULL, 0, 1000, NULL); + mc = curl_multi_poll(multi, NULL, 0, 1000, NULL); } if(mc) @@ -452,12 +452,12 @@ static CURLcode test_cli_hx_download(const char *URL) do { int msgq = 0; - m = curl_multi_info_read(multi_handle, &msgq); + m = curl_multi_info_read(multi, &msgq); if(m && (m->msg == CURLMSG_DONE)) { - CURL *e = m->easy_handle; + CURL *easy = m->easy_handle; --active_transfers; - curl_multi_remove_handle(multi_handle, e); - t = get_transfer_for_easy_d(e); + curl_multi_remove_handle(multi, easy); + t = get_transfer_for_easy_d(easy); if(t) { t->done = 1; t->result = m->data.result; @@ -465,13 +465,13 @@ static CURLcode test_cli_hx_download(const char *URL) t->idx, t->result); if(use_earlydata) { curl_off_t sent; - curl_easy_getinfo(e, CURLINFO_EARLYDATA_SENT_T, &sent); + curl_easy_getinfo(easy, CURLINFO_EARLYDATA_SENT_T, &sent); curl_mfprintf(stderr, "[t-%zu] EarlyData: " "%" CURL_FORMAT_CURL_OFF_T "\n", t->idx, sent); } } else { - curl_easy_cleanup(e); + curl_easy_cleanup(easy); curl_mfprintf(stderr, "unknown FINISHED???\n"); } } @@ -481,8 +481,8 @@ static CURLcode test_cli_hx_download(const char *URL) /* abort paused transfers */ for(i = 0; i < transfer_count_d; ++i) { t = &transfer_d[i]; - if(!t->done && t->paused && t->easy) { - curl_multi_remove_handle(multi_handle, t->easy); + if(!t->done && t->paused && t->curl) { + curl_multi_remove_handle(multi, t->curl); t->done = 1; active_transfers--; curl_mfprintf(stderr, "[t-%zu] ABORTED\n", t->idx); @@ -496,7 +496,7 @@ static CURLcode test_cli_hx_download(const char *URL) if(!t->done && t->paused) { t->resumed = 1; t->paused = 0; - curl_easy_pause(t->easy, CURLPAUSE_CONT); + curl_easy_pause(t->curl, CURLPAUSE_CONT); curl_mfprintf(stderr, "[t-%zu] RESUMED\n", t->idx); break; } @@ -507,15 +507,15 @@ static CURLcode test_cli_hx_download(const char *URL) for(i = 0; i < transfer_count_d; ++i) { t = &transfer_d[i]; if(!t->started) { - t->easy = curl_easy_init(); - if(!t->easy || - setup_hx_download(t->easy, url, t, http_version, host, share, + t->curl = curl_easy_init(); + if(!t->curl || + setup_hx_download(t->curl, url, t, http_version, host, share, use_earlydata, fresh_connect)) { curl_mfprintf(stderr, "[t-%zu] FAILED setup\n", i); result = (CURLcode)1; goto cleanup; } - curl_multi_add_handle(multi_handle, t->easy); + curl_multi_add_handle(multi, t->curl); t->started = 1; ++active_transfers; curl_mfprintf(stderr, "[t-%zu] STARTED\n", t->idx); @@ -532,7 +532,7 @@ static CURLcode test_cli_hx_download(const char *URL) cleanup: - curl_multi_cleanup(multi_handle); + curl_multi_cleanup(multi); if(transfer_d) { for(i = 0; i < transfer_count_d; ++i) { @@ -541,9 +541,9 @@ cleanup: curlx_fclose(t->out); t->out = NULL; } - if(t->easy) { - curl_easy_cleanup(t->easy); - t->easy = NULL; + if(t->curl) { + curl_easy_cleanup(t->curl); + t->curl = NULL; } if(t->result) result = t->result; diff --git a/tests/libtest/cli_hx_upload.c b/tests/libtest/cli_hx_upload.c index 646836cb37..5069bcab63 100644 --- a/tests/libtest/cli_hx_upload.c +++ b/tests/libtest/cli_hx_upload.c @@ -30,7 +30,7 @@ static int verbose_u = 1; struct transfer_u { size_t idx; - CURL *easy; + CURL *curl; const char *method; char filename[128]; curl_mime *mime; @@ -51,11 +51,11 @@ static size_t transfer_count_u = 1; static struct transfer_u *transfer_u; static int forbid_reuse_u = 0; -static struct transfer_u *get_transfer_for_easy_u(CURL *easy) +static struct transfer_u *get_transfer_for_easy_u(CURL *curl) { size_t i; for(i = 0; i < transfer_count_u; ++i) { - if(easy == transfer_u[i].easy) + if(curl == transfer_u[i].curl) return &transfer_u[i]; } return NULL; @@ -142,62 +142,62 @@ static int my_progress_u_cb(void *userdata, return 0; } -static int setup_hx_upload(CURL *hnd, const char *url, struct transfer_u *t, +static int setup_hx_upload(CURL *curl, const char *url, struct transfer_u *t, long http_version, struct curl_slist *host, CURLSH *share, int use_earlydata, int announce_length) { - curl_easy_setopt(hnd, CURLOPT_SHARE, share); - curl_easy_setopt(hnd, CURLOPT_URL, url); - curl_easy_setopt(hnd, CURLOPT_HTTP_VERSION, http_version); - curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYPEER, 0L); - curl_easy_setopt(hnd, CURLOPT_SSL_VERIFYHOST, 0L); - curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, (long)(128 * 1024)); - curl_easy_setopt(hnd, CURLOPT_FOLLOWLOCATION, CURLFOLLOW_OBEYCODE); - curl_easy_setopt(hnd, CURLOPT_WRITEFUNCTION, my_write_u_cb); - curl_easy_setopt(hnd, CURLOPT_WRITEDATA, t); + curl_easy_setopt(curl, CURLOPT_SHARE, share); + curl_easy_setopt(curl, CURLOPT_URL, url); + curl_easy_setopt(curl, CURLOPT_HTTP_VERSION, http_version); + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L); + curl_easy_setopt(curl, CURLOPT_BUFFERSIZE, (long)(128 * 1024)); + curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, CURLFOLLOW_OBEYCODE); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, my_write_u_cb); + curl_easy_setopt(curl, CURLOPT_WRITEDATA, t); if(use_earlydata) - curl_easy_setopt(hnd, CURLOPT_SSL_OPTIONS, CURLSSLOPT_EARLYDATA); + curl_easy_setopt(curl, CURLOPT_SSL_OPTIONS, CURLSSLOPT_EARLYDATA); if(!strcmp("MIME", t->method)) { curl_mimepart *part; - t->mime = curl_mime_init(hnd); + t->mime = curl_mime_init(curl); part = curl_mime_addpart(t->mime); curl_mime_name(part, "file"); curl_mime_data_cb(part, -1, my_read_cb, NULL, NULL, t); - curl_easy_setopt(hnd, CURLOPT_MIMEPOST, t->mime); + curl_easy_setopt(curl, CURLOPT_MIMEPOST, t->mime); } else { if(!t->method || !strcmp("PUT", t->method)) - curl_easy_setopt(hnd, CURLOPT_UPLOAD, 1L); + curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L); else if(!strcmp("POST", t->method)) - curl_easy_setopt(hnd, CURLOPT_POST, 1L); + curl_easy_setopt(curl, CURLOPT_POST, 1L); else { curl_mfprintf(stderr, "unsupported method '%s'\n", t->method); return 1; } - curl_easy_setopt(hnd, CURLOPT_READFUNCTION, my_read_cb); - curl_easy_setopt(hnd, CURLOPT_READDATA, t); + curl_easy_setopt(curl, CURLOPT_READFUNCTION, my_read_cb); + curl_easy_setopt(curl, CURLOPT_READDATA, t); if(announce_length) - curl_easy_setopt(hnd, CURLOPT_INFILESIZE_LARGE, t->send_total); + curl_easy_setopt(curl, CURLOPT_INFILESIZE_LARGE, t->send_total); } - curl_easy_setopt(hnd, CURLOPT_NOPROGRESS, 0L); - curl_easy_setopt(hnd, CURLOPT_XFERINFOFUNCTION, my_progress_u_cb); - curl_easy_setopt(hnd, CURLOPT_XFERINFODATA, t); + curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 0L); + curl_easy_setopt(curl, CURLOPT_XFERINFOFUNCTION, my_progress_u_cb); + curl_easy_setopt(curl, CURLOPT_XFERINFODATA, t); if(forbid_reuse_u) - curl_easy_setopt(hnd, CURLOPT_FORBID_REUSE, 1L); + curl_easy_setopt(curl, CURLOPT_FORBID_REUSE, 1L); if(host) - curl_easy_setopt(hnd, CURLOPT_RESOLVE, host); + curl_easy_setopt(curl, CURLOPT_RESOLVE, host); /* please be verbose */ if(verbose_u) { - curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L); - curl_easy_setopt(hnd, CURLOPT_DEBUGFUNCTION, cli_debug_cb); + curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); + curl_easy_setopt(curl, CURLOPT_DEBUGFUNCTION, cli_debug_cb); } /* wait for pipe connection to confirm */ - curl_easy_setopt(hnd, CURLOPT_PIPEWAIT, 1L); + curl_easy_setopt(curl, CURLOPT_PIPEWAIT, 1L); return 0; /* all is good */ } @@ -227,7 +227,7 @@ static void usage_hx_upload(const char *msg) */ static CURLcode test_cli_hx_upload(const char *URL) { - CURLM *multi_handle; + CURLM *multi; CURLSH *share; const char *url; const char *method = "PUT"; @@ -369,8 +369,8 @@ static CURLcode test_cli_hx_upload(const char *URL) } if(reuse_easy) { - CURL *easy = curl_easy_init(); - if(!easy) { + CURL *curl = curl_easy_init(); + if(!curl) { curl_mfprintf(stderr, "failed to init easy handle\n"); result = (CURLcode)1; goto cleanup; @@ -378,8 +378,8 @@ static CURLcode test_cli_hx_upload(const char *URL) for(i = 0; i < transfer_count_u; ++i) { CURLcode rc; t = &transfer_u[i]; - t->easy = easy; - if(setup_hx_upload(t->easy, url, t, http_version, host, share, + t->curl = curl; + if(setup_hx_upload(t->curl, url, t, http_version, host, share, use_earlydata, announce_length)) { curl_mfprintf(stderr, "[t-%zu] FAILED setup\n", i); result = (CURLcode)1; @@ -387,28 +387,28 @@ static CURLcode test_cli_hx_upload(const char *URL) } curl_mfprintf(stderr, "[t-%zu] STARTING\n", t->idx); - rc = curl_easy_perform(easy); + rc = curl_easy_perform(curl); curl_mfprintf(stderr, "[t-%zu] DONE -> %d\n", t->idx, rc); - t->easy = NULL; - curl_easy_reset(easy); + t->curl = NULL; + curl_easy_reset(curl); } - curl_easy_cleanup(easy); + curl_easy_cleanup(curl); } else { - multi_handle = curl_multi_init(); - curl_multi_setopt(multi_handle, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX); + multi = curl_multi_init(); + curl_multi_setopt(multi, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX); n = (max_parallel < transfer_count_u) ? max_parallel : transfer_count_u; for(i = 0; i < n; ++i) { t = &transfer_u[i]; - t->easy = curl_easy_init(); - if(!t->easy || setup_hx_upload(t->easy, url, t, http_version, host, + t->curl = curl_easy_init(); + if(!t->curl || setup_hx_upload(t->curl, url, t, http_version, host, share, use_earlydata, announce_length)) { curl_mfprintf(stderr, "[t-%zu] FAILED setup\n", i); result = (CURLcode)1; goto cleanup; } - curl_multi_add_handle(multi_handle, t->easy); + curl_multi_add_handle(multi, t->curl); t->started = 1; ++active_transfers; curl_mfprintf(stderr, "[t-%zu] STARTED\n", t->idx); @@ -416,12 +416,12 @@ static CURLcode test_cli_hx_upload(const char *URL) do { int still_running; /* keep number of running handles */ - CURLMcode mc = curl_multi_perform(multi_handle, &still_running); + CURLMcode mc = curl_multi_perform(multi, &still_running); struct CURLMsg *m; if(still_running) { /* wait for activity, timeout or "nothing" */ - mc = curl_multi_poll(multi_handle, NULL, 0, 1000, NULL); + mc = curl_multi_poll(multi, NULL, 0, 1000, NULL); } if(mc) @@ -429,28 +429,28 @@ static CURLcode test_cli_hx_upload(const char *URL) do { int msgq = 0; - m = curl_multi_info_read(multi_handle, &msgq); + m = curl_multi_info_read(multi, &msgq); if(m && (m->msg == CURLMSG_DONE)) { - CURL *e = m->easy_handle; + CURL *easy = m->easy_handle; --active_transfers; - curl_multi_remove_handle(multi_handle, e); - t = get_transfer_for_easy_u(e); + curl_multi_remove_handle(multi, easy); + t = get_transfer_for_easy_u(easy); if(t) { long res_status; - curl_easy_getinfo(e, CURLINFO_RESPONSE_CODE, &res_status); + curl_easy_getinfo(easy, CURLINFO_RESPONSE_CODE, &res_status); t->done = 1; curl_mfprintf(stderr, "[t-%zu] FINISHED, " "result=%d, response=%ld\n", t->idx, m->data.result, res_status); if(use_earlydata) { curl_off_t sent; - curl_easy_getinfo(e, CURLINFO_EARLYDATA_SENT_T, &sent); + curl_easy_getinfo(easy, CURLINFO_EARLYDATA_SENT_T, &sent); curl_mfprintf(stderr, "[t-%zu] EarlyData: " "%" CURL_FORMAT_CURL_OFF_T "\n", t->idx, sent); } } else { - curl_easy_cleanup(e); + curl_easy_cleanup(easy); curl_mfprintf(stderr, "unknown FINISHED???\n"); } } @@ -461,8 +461,8 @@ static CURLcode test_cli_hx_upload(const char *URL) /* abort paused transfers */ for(i = 0; i < transfer_count_u; ++i) { t = &transfer_u[i]; - if(!t->done && t->paused && t->easy) { - curl_multi_remove_handle(multi_handle, t->easy); + if(!t->done && t->paused && t->curl) { + curl_multi_remove_handle(multi, t->curl); t->done = 1; active_transfers--; curl_mfprintf(stderr, "[t-%zu] ABORTED\n", t->idx); @@ -476,7 +476,7 @@ static CURLcode test_cli_hx_upload(const char *URL) if(!t->done && t->paused) { t->resumed = 1; t->paused = 0; - curl_easy_pause(t->easy, CURLPAUSE_CONT); + curl_easy_pause(t->curl, CURLPAUSE_CONT); curl_mfprintf(stderr, "[t-%zu] RESUMED\n", t->idx); break; } @@ -487,15 +487,15 @@ static CURLcode test_cli_hx_upload(const char *URL) for(i = 0; i < transfer_count_u; ++i) { t = &transfer_u[i]; if(!t->started) { - t->easy = curl_easy_init(); - if(!t->easy || setup_hx_upload(t->easy, url, t, http_version, + t->curl = curl_easy_init(); + if(!t->curl || setup_hx_upload(t->curl, url, t, http_version, host, share, use_earlydata, announce_length)) { curl_mfprintf(stderr, "[t-%zu] FAILED setup\n", i); result = (CURLcode)1; goto cleanup; } - curl_multi_add_handle(multi_handle, t->easy); + curl_multi_add_handle(multi, t->curl); t->started = 1; ++active_transfers; curl_mfprintf(stderr, "[t-%zu] STARTED\n", t->idx); @@ -511,7 +511,7 @@ static CURLcode test_cli_hx_upload(const char *URL) } while(active_transfers); /* as long as we have transfers going */ curl_mfprintf(stderr, "all transfers done, cleanup multi\n"); - curl_multi_cleanup(multi_handle); + curl_multi_cleanup(multi); } cleanup: @@ -523,9 +523,9 @@ cleanup: curlx_fclose(t->out); t->out = NULL; } - if(t->easy) { - curl_easy_cleanup(t->easy); - t->easy = NULL; + if(t->curl) { + curl_easy_cleanup(t->curl); + t->curl = NULL; } if(t->mime) { curl_mime_free(t->mime); diff --git a/tests/libtest/cli_tls_session_reuse.c b/tests/libtest/cli_tls_session_reuse.c index 21f2c2da80..2a6c0ea3bf 100644 --- a/tests/libtest/cli_tls_session_reuse.c +++ b/tests/libtest/cli_tls_session_reuse.c @@ -30,13 +30,13 @@ static int tse_found_tls_session = FALSE; static size_t write_tse_cb(char *ptr, size_t size, size_t nmemb, void *opaque) { - CURL *easy = opaque; + CURL *curl = opaque; (void)ptr; if(!tse_found_tls_session) { struct curl_tlssessioninfo *tlssession; CURLcode rc; - rc = curl_easy_getinfo(easy, CURLINFO_TLS_SSL_PTR, &tlssession); + rc = curl_easy_getinfo(curl, CURLINFO_TLS_SSL_PTR, &tlssession); if(rc) { curl_mfprintf(stderr, "curl_easy_getinfo(CURLINFO_TLS_SSL_PTR) " "failed: %s\n", curl_easy_strerror(rc)); @@ -61,38 +61,38 @@ static CURL *tse_add_transfer(CURLM *multi, CURLSH *share, struct curl_slist *resolve, const char *url, long http_version) { - CURL *easy; + CURL *curl; CURLMcode mc; - easy = curl_easy_init(); - if(!easy) { + curl = curl_easy_init(); + if(!curl) { curl_mfprintf(stderr, "curl_easy_init failed\n"); return NULL; } - curl_easy_setopt(easy, CURLOPT_VERBOSE, 1L); - curl_easy_setopt(easy, CURLOPT_DEBUGFUNCTION, cli_debug_cb); - curl_easy_setopt(easy, CURLOPT_URL, url); - curl_easy_setopt(easy, CURLOPT_SHARE, share); - curl_easy_setopt(easy, CURLOPT_NOSIGNAL, 1L); - curl_easy_setopt(easy, CURLOPT_AUTOREFERER, 1L); - curl_easy_setopt(easy, CURLOPT_FAILONERROR, 1L); - curl_easy_setopt(easy, CURLOPT_HTTP_VERSION, http_version); - curl_easy_setopt(easy, CURLOPT_WRITEFUNCTION, write_tse_cb); - curl_easy_setopt(easy, CURLOPT_WRITEDATA, easy); - curl_easy_setopt(easy, CURLOPT_HTTPGET, 1L); - curl_easy_setopt(easy, CURLOPT_SSL_VERIFYPEER, 0L); + curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); + curl_easy_setopt(curl, CURLOPT_DEBUGFUNCTION, cli_debug_cb); + curl_easy_setopt(curl, CURLOPT_URL, url); + curl_easy_setopt(curl, CURLOPT_SHARE, share); + curl_easy_setopt(curl, CURLOPT_NOSIGNAL, 1L); + curl_easy_setopt(curl, CURLOPT_AUTOREFERER, 1L); + curl_easy_setopt(curl, CURLOPT_FAILONERROR, 1L); + curl_easy_setopt(curl, CURLOPT_HTTP_VERSION, http_version); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_tse_cb); + curl_easy_setopt(curl, CURLOPT_WRITEDATA, curl); + curl_easy_setopt(curl, CURLOPT_HTTPGET, 1L); + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); if(resolve) - curl_easy_setopt(easy, CURLOPT_RESOLVE, resolve); + curl_easy_setopt(curl, CURLOPT_RESOLVE, resolve); - mc = curl_multi_add_handle(multi, easy); + mc = curl_multi_add_handle(multi, curl); if(mc != CURLM_OK) { curl_mfprintf(stderr, "curl_multi_add_handle: %s\n", curl_multi_strerror(mc)); - curl_easy_cleanup(easy); + curl_easy_cleanup(curl); return NULL; } - return easy; + return curl; } static CURLcode test_cli_tls_session_reuse(const char *URL) diff --git a/tests/libtest/cli_ws_data.c b/tests/libtest/cli_ws_data.c index 7223f99c4f..8b8b1fa0d1 100644 --- a/tests/libtest/cli_ws_data.c +++ b/tests/libtest/cli_ws_data.c @@ -190,7 +190,7 @@ out: } struct test_ws_m1_ctx { - CURL *easy; + CURL *curl; char *send_buf; char *recv_buf; size_t send_len, nsent; @@ -216,7 +216,7 @@ static size_t test_ws_data_m1_read(char *buf, size_t nitems, size_t buflen, goto out; if(!ctx->frame_reading) { - curl_ws_start_frame(ctx->easy, CURLWS_BINARY, ctx->send_len); + curl_ws_start_frame(ctx->curl, CURLWS_BINARY, ctx->send_len); ctx->frame_reading = TRUE; } @@ -310,8 +310,8 @@ static CURLcode test_ws_data_m1_echo(const char *url, goto out; } - m1_ctx.easy = curl_easy_init(); - if(!m1_ctx.easy) { + m1_ctx.curl = curl_easy_init(); + if(!m1_ctx.curl) { r = CURLE_OUT_OF_MEMORY; goto out; } @@ -330,22 +330,22 @@ static CURLcode test_ws_data_m1_echo(const char *url, m1_ctx.frames_read = 0; m1_ctx.frames_written = 0; memset(m1_ctx.recv_buf, 0, plen_max); - curl_easy_pause(m1_ctx.easy, CURLPAUSE_CONT); + curl_easy_pause(m1_ctx.curl, CURLPAUSE_CONT); - curl_easy_reset(m1_ctx.easy); - curl_easy_setopt(m1_ctx.easy, CURLOPT_URL, url); + curl_easy_reset(m1_ctx.curl); + curl_easy_setopt(m1_ctx.curl, CURLOPT_URL, url); /* use the callback style */ - curl_easy_setopt(m1_ctx.easy, CURLOPT_USERAGENT, "ws-data"); - curl_easy_setopt(m1_ctx.easy, CURLOPT_VERBOSE, 1L); + curl_easy_setopt(m1_ctx.curl, CURLOPT_USERAGENT, "ws-data"); + curl_easy_setopt(m1_ctx.curl, CURLOPT_VERBOSE, 1L); /* we want to send */ - curl_easy_setopt(m1_ctx.easy, CURLOPT_UPLOAD, 1L); - curl_easy_setopt(m1_ctx.easy, CURLOPT_READFUNCTION, test_ws_data_m1_read); - curl_easy_setopt(m1_ctx.easy, CURLOPT_READDATA, &m1_ctx); - curl_easy_setopt(m1_ctx.easy, CURLOPT_WRITEFUNCTION, + curl_easy_setopt(m1_ctx.curl, CURLOPT_UPLOAD, 1L); + curl_easy_setopt(m1_ctx.curl, CURLOPT_READFUNCTION, test_ws_data_m1_read); + curl_easy_setopt(m1_ctx.curl, CURLOPT_READDATA, &m1_ctx); + curl_easy_setopt(m1_ctx.curl, CURLOPT_WRITEFUNCTION, test_ws_data_m1_write); - curl_easy_setopt(m1_ctx.easy, CURLOPT_WRITEDATA, &m1_ctx); + curl_easy_setopt(m1_ctx.curl, CURLOPT_WRITEDATA, &m1_ctx); - curl_multi_add_handle(multi, m1_ctx.easy); + curl_multi_add_handle(multi, m1_ctx.curl); while(1) { int still_running; /* keep number of running handles */ @@ -366,7 +366,7 @@ static CURLcode test_ws_data_m1_echo(const char *url, } - curl_multi_remove_handle(multi, m1_ctx.easy); + curl_multi_remove_handle(multi, m1_ctx.curl); /* check results */ if(m1_ctx.frames_read < m1_ctx.nframes) { @@ -386,8 +386,8 @@ static CURLcode test_ws_data_m1_echo(const char *url, out: if(multi) curl_multi_cleanup(multi); - if(m1_ctx.easy) { - curl_easy_cleanup(m1_ctx.easy); + if(m1_ctx.curl) { + curl_easy_cleanup(m1_ctx.curl); } free(m1_ctx.send_buf); free(m1_ctx.recv_buf); diff --git a/tests/libtest/lib1485.c b/tests/libtest/lib1485.c index dd2b9728b7..36be7cd1e8 100644 --- a/tests/libtest/lib1485.c +++ b/tests/libtest/lib1485.c @@ -26,7 +26,7 @@ #include "memdebug.h" struct t1485_transfer_status { - CURL *easy; + CURL *curl; curl_off_t out_len; size_t hd_line; CURLcode result; @@ -47,7 +47,7 @@ static size_t t1485_header_callback(char *ptr, size_t size, size_t nmemb, curl_off_t clen; long httpcode = 0; /* end of a response */ - result = curl_easy_getinfo(st->easy, CURLINFO_RESPONSE_CODE, &httpcode); + result = curl_easy_getinfo(st->curl, CURLINFO_RESPONSE_CODE, &httpcode); curl_mfprintf(stderr, "header_callback, get status: %ld, %d\n", httpcode, result); if(httpcode < 100 || httpcode >= 1000) { @@ -57,7 +57,7 @@ static size_t t1485_header_callback(char *ptr, size_t size, size_t nmemb, } st->http_status = (int)httpcode; if(st->http_status >= 200 && st->http_status < 300) { - result = curl_easy_getinfo(st->easy, CURLINFO_CONTENT_LENGTH_DOWNLOAD_T, + result = curl_easy_getinfo(st->curl, CURLINFO_CONTENT_LENGTH_DOWNLOAD_T, &clen); curl_mfprintf(stderr, "header_callback, info Content-Length: " "%" CURL_FORMAT_CURL_OFF_T ", %d\n", clen, result); @@ -87,7 +87,7 @@ static size_t t1485_write_cb(char *ptr, size_t size, size_t nmemb, void *userp) static CURLcode test_lib1485(const char *URL) { - CURL *curls = NULL; + CURL *curl = NULL; CURLcode res = CURLE_OK; struct t1485_transfer_status st; @@ -97,22 +97,22 @@ static CURLcode test_lib1485(const char *URL) global_init(CURL_GLOBAL_ALL); - easy_init(curls); - st.easy = curls; /* to allow callbacks access */ + easy_init(curl); + st.curl = curl; /* to allow callbacks access */ - easy_setopt(curls, CURLOPT_URL, URL); - easy_setopt(curls, CURLOPT_WRITEFUNCTION, t1485_write_cb); - easy_setopt(curls, CURLOPT_WRITEDATA, &st); - easy_setopt(curls, CURLOPT_HEADERFUNCTION, t1485_header_callback); - easy_setopt(curls, CURLOPT_HEADERDATA, &st); + easy_setopt(curl, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_WRITEFUNCTION, t1485_write_cb); + easy_setopt(curl, CURLOPT_WRITEDATA, &st); + easy_setopt(curl, CURLOPT_HEADERFUNCTION, t1485_header_callback); + easy_setopt(curl, CURLOPT_HEADERDATA, &st); - easy_setopt(curls, CURLOPT_NOPROGRESS, 1L); + easy_setopt(curl, CURLOPT_NOPROGRESS, 1L); - res = curl_easy_perform(curls); + res = curl_easy_perform(curl); test_cleanup: - curl_easy_cleanup(curls); + curl_easy_cleanup(curl); curl_global_cleanup(); return res; /* return the final return code */ diff --git a/tests/libtest/lib1500.c b/tests/libtest/lib1500.c index 8529f66a44..5fe8e7ab4f 100644 --- a/tests/libtest/lib1500.c +++ b/tests/libtest/lib1500.c @@ -27,7 +27,7 @@ static CURLcode test_lib1500(const char *URL) { - CURL *curls = NULL; + CURL *curl = NULL; CURLM *multi = NULL; int still_running; CURLcode i = TEST_ERR_FAILURE; @@ -40,12 +40,12 @@ static CURLcode test_lib1500(const char *URL) multi_init(multi); - easy_init(curls); + easy_init(curl); - easy_setopt(curls, CURLOPT_URL, URL); - easy_setopt(curls, CURLOPT_HEADER, 1L); + easy_setopt(curl, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_HEADER, 1L); - multi_add_handle(multi, curls); + multi_add_handle(multi, curl); multi_perform(multi, &still_running); @@ -79,7 +79,7 @@ test_cleanup: /* undocumented cleanup sequence - type UA */ curl_multi_cleanup(multi); - curl_easy_cleanup(curls); + curl_easy_cleanup(curl); curl_global_cleanup(); if(res) diff --git a/tests/libtest/lib1501.c b/tests/libtest/lib1501.c index 61e586cd3d..feb775f136 100644 --- a/tests/libtest/lib1501.c +++ b/tests/libtest/lib1501.c @@ -32,8 +32,8 @@ static CURLcode test_lib1501(const char *URL) conservative to allow old and slow machines to run this test too */ static const int MAX_BLOCKED_TIME_MS = 500; - CURL *handle = NULL; - CURLM *mhandle = NULL; + CURL *curl = NULL; + CURLM *multi = NULL; CURLcode res = CURLE_OK; int still_running = 0; @@ -41,16 +41,16 @@ static CURLcode test_lib1501(const char *URL) global_init(CURL_GLOBAL_ALL); - easy_init(handle); + easy_init(curl); - easy_setopt(handle, CURLOPT_URL, URL); - easy_setopt(handle, CURLOPT_VERBOSE, 1L); + easy_setopt(curl, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_VERBOSE, 1L); - multi_init(mhandle); + multi_init(multi); - multi_add_handle(mhandle, handle); + multi_add_handle(multi, curl); - multi_perform(mhandle, &still_running); + multi_perform(multi, &still_running); abort_on_test_timeout_custom(HANG_TIMEOUT); @@ -71,7 +71,7 @@ static CURLcode test_lib1501(const char *URL) FD_ZERO(&fdwrite); FD_ZERO(&fdexcep); - multi_fdset(mhandle, &fdread, &fdwrite, &fdexcep, &maxfd); + multi_fdset(multi, &fdread, &fdwrite, &fdexcep, &maxfd); /* At this point, maxfd is guaranteed to be greater or equal than -1. */ @@ -82,7 +82,7 @@ static CURLcode test_lib1501(const char *URL) curl_mfprintf(stderr, "ping\n"); before = curlx_now(); - multi_perform(mhandle, &still_running); + multi_perform(multi, &still_running); abort_on_test_timeout_custom(HANG_TIMEOUT); @@ -100,8 +100,8 @@ test_cleanup: /* undocumented cleanup sequence - type UA */ - curl_multi_cleanup(mhandle); - curl_easy_cleanup(handle); + curl_multi_cleanup(multi); + curl_easy_cleanup(curl); curl_global_cleanup(); return res; diff --git a/tests/libtest/lib1502.c b/tests/libtest/lib1502.c index 22ac6e7c80..527f969b11 100644 --- a/tests/libtest/lib1502.c +++ b/tests/libtest/lib1502.c @@ -35,8 +35,8 @@ static CURLcode test_lib1502(const char *URL) { - CURL *easy = NULL; - CURL *dup; + CURL *curl = NULL; + CURL *curldupe; CURLM *multi = NULL; int still_running; CURLcode res = CURLE_OK; @@ -62,27 +62,27 @@ static CURLcode test_lib1502(const char *URL) return TEST_ERR_MAJOR_BAD; } - easy_init(easy); + easy_init(curl); - easy_setopt(easy, CURLOPT_URL, URL); - easy_setopt(easy, CURLOPT_HEADER, 1L); - easy_setopt(easy, CURLOPT_RESOLVE, dns_cache_list); + easy_setopt(curl, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_HEADER, 1L); + easy_setopt(curl, CURLOPT_RESOLVE, dns_cache_list); - dup = curl_easy_duphandle(easy); - if(dup) { - curl_easy_cleanup(easy); - easy = dup; + curldupe = curl_easy_duphandle(curl); + if(curldupe) { + curl_easy_cleanup(curl); + curl = curldupe; } else { curl_slist_free_all(dns_cache_list); - curl_easy_cleanup(easy); + curl_easy_cleanup(curl); curl_global_cleanup(); return CURLE_OUT_OF_MEMORY; } multi_init(multi); - multi_add_handle(multi, easy); + multi_add_handle(multi, curl); multi_perform(multi, &still_running); @@ -121,26 +121,26 @@ test_cleanup: default: /* undocumented cleanup sequence - type UA */ curl_multi_cleanup(multi); - curl_easy_cleanup(easy); + curl_easy_cleanup(curl); curl_global_cleanup(); break; case 1503: /* proper cleanup sequence - type PA */ - curl_multi_remove_handle(multi, easy); + curl_multi_remove_handle(multi, curl); curl_multi_cleanup(multi); - curl_easy_cleanup(easy); + curl_easy_cleanup(curl); curl_global_cleanup(); break; case 1504: /* undocumented cleanup sequence - type UB */ - curl_easy_cleanup(easy); + curl_easy_cleanup(curl); curl_multi_cleanup(multi); curl_global_cleanup(); break; case 1505: /* proper cleanup sequence - type PB */ - curl_multi_remove_handle(multi, easy); - curl_easy_cleanup(easy); + curl_multi_remove_handle(multi, curl); + curl_easy_cleanup(curl); curl_multi_cleanup(multi); curl_global_cleanup(); break; diff --git a/tests/libtest/lib1506.c b/tests/libtest/lib1506.c index 66768f7563..5790f3baeb 100644 --- a/tests/libtest/lib1506.c +++ b/tests/libtest/lib1506.c @@ -30,7 +30,7 @@ static CURLcode test_lib1506(const char *URL) CURLcode res = CURLE_OK; CURL *curl[NUM_HANDLES] = {0}; int running; - CURLM *m = NULL; + CURLM *multi = NULL; size_t i; char target_url[256]; char dnsentry[256]; @@ -57,9 +57,9 @@ static CURLcode test_lib1506(const char *URL) global_init(CURL_GLOBAL_ALL); - multi_init(m); + multi_init(multi); - multi_setopt(m, CURLMOPT_MAXCONNECTS, 3L); + multi_setopt(multi, CURLMOPT_MAXCONNECTS, 3L); /* get each easy handle */ for(i = 0; i < CURL_ARRAYSIZE(curl); i++) { @@ -83,7 +83,7 @@ static CURLcode test_lib1506(const char *URL) for(i = 0; i < CURL_ARRAYSIZE(curl); i++) { /* add handle to multi */ - multi_add_handle(m, curl[i]); + multi_add_handle(multi, curl[i]); for(;;) { struct timeval interval; @@ -93,7 +93,7 @@ static CURLcode test_lib1506(const char *URL) interval.tv_sec = 1; interval.tv_usec = 0; - multi_perform(m, &running); + multi_perform(multi, &running); abort_on_test_timeout(); @@ -104,7 +104,7 @@ static CURLcode test_lib1506(const char *URL) FD_ZERO(&wr); FD_ZERO(&exc); - multi_fdset(m, &rd, &wr, &exc, &maxfd); + multi_fdset(multi, &rd, &wr, &exc, &maxfd); /* At this point, maxfd is guaranteed to be greater or equal than -1. */ @@ -120,13 +120,13 @@ test_cleanup: /* proper cleanup sequence - type PB */ for(i = 0; i < CURL_ARRAYSIZE(curl); i++) { - curl_multi_remove_handle(m, curl[i]); + curl_multi_remove_handle(multi, curl[i]); curl_easy_cleanup(curl[i]); } curl_slist_free_all(slist); - curl_multi_cleanup(m); + curl_multi_cleanup(multi); curl_global_cleanup(); return res; diff --git a/tests/libtest/lib1507.c b/tests/libtest/lib1507.c index 8d96c6b300..a02a07e61b 100644 --- a/tests/libtest/lib1507.c +++ b/tests/libtest/lib1507.c @@ -40,7 +40,7 @@ static CURLcode test_lib1507(const char *URL) CURLcode res = CURLE_OK; CURL *curl = NULL; - CURLM *mcurl = NULL; + CURLM *multi = NULL; int still_running = 1; struct curltime mp_start; struct curl_slist *rcpt_list = NULL; @@ -49,7 +49,7 @@ static CURLcode test_lib1507(const char *URL) easy_init(curl); - multi_init(mcurl); + multi_init(multi); rcpt_list = curl_slist_append(rcpt_list, "<1507-recipient@example.com>"); #if 0 @@ -66,12 +66,12 @@ static CURLcode test_lib1507(const char *URL) curl_easy_setopt(curl, CURLOPT_MAIL_FROM, "<1507-realuser@example.com>"); curl_easy_setopt(curl, CURLOPT_MAIL_RCPT, rcpt_list); curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); - multi_add_handle(mcurl, curl); + multi_add_handle(multi, curl); mp_start = curlx_now(); /* we start some action by calling perform right away */ - curl_multi_perform(mcurl, &still_running); + curl_multi_perform(multi, &still_running); while(still_running) { struct timeval timeout; @@ -92,7 +92,7 @@ static CURLcode test_lib1507(const char *URL) timeout.tv_sec = 1; timeout.tv_usec = 0; - curl_multi_timeout(mcurl, &curl_timeo); + curl_multi_timeout(multi, &curl_timeo); if(curl_timeo >= 0) { curlx_mstotv(&timeout, curl_timeo); if(timeout.tv_sec > 1) { @@ -102,7 +102,7 @@ static CURLcode test_lib1507(const char *URL) } /* get file descriptors from the transfers */ - curl_multi_fdset(mcurl, &fdread, &fdwrite, &fdexcep, &maxfd); + curl_multi_fdset(multi, &fdread, &fdwrite, &fdexcep, &maxfd); /* In a real-world program you OF COURSE check the return code of the function calls. On success, the value of maxfd is guaranteed to be @@ -124,7 +124,7 @@ static CURLcode test_lib1507(const char *URL) break; case 0: /* timeout */ default: /* action */ - curl_multi_perform(mcurl, &still_running); + curl_multi_perform(multi, &still_running); break; } } @@ -132,8 +132,8 @@ static CURLcode test_lib1507(const char *URL) test_cleanup: curl_slist_free_all(rcpt_list); - curl_multi_remove_handle(mcurl, curl); - curl_multi_cleanup(mcurl); + curl_multi_remove_handle(multi, curl); + curl_multi_cleanup(multi); curl_easy_cleanup(curl); curl_global_cleanup(); diff --git a/tests/libtest/lib1508.c b/tests/libtest/lib1508.c index a305e652ff..b7b47daa3f 100644 --- a/tests/libtest/lib1508.c +++ b/tests/libtest/lib1508.c @@ -28,19 +28,19 @@ static CURLcode test_lib1508(const char *URL) { CURLcode res = CURLE_OK; - CURLM *m = NULL; + CURLM *multi = NULL; (void)URL; global_init(CURL_GLOBAL_ALL); - multi_init(m); + multi_init(multi); test_cleanup: /* proper cleanup sequence - type PB */ - curl_multi_cleanup(m); + curl_multi_cleanup(multi); curl_global_cleanup(); curl_mprintf("We are done\n"); diff --git a/tests/libtest/lib1515.c b/tests/libtest/lib1515.c index 02c3c99bf8..679a413c69 100644 --- a/tests/libtest/lib1515.c +++ b/tests/libtest/lib1515.c @@ -35,9 +35,10 @@ #define DNS_TIMEOUT 1L -static CURLcode do_one_request(CURLM *m, const char *URL, const char *resolve) +static CURLcode do_one_request(CURLM *multi, const char *URL, + const char *resolve) { - CURL *curls; + CURL *curl; struct curl_slist *resolve_list = NULL; int still_running; CURLcode res = CURLE_OK; @@ -46,20 +47,20 @@ static CURLcode do_one_request(CURLM *m, const char *URL, const char *resolve) resolve_list = curl_slist_append(resolve_list, resolve); - easy_init(curls); + easy_init(curl); - easy_setopt(curls, CURLOPT_URL, URL); - easy_setopt(curls, CURLOPT_RESOLVE, resolve_list); - easy_setopt(curls, CURLOPT_DNS_CACHE_TIMEOUT, DNS_TIMEOUT); + easy_setopt(curl, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_RESOLVE, resolve_list); + easy_setopt(curl, CURLOPT_DNS_CACHE_TIMEOUT, DNS_TIMEOUT); debug_config.nohex = TRUE; debug_config.tracetime = TRUE; - easy_setopt(curls, CURLOPT_DEBUGDATA, &debug_config); - easy_setopt(curls, CURLOPT_DEBUGFUNCTION, libtest_debug_cb); - easy_setopt(curls, CURLOPT_VERBOSE, 1L); + easy_setopt(curl, CURLOPT_DEBUGDATA, &debug_config); + easy_setopt(curl, CURLOPT_DEBUGFUNCTION, libtest_debug_cb); + easy_setopt(curl, CURLOPT_VERBOSE, 1L); - multi_add_handle(m, curls); - multi_perform(m, &still_running); + multi_add_handle(multi, curl); + multi_perform(multi, &still_running); abort_on_test_timeout(); @@ -74,18 +75,18 @@ static CURLcode do_one_request(CURLM *m, const char *URL, const char *resolve) timeout.tv_sec = 1; timeout.tv_usec = 0; - multi_fdset(m, &fdread, &fdwrite, &fdexcep, &maxfd); + multi_fdset(multi, &fdread, &fdwrite, &fdexcep, &maxfd); select_test(maxfd + 1, &fdread, &fdwrite, &fdexcep, &timeout); abort_on_test_timeout(); - multi_perform(m, &still_running); + multi_perform(multi, &still_running); abort_on_test_timeout(); } do { - msg = curl_multi_info_read(m, &msgs_left); - if(msg && msg->msg == CURLMSG_DONE && msg->easy_handle == curls) { + msg = curl_multi_info_read(multi, &msgs_left); + if(msg && msg->msg == CURLMSG_DONE && msg->easy_handle == curl) { res = msg->data.result; break; } @@ -93,8 +94,8 @@ static CURLcode do_one_request(CURLM *m, const char *URL, const char *resolve) test_cleanup: - curl_multi_remove_handle(m, curls); - curl_easy_cleanup(curls); + curl_multi_remove_handle(multi, curl); + curl_easy_cleanup(curl); curl_slist_free_all(resolve_list); return res; diff --git a/tests/libtest/lib1523.c b/tests/libtest/lib1523.c index 77767b20be..36bdce8e83 100644 --- a/tests/libtest/lib1523.c +++ b/tests/libtest/lib1523.c @@ -46,37 +46,37 @@ static size_t t1523_write_cb(char *d, size_t n, size_t l, void *p) return n*l; } -static CURLcode run(CURL *hnd, long limit, long time) +static CURLcode run(CURL *curl, long limit, long time) { - curl_easy_setopt(hnd, CURLOPT_LOW_SPEED_LIMIT, limit); - curl_easy_setopt(hnd, CURLOPT_LOW_SPEED_TIME, time); - return curl_easy_perform(hnd); + curl_easy_setopt(curl, CURLOPT_LOW_SPEED_LIMIT, limit); + curl_easy_setopt(curl, CURLOPT_LOW_SPEED_TIME, time); + return curl_easy_perform(curl); } static CURLcode test_lib1523(const char *URL) { CURLcode ret; - CURL *hnd; + CURL *curl; char buffer[CURL_ERROR_SIZE]; curl_global_init(CURL_GLOBAL_ALL); - hnd = curl_easy_init(); - curl_easy_setopt(hnd, CURLOPT_URL, URL); - curl_easy_setopt(hnd, CURLOPT_WRITEFUNCTION, t1523_write_cb); - curl_easy_setopt(hnd, CURLOPT_ERRORBUFFER, buffer); - curl_easy_setopt(hnd, CURLOPT_NOPROGRESS, 0L); - curl_easy_setopt(hnd, CURLOPT_XFERINFOFUNCTION, dload_progress_cb); + curl = curl_easy_init(); + curl_easy_setopt(curl, CURLOPT_URL, URL); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, t1523_write_cb); + curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, buffer); + curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 0L); + curl_easy_setopt(curl, CURLOPT_XFERINFOFUNCTION, dload_progress_cb); - ret = run(hnd, 1, 2); + ret = run(curl, 1, 2); if(ret) curl_mfprintf(stderr, "error (%d) %s\n", ret, buffer); - ret = run(hnd, 12000, 1); + ret = run(curl, 12000, 1); if(ret != CURLE_OPERATION_TIMEDOUT) curl_mfprintf(stderr, "error (%d) %s\n", ret, buffer); else ret = CURLE_OK; - curl_easy_cleanup(hnd); + curl_easy_cleanup(curl); curl_global_cleanup(); return ret; diff --git a/tests/libtest/lib1531.c b/tests/libtest/lib1531.c index 9d4cd77539..6e69c5baee 100644 --- a/tests/libtest/lib1531.c +++ b/tests/libtest/lib1531.c @@ -30,8 +30,8 @@ static CURLcode test_lib1531(const char *URL) static char const testData[] = ".abc\0xyz"; static curl_off_t const testDataSize = sizeof(testData) - 1; - CURL *easy; - CURLM *multi_handle; + CURL *curl; + CURLM *multi; int still_running; /* keep number of running handles */ CURLMsg *msg; /* for picking up messages with the transfer status */ int msgs_left; /* how many messages are left */ @@ -42,21 +42,21 @@ static CURLcode test_lib1531(const char *URL) global_init(CURL_GLOBAL_ALL); /* Allocate one curl handle per transfer */ - easy = curl_easy_init(); + curl = curl_easy_init(); /* init a multi stack */ - multi_handle = curl_multi_init(); + multi = curl_multi_init(); /* add the individual transfer */ - curl_multi_add_handle(multi_handle, easy); + curl_multi_add_handle(multi, curl); /* set the options (I left out a few, you'll get the point anyway) */ - curl_easy_setopt(easy, CURLOPT_URL, URL); - curl_easy_setopt(easy, CURLOPT_POSTFIELDSIZE_LARGE, testDataSize); - curl_easy_setopt(easy, CURLOPT_POSTFIELDS, testData); + curl_easy_setopt(curl, CURLOPT_URL, URL); + curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE_LARGE, testDataSize); + curl_easy_setopt(curl, CURLOPT_POSTFIELDS, testData); /* we start some action by calling perform right away */ - curl_multi_perform(multi_handle, &still_running); + curl_multi_perform(multi, &still_running); abort_on_test_timeout(); @@ -80,7 +80,7 @@ static CURLcode test_lib1531(const char *URL) timeout.tv_sec = 1; timeout.tv_usec = 0; - curl_multi_timeout(multi_handle, &curl_timeo); + curl_multi_timeout(multi, &curl_timeo); if(curl_timeo >= 0) { curlx_mstotv(&timeout, curl_timeo); if(timeout.tv_sec > 1) { @@ -90,7 +90,7 @@ static CURLcode test_lib1531(const char *URL) } /* get file descriptors from the transfers */ - mc = curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd); + mc = curl_multi_fdset(multi, &fdread, &fdwrite, &fdexcep, &maxfd); if(mc != CURLM_OK) { curl_mfprintf(stderr, "curl_multi_fdset() failed, code %d.\n", mc); @@ -118,7 +118,7 @@ static CURLcode test_lib1531(const char *URL) break; case 0: /* timeout */ default: /* action */ - curl_multi_perform(multi_handle, &still_running); + curl_multi_perform(multi, &still_running); break; } @@ -127,7 +127,7 @@ static CURLcode test_lib1531(const char *URL) /* See how the transfers went */ do { - msg = curl_multi_info_read(multi_handle, &msgs_left); + msg = curl_multi_info_read(multi, &msgs_left); if(msg && msg->msg == CURLMSG_DONE) { curl_mprintf("HTTP transfer completed with status %d\n", msg->data.result); @@ -138,10 +138,10 @@ static CURLcode test_lib1531(const char *URL) } while(msg); test_cleanup: - curl_multi_cleanup(multi_handle); + curl_multi_cleanup(multi); /* Free the curl handles */ - curl_easy_cleanup(easy); + curl_easy_cleanup(curl); curl_global_cleanup(); return res; diff --git a/tests/libtest/lib1533.c b/tests/libtest/lib1533.c index ff5c83cc82..1c60172734 100644 --- a/tests/libtest/lib1533.c +++ b/tests/libtest/lib1533.c @@ -34,7 +34,7 @@ #include "memdebug.h" struct cb_data { - CURL *easy_handle; + CURL *curl; int response_received; int paused; size_t remaining_bytes; @@ -42,7 +42,7 @@ struct cb_data { static void reset_data(struct cb_data *data, CURL *curl) { - data->easy_handle = curl; + data->curl = curl; data->response_received = 0; data->paused = 0; data->remaining_bytes = 3; @@ -85,7 +85,7 @@ static size_t t1533_write_cb(char *ptr, size_t size, size_t nmemb, void *userp) if(data->paused) { /* continue to send request body data */ data->paused = 0; - curl_easy_pause(data->easy_handle, CURLPAUSE_CONT); + curl_easy_pause(data->curl, CURLPAUSE_CONT); } return totalsize; diff --git a/tests/libtest/lib1540.c b/tests/libtest/lib1540.c index 55195b6ba8..7f91234356 100644 --- a/tests/libtest/lib1540.c +++ b/tests/libtest/lib1540.c @@ -27,7 +27,7 @@ #include "memdebug.h" struct t1540_transfer_status { - CURL *easy; + CURL *curl; int halted; int counter; /* count write callback invokes */ int please; /* number of times xferinfo is called while halted */ @@ -48,7 +48,7 @@ static int please_continue(void *userp, st->please++; if(st->please == 2) { /* waited enough, unpause! */ - curl_easy_pause(st->easy, CURLPAUSE_CONT); + curl_easy_pause(st->curl, CURLPAUSE_CONT); } } curl_mfprintf(stderr, "xferinfo: paused %d\n", st->halted); @@ -83,7 +83,7 @@ static size_t t1540_write_cb(char *ptr, size_t size, size_t nmemb, void *userp) static CURLcode test_lib1540(const char *URL) { - CURL *curls = NULL; + CURL *curl = NULL; CURLcode res = CURLE_OK; struct t1540_transfer_status st; @@ -93,30 +93,30 @@ static CURLcode test_lib1540(const char *URL) global_init(CURL_GLOBAL_ALL); - easy_init(curls); - st.easy = curls; /* to allow callbacks access */ + easy_init(curl); + st.curl = curl; /* to allow callbacks access */ - easy_setopt(curls, CURLOPT_URL, URL); - easy_setopt(curls, CURLOPT_WRITEFUNCTION, t1540_write_cb); - easy_setopt(curls, CURLOPT_WRITEDATA, &st); - easy_setopt(curls, CURLOPT_HEADERFUNCTION, t1540_header_callback); - easy_setopt(curls, CURLOPT_HEADERDATA, &st); + easy_setopt(curl, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_WRITEFUNCTION, t1540_write_cb); + easy_setopt(curl, CURLOPT_WRITEDATA, &st); + easy_setopt(curl, CURLOPT_HEADERFUNCTION, t1540_header_callback); + easy_setopt(curl, CURLOPT_HEADERDATA, &st); - easy_setopt(curls, CURLOPT_XFERINFOFUNCTION, please_continue); - easy_setopt(curls, CURLOPT_XFERINFODATA, &st); - easy_setopt(curls, CURLOPT_NOPROGRESS, 0L); + easy_setopt(curl, CURLOPT_XFERINFOFUNCTION, please_continue); + easy_setopt(curl, CURLOPT_XFERINFODATA, &st); + easy_setopt(curl, CURLOPT_NOPROGRESS, 0L); debug_config.nohex = TRUE; debug_config.tracetime = TRUE; - test_setopt(curls, CURLOPT_DEBUGDATA, &debug_config); - easy_setopt(curls, CURLOPT_DEBUGFUNCTION, libtest_debug_cb); - easy_setopt(curls, CURLOPT_VERBOSE, 1L); + test_setopt(curl, CURLOPT_DEBUGDATA, &debug_config); + easy_setopt(curl, CURLOPT_DEBUGFUNCTION, libtest_debug_cb); + easy_setopt(curl, CURLOPT_VERBOSE, 1L); - res = curl_easy_perform(curls); + res = curl_easy_perform(curl); test_cleanup: - curl_easy_cleanup(curls); + curl_easy_cleanup(curl); curl_global_cleanup(); return res; /* return the final return code */ diff --git a/tests/libtest/lib1541.c b/tests/libtest/lib1541.c index 9e7b2d4365..a2caaef8c3 100644 --- a/tests/libtest/lib1541.c +++ b/tests/libtest/lib1541.c @@ -26,7 +26,7 @@ #include "memdebug.h" struct t1541_transfer_status { - CURL *easy; + CURL *curl; int hd_count; int bd_count; CURLcode result; @@ -50,11 +50,11 @@ static void report_time(const char *key, const char *where, curl_off_t time, key, where, time); } -static void check_time(CURL *easy, int key, const char *name, +static void check_time(CURL *curl, int key, const char *name, const char *where) { curl_off_t tval; - CURLcode res = curl_easy_getinfo(easy, (CURLINFO)key, &tval); + CURLcode res = curl_easy_getinfo(curl, (CURLINFO)key, &tval); if(res) { t1541_geterr(name, res, __LINE__); } @@ -62,11 +62,11 @@ static void check_time(CURL *easy, int key, const char *name, report_time(name, where, tval, tval > 0); } -static void check_time0(CURL *easy, int key, const char *name, +static void check_time0(CURL *curl, int key, const char *name, const char *where) { curl_off_t tval; - CURLcode res = curl_easy_getinfo(easy, (CURLINFO)key, &tval); + CURLcode res = curl_easy_getinfo(curl, (CURLINFO)key, &tval); if(res) { t1541_geterr(name, res, __LINE__); } @@ -83,15 +83,15 @@ static size_t t1541_header_callback(char *ptr, size_t size, size_t nmemb, (void)ptr; if(!st->hd_count++) { /* first header, check some CURLINFO value to be reported. See #13125 */ - check_time(st->easy, KN(CURLINFO_CONNECT_TIME_T), "1st header"); - check_time(st->easy, KN(CURLINFO_PRETRANSFER_TIME_T), "1st header"); - check_time(st->easy, KN(CURLINFO_STARTTRANSFER_TIME_T), "1st header"); + check_time(st->curl, KN(CURLINFO_CONNECT_TIME_T), "1st header"); + check_time(st->curl, KN(CURLINFO_PRETRANSFER_TIME_T), "1st header"); + check_time(st->curl, KN(CURLINFO_STARTTRANSFER_TIME_T), "1st header"); /* continuously updated */ - check_time(st->easy, KN(CURLINFO_TOTAL_TIME_T), "1st header"); + check_time(st->curl, KN(CURLINFO_TOTAL_TIME_T), "1st header"); /* no SSL, must be 0 */ - check_time0(st->easy, KN(CURLINFO_APPCONNECT_TIME_T), "1st header"); + check_time0(st->curl, KN(CURLINFO_APPCONNECT_TIME_T), "1st header"); /* download not really started */ - check_time0(st->easy, KN(CURLINFO_SPEED_DOWNLOAD_T), "1st header"); + check_time0(st->curl, KN(CURLINFO_SPEED_DOWNLOAD_T), "1st header"); } (void)fwrite(ptr, size, nmemb, stdout); return len; @@ -109,7 +109,7 @@ static size_t t1541_write_cb(char *ptr, size_t size, size_t nmemb, void *userp) static CURLcode test_lib1541(const char *URL) { - CURL *curls = NULL; + CURL *curl = NULL; CURLcode res = CURLE_OK; struct t1541_transfer_status st; @@ -119,31 +119,31 @@ static CURLcode test_lib1541(const char *URL) global_init(CURL_GLOBAL_ALL); - easy_init(curls); - st.easy = curls; /* to allow callbacks access */ + easy_init(curl); + st.curl = curl; /* to allow callbacks access */ - easy_setopt(curls, CURLOPT_URL, URL); - easy_setopt(curls, CURLOPT_WRITEFUNCTION, t1541_write_cb); - easy_setopt(curls, CURLOPT_WRITEDATA, &st); - easy_setopt(curls, CURLOPT_HEADERFUNCTION, t1541_header_callback); - easy_setopt(curls, CURLOPT_HEADERDATA, &st); + easy_setopt(curl, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_WRITEFUNCTION, t1541_write_cb); + easy_setopt(curl, CURLOPT_WRITEDATA, &st); + easy_setopt(curl, CURLOPT_HEADERFUNCTION, t1541_header_callback); + easy_setopt(curl, CURLOPT_HEADERDATA, &st); - easy_setopt(curls, CURLOPT_NOPROGRESS, 0L); + easy_setopt(curl, CURLOPT_NOPROGRESS, 0L); - res = curl_easy_perform(curls); + res = curl_easy_perform(curl); - check_time(curls, KN(CURLINFO_CONNECT_TIME_T), "done"); - check_time(curls, KN(CURLINFO_PRETRANSFER_TIME_T), "done"); - check_time(curls, KN(CURLINFO_POSTTRANSFER_TIME_T), "done"); - check_time(curls, KN(CURLINFO_STARTTRANSFER_TIME_T), "done"); + check_time(curl, KN(CURLINFO_CONNECT_TIME_T), "done"); + check_time(curl, KN(CURLINFO_PRETRANSFER_TIME_T), "done"); + check_time(curl, KN(CURLINFO_POSTTRANSFER_TIME_T), "done"); + check_time(curl, KN(CURLINFO_STARTTRANSFER_TIME_T), "done"); /* no SSL, must be 0 */ - check_time0(curls, KN(CURLINFO_APPCONNECT_TIME_T), "done"); - check_time(curls, KN(CURLINFO_SPEED_DOWNLOAD_T), "done"); - check_time(curls, KN(CURLINFO_TOTAL_TIME_T), "done"); + check_time0(curl, KN(CURLINFO_APPCONNECT_TIME_T), "done"); + check_time(curl, KN(CURLINFO_SPEED_DOWNLOAD_T), "done"); + check_time(curl, KN(CURLINFO_TOTAL_TIME_T), "done"); test_cleanup: - curl_easy_cleanup(curls); + curl_easy_cleanup(curl); curl_global_cleanup(); return res; /* return the final return code */ diff --git a/tests/libtest/lib1542.c b/tests/libtest/lib1542.c index b8edbcb797..9fc9f17efb 100644 --- a/tests/libtest/lib1542.c +++ b/tests/libtest/lib1542.c @@ -37,26 +37,26 @@ static CURLcode test_lib1542(const char *URL) { - CURL *easy = NULL; + CURL *curl = NULL; CURLcode res = CURLE_OK; global_init(CURL_GLOBAL_ALL); - res_easy_init(easy); + res_easy_init(curl); - easy_setopt(easy, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_URL, URL); debug_config.nohex = TRUE; debug_config.tracetime = FALSE; - easy_setopt(easy, CURLOPT_DEBUGDATA, &debug_config); - easy_setopt(easy, CURLOPT_DEBUGFUNCTION, libtest_debug_cb); - easy_setopt(easy, CURLOPT_VERBOSE, 1L); + easy_setopt(curl, CURLOPT_DEBUGDATA, &debug_config); + easy_setopt(curl, CURLOPT_DEBUGFUNCTION, libtest_debug_cb); + easy_setopt(curl, CURLOPT_VERBOSE, 1L); - res = curl_easy_perform(easy); + res = curl_easy_perform(curl); if(res) goto test_cleanup; - res = curl_easy_perform(easy); + res = curl_easy_perform(curl); if(res) goto test_cleanup; @@ -64,19 +64,19 @@ static CURLcode test_lib1542(const char *URL) * seconds old */ curlx_wait_ms(2000); - res = curl_easy_perform(easy); + res = curl_easy_perform(curl); if(res) goto test_cleanup; - easy_setopt(easy, CURLOPT_MAXLIFETIME_CONN, 1L); + easy_setopt(curl, CURLOPT_MAXLIFETIME_CONN, 1L); - res = curl_easy_perform(easy); + res = curl_easy_perform(curl); if(res) goto test_cleanup; test_cleanup: - curl_easy_cleanup(easy); + curl_easy_cleanup(curl); curl_global_cleanup(); return res; diff --git a/tests/libtest/lib1545.c b/tests/libtest/lib1545.c index ac59d028c0..7bb851f36e 100644 --- a/tests/libtest/lib1545.c +++ b/tests/libtest/lib1545.c @@ -25,27 +25,27 @@ static CURLcode test_lib1545(const char *URL) { - CURL *eh = NULL; + CURL *curl = NULL; CURLcode res = CURLE_OK; struct curl_httppost *lastptr = NULL; struct curl_httppost *m_formpost = NULL; global_init(CURL_GLOBAL_ALL); - easy_init(eh); + easy_init(curl); - easy_setopt(eh, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_URL, URL); curl_formadd(&m_formpost, &lastptr, CURLFORM_COPYNAME, "file", CURLFORM_FILE, "missing-file", CURLFORM_END); - curl_easy_setopt(eh, CURLOPT_HTTPPOST, m_formpost); + curl_easy_setopt(curl, CURLOPT_HTTPPOST, m_formpost); - (void)curl_easy_perform(eh); - (void)curl_easy_perform(eh); + (void)curl_easy_perform(curl); + (void)curl_easy_perform(curl); test_cleanup: curl_formfree(m_formpost); - curl_easy_cleanup(eh); + curl_easy_cleanup(curl); curl_global_cleanup(); return res; diff --git a/tests/libtest/lib1550.c b/tests/libtest/lib1550.c index 11583aec47..566cbfa192 100644 --- a/tests/libtest/lib1550.c +++ b/tests/libtest/lib1550.c @@ -29,7 +29,7 @@ static CURLcode test_lib1550(const char *URL) { - CURLM *handle; + CURLM *multi; CURLcode res = CURLE_OK; static const char * const bl_servers[] = {"Microsoft-IIS/6.0", "nginx/0.8.54", NULL}; @@ -37,12 +37,12 @@ static CURLcode test_lib1550(const char *URL) {"curl.se:443", "example.com:80", NULL}; global_init(CURL_GLOBAL_ALL); - handle = curl_multi_init(); + multi = curl_multi_init(); (void)URL; - curl_multi_setopt(handle, CURLMOPT_PIPELINING_SERVER_BL, bl_servers); - curl_multi_setopt(handle, CURLMOPT_PIPELINING_SITE_BL, bl_sites); - curl_multi_cleanup(handle); + curl_multi_setopt(multi, CURLMOPT_PIPELINING_SERVER_BL, bl_servers); + curl_multi_setopt(multi, CURLMOPT_PIPELINING_SITE_BL, bl_sites); + curl_multi_cleanup(multi); curl_global_cleanup(); return CURLE_OK; } diff --git a/tests/libtest/lib1552.c b/tests/libtest/lib1552.c index a5b23fbd8b..d0c3469d4c 100644 --- a/tests/libtest/lib1552.c +++ b/tests/libtest/lib1552.c @@ -27,7 +27,7 @@ static CURLcode test_lib1552(const char *URL) { - CURL *curls = NULL; + CURL *curl = NULL; CURLM *multi = NULL; int still_running; CURLcode i = CURLE_OK; @@ -41,14 +41,14 @@ static CURLcode test_lib1552(const char *URL) multi_init(multi); - easy_init(curls); + easy_init(curl); - easy_setopt(curls, CURLOPT_URL, URL); - easy_setopt(curls, CURLOPT_HEADER, 1L); - easy_setopt(curls, CURLOPT_VERBOSE, 1L); - easy_setopt(curls, CURLOPT_USERPWD, "u:s"); + easy_setopt(curl, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_HEADER, 1L); + easy_setopt(curl, CURLOPT_VERBOSE, 1L); + easy_setopt(curl, CURLOPT_USERPWD, "u:s"); - multi_add_handle(multi, curls); + multi_add_handle(multi, curl); multi_perform(multi, &still_running); @@ -82,7 +82,7 @@ test_cleanup: /* undocumented cleanup sequence - type UA */ curl_multi_cleanup(multi); - curl_easy_cleanup(curls); + curl_easy_cleanup(curl); curl_global_cleanup(); if(res) diff --git a/tests/libtest/lib1553.c b/tests/libtest/lib1553.c index 5d35adac5c..fa753ac231 100644 --- a/tests/libtest/lib1553.c +++ b/tests/libtest/lib1553.c @@ -41,7 +41,7 @@ static int t1553_xferinfo(void *p, static CURLcode test_lib1553(const char *URL) { - CURL *curls = NULL; + CURL *curl = NULL; CURLM *multi = NULL; int still_running; CURLcode i = CURLE_OK; @@ -56,28 +56,28 @@ static CURLcode test_lib1553(const char *URL) multi_init(multi); - easy_init(curls); + easy_init(curl); - mime = curl_mime_init(curls); + mime = curl_mime_init(curl); field = curl_mime_addpart(mime); curl_mime_name(field, "name"); curl_mime_data(field, "value", CURL_ZERO_TERMINATED); - easy_setopt(curls, CURLOPT_URL, URL); - easy_setopt(curls, CURLOPT_HEADER, 1L); - easy_setopt(curls, CURLOPT_VERBOSE, 1L); - easy_setopt(curls, CURLOPT_MIMEPOST, mime); - easy_setopt(curls, CURLOPT_USERPWD, "u:s"); - easy_setopt(curls, CURLOPT_XFERINFOFUNCTION, t1553_xferinfo); - easy_setopt(curls, CURLOPT_NOPROGRESS, 1L); + easy_setopt(curl, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_HEADER, 1L); + easy_setopt(curl, CURLOPT_VERBOSE, 1L); + easy_setopt(curl, CURLOPT_MIMEPOST, mime); + easy_setopt(curl, CURLOPT_USERPWD, "u:s"); + easy_setopt(curl, CURLOPT_XFERINFOFUNCTION, t1553_xferinfo); + easy_setopt(curl, CURLOPT_NOPROGRESS, 1L); debug_config.nohex = TRUE; debug_config.tracetime = TRUE; - test_setopt(curls, CURLOPT_DEBUGDATA, &debug_config); - easy_setopt(curls, CURLOPT_DEBUGFUNCTION, libtest_debug_cb); - easy_setopt(curls, CURLOPT_VERBOSE, 1L); + test_setopt(curl, CURLOPT_DEBUGDATA, &debug_config); + easy_setopt(curl, CURLOPT_DEBUGFUNCTION, libtest_debug_cb); + easy_setopt(curl, CURLOPT_VERBOSE, 1L); - multi_add_handle(multi, curls); + multi_add_handle(multi, curl); multi_perform(multi, &still_running); @@ -103,9 +103,9 @@ static CURLcode test_lib1553(const char *URL) test_cleanup: curl_mime_free(mime); - curl_multi_remove_handle(multi, curls); + curl_multi_remove_handle(multi, curl); curl_multi_cleanup(multi); - curl_easy_cleanup(curls); + curl_easy_cleanup(curl); curl_global_cleanup(); if(res) diff --git a/tests/libtest/lib1554.c b/tests/libtest/lib1554.c index 240fea6577..050075df3f 100644 --- a/tests/libtest/lib1554.c +++ b/tests/libtest/lib1554.c @@ -37,19 +37,19 @@ static const char *ldata_names[] = { "NULL", }; -static void t1554_test_lock(CURL *handle, curl_lock_data data, +static void t1554_test_lock(CURL *curl, curl_lock_data data, curl_lock_access laccess, void *useptr) { - (void)handle; + (void)curl; (void)data; (void)laccess; (void)useptr; curl_mprintf("-> Mutex lock %s\n", ldata_names[data]); } -static void t1554_test_unlock(CURL *handle, curl_lock_data data, void *useptr) +static void t1554_test_unlock(CURL *curl, curl_lock_data data, void *useptr) { - (void)handle; + (void)curl; (void)data; (void)useptr; curl_mprintf("<- Mutex unlock %s\n", ldata_names[data]); diff --git a/tests/libtest/lib1557.c b/tests/libtest/lib1557.c index 0e33f48fbb..1c2785dbe3 100644 --- a/tests/libtest/lib1557.c +++ b/tests/libtest/lib1557.c @@ -27,7 +27,7 @@ static CURLcode test_lib1557(const char *URL) { - CURLM *curlm = NULL; + CURLM *multi = NULL; CURL *curl1 = NULL; CURL *curl2 = NULL; int running_handles = 0; @@ -35,28 +35,28 @@ static CURLcode test_lib1557(const char *URL) global_init(CURL_GLOBAL_ALL); - multi_init(curlm); - multi_setopt(curlm, CURLMOPT_MAX_HOST_CONNECTIONS, 1L); + multi_init(multi); + multi_setopt(multi, CURLMOPT_MAX_HOST_CONNECTIONS, 1L); easy_init(curl1); easy_setopt(curl1, CURLOPT_URL, URL); - multi_add_handle(curlm, curl1); + multi_add_handle(multi, curl1); easy_init(curl2); easy_setopt(curl2, CURLOPT_URL, URL); - multi_add_handle(curlm, curl2); + multi_add_handle(multi, curl2); - multi_perform(curlm, &running_handles); + multi_perform(multi, &running_handles); - multi_remove_handle(curlm, curl2); + multi_remove_handle(multi, curl2); /* If curl2 is still in the connect-pending list, this will crash */ - multi_remove_handle(curlm, curl1); + multi_remove_handle(multi, curl1); test_cleanup: curl_easy_cleanup(curl1); curl_easy_cleanup(curl2); - curl_multi_cleanup(curlm); + curl_multi_cleanup(multi); curl_global_cleanup(); return res; } diff --git a/tests/libtest/lib1565.c b/tests/libtest/lib1565.c index 1b218d37a7..893950b90d 100644 --- a/tests/libtest/lib1565.c +++ b/tests/libtest/lib1565.c @@ -32,7 +32,7 @@ #define TIME_BETWEEN_START_SECS 2 static pthread_mutex_t lock = PTHREAD_MUTEX_INITIALIZER; -static CURL *pending_handles[CONN_NUM]; +static CURL *pending_curls[CONN_NUM]; static int pending_num = 0; static CURLcode t1565_test_failure = CURLE_OK; @@ -41,7 +41,7 @@ static const char *t1565_url; static void *t1565_run_thread(void *ptr) { - CURL *easy = NULL; + CURL *curl = NULL; CURLcode res = CURLE_OK; int i; @@ -50,10 +50,10 @@ static void *t1565_run_thread(void *ptr) for(i = 0; i < CONN_NUM; i++) { curlx_wait_ms(TIME_BETWEEN_START_SECS * 1000); - easy_init(easy); + easy_init(curl); - easy_setopt(easy, CURLOPT_URL, t1565_url); - easy_setopt(easy, CURLOPT_VERBOSE, 0L); + easy_setopt(curl, CURLOPT_URL, t1565_url); + easy_setopt(curl, CURLOPT_VERBOSE, 0L); pthread_mutex_lock(&lock); @@ -62,9 +62,9 @@ static void *t1565_run_thread(void *ptr) goto test_cleanup; } - pending_handles[pending_num] = easy; + pending_curls[pending_num] = curl; pending_num++; - easy = NULL; + curl = NULL; pthread_mutex_unlock(&lock); @@ -73,7 +73,7 @@ static void *t1565_run_thread(void *ptr) test_cleanup: - curl_easy_cleanup(easy); + curl_easy_cleanup(curl); pthread_mutex_lock(&lock); @@ -92,7 +92,7 @@ static CURLcode test_lib1565(const char *URL) int i; int result; CURLcode res = CURLE_OK; - CURL *started_handles[CONN_NUM]; + CURL *started_curls[CONN_NUM]; int started_num = 0; int finished_num = 0; pthread_t tid = 0; @@ -150,13 +150,13 @@ static CURLcode test_lib1565(const char *URL) pthread_mutex_lock(&lock); while(pending_num > 0) { - res_multi_add_handle(testmulti, pending_handles[pending_num - 1]); + res_multi_add_handle(testmulti, pending_curls[pending_num - 1]); if(res) { pthread_mutex_unlock(&lock); goto test_cleanup; } - started_handles[started_num] = pending_handles[pending_num - 1]; + started_curls[started_num] = pending_curls[pending_num - 1]; started_num++; pending_num--; } @@ -190,9 +190,9 @@ test_cleanup: curl_multi_cleanup(testmulti); for(i = 0; i < pending_num; i++) - curl_easy_cleanup(pending_handles[i]); + curl_easy_cleanup(pending_curls[i]); for(i = 0; i < started_num; i++) - curl_easy_cleanup(started_handles[i]); + curl_easy_cleanup(started_curls[i]); curl_global_cleanup(); return t1565_test_failure; diff --git a/tests/libtest/lib1568.c b/tests/libtest/lib1568.c index 695badc85c..9e73029d51 100644 --- a/tests/libtest/lib1568.c +++ b/tests/libtest/lib1568.c @@ -28,23 +28,23 @@ static CURLcode test_lib1568(const char *URL) { CURLcode ret; - CURL *hnd; + CURL *curl; curl_global_init(CURL_GLOBAL_ALL); - hnd = curl_easy_init(); - curl_easy_setopt(hnd, CURLOPT_URL, URL); - curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L); - curl_easy_setopt(hnd, CURLOPT_HEADER, 1L); - curl_easy_setopt(hnd, CURLOPT_USERPWD, "testuser:testpass"); - curl_easy_setopt(hnd, CURLOPT_USERAGENT, "lib1568"); - curl_easy_setopt(hnd, CURLOPT_HTTPAUTH, CURLAUTH_DIGEST); - curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L); - curl_easy_setopt(hnd, CURLOPT_PORT, atol(libtest_arg2)); + curl = curl_easy_init(); + curl_easy_setopt(curl, CURLOPT_URL, URL); + curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); + curl_easy_setopt(curl, CURLOPT_HEADER, 1L); + curl_easy_setopt(curl, CURLOPT_USERPWD, "testuser:testpass"); + curl_easy_setopt(curl, CURLOPT_USERAGENT, "lib1568"); + curl_easy_setopt(curl, CURLOPT_HTTPAUTH, CURLAUTH_DIGEST); + curl_easy_setopt(curl, CURLOPT_MAXREDIRS, 50L); + curl_easy_setopt(curl, CURLOPT_PORT, atol(libtest_arg2)); - ret = curl_easy_perform(hnd); + ret = curl_easy_perform(curl); - curl_easy_cleanup(hnd); - hnd = NULL; + curl_easy_cleanup(curl); + curl = NULL; curl_global_cleanup(); return ret; diff --git a/tests/libtest/lib1569.c b/tests/libtest/lib1569.c index 2846909e88..c2fd27bfe1 100644 --- a/tests/libtest/lib1569.c +++ b/tests/libtest/lib1569.c @@ -28,23 +28,23 @@ static CURLcode test_lib1569(const char *URL) { CURLcode res = CURLE_OK; - CURL *hnd; + CURL *curl; global_init(CURL_GLOBAL_ALL); - easy_init(hnd); - easy_setopt(hnd, CURLOPT_URL, URL); - easy_setopt(hnd, CURLOPT_VERBOSE, 1L); - easy_setopt(hnd, CURLOPT_HEADER, 1L); + easy_init(curl); + easy_setopt(curl, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_VERBOSE, 1L); + easy_setopt(curl, CURLOPT_HEADER, 1L); - res = curl_easy_perform(hnd); + res = curl_easy_perform(curl); if(res) goto test_cleanup; - curl_easy_setopt(hnd, CURLOPT_URL, libtest_arg2); - res = curl_easy_perform(hnd); + curl_easy_setopt(curl, CURLOPT_URL, libtest_arg2); + res = curl_easy_perform(curl); test_cleanup: - curl_easy_cleanup(hnd); + curl_easy_cleanup(curl); curl_global_cleanup(); return res; } diff --git a/tests/libtest/lib1592.c b/tests/libtest/lib1592.c index 3f76a19c4f..7e23d576bf 100644 --- a/tests/libtest/lib1592.c +++ b/tests/libtest/lib1592.c @@ -41,7 +41,7 @@ static CURLcode test_lib1592(const char *URL) { int stillRunning; - CURLM *multiHandle = NULL; + CURLM *multi = NULL; CURL *curl = NULL; CURLcode res = CURLE_OK; CURLMcode mres; @@ -49,7 +49,7 @@ static CURLcode test_lib1592(const char *URL) global_init(CURL_GLOBAL_ALL); - multi_init(multiHandle); + multi_init(multi); easy_init(curl); @@ -88,17 +88,17 @@ static CURLcode test_lib1592(const char *URL) this. */ easy_setopt(curl, CURLOPT_TIMEOUT_MS, timeout); - multi_add_handle(multiHandle, curl); + multi_add_handle(multi, curl); /* This should move the handle from INIT => CONNECT => WAITRESOLVE. */ curl_mfprintf(stderr, "curl_multi_perform()...\n"); - multi_perform(multiHandle, &stillRunning); + multi_perform(multi, &stillRunning); curl_mfprintf(stderr, "curl_multi_perform() succeeded\n"); /* Start measuring how long it takes to remove the handle. */ curl_mfprintf(stderr, "curl_multi_remove_handle()...\n"); start_test_timing(); - mres = curl_multi_remove_handle(multiHandle, curl); + mres = curl_multi_remove_handle(multi, curl); if(mres) { curl_mfprintf(stderr, "curl_multi_remove_handle() failed, with code %d\n", mres); @@ -114,7 +114,7 @@ static CURLcode test_lib1592(const char *URL) test_cleanup: curl_easy_cleanup(curl); - curl_multi_cleanup(multiHandle); + curl_multi_cleanup(multi); curl_global_cleanup(); return res; diff --git a/tests/libtest/lib1662.c b/tests/libtest/lib1662.c index b0ca4c5094..41a1bc0bd4 100644 --- a/tests/libtest/lib1662.c +++ b/tests/libtest/lib1662.c @@ -49,7 +49,7 @@ static size_t t1662_read_cb(char *ptr, size_t size, size_t nmemb, void *userp) static CURLcode test_lib1662(const char *URL) { CURLcode res = CURLE_OK; - CURL *hnd; + CURL *curl; curl_mime *mime1; curl_mimepart *part1; struct t1662_WriteThis pooh = { 1 }; @@ -58,30 +58,30 @@ static CURLcode test_lib1662(const char *URL) global_init(CURL_GLOBAL_ALL); - hnd = curl_easy_init(); - if(hnd) { - curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L); - curl_easy_setopt(hnd, CURLOPT_URL, URL); - curl_easy_setopt(hnd, CURLOPT_NOPROGRESS, 1L); - mime1 = curl_mime_init(hnd); + curl = curl_easy_init(); + if(curl) { + curl_easy_setopt(curl, CURLOPT_BUFFERSIZE, 102400L); + curl_easy_setopt(curl, CURLOPT_URL, URL); + curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 1L); + mime1 = curl_mime_init(curl); if(mime1) { part1 = curl_mime_addpart(mime1); curl_mime_data_cb(part1, -1, t1662_read_cb, NULL, NULL, &pooh); curl_mime_filename(part1, "poetry.txt"); curl_mime_name(part1, "content"); - curl_easy_setopt(hnd, CURLOPT_MIMEPOST, mime1); - curl_easy_setopt(hnd, CURLOPT_USERAGENT, "curl/2000"); - curl_easy_setopt(hnd, CURLOPT_FOLLOWLOCATION, 1L); - curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L); - curl_easy_setopt(hnd, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2TLS); - curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L); - curl_easy_setopt(hnd, CURLOPT_FTP_SKIP_PASV_IP, 1L); - curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L); - res = curl_easy_perform(hnd); + curl_easy_setopt(curl, CURLOPT_MIMEPOST, mime1); + curl_easy_setopt(curl, CURLOPT_USERAGENT, "curl/2000"); + curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L); + curl_easy_setopt(curl, CURLOPT_MAXREDIRS, 50L); + curl_easy_setopt(curl, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2TLS); + curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); + curl_easy_setopt(curl, CURLOPT_FTP_SKIP_PASV_IP, 1L); + curl_easy_setopt(curl, CURLOPT_TCP_KEEPALIVE, 1L); + res = curl_easy_perform(curl); } } - curl_easy_cleanup(hnd); + curl_easy_cleanup(curl); curl_mime_free(mime1); curl_global_cleanup(); return res; diff --git a/tests/libtest/lib1900.c b/tests/libtest/lib1900.c index 3e9c60f4a8..2f0954bb6c 100644 --- a/tests/libtest/lib1900.c +++ b/tests/libtest/lib1900.c @@ -28,26 +28,26 @@ static CURLcode test_lib1900(const char *URL) { CURLcode res = CURLE_OK; - CURL *hnd = NULL; - CURL *second = NULL; + CURL *curl1 = NULL; + CURL *curl2 = NULL; global_init(CURL_GLOBAL_ALL); - easy_init(hnd); - easy_setopt(hnd, CURLOPT_URL, URL); - easy_setopt(hnd, CURLOPT_HSTS, "first-hsts.txt"); - easy_setopt(hnd, CURLOPT_HSTS, "second-hsts.txt"); + easy_init(curl1); + easy_setopt(curl1, CURLOPT_URL, URL); + easy_setopt(curl1, CURLOPT_HSTS, "first-hsts.txt"); + easy_setopt(curl1, CURLOPT_HSTS, "second-hsts.txt"); - second = curl_easy_duphandle(hnd); + curl2 = curl_easy_duphandle(curl1); - curl_easy_cleanup(hnd); - curl_easy_cleanup(second); + curl_easy_cleanup(curl1); + curl_easy_cleanup(curl2); curl_global_cleanup(); return CURLE_OK; test_cleanup: - curl_easy_cleanup(hnd); - curl_easy_cleanup(second); + curl_easy_cleanup(curl1); + curl_easy_cleanup(curl2); curl_global_cleanup(); return res; } diff --git a/tests/libtest/lib1903.c b/tests/libtest/lib1903.c index af21e946b9..fc2858d5ee 100644 --- a/tests/libtest/lib1903.c +++ b/tests/libtest/lib1903.c @@ -28,26 +28,26 @@ static CURLcode test_lib1903(const char *URL) { CURLcode res = CURLE_OK; - CURL *ch = NULL; + CURL *curl = NULL; global_init(CURL_GLOBAL_ALL); - easy_init(ch); + easy_init(curl); - easy_setopt(ch, CURLOPT_URL, URL); - easy_setopt(ch, CURLOPT_COOKIEFILE, libtest_arg2); - res = curl_easy_perform(ch); + easy_setopt(curl, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_COOKIEFILE, libtest_arg2); + res = curl_easy_perform(curl); if(res) goto test_cleanup; - curl_easy_reset(ch); + curl_easy_reset(curl); - easy_setopt(ch, CURLOPT_URL, URL); - easy_setopt(ch, CURLOPT_COOKIEFILE, libtest_arg2); - easy_setopt(ch, CURLOPT_COOKIEJAR, libtest_arg3); - res = curl_easy_perform(ch); + easy_setopt(curl, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_COOKIEFILE, libtest_arg2); + easy_setopt(curl, CURLOPT_COOKIEJAR, libtest_arg3); + res = curl_easy_perform(curl); test_cleanup: - curl_easy_cleanup(ch); + curl_easy_cleanup(curl); curl_global_cleanup(); return res; diff --git a/tests/libtest/lib1905.c b/tests/libtest/lib1905.c index a227a09beb..600e696238 100644 --- a/tests/libtest/lib1905.c +++ b/tests/libtest/lib1905.c @@ -27,35 +27,35 @@ static CURLcode test_lib1905(const char *URL) { - CURLSH *sh = NULL; - CURL *ch = NULL; + CURLSH *share = NULL; + CURL *curl = NULL; int unfinished; - CURLM *cm; + CURLM *multi; curl_global_init(CURL_GLOBAL_ALL); - cm = curl_multi_init(); - if(!cm) { + multi = curl_multi_init(); + if(!multi) { curl_global_cleanup(); return TEST_ERR_MULTI; } - sh = curl_share_init(); - if(!sh) + share = curl_share_init(); + if(!share) goto cleanup; - curl_share_setopt(sh, CURLSHOPT_SHARE, CURL_LOCK_DATA_COOKIE); - curl_share_setopt(sh, CURLSHOPT_SHARE, CURL_LOCK_DATA_COOKIE); + curl_share_setopt(share, CURLSHOPT_SHARE, CURL_LOCK_DATA_COOKIE); + curl_share_setopt(share, CURLSHOPT_SHARE, CURL_LOCK_DATA_COOKIE); - ch = curl_easy_init(); - if(!ch) + curl = curl_easy_init(); + if(!curl) goto cleanup; - curl_easy_setopt(ch, CURLOPT_SHARE, sh); - curl_easy_setopt(ch, CURLOPT_URL, URL); - curl_easy_setopt(ch, CURLOPT_COOKIEFILE, libtest_arg2); - curl_easy_setopt(ch, CURLOPT_COOKIEJAR, libtest_arg2); + curl_easy_setopt(curl, CURLOPT_SHARE, share); + curl_easy_setopt(curl, CURLOPT_URL, URL); + curl_easy_setopt(curl, CURLOPT_COOKIEFILE, libtest_arg2); + curl_easy_setopt(curl, CURLOPT_COOKIEJAR, libtest_arg2); - curl_multi_add_handle(cm, ch); + curl_multi_add_handle(multi, curl); unfinished = 1; while(unfinished) { @@ -67,10 +67,10 @@ static CURLcode test_lib1905(const char *URL) FD_ZERO(&R); FD_ZERO(&W); FD_ZERO(&E); - curl_multi_perform(cm, &unfinished); + curl_multi_perform(multi, &unfinished); - curl_multi_fdset(cm, &R, &W, &E, &MAX); - curl_multi_timeout(cm, &max_tout); + curl_multi_fdset(multi, &R, &W, &E, &MAX); + curl_multi_timeout(multi, &max_tout); if(max_tout > 0) { curlx_mstotv(&timeout, max_tout); @@ -83,14 +83,14 @@ static CURLcode test_lib1905(const char *URL) select(MAX + 1, &R, &W, &E, &timeout); } - curl_easy_setopt(ch, CURLOPT_COOKIELIST, "FLUSH"); - curl_easy_setopt(ch, CURLOPT_SHARE, NULL); + curl_easy_setopt(curl, CURLOPT_COOKIELIST, "FLUSH"); + curl_easy_setopt(curl, CURLOPT_SHARE, NULL); - curl_multi_remove_handle(cm, ch); + curl_multi_remove_handle(multi, curl); cleanup: - curl_easy_cleanup(ch); - curl_share_cleanup(sh); - curl_multi_cleanup(cm); + curl_easy_cleanup(curl); + curl_share_cleanup(share); + curl_multi_cleanup(multi); curl_global_cleanup(); return CURLE_OK; diff --git a/tests/libtest/lib1908.c b/tests/libtest/lib1908.c index 98e01fac9a..500120066e 100644 --- a/tests/libtest/lib1908.c +++ b/tests/libtest/lib1908.c @@ -28,34 +28,34 @@ static CURLcode test_lib1908(const char *URL) { CURLcode ret = CURLE_OK; - CURL *hnd; + CURL *curl; start_test_timing(); curl_global_init(CURL_GLOBAL_ALL); - hnd = curl_easy_init(); - if(hnd) { - curl_easy_setopt(hnd, CURLOPT_URL, URL); - curl_easy_setopt(hnd, CURLOPT_NOPROGRESS, 1L); - curl_easy_setopt(hnd, CURLOPT_ALTSVC, libtest_arg2); - ret = curl_easy_perform(hnd); + curl = curl_easy_init(); + if(curl) { + curl_easy_setopt(curl, CURLOPT_URL, URL); + curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 1L); + curl_easy_setopt(curl, CURLOPT_ALTSVC, libtest_arg2); + ret = curl_easy_perform(curl); if(!ret) { /* make a copy and check that this also has alt-svc activated */ - CURL *also = curl_easy_duphandle(hnd); - if(also) { - ret = curl_easy_perform(also); + CURL *curldupe = curl_easy_duphandle(curl); + if(curldupe) { + ret = curl_easy_perform(curldupe); /* we close the second handle first, which makes it store the alt-svc file only to get overwritten when the next handle is closed! */ - curl_easy_cleanup(also); + curl_easy_cleanup(curldupe); } } - curl_easy_reset(hnd); + curl_easy_reset(curl); /* using the same file name for the alt-svc cache, this clobbers the - content just written from the 'also' handle */ - curl_easy_cleanup(hnd); + content just written from the 'curldupe' handle */ + curl_easy_cleanup(curl); } curl_global_cleanup(); return ret; diff --git a/tests/libtest/lib1910.c b/tests/libtest/lib1910.c index 6164d59545..425598bf88 100644 --- a/tests/libtest/lib1910.c +++ b/tests/libtest/lib1910.c @@ -28,19 +28,19 @@ static CURLcode test_lib1910(const char *URL) { CURLcode ret = CURLE_OK; - CURL *hnd; + CURL *curl; start_test_timing(); curl_global_init(CURL_GLOBAL_ALL); - hnd = curl_easy_init(); - if(hnd) { - curl_easy_setopt(hnd, CURLOPT_URL, URL); - curl_easy_setopt(hnd, CURLOPT_NOPROGRESS, 1L); - curl_easy_setopt(hnd, CURLOPT_FOLLOWLOCATION, 1L); - curl_easy_setopt(hnd, CURLOPT_USERPWD, "user\nname:pass\nword"); - ret = curl_easy_perform(hnd); - curl_easy_cleanup(hnd); + curl = curl_easy_init(); + if(curl) { + curl_easy_setopt(curl, CURLOPT_URL, URL); + curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 1L); + curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L); + curl_easy_setopt(curl, CURLOPT_USERPWD, "user\nname:pass\nword"); + ret = curl_easy_perform(curl); + curl_easy_cleanup(curl); } curl_global_cleanup(); return ret; diff --git a/tests/libtest/lib1911.c b/tests/libtest/lib1911.c index 4ffc8085dc..7add65ec48 100644 --- a/tests/libtest/lib1911.c +++ b/tests/libtest/lib1911.c @@ -34,13 +34,13 @@ static CURLcode test_lib1911(const char *URL) static char testbuf[MAX_INPUT_LENGTH + 2]; const struct curl_easyoption *o; - CURL *easy; + CURL *curl; int error = 0; (void)URL; curl_global_init(CURL_GLOBAL_ALL); - easy = curl_easy_init(); - if(!easy) { + curl = curl_easy_init(); + if(!curl) { curl_global_cleanup(); return TEST_ERR_EASY_INIT; } @@ -72,7 +72,7 @@ static CURLcode test_lib1911(const char *URL) /* This is a string. Make sure that passing in a string longer CURL_MAX_INPUT_LENGTH returns an error */ - result = curl_easy_setopt(easy, o->id, testbuf); + result = curl_easy_setopt(curl, o->id, testbuf); switch(result) { case CURLE_BAD_FUNCTION_ARGUMENT: /* the most normal */ case CURLE_UNKNOWN_OPTION: /* left out from the build */ @@ -88,7 +88,7 @@ static CURLcode test_lib1911(const char *URL) } } } - curl_easy_cleanup(easy); + curl_easy_cleanup(curl); curl_global_cleanup(); return error == 0 ? CURLE_OK : TEST_ERR_FAILURE; } diff --git a/tests/libtest/lib1913.c b/tests/libtest/lib1913.c index e0519aef29..94a319f0c7 100644 --- a/tests/libtest/lib1913.c +++ b/tests/libtest/lib1913.c @@ -28,20 +28,20 @@ static CURLcode test_lib1913(const char *URL) { CURLcode ret = CURLE_OK; - CURL *hnd; + CURL *curl; start_test_timing(); curl_global_init(CURL_GLOBAL_ALL); - hnd = curl_easy_init(); - if(hnd) { - curl_easy_setopt(hnd, CURLOPT_URL, URL); - curl_easy_setopt(hnd, CURLOPT_NOBODY, 1L); + curl = curl_easy_init(); + if(curl) { + curl_easy_setopt(curl, CURLOPT_URL, URL); + curl_easy_setopt(curl, CURLOPT_NOBODY, 1L); if(libtest_arg2) /* test1914 sets this extra arg */ - curl_easy_setopt(hnd, CURLOPT_FILETIME, 1L); - ret = curl_easy_perform(hnd); - curl_easy_cleanup(hnd); + curl_easy_setopt(curl, CURLOPT_FILETIME, 1L); + ret = curl_easy_perform(curl); + curl_easy_cleanup(curl); } curl_global_cleanup(); return ret; diff --git a/tests/libtest/lib1915.c b/tests/libtest/lib1915.c index c4cc39455f..e47ae9ee80 100644 --- a/tests/libtest/lib1915.c +++ b/tests/libtest/lib1915.c @@ -31,7 +31,7 @@ struct state { }; /* "read" is from the point of the library, it wants data from us */ -static CURLSTScode hstsread(CURL *easy, struct curl_hstsentry *e, +static CURLSTScode hstsread(CURL *curl, struct curl_hstsentry *e, void *userp) { struct entry { @@ -56,7 +56,7 @@ static CURLSTScode hstsread(CURL *easy, struct curl_hstsentry *e, const char *host; const char *expire; struct state *s = (struct state *)userp; - (void)easy; + (void)curl; host = preload_hosts[s->index].name; expire = preload_hosts[s->index++].exp; @@ -72,20 +72,20 @@ static CURLSTScode hstsread(CURL *easy, struct curl_hstsentry *e, } /* verify error from callback */ -static CURLSTScode hstsreadfail(CURL *easy, struct curl_hstsentry *e, +static CURLSTScode hstsreadfail(CURL *curl, struct curl_hstsentry *e, void *userp) { - (void)easy; + (void)curl; (void)e; (void)userp; return CURLSTS_FAIL; } /* check that we get the hosts back in the save */ -static CURLSTScode hstswrite(CURL *easy, struct curl_hstsentry *e, +static CURLSTScode hstswrite(CURL *curl, struct curl_hstsentry *e, struct curl_index *i, void *userp) { - (void)easy; + (void)curl; (void)userp; curl_mprintf("[%zu/%zu] %s %s\n", i->index, i->total, e->name, e->expire); return CURLSTS_OK; @@ -98,7 +98,7 @@ static CURLSTScode hstswrite(CURL *easy, struct curl_hstsentry *e, static CURLcode test_lib1915(const char *URL) { CURLcode res = CURLE_OK; - CURL *hnd; + CURL *curl; struct state st = {0}; global_init(CURL_GLOBAL_ALL); @@ -106,43 +106,43 @@ static CURLcode test_lib1915(const char *URL) debug_config.nohex = TRUE; debug_config.tracetime = TRUE; - easy_init(hnd); - easy_setopt(hnd, CURLOPT_URL, URL); - easy_setopt(hnd, CURLOPT_CONNECTTIMEOUT, 1L); - easy_setopt(hnd, CURLOPT_HSTSREADFUNCTION, hstsread); - easy_setopt(hnd, CURLOPT_HSTSREADDATA, &st); - easy_setopt(hnd, CURLOPT_HSTSWRITEFUNCTION, hstswrite); - easy_setopt(hnd, CURLOPT_HSTSWRITEDATA, &st); - easy_setopt(hnd, CURLOPT_HSTS_CTRL, CURLHSTS_ENABLE); - easy_setopt(hnd, CURLOPT_DEBUGDATA, &debug_config); - easy_setopt(hnd, CURLOPT_DEBUGFUNCTION, libtest_debug_cb); - easy_setopt(hnd, CURLOPT_VERBOSE, 1L); - res = curl_easy_perform(hnd); - curl_easy_cleanup(hnd); - hnd = NULL; + easy_init(curl); + easy_setopt(curl, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, 1L); + easy_setopt(curl, CURLOPT_HSTSREADFUNCTION, hstsread); + easy_setopt(curl, CURLOPT_HSTSREADDATA, &st); + easy_setopt(curl, CURLOPT_HSTSWRITEFUNCTION, hstswrite); + easy_setopt(curl, CURLOPT_HSTSWRITEDATA, &st); + easy_setopt(curl, CURLOPT_HSTS_CTRL, CURLHSTS_ENABLE); + easy_setopt(curl, CURLOPT_DEBUGDATA, &debug_config); + easy_setopt(curl, CURLOPT_DEBUGFUNCTION, libtest_debug_cb); + easy_setopt(curl, CURLOPT_VERBOSE, 1L); + res = curl_easy_perform(curl); + curl_easy_cleanup(curl); + curl = NULL; if(res == CURLE_OPERATION_TIMEDOUT) /* we expect that on Windows */ res = CURLE_COULDNT_CONNECT; curl_mprintf("First request returned %d\n", res); res = CURLE_OK; - easy_init(hnd); - easy_setopt(hnd, CURLOPT_URL, URL); - easy_setopt(hnd, CURLOPT_CONNECTTIMEOUT, 1L); - easy_setopt(hnd, CURLOPT_HSTSREADFUNCTION, hstsreadfail); - easy_setopt(hnd, CURLOPT_HSTSREADDATA, &st); - easy_setopt(hnd, CURLOPT_HSTSWRITEFUNCTION, hstswrite); - easy_setopt(hnd, CURLOPT_HSTSWRITEDATA, &st); - easy_setopt(hnd, CURLOPT_HSTS_CTRL, CURLHSTS_ENABLE); - easy_setopt(hnd, CURLOPT_DEBUGDATA, &debug_config); - easy_setopt(hnd, CURLOPT_DEBUGFUNCTION, libtest_debug_cb); - easy_setopt(hnd, CURLOPT_VERBOSE, 1L); - res = curl_easy_perform(hnd); - curl_easy_cleanup(hnd); - hnd = NULL; + easy_init(curl); + easy_setopt(curl, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, 1L); + easy_setopt(curl, CURLOPT_HSTSREADFUNCTION, hstsreadfail); + easy_setopt(curl, CURLOPT_HSTSREADDATA, &st); + easy_setopt(curl, CURLOPT_HSTSWRITEFUNCTION, hstswrite); + easy_setopt(curl, CURLOPT_HSTSWRITEDATA, &st); + easy_setopt(curl, CURLOPT_HSTS_CTRL, CURLHSTS_ENABLE); + easy_setopt(curl, CURLOPT_DEBUGDATA, &debug_config); + easy_setopt(curl, CURLOPT_DEBUGFUNCTION, libtest_debug_cb); + easy_setopt(curl, CURLOPT_VERBOSE, 1L); + res = curl_easy_perform(curl); + curl_easy_cleanup(curl); + curl = NULL; curl_mprintf("Second request returned %d\n", res); test_cleanup: - curl_easy_cleanup(hnd); + curl_easy_cleanup(curl); curl_global_cleanup(); return res; } diff --git a/tests/libtest/lib1939.c b/tests/libtest/lib1939.c index 61199900df..5a10db96b1 100644 --- a/tests/libtest/lib1939.c +++ b/tests/libtest/lib1939.c @@ -28,29 +28,29 @@ static CURLcode test_lib1939(const char *URL) { CURLM *multi; - CURL *easy; + CURL *curl; int running_handles; curl_global_init(CURL_GLOBAL_DEFAULT); multi = curl_multi_init(); if(multi) { - easy = curl_easy_init(); - if(easy) { + curl = curl_easy_init(); + if(curl) { CURLcode c; CURLMcode m; /* Crash only happens when using HTTPS */ - c = curl_easy_setopt(easy, CURLOPT_URL, URL); + c = curl_easy_setopt(curl, CURLOPT_URL, URL); if(!c) /* Any old HTTP tunneling proxy will do here */ - c = curl_easy_setopt(easy, CURLOPT_PROXY, libtest_arg2); + c = curl_easy_setopt(curl, CURLOPT_PROXY, libtest_arg2); if(!c) { /* We're going to drive the transfer using multi interface here, because we want to stop during the middle. */ - m = curl_multi_add_handle(multi, easy); + m = curl_multi_add_handle(multi, curl); if(!m) /* Run the multi handle once, just enough to start establishing an @@ -62,7 +62,7 @@ static CURLcode test_lib1939(const char *URL) } /* Close the easy handle *before* the multi handle. Doing it the other way around avoids the issue. */ - curl_easy_cleanup(easy); + curl_easy_cleanup(curl); } curl_multi_cleanup(multi); /* double-free happens here */ } diff --git a/tests/libtest/lib1940.c b/tests/libtest/lib1940.c index 50f4010e94..117afecf2f 100644 --- a/tests/libtest/lib1940.c +++ b/tests/libtest/lib1940.c @@ -33,7 +33,7 @@ static size_t t1940_write_cb(char *data, size_t n, size_t l, void *userp) return n*l; } -static void t1940_showem(CURL *easy, int header_request, unsigned int type) +static void t1940_showem(CURL *curl, int header_request, unsigned int type) { static const char *testdata[] = { "daTE", @@ -52,7 +52,7 @@ static void t1940_showem(CURL *easy, int header_request, unsigned int type) int i; struct curl_header *header; for(i = 0; testdata[i]; i++) { - if(CURLHE_OK == curl_easy_header(easy, testdata[i], 0, + if(CURLHE_OK == curl_easy_header(curl, testdata[i], 0, type, header_request, &header)) { if(header->amount > 1) { /* more than one, iterate over them */ @@ -64,7 +64,7 @@ static void t1940_showem(CURL *easy, int header_request, unsigned int type) if(++index == amount) break; - if(CURLHE_OK != curl_easy_header(easy, testdata[i], index, + if(CURLHE_OK != curl_easy_header(curl, testdata[i], index, type, header_request, &header)) break; } while(1); @@ -79,7 +79,7 @@ static void t1940_showem(CURL *easy, int header_request, unsigned int type) static CURLcode test_lib1940(const char *URL) { - CURL *easy = NULL; + CURL *curl = NULL; CURLcode res = CURLE_OK; int header_request; @@ -91,32 +91,32 @@ static CURLcode test_lib1940(const char *URL) } global_init(CURL_GLOBAL_DEFAULT); - easy_init(easy); - easy_setopt(easy, CURLOPT_URL, URL); - easy_setopt(easy, CURLOPT_VERBOSE, 1L); - easy_setopt(easy, CURLOPT_FOLLOWLOCATION, 1L); + easy_init(curl); + easy_setopt(curl, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_VERBOSE, 1L); + easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L); /* ignores any content */ - easy_setopt(easy, CURLOPT_WRITEFUNCTION, t1940_write_cb); + easy_setopt(curl, CURLOPT_WRITEFUNCTION, t1940_write_cb); /* if there's a proxy set, use it */ if(libtest_arg2 && *libtest_arg2) { - easy_setopt(easy, CURLOPT_PROXY, libtest_arg2); - easy_setopt(easy, CURLOPT_HTTPPROXYTUNNEL, 1L); + easy_setopt(curl, CURLOPT_PROXY, libtest_arg2); + easy_setopt(curl, CURLOPT_HTTPPROXYTUNNEL, 1L); } - res = curl_easy_perform(easy); + res = curl_easy_perform(curl); if(res) goto test_cleanup; - t1940_showem(easy, header_request, CURLH_HEADER); + t1940_showem(curl, header_request, CURLH_HEADER); if(libtest_arg2 && *libtest_arg2) { /* now show connect headers only */ - t1940_showem(easy, header_request, CURLH_CONNECT); + t1940_showem(curl, header_request, CURLH_CONNECT); } - t1940_showem(easy, header_request, CURLH_1XX); - t1940_showem(easy, header_request, CURLH_TRAILER); + t1940_showem(curl, header_request, CURLH_1XX); + t1940_showem(curl, header_request, CURLH_TRAILER); test_cleanup: - curl_easy_cleanup(easy); + curl_easy_cleanup(curl); curl_global_cleanup(); return res; } diff --git a/tests/libtest/lib1945.c b/tests/libtest/lib1945.c index 6e693bda62..f0a92d6033 100644 --- a/tests/libtest/lib1945.c +++ b/tests/libtest/lib1945.c @@ -25,13 +25,13 @@ #include "memdebug.h" -static void t1945_showem(CURL *easy, unsigned int type) +static void t1945_showem(CURL *curl, unsigned int type) { struct curl_header *header = NULL; struct curl_header *prev = NULL; /* !checksrc! disable EQUALSNULL 1 */ - while((header = curl_easy_nextheader(easy, type, 0, prev)) != NULL) { + while((header = curl_easy_nextheader(curl, type, 0, prev)) != NULL) { curl_mprintf(" %s == %s (%zu/%zu)\n", header->name, header->value, header->index, header->amount); prev = header; @@ -48,31 +48,31 @@ static size_t t1945_write_cb(char *data, size_t n, size_t l, void *userp) static CURLcode test_lib1945(const char *URL) { - CURL *easy; + CURL *curl; CURLcode res = CURLE_OK; global_init(CURL_GLOBAL_DEFAULT); - easy_init(easy); - curl_easy_setopt(easy, CURLOPT_URL, URL); - curl_easy_setopt(easy, CURLOPT_VERBOSE, 1L); - curl_easy_setopt(easy, CURLOPT_FOLLOWLOCATION, 1L); + easy_init(curl); + curl_easy_setopt(curl, CURLOPT_URL, URL); + curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); + curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L); /* ignores any content */ - curl_easy_setopt(easy, CURLOPT_WRITEFUNCTION, t1945_write_cb); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, t1945_write_cb); /* if there's a proxy set, use it */ if(libtest_arg2 && *libtest_arg2) { - curl_easy_setopt(easy, CURLOPT_PROXY, libtest_arg2); - curl_easy_setopt(easy, CURLOPT_HTTPPROXYTUNNEL, 1L); + curl_easy_setopt(curl, CURLOPT_PROXY, libtest_arg2); + curl_easy_setopt(curl, CURLOPT_HTTPPROXYTUNNEL, 1L); } - res = curl_easy_perform(easy); + res = curl_easy_perform(curl); if(res) { curl_mprintf("badness: %d\n", res); } - t1945_showem(easy, CURLH_CONNECT|CURLH_HEADER|CURLH_TRAILER|CURLH_1XX); + t1945_showem(curl, CURLH_CONNECT|CURLH_HEADER|CURLH_TRAILER|CURLH_1XX); test_cleanup: - curl_easy_cleanup(easy); + curl_easy_cleanup(curl); curl_global_cleanup(); return res; } diff --git a/tests/libtest/lib2032.c b/tests/libtest/lib2032.c index 25de34d530..81c949ab44 100644 --- a/tests/libtest/lib2032.c +++ b/tests/libtest/lib2032.c @@ -28,13 +28,13 @@ #define MAX_EASY_HANDLES 3 static int ntlm_counter[MAX_EASY_HANDLES]; -static CURL *ntlm_easy[MAX_EASY_HANDLES]; +static CURL *ntlm_curls[MAX_EASY_HANDLES]; static curl_socket_t ntlm_sockets[MAX_EASY_HANDLES]; static CURLcode ntlmcb_res = CURLE_OK; static size_t callback(char *ptr, size_t size, size_t nmemb, void *data) { - ssize_t idx = ((CURL **) data) - ntlm_easy; + ssize_t idx = ((CURL **) data) - ntlm_curls; curl_socket_t sock; long longdata; CURLcode code; @@ -44,7 +44,7 @@ static size_t callback(char *ptr, size_t size, size_t nmemb, void *data) ntlm_counter[idx] += (int)(size * nmemb); /* Get socket being used for this easy handle, otherwise CURL_SOCKET_BAD */ - code = curl_easy_getinfo(ntlm_easy[idx], CURLINFO_LASTSOCKET, &longdata); + code = curl_easy_getinfo(ntlm_curls[idx], CURLINFO_LASTSOCKET, &longdata); if(CURLE_OK != code) { curl_mfprintf(stderr, "%s:%d curl_easy_getinfo() failed, " @@ -102,7 +102,7 @@ static CURLcode test_lib2032(const char *URL) /* libntlmconnect */ } for(i = 0; i < MAX_EASY_HANDLES; ++i) { - ntlm_easy[i] = NULL; + ntlm_curls[i] = NULL; ntlm_sockets[i] = CURL_SOCKET_BAD; } @@ -125,28 +125,28 @@ static CURLcode test_lib2032(const char *URL) /* libntlmconnect */ /* Start a new handle if we aren't at the max */ if(state == ReadyForNewHandle) { - easy_init(ntlm_easy[num_handles]); + easy_init(ntlm_curls[num_handles]); if(num_handles % 3 == 2) { curl_msnprintf(full_url, urllen, "%s0200", URL); - easy_setopt(ntlm_easy[num_handles], CURLOPT_HTTPAUTH, CURLAUTH_NTLM); + easy_setopt(ntlm_curls[num_handles], CURLOPT_HTTPAUTH, CURLAUTH_NTLM); } else { curl_msnprintf(full_url, urllen, "%s0100", URL); - easy_setopt(ntlm_easy[num_handles], CURLOPT_HTTPAUTH, CURLAUTH_BASIC); + easy_setopt(ntlm_curls[num_handles], CURLOPT_HTTPAUTH, CURLAUTH_BASIC); } - easy_setopt(ntlm_easy[num_handles], CURLOPT_FRESH_CONNECT, 1L); - easy_setopt(ntlm_easy[num_handles], CURLOPT_URL, full_url); - easy_setopt(ntlm_easy[num_handles], CURLOPT_VERBOSE, 1L); - easy_setopt(ntlm_easy[num_handles], CURLOPT_HTTPGET, 1L); - easy_setopt(ntlm_easy[num_handles], CURLOPT_USERPWD, + easy_setopt(ntlm_curls[num_handles], CURLOPT_FRESH_CONNECT, 1L); + easy_setopt(ntlm_curls[num_handles], CURLOPT_URL, full_url); + easy_setopt(ntlm_curls[num_handles], CURLOPT_VERBOSE, 1L); + easy_setopt(ntlm_curls[num_handles], CURLOPT_HTTPGET, 1L); + easy_setopt(ntlm_curls[num_handles], CURLOPT_USERPWD, "testuser:testpass"); - easy_setopt(ntlm_easy[num_handles], CURLOPT_WRITEFUNCTION, callback); - easy_setopt(ntlm_easy[num_handles], CURLOPT_WRITEDATA, - (void *)(ntlm_easy + num_handles)); - easy_setopt(ntlm_easy[num_handles], CURLOPT_HEADER, 1L); + easy_setopt(ntlm_curls[num_handles], CURLOPT_WRITEFUNCTION, callback); + easy_setopt(ntlm_curls[num_handles], CURLOPT_WRITEDATA, + (void *)(ntlm_curls + num_handles)); + easy_setopt(ntlm_curls[num_handles], CURLOPT_HEADER, 1L); - multi_add_handle(multi, ntlm_easy[num_handles]); + multi_add_handle(multi, ntlm_curls[num_handles]); num_handles += 1; state = NeedSocketForNewHandle; res = ntlmcb_res; @@ -223,8 +223,8 @@ test_cleanup: for(i = 0; i < MAX_EASY_HANDLES; i++) { curl_mprintf("Data connection %d: %d\n", i, ntlm_counter[i]); - curl_multi_remove_handle(multi, ntlm_easy[i]); - curl_easy_cleanup(ntlm_easy[i]); + curl_multi_remove_handle(multi, ntlm_curls[i]); + curl_easy_cleanup(ntlm_curls[i]); } curl_multi_cleanup(multi); diff --git a/tests/libtest/lib2301.c b/tests/libtest/lib2301.c index cc6c00a1d4..40e357a3ba 100644 --- a/tests/libtest/lib2301.c +++ b/tests/libtest/lib2301.c @@ -42,7 +42,7 @@ static void t2301_websocket(CURL *curl) static size_t t2301_write_cb(char *b, size_t size, size_t nitems, void *p) { - CURL *easy = p; + CURL *curl = p; unsigned char *buffer = (unsigned char *)b; size_t i; size_t sent; @@ -59,7 +59,7 @@ static size_t t2301_write_cb(char *b, size_t size, size_t nitems, void *p) if(buffer[0] == 0x89) { CURLcode result; curl_mfprintf(stderr, "send back a simple PONG\n"); - result = curl_ws_send(easy, pong, 2, &sent, 0, 0); + result = curl_ws_send(curl, pong, 2, &sent, 0, 0); if(result) nitems = 0; } diff --git a/tests/libtest/lib2302.c b/tests/libtest/lib2302.c index d72761a851..47276197bb 100644 --- a/tests/libtest/lib2302.c +++ b/tests/libtest/lib2302.c @@ -26,7 +26,7 @@ #ifndef CURL_DISABLE_WEBSOCKETS struct ws_data { - CURL *easy; + CURL *curl; char *buf; size_t blen; size_t nwrites; @@ -83,7 +83,7 @@ static size_t t2302_write_cb(char *buffer, size_t size, size_t nitems, void *p) const struct curl_ws_frame *meta; (void)size; - meta = curl_ws_meta(ws_data->easy); + meta = curl_ws_meta(ws_data->curl); incoming = add_data(ws_data, buffer, incoming, meta); if(nitems != incoming) @@ -106,7 +106,7 @@ static CURLcode test_lib2302(const char *URL) if(ws_data.buf) { curl = curl_easy_init(); if(curl) { - ws_data.easy = curl; + ws_data.curl = curl; curl_easy_setopt(curl, CURLOPT_URL, URL); /* use the callback style */ diff --git a/tests/libtest/lib2306.c b/tests/libtest/lib2306.c index d2832e1cb2..6b60ea6376 100644 --- a/tests/libtest/lib2306.c +++ b/tests/libtest/lib2306.c @@ -26,24 +26,24 @@ static CURLcode test_lib2306(const char *URL) { /* first a fine GET response, then a bad one */ - CURL *cl; + CURL *curl; CURLcode res = CURLE_OK; global_init(CURL_GLOBAL_ALL); - easy_init(cl); - easy_setopt(cl, CURLOPT_URL, URL); - easy_setopt(cl, CURLOPT_VERBOSE, 1L); - res = curl_easy_perform(cl); + easy_init(curl); + easy_setopt(curl, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_VERBOSE, 1L); + res = curl_easy_perform(curl); if(res) goto test_cleanup; /* reuse handle, do a second transfer */ - easy_setopt(cl, CURLOPT_URL, libtest_arg2); - res = curl_easy_perform(cl); + easy_setopt(curl, CURLOPT_URL, libtest_arg2); + res = curl_easy_perform(curl); test_cleanup: - curl_easy_cleanup(cl); + curl_easy_cleanup(curl); curl_global_cleanup(); return res; } diff --git a/tests/libtest/lib2402.c b/tests/libtest/lib2402.c index ef3dc226a0..1695208716 100644 --- a/tests/libtest/lib2402.c +++ b/tests/libtest/lib2402.c @@ -30,7 +30,7 @@ static CURLcode test_lib2402(const char *URL) CURLcode res = CURLE_OK; CURL *curl[NUM_HANDLES] = {0}; int running; - CURLM *m = NULL; + CURLM *multi = NULL; size_t i; char target_url[256]; char dnsentry[256]; @@ -53,9 +53,9 @@ static CURLcode test_lib2402(const char *URL) global_init(CURL_GLOBAL_ALL); - multi_init(m); + multi_init(multi); - multi_setopt(m, CURLMOPT_MAXCONNECTS, 1L); + multi_setopt(multi, CURLMOPT_MAXCONNECTS, 1L); /* get each easy handle */ for(i = 0; i < CURL_ARRAYSIZE(curl); i++) { @@ -86,7 +86,7 @@ static CURLcode test_lib2402(const char *URL) for(i = 0; i < CURL_ARRAYSIZE(curl); i++) { /* add handle to multi */ - multi_add_handle(m, curl[i]); + multi_add_handle(multi, curl[i]); for(;;) { struct timeval interval; @@ -96,7 +96,7 @@ static CURLcode test_lib2402(const char *URL) interval.tv_sec = 1; interval.tv_usec = 0; - multi_perform(m, &running); + multi_perform(multi, &running); abort_on_test_timeout(); @@ -107,7 +107,7 @@ static CURLcode test_lib2402(const char *URL) FD_ZERO(&wr); FD_ZERO(&exc); - multi_fdset(m, &rd, &wr, &exc, &maxfd); + multi_fdset(multi, &rd, &wr, &exc, &maxfd); /* At this point, maxfd is guaranteed to be greater or equal than -1. */ @@ -123,13 +123,13 @@ test_cleanup: /* proper cleanup sequence - type PB */ for(i = 0; i < CURL_ARRAYSIZE(curl); i++) { - curl_multi_remove_handle(m, curl[i]); + curl_multi_remove_handle(multi, curl[i]); curl_easy_cleanup(curl[i]); } curl_slist_free_all(slist); - curl_multi_cleanup(m); + curl_multi_cleanup(multi); curl_global_cleanup(); return res; diff --git a/tests/libtest/lib2404.c b/tests/libtest/lib2404.c index 8551957e0b..42d81d8d4a 100644 --- a/tests/libtest/lib2404.c +++ b/tests/libtest/lib2404.c @@ -30,7 +30,7 @@ static CURLcode test_lib2404(const char *URL) CURLcode res = CURLE_OK; CURL *curl[NUM_HANDLES] = {0}; int running; - CURLM *m = NULL; + CURLM *multi = NULL; size_t i; char target_url[256]; char dnsentry[256]; @@ -53,9 +53,9 @@ static CURLcode test_lib2404(const char *URL) global_init(CURL_GLOBAL_ALL); - multi_init(m); + multi_init(multi); - multi_setopt(m, CURLMOPT_MAXCONNECTS, 1L); + multi_setopt(multi, CURLMOPT_MAXCONNECTS, 1L); /* get each easy handle */ for(i = 0; i < CURL_ARRAYSIZE(curl); i++) { @@ -88,7 +88,7 @@ static CURLcode test_lib2404(const char *URL) for(i = 0; i < CURL_ARRAYSIZE(curl); i++) { /* add handle to multi */ - multi_add_handle(m, curl[i]); + multi_add_handle(multi, curl[i]); for(;;) { struct timeval interval; @@ -98,7 +98,7 @@ static CURLcode test_lib2404(const char *URL) interval.tv_sec = 1; interval.tv_usec = 0; - multi_perform(m, &running); + multi_perform(multi, &running); abort_on_test_timeout(); @@ -109,7 +109,7 @@ static CURLcode test_lib2404(const char *URL) FD_ZERO(&wr); FD_ZERO(&exc); - multi_fdset(m, &rd, &wr, &exc, &maxfd); + multi_fdset(multi, &rd, &wr, &exc, &maxfd); /* At this point, maxfd is guaranteed to be greater or equal than -1. */ @@ -125,13 +125,13 @@ test_cleanup: /* proper cleanup sequence - type PB */ for(i = 0; i < CURL_ARRAYSIZE(curl); i++) { - curl_multi_remove_handle(m, curl[i]); + curl_multi_remove_handle(multi, curl[i]); curl_easy_cleanup(curl[i]); } curl_slist_free_all(slist); - curl_multi_cleanup(m); + curl_multi_cleanup(multi); curl_global_cleanup(); return res; diff --git a/tests/libtest/lib2405.c b/tests/libtest/lib2405.c index 571a0bcaa8..8d7f9056ff 100644 --- a/tests/libtest/lib2405.c +++ b/tests/libtest/lib2405.c @@ -74,43 +74,43 @@ static size_t emptyWriteFunc(void *ptr, size_t size, size_t nmemb, return size * nmemb; } -static CURLcode set_easy(const char *URL, CURL *easy, long option) +static CURLcode set_easy(const char *URL, CURL *curl, long option) { CURLcode res = CURLE_OK; /* First set the URL that is about to receive our POST. */ - easy_setopt(easy, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_URL, URL); /* get verbose debug output please */ - easy_setopt(easy, CURLOPT_VERBOSE, 1L); + easy_setopt(curl, CURLOPT_VERBOSE, 1L); switch(option) { case TEST_USE_HTTP1: /* go http1 */ - easy_setopt(easy, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1); + easy_setopt(curl, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1); break; case TEST_USE_HTTP2: /* go http2 */ - easy_setopt(easy, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0); + easy_setopt(curl, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0); break; case TEST_USE_HTTP2_MPLEX: /* go http2 with multiplexing */ - easy_setopt(easy, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0); - easy_setopt(easy, CURLOPT_PIPEWAIT, 1L); + easy_setopt(curl, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0); + easy_setopt(curl, CURLOPT_PIPEWAIT, 1L); break; } /* no peer verify */ - easy_setopt(easy, CURLOPT_SSL_VERIFYPEER, 0L); - easy_setopt(easy, CURLOPT_SSL_VERIFYHOST, 0L); + easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); + easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L); /* include headers */ - easy_setopt(easy, CURLOPT_HEADER, 1L); + easy_setopt(curl, CURLOPT_HEADER, 1L); /* empty write function */ - easy_setopt(easy, CURLOPT_WRITEFUNCTION, emptyWriteFunc); + easy_setopt(curl, CURLOPT_WRITEFUNCTION, emptyWriteFunc); test_cleanup: return res; @@ -123,8 +123,8 @@ static CURLcode test_run(const char *URL, long option, CURLM *multi = NULL; CURLM *multi1 = NULL; - CURL *easy1 = NULL; - CURL *easy2 = NULL; + CURL *curl1 = NULL; + CURL *curl2 = NULL; unsigned int max_count = 0; @@ -139,13 +139,13 @@ static CURLcode test_run(const char *URL, long option, struct curl_waitfd ufds1[10]; int numfds; - easy_init(easy1); - easy_init(easy2); + easy_init(curl1); + easy_init(curl2); - if(set_easy(URL, easy1, option) != CURLE_OK) + if(set_easy(URL, curl1, option) != CURLE_OK) goto test_cleanup; - if(set_easy(URL, easy2, option) != CURLE_OK) + if(set_easy(URL, curl2, option) != CURLE_OK) goto test_cleanup; multi_init(multi); @@ -154,8 +154,8 @@ static CURLcode test_run(const char *URL, long option, if(option == TEST_USE_HTTP2_MPLEX) multi_setopt(multi, CURLMOPT_PIPELINING, CURLPIPE_MULTIPLEX); - multi_add_handle(multi, easy1); - multi_add_handle(multi, easy2); + multi_add_handle(multi, curl1); + multi_add_handle(multi, curl2); while(!mc) { /* get the count of file descriptors from the transfers */ @@ -293,12 +293,12 @@ static CURLcode test_run(const char *URL, long option, } } - curl_multi_remove_handle(multi, easy1); - curl_multi_remove_handle(multi, easy2); + curl_multi_remove_handle(multi, curl1); + curl_multi_remove_handle(multi, curl2); test_cleanup: - curl_easy_cleanup(easy1); - curl_easy_cleanup(easy2); + curl_easy_cleanup(curl1); + curl_easy_cleanup(curl2); curl_multi_cleanup(multi); curl_multi_cleanup(multi1); @@ -313,7 +313,7 @@ static CURLcode empty_multi_test(void) { CURLMcode mc = CURLM_OK; CURLM *multi = NULL; - CURL *easy = NULL; + CURL *curl = NULL; struct curl_waitfd ufds[10]; @@ -338,12 +338,12 @@ static CURLcode empty_multi_test(void) } /* calling curl_multi_waitfds() on multi handle with added easy handle. */ - easy_init(easy); + easy_init(curl); - if(set_easy("http://example.com", easy, TEST_USE_HTTP1) != CURLE_OK) + if(set_easy("http://example.com", curl, TEST_USE_HTTP1) != CURLE_OK) goto test_cleanup; - multi_add_handle(multi, easy); + multi_add_handle(multi, curl); mc = curl_multi_waitfds(multi, ufds, 10, &fd_count); @@ -359,10 +359,10 @@ static CURLcode empty_multi_test(void) goto test_cleanup; } - curl_multi_remove_handle(multi, easy); + curl_multi_remove_handle(multi, curl); test_cleanup: - curl_easy_cleanup(easy); + curl_easy_cleanup(curl); curl_multi_cleanup(multi); return res; } diff --git a/tests/libtest/lib2502.c b/tests/libtest/lib2502.c index ba7da99a07..b9a2cabd79 100644 --- a/tests/libtest/lib2502.c +++ b/tests/libtest/lib2502.c @@ -31,7 +31,7 @@ static CURLcode test_lib2502(const char *URL) CURLcode res = CURLE_OK; CURL *curl[NUM_HANDLES] = {0}; int running; - CURLM *m = NULL; + CURLM *multi = NULL; size_t i; char target_url[256]; char dnsentry[256]; @@ -54,9 +54,9 @@ static CURLcode test_lib2502(const char *URL) global_init(CURL_GLOBAL_ALL); - multi_init(m); + multi_init(multi); - multi_setopt(m, CURLMOPT_MAXCONNECTS, 1L); + multi_setopt(multi, CURLMOPT_MAXCONNECTS, 1L); /* get each easy handle */ for(i = 0; i < CURL_ARRAYSIZE(curl); i++) { @@ -90,7 +90,7 @@ static CURLcode test_lib2502(const char *URL) for(i = 0; i < CURL_ARRAYSIZE(curl); i++) { /* add handle to multi */ - multi_add_handle(m, curl[i]); + multi_add_handle(multi, curl[i]); for(;;) { struct timeval interval; @@ -100,7 +100,7 @@ static CURLcode test_lib2502(const char *URL) interval.tv_sec = 1; interval.tv_usec = 0; - multi_perform(m, &running); + multi_perform(multi, &running); abort_on_test_timeout(); @@ -111,7 +111,7 @@ static CURLcode test_lib2502(const char *URL) FD_ZERO(&wr); FD_ZERO(&exc); - multi_fdset(m, &rd, &wr, &exc, &maxfd); + multi_fdset(multi, &rd, &wr, &exc, &maxfd); /* At this point, maxfd is guaranteed to be greater or equal than -1. */ @@ -127,13 +127,13 @@ test_cleanup: /* proper cleanup sequence - type PB */ for(i = 0; i < CURL_ARRAYSIZE(curl); i++) { - curl_multi_remove_handle(m, curl[i]); + curl_multi_remove_handle(multi, curl[i]); curl_easy_cleanup(curl[i]); } curl_slist_free_all(slist); - curl_multi_cleanup(m); + curl_multi_cleanup(multi); curl_global_cleanup(); return res; diff --git a/tests/libtest/lib3027.c b/tests/libtest/lib3027.c index 735f4c96e9..5cd2bd757d 100644 --- a/tests/libtest/lib3027.c +++ b/tests/libtest/lib3027.c @@ -28,26 +28,26 @@ static CURLcode test_lib3027(const char *URL) { CURLcode ret = CURLE_OK; - CURL *hnd; + CURL *curl; start_test_timing(); curl_global_init(CURL_GLOBAL_ALL); - hnd = curl_easy_init(); - if(hnd) { - curl_easy_setopt(hnd, CURLOPT_URL, URL); - curl_easy_setopt(hnd, CURLOPT_FILETIME, 1L); - ret = curl_easy_perform(hnd); + curl = curl_easy_init(); + if(curl) { + curl_easy_setopt(curl, CURLOPT_URL, URL); + curl_easy_setopt(curl, CURLOPT_FILETIME, 1L); + ret = curl_easy_perform(curl); if(CURLE_OK == ret) { long filetime; - ret = curl_easy_getinfo(hnd, CURLINFO_FILETIME, &filetime); + ret = curl_easy_getinfo(curl, CURLINFO_FILETIME, &filetime); /* MTDM fails with 550, so filetime should be -1 */ if((CURLE_OK == ret) && (filetime != -1)) { /* we just need to return something which is not CURLE_OK */ ret = CURLE_UNSUPPORTED_PROTOCOL; } } - curl_easy_cleanup(hnd); + curl_easy_cleanup(curl); } curl_global_cleanup(); return ret; diff --git a/tests/libtest/lib3033.c b/tests/libtest/lib3033.c index 1c0b9856fc..b00bba9e74 100644 --- a/tests/libtest/lib3033.c +++ b/tests/libtest/lib3033.c @@ -27,7 +27,7 @@ #include "memdebug.h" -static CURLcode t3033_req_test(CURLM *multi, CURL *easy, +static CURLcode t3033_req_test(CURLM *multi, CURL *curl, const char *URL, int index) { CURLMsg *msg = NULL; @@ -43,13 +43,13 @@ static CURLcode t3033_req_test(CURLM *multi, CURL *easy, curl_mprintf("[%d] no network change\n", index); } - curl_easy_reset(easy); - curl_easy_setopt(easy, CURLOPT_URL, URL); - easy_setopt(easy, CURLOPT_DEBUGDATA, &debug_config); - easy_setopt(easy, CURLOPT_DEBUGFUNCTION, libtest_debug_cb); - easy_setopt(easy, CURLOPT_VERBOSE, 1L); + curl_easy_reset(curl); + curl_easy_setopt(curl, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_DEBUGDATA, &debug_config); + easy_setopt(curl, CURLOPT_DEBUGFUNCTION, libtest_debug_cb); + easy_setopt(curl, CURLOPT_VERBOSE, 1L); - curl_multi_add_handle(multi, easy); + curl_multi_add_handle(multi, curl); do { CURLMcode mres; @@ -76,7 +76,7 @@ static CURLcode t3033_req_test(CURLM *multi, CURL *easy, goto test_cleanup; } - curl_easy_getinfo(easy, CURLINFO_NUM_CONNECTS, &num_connects); + curl_easy_getinfo(curl, CURLINFO_NUM_CONNECTS, &num_connects); if(index == 1 && num_connects == 0) { curl_mprintf("[1] should not reuse connection in pool\n"); res = TEST_ERR_MAJOR_BAD; @@ -92,7 +92,7 @@ static CURLcode t3033_req_test(CURLM *multi, CURL *easy, test_cleanup: - curl_multi_remove_handle(multi, easy); + curl_multi_remove_handle(multi, curl); return res; } diff --git a/tests/libtest/lib3105.c b/tests/libtest/lib3105.c index 29dfdae00c..808fd98ca4 100644 --- a/tests/libtest/lib3105.c +++ b/tests/libtest/lib3105.c @@ -27,7 +27,7 @@ static CURLcode test_lib3105(const char *URL) { - CURL *curls = NULL; + CURL *curl = NULL; CURLM *multi = NULL; CURLcode i = CURLE_OK; CURLcode res = CURLE_OK; @@ -37,14 +37,14 @@ static CURLcode test_lib3105(const char *URL) multi_init(multi); - easy_init(curls); + easy_init(curl); - easy_setopt(curls, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_URL, URL); - multi_add_handle(multi, curls); + multi_add_handle(multi, curl); - mc = curl_multi_remove_handle(multi, curls); - mc += curl_multi_remove_handle(multi, curls); + mc = curl_multi_remove_handle(multi, curl); + mc += curl_multi_remove_handle(multi, curl); if(mc) { curl_mfprintf(stderr, "%d was unexpected\n", mc); @@ -53,7 +53,7 @@ static CURLcode test_lib3105(const char *URL) test_cleanup: curl_multi_cleanup(multi); - curl_easy_cleanup(curls); + curl_easy_cleanup(curl); curl_global_cleanup(); if(res) diff --git a/tests/libtest/lib3207.c b/tests/libtest/lib3207.c index e3b50ff40f..316258c86e 100644 --- a/tests/libtest/lib3207.c +++ b/tests/libtest/lib3207.c @@ -115,19 +115,19 @@ test_cleanup: #if defined(USE_THREADS_POSIX) || defined(USE_THREADS_WIN32) -static void t3207_test_lock(CURL *handle, curl_lock_data data, +static void t3207_test_lock(CURL *curl, curl_lock_data data, curl_lock_access laccess, void *useptr) { curl_mutex_t *mutexes = (curl_mutex_t*) useptr; - (void)handle; + (void)curl; (void)laccess; Curl_mutex_acquire(&mutexes[data]); } -static void t3207_test_unlock(CURL *handle, curl_lock_data data, void *useptr) +static void t3207_test_unlock(CURL *curl, curl_lock_data data, void *useptr) { curl_mutex_t *mutexes = (curl_mutex_t*) useptr; - (void)handle; + (void)curl; Curl_mutex_release(&mutexes[data]); } diff --git a/tests/libtest/lib502.c b/tests/libtest/lib502.c index 9a51267aae..c33783ea68 100644 --- a/tests/libtest/lib502.c +++ b/tests/libtest/lib502.c @@ -31,8 +31,8 @@ static CURLcode test_lib502(const char *URL) { - CURL *c = NULL; - CURLM *m = NULL; + CURL *curl = NULL; + CURLM *multi = NULL; CURLcode res = CURLE_OK; int running; @@ -40,13 +40,13 @@ static CURLcode test_lib502(const char *URL) global_init(CURL_GLOBAL_ALL); - easy_init(c); + easy_init(curl); - easy_setopt(c, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_URL, URL); - multi_init(m); + multi_init(multi); - multi_add_handle(m, c); + multi_add_handle(multi, curl); for(;;) { struct timeval timeout; @@ -56,7 +56,7 @@ static CURLcode test_lib502(const char *URL) timeout.tv_sec = 0; timeout.tv_usec = 100000L; /* 100 ms */ - multi_perform(m, &running); + multi_perform(multi, &running); abort_on_test_timeout(); @@ -67,7 +67,7 @@ static CURLcode test_lib502(const char *URL) FD_ZERO(&fdwrite); FD_ZERO(&fdexcep); - multi_fdset(m, &fdread, &fdwrite, &fdexcep, &maxfd); + multi_fdset(multi, &fdread, &fdwrite, &fdexcep, &maxfd); /* At this point, maxfd is guaranteed to be greater or equal than -1. */ @@ -80,9 +80,9 @@ test_cleanup: /* proper cleanup sequence - type PA */ - curl_multi_remove_handle(m, c); - curl_multi_cleanup(m); - curl_easy_cleanup(c); + curl_multi_remove_handle(multi, curl); + curl_multi_cleanup(multi); + curl_easy_cleanup(curl); curl_global_cleanup(); return res; diff --git a/tests/libtest/lib503.c b/tests/libtest/lib503.c index f7529d47b7..34a6105bf7 100644 --- a/tests/libtest/lib503.c +++ b/tests/libtest/lib503.c @@ -35,8 +35,8 @@ static CURLcode test_lib503(const char *URL) { - CURL *c = NULL; - CURLM *m = NULL; + CURL *curl = NULL; + CURLM *multi = NULL; CURLcode res = CURLE_OK; int running; @@ -44,20 +44,20 @@ static CURLcode test_lib503(const char *URL) global_init(CURL_GLOBAL_ALL); - easy_init(c); + easy_init(curl); - easy_setopt(c, CURLOPT_PROXY, libtest_arg2); /* set in first.c */ - easy_setopt(c, CURLOPT_URL, URL); - easy_setopt(c, CURLOPT_USERPWD, "test:ing"); - easy_setopt(c, CURLOPT_PROXYUSERNAME, "test%20"); - easy_setopt(c, CURLOPT_PROXYPASSWORD, "ing%41"); - easy_setopt(c, CURLOPT_HTTPPROXYTUNNEL, 1L); - easy_setopt(c, CURLOPT_HEADER, 1L); - easy_setopt(c, CURLOPT_VERBOSE, 1L); + easy_setopt(curl, CURLOPT_PROXY, libtest_arg2); /* set in first.c */ + easy_setopt(curl, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_USERPWD, "test:ing"); + easy_setopt(curl, CURLOPT_PROXYUSERNAME, "test%20"); + easy_setopt(curl, CURLOPT_PROXYPASSWORD, "ing%41"); + easy_setopt(curl, CURLOPT_HTTPPROXYTUNNEL, 1L); + easy_setopt(curl, CURLOPT_HEADER, 1L); + easy_setopt(curl, CURLOPT_VERBOSE, 1L); - multi_init(m); + multi_init(multi); - multi_add_handle(m, c); + multi_add_handle(multi, curl); for(;;) { struct timeval interval; @@ -67,7 +67,7 @@ static CURLcode test_lib503(const char *URL) interval.tv_sec = 1; interval.tv_usec = 0; - multi_perform(m, &running); + multi_perform(multi, &running); abort_on_test_timeout(); @@ -78,7 +78,7 @@ static CURLcode test_lib503(const char *URL) FD_ZERO(&wr); FD_ZERO(&exc); - multi_fdset(m, &rd, &wr, &exc, &maxfd); + multi_fdset(multi, &rd, &wr, &exc, &maxfd); /* At this point, maxfd is guaranteed to be greater or equal than -1. */ @@ -91,9 +91,9 @@ test_cleanup: /* proper cleanup sequence - type PA */ - curl_multi_remove_handle(m, c); - curl_multi_cleanup(m); - curl_easy_cleanup(c); + curl_multi_remove_handle(multi, curl); + curl_multi_cleanup(multi); + curl_easy_cleanup(curl); curl_global_cleanup(); return res; diff --git a/tests/libtest/lib504.c b/tests/libtest/lib504.c index 07b46345bb..fa9338f262 100644 --- a/tests/libtest/lib504.c +++ b/tests/libtest/lib504.c @@ -34,9 +34,9 @@ */ static CURLcode test_lib504(const char *URL) { - CURL *c = NULL; + CURL *curl = NULL; CURLcode res = CURLE_OK; - CURLM *m = NULL; + CURLM *multi = NULL; fd_set rd, wr, exc; int running; @@ -44,18 +44,18 @@ static CURLcode test_lib504(const char *URL) global_init(CURL_GLOBAL_ALL); - easy_init(c); + easy_init(curl); /* The point here is that there must not be anything running on the given proxy port */ if(libtest_arg2) - easy_setopt(c, CURLOPT_PROXY, libtest_arg2); - easy_setopt(c, CURLOPT_URL, URL); - easy_setopt(c, CURLOPT_VERBOSE, 1L); + easy_setopt(curl, CURLOPT_PROXY, libtest_arg2); + easy_setopt(curl, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_VERBOSE, 1L); - multi_init(m); + multi_init(multi); - multi_add_handle(m, c); + multi_add_handle(multi, curl); for(;;) { struct timeval interval; @@ -66,12 +66,12 @@ static CURLcode test_lib504(const char *URL) curl_mfprintf(stderr, "curl_multi_perform()\n"); - multi_perform(m, &running); + multi_perform(multi, &running); while(running) { CURLMcode mres; int num; - mres = curl_multi_wait(m, NULL, 0, TEST_HANG_TIMEOUT, &num); + mres = curl_multi_wait(multi, NULL, 0, TEST_HANG_TIMEOUT, &num); if(mres != CURLM_OK) { curl_mprintf("curl_multi_wait() returned %d\n", mres); res = TEST_ERR_MAJOR_BAD; @@ -79,7 +79,7 @@ static CURLcode test_lib504(const char *URL) } abort_on_test_timeout(); - multi_perform(m, &running); + multi_perform(multi, &running); abort_on_test_timeout(); } @@ -88,7 +88,7 @@ static CURLcode test_lib504(const char *URL) if(!running) { /* This is where this code is expected to reach */ int numleft; - CURLMsg *msg = curl_multi_info_read(m, &numleft); + CURLMsg *msg = curl_multi_info_read(multi, &numleft); curl_mfprintf(stderr, "Expected: not running\n"); if(msg && !numleft) res = TEST_ERR_SUCCESS; /* this is where we should be */ @@ -104,7 +104,7 @@ static CURLcode test_lib504(const char *URL) curl_mfprintf(stderr, "curl_multi_fdset()\n"); - multi_fdset(m, &rd, &wr, &exc, &maxfd); + multi_fdset(multi, &rd, &wr, &exc, &maxfd); /* At this point, maxfd is guaranteed to be greater or equal than -1. */ @@ -117,9 +117,9 @@ test_cleanup: /* proper cleanup sequence - type PA */ - curl_multi_remove_handle(m, c); - curl_multi_cleanup(m); - curl_easy_cleanup(c); + curl_multi_remove_handle(multi, curl); + curl_multi_cleanup(multi); + curl_easy_cleanup(curl); curl_global_cleanup(); return res; diff --git a/tests/libtest/lib506.c b/tests/libtest/lib506.c index 4b6eb05f81..7971fbeb17 100644 --- a/tests/libtest/lib506.c +++ b/tests/libtest/lib506.c @@ -42,14 +42,14 @@ struct t506_userdata { static int locks[3]; /* lock callback */ -static void t506_test_lock(CURL *handle, curl_lock_data data, +static void t506_test_lock(CURL *curl, curl_lock_data data, curl_lock_access laccess, void *useptr) { const char *what; struct t506_userdata *user = (struct t506_userdata *)useptr; int locknum; - (void)handle; + (void)curl; (void)laccess; switch(data) { @@ -82,12 +82,12 @@ static void t506_test_lock(CURL *handle, curl_lock_data data, } /* unlock callback */ -static void t506_test_unlock(CURL *handle, curl_lock_data data, void *useptr) +static void t506_test_unlock(CURL *curl, curl_lock_data data, void *useptr) { const char *what; struct t506_userdata *user = (struct t506_userdata *)useptr; int locknum; - (void)handle; + (void)curl; switch(data) { case CURL_LOCK_DATA_SHARE: what = "share"; diff --git a/tests/libtest/lib507.c b/tests/libtest/lib507.c index de23b02f0a..9a306d39a6 100644 --- a/tests/libtest/lib507.c +++ b/tests/libtest/lib507.c @@ -27,7 +27,7 @@ static CURLcode test_lib507(const char *URL) { - CURL *curls = NULL; + CURL *curl = NULL; CURLM *multi = NULL; int still_running; CURLcode i = TEST_ERR_MAJOR_BAD; @@ -40,12 +40,12 @@ static CURLcode test_lib507(const char *URL) multi_init(multi); - easy_init(curls); + easy_init(curl); - easy_setopt(curls, CURLOPT_URL, URL); - easy_setopt(curls, CURLOPT_HEADER, 1L); + easy_setopt(curl, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_HEADER, 1L); - multi_add_handle(multi, curls); + multi_add_handle(multi, curl); multi_perform(multi, &still_running); @@ -88,7 +88,7 @@ test_cleanup: /* undocumented cleanup sequence - type UA */ curl_multi_cleanup(multi); - curl_easy_cleanup(curls); + curl_easy_cleanup(curl); curl_global_cleanup(); if(res) diff --git a/tests/libtest/lib525.c b/tests/libtest/lib525.c index 55224eb76e..4c33973ec9 100644 --- a/tests/libtest/lib525.c +++ b/tests/libtest/lib525.c @@ -33,7 +33,7 @@ static CURLcode test_lib525(const char *URL) FILE *hd_src = NULL; int hd; struct_stat file_info; - CURLM *m = NULL; + CURLM *multi = NULL; int running; start_test_timing(); @@ -101,9 +101,9 @@ static CURLcode test_lib525(const char *URL) make sure that to pass in a type 'long' argument. */ easy_setopt(curl, CURLOPT_INFILESIZE_LARGE, (curl_off_t)file_info.st_size); - multi_init(m); + multi_init(multi); - multi_add_handle(m, curl); + multi_add_handle(multi, curl); for(;;) { struct timeval interval; @@ -113,7 +113,7 @@ static CURLcode test_lib525(const char *URL) interval.tv_sec = 1; interval.tv_usec = 0; - multi_perform(m, &running); + multi_perform(multi, &running); abort_on_test_timeout(); @@ -124,7 +124,7 @@ static CURLcode test_lib525(const char *URL) FD_ZERO(&wr); FD_ZERO(&exc); - multi_fdset(m, &rd, &wr, &exc, &maxfd); + multi_fdset(multi, &rd, &wr, &exc, &maxfd); /* At this point, maxfd is guaranteed to be greater or equal than -1. */ @@ -137,16 +137,16 @@ test_cleanup: if(testnum == 529) { /* proper cleanup sequence - type PA */ - curl_multi_remove_handle(m, curl); - curl_multi_cleanup(m); + curl_multi_remove_handle(multi, curl); + curl_multi_cleanup(multi); curl_easy_cleanup(curl); curl_global_cleanup(); } else { /* testnum == 525 */ /* proper cleanup sequence - type PB */ - curl_multi_remove_handle(m, curl); + curl_multi_remove_handle(multi, curl); curl_easy_cleanup(curl); - curl_multi_cleanup(m); + curl_multi_cleanup(multi); curl_global_cleanup(); } diff --git a/tests/libtest/lib526.c b/tests/libtest/lib526.c index 963181713b..6f586c5a3e 100644 --- a/tests/libtest/lib526.c +++ b/tests/libtest/lib526.c @@ -49,7 +49,7 @@ static CURLcode test_lib526(const char *URL) CURLcode res = CURLE_OK; CURL *curl[NUM_HANDLES]; int running; - CURLM *m = NULL; + CURLM *multi = NULL; size_t current = 0; size_t i; @@ -69,9 +69,9 @@ static CURLcode test_lib526(const char *URL) easy_setopt(curl[i], CURLOPT_VERBOSE, 1L); } - multi_init(m); + multi_init(multi); - multi_add_handle(m, curl[current]); + multi_add_handle(multi, curl[current]); curl_mfprintf(stderr, "Start at URL 0\n"); @@ -83,7 +83,7 @@ static CURLcode test_lib526(const char *URL) interval.tv_sec = 1; interval.tv_usec = 0; - multi_perform(m, &running); + multi_perform(multi, &running); abort_on_test_timeout(); @@ -99,7 +99,7 @@ static CURLcode test_lib526(const char *URL) curl_mfprintf(stderr, "Advancing to URL %zu\n", current); if(testnum == 532) { /* first remove the only handle we use */ - curl_multi_remove_handle(m, curl[0]); + curl_multi_remove_handle(multi, curl[0]); /* make us reuse the same handle all the time, and try resetting the handle first too */ @@ -109,10 +109,10 @@ static CURLcode test_lib526(const char *URL) easy_setopt(curl[0], CURLOPT_VERBOSE, 1L); /* re-add it */ - multi_add_handle(m, curl[0]); + multi_add_handle(multi, curl[0]); } else { - multi_add_handle(m, curl[current]); + multi_add_handle(multi, curl[current]); } } else { @@ -124,7 +124,7 @@ static CURLcode test_lib526(const char *URL) FD_ZERO(&wr); FD_ZERO(&exc); - multi_fdset(m, &rd, &wr, &exc, &maxfd); + multi_fdset(multi, &rd, &wr, &exc, &maxfd); /* At this point, maxfd is guaranteed to be greater or equal than -1. */ @@ -139,10 +139,10 @@ test_cleanup: /* proper cleanup sequence - type PB */ for(i = 0; i < CURL_ARRAYSIZE(curl); i++) { - curl_multi_remove_handle(m, curl[i]); + curl_multi_remove_handle(multi, curl[i]); curl_easy_cleanup(curl[i]); } - curl_multi_cleanup(m); + curl_multi_cleanup(multi); curl_global_cleanup(); } else if(testnum == 527) { @@ -155,7 +155,7 @@ test_cleanup: for(i = 0; i < CURL_ARRAYSIZE(curl); i++) curl_easy_cleanup(curl[i]); - curl_multi_cleanup(m); + curl_multi_cleanup(multi); curl_global_cleanup(); } @@ -164,7 +164,7 @@ test_cleanup: for(i = 0; i < CURL_ARRAYSIZE(curl); i++) curl_easy_cleanup(curl[i]); - curl_multi_cleanup(m); + curl_multi_cleanup(multi); curl_global_cleanup(); } diff --git a/tests/libtest/lib530.c b/tests/libtest/lib530.c index 7d8cc3cbcb..5558487122 100644 --- a/tests/libtest/lib530.c +++ b/tests/libtest/lib530.c @@ -131,12 +131,12 @@ static int t530_addFd(struct t530_Sockets *sockets, curl_socket_t fd, /** * Callback invoked by curl to poll reading / writing of a socket. */ -static int t530_curlSocketCallback(CURL *easy, curl_socket_t s, int action, +static int t530_curlSocketCallback(CURL *curl, curl_socket_t s, int action, void *userp, void *socketp) { struct t530_ReadWriteSockets *sockets = userp; - (void)easy; + (void)curl; (void)socketp; t530_ctx.socket_calls++; @@ -189,13 +189,13 @@ static int t530_curlTimerCallback(CURLM *multi, long timeout_ms, void *userp) /** * Check for curl completion. */ -static int t530_checkForCompletion(CURLM *curl, int *success) +static int t530_checkForCompletion(CURLM *multi, int *success) { int result = 0; *success = 0; while(1) { int numMessages; - CURLMsg *message = curl_multi_info_read(curl, &numMessages); + CURLMsg *message = curl_multi_info_read(multi, &numMessages); if(!message) break; if(message->msg == CURLMSG_DONE) { @@ -250,11 +250,12 @@ static void t530_updateFdSet(struct t530_Sockets *sockets, fd_set* fdset, } } -static CURLMcode socket_action(CURLM *curl, curl_socket_t s, int evBitmask, +static CURLMcode socket_action(CURLM *multi, curl_socket_t s, int evBitmask, const char *info) { int numhandles = 0; - CURLMcode result = curl_multi_socket_action(curl, s, evBitmask, &numhandles); + CURLMcode result = curl_multi_socket_action(multi, s, evBitmask, + &numhandles); if(result != CURLM_OK) { curl_mfprintf(stderr, "%s Curl error on %s (%i) %s\n", t530_tag(), info, result, curl_multi_strerror(result)); @@ -265,7 +266,7 @@ static CURLMcode socket_action(CURLM *curl, curl_socket_t s, int evBitmask, /** * Invoke curl when a file descriptor is set. */ -static CURLMcode t530_checkFdSet(CURLM *curl, struct t530_Sockets *sockets, +static CURLMcode t530_checkFdSet(CURLM *multi, struct t530_Sockets *sockets, fd_set *fdset, int evBitmask, const char *name) { @@ -273,7 +274,7 @@ static CURLMcode t530_checkFdSet(CURLM *curl, struct t530_Sockets *sockets, CURLMcode result = CURLM_OK; for(i = 0; i < sockets->count; ++i) { if(FD_ISSET(sockets->sockets[i], fdset)) { - result = socket_action(curl, sockets->sockets[i], evBitmask, name); + result = socket_action(multi, sockets->sockets[i], evBitmask, name); if(result) break; } @@ -284,7 +285,8 @@ static CURLMcode t530_checkFdSet(CURLM *curl, struct t530_Sockets *sockets, static CURLcode testone(const char *URL, int timer_fail_at, int socket_fail_at) { CURLcode res = CURLE_OK; - CURL *curl = NULL; CURLM *m = NULL; + CURL *curl = NULL; + CURLM *multi = NULL; struct t530_ReadWriteSockets sockets = {{NULL, 0, 0}, {NULL, 0, 0}}; int success = 0; struct curltime timeout = {0}; @@ -310,22 +312,22 @@ static CURLcode testone(const char *URL, int timer_fail_at, int socket_fail_at) /* go verbose */ easy_setopt(curl, CURLOPT_VERBOSE, 1L); - multi_init(m); + multi_init(multi); - multi_setopt(m, CURLMOPT_SOCKETFUNCTION, t530_curlSocketCallback); - multi_setopt(m, CURLMOPT_SOCKETDATA, &sockets); + multi_setopt(multi, CURLMOPT_SOCKETFUNCTION, t530_curlSocketCallback); + multi_setopt(multi, CURLMOPT_SOCKETDATA, &sockets); - multi_setopt(m, CURLMOPT_TIMERFUNCTION, t530_curlTimerCallback); - multi_setopt(m, CURLMOPT_TIMERDATA, &timeout); + multi_setopt(multi, CURLMOPT_TIMERFUNCTION, t530_curlTimerCallback); + multi_setopt(multi, CURLMOPT_TIMERDATA, &timeout); - multi_add_handle(m, curl); + multi_add_handle(multi, curl); - if(socket_action(m, CURL_SOCKET_TIMEOUT, 0, "timeout")) { + if(socket_action(multi, CURL_SOCKET_TIMEOUT, 0, "timeout")) { res = TEST_ERR_MAJOR_BAD; goto test_cleanup; } - while(!t530_checkForCompletion(m, &success)) { + while(!t530_checkForCompletion(multi, &success)) { fd_set readSet, writeSet; curl_socket_t maxFd = 0; struct timeval tv = {0}; @@ -350,12 +352,12 @@ static CURLcode testone(const char *URL, int timer_fail_at, int socket_fail_at) select_test((int)maxFd, &readSet, &writeSet, NULL, &tv); /* Check the sockets for reading / writing */ - if(t530_checkFdSet(m, &sockets.read, &readSet, CURL_CSELECT_IN, + if(t530_checkFdSet(multi, &sockets.read, &readSet, CURL_CSELECT_IN, "read")) { res = TEST_ERR_MAJOR_BAD; goto test_cleanup; } - if(t530_checkFdSet(m, &sockets.write, &writeSet, CURL_CSELECT_OUT, + if(t530_checkFdSet(multi, &sockets.write, &writeSet, CURL_CSELECT_OUT, "write")) { res = TEST_ERR_MAJOR_BAD; goto test_cleanup; @@ -364,7 +366,7 @@ static CURLcode testone(const char *URL, int timer_fail_at, int socket_fail_at) if(timeout.tv_sec != (time_t)-1 && t530_getMicroSecondTimeout(&timeout) == 0) { /* Curl's timer has elapsed. */ - if(socket_action(m, CURL_SOCKET_TIMEOUT, 0, "timeout")) { + if(socket_action(multi, CURL_SOCKET_TIMEOUT, 0, "timeout")) { res = TEST_ERR_BAD_TIMEOUT; goto test_cleanup; } @@ -382,9 +384,9 @@ test_cleanup: /* proper cleanup sequence */ t530_msg("cleanup"); - curl_multi_remove_handle(m, curl); + curl_multi_remove_handle(multi, curl); curl_easy_cleanup(curl); - curl_multi_cleanup(m); + curl_multi_cleanup(multi); curl_global_cleanup(); /* free local memory */ diff --git a/tests/libtest/lib533.c b/tests/libtest/lib533.c index adba324f66..8f3b0f1474 100644 --- a/tests/libtest/lib533.c +++ b/tests/libtest/lib533.c @@ -32,7 +32,7 @@ static CURLcode test_lib533(const char *URL) CURLcode res = CURLE_OK; CURL *curl = NULL; int running; - CURLM *m = NULL; + CURLM *multi = NULL; int current = 0; start_test_timing(); @@ -45,9 +45,9 @@ static CURLcode test_lib533(const char *URL) easy_setopt(curl, CURLOPT_VERBOSE, 1L); easy_setopt(curl, CURLOPT_FAILONERROR, 1L); - multi_init(m); + multi_init(multi); - multi_add_handle(m, curl); + multi_add_handle(multi, curl); curl_mfprintf(stderr, "Start at URL 0\n"); @@ -59,7 +59,7 @@ static CURLcode test_lib533(const char *URL) interval.tv_sec = 1; interval.tv_usec = 0; - multi_perform(m, &running); + multi_perform(multi, &running); abort_on_test_timeout(); @@ -67,7 +67,7 @@ static CURLcode test_lib533(const char *URL) if(!current++) { curl_mfprintf(stderr, "Advancing to URL 1\n"); /* remove the handle we use */ - curl_multi_remove_handle(m, curl); + curl_multi_remove_handle(multi, curl); /* make us reuse the same handle all the time, and try resetting the handle first too */ @@ -77,7 +77,7 @@ static CURLcode test_lib533(const char *URL) easy_setopt(curl, CURLOPT_FAILONERROR, 1L); /* re-add it */ - multi_add_handle(m, curl); + multi_add_handle(multi, curl); } else break; /* done */ @@ -87,7 +87,7 @@ static CURLcode test_lib533(const char *URL) FD_ZERO(&wr); FD_ZERO(&exc); - multi_fdset(m, &rd, &wr, &exc, &maxfd); + multi_fdset(multi, &rd, &wr, &exc, &maxfd); /* At this point, maxfd is guaranteed to be greater or equal than -1. */ @@ -101,7 +101,7 @@ test_cleanup: /* undocumented cleanup sequence - type UB */ curl_easy_cleanup(curl); - curl_multi_cleanup(m); + curl_multi_cleanup(multi); curl_global_cleanup(); return res; diff --git a/tests/libtest/lib540.c b/tests/libtest/lib540.c index f544dec48d..9eb7e407c0 100644 --- a/tests/libtest/lib540.c +++ b/tests/libtest/lib540.c @@ -34,48 +34,49 @@ #include "memdebug.h" -static CURL *testeh[2]; +static CURL *t540_curl[2]; -static CURLcode init(int num, CURLM *cm, const char *url, const char *userpwd, - struct curl_slist *headers) +static CURLcode init(int num, CURLM *multi, const char *url, + const char *userpwd, struct curl_slist *headers) { CURLcode res = CURLE_OK; const char *proxy = libtest_arg2; - res_easy_init(testeh[num]); + res_easy_init(t540_curl[num]); if(res) goto init_failed; - res_easy_setopt(testeh[num], CURLOPT_URL, url); + res_easy_setopt(t540_curl[num], CURLOPT_URL, url); if(res) goto init_failed; - res_easy_setopt(testeh[num], CURLOPT_PROXY, proxy); + res_easy_setopt(t540_curl[num], CURLOPT_PROXY, proxy); if(res) goto init_failed; - res_easy_setopt(testeh[num], CURLOPT_PROXYUSERPWD, userpwd); + res_easy_setopt(t540_curl[num], CURLOPT_PROXYUSERPWD, userpwd); if(res) goto init_failed; - res_easy_setopt(testeh[num], CURLOPT_PROXYAUTH, CURLAUTH_ANY); + res_easy_setopt(t540_curl[num], CURLOPT_PROXYAUTH, CURLAUTH_ANY); if(res) goto init_failed; - res_easy_setopt(testeh[num], CURLOPT_VERBOSE, 1L); + res_easy_setopt(t540_curl[num], CURLOPT_VERBOSE, 1L); if(res) goto init_failed; - res_easy_setopt(testeh[num], CURLOPT_HEADER, 1L); + res_easy_setopt(t540_curl[num], CURLOPT_HEADER, 1L); if(res) goto init_failed; - res_easy_setopt(testeh[num], CURLOPT_HTTPHEADER, headers); /* custom Host: */ + /* custom Host: */ + res_easy_setopt(t540_curl[num], CURLOPT_HTTPHEADER, headers); if(res) goto init_failed; - res_multi_add_handle(cm, testeh[num]); + res_multi_add_handle(multi, t540_curl[num]); if(res) goto init_failed; @@ -83,14 +84,14 @@ static CURLcode init(int num, CURLM *cm, const char *url, const char *userpwd, init_failed: - curl_easy_cleanup(testeh[num]); - testeh[num] = NULL; + curl_easy_cleanup(t540_curl[num]); + t540_curl[num] = NULL; return res; /* failure */ } -static CURLcode loop(int num, CURLM *cm, const char *url, const char *userpwd, - struct curl_slist *headers) +static CURLcode loop(int num, CURLM *multi, const char *url, + const char *userpwd, struct curl_slist *headers) { CURLMsg *msg; long L; @@ -99,7 +100,7 @@ static CURLcode loop(int num, CURLM *cm, const char *url, const char *userpwd, struct timeval T; CURLcode res = CURLE_OK; - res = init(num, cm, url, userpwd, headers); + res = init(num, multi, url, userpwd, headers); if(res) return res; @@ -107,7 +108,7 @@ static CURLcode loop(int num, CURLM *cm, const char *url, const char *userpwd, int M = -99; - res_multi_perform(cm, &U); + res_multi_perform(multi, &U); if(res) return res; @@ -120,13 +121,13 @@ static CURLcode loop(int num, CURLM *cm, const char *url, const char *userpwd, FD_ZERO(&W); FD_ZERO(&E); - res_multi_fdset(cm, &R, &W, &E, &M); + res_multi_fdset(multi, &R, &W, &E, &M); if(res) return res; /* At this point, M is guaranteed to be greater or equal than -1. */ - res_multi_timeout(cm, &L); + res_multi_timeout(multi, &L); if(res) return res; @@ -153,19 +154,19 @@ static CURLcode loop(int num, CURLM *cm, const char *url, const char *userpwd, } while(1) { - msg = curl_multi_info_read(cm, &Q); + msg = curl_multi_info_read(multi, &Q); if(!msg) break; if(msg->msg == CURLMSG_DONE) { size_t i; - CURL *e = msg->easy_handle; + CURL *curl = msg->easy_handle; curl_mfprintf(stderr, "R: %d - %s\n", msg->data.result, curl_easy_strerror(msg->data.result)); - curl_multi_remove_handle(cm, e); - curl_easy_cleanup(e); - for(i = 0; i < CURL_ARRAYSIZE(testeh); i++) { - if(testeh[i] == e) { - testeh[i] = NULL; + curl_multi_remove_handle(multi, curl); + curl_easy_cleanup(curl); + for(i = 0; i < CURL_ARRAYSIZE(t540_curl); i++) { + if(t540_curl[i] == curl) { + t540_curl[i] = NULL; break; } } @@ -184,7 +185,7 @@ static CURLcode loop(int num, CURLM *cm, const char *url, const char *userpwd, static CURLcode test_lib540(const char *URL) { - CURLM *cm = NULL; + CURLM *multi = NULL; struct curl_slist *headers = NULL; char buffer[246]; /* naively fixed-size */ CURLcode res = CURLE_OK; @@ -193,8 +194,8 @@ static CURLcode test_lib540(const char *URL) const char *proxyuserpws = libtest_arg3; const char *host; - for(i = 0; i < CURL_ARRAYSIZE(testeh); i++) - testeh[i] = NULL; + for(i = 0; i < CURL_ARRAYSIZE(t540_curl); i++) + t540_curl[i] = NULL; start_test_timing(); @@ -217,31 +218,31 @@ static CURLcode test_lib540(const char *URL) return res; } - res_multi_init(cm); + res_multi_init(multi); if(res) { curl_global_cleanup(); curl_slist_free_all(headers); return res; } - res = loop(0, cm, URL, proxyuserpws, headers); + res = loop(0, multi, URL, proxyuserpws, headers); if(res) goto test_cleanup; curl_mfprintf(stderr, "lib540: now we do the request again\n"); - res = loop(1, cm, URL, proxyuserpws, headers); + res = loop(1, multi, URL, proxyuserpws, headers); test_cleanup: /* proper cleanup sequence - type PB */ - for(i = 0; i < CURL_ARRAYSIZE(testeh); i++) { - curl_multi_remove_handle(cm, testeh[i]); - curl_easy_cleanup(testeh[i]); + for(i = 0; i < CURL_ARRAYSIZE(t540_curl); i++) { + curl_multi_remove_handle(multi, t540_curl[i]); + curl_easy_cleanup(t540_curl[i]); } - curl_multi_cleanup(cm); + curl_multi_cleanup(multi); curl_global_cleanup(); curl_slist_free_all(headers); diff --git a/tests/libtest/lib543.c b/tests/libtest/lib543.c index d3653dbccd..579a71a611 100644 --- a/tests/libtest/lib543.c +++ b/tests/libtest/lib543.c @@ -34,37 +34,37 @@ static CURLcode test_lib543(const char *URL) 0xe0, 0xd8, 0x7c, 0x20, 0xb7, 0xef, 0x53, 0x29, 0xfa, 0x1d, 0x57, 0xe1}; - CURL *easy; + CURL *curl; CURLcode res = CURLE_OK; (void)URL; global_init(CURL_GLOBAL_ALL); - easy = curl_easy_init(); - if(!easy) { + curl = curl_easy_init(); + if(!curl) { curl_mfprintf(stderr, "curl_easy_init() failed\n"); res = TEST_ERR_MAJOR_BAD; } else { int asize = (int)sizeof(a); - char *s = curl_easy_escape(easy, (const char *)a, asize); + char *s = curl_easy_escape(curl, (const char *)a, asize); if(s) { curl_mprintf("%s\n", s); curl_free(s); } - s = curl_easy_escape(easy, "", 0); + s = curl_easy_escape(curl, "", 0); if(s) { curl_mprintf("IN: '' OUT: '%s'\n", s); curl_free(s); } - s = curl_easy_escape(easy, " 123", 3); + s = curl_easy_escape(curl, " 123", 3); if(s) { curl_mprintf("IN: ' 12' OUT: '%s'\n", s); curl_free(s); } - curl_easy_cleanup(easy); + curl_easy_cleanup(curl); } curl_global_cleanup(); diff --git a/tests/libtest/lib544.c b/tests/libtest/lib544.c index c49a8e54b8..d0ed914051 100644 --- a/tests/libtest/lib544.c +++ b/tests/libtest/lib544.c @@ -67,11 +67,11 @@ static CURLcode test_lib544(const char *URL) strcpy(teststring, "FAIL"); { - CURL *handle2; - handle2 = curl_easy_duphandle(curl); + CURL *curl2; + curl2 = curl_easy_duphandle(curl); curl_easy_cleanup(curl); - curl = handle2; + curl = curl2; } /* Now, this is a POST request with binary 0 embedded in POST data. */ diff --git a/tests/libtest/lib547.c b/tests/libtest/lib547.c index 6114d57aab..9184d933a8 100644 --- a/tests/libtest/lib547.c +++ b/tests/libtest/lib547.c @@ -53,10 +53,10 @@ static size_t t547_read_cb(char *ptr, size_t size, size_t nmemb, void *clientp) return 0; } -static curlioerr t547_ioctl_callback(CURL *handle, int cmd, void *clientp) +static curlioerr t547_ioctl_callback(CURL *curl, int cmd, void *clientp) { int *counter = (int *)clientp; - (void)handle; + (void)curl; if(cmd == CURLIOCMD_RESTARTREAD) { curl_mfprintf(stderr, "REWIND!\n"); *counter = 0; /* clear counter to make the read callback restart */ diff --git a/tests/libtest/lib552.c b/tests/libtest/lib552.c index 198ba6aa88..3d5b09c1ec 100644 --- a/tests/libtest/lib552.c +++ b/tests/libtest/lib552.c @@ -54,7 +54,7 @@ static size_t t552_write_cb(char *ptr, size_t size, size_t nmemb, void *stream) return amount; } -static curlioerr ioctl_callback(CURL *handle, int cmd, void *clientp) +static curlioerr ioctl_callback(CURL *curl, int cmd, void *clientp) { (void)clientp; if(cmd == CURLIOCMD_RESTARTREAD) { @@ -63,7 +63,7 @@ static curlioerr ioctl_callback(CURL *handle, int cmd, void *clientp) current_offset = 0; return CURLIOE_OK; } - (void)handle; + (void)curl; return CURLIOE_UNKNOWNCMD; } diff --git a/tests/libtest/lib555.c b/tests/libtest/lib555.c index fe3b692117..19e0480e2a 100644 --- a/tests/libtest/lib555.c +++ b/tests/libtest/lib555.c @@ -57,10 +57,10 @@ static size_t t555_read_cb(char *ptr, size_t size, size_t nmemb, void *clientp) return 0; } -static curlioerr t555_ioctl_callback(CURL *handle, int cmd, void *clientp) +static curlioerr t555_ioctl_callback(CURL *curl, int cmd, void *clientp) { int *counter = (int *)clientp; - (void)handle; + (void)curl; if(cmd == CURLIOCMD_RESTARTREAD) { curl_mfprintf(stderr, "REWIND!\n"); *counter = 0; /* clear counter to make the read callback restart */ @@ -73,7 +73,7 @@ static CURLcode test_lib555(const char *URL) CURLcode res = CURLE_OK; CURL *curl = NULL; int counter = 0; - CURLM *m = NULL; + CURLM *multi = NULL; int running = 1; start_test_timing(); @@ -102,9 +102,9 @@ static CURLcode test_lib555(const char *URL) easy_setopt(curl, CURLOPT_PROXYAUTH, CURLAUTH_BASIC | CURLAUTH_DIGEST | CURLAUTH_NTLM); - multi_init(m); + multi_init(multi); - multi_add_handle(m, curl); + multi_add_handle(multi, curl); while(running) { struct timeval timeout; @@ -114,7 +114,7 @@ static CURLcode test_lib555(const char *URL) timeout.tv_sec = 0; timeout.tv_usec = 100000L; /* 100 ms */ - multi_perform(m, &running); + multi_perform(multi, &running); abort_on_test_timeout(); @@ -125,7 +125,7 @@ static CURLcode test_lib555(const char *URL) FD_ZERO(&fdwrite); FD_ZERO(&fdexcep); - multi_fdset(m, &fdread, &fdwrite, &fdexcep, &maxfd); + multi_fdset(multi, &fdread, &fdwrite, &fdexcep, &maxfd); /* At this point, maxfd is guaranteed to be greater or equal than -1. */ @@ -138,8 +138,8 @@ test_cleanup: /* proper cleanup sequence - type PA */ - curl_multi_remove_handle(m, curl); - curl_multi_cleanup(m); + curl_multi_remove_handle(multi, curl); + curl_multi_cleanup(multi); curl_easy_cleanup(curl); curl_global_cleanup(); diff --git a/tests/libtest/lib560.c b/tests/libtest/lib560.c index 060e27eea0..bbdb7990e4 100644 --- a/tests/libtest/lib560.c +++ b/tests/libtest/lib560.c @@ -37,8 +37,8 @@ */ static CURLcode test_lib560(const char *URL) { - CURL *http_handle = NULL; - CURLM *multi_handle = NULL; + CURL *curl = NULL; + CURLM *multi = NULL; CURLcode res = CURLE_OK; int still_running; /* keep number of running handles */ @@ -49,22 +49,22 @@ static CURLcode test_lib560(const char *URL) ** curl_global_init called indirectly from curl_easy_init. */ - easy_init(http_handle); + easy_init(curl); /* set options */ - easy_setopt(http_handle, CURLOPT_URL, URL); - easy_setopt(http_handle, CURLOPT_HEADER, 1L); - easy_setopt(http_handle, CURLOPT_SSL_VERIFYPEER, 0L); - easy_setopt(http_handle, CURLOPT_SSL_VERIFYHOST, 0L); + easy_setopt(curl, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_HEADER, 1L); + easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); + easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L); /* init a multi stack */ - multi_init(multi_handle); + multi_init(multi); /* add the individual transfers */ - multi_add_handle(multi_handle, http_handle); + multi_add_handle(multi, curl); /* we start some action by calling perform right away */ - multi_perform(multi_handle, &still_running); + multi_perform(multi, &still_running); abort_on_test_timeout(); @@ -85,7 +85,7 @@ static CURLcode test_lib560(const char *URL) timeout.tv_usec = 0; /* get file descriptors from the transfers */ - multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd); + multi_fdset(multi, &fdread, &fdwrite, &fdexcep, &maxfd); /* At this point, maxfd is guaranteed to be greater or equal than -1. */ @@ -94,7 +94,7 @@ static CURLcode test_lib560(const char *URL) abort_on_test_timeout(); /* timeout or readable/writable sockets */ - multi_perform(multi_handle, &still_running); + multi_perform(multi, &still_running); abort_on_test_timeout(); } @@ -103,8 +103,8 @@ test_cleanup: /* undocumented cleanup sequence - type UA */ - curl_multi_cleanup(multi_handle); - curl_easy_cleanup(http_handle); + curl_multi_cleanup(multi); + curl_easy_cleanup(curl); curl_global_cleanup(); return res; diff --git a/tests/libtest/lib564.c b/tests/libtest/lib564.c index 3fc8601504..b105fc710e 100644 --- a/tests/libtest/lib564.c +++ b/tests/libtest/lib564.c @@ -31,7 +31,7 @@ static CURLcode test_lib564(const char *URL) CURLcode res = CURLE_OK; CURL *curl = NULL; int running; - CURLM *m = NULL; + CURLM *multi = NULL; debug_config.nohex = TRUE; debug_config.tracetime = TRUE; @@ -49,9 +49,9 @@ static CURLcode test_lib564(const char *URL) easy_setopt(curl, CURLOPT_PROXY, libtest_arg2); easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS4); - multi_init(m); + multi_init(multi); - multi_add_handle(m, curl); + multi_add_handle(multi, curl); curl_mfprintf(stderr, "Start at URL 0\n"); @@ -63,7 +63,7 @@ static CURLcode test_lib564(const char *URL) interval.tv_sec = 1; interval.tv_usec = 0; - multi_perform(m, &running); + multi_perform(multi, &running); abort_on_test_timeout(); @@ -74,7 +74,7 @@ static CURLcode test_lib564(const char *URL) FD_ZERO(&wr); FD_ZERO(&exc); - multi_fdset(m, &rd, &wr, &exc, &maxfd); + multi_fdset(multi, &rd, &wr, &exc, &maxfd); /* At this point, maxfd is guaranteed to be greater or equal than -1. */ @@ -88,7 +88,7 @@ test_cleanup: /* undocumented cleanup sequence - type UB */ curl_easy_cleanup(curl); - curl_multi_cleanup(m); + curl_multi_cleanup(multi); curl_global_cleanup(); return res; diff --git a/tests/libtest/lib573.c b/tests/libtest/lib573.c index 572bfa0cd1..38612df7b5 100644 --- a/tests/libtest/lib573.c +++ b/tests/libtest/lib573.c @@ -32,8 +32,8 @@ static CURLcode test_lib573(const char *URL) { - CURL *c = NULL; - CURLM *m = NULL; + CURL *curl = NULL; + CURLM *multi = NULL; CURLcode res = CURLE_OK; int running = 1; double connect_time = 0.0; @@ -48,20 +48,20 @@ static CURLcode test_lib573(const char *URL) global_init(CURL_GLOBAL_ALL); - easy_init(c); + easy_init(curl); - easy_setopt(c, CURLOPT_HEADER, 1L); - easy_setopt(c, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_HEADER, 1L); + easy_setopt(curl, CURLOPT_URL, URL); debug_config.nohex = TRUE; debug_config.tracetime = TRUE; - easy_setopt(c, CURLOPT_DEBUGDATA, &debug_config); - easy_setopt(c, CURLOPT_DEBUGFUNCTION, libtest_debug_cb); - easy_setopt(c, CURLOPT_VERBOSE, 1L); + easy_setopt(curl, CURLOPT_DEBUGDATA, &debug_config); + easy_setopt(curl, CURLOPT_DEBUGFUNCTION, libtest_debug_cb); + easy_setopt(curl, CURLOPT_VERBOSE, 1L); - multi_init(m); + multi_init(multi); - multi_add_handle(m, c); + multi_add_handle(multi, curl); while(running) { struct timeval timeout; @@ -71,7 +71,7 @@ static CURLcode test_lib573(const char *URL) timeout.tv_sec = 0; timeout.tv_usec = 100000L; /* 100 ms */ - multi_perform(m, &running); + multi_perform(multi, &running); abort_on_test_timeout(); @@ -82,7 +82,7 @@ static CURLcode test_lib573(const char *URL) FD_ZERO(&fdwrite); FD_ZERO(&fdexcep); - multi_fdset(m, &fdread, &fdwrite, &fdexcep, &maxfd); + multi_fdset(multi, &fdread, &fdwrite, &fdexcep, &maxfd); /* At this point, maxfd is guaranteed to be greater or equal than -1. */ @@ -91,7 +91,7 @@ static CURLcode test_lib573(const char *URL) abort_on_test_timeout(); } - curl_easy_getinfo(c, CURLINFO_CONNECT_TIME, &connect_time); + curl_easy_getinfo(curl, CURLINFO_CONNECT_TIME, &connect_time); if(connect_time < dbl_epsilon) { curl_mfprintf(stderr, "connect time %e is < epsilon %e\n", connect_time, dbl_epsilon); @@ -102,9 +102,9 @@ test_cleanup: /* proper cleanup sequence - type PA */ - curl_multi_remove_handle(m, c); - curl_multi_cleanup(m); - curl_easy_cleanup(c); + curl_multi_remove_handle(multi, curl); + curl_multi_cleanup(multi); + curl_easy_cleanup(curl); curl_global_cleanup(); return res; diff --git a/tests/libtest/lib575.c b/tests/libtest/lib575.c index a0ac02f852..36efe6ef5a 100644 --- a/tests/libtest/lib575.c +++ b/tests/libtest/lib575.c @@ -33,9 +33,9 @@ static CURLcode test_lib575(const char *URL) { - CURL *handle = NULL; - CURL *duphandle = NULL; - CURLM *mhandle = NULL; + CURL *curl = NULL; + CURL *curldupe = NULL; + CURLM *multi = NULL; CURLcode res = CURLE_OK; int still_running = 0; @@ -43,31 +43,31 @@ static CURLcode test_lib575(const char *URL) global_init(CURL_GLOBAL_ALL); - easy_init(handle); + easy_init(curl); - easy_setopt(handle, CURLOPT_URL, URL); - easy_setopt(handle, CURLOPT_WILDCARDMATCH, 1L); - easy_setopt(handle, CURLOPT_VERBOSE, 1L); + easy_setopt(curl, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_WILDCARDMATCH, 1L); + easy_setopt(curl, CURLOPT_VERBOSE, 1L); - res = curl_easy_perform(handle); + res = curl_easy_perform(curl); if(res) goto test_cleanup; - res = curl_easy_perform(handle); + res = curl_easy_perform(curl); if(res) goto test_cleanup; - duphandle = curl_easy_duphandle(handle); - if(!duphandle) + curldupe = curl_easy_duphandle(curl); + if(!curldupe) goto test_cleanup; - curl_easy_cleanup(handle); - handle = duphandle; + curl_easy_cleanup(curl); + curl = curldupe; - multi_init(mhandle); + multi_init(multi); - multi_add_handle(mhandle, handle); + multi_add_handle(multi, curl); - multi_perform(mhandle, &still_running); + multi_perform(multi, &still_running); abort_on_test_timeout(); @@ -85,7 +85,7 @@ static CURLcode test_lib575(const char *URL) FD_ZERO(&fdwrite); FD_ZERO(&fdexcep); - multi_fdset(mhandle, &fdread, &fdwrite, &fdexcep, &maxfd); + multi_fdset(multi, &fdread, &fdwrite, &fdexcep, &maxfd); /* At this point, maxfd is guaranteed to be greater or equal than -1. */ @@ -93,7 +93,7 @@ static CURLcode test_lib575(const char *URL) abort_on_test_timeout(); - multi_perform(mhandle, &still_running); + multi_perform(multi, &still_running); abort_on_test_timeout(); } @@ -102,8 +102,8 @@ test_cleanup: /* undocumented cleanup sequence - type UA */ - curl_multi_cleanup(mhandle); - curl_easy_cleanup(handle); + curl_multi_cleanup(multi); + curl_easy_cleanup(curl); curl_global_cleanup(); return res; diff --git a/tests/libtest/lib576.c b/tests/libtest/lib576.c index a054dba3fa..11c0f76d13 100644 --- a/tests/libtest/lib576.c +++ b/tests/libtest/lib576.c @@ -98,27 +98,27 @@ static long chunk_end(void *ptr) static CURLcode test_lib576(const char *URL) { - CURL *handle = NULL; + CURL *curl = NULL; CURLcode res = CURLE_OK; struct chunk_data chunk_data = {0, 0}; curl_global_init(CURL_GLOBAL_ALL); - handle = curl_easy_init(); - if(!handle) { + curl = curl_easy_init(); + if(!curl) { res = CURLE_OUT_OF_MEMORY; goto test_cleanup; } - test_setopt(handle, CURLOPT_URL, URL); - test_setopt(handle, CURLOPT_WILDCARDMATCH, 1L); - test_setopt(handle, CURLOPT_CHUNK_BGN_FUNCTION, chunk_bgn); - test_setopt(handle, CURLOPT_CHUNK_END_FUNCTION, chunk_end); - test_setopt(handle, CURLOPT_CHUNK_DATA, &chunk_data); + test_setopt(curl, CURLOPT_URL, URL); + test_setopt(curl, CURLOPT_WILDCARDMATCH, 1L); + test_setopt(curl, CURLOPT_CHUNK_BGN_FUNCTION, chunk_bgn); + test_setopt(curl, CURLOPT_CHUNK_END_FUNCTION, chunk_end); + test_setopt(curl, CURLOPT_CHUNK_DATA, &chunk_data); - res = curl_easy_perform(handle); + res = curl_easy_perform(curl); test_cleanup: - if(handle) - curl_easy_cleanup(handle); + if(curl) + curl_easy_cleanup(curl); curl_global_cleanup(); return res; } diff --git a/tests/libtest/lib582.c b/tests/libtest/lib582.c index 187432ac0c..e013daedff 100644 --- a/tests/libtest/lib582.c +++ b/tests/libtest/lib582.c @@ -92,12 +92,12 @@ static void t582_addFd(struct t582_Sockets *sockets, curl_socket_t fd, /** * Callback invoked by curl to poll reading / writing of a socket. */ -static int t582_curlSocketCallback(CURL *easy, curl_socket_t s, int action, +static int t582_curlSocketCallback(CURL *curl, curl_socket_t s, int action, void *userp, void *socketp) { struct t582_ReadWriteSockets *sockets = userp; - (void)easy; + (void)curl; (void)socketp; if(action == CURL_POLL_IN || action == CURL_POLL_INOUT) @@ -135,13 +135,13 @@ static int t582_curlTimerCallback(CURLM *multi, long timeout_ms, void *userp) /** * Check for curl completion. */ -static int t582_checkForCompletion(CURLM *curl, int *success) +static int t582_checkForCompletion(CURLM *multi, int *success) { int result = 0; *success = 0; while(1) { int numMessages; - CURLMsg *message = curl_multi_info_read(curl, &numMessages); + CURLMsg *message = curl_multi_info_read(multi, &numMessages); if(!message) break; if(message->msg == CURLMSG_DONE) { @@ -196,11 +196,12 @@ static void t582_updateFdSet(struct t582_Sockets *sockets, fd_set* fdset, } } -static void notifyCurl(CURLM *curl, curl_socket_t s, int evBitmask, +static void notifyCurl(CURLM *multi, curl_socket_t s, int evBitmask, const char *info) { int numhandles = 0; - CURLMcode result = curl_multi_socket_action(curl, s, evBitmask, &numhandles); + CURLMcode result = curl_multi_socket_action(multi, s, evBitmask, + &numhandles); if(result != CURLM_OK) { curl_mfprintf(stderr, "Curl error on %s (%i) %s\n", info, result, curl_multi_strerror(result)); @@ -210,13 +211,13 @@ static void notifyCurl(CURLM *curl, curl_socket_t s, int evBitmask, /** * Invoke curl when a file descriptor is set. */ -static void t582_checkFdSet(CURLM *curl, struct t582_Sockets *sockets, +static void t582_checkFdSet(CURLM *multi, struct t582_Sockets *sockets, fd_set *fdset, int evBitmask, const char *name) { int i; for(i = 0; i < sockets->count; ++i) { if(FD_ISSET(sockets->sockets[i], fdset)) { - notifyCurl(curl, sockets->sockets[i], evBitmask, name); + notifyCurl(multi, sockets->sockets[i], evBitmask, name); } } } @@ -229,7 +230,7 @@ static CURLcode test_lib582(const char *URL) FILE *hd_src = NULL; int hd; struct_stat file_info; - CURLM *m = NULL; + CURLM *multi = NULL; struct t582_ReadWriteSockets sockets = {{NULL, 0, 0}, {NULL, 0, 0}}; int success = 0; struct curltime timeout = {0}; @@ -297,17 +298,17 @@ static CURLcode test_lib582(const char *URL) easy_setopt(curl, CURLOPT_INFILESIZE_LARGE, (curl_off_t)file_info.st_size); - multi_init(m); + multi_init(multi); - multi_setopt(m, CURLMOPT_SOCKETFUNCTION, t582_curlSocketCallback); - multi_setopt(m, CURLMOPT_SOCKETDATA, &sockets); + multi_setopt(multi, CURLMOPT_SOCKETFUNCTION, t582_curlSocketCallback); + multi_setopt(multi, CURLMOPT_SOCKETDATA, &sockets); - multi_setopt(m, CURLMOPT_TIMERFUNCTION, t582_curlTimerCallback); - multi_setopt(m, CURLMOPT_TIMERDATA, &timeout); + multi_setopt(multi, CURLMOPT_TIMERFUNCTION, t582_curlTimerCallback); + multi_setopt(multi, CURLMOPT_TIMERDATA, &timeout); - multi_add_handle(m, curl); + multi_add_handle(multi, curl); - while(!t582_checkForCompletion(m, &success)) { + while(!t582_checkForCompletion(multi, &success)) { fd_set readSet, writeSet; curl_socket_t maxFd = 0; struct timeval tv = {0}; @@ -331,13 +332,15 @@ static CURLcode test_lib582(const char *URL) select_test((int)maxFd, &readSet, &writeSet, NULL, &tv); /* Check the sockets for reading / writing */ - t582_checkFdSet(m, &sockets.read, &readSet, CURL_CSELECT_IN, "read"); - t582_checkFdSet(m, &sockets.write, &writeSet, CURL_CSELECT_OUT, "write"); + t582_checkFdSet(multi, &sockets.read, &readSet, CURL_CSELECT_IN, + "read"); + t582_checkFdSet(multi, &sockets.write, &writeSet, CURL_CSELECT_OUT, + "write"); if(timeout.tv_sec != (time_t)-1 && t582_getMicroSecondTimeout(&timeout) == 0) { /* Curl's timer has elapsed. */ - notifyCurl(m, CURL_SOCKET_TIMEOUT, 0, "timeout"); + notifyCurl(multi, CURL_SOCKET_TIMEOUT, 0, "timeout"); } abort_on_test_timeout(); @@ -352,9 +355,9 @@ test_cleanup: /* proper cleanup sequence - type PB */ - curl_multi_remove_handle(m, curl); + curl_multi_remove_handle(multi, curl); curl_easy_cleanup(curl); - curl_multi_cleanup(m); + curl_multi_cleanup(multi); curl_global_cleanup(); /* close the local file */ diff --git a/tests/libtest/lib583.c b/tests/libtest/lib583.c index 9950e8b402..510c5a3bdc 100644 --- a/tests/libtest/lib583.c +++ b/tests/libtest/lib583.c @@ -33,7 +33,7 @@ static CURLcode test_lib583(const char *URL) { int stillRunning; - CURLM *multiHandle = NULL; + CURLM *multi = NULL; CURL *curl = NULL; CURLcode res = CURLE_OK; CURLMcode mres; @@ -42,7 +42,7 @@ static CURLcode test_lib583(const char *URL) global_init(CURL_GLOBAL_ALL); - multi_init(multiHandle); + multi_init(multi); easy_init(curl); @@ -56,19 +56,19 @@ static CURLcode test_lib583(const char *URL) easy_setopt(curl, CURLOPT_URL, URL); easy_setopt(curl, CURLOPT_INFILESIZE, 5L); - multi_add_handle(multiHandle, curl); + multi_add_handle(multi, curl); /* this tests if removing an easy handle immediately after multi perform has been called succeeds or not. */ curl_mfprintf(stderr, "curl_multi_perform()...\n"); - multi_perform(multiHandle, &stillRunning); + multi_perform(multi, &stillRunning); curl_mfprintf(stderr, "curl_multi_perform() succeeded\n"); curl_mfprintf(stderr, "curl_multi_remove_handle()...\n"); - mres = curl_multi_remove_handle(multiHandle, curl); + mres = curl_multi_remove_handle(multi, curl); if(mres) { curl_mfprintf(stderr, "curl_multi_remove_handle() failed, with code %d\n", mres); @@ -82,7 +82,7 @@ test_cleanup: /* undocumented cleanup sequence - type UB */ curl_easy_cleanup(curl); - curl_multi_cleanup(multiHandle); + curl_multi_cleanup(multi); curl_global_cleanup(); return res; diff --git a/tests/libtest/lib586.c b/tests/libtest/lib586.c index 439c92bf35..5ee1582a8e 100644 --- a/tests/libtest/lib586.c +++ b/tests/libtest/lib586.c @@ -39,13 +39,13 @@ struct t586_userdata { }; /* lock callback */ -static void t586_test_lock(CURL *handle, curl_lock_data data, +static void t586_test_lock(CURL *curl, curl_lock_data data, curl_lock_access laccess, void *useptr) { const char *what; struct t586_userdata *user = (struct t586_userdata *)useptr; - (void)handle; + (void)curl; (void)laccess; switch(data) { @@ -70,11 +70,11 @@ static void t586_test_lock(CURL *handle, curl_lock_data data, } /* unlock callback */ -static void t586_test_unlock(CURL *handle, curl_lock_data data, void *useptr) +static void t586_test_unlock(CURL *curl, curl_lock_data data, void *useptr) { const char *what; struct t586_userdata *user = (struct t586_userdata *)useptr; - (void)handle; + (void)curl; switch(data) { case CURL_LOCK_DATA_SHARE: what = "share"; diff --git a/tests/libtest/lib591.c b/tests/libtest/lib591.c index c0d5b1a436..0b7a0b4e85 100644 --- a/tests/libtest/lib591.c +++ b/tests/libtest/lib591.c @@ -29,7 +29,7 @@ static CURLcode test_lib591(const char *URL) { - CURL *easy = NULL; + CURL *curl = NULL; CURLM *multi = NULL; CURLcode res = CURLE_OK; int running; @@ -54,29 +54,29 @@ static CURLcode test_lib591(const char *URL) return res; } - easy_init(easy); + easy_init(curl); /* go verbose */ - easy_setopt(easy, CURLOPT_VERBOSE, 1L); + easy_setopt(curl, CURLOPT_VERBOSE, 1L); /* specify target */ - easy_setopt(easy, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_URL, URL); /* enable uploading */ - easy_setopt(easy, CURLOPT_UPLOAD, 1L); + easy_setopt(curl, CURLOPT_UPLOAD, 1L); /* data pointer for the file read function */ - easy_setopt(easy, CURLOPT_READDATA, upload); + easy_setopt(curl, CURLOPT_READDATA, upload); /* use active mode FTP */ - easy_setopt(easy, CURLOPT_FTPPORT, "-"); + easy_setopt(curl, CURLOPT_FTPPORT, "-"); /* server connection timeout */ - easy_setopt(easy, CURLOPT_ACCEPTTIMEOUT_MS, atol(libtest_arg2)*1000); + easy_setopt(curl, CURLOPT_ACCEPTTIMEOUT_MS, atol(libtest_arg2)*1000); multi_init(multi); - multi_add_handle(multi, easy); + multi_add_handle(multi, curl); for(;;) { struct timeval interval; @@ -134,7 +134,7 @@ test_cleanup: /* undocumented cleanup sequence - type UA */ curl_multi_cleanup(multi); - curl_easy_cleanup(easy); + curl_easy_cleanup(curl); curl_global_cleanup(); /* close the local file */ diff --git a/tests/libtest/lib597.c b/tests/libtest/lib597.c index 126ce74f38..e82d061a22 100644 --- a/tests/libtest/lib597.c +++ b/tests/libtest/lib597.c @@ -36,7 +36,7 @@ static CURLcode test_lib597(const char *URL) { - CURL *easy = NULL; + CURL *curl = NULL; CURLM *multi = NULL; CURLcode res = CURLE_OK; int running; @@ -47,19 +47,19 @@ static CURLcode test_lib597(const char *URL) global_init(CURL_GLOBAL_ALL); - easy_init(easy); + easy_init(curl); multi_init(multi); /* go verbose */ - easy_setopt(easy, CURLOPT_VERBOSE, 1L); + easy_setopt(curl, CURLOPT_VERBOSE, 1L); /* specify target */ - easy_setopt(easy, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_URL, URL); - easy_setopt(easy, CURLOPT_CONNECT_ONLY, 1L); + easy_setopt(curl, CURLOPT_CONNECT_ONLY, 1L); - multi_add_handle(multi, easy); + multi_add_handle(multi, curl); for(;;) { struct timeval interval; @@ -113,14 +113,14 @@ static CURLcode test_lib597(const char *URL) if(msg) res = msg->data.result; - multi_remove_handle(multi, easy); + multi_remove_handle(multi, curl); test_cleanup: /* undocumented cleanup sequence - type UA */ curl_multi_cleanup(multi); - curl_easy_cleanup(easy); + curl_easy_cleanup(curl); curl_global_cleanup(); return res; diff --git a/tests/libtest/lib643.c b/tests/libtest/lib643.c index 612f0b566c..a0fef02dda 100644 --- a/tests/libtest/lib643.c +++ b/tests/libtest/lib643.c @@ -225,13 +225,13 @@ test_cleanup: static CURLcode t643_cyclic_add(void) { - CURL *easy = curl_easy_init(); - curl_mime *mime = curl_mime_init(easy); + CURL *curl = curl_easy_init(); + curl_mime *mime = curl_mime_init(curl); curl_mimepart *part = curl_mime_addpart(mime); CURLcode a1 = curl_mime_subparts(part, mime); if(a1 == CURLE_BAD_FUNCTION_ARGUMENT) { - curl_mime *submime = curl_mime_init(easy); + curl_mime *submime = curl_mime_init(curl); curl_mimepart *subpart = curl_mime_addpart(submime); curl_mime_subparts(part, submime); @@ -239,7 +239,7 @@ static CURLcode t643_cyclic_add(void) } curl_mime_free(mime); - curl_easy_cleanup(easy); + curl_easy_cleanup(curl); if(a1 != CURLE_BAD_FUNCTION_ARGUMENT) /* that should have failed */ return TEST_ERR_FAILURE; diff --git a/tests/libtest/lib653.c b/tests/libtest/lib653.c index 4f20865e26..21948a5720 100644 --- a/tests/libtest/lib653.c +++ b/tests/libtest/lib653.c @@ -27,36 +27,36 @@ static CURLcode test_lib653(const char *URL) { - CURL *curls = NULL; + CURL *curl = NULL; CURLcode res = CURLE_OK; curl_mimepart *field = NULL; curl_mime *mime = NULL; global_init(CURL_GLOBAL_ALL); - easy_init(curls); + easy_init(curl); - mime = curl_mime_init(curls); + mime = curl_mime_init(curl); field = curl_mime_addpart(mime); curl_mime_name(field, "name"); curl_mime_data(field, "short value", CURL_ZERO_TERMINATED); - easy_setopt(curls, CURLOPT_URL, URL); - easy_setopt(curls, CURLOPT_HEADER, 1L); - easy_setopt(curls, CURLOPT_VERBOSE, 1L); - easy_setopt(curls, CURLOPT_MIMEPOST, mime); - easy_setopt(curls, CURLOPT_NOPROGRESS, 1L); + easy_setopt(curl, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_HEADER, 1L); + easy_setopt(curl, CURLOPT_VERBOSE, 1L); + easy_setopt(curl, CURLOPT_MIMEPOST, mime); + easy_setopt(curl, CURLOPT_NOPROGRESS, 1L); - res = curl_easy_perform(curls); + res = curl_easy_perform(curl); if(res) goto test_cleanup; /* Alter form and resubmit. */ curl_mime_data(field, "long value for length change", CURL_ZERO_TERMINATED); - res = curl_easy_perform(curls); + res = curl_easy_perform(curl); test_cleanup: curl_mime_free(mime); - curl_easy_cleanup(curls); + curl_easy_cleanup(curl); curl_global_cleanup(); return res; /* return the final return code */ } diff --git a/tests/libtest/lib654.c b/tests/libtest/lib654.c index a808e24a0a..5b2236ebb0 100644 --- a/tests/libtest/lib654.c +++ b/tests/libtest/lib654.c @@ -63,8 +63,8 @@ static CURLcode test_lib654(const char *URL) { static const char testdata[] = "dummy\n"; - CURL *easy = NULL; - CURL *easy2 = NULL; + CURL *curl = NULL; + CURL *curl2 = NULL; curl_mime *mime = NULL; curl_mimepart *part; struct curl_slist *hdrs = NULL; @@ -81,16 +81,16 @@ static CURLcode test_lib654(const char *URL) return TEST_ERR_MAJOR_BAD; } - easy = curl_easy_init(); + curl = curl_easy_init(); /* First set the URL that is about to receive our POST. */ - test_setopt(easy, CURLOPT_URL, URL); + test_setopt(curl, CURLOPT_URL, URL); /* get verbose debug output please */ - test_setopt(easy, CURLOPT_VERBOSE, 1L); + test_setopt(curl, CURLOPT_VERBOSE, 1L); /* include headers in the output */ - test_setopt(easy, CURLOPT_HEADER, 1L); + test_setopt(curl, CURLOPT_HEADER, 1L); /* Prepare the callback structure. */ pooh.readptr = testdata; @@ -98,7 +98,7 @@ static CURLcode test_lib654(const char *URL) pooh.freecount = 0; /* Build the mime tree. */ - mime = curl_mime_init(easy); + mime = curl_mime_init(curl); part = curl_mime_addpart(mime); curl_mime_data(part, "hello", CURL_ZERO_TERMINATED); curl_mime_name(part, "greeting"); @@ -113,11 +113,11 @@ static CURLcode test_lib654(const char *URL) free_callback, &pooh); /* Bind mime data to its easy handle. */ - test_setopt(easy, CURLOPT_MIMEPOST, mime); + test_setopt(curl, CURLOPT_MIMEPOST, mime); /* Duplicate the handle. */ - easy2 = curl_easy_duphandle(easy); - if(!easy2) { + curl2 = curl_easy_duphandle(curl); + if(!curl2) { curl_mfprintf(stderr, "curl_easy_duphandle() failed\n"); res = TEST_ERR_FAILURE; goto test_cleanup; @@ -129,7 +129,7 @@ static CURLcode test_lib654(const char *URL) mime = NULL; /* Already cleaned up. */ /* Perform on the first handle: should not send any data. */ - res = curl_easy_perform(easy); + res = curl_easy_perform(curl); if(res != CURLE_OK) { curl_mfprintf(stderr, "curl_easy_perform(original) failed\n"); goto test_cleanup; @@ -137,7 +137,7 @@ static CURLcode test_lib654(const char *URL) /* Perform on the second handle: if the bound mime structure has not been duplicated properly, it should cause a valgrind error. */ - res = curl_easy_perform(easy2); + res = curl_easy_perform(curl2); if(res != CURLE_OK) { curl_mfprintf(stderr, "curl_easy_perform(duplicated) failed\n"); goto test_cleanup; @@ -146,8 +146,8 @@ static CURLcode test_lib654(const char *URL) /* Free the duplicated handle: it should call free_callback again. If the mime copy was bad or not automatically released, valgrind will signal it. */ - curl_easy_cleanup(easy2); - easy2 = NULL; /* Already cleaned up. */ + curl_easy_cleanup(curl2); + curl2 = NULL; /* Already cleaned up. */ if(pooh.freecount != 2) { curl_mfprintf(stderr, "free_callback() called %d times instead of 2\n", @@ -157,8 +157,8 @@ static CURLcode test_lib654(const char *URL) } test_cleanup: - curl_easy_cleanup(easy); - curl_easy_cleanup(easy2); + curl_easy_cleanup(curl); + curl_easy_cleanup(curl2); curl_mime_free(mime); curl_global_cleanup(); return res; diff --git a/tests/libtest/lib658.c b/tests/libtest/lib658.c index 00a2a35906..4f0f867d65 100644 --- a/tests/libtest/lib658.c +++ b/tests/libtest/lib658.c @@ -31,13 +31,13 @@ static CURLcode test_lib658(const char *URL) { - CURL *handle = NULL; + CURL *curl = NULL; CURLcode res = CURLE_OK; CURLU *urlp = NULL; CURLUcode uc = CURLUE_OK; global_init(CURL_GLOBAL_ALL); - easy_init(handle); + easy_init(curl); urlp = curl_url(); @@ -54,12 +54,12 @@ static CURLcode test_lib658(const char *URL) } /* demonstrate override behavior */ - easy_setopt(handle, CURLOPT_URL, "http://www.example.com"); + easy_setopt(curl, CURLOPT_URL, "http://www.example.com"); - easy_setopt(handle, CURLOPT_CURLU, urlp); - easy_setopt(handle, CURLOPT_VERBOSE, 1L); + easy_setopt(curl, CURLOPT_CURLU, urlp); + easy_setopt(curl, CURLOPT_VERBOSE, 1L); - res = curl_easy_perform(handle); + res = curl_easy_perform(curl); if(res) { curl_mfprintf(stderr, "%s:%d curl_easy_perform() failed " @@ -71,7 +71,7 @@ static CURLcode test_lib658(const char *URL) test_cleanup: curl_url_cleanup(urlp); - curl_easy_cleanup(handle); + curl_easy_cleanup(curl); curl_global_cleanup(); return res; diff --git a/tests/libtest/lib659.c b/tests/libtest/lib659.c index 70a630758c..44fe7b0c49 100644 --- a/tests/libtest/lib659.c +++ b/tests/libtest/lib659.c @@ -31,12 +31,12 @@ static CURLcode test_lib659(const char *URL) { - CURL *handle = NULL; + CURL *curl = NULL; CURLcode res = CURLE_OK; CURLU *urlp = NULL; global_init(CURL_GLOBAL_ALL); - easy_init(handle); + easy_init(curl); urlp = curl_url(); @@ -53,11 +53,11 @@ static CURLcode test_lib659(const char *URL) goto test_cleanup; } - easy_setopt(handle, CURLOPT_CURLU, urlp); - easy_setopt(handle, CURLOPT_VERBOSE, 1L); - easy_setopt(handle, CURLOPT_PROXY, URL); + easy_setopt(curl, CURLOPT_CURLU, urlp); + easy_setopt(curl, CURLOPT_VERBOSE, 1L); + easy_setopt(curl, CURLOPT_PROXY, URL); - res = curl_easy_perform(handle); + res = curl_easy_perform(curl); if(res) { curl_mfprintf(stderr, "%s:%d curl_easy_perform() failed " @@ -69,7 +69,7 @@ static CURLcode test_lib659(const char *URL) test_cleanup: curl_url_cleanup(urlp); - curl_easy_cleanup(handle); + curl_easy_cleanup(curl); curl_global_cleanup(); return res; diff --git a/tests/libtest/lib667.c b/tests/libtest/lib667.c index a46d1b8cdd..2827d00511 100644 --- a/tests/libtest/lib667.c +++ b/tests/libtest/lib667.c @@ -55,7 +55,7 @@ static CURLcode test_lib667(const char *URL) { static const char testdata[] = "dummy"; - CURL *easy = NULL; + CURL *curl = NULL; curl_mime *mime = NULL; curl_mimepart *part; CURLcode res = TEST_ERR_FAILURE; @@ -71,23 +71,23 @@ static CURLcode test_lib667(const char *URL) return TEST_ERR_MAJOR_BAD; } - easy = curl_easy_init(); + curl = curl_easy_init(); /* First set the URL that is about to receive our POST. */ - test_setopt(easy, CURLOPT_URL, URL); + test_setopt(curl, CURLOPT_URL, URL); /* get verbose debug output please */ - test_setopt(easy, CURLOPT_VERBOSE, 1L); + test_setopt(curl, CURLOPT_VERBOSE, 1L); /* include headers in the output */ - test_setopt(easy, CURLOPT_HEADER, 1L); + test_setopt(curl, CURLOPT_HEADER, 1L); /* Prepare the callback structure. */ pooh.readptr = testdata; pooh.sizeleft = (curl_off_t) strlen(testdata); /* Build the mime tree. */ - mime = curl_mime_init(easy); + mime = curl_mime_init(curl); part = curl_mime_addpart(mime); curl_mime_name(part, "field"); curl_mime_encoder(part, "base64"); @@ -96,16 +96,16 @@ static CURLcode test_lib667(const char *URL) NULL, NULL, &pooh); /* Bind mime data to its easy handle. */ - test_setopt(easy, CURLOPT_MIMEPOST, mime); + test_setopt(curl, CURLOPT_MIMEPOST, mime); /* Send data. */ - res = curl_easy_perform(easy); + res = curl_easy_perform(curl); if(res != CURLE_OK) { curl_mfprintf(stderr, "curl_easy_perform() failed\n"); } test_cleanup: - curl_easy_cleanup(easy); + curl_easy_cleanup(curl); curl_mime_free(mime); curl_global_cleanup(); return res; diff --git a/tests/libtest/lib668.c b/tests/libtest/lib668.c index 87cf19bbe4..488f862152 100644 --- a/tests/libtest/lib668.c +++ b/tests/libtest/lib668.c @@ -50,7 +50,7 @@ static CURLcode test_lib668(const char *URL) { static const char testdata[] = "dummy"; - CURL *easy = NULL; + CURL *curl = NULL; curl_mime *mime = NULL; curl_mimepart *part; CURLcode res = TEST_ERR_FAILURE; @@ -65,16 +65,16 @@ static CURLcode test_lib668(const char *URL) return TEST_ERR_MAJOR_BAD; } - easy = curl_easy_init(); + curl = curl_easy_init(); /* First set the URL that is about to receive our POST. */ - test_setopt(easy, CURLOPT_URL, URL); + test_setopt(curl, CURLOPT_URL, URL); /* get verbose debug output please */ - test_setopt(easy, CURLOPT_VERBOSE, 1L); + test_setopt(curl, CURLOPT_VERBOSE, 1L); /* include headers in the output */ - test_setopt(easy, CURLOPT_HEADER, 1L); + test_setopt(curl, CURLOPT_HEADER, 1L); /* Prepare the callback structures. */ pooh1.readptr = testdata; @@ -82,7 +82,7 @@ static CURLcode test_lib668(const char *URL) pooh2 = pooh1; /* Build the mime tree. */ - mime = curl_mime_init(easy); + mime = curl_mime_init(curl); part = curl_mime_addpart(mime); curl_mime_name(part, "field1"); /* Early end of data detection can be done because the data size is known. */ @@ -101,16 +101,16 @@ static CURLcode test_lib668(const char *URL) curl_mime_filedata(part, libtest_arg2); /* Bind mime data to its easy handle. */ - test_setopt(easy, CURLOPT_MIMEPOST, mime); + test_setopt(curl, CURLOPT_MIMEPOST, mime); /* Send data. */ - res = curl_easy_perform(easy); + res = curl_easy_perform(curl); if(res != CURLE_OK) { curl_mfprintf(stderr, "curl_easy_perform() failed\n"); } test_cleanup: - curl_easy_cleanup(easy); + curl_easy_cleanup(curl); curl_mime_free(mime); curl_global_cleanup(); return res; diff --git a/tests/libtest/lib670.c b/tests/libtest/lib670.c index 9dcdd7fd45..b30d097f68 100644 --- a/tests/libtest/lib670.c +++ b/tests/libtest/lib670.c @@ -28,7 +28,7 @@ #define PAUSE_TIME 5 struct t670_ReadThis { - CURL *easy; + CURL *curl; time_t origin; int count; }; @@ -79,7 +79,7 @@ static int t670_xferinfo(void *clientp, } if(delta >= PAUSE_TIME) - curl_easy_pause(pooh->easy, CURLPAUSE_CONT); + curl_easy_pause(pooh->curl, CURLPAUSE_CONT); } return 0; @@ -106,21 +106,21 @@ static CURLcode test_lib670(const char *URL) pooh.origin = (time_t) 0; pooh.count = 0; - pooh.easy = curl_easy_init(); + pooh.curl = curl_easy_init(); /* First set the URL that is about to receive our POST. */ - test_setopt(pooh.easy, CURLOPT_URL, URL); + test_setopt(pooh.curl, CURLOPT_URL, URL); /* get verbose debug output please */ - test_setopt(pooh.easy, CURLOPT_VERBOSE, 1L); + test_setopt(pooh.curl, CURLOPT_VERBOSE, 1L); /* include headers in the output */ - test_setopt(pooh.easy, CURLOPT_HEADER, 1L); + test_setopt(pooh.curl, CURLOPT_HEADER, 1L); if(testnum == 670 || testnum == 671) { curl_mimepart *part; /* Build the mime tree. */ - mime = curl_mime_init(pooh.easy); + mime = curl_mime_init(pooh.curl); part = curl_mime_addpart(mime); res = curl_mime_name(part, testname); if(res != CURLE_OK) { @@ -135,7 +135,7 @@ static CURLcode test_lib670(const char *URL) /* Bind mime data to its easy handle. */ if(res == CURLE_OK) - test_setopt(pooh.easy, CURLOPT_MIMEPOST, mime); + test_setopt(pooh.curl, CURLOPT_MIMEPOST, mime); } else { struct curl_httppost *lastptr = NULL; @@ -152,10 +152,10 @@ static CURLcode test_lib670(const char *URL) } /* We want to use our own read function. */ - test_setopt(pooh.easy, CURLOPT_READFUNCTION, t670_read_cb); + test_setopt(pooh.curl, CURLOPT_READFUNCTION, t670_read_cb); /* Send a multi-part formpost. */ - test_setopt(pooh.easy, CURLOPT_HTTPPOST, formpost); + test_setopt(pooh.curl, CURLOPT_HTTPPOST, formpost); } if(testnum == 670 || testnum == 672) { @@ -163,7 +163,7 @@ static CURLcode test_lib670(const char *URL) CURLM *multi; /* Use the multi interface. */ multi = curl_multi_init(); - mres = curl_multi_add_handle(multi, pooh.easy); + mres = curl_multi_add_handle(multi, pooh.curl); while(!mres) { struct timeval timeout; int rc = 0; @@ -187,7 +187,7 @@ static CURLcode test_lib670(const char *URL) } if(delta >= PAUSE_TIME) - curl_easy_pause(pooh.easy, CURLPAUSE_CONT); + curl_easy_pause(pooh.curl, CURLPAUSE_CONT); } FD_ZERO(&fdread); @@ -222,19 +222,19 @@ static CURLcode test_lib670(const char *URL) } } - curl_multi_remove_handle(multi, pooh.easy); + curl_multi_remove_handle(multi, pooh.curl); curl_multi_cleanup(multi); } else { /* Use the easy interface. */ - test_setopt(pooh.easy, CURLOPT_XFERINFODATA, &pooh); - test_setopt(pooh.easy, CURLOPT_XFERINFOFUNCTION, t670_xferinfo); - test_setopt(pooh.easy, CURLOPT_NOPROGRESS, 0L); - res = curl_easy_perform(pooh.easy); + test_setopt(pooh.curl, CURLOPT_XFERINFODATA, &pooh); + test_setopt(pooh.curl, CURLOPT_XFERINFOFUNCTION, t670_xferinfo); + test_setopt(pooh.curl, CURLOPT_NOPROGRESS, 0L); + res = curl_easy_perform(pooh.curl); } test_cleanup: - curl_easy_cleanup(pooh.easy); + curl_easy_cleanup(pooh.curl); if(testnum == 670 || testnum == 671) { curl_mime_free(mime); diff --git a/tests/libtest/lib674.c b/tests/libtest/lib674.c index a46f2be6eb..668ecdf32d 100644 --- a/tests/libtest/lib674.c +++ b/tests/libtest/lib674.c @@ -31,14 +31,14 @@ static CURLcode test_lib674(const char *URL) { - CURL *handle = NULL; - CURL *handle2; + CURL *curl = NULL; + CURL *curl2; CURLcode res = CURLE_OK; CURLU *urlp = NULL; CURLUcode uc = CURLUE_OK; global_init(CURL_GLOBAL_ALL); - easy_init(handle); + easy_init(curl); urlp = curl_url(); @@ -56,10 +56,10 @@ static CURLcode test_lib674(const char *URL) /* demonstrate override behavior */ - easy_setopt(handle, CURLOPT_CURLU, urlp); - easy_setopt(handle, CURLOPT_VERBOSE, 1L); + easy_setopt(curl, CURLOPT_CURLU, urlp); + easy_setopt(curl, CURLOPT_VERBOSE, 1L); - res = curl_easy_perform(handle); + res = curl_easy_perform(curl); if(res) { curl_mfprintf(stderr, "%s:%d curl_easy_perform() failed " @@ -68,14 +68,14 @@ static CURLcode test_lib674(const char *URL) goto test_cleanup; } - handle2 = curl_easy_duphandle(handle); - res = curl_easy_perform(handle2); - curl_easy_cleanup(handle2); + curl2 = curl_easy_duphandle(curl); + res = curl_easy_perform(curl2); + curl_easy_cleanup(curl2); test_cleanup: curl_url_cleanup(urlp); - curl_easy_cleanup(handle); + curl_easy_cleanup(curl); curl_global_cleanup(); return res; diff --git a/tests/libtest/lib678.c b/tests/libtest/lib678.c index 5fdabdda96..2a2e21321f 100644 --- a/tests/libtest/lib678.c +++ b/tests/libtest/lib678.c @@ -99,15 +99,14 @@ static CURLcode test_lib678(const char *URL) CURLcode res = CURLE_OK; curl_global_init(CURL_GLOBAL_DEFAULT); if(!strcmp("check", URL)) { - CURL *e; CURLcode w = CURLE_OK; struct curl_blob blob = {0}; - e = curl_easy_init(); - if(e) { - w = curl_easy_setopt(e, CURLOPT_CAINFO_BLOB, &blob); + CURL *curl = curl_easy_init(); + if(curl) { + w = curl_easy_setopt(curl, CURLOPT_CAINFO_BLOB, &blob); if(w) curl_mprintf("CURLOPT_CAINFO_BLOB is not supported\n"); - curl_easy_cleanup(e); + curl_easy_cleanup(curl); } res = w; } diff --git a/tests/libtest/lib751.c b/tests/libtest/lib751.c index 0e0a1968e6..42c1aeb117 100644 --- a/tests/libtest/lib751.c +++ b/tests/libtest/lib751.c @@ -31,37 +31,37 @@ static CURLcode test_lib751(const char *URL) { - CURL *easies[1000]; - CURLM *m; + CURL *curls[1000]; + CURLM *multi; CURLcode res = CURLE_FAILED_INIT; CURLMcode mres; int i; (void)URL; - memset(easies, 0, sizeof(easies)); + memset(curls, 0, sizeof(curls)); curl_global_init(CURL_GLOBAL_DEFAULT); - m = curl_multi_init(); - if(!m) { + multi = curl_multi_init(); + if(!multi) { res = CURLE_OUT_OF_MEMORY; goto test_cleanup; } for(i = 0; i < 1000; i++) { - CURL *e = curl_easy_init(); - if(!e) { + CURL *curl = curl_easy_init(); + if(!curl) { res = CURLE_OUT_OF_MEMORY; goto test_cleanup; } - easies[i] = e; + curls[i] = curl; - res = curl_easy_setopt(e, CURLOPT_URL, "https://www.example.com/"); + res = curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.com/"); if(!res) - res = curl_easy_setopt(e, CURLOPT_VERBOSE, 1L); + res = curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); if(res) goto test_cleanup; - mres = curl_multi_add_handle(m, e); + mres = curl_multi_add_handle(multi, curl); if(mres != CURLM_OK) { curl_mfprintf(stderr, "MULTI ERROR: %s\n", curl_multi_strerror(mres)); res = CURLE_FAILED_INIT; @@ -75,13 +75,13 @@ test_cleanup: curl_mfprintf(stderr, "ERROR: %s\n", curl_easy_strerror(res)); for(i = 0; i < 1000; i++) { - if(easies[i]) { - curl_multi_add_handle(m, easies[i]); - curl_easy_cleanup(easies[i]); - easies[i] = NULL; + if(curls[i]) { + curl_multi_add_handle(multi, curls[i]); + curl_easy_cleanup(curls[i]); + curls[i] = NULL; } } - curl_multi_cleanup(m); + curl_multi_cleanup(multi); curl_global_cleanup(); return res; diff --git a/tests/libtest/lib753.c b/tests/libtest/lib753.c index ea3f0268af..19194c4646 100644 --- a/tests/libtest/lib753.c +++ b/tests/libtest/lib753.c @@ -27,7 +27,7 @@ #include "memdebug.h" struct t753_transfer_status { - CURL *easy; + CURL *curl; const char *name; bool pause; bool is_paused; @@ -56,49 +56,49 @@ static size_t t753_hd_cb(char *ptr, size_t size, size_t nmemb, void *userp) curl_mfprintf(stderr, "[%s] hd_cb '%.*s'\n", st->name, (int)len, ptr); if(!strcmp("230 Welcome you silly person\r\n", ptr)) { st->seen_welcome = TRUE; - st->easy = NULL; + st->curl = NULL; } return len; } static bool t753_setup(const char *URL, const char *name, - CURL **peasy, + CURL **pcurl, struct t753_transfer_status *st) { - CURL *easy = NULL; + CURL *curl = NULL; CURLcode res = CURLE_OK; - *peasy = NULL; + *pcurl = NULL; memset(st, 0, sizeof(*st)); st->name = name; - st->easy = easy; + st->curl = curl; st->pause = TRUE; - easy_init(easy); + easy_init(curl); - easy_setopt(easy, CURLOPT_URL, URL); - easy_setopt(easy, CURLOPT_WRITEFUNCTION, t753_write_cb); - easy_setopt(easy, CURLOPT_WRITEDATA, st); - easy_setopt(easy, CURLOPT_HEADERFUNCTION, t753_hd_cb); - easy_setopt(easy, CURLOPT_HEADERDATA, st); + easy_setopt(curl, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_WRITEFUNCTION, t753_write_cb); + easy_setopt(curl, CURLOPT_WRITEDATA, st); + easy_setopt(curl, CURLOPT_HEADERFUNCTION, t753_hd_cb); + easy_setopt(curl, CURLOPT_HEADERDATA, st); - easy_setopt(easy, CURLOPT_NOPROGRESS, 1L); - easy_setopt(easy, CURLOPT_DEBUGDATA, &debug_config); - easy_setopt(easy, CURLOPT_DEBUGFUNCTION, libtest_debug_cb); - easy_setopt(easy, CURLOPT_VERBOSE, 1L); + easy_setopt(curl, CURLOPT_NOPROGRESS, 1L); + easy_setopt(curl, CURLOPT_DEBUGDATA, &debug_config); + easy_setopt(curl, CURLOPT_DEBUGFUNCTION, libtest_debug_cb); + easy_setopt(curl, CURLOPT_VERBOSE, 1L); - *peasy = easy; + *pcurl = curl; return TRUE; test_cleanup: - if(easy) - curl_easy_cleanup(easy); + if(curl) + curl_easy_cleanup(curl); return FALSE; } static CURLcode test_lib753(const char *URL) { - CURL *easy1 = NULL, *easy2 = NULL; + CURL *curl1 = NULL, *curl2 = NULL; CURLM *multi = NULL; struct t753_transfer_status st1, st2; CURLcode res = CURLE_OK; @@ -119,10 +119,10 @@ static CURLcode test_lib753(const char *URL) goto test_cleanup; } - if(!t753_setup(URL, "EASY1", &easy1, &st1)) + if(!t753_setup(URL, "EASY1", &curl1, &st1)) goto test_cleanup; - multi_add_handle(multi, easy1); + multi_add_handle(multi, curl1); multi_perform(multi, &still_running); abort_on_test_timeout(); @@ -142,14 +142,14 @@ static CURLcode test_lib753(const char *URL) * that the connection is NOT reused, e.g. all FTP commands * are sent again on the new connection. */ - if(easy1 && st1.seen_welcome) { - curl_easy_cleanup(easy1); - easy1 = NULL; - if(!easy2) { - if(!t753_setup(URL, "EASY2", &easy2, &st2)) + if(curl1 && st1.seen_welcome) { + curl_easy_cleanup(curl1); + curl1 = NULL; + if(!curl2) { + if(!t753_setup(URL, "EASY2", &curl2, &st2)) goto test_cleanup; st2.pause = FALSE; - multi_add_handle(multi, easy2); + multi_add_handle(multi, curl2); } } @@ -173,10 +173,10 @@ test_cleanup: if(res) curl_mfprintf(stderr, "ERROR: %s\n", curl_easy_strerror(res)); - if(easy1) - curl_easy_cleanup(easy1); - if(easy2) - curl_easy_cleanup(easy2); + if(curl1) + curl_easy_cleanup(curl1); + if(curl2) + curl_easy_cleanup(curl2); curl_multi_cleanup(multi); curl_global_cleanup(); diff --git a/tests/libtest/lib758.c b/tests/libtest/lib758.c index e9fe4ea2c9..35e60cc04f 100644 --- a/tests/libtest/lib758.c +++ b/tests/libtest/lib758.c @@ -146,12 +146,12 @@ static int t758_addFd(struct t758_Sockets *sockets, curl_socket_t fd, /** * Callback invoked by curl to poll reading / writing of a socket. */ -static int t758_curlSocketCallback(CURL *easy, curl_socket_t s, int action, +static int t758_curlSocketCallback(CURL *curl, curl_socket_t s, int action, void *userp, void *socketp) { struct t758_ReadWriteSockets *sockets = userp; - (void)easy; + (void)curl; (void)socketp; t758_ctx.socket_calls++; @@ -235,13 +235,13 @@ t758_set_ssl_ctx_callback(CURL *curl, void *ssl_ctx, void *clientp) /** * Check for curl completion. */ -static int t758_checkForCompletion(CURLM *curl, int *success) +static int t758_checkForCompletion(CURLM *multi, int *success) { int result = 0; *success = 0; while(1) { int numMessages; - CURLMsg *message = curl_multi_info_read(curl, &numMessages); + CURLMsg *message = curl_multi_info_read(multi, &numMessages); if(!message) break; if(message->msg == CURLMSG_DONE) { @@ -296,11 +296,12 @@ static void t758_updateFdSet(struct t758_Sockets *sockets, fd_set* fdset, } } -static CURLMcode t758_saction(CURLM *curl, curl_socket_t s, +static CURLMcode t758_saction(CURLM *multi, curl_socket_t s, int evBitmask, const char *info) { int numhandles = 0; - CURLMcode result = curl_multi_socket_action(curl, s, evBitmask, &numhandles); + CURLMcode result = curl_multi_socket_action(multi, s, evBitmask, + &numhandles); if(result != CURLM_OK) { curl_mfprintf(stderr, "%s Curl error on %s (%i) %s\n", t758_tag(), info, result, curl_multi_strerror(result)); @@ -311,7 +312,7 @@ static CURLMcode t758_saction(CURLM *curl, curl_socket_t s, /** * Invoke curl when a file descriptor is set. */ -static CURLMcode t758_checkFdSet(CURLM *curl, struct t758_Sockets *sockets, +static CURLMcode t758_checkFdSet(CURLM *multi, struct t758_Sockets *sockets, fd_set *fdset, int evBitmask, const char *name) { @@ -319,7 +320,7 @@ static CURLMcode t758_checkFdSet(CURLM *curl, struct t758_Sockets *sockets, CURLMcode result = CURLM_OK; for(i = 0; i < sockets->count; ++i) { if(FD_ISSET(sockets->sockets[i], fdset)) { - result = t758_saction(curl, sockets->sockets[i], evBitmask, name); + result = t758_saction(multi, sockets->sockets[i], evBitmask, name); if(result) break; } @@ -331,7 +332,8 @@ static CURLcode t758_one(const char *URL, int timer_fail_at, int socket_fail_at) { CURLcode res = CURLE_OK; - CURL *curl = NULL; CURLM *m = NULL; + CURL *curl = NULL; + CURLM *multi = NULL; struct t758_ReadWriteSockets sockets = {{NULL, 0, 0}, {NULL, 0, 0}}; int success = 0; struct curltime timeout = {0}; @@ -373,28 +375,28 @@ static CURLcode t758_one(const char *URL, int timer_fail_at, easy_setopt(curl, CURLOPT_SSL_CTX_FUNCTION, t758_set_ssl_ctx_callback); - multi_init(m); + multi_init(multi); - multi_setopt(m, CURLMOPT_SOCKETFUNCTION, t758_curlSocketCallback); - multi_setopt(m, CURLMOPT_SOCKETDATA, &sockets); + multi_setopt(multi, CURLMOPT_SOCKETFUNCTION, t758_curlSocketCallback); + multi_setopt(multi, CURLMOPT_SOCKETDATA, &sockets); - multi_setopt(m, CURLMOPT_TIMERFUNCTION, t758_curlTimerCallback); - multi_setopt(m, CURLMOPT_TIMERDATA, &timeout); + multi_setopt(multi, CURLMOPT_TIMERFUNCTION, t758_curlTimerCallback); + multi_setopt(multi, CURLMOPT_TIMERDATA, &timeout); - multi_add_handle(m, curl); + multi_add_handle(multi, curl); - if(t758_saction(m, CURL_SOCKET_TIMEOUT, 0, "timeout")) { + if(t758_saction(multi, CURL_SOCKET_TIMEOUT, 0, "timeout")) { res = TEST_ERR_MAJOR_BAD; goto test_cleanup; } - while(!t758_checkForCompletion(m, &success)) { + while(!t758_checkForCompletion(multi, &success)) { fd_set readSet, writeSet; curl_socket_t maxFd = 0; struct timeval tv = {0}; tv.tv_sec = 10; if(t758_ctx.fake_async_cert_verification_pending && - !t758_ctx.fake_async_cert_verification_finished) { + !t758_ctx.fake_async_cert_verification_finished) { if(sockets.read.count || sockets.write.count) { t758_msg("during verification there should be no sockets scheduled"); res = TEST_ERR_MAJOR_BAD; @@ -406,13 +408,13 @@ static CURLcode t758_one(const char *URL, int timer_fail_at, goto test_cleanup; } t758_ctx.fake_async_cert_verification_finished = 1; - if(t758_saction(m, CURL_SOCKET_TIMEOUT, 0, "timeout")) { + if(t758_saction(multi, CURL_SOCKET_TIMEOUT, 0, "timeout")) { t758_msg("spurious retry cert action"); res = TEST_ERR_MAJOR_BAD; goto test_cleanup; } curl_easy_pause(curl, CURLPAUSE_CONT); - if(t758_saction(m, CURL_SOCKET_TIMEOUT, 0, "timeout")) { + if(t758_saction(multi, CURL_SOCKET_TIMEOUT, 0, "timeout")) { t758_msg("unblocking transfer after cert verification finished"); res = TEST_ERR_MAJOR_BAD; goto test_cleanup; @@ -442,12 +444,12 @@ static CURLcode t758_one(const char *URL, int timer_fail_at, select_test((int)maxFd, &readSet, &writeSet, NULL, &tv); /* Check the sockets for reading / writing */ - if(t758_checkFdSet(m, &sockets.read, &readSet, CURL_CSELECT_IN, + if(t758_checkFdSet(multi, &sockets.read, &readSet, CURL_CSELECT_IN, "read")) { res = TEST_ERR_MAJOR_BAD; goto test_cleanup; } - if(t758_checkFdSet(m, &sockets.write, &writeSet, CURL_CSELECT_OUT, + if(t758_checkFdSet(multi, &sockets.write, &writeSet, CURL_CSELECT_OUT, "write")) { res = TEST_ERR_MAJOR_BAD; goto test_cleanup; @@ -456,7 +458,7 @@ static CURLcode t758_one(const char *URL, int timer_fail_at, if(timeout.tv_sec != (time_t)-1 && t758_getMicroSecondTimeout(&timeout) == 0) { /* Curl's timer has elapsed. */ - if(t758_saction(m, CURL_SOCKET_TIMEOUT, 0, "timeout")) { + if(t758_saction(multi, CURL_SOCKET_TIMEOUT, 0, "timeout")) { res = TEST_ERR_BAD_TIMEOUT; goto test_cleanup; } @@ -479,9 +481,9 @@ test_cleanup: /* proper cleanup sequence */ t758_msg("cleanup"); - curl_multi_remove_handle(m, curl); + curl_multi_remove_handle(multi, curl); curl_easy_cleanup(curl); - curl_multi_cleanup(m); + curl_multi_cleanup(multi); curl_global_cleanup(); /* free local memory */ diff --git a/tests/libtest/lib766.c b/tests/libtest/lib766.c index 5cfc6bb270..53f1dd97b5 100644 --- a/tests/libtest/lib766.c +++ b/tests/libtest/lib766.c @@ -42,24 +42,24 @@ static int sockopt_766(void *clientp, static CURLcode test_lib766(const char *URL) { - CURL *easy = NULL; + CURL *curl = NULL; CURLcode res = CURLE_OK; start_test_timing(); res_global_init(CURL_GLOBAL_ALL); - easy_init(easy); - easy_setopt(easy, CURLOPT_VERBOSE, 1L); - easy_setopt(easy, CURLOPT_URL, URL); - easy_setopt(easy, CURLOPT_FTPPORT, "-"); - easy_setopt(easy, CURLOPT_SOCKOPTFUNCTION, sockopt_766); + easy_init(curl); + easy_setopt(curl, CURLOPT_VERBOSE, 1L); + easy_setopt(curl, CURLOPT_URL, URL); + easy_setopt(curl, CURLOPT_FTPPORT, "-"); + easy_setopt(curl, CURLOPT_SOCKOPTFUNCTION, sockopt_766); - res = curl_easy_perform(easy); + res = curl_easy_perform(curl); test_cleanup: - curl_easy_cleanup(easy); + curl_easy_cleanup(curl); curl_global_cleanup(); return res; diff --git a/tests/libtest/testtrace.c b/tests/libtest/testtrace.c index 8aa377fb0c..092aca8385 100644 --- a/tests/libtest/testtrace.c +++ b/tests/libtest/testtrace.c @@ -81,7 +81,7 @@ void debug_dump(const char *timebuf, const char *text, fflush(stream); } -int libtest_debug_cb(CURL *handle, curl_infotype type, +int libtest_debug_cb(CURL *curl, curl_infotype type, char *data, size_t size, void *userp) { struct libtest_trace_cfg *trace_cfg = userp; @@ -89,7 +89,7 @@ int libtest_debug_cb(CURL *handle, curl_infotype type, char timebuf[20]; char *timestr; - (void)handle; + (void)curl; timebuf[0] = '\0'; timestr = &timebuf[0]; @@ -157,7 +157,7 @@ static void log_line_start(FILE *log, const char *idsbuf, curl_infotype type) } /* callback for CURLOPT_DEBUGFUNCTION (used in client tests) */ -int cli_debug_cb(CURL *handle, curl_infotype type, +int cli_debug_cb(CURL *curl, curl_infotype type, char *data, size_t size, void *userp) { FILE *output = stderr; @@ -166,11 +166,11 @@ int cli_debug_cb(CURL *handle, curl_infotype type, char idsbuf[60]; curl_off_t xfer_id, conn_id; - (void)handle; + (void)curl; (void)userp; - if(!curl_easy_getinfo(handle, CURLINFO_XFER_ID, &xfer_id) && xfer_id >= 0) { - if(!curl_easy_getinfo(handle, CURLINFO_CONN_ID, &conn_id) && + if(!curl_easy_getinfo(curl, CURLINFO_XFER_ID, &xfer_id) && xfer_id >= 0) { + if(!curl_easy_getinfo(curl, CURLINFO_CONN_ID, &conn_id) && conn_id >= 0) { curl_msnprintf(idsbuf, sizeof(idsbuf), "[%" CURL_FORMAT_CURL_OFF_T "-" diff --git a/tests/libtest/testtrace.h b/tests/libtest/testtrace.h index 79d2f8529d..e066595b2c 100644 --- a/tests/libtest/testtrace.h +++ b/tests/libtest/testtrace.h @@ -36,11 +36,11 @@ struct libtest_trace_cfg { extern struct libtest_trace_cfg debug_config; -int libtest_debug_cb(CURL *handle, curl_infotype type, +int libtest_debug_cb(CURL *curl, curl_infotype type, char *data, size_t size, void *userp); /* callback for CURLOPT_DEBUGFUNCTION (client tests) */ -int cli_debug_cb(CURL *handle, curl_infotype type, +int cli_debug_cb(CURL *curl, curl_infotype type, char *data, size_t size, void *userp); #endif /* HEADER_LIBTEST_TESTTRACE_H */ From 2e408aa5ccafedd3dec3197b8a29d1dd8477f50a Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 31 Oct 2025 23:25:17 +0100 Subject: [PATCH 0663/2408] tests: replace standalone significant tabs with macro Follow-up to d29f14b9cf0d38f3887b6eadc71af16903bc7f5b #19300 Closes #19315 --- tests/data/test1105 | 6 +++--- tests/data/test1185 | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/data/test1105 b/tests/data/test1105 index cb828bf048..78bed7524e 100644 --- a/tests/data/test1105 +++ b/tests/data/test1105 @@ -19,9 +19,9 @@ Funny-head: yesyes swsclose Set-Cookie: foobar=name; Set-Cookie: mismatch=this; domain=127.0.0.1; path="/silly/"; Set-Cookie: partmatch=present; domain=.0.0.1; path=/; -Set-Cookie: foo bar=barfoo -Set-Cookie: bar foo= -Set-Cookie: bar=foo bar +Set-Cookie: foo%tab%bar=barfoo +Set-Cookie: bar%tab%foo= +Set-Cookie: bar=foo%tab%bar diff --git a/tests/data/test1185 b/tests/data/test1185 index c00e982301..64eef41800 100644 --- a/tests/data/test1185 +++ b/tests/data/test1185 @@ -20,7 +20,7 @@ checksrc * Violate each rule at least once. **/ int hello; /*------------------------------------------------------------------*/ -int tab; +int%tab%tab; int trailing_space; int a = func (); int b = func( b); From cf4a62725d641ff0879f6a145e6131665f6761e4 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 1 Nov 2025 00:47:21 +0100 Subject: [PATCH 0664/2408] CI: two display name tweaks - use `AM`/`CM` where missing. In GHA/linux-old and AppVeyor CI. To denote autotools and CMake, and to align with rest of the jobs. - rename `Old Linux` to `Linux Old` to align with the rest of Linux jobs on GitHub web views sorted by name. Closes #19316 --- .github/workflows/linux-old.yml | 48 ++++++++++++++++----------------- appveyor.yml | 28 +++++++++---------- 2 files changed, 38 insertions(+), 38 deletions(-) diff --git a/.github/workflows/linux-old.yml b/.github/workflows/linux-old.yml index 198f90c538..7cba9243cb 100644 --- a/.github/workflows/linux-old.yml +++ b/.github/workflows/linux-old.yml @@ -16,7 +16,7 @@ # httrack is one of the smallest downloaders, needed to bootstrap ELTS, # and won't conflict with the curl we're building. -name: 'Old Linux' +name: 'Linux Old' 'on': push: @@ -56,7 +56,7 @@ env: jobs: cmake-autotools: - name: 'cmake & autotools' + name: 'autotools & cmake' runs-on: 'ubuntu-latest' container: 'debian:stretch' @@ -84,31 +84,31 @@ jobs: with: persist-credentials: false - - name: 'cmake build-only configure (out-of-tree)' + - name: 'CM build-only configure (out-of-tree)' run: | mkdir bld-1 cd bld-1 cmake .. -DCMAKE_UNITY_BUILD=ON -DCURL_WERROR=ON -DBUILD_SHARED_LIBS=ON \ -DCURL_USE_GNUTLS=ON -DENABLE_ARES=OFF -DCURL_ZSTD=OFF -DCURL_USE_GSSAPI=OFF -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=OFF -DUSE_LIBRTMP=ON - - name: 'cmake build-only build' + - name: 'CM build-only build' run: VERBOSE=1 make -C bld-1 install - - name: 'cmake build-only curl -V' + - name: 'CM build-only curl -V' run: bld-1/src/curl --disable --version - - name: 'cmake build-only configure log' + - name: 'CM build-only configure log' if: ${{ !cancelled() }} run: cat bld-1/CMakeFiles/CMake*.log 2>/dev/null || true - - name: 'cmake build-only curl_config.h' + - name: 'CM build-only curl_config.h' run: | echo '::group::raw'; cat bld-1/lib/curl_config.h || true; echo '::endgroup::' grep -F '#define' bld-1/lib/curl_config.h | sort || true # when this job can get a libssh version 0.9.0 or later, this should get # that enabled again - - name: 'cmake configure (out-of-tree, c-ares, zstd, gssapi)' + - name: 'CM configure (out-of-tree, c-ares, zstd, gssapi)' run: | mkdir bld-cares cd bld-cares @@ -116,37 +116,37 @@ jobs: -DCURL_USE_GNUTLS=ON -DENABLE_ARES=ON -DCURL_USE_GSSAPI=ON -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=OFF -DUSE_LIBRTMP=ON \ -DCURL_LIBCURL_VERSIONED_SYMBOLS=ON - - name: 'cmake configure log' + - name: 'CM configure log' if: ${{ !cancelled() }} run: cat bld-cares/CMakeFiles/CMake*.log 2>/dev/null || true - - name: 'cmake curl_config.h' + - name: 'CM curl_config.h' run: | echo '::group::raw'; cat bld-cares/lib/curl_config.h || true; echo '::endgroup::' grep -F '#define' bld-cares/lib/curl_config.h | sort || true - - name: 'cmake build' + - name: 'CM build' run: make -C bld-cares - - name: 'cmake curl -V' + - name: 'CM curl -V' run: bld-cares/src/curl --disable --version - - name: 'cmake install' + - name: 'CM install' run: make -C bld-cares install - - name: 'cmake build tests' + - name: 'CM build tests' run: make -C bld-cares testdeps - - name: 'cmake run tests' + - name: 'CM run tests' run: make -C bld-cares test-ci - - name: 'cmake build examples' + - name: 'CM build examples' run: make -C bld-cares curl-examples-build - - name: 'autoreconf' + - name: 'AM autoreconf' run: autoreconf -fi - - name: 'autotools configure (out-of-tree, c-ares, zstd, gssapi)' + - name: 'AM configure (out-of-tree, c-ares, zstd, gssapi)' run: | mkdir bld-am cd bld-am @@ -154,23 +154,23 @@ jobs: --with-gnutls --enable-ares --without-libssh2 --with-zstd --with-gssapi --with-librtmp \ --prefix="$PWD"/../curl-install-am - - name: 'autotools configure log' + - name: 'AM configure log' if: ${{ !cancelled() }} run: cat bld-am/config.log 2>/dev/null || true - - name: 'autotools curl_config.h' + - name: 'AM curl_config.h' run: | echo '::group::raw'; cat bld-am/lib/curl_config.h || true; echo '::endgroup::' grep -F '#define' bld-am/lib/curl_config.h | sort || true - - name: 'autotools build' + - name: 'AM build' run: make -C bld-am - - name: 'autotools curl -V' + - name: 'AM curl -V' run: bld-am/src/curl --disable --version - - name: 'autotools install' + - name: 'AM install' run: make -C bld-am install - - name: 'autotools build tests' + - name: 'AM build tests' run: make -C bld-am/tests all diff --git a/appveyor.yml b/appveyor.yml index af6ecd2c15..98e6e51609 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -46,14 +46,14 @@ environment: # generated CMake-based Visual Studio builds - - job_name: 'CMake, VS2022, Release, x64, OpenSSL 3.5, Shared, Build-tests' + - job_name: 'CM VS2022, Release, x64, OpenSSL 3.5, Shared, Build-tests' APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2022' PRJ_GEN: 'Visual Studio 17 2022' TARGET: '-A x64' PRJ_CFG: Release OPENSSL: 'ON' SHARED: 'ON' - - job_name: 'CMake, VS2022, Release, arm64, Schannel, Static, Build-tests' + - job_name: 'CM VS2022, Release, arm64, Schannel, Static, Build-tests' APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2022' PRJ_GEN: 'Visual Studio 17 2022' TARGET: '-A ARM64' @@ -61,7 +61,7 @@ environment: SCHANNEL: 'ON' DEBUG: 'OFF' CURLDEBUG: 'ON' - - job_name: 'CMake, VS2010, Debug, x64, Schannel, Shared, Build-tests & examples, XP' + - job_name: 'CM VS2010, Debug, x64, Schannel, Shared, Build-tests & examples, XP' APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2013' PRJ_GEN: 'Visual Studio 10 2010' TARGET: '-A x64' @@ -70,7 +70,7 @@ environment: SCHANNEL: 'ON' SHARED: 'ON' EXAMPLES: 'ON' - - job_name: 'CMake, VS2012, Release, x86, OpenSSL 1.1.1 + Schannel, Shared, Build-tests' + - job_name: 'CM VS2012, Release, x86, OpenSSL 1.1.1 + Schannel, Shared, Build-tests' APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2015' PRJ_GEN: 'Visual Studio 11 2012' TARGET: '-A Win32' @@ -78,7 +78,7 @@ environment: OPENSSL: 'ON' SCHANNEL: 'ON' SHARED: 'ON' - - job_name: 'CMake, VS2013, Debug, x64, OpenSSL 1.1.1, Shared, Build-only' + - job_name: 'CM VS2013, Debug, x64, OpenSSL 1.1.1, Shared, Build-only' APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2015' PRJ_GEN: 'Visual Studio 12 2013' TARGET: '-A x64' @@ -86,14 +86,14 @@ environment: OPENSSL: 'ON' SHARED: 'ON' TFLAGS: 'skipall' - - job_name: 'CMake, VS2015, Debug, x64, OpenSSL 1.1.1, Static, Build-only' + - job_name: 'CM VS2015, Debug, x64, OpenSSL 1.1.1, Static, Build-only' APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2015' PRJ_GEN: 'Visual Studio 14 2015' TARGET: '-A x64' PRJ_CFG: Debug OPENSSL: 'ON' TFLAGS: 'skipall' - - job_name: 'CMake, VS2017, Debug, x64, OpenSSL 1.1.1, Shared, Build-only' + - job_name: 'CM VS2017, Debug, x64, OpenSSL 1.1.1, Shared, Build-only' APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2017' PRJ_GEN: 'Visual Studio 15 2017' TARGET: '-A x64' @@ -101,7 +101,7 @@ environment: OPENSSL: 'ON' SHARED: 'ON' TFLAGS: 'skipall' - - job_name: 'CMake, VS2019, Debug, x64, OpenSSL 3.0 + Schannel, Shared, Build-tests' + - job_name: 'CM VS2019, Debug, x64, OpenSSL 3.0 + Schannel, Shared, Build-tests' APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2019' PRJ_GEN: 'Visual Studio 16 2019' TARGET: '-A x64' @@ -109,7 +109,7 @@ environment: OPENSSL: 'ON' SCHANNEL: 'ON' SHARED: 'ON' - - job_name: 'CMake, VS2022, Debug, x64, OpenSSL 3.5 + Schannel, Static, Unicode, Build-tests & examples, clang-cl' + - job_name: 'CM VS2022, Debug, x64, OpenSSL 3.5 + Schannel, Static, Unicode, Build-tests & examples, clang-cl' APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2022' PRJ_GEN: 'Visual Studio 17 2022' TARGET: '-A x64' @@ -119,14 +119,14 @@ environment: ENABLE_UNICODE: 'ON' EXAMPLES: 'ON' TOOLSET: 'ClangCl' - - job_name: 'CMake, VS2022, Debug, x64, Schannel, Static, Unicode, Build-tests' + - job_name: 'CM VS2022, Debug, x64, Schannel, Static, Unicode, Build-tests' APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2022' PRJ_GEN: 'Visual Studio 17 2022' TARGET: '-A x64' PRJ_CFG: Debug SCHANNEL: 'ON' ENABLE_UNICODE: 'ON' - - job_name: 'CMake, VS2022, Release, x64, Schannel, Shared, Unicode, DEBUGBUILD, no-CURLDEBUG, Build-tests' + - job_name: 'CM VS2022, Release, x64, Schannel, Shared, Unicode, DEBUGBUILD, no-CURLDEBUG, Build-tests' APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2022' PRJ_GEN: 'Visual Studio 17 2022' TARGET: '-A x64' @@ -135,12 +135,12 @@ environment: ENABLE_UNICODE: 'ON' SHARED: 'ON' CURLDEBUG: 'OFF' - - job_name: 'CMake, VS2022, Debug, x64, no SSL, Static, Build-tests' + - job_name: 'CM VS2022, Debug, x64, no SSL, Static, Build-tests' APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2022' PRJ_GEN: 'Visual Studio 17 2022' TARGET: '-A x64' PRJ_CFG: Debug - - job_name: 'CMake, VS2022, Debug, x64, no SSL, Static, HTTP only, Build-tests' + - job_name: 'CM VS2022, Debug, x64, no SSL, Static, HTTP only, Build-tests' APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2022' PRJ_GEN: 'Visual Studio 17 2022' TARGET: '-A x64' @@ -149,7 +149,7 @@ environment: # generated VisualStudioSolution-based builds - - job_name: 'VisualStudioSolution, VS2013, Debug, x86, Schannel, Build-only' + - job_name: 'VisualStudioSolution VS2013, Debug, x86, Schannel, Build-only' APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2015' BUILD_SYSTEM: VisualStudioSolution PRJ_CFG: 'DLL Debug - DLL Windows SSPI - DLL WinIDN' From 6a97bc2c97b54dc981f9a5d5ab542c30ea0acaad Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 1 Nov 2025 04:02:13 +0100 Subject: [PATCH 0665/2408] tests/data: delete stray CRLFs in markup lines Closes #19317 --- tests/data/test1406 | 4 ++-- tests/data/test816 | 4 ++-- tests/data/test861 | 8 ++++---- tests/data/test862 | 8 ++++---- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/tests/data/test1406 b/tests/data/test1406 index bee4b337a4..ba7a325dd9 100644 --- a/tests/data/test1406 +++ b/tests/data/test1406 @@ -11,9 +11,9 @@ SMTP # # Server-side - + CAPA SIZE - + # diff --git a/tests/data/test816 b/tests/data/test816 index c45cc1172f..ff6546ec52 100644 --- a/tests/data/test816 +++ b/tests/data/test816 @@ -15,9 +15,9 @@ CUSTOMREQUEST * 123 FETCH (FLAGS (\Seen \Deleted)) - + * 123 EXPUNGE - + # diff --git a/tests/data/test861 b/tests/data/test861 index c40d06af14..dbcee53287 100644 --- a/tests/data/test861 +++ b/tests/data/test861 @@ -12,16 +12,16 @@ RFC2449 # # Server-side - + CAPA UIDL USER - + # When doing UIDL, we get the default list output hard-coded in the test # POP3 server - + 1 1 2 2 3 4 - + # diff --git a/tests/data/test862 b/tests/data/test862 index 73c50ff061..2484c8e98c 100644 --- a/tests/data/test862 +++ b/tests/data/test862 @@ -12,14 +12,14 @@ RFC2449 # # Server-side - + CAPA TOP USER - - + + From: me@somewhere To: fake@nowhere - + # From 8d0bfe74fba1e8394e73d2577c8a30b65f86b86f Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 1 Nov 2025 20:21:25 +0100 Subject: [PATCH 0666/2408] httpsrr: send HTTPS query to the right target When the target host is on a different port than 443, the name "_[port]._https.[name]" shall be used. Fixes #19301 Reported-by: Gunni on github Closes #19324 --- lib/asyn-ares.c | 19 +++++++++++++++++-- lib/asyn-thrdd.c | 13 ++++++++++--- lib/httpsrr.c | 2 ++ lib/httpsrr.h | 1 + tests/data/test2100 | 1 + 5 files changed, 31 insertions(+), 5 deletions(-) diff --git a/lib/asyn-ares.c b/lib/asyn-ares.c index 094d703ec0..09c94f97b8 100644 --- a/lib/asyn-ares.c +++ b/lib/asyn-ares.c @@ -730,6 +730,9 @@ struct Curl_addrinfo *Curl_async_getaddrinfo(struct Curl_easy *data, int *waitp) { struct async_ares_ctx *ares = &data->state.async.ares; +#ifdef USE_HTTPSRR + char *rrname = NULL; +#endif *waitp = 0; /* default to synchronous response */ if(async_ares_init_lazy(data)) @@ -742,6 +745,15 @@ struct Curl_addrinfo *Curl_async_getaddrinfo(struct Curl_easy *data, data->state.async.hostname = strdup(hostname); if(!data->state.async.hostname) return NULL; +#ifdef USE_HTTPSRR + if(port != 443) { + rrname = curl_maprintf("_%d_.https.%s", port, hostname); + if(!rrname) { + free(data->state.async.hostname); + return NULL; + } + } +#endif /* initial status - failed */ ares->ares_status = ARES_ENOTFOUND; @@ -814,11 +826,14 @@ struct Curl_addrinfo *Curl_async_getaddrinfo(struct Curl_easy *data, #endif #ifdef USE_HTTPSRR { - CURL_TRC_DNS(data, "asyn-ares: fire off query for HTTPSRR"); + CURL_TRC_DNS(data, "asyn-ares: fire off query for HTTPSRR: %s", + rrname ? rrname : data->state.async.hostname); memset(&ares->hinfo, 0, sizeof(ares->hinfo)); ares->hinfo.port = -1; + ares->hinfo.rrname = rrname; ares->num_pending++; /* one more */ - ares_query_dnsrec(ares->channel, data->state.async.hostname, + ares_query_dnsrec(ares->channel, + rrname ? rrname : data->state.async.hostname, ARES_CLASS_IN, ARES_REC_TYPE_HTTPS, async_ares_rr_done, data, NULL); } diff --git a/lib/asyn-thrdd.c b/lib/asyn-thrdd.c index cb19f86452..da83cca87a 100644 --- a/lib/asyn-thrdd.c +++ b/lib/asyn-thrdd.c @@ -361,12 +361,18 @@ static void async_thrdd_rr_done(void *user_data, ares_status_t status, thrdd->rr.result = Curl_httpsrr_from_ares(data, dnsrec, &thrdd->rr.hinfo); } -static CURLcode async_rr_start(struct Curl_easy *data) +static CURLcode async_rr_start(struct Curl_easy *data, int port) { struct async_thrdd_ctx *thrdd = &data->state.async.thrdd; int status; + char *rrname = NULL; DEBUGASSERT(!thrdd->rr.channel); + if(port != 443) { + rrname = curl_maprintf("_%d_.https.%s", port, data->conn->host.name); + if(!rrname) + return CURLE_OUT_OF_MEMORY; + } status = ares_init_options(&thrdd->rr.channel, NULL, 0); if(status != ARES_SUCCESS) { thrdd->rr.channel = NULL; @@ -383,8 +389,9 @@ static CURLcode async_rr_start(struct Curl_easy *data) memset(&thrdd->rr.hinfo, 0, sizeof(thrdd->rr.hinfo)); thrdd->rr.hinfo.port = -1; + thrdd->rr.hinfo.rrname = rrname; ares_query_dnsrec(thrdd->rr.channel, - data->conn->host.name, ARES_CLASS_IN, + rrname ? rrname : data->conn->host.name, ARES_CLASS_IN, ARES_REC_TYPE_HTTPS, async_thrdd_rr_done, data, NULL); CURL_TRC_DNS(data, "Issued HTTPS-RR request for %s", data->conn->host.name); @@ -454,7 +461,7 @@ static bool async_thrdd_init(struct Curl_easy *data, } #ifdef USE_HTTPSRR_ARES - if(async_rr_start(data)) + if(async_rr_start(data, port)) infof(data, "Failed HTTPS RR operation"); #endif CURL_TRC_DNS(data, "resolve thread started for of %s:%d", hostname, port); diff --git a/lib/httpsrr.c b/lib/httpsrr.c index ae2c106bce..f0d7ea14f1 100644 --- a/lib/httpsrr.c +++ b/lib/httpsrr.c @@ -152,6 +152,7 @@ void Curl_httpsrr_cleanup(struct Curl_https_rrinfo *rrinfo) Curl_safefree(rrinfo->echconfiglist); Curl_safefree(rrinfo->ipv4hints); Curl_safefree(rrinfo->ipv6hints); + Curl_safefree(rrinfo->rrname); } @@ -206,6 +207,7 @@ CURLcode Curl_httpsrr_from_ares(struct Curl_easy *data, } } out: + Curl_safefree(hinfo->rrname); return result; } diff --git a/lib/httpsrr.h b/lib/httpsrr.h index 563d1c8e51..9b7831f75c 100644 --- a/lib/httpsrr.h +++ b/lib/httpsrr.h @@ -38,6 +38,7 @@ struct Curl_easy; struct Curl_https_rrinfo { + char *rrname; /* if NULL, the same as the URL hostname */ /* * Fields from HTTPS RR. The only mandatory fields are priority and target. * See https://datatracker.ietf.org/doc/html/rfc9460#section-14.3.2 diff --git a/tests/data/test2100 b/tests/data/test2100 index a5e809c6ef..9d75e72b81 100644 --- a/tests/data/test2100 +++ b/tests/data/test2100 @@ -4,6 +4,7 @@ HTTP HTTP GET DOH +httpsrr From f6bbc2b3be510a3c7e469cd697132ca1046290b5 Mon Sep 17 00:00:00 2001 From: x2018 Date: Sat, 1 Nov 2025 03:43:26 +0800 Subject: [PATCH 0667/2408] doh: cleanup resources on error paths Closes #19310 --- lib/doh.c | 27 +++++++++++++-------------- 1 file changed, 13 insertions(+), 14 deletions(-) diff --git a/lib/doh.c b/lib/doh.c index 8cdecf4657..ec97bd7333 100644 --- a/lib/doh.c +++ b/lib/doh.c @@ -1219,8 +1219,9 @@ UNITTEST void doh_print_httpsrr(struct Curl_easy *data, CURLcode Curl_doh_is_resolved(struct Curl_easy *data, struct Curl_dns_entry **dnsp) { - CURLcode result; + CURLcode result = CURLE_OK; struct doh_probes *dohp = data->state.async.doh; + struct dohentry de; *dnsp = NULL; /* defaults to no response */ if(!dohp) return CURLE_OUT_OF_MEMORY; @@ -1233,7 +1234,6 @@ CURLcode Curl_doh_is_resolved(struct Curl_easy *data, } else if(!dohp->pending) { DOHcode rc[DOH_SLOT_COUNT]; - struct dohentry de; int slot; /* Clear any result the might still be there */ @@ -1265,17 +1265,14 @@ CURLcode Curl_doh_is_resolved(struct Curl_easy *data, struct Curl_dns_entry *dns; struct Curl_addrinfo *ai; - if(Curl_trc_ft_is_verbose(data, &Curl_trc_feat_dns)) { CURL_TRC_DNS(data, "hostname: %s", dohp->host); doh_show(data, &de); } result = doh2ai(&de, dohp->host, dohp->port, &ai); - if(result) { - de_cleanup(&de); - return result; - } + if(result) + goto error; /* we got a response, create a dns entry. */ dns = Curl_dnscache_mk_entry(data, ai, dohp->host, 0, dohp->port, FALSE); @@ -1288,7 +1285,8 @@ CURLcode Curl_doh_is_resolved(struct Curl_easy *data, de.https_rrs->len, &hrr); if(result) { infof(data, "Failed to decode HTTPS RR"); - return result; + Curl_resolv_unlink(data, &dns); + goto error; } infof(data, "Some HTTPS RR to process"); # ifdef DEBUGBUILD @@ -1306,14 +1304,15 @@ CURLcode Curl_doh_is_resolved(struct Curl_easy *data, /* All done */ data->state.async.done = TRUE; - de_cleanup(&de); - Curl_doh_cleanup(data); - return result; - } /* !dohp->pending */ + else + /* wait for pending DoH transactions to complete */ + return CURLE_OK; - /* else wait for pending DoH transactions to complete */ - return CURLE_OK; +error: + de_cleanup(&de); + Curl_doh_cleanup(data); + return result; } void Curl_doh_close(struct Curl_easy *data) From e2a12fcbdbe9fa515e0389995318f02f898a4b0b Mon Sep 17 00:00:00 2001 From: x2018 Date: Sat, 1 Nov 2025 23:28:07 +0800 Subject: [PATCH 0668/2408] vtls: properly handle SSL shutdown timeout Closes #19323 --- lib/vtls/vtls.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c index 22d820b160..df0449cbee 100644 --- a/lib/vtls/vtls.c +++ b/lib/vtls/vtls.c @@ -1858,7 +1858,8 @@ static CURLcode vtls_shutdown_blocking(struct Curl_cfilter *cf, if(timeout_ms < 0) { /* no need to continue if time is already up */ failf(data, "SSL shutdown timeout"); - return CURLE_OPERATION_TIMEDOUT; + result = CURLE_OPERATION_TIMEDOUT; + goto out; } result = connssl->ssl_impl->shut_down(cf, data, send_shutdown, done); From 6cf3d7b1b161bc45501d17b401225befe3c43943 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 1 Nov 2025 01:28:55 +0100 Subject: [PATCH 0669/2408] tests: avoid more hard-coded CRLFs in `protocol` sections - fix regex to not catch CR (from CRLF), in `PORT`, `EPRT` commands, allowing to use `crlf="yes"` more. - add `crlf="headers"` mode for `protocol` sections. To call `subnewlines()` without its force option. This is the mode used in `data` sections when `crlf="yes"`. (This confusion may be subject to a future commit.) - subnewlines: apply CRLF to `HEAD` and `CONNECT` HTTP requests. - subnewlines: apply CRLF to RTSP requests. - delete remaining empty `protocol` sections. Reducing the number of `tests/data/test*`: - CRLF newlines from 11325 to 10295. (119984 lines total) - files with mixed newlines from 707 to 656. (1890 files total) Follow-up to 4d2a05d3fe8ba4db9168b03057029ea5ce7dab77 #19284 Closes #19318 --- docs/tests/FILEFORMAT.md | 6 +++- tests/data/test10 | 14 ++++---- tests/data/test1001 | 36 ++++++++++----------- tests/data/test1002 | 70 ++++++++++++++++++++-------------------- tests/data/test1008 | 36 ++++++++++----------- tests/data/test1030 | 28 ++++++++-------- tests/data/test1041 | 16 ++++----- tests/data/test1050 | 16 ++++----- tests/data/test1051 | 26 +++++++-------- tests/data/test1052 | 26 +++++++-------- tests/data/test1064 | 26 +++++++-------- tests/data/test1065 | 24 +++++++------- tests/data/test1071 | 28 ++++++++-------- tests/data/test1075 | 28 ++++++++-------- tests/data/test1098 | 26 +++++++-------- tests/data/test1134 | 26 +++++++-------- tests/data/test116 | 14 ++++---- tests/data/test1206 | 18 +++++------ tests/data/test1207 | 18 +++++------ tests/data/test1208 | 16 ++++----- tests/data/test1209 | 16 ++++----- tests/data/test1211 | 16 ++++----- tests/data/test125 | 12 +++---- tests/data/test1285 | 28 ++++++++-------- tests/data/test1414 | 20 ++++++------ tests/data/test1418 | 46 +++++++++++++------------- tests/data/test1419 | 22 ++++++------- tests/data/test1421 | 26 +++++++-------- tests/data/test1509 | 10 +++--- tests/data/test1524 | 24 +++++++------- tests/data/test1525 | 14 ++++---- tests/data/test1526 | 14 ++++---- tests/data/test1527 | 16 ++++----- tests/data/test154 | 28 ++++++++-------- tests/data/test155 | 42 ++++++++++++------------ tests/data/test156 | 14 ++++---- tests/data/test1590 | 2 -- tests/data/test1671 | 12 +++---- tests/data/test18 | 32 +++++++++--------- tests/data/test180 | 14 ++++---- tests/data/test181 | 16 ++++----- tests/data/test1938 | 14 ++++---- tests/data/test194 | 14 ++++---- tests/data/test1948 | 24 +++++++------- tests/data/test1973 | 16 ++++----- tests/data/test2000 | 18 +++++------ tests/data/test2001 | 28 ++++++++-------- tests/data/test2058 | 36 ++++++++++----------- tests/data/test2059 | 36 ++++++++++----------- tests/data/test206 | 34 +++++++++---------- tests/data/test2060 | 36 ++++++++++----------- tests/data/test212 | 30 ++++++++--------- tests/data/test253 | 16 ++++----- tests/data/test255 | 16 ++++----- tests/data/test272 | 12 +++---- tests/data/test275 | 26 +++++++-------- tests/data/test281 | 14 ++++---- tests/data/test32 | 12 +++---- tests/data/test33 | 16 ++++----- tests/data/test338 | 22 ++++++------- tests/data/test35 | 16 ++++----- tests/data/test357 | 28 ++++++++-------- tests/data/test364 | 14 ++++---- tests/data/test384 | 16 ++++----- tests/data/test388 | 58 ++++++++++++++++----------------- tests/data/test425 | 14 ++++---- tests/data/test48 | 22 ++++++------- tests/data/test490 | 26 +++++++-------- tests/data/test491 | 14 ++++---- tests/data/test492 | 58 ++++++++++++++++----------------- tests/data/test503 | 12 +++---- tests/data/test508 | 14 ++++---- tests/data/test513 | 2 -- tests/data/test540 | 46 +++++++++++++------------- tests/data/test544 | 14 ++++---- tests/data/test545 | 14 ++++---- tests/data/test547 | 48 +++++++++++++-------------- tests/data/test548 | 48 +++++++++++++-------------- tests/data/test551 | 32 +++++++++--------- tests/data/test553 | 30 ++++++++--------- tests/data/test555 | 48 +++++++++++++-------------- tests/data/test568 | 36 ++++++++++----------- tests/data/test572 | 50 ++++++++++++++-------------- tests/data/test577 | 12 +++---- tests/data/test58 | 14 ++++---- tests/data/test582 | 2 -- tests/data/test588 | 20 ++++++------ tests/data/test591 | 20 ++++++------ tests/data/test592 | 20 ++++++------ tests/data/test593 | 20 ++++++------ tests/data/test594 | 20 ++++++------ tests/data/test596 | 18 +++++------ tests/data/test758 | 2 -- tests/data/test766 | 12 +++---- tests/data/test785 | 16 ++++----- tests/data/test786 | 16 ++++----- tests/data/test88 | 28 ++++++++-------- tests/data/test95 | 16 ++++----- tests/data/test97 | 16 ++++----- tests/data/test970 | 12 +++---- tests/data/test972 | 12 +++---- tests/data/test977 | 14 ++++---- tests/data/test98 | 16 ++++----- tests/data/test985 | 4 +-- tests/data/test986 | 6 ++-- tests/runtests.pl | 5 ++- tests/testutil.pm | 3 +- 107 files changed, 1163 insertions(+), 1163 deletions(-) diff --git a/docs/tests/FILEFORMAT.md b/docs/tests/FILEFORMAT.md index cbc9221056..bc82aa8c00 100644 --- a/docs/tests/FILEFORMAT.md +++ b/docs/tests/FILEFORMAT.md @@ -663,7 +663,7 @@ command exists with a non-zero status code, the test is considered failed. A list of directory entries that are checked for after the test has completed and that must not exist. A listed entry existing causes the test to fail. -### `` +### `` the protocol dump curl should transmit, if `nonewline` is set, we cut off the trailing newline of this given data before comparing with the one actually @@ -673,6 +673,10 @@ comparisons are made. `crlf=yes` forces the newlines to become CRLF even if not written so in the test. +`crlf=headers` forces *header* newlines to become CRLF even if not written so +in the source file. Note that this makes runtests.pl parse and "guess" what is +a header and what is not in order to apply the CRLF line endings appropriately. + ### `` The protocol dump curl should transmit to an HTTP proxy (when the http-proxy diff --git a/tests/data/test10 b/tests/data/test10 index ac1486ec09..89cc509bc4 100644 --- a/tests/data/test10 +++ b/tests/data/test10 @@ -43,13 +43,13 @@ the # Verify data after the test has been "shot" - -PUT /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 78 - + +PUT /we/want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 78 + Weird file to diff --git a/tests/data/test1001 b/tests/data/test1001 index 6755e7a1ec..ab2b045e9c 100644 --- a/tests/data/test1001 +++ b/tests/data/test1001 @@ -82,24 +82,24 @@ test # Verify data after the test has been "shot" - -GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Content-Range: bytes 2-4/5 -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 0 - -GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/%TESTNUMBER", response="6af4d89c952f4dd4cc215a6878dc499d" -Content-Range: bytes 2-4/5 -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 3 - + +GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Content-Range: bytes 2-4/5 +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Content-Length: 0 + +GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/%TESTNUMBER", response="6af4d89c952f4dd4cc215a6878dc499d" +Content-Range: bytes 2-4/5 +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Content-Length: 3 + st diff --git a/tests/data/test1002 b/tests/data/test1002 index de08c0e722..94124e2ea0 100644 --- a/tests/data/test1002 +++ b/tests/data/test1002 @@ -81,42 +81,42 @@ test # Verify data after the test has been "shot" - -GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER.upload1 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Content-Range: bytes 2-4/5 -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 0 - -GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER.upload1 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/%TESTNUMBER.upload1", response="198aa9b6acb4b0c71d02a197a5e41f54" -Content-Range: bytes 2-4/5 -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 3 - + +GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER.upload1 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Content-Range: bytes 2-4/5 +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Content-Length: 0 + +GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER.upload1 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/%TESTNUMBER.upload1", response="198aa9b6acb4b0c71d02a197a5e41f54" +Content-Range: bytes 2-4/5 +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Content-Length: 3 + st -GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER.upload2 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Content-Range: bytes 2-4/5 -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 0 - -GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER.upload2 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/%TESTNUMBER.upload2", response="d711f0d2042786d930de635ba0d1a1d0" -Content-Range: bytes 2-4/5 -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 3 - +GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER.upload2 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Content-Range: bytes 2-4/5 +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Content-Length: 0 + +GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER.upload2 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/%TESTNUMBER.upload2", response="d711f0d2042786d930de635ba0d1a1d0" +Content-Range: bytes 2-4/5 +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Content-Length: 3 + st diff --git a/tests/data/test1008 b/tests/data/test1008 index 4535d65076..a1705d1066 100644 --- a/tests/data/test1008 +++ b/tests/data/test1008 @@ -101,24 +101,24 @@ http://test.remote.example.com.%TESTNUMBER:%HTTPPORT/path/%TESTNUMBER0002 --prox # Verify data after the test has been "shot" - -CONNECT test.remote.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 -Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT -Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - -CONNECT test.remote.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 -Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT -Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - -GET /path/%TESTNUMBER0002 HTTP/1.1 -Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +CONNECT test.remote.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 +Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT +Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + +CONNECT test.remote.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 +Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT +Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + +GET /path/%TESTNUMBER0002 HTTP/1.1 +Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + [DISCONNECT] diff --git a/tests/data/test1030 b/tests/data/test1030 index 200bd72b3c..28c6e4b293 100644 --- a/tests/data/test1030 +++ b/tests/data/test1030 @@ -80,24 +80,24 @@ four is the number of lines # Verify data after the test has been "shot" - -PUT /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 85 - + +PUT /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 85 + This is data we upload with PUT a second line line three four is the number of lines -PUT /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="gimme all yer s3cr3ts", nonce="11223344", uri="/%TESTNUMBER", response="01cb59db1ddaac246b072d5f5f0716d9" -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 85 - +PUT /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="gimme all yer s3cr3ts", nonce="11223344", uri="/%TESTNUMBER", response="01cb59db1ddaac246b072d5f5f0716d9" +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 85 + This is data we upload with PUT a second line line three diff --git a/tests/data/test1041 b/tests/data/test1041 index bb793d51ea..22822e49c9 100644 --- a/tests/data/test1041 +++ b/tests/data/test1041 @@ -52,14 +52,14 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -T%LOGDIR/test%TESTNUMBER.txt -C - # curl doesn't do a HEAD request on the remote file so it has no idea whether # it can skip part of the file or not. Instead, it sends the entire file. - -PUT /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Content-Range: bytes 0-99/100 -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 100 - + +PUT /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Content-Range: bytes 0-99/100 +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 100 + 012345678 012345678 012345678 diff --git a/tests/data/test1050 b/tests/data/test1050 index 3aa2f017e3..4accd71baa 100644 --- a/tests/data/test1050 +++ b/tests/data/test1050 @@ -46,16 +46,16 @@ FTP-IPv6 dir list, EPRT with specified IP # Strip all valid kinds of EPRT that curl can send -s/^(EPRT \|2\|::1\|)(.*)/$1/ +s/^(EPRT \|2\|::1\|)(\S*)/$1/ - -USER anonymous -PASS ftp@example.com -PWD + +USER anonymous +PASS ftp@example.com +PWD EPRT |2|::1| -TYPE A -LIST -QUIT +TYPE A +LIST +QUIT diff --git a/tests/data/test1051 b/tests/data/test1051 index 921aaeb780..70a714cde7 100644 --- a/tests/data/test1051 +++ b/tests/data/test1051 @@ -79,13 +79,13 @@ the # including the full request-body before it responds. So in this test the # server says 301 and 100 _after_ the entire PUT body has been sent. - -PUT /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 78 - + +PUT /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 78 + Weird file to @@ -95,12 +95,12 @@ for the PUT feature -PUT /want/data/%TESTNUMBER0002.txt?coolsite=yes HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 78 - +PUT /want/data/%TESTNUMBER0002.txt?coolsite=yes HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 78 + Weird file to diff --git a/tests/data/test1052 b/tests/data/test1052 index ade77bde55..ec92d479df 100644 --- a/tests/data/test1052 +++ b/tests/data/test1052 @@ -74,13 +74,13 @@ the # the test HTTP server is blocking until it has read the entire request, # including the full request-body before it responds. So in this test the # server says 301 and 200 _after_ the entire PUT body has been sent. - -PUT /want/%TESTNUMBER HTTP/1.0 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 78 - + +PUT /want/%TESTNUMBER HTTP/1.0 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 78 + Weird file to @@ -90,12 +90,12 @@ for the PUT feature -PUT /want/data/%TESTNUMBER0002.txt?coolsite=yes HTTP/1.0 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 78 - +PUT /want/data/%TESTNUMBER0002.txt?coolsite=yes HTTP/1.0 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 78 + Weird file to diff --git a/tests/data/test1064 b/tests/data/test1064 index 55eeb38dac..0d3536c15b 100644 --- a/tests/data/test1064 +++ b/tests/data/test1064 @@ -44,20 +44,20 @@ test # Verify data after the test has been "shot" - -PUT /%TESTNUMBER.upload1 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 5 - + +PUT /%TESTNUMBER.upload1 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 5 + test -PUT /%TESTNUMBER0002.upload2 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 5 - +PUT /%TESTNUMBER0002.upload2 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 5 + test diff --git a/tests/data/test1065 b/tests/data/test1065 index 3b1c652b58..b66ed29ed2 100644 --- a/tests/data/test1065 +++ b/tests/data/test1065 @@ -45,19 +45,19 @@ test # Verify data after the test has been "shot" - -PUT /%TESTNUMBER.upload1 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 5 - + +PUT /%TESTNUMBER.upload1 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 5 + test -GET /%TESTNUMBER0002.url2 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - +GET /%TESTNUMBER0002.url2 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 200 A OK diff --git a/tests/data/test1071 b/tests/data/test1071 index 1b320c2bfa..c98a8cd4aa 100644 --- a/tests/data/test1071 +++ b/tests/data/test1071 @@ -86,24 +86,24 @@ four is the number of lines # Verify data after the test has been "shot" - -PUT /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 85 - + +PUT /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 85 + This is data we upload with PUT a second line line three four is the number of lines -PUT /%TESTNUMBER HTTP/1.0 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="gimme all yer s3cr3ts", nonce="11223344", uri="/%TESTNUMBER", response="df4cef6b52a30e65d472dd848d2055a1" -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 85 - +PUT /%TESTNUMBER HTTP/1.0 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="gimme all yer s3cr3ts", nonce="11223344", uri="/%TESTNUMBER", response="df4cef6b52a30e65d472dd848d2055a1" +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 85 + This is data we upload with PUT a second line line three diff --git a/tests/data/test1075 b/tests/data/test1075 index 37230e1aa1..0a6e6d3c19 100644 --- a/tests/data/test1075 +++ b/tests/data/test1075 @@ -64,24 +64,24 @@ four is the number of lines # Verify data after the test has been "shot" - -PUT /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 85 - + +PUT /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 85 + This is data we upload with PUT a second line line three four is the number of lines -PUT /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[testuser:testpass]b64% -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 85 - +PUT /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[testuser:testpass]b64% +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 85 + This is data we upload with PUT a second line line three diff --git a/tests/data/test1098 b/tests/data/test1098 index dac208949a..4746b5fde9 100644 --- a/tests/data/test1098 +++ b/tests/data/test1098 @@ -43,19 +43,19 @@ ftp://ftp-site/moo/%TESTNUMBER ftp://ftp-site/moo/%TESTNUMBER --proxy http://%HO # # Verify data after the test has been "shot" - -GET ftp://ftp-site/moo/%TESTNUMBER HTTP/1.1 -Host: ftp-site:21 -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET ftp://ftp-site/moo/%TESTNUMBER HTTP/1.1 -Host: ftp-site:21 -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET ftp://ftp-site/moo/%TESTNUMBER HTTP/1.1 +Host: ftp-site:21 +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET ftp://ftp-site/moo/%TESTNUMBER HTTP/1.1 +Host: ftp-site:21 +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + HTTP/1.1 200 OK diff --git a/tests/data/test1134 b/tests/data/test1134 index 4b488fbbe9..1090a23b32 100644 --- a/tests/data/test1134 +++ b/tests/data/test1134 @@ -45,19 +45,19 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u user1:password1 --next http://%HOSTIP:%H # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[user1:password1]b64% -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Basic %b64[2user:password2]b64% -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[user1:password1]b64% +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic %b64[2user:password2]b64% +User-Agent: curl/%VERSION +Accept: */* + [DISCONNECT] diff --git a/tests/data/test116 b/tests/data/test116 index 0ab00aae91..7a29f181e4 100644 --- a/tests/data/test116 +++ b/tests/data/test116 @@ -43,13 +43,13 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER -P 1.2.3.4 s/^(PORT \d{1,3},\d{1,3},\d{1,3},\d{1,3},)\d{1,3},\d{1,3}/$1/ s/^(EPRT \|1\|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\|)\d{1,5}\|/$1/ - -USER anonymous -PASS ftp@example.com -PWD -EPRT |1|1.2.3.4| -PORT 1,2,3,4, -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPRT |1|1.2.3.4| +PORT 1,2,3,4, +QUIT diff --git a/tests/data/test1206 b/tests/data/test1206 index 228df4adb7..796ea44dfb 100644 --- a/tests/data/test1206 +++ b/tests/data/test1206 @@ -34,17 +34,17 @@ FTP PORT and 425 on download # Verify data after the test has been "shot" -s/^EPRT \|1\|(.*)/EPRT \|1\|/ +s/^EPRT \|1\|(\S*)/EPRT \|1\|/ - -USER anonymous -PASS ftp@example.com -PWD + +USER anonymous +PASS ftp@example.com +PWD EPRT |1| -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT 10 is CURLE_FTP_ACCEPT_FAILED diff --git a/tests/data/test1207 b/tests/data/test1207 index 612c42b0d6..0d77dfb3cc 100644 --- a/tests/data/test1207 +++ b/tests/data/test1207 @@ -34,17 +34,17 @@ FTP PORT and 421 on download # Verify data after the test has been "shot" -s/^EPRT \|1\|(.*)/EPRT \|1\|/ +s/^EPRT \|1\|(\S*)/EPRT \|1\|/ - -USER anonymous -PASS ftp@example.com -PWD + +USER anonymous +PASS ftp@example.com +PWD EPRT |1| -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT 10 diff --git a/tests/data/test1208 b/tests/data/test1208 index 055a0a58c6..8acf3c1cd7 100644 --- a/tests/data/test1208 +++ b/tests/data/test1208 @@ -38,21 +38,21 @@ FTP PORT download, no data conn and no transient negative reply # Verify data after the test has been "shot" -s/^EPRT \|1\|(.*)/EPRT \|1\|/ +s/^EPRT \|1\|(\S*)/EPRT \|1\|/ # This test doesn't send a QUIT because the main state machine in multi.c # triggers the timeout and sets the CURLE_OPERATION_TIMEDOUT error (28) for # which the FTP disconnect code generically has to assume could mean the # control the connection and thus it cannot send any command. - -USER anonymous -PASS ftp@example.com -PWD + +USER anonymous +PASS ftp@example.com +PWD EPRT |1| -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER # 28 is CURLE_OPERATION_TIMEDOUT diff --git a/tests/data/test1209 b/tests/data/test1209 index 38e1003c90..7c3ec3f94f 100644 --- a/tests/data/test1209 +++ b/tests/data/test1209 @@ -36,7 +36,7 @@ FTP PORT download, no data conn and no positive preliminary reply # Verify data after the test has been "shot" -s/^EPRT \|1\|(.*)/EPRT \|1\|/ +s/^EPRT \|1\|(\S*)/EPRT \|1\|/ # The protocol part does not include QUIT simply because the error is @@ -44,14 +44,14 @@ s/^EPRT \|1\|(.*)/EPRT \|1\|/ # specifically saying for which connection it concerns, and for timeouts libcurl # marks the control channel as "invalid". As this test case times out for the # data connection it could still use the control channel. - -USER anonymous -PASS ftp@example.com -PWD + +USER anonymous +PASS ftp@example.com +PWD EPRT |1| -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER 28 diff --git a/tests/data/test1211 b/tests/data/test1211 index 6ca7eaea91..d2919fb456 100644 --- a/tests/data/test1211 +++ b/tests/data/test1211 @@ -36,17 +36,17 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER -P - # Verify data after the test has been "shot" -s/^EPRT \|1\|(.*)/EPRT \|1\|/ +s/^EPRT \|1\|(\S*)/EPRT \|1\|/ - -USER anonymous -PASS ftp@example.com -PWD + +USER anonymous +PASS ftp@example.com +PWD EPRT |1| -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER 28 diff --git a/tests/data/test125 b/tests/data/test125 index 8de97c14e5..568bf13095 100644 --- a/tests/data/test125 +++ b/tests/data/test125 @@ -30,12 +30,12 @@ ftp://%HOSTIP:%FTPPORT/path/to/file/%TESTNUMBER 9 - -USER anonymous -PASS ftp@example.com -PWD -CWD path -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD path +QUIT diff --git a/tests/data/test1285 b/tests/data/test1285 index 1b65245521..9b7f0a0474 100644 --- a/tests/data/test1285 +++ b/tests/data/test1285 @@ -73,20 +73,20 @@ four is the number of lines # Verify data after the test has been "shot" - -PUT /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 0 - -PUT /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/%TESTNUMBER", response="dc185587d5e8391b347eef194c2a3cd6" -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 85 - + +PUT /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 0 + +PUT /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/%TESTNUMBER", response="dc185587d5e8391b347eef194c2a3cd6" +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 85 + This is data we upload with PUT a second line line three diff --git a/tests/data/test1414 b/tests/data/test1414 index 4be9b54222..e448956fc9 100644 --- a/tests/data/test1414 +++ b/tests/data/test1414 @@ -39,19 +39,19 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER -P - # Verify data after the test has been "shot" -s/^(EPRT \|1\|)(.*)/$1/ -s/^(PORT)(.*)/$1/ +s/^(EPRT \|1\|)(\S*)/$1/ +s/^(PORT) *(\S*)/$1/ - -USER anonymous -PASS ftp@example.com -PWD + +USER anonymous +PASS ftp@example.com +PWD EPRT |1| PORT -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test1418 b/tests/data/test1418 index 9fff0b63a3..bbbd585898 100644 --- a/tests/data/test1418 +++ b/tests/data/test1418 @@ -94,29 +94,29 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --anyauth http://%HOST # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="loonie", nonce="314156592", uri="/%TESTNUMBER", response="986238b7e0077754944c966f56d9bc77" -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0003 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0003 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="loonie", nonce="314156592", uri="/%TESTNUMBER0003", response="1c6390a67bac3283a9b023402f3b3540" -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="loonie", nonce="314156592", uri="/%TESTNUMBER", response="986238b7e0077754944c966f56d9bc77" +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0003 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0003 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="loonie", nonce="314156592", uri="/%TESTNUMBER0003", response="1c6390a67bac3283a9b023402f3b3540" +User-Agent: curl/%VERSION +Accept: */* + [DISCONNECT] diff --git a/tests/data/test1419 b/tests/data/test1419 index aada395f8a..45807f01bc 100644 --- a/tests/data/test1419 +++ b/tests/data/test1419 @@ -51,17 +51,17 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --anyauth http://%HOSTIP:%HTTPPORT/%TESTNUM # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0003 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0003 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + [DISCONNECT] diff --git a/tests/data/test1421 b/tests/data/test1421 index 6c36eb1916..3cab703b4a 100644 --- a/tests/data/test1421 +++ b/tests/data/test1421 @@ -55,19 +55,19 @@ Content-Length: 6 -foo- - -GET http://test.remote.haxx.se.%TESTNUMBER:8990/ HTTP/1.1 -Host: test.remote.haxx.se.%TESTNUMBER:8990 -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://different.remote.haxx.se.%TESTNUMBER:8990/ HTTP/1.1 -Host: different.remote.haxx.se.%TESTNUMBER:8990 -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://test.remote.haxx.se.%TESTNUMBER:8990/ HTTP/1.1 +Host: test.remote.haxx.se.%TESTNUMBER:8990 +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://different.remote.haxx.se.%TESTNUMBER:8990/ HTTP/1.1 +Host: different.remote.haxx.se.%TESTNUMBER:8990 +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + [DISCONNECT] diff --git a/tests/data/test1509 b/tests/data/test1509 index d7a7519c08..37614bda7d 100644 --- a/tests/data/test1509 +++ b/tests/data/test1509 @@ -80,11 +80,11 @@ Proxy-Connection: Keep-Alive [DISCONNECT] - -GET /%TESTNUMBER HTTP/1.1 -Host: the.old.moo.%TESTNUMBER:%HTTPPORT -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: the.old.moo.%TESTNUMBER:%HTTPPORT +Accept: */* + [DISCONNECT] diff --git a/tests/data/test1524 b/tests/data/test1524 index 8756ec6306..05433d47c2 100644 --- a/tests/data/test1524 +++ b/tests/data/test1524 @@ -55,19 +55,19 @@ moo # # Verify data after the test has been "shot" - -PUT /blah/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 4 - + +PUT /blah/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 4 + moo -GET /blah/moo.html&testcase=/%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - +GET /blah/moo.html&testcase=/%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test1525 b/tests/data/test1525 index 2778c3f564..1e143b3e6f 100644 --- a/tests/data/test1525 +++ b/tests/data/test1525 @@ -65,13 +65,13 @@ Proxy-Connection: Keep-Alive User-Agent: Http Agent - -PUT /%TESTNUMBER HTTP/1.1 -Host: the.old.moo.%TESTNUMBER:%HTTPPORT -Accept: */* -User-Agent: Http Agent -Content-Length: 13 - + +PUT /%TESTNUMBER HTTP/1.1 +Host: the.old.moo.%TESTNUMBER:%HTTPPORT +Accept: */* +User-Agent: Http Agent +Content-Length: 13 + Hello Cloud! diff --git a/tests/data/test1526 b/tests/data/test1526 index cd4a4f48b0..45d95811b7 100644 --- a/tests/data/test1526 +++ b/tests/data/test1526 @@ -67,13 +67,13 @@ Proxy-Connection: Keep-Alive User-Agent: Proxy Agent - -PUT /%TESTNUMBER HTTP/1.1 -Host: the.old.moo.%TESTNUMBER:%HTTPPORT -Accept: */* -User-Agent: Http Agent -Content-Length: 13 - + +PUT /%TESTNUMBER HTTP/1.1 +Host: the.old.moo.%TESTNUMBER:%HTTPPORT +Accept: */* +User-Agent: Http Agent +Content-Length: 13 + Hello Cloud! diff --git a/tests/data/test1527 b/tests/data/test1527 index 1f422362b3..3540a3bfb8 100644 --- a/tests/data/test1527 +++ b/tests/data/test1527 @@ -67,14 +67,14 @@ User-Agent: Http Agent Expect: 100-continue - -PUT /%TESTNUMBER HTTP/1.1 -Host: the.old.moo.%TESTNUMBER:%HTTPPORT -Accept: */* -User-Agent: Http Agent -Expect: 100-continue -Content-Length: 13 - + +PUT /%TESTNUMBER HTTP/1.1 +Host: the.old.moo.%TESTNUMBER:%HTTPPORT +Accept: */* +User-Agent: Http Agent +Expect: 100-continue +Content-Length: 13 + Hello Cloud! diff --git a/tests/data/test154 b/tests/data/test154 index 7612ce05ff..5435ac9e9d 100644 --- a/tests/data/test154 +++ b/tests/data/test154 @@ -80,24 +80,24 @@ four is the number of lines # Verify data after the test has been "shot" - -PUT /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 85 - + +PUT /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 85 + This is data we upload with PUT a second line line three four is the number of lines -PUT /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="gimme all yer s3cr3ts", nonce="11223344", uri="/%TESTNUMBER", response="b71551e12d1c456e47d8388ecb2edeca" -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 85 - +PUT /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="gimme all yer s3cr3ts", nonce="11223344", uri="/%TESTNUMBER", response="b71551e12d1c456e47d8388ecb2edeca" +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 85 + This is data we upload with PUT a second line line three diff --git a/tests/data/test155 b/tests/data/test155 index 83aed115f8..90bb18dc5b 100644 --- a/tests/data/test155 +++ b/tests/data/test155 @@ -96,31 +96,31 @@ four is the number of lines # Verify data after the test has been "shot" - -PUT /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 85 - + +PUT /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 85 + This is data we upload with PUT a second line line three four is the number of lines -PUT /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 0 - -PUT /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 85 - +PUT /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 0 + +PUT /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 85 + This is data we upload with PUT a second line line three diff --git a/tests/data/test156 b/tests/data/test156 index 877c215b93..743fe1816e 100644 --- a/tests/data/test156 +++ b/tests/data/test156 @@ -40,13 +40,13 @@ four is the number of lines # Verify data after the test has been "shot" - -PUT /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 85 - + +PUT /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 85 + This is data we upload with PUT a second line line three diff --git a/tests/data/test1590 b/tests/data/test1590 index ea860215fe..f07f82ddd6 100644 --- a/tests/data/test1590 +++ b/tests/data/test1590 @@ -51,7 +51,5 @@ imap://localhost:%IMAPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - - diff --git a/tests/data/test1671 b/tests/data/test1671 index 43753b527d..e452eafd9c 100644 --- a/tests/data/test1671 +++ b/tests/data/test1671 @@ -50,12 +50,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w '%{header_json}\n' -o %LOGDIR/%TESTNUMBE # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + {"date":["Tue, 09 Nov 2010 14:49:00 GMT"], diff --git a/tests/data/test18 b/tests/data/test18 index ae31da29e7..d32ba17a17 100644 --- a/tests/data/test18 +++ b/tests/data/test18 @@ -47,22 +47,22 @@ multiple requests using {} in URL # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0003 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0003 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 200 OK diff --git a/tests/data/test180 b/tests/data/test180 index 62a505d5fa..1e15e64c97 100644 --- a/tests/data/test180 +++ b/tests/data/test180 @@ -44,13 +44,13 @@ the # Verify data after the test has been "shot" - -PUT /we/want/%TESTNUMBER HTTP/1.0 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 78 - + +PUT /we/want/%TESTNUMBER HTTP/1.0 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 78 + Weird file to diff --git a/tests/data/test181 b/tests/data/test181 index 685b244129..6d1fd25e5d 100644 --- a/tests/data/test181 +++ b/tests/data/test181 @@ -44,14 +44,14 @@ the # Verify data after the test has been "shot" - -POST /we/want/%TESTNUMBER HTTP/1.0 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 79 -Content-Type: application/x-www-form-urlencoded - + +POST /we/want/%TESTNUMBER HTTP/1.0 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 79 +Content-Type: application/x-www-form-urlencoded + Weird file to diff --git a/tests/data/test1938 b/tests/data/test1938 index c06306c4ca..e2ed9837e8 100644 --- a/tests/data/test1938 +++ b/tests/data/test1938 @@ -60,13 +60,13 @@ http://127.0.0.1:9000/%TESTNUMBER/testapi/test 127.0.0.1:9000:%HOSTIP:%HTTPPORT ^Content-Type:.* ^Accept:.* - -POST /%TESTNUMBER/testapi/test HTTP/1.1 -Host: 127.0.0.1:9000 -Authorization: PROVIDER14-HMAC-SHA256 Credential=keyId/19700101/region/service/provider14_request, SignedHeaders=content-type;host;x-provider2-date, Signature=3436256c7c23adeb66dc15984eaa527edc4a504def61da2e0bf4b01ace4f3c0b -X-Provider2-Date: 19700101T000000Z -Content-Length: 9 - + +POST /%TESTNUMBER/testapi/test HTTP/1.1 +Host: 127.0.0.1:9000 +Authorization: PROVIDER14-HMAC-SHA256 Credential=keyId/19700101/region/service/provider14_request, SignedHeaders=content-type;host;x-provider2-date, Signature=3436256c7c23adeb66dc15984eaa527edc4a504def61da2e0bf4b01ace4f3c0b +X-Provider2-Date: 19700101T000000Z +Content-Length: 9 + %hex[post%00Data]hex% diff --git a/tests/data/test194 b/tests/data/test194 index 074348950a..ef7b24aae3 100644 --- a/tests/data/test194 +++ b/tests/data/test194 @@ -56,13 +56,13 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -C 87 --fail # Verify data after the test has been "shot" - -GET /want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Range: bytes=87- -User-Agent: curl/%VERSION -Accept: */* - + +GET /want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Range: bytes=87- +User-Agent: curl/%VERSION +Accept: */* + 0 diff --git a/tests/data/test1948 b/tests/data/test1948 index 4c50b02acd..39be768c0b 100644 --- a/tests/data/test1948 +++ b/tests/data/test1948 @@ -53,19 +53,19 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -PUT /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Length: 22 - + +PUT /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Length: 22 + This is test PUT data -POST /1948 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Length: 22 -Content-Type: application/x-www-form-urlencoded - +POST /1948 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Length: 22 +Content-Type: application/x-www-form-urlencoded + This is test PUT data diff --git a/tests/data/test1973 b/tests/data/test1973 index 094810cf13..8b10e9ec48 100644 --- a/tests/data/test1973 +++ b/tests/data/test1973 @@ -59,14 +59,14 @@ http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPP ^Content-Type:.* ^Accept:.* - -POST /aws_sigv4/testapi/test HTTP/1.1 -Host: exam.ple.com:9000 -Authorization: AWS4-HMAC-SHA256 Credential=xxx/19700101/us-east-1/s3/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=7eb34202214384872221b99a9c671b7517891ac6af56b0aff24ec51adf62b10a -X-Amz-Date: 19700101T000000Z -x-amz-content-sha256: 4b02e333ccf7cf530ddee3e10ebe54e935500b5e570e68650d63d743e8bbc045 -Content-Length: 12 - + +POST /aws_sigv4/testapi/test HTTP/1.1 +Host: exam.ple.com:9000 +Authorization: AWS4-HMAC-SHA256 Credential=xxx/19700101/us-east-1/s3/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=7eb34202214384872221b99a9c671b7517891ac6af56b0aff24ec51adf62b10a +X-Amz-Date: 19700101T000000Z +x-amz-content-sha256: 4b02e333ccf7cf530ddee3e10ebe54e935500b5e570e68650d63d743e8bbc045 +Content-Length: 12 + post fields diff --git a/tests/data/test2000 b/tests/data/test2000 index 032bf5b1b4..9e4d2acdb1 100644 --- a/tests/data/test2000 +++ b/tests/data/test2000 @@ -46,15 +46,15 @@ moo # # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT data diff --git a/tests/data/test2001 b/tests/data/test2001 index de16735313..e9b9ae6f70 100644 --- a/tests/data/test2001 +++ b/tests/data/test2001 @@ -63,20 +63,20 @@ moo # # Verify data after the test has been "shot" - -GET /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE %TESTNUMBER0002 -RETR %TESTNUMBER0002 -QUIT + +GET /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +USER anonymous +PASS ftp@example.com +PWD +EPSV +TYPE I +SIZE %TESTNUMBER0002 +RETR %TESTNUMBER0002 +QUIT -foo- diff --git a/tests/data/test2058 b/tests/data/test2058 index a797f9648b..f840c6e5f6 100644 --- a/tests/data/test2058 +++ b/tests/data/test2058 @@ -82,24 +82,24 @@ test # Verify data after the test has been "shot" - -GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Content-Range: bytes 2-4/5 -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 0 - -GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/%TESTNUMBER", response="fbed69f9f3fd304c8f1acb1a43eb32688b933c0e28055c16b926cbcec070aeed", algorithm=SHA-256 -Content-Range: bytes 2-4/5 -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 3 - + +GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Content-Range: bytes 2-4/5 +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Content-Length: 0 + +GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/%TESTNUMBER", response="fbed69f9f3fd304c8f1acb1a43eb32688b933c0e28055c16b926cbcec070aeed", algorithm=SHA-256 +Content-Range: bytes 2-4/5 +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Content-Length: 3 + st diff --git a/tests/data/test2059 b/tests/data/test2059 index 79f7171393..dbd8904313 100644 --- a/tests/data/test2059 +++ b/tests/data/test2059 @@ -82,24 +82,24 @@ test # Verify data after the test has been "shot" - -GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Content-Range: bytes 2-4/5 -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 0 - -GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="fddc3bc7b753b73ab0848fd83cb20cbbca971258eb8d20c941dd5e0b010d66be", realm="testrealm", nonce="1053604144", uri="/%TESTNUMBER", response="22d200df1fd02a9d3a7269ef5bbb5bf8f16f184a74907df9b64a3755489c0b42", algorithm=SHA-256, userhash=true -Content-Range: bytes 2-4/5 -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 3 - + +GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Content-Range: bytes 2-4/5 +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Content-Length: 0 + +GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="fddc3bc7b753b73ab0848fd83cb20cbbca971258eb8d20c941dd5e0b010d66be", realm="testrealm", nonce="1053604144", uri="/%TESTNUMBER", response="22d200df1fd02a9d3a7269ef5bbb5bf8f16f184a74907df9b64a3755489c0b42", algorithm=SHA-256, userhash=true +Content-Range: bytes 2-4/5 +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Content-Length: 3 + st diff --git a/tests/data/test206 b/tests/data/test206 index 2ff05075c7..82585f720c 100644 --- a/tests/data/test206 +++ b/tests/data/test206 @@ -86,23 +86,23 @@ http://test.remote.haxx.se.%TESTNUMBER:8990/path/%TESTNUMBER0002 --proxy=http:// # Verify data after the test has been "shot" - -CONNECT test.remote.haxx.se.%TESTNUMBER:8990 HTTP/1.1 -Host: test.remote.haxx.se.%TESTNUMBER:8990 -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - -CONNECT test.remote.haxx.se.%TESTNUMBER:8990 HTTP/1.1 -Host: test.remote.haxx.se.%TESTNUMBER:8990 -Proxy-Authorization: Digest username="silly", realm="weirdorealm", nonce="12345", uri="test.remote.haxx.se.%TESTNUMBER:8990", response="003e36decb4dbf6366b3ecb9b87c24ec" -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - -GET /path/%TESTNUMBER0002 HTTP/1.1 -Host: test.remote.haxx.se.%TESTNUMBER:8990 -User-Agent: curl/%VERSION -Accept: */* - + +CONNECT test.remote.haxx.se.%TESTNUMBER:8990 HTTP/1.1 +Host: test.remote.haxx.se.%TESTNUMBER:8990 +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + +CONNECT test.remote.haxx.se.%TESTNUMBER:8990 HTTP/1.1 +Host: test.remote.haxx.se.%TESTNUMBER:8990 +Proxy-Authorization: Digest username="silly", realm="weirdorealm", nonce="12345", uri="test.remote.haxx.se.%TESTNUMBER:8990", response="003e36decb4dbf6366b3ecb9b87c24ec" +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + +GET /path/%TESTNUMBER0002 HTTP/1.1 +Host: test.remote.haxx.se.%TESTNUMBER:8990 +User-Agent: curl/%VERSION +Accept: */* + [DISCONNECT] diff --git a/tests/data/test2060 b/tests/data/test2060 index 4a754b1688..4c0c52e914 100644 --- a/tests/data/test2060 +++ b/tests/data/test2060 @@ -82,24 +82,24 @@ test # Verify data after the test has been "shot" - -GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Content-Range: bytes 2-4/5 -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 0 - -GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/%TESTNUMBER", response="691867f4a06c79fd0a175c1857e3df7015f6fff3ce8676497d2f1f805b5a8eca", algorithm=SHA-512-256 -Content-Range: bytes 2-4/5 -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 3 - + +GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Content-Range: bytes 2-4/5 +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Content-Length: 0 + +GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/%TESTNUMBER", response="691867f4a06c79fd0a175c1857e3df7015f6fff3ce8676497d2f1f805b5a8eca", algorithm=SHA-512-256 +Content-Range: bytes 2-4/5 +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive +Content-Length: 3 + st diff --git a/tests/data/test212 b/tests/data/test212 index 045ad3769a..c7fba5f8b9 100644 --- a/tests/data/test212 +++ b/tests/data/test212 @@ -44,21 +44,21 @@ data blobb s/^(EPRT \|1\|)\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\|\d{1,5}\|/$1/ s/^(PORT )\d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3},\d{1,3}/$1/ - -USER anonymous -PASS ftp@example.com -PWD -CWD a -CWD path -EPRT |1| -PORT -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -PORT -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +CWD a +CWD path +EPRT |1| +PORT%spc% +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +PORT%spc% +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test253 b/tests/data/test253 index 01ec416ac6..cde0b2f8d1 100644 --- a/tests/data/test253 +++ b/tests/data/test253 @@ -46,16 +46,16 @@ FTP IPv6 dir list with EPRT # Verify data after the test has been "shot" -s/^(EPRT \|2\|::1\|)(.*)/$1/ +s/^(EPRT \|2\|::1\|)(\S*)/$1/ - -USER anonymous -PASS ftp@example.com -PWD + +USER anonymous +PASS ftp@example.com +PWD EPRT |2|::1| -TYPE A -LIST -QUIT +TYPE A +LIST +QUIT diff --git a/tests/data/test255 b/tests/data/test255 index 1a1526a10c..ef7b08e060 100644 --- a/tests/data/test255 +++ b/tests/data/test255 @@ -47,16 +47,16 @@ FTP IPv6 dir list with EPRT and --disable-eprt # Verify data after the test has been "shot" -s/^(EPRT \|2\|::1\|)(.*)/$1/ +s/^(EPRT \|2\|::1\|)(\S*)/$1/ - -USER anonymous -PASS ftp@example.com -PWD + +USER anonymous +PASS ftp@example.com +PWD EPRT |2|::1| -TYPE A -LIST -QUIT +TYPE A +LIST +QUIT diff --git a/tests/data/test272 b/tests/data/test272 index 2857c3eac3..36f472f173 100644 --- a/tests/data/test272 +++ b/tests/data/test272 @@ -29,12 +29,12 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER -z "2004 jan 1 12:12:12 UTC" # Verify data after the test has been "shot" - -USER anonymous -PASS ftp@example.com -PWD -MDTM %TESTNUMBER -QUIT + +USER anonymous +PASS ftp@example.com +PWD +MDTM %TESTNUMBER +QUIT diff --git a/tests/data/test275 b/tests/data/test275 index d3a68a4211..05260b91b8 100644 --- a/tests/data/test275 +++ b/tests/data/test275 @@ -72,19 +72,19 @@ User-Agent: curl/%VERSION Proxy-Connection: Keep-Alive - -GET /we/want/that/page/%TESTNUMBER HTTP/1.1 -Host: remotesite.com.%TESTNUMBER:%HTTPPORT -Authorization: Basic %b64[iam:myself]b64% -User-Agent: curl/%VERSION -Accept: */* - -GET /we/want/that/page/%TESTNUMBER HTTP/1.1 -Host: remotesite.com.%TESTNUMBER:%HTTPPORT -Authorization: Basic %b64[iam:myself]b64% -User-Agent: curl/%VERSION -Accept: */* - + +GET /we/want/that/page/%TESTNUMBER HTTP/1.1 +Host: remotesite.com.%TESTNUMBER:%HTTPPORT +Authorization: Basic %b64[iam:myself]b64% +User-Agent: curl/%VERSION +Accept: */* + +GET /we/want/that/page/%TESTNUMBER HTTP/1.1 +Host: remotesite.com.%TESTNUMBER:%HTTPPORT +Authorization: Basic %b64[iam:myself]b64% +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test281 b/tests/data/test281 index 23af513a02..b02486e643 100644 --- a/tests/data/test281 +++ b/tests/data/test281 @@ -43,13 +43,13 @@ Weird 22 - -PUT /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 38 - + +PUT /we/want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 38 + Weird file to diff --git a/tests/data/test32 b/tests/data/test32 index f613693041..e2980fc3dc 100644 --- a/tests/data/test32 +++ b/tests/data/test32 @@ -42,12 +42,12 @@ HTTP with -d and -G # # Verify data after the test has been "shot" - -GET /%TESTNUMBER?foo=moo&moo=poo HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER?foo=moo&moo=poo HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + diff --git a/tests/data/test33 b/tests/data/test33 index 34afff35b7..e2ba7da4c6 100644 --- a/tests/data/test33 +++ b/tests/data/test33 @@ -42,14 +42,14 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -T%LOGDIR/test%TESTNUMBER.txt -C 50 # Verify data after the test has been "shot" - -PUT /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Content-Range: bytes 50-99/100 -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 50 - + +PUT /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Content-Range: bytes 50-99/100 +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 50 + 012345678 012345678 012345678 diff --git a/tests/data/test338 b/tests/data/test338 index d3acd5f098..384320d89f 100644 --- a/tests/data/test338 +++ b/tests/data/test338 @@ -45,17 +45,17 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --next http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + [DISCONNECT] diff --git a/tests/data/test35 b/tests/data/test35 index 8abf22a301..f53117f036 100644 --- a/tests/data/test35 +++ b/tests/data/test35 @@ -35,14 +35,14 @@ http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER --data-binary @%LOGDIR/test%TESTNUM # Verify data after the test has been "shot" - -POST /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 47 -Content-Type: application/x-www-form-urlencoded - + +POST /we/want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 47 +Content-Type: application/x-www-form-urlencoded + %hex[This%00 is binary data with an embedded NUL byte]hex% diff --git a/tests/data/test357 b/tests/data/test357 index 8883cfffe8..d0b7b7325f 100644 --- a/tests/data/test357 +++ b/tests/data/test357 @@ -61,20 +61,20 @@ http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER -T %LOGDIR/test%TESTNUMBER.txt --ex # Verify data after the test has been "shot" - -PUT /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 1053701 -Expect: 100-continue - -PUT /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 1053701 - + +PUT /we/want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 1053701 +Expect: 100-continue + +PUT /we/want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 1053701 + %repeat[1053700 x x]% diff --git a/tests/data/test364 b/tests/data/test364 index 5a02d70227..8ee8969c50 100644 --- a/tests/data/test364 +++ b/tests/data/test364 @@ -37,13 +37,13 @@ HTTPS PUT of small file # Verify data after the test has been "shot" - -PUT /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPSPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 1201 - + +PUT /we/want/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPSPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 1201 + %repeat[200 x banana]% diff --git a/tests/data/test384 b/tests/data/test384 index 50f94c009c..33cd9f5da0 100644 --- a/tests/data/test384 +++ b/tests/data/test384 @@ -45,14 +45,14 @@ HTTP with --json from stdin # # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: foobar/* -Content-Type: application/json -Content-Length: 22 - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: foobar/* +Content-Type: application/json +Content-Length: 22 + { "drink": "coffee" } diff --git a/tests/data/test388 b/tests/data/test388 index 23a5cc7c42..f7158ec2da 100644 --- a/tests/data/test388 +++ b/tests/data/test388 @@ -91,35 +91,35 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER0001 -u testuser:testpass --digest http://%H ^Authorization.*cnonce - -GET /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/%TESTNUMBER0001", response="ea598bbfdb5c54b7352c977e3885e44d" -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/%TESTNUMBER0002", response="921a8e6db782d6359db1f40d9ed7e6a6" -User-Agent: curl/%VERSION -Accept: */* - -GET /%TESTNUMBER0002 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="999999", uri="/%TESTNUMBER0002", cnonce="MTA4MzIr", nc="00000001", qop="auth", response="25291c357671604a16c0242f56721c07", algorithm=MD5 -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0001 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/%TESTNUMBER0001", response="ea598bbfdb5c54b7352c977e3885e44d" +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/%TESTNUMBER0002", response="921a8e6db782d6359db1f40d9ed7e6a6" +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER0002 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="999999", uri="/%TESTNUMBER0002", cnonce="MTA4MzIr", nc="00000001", qop="auth", response="25291c357671604a16c0242f56721c07", algorithm=MD5 +User-Agent: curl/%VERSION +Accept: */* + HTTP/1.1 401 Authorization Required swsclose diff --git a/tests/data/test425 b/tests/data/test425 index 399ca1983f..1b211d1db3 100644 --- a/tests/data/test425 +++ b/tests/data/test425 @@ -40,13 +40,13 @@ content # # Verify data after the test has been "shot" - -PUT /%TESTNUMBER/?fullpath HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 8 - + +PUT /%TESTNUMBER/?fullpath HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 8 + content diff --git a/tests/data/test48 b/tests/data/test48 index 24fa0abbb3..564e8f3a74 100644 --- a/tests/data/test48 +++ b/tests/data/test48 @@ -36,17 +36,17 @@ HTTP with -d and -G and -I # # Verify data after the test has been "shot" - -HEAD /%TESTNUMBER?foo=moo&moo=poo HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -HEAD /%TESTNUMBER?foo=moo&moo=poo HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +HEAD /%TESTNUMBER?foo=moo&moo=poo HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +HEAD /%TESTNUMBER?foo=moo&moo=poo HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + [DISCONNECT] diff --git a/tests/data/test490 b/tests/data/test490 index a0bc8f3539..f691ae0abd 100644 --- a/tests/data/test490 +++ b/tests/data/test490 @@ -45,20 +45,20 @@ surprise! # # Verify data after the test has been "shot" - -PUT /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 10 - + +PUT /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 10 + surprise! -PUT /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 10 - +PUT /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 10 + surprise! diff --git a/tests/data/test491 b/tests/data/test491 index 15bb756b55..f6ae7d5bcf 100644 --- a/tests/data/test491 +++ b/tests/data/test491 @@ -45,13 +45,13 @@ surprise! # # Verify data after the test has been "shot" - -PUT /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 10 - + +PUT /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 10 + surprise! diff --git a/tests/data/test492 b/tests/data/test492 index d576cca1cf..bc52e305cf 100644 --- a/tests/data/test492 +++ b/tests/data/test492 @@ -48,38 +48,38 @@ second %TESTNUMBER contents # # Verify data after the test has been "shot" - -PUT /one/first%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Testno: %TESTNUMBER -Content-Length: 19 - + +PUT /one/first%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Testno: %TESTNUMBER +Content-Length: 19 + first %TESTNUMBER contents -PUT /two/first%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Testno: %TESTNUMBER -Content-Length: 19 - +PUT /two/first%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Testno: %TESTNUMBER +Content-Length: 19 + first %TESTNUMBER contents -PUT /one/second%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Testno: %TESTNUMBER -Content-Length: 20 - +PUT /one/second%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Testno: %TESTNUMBER +Content-Length: 20 + second %TESTNUMBER contents -PUT /two/second%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Testno: %TESTNUMBER -Content-Length: 20 - +PUT /two/second%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Testno: %TESTNUMBER +Content-Length: 20 + second %TESTNUMBER contents diff --git a/tests/data/test503 b/tests/data/test503 index ea2dfcd7f4..8aefb0d86f 100644 --- a/tests/data/test503 +++ b/tests/data/test503 @@ -78,12 +78,12 @@ Proxy-Connection: Keep-Alive [DISCONNECT] - -GET /%TESTNUMBER HTTP/1.1 -Host: machine.%TESTNUMBER:%HTTPPORT -Authorization: Basic %b64[test:ing]b64% -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: machine.%TESTNUMBER:%HTTPPORT +Authorization: Basic %b64[test:ing]b64% +Accept: */* + [DISCONNECT] diff --git a/tests/data/test508 b/tests/data/test508 index cc1932a35f..b3c5289834 100644 --- a/tests/data/test508 +++ b/tests/data/test508 @@ -41,13 +41,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Length: 45 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Length: 45 +Content-Type: application/x-www-form-urlencoded + this is what we post to the silly web server diff --git a/tests/data/test513 b/tests/data/test513 index cc97336105..d61d2be4a5 100644 --- a/tests/data/test513 +++ b/tests/data/test513 @@ -33,8 +33,6 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - - # 42 - aborted by callback 42 diff --git a/tests/data/test540 b/tests/data/test540 index 977996a2fa..161e986488 100644 --- a/tests/data/test540 +++ b/tests/data/test540 @@ -80,29 +80,29 @@ http://test.remote.example.com/path/%TESTNUMBER http://%HOSTIP:%HTTPPORT silly:p # Verify data after the test has been "shot" - -GET http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 -Host: custom.set.host.name -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 -Host: custom.set.host.name -Proxy-Authorization: Digest username="silly", realm="weirdorealm", nonce="12345", uri="/path/%TESTNUMBER", response="ca507dcf189196b6a5374d3233042261" -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 -Host: custom.set.host.name -Accept: */* -Proxy-Connection: Keep-Alive - -GET http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 -Host: custom.set.host.name -Proxy-Authorization: Digest username="silly", realm="weirdorealm", nonce="12345", uri="/path/%TESTNUMBER", response="ca507dcf189196b6a5374d3233042261" -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 +Host: custom.set.host.name +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 +Host: custom.set.host.name +Proxy-Authorization: Digest username="silly", realm="weirdorealm", nonce="12345", uri="/path/%TESTNUMBER", response="ca507dcf189196b6a5374d3233042261" +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 +Host: custom.set.host.name +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 +Host: custom.set.host.name +Proxy-Authorization: Digest username="silly", realm="weirdorealm", nonce="12345", uri="/path/%TESTNUMBER", response="ca507dcf189196b6a5374d3233042261" +Accept: */* +Proxy-Connection: Keep-Alive + [DISCONNECT] diff --git a/tests/data/test544 b/tests/data/test544 index a35c9cf707..38a7da0640 100644 --- a/tests/data/test544 +++ b/tests/data/test544 @@ -40,13 +40,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Length: 4 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Length: 4 +Content-Type: application/x-www-form-urlencoded + This diff --git a/tests/data/test545 b/tests/data/test545 index 0bdb628153..b8993c01f1 100644 --- a/tests/data/test545 +++ b/tests/data/test545 @@ -43,13 +43,13 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER ^User-Agent:.* - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Content-Length: 46 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Content-Length: 46 +Content-Type: application/x-www-form-urlencoded + %hex[This%00 is test binary data with an embedded NUL]hex% diff --git a/tests/data/test547 b/tests/data/test547 index de07800814..d18639ae8a 100644 --- a/tests/data/test547 +++ b/tests/data/test547 @@ -91,31 +91,31 @@ http://test.remote.example.com/path/%TESTNUMBER http://%HOSTIP:%HTTPPORT testuse # Verify data after the test has been "shot" - -POST http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 -Host: test.remote.example.com -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 36 -Content-Type: application/x-www-form-urlencoded - + +POST http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 +Host: test.remote.example.com +Accept: */* +Proxy-Connection: Keep-Alive +Content-Length: 36 +Content-Type: application/x-www-form-urlencoded + this is the blurb we want to upload -POST http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 -Host: test.remote.example.com -Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 0 -Content-Type: application/x-www-form-urlencoded - -POST http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 -Host: test.remote.example.com -Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 36 -Content-Type: application/x-www-form-urlencoded - +POST http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 +Host: test.remote.example.com +Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +Accept: */* +Proxy-Connection: Keep-Alive +Content-Length: 0 +Content-Type: application/x-www-form-urlencoded + +POST http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 +Host: test.remote.example.com +Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +Accept: */* +Proxy-Connection: Keep-Alive +Content-Length: 36 +Content-Type: application/x-www-form-urlencoded + this is the blurb we want to upload diff --git a/tests/data/test548 b/tests/data/test548 index 2ad40e4589..1a8d5e16e9 100644 --- a/tests/data/test548 +++ b/tests/data/test548 @@ -91,31 +91,31 @@ http://test.remote.example.com/path/%TESTNUMBER http://%HOSTIP:%HTTPPORT testuse # Verify data after the test has been "shot" - -POST http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 -Host: test.remote.example.com -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 36 -Content-Type: application/x-www-form-urlencoded - + +POST http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 +Host: test.remote.example.com +Accept: */* +Proxy-Connection: Keep-Alive +Content-Length: 36 +Content-Type: application/x-www-form-urlencoded + this is the blurb we want to upload -POST http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 -Host: test.remote.example.com -Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 0 -Content-Type: application/x-www-form-urlencoded - -POST http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 -Host: test.remote.example.com -Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 36 -Content-Type: application/x-www-form-urlencoded - +POST http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 +Host: test.remote.example.com +Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +Accept: */* +Proxy-Connection: Keep-Alive +Content-Length: 0 +Content-Type: application/x-www-form-urlencoded + +POST http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 +Host: test.remote.example.com +Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +Accept: */* +Proxy-Connection: Keep-Alive +Content-Length: 36 +Content-Type: application/x-www-form-urlencoded + this is the blurb we want to upload diff --git a/tests/data/test551 b/tests/data/test551 index 74ed907545..cd85900530 100644 --- a/tests/data/test551 +++ b/tests/data/test551 @@ -76,23 +76,23 @@ http://test.remote.example.com/path/%TESTNUMBER http://%HOSTIP:%HTTPPORT s1lly:p # Verify data after the test has been "shot" - -POST http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 -Host: test.remote.example.com -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 36 -Content-Type: application/x-www-form-urlencoded - + +POST http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 +Host: test.remote.example.com +Accept: */* +Proxy-Connection: Keep-Alive +Content-Length: 36 +Content-Type: application/x-www-form-urlencoded + this is the blurb we want to upload -POST http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 -Host: test.remote.example.com -Proxy-Authorization: Digest username="s1lly", realm="something fun to read", nonce="%repeat[400 x A]%", uri="/path/%TESTNUMBER", response="3325240726fbdaf1e61f3a0dd40b930c" -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 36 -Content-Type: application/x-www-form-urlencoded - +POST http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 +Host: test.remote.example.com +Proxy-Authorization: Digest username="s1lly", realm="something fun to read", nonce="%repeat[400 x A]%", uri="/path/%TESTNUMBER", response="3325240726fbdaf1e61f3a0dd40b930c" +Accept: */* +Proxy-Connection: Keep-Alive +Content-Length: 36 +Content-Type: application/x-www-form-urlencoded + this is the blurb we want to upload diff --git a/tests/data/test553 b/tests/data/test553 index 4500751a12..bbe364b1fb 100644 --- a/tests/data/test553 +++ b/tests/data/test553 @@ -41,21 +41,21 @@ http://%HOSTIP:%HTTPPORT/path/%TESTNUMBER # Verify data after the test has been "shot" - -POST /path/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Accept: */* -Header0: %repeat[5000 x A]% -Header1: %repeat[5000 x A]% -Header2: %repeat[5000 x A]% -Header3: %repeat[5000 x A]% -Header4: %repeat[5000 x A]% -Header5: %repeat[5000 x A]% -Header6: %repeat[5000 x A]% -Header7: %repeat[5000 x A]% -Content-Length: 40960 -Content-Type: application/x-www-form-urlencoded - + +POST /path/%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* +Header0: %repeat[5000 x A]% +Header1: %repeat[5000 x A]% +Header2: %repeat[5000 x A]% +Header3: %repeat[5000 x A]% +Header4: %repeat[5000 x A]% +Header5: %repeat[5000 x A]% +Header6: %repeat[5000 x A]% +Header7: %repeat[5000 x A]% +Content-Length: 40960 +Content-Type: application/x-www-form-urlencoded + %repeat[40960 x A]% diff --git a/tests/data/test555 b/tests/data/test555 index f3633f0b1c..5b286395ad 100644 --- a/tests/data/test555 +++ b/tests/data/test555 @@ -96,31 +96,31 @@ http://test.remote.example.com/path/%TESTNUMBER http://%HOSTIP:%HTTPPORT testuse # Verify data after the test has been "shot" - -POST http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 -Host: test.remote.example.com -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 36 -Content-Type: application/x-www-form-urlencoded - + +POST http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 +Host: test.remote.example.com +Accept: */* +Proxy-Connection: Keep-Alive +Content-Length: 36 +Content-Type: application/x-www-form-urlencoded + this is the blurb we want to upload -POST http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 -Host: test.remote.example.com -Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 0 -Content-Type: application/x-www-form-urlencoded - -POST http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 -Host: test.remote.example.com -Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 36 -Content-Type: application/x-www-form-urlencoded - +POST http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 +Host: test.remote.example.com +Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +Accept: */* +Proxy-Connection: Keep-Alive +Content-Length: 0 +Content-Type: application/x-www-form-urlencoded + +POST http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 +Host: test.remote.example.com +Proxy-Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +Accept: */* +Proxy-Connection: Keep-Alive +Content-Length: 36 +Content-Type: application/x-www-form-urlencoded + this is the blurb we want to upload diff --git a/tests/data/test568 b/tests/data/test568 index 700fd44bfe..8aa659201d 100644 --- a/tests/data/test568 +++ b/tests/data/test568 @@ -80,12 +80,12 @@ m=video 2232 RTP/AVP 31 ^If-Modified-Since:.* - -ANNOUNCE rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0001 RTSP/1.0 -CSeq: 1 -Content-Length: 306 -Content-Type: application/sdp - + +ANNOUNCE rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0001 RTSP/1.0 +CSeq: 1 +Content-Length: 306 +Content-Type: application/sdp + v=0 o=mhandley 2890844526 2890845468 IN IP4 126.16.64.4 s=SDP Seminar @@ -97,19 +97,19 @@ t=2873397496 2873404696 a=recvonly m=audio 3456 RTP/AVP 0 m=video 2232 RTP/AVP 31 -DESCRIBE rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0002 RTSP/1.0 -CSeq: 2 -Accept: application/sdp - -ANNOUNCE rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0003 RTSP/1.0 -CSeq: 3 -Content-Type: posty goodness -Content-Length: 35 - +DESCRIBE rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0002 RTSP/1.0 +CSeq: 2 +Accept: application/sdp + +ANNOUNCE rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0003 RTSP/1.0 +CSeq: 3 +Content-Type: posty goodness +Content-Length: 35 + postyfield=postystuff&project=curl -OPTIONS rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0004 RTSP/1.0 -CSeq: 4 - +OPTIONS rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0004 RTSP/1.0 +CSeq: 4 + diff --git a/tests/data/test572 b/tests/data/test572 index 4ac86bc9bf..8b702a6801 100644 --- a/tests/data/test572 +++ b/tests/data/test572 @@ -86,35 +86,35 @@ speed ^If-Modified-Since:.* - -SETUP rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0001 RTSP/1.0 -CSeq: 1 -Transport: Planes/Trains/Automobiles - -GET_PARAMETER rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0002 RTSP/1.0 -CSeq: 2 -Session: getparams-test -Content-Length: 12 -Content-Type: text/parameters - + +SETUP rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0001 RTSP/1.0 +CSeq: 1 +Transport: Planes/Trains/Automobiles + +GET_PARAMETER rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0002 RTSP/1.0 +CSeq: 2 +Session: getparams-test +Content-Length: 12 +Content-Type: text/parameters + scale speed -GET_PARAMETER rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0003 RTSP/1.0 -CSeq: 3 -Session: getparams-test - -GET_PARAMETER rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0004 RTSP/1.0 -CSeq: 4 -Session: getparams-test -Content-Length: 24 -Content-Type: text/parameters - +GET_PARAMETER rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0003 RTSP/1.0 +CSeq: 3 +Session: getparams-test + +GET_PARAMETER rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0004 RTSP/1.0 +CSeq: 4 +Session: getparams-test +Content-Length: 24 +Content-Type: text/parameters + packets_received jitter -OPTIONS rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0005 RTSP/1.0 -CSeq: 5 -Session: getparams-test - +OPTIONS rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0005 RTSP/1.0 +CSeq: 5 +Session: getparams-test + diff --git a/tests/data/test577 b/tests/data/test577 index d880f282d9..bf31db7595 100644 --- a/tests/data/test577 +++ b/tests/data/test577 @@ -39,12 +39,12 @@ rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER - -OPTIONS rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER RTSP/1.0 -CSeq: 1 -User-Agent: test567 -Test-Number: 567 - + +OPTIONS rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER RTSP/1.0 +CSeq: 1 +User-Agent: test567 +Test-Number: 567 + # 8 == CURLE_WEIRD_SERVER_REPLY diff --git a/tests/data/test58 b/tests/data/test58 index fd4beac00f..9e3e619b98 100644 --- a/tests/data/test58 +++ b/tests/data/test58 @@ -35,13 +35,13 @@ a few bytes # Verify data after the test has been "shot" - -PUT /we/want/%TESTNUMBERte%5b%5dst.txt HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 12 - + +PUT /we/want/%TESTNUMBERte%5b%5dst.txt HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 12 + a few bytes diff --git a/tests/data/test582 b/tests/data/test582 index cc3fe52654..ad1182c234 100644 --- a/tests/data/test582 +++ b/tests/data/test582 @@ -34,8 +34,6 @@ Moooooooooooo # Verify data after the test has been "shot" - - Moooooooooooo upload this diff --git a/tests/data/test588 b/tests/data/test588 index 9c8c5f3202..5c53e04554 100644 --- a/tests/data/test588 +++ b/tests/data/test588 @@ -47,19 +47,19 @@ Moooooooooooo # Strip off parts of the PORT and EPRT commands that might differ -s/^PORT (.*)/PORT/ -s/^EPRT \|1\|(.*)/EPRT \|1\|/ +s/^EPRT \|1\|(\S*)/EPRT \|1\|/ +s/^PORT (\S*)/PORT/ - -USER anonymous -PASS ftp@example.com -PWD -CWD path + +USER anonymous +PASS ftp@example.com +PWD +CWD path EPRT |1| PORT -TYPE I -STOR %TESTNUMBER -QUIT +TYPE I +STOR %TESTNUMBER +QUIT Moooooooooooo diff --git a/tests/data/test591 b/tests/data/test591 index d1cbf082a4..32ce2707a1 100644 --- a/tests/data/test591 +++ b/tests/data/test591 @@ -49,19 +49,19 @@ Moooooooooooo for %TESTNUMBER # Strip off parts of the PORT and EPRT commands that might differ -s/^PORT (.*)/PORT/ -s/^EPRT \|1\|(.*)/EPRT \|1\|/ +s/^PORT (\S*)/PORT/ +s/^EPRT \|1\|(\S*)/EPRT \|1\|/ - -USER anonymous -PASS ftp@example.com -PWD -CWD path + +USER anonymous +PASS ftp@example.com +PWD +CWD path EPRT |1| PORT -TYPE I -STOR %TESTNUMBER -QUIT +TYPE I +STOR %TESTNUMBER +QUIT # CURLE_FTP_ACCEPT_FAILED = 10 diff --git a/tests/data/test592 b/tests/data/test592 index f77eb9a870..d0445f3419 100644 --- a/tests/data/test592 +++ b/tests/data/test592 @@ -49,20 +49,20 @@ Moooooooooooo for %TESTNUMBER # Strip off parts of the PORT and EPRT commands that might differ -s/^PORT (.*)/PORT/ -s/^EPRT \|1\|(.*)/EPRT \|1\|/ +s/^PORT (\S*)/PORT/ +s/^EPRT \|1\|(\S*)/EPRT \|1\|/ # a 421 response must prevent further commands from being sent - -USER anonymous -PASS ftp@example.com -PWD -CWD path + +USER anonymous +PASS ftp@example.com +PWD +CWD path EPRT |1| PORT -TYPE I -STOR %TESTNUMBER -QUIT +TYPE I +STOR %TESTNUMBER +QUIT # CURLE_FTP_ACCEPT_FAILED = 10 diff --git a/tests/data/test593 b/tests/data/test593 index 9a15a5184e..7c93ebaa42 100644 --- a/tests/data/test593 +++ b/tests/data/test593 @@ -49,19 +49,19 @@ Moooooooooooo for %TESTNUMBER # Strip off parts of the PORT and EPRT commands that might differ -s/^PORT (.*)/PORT/ -s/^EPRT \|1\|(.*)/EPRT \|1\|/ +s/^PORT (\S*)/PORT/ +s/^EPRT \|1\|(\S*)/EPRT \|1\|/ - -USER anonymous -PASS ftp@example.com -PWD -CWD path + +USER anonymous +PASS ftp@example.com +PWD +CWD path EPRT |1| PORT -TYPE I -STOR %TESTNUMBER -QUIT +TYPE I +STOR %TESTNUMBER +QUIT 12 diff --git a/tests/data/test594 b/tests/data/test594 index cd98f0b9d8..d4ceca8ca1 100644 --- a/tests/data/test594 +++ b/tests/data/test594 @@ -51,19 +51,19 @@ Moooooooooooo for %TESTNUMBER # Strip off parts of the PORT and EPRT commands that might differ -s/^PORT (.*)/PORT/ -s/^EPRT \|1\|(.*)/EPRT \|1\|/ +s/^PORT (\S*)/PORT/ +s/^EPRT \|1\|(\S*)/EPRT \|1\|/ - -USER anonymous -PASS ftp@example.com -PWD -CWD path + +USER anonymous +PASS ftp@example.com +PWD +CWD path EPRT |1| PORT -TYPE I -STOR %TESTNUMBER -QUIT +TYPE I +STOR %TESTNUMBER +QUIT 28 diff --git a/tests/data/test596 b/tests/data/test596 index 2c257a704a..0a99ceafad 100644 --- a/tests/data/test596 +++ b/tests/data/test596 @@ -44,17 +44,17 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER %LOGDIR/ip%TESTNUMBER activeftp # Verify data after the test has been "shot" -s/^(EPRT \|1\|)(.*)/$1/ +s/^(EPRT \|1\|)(\S*)/$1/ - -USER anonymous -PASS ftp@example.com -PWD + +USER anonymous +PASS ftp@example.com +PWD EPRT |1| -TYPE I -SIZE %TESTNUMBER -RETR %TESTNUMBER -QUIT +TYPE I +SIZE %TESTNUMBER +RETR %TESTNUMBER +QUIT diff --git a/tests/data/test758 b/tests/data/test758 index a807ae9c85..a2b67e1c5d 100644 --- a/tests/data/test758 +++ b/tests/data/test758 @@ -47,7 +47,5 @@ https://localhost:%HTTPSPORT/file%TESTNUMBER # Verify data after the test has been "shot" - - diff --git a/tests/data/test766 b/tests/data/test766 index 9db96b7c05..a65ad156b9 100644 --- a/tests/data/test766 +++ b/tests/data/test766 @@ -34,18 +34,18 @@ ftp://%HOSTIP:%FTPPORT/path/%TESTNUMBER # Strip off parts of the EPRT command that might differ -s/^EPRT \|1\|(.*)/EPRT \|1\|/ +s/^EPRT \|1\|(\S*)/EPRT \|1\|/ # The TYPE command might get sent so we ignore that ^TYPE - -USER anonymous -PASS ftp@example.com -PWD -CWD path + +USER anonymous +PASS ftp@example.com +PWD +CWD path EPRT |1| diff --git a/tests/data/test785 b/tests/data/test785 index 6c8ae5dabb..b3213643c5 100644 --- a/tests/data/test785 +++ b/tests/data/test785 @@ -45,14 +45,14 @@ On the first Monday of the month of April, 1625, the market town of Meung # # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 69 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 69 +Content-Type: application/x-www-form-urlencoded + e first Monday of the month of April, 1625, the market town of Meung diff --git a/tests/data/test786 b/tests/data/test786 index bc5cca28d0..10ce170e26 100644 --- a/tests/data/test786 +++ b/tests/data/test786 @@ -45,14 +45,14 @@ On the first Monday of the month of April, 1625, the market town of Meung # # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 11 -Content-Type: application/x-www-form-urlencoded - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 11 +Content-Type: application/x-www-form-urlencoded + e first Mon diff --git a/tests/data/test88 b/tests/data/test88 index c483649804..db3eb6cd5a 100644 --- a/tests/data/test88 +++ b/tests/data/test88 @@ -76,20 +76,20 @@ four is the number of lines # Verify data after the test has been "shot" - -PUT /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 0 - -PUT /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/%TESTNUMBER", response="78a49fa53d0c228778297687d4168e71" -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 85 - + +PUT /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 0 + +PUT /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/%TESTNUMBER", response="78a49fa53d0c228778297687d4168e71" +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 85 + This is data we upload with PUT a second line line three diff --git a/tests/data/test95 b/tests/data/test95 index 339c02ae4b..c30bb2f719 100644 --- a/tests/data/test95 +++ b/tests/data/test95 @@ -67,14 +67,14 @@ User-Agent: curl/%VERSION Proxy-Connection: Keep-Alive - -POST /we/want/that/page/%TESTNUMBER HTTP/1.1 -Host: test.%TESTNUMBER:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 27 -Content-Type: application/x-www-form-urlencoded - + +POST /we/want/that/page/%TESTNUMBER HTTP/1.1 +Host: test.%TESTNUMBER:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 27 +Content-Type: application/x-www-form-urlencoded + datatopost=ohthatsfunyesyes diff --git a/tests/data/test97 b/tests/data/test97 index cc0cf676be..fffb0be840 100644 --- a/tests/data/test97 +++ b/tests/data/test97 @@ -36,14 +36,14 @@ HTTP POST with custom content-type # # Verify data after the test has been "shot" - -POST /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Type: silly/type -Content-Length: 14 - + +POST /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Type: silly/type +Content-Length: 14 + hejsanallabarn diff --git a/tests/data/test970 b/tests/data/test970 index 824f153410..562a6c34f5 100644 --- a/tests/data/test970 +++ b/tests/data/test970 @@ -51,12 +51,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --write-out '%{json}' -o %LOGDIR/out%TESTNU # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + {"certs":"","conn_id":0,"content_type":"text/html","errormsg":null,"exitcode":0,"filename_effective":"%LOGDIR/out%TESTNUMBER","ftp_entry_path":null,"http_code":200,"http_connect":0,"http_version":"1.1","local_ip":"127.0.0.1","local_port":13,"method":"GET","num_certs":0,"num_connects":1,"num_headers":9,"num_redirects":0,"num_retries":0,"proxy_ssl_verify_result":0,"proxy_used":0,"redirect_url":null,"referer":null,"remote_ip":"%HOSTIP","remote_port":%HTTPPORT,"response_code":200,"scheme":"http","size_download":445,"size_header":4019,"size_request":4019,"size_upload":0,"speed_download":13,"speed_upload":13,"ssl_verify_result":0,"time_appconnect":0.000013,"time_connect":0.000013,"time_namelookup":0.000013,"time_posttransfer":0.000013,"time_pretransfer":0.000013,"time_queue":0.000013,"time_redirect":0.000013,"time_starttransfer":0.000013,"time_total":0.000013,"tls_earlydata":0,"url":"http://%HOSTIP:%HTTPPORT/%TESTNUMBER","url.fragment":null,"url.host":"127.0.0.1","url.options":null,"url.password":null,"url.path":"/%TESTNUMBER","url.port":"%HTTPPORT","url.query":null,"url.scheme":"http","url.user":null,"url.zoneid":null,"url_effective":"http://%HOSTIP:%HTTPPORT/%TESTNUMBER","urle.fragment":null,"urle.host":"127.0.0.1","urle.options":null,"urle.password":null,"urle.path":"/%TESTNUMBER","urle.port":"%HTTPPORT","urle.query":null,"urle.scheme":"http","urle.user":null,"urle.zoneid":null,"urlnum":0,"xfer_id":0,"curl_version":"curl-unit-test-fake-version"} diff --git a/tests/data/test972 b/tests/data/test972 index 45fc2b18ef..a0ba775808 100644 --- a/tests/data/test972 +++ b/tests/data/test972 @@ -52,12 +52,12 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -s --write-out '%{json}\n' -o %LOGDIR/out97 # # Verify data after the test has been "shot" - -GET /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + {"certs":"","conn_id":0,"content_type":"text/html","errormsg":null,"exitcode":0,"filename_effective":"%LOGDIR/out%TESTNUMBER","ftp_entry_path":null,"http_code":200,"http_connect":0,"http_version":"1.1","local_ip":"127.0.0.1","local_port":13,"method":"GET","num_certs":0,"num_connects":1,"num_headers":9,"num_redirects":0,"num_retries":0,"proxy_ssl_verify_result":0,"proxy_used":0,"redirect_url":null,"referer":null,"remote_ip":"%HOSTIP","remote_port":%HTTPPORT,"response_code":200,"scheme":"http","size_download":445,"size_header":4019,"size_request":4019,"size_upload":0,"speed_download":13,"speed_upload":13,"ssl_verify_result":0,"time_appconnect":0.000013,"time_connect":0.000013,"time_namelookup":0.000013,"time_posttransfer":0.000013,"time_pretransfer":0.000013,"time_queue":0.000013,"time_redirect":0.000013,"time_starttransfer":0.000013,"time_total":0.000013,"tls_earlydata":0,"url":"http://%HOSTIP:%HTTPPORT/%TESTNUMBER","url.fragment":null,"url.host":"127.0.0.1","url.options":null,"url.password":null,"url.path":"/%TESTNUMBER","url.port":"%HTTPPORT","url.query":null,"url.scheme":"http","url.user":null,"url.zoneid":null,"url_effective":"http://%HOSTIP:%HTTPPORT/%TESTNUMBER","urle.fragment":null,"urle.host":"127.0.0.1","urle.options":null,"urle.password":null,"urle.path":"/%TESTNUMBER","urle.port":"%HTTPPORT","urle.query":null,"urle.scheme":"http","urle.user":null,"urle.zoneid":null,"urlnum":0,"xfer_id":0,"curl_version":"curl-unit-test-fake-version"} diff --git a/tests/data/test977 b/tests/data/test977 index 4f52850a0e..352f4a859e 100644 --- a/tests/data/test977 +++ b/tests/data/test977 @@ -44,13 +44,13 @@ URL with trailing dot and receiving a cookie for the TLD with dot # # Verify data after the test has been "shot" - -GET http://firsthost.me./ HTTP/1.1 -Host: firsthost.me. -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://firsthost.me./ HTTP/1.1 +Host: firsthost.me. +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + # Netscape HTTP Cookie File diff --git a/tests/data/test98 b/tests/data/test98 index ced184b390..f9ff6dd64a 100644 --- a/tests/data/test98 +++ b/tests/data/test98 @@ -39,14 +39,14 @@ data on stdin # # Verify data after the test has been "shot" - -PUT /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 14 -Expect: 100-continue - + +PUT /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* +Content-Length: 14 +Expect: 100-continue + data on stdin diff --git a/tests/data/test985 b/tests/data/test985 index 0b3cd29ff1..816730c7f1 100644 --- a/tests/data/test985 +++ b/tests/data/test985 @@ -47,8 +47,8 @@ pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret --ssl-reqd 64 - -CAPA + +CAPA diff --git a/tests/data/test986 b/tests/data/test986 index 0ed30452af..d83a8962f9 100644 --- a/tests/data/test986 +++ b/tests/data/test986 @@ -45,9 +45,9 @@ works 64 - -AUTH SSL -AUTH TLS + +AUTH SSL +AUTH TLS diff --git a/tests/runtests.pl b/tests/runtests.pl index d836841a29..bb881d987d 100755 --- a/tests/runtests.pl +++ b/tests/runtests.pl @@ -1403,7 +1403,10 @@ sub singletest_check { } } - if($hash{'crlf'}) { + if($hash{'crlf'} eq "headers") { + subnewlines(0, \$_) for @protocol; + } + elsif($hash{'crlf'}) { subnewlines(1, \$_) for @protocol; } diff --git a/tests/testutil.pm b/tests/testutil.pm index 92f031ded3..cc7c2c778a 100644 --- a/tests/testutil.pm +++ b/tests/testutil.pm @@ -165,7 +165,8 @@ sub subnewlines { } if(($$thing =~ /^HTTP\/(1.1|1.0|2|3) [1-5][^\x0d]*\z/) || - ($$thing =~ /^(GET|POST|PUT|DELETE) \S+ HTTP\/\d+(\.\d+)?/) || + ($$thing =~ /^(GET|HEAD|POST|PUT|DELETE|CONNECT) \S+ HTTP\/\d+(\.\d+)?/) || + ($$thing =~ /^(SETUP|GET_PARAMETER|OPTIONS|ANNOUNCE|DESCRIBE) \S+ RTSP\/\d+(\.\d+)?/) || (($$thing =~ /^[a-z0-9_-]+: [^\x0d]*\z/i) && # skip curl error messages ($$thing !~ /^curl: \(\d+\) /))) { From 986ef778332e0faec74fabc92a622ba5f68e8d4b Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 2 Nov 2025 04:45:05 +0100 Subject: [PATCH 0670/2408] runtests: fix Perl warning after recent patch ``` Use of uninitialized value $hash{"crlf"} in string eq at tests/runtests.pl line 1406. ``` Follow-up to 6cf3d7b1b161bc45501d17b401225befe3c43943 #19318 Closes #19327 --- tests/runtests.pl | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/tests/runtests.pl b/tests/runtests.pl index bb881d987d..5fd9819b17 100755 --- a/tests/runtests.pl +++ b/tests/runtests.pl @@ -1403,11 +1403,13 @@ sub singletest_check { } } - if($hash{'crlf'} eq "headers") { - subnewlines(0, \$_) for @protocol; - } - elsif($hash{'crlf'}) { - subnewlines(1, \$_) for @protocol; + if($hash{'crlf'}) { + if($hash{'crlf'} eq "headers") { + subnewlines(0, \$_) for @protocol; + } + else { + subnewlines(1, \$_) for @protocol; + } } if((!$out[0] || ($out[0] eq "")) && $protocol[0]) { From 428faf6d479fd8800e38d46535296a212cf322ad Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 2 Nov 2025 17:10:00 +0100 Subject: [PATCH 0671/2408] GHA/dependabot: fix update group names --- .github/dependabot.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index e9126e58d3..735fdd107b 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -11,7 +11,7 @@ updates: cooldown: default-days: 7 groups: - actions-deps: + gha-dependencies: patterns: - '*' commit-message: @@ -29,7 +29,7 @@ updates: semver-minor-days: 7 semver-patch-days: 3 groups: - actions-deps: + pip-dependencies: patterns: - '*' commit-message: From 7203498c6a07fbe83eb55d4808d2ebd1b68e14c5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 1 Nov 2025 14:19:58 +0000 Subject: [PATCH 0672/2408] GHA: bump the pip-dependencies group across 2 directories with 3 updates Closes #19321 --- .github/scripts/requirements.txt | 2 +- tests/http/requirements.txt | 2 +- tests/requirements.txt | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/scripts/requirements.txt b/.github/scripts/requirements.txt index a0c5c4d4be..8cb1d11d0a 100644 --- a/.github/scripts/requirements.txt +++ b/.github/scripts/requirements.txt @@ -6,4 +6,4 @@ cmakelang==0.6.13 codespell==2.4.1 pytype==2024.10.11 reuse==6.2.0 -ruff==0.14.1 +ruff==0.14.2 diff --git a/tests/http/requirements.txt b/tests/http/requirements.txt index bc872085c6..a27bf48ea1 100644 --- a/tests/http/requirements.txt +++ b/tests/http/requirements.txt @@ -4,7 +4,7 @@ cryptography==46.0.3 filelock==3.20.0 -psutil==7.1.1 +psutil==7.1.2 pytest==8.4.2 pytest-xdist==3.8.0 websockets==15.0.1 diff --git a/tests/requirements.txt b/tests/requirements.txt index 501c1fc693..0d08837bd7 100644 --- a/tests/requirements.txt +++ b/tests/requirements.txt @@ -2,4 +2,4 @@ # # SPDX-License-Identifier: curl -impacket>=0.11.0,<=0.12.0 +impacket>=0.11.0,<=0.13.0 From 2ffa8307b507a30a7b6f1761f442eb27b2b1ccc9 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 2 Nov 2025 17:45:33 +0100 Subject: [PATCH 0673/2408] GHA/dependabot: tidy-ups --- .github/dependabot.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 735fdd107b..c68d6301ef 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -2,6 +2,8 @@ # # SPDX-License-Identifier: curl +# https://docs.github.com/code-security/dependabot/working-with-dependabot/dependabot-options-reference + version: 2 updates: - package-ecosystem: 'github-actions' @@ -19,8 +21,8 @@ updates: - package-ecosystem: 'pip' directories: - - '/.github/scripts' - - '/tests' + - '.github/scripts' + - 'tests' schedule: interval: 'monthly' cooldown: From c898da26c6fc107ba090e5af28f066f51ecbc296 Mon Sep 17 00:00:00 2001 From: x2018 Date: Sun, 2 Nov 2025 13:28:34 +0800 Subject: [PATCH 0674/2408] http_aws_sigv4: check the return value of curl_maprintf() Closes #9328 --- lib/http_aws_sigv4.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/http_aws_sigv4.c b/lib/http_aws_sigv4.c index f592f3844f..bb88a0f8ce 100644 --- a/lib/http_aws_sigv4.c +++ b/lib/http_aws_sigv4.c @@ -329,6 +329,8 @@ static CURLcode make_headers(struct Curl_easy *data, goto fail; head = tmp_head; *date_header = curl_maprintf("%s: %s\r\n", date_hdr_key, timestamp); + if(!*date_header) + goto fail; } else { const char *value; From 306049583017c6205e7452354169ae0080432f44 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 2 Nov 2025 23:09:54 +0100 Subject: [PATCH 0675/2408] RELEASE-NOTES: synced --- RELEASE-NOTES | 26 +++++++++++++++++++++----- 1 file changed, 21 insertions(+), 5 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index c740a65029..7f536c16ae 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -4,7 +4,7 @@ curl and libcurl 8.17.0 Command line options: 273 curl_easy_setopt() options: 308 Public functions in libcurl: 100 - Contributors: 3533 + Contributors: 3534 This release includes the following changes: @@ -115,6 +115,7 @@ This release includes the following bugfixes: o docs/libcurl: use lowercase must [5] o docs: expand on quoting rules for file names in SFTP quote [300] o docs: fix/tidy code fences [87] + o doh: cleanup resources on error paths [434] o doswin: CloseHandle the thread on shutdown [307] o easy_getinfo: check magic, Curl_close safety [3] o ECH.md: make OpenSSL branch clone instructions work [430] @@ -171,8 +172,10 @@ This release includes the following bugfixes: o http: make Content-Length parser more WHATWG [183] o http: only accept ';' as a separator for custom headers [407] o http: return error for a second Location: header [393] + o http_aws_sigv4: check the return value of curl_maprintf() [381] o http_proxy: fix adding custom proxy headers [424] o httpsrr: free old pointers when storing new [57] + o httpsrr: send HTTPS query to the right target [435] o imap: fix custom FETCH commands to handle literal responses [441] o imap: parse and use UIDVALIDITY as a number [420] o imap: treat capabilities case insensitively [345] @@ -276,6 +279,7 @@ This release includes the following bugfixes: o openssl: better return code checks when logging cert data [342] o openssl: call SSL_get_error() with proper error [207] o openssl: clear retry flag on x509 error [130] + o openssl: combine all the x509-store flags [451] o openssl: fail if more than MAX_ALLOWED_CERT_AMOUNT certs [339] o openssl: fail the transfer if ossl_certchain() fails [23] o openssl: fix build for v1.0.2 [225] @@ -317,6 +321,7 @@ This release includes the following bugfixes: o schannel: fix memory leak [363] o schannel: handle Curl_conn_cf_send() errors better [352] o schannel: lower the maximum allowed time to block to 7 seconds [333] + o schannel: properly close the certfile on error [450] o schannel_verify: do not call infof with an appended \n [371] o schannel_verify: fix mem-leak in Curl_verify_host [208] o schannel_verify: use more human friendly error messages [96] @@ -352,6 +357,7 @@ This release includes the following bugfixes: o socks_sspi: restore non-blocking socket on error paths [48] o socks_sspi: use the correct free function [331] o socksd: remove --bindonly mention, there is no such option [305] + o spelling: fix new finds by typos-cli 1.39.0 [454] o src/var: remove dead code [369] o ssl-session-cache: check use on config and availability [448] o ssl-sessions.md: mark option experimental [12] @@ -369,6 +375,7 @@ This release includes the following bugfixes: o telnet: send failure logged but not returned [175] o telnet: use pointer[0] for "unknown" option instead of pointer[i] [217] o test1100: fix missing `` section [432] + o tests/libtest/cli*: fix init/deinit, leaks, and more [455] o tests/server: drop pointless memory allocation overrides [219] o tests/server: drop unsafe open() override in signal handler (Windows) [151] o tftp: check and act on tftp_set_timeouts() returning error [38] @@ -432,6 +439,7 @@ This release includes the following bugfixes: o vquic: sending non-gso packets fix for EAGAIN [265] o vtls: alpn setting, check proto parameter [134] o vtls: drop duplicate `CURL_SHA256_DIGEST_LENGTH` definition [387] + o vtls: properly handle SSL shutdown timeout [433] o vtls: remove call to PKCS12_PBE_add() [408] o vtls: unify the error handling in ssl_cf_connect(). [413] o vtls_int.h: clarify data_pending [124] @@ -478,9 +486,9 @@ advice from friends like these: Christian Schmitz, curl.stunt430, Dalei, Dan Fandrich, Daniel Stenberg, Daniel Terhorst-North, dependabot[bot], divinity76 on github, Emilio Pozuelo Monfort, Emre Çalışkan, Ethan Everett, - Evgeny Grin (Karlson2k), fds242 on github, Harry Sintonen, Howard Chu, - Ignat Loskutov, Jakub Stasiak, James Fuller, Javier Blazquez, Jicea, - jmaggard10 on github, Jochen Sprickerhof, Johannes Schindelin, + Evgeny Grin (Karlson2k), fds242 on github, Gunni on github, Harry Sintonen, + Howard Chu, Ignat Loskutov, Jakub Stasiak, James Fuller, Javier Blazquez, + Jicea, jmaggard10 on github, Jochen Sprickerhof, Johannes Schindelin, Jonathan Cardoso Machado, Joseph Birr-Pixton, Joshua Rogers, kapsiR on github, kuchara on github, madoe on github, Marc Aldorasi, Marcel Raad, Michael Osipov, Michał Petryka, Mitchell Blank Jr, @@ -490,7 +498,7 @@ advice from friends like these: Tatsuhiro Tsujikawa, TheBitBrine, Theo Buehler, Tim Becker, tkzv on github, Viktor Szakatas, Viktor Szakats, WangDaLei on github, Xiaoke Wang, Yedaya Katsman, 包布丁 - (68 contributors) + (69 contributors) References to bug reports and discussions on issues: @@ -874,6 +882,7 @@ References to bug reports and discussions on issues: [378] = https://curl.se/bug/?i=19169 [379] = https://curl.se/bug/?i=19163 [380] = https://curl.se/bug/?i=19168 + [381] = https://curl.se/bug/?i=9328 [382] = https://curl.se/bug/?i=19170 [383] = https://curl.se/bug/?i=19226 [384] = https://curl.se/bug/?i=19225 @@ -922,6 +931,9 @@ References to bug reports and discussions on issues: [429] = https://curl.se/bug/?i=19167 [430] = https://curl.se/bug/?i=19237 [432] = https://curl.se/bug/?i=19288 + [433] = https://curl.se/bug/?i=19323 + [434] = https://curl.se/bug/?i=19310 + [435] = https://curl.se/bug/?i=19301 [438] = https://curl.se/bug/?i=19271 [439] = https://curl.se/bug/?i=19278 [441] = https://curl.se/bug/?i=18847 @@ -931,3 +943,7 @@ References to bug reports and discussions on issues: [445] = https://curl.se/bug/?i=19240 [448] = https://curl.se/bug/?i=18983 [449] = https://curl.se/bug/?i=19148 + [450] = https://curl.se/bug/?i=19304 + [451] = https://curl.se/bug/?i=19306 + [454] = https://curl.se/bug/?i=19312 + [455] = https://curl.se/bug/?i=19309 From c1e3a760ba082762041a999bc98f21ea295d7cf4 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 3 Nov 2025 08:05:35 +0100 Subject: [PATCH 0676/2408] imap: avoid integer overflow Follow-up to e64c28e243d797da4ef76d6e8959 Spotted by OSS-Fuzz Closes #19332 --- lib/imap.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/lib/imap.c b/lib/imap.c index 1902619a6f..d23076a48f 100644 --- a/lib/imap.c +++ b/lib/imap.c @@ -1265,15 +1265,22 @@ static CURLcode imap_state_listsearch_resp(struct Curl_easy *data, pp->overflow = 0; } - if(data->req.bytecount == size + (curl_off_t)len) + if((CURL_OFF_T_MAX - size) < (curl_off_t)len) + /* unlikely to actually be a transfer this big, but avoid integer + overflow */ + size = CURL_OFF_T_MAX; + else + size += len; + + if(data->req.bytecount == size) /* All data already transferred (header + literal body) */ Curl_xfer_setup_nop(data); else { /* Setup to receive the literal body data. maxdownload and transfer size include both header line and literal body */ - data->req.maxdownload = size + len; - Curl_xfer_setup_recv(data, FIRSTSOCKET, size + len); + data->req.maxdownload = size; + Curl_xfer_setup_recv(data, FIRSTSOCKET, size); } /* End of DO phase */ imap_state(data, imapc, IMAP_STOP); From aaf9522a2c28e5142c7f5640da4e24b65b47dc53 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 2 Nov 2025 16:00:24 +0100 Subject: [PATCH 0677/2408] test696: decouple from test556 data Test 696 and 556 share the same libtest code. Make sure to issue the `GET` request to the correct runtime test number instead of using the hard-wired "556". It makes the `sws` test server read the response string from `test696` `` section, instead of reading it from `test556`. To avoid this hidden interaction between test data. AFAICS there is no other similar hard-coded string in reused libtests. Ref: https://github.com/curl/curl/pull/19313#issuecomment-3477448933 Follow-up to be82a3605a4b539580b3de776ffcca25b8770e43 #16003 Closes #19329 --- tests/data/test696 | 4 ++-- tests/libtest/lib556.c | 10 ++++++---- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/tests/data/test696 b/tests/data/test696 index 8862b163f2..c0c316111d 100644 --- a/tests/data/test696 +++ b/tests/data/test696 @@ -55,10 +55,10 @@ Connection: close -foo- -GET /556 HTTP/1.1 +GET /%TESTNUMBER HTTP/1.1 Host: ninja -GET /556 HTTP/1.1 +GET /%TESTNUMBER HTTP/1.1 Host: ninja diff --git a/tests/libtest/lib556.c b/tests/libtest/lib556.c index 8239d26034..78b89975e8 100644 --- a/tests/libtest/lib556.c +++ b/tests/libtest/lib556.c @@ -53,13 +53,15 @@ again: if(!res) { /* we are connected, now get an HTTP document the raw way */ - static const char *request = - "GET /556 HTTP/1.1\r\n" - "Host: ninja\r\n\r\n"; + char request[64]; const char *sbuf = request; - size_t sblen = strlen(request); + size_t sblen; size_t nwritten = 0, nread = 0; + sblen = curl_msnprintf(request, sizeof(request), + "GET /%d HTTP/1.1\r\n" + "Host: ninja\r\n\r\n", testnum); + do { char buf[1024]; From 254e04b702e96b637b647241e4edea7ee4c24b70 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 2 Nov 2025 23:25:27 +0100 Subject: [PATCH 0678/2408] ftpserver.pl: fix newlines in 227/229 replies, adjust tests The test FTP server returned LF newlines for 227/229 replies, instead of the CRLF used for the rest. Test data added later were explicitly made to expect an LF in these response lines. After this patch the FTP server returns CRLF newlines, allowing to delete this special case in test data. Follow-up to 3bfff57e1f604ef0b2bc84243014eb9c9a1e6acc Follow-up to a7937ed49c8f201444323b8a721e1d04e0306105 Closes #19330 --- tests/data/test1349 | 2 +- tests/data/test1350 | 2 +- tests/data/test1351 | 2 +- tests/data/test1352 | 2 +- tests/data/test1353 | 2 +- tests/data/test1354 | 2 +- tests/data/test1357 | 2 +- tests/data/test1358 | 2 +- tests/data/test1359 | 2 +- tests/data/test1360 | 2 +- tests/data/test1361 | 2 +- tests/data/test1362 | 2 +- tests/data/test1379 | 2 +- tests/data/test1380 | 2 +- tests/data/test1381 | 2 +- tests/data/test1382 | 2 +- tests/data/test1383 | 2 +- tests/data/test1384 | 2 +- tests/data/test1387 | 2 +- tests/data/test1388 | 2 +- tests/data/test1389 | 2 +- tests/data/test1390 | 2 +- tests/data/test1391 | 2 +- tests/data/test1392 | 2 +- tests/ftpserver.pl | 4 ++-- 25 files changed, 26 insertions(+), 26 deletions(-) diff --git a/tests/data/test1349 b/tests/data/test1349 index 63c06e2983..9c74aed958 100644 --- a/tests/data/test1349 +++ b/tests/data/test1349 @@ -58,7 +58,7 @@ mooo 230 Welcome you silly person 257 "/" is current directory 250 CWD command successful. -229 Entering Passive Mode (stripped) +229 Entering Passive Mode (stripped) 200 I modify TYPE as you wanted 213 10 150 Binary data connection for %TESTNUMBER () (10 bytes). diff --git a/tests/data/test1350 b/tests/data/test1350 index 5d7a365394..fcf78744b3 100644 --- a/tests/data/test1350 +++ b/tests/data/test1350 @@ -58,7 +58,7 @@ mooo 230 Welcome you silly person 257 "/" is current directory 250 CWD command successful. -229 Entering Passive Mode (stripped) +229 Entering Passive Mode (stripped) 200 I modify TYPE as you wanted 213 10 150 Binary data connection for %TESTNUMBER () (10 bytes). diff --git a/tests/data/test1351 b/tests/data/test1351 index d05f9b026c..c1ed52d4a5 100644 --- a/tests/data/test1351 +++ b/tests/data/test1351 @@ -59,7 +59,7 @@ mooo 230 Welcome you silly person 257 "/" is current directory 250 CWD command successful. -229 Entering Passive Mode (stripped) +229 Entering Passive Mode (stripped) 200 I modify TYPE as you wanted 213 10 150 Binary data connection for %TESTNUMBER () (10 bytes). diff --git a/tests/data/test1352 b/tests/data/test1352 index db093ab72b..c54ca4a217 100644 --- a/tests/data/test1352 +++ b/tests/data/test1352 @@ -59,7 +59,7 @@ mooo 230 Welcome you silly person 257 "/" is current directory 250 CWD command successful. -229 Entering Passive Mode (stripped) +229 Entering Passive Mode (stripped) 200 I modify TYPE as you wanted 213 10 150 Binary data connection for %TESTNUMBER () (10 bytes). diff --git a/tests/data/test1353 b/tests/data/test1353 index 45308f1cf1..2b6af8cf01 100644 --- a/tests/data/test1353 +++ b/tests/data/test1353 @@ -58,7 +58,7 @@ mooo 230 Welcome you silly person 257 "/" is current directory 250 CWD command successful. -229 Entering Passive Mode (stripped) +229 Entering Passive Mode (stripped) 200 I modify TYPE as you wanted 213 10 150 Binary data connection for %TESTNUMBER () (10 bytes). diff --git a/tests/data/test1354 b/tests/data/test1354 index dfba8ba3a5..3bf6ddde16 100644 --- a/tests/data/test1354 +++ b/tests/data/test1354 @@ -56,7 +56,7 @@ mooo 230 Welcome you silly person 257 "/" is current directory 250 CWD command successful. -229 Entering Passive Mode (stripped) +229 Entering Passive Mode (stripped) 200 I modify TYPE as you wanted 213 10 150 Binary data connection for %TESTNUMBER () (10 bytes). diff --git a/tests/data/test1357 b/tests/data/test1357 index 25ce6b24b7..7e83e87feb 100644 --- a/tests/data/test1357 +++ b/tests/data/test1357 @@ -71,7 +71,7 @@ MOOOO 230 Welcome you silly person 257 "/" is current directory 250 CWD command successful. -229 Entering Passive Mode (stripped) +229 Entering Passive Mode (stripped) 200 I modify TYPE as you wanted 213 214 150 Binary data connection for %TESTNUMBER () (214 bytes). diff --git a/tests/data/test1358 b/tests/data/test1358 index c5e3ce80fb..3eb623cb6b 100644 --- a/tests/data/test1358 +++ b/tests/data/test1358 @@ -71,7 +71,7 @@ MOOOO 230 Welcome you silly person 257 "/" is current directory 250 CWD command successful. -229 Entering Passive Mode (stripped) +229 Entering Passive Mode (stripped) 200 I modify TYPE as you wanted 213 214 150 Binary data connection for %TESTNUMBER () (214 bytes). diff --git a/tests/data/test1359 b/tests/data/test1359 index e7d0058600..98765b285d 100644 --- a/tests/data/test1359 +++ b/tests/data/test1359 @@ -72,7 +72,7 @@ MOOOO 230 Welcome you silly person 257 "/" is current directory 250 CWD command successful. -229 Entering Passive Mode (stripped) +229 Entering Passive Mode (stripped) 200 I modify TYPE as you wanted 213 214 150 Binary data connection for %TESTNUMBER () (214 bytes). diff --git a/tests/data/test1360 b/tests/data/test1360 index 794ba64536..117ef84b37 100644 --- a/tests/data/test1360 +++ b/tests/data/test1360 @@ -72,7 +72,7 @@ MOOOO 230 Welcome you silly person 257 "/" is current directory 250 CWD command successful. -229 Entering Passive Mode (stripped) +229 Entering Passive Mode (stripped) 200 I modify TYPE as you wanted 213 214 150 Binary data connection for %TESTNUMBER () (214 bytes). diff --git a/tests/data/test1361 b/tests/data/test1361 index 13138941d7..9215c23ca2 100644 --- a/tests/data/test1361 +++ b/tests/data/test1361 @@ -71,7 +71,7 @@ MOOOO 230 Welcome you silly person 257 "/" is current directory 250 CWD command successful. -229 Entering Passive Mode (stripped) +229 Entering Passive Mode (stripped) 200 I modify TYPE as you wanted 213 214 150 Binary data connection for %TESTNUMBER () (214 bytes). diff --git a/tests/data/test1362 b/tests/data/test1362 index 1ffa1a2e9a..9ad0fa7424 100644 --- a/tests/data/test1362 +++ b/tests/data/test1362 @@ -71,7 +71,7 @@ MOOOO 230 Welcome you silly person 257 "/" is current directory 250 CWD command successful. -229 Entering Passive Mode (stripped) +229 Entering Passive Mode (stripped) 200 I modify TYPE as you wanted 213 214 150 Binary data connection for %TESTNUMBER () (214 bytes). diff --git a/tests/data/test1379 b/tests/data/test1379 index 5faf44ac1b..953c9b6cd8 100644 --- a/tests/data/test1379 +++ b/tests/data/test1379 @@ -56,7 +56,7 @@ mooo 230 Welcome you silly person 257 "/" is current directory 250 CWD command successful. -229 Entering Passive Mode (stripped) +229 Entering Passive Mode (stripped) 200 I modify TYPE as you wanted 213 10 150 Binary data connection for %TESTNUMBER () (10 bytes). diff --git a/tests/data/test1380 b/tests/data/test1380 index 02db86ac27..b106b3c7fc 100644 --- a/tests/data/test1380 +++ b/tests/data/test1380 @@ -56,7 +56,7 @@ mooo 230 Welcome you silly person 257 "/" is current directory 250 CWD command successful. -229 Entering Passive Mode (stripped) +229 Entering Passive Mode (stripped) 200 I modify TYPE as you wanted 213 10 150 Binary data connection for %TESTNUMBER () (10 bytes). diff --git a/tests/data/test1381 b/tests/data/test1381 index 4ae53c38cb..7d4ef7ba33 100644 --- a/tests/data/test1381 +++ b/tests/data/test1381 @@ -57,7 +57,7 @@ mooo 230 Welcome you silly person 257 "/" is current directory 250 CWD command successful. -229 Entering Passive Mode (stripped) +229 Entering Passive Mode (stripped) 200 I modify TYPE as you wanted 213 10 150 Binary data connection for %TESTNUMBER () (10 bytes). diff --git a/tests/data/test1382 b/tests/data/test1382 index bce914faa6..7c4cc6e290 100644 --- a/tests/data/test1382 +++ b/tests/data/test1382 @@ -57,7 +57,7 @@ mooo 230 Welcome you silly person 257 "/" is current directory 250 CWD command successful. -229 Entering Passive Mode (stripped) +229 Entering Passive Mode (stripped) 200 I modify TYPE as you wanted 213 10 150 Binary data connection for %TESTNUMBER () (10 bytes). diff --git a/tests/data/test1383 b/tests/data/test1383 index 23a9ec55ba..c8b1d119b9 100644 --- a/tests/data/test1383 +++ b/tests/data/test1383 @@ -56,7 +56,7 @@ mooo 230 Welcome you silly person 257 "/" is current directory 250 CWD command successful. -229 Entering Passive Mode (stripped) +229 Entering Passive Mode (stripped) 200 I modify TYPE as you wanted 213 10 150 Binary data connection for %TESTNUMBER () (10 bytes). diff --git a/tests/data/test1384 b/tests/data/test1384 index 459a4e0236..3f99d28bfe 100644 --- a/tests/data/test1384 +++ b/tests/data/test1384 @@ -56,7 +56,7 @@ mooo 230 Welcome you silly person 257 "/" is current directory 250 CWD command successful. -229 Entering Passive Mode (stripped) +229 Entering Passive Mode (stripped) 200 I modify TYPE as you wanted 213 10 150 Binary data connection for %TESTNUMBER () (10 bytes). diff --git a/tests/data/test1387 b/tests/data/test1387 index 44b7d8aea2..a5531aa201 100644 --- a/tests/data/test1387 +++ b/tests/data/test1387 @@ -71,7 +71,7 @@ MOOOO 230 Welcome you silly person 257 "/" is current directory 250 CWD command successful. -229 Entering Passive Mode (stripped) +229 Entering Passive Mode (stripped) 200 I modify TYPE as you wanted 213 222 150 Binary data connection for %TESTNUMBER () (222 bytes). diff --git a/tests/data/test1388 b/tests/data/test1388 index 6bb7997279..8630be7877 100644 --- a/tests/data/test1388 +++ b/tests/data/test1388 @@ -71,7 +71,7 @@ MOOOO 230 Welcome you silly person 257 "/" is current directory 250 CWD command successful. -229 Entering Passive Mode (stripped) +229 Entering Passive Mode (stripped) 200 I modify TYPE as you wanted 213 222 150 Binary data connection for %TESTNUMBER () (222 bytes). diff --git a/tests/data/test1389 b/tests/data/test1389 index 5c6979bd31..53fda6cd59 100644 --- a/tests/data/test1389 +++ b/tests/data/test1389 @@ -72,7 +72,7 @@ MOOOO 230 Welcome you silly person 257 "/" is current directory 250 CWD command successful. -229 Entering Passive Mode (stripped) +229 Entering Passive Mode (stripped) 200 I modify TYPE as you wanted 213 222 150 Binary data connection for %TESTNUMBER () (222 bytes). diff --git a/tests/data/test1390 b/tests/data/test1390 index e263fef969..b86e099d75 100644 --- a/tests/data/test1390 +++ b/tests/data/test1390 @@ -72,7 +72,7 @@ MOOOO 230 Welcome you silly person 257 "/" is current directory 250 CWD command successful. -229 Entering Passive Mode (stripped) +229 Entering Passive Mode (stripped) 200 I modify TYPE as you wanted 213 222 150 Binary data connection for %TESTNUMBER () (222 bytes). diff --git a/tests/data/test1391 b/tests/data/test1391 index 063294b8e7..d9350b8677 100644 --- a/tests/data/test1391 +++ b/tests/data/test1391 @@ -71,7 +71,7 @@ MOOOO 230 Welcome you silly person 257 "/" is current directory 250 CWD command successful. -229 Entering Passive Mode (stripped) +229 Entering Passive Mode (stripped) 200 I modify TYPE as you wanted 213 222 150 Binary data connection for %TESTNUMBER () (222 bytes). diff --git a/tests/data/test1392 b/tests/data/test1392 index 824cc214c2..572841e5b5 100644 --- a/tests/data/test1392 +++ b/tests/data/test1392 @@ -71,7 +71,7 @@ MOOOO 230 Welcome you silly person 257 "/" is current directory 250 CWD command successful. -229 Entering Passive Mode (stripped) +229 Entering Passive Mode (stripped) 200 I modify TYPE as you wanted 213 222 150 Binary data connection for %TESTNUMBER () (222 bytes). diff --git a/tests/ftpserver.pl b/tests/ftpserver.pl index 71d6774fd1..f70fa0d0ee 100755 --- a/tests/ftpserver.pl +++ b/tests/ftpserver.pl @@ -2566,12 +2566,12 @@ sub PASV_ftp { if($pasvbadip) { $p="1,2,3,4"; } - sendcontrol sprintf("227 Entering Passive Mode ($p,%d,%d)\n", + sendcontrol sprintf("227 Entering Passive Mode ($p,%d,%d)\r\n", int($pasvport/256), int($pasvport%256)); } else { # EPSV reply - sendcontrol sprintf("229 Entering Passive Mode (|||%d|)\n", $pasvport); + sendcontrol sprintf("229 Entering Passive Mode (|||%d|)\r\n", $pasvport); } logmsg "Client has been notified that DATA conn ". From 1021c52c9288877ba911eca4c795703db0b6291d Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 3 Nov 2025 15:24:27 +0100 Subject: [PATCH 0679/2408] REUSE: add copyright header to two files `.mailmap` supports comments and empty lines since at least 2.31.0: https://git-scm.com/docs/gitmailmap/2.31.0 Closes #19339 --- .mailmap | 4 ++++ GIT-INFO.md | 5 +++++ REUSE.toml | 2 -- 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/.mailmap b/.mailmap index e89e386056..d04408efa2 100644 --- a/.mailmap +++ b/.mailmap @@ -1,3 +1,7 @@ +# Copyright (C) Daniel Stenberg, , et al. +# +# SPDX-License-Identifier: curl + Guenter Knauf Gisle Vanem Gisle Vanem diff --git a/GIT-INFO.md b/GIT-INFO.md index 1ff22010cb..ee912560fd 100644 --- a/GIT-INFO.md +++ b/GIT-INFO.md @@ -1,3 +1,8 @@ + _ _ ____ _ ___| | | | _ \| | / __| | | | |_) | | diff --git a/REUSE.toml b/REUSE.toml index 40531913af..fff5380164 100644 --- a/REUSE.toml +++ b/REUSE.toml @@ -13,7 +13,6 @@ SPDX-PackageDownloadLocation = "https://curl.se/" [[annotations]] path = [ - ".mailmap", "docs/FAQ", "docs/INSTALL", "docs/KNOWN_BUGS", @@ -22,7 +21,6 @@ path = [ "docs/options-in-versions", "docs/THANKS", "docs/TODO", - "GIT-INFO.md", "lib/libcurl.vers.in", "lib/libcurl.def", "packages/OS400/README.OS400", From 7e91f24c73256af59ac9061c41b73a184c4690aa Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Mon, 3 Nov 2025 15:07:57 +0100 Subject: [PATCH 0680/2408] cw-out: fix EAGAIN handling on pause The interim CURLE_AGAIN result was not always converted to a CURLE_OK and then caused write callers to report a failure. Fixes #19334 Reported-by: pennae on github Closes #19338 --- lib/cw-out.c | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/cw-out.c b/lib/cw-out.c index 1f40316492..9c0a36e7e5 100644 --- a/lib/cw-out.c +++ b/lib/cw-out.c @@ -302,6 +302,7 @@ static CURLcode cw_out_buf_flush(struct cw_out_ctx *ctx, &consumed); if(result && (result != CURLE_AGAIN)) return result; + result = CURLE_OK; if(consumed) { if(consumed == curlx_dyn_len(&cwbuf->b)) { From cccc65f05190adc8276d6f7a8071c8a45ca7f779 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Mon, 3 Nov 2025 16:01:56 +0100 Subject: [PATCH 0681/2408] openssl: check CURL_SSLVERSION_MAX_DEFAULT properly The definition of these constants does not give a numeric ordering and MAX_DEFAULT needs to be checked in addition of ciphers and QUIC checks to apply correctly. Fixes #19340 Reported-by: Peter Piekarski Closes #19341 --- lib/vtls/openssl.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index c8c33198c0..f1c9e8bbd6 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -4050,6 +4050,7 @@ static CURLcode ossl_init_method(struct Curl_cfilter *cf, case TRNSPRT_QUIC: *pssl_version_min = CURL_SSLVERSION_TLSv1_3; if(conn_config->version_max && + (conn_config->version_max != CURL_SSLVERSION_MAX_DEFAULT) && (conn_config->version_max != CURL_SSLVERSION_MAX_TLSv1_3)) { failf(data, "QUIC needs at least TLS version 1.3"); return CURLE_SSL_CONNECT_ERROR; @@ -4245,6 +4246,7 @@ CURLcode Curl_ossl_ctx_init(struct ossl_ctx *octx, const char *ciphers13 = conn_config->cipher_list13; if(ciphers13 && (!conn_config->version_max || + (conn_config->version_max == CURL_SSLVERSION_MAX_DEFAULT) || (conn_config->version_max >= CURL_SSLVERSION_MAX_TLSv1_3))) { if(!SSL_CTX_set_ciphersuites(octx->ssl_ctx, ciphers13)) { failf(data, "failed setting TLS 1.3 cipher suite: %s", ciphers13); From 8616e5aada9c78fb611c60d913c999c8e78c14ba Mon Sep 17 00:00:00 2001 From: Devdatta Talele Date: Mon, 20 Oct 2025 20:51:43 +0530 Subject: [PATCH 0682/2408] gssapi: make channel binding conditional on GSS_C_CHANNEL_BOUND_FLAG Fixes #19109 - GSSAPI authentication fails on macOS with Apple's Heimdal implementation which lacks GSS_C_CHANNEL_BOUND_FLAG support for TLS channel binding. Commit 0a5ea09a910e introduced TLS channel binding for SPNEGO/GSSAPI authentication unconditionally, but Apple's Heimdal fork (used on macOS) does not support this feature, causing "unsupported mechanism" errors when authenticating to corporate HTTP services with Kerberos. Solution: - Add CURL_GSSAPI_HAS_CHANNEL_BINDING detection in curl_gssapi.h based on GSS_C_CHANNEL_BOUND_FLAG presence (MIT Kerberos >= 1.19) - Make negotiatedata.channel_binding_data field conditional in vauth.h - Guard channel binding collection/cleanup in http_negotiate.c - Guard channel binding usage in spnego_gssapi.c This follows the same pattern as GSS_C_DELEG_POLICY_FLAG detection and ensures graceful degradation when channel binding is unavailable while maintaining full support for implementations that have it. Changes: - lib/curl_gssapi.h: Add feature detection macro - lib/vauth/vauth.h: Make struct field conditional - lib/http_negotiate.c: Conditional init/cleanup (2 locations) - lib/vauth/spnego_gssapi.c: Conditional channel binding usage Tested on macOS with Apple Heimdal (no channel binding) and Linux with MIT Kerberos (with channel binding). Both configurations authenticate successfully without errors. Closes #19164 --- lib/curl_gssapi.h | 5 +++++ lib/http_negotiate.c | 6 +++--- lib/vauth/spnego_gssapi.c | 4 ++++ lib/vauth/vauth.h | 2 ++ 4 files changed, 14 insertions(+), 3 deletions(-) diff --git a/lib/curl_gssapi.h b/lib/curl_gssapi.h index 6df7e059d3..1a2bbabdf5 100644 --- a/lib/curl_gssapi.h +++ b/lib/curl_gssapi.h @@ -28,6 +28,11 @@ #include "urldata.h" #ifdef HAVE_GSSAPI + +#ifdef GSS_C_CHANNEL_BOUND_FLAG /* MIT Kerberos 1.19+, missing from GNU GSS */ +#define CURL_GSSAPI_HAS_CHANNEL_BINDING +#endif + extern gss_OID_desc Curl_spnego_mech_oid; extern gss_OID_desc Curl_krb5_mech_oid; diff --git a/lib/http_negotiate.c b/lib/http_negotiate.c index 8a19c1ad87..136cb07641 100644 --- a/lib/http_negotiate.c +++ b/lib/http_negotiate.c @@ -124,7 +124,7 @@ CURLcode Curl_input_negotiate(struct Curl_easy *data, struct connectdata *conn, neg_ctx->sslContext = conn->sslContext; #endif /* Check if the connection is using SSL and get the channel binding data */ -#ifdef HAVE_GSSAPI +#ifdef CURL_GSSAPI_HAS_CHANNEL_BINDING #ifdef USE_SSL curlx_dyn_init(&neg_ctx->channel_binding_data, SSL_CB_MAX_SIZE + 1); if(Curl_conn_is_ssl(conn, FIRSTSOCKET)) { @@ -138,13 +138,13 @@ CURLcode Curl_input_negotiate(struct Curl_easy *data, struct connectdata *conn, #else curlx_dyn_init(&neg_ctx->channel_binding_data, 1); #endif /* USE_SSL */ -#endif /* HAVE_GSSAPI */ +#endif /* CURL_GSSAPI_HAS_CHANNEL_BINDING */ /* Initialize the security context and decode our challenge */ result = Curl_auth_decode_spnego_message(data, userp, passwdp, service, host, header, neg_ctx); -#ifdef HAVE_GSSAPI +#ifdef CURL_GSSAPI_HAS_CHANNEL_BINDING curlx_dyn_free(&neg_ctx->channel_binding_data); #endif diff --git a/lib/vauth/spnego_gssapi.c b/lib/vauth/spnego_gssapi.c index 4ed02a398c..4e9125ba44 100644 --- a/lib/vauth/spnego_gssapi.c +++ b/lib/vauth/spnego_gssapi.c @@ -96,7 +96,9 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data, gss_buffer_desc input_token = GSS_C_EMPTY_BUFFER; gss_buffer_desc output_token = GSS_C_EMPTY_BUFFER; gss_channel_bindings_t chan_bindings = GSS_C_NO_CHANNEL_BINDINGS; +#ifdef CURL_GSSAPI_HAS_CHANNEL_BINDING struct gss_channel_bindings_struct chan; +#endif (void)user; (void)password; @@ -157,12 +159,14 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data, } /* Set channel binding data if available */ +#ifdef CURL_GSSAPI_HAS_CHANNEL_BINDING if(curlx_dyn_len(&nego->channel_binding_data)) { memset(&chan, 0, sizeof(struct gss_channel_bindings_struct)); chan.application_data.length = curlx_dyn_len(&nego->channel_binding_data); chan.application_data.value = curlx_dyn_ptr(&nego->channel_binding_data); chan_bindings = &chan; } +#endif /* Generate our challenge-response message */ major_status = Curl_gss_init_sec_context(data, diff --git a/lib/vauth/vauth.h b/lib/vauth/vauth.h index 9a33ca0c23..2ba8e471dc 100644 --- a/lib/vauth/vauth.h +++ b/lib/vauth/vauth.h @@ -306,7 +306,9 @@ struct negotiatedata { gss_ctx_id_t context; gss_name_t spn; gss_buffer_desc output_token; +#ifdef CURL_GSSAPI_HAS_CHANNEL_BINDING struct dynbuf channel_binding_data; +#endif #else #ifdef USE_WINDOWS_SSPI #ifdef SECPKG_ATTR_ENDPOINT_BINDINGS From 0d5e24281dc7b49c396fda0d61126a05916fdda1 Mon Sep 17 00:00:00 2001 From: Joshua Rogers Date: Sat, 25 Oct 2025 03:49:58 +0800 Subject: [PATCH 0683/2408] vtls: check final cfilter node in find_ssl_filter find_ssl_filter used while(cf && cf->next) and skipped the last node. If the SSL filter was last, channel binding lookup failed and we returned CURLE_BAD_FUNCTION_ARGUMENT. Switch to while(cf) so the tail is examined. This bug was found with ZeroPath. Closes #19229 --- lib/vtls/openssl.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index f1c9e8bbd6..764d829325 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -5684,10 +5684,8 @@ static CURLcode ossl_get_channel_binding(struct Curl_easy *data, int sockindex, break; } - if(cf->next) - cf = cf->next; - - } while(cf->next); + cf = cf->next; + } while(cf); if(!octx) { failf(data, "Failed to find the SSL filter"); From 231f0a2eecedd3cdb04463fb95754ebdfb0c8cb1 Mon Sep 17 00:00:00 2001 From: x2018 Date: Tue, 4 Nov 2025 00:47:36 +0800 Subject: [PATCH 0684/2408] http: check the return value of strdup Closes #19343 --- lib/http.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/lib/http.c b/lib/http.c index 16d619951f..529c3c907d 100644 --- a/lib/http.c +++ b/lib/http.c @@ -4039,9 +4039,13 @@ static CURLcode http_on_response(struct Curl_easy *data, goto out; } data->state.disableexpect = TRUE; + Curl_req_abort_sending(data); DEBUGASSERT(!data->req.newurl); data->req.newurl = strdup(data->state.url); - Curl_req_abort_sending(data); + if(!data->req.newurl) { + result = CURLE_OUT_OF_MEMORY; + goto out; + } } else if(data->set.http_keep_sending_on_error) { infof(data, "HTTP error before end of send, keep sending"); From 6adefe8ad08606c94d2bcb27eceface8aa556519 Mon Sep 17 00:00:00 2001 From: x2018 Date: Tue, 4 Nov 2025 01:12:42 +0800 Subject: [PATCH 0685/2408] multi: check the return value of strdup() Closes #19344 --- lib/multi.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/lib/multi.c b/lib/multi.c index ca7c1bdd95..c27e8bdad8 100644 --- a/lib/multi.c +++ b/lib/multi.c @@ -1990,11 +1990,16 @@ static CURLMcode state_performing(struct Curl_easy *data, if(!newurl) /* typically for HTTP_1_1_REQUIRED error on first flight */ newurl = strdup(data->state.url); - /* if we are to retry, set the result to OK and consider the request - as done */ - retry = TRUE; - result = CURLE_OK; - data->req.done = TRUE; + if(!newurl) { + result = CURLE_OUT_OF_MEMORY; + } + else { + /* if we are to retry, set the result to OK and consider the request + as done */ + retry = TRUE; + result = CURLE_OK; + data->req.done = TRUE; + } } else result = ret; From 63e9721b63d01518db83a664bc1e8373c352879e Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 31 Oct 2025 15:50:01 +0100 Subject: [PATCH 0686/2408] tests: avoid hard-coded CRLFs in more sections - `reply/data*`, `verify/stdout`, `verify/stderr`, `verify/file*`, `verify/proxy`: - make `crlf="yes"` force CRLF to all lines, instead of just applying to HTTP protocol headers. - add support for `crlf="headers"` that only converts HTTP protocol header lines to CRLF. (previously done via `crlf="yes"`.) - use `crlf="headers"` where possible. - `reply/connect*`: - add support for `crlf="yes"` and `crlf="headers"`. - use them where possible. - `client/file*`, `client/stdin`: - add support for `crlf="yes"`. - use it where possible. - `reply/data*`, `verify/protocol`: - replace existing uses of `crlf="yes"` with `crlf="headers`" where it does not change the result. Reducing the number of `tests/data/test*`: - CRLF newlines from 10295 to 1985. (119985 lines total) - files with mixed newlines from 656 to 113. (1890 files total) After this patch there remain 141 sections with mixed newlines, where the mixing is not split between headers/non-headers. There is no obvious pattern here. Some of the CRLF uses might be accidental, or non-significant. They will be tackled in a future patch. Follow-up to 6cf3d7b1b161bc45501d17b401225befe3c43943 #19318 Follow-up to 4d2a05d3fe8ba4db9168b03057029ea5ce7dab77 #19284 Closes #19313 --- docs/tests/FILEFORMAT.md | 59 +++++-- tests/data/test1 | 4 +- tests/data/test1001 | 70 ++++----- tests/data/test1002 | 70 ++++----- tests/data/test1004 | 2 +- tests/data/test1008 | 32 ++-- tests/data/test1011 | 46 +++--- tests/data/test1012 | 46 +++--- tests/data/test1015 | 10 +- tests/data/test1021 | 34 ++-- tests/data/test1024 | 86 +++++------ tests/data/test1025 | 86 +++++------ tests/data/test1028 | 40 ++--- tests/data/test1029 | 26 ++-- tests/data/test1030 | 62 ++++---- tests/data/test1031 | 2 +- tests/data/test1032 | 2 +- tests/data/test1033 | 2 +- tests/data/test1040 | 12 +- tests/data/test1041 | 18 +-- tests/data/test1042 | 14 +- tests/data/test1043 | 18 +-- tests/data/test1044 | 8 +- tests/data/test1045 | 18 +-- tests/data/test1046 | 18 +-- tests/data/test1051 | 62 ++++---- tests/data/test1052 | 54 +++---- tests/data/test1053 | 58 +++---- tests/data/test1054 | 42 ++--- tests/data/test1055 | 18 +-- tests/data/test1056 | 44 +++--- tests/data/test1058 | 20 +-- tests/data/test1059 | 14 +- tests/data/test1060 | 14 +- tests/data/test1061 | 2 +- tests/data/test1064 | 46 +++--- tests/data/test1065 | 46 +++--- tests/data/test1066 | 26 ++-- tests/data/test1067 | 2 +- tests/data/test1068 | 10 +- tests/data/test1070 | 14 +- tests/data/test1071 | 66 ++++---- tests/data/test1072 | 20 +-- tests/data/test1073 | 16 +- tests/data/test1074 | 44 +++--- tests/data/test1075 | 52 +++---- tests/data/test1077 | 38 ++--- tests/data/test1078 | 80 +++++----- tests/data/test1079 | 30 ++-- tests/data/test1080 | 36 ++--- tests/data/test1081 | 48 +++--- tests/data/test1082 | 18 +-- tests/data/test1083 | 18 +-- tests/data/test1087 | 94 +++++------ tests/data/test1088 | 94 +++++------ tests/data/test1089 | 60 +++---- tests/data/test1090 | 72 ++++----- tests/data/test1092 | 2 +- tests/data/test1094 | 10 +- tests/data/test1095 | 52 +++---- tests/data/test1097 | 34 ++-- tests/data/test1098 | 30 ++-- tests/data/test11 | 2 +- tests/data/test1100 | 68 ++++---- tests/data/test1101 | 16 +- tests/data/test1104 | 2 +- tests/data/test1105 | 26 ++-- tests/data/test1106 | 16 +- tests/data/test1109 | 2 +- tests/data/test1110 | 2 +- tests/data/test1111 | 2 +- tests/data/test1115 | 24 +-- tests/data/test1116 | 66 ++++---- tests/data/test1117 | 56 +++---- tests/data/test1118 | 2 +- tests/data/test1121 | 14 +- tests/data/test1122 | 38 ++--- tests/data/test1123 | 2 +- tests/data/test1124 | 42 ++--- tests/data/test1125 | 42 ++--- tests/data/test1126 | 2 +- tests/data/test1127 | 2 +- tests/data/test1128 | 2 +- tests/data/test1129 | 2 +- tests/data/test1130 | 2 +- tests/data/test1131 | 2 +- tests/data/test1133 | 12 +- tests/data/test1138 | 8 +- tests/data/test1141 | 2 +- tests/data/test1142 | 2 +- tests/data/test1143 | 2 +- tests/data/test1144 | 2 +- tests/data/test1148 | 2 +- tests/data/test1150 | 2 +- tests/data/test1151 | 2 +- tests/data/test1154 | 2 +- tests/data/test1155 | 14 +- tests/data/test1156 | 44 +++--- tests/data/test1157 | 2 +- tests/data/test1158 | 12 +- tests/data/test1159 | 26 ++-- tests/data/test1160 | 14 +- tests/data/test1161 | 14 +- tests/data/test1164 | 2 +- tests/data/test1166 | 16 +- tests/data/test1168 | 2 +- tests/data/test1170 | 42 ++--- tests/data/test1171 | 42 ++--- tests/data/test1172 | 2 +- tests/data/test1174 | 2 +- tests/data/test1176 | 50 +++--- tests/data/test1178 | 2 +- tests/data/test1180 | 2 +- tests/data/test1181 | 14 +- tests/data/test1183 | 14 +- tests/data/test1184 | 98 ++++++------ tests/data/test1186 | 12 +- tests/data/test1187 | 10 +- tests/data/test1188 | 12 +- tests/data/test1189 | 12 +- tests/data/test1197 | 58 +++---- tests/data/test12 | 26 ++-- tests/data/test1200 | 8 +- tests/data/test1201 | 8 +- tests/data/test1202 | 10 +- tests/data/test1203 | 8 +- tests/data/test1204 | 52 +++---- tests/data/test1205 | 2 +- tests/data/test1210 | 2 +- tests/data/test1212 | 2 +- tests/data/test1213 | 18 +-- tests/data/test1214 | 18 +-- tests/data/test1215 | 2 +- tests/data/test1216 | 8 +- tests/data/test1218 | 8 +- tests/data/test1221 | 10 +- tests/data/test1223 | 2 +- tests/data/test1228 | 2 +- tests/data/test1229 | 52 +++---- tests/data/test1230 | 36 ++--- tests/data/test1231 | 2 +- tests/data/test1232 | 2 +- tests/data/test1235 | 56 +++---- tests/data/test1237 | 2 +- tests/data/test1239 | 2 +- tests/data/test1240 | 2 +- tests/data/test1241 | 2 +- tests/data/test1244 | 2 +- tests/data/test1245 | 18 +-- tests/data/test1246 | 2 +- tests/data/test1248 | 2 +- tests/data/test1249 | 2 +- tests/data/test1250 | 2 +- tests/data/test1251 | 2 +- tests/data/test1252 | 2 +- tests/data/test1253 | 2 +- tests/data/test1254 | 2 +- tests/data/test1255 | 2 +- tests/data/test1256 | 2 +- tests/data/test1257 | 2 +- tests/data/test1258 | 14 +- tests/data/test1259 | 14 +- tests/data/test1261 | 26 ++-- tests/data/test1265 | 2 +- tests/data/test1266 | 2 +- tests/data/test1267 | 2 +- tests/data/test1270 | 50 +++--- tests/data/test1271 | 12 +- tests/data/test1273 | 12 +- tests/data/test1274 | 26 ++-- tests/data/test1277 | 2 +- tests/data/test1278 | 2 +- tests/data/test1280 | 14 +- tests/data/test1283 | 26 ++-- tests/data/test1284 | 50 +++--- tests/data/test1285 | 50 +++--- tests/data/test1286 | 78 +++++----- tests/data/test1287 | 64 ++++---- tests/data/test1288 | 40 ++--- tests/data/test129 | 2 +- tests/data/test1290 | 2 +- tests/data/test1296 | 2 +- tests/data/test1297 | 22 +-- tests/data/test1298 | 2 +- tests/data/test13 | 12 +- tests/data/test1310 | 2 +- tests/data/test1311 | 2 +- tests/data/test1312 | 2 +- tests/data/test1313 | 2 +- tests/data/test1314 | 2 +- tests/data/test1316 | 8 +- tests/data/test1317 | 2 +- tests/data/test1318 | 2 +- tests/data/test1319 | 20 +-- tests/data/test1320 | 30 ++-- tests/data/test1321 | 52 +++---- tests/data/test1322 | 2 +- tests/data/test1324 | 2 +- tests/data/test1325 | 46 +++--- tests/data/test1326 | 8 +- tests/data/test1327 | 14 +- tests/data/test1328 | 2 +- tests/data/test1331 | 56 +++---- tests/data/test1334 | 34 ++-- tests/data/test1335 | 34 ++-- tests/data/test1336 | 38 ++--- tests/data/test1337 | 38 ++--- tests/data/test1338 | 34 ++-- tests/data/test1339 | 34 ++-- tests/data/test1340 | 38 ++--- tests/data/test1341 | 38 ++--- tests/data/test1342 | 50 +++--- tests/data/test1343 | 50 +++--- tests/data/test1344 | 56 +++---- tests/data/test1345 | 56 +++---- tests/data/test1346 | 34 ++-- tests/data/test1347 | 38 ++--- tests/data/test1349 | 30 ++-- tests/data/test1350 | 30 ++-- tests/data/test1351 | 30 ++-- tests/data/test1352 | 30 ++-- tests/data/test1353 | 30 ++-- tests/data/test1354 | 30 ++-- tests/data/test1356 | 36 ++--- tests/data/test1357 | 30 ++-- tests/data/test1358 | 30 ++-- tests/data/test1359 | 30 ++-- tests/data/test1360 | 30 ++-- tests/data/test1361 | 30 ++-- tests/data/test1362 | 30 ++-- tests/data/test1363 | 36 ++--- tests/data/test1364 | 34 ++-- tests/data/test1365 | 34 ++-- tests/data/test1366 | 38 ++--- tests/data/test1367 | 38 ++--- tests/data/test1368 | 34 ++-- tests/data/test1369 | 34 ++-- tests/data/test1370 | 38 ++--- tests/data/test1371 | 38 ++--- tests/data/test1372 | 50 +++--- tests/data/test1373 | 50 +++--- tests/data/test1374 | 56 +++---- tests/data/test1375 | 38 ++--- tests/data/test1376 | 18 +-- tests/data/test1377 | 20 +-- tests/data/test1379 | 30 ++-- tests/data/test1380 | 30 ++-- tests/data/test1381 | 30 ++-- tests/data/test1382 | 30 ++-- tests/data/test1383 | 30 ++-- tests/data/test1384 | 30 ++-- tests/data/test1386 | 36 ++--- tests/data/test1387 | 66 ++++---- tests/data/test1388 | 66 ++++---- tests/data/test1389 | 68 ++++---- tests/data/test1390 | 66 ++++---- tests/data/test1391 | 66 ++++---- tests/data/test1392 | 66 ++++---- tests/data/test1393 | 36 ++--- tests/data/test14 | 2 +- tests/data/test1400 | 2 +- tests/data/test1401 | 2 +- tests/data/test1403 | 2 +- tests/data/test1406 | 12 +- tests/data/test1407 | 2 +- tests/data/test1408 | 2 +- tests/data/test141 | 8 +- tests/data/test1411 | 2 +- tests/data/test1412 | 96 ++++++------ tests/data/test1413 | 48 +++--- tests/data/test1415 | 2 +- tests/data/test1416 | 2 +- tests/data/test1417 | 18 +-- tests/data/test1418 | 76 ++++----- tests/data/test1419 | 26 ++-- tests/data/test1420 | 18 +-- tests/data/test1422 | 20 +-- tests/data/test1423 | 18 +-- tests/data/test1424 | 2 +- tests/data/test1425 | 2 +- tests/data/test1426 | 2 +- tests/data/test1428 | 22 +-- tests/data/test1429 | 26 ++-- tests/data/test1430 | 2 +- tests/data/test1431 | 2 +- tests/data/test1432 | 2 +- tests/data/test1433 | 2 +- tests/data/test1434 | 2 +- tests/data/test1435 | 2 +- tests/data/test1436 | 2 +- tests/data/test1437 | 52 +++---- tests/data/test1438 | 2 +- tests/data/test1439 | 2 +- tests/data/test1443 | 2 +- tests/data/test1448 | 2 +- tests/data/test1457 | 2 +- tests/data/test1458 | 2 +- tests/data/test1466 | 2 +- tests/data/test1467 | 2 +- tests/data/test1468 | 2 +- tests/data/test1470 | 2 +- tests/data/test1473 | 18 +-- tests/data/test1475 | 2 +- tests/data/test1476 | 4 +- tests/data/test1479 | 18 +-- tests/data/test1480 | 16 +- tests/data/test1481 | 2 +- tests/data/test1482 | 18 +-- tests/data/test1483 | 20 +-- tests/data/test1484 | 22 +-- tests/data/test1485 | 22 +-- tests/data/test1487 | 2 +- tests/data/test1489 | 6 +- tests/data/test1492 | 2 +- tests/data/test1493 | 18 +-- tests/data/test1494 | 4 +- tests/data/test1495 | 4 +- tests/data/test1496 | 4 +- tests/data/test1497 | 2 +- tests/data/test1498 | 10 +- tests/data/test1499 | 2 +- tests/data/test15 | 30 ++-- tests/data/test150 | 52 +++---- tests/data/test1500 | 16 +- tests/data/test1502 | 26 ++-- tests/data/test1503 | 26 ++-- tests/data/test1504 | 26 ++-- tests/data/test1505 | 26 ++-- tests/data/test1506 | 10 +- tests/data/test1509 | 52 +++---- tests/data/test151 | 2 +- tests/data/test1510 | 50 +++--- tests/data/test1511 | 52 +++---- tests/data/test1512 | 50 +++--- tests/data/test1513 | 6 +- tests/data/test1514 | 12 +- tests/data/test1517 | 2 +- tests/data/test152 | 2 +- tests/data/test1520 | 22 +-- tests/data/test1525 | 18 +-- tests/data/test1526 | 54 +++---- tests/data/test1527 | 56 +++---- tests/data/test1528 | 40 ++--- tests/data/test1529 | 8 +- tests/data/test153 | 126 +++++++-------- tests/data/test1532 | 10 +- tests/data/test1533 | 10 +- tests/data/test1534 | 12 +- tests/data/test1535 | 2 +- tests/data/test1536 | 2 +- tests/data/test1539 | 10 +- tests/data/test154 | 62 ++++---- tests/data/test1540 | 2 +- tests/data/test1541 | 2 +- tests/data/test1542 | 10 +- tests/data/test1543 | 2 +- tests/data/test1546 | 26 ++-- tests/data/test1549 | 4 +- tests/data/test155 | 84 +++++----- tests/data/test1551 | 2 +- tests/data/test1552 | 16 +- tests/data/test1553 | 16 +- tests/data/test1555 | 6 +- tests/data/test1556 | 28 ++-- tests/data/test156 | 12 +- tests/data/test1561 | 2 +- tests/data/test1562 | 2 +- tests/data/test1563 | 2 +- tests/data/test1566 | 2 +- tests/data/test1567 | 2 +- tests/data/test1568 | 52 +++---- tests/data/test157 | 14 +- tests/data/test1571 | 6 +- tests/data/test1572 | 6 +- tests/data/test1573 | 6 +- tests/data/test1574 | 6 +- tests/data/test1575 | 6 +- tests/data/test1576 | 6 +- tests/data/test1577 | 6 +- tests/data/test1578 | 6 +- tests/data/test1579 | 6 +- tests/data/test158 | 8 +- tests/data/test1580 | 6 +- tests/data/test1581 | 6 +- tests/data/test1582 | 4 +- tests/data/test159 | 34 ++-- tests/data/test1590 | 16 +- tests/data/test1593 | 2 +- tests/data/test1594 | 2 +- tests/data/test1595 | 2 +- tests/data/test1596 | 2 +- tests/data/test16 | 18 +-- tests/data/test160 | 40 ++--- tests/data/test1613 | 18 +-- tests/data/test1617 | 42 ++--- tests/data/test162 | 2 +- tests/data/test1630 | 32 ++-- tests/data/test1631 | 34 ++-- tests/data/test1632 | 42 ++--- tests/data/test1634 | 2 +- tests/data/test1635 | 2 +- tests/data/test164 | 2 +- tests/data/test165 | 16 +- tests/data/test167 | 28 ++-- tests/data/test1670 | 2 +- tests/data/test1671 | 2 +- tests/data/test168 | 42 ++--- tests/data/test169 | 78 +++++----- tests/data/test170 | 2 +- tests/data/test1700 | 82 +++++----- tests/data/test1701 | 54 +++---- tests/data/test1702 | 56 +++---- tests/data/test1704 | 16 +- tests/data/test171 | 18 +-- tests/data/test1711 | 10 +- tests/data/test172 | 12 +- tests/data/test174 | 14 +- tests/data/test175 | 46 +++--- tests/data/test176 | 46 +++--- tests/data/test177 | 14 +- tests/data/test178 | 2 +- tests/data/test179 | 2 +- tests/data/test18 | 58 +++---- tests/data/test1800 | 2 +- tests/data/test1801 | 2 +- tests/data/test1802 | 6 +- tests/data/test183 | 12 +- tests/data/test184 | 40 ++--- tests/data/test185 | 44 +++--- tests/data/test187 | 2 +- tests/data/test188 | 2 +- tests/data/test189 | 2 +- tests/data/test1901 | 2 +- tests/data/test1903 | 2 +- tests/data/test1904 | 20 +-- tests/data/test1905 | 2 +- tests/data/test1906 | 2 +- tests/data/test1907 | 2 +- tests/data/test1908 | 2 +- tests/data/test1909 | 2 +- tests/data/test1910 | 2 +- tests/data/test1919 | 2 +- tests/data/test192 | 2 +- tests/data/test193 | 2 +- tests/data/test1933 | 2 +- tests/data/test1934 | 2 +- tests/data/test1935 | 2 +- tests/data/test1936 | 2 +- tests/data/test194 | 50 +++--- tests/data/test1941 | 20 +-- tests/data/test1945 | 20 +-- tests/data/test1948 | 34 ++-- tests/data/test1956 | 2 +- tests/data/test1957 | 2 +- tests/data/test1958 | 2 +- tests/data/test1959 | 2 +- tests/data/test1960 | 4 +- tests/data/test1964 | 2 +- tests/data/test197 | 2 +- tests/data/test1970 | 2 +- tests/data/test1974 | 2 +- tests/data/test1976 | 2 +- tests/data/test1977 | 2 +- tests/data/test198 | 2 +- tests/data/test1981 | 4 +- tests/data/test199 | 2 +- tests/data/test2 | 4 +- tests/data/test2001 | 24 +-- tests/data/test2002 | 24 +-- tests/data/test2003 | 24 +-- tests/data/test2005 | 2 +- tests/data/test2023 | 126 +++++++-------- tests/data/test2024 | 138 ++++++++--------- tests/data/test2025 | 264 +++++++++++++++---------------- tests/data/test2026 | 198 ++++++++++++------------ tests/data/test2027 | 218 +++++++++++++------------- tests/data/test2028 | 324 +++++++++++++++++++------------------- tests/data/test2029 | 222 +++++++++++++------------- tests/data/test2030 | 284 +++++++++++++++++----------------- tests/data/test2031 | 326 +++++++++++++++++++-------------------- tests/data/test2032 | 60 +++---- tests/data/test2033 | 2 +- tests/data/test2034 | 2 +- tests/data/test2037 | 2 +- tests/data/test2040 | 2 +- tests/data/test2041 | 2 +- tests/data/test2046 | 2 +- tests/data/test2047 | 2 +- tests/data/test2049 | 2 +- tests/data/test2050 | 14 +- tests/data/test2051 | 2 +- tests/data/test2052 | 2 +- tests/data/test2053 | 2 +- tests/data/test2054 | 2 +- tests/data/test2055 | 14 +- tests/data/test2056 | 2 +- tests/data/test2057 | 2 +- tests/data/test2058 | 70 ++++----- tests/data/test2059 | 70 ++++----- tests/data/test206 | 10 +- tests/data/test2060 | 70 ++++----- tests/data/test2061 | 52 +++---- tests/data/test2062 | 52 +++---- tests/data/test2063 | 52 +++---- tests/data/test2064 | 56 +++---- tests/data/test2065 | 56 +++---- tests/data/test2066 | 56 +++---- tests/data/test2067 | 50 +++--- tests/data/test2068 | 50 +++--- tests/data/test2069 | 50 +++--- tests/data/test207 | 2 +- tests/data/test2070 | 2 +- tests/data/test2074 | 2 +- tests/data/test2076 | 36 ++--- tests/data/test2077 | 8 +- tests/data/test2078 | 8 +- tests/data/test2079 | 2 +- tests/data/test2081 | 40 ++--- tests/data/test2087 | 2 +- tests/data/test2088 | 2 +- tests/data/test2089 | 2 +- tests/data/test209 | 22 +-- tests/data/test2102 | 4 +- tests/data/test213 | 20 +-- tests/data/test214 | 2 +- tests/data/test217 | 14 +- tests/data/test218 | 12 +- tests/data/test22 | 10 +- tests/data/test220 | 38 ++--- tests/data/test221 | 38 ++--- tests/data/test222 | 20 +-- tests/data/test223 | 38 ++--- tests/data/test224 | 38 ++--- tests/data/test230 | 20 +-- tests/data/test2300 | 16 +- tests/data/test2301 | 16 +- tests/data/test2302 | 16 +- tests/data/test2303 | 14 +- tests/data/test2304 | 2 +- tests/data/test2306 | 24 +-- tests/data/test2308 | 24 +-- tests/data/test2309 | 4 +- tests/data/test232 | 20 +-- tests/data/test233 | 2 +- tests/data/test234 | 2 +- tests/data/test239 | 42 ++--- tests/data/test24 | 2 +- tests/data/test240 | 2 +- tests/data/test2400 | 18 +-- tests/data/test2401 | 30 ++-- tests/data/test2402 | 50 +++--- tests/data/test2403 | 4 +- tests/data/test2404 | 10 +- tests/data/test2406 | 18 +-- tests/data/test241 | 2 +- tests/data/test242 | 2 +- tests/data/test243 | 76 ++++----- tests/data/test245 | 50 +++--- tests/data/test246 | 70 ++++----- tests/data/test249 | 2 +- tests/data/test25 | 2 +- tests/data/test2500 | 6 +- tests/data/test2501 | 28 ++-- tests/data/test2502 | 10 +- tests/data/test2503 | 4 +- tests/data/test256 | 2 +- tests/data/test257 | 2 +- tests/data/test258 | 12 +- tests/data/test259 | 12 +- tests/data/test26 | 2 +- tests/data/test260 | 2 +- tests/data/test262 | 2 +- tests/data/test263 | 2 +- tests/data/test264 | 14 +- tests/data/test265 | 22 +-- tests/data/test266 | 18 +-- tests/data/test267 | 50 +++--- tests/data/test268 | 2 +- tests/data/test269 | 2 +- tests/data/test27 | 2 +- tests/data/test273 | 52 +++---- tests/data/test274 | 2 +- tests/data/test275 | 24 +-- tests/data/test276 | 2 +- tests/data/test278 | 16 +- tests/data/test279 | 16 +- tests/data/test28 | 2 +- tests/data/test282 | 2 +- tests/data/test287 | 14 +- tests/data/test29 | 12 +- tests/data/test292 | 2 +- tests/data/test293 | 2 +- tests/data/test299 | 2 +- tests/data/test3 | 24 +-- tests/data/test30 | 2 +- tests/data/test300 | 2 +- tests/data/test3000 | 2 +- tests/data/test3001 | 2 +- tests/data/test3002 | 10 +- tests/data/test3003 | 10 +- tests/data/test3004 | 10 +- tests/data/test3005 | 10 +- tests/data/test3006 | 10 +- tests/data/test3007 | 10 +- tests/data/test3008 | 2 +- tests/data/test3009 | 2 +- tests/data/test301 | 2 +- tests/data/test3011 | 2 +- tests/data/test3012 | 2 +- tests/data/test3013 | 2 +- tests/data/test3014 | 2 +- tests/data/test3015 | 18 +-- tests/data/test302 | 6 +- tests/data/test3023 | 2 +- tests/data/test3024 | 2 +- tests/data/test3028 | 12 +- tests/data/test303 | 12 +- tests/data/test3031 | 6 +- tests/data/test3032 | 92 +++++------ tests/data/test3035 | 48 +++--- tests/data/test306 | 2 +- tests/data/test307 | 2 +- tests/data/test309 | 52 +++---- tests/data/test31 | 2 +- tests/data/test310 | 2 +- tests/data/test3100 | 72 ++++----- tests/data/test3101 | 60 +++---- tests/data/test3102 | 2 +- tests/data/test3103 | 4 +- tests/data/test3104 | 4 +- tests/data/test314 | 20 +-- tests/data/test315 | 38 ++--- tests/data/test316 | 38 ++--- tests/data/test317 | 2 +- tests/data/test318 | 2 +- tests/data/test319 | 18 +-- tests/data/test32 | 2 +- tests/data/test320 | 14 +- tests/data/test3204 | 2 +- tests/data/test3208 | 26 ++-- tests/data/test3215 | 10 +- tests/data/test325 | 2 +- tests/data/test326 | 2 +- tests/data/test327 | 2 +- tests/data/test328 | 2 +- tests/data/test329 | 32 ++-- tests/data/test330 | 2 +- tests/data/test331 | 2 +- tests/data/test334 | 2 +- tests/data/test335 | 2 +- tests/data/test339 | 2 +- tests/data/test34 | 2 +- tests/data/test341 | 2 +- tests/data/test342 | 2 +- tests/data/test343 | 2 +- tests/data/test344 | 2 +- tests/data/test345 | 2 +- tests/data/test346 | 2 +- tests/data/test347 | 2 +- tests/data/test349 | 2 +- tests/data/test355 | 2 +- tests/data/test356 | 2 +- tests/data/test358 | 60 +++---- tests/data/test359 | 60 +++---- tests/data/test36 | 2 +- tests/data/test360 | 2 +- tests/data/test361 | 2 +- tests/data/test363 | 18 +-- tests/data/test365 | 2 +- tests/data/test366 | 2 +- tests/data/test367 | 2 +- tests/data/test368 | 2 +- tests/data/test369 | 2 +- tests/data/test37 | 2 +- tests/data/test371 | 2 +- tests/data/test372 | 18 +-- tests/data/test373 | 18 +-- tests/data/test374 | 16 +- tests/data/test376 | 2 +- tests/data/test379 | 2 +- tests/data/test38 | 2 +- tests/data/test387 | 4 +- tests/data/test388 | 126 +++++++-------- tests/data/test389 | 2 +- tests/data/test39 | 12 +- tests/data/test391 | 2 +- tests/data/test392 | 20 +-- tests/data/test393 | 2 +- tests/data/test394 | 2 +- tests/data/test395 | 2 +- tests/data/test396 | 20 +-- tests/data/test397 | 38 ++--- tests/data/test398 | 2 +- tests/data/test40 | 48 +++--- tests/data/test4000 | 2 +- tests/data/test410 | 2 +- tests/data/test412 | 2 +- tests/data/test413 | 2 +- tests/data/test414 | 2 +- tests/data/test415 | 2 +- tests/data/test417 | 2 +- tests/data/test418 | 2 +- tests/data/test42 | 48 +++--- tests/data/test420 | 4 +- tests/data/test421 | 4 +- tests/data/test423 | 2 +- tests/data/test424 | 4 +- tests/data/test425 | 2 +- tests/data/test427 | 6 +- tests/data/test428 | 2 +- tests/data/test429 | 2 +- tests/data/test43 | 2 +- tests/data/test434 | 2 +- tests/data/test435 | 24 +-- tests/data/test436 | 10 +- tests/data/test437 | 2 +- tests/data/test438 | 52 +++---- tests/data/test439 | 4 +- tests/data/test440 | 34 ++-- tests/data/test441 | 34 ++-- tests/data/test442 | 2 +- tests/data/test443 | 2 +- tests/data/test444 | 2 +- tests/data/test446 | 12 +- tests/data/test447 | 2 +- tests/data/test448 | 2 +- tests/data/test449 | 2 +- tests/data/test45 | 2 +- tests/data/test450 | 2 +- tests/data/test451 | 2 +- tests/data/test455 | 2 +- tests/data/test457 | 2 +- tests/data/test458 | 6 +- tests/data/test459 | 2 +- tests/data/test46 | 30 ++-- tests/data/test461 | 4 +- tests/data/test468 | 4 +- tests/data/test469 | 2 +- tests/data/test47 | 2 +- tests/data/test470 | 2 +- tests/data/test471 | 2 +- tests/data/test472 | 4 +- tests/data/test473 | 2 +- tests/data/test474 | 4 +- tests/data/test477 | 2 +- tests/data/test478 | 4 +- tests/data/test479 | 8 +- tests/data/test483 | 4 +- tests/data/test486 | 8 +- tests/data/test487 | 4 +- tests/data/test488 | 4 +- tests/data/test489 | 4 +- tests/data/test49 | 2 +- tests/data/test493 | 34 ++-- tests/data/test495 | 2 +- tests/data/test497 | 2 +- tests/data/test499 | 6 +- tests/data/test5 | 2 +- tests/data/test50 | 2 +- tests/data/test500 | 26 ++-- tests/data/test503 | 18 +-- tests/data/test508 | 14 +- tests/data/test51 | 2 +- tests/data/test510 | 14 +- tests/data/test512 | 14 +- tests/data/test514 | 26 ++-- tests/data/test515 | 14 +- tests/data/test516 | 14 +- tests/data/test518 | 26 ++-- tests/data/test519 | 48 +++--- tests/data/test52 | 2 +- tests/data/test522 | 20 +-- tests/data/test523 | 20 +-- tests/data/test528 | 14 +- tests/data/test53 | 18 +-- tests/data/test535 | 32 ++-- tests/data/test536 | 20 +-- tests/data/test537 | 26 ++-- tests/data/test54 | 2 +- tests/data/test540 | 54 +++---- tests/data/test542 | 6 +- tests/data/test544 | 12 +- tests/data/test545 | 12 +- tests/data/test547 | 76 ++++----- tests/data/test548 | 76 ++++----- tests/data/test549 | 20 +-- tests/data/test55 | 2 +- tests/data/test550 | 20 +-- tests/data/test551 | 50 +++--- tests/data/test552 | 26 ++-- tests/data/test553 | 10 +- tests/data/test554 | 40 ++--- tests/data/test555 | 76 ++++----- tests/data/test556 | 16 +- tests/data/test560 | 14 +- tests/data/test561 | 20 +-- tests/data/test563 | 16 +- tests/data/test565 | 70 ++++----- tests/data/test566 | 26 ++-- tests/data/test567 | 14 +- tests/data/test568 | 34 ++-- tests/data/test57 | 2 +- tests/data/test570 | 42 ++--- tests/data/test571 | 52 +++---- tests/data/test572 | 70 ++++----- tests/data/test573 | 26 ++-- tests/data/test577 | 14 +- tests/data/test578 | 24 +-- tests/data/test579 | 70 ++++----- tests/data/test580 | 34 ++-- tests/data/test581 | 20 +-- tests/data/test584 | 34 ++-- tests/data/test585 | 18 +-- tests/data/test589 | 14 +- tests/data/test59 | 2 +- tests/data/test590 | 74 ++++----- tests/data/test598 | 42 ++--- tests/data/test599 | 50 +++--- tests/data/test6 | 2 +- tests/data/test60 | 10 +- tests/data/test61 | 36 ++--- tests/data/test62 | 12 +- tests/data/test63 | 12 +- tests/data/test64 | 52 +++---- tests/data/test643 | 40 ++--- tests/data/test644 | 2 +- tests/data/test645 | 40 ++--- tests/data/test646 | 12 +- tests/data/test648 | 10 +- tests/data/test649 | 10 +- tests/data/test65 | 56 +++---- tests/data/test650 | 4 +- tests/data/test651 | 14 +- tests/data/test653 | 40 ++--- tests/data/test654 | 40 ++--- tests/data/test655 | 14 +- tests/data/test658 | 2 +- tests/data/test659 | 2 +- tests/data/test66 | 2 +- tests/data/test662 | 48 +++--- tests/data/test663 | 48 +++--- tests/data/test666 | 24 +-- tests/data/test667 | 28 ++-- tests/data/test668 | 28 ++-- tests/data/test67 | 52 +++---- tests/data/test670 | 28 ++-- tests/data/test671 | 28 ++-- tests/data/test672 | 28 ++-- tests/data/test673 | 28 ++-- tests/data/test674 | 2 +- tests/data/test675 | 14 +- tests/data/test676 | 42 ++--- tests/data/test678 | 2 +- tests/data/test679 | 2 +- tests/data/test68 | 56 +++---- tests/data/test681 | 2 +- tests/data/test682 | 2 +- tests/data/test683 | 2 +- tests/data/test684 | 2 +- tests/data/test685 | 2 +- tests/data/test687 | 2 +- tests/data/test688 | 2 +- tests/data/test689 | 2 +- tests/data/test69 | 86 +++++------ tests/data/test690 | 6 +- tests/data/test691 | 6 +- tests/data/test692 | 6 +- tests/data/test693 | 36 ++--- tests/data/test694 | 92 +++++------ tests/data/test696 | 42 ++--- tests/data/test699 | 4 +- tests/data/test7 | 2 +- tests/data/test70 | 56 +++---- tests/data/test700 | 2 +- tests/data/test701 | 2 +- tests/data/test708 | 2 +- tests/data/test709 | 2 +- tests/data/test710 | 2 +- tests/data/test717 | 2 +- tests/data/test718 | 18 +-- tests/data/test719 | 2 +- tests/data/test72 | 56 +++---- tests/data/test720 | 2 +- tests/data/test721 | 2 +- tests/data/test722 | 2 +- tests/data/test724 | 2 +- tests/data/test727 | 2 +- tests/data/test728 | 2 +- tests/data/test73 | 16 +- tests/data/test730 | 2 +- tests/data/test731 | 2 +- tests/data/test732 | 2 +- tests/data/test733 | 2 +- tests/data/test734 | 2 +- tests/data/test735 | 2 +- tests/data/test736 | 2 +- tests/data/test737 | 2 +- tests/data/test74 | 2 +- tests/data/test740 | 2 +- tests/data/test742 | 2 +- tests/data/test743 | 2 +- tests/data/test744 | 18 +-- tests/data/test747 | 2 +- tests/data/test749 | 12 +- tests/data/test750 | 2 +- tests/data/test752 | 6 +- tests/data/test755 | 2 +- tests/data/test756 | 2 +- tests/data/test76 | 10 +- tests/data/test762 | 2 +- tests/data/test767 | 4 +- tests/data/test768 | 4 +- tests/data/test769 | 4 +- tests/data/test77 | 2 +- tests/data/test770 | 4 +- tests/data/test771 | 4 +- tests/data/test772 | 4 +- tests/data/test773 | 4 +- tests/data/test775 | 30 ++-- tests/data/test776 | 4 +- tests/data/test78 | 2 +- tests/data/test780 | 8 +- tests/data/test781 | 8 +- tests/data/test782 | 8 +- tests/data/test783 | 8 +- tests/data/test784 | 2 +- tests/data/test785 | 2 +- tests/data/test786 | 2 +- tests/data/test788 | 2 +- tests/data/test789 | 4 +- tests/data/test79 | 2 +- tests/data/test790 | 2 +- tests/data/test791 | 2 +- tests/data/test794 | 6 +- tests/data/test796 | 6 +- tests/data/test797 | 6 +- tests/data/test799 | 16 +- tests/data/test8 | 2 +- tests/data/test80 | 20 +-- tests/data/test800 | 16 +- tests/data/test801 | 10 +- tests/data/test802 | 10 +- tests/data/test804 | 10 +- tests/data/test805 | 20 +-- tests/data/test806 | 8 +- tests/data/test807 | 8 +- tests/data/test808 | 16 +- tests/data/test809 | 4 +- tests/data/test81 | 52 +++---- tests/data/test810 | 4 +- tests/data/test815 | 4 +- tests/data/test816 | 8 +- tests/data/test818 | 10 +- tests/data/test819 | 16 +- tests/data/test82 | 14 +- tests/data/test820 | 16 +- tests/data/test821 | 16 +- tests/data/test822 | 16 +- tests/data/test823 | 16 +- tests/data/test824 | 16 +- tests/data/test825 | 16 +- tests/data/test826 | 16 +- tests/data/test827 | 16 +- tests/data/test828 | 16 +- tests/data/test83 | 20 +-- tests/data/test833 | 16 +- tests/data/test834 | 16 +- tests/data/test835 | 16 +- tests/data/test836 | 20 +-- tests/data/test837 | 16 +- tests/data/test838 | 16 +- tests/data/test839 | 16 +- tests/data/test84 | 2 +- tests/data/test840 | 16 +- tests/data/test841 | 26 ++-- tests/data/test842 | 16 +- tests/data/test843 | 16 +- tests/data/test846 | 16 +- tests/data/test847 | 16 +- tests/data/test848 | 16 +- tests/data/test85 | 2 +- tests/data/test850 | 16 +- tests/data/test853 | 8 +- tests/data/test857 | 36 ++--- tests/data/test86 | 2 +- tests/data/test861 | 14 +- tests/data/test862 | 10 +- tests/data/test864 | 16 +- tests/data/test865 | 16 +- tests/data/test866 | 16 +- tests/data/test867 | 16 +- tests/data/test868 | 18 +-- tests/data/test869 | 16 +- tests/data/test87 | 30 ++-- tests/data/test870 | 16 +- tests/data/test871 | 16 +- tests/data/test872 | 16 +- tests/data/test873 | 16 +- tests/data/test874 | 16 +- tests/data/test879 | 16 +- tests/data/test88 | 50 +++--- tests/data/test880 | 16 +- tests/data/test881 | 16 +- tests/data/test882 | 18 +-- tests/data/test883 | 16 +- tests/data/test884 | 16 +- tests/data/test885 | 16 +- tests/data/test886 | 16 +- tests/data/test887 | 16 +- tests/data/test888 | 16 +- tests/data/test89 | 100 ++++++------ tests/data/test892 | 16 +- tests/data/test895 | 16 +- tests/data/test897 | 50 +++--- tests/data/test898 | 2 +- tests/data/test899 | 6 +- tests/data/test90 | 168 ++++++++++---------- tests/data/test901 | 22 +-- tests/data/test902 | 10 +- tests/data/test903 | 4 +- tests/data/test904 | 4 +- tests/data/test905 | 4 +- tests/data/test906 | 6 +- tests/data/test907 | 4 +- tests/data/test908 | 4 +- tests/data/test909 | 10 +- tests/data/test91 | 90 +++++------ tests/data/test910 | 8 +- tests/data/test912 | 10 +- tests/data/test913 | 10 +- tests/data/test914 | 10 +- tests/data/test915 | 10 +- tests/data/test916 | 10 +- tests/data/test917 | 10 +- tests/data/test918 | 10 +- tests/data/test919 | 4 +- tests/data/test92 | 6 +- tests/data/test920 | 4 +- tests/data/test921 | 6 +- tests/data/test922 | 4 +- tests/data/test924 | 10 +- tests/data/test925 | 4 +- tests/data/test926 | 2 +- tests/data/test927 | 8 +- tests/data/test928 | 6 +- tests/data/test93 | 2 +- tests/data/test935 | 4 +- tests/data/test936 | 4 +- tests/data/test937 | 4 +- tests/data/test938 | 6 +- tests/data/test939 | 4 +- tests/data/test94 | 2 +- tests/data/test940 | 4 +- tests/data/test942 | 4 +- tests/data/test943 | 4 +- tests/data/test944 | 4 +- tests/data/test945 | 4 +- tests/data/test946 | 4 +- tests/data/test947 | 4 +- tests/data/test948 | 4 +- tests/data/test949 | 4 +- tests/data/test95 | 18 +-- tests/data/test950 | 4 +- tests/data/test951 | 4 +- tests/data/test952 | 4 +- tests/data/test953 | 4 +- tests/data/test955 | 10 +- tests/data/test956 | 10 +- tests/data/test959 | 10 +- tests/data/test960 | 10 +- tests/data/test962 | 10 +- tests/data/test963 | 10 +- tests/data/test965 | 10 +- tests/data/test966 | 10 +- tests/data/test967 | 4 +- tests/data/test97 | 12 +- tests/data/test970 | 2 +- tests/data/test972 | 2 +- tests/data/test974 | 2 +- tests/data/test976 | 2 +- tests/data/test977 | 2 +- tests/data/test978 | 4 +- tests/data/test979 | 6 +- tests/data/test98 | 12 +- tests/data/test987 | 10 +- tests/data/test989 | 16 +- tests/data/test99 | 2 +- tests/data/test990 | 4 +- tests/data/test991 | 4 +- tests/data/test992 | 4 +- tests/data/test995 | 4 +- tests/data/test998 | 2 +- tests/data/test999 | 2 +- tests/runner.pm | 36 +++-- tests/runtests.pl | 42 ++++- tests/testutil.pm | 2 +- 1096 files changed, 10495 insertions(+), 10422 deletions(-) diff --git a/docs/tests/FILEFORMAT.md b/docs/tests/FILEFORMAT.md index bc82aa8c00..070735836e 100644 --- a/docs/tests/FILEFORMAT.md +++ b/docs/tests/FILEFORMAT.md @@ -241,7 +241,7 @@ similar. ## `` -### `` +### `` data to be sent to the client on its request and later verified that it arrived safely. Set `nocheck="yes"` to prevent the test script from verifying @@ -269,16 +269,19 @@ used as "raw" data. `nonewline=yes` means that the last byte (the trailing newline character) should be cut off from the data before sending or comparing it. -`crlf=yes` forces *header* newlines to become CRLF even if not written so in -the source file. Note that this makes runtests.pl parse and "guess" what is a -header and what is not in order to apply the CRLF line endings appropriately. +`crlf=yes` forces the newlines to become CRLF even if not written so in the +test. + +`crlf=headers` forces *header* newlines to become CRLF even if not written so +in the source file. Note that this makes runtests.pl parse and "guess" what is +a header and what is not in order to apply the CRLF line endings appropriately. For FTP file listings, the `` section is be used *only* if you make sure that there has been a CWD done first to a directory named `test-[NUM]` where `NUM` is the test case number. Otherwise the ftp server cannot know from which test file to load the list content. -### `` +### `` Send back this contents instead of the `` one. The `NUM` is set by: @@ -297,15 +300,22 @@ to complete a transfer. The response to each request is found in its own data section. Validating the entire negotiation sequence can be done by specifying a `datacheck` section. -### `` +### `` The connect section is used instead of the 'data' for all CONNECT requests. The remainder of the rules for the data section then apply but with a connect prefix. +`crlf=yes` forces the newlines to become CRLF even if not written so in the +test. + +`crlf=headers` forces *header* newlines to become CRLF even if not written so +in the source file. Note that this makes runtests.pl parse and "guess" what is +a header and what is not in order to apply the CRLF line endings appropriately. + ### `` Address type and address details as logged by the SOCKS proxy. -### `` +### `` if the data is sent but this is what should be checked afterwards. If `nonewline=yes` is set, runtests cuts off the trailing newline from the data before comparing with the one actually received by the client. @@ -313,7 +323,7 @@ before comparing with the one actually received by the client. Use the `mode="text"` attribute if the output is in text mode on platforms that have a text/binary difference. -### `` +### `` The contents of numbered `datacheck` sections are appended to the non-numbered one. @@ -613,13 +623,16 @@ parameter is the not negative integer number of seconds for the delay. This 'delay' attribute is intended for specific test cases, and normally not needed. -### `` +### `` This creates the named file with this content before the test case is run, which is useful if the test case needs a file to act on. If `nonewline="yes"` is used, the created file gets the final newline stripped off. +`crlf=yes` forces the newlines to become CRLF even if not written so in the +test. + ### `` 1 to 4 can be appended to 'file' to create more files. @@ -629,12 +642,15 @@ off. ### `` -### `` +### `` Pass this given data on stdin to the tool. If `nonewline` is set, we cut off the trailing newline of this given data before comparing with the one actually received by the client +`crlf=yes` forces the newlines to become CRLF even if not written so in the +test. + ## `` If `test-duphandle` is a listed item here, this is not run when @@ -677,14 +693,14 @@ test. in the source file. Note that this makes runtests.pl parse and "guess" what is a header and what is not in order to apply the CRLF line endings appropriately. -### `` +### `` The protocol dump curl should transmit to an HTTP proxy (when the http-proxy server is used), if `nonewline` is set, we cut off the trailing newline of this given data before comparing with the one actually sent by the client The `` and `` rules are applied before comparisons are made. -### `` +### `` This verifies that this data was passed to stderr. Use the mode="text" attribute if the output is in text mode on platforms that @@ -693,10 +709,14 @@ have a text/binary difference. `crlf=yes` forces the newlines to become CRLF even if not written so in the test. +`crlf=headers` forces *header* newlines to become CRLF even if not written so +in the source file. Note that this makes runtests.pl parse and "guess" what is +a header and what is not in order to apply the CRLF line endings appropriately. + If `nonewline` is set, we cut off the trailing newline of this given data before comparing with the one actually received by the client -### `` +### `` This verifies that this data was passed to stdout. Use the mode="text" attribute if the output is in text mode on platforms that @@ -708,6 +728,10 @@ before comparing with the one actually received by the client `crlf=yes` forces the newlines to become CRLF even if not written so in the test. +`crlf=headers` forces *header* newlines to become CRLF even if not written so +in the source file. Note that this makes runtests.pl parse and "guess" what is +a header and what is not in order to apply the CRLF line endings appropriately. + `loadfile="filename"` makes loading the data from an external file. ### `` @@ -718,11 +742,18 @@ that the set limits are not exceeded. Supported limits: Allocations: [number of allocation calls] Maximum allocated: [maximum concurrent memory allocated] -### `` +### `` The file's contents must be identical to this after the test is complete. Use the mode="text" attribute if the output is in text mode on platforms that have a text/binary difference. +`crlf=yes` forces the newlines to become CRLF even if not written so in the +test. + +`crlf=headers` forces *header* newlines to become CRLF even if not written so +in the source file. Note that this makes runtests.pl parse and "guess" what is +a header and what is not in order to apply the CRLF line endings appropriately. + ### `` 1 to 4 can be appended to 'file' to compare more files. diff --git a/tests/data/test1 b/tests/data/test1 index 5c3c318be5..ee0b634048 100644 --- a/tests/data/test1 +++ b/tests/data/test1 @@ -9,7 +9,7 @@ HTTP GET # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -42,7 +42,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1001 b/tests/data/test1001 index ab2b045e9c..6359b14544 100644 --- a/tests/data/test1001 +++ b/tests/data/test1001 @@ -13,45 +13,45 @@ CUSTOMREQUEST # Server-side - -HTTP/1.1 100 Continue -Server: Microsoft-IIS/5.0 -Date: Sun, 03 Apr 2005 14:57:45 GMT -X-Powered-By: ASP.NET - -HTTP/1.1 401 authentication please -Server: Microsoft-IIS/6.0 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - + +HTTP/1.1 100 Continue +Server: Microsoft-IIS/5.0 +Date: Sun, 03 Apr 2005 14:57:45 GMT +X-Powered-By: ASP.NET + +HTTP/1.1 401 authentication please +Server: Microsoft-IIS/6.0 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + - -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 200 A OK +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok - -HTTP/1.1 100 Continue -Server: Microsoft-IIS/5.0 -Date: Sun, 03 Apr 2005 14:57:45 GMT -X-Powered-By: ASP.NET - -HTTP/1.1 401 authentication please -Server: Microsoft-IIS/6.0 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 100 Continue +Server: Microsoft-IIS/5.0 +Date: Sun, 03 Apr 2005 14:57:45 GMT +X-Powered-By: ASP.NET + +HTTP/1.1 401 authentication please +Server: Microsoft-IIS/6.0 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + +HTTP/1.1 200 A OK +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok diff --git a/tests/data/test1002 b/tests/data/test1002 index 94124e2ea0..20e878db56 100644 --- a/tests/data/test1002 +++ b/tests/data/test1002 @@ -12,45 +12,45 @@ CUSTOMREQUEST - -HTTP/1.1 100 Continue -Server: Microsoft-IIS/5.0 -Date: Sun, 03 Apr 2005 14:57:45 GMT -X-Powered-By: ASP.NET - -HTTP/1.1 401 authentication please -Server: Microsoft-IIS/6.0 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - + +HTTP/1.1 100 Continue +Server: Microsoft-IIS/5.0 +Date: Sun, 03 Apr 2005 14:57:45 GMT +X-Powered-By: ASP.NET + +HTTP/1.1 401 authentication please +Server: Microsoft-IIS/6.0 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + - -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 200 A OK +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok - -HTTP/1.1 100 Continue -Server: Microsoft-IIS/5.0 -Date: Sun, 03 Apr 2005 14:57:45 GMT -X-Powered-By: ASP.NET - -HTTP/1.1 401 authentication please -Server: Microsoft-IIS/6.0 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 100 Continue +Server: Microsoft-IIS/5.0 +Date: Sun, 03 Apr 2005 14:57:45 GMT +X-Powered-By: ASP.NET + +HTTP/1.1 401 authentication please +Server: Microsoft-IIS/6.0 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + +HTTP/1.1 200 A OK +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok diff --git a/tests/data/test1004 b/tests/data/test1004 index d7c0ae5176..f7c25cafdd 100644 --- a/tests/data/test1004 +++ b/tests/data/test1004 @@ -46,7 +46,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --proxy "" # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1008 b/tests/data/test1008 index a1705d1066..be858d0038 100644 --- a/tests/data/test1008 +++ b/tests/data/test1008 @@ -18,26 +18,26 @@ connection-monitor # this is returned first since we get no proxy-auth - -HTTP/1.1 407 Authorization Required to proxy me my dear -Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== -Transfer-Encoding: chunked - -20 -And you should ignore this data. -FA0 -%repeat[4000 x X]% -0 - + +HTTP/1.1 407 Authorization Required to proxy me my dear +Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== +Transfer-Encoding: chunked + +20 +And you should ignore this data. +FA0 +%repeat[4000 x X]% +0 + # This is supposed to be returned when the server gets the second # Authorization: NTLM line passed-in from the client - -HTTP/1.1 200 Things are fine in proxy land -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 - + +HTTP/1.1 200 Things are fine in proxy land +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 + # this is returned when we get a GET! diff --git a/tests/data/test1011 b/tests/data/test1011 index 0ef87ae1a6..f4de4df6a2 100644 --- a/tests/data/test1011 +++ b/tests/data/test1011 @@ -9,32 +9,32 @@ followlocation # # Server-side - -HTTP/1.1 301 OK -Location: moo.html&testcase=/%TESTNUMBER0002 -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 0 - + +HTTP/1.1 301 OK +Location: moo.html&testcase=/%TESTNUMBER0002 +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 0 + - -HTTP/1.1 200 OK swsclose -Location: this should be ignored -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close - + +HTTP/1.1 200 OK swsclose +Location: this should be ignored +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close + body - -HTTP/1.1 301 OK -Location: moo.html&testcase=/%TESTNUMBER0002 -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 0 - -HTTP/1.1 200 OK swsclose -Location: this should be ignored -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close - + +HTTP/1.1 301 OK +Location: moo.html&testcase=/%TESTNUMBER0002 +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 0 + +HTTP/1.1 200 OK swsclose +Location: this should be ignored +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close + body diff --git a/tests/data/test1012 b/tests/data/test1012 index 5ced62b24d..d15e10f28e 100644 --- a/tests/data/test1012 +++ b/tests/data/test1012 @@ -9,32 +9,32 @@ followlocation # # Server-side - -HTTP/1.1 301 OK swsclose -Location: moo.html&testcase=/%TESTNUMBER0002 -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close - + +HTTP/1.1 301 OK swsclose +Location: moo.html&testcase=/%TESTNUMBER0002 +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close + - -HTTP/1.1 200 OK swsclose -Location: this should be ignored -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close - + +HTTP/1.1 200 OK swsclose +Location: this should be ignored +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close + body - -HTTP/1.1 301 OK swsclose -Location: moo.html&testcase=/%TESTNUMBER0002 -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close - -HTTP/1.1 200 OK swsclose -Location: this should be ignored -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close - + +HTTP/1.1 301 OK swsclose +Location: moo.html&testcase=/%TESTNUMBER0002 +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close + +HTTP/1.1 200 OK swsclose +Location: this should be ignored +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close + body diff --git a/tests/data/test1015 b/tests/data/test1015 index 52a7d3e957..beabcd1b90 100644 --- a/tests/data/test1015 +++ b/tests/data/test1015 @@ -10,11 +10,11 @@ HTTP POST # # Server-side - -HTTP/1.1 200 I am cool swsclose -Server: Cool server/10.0 -Content-Length: 0 - + +HTTP/1.1 200 I am cool swsclose +Server: Cool server/10.0 +Content-Length: 0 + diff --git a/tests/data/test1021 b/tests/data/test1021 index 25fb2bfc3c..4d85468e8d 100644 --- a/tests/data/test1021 +++ b/tests/data/test1021 @@ -13,31 +13,31 @@ NTLM # Server-side - -HTTP/1.1 407 Authorization Required to proxy me my dear swsclose -Proxy-Authenticate: NTLM -Content-Length: 16 -Connection: close - + +HTTP/1.1 407 Authorization Required to proxy me my dear swsclose +Proxy-Authenticate: NTLM +Content-Length: 16 +Connection: close + data to discard # this is returned first since we get no proxy-auth - -HTTP/1.1 407 Authorization Required to proxy me my dear -Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== -Content-Length: 28 - + +HTTP/1.1 407 Authorization Required to proxy me my dear +Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== +Content-Length: 28 + 27 bytes and newline to ign # This is supposed to be returned when the server gets the second # Authorization: NTLM line passed-in from the client - -HTTP/1.1 200 Things are fine in proxy land -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 - + +HTTP/1.1 200 Things are fine in proxy land +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 + # this is returned when we get a GET! @@ -106,7 +106,7 @@ http://test.remote.example.com.%TESTNUMBER:%HTTPPORT/path/%TESTNUMBER0002 --prox # Verify data after the test has been "shot" - + CONNECT test.remote.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1024 b/tests/data/test1024 index 24c5e6ca67..7e7f20aa74 100644 --- a/tests/data/test1024 +++ b/tests/data/test1024 @@ -10,57 +10,57 @@ cookies # Server-side - -HTTP/1.1 301 This is a weirdo text message -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Location: ../data/%TESTNUMBER0002.txt -Set-Cookie: firstcookie=want; path=/want/ -Content-Length: 69 - + +HTTP/1.1 301 This is a weirdo text message +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Location: ../data/%TESTNUMBER0002.txt +Set-Cookie: firstcookie=want; path=/want/ +Content-Length: 69 + This server reply is for testing a Location: following with cookies - -HTTP/1.1 301 This is a weirdo text message -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Location: ../want/%TESTNUMBER0003.txt -Set-Cookie: nextcookie=data; path=/data/ -Content-Length: 69 - + +HTTP/1.1 301 This is a weirdo text message +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Location: ../want/%TESTNUMBER0003.txt +Set-Cookie: nextcookie=data; path=/data/ +Content-Length: 69 + This server reply is for testing a Location: following with cookies - -HTTP/1.1 200 Followed here fine -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 52 - + +HTTP/1.1 200 Followed here fine +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 52 + If this is received, the location following worked - -HTTP/1.1 301 This is a weirdo text message -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Location: ../data/%TESTNUMBER0002.txt -Set-Cookie: firstcookie=want; path=/want/ -Content-Length: 69 - -HTTP/1.1 301 This is a weirdo text message -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Location: ../want/%TESTNUMBER0003.txt -Set-Cookie: nextcookie=data; path=/data/ -Content-Length: 69 - -HTTP/1.1 200 Followed here fine -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 52 - + +HTTP/1.1 301 This is a weirdo text message +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Location: ../data/%TESTNUMBER0002.txt +Set-Cookie: firstcookie=want; path=/want/ +Content-Length: 69 + +HTTP/1.1 301 This is a weirdo text message +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Location: ../want/%TESTNUMBER0003.txt +Set-Cookie: nextcookie=data; path=/data/ +Content-Length: 69 + +HTTP/1.1 200 Followed here fine +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 52 + If this is received, the location following worked @@ -84,7 +84,7 @@ cookies # Verify data after the test has been "shot" - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1025 b/tests/data/test1025 index c08a157d57..fb17876055 100644 --- a/tests/data/test1025 +++ b/tests/data/test1025 @@ -10,57 +10,57 @@ cookies # Server-side - -HTTP/1.1 301 This is a weirdo text message -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Location: ../data/%TESTNUMBER0002.txt -Set-Cookie: firstcookie=want; path=/want/ -Content-Length: 69 - + +HTTP/1.1 301 This is a weirdo text message +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Location: ../data/%TESTNUMBER0002.txt +Set-Cookie: firstcookie=want; path=/want/ +Content-Length: 69 + This server reply is for testing a Location: following with cookies - -HTTP/1.1 301 This is a weirdo text message -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Location: ../want/%TESTNUMBER0003.txt -Set-Cookie: nextcookie=data; path=/data/ -Content-Length: 69 - + +HTTP/1.1 301 This is a weirdo text message +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Location: ../want/%TESTNUMBER0003.txt +Set-Cookie: nextcookie=data; path=/data/ +Content-Length: 69 + This server reply is for testing a Location: following with cookies - -HTTP/1.1 200 Followed here fine -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 52 - + +HTTP/1.1 200 Followed here fine +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 52 + If this is received, the location following worked - -HTTP/1.1 301 This is a weirdo text message -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Location: ../data/%TESTNUMBER0002.txt -Set-Cookie: firstcookie=want; path=/want/ -Content-Length: 69 - -HTTP/1.1 301 This is a weirdo text message -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Location: ../want/%TESTNUMBER0003.txt -Set-Cookie: nextcookie=data; path=/data/ -Content-Length: 69 - -HTTP/1.1 200 Followed here fine -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 52 - + +HTTP/1.1 301 This is a weirdo text message +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Location: ../data/%TESTNUMBER0002.txt +Set-Cookie: firstcookie=want; path=/want/ +Content-Length: 69 + +HTTP/1.1 301 This is a weirdo text message +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Location: ../want/%TESTNUMBER0003.txt +Set-Cookie: nextcookie=data; path=/data/ +Content-Length: 69 + +HTTP/1.1 200 Followed here fine +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 52 + If this is received, the location following worked @@ -84,7 +84,7 @@ cookies # Verify data after the test has been "shot" - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1028 b/tests/data/test1028 index 81728c6864..30dafb720d 100644 --- a/tests/data/test1028 +++ b/tests/data/test1028 @@ -13,16 +13,16 @@ FILE # # Server-side - -HTTP/1.1 302 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Content-Type: text/html -Funny-head: yesyes -Location: ftp://%HOSTIP:%FTPPORT/%TESTNUMBER0002 -Content-Length: 0 -Connection: close - + +HTTP/1.1 302 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Content-Type: text/html +Funny-head: yesyes +Location: ftp://%HOSTIP:%FTPPORT/%TESTNUMBER0002 +Content-Length: 0 +Connection: close + data @@ -67,16 +67,16 @@ SIZE %TESTNUMBER0002 RETR %TESTNUMBER0002 QUIT - -HTTP/1.1 302 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Content-Type: text/html -Funny-head: yesyes -Location: ftp://%HOSTIP:%FTPPORT/%TESTNUMBER0002 -Content-Length: 0 -Connection: close - + +HTTP/1.1 302 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Content-Type: text/html +Funny-head: yesyes +Location: ftp://%HOSTIP:%FTPPORT/%TESTNUMBER0002 +Content-Length: 0 +Connection: close + data to see diff --git a/tests/data/test1029 b/tests/data/test1029 index d019bff7b1..ac636449cb 100644 --- a/tests/data/test1029 +++ b/tests/data/test1029 @@ -11,12 +11,12 @@ followlocation # Server-side - -HTTP/1.1 301 This is a weirdo text message swsclose -Location: data/%TESTNUMBER0002.txt?coolsite=yes -Content-Length: 62 -Connection: close - + +HTTP/1.1 301 This is a weirdo text message swsclose +Location: data/%TESTNUMBER0002.txt?coolsite=yes +Content-Length: 62 +Connection: close + This server reply is for testing a simple Location: following @@ -36,19 +36,19 @@ http://%HOSTIP:%HTTPPORT/we/want/our/%TESTNUMBER -w '%{redirect_url} %{url} %{ex # Verify data after the test has been "shot" - + GET /we/want/our/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION Accept: */* - -HTTP/1.1 301 This is a weirdo text message swsclose -Location: data/%TESTNUMBER0002.txt?coolsite=yes -Content-Length: 62 -Connection: close - + +HTTP/1.1 301 This is a weirdo text message swsclose +Location: data/%TESTNUMBER0002.txt?coolsite=yes +Content-Length: 62 +Connection: close + This server reply is for testing a simple Location: following http://%HOSTIP:%HTTPPORT/we/want/our/data/%TESTNUMBER0002.txt?coolsite=yes http://%HOSTIP:%HTTPPORT/we/want/our/%TESTNUMBER 0%spc% diff --git a/tests/data/test1030 b/tests/data/test1030 index 28c6e4b293..3265e60ba6 100644 --- a/tests/data/test1030 +++ b/tests/data/test1030 @@ -10,45 +10,45 @@ HTTP Digest auth # Server-side - -HTTP/1.1 401 Authorization Required -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" -WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" -WWW-Authenticate: Digest realm="gimme all yer s3cr3ts", nonce="11223344" -Content-Length: 26 -Content-Type: text/html; charset=iso-8859-1 - + +HTTP/1.1 401 Authorization Required +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" +WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" +WWW-Authenticate: Digest realm="gimme all yer s3cr3ts", nonce="11223344" +Content-Length: 26 +Content-Type: text/html; charset=iso-8859-1 + This is not the real page # This is supposed to be returned when the server gets a # Authorization: Digest line passed-in from the client - -HTTP/1.1 200 OK -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 -Connection: close - + +HTTP/1.1 200 OK +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 +Connection: close + This IS the real page! - -HTTP/1.1 401 Authorization Required -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" -WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" -WWW-Authenticate: Digest realm="gimme all yer s3cr3ts", nonce="11223344" -Content-Length: 26 -Content-Type: text/html; charset=iso-8859-1 - -HTTP/1.1 200 OK -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 -Connection: close - + +HTTP/1.1 401 Authorization Required +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" +WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" +WWW-Authenticate: Digest realm="gimme all yer s3cr3ts", nonce="11223344" +Content-Length: 26 +Content-Type: text/html; charset=iso-8859-1 + +HTTP/1.1 200 OK +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 +Connection: close + This IS the real page! diff --git a/tests/data/test1031 b/tests/data/test1031 index 39f374b058..6ae80e789b 100644 --- a/tests/data/test1031 +++ b/tests/data/test1031 @@ -59,7 +59,7 @@ http://%HOSTIP:%HTTPPORT/want/this/%TESTNUMBER -L # Verify data after the test has been "shot" - + GET /want/this/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1032 b/tests/data/test1032 index d6d4f9ec4c..48832de961 100644 --- a/tests/data/test1032 +++ b/tests/data/test1032 @@ -42,7 +42,7 @@ HTTP HEAD with --range # # Verify data after the test has been "shot" - + HEAD /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Range: bytes=1-3 diff --git a/tests/data/test1033 b/tests/data/test1033 index 460e7f8806..179d36cf79 100644 --- a/tests/data/test1033 +++ b/tests/data/test1033 @@ -47,7 +47,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1040 b/tests/data/test1040 index 18dab6c578..f5202949e6 100644 --- a/tests/data/test1040 +++ b/tests/data/test1040 @@ -10,11 +10,11 @@ Resume # Server-side - -HTTP/1.1 416 Invalid range -Connection: close -Content-Length: 0 - + +HTTP/1.1 416 Invalid range +Connection: close +Content-Length: 0 + # The file data that exists at the start of the test must be included in @@ -65,7 +65,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -C - # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Range: bytes=100- diff --git a/tests/data/test1041 b/tests/data/test1041 index 22822e49c9..68ec259d6f 100644 --- a/tests/data/test1041 +++ b/tests/data/test1041 @@ -11,15 +11,15 @@ Content-Range # Server-side - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Accept-Ranges: bytes -Content-Length: 0 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Accept-Ranges: bytes +Content-Length: 0 +Connection: close +Content-Type: text/html + diff --git a/tests/data/test1042 b/tests/data/test1042 index 3fb798048f..a21a2c92f4 100644 --- a/tests/data/test1042 +++ b/tests/data/test1042 @@ -11,12 +11,12 @@ FAILURE # Server-side # Some servers (e.g. Apache 1.2) respond this way to an invalid byte range - -HTTP/1.1 200 OK -Connection: close -Content-Length: 100 -Content-Type: text/plain - + +HTTP/1.1 200 OK +Connection: close +Content-Length: 100 +Content-Type: text/plain + 012345678 012345678 012345678 @@ -80,7 +80,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -C 200 33 - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Range: bytes=200- diff --git a/tests/data/test1043 b/tests/data/test1043 index d3ca56b037..74a76e2ad0 100644 --- a/tests/data/test1043 +++ b/tests/data/test1043 @@ -9,14 +9,14 @@ Resume # Server-side - -HTTP/1.1 206 Partial Content -Date: Mon, 13 Nov 2007 13:41:09 GMT -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -Accept-Ranges: bytes -Content-Length: 60 -Content-Range: bytes 40-99/100 - + +HTTP/1.1 206 Partial Content +Date: Mon, 13 Nov 2007 13:41:09 GMT +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +Accept-Ranges: bytes +Content-Length: 60 +Content-Range: bytes 40-99/100 + 012345678 012345678 012345678 @@ -70,7 +70,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -C - # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Range: bytes=40- diff --git a/tests/data/test1044 b/tests/data/test1044 index 5486b344ed..38ca5f007d 100644 --- a/tests/data/test1044 +++ b/tests/data/test1044 @@ -49,10 +49,10 @@ SIZE %TESTNUMBER REST 0 QUIT - -Last-Modified: Sat, 26 Jul 2008 10:26:59 GMT -Content-Length: 9999999999 -Accept-ranges: bytes + +Last-Modified: Sat, 26 Jul 2008 10:26:59 GMT +Content-Length: 9999999999 +Accept-ranges: bytes diff --git a/tests/data/test1045 b/tests/data/test1045 index 6fdfbfe205..f7d019f0d2 100644 --- a/tests/data/test1045 +++ b/tests/data/test1045 @@ -10,14 +10,14 @@ HTTP GET # # Server-side - -HTTP/1.1 200 OK -Date: Mon, 28 Jul 2008 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/plain - + +HTTP/1.1 200 OK +Date: Mon, 28 Jul 2008 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/plain + -foo- @@ -39,7 +39,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --interface %CLIENTIP # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1046 b/tests/data/test1046 index 3cf9d57bca..77b924e3f2 100644 --- a/tests/data/test1046 +++ b/tests/data/test1046 @@ -11,14 +11,14 @@ IPv6 # # Server-side - -HTTP/1.1 200 OK -Date: Mon, 28 Jul 2008 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/plain - + +HTTP/1.1 200 OK +Date: Mon, 28 Jul 2008 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/plain + -foo- @@ -43,7 +43,7 @@ HTTP-IPv6 GET with numeric localhost --interface # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOST6IP:%HTTP6PORT User-Agent: curl/%VERSION diff --git a/tests/data/test1051 b/tests/data/test1051 index 70a714cde7..56db0655f2 100644 --- a/tests/data/test1051 +++ b/tests/data/test1051 @@ -9,40 +9,40 @@ followlocation # Server-side - -HTTP/1.1 301 Redirect swsclose -Date: Thu, 29 Jul 2008 14:49:00 GMT -Server: test-server/fake -Location: data/%TESTNUMBER0002.txt?coolsite=yes -Content-Length: 0 -Connection: close - + +HTTP/1.1 301 Redirect swsclose +Date: Thu, 29 Jul 2008 14:49:00 GMT +Server: test-server/fake +Location: data/%TESTNUMBER0002.txt?coolsite=yes +Content-Length: 0 +Connection: close + - -HTTP/1.1 100 Continue - -HTTP/1.1 200 Followed here fine swsclose -Date: Thu, 29 Jul 2008 14:49:00 GMT -Server: test-server/fake -Content-Length: 51 - + +HTTP/1.1 100 Continue + +HTTP/1.1 200 Followed here fine swsclose +Date: Thu, 29 Jul 2008 14:49:00 GMT +Server: test-server/fake +Content-Length: 51 + If this is received, the location following worked - -HTTP/1.1 301 Redirect swsclose -Date: Thu, 29 Jul 2008 14:49:00 GMT -Server: test-server/fake -Location: data/%TESTNUMBER0002.txt?coolsite=yes -Content-Length: 0 -Connection: close - -HTTP/1.1 100 Continue - -HTTP/1.1 200 Followed here fine swsclose -Date: Thu, 29 Jul 2008 14:49:00 GMT -Server: test-server/fake -Content-Length: 51 - + +HTTP/1.1 301 Redirect swsclose +Date: Thu, 29 Jul 2008 14:49:00 GMT +Server: test-server/fake +Location: data/%TESTNUMBER0002.txt?coolsite=yes +Content-Length: 0 +Connection: close + +HTTP/1.1 100 Continue + +HTTP/1.1 200 Followed here fine swsclose +Date: Thu, 29 Jul 2008 14:49:00 GMT +Server: test-server/fake +Content-Length: 51 + If this is received, the location following worked diff --git a/tests/data/test1052 b/tests/data/test1052 index ec92d479df..c3b62cc12f 100644 --- a/tests/data/test1052 +++ b/tests/data/test1052 @@ -9,36 +9,36 @@ followlocation # Server-side - -HTTP/1.0 301 Redirect swsclose -Date: Thu, 29 Jul 2008 14:49:00 GMT -Server: test-server/fake -Location: data/%TESTNUMBER0002.txt?coolsite=yes -Content-Length: 0 -Connection: close - + +HTTP/1.0 301 Redirect swsclose +Date: Thu, 29 Jul 2008 14:49:00 GMT +Server: test-server/fake +Location: data/%TESTNUMBER0002.txt?coolsite=yes +Content-Length: 0 +Connection: close + - -HTTP/1.0 200 Followed here fine swsclose -Date: Thu, 29 Jul 2008 14:49:00 GMT -Server: test-server/fake -Content-Length: 51 - + +HTTP/1.0 200 Followed here fine swsclose +Date: Thu, 29 Jul 2008 14:49:00 GMT +Server: test-server/fake +Content-Length: 51 + If this is received, the location following worked - -HTTP/1.0 301 Redirect swsclose -Date: Thu, 29 Jul 2008 14:49:00 GMT -Server: test-server/fake -Location: data/%TESTNUMBER0002.txt?coolsite=yes -Content-Length: 0 -Connection: close - -HTTP/1.0 200 Followed here fine swsclose -Date: Thu, 29 Jul 2008 14:49:00 GMT -Server: test-server/fake -Content-Length: 51 - + +HTTP/1.0 301 Redirect swsclose +Date: Thu, 29 Jul 2008 14:49:00 GMT +Server: test-server/fake +Location: data/%TESTNUMBER0002.txt?coolsite=yes +Content-Length: 0 +Connection: close + +HTTP/1.0 200 Followed here fine swsclose +Date: Thu, 29 Jul 2008 14:49:00 GMT +Server: test-server/fake +Content-Length: 51 + If this is received, the location following worked diff --git a/tests/data/test1053 b/tests/data/test1053 index 30ca83ab2d..171d4647a8 100644 --- a/tests/data/test1053 +++ b/tests/data/test1053 @@ -11,39 +11,39 @@ followlocation # Server-side - -HTTP/1.1 307 Redirect swsclose -Date: Thu, 29 Jul 2008 14:49:00 GMT -Server: test-server/fake -Location: data/%TESTNUMBER0002.txt?coolsite=yes -Content-Length: 0 -Connection: close - + +HTTP/1.1 307 Redirect swsclose +Date: Thu, 29 Jul 2008 14:49:00 GMT +Server: test-server/fake +Location: data/%TESTNUMBER0002.txt?coolsite=yes +Content-Length: 0 +Connection: close + - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 11 -Connection: close - + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 11 +Connection: close + blablabla - -HTTP/1.1 307 Redirect swsclose -Date: Thu, 29 Jul 2008 14:49:00 GMT -Server: test-server/fake -Location: data/%TESTNUMBER0002.txt?coolsite=yes -Content-Length: 0 -Connection: close - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 11 -Connection: close - + +HTTP/1.1 307 Redirect swsclose +Date: Thu, 29 Jul 2008 14:49:00 GMT +Server: test-server/fake +Location: data/%TESTNUMBER0002.txt?coolsite=yes +Content-Length: 0 +Connection: close + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 11 +Connection: close + blablabla diff --git a/tests/data/test1054 b/tests/data/test1054 index 49ca87ba33..be45c816c8 100644 --- a/tests/data/test1054 +++ b/tests/data/test1054 @@ -10,30 +10,30 @@ followlocation # # Server-side - -HTTP/1.1 301 OK swsclose -Location: moo/testcase/%TESTNUMBER0002 -Date: Thu, 31 Jul 2008 14:49:00 GMT -Connection: close - + +HTTP/1.1 301 OK swsclose +Location: moo/testcase/%TESTNUMBER0002 +Date: Thu, 31 Jul 2008 14:49:00 GMT +Connection: close + - -HTTP/1.1 200 OK swsclose -Date: Thu, 31 Jul 2008 14:49:00 GMT -Connection: close - + +HTTP/1.1 200 OK swsclose +Date: Thu, 31 Jul 2008 14:49:00 GMT +Connection: close + body - -HTTP/1.1 301 OK swsclose -Location: moo/testcase/%TESTNUMBER0002 -Date: Thu, 31 Jul 2008 14:49:00 GMT -Connection: close - -HTTP/1.1 200 OK swsclose -Date: Thu, 31 Jul 2008 14:49:00 GMT -Connection: close - + +HTTP/1.1 301 OK swsclose +Location: moo/testcase/%TESTNUMBER0002 +Date: Thu, 31 Jul 2008 14:49:00 GMT +Connection: close + +HTTP/1.1 200 OK swsclose +Date: Thu, 31 Jul 2008 14:49:00 GMT +Connection: close + body diff --git a/tests/data/test1055 b/tests/data/test1055 index 2d1c604b4d..c09561a4f0 100644 --- a/tests/data/test1055 +++ b/tests/data/test1055 @@ -13,15 +13,15 @@ STOR # # Server-side - -HTTP/1.1 307 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Content-Type: text/html -Location: ftp://%HOSTIP:%FTPPORT/%TESTNUMBER -Content-Length: 0 -Connection: close - + +HTTP/1.1 307 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Content-Type: text/html +Location: ftp://%HOSTIP:%FTPPORT/%TESTNUMBER +Content-Length: 0 +Connection: close + diff --git a/tests/data/test1056 b/tests/data/test1056 index c0b74ec83f..babb2d6e02 100644 --- a/tests/data/test1056 +++ b/tests/data/test1056 @@ -11,30 +11,30 @@ IPv6 # # Server-side - -HTTP/1.1 302 OK swsclose -Location: http://[::1%259999]:%HTTP6PORT/moo/%TESTNUMBER0002 -Date: Thu, 31 Jul 2008 14:49:00 GMT -Connection: close - + +HTTP/1.1 302 OK swsclose +Location: http://[::1%259999]:%HTTP6PORT/moo/%TESTNUMBER0002 +Date: Thu, 31 Jul 2008 14:49:00 GMT +Connection: close + - -HTTP/1.1 200 OK swsclose -Date: Thu, 31 Jul 2008 14:49:00 GMT -Connection: close - + +HTTP/1.1 200 OK swsclose +Date: Thu, 31 Jul 2008 14:49:00 GMT +Connection: close + body - -HTTP/1.1 302 OK swsclose -Location: http://[::1%259999]:%HTTP6PORT/moo/%TESTNUMBER0002 -Date: Thu, 31 Jul 2008 14:49:00 GMT -Connection: close - -HTTP/1.1 200 OK swsclose -Date: Thu, 31 Jul 2008 14:49:00 GMT -Connection: close - + +HTTP/1.1 302 OK swsclose +Location: http://[::1%259999]:%HTTP6PORT/moo/%TESTNUMBER0002 +Date: Thu, 31 Jul 2008 14:49:00 GMT +Connection: close + +HTTP/1.1 200 OK swsclose +Date: Thu, 31 Jul 2008 14:49:00 GMT +Connection: close + body @@ -66,7 +66,7 @@ http://%HOSTIP:%HTTPPORT/we/are/all/twits/%TESTNUMBER -L # # Verify data after the test has been "shot" - + GET /we/are/all/twits/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1058 b/tests/data/test1058 index ec7a59c80b..38234e2a95 100644 --- a/tests/data/test1058 +++ b/tests/data/test1058 @@ -9,15 +9,15 @@ Content-Range # Server-side - -HTTP/1.1 206 Partial Content -Date: Thu, 31 Jul 2008 13:41:09 GMT -Accept-Ranges: bytes -Content-Length: 101 -Content-Range: bytes 100-200/201 -Connection: close -Content-Type: text/html - + +HTTP/1.1 206 Partial Content +Date: Thu, 31 Jul 2008 13:41:09 GMT +Accept-Ranges: bytes +Content-Length: 101 +Content-Range: bytes 100-200/201 +Connection: close +Content-Type: text/html + ..partial data returned from the server as a result of setting an explicit byte range in the request @@ -39,7 +39,7 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -r -101 # Verify data after the test has been "shot" - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Range: bytes=-101 diff --git a/tests/data/test1059 b/tests/data/test1059 index 44a3ed8a53..688b92850a 100644 --- a/tests/data/test1059 +++ b/tests/data/test1059 @@ -12,12 +12,12 @@ FAILURE # # Server-side - -HTTP/1.1 501 Method not implemented swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close -Content-Length: 0 - + +HTTP/1.1 501 Method not implemented swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close +Content-Length: 0 + @@ -46,7 +46,7 @@ ftp://test-number:%TESTNUMBER/wanted/page -p -x %HOSTIP:%HTTPPORT 56 - + CONNECT test-number:%TESTNUMBER HTTP/1.1 Host: test-number:%TESTNUMBER User-Agent: curl/%VERSION diff --git a/tests/data/test1060 b/tests/data/test1060 index d87124a7f5..6e557a1c5f 100644 --- a/tests/data/test1060 +++ b/tests/data/test1060 @@ -14,12 +14,12 @@ HTTP proxy Digest auth # this is returned first since we get no proxy-auth - -HTTP/1.1 407 Authorization Required to proxy me my dear -Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345" -Content-Length: 35701 -X-tra-long-header: %repeat[16080 x a]% - + +HTTP/1.1 407 Authorization Required to proxy me my dear +Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345" +Content-Length: 35701 +X-tra-long-header: %repeat[16080 x a]% + %repeat[700 x And you should ignore this data. aaaaaaaaaaaaaaaa %0a]% @@ -83,7 +83,7 @@ http://test.remote.haxx.se.%TESTNUMBER:8990/path/%TESTNUMBER0002 --proxy http:// # Verify data after the test has been "shot" - + CONNECT test.remote.haxx.se.%TESTNUMBER:8990 HTTP/1.1 Host: test.remote.haxx.se.%TESTNUMBER:8990 User-Agent: curl/%VERSION diff --git a/tests/data/test1061 b/tests/data/test1061 index 46ad8f98f7..74e2c44d00 100644 --- a/tests/data/test1061 +++ b/tests/data/test1061 @@ -88,7 +88,7 @@ http://test.remote.haxx.se.%TESTNUMBER:8990/path/%TESTNUMBER0002 --proxy http:// # Verify data after the test has been "shot" - + CONNECT test.remote.haxx.se.%TESTNUMBER:8990 HTTP/1.1 Host: test.remote.haxx.se.%TESTNUMBER:8990 User-Agent: curl/%VERSION diff --git a/tests/data/test1064 b/tests/data/test1064 index 0d3536c15b..e3872a8dfc 100644 --- a/tests/data/test1064 +++ b/tests/data/test1064 @@ -7,20 +7,20 @@ HTTP PUT - -HTTP/1.1 200 A OK -Server: curl test -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 200 A OK +Server: curl test +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok - -HTTP/1.1 200 A OK -Server: curl test -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 9 - + +HTTP/1.1 200 A OK +Server: curl test +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 9 + still ok @@ -60,18 +60,18 @@ Content-Length: 5 test - -HTTP/1.1 200 A OK -Server: curl test -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 200 A OK +Server: curl test +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok -HTTP/1.1 200 A OK -Server: curl test -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 9 - +HTTP/1.1 200 A OK +Server: curl test +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 9 + still ok diff --git a/tests/data/test1065 b/tests/data/test1065 index b66ed29ed2..bcdabbb394 100644 --- a/tests/data/test1065 +++ b/tests/data/test1065 @@ -8,20 +8,20 @@ HTTP GET - -HTTP/1.1 200 A OK -Server: curl test -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 200 A OK +Server: curl test +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok - -HTTP/1.1 200 A OK -Server: curl test -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 9 - + +HTTP/1.1 200 A OK +Server: curl test +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 9 + still ok @@ -59,18 +59,18 @@ User-Agent: curl/%VERSION Accept: */* - -HTTP/1.1 200 A OK -Server: curl test -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 200 A OK +Server: curl test +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok -HTTP/1.1 200 A OK -Server: curl test -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 9 - +HTTP/1.1 200 A OK +Server: curl test +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 9 + still ok diff --git a/tests/data/test1066 b/tests/data/test1066 index 7ac4903d1f..3cb465c107 100644 --- a/tests/data/test1066 +++ b/tests/data/test1066 @@ -8,20 +8,20 @@ HTTP GET # Server-side - -HTTP/1.1 200 OK -Server: thebest/1.0 -Content-Type: text/plain -Content-Length: 6 - + +HTTP/1.1 200 OK +Server: thebest/1.0 +Content-Type: text/plain +Content-Length: 6 + first - -HTTP/1.1 200 OK -Server: thebest/1.0 -Content-Type: text/plain -Content-Length: 7 - + +HTTP/1.1 200 OK +Server: thebest/1.0 +Content-Type: text/plain +Content-Length: 7 + second @@ -41,7 +41,7 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER http://%HOSTIP:%HTTPPORT/want/%TESTNUM # Verify data after the test has been "shot" - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1067 b/tests/data/test1067 index 85a5f8bc3f..7085c60121 100644 --- a/tests/data/test1067 +++ b/tests/data/test1067 @@ -59,7 +59,7 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER --silent --location --referer "firston # Verify data after the test has been "shot" - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1068 b/tests/data/test1068 index 982385400e..7c0406236f 100644 --- a/tests/data/test1068 +++ b/tests/data/test1068 @@ -10,11 +10,11 @@ chunked Transfer-Encoding # Server-side - -HTTP/1.0 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake - + +HTTP/1.0 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake + blablabla diff --git a/tests/data/test1070 b/tests/data/test1070 index f199e71d4b..39e2d408f8 100644 --- a/tests/data/test1070 +++ b/tests/data/test1070 @@ -8,13 +8,13 @@ HTTP POST # # Server-side - -HTTP/1.1 403 Go away and swsclose -Server: test-server/fake -Content-Type: text/html -Content-Length: 55 -Connection: close - + +HTTP/1.1 403 Go away and swsclose +Server: test-server/fake +Content-Type: text/html +Content-Length: 55 +Connection: close + you are not supposed to be allowed to send things here diff --git a/tests/data/test1071 b/tests/data/test1071 index c98a8cd4aa..50b8a460eb 100644 --- a/tests/data/test1071 +++ b/tests/data/test1071 @@ -14,47 +14,47 @@ HTTP/1.0 # Server-side - -HTTP/1.0 401 Authorization Required swsclose -Server: testcurl -WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" -WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" -WWW-Authenticate: Digest realm="gimme all yer s3cr3ts", nonce="11223344" -Content-Type: text/plain -Content-Length: 35 -Connection: close - + +HTTP/1.0 401 Authorization Required swsclose +Server: testcurl +WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" +WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" +WWW-Authenticate: Digest realm="gimme all yer s3cr3ts", nonce="11223344" +Content-Type: text/plain +Content-Length: 35 +Connection: close + Try again on this HTTP 1.0 server! # This is supposed to be returned when the server gets a # Authorization: Digest line passed-in from the client - -HTTP/1.0 200 OK swsclose -Server: testcurl -Content-Type: text/plain -Content-Length: 23 -Connection: close - + +HTTP/1.0 200 OK swsclose +Server: testcurl +Content-Type: text/plain +Content-Length: 23 +Connection: close + This IS the real page! - -HTTP/1.0 401 Authorization Required swsclose -Server: testcurl -WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" -WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" -WWW-Authenticate: Digest realm="gimme all yer s3cr3ts", nonce="11223344" -Content-Type: text/plain -Content-Length: 35 -Connection: close - -HTTP/1.0 200 OK swsclose -Server: testcurl -Content-Type: text/plain -Content-Length: 23 -Connection: close - + +HTTP/1.0 401 Authorization Required swsclose +Server: testcurl +WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" +WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" +WWW-Authenticate: Digest realm="gimme all yer s3cr3ts", nonce="11223344" +Content-Type: text/plain +Content-Length: 35 +Connection: close + +HTTP/1.0 200 OK swsclose +Server: testcurl +Content-Type: text/plain +Content-Length: 23 +Connection: close + This IS the real page! diff --git a/tests/data/test1072 b/tests/data/test1072 index 49d2c4f9fe..42729a4f8f 100644 --- a/tests/data/test1072 +++ b/tests/data/test1072 @@ -15,16 +15,16 @@ chunked Transfer-Encoding # Server-side - -HTTP/1.0 401 Authorization Required swsclose -Server: testcurl -WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" -WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" -WWW-Authenticate: Digest realm="gimme all yer s3cr3ts", nonce="11223344" -Content-Type: text/plain -Content-Length: 0 -Connection: close - + +HTTP/1.0 401 Authorization Required swsclose +Server: testcurl +WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" +WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" +WWW-Authenticate: Digest realm="gimme all yer s3cr3ts", nonce="11223344" +Content-Type: text/plain +Content-Length: 0 +Connection: close + diff --git a/tests/data/test1073 b/tests/data/test1073 index f415f0b271..cd41e789e0 100644 --- a/tests/data/test1073 +++ b/tests/data/test1073 @@ -14,14 +14,14 @@ chunked Transfer-Encoding # Server-side - -HTTP/1.0 301 Redirect swsclose -Server: testcurl -Content-Type: text/plain -Location: /newlocation/%TESTNUMBER0002 -Content-Length: 0 -Connection: close - + +HTTP/1.0 301 Redirect swsclose +Server: testcurl +Content-Type: text/plain +Location: /newlocation/%TESTNUMBER0002 +Content-Length: 0 +Connection: close + diff --git a/tests/data/test1074 b/tests/data/test1074 index 77d4caac72..cbdd5cafac 100644 --- a/tests/data/test1074 +++ b/tests/data/test1074 @@ -10,19 +10,19 @@ DELAY # Server-side - -HTTP/1.0 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 9 -Connection: Keep-Alive - + +HTTP/1.0 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 9 +Connection: Keep-Alive + surprise - -HTTP/1.0 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close - + +HTTP/1.0 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close + surprise2 @@ -46,21 +46,21 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER http://%HOSTIP:%HTTPPORT/wantmore/%TES # Verify data after the test has been "shot" - -HTTP/1.0 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 9 -Connection: Keep-Alive - + +HTTP/1.0 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 9 +Connection: Keep-Alive + surprise -HTTP/1.0 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close - +HTTP/1.0 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close + surprise2 - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1075 b/tests/data/test1075 index 0a6e6d3c19..8ab8e21cf4 100644 --- a/tests/data/test1075 +++ b/tests/data/test1075 @@ -13,33 +13,33 @@ HTTP Basic auth # The test server provides no way to respond differently to a subsequent # Basic authenticated request (we really want to respond with 200 for # the second), so just respond with 401 for both and let curl deal with it. - -HTTP/1.1 401 Authorization Required -Server: testcurl -WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" -WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" -WWW-Authenticate: X-bogus-auth realm="gimme all yer s3cr3ts" -Content-Type: text/plain -Content-Length: 0 - + +HTTP/1.1 401 Authorization Required +Server: testcurl +WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" +WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" +WWW-Authenticate: X-bogus-auth realm="gimme all yer s3cr3ts" +Content-Type: text/plain +Content-Length: 0 + - -HTTP/1.1 401 Authorization Required -Server: testcurl -WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" -WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" -WWW-Authenticate: X-bogus-auth realm="gimme all yer s3cr3ts" -Content-Type: text/plain -Content-Length: 0 - -HTTP/1.1 401 Authorization Required -Server: testcurl -WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" -WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" -WWW-Authenticate: X-bogus-auth realm="gimme all yer s3cr3ts" -Content-Type: text/plain -Content-Length: 0 - + +HTTP/1.1 401 Authorization Required +Server: testcurl +WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" +WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" +WWW-Authenticate: X-bogus-auth realm="gimme all yer s3cr3ts" +Content-Type: text/plain +Content-Length: 0 + +HTTP/1.1 401 Authorization Required +Server: testcurl +WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" +WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" +WWW-Authenticate: X-bogus-auth realm="gimme all yer s3cr3ts" +Content-Type: text/plain +Content-Length: 0 + diff --git a/tests/data/test1077 b/tests/data/test1077 index 847aa013d2..fd2d5fcd6c 100644 --- a/tests/data/test1077 +++ b/tests/data/test1077 @@ -12,26 +12,26 @@ HTTP proxy # # Server-side - -HTTP/1.0 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Type: text/plain -Content-Length: 9 -Funny-head: yesyes -Proxy-Connection: Keep-Alive - + +HTTP/1.0 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/plain +Content-Length: 9 +Funny-head: yesyes +Proxy-Connection: Keep-Alive + contents - -HTTP/1.0 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Type: text/plain -Content-Length: 9 -Funny-head: yesyes -Proxy-Connection: Keep-Alive - + +HTTP/1.0 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/plain +Content-Length: 9 +Funny-head: yesyes +Proxy-Connection: Keep-Alive + contents @@ -57,7 +57,7 @@ FTP over HTTP proxy with downgrade to HTTP 1.0 # # Verify data after the test has been "shot" - + GET ftp://%HOSTIP:%HTTPPORT/we/want/that/page/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1078 b/tests/data/test1078 index 9ec0f44eec..58923ee521 100644 --- a/tests/data/test1078 +++ b/tests/data/test1078 @@ -13,21 +13,21 @@ proxytunnel # # Server-side - -HTTP/1.1 200 Mighty fine indeed -Server: test tunnel 2000 - + +HTTP/1.1 200 Mighty fine indeed +Server: test tunnel 2000 + - -HTTP/1.0 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Type: text/html -Funny-head: yesyes -Content-Length: 9 -Connection: keep-alive - + +HTTP/1.0 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/html +Funny-head: yesyes +Content-Length: 9 +Connection: keep-alive + contents @@ -53,14 +53,14 @@ proxy # # Verify data after the test has been "shot" - -CONNECT %HOSTIP:%HTTPPORT HTTP/1.0 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - + +CONNECT %HOSTIP:%HTTPPORT HTTP/1.0 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + - + GET /we/want/that/page/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -72,27 +72,27 @@ User-Agent: curl/%VERSION Accept: */* - -HTTP/1.1 200 Mighty fine indeed -Server: test tunnel 2000 - -HTTP/1.0 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Type: text/html -Funny-head: yesyes -Content-Length: 9 -Connection: keep-alive - + +HTTP/1.1 200 Mighty fine indeed +Server: test tunnel 2000 + +HTTP/1.0 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/html +Funny-head: yesyes +Content-Length: 9 +Connection: keep-alive + contents -HTTP/1.0 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Type: text/html -Funny-head: yesyes -Content-Length: 9 -Connection: keep-alive - +HTTP/1.0 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/html +Funny-head: yesyes +Content-Length: 9 +Connection: keep-alive + contents diff --git a/tests/data/test1079 b/tests/data/test1079 index 418a25db0a..2ed82bd650 100644 --- a/tests/data/test1079 +++ b/tests/data/test1079 @@ -9,13 +9,13 @@ HTTP Digest auth # Server-side - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" -Content-Type: text/plain; charset=iso-8859-1 -Content-Length: 26 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" +Content-Type: text/plain; charset=iso-8859-1 +Content-Length: 26 + This is not the real page @@ -25,13 +25,13 @@ This is not the real page - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" -Content-Type: text/plain; charset=iso-8859-1 -Content-Length: 26 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" +Content-Type: text/plain; charset=iso-8859-1 +Content-Length: 26 + @@ -59,7 +59,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --digest 52 - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1080 b/tests/data/test1080 index 6848f61bf0..504f3651d3 100644 --- a/tests/data/test1080 +++ b/tests/data/test1080 @@ -11,12 +11,12 @@ followlocation # Server-side - -HTTP/1.1 301 This is a weirdo text message swsclose -Location: data/%TESTNUMBER0002.txt?coolsite=yes -Content-Length: 62 -Connection: close - + +HTTP/1.1 301 This is a weirdo text message swsclose +Location: data/%TESTNUMBER0002.txt?coolsite=yes +Content-Length: 62 +Connection: close + This server reply is for testing a simple Location: following @@ -36,7 +36,7 @@ http://%HOSTIP:%HTTPPORT/we/want/our/%TESTNUMBER http://%HOSTIP:%HTTPPORT/we/wan # Verify data after the test has been "shot" - + GET /we/want/our/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -48,19 +48,19 @@ User-Agent: curl/%VERSION Accept: */* - -HTTP/1.1 301 This is a weirdo text message swsclose -Location: data/%TESTNUMBER0002.txt?coolsite=yes -Content-Length: 62 -Connection: close - + +HTTP/1.1 301 This is a weirdo text message swsclose +Location: data/%TESTNUMBER0002.txt?coolsite=yes +Content-Length: 62 +Connection: close + This server reply is for testing a simple Location: following http://%HOSTIP:%HTTPPORT/we/want/our/data/%TESTNUMBER0002.txt?coolsite=yes -HTTP/1.1 301 This is a weirdo text message swsclose -Location: data/%TESTNUMBER0002.txt?coolsite=yes -Content-Length: 62 -Connection: close - +HTTP/1.1 301 This is a weirdo text message swsclose +Location: data/%TESTNUMBER0002.txt?coolsite=yes +Content-Length: 62 +Connection: close + This server reply is for testing a simple Location: following http://%HOSTIP:%HTTPPORT/we/want/our/data/%TESTNUMBER0002.txt?coolsite=yes diff --git a/tests/data/test1081 b/tests/data/test1081 index 418804d330..3059b0acfc 100644 --- a/tests/data/test1081 +++ b/tests/data/test1081 @@ -11,20 +11,20 @@ followlocation # Server-side - -HTTP/1.1 301 This is a weirdo text message swsclose -Location: data/%TESTNUMBER0099.txt?coolsite=yes -Content-Length: 62 -Connection: close - + +HTTP/1.1 301 This is a weirdo text message swsclose +Location: data/%TESTNUMBER0099.txt?coolsite=yes +Content-Length: 62 +Connection: close + This server reply is for testing a simple Location: following - -HTTP/1.1 200 Followed here fine swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 41 - + +HTTP/1.1 200 Followed here fine swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 41 + This second URL does not have a location @@ -44,7 +44,7 @@ http://%HOSTIP:%HTTPPORT/we/want/our/%TESTNUMBER http://%HOSTIP:%HTTPPORT/we/wan # Verify data after the test has been "shot" - + GET /we/want/our/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -56,19 +56,19 @@ User-Agent: curl/%VERSION Accept: */* - -HTTP/1.1 301 This is a weirdo text message swsclose -Location: data/%TESTNUMBER0099.txt?coolsite=yes -Content-Length: 62 -Connection: close - + +HTTP/1.1 301 This is a weirdo text message swsclose +Location: data/%TESTNUMBER0099.txt?coolsite=yes +Content-Length: 62 +Connection: close + This server reply is for testing a simple Location: following http://%HOSTIP:%HTTPPORT/we/want/our/data/%TESTNUMBER0099.txt?coolsite=yes -HTTP/1.1 200 Followed here fine swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 41 - +HTTP/1.1 200 Followed here fine swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 41 + This second URL does not have a location diff --git a/tests/data/test1082 b/tests/data/test1082 index cc9d461cfe..cf2cb09ca4 100644 --- a/tests/data/test1082 +++ b/tests/data/test1082 @@ -10,14 +10,14 @@ HTTP GET # # Server-side - -HTTP/1.1 200 OK -Date: Mon, 28 Jul 2008 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/plain - + +HTTP/1.1 200 OK +Date: Mon, 28 Jul 2008 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/plain + -foo- @@ -42,7 +42,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -4 --interface 127.0.0.1 # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1083 b/tests/data/test1083 index eb3fc7cfc3..b2bf5c01f9 100644 --- a/tests/data/test1083 +++ b/tests/data/test1083 @@ -11,14 +11,14 @@ IPv6 # # Server-side - -HTTP/1.1 200 OK -Date: Mon, 28 Jul 2008 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/plain - + +HTTP/1.1 200 OK +Date: Mon, 28 Jul 2008 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/plain + -foo- @@ -46,7 +46,7 @@ HTTP-IPv6 GET with ip6-localhost --interface # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOST6IP:%HTTP6PORT User-Agent: curl/%VERSION diff --git a/tests/data/test1087 b/tests/data/test1087 index 6891fd1b84..fe1b1f753a 100644 --- a/tests/data/test1087 +++ b/tests/data/test1087 @@ -13,57 +13,57 @@ followlocation # # Server-side - -HTTP/1.1 401 Authorization Required -WWW-Authenticate: Basic -Content-Type: text/plain -Content-Length: 0 - + +HTTP/1.1 401 Authorization Required +WWW-Authenticate: Basic +Content-Type: text/plain +Content-Length: 0 + - -HTTP/1.1 302 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Content-Type: text/plain -Funny-head: yesyes -Location: http://goto.second.host.now/%TESTNUMBER1002 -Content-Length: 0 -Connection: close - + +HTTP/1.1 302 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Content-Type: text/plain +Funny-head: yesyes +Location: http://goto.second.host.now/%TESTNUMBER1002 +Content-Length: 0 +Connection: close + - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Content-Type: text/plain -Funny-head: yesyes -Content-Length: 9 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Content-Type: text/plain +Funny-head: yesyes +Content-Length: 9 + contents - -HTTP/1.1 401 Authorization Required -WWW-Authenticate: Basic -Content-Type: text/plain -Content-Length: 0 - -HTTP/1.1 302 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Content-Type: text/plain -Funny-head: yesyes -Location: http://goto.second.host.now/%TESTNUMBER1002 -Content-Length: 0 -Connection: close - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Content-Type: text/plain -Funny-head: yesyes -Content-Length: 9 - + +HTTP/1.1 401 Authorization Required +WWW-Authenticate: Basic +Content-Type: text/plain +Content-Length: 0 + +HTTP/1.1 302 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Content-Type: text/plain +Funny-head: yesyes +Location: http://goto.second.host.now/%TESTNUMBER1002 +Content-Length: 0 +Connection: close + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Content-Type: text/plain +Funny-head: yesyes +Content-Length: 9 + contents @@ -88,7 +88,7 @@ proxy # # Verify data after the test has been "shot" - + GET http://first.host.it.is/we/want/that/page/%TESTNUMBER1000 HTTP/1.1 Host: first.host.it.is User-Agent: curl/%VERSION diff --git a/tests/data/test1088 b/tests/data/test1088 index 08d418a72e..8b262052ee 100644 --- a/tests/data/test1088 +++ b/tests/data/test1088 @@ -14,57 +14,57 @@ followlocation # # Server-side - -HTTP/1.1 401 Authorization Required -WWW-Authenticate: Basic -Content-Type: text/plain -Content-Length: 0 - + +HTTP/1.1 401 Authorization Required +WWW-Authenticate: Basic +Content-Type: text/plain +Content-Length: 0 + - -HTTP/1.1 302 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Content-Type: text/plain -Funny-head: yesyes -Location: http://goto.second.host.now/%TESTNUMBER1002 -Content-Length: 0 -Connection: close - + +HTTP/1.1 302 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Content-Type: text/plain +Funny-head: yesyes +Location: http://goto.second.host.now/%TESTNUMBER1002 +Content-Length: 0 +Connection: close + - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Content-Type: text/plain -Funny-head: yesyes -Content-Length: 9 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Content-Type: text/plain +Funny-head: yesyes +Content-Length: 9 + contents - -HTTP/1.1 401 Authorization Required -WWW-Authenticate: Basic -Content-Type: text/plain -Content-Length: 0 - -HTTP/1.1 302 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Content-Type: text/plain -Funny-head: yesyes -Location: http://goto.second.host.now/%TESTNUMBER1002 -Content-Length: 0 -Connection: close - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Content-Type: text/plain -Funny-head: yesyes -Content-Length: 9 - + +HTTP/1.1 401 Authorization Required +WWW-Authenticate: Basic +Content-Type: text/plain +Content-Length: 0 + +HTTP/1.1 302 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Content-Type: text/plain +Funny-head: yesyes +Location: http://goto.second.host.now/%TESTNUMBER1002 +Content-Length: 0 +Connection: close + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Content-Type: text/plain +Funny-head: yesyes +Content-Length: 9 + contents @@ -89,7 +89,7 @@ proxy # # Verify data after the test has been "shot" - + GET http://first.host.it.is/we/want/that/page/%TESTNUMBER1000 HTTP/1.1 Host: first.host.it.is User-Agent: curl/%VERSION diff --git a/tests/data/test1089 b/tests/data/test1089 index b65f0ddd4f..82ff880ff0 100644 --- a/tests/data/test1089 +++ b/tests/data/test1089 @@ -11,23 +11,23 @@ followlocation # # Server-side - -HTTP/1.1 302 OK swsbounce swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 8 -Connection: close -Content-Type: text/plain -Location: ./%TESTNUMBER0001 - + +HTTP/1.1 302 OK swsbounce swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 8 +Connection: close +Content-Type: text/plain +Location: ./%TESTNUMBER0001 + monster - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 15 -Connection: close -Content-Type: text/plain; charset=us-ascii - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 15 +Connection: close +Content-Type: text/plain; charset=us-ascii + bigger monster @@ -50,7 +50,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w "%{num_connects}\n%{num_redirects}\n%{si # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -63,20 +63,20 @@ Accept: */* - -HTTP/1.1 302 OK swsbounce swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 8 -Connection: close -Content-Type: text/plain -Location: ./%TESTNUMBER0001 - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 15 -Connection: close -Content-Type: text/plain; charset=us-ascii - + +HTTP/1.1 302 OK swsbounce swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 8 +Connection: close +Content-Type: text/plain +Location: ./%TESTNUMBER0001 + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 15 +Connection: close +Content-Type: text/plain; charset=us-ascii + bigger monster 2 1 diff --git a/tests/data/test1090 b/tests/data/test1090 index 454913ac1b..ad3c59d113 100644 --- a/tests/data/test1090 +++ b/tests/data/test1090 @@ -12,30 +12,30 @@ chunked Transfer-Encoding # # Server-side - -HTTP/1.1 302 OK swsbounce swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 8 -Connection: close -Content-Type: text/plain -Location: ./%TESTNUMBER0001 - + +HTTP/1.1 302 OK swsbounce swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 8 +Connection: close +Content-Type: text/plain +Location: ./%TESTNUMBER0001 + monster - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Transfer-Encoding: chunked -Connection: close -Content-Type: text/plain; charset=us-ascii - -0007 -bigger -0008 + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Transfer-Encoding: chunked +Connection: close +Content-Type: text/plain; charset=us-ascii + +0007 +bigger%spc% +0008 monster - -0 - + +0 + @@ -57,7 +57,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w "%{num_connects}\n%{num_redirects}\n%{si # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -70,20 +70,20 @@ Accept: */* - -HTTP/1.1 302 OK swsbounce swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 8 -Connection: close -Content-Type: text/plain -Location: ./%TESTNUMBER0001 - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Transfer-Encoding: chunked -Connection: close -Content-Type: text/plain; charset=us-ascii - + +HTTP/1.1 302 OK swsbounce swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 8 +Connection: close +Content-Type: text/plain +Location: ./%TESTNUMBER0001 + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Transfer-Encoding: chunked +Connection: close +Content-Type: text/plain; charset=us-ascii + bigger monster 2 1 diff --git a/tests/data/test1092 b/tests/data/test1092 index 2c5fbb81cd..34dffac34e 100644 --- a/tests/data/test1092 +++ b/tests/data/test1092 @@ -43,7 +43,7 @@ FTP with type=i over HTTP proxy # # Verify data after the test has been "shot" - + GET ftp://%HOSTIP:%HTTPPORT/we/want/that/page/%TESTNUMBER;type=i HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1094 b/tests/data/test1094 index ec1728976b..32e0930963 100644 --- a/tests/data/test1094 +++ b/tests/data/test1094 @@ -16,11 +16,11 @@ data returned to client - -a chunk of -data -returned - to client + +a chunk of +data +returned + to client diff --git a/tests/data/test1095 b/tests/data/test1095 index 942aa0e10c..86cab2c8fb 100644 --- a/tests/data/test1095 +++ b/tests/data/test1095 @@ -8,39 +8,39 @@ HTTP Digest auth # Server-side - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="test \"this\" realm!!", nonce="1053604145" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="test \"this\" realm!!", nonce="1053604145" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + This is not the real page # This is supposed to be returned when the server gets a # Authorization: Digest line passed-in from the client - -HTTP/1.1 200 OK swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 - + +HTTP/1.1 200 OK swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 + This IS the real page! - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="test \"this\" realm!!", nonce="1053604145" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - -HTTP/1.1 200 OK swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="test \"this\" realm!!", nonce="1053604145" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + +HTTP/1.1 200 OK swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 + This IS the real page! @@ -66,7 +66,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --digest # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1097 b/tests/data/test1097 index 84b9300d49..4405ba0883 100644 --- a/tests/data/test1097 +++ b/tests/data/test1097 @@ -11,29 +11,29 @@ HTTP proxy NTLM auth # Server-side - -HTTP/1.1 200 We are fine and cool -Server: Apache/1.3.27 (Dorw1n) PHP/44.1.2 -Content-Length: 27 - + +HTTP/1.1 200 We are fine and cool +Server: Apache/1.3.27 (Dorw1n) PHP/44.1.2 +Content-Length: 27 + This is all fine and dandy # This is the CONNECT response - -HTTP/1.1 200 We are fine and cool -Server: Apache/1.3.27 (Dorw1n) PHP/44.1.2 - + +HTTP/1.1 200 We are fine and cool +Server: Apache/1.3.27 (Dorw1n) PHP/44.1.2 + - -HTTP/1.1 200 We are fine and cool -Server: Apache/1.3.27 (Dorw1n) PHP/44.1.2 - -HTTP/1.1 200 We are fine and cool -Server: Apache/1.3.27 (Dorw1n) PHP/44.1.2 -Content-Length: 27 - + +HTTP/1.1 200 We are fine and cool +Server: Apache/1.3.27 (Dorw1n) PHP/44.1.2 + +HTTP/1.1 200 We are fine and cool +Server: Apache/1.3.27 (Dorw1n) PHP/44.1.2 +Content-Length: 27 + This is all fine and dandy diff --git a/tests/data/test1098 b/tests/data/test1098 index 4746b5fde9..6249587c17 100644 --- a/tests/data/test1098 +++ b/tests/data/test1098 @@ -10,11 +10,11 @@ CURLOPT_PROXY # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 6 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 6 + hello @@ -43,7 +43,7 @@ ftp://ftp-site/moo/%TESTNUMBER ftp://ftp-site/moo/%TESTNUMBER --proxy http://%HO # # Verify data after the test has been "shot" - + GET ftp://ftp-site/moo/%TESTNUMBER HTTP/1.1 Host: ftp-site:21 User-Agent: curl/%VERSION @@ -57,16 +57,16 @@ Accept: */* Proxy-Connection: Keep-Alive - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 6 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 6 + hello -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 6 - +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 6 + hello diff --git a/tests/data/test11 b/tests/data/test11 index 60164d6d62..6f4d82f73d 100644 --- a/tests/data/test11 +++ b/tests/data/test11 @@ -59,7 +59,7 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -L # Verify data after the test has been "shot" - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1100 b/tests/data/test1100 index 500a05b31a..8ba9bbf535 100644 --- a/tests/data/test1100 +++ b/tests/data/test1100 @@ -9,51 +9,51 @@ HTTP NTLM auth # Server-side - -HTTP/1.1 200 Thanks for this! swsclose -Content-Length: 25 - + +HTTP/1.1 200 Thanks for this! swsclose +Content-Length: 25 + This is the final page ! - -HTTP/1.1 401 Now gimme that second request of crap -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== - + +HTTP/1.1 401 Now gimme that second request of crap +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + This is not the real page either! # This is supposed to be returned when the server gets the second # Authorization: NTLM line passed-in from the client - -HTTP/1.1 302 Thanks for this, but we want to redir you! -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Location: /%TESTNUMBER -Content-Length: 34 - + +HTTP/1.1 302 Thanks for this, but we want to redir you! +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Location: /%TESTNUMBER +Content-Length: 34 + This is not the real page either! - -HTTP/1.1 401 Now gimme that second request of crap -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== - -HTTP/1.1 302 Thanks for this, but we want to redir you! -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Location: /%TESTNUMBER -Content-Length: 34 - -HTTP/1.1 200 Thanks for this! swsclose -Content-Length: 25 - + +HTTP/1.1 401 Now gimme that second request of crap +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + +HTTP/1.1 302 Thanks for this, but we want to redir you! +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Location: /%TESTNUMBER +Content-Length: 34 + +HTTP/1.1 200 Thanks for this! swsclose +Content-Length: 25 + This is the final page ! diff --git a/tests/data/test1101 b/tests/data/test1101 index 9e2dff25be..a6471a4a64 100644 --- a/tests/data/test1101 +++ b/tests/data/test1101 @@ -11,13 +11,13 @@ NO_PROXY # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 4 -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 4 +Content-Type: text/html + boo @@ -42,7 +42,7 @@ http://user:secret@%HOSTIP:%HTTPPORT/gimme/%TESTNUMBER # Verify data after the test has been "shot" - + GET /gimme/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[user:secret]b64% diff --git a/tests/data/test1104 b/tests/data/test1104 index c0fabfc1d5..e4dcf80366 100644 --- a/tests/data/test1104 +++ b/tests/data/test1104 @@ -69,7 +69,7 @@ proxy # Verify data after the test has been "shot" - + GET http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1105 b/tests/data/test1105 index 78bed7524e..aa84c862cb 100644 --- a/tests/data/test1105 +++ b/tests/data/test1105 @@ -10,19 +10,19 @@ cookiejar # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Type: text/html -Funny-head: yesyes swsclose -Set-Cookie: foobar=name; -Set-Cookie: mismatch=this; domain=127.0.0.1; path="/silly/"; -Set-Cookie: partmatch=present; domain=.0.0.1; path=/; -Set-Cookie: foo%tab%bar=barfoo -Set-Cookie: bar%tab%foo= -Set-Cookie: bar=foo%tab%bar - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/html +Funny-head: yesyes swsclose +Set-Cookie: foobar=name; +Set-Cookie: mismatch=this; domain=127.0.0.1; path="/silly/"; +Set-Cookie: partmatch=present; domain=.0.0.1; path=/; +Set-Cookie: foo%tab%bar=barfoo +Set-Cookie: bar%tab%foo= +Set-Cookie: bar=foo%tab%bar + diff --git a/tests/data/test1106 b/tests/data/test1106 index e8bb0a52af..32d73ef5f6 100644 --- a/tests/data/test1106 +++ b/tests/data/test1106 @@ -9,13 +9,13 @@ HTTP proxy # Server-side - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Accept-Ranges: bytes -Content-Length: 6 - + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Accept-Ranges: bytes +Content-Length: 6 + hello @@ -44,7 +44,7 @@ ftp://%HOSTIP:23456/%TESTNUMBER # Verify data after the test has been "shot" - + GET ftp://%HOSTIP:23456/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:23456 User-Agent: curl/%VERSION diff --git a/tests/data/test1109 b/tests/data/test1109 index da640789f7..043e22cd08 100644 --- a/tests/data/test1109 +++ b/tests/data/test1109 @@ -33,7 +33,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER#test # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1110 b/tests/data/test1110 index d2dfcc4f35..2d57e49d61 100644 --- a/tests/data/test1110 +++ b/tests/data/test1110 @@ -34,7 +34,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER?q=foobar#fragment # Verify data after the test has been "shot" - + GET /%TESTNUMBER?q=foobar HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1111 b/tests/data/test1111 index f68668a520..8cf705afe7 100644 --- a/tests/data/test1111 +++ b/tests/data/test1111 @@ -34,7 +34,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER?q=foobar#fragment#fragment2 # Verify data after the test has been "shot" - + GET /%TESTNUMBER?q=foobar HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1115 b/tests/data/test1115 index 176570992e..15a4785672 100644 --- a/tests/data/test1115 +++ b/tests/data/test1115 @@ -8,17 +8,17 @@ HTTP 1xx response code # Server-side - -HTTP/1.1 104 Experiment -Server: Microsoft-IIS/5.0 -Date: Sun, 03 Apr 2005 14:57:45 GMT -X-Powered-By: ASP.NET - -HTTP/1.1 200 OK swsbounce -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - + +HTTP/1.1 104 Experiment +Server: Microsoft-IIS/5.0 +Date: Sun, 03 Apr 2005 14:57:45 GMT +X-Powered-By: ASP.NET + +HTTP/1.1 200 OK swsbounce +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + @@ -39,7 +39,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1116 b/tests/data/test1116 index 0775bb42db..c92b625531 100644 --- a/tests/data/test1116 +++ b/tests/data/test1116 @@ -10,33 +10,33 @@ DELAY # # Server-side - -HTTP/1.1 200 funky chunky! -Server: fakeit/0.9 fakeitbad/1.0 -Transfer-Encoding: chunked -Connection: mooo - -40 -aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -30 -bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb -21;heresatest=moooo + +HTTP/1.1 200 funky chunky! +Server: fakeit/0.9 fakeitbad/1.0 +Transfer-Encoding: chunked +Connection: mooo + +40 +aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa +30 +bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb +21;heresatest=moooo cccccccccccccccccccccccccccccccc - -0 -chunky-trailer: header data -another-header: yes - + +0 +chunky-trailer: header data +another-header: yes + - -HTTP/1.1 200 funky chunky! -Server: fakeit/0.9 fakeitbad/1.0 -Transfer-Encoding: chunked -Connection: mooo - + +HTTP/1.1 200 funky chunky! +Server: fakeit/0.9 fakeitbad/1.0 +Transfer-Encoding: chunked +Connection: mooo + aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbcccccccccccccccccccccccccccccccc -chunky-trailer: header data -another-header: yes +chunky-trailer: header data +another-header: yes writedelay: 10 @@ -60,21 +60,21 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -D %LOGDIR/heads%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION Accept: */* - -HTTP/1.1 200 funky chunky! -Server: fakeit/0.9 fakeitbad/1.0 -Transfer-Encoding: chunked -Connection: mooo - -chunky-trailer: header data -another-header: yes + +HTTP/1.1 200 funky chunky! +Server: fakeit/0.9 fakeitbad/1.0 +Transfer-Encoding: chunked +Connection: mooo + +chunky-trailer: header data +another-header: yes diff --git a/tests/data/test1117 b/tests/data/test1117 index c133501027..1558cc7b05 100644 --- a/tests/data/test1117 +++ b/tests/data/test1117 @@ -10,24 +10,24 @@ DELAY # Server-side - -HTTP/1.1 416 Requested Range Not Satisfiable -Date: Tue, 09 Sep 2010 14:49:00 GMT -Accept-Ranges: bytes -Content-Length: 115 - + +HTTP/1.1 416 Requested Range Not Satisfiable +Date: Tue, 09 Sep 2010 14:49:00 GMT +Accept-Ranges: bytes +Content-Length: 115 + This is a long error message that is large enough that the test server is guaranteed to split it into two packets. - -HTTP/1.1 206 Partial Content -Date: Tue, 09 Sep 2010 14:49:01 GMT -Accept-Ranges: bytes -Content-Range: bytes 10-18/155 -Content-Length: 13 -Content-Type: text/plain - + +HTTP/1.1 206 Partial Content +Date: Tue, 09 Sep 2010 14:49:01 GMT +Accept-Ranges: bytes +Content-Range: bytes 10-18/155 +Content-Length: 13 +Content-Type: text/plain + partial body @@ -51,25 +51,25 @@ HTTP with invalid range then another URL # Verify data after the test has been "shot" - -HTTP/1.1 416 Requested Range Not Satisfiable -Date: Tue, 09 Sep 2010 14:49:00 GMT -Accept-Ranges: bytes -Content-Length: 115 - + +HTTP/1.1 416 Requested Range Not Satisfiable +Date: Tue, 09 Sep 2010 14:49:00 GMT +Accept-Ranges: bytes +Content-Length: 115 + This is a long error message that is large enough that the test server is guaranteed to split it into two packets. -HTTP/1.1 206 Partial Content -Date: Tue, 09 Sep 2010 14:49:01 GMT -Accept-Ranges: bytes -Content-Range: bytes 10-18/155 -Content-Length: 13 -Content-Type: text/plain - +HTTP/1.1 206 Partial Content +Date: Tue, 09 Sep 2010 14:49:01 GMT +Accept-Ranges: bytes +Content-Range: bytes 10-18/155 +Content-Length: 13 +Content-Type: text/plain + partial body - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Range: bytes=10-22 diff --git a/tests/data/test1118 b/tests/data/test1118 index 13f686f403..e188bc31eb 100644 --- a/tests/data/test1118 +++ b/tests/data/test1118 @@ -42,7 +42,7 @@ http://%HOSTIP:%HTTPPORT?email=name@example.com/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /?email=name@example.com/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1121 b/tests/data/test1121 index 0804c59e26..1e17f95e20 100644 --- a/tests/data/test1121 +++ b/tests/data/test1121 @@ -7,12 +7,12 @@ HTTP # # Server-side - -HTTP/1.0 200 OK -Server: test-server/fake -Content-Type: text/html -Content-Length: 6 - + +HTTP/1.0 200 OK +Server: test-server/fake +Content-Type: text/html +Content-Length: 6 + blaha @@ -34,7 +34,7 @@ HTTP multiple provided Host: headers # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: host1 User-Agent: curl/%VERSION diff --git a/tests/data/test1122 b/tests/data/test1122 index cbd74b2ea9..684b6f8dc6 100644 --- a/tests/data/test1122 +++ b/tests/data/test1122 @@ -10,30 +10,30 @@ Transfer-Encoding # # Server-side - -HTTP/1.1 200 OK swsclose -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Transfer-Encoding: gzip -Content-Length: 44 - + +HTTP/1.1 200 OK swsclose +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Transfer-Encoding: gzip +Content-Length: 44 + %hex[%1f%8b%08%08%79%9e%ab%41%00%03%6c%61%6c%61%6c%61%00%cb%c9%cc%4b%55%30%e4%52%c8%01%d1%46%5c]hex% %hex[%10%86%31%17%00]hex% %hex[%02%71%60%18%00%00%00]hex% # This ignore Content-Length - -HTTP/1.1 200 OK swsclose -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Transfer-Encoding: gzip -Content-Length: 44 - + +HTTP/1.1 200 OK swsclose +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Transfer-Encoding: gzip +Content-Length: 44 + line 1 line 2 line 3 @@ -61,7 +61,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --tr-encoding # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1123 b/tests/data/test1123 index 2a1b10605f..594ff668cd 100644 --- a/tests/data/test1123 +++ b/tests/data/test1123 @@ -171,7 +171,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --tr-encoding # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1124 b/tests/data/test1124 index 33415aab79..78e640dd64 100644 --- a/tests/data/test1124 +++ b/tests/data/test1124 @@ -11,30 +11,30 @@ chunked Transfer-Encoding # # Server-side - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2024 21:56:53 GMT -Server: Something-TE-friendly/0.1 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Transfer-Encoding: gzip, chunked - -2c + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2024 21:56:53 GMT +Server: Something-TE-friendly/0.1 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Transfer-Encoding: gzip, chunked + +2c %hex[%1f%8b%08%08%79%9e%ab%41%00%03%6c%61%6c%61%6c%61%00%cb%c9%cc%4b%55%30%e4%52%c8%01%d1%46%5c]hex% %hex[%10%86%31%17%00]hex% -%hex[%02%71%60%18%00%00%00]hex% -0 - +%hex[%02%71%60%18%00%00%00]hex% +0 + - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2024 21:56:53 GMT -Server: Something-TE-friendly/0.1 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Transfer-Encoding: gzip, chunked - + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2024 21:56:53 GMT +Server: Something-TE-friendly/0.1 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Transfer-Encoding: gzip, chunked + line 1 line 2 line 3 @@ -62,7 +62,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --tr-encoding # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1125 b/tests/data/test1125 index 1f1f153835..caaa0b2849 100644 --- a/tests/data/test1125 +++ b/tests/data/test1125 @@ -10,30 +10,30 @@ Transfer-Encoding # # Server-side - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Transfer-Encoding: gzip, chunked - -2c + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Transfer-Encoding: gzip, chunked + +2c %hex[%1f%8b%08%08%79%9e%ab%41%00%03%6c%61%6c%61%6c%61%00%cb%c9%cc%4b%55%30%e4%52%c8%01%d1%46%5c]hex% %hex[%10%86%31%17%00]hex% -%hex[%02%71%60%18%00%00%00]hex% -0 - +%hex[%02%71%60%18%00%00%00]hex% +0 + - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Transfer-Encoding: gzip, chunked - + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Transfer-Encoding: gzip, chunked + line 1 line 2 line 3 @@ -61,7 +61,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --tr-encoding -H "Connection: close" # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1126 b/tests/data/test1126 index 9fb7c5a832..5ad2df6215 100644 --- a/tests/data/test1126 +++ b/tests/data/test1126 @@ -38,7 +38,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -z "dec 12 12:00:00 1999 GMT" # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1127 b/tests/data/test1127 index 8f2b6b1103..126073e4df 100644 --- a/tests/data/test1127 +++ b/tests/data/test1127 @@ -47,7 +47,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -z "dec 12 12:00:00 1999 GMT" # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1128 b/tests/data/test1128 index 977ed4d8be..2932cabcad 100644 --- a/tests/data/test1128 +++ b/tests/data/test1128 @@ -48,7 +48,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER http://%HOSTIP:%HTTPPORT/%TESTNUMBER0001 -z # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1129 b/tests/data/test1129 index 44b0f3ab82..9a81043b17 100644 --- a/tests/data/test1129 +++ b/tests/data/test1129 @@ -74,7 +74,7 @@ Content-Type: text/html -foo- - + POST /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1130 b/tests/data/test1130 index 59ca8c52eb..1057d06d72 100644 --- a/tests/data/test1130 +++ b/tests/data/test1130 @@ -75,7 +75,7 @@ Content-Type: text/html -foo- - + POST /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1131 b/tests/data/test1131 index e9c37395e5..51601c03ad 100644 --- a/tests/data/test1131 +++ b/tests/data/test1131 @@ -75,7 +75,7 @@ Content-Type: text/html FAILURE2 - + PUT /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1133 b/tests/data/test1133 index 9582fc4d08..4b7cb321bc 100644 --- a/tests/data/test1133 +++ b/tests/data/test1133 @@ -7,12 +7,12 @@ HTTP FORMPOST # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 10 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 10 + blablabla diff --git a/tests/data/test1138 b/tests/data/test1138 index ec7048c4ad..7579fcd21d 100644 --- a/tests/data/test1138 +++ b/tests/data/test1138 @@ -9,14 +9,14 @@ followlocation # # Server-side - + HTTP/1.1 302 OK swsclose Location: ../moo.html/?name=%hex[%d8%a2%d8%ba%d8%a7%d8%b2%2d%d8%b3%d9%85%2d%d8%b2%d8%af%d8%a7%db%8c%db%8c%2d%d8%a7%d8%b2%2d%d8%a8%d8%a7%d8%b2%d8%a7%d8%b1%2d%d9%be%d9%88%d9%84]hex%&testcase=/%TESTNUMBER0002 Date: Tue, 09 Nov 2010 14:49:00 GMT Connection: close - + HTTP/1.1 200 OK swsclose Location: this should be ignored Date: Tue, 09 Nov 2010 14:49:00 GMT @@ -24,7 +24,7 @@ Connection: close body - + HTTP/1.1 302 OK swsclose Location: ../moo.html/?name=%hex[%d8%a2%d8%ba%d8%a7%d8%b2%2d%d8%b3%d9%85%2d%d8%b2%d8%af%d8%a7%db%8c%db%8c%2d%d8%a7%d8%b2%2d%d8%a8%d8%a7%d8%b2%d8%a7%d8%b1%2d%d9%be%d9%88%d9%84]hex%&testcase=/%TESTNUMBER0002 Date: Tue, 09 Nov 2010 14:49:00 GMT @@ -56,7 +56,7 @@ http://%HOSTIP:%HTTPPORT/we/are/all/twits/%TESTNUMBER -L # # Verify data after the test has been "shot" - + GET /we/are/all/twits/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1141 b/tests/data/test1141 index 68eea75dc2..c0d6122c2d 100644 --- a/tests/data/test1141 +++ b/tests/data/test1141 @@ -54,7 +54,7 @@ proxy # Verify data after the test has been "shot" - + GET http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1142 b/tests/data/test1142 index 64793147cc..d42dddf31a 100644 --- a/tests/data/test1142 +++ b/tests/data/test1142 @@ -49,7 +49,7 @@ proxy # Verify data after the test has been "shot" - + GET http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1143 b/tests/data/test1143 index b845a65762..9157433b63 100644 --- a/tests/data/test1143 +++ b/tests/data/test1143 @@ -37,7 +37,7 @@ MSYS2_ARG_CONV_EXCL=http:/ # Verify data after the test has been "shot" - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1144 b/tests/data/test1144 index 7915cb610b..3d5cb0b1d3 100644 --- a/tests/data/test1144 +++ b/tests/data/test1144 @@ -54,7 +54,7 @@ HTTP HEAD, receive no headers only body # # Verify data after the test has been "shot" - + HEAD /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1148 b/tests/data/test1148 index ba37c8dd30..c1ad7fe884 100644 --- a/tests/data/test1148 +++ b/tests/data/test1148 @@ -41,7 +41,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -# --stderr %LOGDIR/stderrlog%TESTNUMBER # - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1150 b/tests/data/test1150 index e4d0ed01a6..d93fc63096 100644 --- a/tests/data/test1150 +++ b/tests/data/test1150 @@ -39,7 +39,7 @@ proxy # Verify data after the test has been "shot" - + GET http://test.remote.example.com.%TESTNUMBER:150/path HTTP/1.1 Host: test.remote.example.com.%TESTNUMBER:150 User-Agent: curl/%VERSION diff --git a/tests/data/test1151 b/tests/data/test1151 index f8b14ebb4e..eb94e92432 100644 --- a/tests/data/test1151 +++ b/tests/data/test1151 @@ -48,7 +48,7 @@ cookies # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1154 b/tests/data/test1154 index 27bfc17ae4..5ffd512380 100644 --- a/tests/data/test1154 +++ b/tests/data/test1154 @@ -40,7 +40,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1155 b/tests/data/test1155 index 195028a4d4..ba73600fa6 100644 --- a/tests/data/test1155 +++ b/tests/data/test1155 @@ -10,12 +10,12 @@ cookies # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 0 -Set-Cookie: domain=value;path=/ - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 0 +Set-Cookie: domain=value;path=/ + @@ -37,7 +37,7 @@ cookies # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1156 b/tests/data/test1156 index 3492694273..c81a9dce32 100644 --- a/tests/data/test1156 +++ b/tests/data/test1156 @@ -11,37 +11,37 @@ Range # Server-side - -HTTP/1.1 200 OK -Content-Type: text/html -Content-Length: 5 - + +HTTP/1.1 200 OK +Content-Type: text/html +Content-Length: 5 + body - -HTTP/1.1 200 OK -Content-Type: text/html -Content-Length: 5 -Content-Range: bytes 3/7 - + +HTTP/1.1 200 OK +Content-Type: text/html +Content-Length: 5 +Content-Range: bytes 3/7 + body - -HTTP/1.1 416 Requested Range Not Satisfiable -Content-Type: text/html -Content-Length: 5 - + +HTTP/1.1 416 Requested Range Not Satisfiable +Content-Type: text/html +Content-Length: 5 + body - -HTTP/1.1 416 Requested Range Not Satisfiable -Content-Type: text/html -Content-Length: 5 -Content-Range: bytes */2 - + +HTTP/1.1 416 Requested Range Not Satisfiable +Content-Type: text/html +Content-Length: 5 +Content-Range: bytes */2 + body diff --git a/tests/data/test1157 b/tests/data/test1157 index b13536773f..91fea7437c 100644 --- a/tests/data/test1157 +++ b/tests/data/test1157 @@ -45,7 +45,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -H @%LOGDIR/heads%TESTNUMBER.txt # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1158 b/tests/data/test1158 index 34845a74f3..61394311ee 100644 --- a/tests/data/test1158 +++ b/tests/data/test1158 @@ -7,12 +7,12 @@ HTTP FORMPOST # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 10 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 10 + blablabla diff --git a/tests/data/test1159 b/tests/data/test1159 index 769e84db3c..3f7fa33893 100644 --- a/tests/data/test1159 +++ b/tests/data/test1159 @@ -11,12 +11,12 @@ followlocation # Server-side - -HTTP/1.1 301 This is a weirdo text message swsclose -Location: ht3p://localhost/ -Content-Length: 62 -Connection: close - + +HTTP/1.1 301 This is a weirdo text message swsclose +Location: ht3p://localhost/ +Content-Length: 62 +Connection: close + This server reply is for testing a simple Location: following @@ -36,19 +36,19 @@ http://%HOSTIP:%HTTPPORT/we/want/our/%TESTNUMBER -w '%{redirect_url}\n' # Verify data after the test has been "shot" - + GET /we/want/our/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION Accept: */* - -HTTP/1.1 301 This is a weirdo text message swsclose -Location: ht3p://localhost/ -Content-Length: 62 -Connection: close - + +HTTP/1.1 301 This is a weirdo text message swsclose +Location: ht3p://localhost/ +Content-Length: 62 +Connection: close + This server reply is for testing a simple Location: following ht3p://localhost/ diff --git a/tests/data/test1160 b/tests/data/test1160 index eb0dad216e..6b7c904ceb 100644 --- a/tests/data/test1160 +++ b/tests/data/test1160 @@ -11,12 +11,12 @@ cookies # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 0 -Set-Cookie: ____________%hex[%ff]hex%= ;%repeat[117 x %20]%%hex[%ff]hex%%repeat[2602 x %20]%%repeat[434 x z]%%hex[%86%85%85%80]hex%%repeat[49 x z]%%hex[%fa]hex%%repeat[540 x z]%%hex[%f3%a0%81%96]hex%zzzzzzzzzzzz~%repeat[82 x z]%%hex[%b6]hex%%repeat[364 x z]% - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 0 +Set-Cookie: ____________%hex[%ff]hex%= ;%repeat[117 x %20]%%hex[%ff]hex%%repeat[2602 x %20]%%repeat[434 x z]%%hex[%86%85%85%80]hex%%repeat[49 x z]%%hex[%fa]hex%%repeat[540 x z]%%hex[%f3%a0%81%96]hex%zzzzzzzzzzzz~%repeat[82 x z]%%hex[%b6]hex%%repeat[364 x z]% + @@ -38,7 +38,7 @@ cookies # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1161 b/tests/data/test1161 index 4dbb0a4a7b..8e30f414dc 100644 --- a/tests/data/test1161 +++ b/tests/data/test1161 @@ -10,12 +10,12 @@ cookies # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 0 -Set-Cookie: ckyPersistent=permanent;path=;path=/ - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 0 +Set-Cookie: ckyPersistent=permanent;path=;path=/ + @@ -37,7 +37,7 @@ cookies # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1164 b/tests/data/test1164 index c5c25d339d..27934a7b75 100644 --- a/tests/data/test1164 +++ b/tests/data/test1164 @@ -31,7 +31,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w '%{size_download}\n' --http0.9 # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1166 b/tests/data/test1166 index 6720c09d31..05bb1e3eaf 100644 --- a/tests/data/test1166 +++ b/tests/data/test1166 @@ -10,13 +10,13 @@ cookies # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Set-Cookie: trackyou=want; path=/ -Content-Length: 68 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Set-Cookie: trackyou=want; path=/ +Content-Length: 68 + This server reply is for testing a Location: following with cookies @@ -36,7 +36,7 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER http://%HOSTIP:%HTTPPORT/want/%TESTNUM # Verify data after the test has been "shot" - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1168 b/tests/data/test1168 index 04403597de..855e50f033 100644 --- a/tests/data/test1168 +++ b/tests/data/test1168 @@ -59,7 +59,7 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -L -u "catmai#d:#DZaRJYrixKE*gFY" # Verify data after the test has been "shot" - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[catmai#d:#DZaRJYrixKE*gFY]b64% diff --git a/tests/data/test1170 b/tests/data/test1170 index 499044e399..6a89c26e25 100644 --- a/tests/data/test1170 +++ b/tests/data/test1170 @@ -10,30 +10,30 @@ Transfer-Encoding # # Server-side - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Transfer-Encoding: gzip, chunked - -2c + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Transfer-Encoding: gzip, chunked + +2c %hex[%1f%8b%08%08%79%9e%ab%41%00%03%6c%61%6c%61%6c%61%00%cb%c9%cc%4b%55%30%e4%52%c8%01%d1%46%5c]hex% %hex[%10%86%31%17%00]hex% -%hex[%02%71%60%18%00%00%00]hex% -0 - +%hex[%02%71%60%18%00%00%00]hex% +0 + - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Transfer-Encoding: gzip, chunked - + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Transfer-Encoding: gzip, chunked + line 1 line 2 line 3 @@ -61,7 +61,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --tr-encoding -H "Connection:" # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1171 b/tests/data/test1171 index 5dd570add8..545b79f77f 100644 --- a/tests/data/test1171 +++ b/tests/data/test1171 @@ -10,30 +10,30 @@ Transfer-Encoding # # Server-side - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Transfer-Encoding: gzip, chunked - -2c + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Transfer-Encoding: gzip, chunked + +2c %hex[%1f%8b%08%08%79%9e%ab%41%00%03%6c%61%6c%61%6c%61%00%cb%c9%cc%4b%55%30%e4%52%c8%01%d1%46%5c]hex% %hex[%10%86%31%17%00]hex% -%hex[%02%71%60%18%00%00%00]hex% -0 - +%hex[%02%71%60%18%00%00%00]hex% +0 + - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Transfer-Encoding: gzip, chunked - + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Transfer-Encoding: gzip, chunked + line 1 line 2 line 3 @@ -61,7 +61,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --tr-encoding -H "Connection;" # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1172 b/tests/data/test1172 index 6afe814c04..8060a592c4 100644 --- a/tests/data/test1172 +++ b/tests/data/test1172 @@ -33,7 +33,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --no-http0.9 # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1174 b/tests/data/test1174 index 21dd5d54b6..f8f064a543 100644 --- a/tests/data/test1174 +++ b/tests/data/test1174 @@ -33,7 +33,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1176 b/tests/data/test1176 index 6bfe6a6f6a..6d38e8689f 100644 --- a/tests/data/test1176 +++ b/tests/data/test1176 @@ -8,18 +8,18 @@ globbing # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 6 -Connection: close -Content-Type: text/html -Funny-head: yesyes - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes + -foo- @@ -41,25 +41,25 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -o '%LOGDIR/base-#0' # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION Accept: */* - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 6 -Connection: close -Content-Type: text/html -Funny-head: yesyes - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes + -foo- diff --git a/tests/data/test1178 b/tests/data/test1178 index 6f5fdd7161..faf93eadb6 100644 --- a/tests/data/test1178 +++ b/tests/data/test1178 @@ -40,7 +40,7 @@ proxy # # Verify data after the test has been "shot" - + GET http://%HOSTIP:%HTTPPORT/we/want/that/page/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Proxy-Authorization: Basic %b64[AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA:BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB]b64% diff --git a/tests/data/test1180 b/tests/data/test1180 index 8607f82552..4b2577e75a 100644 --- a/tests/data/test1180 +++ b/tests/data/test1180 @@ -36,7 +36,7 @@ HTTP GET request with proxy and -H "Proxy-Connection: keep-alive" - + GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1181 b/tests/data/test1181 index 8fe4587dfc..26b924e986 100644 --- a/tests/data/test1181 +++ b/tests/data/test1181 @@ -8,12 +8,12 @@ HTTP proxy # Server-side - -HTTP/1.1 200 OK -Server: Blafasel/5.0 -Date: Sat, 16 Jan 2021 14:48:30 GMT -Content-Length: 12 - + +HTTP/1.1 200 OK +Server: Blafasel/5.0 +Date: Sat, 16 Jan 2021 14:48:30 GMT +Content-Length: 12 + Bla bla bla @@ -36,7 +36,7 @@ HTTP GET request with proxy and "Proxy-Connection: Keep-Alive" - + GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1183 b/tests/data/test1183 index 34cba4aa51..fc5eb2eb00 100644 --- a/tests/data/test1183 +++ b/tests/data/test1183 @@ -8,12 +8,12 @@ HTTP GET # Server-side - -HTTP/1.1 200 OK -Server: Blafasel/5.0 -Date: Sat, 16 Jan 2021 14:48:30 GMT -Content-Length: 12 - + +HTTP/1.1 200 OK +Server: Blafasel/5.0 +Date: Sat, 16 Jan 2021 14:48:30 GMT +Content-Length: 12 + Bla bla bla @@ -37,7 +37,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify that the %TESTNUMBER has been resolved to %TESTNUMBER - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1184 b/tests/data/test1184 index 0f5d8c91f0..0fa1c38e3d 100644 --- a/tests/data/test1184 +++ b/tests/data/test1184 @@ -11,29 +11,29 @@ proxytunnel # # Server-side - -HTTP/1.1 200 Mighty fine indeed -Server: test tunnel 2000 - + +HTTP/1.1 200 Mighty fine indeed +Server: test tunnel 2000 + - -HTTP/1.1 302 OK -Location: http://%HOSTIP.%TESTNUMBER:%HTTPPORT/we/want/that/page/%TESTNUMBER0002 -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Type: text/html -Funny-head: yesyes -Content-Length: 9 -Connection: close - + +HTTP/1.1 302 OK +Location: http://%HOSTIP.%TESTNUMBER:%HTTPPORT/we/want/that/page/%TESTNUMBER0002 +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/html +Funny-head: yesyes +Content-Length: 9 +Connection: close + contents - -HTTP/1.1 200 OK -Content-Length: 7 - + +HTTP/1.1 200 OK +Content-Length: 7 + second @@ -59,19 +59,19 @@ proxy # # Verify data after the test has been "shot" - -CONNECT %HOSTIP.%TESTNUMBER:%HTTPPORT HTTP/1.1 -Host: %HOSTIP.%TESTNUMBER:%HTTPPORT -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - -CONNECT %HOSTIP.%TESTNUMBER:%HTTPPORT HTTP/1.1 -Host: %HOSTIP.%TESTNUMBER:%HTTPPORT -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - + +CONNECT %HOSTIP.%TESTNUMBER:%HTTPPORT HTTP/1.1 +Host: %HOSTIP.%TESTNUMBER:%HTTPPORT +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + +CONNECT %HOSTIP.%TESTNUMBER:%HTTPPORT HTTP/1.1 +Host: %HOSTIP.%TESTNUMBER:%HTTPPORT +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + - + GET /we/want/that/page/%TESTNUMBER HTTP/1.1 Host: %HOSTIP.%TESTNUMBER:%HTTPPORT Accept: */* @@ -83,25 +83,25 @@ Accept: */* User-Agent: %TESTNUMBER-agent - -HTTP/1.1 200 Mighty fine indeed -Server: test tunnel 2000 - -HTTP/1.1 302 OK -Location: http://%HOSTIP.%TESTNUMBER:%HTTPPORT/we/want/that/page/%TESTNUMBER0002 -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Type: text/html -Funny-head: yesyes -Content-Length: 9 -Connection: close - -HTTP/1.1 200 Mighty fine indeed -Server: test tunnel 2000 - -HTTP/1.1 200 OK -Content-Length: 7 - + +HTTP/1.1 200 Mighty fine indeed +Server: test tunnel 2000 + +HTTP/1.1 302 OK +Location: http://%HOSTIP.%TESTNUMBER:%HTTPPORT/we/want/that/page/%TESTNUMBER0002 +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/html +Funny-head: yesyes +Content-Length: 9 +Connection: close + +HTTP/1.1 200 Mighty fine indeed +Server: test tunnel 2000 + +HTTP/1.1 200 OK +Content-Length: 7 + second diff --git a/tests/data/test1186 b/tests/data/test1186 index dabe270968..668459f8c5 100644 --- a/tests/data/test1186 +++ b/tests/data/test1186 @@ -7,12 +7,12 @@ HTTP FORMPOST # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 10 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 10 + blablabla diff --git a/tests/data/test1187 b/tests/data/test1187 index 5fbf4efd34..3cae202eb1 100644 --- a/tests/data/test1187 +++ b/tests/data/test1187 @@ -23,11 +23,11 @@ smtp SMTP multipart with file name escaping - -From: different -To: another - -body + +From: different +To: another + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -F "=This is the mail text" -F '=File content;filename="strange\file\"name"' diff --git a/tests/data/test1188 b/tests/data/test1188 index 6c7f8261e2..042e682558 100644 --- a/tests/data/test1188 +++ b/tests/data/test1188 @@ -9,11 +9,11 @@ HTTP GET # Server-side - -HTTP/1.1 404 Not Found -Content-Length: 0 -Connection: close - + +HTTP/1.1 404 Not Found +Content-Length: 0 +Connection: close + @@ -32,7 +32,7 @@ http # Verify data after the test has been "shot" - + GET /we/want/our/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1189 b/tests/data/test1189 index 0c19e70f77..d1f4a6a80d 100644 --- a/tests/data/test1189 +++ b/tests/data/test1189 @@ -7,12 +7,12 @@ HTTP FORMPOST # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 10 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 10 + blablabla diff --git a/tests/data/test1197 b/tests/data/test1197 index 2daf7939d8..5ec9c19d45 100644 --- a/tests/data/test1197 +++ b/tests/data/test1197 @@ -11,23 +11,23 @@ followlocation # # Server-side - -HTTP/1.1 302 OK swsbounce swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 8 -Connection: close -Content-Type: text/plain -Location: ./%TESTNUMBER0001 - + +HTTP/1.1 302 OK swsbounce swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 8 +Connection: close +Content-Type: text/plain +Location: ./%TESTNUMBER0001 + monster - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 15 -Connection: close -Content-Type: text/plain; charset=us-ascii - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 15 +Connection: close +Content-Type: text/plain; charset=us-ascii + bigger monster @@ -65,20 +65,20 @@ Accept: */* - -HTTP/1.1 302 OK swsbounce swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 8 -Connection: close -Content-Type: text/plain -Location: ./%TESTNUMBER0001 - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 15 -Connection: close -Content-Type: text/plain; charset=us-ascii - + +HTTP/1.1 302 OK swsbounce swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 8 +Connection: close +Content-Type: text/plain +Location: ./%TESTNUMBER0001 + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 15 +Connection: close +Content-Type: text/plain; charset=us-ascii + bigger monster GET diff --git a/tests/data/test12 b/tests/data/test12 index 71cfdb6e68..ac8309e5df 100644 --- a/tests/data/test12 +++ b/tests/data/test12 @@ -9,18 +9,18 @@ Content-Range # Server-side - -HTTP/1.1 206 Partial Content -Date: Mon, 13 Nov 2000 13:41:09 GMT -Server: Apache/1.3.11 (Unix) PHP/3.0.14 -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 101 -Content-Range: bytes 100-200/3527 -Connection: close -Content-Type: text/html - + +HTTP/1.1 206 Partial Content +Date: Mon, 13 Nov 2000 13:41:09 GMT +Server: Apache/1.3.11 (Unix) PHP/3.0.14 +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 101 +Content-Range: bytes 100-200/3527 +Connection: close +Content-Type: text/html + ..partial data returned from the server as a result of setting an explicit byte range in the request @@ -42,7 +42,7 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -r 100-200 # Verify data after the test has been "shot" - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Range: bytes=100-200 diff --git a/tests/data/test1200 b/tests/data/test1200 index bf40f1c8a4..c61884668f 100644 --- a/tests/data/test1200 +++ b/tests/data/test1200 @@ -9,10 +9,10 @@ INDEX # # Server-side - -iMenu results error.host 1 -0Selector /bar bar.foo.invalid 70 -. + +iMenu results error.host 1 +0Selector /bar bar.foo.invalid 70 +. diff --git a/tests/data/test1201 b/tests/data/test1201 index aec07681e1..f87d9215d0 100644 --- a/tests/data/test1201 +++ b/tests/data/test1201 @@ -9,10 +9,10 @@ SELECTOR # # Server-side - -iMenu results error.host 1 -0Selector /selector/SELECTOR /bar bar.foo.invalid 70 -. + +iMenu results error.host 1 +0Selector /selector/SELECTOR /bar bar.foo.invalid 70 +. diff --git a/tests/data/test1202 b/tests/data/test1202 index 586e658d66..f307eae371 100644 --- a/tests/data/test1202 +++ b/tests/data/test1202 @@ -9,11 +9,11 @@ QUERY # # Server-side - -iSearch results error.host 1 -0Query query succeeded /foo foo.bar.invalid 70 -0Selector /the/search/engine /bar bar.foo.invalid 70 -. + +iSearch results error.host 1 +0Query query succeeded /foo foo.bar.invalid 70 +0Selector /the/search/engine /bar bar.foo.invalid 70 +. diff --git a/tests/data/test1203 b/tests/data/test1203 index 29f9bed0ad..51000e106c 100644 --- a/tests/data/test1203 +++ b/tests/data/test1203 @@ -10,10 +10,10 @@ INDEX # # Server-side - -iMenu results error.host 1 -0Selector /bar bar.foo.invalid 70 -. + +iMenu results error.host 1 +0Selector /bar bar.foo.invalid 70 +. diff --git a/tests/data/test1204 b/tests/data/test1204 index 89d14ad1f8..bc1a201d1d 100644 --- a/tests/data/test1204 +++ b/tests/data/test1204 @@ -9,38 +9,38 @@ HTTP Basic auth # Server-side - -HTTP/1.1 401 Authorization Required swsbounce -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: X-MobileMe-AuthToken realm="Newcastle", Basic realm="fun fun fun" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - + +HTTP/1.1 401 Authorization Required swsbounce +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: X-MobileMe-AuthToken realm="Newcastle", Basic realm="fun fun fun" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + This is not the real page # This is supposed to be returned when the server gets the second request - -HTTP/1.1 200 OK -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 - + +HTTP/1.1 200 OK +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 + This IS the real page! - -HTTP/1.1 401 Authorization Required swsbounce -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: X-MobileMe-AuthToken realm="Newcastle", Basic realm="fun fun fun" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - -HTTP/1.1 200 OK -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 - + +HTTP/1.1 401 Authorization Required swsbounce +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: X-MobileMe-AuthToken realm="Newcastle", Basic realm="fun fun fun" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + +HTTP/1.1 200 OK +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 + This IS the real page! @@ -61,7 +61,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --anyauth # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1205 b/tests/data/test1205 index 6fa833893a..ebd691cd3c 100644 --- a/tests/data/test1205 +++ b/tests/data/test1205 @@ -37,7 +37,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1210 b/tests/data/test1210 index d709a6f72a..ade12a2ddd 100644 --- a/tests/data/test1210 +++ b/tests/data/test1210 @@ -38,7 +38,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER?junk -J -O --output-dir %LOGDIR # # Verify data after the test has been "shot" - + GET /%TESTNUMBER?junk HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1212 b/tests/data/test1212 index fa7add1677..a9a1dfccc8 100644 --- a/tests/data/test1212 +++ b/tests/data/test1212 @@ -40,7 +40,7 @@ http://user:secret@%HOSTIP:%HTTPPORT/ulion/%TESTNUMBER --socks5 non-existing-hos # Verify data after the test has been "shot" - + GET /ulion/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[user:secret]b64% diff --git a/tests/data/test1213 b/tests/data/test1213 index 9a511c0022..662ca54728 100644 --- a/tests/data/test1213 +++ b/tests/data/test1213 @@ -9,14 +9,14 @@ HTTP proxy # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Type: text/html -Funny-head: yesyes -Content-Length: 22 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/html +Funny-head: yesyes +Content-Length: 22 + the content goes here @@ -42,7 +42,7 @@ proxy # Verify data after the test has been "shot" - + GET http://we.want.that.site.com.%TESTNUMBER/ HTTP/1.1 Host: we.want.that.site.com.%TESTNUMBER User-Agent: curl/%VERSION diff --git a/tests/data/test1214 b/tests/data/test1214 index b80d0071c2..70ed712d33 100644 --- a/tests/data/test1214 +++ b/tests/data/test1214 @@ -9,14 +9,14 @@ HTTP proxy # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Type: text/html -Funny-head: yesyes -Content-Length: 22 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/html +Funny-head: yesyes +Content-Length: 22 + the content goes here @@ -42,7 +42,7 @@ proxy # Verify data after the test has been "shot" - + GET http://we.want.that.site.com.%TESTNUMBER/?moo=foo HTTP/1.1 Host: we.want.that.site.com.%TESTNUMBER User-Agent: curl/%VERSION diff --git a/tests/data/test1215 b/tests/data/test1215 index c405ce04d0..54c52808f8 100644 --- a/tests/data/test1215 +++ b/tests/data/test1215 @@ -76,7 +76,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --ntlm --proxy http:// # Verify data after the test has been "shot" - + GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= diff --git a/tests/data/test1216 b/tests/data/test1216 index 7301aa571c..bb8e043b81 100644 --- a/tests/data/test1216 +++ b/tests/data/test1216 @@ -10,14 +10,14 @@ cookies # Server-side - + HTTP/1.1 200 OK Server: Microsoft-IIS/4.0 Date: Tue, 25 Sep 2001 19:37:44 GMT Content-Type: text/html Connection: close -Content-Length: 21 - +Content-Length: 21 + This server says moo @@ -47,7 +47,7 @@ proxy # Verify data after the test has been "shot" - + GET http://example.fake/c/%TESTNUMBER HTTP/1.1 Host: example.fake User-Agent: curl/%VERSION diff --git a/tests/data/test1218 b/tests/data/test1218 index 8b0aa9cf58..e66d84e1eb 100644 --- a/tests/data/test1218 +++ b/tests/data/test1218 @@ -11,12 +11,12 @@ cookies # This test is very similar to 1216, only that it sets the cookies from the # first site instead of reading from a file - + HTTP/1.1 200 OK Date: Tue, 25 Sep 2001 19:37:44 GMT Set-Cookie: bug=fixed; domain=.example.fake; -Content-Length: 21 - +Content-Length: 21 + This server says moo @@ -40,7 +40,7 @@ proxy # Verify data after the test has been "shot" - + GET http://example.fake/c/%TESTNUMBER HTTP/1.1 Host: example.fake User-Agent: curl/%VERSION diff --git a/tests/data/test1221 b/tests/data/test1221 index 565e83073a..6a410d95b8 100644 --- a/tests/data/test1221 +++ b/tests/data/test1221 @@ -11,11 +11,11 @@ HTTP POST # # Server-side - -HTTP/1.1 200 I am cool swsclose -Server: Cool server/10.0 -Content-Length: 0 - + +HTTP/1.1 200 I am cool swsclose +Server: Cool server/10.0 +Content-Length: 0 + diff --git a/tests/data/test1223 b/tests/data/test1223 index 11b0206ee1..2ce956b829 100644 --- a/tests/data/test1223 +++ b/tests/data/test1223 @@ -37,7 +37,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w 'IP %{remote_ip} and PORT %{remote_port} # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1228 b/tests/data/test1228 index 64f49257af..721d637f39 100644 --- a/tests/data/test1228 +++ b/tests/data/test1228 @@ -39,7 +39,7 @@ proxy # Verify data after the test has been "shot" - + GET http://example.fake/hoge/%TESTNUMBER HTTP/1.1 Host: example.fake User-Agent: curl/%VERSION diff --git a/tests/data/test1229 b/tests/data/test1229 index c225e7d472..781fa61b7a 100644 --- a/tests/data/test1229 +++ b/tests/data/test1229 @@ -8,39 +8,39 @@ HTTP Digest auth # Server-side - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + This is not the real page # This is supposed to be returned when the server gets a # Authorization: Digest line passed-in from the client - -HTTP/1.1 200 OK swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 - + +HTTP/1.1 200 OK swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 + This IS the real page! - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - -HTTP/1.1 200 OK swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + +HTTP/1.1 200 OK swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 + This IS the real page! @@ -66,7 +66,7 @@ http://%5cuser%22:password@%HOSTIP:%HTTPPORT/%TESTNUMBER --digest # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1230 b/tests/data/test1230 index 507580d1c3..464cca3c7c 100644 --- a/tests/data/test1230 +++ b/tests/data/test1230 @@ -12,28 +12,28 @@ IPv6 # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 9 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 9 + mooooooo - -HTTP/1.1 200 welcome dear -Date: Tue, 09 Nov 2010 14:49:00 GMT - + +HTTP/1.1 200 welcome dear +Date: Tue, 09 Nov 2010 14:49:00 GMT + - -HTTP/1.1 200 welcome dear -Date: Tue, 09 Nov 2010 14:49:00 GMT - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 9 - + +HTTP/1.1 200 welcome dear +Date: Tue, 09 Nov 2010 14:49:00 GMT + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 9 + mooooooo @@ -62,7 +62,7 @@ http://[1234:1234:1234::4ce]:%HTTPPORT/wanted/page/%TESTNUMBER -p -x %HOSTIP:%HT # # Verify data after the test has been "shot" - + CONNECT [1234:1234:1234::4ce]:%HTTPPORT HTTP/1.1 Host: [1234:1234:1234::4ce]:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1231 b/tests/data/test1231 index 5573bfc1ae..608b8529fc 100644 --- a/tests/data/test1231 +++ b/tests/data/test1231 @@ -44,7 +44,7 @@ http://%HOSTIP:%HTTPPORT/../../hej/but/who/../%TESTNUMBER?stupid=me/../%TESTNUMB # # Verify data after the test has been "shot" - + GET /hej/but/%TESTNUMBER?stupid=me/../%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1232 b/tests/data/test1232 index 278c4e4bd9..3d56afac40 100644 --- a/tests/data/test1232 +++ b/tests/data/test1232 @@ -49,7 +49,7 @@ proxy # # Verify data after the test has been "shot" - + GET http://test.remote.haxx.se.%TESTNUMBER:8990/hej/but/%TESTNUMBER?stupid=me/../%TESTNUMBER HTTP/1.1 Host: test.remote.haxx.se.%TESTNUMBER:8990 User-Agent: curl/%VERSION diff --git a/tests/data/test1235 b/tests/data/test1235 index 553d597795..836a7a97c5 100644 --- a/tests/data/test1235 +++ b/tests/data/test1235 @@ -9,18 +9,18 @@ globbing # Server-side - -HTTP/1.1 200 OK -Funny-head: yesyes -Content-Length: 15 - + +HTTP/1.1 200 OK +Funny-head: yesyes +Content-Length: 15 + the number one - -HTTP/1.1 200 OK -Funny-head: yesyes -Content-Length: 16 - + +HTTP/1.1 200 OK +Funny-head: yesyes +Content-Length: 16 + two is nice too @@ -40,7 +40,7 @@ multiple requests using {}{} in the URL # Verify data after the test has been "shot" - + GET /%TESTNUMBER0001 HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -62,26 +62,26 @@ User-Agent: curl/%VERSION Accept: */* - -HTTP/1.1 200 OK -Funny-head: yesyes -Content-Length: 15 - + +HTTP/1.1 200 OK +Funny-head: yesyes +Content-Length: 15 + the number one -HTTP/1.1 200 OK -Funny-head: yesyes -Content-Length: 16 - +HTTP/1.1 200 OK +Funny-head: yesyes +Content-Length: 16 + two is nice too -HTTP/1.1 200 OK -Funny-head: yesyes -Content-Length: 15 - +HTTP/1.1 200 OK +Funny-head: yesyes +Content-Length: 15 + the number one -HTTP/1.1 200 OK -Funny-head: yesyes -Content-Length: 16 - +HTTP/1.1 200 OK +Funny-head: yesyes +Content-Length: 16 + two is nice too diff --git a/tests/data/test1237 b/tests/data/test1237 index 2dec456bb4..2c572ace27 100644 --- a/tests/data/test1237 +++ b/tests/data/test1237 @@ -33,7 +33,7 @@ URL with 1000+ letter user name + password # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA:BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB]b64% diff --git a/tests/data/test1239 b/tests/data/test1239 index 5f430220f3..9092d56dd0 100644 --- a/tests/data/test1239 +++ b/tests/data/test1239 @@ -41,7 +41,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -z "-dec 12 12:00:00 1999 GMT" -w '%{respon # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1240 b/tests/data/test1240 index 59656d6ca1..a700bb70fc 100644 --- a/tests/data/test1240 +++ b/tests/data/test1240 @@ -31,7 +31,7 @@ glob [0-1] with stuff after range (7.33.0 regression) # Verify data after the test has been "shot" - + GET /00/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1241 b/tests/data/test1241 index d6ea187601..94125ea8b9 100644 --- a/tests/data/test1241 +++ b/tests/data/test1241 @@ -48,7 +48,7 @@ proxy # # Verify data after the test has been "shot" - + GET http://test.remote.haxx.se.%TESTNUMBER:8990/../../hej/but/who/../%TESTNUMBER?stupid=me/../%TESTNUMBER HTTP/1.1 Host: test.remote.haxx.se.%TESTNUMBER:8990 User-Agent: curl/%VERSION diff --git a/tests/data/test1244 b/tests/data/test1244 index 238c0c609f..d0bd7286dd 100644 --- a/tests/data/test1244 +++ b/tests/data/test1244 @@ -50,7 +50,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -x %HOSTIP:%HTTPPORT --next http://%HOSTIP: 56 - + GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1245 b/tests/data/test1245 index ad096eaca5..b7a2bda98f 100644 --- a/tests/data/test1245 +++ b/tests/data/test1245 @@ -13,14 +13,14 @@ followlocation # # Server-side - -HTTP/1.1 301 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 0 -Location: ftp://%HOSTIP:%FTPPORT/%TESTNUMBER -Connection: close - + +HTTP/1.1 301 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 0 +Location: ftp://%HOSTIP:%FTPPORT/%TESTNUMBER +Connection: close + @@ -42,7 +42,7 @@ ftp # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1246 b/tests/data/test1246 index 33859c4695..e1f11cef5b 100644 --- a/tests/data/test1246 +++ b/tests/data/test1246 @@ -48,7 +48,7 @@ proxy # # Verify data after the test has been "shot" - + GET http://test.remote.haxx.se.%TESTNUMBER:%HTTPPORT/ HTTP/1.1 Host: test.remote.haxx.se.%TESTNUMBER:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1248 b/tests/data/test1248 index 4e9a5ae483..1d3ed18032 100644 --- a/tests/data/test1248 +++ b/tests/data/test1248 @@ -38,7 +38,7 @@ http://user:secret@%HOSTIP:%HTTPPORT/%TESTNUMBER --proxy http://dummy:%NOLISTENP # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[user:secret]b64% diff --git a/tests/data/test1249 b/tests/data/test1249 index 00ffa64aee..25a1b01f48 100644 --- a/tests/data/test1249 +++ b/tests/data/test1249 @@ -41,7 +41,7 @@ http://user:secret@%HOSTIP:%HTTPPORT/%TESTNUMBER --proxy http://dummy:%NOLISTENP # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[user:secret]b64% diff --git a/tests/data/test1250 b/tests/data/test1250 index cc82fe9f57..aa9e164506 100644 --- a/tests/data/test1250 +++ b/tests/data/test1250 @@ -39,7 +39,7 @@ http://user:secret@%HOSTIP:%HTTPPORT/%TESTNUMBER --noproxy %HOSTIP --max-time 5 # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[user:secret]b64% diff --git a/tests/data/test1251 b/tests/data/test1251 index 4703d6a434..8946dec3c3 100644 --- a/tests/data/test1251 +++ b/tests/data/test1251 @@ -40,7 +40,7 @@ http://user:secret@%HOSTIP:%HTTPPORT/%TESTNUMBER --max-time 5 # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[user:secret]b64% diff --git a/tests/data/test1252 b/tests/data/test1252 index 6daa4b1671..27eb6b0369 100644 --- a/tests/data/test1252 +++ b/tests/data/test1252 @@ -42,7 +42,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --proxy http://%HOSTIP:%HTTPPORT --noproxy # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1253 b/tests/data/test1253 index 615a5c0d99..36676c281e 100644 --- a/tests/data/test1253 +++ b/tests/data/test1253 @@ -42,7 +42,7 @@ proxy # Verify data after the test has been "shot" - + GET http://somewhere.example.com/%TESTNUMBER HTTP/1.1 Host: somewhere.example.com User-Agent: curl/%VERSION diff --git a/tests/data/test1254 b/tests/data/test1254 index 56299ffac2..6f2e0b0baa 100644 --- a/tests/data/test1254 +++ b/tests/data/test1254 @@ -42,7 +42,7 @@ proxy # Verify data after the test has been "shot" - + GET http://somewhere.example.com/%TESTNUMBER HTTP/1.1 Host: somewhere.example.com User-Agent: curl/%VERSION diff --git a/tests/data/test1255 b/tests/data/test1255 index 78f0b47cff..648ec1f503 100644 --- a/tests/data/test1255 +++ b/tests/data/test1255 @@ -41,7 +41,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --noproxy %HOSTIP # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1256 b/tests/data/test1256 index 312b3ad6be..525b132354 100644 --- a/tests/data/test1256 +++ b/tests/data/test1256 @@ -44,7 +44,7 @@ proxy # Verify data after the test has been "shot" - + GET http://somewhere.example.com/%TESTNUMBER HTTP/1.1 Host: somewhere.example.com User-Agent: curl/%VERSION diff --git a/tests/data/test1257 b/tests/data/test1257 index 2812b9f032..0934e1b433 100644 --- a/tests/data/test1257 +++ b/tests/data/test1257 @@ -44,7 +44,7 @@ proxy # Verify data after the test has been "shot" - + GET http://somewhere.example.com/%TESTNUMBER HTTP/1.1 Host: somewhere.example.com User-Agent: curl/%VERSION diff --git a/tests/data/test1258 b/tests/data/test1258 index 81518de97e..c9b4523e3d 100644 --- a/tests/data/test1258 +++ b/tests/data/test1258 @@ -11,12 +11,12 @@ httponly # Server-side - -HTTP/1.0 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Type: text/html -Set-Cookie: I-am=here; domain=localhost; - + +HTTP/1.0 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Type: text/html +Set-Cookie: I-am=here; domain=localhost; + boo @@ -39,7 +39,7 @@ cookies # Verify data after the test has been "shot" - + GET /we/want/%TESTNUMBER HTTP/1.1 Host: localhost User-Agent: curl/%VERSION diff --git a/tests/data/test1259 b/tests/data/test1259 index 4b98a5e467..eb8cff6041 100644 --- a/tests/data/test1259 +++ b/tests/data/test1259 @@ -8,12 +8,12 @@ HTTP GET # Server-side - -HTTP/1.0 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Type: text/html -Set-Cookie: I-am=here; domain=localhost; - + +HTTP/1.0 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Type: text/html +Set-Cookie: I-am=here; domain=localhost; + boo @@ -33,7 +33,7 @@ HTTP URL with semicolon in password # Verify data after the test has been "shot" - + GET /we/want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[user:pass]b64%O3dvcmQ= diff --git a/tests/data/test1261 b/tests/data/test1261 index 7cfb8d762c..e67392918f 100644 --- a/tests/data/test1261 +++ b/tests/data/test1261 @@ -11,12 +11,12 @@ followlocation # Server-side - -HTTP/1.1 301 This is a weirdo text message swsclose -Location: data/10290002.txt?coolsite=yes -Content-Length: 62 -Connection: close - + +HTTP/1.1 301 This is a weirdo text message swsclose +Location: data/10290002.txt?coolsite=yes +Content-Length: 62 +Connection: close + This server reply is for testing a simple Location: following @@ -36,7 +36,7 @@ http://%HOSTIP:%HTTPPORT/we/want/our/%TESTNUMBER -w '%{redirect_url}\n' --locati # Verify data after the test has been "shot" - + GET /we/want/our/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -47,12 +47,12 @@ Accept: */* 47 - -HTTP/1.1 301 This is a weirdo text message swsclose -Location: data/10290002.txt?coolsite=yes -Content-Length: 62 -Connection: close - + +HTTP/1.1 301 This is a weirdo text message swsclose +Location: data/10290002.txt?coolsite=yes +Content-Length: 62 +Connection: close + http://%HOSTIP:%HTTPPORT/we/want/our/data/10290002.txt?coolsite=yes diff --git a/tests/data/test1265 b/tests/data/test1265 index 05dea24063..d4e060cd7f 100644 --- a/tests/data/test1265 +++ b/tests/data/test1265 @@ -46,7 +46,7 @@ http://%HOST6IP:%HTTP6PORT/%TESTNUMBER # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOST6IP:%HTTP6PORT User-Agent: curl/%VERSION diff --git a/tests/data/test1266 b/tests/data/test1266 index 733724c75a..0d997180ab 100644 --- a/tests/data/test1266 +++ b/tests/data/test1266 @@ -33,7 +33,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --http0.9 # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1267 b/tests/data/test1267 index b94ea3dc2e..055d86b555 100644 --- a/tests/data/test1267 +++ b/tests/data/test1267 @@ -33,7 +33,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --http0.9 # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1270 b/tests/data/test1270 index 22e056d9c8..6e21d3b2ba 100644 --- a/tests/data/test1270 +++ b/tests/data/test1270 @@ -11,18 +11,18 @@ followlocation # Server-side - -HTTP/1.1 302 Captive Portal -Server: ohlala/2000 -Date: Tue, 17 Dec 2019 13:08:30 GMT -Cache-Control: no-cache,no-store,must-revalidate,post-check=0,pre-check=0 -Location: https://moo.moo.moo -Content-Type: text/html; charset=utf-8 -X-Frame-Options: SAMEORIGIN -Strict-Transport-Security: max-age=604800 -Content-Length: 0 -Connection: close - + +HTTP/1.1 302 Captive Portal +Server: ohlala/2000 +Date: Tue, 17 Dec 2019 13:08:30 GMT +Cache-Control: no-cache,no-store,must-revalidate,post-check=0,pre-check=0 +Location: https://moo.moo.moo +Content-Type: text/html; charset=utf-8 +X-Frame-Options: SAMEORIGIN +Strict-Transport-Security: max-age=604800 +Content-Length: 0 +Connection: close + @@ -41,7 +41,7 @@ http://%HOSTIP:%HTTPPORT/we/want/our/%TESTNUMBER -w '%{redirect_url}\n' -s # Verify data after the test has been "shot" - + GET /we/want/our/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -49,18 +49,18 @@ Accept: */* - -HTTP/1.1 302 Captive Portal -Server: ohlala/2000 -Date: Tue, 17 Dec 2019 13:08:30 GMT -Cache-Control: no-cache,no-store,must-revalidate,post-check=0,pre-check=0 -Location: https://moo.moo.moo -Content-Type: text/html; charset=utf-8 -X-Frame-Options: SAMEORIGIN -Strict-Transport-Security: max-age=604800 -Content-Length: 0 -Connection: close - + +HTTP/1.1 302 Captive Portal +Server: ohlala/2000 +Date: Tue, 17 Dec 2019 13:08:30 GMT +Cache-Control: no-cache,no-store,must-revalidate,post-check=0,pre-check=0 +Location: https://moo.moo.moo +Content-Type: text/html; charset=utf-8 +X-Frame-Options: SAMEORIGIN +Strict-Transport-Security: max-age=604800 +Content-Length: 0 +Connection: close + https://moo.moo.moo/ diff --git a/tests/data/test1271 b/tests/data/test1271 index 2e3f3128a2..d2e2cae9cb 100644 --- a/tests/data/test1271 +++ b/tests/data/test1271 @@ -9,11 +9,11 @@ HTTP GET # Server-side - -HTTP/1.1 200 This is a weirdo text message swsclose -Content-Length: 4 -Connection: close - + +HTTP/1.1 200 This is a weirdo text message swsclose +Content-Length: 4 +Connection: close + Moo @@ -35,7 +35,7 @@ http://%HOSTIP:%HTTPPORT/we/want/our/%TESTNUMBER -w @%LOGDIR/blank%TESTNUMBER # Verify data after the test has been "shot" - + GET /we/want/our/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1273 b/tests/data/test1273 index c78ea02943..b813b6435a 100644 --- a/tests/data/test1273 +++ b/tests/data/test1273 @@ -11,11 +11,11 @@ Resume # Server-side - -HTTP/1.1 416 Invalid range -Connection: close -Content-Length: 0 - + +HTTP/1.1 416 Invalid range +Connection: close +Content-Length: 0 + # The file data that exists at the start of the test must be included in @@ -69,7 +69,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -C - -f # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Range: bytes=100- diff --git a/tests/data/test1274 b/tests/data/test1274 index dd53c15964..1445cd265e 100644 --- a/tests/data/test1274 +++ b/tests/data/test1274 @@ -43,25 +43,25 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -D %LOGDIR/out%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION Accept: */* - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/ - fake - folded -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Content-Length: 6 -Connection: - close - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/ + fake + folded +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Content-Length: 6 +Connection:%repeat[46 x ]% + close + diff --git a/tests/data/test1277 b/tests/data/test1277 index 7c7554bf0f..1e841b2d09 100644 --- a/tests/data/test1277 +++ b/tests/data/test1277 @@ -178,7 +178,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --tr-encoding --compressed s/^Accept-Encoding: [a-zA-Z, ]*/Accept-Encoding: xxx/ - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1278 b/tests/data/test1278 index 9516446374..6e337dfe41 100644 --- a/tests/data/test1278 +++ b/tests/data/test1278 @@ -8,7 +8,7 @@ # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test1280 b/tests/data/test1280 index 5d2023357e..f25252c82b 100644 --- a/tests/data/test1280 +++ b/tests/data/test1280 @@ -8,12 +8,12 @@ globbing # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 6 -Connection: close - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 6 +Connection: close + bytes @@ -33,7 +33,7 @@ http://%HOSTIP:%HTTPPORT/[a-d]/%TESTNUMBER # Verify data after the test has been "shot" - + GET /a/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1283 b/tests/data/test1283 index 93bca79a1c..402e45def2 100644 --- a/tests/data/test1283 +++ b/tests/data/test1283 @@ -11,12 +11,12 @@ globbing # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 6 -Connection: close - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 6 +Connection: close + bytes @@ -36,19 +36,19 @@ http://%HOSTIP:%HTTPPORT/[a-a][1-1][b-b:1][2-2:1]/%TESTNUMBER -o "%LOGDIR/outfil # Verify data after the test has been "shot" - + GET /a1b2/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION Accept: */* - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 6 -Connection: close - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 6 +Connection: close + bytes diff --git a/tests/data/test1284 b/tests/data/test1284 index a319b0cf47..b1a51009da 100644 --- a/tests/data/test1284 +++ b/tests/data/test1284 @@ -9,35 +9,35 @@ HTTP Digest auth # Server-side - -HTTP/1.1 401 authentication please -Server: Microsoft-IIS/6.0 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - + +HTTP/1.1 401 authentication please +Server: Microsoft-IIS/6.0 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + - -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 200 A OK +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok - -HTTP/1.1 401 authentication please -Server: Microsoft-IIS/6.0 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 401 authentication please +Server: Microsoft-IIS/6.0 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + +HTTP/1.1 200 A OK +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok diff --git a/tests/data/test1285 b/tests/data/test1285 index 9b7f0a0474..bc8b892732 100644 --- a/tests/data/test1285 +++ b/tests/data/test1285 @@ -9,35 +9,35 @@ HTTP Digest auth # Server-side - -HTTP/1.1 401 authentication please -Server: Microsoft-IIS/6.0 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - + +HTTP/1.1 401 authentication please +Server: Microsoft-IIS/6.0 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + - -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 200 A OK +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok - -HTTP/1.1 401 authentication please -Server: Microsoft-IIS/6.0 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 401 authentication please +Server: Microsoft-IIS/6.0 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + +HTTP/1.1 200 A OK +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok diff --git a/tests/data/test1286 b/tests/data/test1286 index 90f5e40be7..ab4c980891 100644 --- a/tests/data/test1286 +++ b/tests/data/test1286 @@ -10,48 +10,48 @@ followlocation # Server-side - -HTTP/1.1 401 authentication please -Server: Microsoft-IIS/6.0 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", qop="auth" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - + +HTTP/1.1 401 authentication please +Server: Microsoft-IIS/6.0 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", qop="auth" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + - -HTTP/1.1 302 Thanks for this, but we want to redir you! -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Location: /%TESTNUMBER0001 -Content-Length: 0 - + +HTTP/1.1 302 Thanks for this, but we want to redir you! +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Location: /%TESTNUMBER0001 +Content-Length: 0 + - -HTTP/1.1 404 Not Found -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - + +HTTP/1.1 404 Not Found +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + - -HTTP/1.1 401 authentication please -Server: Microsoft-IIS/6.0 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", qop="auth" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - -HTTP/1.1 302 Thanks for this, but we want to redir you! -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Location: /%TESTNUMBER0001 -Content-Length: 0 - -HTTP/1.1 404 Not Found -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - + +HTTP/1.1 401 authentication please +Server: Microsoft-IIS/6.0 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", qop="auth" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + +HTTP/1.1 302 Thanks for this, but we want to redir you! +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Location: /%TESTNUMBER0001 +Content-Length: 0 + +HTTP/1.1 404 Not Found +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + @@ -89,7 +89,7 @@ HTTP GET --digest increasing nonce-count if(s/^(Authorization: Digest )([^\r\n]+)(\r?\n)$//) { $_ = $1 . join(', ', map { s/^(cnonce=)"[a-zA-Z0-9+\/=]+"$/$1REMOVED/; s/^(response=)"[a-f0-9]{32}"$/$1REMOVED/; s/^qop="auth"$/qop=auth/; $_ } sort split(/, */, $2)) . $3; } - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1287 b/tests/data/test1287 index 314f1efe03..d2600b4978 100644 --- a/tests/data/test1287 +++ b/tests/data/test1287 @@ -11,38 +11,38 @@ verbose logs # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Content-Type: text/html -Funny-head: yesyes -Content-Length: 9 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Content-Type: text/html +Funny-head: yesyes +Content-Length: 9 + contents # The purpose of this test is to make sure curl ignores headers # Content-Length and Transfer-Encoding in a successful CONNECT 2xx reply. - -HTTP/1.1 200 Mighty fine indeed -Content-Length: 123 -Transfer-Encoding: chunked - + +HTTP/1.1 200 Mighty fine indeed +Content-Length: 123 +Transfer-Encoding: chunked + - -HTTP/1.1 200 Mighty fine indeed -Content-Length: 123 -Transfer-Encoding: chunked - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Content-Type: text/html -Funny-head: yesyes -Content-Length: 9 - + +HTTP/1.1 200 Mighty fine indeed +Content-Length: 123 +Transfer-Encoding: chunked + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Content-Type: text/html +Funny-head: yesyes +Content-Length: 9 + contents @@ -69,14 +69,14 @@ verbose-strings # # Verify data after the test has been "shot" - -CONNECT test.%TESTNUMBER:%HTTPPORT HTTP/1.1 -Host: test.%TESTNUMBER:%HTTPPORT -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - + +CONNECT test.%TESTNUMBER:%HTTPPORT HTTP/1.1 +Host: test.%TESTNUMBER:%HTTPPORT +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + - + GET /we/want/that/page/%TESTNUMBER HTTP/1.1 Host: test.%TESTNUMBER:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1288 b/tests/data/test1288 index 0581d0e7b0..b14bf8aae7 100644 --- a/tests/data/test1288 +++ b/tests/data/test1288 @@ -12,21 +12,21 @@ proxytunnel # # Server-side - -HTTP/1.1 200 Mighty fine indeed -Server: test tunnel 2000 - + +HTTP/1.1 200 Mighty fine indeed +Server: test tunnel 2000 + - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Type: text/html -Funny-head: yesyes -Content-Length: 9 -Connection: keep-alive - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/html +Funny-head: yesyes +Content-Length: 9 +Connection: keep-alive + contents @@ -52,14 +52,14 @@ proxy # # Verify data after the test has been "shot" - -CONNECT %HOSTIP:%HTTPPORT HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - + +CONNECT %HOSTIP:%HTTPPORT HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + - + GET /we/want/that/page/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test129 b/tests/data/test129 index c01842f07d..944d42bc7e 100644 --- a/tests/data/test129 +++ b/tests/data/test129 @@ -42,7 +42,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1290 b/tests/data/test1290 index 293a2131c8..3c6f8743d4 100644 --- a/tests/data/test1290 +++ b/tests/data/test1290 @@ -35,7 +35,7 @@ Verify URL globbing ignores [] # Verify data after the test has been "shot" - + GET /we/want/[]/page/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1296 b/tests/data/test1296 index 253c8c6c7a..50179aa7bf 100644 --- a/tests/data/test1296 +++ b/tests/data/test1296 @@ -41,7 +41,7 @@ http://user%0aname:password@%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[user%0aname:password]b64% diff --git a/tests/data/test1297 b/tests/data/test1297 index eda49ba5f9..47ad52597d 100644 --- a/tests/data/test1297 +++ b/tests/data/test1297 @@ -12,10 +12,10 @@ proxytunnel # # Server-side - -HTTP/1.1 200 Mighty fine indeed -Server: test tunnel 2000 - + +HTTP/1.1 200 Mighty fine indeed +Server: test tunnel 2000 + @@ -43,14 +43,14 @@ proxy # # Verify data after the test has been "shot" - -CONNECT %HOSTIP:%HTTPPORT HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - + +CONNECT %HOSTIP:%HTTPPORT HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + - + GET /we/want/that/page/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1298 b/tests/data/test1298 index 60c1b7b17e..39ec4d98ca 100644 --- a/tests/data/test1298 +++ b/tests/data/test1298 @@ -42,7 +42,7 @@ HTTP GET special path with --request-target # # Verify data after the test has been "shot" - + GET XXX HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test13 b/tests/data/test13 index 90c53724d8..6e1a1d019c 100644 --- a/tests/data/test13 +++ b/tests/data/test13 @@ -7,11 +7,11 @@ HTTP custom request # Server-side - -HTTP/1.1 200 Read you -Content-Length: 29 -Deleted: suppose we got a header like this! ;-) - + +HTTP/1.1 200 Read you +Content-Length: 29 +Deleted: suppose we got a header like this! ;-) + blabla custom request result @@ -31,7 +31,7 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -X DELETE # Verify data after the test has been "shot" - + DELETE /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1310 b/tests/data/test1310 index 4d164596c9..ec55eabf9b 100644 --- a/tests/data/test1310 +++ b/tests/data/test1310 @@ -40,7 +40,7 @@ http://%HOSTIP:%HTTPPORT/junk -J -O --show-headers --output-dir %LOGDIR # # Verify data after the test has been "shot" - + GET /junk HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1311 b/tests/data/test1311 index e5942fe1d6..24d6195b3d 100644 --- a/tests/data/test1311 +++ b/tests/data/test1311 @@ -39,7 +39,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -J -O --output-dir %LOGDIR # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1312 b/tests/data/test1312 index fcf3cbc0a1..28d9eb68ae 100644 --- a/tests/data/test1312 +++ b/tests/data/test1312 @@ -39,7 +39,7 @@ HTTP GET with -J, Content-Disposition and ; in filename # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1313 b/tests/data/test1313 index 16ce2bbf10..1df13ea092 100644 --- a/tests/data/test1313 +++ b/tests/data/test1313 @@ -39,7 +39,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -J -O --output-dir %LOGDIR # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1314 b/tests/data/test1314 index 3043466de3..3511d45139 100644 --- a/tests/data/test1314 +++ b/tests/data/test1314 @@ -63,7 +63,7 @@ proxy # Verify data after the test has been "shot" - + GET http://firstplace.example.com/want/%TESTNUMBER HTTP/1.1 Host: firstplace.example.com User-Agent: curl/%VERSION diff --git a/tests/data/test1316 b/tests/data/test1316 index 08d9ec7b85..b5cce9ba2f 100644 --- a/tests/data/test1316 +++ b/tests/data/test1316 @@ -13,10 +13,10 @@ HTTP proxy # Server-side - -HTTP/1.1 200 Mighty fine indeed -Magic: sure you can FTP me - + +HTTP/1.1 200 Mighty fine indeed +Magic: sure you can FTP me + diff --git a/tests/data/test1317 b/tests/data/test1317 index d81358997e..6b74e60fa6 100644 --- a/tests/data/test1317 +++ b/tests/data/test1317 @@ -43,7 +43,7 @@ HTTP with --resolve # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: example.com:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1318 b/tests/data/test1318 index 18188785d2..27e0d80c13 100644 --- a/tests/data/test1318 +++ b/tests/data/test1318 @@ -43,7 +43,7 @@ HTTP with --resolve and same host name using different cases # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: MiXeDcAsE.cOm:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1319 b/tests/data/test1319 index a4b32eec21..94fc74d4a0 100644 --- a/tests/data/test1319 +++ b/tests/data/test1319 @@ -12,10 +12,10 @@ HTTP proxy # Server-side - -HTTP/1.1 200 Mighty fine indeed -pop3: sure hit me - + +HTTP/1.1 200 Mighty fine indeed +pop3: sure hit me + # When doing LIST, we get the default list output hard-coded in the test @@ -70,12 +70,12 @@ PASS secret RETR %TESTNUMBER QUIT - -CONNECT pop.%TESTNUMBER:%POP3PORT HTTP/1.1 -Host: pop.%TESTNUMBER:%POP3PORT -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - + +CONNECT pop.%TESTNUMBER:%POP3PORT HTTP/1.1 +Host: pop.%TESTNUMBER:%POP3PORT +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test1320 b/tests/data/test1320 index 5061e8bed7..92a23a4e9f 100644 --- a/tests/data/test1320 +++ b/tests/data/test1320 @@ -11,10 +11,10 @@ HTTP proxy # # Server-side - -HTTP/1.1 200 Mighty fine indeed -smtp: sure hit me - + +HTTP/1.1 200 Mighty fine indeed +smtp: sure hit me + @@ -32,11 +32,11 @@ proxy SMTP send tunneled through HTTP proxy - -From: different -To: another - -body + +From: different +To: another + +body smtp://smtp.%TESTNUMBER:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -T - -p -x %HOSTIP:%PROXYPORT @@ -60,12 +60,12 @@ To: another body . - -CONNECT smtp.%TESTNUMBER:%SMTPPORT HTTP/1.1 -Host: smtp.%TESTNUMBER:%SMTPPORT -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - + +CONNECT smtp.%TESTNUMBER:%SMTPPORT HTTP/1.1 +Host: smtp.%TESTNUMBER:%SMTPPORT +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test1321 b/tests/data/test1321 index 0ccd858c0d..8acb5c69fe 100644 --- a/tests/data/test1321 +++ b/tests/data/test1321 @@ -12,28 +12,28 @@ HTTP proxy # # Server-side - -HTTP/1.1 200 Mighty fine indeed -imap: sure hit me - + +HTTP/1.1 200 Mighty fine indeed +imap: sure hit me + - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely @@ -66,12 +66,12 @@ A003 SELECT %TESTNUMBER A004 FETCH 1 BODY[] A005 LOGOUT - -CONNECT imap.%TESTNUMBER:%IMAPPORT HTTP/1.1 -Host: imap.%TESTNUMBER:%IMAPPORT -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - + +CONNECT imap.%TESTNUMBER:%IMAPPORT HTTP/1.1 +Host: imap.%TESTNUMBER:%IMAPPORT +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test1322 b/tests/data/test1322 index 6f87503432..a58891f95d 100644 --- a/tests/data/test1322 +++ b/tests/data/test1322 @@ -44,7 +44,7 @@ HTTP with --resolve and hostname with trailing dot # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: example.com.:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1324 b/tests/data/test1324 index 30b404fe23..d31deee2bd 100644 --- a/tests/data/test1324 +++ b/tests/data/test1324 @@ -48,7 +48,7 @@ HTTP with --resolve and [ipv6address] # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: example.com:%HTTP6PORT User-Agent: curl/%VERSION diff --git a/tests/data/test1325 b/tests/data/test1325 index 622981bd45..4037cf98c1 100644 --- a/tests/data/test1325 +++ b/tests/data/test1325 @@ -11,32 +11,32 @@ followlocation # # Server-side - -HTTP/1.1 308 OK swsclose -Location: %TESTNUMBER0002 -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close - + +HTTP/1.1 308 OK swsclose +Location: %TESTNUMBER0002 +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close + - -HTTP/1.1 200 OK swsclose -Location: this should be ignored -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close - + +HTTP/1.1 200 OK swsclose +Location: this should be ignored +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close + body - -HTTP/1.1 308 OK swsclose -Location: %TESTNUMBER0002 -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close - -HTTP/1.1 200 OK swsclose -Location: this should be ignored -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close - + +HTTP/1.1 308 OK swsclose +Location: %TESTNUMBER0002 +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close + +HTTP/1.1 200 OK swsclose +Location: this should be ignored +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close + body diff --git a/tests/data/test1326 b/tests/data/test1326 index c712faea6f..eb3005b2c1 100644 --- a/tests/data/test1326 +++ b/tests/data/test1326 @@ -28,9 +28,9 @@ telnet TELNET to HTTP server - -GET /we/want/%TESTNUMBER HTTP/1.0 - + +GET /we/want/%TESTNUMBER HTTP/1.0 + telnet://%HOSTIP:%HTTPPORT --upload-file - @@ -40,7 +40,7 @@ telnet://%HOSTIP:%HTTPPORT --upload-file - # # Verify data after the test has been "shot" - + GET /we/want/%TESTNUMBER HTTP/1.0 diff --git a/tests/data/test1327 b/tests/data/test1327 index cf1c9c7fbd..1a4ac89875 100644 --- a/tests/data/test1327 +++ b/tests/data/test1327 @@ -23,13 +23,13 @@ telnet TELNET check of upload with stdout redirected - -GET /ignore/for/%TESTNUMBER HTTP/1.0 - + +GET /ignore/for/%TESTNUMBER HTTP/1.0 + - -GET /we/want/%TESTNUMBER HTTP/1.0 - + +GET /we/want/%TESTNUMBER HTTP/1.0 + telnet://%HOSTIP:%HTTPPORT -T %LOGDIR/%TESTNUMBER.txt @@ -39,7 +39,7 @@ telnet://%HOSTIP:%HTTPPORT -T %LOGDIR/%TESTNUMBER.txt # # Verify data after the test has been "shot" - + GET /we/want/%TESTNUMBER HTTP/1.0 diff --git a/tests/data/test1328 b/tests/data/test1328 index b650946a41..5acfdcf97c 100644 --- a/tests/data/test1328 +++ b/tests/data/test1328 @@ -54,7 +54,7 @@ HTTP GET a globbed range with -f # # Verify data after the test has been "shot" - + GET /%TESTNUMBER0000 HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1331 b/tests/data/test1331 index 9c211cf366..7f8ff78680 100644 --- a/tests/data/test1331 +++ b/tests/data/test1331 @@ -14,39 +14,39 @@ cookies # Server-side - -HTTP/1.1 407 Me not know you swsbounce -Date: Tue, 25 Sep 2001 19:37:44 GMT -Content-Type: text/html -Set-Cookie: proxycookie=weirdo; Path=/ -Cache-control: private -Content-Length: 62 -Proxy-Authenticate: Basic realm="moo on you" - + +HTTP/1.1 407 Me not know you swsbounce +Date: Tue, 25 Sep 2001 19:37:44 GMT +Content-Type: text/html +Set-Cookie: proxycookie=weirdo; Path=/ +Cache-control: private +Content-Length: 62 +Proxy-Authenticate: Basic realm="moo on you" + This server reply is for testing a simple cookie test case... - -HTTP/1.1 200 Fine! -Content-Type: text/html -Content-Length: 6 - + +HTTP/1.1 200 Fine! +Content-Type: text/html +Content-Length: 6 + hello - -HTTP/1.1 407 Me not know you swsbounce -Date: Tue, 25 Sep 2001 19:37:44 GMT -Content-Type: text/html -Set-Cookie: proxycookie=weirdo; Path=/ -Cache-control: private -Content-Length: 62 -Proxy-Authenticate: Basic realm="moo on you" - -HTTP/1.1 200 Fine! -Content-Type: text/html -Content-Length: 6 - + +HTTP/1.1 407 Me not know you swsbounce +Date: Tue, 25 Sep 2001 19:37:44 GMT +Content-Type: text/html +Set-Cookie: proxycookie=weirdo; Path=/ +Cache-control: private +Content-Length: 62 +Proxy-Authenticate: Basic realm="moo on you" + +HTTP/1.1 200 Fine! +Content-Type: text/html +Content-Length: 6 + hello @@ -72,7 +72,7 @@ proxy # Verify data after the test has been "shot" - + GET http://z.x.com/%TESTNUMBER HTTP/1.1 Host: z.x.com User-Agent: curl/%VERSION diff --git a/tests/data/test1334 b/tests/data/test1334 index 2c12a7ce7a..c0f8508321 100644 --- a/tests/data/test1334 +++ b/tests/data/test1334 @@ -8,14 +8,14 @@ HTTP GET # - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + 12345 @@ -37,7 +37,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -O -D %LOGDIR/heads%TESTNUMBER --output-dir # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -49,14 +49,14 @@ Accept: */* 12345 - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + diff --git a/tests/data/test1335 b/tests/data/test1335 index f98e879d41..e4a11368ea 100644 --- a/tests/data/test1335 +++ b/tests/data/test1335 @@ -8,14 +8,14 @@ HTTP GET # - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + 12345 @@ -37,7 +37,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -O -D - --output-dir="%LOGDIR" # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -49,14 +49,14 @@ Accept: */* 12345 - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + diff --git a/tests/data/test1336 b/tests/data/test1336 index fabb3cf068..4f5aea4912 100644 --- a/tests/data/test1336 +++ b/tests/data/test1336 @@ -8,15 +8,15 @@ HTTP GET # - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + 12345 @@ -38,7 +38,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -O -D %LOGDIR/heads%TESTNUMBER --output-dir # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -50,15 +50,15 @@ Accept: */* 12345 - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + diff --git a/tests/data/test1337 b/tests/data/test1337 index 9781562420..71af37b3da 100644 --- a/tests/data/test1337 +++ b/tests/data/test1337 @@ -8,15 +8,15 @@ HTTP GET # - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + 12345 @@ -38,7 +38,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -O -D - --output-dir %LOGDIR # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -50,15 +50,15 @@ Accept: */* 12345 - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + > %LOGDIR/name%TESTNUMBER diff --git a/tests/data/test1338 b/tests/data/test1338 index beb58447cd..0d9caf171d 100644 --- a/tests/data/test1338 +++ b/tests/data/test1338 @@ -9,14 +9,14 @@ HTTP GET # - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + 12345 @@ -38,7 +38,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -J -O -D %LOGDIR/heads%TESTNUMBER --output- # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -50,14 +50,14 @@ Accept: */* 12345 - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + diff --git a/tests/data/test1339 b/tests/data/test1339 index f6ee7ac057..647c5afb5f 100644 --- a/tests/data/test1339 +++ b/tests/data/test1339 @@ -9,14 +9,14 @@ HTTP GET # - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + 12345 @@ -38,7 +38,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -J -O -D - --output-dir %LOGDIR # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -50,14 +50,14 @@ Accept: */* 12345 - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + diff --git a/tests/data/test1340 b/tests/data/test1340 index 91072c0aac..81af468544 100644 --- a/tests/data/test1340 +++ b/tests/data/test1340 @@ -9,15 +9,15 @@ HTTP GET # - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + 12345 @@ -39,7 +39,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -J -O -D %LOGDIR/heads%TESTNUMBER -w "curl # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -51,15 +51,15 @@ Accept: */* 12345 - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + diff --git a/tests/data/test1341 b/tests/data/test1341 index 0dcd2d03a8..0d1787dbcf 100644 --- a/tests/data/test1341 +++ b/tests/data/test1341 @@ -9,15 +9,15 @@ HTTP GET # - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + 12345 @@ -39,7 +39,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -J -O -D - -w "curl saved to filename %{fil # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -51,15 +51,15 @@ Accept: */* 12345 - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + curl saved to filename %LOGDIR/name%TESTNUMBER diff --git a/tests/data/test1342 b/tests/data/test1342 index 15e1f8ece0..baa0945eaa 100644 --- a/tests/data/test1342 +++ b/tests/data/test1342 @@ -8,14 +8,14 @@ HTTP GET # - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + 12345 @@ -37,7 +37,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -i -O -D %LOGDIR/heads%TESTNUMBER --output- # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -45,25 +45,25 @@ Accept: */* - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + 12345 - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + diff --git a/tests/data/test1343 b/tests/data/test1343 index 66401d1415..d9df0c44d7 100644 --- a/tests/data/test1343 +++ b/tests/data/test1343 @@ -8,14 +8,14 @@ HTTP GET # - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + 12345 @@ -37,7 +37,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -i -O -D - --output-dir %LOGDIR # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -45,25 +45,25 @@ Accept: */* - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + 12345 - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + diff --git a/tests/data/test1344 b/tests/data/test1344 index 50d9456932..e9f878b764 100644 --- a/tests/data/test1344 +++ b/tests/data/test1344 @@ -8,15 +8,15 @@ HTTP GET # - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + 12345 @@ -38,7 +38,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -i -O -D %LOGDIR/heads%TESTNUMBER --output- # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -46,27 +46,27 @@ Accept: */* - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + 12345 - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + diff --git a/tests/data/test1345 b/tests/data/test1345 index ac5cb063dd..ebf4f9c53c 100644 --- a/tests/data/test1345 +++ b/tests/data/test1345 @@ -8,15 +8,15 @@ HTTP GET # - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + 12345 @@ -38,7 +38,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -i -O -D - --output-dir %LOGDIR # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -46,27 +46,27 @@ Accept: */* - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + 12345 - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + %LOGDIR/name%TESTNUMBER diff --git a/tests/data/test1346 b/tests/data/test1346 index 81b170ecb9..5a9606b4bb 100644 --- a/tests/data/test1346 +++ b/tests/data/test1346 @@ -8,14 +8,14 @@ HTTP GET # - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + 12345 @@ -37,7 +37,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -i -O --output-dir %LOGDIR # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -45,14 +45,14 @@ Accept: */* - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + 12345 diff --git a/tests/data/test1347 b/tests/data/test1347 index e1e14cf568..b173086c56 100644 --- a/tests/data/test1347 +++ b/tests/data/test1347 @@ -8,15 +8,15 @@ HTTP GET # - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + 12345 @@ -38,7 +38,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -i -O --output-dir %LOGDIR # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -46,15 +46,15 @@ Accept: */* - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + 12345 diff --git a/tests/data/test1349 b/tests/data/test1349 index 9c74aed958..da34bcf87c 100644 --- a/tests/data/test1349 +++ b/tests/data/test1349 @@ -48,21 +48,21 @@ mooo # The final "221 bye bye baby" response to QUIT will not be recorded # since that is not considered part of this particular transfer! - -220- _ _ ____ _ -220- ___| | | | _ \| | -220- / __| | | | |_) | | -220- | (__| |_| | _ {| |___ -220 \___|\___/|_| \_\_____| -331 We are happy you popped in! -230 Welcome you silly person -257 "/" is current directory -250 CWD command successful. -229 Entering Passive Mode (stripped) -200 I modify TYPE as you wanted -213 10 -150 Binary data connection for %TESTNUMBER () (10 bytes). -226 File transfer complete + +220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% +220- ___| | | | _ \| |%spc%%spc%%spc%%spc% +220- / __| | | | |_) | |%spc%%spc%%spc%%spc% +220- | (__| |_| | _ {| |___%spc% +220 \___|\___/|_| \_\_____| +331 We are happy you popped in! +230 Welcome you silly person +257 "/" is current directory +250 CWD command successful. +229 Entering Passive Mode (stripped) +200 I modify TYPE as you wanted +213 10 +150 Binary data connection for %TESTNUMBER () (10 bytes). +226 File transfer complete s/^(229 Entering Passive Mode \().*(\).*)/${1}stripped${2}/ diff --git a/tests/data/test1350 b/tests/data/test1350 index fcf78744b3..a795a0bd32 100644 --- a/tests/data/test1350 +++ b/tests/data/test1350 @@ -48,21 +48,21 @@ mooo # The final "221 bye bye baby" response to QUIT will not be recorded # since that is not considered part of this particular transfer! - -220- _ _ ____ _ -220- ___| | | | _ \| | -220- / __| | | | |_) | | -220- | (__| |_| | _ {| |___ -220 \___|\___/|_| \_\_____| -331 We are happy you popped in! -230 Welcome you silly person -257 "/" is current directory -250 CWD command successful. -229 Entering Passive Mode (stripped) -200 I modify TYPE as you wanted -213 10 -150 Binary data connection for %TESTNUMBER () (10 bytes). -226 File transfer complete + +220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% +220- ___| | | | _ \| |%spc%%spc%%spc%%spc% +220- / __| | | | |_) | |%spc%%spc%%spc%%spc% +220- | (__| |_| | _ {| |___%spc% +220 \___|\___/|_| \_\_____| +331 We are happy you popped in! +230 Welcome you silly person +257 "/" is current directory +250 CWD command successful. +229 Entering Passive Mode (stripped) +200 I modify TYPE as you wanted +213 10 +150 Binary data connection for %TESTNUMBER () (10 bytes). +226 File transfer complete s/^(229 Entering Passive Mode \().*(\).*)/${1}stripped${2}/ diff --git a/tests/data/test1351 b/tests/data/test1351 index c1ed52d4a5..99625533ec 100644 --- a/tests/data/test1351 +++ b/tests/data/test1351 @@ -49,21 +49,21 @@ mooo # The final "221 bye bye baby" response to QUIT will not be recorded # since that is not considered part of this particular transfer! - -220- _ _ ____ _ -220- ___| | | | _ \| | -220- / __| | | | |_) | | -220- | (__| |_| | _ {| |___ -220 \___|\___/|_| \_\_____| -331 We are happy you popped in! -230 Welcome you silly person -257 "/" is current directory -250 CWD command successful. -229 Entering Passive Mode (stripped) -200 I modify TYPE as you wanted -213 10 -150 Binary data connection for %TESTNUMBER () (10 bytes). -226 File transfer complete + +220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% +220- ___| | | | _ \| |%spc%%spc%%spc%%spc% +220- / __| | | | |_) | |%spc%%spc%%spc%%spc% +220- | (__| |_| | _ {| |___%spc% +220 \___|\___/|_| \_\_____| +331 We are happy you popped in! +230 Welcome you silly person +257 "/" is current directory +250 CWD command successful. +229 Entering Passive Mode (stripped) +200 I modify TYPE as you wanted +213 10 +150 Binary data connection for %TESTNUMBER () (10 bytes). +226 File transfer complete s/^(229 Entering Passive Mode \().*(\).*)/${1}stripped${2}/ diff --git a/tests/data/test1352 b/tests/data/test1352 index c54ca4a217..0d48522dd6 100644 --- a/tests/data/test1352 +++ b/tests/data/test1352 @@ -49,21 +49,21 @@ mooo # The final "221 bye bye baby" response to QUIT will not be recorded # since that is not considered part of this particular transfer! - -220- _ _ ____ _ -220- ___| | | | _ \| | -220- / __| | | | |_) | | -220- | (__| |_| | _ {| |___ -220 \___|\___/|_| \_\_____| -331 We are happy you popped in! -230 Welcome you silly person -257 "/" is current directory -250 CWD command successful. -229 Entering Passive Mode (stripped) -200 I modify TYPE as you wanted -213 10 -150 Binary data connection for %TESTNUMBER () (10 bytes). -226 File transfer complete + +220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% +220- ___| | | | _ \| |%spc%%spc%%spc%%spc% +220- / __| | | | |_) | |%spc%%spc%%spc%%spc% +220- | (__| |_| | _ {| |___%spc% +220 \___|\___/|_| \_\_____| +331 We are happy you popped in! +230 Welcome you silly person +257 "/" is current directory +250 CWD command successful. +229 Entering Passive Mode (stripped) +200 I modify TYPE as you wanted +213 10 +150 Binary data connection for %TESTNUMBER () (10 bytes). +226 File transfer complete s/^(229 Entering Passive Mode \().*(\).*)/${1}stripped${2}/ diff --git a/tests/data/test1353 b/tests/data/test1353 index 2b6af8cf01..d8ad1c7760 100644 --- a/tests/data/test1353 +++ b/tests/data/test1353 @@ -48,21 +48,21 @@ mooo # The final "221 bye bye baby" response to QUIT will not be recorded # since that is not considered part of this particular transfer! - -220- _ _ ____ _ -220- ___| | | | _ \| | -220- / __| | | | |_) | | -220- | (__| |_| | _ {| |___ -220 \___|\___/|_| \_\_____| -331 We are happy you popped in! -230 Welcome you silly person -257 "/" is current directory -250 CWD command successful. -229 Entering Passive Mode (stripped) -200 I modify TYPE as you wanted -213 10 -150 Binary data connection for %TESTNUMBER () (10 bytes). -226 File transfer complete + +220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% +220- ___| | | | _ \| |%spc%%spc%%spc%%spc% +220- / __| | | | |_) | |%spc%%spc%%spc%%spc% +220- | (__| |_| | _ {| |___%spc% +220 \___|\___/|_| \_\_____| +331 We are happy you popped in! +230 Welcome you silly person +257 "/" is current directory +250 CWD command successful. +229 Entering Passive Mode (stripped) +200 I modify TYPE as you wanted +213 10 +150 Binary data connection for %TESTNUMBER () (10 bytes). +226 File transfer complete s/^(229 Entering Passive Mode \().*(\).*)/${1}stripped${2}/ diff --git a/tests/data/test1354 b/tests/data/test1354 index 3bf6ddde16..cde07f4605 100644 --- a/tests/data/test1354 +++ b/tests/data/test1354 @@ -46,21 +46,21 @@ fooo mooo - -220- _ _ ____ _ -220- ___| | | | _ \| | -220- / __| | | | |_) | | -220- | (__| |_| | _ {| |___ -220 \___|\___/|_| \_\_____| -331 We are happy you popped in! -230 Welcome you silly person -257 "/" is current directory -250 CWD command successful. -229 Entering Passive Mode (stripped) -200 I modify TYPE as you wanted -213 10 -150 Binary data connection for %TESTNUMBER () (10 bytes). -226 File transfer complete + +220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% +220- ___| | | | _ \| |%spc%%spc%%spc%%spc% +220- / __| | | | |_) | |%spc%%spc%%spc%%spc% +220- | (__| |_| | _ {| |___%spc% +220 \___|\___/|_| \_\_____| +331 We are happy you popped in! +230 Welcome you silly person +257 "/" is current directory +250 CWD command successful. +229 Entering Passive Mode (stripped) +200 I modify TYPE as you wanted +213 10 +150 Binary data connection for %TESTNUMBER () (10 bytes). +226 File transfer complete s/^(229 Entering Passive Mode \().*(\).*)/${1}stripped${2}/ diff --git a/tests/data/test1356 b/tests/data/test1356 index 55161e1437..e68f9322d6 100644 --- a/tests/data/test1356 +++ b/tests/data/test1356 @@ -9,15 +9,15 @@ RETR # Server-side # file%TESTNUMBER contents... - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + MOOOO @@ -49,15 +49,15 @@ RETR file%TESTNUMBER QUIT - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + MOOOO diff --git a/tests/data/test1357 b/tests/data/test1357 index 7e83e87feb..e81c5b46ad 100644 --- a/tests/data/test1357 +++ b/tests/data/test1357 @@ -61,21 +61,21 @@ Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange MOOOO - -220- _ _ ____ _ -220- ___| | | | _ \| | -220- / __| | | | |_) | | -220- | (__| |_| | _ {| |___ -220 \___|\___/|_| \_\_____| -331 We are happy you popped in! -230 Welcome you silly person -257 "/" is current directory -250 CWD command successful. -229 Entering Passive Mode (stripped) -200 I modify TYPE as you wanted -213 214 -150 Binary data connection for %TESTNUMBER () (214 bytes). -226 File transfer complete + +220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% +220- ___| | | | _ \| |%spc%%spc%%spc%%spc% +220- / __| | | | |_) | |%spc%%spc%%spc%%spc% +220- | (__| |_| | _ {| |___%spc% +220 \___|\___/|_| \_\_____| +331 We are happy you popped in! +230 Welcome you silly person +257 "/" is current directory +250 CWD command successful. +229 Entering Passive Mode (stripped) +200 I modify TYPE as you wanted +213 214 +150 Binary data connection for %TESTNUMBER () (214 bytes). +226 File transfer complete s/^(229 Entering Passive Mode \().*(\).*)/${1}stripped${2}/ diff --git a/tests/data/test1358 b/tests/data/test1358 index 3eb623cb6b..1bb1053cf9 100644 --- a/tests/data/test1358 +++ b/tests/data/test1358 @@ -61,21 +61,21 @@ Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange MOOOO - -220- _ _ ____ _ -220- ___| | | | _ \| | -220- / __| | | | |_) | | -220- | (__| |_| | _ {| |___ -220 \___|\___/|_| \_\_____| -331 We are happy you popped in! -230 Welcome you silly person -257 "/" is current directory -250 CWD command successful. -229 Entering Passive Mode (stripped) -200 I modify TYPE as you wanted -213 214 -150 Binary data connection for %TESTNUMBER () (214 bytes). -226 File transfer complete + +220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% +220- ___| | | | _ \| |%spc%%spc%%spc%%spc% +220- / __| | | | |_) | |%spc%%spc%%spc%%spc% +220- | (__| |_| | _ {| |___%spc% +220 \___|\___/|_| \_\_____| +331 We are happy you popped in! +230 Welcome you silly person +257 "/" is current directory +250 CWD command successful. +229 Entering Passive Mode (stripped) +200 I modify TYPE as you wanted +213 214 +150 Binary data connection for %TESTNUMBER () (214 bytes). +226 File transfer complete s/^(229 Entering Passive Mode \().*(\).*)/${1}stripped${2}/ diff --git a/tests/data/test1359 b/tests/data/test1359 index 98765b285d..5747206552 100644 --- a/tests/data/test1359 +++ b/tests/data/test1359 @@ -62,21 +62,21 @@ Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange MOOOO - -220- _ _ ____ _ -220- ___| | | | _ \| | -220- / __| | | | |_) | | -220- | (__| |_| | _ {| |___ -220 \___|\___/|_| \_\_____| -331 We are happy you popped in! -230 Welcome you silly person -257 "/" is current directory -250 CWD command successful. -229 Entering Passive Mode (stripped) -200 I modify TYPE as you wanted -213 214 -150 Binary data connection for %TESTNUMBER () (214 bytes). -226 File transfer complete + +220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% +220- ___| | | | _ \| |%spc%%spc%%spc%%spc% +220- / __| | | | |_) | |%spc%%spc%%spc%%spc% +220- | (__| |_| | _ {| |___%spc% +220 \___|\___/|_| \_\_____| +331 We are happy you popped in! +230 Welcome you silly person +257 "/" is current directory +250 CWD command successful. +229 Entering Passive Mode (stripped) +200 I modify TYPE as you wanted +213 214 +150 Binary data connection for %TESTNUMBER () (214 bytes). +226 File transfer complete s/^(229 Entering Passive Mode \().*(\).*)/${1}stripped${2}/ diff --git a/tests/data/test1360 b/tests/data/test1360 index 117ef84b37..acd4f8f6c3 100644 --- a/tests/data/test1360 +++ b/tests/data/test1360 @@ -62,21 +62,21 @@ Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange MOOOO - -220- _ _ ____ _ -220- ___| | | | _ \| | -220- / __| | | | |_) | | -220- | (__| |_| | _ {| |___ -220 \___|\___/|_| \_\_____| -331 We are happy you popped in! -230 Welcome you silly person -257 "/" is current directory -250 CWD command successful. -229 Entering Passive Mode (stripped) -200 I modify TYPE as you wanted -213 214 -150 Binary data connection for %TESTNUMBER () (214 bytes). -226 File transfer complete + +220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% +220- ___| | | | _ \| |%spc%%spc%%spc%%spc% +220- / __| | | | |_) | |%spc%%spc%%spc%%spc% +220- | (__| |_| | _ {| |___%spc% +220 \___|\___/|_| \_\_____| +331 We are happy you popped in! +230 Welcome you silly person +257 "/" is current directory +250 CWD command successful. +229 Entering Passive Mode (stripped) +200 I modify TYPE as you wanted +213 214 +150 Binary data connection for %TESTNUMBER () (214 bytes). +226 File transfer complete s/^(229 Entering Passive Mode \().*(\).*)/${1}stripped${2}/ diff --git a/tests/data/test1361 b/tests/data/test1361 index 9215c23ca2..390366817c 100644 --- a/tests/data/test1361 +++ b/tests/data/test1361 @@ -61,21 +61,21 @@ Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange MOOOO - -220- _ _ ____ _ -220- ___| | | | _ \| | -220- / __| | | | |_) | | -220- | (__| |_| | _ {| |___ -220 \___|\___/|_| \_\_____| -331 We are happy you popped in! -230 Welcome you silly person -257 "/" is current directory -250 CWD command successful. -229 Entering Passive Mode (stripped) -200 I modify TYPE as you wanted -213 214 -150 Binary data connection for %TESTNUMBER () (214 bytes). -226 File transfer complete + +220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% +220- ___| | | | _ \| |%spc%%spc%%spc%%spc% +220- / __| | | | |_) | |%spc%%spc%%spc%%spc% +220- | (__| |_| | _ {| |___%spc% +220 \___|\___/|_| \_\_____| +331 We are happy you popped in! +230 Welcome you silly person +257 "/" is current directory +250 CWD command successful. +229 Entering Passive Mode (stripped) +200 I modify TYPE as you wanted +213 214 +150 Binary data connection for %TESTNUMBER () (214 bytes). +226 File transfer complete s/^(229 Entering Passive Mode \().*(\).*)/${1}stripped${2}/ diff --git a/tests/data/test1362 b/tests/data/test1362 index 9ad0fa7424..f4ea691756 100644 --- a/tests/data/test1362 +++ b/tests/data/test1362 @@ -61,21 +61,21 @@ Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange MOOOO - -220- _ _ ____ _ -220- ___| | | | _ \| | -220- / __| | | | |_) | | -220- | (__| |_| | _ {| |___ -220 \___|\___/|_| \_\_____| -331 We are happy you popped in! -230 Welcome you silly person -257 "/" is current directory -250 CWD command successful. -229 Entering Passive Mode (stripped) -200 I modify TYPE as you wanted -213 214 -150 Binary data connection for %TESTNUMBER () (214 bytes). -226 File transfer complete + +220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% +220- ___| | | | _ \| |%spc%%spc%%spc%%spc% +220- / __| | | | |_) | |%spc%%spc%%spc%%spc% +220- | (__| |_| | _ {| |___%spc% +220 \___|\___/|_| \_\_____| +331 We are happy you popped in! +230 Welcome you silly person +257 "/" is current directory +250 CWD command successful. +229 Entering Passive Mode (stripped) +200 I modify TYPE as you wanted +213 214 +150 Binary data connection for %TESTNUMBER () (214 bytes). +226 File transfer complete s/^(229 Entering Passive Mode \().*(\).*)/${1}stripped${2}/ diff --git a/tests/data/test1363 b/tests/data/test1363 index 876304a39c..ab4a8b1101 100644 --- a/tests/data/test1363 +++ b/tests/data/test1363 @@ -9,15 +9,15 @@ RETR # Server-side # file%TESTNUMBER contents... - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + MOOOO @@ -49,15 +49,15 @@ RETR file%TESTNUMBER QUIT - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + MOOOO diff --git a/tests/data/test1364 b/tests/data/test1364 index 05b10105bb..008283dee4 100644 --- a/tests/data/test1364 +++ b/tests/data/test1364 @@ -8,14 +8,14 @@ HTTP GET # - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + 12345 @@ -37,7 +37,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -o %LOGDIR/outfile%TESTNUMBER -D %LOGDIR/he # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -49,14 +49,14 @@ Accept: */* 12345 - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + diff --git a/tests/data/test1365 b/tests/data/test1365 index 8643199f2d..b332778c51 100644 --- a/tests/data/test1365 +++ b/tests/data/test1365 @@ -8,14 +8,14 @@ HTTP GET # - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + 12345 @@ -37,7 +37,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -o %LOGDIR/outfile%TESTNUMBER -D - # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -49,14 +49,14 @@ Accept: */* 12345 - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + diff --git a/tests/data/test1366 b/tests/data/test1366 index 2b8d65ed20..f2727c32aa 100644 --- a/tests/data/test1366 +++ b/tests/data/test1366 @@ -8,15 +8,15 @@ HTTP GET # - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + 12345 @@ -38,7 +38,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -o %LOGDIR/outfile%TESTNUMBER -D %LOGDIR/he # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -50,15 +50,15 @@ Accept: */* 12345 - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + diff --git a/tests/data/test1367 b/tests/data/test1367 index d665b770d1..ed86946a16 100644 --- a/tests/data/test1367 +++ b/tests/data/test1367 @@ -8,15 +8,15 @@ HTTP GET # - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + 12345 @@ -38,7 +38,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -o %LOGDIR/outfile%TESTNUMBER -D - # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -50,15 +50,15 @@ Accept: */* 12345 - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + diff --git a/tests/data/test1368 b/tests/data/test1368 index cbe8d64d6b..c8930106fa 100644 --- a/tests/data/test1368 +++ b/tests/data/test1368 @@ -9,14 +9,14 @@ HTTP GET # - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + 12345 @@ -38,7 +38,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -J -o %LOGDIR/outfile%TESTNUMBER -D %LOGDIR # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -50,14 +50,14 @@ Accept: */* 12345 - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + diff --git a/tests/data/test1369 b/tests/data/test1369 index bc818ce774..2dc5999c4f 100644 --- a/tests/data/test1369 +++ b/tests/data/test1369 @@ -9,14 +9,14 @@ HTTP GET # - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + 12345 @@ -38,7 +38,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -J -o %LOGDIR/outfile%TESTNUMBER -D - # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -50,14 +50,14 @@ Accept: */* 12345 - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + diff --git a/tests/data/test1370 b/tests/data/test1370 index 0a08c0b8e3..ceaa90168d 100644 --- a/tests/data/test1370 +++ b/tests/data/test1370 @@ -9,15 +9,15 @@ HTTP GET # - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + 12345 @@ -39,7 +39,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -J -o %LOGDIR/outfile%TESTNUMBER -D %LOGDIR # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -51,15 +51,15 @@ Accept: */* 12345 - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + diff --git a/tests/data/test1371 b/tests/data/test1371 index 145a0a7a53..293b105210 100644 --- a/tests/data/test1371 +++ b/tests/data/test1371 @@ -9,15 +9,15 @@ HTTP GET # - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + 12345 @@ -39,7 +39,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -J -o %LOGDIR/outfile%TESTNUMBER -D - # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -51,15 +51,15 @@ Accept: */* 12345 - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + diff --git a/tests/data/test1372 b/tests/data/test1372 index c005a39a74..1ac567f91f 100644 --- a/tests/data/test1372 +++ b/tests/data/test1372 @@ -8,14 +8,14 @@ HTTP GET # - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + 12345 @@ -37,7 +37,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -i -o %LOGDIR/outfile%TESTNUMBER -D %LOGDIR # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -45,25 +45,25 @@ Accept: */* - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + 12345 - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + diff --git a/tests/data/test1373 b/tests/data/test1373 index 33634c92fb..e722bb11ba 100644 --- a/tests/data/test1373 +++ b/tests/data/test1373 @@ -8,14 +8,14 @@ HTTP GET # - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + 12345 @@ -37,7 +37,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -i -o %LOGDIR/outfile%TESTNUMBER -D - # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -45,25 +45,25 @@ Accept: */* - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + 12345 - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + diff --git a/tests/data/test1374 b/tests/data/test1374 index 6dda004788..a093fc948b 100644 --- a/tests/data/test1374 +++ b/tests/data/test1374 @@ -8,15 +8,15 @@ HTTP GET # - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + 12345 @@ -38,7 +38,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -i -o %LOGDIR/outfile%TESTNUMBER -D %LOGDIR # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -46,27 +46,27 @@ Accept: */* - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + 12345 - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + diff --git a/tests/data/test1375 b/tests/data/test1375 index c226dc566f..2fc12d5648 100644 --- a/tests/data/test1375 +++ b/tests/data/test1375 @@ -38,7 +38,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -i -o %LOGDIR/outfile%TESTNUMBER -D - # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -46,27 +46,27 @@ Accept: */* - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + 12345 - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + diff --git a/tests/data/test1376 b/tests/data/test1376 index ce11a423b7..dd920d813e 100644 --- a/tests/data/test1376 +++ b/tests/data/test1376 @@ -37,7 +37,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -i -o %LOGDIR/outfile%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -45,14 +45,14 @@ Accept: */* - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html + 12345 diff --git a/tests/data/test1377 b/tests/data/test1377 index 52495d524b..d8e623b21c 100644 --- a/tests/data/test1377 +++ b/tests/data/test1377 @@ -38,7 +38,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -i -o %LOGDIR/outfile%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -46,15 +46,15 @@ Accept: */* - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + 12345 diff --git a/tests/data/test1379 b/tests/data/test1379 index 953c9b6cd8..f938ba659e 100644 --- a/tests/data/test1379 +++ b/tests/data/test1379 @@ -46,21 +46,21 @@ fooo mooo - -220- _ _ ____ _ -220- ___| | | | _ \| | -220- / __| | | | |_) | | -220- | (__| |_| | _ {| |___ -220 \___|\___/|_| \_\_____| -331 We are happy you popped in! -230 Welcome you silly person -257 "/" is current directory -250 CWD command successful. -229 Entering Passive Mode (stripped) -200 I modify TYPE as you wanted -213 10 -150 Binary data connection for %TESTNUMBER () (10 bytes). -226 File transfer complete + +220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% +220- ___| | | | _ \| |%spc%%spc%%spc%%spc% +220- / __| | | | |_) | |%spc%%spc%%spc%%spc% +220- | (__| |_| | _ {| |___%spc% +220 \___|\___/|_| \_\_____| +331 We are happy you popped in! +230 Welcome you silly person +257 "/" is current directory +250 CWD command successful. +229 Entering Passive Mode (stripped) +200 I modify TYPE as you wanted +213 10 +150 Binary data connection for %TESTNUMBER () (10 bytes). +226 File transfer complete s/^(229 Entering Passive Mode \().*(\).*)/${1}stripped${2}/ diff --git a/tests/data/test1380 b/tests/data/test1380 index b106b3c7fc..d6dc739d82 100644 --- a/tests/data/test1380 +++ b/tests/data/test1380 @@ -46,21 +46,21 @@ fooo mooo - -220- _ _ ____ _ -220- ___| | | | _ \| | -220- / __| | | | |_) | | -220- | (__| |_| | _ {| |___ -220 \___|\___/|_| \_\_____| -331 We are happy you popped in! -230 Welcome you silly person -257 "/" is current directory -250 CWD command successful. -229 Entering Passive Mode (stripped) -200 I modify TYPE as you wanted -213 10 -150 Binary data connection for %TESTNUMBER () (10 bytes). -226 File transfer complete + +220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% +220- ___| | | | _ \| |%spc%%spc%%spc%%spc% +220- / __| | | | |_) | |%spc%%spc%%spc%%spc% +220- | (__| |_| | _ {| |___%spc% +220 \___|\___/|_| \_\_____| +331 We are happy you popped in! +230 Welcome you silly person +257 "/" is current directory +250 CWD command successful. +229 Entering Passive Mode (stripped) +200 I modify TYPE as you wanted +213 10 +150 Binary data connection for %TESTNUMBER () (10 bytes). +226 File transfer complete s/^(229 Entering Passive Mode \().*(\).*)/${1}stripped${2}/ diff --git a/tests/data/test1381 b/tests/data/test1381 index 7d4ef7ba33..520d0a066b 100644 --- a/tests/data/test1381 +++ b/tests/data/test1381 @@ -47,21 +47,21 @@ fooo mooo - -220- _ _ ____ _ -220- ___| | | | _ \| | -220- / __| | | | |_) | | -220- | (__| |_| | _ {| |___ -220 \___|\___/|_| \_\_____| -331 We are happy you popped in! -230 Welcome you silly person -257 "/" is current directory -250 CWD command successful. -229 Entering Passive Mode (stripped) -200 I modify TYPE as you wanted -213 10 -150 Binary data connection for %TESTNUMBER () (10 bytes). -226 File transfer complete + +220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% +220- ___| | | | _ \| |%spc%%spc%%spc%%spc% +220- / __| | | | |_) | |%spc%%spc%%spc%%spc% +220- | (__| |_| | _ {| |___%spc% +220 \___|\___/|_| \_\_____| +331 We are happy you popped in! +230 Welcome you silly person +257 "/" is current directory +250 CWD command successful. +229 Entering Passive Mode (stripped) +200 I modify TYPE as you wanted +213 10 +150 Binary data connection for %TESTNUMBER () (10 bytes). +226 File transfer complete s/^(229 Entering Passive Mode \().*(\).*)/${1}stripped${2}/ diff --git a/tests/data/test1382 b/tests/data/test1382 index 7c4cc6e290..c9f53dd065 100644 --- a/tests/data/test1382 +++ b/tests/data/test1382 @@ -47,21 +47,21 @@ fooo mooo - -220- _ _ ____ _ -220- ___| | | | _ \| | -220- / __| | | | |_) | | -220- | (__| |_| | _ {| |___ -220 \___|\___/|_| \_\_____| -331 We are happy you popped in! -230 Welcome you silly person -257 "/" is current directory -250 CWD command successful. -229 Entering Passive Mode (stripped) -200 I modify TYPE as you wanted -213 10 -150 Binary data connection for %TESTNUMBER () (10 bytes). -226 File transfer complete + +220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% +220- ___| | | | _ \| |%spc%%spc%%spc%%spc% +220- / __| | | | |_) | |%spc%%spc%%spc%%spc% +220- | (__| |_| | _ {| |___%spc% +220 \___|\___/|_| \_\_____| +331 We are happy you popped in! +230 Welcome you silly person +257 "/" is current directory +250 CWD command successful. +229 Entering Passive Mode (stripped) +200 I modify TYPE as you wanted +213 10 +150 Binary data connection for %TESTNUMBER () (10 bytes). +226 File transfer complete s/^(229 Entering Passive Mode \().*(\).*)/${1}stripped${2}/ diff --git a/tests/data/test1383 b/tests/data/test1383 index c8b1d119b9..24e339d978 100644 --- a/tests/data/test1383 +++ b/tests/data/test1383 @@ -46,21 +46,21 @@ fooo mooo - -220- _ _ ____ _ -220- ___| | | | _ \| | -220- / __| | | | |_) | | -220- | (__| |_| | _ {| |___ -220 \___|\___/|_| \_\_____| -331 We are happy you popped in! -230 Welcome you silly person -257 "/" is current directory -250 CWD command successful. -229 Entering Passive Mode (stripped) -200 I modify TYPE as you wanted -213 10 -150 Binary data connection for %TESTNUMBER () (10 bytes). -226 File transfer complete + +220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% +220- ___| | | | _ \| |%spc%%spc%%spc%%spc% +220- / __| | | | |_) | |%spc%%spc%%spc%%spc% +220- | (__| |_| | _ {| |___%spc% +220 \___|\___/|_| \_\_____| +331 We are happy you popped in! +230 Welcome you silly person +257 "/" is current directory +250 CWD command successful. +229 Entering Passive Mode (stripped) +200 I modify TYPE as you wanted +213 10 +150 Binary data connection for %TESTNUMBER () (10 bytes). +226 File transfer complete s/^(229 Entering Passive Mode \().*(\).*)/${1}stripped${2}/ diff --git a/tests/data/test1384 b/tests/data/test1384 index 3f99d28bfe..490d9a5e8b 100644 --- a/tests/data/test1384 +++ b/tests/data/test1384 @@ -46,21 +46,21 @@ fooo mooo - -220- _ _ ____ _ -220- ___| | | | _ \| | -220- / __| | | | |_) | | -220- | (__| |_| | _ {| |___ -220 \___|\___/|_| \_\_____| -331 We are happy you popped in! -230 Welcome you silly person -257 "/" is current directory -250 CWD command successful. -229 Entering Passive Mode (stripped) -200 I modify TYPE as you wanted -213 10 -150 Binary data connection for %TESTNUMBER () (10 bytes). -226 File transfer complete + +220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% +220- ___| | | | _ \| |%spc%%spc%%spc%%spc% +220- / __| | | | |_) | |%spc%%spc%%spc%%spc% +220- | (__| |_| | _ {| |___%spc% +220 \___|\___/|_| \_\_____| +331 We are happy you popped in! +230 Welcome you silly person +257 "/" is current directory +250 CWD command successful. +229 Entering Passive Mode (stripped) +200 I modify TYPE as you wanted +213 10 +150 Binary data connection for %TESTNUMBER () (10 bytes). +226 File transfer complete s/^(229 Entering Passive Mode \().*(\).*)/${1}stripped${2}/ diff --git a/tests/data/test1386 b/tests/data/test1386 index 622afb41c0..e4e3b7b946 100644 --- a/tests/data/test1386 +++ b/tests/data/test1386 @@ -9,15 +9,15 @@ RETR # Server-side # file%TESTNUMBER contents... - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + MOOOO @@ -49,15 +49,15 @@ RETR file%TESTNUMBER QUIT - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + MOOOO diff --git a/tests/data/test1387 b/tests/data/test1387 index a5531aa201..4002c28e01 100644 --- a/tests/data/test1387 +++ b/tests/data/test1387 @@ -9,15 +9,15 @@ RETR # Server-side # file%TESTNUMBER contents... - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + MOOOO @@ -49,33 +49,33 @@ RETR file%TESTNUMBER QUIT - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + MOOOO - -220- _ _ ____ _ -220- ___| | | | _ \| | -220- / __| | | | |_) | | -220- | (__| |_| | _ {| |___ -220 \___|\___/|_| \_\_____| -331 We are happy you popped in! -230 Welcome you silly person -257 "/" is current directory -250 CWD command successful. -229 Entering Passive Mode (stripped) -200 I modify TYPE as you wanted -213 222 -150 Binary data connection for %TESTNUMBER () (222 bytes). -226 File transfer complete + +220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% +220- ___| | | | _ \| |%spc%%spc%%spc%%spc% +220- / __| | | | |_) | |%spc%%spc%%spc%%spc% +220- | (__| |_| | _ {| |___%spc% +220 \___|\___/|_| \_\_____| +331 We are happy you popped in! +230 Welcome you silly person +257 "/" is current directory +250 CWD command successful. +229 Entering Passive Mode (stripped) +200 I modify TYPE as you wanted +213 222 +150 Binary data connection for %TESTNUMBER () (222 bytes). +226 File transfer complete s/^(229 Entering Passive Mode \().*(\).*)/${1}stripped${2}/ diff --git a/tests/data/test1388 b/tests/data/test1388 index 8630be7877..21491ab40f 100644 --- a/tests/data/test1388 +++ b/tests/data/test1388 @@ -9,15 +9,15 @@ RETR # Server-side # file%TESTNUMBER contents... - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + MOOOO @@ -49,33 +49,33 @@ RETR file%TESTNUMBER QUIT - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + MOOOO - -220- _ _ ____ _ -220- ___| | | | _ \| | -220- / __| | | | |_) | | -220- | (__| |_| | _ {| |___ -220 \___|\___/|_| \_\_____| -331 We are happy you popped in! -230 Welcome you silly person -257 "/" is current directory -250 CWD command successful. -229 Entering Passive Mode (stripped) -200 I modify TYPE as you wanted -213 222 -150 Binary data connection for %TESTNUMBER () (222 bytes). -226 File transfer complete + +220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% +220- ___| | | | _ \| |%spc%%spc%%spc%%spc% +220- / __| | | | |_) | |%spc%%spc%%spc%%spc% +220- | (__| |_| | _ {| |___%spc% +220 \___|\___/|_| \_\_____| +331 We are happy you popped in! +230 Welcome you silly person +257 "/" is current directory +250 CWD command successful. +229 Entering Passive Mode (stripped) +200 I modify TYPE as you wanted +213 222 +150 Binary data connection for %TESTNUMBER () (222 bytes). +226 File transfer complete s/^(229 Entering Passive Mode \().*(\).*)/${1}stripped${2}/ diff --git a/tests/data/test1389 b/tests/data/test1389 index 53fda6cd59..2f247d45dc 100644 --- a/tests/data/test1389 +++ b/tests/data/test1389 @@ -10,15 +10,15 @@ RETR # Server-side # file%TESTNUMBER contents... - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + MOOOO @@ -50,36 +50,36 @@ RETR file%TESTNUMBER QUIT - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + MOOOO - -220- _ _ ____ _ -220- ___| | | | _ \| | -220- / __| | | | |_) | | -220- | (__| |_| | _ {| |___ -220 \___|\___/|_| \_\_____| -331 We are happy you popped in! -230 Welcome you silly person -257 "/" is current directory -250 CWD command successful. -229 Entering Passive Mode (stripped) -200 I modify TYPE as you wanted -213 222 -150 Binary data connection for %TESTNUMBER () (222 bytes). -226 File transfer complete + +220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% +220- ___| | | | _ \| |%spc%%spc%%spc%%spc% +220- / __| | | | |_) | |%spc%%spc%%spc%%spc% +220- | (__| |_| | _ {| |___%spc% +220 \___|\___/|_| \_\_____| +331 We are happy you popped in! +230 Welcome you silly person +257 "/" is current directory +250 CWD command successful. +229 Entering Passive Mode (stripped) +200 I modify TYPE as you wanted +213 222 +150 Binary data connection for %TESTNUMBER () (222 bytes). +226 File transfer complete -s/^(229 Entering Passive Mode \().*(\).*)/${1}stripped${2}/ +s/^(229 Entering Passive Mode \().*(\)\S*)/${1}stripped${2}/ diff --git a/tests/data/test1390 b/tests/data/test1390 index b86e099d75..9c180b65a6 100644 --- a/tests/data/test1390 +++ b/tests/data/test1390 @@ -10,15 +10,15 @@ RETR # Server-side # file%TESTNUMBER contents... - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + MOOOO @@ -50,33 +50,33 @@ RETR file%TESTNUMBER QUIT - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + MOOOO - -220- _ _ ____ _ -220- ___| | | | _ \| | -220- / __| | | | |_) | | -220- | (__| |_| | _ {| |___ -220 \___|\___/|_| \_\_____| -331 We are happy you popped in! -230 Welcome you silly person -257 "/" is current directory -250 CWD command successful. -229 Entering Passive Mode (stripped) -200 I modify TYPE as you wanted -213 222 -150 Binary data connection for %TESTNUMBER () (222 bytes). -226 File transfer complete + +220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% +220- ___| | | | _ \| |%spc%%spc%%spc%%spc% +220- / __| | | | |_) | |%spc%%spc%%spc%%spc% +220- | (__| |_| | _ {| |___%spc% +220 \___|\___/|_| \_\_____| +331 We are happy you popped in! +230 Welcome you silly person +257 "/" is current directory +250 CWD command successful. +229 Entering Passive Mode (stripped) +200 I modify TYPE as you wanted +213 222 +150 Binary data connection for %TESTNUMBER () (222 bytes). +226 File transfer complete s/^(229 Entering Passive Mode \().*(\).*)/${1}stripped${2}/ diff --git a/tests/data/test1391 b/tests/data/test1391 index d9350b8677..f29e028592 100644 --- a/tests/data/test1391 +++ b/tests/data/test1391 @@ -9,15 +9,15 @@ RETR # Server-side # file%TESTNUMBER contents... - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + MOOOO @@ -49,33 +49,33 @@ RETR file%TESTNUMBER QUIT - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + MOOOO - -220- _ _ ____ _ -220- ___| | | | _ \| | -220- / __| | | | |_) | | -220- | (__| |_| | _ {| |___ -220 \___|\___/|_| \_\_____| -331 We are happy you popped in! -230 Welcome you silly person -257 "/" is current directory -250 CWD command successful. -229 Entering Passive Mode (stripped) -200 I modify TYPE as you wanted -213 222 -150 Binary data connection for %TESTNUMBER () (222 bytes). -226 File transfer complete + +220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% +220- ___| | | | _ \| |%spc%%spc%%spc%%spc% +220- / __| | | | |_) | |%spc%%spc%%spc%%spc% +220- | (__| |_| | _ {| |___%spc% +220 \___|\___/|_| \_\_____| +331 We are happy you popped in! +230 Welcome you silly person +257 "/" is current directory +250 CWD command successful. +229 Entering Passive Mode (stripped) +200 I modify TYPE as you wanted +213 222 +150 Binary data connection for %TESTNUMBER () (222 bytes). +226 File transfer complete s/^(229 Entering Passive Mode \().*(\).*)/${1}stripped${2}/ diff --git a/tests/data/test1392 b/tests/data/test1392 index 572841e5b5..598facd156 100644 --- a/tests/data/test1392 +++ b/tests/data/test1392 @@ -9,15 +9,15 @@ RETR # Server-side # file%TESTNUMBER contents... - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + MOOOO @@ -49,33 +49,33 @@ RETR file%TESTNUMBER QUIT - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + MOOOO - -220- _ _ ____ _ -220- ___| | | | _ \| | -220- / __| | | | |_) | | -220- | (__| |_| | _ {| |___ -220 \___|\___/|_| \_\_____| -331 We are happy you popped in! -230 Welcome you silly person -257 "/" is current directory -250 CWD command successful. -229 Entering Passive Mode (stripped) -200 I modify TYPE as you wanted -213 222 -150 Binary data connection for %TESTNUMBER () (222 bytes). -226 File transfer complete + +220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% +220- ___| | | | _ \| |%spc%%spc%%spc%%spc% +220- / __| | | | |_) | |%spc%%spc%%spc%%spc% +220- | (__| |_| | _ {| |___%spc% +220 \___|\___/|_| \_\_____| +331 We are happy you popped in! +230 Welcome you silly person +257 "/" is current directory +250 CWD command successful. +229 Entering Passive Mode (stripped) +200 I modify TYPE as you wanted +213 222 +150 Binary data connection for %TESTNUMBER () (222 bytes). +226 File transfer complete s/^(229 Entering Passive Mode \().*(\).*)/${1}stripped${2}/ diff --git a/tests/data/test1393 b/tests/data/test1393 index 08946ee9ec..b436439e35 100644 --- a/tests/data/test1393 +++ b/tests/data/test1393 @@ -9,15 +9,15 @@ RETR # Server-side # file%TESTNUMBER contents... - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + MOOOO @@ -49,15 +49,15 @@ RETR file%TESTNUMBER QUIT - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange + MOOOO diff --git a/tests/data/test14 b/tests/data/test14 index 32ff62746e..dde6c8880a 100644 --- a/tests/data/test14 +++ b/tests/data/test14 @@ -30,7 +30,7 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -i --head # Verify data after the test has been "shot" - + HEAD /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1400 b/tests/data/test1400 index 1ff85505ca..5ed32360d9 100644 --- a/tests/data/test1400 +++ b/tests/data/test1400 @@ -40,7 +40,7 @@ http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER --libcurl %LOGDIR/test%TESTNUMBER.c # Verify data after the test has been "shot" - + GET /we/want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1401 b/tests/data/test1401 index 5cb90eeacb..a24c81cb94 100644 --- a/tests/data/test1401 +++ b/tests/data/test1401 @@ -48,7 +48,7 @@ http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER --libcurl %LOGDIR/test%TESTNUMBER.c # Verify data after the test has been "shot" - + GET /we/want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[fake:user]b64% diff --git a/tests/data/test1403 b/tests/data/test1403 index a6e56d9ff0..9632816894 100644 --- a/tests/data/test1403 +++ b/tests/data/test1403 @@ -41,7 +41,7 @@ http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER --libcurl %LOGDIR/test%TESTNUMBER.c # Verify data after the test has been "shot" - + GET /we/want/%TESTNUMBER?foo=bar&baz=quux HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1406 b/tests/data/test1406 index ba7a325dd9..bdd142159d 100644 --- a/tests/data/test1406 +++ b/tests/data/test1406 @@ -12,7 +12,7 @@ SMTP # Server-side -CAPA SIZE +CAPA SIZE @@ -28,11 +28,11 @@ smtp SSL_CERT_FILE - -From: different -To: another - -body + +From: different +To: another + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient.one@example.com --mail-rcpt recipient.two@example.com --mail-from sender@example.com -T %LOGDIR/test%TESTNUMBER.eml --libcurl %LOGDIR/test%TESTNUMBER.c diff --git a/tests/data/test1407 b/tests/data/test1407 index cb838fc067..fad62abd06 100644 --- a/tests/data/test1407 +++ b/tests/data/test1407 @@ -3,7 +3,7 @@ POP3 -Clear Text +Clear Text LIST --libcurl diff --git a/tests/data/test1408 b/tests/data/test1408 index d46634ebee..1ae279c348 100644 --- a/tests/data/test1408 +++ b/tests/data/test1408 @@ -56,7 +56,7 @@ HTTP receive cookies over IPV6 # # Verify data after the test has been "shot" - + GET /path/%TESTNUMBER0001 HTTP/1.1 Host: %HOST6IP:%HTTP6PORT User-Agent: curl/%VERSION diff --git a/tests/data/test141 b/tests/data/test141 index 7a7b4f648b..c33349fa80 100644 --- a/tests/data/test141 +++ b/tests/data/test141 @@ -43,10 +43,10 @@ SIZE %TESTNUMBER REST 0 QUIT - -Last-Modified: Wed, 09 Apr 2003 10:26:59 GMT -Content-Length: 42 -Accept-ranges: bytes + +Last-Modified: Wed, 09 Apr 2003 10:26:59 GMT +Content-Length: 42 +Accept-ranges: bytes diff --git a/tests/data/test1411 b/tests/data/test1411 index f70cfa4856..ae58242f22 100644 --- a/tests/data/test1411 +++ b/tests/data/test1411 @@ -46,7 +46,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -T %LOGDIR/empty%TESTNUMBER # # Verify data after the test has been "shot" - + PUT /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1412 b/tests/data/test1412 index 7b665f12ab..d2e2be88e4 100644 --- a/tests/data/test1412 +++ b/tests/data/test1412 @@ -13,69 +13,69 @@ HTTP Digest auth auth_required - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" -WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" -WWW-Authenticate: Digest realm="gimme all yer s3cr3ts", nonce="11223344" -Content-Type: text/html; charset=iso-8859-1 -Connection: close - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" +WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" +WWW-Authenticate: Digest realm="gimme all yer s3cr3ts", nonce="11223344" +Content-Type: text/html; charset=iso-8859-1 +Connection: close + This is not the real page # The second URL will get this response - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" -WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" -WWW-Authenticate: Digest realm="gimme all yer s3cr3ts", nonce="11223344" -Content-Type: text/html; charset=iso-8859-1 -Connection: close - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" +WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" +WWW-Authenticate: Digest realm="gimme all yer s3cr3ts", nonce="11223344" +Content-Type: text/html; charset=iso-8859-1 +Connection: close + This is not the real page # This is supposed to be returned when the server gets a # Authorization: Digest line passed-in from the client - -HTTP/1.1 200 OK swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 -Connection: close - + +HTTP/1.1 200 OK swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 +Connection: close + This IS the real page! # This is the second request - -HTTP/1.1 200 OK swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 -Connection: close - + +HTTP/1.1 200 OK swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 +Connection: close + This IS the second real page! - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" -WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" -WWW-Authenticate: Digest realm="gimme all yer s3cr3ts", nonce="11223344" -Content-Type: text/html; charset=iso-8859-1 -Connection: close - -HTTP/1.1 200 OK swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 -Connection: close - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" +WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" +WWW-Authenticate: Digest realm="gimme all yer s3cr3ts", nonce="11223344" +Content-Type: text/html; charset=iso-8859-1 +Connection: close + +HTTP/1.1 200 OK swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 +Connection: close + This IS the real page! @@ -101,7 +101,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --anyauth http://%HOST # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1413 b/tests/data/test1413 index c88f769824..ece40f75b2 100644 --- a/tests/data/test1413 +++ b/tests/data/test1413 @@ -9,32 +9,32 @@ followlocation # # Server-side - -HTTP/1.1 302 OK swsclose -Location: moo.html/%TESTNUMBER0002#fragmentpart -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close - + +HTTP/1.1 302 OK swsclose +Location: moo.html/%TESTNUMBER0002#fragmentpart +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close + - -HTTP/1.1 200 OK swsclose -Location: this should be ignored -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close - + +HTTP/1.1 200 OK swsclose +Location: this should be ignored +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close + body - -HTTP/1.1 302 OK swsclose -Location: moo.html/%TESTNUMBER0002#fragmentpart -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close - -HTTP/1.1 200 OK swsclose -Location: this should be ignored -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close - + +HTTP/1.1 302 OK swsclose +Location: moo.html/%TESTNUMBER0002#fragmentpart +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close + +HTTP/1.1 200 OK swsclose +Location: this should be ignored +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close + body @@ -56,7 +56,7 @@ http://%HOSTIP:%HTTPPORT/this/%TESTNUMBER -L # # Verify data after the test has been "shot" - + GET /this/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1415 b/tests/data/test1415 index cfccdf3974..80e32aac98 100644 --- a/tests/data/test1415 +++ b/tests/data/test1415 @@ -64,7 +64,7 @@ proxy # Verify data after the test has been "shot" - + GET http://example.com/we/want/%TESTNUMBER HTTP/1.1 Host: example.com User-Agent: curl/%VERSION diff --git a/tests/data/test1416 b/tests/data/test1416 index d0efdf665d..14d52475fb 100644 --- a/tests/data/test1416 +++ b/tests/data/test1416 @@ -44,7 +44,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1417 b/tests/data/test1417 index 558da7da1e..9af0a5b61f 100644 --- a/tests/data/test1417 +++ b/tests/data/test1417 @@ -56,21 +56,21 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -D %LOGDIR/heads%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION Accept: */* - -HTTP/1.1 200 funky chunky! -Server: fakeit/0.9 fakeitbad/1.0 -Transfer-Encoding: chunked -Trailer: chunky-trailer -Connection: mooo - -chunky-trailer: header data + +HTTP/1.1 200 funky chunky! +Server: fakeit/0.9 fakeitbad/1.0 +Transfer-Encoding: chunked +Trailer: chunky-trailer +Connection: mooo + +chunky-trailer: header data diff --git a/tests/data/test1418 b/tests/data/test1418 index bbbd585898..6f9119cdc9 100644 --- a/tests/data/test1418 +++ b/tests/data/test1418 @@ -13,62 +13,62 @@ connection reuse connection-monitor - -HTTP/1.1 401 Authentication please! -Content-Length: 20 -WWW-Authenticate: Digest realm="loonie", nonce="314156592" -WWW-Authenticate: Basic - + +HTTP/1.1 401 Authentication please! +Content-Length: 20 +WWW-Authenticate: Digest realm="loonie", nonce="314156592" +WWW-Authenticate: Basic + Please auth with me - -HTTP/1.1 401 Authentication please! -Content-Length: 20 -WWW-Authenticate: Digest realm="loonie", nonce="314156592" -WWW-Authenticate: Basic - + +HTTP/1.1 401 Authentication please! +Content-Length: 20 +WWW-Authenticate: Digest realm="loonie", nonce="314156592" +WWW-Authenticate: Basic + Please auth with me # This is supposed to be returned when the server gets the second # Authorization: NTLM line passed-in from the client - -HTTP/1.1 200 Things are fine in server land -Server: Microsoft-IIS/5.0 -Content-Length: 4 - + +HTTP/1.1 200 Things are fine in server land +Server: Microsoft-IIS/5.0 +Content-Length: 4 + moo - -HTTP/1.1 200 OK -Server: Another one/1.0 -Content-Length: 4 - + +HTTP/1.1 200 OK +Server: Another one/1.0 +Content-Length: 4 + boo # This is the first reply after the redirection - -HTTP/1.1 200 OK -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 - + +HTTP/1.1 200 OK +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 + This is not the real page either! - -HTTP/1.1 401 Authentication please! -Content-Length: 20 -WWW-Authenticate: Digest realm="loonie", nonce="314156592" -WWW-Authenticate: Basic - -HTTP/1.1 200 Things are fine in server land -Server: Microsoft-IIS/5.0 -Content-Length: 4 - + +HTTP/1.1 401 Authentication please! +Content-Length: 20 +WWW-Authenticate: Digest realm="loonie", nonce="314156592" +WWW-Authenticate: Basic + +HTTP/1.1 200 Things are fine in server land +Server: Microsoft-IIS/5.0 +Content-Length: 4 + moo diff --git a/tests/data/test1419 b/tests/data/test1419 index 45807f01bc..6ebb4531a7 100644 --- a/tests/data/test1419 +++ b/tests/data/test1419 @@ -13,25 +13,25 @@ connection reuse connection-monitor - -HTTP/1.1 200 fine! -Content-Length: 20 - + +HTTP/1.1 200 fine! +Content-Length: 20 + Feel free to get it - -HTTP/1.1 200 OK -Server: Another one/1.0 -Content-Length: 4 - + +HTTP/1.1 200 OK +Server: Another one/1.0 +Content-Length: 4 + boo - -HTTP/1.1 200 fine! -Content-Length: 20 - + +HTTP/1.1 200 fine! +Content-Length: 20 + Feel free to get it diff --git a/tests/data/test1420 b/tests/data/test1420 index c3c3f6ffc8..dbd671b1aa 100644 --- a/tests/data/test1420 +++ b/tests/data/test1420 @@ -3,7 +3,7 @@ IMAP -Clear Text +Clear Text FETCH --libcurl @@ -12,14 +12,14 @@ FETCH # # Server-side - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test1422 b/tests/data/test1422 index 3d57e77d2f..410734f4fb 100644 --- a/tests/data/test1422 +++ b/tests/data/test1422 @@ -9,15 +9,15 @@ HTTP GET # - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 0 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=str//nge - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 0 +Connection: close +Content-Type: text/html +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=str//nge + @@ -41,7 +41,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -J -O file://%FILE_PWD/%LOGDIR/name%TESTNUM # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1423 b/tests/data/test1423 index a49a04cbdd..787bc409d2 100644 --- a/tests/data/test1423 +++ b/tests/data/test1423 @@ -8,14 +8,14 @@ HTTP GET # - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 0 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 0 +Connection: close +Content-Type: text/html + @@ -37,7 +37,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -o %LOGDIR/outfile%TESTNUMBER file://%FILE_ # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1424 b/tests/data/test1424 index 806906a633..8f03c18aff 100644 --- a/tests/data/test1424 +++ b/tests/data/test1424 @@ -57,7 +57,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -z "dec 12 11:00:00 1999 GMT" -o %LOGDIR/ou # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1425 b/tests/data/test1425 index 681b06f6a6..51a38cc01c 100644 --- a/tests/data/test1425 +++ b/tests/data/test1425 @@ -49,7 +49,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1426 b/tests/data/test1426 index 407a499dab..7a711b324b 100644 --- a/tests/data/test1426 +++ b/tests/data/test1426 @@ -49,7 +49,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --output - # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1428 b/tests/data/test1428 index 5636f04710..3a6253a569 100644 --- a/tests/data/test1428 +++ b/tests/data/test1428 @@ -21,9 +21,9 @@ Content-Length: 9 contents - -HTTP/1.1 200 Mighty fine indeed - + +HTTP/1.1 200 Mighty fine indeed + HTTP/1.1 200 Mighty fine indeed @@ -60,15 +60,15 @@ proxy # # Verify data after the test has been "shot" - -CONNECT test.%TESTNUMBER:%HTTPPORT HTTP/1.1 -Host: test.%TESTNUMBER:%HTTPPORT -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive -header-type: proxy - + +CONNECT test.%TESTNUMBER:%HTTPPORT HTTP/1.1 +Host: test.%TESTNUMBER:%HTTPPORT +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive +header-type: proxy + - + GET /we/want/that/page/%TESTNUMBER HTTP/1.1 Host: test.%TESTNUMBER:%HTTPPORT Authorization: Basic %b64[iam:my:;self]b64% diff --git a/tests/data/test1429 b/tests/data/test1429 index d313bc4b89..b9372aca2a 100644 --- a/tests/data/test1429 +++ b/tests/data/test1429 @@ -42,22 +42,22 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --write-out '%{response_code}' # # Verify data after the test has been "shot" - -HTTP/1.1 999 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 6 -Connection: close -Content-Type: text/html -Funny-head: yesyes - + +HTTP/1.1 999 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes + -foo- 999 - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1430 b/tests/data/test1430 index ebf025101e..5ac407519f 100644 --- a/tests/data/test1430 +++ b/tests/data/test1430 @@ -40,7 +40,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1431 b/tests/data/test1431 index b8a1b01dd4..009c1b0dde 100644 --- a/tests/data/test1431 +++ b/tests/data/test1431 @@ -40,7 +40,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1432 b/tests/data/test1432 index 971e854178..4b707ee1e0 100644 --- a/tests/data/test1432 +++ b/tests/data/test1432 @@ -41,7 +41,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1433 b/tests/data/test1433 index 852e056f70..08388f64af 100644 --- a/tests/data/test1433 +++ b/tests/data/test1433 @@ -41,7 +41,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1434 b/tests/data/test1434 index 92e7dbaa85..b811510ee3 100644 --- a/tests/data/test1434 +++ b/tests/data/test1434 @@ -76,7 +76,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -C 100 # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Range: bytes=100- diff --git a/tests/data/test1435 b/tests/data/test1435 index 01726bad2f..bb08e35a8f 100644 --- a/tests/data/test1435 +++ b/tests/data/test1435 @@ -33,7 +33,7 @@ simple HTTP GET over Unix socket - + GET /%TESTNUMBER HTTP/1.1 Host: server-interpreted.example.com User-Agent: curl/%VERSION diff --git a/tests/data/test1436 b/tests/data/test1436 index dbb00f5ee0..5a5491e33f 100644 --- a/tests/data/test1436 +++ b/tests/data/test1436 @@ -47,7 +47,7 @@ HTTP requests with multiple connections over Unix socket - + GET /%TESTNUMBER0001 HTTP/1.1 Host: one.example.com User-Agent: curl/%VERSION diff --git a/tests/data/test1437 b/tests/data/test1437 index 9d11839087..4eb5e04dc2 100644 --- a/tests/data/test1437 +++ b/tests/data/test1437 @@ -8,39 +8,39 @@ HTTP Digest auth # Server-side - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", algorithm=MD5, algorithm=MD5, nonce=1, nonce=2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", algorithm=MD5, algorithm=MD5, nonce=1, nonce=2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + This is not the real page # This is supposed to be returned when the server gets a # Authorization: Digest line passed-in from the client - -HTTP/1.1 200 OK swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 - + +HTTP/1.1 200 OK swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 + This IS the real page! - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", algorithm=MD5, algorithm=MD5, nonce=1, nonce=2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - -HTTP/1.1 200 OK swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", algorithm=MD5, algorithm=MD5, nonce=1, nonce=2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + +HTTP/1.1 200 OK swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 + This IS the real page! @@ -66,7 +66,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --digest # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1438 b/tests/data/test1438 index d099d91824..a16b7fb291 100644 --- a/tests/data/test1438 +++ b/tests/data/test1438 @@ -46,7 +46,7 @@ Content-Type: text/plain testdata http - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1439 b/tests/data/test1439 index 17776a452b..020b681234 100644 --- a/tests/data/test1439 +++ b/tests/data/test1439 @@ -45,7 +45,7 @@ Content-Type: text/plain testdata 1.1 - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1443 b/tests/data/test1443 index 125627043d..57ac1591de 100644 --- a/tests/data/test1443 +++ b/tests/data/test1443 @@ -41,7 +41,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -O --remote-time --output-dir %LOGDIR # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1448 b/tests/data/test1448 index dfc761ee84..aed178fc58 100644 --- a/tests/data/test1448 +++ b/tests/data/test1448 @@ -57,7 +57,7 @@ http://%hex[%c3%a5%c3%a4%c3%b6]hex%.se:%HTTPPORT/%TESTNUMBER --resolve xn--4cab6 # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: xn--4cab6c.se:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1457 b/tests/data/test1457 index c25133a964..527e704645 100644 --- a/tests/data/test1457 +++ b/tests/data/test1457 @@ -49,7 +49,7 @@ line1line3 line2 - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1458 b/tests/data/test1458 index 45ff971b0a..300f3ec226 100644 --- a/tests/data/test1458 +++ b/tests/data/test1458 @@ -43,7 +43,7 @@ HTTP with wildcard --resolve # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: example.com:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1466 b/tests/data/test1466 index dda651ff46..9a880d31b0 100644 --- a/tests/data/test1466 +++ b/tests/data/test1466 @@ -34,7 +34,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1467 b/tests/data/test1467 index cf77bcbb4e..69b04d8bf4 100644 --- a/tests/data/test1467 +++ b/tests/data/test1467 @@ -49,7 +49,7 @@ HTTP GET via SOCKS5 proxy via Unix sockets # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1468 b/tests/data/test1468 index a39e1e64a6..ec004b368b 100644 --- a/tests/data/test1468 +++ b/tests/data/test1468 @@ -50,7 +50,7 @@ http://this.is.a.host.name:%HTTPPORT/%TESTNUMBER --proxy socks5h://localhost%SOC # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: this.is.a.host.name:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1470 b/tests/data/test1470 index 54adeb6138..2a8e0ea295 100644 --- a/tests/data/test1470 +++ b/tests/data/test1470 @@ -51,7 +51,7 @@ https://this.is.a.host.name:%HTTPSPORT/%TESTNUMBER --insecure --proxy socks5h:// # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: this.is.a.host.name:%HTTPSPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1473 b/tests/data/test1473 index 1e21534c29..fa0bb0f7d3 100644 --- a/tests/data/test1473 +++ b/tests/data/test1473 @@ -10,14 +10,14 @@ header line folding # # Server-side - -HTTP/1.1 200 OK - Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/ -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Content-Length: 6 - + +HTTP/1.1 200 OK + Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/ +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Content-Length: 6 + -foo- @@ -39,7 +39,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1475 b/tests/data/test1475 index 2b483cb0ae..3c43dda13e 100644 --- a/tests/data/test1475 +++ b/tests/data/test1475 @@ -71,7 +71,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -C - -f # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Range: bytes=100- diff --git a/tests/data/test1476 b/tests/data/test1476 index 101fa95b01..5915b9fc58 100644 --- a/tests/data/test1476 +++ b/tests/data/test1476 @@ -10,7 +10,7 @@ cookies # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Content-Length: 0 @@ -40,7 +40,7 @@ cookies # Verify data after the test has been "shot" - + GET http://curl.co.UK/ HTTP/1.1 Host: curl.co.UK User-Agent: curl/%VERSION diff --git a/tests/data/test1479 b/tests/data/test1479 index 68dc2b758c..3fe61c8cef 100644 --- a/tests/data/test1479 +++ b/tests/data/test1479 @@ -9,16 +9,16 @@ HTTP/0.9 # # Server-side - -HTTP/1.1 200 OK -Content-Length: 5 - + +HTTP/1.1 200 OK +Content-Length: 5 + Data - -Data -Data -Data + +Data +Data +Data @@ -41,7 +41,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER http://%HOSTIP:%HTTPPORT/%TESTNUMBER0002 # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1480 b/tests/data/test1480 index 6eea750483..d487398cc7 100644 --- a/tests/data/test1480 +++ b/tests/data/test1480 @@ -8,13 +8,13 @@ HTTP # # Server-side - -HTTP/1.1 100 Continue -Foo: Bar - -Data -Data -Data + +HTTP/1.1 100 Continue +Foo: Bar + +Data +Data +Data @@ -37,7 +37,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1481 b/tests/data/test1481 index 8f63141b87..3121ae5369 100644 --- a/tests/data/test1481 +++ b/tests/data/test1481 @@ -42,7 +42,7 @@ http://moo/ --libcurl %LOGDIR/test%TESTNUMBER.c --tls-max 1.3 --proxy-tlsv1 -x h # Verify data after the test has been "shot" - + GET http://moo/ HTTP/1.1 Host: moo User-Agent: curl/%VERSION diff --git a/tests/data/test1482 b/tests/data/test1482 index 30353e2909..8b0a245c28 100644 --- a/tests/data/test1482 +++ b/tests/data/test1482 @@ -60,21 +60,21 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -D %LOGDIR/heads%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION Accept: */* - -HTTP/1.1 200 funky chunky! -Server: fakeit/0.9 fakeitbad/1.0 -Transfer-Encoding: chunked, chunked -Connection: mooo - -chunky-trailer: header data -another-header: yes + +HTTP/1.1 200 funky chunky! +Server: fakeit/0.9 fakeitbad/1.0 +Transfer-Encoding: chunked, chunked +Connection: mooo + +chunky-trailer: header data +another-header: yes diff --git a/tests/data/test1483 b/tests/data/test1483 index 88827a2cc8..82ef88a84d 100644 --- a/tests/data/test1483 +++ b/tests/data/test1483 @@ -62,22 +62,22 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -D %LOGDIR/heads%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION Accept: */* - -HTTP/1.1 200 funky chunky! -Server: fakeit/0.9 fakeitbad/1.0 -Transfer-Encoding: chunked -Transfer-Encoding: chunked -Connection: mooo - -chunky-trailer: header data -another-header: yes + +HTTP/1.1 200 funky chunky! +Server: fakeit/0.9 fakeitbad/1.0 +Transfer-Encoding: chunked +Transfer-Encoding: chunked +Connection: mooo + +chunky-trailer: header data +another-header: yes diff --git a/tests/data/test1484 b/tests/data/test1484 index 7cdce889dd..eaf3e9808c 100644 --- a/tests/data/test1484 +++ b/tests/data/test1484 @@ -9,19 +9,19 @@ HTTP HEAD # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Transfer-Encoding: chunked - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Transfer-Encoding: chunked + HEAD response with content # make sure no data is written - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Transfer-Encoding: chunked - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Transfer-Encoding: chunked + @@ -42,7 +42,7 @@ HTTP HEAD with response body to ignore # # Verify data after the test has been "shot" - + HEAD /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1485 b/tests/data/test1485 index d36705bbf1..c036900ed2 100644 --- a/tests/data/test1485 +++ b/tests/data/test1485 @@ -8,18 +8,18 @@ HTTP GET # Server-side - -HTTP/1.1 200 OK -Server: Someone -Content-Length: 7 - + +HTTP/1.1 200 OK +Server: Someone +Content-Length: 7 + 123456 - -HTTP/1.1 200 OK -Server: Someone -Content-Length: 7 - + +HTTP/1.1 200 OK +Server: Someone +Content-Length: 7 + 123456 @@ -41,7 +41,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test1487 b/tests/data/test1487 index 3a0c8e8356..88f17fa2b7 100644 --- a/tests/data/test1487 +++ b/tests/data/test1487 @@ -39,7 +39,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -J -O --output-dir %LOGDIR # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1489 b/tests/data/test1489 index e1460bf5c7..7bc6fcd7bd 100644 --- a/tests/data/test1489 +++ b/tests/data/test1489 @@ -9,7 +9,7 @@ HTTP GET # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -42,14 +42,14 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -D % -s # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION Accept: */* - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test1492 b/tests/data/test1492 index b2ef8f50d5..96911bc9f6 100644 --- a/tests/data/test1492 +++ b/tests/data/test1492 @@ -40,7 +40,7 @@ http://%HOSTIP:%HTTPPORT/junk%TESTNUMBER -J -O --show-headers --output-dir %LOGD # # Verify data after the test has been "shot" - + GET /junk%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1493 b/tests/data/test1493 index 9179737811..07821676a7 100644 --- a/tests/data/test1493 +++ b/tests/data/test1493 @@ -57,21 +57,21 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -D %LOGDIR/heads%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION Accept: */* - -HTTP/1.1 200 funky chunky! -Server: fakeit/0.9 fakeitbad/1.0 -Transfer-Encoding: identity, chunked -Connection: mooo - -chunky-trailer: header data -another-header: yes + +HTTP/1.1 200 funky chunky! +Server: fakeit/0.9 fakeitbad/1.0 +Transfer-Encoding: identity, chunked +Connection: mooo + +chunky-trailer: header data +another-header: yes diff --git a/tests/data/test1494 b/tests/data/test1494 index 67b8dc3322..34072063aa 100644 --- a/tests/data/test1494 +++ b/tests/data/test1494 @@ -10,7 +10,7 @@ DELAY # # Server-side - + HTTP/1.1 200 funky chunky! Server: fakeit/0.9 fakeitbad/1.0 Transfer-Encoding: identity, identity @@ -38,7 +38,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -D %LOGDIR/heads%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1495 b/tests/data/test1495 index de725b7b4e..37e729bede 100644 --- a/tests/data/test1495 +++ b/tests/data/test1495 @@ -10,7 +10,7 @@ DELAY # # Server-side - + HTTP/1.1 200 funky chunky! Server: fakeit/0.9 fakeitbad/1.0 Transfer-Encoding: chunked, identity @@ -38,7 +38,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -D %LOGDIR/heads%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1496 b/tests/data/test1496 index d669dedaa9..a70a256f88 100644 --- a/tests/data/test1496 +++ b/tests/data/test1496 @@ -10,7 +10,7 @@ DELAY # # Server-side - + HTTP/1.1 200 funky chunky! Server: fakeit/0.9 fakeitbad/1.0 Transfer-Encoding: gzip, chunked @@ -38,7 +38,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -D %LOGDIR/heads%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1497 b/tests/data/test1497 index 6e8caef8d6..138f8ee8ea 100644 --- a/tests/data/test1497 +++ b/tests/data/test1497 @@ -44,7 +44,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --retry 3 -o /dev/null # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1498 b/tests/data/test1498 index b7e15b1a1d..f26b790f8c 100644 --- a/tests/data/test1498 +++ b/tests/data/test1498 @@ -10,11 +10,11 @@ chunked Transfer-Encoding # Server-side - -HTTP/1.0 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake - + +HTTP/1.0 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake + blablabla diff --git a/tests/data/test1499 b/tests/data/test1499 index cb432f7c53..a3f28b0084 100644 --- a/tests/data/test1499 +++ b/tests/data/test1499 @@ -59,7 +59,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER http://%HOSTIP:%HTTPPORT/%TESTNUMBER -D %LO # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test15 b/tests/data/test15 index ec065e38fa..69755c85dd 100644 --- a/tests/data/test15 +++ b/tests/data/test15 @@ -8,13 +8,13 @@ HTTP GET # Server-side - -HTTP/1.1 200 OK -Fake: yes -Fake: yes -Fake: yes -Content-Length: 26 - + +HTTP/1.1 200 OK +Fake: yes +Fake: yes +Fake: yes +Content-Length: 26 + Repeated nonsense-headers @@ -34,17 +34,17 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER --write-out "%{url_effective} %{http_c # Verify data after the test has been "shot" - -HTTP/1.1 200 OK -Fake: yes -Fake: yes -Fake: yes -Content-Length: 26 - + +HTTP/1.1 200 OK +Fake: yes +Fake: yes +Fake: yes +Content-Length: 26 + Repeated nonsense-headers http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER 200 26 - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test150 b/tests/data/test150 index a06c6421da..f0f6fcb7f3 100644 --- a/tests/data/test150 +++ b/tests/data/test150 @@ -16,39 +16,39 @@ NTLM This is supposed to be returned when the server gets a first Authorization: NTLM line passed-in from the client --> - -HTTP/1.1 401 Now gimme that second request of crap -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== - + +HTTP/1.1 401 Now gimme that second request of crap +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + This is not the real page either! # This is supposed to be returned when the server gets the second # Authorization: NTLM line passed-in from the client - -HTTP/1.1 200 Things are fine in server land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 200 Things are fine in server land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! - -HTTP/1.1 401 Now gimme that second request of crap -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== - -HTTP/1.1 200 Things are fine in server land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 401 Now gimme that second request of crap +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + +HTTP/1.1 200 Things are fine in server land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! @@ -74,7 +74,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --ntlm --fail # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= diff --git a/tests/data/test1500 b/tests/data/test1500 index 0454f8ecbe..b29c5216f2 100644 --- a/tests/data/test1500 +++ b/tests/data/test1500 @@ -9,14 +9,14 @@ multi # Server-side - -HTTP/1.1 200 all good! -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Type: text/html -Content-Length: 12 -Connection: close - + +HTTP/1.1 200 all good! +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/html +Content-Length: 12 +Connection: close + Hello World diff --git a/tests/data/test1502 b/tests/data/test1502 index c4c378c59e..01220d659d 100644 --- a/tests/data/test1502 +++ b/tests/data/test1502 @@ -9,18 +9,18 @@ CURLOPT_RESOLVE - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 6 -Connection: close -Content-Type: text/html -Funny-head: yesyes - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes + -foo- @@ -45,7 +45,7 @@ http://google.com:%HTTPPORT/%TESTNUMBER %HTTPPORT %HOSTIP # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: google.com:%HTTPPORT Accept: */* diff --git a/tests/data/test1503 b/tests/data/test1503 index fe5783e311..2338ccf725 100644 --- a/tests/data/test1503 +++ b/tests/data/test1503 @@ -9,18 +9,18 @@ CURLOPT_RESOLVE - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 6 -Connection: close -Content-Type: text/html -Funny-head: yesyes - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes + -foo- @@ -45,7 +45,7 @@ http://google.com:%HTTPPORT/%TESTNUMBER %HTTPPORT %HOSTIP # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: google.com:%HTTPPORT Accept: */* diff --git a/tests/data/test1504 b/tests/data/test1504 index 3a9de6804e..326a190558 100644 --- a/tests/data/test1504 +++ b/tests/data/test1504 @@ -9,18 +9,18 @@ CURLOPT_RESOLVE - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 6 -Connection: close -Content-Type: text/html -Funny-head: yesyes - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes + -foo- @@ -45,7 +45,7 @@ http://google.com:%HTTPPORT/%TESTNUMBER %HTTPPORT %HOSTIP # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: google.com:%HTTPPORT Accept: */* diff --git a/tests/data/test1505 b/tests/data/test1505 index 500abdf127..1f62045b98 100644 --- a/tests/data/test1505 +++ b/tests/data/test1505 @@ -9,18 +9,18 @@ CURLOPT_RESOLVE - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 6 -Connection: close -Content-Type: text/html -Funny-head: yesyes - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes + -foo- @@ -45,7 +45,7 @@ http://google.com:%HTTPPORT/%TESTNUMBER %HTTPPORT %HOSTIP # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: google.com:%HTTPPORT Accept: */* diff --git a/tests/data/test1506 b/tests/data/test1506 index b08d1aeadf..98af4b19fe 100644 --- a/tests/data/test1506 +++ b/tests/data/test1506 @@ -9,7 +9,7 @@ verbose logs # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -17,7 +17,7 @@ Content-Length: 47 file contents should appear once for each file - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -25,7 +25,7 @@ Content-Length: 47 file contents should appear once for each file - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -33,7 +33,7 @@ Content-Length: 47 file contents should appear once for each file - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -64,7 +64,7 @@ HTTP GET connection cache limit (CURLMOPT_MAXCONNECTS) # Verify data after the test has been "shot" - + GET /path/%TESTNUMBER0001 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test1509 b/tests/data/test1509 index 37614bda7d..4712c52959 100644 --- a/tests/data/test1509 +++ b/tests/data/test1509 @@ -14,30 +14,30 @@ proxytunnel connection-monitor - -HTTP/1.1 200 Mighty fine indeed -Server: the beast that eats naughty clients - + +HTTP/1.1 200 Mighty fine indeed +Server: the beast that eats naughty clients + - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" - + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" + - -HTTP/1.1 200 Mighty fine indeed -Server: the beast that eats naughty clients - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" - + +HTTP/1.1 200 Mighty fine indeed +Server: the beast that eats naughty clients + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" + header length is ........: 245 header length should be..: 245 @@ -73,11 +73,11 @@ moo # Verify data after the test has been "shot" - -CONNECT the.old.moo.%TESTNUMBER:%HTTPPORT HTTP/1.1 -Host: the.old.moo.%TESTNUMBER:%HTTPPORT -Proxy-Connection: Keep-Alive - + +CONNECT the.old.moo.%TESTNUMBER:%HTTPPORT HTTP/1.1 +Host: the.old.moo.%TESTNUMBER:%HTTPPORT +Proxy-Connection: Keep-Alive + [DISCONNECT] diff --git a/tests/data/test151 b/tests/data/test151 index f50672cf19..727a7e9100 100644 --- a/tests/data/test151 +++ b/tests/data/test151 @@ -34,7 +34,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1510 b/tests/data/test1510 index 447f6d00d8..c4fca7251a 100644 --- a/tests/data/test1510 +++ b/tests/data/test1510 @@ -9,36 +9,36 @@ flaky # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 47 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 47 + file contents should appear once for each file - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 47 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 47 + file contents should appear once for each file - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 47 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 47 + file contents should appear once for each file - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 47 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 47 + file contents should appear once for each file @@ -61,7 +61,7 @@ HTTP GET connection cache limit (CURLOPT_MAXCONNECTS) # Verify data after the test has been "shot" - + GET /path/%TESTNUMBER0001 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test1511 b/tests/data/test1511 index 82ed483b85..5fc25c7113 100644 --- a/tests/data/test1511 +++ b/tests/data/test1511 @@ -8,35 +8,35 @@ CURLOPT_TIMECONDITION # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fakem -Last-Modified: Mon, 22 Apr 2013 17:45:05 GMT -Content-Type: text/html -Content-Length: 12 -Connection: close - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fakem +Last-Modified: Mon, 22 Apr 2013 17:45:05 GMT +Content-Type: text/html +Content-Length: 12 +Connection: close + Hello World - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fakem -Last-Modified: Mon, 22 Apr 2013 17:45:05 GMT -Content-Type: text/html -Content-Length: 12 -Connection: close - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fakem -Last-Modified: Mon, 22 Apr 2013 17:45:05 GMT -Content-Type: text/html -Content-Length: 12 -Connection: close - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fakem +Last-Modified: Mon, 22 Apr 2013 17:45:05 GMT +Content-Type: text/html +Content-Length: 12 +Connection: close + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fakem +Last-Modified: Mon, 22 Apr 2013 17:45:05 GMT +Content-Type: text/html +Content-Length: 12 +Connection: close + Hello World diff --git a/tests/data/test1512 b/tests/data/test1512 index ff21e11aba..cb1d8f72f1 100644 --- a/tests/data/test1512 +++ b/tests/data/test1512 @@ -8,36 +8,36 @@ GLOBAL DNS CACHE # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 47 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 47 + file contents should appear once for each file - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 47 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 47 + file contents should appear once for each file - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 47 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 47 + file contents should appear once for each file - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 47 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 47 + file contents should appear once for each file @@ -60,7 +60,7 @@ GLOBAL CACHE test over two easy performs # Verify data after the test has been "shot" - + GET /path/%TESTNUMBER0001 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test1513 b/tests/data/test1513 index 6957761af9..ff8c03f279 100644 --- a/tests/data/test1513 +++ b/tests/data/test1513 @@ -8,9 +8,9 @@ DELAY # Server-side - -HTTP/1.1 204 PARTIAL -X-Comment: partial response to keep the client waiting + +HTTP/1.1 204 PARTIAL +X-Comment: partial response to keep the client waiting wait 10 diff --git a/tests/data/test1514 b/tests/data/test1514 index 571ee6daa6..2f23abb28e 100644 --- a/tests/data/test1514 +++ b/tests/data/test1514 @@ -10,12 +10,12 @@ chunked Transfer-Encoding # Server-side - -HTTP/1.1 200 OK -Date: Sun, 19 Jan 2014 18:50:58 GMT -Server: test-server/fake swsclose -Connection: close - + +HTTP/1.1 200 OK +Date: Sun, 19 Jan 2014 18:50:58 GMT +Server: test-server/fake swsclose +Connection: close + diff --git a/tests/data/test1517 b/tests/data/test1517 index d2c477593c..2703c1eefa 100644 --- a/tests/data/test1517 +++ b/tests/data/test1517 @@ -62,7 +62,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER s/^(this is what we post to the silly web server)(\r)?\n// - + POST /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test152 b/tests/data/test152 index aa5cf971de..2f4ee6938d 100644 --- a/tests/data/test152 +++ b/tests/data/test152 @@ -35,7 +35,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --fail # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1520 b/tests/data/test1520 index eb398f414a..f49b914779 100644 --- a/tests/data/test1520 +++ b/tests/data/test1520 @@ -19,17 +19,17 @@ lib%TESTNUMBER SMTP with CRLF-dot-CRLF in data - -From: different -To: another - - -. -. - -. - -body + +From: different +To: another + + +. +. + +. + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER diff --git a/tests/data/test1525 b/tests/data/test1525 index 1e143b3e6f..cfcdfb2bbd 100644 --- a/tests/data/test1525 +++ b/tests/data/test1525 @@ -12,9 +12,9 @@ CURLOPT_PROXYHEADER # Server-side - -HTTP/1.1 200 OK - + +HTTP/1.1 200 OK + HTTP/1.1 200 OK swsclose @@ -58,12 +58,12 @@ proxy # Verify data after the test has been "shot" - -CONNECT the.old.moo.%TESTNUMBER:%HTTPPORT HTTP/1.1 -Host: the.old.moo.%TESTNUMBER:%HTTPPORT -Proxy-Connection: Keep-Alive -User-Agent: Http Agent - + +CONNECT the.old.moo.%TESTNUMBER:%HTTPPORT HTTP/1.1 +Host: the.old.moo.%TESTNUMBER:%HTTPPORT +Proxy-Connection: Keep-Alive +User-Agent: Http Agent + PUT /%TESTNUMBER HTTP/1.1 diff --git a/tests/data/test1526 b/tests/data/test1526 index 45d95811b7..5a43efe37d 100644 --- a/tests/data/test1526 +++ b/tests/data/test1526 @@ -12,29 +12,29 @@ CURLOPT_PROXYHEADER # Server-side - -HTTP/1.1 200 OK -Server: present - + +HTTP/1.1 200 OK +Server: present + - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" - + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" + - -HTTP/1.1 200 OK -Server: present - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" - + +HTTP/1.1 200 OK +Server: present + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" + @@ -60,12 +60,12 @@ proxy # Verify data after the test has been "shot" - -CONNECT the.old.moo.%TESTNUMBER:%HTTPPORT HTTP/1.1 -Host: the.old.moo.%TESTNUMBER:%HTTPPORT -Proxy-Connection: Keep-Alive -User-Agent: Proxy Agent - + +CONNECT the.old.moo.%TESTNUMBER:%HTTPPORT HTTP/1.1 +Host: the.old.moo.%TESTNUMBER:%HTTPPORT +Proxy-Connection: Keep-Alive +User-Agent: Proxy Agent + PUT /%TESTNUMBER HTTP/1.1 diff --git a/tests/data/test1527 b/tests/data/test1527 index 3540a3bfb8..8a106b5d42 100644 --- a/tests/data/test1527 +++ b/tests/data/test1527 @@ -11,29 +11,29 @@ proxytunnel # Server-side - -HTTP/1.1 200 OK -We-are: good - + +HTTP/1.1 200 OK +We-are: good + - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" - + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" + - -HTTP/1.1 200 OK -We-are: good - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" - + +HTTP/1.1 200 OK +We-are: good + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" + @@ -59,13 +59,13 @@ proxy # Verify data after the test has been "shot" - -CONNECT the.old.moo.%TESTNUMBER:%HTTPPORT HTTP/1.1 -Host: the.old.moo.%TESTNUMBER:%HTTPPORT -Proxy-Connection: Keep-Alive -User-Agent: Http Agent -Expect: 100-continue - + +CONNECT the.old.moo.%TESTNUMBER:%HTTPPORT HTTP/1.1 +Host: the.old.moo.%TESTNUMBER:%HTTPPORT +Proxy-Connection: Keep-Alive +User-Agent: Http Agent +Expect: 100-continue + PUT /%TESTNUMBER HTTP/1.1 diff --git a/tests/data/test1528 b/tests/data/test1528 index 8c0209ce80..eb80570d40 100644 --- a/tests/data/test1528 +++ b/tests/data/test1528 @@ -11,19 +11,19 @@ proxytunnel # Server-side - -HTTP/1.1 200 OK -We-are: good - + +HTTP/1.1 200 OK +We-are: good + - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Content-Length: 5 - + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Content-Length: 5 + stop @@ -50,14 +50,14 @@ proxy # Verify data after the test has been "shot" - -GET http://the.old.moo:%HTTPPORT/%TESTNUMBER HTTP/1.1 -Host: the.old.moo:%HTTPPORT -Accept: */* -Proxy-Connection: Keep-Alive -User-Agent: Http Agent -Proxy-User-Agent: Http Agent2 - + +GET http://the.old.moo:%HTTPPORT/%TESTNUMBER HTTP/1.1 +Host: the.old.moo:%HTTPPORT +Accept: */* +Proxy-Connection: Keep-Alive +User-Agent: Http Agent +Proxy-User-Agent: Http Agent2 + diff --git a/tests/data/test1529 b/tests/data/test1529 index a06ce75db9..5d8be40b45 100644 --- a/tests/data/test1529 +++ b/tests/data/test1529 @@ -9,10 +9,10 @@ HTTP proxy # Server-side - -HTTP/1.1 200 OK -We-are: good - + +HTTP/1.1 200 OK +We-are: good + diff --git a/tests/data/test153 b/tests/data/test153 index 44c06ca5b5..b70061f01f 100644 --- a/tests/data/test153 +++ b/tests/data/test153 @@ -10,35 +10,35 @@ HTTP Digest auth # Server-side # First reply back and ask for Digest auth - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + This is not the real page # second reply back - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + This is not the real page # This is supposed to be returned when the server gets a # Authorization: Digest line passed-in from the client - -HTTP/1.1 200 OK -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 - + +HTTP/1.1 200 OK +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 + This IS the real page! @@ -46,24 +46,24 @@ This IS the real page! # This is the second request, and this sends back a response saying that # the request contained stale data. We want an update. Set swsbounce to # bounce on to data1003 on the second request. - -HTTP/1.1 401 Authorization re-negotiation please swsbounce -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", algorithm=MD5, nonce="999999", stale=true, qop="auth" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - + +HTTP/1.1 401 Authorization re-negotiation please swsbounce +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", algorithm=MD5, nonce="999999", stale=true, qop="auth" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + This is not the real page # The second request to the 1002 section will bounce this one back instead # thanks to the swsbounce keyword up there - -HTTP/1.1 200 OK -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 30 - + +HTTP/1.1 200 OK +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 30 + This IS the second real page! @@ -91,7 +91,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER0001 -u testuser:testpass --digest http://%H ^Authorization.*cnonce - + GET /%TESTNUMBER0001 HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -121,36 +121,36 @@ User-Agent: curl/%VERSION Accept: */* - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - -HTTP/1.1 200 OK -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + +HTTP/1.1 200 OK +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 + This IS the real page! -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - -HTTP/1.1 401 Authorization re-negotiation please swsbounce -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", algorithm=MD5, nonce="999999", stale=true, qop="auth" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - -HTTP/1.1 200 OK -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 30 - +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + +HTTP/1.1 401 Authorization re-negotiation please swsbounce +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", algorithm=MD5, nonce="999999", stale=true, qop="auth" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + +HTTP/1.1 200 OK +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 30 + This IS the second real page! diff --git a/tests/data/test1532 b/tests/data/test1532 index fddfe5675d..fc3f71a00f 100644 --- a/tests/data/test1532 +++ b/tests/data/test1532 @@ -9,10 +9,10 @@ HTTP GET # # Server-side - -HTTP/1.0 200 OK swsclose -Content-Length: 0 - + +HTTP/1.0 200 OK swsclose +Content-Length: 0 + @@ -36,7 +36,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test1533 b/tests/data/test1533 index e0d85669ef..389baa5436 100644 --- a/tests/data/test1533 +++ b/tests/data/test1533 @@ -12,11 +12,11 @@ CURLOPT_KEEP_SENDING_ON_ERROR auth_required - -HTTP/1.1 401 Authorization Required -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 15 + +HTTP/1.1 401 Authorization Required +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 15 Early Response diff --git a/tests/data/test1534 b/tests/data/test1534 index d35b5cb1c5..ef4f8b886e 100644 --- a/tests/data/test1534 +++ b/tests/data/test1534 @@ -10,11 +10,11 @@ CURLINFO_FILETIME # # Server-side - -HTTP/1.0 200 OK swsclose -Last-Modified: Thu, 01 Jan 1970 00:00:30 GMT -Content-Length: 0 - + +HTTP/1.0 200 OK swsclose +Last-Modified: Thu, 01 Jan 1970 00:00:30 GMT +Content-Length: 0 + @@ -38,7 +38,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test1535 b/tests/data/test1535 index dac9b2c85c..8bfd2d6ada 100644 --- a/tests/data/test1535 +++ b/tests/data/test1535 @@ -37,7 +37,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test1536 b/tests/data/test1536 index 111e07766f..63d71731e6 100644 --- a/tests/data/test1536 +++ b/tests/data/test1536 @@ -37,7 +37,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test1539 b/tests/data/test1539 index 0431ba670b..884e700665 100644 --- a/tests/data/test1539 +++ b/tests/data/test1539 @@ -10,11 +10,11 @@ chunked Transfer-Encoding # Server-side - -HTTP/1.1 200 OK -Date: Sun, 19 Jan 2014 18:50:58 GMT -Server: test-server/fake swsclose -Connection: close + +HTTP/1.1 200 OK +Date: Sun, 19 Jan 2014 18:50:58 GMT +Server: test-server/fake swsclose +Connection: close diff --git a/tests/data/test154 b/tests/data/test154 index 5435ac9e9d..19791a1f42 100644 --- a/tests/data/test154 +++ b/tests/data/test154 @@ -10,45 +10,45 @@ HTTP Digest auth # Server-side - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" -WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" -WWW-Authenticate: Digest realm="gimme all yer s3cr3ts", nonce="11223344" -Content-Type: text/html; charset=iso-8859-1 -Connection: close - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" +WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" +WWW-Authenticate: Digest realm="gimme all yer s3cr3ts", nonce="11223344" +Content-Type: text/html; charset=iso-8859-1 +Connection: close + This is not the real page # This is supposed to be returned when the server gets a # Authorization: Digest line passed-in from the client - -HTTP/1.1 200 OK swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 -Connection: close - + +HTTP/1.1 200 OK swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 +Connection: close + This IS the real page! - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" -WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" -WWW-Authenticate: Digest realm="gimme all yer s3cr3ts", nonce="11223344" -Content-Type: text/html; charset=iso-8859-1 -Connection: close - -HTTP/1.1 200 OK swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 -Connection: close - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" +WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" +WWW-Authenticate: Digest realm="gimme all yer s3cr3ts", nonce="11223344" +Content-Type: text/html; charset=iso-8859-1 +Connection: close + +HTTP/1.1 200 OK swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 +Connection: close + This IS the real page! diff --git a/tests/data/test1540 b/tests/data/test1540 index c3d918b4da..fa3b157190 100644 --- a/tests/data/test1540 +++ b/tests/data/test1540 @@ -57,7 +57,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test1541 b/tests/data/test1541 index 9b7a479d5b..9aaa90ddda 100644 --- a/tests/data/test1541 +++ b/tests/data/test1541 @@ -64,7 +64,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test1542 b/tests/data/test1542 index cdde885ce7..dad66aff3d 100644 --- a/tests/data/test1542 +++ b/tests/data/test1542 @@ -11,10 +11,10 @@ verbose logs # Server-side - -HTTP/1.1 200 OK -Content-Length: 0 - + +HTTP/1.1 200 OK +Content-Length: 0 + @@ -39,7 +39,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test1543 b/tests/data/test1543 index 798b273e32..202cce5434 100644 --- a/tests/data/test1543 +++ b/tests/data/test1543 @@ -52,7 +52,7 @@ CURLOPT_CURLU, URL with space and CURLINFO_EFFECTIVE_URL # # Verify data after the test has been "shot" - + GET /%20/with/%20space/%20/file HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test1546 b/tests/data/test1546 index facd309475..5c7fdeb880 100644 --- a/tests/data/test1546 +++ b/tests/data/test1546 @@ -9,20 +9,20 @@ Transfer-Encoding # # Server-side - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache -Transfer-Encoding: chunked, gzip - -0 - + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache +Transfer-Encoding: chunked, gzip + +0 + - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache @@ -47,7 +47,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --tr-encoding # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1549 b/tests/data/test1549 index bc821e5eba..9346d2f0e3 100644 --- a/tests/data/test1549 +++ b/tests/data/test1549 @@ -9,7 +9,7 @@ cookies # # Server-side - + HTTP/1.1 200 OK Content-Length: 6 Content-Type: text/plain @@ -44,7 +44,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test155 b/tests/data/test155 index 90bb18dc5b..f3517a9f2c 100644 --- a/tests/data/test155 +++ b/tests/data/test155 @@ -10,61 +10,61 @@ NTLM # Server-side - -HTTP/1.1 401 NTLM Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" -WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" -WWW-Authenticate: NTLM -Content-Type: text/html; charset=iso-8859-1 -Connection: close - + +HTTP/1.1 401 NTLM Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" +WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" +WWW-Authenticate: NTLM +Content-Type: text/html; charset=iso-8859-1 +Connection: close + moo # This is supposed to be returned when the server gets a first # Authorization: NTLM line passed-in from the client - -HTTP/1.1 401 Type-1 received, send back type-2 -Server: Microsoft-IIS/5.0 -Content-Length: 34 -Content-Type: text/html; charset=iso-8859-1 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== - + +HTTP/1.1 401 Type-1 received, send back type-2 +Server: Microsoft-IIS/5.0 +Content-Length: 34 +Content-Type: text/html; charset=iso-8859-1 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + This is not the real page either! # This is supposed to be returned when the server gets the second # Authorization: NTLM line passed-in from the client - -HTTP/1.1 200 Type-3 Received and all Things are fine swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 200 Type-3 Received and all Things are fine swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! - -HTTP/1.1 401 NTLM Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" -WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" -WWW-Authenticate: NTLM -Content-Type: text/html; charset=iso-8859-1 -Connection: close - -HTTP/1.1 401 Type-1 received, send back type-2 -Server: Microsoft-IIS/5.0 -Content-Length: 34 -Content-Type: text/html; charset=iso-8859-1 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== - -HTTP/1.1 200 Type-3 Received and all Things are fine swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 401 NTLM Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" +WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" +WWW-Authenticate: NTLM +Content-Type: text/html; charset=iso-8859-1 +Connection: close + +HTTP/1.1 401 Type-1 received, send back type-2 +Server: Microsoft-IIS/5.0 +Content-Length: 34 +Content-Type: text/html; charset=iso-8859-1 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + +HTTP/1.1 200 Type-3 Received and all Things are fine swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! diff --git a/tests/data/test1551 b/tests/data/test1551 index 78999e8833..a2c752226c 100644 --- a/tests/data/test1551 +++ b/tests/data/test1551 @@ -47,7 +47,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test1552 b/tests/data/test1552 index 6e89c9c1e8..995584c4d4 100644 --- a/tests/data/test1552 +++ b/tests/data/test1552 @@ -10,14 +10,14 @@ FETCH # # Server-side - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test1553 b/tests/data/test1553 index 1086330737..5b4f11e554 100644 --- a/tests/data/test1553 +++ b/tests/data/test1553 @@ -10,14 +10,14 @@ FETCH # # Server-side - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test1555 b/tests/data/test1555 index b224f7c0ed..75e1e5c258 100644 --- a/tests/data/test1555 +++ b/tests/data/test1555 @@ -8,9 +8,9 @@ DELAY # Server-side - -HTTP/1.1 204 PARTIAL -X-Comment: partial response to keep the client waiting + +HTTP/1.1 204 PARTIAL +X-Comment: partial response to keep the client waiting wait 10 diff --git a/tests/data/test1556 b/tests/data/test1556 index 49ca0d90ad..8d9073774f 100644 --- a/tests/data/test1556 +++ b/tests/data/test1556 @@ -9,19 +9,19 @@ HTTP GET # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 6 -Connection: close -Content-Type: text/html -Funny-head: yesyes -Long: %repeat[100001 x A]% - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes +Long: %repeat[100001 x A]% + -foo- @@ -46,7 +46,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test156 b/tests/data/test156 index 743fe1816e..d5df473ee5 100644 --- a/tests/data/test156 +++ b/tests/data/test156 @@ -9,12 +9,12 @@ HTTP PUT # Server-side - -HTTP/1.1 200 No Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Connection: close - + +HTTP/1.1 200 No Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Connection: close + PUT received fine. Thank you very much diff --git a/tests/data/test1561 b/tests/data/test1561 index aea133c628..5af47edce0 100644 --- a/tests/data/test1561 +++ b/tests/data/test1561 @@ -76,7 +76,7 @@ Cookies set over HTTP can't override secure ones - + GET /%TESTNUMBER0001 HTTP/1.1 Host: www.example.com User-Agent: curl/%VERSION diff --git a/tests/data/test1562 b/tests/data/test1562 index cfcc430985..382339a84f 100644 --- a/tests/data/test1562 +++ b/tests/data/test1562 @@ -48,7 +48,7 @@ Expire secure cookies over HTTPS - + GET /%TESTNUMBER0001 HTTP/1.1 Host: www.example.com User-Agent: curl/%VERSION diff --git a/tests/data/test1563 b/tests/data/test1563 index ab089213f3..b682b8a727 100644 --- a/tests/data/test1563 +++ b/tests/data/test1563 @@ -36,7 +36,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER0001 -L -H "Host: www.example.com" 1 - + GET /%TESTNUMBER0001 HTTP/1.1 Host: www.example.com User-Agent: curl/%VERSION diff --git a/tests/data/test1566 b/tests/data/test1566 index b348352ebb..ba1b609a0e 100644 --- a/tests/data/test1566 +++ b/tests/data/test1566 @@ -46,7 +46,7 @@ downloaded already # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1567 b/tests/data/test1567 index 486d3eb9fb..82680ab560 100644 --- a/tests/data/test1567 +++ b/tests/data/test1567 @@ -48,7 +48,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test1568 b/tests/data/test1568 index 896077517a..abdd94d250 100644 --- a/tests/data/test1568 +++ b/tests/data/test1568 @@ -10,39 +10,39 @@ HTTP Digest auth - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + This is not the real page # This is supposed to be returned when the server gets a # Authorization: Digest line passed-in from the client - -HTTP/1.1 200 OK swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 - + +HTTP/1.1 200 OK swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 + This IS the real page! - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - -HTTP/1.1 200 OK swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + +HTTP/1.1 200 OK swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 + This IS the real page! @@ -71,7 +71,7 @@ http://%HOSTIP/%TESTNUMBER %HTTPPORT # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: lib%TESTNUMBER diff --git a/tests/data/test157 b/tests/data/test157 index a29112175a..da66cd4cf7 100644 --- a/tests/data/test157 +++ b/tests/data/test157 @@ -9,12 +9,12 @@ HTTP GET # Server-side - -HTTP/1.1 200 No Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Connection: close - + +HTTP/1.1 200 No Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Connection: close + GET received and served just fine. Thank you very much @@ -34,7 +34,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --anyauth # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1571 b/tests/data/test1571 index 440711b39e..622ec5ad15 100644 --- a/tests/data/test1571 +++ b/tests/data/test1571 @@ -8,7 +8,7 @@ CURLOPT_FOLLOWLOCATION # # Server-side - + HTTP/1.1 302 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -23,7 +23,7 @@ Funny-head: yesyes -foo- - + HTTP/1.1 200 OK Content-Length: 6 Connection: close @@ -31,7 +31,7 @@ Content-Type: text/html -bar- - + HTTP/1.1 302 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test1572 b/tests/data/test1572 index 968f76a9b8..36f3eef6e6 100644 --- a/tests/data/test1572 +++ b/tests/data/test1572 @@ -8,7 +8,7 @@ CURLOPT_FOLLOWLOCATION # # Server-side - + HTTP/1.1 308 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -23,7 +23,7 @@ Funny-head: yesyes -foo- - + HTTP/1.1 200 OK Content-Length: 6 Connection: close @@ -31,7 +31,7 @@ Content-Type: text/html -bar- - + HTTP/1.1 308 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test1573 b/tests/data/test1573 index 0e36d620f8..62f5a0e88e 100644 --- a/tests/data/test1573 +++ b/tests/data/test1573 @@ -8,7 +8,7 @@ CURLOPT_FOLLOWLOCATION # # Server-side - + HTTP/1.1 302 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -23,7 +23,7 @@ Funny-head: yesyes -foo- - + HTTP/1.1 200 OK Content-Length: 6 Connection: close @@ -31,7 +31,7 @@ Content-Type: text/html -bar- - + HTTP/1.1 302 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test1574 b/tests/data/test1574 index 6afc24b2ab..501c405389 100644 --- a/tests/data/test1574 +++ b/tests/data/test1574 @@ -8,7 +8,7 @@ CURLOPT_FOLLOWLOCATION # # Server-side - + HTTP/1.1 302 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -23,7 +23,7 @@ Funny-head: yesyes -foo- - + HTTP/1.1 200 OK Content-Length: 6 Connection: close @@ -31,7 +31,7 @@ Content-Type: text/html -bar- - + HTTP/1.1 302 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test1575 b/tests/data/test1575 index 5e44ca5ad4..d02080b2da 100644 --- a/tests/data/test1575 +++ b/tests/data/test1575 @@ -8,7 +8,7 @@ CURLOPT_FOLLOWLOCATION # # Server-side - + HTTP/1.1 308 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -23,7 +23,7 @@ Funny-head: yesyes -foo- - + HTTP/1.1 200 OK Content-Length: 6 Connection: close @@ -31,7 +31,7 @@ Content-Type: text/html -bar- - + HTTP/1.1 308 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test1576 b/tests/data/test1576 index 459218fecc..8048e1329d 100644 --- a/tests/data/test1576 +++ b/tests/data/test1576 @@ -8,7 +8,7 @@ CURLOPT_FOLLOWLOCATION # # Server-side - + HTTP/1.1 302 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -23,7 +23,7 @@ Funny-head: yesyes -foo- - + HTTP/1.1 200 OK Content-Length: 6 Connection: close @@ -31,7 +31,7 @@ Content-Type: text/html -bar- - + HTTP/1.1 302 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test1577 b/tests/data/test1577 index e26d1c44ee..42d26ae46d 100644 --- a/tests/data/test1577 +++ b/tests/data/test1577 @@ -8,7 +8,7 @@ CURLOPT_FOLLOWLOCATION # # Server-side - + HTTP/1.1 308 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -23,7 +23,7 @@ Funny-head: yesyes -foo- - + HTTP/1.1 200 OK Content-Length: 6 Connection: close @@ -31,7 +31,7 @@ Content-Type: text/html -bar- - + HTTP/1.1 308 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test1578 b/tests/data/test1578 index ede98d89cf..a8c9e7925a 100644 --- a/tests/data/test1578 +++ b/tests/data/test1578 @@ -8,7 +8,7 @@ CURLOPT_FOLLOWLOCATION # # Server-side - + HTTP/1.1 302 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -23,7 +23,7 @@ Funny-head: yesyes -foo- - + HTTP/1.1 200 OK Content-Length: 6 Connection: close @@ -31,7 +31,7 @@ Content-Type: text/html -bar- - + HTTP/1.1 302 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test1579 b/tests/data/test1579 index 3cd067e424..309f17a8bb 100644 --- a/tests/data/test1579 +++ b/tests/data/test1579 @@ -8,7 +8,7 @@ CURLOPT_FOLLOWLOCATION # # Server-side - + HTTP/1.1 303 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -23,7 +23,7 @@ Funny-head: yesyes -foo- - + HTTP/1.1 200 OK Content-Length: 6 Connection: close @@ -31,7 +31,7 @@ Content-Type: text/html -bar- - + HTTP/1.1 303 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test158 b/tests/data/test158 index 89def179cc..8c9737e273 100644 --- a/tests/data/test158 +++ b/tests/data/test158 @@ -8,10 +8,10 @@ HTTP POST # Server-side - -HTTP/1.1 100 Continue swsclose -Silly-header: yeeeees - + +HTTP/1.1 100 Continue swsclose +Silly-header: yeeeees + diff --git a/tests/data/test1580 b/tests/data/test1580 index 70b0f512f7..e67164a427 100644 --- a/tests/data/test1580 +++ b/tests/data/test1580 @@ -8,7 +8,7 @@ CURLOPT_FOLLOWLOCATION # # Server-side - + HTTP/1.1 308 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -23,7 +23,7 @@ Funny-head: yesyes -foo- - + HTTP/1.1 200 OK Content-Length: 6 Connection: close @@ -31,7 +31,7 @@ Content-Type: text/html -bar- - + HTTP/1.1 308 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test1581 b/tests/data/test1581 index c2f800c18f..5dac5229f4 100644 --- a/tests/data/test1581 +++ b/tests/data/test1581 @@ -8,7 +8,7 @@ CURLOPT_FOLLOWLOCATION # # Server-side - + HTTP/1.1 301 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -23,7 +23,7 @@ Funny-head: yesyes -foo- - + HTTP/1.1 200 OK Content-Length: 6 Connection: close @@ -31,7 +31,7 @@ Content-Type: text/html -bar- - + HTTP/1.1 301 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test1582 b/tests/data/test1582 index e446c7508f..d2c4ada1f0 100644 --- a/tests/data/test1582 +++ b/tests/data/test1582 @@ -8,7 +8,7 @@ GSS-API # Server-side - + HTTP/1.1 401 OK Date: Tue, 09 Nov 2030 14:49:00 GMT Server: test-server/fake @@ -42,7 +42,7 @@ https://%HOSTIP:%HTTPSPORT/ - + GET / HTTP/1.1 Host: %HOSTIP:%HTTPSPORT Accept: */* diff --git a/tests/data/test159 b/tests/data/test159 index b81faa17ac..f7af28a272 100644 --- a/tests/data/test159 +++ b/tests/data/test159 @@ -15,25 +15,25 @@ HTTP NTLM auth This is supposed to be returned when the server gets a first Authorization: NTLM line passed-in from the client --> - -HTTP/1.1 401 Now gimme that second request of crap -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== -Connection: close - + +HTTP/1.1 401 Now gimme that second request of crap +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== +Connection: close + This is not the real page either! - -HTTP/1.1 401 Now gimme that second request of crap -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== -Connection: close - + +HTTP/1.1 401 Now gimme that second request of crap +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAAAGgoEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== +Connection: close + This is not the real page either! @@ -60,7 +60,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --ntlm -0 # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.0 Host: %HOSTIP:%HTTPPORT Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= diff --git a/tests/data/test1590 b/tests/data/test1590 index f07f82ddd6..8d459601be 100644 --- a/tests/data/test1590 +++ b/tests/data/test1590 @@ -10,14 +10,14 @@ FETCH # # Server-side - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test1593 b/tests/data/test1593 index daf70afa4e..3c753f1005 100644 --- a/tests/data/test1593 +++ b/tests/data/test1593 @@ -36,7 +36,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Note here the lack of If-Modified-Since - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test1594 b/tests/data/test1594 index 24128d257f..e69da53a0b 100644 --- a/tests/data/test1594 +++ b/tests/data/test1594 @@ -36,7 +36,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test1595 b/tests/data/test1595 index 6b11a8d7b8..2094713224 100644 --- a/tests/data/test1595 +++ b/tests/data/test1595 @@ -35,7 +35,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test1596 b/tests/data/test1596 index 376fb5ebb8..c296ed7a6b 100644 --- a/tests/data/test1596 +++ b/tests/data/test1596 @@ -36,7 +36,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test16 b/tests/data/test16 index 5184c202ea..e32c8a0f48 100644 --- a/tests/data/test16 +++ b/tests/data/test16 @@ -10,14 +10,14 @@ HTTP proxy Basic auth # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Type: text/html -Funny-head: yesyes -Content-Length: 22 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/html +Funny-head: yesyes +Content-Length: 22 + the content goes here @@ -40,7 +40,7 @@ proxy # Verify data after the test has been "shot" - + GET http://we.want.that.site.com/%TESTNUMBER HTTP/1.1 Host: we.want.that.site.com Proxy-Authorization: Basic %b64[fake@user:loooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooong]b64% diff --git a/tests/data/test160 b/tests/data/test160 index 957dbd7fa2..1645a09853 100644 --- a/tests/data/test160 +++ b/tests/data/test160 @@ -9,18 +9,18 @@ DELAY # Server-side - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 9 - + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 9 + surprise - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close - + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close + surprise2 @@ -44,20 +44,20 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER http://%HOSTIP:%HTTPPORT/wantmore/%TES # Verify data after the test has been "shot" - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 9 - + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 9 + surprise -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close - +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close + surprise2 - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1613 b/tests/data/test1613 index fce1cb370a..7135788f35 100644 --- a/tests/data/test1613 +++ b/tests/data/test1613 @@ -10,15 +10,15 @@ HTTP proxy # # Server-side - -HTTP/1.1 200 OK -Date: Sat, 29 Feb 2020 16:10:44 GMT -Server: Blafasel/1.1 -Last-Modified: Sat, 29 Feb 2020 16:10:44 GMT -Content-Length: 0 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Sat, 29 Feb 2020 16:10:44 GMT +Server: Blafasel/1.1 +Last-Modified: Sat, 29 Feb 2020 16:10:44 GMT +Content-Length: 0 +Connection: close +Content-Type: text/html + diff --git a/tests/data/test1617 b/tests/data/test1617 index 623dd84a44..446e6707ca 100644 --- a/tests/data/test1617 +++ b/tests/data/test1617 @@ -10,30 +10,30 @@ Transfer-Encoding # # Server-side - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Transfer-Encoding: gzip, chunked - -2c + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Transfer-Encoding: gzip, chunked + +2c %hex[%1f%8b%08%08%79%9e%ab%41%00%03%6c%61%6c%61%6c%61%00%cb%c9%cc%4b%55%30%e4%52%c8%01%d1%46%5c]hex% %hex[%10%86%31%17%00]hex% -%hex[%02%71%60%18%00%00%00]hex% -0 - +%hex[%02%71%60%18%00%00%00]hex% +0 + - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Transfer-Encoding: gzip, chunked - + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Transfer-Encoding: gzip, chunked + line 1 line 2 line 3 @@ -61,7 +61,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --tr-encoding -H "Connection: this" -H "Con # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test162 b/tests/data/test162 index 8de635b044..02809e8127 100644 --- a/tests/data/test162 +++ b/tests/data/test162 @@ -44,7 +44,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --proxy http://%HOSTIP:%HTTPPORT --proxy-us # Verify data after the test has been "shot" - + GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= diff --git a/tests/data/test1630 b/tests/data/test1630 index 019928e9f0..ea538851a7 100644 --- a/tests/data/test1630 +++ b/tests/data/test1630 @@ -10,14 +10,14 @@ HTTPS proxy Basic auth # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Type: text/html -Funny-head: yesyes -Content-Length: 22 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/html +Funny-head: yesyes +Content-Length: 22 + the content goes here @@ -41,14 +41,14 @@ proxy # Verify data after the test has been "shot" - -GET http://we.want.that.site.com/%TESTNUMBER HTTP/1.1 -Host: we.want.that.site.com -Proxy-Authorization: Basic %b64[fake@user:loooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooong]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive - + +GET http://we.want.that.site.com/%TESTNUMBER HTTP/1.1 +Host: we.want.that.site.com +Proxy-Authorization: Basic %b64[fake@user:loooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooong]b64% +User-Agent: curl/%VERSION +Accept: */* +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test1631 b/tests/data/test1631 index 161952caad..7c2f81c3ee 100644 --- a/tests/data/test1631 +++ b/tests/data/test1631 @@ -11,14 +11,14 @@ flaky # This is the HTTPS proxy response - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Type: text/html -Funny-head: yesyes -Content-Length: 0 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/html +Funny-head: yesyes +Content-Length: 0 + # This is the FTP server response. The Life and Adventures of Robinson Crusoe @@ -61,17 +61,17 @@ proxy s/((https.proxy):(\d+))/$2:12345/ s/^(User-Agent: curl).*/$1/ - -CONNECT ftp.site.thru.https.proxy:12345 HTTP/1.1 -Host: ftp.site.thru.https.proxy:12345 + +CONNECT ftp.site.thru.https.proxy:12345 HTTP/1.1 +Host: ftp.site.thru.https.proxy:12345 User-Agent: curl -Proxy-Connection: Keep-Alive - -CONNECT ftp.site.thru.https.proxy:12345 HTTP/1.1 -Host: ftp.site.thru.https.proxy:12345 +Proxy-Connection: Keep-Alive + +CONNECT ftp.site.thru.https.proxy:12345 HTTP/1.1 +Host: ftp.site.thru.https.proxy:12345 User-Agent: curl -Proxy-Connection: Keep-Alive - +Proxy-Connection: Keep-Alive + USER anonymous diff --git a/tests/data/test1632 b/tests/data/test1632 index 81be080063..90cb56f616 100644 --- a/tests/data/test1632 +++ b/tests/data/test1632 @@ -11,14 +11,14 @@ flaky # This is the HTTPS proxy response - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Type: text/html -Funny-head: yesyes -Content-Length: 0 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/html +Funny-head: yesyes +Content-Length: 0 + # This is the FTP server response. The Life and Adventures of Robinson Crusoe @@ -71,22 +71,22 @@ proxy s/((https.proxy):(\d+))/$2:12345/ s/^(User-Agent: curl).*/$1/ - -CONNECT ftp.site.thru.https.proxy:12345 HTTP/1.1 -Host: ftp.site.thru.https.proxy:12345 + +CONNECT ftp.site.thru.https.proxy:12345 HTTP/1.1 +Host: ftp.site.thru.https.proxy:12345 User-Agent: curl -Proxy-Connection: Keep-Alive - -CONNECT ftp.site.thru.https.proxy:12345 HTTP/1.1 -Host: ftp.site.thru.https.proxy:12345 +Proxy-Connection: Keep-Alive + +CONNECT ftp.site.thru.https.proxy:12345 HTTP/1.1 +Host: ftp.site.thru.https.proxy:12345 User-Agent: curl -Proxy-Connection: Keep-Alive - -CONNECT ftp.site.thru.https.proxy:12345 HTTP/1.1 -Host: ftp.site.thru.https.proxy:12345 +Proxy-Connection: Keep-Alive + +CONNECT ftp.site.thru.https.proxy:12345 HTTP/1.1 +Host: ftp.site.thru.https.proxy:12345 User-Agent: curl -Proxy-Connection: Keep-Alive - +Proxy-Connection: Keep-Alive + USER anonymous diff --git a/tests/data/test1634 b/tests/data/test1634 index 50dfec7fcc..4ce7d75420 100644 --- a/tests/data/test1634 +++ b/tests/data/test1634 @@ -55,7 +55,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --retry 1 --fail # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1635 b/tests/data/test1635 index a3a1c82e47..a034406239 100644 --- a/tests/data/test1635 +++ b/tests/data/test1635 @@ -44,7 +44,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --retry 1 --fail-with-body # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test164 b/tests/data/test164 index b68876dbde..527c2919bf 100644 --- a/tests/data/test164 +++ b/tests/data/test164 @@ -54,7 +54,7 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -r 0-10,12-15 # Verify data after the test has been "shot" - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Range: bytes=0-10,12-15 diff --git a/tests/data/test165 b/tests/data/test165 index 9c686b685d..0d1c2ebdd0 100644 --- a/tests/data/test165 +++ b/tests/data/test165 @@ -11,13 +11,13 @@ IDN # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Content-Type: text/html -Funny-head: yesyes - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Content-Type: text/html +Funny-head: yesyes + @@ -46,7 +46,7 @@ http://www.%hex[%c3%a5%c3%a4%c3%b6]hex%.se/page/%TESTNUMBER -x %HOSTIP:%HTTPPORT # # Verify data after the test has been "shot" - + GET http://www.xn--4cab6c.se/page/%TESTNUMBER HTTP/1.1 Host: www.xn--4cab6c.se User-Agent: curl/%VERSION diff --git a/tests/data/test167 b/tests/data/test167 index cf5358bc21..f3f17897c1 100644 --- a/tests/data/test167 +++ b/tests/data/test167 @@ -11,28 +11,28 @@ HTTP Digest auth # Server-side - -HTTP/1.1 401 Authorization Required swsclose -WWW-Authenticate: Digest realm="weirdorealm", nonce="12345" - + +HTTP/1.1 401 Authorization Required swsclose +WWW-Authenticate: Digest realm="weirdorealm", nonce="12345" + - -HTTP/1.1 200 OK swsclose + +HTTP/1.1 200 OK swsclose Server: no Content-Length: 15 - + Nice auth sir! - -HTTP/1.1 401 Authorization Required swsclose -WWW-Authenticate: Digest realm="weirdorealm", nonce="12345" - -HTTP/1.1 200 OK swsclose + +HTTP/1.1 401 Authorization Required swsclose +WWW-Authenticate: Digest realm="weirdorealm", nonce="12345" + +HTTP/1.1 200 OK swsclose Server: no Content-Length: 15 - + Nice auth sir! @@ -58,7 +58,7 @@ http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER --proxy http://% # Verify data after the test has been "shot" - + GET http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER HTTP/1.1 Host: data.from.server.requiring.digest.hohoho.com Proxy-Authorization: Basic %b64[foo:bar]b64% diff --git a/tests/data/test1670 b/tests/data/test1670 index ba46bda1bd..887a9b36a4 100644 --- a/tests/data/test1670 +++ b/tests/data/test1670 @@ -47,7 +47,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w '%header{etag} %header{nope} %header{DAT # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1671 b/tests/data/test1671 index e452eafd9c..08ea2b1787 100644 --- a/tests/data/test1671 +++ b/tests/data/test1671 @@ -50,7 +50,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w '%{header_json}\n' -o %LOGDIR/%TESTNUMBE # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test168 b/tests/data/test168 index 4a6ea11b5e..167bab4d28 100644 --- a/tests/data/test168 +++ b/tests/data/test168 @@ -13,40 +13,40 @@ HTTP Digest auth # this is returned first since we get no proxy-auth - -HTTP/1.1 407 Authorization Required to proxy me my dear swsclose -Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345" - + +HTTP/1.1 407 Authorization Required to proxy me my dear swsclose +Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345" + And you should ignore this data. # then this is returned since we get no server-auth - -HTTP/1.1 401 Authorization to the remote host as well swsbounce swsclose -WWW-Authenticate: Digest realm="realmweirdo", nonce="123456" - + +HTTP/1.1 401 Authorization to the remote host as well swsbounce swsclose +WWW-Authenticate: Digest realm="realmweirdo", nonce="123456" + you should ignore this data too - -HTTP/1.1 200 OK swsclose + +HTTP/1.1 200 OK swsclose Server: no Content-Length: 15 - + Nice auth sir! - -HTTP/1.1 407 Authorization Required to proxy me my dear swsclose -Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345" - -HTTP/1.1 401 Authorization to the remote host as well swsbounce swsclose -WWW-Authenticate: Digest realm="realmweirdo", nonce="123456" - -HTTP/1.1 200 OK swsclose + +HTTP/1.1 407 Authorization Required to proxy me my dear swsclose +Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345" + +HTTP/1.1 401 Authorization to the remote host as well swsbounce swsclose +WWW-Authenticate: Digest realm="realmweirdo", nonce="123456" + +HTTP/1.1 200 OK swsclose Server: no Content-Length: 15 - + Nice auth sir! @@ -72,7 +72,7 @@ http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER --proxy http://% # Verify data after the test has been "shot" - + GET http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER HTTP/1.1 Host: data.from.server.requiring.digest.hohoho.com User-Agent: curl/%VERSION diff --git a/tests/data/test169 b/tests/data/test169 index 0b296a496e..100668d9bd 100644 --- a/tests/data/test169 +++ b/tests/data/test169 @@ -14,59 +14,59 @@ NTLM # this is returned first since we get no proxy-auth - -HTTP/1.1 407 Authorization Required to proxy me my dear swsclose -Proxy-Authenticate: NTLM - + +HTTP/1.1 407 Authorization Required to proxy me my dear swsclose +Proxy-Authenticate: NTLM + And you should ignore this data. # then this is returned since we get no server-auth - -HTTP/1.1 200 Authorizated fine -Content-Length: 27 - + +HTTP/1.1 200 Authorizated fine +Content-Length: 27 + Welcome to the end station - -HTTP/1.1 407 NTLM type-1 received sending back type-2 -Server: Microsoft-IIS/5.0 -Content-Length: 34 -Content-Type: text/html; charset=iso-8859-1 -Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== - + +HTTP/1.1 407 NTLM type-1 received sending back type-2 +Server: Microsoft-IIS/5.0 +Content-Length: 34 +Content-Type: text/html; charset=iso-8859-1 +Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + This is not the real page either! # This is supposed to be returned when the server gets the second # Authorization: NTLM line passed-in from the client - -HTTP/1.1 401 You now need to authenticate with the host -Server: Microsoft-IIS/5.0 -WWW-Authenticate: Digest realm="r e a l m", nonce="abcdef" -Content-Length: 46 -Content-Type: text/html; charset=iso-8859-1 - + +HTTP/1.1 401 You now need to authenticate with the host +Server: Microsoft-IIS/5.0 +WWW-Authenticate: Digest realm="r e a l m", nonce="abcdef" +Content-Length: 46 +Content-Type: text/html; charset=iso-8859-1 + We have not authenticated with the server yet - -HTTP/1.1 407 NTLM type-1 received sending back type-2 -Server: Microsoft-IIS/5.0 -Content-Length: 34 -Content-Type: text/html; charset=iso-8859-1 -Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== - -HTTP/1.1 401 You now need to authenticate with the host -Server: Microsoft-IIS/5.0 -WWW-Authenticate: Digest realm="r e a l m", nonce="abcdef" -Content-Length: 46 -Content-Type: text/html; charset=iso-8859-1 - -HTTP/1.1 200 Authorizated fine -Content-Length: 27 - + +HTTP/1.1 407 NTLM type-1 received sending back type-2 +Server: Microsoft-IIS/5.0 +Content-Length: 34 +Content-Type: text/html; charset=iso-8859-1 +Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + +HTTP/1.1 401 You now need to authenticate with the host +Server: Microsoft-IIS/5.0 +WWW-Authenticate: Digest realm="r e a l m", nonce="abcdef" +Content-Length: 46 +Content-Type: text/html; charset=iso-8859-1 + +HTTP/1.1 200 Authorizated fine +Content-Length: 27 + Welcome to the end station @@ -93,7 +93,7 @@ http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER --proxy http://% # Verify data after the test has been "shot" - + GET http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER HTTP/1.1 Host: data.from.server.requiring.digest.hohoho.com Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= diff --git a/tests/data/test170 b/tests/data/test170 index 7bfb06fcb8..05c2091ba2 100644 --- a/tests/data/test170 +++ b/tests/data/test170 @@ -34,7 +34,7 @@ http://a.galaxy.far.far.away/%TESTNUMBER --proxy http://%HOSTIP:%HTTPPORT --prox # Verify data after the test has been "shot" - + POST http://a.galaxy.far.far.away/%TESTNUMBER HTTP/1.1 Host: a.galaxy.far.far.away Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= diff --git a/tests/data/test1700 b/tests/data/test1700 index 7ebc98790e..6d26e1b011 100644 --- a/tests/data/test1700 +++ b/tests/data/test1700 @@ -10,27 +10,27 @@ HTTP/2 # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 6 -Connection: close -Content-Type: text/html -Funny-head: yesyes - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes + -foo- - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 6 +Connection: close +Content-Type: text/html + -maa- @@ -59,7 +59,7 @@ http://%HOSTIP:%HTTP2PORT/%TESTNUMBER --http2 http://%HOSTIP:%HTTP2PORT/%TESTNUM ^X-Forwarded-Proto:.* ^Via:.* - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTP2PORT User-Agent: curl/%VERSION @@ -71,28 +71,28 @@ User-Agent: curl/%VERSION Accept: */* - -HTTP/1.1 101 Switching Protocols -Connection: Upgrade -Upgrade: h2c - -HTTP/2 200 -date: Tue, 09 Nov 2010 14:49:00 GMT -last-modified: Tue, 13 Jun 2000 12:10:00 GMT -etag: "21025-dc7-39462498" -accept-ranges: bytes -content-length: 6 -content-type: text/html -funny-head: yesyes -via: 1.1 nghttpx - + +HTTP/1.1 101 Switching Protocols +Connection: Upgrade +Upgrade: h2c + +HTTP/2 200%spc% +date: Tue, 09 Nov 2010 14:49:00 GMT +last-modified: Tue, 13 Jun 2000 12:10:00 GMT +etag: "21025-dc7-39462498" +accept-ranges: bytes +content-length: 6 +content-type: text/html +funny-head: yesyes +via: 1.1 nghttpx + -foo- -HTTP/2 200 -date: Tue, 09 Nov 2010 14:49:00 GMT -content-length: 6 -content-type: text/html -via: 1.1 nghttpx - +HTTP/2 200%spc% +date: Tue, 09 Nov 2010 14:49:00 GMT +content-length: 6 +content-type: text/html +via: 1.1 nghttpx + -maa- diff --git a/tests/data/test1701 b/tests/data/test1701 index 4af318b7ea..44780df197 100644 --- a/tests/data/test1701 +++ b/tests/data/test1701 @@ -10,18 +10,18 @@ HTTP/2 # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 6 -Connection: close -Content-Type: text/html -Funny-head: yesyes - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes + -foo- @@ -60,21 +60,21 @@ Content-Type: application/x-www-form-urlencoded datatosend - -HTTP/1.1 101 Switching Protocols -Connection: Upgrade -Upgrade: h2c - -HTTP/2 200 -date: Tue, 09 Nov 2010 14:49:00 GMT -last-modified: Tue, 13 Jun 2000 12:10:00 GMT -etag: "21025-dc7-39462498" -accept-ranges: bytes -content-length: 6 -content-type: text/html -funny-head: yesyes -via: 1.1 nghttpx - + +HTTP/1.1 101 Switching Protocols +Connection: Upgrade +Upgrade: h2c + +HTTP/2 200%spc% +date: Tue, 09 Nov 2010 14:49:00 GMT +last-modified: Tue, 13 Jun 2000 12:10:00 GMT +etag: "21025-dc7-39462498" +accept-ranges: bytes +content-length: 6 +content-type: text/html +funny-head: yesyes +via: 1.1 nghttpx + -foo- diff --git a/tests/data/test1702 b/tests/data/test1702 index 6b7496c1b5..9f1b167761 100644 --- a/tests/data/test1702 +++ b/tests/data/test1702 @@ -10,18 +10,18 @@ HTTP/2 # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 6 -Connection: close -Content-Type: text/html -Funny-head: yesyes - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes + @@ -49,28 +49,28 @@ http://%HOSTIP:%HTTP2PORT/%TESTNUMBER --http2 --head ^X-Forwarded-Proto:.* ^Via:.* - + HEAD /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTP2PORT User-Agent: curl/%VERSION Accept: */* - -HTTP/1.1 101 Switching Protocols -Connection: Upgrade -Upgrade: h2c - -HTTP/2 200 -date: Tue, 09 Nov 2010 14:49:00 GMT -last-modified: Tue, 13 Jun 2000 12:10:00 GMT -etag: "21025-dc7-39462498" -accept-ranges: bytes -content-length: 6 -content-type: text/html -funny-head: yesyes -via: 1.1 nghttpx - + +HTTP/1.1 101 Switching Protocols +Connection: Upgrade +Upgrade: h2c + +HTTP/2 200%spc% +date: Tue, 09 Nov 2010 14:49:00 GMT +last-modified: Tue, 13 Jun 2000 12:10:00 GMT +etag: "21025-dc7-39462498" +accept-ranges: bytes +content-length: 6 +content-type: text/html +funny-head: yesyes +via: 1.1 nghttpx + s/^server: nghttpx.*\r?\n// diff --git a/tests/data/test1704 b/tests/data/test1704 index 8fd7ee57b5..2a5a942e71 100644 --- a/tests/data/test1704 +++ b/tests/data/test1704 @@ -10,15 +10,15 @@ HTTP/2 # # Server-side - -HTTP/2 101 OK + +HTTP/2 101 OK HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 6 -Connection: close -Content-Type: text/html - +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 6 +Connection: close +Content-Type: text/html + -maa- @@ -47,7 +47,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --http2 ^X-Forwarded-Proto:.* ^Via:.* - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test171 b/tests/data/test171 index d913d1191e..bfdde56baa 100644 --- a/tests/data/test171 +++ b/tests/data/test171 @@ -10,14 +10,14 @@ cookies # Server-side - -HTTP/1.1 200 OK -Date: Tue, 25 Sep 2001 19:37:44 GMT -Content-Type: text/html -Set-Cookie: XToken=xt;Domain=.z.x.com;Path=/ -Cache-control: private -Content-Length: 62 - + +HTTP/1.1 200 OK +Date: Tue, 25 Sep 2001 19:37:44 GMT +Content-Type: text/html +Set-Cookie: XToken=xt;Domain=.z.x.com;Path=/ +Cache-control: private +Content-Length: 62 + This server reply is for testing a simple cookie test case... @@ -41,7 +41,7 @@ proxy # Verify data after the test has been "shot" - + GET http://z.x.com/%TESTNUMBER HTTP/1.1 Host: z.x.com User-Agent: curl/%VERSION diff --git a/tests/data/test1711 b/tests/data/test1711 index 72016e3557..709266eac6 100644 --- a/tests/data/test1711 +++ b/tests/data/test1711 @@ -19,11 +19,11 @@ smtp Send >64K over SMTP - -From: different -To: another - -%repeat[5000 x test in body... ]% + +From: different +To: another + +%repeat[5000 x test in body... ]% smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -T %LOGDIR/email%TESTNUMBER diff --git a/tests/data/test172 b/tests/data/test172 index 5bdfbebcf8..cbf91d0bce 100644 --- a/tests/data/test172 +++ b/tests/data/test172 @@ -9,11 +9,11 @@ cookies # Server-side - -HTTP/1.1 200 OK -Content-Length: 4 -Connection: close - + +HTTP/1.1 200 OK +Content-Length: 4 +Connection: close + boo @@ -45,7 +45,7 @@ cookies # Verify data after the test has been "shot" - + GET /we/want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test174 b/tests/data/test174 index f07db6ac22..80a5141dd4 100644 --- a/tests/data/test174 +++ b/tests/data/test174 @@ -8,13 +8,13 @@ HTTP POST # Server-side - -HTTP/1.1 200 foobar swsclose -Server: Microsoft-IIS/6.0 -Authentication-Info: Passport1.4 tname=MSPAuth,tname=MSPProf,tname=MSPConsent,tname=MSPSecAuth -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - + +HTTP/1.1 200 foobar swsclose +Server: Microsoft-IIS/6.0 +Authentication-Info: Passport1.4 tname=MSPAuth,tname=MSPProf,tname=MSPConsent,tname=MSPSecAuth +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + This is not the real page diff --git a/tests/data/test175 b/tests/data/test175 index 1b5bb7fa9b..d74f7de6f1 100644 --- a/tests/data/test175 +++ b/tests/data/test175 @@ -9,35 +9,35 @@ HTTP Digest auth # Server-side - -HTTP/1.1 200 foobar swsclose swsbounce -Server: Microsoft-IIS/6.0 -Authentication-Info: Passport1.4 tname=MSPAuth,tname=MSPProf,tname=MSPConsent,tname=MSPSecAuth -Content-Type: text/html; charset=iso-8859-1 - + +HTTP/1.1 200 foobar swsclose swsbounce +Server: Microsoft-IIS/6.0 +Authentication-Info: Passport1.4 tname=MSPAuth,tname=MSPProf,tname=MSPConsent,tname=MSPSecAuth +Content-Type: text/html; charset=iso-8859-1 + This is not the real page - -HTTP/1.1 200 moo swsclose -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 16 - + +HTTP/1.1 200 moo swsclose +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 16 + content for you - -HTTP/1.1 200 foobar swsclose swsbounce -Server: Microsoft-IIS/6.0 -Authentication-Info: Passport1.4 tname=MSPAuth,tname=MSPProf,tname=MSPConsent,tname=MSPSecAuth -Content-Type: text/html; charset=iso-8859-1 - -HTTP/1.1 200 moo swsclose -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 16 - + +HTTP/1.1 200 foobar swsclose swsbounce +Server: Microsoft-IIS/6.0 +Authentication-Info: Passport1.4 tname=MSPAuth,tname=MSPProf,tname=MSPConsent,tname=MSPSecAuth +Content-Type: text/html; charset=iso-8859-1 + +HTTP/1.1 200 moo swsclose +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 16 + content for you diff --git a/tests/data/test176 b/tests/data/test176 index 3d34b38b88..ad2f61422b 100644 --- a/tests/data/test176 +++ b/tests/data/test176 @@ -10,35 +10,35 @@ HTTP NTLM auth # Server-side # the first request has NTLM type-1 included, and then the 1001 is returned - -HTTP/1.1 200 foobar swsclose -Server: Microsoft-IIS/6.0 -Authentication-Info: Passport1.4 tname=MSPAuth,tname=MSPProf,tname=MSPConsent,tname=MSPSecAuth -Content-Type: text/html; charset=iso-8859-1 - + +HTTP/1.1 200 foobar swsclose +Server: Microsoft-IIS/6.0 +Authentication-Info: Passport1.4 tname=MSPAuth,tname=MSPProf,tname=MSPConsent,tname=MSPSecAuth +Content-Type: text/html; charset=iso-8859-1 + # the second request should be auth-less and then this is returned. - -HTTP/1.1 200 moo swsclose -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 16 - + +HTTP/1.1 200 moo swsclose +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 16 + content for you - -HTTP/1.1 200 foobar swsclose -Server: Microsoft-IIS/6.0 -Authentication-Info: Passport1.4 tname=MSPAuth,tname=MSPProf,tname=MSPConsent,tname=MSPSecAuth -Content-Type: text/html; charset=iso-8859-1 - -HTTP/1.1 200 moo swsclose -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 16 - + +HTTP/1.1 200 foobar swsclose +Server: Microsoft-IIS/6.0 +Authentication-Info: Passport1.4 tname=MSPAuth,tname=MSPProf,tname=MSPConsent,tname=MSPSecAuth +Content-Type: text/html; charset=iso-8859-1 + +HTTP/1.1 200 moo swsclose +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 16 + content for you diff --git a/tests/data/test177 b/tests/data/test177 index 27bbfd83d4..2825c81c7a 100644 --- a/tests/data/test177 +++ b/tests/data/test177 @@ -10,12 +10,12 @@ followlocation # Server-side - -HTTP/1.1 302 *MOVED* swsclose swsbounce -Server: Microsoft-IIS/6.0 -Location: /mooooo/%TESTNUMBER -Content-Type: text/html; charset=iso-8859-1 - + +HTTP/1.1 302 *MOVED* swsclose swsbounce +Server: Microsoft-IIS/6.0 +Location: /mooooo/%TESTNUMBER +Content-Type: text/html; charset=iso-8859-1 + @@ -39,7 +39,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u auser:apasswd --digest -d "junkelijunk" # Verify data after the test has been "shot" - + POST /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test178 b/tests/data/test178 index 60f93bf92f..b7a13f278c 100644 --- a/tests/data/test178 +++ b/tests/data/test178 @@ -41,7 +41,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test179 b/tests/data/test179 index 7a91b34fc6..312b3d2981 100644 --- a/tests/data/test179 +++ b/tests/data/test179 @@ -46,7 +46,7 @@ proxy # Verify data after the test has been "shot" - + GET http://supertrooper.fake/c/%TESTNUMBER HTTP/1.1 Host: supertrooper.fake User-Agent: curl/%VERSION diff --git a/tests/data/test18 b/tests/data/test18 index d32ba17a17..3a92136d21 100644 --- a/tests/data/test18 +++ b/tests/data/test18 @@ -9,25 +9,25 @@ globbing # Server-side - -HTTP/1.1 200 OK -Funny-head: yesyes -Content-Length: 4 - + +HTTP/1.1 200 OK +Funny-head: yesyes +Content-Length: 4 + moo - -HTTP/1.1 200 OK -Funny-head: yesyes -Content-Length: 4 - + +HTTP/1.1 200 OK +Funny-head: yesyes +Content-Length: 4 + foo - -HTTP/1.1 200 OK -Funny-head: yesyes -Content-Length: 4 - + +HTTP/1.1 200 OK +Funny-head: yesyes +Content-Length: 4 + hoo @@ -47,7 +47,7 @@ multiple requests using {} in URL # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -64,21 +64,21 @@ User-Agent: curl/%VERSION Accept: */* - -HTTP/1.1 200 OK -Funny-head: yesyes -Content-Length: 4 - + +HTTP/1.1 200 OK +Funny-head: yesyes +Content-Length: 4 + moo -HTTP/1.1 200 OK -Funny-head: yesyes -Content-Length: 4 - +HTTP/1.1 200 OK +Funny-head: yesyes +Content-Length: 4 + foo -HTTP/1.1 200 OK -Funny-head: yesyes -Content-Length: 4 - +HTTP/1.1 200 OK +Funny-head: yesyes +Content-Length: 4 + hoo diff --git a/tests/data/test1800 b/tests/data/test1800 index 56a40806db..459bbd9701 100644 --- a/tests/data/test1800 +++ b/tests/data/test1800 @@ -42,7 +42,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --http2 - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1801 b/tests/data/test1801 index d5499b3cb9..0d48cf2343 100644 --- a/tests/data/test1801 +++ b/tests/data/test1801 @@ -49,7 +49,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --http2 - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1802 b/tests/data/test1802 index 61f6426a90..c8a2a5a193 100644 --- a/tests/data/test1802 +++ b/tests/data/test1802 @@ -7,7 +7,7 @@ HTTP CONNECT - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Accept-Ranges: bytes @@ -17,7 +17,7 @@ Content-Type: text/html -foo- - + HTTP/1.1 200 fine Connection: close Content-Length: 0 @@ -47,7 +47,7 @@ http://hello/wanted/page -p -x %HOSTIP:%HTTPPORT --header "User-Agent: myapp/1.0 # Verify data after the test has been "shot" - + CONNECT hello:80 HTTP/1.1 Proxy-Connection: Keep-Alive User-Agent: Benjamin/2 diff --git a/tests/data/test183 b/tests/data/test183 index f13ff2af43..11e89967b2 100644 --- a/tests/data/test183 +++ b/tests/data/test183 @@ -10,11 +10,11 @@ persistent connection # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 4 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 4 + moo @@ -37,7 +37,7 @@ proxy # Verify data after the test has been "shot" - + GET http://deathstar.another.galaxy/%TESTNUMBER HTTP/1.1 Host: deathstar.another.galaxy User-Agent: curl/%VERSION diff --git a/tests/data/test184 b/tests/data/test184 index 19d81cb03a..6686ba844f 100644 --- a/tests/data/test184 +++ b/tests/data/test184 @@ -10,31 +10,31 @@ followlocation # Server-side - -HTTP/1.1 301 OK swsbounce -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 4 + +HTTP/1.1 301 OK swsbounce +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 4 Location: http://yet.another.host/%TESTNUMBER - + moo - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 4 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 4 + moo - -HTTP/1.1 301 OK swsbounce -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 4 + +HTTP/1.1 301 OK swsbounce +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 4 Location: http://yet.another.host/%TESTNUMBER - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 4 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 4 + moo @@ -57,7 +57,7 @@ proxy # Verify data after the test has been "shot" - + GET http://deathstar.another.galaxy/%TESTNUMBER HTTP/1.1 Host: another.visitor.stay.a.while.stay.foreeeeeever User-Agent: curl/%VERSION diff --git a/tests/data/test185 b/tests/data/test185 index 66bba00bf7..04ceb45534 100644 --- a/tests/data/test185 +++ b/tests/data/test185 @@ -10,31 +10,31 @@ followlocation # Server-side - -HTTP/1.1 301 OK swsbounce -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 4 -Location: go/west/%TESTNUMBER - + +HTTP/1.1 301 OK swsbounce +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 4 +Location: go/west/%TESTNUMBER + moo - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 4 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 4 + moo - -HTTP/1.1 301 OK swsbounce -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 4 -Location: go/west/%TESTNUMBER - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 4 - + +HTTP/1.1 301 OK swsbounce +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 4 +Location: go/west/%TESTNUMBER + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 4 + moo @@ -57,7 +57,7 @@ proxy # Verify data after the test has been "shot" - + GET http://deathstar.another.galaxy/%TESTNUMBER HTTP/1.1 Host: another.visitor.stay.a.while.stay.foreeeeeever User-Agent: curl/%VERSION diff --git a/tests/data/test187 b/tests/data/test187 index 823bcdc471..c3d1199a23 100644 --- a/tests/data/test187 +++ b/tests/data/test187 @@ -60,7 +60,7 @@ http://%HOSTIP:%HTTPPORT?oh=what-weird=test/%TESTNUMBER -L # Verify data after the test has been "shot" - + GET /?oh=what-weird=test/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test188 b/tests/data/test188 index 2fca251129..79a7f5f84a 100644 --- a/tests/data/test188 +++ b/tests/data/test188 @@ -57,7 +57,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -C 50 -L # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Range: bytes=50- diff --git a/tests/data/test189 b/tests/data/test189 index d3cd0f2b2c..8d92ef578b 100644 --- a/tests/data/test189 +++ b/tests/data/test189 @@ -51,7 +51,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -C 50 -L # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Range: bytes=50- diff --git a/tests/data/test1901 b/tests/data/test1901 index 143a5f165a..196dde2c84 100644 --- a/tests/data/test1901 +++ b/tests/data/test1901 @@ -9,7 +9,7 @@ CURLOPT_READFUNCTION # Server-side - + HTTP/1.1 200 OK Content-Length: 6 Content-Type: text/html diff --git a/tests/data/test1903 b/tests/data/test1903 index 6c879de961..228b4d6ae4 100644 --- a/tests/data/test1903 +++ b/tests/data/test1903 @@ -9,7 +9,7 @@ CURLOPT_COOKIEFILE # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test1904 b/tests/data/test1904 index 4d359e4200..5869485116 100644 --- a/tests/data/test1904 +++ b/tests/data/test1904 @@ -22,9 +22,9 @@ Content-Length: 9 contents - -HTTP/1.1 204 Sure go ahead - + +HTTP/1.1 204 Sure go ahead + HTTP/1.1 204 Sure go ahead @@ -61,14 +61,14 @@ proxy # # Verify data after the test has been "shot" - -CONNECT test.%TESTNUMBER:%HTTPPORT HTTP/1.1 -Host: test.%TESTNUMBER:%HTTPPORT -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - + +CONNECT test.%TESTNUMBER:%HTTPPORT HTTP/1.1 +Host: test.%TESTNUMBER:%HTTPPORT +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + - + GET /we/want/that/page/%TESTNUMBER HTTP/1.1 Host: test.%TESTNUMBER:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1905 b/tests/data/test1905 index f335a0113b..690e8553ec 100644 --- a/tests/data/test1905 +++ b/tests/data/test1905 @@ -42,7 +42,7 @@ cookies # Verify data after the test has been "shot" - + GET /we/want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test1906 b/tests/data/test1906 index 5a6eb71326..3aaca0b05d 100644 --- a/tests/data/test1906 +++ b/tests/data/test1906 @@ -39,7 +39,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test1907 b/tests/data/test1907 index d92427cced..a1210516f9 100644 --- a/tests/data/test1907 +++ b/tests/data/test1907 @@ -37,7 +37,7 @@ lib%TESTNUMBER # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test1908 b/tests/data/test1908 index a49c49db22..0294b48e2b 100644 --- a/tests/data/test1908 +++ b/tests/data/test1908 @@ -57,7 +57,7 @@ lib%TESTNUMBER # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test1909 b/tests/data/test1909 index bcce977df6..a7be2d3076 100644 --- a/tests/data/test1909 +++ b/tests/data/test1909 @@ -43,7 +43,7 @@ HTTP GET --retry-all-errors to overcome partial transfer # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1910 b/tests/data/test1910 index 8485119e65..ba5a0d74b9 100644 --- a/tests/data/test1910 +++ b/tests/data/test1910 @@ -49,7 +49,7 @@ lib%TESTNUMBER # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[user%0aname:pass%0aword]b64% diff --git a/tests/data/test1919 b/tests/data/test1919 index ad2f851db8..bad31585e0 100644 --- a/tests/data/test1919 +++ b/tests/data/test1919 @@ -35,7 +35,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Bearer c4e448d652a961fda0ab64f882c8c161d5985f805d45d80c9ddca1 diff --git a/tests/data/test192 b/tests/data/test192 index 76912d227a..4bda64c477 100644 --- a/tests/data/test192 +++ b/tests/data/test192 @@ -36,7 +36,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w "%{num_connects}\n" # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test193 b/tests/data/test193 index 398127d522..2af00524be 100644 --- a/tests/data/test193 +++ b/tests/data/test193 @@ -48,7 +48,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w "%{num_connects}\n" -L # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1933 b/tests/data/test1933 index 15bbb9af73..a26d29585c 100644 --- a/tests/data/test1933 +++ b/tests/data/test1933 @@ -59,7 +59,7 @@ http://xxx:yyy@127.0.0.1:9000/%TESTNUMBER/testapi/test 127.0.0.1:9000:%HOSTIP:%H ^Content-Type:.* ^Accept:.* - + GET /%TESTNUMBER/testapi/test HTTP/1.1 Host: 127.0.0.1:9000 Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/0/127/xxx4_request, SignedHeaders=content-type;host;x-xxx-date, Signature=3d8e00a02e437211a596143dcd590fcc805b731365c68f7f48951ea6eda39c4f diff --git a/tests/data/test1934 b/tests/data/test1934 index 7aa3575e9f..9520c8193e 100644 --- a/tests/data/test1934 +++ b/tests/data/test1934 @@ -59,7 +59,7 @@ http://127.0.0.1:9000/%TESTNUMBER/testapi/test 127.0.0.1:9000:%HOSTIP:%HTTPPORT ^Content-Type:.* ^Accept:.* - + GET /%TESTNUMBER/testapi/test HTTP/1.1 Host: 127.0.0.1:9000 Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/0/127/xxx4_request, SignedHeaders=content-type;host;x-yyy-date, Signature=cf8dc9a4af903a1a9bb1385d8e2366d780afb501e266436598438395e502d58c diff --git a/tests/data/test1935 b/tests/data/test1935 index 26c9425376..4e0f11cb4f 100644 --- a/tests/data/test1935 +++ b/tests/data/test1935 @@ -59,7 +59,7 @@ http://127.0.0.1:9000/%TESTNUMBER/testapi/test 127.0.0.1:9000:%HOSTIP:%HTTPPORT ^Content-Type:.* ^Accept:.* - + GET /%TESTNUMBER/testapi/test HTTP/1.1 Host: 127.0.0.1:9000 Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/rrr/127/xxx4_request, SignedHeaders=content-type;host;x-yyy-date, Signature=a0b11b97b54689428d4188b788ed32865d607822d85d3e91cf06141f479dac0b diff --git a/tests/data/test1936 b/tests/data/test1936 index 2628b92305..d57b8161ef 100644 --- a/tests/data/test1936 +++ b/tests/data/test1936 @@ -59,7 +59,7 @@ http://127.0.0.1:9000/%TESTNUMBER/testapi/test 127.0.0.1:9000:%HOSTIP:%HTTPPORT ^Content-Type:.* ^Accept:.* - + GET /%TESTNUMBER/testapi/test HTTP/1.1 Host: 127.0.0.1:9000 Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/rrr/sss/xxx4_request, SignedHeaders=content-type;host;x-yyy-date, Signature=026b713d76b0789bd224c5e41322f74eed088f8a22fd15183ca68376c575c5b0 diff --git a/tests/data/test194 b/tests/data/test194 index ef7b24aae3..2d01a147ed 100644 --- a/tests/data/test194 +++ b/tests/data/test194 @@ -10,33 +10,33 @@ Resume # Server-side - -HTTP/1.1 416 Requested Range Not Satisfiable swsclose -Date: Fri, 24 Oct 2003 21:33:12 GMT -Server: Apache/1.3.19 (Unix) (Red-Hat/Linux) mod_ssl/2.8.1 OpenSSL/0.9.6 PHP/4.3.1 -Last-Modified: Fri, 24 Oct 2003 18:01:23 GMT -ETag: "ab57a-507-3f9968f3" -Accept-Ranges: bytes -Content-Length: 4 -Content-Range: bytes */87 -Content-Type: image/gif -Connection: close - + +HTTP/1.1 416 Requested Range Not Satisfiable swsclose +Date: Fri, 24 Oct 2003 21:33:12 GMT +Server: Apache/1.3.19 (Unix) (Red-Hat/Linux) mod_ssl/2.8.1 OpenSSL/0.9.6 PHP/4.3.1 +Last-Modified: Fri, 24 Oct 2003 18:01:23 GMT +ETag: "ab57a-507-3f9968f3" +Accept-Ranges: bytes +Content-Length: 4 +Content-Range: bytes */87 +Content-Type: image/gif +Connection: close + bad - -HTTP/1.1 416 Requested Range Not Satisfiable swsclose -Date: Fri, 24 Oct 2003 21:33:12 GMT -Server: Apache/1.3.19 (Unix) (Red-Hat/Linux) mod_ssl/2.8.1 OpenSSL/0.9.6 PHP/4.3.1 -Last-Modified: Fri, 24 Oct 2003 18:01:23 GMT -ETag: "ab57a-507-3f9968f3" -Accept-Ranges: bytes -Content-Length: 4 -Content-Range: bytes */87 -Content-Type: image/gif -Connection: close - + +HTTP/1.1 416 Requested Range Not Satisfiable swsclose +Date: Fri, 24 Oct 2003 21:33:12 GMT +Server: Apache/1.3.19 (Unix) (Red-Hat/Linux) mod_ssl/2.8.1 OpenSSL/0.9.6 PHP/4.3.1 +Last-Modified: Fri, 24 Oct 2003 18:01:23 GMT +ETag: "ab57a-507-3f9968f3" +Accept-Ranges: bytes +Content-Length: 4 +Content-Range: bytes */87 +Content-Type: image/gif +Connection: close + @@ -56,7 +56,7 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -C 87 --fail # Verify data after the test has been "shot" - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Range: bytes=87- diff --git a/tests/data/test1941 b/tests/data/test1941 index 9ef4b3b1e4..faa4b39005 100644 --- a/tests/data/test1941 +++ b/tests/data/test1941 @@ -20,11 +20,11 @@ Set-Cookie: cookie3=data3; Location: /%TESTNUMBER0002 - -HTTP/1.1 200 Sure go ahead -Server: from the connect -Silly-thing: yes yes - + +HTTP/1.1 200 Sure go ahead +Server: from the connect +Silly-thing: yes yes + @@ -54,11 +54,11 @@ http://hello:%HTTPPORT/%TESTNUMBER %HOSTIP:%PROXYPORT # Verify data after the test has been "shot" - -CONNECT hello:%HTTPPORT HTTP/1.1 -Host: hello:%HTTPPORT -Proxy-Connection: Keep-Alive - + +CONNECT hello:%HTTPPORT HTTP/1.1 +Host: hello:%HTTPPORT +Proxy-Connection: Keep-Alive + Date == Thu, 09 Nov 2010 14:49:00 GMT diff --git a/tests/data/test1945 b/tests/data/test1945 index 1b30965f60..06ab2c0f92 100644 --- a/tests/data/test1945 +++ b/tests/data/test1945 @@ -20,11 +20,11 @@ Set-Cookie: cookie3=data3; Location: /%TESTNUMBER0002 - -HTTP/1.1 200 Sure go ahead -Server: from the connect -Silly-thing: yes yes - + +HTTP/1.1 200 Sure go ahead +Server: from the connect +Silly-thing: yes yes + @@ -54,11 +54,11 @@ http://hello:%HTTPPORT/%TESTNUMBER %HOSTIP:%PROXYPORT # Verify data after the test has been "shot" - -CONNECT hello:%HTTPPORT HTTP/1.1 -Host: hello:%HTTPPORT -Proxy-Connection: Keep-Alive - + +CONNECT hello:%HTTPPORT HTTP/1.1 +Host: hello:%HTTPPORT +Proxy-Connection: Keep-Alive + Server == from the connect (0/2) diff --git a/tests/data/test1948 b/tests/data/test1948 index 39be768c0b..1f4c3c8ac4 100644 --- a/tests/data/test1948 +++ b/tests/data/test1948 @@ -9,26 +9,26 @@ HTTP PUT # Server-side - -HTTP/1.1 200 OK -Date: Thu, 01 Nov 2001 14:49:00 GMT -Content-Type: text/html -Content-Length: 6 - + +HTTP/1.1 200 OK +Date: Thu, 01 Nov 2001 14:49:00 GMT +Content-Type: text/html +Content-Length: 6 + hello - -HTTP/1.1 200 OK -Date: Thu, 01 Nov 2001 14:49:00 GMT -Content-Type: text/html -Content-Length: 6 - + +HTTP/1.1 200 OK +Date: Thu, 01 Nov 2001 14:49:00 GMT +Content-Type: text/html +Content-Length: 6 + hello -HTTP/1.1 200 OK -Date: Thu, 01 Nov 2001 14:49:00 GMT -Content-Type: text/html -Content-Length: 6 - +HTTP/1.1 200 OK +Date: Thu, 01 Nov 2001 14:49:00 GMT +Content-Type: text/html +Content-Length: 6 + hello diff --git a/tests/data/test1956 b/tests/data/test1956 index a53e57c44d..324de33913 100644 --- a/tests/data/test1956 +++ b/tests/data/test1956 @@ -59,7 +59,7 @@ http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPP ^Content-Type:.* ^Accept:.* - + GET /aws_sigv4/testapi/test HTTP/1.1 Host: exam.ple.com:9000 Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/ple/exam/xxx4_request, SignedHeaders=content-type;host;x-xxx-content-sha256;x-xxx-date, Signature=dfe78c8846a9b7d65d1eb4c1d6ea7bc886650d03f3568088cb8d5b4c3778287f diff --git a/tests/data/test1957 b/tests/data/test1957 index b30d9acdd3..5a3c914b5b 100644 --- a/tests/data/test1957 +++ b/tests/data/test1957 @@ -59,7 +59,7 @@ http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPP ^Content-Type:.* ^Accept:.* - + GET /aws_sigv4/testapi/test HTTP/1.1 Host: exam.ple.com:9000 Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/ple/exam/xxx4_request, SignedHeaders=content-type;host;x-xxx-content-sha256;x-xxx-date, Signature=25b4cac711ea8f65010c485d3778885f5f3870d0b8ff0b3ab58a8d7eeab991ff diff --git a/tests/data/test1958 b/tests/data/test1958 index 23aa849444..220f49aa5e 100644 --- a/tests/data/test1958 +++ b/tests/data/test1958 @@ -59,7 +59,7 @@ http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPP ^Content-Type:.* ^Accept:.* - + GET /aws_sigv4/testapi/test HTTP/1.1 Host: exam.ple.com:9000 Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/ple/exam/xxx4_request, SignedHeaders=content-type;host;x-xxx-content-sha256;x-xxx-date, Signature=25b4cac711ea8f65010c485d3778885f5f3870d0b8ff0b3ab58a8d7eeab991ff diff --git a/tests/data/test1959 b/tests/data/test1959 index 46ef85a678..e91a3128e8 100644 --- a/tests/data/test1959 +++ b/tests/data/test1959 @@ -59,7 +59,7 @@ http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPP ^Content-Type:.* ^Accept:.* - + GET /aws_sigv4/testapi/test HTTP/1.1 Host: exam.ple.com:9000 Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/ple/exam/xxx4_request, SignedHeaders=content-type;host;x-xxx-content-sha256;x-xxx-date, Signature=7b343a4aa55d73ffc05005d84480bc705a3367373ed8cae1a1c0fbd2b3aa0483 diff --git a/tests/data/test1960 b/tests/data/test1960 index cf36b17592..ce0a2cfc7a 100644 --- a/tests/data/test1960 +++ b/tests/data/test1960 @@ -9,7 +9,7 @@ CURL_SOCKOPT_ALREADY_CONNECTED # Server-side - + HTTP/1.1 200 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -42,7 +42,7 @@ http://%HOSTIP:%HTTPPORT/file %HOSTIP %HTTPPORT # Verify data after the test has been "shot" - + GET /file HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test1964 b/tests/data/test1964 index b005bbf932..9b7e2c968b 100644 --- a/tests/data/test1964 +++ b/tests/data/test1964 @@ -58,7 +58,7 @@ http://xxx:yyy@127.0.0.1:9000/%TESTNUMBER/testapi/test 127.0.0.1:9000:%HOSTIP:%H ^Content-Type:.* ^Accept:.* - + GET /%TESTNUMBER/testapi/test HTTP/1.1 Host: 127.0.0.1:9000 Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/0/127/xxx4_request, SignedHeaders=content-type;host;x-xxx-date, Signature=35da102c1df68f2ef85ade08ecc212fa663a66e3a973146f6578a5c5426e9669 diff --git a/tests/data/test197 b/tests/data/test197 index 31f132f8fd..29a6a29ba3 100644 --- a/tests/data/test197 +++ b/tests/data/test197 @@ -44,7 +44,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --retry 1000 # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1970 b/tests/data/test1970 index b3d3a36a0e..43df45e31f 100644 --- a/tests/data/test1970 +++ b/tests/data/test1970 @@ -59,7 +59,7 @@ http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPP ^Content-Type:.* ^Accept:.* - + PUT /aws_sigv4/testapi/test HTTP/1.1 Host: exam.ple.com:9000 Authorization: AWS4-HMAC-SHA256 Credential=xxx/19700101/us-east-1/s3/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=a028756f42a859122e9609c1f90cae4b272d6b03bf60d9fd354138176dfa2260 diff --git a/tests/data/test1974 b/tests/data/test1974 index f91606e362..74213d0ab6 100644 --- a/tests/data/test1974 +++ b/tests/data/test1974 @@ -59,7 +59,7 @@ http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPP ^Content-Type:.* ^Accept:.* - + GET /aws_sigv4/testapi/test HTTP/1.1 Host: exam.ple.com:9000 Authorization: AWS4-HMAC-SHA256 Credential=xxx/19700101/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=e6270423932feafe9b00ca5d60c9ed566be649f9ca9676144288273945153021 diff --git a/tests/data/test1976 b/tests/data/test1976 index 4abd457802..51e3b242b8 100644 --- a/tests/data/test1976 +++ b/tests/data/test1976 @@ -47,7 +47,7 @@ HTTP AWS_SIGV4 canonical request header sorting test # Strip the actual signature. We only care about header order in this test s/Signature=[a-f0-9]{64}/Signature=stripped/ - + PUT /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: AWS4-HMAC-SHA256 Credential=xxx/19700101/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-test;x-amz-meta-test-two, Signature=stripped diff --git a/tests/data/test1977 b/tests/data/test1977 index f2c1ead986..b8e2bb4f2b 100644 --- a/tests/data/test1977 +++ b/tests/data/test1977 @@ -44,7 +44,7 @@ effective URL: http://%HOSTIP:%HTTPPORT/%TESTNUMBER effective URL: http://%HOSTIP:%HTTPPORT/%TESTNUMBER?foo effective URL: http://%HOSTIP:%HTTPPORT/%TESTNUMBER?foo&bar - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test198 b/tests/data/test198 index e1e81aee51..42feffe7d2 100644 --- a/tests/data/test198 +++ b/tests/data/test198 @@ -53,7 +53,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --retry 1000 # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test1981 b/tests/data/test1981 index faf061c1d1..3aa0419f87 100644 --- a/tests/data/test1981 +++ b/tests/data/test1981 @@ -9,7 +9,7 @@ HTTP GET # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -48,7 +48,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --write-out='Time: %time{%d/%b/%Y %H:%M:%S. # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test199 b/tests/data/test199 index 4965d3ce93..763e7bf49e 100644 --- a/tests/data/test199 +++ b/tests/data/test199 @@ -42,7 +42,7 @@ HTTP with -d, -G and {} # # Verify data after the test has been "shot" - + GET /%TESTNUMBER?foo=moo&moo=poo HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test2 b/tests/data/test2 index 79d2cf9b7c..12e99b8147 100644 --- a/tests/data/test2 +++ b/tests/data/test2 @@ -9,7 +9,7 @@ HTTP Basic auth # # Server-side - + HTTP/1.1 200 Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake swsclose @@ -36,7 +36,7 @@ HTTP GET with user and password # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[fake:user]b64% diff --git a/tests/data/test2001 b/tests/data/test2001 index e9b9ae6f70..8792f8dbb6 100644 --- a/tests/data/test2001 +++ b/tests/data/test2001 @@ -13,18 +13,18 @@ multiprotocol # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 6 -Connection: close -Content-Type: text/html -Funny-head: yesyes - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes + -foo- diff --git a/tests/data/test2002 b/tests/data/test2002 index 4b2b4fef69..8fea4c110e 100644 --- a/tests/data/test2002 +++ b/tests/data/test2002 @@ -15,18 +15,18 @@ multiprotocol # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 6 -Connection: close -Content-Type: text/html -Funny-head: yesyes - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes + -foo- diff --git a/tests/data/test2003 b/tests/data/test2003 index 5ab3e41ac6..58a9d9580c 100644 --- a/tests/data/test2003 +++ b/tests/data/test2003 @@ -15,18 +15,18 @@ multiprotocol # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 6 -Connection: close -Content-Type: text/html -Funny-head: yesyes - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes + -foo- diff --git a/tests/data/test2005 b/tests/data/test2005 index 51e90782a9..c027f53c63 100644 --- a/tests/data/test2005 +++ b/tests/data/test2005 @@ -43,7 +43,7 @@ machine example.com # # Verify data after the test has been "shot" - + GET / HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[:5up3r53cr37]b64% diff --git a/tests/data/test2023 b/tests/data/test2023 index 3626499be1..f0e43d0ed2 100644 --- a/tests/data/test2023 +++ b/tests/data/test2023 @@ -10,91 +10,91 @@ HTTP Basic auth - -HTTP/1.1 401 Sorry wrong password -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Basic realm="testrealm" - + +HTTP/1.1 401 Sorry wrong password +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Basic realm="testrealm" + This is a bad password page! - -HTTP/1.1 200 Things are fine in server land -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 200 Things are fine in server land +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! - -HTTP/1.1 401 Sorry wrong password (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Basic realm="testrealm" - + +HTTP/1.1 401 Sorry wrong password (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Basic realm="testrealm" + This is a bad password page! - -HTTP/1.1 401 Sorry wrong password (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Basic realm="testrealm" - + +HTTP/1.1 401 Sorry wrong password (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Basic realm="testrealm" + This is a bad password page! - -HTTP/1.1 200 Things are fine in server land (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 200 Things are fine in server land (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! - -HTTP/1.1 401 Sorry wrong password -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Basic realm="testrealm" - + +HTTP/1.1 401 Sorry wrong password +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Basic realm="testrealm" + This is a bad password page! -HTTP/1.1 200 Things are fine in server land -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - +HTTP/1.1 200 Things are fine in server land +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! -HTTP/1.1 401 Sorry wrong password (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Basic realm="testrealm" - +HTTP/1.1 401 Sorry wrong password (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Basic realm="testrealm" + This is a bad password page! -HTTP/1.1 401 Sorry wrong password (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Basic realm="testrealm" - +HTTP/1.1 401 Sorry wrong password (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Basic realm="testrealm" + This is a bad password page! -HTTP/1.1 200 Things are fine in server land (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - +HTTP/1.1 200 Things are fine in server land (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! @@ -119,7 +119,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER basic basic # Verify data after the test has been "shot" - + GET /%TESTNUMBER0100 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[testuser:wrongpass]b64% diff --git a/tests/data/test2024 b/tests/data/test2024 index b2d6f729ae..7838aeb2eb 100644 --- a/tests/data/test2024 +++ b/tests/data/test2024 @@ -14,97 +14,97 @@ HTTP Digest auth ensure that the order doesn't matter. --> - -HTTP/1.1 401 Sorry wrong password -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Digest realm="testrealm", nonce="1" -WWW-Authenticate: Basic realm="testrealm" - + +HTTP/1.1 401 Sorry wrong password +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Digest realm="testrealm", nonce="1" +WWW-Authenticate: Basic realm="testrealm" + This is a bad password page! - -HTTP/1.1 200 Things are fine in server land -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 200 Things are fine in server land +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! - -HTTP/1.1 401 Sorry wrong password (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Digest realm="testrealm", nonce="2" -WWW-Authenticate: Basic realm="testrealm" - + +HTTP/1.1 401 Sorry wrong password (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Digest realm="testrealm", nonce="2" +WWW-Authenticate: Basic realm="testrealm" + This is a bad password page! - -HTTP/1.1 401 Sorry wrong password (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Digest realm="testrealm", nonce="3" -WWW-Authenticate: Basic realm="testrealm" - + +HTTP/1.1 401 Sorry wrong password (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Digest realm="testrealm", nonce="3" +WWW-Authenticate: Basic realm="testrealm" + This is a bad password page! - -HTTP/1.1 200 Things are fine in server land (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 200 Things are fine in server land (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! - -HTTP/1.1 401 Sorry wrong password -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Digest realm="testrealm", nonce="1" -WWW-Authenticate: Basic realm="testrealm" - + +HTTP/1.1 401 Sorry wrong password +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Digest realm="testrealm", nonce="1" +WWW-Authenticate: Basic realm="testrealm" + This is a bad password page! -HTTP/1.1 200 Things are fine in server land -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - +HTTP/1.1 200 Things are fine in server land +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! -HTTP/1.1 401 Sorry wrong password (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Digest realm="testrealm", nonce="2" -WWW-Authenticate: Basic realm="testrealm" - +HTTP/1.1 401 Sorry wrong password (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Digest realm="testrealm", nonce="2" +WWW-Authenticate: Basic realm="testrealm" + This is a bad password page! -HTTP/1.1 401 Sorry wrong password (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Digest realm="testrealm", nonce="3" -WWW-Authenticate: Basic realm="testrealm" - +HTTP/1.1 401 Sorry wrong password (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Digest realm="testrealm", nonce="3" +WWW-Authenticate: Basic realm="testrealm" + This is a bad password page! -HTTP/1.1 200 Things are fine in server land (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - +HTTP/1.1 200 Things are fine in server land (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! @@ -134,7 +134,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER basic digest # Verify data after the test has been "shot" - + GET /%TESTNUMBER0100 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[testuser:wrongpass]b64% diff --git a/tests/data/test2025 b/tests/data/test2025 index 9f6dd4176d..2b2c6f33f8 100644 --- a/tests/data/test2025 +++ b/tests/data/test2025 @@ -15,178 +15,178 @@ NTLM ensure that the order doesn't matter. --> - -HTTP/1.1 401 Sorry wrong password -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: NTLM -WWW-Authenticate: Basic realm="testrealm" - + +HTTP/1.1 401 Sorry wrong password +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: NTLM +WWW-Authenticate: Basic realm="testrealm" + This is a bad password page! - -HTTP/1.1 401 Need Basic or NTLM auth -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: Basic realm="testrealm" -WWW-Authenticate: NTLM - + +HTTP/1.1 401 Need Basic or NTLM auth +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: Basic realm="testrealm" +WWW-Authenticate: NTLM + This is not the real page! - -HTTP/1.1 401 NTLM intermediate -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - + +HTTP/1.1 401 NTLM intermediate +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + This is still not the real page! - -HTTP/1.1 200 Things are fine in server land -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 200 Things are fine in server land +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! - -HTTP/1.1 401 Sorry wrong password (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: NTLM -WWW-Authenticate: Basic realm="testrealm" - + +HTTP/1.1 401 Sorry wrong password (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: NTLM +WWW-Authenticate: Basic realm="testrealm" + This is a bad password page! - -HTTP/1.1 401 Need Basic or NTLM auth (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: Basic realm="testrealm" -WWW-Authenticate: NTLM - + +HTTP/1.1 401 Need Basic or NTLM auth (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: Basic realm="testrealm" +WWW-Authenticate: NTLM + This is not the real page! - -HTTP/1.1 401 NTLM intermediate (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - + +HTTP/1.1 401 NTLM intermediate (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + This is still not the real page! - -HTTP/1.1 401 Sorry wrong password (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: NTLM -WWW-Authenticate: Basic realm="testrealm" - + +HTTP/1.1 401 Sorry wrong password (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: NTLM +WWW-Authenticate: Basic realm="testrealm" + This is a bad password page! - -HTTP/1.1 401 Need Basic or NTLM auth (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: Basic realm="testrealm" -WWW-Authenticate: NTLM - + +HTTP/1.1 401 Need Basic or NTLM auth (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: Basic realm="testrealm" +WWW-Authenticate: NTLM + This is not the real page! - -HTTP/1.1 401 NTLM intermediate (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - + +HTTP/1.1 401 NTLM intermediate (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + This is still not the real page! - -HTTP/1.1 200 Things are fine in server land (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 200 Things are fine in server land (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! - -HTTP/1.1 401 Sorry wrong password -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: NTLM -WWW-Authenticate: Basic realm="testrealm" - + +HTTP/1.1 401 Sorry wrong password +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: NTLM +WWW-Authenticate: Basic realm="testrealm" + This is a bad password page! -HTTP/1.1 401 NTLM intermediate -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - -HTTP/1.1 200 Things are fine in server land -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - +HTTP/1.1 401 NTLM intermediate +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + +HTTP/1.1 200 Things are fine in server land +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! -HTTP/1.1 401 Sorry wrong password (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: NTLM -WWW-Authenticate: Basic realm="testrealm" - +HTTP/1.1 401 Sorry wrong password (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: NTLM +WWW-Authenticate: Basic realm="testrealm" + This is a bad password page! -HTTP/1.1 401 NTLM intermediate (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - -HTTP/1.1 401 Sorry wrong password (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: NTLM -WWW-Authenticate: Basic realm="testrealm" - +HTTP/1.1 401 NTLM intermediate (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + +HTTP/1.1 401 Sorry wrong password (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: NTLM +WWW-Authenticate: Basic realm="testrealm" + This is a bad password page! -HTTP/1.1 401 NTLM intermediate (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - -HTTP/1.1 200 Things are fine in server land (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - +HTTP/1.1 401 NTLM intermediate (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + +HTTP/1.1 200 Things are fine in server land (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! @@ -216,7 +216,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER basic ntlm # Verify data after the test has been "shot" - + GET /%TESTNUMBER0100 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[testuser:wrongpass]b64% diff --git a/tests/data/test2026 b/tests/data/test2026 index e3b5e946cc..d576725c4c 100644 --- a/tests/data/test2026 +++ b/tests/data/test2026 @@ -14,133 +14,133 @@ HTTP Digest auth ensure that the order doesn't matter. --> - -HTTP/1.1 401 Need Basic or Digest auth -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: Digest realm="testrealm", nonce="1" -WWW-Authenticate: Basic realm="testrealm" - + +HTTP/1.1 401 Need Basic or Digest auth +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: Digest realm="testrealm", nonce="1" +WWW-Authenticate: Basic realm="testrealm" + This is not the real page! - -HTTP/1.1 401 Sorry wrong password -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Basic realm="testrealm" -WWW-Authenticate: Digest realm="testrealm", nonce="2" - + +HTTP/1.1 401 Sorry wrong password +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Basic realm="testrealm" +WWW-Authenticate: Digest realm="testrealm", nonce="2" + This is a bad password page! - -HTTP/1.1 200 Things are fine in server land -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 200 Things are fine in server land +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! - -HTTP/1.1 401 Need Basic or Digest auth (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: Digest realm="testrealm", nonce="3" -WWW-Authenticate: Basic realm="testrealm" - + +HTTP/1.1 401 Need Basic or Digest auth (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: Digest realm="testrealm", nonce="3" +WWW-Authenticate: Basic realm="testrealm" + This is not the real page! - -HTTP/1.1 401 Sorry wrong password (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Basic realm="testrealm" -WWW-Authenticate: Digest realm="testrealm", nonce="4" - + +HTTP/1.1 401 Sorry wrong password (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Basic realm="testrealm" +WWW-Authenticate: Digest realm="testrealm", nonce="4" + This is a bad password page! - -HTTP/1.1 401 Sorry wrong password (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Digest realm="testrealm", nonce="5" -WWW-Authenticate: Basic realm="testrealm" - + +HTTP/1.1 401 Sorry wrong password (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Digest realm="testrealm", nonce="5" +WWW-Authenticate: Basic realm="testrealm" + This is a bad password page! - -HTTP/1.1 200 Things are fine in server land (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 200 Things are fine in server land (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! - -HTTP/1.1 401 Need Basic or Digest auth -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: Digest realm="testrealm", nonce="1" -WWW-Authenticate: Basic realm="testrealm" - -HTTP/1.1 401 Sorry wrong password -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Basic realm="testrealm" -WWW-Authenticate: Digest realm="testrealm", nonce="2" - + +HTTP/1.1 401 Need Basic or Digest auth +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: Digest realm="testrealm", nonce="1" +WWW-Authenticate: Basic realm="testrealm" + +HTTP/1.1 401 Sorry wrong password +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Basic realm="testrealm" +WWW-Authenticate: Digest realm="testrealm", nonce="2" + This is a bad password page! -HTTP/1.1 200 Things are fine in server land -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - +HTTP/1.1 200 Things are fine in server land +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! -HTTP/1.1 401 Need Basic or Digest auth (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: Digest realm="testrealm", nonce="3" -WWW-Authenticate: Basic realm="testrealm" - -HTTP/1.1 401 Sorry wrong password (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Basic realm="testrealm" -WWW-Authenticate: Digest realm="testrealm", nonce="4" - +HTTP/1.1 401 Need Basic or Digest auth (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: Digest realm="testrealm", nonce="3" +WWW-Authenticate: Basic realm="testrealm" + +HTTP/1.1 401 Sorry wrong password (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Basic realm="testrealm" +WWW-Authenticate: Digest realm="testrealm", nonce="4" + This is a bad password page! -HTTP/1.1 401 Sorry wrong password (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Digest realm="testrealm", nonce="5" -WWW-Authenticate: Basic realm="testrealm" - +HTTP/1.1 401 Sorry wrong password (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Digest realm="testrealm", nonce="5" +WWW-Authenticate: Basic realm="testrealm" + This is a bad password page! -HTTP/1.1 200 Things are fine in server land (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - +HTTP/1.1 200 Things are fine in server land (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! @@ -170,7 +170,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER digest basic # Verify data after the test has been "shot" - + GET /%TESTNUMBER0100 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test2027 b/tests/data/test2027 index b4ca0e327d..bff987e1cc 100644 --- a/tests/data/test2027 +++ b/tests/data/test2027 @@ -21,149 +21,149 @@ HTTP Digest auth --> - -HTTP/1.1 401 Need Digest auth -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: Digest realm="testrealm", nonce="1" - + +HTTP/1.1 401 Need Digest auth +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: Digest realm="testrealm", nonce="1" + This is not the real page! - -HTTP/1.1 401 Sorry wrong password -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Digest realm="testrealm", nonce="2" - + +HTTP/1.1 401 Sorry wrong password +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Digest realm="testrealm", nonce="2" + This is a bad password page! - -HTTP/1.1 401 Need Digest auth (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: Digest realm="testrealm", nonce="3" - + +HTTP/1.1 401 Need Digest auth (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: Digest realm="testrealm", nonce="3" + This is not the real page! - -HTTP/1.1 200 Things are fine in server land -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 200 Things are fine in server land +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! - -HTTP/1.1 401 Need Digest auth (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: Digest realm="testrealm", nonce="4" - + +HTTP/1.1 401 Need Digest auth (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: Digest realm="testrealm", nonce="4" + This is not the real page! - -HTTP/1.1 401 Sorry wrong password (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Digest realm="testrealm", nonce="5" - + +HTTP/1.1 401 Sorry wrong password (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Digest realm="testrealm", nonce="5" + This is a bad password page! - -HTTP/1.1 401 Need Digest auth (4) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: Digest realm="testrealm", nonce="6" - + +HTTP/1.1 401 Need Digest auth (4) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: Digest realm="testrealm", nonce="6" + This is not the real page! - -HTTP/1.1 401 Sorry wrong password (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Digest realm="testrealm", nonce="7" - + +HTTP/1.1 401 Sorry wrong password (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Digest realm="testrealm", nonce="7" + This is a bad password page! - -HTTP/1.1 200 Things are fine in server land (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 200 Things are fine in server land (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! - -HTTP/1.1 401 Need Digest auth -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: Digest realm="testrealm", nonce="1" - -HTTP/1.1 401 Sorry wrong password -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Digest realm="testrealm", nonce="2" - + +HTTP/1.1 401 Need Digest auth +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: Digest realm="testrealm", nonce="1" + +HTTP/1.1 401 Sorry wrong password +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Digest realm="testrealm", nonce="2" + This is a bad password page! -HTTP/1.1 200 Things are fine in server land -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - +HTTP/1.1 200 Things are fine in server land +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! -HTTP/1.1 401 Need Digest auth (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: Digest realm="testrealm", nonce="4" - -HTTP/1.1 401 Sorry wrong password (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Digest realm="testrealm", nonce="5" - +HTTP/1.1 401 Need Digest auth (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: Digest realm="testrealm", nonce="4" + +HTTP/1.1 401 Sorry wrong password (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Digest realm="testrealm", nonce="5" + This is a bad password page! -HTTP/1.1 401 Sorry wrong password (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Digest realm="testrealm", nonce="7" - -HTTP/1.1 401 Sorry wrong password (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Digest realm="testrealm", nonce="7" - +HTTP/1.1 401 Sorry wrong password (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Digest realm="testrealm", nonce="7" + +HTTP/1.1 401 Sorry wrong password (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Digest realm="testrealm", nonce="7" + This is a bad password page! -HTTP/1.1 200 Things are fine in server land (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - +HTTP/1.1 200 Things are fine in server land (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! @@ -193,7 +193,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER digest digest # Verify data after the test has been "shot" - + GET /%TESTNUMBER0100 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test2028 b/tests/data/test2028 index ef87640ac8..7f71f0549c 100644 --- a/tests/data/test2028 +++ b/tests/data/test2028 @@ -15,214 +15,214 @@ NTLM ensure that the order doesn't matter. --> - -HTTP/1.1 401 Need Digest or NTLM auth -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: NTLM -WWW-Authenticate: Digest realm="testrealm", nonce="1" - + +HTTP/1.1 401 Need Digest or NTLM auth +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: NTLM +WWW-Authenticate: Digest realm="testrealm", nonce="1" + This is not the real page! - -HTTP/1.1 401 Sorry wrong password -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Digest realm="testrealm", nonce="2" -WWW-Authenticate: NTLM - + +HTTP/1.1 401 Sorry wrong password +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Digest realm="testrealm", nonce="2" +WWW-Authenticate: NTLM + This is a bad password page! - -HTTP/1.1 401 Need Digest or NTLM auth (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: NTLM -WWW-Authenticate: Digest realm="testrealm", nonce="3" - + +HTTP/1.1 401 Need Digest or NTLM auth (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: NTLM +WWW-Authenticate: Digest realm="testrealm", nonce="3" + This is not the real page! - -HTTP/1.1 401 NTLM intermediate -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - + +HTTP/1.1 401 NTLM intermediate +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + This is still not the real page! - -HTTP/1.1 200 Things are fine in server land -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 200 Things are fine in server land +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! - -HTTP/1.1 401 Need Digest or NTLM auth (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: Digest realm="testrealm", nonce="4" -WWW-Authenticate: NTLM - + +HTTP/1.1 401 Need Digest or NTLM auth (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: Digest realm="testrealm", nonce="4" +WWW-Authenticate: NTLM + This is not the real page! - -HTTP/1.1 401 Sorry wrong password (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: NTLM -WWW-Authenticate: Digest realm="testrealm", nonce="5" - + +HTTP/1.1 401 Sorry wrong password (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: NTLM +WWW-Authenticate: Digest realm="testrealm", nonce="5" + This is a bad password page! - -HTTP/1.1 401 Need Digest or NTLM auth (4) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: Digest realm="testrealm", nonce="6" -WWW-Authenticate: NTLM - + +HTTP/1.1 401 Need Digest or NTLM auth (4) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: Digest realm="testrealm", nonce="6" +WWW-Authenticate: NTLM + This is not the real page! - -HTTP/1.1 401 NTLM intermediate (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - + +HTTP/1.1 401 NTLM intermediate (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + This is still not the real page! - -HTTP/1.1 401 Sorry wrong password (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: NTLM -WWW-Authenticate: Digest realm="testrealm", nonce="7" - + +HTTP/1.1 401 Sorry wrong password (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: NTLM +WWW-Authenticate: Digest realm="testrealm", nonce="7" + This is a bad password page! - -HTTP/1.1 401 Need Digest or NTLM auth (5) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: Digest realm="testrealm", nonce="8" -WWW-Authenticate: NTLM - + +HTTP/1.1 401 Need Digest or NTLM auth (5) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: Digest realm="testrealm", nonce="8" +WWW-Authenticate: NTLM + This is not the real page! - -HTTP/1.1 401 NTLM intermediate (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - + +HTTP/1.1 401 NTLM intermediate (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + This is still not the real page! - -HTTP/1.1 200 Things are fine in server land (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 200 Things are fine in server land (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! - -HTTP/1.1 401 Need Digest or NTLM auth -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: NTLM -WWW-Authenticate: Digest realm="testrealm", nonce="1" - -HTTP/1.1 401 Sorry wrong password -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Digest realm="testrealm", nonce="2" -WWW-Authenticate: NTLM - + +HTTP/1.1 401 Need Digest or NTLM auth +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: NTLM +WWW-Authenticate: Digest realm="testrealm", nonce="1" + +HTTP/1.1 401 Sorry wrong password +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Digest realm="testrealm", nonce="2" +WWW-Authenticate: NTLM + This is a bad password page! -HTTP/1.1 401 NTLM intermediate -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - -HTTP/1.1 200 Things are fine in server land -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - +HTTP/1.1 401 NTLM intermediate +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + +HTTP/1.1 200 Things are fine in server land +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! -HTTP/1.1 401 Need Digest or NTLM auth (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: Digest realm="testrealm", nonce="4" -WWW-Authenticate: NTLM - -HTTP/1.1 401 Sorry wrong password (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: NTLM -WWW-Authenticate: Digest realm="testrealm", nonce="5" - +HTTP/1.1 401 Need Digest or NTLM auth (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: Digest realm="testrealm", nonce="4" +WWW-Authenticate: NTLM + +HTTP/1.1 401 Sorry wrong password (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: NTLM +WWW-Authenticate: Digest realm="testrealm", nonce="5" + This is a bad password page! -HTTP/1.1 401 NTLM intermediate (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - -HTTP/1.1 401 Sorry wrong password (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: NTLM -WWW-Authenticate: Digest realm="testrealm", nonce="7" - +HTTP/1.1 401 NTLM intermediate (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + +HTTP/1.1 401 Sorry wrong password (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: NTLM +WWW-Authenticate: Digest realm="testrealm", nonce="7" + This is a bad password page! -HTTP/1.1 401 NTLM intermediate (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - -HTTP/1.1 200 Things are fine in server land (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - +HTTP/1.1 401 NTLM intermediate (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + +HTTP/1.1 200 Things are fine in server land (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! @@ -253,7 +253,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER digest ntlm # Verify data after the test has been "shot" - + GET /%TESTNUMBER0100 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test2029 b/tests/data/test2029 index 9b43d0f87f..08a955fed7 100644 --- a/tests/data/test2029 +++ b/tests/data/test2029 @@ -15,151 +15,151 @@ NTLM ensure that the order doesn't matter. --> - -HTTP/1.1 401 Need Basic or NTLM auth -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: NTLM -WWW-Authenticate: Basic realm="testrealm" - + +HTTP/1.1 401 Need Basic or NTLM auth +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: NTLM +WWW-Authenticate: Basic realm="testrealm" + This is not the real page! - -HTTP/1.1 401 NTLM intermediate -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - + +HTTP/1.1 401 NTLM intermediate +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + This is still not the real page! - -HTTP/1.1 401 Sorry wrong password -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Basic realm="testrealm" -WWW-Authenticate: NTLM - + +HTTP/1.1 401 Sorry wrong password +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Basic realm="testrealm" +WWW-Authenticate: NTLM + This is a bad password page! - -HTTP/1.1 200 Things are fine in server land -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 200 Things are fine in server land +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! - -HTTP/1.1 401 Need Basic or NTLM auth (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: NTLM -WWW-Authenticate: Basic realm="testrealm" - + +HTTP/1.1 401 Need Basic or NTLM auth (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: NTLM +WWW-Authenticate: Basic realm="testrealm" + This is not the real page! - -HTTP/1.1 401 NTLM intermediate (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - + +HTTP/1.1 401 NTLM intermediate (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + This is still not the real page! - -HTTP/1.1 401 Sorry wrong password (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Basic realm="testrealm" -WWW-Authenticate: NTLM - + +HTTP/1.1 401 Sorry wrong password (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Basic realm="testrealm" +WWW-Authenticate: NTLM + This is a bad password page! - -HTTP/1.1 401 Sorry wrong password (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: NTLM -WWW-Authenticate: Basic realm="testrealm" - + +HTTP/1.1 401 Sorry wrong password (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: NTLM +WWW-Authenticate: Basic realm="testrealm" + This is a bad password page! - -HTTP/1.1 200 Things are fine in server land (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 200 Things are fine in server land (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! - -HTTP/1.1 401 NTLM intermediate -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - -HTTP/1.1 401 Sorry wrong password -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Basic realm="testrealm" -WWW-Authenticate: NTLM - + +HTTP/1.1 401 NTLM intermediate +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + +HTTP/1.1 401 Sorry wrong password +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Basic realm="testrealm" +WWW-Authenticate: NTLM + This is a bad password page! -HTTP/1.1 200 Things are fine in server land -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - +HTTP/1.1 200 Things are fine in server land +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! -HTTP/1.1 401 NTLM intermediate (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - -HTTP/1.1 401 Sorry wrong password (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Basic realm="testrealm" -WWW-Authenticate: NTLM - +HTTP/1.1 401 NTLM intermediate (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + +HTTP/1.1 401 Sorry wrong password (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Basic realm="testrealm" +WWW-Authenticate: NTLM + This is a bad password page! -HTTP/1.1 401 Sorry wrong password (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: NTLM -WWW-Authenticate: Basic realm="testrealm" - +HTTP/1.1 401 Sorry wrong password (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: NTLM +WWW-Authenticate: Basic realm="testrealm" + This is a bad password page! -HTTP/1.1 200 Things are fine in server land (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - +HTTP/1.1 200 Things are fine in server land (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! @@ -189,7 +189,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER ntlm basic # Verify data after the test has been "shot" - + GET /%TESTNUMBER0100 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= diff --git a/tests/data/test2030 b/tests/data/test2030 index 2baee67311..b02d219201 100644 --- a/tests/data/test2030 +++ b/tests/data/test2030 @@ -27,191 +27,191 @@ ensure that the order doesn't matter. --> - -HTTP/1.1 401 Need Digest or NTLM auth -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: NTLM -WWW-Authenticate: Digest realm="testrealm", nonce="1" - + +HTTP/1.1 401 Need Digest or NTLM auth +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: NTLM +WWW-Authenticate: Digest realm="testrealm", nonce="1" + This is not the real page! - -HTTP/1.1 401 NTLM intermediate -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - + +HTTP/1.1 401 NTLM intermediate +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + This is still not the real page! - -HTTP/1.1 401 Sorry wrong password -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Digest realm="testrealm", nonce="2" -WWW-Authenticate: NTLM - + +HTTP/1.1 401 Sorry wrong password +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Digest realm="testrealm", nonce="2" +WWW-Authenticate: NTLM + This is a bad password page! - -HTTP/1.1 401 Need Digest or NTLM auth (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: NTLM -WWW-Authenticate: Digest realm="testrealm", nonce="3" - + +HTTP/1.1 401 Need Digest or NTLM auth (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: NTLM +WWW-Authenticate: Digest realm="testrealm", nonce="3" + This is not the real page! - -HTTP/1.1 200 Things are fine in server land -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 200 Things are fine in server land +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! - -HTTP/1.1 401 Need Digest or NTLM auth (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: Digest realm="testrealm", nonce="4" -WWW-Authenticate: NTLM - + +HTTP/1.1 401 Need Digest or NTLM auth (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: Digest realm="testrealm", nonce="4" +WWW-Authenticate: NTLM + This is not the real page! - -HTTP/1.1 401 NTLM intermediate (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - + +HTTP/1.1 401 NTLM intermediate (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + This is still not the real page! - -HTTP/1.1 401 Sorry wrong password (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: NTLM -WWW-Authenticate: Digest realm="testrealm", nonce="5" - + +HTTP/1.1 401 Sorry wrong password (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: NTLM +WWW-Authenticate: Digest realm="testrealm", nonce="5" + This is a bad password page! - -HTTP/1.1 401 Need Digest or NTLM auth (4) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: Digest realm="testrealm", nonce="6" -WWW-Authenticate: NTLM - + +HTTP/1.1 401 Need Digest or NTLM auth (4) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: Digest realm="testrealm", nonce="6" +WWW-Authenticate: NTLM + This is not the real page! - -HTTP/1.1 401 Sorry wrong password (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: NTLM -WWW-Authenticate: Digest realm="testrealm", nonce="7" - + +HTTP/1.1 401 Sorry wrong password (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: NTLM +WWW-Authenticate: Digest realm="testrealm", nonce="7" + This is a bad password page! - -HTTP/1.1 401 Need Digest or NTLM auth (5) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: Digest realm="testrealm", nonce="8" -WWW-Authenticate: NTLM - + +HTTP/1.1 401 Need Digest or NTLM auth (5) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: Digest realm="testrealm", nonce="8" +WWW-Authenticate: NTLM + This is not the real page! - -HTTP/1.1 200 Things are fine in server land (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 200 Things are fine in server land (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! - -HTTP/1.1 401 NTLM intermediate -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - -HTTP/1.1 401 Sorry wrong password -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: Digest realm="testrealm", nonce="2" -WWW-Authenticate: NTLM - + +HTTP/1.1 401 NTLM intermediate +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + +HTTP/1.1 401 Sorry wrong password +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: Digest realm="testrealm", nonce="2" +WWW-Authenticate: NTLM + This is a bad password page! -HTTP/1.1 200 Things are fine in server land -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - +HTTP/1.1 200 Things are fine in server land +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! -HTTP/1.1 401 NTLM intermediate (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - -HTTP/1.1 401 Sorry wrong password (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: NTLM -WWW-Authenticate: Digest realm="testrealm", nonce="5" - +HTTP/1.1 401 NTLM intermediate (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + +HTTP/1.1 401 Sorry wrong password (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: NTLM +WWW-Authenticate: Digest realm="testrealm", nonce="5" + This is a bad password page! -HTTP/1.1 401 Sorry wrong password (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: NTLM -WWW-Authenticate: Digest realm="testrealm", nonce="7" - -HTTP/1.1 401 Sorry wrong password (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: NTLM -WWW-Authenticate: Digest realm="testrealm", nonce="7" - +HTTP/1.1 401 Sorry wrong password (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: NTLM +WWW-Authenticate: Digest realm="testrealm", nonce="7" + +HTTP/1.1 401 Sorry wrong password (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: NTLM +WWW-Authenticate: Digest realm="testrealm", nonce="7" + This is a bad password page! -HTTP/1.1 200 Things are fine in server land (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - +HTTP/1.1 200 Things are fine in server land (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! @@ -242,7 +242,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER ntlm digest # Verify data after the test has been "shot" - + GET /%TESTNUMBER0100 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= diff --git a/tests/data/test2031 b/tests/data/test2031 index 1d3b168e5f..249660f209 100644 --- a/tests/data/test2031 +++ b/tests/data/test2031 @@ -11,221 +11,221 @@ NTLM - -HTTP/1.1 401 Need NTLM auth -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: NTLM - + +HTTP/1.1 401 Need NTLM auth +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: NTLM + This is not the real page! - -HTTP/1.1 401 NTLM intermediate -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - + +HTTP/1.1 401 NTLM intermediate +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + This is still not the real page! - -HTTP/1.1 401 Sorry wrong password -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: NTLM - + +HTTP/1.1 401 Sorry wrong password +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: NTLM + This is a bad password page! - -HTTP/1.1 401 Need NTLM auth (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: NTLM - + +HTTP/1.1 401 Need NTLM auth (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: NTLM + This is not the real page! - -HTTP/1.1 401 NTLM intermediate (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - + +HTTP/1.1 401 NTLM intermediate (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + This is still not the real page! - -HTTP/1.1 200 Things are fine in server land -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 200 Things are fine in server land +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! - -HTTP/1.1 401 Need NTLM auth (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: NTLM - + +HTTP/1.1 401 Need NTLM auth (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: NTLM + This is not the real page! - -HTTP/1.1 401 NTLM intermediate (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - + +HTTP/1.1 401 NTLM intermediate (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + This is still not the real page! - -HTTP/1.1 401 Sorry wrong password (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: NTLM - + +HTTP/1.1 401 Sorry wrong password (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: NTLM + This is a bad password page! - -HTTP/1.1 401 Need NTLM auth (4) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: NTLM - + +HTTP/1.1 401 Need NTLM auth (4) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: NTLM + This is not the real page! - -HTTP/1.1 401 NTLM intermediate (4) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - + +HTTP/1.1 401 NTLM intermediate (4) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + This is still not the real page! - -HTTP/1.1 401 Sorry wrong password (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: NTLM - + +HTTP/1.1 401 Sorry wrong password (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: NTLM + This is a bad password page! - -HTTP/1.1 401 Need NTLM auth (5) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: NTLM - + +HTTP/1.1 401 Need NTLM auth (5) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: NTLM + This is not the real page! - -HTTP/1.1 401 NTLM intermediate (5) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - + +HTTP/1.1 401 NTLM intermediate (5) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + This is still not the real page! - -HTTP/1.1 200 Things are fine in server land (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 200 Things are fine in server land (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! - -HTTP/1.1 401 NTLM intermediate -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - -HTTP/1.1 401 Sorry wrong password -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: NTLM - + +HTTP/1.1 401 NTLM intermediate +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + +HTTP/1.1 401 Sorry wrong password +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: NTLM + This is a bad password page! -HTTP/1.1 401 NTLM intermediate (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - -HTTP/1.1 200 Things are fine in server land -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - +HTTP/1.1 401 NTLM intermediate (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + +HTTP/1.1 200 Things are fine in server land +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! -HTTP/1.1 401 NTLM intermediate (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - -HTTP/1.1 401 Sorry wrong password (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: NTLM - +HTTP/1.1 401 NTLM intermediate (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + +HTTP/1.1 401 Sorry wrong password (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: NTLM + This is a bad password page! -HTTP/1.1 401 NTLM intermediate (4) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - -HTTP/1.1 401 Sorry wrong password (3) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: NTLM - +HTTP/1.1 401 NTLM intermediate (4) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + +HTTP/1.1 401 Sorry wrong password (3) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: NTLM + This is a bad password page! -HTTP/1.1 401 NTLM intermediate (5) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - -HTTP/1.1 200 Things are fine in server land (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - +HTTP/1.1 401 NTLM intermediate (5) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + +HTTP/1.1 200 Things are fine in server land (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! @@ -255,7 +255,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER ntlm ntlm # Verify data after the test has been "shot" - + GET /%TESTNUMBER0100 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= diff --git a/tests/data/test2032 b/tests/data/test2032 index 403ca15363..85018987c5 100644 --- a/tests/data/test2032 +++ b/tests/data/test2032 @@ -14,45 +14,45 @@ timing-dependent - -HTTP/1.1 401 Need Basic or NTLM auth -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 29 -WWW-Authenticate: NTLM -WWW-Authenticate: Basic realm="testrealm" - + +HTTP/1.1 401 Need Basic or NTLM auth +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 29 +WWW-Authenticate: NTLM +WWW-Authenticate: Basic realm="testrealm" + This is a bad password page! - -HTTP/1.1 401 Need Basic or NTLM auth (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 27 -WWW-Authenticate: NTLM -WWW-Authenticate: Basic realm="testrealm" - + +HTTP/1.1 401 Need Basic or NTLM auth (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 27 +WWW-Authenticate: NTLM +WWW-Authenticate: Basic realm="testrealm" + This is not the real page! - -HTTP/1.1 401 NTLM intermediate (2) -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 33 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= - + +HTTP/1.1 401 NTLM intermediate (2) +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 33 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= + This is still not the real page! - -HTTP/1.1 200 Things are fine in server land -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 200 Things are fine in server land +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! @@ -88,7 +88,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - + GET /%TESTNUMBER0100 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[testuser:testpass]b64% diff --git a/tests/data/test2033 b/tests/data/test2033 index 447e8c5330..32c9edc67c 100644 --- a/tests/data/test2033 +++ b/tests/data/test2033 @@ -47,7 +47,7 @@ CURL_SSL_BACKEND=schannel # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: localhost:%HTTPSPORT User-Agent: curl/%VERSION diff --git a/tests/data/test2034 b/tests/data/test2034 index a2ecffdb41..a165bd9e83 100644 --- a/tests/data/test2034 +++ b/tests/data/test2034 @@ -43,7 +43,7 @@ simple HTTPS GET with DER public key pinning # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: localhost:%HTTPSPORT User-Agent: curl/%VERSION diff --git a/tests/data/test2037 b/tests/data/test2037 index 138f573004..facc52898b 100644 --- a/tests/data/test2037 +++ b/tests/data/test2037 @@ -43,7 +43,7 @@ simple HTTPS GET with PEM public key pinning # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: localhost:%HTTPSPORT User-Agent: curl/%VERSION diff --git a/tests/data/test2040 b/tests/data/test2040 index ab7987cb2b..d95eb91a91 100644 --- a/tests/data/test2040 +++ b/tests/data/test2040 @@ -47,7 +47,7 @@ HTTP Basic authorization, then without authorization # Verify data after the test has been "shot" - + GET /%TESTNUMBER0100 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[testuser:testpass]b64% diff --git a/tests/data/test2041 b/tests/data/test2041 index 75da98ba9e..25c7612fdc 100644 --- a/tests/data/test2041 +++ b/tests/data/test2041 @@ -43,7 +43,7 @@ simple HTTPS GET with base64-sha256 public key pinning # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: localhost:%HTTPSPORT User-Agent: curl/%VERSION diff --git a/tests/data/test2046 b/tests/data/test2046 index 4eb6ce6999..aa57535ed2 100644 --- a/tests/data/test2046 +++ b/tests/data/test2046 @@ -57,7 +57,7 @@ http://%hex[%c3%a5%c3%a4%c3%b6]hex%.se:%HTTPPORT/%TESTNUMBER --resolve xn--4cab6 # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: xn--4cab6c.se:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test2047 b/tests/data/test2047 index ac934a6f76..ee987ec69b 100644 --- a/tests/data/test2047 +++ b/tests/data/test2047 @@ -58,7 +58,7 @@ http://%hex[%c3%a5%c3%a4%c3%b6]hex%.se/%TESTNUMBER -x %HOSTIP:%HTTPPORT -w "%{nu # # Verify data after the test has been "shot" - + GET http://xn--4cab6c.se/%TESTNUMBER HTTP/1.1 Host: xn--4cab6c.se User-Agent: curl/%VERSION diff --git a/tests/data/test2049 b/tests/data/test2049 index 31513551ac..0fd0d94d77 100644 --- a/tests/data/test2049 +++ b/tests/data/test2049 @@ -38,7 +38,7 @@ http://www1.example.com:8081/%TESTNUMBER --connect-to ::%HOSTIP:%HTTPPORT --next # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: www1.example.com:8081 User-Agent: curl/%VERSION diff --git a/tests/data/test2050 b/tests/data/test2050 index 202ea39106..96e7253c1e 100644 --- a/tests/data/test2050 +++ b/tests/data/test2050 @@ -61,14 +61,14 @@ proxy # # Verify data after the test has been "shot" - -CONNECT connect.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 -Host: connect.example.com.%TESTNUMBER:%HTTPPORT -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - + +CONNECT connect.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 +Host: connect.example.com.%TESTNUMBER:%HTTPPORT +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + - + GET /%TESTNUMBER HTTP/1.1 Host: www.example.com.%TESTNUMBER User-Agent: curl/%VERSION diff --git a/tests/data/test2051 b/tests/data/test2051 index b11d3c452b..8523652f02 100644 --- a/tests/data/test2051 +++ b/tests/data/test2051 @@ -38,7 +38,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w "%{num_connects}\n" --next --connect-to # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test2052 b/tests/data/test2052 index 60b45402b2..891912dde1 100644 --- a/tests/data/test2052 +++ b/tests/data/test2052 @@ -39,7 +39,7 @@ http://www.example.com:%HTTPPORT/%TESTNUMBER --resolve www.example.com:%HTTPPORT # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: www.example.com:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test2053 b/tests/data/test2053 index ac35ed37e5..8322f79e72 100644 --- a/tests/data/test2053 +++ b/tests/data/test2053 @@ -38,7 +38,7 @@ http://10.0.0.1:8081/%TESTNUMBER --connect-to 10.0.0.1:8081:%HOSTIP:%HTTPPORT -- # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: 10.0.0.1:8081 User-Agent: curl/%VERSION diff --git a/tests/data/test2054 b/tests/data/test2054 index 59ec523bb7..350e55634e 100644 --- a/tests/data/test2054 +++ b/tests/data/test2054 @@ -38,7 +38,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --connect-to foo::bar: --connect-to :123::4 # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test2055 b/tests/data/test2055 index dca5630263..44458b5044 100644 --- a/tests/data/test2055 +++ b/tests/data/test2055 @@ -62,14 +62,14 @@ http://www.example.com.%TESTNUMBER/%TESTNUMBER --connect-to ::connect.example.co # # Verify data after the test has been "shot" - -CONNECT connect.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 -Host: connect.example.com.%TESTNUMBER:%HTTPPORT -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - + +CONNECT connect.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 +Host: connect.example.com.%TESTNUMBER:%HTTPPORT +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + - + GET /%TESTNUMBER HTTP/1.1 Host: www.example.com.%TESTNUMBER User-Agent: curl/%VERSION diff --git a/tests/data/test2056 b/tests/data/test2056 index 9d0db1d747..474050e64c 100644 --- a/tests/data/test2056 +++ b/tests/data/test2056 @@ -51,7 +51,7 @@ CURL_STUB_GSS_CREDS="KRB5_Alice" # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Negotiate %b64["KRB5_Alice":HTTP@127.0.0.1:1:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA]b64% diff --git a/tests/data/test2057 b/tests/data/test2057 index e9b6133343..4b567ec9b2 100644 --- a/tests/data/test2057 +++ b/tests/data/test2057 @@ -67,7 +67,7 @@ CURL_STUB_GSS_CREDS="NTLM_Alice" # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Negotiate %b64["NTLM_Alice":HTTP@127.0.0.1:2:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA]b64% diff --git a/tests/data/test2058 b/tests/data/test2058 index f840c6e5f6..6dce07107f 100644 --- a/tests/data/test2058 +++ b/tests/data/test2058 @@ -13,45 +13,45 @@ CUSTOMREQUEST # Server-side - -HTTP/1.1 100 Continue -Server: Microsoft-IIS/5.0 -Date: Sun, 03 Apr 2005 14:57:45 GMT -X-Powered-By: ASP.NET - -HTTP/1.1 401 authentication please -Server: Microsoft-IIS/6.0 -WWW-Authenticate: Digest realm="testrealm", algorithm="SHA-256", nonce="1053604144" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - + +HTTP/1.1 100 Continue +Server: Microsoft-IIS/5.0 +Date: Sun, 03 Apr 2005 14:57:45 GMT +X-Powered-By: ASP.NET + +HTTP/1.1 401 authentication please +Server: Microsoft-IIS/6.0 +WWW-Authenticate: Digest realm="testrealm", algorithm="SHA-256", nonce="1053604144" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + - -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 200 A OK +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok - -HTTP/1.1 100 Continue -Server: Microsoft-IIS/5.0 -Date: Sun, 03 Apr 2005 14:57:45 GMT -X-Powered-By: ASP.NET - -HTTP/1.1 401 authentication please -Server: Microsoft-IIS/6.0 -WWW-Authenticate: Digest realm="testrealm", algorithm="SHA-256", nonce="1053604144" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 100 Continue +Server: Microsoft-IIS/5.0 +Date: Sun, 03 Apr 2005 14:57:45 GMT +X-Powered-By: ASP.NET + +HTTP/1.1 401 authentication please +Server: Microsoft-IIS/6.0 +WWW-Authenticate: Digest realm="testrealm", algorithm="SHA-256", nonce="1053604144" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + +HTTP/1.1 200 A OK +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok diff --git a/tests/data/test2059 b/tests/data/test2059 index dbd8904313..6ec6089ca1 100644 --- a/tests/data/test2059 +++ b/tests/data/test2059 @@ -13,45 +13,45 @@ CUSTOMREQUEST # Server-side - -HTTP/1.1 100 Continue -Server: Microsoft-IIS/5.0 -Date: Sun, 03 Apr 2005 14:57:45 GMT -X-Powered-By: ASP.NET - -HTTP/1.1 401 authentication please -Server: Microsoft-IIS/6.0 -WWW-Authenticate: Digest realm="testrealm", algorithm="SHA-256", nonce="1053604144", userhash=true -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - + +HTTP/1.1 100 Continue +Server: Microsoft-IIS/5.0 +Date: Sun, 03 Apr 2005 14:57:45 GMT +X-Powered-By: ASP.NET + +HTTP/1.1 401 authentication please +Server: Microsoft-IIS/6.0 +WWW-Authenticate: Digest realm="testrealm", algorithm="SHA-256", nonce="1053604144", userhash=true +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + - -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 200 A OK +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok - -HTTP/1.1 100 Continue -Server: Microsoft-IIS/5.0 -Date: Sun, 03 Apr 2005 14:57:45 GMT -X-Powered-By: ASP.NET - -HTTP/1.1 401 authentication please -Server: Microsoft-IIS/6.0 -WWW-Authenticate: Digest realm="testrealm", algorithm="SHA-256", nonce="1053604144", userhash=true -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 100 Continue +Server: Microsoft-IIS/5.0 +Date: Sun, 03 Apr 2005 14:57:45 GMT +X-Powered-By: ASP.NET + +HTTP/1.1 401 authentication please +Server: Microsoft-IIS/6.0 +WWW-Authenticate: Digest realm="testrealm", algorithm="SHA-256", nonce="1053604144", userhash=true +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + +HTTP/1.1 200 A OK +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok diff --git a/tests/data/test206 b/tests/data/test206 index 82585f720c..36bb5391d8 100644 --- a/tests/data/test206 +++ b/tests/data/test206 @@ -19,11 +19,11 @@ auth_required # this is returned first since we get no proxy-auth - -HTTP/1.1 407 Authorization Required to proxy me my dear -Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345" -Content-Length: 33 - + +HTTP/1.1 407 Authorization Required to proxy me my dear +Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345" +Content-Length: 33 + And you should ignore this data. diff --git a/tests/data/test2060 b/tests/data/test2060 index 4c0c52e914..4f84803632 100644 --- a/tests/data/test2060 +++ b/tests/data/test2060 @@ -13,45 +13,45 @@ CUSTOMREQUEST # Server-side - -HTTP/1.1 100 Continue -Server: Microsoft-IIS/5.0 -Date: Sun, 03 Apr 2005 14:57:45 GMT -X-Powered-By: ASP.NET - -HTTP/1.1 401 authentication please -Server: Microsoft-IIS/6.0 -WWW-Authenticate: Digest realm="testrealm", algorithm="SHA-512-256", nonce="1053604144" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - + +HTTP/1.1 100 Continue +Server: Microsoft-IIS/5.0 +Date: Sun, 03 Apr 2005 14:57:45 GMT +X-Powered-By: ASP.NET + +HTTP/1.1 401 authentication please +Server: Microsoft-IIS/6.0 +WWW-Authenticate: Digest realm="testrealm", algorithm="SHA-512-256", nonce="1053604144" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + - -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 200 A OK +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok - -HTTP/1.1 100 Continue -Server: Microsoft-IIS/5.0 -Date: Sun, 03 Apr 2005 14:57:45 GMT -X-Powered-By: ASP.NET - -HTTP/1.1 401 authentication please -Server: Microsoft-IIS/6.0 -WWW-Authenticate: Digest realm="testrealm", algorithm="SHA-512-256", nonce="1053604144" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 100 Continue +Server: Microsoft-IIS/5.0 +Date: Sun, 03 Apr 2005 14:57:45 GMT +X-Powered-By: ASP.NET + +HTTP/1.1 401 authentication please +Server: Microsoft-IIS/6.0 +WWW-Authenticate: Digest realm="testrealm", algorithm="SHA-512-256", nonce="1053604144" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + +HTTP/1.1 200 A OK +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok diff --git a/tests/data/test2061 b/tests/data/test2061 index 26a2869712..718de8a3b6 100644 --- a/tests/data/test2061 +++ b/tests/data/test2061 @@ -8,39 +8,39 @@ HTTP Digest auth # Server-side - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604145", algorithm="SHA-256" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604145", algorithm="SHA-256" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + This is not the real page # This is supposed to be returned when the server gets a # Authorization: Digest line passed-in from the client - -HTTP/1.1 200 OK swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 - + +HTTP/1.1 200 OK swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 + This IS the real page! - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604145", algorithm="SHA-256" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - -HTTP/1.1 200 OK swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604145", algorithm="SHA-256" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + +HTTP/1.1 200 OK swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 + This IS the real page! @@ -66,7 +66,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --digest # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test2062 b/tests/data/test2062 index 3f8eedc7b4..0899e6a540 100644 --- a/tests/data/test2062 +++ b/tests/data/test2062 @@ -8,39 +8,39 @@ HTTP Digest auth # Server-side - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604145", algorithm="SHA-512-256" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604145", algorithm="SHA-512-256" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + This is not the real page # This is supposed to be returned when the server gets a # Authorization: Digest line passed-in from the client - -HTTP/1.1 200 OK swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 - + +HTTP/1.1 200 OK swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 + This IS the real page! - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604145", algorithm="SHA-512-256" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - -HTTP/1.1 200 OK swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604145", algorithm="SHA-512-256" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + +HTTP/1.1 200 OK swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 + This IS the real page! @@ -66,7 +66,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --digest # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test2063 b/tests/data/test2063 index cc4c4c2fb0..ee377d2c89 100644 --- a/tests/data/test2063 +++ b/tests/data/test2063 @@ -8,39 +8,39 @@ HTTP Digest auth # Server-side - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604145", algorithm="SHA-256", userhash=true -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604145", algorithm="SHA-256", userhash=true +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + This is not the real page # This is supposed to be returned when the server gets a # Authorization: Digest line passed-in from the client - -HTTP/1.1 200 OK swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 - + +HTTP/1.1 200 OK swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 + This IS the real page! - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604145", algorithm="SHA-256", userhash=true -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - -HTTP/1.1 200 OK swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604145", algorithm="SHA-256", userhash=true +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + +HTTP/1.1 200 OK swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 + This IS the real page! @@ -66,7 +66,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --digest # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test2064 b/tests/data/test2064 index 54102887e3..ec47a2a8cf 100644 --- a/tests/data/test2064 +++ b/tests/data/test2064 @@ -8,40 +8,40 @@ HTTP Digest auth # Server-side - -HTTP/1.1 401 Authorization Required -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="2053604145", algorithm="SHA-256" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - + +HTTP/1.1 401 Authorization Required +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="2053604145", algorithm="SHA-256" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + This is not the real page # This is supposed to be returned when the server gets a # Authorization: Digest line passed-in from the client - -HTTP/1.1 401 Still a bad password you moron -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 - -This is not the real page either + +HTTP/1.1 401 Still a bad password you moron +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 + +This is not the real page either - -HTTP/1.1 401 Authorization Required -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="2053604145", algorithm="SHA-256" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - -HTTP/1.1 401 Still a bad password you moron -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 - -This is not the real page either + +HTTP/1.1 401 Authorization Required +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="2053604145", algorithm="SHA-256" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + +HTTP/1.1 401 Still a bad password you moron +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 + +This is not the real page either @@ -66,7 +66,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:test2pass --digest # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test2065 b/tests/data/test2065 index c15341049a..27a61e7f77 100644 --- a/tests/data/test2065 +++ b/tests/data/test2065 @@ -8,40 +8,40 @@ HTTP Digest auth # Server-side - -HTTP/1.1 401 Authorization Required -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="2053604145", algorithm="SHA-512-256" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - + +HTTP/1.1 401 Authorization Required +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="2053604145", algorithm="SHA-512-256" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + This is not the real page # This is supposed to be returned when the server gets a # Authorization: Digest line passed-in from the client - -HTTP/1.1 401 Still a bad password you moron -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 - -This is not the real page either + +HTTP/1.1 401 Still a bad password you moron +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 + +This is not the real page either - -HTTP/1.1 401 Authorization Required -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="2053604145", algorithm="SHA-512-256" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - -HTTP/1.1 401 Still a bad password you moron -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 - -This is not the real page either + +HTTP/1.1 401 Authorization Required +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="2053604145", algorithm="SHA-512-256" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + +HTTP/1.1 401 Still a bad password you moron +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 + +This is not the real page either @@ -66,7 +66,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:test2pass --digest # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test2066 b/tests/data/test2066 index 3a43fbb2be..bf609edb59 100644 --- a/tests/data/test2066 +++ b/tests/data/test2066 @@ -8,40 +8,40 @@ HTTP Digest auth # Server-side - -HTTP/1.1 401 Authorization Required -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="2053604145", algorithm="SHA-256", userhash=true -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - + +HTTP/1.1 401 Authorization Required +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="2053604145", algorithm="SHA-256", userhash=true +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + This is not the real page # This is supposed to be returned when the server gets a # Authorization: Digest line passed-in from the client - -HTTP/1.1 401 Still a bad password you moron -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 - -This is not the real page either + +HTTP/1.1 401 Still a bad password you moron +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 + +This is not the real page either - -HTTP/1.1 401 Authorization Required -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="2053604145", algorithm="SHA-256", userhash=true -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - -HTTP/1.1 401 Still a bad password you moron -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 - -This is not the real page either + +HTTP/1.1 401 Authorization Required +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="2053604145", algorithm="SHA-256", userhash=true +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + +HTTP/1.1 401 Still a bad password you moron +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 + +This is not the real page either @@ -66,7 +66,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:test2pass --digest # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test2067 b/tests/data/test2067 index 12f2ff18e6..654bda7c05 100644 --- a/tests/data/test2067 +++ b/tests/data/test2067 @@ -9,35 +9,35 @@ HTTP Digest auth # Server-side - -HTTP/1.1 401 authentication please -Server: Microsoft-IIS/6.0 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", algorithm="SHA-256" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - + +HTTP/1.1 401 authentication please +Server: Microsoft-IIS/6.0 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", algorithm="SHA-256" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + - -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 200 A OK +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok - -HTTP/1.1 401 authentication please -Server: Microsoft-IIS/6.0 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", algorithm="SHA-256" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 401 authentication please +Server: Microsoft-IIS/6.0 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", algorithm="SHA-256" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + +HTTP/1.1 200 A OK +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok diff --git a/tests/data/test2068 b/tests/data/test2068 index a19faf2f87..8a89fb8718 100644 --- a/tests/data/test2068 +++ b/tests/data/test2068 @@ -9,35 +9,35 @@ HTTP Digest auth # Server-side - -HTTP/1.1 401 authentication please -Server: Microsoft-IIS/6.0 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", algorithm="SHA-512-256" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - + +HTTP/1.1 401 authentication please +Server: Microsoft-IIS/6.0 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", algorithm="SHA-512-256" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + - -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 200 A OK +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok - -HTTP/1.1 401 authentication please -Server: Microsoft-IIS/6.0 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", algorithm="SHA-512-256" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 401 authentication please +Server: Microsoft-IIS/6.0 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", algorithm="SHA-512-256" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + +HTTP/1.1 200 A OK +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok diff --git a/tests/data/test2069 b/tests/data/test2069 index 06e444f17a..6ed1aafe44 100644 --- a/tests/data/test2069 +++ b/tests/data/test2069 @@ -9,35 +9,35 @@ HTTP Digest auth # Server-side - -HTTP/1.1 401 authentication please -Server: Microsoft-IIS/6.0 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", algorithm="SHA-256", userhash=true -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - + +HTTP/1.1 401 authentication please +Server: Microsoft-IIS/6.0 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", algorithm="SHA-256", userhash=true +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + - -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 200 A OK +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok - -HTTP/1.1 401 authentication please -Server: Microsoft-IIS/6.0 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", algorithm="SHA-256", userhash=true -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 401 authentication please +Server: Microsoft-IIS/6.0 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604144", algorithm="SHA-256", userhash=true +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + +HTTP/1.1 200 A OK +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok diff --git a/tests/data/test207 b/tests/data/test207 index 193926f08b..6d7e5c382b 100644 --- a/tests/data/test207 +++ b/tests/data/test207 @@ -48,7 +48,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test2070 b/tests/data/test2070 index 0769d1af0f..0dfa5db727 100644 --- a/tests/data/test2070 +++ b/tests/data/test2070 @@ -46,7 +46,7 @@ CURL_SSL_BACKEND=schannel # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: localhost:%HTTPSPORT User-Agent: curl/%VERSION diff --git a/tests/data/test2074 b/tests/data/test2074 index 9e3d26d4da..c6c7e92b61 100644 --- a/tests/data/test2074 +++ b/tests/data/test2074 @@ -43,7 +43,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --oauth2-bearer mF_9.B5f-4.1JqM # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Bearer mF_9.B5f-4.1JqM diff --git a/tests/data/test2076 b/tests/data/test2076 index cb5e911da9..b99a0ed65b 100644 --- a/tests/data/test2076 +++ b/tests/data/test2076 @@ -8,31 +8,31 @@ HTTP Digest auth # Server-side - -HTTP/1.1 401 Authorization Required swsclose -WWW-Authenticate: Digest realm="testrealm", nonce="1" -Content-Length: 26 - + +HTTP/1.1 401 Authorization Required swsclose +WWW-Authenticate: Digest realm="testrealm", nonce="1" +Content-Length: 26 + This is not the real page # This is supposed to be returned when the server gets a # Authorization: Digest line passed-in from the client - -HTTP/1.1 200 OK swsclose -Content-Length: 23 - + +HTTP/1.1 200 OK swsclose +Content-Length: 23 + This IS the real page! - -HTTP/1.1 401 Authorization Required swsclose -WWW-Authenticate: Digest realm="testrealm", nonce="1" -Content-Length: 26 - -HTTP/1.1 200 OK swsclose -Content-Length: 23 - + +HTTP/1.1 401 Authorization Required swsclose +WWW-Authenticate: Digest realm="testrealm", nonce="1" +Content-Length: 26 + +HTTP/1.1 200 OK swsclose +Content-Length: 23 + This IS the real page! @@ -58,7 +58,7 @@ HTTP with digest auth and URI contains query # Verify data after the test has been "shot" - + GET /%TESTNUMBER?query HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test2077 b/tests/data/test2077 index b244b9466c..7f6458f895 100644 --- a/tests/data/test2077 +++ b/tests/data/test2077 @@ -9,10 +9,10 @@ GSS-API # Server-side - -HTTP/1.1 200 OK swsclose -Content-Length: 23 - + +HTTP/1.1 200 OK swsclose +Content-Length: 23 + This IS the real page! diff --git a/tests/data/test2078 b/tests/data/test2078 index de1f1cf5c2..07342b71e3 100644 --- a/tests/data/test2078 +++ b/tests/data/test2078 @@ -9,10 +9,10 @@ GSS-API # Server-side - -HTTP/1.1 200 OK swsclose -Content-Length: 23 - + +HTTP/1.1 200 OK swsclose +Content-Length: 23 + This IS the real page! diff --git a/tests/data/test2079 b/tests/data/test2079 index 0e2cf01a24..78709f3a2c 100644 --- a/tests/data/test2079 +++ b/tests/data/test2079 @@ -47,7 +47,7 @@ CURL_SSL_BACKEND=schannel # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: localhost:%HTTPSPORT User-Agent: curl/%VERSION diff --git a/tests/data/test2081 b/tests/data/test2081 index 421b475886..29af09d0be 100644 --- a/tests/data/test2081 +++ b/tests/data/test2081 @@ -11,18 +11,18 @@ followlocation # Server-side - -HTTP/1.1 301 This is a weirdo text message swsclose -Location: data/%TESTNUMBER0002.txt?coolsite=yes -Content-Length: 62 -Connection: close - + +HTTP/1.1 301 This is a weirdo text message swsclose +Location: data/%TESTNUMBER0002.txt?coolsite=yes +Content-Length: 62 +Connection: close + This server reply is for testing a simple Location: following - -HTTP/1.1 200 This is another weirdo text message swsclose -Connection: close - + +HTTP/1.1 200 This is another weirdo text message swsclose +Connection: close + Thanks for following. @@ -42,7 +42,7 @@ http://user:pass@%HOSTIP:%HTTPPORT/we/want/our/%TESTNUMBER#anchor --location --r # Verify data after the test has been "shot" - + GET /we/want/our/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[user:pass]b64% @@ -57,15 +57,15 @@ Accept: */* Referer: http://%HOSTIP:%HTTPPORT/we/want/our/%TESTNUMBER - -HTTP/1.1 301 This is a weirdo text message swsclose -Location: data/%TESTNUMBER0002.txt?coolsite=yes -Content-Length: 62 -Connection: close - -HTTP/1.1 200 This is another weirdo text message swsclose -Connection: close - + +HTTP/1.1 301 This is a weirdo text message swsclose +Location: data/%TESTNUMBER0002.txt?coolsite=yes +Content-Length: 62 +Connection: close + +HTTP/1.1 200 This is another weirdo text message swsclose +Connection: close + Thanks for following. http://%HOSTIP:%HTTPPORT/we/want/our/%TESTNUMBER diff --git a/tests/data/test2087 b/tests/data/test2087 index bffab46fa2..7c71767234 100644 --- a/tests/data/test2087 +++ b/tests/data/test2087 @@ -47,7 +47,7 @@ CURL_SSL_BACKEND=schannel # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: localhost:%HTTPSPORT User-Agent: curl/%VERSION diff --git a/tests/data/test2088 b/tests/data/test2088 index b318e674c9..ea8d42a17a 100644 --- a/tests/data/test2088 +++ b/tests/data/test2088 @@ -42,7 +42,7 @@ HTTPS GET with client authentication (mtls) # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: localhost:%HTTPS-MTLSPORT User-Agent: curl/%VERSION diff --git a/tests/data/test2089 b/tests/data/test2089 index 5a64225d91..f3a497a97a 100644 --- a/tests/data/test2089 +++ b/tests/data/test2089 @@ -42,7 +42,7 @@ HTTPS GET with client authentication (mtls) and --insecure # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: localhost:%HTTPS-MTLSPORT User-Agent: curl/%VERSION diff --git a/tests/data/test209 b/tests/data/test209 index 3a9c1218a8..48ccde271c 100644 --- a/tests/data/test209 +++ b/tests/data/test209 @@ -14,21 +14,21 @@ NTLM # this is returned first since we get no proxy-auth - -HTTP/1.1 407 Authorization Required to proxy me my dear -Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== -Content-Length: 33 - + +HTTP/1.1 407 Authorization Required to proxy me my dear +Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== +Content-Length: 33 + And you should ignore this data. # This is supposed to be returned when the server gets the second # Authorization: NTLM line passed-in from the client - -HTTP/1.1 200 Things are fine in proxy land -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 - + +HTTP/1.1 200 Things are fine in proxy land +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 + # this is returned when we get a GET! @@ -92,7 +92,7 @@ http://test.remote.example.com.%TESTNUMBER:%HTTPPORT/path/%TESTNUMBER0002 --prox # Verify data after the test has been "shot" - + CONNECT test.remote.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= diff --git a/tests/data/test2102 b/tests/data/test2102 index 5ee35bdf6e..037931fb85 100644 --- a/tests/data/test2102 +++ b/tests/data/test2102 @@ -9,7 +9,7 @@ HTTP GET # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -53,7 +53,7 @@ http://examplehost.example:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: examplehost.example:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test213 b/tests/data/test213 index 7780b231c1..909c847807 100644 --- a/tests/data/test213 +++ b/tests/data/test213 @@ -14,21 +14,21 @@ NTLM # this is returned first since we get no proxy-auth - -HTTP/1.1 407 Authorization Required to proxy me my dear -Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== -Content-Length: 33 - + +HTTP/1.1 407 Authorization Required to proxy me my dear +Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== +Content-Length: 33 + And you should ignore this data. # This is supposed to be returned when the server gets the second # Authorization: NTLM line passed-in from the client - -HTTP/1.1 200 Things are fine in proxy land -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 - + +HTTP/1.1 200 Things are fine in proxy land +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 + # this is returned when we get a GET! diff --git a/tests/data/test214 b/tests/data/test214 index 76c328ac98..f473ea0b97 100644 --- a/tests/data/test214 +++ b/tests/data/test214 @@ -40,7 +40,7 @@ MSYS2_ARG_CONV_EXCL=http:// # # Verify data after the test has been "shot" - + GET /{}\/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test217 b/tests/data/test217 index 07bbeac46f..5f400b0c0f 100644 --- a/tests/data/test217 +++ b/tests/data/test217 @@ -15,9 +15,9 @@ followlocation # this is returned first since we get no proxy-auth - -HTTP/1.1 405 Method Not Allowed swsclose - + +HTTP/1.1 405 Method Not Allowed swsclose + And you should ignore this data. @@ -41,7 +41,7 @@ proxy # Verify data after the test has been "shot" - + CONNECT test.remote.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT User-Agent: curl/%VERSION @@ -52,9 +52,9 @@ Proxy-Connection: Keep-Alive 56 - -HTTP/1.1 405 Method Not Allowed swsclose - + +HTTP/1.1 405 Method Not Allowed swsclose + 000 405 diff --git a/tests/data/test218 b/tests/data/test218 index b5e2b08b2f..8d1a673ca4 100644 --- a/tests/data/test218 +++ b/tests/data/test218 @@ -9,12 +9,12 @@ chunked Transfer-Encoding # # Server-side - -HTTP/1.0 200 OK -Server: test-server/fake -Content-Type: text/html -Content-Length: 6 - + +HTTP/1.0 200 OK +Server: test-server/fake +Content-Type: text/html +Content-Length: 6 + blaha diff --git a/tests/data/test22 b/tests/data/test22 index 2141182295..539ef4bc5d 100644 --- a/tests/data/test22 +++ b/tests/data/test22 @@ -7,11 +7,11 @@ long URL # Server-side - -HTTP/1.1 200 OK -Funny-head: yesyes -Content-Length: 27 - + +HTTP/1.1 200 OK +Funny-head: yesyes +Content-Length: 27 + This is the proof it works diff --git a/tests/data/test220 b/tests/data/test220 index 48cd0af3be..a7f89ff885 100644 --- a/tests/data/test220 +++ b/tests/data/test220 @@ -9,28 +9,28 @@ compressed # # Server-side - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Content-Encoding: GZIP -Content-Length: 44 - + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Content-Encoding: GZIP +Content-Length: 44 + %hex[%1f%8b%08%08%79%9e%ab%41%00%03%6c%61%6c%61%6c%61%00%cb%c9%cc%4b%55%30%e4%52%c8%01%d1%46%5c%0a%10%86%31%17%00]hex% %hex[%02%71%60%18%00%00%00]hex% - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Content-Encoding: GZIP -Content-Length: 44 - + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Content-Encoding: GZIP +Content-Length: 44 + line 1 line 2 line 3 @@ -61,7 +61,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --compressed s/^Accept-Encoding: [a-zA-Z, ]*/Accept-Encoding: xxx/ - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test221 b/tests/data/test221 index d51d730f75..d514a688e1 100644 --- a/tests/data/test221 +++ b/tests/data/test221 @@ -10,30 +10,30 @@ FAILURE # # Server-side - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Content-Encoding: gzip -Content-Length: 41 - + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Content-Encoding: gzip +Content-Length: 41 + %hex[%08%79%9e%ab%41%00%03%6c%61%6c%61%6c%61%00%cb%c9%cc%4b%55%30%e4%52%c8%01%d1%46%5c%0a%10%86%31%17%00]hex% %hex[%02%71%60%18%00%00%00]hex% # I removed the first three bytes of the gzip compressed contents - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Content-Encoding: gzip -Content-Length: 41 - + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Content-Encoding: gzip +Content-Length: 41 + @@ -61,7 +61,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --compressed s/^Accept-Encoding: [a-zA-Z, ]*/Accept-Encoding: xxx/ - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test222 b/tests/data/test222 index f01c017f83..edcc3488d7 100644 --- a/tests/data/test222 +++ b/tests/data/test222 @@ -9,15 +9,15 @@ compressed # # Server-side - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Content-Encoding: deflate -Content-Length: 1305 - + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Content-Encoding: deflate +Content-Length: 1305 + %hex[%78%9c%dc%58%db%6e%e3%36%10%7d%37%90%7f%60%fd%d4%02%b6%6e%b6%13%39%70%b4%28%72%d9%04%cd%36%c1%da%05%ba%4f%06%2d%d1%36%1b%49%14%48%ca%b9%3c%f4%db%3b%94%28%89%b1%1c%af%77%83%be%04%48%62%72%e6%9c%c3%e1%0c%49%93%99%7c%7a%4a%62%b4%21%5c%50%96%9e%75%5d%cb%e9%22%92%86%2c%a2%e9%ea%ac%7b%33%bd%eb%fb%fe%68%dc%77%bb%9f%82%ce%e4%97%8b%bb%f3%d9%b7%fb%4b%94%71%f6%0f%09%65%3f%a6%42%02%10%4d%bf%4d%67%97%5f%50%77%2d%65%76%6a%db%4b%4e%c4%3a%21%58%5a%29%91%f6%02%87%0f%24%8d%ec%65%d2%d7%3c%d1%77%ac%a1%15%c9%a8%0b%a2%5b%5a%41%07%a1%ca%a6%da%4d%6f%4e%a3%c0%3d%76%bd%89%6d%18%4a%44%84%25%99%e3%28%22%80%18%8f%fd%be%e3%f7%3d%17%39%c3%53%c7%3d%f5%c6%13%db%f0%1b%84%3c%53%1f%51%e0%39%ce%b0%ef%3a%7d%d7%47%8e%77%ea%c1%cf%40%53%2a%c4%ab%38%52%9c%90%b9%58%33%2e%83%30%e7%71%1d%8e%61%6f%e3%97%79%1c%17%70%84%d3%08%c5%74%d1%a6%16%10%1d%1e%11%a1%96%3a%67%49%52%52%52%82%24%63%b5%00%c7%fc%19%2d%19%47%61%4c%49%2a%fb%82%46%04%fd%f5%f5%16%49%8e%53%b1%84%8a%5a%30%8b%46%c8%50%de%19%0c%a2%02%e1%72%04%a5%5a%a9%70%55%df%25%8d%89%38%ea%e4%42%75%d4%18%e2%39%95%f8%c9%42%37%12%89%3c%cb%40%5f%a0%eb%d9%ec%be%57%fc%9d%f6%d0%15%b4%8f%3a%57%45%fb%e2%e6%7c%d6%43%b3%cb%db%3f%2f%e1%f3%f6%e2%77%80%5d%dd%dc%5e%f6%8a%e1%3f%df%dd%5f%5f%7e%85%36%0c%f0%48%62%88%a9%94%ea%67%4c%c8%9e%6e%e6%d0]hex% %hex[%19%7b%a0%44%14%da%28%cf%62%86%23%18%02%96%5a%9e%90%a8%99%75%0f%65%58%88%47%c6%23%d5%84%c8%d2%3c%59%14%f6%e9%f4%f6%a8%13%12%2e%e9%92%86%50%57%30%fd%41%38%f8%98%28%43%81%6a%3c%c1%08%c5%b4%20%1b%19%7b%24%9c%44%47%9d%c5%73%95%a4%1e%92%6b%f2%66%c6%ab%b2%58%47%9d%d9%1a%a8%08%c3%ef%82%a6%6a%33%09%48%6d%9d%6a%95%60%06%9b%0e%79%ce%51%27%c6%e9%2a%c7%2b%22%8a%18%48%ba%a1%9c%a5%09%0c%20%40%47%97%d0%58%1b%1b%2a%71%4c%e5%f3%5c%84%8c%93%60%74%e2%0f%ad%d1%c9%c4%de%b2%6f%81%33%c2%43%90%0c%06%96%7b%6c%60%2b%f3%16%1a%e6%f3%00%7b%6d%6c%20%0b%93%5e%d7%2c%cb%63%cc%9b%b1%8e%47%63%88%61%08%cb%79%db%d3%22%54%03%ba%03%cb%77%5f%11%5e%87%62%38%ca%60%9c%d1%2b%b4%11%0e%c7%c5%b9%e1%5b%23%67%62%eb%8e%e9%99%87%2c%07%5d%cf%ad%bc%da%f0]hex% %hex[%53%0e%e2%0f%6a%8c%31%80%c8%17%22%e4%34%93%70%44%8a%60%a0%4e%87%d7%a6%12%06%a5%4f%c3%f5%5c%ed%e5%e0%82%2c%71%1e%cb%89%6d%1a%4b%18%d4%7f%5e%1d%60%19%94%3d%d8%79%68%56%27%a5%ad%d6%8b%3d%b1%5b%ac%46%6c%cd%12%f2%b6%10%2c%60%ca%4b%15%75%78%da%26%43%eb%d6%02%8d%a6%5c%bd%1c%2e%07%60%ad%a4%68%8d%c8%e2%c5%3b%5c%04%c0%5a%44%d1%1a%91%17%9a%1d%2e%02%60%2d%a2%68%8d%48%b8%86%3d%46%62%b6%3a%5c%aa%a6%68%c1%46%a2%91%e5%59%72%b8%20%80%b5%94%a2%35%22%11%59%1c%2e%02%60%2d%a2%68%8d%08%13%4f%87%8b%00%58%8b%28%9a%51%2f%11%a9%f3%f2%07%6a%56%12%aa%ba%69%ba%b1%cc%73%0e%69%13%24%d0%eb%b7%ea%1a%85%d9%88%1f%28%c9%46%54%c5%d8%08%43%44%dd%1c%0e%57%51%68%2d%53%10%1b%9d%84%72%ce%f8%e1%4a%25%5e%6b%69%b2%59%d7%84%05%55%ad%a0%59%7a%62]hex% @@ -172,7 +172,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --compressed s/^Accept-Encoding: [a-zA-Z, ]*/Accept-Encoding: xxx/ - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test223 b/tests/data/test223 index bcdc415d18..06f2638dd0 100644 --- a/tests/data/test223 +++ b/tests/data/test223 @@ -12,27 +12,27 @@ FAILURE # this deflate chunk has three bytes removed from the beginning and is cut # short - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Content-Encoding: deflate -Content-Length: 1305 - + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Content-Encoding: deflate +Content-Length: 1305 + %hex[%58%db%6e%e3%36%10%7d%37%90%7f%60%fd%d4%02%b6%6e%b6%13%39%70%b4%28%72%d9%04%cd%36%c1%da%05%ba%4f%06%2d%d1%36%1b%49%14%48%ca%b9%3c%f4%db%3b%94%28%89%b1%1c%af%77%83%be%04%48%62%72%e6%9c%c3%e1%0c%49%93%99%7c%7a%4a%62%b4%21%5c%50%96%9e%75%5d%cb%e9%22%92%86%2c%a2%e9%ea%ac%7b%33%bd%eb%fb%fe%68%dc%77%bb%9f%82%ce%e4%97%8b%bb%f3%d9%b7%fb%4b%94%71%f6%0f%09%65%3f%a6%42%02%10%4d%bf%4d%67%97%5f%50%77%2d%65%76%6a%db%4b%4e%c4%3a%21%58%5a%29%91%f6%02%87%0f%24%8d%ec%65%d2%d7%3c%d1%77%ac%a1%15%c9%a8%0b%a2%5b%5a%41%07%a1%ca%a6%da%4d%6f%4e%a3%c0%3d%76%bd%89%6d%18%4a%44%84%25%99%e3%28%22%80%18%8f%fd%be%e3%f7%3d%17%39%c3%53%c7%3d%f5%c6%13%db%f0%1b%84%3c%53%1f%51%e0%39%ce%b0%ef%3a%7d%d7%47%8e%77%ea%c1%cf%40%53%2a%c4%ab%38%52%9c%90%b9%58%33%2e%83%30%e7%71%1d%8e%61%6f%e3%97%79%1c%17%70%84%d3%08%c5%74%d1%a6%16%10%1d%1e%11%a1%96%3a%67%49%52%52%52%82%24%63%b5%00%c7%fc%19%2d%19%47%61%4c%49%2a%fb%82%46%04%fd%f5%f5%16%49%8e%53%b1%84%8a%5a%30%8b%46%c8%50%de%19%0c%a2%02%e1%72%04%a5%5a%a9%70%55%df%25%8d%89%38%ea%e4%42%75%d4%18%e2%39%95%f8%c9%42%37%12%89%3c%cb%40%5f%a0%eb%d9%ec%be%57%fc%9d%f6%d0%15%b4%8f%3a%57%45%fb%e2%e6%7c%d6%43%b3%cb%db%3f%2f%e1%f3%f6%e2%77%80%5d%dd%dc%5e%f6%8a%e1%3f%df%dd%5f%5f%7e%85%36%0c%f0%48%62%88%a9%94%ea%67%4c%c8%9e%6e%e6%d0]hex% - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Content-Encoding: deflate -Content-Length: 1305 - + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Content-Encoding: deflate +Content-Length: 1305 + @@ -60,7 +60,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --compressed s/^Accept-Encoding: [a-zA-Z, ]*/Accept-Encoding: xxx/ - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test224 b/tests/data/test224 index cf86731113..2067e7a185 100644 --- a/tests/data/test224 +++ b/tests/data/test224 @@ -9,27 +9,27 @@ compressed # # Server-side - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Content-Encoding: gzip -Content-Length: 2186 - + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Content-Encoding: gzip +Content-Length: 2186 + %hex[%1f%8b%08%1c%bf%bc%ab%41%02%03%30%00%74%68%69%73%20%69%73%20%61%6e%20%65%78%74%72%61%20%66%69%65%6c%64%20%74%68%61%74%20%6d%75%73%74%20%62%65%20%72%65%6d%6f%76%65%64%5f%5f%5f%5f%5f%6c%6f%6e%67%2d%66%69%6c%65%6e%61%6d%65%2dxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx%00%74%68%69%73%20%69%73%20%61%20%63%6f%6d%6d%65%6e%74%20%74%68%61%74%20%6d%75%73%74%20%62%65%20%73%6b%69%70%70%65%64%00%2b%cd%4b%ce%cf%2d%28%4a%2d%2e%4e%4d%51%48%af%ca%2c%50%48%49%2c%49%54%28%cf%2c%c9%50%c8%c9%cf%4b%87%88%65%a4%26%a6%a4%16%71%01%00%b8%50%9e%cb%2d%00%00%00]hex% - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Content-Encoding: gzip -Content-Length: 2186 - + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Content-Encoding: gzip +Content-Length: 2186 + uncompressed gzip data with long gzip header @@ -58,7 +58,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --compressed s/^Accept-Encoding: [a-zA-Z, ]*/Accept-Encoding: xxx/ - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test230 b/tests/data/test230 index 3dc478fc99..0a14e4c15f 100644 --- a/tests/data/test230 +++ b/tests/data/test230 @@ -9,15 +9,15 @@ compressed # # Server-side - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Content-Encoding: deflate, identity, gzip -Content-Length: 1328 - + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Content-Encoding: deflate, identity, gzip +Content-Length: 1328 + %hex[%1f%8b%08%00%fa%65%fa%59%00%03%01%19%05%e6%fa%78%9c%dc%58%db%6e%e3%36%10%7d%37%90%7f%60%fd%d4%02%b6%6e%b6%13%39%70%b4%28%72%d9%04%cd%36%c1%da%05%ba%4f%06%2d%d1%36%1b%49%14%48%ca%b9%3c%f4%db%3b%94%28%89%b1%1c%af%77%83%be%04%48%62%72%e6%9c%c3%e1%0c%49%93%99%7c%7a%4a%62%b4%21%5c%50%96%9e%75%5d%cb%e9%22%92%86%2c%a2%e9%ea%ac%7b%33%bd%eb%fb%fe%68%dc%77%bb%9f%82%ce%e4%97%8b%bb%f3%d9%b7%fb%4b%94%71%f6%0f%09%65%3f%a6%42%02%10%4d%bf%4d%67%97%5f%50%77%2d%65%76%6a%db%4b%4e%c4%3a%21%58%5a%29%91%f6%02%87%0f%24%8d%ec%65%d2%d7%3c%d1%77%ac%a1%15%c9%a8%0b%a2%5b%5a%41%07%a1%ca%a6%da%4d%6f%4e%a3%c0%3d%76%bd%89%6d%18%4a%44%84%25%99%e3%28%22%80%18%8f%fd%be%e3%f7%3d%17%39%c3%53%c7%3d%f5%c6%13%db%f0%1b%84%3c%53%1f%51%e0%39%ce%b0%ef%3a%7d%d7%47%8e%77%ea%c1%cf%40%53%2a%c4%ab%38%52%9c%90%b9%58%33%2e%83%30%e7%71%1d%8e%61%6f%e3%97%79%1c%17%70%84%d3%08%c5%74%d1%a6%16%10%1d%1e%11%a1%96%3a%67%49%52%52%52%82%24%63%b5%00%c7%fc%19%2d%19%47%61%4c%49%2a%fb%82%46%04%fd%f5%f5%16%49%8e%53%b1%84%8a%5a%30%8b%46%c8%50%de%19%0c%a2%02%e1%72%04%a5%5a%a9%70%55%df%25%8d%89%38%ea%e4%42%75%d4%18%e2%39%95%f8%c9%42%37%12%89%3c%cb%40%5f%a0%eb%d9%ec%be%57%fc%9d%f6%d0%15%b4%8f%3a%57%45%fb%e2%e6%7c%d6%43%b3%cb%db%3f%2f%e1%f3%f6%e2%77%80%5d%dd%dc%5e%f6%8a%e1%3f%df%dd%5f%5f%7e%85%36%0c%f0%48%62%88%a9%94%ea%67%4c%c8%9e%6e%e6%d0]hex% %hex[%19%7b%a0%44%14%da%28%cf%62%86%23%18%02%96%5a%9e%90%a8%99%75%0f%65%58%88%47%c6%23%d5%84%c8%d2%3c%59%14%f6%e9%f4%f6%a8%13%12%2e%e9%92%86%50%57%30%fd%41%38%f8%98%28%43%81%6a%3c%c1%08%c5%b4%20%1b%19%7b%24%9c%44%47%9d%c5%73%95%a4%1e%92%6b%f2%66%c6%ab%b2%58%47%9d%d9%1a%a8%08%c3%ef%82%a6%6a%33%09%48%6d%9d%6a%95%60%06%9b%0e%79%ce%51%27%c6%e9%2a%c7%2b%22%8a%18%48%ba%a1%9c%a5%09%0c%20%40%47%97%d0%58%1b%1b%2a%71%4c%e5%f3%5c%84%8c%93%60%74%e2%0f%ad%d1%c9%c4%de%b2%6f%81%33%c2%43%90%0c%06%96%7b%6c%60%2b%f3%16%1a%e6%f3%00%7b%6d%6c%20%0b%93%5e%d7%2c%cb%63%cc%9b%b1%8e%47%63%88%61%08%cb%79%db%d3%22%54%03%ba%03%cb%77%5f%11%5e%87%62%38%ca%60%9c%d1%2b%b4%11%0e%c7%c5%b9%e1%5b%23%67%62%eb%8e%e9%99%87%2c%07%5d%cf%ad%bc%da%f0]hex% %hex[%53%0e%e2%0f%6a%8c%31%80%c8%17%22%e4%34%93%70%44%8a%60%a0%4e%87%d7%a6%12%06%a5%4f%c3%f5%5c%ed%e5%e0%82%2c%71%1e%cb%89%6d%1a%4b%18%d4%7f%5e%1d%60%19%94%3d%d8%79%68%56%27%a5%ad%d6%8b%3d%b1%5b%ac%46%6c%cd%12%f2%b6%10%2c%60%ca%4b%15%75%78%da%26%43%eb%d6%02%8d%a6%5c%bd%1c%2e%07%60%ad%a4%68%8d%c8%e2%c5%3b%5c%04%c0%5a%44%d1%1a%91%17%9a%1d%2e%02%60%2d%a2%68%8d%48%b8%86%3d%46%62%b6%3a%5c%aa%a6%68%c1%46%a2%91%e5%59%72%b8%20%80%b5%94%a2%35%22%11%59%1c%2e%02%60%2d%a2%68%8d%08%13%4f%87%8b%00%58%8b%28%9a%51%2f%11%a9%f3%f2%07%6a%56%12%aa%ba%69%ba%b1%cc%73%0e%69%13%24%d0%eb%b7%ea%1a%85%d9%88%1f%28%c9%46%54%c5%d8%08%43%44%dd%1c%0e%57%51%68%2d%53%10%1b%9d%84%72%ce%f8%e1%4a%25%5e%6b%69%b2%59%d7%84%05%55%ad%a0%59%7a%62]hex% @@ -172,7 +172,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --compressed s/^Accept-Encoding: [a-zA-Z, ]*/Accept-Encoding: xxx/ - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test2300 b/tests/data/test2300 index 33460cdd4b..e9ceb65f04 100644 --- a/tests/data/test2300 +++ b/tests/data/test2300 @@ -8,13 +8,13 @@ WebSockets # # Server-side - -HTTP/1.1 101 Switching to WebSockets swsclose -Server: test-server/fake -Upgrade: websocket -Connection: Upgrade -Sec-WebSocket-Accept: HkPsVga7+8LuxM4RGQ5p9tZHeYs= - + +HTTP/1.1 101 Switching to WebSockets swsclose +Server: test-server/fake +Upgrade: websocket +Connection: Upgrade +Sec-WebSocket-Accept: HkPsVga7+8LuxM4RGQ5p9tZHeYs= + # allow upgrade @@ -47,7 +47,7 @@ WebSockets upgrade only # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test2301 b/tests/data/test2301 index 1762a2c57f..a0fe4f1dec 100644 --- a/tests/data/test2301 +++ b/tests/data/test2301 @@ -8,14 +8,14 @@ WebSockets # # Server-side - -HTTP/1.1 101 Switching to WebSockets -Server: test-server/fake -Upgrade: websocket -Connection: Upgrade -Something: else -Sec-WebSocket-Accept: HkPsVga7+8LuxM4RGQ5p9tZHeYs= - + +HTTP/1.1 101 Switching to WebSockets +Server: test-server/fake +Upgrade: websocket +Connection: Upgrade +Something: else +Sec-WebSocket-Accept: HkPsVga7+8LuxM4RGQ5p9tZHeYs= + %hex[%89%00]hex% # allow upgrade diff --git a/tests/data/test2302 b/tests/data/test2302 index 0b3a7d524e..ab88d9e162 100644 --- a/tests/data/test2302 +++ b/tests/data/test2302 @@ -8,14 +8,14 @@ WebSockets # # Sends a PING + a 5 byte hello TEXT - -HTTP/1.1 101 Switching to WebSockets -Server: test-server/fake -Upgrade: websocket -Connection: Upgrade -Something: else -Sec-WebSocket-Accept: HkPsVga7+8LuxM4RGQ5p9tZHeYs= - + +HTTP/1.1 101 Switching to WebSockets +Server: test-server/fake +Upgrade: websocket +Connection: Upgrade +Something: else +Sec-WebSocket-Accept: HkPsVga7+8LuxM4RGQ5p9tZHeYs= + %hex[%89%00%81%05hello]hex% # allow upgrade diff --git a/tests/data/test2303 b/tests/data/test2303 index cfb1f0d6cd..5c68deaff1 100644 --- a/tests/data/test2303 +++ b/tests/data/test2303 @@ -7,12 +7,12 @@ WebSockets # - -HTTP/1.1 200 Oblivious -Server: test-server/fake -Something: else -Content-Length: 6 - + +HTTP/1.1 200 Oblivious +Server: test-server/fake +Something: else +Content-Length: 6 + hello @@ -43,7 +43,7 @@ ws://%HOSTIP:%HTTPPORT/%TESTNUMBER - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: webbie-sox/3 diff --git a/tests/data/test2304 b/tests/data/test2304 index 47c81b2a96..fda6186f63 100644 --- a/tests/data/test2304 +++ b/tests/data/test2304 @@ -52,7 +52,7 @@ ws://%HOSTIP:%HTTPPORT/%TESTNUMBER # PONG with no data and the 32 bit mask # - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: websocket/%TESTNUMBER diff --git a/tests/data/test2306 b/tests/data/test2306 index c6bbdb0f2b..233905fc79 100644 --- a/tests/data/test2306 +++ b/tests/data/test2306 @@ -9,17 +9,17 @@ HTTP GET # This reproduces the #11101 issue, when the second response comes back # with the first header being "folded" - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 6 -Content-Type: text/html -Funny-head: yesyes - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 +Content-Type: text/html +Funny-head: yesyes + -foo- @@ -54,7 +54,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER http://%HOSTIP:%HTTPPORT/%TESTNUMBER0002 # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test2308 b/tests/data/test2308 index c4e35ad8cc..dfbe0db82e 100644 --- a/tests/data/test2308 +++ b/tests/data/test2308 @@ -8,17 +8,17 @@ HTTP GET # # This reproduces the #13669 issue - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 6 -Content-Type: text/html -Funny-head: yesyes - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 +Content-Type: text/html +Funny-head: yesyes + -foo- @@ -44,7 +44,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test2309 b/tests/data/test2309 index 3763822d0e..88d4b03aff 100644 --- a/tests/data/test2309 +++ b/tests/data/test2309 @@ -8,7 +8,7 @@ HTTP # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -54,7 +54,7 @@ password $y$j9T$WUVjiVvDbRAWafDLs6cab1$01NX.oaZKf5lw8MR2Nk9Yaxv4CqbE0IaDF.GpGxPu - + GET http://github.com/ HTTP/1.1 Host: github.com Authorization: Basic %b64[daniel:$y$j9T$WUVjiVvDbRAWafDLs6cab1$01NX.oaZKf5lw8MR2Nk9Yaxv4CqbE0IaDF.GpGxPul1]b64% diff --git a/tests/data/test232 b/tests/data/test232 index 25cab8372b..5b0cdb3015 100644 --- a/tests/data/test232 +++ b/tests/data/test232 @@ -9,15 +9,15 @@ compressed # # Server-side - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Content-Encoding: deflate -Content-Length: 1287 - + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Content-Encoding: deflate +Content-Length: 1287 + %hex[%dd%58%db%6e%e3%36%10%7d%37%90%7f%60%fd%d4%02%b6%6e%b6%13%39%70%b4%28%72%d9%04%cd%36%c1%da%05%ba%4f%06%2d%d1%36%1b%49%14%48%ca%b9%3c%f4%db%3b%94%28%89%b1%1c%af%77%83%be%04%48%62%72%e6%9c%c3%e1%0c%49%93%99%7c%7a%4a%62%b4%21%5c%50%96%9e%75%5d%cb%e9%22%92%86%2c%a2%e9%ea%ac%7b%33%bd%eb%fb%fe%68%dc%77%bb%9f%82%ce%e4%97%8b%bb%f3%d9%b7%fb%4b%94%71%f6%0f%09%65%3f%a6%42%02%10%4d%bf%4d%67%97%5f%50%77%2d%65%76%6a%db%4b%4e%c4%3a%21%58%5a%29%91%f6%02%87%0f%24%8d%ec%65%d2%d7%3c%d1%77%ac%a1%15%c9%a8%0b%a2%5b%5a%41%07%a1%ca%a6%da%4d%6f%4e%a3%c0%3d%76%bd%89%6d%18%4a%44%84%25%99%e3%28%22%80%18%8f%fd%be%e3%f7%3d%17%39%c3%53%c7%3d%f5%c6%13%db%f0%1b%84%3c%53%1f%51%e0%39%ce%b0%ef%3a%7d%d7%47%8e%77%ea%c1%cf%40%53%2a%c4%ab%38%52%9c%90%b9%58%33%2e%83%30%e7%71%1d%8e%61%6f%e3%97%79%1c%17%70%84%d3%08%c5%74%d1%a6%16%10%1d%1e%11%a1%96%3a%67%49%52%52%52%82%24%63%b5%00%c7%fc%19%2d%19%47%61%4c%49%2a%fb%82%46%04%fd%f5%f5%16%49%8e%53%b1%84%8a%5a%30%8b%46%c8%50%de%19%0c%a2%02%e1%72%04%a5%5a%a9%70%55%df%25%8d%89%38%ea%e4%42%75%d4%18%e2%39%95%f8%c9%42%37%12%89%3c%cb%40%5f%a0%eb%d9%ec%be%57%fc%9d%f6%d0%15%b4%8f%3a%57%45%fb%e2%e6%7c%d6%43%b3%cb%db%3f%2f%e1%f3%f6%e2%77%80%5d%dd%dc%5e%f6%8a%e1%3f%df%dd%5f%5f%7e%85%36%0c%f0%48%62%88%a9%94%ea%67%4c%c8%9e%6e%e6%d0]hex% %hex[%19%7b%a0%44%14%da%28%cf%62%86%23%18%02%96%5a%9e%90%a8%99%75%0f%65%58%88%47%c6%23%d5%84%c8%d2%3c%59%14%f6%e9%f4%f6%a8%13%12%2e%e9%92%86%50%57%30%fd%41%38%f8%98%28%43%81%6a%3c%c1%08%c5%b4%20%1b%19%7b%24%9c%44%47%9d%c5%73%95%a4%1e%92%6b%f2%66%c6%ab%b2%58%47%9d%d9%1a%a8%08%c3%ef%82%a6%6a%33%09%48%6d%9d%6a%95%60%06%9b%0e%79%ce%51%27%c6%e9%2a%c7%2b%22%8a%18%48%ba%a1%9c%a5%09%0c%20%40%47%97%d0%58%1b%1b%2a%71%4c%e5%f3%5c%84%8c%93%60%74%e2%0f%ad%d1%c9%c4%de%b2%6f%81%33%c2%43%90%0c%06%96%7b%6c%60%2b%f3%16%1a%e6%f3%00%7b%6d%6c%20%0b%93%5e%d7%2c%cb%63%cc%9b%b1%8e%47%63%88%61%08%cb%79%db%d3%22%54%03%ba%03%cb%77%5f%11%5e%87%62%38%ca%60%9c%d1%2b%b4%11%0e%c7%c5%b9%e1%5b%23%67%62%eb%8e%e9%99%87%2c%07%5d%cf%ad%bc%da%f0]hex% %hex[%53%0e%e2%0f%6a%8c%31%80%c8%17%22%e4%34%93%70%44%8a%60%a0%4e%87%d7%a6%12%06%a5%4f%c3%f5%5c%ed%e5%e0%82%2c%71%1e%cb%89%6d%1a%4b%18%d4%7f%5e%1d%60%19%94%3d%d8%79%68%56%27%a5%ad%d6%8b%3d%b1%5b%ac%46%6c%cd%12%f2%b6%10%2c%60%ca%4b%15%75%78%da%26%43%eb%d6%02%8d%a6%5c%bd%1c%2e%07%60%ad%a4%68%8d%c8%e2%c5%3b%5c%04%c0%5a%44%d1%1a%91%17%9a%1d%2e%02%60%2d%a2%68%8d%48%b8%86%3d%46%62%b6%3a%5c%aa%a6%68%c1%46%a2%91%e5%59%72%b8%20%80%b5%94%a2%35%22%11%59%1c%2e%02%60%2d%a2%68%8d%08%13%4f%87%8b%00%58%8b%28%9a%51%2f%11%a9%f3%f2%07%6a%56%12%aa%ba%69%ba%b1%cc%73%0e%69%13%24%d0%eb%b7%ea%1a%85%d9%88%1f%28%c9%46%54%c5%d8%08%43%44%dd%1c%0e%57%51%68%2d%53%10%1b%9d%84%72%ce%f8%e1%4a%25%5e%6b%69%b2%59%d7%84%05%55%ad%a0%59%7a%62]hex% @@ -172,7 +172,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --compressed s/^Accept-Encoding: [a-zA-Z, ]*/Accept-Encoding: xxx/ - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test233 b/tests/data/test233 index 3b55200e20..f802232fb0 100644 --- a/tests/data/test233 +++ b/tests/data/test233 @@ -75,7 +75,7 @@ proxy # # Verify data after the test has been "shot" - + GET http://first.host.it.is/we/want/that/page/%TESTNUMBER HTTP/1.1 Host: first.host.it.is Proxy-Authorization: Basic %b64[testing:this]b64% diff --git a/tests/data/test234 b/tests/data/test234 index b3b06cc6be..601580b7fd 100644 --- a/tests/data/test234 +++ b/tests/data/test234 @@ -77,7 +77,7 @@ proxy # # Verify data after the test has been "shot" - + GET http://first.host.it.is/we/want/that/page/%TESTNUMBER HTTP/1.1 Host: first.host.it.is Proxy-Authorization: Basic %b64[testing:this]b64% diff --git a/tests/data/test239 b/tests/data/test239 index 6bd571b7e2..7985c877bb 100644 --- a/tests/data/test239 +++ b/tests/data/test239 @@ -13,35 +13,35 @@ NTLM # this is returned first since we get no proxy-auth - -HTTP/1.1 407 Authorization Required to proxy me my dear -Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== -Content-Length: 34 - + +HTTP/1.1 407 Authorization Required to proxy me my dear +Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== +Content-Length: 34 + Hey you, authenticate or go away! # This is supposed to be returned when the server gets the second # Authorization: NTLM line passed-in from the client - -HTTP/1.1 200 Things are fine in proxy land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 42 - + +HTTP/1.1 200 Things are fine in proxy land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 42 + Contents of that page you requested, sir. - -HTTP/1.1 407 Authorization Required to proxy me my dear -Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== -Content-Length: 34 - -HTTP/1.1 200 Things are fine in proxy land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 42 - + +HTTP/1.1 407 Authorization Required to proxy me my dear +Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== +Content-Length: 34 + +HTTP/1.1 200 Things are fine in proxy land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 42 + Contents of that page you requested, sir. diff --git a/tests/data/test24 b/tests/data/test24 index ae343baa59..eba34b5772 100644 --- a/tests/data/test24 +++ b/tests/data/test24 @@ -31,7 +31,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --fail --silent --show-error # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test240 b/tests/data/test240 index d4d3551b82..9941df77ac 100644 --- a/tests/data/test240 +++ b/tests/data/test240 @@ -45,7 +45,7 @@ HTTP-IPv6 GET # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOST6IP:%HTTP6PORT User-Agent: curl/%VERSION diff --git a/tests/data/test2400 b/tests/data/test2400 index cb68a11e21..8478681fbd 100644 --- a/tests/data/test2400 +++ b/tests/data/test2400 @@ -11,14 +11,14 @@ HTTPS # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 6 -Connection: close -Content-Type: text/html -Funny-head: yesyes - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes + -foo- @@ -49,7 +49,7 @@ HTTP/2 GET over HTTPS # # Verify data after the test has been "shot" - + HTTP/2 200%spc% date: Tue, 09 Nov 2010 14:49:00 GMT content-length: 6 diff --git a/tests/data/test2401 b/tests/data/test2401 index 979a8b2356..a10715ff80 100644 --- a/tests/data/test2401 +++ b/tests/data/test2401 @@ -11,13 +11,13 @@ HTTPS # # Server-side - -HTTP/1.1 201 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close -Content-Length: 0 -Funny-head: yesyes - + +HTTP/1.1 201 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close +Content-Length: 0 +Funny-head: yesyes + @@ -46,14 +46,14 @@ HTTP/2 POST over HTTPS # # Verify data after the test has been "shot" - -HTTP/2 201 -date: Tue, 09 Nov 2010 14:49:00 GMT -content-length: 0 -funny-head: yesyes -server: nghttpx -via: 1.1 nghttpx - + +HTTP/2 201%spc% +date: Tue, 09 Nov 2010 14:49:00 GMT +content-length: 0 +funny-head: yesyes +server: nghttpx +via: 1.1 nghttpx + POST /%TESTNUMBER HTTP/1.1 diff --git a/tests/data/test2402 b/tests/data/test2402 index 5133a0944a..1903534dc8 100644 --- a/tests/data/test2402 +++ b/tests/data/test2402 @@ -10,36 +10,36 @@ verbose logs # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: server.example.com -Content-Length: 47 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: server.example.com +Content-Length: 47 + file contents should appear once for each file - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: server.example.com -Content-Length: 47 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: server.example.com +Content-Length: 47 + file contents should appear once for each file - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: server.example.com -Content-Length: 47 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: server.example.com +Content-Length: 47 + file contents should appear once for each file - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: server.example.com -Content-Length: 47 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: server.example.com +Content-Length: 47 + file contents should appear once for each file @@ -67,7 +67,7 @@ HTTP GET multiple files over HTTP/2 using HTTPS # Verify data after the test has been "shot" - + GET /path/%TESTNUMBER0001 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test2403 b/tests/data/test2403 index dec03cd51c..b23b1e6760 100644 --- a/tests/data/test2403 +++ b/tests/data/test2403 @@ -13,7 +13,7 @@ HTTPS # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Content-Length: 6 @@ -50,7 +50,7 @@ HTTP/2 GET using %{header_json} # # Verify data after the test has been "shot" - + HTTP/2 200%spc% date: Tue, 09 Nov 2010 14:49:00 GMT content-length: 6 diff --git a/tests/data/test2404 b/tests/data/test2404 index 3a5901e8f3..1ed03968db 100644 --- a/tests/data/test2404 +++ b/tests/data/test2404 @@ -10,7 +10,7 @@ verbose logs # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: server.example.com @@ -18,7 +18,7 @@ Content-Length: 47 file contents should appear once for each file - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: server.example.com @@ -26,7 +26,7 @@ Content-Length: 47 file contents should appear once for each file - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: server.example.com @@ -34,7 +34,7 @@ Content-Length: 47 file contents should appear once for each file - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: server.example.com @@ -67,7 +67,7 @@ HTTP/2 using STREAM_WEIGHTs # Verify data after the test has been "shot" - + GET /path/%TESTNUMBER0001 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test2406 b/tests/data/test2406 index a6db9233ef..adf39dbd7e 100644 --- a/tests/data/test2406 +++ b/tests/data/test2406 @@ -11,14 +11,14 @@ HTTPS # # Server-side - -HTTP/1.1 404 nope -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 6 -Connection: close -Content-Type: text/html -Funny-head: yesyes - + +HTTP/1.1 404 nope +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes + -foo- @@ -48,7 +48,7 @@ HTTP/2 over HTTPS with -f # # Verify data after the test has been "shot" - + HTTP/2 404%spc% date: Tue, 09 Nov 2010 14:49:00 GMT content-length: 6 diff --git a/tests/data/test241 b/tests/data/test241 index 66161f6569..2188722ecc 100644 --- a/tests/data/test241 +++ b/tests/data/test241 @@ -43,7 +43,7 @@ HTTP-IPv6 GET (using ip6-localhost) # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: ip6-localhost:%HTTP6PORT User-Agent: curl/%VERSION diff --git a/tests/data/test242 b/tests/data/test242 index 62be5173cc..43b07f8cea 100644 --- a/tests/data/test242 +++ b/tests/data/test242 @@ -40,7 +40,7 @@ HTTP-IPv6 GET with username+password in URL # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOST6IP:%HTTP6PORT Authorization: Basic %b64[foobar:barfoo]b64% diff --git a/tests/data/test243 b/tests/data/test243 index 273bd05492..b8e62f0503 100644 --- a/tests/data/test243 +++ b/tests/data/test243 @@ -13,56 +13,56 @@ NTLM # Server-side - -HTTP/1.1 407 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Proxy-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" -Proxy-Authenticate: Basic realm="gimme all yer s3cr3ts" -Proxy-Authenticate: NTLM -Content-Type: text/html; charset=iso-8859-1 -Connection: close - + +HTTP/1.1 407 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Proxy-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" +Proxy-Authenticate: Basic realm="gimme all yer s3cr3ts" +Proxy-Authenticate: NTLM +Content-Type: text/html; charset=iso-8859-1 +Connection: close + This is not the real page # this is returned first since we get no proxy-auth - -HTTP/1.1 407 Authorization Required to proxy me my dear -Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== -Content-Length: 34 - + +HTTP/1.1 407 Authorization Required to proxy me my dear +Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== +Content-Length: 34 + Hey you, authenticate or go away! # This is supposed to be returned when the server gets the second # Authorization: NTLM line passed-in from the client - -HTTP/1.1 200 Things are fine in proxy land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 42 - + +HTTP/1.1 200 Things are fine in proxy land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 42 + Contents of that page you requested, sir. - -HTTP/1.1 407 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Proxy-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" -Proxy-Authenticate: Basic realm="gimme all yer s3cr3ts" -Proxy-Authenticate: NTLM -Content-Type: text/html; charset=iso-8859-1 -Connection: close - -HTTP/1.1 407 Authorization Required to proxy me my dear -Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== -Content-Length: 34 - -HTTP/1.1 200 Things are fine in proxy land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 42 - + +HTTP/1.1 407 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Proxy-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" +Proxy-Authenticate: Basic realm="gimme all yer s3cr3ts" +Proxy-Authenticate: NTLM +Content-Type: text/html; charset=iso-8859-1 +Connection: close + +HTTP/1.1 407 Authorization Required to proxy me my dear +Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== +Content-Length: 34 + +HTTP/1.1 200 Things are fine in proxy land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 42 + Contents of that page you requested, sir. diff --git a/tests/data/test245 b/tests/data/test245 index da95cc5a6b..8abef87e3a 100644 --- a/tests/data/test245 +++ b/tests/data/test245 @@ -9,35 +9,35 @@ HTTP Digest auth # Server-side - -HTTP/1.1 401 authentication please -Server: Microsoft-IIS/6.0 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - + +HTTP/1.1 401 authentication please +Server: Microsoft-IIS/6.0 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + - -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 200 A OK +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok - -HTTP/1.1 401 authentication please -Server: Microsoft-IIS/6.0 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 401 authentication please +Server: Microsoft-IIS/6.0 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + +HTTP/1.1 200 A OK +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok diff --git a/tests/data/test246 b/tests/data/test246 index 9f2ab74353..9227dfe6a4 100644 --- a/tests/data/test246 +++ b/tests/data/test246 @@ -9,45 +9,45 @@ HTTP Digest auth # Server-side - -HTTP/1.1 100 Continue -Server: Microsoft-IIS/5.0 -Date: Sun, 03 Apr 2005 14:57:45 GMT -X-Powered-By: ASP.NET - -HTTP/1.1 401 authentication please -Server: Microsoft-IIS/6.0 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - + +HTTP/1.1 100 Continue +Server: Microsoft-IIS/5.0 +Date: Sun, 03 Apr 2005 14:57:45 GMT +X-Powered-By: ASP.NET + +HTTP/1.1 401 authentication please +Server: Microsoft-IIS/6.0 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + - -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 200 A OK +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok - -HTTP/1.1 100 Continue -Server: Microsoft-IIS/5.0 -Date: Sun, 03 Apr 2005 14:57:45 GMT -X-Powered-By: ASP.NET - -HTTP/1.1 401 authentication please -Server: Microsoft-IIS/6.0 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 100 Continue +Server: Microsoft-IIS/5.0 +Date: Sun, 03 Apr 2005 14:57:45 GMT +X-Powered-By: ASP.NET + +HTTP/1.1 401 authentication please +Server: Microsoft-IIS/6.0 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + +HTTP/1.1 200 A OK +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok diff --git a/tests/data/test249 b/tests/data/test249 index 6f671080c1..30eb4dbcce 100644 --- a/tests/data/test249 +++ b/tests/data/test249 @@ -40,7 +40,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -z "dec 12 12:00:00 1999 GMT" # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test25 b/tests/data/test25 index f641da93bb..3cfcb14190 100644 --- a/tests/data/test25 +++ b/tests/data/test25 @@ -73,7 +73,7 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -L --max-redirs 5 # Verify data after the test has been "shot" - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test2500 b/tests/data/test2500 index ad6f0b7e1a..c774bf805a 100644 --- a/tests/data/test2500 +++ b/tests/data/test2500 @@ -10,7 +10,7 @@ HTTP/3 # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT @@ -50,14 +50,14 @@ HTTP/3 GET: ^X-Forwarded-Proto:.* ^Via:.* - + GET https://localhost:%HTTP3PORT/%TESTNUMBER HTTP/1.1 Host: localhost:%HTTP3PORT User-Agent: curl/%VERSION Accept: */* - + HTTP/3 200%spc% date: Tue, 09 Nov 2010 14:49:00 GMT last-modified: Tue, 13 Jun 2000 12:10:00 GMT diff --git a/tests/data/test2501 b/tests/data/test2501 index 6de5b755c1..8d68a582c1 100644 --- a/tests/data/test2501 +++ b/tests/data/test2501 @@ -11,13 +11,13 @@ HTTPS # # Server-side - -HTTP/1.1 201 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close -Content-Length: 0 -Funny-head: yesyes - + +HTTP/1.1 201 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close +Content-Length: 0 +Funny-head: yesyes + @@ -46,13 +46,13 @@ HTTP/3 POST # # Verify data after the test has been "shot" - -HTTP/3 201 -date: Tue, 09 Nov 2010 14:49:00 GMT -content-length: 0 -funny-head: yesyes -via: 1.1 nghttpx - + +HTTP/3 201%spc% +date: Tue, 09 Nov 2010 14:49:00 GMT +content-length: 0 +funny-head: yesyes +via: 1.1 nghttpx + POST https://%HOSTIP:%HTTP3PORT/2501 HTTP/1.1 diff --git a/tests/data/test2502 b/tests/data/test2502 index b878e2c9ec..ab460c29d5 100644 --- a/tests/data/test2502 +++ b/tests/data/test2502 @@ -10,7 +10,7 @@ verbose logs # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: server.example.com @@ -18,7 +18,7 @@ Content-Length: 47 file contents should appear once for each file - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: server.example.com @@ -26,7 +26,7 @@ Content-Length: 47 file contents should appear once for each file - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: server.example.com @@ -34,7 +34,7 @@ Content-Length: 47 file contents should appear once for each file - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: server.example.com @@ -66,7 +66,7 @@ HTTP GET multiple over HTTP/3 # Verify data after the test has been "shot" - + GET https://localhost:%HTTP3PORT/path/%TESTNUMBER0001 HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test2503 b/tests/data/test2503 index 28a1f973b5..6c4b100bed 100644 --- a/tests/data/test2503 +++ b/tests/data/test2503 @@ -12,7 +12,7 @@ HTTPS # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Content-Length: 6 @@ -49,7 +49,7 @@ HTTP/3 header-api # # Verify data after the test has been "shot" - + HTTP/3 200%spc% date: Tue, 09 Nov 2010 14:49:00 GMT content-length: 6 diff --git a/tests/data/test256 b/tests/data/test256 index e8ac36b5aa..ca76e73861 100644 --- a/tests/data/test256 +++ b/tests/data/test256 @@ -45,7 +45,7 @@ proxy 33 - + GET http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Proxy-Authorization: Basic %b64[daniel:stenberg]b64% diff --git a/tests/data/test257 b/tests/data/test257 index 4ffb7a6f32..4c3a246200 100644 --- a/tests/data/test257 +++ b/tests/data/test257 @@ -85,7 +85,7 @@ machine anotherone.com login user2 password passwd2 # Verify data after the test has been "shot" - + GET http://supersite.com/want/%TESTNUMBER HTTP/1.1 Host: supersite.com Authorization: Basic %b64[user1:passwd1]b64% diff --git a/tests/data/test258 b/tests/data/test258 index 23acb02006..5501ce9f8e 100644 --- a/tests/data/test258 +++ b/tests/data/test258 @@ -24,12 +24,12 @@ Proxy-Connection: close Content-Length: 0 - -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 200 A OK +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok diff --git a/tests/data/test259 b/tests/data/test259 index 2b65e5076b..25ed26c98e 100644 --- a/tests/data/test259 +++ b/tests/data/test259 @@ -21,12 +21,12 @@ Proxy-Authenticate: Digest realm="many secrets", nonce="911" Content-Length: 0 - -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 200 A OK +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok diff --git a/tests/data/test26 b/tests/data/test26 index 438109516d..80a63378b7 100644 --- a/tests/data/test26 +++ b/tests/data/test26 @@ -31,7 +31,7 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -o - -o - # Verify data after the test has been "shot" - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test260 b/tests/data/test260 index 41a8a7a634..46f6e0f517 100644 --- a/tests/data/test260 +++ b/tests/data/test260 @@ -42,7 +42,7 @@ HTTP GET URL without slash but with question mark # # Verify data after the test has been "shot" - + GET /?%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test262 b/tests/data/test262 index 6b5ad6204e..442d04e387 100644 --- a/tests/data/test262 +++ b/tests/data/test262 @@ -41,7 +41,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test263 b/tests/data/test263 index e1fbe036ca..396d811f94 100644 --- a/tests/data/test263 +++ b/tests/data/test263 @@ -41,7 +41,7 @@ HTTP-IPv6 GET with proxy specified using IPv6-numerical address # # Verify data after the test has been "shot" - + GET http://veryveryremotesite.com/%TESTNUMBER HTTP/1.1 Host: veryveryremotesite.com User-Agent: curl/%VERSION diff --git a/tests/data/test264 b/tests/data/test264 index cb1ad053b3..2bc54db5aa 100644 --- a/tests/data/test264 +++ b/tests/data/test264 @@ -9,12 +9,12 @@ HTTP proxy Basic auth # Server-side - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Type: text/html -Content-Length: 26 - + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Type: text/html +Content-Length: 26 + the content would go here @@ -37,7 +37,7 @@ proxy # Verify data after the test has been "shot" - + GET http://we.want.that.site.com/%TESTNUMBER HTTP/1.1 Host: we.want.that.site.com Proxy-Authorization: Basic %b64[fake:user]b64% diff --git a/tests/data/test265 b/tests/data/test265 index 75d943f0f7..fd17359b1c 100644 --- a/tests/data/test265 +++ b/tests/data/test265 @@ -14,23 +14,23 @@ NTLM # this is returned first since we get no proxy-auth - -HTTP/1.0 407 Authorization Required to proxy me my dear -Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== -Connection: Keep-Alive -Content-Length: 1033 - + +HTTP/1.0 407 Authorization Required to proxy me my dear +Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== +Connection: Keep-Alive +Content-Length: 1033 + And you should ignore this data. %repeat[999 x Q]% # This is supposed to be returned when the server gets the second # Authorization: NTLM line passed-in from the client - -HTTP/1.1 200 Things are fine in proxy land -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 - + +HTTP/1.1 200 Things are fine in proxy land +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 + # this is returned when we get a GET! diff --git a/tests/data/test266 b/tests/data/test266 index aa974b628b..ca5705955c 100644 --- a/tests/data/test266 +++ b/tests/data/test266 @@ -60,21 +60,21 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -D %LOGDIR/heads%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION Accept: */* - -HTTP/1.1 200 funky chunky! -Server: fakeit/0.9 fakeitbad/1.0 -Transfer-Encoding: chunked -Trailer: chunky-trailer -Connection: mooo - -chunky-trailer: header data + +HTTP/1.1 200 funky chunky! +Server: fakeit/0.9 fakeitbad/1.0 +Transfer-Encoding: chunked +Trailer: chunky-trailer +Connection: mooo + +chunky-trailer: header data diff --git a/tests/data/test267 b/tests/data/test267 index 60f8878cbf..393c186e05 100644 --- a/tests/data/test267 +++ b/tests/data/test267 @@ -15,39 +15,39 @@ NTLM This is supposed to be returned when the server gets a first Authorization: NTLM line passed-in from the client --> - -HTTP/1.1 401 Now gimme that second request of crap -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== - + +HTTP/1.1 401 Now gimme that second request of crap +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + This is not the real page either! # This is supposed to be returned when the server gets the second # Authorization: NTLM line passed-in from the client - -HTTP/1.1 200 Things are fine in server land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 200 Things are fine in server land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! - -HTTP/1.1 401 Now gimme that second request of crap -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== - -HTTP/1.1 200 Things are fine in server land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 401 Now gimme that second request of crap +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + +HTTP/1.1 200 Things are fine in server land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! diff --git a/tests/data/test268 b/tests/data/test268 index 0d205fe734..cd3c75a39e 100644 --- a/tests/data/test268 +++ b/tests/data/test268 @@ -9,7 +9,7 @@ variables # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test269 b/tests/data/test269 index 1533ef7eeb..1c68b339b2 100644 --- a/tests/data/test269 +++ b/tests/data/test269 @@ -40,7 +40,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --ignore-content-length # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test27 b/tests/data/test27 index f9ec0cf051..4bf293787c 100644 --- a/tests/data/test27 +++ b/tests/data/test27 @@ -36,7 +36,7 @@ cookies # Verify data after the test has been "shot" - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test273 b/tests/data/test273 index e3629c1843..2573020e04 100644 --- a/tests/data/test273 +++ b/tests/data/test273 @@ -8,39 +8,39 @@ HTTP Digest auth # Server-side - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" -WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" -Content-Type: text/html; charset=iso-8859-1 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" +WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" +Content-Type: text/html; charset=iso-8859-1 + This is not the real page # This is supposed to be returned when the server gets a # Authorization: Digest line passed-in from the client - -HTTP/1.1 200 OK swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 - + +HTTP/1.1 200 OK swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 + This IS the real page! - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" -WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" -Content-Type: text/html; charset=iso-8859-1 - -HTTP/1.1 200 OK swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" +WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" +Content-Type: text/html; charset=iso-8859-1 + +HTTP/1.1 200 OK swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 + This IS the real page! @@ -66,7 +66,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --digest # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test274 b/tests/data/test274 index 685bd0854a..8ac515252c 100644 --- a/tests/data/test274 +++ b/tests/data/test274 @@ -34,7 +34,7 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -L --max-redirs 0 # Verify data after the test has been "shot" - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test275 b/tests/data/test275 index 05260b91b8..124510d3b3 100644 --- a/tests/data/test275 +++ b/tests/data/test275 @@ -14,10 +14,10 @@ proxytunnel # # Server-side - -HTTP/1.1 200 OK -Connected-fine: sure - + +HTTP/1.1 200 OK +Connected-fine: sure + @@ -64,15 +64,15 @@ proxy # # Verify data after the test has been "shot" - -CONNECT remotesite.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 -Host: remotesite.com.%TESTNUMBER:%HTTPPORT -Proxy-Authorization: Basic %b64[youare:yourself]b64% -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - + +CONNECT remotesite.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 +Host: remotesite.com.%TESTNUMBER:%HTTPPORT +Proxy-Authorization: Basic %b64[youare:yourself]b64% +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + - + GET /we/want/that/page/%TESTNUMBER HTTP/1.1 Host: remotesite.com.%TESTNUMBER:%HTTPPORT Authorization: Basic %b64[iam:myself]b64% diff --git a/tests/data/test276 b/tests/data/test276 index f71a2de427..18daa52711 100644 --- a/tests/data/test276 +++ b/tests/data/test276 @@ -59,7 +59,7 @@ HTTP Location: following with multiple question marks in URLs # Verify data after the test has been "shot" - + GET /want?uri=http://anything/%TESTNUMBER?secondq/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test278 b/tests/data/test278 index 102815aae0..46515b3c36 100644 --- a/tests/data/test278 +++ b/tests/data/test278 @@ -9,13 +9,13 @@ HTTP proxy Basic auth # Server-side - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Type: text/html -Content-Length: 27 - -the content would go here + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Type: text/html +Content-Length: 27 + +the content would go here @@ -37,7 +37,7 @@ proxy # Verify data after the test has been "shot" - + GET http://we.want.that.site.com/%TESTNUMBER HTTP/1.1 Host: we.want.that.site.com Proxy-Authorization: Basic %b64[fake:]b64% diff --git a/tests/data/test279 b/tests/data/test279 index 579e13f809..e0383b2aae 100644 --- a/tests/data/test279 +++ b/tests/data/test279 @@ -10,13 +10,13 @@ HTTP proxy Basic auth # Server-side - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Type: text/html -Content-Length: 27 - -the content would go here + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Type: text/html +Content-Length: 27 + +the content would go here @@ -38,7 +38,7 @@ proxy # Verify data after the test has been "shot" - + GET http://we.want.that.site.com/%TESTNUMBER HTTP/1.1 Host: we.want.that.site.com Proxy-Authorization: Basic %b64[fake:]b64% diff --git a/tests/data/test28 b/tests/data/test28 index 979868cea3..3d6b7ca136 100644 --- a/tests/data/test28 +++ b/tests/data/test28 @@ -58,7 +58,7 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -L # Verify data after the test has been "shot" - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test282 b/tests/data/test282 index e5b1321be2..96bd16eab4 100644 --- a/tests/data/test282 +++ b/tests/data/test282 @@ -32,7 +32,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test287 b/tests/data/test287 index 1bc6654ba3..92407c994f 100644 --- a/tests/data/test287 +++ b/tests/data/test287 @@ -11,9 +11,9 @@ proxytunnel # Server-side - -HTTP/1.1 405 Method Not Allowed swsclose - + +HTTP/1.1 405 Method Not Allowed swsclose + And you should ignore this data. @@ -37,7 +37,7 @@ proxy # Verify data after the test has been "shot" - + CONNECT test.remote.example.com.%TESTNUMBER:%HTTPPORT HTTP/1.1 Host: test.remote.example.com.%TESTNUMBER:%HTTPPORT Proxy-Connection: Keep-Alive @@ -48,9 +48,9 @@ User-Agent: looser/2007 56 - -HTTP/1.1 405 Method Not Allowed swsclose - + +HTTP/1.1 405 Method Not Allowed swsclose + diff --git a/tests/data/test29 b/tests/data/test29 index b99b02f04c..b20e8fe629 100644 --- a/tests/data/test29 +++ b/tests/data/test29 @@ -9,11 +9,11 @@ FAILURE # Server-side - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close - + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close + _data_result_data_ @@ -39,7 +39,7 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -m 2 # Verify data after the test has been "shot" - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test292 b/tests/data/test292 index 02159882e4..1bbe98d836 100644 --- a/tests/data/test292 +++ b/tests/data/test292 @@ -43,7 +43,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --max-filesize 1000 # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test293 b/tests/data/test293 index 3b2fc4d9ee..129fb5b32f 100644 --- a/tests/data/test293 +++ b/tests/data/test293 @@ -47,7 +47,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --max-filesize 2 63 - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test299 b/tests/data/test299 index 6de5234d2b..a5ecd4f5f1 100644 --- a/tests/data/test299 +++ b/tests/data/test299 @@ -39,7 +39,7 @@ FTP over HTTP proxy with user:pass not in url # Verify data after the test has been "shot" - + GET ftp://michal:aybabtu@host.com/we/want/%TESTNUMBER HTTP/1.1 Host: host.com:21 Authorization: Basic %b64[michal:aybabtu]b64% diff --git a/tests/data/test3 b/tests/data/test3 index fbf60558c0..3f4b4ee9e2 100644 --- a/tests/data/test3 +++ b/tests/data/test3 @@ -9,20 +9,20 @@ HTTP Basic auth # # Server-side - -HTTP/1.0 200 OK -Server: test-server/fake -Content-Type: text/html -Content-Length: 0 - + +HTTP/1.0 200 OK +Server: test-server/fake +Content-Type: text/html +Content-Length: 0 + this is data even though Content-Length is set to zero - -HTTP/1.0 200 OK -Server: test-server/fake -Content-Type: text/html -Content-Length: 0 - + +HTTP/1.0 200 OK +Server: test-server/fake +Content-Type: text/html +Content-Length: 0 + diff --git a/tests/data/test30 b/tests/data/test30 index 5facba61b3..c76b3bafbb 100644 --- a/tests/data/test30 +++ b/tests/data/test30 @@ -27,7 +27,7 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER # Verify data after the test has been "shot" - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test300 b/tests/data/test300 index 53c9450337..7a56f9cc7e 100644 --- a/tests/data/test300 +++ b/tests/data/test300 @@ -40,7 +40,7 @@ simple HTTPS GET # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPSPORT User-Agent: curl/%VERSION diff --git a/tests/data/test3000 b/tests/data/test3000 index 9fd21ec507..558c216b5b 100644 --- a/tests/data/test3000 +++ b/tests/data/test3000 @@ -42,7 +42,7 @@ HTTPS localhost, first subaltname matches, CN does not match # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: localhost:%HTTPSPORT User-Agent: curl/%VERSION diff --git a/tests/data/test3001 b/tests/data/test3001 index e4732d1cba..11c0efd6d8 100644 --- a/tests/data/test3001 +++ b/tests/data/test3001 @@ -42,7 +42,7 @@ HTTPS localhost, last subject alt name matches, CN does not match # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: localhost:%HTTPSPORT User-Agent: curl/%VERSION diff --git a/tests/data/test3002 b/tests/data/test3002 index 21d799b183..95d454dee1 100644 --- a/tests/data/test3002 +++ b/tests/data/test3002 @@ -19,11 +19,11 @@ smtp SMTP multiple and invalid (first) --mail-rcpt and --mail-rcpt-allowfails - -From: different -To: another - -body + +From: different +To: another + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt-allowfails --mail-rcpt invalid.one --mail-rcpt recipient.two@example.com --mail-rcpt recipient.three@example.com --mail-rcpt recipient.four@example.com --mail-rcpt recipient.five@example.com --mail-from sender@example.com -T - diff --git a/tests/data/test3003 b/tests/data/test3003 index a0b4d67202..0a90820ad7 100644 --- a/tests/data/test3003 +++ b/tests/data/test3003 @@ -19,11 +19,11 @@ smtp SMTP multiple and invalid (last) --mail-rcpt and --mail-rcpt-allowfails - -From: different -To: another - -body + +From: different +To: another + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt-allowfails --mail-rcpt recipient.one@example.com --mail-rcpt recipient.two@example.com --mail-rcpt recipient.three@example.com --mail-rcpt recipient.four@example.com --mail-rcpt invalid.five --mail-from sender@example.com -T - diff --git a/tests/data/test3004 b/tests/data/test3004 index 30f67cbc74..80261f6703 100644 --- a/tests/data/test3004 +++ b/tests/data/test3004 @@ -19,11 +19,11 @@ smtp SMTP multiple and invalid (middle) --mail-rcpt and --mail-rcpt-allowfails - -From: different -To: another - -body + +From: different +To: another + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt-allowfails --mail-rcpt recipient.one@example.com --mail-rcpt recipient.two@example.com --mail-rcpt invalid.three --mail-rcpt recipient.four@example.com --mail-rcpt recipient.five@example.com --mail-from sender@example.com -T - diff --git a/tests/data/test3005 b/tests/data/test3005 index cfe63acdfb..ef417a9cd5 100644 --- a/tests/data/test3005 +++ b/tests/data/test3005 @@ -19,11 +19,11 @@ smtp SMTP multiple invalid (all but one) --mail-rcpt and --mail-rcpt-allowfails - -From: different -To: another - -body + +From: different +To: another + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt-allowfails --mail-rcpt invalid.one --mail-rcpt recipient.two@example.com --mail-rcpt invalid.three --mail-rcpt invalid.four --mail-rcpt invalid.five --mail-from sender@example.com -T - diff --git a/tests/data/test3006 b/tests/data/test3006 index 0d0449d913..4cb13ba17d 100644 --- a/tests/data/test3006 +++ b/tests/data/test3006 @@ -19,11 +19,11 @@ smtp SMTP with multiple invalid (all) --mail-rcpt and --mail-rcpt-allowfails - -From: different -To: another - -body + +From: different +To: another + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt-allowfails --mail-rcpt invalid.one --mail-rcpt invalid.two --mail-rcpt invalid.three --mail-rcpt invalid.four --mail-rcpt invalid.five --mail-from sender@example.com -T - diff --git a/tests/data/test3007 b/tests/data/test3007 index 2cbc4f9a6f..d622240885 100644 --- a/tests/data/test3007 +++ b/tests/data/test3007 @@ -19,11 +19,11 @@ smtp SMTP with invalid --mail-rcpt and --mail-rcpt-allowfails - -From: different -To: another - -body + +From: different +To: another + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt-allowfails --mail-rcpt invalid.one --mail-from sender@example.com -T - diff --git a/tests/data/test3008 b/tests/data/test3008 index 7701a2c33c..67bad12e85 100644 --- a/tests/data/test3008 +++ b/tests/data/test3008 @@ -43,7 +43,7 @@ http://%HOSTIP:%HTTPPORT/this/is/the/%TESTNUMBER -O --output-dir %PWD/%LOGDIR # # Verify data after the test has been "shot" - + GET /this/is/the/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test3009 b/tests/data/test3009 index 96e9d8035f..55497fcaec 100644 --- a/tests/data/test3009 +++ b/tests/data/test3009 @@ -43,7 +43,7 @@ http://%HOSTIP:%HTTPPORT/this/is/the/%TESTNUMBER -O --output-dir %PWD/not-there # # Verify data after the test has been "shot" - + GET /this/is/the/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test301 b/tests/data/test301 index 76a5a61ade..3db2f0e2fe 100644 --- a/tests/data/test301 +++ b/tests/data/test301 @@ -40,7 +40,7 @@ HTTPS GET with user and password # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPSPORT Authorization: Basic %b64[fake:user]b64% diff --git a/tests/data/test3011 b/tests/data/test3011 index 6933b584ab..afd7bf4c41 100644 --- a/tests/data/test3011 +++ b/tests/data/test3011 @@ -43,7 +43,7 @@ http://%HOSTIP:%HTTPPORT/this/is/the/%TESTNUMBER -O --output-dir %PWD/%LOGDIR/tm # # Verify data after the test has been "shot" - + GET /this/is/the/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test3012 b/tests/data/test3012 index 5b98c0c4e2..f987e393d5 100644 --- a/tests/data/test3012 +++ b/tests/data/test3012 @@ -47,7 +47,7 @@ http://%HOSTIP:%HTTPPORT/this/is/the/%TESTNUMBER -OJR --output-dir %PWD/%LOGDIR # # Verify data after the test has been "shot" - + GET /this/is/the/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test3013 b/tests/data/test3013 index 305e435eb5..1a4e29ae87 100644 --- a/tests/data/test3013 +++ b/tests/data/test3013 @@ -46,7 +46,7 @@ http://%HOSTIP:%HTTPPORT/this/is/the/%TESTNUMBER -O --output-dir %PWD/%LOGDIR ht # # Verify data after the test has been "shot" - + GET /this/is/the/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test3014 b/tests/data/test3014 index 7a6686495d..e1e6471a4a 100644 --- a/tests/data/test3014 +++ b/tests/data/test3014 @@ -45,7 +45,7 @@ Content-Type: text/plain testdata 4 - + GET /1439 HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test3015 b/tests/data/test3015 index b2697aa3e0..7391d91643 100644 --- a/tests/data/test3015 +++ b/tests/data/test3015 @@ -12,14 +12,14 @@ chunked Transfer-Encoding # # Server-side - -HTTP/1.1 302 OK -Date: Sun, 13 Sep 2020 15:00 GMT -Content-Length: 8 -Connection: close -Content-Type: text/plain -Location: ./%TESTNUMBER0001 - + +HTTP/1.1 302 OK +Date: Sun, 13 Sep 2020 15:00 GMT +Content-Length: 8 +Connection: close +Content-Type: text/plain +Location: ./%TESTNUMBER0001 + monster @@ -57,7 +57,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w "%{num_headers}\n" -L -o%DEV_NULL # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test302 b/tests/data/test302 index 3f235b201b..dae1437da3 100644 --- a/tests/data/test302 +++ b/tests/data/test302 @@ -12,9 +12,9 @@ FAILURE # Server-side - -HTTP/1.1 405 Method Not Allowed swsclose - + +HTTP/1.1 405 Method Not Allowed swsclose + And you should ignore this data. diff --git a/tests/data/test3023 b/tests/data/test3023 index c5ee22f7d7..6afe91b67a 100644 --- a/tests/data/test3023 +++ b/tests/data/test3023 @@ -46,7 +46,7 @@ CURL_SSL_BACKEND=schannel # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: localhost:%HTTPSPORT User-Agent: curl/%VERSION diff --git a/tests/data/test3024 b/tests/data/test3024 index 76bd4481a5..88a6e62562 100644 --- a/tests/data/test3024 +++ b/tests/data/test3024 @@ -46,7 +46,7 @@ CURL_SSL_BACKEND=schannel # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: localhost:%HTTPSPORT User-Agent: curl/%VERSION diff --git a/tests/data/test3028 b/tests/data/test3028 index 7929f52c07..6f4f45014a 100644 --- a/tests/data/test3028 +++ b/tests/data/test3028 @@ -52,12 +52,12 @@ proxy s/^PROXY TCP4 %CLIENTIP %HOSTIP (\d*) %PROXYPORT/proxy-line/ - -CONNECT %HOSTIP:%HTTPPORT HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - + +CONNECT %HOSTIP:%HTTPPORT HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + diff --git a/tests/data/test303 b/tests/data/test303 index c5c6613cb2..7be81b7dc9 100644 --- a/tests/data/test303 +++ b/tests/data/test303 @@ -10,11 +10,11 @@ FAILURE # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close + _data_result_data_ @@ -43,7 +43,7 @@ HTTPS with 8 secs timeout # Verify data after the test has been "shot" - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPSPORT User-Agent: curl/%VERSION diff --git a/tests/data/test3031 b/tests/data/test3031 index b8da69e5fd..fc9b525458 100644 --- a/tests/data/test3031 +++ b/tests/data/test3031 @@ -7,7 +7,7 @@ # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -43,14 +43,14 @@ http://%HOSTIP:%HTTPPORT/this/is/the/%TESTNUMBER --dump-header %PWD/%LOGDIR/tmp/ # # Verify data after the test has been "shot" - + GET /this/is/the/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION Accept: */* - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test3032 b/tests/data/test3032 index 067e43c02a..470a119667 100644 --- a/tests/data/test3032 +++ b/tests/data/test3032 @@ -9,60 +9,60 @@ HTTP # Server-side - -HTTP/1.1 301 redirect swsbounce -Content-Length: 0 -Location: http://%HOSTIP:%HTTPPORT/%TESTNUMBER -Part: data - + +HTTP/1.1 301 redirect swsbounce +Content-Length: 0 +Location: http://%HOSTIP:%HTTPPORT/%TESTNUMBER +Part: data + - -HTTP/1.1 301 redirect swsbounce -Content-Length: 0 -Location: http://%HOSTIP:%HTTPPORT/%TESTNUMBER -Part: data1 - + +HTTP/1.1 301 redirect swsbounce +Content-Length: 0 +Location: http://%HOSTIP:%HTTPPORT/%TESTNUMBER +Part: data1 + - -HTTP/1.1 301 redirect swsbounce -Content-Length: 0 -Location: http://%HOSTIP:%HTTPPORT/%TESTNUMBER -Part: data2 - + +HTTP/1.1 301 redirect swsbounce +Content-Length: 0 +Location: http://%HOSTIP:%HTTPPORT/%TESTNUMBER +Part: data2 + - -HTTP/1.1 200 OK -Content-Type: text/html -Content-Length: 30 -Part: data3 - + +HTTP/1.1 200 OK +Content-Type: text/html +Content-Length: 30 +Part: data3 + XXXXXXXXXXXXXXXXXXXXXXXXXXXXX - -HTTP/1.1 301 redirect swsbounce -Content-Length: 0 -Location: http://%HOSTIP:%HTTPPORT/%TESTNUMBER -Part: data - -HTTP/1.1 301 redirect swsbounce -Content-Length: 0 -Location: http://%HOSTIP:%HTTPPORT/%TESTNUMBER -Part: data1 - -HTTP/1.1 301 redirect swsbounce -Content-Length: 0 -Location: http://%HOSTIP:%HTTPPORT/%TESTNUMBER -Part: data2 - -HTTP/1.1 200 OK -Content-Type: text/html -Content-Length: 30 -Part: data3 - + +HTTP/1.1 301 redirect swsbounce +Content-Length: 0 +Location: http://%HOSTIP:%HTTPPORT/%TESTNUMBER +Part: data + +HTTP/1.1 301 redirect swsbounce +Content-Length: 0 +Location: http://%HOSTIP:%HTTPPORT/%TESTNUMBER +Part: data1 + +HTTP/1.1 301 redirect swsbounce +Content-Length: 0 +Location: http://%HOSTIP:%HTTPPORT/%TESTNUMBER +Part: data2 + +HTTP/1.1 200 OK +Content-Type: text/html +Content-Length: 30 +Part: data3 + XXXXXXXXXXXXXXXXXXXXXXXXXXXXX @@ -86,7 +86,7 @@ HTTP redirect loop 3x swsbounce test # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test3035 b/tests/data/test3035 index 98fe7c5fd0..a7c2148b12 100644 --- a/tests/data/test3035 +++ b/tests/data/test3035 @@ -15,47 +15,47 @@ retry # # the first chunk # - -HTTP/1.1 200 OK swsbounce swsclose -Accept-Ranges: bytes -Content-Type: text/html -Content-Length: 26 - + +HTTP/1.1 200 OK swsbounce swsclose +Accept-Ranges: bytes +Content-Type: text/html +Content-Length: 26 + abcde # # the second chunk # - -HTTP/1.1 206 Partial Content swsbounce swsclose -Content-Type: text/html -Content-Length: 21 -Content-Range: bytes 5-25/26 - + +HTTP/1.1 206 Partial Content swsbounce swsclose +Content-Type: text/html +Content-Length: 21 +Content-Range: bytes 5-25/26 + fghijk # # some nonsense that curl should ignore as unresumable # - -HTTP/1.1 404 Not Found swsbounce -Content-Type: text/html -Content-Length: 5 - + +HTTP/1.1 404 Not Found swsbounce +Content-Type: text/html +Content-Length: 5 + body # # some more nonsense that curl should ignore as unresumable # - -HTTP/1.1 200 OK swsbounce -Accept-Ranges: bytes -Content-Type: text/html -Content-Length: 30 - + +HTTP/1.1 200 OK swsbounce +Accept-Ranges: bytes +Content-Type: text/html +Content-Length: 30 + XXXXXXXXXXXXXXXXXXXXXXXXXXXXX @@ -87,7 +87,7 @@ HTTP retry failed download with keep data and auto-resume # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test306 b/tests/data/test306 index 6fac104547..ff7a07707e 100644 --- a/tests/data/test306 +++ b/tests/data/test306 @@ -52,7 +52,7 @@ HTTPS GET, receive no headers only data! # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPSPORT User-Agent: curl/%VERSION diff --git a/tests/data/test307 b/tests/data/test307 index 3d796bfc01..d327e88351 100644 --- a/tests/data/test307 +++ b/tests/data/test307 @@ -43,7 +43,7 @@ simple HTTPS GET with openssl engine # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPSPORT User-Agent: curl/%VERSION diff --git a/tests/data/test309 b/tests/data/test309 index 33e36fce00..0a9e9a89ca 100644 --- a/tests/data/test309 +++ b/tests/data/test309 @@ -10,37 +10,37 @@ followlocation # Server-side - -HTTP/1.1 301 This is a weirdo text message swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Location: https://%HOSTIP:%HTTPSPORT/data/%TESTNUMBER0002.txt?coolsite=yes -Connection: close - + +HTTP/1.1 301 This is a weirdo text message swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Location: https://%HOSTIP:%HTTPSPORT/data/%TESTNUMBER0002.txt?coolsite=yes +Connection: close + This server reply is for testing a simple Location: following to HTTPS URL - -HTTP/1.1 200 Followed here fine swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 52 - + +HTTP/1.1 200 Followed here fine swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 52 + If this is received, the location following worked - -HTTP/1.1 301 This is a weirdo text message swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Location: https://%HOSTIP:%HTTPSPORT/data/%TESTNUMBER0002.txt?coolsite=yes -Connection: close - -HTTP/1.1 200 Followed here fine swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 52 - + +HTTP/1.1 301 This is a weirdo text message swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Location: https://%HOSTIP:%HTTPSPORT/data/%TESTNUMBER0002.txt?coolsite=yes +Connection: close + +HTTP/1.1 200 Followed here fine swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 52 + If this is received, the location following worked @@ -65,7 +65,7 @@ HTTP Location: redirect to HTTPS URL # Verify data after the test has been "shot" - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test31 b/tests/data/test31 index b8b09b8d0f..e4d5e4cad7 100644 --- a/tests/data/test31 +++ b/tests/data/test31 @@ -99,7 +99,7 @@ local-http # Verify data after the test has been "shot" - + GET /we/want/%TESTNUMBER HTTP/1.1 Host: test31.curl:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test310 b/tests/data/test310 index f58b673782..7021462feb 100644 --- a/tests/data/test310 +++ b/tests/data/test310 @@ -42,7 +42,7 @@ simple HTTPS GET # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: localhost:%HTTPSPORT User-Agent: curl/%VERSION diff --git a/tests/data/test3100 b/tests/data/test3100 index cd8dd0a3a1..83aedb1131 100644 --- a/tests/data/test3100 +++ b/tests/data/test3100 @@ -10,43 +10,43 @@ RTSP Basic auth # Server-side - -RTSP/1.0 401 Unauthorized please swsbounce -Server: RTSPD/libcurl-test -CSeq: 1 -WWW-Authenticate: Basic realm="please-auth-me" - + +RTSP/1.0 401 Unauthorized please swsbounce +Server: RTSPD/libcurl-test +CSeq: 1 +WWW-Authenticate: Basic realm="please-auth-me" + - -RTSP/1.0 200 OK -Server: RTSPD/libcurl-test -CSeq: 2 -Content-Base: rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER -Content-Length: 80 -Curl-private: swsclose - -v=0 -s=rtspd SDP -i=A fake SDP reply -u=http://www.curl.example.com/fakesdp.ps + +RTSP/1.0 200 OK +Server: RTSPD/libcurl-test +CSeq: 2 +Content-Base: rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER +Content-Length: 80 +Curl-private: swsclose + +v=0 +s=rtspd SDP +i=A fake SDP reply +u=http://www.curl.example.com/fakesdp.ps - -RTSP/1.0 401 Unauthorized please swsbounce -Server: RTSPD/libcurl-test -CSeq: 1 -WWW-Authenticate: Basic realm="please-auth-me" - -RTSP/1.0 200 OK -Server: RTSPD/libcurl-test -CSeq: 2 -Content-Base: rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER -Content-Length: 80 -Curl-private: swsclose - -v=0 -s=rtspd SDP -i=A fake SDP reply -u=http://www.curl.example.com/fakesdp.ps + +RTSP/1.0 401 Unauthorized please swsbounce +Server: RTSPD/libcurl-test +CSeq: 1 +WWW-Authenticate: Basic realm="please-auth-me" + +RTSP/1.0 200 OK +Server: RTSPD/libcurl-test +CSeq: 2 +Content-Base: rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER +Content-Length: 80 +Curl-private: swsclose + +v=0 +s=rtspd SDP +i=A fake SDP reply +u=http://www.curl.example.com/fakesdp.ps @@ -69,7 +69,7 @@ rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER # Verify data after the test has been "shot" - + DESCRIBE rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER RTSP/1.0 CSeq: 1 Accept: application/sdp diff --git a/tests/data/test3101 b/tests/data/test3101 index 7d4dae7f64..5989e7ea46 100644 --- a/tests/data/test3101 +++ b/tests/data/test3101 @@ -8,43 +8,43 @@ HTTP Basic auth # Server-side - -HTTP/1.1 401 Authorization Required swsbounce -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" -WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" -Content-Length: 26 -Content-Type: text/html; charset=iso-8859-1 - + +HTTP/1.1 401 Authorization Required swsbounce +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" +WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" +Content-Length: 26 +Content-Type: text/html; charset=iso-8859-1 + This is not the real page # This is supposed to be returned when the server gets a # Authorization: Digest line passed-in from the client - -HTTP/1.1 200 OK -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 -Connection: close - + +HTTP/1.1 200 OK +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 +Connection: close + This IS the real page! - -HTTP/1.1 401 Authorization Required swsbounce -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" -WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" -Content-Length: 26 -Content-Type: text/html; charset=iso-8859-1 - -HTTP/1.1 200 OK -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 -Connection: close - + +HTTP/1.1 401 Authorization Required swsbounce +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" +WWW-Authenticate: Basic realm="gimme all yer s3cr3ts" +Content-Length: 26 +Content-Type: text/html; charset=iso-8859-1 + +HTTP/1.1 200 OK +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 +Connection: close + This IS the real page! @@ -72,7 +72,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test3102 b/tests/data/test3102 index 779642fbb0..5b20a67d50 100644 --- a/tests/data/test3102 +++ b/tests/data/test3102 @@ -38,7 +38,7 @@ https://%HOSTIP:%HTTPSPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPSPORT Accept: */* diff --git a/tests/data/test3103 b/tests/data/test3103 index 423c4adaac..c0075aab39 100644 --- a/tests/data/test3103 +++ b/tests/data/test3103 @@ -8,7 +8,7 @@ cookies # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -48,7 +48,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET http://localhost/ HTTP/1.1 Host: localhost Accept: */* diff --git a/tests/data/test3104 b/tests/data/test3104 index 296bdc1dc1..42a91b00e6 100644 --- a/tests/data/test3104 +++ b/tests/data/test3104 @@ -8,7 +8,7 @@ cookies # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -48,7 +48,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET http://example.com/ HTTP/1.1 Host: example.com Accept: */* diff --git a/tests/data/test314 b/tests/data/test314 index 5970391cc5..61ea85095c 100644 --- a/tests/data/test314 +++ b/tests/data/test314 @@ -9,15 +9,15 @@ compressed # # Server-side - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Content-Encoding: br -Content-Length: 1056 - + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Content-Encoding: br +Content-Length: 1056 + %hex[%1b%b0%13%00%9c%05%76%1b%5d%81%a4%3c%8b%e9%99%06%83%bf%97]hex% %hex[%20%3c%ab%aa%1e%97%8f%df%c8%d5%e5%30%c8%4d%30%7b%fe%82%55%09%2e%bd%14%50%ca%58%35%6d%32%4f%32%e1%27%cc%4a%ef%da%f6%fb%cb%c5%63%f0%78%30%8a%78%f1%ff%db%2f%55%22%46%c5%f8%48%02%61%23%6c%f6%fe%77%27%c4%13%20%74%f8%66%e7%07%08%24%50%89%74%5d%4f%a5%dd%13%ad]hex% %hex[%4a%56%c8%be%86%eb%e6%b2%50%b1%19%fb%8a%92%23%31%53%2a%dc%6a%3e%fd%45%ed%63%67%74%c8%fd%6a%69%a1%92%c4%29%fc%9d%9b%94%34%68%7b%e0%a3%88%ec%41%24%80%59%75%b6%36%32%b6%4a%5c%f6%62%49%cb%d2%7e%c1%34%c8%f8%7a%e8%51%03%f6%55%1d%83%62%43%68%50%40%aa%82%d3%8b%94%67%15%12%59%f8%f9%e5%73%11%67%2b%6f%c7%cd%ad%ca%d5%c4%b0%2b%24%1a%52%77%c1%57%f1%e6%6c%f1%e6%c9%50%ee%da%05%9e%5e%a4%7c%fa%cd%e9%7b%96%12%e5%7c%7a%10%22%41%a1%df%8a%e2%69%25%6b%ed%54%c6%0e%69%8e%e8%78%d2%0b%32%8e%db%b2%f2%6d%9f%48%dc%2b%4c%48%3d%88%97%89%81%d7%7d%53%95%c6%ee%b7%50%5d%cc%be%17%53%80%d9%60%c2%c1%37%88%f0%55%91%28%1e%98%f3%1d%7f%af%43%7a%6b%9e%b3%70%e2%80%7b%39%63%ab%fd%f0%73%8e%f7%e3%0e%e3%b6%e1%6c%70%cc%fa%8f%a3%e5%7a%54%d7%2d%87%3d%69%7c%5d%7e%b0%c2%b8%c9%66%3b%1d%ed%f7%9b%7d%84%b9%08%10%15%26%77%6b%95%ae%e0%5c%90%70%06%f8%e5%9f%b0%53%13%39%5c%29%97%e7%66%26%75%44%76%61%3b%3e%5b%e6%cd%c3%61%19%49%f3%11%70%fd%c2%8a%7c%89%23%f7%13%4f%e2%6e%6c%bd%d3%e0%23%a4%87%3d%11%7d%f7%a8%87%fd%c4%e1%cf%fa%ba%09%9a%d6%e6%e1%a2%46%1e%71%7a%7c%1c%1c%26%78%32%f8%f1%de%b6%1f%6e%ae%eb%d0%ce%c8%c8%60%d4%f1%63%fa%85%43%5a%72%b8%2b%e2%f9%02%54%6b%d2%6a%49%2e%aa%06%1e%bc%df%94%c2%d0%ea%a2%f6%a0%8a%3d%84%de%aa%09%e6%44%12%a5%cc%fb%f2%ae%9d%56%29%59%57%93%63%e8%6d%84%0d%32%e6%9e%51%2c%b4%d3%4b%87%1e%85%a2%4e%a5%b1%72%01%5c%59%39%aa%dd%22%42%40%57%1d%0d%b2%13%99%63%88%43%6e%db%3d%05%7b%17%cc%51%0e%82%c1%61%ac%84%18%82%1d%38%4a%d6%73%96%52%11%31%50%e9%b5%89%70%1a%6a%59%08%71%e6%54%40%9d%1a%21%48%7c%48%64%43%62%0d%4b%03%02%ba%e2%a9%6b%27%20%48%e3%bd%84%90%3d%50%52%83%05%dc%d3%88%b2%41%3f%da%14%56%42%8b%6c%78%f0%89%c2%02]hex% @@ -174,7 +174,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --compressed s/^Accept-Encoding: [a-zA-Z, ]*/Accept-Encoding: xxx/ - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test315 b/tests/data/test315 index 4b1c443c3f..d13b4236cf 100644 --- a/tests/data/test315 +++ b/tests/data/test315 @@ -11,28 +11,28 @@ FAILURE # Server-side # this brotli chunk has three bytes removed from the beginning and is cut off - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Content-Encoding: br -Content-Length: 1056 - + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Content-Encoding: br +Content-Length: 1056 + %hex[%00%9c%05%76%1b%5d%81%a4%3c%8b%e9%99%06%83%bf%97]hex% %hex[%20%3c%ab%aa%1e%97%8f%df%c8%d5%e5%30%c8%4d%30%7b%fe%82%55%09%2e%bd%14%50%ca%58%35%6d%32%4f%32%e1%27%cc%4a%ef%da%f6%fb%cb%c5%63%f0%78%30%8a%78%f1%ff%db%2f%55%22%46%c5%f8%48%02%61%23%6c%f6%fe%77%27%c4%13%20%74%f8%66%e7%07%08%24%50%89%74%5d%4f%a5%dd%13%ad]hex% - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Content-Encoding: br -Content-Length: 1056 - + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Content-Encoding: br +Content-Length: 1056 + @@ -60,7 +60,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --compressed s/^Accept-Encoding: [a-zA-Z, ]*/Accept-Encoding: xxx/ - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test316 b/tests/data/test316 index 12b9fd378d..520414f1ba 100644 --- a/tests/data/test316 +++ b/tests/data/test316 @@ -11,27 +11,27 @@ compressed # Length of not-encoded content is 16512 what is greater than default value of # CURL_MAX_WRITE_SIZE (16384) - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Content-Encoding: br -Content-Length: 31 - + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Content-Encoding: br +Content-Length: 31 + %hex[%1b%7f%40%00%64%f1%98%cf%28%1a%eb%af%c7%12%ac%41%ab%42%62%51%f3%c8%ea%d9%7b%9f%dc%1b%00%48%00%0a]hex% - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Content-Encoding: br -Content-Length: 31 - + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Content-Encoding: br +Content-Length: 31 + %repeat[128 x 0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF%0a]% @@ -60,7 +60,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --compressed s/^Accept-Encoding: [a-zA-Z, ]*/Accept-Encoding: xxx/ - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test317 b/tests/data/test317 index 435b99d970..fb19620cd2 100644 --- a/tests/data/test317 +++ b/tests/data/test317 @@ -75,7 +75,7 @@ proxy # # Verify data after the test has been "shot" - + GET http://first.host.it.is/we/want/that/page/%TESTNUMBER HTTP/1.1 Host: first.host.it.is Proxy-Authorization: Basic %b64[testing:this]b64% diff --git a/tests/data/test318 b/tests/data/test318 index cdbde8a105..990b6371a0 100644 --- a/tests/data/test318 +++ b/tests/data/test318 @@ -75,7 +75,7 @@ proxy # # Verify data after the test has been "shot" - + GET http://first.host.it.is/we/want/that/page/%TESTNUMBER HTTP/1.1 Host: first.host.it.is Proxy-Authorization: Basic %b64[testing:this]b64% diff --git a/tests/data/test319 b/tests/data/test319 index 12da8ecbed..6258a12720 100644 --- a/tests/data/test319 +++ b/tests/data/test319 @@ -10,14 +10,14 @@ Transfer-Encoding # # Server-side - -HTTP/1.1 200 OK swsclose -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Content-Type: text/html; charset=ISO-8859-1 -Transfer-Encoding: gobbledigook -Content-Length: 44 - + +HTTP/1.1 200 OK swsclose +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Content-Type: text/html; charset=ISO-8859-1 +Transfer-Encoding: gobbledigook +Content-Length: 44 + %hex[%1f%8b%08%08%79%9e%ab%41%00%03%6c%61%6c%61%6c%61%00%cb%c9%cc%4b%55%30%e4%52%c8%01%d1%46%5c]hex% %hex[%10%86%31%17%00]hex% %hex[%02%71%60%18%00%00%00]hex% @@ -48,7 +48,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --raw # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test32 b/tests/data/test32 index e2980fc3dc..d02a541ae3 100644 --- a/tests/data/test32 +++ b/tests/data/test32 @@ -42,7 +42,7 @@ HTTP with -d and -G # # Verify data after the test has been "shot" - + GET /%TESTNUMBER?foo=moo&moo=poo HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test320 b/tests/data/test320 index 60290b835f..93c1d1fd14 100644 --- a/tests/data/test320 +++ b/tests/data/test320 @@ -56,14 +56,14 @@ simple TLS-SRP HTTPS GET, check user in response # Verify data after the test has been "shot" - -HTTP/1.0 200 OK -Content-type: text/html - + +HTTP/1.0 200 OK +Content-type: text/html + FINE -User-Agent: curl-test-suite -Accept: */* - +User-Agent: curl-test-suite +Accept: */* + s/^

Connected as user 'jsmith'.*/FINE/ diff --git a/tests/data/test3204 b/tests/data/test3204 index 25450cb00a..9259199778 100644 --- a/tests/data/test3204 +++ b/tests/data/test3204 @@ -37,7 +37,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --etag-compare %LOGDIR/etag%TESTNUMBER --et # Verify that the file still exists with the correct etag value. - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test3208 b/tests/data/test3208 index 04b3c00413..e87f953331 100644 --- a/tests/data/test3208 +++ b/tests/data/test3208 @@ -9,18 +9,18 @@ libtest # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 6 -Connection: close -Content-Type: text/html -Funny-head: yesyes - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes + -foo- @@ -46,7 +46,7 @@ https://%HOSTIP:%HTTPSPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPSPORT Accept: */* diff --git a/tests/data/test3215 b/tests/data/test3215 index 8eab081f52..97183c21d4 100644 --- a/tests/data/test3215 +++ b/tests/data/test3215 @@ -24,11 +24,11 @@ smtp SMTP DSN - -From: different -To: another - -body + +From: different +To: another + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt " NOTIFY=SUCCESS,FAILURE" --mail-from " RET=HDRS" -T - diff --git a/tests/data/test325 b/tests/data/test325 index c18f6dfe20..aba1fccaf9 100644 --- a/tests/data/test325 +++ b/tests/data/test325 @@ -49,7 +49,7 @@ HTTPS with attempted redirect to denied HTTP # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPSPORT User-Agent: curl/%VERSION diff --git a/tests/data/test326 b/tests/data/test326 index 656fbf8b72..d8c912a99b 100644 --- a/tests/data/test326 +++ b/tests/data/test326 @@ -53,7 +53,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --raw # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test327 b/tests/data/test327 index 91849746c4..6fcc4669a2 100644 --- a/tests/data/test327 +++ b/tests/data/test327 @@ -52,7 +52,7 @@ cookies # Verify data after the test has been "shot" - + GET /we/want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test328 b/tests/data/test328 index 2cde3b22fb..602b6efa19 100644 --- a/tests/data/test328 +++ b/tests/data/test328 @@ -44,7 +44,7 @@ http://%HOSTIP:%HTTPPORT/hello/%TESTNUMBER --compressed ^Accept-Encoding:.* - + GET /hello/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test329 b/tests/data/test329 index 4d3b721e22..d47566f1b2 100644 --- a/tests/data/test329 +++ b/tests/data/test329 @@ -8,23 +8,23 @@ cookies # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Type: text/html -Funny-head: yesyes -Set-Cookie: testn1=yes; path=/we/want/; domain=.host.foo.com; Max-Age=-1; -Set-Cookie: test=yes; path=/we/want/; domain=.host.foo.com; Max-Age=0; -Content-Length: 4 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/html +Funny-head: yesyes +Set-Cookie: testn1=yes; path=/we/want/; domain=.host.foo.com; Max-Age=-1; +Set-Cookie: test=yes; path=/we/want/; domain=.host.foo.com; Max-Age=0; +Content-Length: 4 + boo - -HTTP/1.1 200 OK -Funny-head: yesyes -Content-Length: 4 - + +HTTP/1.1 200 OK +Funny-head: yesyes +Content-Length: 4 + moo @@ -59,7 +59,7 @@ cookies # Verify data after the test has been "shot" - + GET /we/want/%TESTNUMBER HTTP/1.1 Host: host.foo.com User-Agent: curl/%VERSION diff --git a/tests/data/test330 b/tests/data/test330 index 0e6d21defb..04cc67cd7c 100644 --- a/tests/data/test330 +++ b/tests/data/test330 @@ -74,7 +74,7 @@ proxy # # Verify data after the test has been "shot" - + GET http://first.host.it.is/we/want/that/page/%TESTNUMBER HTTP/1.1 Host: first.host.it.is User-Agent: curl/%VERSION diff --git a/tests/data/test331 b/tests/data/test331 index 6d656ac734..4b613c5e13 100644 --- a/tests/data/test331 +++ b/tests/data/test331 @@ -50,7 +50,7 @@ proxy # Verify data after the test has been "shot" - + GET http://moo/we/want/%TESTNUMBER HTTP/1.1 Host: moo User-Agent: curl/%VERSION diff --git a/tests/data/test334 b/tests/data/test334 index b6194e09be..3bbf85eae7 100644 --- a/tests/data/test334 +++ b/tests/data/test334 @@ -31,7 +31,7 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER # Verify data after the test has been "shot" - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test335 b/tests/data/test335 index c4057953d2..9266d0006d 100644 --- a/tests/data/test335 +++ b/tests/data/test335 @@ -74,7 +74,7 @@ http://digest:a-lot@data.from.server.requiring.digest.hohoho.com/%TESTNUMBER --p # Verify data after the test has been "shot" - + GET http://data.from.server.requiring.digest.hohoho.com/%TESTNUMBER HTTP/1.1 Host: data.from.server.requiring.digest.hohoho.com User-Agent: curl/%VERSION diff --git a/tests/data/test339 b/tests/data/test339 index 29205e0431..e915548351 100644 --- a/tests/data/test339 +++ b/tests/data/test339 @@ -46,7 +46,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --etag-save %LOGDIR/etag%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test34 b/tests/data/test34 index bda5a23fc5..175e537034 100644 --- a/tests/data/test34 +++ b/tests/data/test34 @@ -52,7 +52,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test341 b/tests/data/test341 index 3a5f82ea24..54f0da74a5 100644 --- a/tests/data/test341 +++ b/tests/data/test341 @@ -46,7 +46,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --etag-compare %LOGDIR/etag%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test342 b/tests/data/test342 index 14d343998d..e442bd77de 100644 --- a/tests/data/test342 +++ b/tests/data/test342 @@ -44,7 +44,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --etag-compare %LOGDIR/etag%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test343 b/tests/data/test343 index c23c308053..0d244ebfb2 100644 --- a/tests/data/test343 +++ b/tests/data/test343 @@ -44,7 +44,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --etag-compare %LOGDIR/etag%TESTNUMBER --et # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test344 b/tests/data/test344 index 06e70c8597..4621dd6a9f 100644 --- a/tests/data/test344 +++ b/tests/data/test344 @@ -41,7 +41,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --etag-compare %LOGDIR/etag%TESTNUMBER --et # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test345 b/tests/data/test345 index 5fbd2dfd9f..9009beac67 100644 --- a/tests/data/test345 +++ b/tests/data/test345 @@ -44,7 +44,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --etag-compare %LOGDIR/etag%TESTNUMBER --et # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test346 b/tests/data/test346 index 0f67cfb339..816177ebc9 100644 --- a/tests/data/test346 +++ b/tests/data/test346 @@ -44,7 +44,7 @@ HTTP GET over proxy with credentials using blank passwords # - + GET http://remote.example/%TESTNUMBER HTTP/1.1 Host: remote.example Proxy-Authorization: Basic %b64[puser:]b64% diff --git a/tests/data/test347 b/tests/data/test347 index dae91d3ca2..29790730b0 100644 --- a/tests/data/test347 +++ b/tests/data/test347 @@ -46,7 +46,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --etag-save %LOGDIR/etag%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test349 b/tests/data/test349 index 6dc32dbbf5..07d9d07a00 100644 --- a/tests/data/test349 +++ b/tests/data/test349 @@ -31,7 +31,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --fail-with-body # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test355 b/tests/data/test355 index ffb7cbc3c1..5a5e7e70f3 100644 --- a/tests/data/test355 +++ b/tests/data/test355 @@ -44,7 +44,7 @@ h1 example.com 80 h1 %HOSTIP %HTTPPORT "20290222 22:19:28" 0 0 # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test356 b/tests/data/test356 index d723b3953d..1162a47433 100644 --- a/tests/data/test356 +++ b/tests/data/test356 @@ -50,7 +50,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --alt-svc "%LOGDIR/altsvc-%TESTNUMBER" # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test358 b/tests/data/test358 index 327662b41b..d29b09f956 100644 --- a/tests/data/test358 +++ b/tests/data/test358 @@ -11,15 +11,15 @@ HTTP/2 # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 6 -Connection: close -Content-Type: text/html -Funny-head: yesyes -Alt-Svc: h2=":%HTTP2PORT", ma=315360000; persist=0 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes +Alt-Svc: h2=":%HTTP2PORT", ma=315360000; persist=0 + -foo- @@ -55,28 +55,28 @@ h2 %HOSTIP %HTTPPORT h2 %HOSTIP %HTTP2PORT "20290222 22:19:28" 0 0 # # Verify data after the test has been "shot" - -HTTP/1.1 101 Switching Protocols -Connection: Upgrade -Upgrade: h2c - -HTTP/2 200 -date: Tue, 09 Nov 2010 14:49:00 GMT -content-length: 6 -content-type: text/html -funny-head: yesyes -alt-svc: h2=":%HTTP2PORT", ma=315360000; persist=0 -via: 1.1 nghttpx - + +HTTP/1.1 101 Switching Protocols +Connection: Upgrade +Upgrade: h2c + +HTTP/2 200%spc% +date: Tue, 09 Nov 2010 14:49:00 GMT +content-length: 6 +content-type: text/html +funny-head: yesyes +alt-svc: h2=":%HTTP2PORT", ma=315360000; persist=0 +via: 1.1 nghttpx + -foo- -HTTP/2 200 -date: Tue, 09 Nov 2010 14:49:00 GMT -content-length: 6 -content-type: text/html -funny-head: yesyes -alt-svc: h2=":%HTTP2PORT", ma=315360000; persist=0 -via: 1.1 nghttpx - +HTTP/2 200%spc% +date: Tue, 09 Nov 2010 14:49:00 GMT +content-length: 6 +content-type: text/html +funny-head: yesyes +alt-svc: h2=":%HTTP2PORT", ma=315360000; persist=0 +via: 1.1 nghttpx + -foo- diff --git a/tests/data/test359 b/tests/data/test359 index 2dd898118f..cc2b27b2ff 100644 --- a/tests/data/test359 +++ b/tests/data/test359 @@ -11,15 +11,15 @@ HTTP/2 # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 6 -Connection: close -Content-Type: text/html -Funny-head: yesyes -Alt-Svc: h2=":%HTTP2PORT", ma=315360000; persist=0 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes +Alt-Svc: h2=":%HTTP2PORT", ma=315360000; persist=0 + -foo- @@ -55,28 +55,28 @@ h2 %HOSTIP %HTTPSPORT h2 %HOSTIP %HTTP2PORT "20290222 22:19:28" 0 0 # # Verify data after the test has been "shot" - -HTTP/1.1 101 Switching Protocols -Connection: Upgrade -Upgrade: h2c - -HTTP/2 200 -date: Tue, 09 Nov 2010 14:49:00 GMT -content-length: 6 -content-type: text/html -funny-head: yesyes -alt-svc: h2=":%HTTP2PORT", ma=315360000; persist=0 -via: 1.1 nghttpx - + +HTTP/1.1 101 Switching Protocols +Connection: Upgrade +Upgrade: h2c + +HTTP/2 200%spc% +date: Tue, 09 Nov 2010 14:49:00 GMT +content-length: 6 +content-type: text/html +funny-head: yesyes +alt-svc: h2=":%HTTP2PORT", ma=315360000; persist=0 +via: 1.1 nghttpx + -foo- -HTTP/2 200 -date: Tue, 09 Nov 2010 14:49:00 GMT -content-length: 6 -content-type: text/html -funny-head: yesyes -alt-svc: h2=":%HTTP2PORT", ma=315360000; persist=0 -via: 1.1 nghttpx - +HTTP/2 200%spc% +date: Tue, 09 Nov 2010 14:49:00 GMT +content-length: 6 +content-type: text/html +funny-head: yesyes +alt-svc: h2=":%HTTP2PORT", ma=315360000; persist=0 +via: 1.1 nghttpx + -foo- diff --git a/tests/data/test36 b/tests/data/test36 index efe23719a8..ad819cc0ba 100644 --- a/tests/data/test36 +++ b/tests/data/test36 @@ -52,7 +52,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER 56 - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test360 b/tests/data/test360 index f98d03a036..471f0c0f3d 100644 --- a/tests/data/test360 +++ b/tests/data/test360 @@ -7,7 +7,7 @@ - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test361 b/tests/data/test361 index c9642fbbfa..c333a8ce08 100644 --- a/tests/data/test361 +++ b/tests/data/test361 @@ -31,7 +31,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER http://%HOSTIP:%HTTPPORT/%TESTNUMBER --fail # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test363 b/tests/data/test363 index 489d2cf6f1..57bb6d40f5 100644 --- a/tests/data/test363 +++ b/tests/data/test363 @@ -21,9 +21,9 @@ Content-Length: 9 contents - -HTTP/1.1 200 Mighty fine indeed - + +HTTP/1.1 200 Mighty fine indeed + HTTP/1.1 200 Mighty fine indeed @@ -67,12 +67,12 @@ http://test.%TESTNUMBER:%HTTPPORT/we/want/that/page/%TESTNUMBER -p -x %HOSTIP:%P # # Verify data after the test has been "shot" - -CONNECT test.%TESTNUMBER:%HTTPPORT HTTP/1.1 -Host: test.%TESTNUMBER:%HTTPPORT -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - + +CONNECT test.%TESTNUMBER:%HTTPPORT HTTP/1.1 +Host: test.%TESTNUMBER:%HTTPPORT +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + POST /we/want/that/page/%TESTNUMBER HTTP/1.1 diff --git a/tests/data/test365 b/tests/data/test365 index 847023011d..39143aa199 100644 --- a/tests/data/test365 +++ b/tests/data/test365 @@ -54,7 +54,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test366 b/tests/data/test366 index 8fcdbc4d91..03fd9933cf 100644 --- a/tests/data/test366 +++ b/tests/data/test366 @@ -37,7 +37,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --retry 2 --retry-max-time 10 # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test367 b/tests/data/test367 index fd3252f31e..335d59e662 100644 --- a/tests/data/test367 +++ b/tests/data/test367 @@ -36,7 +36,7 @@ http://:example@%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[:example]b64% diff --git a/tests/data/test368 b/tests/data/test368 index d49d1ccf30..188aeb9902 100644 --- a/tests/data/test368 +++ b/tests/data/test368 @@ -37,7 +37,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -r 4 # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Range: bytes=4- diff --git a/tests/data/test369 b/tests/data/test369 index 9810d0a5b9..b86f582a05 100644 --- a/tests/data/test369 +++ b/tests/data/test369 @@ -36,7 +36,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --etag-save %LOGDIR/nowhere/etag%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test37 b/tests/data/test37 index ee2ac76e28..c6fbd1076e 100644 --- a/tests/data/test37 +++ b/tests/data/test37 @@ -33,7 +33,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER 52 - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test371 b/tests/data/test371 index d31454f07b..e1fbd894a6 100644 --- a/tests/data/test371 +++ b/tests/data/test371 @@ -42,7 +42,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -o %LOGDIR/dump -o %LOGDIR/dump2 --no-progr # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test372 b/tests/data/test372 index fcc07822ed..f399f93cd0 100644 --- a/tests/data/test372 +++ b/tests/data/test372 @@ -7,14 +7,14 @@ HTTP GET - -HTTP/1.1 200 OK -Date: Thu, 22 Jul 2010 11:22:33 GMT -Connection: close -Content-Type: text/html -X-Control: swsclose -Content-Length: 2 - + +HTTP/1.1 200 OK +Date: Thu, 22 Jul 2010 11:22:33 GMT +Connection: close +Content-Type: text/html +X-Control: swsclose +Content-Length: 2 + %hex[%00]hex% @@ -35,7 +35,7 @@ proxy - + GET /binary-zero-in-data-section/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test373 b/tests/data/test373 index 99bfaf3ac9..4b282d0f0b 100644 --- a/tests/data/test373 +++ b/tests/data/test373 @@ -32,14 +32,14 @@ X-Control: swsclose - -HTTP/1.1 200 OK -Date: Thu, 22 Jul 2010 11:22:33 GMT -Connection: close -Content-Type: text/html -Transfer-Encoding: chunked -X-Control: swsclose - + +HTTP/1.1 200 OK +Date: Thu, 22 Jul 2010 11:22:33 GMT +Connection: close +Content-Type: text/html +Transfer-Encoding: chunked +X-Control: swsclose + %repeat[255 x %00]% %repeat[255 x %00]% %repeat[255 x %00]% @@ -64,7 +64,7 @@ http://%HOSTIP:%HTTPPORT/chunked-transfer-encoding/%TESTNUMBER - + GET /chunked-transfer-encoding/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test374 b/tests/data/test374 index daec117af9..6f10edfe38 100644 --- a/tests/data/test374 +++ b/tests/data/test374 @@ -8,13 +8,13 @@ gif data - -HTTP/1.1 200 OK -Date: Thu, 22 Jul 2010 11:22:33 GMT -Connection: close -Content-Type: image/gif -X-Control: swsclose - + +HTTP/1.1 200 OK +Date: Thu, 22 Jul 2010 11:22:33 GMT +Connection: close +Content-Type: image/gif +X-Control: swsclose + %hex[%47%49%46%38%39%61%14%00%14%00%a1%04%00%fe%00%00%ff%00%00%1e%42%ee%1f%42%ef%21%ff%0b%4e%45%54%53%43%41%50%45%32%2e%30%03%01%00%00%00%21%fe%24%43%72%65%61%74%65%64%20%62%79%20%46%61%62%69%61%6e%20%4b%65%69%6c%20%77%69%74%68%20%54%68%65%20%47%49%4d%50%00%21%f9%04%00%0a%00%ff%00%2c%00%00%00%00%14%00%14%00%00%02%11%8c%8f%a9%cb%ed%0f%a3%9c%b4%da%8b%b3%de%bc%fb%af%15%00%21%f9%04%01%0a%00%02%00%2c%00%00%00%00%14%00%14%00%00%02%11%9c%8f%a9%cb%ed%0f%a3%9c%b4%da%8b%b3%de%bc%fb%af%15%00%21%f9%04%00%0a%00%ff%00%2c%00%00%00%00%14%00%14%00%00%02%11%94%8f%a9%cb%ed%0f%a3%9c%b4%da%8b%b3%de%bc%fb%af%15%00%21%f9%04%00%0a%00%ff%00%2c%00%00%00%00%14%00%14%00%00%02%11%84%8f%a9%cb%ed%0f%a3%9c%b4%da%8b%b3%de%bc%fb%af%15%00%3b]hex% @@ -35,7 +35,7 @@ http://%HOSTIP:%HTTPPORT/gif/%TESTNUMBER - + GET /gif/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test376 b/tests/data/test376 index d2affc1de5..16c28002d6 100644 --- a/tests/data/test376 +++ b/tests/data/test376 @@ -45,7 +45,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -o %LOGDIR/save-%TESTNUMBER --remove-on-err 18 - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test379 b/tests/data/test379 index d465e90901..3e452f1d30 100644 --- a/tests/data/test379 +++ b/tests/data/test379 @@ -48,7 +48,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -o %LOGDIR/save --remove-on-error --no-clob 18 - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test38 b/tests/data/test38 index 3346f6cf6f..d48e743a46 100644 --- a/tests/data/test38 +++ b/tests/data/test38 @@ -41,7 +41,7 @@ download on. 33 - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Range: bytes=78- diff --git a/tests/data/test387 b/tests/data/test387 index b07096263e..d068be96b8 100644 --- a/tests/data/test387 +++ b/tests/data/test387 @@ -9,7 +9,7 @@ gzip # # Server-side - + HTTP/1.1 200 OK Content-Length: 6 Transfer-Encoding: gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip,gzip @@ -38,7 +38,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -sS --tr-encoding # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test388 b/tests/data/test388 index f7158ec2da..b8e426f906 100644 --- a/tests/data/test388 +++ b/tests/data/test388 @@ -10,35 +10,35 @@ HTTP Digest auth # Server-side # First reply back and ask for Digest auth - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + This is not the real page # second reply back - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + This is not the real page # This is supposed to be returned when the server gets a # Authorization: Digest line passed-in from the client - -HTTP/1.1 200 OK -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 - + +HTTP/1.1 200 OK +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 + This IS the real page! @@ -46,24 +46,24 @@ This IS the real page! # This is the second request, and this sends back a response saying that # the request contained stale data. We want an update. Set swsbounce to # bounce on to data1003 on the second request. - -HTTP/1.1 401 Authorization re-negotiation please swsbounce -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", algorithm=MD5, nonce="999999", stale=true, qop="crazy, auth" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - + +HTTP/1.1 401 Authorization re-negotiation please swsbounce +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", algorithm=MD5, nonce="999999", stale=true, qop="crazy, auth" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + This is not the real page # The second request to the 1002 section will bounce this one back instead # thanks to the swsbounce keyword up there - -HTTP/1.1 200 OK -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 30 - + +HTTP/1.1 200 OK +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 30 + This IS the second real page! @@ -91,7 +91,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER0001 -u testuser:testpass --digest http://%H ^Authorization.*cnonce - + GET /%TESTNUMBER0001 HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -121,36 +121,36 @@ User-Agent: curl/%VERSION Accept: */* - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - -HTTP/1.1 200 OK -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + +HTTP/1.1 200 OK +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 + This IS the real page! -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - -HTTP/1.1 401 Authorization re-negotiation please swsbounce -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", algorithm=MD5, nonce="999999", stale=true, qop="crazy, auth" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - -HTTP/1.1 200 OK -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 30 - +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + +HTTP/1.1 401 Authorization re-negotiation please swsbounce +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", algorithm=MD5, nonce="999999", stale=true, qop="crazy, auth" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + +HTTP/1.1 200 OK +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 30 + This IS the second real page! diff --git a/tests/data/test389 b/tests/data/test389 index 069515ac80..65bf1e9ad9 100644 --- a/tests/data/test389 +++ b/tests/data/test389 @@ -46,7 +46,7 @@ local-http # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: curlmachine.localhost:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test39 b/tests/data/test39 index 1829617499..d01fd3c95f 100644 --- a/tests/data/test39 +++ b/tests/data/test39 @@ -7,12 +7,12 @@ HTTP FORMPOST # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 10 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 10 + blablabla diff --git a/tests/data/test391 b/tests/data/test391 index 55d5405502..9989debe3e 100644 --- a/tests/data/test391 +++ b/tests/data/test391 @@ -56,7 +56,7 @@ http://%HOSTIP:%HTTPPORT/../../%TESTNUMBER --path-as-is -L # # Verify data after the test has been "shot" - + GET /../../%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test392 b/tests/data/test392 index be0a526400..a6b20cb6c6 100644 --- a/tests/data/test392 +++ b/tests/data/test392 @@ -9,15 +9,15 @@ secure - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 4 -Content-Type: text/html -Funny-head: yesyes -Set-Cookie: foobar=name; path=/; secure - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 4 +Content-Type: text/html +Funny-head: yesyes +Set-Cookie: foobar=name; path=/; secure + boo @@ -45,7 +45,7 @@ local-http # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: localhost:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test393 b/tests/data/test393 index 11f273a6c7..ddd44aae52 100644 --- a/tests/data/test393 +++ b/tests/data/test393 @@ -47,7 +47,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --max-filesize 2000000 63 - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test394 b/tests/data/test394 index 5f797d9794..c6b4556330 100644 --- a/tests/data/test394 +++ b/tests/data/test394 @@ -46,7 +46,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER 8 - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test395 b/tests/data/test395 index e3626eb82b..e787397e4f 100644 --- a/tests/data/test395 +++ b/tests/data/test395 @@ -42,7 +42,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test396 b/tests/data/test396 index 4e57778cf1..77bffc3c20 100644 --- a/tests/data/test396 +++ b/tests/data/test396 @@ -9,15 +9,15 @@ compressed # # Server-side - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Content-Encoding: zstd -Content-Length: 1309 - + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Content-Encoding: zstd +Content-Length: 1309 + %hex[%28%b5%2f%fd%64%b1%12%7d%28%00%86%3f%bd%28%e0%d0%ba%01%b0%03%b6%72%a6%27%9f%a8%20%8c%5a%e1%02%85%fd%81%fe%40%32%f0%ef%9a%08%df%c9%f3%9b%10%a3%65%98%a1%8d%c0%cc%0b%b7%00%b3%00%ac%00%f3%21%b7%f6%a4%da%73%bb%79%1a%1e%dd%da%fb%ba%6e%9b%3d%d0%be%b3%49%9f%ac%f1%51%da%6d%18%52%ef%34%ec%ba%ed%bc%a6%b7%58%19%46%aa%81%aa%1a%a8%a6%77%51%90%89%82%58%d3%54%61%92%eb%18%56%aa%01%6a%1a%b0%a6%47%55%90%6b%82%5c%95]hex% %hex[%85%c9%96%32%6a%fa%46%c9%b0%a2%26%14%26%a7%e6%3d%08%83%10%f6%90%57%4a%96%34%41%1e%b2%6d%58%d6%be%d0%62%c6%b7%ab%74%63%6f%9d%6f%df%30%0f%70%f7%76%1e%cf%c1%92%c1%54%60%1e%a7%ce%fb%93%42%ae%d6%16%d6%b9%67%89%a8%c8%1c%40%20%00%40%08%2b%78%50%90%8a%e4%ba%20%10%18%86%07%01%a7%4e%69%b5%da%ef%31%49%d4%83%a0%da%f9%de%9e%47%b7%8c%02%18%d3%53%fb%9b%13%3b%4e%8d%14%72%4c%d5%f3%f6%58%7b%df%d7%99%bd%f6%f8%da%bb%93%81%1c%52%77%ee%8b%34%32%c8%21%db%1b%c3%72%ef%e7%f7%cc%b0%ce%bd%f5%ce%bc%1b%6e%d4%e6%66%5e%6f%0d%72%5c%30%98%6c%eb%ea%75%2b%dd%62%fc%47%ee%45%b2%b7%ee%db%21%47%24%a3%a5%5c%f7%be%e7%85%b5%da%8b%6e%17%dd%b7%1c%24%3e%4a%1b%03%72%7c%7c%91%84%65%21%02%42%21%b2%5c%18%12%5e%14%61%80%70%79%51%c6%f2%70%b1%64%5e%94%39%60%40%48%80%1c%51%44%26%e1%45%98%28%22%93%59%78%7f%dd%72%5c%f7%ef%32%3c%29%23%de%aa%f1%df%41%8e%6f%3a%37%1e%df%cf%c7%50%7a%ef%cd%d7%e8%f7%5d%24%26%5e%cb%b5%b5%49%ed%06%d9%ad%fb%dc%20%bf%e7%3d%ef%61%88%f5%c7%8e%e6%1d%64%f9%59%c6%db%8c%b7%59%cb%ac%e5%c6%f9%c6%39%64%8e%a5%cd%a9%b1%a3%71%f3%c3%cd%4f%f5%c9%aa%4f%f6%e1%dc%0f%e7%42%66%9f%b2%bd%37%db%61%c8%fc%58%73%22%a7%a1%de%31%bc%b4%8b%9b%46%c0%34%1d%ad%46%cf%22%d8%57%3b%2f%37%5d%fb%ac%7b%86%91%8b%21%55%61%b7%76%56%d3%30%9c%24%d2%15%9d%a1%64%62%48%5d%52%84%62%68%49%24%ab%22%99%78%a4%1d%67%39%86%95%09%85%5d%d4%e8%0c%27%94%14%c1%6e%6d%cd%9b%63%48%91%48%d6%45%91%60%ed%56%7b%8d%c6%9d%34%de%e9%61%08%39%a4%bf%b5%b7%6a%3d%0c%21%8c%e1%b7%47%88%56%45%24%96%45%a3%dc%66%2f%50%ac%a9%8a%64%93%7e%28%49%a4%a2%22%d6%44%a3%65%28%10%f0%2e%18%4c%6d%ee%ce%cb%d0%9a%58%14%4c%4e%86%d3%43%6e%9b%d5%da%1f%04%cd%69%dc%a7%d1%53%ab%2d%6b%73%2d%21%c3%88%84%9a%2a%57%c5%9a%50%d3%34%55%d4%75%51%91%49%55%31%ac%3c%d6%ef%8d%75%6e%d3%19%32%43%ef%8a%01%81%35%b5%ce%90%bd%25%27%66%1b%d4%3b%86%1c%ef%ac%f6%c5%3c%da%b3%c6%77%db%b9%5d%64%88%65%5b%d7%b9%9a%6b%3b%5f%bb%5d%7b%c8%72%4a%ae%69%42%61%58%49%15%25%51%30%4d%d3%76%cd%65%78%79%5b%37%af%db%af%f6%e0%51%70%86%c1%01%eb%0f%80%e8%a0%81%95%73%68%66%40%06%00%20%80%41%01%40%42%c2%20%23%4a%03%21%f3%e7%0c%f9%1a%bf%b7%48%ca]hex% %hex[%ce%88%93%e0%97%05%94%c4%49%f0%4d%01%55%d0%62%92%5f%16%24%63%8d%05%9e%44%ae%c1%39%87%63%a3%bb%91%d6%0e%76%79%d0%b6%68%7d%bb%9c%a8%a4%7c%aa%58%ff%82%f3%36%a4%ff%09%b4%c5%f5%7f%85%c7%bf%8b%32%f9%3f%72%50%30%87%b3%d6%26%26%6c%39%86%71%96%a3%02%d9%5a%00%b4%fe%3e%eb%4c%cc%89%46%76%37%2a%bc%11%76%3f%f0%5d%31%66%8e%71%6e%71%f6%6e%ff%de%03%99%f8%de%10%33%85%cf%40%b4%7f%76%20%61%65%2c%23%ed%98%3b%d6%15%5c%6b%62%33%70%09%4c%db%32%e6%3e%8a%f6%39%00%28%b7%b0%e5%b4%42%44%9a%8c%62%a9%68%19%5c%36%33%42%47%7f%86%65%49%e7%89%68%1b%31%e8%0d%b8%b8%8c%ad%84%2d%b8%26%c4%d6%19%4e%dc%34%13%f4%34%bd%ea%6c%d3%cc%22%59%64%8e%3d%67%f7%92%1f%d9%6d%1c%42%86%e9%60%36%86%17%68%da%d5%b8%e0%e4%c0%1e%c4%16%b9%19%64%89%63%69%06%4e%c4%46%c2%41%1d%dc%07%79%aa%21%b7%cd%64%a6%5d%01%9b%ed%5c%07%cc%fb%ec%91%49%43%c8%bb%9e%9d%73%e6%94%61%1a%8c%8c%b2%bd%c6%75%0e%7b%3d%4b%64%6e%d8%6d%d8%3b%93%87%10%76%4d%bb%86%99%4b%c3%2e%1b%91%8f%ad%99%01%35%bb%13%0c%c0%d0%06%0d%2b%af%f1%0c%d8%65%b9%00%a7%fd%81%98%91%94%83%40%cc%f4%39%96%da%a0%05%21%42%18%d3%88%1d%81%83%32%38%39%30%da%61%8b%5b%08%99%1d%d6%70%62%81%88%80%3c%b0%ce%b8%99%d0%10%d2%cc%44%6f%ce%17%48%11%73%a6%5c%7c%37%68%f3%d0%ee%60%b9%2f%c6%78%d7%da%aa%0e%eb%c8%ba%ce%cd%2a%09%2a%ad%9a%25%46%9d%2d%08%05%b4%b5%7a%51%c7%f3%3b%0d%bd%ea%90%6b%d3%f9%ac%fa%b1%e6%9d%3b%39%8e%79%82%d1%ea%8b%50%a5%7b%da%5e%18%9b%71%d8%92%49%e6%70%4b%18%40%fe%75%35%44%19%1a%4b%5c%8e%dd%b8%f3%9c%a8%6c%d2%5e%5e%ff%d2%f6%9c%c7%de%78%2e%3a%86%25%df%a9%80%6e%38%8c%8d%85%c3%90%8c%08%fb%b3%74%24%c8%87%ce%bb%3b%cb%75%af%48%e1%59]hex% @@ -171,7 +171,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --compressed s/^Accept-Encoding: [a-zA-Z, ]*/Accept-Encoding: xxx/ - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test397 b/tests/data/test397 index 40f1495fc5..9048087a18 100644 --- a/tests/data/test397 +++ b/tests/data/test397 @@ -11,28 +11,28 @@ compressed # Length of not-encoded content is 16512 what is greater than default value of # CURL_MAX_WRITE_SIZE (16384) - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Content-Encoding: zstd -Content-Length: 47 - + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Content-Encoding: zstd +Content-Length: 47 + %hex[%28%b5%2f%fd%64%80%3f%0d%01%00%88%30%31%32%33%34%35%36%37%38%39%41%42%43%44%45%46]hex% %hex[%04%00%7c%9f%60%78%00%04%1a%1d%d2%ab%4d%3a%97%82%af%b9%9c]hex% - -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Content-Encoding: zstd -Content-Length: 47 - + +HTTP/1.1 200 OK +Date: Mon, 29 Nov 2004 21:56:53 GMT +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 +Vary: Accept-Encoding +Content-Type: text/html; charset=ISO-8859-1 +Content-Encoding: zstd +Content-Length: 47 + %repeat[128 x 0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF%0a]% @@ -61,7 +61,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --compressed s/^Accept-Encoding: [a-zA-Z, ]*/Accept-Encoding: xxx/ - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test398 b/tests/data/test398 index 6b52e0e558..2f09711652 100644 --- a/tests/data/test398 +++ b/tests/data/test398 @@ -46,7 +46,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test40 b/tests/data/test40 index 5d8d8c1e45..959a7505dc 100644 --- a/tests/data/test40 +++ b/tests/data/test40 @@ -9,32 +9,32 @@ followlocation # # Server-side - -HTTP/1.1 302 OK swsclose -Location: ../moo.html/?name=d a niel&testcase=/%TESTNUMBER0002 -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close - + +HTTP/1.1 302 OK swsclose +Location: ../moo.html/?name=d a niel&testcase=/%TESTNUMBER0002%repeat[4 x ]% +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close + - -HTTP/1.1 200 OK swsclose -Location: this should be ignored -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close - + +HTTP/1.1 200 OK swsclose +Location: this should be ignored +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close + body - -HTTP/1.1 302 OK swsclose -Location: ../moo.html/?name=d a niel&testcase=/%TESTNUMBER0002 -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close - -HTTP/1.1 200 OK swsclose -Location: this should be ignored -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close - + +HTTP/1.1 302 OK swsclose +Location: ../moo.html/?name=d a niel&testcase=/%TESTNUMBER0002%repeat[4 x ]% +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close + +HTTP/1.1 200 OK swsclose +Location: this should be ignored +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close + body @@ -56,7 +56,7 @@ http://%HOSTIP:%HTTPPORT/we/are/all/twits/%TESTNUMBER -L # # Verify data after the test has been "shot" - + GET /we/are/all/twits/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test4000 b/tests/data/test4000 index 49382c9363..147757526b 100644 --- a/tests/data/test4000 +++ b/tests/data/test4000 @@ -40,7 +40,7 @@ HTTPS GET with ECH GREASE # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPSPORT User-Agent: curl/%VERSION diff --git a/tests/data/test410 b/tests/data/test410 index 85885a4d89..3eb4eb4c8b 100644 --- a/tests/data/test410 +++ b/tests/data/test410 @@ -43,7 +43,7 @@ Long: %repeat[3500 x header content]% # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPSPORT User-Agent: curl/%VERSION diff --git a/tests/data/test412 b/tests/data/test412 index 3a6c183603..7a8e83e685 100644 --- a/tests/data/test412 +++ b/tests/data/test412 @@ -52,7 +52,7 @@ h1 whohoo 12345 h1 %HOSTIP %HTTPPORT "20290222 22:19:28" 0 0 # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: whohoo.:12345 User-Agent: curl/%VERSION diff --git a/tests/data/test413 b/tests/data/test413 index 392dbc16f0..e365b1dfea 100644 --- a/tests/data/test413 +++ b/tests/data/test413 @@ -52,7 +52,7 @@ h1 whohoo. 12345 h1 %HOSTIP %HTTPPORT "20290222 22:19:28" 0 0 # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: whohoo:12345 User-Agent: curl/%VERSION diff --git a/tests/data/test414 b/tests/data/test414 index 7e84a8c939..936cf72b05 100644 --- a/tests/data/test414 +++ b/tests/data/test414 @@ -62,7 +62,7 @@ https://attack.invalid:%HTTPSPORT/a/b/%TESTNUMBER --insecure -c %LOGDIR/cookie%T # # Verify data after the test has been "shot" - + GET /a/b/%TESTNUMBER HTTP/1.1 Host: attack.invalid:%HTTPSPORT User-Agent: curl/%VERSION diff --git a/tests/data/test415 b/tests/data/test415 index 0692dc54c9..c0e8a92d08 100644 --- a/tests/data/test415 +++ b/tests/data/test415 @@ -41,7 +41,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test417 b/tests/data/test417 index c8f5997b67..5acd91a5b1 100644 --- a/tests/data/test417 +++ b/tests/data/test417 @@ -38,7 +38,7 @@ https - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPSPORT User-Agent: curl/%VERSION diff --git a/tests/data/test418 b/tests/data/test418 index fa502f1b56..4bcbd57c2e 100644 --- a/tests/data/test418 +++ b/tests/data/test418 @@ -46,7 +46,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -sS --tr-encoding # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test42 b/tests/data/test42 index 36263e2987..007f83e247 100644 --- a/tests/data/test42 +++ b/tests/data/test42 @@ -9,32 +9,32 @@ followlocation # # Server-side - -HTTP/1.1 302 OK swsclose -Location: ../m o o.html/%TESTNUMBER0002 -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close - + +HTTP/1.1 302 OK swsclose +Location: ../m o o.html/%TESTNUMBER0002%repeat[4 x ]% +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close + - -HTTP/1.1 200 OK swsclose -Location: this should be ignored -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close - + +HTTP/1.1 200 OK swsclose +Location: this should be ignored +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close + body - -HTTP/1.1 302 OK swsclose -Location: ../m o o.html/%TESTNUMBER0002 -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close - -HTTP/1.1 200 OK swsclose -Location: this should be ignored -Date: Tue, 09 Nov 2010 14:49:00 GMT -Connection: close - + +HTTP/1.1 302 OK swsclose +Location: ../m o o.html/%TESTNUMBER0002%repeat[4 x ]% +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close + +HTTP/1.1 200 OK swsclose +Location: this should be ignored +Date: Tue, 09 Nov 2010 14:49:00 GMT +Connection: close + body @@ -56,7 +56,7 @@ http://%HOSTIP:%HTTPPORT/we/are/all/twits/%TESTNUMBER -L # # Verify data after the test has been "shot" - + GET /we/are/all/twits/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test420 b/tests/data/test420 index c635264da7..c1d6173f4f 100644 --- a/tests/data/test420 +++ b/tests/data/test420 @@ -10,7 +10,7 @@ cookies # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Accept-Ranges: bytes @@ -56,7 +56,7 @@ cookies # # Verify data after the test has been "shot" - + GET /func_test/del_cookie HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test421 b/tests/data/test421 index b9483e6ba0..7b41703fb5 100644 --- a/tests/data/test421 +++ b/tests/data/test421 @@ -8,7 +8,7 @@ header_json # # Server-side - + HTTP/1.1 200 OK server: nginx date: Tue, 07 Mar 2023 15:14:41 GMT @@ -53,7 +53,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w '%{stderr}%{header_json}\n' -s # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test423 b/tests/data/test423 index 6c6e725b01..01313a9655 100644 --- a/tests/data/test423 +++ b/tests/data/test423 @@ -9,7 +9,7 @@ # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test424 b/tests/data/test424 index 9ae6b1fab9..ff35096505 100644 --- a/tests/data/test424 +++ b/tests/data/test424 @@ -9,7 +9,7 @@ # # Server-side - + HTTP/1.1 301 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -23,7 +23,7 @@ Funny-head: yesyes Location: http://anotherhost.example:2023/%TESTNUMBER0002?moo.html - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test425 b/tests/data/test425 index 1b211d1db3..3ff4c0b0b7 100644 --- a/tests/data/test425 +++ b/tests/data/test425 @@ -9,7 +9,7 @@ HTTP PUT # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Content-Length: 6 diff --git a/tests/data/test427 b/tests/data/test427 index 1e08810ebd..e7e09e98fc 100644 --- a/tests/data/test427 +++ b/tests/data/test427 @@ -10,7 +10,7 @@ cookies # # Server-side - + HTTP/1.1 301 move along Date: Tue, 09 Nov 2010 14:49:00 GMT Accept-Ranges: bytes @@ -25,7 +25,7 @@ Location: %TESTNUMBER0002 -foo- - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Accept-Ranges: bytes @@ -59,7 +59,7 @@ cookies # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test428 b/tests/data/test428 index 4c5c7edc35..a066e7c090 100644 --- a/tests/data/test428 +++ b/tests/data/test428 @@ -10,7 +10,7 @@ variables # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test429 b/tests/data/test429 index 8dd75be04f..302263cc2f 100644 --- a/tests/data/test429 +++ b/tests/data/test429 @@ -10,7 +10,7 @@ variables # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test43 b/tests/data/test43 index 57e22eba0f..37545fe524 100644 --- a/tests/data/test43 +++ b/tests/data/test43 @@ -63,7 +63,7 @@ proxy # Verify data after the test has been "shot" - + GET http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test434 b/tests/data/test434 index 274380dfa6..16445746c1 100644 --- a/tests/data/test434 +++ b/tests/data/test434 @@ -35,7 +35,7 @@ http # - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test435 b/tests/data/test435 index d5cdfbbbd7..46ef516674 100644 --- a/tests/data/test435 +++ b/tests/data/test435 @@ -9,10 +9,10 @@ HTTP GET # # Server-side - -HTTP/1.1 200 OK -Content-Length: 0 - + +HTTP/1.1 200 OK +Content-Length: 0 + @@ -33,7 +33,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w 'lo # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION @@ -51,17 +51,17 @@ Accept: */* s/local port == (\d+)/local port == [digits]/ - -HTTP/1.1 200 OK -Content-Length: 0 - + +HTTP/1.1 200 OK +Content-Length: 0 + local port == [digits] local ip == 127.0.0.1 remote_ip == %HOSTIP remote_port == %HTTPPORT -HTTP/1.1 200 OK -Content-Length: 0 - +HTTP/1.1 200 OK +Content-Length: 0 + local port == [digits] local ip == 127.0.0.1 remote_ip == %HOSTIP diff --git a/tests/data/test436 b/tests/data/test436 index 4371c84d48..e3e39c5fdc 100644 --- a/tests/data/test436 +++ b/tests/data/test436 @@ -8,11 +8,11 @@ # # Server-side - -HTTP/1.1 200 OK -Content-Length: 6 -Content-Type: text/1 - + +HTTP/1.1 200 OK +Content-Length: 6 +Content-Type: text/1 + -foo- diff --git a/tests/data/test437 b/tests/data/test437 index 7611be8257..b5f3988b82 100644 --- a/tests/data/test437 +++ b/tests/data/test437 @@ -48,7 +48,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --alt-svc "%LOGDIR/altsvc-%TESTNUMBER" # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test438 b/tests/data/test438 index b07b4ccd82..23d43f7a08 100644 --- a/tests/data/test438 +++ b/tests/data/test438 @@ -11,15 +11,15 @@ HTTP/2 # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 6 -Connection: close -Content-Type: text/html -Funny-Head: yesyes -Alt-Svc: h1="%HOST6IP:%HTTP6PORT", ma=315360000; persist=0 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-Head: yesyes +Alt-Svc: h1="%HOST6IP:%HTTP6PORT", ma=315360000; persist=0 + -foo- @@ -55,24 +55,24 @@ h1 %HOSTIP %HTTPPORT h1 %HOST6IP %HTTP6PORT "20290222 22:19:28" 0 0 # # Verify data after the test has been "shot" - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 6 -Connection: close -Content-Type: text/html -Funny-Head: yesyes -Alt-Svc: h1="%HOST6IP:%HTTP6PORT", ma=315360000; persist=0 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-Head: yesyes +Alt-Svc: h1="%HOST6IP:%HTTP6PORT", ma=315360000; persist=0 + -foo- -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 6 -Connection: close -Content-Type: text/html -Funny-Head: yesyes -Alt-Svc: h1="%HOST6IP:%HTTP6PORT", ma=315360000; persist=0 - +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-Head: yesyes +Alt-Svc: h1="%HOST6IP:%HTTP6PORT", ma=315360000; persist=0 + -foo- diff --git a/tests/data/test439 b/tests/data/test439 index dc1ae43f9e..9a5b0522af 100644 --- a/tests/data/test439 +++ b/tests/data/test439 @@ -9,7 +9,7 @@ aws-sigv4 # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -46,7 +46,7 @@ aws-sigv4 with query # # Verify data after the test has been "shot" - + GET /439/?name=me&noval&aim=b%aad&&&weirdo=*.//- HTTP/1.1 Host: fake.fake.fake:8000 Authorization: AWS4-HMAC-SHA256 Credential=user/19700101/us-east-2/es/aws4_request, SignedHeaders=host;x-amz-date, Signature=9dd8592929306832a6673d10063491391e486e5f50de4647ea7c2c797277e0a6 diff --git a/tests/data/test440 b/tests/data/test440 index 238e3b3f4d..161e6e3d9a 100644 --- a/tests/data/test440 +++ b/tests/data/test440 @@ -11,14 +11,14 @@ trailing-dot # we use this as response to a CONNECT - -HTTP/1.1 403 not OK at all -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Funny-head: yesyes - + +HTTP/1.1 403 not OK at all +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Funny-head: yesyes + -foo- @@ -52,21 +52,21 @@ test-duphandle # we let it CONNECT to the server to confirm HSTS but deny from there - + CONNECT this.hsts.example.:443 HTTP/1.1 Host: this.hsts.example.:443 User-Agent: curl/%VERSION Proxy-Connection: Keep-Alive - -HTTP/1.1 403 not OK at all -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Funny-head: yesyes - + +HTTP/1.1 403 not OK at all +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Funny-head: yesyes + https://this.hsts.example./%TESTNUMBER # Proxy CONNECT aborted diff --git a/tests/data/test441 b/tests/data/test441 index 2cdd9f318c..033c534304 100644 --- a/tests/data/test441 +++ b/tests/data/test441 @@ -11,14 +11,14 @@ trailing-dot # we use this as response to a CONNECT - -HTTP/1.1 403 not OK at all -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Funny-head: yesyes - + +HTTP/1.1 403 not OK at all +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Funny-head: yesyes + -foo- @@ -51,21 +51,21 @@ test-duphandle # we let it CONNECT to the server to confirm HSTS but deny from there - + CONNECT this.hsts.example:443 HTTP/1.1 Host: this.hsts.example:443 User-Agent: curl/%VERSION Proxy-Connection: Keep-Alive - -HTTP/1.1 403 not OK at all -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Funny-head: yesyes - + +HTTP/1.1 403 not OK at all +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Funny-head: yesyes + https://this.hsts.example/%TESTNUMBER # Proxy CONNECT aborted diff --git a/tests/data/test442 b/tests/data/test442 index 1f29ad3bc6..77bf4f2cb9 100644 --- a/tests/data/test442 +++ b/tests/data/test442 @@ -201,7 +201,7 @@ cookies # # Verify data after the test has been "shot" - + GET /a/b/%TESTNUMBER HTTP/1.1 Host: attack.invalid:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test443 b/tests/data/test443 index ae9218325a..13b8bad87d 100644 --- a/tests/data/test443 +++ b/tests/data/test443 @@ -70,7 +70,7 @@ cookies # # Verify data after the test has been "shot" - + GET /a/b/%TESTNUMBER HTTP/1.1 Host: attack.invalid:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test444 b/tests/data/test444 index a9759c73b0..4c092bef1b 100644 --- a/tests/data/test444 +++ b/tests/data/test444 @@ -126,7 +126,7 @@ cookies # # Verify data after the test has been "shot" - + GET /a/b/%TESTNUMBER HTTP/1.1 Host: attack.invalid:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test446 b/tests/data/test446 index be7bad0e96..ceae26b7e7 100644 --- a/tests/data/test446 +++ b/tests/data/test446 @@ -12,18 +12,18 @@ trailing-dot # we use this as response to a CONNECT - -HTTP/1.1 200 OK - + +HTTP/1.1 200 OK + - + HTTP/1.1 200 OK Content-Length: 6 Strict-Transport-Security: max-age=604800 -foo- - + HTTP/1.1 200 OK Content-Length: 6 Strict-Transport-Security: max-age=6048000 @@ -58,7 +58,7 @@ HSTS with two URLs # we let it CONNECT to the server to confirm HSTS but deny from there - + GET http://this.hsts.example./%TESTNUMBER HTTP/1.1 Host: this.hsts.example. User-Agent: curl/%VERSION diff --git a/tests/data/test447 b/tests/data/test447 index 2783b750b6..f3966f7d27 100644 --- a/tests/data/test447 +++ b/tests/data/test447 @@ -10,7 +10,7 @@ growing file # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test448 b/tests/data/test448 index 108ead9b59..fae30bd533 100644 --- a/tests/data/test448 +++ b/tests/data/test448 @@ -10,7 +10,7 @@ variables # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test449 b/tests/data/test449 index 73c9677281..9c5f5cfede 100644 --- a/tests/data/test449 +++ b/tests/data/test449 @@ -10,7 +10,7 @@ variables # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test45 b/tests/data/test45 index 254c3afe97..54c41dec92 100644 --- a/tests/data/test45 +++ b/tests/data/test45 @@ -59,7 +59,7 @@ simple HTTP Location: without protocol in initial URL # Verify data after the test has been "shot" - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test450 b/tests/data/test450 index 5dcfb85ce6..61d181b00d 100644 --- a/tests/data/test450 +++ b/tests/data/test450 @@ -9,7 +9,7 @@ variables # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test451 b/tests/data/test451 index 7c8fe7d93b..503a77835e 100644 --- a/tests/data/test451 +++ b/tests/data/test451 @@ -9,7 +9,7 @@ variables # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test455 b/tests/data/test455 index 7e468e7524..5a5e42f6d6 100644 --- a/tests/data/test455 +++ b/tests/data/test455 @@ -8,7 +8,7 @@ variables # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test457 b/tests/data/test457 index 79175fcd4c..d9f945ebda 100644 --- a/tests/data/test457 +++ b/tests/data/test457 @@ -53,7 +53,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --max-filesize 143 # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test458 b/tests/data/test458 index 58e7052264..66027b087e 100644 --- a/tests/data/test458 +++ b/tests/data/test458 @@ -9,7 +9,7 @@ variables # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -50,14 +50,14 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -K %LOGDIR/cmd # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION Accept: */* - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test459 b/tests/data/test459 index d1f1ba261c..42398bd35f 100644 --- a/tests/data/test459 +++ b/tests/data/test459 @@ -9,7 +9,7 @@ HTTP # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test46 b/tests/data/test46 index d426503fe7..007861b4fb 100644 --- a/tests/data/test46 +++ b/tests/data/test46 @@ -11,23 +11,23 @@ cookiejar # Server-side - -HTTP/1.1 200 OK -Server: Microsoft-IIS/4.0 -Date: Tue, 25 Sep 2001 19:37:44 GMT -Content-Type: text/html + +HTTP/1.1 200 OK +Server: Microsoft-IIS/4.0 +Date: Tue, 25 Sep 2001 19:37:44 GMT +Content-Type: text/html %if large-time -Set-Cookie: ckyPersistent=permanent; expires=Fri, 13-Feb-2525 11:56:27 GMT; path=/ +Set-Cookie: ckyPersistent=permanent; expires=Fri, 13-Feb-2525 11:56:27 GMT; path=/ %else -Set-Cookie: ckyPersistent=permanent; expires=Fri, 13-Feb-2037 11:56:27 GMT; path=/ +Set-Cookie: ckyPersistent=permanent; expires=Fri, 13-Feb-2037 11:56:27 GMT; path=/ %endif -Set-Cookie: ckySession=temporary; path=/ -Set-Cookie: ASPSESSIONIDQGGQQSJJ=GKNBDIFAAOFDPDAIEAKDIBKE; path=/ -Set-Cookie: justaname=; path=/; -Set-Cookie: simplyhuge=%repeat[3998 x z]% -Cache-control: private -Content-Length: 41 - +Set-Cookie: ckySession=temporary; path=/ +Set-Cookie: ASPSESSIONIDQGGQQSJJ=GKNBDIFAAOFDPDAIEAKDIBKE; path=/ +Set-Cookie: justaname=; path=/; +Set-Cookie: simplyhuge=%repeat[3998 x z]% +Cache-control: private +Content-Length: 41 + This server reply is for testing cookies @@ -74,7 +74,7 @@ cookies # Verify data after the test has been "shot" - + GET /want/%TESTNUMBER HTTP/1.1 Host: domain..tld:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test461 b/tests/data/test461 index 03d7c7a22c..a8e917640a 100644 --- a/tests/data/test461 +++ b/tests/data/test461 @@ -10,7 +10,7 @@ HTTP GET # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Content-Length: 6 @@ -38,7 +38,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -H host: # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 User-Agent: curl/%VERSION Accept: */* diff --git a/tests/data/test468 b/tests/data/test468 index 0b06a4d32e..8242b309fd 100644 --- a/tests/data/test468 +++ b/tests/data/test468 @@ -10,7 +10,7 @@ HTTP # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -46,7 +46,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -K %LOGDIR/cmd%TESTNUMBER -w "" # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test469 b/tests/data/test469 index 87754a2646..1be5673749 100644 --- a/tests/data/test469 +++ b/tests/data/test469 @@ -8,7 +8,7 @@ HTTP # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test47 b/tests/data/test47 index addde5c391..11775d3c43 100644 --- a/tests/data/test47 +++ b/tests/data/test47 @@ -35,7 +35,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -0 # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.0 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test470 b/tests/data/test470 index 547121d11a..b0b720f91e 100644 --- a/tests/data/test470 +++ b/tests/data/test470 @@ -8,7 +8,7 @@ HTTP # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test471 b/tests/data/test471 index 02e273ca3b..e434198ad1 100644 --- a/tests/data/test471 +++ b/tests/data/test471 @@ -54,7 +54,7 @@ Reject HTTP/1.1 to HTTP/2 switch on the same connection # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test472 b/tests/data/test472 index d624760040..61d72e30d7 100644 --- a/tests/data/test472 +++ b/tests/data/test472 @@ -9,7 +9,7 @@ aws-sigv4 # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -47,7 +47,7 @@ aws-sigv4 with query # # Verify data after the test has been "shot" - + GET /472/a=%E3%81%82 HTTP/1.1 Host: fake.fake.fake:8000 Authorization: AWS4-HMAC-SHA256 Credential=user/19700101/us-east-2/es/aws4_request, SignedHeaders=host;x-amz-date, Signature=b8783c8387a5249b084642126fe1f8e07e12a2847820fd5b6cd64b2047149da4 diff --git a/tests/data/test473 b/tests/data/test473 index 8a1a10a6cd..c4caa11a62 100644 --- a/tests/data/test473 +++ b/tests/data/test473 @@ -47,7 +47,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --etag-save %LOGDIR/etag%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test474 b/tests/data/test474 index fc5575d71b..ffc3c0339d 100644 --- a/tests/data/test474 +++ b/tests/data/test474 @@ -9,7 +9,7 @@ # # Server-side - + HTTP/1.1 301 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Content-Length: 0 @@ -18,7 +18,7 @@ Content-Type: text/html Location: https://%HOSTIP:%HTTPSPORT/%TESTNUMBER0002 - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Content-Length: 0 diff --git a/tests/data/test477 b/tests/data/test477 index ab0eac0c81..5e083360ce 100644 --- a/tests/data/test477 +++ b/tests/data/test477 @@ -51,7 +51,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --max-filesize 5 -L # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test478 b/tests/data/test478 index 510eb19696..b1fb2299c0 100644 --- a/tests/data/test478 +++ b/tests/data/test478 @@ -8,7 +8,7 @@ HTTP # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -60,7 +60,7 @@ login debbie - + GET http://github.com/ HTTP/1.1 Host: github.com Authorization: Basic %b64[debbie:second%0D]b64% diff --git a/tests/data/test479 b/tests/data/test479 index 0dfa730ad4..46f6284698 100644 --- a/tests/data/test479 +++ b/tests/data/test479 @@ -8,7 +8,7 @@ HTTP # # Server-side - + HTTP/1.1 301 Follow this you fool Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -22,7 +22,7 @@ Location: http://b.com/%TESTNUMBER0002 -foo- - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -35,7 +35,7 @@ Connection: close target - + HTTP/1.1 301 Follow this you fool Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -87,7 +87,7 @@ default - + GET http://a.com/ HTTP/1.1 Host: a.com Authorization: Basic %b64[alice:alicespassword]b64% diff --git a/tests/data/test483 b/tests/data/test483 index 57fd109778..7c3251004e 100644 --- a/tests/data/test483 +++ b/tests/data/test483 @@ -10,7 +10,7 @@ cookies # # Server-side - + HTTP/1.1 200 OK Set-Cookie: name=value; expires=Fri Feb 13 11:56:27 GMT 2132 Set-Cookie: name2=value; expires=Fri Feb 13 11:56:27 ; 2132 @@ -45,7 +45,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -c %LOGDIR/c%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test486 b/tests/data/test486 index 0bcd045eb4..068b94dd3e 100644 --- a/tests/data/test486 +++ b/tests/data/test486 @@ -8,7 +8,7 @@ HTTP # # Server-side - + HTTP/1.1 301 Follow this you fool Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -22,7 +22,7 @@ Location: http://b.com/%TESTNUMBER0002 -foo- - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -35,7 +35,7 @@ Connection: close target - + HTTP/1.1 301 Follow this you fool Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -86,7 +86,7 @@ default - + GET http://a.com/ HTTP/1.1 Host: a.com Authorization: Basic %b64[alice:alicespassword]b64% diff --git a/tests/data/test487 b/tests/data/test487 index 3ac508b2e5..f7ed37245a 100644 --- a/tests/data/test487 +++ b/tests/data/test487 @@ -8,7 +8,7 @@ variables # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -41,7 +41,7 @@ Variable using 64dec with bad base64 # # Verify data after the test has been "shot" - + GET /[64dec-fail]/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test488 b/tests/data/test488 index ec32810bb5..bb98388361 100644 --- a/tests/data/test488 +++ b/tests/data/test488 @@ -10,7 +10,7 @@ HTTP GET # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -47,7 +47,7 @@ http://%HOSTIP:%HTTPPORT/b # # Verify data after the test has been "shot" - + GET /a HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test489 b/tests/data/test489 index 03c42c5d1e..d610d5c50a 100644 --- a/tests/data/test489 +++ b/tests/data/test489 @@ -10,7 +10,7 @@ HTTP GET # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -47,7 +47,7 @@ http://%HOSTIP:%HTTPPORT/b # # Verify data after the test has been "shot" - + GET /a HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test49 b/tests/data/test49 index ff2f41b3c1..6e0061cd2b 100644 --- a/tests/data/test49 +++ b/tests/data/test49 @@ -56,7 +56,7 @@ http://%HOSTIP:%HTTPPORT/we/are/all/twits/%TESTNUMBER -L # # Verify data after the test has been "shot" - + GET /we/are/all/twits/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test493 b/tests/data/test493 index 67083721d6..bc2f20b068 100644 --- a/tests/data/test493 +++ b/tests/data/test493 @@ -11,14 +11,14 @@ url_effective # we use this as response to a CONNECT - -HTTP/1.1 403 not OK at all -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Funny-head: yesyes - + +HTTP/1.1 403 not OK at all +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Funny-head: yesyes + -foo- @@ -50,21 +50,21 @@ test-duphandle # we let it CONNECT to the server to confirm HSTS but deny from there - + CONNECT this.hsts.example:443 HTTP/1.1 Host: this.hsts.example:443 User-Agent: curl/%VERSION Proxy-Connection: Keep-Alive - -HTTP/1.1 403 not OK at all -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Funny-head: yesyes - + +HTTP/1.1 403 not OK at all +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Funny-head: yesyes + https://this.hsts.example/%TESTNUMBER # Proxy CONNECT aborted diff --git a/tests/data/test495 b/tests/data/test495 index 60b24b97ee..e3c6066479 100644 --- a/tests/data/test495 +++ b/tests/data/test495 @@ -44,7 +44,7 @@ http://foo%40bar:secret@%HOSTIP:%HTTPPORT/%TESTNUMBER --netrc-optional # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[foo@bar:secret]b64% diff --git a/tests/data/test497 b/tests/data/test497 index 02ec8e802f..e71370251d 100644 --- a/tests/data/test497 +++ b/tests/data/test497 @@ -41,7 +41,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test499 b/tests/data/test499 index d4040b07ce..07433871ac 100644 --- a/tests/data/test499 +++ b/tests/data/test499 @@ -9,7 +9,7 @@ HTTP GET # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -23,7 +23,7 @@ Funny-head: yesyes -foo- - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -54,7 +54,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -I # # Verify data after the test has been "shot" - + HEAD /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test5 b/tests/data/test5 index 25d887b496..807eb55929 100644 --- a/tests/data/test5 +++ b/tests/data/test5 @@ -39,7 +39,7 @@ proxy # # Verify data after the test has been "shot" - + GET http://%HOSTIP:%HTTPPORT/we/want/that/page/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test50 b/tests/data/test50 index 6b8f86a6c7..a468ad656e 100644 --- a/tests/data/test50 +++ b/tests/data/test50 @@ -56,7 +56,7 @@ http://%HOSTIP:%HTTPPORT/we/are/all/twits/%TESTNUMBER -L # # Verify data after the test has been "shot" - + GET /we/are/all/twits/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test500 b/tests/data/test500 index d09cc4fdbd..df964293dc 100644 --- a/tests/data/test500 +++ b/tests/data/test500 @@ -8,18 +8,18 @@ HTTP GET # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 6 -Connection: close -Content-Type: text/html -Funny-head: yesyes - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes + -foo- @@ -48,7 +48,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER %LOGDIR/ip%TESTNUMBER IP %HOSTIP - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test503 b/tests/data/test503 index 8aefb0d86f..ba071c24ff 100644 --- a/tests/data/test503 +++ b/tests/data/test503 @@ -16,9 +16,9 @@ multi connection-monitor - -HTTP/1.1 200 Mighty fine indeed - + +HTTP/1.1 200 Mighty fine indeed + HTTP/1.1 200 OK swsclose @@ -70,12 +70,12 @@ moo # Verify data after the test has been "shot" - -CONNECT machine.%TESTNUMBER:%HTTPPORT HTTP/1.1 -Host: machine.%TESTNUMBER:%HTTPPORT -Proxy-Authorization: Basic %b64[test%2520:ing%2541]b64% -Proxy-Connection: Keep-Alive - + +CONNECT machine.%TESTNUMBER:%HTTPPORT HTTP/1.1 +Host: machine.%TESTNUMBER:%HTTPPORT +Proxy-Authorization: Basic %b64[test%2520:ing%2541]b64% +Proxy-Connection: Keep-Alive + [DISCONNECT] diff --git a/tests/data/test508 b/tests/data/test508 index b3c5289834..69079a365a 100644 --- a/tests/data/test508 +++ b/tests/data/test508 @@ -9,13 +9,13 @@ POST callback # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello diff --git a/tests/data/test51 b/tests/data/test51 index d66df67444..f2a7d00f17 100644 --- a/tests/data/test51 +++ b/tests/data/test51 @@ -56,7 +56,7 @@ http://%HOSTIP:%HTTPPORT/we/are/all/twits/%TESTNUMBER -L # # Verify data after the test has been "shot" - + GET /we/are/all/twits/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test510 b/tests/data/test510 index 7864293100..ede81fb8e6 100644 --- a/tests/data/test510 +++ b/tests/data/test510 @@ -10,13 +10,13 @@ chunked Transfer-Encoding # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello diff --git a/tests/data/test512 b/tests/data/test512 index 79e198af18..55436fd1c7 100644 --- a/tests/data/test512 +++ b/tests/data/test512 @@ -9,12 +9,12 @@ HTTP GET # # Server-side - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: yes -Connection: close - + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: yes +Connection: close + hello @@ -40,7 +40,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test514 b/tests/data/test514 index 2f3a01eb5d..9ab14de7c6 100644 --- a/tests/data/test514 +++ b/tests/data/test514 @@ -8,18 +8,18 @@ HTTP HEAD # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 6 -Connection: close -Content-Type: text/html -Funny-head: yesyes - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes + @@ -44,7 +44,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + HEAD /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test515 b/tests/data/test515 index 1009900cc9..75817365ff 100644 --- a/tests/data/test515 +++ b/tests/data/test515 @@ -8,12 +8,12 @@ HTTP POST # # Server-side - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 3 - + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 3 + OK @@ -39,7 +39,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + POST /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test516 b/tests/data/test516 index fcadb706bc..dbd6352aa9 100644 --- a/tests/data/test516 +++ b/tests/data/test516 @@ -10,12 +10,12 @@ FORM # # Server-side - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 3 - + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 3 + OK @@ -44,7 +44,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + POST /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test518 b/tests/data/test518 index 0e730664cd..0da7360d98 100644 --- a/tests/data/test518 +++ b/tests/data/test518 @@ -9,18 +9,18 @@ HTTP GET # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 6 -Connection: close -Content-Type: text/html -Funny-head: yesyes - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes + -foo- @@ -54,7 +54,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test519 b/tests/data/test519 index 2e38372b48..6121c12e3e 100644 --- a/tests/data/test519 +++ b/tests/data/test519 @@ -9,34 +9,34 @@ HTTP GET # # Server-side - -HTTP/1.1 200 OK swsbounce -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 8 - + +HTTP/1.1 200 OK swsbounce +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 8 + content - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 9 - + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 9 + content2 - -HTTP/1.1 200 OK swsbounce -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 8 - + +HTTP/1.1 200 OK swsbounce +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 8 + content -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 9 - +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 9 + content2 @@ -62,7 +62,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[monster:underbed]b64% diff --git a/tests/data/test52 b/tests/data/test52 index b867966362..39e7d68f77 100644 --- a/tests/data/test52 +++ b/tests/data/test52 @@ -56,7 +56,7 @@ http://%HOSTIP:%HTTPPORT/we/are/all/twits/%TESTNUMBER -L # # Verify data after the test has been "shot" - + GET /we/are/all/twits/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test522 b/tests/data/test522 index 1c4b179686..2134e98c81 100644 --- a/tests/data/test522 +++ b/tests/data/test522 @@ -10,15 +10,15 @@ CURLOPT_PORT # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 6 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 + hello @@ -43,7 +43,7 @@ http://%HOSTIP/%TESTNUMBER %HTTPPORT # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[xxx:yyy]b64% diff --git a/tests/data/test523 b/tests/data/test523 index fc4b5272e1..4c67bc6d4b 100644 --- a/tests/data/test523 +++ b/tests/data/test523 @@ -12,15 +12,15 @@ CURLOPT_PROXY # # Server-side - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 6 - + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 + hello @@ -49,7 +49,7 @@ proxy # # Verify data after the test has been "shot" - + GET http://www.example.com:19999/%TESTNUMBER HTTP/1.1 Host: www.example.com:19999 Authorization: Basic %b64[xxx:yyy]b64% diff --git a/tests/data/test528 b/tests/data/test528 index 0889b69980..7daf4d5f13 100644 --- a/tests/data/test528 +++ b/tests/data/test528 @@ -9,12 +9,12 @@ multi # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 47 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 47 + file contents should appear once for each file @@ -43,7 +43,7 @@ http://%HOSTIP:%HTTPPORT/path/%TESTNUMBER # Verify data after the test has been "shot" - + GET /path/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test53 b/tests/data/test53 index 5a018ab492..0c044a1092 100644 --- a/tests/data/test53 +++ b/tests/data/test53 @@ -8,14 +8,14 @@ cookies # Server-side - -HTTP/1.1 200 OK -Server: Microsoft-IIS/4.0 -Date: Tue, 25 Sep 2001 19:37:44 GMT -Content-Type: text/html -Connection: close -Content-Length: 21 - + +HTTP/1.1 200 OK +Server: Microsoft-IIS/4.0 +Date: Tue, 25 Sep 2001 19:37:44 GMT +Content-Type: text/html +Connection: close +Content-Length: 21 + This server says moo @@ -43,7 +43,7 @@ cookies # Verify data after the test has been "shot" - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test535 b/tests/data/test535 index 50dfcffd49..986ffb3bc5 100644 --- a/tests/data/test535 +++ b/tests/data/test535 @@ -8,23 +8,23 @@ multi - -HTTP/1.1 404 Badness -Date: Tue, 09 Nov 2010 14:49:00 GMT -ETag: "21025-dc7-39462498" -Content-Length: 6 -Content-Type: text/html -Funny-head: yesyes - + +HTTP/1.1 404 Badness +Date: Tue, 09 Nov 2010 14:49:00 GMT +ETag: "21025-dc7-39462498" +Content-Length: 6 +Content-Type: text/html +Funny-head: yesyes + hejsan - -HTTP/1.1 200 Fine -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 13 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 Fine +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 13 +Connection: close +Content-Type: text/html + fine content @@ -55,7 +55,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER http://%HOSTIP:%HTTPPORT/%TESTNUMBER0001 # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test536 b/tests/data/test536 index dc78f2a651..58a9ede4f4 100644 --- a/tests/data/test536 +++ b/tests/data/test536 @@ -13,15 +13,15 @@ CURLINFO_USED_PROXY # # Server-side - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 6 - + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 + hello @@ -55,7 +55,7 @@ proxy # # Verify data after the test has been "shot" - + GET http://usingproxy.com/ HTTP/1.1 Host: usingproxy.com Accept: */* diff --git a/tests/data/test537 b/tests/data/test537 index 0fa0ef7cd8..5cac2ed917 100644 --- a/tests/data/test537 +++ b/tests/data/test537 @@ -9,18 +9,18 @@ HTTP GET # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 6 -Connection: close -Content-Type: text/html -Funny-head: yesyes - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes + -foo- @@ -54,7 +54,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test54 b/tests/data/test54 index c0be2d624e..167542fbf0 100644 --- a/tests/data/test54 +++ b/tests/data/test54 @@ -32,7 +32,7 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -L # Verify data after the test has been "shot" - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test540 b/tests/data/test540 index 161e986488..c3238e3305 100644 --- a/tests/data/test540 +++ b/tests/data/test540 @@ -16,41 +16,41 @@ connection-monitor # this is returned first since we get no proxy-auth - -HTTP/1.1 407 Authorization Required to proxy me my dear -Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345" -Content-Length: 33 - + +HTTP/1.1 407 Authorization Required to proxy me my dear +Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345" +Content-Length: 33 + And you should ignore this data. # then this is returned when we get proxy-auth - -HTTP/1.1 200 OK -Content-Length: 21 -Server: no - + +HTTP/1.1 200 OK +Content-Length: 21 +Server: no + Nice proxy auth sir! - -HTTP/1.1 407 Authorization Required to proxy me my dear -Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345" -Content-Length: 33 - -HTTP/1.1 200 OK -Content-Length: 21 -Server: no - + +HTTP/1.1 407 Authorization Required to proxy me my dear +Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345" +Content-Length: 33 + +HTTP/1.1 200 OK +Content-Length: 21 +Server: no + Nice proxy auth sir! -HTTP/1.1 407 Authorization Required to proxy me my dear -Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345" -Content-Length: 33 - -HTTP/1.1 200 OK -Content-Length: 21 -Server: no - +HTTP/1.1 407 Authorization Required to proxy me my dear +Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345" +Content-Length: 33 + +HTTP/1.1 200 OK +Content-Length: 21 +Server: no + Nice proxy auth sir! diff --git a/tests/data/test542 b/tests/data/test542 index 0974f0292c..8f6bdf8945 100644 --- a/tests/data/test542 +++ b/tests/data/test542 @@ -16,9 +16,9 @@ that FTP works so does it? - -Content-Length: 51 -Accept-ranges: bytes + +Content-Length: 51 +Accept-ranges: bytes diff --git a/tests/data/test544 b/tests/data/test544 index 38a7da0640..adfeadcf09 100644 --- a/tests/data/test544 +++ b/tests/data/test544 @@ -9,12 +9,12 @@ HTTP POST # # Server-side - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 3 - + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 3 + OK diff --git a/tests/data/test545 b/tests/data/test545 index b8993c01f1..363fe4dd7f 100644 --- a/tests/data/test545 +++ b/tests/data/test545 @@ -9,12 +9,12 @@ HTTP POST # # Server-side - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 3 - + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 3 + OK diff --git a/tests/data/test547 b/tests/data/test547 index d18639ae8a..764a231301 100644 --- a/tests/data/test547 +++ b/tests/data/test547 @@ -12,56 +12,56 @@ NTLM # Server-side - -HTTP/1.1 407 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Proxy-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" -Proxy-Authenticate: Basic realm="gimme all yer s3cr3ts" -Proxy-Authenticate: NTLM -Content-Type: text/html; charset=iso-8859-1 -Connection: close - + +HTTP/1.1 407 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Proxy-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" +Proxy-Authenticate: Basic realm="gimme all yer s3cr3ts" +Proxy-Authenticate: NTLM +Content-Type: text/html; charset=iso-8859-1 +Connection: close + This is not the real page # this is returned first since we get no proxy-auth - -HTTP/1.1 407 Authorization Required to proxy me my dear -Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== -Content-Length: 34 - + +HTTP/1.1 407 Authorization Required to proxy me my dear +Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== +Content-Length: 34 + Hey you, authenticate or go away! # This is supposed to be returned when the server gets the second # Authorization: NTLM line passed-in from the client - -HTTP/1.1 200 Things are fine in proxy land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 42 - + +HTTP/1.1 200 Things are fine in proxy land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 42 + Contents of that page you requested, sir. - -HTTP/1.1 407 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Proxy-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" -Proxy-Authenticate: Basic realm="gimme all yer s3cr3ts" -Proxy-Authenticate: NTLM -Content-Type: text/html; charset=iso-8859-1 -Connection: close - -HTTP/1.1 407 Authorization Required to proxy me my dear -Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== -Content-Length: 34 - -HTTP/1.1 200 Things are fine in proxy land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 42 - + +HTTP/1.1 407 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Proxy-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" +Proxy-Authenticate: Basic realm="gimme all yer s3cr3ts" +Proxy-Authenticate: NTLM +Content-Type: text/html; charset=iso-8859-1 +Connection: close + +HTTP/1.1 407 Authorization Required to proxy me my dear +Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== +Content-Length: 34 + +HTTP/1.1 200 Things are fine in proxy land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 42 + Contents of that page you requested, sir. diff --git a/tests/data/test548 b/tests/data/test548 index 1a8d5e16e9..d75c49559e 100644 --- a/tests/data/test548 +++ b/tests/data/test548 @@ -12,56 +12,56 @@ NTLM # Server-side - -HTTP/1.1 407 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Proxy-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" -Proxy-Authenticate: Basic realm="gimme all yer s3cr3ts" -Proxy-Authenticate: NTLM -Content-Type: text/html; charset=iso-8859-1 -Connection: close - + +HTTP/1.1 407 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Proxy-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" +Proxy-Authenticate: Basic realm="gimme all yer s3cr3ts" +Proxy-Authenticate: NTLM +Content-Type: text/html; charset=iso-8859-1 +Connection: close + This is not the real page # this is returned first since we get no proxy-auth - -HTTP/1.1 407 Authorization Required to proxy me my dear -Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== -Content-Length: 34 - + +HTTP/1.1 407 Authorization Required to proxy me my dear +Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== +Content-Length: 34 + Hey you, authenticate or go away! # This is supposed to be returned when the server gets the second # Authorization: NTLM line passed-in from the client - -HTTP/1.1 200 Things are fine in proxy land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 42 - + +HTTP/1.1 200 Things are fine in proxy land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 42 + Contents of that page you requested, sir. - -HTTP/1.1 407 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Proxy-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" -Proxy-Authenticate: Basic realm="gimme all yer s3cr3ts" -Proxy-Authenticate: NTLM -Content-Type: text/html; charset=iso-8859-1 -Connection: close - -HTTP/1.1 407 Authorization Required to proxy me my dear -Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== -Content-Length: 34 - -HTTP/1.1 200 Things are fine in proxy land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 42 - + +HTTP/1.1 407 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Proxy-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" +Proxy-Authenticate: Basic realm="gimme all yer s3cr3ts" +Proxy-Authenticate: NTLM +Content-Type: text/html; charset=iso-8859-1 +Connection: close + +HTTP/1.1 407 Authorization Required to proxy me my dear +Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== +Content-Length: 34 + +HTTP/1.1 200 Things are fine in proxy land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 42 + Contents of that page you requested, sir. diff --git a/tests/data/test549 b/tests/data/test549 index 070bfcdfd3..6fc17603f5 100644 --- a/tests/data/test549 +++ b/tests/data/test549 @@ -11,15 +11,15 @@ HTTP proxy # # Server-side - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 6 - + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 + hello @@ -49,7 +49,7 @@ ftp://www.example.com/moo/%TESTNUMBER http://%HOSTIP:%HTTPPORT # # Verify data after the test has been "shot" - + GET ftp://www.example.com/moo/%TESTNUMBER;type=i HTTP/1.1 Host: www.example.com:21 Accept: */* diff --git a/tests/data/test55 b/tests/data/test55 index dd8a9d4f6b..73e474fd3b 100644 --- a/tests/data/test55 +++ b/tests/data/test55 @@ -48,7 +48,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -L - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test550 b/tests/data/test550 index e0d0b1b16f..ae87565aea 100644 --- a/tests/data/test550 +++ b/tests/data/test550 @@ -11,15 +11,15 @@ CURLOPT_PROXY # # Server-side - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 6 - + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 + hello @@ -49,7 +49,7 @@ ftp://www.example.com/moo/%TESTNUMBER http://%HOSTIP:%HTTPPORT ascii # # Verify data after the test has been "shot" - + GET ftp://www.example.com/moo/%TESTNUMBER;type=a HTTP/1.1 Host: www.example.com:21 Accept: */* diff --git a/tests/data/test551 b/tests/data/test551 index cd85900530..87579d48f8 100644 --- a/tests/data/test551 +++ b/tests/data/test551 @@ -14,39 +14,39 @@ HTTP proxy Digest auth # as a bonus, ww use an excessive nonce length - -HTTP/1.1 407 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Proxy-Authenticate: Digest realm="something fun to read", nonce="%repeat[400 x A]%" -Content-Type: text/html; charset=iso-8859-1 -Connection: close - + +HTTP/1.1 407 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Proxy-Authenticate: Digest realm="something fun to read", nonce="%repeat[400 x A]%" +Content-Type: text/html; charset=iso-8859-1 +Connection: close + This is not the real page # This is supposed to be returned when the server gets the Digest # Authorization: line passed-in from the client - -HTTP/1.1 200 Things are fine in proxy land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 42 - + +HTTP/1.1 200 Things are fine in proxy land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 42 + Contents of that page you requested, sir. - -HTTP/1.1 407 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Proxy-Authenticate: Digest realm="something fun to read", nonce="%repeat[400 x A]%" -Content-Type: text/html; charset=iso-8859-1 -Connection: close - -HTTP/1.1 200 Things are fine in proxy land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 42 - + +HTTP/1.1 407 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Proxy-Authenticate: Digest realm="something fun to read", nonce="%repeat[400 x A]%" +Content-Type: text/html; charset=iso-8859-1 +Connection: close + +HTTP/1.1 200 Things are fine in proxy land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 42 + Contents of that page you requested, sir. diff --git a/tests/data/test552 b/tests/data/test552 index 114fe5e0dc..2d36d56ab1 100644 --- a/tests/data/test552 +++ b/tests/data/test552 @@ -16,24 +16,24 @@ HTTP proxy Digest auth # as a bonus, ww use an excessive nonce length - -HTTP/1.1 407 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Proxy-Authenticate: Digest realm="something fun to read", nonce="%repeat[400 x A]%" -Content-Type: text/html; charset=iso-8859-1 -Connection: close - + +HTTP/1.1 407 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Proxy-Authenticate: Digest realm="something fun to read", nonce="%repeat[400 x A]%" +Content-Type: text/html; charset=iso-8859-1 +Connection: close + This is not the real page # This is supposed to be returned when the server gets the Digest # Authorization: line passed-in from the client - -HTTP/1.1 200 Things are fine in proxy land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 42 - + +HTTP/1.1 200 Things are fine in proxy land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 42 + Contents of that page you requested, sir. diff --git a/tests/data/test553 b/tests/data/test553 index bbe364b1fb..69f8220330 100644 --- a/tests/data/test553 +++ b/tests/data/test553 @@ -10,11 +10,11 @@ huge request header # Server-side - -HTTP/1.1 200 Fine! -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Length: 6 - + +HTTP/1.1 200 Fine! +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Length: 6 + hello diff --git a/tests/data/test554 b/tests/data/test554 index 1e2fc5f6b5..cf37ebe76d 100644 --- a/tests/data/test554 +++ b/tests/data/test554 @@ -10,29 +10,29 @@ FORM # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello diff --git a/tests/data/test555 b/tests/data/test555 index 5b286395ad..1d42c8da2f 100644 --- a/tests/data/test555 +++ b/tests/data/test555 @@ -17,56 +17,56 @@ NTLM # Server-side - -HTTP/1.1 407 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Proxy-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" -Proxy-Authenticate: Basic realm="gimme all yer s3cr3ts" -Proxy-Authenticate: NTLM -Content-Type: text/html; charset=iso-8859-1 -Connection: close - + +HTTP/1.1 407 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Proxy-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" +Proxy-Authenticate: Basic realm="gimme all yer s3cr3ts" +Proxy-Authenticate: NTLM +Content-Type: text/html; charset=iso-8859-1 +Connection: close + This is not the real page # this is returned first since we get no proxy-auth - -HTTP/1.1 407 Authorization Required to proxy me my dear -Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== -Content-Length: 34 - + +HTTP/1.1 407 Authorization Required to proxy me my dear +Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== +Content-Length: 34 + Hey you, authenticate or go away! # This is supposed to be returned when the server gets the second # Authorization: NTLM line passed-in from the client - -HTTP/1.1 200 Things are fine in proxy land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 42 - + +HTTP/1.1 200 Things are fine in proxy land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 42 + Contents of that page you requested, sir. - -HTTP/1.1 407 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Proxy-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" -Proxy-Authenticate: Basic realm="gimme all yer s3cr3ts" -Proxy-Authenticate: NTLM -Content-Type: text/html; charset=iso-8859-1 -Connection: close - -HTTP/1.1 407 Authorization Required to proxy me my dear -Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== -Content-Length: 34 - -HTTP/1.1 200 Things are fine in proxy land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 42 - + +HTTP/1.1 407 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Proxy-Authenticate: Blackmagic realm="gimme all yer s3cr3ts" +Proxy-Authenticate: Basic realm="gimme all yer s3cr3ts" +Proxy-Authenticate: NTLM +Content-Type: text/html; charset=iso-8859-1 +Connection: close + +HTTP/1.1 407 Authorization Required to proxy me my dear +Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== +Content-Length: 34 + +HTTP/1.1 200 Things are fine in proxy land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 42 + Contents of that page you requested, sir. diff --git a/tests/data/test556 b/tests/data/test556 index d8abd14988..88d8ce84c8 100644 --- a/tests/data/test556 +++ b/tests/data/test556 @@ -7,13 +7,13 @@ HTTP GET - -HTTP/1.1 200 OK swsclose -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -Content-Length: 6 -Connection: close - + +HTTP/1.1 200 OK swsclose +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +Content-Length: 6 +Connection: close + -foo- @@ -38,7 +38,7 @@ http://%HOSTIP:%HTTPPORT # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: ninja diff --git a/tests/data/test560 b/tests/data/test560 index cdcf674f8f..316baf48fb 100644 --- a/tests/data/test560 +++ b/tests/data/test560 @@ -10,12 +10,12 @@ multi # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 7 - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 7 + MooMoo @@ -43,7 +43,7 @@ https://%HOSTIP:%HTTPSPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPSPORT Accept: */* diff --git a/tests/data/test561 b/tests/data/test561 index 5bd07e49d1..d3ad141119 100644 --- a/tests/data/test561 +++ b/tests/data/test561 @@ -12,15 +12,15 @@ type= # # Server-side - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 6 - + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 + hello @@ -50,7 +50,7 @@ FTP RETR with CURLOPT_PROXY_TRANSFER_MODE, ASCII transfer and type=i # # Verify data after the test has been "shot" - + GET ftp://www.example.com/moo/%TESTNUMBER;type=i HTTP/1.1 Host: www.example.com:21 Accept: */* diff --git a/tests/data/test563 b/tests/data/test563 index c109e9f80f..12f0368d58 100644 --- a/tests/data/test563 +++ b/tests/data/test563 @@ -9,13 +9,13 @@ HTTP proxy # Server-side - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Accept-Ranges: bytes -Content-Length: 6 - + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Accept-Ranges: bytes +Content-Length: 6 + hello @@ -48,7 +48,7 @@ ftp_proxy=http://%HOSTIP:%HTTPPORT/ # Verify data after the test has been "shot" - + GET ftp://%HOSTIP:%FTPPORT/%TESTNUMBER;type=A HTTP/1.1 Host: %HOSTIP:%FTPPORT Accept: */* diff --git a/tests/data/test565 b/tests/data/test565 index 736946c86a..fc1c9c310f 100644 --- a/tests/data/test565 +++ b/tests/data/test565 @@ -10,44 +10,44 @@ chunked Transfer-Encoding # # Server-side - -HTTP/1.1 100 Continue -Server: Microsoft-IIS/5.0 -Date: Sun, 03 Apr 2005 14:57:45 GMT -X-Powered-By: ASP.NET - -HTTP/1.1 401 authentication please swsbounce -Server: Microsoft-IIS/6.0 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - + +HTTP/1.1 100 Continue +Server: Microsoft-IIS/5.0 +Date: Sun, 03 Apr 2005 14:57:45 GMT +X-Powered-By: ASP.NET + +HTTP/1.1 401 authentication please swsbounce +Server: Microsoft-IIS/6.0 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + - -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 200 A OK +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok - -HTTP/1.1 100 Continue -Server: Microsoft-IIS/5.0 -Date: Sun, 03 Apr 2005 14:57:45 GMT -X-Powered-By: ASP.NET - -HTTP/1.1 401 authentication please swsbounce -Server: Microsoft-IIS/6.0 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 100 Continue +Server: Microsoft-IIS/5.0 +Date: Sun, 03 Apr 2005 14:57:45 GMT +X-Powered-By: ASP.NET + +HTTP/1.1 401 authentication please swsbounce +Server: Microsoft-IIS/6.0 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + +HTTP/1.1 200 A OK +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok diff --git a/tests/data/test566 b/tests/data/test566 index ccfedd826c..0b2e5e23a3 100644 --- a/tests/data/test566 +++ b/tests/data/test566 @@ -8,18 +8,18 @@ HTTP GET # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 0 -Connection: close -Content-Type: text/html -Funny-head: yesyes - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 0 +Connection: close +Content-Type: text/html +Funny-head: yesyes + @@ -47,7 +47,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER %LOGDIR/ip%TESTNUMBER CL 0 - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test567 b/tests/data/test567 index 940ac7d001..05f1cfeb4e 100644 --- a/tests/data/test567 +++ b/tests/data/test567 @@ -10,12 +10,12 @@ OPTIONS # Server-side - -RTSP/1.0 200 OK -Server: RTSPD/libcurl-test -CSeq: 1 -Public: DESCRIBE, OPTIONS, SETUP, TEARDOWN, PLAY, PAUSE -Curl-Private: swsclose + +RTSP/1.0 200 OK +Server: RTSPD/libcurl-test +CSeq: 1 +Public: DESCRIBE, OPTIONS, SETUP, TEARDOWN, PLAY, PAUSE +Curl-Private: swsclose @@ -37,7 +37,7 @@ rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER - + OPTIONS rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER RTSP/1.0 CSeq: 1 User-Agent: test%TESTNUMBER diff --git a/tests/data/test568 b/tests/data/test568 index 8aa659201d..e416176257 100644 --- a/tests/data/test568 +++ b/tests/data/test568 @@ -10,11 +10,11 @@ ANNOUNCE # Server-side - -RTSP/1.0 200 OK -Server: RTSPD/libcurl-test -Cseq: 1 - + +RTSP/1.0 200 OK +Server: RTSPD/libcurl-test +Cseq: 1 + @@ -29,19 +29,19 @@ s=rtspd SDP i=A fake SDP reply u=http://www.curl.example.com/fakesdp.ps - -RTSP/1.0 200 Okie Dokie -Server: RTSPD/libcurl-test -Cseq: 3 - + +RTSP/1.0 200 Okie Dokie +Server: RTSPD/libcurl-test +Cseq: 3 + - -RTSP/1.0 200 OK -Server: RTSPD/libcurl-test -CSeq: 4 -Curl-private: swsclose -Informational: Empty Options Response - + +RTSP/1.0 200 OK +Server: RTSPD/libcurl-test +CSeq: 4 +Curl-private: swsclose +Informational: Empty Options Response + diff --git a/tests/data/test57 b/tests/data/test57 index a28d6321e2..69d1f78dd2 100644 --- a/tests/data/test57 +++ b/tests/data/test57 @@ -35,7 +35,7 @@ HTTP content-type with spaces in text/html; charset=ISO-8859-4 - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test570 b/tests/data/test570 index 318beee096..565282053d 100644 --- a/tests/data/test570 +++ b/tests/data/test570 @@ -10,29 +10,29 @@ Mismatch checking # Server-side - -RTSP/1.0 200 OK -Server: RTSPD/libcurl-test -CSeq: 2 -Public: DESCRIBE, OPTIONS, SETUP, TEARDOWN, PLAY, PAUSE -Informational: CSeq Mismatch - + +RTSP/1.0 200 OK +Server: RTSPD/libcurl-test +CSeq: 2 +Public: DESCRIBE, OPTIONS, SETUP, TEARDOWN, PLAY, PAUSE +Informational: CSeq Mismatch + - -RTSP/1.0 200 OK -Server: RTSPD/libcurl-test -Session: asdf -CSeq: 999 - + +RTSP/1.0 200 OK +Server: RTSPD/libcurl-test +Session: asdf +CSeq: 999 + - -RTSP/1.0 200 OK -Server: RTSPD/libcurl-test -Session: asdfWRONG -Informational: Session ID mismatch -Curl-Private: swsclose -CSeq: 1000 - + +RTSP/1.0 200 OK +Server: RTSPD/libcurl-test +Session: asdfWRONG +Informational: Session ID mismatch +Curl-Private: swsclose +CSeq: 1000 + diff --git a/tests/data/test571 b/tests/data/test571 index bae97d4180..ca97c1b049 100644 --- a/tests/data/test571 +++ b/tests/data/test571 @@ -14,39 +14,39 @@ RTP # Server-side - -RTSP/1.0 200 OK -Server: RTSPD/libcurl-test -Session: asdf -CSeq: 1 -Transport: RTP/AVP/TCP;unicast;interleaved=0-1 - + +RTSP/1.0 200 OK +Server: RTSPD/libcurl-test +Session: asdf +CSeq: 1 +Transport: RTP/AVP/TCP;unicast;interleaved=0-1 + - -RTSP/1.0 200 OK -Server: RTSPD/libcurl-test -CSeq: 2 -Session: asdf - + +RTSP/1.0 200 OK +Server: RTSPD/libcurl-test +CSeq: 2 +Session: asdf + - -RTSP/1.0 200 OK -Server: RTSPD/libcurl-test -Cseq: 3 -Content-Length: 4 -Content-Type: fake/evil - + +RTSP/1.0 200 OK +Server: RTSPD/libcurl-test +Cseq: 3 +Content-Length: 4 +Content-Type: fake/evil + $99 - -RTSP/1.0 200 OK -Server: RTSPD/libcurl-test -Session: asdf -CSeq: 4 - + +RTSP/1.0 200 OK +Server: RTSPD/libcurl-test +Session: asdf +CSeq: 4 + diff --git a/tests/data/test572 b/tests/data/test572 index 8b702a6801..ac0bdf3b97 100644 --- a/tests/data/test572 +++ b/tests/data/test572 @@ -10,53 +10,53 @@ GET_PARAMETER # Server-side - -RTSP/1.0 200 OK -Server: RTSPD/libcurl-test -Session: getparams-test -CSeq: 1 - + +RTSP/1.0 200 OK +Server: RTSPD/libcurl-test +Session: getparams-test +CSeq: 1 + - -RTSP/1.0 200 OK -Server: RTSPD/libcurl-test -Session: getparams-test -Content-Type: text/parameters -Content-Length: 32 -Cseq: 2 - + +RTSP/1.0 200 OK +Server: RTSPD/libcurl-test +Session: getparams-test +Content-Type: text/parameters +Content-Length: 32 +Cseq: 2 + scale=enormous speed=ludicrous - -RTSP/1.0 204 OK -Server: RTSPD/libcurl-test -Session: getparams-test -Cseq: 3 - + +RTSP/1.0 204 OK +Server: RTSPD/libcurl-test +Session: getparams-test +Cseq: 3 + - -RTSP/1.0 200 Okie Dokie -Server: RTSPD/libcurl-test -Session: getparams-test -Cseq: 4 -Content-Length: 37 - + +RTSP/1.0 200 Okie Dokie +Server: RTSPD/libcurl-test +Session: getparams-test +Cseq: 4 +Content-Length: 37 + packets_received: 1000 jitter: 0.314 - -RTSP/1.0 200 OK -Server: RTSPD/libcurl-test -Session: getparams-test -CSeq: 5 -Curl-private: swsclose -Informational: Empty Options Response - + +RTSP/1.0 200 OK +Server: RTSPD/libcurl-test +Session: getparams-test +CSeq: 5 +Curl-private: swsclose +Informational: Empty Options Response + diff --git a/tests/data/test573 b/tests/data/test573 index 82669b36f7..738d27661b 100644 --- a/tests/data/test573 +++ b/tests/data/test573 @@ -9,18 +9,18 @@ flaky # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 6 -Connection: close -Content-Type: text/html -Funny-head: yesyes - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes + -foo- @@ -45,7 +45,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test577 b/tests/data/test577 index bf31db7595..6abbf070fe 100644 --- a/tests/data/test577 +++ b/tests/data/test577 @@ -10,12 +10,12 @@ OPTIONS # Server-side - -RTSP/1.1234567 200 OK -Server: RTSPD/libcurl-test -CSeq: 1 -Public: DESCRIBE, OPTIONS, SETUP, TEARDOWN, PLAY, PAUSE -Curl-Private: swsclose + +RTSP/1.1234567 200 OK +Server: RTSPD/libcurl-test +CSeq: 1 +Public: DESCRIBE, OPTIONS, SETUP, TEARDOWN, PLAY, PAUSE +Curl-Private: swsclose @@ -39,7 +39,7 @@ rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER - + OPTIONS rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER RTSP/1.0 CSeq: 1 User-Agent: test567 diff --git a/tests/data/test578 b/tests/data/test578 index d909de87ba..7561283ab8 100644 --- a/tests/data/test578 +++ b/tests/data/test578 @@ -8,18 +8,18 @@ HTTP POST # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 6 -Connection: close -Content-Type: text/html -Funny-head: yesyes - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes + -foo- diff --git a/tests/data/test579 b/tests/data/test579 index c8e1700b81..a4e63b612d 100644 --- a/tests/data/test579 +++ b/tests/data/test579 @@ -9,44 +9,44 @@ HTTP Digest auth # # Server-side - -HTTP/1.1 100 Continue -Server: Microsoft-IIS/5.0 -Date: Sun, 03 Apr 2005 14:57:45 GMT -X-Powered-By: ASP.NET - -HTTP/1.1 401 authentication please swsbounce -Server: Microsoft-IIS/6.0 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - + +HTTP/1.1 100 Continue +Server: Microsoft-IIS/5.0 +Date: Sun, 03 Apr 2005 14:57:45 GMT +X-Powered-By: ASP.NET + +HTTP/1.1 401 authentication please swsbounce +Server: Microsoft-IIS/6.0 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + - -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 200 A OK +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok - -HTTP/1.1 100 Continue -Server: Microsoft-IIS/5.0 -Date: Sun, 03 Apr 2005 14:57:45 GMT -X-Powered-By: ASP.NET - -HTTP/1.1 401 authentication please swsbounce -Server: Microsoft-IIS/6.0 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 - -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - + +HTTP/1.1 100 Continue +Server: Microsoft-IIS/5.0 +Date: Sun, 03 Apr 2005 14:57:45 GMT +X-Powered-By: ASP.NET + +HTTP/1.1 401 authentication please swsbounce +Server: Microsoft-IIS/6.0 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604144" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 + +HTTP/1.1 200 A OK +Server: Microsoft-IIS/6.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 3 + ok diff --git a/tests/data/test580 b/tests/data/test580 index ad6b73b33d..8a8e14d28a 100644 --- a/tests/data/test580 +++ b/tests/data/test580 @@ -10,23 +10,23 @@ Duplicate-header # Server-side - -HTTP/1.1 302 eat this! -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Location: this-is-the-first.html -Content-Length: 0 -Connection: close -Location: and there's a second one too! / moo.html - + +HTTP/1.1 302 eat this! +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Location: this-is-the-first.html +Content-Length: 0 +Connection: close +Location: and there's a second one too! / moo.html + - -HTTP/1.1 302 eat this! -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Location: this-is-the-first.html -Content-Length: 0 -Connection: close + +HTTP/1.1 302 eat this! +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Location: this-is-the-first.html +Content-Length: 0 +Connection: close @@ -53,7 +53,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test581 b/tests/data/test581 index 81844771fb..e4e32f6304 100644 --- a/tests/data/test581 +++ b/tests/data/test581 @@ -10,15 +10,15 @@ Duplicate-header # Server-side - -HTTP/1.1 200 all good! -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Type: text/html -Content-Length: 0 -Connection: close -Content-Type: changed/my/mind - + +HTTP/1.1 200 all good! +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/html +Content-Length: 0 +Connection: close +Content-Type: changed/my/mind + @@ -45,7 +45,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test584 b/tests/data/test584 index 56c72c7246..efc2615343 100644 --- a/tests/data/test584 +++ b/tests/data/test584 @@ -10,26 +10,26 @@ HTTP MIME # # Server-side - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 3 - + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 3 + OK - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 3 - + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 3 + OK -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 3 - +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 3 + OK diff --git a/tests/data/test585 b/tests/data/test585 index a9d4f61d16..5a50587b94 100644 --- a/tests/data/test585 +++ b/tests/data/test585 @@ -11,14 +11,14 @@ CURLOPT_CLOSESOCKETFUNCTION # Server-side - -HTTP/1.1 302 eat this! -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Location: this-is-the-first.html -Content-Length: 0 -Connection: close - + +HTTP/1.1 302 eat this! +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Location: this-is-the-first.html +Content-Length: 0 +Connection: close + [OPEN] counter: 1 @@ -56,7 +56,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test589 b/tests/data/test589 index 0846661aa7..a0cadd32d7 100644 --- a/tests/data/test589 +++ b/tests/data/test589 @@ -10,12 +10,12 @@ HTTP MIME # # Server-side - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 3 - + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 3 + OK @@ -44,7 +44,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + POST /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test59 b/tests/data/test59 index 4211b4e6d2..f3df615386 100644 --- a/tests/data/test59 +++ b/tests/data/test59 @@ -34,7 +34,7 @@ HTTP URL with slash but with "parameter" # # Verify data after the test has been "shot" - + GET /?mooo/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test590 b/tests/data/test590 index 09c2c065a2..a6662c5565 100644 --- a/tests/data/test590 +++ b/tests/data/test590 @@ -12,54 +12,54 @@ NTLM # Server-side - -HTTP/1.1 407 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Proxy-Authenticate: Negotiate -Proxy-Authenticate: NTLM -Content-Type: text/html; charset=iso-8859-1 -Connection: close - + +HTTP/1.1 407 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Proxy-Authenticate: Negotiate +Proxy-Authenticate: NTLM +Content-Type: text/html; charset=iso-8859-1 +Connection: close + This is not the real page # this is returned first since we get no proxy-auth - -HTTP/1.1 407 Authorization Required to proxy me my dear -Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== -Content-Length: 34 - + +HTTP/1.1 407 Authorization Required to proxy me my dear +Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== +Content-Length: 34 + Hey you, authenticate or go away! # This is supposed to be returned when the server gets the second # Authorization: NTLM line passed-in from the client - -HTTP/1.1 200 Things are fine in proxy land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 42 - + +HTTP/1.1 200 Things are fine in proxy land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 42 + Contents of that page you requested, sir. - -HTTP/1.1 407 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Proxy-Authenticate: Negotiate -Proxy-Authenticate: NTLM -Content-Type: text/html; charset=iso-8859-1 -Connection: close - -HTTP/1.1 407 Authorization Required to proxy me my dear -Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== -Content-Length: 34 - -HTTP/1.1 200 Things are fine in proxy land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 42 - + +HTTP/1.1 407 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Proxy-Authenticate: Negotiate +Proxy-Authenticate: NTLM +Content-Type: text/html; charset=iso-8859-1 +Connection: close + +HTTP/1.1 407 Authorization Required to proxy me my dear +Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== +Content-Length: 34 + +HTTP/1.1 200 Things are fine in proxy land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 42 + Contents of that page you requested, sir. @@ -90,7 +90,7 @@ http://test.remote.example.com/path/%TESTNUMBER http://%HOSTIP:%HTTPPORT # Verify data after the test has been "shot" - + GET http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 Host: test.remote.example.com Accept: */* diff --git a/tests/data/test598 b/tests/data/test598 index 74ed46bac4..945b3ea669 100644 --- a/tests/data/test598 +++ b/tests/data/test598 @@ -12,31 +12,31 @@ curl_easy_reset # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 6 +Connection: close +Content-Type: text/html + -foo- # since the request runs twice - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 6 +Connection: close +Content-Type: text/html + -foo- -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 6 -Connection: close -Content-Type: text/html - +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 6 +Connection: close +Content-Type: text/html + -foo- @@ -66,7 +66,7 @@ cookies # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: the-moo agent next generation diff --git a/tests/data/test599 b/tests/data/test599 index 5d334e070b..f06773a606 100644 --- a/tests/data/test599 +++ b/tests/data/test599 @@ -9,15 +9,15 @@ chunked Transfer-Encoding # # Server-side - -HTTP/1.1 302 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Location: %TESTNUMBER0001 -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 302 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Location: %TESTNUMBER0001 +Content-Length: 6 +Connection: close +Content-Type: text/html + -foo- @@ -35,22 +35,22 @@ this data is slightly larger than the first piece - -HTTP/1.1 302 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Location: %TESTNUMBER0001 -Content-Length: 6 -Connection: close -Content-Type: text/html - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Transfer-Encoding: chunked -Connection: close -Content-Type: text/html - + +HTTP/1.1 302 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Location: %TESTNUMBER0001 +Content-Length: 6 +Connection: close +Content-Type: text/html + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Transfer-Encoding: chunked +Connection: close +Content-Type: text/html + this data is slightly larger than the first piece diff --git a/tests/data/test6 b/tests/data/test6 index 225c92833c..8c14309f04 100644 --- a/tests/data/test6 +++ b/tests/data/test6 @@ -38,7 +38,7 @@ cookies # Verify data after the test has been "shot" - + GET /we/want/that/page/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test60 b/tests/data/test60 index 164b2189e3..4d9b8b541b 100644 --- a/tests/data/test60 +++ b/tests/data/test60 @@ -9,11 +9,11 @@ chunked Transfer-Encoding # Server-side - -HTTP/1.0 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake - + +HTTP/1.0 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake + blablabla diff --git a/tests/data/test61 b/tests/data/test61 index 22d22c88a8..cd38c00005 100644 --- a/tests/data/test61 +++ b/tests/data/test61 @@ -11,26 +11,26 @@ httponly # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Type: text/html -Funny-head: yesyes + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/html +Funny-head: yesyes %if large-time -Set-Cookie: test=yes; httponly; domain=foo.com; expires=Fri Feb 13 11:56:27 GMT 2525 -SET-COOKIE: test2=yes; domain=host.foo.com; expires=Fri Feb 13 11:56:27 GMT 2525 +Set-Cookie: test=yes; httponly; domain=foo.com; expires=Fri Feb 13 11:56:27 GMT 2525 +SET-COOKIE: test2=yes; domain=host.foo.com; expires=Fri Feb 13 11:56:27 GMT 2525 %else -Set-Cookie: test=yes; httponly; domain=foo.com; expires=Fri Feb 13 11:56:27 GMT 2037 -SET-COOKIE: test2=yes; domain=host.foo.com; expires=Fri Feb 13 11:56:27 GMT 2037 +Set-Cookie: test=yes; httponly; domain=foo.com; expires=Fri Feb 13 11:56:27 GMT 2037 +SET-COOKIE: test2=yes; domain=host.foo.com; expires=Fri Feb 13 11:56:27 GMT 2037 %endif -Set-Cookie: test3=maybe; domain=foo.com; path=/moo; secure -Set-Cookie: test4=no; domain=nope.foo.com; path=/moo; secure -Set-Cookie: test5=name; domain=anything.com; path=/ ; secure -Set-Cookie: fake=fooledyou; domain=..com; path=/; -Set-Cookie: supercookie=fooledyou; domain=.com; path=/; -Content-Length: 4 - +Set-Cookie: test3=maybe; domain=foo.com; path=/moo; secure +Set-Cookie: test4=no; domain=nope.foo.com; path=/moo; secure +Set-Cookie: test5=name; domain=anything.com; path=/ ; secure +Set-Cookie: fake=fooledyou; domain=..com; path=/; +Set-Cookie: supercookie=fooledyou; domain=.com; path=/; +Content-Length: 4 + boo @@ -59,7 +59,7 @@ cookies # Verify data after the test has been "shot" - + GET /we/want/%TESTNUMBER HTTP/1.1 Host: www.host.foo.com User-Agent: curl/%VERSION diff --git a/tests/data/test62 b/tests/data/test62 index ec47b60f07..d072e34ca8 100644 --- a/tests/data/test62 +++ b/tests/data/test62 @@ -11,11 +11,11 @@ httponly # Server-side - -HTTP/1.0 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Type: text/html - + +HTTP/1.0 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Type: text/html + boo @@ -49,7 +49,7 @@ cookies # Verify data after the test has been "shot" - + GET /we/want/%TESTNUMBER HTTP/1.1 Host: www.host.foo.com User-Agent: curl/%VERSION diff --git a/tests/data/test63 b/tests/data/test63 index 6056edaedc..234abb4741 100644 --- a/tests/data/test63 +++ b/tests/data/test63 @@ -10,12 +10,12 @@ http_proxy # Server-side - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Type: text/html + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Type: text/html Content-Length: 26 - + the content would go here @@ -41,7 +41,7 @@ proxy # Verify data after the test has been "shot" - + GET http://we.want.that.site.com/%TESTNUMBER HTTP/1.1 Host: we.want.that.site.com Proxy-Authorization: Basic %b64[fake:user]b64% diff --git a/tests/data/test64 b/tests/data/test64 index 34f49b69ff..bc6b50e006 100644 --- a/tests/data/test64 +++ b/tests/data/test64 @@ -8,39 +8,39 @@ HTTP Digest auth # Server-side - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + This is not the real page # This is supposed to be returned when the server gets a # Authorization: Digest line passed-in from the client - -HTTP/1.1 200 OK swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 - + +HTTP/1.1 200 OK swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 + This IS the real page! - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - -HTTP/1.1 200 OK swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + +HTTP/1.1 200 OK swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 + This IS the real page! @@ -66,7 +66,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --digest # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test643 b/tests/data/test643 index 400d1b9ca5..fc4e639a01 100644 --- a/tests/data/test643 +++ b/tests/data/test643 @@ -10,29 +10,29 @@ HTTP MIME POST # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello diff --git a/tests/data/test644 b/tests/data/test644 index 017b98d6e9..85bfc0eb22 100644 --- a/tests/data/test644 +++ b/tests/data/test644 @@ -65,7 +65,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --xattr -L -o %LOGDIR/out%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test645 b/tests/data/test645 index c198cbbaeb..4d8857780a 100644 --- a/tests/data/test645 +++ b/tests/data/test645 @@ -10,29 +10,29 @@ HTTP MIME POST # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello diff --git a/tests/data/test646 b/tests/data/test646 index 67ef66498d..5f7f8e7605 100644 --- a/tests/data/test646 +++ b/tests/data/test646 @@ -23,11 +23,11 @@ smtp SMTP multipart using mime API - -From: different -To: another - -body + +From: different +To: another + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -F "=(;type=multipart/alternative" -F "= This is the html version;headers=X-test1: this is a header;type=text/html;headers=X-test2: this is another header " -F "=This is the plain text version;headers=@%LOGDIR/headers%TESTNUMBER" -F "=)" -F "=@%LOGDIR/test%TESTNUMBER.txt;headers=<%LOGDIR/headers%TESTNUMBER" -H "From: different" -H "To: another" -H "Reply-To: " @@ -39,7 +39,7 @@ It may contain any type of data. # This line is a comment -X-fileheader1: This is a header from a file +X-fileheader1: This is a header from a file%spc% # This line is another comment. It precedes a folded header. X-fileheader2: This is #a diff --git a/tests/data/test648 b/tests/data/test648 index f472f9f876..739a61ac21 100644 --- a/tests/data/test648 +++ b/tests/data/test648 @@ -23,11 +23,11 @@ smtp SMTP multipart with transfer content encoders - -From: different -To: another - -body + +From: different +To: another + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -F '=This is the email inline text with a very long line containing the special character = and that should be split by encoder.;headers=Content-disposition: "inline";encoder=quoted-printable' -F "=@%LOGDIR/test%TESTNUMBER.txt;encoder=base64" -H "From: different" -H "To: another" diff --git a/tests/data/test649 b/tests/data/test649 index ea3c9c3447..97f4f099ca 100644 --- a/tests/data/test649 +++ b/tests/data/test649 @@ -23,11 +23,11 @@ smtp SMTP multipart with 7bit encoder error - -From: different -To: another - -body + +From: different +To: another + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -F '=This is valid;encoder=7bit' -F "=@%LOGDIR/test%TESTNUMBER.txt;encoder=7bit" -H "From: different" -H "To: another" diff --git a/tests/data/test65 b/tests/data/test65 index 300b9ad5cb..72839e0f73 100644 --- a/tests/data/test65 +++ b/tests/data/test65 @@ -8,40 +8,40 @@ HTTP Digest auth # Server-side - -HTTP/1.1 401 Authorization Required -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="2053604145" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - + +HTTP/1.1 401 Authorization Required +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="2053604145" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + This is not the real page # This is supposed to be returned when the server gets a # Authorization: Digest line passed-in from the client - -HTTP/1.1 401 Still a bad password you moron -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 - -This is not the real page either + +HTTP/1.1 401 Still a bad password you moron +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 + +This is not the real page either - -HTTP/1.1 401 Authorization Required -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="2053604145" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - -HTTP/1.1 401 Still a bad password you moron -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 - -This is not the real page either + +HTTP/1.1 401 Authorization Required +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="2053604145" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + +HTTP/1.1 401 Still a bad password you moron +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 + +This is not the real page either @@ -66,7 +66,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:test2pass --digest # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test650 b/tests/data/test650 index 4c0107ae64..e1ac811dde 100644 --- a/tests/data/test650 +++ b/tests/data/test650 @@ -10,7 +10,7 @@ FORM # # Server-side - + HTTP/1.1 301 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake swsclose @@ -20,7 +20,7 @@ Location: /%TESTNUMBER0002 hello - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test651 b/tests/data/test651 index a3691f88e9..533167a800 100644 --- a/tests/data/test651 +++ b/tests/data/test651 @@ -10,13 +10,13 @@ FORM # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello diff --git a/tests/data/test653 b/tests/data/test653 index 350f84bc3a..256d94fac0 100644 --- a/tests/data/test653 +++ b/tests/data/test653 @@ -10,29 +10,29 @@ MIME # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello diff --git a/tests/data/test654 b/tests/data/test654 index df960f29e1..10a914205a 100644 --- a/tests/data/test654 +++ b/tests/data/test654 @@ -10,29 +10,29 @@ HTTP MIME POST # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello diff --git a/tests/data/test655 b/tests/data/test655 index 3cf5bd8850..2e48598f3c 100644 --- a/tests/data/test655 +++ b/tests/data/test655 @@ -8,13 +8,13 @@ HTTP # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello diff --git a/tests/data/test658 b/tests/data/test658 index e7889236f7..ccf757673c 100644 --- a/tests/data/test658 +++ b/tests/data/test658 @@ -38,7 +38,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test659 b/tests/data/test659 index 10adb14762..fa7d02891e 100644 --- a/tests/data/test659 +++ b/tests/data/test659 @@ -42,7 +42,7 @@ proxy - + GET http://www.example.com/ HTTP/1.1 Host: www.example.com Accept: */* diff --git a/tests/data/test66 b/tests/data/test66 index 0a255fe844..974a3fe0f1 100644 --- a/tests/data/test66 +++ b/tests/data/test66 @@ -29,7 +29,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --http0.9 # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test662 b/tests/data/test662 index 29bbb58914..b7586fe824 100644 --- a/tests/data/test662 +++ b/tests/data/test662 @@ -10,32 +10,32 @@ followlocation # # Server-side - -HTTP/1.1 302 OK -Location: http://example.net/tes t case=/%TESTNUMBER0002 -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 0 - + +HTTP/1.1 302 OK +Location: http://example.net/tes t case=/%TESTNUMBER0002 +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 0 + - -HTTP/1.1 200 OK -Location: this should be ignored -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 5 - + +HTTP/1.1 200 OK +Location: this should be ignored +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 5 + body - -HTTP/1.1 302 OK -Location: http://example.net/tes t case=/%TESTNUMBER0002 -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 0 - -HTTP/1.1 200 OK -Location: this should be ignored -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 5 - + +HTTP/1.1 302 OK +Location: http://example.net/tes t case=/%TESTNUMBER0002 +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 0 + +HTTP/1.1 200 OK +Location: this should be ignored +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 5 + body @@ -60,7 +60,7 @@ proxy # # Verify data after the test has been "shot" - + GET http://example.com/please/gimme/%TESTNUMBER HTTP/1.1 Host: example.com User-Agent: curl/%VERSION diff --git a/tests/data/test663 b/tests/data/test663 index a6e9ef56e3..b905583f7c 100644 --- a/tests/data/test663 +++ b/tests/data/test663 @@ -14,32 +14,32 @@ followlocation # # Server-side - -HTTP/1.1 302 OK -Location: http://example.net/there/it/is/../../tes t case=/%TESTNUMBER0002? yes no -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 0 - + +HTTP/1.1 302 OK +Location: http://example.net/there/it/is/../../tes t case=/%TESTNUMBER0002? yes no +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 0 + - -HTTP/1.1 200 OK -Location: this should be ignored -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 5 - + +HTTP/1.1 200 OK +Location: this should be ignored +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 5 + body - -HTTP/1.1 302 OK -Location: http://example.net/there/it/is/../../tes t case=/%TESTNUMBER0002? yes no -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 0 - -HTTP/1.1 200 OK -Location: this should be ignored -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 5 - + +HTTP/1.1 302 OK +Location: http://example.net/there/it/is/../../tes t case=/%TESTNUMBER0002? yes no +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 0 + +HTTP/1.1 200 OK +Location: this should be ignored +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 5 + body @@ -64,7 +64,7 @@ proxy # # Verify data after the test has been "shot" - + GET http://example.com/gimme/%TESTNUMBER?foobar HTTP/1.1 Host: example.com User-Agent: curl/%VERSION diff --git a/tests/data/test666 b/tests/data/test666 index ecb35ec372..6e65768e3d 100644 --- a/tests/data/test666 +++ b/tests/data/test666 @@ -11,20 +11,20 @@ MIME # # Server-side - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 3 - + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 3 + OK - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 3 - + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 3 + OK diff --git a/tests/data/test667 b/tests/data/test667 index 9164adbaed..55d6214717 100644 --- a/tests/data/test667 +++ b/tests/data/test667 @@ -10,22 +10,22 @@ HTTP MIME POST # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello diff --git a/tests/data/test668 b/tests/data/test668 index e71475b682..412aa5bd79 100644 --- a/tests/data/test668 +++ b/tests/data/test668 @@ -10,22 +10,22 @@ HTTP MIME POST # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:4f:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:4f:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:4f:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:4f:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello diff --git a/tests/data/test67 b/tests/data/test67 index 48ba236890..0e2e32643e 100644 --- a/tests/data/test67 +++ b/tests/data/test67 @@ -15,39 +15,39 @@ NTLM This is supposed to be returned when the server gets a first Authorization: NTLM line passed-in from the client --> - -HTTP/1.1 401 Now gimme that second request of crap -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== - + +HTTP/1.1 401 Now gimme that second request of crap +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + This is not the real page either! # This is supposed to be returned when the server gets the second # Authorization: NTLM line passed-in from the client - -HTTP/1.1 200 Things are fine in server land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 200 Things are fine in server land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! - -HTTP/1.1 401 Now gimme that second request of crap -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== - -HTTP/1.1 200 Things are fine in server land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 401 Now gimme that second request of crap +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + +HTTP/1.1 200 Things are fine in server land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! @@ -73,7 +73,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --ntlm # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= diff --git a/tests/data/test670 b/tests/data/test670 index bb06fbba8a..2f16c9d5b0 100644 --- a/tests/data/test670 +++ b/tests/data/test670 @@ -10,22 +10,22 @@ MIME # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello diff --git a/tests/data/test671 b/tests/data/test671 index 4a288c852e..0c5f3c4746 100644 --- a/tests/data/test671 +++ b/tests/data/test671 @@ -10,22 +10,22 @@ MIME # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello diff --git a/tests/data/test672 b/tests/data/test672 index c57e030a33..96b1066d21 100644 --- a/tests/data/test672 +++ b/tests/data/test672 @@ -10,22 +10,22 @@ FORM # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello diff --git a/tests/data/test673 b/tests/data/test673 index c599647bb9..029e0bbdfe 100644 --- a/tests/data/test673 +++ b/tests/data/test673 @@ -10,22 +10,22 @@ FORM # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake swsclose -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake swsclose +Connection: close +Content-Type: text/html + hello diff --git a/tests/data/test674 b/tests/data/test674 index 315fe98b65..2cd2f0a0bd 100644 --- a/tests/data/test674 +++ b/tests/data/test674 @@ -39,7 +39,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test675 b/tests/data/test675 index 5d82c52f9b..dca8a6b7c4 100644 --- a/tests/data/test675 +++ b/tests/data/test675 @@ -8,12 +8,12 @@ HTTP Basic auth # Server-side - -HTTP/1.1 200 OK swsclose -Date: Thu, 09 Nov 2010 14:49:00 GMT -Content-Type: text/html -Content-Length: 26 - + +HTTP/1.1 200 OK swsclose +Date: Thu, 09 Nov 2010 14:49:00 GMT +Content-Type: text/html +Content-Length: 26 + the content would go here @@ -37,7 +37,7 @@ proxy # Verify data after the test has been "shot" - + GET /user1/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[user1:foo1]b64% diff --git a/tests/data/test676 b/tests/data/test676 index d2f01d0e31..c08ab29b7b 100644 --- a/tests/data/test676 +++ b/tests/data/test676 @@ -12,31 +12,31 @@ curl_easy_reset # # Server-side - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 6 +Connection: close +Content-Type: text/html + -foo- # since the request runs twice - -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 6 -Connection: close -Content-Type: text/html - + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 6 +Connection: close +Content-Type: text/html + -foo- -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Length: 6 -Connection: close -Content-Type: text/html - +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Length: 6 +Connection: close +Content-Type: text/html + -foo- @@ -69,7 +69,7 @@ cookies # # Verify data after the test has been "shot" - + GET /we/want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: the-moo agent next generation diff --git a/tests/data/test678 b/tests/data/test678 index 4f3ed70235..48b65076b0 100644 --- a/tests/data/test678 +++ b/tests/data/test678 @@ -48,7 +48,7 @@ https://localhost:%HTTPSPORT/%TESTNUMBER %CERTDIR/certs/test-ca.crt # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: localhost:%HTTPSPORT User-Agent: CURLOPT_CAINFO_BLOB diff --git a/tests/data/test679 b/tests/data/test679 index 2c739eebf3..59dfab6135 100644 --- a/tests/data/test679 +++ b/tests/data/test679 @@ -44,7 +44,7 @@ machine %HOSTIP login user1 password "with spaces and \"\n\r\t\a" # # Verify data after the test has been "shot" - + GET / HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[user1:with%20spaces%20and%20"%0a%0d%09a]b64% diff --git a/tests/data/test68 b/tests/data/test68 index 3a1a159360..e206dc1438 100644 --- a/tests/data/test68 +++ b/tests/data/test68 @@ -12,41 +12,41 @@ NTLM # This is supposed to be returned when the server gets a first # Authorization: NTLM line passed-in from the client - -HTTP/1.1 401 Now gimme that second request of crap -Server: Microsoft-IIS/5.0 -Content-Length: 34 -Content-Type: text/html; charset=iso-8859-1 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== - + +HTTP/1.1 401 Now gimme that second request of crap +Server: Microsoft-IIS/5.0 +Content-Length: 34 +Content-Type: text/html; charset=iso-8859-1 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + This is not the real page either! # This is supposed to be returned when the server gets the second # Authorization: NTLM line passed-in from the client - -HTTP/1.1 401 You give me wrong password -Server: Microsoft-IIS/5.0 -WWW-Authenticate: NTLM -Content-Length: 46 -Content-Type: text/html; charset=iso-8859-1 - + +HTTP/1.1 401 You give me wrong password +Server: Microsoft-IIS/5.0 +WWW-Authenticate: NTLM +Content-Length: 46 +Content-Type: text/html; charset=iso-8859-1 + Wrong password dude. Get it fixed and return. - -HTTP/1.1 401 Now gimme that second request of crap -Server: Microsoft-IIS/5.0 -Content-Length: 34 -Content-Type: text/html; charset=iso-8859-1 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== - -HTTP/1.1 401 You give me wrong password -Server: Microsoft-IIS/5.0 -WWW-Authenticate: NTLM -Content-Length: 46 -Content-Type: text/html; charset=iso-8859-1 - + +HTTP/1.1 401 Now gimme that second request of crap +Server: Microsoft-IIS/5.0 +Content-Length: 34 +Content-Type: text/html; charset=iso-8859-1 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + +HTTP/1.1 401 You give me wrong password +Server: Microsoft-IIS/5.0 +WWW-Authenticate: NTLM +Content-Length: 46 +Content-Type: text/html; charset=iso-8859-1 + Wrong password dude. Get it fixed and return. @@ -72,7 +72,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --ntlm # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= diff --git a/tests/data/test681 b/tests/data/test681 index 1640b900d3..e08997f8f6 100644 --- a/tests/data/test681 +++ b/tests/data/test681 @@ -37,7 +37,7 @@ http # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test682 b/tests/data/test682 index 748c39a3b6..3b0709d460 100644 --- a/tests/data/test682 +++ b/tests/data/test682 @@ -41,7 +41,7 @@ machine %HOSTIP login user2 password passwd2 # # Verify data after the test has been "shot" - + GET / HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[user1:passwd1]b64% diff --git a/tests/data/test683 b/tests/data/test683 index 4b4048a42e..580cddb2ee 100644 --- a/tests/data/test683 +++ b/tests/data/test683 @@ -41,7 +41,7 @@ machine %HOSTIP login user2 password passwd2 # # Verify data after the test has been "shot" - + GET / HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[user2:passwd2]b64% diff --git a/tests/data/test684 b/tests/data/test684 index a64844b6bf..87af6569b6 100644 --- a/tests/data/test684 +++ b/tests/data/test684 @@ -40,7 +40,7 @@ machine %HOSTIP password 5up3r53cr37 # # Verify data after the test has been "shot" - + GET / HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[:5up3r53cr37]b64% diff --git a/tests/data/test685 b/tests/data/test685 index f93fe644b1..c6aeb921ab 100644 --- a/tests/data/test685 +++ b/tests/data/test685 @@ -40,7 +40,7 @@ machine %HOSTIP password 5up3r53cr37 # # Verify data after the test has been "shot" - + GET / HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[user:5up3r53cr37]b64% diff --git a/tests/data/test687 b/tests/data/test687 index 516d670be2..124b7a44dd 100644 --- a/tests/data/test687 +++ b/tests/data/test687 @@ -47,7 +47,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --xattr -o %LOGDIR/out%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test688 b/tests/data/test688 index e8e7852b20..9397515411 100644 --- a/tests/data/test688 +++ b/tests/data/test688 @@ -47,7 +47,7 @@ basic --xattr with -O # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test689 b/tests/data/test689 index 141e92a9e6..a0bc35b1d7 100644 --- a/tests/data/test689 +++ b/tests/data/test689 @@ -37,7 +37,7 @@ rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER - + OPTIONS rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER RTSP/1.0 CSeq: 1 User-Agent: test567 diff --git a/tests/data/test69 b/tests/data/test69 index bfd4de8c12..2a0fa5796b 100644 --- a/tests/data/test69 +++ b/tests/data/test69 @@ -9,61 +9,61 @@ NTLM # Server-side - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Basic -WWW-Authenticate: Wild-and-crazy -WWW-Authenticate: NTLM -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Basic +WWW-Authenticate: Wild-and-crazy +WWW-Authenticate: NTLM +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + This is not the real page # This is supposed to be returned when the server gets a first # Authorization: NTLM line passed-in from the client - -HTTP/1.1 401 Now gimme that second request of crap -Server: Microsoft-IIS/5.0 -Content-Length: 34 -Content-Type: text/html; charset=iso-8859-1 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== - + +HTTP/1.1 401 Now gimme that second request of crap +Server: Microsoft-IIS/5.0 +Content-Length: 34 +Content-Type: text/html; charset=iso-8859-1 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + This is not the real page either! # This is supposed to be returned when the server gets the second # Authorization: NTLM line passed-in from the client - -HTTP/1.1 200 Things are fine in server land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 200 Things are fine in server land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Basic -WWW-Authenticate: Wild-and-crazy -WWW-Authenticate: NTLM -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - -HTTP/1.1 401 Now gimme that second request of crap -Server: Microsoft-IIS/5.0 -Content-Length: 34 -Content-Type: text/html; charset=iso-8859-1 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== - -HTTP/1.1 200 Things are fine in server land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Basic +WWW-Authenticate: Wild-and-crazy +WWW-Authenticate: NTLM +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + +HTTP/1.1 401 Now gimme that second request of crap +Server: Microsoft-IIS/5.0 +Content-Length: 34 +Content-Type: text/html; charset=iso-8859-1 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + +HTTP/1.1 200 Things are fine in server land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! @@ -89,7 +89,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --anyauth # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test690 b/tests/data/test690 index 6f333381c0..3d960b0297 100644 --- a/tests/data/test690 +++ b/tests/data/test690 @@ -9,7 +9,7 @@ HTTP GET # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -42,14 +42,14 @@ http://%HOSTIP:%HTTPPORT/ -O --output-dir %LOGDIR # # Verify data after the test has been "shot" - + GET / HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION Accept: */* - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test691 b/tests/data/test691 index b8a9a08af3..7f5ddfffa8 100644 --- a/tests/data/test691 +++ b/tests/data/test691 @@ -9,7 +9,7 @@ HTTP GET # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -42,14 +42,14 @@ http://%HOSTIP:%HTTPPORT/path/to/here/ -O --output-dir %LOGDIR # # Verify data after the test has been "shot" - + GET /path/to/here/ HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION Accept: */* - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test692 b/tests/data/test692 index e3e49a0185..d287e95f22 100644 --- a/tests/data/test692 +++ b/tests/data/test692 @@ -9,7 +9,7 @@ HTTP GET # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -42,14 +42,14 @@ http://%HOSTIP:%HTTPPORT/ -JO --output-dir %LOGDIR # # Verify data after the test has been "shot" - + GET / HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION Accept: */* - + -foo- diff --git a/tests/data/test693 b/tests/data/test693 index dd2b3d3ce1..f5454646d3 100644 --- a/tests/data/test693 +++ b/tests/data/test693 @@ -9,24 +9,24 @@ etag # # Server-side - -HTTP/1.1 200 funky chunky! -Server: fakeit/0.9 fakeitbad/1.0 -Transfer-Encoding: chunked -Trailer: chunky-trailer -Connection: mooo -ETag: W/"asdf" - -40 -aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -30 -bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb -21;heresatest=moooo + +HTTP/1.1 200 funky chunky! +Server: fakeit/0.9 fakeitbad/1.0 +Transfer-Encoding: chunked +Trailer: chunky-trailer +Connection: mooo +ETag: W/"asdf" + +40 +aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa +30 +bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb +21;heresatest=moooo cccccccccccccccccccccccccccccccc - -0 -chunky-trailer: header data - + +0 +chunky-trailer: header data + @@ -47,7 +47,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --etag-save %LOGDIR/moo/boo/etag%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test694 b/tests/data/test694 index bdb3e0440d..64a0b10b78 100644 --- a/tests/data/test694 +++ b/tests/data/test694 @@ -12,69 +12,69 @@ NTLM # Server-side - -HTTP/1.1 401 Authorization Required -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Negotiate -WWW-Authenticate: NTLM -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - + +HTTP/1.1 401 Authorization Required +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Negotiate +WWW-Authenticate: NTLM +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + This is not the real page # this is returned first since we get no proxy-auth - -HTTP/1.1 401 Authorization Required -WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== -Content-Length: 34 - + +HTTP/1.1 401 Authorization Required +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== +Content-Length: 34 + Hey you, authenticate or go away! # This is supposed to be returned when the server gets the second # Authorization: NTLM line passed-in from the client - -HTTP/1.1 200 Things are fine -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 42 - + +HTTP/1.1 200 Things are fine +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 42 + Contents of that page you requested, sir. # This is supposed to be returned when the server gets the second # request. - -HTTP/1.1 200 Things are fine -Content-Type: yeah/maybe -Content-Length: 42 - + +HTTP/1.1 200 Things are fine +Content-Type: yeah/maybe +Content-Length: 42 + Contents of that second request. Differn. - -HTTP/1.1 401 Authorization Required -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Negotiate -WWW-Authenticate: NTLM -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - -HTTP/1.1 401 Authorization Required -WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== -Content-Length: 34 - -HTTP/1.1 200 Things are fine -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 42 - + +HTTP/1.1 401 Authorization Required +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Negotiate +WWW-Authenticate: NTLM +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + +HTTP/1.1 401 Authorization Required +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== +Content-Length: 34 + +HTTP/1.1 200 Things are fine +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 42 + Contents of that page you requested, sir. -HTTP/1.1 200 Things are fine -Content-Type: yeah/maybe -Content-Length: 42 - +HTTP/1.1 200 Things are fine +Content-Type: yeah/maybe +Content-Length: 42 + Contents of that second request. Differn. @@ -103,7 +103,7 @@ http://%HOSTIP:%HTTPPORT/path/mine http://%HOSTIP:%HTTPPORT/path/%TESTNUMBER0010 # Verify data after the test has been "shot" - + GET /path/mine HTTP/1.1 Host: %HOSTIP:%HTTPPORT Accept: */* diff --git a/tests/data/test696 b/tests/data/test696 index c0c316111d..0afaa17775 100644 --- a/tests/data/test696 +++ b/tests/data/test696 @@ -7,13 +7,13 @@ HTTP GET - -HTTP/1.1 200 OK swsclose -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -Content-Length: 6 -Connection: close - + +HTTP/1.1 200 OK swsclose +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +Content-Length: 6 +Connection: close + -foo- @@ -38,23 +38,23 @@ http://%HOSTIP:%HTTPPORT # # Verify data after the test has been "shot" - -HTTP/1.1 200 OK swsclose -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -Content-Length: 6 -Connection: close - + +HTTP/1.1 200 OK swsclose +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +Content-Length: 6 +Connection: close + -foo- -HTTP/1.1 200 OK swsclose -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -Content-Length: 6 -Connection: close - +HTTP/1.1 200 OK swsclose +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +Content-Length: 6 +Connection: close + -foo- - + GET /%TESTNUMBER HTTP/1.1 Host: ninja diff --git a/tests/data/test699 b/tests/data/test699 index 9725a8dcae..a79911bf3a 100644 --- a/tests/data/test699 +++ b/tests/data/test699 @@ -9,7 +9,7 @@ HTTP # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -45,7 +45,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -K %LOGDIR/cmd # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[hej:you]b64% diff --git a/tests/data/test7 b/tests/data/test7 index 5bd0705c41..e299d5be2c 100644 --- a/tests/data/test7 +++ b/tests/data/test7 @@ -38,7 +38,7 @@ http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER -b none -D %LOGDIR/heads%TESTNUMBER # Verify data after the test has been "shot" - + GET /we/want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test70 b/tests/data/test70 index a4ea92b2c1..e462382a23 100644 --- a/tests/data/test70 +++ b/tests/data/test70 @@ -9,41 +9,41 @@ HTTP Digest auth # Server-side - -HTTP/1.1 401 Authorization Required -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604199" -WWW-Authenticate: NTLM -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - + +HTTP/1.1 401 Authorization Required +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604199" +WWW-Authenticate: NTLM +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + This is not the real page # This is supposed to be returned when the server gets a # Authorization: Digest line passed-in from the client - -HTTP/1.1 200 OK -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 - + +HTTP/1.1 200 OK +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 + This IS the real page! - -HTTP/1.1 401 Authorization Required -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604199" -WWW-Authenticate: NTLM -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - -HTTP/1.1 200 OK -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 - + +HTTP/1.1 401 Authorization Required +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604199" +WWW-Authenticate: NTLM +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + +HTTP/1.1 200 OK +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 + This IS the real page! @@ -69,7 +69,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --anyauth # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test700 b/tests/data/test700 index 9a2160bbbc..57ee2f51df 100644 --- a/tests/data/test700 +++ b/tests/data/test700 @@ -47,7 +47,7 @@ HTTP GET via SOCKS4 proxy # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test701 b/tests/data/test701 index dcd9d442bf..34c14a1f90 100644 --- a/tests/data/test701 +++ b/tests/data/test701 @@ -47,7 +47,7 @@ HTTP GET via SOCKS5 proxy # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test708 b/tests/data/test708 index 9fd664ff45..6724f8f861 100644 --- a/tests/data/test708 +++ b/tests/data/test708 @@ -50,7 +50,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test709 b/tests/data/test709 index 72c7aec17c..b339d877a9 100644 --- a/tests/data/test709 +++ b/tests/data/test709 @@ -51,7 +51,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test710 b/tests/data/test710 index b9defa6f62..3530d6d9b0 100644 --- a/tests/data/test710 +++ b/tests/data/test710 @@ -47,7 +47,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --proxy socks5://%HOSTIP:%SOCKSPORT # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test717 b/tests/data/test717 index 58e3045e56..ca377a4bce 100644 --- a/tests/data/test717 +++ b/tests/data/test717 @@ -55,7 +55,7 @@ proxy # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:1 User-Agent: curl/%VERSION diff --git a/tests/data/test718 b/tests/data/test718 index 95c81e1680..ae061d8488 100644 --- a/tests/data/test718 +++ b/tests/data/test718 @@ -14,16 +14,16 @@ HTTP proxy Digest auth # this is returned first since we get no proxy-auth - -HTTP/1.1 407 Authorization Required to proxy me swsclose -Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345" - + +HTTP/1.1 407 Authorization Required to proxy me swsclose +Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345" + - -HTTP/1.1 407 Authorization Required to proxy me swsclose -Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345" - + +HTTP/1.1 407 Authorization Required to proxy me swsclose +Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345" + @@ -47,7 +47,7 @@ http://test.remote.haxx.se.%TESTNUMBER:8990/path/%TESTNUMBER0002 --proxy http:// # Verify data after the test has been "shot" - + CONNECT test.remote.haxx.se.%TESTNUMBER:8990 HTTP/1.1 Host: test.remote.haxx.se.%TESTNUMBER:8990 User-Agent: curl/%VERSION diff --git a/tests/data/test719 b/tests/data/test719 index 366ea27ee4..51ae337621 100644 --- a/tests/data/test719 +++ b/tests/data/test719 @@ -49,7 +49,7 @@ http://[2200::33]:%HTTPPORT/%TESTNUMBER --proxy socks5h://%HOSTIP:%SOCKSPORT # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: [2200::33]:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test72 b/tests/data/test72 index ba7d137b21..090720bdfd 100644 --- a/tests/data/test72 +++ b/tests/data/test72 @@ -8,41 +8,41 @@ HTTP Digest auth # Server-side - -HTTP/1.1 401 Authorization Required -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Basic realm="foothis" -WWW-Authenticate: Digest realm="testrealm", nonce="1053604199" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - + +HTTP/1.1 401 Authorization Required +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Basic realm="foothis" +WWW-Authenticate: Digest realm="testrealm", nonce="1053604199" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + This is not the real page # This is supposed to be returned when the server gets a # Authorization: Digest line passed-in from the client - -HTTP/1.1 200 OK -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 - + +HTTP/1.1 200 OK +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 + This IS the real page! - -HTTP/1.1 401 Authorization Required -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Basic realm="foothis" -WWW-Authenticate: Digest realm="testrealm", nonce="1053604199" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - -HTTP/1.1 200 OK -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 23 - + +HTTP/1.1 401 Authorization Required +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Basic realm="foothis" +WWW-Authenticate: Digest realm="testrealm", nonce="1053604199" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + +HTTP/1.1 200 OK +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 23 + This IS the real page! @@ -68,7 +68,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --anyauth # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test720 b/tests/data/test720 index b146a2bf54..0495d682b5 100644 --- a/tests/data/test720 +++ b/tests/data/test720 @@ -48,7 +48,7 @@ http://12.34.56.78:%HTTPPORT/%TESTNUMBER --proxy socks5h://%HOSTIP:%SOCKSPORT # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: 12.34.56.78:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test721 b/tests/data/test721 index c70d560722..23878f5b2f 100644 --- a/tests/data/test721 +++ b/tests/data/test721 @@ -48,7 +48,7 @@ http://this.is.a.host.name:%HTTPPORT/%TESTNUMBER --proxy socks5h://%HOSTIP:%SOCK # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: this.is.a.host.name:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test722 b/tests/data/test722 index bff6c33e93..44691f94c6 100644 --- a/tests/data/test722 +++ b/tests/data/test722 @@ -44,7 +44,7 @@ IPFS # # Verify data after the test has been "shot" - + GET /ipfs/bafybeidecnvkrygux6uoukouzps5ofkeevoqland7kopseiod6pzqvjg7u HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test724 b/tests/data/test724 index 85cf07d141..2de7c355e6 100644 --- a/tests/data/test724 +++ b/tests/data/test724 @@ -50,7 +50,7 @@ http://%HOSTIP:%HTTPPORT # # Verify data after the test has been "shot" - + GET /ipfs/bafybeidecnvkrygux6uoukouzps5ofkeevoqland7kopseiod6pzqvjg7u HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test727 b/tests/data/test727 index 3f9a91e7d9..a12a092039 100644 --- a/tests/data/test727 +++ b/tests/data/test727 @@ -44,7 +44,7 @@ IPNS # # Verify data after the test has been "shot" - + GET /ipns/bafybeidecnvkrygux6uoukouzps5ofkeevoqland7kopseiod6pzqvjg7u HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test728 b/tests/data/test728 index 05bcf28833..3be1911390 100644 --- a/tests/data/test728 +++ b/tests/data/test728 @@ -44,7 +44,7 @@ SOCKS5h with HTTP redirect to hostname too long # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test73 b/tests/data/test73 index e131ec6f0d..7fe470df0a 100644 --- a/tests/data/test73 +++ b/tests/data/test73 @@ -9,13 +9,13 @@ cookiejar # Server-side - -HTTP/1.1 200 OK swsclose -Date: Tue, 09 Nov 2010 14:49:00 GMT -Content-Type: text/html -Set-Cookie: IPCZQX01af0fca5c=000010008168c200d25dfc4b; path=/; domain=.NOT_DISCLOSED.se -Content-Length: 4 - + +HTTP/1.1 200 OK swsclose +Date: Tue, 09 Nov 2010 14:49:00 GMT +Content-Type: text/html +Set-Cookie: IPCZQX01af0fca5c=000010008168c200d25dfc4b; path=/; domain=.NOT_DISCLOSED.se +Content-Length: 4 + boo @@ -38,7 +38,7 @@ cookies # Verify data after the test has been "shot" - + GET /we/want/%TESTNUMBER HTTP/1.1 Host: host.NOT_DISCLOSED.se User-Agent: curl/%VERSION diff --git a/tests/data/test730 b/tests/data/test730 index ba18888c33..1529746632 100644 --- a/tests/data/test730 +++ b/tests/data/test730 @@ -44,7 +44,7 @@ IPFS arg gateway with path # # Verify data after the test has been "shot" - + GET /foo/bar/ipfs/bafybeidecnvkrygux6uoukouzps5ofkeevoqland7kopseiod6pzqvjg7u HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test731 b/tests/data/test731 index a2e0ee8a63..b3358baaa4 100644 --- a/tests/data/test731 +++ b/tests/data/test731 @@ -50,7 +50,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER/ipfs/bafybeidecnvkrygux6uoukouzps5ofkeevoqland7kopseiod6pzqvjg7u HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test732 b/tests/data/test732 index 3a4e0e8192..f31e3802af 100644 --- a/tests/data/test732 +++ b/tests/data/test732 @@ -44,7 +44,7 @@ IPFS with path # # Verify data after the test has been "shot" - + GET /ipfs/bafybeidecnvkrygux6uoukouzps5ofkeevoqland7kopseiod6pzqvjg7u/a/b HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test733 b/tests/data/test733 index e6a4693b11..ffe058bf34 100644 --- a/tests/data/test733 +++ b/tests/data/test733 @@ -44,7 +44,7 @@ IPFS with path and query args # # Verify data after the test has been "shot" - + GET /ipfs/bafybeidecnvkrygux6uoukouzps5ofkeevoqland7kopseiod6pzqvjg7u/a/b?foo=bar&aaa=bbb HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test734 b/tests/data/test734 index 1545551ad0..e8d40141a3 100644 --- a/tests/data/test734 +++ b/tests/data/test734 @@ -44,7 +44,7 @@ IPFS with path, query args and gateway with path # # Verify data after the test has been "shot" - + GET /some/path/ipfs/bafybeidecnvkrygux6uoukouzps5ofkeevoqland7kopseiod6pzqvjg7u/a/b?foo=bar&aaa=bbb HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test735 b/tests/data/test735 index 8d9fa156f0..d78c3cc996 100644 --- a/tests/data/test735 +++ b/tests/data/test735 @@ -44,7 +44,7 @@ IPNS with path, query args and gateway with path # # Verify data after the test has been "shot" - + GET /some/path/ipns/fancy.tld/a/b?foo=bar&aaa=bbb HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test736 b/tests/data/test736 index b239b259fc..dd8c7347b2 100644 --- a/tests/data/test736 +++ b/tests/data/test736 @@ -50,7 +50,7 @@ http://%HOSTIP:%HTTPPORT # # Verify data after the test has been "shot" - + GET /ipfs/bafybeidecnvkrygux6uoukouzps5ofkeevoqland7kopseiod6pzqvjg7u HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test737 b/tests/data/test737 index 0dc4b68825..56859888d0 100644 --- a/tests/data/test737 +++ b/tests/data/test737 @@ -50,7 +50,7 @@ http://%HOSTIP:%HTTPPORT # # Verify data after the test has been "shot" - + GET /ipfs/bafybeidecnvkrygux6uoukouzps5ofkeevoqland7kopseiod6pzqvjg7u HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test74 b/tests/data/test74 index 31179af990..0d10f20587 100644 --- a/tests/data/test74 +++ b/tests/data/test74 @@ -50,7 +50,7 @@ HTTP, urlglob {}-retrieval and -o #[num] usage # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test740 b/tests/data/test740 index 599adece2b..3c8108dcbd 100644 --- a/tests/data/test740 +++ b/tests/data/test740 @@ -52,7 +52,7 @@ bar # # Verify data after the test has been "shot" - + GET /ipfs/bafybeidecnvkrygux6uoukouzps5ofkeevoqland7kopseiod6pzqvjg7u HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test742 b/tests/data/test742 index 70720d7a49..4cffe4d33d 100644 --- a/tests/data/test742 +++ b/tests/data/test742 @@ -55,7 +55,7 @@ proxy # # Verify data after the test has been "shot" - + GET / HTTP/1.1 Host: %repeat[254 x c]%:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test743 b/tests/data/test743 index fa86a13883..76e568da7e 100644 --- a/tests/data/test743 +++ b/tests/data/test743 @@ -9,7 +9,7 @@ HTTP # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test744 b/tests/data/test744 index 704a53a448..f725a29c3a 100644 --- a/tests/data/test744 +++ b/tests/data/test744 @@ -20,9 +20,9 @@ Content-Length: 9 contents - -HTTP/1.1 200 Mighty fine indeed - + +HTTP/1.1 200 Mighty fine indeed + HTTP/1.1 200 Mighty fine indeed @@ -62,13 +62,13 @@ proxy # # Verify data after the test has been "shot" - -CONNECT foo.host:%HTTPPORT HTTP/1.0 -Host: foo.host:%HTTPPORT -Proxy-Connection: Keep-Alive - + +CONNECT foo.host:%HTTPPORT HTTP/1.0 +Host: foo.host:%HTTPPORT +Proxy-Connection: Keep-Alive + - + GET /%TESTNUMBER HTTP/1.1 Host: foo.host:%HTTPPORT Authorization: Basic %b64[foo:baaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaar]b64% diff --git a/tests/data/test747 b/tests/data/test747 index 4397c7741c..59b8033144 100644 --- a/tests/data/test747 +++ b/tests/data/test747 @@ -41,7 +41,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test749 b/tests/data/test749 index 68439f90cb..efd9933914 100644 --- a/tests/data/test749 +++ b/tests/data/test749 @@ -13,13 +13,13 @@ proxytunnel # this is returned first since we get no proxy-auth - -HTTP/1.1 400 Bad request -Connection: close - + +HTTP/1.1 400 Bad request +Connection: close + - + HTTP/1.1 400 Bad request Connection: close @@ -44,7 +44,7 @@ http://test.example --proxy http://%HOSTIP:%HTTPPORT --proxytunnel -sS # Verify data after the test has been "shot" - + CONNECT test.example:80 HTTP/1.1 Host: test.example:80 User-Agent: curl/%VERSION diff --git a/tests/data/test750 b/tests/data/test750 index 7acc8d3181..963f373a71 100644 --- a/tests/data/test750 +++ b/tests/data/test750 @@ -40,7 +40,7 @@ http://test.example --proxy http://%HOSTIP:%HTTPPORT --proxytunnel -sS # Verify data after the test has been "shot" - + CONNECT test.example:80 HTTP/1.1 Host: test.example:80 User-Agent: curl/%VERSION diff --git a/tests/data/test752 b/tests/data/test752 index 00f14909d1..28866bc312 100644 --- a/tests/data/test752 +++ b/tests/data/test752 @@ -11,7 +11,7 @@ HTTP GET # # Server-side - + HTTP/1.1 404 nopes Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -26,7 +26,7 @@ Funny-head: yesyes -foo- - + HTTP/1.1 404 nopes Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -58,7 +58,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -f --retry 1 # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test755 b/tests/data/test755 index 0e0840be45..4f53105381 100644 --- a/tests/data/test755 +++ b/tests/data/test755 @@ -47,7 +47,7 @@ proxy # # Verify data after the test has been "shot" - + GET http://foo.host/%TESTNUMBER HTTP/1.1 Host: foo.host Authorization: Basic %b64[foo:alone-in-the-dark]b64% diff --git a/tests/data/test756 b/tests/data/test756 index 56038a66d8..47c0f28718 100644 --- a/tests/data/test756 +++ b/tests/data/test756 @@ -47,7 +47,7 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER http://%HOSTIP:%HTTPPORT/want/%TESTNUM # Verify data after the test has been "shot" - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test76 b/tests/data/test76 index 2300a38d00..0870d5ba60 100644 --- a/tests/data/test76 +++ b/tests/data/test76 @@ -9,7 +9,7 @@ NTLM # Server-side - + HTTP/1.1 401 Authorization Required swsclose Server: Apache/1.3.27 (Darwin) PHP/4.1.2 WWW-Authenticate: Basic, Wild-and-crazy, NTLM @@ -21,7 +21,7 @@ This is not the real page # This is supposed to be returned when the server gets a first # Authorization: NTLM line passed-in from the client - + HTTP/1.1 401 Now gimme that second request of crap Server: Microsoft-IIS/5.0 Content-Length: 34 @@ -33,7 +33,7 @@ This is not the real page either! # This is supposed to be returned when the server gets the second # Authorization: NTLM line passed-in from the client - + HTTP/1.1 200 Things are fine in server land swsclose Server: Microsoft-IIS/5.0 Content-Type: text/html; charset=iso-8859-1 @@ -42,7 +42,7 @@ Content-Length: 32 Finally, this is the real page! - + HTTP/1.1 401 Authorization Required swsclose Server: Apache/1.3.27 (Darwin) PHP/4.1.2 WWW-Authenticate: Basic, Wild-and-crazy, NTLM @@ -85,7 +85,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --anyauth # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test762 b/tests/data/test762 index 2d7aedcf7f..343145b654 100644 --- a/tests/data/test762 +++ b/tests/data/test762 @@ -38,7 +38,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -O --remote-time --output-dir %LOGDIR # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test767 b/tests/data/test767 index 2695e3bffa..83d68841b0 100644 --- a/tests/data/test767 +++ b/tests/data/test767 @@ -9,7 +9,7 @@ HTTP GET # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -43,7 +43,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test768 b/tests/data/test768 index ced4353c30..cfa7ddd2a6 100644 --- a/tests/data/test768 +++ b/tests/data/test768 @@ -9,7 +9,7 @@ HTTP GET # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -43,7 +43,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test769 b/tests/data/test769 index 189bf95d81..f74a9e67ef 100644 --- a/tests/data/test769 +++ b/tests/data/test769 @@ -9,7 +9,7 @@ HTTP GET # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -42,7 +42,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test77 b/tests/data/test77 index bde62adce3..beb8d904a0 100644 --- a/tests/data/test77 +++ b/tests/data/test77 @@ -42,7 +42,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -z "dec 12 12:00:00 1999 GMT" # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test770 b/tests/data/test770 index 89ba5b1a80..b4a5f83672 100644 --- a/tests/data/test770 +++ b/tests/data/test770 @@ -9,7 +9,7 @@ HTTP GET # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -43,7 +43,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test771 b/tests/data/test771 index b57c87c88b..a7524b3597 100644 --- a/tests/data/test771 +++ b/tests/data/test771 @@ -9,7 +9,7 @@ HTTP GET # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -43,7 +43,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test772 b/tests/data/test772 index f3b1d954e8..0596c7b982 100644 --- a/tests/data/test772 +++ b/tests/data/test772 @@ -10,7 +10,7 @@ Location # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Content-Length: 0 @@ -38,7 +38,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test773 b/tests/data/test773 index 42d28dadd3..bb0196c40b 100644 --- a/tests/data/test773 +++ b/tests/data/test773 @@ -10,7 +10,7 @@ Location # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Content-Length: 0 @@ -38,7 +38,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test775 b/tests/data/test775 index 6a03ad8fee..aa016a0955 100644 --- a/tests/data/test775 +++ b/tests/data/test775 @@ -11,23 +11,23 @@ NTLM # This is supposed to be returned when the server gets a first # Authorization: NTLM line passed-in from the client - -HTTP/1.1 401 Now gimme that second request of crap -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== - + +HTTP/1.1 401 Now gimme that second request of crap +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + This is not the real page either! - -HTTP/1.1 401 Now gimme that second request of crap -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== - + +HTTP/1.1 401 Now gimme that second request of crap +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + @@ -52,7 +52,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser%repeat[1100 x A]%:testpass --nt # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= diff --git a/tests/data/test776 b/tests/data/test776 index fc4f06d6f7..9798a18f3a 100644 --- a/tests/data/test776 +++ b/tests/data/test776 @@ -10,7 +10,7 @@ flaky - + HTTP/1.1 401 Authorization Required swsclose WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAAAAAAAAAAABAIgAAQIDBAUGBwgAAAAAAAAAAP////8wAAAAAgD3/0F%repeat[21841 x BQUF]%BQUEAAAAA Content-Length: 0 @@ -37,7 +37,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u user:pass --ntlm # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= diff --git a/tests/data/test78 b/tests/data/test78 index 545adca001..3b4d69a223 100644 --- a/tests/data/test78 +++ b/tests/data/test78 @@ -54,7 +54,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -z "dec 12 11:00:00 1999 GMT" # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test780 b/tests/data/test780 index f65f793c7d..085b2845bd 100644 --- a/tests/data/test780 +++ b/tests/data/test780 @@ -10,10 +10,10 @@ HSTS # we use this as response to a CONNECT - -HTTP/1.1 200 OK -Server: fake - + +HTTP/1.1 200 OK +Server: fake + diff --git a/tests/data/test781 b/tests/data/test781 index 20db3852bc..6423fe7e47 100644 --- a/tests/data/test781 +++ b/tests/data/test781 @@ -10,10 +10,10 @@ HSTS # we use this as response to a CONNECT - -HTTP/1.1 200 OK -Server: fake - + +HTTP/1.1 200 OK +Server: fake + diff --git a/tests/data/test782 b/tests/data/test782 index 61b4a0b8c2..8e1b2918c6 100644 --- a/tests/data/test782 +++ b/tests/data/test782 @@ -10,10 +10,10 @@ HSTS # we use this as response to a CONNECT - -HTTP/1.1 200 OK -Server: fake - + +HTTP/1.1 200 OK +Server: fake + diff --git a/tests/data/test783 b/tests/data/test783 index be7004ed8a..62ff5c23dd 100644 --- a/tests/data/test783 +++ b/tests/data/test783 @@ -10,10 +10,10 @@ HSTS # we use this as response to a CONNECT - -HTTP/1.1 200 OK -Server: fake - + +HTTP/1.1 200 OK +Server: fake + diff --git a/tests/data/test784 b/tests/data/test784 index 845a3acfc7..d847a79b1f 100644 --- a/tests/data/test784 +++ b/tests/data/test784 @@ -9,7 +9,7 @@ HTTP # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test785 b/tests/data/test785 index b3213643c5..370a97060e 100644 --- a/tests/data/test785 +++ b/tests/data/test785 @@ -9,7 +9,7 @@ HTTP # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test786 b/tests/data/test786 index 10ce170e26..e94faf472f 100644 --- a/tests/data/test786 +++ b/tests/data/test786 @@ -9,7 +9,7 @@ HTTP # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test788 b/tests/data/test788 index 544732f7ad..c863edacc6 100644 --- a/tests/data/test788 +++ b/tests/data/test788 @@ -9,7 +9,7 @@ HTTP # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test789 b/tests/data/test789 index ce15967a0a..d348ad397c 100644 --- a/tests/data/test789 +++ b/tests/data/test789 @@ -9,7 +9,7 @@ HTTP # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -45,7 +45,7 @@ On the first Monday of the month of April, 1625, the market town of Meung # # Verify data after the test has been "shot" - + POST /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test79 b/tests/data/test79 index 8a52c09f98..9734840040 100644 --- a/tests/data/test79 +++ b/tests/data/test79 @@ -42,7 +42,7 @@ ftp://%HOSTIP:%HTTPPORT/we/want/that/page/%TESTNUMBER -x %HOSTIP:%HTTPPORT # # Verify data after the test has been "shot" - + GET ftp://%HOSTIP:%HTTPPORT/we/want/that/page/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test790 b/tests/data/test790 index 1c7827bcd7..7e557f250b 100644 --- a/tests/data/test790 +++ b/tests/data/test790 @@ -9,7 +9,7 @@ HTTP # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test791 b/tests/data/test791 index 6dcdc172aa..300af27e7a 100644 --- a/tests/data/test791 +++ b/tests/data/test791 @@ -9,7 +9,7 @@ HTTP # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test794 b/tests/data/test794 index 479f1b1be2..63d3d36ba0 100644 --- a/tests/data/test794 +++ b/tests/data/test794 @@ -8,7 +8,7 @@ # # Server-side - + HTTP/1.1 302 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -23,7 +23,7 @@ Funny-head: yesyes -foo- - + HTTP/1.1 200 OK Content-Length: 6 Connection: close @@ -31,7 +31,7 @@ Content-Type: text/html -bar- - + HTTP/1.1 302 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test796 b/tests/data/test796 index bfef4bd07d..e875058810 100644 --- a/tests/data/test796 +++ b/tests/data/test796 @@ -8,7 +8,7 @@ # # Server-side - + HTTP/1.1 302 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -23,7 +23,7 @@ Funny-head: yesyes -foo- - + HTTP/1.1 200 OK Content-Length: 6 Connection: close @@ -31,7 +31,7 @@ Content-Type: text/html -bar- - + HTTP/1.1 302 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test797 b/tests/data/test797 index 5c28f3ccd7..f1f1a1ff18 100644 --- a/tests/data/test797 +++ b/tests/data/test797 @@ -8,7 +8,7 @@ # # Server-side - + HTTP/1.1 308 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -23,7 +23,7 @@ Funny-head: yesyes -foo- - + HTTP/1.1 200 OK Content-Length: 6 Connection: close @@ -31,7 +31,7 @@ Content-Type: text/html -bar- - + HTTP/1.1 308 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test799 b/tests/data/test799 index ec6d94ca8a..06e50a6d9a 100644 --- a/tests/data/test799 +++ b/tests/data/test799 @@ -14,14 +14,14 @@ SASL AUTH +LOGIN AUTH PLAIN REPLY LOGIN A002 OK LOGIN completed - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test8 b/tests/data/test8 index ee1263eba4..eaeb765699 100644 --- a/tests/data/test8 +++ b/tests/data/test8 @@ -88,7 +88,7 @@ cookies # Verify data after the test has been "shot" - + GET /we/want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test80 b/tests/data/test80 index c840527bf1..2e41c87a0d 100644 --- a/tests/data/test80 +++ b/tests/data/test80 @@ -24,9 +24,9 @@ Content-Length: 9 contents - -HTTP/1.1 200 Mighty fine indeed - + +HTTP/1.1 200 Mighty fine indeed + HTTP/1.1 200 Mighty fine indeed @@ -63,14 +63,14 @@ proxy # # Verify data after the test has been "shot" - -CONNECT test.%TESTNUMBER:%HTTPPORT HTTP/1.0 -Host: test.%TESTNUMBER:%HTTPPORT -Proxy-Authorization: Basic %b64[youare:yourself]b64% -Proxy-Connection: Keep-Alive - + +CONNECT test.%TESTNUMBER:%HTTPPORT HTTP/1.0 +Host: test.%TESTNUMBER:%HTTPPORT +Proxy-Authorization: Basic %b64[youare:yourself]b64% +Proxy-Connection: Keep-Alive + - + GET /we/want/that/page/%TESTNUMBER HTTP/1.1 Host: test.%TESTNUMBER:%HTTPPORT Authorization: Basic %b64[iam:myself]b64% diff --git a/tests/data/test800 b/tests/data/test800 index 11a3f87784..35ae22ad93 100644 --- a/tests/data/test800 +++ b/tests/data/test800 @@ -10,14 +10,14 @@ FETCH # # Server-side - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test801 b/tests/data/test801 index 0fda1c2504..fd3c8c5fc6 100644 --- a/tests/data/test801 +++ b/tests/data/test801 @@ -10,11 +10,11 @@ FETCH # # Server-side - -body - --- - yours sincerely + +body + +-- + yours sincerely diff --git a/tests/data/test802 b/tests/data/test802 index 8d93c79225..e43ad81606 100644 --- a/tests/data/test802 +++ b/tests/data/test802 @@ -11,11 +11,11 @@ UIDVALIDITY # # Server-side - -body - --- - yours sincerely + +body + +-- + yours sincerely diff --git a/tests/data/test804 b/tests/data/test804 index f755a262ae..9df5decafe 100644 --- a/tests/data/test804 +++ b/tests/data/test804 @@ -10,11 +10,11 @@ SELECT # # Server-side - -body - --- - yours sincerely + +body + +-- + yours sincerely diff --git a/tests/data/test805 b/tests/data/test805 index 8953d58680..eadd8a4cb7 100644 --- a/tests/data/test805 +++ b/tests/data/test805 @@ -25,16 +25,16 @@ IMAP APPEND message imap://%HOSTIP:%IMAPPORT/%TESTNUMBER -T %LOGDIR/upload%TESTNUMBER -u user:secret - -Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST) -From: Fred Foobar -Subject: afternoon meeting -To: joe@example.com -Message-Id: -MIME-Version: 1.0 -Content-Type: TEXT/PLAIN; CHARSET=US-ASCII - -Hello Joe, do you think we can meet at 3:30 tomorrow? + +Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST) +From: Fred Foobar +Subject: afternoon meeting +To: joe@example.com +Message-Id: +MIME-Version: 1.0 +Content-Type: TEXT/PLAIN; CHARSET=US-ASCII + +Hello Joe, do you think we can meet at 3:30 tomorrow? diff --git a/tests/data/test806 b/tests/data/test806 index 6b7e6ff7fe..1423c3059b 100644 --- a/tests/data/test806 +++ b/tests/data/test806 @@ -10,10 +10,10 @@ LIST # # Server-side - -* LIST () "/" /%TESTNUMBER/blurdybloop -* LIST (\Noselect) "/" /%TESTNUMBER/foo -* LIST () "/" /%TESTNUMBER/foo/bar + +* LIST () "/" /%TESTNUMBER/blurdybloop +* LIST (\Noselect) "/" /%TESTNUMBER/foo +* LIST () "/" /%TESTNUMBER/foo/bar diff --git a/tests/data/test807 b/tests/data/test807 index 5da8105914..216170418a 100644 --- a/tests/data/test807 +++ b/tests/data/test807 @@ -11,10 +11,10 @@ CUSTOMREQUEST # # Server-side - -* LSUB () "/" /%TESTNUMBER/blurdybloop -* LSUB (\Noselect) "/" /%TESTNUMBER/foo -* LSUB () "/" /%TESTNUMBER/foo/bar + +* LSUB () "/" /%TESTNUMBER/blurdybloop +* LSUB (\Noselect) "/" /%TESTNUMBER/foo +* LSUB () "/" /%TESTNUMBER/foo/bar diff --git a/tests/data/test808 b/tests/data/test808 index 6795143d4d..f8c84fd380 100644 --- a/tests/data/test808 +++ b/tests/data/test808 @@ -11,14 +11,14 @@ CUSTOMREQUEST # # Server-side - -* 17 EXISTS -* 2 RECENT -* OK [UNSEEN 8] Message 8 is first unseen -* OK [UIDVALIDITY 3857529045] UIDs valid -* OK [UIDNEXT 4392] Predicted next UID -* FLAGS (\Answered \Flagged \Deleted \Seen \Draft) -* OK [PERMANENTFLAGS ()] No permanent flags permitted + +* 17 EXISTS +* 2 RECENT +* OK [UNSEEN 8] Message 8 is first unseen +* OK [UIDVALIDITY 3857529045] UIDs valid +* OK [UIDNEXT 4392] Predicted next UID +* FLAGS (\Answered \Flagged \Deleted \Seen \Draft) +* OK [PERMANENTFLAGS ()] No permanent flags permitted diff --git a/tests/data/test809 b/tests/data/test809 index af4c808419..8d1a7ddaa3 100644 --- a/tests/data/test809 +++ b/tests/data/test809 @@ -11,8 +11,8 @@ CUSTOMREQUEST # # Server-side - -* STATUS %TESTNUMBER (MESSAGES 231 UIDNEXT 44292) + +* STATUS %TESTNUMBER (MESSAGES 231 UIDNEXT 44292) diff --git a/tests/data/test81 b/tests/data/test81 index 27f1247a97..ffbb67f3d3 100644 --- a/tests/data/test81 +++ b/tests/data/test81 @@ -14,39 +14,39 @@ NTLM # This is supposed to be returned when the server gets a first # Authorization: NTLM line passed-in from the client - -HTTP/1.1 407 Now gimme that second request of crap -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 -Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== - + +HTTP/1.1 407 Now gimme that second request of crap +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 +Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + This is not the real page either! # This is supposed to be returned when the server gets the second # Authorization: NTLM line passed-in from the client - -HTTP/1.1 200 Things are fine in server land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 200 Things are fine in server land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! - -HTTP/1.1 407 Now gimme that second request of crap -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 -Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== - -HTTP/1.1 200 Things are fine in server land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 407 Now gimme that second request of crap +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 +Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + +HTTP/1.1 200 Things are fine in server land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! @@ -73,7 +73,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --proxy-user testuser:testpass -x http://%H # Verify data after the test has been "shot" - + GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Proxy-Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= diff --git a/tests/data/test810 b/tests/data/test810 index af9a310f7a..74ec4be2a4 100644 --- a/tests/data/test810 +++ b/tests/data/test810 @@ -10,8 +10,8 @@ SEARCH # # Server-side - -* SEARCH 1 123 456 %TESTNUMBER + +* SEARCH 1 123 456 %TESTNUMBER diff --git a/tests/data/test815 b/tests/data/test815 index 57af869fa3..58a926c4c2 100644 --- a/tests/data/test815 +++ b/tests/data/test815 @@ -12,8 +12,8 @@ CUSTOMREQUEST # # Server-side - -* 123 FETCH (FLAGS (\Seen \Deleted)) + +* 123 FETCH (FLAGS (\Seen \Deleted)) diff --git a/tests/data/test816 b/tests/data/test816 index ff6546ec52..5d98f75286 100644 --- a/tests/data/test816 +++ b/tests/data/test816 @@ -12,11 +12,11 @@ CUSTOMREQUEST # # Server-side - -* 123 FETCH (FLAGS (\Seen \Deleted)) + +* 123 FETCH (FLAGS (\Seen \Deleted)) - -* 123 EXPUNGE + +* 123 EXPUNGE diff --git a/tests/data/test818 b/tests/data/test818 index e096b13fd4..d57bc29f9a 100644 --- a/tests/data/test818 +++ b/tests/data/test818 @@ -11,11 +11,11 @@ CUSTOMREQUEST # # Server-side - -* 22 EXPUNGE -* 23 EXISTS -* 3 RECENT -* 14 FETCH (FLAGS (\Seen \Deleted)) + +* 22 EXPUNGE +* 23 EXISTS +* 3 RECENT +* 14 FETCH (FLAGS (\Seen \Deleted)) diff --git a/tests/data/test819 b/tests/data/test819 index 81f0277c45..259263fa31 100644 --- a/tests/data/test819 +++ b/tests/data/test819 @@ -16,14 +16,14 @@ AUTH PLAIN REPLY AUTHENTICATE + REPLY AHVzZXIAc2VjcmV0 A002 OK AUTHENTICATE completed - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test82 b/tests/data/test82 index 6974bc3a1f..b3db39438b 100644 --- a/tests/data/test82 +++ b/tests/data/test82 @@ -11,13 +11,13 @@ HTTP proxy NTLM auth # Server-side - -HTTP/1.1 407 We only deal with NTLM my friend -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 + +HTTP/1.1 407 We only deal with NTLM my friend +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 Proxy-Authenticate: NTLM - + This is not the real page either! @@ -41,7 +41,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --proxy-user testuser:testpass -x http://%H # Verify data after the test has been "shot" - + GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Proxy-Authorization: Basic %b64[testuser:testpass]b64% diff --git a/tests/data/test820 b/tests/data/test820 index e617e241bf..cbcc3a32da 100644 --- a/tests/data/test820 +++ b/tests/data/test820 @@ -16,14 +16,14 @@ REPLY AUTHENTICATE + VXNlcm5hbWU6 REPLY dXNlcg== + UGFzc3dvcmQ6 REPLY c2VjcmV0 A002 OK AUTHENTICATE completed - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test821 b/tests/data/test821 index 2b928fe1d0..df48cfbdd9 100644 --- a/tests/data/test821 +++ b/tests/data/test821 @@ -16,14 +16,14 @@ AUTH CRAM-MD5 REPLY AUTHENTICATE + PDE5NzIuOTg3NjU0MzIxQGN1cmw+ REPLY dXNlciA3MDMxNzI1NTk5ZmRiYjVkNDEyNjg5YWEzMjNlM2UwYg== A002 OK AUTHENTICATE completed - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test822 b/tests/data/test822 index 4f4859544d..99cc323a7c 100644 --- a/tests/data/test822 +++ b/tests/data/test822 @@ -17,14 +17,14 @@ REPLY AUTHENTICATE + REPLY TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= + TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== REPLY TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= A002 OK AUTHENTICATE completed - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test823 b/tests/data/test823 index aef99f0f0b..b249958de1 100644 --- a/tests/data/test823 +++ b/tests/data/test823 @@ -17,14 +17,14 @@ REPLY AUTHENTICATE + cmVhbG09ImN1cmwiLG5vbmNlPSI1MzAwZDE3YTFkNjk1YmQ0MTFlNGNkZjk REPLY dXNlcm5hbWU9InVzZXIiLHJlYWxtPSJjdXJsIixub25jZT0iNTMwMGQxN2ExZDY5NWJkNDExZTRjZGY5NmY5NTQ4YzIzY2VkNjE3NSIsY25vbmNlPSIzNDMzMzIzMTM1MzMzMjMxMzYzMzMyMzEzNzMzMzIzMSIsbmM9IjAwMDAwMDAxIixkaWdlc3QtdXJpPSJpbWFwLzEyNy4wLjAuMSIscmVzcG9uc2U9YmU2MzgyNDkzNjJkN2FhMGUzNTM4NTA3Njc1MWFiNDgscW9wPWF1dGg= + cnNwYXV0aD04MWY5MDNlYjQ4MjNhZTkyMmRiNWYwNGNiNThjY2RlYg== REPLY A002 OK AUTHENTICATE completed - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test824 b/tests/data/test824 index b2d16dc9c8..e88245fbe8 100644 --- a/tests/data/test824 +++ b/tests/data/test824 @@ -16,14 +16,14 @@ AUTH XOAUTH2 REPLY AUTHENTICATE + REPLY dXNlcj11c2VyAWF1dGg9QmVhcmVyIG1GXzkuQjVmLTQuMUpxTQEB A002 OK AUTHENTICATE completed - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test825 b/tests/data/test825 index 9f5336e377..39a8d317e2 100644 --- a/tests/data/test825 +++ b/tests/data/test825 @@ -17,14 +17,14 @@ AUTH PLAIN CAPA SASL-IR REPLY AUTHENTICATE A002 OK AUTHENTICATE completed - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test826 b/tests/data/test826 index 9f49957e7d..d137d57c9e 100644 --- a/tests/data/test826 +++ b/tests/data/test826 @@ -17,14 +17,14 @@ CAPA SASL-IR REPLY AUTHENTICATE + UGFzc3dvcmQ6 REPLY c2VjcmV0 A002 OK AUTHENTICATE completed - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test827 b/tests/data/test827 index 58a89015bb..87a4963552 100644 --- a/tests/data/test827 +++ b/tests/data/test827 @@ -18,14 +18,14 @@ CAPA SASL-IR REPLY AUTHENTICATE + TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== REPLY TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= A002 OK AUTHENTICATE completed - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test828 b/tests/data/test828 index cda2e33258..a397fccf02 100644 --- a/tests/data/test828 +++ b/tests/data/test828 @@ -17,14 +17,14 @@ AUTH XOAUTH2 CAPA SASL-IR REPLY AUTHENTICATE A002 OK AUTHENTICATE completed - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test83 b/tests/data/test83 index b6e89a65fb..4bf191e9ec 100644 --- a/tests/data/test83 +++ b/tests/data/test83 @@ -21,9 +21,9 @@ Content-Length: 9 contents - -HTTP/1.1 200 Mighty fine indeed - + +HTTP/1.1 200 Mighty fine indeed + HTTP/1.1 200 Mighty fine indeed @@ -60,14 +60,14 @@ proxy # # Verify data after the test has been "shot" - -CONNECT test.%TESTNUMBER:%HTTPPORT HTTP/1.1 -Host: test.%TESTNUMBER:%HTTPPORT -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - + +CONNECT test.%TESTNUMBER:%HTTPPORT HTTP/1.1 +Host: test.%TESTNUMBER:%HTTPPORT +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + - + GET /we/want/that/page/%TESTNUMBER HTTP/1.1 Host: test.%TESTNUMBER:%HTTPPORT Authorization: Basic %b64[iam:my:;self]b64% diff --git a/tests/data/test833 b/tests/data/test833 index f8a204deb2..6ff9354f8c 100644 --- a/tests/data/test833 +++ b/tests/data/test833 @@ -20,14 +20,14 @@ REPLY * A002 NO AUTH exchange cancelled by client REPLY "AUTHENTICATE PLAIN" + REPLY AHVzZXIAc2VjcmV0 A003 OK AUTHENTICATE completed - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test834 b/tests/data/test834 index fdfcde8834..501768a211 100644 --- a/tests/data/test834 +++ b/tests/data/test834 @@ -20,14 +20,14 @@ REPLY * A002 NO AUTH exchange cancelled by client REPLY "AUTHENTICATE PLAIN" + REPLY AHVzZXIAc2VjcmV0 A003 OK AUTHENTICATE completed - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test835 b/tests/data/test835 index b1e0f34225..7d2aa2bac3 100644 --- a/tests/data/test835 +++ b/tests/data/test835 @@ -20,14 +20,14 @@ REPLY * A002 NO AUTH exchange cancelled by client REPLY "AUTHENTICATE PLAIN" + REPLY AHVzZXIAc2VjcmV0 A003 OK AUTHENTICATE completed - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test836 b/tests/data/test836 index cdcb0e9a9b..14e805dcb6 100644 --- a/tests/data/test836 +++ b/tests/data/test836 @@ -12,17 +12,17 @@ connection reuse # Server-side -REPLY "LOGIN user.one secret" A002 OK LOGIN completed -REPLY "LOGIN user.two secret" B002 OK LOGIN completed +REPLY "LOGIN user.one secret" A002 OK LOGIN completed +REPLY "LOGIN user.two secret" B002 OK LOGIN completed - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test837 b/tests/data/test837 index b5735ea099..ef10c57151 100644 --- a/tests/data/test837 +++ b/tests/data/test837 @@ -16,14 +16,14 @@ AUTH EXTERNAL REPLY AUTHENTICATE + REPLY dXNlcg== A002 OK AUTHENTICATE completed - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test838 b/tests/data/test838 index bbd282289d..5811c019f4 100644 --- a/tests/data/test838 +++ b/tests/data/test838 @@ -16,14 +16,14 @@ AUTH EXTERNAL REPLY AUTHENTICATE + REPLY = A002 OK AUTHENTICATE completed - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test839 b/tests/data/test839 index 8350c414bf..14a60ca22d 100644 --- a/tests/data/test839 +++ b/tests/data/test839 @@ -17,14 +17,14 @@ AUTH EXTERNAL CAPA SASL-IR REPLY AUTHENTICATE A002 OK AUTHENTICATE completed - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test84 b/tests/data/test84 index 9dca293375..b6d54a98a0 100644 --- a/tests/data/test84 +++ b/tests/data/test84 @@ -41,7 +41,7 @@ proxy # # Verify data after the test has been "shot" - + GET http://%HOSTIP:%HTTPPORT/we/want/that/page/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[iam:myself]b64% diff --git a/tests/data/test840 b/tests/data/test840 index 612e1119eb..ad8a22d11a 100644 --- a/tests/data/test840 +++ b/tests/data/test840 @@ -17,14 +17,14 @@ AUTH EXTERNAL CAPA SASL-IR REPLY AUTHENTICATE A002 OK AUTHENTICATE completed - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test841 b/tests/data/test841 index eee632f555..321512431c 100644 --- a/tests/data/test841 +++ b/tests/data/test841 @@ -11,20 +11,20 @@ CUSTOMREQUEST # # Server-side - -body - -+ Curl did not used to like this line --- - yours sincerely + +body + ++ Curl did not used to like this line +-- + yours sincerely - -* 123 FETCH (BODY[1] {70} -body - -+ Curl did not used to like this line --- - yours sincerely + +* 123 FETCH (BODY[1] {70} +body + ++ Curl did not used to like this line +-- + yours sincerely diff --git a/tests/data/test842 b/tests/data/test842 index e66d5b1aa6..cc0dcd9c00 100644 --- a/tests/data/test842 +++ b/tests/data/test842 @@ -17,14 +17,14 @@ AUTH OAUTHBEARER REPLY AUTHENTICATE + REPLY %b64[n,a=user,%01host=127.0.0.1%01port=%IMAPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% A002 OK AUTHENTICATE completed - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test843 b/tests/data/test843 index fa8df84c8f..934c6f7d92 100644 --- a/tests/data/test843 +++ b/tests/data/test843 @@ -18,14 +18,14 @@ AUTH OAUTHBEARER CAPA SASL-IR REPLY AUTHENTICATE A002 OK AUTHENTICATE completed - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test846 b/tests/data/test846 index bbbc92c51a..0ec5313e57 100644 --- a/tests/data/test846 +++ b/tests/data/test846 @@ -12,14 +12,14 @@ IMAP REPLY welcome * PREAUTH ready to serve already! REPLY CAPABILITY * CAPABILITY IMAP4REV1 I18NLEVEL=1 LITERAL+ IDLE UIDPLUS NAMESPACE CHILDREN MAILBOX-REFERRALS BINARY UNSELECT ESEARCH WITHIN SCAN SORT THREAD=REFERENCES THREAD=ORDEREDSUBJECT MULTIAPPEND SASL-IR LOGIN-REFERRALS STARTTLS LOGINDISABLED\r\nA001 OK CAPABILITY completed - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test847 b/tests/data/test847 index b78cad1189..ed6cc10891 100644 --- a/tests/data/test847 +++ b/tests/data/test847 @@ -10,14 +10,14 @@ FETCH # # Server-side - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test848 b/tests/data/test848 index 32f589d525..e233630d6f 100644 --- a/tests/data/test848 +++ b/tests/data/test848 @@ -16,14 +16,14 @@ AUTH PLAIN REPLY AUTHENTICATE + REPLY c2hhcmVkLW1haWxib3gAdXNlcgBzZWNyZXQ= A002 OK AUTHENTICATE completed - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test85 b/tests/data/test85 index ab9c2287db..0ffb07ab27 100644 --- a/tests/data/test85 +++ b/tests/data/test85 @@ -44,7 +44,7 @@ proxy # # Verify data after the test has been "shot" - + GET http://%HOSTIP:%HTTPPORT/we/want/that/page/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Proxy-Authorization: Basic %b64[testing:this]b64% diff --git a/tests/data/test850 b/tests/data/test850 index c9cf2ffae6..dcf3379770 100644 --- a/tests/data/test850 +++ b/tests/data/test850 @@ -10,14 +10,14 @@ RETR # # Server-side - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test853 b/tests/data/test853 index 29c4580452..ecdf7dd27e 100644 --- a/tests/data/test853 +++ b/tests/data/test853 @@ -18,10 +18,10 @@ SLOWDOWN # When doing LIST, we get the default list output hard-coded in the test # POP3 server - -1 100 -2 4294967400 -3 200 + +1 100 +2 4294967400 +3 200 diff --git a/tests/data/test857 b/tests/data/test857 index 6d1e7daddc..7b30182bcd 100644 --- a/tests/data/test857 +++ b/tests/data/test857 @@ -10,25 +10,25 @@ RETR # # Server-side - -From: me@somewhere -To: fake@nowhere - -..body with a single dot first -...triple dots... - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +..body with a single dot first +...triple dots... + +-- + yours sincerely - -From: me@somewhere -To: fake@nowhere - -.body with a single dot first -..triple dots... - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +.body with a single dot first +..triple dots... + +-- + yours sincerely diff --git a/tests/data/test86 b/tests/data/test86 index a0e562736f..ecd1f63214 100644 --- a/tests/data/test86 +++ b/tests/data/test86 @@ -64,7 +64,7 @@ HTTP, urlglob []-retrieval and -o #[num] usage # # Verify data after the test has been "shot" - + GET /%TESTNUMBER0001 HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test861 b/tests/data/test861 index dbcee53287..e1806eec77 100644 --- a/tests/data/test861 +++ b/tests/data/test861 @@ -13,14 +13,14 @@ RFC2449 # Server-side -CAPA UIDL USER +CAPA UIDL USER -# When doing UIDL, we get the default list output hard-coded in the test -# POP3 server - -1 1 -2 2 -3 4 +# When doing UIDL, we get the default list output hard-coded in the test +# POP3 server + +1 1 +2 2 +3 4 diff --git a/tests/data/test862 b/tests/data/test862 index 2484c8e98c..83a58fe350 100644 --- a/tests/data/test862 +++ b/tests/data/test862 @@ -13,12 +13,12 @@ RFC2449 # Server-side -CAPA TOP USER +CAPA TOP USER - -From: me@somewhere -To: fake@nowhere - + +From: me@somewhere +To: fake@nowhere + diff --git a/tests/data/test864 b/tests/data/test864 index d2ddb8dee9..a21fc25175 100644 --- a/tests/data/test864 +++ b/tests/data/test864 @@ -13,14 +13,14 @@ APOP CAPA APOP REPLY welcome +OK curl POP3 server ready to serve <1972.987654321\@curl> - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test865 b/tests/data/test865 index f88ba45ed4..0a9cd25d01 100644 --- a/tests/data/test865 +++ b/tests/data/test865 @@ -18,14 +18,14 @@ AUTH PLAIN REPLY AUTH + REPLY AHVzZXIAc2VjcmV0 +OK Login successful - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test866 b/tests/data/test866 index 2ea66bab38..7d3459dfe5 100644 --- a/tests/data/test866 +++ b/tests/data/test866 @@ -18,14 +18,14 @@ REPLY AUTH + VXNlcm5hbWU6 REPLY dXNlcg== + UGFzc3dvcmQ6 REPLY c2VjcmV0 +OK Login successful - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test867 b/tests/data/test867 index 4db0704c64..e05b332ad7 100644 --- a/tests/data/test867 +++ b/tests/data/test867 @@ -18,14 +18,14 @@ AUTH CRAM-MD5 REPLY AUTH + PDE5NzIuOTg3NjU0MzIxQGN1cmw+ REPLY dXNlciA3MDMxNzI1NTk5ZmRiYjVkNDEyNjg5YWEzMjNlM2UwYg== +OK Login successful - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test868 b/tests/data/test868 index 59284154c9..c2c8aa9642 100644 --- a/tests/data/test868 +++ b/tests/data/test868 @@ -16,17 +16,17 @@ NTLM AUTH NTLM REPLY AUTH + -REPLY TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= + TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== +REPLY TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= + TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== REPLY TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +OK Login successful - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test869 b/tests/data/test869 index 588be6f3a1..d10c6afb53 100644 --- a/tests/data/test869 +++ b/tests/data/test869 @@ -19,14 +19,14 @@ REPLY AUTH + cmVhbG09ImN1cmwiLG5vbmNlPSI1MzAwZDE3YTFkNjk1YmQ0MTFlNGNkZjk2Zjk1NDh REPLY dXNlcm5hbWU9InVzZXIiLHJlYWxtPSJjdXJsIixub25jZT0iNTMwMGQxN2ExZDY5NWJkNDExZTRjZGY5NmY5NTQ4YzIzY2VkNjE3NSIsY25vbmNlPSIzNDMzMzIzMTM1MzMzMjMxMzYzMzMyMzEzNzMzMzIzMSIsbmM9IjAwMDAwMDAxIixkaWdlc3QtdXJpPSJwb3AvMTI3LjAuMC4xIixyZXNwb25zZT0xODMxNTU0OGM3ZjNhMzdlNzE2ZmE4ZTkwZGZhYjliNixxb3A9YXV0aA== + cnNwYXV0aD1mZWNiMzZiNzA4NmUwYjk1ZDkwNjQ1OWVmYThjYzI5ZQ== REPLY +OK Login successful - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test87 b/tests/data/test87 index f5d689d45d..6bbb35a4f0 100644 --- a/tests/data/test87 +++ b/tests/data/test87 @@ -11,18 +11,18 @@ FAILURE # # Server-side - -HTTP/1.1 200 OK -Funny-head: yesyes -Content-Length: 15 - + +HTTP/1.1 200 OK +Funny-head: yesyes +Content-Length: 15 + the number one - -HTTP/1.1 200 OK -Funny-head: yesyes -Content-Length: 16 - + +HTTP/1.1 200 OK +Funny-head: yesyes +Content-Length: 16 + two is nice too @@ -50,11 +50,11 @@ urlglob with out of range -o #[num] usage # survives # - -HTTP/1.1 200 OK -Funny-head: yesyes -Content-Length: 16 - + +HTTP/1.1 200 OK +Funny-head: yesyes +Content-Length: 16 + two is nice too diff --git a/tests/data/test870 b/tests/data/test870 index d0870d3909..402cb69f97 100644 --- a/tests/data/test870 +++ b/tests/data/test870 @@ -18,14 +18,14 @@ AUTH XOAUTH2 REPLY AUTH + REPLY dXNlcj11c2VyAWF1dGg9QmVhcmVyIG1GXzkuQjVmLTQuMUpxTQEB +OK Login successful - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test871 b/tests/data/test871 index e0afbee001..7a2e2603d4 100644 --- a/tests/data/test871 +++ b/tests/data/test871 @@ -18,14 +18,14 @@ RFC5034 AUTH PLAIN REPLY AUTH +OK Login successful - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test872 b/tests/data/test872 index 439bbf6b14..6407a663e5 100644 --- a/tests/data/test872 +++ b/tests/data/test872 @@ -18,14 +18,14 @@ AUTH LOGIN REPLY AUTH + UGFzc3dvcmQ6 REPLY c2VjcmV0 +OK Login successful - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test873 b/tests/data/test873 index e6ac4057d6..30a733e4ef 100644 --- a/tests/data/test873 +++ b/tests/data/test873 @@ -19,14 +19,14 @@ AUTH NTLM REPLY AUTH + TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== REPLY TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= +OK Login successful - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test874 b/tests/data/test874 index cbb1fbe137..40942d7965 100644 --- a/tests/data/test874 +++ b/tests/data/test874 @@ -18,14 +18,14 @@ RFC6749 AUTH XOAUTH2 REPLY AUTH +OK Login successful - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test879 b/tests/data/test879 index 75aed2ba3d..ad37486d29 100644 --- a/tests/data/test879 +++ b/tests/data/test879 @@ -22,14 +22,14 @@ REPLY * -ERR AUTH exchange cancelled by client REPLY "AUTH PLAIN" + REPLY AHVzZXIAc2VjcmV0 +OK Login successful - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test88 b/tests/data/test88 index db3eb6cd5a..39c2fb82e0 100644 --- a/tests/data/test88 +++ b/tests/data/test88 @@ -12,39 +12,39 @@ HTTP Digest auth auth_required - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" -Content-Type: text/html; charset=iso-8859-1 -Connection: close - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" +Content-Type: text/html; charset=iso-8859-1 +Connection: close + This is not the real page # This is supposed to be returned when the server gets a # Authorization: Digest line passed-in from the client - -HTTP/1.1 200 OK swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Connection: close - + +HTTP/1.1 200 OK swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Connection: close + This IS the real page! - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" -Content-Type: text/html; charset=iso-8859-1 -Connection: close - -HTTP/1.1 200 OK swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -Content-Type: text/html; charset=iso-8859-1 -Connection: close - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Digest realm="testrealm", nonce="1053604145" +Content-Type: text/html; charset=iso-8859-1 +Connection: close + +HTTP/1.1 200 OK swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +Content-Type: text/html; charset=iso-8859-1 +Connection: close + This IS the real page! diff --git a/tests/data/test880 b/tests/data/test880 index bb92f7f296..d7fc296763 100644 --- a/tests/data/test880 +++ b/tests/data/test880 @@ -22,14 +22,14 @@ REPLY * -ERR AUTH exchange cancelled by client REPLY "AUTH PLAIN" + REPLY AHVzZXIAc2VjcmV0 +OK Login successful - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test881 b/tests/data/test881 index 16caf49a31..7dbbd21a41 100644 --- a/tests/data/test881 +++ b/tests/data/test881 @@ -22,14 +22,14 @@ REPLY * -ERR AUTH exchange cancelled by client REPLY "AUTH PLAIN" + REPLY AHVzZXIAc2VjcmV0 +OK Login successful - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test882 b/tests/data/test882 index bfecd45070..b6fecd6116 100644 --- a/tests/data/test882 +++ b/tests/data/test882 @@ -12,16 +12,16 @@ connection reuse # Server-side -REPLY "PASS secret" +OK Login successful +REPLY "PASS secret" +OK Login successful - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test883 b/tests/data/test883 index a82a762dc6..2ca23c1e7a 100644 --- a/tests/data/test883 +++ b/tests/data/test883 @@ -18,14 +18,14 @@ AUTH EXTERNAL REPLY AUTH + REPLY dXNlcg== +OK Login successful - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test884 b/tests/data/test884 index ebe013fe27..98b311c024 100644 --- a/tests/data/test884 +++ b/tests/data/test884 @@ -18,14 +18,14 @@ AUTH EXTERNAL REPLY AUTH + REPLY = +OK Login successful - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test885 b/tests/data/test885 index 16c6810bcf..ab452732d1 100644 --- a/tests/data/test885 +++ b/tests/data/test885 @@ -18,14 +18,14 @@ RFC5034 AUTH EXTERNAL REPLY AUTH +OK Login successful - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test886 b/tests/data/test886 index f6de7c1db1..1c463ef829 100644 --- a/tests/data/test886 +++ b/tests/data/test886 @@ -18,14 +18,14 @@ RFC5034 AUTH EXTERNAL REPLY AUTH +OK Login successful - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test887 b/tests/data/test887 index bb40d1b9ce..5075a6fe3a 100644 --- a/tests/data/test887 +++ b/tests/data/test887 @@ -19,14 +19,14 @@ AUTH OAUTHBEARER REPLY AUTH + REPLY %b64[n,a=user,%01host=127.0.0.1%01port=%POP3PORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64% +OK Login successful - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test888 b/tests/data/test888 index 2d89a3cf3b..b6e2224774 100644 --- a/tests/data/test888 +++ b/tests/data/test888 @@ -19,14 +19,14 @@ RFC7628 AUTH OAUTHBEARER REPLY AUTH +OK Login successful - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test89 b/tests/data/test89 index f1a7a539e2..049b2b0b69 100644 --- a/tests/data/test89 +++ b/tests/data/test89 @@ -16,71 +16,71 @@ NTLM This is supposed to be returned when the server gets a first Authorization: NTLM line passed-in from the client --> - -HTTP/1.1 401 Now gimme that second request of crap -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== - + +HTTP/1.1 401 Now gimme that second request of crap +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + This is not the real page either! # This is supposed to be returned when the server gets the second # Authorization: NTLM line passed-in from the client - -HTTP/1.1 301 Things are fine in server land swsclose -Server: Microsoft-IIS/5.0 -Connection: close -Location: /you/%TESTNUMBER0010 - + +HTTP/1.1 301 Things are fine in server land swsclose +Server: Microsoft-IIS/5.0 +Connection: close +Location: /you/%TESTNUMBER0010 + # This is the first reply after the redirection - -HTTP/1.1 401 Now gimme that second round of crap -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== - + +HTTP/1.1 401 Now gimme that second round of crap +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + This is not the real page either! # This is supposed to be returned when the server gets the second # Authorization: NTLM line passed-in from the client - -HTTP/1.1 200 Things are fine in server land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 200 Things are fine in server land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! - -HTTP/1.1 401 Now gimme that second request of crap -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== - -HTTP/1.1 301 Things are fine in server land swsclose -Server: Microsoft-IIS/5.0 -Connection: close -Location: /you/%TESTNUMBER0010 - -HTTP/1.1 401 Now gimme that second round of crap -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== - -HTTP/1.1 200 Things are fine in server land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 401 Now gimme that second request of crap +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + +HTTP/1.1 301 Things are fine in server land swsclose +Server: Microsoft-IIS/5.0 +Connection: close +Location: /you/%TESTNUMBER0010 + +HTTP/1.1 401 Now gimme that second round of crap +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + +HTTP/1.1 200 Things are fine in server land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! @@ -106,7 +106,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --ntlm -L # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= diff --git a/tests/data/test892 b/tests/data/test892 index 67f9711568..0b19c744e3 100644 --- a/tests/data/test892 +++ b/tests/data/test892 @@ -18,14 +18,14 @@ AUTH PLAIN REPLY AUTH + REPLY c2hhcmVkLW1haWxib3gAdXNlcgBzZWNyZXQ= +OK Login successful - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test895 b/tests/data/test895 index 79f9a9984e..d165572088 100644 --- a/tests/data/test895 +++ b/tests/data/test895 @@ -11,14 +11,14 @@ FETCH # # Server-side - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test897 b/tests/data/test897 index 8e59d75d14..e7119cf34d 100644 --- a/tests/data/test897 +++ b/tests/data/test897 @@ -10,11 +10,11 @@ FETCH # # Server-side - -body - --- - yours sincerely + +body + +-- + yours sincerely POSTFETCH extra stuff sent in the envelope after the body @@ -45,26 +45,26 @@ A003 SELECT %TESTNUMBER A004 FETCH 123 BODY[1] A005 LOGOUT - - _ _ ____ _ - ___| | | | _ \| | - / __| | | | |_) | | - | (__| |_| | _ {| |___ - \___|\___/|_| \_\_____| -* OK curl IMAP server ready to serve -A001 BAD Command -A002 OK LOGIN completed -* 172 EXISTS -* 1 RECENT -* OK [UNSEEN 12] Message 12 is first unseen -* OK [UIDVALIDITY 3857529045] UIDs valid -* OK [UIDNEXT 4392] Predicted next UID -* FLAGS (\Answered \Flagged \Deleted \Seen \Draft) -* OK [PERMANENTFLAGS (\Deleted \Seen \*)] Limited -A003 OK [READ-WRITE] SELECT completed -* 123 FETCH (BODY[1] {31} -extra stuff sent in the envelope after the body) -A004 OK FETCH completed + + _ _ ____ _%spc%%spc%%spc%%spc%%spc% + ___| | | | _ \| |%spc%%spc%%spc%%spc% + / __| | | | |_) | |%spc%%spc%%spc%%spc% + | (__| |_| | _ {| |___%spc% + \___|\___/|_| \_\_____| +* OK curl IMAP server ready to serve +A001 BAD Command +A002 OK LOGIN completed +* 172 EXISTS +* 1 RECENT +* OK [UNSEEN 12] Message 12 is first unseen +* OK [UIDVALIDITY 3857529045] UIDs valid +* OK [UIDNEXT 4392] Predicted next UID +* FLAGS (\Answered \Flagged \Deleted \Seen \Draft) +* OK [PERMANENTFLAGS (\Deleted \Seen \*)] Limited +A003 OK [READ-WRITE] SELECT completed +* 123 FETCH (BODY[1] {31} +extra stuff sent in the envelope after the body) +A004 OK FETCH completed diff --git a/tests/data/test898 b/tests/data/test898 index 78213414e5..1e4211207c 100644 --- a/tests/data/test898 +++ b/tests/data/test898 @@ -74,7 +74,7 @@ HTTP with custom auth and cookies redirected to HTTP on a diff port # # Verify data after the test has been "shot" - + GET http://firsthost.com/ HTTP/1.1 Host: firsthost.com User-Agent: curl/%VERSION diff --git a/tests/data/test899 b/tests/data/test899 index e1d70920c2..cb244876cc 100644 --- a/tests/data/test899 +++ b/tests/data/test899 @@ -10,7 +10,7 @@ HTTP Basic auth # # Server-side - + HTTP/1.1 302 go go go Content-Length: 8 Location: http://user:pass@%HOSTIP:%HTTPPORT/basic-auth/user/%TESTNUMBER0002 @@ -19,7 +19,7 @@ Funny-head: yesyes notreal - + HTTP/1.1 200 OK Content-Length: 6 Content-Type: text/html @@ -46,7 +46,7 @@ http://first:secret@%HOSTIP:%HTTPPORT/%TESTNUMBER -L # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[first:secret]b64% diff --git a/tests/data/test90 b/tests/data/test90 index 98c4073766..25b8d10555 100644 --- a/tests/data/test90 +++ b/tests/data/test90 @@ -12,113 +12,113 @@ NTLM # Server-side - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Basic -WWW-Authenticate: Wild-and-crazy -WWW-Authenticate: NTLM -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Basic +WWW-Authenticate: Wild-and-crazy +WWW-Authenticate: NTLM +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + This is not the real page # This is supposed to be returned when the server gets a first # Authorization: NTLM line passed-in from the client - -HTTP/1.1 401 Now gimme that second request of crap -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== - + +HTTP/1.1 401 Now gimme that second request of crap +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + This is not the real page either! # This is supposed to be returned when the server gets the second # Authorization: NTLM line passed-in from the client - -HTTP/1.1 301 Things are fine in server land swsclose -Server: Microsoft-IIS/5.0 -Connection: close -Location: /you/%TESTNUMBER0010 - + +HTTP/1.1 301 Things are fine in server land swsclose +Server: Microsoft-IIS/5.0 +Connection: close +Location: /you/%TESTNUMBER0010 + # This is the first reply after the redirection - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Basic -WWW-Authenticate: Wild-and-crazy -WWW-Authenticate: NTLM -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Basic +WWW-Authenticate: Wild-and-crazy +WWW-Authenticate: NTLM +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + This is not the real page - -HTTP/1.1 401 Now gimme that second round of crap -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== - + +HTTP/1.1 401 Now gimme that second round of crap +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + This is not the real page either! # This is supposed to be returned when the server gets the second # Authorization: NTLM line passed-in from the client - -HTTP/1.1 200 Things are fine in server land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 200 Things are fine in server land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Basic -WWW-Authenticate: Wild-and-crazy -WWW-Authenticate: NTLM -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - -HTTP/1.1 401 Now gimme that second request of crap -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== - -HTTP/1.1 301 Things are fine in server land swsclose -Server: Microsoft-IIS/5.0 -Connection: close -Location: /you/%TESTNUMBER0010 - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Basic -WWW-Authenticate: Wild-and-crazy -WWW-Authenticate: NTLM -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 26 - -HTTP/1.1 401 Now gimme that second round of crap -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 34 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== - -HTTP/1.1 200 Things are fine in server land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Basic +WWW-Authenticate: Wild-and-crazy +WWW-Authenticate: NTLM +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + +HTTP/1.1 401 Now gimme that second request of crap +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + +HTTP/1.1 301 Things are fine in server land swsclose +Server: Microsoft-IIS/5.0 +Connection: close +Location: /you/%TESTNUMBER0010 + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Basic +WWW-Authenticate: Wild-and-crazy +WWW-Authenticate: NTLM +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 26 + +HTTP/1.1 401 Now gimme that second round of crap +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 34 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + +HTTP/1.1 200 Things are fine in server land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! @@ -144,7 +144,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --anyauth -L # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test901 b/tests/data/test901 index 043f3fad49..7e0b7034ac 100644 --- a/tests/data/test901 +++ b/tests/data/test901 @@ -19,17 +19,17 @@ smtp SMTP with CRLF-dot-CRLF in data - -From: different -To: another - - -. -. - -. - -body + +From: different +To: another + + +. +. + +. + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -T - diff --git a/tests/data/test902 b/tests/data/test902 index 809a15d03f..b913e4fcc8 100644 --- a/tests/data/test902 +++ b/tests/data/test902 @@ -24,11 +24,11 @@ smtp RFC821-only SMTP server (EHLO not supported) - -From: different -To: another - -body + +From: different +To: another + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -T - diff --git a/tests/data/test903 b/tests/data/test903 index fb2ff01278..07c2cd3d3a 100644 --- a/tests/data/test903 +++ b/tests/data/test903 @@ -28,8 +28,8 @@ smtp SMTP plain authentication - -mail body + +mail body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -u user:secret -T - diff --git a/tests/data/test904 b/tests/data/test904 index ee797b1600..1c60c28fe5 100644 --- a/tests/data/test904 +++ b/tests/data/test904 @@ -28,8 +28,8 @@ smtp SMTP login authentication - -mail body + +mail body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -u user:secret -T - diff --git a/tests/data/test905 b/tests/data/test905 index 15114e5b5a..2c6f6e7c57 100644 --- a/tests/data/test905 +++ b/tests/data/test905 @@ -32,8 +32,8 @@ digest SMTP CRAM-MD5 authentication - -mail body + +mail body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -u user:secret -T - diff --git a/tests/data/test906 b/tests/data/test906 index 5e3ea35ceb..4b99598e37 100644 --- a/tests/data/test906 +++ b/tests/data/test906 @@ -15,7 +15,7 @@ NTLM AUTH NTLM REPLY AUTH 334 NTLM supported -REPLY TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= 334 TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== +REPLY TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= 334 TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== REPLY TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= 235 Authenticated @@ -34,8 +34,8 @@ SSL SMTP NTLM authentication - -mail body + +mail body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -u testuser:testpass -T - diff --git a/tests/data/test907 b/tests/data/test907 index 3bd4612dd8..48ae320b81 100644 --- a/tests/data/test907 +++ b/tests/data/test907 @@ -38,8 +38,8 @@ CURL_ENTROPY=12345678 SMTP DIGEST-MD5 authentication - -mail body + +mail body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -u user:secret -T - diff --git a/tests/data/test908 b/tests/data/test908 index d1a1bdbdc7..7bd4d5190b 100644 --- a/tests/data/test908 +++ b/tests/data/test908 @@ -28,8 +28,8 @@ smtp SMTP OAuth 2.0 (XOAUTH2) authentication - -mail body + +mail body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -u user --oauth2-bearer mF_9.B5f-4.1JqM -T - diff --git a/tests/data/test909 b/tests/data/test909 index 2c543fe1af..91b7207257 100644 --- a/tests/data/test909 +++ b/tests/data/test909 @@ -19,11 +19,11 @@ smtp SMTP without SIZE support - -From: different -To: another - -body + +From: different +To: another + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -T %LOGDIR/test%TESTNUMBER.eml diff --git a/tests/data/test91 b/tests/data/test91 index cd15c80e1c..cb68194ae0 100644 --- a/tests/data/test91 +++ b/tests/data/test91 @@ -9,62 +9,62 @@ NTLM # Server-side - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Magic-Negotiate -WWW-Authenticate: NTLM -WWW-Authenticate: Basic realm="daniel" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 -Connection: close - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Magic-Negotiate +WWW-Authenticate: NTLM +WWW-Authenticate: Basic realm="daniel" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 +Connection: close + # This is supposed to be returned when the server gets a first # Authorization: NTLM line passed-in from the client - -HTTP/1.1 401 Now gimme that second request of crap -Server: Microsoft-IIS/5.0 -Content-Length: 34 -Content-Type: text/html; charset=iso-8859-1 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== - + +HTTP/1.1 401 Now gimme that second request of crap +Server: Microsoft-IIS/5.0 +Content-Length: 34 +Content-Type: text/html; charset=iso-8859-1 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + This is not the real page either! # This is supposed to be returned when the server gets the second # Authorization: NTLM line passed-in from the client - -HTTP/1.1 200 Things are fine in server land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 200 Things are fine in server land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! - -HTTP/1.1 401 Authorization Required swsclose -Server: Apache/1.3.27 (Darwin) PHP/4.1.2 -WWW-Authenticate: Magic-Negotiate -WWW-Authenticate: NTLM -WWW-Authenticate: Basic realm="daniel" -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 0 -Connection: close - -HTTP/1.1 401 Now gimme that second request of crap -Server: Microsoft-IIS/5.0 -Content-Length: 34 -Content-Type: text/html; charset=iso-8859-1 -WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== - -HTTP/1.1 200 Things are fine in server land swsclose -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 32 - + +HTTP/1.1 401 Authorization Required swsclose +Server: Apache/1.3.27 (Darwin) PHP/4.1.2 +WWW-Authenticate: Magic-Negotiate +WWW-Authenticate: NTLM +WWW-Authenticate: Basic realm="daniel" +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 0 +Connection: close + +HTTP/1.1 401 Now gimme that second request of crap +Server: Microsoft-IIS/5.0 +Content-Length: 34 +Content-Type: text/html; charset=iso-8859-1 +WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== + +HTTP/1.1 200 Things are fine in server land swsclose +Server: Microsoft-IIS/5.0 +Content-Type: text/html; charset=iso-8859-1 +Content-Length: 32 + Finally, this is the real page! @@ -90,7 +90,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --anyauth -u mydomain\\myself:secret # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test910 b/tests/data/test910 index 21a3ef2044..bc572a36ee 100644 --- a/tests/data/test910 +++ b/tests/data/test910 @@ -19,10 +19,10 @@ smtp SMTP without terminating CRLF - -From: different -To: another - + +From: different +To: another + body diff --git a/tests/data/test912 b/tests/data/test912 index b45d603f9d..a5e284c7e6 100644 --- a/tests/data/test912 +++ b/tests/data/test912 @@ -23,11 +23,11 @@ smtp SMTP with SIZE support - -From: different -To: another - -body + +From: different +To: another + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -T %LOGDIR/test%TESTNUMBER.eml diff --git a/tests/data/test913 b/tests/data/test913 index 81a46ca2bd..20373cf183 100644 --- a/tests/data/test913 +++ b/tests/data/test913 @@ -23,11 +23,11 @@ smtp SMTP with large message SIZE - -From: different -To: another - -body + +From: different +To: another + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -T %LOGDIR/test%TESTNUMBER.eml diff --git a/tests/data/test914 b/tests/data/test914 index 2595dbccff..a4a617a8be 100644 --- a/tests/data/test914 +++ b/tests/data/test914 @@ -22,11 +22,11 @@ smtp SMTP invalid --mail-from - -From: different -To: another - -body + +From: different +To: another + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from invalid -T %LOGDIR/test%TESTNUMBER.eml diff --git a/tests/data/test915 b/tests/data/test915 index 6b76e62f13..5243da9003 100644 --- a/tests/data/test915 +++ b/tests/data/test915 @@ -19,11 +19,11 @@ smtp SMTP without --mail-from - -From: different -To: another - -body + +From: different +To: another + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com -T - diff --git a/tests/data/test916 b/tests/data/test916 index 138277d580..9d25ccae3d 100644 --- a/tests/data/test916 +++ b/tests/data/test916 @@ -19,11 +19,11 @@ smtp SMTP with invalid --mail-rcpt - -From: different -To: another - -body + +From: different +To: another + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt invalid --mail-from sender@example.com -T - diff --git a/tests/data/test917 b/tests/data/test917 index 8607758aa5..5f009c7720 100644 --- a/tests/data/test917 +++ b/tests/data/test917 @@ -19,11 +19,11 @@ smtp SMTP with multiple --mail-rcpt - -From: different -To: another - -body + +From: different +To: another + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient.one@example.com --mail-rcpt recipient.two@example.com --mail-rcpt recipient.three@example.com --mail-rcpt recipient.four@example.com --mail-rcpt recipient.five@example.com --mail-from sender@example.com -T - diff --git a/tests/data/test918 b/tests/data/test918 index 54485cbb20..491e8be195 100644 --- a/tests/data/test918 +++ b/tests/data/test918 @@ -19,11 +19,11 @@ smtp SMTP with multiple and invalid --mail-rcpt - -From: different -To: another - -body + +From: different +To: another + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient.one@example.com --mail-rcpt invalid --mail-rcpt recipient.three@example.com --mail-rcpt sTrAnGe --mail-rcpt recipient.five@example.com --mail-from sender@example.com -T - diff --git a/tests/data/test919 b/tests/data/test919 index 7448b8a173..0d2ff8e119 100644 --- a/tests/data/test919 +++ b/tests/data/test919 @@ -28,8 +28,8 @@ smtp SMTP plain authentication with initial response - -mail body + +mail body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -u user:secret --sasl-ir -T - diff --git a/tests/data/test92 b/tests/data/test92 index 341f16b230..509bfe75dd 100644 --- a/tests/data/test92 +++ b/tests/data/test92 @@ -10,7 +10,7 @@ Resume # Server-side - + HTTP/1.1 416 Requested Range Not Satisfiable Date: Fri, 24 Oct 2003 21:33:12 GMT Server: Apache/1.3.19 (Unix) (Red-Hat/Linux) mod_ssl/2.8.1 OpenSSL/0.9.6 PHP/4.3.1 @@ -25,7 +25,7 @@ bad # The body should be ignored. - + HTTP/1.1 416 Requested Range Not Satisfiable Date: Fri, 24 Oct 2003 21:33:12 GMT Server: Apache/1.3.19 (Unix) (Red-Hat/Linux) mod_ssl/2.8.1 OpenSSL/0.9.6 PHP/4.3.1 @@ -54,7 +54,7 @@ http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -C 87 # Verify data after the test has been "shot" - + GET /want/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Range: bytes=87- diff --git a/tests/data/test920 b/tests/data/test920 index 1445db2413..8720386662 100644 --- a/tests/data/test920 +++ b/tests/data/test920 @@ -28,8 +28,8 @@ smtp SMTP login authentication with initial response - -mail body + +mail body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -u user:secret --sasl-ir -T - diff --git a/tests/data/test921 b/tests/data/test921 index fbf338081e..664b98d80c 100644 --- a/tests/data/test921 +++ b/tests/data/test921 @@ -15,7 +15,7 @@ NTLM AUTH NTLM -REPLY AUTH 334 TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== +REPLY AUTH 334 TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== REPLY TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= 235 Authenticated @@ -34,8 +34,8 @@ SSL SMTP NTLM authentication with initial response - -mail body + +mail body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -u testuser:testpass --sasl-ir -T - diff --git a/tests/data/test922 b/tests/data/test922 index 76d891296f..a8b1e20a44 100644 --- a/tests/data/test922 +++ b/tests/data/test922 @@ -28,8 +28,8 @@ smtp SMTP OAuth 2.0 (XOAUTH2) authentication with initial response - -mail body + +mail body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -u user --oauth2-bearer mF_9.B5f-4.1JqM --sasl-ir -T - diff --git a/tests/data/test924 b/tests/data/test924 index 5554258370..986b4e9956 100644 --- a/tests/data/test924 +++ b/tests/data/test924 @@ -9,11 +9,11 @@ VRFY # # Server-side - -553-Ambiguous; Possibilities are: -553-Joe Smith -553-Harry Smith -553 Melvin Smith + +553-Ambiguous; Possibilities are: +553-Joe Smith +553-Harry Smith +553 Melvin Smith diff --git a/tests/data/test925 b/tests/data/test925 index 7640230969..43ef4089e6 100644 --- a/tests/data/test925 +++ b/tests/data/test925 @@ -9,8 +9,8 @@ VRFY # # Server-side - -252 Send some mail and I'll try my best + +252 Send some mail and I'll try my best diff --git a/tests/data/test926 b/tests/data/test926 index 8b76424a6f..5aaee45e34 100644 --- a/tests/data/test926 +++ b/tests/data/test926 @@ -10,7 +10,7 @@ VRFY # Server-side -REPLY VRFY 550 Unknown user +REPLY VRFY 550 Unknown user diff --git a/tests/data/test927 b/tests/data/test927 index f2edc050f9..7c81632d9b 100644 --- a/tests/data/test927 +++ b/tests/data/test927 @@ -10,10 +10,10 @@ CUSTOMREQUEST # # Server-side - -250-Joe Smith -250-Harry Smith -250 Melvin Smith + +250-Joe Smith +250-Harry Smith +250 Melvin Smith diff --git a/tests/data/test928 b/tests/data/test928 index 33ae7b7d00..a8f4032b4c 100644 --- a/tests/data/test928 +++ b/tests/data/test928 @@ -9,9 +9,9 @@ HELP # # Server-side - -214-This server supports the following commands: -214 HELO EHLO RCPT DATA RSET MAIL VRFY EXPN QUIT HELP + +214-This server supports the following commands: +214 HELO EHLO RCPT DATA RSET MAIL VRFY EXPN QUIT HELP diff --git a/tests/data/test93 b/tests/data/test93 index 1d6cdcc95b..d7da311f1e 100644 --- a/tests/data/test93 +++ b/tests/data/test93 @@ -39,7 +39,7 @@ proxy # # Verify data after the test has been "shot" - + GET http://%HOSTIP:%HTTPPORT/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test935 b/tests/data/test935 index dd13a6294b..5f0dc9b0d3 100644 --- a/tests/data/test935 +++ b/tests/data/test935 @@ -36,8 +36,8 @@ digest SMTP CRAM-MD5 authentication with SASL downgrade - -mail body + +mail body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -u user:secret -T - diff --git a/tests/data/test936 b/tests/data/test936 index f829b25e9b..cd0fe30e3f 100644 --- a/tests/data/test936 +++ b/tests/data/test936 @@ -37,8 +37,8 @@ SSL SMTP NTLM authentication with SASL downgrade - -mail body + +mail body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -u user:secret -T - diff --git a/tests/data/test937 b/tests/data/test937 index 8a3bfcd4b6..8060d8e940 100644 --- a/tests/data/test937 +++ b/tests/data/test937 @@ -38,8 +38,8 @@ digest SMTP DIGEST-MD5 authentication with SASL downgrade - -mail body + +mail body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -u user:secret -T - diff --git a/tests/data/test938 b/tests/data/test938 index af1d4c834a..d539b7cb80 100644 --- a/tests/data/test938 +++ b/tests/data/test938 @@ -17,7 +17,7 @@ RFC4954 AUTH PLAIN REPLY AUTH 334 PLAIN supported REPLY dXNlci5vbmUAdXNlci5vbmUAc2VjcmV0 235 Authenticated -REPLY dXNlci50d28AdXNlci50d28Ac2VjcmV0 235 Authenticated +REPLY dXNlci50d28AdXNlci50d28Ac2VjcmV0 235 Authenticated @@ -30,8 +30,8 @@ smtp SMTP multiple connection authentication - -mail body + +mail body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER001 --mail-rcpt recipient@example.com --mail-from sender@example.com -u user.one:secret -T %LOGDIR/upload%TESTNUMBER -: smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER002 --mail-rcpt recipient@example.com --mail-from sender@example.com -u user.two:secret -T %LOGDIR/upload%TESTNUMBER diff --git a/tests/data/test939 b/tests/data/test939 index d0e284574f..68fc9f87c7 100644 --- a/tests/data/test939 +++ b/tests/data/test939 @@ -23,8 +23,8 @@ smtp RFC821-only SMTP with username and password - -mail body + +mail body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -u user:secret -T - diff --git a/tests/data/test94 b/tests/data/test94 index 4840bd1f42..6c6aeb2e82 100644 --- a/tests/data/test94 +++ b/tests/data/test94 @@ -45,7 +45,7 @@ https://test.anything.really.com:%TESTNUMBER --proxy1.0 %HOSTIP:%HTTPPORT 56 - + CONNECT test.anything.really.com:%TESTNUMBER HTTP/1.0 Host: test.anything.really.com:%TESTNUMBER User-Agent: curl/%VERSION diff --git a/tests/data/test940 b/tests/data/test940 index eb9d4a6fb9..fa64163bd9 100644 --- a/tests/data/test940 +++ b/tests/data/test940 @@ -19,8 +19,8 @@ smtp SMTP with username and password but no AUTH capability - -mail body + +mail body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -u user:secret -T - diff --git a/tests/data/test942 b/tests/data/test942 index ba9b9a19eb..664ba4ea7d 100644 --- a/tests/data/test942 +++ b/tests/data/test942 @@ -28,8 +28,8 @@ smtp SMTP external authentication - -mail body + +mail body 'smtp://user;AUTH=EXTERNAL@%HOSTIP:%SMTPPORT/%TESTNUMBER' --mail-rcpt recipient@example.com --mail-from sender@example.com -T - diff --git a/tests/data/test943 b/tests/data/test943 index 426beae6e6..2003caf904 100644 --- a/tests/data/test943 +++ b/tests/data/test943 @@ -28,8 +28,8 @@ smtp SMTP external authentication without credentials - -mail body + +mail body 'smtp://;AUTH=EXTERNAL@%HOSTIP:%SMTPPORT/%TESTNUMBER' --mail-rcpt recipient@example.com --mail-from sender@example.com -T - diff --git a/tests/data/test944 b/tests/data/test944 index f87fb3b3e4..a00a44e635 100644 --- a/tests/data/test944 +++ b/tests/data/test944 @@ -28,8 +28,8 @@ smtp SMTP external authentication with initial response - -mail body + +mail body 'smtp://user;AUTH=EXTERNAL@%HOSTIP:%SMTPPORT/%TESTNUMBER' --mail-rcpt recipient@example.com --mail-from sender@example.com --sasl-ir -T - diff --git a/tests/data/test945 b/tests/data/test945 index 239c3270d3..5f34e31ab7 100644 --- a/tests/data/test945 +++ b/tests/data/test945 @@ -28,8 +28,8 @@ smtp SMTP external authentication with initial response without credentials - -mail body + +mail body 'smtp://;AUTH=EXTERNAL@%HOSTIP:%SMTPPORT/%TESTNUMBER' --mail-rcpt recipient@example.com --mail-from sender@example.com --sasl-ir -T - diff --git a/tests/data/test946 b/tests/data/test946 index 6c1765bec4..f463bfc4eb 100644 --- a/tests/data/test946 +++ b/tests/data/test946 @@ -29,8 +29,8 @@ smtp SMTP OAuth 2.0 (OAUTHBEARER) authentication - -mail body + +mail body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -u user --oauth2-bearer mF_9.B5f-4.1JqM -T - diff --git a/tests/data/test947 b/tests/data/test947 index c7e4c25037..995e54ed28 100644 --- a/tests/data/test947 +++ b/tests/data/test947 @@ -29,8 +29,8 @@ smtp SMTP OAuth 2.0 (OAUTHBEARER) authentication with initial response - -mail body + +mail body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -u user --oauth2-bearer mF_9.B5f-4.1JqM --sasl-ir -T - diff --git a/tests/data/test948 b/tests/data/test948 index c072b3a25c..5360f06509 100644 --- a/tests/data/test948 +++ b/tests/data/test948 @@ -30,8 +30,8 @@ smtp SMTP OAuth 2.0 (OAUTHBEARER) failure as continuation - -mail body + +mail body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -u user --oauth2-bearer mF_9.B5f-4.1JqM -T - diff --git a/tests/data/test949 b/tests/data/test949 index 24fdaa4e2a..2aec4feb9b 100644 --- a/tests/data/test949 +++ b/tests/data/test949 @@ -30,8 +30,8 @@ smtp SMTP OAuth 2.0 (OAUTHBEARER) failure as continuation with initial response - -mail body + +mail body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -u user --oauth2-bearer mF_9.B5f-4.1JqM --sasl-ir -T - diff --git a/tests/data/test95 b/tests/data/test95 index c30bb2f719..d7e2151361 100644 --- a/tests/data/test95 +++ b/tests/data/test95 @@ -21,9 +21,9 @@ Content-Length: 9 contents - -HTTP/1.1 200 Mighty fine indeed - + +HTTP/1.1 200 Mighty fine indeed + HTTP/1.1 200 Mighty fine indeed @@ -60,12 +60,12 @@ proxy # # Verify data after the test has been "shot" - -CONNECT test.%TESTNUMBER:%HTTPPORT HTTP/1.1 -Host: test.%TESTNUMBER:%HTTPPORT -User-Agent: curl/%VERSION -Proxy-Connection: Keep-Alive - + +CONNECT test.%TESTNUMBER:%HTTPPORT HTTP/1.1 +Host: test.%TESTNUMBER:%HTTPPORT +User-Agent: curl/%VERSION +Proxy-Connection: Keep-Alive + POST /we/want/that/page/%TESTNUMBER HTTP/1.1 diff --git a/tests/data/test950 b/tests/data/test950 index 670cf8f7e5..6f18037370 100644 --- a/tests/data/test950 +++ b/tests/data/test950 @@ -10,8 +10,8 @@ VRFY # # Server-side - -250 + +250 diff --git a/tests/data/test951 b/tests/data/test951 index c703d3d6ad..616c6cd523 100644 --- a/tests/data/test951 +++ b/tests/data/test951 @@ -19,8 +19,8 @@ smtp SMTP data with dot as first character - -.This first line starts with a dot + +.This first line starts with a dot smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -T - diff --git a/tests/data/test952 b/tests/data/test952 index e78cd3569a..f2a90bfbbd 100644 --- a/tests/data/test952 +++ b/tests/data/test952 @@ -19,8 +19,8 @@ smtp SMTP data with single dot-only line - -. + +. smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -T - diff --git a/tests/data/test953 b/tests/data/test953 index e5a1ad8d79..04ebe21466 100644 --- a/tests/data/test953 +++ b/tests/data/test953 @@ -28,8 +28,8 @@ smtp SMTP plain authentication with alternative authorization identity - -mail body + +mail body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -u kurt:xipj3plmq --sasl-authzid ursel -T - diff --git a/tests/data/test955 b/tests/data/test955 index adb5558bc6..be0565842f 100644 --- a/tests/data/test955 +++ b/tests/data/test955 @@ -29,11 +29,11 @@ LC_ALL=C.UTF-8 SMTP without SMTPUTF8 support - UTF-8 based sender (local part only) - -From: different -To: another - -body + +From: different +To: another + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from Avs%hex[%c3%a4]hex%ndaren@example.com -T - diff --git a/tests/data/test956 b/tests/data/test956 index fb78275a91..aaae3544d0 100644 --- a/tests/data/test956 +++ b/tests/data/test956 @@ -26,11 +26,11 @@ LC_ALL=C.UTF-8 SMTP without SMTPUTF8 support - UTF-8 based recipient (local part only) - -From: different -To: another - -body + +From: different +To: another + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt St%hex[%c3%b6]hex%dmottagaren@example.com --mail-from sender@example.com -T - diff --git a/tests/data/test959 b/tests/data/test959 index 07736ff0a9..3ee988c57f 100644 --- a/tests/data/test959 +++ b/tests/data/test959 @@ -30,11 +30,11 @@ LC_ALL=C.UTF-8 SMTP without SMTPUTF8 support - UTF-8 based sender (host part only) - -From: different -To: another - -body + +From: different +To: another + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@%hex[%c3%a5%c3%a4%c3%b6]hex%.se -T - diff --git a/tests/data/test960 b/tests/data/test960 index 52013ac5cf..64d5050a30 100644 --- a/tests/data/test960 +++ b/tests/data/test960 @@ -27,11 +27,11 @@ LC_ALL=C.UTF-8 SMTP without SMTPUTF8 support - UTF-8 based recipient (host part only) - -From: different -To: another - -body + +From: different +To: another + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@%hex[%c3%a5%c3%a4%c3%b6]hex%.se --mail-from sender@example.com -T - diff --git a/tests/data/test962 b/tests/data/test962 index 4625b01138..59ced3bc77 100644 --- a/tests/data/test962 +++ b/tests/data/test962 @@ -28,11 +28,11 @@ LC_ALL=C.UTF-8 SMTP without SMTPUTF8 support - UTF-8 based sender (host part only) - -From: different -To: another - -body + +From: different +To: another + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@%hex[%c3%a5%c3%a4%c3%b6]hex%.se -T - diff --git a/tests/data/test963 b/tests/data/test963 index 06245f6080..8b411458c6 100644 --- a/tests/data/test963 +++ b/tests/data/test963 @@ -28,11 +28,11 @@ LC_ALL=C.UTF-8 SMTP without SMTPUTF8 support (IDN) - UTF-8 recipient (host part only) - -From: different -To: another - -body + +From: different +To: another + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@%hex[%c3%a5%c3%a4%c3%b6]hex%.se --mail-from sender@example.com -T - diff --git a/tests/data/test965 b/tests/data/test965 index 0bf35b8357..b4ccc70425 100644 --- a/tests/data/test965 +++ b/tests/data/test965 @@ -31,11 +31,11 @@ LC_ALL=C.UTF-8 SMTP with SMTPUTF8 support - UTF-8 based sender - -From: different -To: another - -body + +From: different +To: another + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from Avs%hex[%c3%a4]hex%ndaren@%hex[%c3%a5%c3%a4%c3%b6]hex%.se -T - diff --git a/tests/data/test966 b/tests/data/test966 index 3a12b8bf96..24ef559766 100644 --- a/tests/data/test966 +++ b/tests/data/test966 @@ -31,11 +31,11 @@ LC_ALL=C.UTF-8 SMTP with SMTPUTF8 support - UTF-8 based recipient - -From: different -To: another - -body + +From: different +To: another + +body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt St%hex[%c3%b6]hex%dmottagaren@%hex[%c3%a5%c3%a4%c3%b6]hex%.se --mail-from sender@example.com -T - diff --git a/tests/data/test967 b/tests/data/test967 index b067e9684b..678e112cec 100644 --- a/tests/data/test967 +++ b/tests/data/test967 @@ -13,8 +13,8 @@ IDN CAPA SMTPUTF8 - -252 Send some mail and I'll try my best + +252 Send some mail and I'll try my best diff --git a/tests/data/test97 b/tests/data/test97 index fffb0be840..3029b2d46f 100644 --- a/tests/data/test97 +++ b/tests/data/test97 @@ -9,12 +9,12 @@ HTTP replaced headers # # Server-side - -HTTP/1.0 200 OK -Server: test-server/fake -Content-Type: text/html -Content-Length: 6 - + +HTTP/1.0 200 OK +Server: test-server/fake +Content-Type: text/html +Content-Length: 6 + blaha diff --git a/tests/data/test970 b/tests/data/test970 index 562a6c34f5..b5a8097710 100644 --- a/tests/data/test970 +++ b/tests/data/test970 @@ -51,7 +51,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --write-out '%{json}' -o %LOGDIR/out%TESTNU # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test972 b/tests/data/test972 index a0ba775808..241c25bed8 100644 --- a/tests/data/test972 +++ b/tests/data/test972 @@ -52,7 +52,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -s --write-out '%{json}\n' -o %LOGDIR/out97 # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test974 b/tests/data/test974 index 04575181a3..db1b2c6880 100644 --- a/tests/data/test974 +++ b/tests/data/test974 @@ -72,7 +72,7 @@ HTTP with auth redirected to HTTP on a diff port w/o auth # # Verify data after the test has been "shot" - + GET http://firsthost.com/ HTTP/1.1 Host: firsthost.com Authorization: Basic %b64[joe:secret]b64% diff --git a/tests/data/test976 b/tests/data/test976 index 8150a90736..400f7b45b9 100644 --- a/tests/data/test976 +++ b/tests/data/test976 @@ -72,7 +72,7 @@ HTTP with auth redirected to HTTP on a diff port --location-trusted # # Verify data after the test has been "shot" - + GET http://firsthost.com/ HTTP/1.1 Host: firsthost.com Authorization: Basic %b64[joe:secret]b64% diff --git a/tests/data/test977 b/tests/data/test977 index 352f4a859e..4777a514fa 100644 --- a/tests/data/test977 +++ b/tests/data/test977 @@ -44,7 +44,7 @@ URL with trailing dot and receiving a cookie for the TLD with dot # # Verify data after the test has been "shot" - + GET http://firsthost.me./ HTTP/1.1 Host: firsthost.me. User-Agent: curl/%VERSION diff --git a/tests/data/test978 b/tests/data/test978 index 810ffbb04e..343b681372 100644 --- a/tests/data/test978 +++ b/tests/data/test978 @@ -9,7 +9,7 @@ HTTP # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -42,7 +42,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --stderr %LOGDIR/redir --silent -w '%{stder # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test979 b/tests/data/test979 index 3cfc33a7e8..fe75d1e297 100644 --- a/tests/data/test979 +++ b/tests/data/test979 @@ -10,7 +10,7 @@ HTTP Basic auth # # Server-side - + HTTP/1.1 302 go go go Content-Length: 8 Location: http://%HOSTIP:%HTTPPORT/user/%TESTNUMBER0002 @@ -19,7 +19,7 @@ Funny-head: yesyes notreal - + HTTP/1.1 200 OK Content-Length: 6 Content-Type: text/html @@ -46,7 +46,7 @@ http://first:secret@%HOSTIP:%HTTPPORT/%TESTNUMBER -L -u smith:doggie # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Authorization: Basic %b64[smith:doggie]b64% diff --git a/tests/data/test98 b/tests/data/test98 index f9ff6dd64a..9074b1d60b 100644 --- a/tests/data/test98 +++ b/tests/data/test98 @@ -9,12 +9,12 @@ chunked Transfer-Encoding # # Server-side - -HTTP/1.0 200 OK -Server: test-server/fake -Content-Type: text/html -Content-Length: 6 - + +HTTP/1.0 200 OK +Server: test-server/fake +Content-Type: text/html +Content-Length: 6 + blaha diff --git a/tests/data/test987 b/tests/data/test987 index 4a0a08b429..312c406a70 100644 --- a/tests/data/test987 +++ b/tests/data/test987 @@ -20,11 +20,11 @@ smtps SMTPS with redundant explicit SSL request - -From: different -To: another - -body + +From: different +To: another + +body --insecure --ssl-reqd --mail-rcpt recipient@example.com --mail-from sender@example.com -T - smtps://%HOSTIP:%SMTPSPORT/%TESTNUMBER diff --git a/tests/data/test989 b/tests/data/test989 index dad0291dfd..5938cd818b 100644 --- a/tests/data/test989 +++ b/tests/data/test989 @@ -9,14 +9,14 @@ RETR # # Server-side - -From: me@somewhere -To: fake@nowhere - -body - --- - yours sincerely + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely diff --git a/tests/data/test99 b/tests/data/test99 index e9e887df2f..04de595ada 100644 --- a/tests/data/test99 +++ b/tests/data/test99 @@ -55,7 +55,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -C 9999999999 33 - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT Range: bytes=9999999999- diff --git a/tests/data/test990 b/tests/data/test990 index 5ddb57f3dd..194b56bd18 100644 --- a/tests/data/test990 +++ b/tests/data/test990 @@ -10,7 +10,7 @@ HTTP GET # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -43,7 +43,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w '%output{%LOGDIR/output}%{http_code}\n' # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test991 b/tests/data/test991 index 5a2cc62f30..8b3ac2b00d 100644 --- a/tests/data/test991 +++ b/tests/data/test991 @@ -10,7 +10,7 @@ HTTP GET # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -46,7 +46,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w '%output{>>%LOGDIR/output}%{http_code}' # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test992 b/tests/data/test992 index 2a5d15181e..772ad91e79 100644 --- a/tests/data/test992 +++ b/tests/data/test992 @@ -26,8 +26,8 @@ smtp SASL verify default mechanisms are reset by login options - -mail body + +mail body smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -u user --oauth2-bearer mF_9.B5f-4.1JqM --login-options "AUTH=XOAUTH2" -T - diff --git a/tests/data/test995 b/tests/data/test995 index f2ec85ea7a..92bd716c7a 100644 --- a/tests/data/test995 +++ b/tests/data/test995 @@ -9,7 +9,7 @@ HTTP GET # # Server-side - + HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake @@ -42,7 +42,7 @@ http # # Verify data after the test has been "shot" - + GET /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT User-Agent: curl/%VERSION diff --git a/tests/data/test998 b/tests/data/test998 index 88d3cb55ea..647eebc732 100644 --- a/tests/data/test998 +++ b/tests/data/test998 @@ -69,7 +69,7 @@ HTTP with auth in URL redirected to another host # # Verify data after the test has been "shot" - + GET http://somewhere.example/998 HTTP/1.1 Host: somewhere.example Authorization: Basic %b64[alberto:einstein]b64% diff --git a/tests/data/test999 b/tests/data/test999 index cee697e3a2..9731843f2d 100644 --- a/tests/data/test999 +++ b/tests/data/test999 @@ -59,7 +59,7 @@ HTTP with auth in first URL but not second # # Verify data after the test has been "shot" - + GET http://somewhere.example/%TESTNUMBER HTTP/1.1 Host: somewhere.example Authorization: Basic %b64[alberto:einstein]b64% diff --git a/tests/runner.pm b/tests/runner.pm index 1eef1f5b9d..328857e521 100644 --- a/tests/runner.pm +++ b/tests/runner.pm @@ -299,7 +299,7 @@ sub prepro { my (@entiretest) = @_; my $show = 1; my @out; - my $data_crlf; + my $data_crlf = ""; my @pshow; my @altshow; my $plvl; @@ -351,21 +351,26 @@ sub prepro { next; } if($show) { - # The processor does CRLF replacements in the sections if - # necessary since those parts might be read by separate servers. - if($s =~ /^ */) { - if($1 =~ /crlf="yes"/) { - $data_crlf = 1; + # The processor does CRLF replacements in the and + # sections if necessary since those parts might be read by separate + # servers. + if($s =~ /^ *<(data|connect)(.*)\>/) { + if($2 =~ /crlf="yes"/) { + $data_crlf = "yes"; + } + elsif($2 =~ /crlf="headers"/) { + $data_crlf = "headers"; } } - elsif(($s =~ /^ *<\/data/) && $data_crlf) { - $data_crlf = 0; + elsif(($s =~ /^ *<\/(data|connect)/) && $data_crlf ne "") { + $data_crlf = ""; } subvariables(\$s, $testnum, "%"); subbase64(\$s); subsha256base64file(\$s); substrippemfile(\$s); - subnewlines(0, \$s) if($data_crlf); + subnewlines(1, \$s) if($data_crlf eq "yes"); + subnewlines(0, \$s) if($data_crlf eq "headers"); push @out, $s; } } @@ -758,7 +763,6 @@ sub singletest_prepare { logmsg " $testnum: IGNORED: Section client=>file has no name attribute\n"; return -1; } - my $fileContent = join('', @inputfile); # make directories if needed my $path = dirname($filename); @@ -775,11 +779,15 @@ sub singletest_prepare { } if(open(my $outfile, ">", "$filename")) { binmode $outfile; # for crapage systems, use binary + if($fileattr{'nonewline'}) { # cut off the final newline - chomp($fileContent); + chomp($inputfile[-1]); } - print $outfile $fileContent; + if($fileattr{'crlf'}) { + subnewlines(1, \$_) for @inputfile; + } + print $outfile join('', @inputfile); close($outfile); } else { logmsg "ERROR: cannot write $filename\n"; @@ -947,6 +955,10 @@ sub singletest_run { chomp($stdintest[-1]); } + if($hash{'crlf'}) { + subnewlines(1, \$_) for @stdintest; + } + writearray($stdinfile, \@stdintest); $cmdargs .= " <$stdinfile"; diff --git a/tests/runtests.pl b/tests/runtests.pl index 5fd9819b17..ac74869543 100755 --- a/tests/runtests.pl +++ b/tests/runtests.pl @@ -1306,7 +1306,12 @@ sub singletest_check { } if($hash{'crlf'}) { - subnewlines(0, \$_) for @validstdout; + if($hash{'crlf'} eq "headers") { + subnewlines(0, \$_) for @validstdout; + } + else { + subnewlines(1, \$_) for @validstdout; + } } $res = compare($runnerid, $testnum, $testname, "stdout", \@actual, \@validstdout); @@ -1355,7 +1360,12 @@ sub singletest_check { } if($hash{'crlf'}) { - subnewlines(0, \$_) for @validstderr; + if($hash{'crlf'} eq "headers") { + subnewlines(0, \$_) for @validstderr; + } + else { + subnewlines(1, \$_) for @validstderr; + } } $res = compare($runnerid, $testnum, $testname, "stderr", \@actual, \@validstderr); @@ -1451,7 +1461,12 @@ sub singletest_check { chomp($replycheckpart[-1]); } if($replycheckpartattr{'crlf'}) { - subnewlines(0, \$_) for @replycheckpart; + if($replycheckpartattr{'crlf'} eq "headers") { + subnewlines(0, \$_) for @replycheckpart; + } + else { + subnewlines(1, \$_) for @replycheckpart; + } } push(@reply, @replycheckpart); } @@ -1472,7 +1487,12 @@ sub singletest_check { normalize_text(\@reply); } if($replyattr{'crlf'}) { - subnewlines(0, \$_) for @reply; + if($replyattr{'crlf'} eq "headers") { + subnewlines(0, \$_) for @reply; + } + else { + subnewlines(1, \$_) for @reply; + } } } @@ -1565,7 +1585,12 @@ sub singletest_check { } if($hash{'crlf'}) { - subnewlines(0, \$_) for @proxyprot; + if($hash{'crlf'} eq "headers") { + subnewlines(0, \$_) for @proxyprot; + } + else { + subnewlines(1, \$_) for @proxyprot; + } } $res = compare($runnerid, $testnum, $testname, "proxy", \@out, \@proxyprot); @@ -1623,7 +1648,12 @@ sub singletest_check { normalize_text(\@generated); } if($hash{'crlf'}) { - subnewlines(0, \$_) for @outfile; + if($hash{'crlf'} eq "headers") { + subnewlines(0, \$_) for @outfile; + } + else { + subnewlines(1, \$_) for @outfile; + } } for my $strip (@stripfilepar) { diff --git a/tests/testutil.pm b/tests/testutil.pm index cc7c2c778a..f139516cfa 100644 --- a/tests/testutil.pm +++ b/tests/testutil.pm @@ -164,7 +164,7 @@ sub subnewlines { return; } - if(($$thing =~ /^HTTP\/(1.1|1.0|2|3) [1-5][^\x0d]*\z/) || + if(($$thing =~ /^HTTP\/(1.1|1.0|2|3) ([1-5]|9)[^\x0d]*\z/) || ($$thing =~ /^(GET|HEAD|POST|PUT|DELETE|CONNECT) \S+ HTTP\/\d+(\.\d+)?/) || ($$thing =~ /^(SETUP|GET_PARAMETER|OPTIONS|ANNOUNCE|DESCRIBE) \S+ RTSP\/\d+(\.\d+)?/) || (($$thing =~ /^[a-z0-9_-]+: [^\x0d]*\z/i) && From feab3901241b0eef0724b38785ece4a7b99abb0c Mon Sep 17 00:00:00 2001 From: Joshua Rogers Date: Tue, 4 Nov 2025 00:15:22 +0800 Subject: [PATCH 0687/2408] rtsp: use explicit postfieldsize if specified Signed-off-by: Joshua Rogers Closes #19345 --- lib/rtsp.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/rtsp.c b/lib/rtsp.c index 1f952a07cc..95215b8d4b 100644 --- a/lib/rtsp.c +++ b/lib/rtsp.c @@ -298,7 +298,8 @@ static CURLcode rtsp_setup_body(struct Curl_easy *data, } else { if(data->set.postfields) { - size_t plen = strlen(data->set.postfields); + size_t plen = (data->set.postfieldsize >= 0) ? + (size_t)data->set.postfieldsize : strlen(data->set.postfields); req_clen = (curl_off_t)plen; result = Curl_creader_set_buf(data, data->set.postfields, plen); } From 5ec87346a9bfad1a24f97c378595df8b7c68bda7 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 3 Nov 2025 20:25:43 +0100 Subject: [PATCH 0688/2408] CURLOPT_POSTFIELDSIZE*: these also work for MQTT and RTSP Closes #19346 --- docs/libcurl/opts/CURLOPT_POSTFIELDSIZE.md | 2 ++ docs/libcurl/opts/CURLOPT_POSTFIELDSIZE_LARGE.md | 2 ++ 2 files changed, 4 insertions(+) diff --git a/docs/libcurl/opts/CURLOPT_POSTFIELDSIZE.md b/docs/libcurl/opts/CURLOPT_POSTFIELDSIZE.md index 5871e91d9b..10414e7eea 100644 --- a/docs/libcurl/opts/CURLOPT_POSTFIELDSIZE.md +++ b/docs/libcurl/opts/CURLOPT_POSTFIELDSIZE.md @@ -9,6 +9,8 @@ See-also: - CURLOPT_POSTFIELDSIZE_LARGE (3) Protocol: - HTTP + - MQTT + - RTSP Added-in: 7.2 --- diff --git a/docs/libcurl/opts/CURLOPT_POSTFIELDSIZE_LARGE.md b/docs/libcurl/opts/CURLOPT_POSTFIELDSIZE_LARGE.md index 16e874b667..e3d983e253 100644 --- a/docs/libcurl/opts/CURLOPT_POSTFIELDSIZE_LARGE.md +++ b/docs/libcurl/opts/CURLOPT_POSTFIELDSIZE_LARGE.md @@ -10,6 +10,8 @@ See-also: - CURLOPT_POSTFIELDSIZE (3) Protocol: - HTTP + - MQTT + - RTSP Added-in: 7.11.1 --- From e5299a1b878807d58f7ae0f829f0c2992c3aa2e1 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 3 Nov 2025 14:40:36 +0100 Subject: [PATCH 0689/2408] README.md: use the first paragraph from the man page Which also mentions all protocols Closes #19335 --- README.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 32a3c34fb0..e61924673a 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,11 @@ SPDX-License-Identifier: curl # [![curl logo](https://curl.se/logo/curl-logo.svg)](https://curl.se/) -curl is a command-line tool for transferring data specified with URL syntax. +curl is a command-line tool for transferring data from or to a server using +URLs. It supports these protocols: DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, +HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, +SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS. + Learn how to use curl by reading [the manpage](https://curl.se/docs/manpage.html) or [everything curl](https://everything.curl.dev/). From f8e7b1377bad3ab64dd2cd80a7761b8e524dc1c1 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 4 Nov 2025 08:50:11 +0100 Subject: [PATCH 0690/2408] BINDINGS: change dead link to archive.org version The Hollywood binding host name www.hollywood-mal.com does not seem to work anymore. Closes #19352 --- docs/BINDINGS.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/BINDINGS.md b/docs/BINDINGS.md index 61652fc34f..b7074a2275 100644 --- a/docs/BINDINGS.md +++ b/docs/BINDINGS.md @@ -61,7 +61,7 @@ Go: [go-curl](https://github.com/andelf/go-curl) by ShuYu Wang [Haskell](https://hackage.haskell.org/package/curl) Written by Galois, Inc -[Hollywood](https://www.hollywood-mal.com/download.html) hURL by Andreas Falkenhahn +[Hollywood](https://web.archive.org/web/20250116185836/https://www.hollywood-mal.com/download.html) hURL by Andreas Falkenhahn [Java](https://github.com/covers1624/curl4j) From 70a11c6f06dbe47fa6045eec00d594ed4397dbef Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 4 Nov 2025 08:44:28 +0100 Subject: [PATCH 0691/2408] CURLOPT_COPYPOSTFIELDS.md: used with MQTT and RTSP as well Follow-up to 5ec87346a9bfad1a24f97c3785 Closes #19351 --- docs/libcurl/opts/CURLOPT_COPYPOSTFIELDS.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/libcurl/opts/CURLOPT_COPYPOSTFIELDS.md b/docs/libcurl/opts/CURLOPT_COPYPOSTFIELDS.md index de3dd1b70b..837fd2de1a 100644 --- a/docs/libcurl/opts/CURLOPT_COPYPOSTFIELDS.md +++ b/docs/libcurl/opts/CURLOPT_COPYPOSTFIELDS.md @@ -11,6 +11,8 @@ See-also: - CURLOPT_UPLOAD (3) Protocol: - HTTP + - MQTT + - RTSP Added-in: 7.17.1 --- From 0783ef2348f46cd57ce8848e5dc7008d33b70a05 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 4 Nov 2025 11:22:32 +0100 Subject: [PATCH 0692/2408] tests: remove most user-agent filters Use the %VERSION instead. The user-agent stripping was introduced at the time before we had %VERSION (introduced in e6b21d4). The tests would then remove the user-agent header to make them possible to be compared in a version independent way. Fixes #19355 Reported-by: Stefan Eissing Closes #19356 --- tests/data/test1571 | 3 --- tests/data/test1572 | 3 --- tests/data/test1573 | 3 --- tests/data/test1574 | 3 --- tests/data/test1575 | 3 --- tests/data/test1576 | 3 --- tests/data/test1577 | 3 --- tests/data/test1578 | 3 --- tests/data/test1579 | 3 --- tests/data/test1580 | 3 --- tests/data/test1581 | 3 --- tests/data/test1631 | 5 ++--- tests/data/test1632 | 7 +++---- tests/data/test1933 | 1 - tests/data/test1934 | 1 - tests/data/test1935 | 1 - tests/data/test1936 | 1 - tests/data/test1937 | 1 - tests/data/test1938 | 1 - tests/data/test1955 | 1 - tests/data/test1956 | 1 - tests/data/test1957 | 1 - tests/data/test1958 | 1 - tests/data/test1959 | 1 - tests/data/test1964 | 1 - tests/data/test1970 | 1 - tests/data/test1971 | 1 - tests/data/test1972 | 1 - tests/data/test1973 | 1 - tests/data/test1974 | 1 - tests/data/test1975 | 1 - tests/data/test1976 | 2 +- tests/data/test1978 | 1 - tests/data/test545 | 3 --- tests/data/test794 | 5 ++--- tests/data/test796 | 5 ++--- tests/data/test797 | 5 ++--- 37 files changed, 12 insertions(+), 72 deletions(-) diff --git a/tests/data/test1571 b/tests/data/test1571 index 622ec5ad15..8a2bfb4616 100644 --- a/tests/data/test1571 +++ b/tests/data/test1571 @@ -75,9 +75,6 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -^User-Agent:.* - IGLOO /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT diff --git a/tests/data/test1572 b/tests/data/test1572 index 36f3eef6e6..53683ed88f 100644 --- a/tests/data/test1572 +++ b/tests/data/test1572 @@ -75,9 +75,6 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -^User-Agent:.* - IGLOO /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT diff --git a/tests/data/test1573 b/tests/data/test1573 index 62f5a0e88e..e13522964f 100644 --- a/tests/data/test1573 +++ b/tests/data/test1573 @@ -75,9 +75,6 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -^User-Agent:.* - IGLOO /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT diff --git a/tests/data/test1574 b/tests/data/test1574 index 501c405389..fe4d7688c5 100644 --- a/tests/data/test1574 +++ b/tests/data/test1574 @@ -75,9 +75,6 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -^User-Agent:.* - IGLOO /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT diff --git a/tests/data/test1575 b/tests/data/test1575 index d02080b2da..53452af2c2 100644 --- a/tests/data/test1575 +++ b/tests/data/test1575 @@ -75,9 +75,6 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -^User-Agent:.* - IGLOO /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT diff --git a/tests/data/test1576 b/tests/data/test1576 index 8048e1329d..fc24dd3e5e 100644 --- a/tests/data/test1576 +++ b/tests/data/test1576 @@ -75,9 +75,6 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -^User-Agent:.* - CURL /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT diff --git a/tests/data/test1577 b/tests/data/test1577 index 42d26ae46d..eeb3119fdc 100644 --- a/tests/data/test1577 +++ b/tests/data/test1577 @@ -75,9 +75,6 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER %TESTNUMBER # Verify data after the test has been "shot" - -^User-Agent:.* - CURL /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT diff --git a/tests/data/test1578 b/tests/data/test1578 index a8c9e7925a..b8e7c308c0 100644 --- a/tests/data/test1578 +++ b/tests/data/test1578 @@ -75,9 +75,6 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -^User-Agent:.* - CURL /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT diff --git a/tests/data/test1579 b/tests/data/test1579 index 309f17a8bb..c835eaf70e 100644 --- a/tests/data/test1579 +++ b/tests/data/test1579 @@ -75,9 +75,6 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER %TESTNUMBER # Verify data after the test has been "shot" - -^User-Agent:.* - CURL /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT diff --git a/tests/data/test1580 b/tests/data/test1580 index e67164a427..99626c53a2 100644 --- a/tests/data/test1580 +++ b/tests/data/test1580 @@ -75,9 +75,6 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER 1578 # Verify data after the test has been "shot" - -^User-Agent:.* - CURL /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT diff --git a/tests/data/test1581 b/tests/data/test1581 index 5dac5229f4..f3f29757a2 100644 --- a/tests/data/test1581 +++ b/tests/data/test1581 @@ -75,9 +75,6 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # Verify data after the test has been "shot" - -^User-Agent:.* - IGLOO /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT diff --git a/tests/data/test1631 b/tests/data/test1631 index 7c2f81c3ee..6e28263b3d 100644 --- a/tests/data/test1631 +++ b/tests/data/test1631 @@ -59,17 +59,16 @@ proxy # opens for us, so we can't compare with a known pre-existing number! s/((https.proxy):(\d+))/$2:12345/ -s/^(User-Agent: curl).*/$1/ CONNECT ftp.site.thru.https.proxy:12345 HTTP/1.1 Host: ftp.site.thru.https.proxy:12345 -User-Agent: curl +User-Agent: curl/%VERSION Proxy-Connection: Keep-Alive CONNECT ftp.site.thru.https.proxy:12345 HTTP/1.1 Host: ftp.site.thru.https.proxy:12345 -User-Agent: curl +User-Agent: curl/%VERSION Proxy-Connection: Keep-Alive diff --git a/tests/data/test1632 b/tests/data/test1632 index 90cb56f616..ebf91098d5 100644 --- a/tests/data/test1632 +++ b/tests/data/test1632 @@ -69,22 +69,21 @@ proxy s/((https.proxy):(\d+))/$2:12345/ -s/^(User-Agent: curl).*/$1/ CONNECT ftp.site.thru.https.proxy:12345 HTTP/1.1 Host: ftp.site.thru.https.proxy:12345 -User-Agent: curl +User-Agent: curl/%VERSION Proxy-Connection: Keep-Alive CONNECT ftp.site.thru.https.proxy:12345 HTTP/1.1 Host: ftp.site.thru.https.proxy:12345 -User-Agent: curl +User-Agent: curl/%VERSION Proxy-Connection: Keep-Alive CONNECT ftp.site.thru.https.proxy:12345 HTTP/1.1 Host: ftp.site.thru.https.proxy:12345 -User-Agent: curl +User-Agent: curl/%VERSION Proxy-Connection: Keep-Alive diff --git a/tests/data/test1933 b/tests/data/test1933 index a26d29585c..57706dcf92 100644 --- a/tests/data/test1933 +++ b/tests/data/test1933 @@ -55,7 +55,6 @@ http://xxx:yyy@127.0.0.1:9000/%TESTNUMBER/testapi/test 127.0.0.1:9000:%HOSTIP:%H # Verify data after the test has been "shot" -^User-Agent:.* ^Content-Type:.* ^Accept:.* diff --git a/tests/data/test1934 b/tests/data/test1934 index 9520c8193e..a5bead447b 100644 --- a/tests/data/test1934 +++ b/tests/data/test1934 @@ -55,7 +55,6 @@ http://127.0.0.1:9000/%TESTNUMBER/testapi/test 127.0.0.1:9000:%HOSTIP:%HTTPPORT # Verify data after the test has been "shot" -^User-Agent:.* ^Content-Type:.* ^Accept:.* diff --git a/tests/data/test1935 b/tests/data/test1935 index 4e0f11cb4f..64f0c21e06 100644 --- a/tests/data/test1935 +++ b/tests/data/test1935 @@ -55,7 +55,6 @@ http://127.0.0.1:9000/%TESTNUMBER/testapi/test 127.0.0.1:9000:%HOSTIP:%HTTPPORT # Verify data after the test has been "shot" -^User-Agent:.* ^Content-Type:.* ^Accept:.* diff --git a/tests/data/test1936 b/tests/data/test1936 index d57b8161ef..3ee3788f2c 100644 --- a/tests/data/test1936 +++ b/tests/data/test1936 @@ -55,7 +55,6 @@ http://127.0.0.1:9000/%TESTNUMBER/testapi/test 127.0.0.1:9000:%HOSTIP:%HTTPPORT # Verify data after the test has been "shot" -^User-Agent:.* ^Content-Type:.* ^Accept:.* diff --git a/tests/data/test1937 b/tests/data/test1937 index 816b9c18d7..72fce57c54 100644 --- a/tests/data/test1937 +++ b/tests/data/test1937 @@ -56,7 +56,6 @@ http://127.0.0.1:9000/%TESTNUMBER/testapi/test 127.0.0.1:9000:%HOSTIP:%HTTPPORT # Verify data after the test has been "shot" -^User-Agent:.* ^Content-Type:.* ^Accept:.* diff --git a/tests/data/test1938 b/tests/data/test1938 index e2ed9837e8..7f719376e2 100644 --- a/tests/data/test1938 +++ b/tests/data/test1938 @@ -56,7 +56,6 @@ http://127.0.0.1:9000/%TESTNUMBER/testapi/test 127.0.0.1:9000:%HOSTIP:%HTTPPORT # Verify data after the test has been "shot" -^User-Agent:.* ^Content-Type:.* ^Accept:.* diff --git a/tests/data/test1955 b/tests/data/test1955 index be23a9d628..93d1422e8b 100644 --- a/tests/data/test1955 +++ b/tests/data/test1955 @@ -55,7 +55,6 @@ http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPP # Verify data after the test has been "shot" -^User-Agent:.* ^Content-Type:.* ^Accept:.* diff --git a/tests/data/test1956 b/tests/data/test1956 index 324de33913..b8c4710f98 100644 --- a/tests/data/test1956 +++ b/tests/data/test1956 @@ -55,7 +55,6 @@ http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPP # Verify data after the test has been "shot" -^User-Agent:.* ^Content-Type:.* ^Accept:.* diff --git a/tests/data/test1957 b/tests/data/test1957 index 5a3c914b5b..0036b60644 100644 --- a/tests/data/test1957 +++ b/tests/data/test1957 @@ -55,7 +55,6 @@ http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPP # Verify data after the test has been "shot" -^User-Agent:.* ^Content-Type:.* ^Accept:.* diff --git a/tests/data/test1958 b/tests/data/test1958 index 220f49aa5e..f5e38868c6 100644 --- a/tests/data/test1958 +++ b/tests/data/test1958 @@ -55,7 +55,6 @@ http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPP # Verify data after the test has been "shot" -^User-Agent:.* ^Content-Type:.* ^Accept:.* diff --git a/tests/data/test1959 b/tests/data/test1959 index e91a3128e8..8f43ed625c 100644 --- a/tests/data/test1959 +++ b/tests/data/test1959 @@ -55,7 +55,6 @@ http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPP # Verify data after the test has been "shot" -^User-Agent:.* ^Content-Type:.* ^Accept:.* diff --git a/tests/data/test1964 b/tests/data/test1964 index 9b7e2c968b..5cadbee5bc 100644 --- a/tests/data/test1964 +++ b/tests/data/test1964 @@ -54,7 +54,6 @@ http://xxx:yyy@127.0.0.1:9000/%TESTNUMBER/testapi/test 127.0.0.1:9000:%HOSTIP:%H # Verify data after the test has been "shot" -^User-Agent:.* ^Content-Type:.* ^Accept:.* diff --git a/tests/data/test1970 b/tests/data/test1970 index 43df45e31f..af15223599 100644 --- a/tests/data/test1970 +++ b/tests/data/test1970 @@ -55,7 +55,6 @@ http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPP # Verify data after the test has been "shot" -^User-Agent:.* ^Content-Type:.* ^Accept:.* diff --git a/tests/data/test1971 b/tests/data/test1971 index 57cb834e95..52320d4344 100644 --- a/tests/data/test1971 +++ b/tests/data/test1971 @@ -48,7 +48,6 @@ http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPP # Verify data after the test has been "shot" -^User-Agent:.* ^Content-Type:.* ^Accept:.* diff --git a/tests/data/test1972 b/tests/data/test1972 index 7b4168d119..d16ed4f775 100644 --- a/tests/data/test1972 +++ b/tests/data/test1972 @@ -58,7 +58,6 @@ http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPP # Verify data after the test has been "shot" -^User-Agent:.* ^Content-Type:.* ^Accept:.* diff --git a/tests/data/test1973 b/tests/data/test1973 index 8b10e9ec48..7c45ceb5d6 100644 --- a/tests/data/test1973 +++ b/tests/data/test1973 @@ -55,7 +55,6 @@ http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPP # Verify data after the test has been "shot" -^User-Agent:.* ^Content-Type:.* ^Accept:.* diff --git a/tests/data/test1974 b/tests/data/test1974 index 74213d0ab6..bac259715e 100644 --- a/tests/data/test1974 +++ b/tests/data/test1974 @@ -55,7 +55,6 @@ http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPP # Verify data after the test has been "shot" -^User-Agent:.* ^Content-Type:.* ^Accept:.* diff --git a/tests/data/test1975 b/tests/data/test1975 index 92fd563da8..e5a29d2936 100644 --- a/tests/data/test1975 +++ b/tests/data/test1975 @@ -48,7 +48,6 @@ http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPP # Verify data after the test has been "shot" -^User-Agent:.* ^Content-Type:.* ^Accept:.* diff --git a/tests/data/test1976 b/tests/data/test1976 index 51e3b242b8..b573bf7ded 100644 --- a/tests/data/test1976 +++ b/tests/data/test1976 @@ -39,7 +39,6 @@ HTTP AWS_SIGV4 canonical request header sorting test # Verify data after the test has been "shot" -^User-Agent:.* ^Content-Length:.* ^Accept:.* @@ -53,6 +52,7 @@ Host: %HOSTIP:%HTTPPORT Authorization: AWS4-HMAC-SHA256 Credential=xxx/19700101/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-test;x-amz-meta-test-two, Signature=stripped X-Amz-Date: 19700101T000000Z x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 +User-Agent: curl/%VERSION X-Amz-Meta-Test-Two: test2 x-amz-meta-test: test diff --git a/tests/data/test1978 b/tests/data/test1978 index 007bbac55c..a6c1272d9a 100644 --- a/tests/data/test1978 +++ b/tests/data/test1978 @@ -42,7 +42,6 @@ http://xxx:yyy@127.0.0.1:9000/%TESTNUMBER/testapi/test 127.0.0.1:9000:%HOSTIP:%H # Verify data after the test has been "shot" -^User-Agent:.* ^Content-Length:.* ^Accept:.* diff --git a/tests/data/test545 b/tests/data/test545 index 363fe4dd7f..99bf046851 100644 --- a/tests/data/test545 +++ b/tests/data/test545 @@ -40,9 +40,6 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER # # Verify data after the test has been "shot" - -^User-Agent:.* - POST /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT diff --git a/tests/data/test794 b/tests/data/test794 index 63d3d36ba0..5fd1f76a06 100644 --- a/tests/data/test794 +++ b/tests/data/test794 @@ -72,18 +72,17 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER --no-progress-meter -X IGLOO -d moo --locat # Verify data after the test has been "shot" - -^User-Agent:.* - IGLOO /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION Accept: */* Content-Length: 3 Content-Type: application/x-www-form-urlencoded mooGET /%TESTNUMBER0001 HTTP/1.1 Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION Accept: */* diff --git a/tests/data/test796 b/tests/data/test796 index e875058810..b945556a46 100644 --- a/tests/data/test796 +++ b/tests/data/test796 @@ -72,18 +72,17 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -X IGLOO -d moo --follow # Verify data after the test has been "shot" - -^User-Agent:.* - IGLOO /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION Accept: */* Content-Length: 3 Content-Type: application/x-www-form-urlencoded mooGET /%TESTNUMBER0001 HTTP/1.1 Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION Accept: */* diff --git a/tests/data/test797 b/tests/data/test797 index f1f1a1ff18..2033829d14 100644 --- a/tests/data/test797 +++ b/tests/data/test797 @@ -72,18 +72,17 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -X IGLOO -d moo --follow # Verify data after the test has been "shot" - -^User-Agent:.* - IGLOO /%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION Accept: */* Content-Length: 3 Content-Type: application/x-www-form-urlencoded mooIGLOO /%TESTNUMBER0001 HTTP/1.1 Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION Accept: */* Content-Length: 3 Content-Type: application/x-www-form-urlencoded From 11683f121d42f8a18b3385d41f89d2285f90f4e6 Mon Sep 17 00:00:00 2001 From: x2018 Date: Tue, 4 Nov 2025 16:49:28 +0800 Subject: [PATCH 0693/2408] tool_ipfs: check the return value of curl_url_get for gwpath Closes #19358 --- src/tool_ipfs.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/tool_ipfs.c b/src/tool_ipfs.c index 1f77dad47f..8e98d23242 100644 --- a/src/tool_ipfs.c +++ b/src/tool_ipfs.c @@ -176,7 +176,9 @@ CURLcode ipfs_url_rewrite(CURLU *uh, const char *protocol, char **url, } curl_url_get(gatewayurl, CURLUPART_PORT, &gwport, CURLU_URLDECODE); - curl_url_get(gatewayurl, CURLUPART_PATH, &gwpath, CURLU_URLDECODE); + + if(curl_url_get(gatewayurl, CURLUPART_PATH, &gwpath, CURLU_URLDECODE)) + goto clean; /* get the path from user input */ curl_url_get(uh, CURLUPART_PATH, &inputpath, CURLU_URLDECODE); @@ -192,7 +194,6 @@ CURLcode ipfs_url_rewrite(CURLU *uh, const char *protocol, char **url, if(inputpath && (inputpath[0] == '/') && !inputpath[1]) *inputpath = '\0'; - pathbuffer = curl_maprintf("%s%s%s/%s%s", gwpath, has_trailing_slash(gwpath) ? "" : "/", protocol, cid, From 913c1f28c9cc3417cd38e52eec470a0e103b4e97 Mon Sep 17 00:00:00 2001 From: Samuel Henrique Date: Tue, 4 Nov 2025 08:33:28 +0000 Subject: [PATCH 0694/2408] wcurl: import v2025.11.04 Closes #19353 --- docs/wcurl.md | 8 ++++---- scripts/wcurl | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/wcurl.md b/docs/wcurl.md index ab5f956fc0..7d1200b2ea 100644 --- a/docs/wcurl.md +++ b/docs/wcurl.md @@ -40,7 +40,7 @@ should be using curl directly if your use case is not covered. By default, **wcurl** does: -## * Percent-encode whitespaces in URLs; +## * Percent-encode whitespace in URLs; ## * Download multiple URLs in parallel if the installed curl's version is \>= 7.66.0 (--parallel); @@ -88,7 +88,7 @@ last value is considered. ## --no-decode-filename Don't percent-decode the output filename, even if the percent-encoding in the -URL was done by **wcurl**, e.g.: The URL contained whitespaces. +URL was done by **wcurl**, e.g.: The URL contained whitespace. ## --dry-run @@ -110,7 +110,7 @@ is instead forwarded to the curl invocation. # URL URL to be downloaded. Anything that is not a parameter is considered -an URL. Whitespaces are percent-encoded and the URL is passed to curl, which +an URL. Whitespace is percent-encoded and the URL is passed to curl, which then performs the parsing. May be specified more than once. # EXAMPLES @@ -144,7 +144,7 @@ Download multiple files without a limit of concurrent connections per host (the # REPORTING BUGS If you experience any problems with **wcurl** that you do not experience with -curl, submit an issue on Github: https://github.com/curl/wcurl +curl, submit an issue on GitHub: https://github.com/curl/wcurl # COPYRIGHT diff --git a/scripts/wcurl b/scripts/wcurl index b1a06efe58..56c04ba9a4 100755 --- a/scripts/wcurl +++ b/scripts/wcurl @@ -29,7 +29,7 @@ # Stop on errors and on usage of unset variables. set -eu -VERSION="2025.09.27+dev" +VERSION="2025.11.04" PROGRAM_NAME="$(basename "$0")" readonly PROGRAM_NAME From 775add6e901e7ea16799118c9581a328031e4594 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 4 Nov 2025 16:10:09 +0100 Subject: [PATCH 0695/2408] HISTORY: extend With recent events and some more in the past Closes #19361 --- docs/HISTORY.md | 43 +++++++++++++++++++++++++++++++++++++++---- 1 file changed, 39 insertions(+), 4 deletions(-) diff --git a/docs/HISTORY.md b/docs/HISTORY.md index 21df56f85f..41284d8fc6 100644 --- a/docs/HISTORY.md +++ b/docs/HISTORY.md @@ -223,6 +223,9 @@ March: security vulnerability: libcurl TFTP Packet Buffer Overflow September: The major SONAME number for libcurl was bumped to 4 due to the removal of ftp third party transfer support. +October: we started to offer the Mozilla CA cert bundle as a PEM file on the +curl website. + November: Added SCP and SFTP support 2007 @@ -326,6 +329,10 @@ April: added the cyassl backend (later renamed to wolfSSL) August: support for HTTP/2 server push + September: started "everything curl". A separate stand-alone book documenting + curl and related info in perhaps a more tutorial style rather than just a + reference, + December: Public Suffix List 2016 @@ -340,6 +347,8 @@ April: added the cyassl backend (later renamed to wolfSSL) 2017 ---- + May: Fastly starts hosting the curl website + July: OSS-Fuzz started fuzzing libcurl September: Added MultiSSL support @@ -390,6 +399,8 @@ April: added the cyassl backend (later renamed to wolfSSL) 2019 ---- + January: Daniel started working full-time on curl, employed by wolfSSL + March: added experimental alt-svc support August: the first HTTP/3 requests with curl. @@ -404,7 +415,8 @@ April: added the cyassl backend (later renamed to wolfSSL) January: added BearSSL support - March: removed support for PolarSSL, added wolfSSH support + March: removed support for PolarSSL, added wolfSSH support. Created the first + dashboard on the website. April: experimental MQTT support @@ -437,6 +449,8 @@ March: added --json, removed mesalink support The curl.se website serves 16,500 GB/month over 462M requests, the official docker image has been pulled 4,098,015,431 times. +April: added support for msh3 as another HTTP/3 backend + October: initial WebSocket support 2023 @@ -447,7 +461,8 @@ March: remove support for curl_off_t < 8 bytes March 31: we started working on a new command line tool for URL parsing and manipulations: trurl. -May: added support for HTTP/2 over HTTPS proxy. Refuse to resolve .onion. +May: added support for HTTP/2 over HTTPS proxy. Refuse to resolve .onion. The +curl GitHub repository reaches 30,000 stars. August: Dropped support for the NSS library @@ -482,5 +497,25 @@ February 5: first 0RTT for QUIC, ssl session import/export February: experimental HTTPS RR support -February 22: The website served 62.95 TB/month; 12.43 billion requests - The docker image has been pulled 6373501745 times. +February 22: The website served 62.95 TB/month; 12.43 billion requests. The +docker image has been pulled 6373501745 times. + +June: we removed support for BearSSL, Secure Transport and msh3 + +October: Daniel gets awarded a gold medal by the Swedish Royal Academy of +Engineering Sciences for his work on curl. + +We counted curl having been installed on 110 operating systems and 28 CPU +architectures. + +November: + + Public curl releases: 271 + Command line options: 273 + curl_easy_setopt() options: 308 + Public functions in libcurl: 100 + Contributors: 3534 + +We drop support for krb-ftp, Heimdal, wolfSSH and the winbuild build system. + +Add support for Apple SecTrust, native CA certs on Apple systems. From 3806fd914b7091cbf2d420bd50eb6a3005971e6e Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 4 Nov 2025 15:26:29 +0100 Subject: [PATCH 0696/2408] cmake: fix `HAVE_GNUTLS_SRP` detection after adding local FindGnuTLS module When GnuTLS is detected via pkg-config on a non-default path, e.g. with Homebrew arm64 (`/opt/homebrew/`). This was a regression from a commit made in this release cycle. The Find module doesn't return an absolute path to the detected library (as the former solution did), but a bare libname and a libpath. We thus need to explicitly use the libpath while detecting a feature in GnuTLS found this way. Syncing this with other dependencies. Follow-up to 1966c86d71eb90beeeb3ccbefd6321bd64992553 #19163 Closes #19360 --- CMakeLists.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/CMakeLists.txt b/CMakeLists.txt index da3b99cff4..4772a6219a 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -933,6 +933,7 @@ if(CURL_USE_GNUTLS) cmake_push_check_state() list(APPEND CMAKE_REQUIRED_INCLUDES "${GNUTLS_INCLUDE_DIRS}") list(APPEND CMAKE_REQUIRED_LIBRARIES "${GNUTLS_LIBRARIES}") + curl_required_libpaths("${GNUTLS_LIBRARY_DIRS}") check_symbol_exists("gnutls_srp_verifier" "gnutls/gnutls.h" HAVE_GNUTLS_SRP) cmake_pop_check_state() endif() From 8d4530537aa6223f5f7360da2dbe5a94660821ed Mon Sep 17 00:00:00 2001 From: x2018 Date: Tue, 4 Nov 2025 23:27:49 +0800 Subject: [PATCH 0697/2408] gtls: check the return value of gnutls_pubkey_init() Closes #19362 --- lib/vtls/gtls.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index c79f192e82..40d8ad5b45 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -1291,8 +1291,10 @@ static CURLcode pkp_pin_peer_pubkey(struct Curl_easy *data, do { int ret; - /* Begin Gyrations to get the public key */ - gnutls_pubkey_init(&key); + /* Begin Gyrations to get the public key */ + ret = gnutls_pubkey_init(&key); + if(ret < 0) + break; /* failed */ ret = gnutls_pubkey_import_x509(key, cert, 0); if(ret < 0) From e5cc5640b37672bd18d7561bc45c5dd91271753a Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 4 Nov 2025 19:41:30 +0000 Subject: [PATCH 0698/2408] GHA: update cross-platform-actions/action action to v0.30.0 Closes #19367 --- .github/workflows/non-native.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/non-native.yml b/.github/workflows/non-native.yml index 71829ec302..523a6761e6 100644 --- a/.github/workflows/non-native.yml +++ b/.github/workflows/non-native.yml @@ -51,7 +51,7 @@ jobs: with: persist-credentials: false - name: 'cmake' - uses: cross-platform-actions/action@e8a7b572196ff79ded1979dc2bb9ee67d1ddb252 # v0.29.0 + uses: cross-platform-actions/action@46e8d7fb25520a8d6c64fd2b7a1192611da98eda # v0.30.0 env: MATRIX_ARCH: '${{ matrix.arch }}' with: @@ -96,7 +96,7 @@ jobs: with: persist-credentials: false - name: 'cmake' - uses: cross-platform-actions/action@e8a7b572196ff79ded1979dc2bb9ee67d1ddb252 # v0.29.0 + uses: cross-platform-actions/action@46e8d7fb25520a8d6c64fd2b7a1192611da98eda # v0.30.0 env: MATRIX_ARCH: '${{ matrix.arch }}' with: @@ -146,7 +146,7 @@ jobs: with: persist-credentials: false - name: '${{ matrix.build }}' - uses: cross-platform-actions/action@e8a7b572196ff79ded1979dc2bb9ee67d1ddb252 # v0.29.0 + uses: cross-platform-actions/action@46e8d7fb25520a8d6c64fd2b7a1192611da98eda # v0.30.0 env: CC: '${{ matrix.compiler }}' MATRIX_ARCH: '${{ matrix.arch }}' From c3b890b2c005401e18b54dacf9e63d33412e2b4f Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 4 Nov 2025 21:01:32 +0100 Subject: [PATCH 0699/2408] GHA/non-native: bump to OpenBSD 7.8 Follow-up to e5cc5640b37672bd18d7561bc45c5dd91271753a #19367 Closes #19368 --- .github/workflows/non-native.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/non-native.yml b/.github/workflows/non-native.yml index 523a6761e6..19ff552c91 100644 --- a/.github/workflows/non-native.yml +++ b/.github/workflows/non-native.yml @@ -102,7 +102,7 @@ jobs: with: environment_variables: MATRIX_ARCH operating_system: 'openbsd' - version: '7.7' + version: '7.8' architecture: ${{ matrix.arch }} run: | # https://openbsd.app/ From 7872ec968f2f56aa75e713d67d6b948e268324d6 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 5 Nov 2025 07:57:10 +0100 Subject: [PATCH 0700/2408] THANKS: add contributors from 8.17.0 --- docs/THANKS | 34 ++++++++++++++++++++++++++++++++++ docs/THANKS-filter | 1 + 2 files changed, 35 insertions(+) diff --git a/docs/THANKS b/docs/THANKS index 97f9999b08..fd4015468e 100644 --- a/docs/THANKS +++ b/docs/THANKS @@ -88,6 +88,7 @@ Alessandro Vesely Alex aka WindEagle Alexander Bartel Alexander Beedie +Alexander Blach Alexander Chuykov Alexander Dyagilev Alexander Elgert @@ -221,6 +222,7 @@ Andrew Krieger Andrew Kurushin Andrew Lambert Andrew Moise +Andrew Olsen Andrew Potter Andrew Robbins Andrew Wansink @@ -238,6 +240,7 @@ Andy Reitz Andy Serpa Andy Stamp Andy Tsouladze +And-yW on github Angus Mackay anio on github annalee @@ -411,6 +414,7 @@ Bob Richmond Bob Schader Bodo Bergmann Bogdan Nicula +BohwaZ boilingoden Boris Kuschel Boris Okunskiy @@ -636,6 +640,7 @@ Cristian Greco Cristian Morales Vega Cristian Rodríguez CueXXIII on github +curl.stunt430 Curt Bogmine Cynthia Coan Cyril B @@ -649,6 +654,7 @@ Dagfinn Ilmari Mannsåker Dagobert Michelsen Daiki Ueno Dair Grant +Dalei Dambaev Alexander Damian Dixon Damien Adant @@ -694,6 +700,7 @@ Daniel Silverstone Daniel Steinberg Daniel Stenberg Daniel Szmulewicz +Daniel Terhorst-North Daniel Theron Daniel Valenzuela Daniel Woelfel @@ -804,6 +811,7 @@ Derzsi Dániel Desmond O. Chang destman on github Detlef Schmier +Devdatta Talele devgs on github Dexter Gerig dfdity on github @@ -948,10 +956,12 @@ Emil Engler Emiliano Ida Emilio Cobos Álvarez Emilio López +Emilio Pozuelo Monfort Emil Lerner Emil Österlund Emil Romanus Emmanuel Tychon +Emre Çalışkan Enno Boland Enrico Scholz Enrik Berkhan @@ -1200,6 +1210,7 @@ Guillaume Algis Guillaume Arluison guitared on github Gunamoi Software +Gunni on github Gunter Knauf guoxinvmware on github Gustaf Hui @@ -1303,6 +1314,7 @@ IcedCoffeee on github iconoclasthero icy17 on github Ignacio Vazquez-Abrams +Ignat Loskutov Igor Franchuk Igor Khristophorov Igor Makarov @@ -1367,6 +1379,7 @@ jakirkham on github Jakob Hirsch Jakub Bochenski Jakub Jelen +Jakub Stasiak Jakub Wilk Jakub Zakrzewski James Abbatiello @@ -1503,6 +1516,7 @@ jhoyla on github Jiacai Liu Jiang Wenjian Jiawen Geng +Jicea Jie He Jiehong on github Jilayne Lovejoy @@ -1524,6 +1538,7 @@ Jishan Shaikh Jiwoo Park Jixinqi jkamp-aws on github +jmaggard10 on github jmdavitt on github jnbr on github Jocelyn Jaubert @@ -1635,6 +1650,7 @@ Jose Alf Josef Wolf José Joaquín Atria Jose Kahan +Joseph Birr-Pixton Joseph Chen Joseph Tharayil Josh Bialkowski @@ -1645,6 +1661,7 @@ Josh Kapell Josh McCullough Josh Soref Joshua Kwan +Joshua Rogers Joshua Root Joshua Swink Josie Huddleston @@ -1709,6 +1726,7 @@ Kane York Kang-Jin Lee Kang Lin Kantanat Wannapaka +kapsiR on github Kareem Kari Pahula Karl Chen @@ -1800,6 +1818,7 @@ Kristoffer Gleditsch kriztalz K. R. Walker Kuan-Wei Chiu +kuchara on github Kunal Chandarana Kunal Ekawde kupavcevdenis on github @@ -1948,6 +1967,7 @@ Maciej Puzio Maciej W. Rozycki MacKenzie madblobfish on github +madoe on github MaeIsBad on github magisterquis on hackerone Mahmoud Samir Fayed @@ -2241,6 +2261,7 @@ Mingtao Yang Miroslav Franc Miroslav Spousta Mischa Salle +Mitchell Blank Jr Mitz Wark mkzero on github modbw on github @@ -2363,6 +2384,7 @@ Ning Dong NINIKA Niracler Li Niranjan Hasabnis +Nir Azkiel Nir Soffer Nis Jorgensen nk @@ -2489,6 +2511,7 @@ Pavel Kropachev Pavel Löbl Pavel Mayorov Pavel Orehov +Pavel P Pavel Pavlov Pavel Raiskup Pavel Rochnyak @@ -2507,6 +2530,7 @@ Pedro Neves pendrek at hackerone Peng Li Peng-Yu Chen +pennae on github Per Jensen Per Lundberg Per Malmberg @@ -2586,7 +2610,9 @@ Piotr Dobrogost Piotr Komborski Piotr Nakraszewicz PleaseJustDont +plv1313 on github Po-Chuan Hsieh +Pocs Norbert Pontakorn Prasertsuk Pontus Lundkvist Pooyan McSporran @@ -2738,6 +2764,7 @@ Rider Linden Rikard Falkeborn rilysh Rinku Das +rinsuki on github rl1987 on github rmg-x on github rm-rmonaghan on github @@ -2843,6 +2870,7 @@ rzrymiak on github s0urc3_ on hackerone saimen Sai Ram Kunala +Sakthi SK Salah-Eddin Shaban Saleem Abdulrasool SaltyMilk @@ -3007,6 +3035,7 @@ sspiri on github sstruchtrup on github Stadler Stephan Stan Hu +Stanislav Fort Stanislav Ivochkin Stanislav Lange Stanislav Osipov @@ -3121,9 +3150,11 @@ Terri Oda Terry Wu thanhchungbtc on github TheAssassin on github +TheBitBrine The Infinnovation team TheKnarf on github Theo +Theo Buehler Theodore A. Roth Theodore Dubois therealhirudo on github @@ -3162,6 +3193,7 @@ Till Wegmüller Tim Ansell Tim Baker Tim Bartley +Tim Becker Tim Chen Tim Costello Tim Harder @@ -3363,6 +3395,7 @@ w0x42 on hackerone Waldek Kozba Waldemar Kornewald Walter J. Mack +WangDaLei on github wangzhikun Ward Willats Warren Menzer @@ -3499,6 +3532,7 @@ zzq1015 on github ウさん 不确定 加藤郁之 +包布丁 南宫雪珊 左潇峰 李四 diff --git a/docs/THANKS-filter b/docs/THANKS-filter index fd8722da8b..2adf52c9e8 100644 --- a/docs/THANKS-filter +++ b/docs/THANKS-filter @@ -160,3 +160,4 @@ s/jethrogb$/jethrogb on github/ s/on github/on github/i s/Maksim Sciepanienka/Maksim Ściepanienka/ s/Qriist.*/Qriist on github/ +s/Viktor Szakatas/Viktor Szakats From 668737938998869c494b9431c0f820b8bcc77725 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 5 Nov 2025 07:59:38 +0100 Subject: [PATCH 0701/2408] VERSIONS: 8.18.0 is now pending --- docs/VERSIONS.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/VERSIONS.md b/docs/VERSIONS.md index 35267f8294..b910374eab 100644 --- a/docs/VERSIONS.md +++ b/docs/VERSIONS.md @@ -69,7 +69,8 @@ dates. The tool was called `httpget` before 2.0, `urlget` before 4.0 then `curl` since 4.0. `libcurl` and `curl` are always released in sync, using the same version numbers. -- 8.17.0: pending +- 8.18.0: pending +- 8.17.0: November 5, 2025 - 8.16.0: September 10, 2025 - 8.15.0: July 16, 2025 - 8.14.1: June 4 2025 From 400fffa90f30c7a2dc762fa33009d24851bd2016 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 3 Nov 2025 22:41:16 +0100 Subject: [PATCH 0702/2408] RELEASE-NOTES: synced version 8.17.0 relese --- RELEASE-NOTES | 48 ++++++++++++++++++++++++++++++++++++------------ 1 file changed, 36 insertions(+), 12 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 7f536c16ae..76e47f0f72 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -4,7 +4,7 @@ curl and libcurl 8.17.0 Command line options: 273 curl_easy_setopt() options: 308 Public functions in libcurl: 100 - Contributors: 3534 + Contributors: 3536 This release includes the following changes: @@ -17,7 +17,7 @@ This release includes the following changes: o ssl: support Apple SecTrust configurations [240] o tool_getparam: add --knownhosts [204] o vssh: drop support for wolfSSH [58] - o wcurl: import v2025.09.27 [182] + o wcurl: import v2025.11.04 [431] o write-out: make %header{} able to output *all* occurrences of a header [25] This release includes the following bugfixes: @@ -69,6 +69,7 @@ This release includes the following bugfixes: o cmake: build the "all" examples source list dynamically [245] o cmake: clang detection tidy-ups [116] o cmake: drop exclamation in comment looking like a name [160] + o cmake: fix `HAVE_GNUTLS_SRP` detection after adding local FindGnuTLS module [458] o cmake: fix building docs when the base directory contains .3 [18] o cmake: fix Linux pre-fill `HAVE_POSIX_STRERROR_R` (when `_CURL_PREFILL=ON`) o cmake: fix Linux pre-fills for non-glibc (when `_CURL_PREFILL=ON`) [372] @@ -101,11 +102,14 @@ This release includes the following bugfixes: o curl_threads: delete WinCE fallback branch [233] o CURLINFO_FTP_ENTRY_PATH.md: this is for SFTP as well [8] o CURLOPT_COOKIEFILE.md: clarify when the cookies are loaded [159] + o CURLOPT_COPYPOSTFIELDS.md: used with MQTT and RTSP as well [457] o CURLOPT_HEADER/WRITEFUNCTION.md: drop '* size' since size is always 1 [63] o CURLOPT_MAXLIFETIME_CONN: make default 24 hours [10] + o CURLOPT_POSTFIELDSIZE*: these also work for MQTT and RTSP [395] o CURLOPT_SERVER_RESPONSE_TIMEOUT*: add default and see-also [397] o CURLOPT_SSL_VERIFYHOST.md: add see-also to two other VERIFYHOST options [32] o CURLOPT_TIMECONDITION.md: works for FILE and FTP as well [27] + o cw-out: fix EAGAIN handling on pause [452] o cw-out: unify the error handling pattern in cw_out_do_write [414] o digest_sspi: fix two memory leaks in error branches [77] o dist: do not distribute CI.md [29] @@ -155,7 +159,9 @@ This release includes the following bugfixes: o ftp: simplify the 150/126 size scanner [288] o gnutls: check conversion of peer cert chain [275] o gnutls: fix re-handshake comments [422] + o gssapi: make channel binding conditional on GSS_C_CHANNEL_BOUND_FLAG [446] o gtls: avoid potential use of uninitialized variable in trace output [83] + o gtls: check the return value of gnutls_pubkey_init() [456] o header.md: see-also --proxy-header and vice versa [396] o hmac: free memory properly on errors [377] o hostip: don't store negative resolves due unrelated errors [256] @@ -165,6 +171,7 @@ This release includes the following bugfixes: o http2: cleanup pushed newhandle on fail [260] o http2: ingress handling edge cases [259] o HTTP3: clarify the status for "old" OpenSSL, not current [394] + o http: check the return value of strdup [437] o http: fix `-Wunreachable-code` in !websockets !unity builds [443] o http: fix `-Wunused-variable` in !alt-svc !proxy !ws builds [442] o http: handle user-defined connection headers [165] @@ -250,6 +257,7 @@ This release includes the following bugfixes: o mime: fix unpausing of readers [375] o mime: fix use of fseek() [334] o multi.h: add CURLMINFO_LASTENTRY [51] + o multi: check the return value of strdup() [436] o multi_ev: remove unnecessary data check that confuses analysers [167] o netrc: when the cached file is discarded, unmark it as loaded [409] o nghttp3: return NGHTTP3_ERR_CALLBACK_FAILURE from recv_header [227] @@ -278,6 +286,7 @@ This release includes the following bugfixes: o openssl-quic: ignore unexpected streams opened by server [176] o openssl: better return code checks when logging cert data [342] o openssl: call SSL_get_error() with proper error [207] + o openssl: check CURL_SSLVERSION_MAX_DEFAULT properly [447] o openssl: clear retry flag on x509 error [130] o openssl: combine all the x509-store flags [451] o openssl: fail if more than MAX_ALLOWED_CERT_AMOUNT certs [339] @@ -307,6 +316,7 @@ This release includes the following bugfixes: o quiche: fix verbose message when ip quadruple cannot be obtained. [128] o quiche: handle tls fail correctly [266] o quiche: when ingress processing fails, return that error code [103] + o rtsp: use explicit postfieldsize if specified [401] o runtests: tag tests that require curl verbose strings [172] o rustls: exit on error [335] o rustls: fix clang-tidy warning [107] @@ -410,6 +420,7 @@ This release includes the following bugfixes: o tool_getparam: always disable "lib-ids" for tracing [169] o tool_getparam: make --fail and --fail-with-body override each other [293] o tool_getparam: warn if provided header looks malformed [179] + o tool_ipfs: check the return value of curl_url_get for gwpath [453] o tool_ipfs: simplify the ipfs gateway logic [337] o tool_msgs: make errorf() show if --show-error [294] o tool_operate: improve wording in retry message [37] @@ -438,6 +449,7 @@ This release includes the following bugfixes: o vquic: handling of io improvements [239] o vquic: sending non-gso packets fix for EAGAIN [265] o vtls: alpn setting, check proto parameter [134] + o vtls: check final cfilter node in find_ssl_filter [440] o vtls: drop duplicate `CURL_SHA256_DIGEST_LENGTH` definition [387] o vtls: properly handle SSL shutdown timeout [433] o vtls: remove call to PKCS12_PBE_add() [408] @@ -484,21 +496,21 @@ advice from friends like these: Adam Light, Alexander Blach, Alice Lee Poetics, Andrei Kurushin, Andrew Kirillov, Andrew Olsen, And-yW on github, BobodevMm on github, BohwaZ, Christian Schmitz, curl.stunt430, Dalei, Dan Fandrich, Daniel Stenberg, - Daniel Terhorst-North, dependabot[bot], divinity76 on github, - Emilio Pozuelo Monfort, Emre Çalışkan, Ethan Everett, + Daniel Terhorst-North, dependabot[bot], Devdatta Talele, + divinity76 on github, Emilio Pozuelo Monfort, Emre Çalışkan, Ethan Everett, Evgeny Grin (Karlson2k), fds242 on github, Gunni on github, Harry Sintonen, Howard Chu, Ignat Loskutov, Jakub Stasiak, James Fuller, Javier Blazquez, Jicea, jmaggard10 on github, Jochen Sprickerhof, Johannes Schindelin, Jonathan Cardoso Machado, Joseph Birr-Pixton, Joshua Rogers, kapsiR on github, kuchara on github, madoe on github, Marc Aldorasi, Marcel Raad, Michael Osipov, Michał Petryka, Mitchell Blank Jr, - Mohamed Daahir, Nir Azkiel, Patrick Monnerat, Pavel P, plv1313 on github, - Pocs Norbert, Ray Satiro, renovate[bot], rinsuki on github, Sakthi SK, - Samuel Dionne-Riel, Samuel Henrique, Stanislav Fort, Stefan Eissing, - Tatsuhiro Tsujikawa, TheBitBrine, Theo Buehler, Tim Becker, tkzv on github, - Viktor Szakatas, Viktor Szakats, WangDaLei on github, Xiaoke Wang, - Yedaya Katsman, 包布丁 - (69 contributors) + Mohamed Daahir, Nir Azkiel, Patrick Monnerat, Pavel P, pennae on github, + Peter Piekarski, plv1313 on github, Pocs Norbert, Ray Satiro, renovate[bot], + rinsuki on github, Sakthi SK, Samuel Dionne-Riel, Samuel Henrique, + Sergio Durigan Junior, Stanislav Fort, Stefan Eissing, Tatsuhiro Tsujikawa, + TheBitBrine, Theo Buehler, Tim Becker, tkzv on github, Viktor Szakatas, + Viktor Szakats, WangDaLei on github, Xiaoke Wang, Yedaya Katsman, 包布丁 + (73 contributors) References to bug reports and discussions on issues: @@ -683,7 +695,6 @@ References to bug reports and discussions on issues: [179] = https://curl.se/bug/?i=18793 [180] = https://curl.se/bug/?i=18886 [181] = https://curl.se/bug/?i=18884 - [182] = https://curl.se/bug/?i=18754 [183] = https://curl.se/bug/?i=18921 [184] = https://curl.se/bug/?i=18878 [185] = https://curl.se/bug/?i=18875 @@ -896,11 +907,13 @@ References to bug reports and discussions on issues: [392] = https://curl.se/bug/?i=19266 [393] = https://curl.se/bug/?i=19130 [394] = https://curl.se/bug/?i=19153 + [395] = https://curl.se/bug/?i=19346 [396] = https://curl.se/bug/?i=19259 [397] = https://curl.se/bug/?i=19258 [398] = https://curl.se/bug/?i=19252 [399] = https://curl.se/bug/?i=19206 [400] = https://curl.se/bug/?i=19208 + [401] = https://curl.se/bug/?i=19345 [402] = https://curl.se/bug/?i=19211 [403] = https://curl.se/bug/?i=19213 [404] = https://curl.se/bug/?i=18991 @@ -930,20 +943,31 @@ References to bug reports and discussions on issues: [428] = https://curl.se/bug/?i=19291 [429] = https://curl.se/bug/?i=19167 [430] = https://curl.se/bug/?i=19237 + [431] = https://curl.se/bug/?i=19353 [432] = https://curl.se/bug/?i=19288 [433] = https://curl.se/bug/?i=19323 [434] = https://curl.se/bug/?i=19310 [435] = https://curl.se/bug/?i=19301 + [436] = https://curl.se/bug/?i=19344 + [437] = https://curl.se/bug/?i=19343 [438] = https://curl.se/bug/?i=19271 [439] = https://curl.se/bug/?i=19278 + [440] = https://curl.se/bug/?i=19229 [441] = https://curl.se/bug/?i=18847 [442] = https://curl.se/bug/?i=19276 [443] = https://curl.se/bug/?i=19275 [444] = https://curl.se/bug/?i=19274 [445] = https://curl.se/bug/?i=19240 + [446] = https://curl.se/bug/?i=19109 + [447] = https://curl.se/bug/?i=19340 [448] = https://curl.se/bug/?i=18983 [449] = https://curl.se/bug/?i=19148 [450] = https://curl.se/bug/?i=19304 [451] = https://curl.se/bug/?i=19306 + [452] = https://curl.se/bug/?i=19334 + [453] = https://curl.se/bug/?i=19358 [454] = https://curl.se/bug/?i=19312 [455] = https://curl.se/bug/?i=19309 + [456] = https://curl.se/bug/?i=19362 + [457] = https://curl.se/bug/?i=19351 + [458] = https://curl.se/bug/?i=19360 From a39ff61a7bbccd237c0aeae43db68b2a9ff6fd94 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 5 Nov 2025 00:57:21 +0100 Subject: [PATCH 0703/2408] GHA/windows: switch a dl-mingw job to skeeto/w64devkit gcc 15.1.0 To add another, so far untested standalone toolchain variant to the mix. This distro is a fairly compact, GCC mingw-w64. Replacing an existing 15.0.1 snapshot toolchain build job. Ref: https://github.com/skeeto/w64devkit/releases Closes #19369 --- .github/workflows/windows.yml | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index 1090857fe2..145d4813af 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -418,14 +418,16 @@ jobs: matrix: include: - name: 'schannel' # mingw-w64 12.0 - dir: 'mingw64' + sys: 'mingw64' + dir: 'w64devkit' env: 'x86_64' - ver: '15.0.1' - url: 'https://github.com/brechtsanders/winlibs_mingw/releases/download/15.0.1-snapshot20250406posix-12.0.0-ucrt-r1/winlibs-x86_64-posix-seh-gcc-15.0.1-snapshot20250406-mingw-w64ucrt-12.0.0-r1.7z' + ver: '15.1.0' + url: 'https://github.com/skeeto/w64devkit/releases/download/v2.2.0/w64devkit-x64-2.2.0.7z.exe' config: '-DENABLE_DEBUG=ON -DBUILD_SHARED_LIBS=OFF -DCURL_USE_SCHANNEL=ON -DENABLE_UNICODE=OFF' type: 'Release' tflags: 'skiprun' - name: 'schannel' # mingw-w64 10.0 + sys: 'mingw64' dir: 'mingw64' env: 'x86_64' ver: '9.5.0' @@ -433,6 +435,7 @@ jobs: config: '-DENABLE_DEBUG=ON -DBUILD_SHARED_LIBS=OFF -DCURL_USE_SCHANNEL=ON -DENABLE_UNICODE=OFF' type: 'Release' - name: 'schannel mbedtls U' # mingw-w64 6.0 + sys: 'mingw64' dir: 'mingw64' env: 'x86_64' ver: '7.3.0' @@ -442,6 +445,7 @@ jobs: type: 'Release' tflags: 'skiprun' - name: 'schannel !unity' # mingw-w64 5.0 + sys: 'mingw32' dir: 'mingw32' env: 'i686' ver: '6.4.0' @@ -450,6 +454,7 @@ jobs: type: 'Debug' tflags: 'skiprun' - name: 'schannel !examples' # mingw-w64 3.0 + sys: 'mingw64' dir: 'mingw64' env: 'x86_64' ver: '4.8.1' @@ -461,7 +466,7 @@ jobs: steps: - uses: msys2/setup-msys2@fb197b72ce45fb24f17bf3f807a388985654d1f2 # v2.29.0 with: - msystem: ${{ matrix.dir }} + msystem: ${{ matrix.sys }} release: false update: false cache: false From 8d00e28136baf661455f1fe5980a0d18c4d872e3 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 5 Nov 2025 10:18:32 +0100 Subject: [PATCH 0704/2408] GHA/non-native: revert to OpenBSD 7.7 due to test hangs with 7.8 test 701 (SOCKS5) and 708 (SOCKS4) started hanging occasionally, and most likely others too. https://github.com/curl/curl/actions/runs/19081279902/job/54510279013 (701 hangs) https://github.com/curl/curl/actions/runs/19095657593/job/54555001348?pr=19370 (708 hangs) https://github.com/curl/curl/actions/runs/19097996671/job/54562669865?pr=19371 (unknown test hangs) Reverts c3b890b2c005401e18b54dacf9e63d33412e2b4f #19368 Closes #19372 --- .github/workflows/non-native.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/non-native.yml b/.github/workflows/non-native.yml index 19ff552c91..523a6761e6 100644 --- a/.github/workflows/non-native.yml +++ b/.github/workflows/non-native.yml @@ -102,7 +102,7 @@ jobs: with: environment_variables: MATRIX_ARCH operating_system: 'openbsd' - version: '7.8' + version: '7.7' architecture: ${{ matrix.arch }} run: | # https://openbsd.app/ From 2e770b33e883ee34c45b4e29a9e4134f2629f938 Mon Sep 17 00:00:00 2001 From: Thomas Klausner Date: Wed, 5 Nov 2025 10:10:03 +0100 Subject: [PATCH 0705/2408] m4/sectrust: fix test(1) operator '=' is the operator defined by POSIX, only bash supports '==' Closes #19371 --- m4/curl-apple-sectrust.m4 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/m4/curl-apple-sectrust.m4 b/m4/curl-apple-sectrust.m4 index 7ed2aa1e5b..d42fe860a5 100644 --- a/m4/curl-apple-sectrust.m4 +++ b/m4/curl-apple-sectrust.m4 @@ -41,10 +41,10 @@ if test "x$OPT_APPLE_SECTRUST" = xyes; then ],[ build_for_apple="no" ]) - if test "x$build_for_apple" == "xno"; then + if test "x$build_for_apple" = "xno"; then AC_MSG_ERROR([Apple SecTrust can only be enabled for Apple OS targets]) fi - if test "x$OPENSSL_ENABLED" == "x1" -o "x$GNUTLS_ENABLED" == "x1"; then + if test "x$OPENSSL_ENABLED" = "x1" -o "x$GNUTLS_ENABLED" = "x1"; then AC_MSG_RESULT(yes) AC_DEFINE(USE_APPLE_SECTRUST, 1, [enable Apple OS certificate validation]) APPLE_SECTRUST_ENABLED=1 From dd71f61ea224e135b7ac3e16c8c83b2ca7d01b15 Mon Sep 17 00:00:00 2001 From: x2018 Date: Wed, 5 Nov 2025 15:28:56 +0800 Subject: [PATCH 0706/2408] lib: cleanup for some typos about spaces and code style Closes #19370 --- lib/asyn-base.c | 2 -- lib/asyn-thrdd.c | 2 +- lib/cf-h1-proxy.c | 4 ++-- lib/cf-h2-proxy.c | 5 ++--- lib/cf-ip-happy.c | 2 +- lib/conncache.c | 2 +- lib/curl_addrinfo.c | 2 +- lib/curl_fnmatch.c | 2 +- lib/curl_gssapi.c | 3 ++- lib/curl_ntlm_core.c | 8 ++++---- lib/curl_sasl.c | 4 ++-- lib/curl_sha512_256.c | 3 +-- lib/cw-out.c | 2 +- lib/doh.c | 10 +++++----- lib/escape.c | 2 +- lib/formdata.c | 4 ++-- lib/ftp.c | 3 --- lib/http.c | 2 +- lib/http1.c | 4 ++-- lib/http2.c | 6 +++--- lib/http_aws_sigv4.c | 4 ++-- lib/httpsrr.c | 2 +- lib/mime.c | 1 - lib/multi.c | 2 +- lib/openldap.c | 1 - lib/parsedate.c | 2 +- lib/pingpong.c | 2 +- lib/request.c | 4 ++-- lib/setopt.c | 3 +-- lib/smtp.c | 2 +- lib/socks.c | 2 +- lib/socks_gssapi.c | 1 - lib/socks_sspi.c | 5 ++--- lib/tftp.c | 2 +- lib/url.c | 1 - lib/vauth/spnego_sspi.c | 1 - lib/vquic/curl_ngtcp2.c | 3 ++- lib/vquic/curl_osslq.c | 3 ++- lib/vquic/curl_quiche.c | 1 - lib/vquic/vquic.c | 1 - lib/vssh/libssh.c | 2 -- lib/vssh/libssh2.c | 4 ++-- lib/vtls/gtls.c | 4 ++-- lib/vtls/mbedtls.c | 1 - lib/vtls/rustls.c | 6 ++++-- lib/vtls/schannel.c | 1 - lib/vtls/vtls.c | 2 +- lib/vtls/wolfssl.c | 2 +- lib/vtls/x509asn1.c | 2 +- lib/ws.c | 1 - packages/vms/curl_crtl_init.c | 7 +++---- src/tool_operate.c | 1 - src/tool_progress.c | 1 - 53 files changed, 65 insertions(+), 84 deletions(-) diff --git a/lib/asyn-base.c b/lib/asyn-base.c index eb2240b816..a49e1752a5 100644 --- a/lib/asyn-base.c +++ b/lib/asyn-base.c @@ -77,8 +77,6 @@ * * Returns: sockets-in-use-bitmap */ - - CURLcode Curl_ares_pollset(struct Curl_easy *data, ares_channel channel, struct easy_pollset *ps) diff --git a/lib/asyn-thrdd.c b/lib/asyn-thrdd.c index da83cca87a..b25745ee1b 100644 --- a/lib/asyn-thrdd.c +++ b/lib/asyn-thrdd.c @@ -666,7 +666,7 @@ CURLcode Curl_async_is_resolved(struct Curl_easy *data, /* Start at 1ms poll interval */ thrdd->addr->poll_interval = 1; else if(elapsed >= thrdd->addr->interval_end) - /* Back-off exponentially if last interval expired */ + /* Back-off exponentially if last interval expired */ thrdd->addr->poll_interval *= 2; if(thrdd->addr->poll_interval > 250) diff --git a/lib/cf-h1-proxy.c b/lib/cf-h1-proxy.c index e65aa74ddb..f46cc09616 100644 --- a/lib/cf-h1-proxy.c +++ b/lib/cf-h1-proxy.c @@ -126,7 +126,7 @@ static CURLcode tunnel_init(struct Curl_cfilter *cf, curlx_dyn_init(&ts->request_data, DYN_HTTP_REQUEST); Curl_httpchunk_init(data, &ts->ch, TRUE); - *pts = ts; + *pts = ts; connkeep(cf->conn, "HTTP proxy CONNECT"); return tunnel_reinit(cf, data, ts); } @@ -350,7 +350,7 @@ static CURLcode on_resp_header(struct Curl_cfilter *cf, ISDIGIT(header[9]) && ISDIGIT(header[10]) && ISDIGIT(header[11]) && !ISDIGIT(header[12])) { /* store the HTTP code from the proxy */ - data->info.httpproxycode = k->httpcode = (header[9] - '0') * 100 + + data->info.httpproxycode = k->httpcode = (header[9] - '0') * 100 + (header[10] - '0') * 10 + (header[11] - '0'); } return result; diff --git a/lib/cf-h2-proxy.c b/lib/cf-h2-proxy.c index 8baa227aac..f9bd827374 100644 --- a/lib/cf-h2-proxy.c +++ b/lib/cf-h2-proxy.c @@ -365,7 +365,6 @@ static CURLcode cf_h2_proxy_ctx_init(struct Curl_cfilter *cf, goto out; } - /* all set, traffic will be send on connect */ result = CURLE_OK; @@ -468,8 +467,8 @@ static CURLcode proxy_h2_progress_ingress(struct Curl_cfilter *cf, /* Receive data from the "lower" filters, e.g. network until * it is time to stop or we have enough data for this stream */ - while(!ctx->conn_closed && /* not closed the connection */ - !ctx->tunnel.closed && /* nor the tunnel */ + while(!ctx->conn_closed && /* not closed the connection */ + !ctx->tunnel.closed && /* nor the tunnel */ Curl_bufq_is_empty(&ctx->inbufq) && /* and we consumed our input */ !Curl_bufq_is_full(&ctx->tunnel.recvbuf)) { diff --git a/lib/cf-ip-happy.c b/lib/cf-ip-happy.c index 6b7130be83..22ae260ce0 100644 --- a/lib/cf-ip-happy.c +++ b/lib/cf-ip-happy.c @@ -237,7 +237,7 @@ static CURLcode cf_ip_attempt_connect(struct cf_ip_attempt *a, bool *connected) { *connected = a->connected; - if(!a->result && !*connected) { + if(!a->result && !*connected) { /* evaluate again */ a->result = Curl_conn_cf_connect(a->cf, data, connected); diff --git a/lib/conncache.c b/lib/conncache.c index 5c4bc357cc..d5770ef916 100644 --- a/lib/conncache.c +++ b/lib/conncache.c @@ -375,7 +375,7 @@ int Curl_cpool_check_limits(struct Curl_easy *data, bundle = cpool_find_bundle(cpool, conn); live = bundle ? Curl_llist_count(&bundle->conns) : 0; shutdowns = Curl_cshutdn_dest_count(data, conn->destination); - while((live + shutdowns) >= dest_limit) { + while((live + shutdowns) >= dest_limit) { if(shutdowns) { /* close one connection in shutdown right away, if we can */ if(!Curl_cshutdn_close_oldest(data, conn->destination)) diff --git a/lib/curl_addrinfo.c b/lib/curl_addrinfo.c index e26ee656bd..fc26bef833 100644 --- a/lib/curl_addrinfo.c +++ b/lib/curl_addrinfo.c @@ -68,7 +68,7 @@ */ #if defined(__INTEL_COMPILER) && (__INTEL_COMPILER == 910) && \ - defined(__OPTIMIZE__) && defined(__unix__) && defined(__i386__) + defined(__OPTIMIZE__) && defined(__unix__) && defined(__i386__) /* workaround icc 9.1 optimizer issue */ # define vqualifier volatile #else diff --git a/lib/curl_fnmatch.c b/lib/curl_fnmatch.c index 66b9739f3c..3148c472e2 100644 --- a/lib/curl_fnmatch.c +++ b/lib/curl_fnmatch.c @@ -243,7 +243,7 @@ static int setcharset(const unsigned char **p, unsigned char *charset) case CURLFNM_SCHS_RIGHTBRLEFTBR: if(c == ']') return SETCHARSET_OK; - state = CURLFNM_SCHS_DEFAULT; + state = CURLFNM_SCHS_DEFAULT; charset[c] = 1; (*p)++; break; diff --git a/lib/curl_gssapi.c b/lib/curl_gssapi.c index 74128559c1..947bb9c006 100644 --- a/lib/curl_gssapi.c +++ b/lib/curl_gssapi.c @@ -392,7 +392,8 @@ OM_uint32 Curl_gss_delete_sec_context(OM_uint32 *min, #define GSS_LOG_BUFFER_LEN 1024 static size_t display_gss_error(OM_uint32 status, int type, - char *buf, size_t len) { + char *buf, size_t len) +{ OM_uint32 maj_stat; OM_uint32 min_stat; OM_uint32 msg_ctx = 0; diff --git a/lib/curl_ntlm_core.c b/lib/curl_ntlm_core.c index 9c5e804779..28ae16d187 100644 --- a/lib/curl_ntlm_core.c +++ b/lib/curl_ntlm_core.c @@ -650,10 +650,10 @@ CURLcode Curl_ntlm_core_mk_ntlmv2_resp(unsigned char *ntlmv2hash, * * Returns CURLE_OK on success. */ -CURLcode Curl_ntlm_core_mk_lmv2_resp(unsigned char *ntlmv2hash, - unsigned char *challenge_client, - unsigned char *challenge_server, - unsigned char *lmresp) +CURLcode Curl_ntlm_core_mk_lmv2_resp(unsigned char *ntlmv2hash, + unsigned char *challenge_client, + unsigned char *challenge_server, + unsigned char *lmresp) { unsigned char data[16]; unsigned char hmac_output[16]; diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c index 043786f73f..b04e958268 100644 --- a/lib/curl_sasl.c +++ b/lib/curl_sasl.c @@ -932,10 +932,10 @@ CURLcode Curl_sasl_is_blocked(struct SASL *sasl, struct Curl_easy *data) CURL_SASL_DIGEST, TRUE, NULL); sasl_unchosen(data, SASL_MECH_NTLM, enabledmechs, CURL_SASL_NTLM, Curl_auth_is_ntlm_supported(), NULL); - sasl_unchosen(data, SASL_MECH_OAUTHBEARER, enabledmechs, TRUE, TRUE, + sasl_unchosen(data, SASL_MECH_OAUTHBEARER, enabledmechs, TRUE, TRUE, data->set.str[STRING_BEARER] ? NULL : "CURLOPT_XOAUTH2_BEARER"); - sasl_unchosen(data, SASL_MECH_XOAUTH2, enabledmechs, TRUE, TRUE, + sasl_unchosen(data, SASL_MECH_XOAUTH2, enabledmechs, TRUE, TRUE, data->set.str[STRING_BEARER] ? NULL : "CURLOPT_XOAUTH2_BEARER"); } diff --git a/lib/curl_sha512_256.c b/lib/curl_sha512_256.c index 7e9b223387..0d2cd3c3f9 100644 --- a/lib/curl_sha512_256.c +++ b/lib/curl_sha512_256.c @@ -344,7 +344,7 @@ static CURL_FORCEINLINE curl_uint64_t Curl_rotr64(curl_uint64_t value, * Size of the SHA-512/256 resulting digest in words. * This is the final digest size, not intermediate hash. */ -#define SHA512_256_DIGEST_SIZE_WORDS (SHA512_256_HASH_SIZE_WORDS / 2) +#define SHA512_256_DIGEST_SIZE_WORDS (SHA512_256_HASH_SIZE_WORDS / 2) /** * Size of the SHA-512/256 resulting digest in bytes @@ -760,7 +760,6 @@ static CURLcode Curl_sha512_256_finish(unsigned char *digest, void *context) #endif /* Local SHA-512/256 code */ - /** * Compute SHA-512/256 hash for the given data in one function call * @param[out] output the pointer to put the hash diff --git a/lib/cw-out.c b/lib/cw-out.c index 9c0a36e7e5..36cfc36aca 100644 --- a/lib/cw-out.c +++ b/lib/cw-out.c @@ -252,7 +252,7 @@ static CURLcode cw_out_ptr_flush(struct cw_out_ctx *ctx, size_t wlen, nwritten; CURLcode result; - /* If we errored once, we do not invoke the client callback again */ + /* If we errored once, we do not invoke the client callback again */ if(ctx->errored) return CURLE_WRITE_ERROR; diff --git a/lib/doh.c b/lib/doh.c index ec97bd7333..3552cba7b5 100644 --- a/lib/doh.c +++ b/lib/doh.c @@ -79,7 +79,7 @@ static const char *doh_strerror(DOHcode code) UNITTEST DOHcode doh_req_encode(const char *host, DNStype dnstype, unsigned char *dnsp, /* buffer */ - size_t len, /* buffer size */ + size_t len, /* buffer size */ size_t *olen) /* output length */ { const size_t hostlen = strlen(host); @@ -158,9 +158,9 @@ UNITTEST DOHcode doh_req_encode(const char *host, *dnsp++ = 0; /* append zero-length label for root */ - /* There are assigned TYPE codes beyond 255: use range [1..65535] */ + /* There are assigned TYPE codes beyond 255: use range [1..65535] */ *dnsp++ = (unsigned char)(255 & (dnstype >> 8)); /* upper 8 bit TYPE */ - *dnsp++ = (unsigned char)(255 & dnstype); /* lower 8 bit TYPE */ + *dnsp++ = (unsigned char)(255 & dnstype); /* lower 8 bit TYPE */ *dnsp++ = '\0'; /* upper 8 bit CLASS */ *dnsp++ = DNS_CLASS_IN; /* IN - "the Internet" */ @@ -677,7 +677,7 @@ static DOHcode doh_rdata(const unsigned char *doh, struct dohentry *d) { /* RDATA - - A (TYPE 1): 4 bytes + - A (TYPE 1): 4 bytes - AAAA (TYPE 28): 16 bytes - NS (TYPE 2): N bytes - HTTPS (TYPE 65): N bytes */ @@ -707,7 +707,7 @@ static DOHcode doh_rdata(const unsigned char *doh, return rc; break; case CURL_DNS_TYPE_DNAME: - /* explicit for clarity; just skip; rely on synthesized CNAME */ + /* explicit for clarity; just skip; rely on synthesized CNAME */ break; default: /* unsupported type, just skip it */ diff --git a/lib/escape.c b/lib/escape.c index 2064f4d05f..fdc6e438ab 100644 --- a/lib/escape.c +++ b/lib/escape.c @@ -23,7 +23,7 @@ ***************************************************************************/ /* Escape and unescape URL encoding in strings. The functions return a new - * allocated string or NULL if an error occurred. */ + * allocated string or NULL if an error occurred. */ #include "curl_setup.h" diff --git a/lib/formdata.c b/lib/formdata.c index 74a73028cd..416bcad4f5 100644 --- a/lib/formdata.c +++ b/lib/formdata.c @@ -289,7 +289,7 @@ static CURLFORMcode FormAddCheck(struct FormInfo *first_form, HTTPPOST_PTRCONTENTS | HTTPPOST_PTRBUFFER | HTTPPOST_CALLBACK)) && form->value) { /* copy value (without strdup; possibly contains null characters) */ - size_t clen = (size_t) form->contentslength; + size_t clen = (size_t) form->contentslength; if(!clen) clen = strlen(form->value) + 1; @@ -547,7 +547,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost, retval = CURL_FORMADD_OPTION_TWICE; else { if(!array_state) - avalue = va_arg(params, char *); + avalue = va_arg(params, char *); if(avalue) { curr->userp = avalue; curr->value = avalue; /* this is not strictly true but we derive a diff --git a/lib/ftp.c b/lib/ftp.c index 4858ae230f..819fab462b 100644 --- a/lib/ftp.c +++ b/lib/ftp.c @@ -1115,7 +1115,6 @@ static CURLcode ftp_state_use_port(struct Curl_easy *data, port++; } - /* get the name again after the bind() so that we can extract the port number it uses now */ sslen = sizeof(ss); @@ -1976,7 +1975,6 @@ static CURLcode ftp_state_pasv_resp(struct Curl_easy *data, goto error; } - /* * When this is used from the multi interface, this might've returned with * the 'connected' set to FALSE and thus we are now awaiting a non-blocking @@ -2488,7 +2486,6 @@ static CURLcode ftp_state_get_resp(struct Curl_easy *data, data->req.size = -1; /* default unknown size */ - /* * It appears that there are FTP-servers that return size 0 for files when * SIZE is used on the file while being in BINARY mode. To work around diff --git a/lib/http.c b/lib/http.c index 529c3c907d..f3cf228bf2 100644 --- a/lib/http.c +++ b/lib/http.c @@ -4081,7 +4081,7 @@ static CURLcode http_on_response(struct Curl_easy *data, k->download_done = TRUE; /* If max download size is *zero* (nothing) we already have - nothing and can safely return ok now! But for HTTP/2, we would + nothing and can safely return ok now! But for HTTP/2, we would like to call http2_handle_stream_close to properly close a stream. In order to do this, we keep reading until we close the stream. */ diff --git a/lib/http1.c b/lib/http1.c index 098dd7cd64..0403e95ba2 100644 --- a/lib/http1.c +++ b/lib/http1.c @@ -84,7 +84,7 @@ static ssize_t detect_line(struct h1_req_parser *parser, const char *buf, const size_t buflen, CURLcode *err) { - const char *line_end; + const char *line_end; DEBUGASSERT(!parser->line); line_end = memchr(buf, '\n', buflen); @@ -136,7 +136,7 @@ static ssize_t next_line(struct h1_req_parser *parser, static CURLcode start_req(struct h1_req_parser *parser, const char *scheme_default, int options) { - const char *p, *m, *target, *hv, *scheme, *authority, *path; + const char *p, *m, *target, *hv, *scheme, *authority, *path; size_t m_len, target_len, hv_len, scheme_len, authority_len, path_len; size_t i; CURLU *url = NULL; diff --git a/lib/http2.c b/lib/http2.c index 36bfd61033..de1113c1e4 100644 --- a/lib/http2.c +++ b/lib/http2.c @@ -796,7 +796,7 @@ static ssize_t send_callback(nghttp2_session *h2, ctx->nw_out_blocked = 1; return NGHTTP2_ERR_WOULDBLOCK; } - return (nwritten > SSIZE_MAX) ? + return (nwritten > SSIZE_MAX) ? NGHTTP2_ERR_CALLBACK_FAILURE : (ssize_t)nwritten; } @@ -2558,7 +2558,7 @@ static CURLcode cf_h2_connect(struct Curl_cfilter *cf, } /* Send out our SETTINGS and ACKs and such. If that blocks, we - * have it buffered and can count this filter as being connected */ + * have it buffered and can count this filter as being connected */ result = h2_progress_egress(cf, data); if(result && (result != CURLE_AGAIN)) goto out; @@ -2945,7 +2945,7 @@ CURLcode Curl_http2_upgrade(struct Curl_easy *data, struct cf_h2_ctx *ctx; CURLcode result; - DEBUGASSERT(Curl_conn_http_version(data, conn) < 20); + DEBUGASSERT(Curl_conn_http_version(data, conn) < 20); result = http2_cfilter_add(&cf, data, conn, sockindex, TRUE); if(result) diff --git a/lib/http_aws_sigv4.c b/lib/http_aws_sigv4.c index bb88a0f8ce..b5601f45a2 100644 --- a/lib/http_aws_sigv4.c +++ b/lib/http_aws_sigv4.c @@ -274,7 +274,6 @@ static CURLcode make_headers(struct Curl_easy *data, } } - if(*content_sha256_header) { tmp_head = curl_slist_append(head, content_sha256_header); if(!tmp_head) @@ -412,7 +411,8 @@ fail: static const char *parse_content_sha_hdr(struct Curl_easy *data, const char *provider1, size_t plen, - size_t *value_len) { + size_t *value_len) +{ char key[CONTENT_SHA256_KEY_LEN]; size_t key_len; const char *value; diff --git a/lib/httpsrr.c b/lib/httpsrr.c index f0d7ea14f1..c0392d16c4 100644 --- a/lib/httpsrr.c +++ b/lib/httpsrr.c @@ -167,7 +167,7 @@ static CURLcode httpsrr_opt(struct Curl_easy *data, unsigned short code; size_t len = 0; - code = ares_dns_rr_get_opt(rr, key, idx, &val, &len); + code = ares_dns_rr_get_opt(rr, key, idx, &val, &len); return Curl_httpsrr_set(data, hinfo, code, val, len); } diff --git a/lib/mime.c b/lib/mime.c index 0a56b07bc5..b1f432c0b0 100644 --- a/lib/mime.c +++ b/lib/mime.c @@ -1966,7 +1966,6 @@ static CURLcode cr_mime_read(struct Curl_easy *data, size_t nread; char tmp[256]; - /* Once we have errored, we will return the same error forever */ if(ctx->errored) { CURL_TRC_READ(data, "cr_mime_read(len=%zu) is errored -> %d, eos=0", diff --git a/lib/multi.c b/lib/multi.c index c27e8bdad8..efc240b4fa 100644 --- a/lib/multi.c +++ b/lib/multi.c @@ -2584,7 +2584,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, DEBUGASSERT(data->conn); if(data->conn->bits.multiplex) /* Check if we can move pending requests to send pipe */ - process_pending_handles(multi); /* multiplexed */ + process_pending_handles(multi); /* multiplexed */ /* Only perform the transfer if there is a good socket to work with. Having both BAD is a signal to skip immediately to DONE */ diff --git a/lib/openldap.c b/lib/openldap.c index f06587f017..9d6174defe 100644 --- a/lib/openldap.c +++ b/lib/openldap.c @@ -1235,7 +1235,6 @@ static CURLcode oldap_recv(struct Curl_easy *data, int sockindex, char *buf, break; } - if(!result) result = client_write(data, STRCONST("\n"), NULL, 0, NULL, 0); if(!result) diff --git a/lib/parsedate.c b/lib/parsedate.c index b9429db7f6..3fa5919c05 100644 --- a/lib/parsedate.c +++ b/lib/parsedate.c @@ -362,7 +362,7 @@ static int parsedate(const char *date, time_t *output) time_t t = 0; int wdaynum = -1; /* day of the week number, 0-6 (mon-sun) */ int monnum = -1; /* month of the year number, 0-11 */ - int mdaynum = -1; /* day of month, 1 - 31 */ + int mdaynum = -1; /* day of month, 1 - 31 */ int hournum = -1; int minnum = -1; int secnum = -1; diff --git a/lib/pingpong.c b/lib/pingpong.c index 470199a6ff..d0959470be 100644 --- a/lib/pingpong.c +++ b/lib/pingpong.c @@ -284,7 +284,7 @@ CURLcode Curl_pp_readresp(struct Curl_easy *data, size_t full = curlx_dyn_len(&pp->recvbuf); /* trim off the "final" leading part */ - curlx_dyn_tail(&pp->recvbuf, full - pp->nfinal); + curlx_dyn_tail(&pp->recvbuf, full - pp->nfinal); pp->nfinal = 0; /* now gone */ } diff --git a/lib/request.c b/lib/request.c index 1fa568325b..9778a0c953 100644 --- a/lib/request.c +++ b/lib/request.c @@ -64,7 +64,7 @@ CURLcode Curl_req_soft_reset(struct SingleRequest *req, req->header = FALSE; req->headerline = 0; req->headerbytecount = 0; - req->allheadercount = 0; + req->allheadercount = 0; req->deductheadercount = 0; req->httpversion_sent = 0; req->httpversion = 0; @@ -132,7 +132,7 @@ void Curl_req_hard_reset(struct SingleRequest *req, struct Curl_easy *data) req->writebytecount = 0; req->start = t0; req->headerbytecount = 0; - req->allheadercount = 0; + req->allheadercount = 0; req->deductheadercount = 0; req->headerline = 0; req->offset = 0; diff --git a/lib/setopt.c b/lib/setopt.c index 3c3adb06a9..3f385ed8a5 100644 --- a/lib/setopt.c +++ b/lib/setopt.c @@ -1159,7 +1159,6 @@ static CURLcode setopt_long(struct Curl_easy *data, CURLoption option, s->connect_only_ws = (arg == 2); break; - #ifdef USE_SSH case CURLOPT_SSH_AUTH_TYPES: s->ssh_auth_types = (int)arg; @@ -1683,7 +1682,7 @@ static CURLcode setopt_cptr(struct Curl_easy *data, CURLoption option, /* * A string with POST data. Makes curl HTTP POST. Even if it is NULL. * If needed, CURLOPT_POSTFIELDSIZE must have been set prior to - * CURLOPT_COPYPOSTFIELDS and not altered later. + * CURLOPT_COPYPOSTFIELDS and not altered later. */ if(!ptr || s->postfieldsize == -1) result = Curl_setstropt(&s->str[STRING_COPYPOSTFIELDS], ptr); diff --git a/lib/smtp.c b/lib/smtp.c index 3d4f36364b..f36459634e 100644 --- a/lib/smtp.c +++ b/lib/smtp.c @@ -1881,7 +1881,7 @@ static CURLcode smtp_parse_address(const char *fqma, char **address, /* Duplicate the fully qualified email address so we can manipulate it, ensuring it does not contain the delimiters if specified */ - char *dup = strdup(fqma[0] == '<' ? fqma + 1 : fqma); + char *dup = strdup(fqma[0] == '<' ? fqma + 1 : fqma); if(!dup) return CURLE_OUT_OF_MEMORY; diff --git a/lib/socks.c b/lib/socks.c index 9936aaf5bb..5daf5393cd 100644 --- a/lib/socks.c +++ b/lib/socks.c @@ -528,7 +528,7 @@ process_state: /* socks4a, not resolving locally, sends the hostname. * add an invalid address + user + hostname */ unsigned char buf[4] = { 0, 0, 0, 1 }; - size_t hlen = strlen(sx->hostname) + 1; /* including NUL */ + size_t hlen = strlen(sx->hostname) + 1; /* including NUL */ if(hlen > 255) { failf(data, "SOCKS4: too long hostname"); diff --git a/lib/socks_gssapi.c b/lib/socks_gssapi.c index 929132f570..30fefa5a6d 100644 --- a/lib/socks_gssapi.c +++ b/lib/socks_gssapi.c @@ -132,7 +132,6 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, const size_t serviceptr_length = strlen(serviceptr); gss_ctx_id_t gss_context = GSS_C_NO_CONTEXT; - /* GSS-API request looks like * +----+------+-----+----------------+ * |VER | MTYP | LEN | TOKEN | diff --git a/lib/socks_sspi.c b/lib/socks_sspi.c index a7aa81b75d..31645527a3 100644 --- a/lib/socks_sspi.c +++ b/lib/socks_sspi.c @@ -87,7 +87,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, unsigned long qop; unsigned char socksreq[4]; /* room for GSS-API exchange header only */ const char *service = data->set.str[STRING_PROXY_SERVICE_NAME] ? - data->set.str[STRING_PROXY_SERVICE_NAME] : "rcmd"; + data->set.str[STRING_PROXY_SERVICE_NAME] : "rcmd"; char *etbuf; size_t etbuf_size; @@ -156,7 +156,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, (void)curlx_nonblock(sock, FALSE); /* As long as we need to keep sending some context info, and there is no */ - /* errors, keep sending it... */ + /* errors, keep sending it... */ for(;;) { TCHAR *sname; @@ -505,7 +505,6 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf, goto error; } - if(!data->set.socks5_gssapi_nec) { wrap_desc.cBuffers = 2; sspi_w_token[0].BufferType = SECBUFFER_STREAM; diff --git a/lib/tftp.c b/lib/tftp.c index d9d978c24e..ffea60f621 100644 --- a/lib/tftp.c +++ b/lib/tftp.c @@ -477,7 +477,7 @@ static CURLcode tftp_send_first(struct tftp_conn *state, curl_msnprintf((char *)state->spacket.data + 2, state->blksize, - "%s%c%s%c", filename, '\0', mode, '\0'); + "%s%c%s%c", filename, '\0', mode, '\0'); sbytes = 4 + strlen(filename) + strlen(mode); /* optional addition of TFTP options */ diff --git a/lib/url.c b/lib/url.c index f0fe7d3d41..e816da442a 100644 --- a/lib/url.c +++ b/lib/url.c @@ -2187,7 +2187,6 @@ static CURLcode parse_proxy(struct Curl_easy *data, bool is_unix_proxy = FALSE; #endif - if(!uhp) { result = CURLE_OUT_OF_MEMORY; goto error; diff --git a/lib/vauth/spnego_sspi.c b/lib/vauth/spnego_sspi.c index 935468f3a6..9cf554d3b0 100644 --- a/lib/vauth/spnego_sspi.c +++ b/lib/vauth/spnego_sspi.c @@ -66,7 +66,6 @@ bool Curl_auth_is_spnego_supported(void) Curl_pSecFn->FreeContextBuffer(SecurityPackage); } - return status == SEC_E_OK; } diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index f72f6630f5..36bd28926d 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -1214,7 +1214,8 @@ static int cb_h3_stop_sending(nghttp3_conn *conn, int64_t stream_id, static int cb_h3_reset_stream(nghttp3_conn *conn, int64_t sid, uint64_t app_error_code, void *user_data, - void *stream_user_data) { + void *stream_user_data) +{ struct Curl_cfilter *cf = user_data; struct cf_ngtcp2_ctx *ctx = cf->ctx; curl_int64_t stream_id = (curl_int64_t)sid; diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c index e30cfc648a..50051041df 100644 --- a/lib/vquic/curl_osslq.c +++ b/lib/vquic/curl_osslq.c @@ -951,7 +951,8 @@ static int cb_h3_stop_sending(nghttp3_conn *conn, int64_t sid, static int cb_h3_reset_stream(nghttp3_conn *conn, int64_t sid, uint64_t app_error_code, void *user_data, - void *stream_user_data) { + void *stream_user_data) +{ struct Curl_cfilter *cf = user_data; struct cf_osslq_ctx *ctx = cf->ctx; struct Curl_easy *data = stream_user_data; diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c index a2ab24bae7..fc1c55526e 100644 --- a/lib/vquic/curl_quiche.c +++ b/lib/vquic/curl_quiche.c @@ -869,7 +869,6 @@ static CURLcode cf_quiche_recv(struct Curl_cfilter *cf, struct Curl_easy *data, if(!stream) return CURLE_RECV_ERROR; - if(!Curl_bufq_is_empty(&stream->recvbuf)) { result = Curl_bufq_cread(&stream->recvbuf, buf, len, pnread); CURL_TRC_CF(data, cf, "[%" FMT_PRIu64 "] read recvbuf(len=%zu) " diff --git a/lib/vquic/vquic.c b/lib/vquic/vquic.c index 7533001eaf..33f7fe092b 100644 --- a/lib/vquic/vquic.c +++ b/lib/vquic/vquic.c @@ -155,7 +155,6 @@ static CURLcode do_sendmsg(struct Curl_cfilter *cf, } #endif - while((sent = sendmsg(qctx->sockfd, &msg, 0)) == -1 && SOCKERRNO == SOCKEINTR) ; diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c index af3767ca71..f5de9f3e84 100644 --- a/lib/vssh/libssh.c +++ b/lib/vssh/libssh.c @@ -297,7 +297,6 @@ static void myssh_set_state(struct Curl_easy *data, "QUIT" }; - if(sshc->state != nowstate) { infof(data, "SSH %p state change from %s to %s (line %d)", (void *) sshc, names[sshc->state], names[nowstate], @@ -2439,7 +2438,6 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data, } } while(!rc && (sshc->state != SSH_STOP)); - if(rc == SSH_AGAIN) { /* we would block, we need to wait for the socket to be ready (in the right direction too)! */ diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c index 5990da25bf..ee82396753 100644 --- a/lib/vssh/libssh2.c +++ b/lib/vssh/libssh2.c @@ -3573,9 +3573,9 @@ static CURLcode ssh_do(struct Curl_easy *data, bool *done) Curl_pgrsSetDownloadSize(data, -1); if(conn->handler->protocol & CURLPROTO_SCP) - result = scp_perform(data, &connected, done); + result = scp_perform(data, &connected, done); else - result = sftp_perform(data, &connected, done); + result = sftp_perform(data, &connected, done); return result; } diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index 40d8ad5b45..754a5f2f89 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -636,7 +636,6 @@ CURLcode Curl_gtls_client_trust_setup(struct Curl_cfilter *cf, CURLcode result; int rc; - /* Consider the X509 store cacheable if it comes exclusively from a CAfile, or no source is provided and we are falling back to OpenSSL's built-in default. */ @@ -1969,7 +1968,8 @@ out: */ static CURLcode gtls_connect_common(struct Curl_cfilter *cf, struct Curl_easy *data, - bool *done) { + bool *done) +{ struct ssl_connect_data *connssl = cf->ctx; struct gtls_ssl_backend_data *backend = (struct gtls_ssl_backend_data *)connssl->backend; diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c index ea8981b3cd..4e8a0c3cf7 100644 --- a/lib/vtls/mbedtls.c +++ b/lib/vtls/mbedtls.c @@ -847,7 +847,6 @@ mbed_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data) mbedtls_ssl_list_ciphersuites()); } - #ifdef MBEDTLS_SSL_RENEGOTIATION mbedtls_ssl_conf_renegotiation(&backend->config, MBEDTLS_SSL_RENEGOTIATION_ENABLED); diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c index 2173b3be88..ecf4d03152 100644 --- a/lib/vtls/rustls.c +++ b/lib/vtls/rustls.c @@ -657,7 +657,8 @@ cleanup: static void init_config_builder_alpn(struct Curl_easy *data, const struct ssl_connect_data *connssl, - struct rustls_client_config_builder *config_builder) { + struct rustls_client_config_builder *config_builder) +{ struct alpn_proto_buf proto; rustls_slice_bytes alpn[ALPN_ENTRIES_MAX]; size_t i; @@ -709,7 +710,8 @@ init_config_builder_verifier(struct Curl_easy *data, struct rustls_client_config_builder *builder, const struct ssl_primary_config *conn_config, const struct curl_blob *ca_info_blob, - const char * const ssl_cafile) { + const char * const ssl_cafile) +{ const struct rustls_root_cert_store *roots = NULL; struct rustls_root_cert_store_builder *roots_builder = NULL; struct rustls_web_pki_server_cert_verifier_builder *verifier_builder = NULL; diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index 50b81f6725..f9d697bbb8 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -2646,7 +2646,6 @@ static CURLcode schannel_pkp_pin_peer_pubkey(struct Curl_cfilter *cf, break; /* failed */ } - if(!(((pCertContextServer->dwCertEncodingType & X509_ASN_ENCODING) != 0) && (pCertContextServer->cbCertEncoded > 0))) break; diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c index df0449cbee..3b7a095c8b 100644 --- a/lib/vtls/vtls.c +++ b/lib/vtls/vtls.c @@ -1952,7 +1952,7 @@ CURLcode Curl_alpn_to_proto_buf(struct alpn_proto_buf *buf, len = strlen(spec->entries[i]); if(len >= ALPN_NAME_MAX) return CURLE_FAILED_INIT; - blen = (unsigned char)len; + blen = (unsigned char)len; if(off + blen + 1 >= (int)sizeof(buf->data)) return CURLE_FAILED_INIT; buf->data[off++] = blen; diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c index 9639709fdb..19e8c5558a 100644 --- a/lib/vtls/wolfssl.c +++ b/lib/vtls/wolfssl.c @@ -578,7 +578,7 @@ wssl_setup_session(struct Curl_cfilter *cf, if(sess_reuse_cb) { result = sess_reuse_cb(cf, data, alpns, scs, &do_early_data); if(result) - goto out; + goto out; } #ifdef WOLFSSL_EARLY_DATA if(do_early_data) { diff --git a/lib/vtls/x509asn1.c b/lib/vtls/x509asn1.c index c5fc863515..96eb512b90 100644 --- a/lib/vtls/x509asn1.c +++ b/lib/vtls/x509asn1.c @@ -191,7 +191,7 @@ static const char *getASN1Element_(struct Curl_asn1Element *elem, if an error occurs. */ if(!beg || !end || beg >= end || !*beg || ((size_t)(end - beg) > CURL_ASN1_MAX) || - lvl >= CURL_ASN1_MAX_RECURSIONS) + lvl >= CURL_ASN1_MAX_RECURSIONS) return NULL; /* Process header byte. */ diff --git a/lib/ws.c b/lib/ws.c index 683841ecbb..891a53dbb4 100644 --- a/lib/ws.c +++ b/lib/ws.c @@ -1560,7 +1560,6 @@ CURLcode curl_ws_recv(CURL *d, void *buffer, return CURLE_BAD_FUNCTION_ARGUMENT; } - memset(&ctx, 0, sizeof(ctx)); ctx.data = data; ctx.ws = ws; diff --git a/packages/vms/curl_crtl_init.c b/packages/vms/curl_crtl_init.c index 90bcb4c359..1c90847cd2 100644 --- a/packages/vms/curl_crtl_init.c +++ b/packages/vms/curl_crtl_init.c @@ -173,7 +173,7 @@ static int sys_crelnm(const char *logname, } - /* Start of DECC RTL Feature handling */ +/* Start of DECC RTL Feature handling */ /* ** Sets default value for a feature @@ -213,7 +213,6 @@ static void set_features(void) /* We always want the new parse style */ set_feature_default("DECC$ARGV_PARSE_STYLE", ENABLE); - /* Unless we are in POSIX compliant mode, we want the old POSIX root * enabled. */ @@ -244,7 +243,7 @@ static void set_features(void) /* Gets rid of output logs with single character lines in them. */ set_feature_default("DECC$STDIO_CTX_EOL", ENABLE); - /* Fix mv aa.bb aa */ + /* Fix mv aa.bb aa */ set_feature_default("DECC$RENAME_NO_INHERIT", ENABLE); if(use_unix_settings) { @@ -283,7 +282,7 @@ static void set_features(void) /* Set strtol to proper behavior */ set_feature_default("DECC$STRTOL_ERANGE", ENABLE); - /* Commented here to prevent future bugs: A program or user should */ + /* Commented here to prevent future bugs: A program or user should */ /* never ever enable DECC$POSIX_STYLE_UID. */ /* It will probably break all code that accesses UIDs */ /* do_not_set_default ("DECC$POSIX_STYLE_UID", TRUE); */ diff --git a/src/tool_operate.c b/src/tool_operate.c index f290a288de..46a3f200bb 100644 --- a/src/tool_operate.c +++ b/src/tool_operate.c @@ -2194,7 +2194,6 @@ static CURLcode run_all_transfers(CURLSH *share, global->noprogress = orig_noprogress; global->isatty = orig_isatty; - return result; } diff --git a/src/tool_progress.c b/src/tool_progress.c index 2fcc7ff85e..ad4cd98eb7 100644 --- a/src/tool_progress.c +++ b/src/tool_progress.c @@ -253,7 +253,6 @@ bool progress_meter(CURLM *multi, speed = dls > uls ? dls : uls; } - if(dlknown && speed) { curl_off_t est = all_dltotal / speed; curl_off_t left = (all_dltotal - all_dlnow) / speed; From 2db36f11b8e2c3de99552fc9db830ac22f248a64 Mon Sep 17 00:00:00 2001 From: x2018 Date: Wed, 5 Nov 2025 02:16:54 +0800 Subject: [PATCH 0707/2408] gtls: add return checks and optimize the code This commit does the following things: 1. Update the description of gtls_init() 2. In gtls_client_init(), check the invaild SSLVERSION at first. Note that this part refactors the duplicate/incompatible checks and removes the useless local variable `sni`. 3. Check the return value of gnutls_ocsp_resp_init(). Although the original code is safe because gnutls_ocsp_resp_import() will check the validity of `ocsp_resp`, it is better to catch the error in time and record the proper message to output log. Closes #19366 --- lib/vtls/gtls.c | 59 +++++++++++++++++++------------------------------ 1 file changed, 23 insertions(+), 36 deletions(-) diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index 754a5f2f89..6c1fe63b5e 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -72,7 +72,6 @@ static void tls_log_func(int level, const char *str) curl_mfprintf(stderr, "|<%d>| %s", level, str); } #endif -static bool gtls_inited = FALSE; #if !defined(GNUTLS_VERSION_NUMBER) || (GNUTLS_VERSION_NUMBER < 0x03010a) #error "too old GnuTLS version" @@ -149,33 +148,31 @@ static ssize_t gtls_pull(void *s, void *buf, size_t blen) return (ssize_t)nread; } -/* gtls_init() +/** + * gtls_init() * * Global GnuTLS init, called from Curl_ssl_init(). This calls functions that - * are not thread-safe and thus this function itself is not thread-safe and - * must only be called from within curl_global_init() to keep the thread - * situation under control! + * are not thread-safe (It is thread safe since GnuTLS 3.3.0) and thus this + * function itself is not thread-safe and must only be called from within + * curl_global_init() to keep the thread situation under control! + * + * @retval 0 error initializing SSL + * @retval 1 SSL initialized successfully */ static int gtls_init(void) { int ret = 1; - if(!gtls_inited) { - ret = gnutls_global_init() ? 0 : 1; + ret = gnutls_global_init() ? 0 : 1; #ifdef GTLSDEBUG - gnutls_global_set_log_function(tls_log_func); - gnutls_global_set_log_level(2); + gnutls_global_set_log_function(tls_log_func); + gnutls_global_set_log_level(2); #endif - gtls_inited = TRUE; - } return ret; } static void gtls_cleanup(void) { - if(gtls_inited) { - gnutls_global_deinit(); - gtls_inited = FALSE; - } + gnutls_global_deinit(); } #ifndef CURL_DISABLE_VERBOSE_STRINGS @@ -860,20 +857,15 @@ static CURLcode gtls_client_init(struct Curl_cfilter *cf, struct ssl_config_data *ssl_config = Curl_ssl_cf_get_config(cf, data); unsigned int init_flags; int rc; - bool sni = TRUE; /* default is SNI enabled */ const char *prioritylist; bool tls13support; CURLcode result; - if(!gtls_inited) - gtls_init(); - - if(config->version == CURL_SSLVERSION_SSLv2) { - failf(data, "GnuTLS does not support SSLv2"); + if(config->version == CURL_SSLVERSION_SSLv2 || + config->version == CURL_SSLVERSION_SSLv3) { + failf(data, "GnuTLS does not support SSLv2 or SSLv3"); return CURLE_SSL_CONNECT_ERROR; } - else if(config->version == CURL_SSLVERSION_SSLv3) - sni = FALSE; /* SSLv3 has no SNI */ /* allocate a shared creds struct */ result = Curl_gtls_shared_creds_create(data, >ls->shared_creds); @@ -940,7 +932,7 @@ static CURLcode gtls_client_init(struct Curl_cfilter *cf, return CURLE_SSL_CONNECT_ERROR; } - if(sni && peer->sni) { + if(peer->sni) { if(gnutls_server_name_set(gtls->session, GNUTLS_NAME_DNS, peer->sni, strlen(peer->sni)) < 0) { failf(data, "Failed to set SNI"); @@ -956,16 +948,6 @@ static CURLcode gtls_client_init(struct Curl_cfilter *cf, /* "In GnuTLS 3.6.5, TLS 1.3 is enabled by default" */ tls13support = !!gnutls_check_version("3.6.5"); - /* Ensure +SRP comes at the *end* of all relevant strings so that it can be - * removed if a runtime error indicates that SRP is not supported by this - * GnuTLS version */ - - if(config->version == CURL_SSLVERSION_SSLv2 || - config->version == CURL_SSLVERSION_SSLv3) { - failf(data, "GnuTLS does not support SSLv2 or SSLv3"); - return CURLE_SSL_CONNECT_ERROR; - } - if(config->version == CURL_SSLVERSION_TLSv1_3) { if(!tls13support) { failf(data, "This GnuTLS installation does not support TLS 1.3"); @@ -1159,7 +1141,7 @@ CURLcode Curl_gtls_ctx_init(struct gtls_ctx *gctx, if(sess_reuse_cb) { result = sess_reuse_cb(cf, data, &alpns, scs, &do_early_data); if(result) - goto out; + goto out; } if(do_early_data) { /* We only try the ALPN protocol the session used before, @@ -1452,7 +1434,12 @@ static CURLcode gtls_verify_ocsp_status(struct Curl_easy *data, goto out; } - gnutls_ocsp_resp_init(&ocsp_resp); + rc = gnutls_ocsp_resp_init(&ocsp_resp); + if(rc < 0) { + failf(data, "Failed to initialize OCSP response object"); + result = CURLE_SSL_INVALIDCERTSTATUS; + goto out; + } rc = gnutls_ocsp_resp_import(ocsp_resp, &status_request); if(rc < 0) { From 33e7745eef3b9f537715b228c53f8ed6be553f3f Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 5 Nov 2025 14:12:23 +0100 Subject: [PATCH 0708/2408] RELEASE-NOTES: synced bumped to 8.17.1 for now fixed typo in THANKS-filter --- RELEASE-NOTES | 946 +---------------------------------------- docs/THANKS-filter | 2 +- include/curl/curlver.h | 6 +- 3 files changed, 14 insertions(+), 940 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 76e47f0f72..f5e85c2248 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -1,6 +1,6 @@ -curl and libcurl 8.17.0 +curl and libcurl 8.17.1 - Public curl releases: 271 + Public curl releases: 272 Command line options: 273 curl_easy_setopt() options: 308 Public functions in libcurl: 100 @@ -8,468 +8,12 @@ curl and libcurl 8.17.0 This release includes the following changes: - o build: drop Heimdal support [267] - o build: drop the winbuild build system [81] - o krb5: drop support for Kerberos FTP [43] - o libssh2: up the minimum requirement to 1.9.0 [85] - o multi: add notifications API [250] - o progress: expand to use 6 characters per size [234] - o ssl: support Apple SecTrust configurations [240] - o tool_getparam: add --knownhosts [204] - o vssh: drop support for wolfSSH [58] - o wcurl: import v2025.11.04 [431] - o write-out: make %header{} able to output *all* occurrences of a header [25] This release includes the following bugfixes: - o ares: fix leak in tracing [91] - o asyn-ares: remove wrong comment about the callback argument [306] - o asyn-ares: use the duped hostname pointer for all calls [158] - o asyn-thrdd resolver: clear timeout when done [97] - o asyn-thrdd: drop pthread_cancel [30] - o autotools: add support for libgsasl auto-detection via pkg-config [112] - o autotools: capitalize Rustls in the log output [106] - o autotools: drop detection of ancient OpenSSL libs RSAglue and rsaref [354] - o autotools: fix duplicate UNIX and BSD flags in buildinfo.txt [113] - o autotools: fix silly mistake in clang detection for buildinfo.txt [114] - o autotools: make --enable-code-coverage support llvm/clang [79] - o autotools: merge `if`s in GnuTLS/OpenSSL feature detection [385] - o aws-lc: re-enable large read-ahead with v1.61.0 again [16] - o base64: accept zero length argument to base64_encode [82] - o build: address some -Weverything warnings, update picky warnings [74] - o build: avoid overriding system open and stat symbols [141] - o build: avoid overriding system symbols for fopen functions [150] - o build: avoid overriding system symbols for socket functions [68] - o build: show llvm/clang in platform flags and buildinfo.txt [126] - o c-ares: when resolving failed, persist error [270] - o cf-h2-proxy: break loop on edge case [140] - o cf-ip-happy: mention unix domain path, not port number [161] - o cf-socket: always check Curl_cf_socket_peek() return code [198] - o cf-socket: check params and remove accept procondition [197] - o cf-socket: make set_local_ip void, and remove failf() [390] - o cf-socket: set FD_CLOEXEC on all sockets opened [273] - o cf-socket: tweak a memcpy() to read better [177] - o cf-socket: use the right byte order for ports in bindlocal [61] - o cfilter: unlink and discard [46] - o cfilters: check return code from Curl_pollset_set_out_only() [402] - o checksrc: allow disabling warnings on FIXME/TODO comments [324] - o checksrc: catch banned functions when preceded by ( [146] - o checksrc: fix possible endless loop when detecting BANNEDFUNC [149] - o checksrc: fix possible endless loops in the banned function logic [220] - o checksrc: fix to handle ) predecing a banned function [229] - o checksrc: reduce directory-specific exceptions [228] - o CI.md: refresh [280] - o cmake/FindGSS: dedupe pkg-config module strings [277] - o cmake/FindGSS: drop wrong header check for GNU GSS [278] - o cmake/FindGSS: fix pkg-config fallback logic for CMake <3.16 [189] - o cmake/FindGSS: simplify/de-dupe lib setup [253] - o cmake/FindGSS: whitespace/formatting [268] - o cmake: add and use local FindGnuTLS module [379] - o cmake: add CURL_CODE_COVERAGE option [78] - o cmake: build the "all" examples source list dynamically [245] - o cmake: clang detection tidy-ups [116] - o cmake: drop exclamation in comment looking like a name [160] - o cmake: fix `HAVE_GNUTLS_SRP` detection after adding local FindGnuTLS module [458] - o cmake: fix building docs when the base directory contains .3 [18] - o cmake: fix Linux pre-fill `HAVE_POSIX_STRERROR_R` (when `_CURL_PREFILL=ON`) - o cmake: fix Linux pre-fills for non-glibc (when `_CURL_PREFILL=ON`) [372] - o cmake: minor Heimdal flavour detection fix [269] - o cmake: pre-fill three more type sizes on Windows [244] - o cmake: say 'absolute path' in option descriptions and docs [378] - o cmake: support building some complicated examples, build them in CI [235] - o cmake: use modern alternatives for get_filename_component() [102] - o cmake: use more COMPILER_OPTIONS, LINK_OPTIONS / LINK_FLAGS [152] - o cmdline-docs: extended, clarified, refreshed [28] - o cmdline-opts/_PROGRESS.md: explain the suffixes [154] - o configure: add "-mt" for pthread support on HP-UX [52] - o conn: fix hostname move on connection reuse [272] - o conncache: prevent integer overflow in maxconnects calculation [438] - o connect: for CONNECT_ONLY, CURLOPT_TIMEOUT does not apply [404] - o connect: remove redundant condition in shutdown start [289] - o cookie: avoid saving a cookie file if no transfer was done [11] - o cookie: only count accepted cookies in Curl_cookie_add [364] - o cookie: remove the temporary file on (all) errors [356] - o cpool: make bundle->dest an array; fix UB [218] - o curl.h: remove incorrect comment about CURLOPT_PINNEDPUBLICKEY [320] - o curl_easy_getinfo: error code on NULL arg [2] - o curl_easy_setopt.md: add missing CURLOPT_POSTFIELDS [319] - o curl_mem_undef.h: limit to CURLDEBUG for non-memalloc overrides [19] - o curl_ngtcp2: fix `-Wunreachable-code` with H3 !verbose !unity clang [383] - o curl_osslq: error out properly if BIO_ADDR_rawmake() fails [184] - o curl_path: make sure just whitespace is illegal [351] - o Curl_resolv: fix comment. 'entry' argument is not optional [187] - o curl_slist_append.md: clarify that a NULL pointer is not acceptable [72] - o curl_threads: delete WinCE fallback branch [233] - o CURLINFO_FTP_ENTRY_PATH.md: this is for SFTP as well [8] - o CURLOPT_COOKIEFILE.md: clarify when the cookies are loaded [159] - o CURLOPT_COPYPOSTFIELDS.md: used with MQTT and RTSP as well [457] - o CURLOPT_HEADER/WRITEFUNCTION.md: drop '* size' since size is always 1 [63] - o CURLOPT_MAXLIFETIME_CONN: make default 24 hours [10] - o CURLOPT_POSTFIELDSIZE*: these also work for MQTT and RTSP [395] - o CURLOPT_SERVER_RESPONSE_TIMEOUT*: add default and see-also [397] - o CURLOPT_SSL_VERIFYHOST.md: add see-also to two other VERIFYHOST options [32] - o CURLOPT_TIMECONDITION.md: works for FILE and FTP as well [27] - o cw-out: fix EAGAIN handling on pause [452] - o cw-out: unify the error handling pattern in cw_out_do_write [414] - o digest_sspi: fix two memory leaks in error branches [77] - o dist: do not distribute CI.md [29] - o docs/cmdline-opts: drop double quotes from GLOBBING and URL examples [238] - o docs/libcurl: clarify some timeout option behavior [15] - o docs/libcurl: remove ancient version references [7] - o docs/libcurl: use lowercase must [5] - o docs: expand on quoting rules for file names in SFTP quote [300] - o docs: fix/tidy code fences [87] - o doh: cleanup resources on error paths [434] - o doswin: CloseHandle the thread on shutdown [307] - o easy_getinfo: check magic, Curl_close safety [3] - o ECH.md: make OpenSSL branch clone instructions work [430] - o examples/chkspeed: portable printing when outputting curl_off_t values [365] - o examples/http2-serverpush: fix file handle leaks [428] - o examples/sessioninfo: cast printf string mask length to int [232] - o examples/sessioninfo: do not disable security [255] - o examples/synctime: fix null termination assumptions [297] - o examples/synctime: make the sscanf not overflow the local buffer [252] - o examples/usercertinmem: avoid stripping const [247] - o examples/websocket: fix use of uninitialized rlen [346] - o examples: call curl_global_cleanup() where missing [323] - o examples: check more errors, fix cleanups, scope variables [318] - o examples: drop unused curl/mprintf.h includes [224] - o examples: fix build issues in 'complicated' examples [243] - o examples: fix more potential resource leaks, and more [426] - o examples: fix two build issues surfaced with WinCE [223] - o examples: fix two issues found by CodeQL [35] - o examples: fix two more cases of stat() TOCTOU [147] - o examples: improve global init, error checks and returning errors [321] - o examples: replace casts with `curl_off_t` printf masks [358] - o examples: return curl_easy_perform() results [322] - o firefox-db2pem.sh: add macOS support, tidy-ups [348] - o form.md: drop reference to MANUAL [178] - o ftp: add extra buffer length check [195] - o ftp: check errors on remote ip for data connection [423] - o ftp: fix ftp_do_more returning with *completep unset [122] - o ftp: fix port number range loop for PORT commands [66] - o ftp: fix the 213 scanner memchr buffer limit argument [196] - o ftp: improve fragile check for first digit > 3 [194] - o ftp: reduce size of some struct fields [418] - o ftp: remove 'newhost' and 'newport' from the ftp_conn struct [419] - o ftp: remove misleading comments [193] - o ftp: remove the retr_size_saved struct field [416] - o ftp: remove the state_saved struct field [417] - o ftp: replace strstr() in ;type= handling [313] - o ftp: simplify the 150/126 size scanner [288] - o gnutls: check conversion of peer cert chain [275] - o gnutls: fix re-handshake comments [422] - o gssapi: make channel binding conditional on GSS_C_CHANNEL_BOUND_FLAG [446] - o gtls: avoid potential use of uninitialized variable in trace output [83] - o gtls: check the return value of gnutls_pubkey_init() [456] - o header.md: see-also --proxy-header and vice versa [396] - o hmac: free memory properly on errors [377] - o hostip: don't store negative resolves due unrelated errors [256] - o hostip: fix infof() output for non-ipv6 builds using IPv6 address [338] - o hostip: remove leftover INT_MAX check in Curl_dnscache_prune [88] - o http2: check push header names by length first [261] - o http2: cleanup pushed newhandle on fail [260] - o http2: ingress handling edge cases [259] - o HTTP3: clarify the status for "old" OpenSSL, not current [394] - o http: check the return value of strdup [437] - o http: fix `-Wunreachable-code` in !websockets !unity builds [443] - o http: fix `-Wunused-variable` in !alt-svc !proxy !ws builds [442] - o http: handle user-defined connection headers [165] - o http: look for trailing 'type=' in ftp:// without strstr [315] - o http: make Content-Length parser more WHATWG [183] - o http: only accept ';' as a separator for custom headers [407] - o http: return error for a second Location: header [393] - o http_aws_sigv4: check the return value of curl_maprintf() [381] - o http_proxy: fix adding custom proxy headers [424] - o httpsrr: free old pointers when storing new [57] - o httpsrr: send HTTPS query to the right target [435] - o imap: fix custom FETCH commands to handle literal responses [441] - o imap: parse and use UIDVALIDITY as a number [420] - o imap: treat capabilities case insensitively [345] - o INSTALL-CMAKE.md: add manual configuration examples [360] - o INSTALL-CMAKE.md: document useful build targets [215] - o INSTALL-CMAKE.md: fix descriptions for LDAP dependency options [382] - o INSTALL: update the list of known operating systems [325] - o INTERNALS: drop Winsock 2.2 from the dependency list [162] - o ip-happy: do not set unnecessary timeout [95] - o ip-happy: prevent event-based stall on retry [155] - o kerberos: bump minimum to 1.3 (2003-07-08), drop legacy logic [279] - o kerberos: drop logic for MIT Kerberos <1.2.3 (pre-2002) versions [285] - o kerberos: stop including gssapi/gssapi_generic.h [282] - o krb5: fix output_token allocators in the GSS debug stub (Windows) [326] - o krb5: return appropriate error on send failures [22] - o krb5_gssapi: fix memory leak on error path [190] - o krb5_sspi: the chlg argument is NOT optional [200] - o ldap: avoid null ptr deref on failure [284] - o ldap: do not base64 encode zero length string [42] - o ldap: do not pass a \n to failf() [370] - o ldap: tidy-up types, fix error code confusion [191] - o lib1514: fix return code mixup [304] - o lib: delete unused crypto header includes [384] - o lib: drop unused include and duplicate guards [226] - o lib: fix build error with verbose strings disabled [173] - o lib: remove newlines from failf() calls [366] - o lib: remove personal names from comments [168] - o lib: SSL connection reuse [301] - o lib: stop NULL-checking conn->passwd and ->user [309] - o lib: upgrade/multiplex handling [136] - o libcurl-multi.md: added curl_multi_get_offt mention [53] - o libcurl-security.md: mention long-running connections [6] - o libssh/libssh2: reject quote command lines with too much data [299] - o libssh/sftp: fix resume corruption by avoiding O_APPEND with rresume [263] - o libssh2/sftp: fix resume corruption by avoiding O_APPEND with rresume [262] - o libssh2/sftp_realpath: change state consistently [185] - o libssh2: avoid risking using an uninitialized local struct field [209] - o libssh2: bail out on chgrp and chown number parsing errors [202] - o libssh2: clarify that sshp->path is always at least one byte [201] - o libssh2: drop two redundant null-terminations [26] - o libssh2: error check and null-terminate in ssh_state_sftp_readdir_link() [34] - o libssh2: fix EAGAIN return in ssh_state_auth_agent [290] - o libssh2: fix return code for EAGAIN [186] - o libssh2: use sockindex consistently [302] - o libssh: acknowledge SSH_AGAIN in the SFTP state machine [89] - o libssh: catch a resume point larger than the size [281] - o libssh: clarify myssh_block2waitfor [92] - o libssh: drop two unused assignments [104] - o libssh: error on bad chgrp number [71] - o libssh: error on bad chown number and store the value [64] - o libssh: fix range parsing error handling mistake [120] - o libssh: make atime and mtime cap the timestamp instead of wrap [283] - o libssh: react on errors from ssh_scp_read [24] - o libssh: return out of memory correctly if aprintf fails [60] - o libssh: return the proper error for readdir problems [355] - o Makefile.example: bump default example from FTP to HTTPS [389] - o Makefile.example: fix option order [231] - o Makefile.example: make default options more likely to work [388] - o Makefile.example: simplify and make it configurable [20] - o managen: ignore version mentions < 7.66.0 [55] - o managen: render better manpage references/links [54] - o managen: strict protocol check [109] - o managen: verify the options used in example lines [181] - o mbedtls: add support for 4.0.0 [344] - o mbedtls: check result of setting ALPN [127] - o mbedtls: fix building with <3.6.1 [400] - o mbedtls: fix building with sha-256 missing from PSA [391] - o mbedtls: handle WANT_WRITE from mbedtls_ssl_read() [145] - o md4: drop mbedtls implementation (not available in mbedtls v3+) [406] - o mdlinkcheck: reject URLs containing quotes [174] - o memdup0: handle edge case [241] - o mime: fix unpausing of readers [375] - o mime: fix use of fseek() [334] - o multi.h: add CURLMINFO_LASTENTRY [51] - o multi: check the return value of strdup() [436] - o multi_ev: remove unnecessary data check that confuses analysers [167] - o netrc: when the cached file is discarded, unmark it as loaded [409] - o nghttp3: return NGHTTP3_ERR_CALLBACK_FAILURE from recv_header [227] - o ngtcp2: add a comment explaining write result handling [340] - o ngtcp2: adopt ngtcp2_conn_get_stream_user_data if available [362] - o ngtcp2: check error code on connect failure [13] - o ngtcp2: close just-opened QUIC stream when submit_request fails [222] - o ngtcp2: compare idle timeout in ms to avoid overflow [248] - o ngtcp2: fix early return [131] - o ngtcp2: fix handling of blocked stream data [236] - o ngtcp2: fix returns when TLS verify failed [251] - o ngtcp2: overwrite rate-limits defaults [444] - o noproxy: fix the IPV6 network mask pattern match [166] - o NTLM: disable if DES support missing from OpenSSL or mbedTLS [399] - o ntlm: improved error path on bad incoming NTLM TYPE3 message [412] - o openldap/ldap; check for binary attribute case insensitively [445] - o openldap: avoid indexing the result at -1 for blank responses [44] - o openldap: check ber_sockbuf_add_io() return code [163] - o openldap: check ldap_get_option() return codes [119] - o openldap: do not pass newline to infof() [368] - o openldap: fix memory-leak in error path [287] - o openldap: fix memory-leak on oldap_do's exit path [286] - o openldap: limit max incoming size [347] - o openssl-quic: check results better [132] - o openssl-quic: handle error in SSL_get_stream_read_error_code [129] - o openssl-quic: ignore unexpected streams opened by server [176] - o openssl: better return code checks when logging cert data [342] - o openssl: call SSL_get_error() with proper error [207] - o openssl: check CURL_SSLVERSION_MAX_DEFAULT properly [447] - o openssl: clear retry flag on x509 error [130] - o openssl: combine all the x509-store flags [451] - o openssl: fail if more than MAX_ALLOWED_CERT_AMOUNT certs [339] - o openssl: fail the transfer if ossl_certchain() fails [23] - o openssl: fix build for v1.0.2 [225] - o openssl: fix peer certificate leak in channel binding [258] - o openssl: fix resource leak in provider error path [376] - o openssl: fix unable do typo in failf() calls [341] - o openssl: free UI_METHOD on exit path [373] - o openssl: make the asn1_object_dump name null terminated [56] - o openssl: only try engine/provider if a cert file/name is provided [415] - o openssl: set io_need always [99] - o openssl: skip session resumption when verifystatus is set [230] - o os400: document threads handling in code. [254] - o OS400: fix a use-after-free/double-free case [142] - o osslq: set idle timeout to 0 [237] - o pingpong: remove two old leftover debug infof() calls - o pop3: check for CAPA responses case insensitively [439] - o pop3: fix CAPA response termination detection [427] - o pop3: function could get the ->transfer field wrong [292] - o pytest: skip specific tests for no-verbose builds [171] - o quic: fix min TLS version handling [14] - o quic: ignore EMSGSIZE on receive [4] - o quic: improve UDP GRO receives [330] - o quic: remove data_idle handling [311] - o quiche: fix possible leaks on teardown [205] - o quiche: fix verbose message when ip quadruple cannot be obtained. [128] - o quiche: handle tls fail correctly [266] - o quiche: when ingress processing fails, return that error code [103] - o rtsp: use explicit postfieldsize if specified [401] - o runtests: tag tests that require curl verbose strings [172] - o rustls: exit on error [335] - o rustls: fix clang-tidy warning [107] - o rustls: fix comment describing cr_recv() [117] - o rustls: limit snprintf proper in cr_keylog_log_cb() [343] - o rustls: make read_file_into not reject good files [328] - o rustls: pass the correct result to rustls_failf [242] - o rustls: typecast variable for safer trace output [69] - o rustls: use %zu for size_t in failf() format string [121] - o sasl: clear canceled mechanism instead of toggling it [41] - o schannel: assign result before using it [62] - o schannel: fix memory leak [363] - o schannel: handle Curl_conn_cf_send() errors better [352] - o schannel: lower the maximum allowed time to block to 7 seconds [333] - o schannel: properly close the certfile on error [450] - o schannel_verify: do not call infof with an appended \n [371] - o schannel_verify: fix mem-leak in Curl_verify_host [208] - o schannel_verify: use more human friendly error messages [96] - o scp/sftp: fix disconnect [350] - o scripts: pass -- before passing xargs [349] - o setopt: accept *_SSL_VERIFYHOST set to 2L [31] - o setopt: allow CURLOPT_DNS_CACHE_TIMEOUT set to -1 [257] - o setopt: fix unused variable warning in minimal build [332] - o setopt: make CURLOPT_MAXREDIRS accept -1 (again) [1] - o singleuse.pl: fix string warning [392] - o smb: adjust buffer size checks [45] - o smb: transfer debugassert to real check [303] - o smtp: check EHLO responses case insensitively [50] - o smtp: fix EOB handling [410] - o smtp: return value ignored [357] - o socks: advance iobuf instead of reset [276] - o socks: avoid UAF risk in error path [359] - o socks: deny server basic-auth if not configured [264] - o socks: handle error in verbose trace gracefully [94] - o socks: handle premature close [246] - o socks: make Curl_blockread_all return CURLcode [67] - o socks: properly maintain the status of 'done' [405] - o socks: rewwork, cleaning up socks state handling [135] - o socks_gssapi: also reset buffer length after free [429] - o socks_gssapi: make the gss_context a local variable [144] - o socks_gssapi: reject too long tokens [90] - o socks_gssapi: remove superfluous releases of the gss_recv_token [139] - o socks_gssapi: remove the forced "no protection" [143] - o socks_gssapi: replace `gss_release_buffer()` with curl free [386] - o socks_sspi: bail out on too long fields [137] - o socks_sspi: fix memory cleanup calls [40] - o socks_sspi: remove the enforced mode clearing [291] - o socks_sspi: restore non-blocking socket on error paths [48] - o socks_sspi: use the correct free function [331] - o socksd: remove --bindonly mention, there is no such option [305] - o spelling: fix new finds by typos-cli 1.39.0 [454] - o src/var: remove dead code [369] - o ssl-session-cache: check use on config and availability [448] - o ssl-sessions.md: mark option experimental [12] - o strerror: drop workaround for SalfordC win32 header bug [214] - o sws: fix checking sscanf() return value [17] - o sws: pass in socket reference to allow function to close it [298] - o tcp-nodelay.md: expand the documentation [153] - o telnet: ignore empty suboptions [86] - o telnet: make bad_option() consider NULL a bad option too [192] - o telnet: make printsub require another byte input [21] - o telnet: print DISPlay LOCation in printsub without mutating buffer [216] - o telnet: refuse IAC codes in content [111] - o telnet: return error if WSAEventSelect fails [180] - o telnet: return error on crazy TTYPE or XDISPLOC lengths [123] - o telnet: send failure logged but not returned [175] - o telnet: use pointer[0] for "unknown" option instead of pointer[i] [217] - o test1100: fix missing `` section [432] - o tests/libtest/cli*: fix init/deinit, leaks, and more [455] - o tests/server: drop pointless memory allocation overrides [219] - o tests/server: drop unsafe open() override in signal handler (Windows) [151] - o tftp: check and act on tftp_set_timeouts() returning error [38] - o tftp: check for trailing ";mode=" in URL without strstr [312] - o tftp: default timeout per block is now 15 seconds [156] - o tftp: error requests for blank filenames [296] - o tftp: handle tftp_multi_statemach() return code [65] - o tftp: pin the first used address [110] - o tftp: propagate expired timer from tftp_state_timeout() [39] - o tftp: return error if it hits an illegal state [138] - o tftp: return error when sendto() fails [59] - o thread: errno on thread creation [271] - o tidy-up: assortment of small fixes [115] - o tidy-up: avoid using the reserved macro namespace [76] - o tidy-up: fcntl.h includes [98] - o tidy-up: update MS links, allow long URLs via checksrc [73] - o tidy-up: URLs [101] - o time-cond.md: refer to the singular curl_getdate man page [148] - o TLS: IP address verification, extend test [398] - o TODO: fix a typo [93] - o TODO: remove already implemented or bad items [36] - o tool: fix exponential retry delay [47] - o tool_cb_hdr: fix fwrite check in header callback [49] - o tool_cb_hdr: size is always 1 [70] - o tool_cb_rea: use poll instead of select if available [329] - o tool_cfgable: remove superfluous free calls [403] - o tool_doswin: fix to use curl socket functions [108] - o tool_filetime: cap crazy file times instead of erroring [327] - o tool_filetime: replace cast with the fitting printf mask (Windows) [212] - o tool_formparse: rewrite the headers file parser [374] - o tool_getparam/set_rate: skip the multiplication on overflow [84] - o tool_getparam: always disable "lib-ids" for tracing [169] - o tool_getparam: make --fail and --fail-with-body override each other [293] - o tool_getparam: warn if provided header looks malformed [179] - o tool_ipfs: check the return value of curl_url_get for gwpath [453] - o tool_ipfs: simplify the ipfs gateway logic [337] - o tool_msgs: make errorf() show if --show-error [294] - o tool_operate: improve wording in retry message [37] - o tool_operate: keep failed partial download for retry auto-resume [210] - o tool_operate: keep the progress meter for --out-null [33] - o tool_operate: move the checks that skip ca cert detection [449] - o tool_operate: retry on HTTP response codes 522 and 524 [317] - o tool_operate: return error on strdup() failure [336] - o tool_paramhlp: remove outdated comment in str2tls_max() [367] - o tool_parsecfg: detect and error on recursive --config use [380] - o tool_progress: handle possible integer overflows [164] - o tool_progress: make max5data() use an algorithm [170] - o transfer: avoid busy loop with tiny speed limit [100] - o transfer: fix retry for empty downloads on reuse [411] - o transfer: reset retry count on each request [310] - o unit1323: sync time types and printf masks, drop casts [211] - o unit1664: drop casts, expand masks to full values [221] - o url: make Curl_init_userdefined return void [213] - o urldata: FILE is not a list-only protocol [9] - o urldata: make 'retrycount' a single byte [308] - o urldata: make redirect counter 16 bit [295] - o vauth/digest: improve the digest parser [203] - o version: add GSS backend name and version [353] - o vquic: fix idle-timeout checks (ms<-->ns), 64-bit log & honor 0=no-timeout [249] - o vquic: fix recvmsg loop for max_pkts [421] - o vquic: handling of io improvements [239] - o vquic: sending non-gso packets fix for EAGAIN [265] - o vtls: alpn setting, check proto parameter [134] - o vtls: check final cfilter node in find_ssl_filter [440] - o vtls: drop duplicate `CURL_SHA256_DIGEST_LENGTH` definition [387] - o vtls: properly handle SSL shutdown timeout [433] - o vtls: remove call to PKCS12_PBE_add() [408] - o vtls: unify the error handling in ssl_cf_connect(). [413] - o vtls_int.h: clarify data_pending [124] - o vtls_scache: fix race condition [157] - o wcurl: sync to +dev snapshot [425] - o windows: replace _beginthreadex() with CreateThread() [80] - o windows: stop passing unused, optional argument for Win9x compatibility [75] - o windows: use consistent format when showing error codes [199] - o windows: use native error code types more [206] - o wolfssl: check BIO read parameters [133] - o wolfssl: clear variable to avoid uninitialized use [361] - o wolfssl: fix error check in shutdown [105] - o wolfssl: fix resource leak in verify_pinned error paths [314] - o wolfssl: no double get_error() detail [188] - o ws: clarify an error message [125] - o ws: fix some edge cases [274] - o ws: fix type conversion check [316] - o ws: reject curl_ws_recv called with NULL buffer with a buflen [118] + o gtls: add return checks and optimize the code [2] + o lib: cleanup for some typos about spaces and code style [3] + o m4/sectrust: fix test(1) operator [4] This release includes the following known bugs: @@ -493,481 +37,11 @@ Planned upcoming removals include: This release would not have looked like this without help, code, reports and advice from friends like these: - Adam Light, Alexander Blach, Alice Lee Poetics, Andrei Kurushin, - Andrew Kirillov, Andrew Olsen, And-yW on github, BobodevMm on github, BohwaZ, - Christian Schmitz, curl.stunt430, Dalei, Dan Fandrich, Daniel Stenberg, - Daniel Terhorst-North, dependabot[bot], Devdatta Talele, - divinity76 on github, Emilio Pozuelo Monfort, Emre Çalışkan, Ethan Everett, - Evgeny Grin (Karlson2k), fds242 on github, Gunni on github, Harry Sintonen, - Howard Chu, Ignat Loskutov, Jakub Stasiak, James Fuller, Javier Blazquez, - Jicea, jmaggard10 on github, Jochen Sprickerhof, Johannes Schindelin, - Jonathan Cardoso Machado, Joseph Birr-Pixton, Joshua Rogers, - kapsiR on github, kuchara on github, madoe on github, Marc Aldorasi, - Marcel Raad, Michael Osipov, Michał Petryka, Mitchell Blank Jr, - Mohamed Daahir, Nir Azkiel, Patrick Monnerat, Pavel P, pennae on github, - Peter Piekarski, plv1313 on github, Pocs Norbert, Ray Satiro, renovate[bot], - rinsuki on github, Sakthi SK, Samuel Dionne-Riel, Samuel Henrique, - Sergio Durigan Junior, Stanislav Fort, Stefan Eissing, Tatsuhiro Tsujikawa, - TheBitBrine, Theo Buehler, Tim Becker, tkzv on github, Viktor Szakatas, - Viktor Szakats, WangDaLei on github, Xiaoke Wang, Yedaya Katsman, 包布丁 - (73 contributors) + Daniel Stenberg, Thomas Klausner, Viktor Szakats, Xiaoke Wang + (4 contributors) References to bug reports and discussions on issues: - [1] = https://curl.se/bug/?i=18571 - [2] = https://curl.se/bug/?i=18512 - [3] = https://curl.se/bug/?i=18511 - [4] = https://curl.se/bug/?i=18505 - [5] = https://curl.se/bug/?i=18570 - [6] = https://curl.se/bug/?i=18533 - [7] = https://curl.se/bug/?i=18530 - [8] = https://curl.se/bug/?i=18531 - [9] = https://curl.se/bug/?i=18525 - [10] = https://curl.se/bug/?i=18527 - [11] = https://curl.se/bug/?i=18621 - [12] = https://curl.se/bug/?i=18523 - [13] = https://curl.se/bug/?i=18521 - [14] = https://curl.se/bug/?i=18518 - [15] = https://curl.se/bug/?i=18569 - [16] = https://curl.se/bug/?i=18568 - [17] = https://curl.se/bug/?i=18565 - [18] = https://curl.se/bug/?i=18560 - [19] = https://curl.se/bug/?i=18510 - [20] = https://curl.se/bug/?i=18554 - [21] = https://curl.se/bug/?i=18618 - [22] = https://curl.se/bug/?i=18561 - [23] = https://curl.se/bug/?i=18646 - [24] = https://curl.se/bug/?i=18616 - [25] = https://curl.se/bug/?i=18491 - [26] = https://curl.se/bug/?i=18606 - [27] = https://curl.se/bug/?i=18551 - [28] = https://curl.se/bug/?i=18550 - [29] = https://curl.se/bug/?i=18549 - [30] = https://curl.se/bug/?i=18532 - [31] = https://curl.se/mail/lib-2025-09/0031.html - [32] = https://curl.se/bug/?i=18548 - [33] = https://curl.se/bug/?i=18607 - [34] = https://curl.se/bug/?i=18598 - [35] = https://curl.se/bug/?i=18605 - [36] = https://curl.se/bug/?i=18542 - [37] = https://curl.se/bug/?i=18604 - [38] = https://curl.se/bug/?i=18603 - [39] = https://curl.se/bug/?i=18574 - [40] = https://curl.se/bug/?i=18587 - [41] = https://curl.se/bug/?i=18573 - [42] = https://curl.se/bug/?i=18602 - [43] = https://curl.se/bug/?i=18577 - [44] = https://curl.se/bug/?i=18600 - [45] = https://curl.se/bug/?i=18599 - [46] = https://curl.se/bug/?i=18596 - [47] = https://curl.se/bug/?i=18591 - [48] = https://curl.se/bug/?i=18592 - [49] = https://curl.se/bug/?i=18593 - [50] = https://curl.se/bug/?i=18588 - [51] = https://curl.se/bug/?i=18578 - [52] = https://curl.se/bug/?i=18585 - [53] = https://curl.se/bug/?i=18579 - [54] = https://curl.se/bug/?i=18580 - [55] = https://curl.se/bug/?i=18583 - [56] = https://curl.se/bug/?i=18647 - [57] = https://curl.se/bug/?i=18631 - [58] = https://curl.se/bug/?i=18700 - [59] = https://curl.se/bug/?i=18643 - [60] = https://curl.se/bug/?i=18637 - [61] = https://curl.se/bug/?i=18641 - [62] = https://curl.se/bug/?i=18642 - [63] = https://curl.se/bug/?i=18640 - [64] = https://curl.se/bug/?i=18639 - [65] = https://curl.se/bug/?i=18638 - [66] = https://curl.se/bug/?i=18636 - [67] = https://curl.se/bug/?i=18635 - [68] = https://curl.se/bug/?i=18503 - [69] = https://curl.se/bug/?i=18628 - [70] = https://curl.se/bug/?i=18630 - [71] = https://curl.se/bug/?i=18629 - [72] = https://curl.se/bug/?i=18627 - [73] = https://curl.se/bug/?i=18626 - [74] = https://curl.se/bug/?i=18477 - [75] = https://curl.se/bug/?i=18490 - [76] = https://curl.se/bug/?i=18482 - [77] = https://curl.se/bug/?i=18488 - [78] = https://curl.se/bug/?i=18468 - [79] = https://curl.se/bug/?i=18473 - [80] = https://curl.se/bug/?i=18451 - [81] = https://curl.se/bug/?i=18040 - [82] = https://curl.se/bug/?i=18617 - [83] = https://curl.se/bug/?i=18620 - [84] = https://curl.se/bug/?i=18624 - [85] = https://curl.se/bug/?i=18612 - [86] = https://curl.se/bug/?i=18899 - [87] = https://curl.se/bug/?i=18707 - [88] = https://curl.se/bug/?i=18680 - [89] = https://curl.se/bug/?i=18740 - [90] = https://curl.se/bug/?i=18681 - [91] = https://curl.se/bug/?i=18251 - [92] = https://curl.se/bug/?i=18739 - [93] = https://curl.se/bug/?i=18788 - [94] = https://curl.se/bug/?i=18722 - [95] = https://curl.se/bug/?i=18767 - [96] = https://curl.se/bug/?i=18737 - [97] = https://curl.se/bug/?i=18769 - [98] = https://curl.se/bug/?i=18782 - [99] = https://curl.se/bug/?i=18733 - [100] = https://curl.se/bug/?i=18732 - [101] = https://curl.se/bug/?i=18689 - [102] = https://curl.se/bug/?i=18688 - [103] = https://curl.se/bug/?i=18730 - [104] = https://curl.se/bug/?i=18684 - [105] = https://curl.se/bug/?i=18729 - [106] = https://curl.se/bug/?i=18671 - [107] = https://curl.se/bug/?i=18670 - [108] = https://curl.se/bug/?i=18633 - [109] = https://curl.se/bug/?i=18675 - [110] = https://curl.se/bug/?i=18658 - [111] = https://curl.se/bug/?i=18657 - [112] = https://curl.se/bug/?i=18669 - [113] = https://curl.se/bug/?i=18667 - [114] = https://curl.se/bug/?i=18666 - [115] = https://curl.se/bug/?i=18664 - [116] = https://curl.se/bug/?i=18659 - [117] = https://curl.se/bug/?i=18728 - [118] = https://curl.se/bug/?i=18656 - [119] = https://curl.se/bug/?i=18653 - [120] = https://curl.se/bug/?i=18652 - [121] = https://curl.se/bug/?i=18651 - [122] = https://curl.se/bug/?i=18650 - [123] = https://curl.se/bug/?i=18648 - [124] = https://curl.se/bug/?i=18644 - [125] = https://curl.se/bug/?i=18654 - [126] = https://curl.se/bug/?i=18645 - [127] = https://curl.se/bug/?i=18727 - [128] = https://curl.se/bug/?i=18726 - [129] = https://curl.se/bug/?i=18725 - [130] = https://curl.se/bug/?i=18724 - [131] = https://curl.se/bug/?i=18723 - [132] = https://curl.se/bug/?i=18720 - [133] = https://curl.se/bug/?i=18718 - [134] = https://curl.se/bug/?i=18717 - [135] = https://curl.se/bug/?i=18401 - [136] = https://curl.se/bug/?i=18227 - [137] = https://curl.se/bug/?i=18719 - [138] = https://curl.se/bug/?i=18894 - [139] = https://curl.se/bug/?i=18714 - [140] = https://curl.se/bug/?i=18715 - [141] = https://curl.se/bug/?i=18776 - [142] = https://curl.se/bug/?i=18713 - [143] = https://curl.se/bug/?i=18712 - [144] = https://curl.se/bug/?i=18711 - [145] = https://curl.se/bug/?i=18682 - [146] = https://curl.se/bug/?i=18779 - [147] = https://curl.se/bug/?i=18778 - [148] = https://curl.se/bug/?i=18816 - [149] = https://curl.se/bug/?i=18775 - [150] = https://curl.se/bug/?i=18510 - [151] = https://curl.se/bug/?i=18774 - [152] = https://curl.se/bug/?i=18762 - [153] = https://curl.se/bug/?i=18811 - [154] = https://curl.se/bug/?i=18817 - [155] = https://curl.se/bug/?i=18815 - [156] = https://curl.se/bug/?i=18893 - [157] = https://curl.se/bug/?i=18806 - [158] = https://curl.se/bug/?i=18980 - [159] = https://curl.se/bug/?i=18924 - [160] = https://curl.se/bug/?i=18810 - [161] = https://curl.se/bug/?i=18749 - [162] = https://curl.se/bug/?i=18808 - [163] = https://curl.se/bug/?i=18747 - [164] = https://curl.se/bug/?i=18744 - [165] = https://curl.se/bug/?i=18662 - [166] = https://curl.se/bug/?i=18891 - [167] = https://curl.se/bug/?i=18804 - [168] = https://curl.se/bug/?i=18803 - [169] = https://curl.se/bug/?i=18805 - [170] = https://curl.se/bug/?i=18807 - [171] = https://curl.se/bug/?i=18801 - [172] = https://curl.se/bug/?i=18800 - [173] = https://curl.se/bug/?i=18799 - [174] = https://curl.se/bug/?i=18889 - [175] = https://curl.se/bug/?i=18887 - [176] = https://curl.se/bug/?i=18780 - [177] = https://curl.se/bug/?i=18787 - [178] = https://curl.se/bug/?i=18790 - [179] = https://curl.se/bug/?i=18793 - [180] = https://curl.se/bug/?i=18886 - [181] = https://curl.se/bug/?i=18884 - [183] = https://curl.se/bug/?i=18921 - [184] = https://curl.se/bug/?i=18878 - [185] = https://curl.se/bug/?i=18875 - [186] = https://curl.se/bug/?i=18874 - [187] = https://curl.se/bug/?i=18979 - [188] = https://curl.se/bug/?i=18940 - [189] = https://curl.se/bug/?i=18932 - [190] = https://curl.se/bug/?i=18976 - [191] = https://curl.se/bug/?i=18888 - [192] = https://curl.se/bug/?i=18873 - [193] = https://curl.se/bug/?i=18871 - [194] = https://curl.se/bug/?i=18870 - [195] = https://curl.se/bug/?i=18869 - [196] = https://curl.se/bug/?i=18867 - [197] = https://curl.se/bug/?i=18882 - [198] = https://curl.se/bug/?i=18862 - [199] = https://curl.se/bug/?i=18877 - [200] = https://curl.se/bug/?i=18865 - [201] = https://curl.se/bug/?i=18864 - [202] = https://curl.se/bug/?i=18863 - [203] = https://curl.se/bug/?i=18975 - [204] = https://curl.se/bug/?i=18859 - [205] = https://curl.se/bug/?i=18880 - [206] = https://curl.se/bug/?i=18868 - [207] = https://curl.se/bug/?i=18872 - [208] = https://curl.se/bug/?i=18972 - [209] = https://curl.se/bug/?i=19043 - [210] = https://curl.se/bug/?i=18035 - [211] = https://curl.se/bug/?i=18860 - [212] = https://curl.se/bug/?i=18858 - [213] = https://curl.se/bug/?i=18855 - [214] = https://curl.se/bug/?i=18857 - [215] = https://curl.se/bug/?i=18927 - [216] = https://curl.se/bug/?i=18852 - [217] = https://curl.se/bug/?i=18851 - [218] = https://curl.se/bug/?i=18850 - [219] = https://curl.se/bug/?i=18922 - [220] = https://curl.se/bug/?i=18845 - [221] = https://curl.se/bug/?i=18838 - [222] = https://curl.se/bug/?i=18904 - [223] = https://curl.se/bug/?i=18843 - [224] = https://curl.se/bug/?i=18842 - [225] = https://curl.se/bug/?i=18841 - [226] = https://curl.se/bug/?i=18839 - [227] = https://curl.se/bug/?i=18904 - [228] = https://curl.se/bug/?i=18823 - [229] = https://curl.se/bug/?i=18836 - [230] = https://curl.se/bug/?i=18902 - [231] = https://curl.se/bug/?i=18835 - [232] = https://curl.se/bug/?i=18918 - [233] = https://curl.se/bug/?i=19015 - [234] = https://curl.se/bug/?i=18828 - [235] = https://curl.se/bug/?i=18909 - [236] = https://curl.se/bug/?i=18905 - [237] = https://curl.se/bug/?i=18907 - [238] = https://curl.se/bug/?i=18829 - [239] = https://curl.se/bug/?i=18812 - [240] = https://curl.se/bug/?i=18703 - [241] = https://curl.se/bug/?i=18966 - [242] = https://curl.se/bug/?i=18961 - [243] = https://curl.se/bug/?i=18914 - [244] = https://curl.se/bug/?i=19013 - [245] = https://curl.se/bug/?i=18911 - [246] = https://curl.se/bug/?i=18883 - [247] = https://curl.se/bug/?i=18908 - [248] = https://curl.se/bug/?i=18903 - [249] = https://curl.se/bug/?i=18903 - [250] = https://curl.se/bug/?i=18432 - [251] = https://curl.se/bug/?i=18881 - [252] = https://curl.se/bug/?i=18890 - [253] = https://curl.se/bug/?i=19012 - [254] = https://curl.se/bug/?i=18967 - [255] = https://curl.se/bug/?i=18969 - [256] = https://curl.se/bug/?i=18953 - [257] = https://curl.se/bug/?i=18959 - [258] = https://hackerone.com/reports/3373640 - [259] = https://curl.se/bug/?i=18933 - [260] = https://curl.se/bug/?i=18931 - [261] = https://curl.se/bug/?i=18930 - [262] = https://curl.se/bug/?i=18952 - [263] = https://curl.se/bug/?i=18952 - [264] = https://curl.se/bug/?i=18937 - [265] = https://curl.se/bug/?i=18936 - [266] = https://curl.se/bug/?i=18934 - [267] = https://curl.se/bug/?i=18928 - [268] = https://curl.se/bug/?i=18957 - [269] = https://curl.se/bug/?i=18951 - [270] = https://curl.se/bug/?i=18999 - [271] = https://curl.se/bug/?i=18998 - [272] = https://curl.se/bug/?i=18995 - [273] = https://curl.se/bug/?i=18968 - [274] = https://curl.se/bug/?i=18965 - [275] = https://curl.se/bug/?i=18964 - [276] = https://curl.se/bug/?i=18938 - [277] = https://curl.se/bug/?i=18994 - [278] = https://curl.se/bug/?i=18993 - [279] = https://curl.se/bug/?i=18992 - [280] = https://curl.se/bug/?i=18973 - [281] = https://curl.se/bug/?i=19044 - [282] = https://curl.se/bug/?i=18990 - [283] = https://curl.se/bug/?i=18989 - [284] = https://curl.se/bug/?i=18988 - [285] = https://curl.se/bug/?i=18978 - [286] = https://curl.se/bug/?i=18986 - [287] = https://curl.se/bug/?i=18985 - [288] = https://curl.se/bug/?i=18984 - [289] = https://curl.se/bug/?i=19079 - [290] = https://curl.se/bug/?i=19042 - [291] = https://curl.se/bug/?i=19040 - [292] = https://curl.se/bug/?i=19039 - [293] = https://curl.se/bug/?i=19029 - [294] = https://curl.se/bug/?i=19035 - [295] = https://curl.se/bug/?i=19072 - [296] = https://curl.se/bug/?i=19033 - [297] = https://curl.se/bug/?i=19032 - [298] = https://curl.se/bug/?i=19031 - [299] = https://curl.se/bug/?i=19030 - [300] = https://curl.se/bug/?i=19025 - [301] = https://curl.se/bug/?i=19006 - [302] = https://curl.se/bug/?i=19004 - [303] = https://curl.se/bug/?i=19003 - [304] = https://curl.se/bug/?i=19027 - [305] = https://curl.se/bug/?i=19026 - [306] = https://curl.se/bug/?i=19014 - [307] = https://curl.se/bug/?i=18996 - [308] = https://curl.se/bug/?i=19071 - [309] = https://curl.se/bug/?i=19059 - [310] = https://curl.se/bug/?i=18926 - [311] = https://curl.se/bug/?i=19060 - [312] = https://curl.se/bug/?i=19070 - [313] = https://curl.se/bug/?i=19069 - [314] = https://curl.se/bug/?i=19110 - [315] = https://curl.se/bug/?i=19065 - [316] = https://curl.se/bug/?i=19017 - [317] = https://curl.se/bug/?i=16143 - [318] = https://curl.se/bug/?i=19055 - [319] = https://curl.se/bug/?i=19151 - [320] = https://curl.se/mail/lib-2025-10/0018.html - [321] = https://curl.se/bug/?i=19053 - [322] = https://curl.se/bug/?i=19052 - [323] = https://curl.se/bug/?i=19051 - [324] = https://curl.se/bug/?i=19048 - [325] = https://curl.se/bug/?i=19106 - [326] = https://curl.se/bug/?i=19064 - [327] = https://curl.se/bug/?i=19147 - [328] = https://curl.se/bug/?i=19104 - [329] = https://curl.se/bug/?i=19143 - [330] = https://curl.se/bug/?i=19101 - [331] = https://curl.se/bug/?i=19046 - [332] = https://curl.se/bug/?i=19102 - [333] = https://curl.se/bug/?i=19205 - [334] = https://curl.se/bug/?i=19100 - [335] = https://curl.se/bug/?i=19125 - [336] = https://curl.se/bug/?i=19145 - [337] = https://curl.se/bug/?i=19097 - [338] = https://curl.se/bug/?i=19184 - [339] = https://curl.se/bug/?i=19091 - [340] = https://curl.se/bug/?i=19093 - [341] = https://curl.se/bug/?i=19149 - [342] = https://curl.se/bug/?i=19094 - [343] = https://curl.se/bug/?i=19095 - [344] = https://curl.se/bug/?i=19077 - [345] = https://curl.se/bug/?i=19089 - [346] = https://curl.se/bug/?i=19088 - [347] = https://issues.oss-fuzz.com/issues/432441303 - [348] = https://curl.se/bug/?i=19086 - [349] = https://curl.se/bug/?i=19076 - [350] = https://curl.se/bug/?i=19293 - [351] = https://curl.se/bug/?i=19141 - [352] = https://curl.se/bug/?i=19265 - [353] = https://curl.se/bug/?i=19073 - [354] = https://curl.se/bug/?i=19078 - [355] = https://curl.se/bug/?i=19135 - [356] = https://curl.se/bug/?i=19267 - [357] = https://curl.se/bug/?i=19136 - [358] = https://curl.se/bug/?i=19133 - [359] = https://curl.se/bug/?i=19139 - [360] = https://curl.se/bug/?i=19179 - [361] = https://curl.se/bug/?i=19126 - [362] = https://curl.se/bug/?i=19132 - [363] = https://curl.se/bug/?i=19118 - [364] = https://curl.se/bug/?i=19157 - [365] = https://curl.se/bug/?i=19112 - [366] = https://curl.se/bug/?i=19124 - [367] = https://curl.se/bug/?i=19115 - [368] = https://curl.se/bug/?i=19120 - [369] = https://curl.se/bug/?i=19119 - [370] = https://curl.se/bug/?i=19122 - [371] = https://curl.se/bug/?i=19123 - [372] = https://curl.se/bug/?i=19116 - [373] = https://curl.se/bug/?i=19114 - [374] = https://curl.se/bug/?i=19113 - [375] = https://curl.se/bug/?i=18848 - [376] = https://curl.se/bug/?i=19111 - [377] = https://curl.se/bug/?i=19176 - [378] = https://curl.se/bug/?i=19169 - [379] = https://curl.se/bug/?i=19163 - [380] = https://curl.se/bug/?i=19168 - [381] = https://curl.se/bug/?i=9328 - [382] = https://curl.se/bug/?i=19170 - [383] = https://curl.se/bug/?i=19226 - [384] = https://curl.se/bug/?i=19225 - [385] = https://curl.se/bug/?i=19222 - [386] = https://curl.se/bug/?i=19018 - [387] = https://curl.se/bug/?i=19224 - [388] = https://curl.se/bug/?i=19161 - [389] = https://curl.se/bug/?i=19160 - [390] = https://curl.se/bug/?i=19137 - [391] = https://curl.se/bug/?i=19223 - [392] = https://curl.se/bug/?i=19266 - [393] = https://curl.se/bug/?i=19130 - [394] = https://curl.se/bug/?i=19153 - [395] = https://curl.se/bug/?i=19346 - [396] = https://curl.se/bug/?i=19259 - [397] = https://curl.se/bug/?i=19258 - [398] = https://curl.se/bug/?i=19252 - [399] = https://curl.se/bug/?i=19206 - [400] = https://curl.se/bug/?i=19208 - [401] = https://curl.se/bug/?i=19345 - [402] = https://curl.se/bug/?i=19211 - [403] = https://curl.se/bug/?i=19213 - [404] = https://curl.se/bug/?i=18991 - [405] = https://curl.se/bug/?i=19255 - [406] = https://curl.se/bug/?i=19202 - [407] = https://curl.se/bug/?i=19200 - [408] = https://curl.se/bug/?i=19201 - [409] = https://curl.se/bug/?i=19199 - [410] = https://curl.se/bug/?i=18798 - [411] = https://curl.se/bug/?i=19165 - [412] = https://curl.se/bug/?i=19198 - [413] = https://curl.se/bug/?i=19196 - [414] = https://curl.se/bug/?i=19195 - [415] = https://issues.oss-fuzz.com/issues/435278402 - [416] = https://curl.se/bug/?i=19194 - [417] = https://curl.se/bug/?i=19192 - [418] = https://curl.se/bug/?i=19191 - [419] = https://curl.se/bug/?i=19190 - [420] = https://curl.se/bug/?i=19188 - [421] = https://curl.se/bug/?i=19186 - [422] = https://curl.se/bug/?i=19187 - [423] = https://curl.se/bug/?i=19185 - [424] = https://curl.se/bug/?i=19227 - [425] = https://curl.se/bug/?i=19247 - [426] = https://curl.se/bug/?i=19292 - [427] = https://curl.se/bug/?i=19228 - [428] = https://curl.se/bug/?i=19291 - [429] = https://curl.se/bug/?i=19167 - [430] = https://curl.se/bug/?i=19237 - [431] = https://curl.se/bug/?i=19353 - [432] = https://curl.se/bug/?i=19288 - [433] = https://curl.se/bug/?i=19323 - [434] = https://curl.se/bug/?i=19310 - [435] = https://curl.se/bug/?i=19301 - [436] = https://curl.se/bug/?i=19344 - [437] = https://curl.se/bug/?i=19343 - [438] = https://curl.se/bug/?i=19271 - [439] = https://curl.se/bug/?i=19278 - [440] = https://curl.se/bug/?i=19229 - [441] = https://curl.se/bug/?i=18847 - [442] = https://curl.se/bug/?i=19276 - [443] = https://curl.se/bug/?i=19275 - [444] = https://curl.se/bug/?i=19274 - [445] = https://curl.se/bug/?i=19240 - [446] = https://curl.se/bug/?i=19109 - [447] = https://curl.se/bug/?i=19340 - [448] = https://curl.se/bug/?i=18983 - [449] = https://curl.se/bug/?i=19148 - [450] = https://curl.se/bug/?i=19304 - [451] = https://curl.se/bug/?i=19306 - [452] = https://curl.se/bug/?i=19334 - [453] = https://curl.se/bug/?i=19358 - [454] = https://curl.se/bug/?i=19312 - [455] = https://curl.se/bug/?i=19309 - [456] = https://curl.se/bug/?i=19362 - [457] = https://curl.se/bug/?i=19351 - [458] = https://curl.se/bug/?i=19360 + [2] = https://curl.se/bug/?i=19366 + [3] = https://curl.se/bug/?i=19370 + [4] = https://curl.se/bug/?i=19371 diff --git a/docs/THANKS-filter b/docs/THANKS-filter index 2adf52c9e8..501b649f76 100644 --- a/docs/THANKS-filter +++ b/docs/THANKS-filter @@ -160,4 +160,4 @@ s/jethrogb$/jethrogb on github/ s/on github/on github/i s/Maksim Sciepanienka/Maksim Ściepanienka/ s/Qriist.*/Qriist on github/ -s/Viktor Szakatas/Viktor Szakats +s/Viktor Szakatas/Viktor Szakats/ diff --git a/include/curl/curlver.h b/include/curl/curlver.h index 19b2bf8752..8977d9eb41 100644 --- a/include/curl/curlver.h +++ b/include/curl/curlver.h @@ -32,13 +32,13 @@ /* This is the version number of the libcurl package from which this header file origins: */ -#define LIBCURL_VERSION "8.17.0-DEV" +#define LIBCURL_VERSION "8.17.1-DEV" /* The numeric version number is also available "in parts" by using these defines: */ #define LIBCURL_VERSION_MAJOR 8 #define LIBCURL_VERSION_MINOR 17 -#define LIBCURL_VERSION_PATCH 0 +#define LIBCURL_VERSION_PATCH 1 /* This is the numeric version of the libcurl version number, meant for easier parsing and comparisons by programs. The LIBCURL_VERSION_NUM define will always follow this syntax: @@ -58,7 +58,7 @@ CURL_VERSION_BITS() macro since curl's own configure script greps for it and needs it to contain the full number. */ -#define LIBCURL_VERSION_NUM 0x081100 +#define LIBCURL_VERSION_NUM 0x081101 /* * This is the date and time when the full source package was created. The From a8bef390360518d6e89e17d975ac0210cb3b9a8c Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 4 Nov 2025 10:17:28 +0100 Subject: [PATCH 0709/2408] openssl: remove code handling default version Since it is no longer actually kept as default internally, that's just dead code. Follow-up to 9d8998c99408e1adf8eba629fad9f Closes #19354 --- lib/vtls/openssl.c | 18 ++++-------------- 1 file changed, 4 insertions(+), 14 deletions(-) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 764d829325..87b00cc252 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -2904,6 +2904,8 @@ ossl_set_ssl_version_min_max(struct Curl_cfilter *cf, SSL_CTX *ctx, long ossl_ssl_version_min = 0; long ossl_ssl_version_max = 0; #endif + /* it cannot be default here */ + DEBUGASSERT(curl_ssl_version_min != CURL_SSLVERSION_DEFAULT); switch(curl_ssl_version_min) { case CURL_SSLVERSION_TLSv1: /* TLS 1.x */ case CURL_SSLVERSION_TLSv1_0: @@ -2924,18 +2926,6 @@ ossl_set_ssl_version_min_max(struct Curl_cfilter *cf, SSL_CTX *ctx, #endif } - /* CURL_SSLVERSION_DEFAULT means that no option was selected. - We do not want to pass 0 to SSL_CTX_set_min_proto_version as - it would enable all versions down to the lowest supported by - the library. - So we skip this, and stay with the library default - */ - if(curl_ssl_version_min != CURL_SSLVERSION_DEFAULT) { - if(!SSL_CTX_set_min_proto_version(ctx, ossl_ssl_version_min)) { - return CURLE_SSL_CONNECT_ERROR; - } - } - /* ... then, TLS max version */ curl_ssl_version_max = (long)conn_config->version_max; @@ -2965,9 +2955,9 @@ ossl_set_ssl_version_min_max(struct Curl_cfilter *cf, SSL_CTX *ctx, break; } - if(!SSL_CTX_set_max_proto_version(ctx, ossl_ssl_version_max)) { + if(!SSL_CTX_set_min_proto_version(ctx, ossl_ssl_version_min) || + !SSL_CTX_set_max_proto_version(ctx, ossl_ssl_version_max)) return CURLE_SSL_CONNECT_ERROR; - } return CURLE_OK; } From c12a1fdd0e8151e2d36fb695ea96959c2aa85f07 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 5 Nov 2025 14:30:41 +0100 Subject: [PATCH 0710/2408] tests: remove trailing spaces in server responses Allows us to drop lots of %spc% from test cases making them easier on the eye. Closes #19374 --- tests/data/test1349 | 8 ++++---- tests/data/test1350 | 8 ++++---- tests/data/test1351 | 8 ++++---- tests/data/test1352 | 8 ++++---- tests/data/test1353 | 8 ++++---- tests/data/test1354 | 8 ++++---- tests/data/test1357 | 8 ++++---- tests/data/test1358 | 8 ++++---- tests/data/test1359 | 8 ++++---- tests/data/test1360 | 8 ++++---- tests/data/test1361 | 8 ++++---- tests/data/test1362 | 8 ++++---- tests/data/test1379 | 8 ++++---- tests/data/test1380 | 8 ++++---- tests/data/test1381 | 8 ++++---- tests/data/test1382 | 8 ++++---- tests/data/test1383 | 8 ++++---- tests/data/test1384 | 8 ++++---- tests/data/test1387 | 8 ++++---- tests/data/test1388 | 8 ++++---- tests/data/test1389 | 8 ++++---- tests/data/test1390 | 8 ++++---- tests/data/test1391 | 8 ++++---- tests/data/test1392 | 8 ++++---- tests/data/test897 | 8 ++++---- tests/ftpserver.pl | 32 ++++++++++++++++---------------- 26 files changed, 116 insertions(+), 116 deletions(-) diff --git a/tests/data/test1349 b/tests/data/test1349 index da34bcf87c..faf1260c28 100644 --- a/tests/data/test1349 +++ b/tests/data/test1349 @@ -49,10 +49,10 @@ mooo # The final "221 bye bye baby" response to QUIT will not be recorded # since that is not considered part of this particular transfer! -220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% -220- ___| | | | _ \| |%spc%%spc%%spc%%spc% -220- / __| | | | |_) | |%spc%%spc%%spc%%spc% -220- | (__| |_| | _ {| |___%spc% +220- _ _ ____ _ +220- ___| | | | _ \| | +220- / __| | | | |_) | | +220- | (__| |_| | _ {| |___ 220 \___|\___/|_| \_\_____| 331 We are happy you popped in! 230 Welcome you silly person diff --git a/tests/data/test1350 b/tests/data/test1350 index a795a0bd32..9fd7f89785 100644 --- a/tests/data/test1350 +++ b/tests/data/test1350 @@ -49,10 +49,10 @@ mooo # The final "221 bye bye baby" response to QUIT will not be recorded # since that is not considered part of this particular transfer! -220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% -220- ___| | | | _ \| |%spc%%spc%%spc%%spc% -220- / __| | | | |_) | |%spc%%spc%%spc%%spc% -220- | (__| |_| | _ {| |___%spc% +220- _ _ ____ _ +220- ___| | | | _ \| | +220- / __| | | | |_) | | +220- | (__| |_| | _ {| |___ 220 \___|\___/|_| \_\_____| 331 We are happy you popped in! 230 Welcome you silly person diff --git a/tests/data/test1351 b/tests/data/test1351 index 99625533ec..139537e378 100644 --- a/tests/data/test1351 +++ b/tests/data/test1351 @@ -50,10 +50,10 @@ mooo # The final "221 bye bye baby" response to QUIT will not be recorded # since that is not considered part of this particular transfer! -220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% -220- ___| | | | _ \| |%spc%%spc%%spc%%spc% -220- / __| | | | |_) | |%spc%%spc%%spc%%spc% -220- | (__| |_| | _ {| |___%spc% +220- _ _ ____ _ +220- ___| | | | _ \| | +220- / __| | | | |_) | | +220- | (__| |_| | _ {| |___ 220 \___|\___/|_| \_\_____| 331 We are happy you popped in! 230 Welcome you silly person diff --git a/tests/data/test1352 b/tests/data/test1352 index 0d48522dd6..cba83dc664 100644 --- a/tests/data/test1352 +++ b/tests/data/test1352 @@ -50,10 +50,10 @@ mooo # The final "221 bye bye baby" response to QUIT will not be recorded # since that is not considered part of this particular transfer! -220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% -220- ___| | | | _ \| |%spc%%spc%%spc%%spc% -220- / __| | | | |_) | |%spc%%spc%%spc%%spc% -220- | (__| |_| | _ {| |___%spc% +220- _ _ ____ _ +220- ___| | | | _ \| | +220- / __| | | | |_) | | +220- | (__| |_| | _ {| |___ 220 \___|\___/|_| \_\_____| 331 We are happy you popped in! 230 Welcome you silly person diff --git a/tests/data/test1353 b/tests/data/test1353 index d8ad1c7760..d454b02501 100644 --- a/tests/data/test1353 +++ b/tests/data/test1353 @@ -49,10 +49,10 @@ mooo # The final "221 bye bye baby" response to QUIT will not be recorded # since that is not considered part of this particular transfer! -220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% -220- ___| | | | _ \| |%spc%%spc%%spc%%spc% -220- / __| | | | |_) | |%spc%%spc%%spc%%spc% -220- | (__| |_| | _ {| |___%spc% +220- _ _ ____ _ +220- ___| | | | _ \| | +220- / __| | | | |_) | | +220- | (__| |_| | _ {| |___ 220 \___|\___/|_| \_\_____| 331 We are happy you popped in! 230 Welcome you silly person diff --git a/tests/data/test1354 b/tests/data/test1354 index cde07f4605..94cc344533 100644 --- a/tests/data/test1354 +++ b/tests/data/test1354 @@ -47,10 +47,10 @@ mooo -220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% -220- ___| | | | _ \| |%spc%%spc%%spc%%spc% -220- / __| | | | |_) | |%spc%%spc%%spc%%spc% -220- | (__| |_| | _ {| |___%spc% +220- _ _ ____ _ +220- ___| | | | _ \| | +220- / __| | | | |_) | | +220- | (__| |_| | _ {| |___ 220 \___|\___/|_| \_\_____| 331 We are happy you popped in! 230 Welcome you silly person diff --git a/tests/data/test1357 b/tests/data/test1357 index e81c5b46ad..a83605b887 100644 --- a/tests/data/test1357 +++ b/tests/data/test1357 @@ -62,10 +62,10 @@ MOOOO -220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% -220- ___| | | | _ \| |%spc%%spc%%spc%%spc% -220- / __| | | | |_) | |%spc%%spc%%spc%%spc% -220- | (__| |_| | _ {| |___%spc% +220- _ _ ____ _ +220- ___| | | | _ \| | +220- / __| | | | |_) | | +220- | (__| |_| | _ {| |___ 220 \___|\___/|_| \_\_____| 331 We are happy you popped in! 230 Welcome you silly person diff --git a/tests/data/test1358 b/tests/data/test1358 index 1bb1053cf9..f5bda613be 100644 --- a/tests/data/test1358 +++ b/tests/data/test1358 @@ -62,10 +62,10 @@ MOOOO -220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% -220- ___| | | | _ \| |%spc%%spc%%spc%%spc% -220- / __| | | | |_) | |%spc%%spc%%spc%%spc% -220- | (__| |_| | _ {| |___%spc% +220- _ _ ____ _ +220- ___| | | | _ \| | +220- / __| | | | |_) | | +220- | (__| |_| | _ {| |___ 220 \___|\___/|_| \_\_____| 331 We are happy you popped in! 230 Welcome you silly person diff --git a/tests/data/test1359 b/tests/data/test1359 index 5747206552..a4c98addd5 100644 --- a/tests/data/test1359 +++ b/tests/data/test1359 @@ -63,10 +63,10 @@ MOOOO -220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% -220- ___| | | | _ \| |%spc%%spc%%spc%%spc% -220- / __| | | | |_) | |%spc%%spc%%spc%%spc% -220- | (__| |_| | _ {| |___%spc% +220- _ _ ____ _ +220- ___| | | | _ \| | +220- / __| | | | |_) | | +220- | (__| |_| | _ {| |___ 220 \___|\___/|_| \_\_____| 331 We are happy you popped in! 230 Welcome you silly person diff --git a/tests/data/test1360 b/tests/data/test1360 index acd4f8f6c3..d2108ef7a6 100644 --- a/tests/data/test1360 +++ b/tests/data/test1360 @@ -63,10 +63,10 @@ MOOOO -220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% -220- ___| | | | _ \| |%spc%%spc%%spc%%spc% -220- / __| | | | |_) | |%spc%%spc%%spc%%spc% -220- | (__| |_| | _ {| |___%spc% +220- _ _ ____ _ +220- ___| | | | _ \| | +220- / __| | | | |_) | | +220- | (__| |_| | _ {| |___ 220 \___|\___/|_| \_\_____| 331 We are happy you popped in! 230 Welcome you silly person diff --git a/tests/data/test1361 b/tests/data/test1361 index 390366817c..242162c8ee 100644 --- a/tests/data/test1361 +++ b/tests/data/test1361 @@ -62,10 +62,10 @@ MOOOO -220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% -220- ___| | | | _ \| |%spc%%spc%%spc%%spc% -220- / __| | | | |_) | |%spc%%spc%%spc%%spc% -220- | (__| |_| | _ {| |___%spc% +220- _ _ ____ _ +220- ___| | | | _ \| | +220- / __| | | | |_) | | +220- | (__| |_| | _ {| |___ 220 \___|\___/|_| \_\_____| 331 We are happy you popped in! 230 Welcome you silly person diff --git a/tests/data/test1362 b/tests/data/test1362 index f4ea691756..6695b740e5 100644 --- a/tests/data/test1362 +++ b/tests/data/test1362 @@ -62,10 +62,10 @@ MOOOO -220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% -220- ___| | | | _ \| |%spc%%spc%%spc%%spc% -220- / __| | | | |_) | |%spc%%spc%%spc%%spc% -220- | (__| |_| | _ {| |___%spc% +220- _ _ ____ _ +220- ___| | | | _ \| | +220- / __| | | | |_) | | +220- | (__| |_| | _ {| |___ 220 \___|\___/|_| \_\_____| 331 We are happy you popped in! 230 Welcome you silly person diff --git a/tests/data/test1379 b/tests/data/test1379 index f938ba659e..6630161e56 100644 --- a/tests/data/test1379 +++ b/tests/data/test1379 @@ -47,10 +47,10 @@ mooo -220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% -220- ___| | | | _ \| |%spc%%spc%%spc%%spc% -220- / __| | | | |_) | |%spc%%spc%%spc%%spc% -220- | (__| |_| | _ {| |___%spc% +220- _ _ ____ _ +220- ___| | | | _ \| | +220- / __| | | | |_) | | +220- | (__| |_| | _ {| |___ 220 \___|\___/|_| \_\_____| 331 We are happy you popped in! 230 Welcome you silly person diff --git a/tests/data/test1380 b/tests/data/test1380 index d6dc739d82..b4f5dccd87 100644 --- a/tests/data/test1380 +++ b/tests/data/test1380 @@ -47,10 +47,10 @@ mooo -220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% -220- ___| | | | _ \| |%spc%%spc%%spc%%spc% -220- / __| | | | |_) | |%spc%%spc%%spc%%spc% -220- | (__| |_| | _ {| |___%spc% +220- _ _ ____ _ +220- ___| | | | _ \| | +220- / __| | | | |_) | | +220- | (__| |_| | _ {| |___ 220 \___|\___/|_| \_\_____| 331 We are happy you popped in! 230 Welcome you silly person diff --git a/tests/data/test1381 b/tests/data/test1381 index 520d0a066b..cf635ffe46 100644 --- a/tests/data/test1381 +++ b/tests/data/test1381 @@ -48,10 +48,10 @@ mooo -220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% -220- ___| | | | _ \| |%spc%%spc%%spc%%spc% -220- / __| | | | |_) | |%spc%%spc%%spc%%spc% -220- | (__| |_| | _ {| |___%spc% +220- _ _ ____ _ +220- ___| | | | _ \| | +220- / __| | | | |_) | | +220- | (__| |_| | _ {| |___ 220 \___|\___/|_| \_\_____| 331 We are happy you popped in! 230 Welcome you silly person diff --git a/tests/data/test1382 b/tests/data/test1382 index c9f53dd065..8c270ad7ae 100644 --- a/tests/data/test1382 +++ b/tests/data/test1382 @@ -48,10 +48,10 @@ mooo -220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% -220- ___| | | | _ \| |%spc%%spc%%spc%%spc% -220- / __| | | | |_) | |%spc%%spc%%spc%%spc% -220- | (__| |_| | _ {| |___%spc% +220- _ _ ____ _ +220- ___| | | | _ \| | +220- / __| | | | |_) | | +220- | (__| |_| | _ {| |___ 220 \___|\___/|_| \_\_____| 331 We are happy you popped in! 230 Welcome you silly person diff --git a/tests/data/test1383 b/tests/data/test1383 index 24e339d978..319b6ca7d2 100644 --- a/tests/data/test1383 +++ b/tests/data/test1383 @@ -47,10 +47,10 @@ mooo -220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% -220- ___| | | | _ \| |%spc%%spc%%spc%%spc% -220- / __| | | | |_) | |%spc%%spc%%spc%%spc% -220- | (__| |_| | _ {| |___%spc% +220- _ _ ____ _ +220- ___| | | | _ \| | +220- / __| | | | |_) | | +220- | (__| |_| | _ {| |___ 220 \___|\___/|_| \_\_____| 331 We are happy you popped in! 230 Welcome you silly person diff --git a/tests/data/test1384 b/tests/data/test1384 index 490d9a5e8b..a36a11eee7 100644 --- a/tests/data/test1384 +++ b/tests/data/test1384 @@ -47,10 +47,10 @@ mooo -220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% -220- ___| | | | _ \| |%spc%%spc%%spc%%spc% -220- / __| | | | |_) | |%spc%%spc%%spc%%spc% -220- | (__| |_| | _ {| |___%spc% +220- _ _ ____ _ +220- ___| | | | _ \| | +220- / __| | | | |_) | | +220- | (__| |_| | _ {| |___ 220 \___|\___/|_| \_\_____| 331 We are happy you popped in! 230 Welcome you silly person diff --git a/tests/data/test1387 b/tests/data/test1387 index 4002c28e01..dc28f4ccd5 100644 --- a/tests/data/test1387 +++ b/tests/data/test1387 @@ -62,10 +62,10 @@ MOOOO -220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% -220- ___| | | | _ \| |%spc%%spc%%spc%%spc% -220- / __| | | | |_) | |%spc%%spc%%spc%%spc% -220- | (__| |_| | _ {| |___%spc% +220- _ _ ____ _ +220- ___| | | | _ \| | +220- / __| | | | |_) | | +220- | (__| |_| | _ {| |___ 220 \___|\___/|_| \_\_____| 331 We are happy you popped in! 230 Welcome you silly person diff --git a/tests/data/test1388 b/tests/data/test1388 index 21491ab40f..3706fe1434 100644 --- a/tests/data/test1388 +++ b/tests/data/test1388 @@ -62,10 +62,10 @@ MOOOO -220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% -220- ___| | | | _ \| |%spc%%spc%%spc%%spc% -220- / __| | | | |_) | |%spc%%spc%%spc%%spc% -220- | (__| |_| | _ {| |___%spc% +220- _ _ ____ _ +220- ___| | | | _ \| | +220- / __| | | | |_) | | +220- | (__| |_| | _ {| |___ 220 \___|\___/|_| \_\_____| 331 We are happy you popped in! 230 Welcome you silly person diff --git a/tests/data/test1389 b/tests/data/test1389 index 2f247d45dc..e9566cca84 100644 --- a/tests/data/test1389 +++ b/tests/data/test1389 @@ -63,10 +63,10 @@ MOOOO -220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% -220- ___| | | | _ \| |%spc%%spc%%spc%%spc% -220- / __| | | | |_) | |%spc%%spc%%spc%%spc% -220- | (__| |_| | _ {| |___%spc% +220- _ _ ____ _ +220- ___| | | | _ \| | +220- / __| | | | |_) | | +220- | (__| |_| | _ {| |___ 220 \___|\___/|_| \_\_____| 331 We are happy you popped in! 230 Welcome you silly person diff --git a/tests/data/test1390 b/tests/data/test1390 index 9c180b65a6..0a3cdce568 100644 --- a/tests/data/test1390 +++ b/tests/data/test1390 @@ -63,10 +63,10 @@ MOOOO -220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% -220- ___| | | | _ \| |%spc%%spc%%spc%%spc% -220- / __| | | | |_) | |%spc%%spc%%spc%%spc% -220- | (__| |_| | _ {| |___%spc% +220- _ _ ____ _ +220- ___| | | | _ \| | +220- / __| | | | |_) | | +220- | (__| |_| | _ {| |___ 220 \___|\___/|_| \_\_____| 331 We are happy you popped in! 230 Welcome you silly person diff --git a/tests/data/test1391 b/tests/data/test1391 index f29e028592..daa22eabc6 100644 --- a/tests/data/test1391 +++ b/tests/data/test1391 @@ -62,10 +62,10 @@ MOOOO -220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% -220- ___| | | | _ \| |%spc%%spc%%spc%%spc% -220- / __| | | | |_) | |%spc%%spc%%spc%%spc% -220- | (__| |_| | _ {| |___%spc% +220- _ _ ____ _ +220- ___| | | | _ \| | +220- / __| | | | |_) | | +220- | (__| |_| | _ {| |___ 220 \___|\___/|_| \_\_____| 331 We are happy you popped in! 230 Welcome you silly person diff --git a/tests/data/test1392 b/tests/data/test1392 index 598facd156..6678c67000 100644 --- a/tests/data/test1392 +++ b/tests/data/test1392 @@ -62,10 +62,10 @@ MOOOO -220- _ _ ____ _%spc%%spc%%spc%%spc%%spc% -220- ___| | | | _ \| |%spc%%spc%%spc%%spc% -220- / __| | | | |_) | |%spc%%spc%%spc%%spc% -220- | (__| |_| | _ {| |___%spc% +220- _ _ ____ _ +220- ___| | | | _ \| | +220- / __| | | | |_) | | +220- | (__| |_| | _ {| |___ 220 \___|\___/|_| \_\_____| 331 We are happy you popped in! 230 Welcome you silly person diff --git a/tests/data/test897 b/tests/data/test897 index e7119cf34d..acf1cd5fe4 100644 --- a/tests/data/test897 +++ b/tests/data/test897 @@ -46,10 +46,10 @@ A004 FETCH 123 BODY[1] A005 LOGOUT - _ _ ____ _%spc%%spc%%spc%%spc%%spc% - ___| | | | _ \| |%spc%%spc%%spc%%spc% - / __| | | | |_) | |%spc%%spc%%spc%%spc% - | (__| |_| | _ {| |___%spc% + _ _ ____ _ + ___| | | | _ \| | + / __| | | | |_) | | + | (__| |_| | _ {| |___ \___|\___/|_| \_\_____| * OK curl IMAP server ready to serve A001 BAD Command diff --git a/tests/ftpserver.pl b/tests/ftpserver.pl index f70fa0d0ee..cd725fccfd 100755 --- a/tests/ftpserver.pl +++ b/tests/ftpserver.pl @@ -573,10 +573,10 @@ sub protocolsetup { 'PBSZ' => '500 PBSZ not implemented', 'PROT' => '500 PROT not implemented', 'welcome' => join("", - '220- _ _ ____ _ '."\r\n", - '220- ___| | | | _ \| | '."\r\n", - '220- / __| | | | |_) | | '."\r\n", - '220- | (__| |_| | _ {| |___ '."\r\n", + '220- _ _ ____ _'."\r\n", + '220- ___| | | | _ \| |'."\r\n", + '220- / __| | | | |_) | |'."\r\n", + '220- | (__| |_| | _ {| |___'."\r\n", '220 \___|\___/|_| \_\_____|'."\r\n") ); } @@ -599,10 +599,10 @@ sub protocolsetup { ); %displaytext = ( 'welcome' => join("", - ' _ _ ____ _ '."\r\n", - ' ___| | | | _ \| | '."\r\n", - ' / __| | | | |_) | | '."\r\n", - ' | (__| |_| | _ {| |___ '."\r\n", + ' _ _ ____ _'."\r\n", + ' ___| | | | _ \| |'."\r\n", + ' / __| | | | |_) | |'."\r\n", + ' | (__| |_| | _ {| |___'."\r\n", ' \___|\___/|_| \_\_____|'."\r\n", '+OK curl POP3 server ready to serve '."\r\n") ); @@ -634,10 +634,10 @@ sub protocolsetup { ); %displaytext = ( 'welcome' => join("", - ' _ _ ____ _ '."\r\n", - ' ___| | | | _ \| | '."\r\n", - ' / __| | | | |_) | | '."\r\n", - ' | (__| |_| | _ {| |___ '."\r\n", + ' _ _ ____ _'."\r\n", + ' ___| | | | _ \| |'."\r\n", + ' / __| | | | |_) | |'."\r\n", + ' | (__| |_| | _ {| |___'."\r\n", ' \___|\___/|_| \_\_____|'."\r\n", '* OK curl IMAP server ready to serve'."\r\n") ); @@ -658,10 +658,10 @@ sub protocolsetup { ); %displaytext = ( 'welcome' => join("", - '220- _ _ ____ _ '."\r\n", - '220- ___| | | | _ \| | '."\r\n", - '220- / __| | | | |_) | | '."\r\n", - '220- | (__| |_| | _ {| |___ '."\r\n", + '220- _ _ ____ _'."\r\n", + '220- ___| | | | _ \| |'."\r\n", + '220- / __| | | | |_) | |'."\r\n", + '220- | (__| |_| | _ {| |___'."\r\n", '220 \___|\___/|_| \_\_____|'."\r\n") ); } From 6d7e924e80096a7e2cebad16235674fd3d3012af Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 5 Nov 2025 14:40:18 +0100 Subject: [PATCH 0711/2408] checksrc.pl: detect assign followed by more than one space And fix some code previously doing this. Closes #19375 --- lib/cf-h2-proxy.c | 6 +++--- scripts/checksrc.pl | 7 +++++++ tests/libtest/lib557.c | 16 ++++++++-------- tests/server/tftpd.c | 2 +- tests/unit/unit1303.c | 2 +- 5 files changed, 20 insertions(+), 13 deletions(-) diff --git a/lib/cf-h2-proxy.c b/lib/cf-h2-proxy.c index f9bd827374..b0638c6642 100644 --- a/lib/cf-h2-proxy.c +++ b/lib/cf-h2-proxy.c @@ -99,9 +99,9 @@ static CURLcode tunnel_stream_init(struct Curl_cfilter *cf, if(result) return result; - ts->authority = /* host:port with IPv6 support */ - curl_maprintf("%s%s%s:%d", ipv6_ip ? "[":"", hostname, - ipv6_ip ? "]" : "", port); + /* host:port with IPv6 support */ + ts->authority = curl_maprintf("%s%s%s:%d", ipv6_ip ? "[":"", hostname, + ipv6_ip ? "]" : "", port); if(!ts->authority) return CURLE_OUT_OF_MEMORY; diff --git a/scripts/checksrc.pl b/scripts/checksrc.pl index 7059d68575..5dcad3e315 100755 --- a/scripts/checksrc.pl +++ b/scripts/checksrc.pl @@ -131,6 +131,7 @@ my %warnings = ( 'DOBRACE' => 'A single space between do and open brace', 'EMPTYLINEBRACE' => 'Empty line before the open brace', 'EQUALSNOSPACE' => 'equals sign without following space', + 'EQUALSPACE' => 'equals sign with too many spaces following', 'EQUALSNULL' => 'if/while comparison with == NULL', 'ERRNOVAR' => 'use of bare errno define', 'EXCLAMATIONSPACE' => 'Whitespace after exclamation mark in expression', @@ -1039,6 +1040,12 @@ sub scanfile { $line, length($1)+1, $file, $ol, "no space before equals sign"); } + # check for equals sign with more than one space after it + elsif($l =~ /(.*)[a-z0-9] \= /i) { + checkwarn("EQUALSPACE", + $line, length($1)+3, $file, $ol, + "more than one space after equals sign"); + } # check for plus signs without spaces next to it if($nostr =~ /(.*)[^+]\+[a-z0-9]/i) { diff --git a/tests/libtest/lib557.c b/tests/libtest/lib557.c index f831c9bfc2..84f6120211 100644 --- a/tests/libtest/lib557.c +++ b/tests/libtest/lib557.c @@ -205,7 +205,7 @@ static int test_signed_short_formatting(void) i++; ss_test[i].num = -0x0050 -1; ss_test[i].expected = "-81"; i++; ss_test[i].num = -0x0005 -1; ss_test[i].expected = "-6"; - i++; ss_test[i].num = 0x0000 -1; ss_test[i].expected = "-1"; + i++; ss_test[i].num = 0x0000 -1; ss_test[i].expected = "-1"; num_sshort_tests = i; @@ -431,7 +431,7 @@ static int test_signed_int_formatting(void) i++; si_test[i].num = -0x0050 -1; si_test[i].expected = "-81"; i++; si_test[i].num = -0x0005 -1; si_test[i].expected = "-6"; - i++; si_test[i].num = 0x0000 -1; si_test[i].expected = "-1"; + i++; si_test[i].num = 0x0000 -1; si_test[i].expected = "-1"; num_sint_tests = i; @@ -498,7 +498,7 @@ static int test_signed_int_formatting(void) i++; si_test[i].num = -0x00000050 -1; si_test[i].expected = "-81"; i++; si_test[i].num = -0x00000005 -1; si_test[i].expected = "-6"; - i++; si_test[i].num = 0x00000000 -1; si_test[i].expected = "-1"; + i++; si_test[i].num = 0x00000000 -1; si_test[i].expected = "-1"; num_sint_tests = i; @@ -581,7 +581,7 @@ static int test_signed_int_formatting(void) i++; si_test[i].num = -0x0000000000000070 -1; si_test[i].expected = "-113"; i++; si_test[i].num = -0x0000000000000007 -1; si_test[i].expected = "-8"; - i++; si_test[i].num = 0x0000000000000000 -1; si_test[i].expected = "-1"; + i++; si_test[i].num = 0x0000000000000000 -1; si_test[i].expected = "-1"; num_sint_tests = i; @@ -808,7 +808,7 @@ static int test_signed_long_formatting(void) i++; sl_test[i].num = -0x0050L -1L; sl_test[i].expected = "-81"; i++; sl_test[i].num = -0x0005L -1L; sl_test[i].expected = "-6"; - i++; sl_test[i].num = 0x0000L -1L; sl_test[i].expected = "-1"; + i++; sl_test[i].num = 0x0000L -1L; sl_test[i].expected = "-1"; num_slong_tests = i; @@ -875,7 +875,7 @@ static int test_signed_long_formatting(void) i++; sl_test[i].num = -0x00000050L -1L; sl_test[i].expected = "-81"; i++; sl_test[i].num = -0x00000005L -1L; sl_test[i].expected = "-6"; - i++; sl_test[i].num = 0x00000000L -1L; sl_test[i].expected = "-1"; + i++; sl_test[i].num = 0x00000000L -1L; sl_test[i].expected = "-1"; num_slong_tests = i; @@ -958,7 +958,7 @@ static int test_signed_long_formatting(void) i++; sl_test[i].num = -0x0000000000000070L -1L; sl_test[i].expected = "-113"; i++; sl_test[i].num = -0x0000000000000007L -1L; sl_test[i].expected = "-8"; - i++; sl_test[i].num = 0x0000000000000000L -1L; sl_test[i].expected = "-1"; + i++; sl_test[i].num = 0x0000000000000000L -1L; sl_test[i].expected = "-1"; num_slong_tests = i; @@ -1074,7 +1074,7 @@ static int test_curl_off_t_formatting(void) i++; co_test[i].num = -0x0000000000000070 -1; co_test[i].expected = "-113"; i++; co_test[i].num = -0x0000000000000007 -1; co_test[i].expected = "-8"; - i++; co_test[i].num = 0x0000000000000000 -1; co_test[i].expected = "-1"; + i++; co_test[i].num = 0x0000000000000000 -1; co_test[i].expected = "-1"; num_cofft_tests = i; diff --git a/tests/server/tftpd.c b/tests/server/tftpd.c index 64f005dfe5..31ae5c8a39 100644 --- a/tests/server/tftpd.c +++ b/tests/server/tftpd.c @@ -310,7 +310,7 @@ static struct tftphdr *rw_init(int x) { newline = 0; /* init crlf flag */ prevchar = -1; - bfs[0].counter = BF_ALLOC; /* pass out the first buffer */ + bfs[0].counter = BF_ALLOC; /* pass out the first buffer */ current = 0; bfs[1].counter = BF_FREE; nextone = x; /* ahead or behind? */ diff --git a/tests/unit/unit1303.c b/tests/unit/unit1303.c index 49ff3e69f2..1ce367b6a7 100644 --- a/tests/unit/unit1303.c +++ b/tests/unit/unit1303.c @@ -148,7 +148,7 @@ static CURLcode test_unit1303(const char *arg) timediff_t timeout; NOW(run[i].now_s, run[i].now_us); TIMEOUTS(run[i].timeout_ms, run[i].connecttimeout_ms); - timeout = Curl_timeleft(easy, &now, run[i].connecting); + timeout = Curl_timeleft(easy, &now, run[i].connecting); if(timeout != run[i].result) fail(run[i].comment); } From 87f448ed525c88515dfdf6f055eee744a6180e6a Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 4 Nov 2025 10:52:26 +0000 Subject: [PATCH 0712/2408] Dockerfile: update debian:bookworm-slim digest to 936abff Closes #19348 --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index fc5bf9e1ef..3d2e942cdf 100644 --- a/Dockerfile +++ b/Dockerfile @@ -24,7 +24,7 @@ # $ ./scripts/maketgz 8.7.1 # To update, get the latest digest e.g. from https://hub.docker.com/_/debian/tags -FROM debian:bookworm-slim@sha256:78d2f66e0fec9e5a39fb2c72ea5e052b548df75602b5215ed01a17171529f706 +FROM debian:bookworm-slim@sha256:936abff852736f951dab72d91a1b6337cf04217b2a77a5eaadc7c0f2f1ec1758 RUN apt-get update -qq && apt-get install -qq -y --no-install-recommends \ build-essential make autoconf automake libtool git perl zip zlib1g-dev gawk && \ From 403a2c2b06eb1ab483f7140f43f062865248269d Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 4 Nov 2025 04:05:19 +0100 Subject: [PATCH 0713/2408] tests: shorten space and tab macro names Easier to write and read. Follow-up to d29f14b9cf0d38f3887b6eadc71af16903bc7f5b #19300 Closes #19349 --- docs/tests/FILEFORMAT.md | 4 ++-- tests/data/test1029 | 2 +- tests/data/test1070 | 2 +- tests/data/test1090 | 2 +- tests/data/test1105 | 6 +++--- tests/data/test1185 | 10 +++++----- tests/data/test136 | 2 +- tests/data/test1461 | 4 ++-- tests/data/test1654 | 2 +- tests/data/test1664 | 2 +- tests/data/test17 | 2 +- tests/data/test1700 | 4 ++-- tests/data/test1701 | 2 +- tests/data/test1702 | 2 +- tests/data/test188 | 4 ++-- tests/data/test189 | 4 ++-- tests/data/test1940 | 4 ++-- tests/data/test1955 | 2 +- tests/data/test1958 | 2 +- tests/data/test212 | 4 ++-- tests/data/test2302 | 2 +- tests/data/test2306 | 2 +- tests/data/test2400 | 2 +- tests/data/test2401 | 2 +- tests/data/test2403 | 2 +- tests/data/test2406 | 2 +- tests/data/test2500 | 2 +- tests/data/test2501 | 2 +- tests/data/test2503 | 2 +- tests/data/test358 | 4 ++-- tests/data/test359 | 4 ++-- tests/data/test378 | 2 +- tests/data/test4 | 4 ++-- tests/data/test421 | 2 +- tests/data/test459 | 2 +- tests/data/test46 | 8 ++++---- tests/data/test54 | 2 +- tests/data/test646 | 2 +- tests/data/test792 | 2 +- tests/data/test793 | 2 +- tests/testutil.pm | 4 ++-- 41 files changed, 61 insertions(+), 61 deletions(-) diff --git a/docs/tests/FILEFORMAT.md b/docs/tests/FILEFORMAT.md index 070735836e..9703df9aa8 100644 --- a/docs/tests/FILEFORMAT.md +++ b/docs/tests/FILEFORMAT.md @@ -81,8 +81,8 @@ For example, to insert the word hello 100 times: To add significant whitespace characters at the end of the line, or to empty lines: - %spc% - %tab% + %SP - space + %TAB - horizontal tab ## Insert capped epoch days diff --git a/tests/data/test1029 b/tests/data/test1029 index ac636449cb..2004791cd8 100644 --- a/tests/data/test1029 +++ b/tests/data/test1029 @@ -50,7 +50,7 @@ Content-Length: 62 Connection: close This server reply is for testing a simple Location: following -http://%HOSTIP:%HTTPPORT/we/want/our/data/%TESTNUMBER0002.txt?coolsite=yes http://%HOSTIP:%HTTPPORT/we/want/our/%TESTNUMBER 0%spc% +http://%HOSTIP:%HTTPPORT/we/want/our/data/%TESTNUMBER0002.txt?coolsite=yes http://%HOSTIP:%HTTPPORT/we/want/our/%TESTNUMBER 0%SP diff --git a/tests/data/test1070 b/tests/data/test1070 index 39e2d408f8..3305b7b2b2 100644 --- a/tests/data/test1070 +++ b/tests/data/test1070 @@ -57,7 +57,7 @@ Expect: 100-continue Content-Length: 2313 Content-Type: application/x-www-form-urlencoded -This creates%spc% +This creates%SP diff --git a/tests/data/test1090 b/tests/data/test1090 index ad3c59d113..0e3879c68c 100644 --- a/tests/data/test1090 +++ b/tests/data/test1090 @@ -30,7 +30,7 @@ Connection: close Content-Type: text/plain; charset=us-ascii 0007 -bigger%spc% +bigger%SP 0008 monster diff --git a/tests/data/test1105 b/tests/data/test1105 index aa84c862cb..d23b92f560 100644 --- a/tests/data/test1105 +++ b/tests/data/test1105 @@ -19,9 +19,9 @@ Funny-head: yesyes swsclose Set-Cookie: foobar=name; Set-Cookie: mismatch=this; domain=127.0.0.1; path="/silly/"; Set-Cookie: partmatch=present; domain=.0.0.1; path=/; -Set-Cookie: foo%tab%bar=barfoo -Set-Cookie: bar%tab%foo= -Set-Cookie: bar=foo%tab%bar +Set-Cookie: foo%TABbar=barfoo +Set-Cookie: bar%TABfoo= +Set-Cookie: bar=foo%TABbar diff --git a/tests/data/test1185 b/tests/data/test1185 index 64eef41800..26852a6418 100644 --- a/tests/data/test1185 +++ b/tests/data/test1185 @@ -20,7 +20,7 @@ checksrc * Violate each rule at least once. **/ int hello; /*------------------------------------------------------------------*/ -int%tab%tab; +int%TABtab; int trailing_space; int a = func (); int b = func( b); @@ -91,7 +91,7 @@ void startfunc(int a, int b) { ./%LOGDIR/code1185.c:4:82: warning: Longer than 79 columns (LONGLINE) int hello; /*------------------------------------------------------------------*/ ./%LOGDIR/code1185.c:5:4: error: Contains TAB character (TABS) - int%tab%tab; + int%TABtab; ^ ./%LOGDIR/code1185.c:7:13: warning: func with space (SPACEBEFOREPAREN) int a = func (); @@ -118,7 +118,7 @@ void startfunc(int a, int b) { } else { ^ ./%LOGDIR/code1185.c:24:11: warning: missing space after close paren (PARENBRACE) - if(a == 2){%spc%%spc% + if(a == 2){%SP%SP ^ ./%LOGDIR/code1185.c:28:14: warning: no space before semicolon (SPACESEMICOLON) func_return() ; @@ -205,10 +205,10 @@ void startfunc(int a, int b) { // CPP comment ? ^ ./%LOGDIR/code1185.c:1:1: error: Missing copyright statement (COPYRIGHT) -%spc% +%SP ^ ./%LOGDIR/code1185.c:1:1: error: Missing closing comment (OPENCOMMENT) -%spc% +%SP ^ checksrc: 0 errors and 41 warnings diff --git a/tests/data/test136 b/tests/data/test136 index 70537719cc..c869c612bf 100644 --- a/tests/data/test136 +++ b/tests/data/test136 @@ -30,7 +30,7 @@ FTP with user and no password USER user -PASS%spc% +PASS%SP PWD EPSV TYPE I diff --git a/tests/data/test1461 b/tests/data/test1461 index 71de31772d..4ee109a122 100644 --- a/tests/data/test1461 +++ b/tests/data/test1461 @@ -47,8 +47,8 @@ Usage: curl [options...] This is not the full help; this menu is split into categories. Use "--help category" to get an overview of all categories, which are: -auth, connection, curl, deprecated, dns, file, ftp, global, http, imap, ldap,%spc% -output, pop3, post, proxy, scp, sftp, smtp, ssh, telnet, tftp, timeout, tls,%spc% +auth, connection, curl, deprecated, dns, file, ftp, global, http, imap, ldap,%SP +output, pop3, post, proxy, scp, sftp, smtp, ssh, telnet, tftp, timeout, tls,%SP upload, verbose. Use "--help all" to list all options Use "--help [option]" to view documentation for a given option diff --git a/tests/data/test1654 b/tests/data/test1654 index 3b88236441..8f3cae1556 100644 --- a/tests/data/test1654 +++ b/tests/data/test1654 @@ -27,7 +27,7 @@ h2 example.com 443 h3 shiny.example.com 8443 "20191231 00:00:00" 0 0 # a comment h2 foo.example.com 443 h3 shiny.example.com 8443 "20291231 23:30:00" 0 0 h1 example.com 443 h3 shiny.example.com 8443 "20121231 00:00:01" 0 0 -%tab%h3 example.com 443 h3 shiny.example.com 8443 "20131231 00:00:00" 0 0 +%TABh3 example.com 443 h3 shiny.example.com 8443 "20131231 00:00:00" 0 0 # also a comment bad example.com 443 h3 shiny.example.com 8443 "20191231 00:00:00" 0 0 rubbish diff --git a/tests/data/test1664 b/tests/data/test1664 index ea126a3be7..fa0b3a377c 100644 --- a/tests/data/test1664 +++ b/tests/data/test1664 @@ -68,7 +68,7 @@ curlx_str_singlespace 3: ("b") 5, line 0 4: ("\") 5, line 0 5: (" ") 0, line 1 -6: ("%tab%") 5, line 0 +6: ("%TAB") 5, line 0 7: (" ") 5, line 0 8: ("") 5, line 0 diff --git a/tests/data/test17 b/tests/data/test17 index c8c0a19b77..31e2a8e536 100644 --- a/tests/data/test17 +++ b/tests/data/test17 @@ -46,7 +46,7 @@ request MOOO MOOO /that.site.com/%TESTNUMBER HTTP/1.1 Host: %HOSTIP:%HTTPPORT -User-Agent: agent007 license to drill%tab% +User-Agent: agent007 license to drill%TAB Accept: */* diff --git a/tests/data/test1700 b/tests/data/test1700 index 6d26e1b011..e75c1f3d1a 100644 --- a/tests/data/test1700 +++ b/tests/data/test1700 @@ -76,7 +76,7 @@ HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: h2c -HTTP/2 200%spc% +HTTP/2 200%SP date: Tue, 09 Nov 2010 14:49:00 GMT last-modified: Tue, 13 Jun 2000 12:10:00 GMT etag: "21025-dc7-39462498" @@ -87,7 +87,7 @@ funny-head: yesyes via: 1.1 nghttpx -foo- -HTTP/2 200%spc% +HTTP/2 200%SP date: Tue, 09 Nov 2010 14:49:00 GMT content-length: 6 content-type: text/html diff --git a/tests/data/test1701 b/tests/data/test1701 index 44780df197..ecc5f6f17c 100644 --- a/tests/data/test1701 +++ b/tests/data/test1701 @@ -65,7 +65,7 @@ HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: h2c -HTTP/2 200%spc% +HTTP/2 200%SP date: Tue, 09 Nov 2010 14:49:00 GMT last-modified: Tue, 13 Jun 2000 12:10:00 GMT etag: "21025-dc7-39462498" diff --git a/tests/data/test1702 b/tests/data/test1702 index 9f1b167761..96acf700d3 100644 --- a/tests/data/test1702 +++ b/tests/data/test1702 @@ -61,7 +61,7 @@ HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: h2c -HTTP/2 200%spc% +HTTP/2 200%SP date: Tue, 09 Nov 2010 14:49:00 GMT last-modified: Tue, 13 Jun 2000 12:10:00 GMT etag: "21025-dc7-39462498" diff --git a/tests/data/test188 b/tests/data/test188 index 79a7f5f84a..d5796c7318 100644 --- a/tests/data/test188 +++ b/tests/data/test188 @@ -19,7 +19,7 @@ Content-Length: 3 OK -HTTP/1.1 200 OK%spc% +HTTP/1.1 200 OK%SP Connection: close Content-Length: 15 Content-Range: bytes 50- @@ -32,7 +32,7 @@ HTTP/1.1 301 OK swsbounce Location: /%TESTNUMBER Content-Length: 3 -HTTP/1.1 200 OK%spc% +HTTP/1.1 200 OK%SP Connection: close Content-Length: 15 Content-Range: bytes 50- diff --git a/tests/data/test189 b/tests/data/test189 index 8d92ef578b..e8e8044049 100644 --- a/tests/data/test189 +++ b/tests/data/test189 @@ -16,7 +16,7 @@ Content-Length: 3 OK -HTTP/1.1 200 OK%spc% +HTTP/1.1 200 OK%SP Connection: close Content-Length: 15 @@ -28,7 +28,7 @@ HTTP/1.1 301 OK swsbounce Location: /%TESTNUMBER Content-Length: 3 -HTTP/1.1 200 OK%spc% +HTTP/1.1 200 OK%SP Connection: close Content-Length: 15 diff --git a/tests/data/test1940 b/tests/data/test1940 index d15bf1d5b6..b5ddd4c2b9 100644 --- a/tests/data/test1940 +++ b/tests/data/test1940 @@ -59,8 +59,8 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER - Set-Cookie == secondcookie=2data; (1/3) - Set-Cookie == cookie3=data3; (2/3) Fold == is folding a line - Blank ==%spc% - Blank2 ==%spc% + Blank ==%SP + Blank2 ==%SP diff --git a/tests/data/test1955 b/tests/data/test1955 index 93d1422e8b..3a43100373 100644 --- a/tests/data/test1955 +++ b/tests/data/test1955 @@ -65,7 +65,7 @@ Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/ple/exam/xxx4_request, S X-Xxx-Date: 19700101T000000Z test3: 1234 test2: -test_space: t%tab%s m%tab% end%repeat[4 x ]% +test_space: t%TABs m%TAB end%repeat[4 x ]% tesMixCase: MixCase diff --git a/tests/data/test1958 b/tests/data/test1958 index f5e38868c6..90dd1d131b 100644 --- a/tests/data/test1958 +++ b/tests/data/test1958 @@ -63,7 +63,7 @@ GET /aws_sigv4/testapi/test HTTP/1.1 Host: exam.ple.com:9000 Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/ple/exam/xxx4_request, SignedHeaders=content-type;host;x-xxx-content-sha256;x-xxx-date, Signature=25b4cac711ea8f65010c485d3778885f5f3870d0b8ff0b3ab58a8d7eeab991ff X-Xxx-Date: 19700101T000000Z -X-Xxx-Content-Sha256: %tab%arbitrary%spc% +X-Xxx-Content-Sha256: %TABarbitrary%SP diff --git a/tests/data/test212 b/tests/data/test212 index c7fba5f8b9..6f1d747b58 100644 --- a/tests/data/test212 +++ b/tests/data/test212 @@ -51,11 +51,11 @@ PWD CWD a CWD path EPRT |1| -PORT%spc% +PORT%SP TYPE I SIZE %TESTNUMBER RETR %TESTNUMBER -PORT%spc% +PORT%SP SIZE %TESTNUMBER RETR %TESTNUMBER QUIT diff --git a/tests/data/test2302 b/tests/data/test2302 index ab88d9e162..889d014e2d 100644 --- a/tests/data/test2302 +++ b/tests/data/test2302 @@ -66,7 +66,7 @@ Connection: Upgrade %hex[%8a%808321]hex% -68 65 6c 6c 6f%spc% +68 65 6c 6c 6f%SP RECFLAGS: 1 diff --git a/tests/data/test2306 b/tests/data/test2306 index 233905fc79..713cc27c93 100644 --- a/tests/data/test2306 +++ b/tests/data/test2306 @@ -24,7 +24,7 @@ Funny-head: yesyes HTTP/1.1 200 OK swsclose -%tab%Access-Control-Allow-Origin: * +%TABAccess-Control-Allow-Origin: * Connection: Keep-Alive Content-Type: text/html; charset=utf-8 Date: Wed, 10 May 2023 14:58:08 GMT diff --git a/tests/data/test2400 b/tests/data/test2400 index 8478681fbd..1fed4b71e6 100644 --- a/tests/data/test2400 +++ b/tests/data/test2400 @@ -50,7 +50,7 @@ HTTP/2 GET over HTTPS # Verify data after the test has been "shot" -HTTP/2 200%spc% +HTTP/2 200%SP date: Tue, 09 Nov 2010 14:49:00 GMT content-length: 6 content-type: text/html diff --git a/tests/data/test2401 b/tests/data/test2401 index a10715ff80..94787f1c6f 100644 --- a/tests/data/test2401 +++ b/tests/data/test2401 @@ -47,7 +47,7 @@ HTTP/2 POST over HTTPS # Verify data after the test has been "shot" -HTTP/2 201%spc% +HTTP/2 201%SP date: Tue, 09 Nov 2010 14:49:00 GMT content-length: 0 funny-head: yesyes diff --git a/tests/data/test2403 b/tests/data/test2403 index b23b1e6760..34141d6780 100644 --- a/tests/data/test2403 +++ b/tests/data/test2403 @@ -51,7 +51,7 @@ HTTP/2 GET using %{header_json} # Verify data after the test has been "shot" -HTTP/2 200%spc% +HTTP/2 200%SP date: Tue, 09 Nov 2010 14:49:00 GMT content-length: 6 content-type: text/html diff --git a/tests/data/test2406 b/tests/data/test2406 index adf39dbd7e..6426b2cc84 100644 --- a/tests/data/test2406 +++ b/tests/data/test2406 @@ -49,7 +49,7 @@ HTTP/2 over HTTPS with -f # Verify data after the test has been "shot" -HTTP/2 404%spc% +HTTP/2 404%SP date: Tue, 09 Nov 2010 14:49:00 GMT content-length: 6 content-type: text/html diff --git a/tests/data/test2500 b/tests/data/test2500 index c774bf805a..f92cabfd32 100644 --- a/tests/data/test2500 +++ b/tests/data/test2500 @@ -58,7 +58,7 @@ Accept: */* -HTTP/3 200%spc% +HTTP/3 200%SP date: Tue, 09 Nov 2010 14:49:00 GMT last-modified: Tue, 13 Jun 2000 12:10:00 GMT etag: "21025-dc7-39462498" diff --git a/tests/data/test2501 b/tests/data/test2501 index 8d68a582c1..99167ec48e 100644 --- a/tests/data/test2501 +++ b/tests/data/test2501 @@ -47,7 +47,7 @@ HTTP/3 POST # Verify data after the test has been "shot" -HTTP/3 201%spc% +HTTP/3 201%SP date: Tue, 09 Nov 2010 14:49:00 GMT content-length: 0 funny-head: yesyes diff --git a/tests/data/test2503 b/tests/data/test2503 index 6c4b100bed..722d0ceb7a 100644 --- a/tests/data/test2503 +++ b/tests/data/test2503 @@ -50,7 +50,7 @@ HTTP/3 header-api # Verify data after the test has been "shot" -HTTP/3 200%spc% +HTTP/3 200%SP date: Tue, 09 Nov 2010 14:49:00 GMT content-length: 6 content-type: text/html diff --git a/tests/data/test358 b/tests/data/test358 index d29b09f956..3bdd5b4b32 100644 --- a/tests/data/test358 +++ b/tests/data/test358 @@ -60,7 +60,7 @@ HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: h2c -HTTP/2 200%spc% +HTTP/2 200%SP date: Tue, 09 Nov 2010 14:49:00 GMT content-length: 6 content-type: text/html @@ -69,7 +69,7 @@ alt-svc: h2=":%HTTP2PORT", ma=315360000; persist=0 via: 1.1 nghttpx -foo- -HTTP/2 200%spc% +HTTP/2 200%SP date: Tue, 09 Nov 2010 14:49:00 GMT content-length: 6 content-type: text/html diff --git a/tests/data/test359 b/tests/data/test359 index cc2b27b2ff..1a2f9d73a8 100644 --- a/tests/data/test359 +++ b/tests/data/test359 @@ -60,7 +60,7 @@ HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: h2c -HTTP/2 200%spc% +HTTP/2 200%SP date: Tue, 09 Nov 2010 14:49:00 GMT content-length: 6 content-type: text/html @@ -69,7 +69,7 @@ alt-svc: h2=":%HTTP2PORT", ma=315360000; persist=0 via: 1.1 nghttpx -foo- -HTTP/2 200%spc% +HTTP/2 200%SP date: Tue, 09 Nov 2010 14:49:00 GMT content-length: 6 content-type: text/html diff --git a/tests/data/test378 b/tests/data/test378 index e15e97e6e0..09279fc1d7 100644 --- a/tests/data/test378 +++ b/tests/data/test378 @@ -29,7 +29,7 @@ Reject using -T and -d at once 2 -Warning: You can only select one HTTP request method! You asked for both PUT%spc% +Warning: You can only select one HTTP request method! You asked for both PUT%SP Warning: (-T, --upload-file) and POST (-d, --data). diff --git a/tests/data/test4 b/tests/data/test4 index 4f57f8dd62..8b0479c1f8 100644 --- a/tests/data/test4 +++ b/tests/data/test4 @@ -44,7 +44,7 @@ User-Agent: curl/%VERSION extra-header: here Accept: replaced X-Custom-Header: -X-Test: foo;%spc% +X-Test: foo;%SP X-Test2: foo; GET /%TESTNUMBER HTTP/1.1 @@ -53,7 +53,7 @@ User-Agent: curl/%VERSION extra-header: here Accept: replaced X-Custom-Header: -X-Test: foo;%spc% +X-Test: foo;%SP X-Test2: foo; diff --git a/tests/data/test421 b/tests/data/test421 index 7b41703fb5..6cc2bc2763 100644 --- a/tests/data/test421 +++ b/tests/data/test421 @@ -21,7 +21,7 @@ referrer-policy: strict-origin-when-cross-origin access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS access-control-max-age: 1728000 access-control-allow-headers: Authorization, Content-Type, AuthorizationOauth, X-EARLY-ACCESS -access-control-expose-headers:%spc% +access-control-expose-headers:%SP vary: Accept etag: W/"2678f9ab2ba550d164e7cc014aefd31e" cache-control: max-age=0, private, must-revalidate diff --git a/tests/data/test459 b/tests/data/test459 index 42398bd35f..539aa0729d 100644 --- a/tests/data/test459 +++ b/tests/data/test459 @@ -56,7 +56,7 @@ Content-Type: application/x-www-form-urlencoded arg -Warning: %LOGDIR/config:1: warning: 'data' uses unquoted whitespace. This may%spc% +Warning: %LOGDIR/config:1: warning: 'data' uses unquoted whitespace. This may%SP Warning: cause side-effects. Consider double quotes. diff --git a/tests/data/test46 b/tests/data/test46 index 007861b4fb..715616e23c 100644 --- a/tests/data/test46 +++ b/tests/data/test46 @@ -65,7 +65,7 @@ www.loser.com FALSE / FALSE 2139150993 UID 99 domain..tld FALSE / FALSE 2139150993 mooo indeed #HttpOnly_domain..tld FALSE /want FALSE 2139150993 mooo2 indeed2 %endif -domain..tld FALSE /want FALSE 0 empty%tab% +domain..tld FALSE /want FALSE 0 empty%TAB cookies @@ -88,18 +88,18 @@ Cookie: empty=; mooo2=indeed2; mooo=indeed # This file was generated by libcurl! Edit at your own risk. domain..tld FALSE /want/ FALSE 0 simplyhuge %repeat[3998 x z]% -domain..tld FALSE / FALSE 0 justaname%tab% +domain..tld FALSE / FALSE 0 justaname%TAB domain..tld FALSE / FALSE 0 ASPSESSIONIDQGGQQSJJ GKNBDIFAAOFDPDAIEAKDIBKE domain..tld FALSE / FALSE 0 ckySession temporary domain..tld FALSE / FALSE %days[400] ckyPersistent permanent %if large-time -domain..tld FALSE /want FALSE 0 empty%tab% +domain..tld FALSE /want FALSE 0 empty%TAB #HttpOnly_domain..tld FALSE /want FALSE 22139150993 mooo2 indeed2 domain..tld FALSE / FALSE 22139150993 mooo indeed www.loser.com FALSE / FALSE 22139150993 UID 99 www.fake.come FALSE / FALSE 22147483647 cookiecliente si %else -domain..tld FALSE /want FALSE 0 empty%tab% +domain..tld FALSE /want FALSE 0 empty%TAB #HttpOnly_domain..tld FALSE /want FALSE 2139150993 mooo2 indeed2 domain..tld FALSE / FALSE 2139150993 mooo indeed www.loser.com FALSE / FALSE 2139150993 UID 99 diff --git a/tests/data/test54 b/tests/data/test54 index 167542fbf0..901620fa62 100644 --- a/tests/data/test54 +++ b/tests/data/test54 @@ -11,7 +11,7 @@ followlocation HTTP/1.1 302 This is a weirdo text message swsclose Connection: close -Location:%spc% +Location:%SP This server reply is for testing diff --git a/tests/data/test646 b/tests/data/test646 index 5f7f8e7605..a8d8ff2b6f 100644 --- a/tests/data/test646 +++ b/tests/data/test646 @@ -39,7 +39,7 @@ It may contain any type of data. # This line is a comment -X-fileheader1: This is a header from a file%spc% +X-fileheader1: This is a header from a file%SP # This line is another comment. It precedes a folded header. X-fileheader2: This is #a diff --git a/tests/data/test792 b/tests/data/test792 index b3630b5058..fb20874d1d 100644 --- a/tests/data/test792 +++ b/tests/data/test792 @@ -36,7 +36,7 @@ machine %HOSTIP login username password%hex[%00]hex% hello USER username -PASS%spc% +PASS%SP PWD EPSV TYPE I diff --git a/tests/data/test793 b/tests/data/test793 index 3a3e16e087..f6e77e9116 100644 --- a/tests/data/test793 +++ b/tests/data/test793 @@ -36,7 +36,7 @@ machine %HOSTIP login username "password"%hex[%00]hex% hello USER username -PASS%spc% +PASS%SP PWD EPSV TYPE I diff --git a/tests/testutil.pm b/tests/testutil.pm index f139516cfa..30ac782a99 100644 --- a/tests/testutil.pm +++ b/tests/testutil.pm @@ -147,8 +147,8 @@ sub subbase64 { $$thing =~ s/%%DAYS%%/%alternatives[$d,$d2]/; } - $$thing =~ s/%spc%/ /g; # space - $$thing =~ s/%tab%/\t/g; # horizontal tab + $$thing =~ s/%SP/ /g; # space + $$thing =~ s/%TAB/\t/g; # horizontal tab # include a file $$thing =~ s/%include ([^%]*)%[\n\r]+/includefile($1)/ge; From 60dd72b1be7b06110922f5f0690de0b88592667c Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 5 Nov 2025 02:50:42 +0100 Subject: [PATCH 0714/2408] GHA/checksrc: add actionlint, fix or silence issues found It also does shellcheck on `run:` elements, overlapping with the homegrown `shellcheck-ci.sh` with the same purpose. But it also does more and perhaps could replace the script too, especially in curl sub-repos. Also: - GHA/macos: delete potentially useful, but commented, and ultimately unused, non-default Xcode-testing logic. It's causing unused matrix exceptions, upsetting actionlint. Ref: https://github.com/rhysd/actionlint Closes #19373 --- .github/workflows/checksrc.yml | 9 ++++++++- .github/workflows/http3-linux.yml | 2 -- .github/workflows/macos.yml | 33 ++++--------------------------- .github/workflows/windows.yml | 1 + 4 files changed, 13 insertions(+), 32 deletions(-) diff --git a/.github/workflows/checksrc.yml b/.github/workflows/checksrc.yml index c5b918aa8e..8557ec708c 100644 --- a/.github/workflows/checksrc.yml +++ b/.github/workflows/checksrc.yml @@ -124,7 +124,7 @@ jobs: timeout-minutes: 5 steps: - name: 'install prereqs' - run: HOMEBREW_NO_AUTO_UPDATE=1 /home/linuxbrew/.linuxbrew/bin/brew install shellcheck zizmor + run: HOMEBREW_NO_AUTO_UPDATE=1 /home/linuxbrew/.linuxbrew/bin/brew install actionlint shellcheck zizmor - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: @@ -137,6 +137,13 @@ jobs: eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)" zizmor --pedantic .github/workflows/*.yml .github/dependabot.yml + - name: 'actionlint' + run: | + eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)" + export SHELLCHECK_OPTS='--exclude=1090,1091,2086,2153 --enable=avoid-nullary-conditions,deprecate-which' + actionlint --version + actionlint --ignore matrix .github/workflows/*.yml + - name: 'shellcheck CI' run: | eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)" diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index ff24d0fa4b..29d0fe6eaf 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -666,8 +666,6 @@ jobs: - name: 'run tests' if: ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') }} - env: - TFLAGS: '${{ matrix.build.tflags }}' run: | source ~/venv/bin/activate if [ "${MATRIX_BUILD}" = 'cmake' ]; then diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index 00d8fabcbb..20585e7b7d 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -54,7 +54,7 @@ jobs: timeout-minutes: 10 env: DEVELOPER_DIR: "/Applications/Xcode${{ matrix.build.xcode && format('_{0}', matrix.build.xcode) || '' }}.app/Contents/Developer" - CC: ${{ matrix.build.compiler || 'clang' }} + CC: 'clang' LDFLAGS: '' MATRIX_BUILD: ${{ matrix.build.generate && 'cmake' || 'autotools' }} MATRIX_OPTIONS: ${{ matrix.build.options }} @@ -81,6 +81,7 @@ jobs: - name: 'libressl' install_steps: libressl generator: Xcode + xcode: '' # default Xcode. Set it once to silence actionlint. options: --config Debug generate: >- -DCMAKE_XCODE_ATTRIBUTE_CODE_SIGNING_ALLOWED=OFF @@ -223,6 +224,7 @@ jobs: compiler: clang install: brotli zstd configure: --without-ssl --with-brotli --with-zstd + xcode: '' # default Xcode. Set it once to silence actionlint. - name: '!ssl !debug' compiler: gcc-12 configure: --without-ssl @@ -538,7 +540,7 @@ jobs: fi combinations: # Test buildability with host OS, Xcode / SDK, compiler, target-OS, built tool, combinations - name: "${{ matrix.build == 'cmake' && 'CM' || 'AM' }} ${{ matrix.compiler }} ${{ matrix.image }} ${{ matrix.xcode }} ${{ matrix.config }}" + name: "${{ matrix.build == 'cmake' && 'CM' || 'AM' }} ${{ matrix.compiler }} ${{ matrix.image }} ${{ matrix.xcode }}" runs-on: ${{ matrix.image }} timeout-minutes: 10 env: @@ -566,37 +568,11 @@ jobs: # https://github.com/actions/runner-images/tree/main/images/macos # https://en.wikipedia.org/wiki/MacOS_version_history image: [macos-14, macos-15, macos-26] - # Can skip these to reduce jobs: - # 15.1 has the same default macOS SDK as 15.2 and identical test results. - # 15.4 not revealing new fallouts. - #xcode: ['15.0.1', '15.1', '15.2', '15.3', '15.4', '16.0', '16.1'] # all Xcode - #xcode: ['15.0.1' , '15.2', '15.3', '15.4', '16.0', '16.1'] # all SDK - #xcode: ['15.0.1' , '15.2', '15.3' , '16.0' ] # coverage xcode: [''] # default Xcodes macos-version-min: [''] build: [autotools, cmake] exclude: # Combinations not covered by runner images: - - { image: macos-14, xcode: '16.0' } - - { image: macos-14, xcode: '16.1' } - - { image: macos-14, xcode: '16.2' } - - { image: macos-14, xcode: '16.3' } - - { image: macos-14, xcode: '16.4' } - - { image: macos-14, xcode: '26.0' } - - { image: macos-15, xcode: '15.0.1' } - - { image: macos-15, xcode: '15.1' } - - { image: macos-15, xcode: '15.2' } - - { image: macos-15, xcode: '15.3' } - - { image: macos-15, xcode: '15.4' } - - { image: macos-26, xcode: '15.0.1' } - - { image: macos-26, xcode: '15.1' } - - { image: macos-26, xcode: '15.2' } - - { image: macos-26, xcode: '15.3' } - - { image: macos-26, xcode: '15.4' } - - { image: macos-26, xcode: '16.0' } - - { image: macos-26, xcode: '16.1' } - - { image: macos-26, xcode: '16.2' } - - { image: macos-26, xcode: '16.3' } - { image: macos-14, compiler: 'llvm@18' } - { image: macos-14, compiler: 'llvm@20' } - { image: macos-15, compiler: 'llvm@15' } @@ -606,7 +582,6 @@ jobs: - { image: macos-26, compiler: 'gcc-12' } # Reduce build combinations, by dropping less interesting ones - { compiler: gcc-13, build: cmake } - - { compiler: gcc-14, build: autotools } - { compiler: gcc-15, build: autotools } steps: - name: 'install autotools' diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index 145d4813af..8214cbb310 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -462,6 +462,7 @@ jobs: config: '-DENABLE_DEBUG=ON -DBUILD_SHARED_LIBS=OFF -DCURL_USE_SCHANNEL=ON' type: 'Debug' tflags: 'skipall' + chkprefill: '' # Set it once to silence actionlint fail-fast: false steps: - uses: msys2/setup-msys2@fb197b72ce45fb24f17bf3f807a388985654d1f2 # v2.29.0 From e6e1899b6e35466343f17a41ceabfcfb65bf11ce Mon Sep 17 00:00:00 2001 From: Dan Fandrich Date: Tue, 4 Nov 2025 08:25:41 -0800 Subject: [PATCH 0715/2408] tests: Add tests to validate that path is ignored with -J curl is correctly dropping the Content-Disposition: filename path, but there was no test ensuring that. Ref: https://hackerone.com/reports/3408126 --- tests/data/Makefile.am | 2 +- tests/data/test1584 | 55 ++++++++++++++++++++++++++++++++++++++++++ tests/data/test1585 | 55 ++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 111 insertions(+), 1 deletion(-) create mode 100644 tests/data/test1584 create mode 100644 tests/data/test1585 diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am index 22d6eca235..bbd97853a3 100644 --- a/tests/data/Makefile.am +++ b/tests/data/Makefile.am @@ -209,7 +209,7 @@ test1548 test1549 test1550 test1551 test1552 test1553 test1554 test1555 \ test1556 test1557 test1558 test1559 test1560 test1561 test1562 test1563 \ test1564 test1565 test1566 test1567 test1568 test1569 test1570 test1571 \ test1572 test1573 test1574 test1575 test1576 test1577 test1578 test1579 \ -test1580 test1581 test1582 test1583 \ +test1580 test1581 test1582 test1583 test1584 test1585 \ \ test1590 test1591 test1592 test1593 test1594 test1595 test1596 test1597 \ test1598 test1599 test1600 test1601 test1602 test1603 test1604 test1605 \ diff --git a/tests/data/test1584 b/tests/data/test1584 new file mode 100644 index 0000000000..ab8ba1ecb3 --- /dev/null +++ b/tests/data/test1584 @@ -0,0 +1,55 @@ + + + + +HTTP +HTTP GET +-J + + + +# + + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=log/server/name%TESTNUMBER + +12345 + + + +# +# Client-side + + +http + + +HTTP GET with -J and Content-Disposition including path + + +http://%HOSTIP:%HTTPPORT/%TESTNUMBER -J -O --output-dir %LOGDIR + + + +# +# Verify data after the test has been "shot" + + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + + + +12345 + + + + diff --git a/tests/data/test1585 b/tests/data/test1585 new file mode 100644 index 0000000000..6875ac8603 --- /dev/null +++ b/tests/data/test1585 @@ -0,0 +1,55 @@ + + + + +HTTP +HTTP GET +-J + + + +# + + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 6 +Connection: close +Content-Type: text/html +Content-Disposition: filename=log\server\name%TESTNUMBER + +12345 + + + +# +# Client-side + + +http + + +HTTP GET with -J and Content-Disposition including DOS path + + +http://%HOSTIP:%HTTPPORT/%TESTNUMBER -J -O --output-dir %LOGDIR + + + +# +# Verify data after the test has been "shot" + + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + + + +12345 + + + + From d7d4de07c29d9c945800be05c63d78a0c2072d1b Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 5 Nov 2025 15:16:00 +0100 Subject: [PATCH 0716/2408] tests/Makefile.am: fix 'checksrc' target Skip the http and client subdirs as they contain no code to check. The http clients are in libtests/ now. Closes #19376 --- tests/Makefile.am | 2 -- 1 file changed, 2 deletions(-) diff --git a/tests/Makefile.am b/tests/Makefile.am index 639da33809..45cfc0f88f 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -178,8 +178,6 @@ checksrc: (cd unit && $(MAKE) checksrc) (cd tunit && $(MAKE) checksrc) (cd server && $(MAKE) checksrc) - (cd client && $(MAKE) checksrc) - (cd http && $(MAKE) checksrc) all-local: $(MANFILES) build-certs From 58023ba52273b05deb36ec1d395df18ba29b3bde Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 5 Nov 2025 21:21:34 +0100 Subject: [PATCH 0717/2408] docs: fix checksrc `EQUALSPACE` warnings ``` docs/libcurl/opts/CURLOPT_SSL_CTX_DATA.md:86:16 docs/libcurl/opts/CURLOPT_SSL_CTX_FUNCTION.md:139:16 ``` Also sync `CURL *` and result variable names with rest of docs. Follow-up to 6d7e924e80096a7e2cebad16235674fd3d3012af #19375 Closes #19379 --- docs/libcurl/opts/CURLOPT_SSL_CTX_DATA.md | 27 ++++++++++--------- docs/libcurl/opts/CURLOPT_SSL_CTX_FUNCTION.md | 27 ++++++++++--------- 2 files changed, 28 insertions(+), 26 deletions(-) diff --git a/docs/libcurl/opts/CURLOPT_SSL_CTX_DATA.md b/docs/libcurl/opts/CURLOPT_SSL_CTX_DATA.md index 6dc81a0867..7cc94bdfb9 100644 --- a/docs/libcurl/opts/CURLOPT_SSL_CTX_DATA.md +++ b/docs/libcurl/opts/CURLOPT_SSL_CTX_DATA.md @@ -81,9 +81,10 @@ static CURLcode sslctx_function(CURL *curl, void *sslctx, void *pointer) int main(void) { - CURL *ch; - CURLcode rv; - char *mypem = /* CA cert in PEM format, replace the XXXs */ + CURL *curl; + CURLcode res; + /* CA cert in PEM format, replace the XXXs */ + char *mypem = "-----BEGIN CERTIFICATE-----\n" "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\n" "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\n" @@ -94,23 +95,23 @@ int main(void) "-----END CERTIFICATE-----\n"; curl_global_init(CURL_GLOBAL_ALL); - ch = curl_easy_init(); + curl = curl_easy_init(); - curl_easy_setopt(ch, CURLOPT_SSLCERTTYPE, "PEM"); - curl_easy_setopt(ch, CURLOPT_SSL_VERIFYPEER, 1L); - curl_easy_setopt(ch, CURLOPT_URL, "https://www.example.com/"); + curl_easy_setopt(curl, CURLOPT_SSLCERTTYPE, "PEM"); + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 1L); + curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.com/"); - curl_easy_setopt(ch, CURLOPT_SSL_CTX_FUNCTION, *sslctx_function); - curl_easy_setopt(ch, CURLOPT_SSL_CTX_DATA, mypem); - rv = curl_easy_perform(ch); - if(!rv) + curl_easy_setopt(curl, CURLOPT_SSL_CTX_FUNCTION, *sslctx_function); + curl_easy_setopt(curl, CURLOPT_SSL_CTX_DATA, mypem); + res = curl_easy_perform(curl); + if(!res) printf("*** transfer succeeded ***\n"); else printf("*** transfer failed ***\n"); - curl_easy_cleanup(ch); + curl_easy_cleanup(curl); curl_global_cleanup(); - return rv; + return (int)res; } ~~~ diff --git a/docs/libcurl/opts/CURLOPT_SSL_CTX_FUNCTION.md b/docs/libcurl/opts/CURLOPT_SSL_CTX_FUNCTION.md index 75e1dc8edb..01688ef3ea 100644 --- a/docs/libcurl/opts/CURLOPT_SSL_CTX_FUNCTION.md +++ b/docs/libcurl/opts/CURLOPT_SSL_CTX_FUNCTION.md @@ -134,9 +134,10 @@ static CURLcode sslctx_function(CURL *curl, void *sslctx, void *pointer) int main(void) { - CURL *ch; - CURLcode rv; - char *mypem = /* CA cert in PEM format, replace the XXXs */ + CURL *curl; + CURLcode res; + /* CA cert in PEM format, replace the XXXs */ + char *mypem = "-----BEGIN CERTIFICATE-----\n" "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\n" "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\n" @@ -147,23 +148,23 @@ int main(void) "-----END CERTIFICATE-----\n"; curl_global_init(CURL_GLOBAL_ALL); - ch = curl_easy_init(); + curl = curl_easy_init(); - curl_easy_setopt(ch, CURLOPT_SSLCERTTYPE, "PEM"); - curl_easy_setopt(ch, CURLOPT_SSL_VERIFYPEER, 1L); - curl_easy_setopt(ch, CURLOPT_URL, "https://www.example.com/"); + curl_easy_setopt(curl, CURLOPT_SSLCERTTYPE, "PEM"); + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 1L); + curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.com/"); - curl_easy_setopt(ch, CURLOPT_SSL_CTX_FUNCTION, *sslctx_function); - curl_easy_setopt(ch, CURLOPT_SSL_CTX_DATA, mypem); - rv = curl_easy_perform(ch); - if(!rv) + curl_easy_setopt(curl, CURLOPT_SSL_CTX_FUNCTION, *sslctx_function); + curl_easy_setopt(curl, CURLOPT_SSL_CTX_DATA, mypem); + res = curl_easy_perform(curl); + if(!res) printf("*** transfer succeeded ***\n"); else printf("*** transfer failed ***\n"); - curl_easy_cleanup(ch); + curl_easy_cleanup(curl); curl_global_cleanup(); - return rv; + return (int)res; } ~~~ From 56129718b80b5bd5a551522086901b2feb906505 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 6 Nov 2025 10:00:52 +0100 Subject: [PATCH 0718/2408] tool_ipfs: check return codes better Closes #19382 --- src/tool_ipfs.c | 28 ++++++++-------------------- 1 file changed, 8 insertions(+), 20 deletions(-) diff --git a/src/tool_ipfs.c b/src/tool_ipfs.c index 8e98d23242..89d12fc1c6 100644 --- a/src/tool_ipfs.c +++ b/src/tool_ipfs.c @@ -165,23 +165,15 @@ CURLcode ipfs_url_rewrite(CURLU *uh, const char *protocol, char **url, } /* get gateway parts */ - if(curl_url_get(gatewayurl, CURLUPART_HOST, - &gwhost, CURLU_URLDECODE)) { - goto clean; - } - - if(curl_url_get(gatewayurl, CURLUPART_SCHEME, - &gwscheme, CURLU_URLDECODE)) { - goto clean; - } - - curl_url_get(gatewayurl, CURLUPART_PORT, &gwport, CURLU_URLDECODE); - - if(curl_url_get(gatewayurl, CURLUPART_PATH, &gwpath, CURLU_URLDECODE)) + if(curl_url_get(gatewayurl, CURLUPART_HOST, &gwhost, CURLU_URLDECODE) || + curl_url_get(gatewayurl, CURLUPART_SCHEME, &gwscheme, CURLU_URLDECODE) || + curl_url_get(gatewayurl, CURLUPART_PORT, &gwport, CURLU_URLDECODE) || + curl_url_get(gatewayurl, CURLUPART_PATH, &gwpath, CURLU_URLDECODE)) goto clean; /* get the path from user input */ - curl_url_get(uh, CURLUPART_PATH, &inputpath, CURLU_URLDECODE); + if(curl_url_get(uh, CURLUPART_PATH, &inputpath, CURLU_URLDECODE)) + goto clean; /* inputpath might be NULL or a valid pointer now */ /* set gateway parts in input url */ @@ -198,13 +190,9 @@ CURLcode ipfs_url_rewrite(CURLU *uh, const char *protocol, char **url, has_trailing_slash(gwpath) ? "" : "/", protocol, cid, inputpath ? inputpath : ""); - if(!pathbuffer) { + if(!pathbuffer || + curl_url_set(uh, CURLUPART_PATH, pathbuffer, CURLU_URLENCODE)) goto clean; - } - - if(curl_url_set(uh, CURLUPART_PATH, pathbuffer, CURLU_URLENCODE)) { - goto clean; - } /* Free whatever it has now, rewriting is next */ tool_safefree(*url); From 66a66c596b023d0502aae19787300579338850fa Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 6 Nov 2025 09:52:30 +0100 Subject: [PATCH 0719/2408] tool_operate: remove redundant condition And avoid an early return. Pointed out by CodeSonar Closes #19381 --- src/tool_operate.c | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/src/tool_operate.c b/src/tool_operate.c index 46a3f200bb..74f5da5fa9 100644 --- a/src/tool_operate.c +++ b/src/tool_operate.c @@ -2116,22 +2116,21 @@ static CURLcode transfer_per_config(struct OperationConfig *config, bool *added, bool *skipped) { - CURLcode result = CURLE_OK; + CURLcode result; *added = FALSE; /* Check we have a url */ if(!config->url_list || !config->url_list->url) { helpf("(%d) no URL specified", CURLE_FAILED_INIT); - return CURLE_FAILED_INIT; + result = CURLE_FAILED_INIT; } - - if(!result) + else { result = cacertpaths(config); - - if(!result) { - result = single_transfer(config, share, added, skipped); - if(!*added || result) - single_transfer_cleanup(); + if(!result) { + result = single_transfer(config, share, added, skipped); + if(!*added || result) + single_transfer_cleanup(); + } } return result; From 8e6149598b57e9904b0ff31b2b83bbcc57b39953 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 4 Nov 2025 18:37:49 +0100 Subject: [PATCH 0720/2408] gnutls: report accurate error when TLS-SRP is not built-in With GnuTLS 3.8.0+ the build-time SRP feature detection always succeeds. It's also disabled by default in these GnuTLS versions. When using TLS-SRP without it being available in GnuTLS, report the correct error code `CURLE_NOT_BUILT_IN`, replacing the out of memory error reported before this patch. Also add comments to autotools and cmake scripts about this feature detection property. Detecting it at build-time would need to run code which doesn't work in cross-builds. Once curl requires 3.8.0 as minimum, the build-time checks can be deleted. ``` # before: curl: (27) gnutls_srp_allocate_client_cred() failed: An unimplemented or disabled feature has been requested. # after: curl: (4) GnuTLS: TLS-SRP support not built in: An unimplemented or disabled feature has been requested. ``` Ref: https://github.com/gnutls/gnutls/commit/dab063fca2eecb9ff1db73234108315c5b713756 Ref: https://github.com/gnutls/gnutls/commit/a21e89edacfe4ec3c501b030fff59c11fd20dcf0 Closes #19365 --- CMakeLists.txt | 2 ++ lib/vtls/gtls.c | 7 ++++++- m4/curl-gnutls.m4 | 3 +++ 3 files changed, 11 insertions(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 4772a6219a..7b442ac704 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -934,6 +934,8 @@ if(CURL_USE_GNUTLS) list(APPEND CMAKE_REQUIRED_INCLUDES "${GNUTLS_INCLUDE_DIRS}") list(APPEND CMAKE_REQUIRED_LIBRARIES "${GNUTLS_LIBRARIES}") curl_required_libpaths("${GNUTLS_LIBRARY_DIRS}") + # In GnuTLS 3.8.0 (2023-02-10) and upper, this check always succeeds. + # Detecting actual TLS-SRP support needs poking the API at runtime. check_symbol_exists("gnutls_srp_verifier" "gnutls/gnutls.h" HAVE_GNUTLS_SRP) cmake_pop_check_state() endif() diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index 6c1fe63b5e..f3d6abb23c 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -877,7 +877,12 @@ static CURLcode gtls_client_init(struct Curl_cfilter *cf, infof(data, "Using TLS-SRP username: %s", config->username); rc = gnutls_srp_allocate_client_credentials(>ls->srp_client_cred); - if(rc != GNUTLS_E_SUCCESS) { + if(rc == GNUTLS_E_UNIMPLEMENTED_FEATURE) { + failf(data, "GnuTLS: TLS-SRP support not built in: %s", + gnutls_strerror(rc)); + return CURLE_NOT_BUILT_IN; + } + else if(rc != GNUTLS_E_SUCCESS) { failf(data, "gnutls_srp_allocate_client_cred() failed: %s", gnutls_strerror(rc)); return CURLE_OUT_OF_MEMORY; diff --git a/m4/curl-gnutls.m4 b/m4/curl-gnutls.m4 index 0872ee52b6..e934f870dd 100644 --- a/m4/curl-gnutls.m4 +++ b/m4/curl-gnutls.m4 @@ -156,6 +156,9 @@ if test "$GNUTLS_ENABLED" = "1"; then dnl --- dnl We require GnuTLS with SRP support. + dnl + dnl In GnuTLS 3.8.0 (2023-02-10) and upper, this check always succeeds. + dnl Detecting actual TLS-SRP support needs poking the API at runtime. dnl --- AC_CHECK_LIB(gnutls, gnutls_srp_verifier, [ From ede6a8e08762321d95864ad384b8ff5ac44ac459 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 5 Nov 2025 19:53:30 +0100 Subject: [PATCH 0721/2408] conncache: silence `-Wnull-dereference` on gcc 14 RISC-V 64 A false positive that appeared after a recent patch for no reason. Seen in curl-for-win unity native Linux builds on debian:testing and debian:trixie with gcc 14.3.0 and 14.2.0 respectively: ``` -- curl version=[8.17.1-DEV] -- The C compiler identification is GNU 14.2.0 -- Cross-compiling: Linux/x86_64 -> Linux/riscv64 [...] lib/conncache.c: In function 'Curl_cpool_conn_now_idle': lib/conncache.c:539:11: error: null pointer dereference [-Werror=null-dereference] 539 | if(!data->multi->maxconnects) { | ~~~~^~~~~~~ ``` Ref: https://github.com/curl/curl-for-win/actions/runs/19111497271/job/54609512969#step:3:5788 ``` -- The C compiler identification is GNU 14.3.0 ``` Ref: https://github.com/curl/curl-for-win/actions/runs/19111497271/job/54609512899#step:3:5801 Patch confirmed silencing: https://github.com/curl/curl-for-win/actions/runs/19112580362/job/54613288202 Follow-up to fbc4d59151dc4a56052f3a92da3682dc97b32148 #19271 Closes #19378 --- lib/conncache.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lib/conncache.c b/lib/conncache.c index d5770ef916..7dc21d967a 100644 --- a/lib/conncache.c +++ b/lib/conncache.c @@ -536,6 +536,9 @@ bool Curl_cpool_conn_now_idle(struct Curl_easy *data, struct cpool *cpool = cpool_get_instance(data); bool kept = TRUE; + if(!data) + return kept; + if(!data->multi->maxconnects) { unsigned int running = Curl_multi_xfers_running(data->multi); maxconnects = (running <= UINT_MAX / 4) ? running * 4 : UINT_MAX; From 9825a3b708222be2e753d4c4a1ea0388cbfa334f Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 6 Nov 2025 02:20:12 +0100 Subject: [PATCH 0722/2408] cmake: disable `CURL_CA_PATH` auto-detection if `USE_APPLE_SECTRUST=ON` Syncing behavior with `CURL_CA_BUNDLE` and autotools. `/etc/ssl/certs` is empty by default on macOS systems, thus no likely auto-detection finds something there. Follow-up to eefd03c572996e5de4dec4fe295ad6f103e0eefc #18703 Closes #19380 --- CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 7b442ac704..068d97d49b 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1551,7 +1551,7 @@ if(_curl_ca_bundle_supported) unset(CURL_CA_PATH CACHE) elseif(CURL_CA_PATH STREQUAL "auto") unset(CURL_CA_PATH CACHE) - if(NOT CMAKE_CROSSCOMPILING AND NOT WIN32) + if(NOT CMAKE_CROSSCOMPILING AND NOT WIN32 AND NOT USE_APPLE_SECTRUST) set(_curl_ca_path_autodetect TRUE) endif() else() From f12a81de4f34bf0f8055d264a432f0f3befe7921 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Thu, 6 Nov 2025 12:47:33 +0100 Subject: [PATCH 0723/2408] curl: fix progress meter in parallel mode With `check_finished()` triggered by notifications now, the `progress_meter()` was no longer called at regular intervals. Move `progress_meter()` out of `check_finished()` into the perform loop and event callbacks. Closes #19383 --- src/tool_operate.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/tool_operate.c b/src/tool_operate.c index 74f5da5fa9..e1f61a2ba5 100644 --- a/src/tool_operate.c +++ b/src/tool_operate.c @@ -1549,6 +1549,7 @@ static void on_uv_socket(uv_poll_t *req, int status, int events) curl_multi_socket_action(c->uv->s->multi, c->sockfd, flags, &c->uv->s->still_running); + progress_meter(c->uv->s->multi, &c->uv->s->start, FALSE); } /* callback from libuv when timeout expires */ @@ -1561,6 +1562,7 @@ static void on_uv_timeout(uv_timer_t *req) if(uv && uv->s) { curl_multi_socket_action(uv->s->multi, CURL_SOCKET_TIMEOUT, 0, &uv->s->still_running); + progress_meter(uv->s->multi, &uv->s->start, FALSE); } } @@ -1733,7 +1735,6 @@ static CURLcode check_finished(struct parastate *s) int rc; CURLMsg *msg; bool checkmore = FALSE; - progress_meter(s->multi, &s->start, FALSE); do { msg = curl_multi_info_read(s->multi, &rc); if(msg) { @@ -1875,6 +1876,8 @@ static CURLcode parallel_transfers(CURLSH *share) s->mcode = curl_multi_poll(s->multi, NULL, 0, 1000, NULL); if(!s->mcode) s->mcode = curl_multi_perform(s->multi, &s->still_running); + + progress_meter(s->multi, &s->start, FALSE); } (void)progress_meter(s->multi, &s->start, TRUE); From 69622ff37db03ed818aa9141cdbe874267a6d61d Mon Sep 17 00:00:00 2001 From: x2018 Date: Wed, 5 Nov 2025 23:50:51 +0800 Subject: [PATCH 0724/2408] tool_help: add checks to avoid unsigned wrap around Closes #19377 --- src/tool_help.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/tool_help.c b/src/tool_help.c index 7a3a4a3bf4..4509fa2b94 100644 --- a/src/tool_help.c +++ b/src/tool_help.c @@ -87,14 +87,18 @@ static void print_category(unsigned int category, unsigned int cols) if(len > longdesc) longdesc = len; } - if(longopt + longdesc > cols) + + if(longdesc > cols) + longopt = 0; /* avoid wrap-around */ + else if(longopt + longdesc > cols) longopt = cols - longdesc; for(i = 0; helptext[i].opt; ++i) if(helptext[i].categories & category) { size_t opt = longopt; size_t desclen = strlen(helptext[i].desc); - if(opt + desclen >= (cols - 2)) { + /* avoid wrap-around */ + if(cols >= 2 && opt + desclen >= (cols - 2)) { if(desclen < (cols - 2)) opt = (cols - 3) - desclen; else From 672886f734fc205f92e0cba3c6dcd5c43abb2b11 Mon Sep 17 00:00:00 2001 From: Juliusz Sosinowicz Date: Tue, 4 Nov 2025 18:39:43 +0100 Subject: [PATCH 0725/2408] wolfSSL: able to differentiate between IP and DNS in alt names Fix implemented in https://github.com/wolfSSL/wolfssl/pull/9380 Closes #19364 --- tests/http/test_17_ssl_use.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/http/test_17_ssl_use.py b/tests/http/test_17_ssl_use.py index d0af093af0..57e1c01404 100644 --- a/tests/http/test_17_ssl_use.py +++ b/tests/http/test_17_ssl_use.py @@ -195,8 +195,9 @@ class TestSSLUse: pytest.skip("h3 not supported") if env.curl_uses_lib('mbedtls'): pytest.skip("mbedtls falsely verifies a DNS: altname as IP address") - if env.curl_uses_lib('wolfssl'): - pytest.skip("wolfSSL falsely verifies a DNS: altname as IP address") + if env.curl_uses_lib('wolfssl') and \ + env.curl_lib_version_before('wolfssl', '5.8.4'): + pytest.skip("wolfSSL falsely verifies a DNS: altname as IP address in 5.8.2 and before") httpd.set_domain1_cred_name('domain1-very-bad') httpd.reload_if_config_changed() if proto == 'h3': From 904e7ecb66519951681377758fe6b07dde28ce36 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 3 Nov 2025 21:38:35 +0100 Subject: [PATCH 0726/2408] tests: replace remaining CR bytes with the new macro `%CR` There is no more mixed-newline file in the repository after this patch. Except for`.bat` and `.sln` files (4 in total), all files use LF newlines. Also: - `spacecheck.pl`: drop mixed-EOL exception for test data. - runtests: add option `-w` to check if test data has stray CR bytes in them. - build: enable the option above in test targets, except the CI-specific one where `spacecheck.pl` does this job already. - tested OK (with expected failures) in CI with stray CRs added. - cmake: enable option `-a` for the `tests` target. To continue testing after a failed test. Follow-up to 63e9721b63d01518db83a664bc1e8373c352879e #19313 Follow-up to 6cf3d7b1b161bc45501d17b401225befe3c43943 #19318 Follow-up to 4d2a05d3fe8ba4db9168b03057029ea5ce7dab77 #19284 Closes #19347 --- .github/scripts/spacecheck.pl | 10 +- docs/runtests.md | 4 + docs/tests/FILEFORMAT.md | 4 + tests/CMakeLists.txt | 14 +- tests/Makefile.am | 16 +- tests/data/test1008 | 20 +-- tests/data/test1021 | 30 ++-- tests/data/test1040 | 8 +- tests/data/test1042 | 10 +- tests/data/test1043 | 14 +- tests/data/test1053 | 84 +++++------ tests/data/test1055 | 26 ++-- tests/data/test1060 | 18 +-- tests/data/test1061 | 36 ++--- tests/data/test1066 | 40 ++--- tests/data/test1068 | 22 +-- tests/data/test1072 | 22 +-- tests/data/test1073 | 22 +-- tests/data/test1123 | 52 +++---- tests/data/test1133 | 76 +++++----- tests/data/test1158 | 62 ++++---- tests/data/test1186 | 62 ++++---- tests/data/test1189 | 88 +++++------ tests/data/test1273 | 8 +- tests/data/test1274 | 22 +-- tests/data/test1277 | 56 +++---- tests/data/test1288 | 32 ++-- tests/data/test1315 | 64 ++++---- tests/data/test1319 | 4 +- tests/data/test1375 | 16 +- tests/data/test1376 | 14 +- tests/data/test1377 | 16 +- tests/data/test1404 | 70 ++++----- tests/data/test1416 | 16 +- tests/data/test1417 | 26 ++-- tests/data/test1428 | 4 +- tests/data/test1429 | 22 +-- tests/data/test1434 | 20 +-- tests/data/test1475 | 16 +- tests/data/test1482 | 44 +++--- tests/data/test1483 | 48 +++--- tests/data/test1493 | 44 +++--- tests/data/test1498 | 22 +-- tests/data/test1499 | 44 +++--- tests/data/test1525 | 4 +- tests/data/test1540 | 32 ++-- tests/data/test1541 | 24 +-- tests/data/test163 | 36 ++--- tests/data/test164 | 40 ++--- tests/data/test166 | 26 ++-- tests/data/test173 | 34 ++--- tests/data/test1904 | 4 +- tests/data/test1940 | 2 +- tests/data/test1943 | 30 ++-- tests/data/test2002 | 26 ++-- tests/data/test2003 | 42 +++--- tests/data/test206 | 16 +- tests/data/test207 | 4 +- tests/data/test208 | 16 +- tests/data/test209 | 20 +-- tests/data/test213 | 20 +-- tests/data/test218 | 20 +-- tests/data/test222 | 34 ++--- tests/data/test230 | 34 ++--- tests/data/test232 | 34 ++--- tests/data/test258 | 100 ++++++------- tests/data/test259 | 104 ++++++------- tests/data/test265 | 22 +-- tests/data/test266 | 44 +++--- tests/data/test275 | 6 +- tests/data/test3015 | 24 +-- tests/data/test304 | 42 +++--- tests/data/test31 | 106 +++++++------- tests/data/test314 | 34 ++--- tests/data/test320 | 14 +- tests/data/test3206 | 2 +- tests/data/test326 | 28 ++-- tests/data/test339 | 32 ++-- tests/data/test34 | 16 +- tests/data/test341 | 14 +- tests/data/test347 | 32 ++-- tests/data/test36 | 8 +- tests/data/test363 | 4 +- tests/data/test365 | 8 +- tests/data/test373 | 34 ++--- tests/data/test39 | 88 +++++------ tests/data/test396 | 34 ++--- tests/data/test415 | 2 +- tests/data/test433 | 8 +- tests/data/test44 | 42 +++--- tests/data/test457 | 16 +- tests/data/test473 | 32 ++-- tests/data/test503 | 4 +- tests/data/test552 | 30 ++-- tests/data/test554 | 116 +++++++-------- tests/data/test568 | 12 +- tests/data/test585 | 14 +- tests/data/test599 | 22 +-- tests/data/test60 | 24 +-- tests/data/test643 | 112 +++++++------- tests/data/test645 | 236 +++++++++++++++--------------- tests/data/test646 | 64 ++++---- tests/data/test647 | 52 +++---- tests/data/test650 | 268 +++++++++++++++++----------------- tests/data/test654 | 94 ++++++------ tests/data/test666 | 26 ++-- tests/data/test668 | 62 ++++---- tests/data/test71 | 40 ++--- tests/data/test744 | 4 +- tests/data/test780 | 6 +- tests/data/test781 | 6 +- tests/data/test782 | 6 +- tests/data/test783 | 6 +- tests/data/test80 | 4 +- tests/data/test83 | 4 +- tests/data/test9 | 42 +++--- tests/data/test900 | 20 +-- tests/data/test95 | 4 +- tests/getpart.pm | 13 ++ tests/globalconfig.pm | 2 + tests/runner.pm | 9 ++ tests/runtests.pl | 9 ++ tests/testutil.pm | 1 + 123 files changed, 2045 insertions(+), 2009 deletions(-) diff --git a/.github/scripts/spacecheck.pl b/.github/scripts/spacecheck.pl index fc1bf8f76c..e2da2cec5d 100755 --- a/.github/scripts/spacecheck.pl +++ b/.github/scripts/spacecheck.pl @@ -34,10 +34,6 @@ my @tabs = ( "^tests/data/test", ); -my @mixed_eol = ( - "^tests/data/test", -); - my @need_crlf = ( "\\.(bat|sln)\$", ); @@ -109,8 +105,7 @@ while(my $filename = <$git_ls_files>) { my $eol = eol_detect($content); - if($eol eq "" && - !fn_match($filename, @mixed_eol)) { + if($eol eq "") { push @err, "content: has mixed EOL types"; } @@ -120,8 +115,7 @@ while(my $filename = <$git_ls_files>) { } if($eol ne "lf" && $content ne "" && - !fn_match($filename, @need_crlf) && - !fn_match($filename, @mixed_eol)) { + !fn_match($filename, @need_crlf)) { push @err, "content: must use LF EOL for this file type"; } diff --git a/docs/runtests.md b/docs/runtests.md index 4a7ddf5c0b..373f07618d 100644 --- a/docs/runtests.md +++ b/docs/runtests.md @@ -289,6 +289,10 @@ Enable verbose output. Speaks more than by default. If used in conjunction with parallel testing, it is difficult to associate the logs with the specific test being run. +## `-w` + +Verify test data. + ## `-vc \` Provide a path to a custom curl binary to run when verifying that the servers diff --git a/docs/tests/FILEFORMAT.md b/docs/tests/FILEFORMAT.md index 9703df9aa8..f100adcf89 100644 --- a/docs/tests/FILEFORMAT.md +++ b/docs/tests/FILEFORMAT.md @@ -78,6 +78,10 @@ For example, to insert the word hello 100 times: ## Whitespace +To force CRLF newline, add this macro to the end of the line: + + %CR - carriage return + To add significant whitespace characters at the end of the line, or to empty lines: diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 2b12cef83b..dd8c274a33 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -120,15 +120,15 @@ configure_file( "${CMAKE_CURRENT_SOURCE_DIR}/configurehelp.pm.in" "${CMAKE_CURRENT_BINARY_DIR}/configurehelp.pm" @ONLY) -curl_add_runtests(tests "") # Avoid 'test', which is a reserved target name in CMake -curl_add_runtests(test-quiet "-a -s") -curl_add_runtests(test-am "-a -am") -curl_add_runtests(test-full "-a -p -r") +curl_add_runtests(tests "-a -w") # Avoid 'test', which is a reserved target name in CMake +curl_add_runtests(test-quiet "-a -w -s") +curl_add_runtests(test-am "-a -w -am") +curl_add_runtests(test-full "-a -w -p -r") # ~flaky means that it ignores results of tests using the flaky keyword -curl_add_runtests(test-nonflaky "-a -p ~flaky ~timing-dependent") +curl_add_runtests(test-nonflaky "-a -w -p ~flaky ~timing-dependent") curl_add_runtests(test-ci "-a -p ~flaky ~timing-dependent -r --retry=5 -j20 --buildinfo") -curl_add_runtests(test-torture "-a -t -j20") -curl_add_runtests(test-event "-a -e") +curl_add_runtests(test-torture "-a -w -t -j20") +curl_add_runtests(test-event "-a -w -e") curl_add_pytests(curl-pytest "-n auto") curl_add_pytests(curl-pytest-ci "-n auto -v") diff --git a/tests/Makefile.am b/tests/Makefile.am index 45cfc0f88f..12fdc29cda 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -118,18 +118,18 @@ TEST_COMMON += !documentation endif TEST = srcdir=$(srcdir) @PERL@ $(PERLFLAGS) $(srcdir)/runtests.pl $(TEST_COMMON) -TEST_Q = -a -s -TEST_AM = -a -am -TEST_F = -a -p -r -TEST_T = -a -t -j20 -TEST_E = -a -e +TEST_Q = -a -w -s +TEST_AM = -a -w -am +TEST_F = -a -w -p -r +TEST_T = -a -w -t -j20 +TEST_E = -a -w -e # ~ means that it will run all tests matching the keyword, but will # ignore their results (since these ones are likely to fail for no good reason) -TEST_NF = -a -p ~flaky ~timing-dependent +TEST_NF = -a -w -p ~flaky ~timing-dependent -# special CI target derived from nonflaky with CI-specific flags -TEST_CI = $(TEST_NF) -r --retry=5 -j20 --buildinfo +# special target for CI use +TEST_CI = -a -p ~flaky ~timing-dependent -r --retry=5 -j20 --buildinfo PYTEST = pytest endif diff --git a/tests/data/test1008 b/tests/data/test1008 index be858d0038..6d4d80079a 100644 --- a/tests/data/test1008 +++ b/tests/data/test1008 @@ -54,21 +54,21 @@ daniel # then this is returned when we get proxy-auth -HTTP/1.1 200 OK swsbounce +HTTP/1.1 200 OK swsbounce%CR Server: no - +%CR Nice proxy auth sir! -HTTP/1.1 407 Authorization Required to proxy me my dear -Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== -Transfer-Encoding: chunked - -HTTP/1.1 200 Things are fine in proxy land -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 - +HTTP/1.1 407 Authorization Required to proxy me my dear%CR +Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==%CR +Transfer-Encoding: chunked%CR +%CR +HTTP/1.1 200 Things are fine in proxy land%CR +Server: Microsoft-IIS/5.0%CR +Content-Type: text/html; charset=iso-8859-1%CR +%CR HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Content-Length: 7 diff --git a/tests/data/test1021 b/tests/data/test1021 index 4d85468e8d..87a4432645 100644 --- a/tests/data/test1021 +++ b/tests/data/test1021 @@ -54,26 +54,26 @@ daniel # then this is returned when we get proxy-auth -HTTP/1.1 200 OK swsbounce +HTTP/1.1 200 OK swsbounce%CR Server: no - +%CR Nice proxy auth sir! -HTTP/1.1 407 Authorization Required to proxy me my dear swsclose -Proxy-Authenticate: NTLM -Content-Length: 16 -Connection: close - -HTTP/1.1 407 Authorization Required to proxy me my dear -Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== -Content-Length: 28 - -HTTP/1.1 200 Things are fine in proxy land -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 - +HTTP/1.1 407 Authorization Required to proxy me my dear swsclose%CR +Proxy-Authenticate: NTLM%CR +Content-Length: 16%CR +Connection: close%CR +%CR +HTTP/1.1 407 Authorization Required to proxy me my dear%CR +Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==%CR +Content-Length: 28%CR +%CR +HTTP/1.1 200 Things are fine in proxy land%CR +Server: Microsoft-IIS/5.0%CR +Content-Type: text/html; charset=iso-8859-1%CR +%CR HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Content-Length: 7 diff --git a/tests/data/test1040 b/tests/data/test1040 index f5202949e6..9c06cc11ab 100644 --- a/tests/data/test1040 +++ b/tests/data/test1040 @@ -30,10 +30,10 @@ Content-Length: 0 012345678 012345678 012345678 -HTTP/1.1 416 Invalid range -Connection: close -Content-Length: 0 - +HTTP/1.1 416 Invalid range%CR +Connection: close%CR +Content-Length: 0%CR +%CR diff --git a/tests/data/test1042 b/tests/data/test1042 index a21a2c92f4..53fe88e0fe 100644 --- a/tests/data/test1042 +++ b/tests/data/test1042 @@ -42,11 +42,11 @@ Content-Type: text/plain 012345678 012345678 012345678 -HTTP/1.1 200 OK -Connection: close -Content-Length: 100 -Content-Type: text/plain - +HTTP/1.1 200 OK%CR +Connection: close%CR +Content-Length: 100%CR +Content-Type: text/plain%CR +%CR diff --git a/tests/data/test1043 b/tests/data/test1043 index 74a76e2ad0..66de6eb81a 100644 --- a/tests/data/test1043 +++ b/tests/data/test1043 @@ -32,13 +32,13 @@ Content-Range: bytes 40-99/100 012345678 012345678 012345678 -HTTP/1.1 206 Partial Content -Date: Mon, 13 Nov 2007 13:41:09 GMT -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -Accept-Ranges: bytes -Content-Length: 60 -Content-Range: bytes 40-99/100 - +HTTP/1.1 206 Partial Content%CR +Date: Mon, 13 Nov 2007 13:41:09 GMT%CR +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT%CR +Accept-Ranges: bytes%CR +Content-Length: 60%CR +Content-Range: bytes 40-99/100%CR +%CR 012345678 012345678 012345678 diff --git a/tests/data/test1053 b/tests/data/test1053 index 171d4647a8..4f6266d196 100644 --- a/tests/data/test1053 +++ b/tests/data/test1053 @@ -77,54 +77,54 @@ bar ^(Content-Type: multipart/form-data;|------------).* -POST /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 434 -Content-Type: multipart/form-data; boundary=----------------------------9ef8d6205763 - -------------------------------9ef8d6205763 -Content-Disposition: form-data; name="name" - -daniel -------------------------------9ef8d6205763 -Content-Disposition: form-data; name="tool" - -curl -------------------------------9ef8d6205763 -Content-Disposition: form-data; name="file"; filename="test%TESTNUMBER.txt" -Content-Type: text/plain - +POST /we/want/%TESTNUMBER HTTP/1.1%CR +Host: %HOSTIP:%HTTPPORT%CR +User-Agent: curl/%VERSION%CR +Accept: */*%CR +Content-Length: 434%CR +Content-Type: multipart/form-data; boundary=----------------------------9ef8d6205763%CR +%CR +------------------------------9ef8d6205763%CR +Content-Disposition: form-data; name="name"%CR +%CR +daniel%CR +------------------------------9ef8d6205763%CR +Content-Disposition: form-data; name="tool"%CR +%CR +curl%CR +------------------------------9ef8d6205763%CR +Content-Disposition: form-data; name="file"; filename="test%TESTNUMBER.txt"%CR +Content-Type: text/plain%CR +%CR foo- This is a moo- bar - -------------------------------9ef8d6205763-- -POST /we/want/data/%TESTNUMBER0002.txt?coolsite=yes HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 434 -Content-Type: multipart/form-data; boundary=----------------------------9ef8d6205763 - -------------------------------9ef8d6205763 -Content-Disposition: form-data; name="name" - -daniel -------------------------------9ef8d6205763 -Content-Disposition: form-data; name="tool" - -curl -------------------------------9ef8d6205763 -Content-Disposition: form-data; name="file"; filename="test%TESTNUMBER.txt" -Content-Type: text/plain - +%CR +------------------------------9ef8d6205763--%CR +POST /we/want/data/%TESTNUMBER0002.txt?coolsite=yes HTTP/1.1%CR +Host: %HOSTIP:%HTTPPORT%CR +User-Agent: curl/%VERSION%CR +Accept: */*%CR +Content-Length: 434%CR +Content-Type: multipart/form-data; boundary=----------------------------9ef8d6205763%CR +%CR +------------------------------9ef8d6205763%CR +Content-Disposition: form-data; name="name"%CR +%CR +daniel%CR +------------------------------9ef8d6205763%CR +Content-Disposition: form-data; name="tool"%CR +%CR +curl%CR +------------------------------9ef8d6205763%CR +Content-Disposition: form-data; name="file"; filename="test%TESTNUMBER.txt"%CR +Content-Type: text/plain%CR +%CR foo- This is a moo- bar - -------------------------------9ef8d6205763-- +%CR +------------------------------9ef8d6205763--%CR diff --git a/tests/data/test1055 b/tests/data/test1055 index c09561a4f0..6305ff017b 100644 --- a/tests/data/test1055 +++ b/tests/data/test1055 @@ -55,12 +55,12 @@ the # Verify data after the test has been "shot" -PUT /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 78 - +PUT /%TESTNUMBER HTTP/1.1%CR +Host: %HOSTIP:%HTTPPORT%CR +User-Agent: curl/%VERSION%CR +Accept: */*%CR +Content-Length: 78%CR +%CR Weird file to @@ -70,13 +70,13 @@ for the PUT feature -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -STOR %TESTNUMBER -QUIT +USER anonymous%CR +PASS ftp@example.com%CR +PWD%CR +EPSV%CR +TYPE I%CR +STOR %TESTNUMBER%CR +QUIT%CR Weird diff --git a/tests/data/test1060 b/tests/data/test1060 index 6e557a1c5f..25abe36225 100644 --- a/tests/data/test1060 +++ b/tests/data/test1060 @@ -37,20 +37,20 @@ daniel # then this is returned when we get proxy-auth -HTTP/1.1 200 OK +HTTP/1.1 200 OK%CR Server: no - +%CR -HTTP/1.1 407 Authorization Required to proxy me my dear -Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345" -Content-Length: 35701 -X-tra-long-header: %repeat[16080 x a]% - -HTTP/1.1 200 OK +HTTP/1.1 407 Authorization Required to proxy me my dear%CR +Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345"%CR +Content-Length: 35701%CR +X-tra-long-header: %repeat[16080 x a]%%CR +%CR +HTTP/1.1 200 OK%CR Server: no - +%CR HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Content-Length: 7 diff --git a/tests/data/test1061 b/tests/data/test1061 index 74e2c44d00..94e0c205ad 100644 --- a/tests/data/test1061 +++ b/tests/data/test1061 @@ -16,16 +16,16 @@ HTTP proxy Digest auth # this is returned first since we get no proxy-auth -HTTP/1.1 407 Authorization Required to proxy me my dear -Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345" -Transfer-Encoding: chunked -X-tra-long-header: %repeat[16080 x a]% - -9c41 +HTTP/1.1 407 Authorization Required to proxy me my dear%CR +Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345"%CR +Transfer-Encoding: chunked%CR +X-tra-long-header: %repeat[16080 x a]%%CR +%CR +9c41%CR %repeat[800 x And you should ignore this data. aaaaaaaaaaaaaaa %0a]% - -0 - +%CR +0%CR +%CR # this is returned when we get a GET! @@ -42,20 +42,20 @@ daniel # then this is returned when we get proxy-auth -HTTP/1.1 200 OK +HTTP/1.1 200 OK%CR Server: no - +%CR -HTTP/1.1 407 Authorization Required to proxy me my dear -Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345" -Transfer-Encoding: chunked -X-tra-long-header: %repeat[16080 x a]% - -HTTP/1.1 200 OK +HTTP/1.1 407 Authorization Required to proxy me my dear%CR +Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345"%CR +Transfer-Encoding: chunked%CR +X-tra-long-header: %repeat[16080 x a]%%CR +%CR +HTTP/1.1 200 OK%CR Server: no - +%CR HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Content-Length: 7 diff --git a/tests/data/test1066 b/tests/data/test1066 index 3cb465c107..fbd74c40af 100644 --- a/tests/data/test1066 +++ b/tests/data/test1066 @@ -54,27 +54,27 @@ Accept: */* -HTTP/1.1 200 OK -HTTP/1.1 200 OK -Server: thebest/1.0 -Server: thebest/1.0 -Content-Type: text/plain -Content-Type: text/plain -Content-Length: 6 -Content-Length: 6 - - +HTTP/1.1 200 OK%CR +HTTP/1.1 200 OK%CR +Server: thebest/1.0%CR +Server: thebest/1.0%CR +Content-Type: text/plain%CR +Content-Type: text/plain%CR +Content-Length: 6%CR +Content-Length: 6%CR +%CR +%CR first -HTTP/1.1 200 OK -HTTP/1.1 200 OK -Server: thebest/1.0 -Server: thebest/1.0 -Content-Type: text/plain -Content-Type: text/plain -Content-Length: 7 -Content-Length: 7 - - +HTTP/1.1 200 OK%CR +HTTP/1.1 200 OK%CR +Server: thebest/1.0%CR +Server: thebest/1.0%CR +Content-Type: text/plain%CR +Content-Type: text/plain%CR +Content-Length: 7%CR +Content-Length: 7%CR +%CR +%CR second diff --git a/tests/data/test1068 b/tests/data/test1068 index 7c0406236f..7c1be009ac 100644 --- a/tests/data/test1068 +++ b/tests/data/test1068 @@ -39,18 +39,18 @@ more than one byte # Verify data after the test has been "shot" -PUT /bzz/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Transfer-Encoding: chunked -Expect: 100-continue - -13 +PUT /bzz/%TESTNUMBER HTTP/1.1%CR +Host: %HOSTIP:%HTTPPORT%CR +User-Agent: curl/%VERSION%CR +Accept: */*%CR +Transfer-Encoding: chunked%CR +Expect: 100-continue%CR +%CR +13%CR more than one byte - -0 - +%CR +0%CR +%CR diff --git a/tests/data/test1072 b/tests/data/test1072 index 42729a4f8f..7f8bba0d35 100644 --- a/tests/data/test1072 +++ b/tests/data/test1072 @@ -56,21 +56,21 @@ which is impossible in HTTP/1.0 25 -PUT /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Transfer-Encoding: chunked -Expect: 100-continue - -7a +PUT /%TESTNUMBER HTTP/1.1%CR +Host: %HOSTIP:%HTTPPORT%CR +User-Agent: curl/%VERSION%CR +Accept: */*%CR +Transfer-Encoding: chunked%CR +Expect: 100-continue%CR +%CR +7a%CR This is data we upload with PUT it comes from stdin so MUST be sent with chunked encoding which is impossible in HTTP/1.0 - -0 - +%CR +0%CR +%CR diff --git a/tests/data/test1073 b/tests/data/test1073 index cd41e789e0..0f79a81fae 100644 --- a/tests/data/test1073 +++ b/tests/data/test1073 @@ -50,21 +50,21 @@ which is impossible in HTTP/1.0 25 -PUT /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Transfer-Encoding: chunked -Expect: 100-continue - -7a +PUT /%TESTNUMBER HTTP/1.1%CR +Host: %HOSTIP:%HTTPPORT%CR +User-Agent: curl/%VERSION%CR +Accept: */*%CR +Transfer-Encoding: chunked%CR +Expect: 100-continue%CR +%CR +7a%CR This is data we upload with PUT it comes from stdin so MUST be sent with chunked encoding which is impossible in HTTP/1.0 - -0 - +%CR +0%CR +%CR diff --git a/tests/data/test1123 b/tests/data/test1123 index 594ff668cd..d0fc9fb066 100644 --- a/tests/data/test1123 +++ b/tests/data/test1123 @@ -11,30 +11,30 @@ Transfer-Encoding # Server-side -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Transfer-Encoding: deflate, chunked - -519 +HTTP/1.1 200 OK%CR +Date: Mon, 29 Nov 2004 21:56:53 GMT%CR +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29%CR +Vary: Accept-Encoding%CR +Content-Type: text/html; charset=ISO-8859-1%CR +Transfer-Encoding: deflate, chunked%CR +%CR +519%CR %hex[%78%9c%dc%58%db%6e%e3%36%10%7d%37%90%7f%60%fd%d4%02%b6%6e%b6%13%39%70%b4%28%72%d9%04%cd%36%c1%da%05%ba%4f%06%2d%d1%36%1b%49%14%48%ca%b9%3c%f4%db%3b%94%28%89%b1%1c%af%77%83%be%04%48%62%72%e6%9c%c3%e1%0c%49%93%99%7c%7a%4a%62%b4%21%5c%50%96%9e%75%5d%cb%e9%22%92%86%2c%a2%e9%ea%ac%7b%33%bd%eb%fb%fe%68%dc%77%bb%9f%82%ce%e4%97%8b%bb%f3%d9%b7%fb%4b%94%71%f6%0f%09%65%3f%a6%42%02%10%4d%bf%4d%67%97%5f%50%77%2d%65%76%6a%db%4b%4e%c4%3a%21%58%5a%29%91%f6%02%87%0f%24%8d%ec%65%d2%d7%3c%d1%77%ac%a1%15%c9%a8%0b%a2%5b%5a%41%07%a1%ca%a6%da%4d%6f%4e%a3%c0%3d%76%bd%89%6d%18%4a%44%84%25%99%e3%28%22%80%18%8f%fd%be%e3%f7%3d%17%39%c3%53%c7%3d%f5%c6%13%db%f0%1b%84%3c%53%1f%51%e0%39%ce%b0%ef%3a%7d%d7%47%8e%77%ea%c1%cf%40%53%2a%c4%ab%38%52%9c%90%b9%58%33%2e%83%30%e7%71%1d%8e%61%6f%e3%97%79%1c%17%70%84%d3%08%c5%74%d1%a6%16%10%1d%1e%11%a1%96%3a%67%49%52%52%52%82%24%63%b5%00%c7%fc%19%2d%19%47%61%4c%49%2a%fb%82%46%04%fd%f5%f5%16%49%8e%53%b1%84%8a%5a%30%8b%46%c8%50%de%19%0c%a2%02%e1%72%04%a5%5a%a9%70%55%df%25%8d%89%38%ea%e4%42%75%d4%18%e2%39%95%f8%c9%42%37%12%89%3c%cb%40%5f%a0%eb%d9%ec%be%57%fc%9d%f6%d0%15%b4%8f%3a%57%45%fb%e2%e6%7c%d6%43%b3%cb%db%3f%2f%e1%f3%f6%e2%77%80%5d%dd%dc%5e%f6%8a%e1%3f%df%dd%5f%5f%7e%85%36%0c%f0%48%62%88%a9%94%ea%67%4c%c8%9e%6e%e6%d0]hex% %hex[%19%7b%a0%44%14%da%28%cf%62%86%23%18%02%96%5a%9e%90%a8%99%75%0f%65%58%88%47%c6%23%d5%84%c8%d2%3c%59%14%f6%e9%f4%f6%a8%13%12%2e%e9%92%86%50%57%30%fd%41%38%f8%98%28%43%81%6a%3c%c1%08%c5%b4%20%1b%19%7b%24%9c%44%47%9d%c5%73%95%a4%1e%92%6b%f2%66%c6%ab%b2%58%47%9d%d9%1a%a8%08%c3%ef%82%a6%6a%33%09%48%6d%9d%6a%95%60%06%9b%0e%79%ce%51%27%c6%e9%2a%c7%2b%22%8a%18%48%ba%a1%9c%a5%09%0c%20%40%47%97%d0%58%1b%1b%2a%71%4c%e5%f3%5c%84%8c%93%60%74%e2%0f%ad%d1%c9%c4%de%b2%6f%81%33%c2%43%90%0c%06%96%7b%6c%60%2b%f3%16%1a%e6%f3%00%7b%6d%6c%20%0b%93%5e%d7%2c%cb%63%cc%9b%b1%8e%47%63%88%61%08%cb%79%db%d3%22%54%03%ba%03%cb%77%5f%11%5e%87%62%38%ca%60%9c%d1%2b%b4%11%0e%c7%c5%b9%e1%5b%23%67%62%eb%8e%e9%99%87%2c%07%5d%cf%ad%bc%da%f0]hex% %hex[%53%0e%e2%0f%6a%8c%31%80%c8%17%22%e4%34%93%70%44%8a%60%a0%4e%87%d7%a6%12%06%a5%4f%c3%f5%5c%ed%e5%e0%82%2c%71%1e%cb%89%6d%1a%4b%18%d4%7f%5e%1d%60%19%94%3d%d8%79%68%56%27%a5%ad%d6%8b%3d%b1%5b%ac%46%6c%cd%12%f2%b6%10%2c%60%ca%4b%15%75%78%da%26%43%eb%d6%02%8d%a6%5c%bd%1c%2e%07%60%ad%a4%68%8d%c8%e2%c5%3b%5c%04%c0%5a%44%d1%1a%91%17%9a%1d%2e%02%60%2d%a2%68%8d%48%b8%86%3d%46%62%b6%3a%5c%aa%a6%68%c1%46%a2%91%e5%59%72%b8%20%80%b5%94%a2%35%22%11%59%1c%2e%02%60%2d%a2%68%8d%08%13%4f%87%8b%00%58%8b%28%9a%51%2f%11%a9%f3%f2%07%6a%56%12%aa%ba%69%ba%b1%cc%73%0e%69%13%24%d0%eb%b7%ea%1a%85%d9%88%1f%28%c9%46%54%c5%d8%08%43%44%dd%1c%0e%57%51%68%2d%53%10%1b%9d%84%72%ce%f8%e1%4a%25%5e%6b%69%b2%59%d7%84%05%55%ad%a0%59%7a%62]hex% %hex[%87%1c%a4%e0%cb%cd%cc%fe%1b%9d%c3%e9%01%29%a3%79%82%6e%4b%c7%c4%ae%10%1a%af%be%a7%e4%9c%93%98%d4%99%6b%99%e7%fa%fe%16%9c%58%ae%67%c1%05%e9%0d%f7%1b%6c%75%af%3a%39%76%fc%51%8b%58%5d%b0%da%1c%75%2f%da%7d%71%da%05%2c%e7%62%ef%9a%cc%04%ce%51%02%13%5e%33%39%97%6b%f8%aa%86%9c%b5%4c%25%12%e7%12%6e%32%a2%0e%a9%ec%57%dd%da%a0%4f%60%9c%52%12%a3%a9%24%29%7c%c3%af%26%b6%e9%6c%51%a0%4a%bb%eb%fe%ef%02%af%22%a2%8a%6c%20%5b%74%ce%62%12%dc%3d%a6%84%d7%b8%c2%54%45%6a%9b%a1%56%bd%6a%09%ab%2f%78%4e%13%9a%62%69%ce%4e%72%b8%21%14%b5%81%82%d6%9d%96%d7%f3%8e%f7%b9%07%7b%b9%fb%9c%ae%ef%ef%e5%ba%7b%c7%85%a5%b1%3f%ea%bd%6e%f7%78%b8%cf%3d%de%4b%f6%c7%7b%bd%ce%5e%b7%3b%fa%4e%dc%df%09%6c%7f%64%83%d6%d8%e5%fd%6e%bb%fc%b0%26%32%78%32%c1%43%0c%ae%a3%b5%4e%6d%7c%46%f2%39%23%67%5d%4e%42%78%1d%28%9b%7a%49%d5%8b%b2%c1%99%1b%d9%51%43%ed%72%ec%24%ea%7b%0b%b8%4f%86%aa%18%3b%5d%3b%99%c6%e3%ac%45%dd%7e%b8%bd%c5%95%54%aa%0d%05%76%b8%b3%a3%5f%f5%6d%ea%b7%9d%5a%25%b6%de%69%0d%e2%ed%bc%b1%e2%de%86%e3%ff%2f%69%ce%4f%67%6c%38%78%67%c6%d4%fb%ea%e3%27%ca%f5%06%23%f7%1d%99%7a%81%a7%d8%c7%cf%d2%c0%73%86%27%ef%c8%d2%35%a1%49%84%e3%8f%9f%a8%e1%70%34%f0%de%91%a8%b0%0f%4f%7d%f1%33%79%32%2c%fa%ac%af%ff%2b%14%74%fe%03%00%00%ff%ff%82%33%11%a3%63%00%00%00%00%ff%ff%03%00%dd%38%8e%d1%0d]hex% -0 - +0%CR +%CR -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Transfer-Encoding: deflate, chunked - +HTTP/1.1 200 OK%CR +Date: Mon, 29 Nov 2004 21:56:53 GMT%CR +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29%CR +Vary: Accept-Encoding%CR +Content-Type: text/html; charset=ISO-8859-1%CR +Transfer-Encoding: deflate, chunked%CR +%CR @@ -45,15 +45,15 @@ Transfer-Encoding: deflate, chunked curl curl and libcurl Command line tool and library for client-side URL transfers. - curl and libcurl is a tool for transferring files -using URL syntax. It supports HTTP, HTTPS, FTP, -FTPS, DICT, TELNET, LDAP, FILE, and GOPHER, as -well as HTTP-post, HTTP-put, cookies, FTP upload, -resumed transfers, passwords, portnumbers, SSL -certificates, Kerberos, and proxies. It is powered -by libcurl, the client-side URL transfer library. -There are bindings to libcurl for over 20 -languages and environments. + curl and libcurl is a tool for transferring files%CR +using URL syntax. It supports HTTP, HTTPS, FTP,%CR +FTPS, DICT, TELNET, LDAP, FILE, and GOPHER, as%CR +well as HTTP-post, HTTP-put, cookies, FTP upload,%CR +resumed transfers, passwords, portnumbers, SSL%CR +certificates, Kerberos, and proxies. It is powered%CR +by libcurl, the client-side URL transfer library.%CR +There are bindings to libcurl for over 20%CR +languages and environments.%CR 5784.57 3.16 diff --git a/tests/data/test1133 b/tests/data/test1133 index 4b7cb321bc..a14dbe8ee9 100644 --- a/tests/data/test1133 +++ b/tests/data/test1133 @@ -46,60 +46,60 @@ foo ^(Content-Type: multipart/form-data;|Content-Type: multipart/mixed; boundary=|-------).* -POST /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 1324 -Content-Type: multipart/form-data; boundary=----------------------------24e78000bd32 - -------------------------------24e78000bd32 -Content-Disposition: form-data; name="file"; filename="faker,and;.txt" -Content-Type: mo/foo - +POST /we/want/%TESTNUMBER HTTP/1.1%CR +Host: %HOSTIP:%HTTPPORT%CR +User-Agent: curl/%VERSION%CR +Accept: */*%CR +Content-Length: 1324%CR +Content-Type: multipart/form-data; boundary=----------------------------24e78000bd32%CR +%CR +------------------------------24e78000bd32%CR +Content-Disposition: form-data; name="file"; filename="faker,and;.txt"%CR +Content-Type: mo/foo%CR +%CR foo bar This is a bar foo bar foo - -------------------------------24e78000bd32 -Content-Disposition: form-data; name="file2"; filename="test%TESTNUMBER,and;.txt" -Content-Type: text/plain - +%CR +------------------------------24e78000bd32%CR +Content-Disposition: form-data; name="file2"; filename="test%TESTNUMBER,and;.txt"%CR +Content-Type: text/plain%CR +%CR foo bar This is a bar foo bar foo - -------------------------------24e78000bd32 -Content-Disposition: form-data; name="file3" -Content-Type: multipart/mixed; boundary=----------------------------7f0e85a48b0b - -Content-Disposition: attachment; filename="test%TESTNUMBER,and;.txt" -Content-Type: m/f - +%CR +------------------------------24e78000bd32%CR +Content-Disposition: form-data; name="file3"%CR +Content-Type: multipart/mixed; boundary=----------------------------7f0e85a48b0b%CR +%CR +Content-Disposition: attachment; filename="test%TESTNUMBER,and;.txt"%CR +Content-Type: m/f%CR +%CR foo bar This is a bar foo bar foo - -Content-Disposition: attachment; filename="test%TESTNUMBER,and;.txt" -Content-Type: text/plain - +%CR +Content-Disposition: attachment; filename="test%TESTNUMBER,and;.txt"%CR +Content-Type: text/plain%CR +%CR foo bar This is a bar foo bar foo - - -Content-Disposition: form-data; name="a" - -{"field1":"value1","field2":"value2"} -Content-Disposition: form-data; name="b"; filename="param_b" -Content-Type: text/foo; charset=utf-8 - - \value1;type="whatever" -------------------------------24e78000bd32-- +%CR +%CR +Content-Disposition: form-data; name="a"%CR +%CR +{"field1":"value1","field2":"value2"}%CR +Content-Disposition: form-data; name="b"; filename="param_b"%CR +Content-Type: text/foo; charset=utf-8%CR +%CR + \value1;type="whatever" %CR +------------------------------24e78000bd32--%CR diff --git a/tests/data/test1158 b/tests/data/test1158 index 61394311ee..bc9f2d5719 100644 --- a/tests/data/test1158 +++ b/tests/data/test1158 @@ -47,53 +47,53 @@ foo ^(Content-Type: multipart/form-data;|Content-Type: multipart/mixed; boundary=|-------).* -POST /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 1006 -Content-Type: multipart/form-data; boundary=----------------------------24e78000bd32 - -------------------------------24e78000bd32 -Content-Disposition: form-data; name="file"; filename="test%TESTNUMBER%22.txt" -Content-Type: mo/foo - +POST /we/want/%TESTNUMBER HTTP/1.1%CR +Host: %HOSTIP:%HTTPPORT%CR +User-Agent: curl/%VERSION%CR +Accept: */*%CR +Content-Length: 1006%CR +Content-Type: multipart/form-data; boundary=----------------------------24e78000bd32%CR +%CR +------------------------------24e78000bd32%CR +Content-Disposition: form-data; name="file"; filename="test%TESTNUMBER%22.txt"%CR +Content-Type: mo/foo%CR +%CR foo bar This is a bar foo bar foo - -------------------------------24e78000bd32 -Content-Disposition: form-data; name="file2"; filename="test%TESTNUMBER%22.txt" -Content-Type: text/plain - +%CR +------------------------------24e78000bd32%CR +Content-Disposition: form-data; name="file2"; filename="test%TESTNUMBER%22.txt"%CR +Content-Type: text/plain%CR +%CR foo bar This is a bar foo bar foo - -------------------------------24e78000bd32 -Content-Disposition: form-data; name="file3" -Content-Type: multipart/mixed; boundary=----------------------------7f0e85a48b0b - -Content-Disposition: attachment; filename="test%TESTNUMBER%22.txt" -Content-Type: m/f - +%CR +------------------------------24e78000bd32%CR +Content-Disposition: form-data; name="file3"%CR +Content-Type: multipart/mixed; boundary=----------------------------7f0e85a48b0b%CR +%CR +Content-Disposition: attachment; filename="test%TESTNUMBER%22.txt"%CR +Content-Type: m/f%CR +%CR foo bar This is a bar foo bar foo - -Content-Disposition: attachment; filename="test%TESTNUMBER%22.txt" -Content-Type: text/plain - +%CR +Content-Disposition: attachment; filename="test%TESTNUMBER%22.txt"%CR +Content-Type: text/plain%CR +%CR foo bar This is a bar foo bar foo - - -------------------------------24e78000bd32-- +%CR +%CR +------------------------------24e78000bd32--%CR diff --git a/tests/data/test1186 b/tests/data/test1186 index 668459f8c5..e3157f36ca 100644 --- a/tests/data/test1186 +++ b/tests/data/test1186 @@ -47,53 +47,53 @@ foo ^(Content-Type: multipart/form-data;|Content-Type: multipart/mixed; boundary=|-------).* -POST /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 1002 -Content-Type: multipart/form-data; boundary=----------------------------24e78000bd32 - -------------------------------24e78000bd32 -Content-Disposition: form-data; name="file"; filename="test%TESTNUMBER\".txt" -Content-Type: mo/foo - +POST /we/want/%TESTNUMBER HTTP/1.1%CR +Host: %HOSTIP:%HTTPPORT%CR +User-Agent: curl/%VERSION%CR +Accept: */*%CR +Content-Length: 1002%CR +Content-Type: multipart/form-data; boundary=----------------------------24e78000bd32%CR +%CR +------------------------------24e78000bd32%CR +Content-Disposition: form-data; name="file"; filename="test%TESTNUMBER\".txt"%CR +Content-Type: mo/foo%CR +%CR foo bar This is a bar foo bar foo - -------------------------------24e78000bd32 -Content-Disposition: form-data; name="file2"; filename="test%TESTNUMBER\".txt" -Content-Type: text/plain - +%CR +------------------------------24e78000bd32%CR +Content-Disposition: form-data; name="file2"; filename="test%TESTNUMBER\".txt"%CR +Content-Type: text/plain%CR +%CR foo bar This is a bar foo bar foo - -------------------------------24e78000bd32 -Content-Disposition: form-data; name="file3" -Content-Type: multipart/mixed; boundary=----------------------------7f0e85a48b0b - -Content-Disposition: attachment; filename="test%TESTNUMBER\".txt" -Content-Type: m/f - +%CR +------------------------------24e78000bd32%CR +Content-Disposition: form-data; name="file3"%CR +Content-Type: multipart/mixed; boundary=----------------------------7f0e85a48b0b%CR +%CR +Content-Disposition: attachment; filename="test%TESTNUMBER\".txt"%CR +Content-Type: m/f%CR +%CR foo bar This is a bar foo bar foo - -Content-Disposition: attachment; filename="test%TESTNUMBER\".txt" -Content-Type: text/plain - +%CR +Content-Disposition: attachment; filename="test%TESTNUMBER\".txt"%CR +Content-Type: text/plain%CR +%CR foo bar This is a bar foo bar foo - - -------------------------------24e78000bd32-- +%CR +%CR +------------------------------24e78000bd32--%CR diff --git a/tests/data/test1189 b/tests/data/test1189 index d1f4a6a80d..3e5748eafd 100644 --- a/tests/data/test1189 +++ b/tests/data/test1189 @@ -46,66 +46,66 @@ foo ^(Content-Type: multipart/form-data;|-------).* -POST /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 1240 -Content-Type: multipart/form-data; boundary=----------------------------24e78000bd32 - -------------------------------24e78000bd32 -Content-Disposition: form-data; name="name" - -daniel -------------------------------24e78000bd32 -Content-Disposition: form-data; name="tool" - -curl -------------------------------24e78000bd32 -Content-Disposition: form-data; name="str1" - -@literal -------------------------------24e78000bd32 -Content-Disposition: form-data; name="str2" - - diff --git a/tests/data/test1273 b/tests/data/test1273 index b813b6435a..34708e10c5 100644 --- a/tests/data/test1273 +++ b/tests/data/test1273 @@ -31,10 +31,10 @@ Content-Length: 0 012345678 012345678 012345678 -HTTP/1.1 416 Invalid range -Connection: close -Content-Length: 0 - +HTTP/1.1 416 Invalid range%CR +Connection: close%CR +Content-Length: 0%CR +%CR diff --git a/tests/data/test1274 b/tests/data/test1274 index 1445cd265e..46e5f89999 100644 --- a/tests/data/test1274 +++ b/tests/data/test1274 @@ -11,17 +11,17 @@ header line folding # Server-side -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/ - fake - folded -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Content-Length: 6 -Connection: - close - +HTTP/1.1 200 OK%CR +Date: Tue, 09 Nov 2010 14:49:00 GMT%CR +Server: test-server/%CR + fake%CR + folded%CR +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT%CR +ETag: "21025-dc7-39462498"%CR +Content-Length: 6%CR +Connection: %CR + close%CR +%CR -foo- diff --git a/tests/data/test1277 b/tests/data/test1277 index 1e841b2d09..b229a0e1c2 100644 --- a/tests/data/test1277 +++ b/tests/data/test1277 @@ -12,33 +12,33 @@ Content-Encoding # Server-side -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Transfer-Encoding: gzip, chunked -Content-Encoding: deflate - -522 +HTTP/1.1 200 OK%CR +Date: Mon, 29 Nov 2004 21:56:53 GMT%CR +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29%CR +Vary: Accept-Encoding%CR +Content-Type: text/html; charset=ISO-8859-1%CR +Transfer-Encoding: gzip, chunked%CR +Content-Encoding: deflate%CR +%CR +522%CR %hex[%1f%8b%08%00%07%81%b0%63%02%ff%01%0b%05%f4%fa%78%da%dd%58%db%6e%e3%36%10%7d%37%90%7f%60%fd%d4%02%b6%6e%b6%13%39%70%b4%28%72%d9%04%cd%36%c1%da%05%ba%4f%06%2d%d1%36%1b%49%14%48%ca%b9%3c%f4%db%3b%94%28%89%b1%1c%af%77%83%be%04%48%62%72%e6%9c%c3%e1%0c%49%93%99%7c%7a%4a%62%b4%21%5c%50%96%9e%75%5d%cb%e9%22%92%86%2c%a2%e9%ea%ac%7b%33%bd%eb%fb%fe%68%dc%77%bb%9f%82%ce%e4%97%8b%bb%f3%d9%b7%fb%4b%94%71%f6%0f%09%65%3f%a6%42%02%10%4d%bf%4d%67%97%5f%50%77%2d%65%76%6a%db%4b%4e%c4%3a%21%58%5a%29%91%f6%02%87%0f%24%8d%ec%65%d2%d7%3c%d1%77%ac%a1%15%c9%a8%0b%a2%5b%5a%41%07%a1%ca%a6%da%4d%6f%4e%a3%c0%3d%76%bd%89%6d%18%4a%44%84%25%99%e3%28%22%80%18%8f%fd%be%e3%f7%3d%17%39%c3%53%c7%3d%f5%c6%13%db%f0%1b%84%3c%53%1f%51%e0%39%ce%b0%ef%3a%7d%d7%47%8e%77%ea%c1%cf%40%53%2a%c4%ab%38%52%9c%90%b9%58%33%2e%83%30%e7%71%1d%8e%61%6f%e3%97%79%1c%17%70%84%d3%08%c5%74%d1%a6%16%10%1d%1e%11%a1%96%3a%67%49%52%52%52%82%24%63%b5%00%c7%fc%19%2d%19%47%61%4c%49%2a%fb%82%46%04%fd%f5%f5%16%49%8e%53%b1%84%8a%5a%30%8b%46%c8%50%de%19%0c%a2%02%e1%72%04%a5%5a%a9%70%55%df%25%8d%89%38%ea%e4%42%75%d4%18%e2%39%95%f8%c9%42%37%12%89%3c%cb%40%5f%a0%eb%d9%ec%be%57%fc%9d%f6%d0%15%b4%8f%3a%57%45%fb%e2%e6%7c%d6%43%b3%cb%db%3f%2f%e1%f3%f6%e2%77%80%5d%dd%dc%5e%f6%8a%e1%3f%df%dd%5f%5f%7e%85%36%0c%f0%48%62%88%a9%94%ea%67%4c%c8%9e%6e%e6%d0]hex% %hex[%19%7b%a0%44%14%da%28%cf%62%86%23%18%02%96%5a%9e%90%a8%99%75%0f%65%58%88%47%c6%23%d5%84%c8%d2%3c%59%14%f6%e9%f4%f6%a8%13%12%2e%e9%92%86%50%57%30%fd%41%38%f8%98%28%43%81%6a%3c%c1%08%c5%b4%20%1b%19%7b%24%9c%44%47%9d%c5%73%95%a4%1e%92%6b%f2%66%c6%ab%b2%58%47%9d%d9%1a%a8%08%c3%ef%82%a6%6a%33%09%48%6d%9d%6a%95%60%06%9b%0e%79%ce%51%27%c6%e9%2a%c7%2b%22%8a%18%48%ba%a1%9c%a5%09%0c%20%40%47%97%d0%58%1b%1b%2a%71%4c%e5%f3%5c%84%8c%93%60%74%e2%0f%ad%d1%c9%c4%de%b2%6f%81%33%c2%43%90%0c%06%96%7b%6c%60%2b%f3%16%1a%e6%f3%00%7b%6d%6c%20%0b%93%5e%d7%2c%cb%63%cc%9b%b1%8e%47%63%88%61%08%cb%79%db%d3%22%54%03%ba%03%cb%77%5f%11%5e%87%62%38%ca%60%9c%d1%2b%b4%11%0e%c7%c5%b9%e1%5b%23%67%62%eb%8e%e9%99%87%2c%07%5d%cf%ad%bc%da%f0]hex% %hex[%53%0e%e2%0f%6a%8c%31%80%c8%17%22%e4%34%93%70%44%8a%60%a0%4e%87%d7%a6%12%06%a5%4f%c3%f5%5c%ed%e5%e0%82%2c%71%1e%cb%89%6d%1a%4b%18%d4%7f%5e%1d%60%19%94%3d%d8%79%68%56%27%a5%ad%d6%8b%3d%b1%5b%ac%46%6c%cd%12%f2%b6%10%2c%60%ca%4b%15%75%78%da%26%43%eb%d6%02%8d%a6%5c%bd%1c%2e%07%60%ad%a4%68%8d%c8%e2%c5%3b%5c%04%c0%5a%44%d1%1a%91%17%9a%1d%2e%02%60%2d%a2%68%8d%48%b8%86%3d%46%62%b6%3a%5c%aa%a6%68%c1%46%a2%91%e5%59%72%b8%20%80%b5%94%a2%35%22%11%59%1c%2e%02%60%2d%a2%68%8d%08%13%4f%87%8b%00%58%8b%28%9a%51%2f%11%a9%f3%f2%07%6a%56%12%aa%ba%69%ba%b1%cc%73%0e%69%13%24%d0%eb%b7%ea%1a%85%d9%88%1f%28%c9%46%54%c5%d8%08%43%44%dd%1c%0e%57%51%68%2d%53%10%1b%9d%84%72%ce%f8%e1%4a%25%5e%6b%69%b2%59%d7%84%05%55%ad%a0%59%7a%62]hex% %hex[%87%1c%a4%e0%cb%cd%cc%fe%1b%9d%c3%e9%01%29%a3%79%82%6e%4b%c7%c4%ae%10%1a%af%be%a7%e4%9c%93%98%d4%99%6b%99%e7%fa%fe%16%9c%58%ae%67%c1%05%e9%0d%f7%1b%6c%75%af%3a%39%76%fc%51%8b%58%5d%b0%da%1c%75%2f%da%7d%71%da%05%2c%e7%62%ef%9a%cc%04%ce%51%02%13%5e%33%39%97%6b%f8%aa%86%9c%b5%4c%25%12%e7%12%6e%32%a2%0e%a9%ec%57%dd%da%a0%4f%60%9c%52%12%a3%a9%24%29%7c%c3%af%26%b6%e9%6c%51%a0%4a%bb%eb%fe%ef%02%af%22%a2%8a%6c%20%5b%74%ce%62%12%dc%3d%a6%84%d7%b8%c2%54%45%6a%9b%a1%56%3d%61%5c%c9%38%4d%68%8a%a5%39%3b%c9%e1%86%50%d4%06]hex% %hex[%5a%77%5a%5e%cf%3b%de%e7%1e%ec%e5%ee%73%ba%be%bf%97%eb%ee%1d%17%96%c6%fe%a8%f7%ba%dd%e3%e1%3e%f7%78%2f%d9%1f%ef%f5%3a%7b%dd%ee%e8%3b%71%7f%27%b0%fd%91%0d%5a%63%97%f7%bb%ed%f2%c3%9a%c8%e0%c9%04%0f%31%b8%8e%d6%3a%b5%f1%19%c9%e7%8c%9c%75%39%09%e1%75%a0%6c%ea%25%55%2f%ca%06%67%6e%64%47%0d%b5%cb%b1%93%a8%ef%2d%e0%3e%19%aa%62%ec%74%ed%64%1a%8f%b3%16%75%fb%e1%f6%16%57%52%a9%36%14%d8%e1%ce%8e%7e%d5%b7%a9%df%76%6a%95%d8%7a%a7%35%88%b7%f3%c6%8a%7b%1b%8e%ff%bf%a4%39%3f%9d%b1%e1%e0%9d%19%53%ef%ab%8f%9f%28%d7%1b%8c%dc%77%64%ea%05%9e%62%1f%3f%4b%03%cf%19%9e%bc%23%4b%d7%84%26%11%8e%3f%7e%a2%86%c3%d1%c0%7b%47%a2%c2%3e%3c%f5%c5%cf%e4%c9%b0%e8%b3%be%fe%af%50%d0%a9%9b%cd%7f%c7%fe%03%dd%38%8e%d1%d3%ef%e8%18%0b%05%00%00%0d]hex% -0 - +0%CR +%CR -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Transfer-Encoding: gzip, chunked -Content-Encoding: deflate - +HTTP/1.1 200 OK%CR +Date: Mon, 29 Nov 2004 21:56:53 GMT%CR +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29%CR +Vary: Accept-Encoding%CR +Content-Type: text/html; charset=ISO-8859-1%CR +Transfer-Encoding: gzip, chunked%CR +Content-Encoding: deflate%CR +%CR @@ -49,15 +49,15 @@ Content-Encoding: deflate curl curl and libcurl Command line tool and library for client-side URL transfers. - curl and libcurl is a tool for transferring files -using URL syntax. It supports HTTP, HTTPS, FTP, -FTPS, DICT, TELNET, LDAP, FILE, and GOPHER, as -well as HTTP-post, HTTP-put, cookies, FTP upload, -resumed transfers, passwords, portnumbers, SSL -certificates, Kerberos, and proxies. It is powered -by libcurl, the client-side URL transfer library. -There are bindings to libcurl for over 20 -languages and environments. + curl and libcurl is a tool for transferring files%CR +using URL syntax. It supports HTTP, HTTPS, FTP,%CR +FTPS, DICT, TELNET, LDAP, FILE, and GOPHER, as%CR +well as HTTP-post, HTTP-put, cookies, FTP upload,%CR +resumed transfers, passwords, portnumbers, SSL%CR +certificates, Kerberos, and proxies. It is powered%CR +by libcurl, the client-side URL transfer library.%CR +There are bindings to libcurl for over 20%CR +languages and environments.%CR 5784.57 3.16 diff --git a/tests/data/test1288 b/tests/data/test1288 index b14bf8aae7..4cb90520b3 100644 --- a/tests/data/test1288 +++ b/tests/data/test1288 @@ -73,22 +73,22 @@ Accept: */* # Must not suppress in --verbose and --trace # Must not suppress in statistics (eg received header byte total) -HTTP/1.1 200 OK -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Server: test-server/fake -Content-Type: text/html -Content-Type: text/html -Funny-head: yesyes -Funny-head: yesyes -Content-Length: 9 -Content-Length: 9 -Connection: keep-alive -Connection: keep-alive - - +HTTP/1.1 200 OK%CR +HTTP/1.1 200 OK%CR +Date: Tue, 09 Nov 2010 14:49:00 GMT%CR +Date: Tue, 09 Nov 2010 14:49:00 GMT%CR +Server: test-server/fake%CR +Server: test-server/fake%CR +Content-Type: text/html%CR +Content-Type: text/html%CR +Funny-head: yesyes%CR +Funny-head: yesyes%CR +Content-Length: 9%CR +Content-Length: 9%CR +Connection: keep-alive%CR +Connection: keep-alive%CR +%CR +%CR contents CONNECT CODE: 200 diff --git a/tests/data/test1315 b/tests/data/test1315 index 94b3c48970..01fd8d6424 100644 --- a/tests/data/test1315 +++ b/tests/data/test1315 @@ -46,41 +46,41 @@ dummy data -----+\w+ -POST /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 845 -Content-Type: multipart/form-data; boundary=----------------------------9ef8d6205763 - -------------------------------9ef8d6205763 -Content-Disposition: form-data; name="name" - -value -------------------------------9ef8d6205763 -Content-Disposition: form-data; name="file" -Content-Type: multipart/mixed; boundary=----------------------------aaaaaaaaaaaa - -Content-Disposition: attachment; filename="test%TESTNUMBER.txt" -Content-Type: text/plain - +POST /we/want/%TESTNUMBER HTTP/1.1%CR +Host: %HOSTIP:%HTTPPORT%CR +User-Agent: curl/%VERSION%CR +Accept: */*%CR +Content-Length: 845%CR +Content-Type: multipart/form-data; boundary=----------------------------9ef8d6205763%CR +%CR +------------------------------9ef8d6205763%CR +Content-Disposition: form-data; name="name"%CR +%CR +value%CR +------------------------------9ef8d6205763%CR +Content-Disposition: form-data; name="file"%CR +Content-Type: multipart/mixed; boundary=----------------------------aaaaaaaaaaaa%CR +%CR +Content-Disposition: attachment; filename="test%TESTNUMBER.txt"%CR +Content-Type: text/plain%CR +%CR dummy data - -------------------------------9ef8d6205763 -Content-Disposition: attachment; filename="test%TESTNUMBER.txt" -Content-Type: magic/content - +%CR +------------------------------9ef8d6205763%CR +Content-Disposition: attachment; filename="test%TESTNUMBER.txt"%CR +Content-Type: magic/content%CR +%CR dummy data - -------------------------------9ef8d6205763 -Content-Disposition: attachment; filename="test%TESTNUMBER.txt" -Content-Type: text/plain - +%CR +------------------------------9ef8d6205763%CR +Content-Disposition: attachment; filename="test%TESTNUMBER.txt"%CR +Content-Type: text/plain%CR +%CR dummy data - -------------------------------aaaaaaaaaaaa-- - -------------------------------9ef8d6205763-- +%CR +------------------------------aaaaaaaaaaaa--%CR +%CR +------------------------------9ef8d6205763--%CR diff --git a/tests/data/test1319 b/tests/data/test1319 index 94fc74d4a0..6e9aeff5c0 100644 --- a/tests/data/test1319 +++ b/tests/data/test1319 @@ -27,7 +27,7 @@ To: fake@nowhere body -- - yours sincerely + yours sincerely%CR @@ -37,7 +37,7 @@ To: fake@nowhere body -- - yours sincerely + yours sincerely%CR diff --git a/tests/data/test1375 b/tests/data/test1375 index 2fc12d5648..9af026ba2e 100644 --- a/tests/data/test1375 +++ b/tests/data/test1375 @@ -9,14 +9,14 @@ HTTP GET # -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - +HTTP/1.1 200 OK%CR +Date: Tue, 09 Nov 2010 14:49:00 GMT%CR +Server: test-server/fake%CR +Content-Length: 6%CR +Connection: close%CR +Content-Type: text/html%CR +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange%CR +%CR 12345 diff --git a/tests/data/test1376 b/tests/data/test1376 index dd920d813e..d673bd7353 100644 --- a/tests/data/test1376 +++ b/tests/data/test1376 @@ -9,13 +9,13 @@ HTTP GET # -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html - +HTTP/1.1 200 OK%CR +Date: Tue, 09 Nov 2010 14:49:00 GMT%CR +Server: test-server/fake%CR +Content-Length: 6%CR +Connection: close%CR +Content-Type: text/html%CR +%CR 12345 diff --git a/tests/data/test1377 b/tests/data/test1377 index d8e623b21c..c2ade403d2 100644 --- a/tests/data/test1377 +++ b/tests/data/test1377 @@ -9,14 +9,14 @@ HTTP GET # -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 6 -Connection: close -Content-Type: text/html -Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange - +HTTP/1.1 200 OK%CR +Date: Tue, 09 Nov 2010 14:49:00 GMT%CR +Server: test-server/fake%CR +Content-Length: 6%CR +Connection: close%CR +Content-Type: text/html%CR +Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange%CR +%CR 12345 diff --git a/tests/data/test1404 b/tests/data/test1404 index f3b31be1e5..1cf0c676ea 100644 --- a/tests/data/test1404 +++ b/tests/data/test1404 @@ -51,44 +51,44 @@ dummy data -----+\w+ -POST /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 930 -Content-Type: multipart/form-data; boundary=----------------------------9ef8d6205763 - -------------------------------9ef8d6205763 -Content-Disposition: form-data; name="name" - -value -------------------------------9ef8d6205763 -Content-Disposition: form-data; name="file" -Content-Type: multipart/mixed; boundary=----------------------------aaaaaaaaaaaa - -Content-Disposition: attachment; filename="test%TESTNUMBER.txt" -Content-Type: text/plain - +POST /we/want/%TESTNUMBER HTTP/1.1%CR +Host: %HOSTIP:%HTTPPORT%CR +User-Agent: curl/%VERSION%CR +Accept: */*%CR +Content-Length: 930%CR +Content-Type: multipart/form-data; boundary=----------------------------9ef8d6205763%CR +%CR +------------------------------9ef8d6205763%CR +Content-Disposition: form-data; name="name"%CR +%CR +value%CR +------------------------------9ef8d6205763%CR +Content-Disposition: form-data; name="file"%CR +Content-Type: multipart/mixed; boundary=----------------------------aaaaaaaaaaaa%CR +%CR +Content-Disposition: attachment; filename="test%TESTNUMBER.txt"%CR +Content-Type: text/plain%CR +%CR dummy data - -------------------------------9ef8d6205763 -Content-Disposition: attachment; filename="test%TESTNUMBER.txt" -Content-Type: magic/content -Content-Transfer-Encoding: 8bit - +%CR +------------------------------9ef8d6205763%CR +Content-Disposition: attachment; filename="test%TESTNUMBER.txt"%CR +Content-Type: magic/content%CR +Content-Transfer-Encoding: 8bit%CR +%CR dummy data - -------------------------------9ef8d6205763 -Content-Disposition: attachment; filename="test%TESTNUMBER.txt" -Content-Type: text/plain -X-testheader-1: header 1 -X-testheader-2: header 2 - +%CR +------------------------------9ef8d6205763%CR +Content-Disposition: attachment; filename="test%TESTNUMBER.txt"%CR +Content-Type: text/plain%CR +X-testheader-1: header 1%CR +X-testheader-2: header 2%CR +%CR dummy data - -------------------------------aaaaaaaaaaaa-- - -------------------------------9ef8d6205763-- +%CR +------------------------------aaaaaaaaaaaa--%CR +%CR +------------------------------9ef8d6205763--%CR # curl's default user-agent varies with version, libraries etc. diff --git a/tests/data/test1416 b/tests/data/test1416 index 14d52475fb..e9983bebad 100644 --- a/tests/data/test1416 +++ b/tests/data/test1416 @@ -15,15 +15,15 @@ Server: fakeit/0.9 fakeitbad/1.0 Transfer-Encoding: chunked Connection: mooo -12345678123456789 -aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -30 -bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb -21;heresatest=moooo +12345678123456789%CR +aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa%CR +30%CR +bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb%CR +21;heresatest=moooo%CR cccccccccccccccccccccccccccccccc - -0 - +%CR +0%CR +%CR diff --git a/tests/data/test1417 b/tests/data/test1417 index 9af0a5b61f..e998724dd9 100644 --- a/tests/data/test1417 +++ b/tests/data/test1417 @@ -10,12 +10,12 @@ chunked Transfer-Encoding # Server-side -HTTP/1.1 200 funky chunky! -Server: fakeit/0.9 fakeitbad/1.0 -Transfer-Encoding: chunked -Trailer: chunky-trailer -Connection: mooo - +HTTP/1.1 200 funky chunky!%CR +Server: fakeit/0.9 fakeitbad/1.0%CR +Transfer-Encoding: chunked%CR +Trailer: chunky-trailer%CR +Connection: mooo%CR +%CR 40 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 30 @@ -28,14 +28,14 @@ chunky-trailer: header data -HTTP/1.1 200 funky chunky! -Server: fakeit/0.9 fakeitbad/1.0 -Transfer-Encoding: chunked -Trailer: chunky-trailer -Connection: mooo - +HTTP/1.1 200 funky chunky!%CR +Server: fakeit/0.9 fakeitbad/1.0%CR +Transfer-Encoding: chunked%CR +Trailer: chunky-trailer%CR +Connection: mooo%CR +%CR aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbcccccccccccccccccccccccccccccccc -chunky-trailer: header data +chunky-trailer: header data%CR diff --git a/tests/data/test1428 b/tests/data/test1428 index 3a6253a569..0004b21354 100644 --- a/tests/data/test1428 +++ b/tests/data/test1428 @@ -26,8 +26,8 @@ HTTP/1.1 200 Mighty fine indeed -HTTP/1.1 200 Mighty fine indeed - +HTTP/1.1 200 Mighty fine indeed%CR +%CR HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake swsclose diff --git a/tests/data/test1429 b/tests/data/test1429 index b9372aca2a..b9c6bd126d 100644 --- a/tests/data/test1429 +++ b/tests/data/test1429 @@ -9,17 +9,17 @@ HTTP/0.9 -HTTP/1.1 999 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT -ETag: "21025-dc7-39462498" -Accept-Ranges: bytes -Content-Length: 6 -Connection: close -Content-Type: text/html -Funny-head: yesyes - +HTTP/1.1 999 OK%CR +Date: Tue, 09 Nov 2010 14:49:00 GMT%CR +Server: test-server/fake%CR +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT%CR +ETag: "21025-dc7-39462498"%CR +Accept-Ranges: bytes%CR +Content-Length: 6%CR +Connection: close%CR +Content-Type: text/html%CR +Funny-head: yesyes%CR +%CR -foo- diff --git a/tests/data/test1434 b/tests/data/test1434 index b811510ee3..567fa56b5b 100644 --- a/tests/data/test1434 +++ b/tests/data/test1434 @@ -11,11 +11,11 @@ Resume # Some servers (e.g. Apache 1.2) respond this way to an invalid byte range -HTTP/1.1 200 OK -Connection: close -Content-Length: 100 -Content-Type: text/plain - +HTTP/1.1 200 OK%CR +Connection: close%CR +Content-Length: 100%CR +Content-Type: text/plain%CR +%CR 012345678 012345678 012345678 @@ -41,11 +41,11 @@ Content-Type: text/plain 012345678 012345678 012345678 -HTTP/1.1 200 OK -Connection: close -Content-Length: 100 -Content-Type: text/plain - +HTTP/1.1 200 OK%CR +Connection: close%CR +Content-Length: 100%CR +Content-Type: text/plain%CR +%CR diff --git a/tests/data/test1475 b/tests/data/test1475 index 3c43dda13e..1f11829d72 100644 --- a/tests/data/test1475 +++ b/tests/data/test1475 @@ -12,11 +12,11 @@ Resume # Server-side -HTTP/1.1 416 Invalid range -Connection: close -Content-Length: 0 +HTTP/1.1 416 Invalid range%CR +Connection: close%CR +Content-Length: 0%CR Content-Range: */100 - +%CR # The file data that exists at the start of the test must be included in @@ -32,11 +32,11 @@ Content-Range: */100 012345678 012345678 012345678 -HTTP/1.1 416 Invalid range -Connection: close -Content-Length: 0 +HTTP/1.1 416 Invalid range%CR +Connection: close%CR +Content-Length: 0%CR Content-Range: */100 - +%CR diff --git a/tests/data/test1482 b/tests/data/test1482 index 8b0a245c28..ab615f6c12 100644 --- a/tests/data/test1482 +++ b/tests/data/test1482 @@ -11,32 +11,32 @@ DELAY # Server-side -HTTP/1.1 200 funky chunky! -Server: fakeit/0.9 fakeitbad/1.0 -Transfer-Encoding: chunked, chunked -Connection: mooo - -40 -aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -30 -bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb -21;heresatest=moooo +HTTP/1.1 200 funky chunky!%CR +Server: fakeit/0.9 fakeitbad/1.0%CR +Transfer-Encoding: chunked, chunked%CR +Connection: mooo%CR +%CR +40%CR +aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa%CR +30%CR +bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb%CR +21;heresatest=moooo%CR cccccccccccccccccccccccccccccccc - -0 -chunky-trailer: header data -another-header: yes - +%CR +0%CR +chunky-trailer: header data%CR +another-header: yes%CR +%CR -HTTP/1.1 200 funky chunky! -Server: fakeit/0.9 fakeitbad/1.0 -Transfer-Encoding: chunked, chunked -Connection: mooo - +HTTP/1.1 200 funky chunky!%CR +Server: fakeit/0.9 fakeitbad/1.0%CR +Transfer-Encoding: chunked, chunked%CR +Connection: mooo%CR +%CR aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbcccccccccccccccccccccccccccccccc -chunky-trailer: header data -another-header: yes +chunky-trailer: header data%CR +another-header: yes%CR writedelay: 10 diff --git a/tests/data/test1483 b/tests/data/test1483 index 82ef88a84d..fee3c5e3f0 100644 --- a/tests/data/test1483 +++ b/tests/data/test1483 @@ -11,34 +11,34 @@ DELAY # Server-side -HTTP/1.1 200 funky chunky! -Server: fakeit/0.9 fakeitbad/1.0 -Transfer-Encoding: chunked -Transfer-Encoding: chunked -Connection: mooo - -40 -aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -30 -bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb -21;heresatest=moooo +HTTP/1.1 200 funky chunky!%CR +Server: fakeit/0.9 fakeitbad/1.0%CR +Transfer-Encoding: chunked%CR +Transfer-Encoding: chunked%CR +Connection: mooo%CR +%CR +40%CR +aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa%CR +30%CR +bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb%CR +21;heresatest=moooo%CR cccccccccccccccccccccccccccccccc - -0 -chunky-trailer: header data -another-header: yes - +%CR +0%CR +chunky-trailer: header data%CR +another-header: yes%CR +%CR -HTTP/1.1 200 funky chunky! -Server: fakeit/0.9 fakeitbad/1.0 -Transfer-Encoding: chunked -Transfer-Encoding: chunked -Connection: mooo - +HTTP/1.1 200 funky chunky!%CR +Server: fakeit/0.9 fakeitbad/1.0%CR +Transfer-Encoding: chunked%CR +Transfer-Encoding: chunked%CR +Connection: mooo%CR +%CR aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbcccccccccccccccccccccccccccccccc -chunky-trailer: header data -another-header: yes +chunky-trailer: header data%CR +another-header: yes%CR writedelay: 10 diff --git a/tests/data/test1493 b/tests/data/test1493 index 07821676a7..eaf67dc19d 100644 --- a/tests/data/test1493 +++ b/tests/data/test1493 @@ -11,32 +11,32 @@ DELAY # Server-side -HTTP/1.1 200 funky chunky! -Server: fakeit/0.9 fakeitbad/1.0 -Transfer-Encoding: identity, chunked -Connection: mooo - -40 -aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -30 -bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb -21;heresatest=moooo +HTTP/1.1 200 funky chunky!%CR +Server: fakeit/0.9 fakeitbad/1.0%CR +Transfer-Encoding: identity, chunked%CR +Connection: mooo%CR +%CR +40%CR +aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa%CR +30%CR +bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb%CR +21;heresatest=moooo%CR cccccccccccccccccccccccccccccccc - -0 -chunky-trailer: header data -another-header: yes - +%CR +0%CR +chunky-trailer: header data%CR +another-header: yes%CR +%CR -HTTP/1.1 200 funky chunky! -Server: fakeit/0.9 fakeitbad/1.0 -Transfer-Encoding: identity, chunked -Connection: mooo - +HTTP/1.1 200 funky chunky!%CR +Server: fakeit/0.9 fakeitbad/1.0%CR +Transfer-Encoding: identity, chunked%CR +Connection: mooo%CR +%CR aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbcccccccccccccccccccccccccccccccc -chunky-trailer: header data -another-header: yes +chunky-trailer: header data%CR +another-header: yes%CR diff --git a/tests/data/test1498 b/tests/data/test1498 index f26b790f8c..467730d3a5 100644 --- a/tests/data/test1498 +++ b/tests/data/test1498 @@ -39,18 +39,18 @@ http://%HOSTIP:%HTTPPORT/bzz/%TESTNUMBER -T . # Verify data after the test has been "shot" -PUT /bzz/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Transfer-Encoding: chunked -Expect: 100-continue - -1771 +PUT /bzz/%TESTNUMBER HTTP/1.1%CR +Host: %HOSTIP:%HTTPPORT%CR +User-Agent: curl/%VERSION%CR +Accept: */*%CR +Transfer-Encoding: chunked%CR +Expect: 100-continue%CR +%CR +1771%CR %repeat[2000 x hej]% - -0 - +%CR +0%CR +%CR diff --git a/tests/data/test1499 b/tests/data/test1499 index a3f28b0084..54fec71049 100644 --- a/tests/data/test1499 +++ b/tests/data/test1499 @@ -10,32 +10,32 @@ chunked Transfer-Encoding # Server-side -HTTP/1.1 200 funky chunky! -Server: fakeit/0.9 fakeitbad/1.0 -Transfer-Encoding: chunked -Trailer: chunky-trailer -Connection: mooo - -40 -aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -30 -bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb -21;heresatest=moooo +HTTP/1.1 200 funky chunky!%CR +Server: fakeit/0.9 fakeitbad/1.0%CR +Transfer-Encoding: chunked%CR +Trailer: chunky-trailer%CR +Connection: mooo%CR +%CR +40%CR +aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa%CR +30%CR +bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb%CR +21;heresatest=moooo%CR cccccccccccccccccccccccccccccccc - -0 -chunky-trailer: header data - +%CR +0%CR +chunky-trailer: header data%CR +%CR -HTTP/1.1 200 funky chunky! -Server: fakeit/0.9 fakeitbad/1.0 -Transfer-Encoding: chunked -Trailer: chunky-trailer -Connection: mooo - +HTTP/1.1 200 funky chunky!%CR +Server: fakeit/0.9 fakeitbad/1.0%CR +Transfer-Encoding: chunked%CR +Trailer: chunky-trailer%CR +Connection: mooo%CR +%CR aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbcccccccccccccccccccccccccccccccc -chunky-trailer: header data +chunky-trailer: header data%CR writedelay: 10 diff --git a/tests/data/test1525 b/tests/data/test1525 index cfcdfb2bbd..e9dbe67f2d 100644 --- a/tests/data/test1525 +++ b/tests/data/test1525 @@ -25,8 +25,8 @@ ETag: "21025-dc7-39462498" -HTTP/1.1 200 OK - +HTTP/1.1 200 OK%CR +%CR HTTP/1.1 200 OK swsclose Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test1540 b/tests/data/test1540 index fa3b157190..6533eac3a1 100644 --- a/tests/data/test1540 +++ b/tests/data/test1540 @@ -13,27 +13,27 @@ DELAY # Server-side -HTTP/1.1 200 OK swsclose -Transfer-Encoding: chunked -Trailer: MyCoolTrailerHeader - -4 -data -5 +HTTP/1.1 200 OK swsclose%CR +Transfer-Encoding: chunked%CR +Trailer: MyCoolTrailerHeader%CR +%CR +4%CR +data%CR +5%CR d474 - -0 -MyCoolTrailerHeader: amazingtrailer - +%CR +0%CR +MyCoolTrailerHeader: amazingtrailer%CR +%CR -HTTP/1.1 200 OK swsclose -Transfer-Encoding: chunked -Trailer: MyCoolTrailerHeader - +HTTP/1.1 200 OK swsclose%CR +Transfer-Encoding: chunked%CR +Trailer: MyCoolTrailerHeader%CR +%CR Got bytes but pausing! datad474 -MyCoolTrailerHeader: amazingtrailer +MyCoolTrailerHeader: amazingtrailer%CR writedelay: 10 diff --git a/tests/data/test1541 b/tests/data/test1541 index 9aaa90ddda..1f3e534dc7 100644 --- a/tests/data/test1541 +++ b/tests/data/test1541 @@ -12,16 +12,16 @@ DELAY # Server-side -HTTP/1.1 200 OK swsclose -Transfer-Encoding: chunked - -4 -data -5 +HTTP/1.1 200 OK swsclose%CR +Transfer-Encoding: chunked%CR +%CR +4%CR +data%CR +5%CR d474 - -0 - +%CR +0%CR +%CR CURLINFO_CONNECT_TIME_T on 1st header is OK @@ -30,9 +30,9 @@ CURLINFO_STARTTRANSFER_TIME_T on 1st header is OK CURLINFO_TOTAL_TIME_T on 1st header is OK CURLINFO_APPCONNECT_TIME_T on 1st header is OK CURLINFO_SPEED_DOWNLOAD_T on 1st header is OK -HTTP/1.1 200 OK swsclose -Transfer-Encoding: chunked - +HTTP/1.1 200 OK swsclose%CR +Transfer-Encoding: chunked%CR +%CR datad474 CURLINFO_CONNECT_TIME_T on done is OK CURLINFO_PRETRANSFER_TIME_T on done is OK diff --git a/tests/data/test163 b/tests/data/test163 index a3bf375309..14332c16c7 100644 --- a/tests/data/test163 +++ b/tests/data/test163 @@ -41,7 +41,7 @@ file newlinens? yes please - + %CR [tab][CR] too @@ -52,16 +52,16 @@ yes please ^(Content-Type: multipart/form-data;|------------).* -POST /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 322 -Content-Type: multipart/form-data; boundary=----------------------------c2d1767eb6ac - -------------------------------c2d1767eb6ac -Content-Disposition: form-data; name="name" - +POST /we/want/%TESTNUMBER HTTP/1.1%CR +Host: %HOSTIP:%HTTPPORT%CR +User-Agent: curl/%VERSION%CR +Accept: */*%CR +Content-Length: 322%CR +Content-Type: multipart/form-data; boundary=----------------------------c2d1767eb6ac%CR +%CR +------------------------------c2d1767eb6ac%CR +Content-Disposition: form-data; name="name"%CR +%CR contents from a @@ -69,14 +69,14 @@ file newlinens? yes please - + %CR [tab][CR] too - -------------------------------c2d1767eb6ac -Content-Disposition: form-data; name="tool" - -curl -------------------------------c2d1767eb6ac-- +%CR +------------------------------c2d1767eb6ac%CR +Content-Disposition: form-data; name="tool"%CR +%CR +curl%CR +------------------------------c2d1767eb6ac--%CR diff --git a/tests/data/test164 b/tests/data/test164 index 527c2919bf..978376e17f 100644 --- a/tests/data/test164 +++ b/tests/data/test164 @@ -12,30 +12,30 @@ HTTP GET # to avoid XML escaping problems). -HTTP/1.1 206 Partial Content swsclose -Date: Sat, 24 Apr 2004 09:24:49 GMT -Server: Apache/1.3.29 (Unix) mod_throttle/3.1.2 PHP/4.3.4 mod_fastcgi/2.4.0 -Last-Modified: Tue, 23 Mar 2004 08:23:14 GMT -ETag: "53814a-ec5-405ff3f2" -Accept-Ranges: bytes -Content-Length: 187 -Content-Type: multipart/byteranges; boundary=408a326132c - ---408a326132c -Content-type: text/html -Content-range: bytes 0-10/3781 - +HTTP/1.1 206 Partial Content swsclose%CR +Date: Sat, 24 Apr 2004 09:24:49 GMT%CR +Server: Apache/1.3.29 (Unix) mod_throttle/3.1.2 PHP/4.3.4 mod_fastcgi/2.4.0%CR +Last-Modified: Tue, 23 Mar 2004 08:23:14 GMT%CR +ETag: "53814a-ec5-405ff3f2"%CR +Accept-Ranges: bytes%CR +Content-Length: 187%CR +Content-Type: multipart/byteranges; boundary=408a326132c%CR +%CR +--408a326132c%CR +Content-type: text/html%CR +Content-range: bytes 0-10/3781%CR +%CR {html} {hea - ---408a326132c -Content-type: text/html -Content-range: bytes 12-15/3781 - +%CR +--408a326132c%CR +Content-type: text/html%CR +Content-range: bytes 12-15/3781%CR +%CR } {t - ---408a326132c-- +%CR +--408a326132c--%CR diff --git a/tests/data/test166 b/tests/data/test166 index 0951b2359d..86f6a60584 100644 --- a/tests/data/test166 +++ b/tests/data/test166 @@ -44,20 +44,20 @@ data inside the file ^(Content-Type: multipart/form-data;|------------).* -POST /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 235 -Content-Type: multipart/form-data; boundary=----------------------------b0b3d6d23991 - -------------------------------b0b3d6d23991 -Content-Disposition: form-data; name="name"; filename="fie ld %TESTNUMBER" -Content-Type: application/octet-stream - +POST /we/want/%TESTNUMBER HTTP/1.1%CR +Host: %HOSTIP:%HTTPPORT%CR +User-Agent: curl/%VERSION%CR +Accept: */*%CR +Content-Length: 235%CR +Content-Type: multipart/form-data; boundary=----------------------------b0b3d6d23991%CR +%CR +------------------------------b0b3d6d23991%CR +Content-Disposition: form-data; name="name"; filename="fie ld %TESTNUMBER"%CR +Content-Type: application/octet-stream%CR +%CR data inside the file - -------------------------------b0b3d6d23991-- +%CR +------------------------------b0b3d6d23991--%CR diff --git a/tests/data/test173 b/tests/data/test173 index 5e6f751697..e31f6d22dd 100644 --- a/tests/data/test173 +++ b/tests/data/test173 @@ -52,21 +52,21 @@ line8 ^(Content-Type: multipart/form-data;|------------).* -POST /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 378 -Content-Type: multipart/form-data; boundary=----------------------------5dbea401cd8c - -------------------------------5dbea401cd8c -Content-Disposition: form-data; name="field1" - -contents1 -------------------------------5dbea401cd8c -Content-Disposition: form-data; name="fileupload"; filename="%DEV_NULL" -Content-Type: text/x-null;format=x-curl - +POST /we/want/%TESTNUMBER HTTP/1.1%CR +Host: %HOSTIP:%HTTPPORT%CR +User-Agent: curl/%VERSION%CR +Accept: */*%CR +Content-Length: 378%CR +Content-Type: multipart/form-data; boundary=----------------------------5dbea401cd8c%CR +%CR +------------------------------5dbea401cd8c%CR +Content-Disposition: form-data; name="field1"%CR +%CR +contents1%CR +------------------------------5dbea401cd8c%CR +Content-Disposition: form-data; name="fileupload"; filename="%DEV_NULL"%CR +Content-Type: text/x-null;format=x-curl%CR +%CR line1 line2 line3 @@ -75,8 +75,8 @@ line5 line6 line7 line8 - -------------------------------5dbea401cd8c-- +%CR +------------------------------5dbea401cd8c--%CR diff --git a/tests/data/test1904 b/tests/data/test1904 index 5869485116..7fb82e44d0 100644 --- a/tests/data/test1904 +++ b/tests/data/test1904 @@ -27,8 +27,8 @@ HTTP/1.1 204 Sure go ahead -HTTP/1.1 204 Sure go ahead - +HTTP/1.1 204 Sure go ahead%CR +%CR HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake swsclose diff --git a/tests/data/test1940 b/tests/data/test1940 index b5ddd4c2b9..be2347e2d6 100644 --- a/tests/data/test1940 +++ b/tests/data/test1940 @@ -20,7 +20,7 @@ Set-Cookie: onecookie=data; Set-Cookie: secondcookie=2data; Set-Cookie: cookie3=data3; Blank: -Blank2: +Blank2:%CR Location: /%TESTNUMBER0002 diff --git a/tests/data/test1943 b/tests/data/test1943 index 194ff111be..c6c06d332d 100644 --- a/tests/data/test1943 +++ b/tests/data/test1943 @@ -9,23 +9,23 @@ CONNECT # Server-side -HTTP/1.1 200 funky chunky! -Server: fakeit/0.9 fakeitbad/1.0 +HTTP/1.1 200 funky chunky!%CR +Server: fakeit/0.9 fakeitbad/1.0%CR Date: Thu, 09 Nov 2010 14:49:00 GMT -Transfer-Encoding: chunked -Trailer: server -Connection: mooo - -40 -aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -30 -bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb -21;heresatest=moooo +Transfer-Encoding: chunked%CR +Trailer: server%CR +Connection: mooo%CR +%CR +40%CR +aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa%CR +30%CR +bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb%CR +21;heresatest=moooo%CR cccccccccccccccccccccccccccccccc - -0 -Server: sent-as-trailer - +%CR +0%CR +Server: sent-as-trailer%CR +%CR diff --git a/tests/data/test2002 b/tests/data/test2002 index 8fea4c110e..660901103c 100644 --- a/tests/data/test2002 +++ b/tests/data/test2002 @@ -76,24 +76,24 @@ moo ^timeout = [5-6]$ -GET /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE %TESTNUMBER0002 -RETR %TESTNUMBER0002 +GET /%TESTNUMBER0001 HTTP/1.1%CR +Host: %HOSTIP:%HTTPPORT%CR +User-Agent: curl/%VERSION%CR +Accept: */*%CR +%CR +USER anonymous%CR +PASS ftp@example.com%CR +PWD%CR +EPSV%CR +TYPE I%CR +SIZE %TESTNUMBER0002%CR +RETR %TESTNUMBER0002%CR opcode = 1 mode = octet tsize = 0 blksize = 512 filename = /%TESTNUMBER0003 -QUIT +QUIT%CR -foo- diff --git a/tests/data/test2003 b/tests/data/test2003 index 58a9d9580c..ce5fcbcb6f 100644 --- a/tests/data/test2003 +++ b/tests/data/test2003 @@ -76,18 +76,18 @@ moo ^timeout = [5-6]$ -GET /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -USER anonymous -PASS ftp@example.com -PWD -EPSV -TYPE I -SIZE %TESTNUMBER0002 -RETR %TESTNUMBER0002 +GET /%TESTNUMBER0001 HTTP/1.1%CR +Host: %HOSTIP:%HTTPPORT%CR +User-Agent: curl/%VERSION%CR +Accept: */*%CR +%CR +USER anonymous%CR +PASS ftp@example.com%CR +PWD%CR +EPSV%CR +TYPE I%CR +SIZE %TESTNUMBER0002%CR +RETR %TESTNUMBER0002%CR opcode = 1 mode = octet tsize = 0 @@ -98,15 +98,15 @@ mode = octet tsize = 0 blksize = 512 filename = /%TESTNUMBER0003 -EPSV -SIZE %TESTNUMBER0002 -RETR %TESTNUMBER0002 -GET /%TESTNUMBER0001 HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* - -QUIT +EPSV%CR +SIZE %TESTNUMBER0002%CR +RETR %TESTNUMBER0002%CR +GET /%TESTNUMBER0001 HTTP/1.1%CR +Host: %HOSTIP:%HTTPPORT%CR +User-Agent: curl/%VERSION%CR +Accept: */*%CR +%CR +QUIT%CR -foo- diff --git a/tests/data/test206 b/tests/data/test206 index 36bb5391d8..7a2acac700 100644 --- a/tests/data/test206 +++ b/tests/data/test206 @@ -41,19 +41,19 @@ daniel # then this is returned when we get proxy-auth -HTTP/1.1 200 OK +HTTP/1.1 200 OK%CR Server: no - +%CR -HTTP/1.1 407 Authorization Required to proxy me my dear -Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345" -Content-Length: 33 - -HTTP/1.1 200 OK +HTTP/1.1 407 Authorization Required to proxy me my dear%CR +Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345"%CR +Content-Length: 33%CR +%CR +HTTP/1.1 200 OK%CR Server: no - +%CR HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Content-Length: 7 diff --git a/tests/data/test207 b/tests/data/test207 index 6d7e5c382b..afbd44f10e 100644 --- a/tests/data/test207 +++ b/tests/data/test207 @@ -17,9 +17,9 @@ Server: fakeit/0.9 fakeitbad/1.0 Transfer-Encoding: chunked Connection: mooo -41 +41%CR aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa - +%CR HTTP/1.1 200 funky chunky! swsclose diff --git a/tests/data/test208 b/tests/data/test208 index d66f5cd17a..9d10a14d02 100644 --- a/tests/data/test208 +++ b/tests/data/test208 @@ -51,14 +51,14 @@ the # Verify data after the test has been "shot" -PUT ftp://daniel:mysecret@host.com/we/want/%TESTNUMBER HTTP/1.1 -Host: host.com:21 -Authorization: Basic %b64[daniel:mysecret]b64% -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 78 - +PUT ftp://daniel:mysecret@host.com/we/want/%TESTNUMBER HTTP/1.1%CR +Host: host.com:21%CR +Authorization: Basic %b64[daniel:mysecret]b64%%CR +User-Agent: curl/%VERSION%CR +Accept: */*%CR +Proxy-Connection: Keep-Alive%CR +Content-Length: 78%CR +%CR Weird file to diff --git a/tests/data/test209 b/tests/data/test209 index 48ccde271c..e856cb098a 100644 --- a/tests/data/test209 +++ b/tests/data/test209 @@ -45,21 +45,21 @@ daniel # then this is returned when we get proxy-auth -HTTP/1.1 200 OK swsbounce +HTTP/1.1 200 OK swsbounce%CR Server: no - +%CR Nice proxy auth sir! -HTTP/1.1 407 Authorization Required to proxy me my dear -Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== -Content-Length: 33 - -HTTP/1.1 200 Things are fine in proxy land -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 - +HTTP/1.1 407 Authorization Required to proxy me my dear%CR +Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==%CR +Content-Length: 33%CR +%CR +HTTP/1.1 200 Things are fine in proxy land%CR +Server: Microsoft-IIS/5.0%CR +Content-Type: text/html; charset=iso-8859-1%CR +%CR HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Content-Length: 7 diff --git a/tests/data/test213 b/tests/data/test213 index 909c847807..81b2122bdf 100644 --- a/tests/data/test213 +++ b/tests/data/test213 @@ -45,21 +45,21 @@ daniel # then this is returned when we get proxy-auth -HTTP/1.1 200 OK swsbounce +HTTP/1.1 200 OK swsbounce%CR Server: no - +%CR Nice proxy auth sir! -HTTP/1.1 407 Authorization Required to proxy me my dear -Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== -Content-Length: 33 - -HTTP/1.1 200 Things are fine in proxy land -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 - +HTTP/1.1 407 Authorization Required to proxy me my dear%CR +Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==%CR +Content-Length: 33%CR +%CR +HTTP/1.1 200 Things are fine in proxy land%CR +Server: Microsoft-IIS/5.0%CR +Content-Type: text/html; charset=iso-8859-1%CR +%CR HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Content-Length: 7 diff --git a/tests/data/test218 b/tests/data/test218 index 8d1a673ca4..656450c341 100644 --- a/tests/data/test218 +++ b/tests/data/test218 @@ -40,17 +40,17 @@ just some tiny teeny contents # Verify data after the test has been "shot" -PUT /%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPPORT -User-Agent: curl/%VERSION -Accept: */* -Transfer-Encoding: chunked - -1e +PUT /%TESTNUMBER HTTP/1.1%CR +Host: %HOSTIP:%HTTPPORT%CR +User-Agent: curl/%VERSION%CR +Accept: */*%CR +Transfer-Encoding: chunked%CR +%CR +1e%CR just some tiny teeny contents - -0 - +%CR +0%CR +%CR diff --git a/tests/data/test222 b/tests/data/test222 index edcc3488d7..e1b3bceb3a 100644 --- a/tests/data/test222 +++ b/tests/data/test222 @@ -25,14 +25,14 @@ Content-Length: 1305 -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Content-Encoding: deflate -Content-Length: 1305 - +HTTP/1.1 200 OK%CR +Date: Mon, 29 Nov 2004 21:56:53 GMT%CR +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29%CR +Vary: Accept-Encoding%CR +Content-Type: text/html; charset=ISO-8859-1%CR +Content-Encoding: deflate%CR +Content-Length: 1305%CR +%CR @@ -43,15 +43,15 @@ Content-Length: 1305 curl curl and libcurl Command line tool and library for client-side URL transfers. - curl and libcurl is a tool for transferring files -using URL syntax. It supports HTTP, HTTPS, FTP, -FTPS, DICT, TELNET, LDAP, FILE, and GOPHER, as -well as HTTP-post, HTTP-put, cookies, FTP upload, -resumed transfers, passwords, portnumbers, SSL -certificates, Kerberos, and proxies. It is powered -by libcurl, the client-side URL transfer library. -There are bindings to libcurl for over 20 -languages and environments. + curl and libcurl is a tool for transferring files%CR +using URL syntax. It supports HTTP, HTTPS, FTP,%CR +FTPS, DICT, TELNET, LDAP, FILE, and GOPHER, as%CR +well as HTTP-post, HTTP-put, cookies, FTP upload,%CR +resumed transfers, passwords, portnumbers, SSL%CR +certificates, Kerberos, and proxies. It is powered%CR +by libcurl, the client-side URL transfer library.%CR +There are bindings to libcurl for over 20%CR +languages and environments.%CR 5784.57 3.16 diff --git a/tests/data/test230 b/tests/data/test230 index 0a14e4c15f..45f0a7f884 100644 --- a/tests/data/test230 +++ b/tests/data/test230 @@ -25,14 +25,14 @@ Content-Length: 1328 -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Content-Encoding: deflate, identity, gzip -Content-Length: 1328 - +HTTP/1.1 200 OK%CR +Date: Mon, 29 Nov 2004 21:56:53 GMT%CR +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29%CR +Vary: Accept-Encoding%CR +Content-Type: text/html; charset=ISO-8859-1%CR +Content-Encoding: deflate, identity, gzip%CR +Content-Length: 1328%CR +%CR @@ -43,15 +43,15 @@ Content-Length: 1328 curl curl and libcurl Command line tool and library for client-side URL transfers. - curl and libcurl is a tool for transferring files -using URL syntax. It supports HTTP, HTTPS, FTP, -FTPS, DICT, TELNET, LDAP, FILE, and GOPHER, as -well as HTTP-post, HTTP-put, cookies, FTP upload, -resumed transfers, passwords, portnumbers, SSL -certificates, Kerberos, and proxies. It is powered -by libcurl, the client-side URL transfer library. -There are bindings to libcurl for over 20 -languages and environments. + curl and libcurl is a tool for transferring files%CR +using URL syntax. It supports HTTP, HTTPS, FTP,%CR +FTPS, DICT, TELNET, LDAP, FILE, and GOPHER, as%CR +well as HTTP-post, HTTP-put, cookies, FTP upload,%CR +resumed transfers, passwords, portnumbers, SSL%CR +certificates, Kerberos, and proxies. It is powered%CR +by libcurl, the client-side URL transfer library.%CR +There are bindings to libcurl for over 20%CR +languages and environments.%CR 5784.57 3.16 diff --git a/tests/data/test232 b/tests/data/test232 index 5b0cdb3015..94cb1b9f99 100644 --- a/tests/data/test232 +++ b/tests/data/test232 @@ -25,14 +25,14 @@ Content-Length: 1287 -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Content-Encoding: deflate -Content-Length: 1287 - +HTTP/1.1 200 OK%CR +Date: Mon, 29 Nov 2004 21:56:53 GMT%CR +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29%CR +Vary: Accept-Encoding%CR +Content-Type: text/html; charset=ISO-8859-1%CR +Content-Encoding: deflate%CR +Content-Length: 1287%CR +%CR @@ -43,15 +43,15 @@ Content-Length: 1287 curl curl and libcurl Command line tool and library for client-side URL transfers. - curl and libcurl is a tool for transferring files -using URL syntax. It supports HTTP, HTTPS, FTP, -FTPS, DICT, TELNET, LDAP, FILE, and GOPHER, as -well as HTTP-post, HTTP-put, cookies, FTP upload, -resumed transfers, passwords, portnumbers, SSL -certificates, Kerberos, and proxies. It is powered -by libcurl, the client-side URL transfer library. -There are bindings to libcurl for over 20 -languages and environments. + curl and libcurl is a tool for transferring files%CR +using URL syntax. It supports HTTP, HTTPS, FTP,%CR +FTPS, DICT, TELNET, LDAP, FILE, and GOPHER, as%CR +well as HTTP-post, HTTP-put, cookies, FTP upload,%CR +resumed transfers, passwords, portnumbers, SSL%CR +certificates, Kerberos, and proxies. It is powered%CR +by libcurl, the client-side URL transfer library.%CR +There are bindings to libcurl for over 20%CR +languages and environments.%CR 5784.57 3.16 diff --git a/tests/data/test258 b/tests/data/test258 index 5501ce9f8e..d361a3ade4 100644 --- a/tests/data/test258 +++ b/tests/data/test258 @@ -40,11 +40,11 @@ Proxy-Authenticate: Digest realm="many secrets", nonce="911" Proxy-Connection: close Content-Length: 0 -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - +HTTP/1.1 200 A OK%CR +Server: Microsoft-IIS/6.0%CR +Content-Type: text/html; charset=iso-8859-1%CR +Content-Length: 3%CR +%CR ok @@ -82,57 +82,57 @@ bar ^(Content-Type: multipart/form-data;|------).* -POST http://remotehost:54321/we/want/%TESTNUMBER HTTP/1.1 -Host: remotehost:54321 -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 433 -Content-Type: multipart/form-data; boundary=----------------------------7c633d5c27ce - -------------------------------7c633d5c27ce -Content-Disposition: form-data; name="name" - -daniel -------------------------------7c633d5c27ce -Content-Disposition: form-data; name="tool" - -curl -------------------------------7c633d5c27ce -Content-Disposition: form-data; name="file"; filename="test%TESTNUMBER.txt" -Content-Type: text/plain - +POST http://remotehost:54321/we/want/%TESTNUMBER HTTP/1.1%CR +Host: remotehost:54321%CR +User-Agent: curl/%VERSION%CR +Accept: */*%CR +Proxy-Connection: Keep-Alive%CR +Content-Length: 433%CR +Content-Type: multipart/form-data; boundary=----------------------------7c633d5c27ce%CR +%CR +------------------------------7c633d5c27ce%CR +Content-Disposition: form-data; name="name"%CR +%CR +daniel%CR +------------------------------7c633d5c27ce%CR +Content-Disposition: form-data; name="tool"%CR +%CR +curl%CR +------------------------------7c633d5c27ce%CR +Content-Disposition: form-data; name="file"; filename="test%TESTNUMBER.txt"%CR +Content-Type: text/plain%CR +%CR foo- This is a moo- bar - -------------------------------7c633d5c27ce-- -POST http://remotehost:54321/we/want/%TESTNUMBER HTTP/1.1 -Host: remotehost:54321 -Proxy-Authorization: Digest username="uuuser", realm="many secrets", nonce="911", uri="/we/want/%TESTNUMBER", response="2501654ca391f0b5c8c12a1da77e34cd" -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Content-Length: 433 -Content-Type: multipart/form-data; boundary=----------------------------7c633d5c27ce - -------------------------------7c633d5c27ce -Content-Disposition: form-data; name="name" - -daniel -------------------------------7c633d5c27ce -Content-Disposition: form-data; name="tool" - -curl -------------------------------7c633d5c27ce -Content-Disposition: form-data; name="file"; filename="test%TESTNUMBER.txt" -Content-Type: text/plain - +%CR +------------------------------7c633d5c27ce--%CR +POST http://remotehost:54321/we/want/%TESTNUMBER HTTP/1.1%CR +Host: remotehost:54321%CR +Proxy-Authorization: Digest username="uuuser", realm="many secrets", nonce="911", uri="/we/want/%TESTNUMBER", response="2501654ca391f0b5c8c12a1da77e34cd"%CR +User-Agent: curl/%VERSION%CR +Accept: */*%CR +Proxy-Connection: Keep-Alive%CR +Content-Length: 433%CR +Content-Type: multipart/form-data; boundary=----------------------------7c633d5c27ce%CR +%CR +------------------------------7c633d5c27ce%CR +Content-Disposition: form-data; name="name"%CR +%CR +daniel%CR +------------------------------7c633d5c27ce%CR +Content-Disposition: form-data; name="tool"%CR +%CR +curl%CR +------------------------------7c633d5c27ce%CR +Content-Disposition: form-data; name="file"; filename="test%TESTNUMBER.txt"%CR +Content-Type: text/plain%CR +%CR foo- This is a moo- bar - -------------------------------7c633d5c27ce-- +%CR +------------------------------7c633d5c27ce--%CR diff --git a/tests/data/test259 b/tests/data/test259 index 25ed26c98e..adf7c2f5f3 100644 --- a/tests/data/test259 +++ b/tests/data/test259 @@ -36,11 +36,11 @@ Server: test-server/fake Proxy-Authenticate: Digest realm="many secrets", nonce="911" Content-Length: 0 -HTTP/1.1 200 A OK -Server: Microsoft-IIS/6.0 -Content-Type: text/html; charset=iso-8859-1 -Content-Length: 3 - +HTTP/1.1 200 A OK%CR +Server: Microsoft-IIS/6.0%CR +Content-Type: text/html; charset=iso-8859-1%CR +Content-Length: 3%CR +%CR ok @@ -78,59 +78,59 @@ bar ^(Content-Type: multipart/form-data;|------).* -POST http://remotehost:54321/we/want/%TESTNUMBER HTTP/1.1 -Host: remotehost:54321 -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Expect: 100-continue -Content-Length: 433 -Content-Type: multipart/form-data; boundary=----------------------------7c633d5c27ce - -------------------------------7c633d5c27ce -Content-Disposition: form-data; name="name" - -daniel -------------------------------7c633d5c27ce -Content-Disposition: form-data; name="tool" - -curl -------------------------------7c633d5c27ce -Content-Disposition: form-data; name="file"; filename="test%TESTNUMBER.txt" -Content-Type: text/plain - +POST http://remotehost:54321/we/want/%TESTNUMBER HTTP/1.1%CR +Host: remotehost:54321%CR +User-Agent: curl/%VERSION%CR +Accept: */*%CR +Proxy-Connection: Keep-Alive%CR +Expect: 100-continue%CR +Content-Length: 433%CR +Content-Type: multipart/form-data; boundary=----------------------------7c633d5c27ce%CR +%CR +------------------------------7c633d5c27ce%CR +Content-Disposition: form-data; name="name"%CR +%CR +daniel%CR +------------------------------7c633d5c27ce%CR +Content-Disposition: form-data; name="tool"%CR +%CR +curl%CR +------------------------------7c633d5c27ce%CR +Content-Disposition: form-data; name="file"; filename="test%TESTNUMBER.txt"%CR +Content-Type: text/plain%CR +%CR foo- This is a moo- bar - -------------------------------7c633d5c27ce-- -POST http://remotehost:54321/we/want/%TESTNUMBER HTTP/1.1 -Host: remotehost:54321 -Proxy-Authorization: Digest username="uuuser", realm="many secrets", nonce="911", uri="/we/want/%TESTNUMBER", response="b479994d13e60f3aa192a67c5892ddc5" -User-Agent: curl/%VERSION -Accept: */* -Proxy-Connection: Keep-Alive -Expect: 100-continue -Content-Length: 433 -Content-Type: multipart/form-data; boundary=----------------------------7c633d5c27ce - -------------------------------7c633d5c27ce -Content-Disposition: form-data; name="name" - -daniel -------------------------------7c633d5c27ce -Content-Disposition: form-data; name="tool" - -curl -------------------------------7c633d5c27ce -Content-Disposition: form-data; name="file"; filename="test%TESTNUMBER.txt" -Content-Type: text/plain - +%CR +------------------------------7c633d5c27ce--%CR +POST http://remotehost:54321/we/want/%TESTNUMBER HTTP/1.1%CR +Host: remotehost:54321%CR +Proxy-Authorization: Digest username="uuuser", realm="many secrets", nonce="911", uri="/we/want/%TESTNUMBER", response="b479994d13e60f3aa192a67c5892ddc5"%CR +User-Agent: curl/%VERSION%CR +Accept: */*%CR +Proxy-Connection: Keep-Alive%CR +Expect: 100-continue%CR +Content-Length: 433%CR +Content-Type: multipart/form-data; boundary=----------------------------7c633d5c27ce%CR +%CR +------------------------------7c633d5c27ce%CR +Content-Disposition: form-data; name="name"%CR +%CR +daniel%CR +------------------------------7c633d5c27ce%CR +Content-Disposition: form-data; name="tool"%CR +%CR +curl%CR +------------------------------7c633d5c27ce%CR +Content-Disposition: form-data; name="file"; filename="test%TESTNUMBER.txt"%CR +Content-Type: text/plain%CR +%CR foo- This is a moo- bar - -------------------------------7c633d5c27ce-- +%CR +------------------------------7c633d5c27ce--%CR diff --git a/tests/data/test265 b/tests/data/test265 index fd17359b1c..3068c05f87 100644 --- a/tests/data/test265 +++ b/tests/data/test265 @@ -47,22 +47,22 @@ daniel # then this is returned when we get proxy-auth -HTTP/1.1 200 OK swsbounce +HTTP/1.1 200 OK swsbounce%CR Server: no - +%CR Nice proxy auth sir! -HTTP/1.0 407 Authorization Required to proxy me my dear -Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== -Connection: Keep-Alive -Content-Length: 1033 - -HTTP/1.1 200 Things are fine in proxy land -Server: Microsoft-IIS/5.0 -Content-Type: text/html; charset=iso-8859-1 - +HTTP/1.0 407 Authorization Required to proxy me my dear%CR +Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA==%CR +Connection: Keep-Alive%CR +Content-Length: 1033%CR +%CR +HTTP/1.1 200 Things are fine in proxy land%CR +Server: Microsoft-IIS/5.0%CR +Content-Type: text/html; charset=iso-8859-1%CR +%CR HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Content-Length: 7 diff --git a/tests/data/test266 b/tests/data/test266 index ca5705955c..5190abe004 100644 --- a/tests/data/test266 +++ b/tests/data/test266 @@ -11,32 +11,32 @@ DELAY # Server-side -HTTP/1.1 200 funky chunky! -Server: fakeit/0.9 fakeitbad/1.0 -Transfer-Encoding: chunked -Trailer: chunky-trailer -Connection: mooo - -40 -aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -30 -bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb -21;heresatest=moooo +HTTP/1.1 200 funky chunky!%CR +Server: fakeit/0.9 fakeitbad/1.0%CR +Transfer-Encoding: chunked%CR +Trailer: chunky-trailer%CR +Connection: mooo%CR +%CR +40%CR +aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa%CR +30%CR +bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb%CR +21;heresatest=moooo%CR cccccccccccccccccccccccccccccccc - -0 -chunky-trailer: header data - +%CR +0%CR +chunky-trailer: header data%CR +%CR -HTTP/1.1 200 funky chunky! -Server: fakeit/0.9 fakeitbad/1.0 -Transfer-Encoding: chunked -Trailer: chunky-trailer -Connection: mooo - +HTTP/1.1 200 funky chunky!%CR +Server: fakeit/0.9 fakeitbad/1.0%CR +Transfer-Encoding: chunked%CR +Trailer: chunky-trailer%CR +Connection: mooo%CR +%CR aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbcccccccccccccccccccccccccccccccc -chunky-trailer: header data +chunky-trailer: header data%CR writedelay: 10 diff --git a/tests/data/test275 b/tests/data/test275 index 124510d3b3..deec548ae8 100644 --- a/tests/data/test275 +++ b/tests/data/test275 @@ -30,9 +30,9 @@ Content-Length: 9 contents -HTTP/1.1 200 OK -Connected-fine: sure - +HTTP/1.1 200 OK%CR +Connected-fine: sure%CR +%CR HTTP/1.1 200 OK Date: Tue, 09 Nov 2010 14:49:00 GMT Server: test-server/fake diff --git a/tests/data/test3015 b/tests/data/test3015 index 7391d91643..cf535a29a2 100644 --- a/tests/data/test3015 +++ b/tests/data/test3015 @@ -23,19 +23,19 @@ Location: ./%TESTNUMBER0001 monster -HTTP/1.1 200 OK -Date: Sun, 13 Sep 2020 15:00 GMT -Transfer-Encoding: chunked -Connection: close -Content-Type: text/plain; charset=us-ascii - -0007 -bigger -0008 +HTTP/1.1 200 OK%CR +Date: Sun, 13 Sep 2020 15:00 GMT%CR +Transfer-Encoding: chunked%CR +Connection: close%CR +Content-Type: text/plain; charset=us-ascii%CR +%CR +0007%CR +bigger %CR +0008%CR monster - -0 - +%CR +0%CR +%CR diff --git a/tests/data/test304 b/tests/data/test304 index b7f7588c25..06feb3a382 100644 --- a/tests/data/test304 +++ b/tests/data/test304 @@ -45,28 +45,28 @@ HTTPS multipart formpost ^(Content-Type: multipart/form-data;|------).* -POST /we/want/%TESTNUMBER HTTP/1.1 -Host: %HOSTIP:%HTTPSPORT -User-Agent: curl/%VERSION -Accept: */* -Content-Length: 1410 -Content-Type: multipart/form-data; boundary=----------------------------qrstuvwxyz0123456789AB - -------------------------------qrstuvwxyz0123456789AB -Content-Disposition: form-data; name="name" - -daniel -------------------------------qrstuvwxyz0123456789AB -Content-Disposition: form-data; name="tool" - -curl -------------------------------qrstuvwxyz0123456789AB -Content-Disposition: form-data; name="file"; filename="test%TESTNUMBER.txt" -Content-Type: text/plain - +POST /we/want/%TESTNUMBER HTTP/1.1%CR +Host: %HOSTIP:%HTTPSPORT%CR +User-Agent: curl/%VERSION%CR +Accept: */*%CR +Content-Length: 1410%CR +Content-Type: multipart/form-data; boundary=----------------------------qrstuvwxyz0123456789AB%CR +%CR +------------------------------qrstuvwxyz0123456789AB%CR +Content-Disposition: form-data; name="name"%CR +%CR +daniel%CR +------------------------------qrstuvwxyz0123456789AB%CR +Content-Disposition: form-data; name="tool"%CR +%CR +curl%CR +------------------------------qrstuvwxyz0123456789AB%CR +Content-Disposition: form-data; name="file"; filename="test%TESTNUMBER.txt"%CR +Content-Type: text/plain%CR +%CR %repeat[1000 x a]% - -------------------------------qrstuvwxyz0123456789AB-- +%CR +------------------------------qrstuvwxyz0123456789AB--%CR diff --git a/tests/data/test31 b/tests/data/test31 index e4d5e4cad7..8d99df6da8 100644 --- a/tests/data/test31 +++ b/tests/data/test31 @@ -12,64 +12,64 @@ cookiejar -HTTP/1.1 200 OK -Date: Tue, 09 Nov 2010 14:49:00 GMT -Server: test-server/fake -Content-Length: 4 -Content-Type: text/html -Funny-head: yesyes +HTTP/1.1 200 OK%CR +Date: Tue, 09 Nov 2010 14:49:00 GMT%CR +Server: test-server/fake%CR +Content-Length: 4%CR +Content-Type: text/html%CR +Funny-head: yesyes%CR Set-Cookie: blankdomain=sure; domain=; path=/ -Set-Cookie: foobar=name; domain=anything.com; path=/ ; secure -Set-Cookie:ismatch=this ; domain=test31.curl; path=/silly/ -Set-Cookie:ISMATCH=this ; domain=test31.curl; path=/silly/ -Set-Cookie: overwrite=this ; domain=test31.curl; path=/overwrite/ -Set-Cookie: overwrite=this2 ; domain=test31.curl; path=/overwrite -Set-Cookie: sec1value=secure1 ; domain=test31.curl; path=/secure1/ ; secure -Set-Cookie: sec2value=secure2 ; domain=test31.curl; path=/secure2/ ; secure= -Set-Cookie: sec3value=secure3 ; domain=test31.curl; path=/secure3/ ; secure= -Set-Cookie: sec4value=secure4 ; secure=; domain=test31.curl; path=/secure4/ ; -Set-Cookie: sec5value=secure5 ; secure; domain=test31.curl; path=/secure5/ ; -Set-Cookie: sec6value=secure6 ; secure ; domain=test31.curl; path=/secure6/ ; -Set-Cookie: sec7value=secure7 ; secure ; domain=test31.curl; path=/secure7/ ; -Set-Cookie: sec8value=secure8 ; secure= ; domain=test31.curl; path=/secure8/ ; -Set-Cookie: secure=very1 ; secure=; domain=test31.curl; path=/secure9/; -Set-Cookie: httpo1=value1 ; domain=test31.curl; path=/p1/; httponly -Set-Cookie: httpo2=value2 ; domain=test31.curl; path=/p2/; httponly= -Set-Cookie: httpo3=value3 ; httponly; domain=test31.curl; path=/p3/; -Set-Cookie: httpo4=value4 ; httponly=; domain=test31.curl; path=/p4/; -Set-Cookie: httponly=myvalue1 ; domain=test31.curl; path=/p4/; httponly -Set-Cookie: httpandsec=myvalue2 ; domain=test31.curl; path=/p4/; httponly; secure -Set-Cookie: httpandsec2=myvalue3; domain=test31.curl; path=/p4/; httponly=; secure -Set-Cookie: httpandsec3=myvalue4 ; domain=test31.curl; path=/p4/; httponly; secure= -Set-Cookie: httpandsec4=myvalue5 ; domain=test31.curl; path=/p4/; httponly=; secure= -Set-Cookie: httpandsec5=myvalue6 ; domain=test31.curl; path=/p4/; secure; httponly= -Set-Cookie: httpandsec6=myvalue7 ; domain=test31.curl; path=/p4/; secure=; httponly= -Set-Cookie: httpandsec7=myvalue8 ; domain=test31.curl; path=/p4/; secure; httponly -Set-Cookie: httpandsec8=myvalue9; domain=test31.curl; path=/p4/; secure=; httponly -Set-Cookie: partmatch=present; domain=test31.curl ; path=/; -Set-Cookie:eat=this; domain=moo.foo.moo; -Set-Cookie: eat=this-too; domain=.foo.moo; -Set-Cookie: nodomainnovalue +Set-Cookie: foobar=name; domain=anything.com; path=/ ; secure%CR +Set-Cookie:ismatch=this ; domain=test31.curl; path=/silly/%CR +Set-Cookie:ISMATCH=this ; domain=test31.curl; path=/silly/%CR +Set-Cookie: overwrite=this ; domain=test31.curl; path=/overwrite/%CR +Set-Cookie: overwrite=this2 ; domain=test31.curl; path=/overwrite%CR +Set-Cookie: sec1value=secure1 ; domain=test31.curl; path=/secure1/ ; secure%CR +Set-Cookie: sec2value=secure2 ; domain=test31.curl; path=/secure2/ ; secure=%CR +Set-Cookie: sec3value=secure3 ; domain=test31.curl; path=/secure3/ ; secure=%CR +Set-Cookie: sec4value=secure4 ; secure=; domain=test31.curl; path=/secure4/ ; %CR +Set-Cookie: sec5value=secure5 ; secure; domain=test31.curl; path=/secure5/ ; %CR +Set-Cookie: sec6value=secure6 ; secure ; domain=test31.curl; path=/secure6/ ; %CR +Set-Cookie: sec7value=secure7 ; secure ; domain=test31.curl; path=/secure7/ ; %CR +Set-Cookie: sec8value=secure8 ; secure= ; domain=test31.curl; path=/secure8/ ; %CR +Set-Cookie: secure=very1 ; secure=; domain=test31.curl; path=/secure9/; %CR +Set-Cookie: httpo1=value1 ; domain=test31.curl; path=/p1/; httponly%CR +Set-Cookie: httpo2=value2 ; domain=test31.curl; path=/p2/; httponly=%CR +Set-Cookie: httpo3=value3 ; httponly; domain=test31.curl; path=/p3/;%CR +Set-Cookie: httpo4=value4 ; httponly=; domain=test31.curl; path=/p4/; %CR +Set-Cookie: httponly=myvalue1 ; domain=test31.curl; path=/p4/; httponly%CR +Set-Cookie: httpandsec=myvalue2 ; domain=test31.curl; path=/p4/; httponly; secure%CR +Set-Cookie: httpandsec2=myvalue3; domain=test31.curl; path=/p4/; httponly=; secure%CR +Set-Cookie: httpandsec3=myvalue4 ; domain=test31.curl; path=/p4/; httponly; secure=%CR +Set-Cookie: httpandsec4=myvalue5 ; domain=test31.curl; path=/p4/; httponly=; secure=%CR +Set-Cookie: httpandsec5=myvalue6 ; domain=test31.curl; path=/p4/; secure; httponly=%CR +Set-Cookie: httpandsec6=myvalue7 ; domain=test31.curl; path=/p4/; secure=; httponly=%CR +Set-Cookie: httpandsec7=myvalue8 ; domain=test31.curl; path=/p4/; secure; httponly%CR +Set-Cookie: httpandsec8=myvalue9; domain=test31.curl; path=/p4/; secure=; httponly%CR +Set-Cookie: partmatch=present; domain=test31.curl ; path=/;%CR +Set-Cookie:eat=this; domain=moo.foo.moo;%CR +Set-Cookie: eat=this-too; domain=.foo.moo;%CR +Set-Cookie: nodomainnovalue%CR %if large-time -Set-Cookie: nodomain=value; expires=Fri Feb 13 11:56:27 GMT 2525 -Set-Cookie: novalue; domain=reallysilly -Set-Cookie: test=yes; domain=foo.com; expires=Sat Feb 2 11:56:27 GMT 2525 -Set-Cookie: test2=yes; domain=se; expires=Sat Feb 2 11:56:27 GMT 2525 +Set-Cookie: nodomain=value; expires=Fri Feb 13 11:56:27 GMT 2525%CR +Set-Cookie: novalue; domain=reallysilly%CR +Set-Cookie: test=yes; domain=foo.com; expires=Sat Feb 2 11:56:27 GMT 2525%CR +Set-Cookie: test2=yes; domain=se; expires=Sat Feb 2 11:56:27 GMT 2525%CR %else -Set-Cookie: nodomain=value; expires=Fri Feb 13 11:56:27 GMT 2037 -Set-Cookie: novalue; domain=reallysilly -Set-Cookie: test=yes; domain=foo.com; expires=Sat Feb 2 11:56:27 GMT 2030 -Set-Cookie: test2=yes; domain=se; expires=Sat Feb 2 11:56:27 GMT 2030 +Set-Cookie: nodomain=value; expires=Fri Feb 13 11:56:27 GMT 2037%CR +Set-Cookie: novalue; domain=reallysilly%CR +Set-Cookie: test=yes; domain=foo.com; expires=Sat Feb 2 11:56:27 GMT 2030%CR +Set-Cookie: test2=yes; domain=se; expires=Sat Feb 2 11:56:27 GMT 2030%CR %endif -Set-Cookie: magic=yessir; path=/silly/; HttpOnly -Set-Cookie: blexp=yesyes; domain=test31.curl; domain=test31.curl; expiry=totally bad; -Set-Cookie: partialip=nono; domain=.0.0.1; -Set-Cookie: withspaces= yes within and around ; -Set-Cookie: withspaces2 =before equals; -Set-Cookie: prespace= yes before; -Set-Cookie: securewithspace=after ; secure = +Set-Cookie: magic=yessir; path=/silly/; HttpOnly%CR +Set-Cookie: blexp=yesyes; domain=test31.curl; domain=test31.curl; expiry=totally bad;%CR +Set-Cookie: partialip=nono; domain=.0.0.1;%CR +Set-Cookie: withspaces= yes within and around ;%CR +Set-Cookie: withspaces2 =before equals;%CR +Set-Cookie: prespace= yes before;%CR +Set-Cookie: securewithspace=after ; secure =%CR Set-Cookie: %hex[%c3%82%c2%b3%c3%83%5c%78%39%32%c3%83%5c%78%39%61%c3%83%5c%78%38%64%c3%83%5c%78%39%37]hex%=%96%A6g%9Ay%B0%A5g%A7tm%7C%95%9A - +%CR boo diff --git a/tests/data/test314 b/tests/data/test314 index 61ea85095c..4f14957a43 100644 --- a/tests/data/test314 +++ b/tests/data/test314 @@ -27,14 +27,14 @@ Content-Length: 1056 -HTTP/1.1 200 OK -Date: Mon, 29 Nov 2004 21:56:53 GMT -Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29 -Vary: Accept-Encoding -Content-Type: text/html; charset=ISO-8859-1 -Content-Encoding: br -Content-Length: 1056 - +HTTP/1.1 200 OK%CR +Date: Mon, 29 Nov 2004 21:56:53 GMT%CR +Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29%CR +Vary: Accept-Encoding%CR +Content-Type: text/html; charset=ISO-8859-1%CR +Content-Encoding: br%CR +Content-Length: 1056%CR +%CR @@ -45,15 +45,15 @@ Content-Length: 1056 curl curl and libcurl Command line tool and library for client-side URL transfers. - curl and libcurl is a tool for transferring files -using URL syntax. It supports HTTP, HTTPS, FTP, -FTPS, DICT, TELNET, LDAP, FILE, and GOPHER, as -well as HTTP-post, HTTP-put, cookies, FTP upload, -resumed transfers, passwords, portnumbers, SSL -certificates, Kerberos, and proxies. It is powered -by libcurl, the client-side URL transfer library. -There are bindings to libcurl for over 20 -languages and environments. + curl and libcurl is a tool for transferring files%CR +using URL syntax. It supports HTTP, HTTPS, FTP,%CR +FTPS, DICT, TELNET, LDAP, FILE, and GOPHER, as%CR +well as HTTP-post, HTTP-put, cookies, FTP upload,%CR +resumed transfers, passwords, portnumbers, SSL%CR +certificates, Kerberos, and proxies. It is powered%CR +by libcurl, the client-side URL transfer library.%CR +There are bindings to libcurl for over 20%CR +languages and environments.%CR 5784.57 3.16 diff --git a/tests/data/test320 b/tests/data/test320 index 93c1d1fd14..00615e5d71 100644 --- a/tests/data/test320 +++ b/tests/data/test320 @@ -10,9 +10,9 @@ TLS-SRP # Server-side -HTTP/1.0 200 OK -Content-type: text/html - +HTTP/1.0 200 OK%CR +Content-type: text/html%CR +%CR

This is GnuTLS

@@ -28,10 +28,10 @@ Content-type: text/html CipherAES-NNN-CBC MACSHA1 CiphersuiteSRP_SHA_AES_NNN_CBC_SHA1

-

Your HTTP header was:

Host: localhost:9011
-User-Agent: curl-test-suite
-Accept: */*
-
+
Your HTTP header was:
Host: localhost:9011%CR
+User-Agent: curl-test-suite%CR
+Accept: */*%CR
+%CR
 

 
 
diff --git a/tests/data/test3206 b/tests/data/test3206
index 1acc2c729d..676b85592b 100644
--- a/tests/data/test3206
+++ b/tests/data/test3206
@@ -15,7 +15,7 @@ CUSTOMREQUEST
 %repeat[120 x Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX%0d]%
 
 
-* 456 FETCH (BODY[TEXT] {7201}
+* 456 FETCH (BODY[TEXT] {7201}%CR
 %repeat[120 x Testing large IMAP literal with custom FETCH. XXXXXXXXXXXXX%0d]%
 
 
diff --git a/tests/data/test326 b/tests/data/test326
index d8c912a99b..4c3ed3e085 100644
--- a/tests/data/test326
+++ b/tests/data/test326
@@ -9,29 +9,29 @@ HTTP GET
 # Server-side
 
 
-HTTP/1.1 200 OK
-Date: Mon, 29 Nov 2004 21:56:53 GMT
-Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29
-Content-Type: text/html; charset=ISO-8859-1
-Transfer-Encoding: chunked
-
-18
+HTTP/1.1 200 OK%CR
+Date: Mon, 29 Nov 2004 21:56:53 GMT%CR
+Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29%CR
+Content-Type: text/html; charset=ISO-8859-1%CR
+Transfer-Encoding: chunked%CR
+%CR
+18%CR
 line 1
  line 2
   line 3
-
-0
-
+%CR
+0%CR
+%CR
 
 
 
-18
+18%CR
 line 1
  line 2
   line 3
-
-0
-
+%CR
+0%CR
+%CR
 
 
 
diff --git a/tests/data/test339 b/tests/data/test339
index e915548351..ce191e09cf 100644
--- a/tests/data/test339
+++ b/tests/data/test339
@@ -9,23 +9,23 @@ HTTP GET
 # Server-side
 
 
-HTTP/1.1 200 funky chunky!
-Server: fakeit/0.9 fakeitbad/1.0
-Transfer-Encoding: chunked
-Trailer: chunky-trailer
-Connection: mooo
-ETag: W/"asdf"
-
-40
-aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
-30
-bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
-21;heresatest=moooo
+HTTP/1.1 200 funky chunky!%CR
+Server: fakeit/0.9 fakeitbad/1.0%CR
+Transfer-Encoding: chunked%CR
+Trailer: chunky-trailer%CR
+Connection: mooo%CR
+ETag: W/"asdf"%CR
+%CR
+40%CR
+aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa%CR
+30%CR
+bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb%CR
+21;heresatest=moooo%CR
 cccccccccccccccccccccccccccccccc
-
-0
-chunky-trailer: header data
-
+%CR
+0%CR
+chunky-trailer: header data%CR
+%CR
 
 
 
diff --git a/tests/data/test34 b/tests/data/test34
index 175e537034..2af255cfee 100644
--- a/tests/data/test34
+++ b/tests/data/test34
@@ -15,15 +15,15 @@ Server: fakeit/0.9 fakeitbad/1.0
 Transfer-Encoding: chunked
 Connection: mooo
 
-40
-aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
-30
-bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
-21;heresatest=moooo
+40%CR
+aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa%CR
+30%CR
+bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb%CR
+21;heresatest=moooo%CR
 cccccccccccccccccccccccccccccccc
-
-0
-
+%CR
+0%CR
+%CR
 
 
 HTTP/1.1 200 funky chunky!
diff --git a/tests/data/test341 b/tests/data/test341
index 54f0da74a5..5b715c74a7 100644
--- a/tests/data/test341
+++ b/tests/data/test341
@@ -9,13 +9,13 @@ HTTP GET
 # Server-side
 
 
-HTTP/1.1 200 funky chunky!
-Server: fakeit/0.9 fakeitbad/1.0
-Transfer-Encoding: chunked
-Trailer: chunky-trailer
-Connection: mooo
-ETag: "asdf"
-
+HTTP/1.1 200 funky chunky!%CR
+Server: fakeit/0.9 fakeitbad/1.0%CR
+Transfer-Encoding: chunked%CR
+Trailer: chunky-trailer%CR
+Connection: mooo%CR
+ETag: "asdf"%CR
+%CR
 40
 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
 30
diff --git a/tests/data/test347 b/tests/data/test347
index 29790730b0..4940f0cc17 100644
--- a/tests/data/test347
+++ b/tests/data/test347
@@ -9,23 +9,23 @@ HTTP GET
 # Server-side
 
 
-HTTP/1.1 200 funky chunky!
-Server: fakeit/0.9 fakeitbad/1.0
-Transfer-Encoding: chunked
-Trailer: chunky-trailer
-Connection: mooo
-ETag:  
-
-40
-aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
-30
-bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
-21;heresatest=moooo
+HTTP/1.1 200 funky chunky!%CR
+Server: fakeit/0.9 fakeitbad/1.0%CR
+Transfer-Encoding: chunked%CR
+Trailer: chunky-trailer%CR
+Connection: mooo%CR
+ETag:  %CR
+%CR
+40%CR
+aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa%CR
+30%CR
+bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb%CR
+21;heresatest=moooo%CR
 cccccccccccccccccccccccccccccccc
-
-0
-chunky-trailer: header data
-
+%CR
+0%CR
+chunky-trailer: header data%CR
+%CR
 
 
 
diff --git a/tests/data/test36 b/tests/data/test36
index ad819cc0ba..5ca66c8d46 100644
--- a/tests/data/test36
+++ b/tests/data/test36
@@ -16,11 +16,11 @@ Server: fakeit/0.9 fakeitbad/1.0
 Transfer-Encoding: chunked
 Connection: mooo
 
-2
+2%CR
 a
-
-ILLEGAL
-bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
+%CR
+ILLEGAL%CR
+bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb%CR
 
 
 HTTP/1.1 200 funky chunky!
diff --git a/tests/data/test363 b/tests/data/test363
index 57bb6d40f5..82d86f2de2 100644
--- a/tests/data/test363
+++ b/tests/data/test363
@@ -26,8 +26,8 @@ HTTP/1.1 200 Mighty fine indeed
 
 
 
-HTTP/1.1 200 Mighty fine indeed
-
+HTTP/1.1 200 Mighty fine indeed%CR
+%CR
 HTTP/1.1 200 OK
 Date: Tue, 09 Nov 2010 14:49:00 GMT
 Server: test-server/fake swsclose
diff --git a/tests/data/test365 b/tests/data/test365
index 39143aa199..0add463dec 100644
--- a/tests/data/test365
+++ b/tests/data/test365
@@ -19,10 +19,10 @@ Transfer-Encoding: chunked
 Content-Type: text/html
 Funny-head: yesyes
 
-10
-chunked data fun
-0
-
+10%CR
+chunked data fun%CR
+0%CR
+%CR
 
 
 HTTP/1.1 200 OK
diff --git a/tests/data/test373 b/tests/data/test373
index 4b282d0f0b..10f8404e0f 100644
--- a/tests/data/test373
+++ b/tests/data/test373
@@ -9,27 +9,27 @@ chunked Transfer-Encoding
 
 
 
-HTTP/1.1 200 OK
-Date: Thu, 22 Jul 2010 11:22:33 GMT
-Connection: close
-Content-Type: text/html
-Transfer-Encoding: chunked
-X-Control: swsclose
-
-100
+HTTP/1.1 200 OK%CR
+Date: Thu, 22 Jul 2010 11:22:33 GMT%CR
+Connection: close%CR
+Content-Type: text/html%CR
+Transfer-Encoding: chunked%CR
+X-Control: swsclose%CR
+%CR
+100%CR
 %repeat[255 x %00]%
-
-100
+%CR
+100%CR
 %repeat[255 x %00]%
-
-100
+%CR
+100%CR
 %repeat[255 x %00]%
-
-100
+%CR
+100%CR
 %repeat[255 x %00]%
-
-0
-
+%CR
+0%CR
+%CR
 
 
 
diff --git a/tests/data/test39 b/tests/data/test39
index d01fd3c95f..1ca61c8087 100644
--- a/tests/data/test39
+++ b/tests/data/test39
@@ -46,66 +46,66 @@ foo
 ^(Content-Type: multipart/form-data;|-------).*
 
 
-POST /we/want/%TESTNUMBER HTTP/1.1
-Host: %HOSTIP:%HTTPPORT
-User-Agent: curl/%VERSION
-Accept: */*
-Content-Length: 1234
-Content-Type: multipart/form-data; boundary=----------------------------24e78000bd32
-
-------------------------------24e78000bd32
-Content-Disposition: form-data; name="name"
-
-daniel
-------------------------------24e78000bd32
-Content-Disposition: form-data; name="tool"
-
-curl
-------------------------------24e78000bd32
-Content-Disposition: form-data; name="str1"
-
-@literal
-------------------------------24e78000bd32
-Content-Disposition: form-data; name="str2"
-
-
 
 
diff --git a/tests/data/test396 b/tests/data/test396
index 77bffc3c20..5dd3faed13 100644
--- a/tests/data/test396
+++ b/tests/data/test396
@@ -24,14 +24,14 @@ Content-Length: 1309
 
 
 
-HTTP/1.1 200 OK
-Date: Mon, 29 Nov 2004 21:56:53 GMT
-Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29
-Vary: Accept-Encoding
-Content-Type: text/html; charset=ISO-8859-1
-Content-Encoding: zstd
-Content-Length: 1309
-
+HTTP/1.1 200 OK%CR
+Date: Mon, 29 Nov 2004 21:56:53 GMT%CR
+Server: Apache/1.3.31 (Debian GNU/Linux) mod_gzip/1.3.26.1a PHP/4.3.9-1 mod_ssl/2.8.20 OpenSSL/0.9.7d mod_perl/1.29%CR
+Vary: Accept-Encoding%CR
+Content-Type: text/html; charset=ISO-8859-1%CR
+Content-Encoding: zstd%CR
+Content-Length: 1309%CR
+%CR
 
 
 
@@ -42,15 +42,15 @@ Content-Length: 1309
     curl
     curl and libcurl
     Command line tool and library for client-side URL transfers.
-    curl and libcurl is a tool for transferring files
-using URL syntax. It supports HTTP, HTTPS, FTP,
-FTPS, DICT, TELNET, LDAP, FILE, and GOPHER, as
-well as HTTP-post, HTTP-put, cookies, FTP upload,
-resumed transfers, passwords, portnumbers, SSL
-certificates, Kerberos, and proxies. It is powered
-by libcurl, the client-side URL transfer library.
-There are bindings to libcurl for over 20
-languages and environments.
+    curl and libcurl is a tool for transferring files%CR
+using URL syntax. It supports HTTP, HTTPS, FTP,%CR
+FTPS, DICT, TELNET, LDAP, FILE, and GOPHER, as%CR
+well as HTTP-post, HTTP-put, cookies, FTP upload,%CR
+resumed transfers, passwords, portnumbers, SSL%CR
+certificates, Kerberos, and proxies. It is powered%CR
+by libcurl, the client-side URL transfer library.%CR
+There are bindings to libcurl for over 20%CR
+languages and environments.%CR
 
     5784.57
     3.16
diff --git a/tests/data/test415 b/tests/data/test415
index c0e8a92d08..93172299f9 100644
--- a/tests/data/test415
+++ b/tests/data/test415
@@ -12,7 +12,7 @@ HTTP GET
 
 HTTP/1.1 200 OK swsclose
 Date: Tue, 09 Nov 2010 14:49:00 GMT
-Content-Length: 
-6
+Content-Length: %CR-6
 Content-Type: text/html
 Funny-head: yesyes
 
diff --git a/tests/data/test433 b/tests/data/test433
index 4d91fdce6b..c6c77d90bb 100644
--- a/tests/data/test433
+++ b/tests/data/test433
@@ -9,10 +9,10 @@
 # Server-side
 
 
-HTTP/1.1 200 OK
-Content-Length: 6
-Content-Type: text/1
-
+HTTP/1.1 200 OK%CR
+Content-Length: 6%CR
+Content-Type: text/1%CR
+%CR
 -foo-
 
 
diff --git a/tests/data/test44 b/tests/data/test44
index bc103e031b..02823b93ee 100644
--- a/tests/data/test44
+++ b/tests/data/test44
@@ -46,30 +46,30 @@ bar
 ^(Content-Type: multipart/form-data;|------).*
 
 
-POST /we/want/%TESTNUMBER HTTP/1.1
-Host: %HOSTIP:%HTTPPORT
-User-Agent: curl/%VERSION
-Accept: */*
-Content-Length: 432
-Content-Type: multipart/form-data; boundary=----------------------------7c633d5c27ce
-
-------------------------------7c633d5c27ce
-Content-Disposition: form-data; name="name"
-
-daniel
-------------------------------7c633d5c27ce
-Content-Disposition: form-data; name="tool"
-
-curl
-------------------------------7c633d5c27ce
-Content-Disposition: form-data; name="file"; filename="test%TESTNUMBER.txt"
-Content-Type: text/plain
-
+POST /we/want/%TESTNUMBER HTTP/1.1%CR
+Host: %HOSTIP:%HTTPPORT%CR
+User-Agent: curl/%VERSION%CR
+Accept: */*%CR
+Content-Length: 432%CR
+Content-Type: multipart/form-data; boundary=----------------------------7c633d5c27ce%CR
+%CR
+------------------------------7c633d5c27ce%CR
+Content-Disposition: form-data; name="name"%CR
+%CR
+daniel%CR
+------------------------------7c633d5c27ce%CR
+Content-Disposition: form-data; name="tool"%CR
+%CR
+curl%CR
+------------------------------7c633d5c27ce%CR
+Content-Disposition: form-data; name="file"; filename="test%TESTNUMBER.txt"%CR
+Content-Type: text/plain%CR
+%CR
 foo-
 This is a moo-
 bar
-
-------------------------------7c633d5c27ce--
+%CR
+------------------------------7c633d5c27ce--%CR
 
 
 
diff --git a/tests/data/test457 b/tests/data/test457
index d9f945ebda..39b050464c 100644
--- a/tests/data/test457
+++ b/tests/data/test457
@@ -15,16 +15,16 @@ Server: fakeit/0.9 fakeitbad/1.0
 Transfer-Encoding: chunked
 Connection: mooo
 
-40
-aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
-30
-bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
-21;heresatest=moooo
+40%CR
+aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa%CR
+30%CR
+bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb%CR
+21;heresatest=moooo%CR
 cccccccccccccccccccccccccccccc
 c
-
-0
-
+%CR
+0%CR
+%CR
 
 
 HTTP/1.1 200 funky chunky!
diff --git a/tests/data/test473 b/tests/data/test473
index c4caa11a62..315f50006a 100644
--- a/tests/data/test473
+++ b/tests/data/test473
@@ -9,24 +9,24 @@ HTTP GET
 # Server-side
 
 
-HTTP/1.1 301 funky chunky!
-Server: fakeit/0.9 fakeitbad/1.0
+HTTP/1.1 301 funky chunky!%CR
+Server: fakeit/0.9 fakeitbad/1.0%CR
 Location: /redirected
-Transfer-Encoding: chunked
-Trailer: chunky-trailer
-Connection: mooo
-ETag: W/"asdf"
-
-40
-aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
-30
-bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
-21;heresatest=moooo
+Transfer-Encoding: chunked%CR
+Trailer: chunky-trailer%CR
+Connection: mooo%CR
+ETag: W/"asdf"%CR
+%CR
+40%CR
+aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa%CR
+30%CR
+bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb%CR
+21;heresatest=moooo%CR
 cccccccccccccccccccccccccccccccc
-
-0
-chunky-trailer: header data
-
+%CR
+0%CR
+chunky-trailer: header data%CR
+%CR
 
 
 
diff --git a/tests/data/test503 b/tests/data/test503
index ba071c24ff..dc008ebd81 100644
--- a/tests/data/test503
+++ b/tests/data/test503
@@ -29,8 +29,8 @@ ETag: "21025-dc7-39462498"
 
 
 
-HTTP/1.1 200 Mighty fine indeed
-
+HTTP/1.1 200 Mighty fine indeed%CR
+%CR
 HTTP/1.1 200 OK swsclose
 Date: Tue, 09 Nov 2010 14:49:00 GMT
 Server: test-server/fake
diff --git a/tests/data/test552 b/tests/data/test552
index 2d36d56ab1..32b877bf82 100644
--- a/tests/data/test552
+++ b/tests/data/test552
@@ -70,21 +70,21 @@ http://test.remote.example.com/path/%TESTNUMBER http://s1lly:pers0n@%HOSTIP:%HTT
 # Verify data after the test has been "shot"
 
 
-POST http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1
-Host: test.remote.example.com
-Accept: */*
-Proxy-Connection: Keep-Alive
-Content-Length: 70000
-Content-Type: application/x-www-form-urlencoded
-
-%repeat[7000 x test data%00]%POST http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1
-Host: test.remote.example.com
-Proxy-Authorization: Digest username="s1lly", realm="something fun to read", nonce="%repeat[400 x A]%", uri="/path/%TESTNUMBER", response="be7aedc47d821b6d847c445ded782c43"
-Accept: */*
-Proxy-Connection: Keep-Alive
-Content-Length: 70000
-Content-Type: application/x-www-form-urlencoded
-
+POST http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1%CR
+Host: test.remote.example.com%CR
+Accept: */*%CR
+Proxy-Connection: Keep-Alive%CR
+Content-Length: 70000%CR
+Content-Type: application/x-www-form-urlencoded%CR
+%CR
+%repeat[7000 x test data%00]%POST http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1%CR
+Host: test.remote.example.com%CR
+Proxy-Authorization: Digest username="s1lly", realm="something fun to read", nonce="%repeat[400 x A]%", uri="/path/%TESTNUMBER", response="be7aedc47d821b6d847c445ded782c43"%CR
+Accept: */*%CR
+Proxy-Connection: Keep-Alive%CR
+Content-Length: 70000%CR
+Content-Type: application/x-www-form-urlencoded%CR
+%CR
 %repeat[7000 x test data%00]%
 
 
diff --git a/tests/data/test554 b/tests/data/test554
index cf37ebe76d..9336930f92 100644
--- a/tests/data/test554
+++ b/tests/data/test554
@@ -69,68 +69,68 @@ s/boundary=------------------------[A-Za-z0-9]*/boundary=-----------------------
 # boundary string and since 5 of them are in the body contents, we see
 # (5*12) == 60 bytes less
 
-POST /%TESTNUMBER HTTP/1.1
-Host: %HOSTIP:%HTTPPORT
-Accept: */*
-Content-Length: 780
-Content-Type: multipart/form-data; boundary=----------------------------
-
-------------------------------
-Content-Disposition: form-data; name="sendfile"; filename="postit2.c"
-
+POST /%TESTNUMBER HTTP/1.1%CR
+Host: %HOSTIP:%HTTPPORT%CR
+Accept: */*%CR
+Content-Length: 780%CR
+Content-Type: multipart/form-data; boundary=----------------------------%CR
+%CR
+------------------------------%CR
+Content-Disposition: form-data; name="sendfile"; filename="postit2.c"%CR
+%CR
 this is what we post to the silly web server
-
-------------------------------
-Content-Disposition: form-data; name="callbackdata"
-
+%CR
+------------------------------%CR
+Content-Disposition: form-data; name="callbackdata"%CR
+%CR
 this is what we post to the silly web server
-
-------------------------------
-Content-Disposition: form-data; name="filename"
-
-postit2.c
-------------------------------
-Content-Disposition: form-data; name="submit"
-Content-Type: text/plain
-
-send
-------------------------------
-Content-Disposition: form-data; name="somename"; filename="somefile.txt"
-Content-Type: text/plain
-
-blah blah
---------------------------------
-POST /%TESTNUMBER HTTP/1.1
-Host: %HOSTIP:%HTTPPORT
-Accept: */*
-Content-Length: 794
-Content-Type: multipart/form-data; boundary=----------------------------
-
-------------------------------
-Content-Disposition: form-data; name="sendfile alternative"; filename="file name 2"
-
+%CR
+------------------------------%CR
+Content-Disposition: form-data; name="filename"%CR
+%CR
+postit2.c%CR
+------------------------------%CR
+Content-Disposition: form-data; name="submit"%CR
+Content-Type: text/plain%CR
+%CR
+send%CR
+------------------------------%CR
+Content-Disposition: form-data; name="somename"; filename="somefile.txt"%CR
+Content-Type: text/plain%CR
+%CR
+blah blah%CR
+--------------------------------%CR
+POST /%TESTNUMBER HTTP/1.1%CR
+Host: %HOSTIP:%HTTPPORT%CR
+Accept: */*%CR
+Content-Length: 794%CR
+Content-Type: multipart/form-data; boundary=----------------------------%CR
+%CR
+------------------------------%CR
+Content-Disposition: form-data; name="sendfile alternative"; filename="file name 2"%CR
+%CR
 this is what we post to the silly web server
-
-------------------------------
-Content-Disposition: form-data; name="callbackdata"
-
+%CR
+------------------------------%CR
+Content-Disposition: form-data; name="callbackdata"%CR
+%CR
 this is what we post to the silly web server
-
-------------------------------
-Content-Disposition: form-data; name="filename"
-
-postit2.c
-------------------------------
-Content-Disposition: form-data; name="submit"
-Content-Type: text/plain
-
-send
-------------------------------
-Content-Disposition: form-data; name="somename"; filename="somefile.txt"
-Content-Type: text/plain
-
-blah blah
---------------------------------
+%CR
+------------------------------%CR
+Content-Disposition: form-data; name="filename"%CR
+%CR
+postit2.c%CR
+------------------------------%CR
+Content-Disposition: form-data; name="submit"%CR
+Content-Type: text/plain%CR
+%CR
+send%CR
+------------------------------%CR
+Content-Disposition: form-data; name="somename"; filename="somefile.txt"%CR
+Content-Type: text/plain%CR
+%CR
+blah blah%CR
+--------------------------------%CR
 
 
 
diff --git a/tests/data/test568 b/tests/data/test568
index e416176257..caadd95d12 100644
--- a/tests/data/test568
+++ b/tests/data/test568
@@ -18,12 +18,12 @@ Cseq: 1
 
 
 
-RTSP/1.0 200 OK
-Server: RTSPD/libcurl-test
-Cseq: 2
-Content-Length: 70
-Content-Type: application/sdp
-
+RTSP/1.0 200 OK%CR
+Server: RTSPD/libcurl-test%CR
+Cseq: 2%CR
+Content-Length: 70%CR
+Content-Type: application/sdp%CR
+%CR
 v=0
 s=rtspd SDP
 i=A fake SDP reply
diff --git a/tests/data/test585 b/tests/data/test585
index 5a50587b94..dd455a5b6f 100644
--- a/tests/data/test585
+++ b/tests/data/test585
@@ -22,13 +22,13 @@ Connection: close
 
 
 [OPEN] counter: 1
-HTTP/1.1 302 eat this!
-Date: Tue, 09 Nov 2010 14:49:00 GMT
-Server: test-server/fake
-Location: this-is-the-first.html
-Content-Length: 0
-Connection: close
-
+HTTP/1.1 302 eat this!%CR
+Date: Tue, 09 Nov 2010 14:49:00 GMT%CR
+Server: test-server/fake%CR
+Location: this-is-the-first.html%CR
+Content-Length: 0%CR
+Connection: close%CR
+%CR
 [CLOSE] counter: 1
 
 
diff --git a/tests/data/test599 b/tests/data/test599
index f06773a606..4df0cf13a0 100644
--- a/tests/data/test599
+++ b/tests/data/test599
@@ -21,18 +21,18 @@ Content-Type: text/html
 -foo-
 
 
-HTTP/1.1 200 OK
-Date: Tue, 09 Nov 2010 14:49:00 GMT
-Server: test-server/fake
-Transfer-Encoding: chunked
-Connection: close
-Content-Type: text/html
-
-32
+HTTP/1.1 200 OK%CR
+Date: Tue, 09 Nov 2010 14:49:00 GMT%CR
+Server: test-server/fake%CR
+Transfer-Encoding: chunked%CR
+Connection: close%CR
+Content-Type: text/html%CR
+%CR
+32%CR
 this data is slightly larger than the first piece
-
-0
-
+%CR
+0%CR
+%CR
 
 
 
diff --git a/tests/data/test60 b/tests/data/test60
index 4d9b8b541b..0544b2c6df 100644
--- a/tests/data/test60
+++ b/tests/data/test60
@@ -38,19 +38,19 @@ more than one byte
 # Verify data after the test has been "shot"
 
 
-PUT /bzz/%TESTNUMBER HTTP/1.1
-Host: %HOSTIP:%HTTPPORT
-User-Agent: curl/%VERSION
-Accept: */*
-Transfer-Encoding: chunked
-Content-Length: 1
-Expect: 100-continue
-
-13
+PUT /bzz/%TESTNUMBER HTTP/1.1%CR
+Host: %HOSTIP:%HTTPPORT%CR
+User-Agent: curl/%VERSION%CR
+Accept: */*%CR
+Transfer-Encoding: chunked%CR
+Content-Length: 1%CR
+Expect: 100-continue%CR
+%CR
+13%CR
 more than one byte
-
-0
-
+%CR
+0%CR
+%CR
 
 
 
diff --git a/tests/data/test643 b/tests/data/test643
index fc4e639a01..14bbd4aa39 100644
--- a/tests/data/test643
+++ b/tests/data/test643
@@ -69,66 +69,66 @@ s/boundary=------------------------[A-Za-z0-9]*/boundary=-----------------------
 # boundary string and since 5 of them are in the body contents, we see
 # (5*12) == 60 bytes less
 
-POST /%TESTNUMBER HTTP/1.1
-Host: %HOSTIP:%HTTPPORT
-Accept: */*
-Content-Length: 676
-Content-Type: multipart/form-data; boundary=----------------------------
-
-------------------------------
-Content-Disposition: form-data; name="sendfile"; filename="postit2.c"
-
+POST /%TESTNUMBER HTTP/1.1%CR
+Host: %HOSTIP:%HTTPPORT%CR
+Accept: */*%CR
+Content-Length: 676%CR
+Content-Type: multipart/form-data; boundary=----------------------------%CR
+%CR
+------------------------------%CR
+Content-Disposition: form-data; name="sendfile"; filename="postit2.c"%CR
+%CR
 dummy
-
-------------------------------
-Content-Disposition: form-data; name="callbackdata"
-
+%CR
+------------------------------%CR
+Content-Disposition: form-data; name="callbackdata"%CR
+%CR
 dummy
-
-------------------------------
-Content-Disposition: form-data; name="filename"
-
-postit2.c
-------------------------------
-Content-Disposition: form-data; name="submit"
-
-send
-------------------------------
-Content-Disposition: form-data; name="somename"; filename="somefile.txt"
-Content-Type: text/plain
-
-blah blah
---------------------------------
-POST /%TESTNUMBER HTTP/1.1
-Host: %HOSTIP:%HTTPPORT
-Accept: */*
-Content-Length: 690
-Content-Type: multipart/form-data; boundary=----------------------------
-
-------------------------------
-Content-Disposition: form-data; name="sendfile alternative"; filename="file name 2"
-
+%CR
+------------------------------%CR
+Content-Disposition: form-data; name="filename"%CR
+%CR
+postit2.c%CR
+------------------------------%CR
+Content-Disposition: form-data; name="submit"%CR
+%CR
+send%CR
+------------------------------%CR
+Content-Disposition: form-data; name="somename"; filename="somefile.txt"%CR
+Content-Type: text/plain%CR
+%CR
+blah blah%CR
+--------------------------------%CR
+POST /%TESTNUMBER HTTP/1.1%CR
+Host: %HOSTIP:%HTTPPORT%CR
+Accept: */*%CR
+Content-Length: 690%CR
+Content-Type: multipart/form-data; boundary=----------------------------%CR
+%CR
+------------------------------%CR
+Content-Disposition: form-data; name="sendfile alternative"; filename="file name 2"%CR
+%CR
 dummy
-
-------------------------------
-Content-Disposition: form-data; name="callbackdata"
-
+%CR
+------------------------------%CR
+Content-Disposition: form-data; name="callbackdata"%CR
+%CR
 dummy
-
-------------------------------
-Content-Disposition: form-data; name="filename"
-
-postit2.c
-------------------------------
-Content-Disposition: form-data; name="submit"
-
-send
-------------------------------
-Content-Disposition: form-data; name="somename"; filename="somefile.txt"
-Content-Type: text/plain
-
-blah blah
---------------------------------
+%CR
+------------------------------%CR
+Content-Disposition: form-data; name="filename"%CR
+%CR
+postit2.c%CR
+------------------------------%CR
+Content-Disposition: form-data; name="submit"%CR
+%CR
+send%CR
+------------------------------%CR
+Content-Disposition: form-data; name="somename"; filename="somefile.txt"%CR
+Content-Type: text/plain%CR
+%CR
+blah blah%CR
+--------------------------------%CR
 
 
 
diff --git a/tests/data/test645 b/tests/data/test645
index 4d8857780a..6370a5a478 100644
--- a/tests/data/test645
+++ b/tests/data/test645
@@ -69,128 +69,128 @@ s/boundary=------------------------[A-Za-z0-9]*/boundary=-----------------------
 # boundary string and since 5 of them are in the body contents, we see
 # (5*12) == 60 bytes less
 
-POST /%TESTNUMBER HTTP/1.1
-Host: %HOSTIP:%HTTPPORT
-Accept: */*
-Transfer-Encoding: chunked
-Content-Type: multipart/form-data; boundary=----------------------------
-Expect: 100-continue
-
-7c
-------------------------------
-Content-Disposition: form-data; name="sendfile"; filename="postit2.c"
-
-d
-1
-u
-1
-m
-1
-m
-1
-y
-1
+POST /%TESTNUMBER HTTP/1.1%CR
+Host: %HOSTIP:%HTTPPORT%CR
+Accept: */*%CR
+Transfer-Encoding: chunked%CR
+Content-Type: multipart/form-data; boundary=----------------------------%CR
+Expect: 100-continue%CR
+%CR
+7c%CR
+------------------------------%CR
+Content-Disposition: form-data; name="sendfile"; filename="postit2.c"%CR
+%CR
+d%CR
+1%CR
+u%CR
+1%CR
+m%CR
+1%CR
+m%CR
+1%CR
+y%CR
+1%CR
 
-
-6b
-
-------------------------------
-Content-Disposition: form-data; name="callbackdata"
-
-
-1
-d
-1
-u
-1
-m
-1
-m
-1
-y
-1
+%CR
+6b%CR
+%CR
+------------------------------%CR
+Content-Disposition: form-data; name="callbackdata"%CR
+%CR
+%CR
+1%CR
+d%CR
+1%CR
+u%CR
+1%CR
+m%CR
+1%CR
+m%CR
+1%CR
+y%CR
+1%CR
 
-
-1b2
-
-------------------------------
-Content-Disposition: form-data; name="filename"
-
-postit2.c
-------------------------------
-Content-Disposition: form-data; name="submit"
-
-send
-------------------------------
-Content-Disposition: form-data; name="somename"; filename="somefile.txt"
-Content-Type: text/plain
-
-blah blah
---------------------------------
-
-0
-
-POST /%TESTNUMBER HTTP/1.1
-Host: %HOSTIP:%HTTPPORT
-Accept: */*
-Transfer-Encoding: chunked
-Content-Type: multipart/form-data; boundary=----------------------------
-Expect: 100-continue
-
-8a
-------------------------------
-Content-Disposition: form-data; name="sendfile alternative"; filename="file name 2"
-
-d
-1
-u
-1
-m
-1
-m
-1
-y
-1
+%CR
+1b2%CR
+%CR
+------------------------------%CR
+Content-Disposition: form-data; name="filename"%CR
+%CR
+postit2.c%CR
+------------------------------%CR
+Content-Disposition: form-data; name="submit"%CR
+%CR
+send%CR
+------------------------------%CR
+Content-Disposition: form-data; name="somename"; filename="somefile.txt"%CR
+Content-Type: text/plain%CR
+%CR
+blah blah%CR
+--------------------------------%CR
+%CR
+0%CR
+%CR
+POST /%TESTNUMBER HTTP/1.1%CR
+Host: %HOSTIP:%HTTPPORT%CR
+Accept: */*%CR
+Transfer-Encoding: chunked%CR
+Content-Type: multipart/form-data; boundary=----------------------------%CR
+Expect: 100-continue%CR
+%CR
+8a%CR
+------------------------------%CR
+Content-Disposition: form-data; name="sendfile alternative"; filename="file name 2"%CR
+%CR
+d%CR
+1%CR
+u%CR
+1%CR
+m%CR
+1%CR
+m%CR
+1%CR
+y%CR
+1%CR
 
-
-6b
-
-------------------------------
-Content-Disposition: form-data; name="callbackdata"
-
-
-1
-d
-1
-u
-1
-m
-1
-m
-1
-y
-1
+%CR
+6b%CR
+%CR
+------------------------------%CR
+Content-Disposition: form-data; name="callbackdata"%CR
+%CR
+%CR
+1%CR
+d%CR
+1%CR
+u%CR
+1%CR
+m%CR
+1%CR
+m%CR
+1%CR
+y%CR
+1%CR
 
-
-1b2
-
-------------------------------
-Content-Disposition: form-data; name="filename"
-
-postit2.c
-------------------------------
-Content-Disposition: form-data; name="submit"
-
-send
-------------------------------
-Content-Disposition: form-data; name="somename"; filename="somefile.txt"
-Content-Type: text/plain
-
-blah blah
---------------------------------
-
-0
-
+%CR
+1b2%CR
+%CR
+------------------------------%CR
+Content-Disposition: form-data; name="filename"%CR
+%CR
+postit2.c%CR
+------------------------------%CR
+Content-Disposition: form-data; name="submit"%CR
+%CR
+send%CR
+------------------------------%CR
+Content-Disposition: form-data; name="somename"; filename="somefile.txt"%CR
+Content-Type: text/plain%CR
+%CR
+blah blah%CR
+--------------------------------%CR
+%CR
+0%CR
+%CR
 
 
 
diff --git a/tests/data/test646 b/tests/data/test646
index a8d8ff2b6f..2bca8337c6 100644
--- a/tests/data/test646
+++ b/tests/data/test646
@@ -39,7 +39,7 @@ It may contain any type of data.
 
 
 # This line is a comment
-X-fileheader1: This is a header from a file%SP
+X-fileheader1: This is a header from a file%SP%CR
 
 # This line is another comment. It precedes a folded header.
 X-fileheader2: This is #a
@@ -62,40 +62,40 @@ DATA
 QUIT
 
 
-Content-Type: multipart/mixed; boundary=----------------------------
-Mime-Version: 1.0
-From: different
-To: another
-Reply-To: 
-
-------------------------------
-Content-Type: multipart/alternative; boundary=----------------------------
-
-------------------------------
-Content-Type: text/html
-Content-Transfer-Encoding: 8bit
-X-test1: this is a header
-X-test2: this is another header
-
-This is the html version
-------------------------------
-X-fileheader1: This is a header from a file
-X-fileheader2: This is #a folded header
-
-This is the plain text version
---------------------------------
-
-------------------------------
-Content-Disposition: attachment; filename="test%TESTNUMBER.txt"
-X-fileheader1: This is a header from a file
-X-fileheader2: This is #a folded header
-
+Content-Type: multipart/mixed; boundary=----------------------------%CR
+Mime-Version: 1.0%CR
+From: different%CR
+To: another%CR
+Reply-To: %CR
+%CR
+------------------------------%CR
+Content-Type: multipart/alternative; boundary=----------------------------%CR
+%CR
+------------------------------%CR
+Content-Type: text/html%CR
+Content-Transfer-Encoding: 8bit%CR
+X-test1: this is a header%CR
+X-test2: this is another header%CR
+%CR
+This is the html version%CR
+------------------------------%CR
+X-fileheader1: This is a header from a file%CR
+X-fileheader2: This is #a folded header%CR
+%CR
+This is the plain text version%CR
+--------------------------------%CR
+%CR
+------------------------------%CR
+Content-Disposition: attachment; filename="test%TESTNUMBER.txt"%CR
+X-fileheader1: This is a header from a file%CR
+X-fileheader2: This is #a folded header%CR
+%CR
 This is an attached file.
 
 It may contain any type of data.
-
---------------------------------
-.
+%CR
+--------------------------------%CR
+.%CR
 
 
 
diff --git a/tests/data/test647 b/tests/data/test647
index 0e3d242cd7..732472db9c 100644
--- a/tests/data/test647
+++ b/tests/data/test647
@@ -49,35 +49,35 @@ A003 APPEND %TESTNUMBER (\Seen) {940}
 A004 LOGOUT
 
 
-Content-Type: multipart/mixed; boundary=----------------------------
-Mime-Version: 1.0
-Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)
-From: Fred Foobar 
-To: joe@example.com
-Message-Id: 
-Subject: afternoon meeting
-
-------------------------------
-Content-Type: multipart/alternative; boundary=----------------------------
-
-------------------------------
-Content-Type: text/html
-Content-Transfer-Encoding: 8bit
-
-This is the html version
-------------------------------
-
-This is the plain text version
---------------------------------
-
-------------------------------
-Content-Disposition: attachment; filename="test%TESTNUMBER.txt"
-
+Content-Type: multipart/mixed; boundary=----------------------------%CR
+Mime-Version: 1.0%CR
+Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)%CR
+From: Fred Foobar %CR
+To: joe@example.com%CR
+Message-Id: %CR
+Subject: afternoon meeting%CR
+%CR
+------------------------------%CR
+Content-Type: multipart/alternative; boundary=----------------------------%CR
+%CR
+------------------------------%CR
+Content-Type: text/html%CR
+Content-Transfer-Encoding: 8bit%CR
+%CR
+This is the html version%CR
+------------------------------%CR
+%CR
+This is the plain text version%CR
+--------------------------------%CR
+%CR
+------------------------------%CR
+Content-Disposition: attachment; filename="test%TESTNUMBER.txt"%CR
+%CR
 This is an attached file.
 
 It may contain any type of data.
-
---------------------------------
+%CR
+--------------------------------%CR
 
 
 
diff --git a/tests/data/test650 b/tests/data/test650
index e1ac811dde..3864303b34 100644
--- a/tests/data/test650
+++ b/tests/data/test650
@@ -70,150 +70,150 @@ s/boundary=------------------------[A-Za-z0-9]*/boundary=-----------------------
 # boundary string and since 5 of them are in the body contents, we see
 # (5*12) == 60 bytes less
 
-POST /%TESTNUMBER HTTP/1.1
-Host: %HOSTIP:%HTTPPORT
-Accept: */*
-Transfer-Encoding: chunked
-Content-Type: multipart/form-data; boundary=----------------------------
-Expect: 100-continue
-
-385
-------------------------------
-Content-Disposition: form-data; name="fieldname"
-Content-Type: text/plain
-X-customheader-1: Header 1 data
-X-customheader-2: Header 2 data
-
-this is what we post to the silly web server
-------------------------------
-Content-Disposition: form-data; name="fieldnam"
-
-uhis is what we post to the silly web serve
-------------------------------
-Content-Disposition: form-data; name="multifile"
-Content-Type: multipart/mixed; boundary=----------------------------
-
-------------------------------
-Content-Disposition: attachment; filename="test%TESTNUMBER.filedata"
-Content-Type: application/octet-stream
-
+POST /%TESTNUMBER HTTP/1.1%CR
+Host: %HOSTIP:%HTTPPORT%CR
+Accept: */*%CR
+Transfer-Encoding: chunked%CR
+Content-Type: multipart/form-data; boundary=----------------------------%CR
+Expect: 100-continue%CR
+%CR
+385%CR
+------------------------------%CR
+Content-Disposition: form-data; name="fieldname"%CR
+Content-Type: text/plain%CR
+X-customheader-1: Header 1 data%CR
+X-customheader-2: Header 2 data%CR
+%CR
+this is what we post to the silly web server%CR
+------------------------------%CR
+Content-Disposition: form-data; name="fieldnam"%CR
+%CR
+uhis is what we post to the silly web serve%CR
+------------------------------%CR
+Content-Disposition: form-data; name="multifile"%CR
+Content-Type: multipart/mixed; boundary=----------------------------%CR
+%CR
+------------------------------%CR
+Content-Disposition: attachment; filename="test%TESTNUMBER.filedata"%CR
+Content-Type: application/octet-stream%CR
+%CR
 This is data from a file.
-
-------------------------------
-Content-Disposition: attachment; filename="test%TESTNUMBER.filedata"
-Content-Type: text/whatever
-
-
-ab
+%CR
+------------------------------%CR
+Content-Disposition: attachment; filename="test%TESTNUMBER.filedata"%CR
+Content-Type: text/whatever%CR
+%CR
+%CR
+ab%CR
 This is data from a file.
-
-------------------------------
-Content-Disposition: attachment; filename="test%TESTNUMBER.filedata"
-Content-Type: text/whatever
-
-
-bb
+%CR
+------------------------------%CR
+Content-Disposition: attachment; filename="test%TESTNUMBER.filedata"%CR
+Content-Type: text/whatever%CR
+%CR
+%CR
+bb%CR
 This is data from a file.
-
---------------------------------
-
-------------------------------
-Content-Disposition: form-data; name="filecontents"
-
-
-11b
+%CR
+--------------------------------%CR
+%CR
+------------------------------%CR
+Content-Disposition: form-data; name="filecontents"%CR
+%CR
+%CR
+11b%CR
 This is data from a file.
-
-------------------------------
-Content-Disposition: form-data; name="formlength"
-
-1433
-------------------------------
-Content-Disposition: form-data; name="standardinput"
-Content-Type: application/octet-stream
-
-
-16
+%CR
+------------------------------%CR
+Content-Disposition: form-data; name="formlength"%CR
+%CR
+1433%CR
+------------------------------%CR
+Content-Disposition: form-data; name="standardinput"%CR
+Content-Type: application/octet-stream%CR
+%CR
+%CR
+16%CR
  Some data from stdin
-
-36
-
---------------------------------
-
-0
-
-POST /%TESTNUMBER0002 HTTP/1.1
-Host: %HOSTIP:%HTTPPORT
-Accept: */*
-Transfer-Encoding: chunked
-Content-Type: multipart/form-data; boundary=----------------------------
-Expect: 100-continue
-
-385
-------------------------------
-Content-Disposition: form-data; name="fieldname"
-Content-Type: text/plain
-X-customheader-1: Header 1 data
-X-customheader-2: Header 2 data
-
-this is what we post to the silly web server
-------------------------------
-Content-Disposition: form-data; name="fieldnam"
-
-uhis is what we post to the silly web serve
-------------------------------
-Content-Disposition: form-data; name="multifile"
-Content-Type: multipart/mixed; boundary=----------------------------
-
-------------------------------
-Content-Disposition: attachment; filename="test%TESTNUMBER.filedata"
-Content-Type: application/octet-stream
-
+%CR
+36%CR
+%CR
+--------------------------------%CR
+%CR
+0%CR
+%CR
+POST /%TESTNUMBER0002 HTTP/1.1%CR
+Host: %HOSTIP:%HTTPPORT%CR
+Accept: */*%CR
+Transfer-Encoding: chunked%CR
+Content-Type: multipart/form-data; boundary=----------------------------%CR
+Expect: 100-continue%CR
+%CR
+385%CR
+------------------------------%CR
+Content-Disposition: form-data; name="fieldname"%CR
+Content-Type: text/plain%CR
+X-customheader-1: Header 1 data%CR
+X-customheader-2: Header 2 data%CR
+%CR
+this is what we post to the silly web server%CR
+------------------------------%CR
+Content-Disposition: form-data; name="fieldnam"%CR
+%CR
+uhis is what we post to the silly web serve%CR
+------------------------------%CR
+Content-Disposition: form-data; name="multifile"%CR
+Content-Type: multipart/mixed; boundary=----------------------------%CR
+%CR
+------------------------------%CR
+Content-Disposition: attachment; filename="test%TESTNUMBER.filedata"%CR
+Content-Type: application/octet-stream%CR
+%CR
 This is data from a file.
-
-------------------------------
-Content-Disposition: attachment; filename="test%TESTNUMBER.filedata"
-Content-Type: text/whatever
-
-
-ab
+%CR
+------------------------------%CR
+Content-Disposition: attachment; filename="test%TESTNUMBER.filedata"%CR
+Content-Type: text/whatever%CR
+%CR
+%CR
+ab%CR
 This is data from a file.
-
-------------------------------
-Content-Disposition: attachment; filename="test%TESTNUMBER.filedata"
-Content-Type: text/whatever
-
-
-bb
+%CR
+------------------------------%CR
+Content-Disposition: attachment; filename="test%TESTNUMBER.filedata"%CR
+Content-Type: text/whatever%CR
+%CR
+%CR
+bb%CR
 This is data from a file.
-
---------------------------------
-
-------------------------------
-Content-Disposition: form-data; name="filecontents"
-
-
-11b
+%CR
+--------------------------------%CR
+%CR
+------------------------------%CR
+Content-Disposition: form-data; name="filecontents"%CR
+%CR
+%CR
+11b%CR
 This is data from a file.
-
-------------------------------
-Content-Disposition: form-data; name="formlength"
-
-1433
-------------------------------
-Content-Disposition: form-data; name="standardinput"
-Content-Type: application/octet-stream
-
-
-16
+%CR
+------------------------------%CR
+Content-Disposition: form-data; name="formlength"%CR
+%CR
+1433%CR
+------------------------------%CR
+Content-Disposition: form-data; name="standardinput"%CR
+Content-Type: application/octet-stream%CR
+%CR
+%CR
+16%CR
  Some data from stdin
-
-36
-
---------------------------------
-
-0
-
+%CR
+36%CR
+%CR
+--------------------------------%CR
+%CR
+0%CR
+%CR
 
 
 
diff --git a/tests/data/test654 b/tests/data/test654
index 10a914205a..8bb74d271f 100644
--- a/tests/data/test654
+++ b/tests/data/test654
@@ -72,55 +72,55 @@ s/boundary=------------------------[A-Za-z0-9]*/boundary=-----------------------
 # boundary string and since 5 of them are in the body contents, we see
 # (5*12) == 60 bytes less
 
-POST /%TESTNUMBER HTTP/1.1
-Host: %HOSTIP:%HTTPPORT
-Accept: */*
-Content-Length: 0
-
-POST /%TESTNUMBER HTTP/1.1
-Host: %HOSTIP:%HTTPPORT
-Accept: */*
-Transfer-Encoding: chunked
-Content-Type: multipart/form-data; boundary=----------------------------
-Expect: 100-continue
-
-1c1
-------------------------------
-Content-Disposition: form-data; name="greeting"
-Content-Type: application/X-Greeting
-Content-Transfer-Encoding: base64
-X-Test-Number: %TESTNUMBER
-
-aGVsbG8=
-------------------------------
-Content-Disposition: form-data; filename="file%TESTNUMBER.txt"
-Content-Type: text/plain
-
+POST /%TESTNUMBER HTTP/1.1%CR
+Host: %HOSTIP:%HTTPPORT%CR
+Accept: */*%CR
+Content-Length: 0%CR
+%CR
+POST /%TESTNUMBER HTTP/1.1%CR
+Host: %HOSTIP:%HTTPPORT%CR
+Accept: */*%CR
+Transfer-Encoding: chunked%CR
+Content-Type: multipart/form-data; boundary=----------------------------%CR
+Expect: 100-continue%CR
+%CR
+1c1%CR
+------------------------------%CR
+Content-Disposition: form-data; name="greeting"%CR
+Content-Type: application/X-Greeting%CR
+Content-Transfer-Encoding: base64%CR
+X-Test-Number: %TESTNUMBER%CR
+%CR
+aGVsbG8=%CR
+------------------------------%CR
+Content-Disposition: form-data; filename="file%TESTNUMBER.txt"%CR
+Content-Type: text/plain%CR
+%CR
 This is data from a file
-
-------------------------------
-Content-Disposition: form-data
-
-
-1
-d
-1
-u
-1
-m
-1
-m
-1
-y
-1
+%CR
+------------------------------%CR
+Content-Disposition: form-data%CR
+%CR
+%CR
+1%CR
+d%CR
+1%CR
+u%CR
+1%CR
+m%CR
+1%CR
+m%CR
+1%CR
+y%CR
+1%CR
 
-
-36
-
---------------------------------
-
-0
-
+%CR
+36%CR
+%CR
+--------------------------------%CR
+%CR
+0%CR
+%CR
 
 
 
diff --git a/tests/data/test666 b/tests/data/test666
index 6e65768e3d..9c95556a5f 100644
--- a/tests/data/test666
+++ b/tests/data/test666
@@ -58,17 +58,17 @@ s/^--------------------------[A-Za-z0-9]*/------------------------------/
 s/boundary=------------------------[A-Za-z0-9]*/boundary=----------------------------/
 
 
-POST /%TESTNUMBER HTTP/1.1
-Host: %HOSTIP:%HTTPPORT
-Accept: */*
-Content-Length: 17237
-Content-Type: multipart/form-data; boundary=----------------------------
-
-------------------------------
-Content-Disposition: form-data; name="upfile"; filename="myfile.txt"
-Content-Type: text/plain
-Content-Transfer-Encoding: binary
-
+POST /%TESTNUMBER HTTP/1.1%CR
+Host: %HOSTIP:%HTTPPORT%CR
+Accept: */*%CR
+Content-Length: 17237%CR
+Content-Type: multipart/form-data; boundary=----------------------------%CR
+%CR
+------------------------------%CR
+Content-Disposition: form-data; name="upfile"; filename="myfile.txt"%CR
+Content-Type: text/plain%CR
+Content-Transfer-Encoding: binary%CR
+%CR
 ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWX
 ZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVW
 YZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUV
@@ -289,8 +289,8 @@ STUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOP
 RSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNO
 QRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMN
 PQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLM
-OPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUV
---------------------------------
+OPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUV%CR
+--------------------------------%CR
 
 
 
diff --git a/tests/data/test668 b/tests/data/test668
index 412aa5bd79..34d649572d 100644
--- a/tests/data/test668
+++ b/tests/data/test668
@@ -65,38 +65,38 @@ s/boundary=------------------------[A-Za-z0-9]*/boundary=-----------------------
 # boundary string and since 5 of them are in the body contents, we see
 # (5*12) == 60 bytes less
 
-POST /%TESTNUMBER HTTP/1.1
-Host: %HOSTIP:%HTTPPORT
-Accept: */*
-Transfer-Encoding: chunked
-Content-Type: multipart/form-data; boundary=----------------------------
-Expect: 100-continue
-
-cd
-------------------------------
-Content-Disposition: form-data; name="field1"
-
-dummy
-------------------------------
-Content-Disposition: form-data; name="field2"
-
-
-5
-dummy
-97
-
-------------------------------
-Content-Disposition: form-data; name="field3"; filename="file%TESTNUMBER.txt"
-Content-Type: text/plain
-
-
-4f
+POST /%TESTNUMBER HTTP/1.1%CR
+Host: %HOSTIP:%HTTPPORT%CR
+Accept: */*%CR
+Transfer-Encoding: chunked%CR
+Content-Type: multipart/form-data; boundary=----------------------------%CR
+Expect: 100-continue%CR
+%CR
+cd%CR
+------------------------------%CR
+Content-Disposition: form-data; name="field1"%CR
+%CR
+dummy%CR
+------------------------------%CR
+Content-Disposition: form-data; name="field2"%CR
+%CR
+%CR
+5%CR
+dummy%CR
+97%CR
+%CR
+------------------------------%CR
+Content-Disposition: form-data; name="field3"; filename="file%TESTNUMBER.txt"%CR
+Content-Type: text/plain%CR
+%CR
+%CR
+4f%CR
 This is data from a file
-
---------------------------------
-
-0
-
+%CR
+--------------------------------%CR
+%CR
+0%CR
+%CR
 
 
 
diff --git a/tests/data/test71 b/tests/data/test71
index f47879a3f7..35358fe916 100644
--- a/tests/data/test71
+++ b/tests/data/test71
@@ -53,29 +53,29 @@ bar
 ^(Content-Type: multipart/form-data;|------------).*
 
 
-POST /we/want/%TESTNUMBER HTTP/1.1
-Host: %HOSTIP:%HTTPPORT
-Accept: */*
-Content-Length: 432
-Content-Type: multipart/form-data; boundary=----------------------------9ef8d6205763
-
-------------------------------9ef8d6205763
-Content-Disposition: form-data; name="name"
-
-daniel
-------------------------------9ef8d6205763
-Content-Disposition: form-data; name="tool"
-
-curl
-------------------------------9ef8d6205763
-Content-Disposition: form-data; name="file"; filename="test%TESTNUMBER.txt"
-Content-Type: text/plain
-
+POST /we/want/%TESTNUMBER HTTP/1.1%CR
+Host: %HOSTIP:%HTTPPORT%CR
+Accept: */*%CR
+Content-Length: 432%CR
+Content-Type: multipart/form-data; boundary=----------------------------9ef8d6205763%CR
+%CR
+------------------------------9ef8d6205763%CR
+Content-Disposition: form-data; name="name"%CR
+%CR
+daniel%CR
+------------------------------9ef8d6205763%CR
+Content-Disposition: form-data; name="tool"%CR
+%CR
+curl%CR
+------------------------------9ef8d6205763%CR
+Content-Disposition: form-data; name="file"; filename="test%TESTNUMBER.txt"%CR
+Content-Type: text/plain%CR
+%CR
 foo-
 This is a moo-
 bar
-
-------------------------------9ef8d6205763--
+%CR
+------------------------------9ef8d6205763--%CR
 
 
 
diff --git a/tests/data/test744 b/tests/data/test744
index f725a29c3a..a1d1a28cee 100644
--- a/tests/data/test744
+++ b/tests/data/test744
@@ -25,8 +25,8 @@ HTTP/1.1 200 Mighty fine indeed
 
 
 
-HTTP/1.1 200 Mighty fine indeed
-
+HTTP/1.1 200 Mighty fine indeed%CR
+%CR
 HTTP/1.1 200 OK
 Date: Tue, 09 Nov 2010 14:49:00 GMT
 Server: test-server/fake swsclose
diff --git a/tests/data/test780 b/tests/data/test780
index 085b2845bd..44d0552abf 100644
--- a/tests/data/test780
+++ b/tests/data/test780
@@ -63,9 +63,9 @@ test-duphandle
 
 
 
-HTTP/1.1 200 OK
-Server: fake
-
+HTTP/1.1 200 OK%CR
+Server: fake%CR
+%CR
 HTTP/1.1 200 OK
 Date: Tue, 09 Nov 2010 14:49:00 GMT
 Server: test-server/fake swsclose
diff --git a/tests/data/test781 b/tests/data/test781
index 6423fe7e47..2c06d40465 100644
--- a/tests/data/test781
+++ b/tests/data/test781
@@ -65,9 +65,9 @@ test-duphandle
 
 
 
-HTTP/1.1 200 OK
-Server: fake
-
+HTTP/1.1 200 OK%CR
+Server: fake%CR
+%CR
 HTTP/1.1 200 OK
 Date: Tue, 09 Nov 2010 14:49:00 GMT
 Server: test-server/fake swsclose
diff --git a/tests/data/test782 b/tests/data/test782
index 8e1b2918c6..4d559a9402 100644
--- a/tests/data/test782
+++ b/tests/data/test782
@@ -65,9 +65,9 @@ test-duphandle
 
 
 
-HTTP/1.1 200 OK
-Server: fake
-
+HTTP/1.1 200 OK%CR
+Server: fake%CR
+%CR
 HTTP/1.1 200 OK
 Date: Tue, 09 Nov 2010 14:49:00 GMT
 Server: test-server/fake swsclose
diff --git a/tests/data/test783 b/tests/data/test783
index 62ff5c23dd..3fb83a0a19 100644
--- a/tests/data/test783
+++ b/tests/data/test783
@@ -65,9 +65,9 @@ test-duphandle
 
 
 
-HTTP/1.1 200 OK
-Server: fake
-
+HTTP/1.1 200 OK%CR
+Server: fake%CR
+%CR
 HTTP/1.1 200 OK
 Date: Tue, 09 Nov 2010 14:49:00 GMT
 Server: test-server/fake swsclose
diff --git a/tests/data/test80 b/tests/data/test80
index 2e41c87a0d..684c29da69 100644
--- a/tests/data/test80
+++ b/tests/data/test80
@@ -29,8 +29,8 @@ HTTP/1.1 200 Mighty fine indeed
 
 
 
-HTTP/1.1 200 Mighty fine indeed
-
+HTTP/1.1 200 Mighty fine indeed%CR
+%CR
 HTTP/1.1 200 OK
 Date: Tue, 09 Nov 2010 14:49:00 GMT
 Server: test-server/fake swsclose
diff --git a/tests/data/test83 b/tests/data/test83
index 4bf191e9ec..f6d3e84b08 100644
--- a/tests/data/test83
+++ b/tests/data/test83
@@ -26,8 +26,8 @@ HTTP/1.1 200 Mighty fine indeed
 
 
 
-HTTP/1.1 200 Mighty fine indeed
-
+HTTP/1.1 200 Mighty fine indeed%CR
+%CR
 HTTP/1.1 200 OK
 Date: Tue, 09 Nov 2010 14:49:00 GMT
 Server: test-server/fake swsclose
diff --git a/tests/data/test9 b/tests/data/test9
index 90b146e75a..9ca6c831d4 100644
--- a/tests/data/test9
+++ b/tests/data/test9
@@ -46,30 +46,30 @@ bar
 ^(Content-Type: multipart/form-data;|------------).*
 
 
-POST /we/want/%TESTNUMBER HTTP/1.1
-Host: %HOSTIP:%HTTPPORT
-User-Agent: curl/%VERSION
-Accept: */*
-Content-Length: 431
-Content-Type: multipart/form-data; boundary=----------------------------9ef8d6205763
-
-------------------------------9ef8d6205763
-Content-Disposition: form-data; name="name"
-
-daniel
-------------------------------9ef8d6205763
-Content-Disposition: form-data; name="tool"
-
-curl
-------------------------------9ef8d6205763
-Content-Disposition: form-data; name="file"; filename="test9.txt"
-Content-Type: text/plain
-
+POST /we/want/%TESTNUMBER HTTP/1.1%CR
+Host: %HOSTIP:%HTTPPORT%CR
+User-Agent: curl/%VERSION%CR
+Accept: */*%CR
+Content-Length: 431%CR
+Content-Type: multipart/form-data; boundary=----------------------------9ef8d6205763%CR
+%CR
+------------------------------9ef8d6205763%CR
+Content-Disposition: form-data; name="name"%CR
+%CR
+daniel%CR
+------------------------------9ef8d6205763%CR
+Content-Disposition: form-data; name="tool"%CR
+%CR
+curl%CR
+------------------------------9ef8d6205763%CR
+Content-Disposition: form-data; name="file"; filename="test9.txt"%CR
+Content-Type: text/plain%CR
+%CR
 foo-
 This is a moo-
 bar
-
-------------------------------9ef8d6205763--
+%CR
+------------------------------9ef8d6205763--%CR
 
 
 
diff --git a/tests/data/test900 b/tests/data/test900
index 14644401b3..8eb433b78e 100644
--- a/tests/data/test900
+++ b/tests/data/test900
@@ -20,10 +20,10 @@ smtp
 SMTP
 
 
-From: different
-To: another
-
-body
+From: different%CR
+To: another%CR
+%CR
+body%CR
 %repeat[6553 x 0123456789]%
 
 
@@ -43,13 +43,13 @@ DATA
 QUIT
 
 
-From: different
-To: another
-
-body
+From: different%CR
+To: another%CR
+%CR
+body%CR
 %repeat[6553 x 0123456789]%
-
-.
+%CR
+.%CR
 
 
 
diff --git a/tests/data/test95 b/tests/data/test95
index d7e2151361..87c0728645 100644
--- a/tests/data/test95
+++ b/tests/data/test95
@@ -26,8 +26,8 @@ HTTP/1.1 200 Mighty fine indeed
 
 
 
-HTTP/1.1 200 Mighty fine indeed
-
+HTTP/1.1 200 Mighty fine indeed%CR
+%CR
 HTTP/1.1 200 OK
 Date: Tue, 09 Nov 2010 14:49:00 GMT
 Server: test-server/fake swsclose
diff --git a/tests/getpart.pm b/tests/getpart.pm
index 3f9ecbb5af..b555038cf7 100644
--- a/tests/getpart.pm
+++ b/tests/getpart.pm
@@ -33,6 +33,7 @@ BEGIN {
     our @EXPORT = qw(
         compareparts
         fulltest
+        checktest
         getpart
         getpartattr
         loadarray
@@ -250,6 +251,18 @@ sub fulltest {
     return @xml;
 }
 
+sub checktest {
+    my $anyerr = 0;
+
+    for my $i (0 .. $#xml) {
+        if(index($xml[$i], "\r") >= 0) {
+            print STDERR "*** getpart.pm: $xmlfile:$i: 0x0d carriage return found. Use %CR macro instead.\n";
+            $anyerr = 1;
+        }
+    }
+    return $anyerr;
+}
+
 # write the test to the given file
 sub savetest {
     my ($file)=@_;
diff --git a/tests/globalconfig.pm b/tests/globalconfig.pm
index 8635dea55b..6203b62749 100644
--- a/tests/globalconfig.pm
+++ b/tests/globalconfig.pm
@@ -73,6 +73,7 @@ BEGIN {
         %keywords
         @protocols
         $dev_null
+        $checktests
     );
 }
 use pathhelp qw(
@@ -94,6 +95,7 @@ our $torture;         # 1 to enable torture testing
 our $proxy_address;   # external HTTP proxy address
 our $listonly;        # only list the tests
 our $buildinfo;       # dump buildinfo.txt
+our $checktests;      # 1 to run a check on test data
 our $run_duphandle;   # run curl with --test-duphandle to verify handle duplication
 our $run_event_based; # run curl with --test-event to test the event API
 our $automakestyle;   # use automake-like test status output format
diff --git a/tests/runner.pm b/tests/runner.pm
index 328857e521..8b9c0c3f2e 100644
--- a/tests/runner.pm
+++ b/tests/runner.pm
@@ -1148,6 +1148,15 @@ sub singletest_postcheck {
             }
         }
     }
+
+    if($checktests) {
+        loadtest("${TESTDIR}/test${testnum}");  # load the raw original data
+        if(checktest()) {
+            logmsg " $testnum: postcheck FAILED: issue(s) found in test data\n";
+            return -1;
+        }
+    }
+
     return 0;
 }
 
diff --git a/tests/runtests.pl b/tests/runtests.pl
index ac74869543..761056a8ed 100755
--- a/tests/runtests.pl
+++ b/tests/runtests.pl
@@ -1191,6 +1191,10 @@ sub singletest_shouldrun {
         }
     }
 
+    if($why && $checktests && checktest()) {
+        logmsg "Warning: issue(s) found in test data: ${TESTDIR}/test${testnum}\n";
+    }
+
     return ($why, $errorreturncode);
 }
 
@@ -2420,6 +2424,10 @@ while(@ARGV) {
         # execute in scrambled order
         $scrambleorder=1;
     }
+    elsif($ARGV[0] eq "-w") {
+        # verify test data
+        $checktests=1;
+    }
     elsif($ARGV[0] =~ /^-t(.*)/) {
         # torture
         $torture=1;
@@ -2563,6 +2571,7 @@ Usage: runtests.pl [options] [test selection(s)]
   -u       error instead of warning on server unexpectedly alive
   -v       verbose output
   -vc path use this curl only to verify the existing servers
+  -w       check test data
   [num]    like "5 6 9" or " 5 to 22 " to run those tests only
   [!num]   like "!5 !6 !9" to disable those tests
   [~num]   like "~5 ~6 ~9" to ignore the result of those tests
diff --git a/tests/testutil.pm b/tests/testutil.pm
index 30ac782a99..126f83e021 100644
--- a/tests/testutil.pm
+++ b/tests/testutil.pm
@@ -149,6 +149,7 @@ sub subbase64 {
 
     $$thing =~ s/%SP/ /g;    # space
     $$thing =~ s/%TAB/\t/g;  # horizontal tab
+    $$thing =~ s/%CR/\r/g;   # carriage return aka \r aka 0x0d
 
     # include a file
     $$thing =~ s/%include ([^%]*)%[\n\r]+/includefile($1)/ge;

From e108778db318b74b28c5ca35e3dd583bd0bca118 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 6 Nov 2025 21:10:12 +0100
Subject: [PATCH 0727/2408] GHA/macos: replace deleted gcc-12 with
 gcc-13/gcc-14

GitHub dropped gcc-12 for the remaining two macos runner images.
Replace it with gcc-13 in normal jobs, and gcc-14 in combination jobs.

Ref: https://github.com/actions/runner-images/commit/f7e2c3f34b4985282b39ba42de9f6862a2f8a242
Ref: https://github.com/actions/runner-images/pull/13249

Ref: https://github.com/actions/runner-images/commit/1c1351b6350d920e6c5c524f3eb80cc48c8069a4
Ref: https://github.com/actions/runner-images/pull/13253

Closes #19387
---
 .github/workflows/macos.yml | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml
index 20585e7b7d..0e0d03bc4f 100644
--- a/.github/workflows/macos.yml
+++ b/.github/workflows/macos.yml
@@ -217,7 +217,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        compiler: [clang, llvm@18, gcc-12]
+        compiler: [clang, llvm@18, gcc-13]
         build:
           # autotools
           - name: '!ssl !debug brotli zstd'
@@ -226,7 +226,7 @@ jobs:
             configure: --without-ssl --with-brotli --with-zstd
             xcode: ''  # default Xcode. Set it once to silence actionlint.
           - name: '!ssl !debug'
-            compiler: gcc-12
+            compiler: gcc-13
             configure: --without-ssl
           - name: '!ssl'
             compiler: clang
@@ -320,7 +320,7 @@ jobs:
             install: gnutls nettle krb5
             generate: -DENABLE_DEBUG=ON -DCURL_USE_GNUTLS=ON -DCURL_USE_OPENSSL=OFF -DCURL_USE_GSSAPI=ON -DGSS_ROOT_DIR=/opt/homebrew/opt/krb5 -DCURL_DISABLE_LDAP=ON -DUSE_SSLS_EXPORT=ON
           - name: 'aws-lc'
-            compiler: gcc-12
+            compiler: gcc-13
             install: aws-lc
             generate: -DENABLE_DEBUG=ON -DCURL_USE_OPENSSL=ON -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/aws-lc -DUSE_ECH=ON -DCURL_DISABLE_LDAP=ON -DUSE_SSLS_EXPORT=ON
           - name: 'Rustls'
@@ -342,10 +342,10 @@ jobs:
         exclude:
           # opt out jobs from combinations that have the compiler set manually
           - { compiler: llvm@18, build: { compiler: 'clang' } }
-          - { compiler: llvm@18, build: { compiler: 'gcc-12' } }
-          - { compiler: gcc-12, build: { compiler: 'clang' } }
-          - { compiler: gcc-12, build: { compiler: 'llvm@18' } }
-          - { compiler: clang, build: { compiler: 'gcc-12' } }
+          - { compiler: llvm@18, build: { compiler: 'gcc-13' } }
+          - { compiler: gcc-13, build: { compiler: 'clang' } }
+          - { compiler: gcc-13, build: { compiler: 'llvm@18' } }
+          - { compiler: clang, build: { compiler: 'gcc-13' } }
           - { compiler: clang, build: { compiler: 'llvm@18' } }
 
     steps:
@@ -557,7 +557,7 @@ jobs:
         # https://github.com/actions/runner-images/blob/main/images/macos/macos-14-arm64-Readme.md
         # https://github.com/actions/runner-images/blob/main/images/macos/macos-15-arm64-Readme.md
         # https://github.com/actions/runner-images/blob/main/images/macos/macos-26-arm64-Readme.md
-        compiler: [gcc-12, gcc-13, gcc-15, llvm@15, llvm@18, llvm@20, clang]
+        compiler: [gcc-13, gcc-14, gcc-15, llvm@15, llvm@18, llvm@20, clang]
         # Xcode support matrix as of 2025-10, with default macOS SDK versions and OS names, years:
         # * = default Xcode on the runner.
         # macos-14: 15.0.1, 15.1, 15.2, 15.3,*15.4
@@ -579,9 +579,9 @@ jobs:
           - { image: macos-15, compiler: 'llvm@20' }
           - { image: macos-26, compiler: 'llvm@15' }
           - { image: macos-26, compiler: 'llvm@18' }
-          - { image: macos-26, compiler: 'gcc-12' }
           # Reduce build combinations, by dropping less interesting ones
-          - { compiler: gcc-13, build: cmake }
+          - { image: macos-26, compiler: 'gcc-13' }
+          - { compiler: gcc-14, build: cmake }
           - { compiler: gcc-15, build: autotools }
     steps:
       - name: 'install autotools'

From 8e93a74a731714767e2414e1a5687aa0ef31d9ea Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Thu, 6 Nov 2025 23:14:04 +0100
Subject: [PATCH 0728/2408] tool_paramhlp: refuse --proto remove all protocols

curl is for transfers so disabling all protocols has to be a mistake.
Previously it would allow this to get set (even if curl_easy_setopt()
returns an error for it) and then let libcurl return error instead.

Updated 1474 accordingly.

Closes #19388
---
 src/tool_paramhlp.c | 16 ++++++++++------
 tests/data/test1474 |  4 ++--
 2 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/src/tool_paramhlp.c b/src/tool_paramhlp.c
index 9f54704ea2..008f0fc388 100644
--- a/src/tool_paramhlp.c
+++ b/src/tool_paramhlp.c
@@ -397,7 +397,7 @@ ParameterError proto2num(const char * const *val, char **ostr, const char *str)
   const char **protoset;
   struct dynbuf obuf;
   size_t proto;
-  CURLcode result;
+  CURLcode result = CURLE_OK;
 
   curlx_dyn_init(&obuf, MAX_PROTOSTRING);
 
@@ -496,15 +496,19 @@ ParameterError proto2num(const char * const *val, char **ostr, const char *str)
   qsort((char *) protoset, protoset_index(protoset, NULL), sizeof(*protoset),
         struplocompare4sort);
 
-  result = curlx_dyn_addn(&obuf, "", 0);
   for(proto = 0; protoset[proto] && !result; proto++)
-    result = curlx_dyn_addf(&obuf, "%s,", protoset[proto]);
+    result = curlx_dyn_addf(&obuf, "%s%s", curlx_dyn_len(&obuf) ? "," : "",
+                            protoset[proto]);
   free((char *) protoset);
-  curlx_dyn_setlen(&obuf, curlx_dyn_len(&obuf) - 1);
+  if(result)
+    return PARAM_NO_MEM;
+  if(!curlx_dyn_len(&obuf)) {
+    curlx_dyn_free(&obuf);
+    return PARAM_BAD_USE;
+  }
   free(*ostr);
   *ostr = curlx_dyn_ptr(&obuf);
-
-  return *ostr ? PARAM_OK : PARAM_NO_MEM;
+  return PARAM_OK;
 }
 
 /**
diff --git a/tests/data/test1474 b/tests/data/test1474
index 8ccecf1877..9ca209cf26 100644
--- a/tests/data/test1474
+++ b/tests/data/test1474
@@ -29,9 +29,9 @@ http
 #
 # Verify data after the test has been "shot"
 
-# 1 - Protocol "http" disabled
+# 2 failed init, the --proto argument is not accepted
 
-1
+2
 
 
 

From 684af00181145e08e6cb287d09ecdf29ee7450ab Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Thu, 6 Nov 2025 23:39:56 +0100
Subject: [PATCH 0729/2408] setopt: when setting bad protocols, don't store
 them

Both CURLOPT_PROTOCOLS_STR and CURLOPT_REDIR_PROTOCOLS_STR would
previously return error on bad input but would wrongly still store and
keep the partial (unacceptable) result in the handle.

Closes #19389
---
 lib/setopt.c | 26 ++++++++++++++++++--------
 1 file changed, 18 insertions(+), 8 deletions(-)

diff --git a/lib/setopt.c b/lib/setopt.c
index 3f385ed8a5..90a1cf24a8 100644
--- a/lib/setopt.c
+++ b/lib/setopt.c
@@ -2361,17 +2361,27 @@ static CURLcode setopt_cptr(struct Curl_easy *data, CURLoption option,
 #endif /* USE_LIBSSH2 */
 #endif /* USE_SSH */
   case CURLOPT_PROTOCOLS_STR:
-    if(ptr)
-      return protocol2num(ptr, &s->allowed_protocols);
-    /* make a NULL argument reset to default */
-    s->allowed_protocols = (curl_prot_t) CURLPROTO_ALL;
+    if(ptr) {
+      curl_prot_t protos;
+      result = protocol2num(ptr, &protos);
+      if(!result)
+        s->allowed_protocols = protos;
+    }
+    else
+      /* make a NULL argument reset to default */
+      s->allowed_protocols = (curl_prot_t) CURLPROTO_ALL;
     break;
 
   case CURLOPT_REDIR_PROTOCOLS_STR:
-    if(ptr)
-      return protocol2num(ptr, &s->redir_protocols);
-    /* make a NULL argument reset to default */
-    s->redir_protocols = (curl_prot_t) CURLPROTO_REDIR;
+    if(ptr) {
+      curl_prot_t protos;
+      result = protocol2num(ptr, &protos);
+      if(!result)
+        s->redir_protocols = protos;
+    }
+    else
+      /* make a NULL argument reset to default */
+      s->redir_protocols = (curl_prot_t) CURLPROTO_REDIR;
     break;
 
   case CURLOPT_DEFAULT_PROTOCOL:

From a6eaa67c5582155e5d5149b0ff33d11b166ee41a Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Fri, 7 Nov 2025 10:39:26 +0100
Subject: [PATCH 0730/2408] mbedtls: fix potential use of uninitialized `nread`

When Curl_conn_cf_recv() returns error, the variable might not be
assigned and the tracing output may (harmlessly) use it uninitialized.

Also add a comment about the typecast from size_t to int being fine.

Pointed out by ZeroPath

Closes #19393
---
 lib/vtls/mbedtls.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c
index 4e8a0c3cf7..36200de6fa 100644
--- a/lib/vtls/mbedtls.c
+++ b/lib/vtls/mbedtls.c
@@ -200,7 +200,7 @@ static int mbedtls_bio_cf_read(void *bio, unsigned char *buf, size_t blen)
 {
   struct Curl_cfilter *cf = bio;
   struct Curl_easy *data = CF_DATA_CURRENT(cf);
-  size_t nread;
+  size_t nread = 0;
   CURLcode result;
 
   DEBUGASSERT(data);
@@ -215,6 +215,7 @@ static int mbedtls_bio_cf_read(void *bio, unsigned char *buf, size_t blen)
               blen, result, nread);
   if(CURLE_AGAIN == result)
     return MBEDTLS_ERR_SSL_WANT_READ;
+  /* nread is never larger than int here */
   return result ? -1 : (int)nread;
 }
 

From 40b1724f58311a472b195dedd269deb1fd84405e Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Thu, 6 Nov 2025 16:34:23 +0100
Subject: [PATCH 0731/2408] tool: consider (some) curl_easy_setopt errors fatal

Instead of happily ignoring return codes.

Calls that allocate data, like duplicating strings, can fail because of
lack of memory which could then leave the option unset and curl would
unknowingly continue (if the memory shortage was momentary).

Closes #19385
---
 src/config2setopts.c | 357 +++++++++++++++++++------------------------
 src/tool_findfile.c  |   3 +-
 src/tool_setopt.c    | 100 +++++++-----
 src/tool_setopt.h    |  80 +++++-----
 src/tool_ssls.c      |   5 +-
 5 files changed, 262 insertions(+), 283 deletions(-)

diff --git a/src/config2setopts.c b/src/config2setopts.c
index c367959ccb..929123cfbf 100644
--- a/src/config2setopts.c
+++ b/src/config2setopts.c
@@ -175,32 +175,26 @@ static CURLcode ssh_setopts(struct OperationConfig *config, CURL *curl)
   CURLcode result;
 
   /* SSH and SSL private key uses same command-line option */
-  /* new in libcurl 7.16.1 */
-  my_setopt_str(curl, CURLOPT_SSH_PRIVATE_KEYFILE, config->key);
-  /* new in libcurl 7.16.1 */
-  my_setopt_str(curl, CURLOPT_SSH_PUBLIC_KEYFILE, config->pubkey);
+  MY_SETOPT_STR(curl, CURLOPT_SSH_PRIVATE_KEYFILE, config->key);
+  MY_SETOPT_STR(curl, CURLOPT_SSH_PUBLIC_KEYFILE, config->pubkey);
 
-  /* new in libcurl 7.17.1: SSH host key md5 checking allows us
-     to fail if we are not talking to who we think we should */
-  my_setopt_str(curl, CURLOPT_SSH_HOST_PUBLIC_KEY_MD5,
-                config->hostpubmd5);
+  /* SSH host key md5 checking allows us to fail if we are not talking to who
+     we think we should */
+  MY_SETOPT_STR(curl, CURLOPT_SSH_HOST_PUBLIC_KEY_MD5, config->hostpubmd5);
 
-  /* new in libcurl 7.80.0: SSH host key sha256 checking allows us
-     to fail if we are not talking to who we think we should */
-  my_setopt_str(curl, CURLOPT_SSH_HOST_PUBLIC_KEY_SHA256,
+  /* SSH host key sha256 checking allows us to fail if we are not talking to
+     who we think we should */
+  MY_SETOPT_STR(curl, CURLOPT_SSH_HOST_PUBLIC_KEY_SHA256,
                 config->hostpubsha256);
 
-  /* new in libcurl 7.56.0 */
   if(config->ssh_compression)
     my_setopt_long(curl, CURLOPT_SSH_COMPRESSION, 1);
 
   if(!config->insecure_ok) {
     char *known = config->knownhosts;
-
     if(!known)
       known = findfile(".ssh/known_hosts", FALSE);
     if(known) {
-      /* new in curl 7.19.6 */
       result = my_setopt_str(curl, CURLOPT_SSH_KNOWNHOSTS, known);
       if(result) {
         config->knownhosts = NULL;
@@ -280,32 +274,26 @@ static CURLcode ssl_setopts(struct OperationConfig *config, CURL *curl)
   CURLcode result = CURLE_OK;
 
   if(config->cacert)
-    my_setopt_str(curl, CURLOPT_CAINFO, config->cacert);
+    MY_SETOPT_STR(curl, CURLOPT_CAINFO, config->cacert);
   if(config->proxy_cacert)
-    my_setopt_str(curl, CURLOPT_PROXY_CAINFO, config->proxy_cacert);
+    MY_SETOPT_STR(curl, CURLOPT_PROXY_CAINFO, config->proxy_cacert);
+  if(config->capath)
+    MY_SETOPT_STR(curl, CURLOPT_CAPATH, config->capath);
 
-  if(config->capath) {
-    result = my_setopt_str(curl, CURLOPT_CAPATH, config->capath);
-    if(result)
-      return result;
-  }
   /* For the time being if --proxy-capath is not set then we use the
      --capath value for it, if any. See #1257 */
   if(config->proxy_capath || config->capath) {
-    result = my_setopt_str(curl, CURLOPT_PROXY_CAPATH,
-                           (config->proxy_capath ? config->proxy_capath :
-                            config->capath));
-    if((result == CURLE_NOT_BUILT_IN) ||
-       (result == CURLE_UNKNOWN_OPTION)) {
-      if(config->proxy_capath) {
-        warnf("ignoring %s, not supported by libcurl with %s",
-              config->proxy_capath ? "--proxy-capath" : "--capath",
-              ssl_backend());
-      }
+    MY_SETOPT_STR(curl, CURLOPT_PROXY_CAPATH,
+                  (config->proxy_capath ? config->proxy_capath :
+                   config->capath));
+    if(result && config->proxy_capath) {
+      warnf("ignoring %s, not supported by libcurl with %s",
+            config->proxy_capath ? "--proxy-capath" : "--capath",
+            ssl_backend());
     }
-    else if(result)
-      return result;
   }
+  if(result)
+    return result;
 
 #ifdef CURL_CA_EMBED
   if(!config->cacert && !config->capath) {
@@ -335,47 +323,46 @@ static CURLcode ssl_setopts(struct OperationConfig *config, CURL *curl)
 #endif
 
   if(config->crlfile)
-    my_setopt_str(curl, CURLOPT_CRLFILE, config->crlfile);
+    MY_SETOPT_STR(curl, CURLOPT_CRLFILE, config->crlfile);
   if(config->proxy_crlfile)
-    my_setopt_str(curl, CURLOPT_PROXY_CRLFILE, config->proxy_crlfile);
-  else if(config->crlfile) /* CURLOPT_PROXY_CRLFILE default is crlfile */
-    my_setopt_str(curl, CURLOPT_PROXY_CRLFILE, config->crlfile);
+    MY_SETOPT_STR(curl, CURLOPT_PROXY_CRLFILE, config->proxy_crlfile);
+  else if(config->crlfile)
+    /* CURLOPT_PROXY_CRLFILE default is crlfile */
+    MY_SETOPT_STR(curl, CURLOPT_PROXY_CRLFILE, config->crlfile);
 
   if(config->pinnedpubkey) {
-    result = my_setopt_str(curl, CURLOPT_PINNEDPUBLICKEY,
-                           config->pinnedpubkey);
-    if(result == CURLE_NOT_BUILT_IN)
+    MY_SETOPT_STR(curl, CURLOPT_PINNEDPUBLICKEY,
+                  config->pinnedpubkey);
+    if(result)
       warnf("ignoring %s, not supported by libcurl with %s",
             "--pinnedpubkey", ssl_backend());
   }
   if(config->proxy_pinnedpubkey) {
-    result = my_setopt_str(curl, CURLOPT_PROXY_PINNEDPUBLICKEY,
-                           config->proxy_pinnedpubkey);
-    if(result == CURLE_NOT_BUILT_IN)
+    MY_SETOPT_STR(curl, CURLOPT_PROXY_PINNEDPUBLICKEY,
+                  config->proxy_pinnedpubkey);
+    if(result)
       warnf("ignoring %s, not supported by libcurl with %s",
             "--proxy-pinnedpubkey", ssl_backend());
   }
 
   if(config->ssl_ec_curves)
-    my_setopt_str(curl, CURLOPT_SSL_EC_CURVES, config->ssl_ec_curves);
+    MY_SETOPT_STR(curl, CURLOPT_SSL_EC_CURVES, config->ssl_ec_curves);
 
   if(config->ssl_signature_algorithms)
-    my_setopt_str(curl, CURLOPT_SSL_SIGNATURE_ALGORITHMS,
+    MY_SETOPT_STR(curl, CURLOPT_SSL_SIGNATURE_ALGORITHMS,
                   config->ssl_signature_algorithms);
 
   if(config->writeout)
     my_setopt_long(curl, CURLOPT_CERTINFO, 1);
 
-  my_setopt_str(curl, CURLOPT_SSLCERT, config->cert);
-  my_setopt_str(curl, CURLOPT_PROXY_SSLCERT, config->proxy_cert);
-  my_setopt_str(curl, CURLOPT_SSLCERTTYPE, config->cert_type);
-  my_setopt_str(curl, CURLOPT_PROXY_SSLCERTTYPE,
-                config->proxy_cert_type);
-  my_setopt_str(curl, CURLOPT_SSLKEY, config->key);
-  my_setopt_str(curl, CURLOPT_PROXY_SSLKEY, config->proxy_key);
-  my_setopt_str(curl, CURLOPT_SSLKEYTYPE, config->key_type);
-  my_setopt_str(curl, CURLOPT_PROXY_SSLKEYTYPE,
-                config->proxy_key_type);
+  MY_SETOPT_STR(curl, CURLOPT_SSLCERT, config->cert);
+  MY_SETOPT_STR(curl, CURLOPT_PROXY_SSLCERT, config->proxy_cert);
+  MY_SETOPT_STR(curl, CURLOPT_SSLCERTTYPE, config->cert_type);
+  MY_SETOPT_STR(curl, CURLOPT_PROXY_SSLCERTTYPE, config->proxy_cert_type);
+  MY_SETOPT_STR(curl, CURLOPT_SSLKEY, config->key);
+  MY_SETOPT_STR(curl, CURLOPT_PROXY_SSLKEY, config->proxy_key);
+  MY_SETOPT_STR(curl, CURLOPT_SSLKEYTYPE, config->key_type);
+  MY_SETOPT_STR(curl, CURLOPT_PROXY_SSLKEYTYPE, config->proxy_key_type);
 
   /* libcurl default is strict verifyhost -> 1L, verifypeer -> 1L */
   if(config->insecure_ok) {
@@ -431,30 +418,28 @@ static CURLcode ssl_setopts(struct OperationConfig *config, CURL *curl)
   }
 
   if(config->cipher_list) {
-    result = my_setopt_str(curl, CURLOPT_SSL_CIPHER_LIST,
-                           config->cipher_list);
-    if(result == CURLE_NOT_BUILT_IN)
+    MY_SETOPT_STR(curl, CURLOPT_SSL_CIPHER_LIST, config->cipher_list);
+    if(result)
       warnf("ignoring %s, not supported by libcurl with %s",
             "--ciphers", ssl_backend());
   }
   if(config->proxy_cipher_list) {
-    result = my_setopt_str(curl, CURLOPT_PROXY_SSL_CIPHER_LIST,
-                           config->proxy_cipher_list);
-    if(result == CURLE_NOT_BUILT_IN)
+    MY_SETOPT_STR(curl, CURLOPT_PROXY_SSL_CIPHER_LIST,
+                  config->proxy_cipher_list);
+    if(result)
       warnf("ignoring %s, not supported by libcurl with %s",
             "--proxy-ciphers", ssl_backend());
   }
   if(config->cipher13_list) {
-    result = my_setopt_str(curl, CURLOPT_TLS13_CIPHERS,
-                           config->cipher13_list);
-    if(result == CURLE_NOT_BUILT_IN)
+    MY_SETOPT_STR(curl, CURLOPT_TLS13_CIPHERS, config->cipher13_list);
+    if(result)
       warnf("ignoring %s, not supported by libcurl with %s",
             "--tls13-ciphers", ssl_backend());
   }
   if(config->proxy_cipher13_list) {
-    result = my_setopt_str(curl, CURLOPT_PROXY_TLS13_CIPHERS,
-                           config->proxy_cipher13_list);
-    if(result == CURLE_NOT_BUILT_IN)
+    MY_SETOPT_STR(curl, CURLOPT_PROXY_TLS13_CIPHERS,
+                  config->proxy_cipher13_list);
+    if(result)
       warnf("ignoring %s, not supported by libcurl with %s",
             "--proxy-tls13-ciphers", ssl_backend());
   }
@@ -467,29 +452,22 @@ static CURLcode ssl_setopts(struct OperationConfig *config, CURL *curl)
   if(feature_ech) {
     /* only if enabled in libcurl */
     if(config->ech) /* only if set (optional) */
-      my_setopt_str(curl, CURLOPT_ECH, config->ech);
+      MY_SETOPT_STR(curl, CURLOPT_ECH, config->ech);
     if(config->ech_public) /* only if set (optional) */
-      my_setopt_str(curl, CURLOPT_ECH, config->ech_public);
+      MY_SETOPT_STR(curl, CURLOPT_ECH, config->ech_public);
     if(config->ech_config) /* only if set (optional) */
-      my_setopt_str(curl, CURLOPT_ECH, config->ech_config);
+      MY_SETOPT_STR(curl, CURLOPT_ECH, config->ech_config);
   }
 
-  /* new in curl 7.9.3 */
-  if(config->engine) {
-    result = my_setopt_str(curl, CURLOPT_SSLENGINE, config->engine);
-    if(result)
-      return result;
-  }
+  if(config->engine)
+    MY_SETOPT_STR(curl, CURLOPT_SSLENGINE, config->engine);
 
-  /* new in curl 7.15.5 */
   if(config->ftp_ssl_reqd)
     my_setopt_enum(curl, CURLOPT_USE_SSL, CURLUSESSL_ALL);
 
-  /* new in curl 7.11.0 */
   else if(config->ftp_ssl)
     my_setopt_enum(curl, CURLOPT_USE_SSL, CURLUSESSL_TRY);
 
-  /* new in curl 7.16.0 */
   else if(config->ftp_ssl_control)
     my_setopt_enum(curl, CURLOPT_USE_SSL, CURLUSESSL_CONTROL);
 
@@ -503,28 +481,25 @@ static CURLcode ssl_setopts(struct OperationConfig *config, CURL *curl)
 static CURLcode http_setopts(struct OperationConfig *config,
                              CURL *curl)
 {
+  CURLcode result;
   long postRedir = 0;
 
   my_setopt_long(curl, CURLOPT_FOLLOWLOCATION, config->followlocation);
   my_setopt_long(curl, CURLOPT_UNRESTRICTED_AUTH,
                  config->unrestricted_auth);
-  my_setopt_str(curl, CURLOPT_AWS_SIGV4, config->aws_sigv4);
+  MY_SETOPT_STR(curl, CURLOPT_AWS_SIGV4, config->aws_sigv4);
   my_setopt_long(curl, CURLOPT_AUTOREFERER, config->autoreferer);
 
-  /* new in libcurl 7.36.0 */
   if(config->proxyheaders) {
     my_setopt_slist(curl, CURLOPT_PROXYHEADER, config->proxyheaders);
     my_setopt_long(curl, CURLOPT_HEADEROPT, CURLHEADER_SEPARATE);
   }
 
-  /* new in libcurl 7.5 */
   my_setopt_long(curl, CURLOPT_MAXREDIRS, config->maxredirs);
 
   if(config->httpversion)
     my_setopt_enum(curl, CURLOPT_HTTP_VERSION, config->httpversion);
 
-  /* curl 7.19.1 (the 301 version existed in 7.18.2),
-     303 was added in 7.26.0 */
   if(config->post301)
     postRedir |= CURL_REDIR_POST_301;
   if(config->post302)
@@ -533,28 +508,25 @@ static CURLcode http_setopts(struct OperationConfig *config,
     postRedir |= CURL_REDIR_POST_303;
   my_setopt_long(curl, CURLOPT_POSTREDIR, postRedir);
 
-  /* new in libcurl 7.21.6 */
   if(config->encoding)
-    my_setopt_str(curl, CURLOPT_ACCEPT_ENCODING, "");
+    MY_SETOPT_STR(curl, CURLOPT_ACCEPT_ENCODING, "");
 
-  /* new in libcurl 7.21.6 */
   if(config->tr_encoding)
     my_setopt_long(curl, CURLOPT_TRANSFER_ENCODING, 1);
-  /* new in libcurl 7.64.0 */
+
   my_setopt_long(curl, CURLOPT_HTTP09_ALLOWED, config->http09_allowed);
 
   if(config->altsvc)
-    my_setopt_str(curl, CURLOPT_ALTSVC, config->altsvc);
+    MY_SETOPT_STR(curl, CURLOPT_ALTSVC, config->altsvc);
 
   if(config->hsts)
-    my_setopt_str(curl, CURLOPT_HSTS, config->hsts);
+    MY_SETOPT_STR(curl, CURLOPT_HSTS, config->hsts);
 
-  /* new in 7.47.0 */
   if(config->expect100timeout_ms > 0)
     my_setopt_long(curl, CURLOPT_EXPECT_100_TIMEOUT_MS,
                    config->expect100timeout_ms);
 
-  return CURLE_OK;
+  return result;
 }
 
 static CURLcode cookie_setopts(struct OperationConfig *config, CURL *curl)
@@ -580,29 +552,28 @@ static CURLcode cookie_setopts(struct OperationConfig *config, CURL *curl)
       }
     }
 
-    my_setopt_str(curl, CURLOPT_COOKIE, curlx_dyn_ptr(&cookies));
+    result = my_setopt_str(curl, CURLOPT_COOKIE, curlx_dyn_ptr(&cookies));
     curlx_dyn_free(&cookies);
+    if(result)
+      return result;
   }
 
   if(config->cookiefiles) {
     struct curl_slist *cfl;
 
     for(cfl = config->cookiefiles; cfl; cfl = cfl->next)
-      my_setopt_str(curl, CURLOPT_COOKIEFILE, cfl->data);
+      MY_SETOPT_STR(curl, CURLOPT_COOKIEFILE, cfl->data);
   }
 
-  /* new in libcurl 7.9 */
   if(config->cookiejar)
-    my_setopt_str(curl, CURLOPT_COOKIEJAR, config->cookiejar);
+    MY_SETOPT_STR(curl, CURLOPT_COOKIEJAR, config->cookiejar);
 
-  /* new in libcurl 7.9.7 */
   my_setopt_long(curl, CURLOPT_COOKIESESSION, config->cookiesession);
 
   return result;
 }
 
-static CURLcode tcp_setopts(struct OperationConfig *config,
-                            CURL *curl)
+static void tcp_setopts(struct OperationConfig *config, CURL *curl)
 {
   if(!config->tcp_nodelay)
     my_setopt_long(curl, CURLOPT_TCP_NODELAY, 0);
@@ -611,7 +582,8 @@ static CURLcode tcp_setopts(struct OperationConfig *config,
     my_setopt_long(curl, CURLOPT_TCP_FASTOPEN, 1);
 
   if(config->mptcp)
-    my_setopt(curl, CURLOPT_OPENSOCKETFUNCTION, tool_socket_open_mptcp_cb);
+    my_setopt_ptr(curl, CURLOPT_OPENSOCKETFUNCTION,
+                  tool_socket_open_mptcp_cb);
 
   /* curl 7.17.1 */
   if(!config->nokeepalive) {
@@ -625,51 +597,41 @@ static CURLcode tcp_setopts(struct OperationConfig *config,
   }
   else
     my_setopt_long(curl, CURLOPT_TCP_KEEPALIVE, 0);
-  return CURLE_OK;
 }
 
 static CURLcode ftp_setopts(struct OperationConfig *config, CURL *curl)
 {
-  my_setopt_str(curl, CURLOPT_FTPPORT, config->ftpport);
+  CURLcode result;
+  MY_SETOPT_STR(curl, CURLOPT_FTPPORT, config->ftpport);
 
-  /* new in libcurl 7.9.2: */
   if(config->disable_epsv)
     /* disable it */
     my_setopt_long(curl, CURLOPT_FTP_USE_EPSV, 0);
 
-  /* new in libcurl 7.10.5 */
   if(config->disable_eprt)
     /* disable it */
     my_setopt_long(curl, CURLOPT_FTP_USE_EPRT, 0);
 
-  /* new in curl 7.16.1 */
   if(config->ftp_ssl_ccc)
     my_setopt_enum(curl, CURLOPT_FTP_SSL_CCC, config->ftp_ssl_ccc_mode);
 
-  my_setopt_str(curl, CURLOPT_FTP_ACCOUNT, config->ftp_account);
-
-  /* curl 7.14.2 */
+  MY_SETOPT_STR(curl, CURLOPT_FTP_ACCOUNT, config->ftp_account);
   my_setopt_long(curl, CURLOPT_FTP_SKIP_PASV_IP, config->ftp_skip_ip);
-
-  /* curl 7.15.1 */
   my_setopt_long(curl, CURLOPT_FTP_FILEMETHOD, config->ftp_filemethod);
-
-    /* curl 7.15.5 */
-  my_setopt_str(curl, CURLOPT_FTP_ALTERNATIVE_TO_USER,
+  MY_SETOPT_STR(curl, CURLOPT_FTP_ALTERNATIVE_TO_USER,
                 config->ftp_alternative_to_user);
 
-  /* curl 7.20.x */
   if(config->ftp_pret)
     my_setopt_long(curl, CURLOPT_FTP_USE_PRET, 1);
 
-  return CURLE_OK;
+  return result;
 }
 
 static void gen_trace_setopts(struct OperationConfig *config, CURL *curl)
 {
   if(global->tracetype != TRACE_NONE) {
-    my_setopt(curl, CURLOPT_DEBUGFUNCTION, tool_debug_cb);
-    my_setopt(curl, CURLOPT_DEBUGDATA, config);
+    my_setopt_ptr(curl, CURLOPT_DEBUGFUNCTION, tool_debug_cb);
+    my_setopt_ptr(curl, CURLOPT_DEBUGDATA, config);
     my_setopt_long(curl, CURLOPT_VERBOSE, 1L);
   }
 }
@@ -681,45 +643,45 @@ static void gen_cb_setopts(struct OperationConfig *config,
   (void)config; /* when --libcurl is disabled */
 
   /* where to store */
-  my_setopt(curl, CURLOPT_WRITEDATA, per);
-  my_setopt(curl, CURLOPT_INTERLEAVEDATA, per);
+  my_setopt_ptr(curl, CURLOPT_WRITEDATA, per);
+  my_setopt_ptr(curl, CURLOPT_INTERLEAVEDATA, per);
 
   /* what call to write */
-  my_setopt(curl, CURLOPT_WRITEFUNCTION, tool_write_cb);
+  my_setopt_ptr(curl, CURLOPT_WRITEFUNCTION, tool_write_cb);
 
   /* what to read */
-  my_setopt(curl, CURLOPT_READDATA, per);
-  my_setopt(curl, CURLOPT_READFUNCTION, tool_read_cb);
+  my_setopt_ptr(curl, CURLOPT_READDATA, per);
+  my_setopt_ptr(curl, CURLOPT_READFUNCTION, tool_read_cb);
 
   /* in 7.18.0, the CURLOPT_SEEKFUNCTION/DATA pair is taking over what
      CURLOPT_IOCTLFUNCTION/DATA pair previously provided for seeking */
-  my_setopt(curl, CURLOPT_SEEKDATA, per);
-  my_setopt(curl, CURLOPT_SEEKFUNCTION, tool_seek_cb);
+  my_setopt_ptr(curl, CURLOPT_SEEKDATA, per);
+  my_setopt_ptr(curl, CURLOPT_SEEKFUNCTION, tool_seek_cb);
 
   if((global->progressmode == CURL_PROGRESS_BAR) &&
      !global->noprogress && !global->silent) {
     /* we want the alternative style, then we have to implement it
        ourselves! */
-    my_setopt(curl, CURLOPT_XFERINFOFUNCTION, tool_progress_cb);
-    my_setopt(curl, CURLOPT_XFERINFODATA, per);
+    my_setopt_ptr(curl, CURLOPT_XFERINFOFUNCTION, tool_progress_cb);
+    my_setopt_ptr(curl, CURLOPT_XFERINFODATA, per);
   }
   else if(per->uploadfile && !strcmp(per->uploadfile, ".")) {
     /* when reading from stdin in non-blocking mode, we use the progress
        function to unpause a busy read */
     my_setopt_long(curl, CURLOPT_NOPROGRESS, 0);
-    my_setopt(curl, CURLOPT_XFERINFOFUNCTION, tool_readbusy_cb);
-    my_setopt(curl, CURLOPT_XFERINFODATA, per);
+    my_setopt_ptr(curl, CURLOPT_XFERINFOFUNCTION, tool_readbusy_cb);
+    my_setopt_ptr(curl, CURLOPT_XFERINFODATA, per);
   }
 
-  my_setopt(curl, CURLOPT_HEADERFUNCTION, tool_header_cb);
-  my_setopt(curl, CURLOPT_HEADERDATA, per);
+  my_setopt_ptr(curl, CURLOPT_HEADERFUNCTION, tool_header_cb);
+  my_setopt_ptr(curl, CURLOPT_HEADERDATA, per);
 }
 
 static CURLcode proxy_setopts(struct OperationConfig *config, CURL *curl)
 {
+  CURLcode result;
   if(config->proxy) {
-    CURLcode result = my_setopt_str(curl, CURLOPT_PROXY, config->proxy);
-
+    result = my_setopt_str(curl, CURLOPT_PROXY, config->proxy);
     if(result) {
       errorf("proxy support is disabled in this libcurl");
       config->synthetic_error = TRUE;
@@ -727,20 +689,14 @@ static CURLcode proxy_setopts(struct OperationConfig *config, CURL *curl)
     }
   }
 
-  /* new in libcurl 7.5 */
   if(config->proxy)
     my_setopt_enum(curl, CURLOPT_PROXYTYPE, config->proxyver);
 
-  my_setopt_str(curl, CURLOPT_PROXYUSERPWD, config->proxyuserpwd);
-
-  /* new in libcurl 7.3 */
+  MY_SETOPT_STR(curl, CURLOPT_PROXYUSERPWD, config->proxyuserpwd);
   my_setopt_long(curl, CURLOPT_HTTPPROXYTUNNEL, config->proxytunnel);
-
-  /* new in libcurl 7.52.0 */
   if(config->preproxy)
-    my_setopt_str(curl, CURLOPT_PRE_PROXY, config->preproxy);
+    MY_SETOPT_STR(curl, CURLOPT_PRE_PROXY, config->preproxy);
 
-  /* new in libcurl 7.10.6 */
   if(config->proxyanyauth)
     my_setopt_bitmask(curl, CURLOPT_PROXYAUTH, CURLAUTH_ANY);
   else if(config->proxynegotiate)
@@ -752,45 +708,42 @@ static CURLcode proxy_setopts(struct OperationConfig *config, CURL *curl)
   else if(config->proxybasic)
     my_setopt_bitmask(curl, CURLOPT_PROXYAUTH, CURLAUTH_BASIC);
 
-  /* new in libcurl 7.19.4 */
-  my_setopt_str(curl, CURLOPT_NOPROXY, config->noproxy);
-
+  MY_SETOPT_STR(curl, CURLOPT_NOPROXY, config->noproxy);
   my_setopt_long(curl, CURLOPT_SUPPRESS_CONNECT_HEADERS,
                  config->suppress_connect_headers);
 
-  /* new in curl 7.43.0 */
   if(config->proxy_service_name)
-    my_setopt_str(curl, CURLOPT_PROXY_SERVICE_NAME,
+    MY_SETOPT_STR(curl, CURLOPT_PROXY_SERVICE_NAME,
                   config->proxy_service_name);
 
-  /* new in 7.60.0 */
   if(config->haproxy_protocol)
     my_setopt_long(curl, CURLOPT_HAPROXYPROTOCOL, 1);
 
-  /* new in 8.2.0 */
   if(config->haproxy_clientip)
-    my_setopt_str(curl, CURLOPT_HAPROXY_CLIENT_IP, config->haproxy_clientip);
+    MY_SETOPT_STR(curl, CURLOPT_HAPROXY_CLIENT_IP, config->haproxy_clientip);
 
-  return CURLE_OK;
+  return result;
 }
 
-static void tls_srp_setopts(struct OperationConfig *config, CURL *curl)
+static CURLcode tls_srp_setopts(struct OperationConfig *config, CURL *curl)
 {
+  CURLcode result = CURLE_OK;
   if(config->tls_username)
-    my_setopt_str(curl, CURLOPT_TLSAUTH_USERNAME, config->tls_username);
+    MY_SETOPT_STR(curl, CURLOPT_TLSAUTH_USERNAME, config->tls_username);
   if(config->tls_password)
-    my_setopt_str(curl, CURLOPT_TLSAUTH_PASSWORD, config->tls_password);
+    MY_SETOPT_STR(curl, CURLOPT_TLSAUTH_PASSWORD, config->tls_password);
   if(config->tls_authtype)
-    my_setopt_str(curl, CURLOPT_TLSAUTH_TYPE, config->tls_authtype);
+    MY_SETOPT_STR(curl, CURLOPT_TLSAUTH_TYPE, config->tls_authtype);
   if(config->proxy_tls_username)
-    my_setopt_str(curl, CURLOPT_PROXY_TLSAUTH_USERNAME,
+    MY_SETOPT_STR(curl, CURLOPT_PROXY_TLSAUTH_USERNAME,
                   config->proxy_tls_username);
   if(config->proxy_tls_password)
-    my_setopt_str(curl, CURLOPT_PROXY_TLSAUTH_PASSWORD,
+    MY_SETOPT_STR(curl, CURLOPT_PROXY_TLSAUTH_PASSWORD,
                   config->proxy_tls_password);
   if(config->proxy_tls_authtype)
-    my_setopt_str(curl, CURLOPT_PROXY_TLSAUTH_TYPE,
+    MY_SETOPT_STR(curl, CURLOPT_PROXY_TLSAUTH_TYPE,
                   config->proxy_tls_authtype);
+  return result;
 }
 
 CURLcode config2setopts(struct OperationConfig *config,
@@ -838,21 +791,20 @@ CURLcode config2setopts(struct OperationConfig *config,
         my_setopt_long(curl, CURLOPT_BUFFERSIZE, BUFFER_SIZE);
   }
 
-  my_setopt_str(curl, CURLOPT_URL, per->url);
+  MY_SETOPT_STR(curl, CURLOPT_URL, per->url);
   my_setopt_long(curl, CURLOPT_NOPROGRESS,
                  global->noprogress || global->silent);
   /* call after the line above. It may override CURLOPT_NOPROGRESS */
   gen_cb_setopts(config, per, curl);
 
   my_setopt_long(curl, CURLOPT_NOBODY, config->no_body);
-  my_setopt_str(curl, CURLOPT_XOAUTH2_BEARER, config->oauth_bearer);
-
+  MY_SETOPT_STR(curl, CURLOPT_XOAUTH2_BEARER, config->oauth_bearer);
   result = proxy_setopts(config, curl);
-  if(result)
+  if(setopt_bad(result) || config->synthetic_error)
     return result;
 
   my_setopt_long(curl, CURLOPT_FAILONERROR, config->fail == FAIL_WO_BODY);
-  my_setopt_str(curl, CURLOPT_REQUEST_TARGET, config->request_target);
+  MY_SETOPT_STR(curl, CURLOPT_REQUEST_TARGET, config->request_target);
   my_setopt_long(curl, CURLOPT_UPLOAD, !!per->uploadfile);
   my_setopt_long(curl, CURLOPT_DIRLISTONLY, config->dirlistonly);
   my_setopt_long(curl, CURLOPT_APPEND, config->ftp_append);
@@ -864,12 +816,12 @@ CURLcode config2setopts(struct OperationConfig *config,
   else
     my_setopt_enum(curl, CURLOPT_NETRC, CURL_NETRC_IGNORED);
 
-  my_setopt_str(curl, CURLOPT_NETRC_FILE, config->netrc_file);
+  MY_SETOPT_STR(curl, CURLOPT_NETRC_FILE, config->netrc_file);
   my_setopt_long(curl, CURLOPT_TRANSFERTEXT, config->use_ascii);
-  my_setopt_str(curl, CURLOPT_LOGIN_OPTIONS, config->login_options);
-  my_setopt_str(curl, CURLOPT_USERPWD, config->userpwd);
-  my_setopt_str(curl, CURLOPT_RANGE, config->range);
-  my_setopt(curl, CURLOPT_ERRORBUFFER, per->errorbuffer);
+  MY_SETOPT_STR(curl, CURLOPT_LOGIN_OPTIONS, config->login_options);
+  MY_SETOPT_STR(curl, CURLOPT_USERPWD, config->userpwd);
+  MY_SETOPT_STR(curl, CURLOPT_RANGE, config->range);
+  my_setopt_ptr(curl, CURLOPT_ERRORBUFFER, per->errorbuffer);
   my_setopt_long(curl, CURLOPT_TIMEOUT_MS, config->timeout_ms);
 
   switch(config->httpreq) {
@@ -879,7 +831,7 @@ CURLcode config2setopts(struct OperationConfig *config,
       result = CURLE_FAILED_INIT;
     }
     else {
-      my_setopt_str(curl, CURLOPT_POSTFIELDS,
+      MY_SETOPT_STR(curl, CURLOPT_POSTFIELDS,
                     curlx_dyn_ptr(&config->postdata));
       my_setopt_offt(curl, CURLOPT_POSTFIELDSIZE_LARGE,
                      curlx_dyn_len(&config->postdata));
@@ -914,8 +866,8 @@ CURLcode config2setopts(struct OperationConfig *config,
   my_setopt_slist(curl, CURLOPT_HTTPHEADER, config->headers);
 
   if(proto_http || proto_rtsp) {
-    my_setopt_str(curl, CURLOPT_REFERER, config->referer);
-    my_setopt_str(curl, CURLOPT_USERAGENT, config->useragent);
+    MY_SETOPT_STR(curl, CURLOPT_REFERER, config->referer);
+    MY_SETOPT_STR(curl, CURLOPT_USERAGENT, config->useragent);
   }
 
   if(use_proto == proto_http || use_proto == proto_https) {
@@ -942,28 +894,26 @@ CURLcode config2setopts(struct OperationConfig *config,
   else
     my_setopt_offt(curl, CURLOPT_RESUME_FROM_LARGE, 0);
 
-  my_setopt_str(curl, CURLOPT_KEYPASSWD, config->key_passwd);
-  my_setopt_str(curl, CURLOPT_PROXY_KEYPASSWD, config->proxy_key_passwd);
+  MY_SETOPT_STR(curl, CURLOPT_KEYPASSWD, config->key_passwd);
+  MY_SETOPT_STR(curl, CURLOPT_PROXY_KEYPASSWD, config->proxy_key_passwd);
 
   if(use_proto == proto_scp || use_proto == proto_sftp) {
     result = ssh_setopts(config, curl);
-    if(result)
+    if(setopt_bad(result))
       return result;
   }
-
   if(feature_ssl) {
     result = ssl_setopts(config, curl);
-    if(result)
+    if(setopt_bad(result))
       return result;
   }
 
   if(config->path_as_is)
     my_setopt_long(curl, CURLOPT_PATH_AS_IS, 1);
 
-  if(config->no_body || config->remote_time) {
+  if(config->no_body || config->remote_time)
     /* no body or use remote time */
     my_setopt_long(curl, CURLOPT_FILETIME, 1);
-  }
 
   my_setopt_long(curl, CURLOPT_CRLF, config->crlf);
   my_setopt_slist(curl, CURLOPT_QUOTE, config->quote);
@@ -972,18 +922,18 @@ CURLcode config2setopts(struct OperationConfig *config,
 
   my_setopt_enum(curl, CURLOPT_TIMECONDITION, config->timecond);
   my_setopt_offt(curl, CURLOPT_TIMEVALUE_LARGE, config->condtime);
-  my_setopt_str(curl, CURLOPT_CUSTOMREQUEST, config->customrequest);
+  MY_SETOPT_STR(curl, CURLOPT_CUSTOMREQUEST, config->customrequest);
   customrequest_helper(config->httpreq, config->customrequest);
-  my_setopt(curl, CURLOPT_STDERR, tool_stderr);
-  my_setopt_str(curl, CURLOPT_INTERFACE, config->iface);
+  my_setopt_ptr(curl, CURLOPT_STDERR, tool_stderr);
+  MY_SETOPT_STR(curl, CURLOPT_INTERFACE, config->iface);
   progressbarinit(&per->progressbar, config);
-  my_setopt_str(curl, CURLOPT_DNS_SERVERS, config->dns_servers);
-  my_setopt_str(curl, CURLOPT_DNS_INTERFACE, config->dns_interface);
-  my_setopt_str(curl, CURLOPT_DNS_LOCAL_IP4, config->dns_ipv4_addr);
-  my_setopt_str(curl, CURLOPT_DNS_LOCAL_IP6, config->dns_ipv6_addr);
+  MY_SETOPT_STR(curl, CURLOPT_DNS_SERVERS, config->dns_servers);
+  MY_SETOPT_STR(curl, CURLOPT_DNS_INTERFACE, config->dns_interface);
+  MY_SETOPT_STR(curl, CURLOPT_DNS_LOCAL_IP4, config->dns_ipv4_addr);
+  MY_SETOPT_STR(curl, CURLOPT_DNS_LOCAL_IP6, config->dns_ipv6_addr);
   my_setopt_slist(curl, CURLOPT_TELNETOPTIONS, config->telnet_options);
   my_setopt_long(curl, CURLOPT_CONNECTTIMEOUT_MS, config->connecttimeout_ms);
-  my_setopt_str(curl, CURLOPT_DOH_URL, config->doh_url);
+  MY_SETOPT_STR(curl, CURLOPT_DOH_URL, config->doh_url);
   my_setopt_long(curl, CURLOPT_FTP_CREATE_MISSING_DIRS,
                  (config->ftp_create_dirs ?
                   CURLFTP_CREATE_DIR_RETRY : CURLFTP_CREATE_DIR_NONE));
@@ -994,7 +944,7 @@ CURLcode config2setopts(struct OperationConfig *config,
     my_setopt_long(curl, CURLOPT_SOCKS5_GSSAPI_NEC, 1);
   if(config->socks5_auth)
     my_setopt_bitmask(curl, CURLOPT_SOCKS5_AUTH, config->socks5_auth);
-  my_setopt_str(curl, CURLOPT_SERVICE_NAME, config->service_name);
+  MY_SETOPT_STR(curl, CURLOPT_SERVICE_NAME, config->service_name);
   my_setopt_long(curl, CURLOPT_IGNORE_CONTENT_LENGTH, config->ignorecl);
 
   if(config->localport) {
@@ -1007,14 +957,12 @@ CURLcode config2setopts(struct OperationConfig *config,
     my_setopt_long(curl, CURLOPT_HTTP_TRANSFER_DECODING, 0);
   }
 
-  result = tcp_setopts(config, curl);
-  if(result)
-    return result;
+  tcp_setopts(config, curl);
 
   if(config->tftp_blksize && proto_tftp)
     my_setopt_long(curl, CURLOPT_TFTP_BLKSIZE, config->tftp_blksize);
 
-  my_setopt_str(curl, CURLOPT_MAIL_FROM, config->mail_from);
+  MY_SETOPT_STR(curl, CURLOPT_MAIL_FROM, config->mail_from);
   my_setopt_slist(curl, CURLOPT_MAIL_RCPT, config->mail_rcpt);
   my_setopt_long(curl, CURLOPT_MAIL_RCPT_ALLOWFAILS,
                  config->mail_rcpt_allowfails);
@@ -1022,35 +970,36 @@ CURLcode config2setopts(struct OperationConfig *config,
     my_setopt_long(curl, CURLOPT_NEW_FILE_PERMS, config->create_file_mode);
 
   if(config->proto_present)
-    my_setopt_str(curl, CURLOPT_PROTOCOLS_STR, config->proto_str);
+    MY_SETOPT_STR(curl, CURLOPT_PROTOCOLS_STR, config->proto_str);
   if(config->proto_redir_present)
-    my_setopt_str(curl, CURLOPT_REDIR_PROTOCOLS_STR, config->proto_redir_str);
+    MY_SETOPT_STR(curl, CURLOPT_REDIR_PROTOCOLS_STR, config->proto_redir_str);
 
   my_setopt_slist(curl, CURLOPT_RESOLVE, config->resolve);
   my_setopt_slist(curl, CURLOPT_CONNECT_TO, config->connect_to);
 
-  if(feature_tls_srp)
-    tls_srp_setopts(config, curl);
+  if(feature_tls_srp) {
+    result = tls_srp_setopts(config, curl);
+    if(setopt_bad(result))
+      return result;
+  }
 
   if(config->gssapi_delegation)
     my_setopt_long(curl, CURLOPT_GSSAPI_DELEGATION, config->gssapi_delegation);
 
-  my_setopt_str(curl, CURLOPT_MAIL_AUTH, config->mail_auth);
-  my_setopt_str(curl, CURLOPT_SASL_AUTHZID, config->sasl_authzid);
+  MY_SETOPT_STR(curl, CURLOPT_MAIL_AUTH, config->mail_auth);
+  MY_SETOPT_STR(curl, CURLOPT_SASL_AUTHZID, config->sasl_authzid);
   my_setopt_long(curl, CURLOPT_SASL_IR, config->sasl_ir);
 
   if(config->unix_socket_path) {
-    if(config->abstract_unix_socket) {
-      my_setopt_str(curl, CURLOPT_ABSTRACT_UNIX_SOCKET,
+    if(config->abstract_unix_socket)
+      MY_SETOPT_STR(curl, CURLOPT_ABSTRACT_UNIX_SOCKET,
                     config->unix_socket_path);
-    }
-    else {
-      my_setopt_str(curl, CURLOPT_UNIX_SOCKET_PATH,
+    else
+      MY_SETOPT_STR(curl, CURLOPT_UNIX_SOCKET_PATH,
                     config->unix_socket_path);
-    }
   }
 
-  my_setopt_str(curl, CURLOPT_DEFAULT_PROTOCOL, config->proto_default);
+  MY_SETOPT_STR(curl, CURLOPT_DEFAULT_PROTOCOL, config->proto_default);
   my_setopt_long(curl, CURLOPT_TFTP_NO_OPTIONS,
                  config->tftp_no_options && proto_tftp);
 
@@ -1063,8 +1012,8 @@ CURLcode config2setopts(struct OperationConfig *config,
 
   if(config->ip_tos > 0 || config->vlan_priority > 0) {
 #if defined(IP_TOS) || defined(IPV6_TCLASS) || defined(SO_PRIORITY)
-    my_setopt(curl, CURLOPT_SOCKOPTFUNCTION, sockopt_callback);
-    my_setopt(curl, CURLOPT_SOCKOPTDATA, config);
+    my_setopt_ptr(curl, CURLOPT_SOCKOPTFUNCTION, sockopt_callback);
+    my_setopt_ptr(curl, CURLOPT_SOCKOPTDATA, config);
 #else
     if(config->ip_tos > 0) {
       errorf("Type of service is not supported in this build.");
diff --git a/src/tool_findfile.c b/src/tool_findfile.c
index 02898a8fb1..6e9fbdfd60 100644
--- a/src/tool_findfile.c
+++ b/src/tool_findfile.c
@@ -87,7 +87,8 @@ static char *checkhome(const char *home, const char *fname, bool dotscore)
 }
 
 /*
- * findfile() - return the full path name of the file.
+ * findfile() - returns the full path name of the file. It must be freed with
+ * curl_free().
  *
  * If 'dotscore' is TRUE, then check for the file first with a leading dot
  * and then with a leading underscore.
diff --git a/src/tool_setopt.c b/src/tool_setopt.c
index c3e7213dc8..ccecd3a7e0 100644
--- a/src/tool_setopt.c
+++ b/src/tool_setopt.c
@@ -23,11 +23,12 @@
  ***************************************************************************/
 #include "tool_setup.h"
 
-#ifndef CURL_DISABLE_LIBCURL_OPTION
-
 #include "tool_cfgable.h"
 #include "tool_easysrc.h"
 #include "tool_setopt.h"
+
+#ifndef CURL_DISABLE_LIBCURL_OPTION
+
 #include "tool_msgs.h"
 #include "memdebug.h" /* keep this as LAST include */
 
@@ -628,56 +629,79 @@ CURLcode tool_setopt_offt(CURL *curl, const char *name, CURLoption tag,
   return ret;
 }
 
-/* setopt wrapper for setting object and function pointer options */
-CURLcode tool_setopt(CURL *curl, struct OperationConfig *config,
-                     bool str, const char *name, CURLoption tag,
-                     ...)
+/* setopt wrapper for setting object and function pointers */
+CURLcode tool_setopt_ptr(CURL *curl, const char *name, CURLoption tag, ...)
 {
-  va_list arg;
-  CURLcode ret = CURLE_OK;
   void *pval;
-
-  va_start(arg, tag);
+  va_list arg;
+  CURLcode result;
 
   DEBUGASSERT(tag >= CURLOPTTYPE_OBJECTPOINT);
   DEBUGASSERT((tag < CURLOPTTYPE_OFF_T) || (tag >= CURLOPTTYPE_BLOB));
-
   /* we never set _BLOB options in the curl tool */
   DEBUGASSERT(tag < CURLOPTTYPE_BLOB);
 
+  va_start(arg, tag);
   /* argument is an object or function pointer */
   pval = va_arg(arg, void *);
 
-  ret = curl_easy_setopt(curl, tag, pval);
-
-  va_end(arg);
-
-  if(global->libcurl && pval && !ret) {
+  result = curl_easy_setopt(curl, tag, pval);
+  if(global->libcurl && pval && !result) {
     /* we only use this if --libcurl was used */
-
-    if(!str) {
-      /* function pointers are never printable */
-      const char *remark = (tag >= CURLOPTTYPE_FUNCTIONPOINT) ?
-        "function" : "object";
-      ret = easysrc_addf(&easysrc_toohard,
-                         "%s was set to a%s %s pointer", name,
-                         (*remark == 'o' ? "n" : ""), remark);
-    }
-    else {
-      curl_off_t len = ZERO_TERMINATED;
-      char *escaped;
-      if(tag == CURLOPT_POSTFIELDS)
-        len = curlx_dyn_len(&config->postdata);
-      escaped = c_escape(pval, len);
-      if(escaped) {
-        ret = easysrc_addf(&easysrc_code, "curl_easy_setopt(hnd, %s, \"%s\");",
-                           name, escaped);
-        free(escaped);
-      }
-    }
+    const char *remark = (tag >= CURLOPTTYPE_FUNCTIONPOINT) ?
+      "function" : "object";
+    result = easysrc_addf(&easysrc_toohard,
+                          "%s was set to a%s %s pointer", name,
+                          (*remark == 'o' ? "n" : ""), remark);
   }
 
-  return ret;
+  va_end(arg);
+  return result;
+}
+
+/* setopt wrapper for setting strings */
+CURLcode tool_setopt_str(CURL *curl, struct OperationConfig *config,
+                         const char *name, CURLoption tag, ...)
+{
+  char *str;
+  va_list arg;
+  CURLcode result;
+  DEBUGASSERT(tag >= CURLOPTTYPE_OBJECTPOINT);
+  DEBUGASSERT((tag < CURLOPTTYPE_OFF_T) || (tag >= CURLOPTTYPE_BLOB));
+  DEBUGASSERT(tag < CURLOPTTYPE_BLOB);
+  DEBUGASSERT(tag < CURLOPTTYPE_FUNCTIONPOINT);
+
+  va_start(arg, tag);
+  /* argument is a string */
+  str = va_arg(arg, char *);
+
+  result = curl_easy_setopt(curl, tag, str);
+  if(global->libcurl && str && !result) {
+    /* we only use this if --libcurl was used */
+    curl_off_t len = ZERO_TERMINATED;
+    char *escaped;
+    if(tag == CURLOPT_POSTFIELDS)
+      len = curlx_dyn_len(&config->postdata);
+    escaped = c_escape(str, len);
+    if(escaped) {
+      result = easysrc_addf(&easysrc_code,
+                            "curl_easy_setopt(hnd, %s, \"%s\");",
+                            name, escaped);
+      free(escaped);
+    }
+    else
+      result = CURLE_OUT_OF_MEMORY;
+  }
+
+  va_end(arg);
+  return result;
 }
 
 #endif /* CURL_DISABLE_LIBCURL_OPTION */
+
+/* return TRUE if the error code is "lethal" */
+bool setopt_bad(CURLcode result)
+{
+  return (result && (result != CURLE_NOT_BUILT_IN) &&
+          (result != CURLE_UNKNOWN_OPTION));
+}
diff --git a/src/tool_setopt.h b/src/tool_setopt.h
index 4f28df980e..5ca7188841 100644
--- a/src/tool_setopt.h
+++ b/src/tool_setopt.h
@@ -31,6 +31,9 @@
  * Macros used in operate()
  */
 
+/* return TRUE if the error code is "lethal" */
+bool setopt_bad(CURLcode result);
+
 #ifndef CURL_DISABLE_LIBCURL_OPTION
 
 /* Associate symbolic names with option values */
@@ -95,67 +98,68 @@ CURLcode tool_setopt_long(CURL *curl, const char *name, CURLoption tag,
                           long lval);
 CURLcode tool_setopt_offt(CURL *curl, const char *name, CURLoption tag,
                           curl_off_t lval);
-CURLcode tool_setopt(CURL *curl, struct OperationConfig *config,
-                     bool str, const char *name, CURLoption tag,
-                     ...);
+CURLcode tool_setopt_str(CURL *curl, struct OperationConfig *config,
+                         const char *name, CURLoption tag,
+                         ...) WARN_UNUSED_RESULT;
+CURLcode tool_setopt_ptr(CURL *curl, const char *name, CURLoption tag, ...);
 
-#define my_setopt(x,y,z) \
-  tool_setopt(x, config, FALSE, #y, y, z)
+#define my_setopt_ptr(x,y,z)                    \
+  tool_setopt_ptr(x, #y, y, z)
 
-#define my_setopt_long(x,y,z) \
+#define my_setopt_long(x,y,z)                   \
   tool_setopt_long(x, #y, y, z)
 
-#define my_setopt_offt(x,y,z) \
+#define my_setopt_offt(x,y,z)                   \
   tool_setopt_offt(x, #y, y, z)
 
-#define my_setopt_str(x,y,z) \
-  tool_setopt(x, config, TRUE, #y, y, z)
+#define my_setopt_str(x,y,z)                    \
+  tool_setopt_str(x, config, #y, y, z)
 
-#define my_setopt_enum(x,y,z) \
+/* assumes a 'result' variable to use. If the return code is benign it is left
+   in 'result' after this call, otherwise the function returns the error */
+#define MY_SETOPT_STR(x,y,z)                                     \
+  do {                                                           \
+    result = tool_setopt_str(x, config, #y, y, z);               \
+    if(setopt_bad(result))                                       \
+      return result;                                             \
+  } while(0)
+
+#define my_setopt_enum(x,y,z)                           \
   tool_setopt_enum(x, #y, y, setopt_nv_ ## y, z)
 
-#define my_setopt_SSLVERSION(x,y,z) \
+#define my_setopt_SSLVERSION(x,y,z)             \
   tool_setopt_SSLVERSION(x, #y, y, z)
 
-#define my_setopt_bitmask(x,y,z) \
+#define my_setopt_bitmask(x,y,z)                        \
   tool_setopt_bitmask(x, #y, y, setopt_nv_ ## y, z)
 
-#define my_setopt_mimepost(x,y,z) \
+#define my_setopt_mimepost(x,y,z)               \
   tool_setopt_mimepost(x, config, #y, y, z)
 
-#define my_setopt_slist(x,y,z) \
+#define my_setopt_slist(x,y,z)                  \
   tool_setopt_slist(x, #y, y, z)
 
 #else /* CURL_DISABLE_LIBCURL_OPTION */
 
 /* No --libcurl, so pass options directly to library */
 
-#define my_setopt(x,y,z) \
-  curl_easy_setopt(x, y, z)
+#define my_setopt_long(x,y,z) curl_easy_setopt(x, y, (long)(z))
+#define my_setopt_offt(x,y,z) curl_easy_setopt(x, y, (curl_off_t)(z))
+#define my_setopt_ptr(x,y,z) curl_easy_setopt(x, y, z)
+#define my_setopt_str(x,y,z) curl_easy_setopt(x, y, z)
+#define my_setopt_enum(x,y,z) curl_easy_setopt(x, y, z)
+#define my_setopt_SSLVERSION(x,y,z) curl_easy_setopt(x, y, z)
+#define my_setopt_bitmask(x,y,z) curl_easy_setopt(x, y, (long)z)
+#define my_setopt_mimepost(x,y,z) curl_easy_setopt(x, y, z)
+#define my_setopt_slist(x,y,z) curl_easy_setopt(x, y, z)
 
-#define my_setopt_long(x,y,z) \
-  curl_easy_setopt(x, y, (long)(z))
+#define MY_SETOPT_STR(x,y,z)                            \
+  do {                                                  \
+    result = curl_easy_setopt(x, y, z);                 \
+    if(setopt_bad(result))                              \
+      return result;                                    \
+  } while(0)
 
-#define my_setopt_offt(x,y,z) \
-  curl_easy_setopt(x, y, (curl_off_t)(z))
-
-#define my_setopt_str(x,y,z) \
-  curl_easy_setopt(x, y, z)
-
-#define my_setopt_enum(x,y,z) \
-  curl_easy_setopt(x, y, z)
-
-#define my_setopt_SSLVERSION(x,y,z) \
-  curl_easy_setopt(x, y, z)
-
-#define my_setopt_bitmask(x,y,z) \
-  curl_easy_setopt(x, y, (long)z)
-
-#define my_setopt_mimepost(x,y,z) \
-  curl_easy_setopt(x, y, z)
-
-#define my_setopt_slist(x,y,z) \
-  curl_easy_setopt(x, y, z)
 
 #endif /* CURL_DISABLE_LIBCURL_OPTION */
 
diff --git a/src/tool_ssls.c b/src/tool_ssls.c
index 6fb0180455..2b8cc10672 100644
--- a/src/tool_ssls.c
+++ b/src/tool_ssls.c
@@ -45,8 +45,9 @@ static CURLcode tool_ssls_easy(struct OperationConfig *config,
 
   result = curl_easy_setopt(*peasy, CURLOPT_SHARE, share);
   if(!result && (global->tracetype != TRACE_NONE)) {
-    my_setopt(*peasy, CURLOPT_DEBUGFUNCTION, tool_debug_cb);
-    my_setopt(*peasy, CURLOPT_DEBUGDATA, config);
+    result = my_setopt_ptr(*peasy, CURLOPT_DEBUGFUNCTION, tool_debug_cb);
+    if(!result)
+      result = my_setopt_ptr(*peasy, CURLOPT_DEBUGDATA, config);
     my_setopt_long(*peasy, CURLOPT_VERBOSE, 1L);
   }
   return result;

From f77c574445532e3c17e624fe4965b8aae4a8c45e Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Fri, 7 Nov 2025 00:52:12 +0100
Subject: [PATCH 0732/2408] renovate: update ruff less often

`ruff` seems to be getting a new release every week. Make renovate bump
it once every month.

Closes #19392
---
 renovate.json | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/renovate.json b/renovate.json
index 102bf42521..e48d6a93b8 100644
--- a/renovate.json
+++ b/renovate.json
@@ -45,11 +45,12 @@
       "enabled": false
     },
     {
-      "description": "Schedule CodeQL updates on the 10th of each month",
+      "description": "Schedule package updates on the 10th of each month",
       "matchPackageNames": [
-        "/codeql/i"
+        "/codeql/i",
+        "/ruff/i"
       ],
-      "groupName": "CodeQL",
+      "groupName": "monthly updates (by name)",
       "schedule": [
         "* * 10 * *"
       ]
@@ -59,7 +60,7 @@
       "matchSourceUrls": [
         "**/awslabs/**"
       ],
-      "groupName": "monthly updates",
+      "groupName": "monthly updates (by source URL)",
       "schedule": [
         "* * 10 * *"
       ]

From 2684af257e7fc4369e4ac1d45b4e303859259677 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Fri, 7 Nov 2025 11:50:02 +0100
Subject: [PATCH 0733/2408] osslq: code readability

- remove assertions that are unnecessary
- lookup stream after assertions

Closes #19394
---
 lib/vquic/curl_osslq.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c
index 50051041df..efa653cf80 100644
--- a/lib/vquic/curl_osslq.c
+++ b/lib/vquic/curl_osslq.c
@@ -2007,7 +2007,7 @@ static CURLcode cf_osslq_send(struct Curl_cfilter *cf, struct Curl_easy *data,
                               size_t *pnwritten)
 {
   struct cf_osslq_ctx *ctx = cf->ctx;
-  struct h3_stream_ctx *stream = H3_STREAM_CTX(ctx, data);
+  struct h3_stream_ctx *stream = NULL;
   struct cf_call_data save;
   ssize_t nwritten;
   CURLcode result = CURLE_OK;
@@ -2027,6 +2027,7 @@ static CURLcode cf_osslq_send(struct Curl_cfilter *cf, struct Curl_easy *data,
   if(result)
     goto out;
 
+  stream = H3_STREAM_CTX(ctx, data);
   if(!stream || stream->s.id < 0) {
     nwritten = h3_stream_open(cf, data, buf, len, &result);
     if(nwritten < 0) {
@@ -2103,18 +2104,17 @@ static CURLcode cf_osslq_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
                               char *buf, size_t len, size_t *pnread)
 {
   struct cf_osslq_ctx *ctx = cf->ctx;
-  struct h3_stream_ctx *stream = H3_STREAM_CTX(ctx, data);
+  struct h3_stream_ctx *stream;
   struct cf_call_data save;
   CURLcode result = CURLE_OK;
 
-  (void)ctx;
   CF_DATA_SAVE(save, cf, data);
   DEBUGASSERT(cf->connected);
-  DEBUGASSERT(ctx);
   DEBUGASSERT(ctx->tls.ossl.ssl);
   DEBUGASSERT(ctx->h3.conn);
   *pnread = 0;
 
+  stream = H3_STREAM_CTX(ctx, data);
   if(!stream) {
     result = CURLE_RECV_ERROR;
     goto out;

From 608d96694b392a96e448de266a41fc65607150b9 Mon Sep 17 00:00:00 2001
From: x2018 
Date: Fri, 7 Nov 2025 01:59:00 +0800
Subject: [PATCH 0734/2408] lib: refactor the type of funcs which have useless
 return and checks

Some internal functions always return CURLE_OK.

- Curl_http_proxy_get_destination() does that from bb4032a, (2 years
  ago) And the original inline code does not need to check the status.

- Curl_wildcard_init() does that from e60fe20. (8 years ago)

- Curl_initinfo() does that from a very beginning.

- Curl_pgrsSetDownloadCounter() did not have a return before 914e49b,
  ad051e1 recovered its content (2 years ago) but did not completely
  recovered the changes related to it.

- auth_digest_get_qop_values() does that from 676de7f.

This directly changes their type to void and cleaned the remaining
checks for their return value.

Closes #19386
---
 lib/cf-h2-proxy.c   |  5 +----
 lib/ftplistparser.c |  4 +---
 lib/ftplistparser.h |  2 +-
 lib/getinfo.c       |  3 +--
 lib/getinfo.h       |  2 +-
 lib/http_proxy.c    | 12 ++++--------
 lib/http_proxy.h    |  6 +++---
 lib/progress.c      |  3 +--
 lib/progress.h      |  4 +---
 lib/sendf.c         |  4 +---
 lib/telnet.c        |  5 ++---
 lib/transfer.c      |  4 +---
 lib/vauth/digest.c  |  8 ++------
 13 files changed, 20 insertions(+), 42 deletions(-)

diff --git a/lib/cf-h2-proxy.c b/lib/cf-h2-proxy.c
index b0638c6642..318fe54253 100644
--- a/lib/cf-h2-proxy.c
+++ b/lib/cf-h2-proxy.c
@@ -87,7 +87,6 @@ static CURLcode tunnel_stream_init(struct Curl_cfilter *cf,
   const char *hostname;
   int port;
   bool ipv6_ip;
-  CURLcode result;
 
   ts->state = H2_TUNNEL_INIT;
   ts->stream_id = -1;
@@ -95,9 +94,7 @@ static CURLcode tunnel_stream_init(struct Curl_cfilter *cf,
                   BUFQ_OPT_SOFT_LIMIT);
   Curl_bufq_init(&ts->sendbuf, PROXY_H2_CHUNK_SIZE, H2_TUNNEL_SEND_CHUNKS);
 
-  result = Curl_http_proxy_get_destination(cf, &hostname, &port, &ipv6_ip);
-  if(result)
-    return result;
+  Curl_http_proxy_get_destination(cf, &hostname, &port, &ipv6_ip);
 
   /* host:port with IPv6 support */
   ts->authority = curl_maprintf("%s%s%s:%d", ipv6_ip ? "[":"", hostname,
diff --git a/lib/ftplistparser.c b/lib/ftplistparser.c
index de573d3c57..d8d155d5c2 100644
--- a/lib/ftplistparser.c
+++ b/lib/ftplistparser.c
@@ -185,12 +185,10 @@ static void fileinfo_dtor(void *user, void *element)
   Curl_fileinfo_cleanup(element);
 }
 
-CURLcode Curl_wildcard_init(struct WildcardData *wc)
+void Curl_wildcard_init(struct WildcardData *wc)
 {
   Curl_llist_init(&wc->filelist, fileinfo_dtor);
   wc->state = CURLWC_INIT;
-
-  return CURLE_OK;
 }
 
 void Curl_wildcard_dtor(struct WildcardData **wcp)
diff --git a/lib/ftplistparser.h b/lib/ftplistparser.h
index 5ba1f6a97d..ad8dee7438 100644
--- a/lib/ftplistparser.h
+++ b/lib/ftplistparser.h
@@ -65,7 +65,7 @@ struct WildcardData {
   unsigned char state; /* wildcard_states */
 };
 
-CURLcode Curl_wildcard_init(struct WildcardData *wc);
+void Curl_wildcard_init(struct WildcardData *wc);
 void Curl_wildcard_dtor(struct WildcardData **wcp);
 
 struct Curl_easy;
diff --git a/lib/getinfo.c b/lib/getinfo.c
index e2a8231d53..f57a454d5d 100644
--- a/lib/getinfo.c
+++ b/lib/getinfo.c
@@ -45,7 +45,7 @@
  * beginning of a perform session. It must reset the session-info variables,
  * in particular all variables in struct PureInfo.
  */
-CURLcode Curl_initinfo(struct Curl_easy *data)
+void Curl_initinfo(struct Curl_easy *data)
 {
   struct Progress *pro = &data->progress;
   struct PureInfo *info = &data->info;
@@ -91,7 +91,6 @@ CURLcode Curl_initinfo(struct Curl_easy *data)
 #ifdef USE_SSL
   Curl_ssl_free_certinfo(data);
 #endif
-  return CURLE_OK;
 }
 
 static CURLcode getinfo_char(struct Curl_easy *data, CURLINFO info,
diff --git a/lib/getinfo.h b/lib/getinfo.h
index 56bb440b43..f5efe4185c 100644
--- a/lib/getinfo.h
+++ b/lib/getinfo.h
@@ -24,6 +24,6 @@
  *
  ***************************************************************************/
 CURLcode Curl_getinfo(struct Curl_easy *data, CURLINFO info, ...);
-CURLcode Curl_initinfo(struct Curl_easy *data);
+void Curl_initinfo(struct Curl_easy *data);
 
 #endif /* HEADER_CURL_GETINFO_H */
diff --git a/lib/http_proxy.c b/lib/http_proxy.c
index f6e546b9fd..9bde118baf 100644
--- a/lib/http_proxy.c
+++ b/lib/http_proxy.c
@@ -167,9 +167,9 @@ static CURLcode dynhds_add_custom(struct Curl_easy *data,
   return CURLE_OK;
 }
 
-CURLcode Curl_http_proxy_get_destination(struct Curl_cfilter *cf,
-                                         const char **phostname,
-                                         int *pport, bool *pipv6_ip)
+void Curl_http_proxy_get_destination(struct Curl_cfilter *cf,
+                                     const char **phostname,
+                                     int *pport, bool *pipv6_ip)
 {
   DEBUGASSERT(cf);
   DEBUGASSERT(cf->conn);
@@ -192,8 +192,6 @@ CURLcode Curl_http_proxy_get_destination(struct Curl_cfilter *cf,
     *pipv6_ip = (strchr(*phostname, ':') != NULL);
   else
     *pipv6_ip = cf->conn->bits.ipv6_ip;
-
-  return CURLE_OK;
 }
 
 struct cf_proxy_ctx {
@@ -214,9 +212,7 @@ CURLcode Curl_http_proxy_create_CONNECT(struct httpreq **preq,
   CURLcode result;
   struct httpreq *req = NULL;
 
-  result = Curl_http_proxy_get_destination(cf, &hostname, &port, &ipv6_ip);
-  if(result)
-    goto out;
+  Curl_http_proxy_get_destination(cf, &hostname, &port, &ipv6_ip);
 
   authority = curl_maprintf("%s%s%s:%d", ipv6_ip ? "[" : "", hostname,
                             ipv6_ip ?"]" : "", port);
diff --git a/lib/http_proxy.h b/lib/http_proxy.h
index e6ab2bacf3..17f7e10488 100644
--- a/lib/http_proxy.h
+++ b/lib/http_proxy.h
@@ -36,9 +36,9 @@ enum Curl_proxy_use {
   HEADER_CONNECT  /* sending CONNECT to a proxy */
 };
 
-CURLcode Curl_http_proxy_get_destination(struct Curl_cfilter *cf,
-                                         const char **phostname,
-                                         int *pport, bool *pipv6_ip);
+void Curl_http_proxy_get_destination(struct Curl_cfilter *cf,
+                                     const char **phostname,
+                                     int *pport, bool *pipv6_ip);
 
 CURLcode Curl_http_proxy_create_CONNECT(struct httpreq **preq,
                                         struct Curl_cfilter *cf,
diff --git a/lib/progress.c b/lib/progress.c
index 7b473ef3ae..928461043a 100644
--- a/lib/progress.c
+++ b/lib/progress.c
@@ -305,10 +305,9 @@ timediff_t Curl_pgrsLimitWaitTime(struct pgrs_dir *d,
 /*
  * Set the number of downloaded bytes so far.
  */
-CURLcode Curl_pgrsSetDownloadCounter(struct Curl_easy *data, curl_off_t size)
+void Curl_pgrsSetDownloadCounter(struct Curl_easy *data, curl_off_t size)
 {
   data->progress.dl.cur_size = size;
-  return CURLE_OK;
 }
 
 /*
diff --git a/lib/progress.h b/lib/progress.h
index bbe135cdbc..7a176b7554 100644
--- a/lib/progress.h
+++ b/lib/progress.h
@@ -48,9 +48,7 @@ void Curl_pgrsStartNow(struct Curl_easy *data);
 void Curl_pgrsSetDownloadSize(struct Curl_easy *data, curl_off_t size);
 void Curl_pgrsSetUploadSize(struct Curl_easy *data, curl_off_t size);
 
-/* It is fine to not check the return code if 'size' is set to 0 */
-CURLcode Curl_pgrsSetDownloadCounter(struct Curl_easy *data, curl_off_t size);
-
+void Curl_pgrsSetDownloadCounter(struct Curl_easy *data, curl_off_t size);
 void Curl_pgrsSetUploadCounter(struct Curl_easy *data, curl_off_t size);
 void Curl_ratelimit(struct Curl_easy *data, struct curltime now);
 int Curl_pgrsUpdate(struct Curl_easy *data);
diff --git a/lib/sendf.c b/lib/sendf.c
index f2c29956d1..980fae23e6 100644
--- a/lib/sendf.c
+++ b/lib/sendf.c
@@ -316,9 +316,7 @@ static CURLcode cw_download_write(struct Curl_easy *data,
   }
   /* Update stats, write and report progress */
   data->req.bytecount += nwrite;
-  result = Curl_pgrsSetDownloadCounter(data, data->req.bytecount);
-  if(result)
-    return result;
+  Curl_pgrsSetDownloadCounter(data, data->req.bytecount);
 
   if(excess_len) {
     if(!data->req.ignorebody) {
diff --git a/lib/telnet.c b/lib/telnet.c
index 5c25bc2eaa..232e56a884 100644
--- a/lib/telnet.c
+++ b/lib/telnet.c
@@ -1599,9 +1599,8 @@ static CURLcode telnet_do(struct Curl_easy *data, bool *done)
         }
 
         total_dl += nread;
-        result = Curl_pgrsSetDownloadCounter(data, total_dl);
-        if(!result)
-          result = telrcv(data, tn, (unsigned char *)buffer, nread);
+        Curl_pgrsSetDownloadCounter(data, total_dl);
+        result = telrcv(data, tn, (unsigned char *)buffer, nread);
         if(result) {
           keepon = FALSE;
           break;
diff --git a/lib/transfer.c b/lib/transfer.c
index 0269a4c250..98168d3aa6 100644
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -606,9 +606,7 @@ CURLcode Curl_pretransfer(struct Curl_easy *data)
           wc->dtor(wc->ftpwc);
         Curl_safefree(wc->pattern);
         Curl_safefree(wc->path);
-        result = Curl_wildcard_init(wc); /* init wildcard structures */
-        if(result)
-          return CURLE_OUT_OF_MEMORY;
+        Curl_wildcard_init(wc); /* init wildcard structures */
       }
     }
 #endif
diff --git a/lib/vauth/digest.c b/lib/vauth/digest.c
index 0a0b3580ed..a8d4ffe5b7 100644
--- a/lib/vauth/digest.c
+++ b/lib/vauth/digest.c
@@ -232,7 +232,7 @@ static bool auth_digest_get_key_value(const char *chlg, const char *key,
   return FALSE;
 }
 
-static CURLcode auth_digest_get_qop_values(const char *options, int *value)
+static void auth_digest_get_qop_values(const char *options, int *value)
 {
   struct Curl_str out;
   /* Initialise the output */
@@ -248,8 +248,6 @@ static CURLcode auth_digest_get_qop_values(const char *options, int *value)
     if(curlx_str_single(&options, ','))
       break;
   }
-
-  return CURLE_OK;
 }
 
 /*
@@ -377,9 +375,7 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data,
     return CURLE_BAD_CONTENT_ENCODING;
 
   /* Get the qop-values from the qop-options */
-  result = auth_digest_get_qop_values(qop_options, &qop_values);
-  if(result)
-    return result;
+  auth_digest_get_qop_values(qop_options, &qop_values);
 
   /* We only support auth quality-of-protection */
   if(!(qop_values & DIGEST_QOP_VALUE_AUTH))

From 891714acb4b1a9ebff9c6f773c07f9bcd909efef Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Fri, 7 Nov 2025 13:06:28 +0100
Subject: [PATCH 0735/2408] RELEASE-NOTES: synced

---
 RELEASE-NOTES | 41 ++++++++++++++++++++++++++++++++++++++---
 1 file changed, 38 insertions(+), 3 deletions(-)

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index f5e85c2248..cb00262594 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -4,16 +4,33 @@ curl and libcurl 8.17.1
  Command line options:         273
  curl_easy_setopt() options:   308
  Public functions in libcurl:  100
- Contributors:                 3536
+ Contributors:                 3535
 
 This release includes the following changes:
 
 
 This release includes the following bugfixes:
 
+ o checksrc.pl: detect assign followed by more than one space [26]
+ o cmake: disable `CURL_CA_PATH` auto-detection if `USE_APPLE_SECTRUST=ON` [16]
+ o conncache: silence `-Wnull-dereference` on gcc 14 RISC-V 64 [17]
+ o curl: fix progress meter in parallel mode [15]
+ o docs: fix checksrc `EQUALSPACE` warnings [21]
+ o gnutls: report accurate error when TLS-SRP is not built-in [18]
  o gtls: add return checks and optimize the code [2]
  o lib: cleanup for some typos about spaces and code style [3]
+ o lib: refactor the type of funcs which have useless return and checks [1]
  o m4/sectrust: fix test(1) operator [4]
+ o mbedtls: fix potential use of uninitialized `nread` [8]
+ o openssl: remove code handling default version [28]
+ o osslq: code readability [5]
+ o setopt: when setting bad protocols, don't store them [9]
+ o tool: consider (some) curl_easy_setopt errors fatal [7]
+ o tool_help: add checks to avoid unsigned wrap around [14]
+ o tool_ipfs: check return codes better [20]
+ o tool_operate: remove redundant condition [19]
+ o tool_paramhlp: refuse --proto remove all protocols [10]
+ o wolfSSL: able to differentiate between IP and DNS in alt names [13]
 
 This release includes the following known bugs:
 
@@ -37,11 +54,29 @@ Planned upcoming removals include:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 
-  Daniel Stenberg, Thomas Klausner, Viktor Szakats, Xiaoke Wang
-  (4 contributors)
+  Dan Fandrich, Daniel Stenberg, Juliusz Sosinowicz, renovate[bot],
+  Stefan Eissing, Thomas Klausner, Viktor Szakats, Xiaoke Wang
+  (8 contributors)
 
 References to bug reports and discussions on issues:
 
+ [1] = https://curl.se/bug/?i=19386
  [2] = https://curl.se/bug/?i=19366
  [3] = https://curl.se/bug/?i=19370
  [4] = https://curl.se/bug/?i=19371
+ [5] = https://curl.se/bug/?i=19394
+ [7] = https://curl.se/bug/?i=19385
+ [8] = https://curl.se/bug/?i=19393
+ [9] = https://curl.se/bug/?i=19389
+ [10] = https://curl.se/bug/?i=19388
+ [13] = https://curl.se/bug/?i=19364
+ [14] = https://curl.se/bug/?i=19377
+ [15] = https://curl.se/bug/?i=19383
+ [16] = https://curl.se/bug/?i=19380
+ [17] = https://curl.se/bug/?i=19378
+ [18] = https://curl.se/bug/?i=19365
+ [19] = https://curl.se/bug/?i=19381
+ [20] = https://curl.se/bug/?i=19382
+ [21] = https://curl.se/bug/?i=19379
+ [26] = https://curl.se/bug/?i=19375
+ [28] = https://curl.se/bug/?i=19354

From d8bad9926ca6ca6def5c09fbcecebcd6c87b68a7 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Fri, 7 Nov 2025 13:42:36 +0100
Subject: [PATCH 0736/2408] docs: mention umask need when curl creates files

for cookies, alt-svc and HSTS, command line and library

Closes #19396
---
 .github/scripts/pyspelling.words       | 1 +
 docs/cmdline-opts/alt-svc.md           | 3 +++
 docs/cmdline-opts/cookie-jar.md        | 3 +++
 docs/cmdline-opts/hsts.md              | 3 +++
 docs/libcurl/opts/CURLOPT_ALTSVC.md    | 4 ++++
 docs/libcurl/opts/CURLOPT_COOKIEJAR.md | 4 ++++
 docs/libcurl/opts/CURLOPT_HSTS.md      | 4 ++++
 7 files changed, 22 insertions(+)

diff --git a/.github/scripts/pyspelling.words b/.github/scripts/pyspelling.words
index a5c2809130..f64025b2ad 100644
--- a/.github/scripts/pyspelling.words
+++ b/.github/scripts/pyspelling.words
@@ -889,6 +889,7 @@ UI
 UID
 UIDL
 Ultrix
+umask
 Unary
 unassign
 UNC
diff --git a/docs/cmdline-opts/alt-svc.md b/docs/cmdline-opts/alt-svc.md
index 257f4d5b9c..a3b17d04f1 100644
--- a/docs/cmdline-opts/alt-svc.md
+++ b/docs/cmdline-opts/alt-svc.md
@@ -24,5 +24,8 @@ filename again if it has been modified.
 Specify a "" filename (zero length) to avoid loading/saving and make curl just
 handle the cache in memory.
 
+You may want to restrict your umask to prevent other users on the same system
+to access the created file.
+
 If this option is used several times, curl loads contents from all the
 files but the last one is used for saving.
diff --git a/docs/cmdline-opts/cookie-jar.md b/docs/cmdline-opts/cookie-jar.md
index 103144acc3..de09fd5274 100644
--- a/docs/cmdline-opts/cookie-jar.md
+++ b/docs/cmdline-opts/cookie-jar.md
@@ -37,3 +37,6 @@ If the cookie jar cannot be created or written to, the whole curl operation
 does not fail or even report an error clearly. Using --verbose gets a warning
 displayed, but that is the only visible feedback you get about this possibly
 lethal situation.
+
+You may want to restrict your umask to prevent other users on the same system
+to access the created file.
diff --git a/docs/cmdline-opts/hsts.md b/docs/cmdline-opts/hsts.md
index ca6b07e66d..f58566e95d 100644
--- a/docs/cmdline-opts/hsts.md
+++ b/docs/cmdline-opts/hsts.md
@@ -28,5 +28,8 @@ performed.
 Specify a "" filename (zero length) to avoid loading/saving and make curl just
 handle HSTS in memory.
 
+You may want to restrict your umask to prevent other users on the same system
+to access the created file.
+
 If this option is used several times, curl loads contents from all the
 files but the last one is used for saving.
diff --git a/docs/libcurl/opts/CURLOPT_ALTSVC.md b/docs/libcurl/opts/CURLOPT_ALTSVC.md
index b74565790c..0b2a9cad72 100644
--- a/docs/libcurl/opts/CURLOPT_ALTSVC.md
+++ b/docs/libcurl/opts/CURLOPT_ALTSVC.md
@@ -47,6 +47,10 @@ libcurl cannot fully protect against attacks where an attacker has write
 access to the same directory where it is directed to save files. This is
 particularly sensitive if you save files using elevated privileges.
 
+libcurl creates the file to store the alt-svc cache in using default file
+permissions, meaning that on *nix systems you may need to restrict your umask
+to prevent other users on the same system to access the file.
+
 # DEFAULT
 
 NULL. The alt-svc cache is not read nor written to file.
diff --git a/docs/libcurl/opts/CURLOPT_COOKIEJAR.md b/docs/libcurl/opts/CURLOPT_COOKIEJAR.md
index 646972792e..01cf9c01c6 100644
--- a/docs/libcurl/opts/CURLOPT_COOKIEJAR.md
+++ b/docs/libcurl/opts/CURLOPT_COOKIEJAR.md
@@ -58,6 +58,10 @@ libcurl cannot fully protect against attacks where an attacker has write
 access to the same directory where it is directed to save files. This is
 particularly sensitive if you save files using elevated privileges.
 
+libcurl creates the file to store cookies using default file permissions,
+meaning that on *nix systems you may need to restrict your umask to prevent
+other users on the same system to access the file.
+
 # DEFAULT
 
 NULL
diff --git a/docs/libcurl/opts/CURLOPT_HSTS.md b/docs/libcurl/opts/CURLOPT_HSTS.md
index 79665d0a5c..667d159726 100644
--- a/docs/libcurl/opts/CURLOPT_HSTS.md
+++ b/docs/libcurl/opts/CURLOPT_HSTS.md
@@ -67,6 +67,10 @@ libcurl cannot fully protect against attacks where an attacker has write
 access to the same directory where it is directed to save files. This is
 particularly sensitive if you save files using elevated privileges.
 
+libcurl creates the file to store HSTS data in using default file permissions,
+meaning that on *nix systems you may need to restrict your umask to prevent
+other users on the same system to access the file.
+
 # %PROTOCOLS%
 
 # EXAMPLE

From 9d1acd048c75b24d56d5131cc12f907e37f0bd8f Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Fri, 7 Nov 2025 13:10:48 +0100
Subject: [PATCH 0737/2408] gtls: skip session resumption when verifystatus is
 set

Resumed TLS sessions skip OCSP stapled-response verification. Force a
full handshake so verifystatus() runs.

Follow-up to 4bfd7a961521e1fd6aab7610e931d82a342781

Pointed out by ZeroPath
---
 lib/vtls/gtls.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index f3d6abb23c..ebd2c8de1e 100644
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -1121,7 +1121,7 @@ CURLcode Curl_gtls_ctx_init(struct gtls_ctx *gctx,
   /* This might be a reconnect, so we check for a session ID in the cache
      to speed up things. We need to do this before constructing the gnutls
      session since we need to set flags depending on the kind of reuse. */
-  if(conn_config->cache_session) {
+  if(conn_config->cache_session && !conn_config->verifystatus) {
     result = Curl_ssl_scache_take(cf, data, peer->scache_key, &scs);
     if(result)
       goto out;

From 2d99cf07618d240c265aaf6795df3ef3b8ea7ceb Mon Sep 17 00:00:00 2001
From: Andrew 
Date: Mon, 3 Nov 2025 13:53:00 +0000
Subject: [PATCH 0738/2408] lib: fix gssapi.h include on IBMi

Fixes #19336
Closes #19337
---
 lib/config-os400.h | 3 +++
 lib/urldata.h      | 6 +++++-
 lib/vauth/vauth.h  | 6 +++++-
 lib/version.c      | 6 +++++-
 4 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/lib/config-os400.h b/lib/config-os400.h
index bccdb4a897..b08400fe97 100644
--- a/lib/config-os400.h
+++ b/lib/config-os400.h
@@ -102,6 +102,9 @@
 /* Define if you have GSS API. */
 #define HAVE_GSSAPI
 
+/* Define if you have the  header file. */
+#define HAVE_GSSAPI_H
+
 /* Define if you have the GNU gssapi libraries */
 #undef HAVE_GSSGNU
 
diff --git a/lib/urldata.h b/lib/urldata.h
index f79ccca0ac..f92bfcb3b2 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -191,7 +191,11 @@ typedef CURLcode (Curl_recv)(struct Curl_easy *data,   /* transfer */
 # ifdef HAVE_GSSGNU
 #  include 
 # else
-#  include 
+#  ifdef HAVE_GSSAPI_H
+#   include 
+#  else
+#   include 
+#  endif
 # endif
 #endif
 
diff --git a/lib/vauth/vauth.h b/lib/vauth/vauth.h
index 2ba8e471dc..51b9f41c1b 100644
--- a/lib/vauth/vauth.h
+++ b/lib/vauth/vauth.h
@@ -237,7 +237,11 @@ CURLcode Curl_auth_create_xoauth_bearer_message(const char *user,
 # ifdef HAVE_GSSGNU
 #  include 
 # else
-#  include 
+#  ifdef HAVE_GSSAPI_H
+#   include 
+#  else
+#   include 
+#  endif
 # endif
 #endif
 
diff --git a/lib/version.c b/lib/version.c
index 4c7e5712f0..f02b92fedf 100644
--- a/lib/version.c
+++ b/lib/version.c
@@ -81,7 +81,11 @@
 # ifdef HAVE_GSSGNU
 #  include 
 # else
-#  include 
+#  ifdef HAVE_GSSAPI_H
+#   include 
+#  else
+#   include 
+#  endif
 # endif
 #endif
 

From a6fcaf29588a50aa6c27a05994ebe3478f041fba Mon Sep 17 00:00:00 2001
From: x2018 
Date: Sat, 8 Nov 2025 00:43:51 +0800
Subject: [PATCH 0739/2408] rtmp: precaution for a potential integer truncation

On some platforms, socket descriptors may use types larger than int.
When these values exceed INT_MAX, conversion to int can truncate to
negative values causing RTMP connection failures, and even accidentally
affect other socket when high-value descriptors map to existing
lower-value sockets after integer conversion. This check ensures socket
values are within the safe range before passing them to the RTMP
library.

Closes #19399
---
 lib/curl_rtmp.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/lib/curl_rtmp.c b/lib/curl_rtmp.c
index 7006ca5eb9..779422c9ae 100644
--- a/lib/curl_rtmp.c
+++ b/lib/curl_rtmp.c
@@ -256,6 +256,11 @@ static CURLcode rtmp_connect(struct Curl_easy *data, bool *done)
   if(!r)
     return CURLE_FAILED_INIT;
 
+  if(conn->sock[FIRSTSOCKET] > INT_MAX) {
+    /* The socket value is invalid for rtmp. */
+    return CURLE_FAILED_INIT;
+  }
+
   r->m_sb.sb_socket = (int)conn->sock[FIRSTSOCKET];
 
   /* We have to know if it is a write before we send the

From 9c0ccd27390c985bd4b7875b5f161ac1e68c9da4 Mon Sep 17 00:00:00 2001
From: x2018 
Date: Fri, 7 Nov 2025 20:51:22 +0800
Subject: [PATCH 0740/2408] vtls: handle possible malicious certs_num from peer

For GnuTLS, mbedTLS, Rustls, Schannel and wolfSSL

This check was previously added for OpenSSL in 3df71e6dc23e80466c2d448

Closes #19397
---
 lib/vtls/gtls.c     | 26 +++++++++++++++++---------
 lib/vtls/mbedtls.c  | 13 +++++++++++--
 lib/vtls/openssl.c  |  2 --
 lib/vtls/rustls.c   |  7 ++++++-
 lib/vtls/schannel.c |  8 ++++++++
 lib/vtls/vtls.h     |  1 +
 lib/vtls/wolfssl.c  |  8 ++++++--
 7 files changed, 49 insertions(+), 16 deletions(-)

diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index ebd2c8de1e..34d9b84d79 100644
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -1618,19 +1618,27 @@ Curl_gtls_verifyserver(struct Curl_cfilter *cf,
   }
 
   if(data->set.ssl.certinfo && chain.certs) {
-    unsigned int i;
-
-    result = Curl_ssl_init_certinfo(data, (int)chain.num_certs);
-    if(result)
+    if(chain.num_certs > MAX_ALLOWED_CERT_AMOUNT) {
+      failf(data, "%u certificates is more than allowed (%u)",
+            chain.num_certs, MAX_ALLOWED_CERT_AMOUNT);
+      result = CURLE_SSL_CONNECT_ERROR;
       goto out;
+    }
+    else {
+      unsigned int i;
 
-    for(i = 0; i < chain.num_certs; i++) {
-      const char *beg = (const char *) chain.certs[i].data;
-      const char *end = beg + chain.certs[i].size;
-
-      result = Curl_extract_certinfo(data, (int)i, beg, end);
+      result = Curl_ssl_init_certinfo(data, (int)chain.num_certs);
       if(result)
         goto out;
+
+      for(i = 0; i < chain.num_certs; i++) {
+        const char *beg = (const char *) chain.certs[i].data;
+        const char *end = beg + chain.certs[i].size;
+
+        result = Curl_extract_certinfo(data, (int)i, beg, end);
+        if(result)
+          goto out;
+      }
     }
   }
 
diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c
index 36200de6fa..f5302499bd 100644
--- a/lib/vtls/mbedtls.c
+++ b/lib/vtls/mbedtls.c
@@ -475,10 +475,19 @@ mbed_extract_certinfo(struct Curl_easy *data, const mbedtls_x509_crt *crt)
 {
   CURLcode result;
   const mbedtls_x509_crt *cur;
+  int cert_count = 0;
   int i;
 
-  for(i = 0, cur = crt; cur; ++i, cur = cur->next);
-  result = Curl_ssl_init_certinfo(data, i);
+  for(cur = crt; cur && cert_count <= MAX_ALLOWED_CERT_AMOUNT; cur = cur->next)
+    cert_count++;
+
+  if(cert_count > MAX_ALLOWED_CERT_AMOUNT) {
+    infof(data, "Certificates is more than allowed (%u), skipping certinfo",
+          MAX_ALLOWED_CERT_AMOUNT);
+    return;
+  }
+
+  result = Curl_ssl_init_certinfo(data, cert_count);
 
   for(i = 0, cur = crt; result == CURLE_OK && cur; ++i, cur = cur->next) {
     const char *beg = (const char *) cur->raw.p;
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 87b00cc252..59fd0cbd6d 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -349,8 +349,6 @@ static CURLcode X509V3_ext(struct Curl_easy *data,
   return result;
 }
 
-#define MAX_ALLOWED_CERT_AMOUNT 100
-
 static CURLcode ossl_certchain(struct Curl_easy *data, SSL *ssl)
 {
   CURLcode result;
diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c
index ecf4d03152..262f016f9f 100644
--- a/lib/vtls/rustls.c
+++ b/lib/vtls/rustls.c
@@ -1211,8 +1211,13 @@ cr_connect(struct Curl_cfilter *cf,
       if(data->set.ssl.certinfo) {
         size_t num_certs = 0;
         size_t i;
-        while(rustls_connection_get_peer_certificate(rconn, (int)num_certs)) {
+        while(rustls_connection_get_peer_certificate(rconn, num_certs)) {
           num_certs++;
+          if(num_certs > MAX_ALLOWED_CERT_AMOUNT) {
+            failf(data, "%zu certificates is more than allowed (%u)",
+                  num_certs, MAX_ALLOWED_CERT_AMOUNT);
+            return CURLE_SSL_CONNECT_ERROR;
+          }
         }
         result = Curl_ssl_init_certinfo(data, (int)num_certs);
         if(result)
diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c
index f9d697bbb8..c96e0df77b 100644
--- a/lib/vtls/schannel.c
+++ b/lib/vtls/schannel.c
@@ -1478,6 +1478,8 @@ cert_counter_callback(const CERT_CONTEXT *ccert_context, bool reverse_order,
   (void)reverse_order;
   if(valid_cert_encoding(ccert_context))
     (*(int *)certs_count)++;
+  if(*(int *)certs_count > MAX_ALLOWED_CERT_AMOUNT)
+    return FALSE;
   return TRUE;
 }
 
@@ -1623,6 +1625,12 @@ schannel_connect_step3(struct Curl_cfilter *cf, struct Curl_easy *data)
     }
 
     traverse_cert_store(ccert_context, cert_counter_callback, &certs_count);
+    if(certs_count > MAX_ALLOWED_CERT_AMOUNT) {
+      failf(data, "%d certificates is more than allowed (%u)",
+            certs_count, MAX_ALLOWED_CERT_AMOUNT);
+      CertFreeCertificateContext(ccert_context);
+      return CURLE_SSL_CONNECT_ERROR;
+    }
 
     result = Curl_ssl_init_certinfo(data, certs_count);
     if(!result) {
diff --git a/lib/vtls/vtls.h b/lib/vtls/vtls.h
index 180333e63c..dbe13c5903 100644
--- a/lib/vtls/vtls.h
+++ b/lib/vtls/vtls.h
@@ -165,6 +165,7 @@ void Curl_ssl_version(char *buffer, size_t size);
 
 /* Certificate information list handling. */
 #define CURL_X509_STR_MAX  100000
+#define MAX_ALLOWED_CERT_AMOUNT 100
 
 void Curl_ssl_free_certinfo(struct Curl_easy *data);
 CURLcode Curl_ssl_init_certinfo(struct Curl_easy *data, int num);
diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c
index 19e8c5558a..585a406002 100644
--- a/lib/vtls/wolfssl.c
+++ b/lib/vtls/wolfssl.c
@@ -1512,9 +1512,13 @@ wssl_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data)
     wolfSSL_set_bio(wssl->ssl, bio, bio);
   }
 #else /* USE_BIO_CHAIN */
+  curl_socket_t sockfd = Curl_conn_cf_get_socket(cf, data);
+  if(sockfd > INT_MAX) {
+    failf(data, "SSL: socket value too large");
+    return CURLE_SSL_CONNECT_ERROR;
+  }
   /* pass the raw socket into the SSL layer */
-  if(!wolfSSL_set_fd(wssl->ssl,
-                     (int)Curl_conn_cf_get_socket(cf, data))) {
+  if(!wolfSSL_set_fd(wssl->ssl, (int)sockfd)) {
     failf(data, "SSL: wolfSSL_set_fd failed");
     return CURLE_SSL_CONNECT_ERROR;
   }

From 16c6ea36cca6684aacbcb33578af61b28e3fee0d Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 6 Nov 2025 23:59:16 +0100
Subject: [PATCH 0741/2408] GHA/linux: add minimal Fil-C build with tests

Requirements for Fil-C:
- not to accidentally pick up system headers. E.g. from `/usr/include`
  on Linux. It can happen when any dependency is auto-detected on this
  header path. This makes Fil-C find the wrong system headers, which
  in turn breaks the configuration step in subtle ways (with CMake) and
  less subtle ways (autotools). Then CMake ends up running into an error
  while compiling.
- build all dependencies with Fil-C too.
  (this patch doesn't build any dependencies yet.)
- "unity" mode disabled. It should work, but needs a lot of memory and
  slower than a standard compiler, or a Fil-C non-unity build.
- x86_64 Linux host platform when using the pre-built toolchain.

Observations on a minimal, static build made with no dependencies and
Fil-C 0.674 (based on clang 20.1.8).
- curl tool sizes:
  - cmake, default, w/o -O: 30 MB (gcc 14.2.0: 1.7 MB)
  - cmake, default, w/o -O, stripped: 29.6 MB (gcc: 1.4 MB)
  - cmake, Release, -O3: 7.2 MB (gcc: 1 MB)
  - cmake, Release, -O3, stripped: 6.8 MB (gcc: 0.93 MB)
  - autotools, default, -O2: 7 MB
- libcurl.a size is 32 MB (cmake, default, w/o -O) (gcc: 2.7 MB)
- build times 3-3.5x longer (compared to system gcc 14.2.0):
- all runtests available pass OK.
- all pytests skipped due to missing features/dependencies.
- shared libcurl builds also work (cmake, default: 25 MB libcurl.so and
  5.75 MB (5.6 stripped) curl tool)
- autotools works fine too, with dependencies disabled or set to avoid
  `/usr/include`.

Closes #19391
---
 .github/workflows/linux.yml | 27 ++++++++++++++++++++++++---
 1 file changed, 24 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml
index 6eeb6b697e..ccf171d932 100644
--- a/.github/workflows/linux.yml
+++ b/.github/workflows/linux.yml
@@ -55,6 +55,8 @@ env:
   RUSTLS_VERSION: 0.15.0
   # handled in renovate.json
   OPENLDAP_VERSION: 2.6.10
+  # renovate: datasource=github-tags depName=pizlonator/fil-c versioning=semver-partial registryUrl=https://github.com
+  FIL_C_VERSION: 0.674
 
 jobs:
   linux:
@@ -213,6 +215,15 @@ jobs:
           - name: '!ssl !http !smtp !imap'
             configure: --without-ssl --enable-debug --disable-http --disable-smtp --disable-imap --disable-unity
 
+          - name: 'Fil-C'
+            install_steps: filc
+            CC: /home/runner/filc/build/bin/filcc
+            generate: >-
+              -DBUILD_STATIC_LIBS=ON -DBUILD_SHARED_LIBS=OFF -DCMAKE_UNITY_BUILD=OFF
+              -DCURL_ENABLE_SSL=OFF -DCURL_USE_LIBPSL=OFF
+              -DCURL_ZLIB=OFF -DCURL_BROTLI=OFF -DCURL_ZSTD=OFF
+              -DUSE_NGHTTP2=OFF -DCURL_DISABLE_LDAP=ON -DUSE_LIBIDN2=OFF -DCURL_USE_LIBSSH2=OFF
+
           - name: 'clang-tidy'
             install_packages: clang-tidy libssl-dev libidn2-dev libssh2-1-dev libnghttp2-dev libldap-dev libkrb5-dev librtmp-dev libgnutls28-dev
             install_steps: skipall mbedtls rustls wolfssl-opensslextra
@@ -351,7 +362,7 @@ jobs:
             HOMEBREW_NO_AUTO_UPDATE=1 /home/linuxbrew/.linuxbrew/bin/brew install ${INSTALL_PACKAGES_BREW}
           fi
 
-      - name: 'install prereqs'
+      - name: 'install prereqs (i686)'
         if: ${{ contains(matrix.build.name, 'i686') }}
         run: |
           sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list
@@ -363,7 +374,7 @@ jobs:
             libpsl-dev:i386 libbrotli-dev:i386 libzstd-dev:i386 \
             ${MATRIX_INSTALL_PACKAGES}
 
-      - name: 'install dependencies'
+      - name: 'install prereqs (alpine)'
         if: ${{ startsWith(matrix.build.container, 'alpine') }}
         run: |
           apk add --no-cache build-base autoconf automake libtool perl openssl-dev \
@@ -372,6 +383,16 @@ jobs:
             py3-impacket py3-asn1 py3-six py3-pycryptodomex \
             perl-time-hires openssh stunnel sudo git openssl
 
+      - name: 'install Fil-C'
+        if: ${{ contains(matrix.build.install_steps, 'filc') }}
+        run: |
+          cd /home/runner
+          curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \
+            --location "https://github.com/pizlonator/fil-c/releases/download/v${FIL_C_VERSION}/filc-${FIL_C_VERSION}-linux-x86_64.tar.xz" | tar -xJ
+          mv "filc-${FIL_C_VERSION}-linux-x86_64" filc
+          cd filc
+          ./setup.sh
+
       - name: 'cache libressl'
         if: ${{ contains(matrix.build.install_steps, 'libressl') }}
         uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
@@ -652,7 +673,7 @@ jobs:
           fi
 
       - name: 'single-use function check'
-        if: ${{ contains(matrix.build.configure, '--disable-unity') || contains(matrix.build.generate, '-DCMAKE_UNITY_BUILD=OFF') }}
+        if: ${{ (contains(matrix.build.configure, '--disable-unity') || contains(matrix.build.generate, '-DCMAKE_UNITY_BUILD=OFF')) && !contains(matrix.build.install_steps, 'filc') }}
         run: |
           git config --global --add safe.directory "*"
           if [ "${MATRIX_BUILD}" = 'cmake' ]; then

From f55974c139d88582a9c503c9a35840f3b9fae458 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Sat, 8 Nov 2025 14:28:38 +0100
Subject: [PATCH 0742/2408] vtls: fix CURLOPT_CAPATH use

A regression in curl 8.17.0 led to a customer CAPATH set by the
application (or the curl command) to be ignored unless licurl was built
with a default CAPATH.

Add test cases using `--capath` on the custom pytest CA, generated with
the help of the openssl command when available.

Fixes #19401
Reported-by: Brad King
Closes #19308
---
 lib/vtls/vtls.c               |  4 ++--
 tests/http/test_17_ssl_use.py | 26 ++++++++++++++++++++++++++
 tests/http/testenv/certs.py   | 16 ++++++++++++++++
 tests/http/testenv/curl.py    |  3 ++-
 tests/http/testenv/env.py     | 20 ++++++++++++++++++++
 5 files changed, 66 insertions(+), 3 deletions(-)

diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
index 3b7a095c8b..3858cad983 100644
--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
@@ -310,7 +310,6 @@ CURLcode Curl_ssl_easy_config_complete(struct Curl_easy *data)
       if(result)
         return result;
     }
-    sslc->primary.CApath = data->set.str[STRING_SSL_CAPATH];
 #endif
 #ifdef CURL_CA_BUNDLE
     if(!sslc->custom_cafile && !set->str[STRING_SSL_CAFILE]) {
@@ -322,6 +321,7 @@ CURLcode Curl_ssl_easy_config_complete(struct Curl_easy *data)
   }
   sslc->primary.CAfile = data->set.str[STRING_SSL_CAFILE];
   sslc->primary.CRLfile = data->set.str[STRING_SSL_CRLFILE];
+  sslc->primary.CApath = data->set.str[STRING_SSL_CAPATH];
   sslc->primary.issuercert = data->set.str[STRING_SSL_ISSUERCERT];
   sslc->primary.issuercert_blob = data->set.blobs[BLOB_SSL_ISSUERCERT];
   sslc->primary.cipher_list = data->set.str[STRING_SSL_CIPHER_LIST];
@@ -358,7 +358,6 @@ CURLcode Curl_ssl_easy_config_complete(struct Curl_easy *data)
       if(result)
         return result;
     }
-    sslc->primary.CApath = data->set.str[STRING_SSL_CAPATH_PROXY];
 #endif
 #ifdef CURL_CA_BUNDLE
     if(!sslc->custom_cafile && !set->str[STRING_SSL_CAFILE_PROXY]) {
@@ -370,6 +369,7 @@ CURLcode Curl_ssl_easy_config_complete(struct Curl_easy *data)
 #endif
   }
   sslc->primary.CAfile = data->set.str[STRING_SSL_CAFILE_PROXY];
+  sslc->primary.CApath = data->set.str[STRING_SSL_CAPATH_PROXY];
   sslc->primary.cipher_list = data->set.str[STRING_SSL_CIPHER_LIST_PROXY];
   sslc->primary.cipher_list13 = data->set.str[STRING_SSL_CIPHER13_LIST_PROXY];
   sslc->primary.pinned_key = data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY];
diff --git a/tests/http/test_17_ssl_use.py b/tests/http/test_17_ssl_use.py
index 57e1c01404..615658f06c 100644
--- a/tests/http/test_17_ssl_use.py
+++ b/tests/http/test_17_ssl_use.py
@@ -597,3 +597,29 @@ class TestSSLUse:
         ])
         # expect NOT_IMPLEMENTED or OK
         assert r.exit_code in [0, 2], f'{r.dump_logs()}'
+
+    @pytest.mark.skipif(condition=not Env.have_openssl(), reason="needs openssl command")
+    def test_17_21_capath_valid(self, env: Env, httpd):
+        if env.curl_uses_lib('rustls-ffi'):
+            pytest.skip('rustls does not support CURLOPT_CAPATH')
+        proto = 'http/1.1'
+        curl = CurlClient(env=env)
+        url = f'https://{env.authority_for(env.domain1, proto)}/curltest/sslinfo'
+        r = curl.http_get(url=url, alpn_proto=proto, extra_args=[
+            '--capath', env.ca.hashdir
+        ])
+        assert r.exit_code == 0, f'{r.dump_logs()}'
+        assert r.json['HTTPS'] == 'on', f'{r.json}'
+
+    @pytest.mark.skipif(condition=not Env.have_openssl(), reason="needs openssl command")
+    def test_17_22_capath_invalid(self, env: Env, httpd):
+        # we can test all TLS backends here. the ones not supporting CAPATH
+        # need to fail as well as the ones which do, but get an invalid path.
+        proto = 'http/1.1'
+        curl = CurlClient(env=env)
+        url = f'https://{env.authority_for(env.domain1, proto)}/curltest/sslinfo'
+        r = curl.http_get(url=url, alpn_proto=proto, extra_args=[
+            '--capath', os.path.join(env.gen_dir, 'ca/invalid')
+        ])
+        # CURLE_PEER_FAILED_VERIFICATION or CURLE_SSL_CACERT_BADFILE
+        assert r.exit_code in [60, 77], f'{r.dump_logs()}'
diff --git a/tests/http/testenv/certs.py b/tests/http/testenv/certs.py
index e59b1ea147..c9a30aaac0 100644
--- a/tests/http/testenv/certs.py
+++ b/tests/http/testenv/certs.py
@@ -28,6 +28,8 @@ import base64
 import ipaddress
 import os
 import re
+import shutil
+import subprocess
 from datetime import timedelta, datetime, timezone
 from typing import List, Any, Optional
 
@@ -200,6 +202,10 @@ class Credentials:
     def combined_file(self) -> Optional[str]:
         return self._combined_file
 
+    @property
+    def hashdir(self) -> Optional[str]:
+        return os.path.join(self._store.path, 'hashdir')
+
     def get_first(self, name) -> Optional['Credentials']:
         creds = self._store.get_credentials_for_name(name) if self._store else []
         return creds[0] if len(creds) else None
@@ -236,6 +242,16 @@ class Credentials:
             creds.issue_certs(spec.sub_specs, chain=subchain)
         return creds
 
+    def create_hashdir(self, openssl):
+        os.makedirs(self.hashdir, exist_ok=True)
+        p = subprocess.run(args=[
+            openssl, 'x509', '-hash', '-noout', '-in', self.cert_file
+        ], capture_output=True, text=True)
+        if p.returncode != 0:
+            raise Exception(f'openssl failed to compute cert hash: {p}')
+        cert_hname = f'{p.stdout.strip()}.0'
+        shutil.copy(self.cert_file, os.path.join(self.hashdir, cert_hname))
+
 
 class CertStore:
 
diff --git a/tests/http/testenv/curl.py b/tests/http/testenv/curl.py
index dc885ab8cb..a92e4f681f 100644
--- a/tests/http/testenv/curl.py
+++ b/tests/http/testenv/curl.py
@@ -987,7 +987,8 @@ class CurlClient:
                 pass
             elif insecure:
                 args.append('--insecure')
-            elif active_options and "--cacert" in active_options:
+            elif active_options and ("--cacert" in active_options or \
+                    "--capath" in active_options):
                 pass
             elif u.hostname:
                 args.extend(["--cacert", self.env.ca.cert_file])
diff --git a/tests/http/testenv/env.py b/tests/http/testenv/env.py
index ff8741530b..859b704a35 100644
--- a/tests/http/testenv/env.py
+++ b/tests/http/testenv/env.py
@@ -199,6 +199,16 @@ class EnvConfig:
             ]),
         ]
 
+        self.openssl = 'openssl'
+        p = subprocess.run(args=[self.openssl, 'version'],
+                           capture_output=True, text=True)
+        if p.returncode != 0:
+            # no openssl in path
+            self.openssl = None
+            self.openssl_version = None
+        else:
+            self.openssl_version = p.stdout.strip()
+
         self.nghttpx = self.config['nghttpx']['nghttpx']
         if len(self.nghttpx.strip()) == 0:
             self.nghttpx = None
@@ -372,6 +382,10 @@ class Env:
     def incomplete_reason() -> Optional[str]:
         return Env.CONFIG.get_incomplete_reason()
 
+    @staticmethod
+    def have_openssl() -> bool:
+        return Env.CONFIG.openssl is not None
+
     @staticmethod
     def have_nghttpx() -> bool:
         return Env.CONFIG.nghttpx is not None
@@ -548,6 +562,8 @@ class Env:
                                               store_dir=ca_dir,
                                               key_type="rsa2048")
                 self._ca.issue_certs(self.CONFIG.cert_specs)
+                if self.have_openssl():
+                    self._ca.create_hashdir(self.openssl)
 
     def setup(self):
         os.makedirs(self.gen_dir, exist_ok=True)
@@ -703,6 +719,10 @@ class Env:
     def curl(self) -> str:
         return self.CONFIG.curl
 
+    @property
+    def openssl(self) -> Optional[str]:
+        return self.CONFIG.openssl
+
     @property
     def httpd(self) -> str:
         return self.CONFIG.httpd

From 8442c24c9a05dcf50ce44c8f92718138ae14dd0f Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Sat, 8 Nov 2025 13:09:50 +0100
Subject: [PATCH 0743/2408] CURLINFO: remove 'get' and 'get the' from each
 short desc

The short descriptions describe the data each info retrieves. The info
itself does not 'get' the data.

This simplifies and shortens the descriptions and make them more
consistent.

Closes #19406
---
 docs/libcurl/opts/CURLINFO_ACTIVESOCKET.md             |  2 +-
 docs/libcurl/opts/CURLINFO_APPCONNECT_TIME.md          |  2 +-
 docs/libcurl/opts/CURLINFO_CAINFO.md                   |  2 +-
 docs/libcurl/opts/CURLINFO_CAPATH.md                   |  2 +-
 docs/libcurl/opts/CURLINFO_CERTINFO.md                 |  2 +-
 docs/libcurl/opts/CURLINFO_CONDITION_UNMET.md          |  2 +-
 docs/libcurl/opts/CURLINFO_CONNECT_TIME.md             |  2 +-
 docs/libcurl/opts/CURLINFO_CONNECT_TIME_T.md           |  2 +-
 docs/libcurl/opts/CURLINFO_CONN_ID.md                  |  2 +-
 docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD.md  |  2 +-
 .../libcurl/opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD_T.md |  2 +-
 docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_UPLOAD.md    |  2 +-
 docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_UPLOAD_T.md  |  2 +-
 docs/libcurl/opts/CURLINFO_CONTENT_TYPE.md             |  2 +-
 docs/libcurl/opts/CURLINFO_COOKIELIST.md               |  2 +-
 docs/libcurl/opts/CURLINFO_EARLYDATA_SENT_T.md         |  2 +-
 docs/libcurl/opts/CURLINFO_EFFECTIVE_METHOD.md         |  2 +-
 docs/libcurl/opts/CURLINFO_EFFECTIVE_URL.md            |  2 +-
 docs/libcurl/opts/CURLINFO_FILETIME.md                 |  2 +-
 docs/libcurl/opts/CURLINFO_FILETIME_T.md               |  2 +-
 docs/libcurl/opts/CURLINFO_FTP_ENTRY_PATH.md           |  2 +-
 docs/libcurl/opts/CURLINFO_HEADER_SIZE.md              |  2 +-
 docs/libcurl/opts/CURLINFO_HTTPAUTH_AVAIL.md           |  2 +-
 docs/libcurl/opts/CURLINFO_HTTPAUTH_USED.md            |  2 +-
 docs/libcurl/opts/CURLINFO_HTTP_CONNECTCODE.md         |  2 +-
 docs/libcurl/opts/CURLINFO_HTTP_VERSION.md             | 10 +++++-----
 docs/libcurl/opts/CURLINFO_LASTSOCKET.md               |  2 +-
 docs/libcurl/opts/CURLINFO_LOCAL_IP.md                 |  2 +-
 docs/libcurl/opts/CURLINFO_LOCAL_PORT.md               |  2 +-
 docs/libcurl/opts/CURLINFO_NAMELOOKUP_TIME.md          |  2 +-
 docs/libcurl/opts/CURLINFO_NAMELOOKUP_TIME_T.md        |  2 +-
 docs/libcurl/opts/CURLINFO_NUM_CONNECTS.md             |  2 +-
 docs/libcurl/opts/CURLINFO_OS_ERRNO.md                 |  2 +-
 docs/libcurl/opts/CURLINFO_POSTTRANSFER_TIME_T.md      |  2 +-
 docs/libcurl/opts/CURLINFO_PRETRANSFER_TIME.md         |  2 +-
 docs/libcurl/opts/CURLINFO_PRETRANSFER_TIME_T.md       |  2 +-
 docs/libcurl/opts/CURLINFO_PRIMARY_IP.md               |  2 +-
 docs/libcurl/opts/CURLINFO_PRIMARY_PORT.md             |  2 +-
 docs/libcurl/opts/CURLINFO_PRIVATE.md                  |  2 +-
 docs/libcurl/opts/CURLINFO_PROTOCOL.md                 |  2 +-
 docs/libcurl/opts/CURLINFO_PROXYAUTH_AVAIL.md          |  2 +-
 docs/libcurl/opts/CURLINFO_PROXYAUTH_USED.md           |  2 +-
 docs/libcurl/opts/CURLINFO_PROXY_ERROR.md              |  2 +-
 docs/libcurl/opts/CURLINFO_PROXY_SSL_VERIFYRESULT.md   |  2 +-
 docs/libcurl/opts/CURLINFO_REDIRECT_COUNT.md           |  2 +-
 docs/libcurl/opts/CURLINFO_REDIRECT_TIME.md            |  2 +-
 docs/libcurl/opts/CURLINFO_REDIRECT_TIME_T.md          |  2 +-
 docs/libcurl/opts/CURLINFO_REDIRECT_URL.md             |  2 +-
 docs/libcurl/opts/CURLINFO_REFERER.md                  |  2 +-
 docs/libcurl/opts/CURLINFO_REQUEST_SIZE.md             |  2 +-
 docs/libcurl/opts/CURLINFO_RESPONSE_CODE.md            |  2 +-
 docs/libcurl/opts/CURLINFO_RTSP_CLIENT_CSEQ.md         |  2 +-
 docs/libcurl/opts/CURLINFO_RTSP_CSEQ_RECV.md           |  2 +-
 docs/libcurl/opts/CURLINFO_RTSP_SERVER_CSEQ.md         |  2 +-
 docs/libcurl/opts/CURLINFO_RTSP_SESSION_ID.md          |  2 +-
 docs/libcurl/opts/CURLINFO_SCHEME.md                   |  2 +-
 docs/libcurl/opts/CURLINFO_SIZE_DOWNLOAD.md            |  2 +-
 docs/libcurl/opts/CURLINFO_SIZE_DOWNLOAD_T.md          |  2 +-
 docs/libcurl/opts/CURLINFO_SIZE_UPLOAD.md              |  2 +-
 docs/libcurl/opts/CURLINFO_SIZE_UPLOAD_T.md            |  2 +-
 docs/libcurl/opts/CURLINFO_SPEED_DOWNLOAD.md           |  2 +-
 docs/libcurl/opts/CURLINFO_SPEED_DOWNLOAD_T.md         |  2 +-
 docs/libcurl/opts/CURLINFO_SPEED_UPLOAD.md             |  2 +-
 docs/libcurl/opts/CURLINFO_SPEED_UPLOAD_T.md           |  2 +-
 docs/libcurl/opts/CURLINFO_SSL_ENGINES.md              |  2 +-
 docs/libcurl/opts/CURLINFO_SSL_VERIFYRESULT.md         |  2 +-
 docs/libcurl/opts/CURLINFO_STARTTRANSFER_TIME.md       |  2 +-
 docs/libcurl/opts/CURLINFO_STARTTRANSFER_TIME_T.md     |  2 +-
 docs/libcurl/opts/CURLINFO_TLS_SESSION.md              |  2 +-
 docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.md              |  2 +-
 docs/libcurl/opts/CURLINFO_TOTAL_TIME.md               |  2 +-
 docs/libcurl/opts/CURLINFO_TOTAL_TIME_T.md             |  2 +-
 docs/libcurl/opts/CURLINFO_XFER_ID.md                  |  2 +-
 73 files changed, 77 insertions(+), 77 deletions(-)

diff --git a/docs/libcurl/opts/CURLINFO_ACTIVESOCKET.md b/docs/libcurl/opts/CURLINFO_ACTIVESOCKET.md
index 0bbb52ff14..a9db2926b2 100644
--- a/docs/libcurl/opts/CURLINFO_ACTIVESOCKET.md
+++ b/docs/libcurl/opts/CURLINFO_ACTIVESOCKET.md
@@ -16,7 +16,7 @@ Added-in: 7.45.0
 
 # NAME
 
-CURLINFO_ACTIVESOCKET - get the active socket
+CURLINFO_ACTIVESOCKET - active socket
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_APPCONNECT_TIME.md b/docs/libcurl/opts/CURLINFO_APPCONNECT_TIME.md
index 1c4a9cafb5..e86cd34cc5 100644
--- a/docs/libcurl/opts/CURLINFO_APPCONNECT_TIME.md
+++ b/docs/libcurl/opts/CURLINFO_APPCONNECT_TIME.md
@@ -15,7 +15,7 @@ Added-in: 7.19.0
 
 # NAME
 
-CURLINFO_APPCONNECT_TIME - get the time until the SSL/SSH handshake is completed
+CURLINFO_APPCONNECT_TIME - time until the SSL/SSH handshake is completed
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_CAINFO.md b/docs/libcurl/opts/CURLINFO_CAINFO.md
index 686e7b9d4e..23502d2296 100644
--- a/docs/libcurl/opts/CURLINFO_CAINFO.md
+++ b/docs/libcurl/opts/CURLINFO_CAINFO.md
@@ -17,7 +17,7 @@ Added-in: 7.84.0
 
 # NAME
 
-CURLINFO_CAINFO - get the default built-in CA certificate path
+CURLINFO_CAINFO - default built-in CA certificate path
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_CAPATH.md b/docs/libcurl/opts/CURLINFO_CAPATH.md
index c441805ca1..c58930e0e9 100644
--- a/docs/libcurl/opts/CURLINFO_CAPATH.md
+++ b/docs/libcurl/opts/CURLINFO_CAPATH.md
@@ -20,7 +20,7 @@ Added-in: 7.84.0
 
 # NAME
 
-CURLINFO_CAPATH - get the default built-in CA path string
+CURLINFO_CAPATH - default built-in CA path string
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_CERTINFO.md b/docs/libcurl/opts/CURLINFO_CERTINFO.md
index d1127afb9b..f9fd0ad51c 100644
--- a/docs/libcurl/opts/CURLINFO_CERTINFO.md
+++ b/docs/libcurl/opts/CURLINFO_CERTINFO.md
@@ -20,7 +20,7 @@ Added-in: 7.19.1
 
 # NAME
 
-CURLINFO_CERTINFO - get the TLS certificate chain
+CURLINFO_CERTINFO - TLS certificate chain
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_CONDITION_UNMET.md b/docs/libcurl/opts/CURLINFO_CONDITION_UNMET.md
index 5f13126ad7..9e7bd173c4 100644
--- a/docs/libcurl/opts/CURLINFO_CONDITION_UNMET.md
+++ b/docs/libcurl/opts/CURLINFO_CONDITION_UNMET.md
@@ -16,7 +16,7 @@ Added-in: 7.19.4
 
 # NAME
 
-CURLINFO_CONDITION_UNMET - get info on unmet time conditional or 304 HTTP response.
+CURLINFO_CONDITION_UNMET - unmet time conditional or 304 HTTP response
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_CONNECT_TIME.md b/docs/libcurl/opts/CURLINFO_CONNECT_TIME.md
index c259e9af5b..4a14a1cd7a 100644
--- a/docs/libcurl/opts/CURLINFO_CONNECT_TIME.md
+++ b/docs/libcurl/opts/CURLINFO_CONNECT_TIME.md
@@ -15,7 +15,7 @@ Added-in: 7.4.1
 
 # NAME
 
-CURLINFO_CONNECT_TIME - get the time until connect
+CURLINFO_CONNECT_TIME - time to connect
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_CONNECT_TIME_T.md b/docs/libcurl/opts/CURLINFO_CONNECT_TIME_T.md
index 89ae04c337..5f0eb1da7a 100644
--- a/docs/libcurl/opts/CURLINFO_CONNECT_TIME_T.md
+++ b/docs/libcurl/opts/CURLINFO_CONNECT_TIME_T.md
@@ -16,7 +16,7 @@ Added-in: 7.61.0
 
 # NAME
 
-CURLINFO_CONNECT_TIME_T - get the time until connect
+CURLINFO_CONNECT_TIME_T - time to connect
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_CONN_ID.md b/docs/libcurl/opts/CURLINFO_CONN_ID.md
index 1239c1e332..95d5258a59 100644
--- a/docs/libcurl/opts/CURLINFO_CONN_ID.md
+++ b/docs/libcurl/opts/CURLINFO_CONN_ID.md
@@ -15,7 +15,7 @@ Added-in: 8.2.0
 
 # NAME
 
-CURLINFO_CONN_ID - get the ID of the last connection used by the handle
+CURLINFO_CONN_ID - ID of the last connection
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD.md b/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD.md
index 46e8e7ba01..7b63c95d9d 100644
--- a/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD.md
+++ b/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD.md
@@ -15,7 +15,7 @@ Added-in: 7.6.1
 
 # NAME
 
-CURLINFO_CONTENT_LENGTH_DOWNLOAD - get content-length of download
+CURLINFO_CONTENT_LENGTH_DOWNLOAD - content-length of download
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD_T.md b/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD_T.md
index 7279bd6b6d..83a714b53d 100644
--- a/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD_T.md
+++ b/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD_T.md
@@ -15,7 +15,7 @@ Added-in: 7.55.0
 
 # NAME
 
-CURLINFO_CONTENT_LENGTH_DOWNLOAD_T - get content-length of download
+CURLINFO_CONTENT_LENGTH_DOWNLOAD_T - content-length of download
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_UPLOAD.md b/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_UPLOAD.md
index 725b7f9a45..6045dcfdbf 100644
--- a/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_UPLOAD.md
+++ b/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_UPLOAD.md
@@ -15,7 +15,7 @@ Added-in: 7.6.1
 
 # NAME
 
-CURLINFO_CONTENT_LENGTH_UPLOAD - get the specified size of the upload
+CURLINFO_CONTENT_LENGTH_UPLOAD - specified size of the upload
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_UPLOAD_T.md b/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_UPLOAD_T.md
index 9b37e54d6d..013f0d064c 100644
--- a/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_UPLOAD_T.md
+++ b/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_UPLOAD_T.md
@@ -15,7 +15,7 @@ Added-in: 7.55.0
 
 # NAME
 
-CURLINFO_CONTENT_LENGTH_UPLOAD_T - get the specified size of the upload
+CURLINFO_CONTENT_LENGTH_UPLOAD_T - specified size of the upload
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_CONTENT_TYPE.md b/docs/libcurl/opts/CURLINFO_CONTENT_TYPE.md
index 8a9093ced2..c019606cc1 100644
--- a/docs/libcurl/opts/CURLINFO_CONTENT_TYPE.md
+++ b/docs/libcurl/opts/CURLINFO_CONTENT_TYPE.md
@@ -16,7 +16,7 @@ Added-in: 7.9.4
 
 # NAME
 
-CURLINFO_CONTENT_TYPE - get Content-Type
+CURLINFO_CONTENT_TYPE - Content-Type of response
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_COOKIELIST.md b/docs/libcurl/opts/CURLINFO_COOKIELIST.md
index b0074b990b..c106864c3a 100644
--- a/docs/libcurl/opts/CURLINFO_COOKIELIST.md
+++ b/docs/libcurl/opts/CURLINFO_COOKIELIST.md
@@ -15,7 +15,7 @@ Added-in: 7.14.1
 
 # NAME
 
-CURLINFO_COOKIELIST - get all known cookies
+CURLINFO_COOKIELIST - all known cookies
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_EARLYDATA_SENT_T.md b/docs/libcurl/opts/CURLINFO_EARLYDATA_SENT_T.md
index 6855572970..5c1323ba1e 100644
--- a/docs/libcurl/opts/CURLINFO_EARLYDATA_SENT_T.md
+++ b/docs/libcurl/opts/CURLINFO_EARLYDATA_SENT_T.md
@@ -16,7 +16,7 @@ Added-in: 8.11.0
 
 # NAME
 
-CURLINFO_EARLYDATA_SENT_T - get the number of bytes sent as TLS early data
+CURLINFO_EARLYDATA_SENT_T - number of bytes sent as TLS early data
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_EFFECTIVE_METHOD.md b/docs/libcurl/opts/CURLINFO_EFFECTIVE_METHOD.md
index 5299dab8c1..4538a13342 100644
--- a/docs/libcurl/opts/CURLINFO_EFFECTIVE_METHOD.md
+++ b/docs/libcurl/opts/CURLINFO_EFFECTIVE_METHOD.md
@@ -16,7 +16,7 @@ Added-in: 7.72.0
 
 # NAME
 
-CURLINFO_EFFECTIVE_METHOD - get the last used HTTP method
+CURLINFO_EFFECTIVE_METHOD - last used HTTP request method
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_EFFECTIVE_URL.md b/docs/libcurl/opts/CURLINFO_EFFECTIVE_URL.md
index 172f6de3d4..6840583c84 100644
--- a/docs/libcurl/opts/CURLINFO_EFFECTIVE_URL.md
+++ b/docs/libcurl/opts/CURLINFO_EFFECTIVE_URL.md
@@ -15,7 +15,7 @@ Added-in: 7.4
 
 # NAME
 
-CURLINFO_EFFECTIVE_URL - get the last used URL
+CURLINFO_EFFECTIVE_URL - last used URL
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_FILETIME.md b/docs/libcurl/opts/CURLINFO_FILETIME.md
index 9d4c414d54..67bb822e49 100644
--- a/docs/libcurl/opts/CURLINFO_FILETIME.md
+++ b/docs/libcurl/opts/CURLINFO_FILETIME.md
@@ -17,7 +17,7 @@ Added-in: 7.5
 
 # NAME
 
-CURLINFO_FILETIME - get the remote time of the retrieved document
+CURLINFO_FILETIME - remote time of the retrieved document
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_FILETIME_T.md b/docs/libcurl/opts/CURLINFO_FILETIME_T.md
index 2d15ba88d4..627881c2a4 100644
--- a/docs/libcurl/opts/CURLINFO_FILETIME_T.md
+++ b/docs/libcurl/opts/CURLINFO_FILETIME_T.md
@@ -17,7 +17,7 @@ Added-in: 7.59.0
 
 # NAME
 
-CURLINFO_FILETIME_T - get the remote time of the retrieved document
+CURLINFO_FILETIME_T - remote time of the retrieved resource
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_FTP_ENTRY_PATH.md b/docs/libcurl/opts/CURLINFO_FTP_ENTRY_PATH.md
index db053e311e..8cf7aae9b2 100644
--- a/docs/libcurl/opts/CURLINFO_FTP_ENTRY_PATH.md
+++ b/docs/libcurl/opts/CURLINFO_FTP_ENTRY_PATH.md
@@ -15,7 +15,7 @@ Added-in: 7.15.4
 
 # NAME
 
-CURLINFO_FTP_ENTRY_PATH - get entry path in FTP server
+CURLINFO_FTP_ENTRY_PATH - entry path in FTP server
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_HEADER_SIZE.md b/docs/libcurl/opts/CURLINFO_HEADER_SIZE.md
index 85907f3b09..f546808320 100644
--- a/docs/libcurl/opts/CURLINFO_HEADER_SIZE.md
+++ b/docs/libcurl/opts/CURLINFO_HEADER_SIZE.md
@@ -16,7 +16,7 @@ Added-in: 7.4.1
 
 # NAME
 
-CURLINFO_HEADER_SIZE - get size of retrieved headers
+CURLINFO_HEADER_SIZE - size of response headers
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_HTTPAUTH_AVAIL.md b/docs/libcurl/opts/CURLINFO_HTTPAUTH_AVAIL.md
index 4d001fb4b6..85b67c8bda 100644
--- a/docs/libcurl/opts/CURLINFO_HTTPAUTH_AVAIL.md
+++ b/docs/libcurl/opts/CURLINFO_HTTPAUTH_AVAIL.md
@@ -16,7 +16,7 @@ Added-in: 7.10.8
 
 # NAME
 
-CURLINFO_HTTPAUTH_AVAIL - get available HTTP authentication methods
+CURLINFO_HTTPAUTH_AVAIL - available HTTP authentication methods
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_HTTPAUTH_USED.md b/docs/libcurl/opts/CURLINFO_HTTPAUTH_USED.md
index 9b63121710..5e4727b68d 100644
--- a/docs/libcurl/opts/CURLINFO_HTTPAUTH_USED.md
+++ b/docs/libcurl/opts/CURLINFO_HTTPAUTH_USED.md
@@ -15,7 +15,7 @@ Added-in: 8.12.0
 
 # NAME
 
-CURLINFO_HTTPAUTH_USED - get used HTTP authentication method
+CURLINFO_HTTPAUTH_USED - used HTTP authentication method
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_HTTP_CONNECTCODE.md b/docs/libcurl/opts/CURLINFO_HTTP_CONNECTCODE.md
index a9231289c0..0a95125488 100644
--- a/docs/libcurl/opts/CURLINFO_HTTP_CONNECTCODE.md
+++ b/docs/libcurl/opts/CURLINFO_HTTP_CONNECTCODE.md
@@ -15,7 +15,7 @@ Added-in: 7.10.7
 
 # NAME
 
-CURLINFO_HTTP_CONNECTCODE - get the CONNECT response code
+CURLINFO_HTTP_CONNECTCODE - CONNECT response code
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_HTTP_VERSION.md b/docs/libcurl/opts/CURLINFO_HTTP_VERSION.md
index 8fddc14f07..bcc274bf69 100644
--- a/docs/libcurl/opts/CURLINFO_HTTP_VERSION.md
+++ b/docs/libcurl/opts/CURLINFO_HTTP_VERSION.md
@@ -15,7 +15,7 @@ Added-in: 7.50.0
 
 # NAME
 
-CURLINFO_HTTP_VERSION - get the http version used in the connection
+CURLINFO_HTTP_VERSION - HTTP version used in the transfer
 
 # SYNOPSIS
 
@@ -27,10 +27,10 @@ CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_HTTP_VERSION, long *p);
 
 # DESCRIPTION
 
-Pass a pointer to a long to receive the version used in the last http
-connection done using this handle. The returned value is
-CURL_HTTP_VERSION_1_0, CURL_HTTP_VERSION_1_1, CURL_HTTP_VERSION_2_0,
-CURL_HTTP_VERSION_3 or 0 if the version cannot be determined.
+Pass a pointer to a long to receive the version used in the last http transfer
+done using this handle. The returned value is CURL_HTTP_VERSION_1_0,
+CURL_HTTP_VERSION_1_1, CURL_HTTP_VERSION_2_0, CURL_HTTP_VERSION_3 or 0 if the
+version cannot be determined.
 
 # %PROTOCOLS%
 
diff --git a/docs/libcurl/opts/CURLINFO_LASTSOCKET.md b/docs/libcurl/opts/CURLINFO_LASTSOCKET.md
index 1b4a22d650..755cf9a5e0 100644
--- a/docs/libcurl/opts/CURLINFO_LASTSOCKET.md
+++ b/docs/libcurl/opts/CURLINFO_LASTSOCKET.md
@@ -16,7 +16,7 @@ Added-in: 7.15.2
 
 # NAME
 
-CURLINFO_LASTSOCKET - get the last socket used
+CURLINFO_LASTSOCKET - last socket used
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_LOCAL_IP.md b/docs/libcurl/opts/CURLINFO_LOCAL_IP.md
index c626815c90..1a99f87014 100644
--- a/docs/libcurl/opts/CURLINFO_LOCAL_IP.md
+++ b/docs/libcurl/opts/CURLINFO_LOCAL_IP.md
@@ -17,7 +17,7 @@ Added-in: 7.21.0
 
 # NAME
 
-CURLINFO_LOCAL_IP - get local IP address of last connection
+CURLINFO_LOCAL_IP - local IP address of last connection
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_LOCAL_PORT.md b/docs/libcurl/opts/CURLINFO_LOCAL_PORT.md
index 937327f45e..67d73b7165 100644
--- a/docs/libcurl/opts/CURLINFO_LOCAL_PORT.md
+++ b/docs/libcurl/opts/CURLINFO_LOCAL_PORT.md
@@ -17,7 +17,7 @@ Added-in: 7.21.0
 
 # NAME
 
-CURLINFO_LOCAL_PORT - get the latest local port number
+CURLINFO_LOCAL_PORT - latest local port number
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_NAMELOOKUP_TIME.md b/docs/libcurl/opts/CURLINFO_NAMELOOKUP_TIME.md
index fe29e0c436..427516819a 100644
--- a/docs/libcurl/opts/CURLINFO_NAMELOOKUP_TIME.md
+++ b/docs/libcurl/opts/CURLINFO_NAMELOOKUP_TIME.md
@@ -15,7 +15,7 @@ Added-in: 7.4.1
 
 # NAME
 
-CURLINFO_NAMELOOKUP_TIME - get the name lookup time
+CURLINFO_NAMELOOKUP_TIME - name lookup time
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_NAMELOOKUP_TIME_T.md b/docs/libcurl/opts/CURLINFO_NAMELOOKUP_TIME_T.md
index 7b34ef5c0c..418f9f8f32 100644
--- a/docs/libcurl/opts/CURLINFO_NAMELOOKUP_TIME_T.md
+++ b/docs/libcurl/opts/CURLINFO_NAMELOOKUP_TIME_T.md
@@ -15,7 +15,7 @@ Added-in: 7.61.0
 
 # NAME
 
-CURLINFO_NAMELOOKUP_TIME_T - get the name lookup time in microseconds
+CURLINFO_NAMELOOKUP_TIME_T - name lookup time in microseconds
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_NUM_CONNECTS.md b/docs/libcurl/opts/CURLINFO_NUM_CONNECTS.md
index eefb38ea75..1728a6614b 100644
--- a/docs/libcurl/opts/CURLINFO_NUM_CONNECTS.md
+++ b/docs/libcurl/opts/CURLINFO_NUM_CONNECTS.md
@@ -14,7 +14,7 @@ Added-in: 7.12.3
 
 # NAME
 
-CURLINFO_NUM_CONNECTS - get number of created connections
+CURLINFO_NUM_CONNECTS - number of created connections
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_OS_ERRNO.md b/docs/libcurl/opts/CURLINFO_OS_ERRNO.md
index 25ddd6221e..b12a8ec8a5 100644
--- a/docs/libcurl/opts/CURLINFO_OS_ERRNO.md
+++ b/docs/libcurl/opts/CURLINFO_OS_ERRNO.md
@@ -14,7 +14,7 @@ Added-in: 7.12.2
 
 # NAME
 
-CURLINFO_OS_ERRNO - get errno number from last connect failure
+CURLINFO_OS_ERRNO - errno number from last connect failure
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_POSTTRANSFER_TIME_T.md b/docs/libcurl/opts/CURLINFO_POSTTRANSFER_TIME_T.md
index e5f1b5002f..0f4dc19cee 100644
--- a/docs/libcurl/opts/CURLINFO_POSTTRANSFER_TIME_T.md
+++ b/docs/libcurl/opts/CURLINFO_POSTTRANSFER_TIME_T.md
@@ -16,7 +16,7 @@ Added-in: 8.10.0
 
 # NAME
 
-CURLINFO_POSTTRANSFER_TIME_T - get the time until the last byte is sent
+CURLINFO_POSTTRANSFER_TIME_T - time to last byte sent
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_PRETRANSFER_TIME.md b/docs/libcurl/opts/CURLINFO_PRETRANSFER_TIME.md
index 9442d19c0a..ef10c67fa8 100644
--- a/docs/libcurl/opts/CURLINFO_PRETRANSFER_TIME.md
+++ b/docs/libcurl/opts/CURLINFO_PRETRANSFER_TIME.md
@@ -16,7 +16,7 @@ Added-in: 7.4.1
 
 # NAME
 
-CURLINFO_PRETRANSFER_TIME - get the time until the file transfer start
+CURLINFO_PRETRANSFER_TIME - time to transfer start
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_PRETRANSFER_TIME_T.md b/docs/libcurl/opts/CURLINFO_PRETRANSFER_TIME_T.md
index 2147f27969..4c5d6d9151 100644
--- a/docs/libcurl/opts/CURLINFO_PRETRANSFER_TIME_T.md
+++ b/docs/libcurl/opts/CURLINFO_PRETRANSFER_TIME_T.md
@@ -16,7 +16,7 @@ Added-in: 7.61.0
 
 # NAME
 
-CURLINFO_PRETRANSFER_TIME_T - get the time until the file transfer start
+CURLINFO_PRETRANSFER_TIME_T - time to transfer start
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_PRIMARY_IP.md b/docs/libcurl/opts/CURLINFO_PRIMARY_IP.md
index 1fdb130711..90bd5e400c 100644
--- a/docs/libcurl/opts/CURLINFO_PRIMARY_IP.md
+++ b/docs/libcurl/opts/CURLINFO_PRIMARY_IP.md
@@ -17,7 +17,7 @@ Added-in: 7.19.0
 
 # NAME
 
-CURLINFO_PRIMARY_IP - get IP address of last connection
+CURLINFO_PRIMARY_IP - IP address of last connection
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_PRIMARY_PORT.md b/docs/libcurl/opts/CURLINFO_PRIMARY_PORT.md
index d0bb632f44..b98f246042 100644
--- a/docs/libcurl/opts/CURLINFO_PRIMARY_PORT.md
+++ b/docs/libcurl/opts/CURLINFO_PRIMARY_PORT.md
@@ -16,7 +16,7 @@ Added-in: 7.21.0
 
 # NAME
 
-CURLINFO_PRIMARY_PORT - get the latest destination port number
+CURLINFO_PRIMARY_PORT - last destination port number
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_PRIVATE.md b/docs/libcurl/opts/CURLINFO_PRIVATE.md
index 7d4aff10f7..b14ece5a1b 100644
--- a/docs/libcurl/opts/CURLINFO_PRIVATE.md
+++ b/docs/libcurl/opts/CURLINFO_PRIVATE.md
@@ -15,7 +15,7 @@ Added-in: 7.10.3
 
 # NAME
 
-CURLINFO_PRIVATE - get the private pointer
+CURLINFO_PRIVATE - private pointer
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_PROTOCOL.md b/docs/libcurl/opts/CURLINFO_PROTOCOL.md
index a472a3d808..ef9ca6d54e 100644
--- a/docs/libcurl/opts/CURLINFO_PROTOCOL.md
+++ b/docs/libcurl/opts/CURLINFO_PROTOCOL.md
@@ -15,7 +15,7 @@ Added-in: 7.52.0
 
 # NAME
 
-CURLINFO_PROTOCOL - get the protocol used in the connection
+CURLINFO_PROTOCOL - protocol used in the connection
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_PROXYAUTH_AVAIL.md b/docs/libcurl/opts/CURLINFO_PROXYAUTH_AVAIL.md
index c30794f278..fb980f30fe 100644
--- a/docs/libcurl/opts/CURLINFO_PROXYAUTH_AVAIL.md
+++ b/docs/libcurl/opts/CURLINFO_PROXYAUTH_AVAIL.md
@@ -15,7 +15,7 @@ Added-in: 7.10.8
 
 # NAME
 
-CURLINFO_PROXYAUTH_AVAIL - get available HTTP proxy authentication methods
+CURLINFO_PROXYAUTH_AVAIL - HTTP proxy authentication methods
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_PROXYAUTH_USED.md b/docs/libcurl/opts/CURLINFO_PROXYAUTH_USED.md
index c4a9c943af..92316f1a3e 100644
--- a/docs/libcurl/opts/CURLINFO_PROXYAUTH_USED.md
+++ b/docs/libcurl/opts/CURLINFO_PROXYAUTH_USED.md
@@ -15,7 +15,7 @@ Added-in: 8.12.0
 
 # NAME
 
-CURLINFO_PROXYAUTH_USED - get used HTTP proxy authentication method
+CURLINFO_PROXYAUTH_USED - HTTP proxy authentication method
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_PROXY_ERROR.md b/docs/libcurl/opts/CURLINFO_PROXY_ERROR.md
index 772fa7cb75..bb833570c8 100644
--- a/docs/libcurl/opts/CURLINFO_PROXY_ERROR.md
+++ b/docs/libcurl/opts/CURLINFO_PROXY_ERROR.md
@@ -16,7 +16,7 @@ Added-in: 7.73.0
 
 # NAME
 
-CURLINFO_PROXY_ERROR - get the detailed (SOCKS) proxy error
+CURLINFO_PROXY_ERROR - detailed (SOCKS) proxy error
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_PROXY_SSL_VERIFYRESULT.md b/docs/libcurl/opts/CURLINFO_PROXY_SSL_VERIFYRESULT.md
index dd65c4214b..17dab0e324 100644
--- a/docs/libcurl/opts/CURLINFO_PROXY_SSL_VERIFYRESULT.md
+++ b/docs/libcurl/opts/CURLINFO_PROXY_SSL_VERIFYRESULT.md
@@ -18,7 +18,7 @@ Added-in: 7.52.0
 
 # NAME
 
-CURLINFO_PROXY_SSL_VERIFYRESULT - get the result of the proxy certificate verification
+CURLINFO_PROXY_SSL_VERIFYRESULT - result of proxy certificate verification
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_REDIRECT_COUNT.md b/docs/libcurl/opts/CURLINFO_REDIRECT_COUNT.md
index 3f58cc09c4..586bf3db05 100644
--- a/docs/libcurl/opts/CURLINFO_REDIRECT_COUNT.md
+++ b/docs/libcurl/opts/CURLINFO_REDIRECT_COUNT.md
@@ -16,7 +16,7 @@ Added-in: 7.9.7
 
 # NAME
 
-CURLINFO_REDIRECT_COUNT - get the number of redirects
+CURLINFO_REDIRECT_COUNT - number of redirects
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_REDIRECT_TIME.md b/docs/libcurl/opts/CURLINFO_REDIRECT_TIME.md
index f0b79e261f..3922b86c79 100644
--- a/docs/libcurl/opts/CURLINFO_REDIRECT_TIME.md
+++ b/docs/libcurl/opts/CURLINFO_REDIRECT_TIME.md
@@ -17,7 +17,7 @@ Added-in: 7.9.7
 
 # NAME
 
-CURLINFO_REDIRECT_TIME - get the time for all redirection steps
+CURLINFO_REDIRECT_TIME - time for all redirection steps
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_REDIRECT_TIME_T.md b/docs/libcurl/opts/CURLINFO_REDIRECT_TIME_T.md
index 88a0830d37..a612cf04b6 100644
--- a/docs/libcurl/opts/CURLINFO_REDIRECT_TIME_T.md
+++ b/docs/libcurl/opts/CURLINFO_REDIRECT_TIME_T.md
@@ -17,7 +17,7 @@ Added-in: 7.61.0
 
 # NAME
 
-CURLINFO_REDIRECT_TIME_T - get the time for all redirection steps
+CURLINFO_REDIRECT_TIME_T - time for all redirection steps
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_REDIRECT_URL.md b/docs/libcurl/opts/CURLINFO_REDIRECT_URL.md
index d1197e0b28..5e33a7115d 100644
--- a/docs/libcurl/opts/CURLINFO_REDIRECT_URL.md
+++ b/docs/libcurl/opts/CURLINFO_REDIRECT_URL.md
@@ -17,7 +17,7 @@ Added-in: 7.18.2
 
 # NAME
 
-CURLINFO_REDIRECT_URL - get the URL a redirect would go to
+CURLINFO_REDIRECT_URL - URL a redirect would go to
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_REFERER.md b/docs/libcurl/opts/CURLINFO_REFERER.md
index 17b9db1a18..07978f463f 100644
--- a/docs/libcurl/opts/CURLINFO_REFERER.md
+++ b/docs/libcurl/opts/CURLINFO_REFERER.md
@@ -16,7 +16,7 @@ Added-in: 7.76.0
 
 # NAME
 
-CURLINFO_REFERER - get the used referrer request header
+CURLINFO_REFERER - used HTTP referrer request header
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_REQUEST_SIZE.md b/docs/libcurl/opts/CURLINFO_REQUEST_SIZE.md
index fedefc0cc6..6f68ce4fce 100644
--- a/docs/libcurl/opts/CURLINFO_REQUEST_SIZE.md
+++ b/docs/libcurl/opts/CURLINFO_REQUEST_SIZE.md
@@ -16,7 +16,7 @@ Added-in: 7.4.1
 
 # NAME
 
-CURLINFO_REQUEST_SIZE - get size of sent request
+CURLINFO_REQUEST_SIZE - size of sent request
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_RESPONSE_CODE.md b/docs/libcurl/opts/CURLINFO_RESPONSE_CODE.md
index db75eb94a0..f07fb8d908 100644
--- a/docs/libcurl/opts/CURLINFO_RESPONSE_CODE.md
+++ b/docs/libcurl/opts/CURLINFO_RESPONSE_CODE.md
@@ -18,7 +18,7 @@ Added-in: 7.10.8
 
 # NAME
 
-CURLINFO_RESPONSE_CODE - get the last response code
+CURLINFO_RESPONSE_CODE - last response code
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_RTSP_CLIENT_CSEQ.md b/docs/libcurl/opts/CURLINFO_RTSP_CLIENT_CSEQ.md
index 0cfa84b34b..ef699e8553 100644
--- a/docs/libcurl/opts/CURLINFO_RTSP_CLIENT_CSEQ.md
+++ b/docs/libcurl/opts/CURLINFO_RTSP_CLIENT_CSEQ.md
@@ -16,7 +16,7 @@ Added-in: 7.20.0
 
 # NAME
 
-CURLINFO_RTSP_CLIENT_CSEQ - get the next RTSP client CSeq
+CURLINFO_RTSP_CLIENT_CSEQ - next RTSP client CSeq
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_RTSP_CSEQ_RECV.md b/docs/libcurl/opts/CURLINFO_RTSP_CSEQ_RECV.md
index 9de26f0f76..d4fecaacf6 100644
--- a/docs/libcurl/opts/CURLINFO_RTSP_CSEQ_RECV.md
+++ b/docs/libcurl/opts/CURLINFO_RTSP_CSEQ_RECV.md
@@ -15,7 +15,7 @@ Added-in: 7.20.0
 
 # NAME
 
-CURLINFO_RTSP_CSEQ_RECV - get the recently received CSeq
+CURLINFO_RTSP_CSEQ_RECV - last received RTSP CSeq
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_RTSP_SERVER_CSEQ.md b/docs/libcurl/opts/CURLINFO_RTSP_SERVER_CSEQ.md
index 0f3c638f8f..1a4a2a4273 100644
--- a/docs/libcurl/opts/CURLINFO_RTSP_SERVER_CSEQ.md
+++ b/docs/libcurl/opts/CURLINFO_RTSP_SERVER_CSEQ.md
@@ -15,7 +15,7 @@ Added-in: 7.20.0
 
 # NAME
 
-CURLINFO_RTSP_SERVER_CSEQ - get the next RTSP server CSeq
+CURLINFO_RTSP_SERVER_CSEQ - next RTSP server CSeq
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_RTSP_SESSION_ID.md b/docs/libcurl/opts/CURLINFO_RTSP_SESSION_ID.md
index 121642677b..2fbffbe697 100644
--- a/docs/libcurl/opts/CURLINFO_RTSP_SESSION_ID.md
+++ b/docs/libcurl/opts/CURLINFO_RTSP_SESSION_ID.md
@@ -15,7 +15,7 @@ Added-in: 7.20.0
 
 # NAME
 
-CURLINFO_RTSP_SESSION_ID - get RTSP session ID
+CURLINFO_RTSP_SESSION_ID - RTSP session ID
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_SCHEME.md b/docs/libcurl/opts/CURLINFO_SCHEME.md
index 1c61849829..661c8887a3 100644
--- a/docs/libcurl/opts/CURLINFO_SCHEME.md
+++ b/docs/libcurl/opts/CURLINFO_SCHEME.md
@@ -17,7 +17,7 @@ Added-in: 7.52.0
 
 # NAME
 
-CURLINFO_SCHEME - get the URL scheme (sometimes called protocol) used in the connection
+CURLINFO_SCHEME - URL scheme used in transfer
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_SIZE_DOWNLOAD.md b/docs/libcurl/opts/CURLINFO_SIZE_DOWNLOAD.md
index 30dc52b395..809abd3e77 100644
--- a/docs/libcurl/opts/CURLINFO_SIZE_DOWNLOAD.md
+++ b/docs/libcurl/opts/CURLINFO_SIZE_DOWNLOAD.md
@@ -17,7 +17,7 @@ Added-in: 7.4.1
 
 # NAME
 
-CURLINFO_SIZE_DOWNLOAD - get the number of downloaded bytes
+CURLINFO_SIZE_DOWNLOAD - number of downloaded bytes
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_SIZE_DOWNLOAD_T.md b/docs/libcurl/opts/CURLINFO_SIZE_DOWNLOAD_T.md
index 5d181b12e0..102177ae22 100644
--- a/docs/libcurl/opts/CURLINFO_SIZE_DOWNLOAD_T.md
+++ b/docs/libcurl/opts/CURLINFO_SIZE_DOWNLOAD_T.md
@@ -17,7 +17,7 @@ Added-in: 7.55.0
 
 # NAME
 
-CURLINFO_SIZE_DOWNLOAD_T - get the number of downloaded bytes
+CURLINFO_SIZE_DOWNLOAD_T - number of downloaded bytes
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_SIZE_UPLOAD.md b/docs/libcurl/opts/CURLINFO_SIZE_UPLOAD.md
index 6e1881271a..b018e00e2d 100644
--- a/docs/libcurl/opts/CURLINFO_SIZE_UPLOAD.md
+++ b/docs/libcurl/opts/CURLINFO_SIZE_UPLOAD.md
@@ -16,7 +16,7 @@ Added-in: 7.4.1
 
 # NAME
 
-CURLINFO_SIZE_UPLOAD - get the number of uploaded bytes
+CURLINFO_SIZE_UPLOAD - number of uploaded bytes
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_SIZE_UPLOAD_T.md b/docs/libcurl/opts/CURLINFO_SIZE_UPLOAD_T.md
index 939d66887a..ec35a0f974 100644
--- a/docs/libcurl/opts/CURLINFO_SIZE_UPLOAD_T.md
+++ b/docs/libcurl/opts/CURLINFO_SIZE_UPLOAD_T.md
@@ -16,7 +16,7 @@ Added-in: 7.55.0
 
 # NAME
 
-CURLINFO_SIZE_UPLOAD_T - get the number of uploaded bytes
+CURLINFO_SIZE_UPLOAD_T - number of uploaded bytes
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_SPEED_DOWNLOAD.md b/docs/libcurl/opts/CURLINFO_SPEED_DOWNLOAD.md
index 53169e03fb..8b3b7b32e7 100644
--- a/docs/libcurl/opts/CURLINFO_SPEED_DOWNLOAD.md
+++ b/docs/libcurl/opts/CURLINFO_SPEED_DOWNLOAD.md
@@ -16,7 +16,7 @@ Added-in: 7.4.1
 
 # NAME
 
-CURLINFO_SPEED_DOWNLOAD - get download speed
+CURLINFO_SPEED_DOWNLOAD - download speed
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_SPEED_DOWNLOAD_T.md b/docs/libcurl/opts/CURLINFO_SPEED_DOWNLOAD_T.md
index 60d759f844..50d6d324f9 100644
--- a/docs/libcurl/opts/CURLINFO_SPEED_DOWNLOAD_T.md
+++ b/docs/libcurl/opts/CURLINFO_SPEED_DOWNLOAD_T.md
@@ -16,7 +16,7 @@ Added-in: 7.55.0
 
 # NAME
 
-CURLINFO_SPEED_DOWNLOAD_T - get download speed
+CURLINFO_SPEED_DOWNLOAD_T - download speed
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_SPEED_UPLOAD.md b/docs/libcurl/opts/CURLINFO_SPEED_UPLOAD.md
index a10b475b60..06778c1e2f 100644
--- a/docs/libcurl/opts/CURLINFO_SPEED_UPLOAD.md
+++ b/docs/libcurl/opts/CURLINFO_SPEED_UPLOAD.md
@@ -15,7 +15,7 @@ Added-in: 7.4.1
 
 # NAME
 
-CURLINFO_SPEED_UPLOAD - get upload speed
+CURLINFO_SPEED_UPLOAD - upload speed
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_SPEED_UPLOAD_T.md b/docs/libcurl/opts/CURLINFO_SPEED_UPLOAD_T.md
index 9f152131b2..12b569186c 100644
--- a/docs/libcurl/opts/CURLINFO_SPEED_UPLOAD_T.md
+++ b/docs/libcurl/opts/CURLINFO_SPEED_UPLOAD_T.md
@@ -15,7 +15,7 @@ Added-in: 7.55.0
 
 # NAME
 
-CURLINFO_SPEED_UPLOAD_T - get upload speed
+CURLINFO_SPEED_UPLOAD_T - upload speed
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_SSL_ENGINES.md b/docs/libcurl/opts/CURLINFO_SSL_ENGINES.md
index 6c25f90161..6c4dd46cf6 100644
--- a/docs/libcurl/opts/CURLINFO_SSL_ENGINES.md
+++ b/docs/libcurl/opts/CURLINFO_SSL_ENGINES.md
@@ -17,7 +17,7 @@ Added-in: 7.12.3
 
 # NAME
 
-CURLINFO_SSL_ENGINES - get an slist of OpenSSL crypto-engines
+CURLINFO_SSL_ENGINES - an slist of OpenSSL crypto-engines
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_SSL_VERIFYRESULT.md b/docs/libcurl/opts/CURLINFO_SSL_VERIFYRESULT.md
index 15f9495d80..c55a63e05e 100644
--- a/docs/libcurl/opts/CURLINFO_SSL_VERIFYRESULT.md
+++ b/docs/libcurl/opts/CURLINFO_SSL_VERIFYRESULT.md
@@ -18,7 +18,7 @@ Added-in: 7.5
 
 # NAME
 
-CURLINFO_SSL_VERIFYRESULT - get the result of the certificate verification
+CURLINFO_SSL_VERIFYRESULT - result of the certificate verification
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_STARTTRANSFER_TIME.md b/docs/libcurl/opts/CURLINFO_STARTTRANSFER_TIME.md
index 749930ce46..47fe77673f 100644
--- a/docs/libcurl/opts/CURLINFO_STARTTRANSFER_TIME.md
+++ b/docs/libcurl/opts/CURLINFO_STARTTRANSFER_TIME.md
@@ -16,7 +16,7 @@ Added-in: 7.9.2
 
 # NAME
 
-CURLINFO_STARTTRANSFER_TIME - get the time until the first byte is received
+CURLINFO_STARTTRANSFER_TIME - time to first byte received
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_STARTTRANSFER_TIME_T.md b/docs/libcurl/opts/CURLINFO_STARTTRANSFER_TIME_T.md
index 2c0d0eac8c..a1d5c5642f 100644
--- a/docs/libcurl/opts/CURLINFO_STARTTRANSFER_TIME_T.md
+++ b/docs/libcurl/opts/CURLINFO_STARTTRANSFER_TIME_T.md
@@ -16,7 +16,7 @@ Added-in: 7.61.0
 
 # NAME
 
-CURLINFO_STARTTRANSFER_TIME_T - get the time until the first byte is received
+CURLINFO_STARTTRANSFER_TIME_T - time to first byte received
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_TLS_SESSION.md b/docs/libcurl/opts/CURLINFO_TLS_SESSION.md
index f4209b45b6..18022ac2c6 100644
--- a/docs/libcurl/opts/CURLINFO_TLS_SESSION.md
+++ b/docs/libcurl/opts/CURLINFO_TLS_SESSION.md
@@ -18,7 +18,7 @@ Added-in: 7.34.0
 
 # NAME
 
-CURLINFO_TLS_SESSION - get TLS session info
+CURLINFO_TLS_SESSION - TLS session info
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.md b/docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.md
index 2f87b1a9cd..e3514530f2 100644
--- a/docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.md
+++ b/docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.md
@@ -21,7 +21,7 @@ Added-in: 7.48.0
 
 # NAME
 
-CURLINFO_TLS_SESSION, CURLINFO_TLS_SSL_PTR - get TLS session info
+CURLINFO_TLS_SSL_PTR - TLS session info
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_TOTAL_TIME.md b/docs/libcurl/opts/CURLINFO_TOTAL_TIME.md
index 201c4e4823..60d383a458 100644
--- a/docs/libcurl/opts/CURLINFO_TOTAL_TIME.md
+++ b/docs/libcurl/opts/CURLINFO_TOTAL_TIME.md
@@ -16,7 +16,7 @@ Added-in: 7.4.1
 
 # NAME
 
-CURLINFO_TOTAL_TIME - get total time of previous transfer
+CURLINFO_TOTAL_TIME - total time of previous transfer
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_TOTAL_TIME_T.md b/docs/libcurl/opts/CURLINFO_TOTAL_TIME_T.md
index 8ae305d5af..0302310b66 100644
--- a/docs/libcurl/opts/CURLINFO_TOTAL_TIME_T.md
+++ b/docs/libcurl/opts/CURLINFO_TOTAL_TIME_T.md
@@ -15,7 +15,7 @@ Added-in: 7.61.0
 ---
 # NAME
 
-CURLINFO_TOTAL_TIME_T - get total time of previous transfer in microseconds
+CURLINFO_TOTAL_TIME_T - total time of previous transfer
 
 # SYNOPSIS
 
diff --git a/docs/libcurl/opts/CURLINFO_XFER_ID.md b/docs/libcurl/opts/CURLINFO_XFER_ID.md
index a5f3dd01e7..7de5609399 100644
--- a/docs/libcurl/opts/CURLINFO_XFER_ID.md
+++ b/docs/libcurl/opts/CURLINFO_XFER_ID.md
@@ -15,7 +15,7 @@ Added-in: 8.2.0
 
 # NAME
 
-CURLINFO_XFER_ID - get the ID of a transfer
+CURLINFO_XFER_ID - ID of the transfer
 
 # SYNOPSIS
 

From a5c0dfc19f57da30afd6c3eaf7f44cb2c444e222 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Sat, 8 Nov 2025 12:58:13 +0100
Subject: [PATCH 0744/2408] CURLINFO_TLS_SSL_PTR.md: remove
 CURLINFO_TLS_SESSION text

That option is properly documented in its own page.

Closes #19404
---
 docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.md | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.md b/docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.md
index e3514530f2..e1c725727c 100644
--- a/docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.md
+++ b/docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.md
@@ -30,12 +30,6 @@ CURLINFO_TLS_SSL_PTR - TLS session info
 
 CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_TLS_SSL_PTR,
                            struct curl_tlssessioninfo **session);
-
-/* if you need compatibility with libcurl < 7.48.0 use
-   CURLINFO_TLS_SESSION instead: */
-
-CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_TLS_SESSION,
-                           struct curl_tlssessioninfo **session);
 ~~~
 
 # DESCRIPTION

From d083f529e8eb9bd222093262fe0ef6e39778e2ef Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Sat, 8 Nov 2025 17:09:31 +0100
Subject: [PATCH 0745/2408] CURLINFO_SCHEME/PROTOCOL: they return the "scheme"
 for a "transfer"

Not protocol. Not for connection.

Closes #19403
---
 docs/libcurl/opts/CURLINFO_PROTOCOL.md | 16 ++++++++--------
 docs/libcurl/opts/CURLINFO_SCHEME.md   |  5 +++--
 2 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/docs/libcurl/opts/CURLINFO_PROTOCOL.md b/docs/libcurl/opts/CURLINFO_PROTOCOL.md
index ef9ca6d54e..f254857ca7 100644
--- a/docs/libcurl/opts/CURLINFO_PROTOCOL.md
+++ b/docs/libcurl/opts/CURLINFO_PROTOCOL.md
@@ -15,7 +15,7 @@ Added-in: 7.52.0
 
 # NAME
 
-CURLINFO_PROTOCOL - protocol used in the connection
+CURLINFO_PROTOCOL - URL scheme used in transfer
 
 # SYNOPSIS
 
@@ -27,12 +27,12 @@ CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_PROTOCOL, long *p);
 
 # DESCRIPTION
 
-This option is deprecated. We strongly recommend using
-CURLINFO_SCHEME(3) instead, because this option cannot return all
-possible protocols.
+This option is deprecated. We strongly recommend using CURLINFO_SCHEME(3)
+instead, because this option cannot return all possible schemes. The scheme
+might also sometimes be referred to as the protocol.
 
-Pass a pointer to a long to receive the version used in the last http
-connection. The returned value is set to one of these values:
+Pass a pointer to a long to receive the scheme used in the last transfer. The
+returned value is set to one of these values:
 
 ~~~c
 CURLPROTO_DICT, CURLPROTO_FILE, CURLPROTO_FTP, CURLPROTO_FTPS,
@@ -57,8 +57,8 @@ int main(void)
     curl_easy_setopt(curl, CURLOPT_URL, "https://example.com");
     res = curl_easy_perform(curl);
     if(res == CURLE_OK) {
-      long protocol;
-      curl_easy_getinfo(curl, CURLINFO_PROTOCOL, &protocol);
+      long scheme;
+      curl_easy_getinfo(curl, CURLINFO_PROTOCOL, &scheme);
     }
     curl_easy_cleanup(curl);
   }
diff --git a/docs/libcurl/opts/CURLINFO_SCHEME.md b/docs/libcurl/opts/CURLINFO_SCHEME.md
index 661c8887a3..5d6288e11c 100644
--- a/docs/libcurl/opts/CURLINFO_SCHEME.md
+++ b/docs/libcurl/opts/CURLINFO_SCHEME.md
@@ -30,8 +30,9 @@ CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_SCHEME, char **scheme);
 # DESCRIPTION
 
 Pass a pointer to a char pointer to receive the pointer to a null-terminated
-string holding the URL scheme used for the most recent connection done with
-this CURL **handle**.
+string holding the URL scheme used for the most recent transfer done with this
+CURL **handle**. The scheme might also sometimes be referred to as the
+protocol.
 
 The **scheme** pointer is NULL or points to private memory. You **must not**
 free it. The memory gets freed automatically when you call

From 64489bc3be7bcf69493143c1f1c221e12748e285 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Sat, 8 Nov 2025 12:43:24 +0100
Subject: [PATCH 0746/2408] CURLOPT_READFUNCTION.md: clarify the size of the
 buffer

No need to multiply with size as size is always 1 - and documented so.

Closes #19402
---
 docs/libcurl/opts/CURLOPT_HEADERFUNCTION.md | 2 +-
 docs/libcurl/opts/CURLOPT_READFUNCTION.md   | 5 ++---
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/docs/libcurl/opts/CURLOPT_HEADERFUNCTION.md b/docs/libcurl/opts/CURLOPT_HEADERFUNCTION.md
index 8e16b78d55..060ebf5bdd 100644
--- a/docs/libcurl/opts/CURLOPT_HEADERFUNCTION.md
+++ b/docs/libcurl/opts/CURLOPT_HEADERFUNCTION.md
@@ -109,7 +109,7 @@ Nothing.
 static size_t header_callback(char *buffer, size_t size,
                               size_t nitems, void *userdata)
 {
-  /* received header is 'nitems' bytes in 'buffer' NOT ZERO TERMINATED */
+  /* received header is 'nitems' bytes in 'buffer' NOT NULL-TERMINATED */
   /* 'userdata' is set with CURLOPT_HEADERDATA */
   return nitems;
 }
diff --git a/docs/libcurl/opts/CURLOPT_READFUNCTION.md b/docs/libcurl/opts/CURLOPT_READFUNCTION.md
index 71ad2e9ca0..0046ded635 100644
--- a/docs/libcurl/opts/CURLOPT_READFUNCTION.md
+++ b/docs/libcurl/opts/CURLOPT_READFUNCTION.md
@@ -36,9 +36,8 @@ Pass a pointer to your callback function, as the prototype shows above.
 
 This callback function gets called by libcurl as soon as it needs to read data
 in order to send it to the peer - like if you ask it to upload or post data to
-the server. The data area pointed at by the pointer *buffer* should be
-filled up with at most *size* multiplied with *nitems* number of bytes
-by your function. *size* is always 1.
+the server. The data area pointed at by the pointer *buffer* should be filled
+up with at most *nitems* number of bytes by your function. *size* is always 1.
 
 Set the *userdata* argument with the CURLOPT_READDATA(3) option.
 

From 7e0d4dd4a86e11babfc91c8b7e0caefc7048832c Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Sat, 8 Nov 2025 17:49:30 +0100
Subject: [PATCH 0747/2408] CURLOPT_SSH_KEYFUNCTION.md: fix minor indent
 mistake in example

---
 docs/libcurl/opts/CURLOPT_SSH_KEYFUNCTION.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/libcurl/opts/CURLOPT_SSH_KEYFUNCTION.md b/docs/libcurl/opts/CURLOPT_SSH_KEYFUNCTION.md
index 1e21b614f1..85801b8af7 100644
--- a/docs/libcurl/opts/CURLOPT_SSH_KEYFUNCTION.md
+++ b/docs/libcurl/opts/CURLOPT_SSH_KEYFUNCTION.md
@@ -141,7 +141,7 @@ int main(void)
     curl_easy_setopt(curl, CURLOPT_SSH_KNOWNHOSTS, "/home/user/known_hosts");
 
     curl_easy_perform(curl);
-}
+  }
 }
 ~~~
 

From 3752de465d70552106b2527fbf821aee525e53e2 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sat, 8 Nov 2025 18:23:32 +0100
Subject: [PATCH 0748/2408] pytest: skip H2 tests if feature missing from curl

To allow running pytests on more curl configurations.

Also delete a redundant H3 feature check from test_17_14_expired_cert.

Cherry-picked from #19407
Closes #19412
---
 tests/http/test_01_basic.py      | 32 +++++++++++++++
 tests/http/test_02_download.py   | 70 ++++++++++++++++++++++++++++++++
 tests/http/test_03_goaway.py     |  2 +
 tests/http/test_04_stuttered.py  |  8 ++++
 tests/http/test_05_errors.py     |  8 ++++
 tests/http/test_07_upload.py     | 68 +++++++++++++++++++++++++++++++
 tests/http/test_08_caddy.py      | 18 ++++++++
 tests/http/test_09_push.py       |  4 ++
 tests/http/test_10_proxy.py      | 24 +++++++++++
 tests/http/test_13_proxy_auth.py |  4 ++
 tests/http/test_14_auth.py       | 12 ++++++
 tests/http/test_16_info.py       |  6 +++
 tests/http/test_17_ssl_use.py    | 26 +++++++++++-
 tests/http/test_18_methods.py    |  4 ++
 tests/http/test_19_shutdown.py   |  4 ++
 tests/http/test_40_socks.py      |  6 +++
 16 files changed, 294 insertions(+), 2 deletions(-)

diff --git a/tests/http/test_01_basic.py b/tests/http/test_01_basic.py
index 692bb3d7b2..c786488c2e 100644
--- a/tests/http/test_01_basic.py
+++ b/tests/http/test_01_basic.py
@@ -56,6 +56,8 @@ class TestBasic:
     # simple https: GET, h2 wanted and got
     @pytest.mark.skipif(condition=not Env.have_ssl_curl(), reason="curl without SSL")
     def test_01_03_h2_get(self, env: Env, httpd):
+        if not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         curl = CurlClient(env=env)
         url = f'https://{env.domain1}:{env.https_port}/data.json'
         r = curl.http_get(url=url, extra_args=['--http2'])
@@ -65,6 +67,8 @@ class TestBasic:
     # simple https: GET, h2 unsupported, fallback to h1
     @pytest.mark.skipif(condition=not Env.have_ssl_curl(), reason="curl without SSL")
     def test_01_04_h2_unsupported(self, env: Env, httpd):
+        if not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         curl = CurlClient(env=env)
         url = f'https://{env.domain2}:{env.https_port}/data.json'
         r = curl.http_get(url=url, extra_args=['--http2'])
@@ -84,6 +88,8 @@ class TestBasic:
     @pytest.mark.skipif(condition=not Env.have_ssl_curl(), reason="curl without SSL")
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_01_06_timings(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
@@ -100,6 +106,8 @@ class TestBasic:
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     @pytest.mark.skipif(condition=not Env.have_ssl_curl(), reason="curl without SSL")
     def test_01_07_head(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
@@ -115,6 +123,8 @@ class TestBasic:
 
     # http: GET for HTTP/2, see Upgrade:, 101 switch
     def test_01_08_h2_upgrade(self, env: Env, httpd):
+        if not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         curl = CurlClient(env=env)
         url = f'http://{env.domain1}:{env.http_port}/data.json'
         r = curl.http_get(url=url, extra_args=['--http2'])
@@ -127,6 +137,8 @@ class TestBasic:
 
     # http: GET for HTTP/2 with prior knowledge
     def test_01_09_h2_prior_knowledge(self, env: Env, httpd):
+        if not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         curl = CurlClient(env=env)
         url = f'http://{env.domain1}:{env.http_port}/data.json'
         r = curl.http_get(url=url, extra_args=['--http2-prior-knowledge'])
@@ -138,6 +150,8 @@ class TestBasic:
 
     # http: strip TE header in HTTP/2 requests
     def test_01_10_te_strip(self, env: Env, httpd):
+        if not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         curl = CurlClient(env=env)
         url = f'https://{env.authority_for(env.domain1, "h2")}/data.json'
         r = curl.http_get(url=url, extra_args=['--http2', '-H', 'TE: gzip'])
@@ -152,6 +166,8 @@ class TestBasic:
     # RSTing the stream correctly when its internal limits are exceeded.
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_01_11_large_resp_headers(self, env: Env, httpd, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
@@ -167,6 +183,8 @@ class TestBasic:
                         reason='httpd must be at least 2.4.64')
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
     def test_01_12_xlarge_resp_headers(self, env: Env, httpd, configures_httpd, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         httpd.set_extra_config('base', [
             f'H2MaxHeaderBlockLen {130 * 1024}',
         ])
@@ -184,6 +202,8 @@ class TestBasic:
                         reason='httpd must be at least 2.4.64')
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
     def test_01_13_megalarge_resp_headers(self, env: Env, httpd, configures_httpd, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         httpd.set_extra_config('base', [
             'LogLevel http2:trace2',
             f'H2MaxHeaderBlockLen {130 * 1024}',
@@ -204,6 +224,8 @@ class TestBasic:
                         reason='httpd must be at least 2.4.64')
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
     def test_01_14_gigalarge_resp_headers(self, env: Env, httpd, configures_httpd, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         httpd.set_extra_config('base', [
             'LogLevel http2:trace2',
             f'H2MaxHeaderBlockLen {1024 * 1024}',
@@ -223,6 +245,8 @@ class TestBasic:
                         reason='httpd must be at least 2.4.64')
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
     def test_01_15_gigalarge_resp_headers(self, env: Env, httpd, configures_httpd, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         httpd.set_extra_config('base', [
             'LogLevel http2:trace2',
             f'H2MaxHeaderBlockLen {1024 * 1024}',
@@ -240,6 +264,8 @@ class TestBasic:
     # http: invalid request headers, GET, issue #16998
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_01_16_inv_req_get(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
@@ -263,6 +289,8 @@ class TestBasic:
     ])
     def test_01_17_TE(self, env: Env, httpd, te_in, te_out):
         proto = 'h2'
+        if not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         curl = CurlClient(env=env)
         url = f'https://{env.authority_for(env.domain1, proto)}/curltest/echo'
         r = curl.http_download(urls=[url], alpn_proto=proto, with_stats=True,
@@ -277,6 +305,8 @@ class TestBasic:
     # check that an existing https: connection is not reused for http:
     def test_01_18_tls_reuse(self, env: Env, httpd):
         proto = 'h2'
+        if not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         curl = CurlClient(env=env)
         url1 = f'https://{env.authority_for(env.domain1, proto)}/data.json'
         url2 = f'http://{env.authority_for(env.domain1, proto)}/data.json'
@@ -287,6 +317,8 @@ class TestBasic:
     # check that an existing http: connection is not reused for https:
     def test_01_19_plain_reuse(self, env: Env, httpd):
         proto = 'h2'
+        if not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         curl = CurlClient(env=env)
         url1 = f'http://{env.domain1}:{env.http_port}/data.json'
         url2 = f'https://{env.domain1}:{env.http_port}/data.json'
diff --git a/tests/http/test_02_download.py b/tests/http/test_02_download.py
index 574401cb72..d2d149f20f 100644
--- a/tests/http/test_02_download.py
+++ b/tests/http/test_02_download.py
@@ -55,6 +55,8 @@ class TestDownload:
     # download 1 file
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_02_01_download_1(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
@@ -65,6 +67,8 @@ class TestDownload:
     # download 2 files
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_02_02_download_2(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
@@ -75,6 +79,8 @@ class TestDownload:
     # download 100 files sequentially
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_02_03_download_sequential(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         if (proto == 'http/1.1' or proto == 'h2') and env.curl_uses_lib('mbedtls') and \
@@ -89,6 +95,8 @@ class TestDownload:
     # download 100 files parallel
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_02_04_download_parallel(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         if proto == 'h2' and env.curl_uses_lib('mbedtls') and \
@@ -112,6 +120,8 @@ class TestDownload:
     # download 500 files sequential
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_02_05_download_many_sequential(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         if proto == 'h2' and env.curl_uses_lib('mbedtls') and \
@@ -132,6 +142,8 @@ class TestDownload:
     # download 500 files parallel
     @pytest.mark.parametrize("proto", ['h2', 'h3'])
     def test_02_06_download_many_parallel(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         if proto == 'h2' and env.curl_uses_lib('mbedtls') and \
@@ -149,6 +161,8 @@ class TestDownload:
     # download files parallel, check connection reuse/multiplex
     @pytest.mark.parametrize("proto", ['h2', 'h3'])
     def test_02_07_download_reuse(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 200
@@ -180,6 +194,8 @@ class TestDownload:
 
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_02_08_1MB_serial(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 5
@@ -190,6 +206,8 @@ class TestDownload:
 
     @pytest.mark.parametrize("proto", ['h2', 'h3'])
     def test_02_09_1MB_parallel(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 5
@@ -204,6 +222,8 @@ class TestDownload:
     @pytest.mark.skipif(condition=Env().ci_run, reason="not suitable for CI runs")
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_02_10_10MB_serial(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 3
@@ -216,6 +236,8 @@ class TestDownload:
     @pytest.mark.skipif(condition=Env().ci_run, reason="not suitable for CI runs")
     @pytest.mark.parametrize("proto", ['h2', 'h3'])
     def test_02_11_10MB_parallel(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 3
@@ -228,6 +250,8 @@ class TestDownload:
 
     @pytest.mark.parametrize("proto", ['h2', 'h3'])
     def test_02_12_head_serial_https(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 5
@@ -240,6 +264,8 @@ class TestDownload:
 
     @pytest.mark.parametrize("proto", ['h2'])
     def test_02_13_head_serial_h2c(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 5
@@ -252,6 +278,8 @@ class TestDownload:
 
     @pytest.mark.parametrize("proto", ['h2', 'h3'])
     def test_02_14_not_found(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 5
@@ -266,6 +294,8 @@ class TestDownload:
 
     @pytest.mark.parametrize("proto", ['h2', 'h3'])
     def test_02_15_fail_not_found(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 5
@@ -280,6 +310,8 @@ class TestDownload:
 
     @pytest.mark.skipif(condition=Env().slow_network, reason="not suitable for slow network tests")
     def test_02_20_h2_small_frames(self, env: Env, httpd, configures_httpd):
+        if not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         # Test case to reproduce content corruption as observed in
         # https://github.com/curl/curl/issues/10525
         # To reliably reproduce, we need an Apache httpd that supports
@@ -328,6 +360,8 @@ class TestDownload:
     @pytest.mark.parametrize("swin_max", [0, 10*1024])
     def test_02_21_h2_lib_serial(self, env: Env, httpd, pause_offset, swin_max):
         proto = 'h2'
+        if not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         count = 2
         docname = 'data-10m'
         url = f'https://localhost:{env.https_port}/{docname}'
@@ -349,6 +383,8 @@ class TestDownload:
     @pytest.mark.parametrize("pause_offset", [100*1023])
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_02_22_lib_parallel_resume(self, env: Env, httpd, nghttpx, proto, pause_offset):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 2
@@ -369,6 +405,8 @@ class TestDownload:
     # download, several at a time, pause and abort paused
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_02_23a_lib_abort_paused(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         if proto == 'h3' and env.curl_uses_ossl_quic():
@@ -398,6 +436,8 @@ class TestDownload:
     # download, several at a time, abort after n bytes
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_02_23b_lib_abort_offset(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         if proto == 'h3' and env.curl_uses_ossl_quic():
@@ -427,6 +467,8 @@ class TestDownload:
     # download, several at a time, abort after n bytes
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_02_23c_lib_fail_offset(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         if proto == 'h3' and env.curl_uses_ossl_quic():
@@ -456,6 +498,8 @@ class TestDownload:
     # speed limited download
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_02_24_speed_limit(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 1
@@ -485,6 +529,8 @@ class TestDownload:
     # TODO: just uses a single connection for h2/h3. Not sure how to prevent that
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_02_26_session_shared_reuse(self, env: Env, proto, httpd, nghttpx):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         url = f'https://{env.authority_for(env.domain1, proto)}/data-100k'
@@ -497,6 +543,8 @@ class TestDownload:
     # test on paused transfers, based on issue #11982
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_02_27a_paused_no_cl(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         url = f'https://{env.authority_for(env.domain1, proto)}' \
@@ -508,6 +556,8 @@ class TestDownload:
     # test on paused transfers, based on issue #11982
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_02_27b_paused_no_cl(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         url = f'https://{env.authority_for(env.domain1, proto)}' \
@@ -519,6 +569,8 @@ class TestDownload:
     # test on paused transfers, based on issue #11982
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_02_27c_paused_no_cl(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         url = f'https://{env.authority_for(env.domain1, proto)}' \
@@ -529,6 +581,8 @@ class TestDownload:
 
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_02_28_get_compressed(self, env: Env, httpd, nghttpx, proto):
+        if not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 1
@@ -557,6 +611,8 @@ class TestDownload:
     @pytest.mark.parametrize("pause_offset", [0, 10*1024, 100*1023, 640000])
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_02_29_h2_lib_serial(self, env: Env, httpd, nghttpx, proto, pause_offset):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 2
@@ -574,6 +630,8 @@ class TestDownload:
 
     # download parallel with prior knowledge
     def test_02_30_parallel_prior_knowledge(self, env: Env, httpd):
+        if not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         count = 3
         curl = CurlClient(env=env)
         urln = f'http://{env.domain1}:{env.http_port}/data.json?[0-{count-1}]'
@@ -585,6 +643,8 @@ class TestDownload:
 
     # download parallel with h2 "Upgrade:"
     def test_02_31_parallel_upgrade(self, env: Env, httpd, nghttpx):
+        if not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         count = 3
         curl = CurlClient(env=env)
         urln = f'http://{env.domain1}:{env.http_port}/data.json?[0-{count-1}]'
@@ -605,6 +665,8 @@ class TestDownload:
     def test_02_32_earlydata(self, env: Env, httpd, nghttpx, proto):
         if not env.curl_can_early_data():
             pytest.skip('TLS earlydata not implemented')
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and \
            (not env.have_h3() or not env.curl_can_h3_early_data()):
             pytest.skip("h3 not supported")
@@ -661,6 +723,8 @@ class TestDownload:
             pytest.skip('only works for curl debug builds')
         if not env.curl_is_verbose():
             pytest.skip('only works for curl with verbose strings')
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 50
@@ -701,6 +765,8 @@ class TestDownload:
             pytest.skip('only works for curl debug builds')
         if not env.curl_is_verbose():
             pytest.skip('only works for curl with verbose strings')
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 50
@@ -746,6 +812,8 @@ class TestDownload:
     #   to be received, requiring buffering.
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_02_35_pause_bomb(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 2
@@ -765,6 +833,8 @@ class TestDownload:
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     @pytest.mark.parametrize("url_junk", [1024, 16*1024, 32*1024, 64*1024, 80*1024, 96*1024])
     def test_02_36_looong_urls(self, env: Env, httpd, nghttpx, proto, url_junk):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         if proto == 'h3' and env.curl_uses_lib('quiche'):
diff --git a/tests/http/test_03_goaway.py b/tests/http/test_03_goaway.py
index 2688210a84..8acaa9dc65 100644
--- a/tests/http/test_03_goaway.py
+++ b/tests/http/test_03_goaway.py
@@ -41,6 +41,8 @@ class TestGoAway:
     # download files sequentially with delay, reload server for GOAWAY
     def test_03_01_h2_goaway(self, env: Env, httpd, nghttpx):
         proto = 'h2'
+        if not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         count = 3
         self.r = None
 
diff --git a/tests/http/test_04_stuttered.py b/tests/http/test_04_stuttered.py
index 3ba5c6169c..bd2c5e1f77 100644
--- a/tests/http/test_04_stuttered.py
+++ b/tests/http/test_04_stuttered.py
@@ -41,6 +41,8 @@ class TestStuttered:
     # download 1 file, check that delayed response works in general
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_04_01_download_1(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 1
@@ -56,6 +58,8 @@ class TestStuttered:
     # (Apache2 increases # of parallel processed requests after successes)
     @pytest.mark.parametrize("proto", ['h2', 'h3'])
     def test_04_02_100_100_10(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 50
@@ -78,6 +82,8 @@ class TestStuttered:
     # (Apache2 increases # of parallel processed requests after successes)
     @pytest.mark.parametrize("proto", ['h2', 'h3'])
     def test_04_03_1000_10_1(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 50
@@ -100,6 +106,8 @@ class TestStuttered:
     # (Apache2 increases # of parallel processed requests after successes)
     @pytest.mark.parametrize("proto", ['h2', 'h3'])
     def test_04_04_1000_10_1(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 50
diff --git a/tests/http/test_05_errors.py b/tests/http/test_05_errors.py
index d24879b3ac..8d8ea707bb 100644
--- a/tests/http/test_05_errors.py
+++ b/tests/http/test_05_errors.py
@@ -40,6 +40,8 @@ class TestErrors:
     # download 1 file, check that we get CURLE_PARTIAL_FILE
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_05_01_partial_1(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 1
@@ -60,6 +62,8 @@ class TestErrors:
     # download files, check that we get CURLE_PARTIAL_FILE for all
     @pytest.mark.parametrize("proto", ['h2', 'h3'])
     def test_05_02_partial_20(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         if proto == 'h3' and env.curl_uses_ossl_quic():
@@ -82,6 +86,8 @@ class TestErrors:
 
     # access a resource that, on h2, RST the stream with HTTP_1_1_REQUIRED
     def test_05_03_required(self, env: Env, httpd, nghttpx):
+        if not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         curl = CurlClient(env=env)
         proto = 'http/1.1'
         urln = f'https://{env.authority_for(env.domain1, proto)}/curltest/1_1'
@@ -107,6 +113,8 @@ class TestErrors:
     #   and not see the "unclean" close either
     @pytest.mark.parametrize("proto", ['http/1.0', 'http/1.1', 'h2'])
     def test_05_04_unclean_tls_shutdown(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 10 if proto == 'h2' else 1
diff --git a/tests/http/test_07_upload.py b/tests/http/test_07_upload.py
index fa2ef272d7..ad2db48a8c 100644
--- a/tests/http/test_07_upload.py
+++ b/tests/http/test_07_upload.py
@@ -53,6 +53,8 @@ class TestUpload:
     # upload small data, check that this is what was echoed
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_07_01_upload_1_small(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         data = '0123456789'
@@ -66,6 +68,8 @@ class TestUpload:
     # upload large data, check that this is what was echoed
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_07_02_upload_1_large(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         fdata = os.path.join(env.gen_dir, 'data-100k')
@@ -80,6 +84,8 @@ class TestUpload:
     # upload data sequentially, check that they were echoed
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_07_10_upload_sequential(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 20
@@ -95,6 +101,8 @@ class TestUpload:
     # upload data parallel, check that they were echoed
     @pytest.mark.parametrize("proto", ['h2', 'h3'])
     def test_07_11_upload_parallel(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         # limit since we use a separate connection in h1
@@ -112,6 +120,8 @@ class TestUpload:
     # upload large data sequentially, check that this is what was echoed
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_07_12_upload_seq_large(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         fdata = os.path.join(env.gen_dir, 'data-100k')
@@ -129,6 +139,8 @@ class TestUpload:
     # upload very large data sequentially, check that this is what was echoed
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_07_13_upload_seq_large(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         fdata = os.path.join(env.gen_dir, 'data-10m')
@@ -148,6 +160,8 @@ class TestUpload:
         '', '1', '123\n456andsomething\n\n'
     ])
     def test_07_14_upload_stdin(self, env: Env, httpd, nghttpx, proto, indata):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 1
@@ -161,6 +175,8 @@ class TestUpload:
 
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_07_15_hx_put(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 2
@@ -177,6 +193,8 @@ class TestUpload:
 
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_07_16_hx_put_reuse(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 2
@@ -193,6 +211,8 @@ class TestUpload:
 
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_07_17_hx_post_reuse(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 2
@@ -210,6 +230,8 @@ class TestUpload:
     # upload data parallel, check that they were echoed
     @pytest.mark.parametrize("proto", ['h2', 'h3'])
     def test_07_20_upload_parallel(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         # limit since we use a separate connection in h1
@@ -227,6 +249,8 @@ class TestUpload:
     # upload large data parallel, check that this is what was echoed
     @pytest.mark.parametrize("proto", ['h2', 'h3'])
     def test_07_21_upload_parallel_large(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         fdata = os.path.join(env.gen_dir, 'data-100k')
@@ -242,6 +266,8 @@ class TestUpload:
     # upload large data parallel to a URL that denies uploads
     @pytest.mark.parametrize("proto", ['h2', 'h3'])
     def test_07_22_upload_parallel_fail(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         fdata = os.path.join(env.gen_dir, 'data-10m')
@@ -258,6 +284,8 @@ class TestUpload:
     # PUT 100k
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_07_30_put_100k(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         fdata = os.path.join(env.gen_dir, 'data-100k')
@@ -276,6 +304,8 @@ class TestUpload:
     # PUT 10m
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_07_31_put_10m(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         fdata = os.path.join(env.gen_dir, 'data-10m')
@@ -294,6 +324,8 @@ class TestUpload:
     # issue #10591
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_07_32_issue_10591(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         fdata = os.path.join(env.gen_dir, 'data-10m')
@@ -307,6 +339,8 @@ class TestUpload:
     # correctly and not time out on sending
     def test_07_33_issue_11157a(self, env: Env, httpd, nghttpx):
         proto = 'h2'
+        if not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         fdata = os.path.join(env.gen_dir, 'data-10m')
         # send a POST to our PUT handler which will send immediately a 404 back
         url = f'https://{env.authority_for(env.domain1, proto)}/curltest/put'
@@ -328,6 +362,8 @@ class TestUpload:
     # issue #11157, send upload that is slowly read in
     def test_07_33_issue_11157b(self, env: Env, httpd, nghttpx):
         proto = 'h2'
+        if not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         fdata = os.path.join(env.gen_dir, 'data-10m')
         # tell our test PUT handler to read the upload more slowly, so
         # that the send buffering and transfer loop needs to wait
@@ -350,6 +386,8 @@ class TestUpload:
 
     def test_07_34_issue_11194(self, env: Env, httpd, nghttpx):
         proto = 'h2'
+        if not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         # tell our test PUT handler to read the upload more slowly, so
         # that the send buffering and transfer loop needs to wait
         fdata = os.path.join(env.gen_dir, 'data-100k')
@@ -369,6 +407,8 @@ class TestUpload:
 
     # upload large data on a h1 to h2 upgrade
     def test_07_35_h1_h2_upgrade_upload(self, env: Env, httpd, nghttpx):
+        if not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         fdata = os.path.join(env.gen_dir, 'data-100k')
         curl = CurlClient(env=env)
         url = f'http://{env.domain1}:{env.http_port}/curltest/echo?id=[0-0]'
@@ -386,6 +426,8 @@ class TestUpload:
     @pytest.mark.parametrize("redir", ['301', '302', '303'])
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_07_36_upload_30x(self, env: Env, httpd, nghttpx, redir, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         if proto == 'h3' and env.curl_uses_ossl_quic():
@@ -403,6 +445,8 @@ class TestUpload:
     # upload to a 307 response
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_07_37_upload_307(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         if proto == 'h3' and env.curl_uses_ossl_quic():
@@ -420,6 +464,8 @@ class TestUpload:
     # POST form data, yet another code path in transfer
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_07_38_form_small(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
@@ -432,6 +478,8 @@ class TestUpload:
     # POST data urlencoded, small enough to be sent with request headers
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_07_39_post_urlenc_small(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         fdata = os.path.join(env.gen_dir, 'data-63k')
@@ -448,6 +496,8 @@ class TestUpload:
     # POST data urlencoded, large enough to be sent separate from request headers
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_07_40_post_urlenc_large(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         fdata = os.path.join(env.gen_dir, 'data-64k')
@@ -468,6 +518,8 @@ class TestUpload:
     # of the time
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_07_41_post_urlenc_small(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         if proto == 'h3' and env.curl_uses_lib('quiche'):
@@ -501,6 +553,8 @@ class TestUpload:
     # issues #11769 #13260
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_07_42a_upload_disconnect(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         client = LocalClient(name='cli_upload_pausing', env=env, timeout=60)
@@ -521,6 +575,8 @@ class TestUpload:
     # upload data, pause, let connection die without any response at all
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_07_42b_upload_disconnect(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         client = LocalClient(name='cli_upload_pausing', env=env, timeout=60)
@@ -536,6 +592,8 @@ class TestUpload:
     # upload data, pause, let connection die after 100 continue
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_07_42c_upload_disconnect(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         client = LocalClient(name='cli_upload_pausing', env=env, timeout=60)
@@ -550,6 +608,8 @@ class TestUpload:
 
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_07_43_upload_denied(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         if proto == 'h3' and env.curl_uses_ossl_quic():
@@ -567,6 +627,8 @@ class TestUpload:
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     @pytest.mark.parametrize("httpcode", [301, 302, 307, 308])
     def test_07_44_put_redir(self, env: Env, httpd, nghttpx, proto, httpcode):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 1
@@ -591,6 +653,8 @@ class TestUpload:
     # speed limited on put handler
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_07_50_put_speed_limit(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 1
@@ -611,6 +675,8 @@ class TestUpload:
     # speed limited on echo handler
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_07_51_echo_speed_limit(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 1
@@ -707,6 +773,8 @@ class TestUpload:
     def test_07_70_put_earlydata(self, env: Env, httpd, nghttpx, proto, upload_size, exp_early):
         if not env.curl_can_early_data():
             pytest.skip('TLS earlydata not implemented')
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and \
            (not env.have_h3() or not env.curl_can_h3_early_data()):
             pytest.skip("h3 not supported")
diff --git a/tests/http/test_08_caddy.py b/tests/http/test_08_caddy.py
index 319ffeb962..afacee5917 100644
--- a/tests/http/test_08_caddy.py
+++ b/tests/http/test_08_caddy.py
@@ -70,6 +70,8 @@ class TestCaddy:
     # download 1 file
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_08_01_download_1(self, env: Env, caddy: Caddy, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3_curl():
             pytest.skip("h3 not supported in curl")
         curl = CurlClient(env=env)
@@ -80,6 +82,8 @@ class TestCaddy:
     # download 1MB files sequentially
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_08_02_download_1mb_sequential(self, env: Env, caddy: Caddy, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3_curl():
             pytest.skip("h3 not supported in curl")
         count = 50
@@ -91,6 +95,8 @@ class TestCaddy:
     # download 1MB files parallel
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_08_03_download_1mb_parallel(self, env: Env, caddy: Caddy, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3_curl():
             pytest.skip("h3 not supported in curl")
         count = 20
@@ -110,6 +116,8 @@ class TestCaddy:
     @pytest.mark.skipif(condition=Env().slow_network, reason="not suitable for slow network tests")
     @pytest.mark.parametrize("proto", ['h2', 'h3'])
     def test_08_04a_download_10mb_sequential(self, env: Env, caddy: Caddy, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3_curl():
             pytest.skip("h3 not supported in curl")
         count = 40
@@ -122,6 +130,8 @@ class TestCaddy:
     @pytest.mark.skipif(condition=Env().slow_network, reason="not suitable for slow network tests")
     @pytest.mark.parametrize("proto", ['h2', 'h3'])
     def test_08_04b_download_10mb_sequential(self, env: Env, caddy: Caddy, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3_curl():
             pytest.skip("h3 not supported in curl")
         count = 20
@@ -134,6 +144,8 @@ class TestCaddy:
     @pytest.mark.skipif(condition=Env().slow_network, reason="not suitable for slow network tests")
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_08_05_download_1mb_parallel(self, env: Env, caddy: Caddy, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3_curl():
             pytest.skip("h3 not supported in curl")
         if proto == 'http/1.1' and env.curl_uses_lib('mbedtls'):
@@ -155,6 +167,8 @@ class TestCaddy:
     # post data parallel, check that they were echoed
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_08_06_post_parallel(self, env: Env, httpd, caddy, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         # limit since we use a separate connection in h1
@@ -172,6 +186,8 @@ class TestCaddy:
     # put large file, check that they length were echoed
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_08_07_put_large(self, env: Env, httpd, caddy, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         # limit since we use a separate connection in h1<
@@ -190,6 +206,8 @@ class TestCaddy:
     def test_08_08_earlydata(self, env: Env, httpd, caddy, proto):
         if not env.curl_can_early_data():
             pytest.skip('TLS earlydata not implemented')
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and \
            (not env.have_h3() or not env.curl_can_h3_early_data()):
             pytest.skip("h3 not supported")
diff --git a/tests/http/test_09_push.py b/tests/http/test_09_push.py
index d149fabb30..ea73bbc7e5 100644
--- a/tests/http/test_09_push.py
+++ b/tests/http/test_09_push.py
@@ -61,6 +61,8 @@ class TestPush:
 
     # download a file that triggers a "103 Early Hints" response
     def test_09_01_h2_early_hints(self, env: Env, httpd, configures_httpd):
+        if not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         self.httpd_configure(env, httpd)
         curl = CurlClient(env=env)
         url = f'https://{env.domain1}:{env.https_port}/push/data1'
@@ -73,6 +75,8 @@ class TestPush:
         assert r.responses[0]['header']['link'] == '; rel=preload', f'{r.responses[0]}'
 
     def test_09_02_h2_push(self, env: Env, httpd, configures_httpd):
+        if not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         self.httpd_configure(env, httpd)
         # use localhost as we do not have resolve support in local client
         url = f'https://localhost:{env.https_port}/push/data1'
diff --git a/tests/http/test_10_proxy.py b/tests/http/test_10_proxy.py
index 592acbd60c..aa4e43a380 100644
--- a/tests/http/test_10_proxy.py
+++ b/tests/http/test_10_proxy.py
@@ -73,6 +73,8 @@ class TestProxy:
                         reason='curl lacks HTTPS-proxy support')
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
     def test_10_02_proxys_down(self, env: Env, httpd, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h2' and not env.curl_uses_lib('nghttp2'):
             pytest.skip('only supported with nghttp2')
         curl = CurlClient(env=env)
@@ -95,6 +97,8 @@ class TestProxy:
                         reason="no nghttpx available")
     def test_10_02_proxys_up(self, env: Env, httpd, nghttpx, proto,
                              fname, fcount):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h2' and not env.curl_uses_lib('nghttp2'):
             pytest.skip('only supported with nghttp2')
         count = fcount
@@ -136,6 +140,8 @@ class TestProxy:
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
     @pytest.mark.skipif(condition=not Env.have_ssl_curl(), reason="curl without SSL")
     def test_10_05_proxytunnel_http(self, env: Env, httpd, nghttpx_fwd, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         curl = CurlClient(env=env)
         url = f'https://localhost:{env.https_port}/data.json'
         xargs = curl.get_proxy_args(proxys=False, tunnel=True)
@@ -153,6 +159,8 @@ class TestProxy:
     @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug")
     @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings")
     def test_10_06_proxytunnel_https(self, env: Env, httpd, nghttpx_fwd, proto, tunnel):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if tunnel == 'h2' and not env.curl_uses_lib('nghttp2'):
             pytest.skip('only supported with nghttp2')
         curl = CurlClient(env=env)
@@ -181,6 +189,8 @@ class TestProxy:
     @pytest.mark.skipif(condition=not Env.have_nghttpx(), reason="no nghttpx available")
     def test_10_07_pts_down_small(self, env: Env, httpd, nghttpx_fwd, proto,
                                   tunnel, fname, fcount):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if tunnel == 'h2' and not env.curl_uses_lib('nghttp2'):
             pytest.skip('only supported with nghttp2')
         if env.curl_uses_lib('mbedtls') and \
@@ -215,6 +225,8 @@ class TestProxy:
     @pytest.mark.skipif(condition=not Env.have_nghttpx(), reason="no nghttpx available")
     def test_10_08_upload_seq_large(self, env: Env, httpd, nghttpx, proto,
                                     tunnel, fname, fcount):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if tunnel == 'h2' and not env.curl_uses_lib('nghttp2'):
             pytest.skip('only supported with nghttp2')
         if env.curl_uses_lib('mbedtls') and \
@@ -241,6 +253,8 @@ class TestProxy:
     @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug")
     @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings")
     def test_10_09_reuse_server(self, env: Env, httpd, nghttpx_fwd, tunnel):
+        if tunnel == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if tunnel == 'h2' and not env.curl_uses_lib('nghttp2'):
             pytest.skip('only supported with nghttp2')
         curl = CurlClient(env=env)
@@ -266,6 +280,8 @@ class TestProxy:
     @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings")
     def test_10_10_reuse_proxy(self, env: Env, httpd, nghttpx_fwd, tunnel):
         # url twice via https: proxy separated with '--next', will reuse
+        if tunnel == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if tunnel == 'h2' and not env.curl_uses_lib('nghttp2'):
             pytest.skip('only supported with nghttp2')
         if env.curl_uses_lib('mbedtls') and \
@@ -295,6 +311,8 @@ class TestProxy:
     @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings")
     def test_10_11_noreuse_proxy_https(self, env: Env, httpd, nghttpx_fwd, tunnel):
         # different --proxy-tls13-ciphers, no reuse of connection for https:
+        if tunnel == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         curl = CurlClient(env=env)
         if tunnel == 'h2' and not env.curl_uses_lib('nghttp2'):
             pytest.skip('only supported with nghttp2')
@@ -322,6 +340,8 @@ class TestProxy:
     @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings")
     def test_10_12_noreuse_proxy_http(self, env: Env, httpd, nghttpx_fwd, tunnel):
         # different --proxy-tls13-ciphers, no reuse of connection for http:
+        if tunnel == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if tunnel == 'h2' and not env.curl_uses_lib('nghttp2'):
             pytest.skip('only supported with nghttp2')
         curl = CurlClient(env=env)
@@ -349,6 +369,8 @@ class TestProxy:
     @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings")
     def test_10_13_noreuse_https(self, env: Env, httpd, nghttpx_fwd, tunnel):
         # different --tls13-ciphers on https: same proxy config
+        if tunnel == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if tunnel == 'h2' and not env.curl_uses_lib('nghttp2'):
             pytest.skip('only supported with nghttp2')
         curl = CurlClient(env=env)
@@ -373,6 +395,8 @@ class TestProxy:
                         reason='curl lacks HTTPS-proxy support')
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
     def test_10_14_proxys_ip_addr(self, env: Env, httpd, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h2' and not env.curl_uses_lib('nghttp2'):
             pytest.skip('only supported with nghttp2')
         curl = CurlClient(env=env)
diff --git a/tests/http/test_13_proxy_auth.py b/tests/http/test_13_proxy_auth.py
index 1f7c41e2dd..6576bdba1a 100644
--- a/tests/http/test_13_proxy_auth.py
+++ b/tests/http/test_13_proxy_auth.py
@@ -124,6 +124,8 @@ class TestProxyAuth:
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
     @pytest.mark.parametrize("tunnel", ['http/1.1', 'h2'])
     def test_13_07_tunnels_no_auth(self, env: Env, httpd, configures_httpd, nghttpx_fwd, proto, tunnel):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         self.httpd_configure(env, httpd)
         if tunnel == 'h2' and not env.curl_uses_lib('nghttp2'):
             pytest.skip('only supported with nghttp2')
@@ -144,6 +146,8 @@ class TestProxyAuth:
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
     @pytest.mark.parametrize("tunnel", ['http/1.1', 'h2'])
     def test_13_08_tunnels_auth(self, env: Env, httpd, configures_httpd, nghttpx_fwd, proto, tunnel):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         self.httpd_configure(env, httpd)
         if tunnel == 'h2' and not env.curl_uses_lib('nghttp2'):
             pytest.skip('only supported with nghttp2')
diff --git a/tests/http/test_14_auth.py b/tests/http/test_14_auth.py
index 944cb56fc2..3e15b22447 100644
--- a/tests/http/test_14_auth.py
+++ b/tests/http/test_14_auth.py
@@ -43,6 +43,8 @@ class TestAuth:
     # download 1 file, not authenticated
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_14_01_digest_get_noauth(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
@@ -55,6 +57,8 @@ class TestAuth:
     def test_14_02_digest_get_auth(self, env: Env, httpd, nghttpx, proto):
         if not env.curl_has_feature('digest'):
             pytest.skip("curl built without digest")
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
@@ -69,6 +73,8 @@ class TestAuth:
     def test_14_03_digest_put_auth(self, env: Env, httpd, nghttpx, proto):
         if not env.curl_has_feature('digest'):
             pytest.skip("curl built without digest")
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         if proto == 'h3' and env.curl_uses_ossl_quic():
@@ -86,6 +92,8 @@ class TestAuth:
     def test_14_04_digest_large_pw(self, env: Env, httpd, nghttpx, proto):
         if not env.curl_has_feature('digest'):
             pytest.skip("curl built without digest")
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         data='0123456789'
@@ -103,6 +111,8 @@ class TestAuth:
     # PUT data, basic auth large pw
     @pytest.mark.parametrize("proto", ['h2', 'h3'])
     def test_14_05_basic_large_pw(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         if proto == 'h3' and not env.curl_uses_lib('ngtcp2'):
@@ -123,6 +133,8 @@ class TestAuth:
     # PUT data, basic auth with very large pw
     @pytest.mark.parametrize("proto", ['h2', 'h3'])
     def test_14_06_basic_very_large_pw(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         if proto == 'h3' and env.curl_uses_lib('quiche'):
diff --git a/tests/http/test_16_info.py b/tests/http/test_16_info.py
index 53e335e950..017f799881 100644
--- a/tests/http/test_16_info.py
+++ b/tests/http/test_16_info.py
@@ -47,6 +47,8 @@ class TestInfo:
     # download plain file
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_16_01_info_download(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 2
@@ -62,6 +64,8 @@ class TestInfo:
     # download plain file with a 302 redirect
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_16_02_info_302_download(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 2
@@ -78,6 +82,8 @@ class TestInfo:
 
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_16_03_info_upload(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 2
diff --git a/tests/http/test_17_ssl_use.py b/tests/http/test_17_ssl_use.py
index 615658f06c..49a20c6994 100644
--- a/tests/http/test_17_ssl_use.py
+++ b/tests/http/test_17_ssl_use.py
@@ -118,6 +118,8 @@ class TestSSLUse:
     # use host name with trailing dot, verify handshake
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_17_03_trailing_dot(self, env: Env, proto, httpd, nghttpx):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
@@ -133,6 +135,8 @@ class TestSSLUse:
     # use host name with double trailing dot, verify handshake
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_17_04_double_dot(self, env: Env, proto, httpd, nghttpx):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
@@ -157,6 +161,8 @@ class TestSSLUse:
     def test_17_05_good_ip_addr(self, env: Env, proto, httpd, nghttpx):
         if env.curl_uses_lib('mbedtls'):
             pytest.skip("mbedTLS does use IP addresses in SNI")
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
@@ -174,6 +180,8 @@ class TestSSLUse:
     def test_17_05_bad_ip_addr(self, env: Env, proto,
                                httpd, configures_httpd,
                                nghttpx, configures_nghttpx):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         httpd.set_domain1_cred_name('domain1-no-ip')
@@ -191,6 +199,8 @@ class TestSSLUse:
     def test_17_05_very_bad_ip_addr(self, env: Env, proto,
                                     httpd, configures_httpd,
                                     nghttpx, configures_nghttpx):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         if env.curl_uses_lib('mbedtls'):
@@ -211,6 +221,8 @@ class TestSSLUse:
     # use localhost for connect
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_17_06_localhost(self, env: Env, proto, httpd, nghttpx):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
@@ -300,6 +312,8 @@ class TestSSLUse:
 
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_17_08_cert_status(self, env: Env, proto, httpd, nghttpx):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         if not env.curl_uses_lib('openssl') and \
@@ -421,6 +435,8 @@ class TestSSLUse:
     # use host name server has no certificate for
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_17_11_wrong_host(self, env: Env, proto, httpd, nghttpx):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
@@ -432,6 +448,8 @@ class TestSSLUse:
     # use host name server has no cert for with --insecure
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_17_12_insecure(self, env: Env, proto, httpd, nghttpx):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
@@ -446,8 +464,8 @@ class TestSSLUse:
     # connect to an expired certificate
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
     def test_17_14_expired_cert(self, env: Env, proto, httpd):
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         curl = CurlClient(env=env)
         url = f'https://{env.expired_domain}:{env.port_for(proto)}/'
         r = curl.http_get(url=url, alpn_proto=proto)
@@ -572,6 +590,8 @@ class TestSSLUse:
 
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_17_19_wrong_pin(self, env: Env, proto, httpd):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         if env.curl_uses_lib('rustls-ffi'):
@@ -586,6 +606,8 @@ class TestSSLUse:
 
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_17_20_correct_pin(self, env: Env, proto, httpd):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
diff --git a/tests/http/test_18_methods.py b/tests/http/test_18_methods.py
index afca5867ec..10f4867c15 100644
--- a/tests/http/test_18_methods.py
+++ b/tests/http/test_18_methods.py
@@ -45,6 +45,8 @@ class TestMethods:
     # download 1 file
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_18_01_delete(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         count = 1
@@ -59,6 +61,8 @@ class TestMethods:
     # should be accepted
     def test_18_02_delete_h2_special(self, env: Env, httpd, nghttpx):
         proto = 'h2'
+        if not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         count = 1
         curl = CurlClient(env=env)
         url = f'https://{env.authority_for(env.domain1, proto)}/curltest/tweak?id=[0-{count-1}]'\
diff --git a/tests/http/test_19_shutdown.py b/tests/http/test_19_shutdown.py
index a0167549fd..7bbc035f28 100644
--- a/tests/http/test_19_shutdown.py
+++ b/tests/http/test_19_shutdown.py
@@ -68,6 +68,8 @@ class TestShutdown:
     @pytest.mark.skipif(condition=not Env.tcpdump(), reason="tcpdump not available")
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
     def test_19_02_check_shutdown(self, env: Env, httpd, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if not env.curl_is_debug():
             pytest.skip('only works for curl debug builds')
         run_env = os.environ.copy()
@@ -164,6 +166,8 @@ class TestShutdown:
     # check graceful shutdown on multiplexed http
     @pytest.mark.parametrize("proto", ['h2', 'h3'])
     def test_19_06_check_shutdown(self, env: Env, httpd, nghttpx, proto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         if not env.curl_is_debug():
diff --git a/tests/http/test_40_socks.py b/tests/http/test_40_socks.py
index 6b43f878a6..2dd61cc2ec 100644
--- a/tests/http/test_40_socks.py
+++ b/tests/http/test_40_socks.py
@@ -63,6 +63,8 @@ class TestSocks:
     @pytest.mark.parametrize("sproto", ['socks4', 'socks5'])
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_40_02_socks_https(self, env: Env, sproto, proto, danted: Dante, httpd):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         curl = CurlClient(env=env, socks_args=[
@@ -78,6 +80,8 @@ class TestSocks:
     @pytest.mark.parametrize("sproto", ['socks4', 'socks5'])
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
     def test_40_03_dl_serial(self, env: Env, httpd, danted, proto, sproto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         count = 3
         urln = f'https://{env.authority_for(env.domain1, proto)}/data-10m?[0-{count-1}]'
         curl = CurlClient(env=env, socks_args=[
@@ -89,6 +93,8 @@ class TestSocks:
     @pytest.mark.parametrize("sproto", ['socks4', 'socks5'])
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
     def test_40_04_ul_serial(self, env: Env, httpd, danted, proto, sproto):
+        if proto == 'h2' and not env.have_h2_curl():
+            pytest.skip("h2 not supported")
         fdata = os.path.join(env.gen_dir, 'data-10m')
         count = 2
         curl = CurlClient(env=env, socks_args=[

From c2624818739916652a041164939afaba5bb5ee73 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sat, 8 Nov 2025 13:54:11 +0100
Subject: [PATCH 0749/2408] GHA/linux: build and test LibreSSL with Fil-C curl,
 enable pytests

Build and cache LibreSSL locally with Fil-C and enable it in the Fil-C
job.

Also:
- disable test 776 in the Fil-C job. It fails consistently, and due to
  flakiness seen earlier its result is disabled. In this job it seems to
  be adding 1 to 9 minues to the test run step and fails consistently.
- include Fil-C version in the LibreSSL cache key to prepare for Fil-C
  ABI changes.
- GHA/linux: fully quote `tflags` values to avoid breaking YAML.

Tested and confirmed working with OpenSSL too, but ended up with
LibreSSL for faster, smaller builds.

Closes #19407
---
 .github/workflows/linux.yml | 36 +++++++++++++++++++++++++++++-------
 1 file changed, 29 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml
index ccf171d932..a24681a307 100644
--- a/.github/workflows/linux.yml
+++ b/.github/workflows/linux.yml
@@ -193,13 +193,13 @@ jobs:
           - name: 'openssl torture !FTP'
             install_packages: libnghttp2-dev libssh2-1-dev libc-ares-dev
             generate: -DCURL_USE_OPENSSL=ON -DENABLE_DEBUG=ON -DENABLE_ARES=ON
-            tflags: -t --shallow=25 !FTP
+            tflags: '-t --shallow=25 !FTP'
             torture: true
 
           - name: 'openssl torture FTP'
             install_packages: libnghttp2-dev libssh2-1-dev libc-ares-dev
             generate: -DCURL_USE_OPENSSL=ON -DENABLE_DEBUG=ON -DENABLE_ARES=ON
-            tflags: -t --shallow=20 FTP
+            tflags: '-t --shallow=20 FTP'
             torture: true
 
           - name: 'openssl i686'
@@ -215,12 +215,13 @@ jobs:
           - name: '!ssl !http !smtp !imap'
             configure: --without-ssl --enable-debug --disable-http --disable-smtp --disable-imap --disable-unity
 
-          - name: 'Fil-C'
-            install_steps: filc
+          - name: 'libressl Fil-C'
+            install_steps: filc libressl-filc pytest
+            tflags: '!776'  # adds 1-9 minutes to the test run step, and fails consistently
             CC: /home/runner/filc/build/bin/filcc
             generate: >-
               -DBUILD_STATIC_LIBS=ON -DBUILD_SHARED_LIBS=OFF -DCMAKE_UNITY_BUILD=OFF
-              -DCURL_ENABLE_SSL=OFF -DCURL_USE_LIBPSL=OFF
+              -DOPENSSL_ROOT_DIR=/home/runner/libressl -DCURL_USE_LIBPSL=OFF
               -DCURL_ZLIB=OFF -DCURL_BROTLI=OFF -DCURL_ZSTD=OFF
               -DUSE_NGHTTP2=OFF -DCURL_DISABLE_LDAP=ON -DUSE_LIBIDN2=OFF -DCURL_USE_LIBSSH2=OFF
 
@@ -303,12 +304,12 @@ jobs:
           - name: 'event-based'
             install_packages: libssh-dev
             configure: --enable-debug --disable-shared --disable-threaded-resolver --with-libssh --with-openssl
-            tflags: -n --test-event '!TLS-SRP'
+            tflags: '-n --test-event !TLS-SRP'
 
           - name: 'duphandle'
             install_packages: libssh-dev
             configure: --enable-debug --disable-shared --disable-threaded-resolver --with-libssh --with-openssl
-            tflags: -n --test-duphandle '!TLS-SRP'
+            tflags: '-n --test-duphandle !TLS-SRP'
 
           - name: 'rustls valgrind'
             install_packages: libnghttp2-dev libldap-dev valgrind
@@ -413,6 +414,27 @@ jobs:
           cmake --build .
           cmake --install .
 
+      - name: 'cache libressl (filc)'
+        if: ${{ contains(matrix.build.install_steps, 'libressl-filc') }}
+        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        id: cache-libressl-filc
+        env:
+          cache-name: cache-libressl-filc
+        with:
+          path: ~/libressl
+          key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.LIBRESSL_VERSION }}-${{ env.FIL_C_VERSION }}
+
+      - name: 'build libressl (filc)'
+        if: ${{ contains(matrix.build.install_steps, 'libressl-filc') && steps.cache-libressl-filc.outputs.cache-hit != 'true' }}
+        run: |
+          curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \
+            --location "https://github.com/libressl/portable/releases/download/v${LIBRESSL_VERSION}/libressl-${LIBRESSL_VERSION}.tar.gz" | tar -xz
+          cd "libressl-${LIBRESSL_VERSION}"
+          cmake -B . -G Ninja -DLIBRESSL_APPS=OFF -DLIBRESSL_TESTS=OFF -DCMAKE_INSTALL_PREFIX=/home/runner/libressl \
+            -DCMAKE_C_COMPILER=/home/runner/filc/build/bin/filcc -DENABLE_ASM=OFF
+          cmake --build .
+          cmake --install .
+
       - name: 'cache wolfssl (all)'
         if: ${{ contains(matrix.build.install_steps, 'wolfssl-all') }}
         uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0

From 019874f1971332d3b988803feafd829a6b570fef Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sat, 8 Nov 2025 22:54:08 +0100
Subject: [PATCH 0750/2408] GHA/linux: stop disabling TLS-SRP tests in
 event-based & duphandle jobs

They were disabled since these jobs ran in Zuul. The tests are 320, 321,
322, 323, 324. Of which, 323 runs in CI, the rest needs `gnutls-serv`
with SRP enabled, which is not available in current jobs and no longer
offered by Ubuntu's `gnutls-bin` package. 324 doesn't appear as
a skipped test, 323 seems to be running fine, the rest are logged as
skipped. This suggests it's safe to drop the exceptions.

Closes #19413
---
 .github/workflows/linux.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml
index a24681a307..c3b1b02c15 100644
--- a/.github/workflows/linux.yml
+++ b/.github/workflows/linux.yml
@@ -304,12 +304,12 @@ jobs:
           - name: 'event-based'
             install_packages: libssh-dev
             configure: --enable-debug --disable-shared --disable-threaded-resolver --with-libssh --with-openssl
-            tflags: '-n --test-event !TLS-SRP'
+            tflags: '-n --test-event'
 
           - name: 'duphandle'
             install_packages: libssh-dev
             configure: --enable-debug --disable-shared --disable-threaded-resolver --with-libssh --with-openssl
-            tflags: '-n --test-duphandle !TLS-SRP'
+            tflags: '-n --test-duphandle'
 
           - name: 'rustls valgrind'
             install_packages: libnghttp2-dev libldap-dev valgrind

From 239c3898367a67f33afa199a3cf7ec2d51d1a423 Mon Sep 17 00:00:00 2001
From: x2018 
Date: Sat, 8 Nov 2025 20:07:54 +0800
Subject: [PATCH 0751/2408] openssl: release ssl_session if sess_reuse_cb fails

Closes #19405
---
 lib/vtls/openssl.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 59fd0cbd6d..5c2711c587 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -3775,8 +3775,10 @@ ossl_init_session_and_alpns(struct ossl_ctx *octx,
             bool do_early_data = FALSE;
             if(sess_reuse_cb) {
               result = sess_reuse_cb(cf, data, &alpns, scs, &do_early_data);
-              if(result)
+              if(result) {
+                SSL_SESSION_free(ssl_session);
                 return result;
+              }
             }
             if(do_early_data) {
               /* We only try the ALPN protocol the session used before,

From 59584399a5a10a923bc33adf3d2037143f279a4e Mon Sep 17 00:00:00 2001
From: x2018 
Date: Sat, 8 Nov 2025 23:44:58 +0800
Subject: [PATCH 0752/2408] tftp: release filename if conn_get_remote_addr
 fails

Closes #19409
---
 lib/tftp.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/lib/tftp.c b/lib/tftp.c
index ffea60f621..6536543151 100644
--- a/lib/tftp.c
+++ b/lib/tftp.c
@@ -479,6 +479,7 @@ static CURLcode tftp_send_first(struct tftp_conn *state,
                    state->blksize,
                    "%s%c%s%c", filename, '\0', mode, '\0');
     sbytes = 4 + strlen(filename) + strlen(mode);
+    free(filename);
 
     /* optional addition of TFTP options */
     if(!data->set.tftp_no_options) {
@@ -517,7 +518,6 @@ static CURLcode tftp_send_first(struct tftp_conn *state,
 
       if(result != CURLE_OK) {
         failf(data, "TFTP buffer too small for options");
-        free(filename);
         return CURLE_TFTP_ILLEGAL;
       }
     }
@@ -537,7 +537,6 @@ static CURLcode tftp_send_first(struct tftp_conn *state,
                       (SEND_TYPE_ARG3)sbytes, 0,
                       CURL_SENDTO_ARG5(&remote_addr->curl_sa_addr),
                       (curl_socklen_t)remote_addr->addrlen);
-    free(filename);
     if(senddata != (ssize_t)sbytes) {
       char buffer[STRERROR_LEN];
       failf(data, "%s", curlx_strerror(SOCKERRNO, buffer, sizeof(buffer)));

From 1bddfe02d5b3d728a01a85ee588696310876f0d9 Mon Sep 17 00:00:00 2001
From: x2018 
Date: Sun, 9 Nov 2025 00:37:16 +0800
Subject: [PATCH 0753/2408] asyn-thrdd: release rrname if ares_init_options
 fails

Closes #19410
---
 lib/asyn-thrdd.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/lib/asyn-thrdd.c b/lib/asyn-thrdd.c
index b25745ee1b..2ee4629890 100644
--- a/lib/asyn-thrdd.c
+++ b/lib/asyn-thrdd.c
@@ -376,14 +376,17 @@ static CURLcode async_rr_start(struct Curl_easy *data, int port)
   status = ares_init_options(&thrdd->rr.channel, NULL, 0);
   if(status != ARES_SUCCESS) {
     thrdd->rr.channel = NULL;
+    free(rrname);
     return CURLE_FAILED_INIT;
   }
 #ifdef CURLDEBUG
   if(getenv("CURL_DNS_SERVER")) {
     const char *servers = getenv("CURL_DNS_SERVER");
     status = ares_set_servers_ports_csv(thrdd->rr.channel, servers);
-    if(status)
+    if(status) {
+      free(rrname);
       return CURLE_FAILED_INIT;
+    }
   }
 #endif
 

From a002c50510b08807928637a2aac95d477e3762ee Mon Sep 17 00:00:00 2001
From: x2018 
Date: Sun, 9 Nov 2025 01:54:51 +0800
Subject: [PATCH 0754/2408] ftp: refactor a piece of code by merging the
 repeated part

Closes #19411
---
 lib/ftp.c | 15 +++++----------
 1 file changed, 5 insertions(+), 10 deletions(-)

diff --git a/lib/ftp.c b/lib/ftp.c
index 819fab462b..dd70c2a5ce 100644
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -2744,16 +2744,6 @@ static CURLcode ftp_pwd_resp(struct Curl_easy *data,
           free(dir);
           return result;
         }
-        free(ftpc->entrypath);
-        ftpc->entrypath = dir; /* remember this */
-        infof(data, "Entry path is '%s'", ftpc->entrypath);
-        /* also save it where getinfo can access it: */
-        free(data->state.most_recent_ftp_entrypath);
-        data->state.most_recent_ftp_entrypath = strdup(ftpc->entrypath);
-        if(!data->state.most_recent_ftp_entrypath)
-          return CURLE_OUT_OF_MEMORY;
-        ftp_state(data, ftpc, FTP_SYST);
-        return result;
       }
 
       free(ftpc->entrypath);
@@ -2764,6 +2754,11 @@ static CURLcode ftp_pwd_resp(struct Curl_easy *data,
       data->state.most_recent_ftp_entrypath = strdup(ftpc->entrypath);
       if(!data->state.most_recent_ftp_entrypath)
         return CURLE_OUT_OF_MEMORY;
+
+      if(!ftpc->server_os && dir[0] != '/') {
+        ftp_state(data, ftpc, FTP_SYST);
+        return CURLE_OK;
+      }
     }
     else {
       /* could not get the path */

From 92fd791f310eb5b1dec6bc4708631fd7f5e87598 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Sun, 9 Nov 2025 11:12:06 +0100
Subject: [PATCH 0755/2408] mqtt: reject overly big messages

Reported-by: Jiyong Yang
Closes #19415
---
 lib/mqtt.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/lib/mqtt.c b/lib/mqtt.c
index 0bf956c05b..bac319e63a 100644
--- a/lib/mqtt.c
+++ b/lib/mqtt.c
@@ -582,6 +582,8 @@ fail:
   return result;
 }
 
+#define MAX_MQTT_MESSAGE_SIZE 0xFFFFFFF
+
 static CURLcode mqtt_publish(struct Curl_easy *data)
 {
   CURLcode result;
@@ -611,6 +613,8 @@ static CURLcode mqtt_publish(struct Curl_easy *data)
 
   remaininglength = payloadlen + 2 + topiclen;
   encodelen = mqtt_encode_len(encodedbytes, remaininglength);
+  if(MAX_MQTT_MESSAGE_SIZE - remaininglength - 1 < encodelen)
+    return CURLE_TOO_LARGE;
 
   /* add the control byte and the encoded remaining length */
   pkt = malloc(remaininglength + 1 + encodelen);

From 7aa50124c270fdc596a39653b7c850ada7ea50e5 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Sun, 9 Nov 2025 11:45:03 +0100
Subject: [PATCH 0756/2408] TODO: improve code for large MQTT payloads

Closes #19416
---
 docs/TODO | 19 ++++++++++++++-----
 1 file changed, 14 insertions(+), 5 deletions(-)

diff --git a/docs/TODO b/docs/TODO
index add6819eae..99e8d1dd60 100644
--- a/docs/TODO
+++ b/docs/TODO
@@ -180,6 +180,7 @@
  21.1 Support rate-limiting
  21.2 Support MQTTS
  21.3 Handle network blocks
+ 21.4 large payloads
 
  22. TFTP
  22.1 TFTP does not convert LF to CRLF for mode=netascii
@@ -1270,16 +1271,24 @@
 
 21.3 Handle network blocks
 
-  Running test suite with
-  `CURL_DBG_SOCK_WBLOCK=90 ./runtests.pl -a mqtt` makes several
-  MQTT test cases fail where they should not.
+ Running test suite with `CURL_DBG_SOCK_WBLOCK=90 ./runtests.pl -a mqtt` makes
+ several MQTT test cases fail where they should not.
+
+21.4 large payloads
+
+ libcurl unnecessarily allocates heap memory to hold the entire payload to get
+ sent, when the data is already perfectly accessible where it is when
+ `CURLOPT_POSTFIELDS` is used. This is highly inefficient for larger payloads.
+ Additionally, libcurl does not support using the read callback for sending
+ MQTT which is yet another way to avoid having to hold large payload in
+ memory.
 
 22. TFTP
 
 22.1 TFTP does not convert LF to CRLF for mode=netascii
 
- RFC 3617 defines that an TFTP transfer can be done using "netascii"
- mode. curl does not support extracting that mode from the URL nor does it treat
+ RFC 3617 defines that an TFTP transfer can be done using "netascii" mode.
+ curl does not support extracting that mode from the URL nor does it treat
  such transfers specifically. It should probably do LF to CRLF translations
  for them.
 

From d35c880a75fb31166b3e2e9f7c45bd0b3645fa44 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sun, 9 Nov 2025 12:56:42 +0100
Subject: [PATCH 0757/2408] INSTALL-CMAKE.md: document static option defaults
 more

Closes #19419
---
 docs/INSTALL-CMAKE.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/INSTALL-CMAKE.md b/docs/INSTALL-CMAKE.md
index 4b9b85326f..edce5c0e72 100644
--- a/docs/INSTALL-CMAKE.md
+++ b/docs/INSTALL-CMAKE.md
@@ -222,8 +222,8 @@ target_link_libraries(my_target PRIVATE CURL::libcurl)
 - `BUILD_LIBCURL_DOCS`:                     Build libcurl man pages. Default: `ON`
 - `BUILD_MISC_DOCS`:                        Build misc man pages (e.g. `curl-config` and `mk-ca-bundle`). Default: `ON`
 - `BUILD_SHARED_LIBS`:                      Build shared libraries. Default: `ON`
-- `BUILD_STATIC_CURL`:                      Build curl executable with static libcurl. Default: `OFF`
-- `BUILD_STATIC_LIBS`:                      Build static libraries. Default: `OFF`
+- `BUILD_STATIC_CURL`:                      Build curl executable with static libcurl. Default: `OFF` (turns to `ON`, when building static libcurl only)
+- `BUILD_STATIC_LIBS`:                      Build static libraries. Default: `OFF` (turns to `ON` if `BUILD_SHARED_LIBS` is `OFF`)
 - `BUILD_TESTING`:                          Build tests. Default: `ON`
 - `CURL_CLANG_TIDY`:                        Run the build through `clang-tidy`. Default: `OFF`
 - `CURL_CLANG_TIDYFLAGS`:                   Custom options to pass to `clang-tidy`. Default: (empty)

From f760a5cef79b73bb5716024638148d9b8dce02f4 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sun, 9 Nov 2025 15:54:11 +0100
Subject: [PATCH 0758/2408] tests/data: replace `%CR` with `crlf=headers` where
 possible

Missed them in previous rounds of updates:
test 433, 1375, 1376, 1377, 1429

Closes #19424
---
 tests/data/test1375 | 18 +++++++++---------
 tests/data/test1376 | 16 ++++++++--------
 tests/data/test1377 | 18 +++++++++---------
 tests/data/test1429 | 24 ++++++++++++------------
 tests/data/test433  | 10 +++++-----
 5 files changed, 43 insertions(+), 43 deletions(-)

diff --git a/tests/data/test1375 b/tests/data/test1375
index 9af026ba2e..a02a616732 100644
--- a/tests/data/test1375
+++ b/tests/data/test1375
@@ -8,15 +8,15 @@ HTTP GET
 
 #
 
-
-HTTP/1.1 200 OK%CR
-Date: Tue, 09 Nov 2010 14:49:00 GMT%CR
-Server: test-server/fake%CR
-Content-Length: 6%CR
-Connection: close%CR
-Content-Type: text/html%CR
-Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange%CR
-%CR
+
+HTTP/1.1 200 OK
+Date: Tue, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Content-Length: 6
+Connection: close
+Content-Type: text/html
+Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange
+
 12345
 
 
diff --git a/tests/data/test1376 b/tests/data/test1376
index d673bd7353..379dee3018 100644
--- a/tests/data/test1376
+++ b/tests/data/test1376
@@ -8,14 +8,14 @@ HTTP GET
 
 #
 
-
-HTTP/1.1 200 OK%CR
-Date: Tue, 09 Nov 2010 14:49:00 GMT%CR
-Server: test-server/fake%CR
-Content-Length: 6%CR
-Connection: close%CR
-Content-Type: text/html%CR
-%CR
+
+HTTP/1.1 200 OK
+Date: Tue, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Content-Length: 6
+Connection: close
+Content-Type: text/html
+
 12345
 
 
diff --git a/tests/data/test1377 b/tests/data/test1377
index c2ade403d2..7a8234891d 100644
--- a/tests/data/test1377
+++ b/tests/data/test1377
@@ -8,15 +8,15 @@ HTTP GET
 
 #
 
-
-HTTP/1.1 200 OK%CR
-Date: Tue, 09 Nov 2010 14:49:00 GMT%CR
-Server: test-server/fake%CR
-Content-Length: 6%CR
-Connection: close%CR
-Content-Type: text/html%CR
-Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange%CR
-%CR
+
+HTTP/1.1 200 OK
+Date: Tue, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Content-Length: 6
+Connection: close
+Content-Type: text/html
+Content-Disposition: filename=name%TESTNUMBER; charset=funny; option=strange
+
 12345
 
 
diff --git a/tests/data/test1429 b/tests/data/test1429
index b9c6bd126d..f08c0dae2a 100644
--- a/tests/data/test1429
+++ b/tests/data/test1429
@@ -8,18 +8,18 @@ HTTP/0.9
 
 
 
-
-HTTP/1.1 999 OK%CR
-Date: Tue, 09 Nov 2010 14:49:00 GMT%CR
-Server: test-server/fake%CR
-Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT%CR
-ETag: "21025-dc7-39462498"%CR
-Accept-Ranges: bytes%CR
-Content-Length: 6%CR
-Connection: close%CR
-Content-Type: text/html%CR
-Funny-head: yesyes%CR
-%CR
+
+HTTP/1.1 999 OK
+Date: Tue, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT
+ETag: "21025-dc7-39462498"
+Accept-Ranges: bytes
+Content-Length: 6
+Connection: close
+Content-Type: text/html
+Funny-head: yesyes
+
 -foo-
 
 
diff --git a/tests/data/test433 b/tests/data/test433
index c6c77d90bb..63c884fdbe 100644
--- a/tests/data/test433
+++ b/tests/data/test433
@@ -8,11 +8,11 @@
 #
 # Server-side
 
-
-HTTP/1.1 200 OK%CR
-Content-Length: 6%CR
-Content-Type: text/1%CR
-%CR
+
+HTTP/1.1 200 OK
+Content-Length: 6
+Content-Type: text/1
+
 -foo-
 
 

From 49ef2f8d1ef78e702c73f5d72242301cc2a0157e Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sat, 8 Nov 2025 02:27:23 +0100
Subject: [PATCH 0759/2408] cmake: adjust defaults for target platforms not
 supporting shared libs

If CMake reports the target platform not supporting shared libs, turn
`BUILD_SHARED_LIBS` off by default. CMake 3.30+ fails with an error
when trying to create a `SHARED` target for such platforms. Earlier
versions used a workaround that may or may not have worked in practice.

Ref: https://cmake.org/cmake/help/v3.30/policy/CMP0164.html

Seen this with a build setting `-DCMAKE_SYSTEM_NAME=Generic`, e.g.
AmigaOS.

Note this may introduce incompatibility for "Generic" targets, which
support shared libs. If that's the case, set `BUILD_SHARED_LIBS=ON`
manually.

Also drop AmigaOS-specific logic handled automatically after this patch.

Ref: https://cmake.org/cmake/help/v3.7/command/get_property.html
Ref: https://cmake.org/cmake/help/v3.7/prop_gbl/TARGET_SUPPORTS_SHARED_LIBS.html

Closes #19420
---
 CMakeLists.txt        | 5 +++--
 docs/INSTALL-CMAKE.md | 2 +-
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 068d97d49b..8113cdea90 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -204,7 +204,8 @@ endif()
 option(CURL_WERROR "Turn compiler warnings into errors" OFF)
 option(PICKY_COMPILER "Enable picky compiler options" ON)
 option(BUILD_CURL_EXE "Build curl executable" ON)
-option(BUILD_SHARED_LIBS "Build shared libraries" ON)
+get_property(_has_shared GLOBAL PROPERTY TARGET_SUPPORTS_SHARED_LIBS)
+option(BUILD_SHARED_LIBS "Build shared libraries" ${_has_shared})
 option(BUILD_STATIC_LIBS "Build static libraries" OFF)
 option(BUILD_STATIC_CURL "Build curl executable with static libcurl" OFF)
 option(ENABLE_ARES "Enable c-ares support" OFF)
@@ -260,7 +261,7 @@ if(WIN32)
     endif()
     unset(MINGW64_VERSION CACHE)  # Avoid storing in CMake cache
   endif()
-elseif(DOS OR AMIGA)
+elseif(DOS)
   set(BUILD_SHARED_LIBS OFF)
   set(BUILD_STATIC_LIBS ON)
 endif()
diff --git a/docs/INSTALL-CMAKE.md b/docs/INSTALL-CMAKE.md
index edce5c0e72..9921fbf12c 100644
--- a/docs/INSTALL-CMAKE.md
+++ b/docs/INSTALL-CMAKE.md
@@ -221,7 +221,7 @@ target_link_libraries(my_target PRIVATE CURL::libcurl)
 - `BUILD_EXAMPLES`:                         Build libcurl examples. Default: `ON`
 - `BUILD_LIBCURL_DOCS`:                     Build libcurl man pages. Default: `ON`
 - `BUILD_MISC_DOCS`:                        Build misc man pages (e.g. `curl-config` and `mk-ca-bundle`). Default: `ON`
-- `BUILD_SHARED_LIBS`:                      Build shared libraries. Default: `ON`
+- `BUILD_SHARED_LIBS`:                      Build shared libraries. Default: `ON` (if target platform supports shared libs, otherwise `OFF`)
 - `BUILD_STATIC_CURL`:                      Build curl executable with static libcurl. Default: `OFF` (turns to `ON`, when building static libcurl only)
 - `BUILD_STATIC_LIBS`:                      Build static libraries. Default: `OFF` (turns to `ON` if `BUILD_SHARED_LIBS` is `OFF`)
 - `BUILD_TESTING`:                          Build tests. Default: `ON`

From 67236f7edd0a69d6d2fdb51f493b6b77d108d809 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 4 Nov 2025 14:51:31 +0100
Subject: [PATCH 0760/2408] tests/data: delete stray space indentation from xml
 tags

Closes #19428
---
 tests/data/test1129 | 2 +-
 tests/data/test1130 | 2 +-
 tests/data/test1131 | 2 +-
 tests/data/test1164 | 2 +-
 tests/data/test1176 | 2 +-
 tests/data/test1327 | 2 +-
 tests/data/test1499 | 6 +++---
 tests/data/test1571 | 6 +++---
 tests/data/test1572 | 6 +++---
 tests/data/test1573 | 6 +++---
 tests/data/test1581 | 6 +++---
 tests/data/test17   | 4 ++--
 tests/data/test1909 | 2 +-
 tests/data/test2033 | 4 ++--
 tests/data/test2070 | 4 ++--
 tests/data/test2079 | 4 ++--
 tests/data/test2087 | 4 ++--
 tests/data/test256  | 2 +-
 tests/data/test319  | 4 ++--
 tests/data/test326  | 4 ++--
 tests/data/test376  | 2 +-
 tests/data/test38   | 2 +-
 tests/data/test471  | 2 +-
 tests/data/test513  | 2 +-
 tests/data/test514  | 2 +-
 tests/data/test56   | 4 ++--
 tests/data/test587  | 2 +-
 tests/data/test728  | 6 +++---
 tests/data/test74   | 2 +-
 tests/data/test75   | 2 +-
 tests/data/test86   | 2 +-
 tests/data/test87   | 2 +-
 tests/data/test982  | 2 +-
 tests/data/test985  | 2 +-
 34 files changed, 54 insertions(+), 54 deletions(-)

diff --git a/tests/data/test1129 b/tests/data/test1129
index 9a81043b17..66f74fc1dc 100644
--- a/tests/data/test1129
+++ b/tests/data/test1129
@@ -50,7 +50,7 @@ http
 
 HTTP POST expect 100-continue with a 404
 
- 
+
 -d @%LOGDIR/file%TESTNUMBER --expect100-timeout 99 http://%HOSTIP:%HTTPPORT/%TESTNUMBER http://%HOSTIP:%HTTPPORT/%TESTNUMBER0001
 
 
diff --git a/tests/data/test1130 b/tests/data/test1130
index 1057d06d72..839ba75398 100644
--- a/tests/data/test1130
+++ b/tests/data/test1130
@@ -51,7 +51,7 @@ http
 
 HTTP POST forced expect 100-continue with a 404
 
- 
+
 -d @%LOGDIR/file%TESTNUMBER http://%HOSTIP:%HTTPPORT/%TESTNUMBER http://%HOSTIP:%HTTPPORT/%TESTNUMBER0001 -H "Expect: 100-continue" --expect100-timeout 99
 
 
diff --git a/tests/data/test1131 b/tests/data/test1131
index 51601c03ad..8abf2a6245 100644
--- a/tests/data/test1131
+++ b/tests/data/test1131
@@ -51,7 +51,7 @@ http
 
 HTTP PUT expect 100-continue with a 400
 
- 
+
 -H "Expect: 100-continue" -T %LOGDIR/file%TESTNUMBER http://%HOSTIP:%HTTPPORT/%TESTNUMBER -T %LOGDIR/file%TESTNUMBER http://%HOSTIP:%HTTPPORT/%TESTNUMBER0001 --expect100-timeout 99
 
 
diff --git a/tests/data/test1164 b/tests/data/test1164
index 27934a7b75..ed58ffb22c 100644
--- a/tests/data/test1164
+++ b/tests/data/test1164
@@ -23,7 +23,7 @@ http
 
 HTTP/0.9 GET and all zeroes
 
- 
+
 http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w '%{size_download}\n' --http0.9
 
 
diff --git a/tests/data/test1176 b/tests/data/test1176
index 6d38e8689f..f180236204 100644
--- a/tests/data/test1176
+++ b/tests/data/test1176
@@ -33,7 +33,7 @@ http
 
 --output using #0
 
- 
+
 http://%HOSTIP:%HTTPPORT/%TESTNUMBER -o '%LOGDIR/base-#0'
 
 
diff --git a/tests/data/test1327 b/tests/data/test1327
index 1a4ac89875..70b922c333 100644
--- a/tests/data/test1327
+++ b/tests/data/test1327
@@ -31,7 +31,7 @@ GET /ignore/for/%TESTNUMBER HTTP/1.0
 GET /we/want/%TESTNUMBER HTTP/1.0
 
 
- 
+
 telnet://%HOSTIP:%HTTPPORT -T %LOGDIR/%TESTNUMBER.txt
 
 
diff --git a/tests/data/test1499 b/tests/data/test1499
index 54fec71049..01c8781dd8 100644
--- a/tests/data/test1499
+++ b/tests/data/test1499
@@ -48,10 +48,10 @@ writedelay: 10
 
 http
 
- 
+
 HTTP chunked encoding and chunked trailer, twice
- 
- 
+
+
 http://%HOSTIP:%HTTPPORT/%TESTNUMBER http://%HOSTIP:%HTTPPORT/%TESTNUMBER -D %LOGDIR/heads%TESTNUMBER
 
 
diff --git a/tests/data/test1571 b/tests/data/test1571
index 8a2bfb4616..58091c0802 100644
--- a/tests/data/test1571
+++ b/tests/data/test1571
@@ -65,10 +65,10 @@ http
 lib%TESTNUMBER
 
 
- 
+
 CURLFOLLOW_OBEYCODE with custom POST method, 302 => GET
- 
- 
+
+
 http://%HOSTIP:%HTTPPORT/%TESTNUMBER
 
 
diff --git a/tests/data/test1572 b/tests/data/test1572
index 53683ed88f..b502ea9572 100644
--- a/tests/data/test1572
+++ b/tests/data/test1572
@@ -65,10 +65,10 @@ http
 lib1571
 
 
- 
+
 CURLFOLLOW_OBEYCODE with custom POST method, 308 => custom
- 
- 
+
+
 http://%HOSTIP:%HTTPPORT/%TESTNUMBER
 
 
diff --git a/tests/data/test1573 b/tests/data/test1573
index e13522964f..01f5abc117 100644
--- a/tests/data/test1573
+++ b/tests/data/test1573
@@ -65,10 +65,10 @@ http
 lib1571
 
 
- 
+
 CURLFOLLOW_OBEYCODE with custom GET method, 301 => custom
- 
- 
+
+
 http://%HOSTIP:%HTTPPORT/%TESTNUMBER
 
 
diff --git a/tests/data/test1581 b/tests/data/test1581
index f3f29757a2..3de7e7b400 100644
--- a/tests/data/test1581
+++ b/tests/data/test1581
@@ -65,10 +65,10 @@ http
 lib1571
 
 
- 
+
 CURLFOLLOW_OBEYCODE with custom POST301 method, 301 => custom
- 
- 
+
+
 http://%HOSTIP:%HTTPPORT/%TESTNUMBER
 
 
diff --git a/tests/data/test17 b/tests/data/test17
index 31e2a8e536..f0e5dea74c 100644
--- a/tests/data/test17
+++ b/tests/data/test17
@@ -25,7 +25,7 @@ http
 
 HTTP with config file on stdin
 
- 
+
 #
 # Use a silly request without '--':
 request MOOO
@@ -35,7 +35,7 @@ request MOOO
 #
 # long option *with* '--':
 --max-time 180
- 
+
 
 -K - %HOSTIP:%HTTPPORT/that.site.com/%TESTNUMBER
 
diff --git a/tests/data/test1909 b/tests/data/test1909
index a7be2d3076..bb81008588 100644
--- a/tests/data/test1909
+++ b/tests/data/test1909
@@ -35,7 +35,7 @@ http
 
 HTTP GET --retry-all-errors to overcome partial transfer
 
- 
+
 --retry 1 --retry-all-errors -o %LOGDIR/outfile%TESTNUMBER http://%HOSTIP:%HTTPPORT/%TESTNUMBER
 
 
diff --git a/tests/data/test2033 b/tests/data/test2033
index 32c9edc67c..0526db9954 100644
--- a/tests/data/test2033
+++ b/tests/data/test2033
@@ -35,10 +35,10 @@ https test-localhost.pem
 
 simple HTTPS GET with DER public key pinning (Schannel variant)
 
- 
+
 # This test is pointless if we are not using the Schannel backend
 CURL_SSL_BACKEND=schannel
- 
+
 
 -4 --cacert %CERTDIR/certs/test-ca.crt --pinnedpubkey %CERTDIR/certs/test-localhost.pub.der --ssl-revoke-best-effort https://localhost:%HTTPSPORT/%TESTNUMBER
 
diff --git a/tests/data/test2070 b/tests/data/test2070
index 0dfa5db727..a3b5a4ba78 100644
--- a/tests/data/test2070
+++ b/tests/data/test2070
@@ -34,10 +34,10 @@ https test-localhost.pem
 
 Ignore certificate revocation "best effort" strategy
 
-  
+
 # This test is pointless if we are not using the Schannel backend
 CURL_SSL_BACKEND=schannel
- 
+
 
 -4 --cacert %CERTDIR/certs/test-ca.crt --ssl-revoke-best-effort https://localhost:%HTTPSPORT/%TESTNUMBER
 
diff --git a/tests/data/test2079 b/tests/data/test2079
index 78709f3a2c..701b55fb65 100644
--- a/tests/data/test2079
+++ b/tests/data/test2079
@@ -35,10 +35,10 @@ https test-localhost.pem
 
 simple HTTPS GET with PEM public key pinning (Schannel variant)
 
- 
+
 # This test is pointless if we are not using the Schannel backend
 CURL_SSL_BACKEND=schannel
- 
+
 
 -4 --cacert %CERTDIR/certs/test-ca.crt --pinnedpubkey %CERTDIR/certs/test-localhost.pub.pem --ssl-revoke-best-effort https://localhost:%HTTPSPORT/%TESTNUMBER
 
diff --git a/tests/data/test2087 b/tests/data/test2087
index 7c71767234..87fd29740a 100644
--- a/tests/data/test2087
+++ b/tests/data/test2087
@@ -35,10 +35,10 @@ https test-localhost.pem
 
 simple HTTPS GET with base64-sha256 public key pinning (Schannel variant)
 
- 
+
 # This test is pointless if we are not using the Schannel backend
 CURL_SSL_BACKEND=schannel
- 
+
 
 -4 --cacert %CERTDIR/certs/test-ca.crt --pinnedpubkey sha256//%sha256b64file[%CERTDIR/certs/test-localhost.pub.der]sha256b64file% --ssl-revoke-best-effort https://localhost:%HTTPSPORT/%TESTNUMBER
 
diff --git a/tests/data/test256 b/tests/data/test256
index ca76e73861..eb4acefb2c 100644
--- a/tests/data/test256
+++ b/tests/data/test256
@@ -28,7 +28,7 @@ http
 
 HTTP resume request over proxy with auth without server supporting it
 
- 
+
 -x http://%HOSTIP:%HTTPPORT http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -C - --no-include -o %LOGDIR/fewl%TESTNUMBER.txt -U daniel:stenberg
 
 
diff --git a/tests/data/test319 b/tests/data/test319
index 6258a12720..c0cb54fb06 100644
--- a/tests/data/test319
+++ b/tests/data/test319
@@ -40,9 +40,9 @@ http
 
 HTTP GET gobbledigook transfer-encoded data in raw mode
 
- 
+
 http://%HOSTIP:%HTTPPORT/%TESTNUMBER --raw
- 
+
 
 
 #
diff --git a/tests/data/test326 b/tests/data/test326
index 4c3ed3e085..3c004e2037 100644
--- a/tests/data/test326
+++ b/tests/data/test326
@@ -45,9 +45,9 @@ http
 
 HTTP GET chunked data in raw mode
 
- 
+
 http://%HOSTIP:%HTTPPORT/%TESTNUMBER --raw
- 
+
 
 
 #
diff --git a/tests/data/test376 b/tests/data/test376
index 16c28002d6..1f25a3930a 100644
--- a/tests/data/test376
+++ b/tests/data/test376
@@ -34,7 +34,7 @@ http
 
 --remove-on-error
 
- 
+
 http://%HOSTIP:%HTTPPORT/%TESTNUMBER -o %LOGDIR/save-%TESTNUMBER --remove-on-error
 
 
diff --git a/tests/data/test38 b/tests/data/test38
index d48e743a46..31207b9596 100644
--- a/tests/data/test38
+++ b/tests/data/test38
@@ -27,7 +27,7 @@ http
 
 HTTP resume request without server supporting it
 
- 
+
 http://%HOSTIP:%HTTPPORT/want/%TESTNUMBER -C - --no-include -o %LOGDIR/fewl%TESTNUMBER.txt
 
 
diff --git a/tests/data/test471 b/tests/data/test471
index e434198ad1..f32ccd1277 100644
--- a/tests/data/test471
+++ b/tests/data/test471
@@ -46,7 +46,7 @@ http
 
 Reject HTTP/1.1 to HTTP/2 switch on the same connection
 
- 
+
 "http://%HOSTIP:%HTTPPORT/{%TESTNUMBER,%TESTNUMBER0001}" -o "%LOGDIR/dumpit#1.dump"
 
 
diff --git a/tests/data/test513 b/tests/data/test513
index d61d2be4a5..d63e071b90 100644
--- a/tests/data/test513
+++ b/tests/data/test513
@@ -25,7 +25,7 @@ lib%TESTNUMBER
 send HTTP POST using read callback that returns CURL_READFUNC_ABORT
 
 # the 1s post-command delay helps to prevent a spurious failure on s390
- 
+
 http://%HOSTIP:%HTTPPORT/%TESTNUMBER
 
 
diff --git a/tests/data/test514 b/tests/data/test514
index 9ab14de7c6..71dd74e42b 100644
--- a/tests/data/test514
+++ b/tests/data/test514
@@ -36,7 +36,7 @@ lib%TESTNUMBER
 First set options to POST and then to make HEAD
 
 # the 1s post-command delay helps to prevent a spurious failure on s390
- 
+
 http://%HOSTIP:%HTTPPORT/%TESTNUMBER
 
 
diff --git a/tests/data/test56 b/tests/data/test56
index 5ced385bb0..5dea16c0c1 100644
--- a/tests/data/test56
+++ b/tests/data/test56
@@ -26,7 +26,7 @@ http
 
 HTTP POST with *HUGE* request and chunked transfer-encoding
 
- 
+
 #
 data "we post this"
 #
@@ -36,7 +36,7 @@ header "Transfer-Encoding: chunked"
 # Set the user-agent using a short-option:
 -A "%repeat[99999 x a]%"
 #
- 
+
 
 -K - %HOSTIP:%HTTPPORT/that.site.com/%TESTNUMBER
 
diff --git a/tests/data/test587 b/tests/data/test587
index 44e1fb047d..85f7453735 100644
--- a/tests/data/test587
+++ b/tests/data/test587
@@ -33,7 +33,7 @@ HTTP multi-part formpost with aborted read callback
 
 # Add a delay to give server time to write its output since we otherwise might
 # not even give it enough time to write its lock file.
- 
+
 http://%HOSTIP:%HTTPPORT/%TESTNUMBER
 
 
diff --git a/tests/data/test728 b/tests/data/test728
index 3be1911390..19d45ab4e1 100644
--- a/tests/data/test728
+++ b/tests/data/test728
@@ -33,10 +33,10 @@ proxy
 http
 socks5
 
- 
+
 SOCKS5h with HTTP redirect to hostname too long
- 
- 
+
+
 --no-progress-meter --location --proxy socks5h://%HOSTIP:%SOCKSPORT http://%HOSTIP:%HTTPPORT/%TESTNUMBER
 
 
diff --git a/tests/data/test74 b/tests/data/test74
index 0d10f20587..d23c5da450 100644
--- a/tests/data/test74
+++ b/tests/data/test74
@@ -42,7 +42,7 @@ http
 
 HTTP, urlglob {}-retrieval and -o #[num] usage
 
- 
+
 "http://%HOSTIP:%HTTPPORT/{%TESTNUMBER,%TESTNUMBER0001}" -o "%LOGDIR/dumpit#1.dump"
 
 
diff --git a/tests/data/test75 b/tests/data/test75
index 3aa416a5b3..a79a929201 100644
--- a/tests/data/test75
+++ b/tests/data/test75
@@ -21,7 +21,7 @@ http
 
 HTTP, urlglob retrieval with bad range
 
- 
+
 "http://a-site-never-accessed.example.org/[2-1]" -o "%LOGDIR/weee#1.dump" --stderr -
 
 
diff --git a/tests/data/test86 b/tests/data/test86
index ecd1f63214..2fe5ce837e 100644
--- a/tests/data/test86
+++ b/tests/data/test86
@@ -56,7 +56,7 @@ http
 
 HTTP, urlglob []-retrieval and -o #[num] usage
 
- 
+
 "http://%HOSTIP:%HTTPPORT/[%TESTNUMBER0001-%TESTNUMBER0003]" -o "%LOGDIR/dumpit#1.dump"
 
 
diff --git a/tests/data/test87 b/tests/data/test87
index 6bbb35a4f0..b22578f82f 100644
--- a/tests/data/test87
+++ b/tests/data/test87
@@ -39,7 +39,7 @@ http
 
 urlglob with out of range -o #[num] usage
 
- 
+
 "http://%HOSTIP:%HTTPPORT/[%TESTNUMBER0001-%TESTNUMBER0002]" -o "%LOGDIR/dumpit%TESTNUMBER-#2.dump"
 
 
diff --git a/tests/data/test982 b/tests/data/test982
index 6098b7255a..f250a6b88f 100644
--- a/tests/data/test982
+++ b/tests/data/test982
@@ -39,7 +39,7 @@ POP3 STARTTLS pipelined server response
 
 
 pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret --ssl
- 
+
 
 
 #
diff --git a/tests/data/test985 b/tests/data/test985
index 816730c7f1..b0bd1dac15 100644
--- a/tests/data/test985
+++ b/tests/data/test985
@@ -37,7 +37,7 @@ POP3 require STARTTLS with failing capabilities
 
 
 pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret --ssl-reqd
- 
+
 
 
 #

From 28ff2b260e53ad566197702af8e1259934650b24 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sun, 9 Nov 2025 19:02:00 +0100
Subject: [PATCH 0761/2408] tests/data: replace hard-coded test numbers with
 `%TESTNUMBER`

Closes #19427
---
 tests/data/test1948 | 2 +-
 tests/data/test439  | 2 +-
 tests/data/test472  | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/tests/data/test1948 b/tests/data/test1948
index 1f4c3c8ac4..c098217143 100644
--- a/tests/data/test1948
+++ b/tests/data/test1948
@@ -60,7 +60,7 @@ Accept: */*
 Content-Length: 22
 
 This is test PUT data
-POST /1948 HTTP/1.1
+POST /%TESTNUMBER HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 Accept: */*
 Content-Length: 22
diff --git a/tests/data/test439 b/tests/data/test439
index 9a5b0522af..2659f139e9 100644
--- a/tests/data/test439
+++ b/tests/data/test439
@@ -47,7 +47,7 @@ aws-sigv4 with query
 # Verify data after the test has been "shot"
 
 
-GET /439/?name=me&noval&aim=b%aad&&&weirdo=*.//- HTTP/1.1
+GET /%TESTNUMBER/?name=me&noval&aim=b%aad&&&weirdo=*.//- HTTP/1.1
 Host: fake.fake.fake:8000
 Authorization: AWS4-HMAC-SHA256 Credential=user/19700101/us-east-2/es/aws4_request, SignedHeaders=host;x-amz-date, Signature=9dd8592929306832a6673d10063491391e486e5f50de4647ea7c2c797277e0a6
 X-Amz-Date: 19700101T000000Z
diff --git a/tests/data/test472 b/tests/data/test472
index 61d72e30d7..89c01b85fe 100644
--- a/tests/data/test472
+++ b/tests/data/test472
@@ -48,7 +48,7 @@ aws-sigv4 with query
 # Verify data after the test has been "shot"
 
 
-GET /472/a=%E3%81%82 HTTP/1.1
+GET /%TESTNUMBER/a=%E3%81%82 HTTP/1.1
 Host: fake.fake.fake:8000
 Authorization: AWS4-HMAC-SHA256 Credential=user/19700101/us-east-2/es/aws4_request, SignedHeaders=host;x-amz-date, Signature=b8783c8387a5249b084642126fe1f8e07e12a2847820fd5b6cd64b2047149da4
 X-Amz-Date: 19700101T000000Z

From c6f1b0ff49268817101ac1734f43074fcc8775b2 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sun, 9 Nov 2025 19:37:28 +0100
Subject: [PATCH 0762/2408] tests/server: do not fall back to original data
 file in `test2fopen()`

Before this patch servers were loading the original data source file
(from `tests/data/test*`) if they failed to open the preprocessed data
file.

It was causing issues in many (most?) tests, because original data files
are not preprocessed, thus may be incomplete and/or come with wrong
newline characters. It's also causing difficult to diagnose issues when
a test accidentally references another test's data, which by chance
makes the test pass initially, until either that or the executed test
data gets an update, and breaking it, as seen in #19329.

Historically, the fallback existed first, then the preprocessed copy.
The fallback is no longer used by tests (except by stray accidents).

Fix it by dropping the fallback logic and relying on the preprocessed
data file saved there by the runtests framework.

Also fix two remaining test data cross-references:
- test1565: reference own server input data instead of test1's.
- test3014: reference own server input data instead of test1439's.
  Ref: #19398

Follow-up to aaf9522a2c28e5142c7f5640da4e24b65b47dc53 #19329

Closes #19429
---
 tests/data/test1565 | 2 +-
 tests/data/test3014 | 4 ++--
 tests/server/util.c | 6 ------
 3 files changed, 3 insertions(+), 9 deletions(-)

diff --git a/tests/data/test1565 b/tests/data/test1565
index 15374bf7e6..42bbcdf6f7 100644
--- a/tests/data/test1565
+++ b/tests/data/test1565
@@ -34,7 +34,7 @@ lib%TESTNUMBER
 wakeup from another thread
 
 
-http://%HOSTIP:%HTTPPORT/1
+http://%HOSTIP:%HTTPPORT/%TESTNUMBER
 
 
 
diff --git a/tests/data/test3014 b/tests/data/test3014
index e1e6471a4a..10ad554da3 100644
--- a/tests/data/test3014
+++ b/tests/data/test3014
@@ -29,7 +29,7 @@ http
 Check if %{num_headers} returns correct number of headers
 
 
-http://%HOSTIP:%HTTPPORT/1439 --write-out '%{num_headers}'
+http://%HOSTIP:%HTTPPORT/%TESTNUMBER --write-out '%{num_headers}'
 
 
 
@@ -46,7 +46,7 @@ testdata
 4
 
 
-GET /1439 HTTP/1.1
+GET /%TESTNUMBER HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 User-Agent: curl/%VERSION
 Accept: */*
diff --git a/tests/server/util.c b/tests/server/util.c
index 5abd308738..0e34f4ab21 100644
--- a/tests/server/util.c
+++ b/tests/server/util.c
@@ -200,12 +200,6 @@ FILE *test2fopen(long testno, const char *logdir2)
   /* first try the alternative, preprocessed, file */
   snprintf(filename, sizeof(filename), "%s/test%ld", logdir2, testno);
   stream = fopen(filename, "rb");
-  if(stream)
-    return stream;
-
-  /* then try the source version */
-  snprintf(filename, sizeof(filename), "%s/data/test%ld", srcpath, testno);
-  stream = fopen(filename, "rb");
 
   return stream;
 }

From 2701ac6a4d16a62130dad05be1c484903b8545c7 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sun, 9 Nov 2025 13:54:49 +0100
Subject: [PATCH 0763/2408] processhelp.pm: log taskkill pid info, add debug
 envs, enable in CI

To debug the Windows CI fails further. Acting on the suspicions that
`taskkill` may sometimes be applied to the wrong process.

- log task info, and task child info before calling `taskkill` on a PID.
  (on native Windows.)
  One of the calls needs PowerShell.

- add env `CURL_TEST_NO_TASKKILL` to disable using `taskkill`.

- add env `CURL_TEST_NO_TASKKILL_TREE` to use `taskkill` without
  `-t`, meaning to kill the process, but not child processes.

- GHA/windows: disable `taskkill` calls, to see what happens.
  I'll revert or tweak this in a future commit depending on results.

Ref: https://github.com/curl/curl/discussions/14854#discussioncomment-13062859
Ref: https://github.com/curl/curl/discussions/14854#discussioncomment-14913014

Closes #19421
---
 .github/scripts/typos.toml    |  2 +-
 .github/workflows/windows.yml |  1 +
 tests/processhelp.pm          | 54 +++++++++++++++++++++++++++++------
 3 files changed, 48 insertions(+), 9 deletions(-)

diff --git a/.github/scripts/typos.toml b/.github/scripts/typos.toml
index 28dcad73be..3495823c1b 100644
--- a/.github/scripts/typos.toml
+++ b/.github/scripts/typos.toml
@@ -4,7 +4,7 @@
 
 [default]
 extend-ignore-identifiers-re = [
-  "^(ba|pn|PN|UE)$",
+  "^(ba|fo|pn|PN|UE)$",
   "^(CNA|ser)$",
   "^(ECT0|ECT1|HELO|htpt|PASE)$",
   "^[A-Za-z0-9_-]*(EDE|GOST)[A-Z0-9_-]*$",  # ciphers
diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml
index 8214cbb310..bcb846d806 100644
--- a/.github/workflows/windows.yml
+++ b/.github/workflows/windows.yml
@@ -37,6 +37,7 @@ permissions: {}
 
 env:
   CURL_CI: github
+  CURL_TEST_NO_TASKKILL: '1'
 
 jobs:
   cygwin:
diff --git a/tests/processhelp.pm b/tests/processhelp.pm
index f1f8ef525a..8c436d5eab 100644
--- a/tests/processhelp.pm
+++ b/tests/processhelp.pm
@@ -169,10 +169,29 @@ sub pidterm {
                 if($has_win32_process) {
                     Win32::Process::KillProcess($pid, 0);
                 } else {
-                    # https://ss64.com/nt/taskkill.html
-                    my $cmd = "taskkill -f -t -pid $pid >$dev_null 2>&1";
-                    print "Executing: '$cmd'\n";
-                    system($cmd);
+                    # https://ss64.com/nt/tasklist.html
+                    my $result = `tasklist -v -fo list -fi "PID eq $pid" 2>&1`;
+                    $result =~ s/\r//g;
+                    $result =~ s/\n/ | /g;
+                    print "Task info for $pid before taskkill: '$result'\n";
+
+                    $result = `powershell -Command "Get-CimInstance -ClassName Win32_Process -Filter 'ParentProcessId=$pid' | Select ProcessId,ParentProcessId,Name,CommandLine"`;
+                    $result =~ s/\r//g;
+                    print "Task child processes for $pid before taskkill:\n";
+                    print "$result\n";
+
+                    if(!$ENV{'CURL_TEST_NO_TASKKILL'}) {
+                        # https://ss64.com/nt/taskkill.html
+                        my $cmd;
+                        if($ENV{'CURL_TEST_NO_TASKKILL_TREE'}) {
+                            $cmd = "taskkill -f    -pid $pid >$dev_null 2>&1";
+                        }
+                        else {
+                            $cmd = "taskkill -f -t -pid $pid >$dev_null 2>&1";
+                        }
+                        print "Executing: '$cmd'\n";
+                        system($cmd);
+                    }
                 }
                 return;
             }
@@ -198,10 +217,29 @@ sub pidkill {
                 if($has_win32_process) {
                     Win32::Process::KillProcess($pid, 0);
                 } else {
-                    # https://ss64.com/nt/taskkill.html
-                    my $cmd = "taskkill -f -t -pid $pid >$dev_null 2>&1";
-                    print "Executing: '$cmd'\n";
-                    system($cmd);
+                    # https://ss64.com/nt/tasklist.html
+                    my $result = `tasklist -v -fo list -fi "PID eq $pid" 2>&1`;
+                    $result =~ s/\r//g;
+                    $result =~ s/\n/ | /g;
+                    print "Task info for $pid before taskkill: '$result'\n";
+
+                    $result = `powershell -Command "Get-CimInstance -ClassName Win32_Process -Filter 'ParentProcessId=$pid' | Select ProcessId,ParentProcessId,Name,CommandLine"`;
+                    $result =~ s/\r//g;
+                    print "Task child processes for $pid before taskkill:\n";
+                    print "$result\n";
+
+                    if(!$ENV{'CURL_TEST_NO_TASKKILL'}) {
+                        # https://ss64.com/nt/taskkill.html
+                        my $cmd;
+                        if($ENV{'CURL_TEST_NO_TASKKILL_TREE'}) {
+                            $cmd = "taskkill -f    -pid $pid >$dev_null 2>&1";
+                        }
+                        else {
+                            $cmd = "taskkill -f -t -pid $pid >$dev_null 2>&1";
+                        }
+                        print "Executing: '$cmd'\n";
+                        system($cmd);
+                    }
                 }
                 return;
             }

From c791223743d227bb0773fc4d2b723404b0fdda96 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 10 Nov 2025 01:02:37 +0100
Subject: [PATCH 0764/2408] setopt: disable CURLOPT_HAPROXY_CLIENT_IP on NULL

As documented.

Reported-by: Stanislav Fort (Aisle Research)
Closes #19434
---
 lib/setopt.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/lib/setopt.c b/lib/setopt.c
index 90a1cf24a8..67b5371e87 100644
--- a/lib/setopt.c
+++ b/lib/setopt.c
@@ -2169,8 +2169,9 @@ static CURLcode setopt_cptr(struct Curl_easy *data, CURLoption option,
      * Set the client IP to send through HAProxy PROXY protocol
      */
     result = Curl_setstropt(&s->str[STRING_HAPROXY_CLIENT_IP], ptr);
-    /* enable the HAProxy protocol */
-    s->haproxyprotocol = TRUE;
+
+    /* enable the HAProxy protocol if an IP is provided */
+    s->haproxyprotocol = !!s->str[STRING_HAPROXY_CLIENT_IP];
     break;
 
 #endif

From 79d3e1d7d44dda65fdc303a53a44109583135b12 Mon Sep 17 00:00:00 2001
From: Samuel Henrique 
Date: Sun, 9 Nov 2025 06:37:24 -0800
Subject: [PATCH 0765/2408] wcurl: import v2025.11.09

Closes #19430
---
 scripts/wcurl | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/scripts/wcurl b/scripts/wcurl
index 56c04ba9a4..cbdbb327e4 100755
--- a/scripts/wcurl
+++ b/scripts/wcurl
@@ -29,7 +29,7 @@
 # Stop on errors and on usage of unset variables.
 set -eu
 
-VERSION="2025.11.04"
+VERSION="2025.11.09"
 
 PROGRAM_NAME="$(basename "$0")"
 readonly PROGRAM_NAME
@@ -85,7 +85,7 @@ _EOF_
 # Display an error message and bail out.
 error()
 {
-    printf "%s\n" "$*" > /dev/stderr
+    printf "%s\n" "$*" >&2
     exit 1
 }
 
@@ -118,7 +118,7 @@ readonly PER_URL_PARAMETERS="\
 # characters.
 # 2F = /
 # 5C = \
-readonly UNSAFE_PERCENT_ENCODE="2F 5C"
+readonly UNSAFE_PERCENT_ENCODE="%2F %5C"
 
 # Whether to invoke curl or not.
 DRY_RUN="false"

From 00872d5c98bf977eff7d4276eb7379c2b3a7eed6 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 10 Nov 2025 08:11:30 +0100
Subject: [PATCH 0766/2408] rtmp: fix double-free on URL parse errors

Reported-by: Stanislav Fort (Aisle Research)
Closes #19438
---
 lib/curl_rtmp.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/lib/curl_rtmp.c b/lib/curl_rtmp.c
index 779422c9ae..4a5e5cb637 100644
--- a/lib/curl_rtmp.c
+++ b/lib/curl_rtmp.c
@@ -240,10 +240,9 @@ static CURLcode rtmp_setup_connection(struct Curl_easy *data,
 
   RTMP_Init(r);
   RTMP_SetBufferMS(r, DEF_BUFTIME);
-  if(!RTMP_SetupURL(r, data->state.url)) {
-    RTMP_Free(r);
+  if(!RTMP_SetupURL(r, data->state.url))
+    /* rtmp_conn_dtor() performs the cleanup */
     return CURLE_URL_MALFORMAT;
-  }
   return CURLE_OK;
 }
 

From b0aba1005bf4f0f1eef467cf1e0ef4728421a6fd Mon Sep 17 00:00:00 2001
From: Stanislav Fort 
Date: Mon, 10 Nov 2025 08:18:53 +0100
Subject: [PATCH 0767/2408] cshutdn: acknowledge FD_SETSIZE for shutdown
 descriptors

In the logic called for curl_multi_fdset().

File descriptors larger than FD_SETSIZE size are simply ignored, which
of course will make things break but at least it does not trash memory.

Reported-by: Stanislav Fort (Aisle Research)
Closes #19439
---
 lib/cshutdn.c | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/lib/cshutdn.c b/lib/cshutdn.c
index c2788e7780..1ce34606ec 100644
--- a/lib/cshutdn.c
+++ b/lib/cshutdn.c
@@ -503,20 +503,23 @@ void Curl_cshutdn_setfds(struct cshutdn *cshutdn,
         continue;
 
       for(i = 0; i < ps.n; i++) {
+        curl_socket_t sock = ps.sockets[i];
+        if(!FDSET_SOCK(sock))
+          continue;
 #ifdef __DJGPP__
 #pragma GCC diagnostic push
 #pragma GCC diagnostic ignored "-Warith-conversion"
 #endif
         if(ps.actions[i] & CURL_POLL_IN)
-          FD_SET(ps.sockets[i], read_fd_set);
+          FD_SET(sock, read_fd_set);
         if(ps.actions[i] & CURL_POLL_OUT)
-          FD_SET(ps.sockets[i], write_fd_set);
+          FD_SET(sock, write_fd_set);
 #ifdef __DJGPP__
 #pragma GCC diagnostic pop
 #endif
         if((ps.actions[i] & (CURL_POLL_OUT | CURL_POLL_IN)) &&
-           ((int)ps.sockets[i] > *maxfd))
-          *maxfd = (int)ps.sockets[i];
+           ((int)sock > *maxfd))
+          *maxfd = (int)sock;
       }
     }
     Curl_pollset_cleanup(&ps);

From 87149c8383f7cdc85cd4780256afc1b5a923bac8 Mon Sep 17 00:00:00 2001
From: x2018 
Date: Sun, 9 Nov 2025 19:19:13 +0800
Subject: [PATCH 0768/2408] mqtt: properly handle the message which exceeds
 maxsize

We should goto fail as topic is allocated.

Follow-up to 92fd791

Closes #19417
---
 lib/mqtt.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/lib/mqtt.c b/lib/mqtt.c
index bac319e63a..713e4aa02c 100644
--- a/lib/mqtt.c
+++ b/lib/mqtt.c
@@ -613,8 +613,10 @@ static CURLcode mqtt_publish(struct Curl_easy *data)
 
   remaininglength = payloadlen + 2 + topiclen;
   encodelen = mqtt_encode_len(encodedbytes, remaininglength);
-  if(MAX_MQTT_MESSAGE_SIZE - remaininglength - 1 < encodelen)
-    return CURLE_TOO_LARGE;
+  if(MAX_MQTT_MESSAGE_SIZE - remaininglength - 1 < encodelen) {
+    result = CURLE_TOO_LARGE;
+    goto fail;
+  }
 
   /* add the control byte and the encoded remaining length */
   pkt = malloc(remaininglength + 1 + encodelen);

From baafa5ff7664230ac4475dc9227e842cc09c8151 Mon Sep 17 00:00:00 2001
From: x2018 
Date: Sun, 9 Nov 2025 22:20:24 +0800
Subject: [PATCH 0769/2408] schannel: fix potental memory leak of
 cert_store_path on four error paths

Closes #19423
---
 lib/vtls/schannel.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c
index c96e0df77b..639d6c3842 100644
--- a/lib/vtls/schannel.c
+++ b/lib/vtls/schannel.c
@@ -580,6 +580,7 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf,
       failf(data, "schannel: certificate format compatibility error "
             " for %s",
             blob ? "(memory blob)" : data->set.ssl.primary.clientcert);
+      free(cert_store_path);
       curlx_unicodefree(cert_path);
       if(fInCert)
         curlx_fclose(fInCert);
@@ -597,6 +598,7 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf,
       int cert_find_flags;
       const char *cert_showfilename_error = blob ?
         "(memory blob)" : data->set.ssl.primary.clientcert;
+      free(cert_store_path);
       curlx_unicodefree(cert_path);
       if(fInCert) {
         long cert_tell = 0;

From 660f2446404ca7ba36877bf7f02442e05a2299d1 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 10 Nov 2025 08:47:51 +0100
Subject: [PATCH 0770/2408] urlapi: fix mem-leaks in curl_url_get error paths

Reported-by: Stanislav Fort (Aisle Research)
Closes #19440
---
 lib/urlapi.c | 53 ++++++++++++++++++++++++++--------------------------
 1 file changed, 26 insertions(+), 27 deletions(-)

diff --git a/lib/urlapi.c b/lib/urlapi.c
index 0a6ae5ba1a..73f476ed3f 100644
--- a/lib/urlapi.c
+++ b/lib/urlapi.c
@@ -1345,20 +1345,22 @@ static CURLUcode host_encode(const char *host, char **allochost)
 #endif
 
 static CURLUcode urlget_format(const CURLU *u, CURLUPart what,
-                               const char *ptr, char **part,
+                               const char *ptr, char **partp,
                                bool plusdecode, unsigned int flags)
 {
+  CURLUcode uc = CURLUE_OK;
   size_t partlen = strlen(ptr);
   bool urldecode = (flags & CURLU_URLDECODE) ? 1 : 0;
   bool urlencode = (flags & CURLU_URLENCODE) ? 1 : 0;
   bool punycode = (flags & CURLU_PUNYCODE) && (what == CURLUPART_HOST);
   bool depunyfy = (flags & CURLU_PUNY2IDN) && (what == CURLUPART_HOST);
-  *part = Curl_memdup0(ptr, partlen);
-  if(!*part)
+  char *part = Curl_memdup0(ptr, partlen);
+  *partp = NULL;
+  if(!part)
     return CURLUE_OUT_OF_MEMORY;
   if(plusdecode) {
     /* convert + to space */
-    char *plus = *part;
+    char *plus = part;
     size_t i = 0;
     for(i = 0; i < partlen; ++plus, i++) {
       if(*plus == '+')
@@ -1370,46 +1372,43 @@ static CURLUcode urlget_format(const CURLU *u, CURLUPart what,
     size_t dlen;
     /* this unconditional rejection of control bytes is documented
        API behavior */
-    CURLcode res = Curl_urldecode(*part, 0, &decoded, &dlen, REJECT_CTRL);
-    free(*part);
-    if(res) {
-      *part = NULL;
+    CURLcode res = Curl_urldecode(part, partlen, &decoded, &dlen, REJECT_CTRL);
+    free(part);
+    if(res)
       return CURLUE_URLDECODE;
-    }
-    *part = decoded;
+    part = decoded;
     partlen = dlen;
   }
   if(urlencode) {
     struct dynbuf enc;
-    CURLUcode uc;
     curlx_dyn_init(&enc, CURL_MAX_INPUT_LENGTH);
-    uc = urlencode_str(&enc, *part, partlen, TRUE, what == CURLUPART_QUERY);
+    uc = urlencode_str(&enc, part, partlen, TRUE, what == CURLUPART_QUERY);
+    free(part);
     if(uc)
       return uc;
-    free(*part);
-    *part = curlx_dyn_ptr(&enc);
+    part = curlx_dyn_ptr(&enc);
   }
   else if(punycode) {
     if(!Curl_is_ASCII_name(u->host)) {
-      char *allochost = NULL;
-      CURLUcode ret = host_decode(*part, &allochost);
-      if(ret)
-        return ret;
-      free(*part);
-      *part = allochost;
+      char *punyversion = NULL;
+      uc = host_decode(part, &punyversion);
+      free(part);
+      if(uc)
+        return uc;
+      part = punyversion;
     }
   }
   else if(depunyfy) {
     if(Curl_is_ASCII_name(u->host)) {
-      char *allochost = NULL;
-      CURLUcode ret = host_encode(*part, &allochost);
-      if(ret)
-        return ret;
-      free(*part);
-      *part = allochost;
+      char *unpunified = NULL;
+      uc = host_encode(part, &unpunified);
+      free(part);
+      if(uc)
+        return uc;
+      part = unpunified;
     }
   }
-
+  *partp = part;
   return CURLUE_OK;
 }
 

From 323b33d51f79bbfa115cbc966c78619cb95b14f4 Mon Sep 17 00:00:00 2001
From: x2018 
Date: Mon, 10 Nov 2025 01:44:27 +0800
Subject: [PATCH 0771/2408] digest_sspi: properly free sspi identity

Closes #19426
---
 lib/vauth/digest_sspi.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lib/vauth/digest_sspi.c b/lib/vauth/digest_sspi.c
index 9441ee26fc..f04c3845ab 100644
--- a/lib/vauth/digest_sspi.c
+++ b/lib/vauth/digest_sspi.c
@@ -502,6 +502,7 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
       /* Populate our identity domain */
       if(Curl_override_sspi_http_realm((const char *) digest->input_token,
                                        &identity)) {
+        Curl_sspi_free_identity(&identity);
         free(output_token);
         return CURLE_OUT_OF_MEMORY;
       }

From 24774bbb5e084ab0cc2b16c62c9673b22eaf33eb Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Mon, 10 Nov 2025 01:01:14 +0000
Subject: [PATCH 0772/2408] GHA: update awslabs/aws-lc to v1.63.0

Closes #19435
---
 .github/workflows/http3-linux.yml | 2 +-
 .github/workflows/linux.yml       | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml
index 29d0fe6eaf..c99dcd90ac 100644
--- a/.github/workflows/http3-linux.yml
+++ b/.github/workflows/http3-linux.yml
@@ -43,7 +43,7 @@ env:
   # renovate: datasource=github-tags depName=libressl/portable versioning=semver registryUrl=https://github.com
   LIBRESSL_VERSION: 4.2.1
   # renovate: datasource=github-tags depName=awslabs/aws-lc versioning=semver registryUrl=https://github.com
-  AWSLC_VERSION: 1.61.4
+  AWSLC_VERSION: 1.63.0
   # renovate: datasource=github-tags depName=google/boringssl versioning=semver registryUrl=https://github.com
   BORINGSSL_VERSION: 0.20251002.0
   # renovate: datasource=github-tags depName=gnutls/gnutls versioning=semver registryUrl=https://github.com
diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml
index c3b1b02c15..4805bf16be 100644
--- a/.github/workflows/linux.yml
+++ b/.github/workflows/linux.yml
@@ -46,7 +46,7 @@ env:
   # renovate: datasource=github-tags depName=Mbed-TLS/mbedtls versioning=semver:^3.0.0 registryUrl=https://github.com
   MBEDTLS_VERSION_PREV: 3.6.4
   # renovate: datasource=github-tags depName=awslabs/aws-lc versioning=semver registryUrl=https://github.com
-  AWSLC_VERSION: 1.61.4
+  AWSLC_VERSION: 1.63.0
   # renovate: datasource=github-tags depName=google/boringssl versioning=semver registryUrl=https://github.com
   BORINGSSL_VERSION: 0.20251002.0
   # handled in renovate.json

From 4efe88ee7e40fc7e02d356ecb5371d482a088047 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 10 Nov 2025 09:23:56 +0100
Subject: [PATCH 0773/2408] renovate.json: drop parentheses from group names

They make git branch names using those parentheses, that need to be
quoted when used with git command lines. Avoid parentheses for easier to
use branch names.

Follow-up to f77c574445532e3c17e62

Closes #19441
---
 renovate.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/renovate.json b/renovate.json
index e48d6a93b8..616fd1aaed 100644
--- a/renovate.json
+++ b/renovate.json
@@ -50,7 +50,7 @@
         "/codeql/i",
         "/ruff/i"
       ],
-      "groupName": "monthly updates (by name)",
+      "groupName": "monthly updates by name",
       "schedule": [
         "* * 10 * *"
       ]
@@ -60,7 +60,7 @@
       "matchSourceUrls": [
         "**/awslabs/**"
       ],
-      "groupName": "monthly updates (by source URL)",
+      "groupName": "monthly updates by URL",
       "schedule": [
         "* * 10 * *"
       ]

From 2f768b8c62151f83d8ffe92c1fcea4de1fc257fd Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 10 Nov 2025 10:09:03 +0100
Subject: [PATCH 0774/2408] RELEASE-NOTES: synced

---
 RELEASE-NOTES | 61 ++++++++++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 58 insertions(+), 3 deletions(-)

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index cb00262594..267e4783d1 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -4,32 +4,60 @@ curl and libcurl 8.17.1
  Command line options:         273
  curl_easy_setopt() options:   308
  Public functions in libcurl:  100
- Contributors:                 3535
+ Contributors:                 3536
 
 This release includes the following changes:
 
 
 This release includes the following bugfixes:
 
+ o asyn-thrdd: release rrname if ares_init_options fails [41]
  o checksrc.pl: detect assign followed by more than one space [26]
+ o cmake: adjust defaults for target platforms not supporting shared libs [35]
  o cmake: disable `CURL_CA_PATH` auto-detection if `USE_APPLE_SECTRUST=ON` [16]
  o conncache: silence `-Wnull-dereference` on gcc 14 RISC-V 64 [17]
+ o cshutdn: acknowledge FD_SETSIZE for shutdown descriptors [25]
  o curl: fix progress meter in parallel mode [15]
+ o CURLINFO: remove 'get' and 'get the' from each short desc [50]
+ o CURLINFO_SCHEME/PROTOCOL: they return the "scheme" for a "transfer" [48]
+ o CURLINFO_TLS_SSL_PTR.md: remove CURLINFO_TLS_SESSION text [49]
+ o CURLOPT_READFUNCTION.md: clarify the size of the buffer [47]
+ o CURLOPT_SSH_KEYFUNCTION.md: fix minor indent mistake in example
+ o digest_sspi: properly free sspi identity [12]
  o docs: fix checksrc `EQUALSPACE` warnings [21]
+ o docs: mention umask need when curl creates files [56]
+ o ftp: refactor a piece of code by merging the repeated part [40]
  o gnutls: report accurate error when TLS-SRP is not built-in [18]
  o gtls: add return checks and optimize the code [2]
+ o gtls: skip session resumption when verifystatus is set
+ o INSTALL-CMAKE.md: document static option defaults more [37]
  o lib: cleanup for some typos about spaces and code style [3]
+ o lib: fix gssapi.h include on IBMi [55]
  o lib: refactor the type of funcs which have useless return and checks [1]
  o m4/sectrust: fix test(1) operator [4]
  o mbedtls: fix potential use of uninitialized `nread` [8]
+ o mqtt: reject overly big messages [39]
+ o openssl: release ssl_session if sess_reuse_cb fails [43]
  o openssl: remove code handling default version [28]
  o osslq: code readability [5]
+ o pytest: skip H2 tests if feature missing from curl [46]
+ o rtmp: fix double-free on URL parse errors [27]
+ o rtmp: precaution for a potential integer truncation [54]
+ o schannel: fix potental memory leak of cert_store_path on four error paths [23]
+ o setopt: disable CURLOPT_HAPROXY_CLIENT_IP on NULL [30]
  o setopt: when setting bad protocols, don't store them [9]
+ o tests/data: replace hard-coded test numbers with `%TESTNUMBER` [33]
+ o tests/server: do not fall back to original data file in `test2fopen()` [32]
+ o tftp: release filename if conn_get_remote_addr fails [42]
  o tool: consider (some) curl_easy_setopt errors fatal [7]
  o tool_help: add checks to avoid unsigned wrap around [14]
  o tool_ipfs: check return codes better [20]
  o tool_operate: remove redundant condition [19]
  o tool_paramhlp: refuse --proto remove all protocols [10]
+ o urlapi: fix mem-leaks in curl_url_get error paths [22]
+ o vtls: fix CURLOPT_CAPATH use [51]
+ o vtls: handle possible malicious certs_num from peer [53]
+ o wcurl: import v2025.11.09 [29]
  o wolfSSL: able to differentiate between IP and DNS in alt names [13]
 
 This release includes the following known bugs:
@@ -54,9 +82,10 @@ Planned upcoming removals include:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 
-  Dan Fandrich, Daniel Stenberg, Juliusz Sosinowicz, renovate[bot],
+  Andrew Kirillov, Brad King, Dan Fandrich, Daniel Stenberg, Jiyong Yang,
+  Juliusz Sosinowicz, renovate[bot], Samuel Henrique, Stanislav Fort,
   Stefan Eissing, Thomas Klausner, Viktor Szakats, Xiaoke Wang
-  (8 contributors)
+  (13 contributors)
 
 References to bug reports and discussions on issues:
 
@@ -69,6 +98,7 @@ References to bug reports and discussions on issues:
  [8] = https://curl.se/bug/?i=19393
  [9] = https://curl.se/bug/?i=19389
  [10] = https://curl.se/bug/?i=19388
+ [12] = https://curl.se/bug/?i=19426
  [13] = https://curl.se/bug/?i=19364
  [14] = https://curl.se/bug/?i=19377
  [15] = https://curl.se/bug/?i=19383
@@ -78,5 +108,30 @@ References to bug reports and discussions on issues:
  [19] = https://curl.se/bug/?i=19381
  [20] = https://curl.se/bug/?i=19382
  [21] = https://curl.se/bug/?i=19379
+ [22] = https://curl.se/bug/?i=19440
+ [23] = https://curl.se/bug/?i=19423
+ [25] = https://curl.se/bug/?i=19439
  [26] = https://curl.se/bug/?i=19375
+ [27] = https://curl.se/bug/?i=19438
  [28] = https://curl.se/bug/?i=19354
+ [29] = https://curl.se/bug/?i=19430
+ [30] = https://curl.se/bug/?i=19434
+ [32] = https://curl.se/bug/?i=19429
+ [33] = https://curl.se/bug/?i=19427
+ [35] = https://curl.se/bug/?i=19420
+ [37] = https://curl.se/bug/?i=19419
+ [39] = https://curl.se/bug/?i=19415
+ [40] = https://curl.se/bug/?i=19411
+ [41] = https://curl.se/bug/?i=19410
+ [42] = https://curl.se/bug/?i=19409
+ [43] = https://curl.se/bug/?i=19405
+ [46] = https://curl.se/bug/?i=19412
+ [47] = https://curl.se/bug/?i=19402
+ [48] = https://curl.se/bug/?i=19403
+ [49] = https://curl.se/bug/?i=19404
+ [50] = https://curl.se/bug/?i=19406
+ [51] = https://curl.se/bug/?i=19401
+ [53] = https://curl.se/bug/?i=19397
+ [54] = https://curl.se/bug/?i=19399
+ [55] = https://curl.se/bug/?i=19336
+ [56] = https://curl.se/bug/?i=19396

From 2f29a8f19ede9898a788340a38109215cec3a8fb Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 10 Nov 2025 10:41:38 +0100
Subject: [PATCH 0775/2408] RELEASE-NOTES: spellcheck

---
 RELEASE-NOTES | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 267e4783d1..956e2b42a5 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -43,7 +43,7 @@ This release includes the following bugfixes:
  o pytest: skip H2 tests if feature missing from curl [46]
  o rtmp: fix double-free on URL parse errors [27]
  o rtmp: precaution for a potential integer truncation [54]
- o schannel: fix potental memory leak of cert_store_path on four error paths [23]
+ o schannel: fix memory leak of cert_store_path on four error paths [23]
  o setopt: disable CURLOPT_HAPROXY_CLIENT_IP on NULL [30]
  o setopt: when setting bad protocols, don't store them [9]
  o tests/data: replace hard-coded test numbers with `%TESTNUMBER` [33]

From 37050a146221194f36d26845f32e29589e15b517 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 10 Nov 2025 10:26:19 +0100
Subject: [PATCH 0776/2408] OS400/ccsidcurl: fix curl_easy_setopt_ccsid for
 non-converted blobs

When a blob option is used and it does not convert, the code would
erroneously pass along an uninitialized stack struct.

Reported-by: Stanislav Fort (Aisle Research)
Closes #19444
---
 packages/OS400/ccsidcurl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/OS400/ccsidcurl.c b/packages/OS400/ccsidcurl.c
index b40367fd96..9fd11a4cf9 100644
--- a/packages/OS400/ccsidcurl.c
+++ b/packages/OS400/ccsidcurl.c
@@ -1286,7 +1286,7 @@ curl_easy_setopt_ccsid(CURL *easy, CURLoption tag, ...)
         blob.flags = bp->flags | CURL_BLOB_COPY;
         bp = &blob;
       }
-      result = curl_easy_setopt(easy, tag, &blob);
+      result = curl_easy_setopt(easy, tag, bp);
       break;
     }
     FALLTHROUGH();

From 7e8725502087227a615216d9c56f5aee6119223a Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 10 Nov 2025 11:08:26 +0100
Subject: [PATCH 0777/2408] socks_sspi: use free() not FreeContextBuffer()

The memory is allocated with malloc().

This reverts commit 1d01d4975f540f3a363b38e1296aead62130fc6d.

Reported-by: Stanislav Fort (Aisle Research)
Closes #19445
---
 lib/socks_sspi.c | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/lib/socks_sspi.c b/lib/socks_sspi.c
index 31645527a3..975172576c 100644
--- a/lib/socks_sspi.c
+++ b/lib/socks_sspi.c
@@ -588,12 +588,9 @@ error:
     Curl_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer);
   if(names.sUserName)
     Curl_pSecFn->FreeContextBuffer(names.sUserName);
-  if(sspi_w_token[0].pvBuffer)
-    Curl_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer);
-  if(sspi_w_token[1].pvBuffer)
-    Curl_pSecFn->FreeContextBuffer(sspi_w_token[1].pvBuffer);
-  if(sspi_w_token[2].pvBuffer)
-    Curl_pSecFn->FreeContextBuffer(sspi_w_token[2].pvBuffer);
+  free(sspi_w_token[0].pvBuffer);
+  free(sspi_w_token[1].pvBuffer);
+  free(sspi_w_token[2].pvBuffer);
   free(etbuf);
   return result;
 }

From 8e321a53df866dfb2a2d5c5fc77c9639f733f93f Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 10 Nov 2025 13:17:37 +0100
Subject: [PATCH 0778/2408] examples/crawler: fix variable

A variable missed in the previous rename cleanup

Follow-up to 928363f28ca533d743adcb70597c3e30917
Reported-by: Gisle Vanem
Closes #19446
---
 docs/examples/crawler.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/examples/crawler.c b/docs/examples/crawler.c
index c56ad5ab3c..4812a67d14 100644
--- a/docs/examples/crawler.c
+++ b/docs/examples/crawler.c
@@ -232,7 +232,7 @@ int main(void)
               if(is_html(ctype) && mem->size > 100) {
                 if(pending < max_requests &&
                    (complete + pending) < max_total) {
-                  pending += follow_links(multi_curl, mem, url);
+                  pending += follow_links(multi, mem, url);
                   still_running = 1;
                 }
               }

From f477f3efc3ec58f7effc2aa01e7f4565b12be976 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Fri, 7 Nov 2025 16:39:29 +0100
Subject: [PATCH 0779/2408] tests/data: support using native newlines on disk,
 drop `.gitattributes`

Data files no longer depend on mixed newline styles. Before this
patch the harness still assumed data files to use LF newlines,
ensured by `.gitattribute` and distributing sources with LF newlines.

To allow using platform native newlines (CRLF on Windows typically),
update the test harness to support data files with any newline style
on disk. And delete `.gitattributes`.

Fix to:
- load original data files (from test/data) so that their newline-style
  doesn't matter on the checked out source repo, meaning it works
  when its CRLF on Windows, just like any other file.
  (if a BOM slips in, it's caught by `spacecheck.pl` as binary content.)
- do the same in `util.py` used by `smbserver.py` (for test 1451).
- also fix `util.py` to use us-ascii encoding for data files, replacing utf-8.

Also:
- runtests: rework the stray CR checker to allow full CRLF data files,
  and keep warning for mixed newlines.

Follow-up to 904e7ecb66519951681377758fe6b07dde28ce36 #19347

Closes #19398
---
 tests/data/.gitattributes |  5 ----
 tests/devtest.pl          |  2 +-
 tests/getpart.pm          | 51 ++++++++++++++++++++++++++++++++-------
 tests/runner.pm           | 11 +++------
 tests/runtests.pl         |  8 +++---
 tests/util.py             |  6 ++---
 6 files changed, 54 insertions(+), 29 deletions(-)
 delete mode 100644 tests/data/.gitattributes

diff --git a/tests/data/.gitattributes b/tests/data/.gitattributes
deleted file mode 100644
index bb1b928306..0000000000
--- a/tests/data/.gitattributes
+++ /dev/null
@@ -1,5 +0,0 @@
-# Copyright (C) Daniel Stenberg, , et al.
-#
-# SPDX-License-Identifier: curl
-
-test* -crlf
diff --git a/tests/devtest.pl b/tests/devtest.pl
index 0bfc71b07a..30124a9f91 100755
--- a/tests/devtest.pl
+++ b/tests/devtest.pl
@@ -176,7 +176,7 @@ while(@ARGV) {
     }
     elsif($ARGV[0] eq "preprocess") {
         shift @ARGV;
-        loadtest("${TESTDIR}/test${ARGV[0]}");
+        loadtest("${TESTDIR}/test${ARGV[0]}", 1);
         readtestkeywords();
         singletest_preprocess($ARGV[0]);
     }
diff --git a/tests/getpart.pm b/tests/getpart.pm
index b555038cf7..2b6d2a63c4 100644
--- a/tests/getpart.pm
+++ b/tests/getpart.pm
@@ -217,7 +217,7 @@ sub partexists {
 # memoize('partexists', NORMALIZER => 'normalize_part');  # cache each result
 
 sub loadtest {
-    my ($file)=@_;
+    my ($file, $original)=@_;
 
     if(defined $xmlfile && $file eq $xmlfile) {
         # This test is already loaded
@@ -228,7 +228,12 @@ sub loadtest {
     $xmlfile = "";
 
     if(open(my $xmlh, "<", "$file")) {
-        binmode $xmlh; # for crapage systems, use binary
+        if($original) {
+            binmode $xmlh, ':crlf'
+        }
+        else {
+            binmode $xmlh; # for crapage systems, use binary
+        }
         while(<$xmlh>) {
             push @xml, $_;
         }
@@ -251,16 +256,44 @@ sub fulltest {
     return @xml;
 }
 
-sub checktest {
-    my $anyerr = 0;
+sub eol_detect {
+    my ($content) = @_;
 
-    for my $i (0 .. $#xml) {
-        if(index($xml[$i], "\r") >= 0) {
-            print STDERR "*** getpart.pm: $xmlfile:$i: 0x0d carriage return found. Use %CR macro instead.\n";
-            $anyerr = 1;
+    my $cr = () = $content =~ /\r/g;
+    my $lf = () = $content =~ /\n/g;
+
+    if($cr > 0 && $lf == 0) {
+        return "cr";
+    }
+    elsif($cr == 0 && $lf > 0) {
+        return "lf";
+    }
+    elsif($cr == 0 && $lf == 0) {
+        return "bin";
+    }
+    elsif($cr == $lf) {
+        return "crlf";
+    }
+
+    return "";
+}
+
+sub checktest {
+    my ($file) = @_;
+
+    if(open(my $xmlh, '<', $file)) {
+        binmode $xmlh; # we want the raw data to check original newlines
+        my $content = do { local $/; <$xmlh> };
+        close($xmlh);
+
+        my $eol = eol_detect($content);
+        if($eol eq '') {
+            print STDERR "*** getpart.pm: $xmlfile has mixed newlines. Replace significant carriage return with %CR macro, or convert to consistent newlines.\n";
+            return 1;
         }
     }
-    return $anyerr;
+
+    return 0;
 }
 
 # write the test to the given file
diff --git a/tests/runner.pm b/tests/runner.pm
index 8b9c0c3f2e..c711834e01 100644
--- a/tests/runner.pm
+++ b/tests/runner.pm
@@ -1149,12 +1149,9 @@ sub singletest_postcheck {
         }
     }
 
-    if($checktests) {
-        loadtest("${TESTDIR}/test${testnum}");  # load the raw original data
-        if(checktest()) {
-            logmsg " $testnum: postcheck FAILED: issue(s) found in test data\n";
-            return -1;
-        }
+    if($checktests && checktest("${TESTDIR}/test${testnum}")) {
+        logmsg " $testnum: postcheck FAILED: issue(s) found in test data\n";
+        return -1;
     }
 
     return 0;
@@ -1181,7 +1178,7 @@ sub runner_test_preprocess {
     # ignore any error here--if there were one, it would have been
     # caught during the selection phase and this test would not be
     # running now
-    loadtest("${TESTDIR}/test${testnum}");
+    loadtest("${TESTDIR}/test${testnum}", 1);
     readtestkeywords();
 
     ###################################################################
diff --git a/tests/runtests.pl b/tests/runtests.pl
index 761056a8ed..226573941d 100755
--- a/tests/runtests.pl
+++ b/tests/runtests.pl
@@ -1078,7 +1078,7 @@ sub singletest_shouldrun {
         $errorreturncode = 2;
     }
 
-    if(loadtest("${TESTDIR}/test${testnum}")) {
+    if(loadtest("${TESTDIR}/test${testnum}", 1)) {
         if($verbose) {
             # this is not a test
             logmsg "RUN: $testnum doesn't look like a test case\n";
@@ -1191,7 +1191,7 @@ sub singletest_shouldrun {
         }
     }
 
-    if($why && $checktests && checktest()) {
+    if($why && $checktests && checktest("${TESTDIR}/test${testnum}")) {
         logmsg "Warning: issue(s) found in test data: ${TESTDIR}/test${testnum}\n";
     }
 
@@ -1980,7 +1980,7 @@ sub singletest {
         ###################################################################
         # Load test file so CI registration can get the right data before the
         # runner is called
-        loadtest("${TESTDIR}/test${testnum}");
+        loadtest("${TESTDIR}/test${testnum}", 1);
 
         ###################################################################
         # Register the test case with the CI environment
@@ -3281,7 +3281,7 @@ if(%skipped && !$short) {
 sub testnumdetails {
     my ($desc, $numlist) = @_;
     foreach my $testnum (split(' ', $numlist)) {
-        if(!loadtest("${TESTDIR}/test${testnum}")) {
+        if(!loadtest("${TESTDIR}/test${testnum}", 1)) {
             my @info_keywords = getpart("info", "keywords");
             my $testname = (getpart("client", "name"))[0];
             chomp $testname;
diff --git a/tests/util.py b/tests/util.py
index fa4ca82723..8ed8c89267 100755
--- a/tests/util.py
+++ b/tests/util.py
@@ -75,8 +75,8 @@ class TestData(object):
 
         log.debug("Parsing file %s", filename)
 
-        with open(filename, "rb") as f:
-            contents = f.read().decode("utf-8")
+        with open(filename, "r", encoding='us-ascii') as f:
+            contents = f.read()
 
         m = REPLY_DATA.search(contents)
         if not m:
@@ -88,5 +88,5 @@ class TestData(object):
 
 if __name__ == '__main__':
     td = TestData("./data")
-    data = td.get_test_data(1)
+    data = td.get_test_data(1451)
     print(data)

From b39c158e4a2ca463bb2a2a8db8e21ed818fa185e Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 10 Nov 2025 00:32:02 +0100
Subject: [PATCH 0780/2408] scripts: fix shellcheck SC2046 warnings

Fix SC2046: "Quote this to prevent word splitting."
Ref: https://www.shellcheck.net/wiki/SC2046

Also:
- shellcheck.sh: add `set -eu`.
- shellcheck.sh, yamlcheck.sh: always run from repo root.
- pass `--` before passing the list of files, where missing.
- badwords.pl, cleancmd.pl: rework to accept `git ls-files` arguments.
  Requires Perl 5.22+ (2015-Jun-01) on Windows.
  Ref: https://perldoc.perl.org/functions/open
- INTERNALS.md: require Perl 5.22 on Windows.
- spacecheck.pl: formatting.
- GHA/http3-linux: rework command to avoid SC2046.
- stop suppressing SC2046 warnings.

The yamlcheck.sh issue reported-by: Stanislav Fort (Aisle Research)
Ref: 20251109163515_6eb31da3-deb2-4f4d-8327-935904f27da5

Closes #19432
---
 .github/scripts/badwords.pl       |  8 +++++---
 .github/scripts/cleancmd.pl       |  6 +++++-
 .github/scripts/codespell.sh      |  4 ++--
 .github/scripts/shellcheck.sh     | 10 +++++++---
 .github/scripts/spacecheck.pl     |  4 ++--
 .github/scripts/yamlcheck.sh      |  8 +++++---
 .github/workflows/checkdocs.yml   | 12 ++++--------
 .github/workflows/checksrc.yml    |  5 +----
 .github/workflows/http3-linux.yml |  3 +--
 docs/INTERNALS.md                 |  2 +-
 10 files changed, 33 insertions(+), 29 deletions(-)

diff --git a/.github/scripts/badwords.pl b/.github/scripts/badwords.pl
index bd66f33166..b9b20697f5 100755
--- a/.github/scripts/badwords.pl
+++ b/.github/scripts/badwords.pl
@@ -79,9 +79,11 @@ sub file {
     close(F);
 }
 
-my @files = @ARGV;
-
-foreach my $each (@files) {
+my @filemasks = @ARGV;
+open(my $git_ls_files, '-|', 'git', 'ls-files', '--', @filemasks) or die "Failed running git ls-files: $!";
+while(my $each = <$git_ls_files>) {
+    chomp $each;
     file($each);
 }
+close $git_ls_files;
 exit $errors;
diff --git a/.github/scripts/cleancmd.pl b/.github/scripts/cleancmd.pl
index 7b79c2e65a..f90b31d8f1 100755
--- a/.github/scripts/cleancmd.pl
+++ b/.github/scripts/cleancmd.pl
@@ -119,6 +119,10 @@ sub process {
     }
 }
 
-for my $f (@ARGV) {
+my @filemasks = @ARGV;
+open(my $git_ls_files, '-|', 'git', 'ls-files', '--', @filemasks) or die "Failed running git ls-files: $!";
+while(my $f = <$git_ls_files>) {
+    chomp $f;
     process($f);
 }
+close $git_ls_files;
diff --git a/.github/scripts/codespell.sh b/.github/scripts/codespell.sh
index bbbbef5719..dfb6467535 100755
--- a/.github/scripts/codespell.sh
+++ b/.github/scripts/codespell.sh
@@ -7,7 +7,7 @@ set -eu
 
 cd "$(dirname "${0}")"/../..
 
-# shellcheck disable=SC2046
+git ls-files -z | xargs -0 -r \
 codespell \
   --skip '.github/scripts/pyspelling.words' \
   --skip '.github/scripts/typos.toml' \
@@ -16,4 +16,4 @@ codespell \
   --skip 'scripts/wcurl' \
   --ignore-regex '.*spellchecker:disable-line' \
   --ignore-words '.github/scripts/codespell-ignore.words' \
-  $(git ls-files)
+  --
diff --git a/.github/scripts/shellcheck.sh b/.github/scripts/shellcheck.sh
index 66590ec6c7..59b49131ac 100755
--- a/.github/scripts/shellcheck.sh
+++ b/.github/scripts/shellcheck.sh
@@ -3,7 +3,11 @@
 #
 # SPDX-License-Identifier: curl
 
-# shellcheck disable=SC2046
-shellcheck --exclude=1091 \
+set -eu
+
+cd "$(dirname "${0}")"/../..
+
+git grep -z -l -E '^#!(/usr/bin/env bash|/bin/sh|/bin/bash)' | xargs -0 -r \
+shellcheck --exclude=1091,2248 \
   --enable=avoid-nullary-conditions,deprecate-which \
-  $(grep -l -E '^#!(/usr/bin/env bash|/bin/sh|/bin/bash)' $(git ls-files))
+  --
diff --git a/.github/scripts/spacecheck.pl b/.github/scripts/spacecheck.pl
index e2da2cec5d..d0776a97d1 100755
--- a/.github/scripts/spacecheck.pl
+++ b/.github/scripts/spacecheck.pl
@@ -88,11 +88,11 @@ sub eol_detect {
 
 my $issues = 0;
 
-open my $git_ls_files, '-|', 'git ls-files' or die "Failed running git ls-files: $!";
+open(my $git_ls_files, '-|', 'git ls-files') or die "Failed running git ls-files: $!";
 while(my $filename = <$git_ls_files>) {
     chomp $filename;
 
-    open my $fh, '<', $filename or die "Cannot open '$filename': $!";
+    open(my $fh, '<', $filename) or die "Cannot open '$filename': $!";
     my $content = do { local $/; <$fh> };
     close $fh;
 
diff --git a/.github/scripts/yamlcheck.sh b/.github/scripts/yamlcheck.sh
index 2431c97abc..4bdeff45cb 100755
--- a/.github/scripts/yamlcheck.sh
+++ b/.github/scripts/yamlcheck.sh
@@ -5,9 +5,11 @@
 
 set -eu
 
-# shellcheck disable=SC2046
+cd "$(dirname "${0}")"/../..
+
+git ls-files '*.yaml' '*.yml' -z | xargs -0 -r \
 yamllint \
   --format standard \
   --strict \
-  --config-data "$(dirname "$0")/yamlcheck.yaml" \
-  $(git ls-files '*.yaml' '*.yml')
+  --config-data .github/scripts/yamlcheck.yaml \
+  --
diff --git a/.github/workflows/checkdocs.yml b/.github/workflows/checkdocs.yml
index 58f5f29f8b..dbdd556557 100644
--- a/.github/workflows/checkdocs.yml
+++ b/.github/workflows/checkdocs.yml
@@ -66,10 +66,10 @@ jobs:
   #          JSON
   #
   #      - name: 'trim headers off all *.md files'
-  #        run: git ls-files -z '*.md' | xargs -0 -n1 .github/scripts/trimmarkdownheader.pl
+  #        run: git ls-files '*.md' -z | xargs -0 -n1 .github/scripts/trimmarkdownheader.pl
   #
   #      - name: 'check prose'
-  #        run: git ls-files -z '*.md' | grep -Evz 'CHECKSRC\.md|DISTROS\.md|curl_mprintf\.md|CURLOPT_INTERFACE\.md|interface\.md' | xargs -0 proselint -- README
+  #        run: git ls-files '*.md' -z | grep -Evz 'CHECKSRC\.md|DISTROS\.md|curl_mprintf\.md|CURLOPT_INTERFACE\.md|interface\.md' | xargs -0 proselint -- README
   #
   #      # This is for CHECKSRC and files with aggressive exclamation mark needs
   #      - name: 'create second proselint config'
@@ -109,9 +109,7 @@ jobs:
           persist-credentials: false
 
       - name: 'trim all *.md files in docs/'
-        run: |
-          # shellcheck disable=SC2046
-          .github/scripts/cleancmd.pl $(find docs -name '*.md')
+        run: .github/scripts/cleancmd.pl 'docs/*.md'
 
       - name: 'install'
         run: |
@@ -140,9 +138,7 @@ jobs:
           persist-credentials: false
 
       - name: 'badwords'
-        run: |
-          # shellcheck disable=SC2046
-          .github/scripts/badwords.pl < .github/scripts/badwords.txt $(git ls-files '**.md') docs/TODO docs/KNOWN_BUGS packages/OS400/README.OS400
+        run: .github/scripts/badwords.pl '**.md' docs/TODO docs/KNOWN_BUGS packages/OS400/README.OS400 < .github/scripts/badwords.txt
 
       - name: 'verify synopsis'
         run: .github/scripts/verify-synopsis.pl docs/libcurl/curl*.md
diff --git a/.github/workflows/checksrc.yml b/.github/workflows/checksrc.yml
index 8557ec708c..8f79f1ca6d 100644
--- a/.github/workflows/checksrc.yml
+++ b/.github/workflows/checksrc.yml
@@ -164,7 +164,4 @@ jobs:
 
       # we allow some extra in source code
       - name: 'badwords'
-        run: |
-          # shellcheck disable=SC2046
-          grep -Ev '(\\bwill| url | dir )' .github/scripts/badwords.txt | \
-          .github/scripts/badwords.pl $(git ls-files -- src lib include)
+        run: grep -Ev '(\\bwill| url | dir )' .github/scripts/badwords.txt | .github/scripts/badwords.pl src lib include
diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml
index c99dcd90ac..d242c06116 100644
--- a/.github/workflows/http3-linux.yml
+++ b/.github/workflows/http3-linux.yml
@@ -587,8 +587,7 @@ jobs:
           cargo build -v --package quiche --release --features ffi,pkg-config-meta,qlog --verbose
           ln -s libquiche.so target/release/libquiche.so.0
           mkdir -v quiche/deps/boringssl/src/lib
-          # shellcheck disable=SC2046
-          ln -vnf $(find target/release -name libcrypto.a -o -name libssl.a) quiche/deps/boringssl/src/lib/
+          find target/release \( -name libcrypto.a -o -name libssl.a \) -exec ln -vnf '{}' quiche/deps/boringssl/src/lib \;
 
           # include dir
           # /home/runner/quiche/quiche/deps/boringssl/src/include
diff --git a/docs/INTERNALS.md b/docs/INTERNALS.md
index b6b00e924a..ac90d3fe82 100644
--- a/docs/INTERNALS.md
+++ b/docs/INTERNALS.md
@@ -48,7 +48,7 @@ versions of libs and build tools.
  - GNU Autoconf 2.59
  - GNU Automake 1.7
  - GNU M4       1.4
- - perl         5.8
+ - perl         5.8 (5.22 on Windows)
  - roffit       0.5
  - cmake        3.7
 

From 77be4a7ab2b5a0c633b9107fd286bda1f57e4725 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 10 Nov 2025 01:27:25 +0100
Subject: [PATCH 0781/2408] mdlinkcheck: pass curl arguments to `open()` as
 list

To prevent misinterpreting quotes or other special characters.

Requires Perl 5.22+ (2015-Jun-01) on Windows.

Ref: https://perldoc.perl.org/functions/open

Closes #19437
---
 scripts/mdlinkcheck | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/scripts/mdlinkcheck b/scripts/mdlinkcheck
index bbd6ac4602..842f0c9766 100755
--- a/scripts/mdlinkcheck
+++ b/scripts/mdlinkcheck
@@ -138,13 +138,17 @@ sub checkurl {
     }
 
     print "check $url\n";
-    my $curlcmd="curl -ILfsm10 --retry 2 --retry-delay 5 -A \"Mozilla/curl.se link-probe\"";
     $url =~ s/\+/%2B/g;
-    if($url =~ /[\"\'\n]/) {
-        print STDERR "Bad URL in markdown: %s\n", $url{$url};
+    my @content;
+    if(open(my $fh, '-|', 'curl', '-ILfsm10', '--retry', '2', '--retry-delay', '5',
+                          '-A', 'Mozilla/curl.se link-probe', $url)) {
+        @content = <$fh>;
+        close $fh;
+    }
+    else {
+        print STDERR "FAIL\n";
         return 1; # fail
     }
-    my @content = `$curlcmd \"$url\"`;
     if(!$content[0]) {
         print STDERR "FAIL\n";
         return 1; # fail

From a8e46c5ab1d9c0eda0536260c8ef0ea8fa745226 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 10 Nov 2025 15:08:19 +0100
Subject: [PATCH 0782/2408] verify-release: update to avoid shellcheck warning
 SC2034

```
SC2034: dl appears unused
```

Also to shorten the code.

Closes #19449
---
 scripts/verify-release | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/scripts/verify-release b/scripts/verify-release
index 2f7a0bf89f..b24d9b370d 100755
--- a/scripts/verify-release
+++ b/scripts/verify-release
@@ -40,12 +40,7 @@ if [ -z "$tarball" ]; then
     exit
 fi
 
-i="0"
-
-# shellcheck disable=SC2034
-for dl in curl-*; do
-    i=$((i + 1))
-done
+i="$(find . -maxdepth 1 -type d -name 'curl-*' | wc -l)"
 
 if test "$i" -gt 1; then
     echo "multiple curl-* entries found, disambiguate please"

From 6aab1dc2639d4fc8aaaa1190914b0491e029dace Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 10 Nov 2025 16:49:11 +0100
Subject: [PATCH 0783/2408] scripts: use end-of-options marker in `find -exec`
 commands

Closes #19450
---
 .github/workflows/checksrc.yml    |  2 +-
 .github/workflows/http3-linux.yml |  2 +-
 .github/workflows/macos.yml       |  2 +-
 .github/workflows/non-native.yml  |  2 +-
 .github/workflows/windows.yml     | 10 +++++-----
 Makefile.am                       |  2 +-
 appveyor.sh                       |  2 +-
 scripts/maketgz                   |  4 ++--
 8 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/.github/workflows/checksrc.yml b/.github/workflows/checksrc.yml
index 8f79f1ca6d..7aa8faf6a2 100644
--- a/.github/workflows/checksrc.yml
+++ b/.github/workflows/checksrc.yml
@@ -91,7 +91,7 @@ jobs:
       - name: 'pytype'
         run: |
           source ~/venv/bin/activate
-          find . -name '*.py' -exec pytype -j auto -k {} +
+          find . -name '*.py' -exec pytype -j auto -k -- {} +
 
       - name: 'ruff'
         run: |
diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml
index d242c06116..a844eb6c14 100644
--- a/.github/workflows/http3-linux.yml
+++ b/.github/workflows/http3-linux.yml
@@ -587,7 +587,7 @@ jobs:
           cargo build -v --package quiche --release --features ffi,pkg-config-meta,qlog --verbose
           ln -s libquiche.so target/release/libquiche.so.0
           mkdir -v quiche/deps/boringssl/src/lib
-          find target/release \( -name libcrypto.a -o -name libssl.a \) -exec ln -vnf '{}' quiche/deps/boringssl/src/lib \;
+          find target/release \( -name libcrypto.a -o -name libssl.a \) -exec ln -vnf -- '{}' quiche/deps/boringssl/src/lib \;
 
           # include dir
           # /home/runner/quiche/quiche/deps/boringssl/src/include
diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml
index 0e0d03bc4f..fc624dc09a 100644
--- a/.github/workflows/macos.yml
+++ b/.github/workflows/macos.yml
@@ -184,7 +184,7 @@ jobs:
           fi
 
       - name: 'curl info'
-        run: find . -type f \( -name curl -o -name '*.dylib' -o -name '*.a' \) -exec file '{}' \;
+        run: find . -type f \( -name curl -o -name '*.dylib' -o -name '*.a' \) -exec file -- '{}' \;
 
       - name: 'build tests'
         run: |
diff --git a/.github/workflows/non-native.yml b/.github/workflows/non-native.yml
index 523a6761e6..7813c694a5 100644
--- a/.github/workflows/non-native.yml
+++ b/.github/workflows/non-native.yml
@@ -310,7 +310,7 @@ jobs:
           fi
 
       - name: 'curl info'
-        run: find . -type f \( -name curl -o -name '*.so' -o -name '*.a' \) -exec file '{}' \;
+        run: find . -type f \( -name curl -o -name '*.so' -o -name '*.a' \) -exec file -- '{}' \;
 
       - name: 'build tests'
         run: |
diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml
index bcb846d806..15a586b12f 100644
--- a/.github/workflows/windows.yml
+++ b/.github/workflows/windows.yml
@@ -133,7 +133,7 @@ jobs:
         timeout-minutes: 1
         run: |
           PATH=/usr/bin
-          find . \( -name '*.exe' -o -name '*.dll' -o -name '*.a' \) -exec file '{}' \;
+          find . \( -name '*.exe' -o -name '*.dll' -o -name '*.a' \) -exec file -- '{}' \;
           if [ "${MATRIX_BUILD}" = 'cmake' ]; then
             PATH="$PWD/bld/lib:$PATH"
           fi
@@ -337,7 +337,7 @@ jobs:
             # avoid libtool's curl.exe wrapper for shared builds
             mv bld/src/.libs/curl.exe bld/src/curl.exe || true
           fi
-          find . \( -name '*.exe' -o -name '*.dll' -o -name '*.a' \) -exec file '{}' \;
+          find . \( -name '*.exe' -o -name '*.dll' -o -name '*.a' \) -exec file -- '{}' \;
           if [ "${MATRIX_TEST}" != 'uwp' ]; then  # curl: error initializing curl library
             bld/src/curl.exe --disable --version
           fi
@@ -548,7 +548,7 @@ jobs:
       - name: 'curl -V'
         timeout-minutes: 1
         run: |
-          /usr/bin/find . \( -name '*.exe' -o -name '*.dll' -o -name '*.a' \) -exec file '{}' \;
+          /usr/bin/find . \( -name '*.exe' -o -name '*.dll' -o -name '*.a' \) -exec file -- '{}' \;
           PATH="$PWD/bld/lib:$PATH"
           bld/src/curl.exe --disable --version
 
@@ -667,7 +667,7 @@ jobs:
           fi
 
       - name: 'curl info'
-        run: find . \( -name '*.exe' -o -name '*.dll' -o -name '*.a' \) -exec file '{}' \;
+        run: find . \( -name '*.exe' -o -name '*.dll' -o -name '*.a' \) -exec file -- '{}' \;
 
       - name: 'build tests'
         if: ${{ matrix.build == 'cmake' && matrix.compiler != 'clang-tidy' }}  # Save time by skipping this for autotools and clang-tidy
@@ -907,7 +907,7 @@ jobs:
       - name: 'curl -V'
         timeout-minutes: 1
         run: |
-          /usr/bin/find . \( -name '*.exe' -o -name '*.dll' -o -name '*.lib' -o -name '*.pdb' \) -exec file '{}' \;
+          /usr/bin/find . \( -name '*.exe' -o -name '*.dll' -o -name '*.lib' -o -name '*.pdb' \) -exec file -- '{}' \;
           if [ "${MATRIX_PLAT}" != 'uwp' ]; then  # Missing: ucrtbased.dll, VCRUNTIME140D.dll, VCRUNTIME140D_APP.dll
             PATH="$PWD/bld/lib/${MATRIX_TYPE}:$PATH"
             "bld/src/${MATRIX_TYPE}/curl.exe" --disable --version
diff --git a/Makefile.am b/Makefile.am
index 7b2f05f92e..f60c50e5ac 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -91,7 +91,7 @@ pkgconfig_DATA = libcurl.pc
 
 dist-hook:
 	rm -rf $(top_builddir)/tests/log
-	find $(distdir) -name "*.dist" -exec rm {} \;
+	find $(distdir) -name "*.dist" -exec rm -- {} \;
 	(distit=`find $(srcdir) -name "*.dist" | grep -v Makefile`; \
 	for file in $$distit; do \
 	  strip=`echo $$file | sed -e s/^$(srcdir)// -e s/\.dist//`; \
diff --git a/appveyor.sh b/appveyor.sh
index 4be76095ee..81407f7f33 100644
--- a/appveyor.sh
+++ b/appveyor.sh
@@ -98,7 +98,7 @@ elif [ "${BUILD_SYSTEM}" = 'VisualStudioSolution' ]; then
   curl="build/Win32/${VC_VERSION}/${PRJ_CFG}/curld.exe"
 fi
 
-find . \( -name '*.exe' -o -name '*.dll' -o -name '*.lib' -o -name '*.pdb' \) -exec file '{}' \;
+find . \( -name '*.exe' -o -name '*.dll' -o -name '*.lib' -o -name '*.pdb' \) -exec file -- '{}' \;
 if [ -z "${SKIP_RUN:-}" ]; then
   "${curl}" --disable --version
 else
diff --git a/scripts/maketgz b/scripts/maketgz
index d7059554d3..e6bc53dcdc 100755
--- a/scripts/maketgz
+++ b/scripts/maketgz
@@ -70,7 +70,7 @@ fi
 # As a precaution, remove all *.dist files that may be lying around, to reduce
 # the risk of old leftovers getting shipped.
 echo "removing all old *.dist files"
-find . -name "*.dist" -exec rm {} \;
+find . -name "*.dist" -exec rm -- {} \;
 
 numeric="$(printf "%02x%02x%02x\n" "$major" "$minor" "$patch")"
 
@@ -184,7 +184,7 @@ retar() {
   mkdir "$tempdir"
   cd "$tempdir"
   gzip -dc "../$targz" | tar -xf -
-  find curl-* -depth -exec touch -c -t "$filestamp" '{}' +
+  find curl-* -depth -exec touch -c -t "$filestamp" -- '{}' +
   tar --create --format=ustar --owner=0 --group=0 --numeric-owner --sort=name curl-* | gzip --best --no-name > out.tar.gz
   mv out.tar.gz ../
   cd ..

From af5a1647afa8aaf7cafc1e87af529a4cd48cb240 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 10 Nov 2025 16:54:57 +0100
Subject: [PATCH 0784/2408] OS400/makefile.sh: fix shellcheck warning SC2038

Also:
- OS400/makefile.sh: use end-of-options marker in xargs command.
- OS400/make-tests.sh: drop warning suppression.
  Seems to not trigger anymore as of shellcheck 0.11.0

Closes #19451
---
 packages/OS400/make-tests.sh | 2 +-
 packages/OS400/makefile.sh   | 3 +--
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/packages/OS400/make-tests.sh b/packages/OS400/make-tests.sh
index 3a2125965c..4ddc537487 100755
--- a/packages/OS400/make-tests.sh
+++ b/packages/OS400/make-tests.sh
@@ -58,7 +58,7 @@ build_all_programs()
 
                 for FLAG in ${PGMCFLAGS}
                 do      case "${FLAG}" in
-                        -D?*)   # shellcheck disable=SC2001
+                        -D?*)
                                 DEFINE="$(echo "${FLAG}" | sed 's/^..//')"
                                 PGMDFNS="${PGMDFNS} '${DEFINE}'"
                                 ;;
diff --git a/packages/OS400/makefile.sh b/packages/OS400/makefile.sh
index 7f75845215..b40094afd6 100755
--- a/packages/OS400/makefile.sh
+++ b/packages/OS400/makefile.sh
@@ -35,8 +35,7 @@ cd "${TOPDIR}" || exit 1
 
 #       Make sure all files are UTF8-encoded.
 
-# shellcheck disable=SC2038
-find "${TOPDIR}" -type f -print | xargs ls -S | while read -r CCSID FILE
+find "${TOPDIR}" -type f -print0 | xargs -0 ls -S -- | while read -r CCSID FILE
 do      if [ "${CCSID}" != 1208 ]
         then    CMD="CPY OBJ('${FILE}') TOOBJ('${FILE}') FROMCCSID(*OBJ)"
                 CMD="${CMD} TOCCSID(1208) DTAFMT(*TEXT) REPLACE(*YES)"

From cdb7ac11b48ad716ee58782f48465548d753f897 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 10 Nov 2025 21:26:25 +0100
Subject: [PATCH 0785/2408] GHA/linux: disable test 776 in valgrind jobs to
 avoid delay

Saving ~30 seconds in jobs affected.

Closes #19456
---
 .github/workflows/linux.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml
index 4805bf16be..06f058c929 100644
--- a/.github/workflows/linux.yml
+++ b/.github/workflows/linux.yml
@@ -741,6 +741,7 @@ jobs:
         run: |
           if [ "${TEST_TARGET}" = 'test-ci' ] && [[ "${MATRIX_INSTALL_PACKAGES}" = *'valgrind'* ]]; then
             TFLAGS+=' -j6'
+            TFLAGS+=' !776'  # skip long-running flaky test
             if [[ "${MATRIX_INSTALL_PACKAGES}" = *'libgss-dev'* ]]; then
               TFLAGS+=' ~2077 ~2078'  # memory leaks from Curl_auth_decode_spnego_message() -> gss_init_sec_context()
             fi

From b81d30ade314af7c3197dfcef2d978428b96b009 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 10 Nov 2025 22:43:59 +0100
Subject: [PATCH 0786/2408] pytest: fix conditions for test_02_28

- allow 02_28 to run in HTTP/1.1 without H2 support again.
  Follow-up to 3752de465d70552106b2527fbf821aee525e53e2 #19412

- fix to skip 02_28 for all protocols for curl without compression
  support (either zlib, brotli or ztsd).

Closes #19458
---
 tests/http/test_02_download.py | 4 +++-
 tests/http/testenv/env.py      | 6 ++++++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/tests/http/test_02_download.py b/tests/http/test_02_download.py
index d2d149f20f..13d5d2a0f0 100644
--- a/tests/http/test_02_download.py
+++ b/tests/http/test_02_download.py
@@ -581,7 +581,9 @@ class TestDownload:
 
     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     def test_02_28_get_compressed(self, env: Env, httpd, nghttpx, proto):
-        if not env.have_h2_curl():
+        if not env.have_compressed_curl():
+            pytest.skip("--compressed not supported")
+        if proto == 'h2' and not env.have_h2_curl():
             pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
diff --git a/tests/http/testenv/env.py b/tests/http/testenv/env.py
index 859b704a35..31db104994 100644
--- a/tests/http/testenv/env.py
+++ b/tests/http/testenv/env.py
@@ -406,6 +406,12 @@ class Env:
     def have_h3_curl() -> bool:
         return 'http3' in Env.CONFIG.curl_props['features']
 
+    @staticmethod
+    def have_compressed_curl() -> bool:
+        return 'brotli' in Env.CONFIG.curl_props['libs'] or \
+               'zlib' in Env.CONFIG.curl_props['libs'] or \
+               'zstd' in Env.CONFIG.curl_props['libs']
+
     @staticmethod
     def curl_uses_lib(libname: str) -> bool:
         return libname.lower() in Env.CONFIG.curl_props['libs']

From 67ef4a34f2e11aa45f0965909d0dd542643deede Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 10 Nov 2025 22:30:24 +0100
Subject: [PATCH 0787/2408] GHA/linux: build and enable nghttp2 for Fil-C job

pytests after: 527 passed, 286 skipped
pytests before: 392 passed, 423 skipped

runtests after: TESTDONE: 1646 tests out of 1646 reported OK: 100%
runtests before: TESTDONE: 1643 tests out of 1643 reported OK: 100%

Ref: b81d30ade314af7c3197dfcef2d978428b96b009 #19458

Closes #19457
---
 .github/workflows/linux.yml | 28 ++++++++++++++++++++++++++--
 1 file changed, 26 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml
index 06f058c929..773e5b4e91 100644
--- a/.github/workflows/linux.yml
+++ b/.github/workflows/linux.yml
@@ -55,6 +55,8 @@ env:
   RUSTLS_VERSION: 0.15.0
   # handled in renovate.json
   OPENLDAP_VERSION: 2.6.10
+  # renovate: datasource=github-tags depName=nghttp2/nghttp2 versioning=semver registryUrl=https://github.com
+  NGHTTP2_VERSION: 1.68.0
   # renovate: datasource=github-tags depName=pizlonator/fil-c versioning=semver-partial registryUrl=https://github.com
   FIL_C_VERSION: 0.674
 
@@ -216,14 +218,15 @@ jobs:
             configure: --without-ssl --enable-debug --disable-http --disable-smtp --disable-imap --disable-unity
 
           - name: 'libressl Fil-C'
-            install_steps: filc libressl-filc pytest
+            install_steps: filc libressl-filc nghttp2-filc pytest
             tflags: '!776'  # adds 1-9 minutes to the test run step, and fails consistently
             CC: /home/runner/filc/build/bin/filcc
+            PKG_CONFIG_PATH: /home/runner/nghttp2/lib/pkgconfig
             generate: >-
               -DBUILD_STATIC_LIBS=ON -DBUILD_SHARED_LIBS=OFF -DCMAKE_UNITY_BUILD=OFF
               -DOPENSSL_ROOT_DIR=/home/runner/libressl -DCURL_USE_LIBPSL=OFF
               -DCURL_ZLIB=OFF -DCURL_BROTLI=OFF -DCURL_ZSTD=OFF
-              -DUSE_NGHTTP2=OFF -DCURL_DISABLE_LDAP=ON -DUSE_LIBIDN2=OFF -DCURL_USE_LIBSSH2=OFF
+              -DCURL_DISABLE_LDAP=ON -DUSE_LIBIDN2=OFF -DCURL_USE_LIBSSH2=OFF
 
           - name: 'clang-tidy'
             install_packages: clang-tidy libssl-dev libidn2-dev libssh2-1-dev libnghttp2-dev libldap-dev libkrb5-dev librtmp-dev libgnutls28-dev
@@ -435,6 +438,27 @@ jobs:
           cmake --build .
           cmake --install .
 
+      - name: 'cache nghttp2 (filc)'
+        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        id: cache-nghttp2-filc
+        env:
+          cache-name: cache-nghttp2-filc
+        with:
+          path: ~/nghttp2
+          key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.NGHTTP2_VERSION }}-${{ env.FIL_C_VERSION }}
+
+      - name: 'build nghttp2 (filc)'
+        if: ${{ contains(matrix.build.install_steps, 'nghttp2-filc') && steps.cache-nghttp2-filc.outputs.cache-hit != 'true' }}
+        run: |
+          curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \
+            --location "https://github.com/nghttp2/nghttp2/releases/download/v${NGHTTP2_VERSION}/nghttp2-${NGHTTP2_VERSION}.tar.xz" | tar -xJ
+          cd "nghttp2-${NGHTTP2_VERSION}"
+          cmake -B . -G Ninja -DENABLE_LIB_ONLY=ON -DBUILD_TESTING=OFF -DENABLE_DOC=OFF -DCMAKE_INSTALL_PREFIX=/home/runner/nghttp2 \
+            -DBUILD_STATIC_LIBS=ON -DBUILD_SHARED_LIBS=OFF \
+            -DCMAKE_C_COMPILER=/home/runner/filc/build/bin/filcc
+          cmake --build .
+          cmake --install .
+
       - name: 'cache wolfssl (all)'
         if: ${{ contains(matrix.build.install_steps, 'wolfssl-all') }}
         uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0

From c545e10fa75c04b4ded093573a0c15077937c51b Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 11 Nov 2025 09:42:16 +0100
Subject: [PATCH 0788/2408] sftp: fix range downloads in both SSH backends

When asking for the last N bytes of a file, and that size was larger
than the file size, it would miss the first byte due to a logic error.

The fixed range parser is now made a common function in the file now
renamed to vssh.c (from curl_path.c) - used by both backends.

Unit test 2605 verifies the parser.

Reported-by: Stanislav Fort (Aisle Research)
Closes #19460
---
 lib/Makefile.inc                 |   4 +-
 lib/vssh/libssh.c                |  45 ++----------
 lib/vssh/libssh2.c               |  43 ++----------
 lib/vssh/ssh.h                   |   2 +-
 lib/vssh/{curl_path.c => vssh.c} |  49 +++++++++++++-
 lib/vssh/{curl_path.h => vssh.h} |   4 ++
 tests/data/Makefile.am           |   2 +-
 tests/data/test2605              |  20 ++++++
 tests/data/test637               |   2 +-
 tests/unit/Makefile.inc          |   2 +-
 tests/unit/unit2604.c            |   2 +-
 tests/unit/unit2605.c            | 113 +++++++++++++++++++++++++++++++
 12 files changed, 204 insertions(+), 84 deletions(-)
 rename lib/vssh/{curl_path.c => vssh.c} (80%)
 rename lib/vssh/{curl_path.h => vssh.h} (88%)
 create mode 100644 tests/data/test2605
 create mode 100644 tests/unit/unit2605.c

diff --git a/lib/Makefile.inc b/lib/Makefile.inc
index 8b506febcf..4bdf293f89 100644
--- a/lib/Makefile.inc
+++ b/lib/Makefile.inc
@@ -133,10 +133,10 @@ LIB_VQUIC_HFILES = \
 LIB_VSSH_CFILES =  \
   vssh/libssh.c    \
   vssh/libssh2.c   \
-  vssh/curl_path.c
+  vssh/vssh.c
 
 LIB_VSSH_HFILES =    \
-  vssh/curl_path.h   \
+  vssh/vssh.h        \
   vssh/ssh.h
 
 LIB_CFILES =         \
diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c
index f5de9f3e84..781c5dafc3 100644
--- a/lib/vssh/libssh.c
+++ b/lib/vssh/libssh.c
@@ -64,7 +64,7 @@
 #include "../multiif.h"
 #include "../select.h"
 #include "../curlx/warnless.h"
-#include "curl_path.h"
+#include "vssh.h"
 
 #ifdef HAVE_UNISTD_H
 #include 
@@ -1329,44 +1329,11 @@ static int myssh_in_SFTP_DOWNLOAD_STAT(struct Curl_easy *data,
       return myssh_to_ERROR(data, sshc, CURLE_BAD_DOWNLOAD_RESUME);
     }
     if(data->state.use_range) {
-      curl_off_t from, to;
-      const char *p = data->state.range;
-      int from_t, to_t;
-
-      from_t = curlx_str_number(&p, &from, CURL_OFF_T_MAX);
-      if(from_t == STRE_OVERFLOW)
-        return myssh_to_ERROR(data, sshc, CURLE_RANGE_ERROR);
-
-      curlx_str_passblanks(&p);
-      (void)curlx_str_single(&p, '-');
-
-      to_t = curlx_str_numblanks(&p, &to);
-      if(to_t == STRE_OVERFLOW)
-        return myssh_to_ERROR(data, sshc, CURLE_RANGE_ERROR);
-
-      if((to_t == STRE_NO_NUM) || (to >= size)) {
-        to = size - 1;
-      }
-
-      if(from_t == STRE_NO_NUM) {
-        /* from is relative to end of file */
-        from = size - to;
-        to = size - 1;
-      }
-      if(from > size) {
-        failf(data, "Offset (%" FMT_OFF_T ") was beyond file size (%"
-              FMT_OFF_T ")", from, size);
-        return myssh_to_ERROR(data, sshc, CURLE_BAD_DOWNLOAD_RESUME);
-      }
-      if(from > to) {
-        from = to;
-        size = 0;
-      }
-      else {
-        if((to - from) == CURL_OFF_T_MAX)
-          return myssh_to_ERROR(data, sshc, CURLE_RANGE_ERROR);
-        size = to - from + 1;
-      }
+      curl_off_t from;
+      CURLcode result = Curl_ssh_range(data, data->state.range, size,
+                                       &from, &size);
+      if(result)
+        return myssh_to_ERROR(data, sshc, result);
 
       rc = sftp_seek64(sshc->sftp_file, from);
       if(rc)
diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c
index ee82396753..e83bc682b9 100644
--- a/lib/vssh/libssh2.c
+++ b/lib/vssh/libssh2.c
@@ -63,7 +63,7 @@
 #include "../select.h"
 #include "../curlx/fopen.h"
 #include "../curlx/warnless.h"
-#include "curl_path.h"
+#include "vssh.h"
 #include "../curlx/strparse.h"
 #include "../curlx/base64.h" /* for base64 encoding/decoding */
 
@@ -1434,42 +1434,11 @@ sftp_download_stat(struct Curl_easy *data,
       return CURLE_BAD_DOWNLOAD_RESUME;
     }
     if(data->state.use_range) {
-      curl_off_t from, to;
-      const char *p = data->state.range;
-      int to_t, from_t;
-
-      from_t = curlx_str_number(&p, &from, CURL_OFF_T_MAX);
-      if(from_t == STRE_OVERFLOW)
-        return CURLE_RANGE_ERROR;
-      curlx_str_passblanks(&p);
-      (void)curlx_str_single(&p, '-');
-
-      to_t = curlx_str_numblanks(&p, &to);
-      if(to_t == STRE_OVERFLOW)
-        return CURLE_RANGE_ERROR;
-      if((to_t == STRE_NO_NUM) /* no "to" value given */
-         || (to >= size)) {
-        to = size - 1;
-      }
-      if(from_t) {
-        /* from is relative to end of file */
-        from = size - to;
-        to = size - 1;
-      }
-      if(from > size) {
-        failf(data, "Offset (%" FMT_OFF_T ") was beyond file size (%"
-              FMT_OFF_T ")", from, (curl_off_t)attrs.filesize);
-        return CURLE_BAD_DOWNLOAD_RESUME;
-      }
-      if(from > to) {
-        from = to;
-        size = 0;
-      }
-      else {
-        if((to - from) == CURL_OFF_T_MAX)
-          return CURLE_RANGE_ERROR;
-        size = to - from + 1;
-      }
+      curl_off_t from;
+      CURLcode result = Curl_ssh_range(data, data->state.range, size,
+                                       &from, &size);
+      if(result)
+        return result;
 
       libssh2_sftp_seek64(sshc->sftp_handle, (libssh2_uint64_t)from);
     }
diff --git a/lib/vssh/ssh.h b/lib/vssh/ssh.h
index e09111e63f..9d03b52f40 100644
--- a/lib/vssh/ssh.h
+++ b/lib/vssh/ssh.h
@@ -36,7 +36,7 @@
 #include 
 #endif
 
-#include "curl_path.h"
+#include "vssh.h"
 
 /* meta key for storing protocol meta at easy handle */
 #define CURL_META_SSH_EASY   "meta:proto:ssh:easy"
diff --git a/lib/vssh/curl_path.c b/lib/vssh/vssh.c
similarity index 80%
rename from lib/vssh/curl_path.c
rename to lib/vssh/vssh.c
index a6d572520f..e33386a16a 100644
--- a/lib/vssh/curl_path.c
+++ b/lib/vssh/vssh.c
@@ -26,9 +26,10 @@
 
 #ifdef USE_SSH
 
-#include "curl_path.h"
+#include "vssh.h"
 #include 
 #include "../curlx/strparse.h"
+#include "../curl_trc.h"
 #include "../curl_memory.h"
 #include "../escape.h"
 #include "../memdebug.h"
@@ -196,4 +197,50 @@ fail:
   return CURLE_QUOTE_ERROR;
 }
 
+CURLcode Curl_ssh_range(struct Curl_easy *data,
+                        const char *p, curl_off_t filesize,
+                        curl_off_t *startp, curl_off_t *sizep)
+{
+  curl_off_t from, to;
+  int to_t;
+  int from_t = curlx_str_number(&p, &from, CURL_OFF_T_MAX);
+  if(from_t == STRE_OVERFLOW)
+    return CURLE_RANGE_ERROR;
+  curlx_str_passblanks(&p);
+  (void)curlx_str_single(&p, '-');
+
+  to_t = curlx_str_numblanks(&p, &to);
+  if((to_t == STRE_OVERFLOW) || (to_t && from_t) || *p)
+    return CURLE_RANGE_ERROR;
+
+  if(from_t) {
+    /* no start point given, set from relative to end of file */
+    if(!to)
+      /* "-0" is not a fine range */
+      return CURLE_RANGE_ERROR;
+    else if(to > filesize)
+      to = filesize;
+    from = filesize - to;
+    to = filesize - 1;
+  }
+  else if(from > filesize) {
+    failf(data, "Offset (%" FMT_OFF_T ") was beyond file size (%"
+          FMT_OFF_T ")", from, filesize);
+    return CURLE_RANGE_ERROR;
+  }
+  else if((to_t == STRE_NO_NUM) || (to >= filesize))
+    to = filesize - 1;
+
+  if(from > to) {
+    failf(data, "Bad range: start offset larger than end offset");
+    return CURLE_RANGE_ERROR;
+  }
+  if((to - from) == CURL_OFF_T_MAX)
+    return CURLE_RANGE_ERROR;
+
+  *startp = from;
+  *sizep = to - from + 1;
+  return CURLE_OK;
+}
+
 #endif /* if SSH is used */
diff --git a/lib/vssh/curl_path.h b/lib/vssh/vssh.h
similarity index 88%
rename from lib/vssh/curl_path.h
rename to lib/vssh/vssh.h
index 1c167f9660..1a4e597b15 100644
--- a/lib/vssh/curl_path.h
+++ b/lib/vssh/vssh.h
@@ -33,4 +33,8 @@ CURLcode Curl_getworkingpath(struct Curl_easy *data,
                              char **path);
 
 CURLcode Curl_get_pathname(const char **cpp, char **path, const char *homedir);
+
+CURLcode Curl_ssh_range(struct Curl_easy *data,
+                        const char *range, curl_off_t filesize,
+                        curl_off_t *startp, curl_off_t *sizep);
 #endif /* HEADER_CURL_PATH_H */
diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am
index bbd97853a3..bdec674dff 100644
--- a/tests/data/Makefile.am
+++ b/tests/data/Makefile.am
@@ -265,7 +265,7 @@ test2400 test2401 test2402 test2403 test2404 test2405 test2406 \
 \
 test2500 test2501 test2502 test2503 \
 \
-test2600 test2601 test2602 test2603 test2604 \
+test2600 test2601 test2602 test2603 test2604 test2605 \
 \
 test2700 test2701 test2702 test2703 test2704 test2705 test2706 test2707 \
 test2708 test2709 test2710 test2711 test2712 test2713 test2714 test2715 \
diff --git a/tests/data/test2605 b/tests/data/test2605
new file mode 100644
index 0000000000..81b580b7b4
--- /dev/null
+++ b/tests/data/test2605
@@ -0,0 +1,20 @@
+
+
+
+unittest
+sftp
+
+
+
+#
+# Client-side
+
+
+unittest
+sftp
+
+
+Curl_ssh_range unit test
+
+
+
diff --git a/tests/data/test637 b/tests/data/test637
index 83da596fed..3052948751 100644
--- a/tests/data/test637
+++ b/tests/data/test637
@@ -35,7 +35,7 @@ for ssh test
 # Verify data after the test has been "shot"
 
 
-36
+33
 
 
 
diff --git a/tests/unit/Makefile.inc b/tests/unit/Makefile.inc
index f64a1630c8..7027973d2f 100644
--- a/tests/unit/Makefile.inc
+++ b/tests/unit/Makefile.inc
@@ -40,6 +40,6 @@ TESTS_C = \
   unit1650.c unit1651.c unit1652.c unit1653.c unit1654.c unit1655.c unit1656.c \
   unit1657.c unit1658.c            unit1660.c unit1661.c unit1663.c unit1664.c \
   unit1979.c unit1980.c \
-  unit2600.c unit2601.c unit2602.c unit2603.c unit2604.c \
+  unit2600.c unit2601.c unit2602.c unit2603.c unit2604.c unit2605.c \
   unit3200.c                                             unit3205.c \
   unit3211.c unit3212.c unit3213.c unit3214.c
diff --git a/tests/unit/unit2604.c b/tests/unit/unit2604.c
index 7cb82bbcf1..13f7e80d8a 100644
--- a/tests/unit/unit2604.c
+++ b/tests/unit/unit2604.c
@@ -22,7 +22,7 @@
  *
  ***************************************************************************/
 #include "unitcheck.h"
-#include "vssh/curl_path.h"
+#include "vssh/vssh.h"
 #include "memdebug.h"
 
 static CURLcode test_unit2604(const char *arg)
diff --git a/tests/unit/unit2605.c b/tests/unit/unit2605.c
new file mode 100644
index 0000000000..b94e87e78c
--- /dev/null
+++ b/tests/unit/unit2605.c
@@ -0,0 +1,113 @@
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) Daniel Stenberg, , et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ * SPDX-License-Identifier: curl
+ *
+ ***************************************************************************/
+#include "unitcheck.h"
+#include "vssh/vssh.h"
+#include "memdebug.h"
+
+static CURLcode test_unit2605(const char *arg)
+{
+  UNITTEST_BEGIN_SIMPLE
+
+#ifdef USE_SSH
+  CURL *curl;
+  struct range {
+    const char *r;
+    curl_off_t filesize;
+    curl_off_t start;
+    curl_off_t size;
+    CURLcode result;
+  };
+
+  int i;
+  struct range list[] = {
+    { "0-9", 100, 0, 10, CURLE_OK},
+    { "1-10", 100, 1, 10, CURLE_OK},
+    { "222222-222222", 300000, 222222, 1, CURLE_OK},
+    { "4294967296 - 4294967297", 4294967298, 4294967296, 2, CURLE_OK},
+    { "-10", 100, 90, 10, CURLE_OK},
+    { "-20", 100, 80, 20, CURLE_OK},
+    { "-1", 100, 99, 1, CURLE_OK},
+    { "-0", 100, 0, 0, CURLE_RANGE_ERROR},
+    { "--2", 100, 0, 0, CURLE_RANGE_ERROR},
+    { "-100", 100, 0, 100, CURLE_OK},
+    { "-101", 100, 0, 100, CURLE_OK},
+    { "-1000", 100, 0, 100, CURLE_OK},
+    { "2-1000", 100, 2, 98, CURLE_OK},
+    { ".2-3", 100, 0, 0, CURLE_RANGE_ERROR},
+    { "+2-3", 100, 0, 0, CURLE_RANGE_ERROR},
+    { "2 - 3", 100, 2, 2, CURLE_OK},
+    { " 2 - 3", 100, 2, 2, CURLE_RANGE_ERROR}, /* no leading space */
+    { "2 - 3 ", 100, 2, 2, CURLE_RANGE_ERROR}, /* no trailing space */
+    { "3-2", 100, 0, 0, CURLE_RANGE_ERROR},
+    { "2.-3", 100, 0, 0, CURLE_RANGE_ERROR},
+    { "-3-2", 100, 0, 0, CURLE_RANGE_ERROR},
+    { "101-102", 100, 0, 0, CURLE_RANGE_ERROR},
+    { "0-", 100, 0, 100, CURLE_OK},
+    { "1-", 100, 1, 99, CURLE_OK},
+    { "99-", 100, 99, 1, CURLE_OK},
+    { "100-", 100, 0, 0, CURLE_RANGE_ERROR},
+    { NULL, 0, 0, 0, CURLE_OK }
+  };
+
+  curl_global_init(CURL_GLOBAL_ALL);
+  curl = curl_easy_init();
+  if(curl) {
+    curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
+
+    for(i = 0; list[i].r; i++) {
+      curl_off_t start;
+      curl_off_t size;
+      CURLcode result;
+      curl_mprintf("%u: '%s' (file size: %" FMT_OFF_T ")\n",
+                   i, list[i].r, list[i].filesize);
+      result = Curl_ssh_range(curl, list[i].r, list[i].filesize,
+                              &start, &size);
+      if(result != list[i].result) {
+        curl_mprintf("... returned %d\n", result);
+        unitfail++;
+      }
+      if(!result) {
+        if(start != list[i].start) {
+          curl_mprintf("... start (%" FMT_OFF_T ") was not %" FMT_OFF_T " \n",
+                       start, list[i].start);
+          unitfail++;
+        }
+        if(size != list[i].size) {
+          curl_mprintf("... size (%" FMT_OFF_T ") was not %" FMT_OFF_T " \n",
+                       size, list[i].size);
+          unitfail++;
+        }
+      }
+    }
+    curl_easy_cleanup(curl);
+  }
+  curl_global_cleanup();
+
+  if(!unitfail)
+    curl_mprintf("ok\n");
+
+#endif
+
+  UNITTEST_END_SIMPLE
+}

From 3f1a8dbb983ebc60062bbf44a25b9c51bfacd648 Mon Sep 17 00:00:00 2001
From: x2018 
Date: Mon, 10 Nov 2025 00:24:10 +0800
Subject: [PATCH 0789/2408] rustls: fix a potential memory issue

Closes #19425
---
 lib/vtls/rustls.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c
index 262f016f9f..ab22909278 100644
--- a/lib/vtls/rustls.c
+++ b/lib/vtls/rustls.c
@@ -1098,8 +1098,6 @@ cr_init_backend(struct Curl_cfilter *cf, struct Curl_easy *data,
     &backend->config);
   if(rr != RUSTLS_RESULT_OK) {
     rustls_failf(data, rr, "failed to build client config");
-    rustls_client_config_builder_free(config_builder);
-    rustls_client_config_free(backend->config);
     return CURLE_SSL_CONNECT_ERROR;
   }
 
@@ -1109,6 +1107,8 @@ cr_init_backend(struct Curl_cfilter *cf, struct Curl_easy *data,
                                     &rconn);
   if(rr != RUSTLS_RESULT_OK) {
     rustls_failf(data, rr, "rustls_client_connection_new");
+    rustls_client_config_free(backend->config);
+    backend->config = NULL;
     return CURLE_COULDNT_CONNECT;
   }
   DEBUGASSERT(rconn);

From 10b2dd8e6b1376aa74b8a415f02544d7f494cd19 Mon Sep 17 00:00:00 2001
From: x2018 
Date: Mon, 10 Nov 2025 23:55:02 +0800
Subject: [PATCH 0790/2408] krb5_sspi: unify a part of error handling

Closes #19452
---
 lib/vauth/krb5_sspi.c | 34 +++++++++++++++-------------------
 1 file changed, 15 insertions(+), 19 deletions(-)

diff --git a/lib/vauth/krb5_sspi.c b/lib/vauth/krb5_sspi.c
index c1953e1145..cad2412d17 100644
--- a/lib/vauth/krb5_sspi.c
+++ b/lib/vauth/krb5_sspi.c
@@ -250,6 +250,7 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data,
                                                   struct kerberos5data *krb5,
                                                   struct bufref *out)
 {
+  CURLcode result = CURLE_OK;
   size_t offset = 0;
   size_t messagelen = 0;
   size_t appdatalen = 0;
@@ -349,9 +350,8 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data,
     messagelen += strlen(authzid);
   message = malloc(messagelen);
   if(!message) {
-    free(trailer);
-
-    return CURLE_OUT_OF_MEMORY;
+    result = CURLE_OUT_OF_MEMORY;
+    goto out;
   }
 
   /* Populate the message with the security layer and client supported receive
@@ -369,10 +369,8 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data,
   /* Allocate the padding */
   padding = malloc(sizes.cbBlockSize);
   if(!padding) {
-    free(message);
-    free(trailer);
-
-    return CURLE_OUT_OF_MEMORY;
+    result = CURLE_OUT_OF_MEMORY;
+    goto out;
   }
 
   /* Setup the "authentication data" security buffer */
@@ -393,14 +391,11 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data,
   status = Curl_pSecFn->EncryptMessage(krb5->context, KERB_WRAP_NO_ENCRYPT,
                                        &wrap_desc, 0);
   if(status != SEC_E_OK) {
-    free(padding);
-    free(message);
-    free(trailer);
-
     if(status == SEC_E_INSUFFICIENT_MEMORY)
-      return CURLE_OUT_OF_MEMORY;
-
-    return CURLE_AUTH_ERROR;
+      result = CURLE_OUT_OF_MEMORY;
+    else
+      result = CURLE_AUTH_ERROR;
+    goto out;
   }
 
   /* Allocate the encryption (wrap) buffer */
@@ -408,11 +403,8 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data,
                wrap_buf[2].cbBuffer;
   appdata = malloc(appdatalen);
   if(!appdata) {
-    free(padding);
-    free(message);
-    free(trailer);
-
-    return CURLE_OUT_OF_MEMORY;
+    result = CURLE_OUT_OF_MEMORY;
+    goto out;
   }
 
   /* Populate the encryption buffer */
@@ -422,11 +414,15 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data,
   offset += wrap_buf[1].cbBuffer;
   memcpy(appdata + offset, wrap_buf[2].pvBuffer, wrap_buf[2].cbBuffer);
 
+out:
   /* Free all of our local buffers */
   free(padding);
   free(message);
   free(trailer);
 
+  if(result)
+    return result;
+
   /* Return the response. */
   Curl_bufref_set(out, appdata, appdatalen, curl_free);
   return CURLE_OK;

From 0dacc0796960c9caf5c31e7cbde8c5c062797b3c Mon Sep 17 00:00:00 2001
From: x2018 
Date: Tue, 11 Nov 2025 00:29:29 +0800
Subject: [PATCH 0791/2408] cf-https-connect: allocate ctx at first in
 cf_hc_create()

Closes #19454
---
 lib/cf-https-connect.c | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/lib/cf-https-connect.c b/lib/cf-https-connect.c
index 5d6724dbc5..085b93da64 100644
--- a/lib/cf-https-connect.c
+++ b/lib/cf-https-connect.c
@@ -587,20 +587,22 @@ static CURLcode cf_hc_create(struct Curl_cfilter **pcf,
   CURLcode result = CURLE_OK;
   size_t i;
 
+  ctx = calloc(1, sizeof(*ctx));
+  if(!ctx) {
+    result = CURLE_OUT_OF_MEMORY;
+    goto out;
+  }
+
   DEBUGASSERT(alpnids);
   DEBUGASSERT(alpn_count);
   DEBUGASSERT(alpn_count <= CURL_ARRAYSIZE(ctx->ballers));
   if(!alpn_count || (alpn_count > CURL_ARRAYSIZE(ctx->ballers))) {
     failf(data, "https-connect filter create with unsupported %zu ALPN ids",
           alpn_count);
-    return CURLE_FAILED_INIT;
-  }
-
-  ctx = calloc(1, sizeof(*ctx));
-  if(!ctx) {
-    result = CURLE_OUT_OF_MEMORY;
+    result = CURLE_FAILED_INIT;
     goto out;
   }
+
   for(i = 0; i < alpn_count; ++i)
     cf_hc_baller_assign(&ctx->ballers[i], alpnids[i], def_transport);
   for(; i < CURL_ARRAYSIZE(ctx->ballers); ++i)

From 28380bb9fd1d6eb25344220d569df3f80ded7363 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 10 Nov 2025 00:46:53 +0100
Subject: [PATCH 0792/2408] progress: show fewer digits

Without unit, show up to 99999 "raw" (5 digits). After that, prefer to
show the number as less than 1000 per unit and use single decimal
fraction. Like '123.4M' (spending 6 characters).

This now makes the largest possible size to show 8.0E (exabytes).

Probably makes the output easier to read.

Fixes #19431
Reported-by: Fd929c2CE5fA on github
Closes #19433
---
 lib/progress.c | 46 ++++++++++++++++++++--------------------------
 1 file changed, 20 insertions(+), 26 deletions(-)

diff --git a/lib/progress.c b/lib/progress.c
index 928461043a..211212d4ed 100644
--- a/lib/progress.c
+++ b/lib/progress.c
@@ -67,33 +67,27 @@ static void time2str(char *r, curl_off_t seconds)
    Add suffix k, M, G when suitable... */
 static char *max6data(curl_off_t bytes, char *max6)
 {
-  /* a signed 64-bit value is 8192 petabytes maximum */
-  const char unit[] = { 'k', 'M', 'G', 'T', 'P', 0 };
-  int k = 0;
-  if(bytes < 1000000) {
-    curl_msnprintf(max6, 7, "%5" CURL_FORMAT_CURL_OFF_T, bytes);
-    return max6;
+  /* a signed 64-bit value is 8192 petabytes maximum, shown as
+     8.0E (exabytes)*/
+  if(bytes < 100000)
+    curl_msnprintf(max6, 7, "%6" CURL_FORMAT_CURL_OFF_T, bytes);
+  else {
+    const char unit[] = { 'k', 'M', 'G', 'T', 'P', 'E', 0 };
+    int k = 0;
+    curl_off_t nbytes;
+    do {
+      nbytes = bytes / 1024;
+      if(nbytes < 1000)
+        break;
+      bytes = nbytes;
+      k++;
+      DEBUGASSERT(unit[k]);
+    } while(unit[k]);
+    /* xxx.yU */
+    curl_msnprintf(max6, 7, "%3" CURL_FORMAT_CURL_OFF_T
+                   ".%" CURL_FORMAT_CURL_OFF_T "%c", nbytes,
+                   (bytes%1024) / (1024/10), unit[k]);
   }
-
-  do {
-    curl_off_t nbytes = bytes / 1024;
-    if(nbytes < 1000) {
-      /* xxx.yU */
-      curl_msnprintf(max6, 7, "%3" CURL_FORMAT_CURL_OFF_T
-                     ".%" CURL_FORMAT_CURL_OFF_T "%c", nbytes,
-                     (bytes%1024) / (1024/10), unit[k]);
-      break;
-    }
-    else if(nbytes < 100000) {
-      /* xxxxxU */
-      curl_msnprintf(max6, 7, "%5" CURL_FORMAT_CURL_OFF_T "%c",
-                     nbytes, unit[k]);
-      break;
-    }
-    bytes = nbytes;
-    k++;
-    DEBUGASSERT(unit[k]);
-  } while(unit[k]);
   return max6;
 }
 #endif

From 5bd670c39341087d15e90db1abd89b9187a07ed8 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 11 Nov 2025 09:06:13 +0100
Subject: [PATCH 0793/2408] wolfssl: avoid NULL dereference in OOM situation

Verify that wolfSSL_BIO_meth_new() actually works and handle situations
where it returns NULL.

Reported-by: Stanislav Fort (Aisle Research)
Closes #19459
---
 lib/vtls/wolfssl.c | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c
index 585a406002..bf39ccf9b1 100644
--- a/lib/vtls/wolfssl.c
+++ b/lib/vtls/wolfssl.c
@@ -395,20 +395,24 @@ static int wssl_bio_cf_in_read(WOLFSSL_BIO *bio, char *buf, int blen)
 
 static WOLFSSL_BIO_METHOD *wssl_bio_cf_method = NULL;
 
-static void wssl_bio_cf_init_methods(void)
+static int wssl_bio_cf_init_methods(void)
 {
   wssl_bio_cf_method = wolfSSL_BIO_meth_new(WOLFSSL_BIO_MEMORY,
-                                               "wolfSSL CF BIO");
+                                            "wolfSSL CF BIO");
+  if(!wssl_bio_cf_method)
+    return FALSE; /* error */
   wolfSSL_BIO_meth_set_write(wssl_bio_cf_method, &wssl_bio_cf_out_write);
   wolfSSL_BIO_meth_set_read(wssl_bio_cf_method, &wssl_bio_cf_in_read);
   wolfSSL_BIO_meth_set_ctrl(wssl_bio_cf_method, &wssl_bio_cf_ctrl);
   wolfSSL_BIO_meth_set_create(wssl_bio_cf_method, &wssl_bio_cf_create);
   wolfSSL_BIO_meth_set_destroy(wssl_bio_cf_method, &wssl_bio_cf_destroy);
+  return TRUE; /* fine */
 }
 
 static void wssl_bio_cf_free_methods(void)
 {
   wolfSSL_BIO_meth_free(wssl_bio_cf_method);
+  wssl_bio_cf_method = NULL;
 }
 
 #else /* USE_BIO_CHAIN */
@@ -1504,6 +1508,8 @@ wssl_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data)
   {
     WOLFSSL_BIO *bio;
 
+    if(!wssl_bio_cf_method)
+      return CURLE_FAILED_INIT;
     bio = wolfSSL_BIO_new(wssl_bio_cf_method);
     if(!bio)
       return CURLE_OUT_OF_MEMORY;
@@ -2089,7 +2095,8 @@ static int wssl_init(void)
   Curl_tls_keylog_open();
 #endif
   ret = (wolfSSL_Init() == WOLFSSL_SUCCESS);
-  wssl_bio_cf_init_methods();
+  if(ret)
+    ret = wssl_bio_cf_init_methods();
   return ret;
 }
 

From 6ca1d05797c5edc2359b7710f27a935902ffc613 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 11 Nov 2025 14:39:20 +0100
Subject: [PATCH 0794/2408] ftp: remove #ifdef for define that is always
 defined

The CURL_FTP_HTTPSTYLE_HEAD logic was added back in 2007 with the
intention to remove that logic one day, but since we never bump the
SONAME it is not likely to happen anytime soon. Remove again for
readability.

Follow-up to 3217809294b

Closes #19463
---
 lib/ftp.c | 18 ------------------
 1 file changed, 18 deletions(-)

diff --git a/lib/ftp.c b/lib/ftp.c
index dd70c2a5ce..ca6b9497b2 100644
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -316,18 +316,6 @@ static void close_secondarysocket(struct Curl_easy *data,
   Curl_conn_cf_discard_all(data, data->conn, SECONDARYSOCKET);
 }
 
-/*
- * NOTE: back in the old days, we added code in the FTP code that made NOBODY
- * requests on files respond with headers passed to the client/stdout that
- * looked like HTTP ones.
- *
- * This approach is not elegant, it causes confusion and is error-prone. It is
- * subject for removal at the next (or at least a future) soname bump. Until
- * then you can test the effects of the removal by undefining the following
- * define named CURL_FTP_HTTPSTYLE_HEAD.
- */
-#define CURL_FTP_HTTPSTYLE_HEAD 1
-
 static void freedirs(struct ftp_conn *ftpc)
 {
   Curl_safefree(ftpc->dirs);
@@ -2114,7 +2102,6 @@ static CURLcode ftp_state_mdtm_resp(struct Curl_easy *data,
           showtime = TRUE;
       }
 
-#ifdef CURL_FTP_HTTPSTYLE_HEAD
       /* If we asked for a time of the file and we actually got one as well,
          we "emulate" an HTTP-style header in our output. */
 
@@ -2155,7 +2142,6 @@ static CURLcode ftp_state_mdtm_resp(struct Curl_easy *data,
         if(result)
           return result;
       } /* end of a ridiculous amount of conditionals */
-#endif
     }
     break;
   default:
@@ -2360,7 +2346,6 @@ static CURLcode ftp_state_size_resp(struct Curl_easy *data,
   }
 
   if(instate == FTP_SIZE) {
-#ifdef CURL_FTP_HTTPSTYLE_HEAD
     if(filesize != -1) {
       char clbuf[128];
       int clbuflen = curl_msnprintf(clbuf, sizeof(clbuf),
@@ -2370,7 +2355,6 @@ static CURLcode ftp_state_size_resp(struct Curl_easy *data,
       if(result)
         return result;
     }
-#endif
     Curl_pgrsSetDownloadSize(data, filesize);
     result = ftp_state_rest(data, ftpc, ftp);
   }
@@ -2397,14 +2381,12 @@ static CURLcode ftp_state_rest_resp(struct Curl_easy *data,
   switch(instate) {
   case FTP_REST:
   default:
-#ifdef CURL_FTP_HTTPSTYLE_HEAD
     if(ftpcode == 350) {
       char buffer[24]= { "Accept-ranges: bytes\r\n" };
       result = client_write_header(data, buffer, strlen(buffer));
       if(result)
         return result;
     }
-#endif
     result = ftp_state_prepare_transfer(data, ftpc, ftp);
     break;
 

From 3d9f7b436cd65f67ccdd99d3e5f94e180d546373 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 11 Nov 2025 16:12:21 +0100
Subject: [PATCH 0795/2408] noproxy: simplify Curl_check_noproxy

By creating two separate matching functions for name and IP.

Closes #19466
---
 lib/noproxy.c | 124 +++++++++++++++++++++++++++-----------------------
 1 file changed, 68 insertions(+), 56 deletions(-)

diff --git a/lib/noproxy.c b/lib/noproxy.c
index 20a335993d..b9e8492fd6 100644
--- a/lib/noproxy.c
+++ b/lib/noproxy.c
@@ -117,6 +117,67 @@ enum nametype {
   TYPE_IPV6
 };
 
+static bool match_host(const char *token, size_t tokenlen,
+                       const char *name, size_t namelen)
+{
+  bool match = FALSE;
+
+  /* ignore trailing dots in the token to check */
+  if(token[tokenlen - 1] == '.')
+    tokenlen--;
+
+  if(tokenlen && (*token == '.')) {
+    /* ignore leading token dot as well */
+    token++;
+    tokenlen--;
+  }
+  /* A: example.com matches 'example.com'
+     B: www.example.com matches 'example.com'
+     C: nonexample.com DOES NOT match 'example.com'
+  */
+  if(tokenlen == namelen)
+    /* case A, exact match */
+    match = curl_strnequal(token, name, namelen);
+  else if(tokenlen < namelen) {
+    /* case B, tailmatch domain */
+    match = (name[namelen - tokenlen - 1] == '.') &&
+      curl_strnequal(token, name + (namelen - tokenlen),
+                     tokenlen);
+  }
+  /* case C passes through, not a match */
+  return match;
+}
+
+static bool match_ip(int type, const char *token, size_t tokenlen,
+                     const char *name)
+{
+  const char *check = token;
+  char *slash;
+  unsigned int bits = 0;
+  char checkip[128];
+  if(tokenlen >= sizeof(checkip))
+    /* this cannot match */
+    return FALSE;
+  /* copy the check name to a temp buffer */
+  memcpy(checkip, check, tokenlen);
+  checkip[tokenlen] = 0;
+  check = checkip;
+
+  slash = strchr(check, '/');
+  /* if the slash is part of this token, use it */
+  if(slash) {
+    /* if the bits variable gets a crazy value here, that is fine as
+       the value will then be rejected in the cidr function */
+    bits = (unsigned int)atoi(slash + 1);
+    *slash = 0; /* null-terminate there */
+  }
+  if(type == TYPE_IPV6)
+    return Curl_cidr6_match(name, check, bits);
+  else
+    return Curl_cidr4_match(name, check, bits);
+}
+
+
 /****************************************************************
 * Checks if the host is in the noproxy list. returns TRUE if it matches and
 * therefore the proxy should NOT be used.
@@ -176,7 +237,6 @@ bool Curl_check_noproxy(const char *name, const char *no_proxy)
     while(*p) {
       const char *token;
       size_t tokenlen = 0;
-      bool match = FALSE;
 
       /* pass blanks */
       curlx_str_passblanks(&p);
@@ -189,64 +249,16 @@ bool Curl_check_noproxy(const char *name, const char *no_proxy)
       }
 
       if(tokenlen) {
-        switch(type) {
-        case TYPE_HOST:
-          /* ignore trailing dots in the token to check */
-          if(token[tokenlen - 1] == '.')
-            tokenlen--;
+        bool match = FALSE;
+        if(type == TYPE_HOST)
+          match = match_host(token, tokenlen, name, namelen);
+        else
+          match = match_ip(type, token, tokenlen, name);
 
-          if(tokenlen && (*token == '.')) {
-            /* ignore leading token dot as well */
-            token++;
-            tokenlen--;
-          }
-          /* A: example.com matches 'example.com'
-             B: www.example.com matches 'example.com'
-             C: nonexample.com DOES NOT match 'example.com'
-          */
-          if(tokenlen == namelen)
-            /* case A, exact match */
-            match = curl_strnequal(token, name, namelen);
-          else if(tokenlen < namelen) {
-            /* case B, tailmatch domain */
-            match = (name[namelen - tokenlen - 1] == '.') &&
-              curl_strnequal(token, name + (namelen - tokenlen),
-                             tokenlen);
-          }
-          /* case C passes through, not a match */
-          break;
-        case TYPE_IPV4:
-        case TYPE_IPV6: {
-          const char *check = token;
-          char *slash;
-          unsigned int bits = 0;
-          char checkip[128];
-          if(tokenlen >= sizeof(checkip))
-            /* this cannot match */
-            break;
-          /* copy the check name to a temp buffer */
-          memcpy(checkip, check, tokenlen);
-          checkip[tokenlen] = 0;
-          check = checkip;
-
-          slash = strchr(check, '/');
-          /* if the slash is part of this token, use it */
-          if(slash) {
-            /* if the bits variable gets a crazy value here, that is fine as
-               the value will then be rejected in the cidr function */
-            bits = (unsigned int)atoi(slash + 1);
-            *slash = 0; /* null-terminate there */
-          }
-          if(type == TYPE_IPV6)
-            match = Curl_cidr6_match(name, check, bits);
-          else
-            match = Curl_cidr4_match(name, check, bits);
-          break;
-        }
-        }
         if(match)
           return TRUE;
-      } /* if(tokenlen) */
+      }
+
       /* pass blanks after pattern */
       curlx_str_passblanks(&p);
       /* if not a comma, this ends the loop */

From 8c9946d35fc147cfe7521575686e56dd4134d48e Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 11 Nov 2025 15:53:07 +0100
Subject: [PATCH 0796/2408] ccsidcurl: make curl_mime_data_ccsid() use the
 converted size

dynconvert() now offers to return the size of the converted data as it
might be different that the provided input size.

Bonus: minor indent fixing of some closing braces.

Reported-by: Stanislav Fort (Aisle Research)
Closes #19465
---
 packages/OS400/ccsidcurl.c | 68 ++++++++++++++++++++------------------
 1 file changed, 36 insertions(+), 32 deletions(-)

diff --git a/packages/OS400/ccsidcurl.c b/packages/OS400/ccsidcurl.c
index 9fd11a4cf9..30be1f60f7 100644
--- a/packages/OS400/ccsidcurl.c
+++ b/packages/OS400/ccsidcurl.c
@@ -134,16 +134,16 @@ convert(char *d, size_t dlen, int dccsid,
       memcpy(d, s, i);
 
     return i;
-    }
+  }
 
   if(slen < 0) {
     lslen = 0;
     cd = iconv_open_CCSID(dccsid, sccsid, 1);
-    }
+  }
   else {
     lslen = (size_t) slen;
     cd = iconv_open_CCSID(dccsid, sccsid, 0);
-    }
+  }
 
   if(ICONV_OPEN_ERROR(cd))
     return -1;
@@ -160,7 +160,8 @@ convert(char *d, size_t dlen, int dccsid,
 }
 
 
-static char *dynconvert(int dccsid, const char *s, int slen, int sccsid)
+static char *dynconvert(int dccsid, const char *s, int slen, int sccsid,
+                        int *olen)
 {
   char *d;
   char *cp;
@@ -182,7 +183,7 @@ static char *dynconvert(int dccsid, const char *s, int slen, int sccsid)
   if(l < 0) {
     free(d);
     return (char *) NULL;
-    }
+  }
 
   if(slen < 0) {
     /* Need to null-terminate even when source length is given.
@@ -194,17 +195,19 @@ static char *dynconvert(int dccsid, const char *s, int slen, int sccsid)
     if(l2 < 0) {
       free(d);
       return (char *) NULL;
-      }
+    }
 
     l += l2;
-    }
+  }
 
   if((size_t) l < dlen) {
     cp = realloc(d, l);         /* Shorten to minimum needed. */
 
     if(cp)
       d = cp;
-    }
+  }
+  if(olen)
+    *olen = l;
 
   return d;
 }
@@ -217,7 +220,7 @@ slist_convert(int dccsid, struct curl_slist *from, int sccsid)
 
   for(; from; from = from->next) {
     struct curl_slist *nl;
-    char *cp = dynconvert(dccsid, from->data, -1, sccsid);
+    char *cp = dynconvert(dccsid, from->data, -1, sccsid, NULL);
 
     if(!cp) {
       curl_slist_free_all(to);
@@ -261,7 +264,7 @@ const char *
 curl_to_ccsid(const char *s, unsigned int ccsid)
 {
   if(s)
-    s = dynconvert(ccsid, s, -1, ASCII_CCSID);
+    s = dynconvert(ccsid, s, -1, ASCII_CCSID, NULL);
   return s;
 }
 
@@ -270,7 +273,7 @@ const char *
 curl_from_ccsid(const char *s, unsigned int ccsid)
 {
   if(s)
-    s = dynconvert(ASCII_CCSID, s, -1, ccsid);
+    s = dynconvert(ASCII_CCSID, s, -1, ccsid, NULL);
   return s;
 }
 
@@ -295,7 +298,7 @@ curl_easy_escape_ccsid(CURL *handle, const char *string, int length,
     return (char *) NULL;
     }
 
-  s = dynconvert(ASCII_CCSID, string, length ? length : -1, sccsid);
+  s = dynconvert(ASCII_CCSID, string, length ? length : -1, sccsid, NULL);
 
   if(!s)
     return (char *) NULL;
@@ -306,7 +309,7 @@ curl_easy_escape_ccsid(CURL *handle, const char *string, int length,
   if(!d)
     return (char *) NULL;
 
-  s = dynconvert(dccsid, d, -1, ASCII_CCSID);
+  s = dynconvert(dccsid, d, -1, ASCII_CCSID, NULL);
   free(d);
   return s;
 }
@@ -326,7 +329,7 @@ curl_easy_unescape_ccsid(CURL *handle, const char *string, int length,
     return (char *) NULL;
     }
 
-  s = dynconvert(ASCII_CCSID, string, length ? length : -1, sccsid);
+  s = dynconvert(ASCII_CCSID, string, length ? length : -1, sccsid, NULL);
 
   if(!s)
     return (char *) NULL;
@@ -337,7 +340,7 @@ curl_easy_unescape_ccsid(CURL *handle, const char *string, int length,
   if(!d)
     return (char *) NULL;
 
-  s = dynconvert(dccsid, d, -1, ASCII_CCSID);
+  s = dynconvert(dccsid, d, -1, ASCII_CCSID, NULL);
   free(d);
 
   if(s && outlength)
@@ -378,7 +381,7 @@ curl_getdate_ccsid(const char *p, const time_t *unused, unsigned int ccsid)
   if(!p)
     return curl_getdate(p, unused);
 
-  s = dynconvert(ASCII_CCSID, p, -1, ccsid);
+  s = dynconvert(ASCII_CCSID, p, -1, ccsid, NULL);
 
   if(!s)
     return (time_t) -1;
@@ -407,7 +410,7 @@ convert_version_info_string(const char **stringp,
     *stringp = *bufp;
     *bufp += l;
     *left -= l;
-    }
+  }
 
   return 0;
 }
@@ -471,7 +474,7 @@ curl_version_info_ccsid(CURLversion stamp, unsigned int ccsid)
       n += strlen(p->protocols[nproto++]);
 
     n += nproto++;
-    }
+  }
 
   for(i = 0; i < sizeof(charfields) / sizeof(charfields[0]); i++) {
     cpp = (const char **) ((char *) p + charfields[i]);
@@ -596,7 +599,7 @@ curl_easy_getinfo_ccsid(CURL *curl, CURLINFO info, ...)
       cpp = (char * *) paramp;
 
       if(*cpp) {
-        *cpp = dynconvert(ccsid, *cpp, -1, ASCII_CCSID);
+        *cpp = dynconvert(ccsid, *cpp, -1, ASCII_CCSID, NULL);
 
         if(!*cpp)
           ret = CURLE_OUT_OF_MEMORY;
@@ -1180,7 +1183,7 @@ curl_easy_setopt_ccsid(CURL *easy, CURLoption tag, ...)
     ccsid = va_arg(arg, unsigned int);
 
     if(s) {
-      s = dynconvert(ASCII_CCSID, s, -1, ccsid);
+      s = dynconvert(ASCII_CCSID, s, -1, ccsid, NULL);
 
       if(!s) {
         result = CURLE_OUT_OF_MEMORY;
@@ -1208,7 +1211,7 @@ curl_easy_setopt_ccsid(CURL *easy, CURLoption tag, ...)
 
     if(pfsize == -1) {
       /* Data is null-terminated. */
-      s = dynconvert(ASCII_CCSID, s, -1, ccsid);
+      s = dynconvert(ASCII_CCSID, s, -1, ccsid, NULL);
 
       if(!s) {
         result = CURLE_OUT_OF_MEMORY;
@@ -1343,7 +1346,7 @@ curl_pushheader_bynum_cssid(struct curl_pushheaders *h,
   char *s = curl_pushheader_bynum(h, num);
 
   if(s)
-    d = dynconvert(ccsid, s, -1, ASCII_CCSID);
+    d = dynconvert(ccsid, s, -1, ASCII_CCSID, NULL);
 
   return d;
 }
@@ -1356,14 +1359,14 @@ curl_pushheader_byname_ccsid(struct curl_pushheaders *h, const char *header,
   char *d = (char *) NULL;
 
   if(header) {
-    header = dynconvert(ASCII_CCSID, header, -1, ccsidin);
+    header = dynconvert(ASCII_CCSID, header, -1, ccsidin, NULL);
 
     if(header) {
       char *s = curl_pushheader_byname(h, header);
       free((char *) header);
 
       if(s)
-        d = dynconvert(ccsidout, s, -1, ASCII_CCSID);
+        d = dynconvert(ccsidout, s, -1, ASCII_CCSID, NULL);
     }
   }
 
@@ -1379,7 +1382,7 @@ mime_string_call(curl_mimepart *part, const char *string, unsigned int ccsid,
 
   if(!string)
     return mimefunc(part, string);
-  s = dynconvert(ASCII_CCSID, string, -1, ccsid);
+  s = dynconvert(ASCII_CCSID, string, -1, ccsid, NULL);
   if(!s)
     return CURLE_OUT_OF_MEMORY;
 
@@ -1428,14 +1431,15 @@ curl_mime_data_ccsid(curl_mimepart *part,
 {
   char *s = (char *) NULL;
   CURLcode result;
+  int osize;
 
   if(!data)
     return curl_mime_data(part, data, datasize);
-  s = dynconvert(ASCII_CCSID, data, datasize, ccsid);
+  s = dynconvert(ASCII_CCSID, data, datasize, ccsid, &osize);
   if(!s)
     return CURLE_OUT_OF_MEMORY;
 
-  result = curl_mime_data(part, s, datasize);
+  result = curl_mime_data(part, s, osize);
   free(s);
   return result;
 }
@@ -1454,7 +1458,7 @@ curl_url_get_ccsid(CURLU *handle, CURLUPart what, char **part,
   result = curl_url_get(handle, what, &s, flags);
   if(result == CURLUE_OK) {
     if(s) {
-      *part = dynconvert(ccsid, s, -1, ASCII_CCSID);
+      *part = dynconvert(ccsid, s, -1, ASCII_CCSID, NULL);
       if(!*part)
         result = CURLUE_OUT_OF_MEMORY;
     }
@@ -1472,7 +1476,7 @@ curl_url_set_ccsid(CURLU *handle, CURLUPart what, const char *part,
   CURLUcode result;
 
   if(part) {
-    s = dynconvert(ASCII_CCSID, part, -1, ccsid);
+    s = dynconvert(ASCII_CCSID, part, -1, ccsid, NULL);
     if(!s)
       return CURLUE_OUT_OF_MEMORY;
   }
@@ -1488,7 +1492,7 @@ curl_easy_option_by_name_ccsid(const char *name, unsigned int ccsid)
   const struct curl_easyoption *option = NULL;
 
   if(name) {
-    char *s = dynconvert(ASCII_CCSID, name, -1, ccsid);
+    char *s = dynconvert(ASCII_CCSID, name, -1, ccsid, NULL);
 
     if(s) {
       option = curl_easy_option_by_name(s);
@@ -1507,7 +1511,7 @@ curl_easy_option_get_name_ccsid(const struct curl_easyoption *option,
   char *name = NULL;
 
   if(option && option->name)
-    name = dynconvert(ccsid, option->name, -1, ASCII_CCSID);
+    name = dynconvert(ccsid, option->name, -1, ASCII_CCSID, NULL);
 
   return (const char *) name;
 }
@@ -1521,7 +1525,7 @@ curl_easy_header_ccsid(CURL *easy, const char *name, size_t index,
   CURLHcode result = CURLHE_BAD_ARGUMENT;
 
   if(name) {
-    char *s = dynconvert(ASCII_CCSID, name, -1, ccsid);
+    char *s = dynconvert(ASCII_CCSID, name, -1, ccsid, NULL);
 
     result = CURLHE_OUT_OF_MEMORY;
     if(s) {

From f1f5cc781c33814331b9663c01430ea5afe53e2f Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 11 Nov 2025 16:41:57 +0100
Subject: [PATCH 0797/2408] cf-socket: split out the MTU and GRO setopts into
 sep functions

It simplifies the #ifdefs and declaring of local variables slightly.

Closes #19467
---
 lib/cf-socket.c | 71 ++++++++++++++++++++++++++++---------------------
 1 file changed, 41 insertions(+), 30 deletions(-)

diff --git a/lib/cf-socket.c b/lib/cf-socket.c
index 92fe433a69..667bf1e1be 100644
--- a/lib/cf-socket.c
+++ b/lib/cf-socket.c
@@ -1799,14 +1799,50 @@ out:
   return result;
 }
 
+#ifdef __linux__
+static void linux_quic_mtu(struct cf_socket_ctx *ctx)
+{
+  int val;
+  switch(ctx->addr.family) {
+#ifdef IP_MTU_DISCOVER
+  case AF_INET:
+    val = IP_PMTUDISC_DO;
+    (void)setsockopt(ctx->sock, IPPROTO_IP, IP_MTU_DISCOVER, &val,
+                     sizeof(val));
+    break;
+#endif
+#ifdef IPV6_MTU_DISCOVER
+  case AF_INET6:
+    val = IPV6_PMTUDISC_DO;
+    (void)setsockopt(ctx->sock, IPPROTO_IPV6, IPV6_MTU_DISCOVER, &val,
+                     sizeof(val));
+    break;
+#endif
+  }
+}
+#else
+#define linux_quic_mtu(x)
+#endif
+
+#if defined(UDP_GRO) &&                                                 \
+  (defined(HAVE_SENDMMSG) || defined(HAVE_SENDMSG)) &&                  \
+  ((defined(USE_NGTCP2) && defined(USE_NGHTTP3)) || defined(USE_QUICHE))
+static void linux_quic_gro(struct cf_socket_ctx *ctx)
+{
+  int one = 1;
+  (void)setsockopt(ctx->sock, IPPROTO_UDP, UDP_GRO, &one,
+                   (socklen_t)sizeof(one));
+}
+#else
+#define linux_quic_gro(x)
+#endif
+
+
 static CURLcode cf_udp_setup_quic(struct Curl_cfilter *cf,
                                   struct Curl_easy *data)
 {
   struct cf_socket_ctx *ctx = cf->ctx;
   int rc;
-  int one = 1;
-
-  (void)one;
 
   /* QUIC needs a connected socket, nonblocking */
   DEBUGASSERT(ctx->sock != CURL_SOCKET_BAD);
@@ -1831,33 +1867,8 @@ static CURLcode cf_udp_setup_quic(struct Curl_cfilter *cf,
    * non-blocking socket created by cf_socket_open() to it. Thus, we
    * do not need to call curlx_nonblock() in cf_udp_setup_quic() anymore.
    */
-#ifdef __linux__
-  switch(ctx->addr.family) {
-#ifdef IP_MTU_DISCOVER
-  case AF_INET: {
-    int val = IP_PMTUDISC_DO;
-    (void)setsockopt(ctx->sock, IPPROTO_IP, IP_MTU_DISCOVER, &val,
-                     sizeof(val));
-    break;
-  }
-#endif
-#ifdef IPV6_MTU_DISCOVER
-  case AF_INET6: {
-    int val = IPV6_PMTUDISC_DO;
-    (void)setsockopt(ctx->sock, IPPROTO_IPV6, IPV6_MTU_DISCOVER, &val,
-                     sizeof(val));
-    break;
-  }
-#endif
-  }
-
-#if defined(UDP_GRO) &&                                                       \
-  (defined(HAVE_SENDMMSG) || defined(HAVE_SENDMSG)) &&                        \
-  ((defined(USE_NGTCP2) && defined(USE_NGHTTP3)) || defined(USE_QUICHE))
-  (void)setsockopt(ctx->sock, IPPROTO_UDP, UDP_GRO, &one,
-                   (socklen_t)sizeof(one));
-#endif
-#endif
+  linux_quic_mtu(ctx);
+  linux_quic_gro(ctx);
 
   return CURLE_OK;
 }

From f544eb97da73870dcc3e29b73337bc24c384d8d3 Mon Sep 17 00:00:00 2001
From: Dan Fandrich 
Date: Tue, 11 Nov 2025 00:50:52 -0800
Subject: [PATCH 0798/2408] docs: Line endings are no longer significant in
 test files

Since commit f477f3efc, CR/LF characters in test files are no longer
significant, making the files a little more XML-like.

Closes #19469
---
 docs/tests/FILEFORMAT.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/docs/tests/FILEFORMAT.md b/docs/tests/FILEFORMAT.md
index f100adcf89..8c4d0181e1 100644
--- a/docs/tests/FILEFORMAT.md
+++ b/docs/tests/FILEFORMAT.md
@@ -12,9 +12,9 @@ mark the beginning and the end of all sections, and each label must be written
 in its own line. Comments are either XML-style (enclosed with ``) or shell script style (beginning with `#`) and must appear on their own
 lines and not alongside actual test data. Most test data files are
-syntactically valid XML, although a few files are not (lack of support for
-character entities and the preservation of CR/LF characters at the end of
-lines are the biggest differences).
+syntactically-valid XML (a few files are not); lack of support for character
+entities is a big difference but macros like %CR fill that particular role
+here.
 
 Each test case source exists as a file matching the format
 `tests/data/testNUM`, where `NUM` is the unique test number, and must begin

From d499aa52385a520ddbbb8694af3cd04411a91933 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 11 Nov 2025 11:09:36 +0100
Subject: [PATCH 0799/2408] mk-ca-bundle.pl: use `open()` with argument list to
 replace backticks

On Windows this requires Perl 5.22 from year 2015.

Also:
- mdlinkcheck: delete redundant error handling logic.
  Follow-up to 77be4a7ab2b5a0c633b9107fd286bda1f57e4725 #19437

Closes #19461
---
 scripts/mdlinkcheck     |  4 ----
 scripts/mk-ca-bundle.pl | 18 +++++++++++++-----
 2 files changed, 13 insertions(+), 9 deletions(-)

diff --git a/scripts/mdlinkcheck b/scripts/mdlinkcheck
index 842f0c9766..6b648786f3 100755
--- a/scripts/mdlinkcheck
+++ b/scripts/mdlinkcheck
@@ -145,10 +145,6 @@ sub checkurl {
         @content = <$fh>;
         close $fh;
     }
-    else {
-        print STDERR "FAIL\n";
-        return 1; # fail
-    }
     if(!$content[0]) {
         print STDERR "FAIL\n";
         return 1; # fail
diff --git a/scripts/mk-ca-bundle.pl b/scripts/mk-ca-bundle.pl
index cb0b586093..af31ccd10e 100755
--- a/scripts/mk-ca-bundle.pl
+++ b/scripts/mk-ca-bundle.pl
@@ -247,7 +247,9 @@ sub sha256 {
         close(FILE);
     } else {
         # Use OpenSSL command if Perl Digest::SHA modules not available
-        $result = `"$openssl" dgst -r -sha256 "$_[0]"`;
+        open(my $fh, '-|', $openssl, 'dgst', '-r', '-sha256', $_[0]) or die "Failed running openssl on '$_[0]': $!";
+        $result = <$fh>;  # read first line
+        close $fh;
         $result =~ s/^([0-9a-f]{64}) .+/$1/is;
     }
     return $result;
@@ -311,10 +313,16 @@ if(!$opt_n) {
         if($curl) {
             if($curl =~ /^Protocols:.* https( |$)/m) {
                 report "Get certdata with curl!";
-                my $proto = !$opt_k ? "--proto =https" : "";
-                my $quiet = $opt_q ? "-s" : "";
-                my @out = `curl -Lw %{response_code} $proto $quiet -o "$txt" "$url"`;
-                if(!$? && @out && $out[0] == 200) {
+                my @opts = ();
+                push @opts, '--proto', '=https' if !$opt_k;
+                push @opts, '-s' if $opt_q;
+                my $out = '';
+                if(open(my $fh, '-|', 'curl', '-Lw', '%{response_code}', (@opts), '-o', $txt, $url)) {
+                    $out = <$fh>;  # read first line
+                    chomp $out;
+                    close $fh;
+                }
+                if($out && $out == 200) {
                     $fetched = 1;
                     report "Downloaded $txt";
                 }

From ebc5fea64de5c348f99a487d3f7859b8453f1ebb Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 11 Nov 2025 15:28:36 +0100
Subject: [PATCH 0800/2408] autotools: drop autoconf <2.59 compatibility code
 (zz60-xc-ovr)

The minimum required autoconf is 2.59, since curl 7.76.0 (2021).

Follow-up to a59f04611629f0db9ad8e768b9def73b9b4d9423 #6748

Closes #19464
---
 configure.ac      |  1 -
 m4/zz60-xc-ovr.m4 | 65 -----------------------------------------------
 2 files changed, 66 deletions(-)
 delete mode 100644 m4/zz60-xc-ovr.m4

diff --git a/configure.ac b/configure.ac
index cc16f4120a..e493369b9d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -29,7 +29,6 @@ dnl We don't know the version number "statically" so we use a dash here
 AC_INIT([curl], [-], [a suitable curl mailing list: https://curl.se/mail/])
 
 XC_OVR_ZZ50
-XC_OVR_ZZ60
 CURL_OVERRIDE_AUTOCONF
 
 dnl configure script copyright
diff --git a/m4/zz60-xc-ovr.m4 b/m4/zz60-xc-ovr.m4
deleted file mode 100644
index d1d3a2fd50..0000000000
--- a/m4/zz60-xc-ovr.m4
+++ /dev/null
@@ -1,65 +0,0 @@
-#---------------------------------------------------------------------------
-#
-# zz60-xc-ovr.m4
-#
-# Copyright (C) Daniel Stenberg, 
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-#
-# SPDX-License-Identifier: ISC
-#
-#---------------------------------------------------------------------------
-
-# serial 1
-
-
-dnl The funny name of this file is intentional in order to make it
-dnl sort alphabetically after any libtool, autoconf or automake
-dnl provided .m4 macro file that might get copied into this same
-dnl subdirectory. This allows that macro (re)definitions from this
-dnl file may override those provided in other files.
-
-
-dnl Override an autoconf provided macro
-dnl -------------------------------------------------
-dnl This macro overrides the one provided by autoconf
-dnl 2.58 or newer, and provides macro definition for
-dnl autoconf 2.57 or older which lack it. This allows
-dnl using libtool 2.2 or newer, which requires that
-dnl this macro is used in configure.ac, with autoconf
-dnl 2.57 or older.
-
-m4_ifdef([AC_CONFIG_MACRO_DIR],
-[dnl
-m4_undefine([AC_CONFIG_MACRO_DIR])dnl
-])
-m4_define([AC_CONFIG_MACRO_DIR],[])
-
-
-dnl XC_OVR_ZZ60
-dnl -------------------------------------------------
-dnl Placing a call to this macro in configure.ac will
-dnl make macros in this file visible to other macros
-dnl used for same configure script, overriding those
-dnl provided elsewhere.
-
-AC_DEFUN([XC_OVR_ZZ60],
-[dnl
-AC_BEFORE([$0],[LT_INIT])dnl
-AC_BEFORE([$0],[AM_INIT_AUTOMAKE])dnl
-AC_BEFORE([$0],[AC_LIBTOOL_WIN32_DLL])dnl
-AC_BEFORE([$0],[AC_PROG_LIBTOOL])dnl
-dnl
-AC_BEFORE([$0],[AC_CONFIG_MACRO_DIR])dnl
-AC_BEFORE([$0],[AC_CONFIG_MACRO_DIRS])dnl
-])

From 4841e4290dfca768328401522f319225e819824c Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 11 Nov 2025 17:43:06 +0100
Subject: [PATCH 0801/2408] badwords: re-sync with curl-www, fix issues found

Also:
- replace `manpage` with `man page`, add to `badwords.txt`.
- badwords.pl: import `-w` feature from curl-www, syncing the two
  scripts fully.
- badwords.txt: import missing items from curl-www, syncing the two
  files fully.
- pyspelling.words: drop `cURL` allowed word.

Closes #19468
---
 .github/scripts/badwords.pl      | 28 +++++++++++++++++++++++++++-
 .github/scripts/badwords.txt     | 12 +++++++++---
 .github/scripts/pyspelling.words |  1 -
 README.md                        |  4 ++--
 docs/BINDINGS.md                 |  4 ++--
 docs/CONTRIBUTE.md               |  6 +++---
 docs/DISTROS.md                  |  6 +++---
 docs/FAQ                         | 16 ++++++++--------
 docs/IPFS.md                     | 22 +++++++++++-----------
 docs/cmdline-opts/Makefile.am    |  2 +-
 include/curl/easy.h              |  2 +-
 include/curl/multi.h             |  2 +-
 lib/asyn-ares.c                  |  2 +-
 lib/vtls/openssl.c               |  4 ++--
 scripts/cd2nroff                 |  4 ++--
 scripts/managen                  |  8 ++++----
 src/tool_getparam.c              |  2 +-
 tests/data/test1140              |  2 +-
 tests/data/test1488              |  2 +-
 tests/data/test1705              |  4 ++--
 tests/ech_tests.sh               |  2 +-
 tests/libtest/lib1592.c          |  2 +-
 tests/test1139.pl                |  8 ++++----
 tests/test1140.pl                |  8 ++++----
 tests/test1173.pl                | 12 ++++++------
 tests/test1222.pl                | 20 ++++++++++----------
 tests/test1477.pl                |  2 +-
 27 files changed, 109 insertions(+), 78 deletions(-)

diff --git a/.github/scripts/badwords.pl b/.github/scripts/badwords.pl
index b9b20697f5..c6229f4ad4 100755
--- a/.github/scripts/badwords.pl
+++ b/.github/scripts/badwords.pl
@@ -21,6 +21,24 @@ my @whitelist;
 my %alt;
 my %exactcase;
 
+my %wl;
+if($ARGV[0] eq "-w") {
+    shift @ARGV;
+    my $file = shift @ARGV;
+    open(W, "<$file");
+    while() {
+        if(/^#/) {
+            # allow #-comments
+            next;
+        }
+        if(/^([^:]*):(\d+):(.*)/) {
+            $wl{"$1:$2:$3"}=1;
+            #print STDERR "whitelisted $1:$2:$3\n";
+        }
+    }
+    close(W);
+}
+
 my @w;
 while() {
     chomp;
@@ -30,7 +48,7 @@ while() {
     if($_ =~ /^---(.*)/) {
         push @whitelist, $1;
     }
-    elsif($_ =~ /^([^:=]*)([:=])(.*)/) {
+    elsif($_ =~ /^(.*)([:=])(.*)/) {
         my ($bad, $sep, $better)=($1, $2, $3);
         push @w, $bad;
         $alt{$bad} = $better;
@@ -67,6 +85,14 @@ sub file {
                ($in =~ /^(.*)$w/ && $case) ) {
                 my $p = $1;
                 my $c = length($p)+1;
+
+                my $ch = "$f:$l:$w";
+                if($wl{$ch}) {
+                    # whitelisted
+                    print STDERR "$ch found but whitelisted\n";
+                    next;
+                }
+
                 print STDERR  "$f:$l:$c: error: found bad word \"$w\"\n";
                 printf STDERR " %4d | $in\n", $l;
                 printf STDERR "      | %*s^%s\n", length($p), " ",
diff --git a/.github/scripts/badwords.txt b/.github/scripts/badwords.txt
index 492ea32537..7f6bca32b6 100644
--- a/.github/scripts/badwords.txt
+++ b/.github/scripts/badwords.txt
@@ -3,7 +3,7 @@
 # SPDX-License-Identifier: curl
 #
 back-end:backend
-e-mail:email
+\be-mail[^/]:email
 run-time:runtime
 set-up:setup
 tool chain:toolchain
@@ -36,7 +36,7 @@ aren't:are not
  a IPv4: an IPv4
  a IPv6: an IPv6
  url =URL
-internet\b=Internet
+[^/]internet\b=Internet
 isation:ization
 \bit's:it is
 it'd:it would
@@ -47,12 +47,14 @@ there's:there is
 \. So : Rewrite without "so" ?
  dir :directory
 sub-director:subdirector
+you'd:you would
+you'll:you will
 can't:cannot
 that's:that is
 web page:webpage
 host name\b:hostname
 host names\b:hostnames
-file name\b:filename
+[^;]file name\b:filename
 file names\b:filenames
 \buser name\b:username
 \buser names\b:usernames
@@ -70,7 +72,11 @@ couldn't:could not
 32-bits:32 bits or 32-bit
 \bvery\b:rephrase using an alternative word
 \bCurl\b=curl
+\bcURL\b=curl
 \bLibcurl\b=libcurl
+\bLibCurl\b=libcurl
 ---WWW::Curl
 ---NET::Curl
 ---Curl Corporation
+\bmanpages[^./&:-]:man pages
+\bmanpage[^si./&:-]:man page
diff --git a/.github/scripts/pyspelling.words b/.github/scripts/pyspelling.words
index f64025b2ad..5dbce13227 100644
--- a/.github/scripts/pyspelling.words
+++ b/.github/scripts/pyspelling.words
@@ -149,7 +149,6 @@ CSeq
 csh
 cshrc
 CTRL
-cURL
 CURLcode
 curldown
 CURLE
diff --git a/README.md b/README.md
index e61924673a..2fe5316281 100644
--- a/README.md
+++ b/README.md
@@ -12,7 +12,7 @@ HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP,
 SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS.
 
 Learn how to use curl by reading [the
-manpage](https://curl.se/docs/manpage.html) or [everything
+man page](https://curl.se/docs/manpage.html) or [everything
 curl](https://everything.curl.dev/).
 
 Find out how to install curl by reading [the INSTALL
@@ -20,7 +20,7 @@ document](https://curl.se/docs/install.html).
 
 libcurl is the library curl is using to do its job. It is readily available to
 be used by your software. Read [the libcurl
-manpage](https://curl.se/libcurl/c/libcurl.html) to learn how.
+man page](https://curl.se/libcurl/c/libcurl.html) to learn how.
 
 ## Open Source
 
diff --git a/docs/BINDINGS.md b/docs/BINDINGS.md
index b7074a2275..9ddbde5c42 100644
--- a/docs/BINDINGS.md
+++ b/docs/BINDINGS.md
@@ -73,7 +73,7 @@ Go: [go-curl](https://github.com/andelf/go-curl) by ShuYu Wang
 
 [LibQurl](https://github.com/Qriist/LibQurl) a feature rich AutoHotKey v2 (AHKv2) wrapper around libcurl.
 
-Lua: [luacurl](https://web.archive.org/web/20201205052437/luacurl.luaforge.net/) by Alexander Marinov, [Lua-cURL](https://github.com/Lua-cURL) by Jürgen Hötzel
+Lua: [luacurl](https://web.archive.org/web/20201205052437/luacurl.luaforge.net/) by Alexander Marinov, [Lua-curl](https://github.com/Lua-cURL) by Jürgen Hötzel
 
 [Mono](https://web.archive.org/web/20070606064500/forge.novell.com/modules/xfmod/project/?libcurl-mono) Written by Jeffrey Phillips
 
@@ -98,7 +98,7 @@ Bailiff and Bálint Szilakszi,
 
 [PostgreSQL](https://github.com/pramsey/pgsql-http) - HTTP client for PostgreSQL
 
-[PostgreSQL](https://github.com/RekGRpth/pg_curl) - cURL client for PostgreSQL
+[PostgreSQL](https://github.com/RekGRpth/pg_curl) - curl client for PostgreSQL
 
 [PureBasic](https://web.archive.org/web/20250325015028/www.purebasic.com/documentation/http/index.html) uses libcurl in its "native" HTTP subsystem
 
diff --git a/docs/CONTRIBUTE.md b/docs/CONTRIBUTE.md
index 710b3a1ef8..4a34a539bb 100644
--- a/docs/CONTRIBUTE.md
+++ b/docs/CONTRIBUTE.md
@@ -111,8 +111,8 @@ projects but someone's gotta do it. It makes things a lot easier if you submit
 a small description of your fix or your new features with every contribution
 so that it can be swiftly added to the package documentation.
 
-Documentation is mostly provided as manpages or plain ASCII files. The
-manpages are rendered from their source files that are usually written using
+Documentation is mostly provided as man pages or plain ASCII files. The
+man pages are rendered from their source files that are usually written using
 markdown. Most HTML files on the website and in the release archives are
 generated from corresponding markdown and ASCII files.
 
@@ -289,7 +289,7 @@ Just ask if this is what you would want. You are required to have posted
 several high quality patches first, before you can be granted push access.
 
 ## Useful resources
- - [Webinar on getting code into cURL](https://www.youtube.com/watch?v=QmZ3W1d6LQI)
+ - [Webinar on getting code into curl](https://www.youtube.com/watch?v=QmZ3W1d6LQI)
 
 # Update copyright and license information
 
diff --git a/docs/DISTROS.md b/docs/DISTROS.md
index e852b797d2..40a9bf5716 100644
--- a/docs/DISTROS.md
+++ b/docs/DISTROS.md
@@ -188,9 +188,9 @@ unless it is specific to Homebrew's way of packaging software.
 
 *Rolling Release*
 
-- curl: https://github.com/lordmulder/cURL-build-win32
-- curl issues: https://github.com/lordmulder/cURL-build-win32/issues
-- curl patches: https://github.com/lordmulder/cURL-build-win32/tree/master/patch
+- curl: https://github.com/lordmulder/curl-build-win32
+- curl issues: https://github.com/lordmulder/curl-build-win32/issues
+- curl patches: https://github.com/lordmulder/curl-build-win32/tree/master/patch
 
 ## NixOS
 
diff --git a/docs/FAQ b/docs/FAQ
index 640dc1ab2a..6ba339c7d5 100644
--- a/docs/FAQ
+++ b/docs/FAQ
@@ -7,7 +7,7 @@
 FAQ
 
  1. Philosophy
-  1.1 What is cURL?
+  1.1 What is curl?
   1.2 What is libcurl?
   1.3 What is curl not?
   1.4 When will you make curl do XXXX ?
@@ -123,15 +123,15 @@ FAQ
 
 1. Philosophy
 
-  1.1 What is cURL?
+  1.1 What is curl?
 
-  cURL is the name of the project. The name is a play on 'Client for URLs',
+  curl is the name of the project. The name is a play on 'Client for URLs',
   originally with URL spelled in uppercase to make it obvious it deals with
   URLs. The fact it can also be read as 'see URL' also helped, it works as
   an abbreviation for "Client URL Request Library" or why not the recursive
   version: "curl URL Request Library".
 
-  The cURL project produces two products:
+  The curl project produces two products:
 
   libcurl
 
@@ -247,7 +247,7 @@ FAQ
 
   1.6 What do you get for making curl?
 
-  Project cURL is entirely free and open. We do this voluntarily, mostly in
+  Project curl is entirely free and open. We do this voluntarily, mostly in
   our spare time. Companies may pay individual developers to work on curl.
   This is not controlled by nor supervised in any way by the curl project.
 
@@ -326,7 +326,7 @@ FAQ
 
   1.11 Why do you not update ca-bundle.crt
 
-  In the cURL project we have decided not to attempt to keep this file updated
+  In the curl project we have decided not to attempt to keep this file updated
   (or even present) since deciding what to add to a ca cert bundle is an
   undertaking we have not been ready to accept, and the one we can get from
   Mozilla is perfectly fine so there is no need to duplicate that work.
@@ -548,7 +548,7 @@ FAQ
   https://curl.se/libcurl/
 
   All the various bindings to libcurl are made by other projects and people,
-  outside of the cURL project. The cURL project itself only produces libcurl
+  outside of the curl project. The curl project itself only produces libcurl
   with its plain C API. If you do not find anywhere else to ask you can ask
   about bindings on the curl-library list too, but be prepared that people on
   that list may not know anything about bindings.
@@ -1496,7 +1496,7 @@ FAQ
   The module for PHP that makes it possible for PHP programs to access curl-
   functions from within PHP.
 
-  In the cURL project we call this module PHP/CURL to differentiate it from
+  In the curl project we call this module PHP/CURL to differentiate it from
   curl the command line tool and libcurl the library. The PHP team however
   does not refer to it like this (for unknown reasons). They call it plain
   CURL (often using all caps) or sometimes ext/curl, but both cause much
diff --git a/docs/IPFS.md b/docs/IPFS.md
index 82dae94399..8ce51325bf 100644
--- a/docs/IPFS.md
+++ b/docs/IPFS.md
@@ -43,9 +43,9 @@ in this link:
 
 `http://127.0.0.1:8080/ipfs/bafybeigagd5nmnn2iys2f3doro7ydrevyr2mzarwidgadawmamiteydbzi`
 
-## cURL handling of the IPFS protocols
+## curl handling of the IPFS protocols
 
-The IPFS integration in cURL hides this gateway logic for you. Instead of
+The IPFS integration in curl hides this gateway logic for you. Instead of
 providing a full URL to a file on IPFS like this:
 
 ```
@@ -57,7 +57,7 @@ You can provide it with the IPFS protocol instead:
 curl ipfs://bafybeigagd5nmnn2iys2f3doro7ydrevyr2mzarwidgadawmamiteydbzi
 ```
 
-With the IPFS protocol way of asking a file, cURL still needs to know the
+With the IPFS protocol way of asking a file, curl still needs to know the
 gateway. curl essentially just rewrites the IPFS based URL to a gateway URL.
 
 ### IPFS_GATEWAY environment variable
@@ -67,7 +67,7 @@ gateway.
 
 ### Automatic gateway detection
 
-When you provide no additional details to cURL then it:
+When you provide no additional details to curl then it:
 
 1. First looks for the `IPFS_GATEWAY` environment variable and use that if it
    is set.
@@ -75,12 +75,12 @@ When you provide no additional details to cURL then it:
    means that you have a local gateway running and that file contains the URL
    to your local gateway.
 
-If cURL fails, you are presented with an error message and a link to this page
+If curl fails, you are presented with an error message and a link to this page
 to the option most applicable to solving the issue.
 
 ### `--ipfs-gateway` argument
 
-You can also provide a `--ipfs-gateway` argument to cURL. This overrules any
+You can also provide a `--ipfs-gateway` argument to curl. This overrules any
 other gateway setting. curl does not fallback to the other options if the
 provided gateway did not work.
 
@@ -107,21 +107,21 @@ option follows the redirect.
 
 ## Error messages and hints
 
-Depending on the arguments, cURL could present the user with an error.
+Depending on the arguments, curl could present the user with an error.
 
 ### Gateway file and environment variable
 
-cURL tried to look for the file: `~/.ipfs/gateway` but could not find it. It
+curl tried to look for the file: `~/.ipfs/gateway` but could not find it. It
 also tried to look for the `IPFS_GATEWAY` environment variable but could not
-find that either. This happens when no extra arguments are passed to cURL and
+find that either. This happens when no extra arguments are passed to curl and
 letting it try to figure it out [automatically](#automatic-gateway-detection).
 
 Any IPFS implementation that has gateway support should expose its URL in
 `~/.ipfs/gateway`. If you are already running a gateway, make sure it exposes
-the file where cURL expects to find it.
+the file where curl expects to find it.
 
 Alternatively you could set the `IPFS_GATEWAY` environment variable or pass
-the `--ipfs-gateway` flag to the cURL command.
+the `--ipfs-gateway` flag to the curl command.
 
 ### Malformed gateway URL
 
diff --git a/docs/cmdline-opts/Makefile.am b/docs/cmdline-opts/Makefile.am
index e016be286c..019dd57b8a 100644
--- a/docs/cmdline-opts/Makefile.am
+++ b/docs/cmdline-opts/Makefile.am
@@ -40,7 +40,7 @@ GN_ = $(GN_0)
 MANAGEN=$(top_srcdir)/scripts/managen
 MAXLINE=$(top_srcdir)/scripts/maxline
 
-# Maximum number of columns accepted in the ASCII version of the manpage
+# Maximum number of columns accepted in the ASCII version of the man page
 INCDIR=$(top_srcdir)/include
 
 if BUILD_DOCS
diff --git a/include/curl/easy.h b/include/curl/easy.h
index fa13564937..8a1d68dfd8 100644
--- a/include/curl/easy.h
+++ b/include/curl/easy.h
@@ -50,7 +50,7 @@ CURL_EXTERN void curl_easy_cleanup(CURL *curl);
  *
  * Request internal information from the curl session with this function.
  * The third argument MUST be pointing to the specific type of the used option
- * which is documented in each manpage of the option. The data pointed to
+ * which is documented in each man page of the option. The data pointed to
  * will be filled in accordingly and can be relied upon only if the function
  * returns CURLE_OK. This function is intended to get used *AFTER* a performed
  * transfer, all results from this function are undefined until the transfer
diff --git a/include/curl/multi.h b/include/curl/multi.h
index 4e30637ef5..e307b98f4c 100644
--- a/include/curl/multi.h
+++ b/include/curl/multi.h
@@ -278,7 +278,7 @@ CURL_EXTERN const char *curl_multi_strerror(CURLMcode);
  * Desc:    An alternative version of curl_multi_perform() that allows the
  *          application to pass in one of the file descriptors that have been
  *          detected to have "action" on them and let libcurl perform.
- *          See manpage for details.
+ *          See man page for details.
  */
 #define CURL_POLL_NONE   0
 #define CURL_POLL_IN     1
diff --git a/lib/asyn-ares.c b/lib/asyn-ares.c
index 09c94f97b8..96768feb11 100644
--- a/lib/asyn-ares.c
+++ b/lib/asyn-ares.c
@@ -88,7 +88,7 @@
 /* How long we are willing to wait for additional parallel responses after
    obtaining a "definitive" one. For old c-ares without getaddrinfo.
 
-   This is intended to equal the c-ares default timeout. cURL always uses that
+   This is intended to equal the c-ares default timeout. curl always uses that
    default value. Unfortunately, c-ares does not expose its default timeout in
    its API, but it is officially documented as 5 seconds.
 
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 5c2711c587..2c6c05e53d 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -2395,7 +2395,7 @@ static CURLcode ossl_verifyhost(struct Curl_easy *data,
 
         switch(target) {
         case GEN_DNS: /* name/pattern comparison */
-          /* The OpenSSL manpage explicitly says: "In general it cannot be
+          /* The OpenSSL man page explicitly says: "In general it cannot be
              assumed that the data returned by ASN1_STRING_data() is null
              terminated or does not contain embedded nulls." But also that
              "The actual format of the data will depend on the actual string
@@ -4126,7 +4126,7 @@ CURLcode Curl_ossl_ctx_init(struct ossl_ctx *octx,
 
   /* OpenSSL contains code to work around lots of bugs and flaws in various
      SSL-implementations. SSL_CTX_set_options() is used to enabled those
-     work-arounds. The manpage for this option states that SSL_OP_ALL enables
+     work-arounds. The man page for this option states that SSL_OP_ALL enables
      all the work-arounds and that "It is usually safe to use SSL_OP_ALL to
      enable the bug workaround options if compatibility with somewhat broken
      implementations is desired."
diff --git a/scripts/cd2nroff b/scripts/cd2nroff
index 950011173b..992cf37b5a 100755
--- a/scripts/cd2nroff
+++ b/scripts/cd2nroff
@@ -25,7 +25,7 @@
 
 =begin comment
 
-Converts a curldown file to nroff (manpage).
+Converts a curldown file to nroff (man page).
 
 =end comment
 =cut
@@ -431,7 +431,7 @@ sub single {
         # convert backslash-'<' or '> to just the second character
         $d =~ s/\\([<>])/$1/g;
 
-        # mentions of curl symbols with manpages use italics by default
+        # mentions of curl symbols with man pages use italics by default
         $d =~ s/((lib|)curl([^ ]*\(3\)))/\\fI$1\\fP/gi;
 
         # backticked becomes italics
diff --git a/scripts/managen b/scripts/managen
index 0c75148fd1..6099f0ff4d 100755
--- a/scripts/managen
+++ b/scripts/managen
@@ -25,7 +25,7 @@
 
 =begin comment
 
-This script generates the manpage.
+This script generates the man page.
 
 Example: managen  [files] > curl.1
 
@@ -64,7 +64,7 @@ my $globals;
 my $error = 0;
 my $indent = 4;
 
-# get the long name version, return the manpage string
+# get the long name version, return the man page string
 sub manpageify {
     my ($k, $manpage)=@_;
     my $trail = '';
@@ -412,7 +412,7 @@ sub render {
                 print STDERR "$f:$line:1:WARN: un-escaped < or > used: $nontick\n";
             }
 
-            # if there is a space, it needs quotes for manpage
+            # if there is a space, it needs quotes for man page
             if(($word =~ / /) && $manpage) {
                 $word = "\"$word\"";
             }
@@ -1253,7 +1253,7 @@ sub mainpage {
 .\\" *
 .\\" **************************************************************************
 .\\"
-.\\" DO NOT EDIT. Generated by the curl project managen manpage generator.
+.\\" DO NOT EDIT. Generated by the curl project managen man page generator.
 .\\"
 .TH curl 1 "$date" "curl $version" "curl Manual"
 HEADER
diff --git a/src/tool_getparam.c b/src/tool_getparam.c
index 5624d3cd76..8d5d89a752 100644
--- a/src/tool_getparam.c
+++ b/src/tool_getparam.c
@@ -1400,7 +1400,7 @@ static ParameterError parse_range(struct OperationConfig *config,
   if(!curlx_str_number(&nextarg, &value, CURL_OFF_T_MAX) &&
      curlx_str_single(&nextarg, '-')) {
     /* Specifying a range WITHOUT A DASH will create an illegal HTTP range
-       (and will not actually be range by definition). The manpage previously
+       (and will not actually be range by definition). The man page previously
        claimed that to be a good way, why this code is added to work-around
        it. */
     char buffer[32];
diff --git a/tests/data/test1140 b/tests/data/test1140
index 01b1e0309a..3c29fb5c3f 100644
--- a/tests/data/test1140
+++ b/tests/data/test1140
@@ -11,7 +11,7 @@ documentation
 # Client-side
 
 
-Verify the nroff of manpages
+Verify the nroff of man pages
 
 
 
diff --git a/tests/data/test1488 b/tests/data/test1488
index 9b326ed131..f2e92a5053 100644
--- a/tests/data/test1488
+++ b/tests/data/test1488
@@ -11,7 +11,7 @@ manpages
 # Client-side
 
 
-symbols-in-versions and manpages agree on added-in versions
+symbols-in-versions and man pages agree on added-in versions
 
 
 
diff --git a/tests/data/test1705 b/tests/data/test1705
index 26ddf3d4ad..c85886b96a 100644
--- a/tests/data/test1705
+++ b/tests/data/test1705
@@ -12,7 +12,7 @@ managen
 
 
 
-managen makes manpage
+managen makes man page
 
 
 
@@ -191,7 +191,7 @@ option2.md:15:1:WARN: see-also a non-existing option: proto-default
 .\" *
 .\" **************************************************************************
 .\"
-.\" DO NOT EDIT. Generated by the curl project managen manpage generator.
+.\" DO NOT EDIT. Generated by the curl project managen man page generator.
 .\"
 .TH curl 1 "%DATE" "curl %VERNUM" "curl Manual"
 .SH DESCRIPTION
diff --git a/tests/ech_tests.sh b/tests/ech_tests.sh
index 9123bbc096..f55a0f12ec 100755
--- a/tests/ech_tests.sh
+++ b/tests/ech_tests.sh
@@ -308,7 +308,7 @@ fi
   echo "have_portsblocked: $have_portsblocked"
 } >> "$logfile"
 
-echo "curl: have $have_curl, cURL command: |$CURL ${CURL_PARAMS[*]}|"
+echo "curl: have $have_curl, curl command: |$CURL ${CURL_PARAMS[*]}|"
 echo "ossl: have: $have_ossl, using: $using_ossl"
 echo "wolf: have: $have_wolf, using: $using_wolf"
 echo "bssl: have: $have_bssl, using: $using_bssl"
diff --git a/tests/libtest/lib1592.c b/tests/libtest/lib1592.c
index 7e23d576bf..1a36c4a925 100644
--- a/tests/libtest/lib1592.c
+++ b/tests/libtest/lib1592.c
@@ -26,7 +26,7 @@
  *
  * This test case checks whether curl_multi_remove_handle() cancels
  * asynchronous DNS resolvers without blocking where possible.  Obviously, it
- * only tests whichever resolver cURL is actually built with.
+ * only tests whichever resolver curl is actually built with.
  */
 
 /* We're willing to wait a very generous two seconds for the removal.  This is
diff --git a/tests/test1139.pl b/tests/test1139.pl
index cebf58ccf2..e2eb8946eb 100755
--- a/tests/test1139.pl
+++ b/tests/test1139.pl
@@ -24,12 +24,12 @@
 ###########################################################################
 #
 # Scan symbols-in-version (which is verified to be correct by test 1119), then
-# verify that each option mention in there that should have its own manpage
+# verify that each option mention in there that should have its own man page
 # actually does.
 #
 # In addition, make sure that every current option to curl_easy_setopt,
 # curl_easy_getinfo and curl_multi_setopt are also mentioned in their
-# corresponding main (index) manpage.
+# corresponding main (index) man page.
 #
 # src/tool_getparam.c lists all options curl can parse
 # docs/curl.1 documents all command line options
@@ -229,8 +229,8 @@ while(<$r>) {
 close($r);
 
 #########################################################################
-# parse the curl.1 manpage, extract all documented command line options
-# The manpage may or may not be rebuilt, so check both possible locations
+# parse the curl.1 man page, extract all documented command line options
+# The man page may or may not be rebuilt, so check both possible locations
 open($r, "<", "$buildroot/docs/cmdline-opts/curl.1") || open($r, "<", "$root/docs/cmdline-opts/curl.1") ||
     die "failed getting curl.1";
 my @manpage; # store all parsed parameters
diff --git a/tests/test1140.pl b/tests/test1140.pl
index 8900ef439f..7890ce58f6 100755
--- a/tests/test1140.pl
+++ b/tests/test1140.pl
@@ -23,8 +23,8 @@
 #
 ###########################################################################
 #
-# scan manpages to find basic syntactic problems such as unbalanced \f
-# codes or references to non-existing curl manpages.
+# scan man pages to find basic syntactic problems such as unbalanced \f
+# codes or references to non-existing curl man pages.
 
 use strict;
 use warnings;
@@ -81,7 +81,7 @@ sub file {
                 my $man = "$1.3";
                 $man =~ s/\\//g; # cut off backslashes
                 if(!manpresent($man)) {
-                    print "error: $f:$line: referring to non-existing manpage $man\n";
+                    print "error: $f:$line: referring to non-existing man page $man\n";
                     $errors++;
                 }
                 if($pre ne "I") {
@@ -100,7 +100,7 @@ sub file {
                 my $man = "$1.3";
                 $man =~ s/\\//g; # cut off backslashes
                 if(!manpresent($man)) {
-                    print "error: $f:$line: referring to non-existing manpage $man\n";
+                    print "error: $f:$line: referring to non-existing man page $man\n";
                     $errors++;
                 }
             }
diff --git a/tests/test1173.pl b/tests/test1173.pl
index 9b384ded78..19bcd1af8c 100755
--- a/tests/test1173.pl
+++ b/tests/test1173.pl
@@ -23,7 +23,7 @@
 #
 ###########################################################################
 #
-# Scan manpage(s) and detect some simple and yet common formatting mistakes.
+# Scan man page(s) and detect some simple and yet common formatting mistakes.
 #
 # Output all deviances to stderr.
 
@@ -148,7 +148,7 @@ sub scanmanpage {
     open(my $m, "<", "$file") ||
         die "test1173.pl could not open $file";
     if($file =~ /[\/\\](CURL|curl_)([^\/\\]*).3/) {
-        # This is a manpage for libcurl. It requires an example unless it's
+        # This is a man page for libcurl. It requires an example unless it's
         # considered deprecated.
         $reqex = 1 unless defined $deprecated{'CURL'.$2};
         if($1 eq "CURL") {
@@ -159,12 +159,12 @@ sub scanmanpage {
     while(<$m>) {
         chomp;
         if($_ =~ /^.so /) {
-            # this manpage is just a referral
+            # this man page is just a referral
             close($m);
             return;
         }
         if(($_ =~ /^\.SH SYNOPSIS/i) && ($reqex)) {
-            # this is for libcurl manpage SYNOPSIS checks
+            # this is for libcurl man page SYNOPSIS checks
             $insynop = 1;
             $inexample = 0;
         }
@@ -269,7 +269,7 @@ sub scanmanpage {
 
         if($optpage && $SH && ($SH !~ /^(SYNOPSIS|EXAMPLE|NAME|SEE ALSO)/i) &&
            ($_ =~ /(.*)(CURL(OPT_|MOPT_|INFO_|SHOPT_)[A-Z0-9_]*)/)) {
-            # an option with its own manpage, check that it is tagged
+            # an option with its own man page, check that it is tagged
             # for linking
             my ($pref, $symbol) = ($1, $2);
             if($deprecated{$symbol}) {
@@ -318,7 +318,7 @@ sub scanmanpage {
         }
 
         if($shcount < 3) {
-            print STDERR "$file:$line too few manpage sections!\n";
+            print STDERR "$file:$line too few man page sections!\n";
             $errors++;
             return;
         }
diff --git a/tests/test1222.pl b/tests/test1222.pl
index 0d9d6fdd32..8186d63511 100755
--- a/tests/test1222.pl
+++ b/tests/test1222.pl
@@ -25,7 +25,7 @@
 ###########################################################################
 #
 # Check that the deprecated statuses of functions and enum values in header
-# files, manpages and symbols-in-versions are in sync.
+# files, man pages and symbols-in-versions are in sync.
 
 use strict;
 use warnings;
@@ -48,8 +48,8 @@ my $errcode = 0;
 #     x.yy.z  Deprecated in version x.yy.z
 my %syminver;       # Symbols-in-versions deprecations.
 my %hdr;            # Public header files deprecations.
-my %funcman;        # Function manpages deprecations.
-my %optman;         # Option manpages deprecations.
+my %funcman;        # Function man pages deprecations.
+my %optman;         # Option man pages deprecations.
 
 
 # Scan header file for public function and enum values. Flag them with
@@ -144,7 +144,7 @@ sub scan_header {
     close $h;
 }
 
-# Scan function manpage for options.
+# Scan function man page for options.
 # Each option has to be declared as ".IP 
 
 
diff --git a/tests/libtest/lib557.c b/tests/libtest/lib557.c
index 84f6120211..ba796f1ceb 100644
--- a/tests/libtest/lib557.c
+++ b/tests/libtest/lib557.c
@@ -1495,9 +1495,9 @@ static int test_oct_hex_formatting(void)
 #endif
 
   if(!errors)
-    curl_mprintf("All curl_mprintf() octal & hexadecimal tests OK!\n");
+    curl_mprintf("All curl_mprintf() octal and hexadecimal tests OK!\n");
   else
-    curl_mprintf("Some curl_mprintf() octal & hexadecimal tests Failed!\n");
+    curl_mprintf("Some curl_mprintf() octal or hexadecimal tests Failed!\n");
 
   return errors;
 }

From d077d5473dbb5c8d5206b98ff071f1a14cced5de Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 12 Nov 2025 16:05:52 +0100
Subject: [PATCH 0817/2408] test1554: make test output XML-friendly

Meaning no `<` and `>` characters.
Reducing the number of `xmllint` failures by 1.

Closes #19496
---
 tests/data/test1554     | 92 ++++++++++++++++++++---------------------
 tests/libtest/lib1554.c |  4 +-
 2 files changed, 48 insertions(+), 48 deletions(-)

diff --git a/tests/data/test1554 b/tests/data/test1554
index 2f4b6d5629..43886f68a9 100644
--- a/tests/data/test1554
+++ b/tests/data/test1554
@@ -19,55 +19,55 @@ Content-Length: 29
 run 1: foobar and so on fun!
 
 
--> Mutex lock SHARE
-<- Mutex unlock SHARE
--> Mutex lock CONNECT
-<- Mutex unlock CONNECT
--> Mutex lock CONNECT
-<- Mutex unlock CONNECT
--> Mutex lock CONNECT
-<- Mutex unlock CONNECT
--> Mutex lock CONNECT
-<- Mutex unlock CONNECT
+-] Mutex lock SHARE
+[- Mutex unlock SHARE
+-] Mutex lock CONNECT
+[- Mutex unlock CONNECT
+-] Mutex lock CONNECT
+[- Mutex unlock CONNECT
+-] Mutex lock CONNECT
+[- Mutex unlock CONNECT
+-] Mutex lock CONNECT
+[- Mutex unlock CONNECT
 run 1: foobar and so on fun!
--> Mutex lock CONNECT
-<- Mutex unlock CONNECT
--> Mutex lock CONNECT
-<- Mutex unlock CONNECT
--> Mutex lock SHARE
-<- Mutex unlock SHARE
--> Mutex lock SHARE
-<- Mutex unlock SHARE
--> Mutex lock CONNECT
-<- Mutex unlock CONNECT
--> Mutex lock CONNECT
-<- Mutex unlock CONNECT
--> Mutex lock CONNECT
-<- Mutex unlock CONNECT
+-] Mutex lock CONNECT
+[- Mutex unlock CONNECT
+-] Mutex lock CONNECT
+[- Mutex unlock CONNECT
+-] Mutex lock SHARE
+[- Mutex unlock SHARE
+-] Mutex lock SHARE
+[- Mutex unlock SHARE
+-] Mutex lock CONNECT
+[- Mutex unlock CONNECT
+-] Mutex lock CONNECT
+[- Mutex unlock CONNECT
+-] Mutex lock CONNECT
+[- Mutex unlock CONNECT
 run 1: foobar and so on fun!
--> Mutex lock CONNECT
-<- Mutex unlock CONNECT
--> Mutex lock CONNECT
-<- Mutex unlock CONNECT
--> Mutex lock SHARE
-<- Mutex unlock SHARE
--> Mutex lock SHARE
-<- Mutex unlock SHARE
--> Mutex lock CONNECT
-<- Mutex unlock CONNECT
--> Mutex lock CONNECT
-<- Mutex unlock CONNECT
--> Mutex lock CONNECT
-<- Mutex unlock CONNECT
+-] Mutex lock CONNECT
+[- Mutex unlock CONNECT
+-] Mutex lock CONNECT
+[- Mutex unlock CONNECT
+-] Mutex lock SHARE
+[- Mutex unlock SHARE
+-] Mutex lock SHARE
+[- Mutex unlock SHARE
+-] Mutex lock CONNECT
+[- Mutex unlock CONNECT
+-] Mutex lock CONNECT
+[- Mutex unlock CONNECT
+-] Mutex lock CONNECT
+[- Mutex unlock CONNECT
 run 1: foobar and so on fun!
--> Mutex lock CONNECT
-<- Mutex unlock CONNECT
--> Mutex lock CONNECT
-<- Mutex unlock CONNECT
--> Mutex lock SHARE
-<- Mutex unlock SHARE
--> Mutex lock SHARE
-<- Mutex unlock SHARE
+-] Mutex lock CONNECT
+[- Mutex unlock CONNECT
+-] Mutex lock CONNECT
+[- Mutex unlock CONNECT
+-] Mutex lock SHARE
+[- Mutex unlock SHARE
+-] Mutex lock SHARE
+[- Mutex unlock SHARE
 
 
 
diff --git a/tests/libtest/lib1554.c b/tests/libtest/lib1554.c
index 050075df3f..a23d713e63 100644
--- a/tests/libtest/lib1554.c
+++ b/tests/libtest/lib1554.c
@@ -44,7 +44,7 @@ static void t1554_test_lock(CURL *curl, curl_lock_data data,
   (void)data;
   (void)laccess;
   (void)useptr;
-  curl_mprintf("-> Mutex lock %s\n", ldata_names[data]);
+  curl_mprintf("-] Mutex lock %s\n", ldata_names[data]);
 }
 
 static void t1554_test_unlock(CURL *curl, curl_lock_data data, void *useptr)
@@ -52,7 +52,7 @@ static void t1554_test_unlock(CURL *curl, curl_lock_data data, void *useptr)
   (void)curl;
   (void)data;
   (void)useptr;
-  curl_mprintf("<- Mutex unlock %s\n", ldata_names[data]);
+  curl_mprintf("[- Mutex unlock %s\n", ldata_names[data]);
 }
 
 /* test function */

From d7b0b654ea4cce1bceb5edeecd05566d3729a388 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 12 Nov 2025 16:36:14 +0100
Subject: [PATCH 0818/2408] test1404, 1547: replace `&` char in comment and
 name for XML-friendliness

Closes #19497
---
 tests/data/test1404 | 2 +-
 tests/data/test1547 | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/data/test1404 b/tests/data/test1404
index 1cf0c676ea..e40c775b21 100644
--- a/tests/data/test1404
+++ b/tests/data/test1404
@@ -31,7 +31,7 @@ Mime
 http
 
 
---libcurl plus -F with 3 files, one with explicit type & encoder
+--libcurl plus -F with 3 files, one with explicit type and encoder
 
 
 SSL_CERT_FILE
diff --git a/tests/data/test1547 b/tests/data/test1547
index 7e1625aa4b..7984038e5c 100644
--- a/tests/data/test1547
+++ b/tests/data/test1547
@@ -1,5 +1,5 @@
 
-# Based on test100 & test101
+# Based on test100 and test101
 
 
 FTP

From 8a19bf862a82bf4e8ef83b9754b071dca5494c0b Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 12 Nov 2025 17:41:54 +0100
Subject: [PATCH 0819/2408] test2045: replace HTML multi-line comment markup
 with `#` comments

As used everywhere else in tests/data. To play nice with XML.

Follow-up to 9756d1da7637d1913b7ca2b589e4635f32ed3e00

Closes #19498
---
 tests/data/test2045 | 20 +++++++++-----------
 1 file changed, 9 insertions(+), 11 deletions(-)

diff --git a/tests/data/test2045 b/tests/data/test2045
index 41b31e5409..241d9fc14f 100644
--- a/tests/data/test2045
+++ b/tests/data/test2045
@@ -10,17 +10,15 @@ FTP
 #
 # Server-side
 
-
+# The purpose of this test is to make sure the --proto-default option works
+# properly. We specify a default protocol of FTP and if the option works properly
+# curl will use the FTP protocol. If the option is broken however curl will use
+# the HTTP protocol.
+# In the broken scenario curl would use HTTP to talk to our FTP server. We handle
+# that by replying with something that both protocols can understand. Our FTP
+# server allows a custom welcome message, so we use that feature to make an HTTP
+# reply that contains an FTP reply (think polyglot). In the case of FTP we expect
+# curl will return CURLE_WEIRD_SERVER_REPLY so we test for that return code.
 
 REPLY welcome HTTP/1.1 200 OK\r\nContent-Length: 21\r\n\r\n500 Weird FTP Reply
 

From 6b26d465e1df7d172dbc8302c5314d31f3239667 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 12 Nov 2025 18:16:55 +0100
Subject: [PATCH 0820/2408] tests/data: use more `repeat` macro

Found in `client/command` sections.

Closes #19499
---
 tests/data/test1294 | 4 ++--
 tests/data/test1295 | 6 +++---
 tests/data/test1453 | 2 +-
 tests/data/test729  | 2 +-
 tests/data/test761  | 4 ++--
 5 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/tests/data/test1294 b/tests/data/test1294
index 887023959b..e759397001 100644
--- a/tests/data/test1294
+++ b/tests/data/test1294
@@ -44,7 +44,7 @@ HTTP GET with split initial request send
 CURL_SMALLREQSEND=128
 
 
-http://%HOSTIP:%HTTPPORT/012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679/%TESTNUMBER -H "Among other public buildings in a certain town, which for many reasons it will be prudent to refrain from mentioning, and to which I will assign no fictitious name, there is one anciently common to most towns, great or small to ___, a workhouse; and in this workhouse was born; on a day and date which I need not trouble myself to repeat, inasmuch as it can be of no possible consequence to the reader, in this stage of the business at all events; the item of mortality whose name is prefixed to the head of this chapter: 511"
+http://%HOSTIP:%HTTPPORT/%repeat[30 x 012345679]%/%TESTNUMBER -H "Among other public buildings in a certain town, which for many reasons it will be prudent to refrain from mentioning, and to which I will assign no fictitious name, there is one anciently common to most towns, great or small to ___, a workhouse; and in this workhouse was born; on a day and date which I need not trouble myself to repeat, inasmuch as it can be of no possible consequence to the reader, in this stage of the business at all events; the item of mortality whose name is prefixed to the head of this chapter: 511"
 
 
 
@@ -52,7 +52,7 @@ http://%HOSTIP:%HTTPPORT/0123456790123456790123456790123456790123456790123456790
 # Verify data after the test has been "shot"
 
 
-GET /012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679/%TESTNUMBER HTTP/1.1
+GET /%repeat[30 x 012345679]%/%TESTNUMBER HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 User-Agent: curl/%VERSION
 Accept: */*
diff --git a/tests/data/test1295 b/tests/data/test1295
index bfd13c73f6..de9c86ef21 100644
--- a/tests/data/test1295
+++ b/tests/data/test1295
@@ -44,7 +44,7 @@ HTTP POST with split initial request send
 CURL_SMALLREQSEND=100
 
 
-http://%HOSTIP:%HTTPPORT/012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679/%TESTNUMBER -H "012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679: 300" -d "Mr. Sherlock Holmes, who was usually very late in the mornings, save upon those not infrequent occasions when he was up all night, was seated at the breakfast table." -w '%{size_upload}\n'
+http://%HOSTIP:%HTTPPORT/%repeat[30 x 012345679]%/%TESTNUMBER -H "%repeat[30 x 012345679]%: 300" -d "Mr. Sherlock Holmes, who was usually very late in the mornings, save upon those not infrequent occasions when he was up all night, was seated at the breakfast table." -w '%{size_upload}\n'
 
 
 
@@ -52,11 +52,11 @@ http://%HOSTIP:%HTTPPORT/0123456790123456790123456790123456790123456790123456790
 # Verify data after the test has been "shot"
 
 
-POST /012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679/%TESTNUMBER HTTP/1.1
+POST /%repeat[30 x 012345679]%/%TESTNUMBER HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 User-Agent: curl/%VERSION
 Accept: */*
-012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679012345679: 300
+%repeat[30 x 012345679]%: 300
 Content-Length: 165
 Content-Type: application/x-www-form-urlencoded
 
diff --git a/tests/data/test1453 b/tests/data/test1453
index 921b1bdf9f..28f6ed732f 100644
--- a/tests/data/test1453
+++ b/tests/data/test1453
@@ -20,7 +20,7 @@ tftp
 Too long tftp filename
 
 
-tftp://%HOSTIP:%NOLISTENPORT/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaz
+tftp://%HOSTIP:%NOLISTENPORT/%repeat[503 x a]%z
 
 
 
diff --git a/tests/data/test729 b/tests/data/test729
index 8057589215..fca56ade55 100644
--- a/tests/data/test729
+++ b/tests/data/test729
@@ -26,7 +26,7 @@ socks4
 SOCKS4 with very long proxy user name
 
 
-http://fake --limit-rate 1 -x socks4a://aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa@%HOSTIP:%SOCKSPORT
+http://fake --limit-rate 1 -x socks4a://%repeat[1015 x a]%@%HOSTIP:%SOCKSPORT
 
 
 
diff --git a/tests/data/test761 b/tests/data/test761
index 3044e1e54d..f3b35eadcc 100644
--- a/tests/data/test761
+++ b/tests/data/test761
@@ -12,7 +12,7 @@ globbing
 too many {} globs
 
 
-http://testingthis/{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b
+http://testingthis/%repeat[201 x {a}b]%
 
 
 
@@ -24,7 +24,7 @@ http://testingthis/{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{
 
 
 curl: (3) too many {} sets in URL position 403:
-http://testingthis/{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a
+http://testingthis/%repeat[113 x {a}b]%{a
 
 
 

From 4b2da75bca4ff32f004491f5fa622749d78f698e Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 12 Nov 2025 20:34:53 +0100
Subject: [PATCH 0821/2408] test716: use `repeat` macro

Closes #19501
---
 tests/data/test716 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/data/test716 b/tests/data/test716
index 5c20b45a75..d6910718b3 100644
--- a/tests/data/test716
+++ b/tests/data/test716
@@ -31,7 +31,7 @@ SOCKS5 proxy with too long user name
 
 # it should never connect to the target server
 
-http://hohoho.example.com:99/%TESTNUMBER -x socks5://AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA:b@%HOSTIP:%SOCKSPORT
+http://hohoho.example.com:99/%TESTNUMBER -x socks5://%repeat[256 x A]%:b@%HOSTIP:%SOCKSPORT
 
 
 

From c6eb9bb3dc0158ebd543436d3d364fde4e38ce40 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Wed, 12 Nov 2025 23:15:37 +0100
Subject: [PATCH 0822/2408] _PROGRESS.md: add the E unit, mention kibibyte

The suffixes used are not standard since we want them to be single
characters and the proper ones would be KiB, MiB etc.

Closes #19502
---
 .github/scripts/pyspelling.words |  3 +++
 docs/cmdline-opts/_PROGRESS.md   | 11 ++++++-----
 2 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/.github/scripts/pyspelling.words b/.github/scripts/pyspelling.words
index 5dbce13227..76889a05bb 100644
--- a/.github/scripts/pyspelling.words
+++ b/.github/scripts/pyspelling.words
@@ -244,6 +244,7 @@ et
 etag
 ETag
 ETags
+exa
 exe
 executables
 EXPN
@@ -417,6 +418,7 @@ kerberos
 Keychain
 keychain
 KiB
+kibibyte
 kickstart
 Kirei
 Knauf
@@ -491,6 +493,7 @@ Mavrogiannopoulos
 Mbed
 mbedTLS
 md
+mebibyte
 Meglio
 memdebug
 MesaLink
diff --git a/docs/cmdline-opts/_PROGRESS.md b/docs/cmdline-opts/_PROGRESS.md
index 9ab1ce8c9b..a506d041dc 100644
--- a/docs/cmdline-opts/_PROGRESS.md
+++ b/docs/cmdline-opts/_PROGRESS.md
@@ -4,9 +4,10 @@
 
 curl normally displays a progress meter during operations, indicating the
 amount of transferred data, transfer speeds and estimated time left, etc. The
-progress meter displays the transfer rate in bytes per second. The suffixes
-(`k` for kilo, `M` for mega, `G` for giga, `T` for tera, and `P` for peta) are
-1024 based. For example 1k is 1024 bytes. 1M is 1048576 bytes.
+progress meter displays the transfer rate in bytes per second. The used
+suffixes (`k` for kilo, `M` for mega, `G` for giga, `T` for tera, `P` for peta
+and `E` for exa) are 1024 based. For example 1k is 1024 bytes. 1M is 1048576
+bytes. Strictly speaking this makes the units kibibyte and mebibyte etc.
 
 curl displays this data to the terminal by default, so if you invoke curl to
 do an operation and it is about to write data to the terminal, it *disables*
@@ -14,8 +15,8 @@ the progress meter as otherwise it would mess up the output mixing progress
 meter and response data.
 
 If you want a progress meter for HTTP POST or PUT requests, you need to
-redirect the response output to a file, using shell redirect (\>), --output
-or similar.
+redirect the response output to a file, using shell redirect (\>), --output or
+similar.
 
 This does not apply to FTP upload as that operation does not spit out any
 response data to the terminal.

From 64c03bbdf2e5956de387c2c7952e2785442a5540 Mon Sep 17 00:00:00 2001
From: Patrick Monnerat 
Date: Wed, 12 Nov 2025 15:45:59 +0100
Subject: [PATCH 0823/2408] OS400: fix build

- Fix failed build due to missing parameter.

Follow-up to 8c9946d3 from yesterday.

Closes https://github.com/curl/curl/pull/19494
---
 packages/OS400/ccsidcurl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/OS400/ccsidcurl.c b/packages/OS400/ccsidcurl.c
index 30be1f60f7..76b182cf17 100644
--- a/packages/OS400/ccsidcurl.c
+++ b/packages/OS400/ccsidcurl.c
@@ -361,7 +361,7 @@ curl_slist_append_ccsid(struct curl_slist *list,
   if(!data)
     return curl_slist_append(list, data);
 
-  s = dynconvert(ASCII_CCSID, data, -1, ccsid);
+  s = dynconvert(ASCII_CCSID, data, -1, ccsid, NULL);
 
   if(!s)
     return (struct curl_slist *) NULL;

From 3d42510118a9eba12a0d3cd4e23b84a1bccd9f2a Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 12 Nov 2025 17:26:27 +0100
Subject: [PATCH 0824/2408] runtests: allow `client/command` to span multiple
 lines, and use it

Some curl command-lines are long, often repetitive, and difficult
to read or write:

Before this patch (1 test == 1 line):
- <=78 characters: 1099 tests
- 79-132 characters: 500 tests
- 133+ characters: 217 tests: patch meant to help with some of these.

After this patch:
- <=78 characters: 1288 lines
- 79-132 characters: 526 lines
- 133+ characters: 190 lines

After this patch it's possible to fold long lines into multiple ones.
Folding can reduce greppability, thus this is primarily useful for cases
when the options are repetitive, e.g. a list of form options, headers,
mail parameters and the like.

Closes #19500
---
 docs/tests/FILEFORMAT.md |  3 +++
 tests/data/test1133      |  7 ++++++-
 tests/data/test1158      |  5 ++++-
 tests/data/test1186      |  5 ++++-
 tests/data/test1189      | 10 +++++++++-
 tests/data/test1294      |  3 ++-
 tests/data/test1295      |  4 +++-
 tests/data/test1404      |  5 ++++-
 tests/data/test1583      |  3 ++-
 tests/data/test2003      |  9 ++++++++-
 tests/data/test2004      |  9 ++++++++-
 tests/data/test2049      |  5 ++++-
 tests/data/test2051      |  4 +++-
 tests/data/test2052      |  6 +++++-
 tests/data/test2053      |  3 ++-
 tests/data/test2054      | 16 +++++++++++++++-
 tests/data/test3002      | 10 +++++++++-
 tests/data/test3003      | 10 +++++++++-
 tests/data/test3004      | 10 +++++++++-
 tests/data/test3005      | 10 +++++++++-
 tests/data/test3006      | 10 +++++++++-
 tests/data/test3007      |  6 +++++-
 tests/data/test3029      |  3 ++-
 tests/data/test39        | 10 +++++++++-
 tests/data/test4         | 12 +++++++++++-
 tests/data/test423       |  6 +++++-
 tests/data/test424       |  7 ++++++-
 tests/data/test618       |  4 +++-
 tests/data/test619       |  4 +++-
 tests/data/test62        |  5 ++++-
 tests/data/test625       |  5 ++++-
 tests/data/test646       | 12 +++++++++++-
 tests/data/test647       | 13 ++++++++++++-
 tests/data/test648       |  8 +++++++-
 tests/data/test917       |  9 ++++++++-
 tests/data/test918       |  9 ++++++++-
 tests/data/test938       |  3 ++-
 tests/runner.pm          |  9 ++++++---
 38 files changed, 233 insertions(+), 39 deletions(-)

diff --git a/docs/tests/FILEFORMAT.md b/docs/tests/FILEFORMAT.md
index 8c4d0181e1..2e0648267e 100644
--- a/docs/tests/FILEFORMAT.md
+++ b/docs/tests/FILEFORMAT.md
@@ -579,6 +579,9 @@ deleted.
 ### ``
 Command line to run.
 
+If the command spans multiple lines, they are concatenated with a space added
+between them.
+
 Note that the URL that gets passed to the server actually controls what data
 that is returned. The last slash in the URL must be followed by a number. That
 number (N) is used by the test-server to load test case N and return the data
diff --git a/tests/data/test1133 b/tests/data/test1133
index a14dbe8ee9..37e48f8b55 100644
--- a/tests/data/test1133
+++ b/tests/data/test1133
@@ -29,7 +29,12 @@ http
 HTTP RFC1867-type formposting with filename/data contains ',', ';', '"'
 
 
-http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER -F "file=@\"%LOGDIR/test%TESTNUMBER,and;.txt\";type=mo/foo;filename=\"faker,and;.txt\"" -F 'file2=@"%LOGDIR/test%TESTNUMBER,and;.txt"' -F 'file3=@"%LOGDIR/test%TESTNUMBER,and;.txt";type=m/f,"%LOGDIR/test%TESTNUMBER,and;.txt"' -F a="{\"field1\":\"value1\",\"field2\":\"value2\"}" -F 'b=" \\value1;type=\"whatever\" "; type=text/foo; charset=utf-8 ; filename=param_b'
+http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER
+-F "file=@\"%LOGDIR/test%TESTNUMBER,and;.txt\";type=mo/foo;filename=\"faker,and;.txt\""
+-F 'file2=@"%LOGDIR/test%TESTNUMBER,and;.txt"'
+-F 'file3=@"%LOGDIR/test%TESTNUMBER,and;.txt";type=m/f,"%LOGDIR/test%TESTNUMBER,and;.txt"'
+-F a="{\"field1\":\"value1\",\"field2\":\"value2\"}"
+-F 'b=" \\value1;type=\"whatever\" "; type=text/foo; charset=utf-8 ; filename=param_b'
 
 # We create this file before the command is invoked!
 
diff --git a/tests/data/test1158 b/tests/data/test1158
index bc9f2d5719..c2a7330fe6 100644
--- a/tests/data/test1158
+++ b/tests/data/test1158
@@ -30,7 +30,10 @@ http
 HTTP RFC1867-type formposting with filename containing '"'
 
 
-http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER -F "file=@\"%LOGDIR/test%TESTNUMBER\\\".txt\";type=mo/foo;filename=\"test%TESTNUMBER\\\".txt\"" -F 'file2=@"%LOGDIR/test%TESTNUMBER\".txt"' -F 'file3=@"%LOGDIR/test%TESTNUMBER\".txt";type=m/f,"%LOGDIR/test%TESTNUMBER\".txt"'
+http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER
+-F "file=@\"%LOGDIR/test%TESTNUMBER\\\".txt\";type=mo/foo;filename=\"test%TESTNUMBER\\\".txt\""
+-F 'file2=@"%LOGDIR/test%TESTNUMBER\".txt"'
+-F 'file3=@"%LOGDIR/test%TESTNUMBER\".txt";type=m/f,"%LOGDIR/test%TESTNUMBER\".txt"'
 
 # We create this file before the command is invoked!
 
diff --git a/tests/data/test1186 b/tests/data/test1186
index e3157f36ca..f9edac8f36 100644
--- a/tests/data/test1186
+++ b/tests/data/test1186
@@ -30,7 +30,10 @@ http
 Multipart formposting with backslash-escaping filename containing '"'
 
 
-http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER --form-escape -F "file=@\"%LOGDIR/test%TESTNUMBER\\\".txt\";type=mo/foo;filename=\"test%TESTNUMBER\\\".txt\"" -F 'file2=@"%LOGDIR/test%TESTNUMBER\".txt"' -F 'file3=@"%LOGDIR/test%TESTNUMBER\".txt";type=m/f,"%LOGDIR/test%TESTNUMBER\".txt"'
+http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER --form-escape
+-F "file=@\"%LOGDIR/test%TESTNUMBER\\\".txt\";type=mo/foo;filename=\"test%TESTNUMBER\\\".txt\""
+-F 'file2=@"%LOGDIR/test%TESTNUMBER\".txt"'
+-F 'file3=@"%LOGDIR/test%TESTNUMBER\".txt";type=m/f,"%LOGDIR/test%TESTNUMBER\".txt"'
 
 # We create this file before the command is invoked!
 
diff --git a/tests/data/test1189 b/tests/data/test1189
index 3e5748eafd..0fb354a88e 100644
--- a/tests/data/test1189
+++ b/tests/data/test1189
@@ -29,7 +29,15 @@ http
 Multipart formposting with backslash-escaping of name= and filename=
 
 
-http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER --form-escape -F name=daniel -F tool=curl --form-string "str1=@literal" --form-string "str2=
 # We create this file before the command is invoked!
 
diff --git a/tests/data/test1294 b/tests/data/test1294
index e759397001..0e3eff5dea 100644
--- a/tests/data/test1294
+++ b/tests/data/test1294
@@ -44,7 +44,8 @@ HTTP GET with split initial request send
 CURL_SMALLREQSEND=128
 
 
-http://%HOSTIP:%HTTPPORT/%repeat[30 x 012345679]%/%TESTNUMBER -H "Among other public buildings in a certain town, which for many reasons it will be prudent to refrain from mentioning, and to which I will assign no fictitious name, there is one anciently common to most towns, great or small to ___, a workhouse; and in this workhouse was born; on a day and date which I need not trouble myself to repeat, inasmuch as it can be of no possible consequence to the reader, in this stage of the business at all events; the item of mortality whose name is prefixed to the head of this chapter: 511"
+http://%HOSTIP:%HTTPPORT/%repeat[30 x 012345679]%/%TESTNUMBER
+-H "Among other public buildings in a certain town, which for many reasons it will be prudent to refrain from mentioning, and to which I will assign no fictitious name, there is one anciently common to most towns, great or small to ___, a workhouse; and in this workhouse was born; on a day and date which I need not trouble myself to repeat, inasmuch as it can be of no possible consequence to the reader, in this stage of the business at all events; the item of mortality whose name is prefixed to the head of this chapter: 511"
 
 
 
diff --git a/tests/data/test1295 b/tests/data/test1295
index de9c86ef21..8de79a310d 100644
--- a/tests/data/test1295
+++ b/tests/data/test1295
@@ -44,7 +44,9 @@ HTTP POST with split initial request send
 CURL_SMALLREQSEND=100
 
 
-http://%HOSTIP:%HTTPPORT/%repeat[30 x 012345679]%/%TESTNUMBER -H "%repeat[30 x 012345679]%: 300" -d "Mr. Sherlock Holmes, who was usually very late in the mornings, save upon those not infrequent occasions when he was up all night, was seated at the breakfast table." -w '%{size_upload}\n'
+http://%HOSTIP:%HTTPPORT/%repeat[30 x 012345679]%/%TESTNUMBER -H "%repeat[30 x 012345679]%: 300"
+-d "Mr. Sherlock Holmes, who was usually very late in the mornings, save upon those not infrequent occasions when he was up all night, was seated at the breakfast table."
+-w '%{size_upload}\n'
 
 
 
diff --git a/tests/data/test1404 b/tests/data/test1404
index e40c775b21..7ae7d8b501 100644
--- a/tests/data/test1404
+++ b/tests/data/test1404
@@ -37,7 +37,10 @@ http
 SSL_CERT_FILE
 
 
-http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER -F name=value -F 'file=@%LOGDIR/test%TESTNUMBER.txt,%LOGDIR/test%TESTNUMBER.txt;type=magic/content;encoder=8bit,%LOGDIR/test%TESTNUMBER.txt;headers=X-testheader-1: header 1;headers=X-testheader-2: header 2' --libcurl %LOGDIR/test%TESTNUMBER.c
+http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER
+-F name=value
+-F 'file=@%LOGDIR/test%TESTNUMBER.txt,%LOGDIR/test%TESTNUMBER.txt;type=magic/content;encoder=8bit,%LOGDIR/test%TESTNUMBER.txt;headers=X-testheader-1: header 1;headers=X-testheader-2: header 2'
+--libcurl %LOGDIR/test%TESTNUMBER.c
 
 # We create this file before the command is invoked!
 
diff --git a/tests/data/test1583 b/tests/data/test1583
index b266d7eea8..8bcd7811a0 100644
--- a/tests/data/test1583
+++ b/tests/data/test1583
@@ -23,7 +23,8 @@ sftp
 SFTP dir and empty file
 
 
---key %LOGDIR/server/curl_client_key --pubkey %LOGDIR/server/curl_client_key.pub -u %USER: --insecure sftp://%HOSTIP:%SSHPORT%SFTP_PWD/%LOGDIR/test%TESTNUMBER.dir/ --next --key %LOGDIR/server/curl_client_key --pubkey %LOGDIR/server/curl_client_key.pub -u %USER: --insecure sftp://%HOSTIP:%SSHPORT%SFTP_PWD/%LOGDIR/test%TESTNUMBER.dir/emptyfile.txt
+--key %LOGDIR/server/curl_client_key --pubkey %LOGDIR/server/curl_client_key.pub -u %USER: --insecure sftp://%HOSTIP:%SSHPORT%SFTP_PWD/%LOGDIR/test%TESTNUMBER.dir/ --next
+--key %LOGDIR/server/curl_client_key --pubkey %LOGDIR/server/curl_client_key.pub -u %USER: --insecure sftp://%HOSTIP:%SSHPORT%SFTP_PWD/%LOGDIR/test%TESTNUMBER.dir/emptyfile.txt
 
 
 
diff --git a/tests/data/test2003 b/tests/data/test2003
index ce5fcbcb6f..f3f2194d42 100644
--- a/tests/data/test2003
+++ b/tests/data/test2003
@@ -58,7 +58,14 @@ tftp
 HTTP GET, FTP RETR, FILE, TFTP RRQ then again in rev order
 
 
-http://%HOSTIP:%HTTPPORT/%TESTNUMBER0001 ftp://%HOSTIP:%FTPPORT/%TESTNUMBER0002 file://localhost%FILE_PWD/%LOGDIR/test%TESTNUMBER.txt tftp://%HOSTIP:%TFTPPORT//%TESTNUMBER0003 tftp://%HOSTIP:%TFTPPORT//%TESTNUMBER0003 file://localhost%FILE_PWD/%LOGDIR/test%TESTNUMBER.txt ftp://%HOSTIP:%FTPPORT/%TESTNUMBER0002 http://%HOSTIP:%HTTPPORT/%TESTNUMBER0001
+http://%HOSTIP:%HTTPPORT/%TESTNUMBER0001
+ftp://%HOSTIP:%FTPPORT/%TESTNUMBER0002
+file://localhost%FILE_PWD/%LOGDIR/test%TESTNUMBER.txt
+tftp://%HOSTIP:%TFTPPORT//%TESTNUMBER0003
+tftp://%HOSTIP:%TFTPPORT//%TESTNUMBER0003
+file://localhost%FILE_PWD/%LOGDIR/test%TESTNUMBER.txt
+ftp://%HOSTIP:%FTPPORT/%TESTNUMBER0002
+http://%HOSTIP:%HTTPPORT/%TESTNUMBER0001
 
 
 foo
diff --git a/tests/data/test2004 b/tests/data/test2004
index f9770c3fb3..87dabcd6e9 100644
--- a/tests/data/test2004
+++ b/tests/data/test2004
@@ -30,7 +30,14 @@ sftp
 TFTP RRQ, SFTP, FILE, SCP retrieval then in rev order
 
 
---key %LOGDIR/server/curl_client_key --pubkey %LOGDIR/server/curl_client_key.pub -u %USER: tftp://%HOSTIP:%TFTPPORT//%TESTNUMBER sftp://%HOSTIP:%SSHPORT%SFTP_PWD/%LOGDIR/test%TESTNUMBER.txt file://localhost%FILE_PWD/%LOGDIR/test%TESTNUMBER.txt scp://%HOSTIP:%SSHPORT%SCP_PWD/%LOGDIR/test%TESTNUMBER.txt file://localhost%FILE_PWD/%LOGDIR/test%TESTNUMBER.txt sftp://%HOSTIP:%SSHPORT%SFTP_PWD/%LOGDIR/test%TESTNUMBER.txt tftp://%HOSTIP:%TFTPPORT//%TESTNUMBER --insecure
+--key %LOGDIR/server/curl_client_key --pubkey %LOGDIR/server/curl_client_key.pub -u %USER:
+tftp://%HOSTIP:%TFTPPORT//%TESTNUMBER
+sftp://%HOSTIP:%SSHPORT%SFTP_PWD/%LOGDIR/test%TESTNUMBER.txt
+file://localhost%FILE_PWD/%LOGDIR/test%TESTNUMBER.txt
+scp://%HOSTIP:%SSHPORT%SCP_PWD/%LOGDIR/test%TESTNUMBER.txt
+file://localhost%FILE_PWD/%LOGDIR/test%TESTNUMBER.txt
+sftp://%HOSTIP:%SSHPORT%SFTP_PWD/%LOGDIR/test%TESTNUMBER.txt
+tftp://%HOSTIP:%TFTPPORT//%TESTNUMBER --insecure
 
 
 This is test data
diff --git a/tests/data/test2049 b/tests/data/test2049
index 0fd0d94d77..75ef132011 100644
--- a/tests/data/test2049
+++ b/tests/data/test2049
@@ -31,7 +31,10 @@ Connect to specific host
 
 
 
-http://www1.example.com:8081/%TESTNUMBER --connect-to ::%HOSTIP:%HTTPPORT --next http://www2.example.com:8082/%TESTNUMBER --connect-to :8082:%HOSTIP:%HTTPPORT --next http://www3.example.com:8083/%TESTNUMBER --connect-to www3.example.com::%HOSTIP:%HTTPPORT --next http://www4.example.com:8084/%TESTNUMBER --connect-to www4.example.com:8084:%HOSTIP:%HTTPPORT
+http://www1.example.com:8081/%TESTNUMBER --connect-to ::%HOSTIP:%HTTPPORT --next
+http://www2.example.com:8082/%TESTNUMBER --connect-to :8082:%HOSTIP:%HTTPPORT --next
+http://www3.example.com:8083/%TESTNUMBER --connect-to www3.example.com::%HOSTIP:%HTTPPORT --next
+http://www4.example.com:8084/%TESTNUMBER --connect-to www4.example.com:8084:%HOSTIP:%HTTPPORT
 
 
 
diff --git a/tests/data/test2051 b/tests/data/test2051
index 8523652f02..d730a3c41d 100644
--- a/tests/data/test2051
+++ b/tests/data/test2051
@@ -31,7 +31,9 @@ Connect to specific host: Reuse existing connections if possible
 
 
 
-http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w "%{num_connects}\n" --next --connect-to ::%HOSTIP:%HTTPPORT http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w "%{num_connects}\n" --next http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w "%{num_connects}\n"
+http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w "%{num_connects}\n" --next --connect-to ::%HOSTIP:%HTTPPORT
+http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w "%{num_connects}\n" --next
+http://%HOSTIP:%HTTPPORT/%TESTNUMBER -w "%{num_connects}\n"
 
 
 
diff --git a/tests/data/test2052 b/tests/data/test2052
index 891912dde1..56814d35ab 100644
--- a/tests/data/test2052
+++ b/tests/data/test2052
@@ -32,7 +32,11 @@ http
 
 
 
-http://www.example.com:%HTTPPORT/%TESTNUMBER --resolve www.example.com:%HTTPPORT:%HOSTIP -w "%{num_connects}\n" --next --resolve -www.example.com:%HTTPPORT --connect-to ::%HOSTIP:%HTTPPORT http://www.example.com:%HTTPPORT/%TESTNUMBER -w "%{num_connects}\n"
+http://www.example.com:%HTTPPORT/%TESTNUMBER
+--resolve www.example.com:%HTTPPORT:%HOSTIP -w "%{num_connects}\n"
+--next
+--resolve -www.example.com:%HTTPPORT --connect-to ::%HOSTIP:%HTTPPORT
+http://www.example.com:%HTTPPORT/%TESTNUMBER -w "%{num_connects}\n"
 
 
 
diff --git a/tests/data/test2053 b/tests/data/test2053
index 8322f79e72..7945c0c9b5 100644
--- a/tests/data/test2053
+++ b/tests/data/test2053
@@ -31,7 +31,8 @@ Connect to specific host with IP addresses
 
 
 
-http://10.0.0.1:8081/%TESTNUMBER --connect-to 10.0.0.1:8081:%HOSTIP:%HTTPPORT --next http://[fc00::1]:8082/%TESTNUMBER --connect-to [fc00::1]:8082:%HOSTIP:%HTTPPORT
+http://10.0.0.1:8081/%TESTNUMBER  --connect-to 10.0.0.1:8081:%HOSTIP:%HTTPPORT --next
+http://[fc00::1]:8082/%TESTNUMBER --connect-to [fc00::1]:8082:%HOSTIP:%HTTPPORT
 
 
 
diff --git a/tests/data/test2054 b/tests/data/test2054
index 350e55634e..7d7d573b4f 100644
--- a/tests/data/test2054
+++ b/tests/data/test2054
@@ -31,7 +31,21 @@ Connect to specific host: use the first "connect-to" string that matches
 
 
 
-http://%HOSTIP:%HTTPPORT/%TESTNUMBER --connect-to foo::bar: --connect-to :123::456 --next http://www.example.com:%HTTPPORT/%TESTNUMBER --connect-to www.example.com::%HOSTIP: --connect-to www.example.com::foo: --next http://%HOSTIP:8083/%TESTNUMBER --connect-to :8083::%HTTPPORT --connect-to :8083::123 --next http://www.example.com:8084/%TESTNUMBER --connect-to www.example.com:8084:%HOSTIP:%HTTPPORT --connect-to www.example.com:8084:foo:123
+http://%HOSTIP:%HTTPPORT/%TESTNUMBER
+--connect-to foo::bar:
+--connect-to :123::456
+--next
+http://www.example.com:%HTTPPORT/%TESTNUMBER
+--connect-to www.example.com::%HOSTIP:
+--connect-to www.example.com::foo:
+--next
+http://%HOSTIP:8083/%TESTNUMBER
+--connect-to :8083::%HTTPPORT
+--connect-to :8083::123
+--next
+http://www.example.com:8084/%TESTNUMBER
+--connect-to www.example.com:8084:%HOSTIP:%HTTPPORT
+--connect-to www.example.com:8084:foo:123
 
 
 
diff --git a/tests/data/test3002 b/tests/data/test3002
index 95d454dee1..ffb6e49a49 100644
--- a/tests/data/test3002
+++ b/tests/data/test3002
@@ -26,7 +26,15 @@ To: another
 body
 
 
-smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt-allowfails --mail-rcpt invalid.one --mail-rcpt recipient.two@example.com --mail-rcpt recipient.three@example.com --mail-rcpt recipient.four@example.com --mail-rcpt recipient.five@example.com --mail-from sender@example.com -T -
+smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER
+--mail-rcpt-allowfails
+--mail-rcpt invalid.one
+--mail-rcpt recipient.two@example.com
+--mail-rcpt recipient.three@example.com
+--mail-rcpt recipient.four@example.com
+--mail-rcpt recipient.five@example.com
+--mail-from sender@example.com
+-T -
 
 
 
diff --git a/tests/data/test3003 b/tests/data/test3003
index 0a90820ad7..07c72f0798 100644
--- a/tests/data/test3003
+++ b/tests/data/test3003
@@ -26,7 +26,15 @@ To: another
 body
 
 
-smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt-allowfails --mail-rcpt recipient.one@example.com --mail-rcpt recipient.two@example.com --mail-rcpt recipient.three@example.com --mail-rcpt recipient.four@example.com --mail-rcpt invalid.five --mail-from sender@example.com -T -
+smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER
+--mail-rcpt-allowfails
+--mail-rcpt recipient.one@example.com
+--mail-rcpt recipient.two@example.com
+--mail-rcpt recipient.three@example.com
+--mail-rcpt recipient.four@example.com
+--mail-rcpt invalid.five
+--mail-from sender@example.com
+-T -
 
 
 
diff --git a/tests/data/test3004 b/tests/data/test3004
index 80261f6703..52ef1188b9 100644
--- a/tests/data/test3004
+++ b/tests/data/test3004
@@ -26,7 +26,15 @@ To: another
 body
 
 
-smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt-allowfails --mail-rcpt recipient.one@example.com --mail-rcpt recipient.two@example.com --mail-rcpt invalid.three --mail-rcpt recipient.four@example.com --mail-rcpt recipient.five@example.com --mail-from sender@example.com -T -
+smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER
+--mail-rcpt-allowfails
+--mail-rcpt recipient.one@example.com
+--mail-rcpt recipient.two@example.com
+--mail-rcpt invalid.three
+--mail-rcpt recipient.four@example.com
+--mail-rcpt recipient.five@example.com
+--mail-from sender@example.com
+-T -
 
 
 
diff --git a/tests/data/test3005 b/tests/data/test3005
index ef417a9cd5..68dedd2fc0 100644
--- a/tests/data/test3005
+++ b/tests/data/test3005
@@ -26,7 +26,15 @@ To: another
 body
 
 
-smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt-allowfails --mail-rcpt invalid.one --mail-rcpt recipient.two@example.com --mail-rcpt invalid.three --mail-rcpt invalid.four --mail-rcpt invalid.five --mail-from sender@example.com -T -
+smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER
+--mail-rcpt-allowfails
+--mail-rcpt invalid.one
+--mail-rcpt recipient.two@example.com
+--mail-rcpt invalid.three
+--mail-rcpt invalid.four
+--mail-rcpt invalid.five
+--mail-from sender@example.com
+-T -
 
 
 
diff --git a/tests/data/test3006 b/tests/data/test3006
index 4cb13ba17d..d5086c23d6 100644
--- a/tests/data/test3006
+++ b/tests/data/test3006
@@ -26,7 +26,15 @@ To: another
 body
 
 
-smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt-allowfails --mail-rcpt invalid.one --mail-rcpt invalid.two --mail-rcpt invalid.three --mail-rcpt invalid.four --mail-rcpt invalid.five --mail-from sender@example.com -T -
+smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER
+--mail-rcpt-allowfails
+--mail-rcpt invalid.one
+--mail-rcpt invalid.two
+--mail-rcpt invalid.three
+--mail-rcpt invalid.four
+--mail-rcpt invalid.five
+--mail-from sender@example.com
+-T -
 
 
 
diff --git a/tests/data/test3007 b/tests/data/test3007
index d622240885..3cc0aedc86 100644
--- a/tests/data/test3007
+++ b/tests/data/test3007
@@ -26,7 +26,11 @@ To: another
 body
 
 
-smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt-allowfails --mail-rcpt invalid.one --mail-from sender@example.com -T -
+smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER
+--mail-rcpt-allowfails
+--mail-rcpt invalid.one
+--mail-from sender@example.com
+-T -
 
 
 
diff --git a/tests/data/test3029 b/tests/data/test3029
index 1436602093..057b2128f8 100644
--- a/tests/data/test3029
+++ b/tests/data/test3029
@@ -23,7 +23,8 @@ http
 HTTP with multiple -D
 
 
--D %LOGDIR/heads%TESTNUMBER http://%HOSTIP:%HTTPPORT/%TESTNUMBER http://%HOSTIP:%HTTPPORT/%TESTNUMBER --next -D %LOGDIR/heads%TESTNUMBER http://%HOSTIP:%HTTPPORT/%TESTNUMBER
+-D %LOGDIR/heads%TESTNUMBER http://%HOSTIP:%HTTPPORT/%TESTNUMBER http://%HOSTIP:%HTTPPORT/%TESTNUMBER --next
+-D %LOGDIR/heads%TESTNUMBER http://%HOSTIP:%HTTPPORT/%TESTNUMBER
 
 
 
diff --git a/tests/data/test39 b/tests/data/test39
index 1ca61c8087..02a4659e09 100644
--- a/tests/data/test39
+++ b/tests/data/test39
@@ -29,7 +29,15 @@ http
 HTTP RFC1867-type formposting with filename= and type=
 
 
-http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER -F name=daniel -F tool=curl --form-string "str1=@literal" --form-string "str2=
 # We create this file before the command is invoked!
 
diff --git a/tests/data/test4 b/tests/data/test4
index 8b0479c1f8..d96190fa41 100644
--- a/tests/data/test4
+++ b/tests/data/test4
@@ -30,7 +30,17 @@ http
 Replaced internal and added custom HTTP headers
 
 
- -H "extra-header: here" -H "Accept: replaced" -H "X-Custom-Header;" -H "X-Test: foo; " -H "X-Test:" -H "X-Test2: foo;" -H "X-Test3:  " -H "X-Test4;  " -H "X-Test5;ignored" http://%HOSTIP:%HTTPPORT/%TESTNUMBER http://%HOSTIP:%HTTPPORT/%TESTNUMBER
+-H "extra-header: here"
+-H "Accept: replaced"
+-H "X-Custom-Header;"
+-H "X-Test: foo; "
+-H "X-Test:"
+-H "X-Test2: foo;"
+-H "X-Test3:  "
+-H "X-Test4;  "
+-H "X-Test5;ignored"
+http://%HOSTIP:%HTTPPORT/%TESTNUMBER
+http://%HOSTIP:%HTTPPORT/%TESTNUMBER
 
 
 
diff --git a/tests/data/test423 b/tests/data/test423
index 01313a9655..6d6843aa11 100644
--- a/tests/data/test423
+++ b/tests/data/test423
@@ -34,7 +34,11 @@ http
 -w with url.* variables
 
 
-"http://uuuu:pppp@%HOSTIP:%HTTPPORT/%TESTNUMBER?qqqq#ffff" "h55p://hello2000:1/%TESTNUMBER?qqqq#ffff" "local host" "http://u22u:p22p@%HOSTIP:%HTTPPORT/%TESTNUMBER?qqqq#ffff" -w '%{url.host}+%{url.path}+%{url.scheme}+%{url.user}+%{url.password}+%{url.port}+%{url.query}+%{url.fragment}\n'
+"http://uuuu:pppp@%HOSTIP:%HTTPPORT/%TESTNUMBER?qqqq#ffff"
+"h55p://hello2000:1/%TESTNUMBER?qqqq#ffff"
+"local host"
+"http://u22u:p22p@%HOSTIP:%HTTPPORT/%TESTNUMBER?qqqq#ffff"
+-w '%{url.host}+%{url.path}+%{url.scheme}+%{url.user}+%{url.password}+%{url.port}+%{url.query}+%{url.fragment}\n'
 
 
 
diff --git a/tests/data/test424 b/tests/data/test424
index ff35096505..a10752dbbe 100644
--- a/tests/data/test424
+++ b/tests/data/test424
@@ -51,7 +51,12 @@ http
 -w with urle.* variables
 
 
-"http://uuuu:pppp@%HOSTIP:%HTTPPORT/%TESTNUMBER?qqqq#ffff" "h55p://hello2000:1/%TESTNUMBER?qqqq#ffff" "local host" "http://u22u:p22p@%HOSTIP:%HTTPPORT/%TESTNUMBER?qqqq#ffff" -w '%{urle.host}+%{urle.path}+%{urle.scheme}+%{urle.user}+%{urle.password}+%{urle.port}+%{urle.query}+%{urle.fragment}\n' -x http://%HOSTIP:%HTTPPORT/ -L
+"http://uuuu:pppp@%HOSTIP:%HTTPPORT/%TESTNUMBER?qqqq#ffff"
+"h55p://hello2000:1/%TESTNUMBER?qqqq#ffff"
+"local host"
+"http://u22u:p22p@%HOSTIP:%HTTPPORT/%TESTNUMBER?qqqq#ffff"
+-w '%{urle.host}+%{urle.path}+%{urle.scheme}+%{urle.user}+%{urle.password}+%{urle.port}+%{urle.query}+%{urle.fragment}\n'
+-x http://%HOSTIP:%HTTPPORT/ -L
 
 
 
diff --git a/tests/data/test618 b/tests/data/test618
index ee1228f0f3..3e9c980b29 100644
--- a/tests/data/test618
+++ b/tests/data/test618
@@ -15,7 +15,9 @@ sftp
 SFTP retrieval of two files
 
 
---key %LOGDIR/server/curl_client_key --pubkey %LOGDIR/server/curl_client_key.pub -u %USER: sftp://%HOSTIP:%SSHPORT%SFTP_PWD/%LOGDIR/file%TESTNUMBER.txt sftp://%HOSTIP:%SSHPORT%SFTP_PWD/%LOGDIR/file%TESTNUMBER.txt --insecure
+--key %LOGDIR/server/curl_client_key --pubkey %LOGDIR/server/curl_client_key.pub -u %USER:
+sftp://%HOSTIP:%SSHPORT%SFTP_PWD/%LOGDIR/file%TESTNUMBER.txt
+sftp://%HOSTIP:%SSHPORT%SFTP_PWD/%LOGDIR/file%TESTNUMBER.txt --insecure
 
 
 Test data
diff --git a/tests/data/test619 b/tests/data/test619
index 7862e54767..c929da5673 100644
--- a/tests/data/test619
+++ b/tests/data/test619
@@ -15,7 +15,9 @@ scp
 SCP retrieval of two files
 
 
---key %LOGDIR/server/curl_client_key --pubkey %LOGDIR/server/curl_client_key.pub -u %USER: scp://%HOSTIP:%SSHPORT%SCP_PWD/%LOGDIR/file%TESTNUMBER.txt scp://%HOSTIP:%SSHPORT%SCP_PWD/%LOGDIR/file%TESTNUMBER.txt --insecure
+--key %LOGDIR/server/curl_client_key --pubkey %LOGDIR/server/curl_client_key.pub -u %USER:
+scp://%HOSTIP:%SSHPORT%SCP_PWD/%LOGDIR/file%TESTNUMBER.txt
+scp://%HOSTIP:%SSHPORT%SCP_PWD/%LOGDIR/file%TESTNUMBER.txt --insecure
 
 
 Test data
diff --git a/tests/data/test62 b/tests/data/test62
index d072e34ca8..e1a66537d4 100644
--- a/tests/data/test62
+++ b/tests/data/test62
@@ -29,7 +29,10 @@ http
 HTTP, send cookies when using custom Host:
 
 
-http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER?hoge=fuga -b %LOGDIR/jar%TESTNUMBER.txt -H "Host: www.host.foo.com"
+http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER
+http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER?hoge=fuga
+-b %LOGDIR/jar%TESTNUMBER.txt
+-H "Host: www.host.foo.com"
 
 
 # Netscape HTTP Cookie File
diff --git a/tests/data/test625 b/tests/data/test625
index aaef56e2e5..0aae0b678d 100644
--- a/tests/data/test625
+++ b/tests/data/test625
@@ -22,7 +22,10 @@ sftp
 SFTP put with --ftp-create-dirs twice
 
 
---ftp-create-dirs --key %LOGDIR/server/curl_client_key --pubkey %LOGDIR/server/curl_client_key.pub -u %USER: -T %LOGDIR/file%TESTNUMBER.txt sftp://%HOSTIP:%SSHPORT%SFTP_PWD/%LOGDIR/test%TESTNUMBER.a/upload.%TESTNUMBER -T %LOGDIR/file%TESTNUMBER.txt sftp://%HOSTIP:%SSHPORT%SFTP_PWD/%LOGDIR/test%TESTNUMBER.b/upload.%TESTNUMBER --insecure
+--ftp-create-dirs
+--key %LOGDIR/server/curl_client_key --pubkey %LOGDIR/server/curl_client_key.pub -u %USER:
+-T %LOGDIR/file%TESTNUMBER.txt sftp://%HOSTIP:%SSHPORT%SFTP_PWD/%LOGDIR/test%TESTNUMBER.a/upload.%TESTNUMBER
+-T %LOGDIR/file%TESTNUMBER.txt sftp://%HOSTIP:%SSHPORT%SFTP_PWD/%LOGDIR/test%TESTNUMBER.b/upload.%TESTNUMBER --insecure
 
 
 Test data
diff --git a/tests/data/test646 b/tests/data/test646
index 2bca8337c6..cc400604db 100644
--- a/tests/data/test646
+++ b/tests/data/test646
@@ -30,7 +30,17 @@ To: another
 body
 
 
-smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -F "=(;type=multipart/alternative" -F "= This is the html version;headers=X-test1: this is a header;type=text/html;headers=X-test2: this is another header " -F "=This is the plain text version;headers=@%LOGDIR/headers%TESTNUMBER" -F "=)" -F "=@%LOGDIR/test%TESTNUMBER.txt;headers=<%LOGDIR/headers%TESTNUMBER" -H "From: different" -H "To: another" -H "Reply-To: "
+smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER
+--mail-rcpt recipient@example.com
+--mail-from sender@example.com
+-F "=(;type=multipart/alternative"
+-F "= This is the html version;headers=X-test1: this is a header;type=text/html;headers=X-test2: this is another header "
+-F "=This is the plain text version;headers=@%LOGDIR/headers%TESTNUMBER"
+-F "=)"
+-F "=@%LOGDIR/test%TESTNUMBER.txt;headers=<%LOGDIR/headers%TESTNUMBER"
+-H "From: different"
+-H "To: another"
+-H "Reply-To: "
 
 
 This is an attached file.
diff --git a/tests/data/test647 b/tests/data/test647
index 732472db9c..e6edb72c68 100644
--- a/tests/data/test647
+++ b/tests/data/test647
@@ -26,7 +26,18 @@ imap
 IMAP APPEND multipart using mime API
 
 
-imap://%HOSTIP:%IMAPPORT/%TESTNUMBER -F "=(;type=multipart/alternative" -F "= This is the html version;type=text/html" -F "=This is the plain text version" -F "=)" -F "=@%LOGDIR/test%TESTNUMBER.txt" -H "Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)" -H "From: Fred Foobar " -H "To: joe@example.com" -H "Message-Id: " -H "Subject: afternoon meeting" -u user:secret
+imap://%HOSTIP:%IMAPPORT/%TESTNUMBER
+-F "=(;type=multipart/alternative"
+-F "= This is the html version;type=text/html"
+-F "=This is the plain text version"
+-F "=)"
+-F "=@%LOGDIR/test%TESTNUMBER.txt"
+-H "Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)"
+-H "From: Fred Foobar "
+-H "To: joe@example.com"
+-H "Message-Id: "
+-H "Subject: afternoon meeting"
+-u user:secret
 
 
 This is an attached file.
diff --git a/tests/data/test648 b/tests/data/test648
index 739a61ac21..d36823e88f 100644
--- a/tests/data/test648
+++ b/tests/data/test648
@@ -30,7 +30,13 @@ To: another
 body
 
 
-smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -F '=This is the email inline text with a very long line containing the special character = and that should be split by encoder.;headers=Content-disposition: "inline";encoder=quoted-printable' -F "=@%LOGDIR/test%TESTNUMBER.txt;encoder=base64" -H "From: different" -H "To: another"
+smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER
+--mail-rcpt recipient@example.com
+--mail-from sender@example.com
+-F '=This is the email inline text with a very long line containing the special character = and that should be split by encoder.;headers=Content-disposition: "inline";encoder=quoted-printable'
+-F "=@%LOGDIR/test%TESTNUMBER.txt;encoder=base64"
+-H "From: different"
+-H "To: another"
 
 
 This is an attached file.
diff --git a/tests/data/test917 b/tests/data/test917
index 5f009c7720..3ccc533452 100644
--- a/tests/data/test917
+++ b/tests/data/test917
@@ -26,7 +26,14 @@ To: another
 body
 
 
-smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient.one@example.com --mail-rcpt recipient.two@example.com --mail-rcpt recipient.three@example.com --mail-rcpt recipient.four@example.com --mail-rcpt recipient.five@example.com --mail-from sender@example.com -T -
+smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER
+--mail-rcpt recipient.one@example.com
+--mail-rcpt recipient.two@example.com
+--mail-rcpt recipient.three@example.com
+--mail-rcpt recipient.four@example.com
+--mail-rcpt recipient.five@example.com
+--mail-from sender@example.com
+-T -
 
 
 
diff --git a/tests/data/test918 b/tests/data/test918
index 491e8be195..d81b44db16 100644
--- a/tests/data/test918
+++ b/tests/data/test918
@@ -26,7 +26,14 @@ To: another
 body
 
 
-smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient.one@example.com --mail-rcpt invalid --mail-rcpt recipient.three@example.com --mail-rcpt sTrAnGe --mail-rcpt recipient.five@example.com --mail-from sender@example.com -T -
+smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER
+--mail-rcpt recipient.one@example.com
+--mail-rcpt invalid
+--mail-rcpt recipient.three@example.com
+--mail-rcpt sTrAnGe
+--mail-rcpt recipient.five@example.com
+--mail-from sender@example.com
+-T -
 
 
 
diff --git a/tests/data/test938 b/tests/data/test938
index d539b7cb80..a77a3a08e1 100644
--- a/tests/data/test938
+++ b/tests/data/test938
@@ -34,7 +34,8 @@ SMTP multiple connection authentication
 mail body
 
 
-smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER001 --mail-rcpt recipient@example.com --mail-from sender@example.com -u user.one:secret -T %LOGDIR/upload%TESTNUMBER -: smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER002 --mail-rcpt recipient@example.com --mail-from sender@example.com -u user.two:secret -T %LOGDIR/upload%TESTNUMBER
+smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER001 --mail-rcpt recipient@example.com --mail-from sender@example.com -u user.one:secret -T %LOGDIR/upload%TESTNUMBER -:
+smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER002 --mail-rcpt recipient@example.com --mail-from sender@example.com -u user.two:secret -T %LOGDIR/upload%TESTNUMBER
 
 
 
diff --git a/tests/runner.pm b/tests/runner.pm
index c711834e01..fe43ed05ba 100644
--- a/tests/runner.pm
+++ b/tests/runner.pm
@@ -804,10 +804,13 @@ sub singletest_run {
     my ($testnum, $testtimings) = @_;
 
     # get the command line options to use
-    my ($cmd, @blaha)= getpart("client", "command");
-    if($cmd) {
-        # make some nice replace operations
+    my $cmd;
+    my @cmd = getpart("client", "command");
+    if(@cmd) {
+        # allow splitting the command-line to multiple lines
+        $cmd = join(' ', @cmd);
         $cmd =~ s/\n//g; # no newlines please
+        chomp $cmd; # no newlines please
         # substitute variables in the command line
     }
     else {

From f1fec22776e9f6d554a5b6b78c1d9db183c61be3 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Thu, 13 Nov 2025 08:49:49 +0100
Subject: [PATCH 0825/2408] RELEASE-NOTES: synced

curlver: 8.18.0 is the next planned release version
---
 RELEASE-NOTES          | 70 ++++++++++++++++++++++++++++++++++++++----
 include/curl/curlver.h |  8 ++---
 2 files changed, 68 insertions(+), 10 deletions(-)

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 956e2b42a5..a997e68394 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -1,17 +1,21 @@
-curl and libcurl 8.17.1
+curl and libcurl 8.18.0
 
  Public curl releases:         272
  Command line options:         273
  curl_easy_setopt() options:   308
  Public functions in libcurl:  100
- Contributors:                 3536
+ Contributors:                 3537
 
 This release includes the following changes:
 
 
 This release includes the following bugfixes:
 
+ o _PROGRESS.md: add the E unit, mention kibibyte [24]
  o asyn-thrdd: release rrname if ares_init_options fails [41]
+ o autotools: drop autoconf <2.59 compatibility code (zz60-xc-ovr) [70]
+ o ccsidcurl: make curl_mime_data_ccsid() use the converted size [74]
+ o cf-https-connect: allocate ctx at first in cf_hc_create() [79]
  o checksrc.pl: detect assign followed by more than one space [26]
  o cmake: adjust defaults for target platforms not supporting shared libs [35]
  o cmake: disable `CURL_CA_PATH` auto-detection if `USE_APPLE_SECTRUST=ON` [16]
@@ -26,39 +30,63 @@ This release includes the following bugfixes:
  o digest_sspi: properly free sspi identity [12]
  o docs: fix checksrc `EQUALSPACE` warnings [21]
  o docs: mention umask need when curl creates files [56]
+ o examples/crawler: fix variable [92]
  o ftp: refactor a piece of code by merging the repeated part [40]
+ o ftp: remove #ifdef for define that is always defined [76]
  o gnutls: report accurate error when TLS-SRP is not built-in [18]
  o gtls: add return checks and optimize the code [2]
  o gtls: skip session resumption when verifystatus is set
+ o hostip: don't store negative lookup on OOM [61]
+ o http: replace atoi use in Curl_http_follow with curlx_str_number [65]
  o INSTALL-CMAKE.md: document static option defaults more [37]
+ o krb5_sspi: unify a part of error handling [80]
  o lib: cleanup for some typos about spaces and code style [3]
  o lib: fix gssapi.h include on IBMi [55]
  o lib: refactor the type of funcs which have useless return and checks [1]
+ o libssh2: cleanup ssh_force_knownhost_key_type [64]
+ o libssh2: replace atoi() in ssh_force_knownhost_key_type [63]
  o m4/sectrust: fix test(1) operator [4]
  o mbedtls: fix potential use of uninitialized `nread` [8]
+ o mk-ca-bundle.pl: use `open()` with argument list to replace backticks [71]
  o mqtt: reject overly big messages [39]
+ o noproxy: replace atoi with curlx_str_number [67]
  o openssl: release ssl_session if sess_reuse_cb fails [43]
  o openssl: remove code handling default version [28]
+ o OS400/ccsidcurl: fix curl_easy_setopt_ccsid for non-converted blobs [94]
+ o OS400/makefile.sh: fix shellcheck warning SC2038 [86]
  o osslq: code readability [5]
+ o progress: show fewer digits [78]
  o pytest: skip H2 tests if feature missing from curl [46]
  o rtmp: fix double-free on URL parse errors [27]
  o rtmp: precaution for a potential integer truncation [54]
+ o rustls: fix a potential memory issue [81]
  o schannel: fix memory leak of cert_store_path on four error paths [23]
+ o scripts: fix shellcheck SC2046 warnings [90]
+ o scripts: use end-of-options marker in `find -exec` commands [87]
  o setopt: disable CURLOPT_HAPROXY_CLIENT_IP on NULL [30]
  o setopt: when setting bad protocols, don't store them [9]
+ o sftp: fix range downloads in both SSH backends [82]
+ o socks_sspi: use free() not FreeContextBuffer() [93]
+ o telnet: replace atoi for BINARY handling with curlx_str_number [66]
+ o test2045: replace HTML multi-line comment markup with `#` comments [36]
+ o test363: delete stray character (typo) from a section tag [52]
  o tests/data: replace hard-coded test numbers with `%TESTNUMBER` [33]
+ o tests/data: support using native newlines on disk, drop `.gitattributes` [91]
  o tests/server: do not fall back to original data file in `test2fopen()` [32]
  o tftp: release filename if conn_get_remote_addr fails [42]
  o tool: consider (some) curl_easy_setopt errors fatal [7]
  o tool_help: add checks to avoid unsigned wrap around [14]
  o tool_ipfs: check return codes better [20]
  o tool_operate: remove redundant condition [19]
+ o tool_operate: use curlx_str_number intead of atoi [68]
  o tool_paramhlp: refuse --proto remove all protocols [10]
  o urlapi: fix mem-leaks in curl_url_get error paths [22]
+ o verify-release: update to avoid shellcheck warning SC2034 [88]
  o vtls: fix CURLOPT_CAPATH use [51]
  o vtls: handle possible malicious certs_num from peer [53]
  o wcurl: import v2025.11.09 [29]
  o wolfSSL: able to differentiate between IP and DNS in alt names [13]
+ o wolfssl: avoid NULL dereference in OOM situation [77]
 
 This release includes the following known bugs:
 
@@ -82,10 +110,12 @@ Planned upcoming removals include:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 
-  Andrew Kirillov, Brad King, Dan Fandrich, Daniel Stenberg, Jiyong Yang,
-  Juliusz Sosinowicz, renovate[bot], Samuel Henrique, Stanislav Fort,
-  Stefan Eissing, Thomas Klausner, Viktor Szakats, Xiaoke Wang
-  (13 contributors)
+  Andrew Kirillov, Brad King, Dan Fandrich, Daniel Stenberg,
+  Fd929c2CE5fA on github, Gisle Vanem, Jiyong Yang, Juliusz Sosinowicz,
+  Leonardo Taccari, Patrick Monnerat, Ray Satiro, renovate[bot],
+  Samuel Henrique, Stanislav Fort, Stefan Eissing, Thomas Klausner,
+  Viktor Szakats, Xiaoke Wang
+  (18 contributors)
 
 References to bug reports and discussions on issues:
 
@@ -110,6 +140,7 @@ References to bug reports and discussions on issues:
  [21] = https://curl.se/bug/?i=19379
  [22] = https://curl.se/bug/?i=19440
  [23] = https://curl.se/bug/?i=19423
+ [24] = https://curl.se/bug/?i=19502
  [25] = https://curl.se/bug/?i=19439
  [26] = https://curl.se/bug/?i=19375
  [27] = https://curl.se/bug/?i=19438
@@ -119,6 +150,7 @@ References to bug reports and discussions on issues:
  [32] = https://curl.se/bug/?i=19429
  [33] = https://curl.se/bug/?i=19427
  [35] = https://curl.se/bug/?i=19420
+ [36] = https://curl.se/bug/?i=19498
  [37] = https://curl.se/bug/?i=19419
  [39] = https://curl.se/bug/?i=19415
  [40] = https://curl.se/bug/?i=19411
@@ -131,7 +163,33 @@ References to bug reports and discussions on issues:
  [49] = https://curl.se/bug/?i=19404
  [50] = https://curl.se/bug/?i=19406
  [51] = https://curl.se/bug/?i=19401
+ [52] = https://curl.se/bug/?i=19490
  [53] = https://curl.se/bug/?i=19397
  [54] = https://curl.se/bug/?i=19399
  [55] = https://curl.se/bug/?i=19336
  [56] = https://curl.se/bug/?i=19396
+ [61] = https://curl.se/bug/?i=19484
+ [63] = https://curl.se/bug/?i=19479
+ [64] = https://curl.se/bug/?i=19479
+ [65] = https://curl.se/bug/?i=19478
+ [66] = https://curl.se/bug/?i=19477
+ [67] = https://curl.se/bug/?i=19475
+ [68] = https://curl.se/bug/?i=19480
+ [70] = https://curl.se/bug/?i=19464
+ [71] = https://curl.se/bug/?i=19461
+ [74] = https://curl.se/bug/?i=19465
+ [76] = https://curl.se/bug/?i=19463
+ [77] = https://curl.se/bug/?i=19459
+ [78] = https://curl.se/bug/?i=19431
+ [79] = https://curl.se/bug/?i=19454
+ [80] = https://curl.se/bug/?i=19452
+ [81] = https://curl.se/bug/?i=19425
+ [82] = https://curl.se/bug/?i=19460
+ [86] = https://curl.se/bug/?i=19451
+ [87] = https://curl.se/bug/?i=19450
+ [88] = https://curl.se/bug/?i=19449
+ [90] = https://curl.se/bug/?i=19432
+ [91] = https://curl.se/bug/?i=19398
+ [92] = https://curl.se/bug/?i=19446
+ [93] = https://curl.se/bug/?i=19445
+ [94] = https://curl.se/bug/?i=19444
diff --git a/include/curl/curlver.h b/include/curl/curlver.h
index 8977d9eb41..5a19dc2f5d 100644
--- a/include/curl/curlver.h
+++ b/include/curl/curlver.h
@@ -32,13 +32,13 @@
 
 /* This is the version number of the libcurl package from which this header
    file origins: */
-#define LIBCURL_VERSION "8.17.1-DEV"
+#define LIBCURL_VERSION "8.18.0-DEV"
 
 /* The numeric version number is also available "in parts" by using these
    defines: */
 #define LIBCURL_VERSION_MAJOR 8
-#define LIBCURL_VERSION_MINOR 17
-#define LIBCURL_VERSION_PATCH 1
+#define LIBCURL_VERSION_MINOR 18
+#define LIBCURL_VERSION_PATCH 0
 /* This is the numeric version of the libcurl version number, meant for easier
    parsing and comparisons by programs. The LIBCURL_VERSION_NUM define will
    always follow this syntax:
@@ -58,7 +58,7 @@
    CURL_VERSION_BITS() macro since curl's own configure script greps for it
    and needs it to contain the full number.
 */
-#define LIBCURL_VERSION_NUM 0x081101
+#define LIBCURL_VERSION_NUM 0x081200
 
 /*
  * This is the date and time when the full source package was created. The

From 296ffc45c3a3e389fb816cad2d2e4e23bc045212 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Wed, 12 Nov 2025 11:27:36 +0100
Subject: [PATCH 0826/2408] schannel: replace atoi() with curlx_str_number()

The last atoi() call removed from libcurl

Closes #19483
---
 lib/vtls/schannel.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c
index 639d6c3842..863524e4ee 100644
--- a/lib/vtls/schannel.c
+++ b/lib/vtls/schannel.c
@@ -2587,9 +2587,12 @@ static int schannel_init(void)
 #pragma clang diagnostic pop
 #endif
   if(p_wine_get_version) {  /* WINE detected */
+    curl_off_t ver = 0;
     const char *wine_version = p_wine_get_version();  /* e.g. "6.0.2" */
     /* Assume ALPN support with WINE 6.0 or upper */
-    s_win_has_alpn = wine_version && atoi(wine_version) >= 6;
+    if(wine_version)
+      curlx_str_number(&wine_version, &ver, 20);
+    s_win_has_alpn = (ver >= 6);
   }
   else {
     /* ALPN is supported on Windows 8.1 / Server 2012 R2 and above. */

From 3f0629ca443825916cbc0795bcd5f241fbf7104c Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Wed, 12 Nov 2025 13:16:33 +0100
Subject: [PATCH 0827/2408] cookie: propagate errors better, cleanup the
 internal API

Overhaul of the internal cookie APIs and an attempt to better return
errors for OOM and similar critical problems, separate from ordinary and
benign parsing problems.

Closes #19493
---
 lib/cookie.c       | 452 +++++++++++++++++++++------------------------
 lib/cookie.h       |  27 +--
 lib/easy.c         |   4 +-
 lib/http.c         |  11 +-
 lib/setopt.c       |  25 +--
 lib/share.c        |   2 +-
 lib/transfer.c     |   6 +-
 tests/data/test506 | 126 +++++++------
 8 files changed, 317 insertions(+), 336 deletions(-)

diff --git a/lib/cookie.c b/lib/cookie.c
index 35b252971d..fce628cb97 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -22,53 +22,6 @@
  *
  ***************************************************************************/
 
-/***
-
-
-RECEIVING COOKIE INFORMATION
-============================
-
-Curl_cookie_init()
-
-        Inits a cookie struct to store data in a local file. This is always
-        called before any cookies are set.
-
-Curl_cookie_add()
-
-        Adds a cookie to the in-memory cookie jar.
-
-
-SENDING COOKIE INFORMATION
-==========================
-
-Curl_cookie_getlist()
-
-        For a given host and path, return a linked list of cookies that
-        the client should send to the server if used now. The secure
-        boolean informs the cookie if a secure connection is achieved or
-        not.
-
-        It shall only return cookies that have not expired.
-
-Example set of cookies:
-
-    Set-cookie: PRODUCTINFO=webxpress; domain=.fidelity.com; path=/; secure
-    Set-cookie: PERSONALIZE=none;expires=Monday, 13-Jun-1988 03:04:55 GMT;
-    domain=.fidelity.com; path=/ftgw; secure
-    Set-cookie: FidHist=none;expires=Monday, 13-Jun-1988 03:04:55 GMT;
-    domain=.fidelity.com; path=/; secure
-    Set-cookie: FidOrder=none;expires=Monday, 13-Jun-1988 03:04:55 GMT;
-    domain=.fidelity.com; path=/; secure
-    Set-cookie: DisPend=none;expires=Monday, 13-Jun-1988 03:04:55 GMT;
-    domain=.fidelity.com; path=/; secure
-    Set-cookie: FidDis=none;expires=Monday, 13-Jun-1988 03:04:55 GMT;
-    domain=.fidelity.com; path=/; secure
-    Set-cookie:
-    Session_Key@6791a9e0-901a-11d0-a1c8-9b012c88aa77=none;expires=Monday,
-    13-Jun-1988 03:04:55 GMT; domain=.fidelity.com; path=/; secure
-****/
-
-
 #include "curl_setup.h"
 
 #if !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_COOKIES)
@@ -303,34 +256,6 @@ static char *sanitize_cookie_path(const char *cookie_path)
   return Curl_memdup0(cookie_path, len);
 }
 
-/*
- * Load cookies from all given cookie files (CURLOPT_COOKIEFILE).
- *
- * NOTE: OOM or cookie parsing failures are ignored.
- */
-void Curl_cookie_loadfiles(struct Curl_easy *data)
-{
-  struct curl_slist *list = data->state.cookielist;
-  if(list) {
-    Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
-    while(list) {
-      struct CookieInfo *ci =
-        Curl_cookie_init(data, list->data, data->cookies,
-                         data->set.cookiesession);
-      if(!ci)
-        /*
-         * Failure may be due to OOM or a bad cookie; both are ignored
-         * but only the first should be
-         */
-        infof(data, "ignoring failed cookie_init for %s", list->data);
-      else
-        data->cookies = ci;
-      list = list->next;
-    }
-    Curl_share_unlock(data, CURL_LOCK_DATA_COOKIE);
-  }
-}
-
 /*
  * strstore
  *
@@ -445,25 +370,6 @@ static bool invalid_octets(const char *ptr)
   return FALSE;
 }
 
-#define CERR_OK            0
-#define CERR_TOO_LONG      1 /* input line too long */
-#define CERR_TAB           2 /* in a wrong place */
-#define CERR_TOO_BIG       3 /* name/value too large */
-#define CERR_BAD           4 /* deemed incorrect */
-#define CERR_NO_SEP        5 /* semicolon problem */
-#define CERR_NO_NAME_VALUE 6 /* name or value problem */
-#define CERR_INVALID_OCTET 7 /* bad content */
-#define CERR_BAD_SECURE    8 /* secure in a bad place */
-#define CERR_OUT_OF_MEMORY 9
-#define CERR_NO_TAILMATCH  10
-#define CERR_COMMENT       11 /* a commented line */
-#define CERR_RANGE         12 /* expire range problem */
-#define CERR_FIELDS        13 /* incomplete netscape line */
-#ifdef USE_LIBPSL
-#define CERR_PSL           14 /* a public suffix */
-#endif
-#define CERR_LIVE_WINS     15
-
 /* The maximum length we accept a date string for the 'expire' keyword. The
    standard date formats are within the 30 bytes range. This adds an extra
    margin just to make sure it realistically works with what is used out
@@ -471,10 +377,13 @@ static bool invalid_octets(const char *ptr)
 */
 #define MAX_DATE_LENGTH 80
 
-static int
+/* this function return errors on OOM etc, not on plain cookie format
+   problems */
+static CURLcode
 parse_cookie_header(struct Curl_easy *data,
                     struct Cookie *co,
                     struct CookieInfo *ci,
+                    bool *okay, /* if the cookie was fine */
                     const char *ptr,
                     const char *domain, /* default domain */
                     const char *path,   /* full path used when this cookie is
@@ -486,9 +395,10 @@ parse_cookie_header(struct Curl_easy *data,
   /* This line was read off an HTTP-header */
   time_t now;
   size_t linelength = strlen(ptr);
+  *okay = FALSE;
   if(linelength > MAX_COOKIE_LINE)
     /* discard overly long lines at once */
-    return CERR_TOO_LONG;
+    return CURLE_OK;
 
   now = time(NULL);
   do {
@@ -509,7 +419,7 @@ parse_cookie_header(struct Curl_easy *data,
           /* Reject cookies with a TAB inside the value */
           if(memchr(curlx_str(&val), '\t', curlx_strlen(&val))) {
             infof(data, "cookie contains TAB, dropping");
-            return CERR_TAB;
+            return CURLE_OK;
           }
         }
       }
@@ -527,7 +437,7 @@ parse_cookie_header(struct Curl_easy *data,
          ((curlx_strlen(&name) + curlx_strlen(&val)) > MAX_NAME)) {
         infof(data, "oversized cookie dropped, name/val %zu + %zu bytes",
               curlx_strlen(&name), curlx_strlen(&val));
-        return CERR_TOO_BIG;
+        return CURLE_OK;
       }
 
       /*
@@ -551,17 +461,17 @@ parse_cookie_header(struct Curl_easy *data,
         /* The very first name/value pair is the actual cookie name */
         if(!sep)
           /* Bad name/value pair. */
-          return CERR_NO_SEP;
+          return CURLE_OK;
 
         strstore(&co->name, curlx_str(&name), curlx_strlen(&name));
         strstore(&co->value, curlx_str(&val), curlx_strlen(&val));
         done = TRUE;
         if(!co->name || !co->value)
-          return CERR_NO_NAME_VALUE;
+          return CURLE_OK;
 
         if(invalid_octets(co->value) || invalid_octets(co->name)) {
           infof(data, "invalid octets in name/value, cookie dropped");
-          return CERR_INVALID_OCTET;
+          return CURLE_OK;
         }
       }
       else if(!curlx_strlen(&val)) {
@@ -576,11 +486,11 @@ parse_cookie_header(struct Curl_easy *data,
          * reading from file
          */
         if(curlx_str_casecompare(&name, "secure")) {
-          if(secure || !ci->running) {
+          if(secure || !ci->running)
             co->secure = TRUE;
-          }
           else {
-            return CERR_BAD_SECURE;
+            infof(data, "skipped cookie %s because not 'secure'", co->name);
+            return CURLE_OK;
           }
         }
         else if(curlx_str_casecompare(&name, "httponly"))
@@ -594,11 +504,11 @@ parse_cookie_header(struct Curl_easy *data,
       else if(curlx_str_casecompare(&name, "path")) {
         strstore(&co->path, curlx_str(&val), curlx_strlen(&val));
         if(!co->path)
-          return CERR_OUT_OF_MEMORY;
+          return CURLE_OUT_OF_MEMORY;
         free(co->spath); /* if this is set again */
         co->spath = sanitize_cookie_path(co->path);
         if(!co->spath)
-          return CERR_OUT_OF_MEMORY;
+          return CURLE_OUT_OF_MEMORY;
       }
       else if(curlx_str_casecompare(&name, "domain") && curlx_strlen(&val)) {
         bool is_ip;
@@ -631,7 +541,7 @@ parse_cookie_header(struct Curl_easy *data,
                                           curlx_strlen(&val), domain))) {
           strstore(&co->domain, curlx_str(&val), curlx_strlen(&val));
           if(!co->domain)
-            return CERR_OUT_OF_MEMORY;
+            return CURLE_OUT_OF_MEMORY;
 
           if(!is_ip)
             co->tailmatch = TRUE; /* we always do that if the domain name was
@@ -644,7 +554,7 @@ parse_cookie_header(struct Curl_easy *data,
            */
           infof(data, "skipped cookie with bad tailmatch domain: %s",
                 curlx_str(&val));
-          return CERR_NO_TAILMATCH;
+          return CURLE_OK;
         }
       }
       else if(curlx_str_casecompare(&name, "version")) {
@@ -722,7 +632,7 @@ parse_cookie_header(struct Curl_easy *data,
     /* no domain was given in the header line, set the default */
     co->domain = strdup(domain);
     if(!co->domain)
-      return CERR_OUT_OF_MEMORY;
+      return CURLE_OUT_OF_MEMORY;
   }
 
   if(!co->path && path) {
@@ -736,10 +646,10 @@ parse_cookie_header(struct Curl_easy *data,
       if(co->path) {
         co->spath = sanitize_cookie_path(co->path);
         if(!co->spath)
-          return CERR_OUT_OF_MEMORY;
+          return CURLE_OUT_OF_MEMORY;
       }
       else
-        return CERR_OUT_OF_MEMORY;
+        return CURLE_OUT_OF_MEMORY;
     }
   }
 
@@ -748,14 +658,16 @@ parse_cookie_header(struct Curl_easy *data,
    * line so bail out.
    */
   if(!co->name)
-    return CERR_BAD;
+    return CURLE_OK;
 
-  return CERR_OK;
+  *okay = TRUE;
+  return CURLE_OK;
 }
 
-static int
+static CURLcode
 parse_netscape(struct Cookie *co,
                struct CookieInfo *ci,
+               bool *okay,
                const char *lineptr,
                bool secure)  /* TRUE if connection is over secure
                                 origin */
@@ -767,6 +679,7 @@ parse_netscape(struct Cookie *co,
   const char *ptr, *next;
   int fields;
   size_t len;
+  *okay = FALSE;
 
   /*
    * In 2008, Internet Explorer introduced HTTP-only cookies to prevent XSS
@@ -781,7 +694,7 @@ parse_netscape(struct Cookie *co,
 
   if(lineptr[0]=='#')
     /* do not even try the comments */
-    return CERR_COMMENT;
+    return CURLE_OK;
 
   /*
    * Now loop through the fields and init the struct we already have
@@ -800,7 +713,7 @@ parse_netscape(struct Cookie *co,
       }
       co->domain = Curl_memdup0(ptr, len);
       if(!co->domain)
-        return CERR_OUT_OF_MEMORY;
+        return CURLE_OUT_OF_MEMORY;
       break;
     case 1:
       /*
@@ -816,21 +729,21 @@ parse_netscape(struct Cookie *co,
         /* only if the path does not look like a boolean option! */
         co->path = Curl_memdup0(ptr, len);
         if(!co->path)
-          return CERR_OUT_OF_MEMORY;
+          return CURLE_OUT_OF_MEMORY;
         else {
           co->spath = sanitize_cookie_path(co->path);
           if(!co->spath)
-            return CERR_OUT_OF_MEMORY;
+            return CURLE_OUT_OF_MEMORY;
         }
         break;
       }
       /* this does not look like a path, make one up! */
       co->path = strdup("/");
       if(!co->path)
-        return CERR_OUT_OF_MEMORY;
+        return CURLE_OUT_OF_MEMORY;
       co->spath = strdup("/");
       if(!co->spath)
-        return CERR_OUT_OF_MEMORY;
+        return CURLE_OUT_OF_MEMORY;
       fields++; /* add a field and fall down to secure */
       FALLTHROUGH();
     case 3:
@@ -839,17 +752,17 @@ parse_netscape(struct Cookie *co,
         if(secure || ci->running)
           co->secure = TRUE;
         else
-          return CERR_BAD_SECURE;
+          return CURLE_OK;
       }
       break;
     case 4:
       if(curlx_str_number(&ptr, &co->expires, CURL_OFF_T_MAX))
-        return CERR_RANGE;
+        return CURLE_OK;
       break;
     case 5:
       co->name = Curl_memdup0(ptr, len);
       if(!co->name)
-        return CERR_OUT_OF_MEMORY;
+        return CURLE_OUT_OF_MEMORY;
       else {
         /* For Netscape file format cookies we check prefix on the name */
         if(curl_strnequal("__Secure-", co->name, 9))
@@ -861,7 +774,7 @@ parse_netscape(struct Cookie *co,
     case 6:
       co->value = Curl_memdup0(ptr, len);
       if(!co->value)
-        return CERR_OUT_OF_MEMORY;
+        return CURLE_OUT_OF_MEMORY;
       break;
     }
   }
@@ -869,19 +782,20 @@ parse_netscape(struct Cookie *co,
     /* we got a cookie with blank contents, fix it */
     co->value = strdup("");
     if(!co->value)
-      return CERR_OUT_OF_MEMORY;
+      return CURLE_OUT_OF_MEMORY;
     else
       fields++;
   }
 
   if(fields != 7)
     /* we did not find the sufficient number of fields */
-    return CERR_FIELDS;
+    return CURLE_OK;
 
-  return CERR_OK;
+  *okay = TRUE;
+  return CURLE_OK;
 }
 
-static int
+static bool
 is_public_suffix(struct Curl_easy *data,
                  struct Cookie *co,
                  const char *domain)
@@ -916,7 +830,7 @@ is_public_suffix(struct Curl_easy *data,
     if(!acceptable) {
       infof(data, "cookie '%s' dropped, domain '%s' must not "
             "set cookies for '%s'", co->name, domain, co->domain);
-      return CERR_PSL;
+      return TRUE;
     }
   }
 #else
@@ -926,15 +840,15 @@ is_public_suffix(struct Curl_easy *data,
   DEBUGF(infof(data, "NO PSL to check set-cookie '%s' for domain=%s in %s",
          co->name, co->domain, domain));
 #endif
-  return CERR_OK;
+  return FALSE;
 }
 
-static int
-replace_existing(struct Curl_easy *data,
-                 struct Cookie *co,
-                 struct CookieInfo *ci,
-                 bool secure,
-                 bool *replacep)
+/* returns TRUE when replaced */
+static bool replace_existing(struct Curl_easy *data,
+                             struct Cookie *co,
+                             struct CookieInfo *ci,
+                             bool secure,
+                             bool *replacep)
 {
   bool replace_old = FALSE;
   struct Curl_llist_node *replace_n = NULL;
@@ -978,7 +892,7 @@ replace_existing(struct Curl_easy *data,
         if(curl_strnequal(clist->spath, co->spath, cllen)) {
           infof(data, "cookie '%s' for domain '%s' dropped, would "
                 "overlay an existing cookie", co->name, co->domain);
-          return CERR_BAD_SECURE;
+          return FALSE;
         }
       }
     }
@@ -1012,7 +926,7 @@ replace_existing(struct Curl_easy *data,
          * was read from a file and thus is not "live". "live" cookies are
          * preferred so the new cookie is freed.
          */
-        return CERR_LIVE_WINS;
+        return FALSE;
       }
       if(replace_old)
         replace_n = n;
@@ -1031,7 +945,7 @@ replace_existing(struct Curl_easy *data,
     freecookie(repl);
   }
   *replacep = replace_old;
-  return CERR_OK;
+  return TRUE;
 }
 
 /*
@@ -1041,10 +955,8 @@ replace_existing(struct Curl_easy *data,
  * sometimes we get an IP-only hostname, and that might also be a numerical
  * IPv6 address.
  *
- * Returns NULL on out of memory or invalid cookie. This is suboptimal,
- * as they should be treated separately.
  */
-struct Cookie *
+CURLcode
 Curl_cookie_add(struct Curl_easy *data,
                 struct CookieInfo *ci,
                 bool httpheader, /* TRUE if HTTP header-style line */
@@ -1058,25 +970,27 @@ Curl_cookie_add(struct Curl_easy *data,
 {
   struct Cookie *co;
   size_t myhash;
-  int rc;
+  CURLcode result;
   bool replaces = FALSE;
+  bool okay;
 
   DEBUGASSERT(data);
   DEBUGASSERT(MAX_SET_COOKIE_AMOUNT <= 255); /* counter is an unsigned char */
   if(data->req.setcookies >= MAX_SET_COOKIE_AMOUNT)
-    return NULL;
+    return CURLE_OK; /* silently ignore */
 
   /* First, alloc and init a new struct for it */
   co = calloc(1, sizeof(struct Cookie));
   if(!co)
-    return NULL; /* bail out if we are this low on memory */
+    return CURLE_OUT_OF_MEMORY; /* bail out if we are this low on memory */
 
   if(httpheader)
-    rc = parse_cookie_header(data, co, ci, lineptr, domain, path, secure);
+    result = parse_cookie_header(data, co, ci, &okay,
+                                 lineptr, domain, path, secure);
   else
-    rc = parse_netscape(co, ci, lineptr, secure);
+    result = parse_netscape(co, ci, &okay, lineptr, secure);
 
-  if(rc)
+  if(result || !okay)
     goto fail;
 
   if(co->prefix_secure && !co->secure)
@@ -1115,7 +1029,7 @@ Curl_cookie_add(struct Curl_easy *data,
   if(is_public_suffix(data, co, domain))
     goto fail;
 
-  if(replace_existing(data, co, ci, secure, &replaces))
+  if(!replace_existing(data, co, ci, secure, &replaces))
     goto fail;
 
   /* add this cookie to the list */
@@ -1142,10 +1056,10 @@ Curl_cookie_add(struct Curl_easy *data,
   if(httpheader)
     data->req.setcookies++;
 
-  return co;
+  return result;
 fail:
   freecookie(co);
-  return NULL;
+  return result;
 }
 
 
@@ -1161,91 +1075,130 @@ fail:
  * Note that 'data' might be called as NULL pointer. If data is NULL, 'file'
  * will be ignored.
  *
- * Returns NULL on out of memory. Invalid cookies are ignored.
+ * Returns NULL on out of memory.
  */
-struct CookieInfo *Curl_cookie_init(struct Curl_easy *data,
-                                    const char *file,
-                                    struct CookieInfo *ci,
-                                    bool newsession)
+struct CookieInfo *Curl_cookie_init(void)
 {
-  FILE *handle = NULL;
+  int i;
+  struct CookieInfo *ci = calloc(1, sizeof(struct CookieInfo));
+  if(!ci)
+    return NULL;
 
-  if(!ci) {
-    int i;
-
-    /* we did not get a struct, create one */
-    ci = calloc(1, sizeof(struct CookieInfo));
-    if(!ci)
-      return NULL; /* failed to get memory */
-
-    /* This does not use the destructor callback since we want to add
-       and remove to lists while keeping the cookie struct intact */
-    for(i = 0; i < COOKIE_HASH_SIZE; i++)
-      Curl_llist_init(&ci->cookielist[i], NULL);
-    /*
-     * Initialize the next_expiration time to signal that we do not have enough
-     * information yet.
-     */
-    ci->next_expiration = CURL_OFF_T_MAX;
-  }
-  ci->newsession = newsession; /* new session? */
-
-  if(data) {
-    FILE *fp = NULL;
-    if(file && *file) {
-      if(!strcmp(file, "-"))
-        fp = stdin;
-      else {
-        fp = curlx_fopen(file, "rb");
-        if(!fp)
-          infof(data, "WARNING: failed to open cookie file \"%s\"", file);
-        else
-          handle = fp;
-      }
-    }
-
-    ci->running = FALSE; /* this is not running, this is init */
-    if(fp) {
-      struct dynbuf buf;
-      bool eof = FALSE;
-      CURLcode result;
-      curlx_dyn_init(&buf, MAX_COOKIE_LINE);
-      do {
-        result = Curl_get_line(&buf, fp, &eof);
-        if(!result) {
-          const char *lineptr = curlx_dyn_ptr(&buf);
-          bool headerline = FALSE;
-          if(checkprefix("Set-Cookie:", lineptr)) {
-            /* This is a cookie line, get it! */
-            lineptr += 11;
-            headerline = TRUE;
-            curlx_str_passblanks(&lineptr);
-          }
-
-          (void)Curl_cookie_add(data, ci, headerline, TRUE, lineptr, NULL,
-                                NULL, TRUE);
-          /* File reading cookie failures are not propagated back to the
-             caller because there is no way to do that */
-        }
-      } while(!result && !eof);
-      curlx_dyn_free(&buf); /* free the line buffer */
-
-      /*
-       * Remove expired cookies from the hash. We must make sure to run this
-       * after reading the file, and not on every cookie.
-       */
-      remove_expired(ci);
-
-      if(handle)
-        curlx_fclose(handle);
-    }
-    data->state.cookie_engine = TRUE;
-  }
-  ci->running = TRUE;          /* now, we are running */
+  /* This does not use the destructor callback since we want to add
+     and remove to lists while keeping the cookie struct intact */
+  for(i = 0; i < COOKIE_HASH_SIZE; i++)
+    Curl_llist_init(&ci->cookielist[i], NULL);
+  /*
+   * Initialize the next_expiration time to signal that we do not have enough
+   * information yet.
+   */
+  ci->next_expiration = CURL_OFF_T_MAX;
 
   return ci;
 }
 
+/*
+ * cookie_load()
+ *
+ * Reads cookies from a local file. This is always called before any cookies
+ * are set. If file is "-" then STDIN is read.
+ *
+ * If 'newsession' is TRUE, discard all "session cookies" on read from file.
+ *
+ */
+static CURLcode cookie_load(struct Curl_easy *data, const char *file,
+                            struct CookieInfo *ci, bool newsession)
+{
+  FILE *handle = NULL;
+  CURLcode result = CURLE_OK;
+  FILE *fp = NULL;
+  DEBUGASSERT(ci);
+  DEBUGASSERT(data);
+  DEBUGASSERT(file);
+
+  ci->newsession = newsession; /* new session? */
+  ci->running = FALSE; /* this is not running, this is init */
+
+  if(file && *file) {
+    if(!strcmp(file, "-"))
+      fp = stdin;
+    else {
+      fp = curlx_fopen(file, "rb");
+      if(!fp)
+        infof(data, "WARNING: failed to open cookie file \"%s\"", file);
+      else
+        handle = fp;
+    }
+  }
+
+  if(fp) {
+    struct dynbuf buf;
+    bool eof = FALSE;
+    curlx_dyn_init(&buf, MAX_COOKIE_LINE);
+    do {
+      result = Curl_get_line(&buf, fp, &eof);
+      if(!result) {
+        const char *lineptr = curlx_dyn_ptr(&buf);
+        bool headerline = FALSE;
+        if(checkprefix("Set-Cookie:", lineptr)) {
+          /* This is a cookie line, get it! */
+          lineptr += 11;
+          headerline = TRUE;
+          curlx_str_passblanks(&lineptr);
+        }
+
+        result = Curl_cookie_add(data, ci, headerline, TRUE, lineptr, NULL,
+                                 NULL, TRUE);
+        /* File reading cookie failures are not propagated back to the
+           caller because there is no way to do that */
+      }
+    } while(!result && !eof);
+    curlx_dyn_free(&buf); /* free the line buffer */
+
+    /*
+     * Remove expired cookies from the hash. We must make sure to run this
+     * after reading the file, and not on every cookie.
+     */
+    remove_expired(ci);
+
+    if(handle)
+      curlx_fclose(handle);
+  }
+  data->state.cookie_engine = TRUE;
+  ci->running = TRUE;          /* now, we are running */
+
+  return result;
+}
+
+/*
+ * Load cookies from all given cookie files (CURLOPT_COOKIEFILE).
+ */
+CURLcode Curl_cookie_loadfiles(struct Curl_easy *data)
+{
+  CURLcode result = CURLE_OK;
+  struct curl_slist *list = data->state.cookielist;
+  if(list) {
+    Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
+    if(!data->cookies)
+      data->cookies = Curl_cookie_init();
+    if(!data->cookies)
+      result = CURLE_OUT_OF_MEMORY;
+    else {
+      data->state.cookie_engine = TRUE;
+      while(list) {
+        result = cookie_load(data, list->data, data->cookies,
+                             data->set.cookiesession);
+        if(result)
+          break;
+        list = list->next;
+      }
+    }
+    Curl_share_unlock(data, CURL_LOCK_DATA_COOKIE);
+  }
+  return result;
+}
+
+
 /*
  * cookie_sort
  *
@@ -1315,12 +1268,13 @@ bool Curl_secure_context(struct connectdata *conn, const char *host)
  *
  * It shall only return cookies that have not expired.
  *
- * Returns 0 when there is a list returned. Otherwise non-zero.
+ * 'okay' is TRUE when there is a list returned.
  */
-int Curl_cookie_getlist(struct Curl_easy *data,
-                        struct connectdata *conn,
-                        const char *host,
-                        struct Curl_llist *list)
+CURLcode Curl_cookie_getlist(struct Curl_easy *data,
+                             struct connectdata *conn,
+                             bool *okay,
+                             const char *host,
+                             struct Curl_llist *list)
 {
   size_t matches = 0;
   const bool is_ip = Curl_host_is_ipnum(host);
@@ -1329,11 +1283,13 @@ int Curl_cookie_getlist(struct Curl_easy *data,
   const bool secure = Curl_secure_context(conn, host);
   struct CookieInfo *ci = data->cookies;
   const char *path = data->state.up.path;
+  CURLcode result = CURLE_OK;
+  *okay = FALSE;
 
   Curl_llist_init(list, NULL);
 
   if(!ci || !Curl_llist_count(&ci->cookielist[myhash]))
-    return 1; /* no cookie struct or no cookies in the struct */
+    return CURLE_OK; /* no cookie struct or no cookies in the struct */
 
   /* at first, remove expired cookies */
   remove_expired(ci);
@@ -1387,8 +1343,10 @@ int Curl_cookie_getlist(struct Curl_easy *data,
 
     /* alloc an array and store all cookie pointers */
     array = malloc(sizeof(struct Cookie *) * matches);
-    if(!array)
+    if(!array) {
+      result = CURLE_OUT_OF_MEMORY;
       goto fail;
+    }
 
     n = Curl_llist_head(list);
 
@@ -1407,12 +1365,13 @@ int Curl_cookie_getlist(struct Curl_easy *data,
     free(array); /* remove the temporary data again */
   }
 
-  return 0; /* success */
+  *okay = TRUE;
+  return CURLE_OK; /* success */
 
 fail:
   /* failure, clear up the allocated chain and return NULL */
   Curl_llist_destroy(list, NULL);
-  return 2; /* error */
+  return result; /* error */
 }
 
 /*
@@ -1667,8 +1626,6 @@ struct curl_slist *Curl_cookie_list(struct Curl_easy *data)
 
 void Curl_flush_cookies(struct Curl_easy *data, bool cleanup)
 {
-  CURLcode res;
-
   Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
   /* only save the cookie file if a transfer was started (data->state.url is
      set), as otherwise the cookies were not completely initialized and there
@@ -1676,10 +1633,11 @@ void Curl_flush_cookies(struct Curl_easy *data, bool cleanup)
      thing. */
   if(data->set.str[STRING_COOKIEJAR] && data->state.url) {
     /* if we have a destination file for all the cookies to get dumped to */
-    res = cookie_output(data, data->cookies, data->set.str[STRING_COOKIEJAR]);
-    if(res)
+    CURLcode result = cookie_output(data, data->cookies,
+                                    data->set.str[STRING_COOKIEJAR]);
+    if(result)
       infof(data, "WARNING: failed to save cookies in %s: %s",
-            data->set.str[STRING_COOKIEJAR], curl_easy_strerror(res));
+            data->set.str[STRING_COOKIEJAR], curl_easy_strerror(result));
   }
 
   if(cleanup && (!data->share || (data->cookies != data->share->cookies))) {
@@ -1689,4 +1647,12 @@ void Curl_flush_cookies(struct Curl_easy *data, bool cleanup)
   Curl_share_unlock(data, CURL_LOCK_DATA_COOKIE);
 }
 
+void Curl_cookie_run(struct Curl_easy *data)
+{
+  Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
+  if(data->cookies)
+    data->cookies->running = TRUE;
+  Curl_share_unlock(data, CURL_LOCK_DATA_COOKIE);
+}
+
 #endif /* CURL_DISABLE_HTTP || CURL_DISABLE_COOKIES */
diff --git a/lib/cookie.h b/lib/cookie.h
index 99aa20af7c..e1be698cf4 100644
--- a/lib/cookie.h
+++ b/lib/cookie.h
@@ -113,30 +113,31 @@ struct connectdata;
  */
 
 bool Curl_secure_context(struct connectdata *conn, const char *host);
-struct Cookie *Curl_cookie_add(struct Curl_easy *data,
-                               struct CookieInfo *c, bool header,
-                               bool noexpiry, const char *lineptr,
-                               const char *domain, const char *path,
-                               bool secure);
-int Curl_cookie_getlist(struct Curl_easy *data, struct connectdata *conn,
-                        const char *host, struct Curl_llist *list);
+CURLcode Curl_cookie_add(struct Curl_easy *data,
+                         struct CookieInfo *c, bool header,
+                         bool noexpiry, const char *lineptr,
+                         const char *domain, const char *path,
+                         bool secure) WARN_UNUSED_RESULT;
+CURLcode Curl_cookie_getlist(struct Curl_easy *data, struct connectdata *conn,
+                             bool *okay, const char *host,
+                             struct Curl_llist *list) WARN_UNUSED_RESULT;
 void Curl_cookie_clearall(struct CookieInfo *cookies);
 void Curl_cookie_clearsess(struct CookieInfo *cookies);
 
 #if defined(CURL_DISABLE_HTTP) || defined(CURL_DISABLE_COOKIES)
 #define Curl_cookie_list(x) NULL
-#define Curl_cookie_loadfiles(x) Curl_nop_stmt
-#define Curl_cookie_init(x,y,z,w) NULL
+#define Curl_cookie_loadfiles(x) CURLE_OK
+#define Curl_cookie_init() NULL
+#define Curl_cookie_run(x) Curl_nop_stmt
 #define Curl_cookie_cleanup(x) Curl_nop_stmt
 #define Curl_flush_cookies(x,y) Curl_nop_stmt
 #else
 void Curl_flush_cookies(struct Curl_easy *data, bool cleanup);
 void Curl_cookie_cleanup(struct CookieInfo *c);
-struct CookieInfo *Curl_cookie_init(struct Curl_easy *data,
-                                    const char *file, struct CookieInfo *inc,
-                                    bool newsession);
+struct CookieInfo *Curl_cookie_init(void);
 struct curl_slist *Curl_cookie_list(struct Curl_easy *data);
-void Curl_cookie_loadfiles(struct Curl_easy *data);
+CURLcode Curl_cookie_loadfiles(struct Curl_easy *data) WARN_UNUSED_RESULT;
+void Curl_cookie_run(struct Curl_easy *data);
 #endif
 
 #endif /* HEADER_CURL_COOKIE_H */
diff --git a/lib/easy.c b/lib/easy.c
index 4236a01d87..919ed80e8b 100644
--- a/lib/easy.c
+++ b/lib/easy.c
@@ -1010,10 +1010,10 @@ CURL *curl_easy_duphandle(CURL *d)
   if(data->cookies && data->state.cookie_engine) {
     /* If cookies are enabled in the parent handle, we enable them
        in the clone as well! */
-    outcurl->cookies = Curl_cookie_init(outcurl, NULL, outcurl->cookies,
-                                        data->set.cookiesession);
+    outcurl->cookies = Curl_cookie_init();
     if(!outcurl->cookies)
       goto fail;
+    outcurl->state.cookie_engine = TRUE;
   }
 
   if(data->state.cookielist) {
diff --git a/lib/http.c b/lib/http.c
index 08739ffddb..6726d23a43 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -2463,10 +2463,12 @@ static CURLcode http_cookies(struct Curl_easy *data,
     int count = 0;
 
     if(data->cookies && data->state.cookie_engine) {
+      bool okay;
       const char *host = data->state.aptr.cookiehost ?
         data->state.aptr.cookiehost : data->conn->host.name;
       Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
-      if(!Curl_cookie_getlist(data, data->conn, host, &list)) {
+      result = Curl_cookie_getlist(data, data->conn, &okay, host, &list);
+      if(!result && okay) {
         struct Curl_llist_node *n;
         size_t clen = 8; /* hold the size of the generated Cookie: header */
 
@@ -3471,11 +3473,12 @@ static CURLcode http_header_s(struct Curl_easy *data,
     const char *host = data->state.aptr.cookiehost ?
       data->state.aptr.cookiehost : conn->host.name;
     const bool secure_context = Curl_secure_context(conn, host);
+    CURLcode result;
     Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
-    Curl_cookie_add(data, data->cookies, TRUE, FALSE, v, host,
-                    data->state.up.path, secure_context);
+    result = Curl_cookie_add(data, data->cookies, TRUE, FALSE, v, host,
+                             data->state.up.path, secure_context);
     Curl_share_unlock(data, CURL_LOCK_DATA_COOKIE);
-    return CURLE_OK;
+    return result;
   }
 #endif
 #ifndef CURL_DISABLE_HSTS
diff --git a/lib/setopt.c b/lib/setopt.c
index 67b5371e87..9f43b1b60d 100644
--- a/lib/setopt.c
+++ b/lib/setopt.c
@@ -1537,6 +1537,7 @@ static CURLcode setopt_pointers(struct Curl_easy *data, CURLoption option,
 static CURLcode cookielist(struct Curl_easy *data,
                            const char *ptr)
 {
+  CURLcode result = CURLE_OK;
   if(!ptr)
     return CURLE_OK;
 
@@ -1558,14 +1559,15 @@ static CURLcode cookielist(struct Curl_easy *data,
   }
   else if(curl_strequal(ptr, "RELOAD")) {
     /* reload cookies from file */
-    Curl_cookie_loadfiles(data);
+    return Curl_cookie_loadfiles(data);
   }
   else {
     if(!data->cookies) {
       /* if cookie engine was not running, activate it */
-      data->cookies = Curl_cookie_init(data, NULL, NULL, TRUE);
+      data->cookies = Curl_cookie_init();
       if(!data->cookies)
         return CURLE_OUT_OF_MEMORY;
+      data->state.cookie_engine = TRUE;
     }
 
     /* general protection against mistakes and abuse */
@@ -1575,15 +1577,15 @@ static CURLcode cookielist(struct Curl_easy *data,
     Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
     if(checkprefix("Set-Cookie:", ptr))
       /* HTTP Header format line */
-      Curl_cookie_add(data, data->cookies, TRUE, FALSE, ptr + 11, NULL,
-                      NULL, TRUE);
+      result = Curl_cookie_add(data, data->cookies, TRUE, FALSE, ptr + 11,
+                               NULL, NULL, TRUE);
     else
       /* Netscape format line */
-      Curl_cookie_add(data, data->cookies, FALSE, FALSE, ptr, NULL,
-                      NULL, TRUE);
+      result = Curl_cookie_add(data, data->cookies, FALSE, FALSE, ptr, NULL,
+                               NULL, TRUE);
     Curl_share_unlock(data, CURL_LOCK_DATA_COOKIE);
   }
-  return CURLE_OK;
+  return result;
 }
 
 static CURLcode cookiefile(struct Curl_easy *data,
@@ -1797,11 +1799,12 @@ static CURLcode setopt_cptr(struct Curl_easy *data, CURLoption option,
        * Activate the cookie parser. This may or may not already
        * have been made.
        */
-      struct CookieInfo *newcookies =
-        Curl_cookie_init(data, NULL, data->cookies, s->cookiesession);
-      if(!newcookies)
+      if(!data->cookies)
+        data->cookies = Curl_cookie_init();
+      if(!data->cookies)
         result = CURLE_OUT_OF_MEMORY;
-      data->cookies = newcookies;
+      else
+        data->state.cookie_engine = TRUE;
     }
     break;
 
diff --git a/lib/share.c b/lib/share.c
index 711622a170..fdb80f5f64 100644
--- a/lib/share.c
+++ b/lib/share.c
@@ -97,7 +97,7 @@ curl_share_setopt(CURLSH *sh, CURLSHoption option, ...)
     case CURL_LOCK_DATA_COOKIE:
 #if !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_COOKIES)
       if(!share->cookies) {
-        share->cookies = Curl_cookie_init(NULL, NULL, NULL, TRUE);
+        share->cookies = Curl_cookie_init();
         if(!share->cookies)
           res = CURLSHE_NOMEM;
       }
diff --git a/lib/transfer.c b/lib/transfer.c
index 98168d3aa6..2b77219a9c 100644
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -558,10 +558,12 @@ CURLcode Curl_pretransfer(struct Curl_easy *data)
     data->state.infilesize = 0;
 
   /* If there is a list of cookie files to read, do it now! */
-  Curl_cookie_loadfiles(data);
+  result = Curl_cookie_loadfiles(data);
+  if(!result)
+    Curl_cookie_run(data); /* activate */
 
   /* If there is a list of host pairs to deal with */
-  if(data->state.resolve)
+  if(!result && data->state.resolve)
     result = Curl_loadhostpairs(data);
 
   /* If there is a list of hsts files to read */
diff --git a/tests/data/test506 b/tests/data/test506
index 02165275b6..5b4d16d9bc 100644
--- a/tests/data/test506
+++ b/tests/data/test506
@@ -118,96 +118,102 @@ unlock: share  [Pigs in space]: 17
 PERFORM
 lock:   cookie [Pigs in space]: 18
 unlock: cookie [Pigs in space]: 19
-lock:   dns    [Pigs in space]: 20
-unlock: dns    [Pigs in space]: 21
+lock:   cookie [Pigs in space]: 20
+unlock: cookie [Pigs in space]: 21
 lock:   dns    [Pigs in space]: 22
 unlock: dns    [Pigs in space]: 23
-lock:   cookie [Pigs in space]: 24
-unlock: cookie [Pigs in space]: 25
+lock:   dns    [Pigs in space]: 24
+unlock: dns    [Pigs in space]: 25
 lock:   cookie [Pigs in space]: 26
 unlock: cookie [Pigs in space]: 27
 lock:   cookie [Pigs in space]: 28
 unlock: cookie [Pigs in space]: 29
 lock:   cookie [Pigs in space]: 30
 unlock: cookie [Pigs in space]: 31
+lock:   cookie [Pigs in space]: 32
+unlock: cookie [Pigs in space]: 33
 run 1: set cookie 1, 2 and 3
-lock:   dns    [Pigs in space]: 32
-unlock: dns    [Pigs in space]: 33
 lock:   dns    [Pigs in space]: 34
 unlock: dns    [Pigs in space]: 35
+lock:   dns    [Pigs in space]: 36
+unlock: dns    [Pigs in space]: 37
 CLEANUP
-lock:   cookie [Pigs in space]: 36
-unlock: cookie [Pigs in space]: 37
-lock:   share  [Pigs in space]: 38
-unlock: share  [Pigs in space]: 39
-*** run 2
-CURLOPT_SHARE
+lock:   cookie [Pigs in space]: 38
+unlock: cookie [Pigs in space]: 39
 lock:   share  [Pigs in space]: 40
 unlock: share  [Pigs in space]: 41
+*** run 2
+CURLOPT_SHARE
+lock:   share  [Pigs in space]: 42
+unlock: share  [Pigs in space]: 43
 PERFORM
-lock:   cookie [Pigs in space]: 42
-unlock: cookie [Pigs in space]: 43
-lock:   dns    [Pigs in space]: 44
-unlock: dns    [Pigs in space]: 45
+lock:   cookie [Pigs in space]: 44
+unlock: cookie [Pigs in space]: 45
 lock:   cookie [Pigs in space]: 46
 unlock: cookie [Pigs in space]: 47
-lock:   cookie [Pigs in space]: 48
-unlock: cookie [Pigs in space]: 49
+lock:   dns    [Pigs in space]: 48
+unlock: dns    [Pigs in space]: 49
 lock:   cookie [Pigs in space]: 50
 unlock: cookie [Pigs in space]: 51
+lock:   cookie [Pigs in space]: 52
+unlock: cookie [Pigs in space]: 53
+lock:   cookie [Pigs in space]: 54
+unlock: cookie [Pigs in space]: 55
 run 2: set cookie 4 and 5
-lock:   dns    [Pigs in space]: 52
-unlock: dns    [Pigs in space]: 53
-lock:   dns    [Pigs in space]: 54
-unlock: dns    [Pigs in space]: 55
+lock:   dns    [Pigs in space]: 56
+unlock: dns    [Pigs in space]: 57
+lock:   dns    [Pigs in space]: 58
+unlock: dns    [Pigs in space]: 59
 CLEANUP
-lock:   cookie [Pigs in space]: 56
-unlock: cookie [Pigs in space]: 57
-lock:   share  [Pigs in space]: 58
-unlock: share  [Pigs in space]: 59
+lock:   cookie [Pigs in space]: 60
+unlock: cookie [Pigs in space]: 61
+lock:   share  [Pigs in space]: 62
+unlock: share  [Pigs in space]: 63
 *** run 3
 CURLOPT_SHARE
-lock:   share  [Pigs in space]: 60
-unlock: share  [Pigs in space]: 61
+lock:   share  [Pigs in space]: 64
+unlock: share  [Pigs in space]: 65
 CURLOPT_COOKIEJAR
 CURLOPT_COOKIELIST FLUSH
-lock:   cookie [Pigs in space]: 62
-unlock: cookie [Pigs in space]: 63
-PERFORM
-lock:   dns    [Pigs in space]: 64
-unlock: dns    [Pigs in space]: 65
 lock:   cookie [Pigs in space]: 66
 unlock: cookie [Pigs in space]: 67
+PERFORM
 lock:   cookie [Pigs in space]: 68
 unlock: cookie [Pigs in space]: 69
-lock:   cookie [Pigs in space]: 70
-unlock: cookie [Pigs in space]: 71
+lock:   dns    [Pigs in space]: 70
+unlock: dns    [Pigs in space]: 71
 lock:   cookie [Pigs in space]: 72
 unlock: cookie [Pigs in space]: 73
 lock:   cookie [Pigs in space]: 74
 unlock: cookie [Pigs in space]: 75
-run 3: overwrite cookie 1 and 4, set cookie 6 with and without tailmatch
-lock:   dns    [Pigs in space]: 76
-unlock: dns    [Pigs in space]: 77
-lock:   dns    [Pigs in space]: 78
-unlock: dns    [Pigs in space]: 79
-CLEANUP
+lock:   cookie [Pigs in space]: 76
+unlock: cookie [Pigs in space]: 77
+lock:   cookie [Pigs in space]: 78
+unlock: cookie [Pigs in space]: 79
 lock:   cookie [Pigs in space]: 80
 unlock: cookie [Pigs in space]: 81
-lock:   share  [Pigs in space]: 82
-unlock: share  [Pigs in space]: 83
-CURLOPT_SHARE
-lock:   share  [Pigs in space]: 84
-unlock: share  [Pigs in space]: 85
-CURLOPT_COOKIELIST ALL
+run 3: overwrite cookie 1 and 4, set cookie 6 with and without tailmatch
+lock:   dns    [Pigs in space]: 82
+unlock: dns    [Pigs in space]: 83
+lock:   dns    [Pigs in space]: 84
+unlock: dns    [Pigs in space]: 85
+CLEANUP
 lock:   cookie [Pigs in space]: 86
 unlock: cookie [Pigs in space]: 87
+lock:   share  [Pigs in space]: 88
+unlock: share  [Pigs in space]: 89
+CURLOPT_SHARE
+lock:   share  [Pigs in space]: 90
+unlock: share  [Pigs in space]: 91
+CURLOPT_COOKIELIST ALL
+lock:   cookie [Pigs in space]: 92
+unlock: cookie [Pigs in space]: 93
 CURLOPT_COOKIEJAR
 CURLOPT_COOKIELIST RELOAD
-lock:   cookie [Pigs in space]: 88
-unlock: cookie [Pigs in space]: 89
-lock:   cookie [Pigs in space]: 90
-unlock: cookie [Pigs in space]: 91
+lock:   cookie [Pigs in space]: 94
+unlock: cookie [Pigs in space]: 95
+lock:   cookie [Pigs in space]: 96
+unlock: cookie [Pigs in space]: 97
 loaded cookies:
 -----------------
   www.host.foo.com	FALSE	/	FALSE	%days[400]	test6	six_more
@@ -220,17 +226,17 @@ loaded cookies:
   .host.foo.com	TRUE	/	FALSE	%days[400]	injected	yes
 -----------------
 try SHARE_CLEANUP...
-lock:   share  [Pigs in space]: 92
-unlock: share  [Pigs in space]: 93
-SHARE_CLEANUP failed, correct
-CLEANUP
-lock:   cookie [Pigs in space]: 94
-unlock: cookie [Pigs in space]: 95
-lock:   share  [Pigs in space]: 96
-unlock: share  [Pigs in space]: 97
-SHARE_CLEANUP
 lock:   share  [Pigs in space]: 98
 unlock: share  [Pigs in space]: 99
+SHARE_CLEANUP failed, correct
+CLEANUP
+lock:   cookie [Pigs in space]: 100
+unlock: cookie [Pigs in space]: 101
+lock:   share  [Pigs in space]: 102
+unlock: share  [Pigs in space]: 103
+SHARE_CLEANUP
+lock:   share  [Pigs in space]: 104
+unlock: share  [Pigs in space]: 105
 GLOBAL_CLEANUP
 
 

From e496bcfd0ab63e29e23650d7733adf6e1356f173 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 12 Nov 2025 23:20:58 +0100
Subject: [PATCH 0828/2408] FILEFORMAT.md: drop some text from the `command`
 section

Special meanings of URLs became outdated, and it's also no longer
necessary to pass the test number via the URL or domain anymore.
Delete the text.

Follow-up to c6f1b0ff49268817101ac1734f43074fcc8775b2 #19429

Closes #19503
---
 docs/tests/FILEFORMAT.md | 12 ------------
 1 file changed, 12 deletions(-)

diff --git a/docs/tests/FILEFORMAT.md b/docs/tests/FILEFORMAT.md
index 2e0648267e..df5eed8ac6 100644
--- a/docs/tests/FILEFORMAT.md
+++ b/docs/tests/FILEFORMAT.md
@@ -582,18 +582,6 @@ Command line to run.
 If the command spans multiple lines, they are concatenated with a space added
 between them.
 
-Note that the URL that gets passed to the server actually controls what data
-that is returned. The last slash in the URL must be followed by a number. That
-number (N) is used by the test-server to load test case N and return the data
-that is defined within the `` section.
-
-If there is no test number found above, the HTTP test server uses the number
-following the last dot in the given hostname (made so that a CONNECT can still
-pass on test number) so that "foo.bar.123" gets treated as test case
-123. Alternatively, if an IPv6 address is provided to CONNECT, the last
-hexadecimal group in the address is used as the test number. For example the
-address "[1234::ff]" would be treated as test case 255.
-
 Set `type="perl"` to write the test case as a perl script. It implies that
 there is no memory debugging and valgrind gets shut off for this test.
 

From 4415e865ad7bcad6fdc256c354dc6065876381d2 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 13 Nov 2025 03:40:42 +0100
Subject: [PATCH 0829/2408] libtests: replace `atoi()` with
 `curlx_str_number()`

Also:
- lib1568: fail in global initialization error.

Closes #19506
---
 tests/libtest/Makefile.inc      |  1 +
 tests/libtest/cli_hx_download.c | 23 ++++++++++++++++-------
 tests/libtest/cli_hx_upload.c   | 20 ++++++++++++++------
 tests/libtest/cli_ws_data.c     | 11 ++++++++---
 tests/libtest/first.c           | 20 +++++++++++---------
 tests/libtest/lib1568.c         | 13 +++++++++----
 tests/libtest/lib1960.c         |  9 +++++----
 tests/libtest/lib521.c          | 12 ++++++++----
 tests/libtest/lib562.c          | 12 ++++++++----
 tests/libtest/lib591.c          |  6 +++++-
 10 files changed, 85 insertions(+), 42 deletions(-)

diff --git a/tests/libtest/Makefile.inc b/tests/libtest/Makefile.inc
index 67ffabad0b..8efeba914d 100644
--- a/tests/libtest/Makefile.inc
+++ b/tests/libtest/Makefile.inc
@@ -38,6 +38,7 @@ CURLX_C = \
   ../../lib/curlx/fopen.c \
   ../../lib/curlx/multibyte.c \
   ../../lib/curlx/strerr.c \
+  ../../lib/curlx/strparse.c \
   ../../lib/curlx/timediff.c \
   ../../lib/curlx/timeval.c \
   ../../lib/curlx/version_win32.c \
diff --git a/tests/libtest/cli_hx_download.c b/tests/libtest/cli_hx_download.c
index b7ad5912a9..365348455a 100644
--- a/tests/libtest/cli_hx_download.c
+++ b/tests/libtest/cli_hx_download.c
@@ -302,6 +302,8 @@ static CURLcode test_cli_hx_download(const char *URL)
 
   while((ch = cgetopt(test_argc, test_argv, "aefhm:n:xA:F:M:P:r:T:V:"))
         != -1) {
+    const char *opt = coptarg;
+    curl_off_t num;
     switch(ch) {
     case 'h':
       usage_hx_download(NULL);
@@ -317,32 +319,39 @@ static CURLcode test_cli_hx_download(const char *URL)
       forbid_reuse_d = 1;
       break;
     case 'm':
-      max_parallel = (size_t)atol(coptarg);
+      if(!curlx_str_number(&opt, &num, LONG_MAX))
+        max_parallel = (size_t)num;
       break;
     case 'n':
-      transfer_count_d = (size_t)atol(coptarg);
+      if(!curlx_str_number(&opt, &num, LONG_MAX))
+        transfer_count_d = (size_t)num;
       break;
     case 'x':
       fresh_connect = 1;
       break;
     case 'A':
-      abort_offset = (size_t)atol(coptarg);
+      if(!curlx_str_number(&opt, &num, LONG_MAX))
+        abort_offset = (size_t)num;
       break;
     case 'F':
-      fail_offset = (size_t)atol(coptarg);
+      if(!curlx_str_number(&opt, &num, LONG_MAX))
+        fail_offset = (size_t)num;
       break;
     case 'M':
-      max_host_conns = (size_t)atol(coptarg);
+      if(!curlx_str_number(&opt, &num, LONG_MAX))
+        max_host_conns = (size_t)num;
       break;
     case 'P':
-      pause_offset = (size_t)atol(coptarg);
+      if(!curlx_str_number(&opt, &num, LONG_MAX))
+        pause_offset = (size_t)num;
       break;
     case 'r':
       free(resolve);
       resolve = strdup(coptarg);
       break;
     case 'T':
-      max_total_conns = (size_t)atol(coptarg);
+      if(!curlx_str_number(&opt, &num, LONG_MAX))
+        max_total_conns = (size_t)num;
       break;
     case 'V': {
       if(!strcmp("http/1.1", coptarg))
diff --git a/tests/libtest/cli_hx_upload.c b/tests/libtest/cli_hx_upload.c
index 5069bcab63..dc053ae755 100644
--- a/tests/libtest/cli_hx_upload.c
+++ b/tests/libtest/cli_hx_upload.c
@@ -252,6 +252,8 @@ static CURLcode test_cli_hx_upload(const char *URL)
 
   while((ch = cgetopt(test_argc, test_argv, "aefhlm:n:A:F:M:P:r:RS:V:"))
         != -1) {
+    const char *opt = coptarg;
+    curl_off_t num;
     switch(ch) {
     case 'h':
       usage_hx_upload(NULL);
@@ -269,22 +271,27 @@ static CURLcode test_cli_hx_upload(const char *URL)
       announce_length = 1;
       break;
     case 'm':
-      max_parallel = (size_t)atol(coptarg);
+      if(!curlx_str_number(&opt, &num, LONG_MAX))
+        max_parallel = (size_t)num;
       break;
     case 'n':
-      transfer_count_u = (size_t)atol(coptarg);
+      if(!curlx_str_number(&opt, &num, LONG_MAX))
+        transfer_count_u = (size_t)num;
       break;
     case 'A':
-      abort_offset = (size_t)atol(coptarg);
+      if(!curlx_str_number(&opt, &num, LONG_MAX))
+        abort_offset = (size_t)num;
       break;
     case 'F':
-      fail_offset = (size_t)atol(coptarg);
+      if(!curlx_str_number(&opt, &num, LONG_MAX))
+        fail_offset = (size_t)num;
       break;
     case 'M':
       method = coptarg;
       break;
     case 'P':
-      pause_offset = (size_t)atol(coptarg);
+      if(!curlx_str_number(&opt, &num, LONG_MAX))
+        pause_offset = (size_t)num;
       break;
     case 'r':
       resolve = coptarg;
@@ -293,7 +300,8 @@ static CURLcode test_cli_hx_upload(const char *URL)
       reuse_easy = 1;
       break;
     case 'S':
-      send_total = (size_t)atol(coptarg);
+      if(!curlx_str_number(&opt, &num, LONG_MAX))
+        send_total = (size_t)num;
       break;
     case 'V': {
       if(!strcmp("http/1.1", coptarg))
diff --git a/tests/libtest/cli_ws_data.c b/tests/libtest/cli_ws_data.c
index 8b8b1fa0d1..7e5479b743 100644
--- a/tests/libtest/cli_ws_data.c
+++ b/tests/libtest/cli_ws_data.c
@@ -419,6 +419,8 @@ static CURLcode test_cli_ws_data(const char *URL)
   (void)URL;
 
   while((ch = cgetopt(test_argc, test_argv, "12c:hm:M:")) != -1) {
+    const char *opt = coptarg;
+    curl_off_t num;
     switch(ch) {
     case '1':
       model = 1;
@@ -430,13 +432,16 @@ static CURLcode test_cli_ws_data(const char *URL)
       test_ws_data_usage(NULL);
       return CURLE_BAD_FUNCTION_ARGUMENT;
     case 'c':
-      count = (size_t)atol(coptarg);
+      if(!curlx_str_number(&opt, &num, LONG_MAX))
+        count = (size_t)num;
       break;
     case 'm':
-      plen_min = (size_t)atol(coptarg);
+      if(!curlx_str_number(&opt, &num, LONG_MAX))
+        plen_min = (size_t)num;
       break;
     case 'M':
-      plen_max = (size_t)atol(coptarg);
+      if(!curlx_str_number(&opt, &num, LONG_MAX))
+        plen_max = (size_t)num;
       break;
     default:
       test_ws_data_usage("invalid option");
diff --git a/tests/libtest/first.c b/tests/libtest/first.c
index 79baca331e..ad1f929971 100644
--- a/tests/libtest/first.c
+++ b/tests/libtest/first.c
@@ -127,7 +127,7 @@ int cgetopt(int argc, const char * const argv[], const char *optstring)
 #ifdef CURLDEBUG
 static void memory_tracking_init(void)
 {
-  char *env;
+  const char *env;
   /* if CURL_MEMDEBUG is set, this starts memory tracking message logging */
   env = getenv("CURL_MEMDEBUG");
   if(env) {
@@ -137,9 +137,9 @@ static void memory_tracking_init(void)
   /* if CURL_MEMLIMIT is set, this enables fail-on-alloc-number-N feature */
   env = getenv("CURL_MEMLIMIT");
   if(env) {
-    long num = atol(env);
-    if(num > 0)
-      curl_dbg_memlimit(num);
+    curl_off_t num;
+    if(!curlx_str_number(&env, &num, LONG_MAX) && num > 0)
+      curl_dbg_memlimit((long)num);
   }
 }
 #else
@@ -215,7 +215,7 @@ int main(int argc, const char **argv)
   CURLcode result;
   entry_func_t entry_func;
   const char *entry_name;
-  char *env;
+  const char *env;
   size_t tmp;
 
   CURLX_SET_BINMODE(stdout);
@@ -271,11 +271,13 @@ int main(int argc, const char **argv)
   if(argc > 5)
     libtest_arg4 = argv[5];
 
+  testnum = 0;
   env = getenv("CURL_TESTNUM");
-  if(env)
-    testnum = atoi(env);
-  else
-    testnum = 0;
+  if(env) {
+    curl_off_t num;
+    if(!curlx_str_number(&env, &num, INT_MAX) && num > 0)
+      testnum = (int)num;
+  }
 
   result = entry_func(URL);
   curl_mfprintf(stderr, "Test ended with result %d\n", result);
diff --git a/tests/libtest/lib1568.c b/tests/libtest/lib1568.c
index 9e73029d51..a7c454edf7 100644
--- a/tests/libtest/lib1568.c
+++ b/tests/libtest/lib1568.c
@@ -27,9 +27,15 @@
 
 static CURLcode test_lib1568(const char *URL)
 {
-  CURLcode ret;
+  CURLcode ret = TEST_ERR_MAJOR_BAD;
   CURL *curl;
-  curl_global_init(CURL_GLOBAL_ALL);
+  curl_off_t port;
+
+  if(curlx_str_number(&libtest_arg2, &port, 0xffff))
+    return ret;
+
+  if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK)
+    return ret;
 
   curl = curl_easy_init();
   curl_easy_setopt(curl, CURLOPT_URL, URL);
@@ -39,12 +45,11 @@ static CURLcode test_lib1568(const char *URL)
   curl_easy_setopt(curl, CURLOPT_USERAGENT, "lib1568");
   curl_easy_setopt(curl, CURLOPT_HTTPAUTH, CURLAUTH_DIGEST);
   curl_easy_setopt(curl, CURLOPT_MAXREDIRS, 50L);
-  curl_easy_setopt(curl, CURLOPT_PORT, atol(libtest_arg2));
+  curl_easy_setopt(curl, CURLOPT_PORT, (long)port);
 
   ret = curl_easy_perform(curl);
 
   curl_easy_cleanup(curl);
-  curl = NULL;
 
   curl_global_cleanup();
   return ret;
diff --git a/tests/libtest/lib1960.c b/tests/libtest/lib1960.c
index 1ee9277bef..152b1053f1 100644
--- a/tests/libtest/lib1960.c
+++ b/tests/libtest/lib1960.c
@@ -79,16 +79,17 @@ static CURLcode test_lib1960(const char *URL)
   int status;
   curl_socket_t client_fd = CURL_SOCKET_BAD;
   struct sockaddr_in serv_addr;
-  unsigned short port;
+  curl_off_t port;
 
   if(!strcmp("check", URL))
     return CURLE_OK; /* no output makes it not skipped */
 
-  port = (unsigned short)atoi(libtest_arg3);
+  if(curlx_str_number(&libtest_arg3, &port, 0xffff))
+    return res;
 
   if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) {
     curl_mfprintf(stderr, "curl_global_init() failed\n");
-    return TEST_ERR_MAJOR_BAD;
+    return res;
   }
 
   /*
@@ -103,7 +104,7 @@ static CURLcode test_lib1960(const char *URL)
   }
 
   serv_addr.sin_family = AF_INET;
-  serv_addr.sin_port = htons(port);
+  serv_addr.sin_port = htons((unsigned short)port);
 
   if(my_inet_pton(AF_INET, libtest_arg2, &serv_addr.sin_addr) <= 0) {
     curl_mfprintf(stderr, "inet_pton failed\n");
diff --git a/tests/libtest/lib521.c b/tests/libtest/lib521.c
index c02c45a3c1..acfec70381 100644
--- a/tests/libtest/lib521.c
+++ b/tests/libtest/lib521.c
@@ -27,23 +27,27 @@
 
 static CURLcode test_lib521(const char *URL)
 {
-  CURLcode res;
+  CURLcode res = TEST_ERR_MAJOR_BAD;
   CURL *curl;
+  curl_off_t port;
+
+  if(curlx_str_number(&libtest_arg2, &port, 0xffff))
+    return res;
 
   if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) {
     curl_mfprintf(stderr, "curl_global_init() failed\n");
-    return TEST_ERR_MAJOR_BAD;
+    return res;
   }
 
   curl = curl_easy_init();
   if(!curl) {
     curl_mfprintf(stderr, "curl_easy_init() failed\n");
     curl_global_cleanup();
-    return TEST_ERR_MAJOR_BAD;
+    return res;
   }
 
   test_setopt(curl, CURLOPT_URL, URL);
-  test_setopt(curl, CURLOPT_PORT, atol(libtest_arg2));
+  test_setopt(curl, CURLOPT_PORT, (long)port);
   test_setopt(curl, CURLOPT_USERPWD, "xxx:yyy");
   test_setopt(curl, CURLOPT_VERBOSE, 1L);
 
diff --git a/tests/libtest/lib562.c b/tests/libtest/lib562.c
index 1c3bf8cff8..e9716e5768 100644
--- a/tests/libtest/lib562.c
+++ b/tests/libtest/lib562.c
@@ -35,12 +35,16 @@
 
 static CURLcode test_lib562(const char *URL)
 {
+  CURLcode res = TEST_ERR_MAJOR_BAD;
   CURL *curl;
-  CURLcode res = CURLE_OK;
+  curl_off_t port;
+
+  if(curlx_str_number(&libtest_arg2, &port, 0xffff))
+    return res;
 
   if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) {
     curl_mfprintf(stderr, "curl_global_init() failed\n");
-    return TEST_ERR_MAJOR_BAD;
+    return res;
   }
 
   /* get a curl handle */
@@ -48,14 +52,14 @@ static CURLcode test_lib562(const char *URL)
   if(!curl) {
     curl_mfprintf(stderr, "curl_easy_init() failed\n");
     curl_global_cleanup();
-    return TEST_ERR_MAJOR_BAD;
+    return res;
   }
 
   /* enable verbose */
   test_setopt(curl, CURLOPT_VERBOSE, 1L);
 
   /* set port number */
-  test_setopt(curl, CURLOPT_PORT, atol(libtest_arg2));
+  test_setopt(curl, CURLOPT_PORT, (long)port);
 
   /* specify target */
   test_setopt(curl, CURLOPT_URL, URL);
diff --git a/tests/libtest/lib591.c b/tests/libtest/lib591.c
index 0b7a0b4e85..c30bde5e8b 100644
--- a/tests/libtest/lib591.c
+++ b/tests/libtest/lib591.c
@@ -36,6 +36,10 @@ static CURLcode test_lib591(const char *URL)
   int msgs_left;
   CURLMsg *msg;
   FILE *upload = NULL;
+  curl_off_t accept_timeout;
+
+  if(curlx_str_number(&libtest_arg2, &accept_timeout, 65535))
+    return TEST_ERR_MAJOR_BAD;
 
   start_test_timing();
 
@@ -72,7 +76,7 @@ static CURLcode test_lib591(const char *URL)
   easy_setopt(curl, CURLOPT_FTPPORT, "-");
 
   /* server connection timeout */
-  easy_setopt(curl, CURLOPT_ACCEPTTIMEOUT_MS, atol(libtest_arg2)*1000);
+  easy_setopt(curl, CURLOPT_ACCEPTTIMEOUT_MS, (long)(accept_timeout * 1000));
 
   multi_init(multi);
 

From e18ad59e46380e0bef7a06e2997372afc80e4d77 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 13 Nov 2025 04:44:15 +0100
Subject: [PATCH 0830/2408] runtests: add missing Perl semicolon

Follow-up to f477f3efc3ec58f7effc2aa01e7f4565b12be976 #19398

Closes #19507
---
 tests/getpart.pm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/getpart.pm b/tests/getpart.pm
index 2b6d2a63c4..75eb8dfe5d 100644
--- a/tests/getpart.pm
+++ b/tests/getpart.pm
@@ -229,7 +229,7 @@ sub loadtest {
 
     if(open(my $xmlh, "<", "$file")) {
         if($original) {
-            binmode $xmlh, ':crlf'
+            binmode $xmlh, ':crlf';
         }
         else {
             binmode $xmlh; # for crapage systems, use binary

From 85cfc15601b19f13f1d480e6f7ba8922850429c3 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 13 Nov 2025 11:46:13 +0100
Subject: [PATCH 0831/2408] RELEASE-NOTES: codespell

---
 RELEASE-NOTES | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index a997e68394..64d4988060 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -78,7 +78,7 @@ This release includes the following bugfixes:
  o tool_help: add checks to avoid unsigned wrap around [14]
  o tool_ipfs: check return codes better [20]
  o tool_operate: remove redundant condition [19]
- o tool_operate: use curlx_str_number intead of atoi [68]
+ o tool_operate: use curlx_str_number instead of atoi [68]
  o tool_paramhlp: refuse --proto remove all protocols [10]
  o urlapi: fix mem-leaks in curl_url_get error paths [22]
  o verify-release: update to avoid shellcheck warning SC2034 [88]

From ca27404d2737e64bdc803fc7456e9a72bf61bb01 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 13 Nov 2025 02:11:48 +0100
Subject: [PATCH 0832/2408] tests/data: add `%includetext`, dedupe XML payloads
 into external file

To reduce duplication and to avoid keeping XML-like markup within XML
markup (`test*`), that was tripping `xmllint`.

Ref: #19470

Closes #19504
---
 REUSE.toml               |   1 +
 docs/tests/FILEFORMAT.md |   5 ++
 tests/data/Makefile.am   |   2 +-
 tests/data/data-xml1     | 112 ++++++++++++++++++++++++++++++++++++++
 tests/data/test1123      | 113 +--------------------------------------
 tests/data/test1277      | 113 +--------------------------------------
 tests/data/test222       | 113 +--------------------------------------
 tests/data/test230       | 113 +--------------------------------------
 tests/data/test232       | 113 +--------------------------------------
 tests/data/test314       | 113 +--------------------------------------
 tests/data/test396       | 113 +--------------------------------------
 tests/testutil.pm        |  10 +++-
 12 files changed, 134 insertions(+), 787 deletions(-)
 create mode 100644 tests/data/data-xml1

diff --git a/REUSE.toml b/REUSE.toml
index fff5380164..e9e9ecf03d 100644
--- a/REUSE.toml
+++ b/REUSE.toml
@@ -35,6 +35,7 @@ path = [
   "RELEASE-NOTES",
   "renovate.json",
   "tests/certs/**",
+  "tests/data/data**",
   "tests/data/test**",
   "tests/valgrind.supp",
 ]
diff --git a/docs/tests/FILEFORMAT.md b/docs/tests/FILEFORMAT.md
index df5eed8ac6..3897deb9cb 100644
--- a/docs/tests/FILEFORMAT.md
+++ b/docs/tests/FILEFORMAT.md
@@ -106,6 +106,11 @@ the include instruction:
 
     %include filename%
 
+Or, a variant of the above where the file is loaded as a newline-agnostic
+text file, and `%CR`, `%SP`, `%TAB` macros are expanded after inclusion:
+
+    %includetext filename%
+
 ## Conditional lines
 
 Lines in the test file can be made to appear conditionally on a specific
diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am
index c9e3f75ba1..d417a70a40 100644
--- a/tests/data/Makefile.am
+++ b/tests/data/Makefile.am
@@ -283,4 +283,4 @@ test3200 test3201 test3202 test3203 test3204 test3205 test3206 test3207 test3208
 test3209 test3210 test3211 test3212 test3213 test3214 test3215 \
 test4000 test4001
 
-EXTRA_DIST = $(TESTCASES) DISABLED
+EXTRA_DIST = $(TESTCASES) DISABLED data-xml1
diff --git a/tests/data/data-xml1 b/tests/data/data-xml1
new file mode 100644
index 0000000000..76d8a4afd4
--- /dev/null
+++ b/tests/data/data-xml1
@@ -0,0 +1,112 @@
+
+
+
+  
+    1612
+    1998-08-21 04:01:29
+    2004-10-18 02:22:23
+    curl
+    curl and libcurl
+    Command line tool and library for client-side URL transfers.
+    curl and libcurl is a tool for transferring files%CR
+using URL syntax. It supports HTTP, HTTPS, FTP,%CR
+FTPS, DICT, TELNET, LDAP, FILE, and GOPHER, as%CR
+well as HTTP-post, HTTP-put, cookies, FTP upload,%CR
+resumed transfers, passwords, portnumbers, SSL%CR
+certificates, Kerberos, and proxies. It is powered%CR
+by libcurl, the client-side URL transfer library.%CR
+There are bindings to libcurl for over 20%CR
+languages and environments.%CR
+
+    5784.57
+    3.16
+    169
+    6594.54
+    13.81
+    105
+    8.50
+    21
+    183
+    323
+    Default
+    http://freshmeat.net/projects/curl/
+    http://freshmeat.net/redir/curl/1612/url_homepage/
+    http://freshmeat.net/redir/curl/1612/url_tgz/
+    http://freshmeat.net/redir/curl/1612/url_bz2/
+    http://freshmeat.net/redir/curl/1612/url_zip/
+    http://freshmeat.net/redir/curl/1612/url_changelog/
+    http://freshmeat.net/redir/curl/1612/url_rpm/
+    http://freshmeat.net/redir/curl/1612/url_deb/
+    http://freshmeat.net/redir/curl/1612/url_osx/
+    http://freshmeat.net/redir/curl/1612/url_bsdport/
+    
+    http://freshmeat.net/redir/curl/1612/url_cvs/
+    http://freshmeat.net/redir/curl/1612/url_list/
+    http://freshmeat.net/redir/curl/1612/url_mirror/
+    
+    MIT/X Consortium License
+    
+      7.12.2
+      176085
+      2004-10-18 02:22:23
+    
+    
+    
+      
+        Daniel Stenberg
+        http://freshmeat.net/~bagder/
+        Owner
+      
+    
+    
+      12
+      226
+      3
+      2
+      188
+      216
+      200
+      220
+      164
+      90
+      89
+      809
+      150
+      224
+      900
+      839
+    
+    
+      
+        0
+        7464
+        7464
+        OpenSSL (Default)
+      
+      
+        0
+        0
+        7443
+        OpenLDAP
+      
+      
+        0
+        0
+        12351
+        zlib
+      
+      
+        0
+        0
+        32047
+        Heimdal
+      
+      
+        0
+        0
+        44532
+        c-ares
+      
+    
+  
+
diff --git a/tests/data/test1123 b/tests/data/test1123
index d0fc9fb066..80ec7b4cb3 100644
--- a/tests/data/test1123
+++ b/tests/data/test1123
@@ -35,118 +35,7 @@ Vary: Accept-Encoding%CR
 Content-Type: text/html; charset=ISO-8859-1%CR
 Transfer-Encoding: deflate, chunked%CR
 %CR
-
-
-
-  
-    1612
-    1998-08-21 04:01:29
-    2004-10-18 02:22:23
-    curl
-    curl and libcurl
-    Command line tool and library for client-side URL transfers.
-    curl and libcurl is a tool for transferring files%CR
-using URL syntax. It supports HTTP, HTTPS, FTP,%CR
-FTPS, DICT, TELNET, LDAP, FILE, and GOPHER, as%CR
-well as HTTP-post, HTTP-put, cookies, FTP upload,%CR
-resumed transfers, passwords, portnumbers, SSL%CR
-certificates, Kerberos, and proxies. It is powered%CR
-by libcurl, the client-side URL transfer library.%CR
-There are bindings to libcurl for over 20%CR
-languages and environments.%CR
-
-    5784.57
-    3.16
-    169
-    6594.54
-    13.81
-    105
-    8.50
-    21
-    183
-    323
-    Default
-    http://freshmeat.net/projects/curl/
-    http://freshmeat.net/redir/curl/1612/url_homepage/
-    http://freshmeat.net/redir/curl/1612/url_tgz/
-    http://freshmeat.net/redir/curl/1612/url_bz2/
-    http://freshmeat.net/redir/curl/1612/url_zip/
-    http://freshmeat.net/redir/curl/1612/url_changelog/
-    http://freshmeat.net/redir/curl/1612/url_rpm/
-    http://freshmeat.net/redir/curl/1612/url_deb/
-    http://freshmeat.net/redir/curl/1612/url_osx/
-    http://freshmeat.net/redir/curl/1612/url_bsdport/
-    
-    http://freshmeat.net/redir/curl/1612/url_cvs/
-    http://freshmeat.net/redir/curl/1612/url_list/
-    http://freshmeat.net/redir/curl/1612/url_mirror/
-    
-    MIT/X Consortium License
-    
-      7.12.2
-      176085
-      2004-10-18 02:22:23
-    
-    
-    
-      
-        Daniel Stenberg
-        http://freshmeat.net/~bagder/
-        Owner
-      
-    
-    
-      12
-      226
-      3
-      2
-      188
-      216
-      200
-      220
-      164
-      90
-      89
-      809
-      150
-      224
-      900
-      839
-    
-    
-      
-        0
-        7464
-        7464
-        OpenSSL (Default)
-      
-      
-        0
-        0
-        7443
-        OpenLDAP
-      
-      
-        0
-        0
-        12351
-        zlib
-      
-      
-        0
-        0
-        32047
-        Heimdal
-      
-      
-        0
-        0
-        44532
-        c-ares
-      
-    
-  
-
+%includetext %SRCDIR/data/data-xml1%
 
 
 
diff --git a/tests/data/test1277 b/tests/data/test1277
index b229a0e1c2..56275d2bc5 100644
--- a/tests/data/test1277
+++ b/tests/data/test1277
@@ -39,118 +39,7 @@ Content-Type: text/html; charset=ISO-8859-1%CR
 Transfer-Encoding: gzip, chunked%CR
 Content-Encoding: deflate%CR
 %CR
-
-
-
-  
-    1612
-    1998-08-21 04:01:29
-    2004-10-18 02:22:23
-    curl
-    curl and libcurl
-    Command line tool and library for client-side URL transfers.
-    curl and libcurl is a tool for transferring files%CR
-using URL syntax. It supports HTTP, HTTPS, FTP,%CR
-FTPS, DICT, TELNET, LDAP, FILE, and GOPHER, as%CR
-well as HTTP-post, HTTP-put, cookies, FTP upload,%CR
-resumed transfers, passwords, portnumbers, SSL%CR
-certificates, Kerberos, and proxies. It is powered%CR
-by libcurl, the client-side URL transfer library.%CR
-There are bindings to libcurl for over 20%CR
-languages and environments.%CR
-
-    5784.57
-    3.16
-    169
-    6594.54
-    13.81
-    105
-    8.50
-    21
-    183
-    323
-    Default
-    http://freshmeat.net/projects/curl/
-    http://freshmeat.net/redir/curl/1612/url_homepage/
-    http://freshmeat.net/redir/curl/1612/url_tgz/
-    http://freshmeat.net/redir/curl/1612/url_bz2/
-    http://freshmeat.net/redir/curl/1612/url_zip/
-    http://freshmeat.net/redir/curl/1612/url_changelog/
-    http://freshmeat.net/redir/curl/1612/url_rpm/
-    http://freshmeat.net/redir/curl/1612/url_deb/
-    http://freshmeat.net/redir/curl/1612/url_osx/
-    http://freshmeat.net/redir/curl/1612/url_bsdport/
-    
-    http://freshmeat.net/redir/curl/1612/url_cvs/
-    http://freshmeat.net/redir/curl/1612/url_list/
-    http://freshmeat.net/redir/curl/1612/url_mirror/
-    
-    MIT/X Consortium License
-    
-      7.12.2
-      176085
-      2004-10-18 02:22:23
-    
-    
-    
-      
-        Daniel Stenberg
-        http://freshmeat.net/~bagder/
-        Owner
-      
-    
-    
-      12
-      226
-      3
-      2
-      188
-      216
-      200
-      220
-      164
-      90
-      89
-      809
-      150
-      224
-      900
-      839
-    
-    
-      
-        0
-        7464
-        7464
-        OpenSSL (Default)
-      
-      
-        0
-        0
-        7443
-        OpenLDAP
-      
-      
-        0
-        0
-        12351
-        zlib
-      
-      
-        0
-        0
-        32047
-        Heimdal
-      
-      
-        0
-        0
-        44532
-        c-ares
-      
-    
-  
-
+%includetext %SRCDIR/data/data-xml1%
 
 
 
diff --git a/tests/data/test222 b/tests/data/test222
index e1b3bceb3a..0f09d9caaa 100644
--- a/tests/data/test222
+++ b/tests/data/test222
@@ -33,118 +33,7 @@ Content-Type: text/html; charset=ISO-8859-1%CR
 Content-Encoding: deflate%CR
 Content-Length: 1305%CR
 %CR
-
-
-
-  
-    1612
-    1998-08-21 04:01:29
-    2004-10-18 02:22:23
-    curl
-    curl and libcurl
-    Command line tool and library for client-side URL transfers.
-    curl and libcurl is a tool for transferring files%CR
-using URL syntax. It supports HTTP, HTTPS, FTP,%CR
-FTPS, DICT, TELNET, LDAP, FILE, and GOPHER, as%CR
-well as HTTP-post, HTTP-put, cookies, FTP upload,%CR
-resumed transfers, passwords, portnumbers, SSL%CR
-certificates, Kerberos, and proxies. It is powered%CR
-by libcurl, the client-side URL transfer library.%CR
-There are bindings to libcurl for over 20%CR
-languages and environments.%CR
-
-    5784.57
-    3.16
-    169
-    6594.54
-    13.81
-    105
-    8.50
-    21
-    183
-    323
-    Default
-    http://freshmeat.net/projects/curl/
-    http://freshmeat.net/redir/curl/1612/url_homepage/
-    http://freshmeat.net/redir/curl/1612/url_tgz/
-    http://freshmeat.net/redir/curl/1612/url_bz2/
-    http://freshmeat.net/redir/curl/1612/url_zip/
-    http://freshmeat.net/redir/curl/1612/url_changelog/
-    http://freshmeat.net/redir/curl/1612/url_rpm/
-    http://freshmeat.net/redir/curl/1612/url_deb/
-    http://freshmeat.net/redir/curl/1612/url_osx/
-    http://freshmeat.net/redir/curl/1612/url_bsdport/
-    
-    http://freshmeat.net/redir/curl/1612/url_cvs/
-    http://freshmeat.net/redir/curl/1612/url_list/
-    http://freshmeat.net/redir/curl/1612/url_mirror/
-    
-    MIT/X Consortium License
-    
-      7.12.2
-      176085
-      2004-10-18 02:22:23
-    
-    
-    
-      
-        Daniel Stenberg
-        http://freshmeat.net/~bagder/
-        Owner
-      
-    
-    
-      12
-      226
-      3
-      2
-      188
-      216
-      200
-      220
-      164
-      90
-      89
-      809
-      150
-      224
-      900
-      839
-    
-    
-      
-        0
-        7464
-        7464
-        OpenSSL (Default)
-      
-      
-        0
-        0
-        7443
-        OpenLDAP
-      
-      
-        0
-        0
-        12351
-        zlib
-      
-      
-        0
-        0
-        32047
-        Heimdal
-      
-      
-        0
-        0
-        44532
-        c-ares
-      
-    
-  
-
+%includetext %SRCDIR/data/data-xml1%
 
 
 
diff --git a/tests/data/test230 b/tests/data/test230
index 45f0a7f884..9d7703ed19 100644
--- a/tests/data/test230
+++ b/tests/data/test230
@@ -33,118 +33,7 @@ Content-Type: text/html; charset=ISO-8859-1%CR
 Content-Encoding: deflate, identity, gzip%CR
 Content-Length: 1328%CR
 %CR
-
-
-
-  
-    1612
-    1998-08-21 04:01:29
-    2004-10-18 02:22:23
-    curl
-    curl and libcurl
-    Command line tool and library for client-side URL transfers.
-    curl and libcurl is a tool for transferring files%CR
-using URL syntax. It supports HTTP, HTTPS, FTP,%CR
-FTPS, DICT, TELNET, LDAP, FILE, and GOPHER, as%CR
-well as HTTP-post, HTTP-put, cookies, FTP upload,%CR
-resumed transfers, passwords, portnumbers, SSL%CR
-certificates, Kerberos, and proxies. It is powered%CR
-by libcurl, the client-side URL transfer library.%CR
-There are bindings to libcurl for over 20%CR
-languages and environments.%CR
-
-    5784.57
-    3.16
-    169
-    6594.54
-    13.81
-    105
-    8.50
-    21
-    183
-    323
-    Default
-    http://freshmeat.net/projects/curl/
-    http://freshmeat.net/redir/curl/1612/url_homepage/
-    http://freshmeat.net/redir/curl/1612/url_tgz/
-    http://freshmeat.net/redir/curl/1612/url_bz2/
-    http://freshmeat.net/redir/curl/1612/url_zip/
-    http://freshmeat.net/redir/curl/1612/url_changelog/
-    http://freshmeat.net/redir/curl/1612/url_rpm/
-    http://freshmeat.net/redir/curl/1612/url_deb/
-    http://freshmeat.net/redir/curl/1612/url_osx/
-    http://freshmeat.net/redir/curl/1612/url_bsdport/
-    
-    http://freshmeat.net/redir/curl/1612/url_cvs/
-    http://freshmeat.net/redir/curl/1612/url_list/
-    http://freshmeat.net/redir/curl/1612/url_mirror/
-    
-    MIT/X Consortium License
-    
-      7.12.2
-      176085
-      2004-10-18 02:22:23
-    
-    
-    
-      
-        Daniel Stenberg
-        http://freshmeat.net/~bagder/
-        Owner
-      
-    
-    
-      12
-      226
-      3
-      2
-      188
-      216
-      200
-      220
-      164
-      90
-      89
-      809
-      150
-      224
-      900
-      839
-    
-    
-      
-        0
-        7464
-        7464
-        OpenSSL (Default)
-      
-      
-        0
-        0
-        7443
-        OpenLDAP
-      
-      
-        0
-        0
-        12351
-        zlib
-      
-      
-        0
-        0
-        32047
-        Heimdal
-      
-      
-        0
-        0
-        44532
-        c-ares
-      
-    
-  
-
+%includetext %SRCDIR/data/data-xml1%
 
 
 
diff --git a/tests/data/test232 b/tests/data/test232
index 94cb1b9f99..9fe30dd005 100644
--- a/tests/data/test232
+++ b/tests/data/test232
@@ -33,118 +33,7 @@ Content-Type: text/html; charset=ISO-8859-1%CR
 Content-Encoding: deflate%CR
 Content-Length: 1287%CR
 %CR
-
-
-
-  
-    1612
-    1998-08-21 04:01:29
-    2004-10-18 02:22:23
-    curl
-    curl and libcurl
-    Command line tool and library for client-side URL transfers.
-    curl and libcurl is a tool for transferring files%CR
-using URL syntax. It supports HTTP, HTTPS, FTP,%CR
-FTPS, DICT, TELNET, LDAP, FILE, and GOPHER, as%CR
-well as HTTP-post, HTTP-put, cookies, FTP upload,%CR
-resumed transfers, passwords, portnumbers, SSL%CR
-certificates, Kerberos, and proxies. It is powered%CR
-by libcurl, the client-side URL transfer library.%CR
-There are bindings to libcurl for over 20%CR
-languages and environments.%CR
-
-    5784.57
-    3.16
-    169
-    6594.54
-    13.81
-    105
-    8.50
-    21
-    183
-    323
-    Default
-    http://freshmeat.net/projects/curl/
-    http://freshmeat.net/redir/curl/1612/url_homepage/
-    http://freshmeat.net/redir/curl/1612/url_tgz/
-    http://freshmeat.net/redir/curl/1612/url_bz2/
-    http://freshmeat.net/redir/curl/1612/url_zip/
-    http://freshmeat.net/redir/curl/1612/url_changelog/
-    http://freshmeat.net/redir/curl/1612/url_rpm/
-    http://freshmeat.net/redir/curl/1612/url_deb/
-    http://freshmeat.net/redir/curl/1612/url_osx/
-    http://freshmeat.net/redir/curl/1612/url_bsdport/
-    
-    http://freshmeat.net/redir/curl/1612/url_cvs/
-    http://freshmeat.net/redir/curl/1612/url_list/
-    http://freshmeat.net/redir/curl/1612/url_mirror/
-    
-    MIT/X Consortium License
-    
-      7.12.2
-      176085
-      2004-10-18 02:22:23
-    
-    
-    
-      
-        Daniel Stenberg
-        http://freshmeat.net/~bagder/
-        Owner
-      
-    
-    
-      12
-      226
-      3
-      2
-      188
-      216
-      200
-      220
-      164
-      90
-      89
-      809
-      150
-      224
-      900
-      839
-    
-    
-      
-        0
-        7464
-        7464
-        OpenSSL (Default)
-      
-      
-        0
-        0
-        7443
-        OpenLDAP
-      
-      
-        0
-        0
-        12351
-        zlib
-      
-      
-        0
-        0
-        32047
-        Heimdal
-      
-      
-        0
-        0
-        44532
-        c-ares
-      
-    
-  
-
+%includetext %SRCDIR/data/data-xml1%
 
 
 
diff --git a/tests/data/test314 b/tests/data/test314
index 4f14957a43..6074da33c3 100644
--- a/tests/data/test314
+++ b/tests/data/test314
@@ -35,118 +35,7 @@ Content-Type: text/html; charset=ISO-8859-1%CR
 Content-Encoding: br%CR
 Content-Length: 1056%CR
 %CR
-
-
-
-  
-    1612
-    1998-08-21 04:01:29
-    2004-10-18 02:22:23
-    curl
-    curl and libcurl
-    Command line tool and library for client-side URL transfers.
-    curl and libcurl is a tool for transferring files%CR
-using URL syntax. It supports HTTP, HTTPS, FTP,%CR
-FTPS, DICT, TELNET, LDAP, FILE, and GOPHER, as%CR
-well as HTTP-post, HTTP-put, cookies, FTP upload,%CR
-resumed transfers, passwords, portnumbers, SSL%CR
-certificates, Kerberos, and proxies. It is powered%CR
-by libcurl, the client-side URL transfer library.%CR
-There are bindings to libcurl for over 20%CR
-languages and environments.%CR
-
-    5784.57
-    3.16
-    169
-    6594.54
-    13.81
-    105
-    8.50
-    21
-    183
-    323
-    Default
-    http://freshmeat.net/projects/curl/
-    http://freshmeat.net/redir/curl/1612/url_homepage/
-    http://freshmeat.net/redir/curl/1612/url_tgz/
-    http://freshmeat.net/redir/curl/1612/url_bz2/
-    http://freshmeat.net/redir/curl/1612/url_zip/
-    http://freshmeat.net/redir/curl/1612/url_changelog/
-    http://freshmeat.net/redir/curl/1612/url_rpm/
-    http://freshmeat.net/redir/curl/1612/url_deb/
-    http://freshmeat.net/redir/curl/1612/url_osx/
-    http://freshmeat.net/redir/curl/1612/url_bsdport/
-    
-    http://freshmeat.net/redir/curl/1612/url_cvs/
-    http://freshmeat.net/redir/curl/1612/url_list/
-    http://freshmeat.net/redir/curl/1612/url_mirror/
-    
-    MIT/X Consortium License
-    
-      7.12.2
-      176085
-      2004-10-18 02:22:23
-    
-    
-    
-      
-        Daniel Stenberg
-        http://freshmeat.net/~bagder/
-        Owner
-      
-    
-    
-      12
-      226
-      3
-      2
-      188
-      216
-      200
-      220
-      164
-      90
-      89
-      809
-      150
-      224
-      900
-      839
-    
-    
-      
-        0
-        7464
-        7464
-        OpenSSL (Default)
-      
-      
-        0
-        0
-        7443
-        OpenLDAP
-      
-      
-        0
-        0
-        12351
-        zlib
-      
-      
-        0
-        0
-        32047
-        Heimdal
-      
-      
-        0
-        0
-        44532
-        c-ares
-      
-    
-  
-
+%includetext %SRCDIR/data/data-xml1%
 
 
 
diff --git a/tests/data/test396 b/tests/data/test396
index 5dd3faed13..bc29bad5f7 100644
--- a/tests/data/test396
+++ b/tests/data/test396
@@ -32,118 +32,7 @@ Content-Type: text/html; charset=ISO-8859-1%CR
 Content-Encoding: zstd%CR
 Content-Length: 1309%CR
 %CR
-
-
-
-  
-    1612
-    1998-08-21 04:01:29
-    2004-10-18 02:22:23
-    curl
-    curl and libcurl
-    Command line tool and library for client-side URL transfers.
-    curl and libcurl is a tool for transferring files%CR
-using URL syntax. It supports HTTP, HTTPS, FTP,%CR
-FTPS, DICT, TELNET, LDAP, FILE, and GOPHER, as%CR
-well as HTTP-post, HTTP-put, cookies, FTP upload,%CR
-resumed transfers, passwords, portnumbers, SSL%CR
-certificates, Kerberos, and proxies. It is powered%CR
-by libcurl, the client-side URL transfer library.%CR
-There are bindings to libcurl for over 20%CR
-languages and environments.%CR
-
-    5784.57
-    3.16
-    169
-    6594.54
-    13.81
-    105
-    8.50
-    21
-    183
-    323
-    Default
-    http://freshmeat.net/projects/curl/
-    http://freshmeat.net/redir/curl/1612/url_homepage/
-    http://freshmeat.net/redir/curl/1612/url_tgz/
-    http://freshmeat.net/redir/curl/1612/url_bz2/
-    http://freshmeat.net/redir/curl/1612/url_zip/
-    http://freshmeat.net/redir/curl/1612/url_changelog/
-    http://freshmeat.net/redir/curl/1612/url_rpm/
-    http://freshmeat.net/redir/curl/1612/url_deb/
-    http://freshmeat.net/redir/curl/1612/url_osx/
-    http://freshmeat.net/redir/curl/1612/url_bsdport/
-    
-    http://freshmeat.net/redir/curl/1612/url_cvs/
-    http://freshmeat.net/redir/curl/1612/url_list/
-    http://freshmeat.net/redir/curl/1612/url_mirror/
-    
-    MIT/X Consortium License
-    
-      7.12.2
-      176085
-      2004-10-18 02:22:23
-    
-    
-    
-      
-        Daniel Stenberg
-        http://freshmeat.net/~bagder/
-        Owner
-      
-    
-    
-      12
-      226
-      3
-      2
-      188
-      216
-      200
-      220
-      164
-      90
-      89
-      809
-      150
-      224
-      900
-      839
-    
-    
-      
-        0
-        7464
-        7464
-        OpenSSL (Default)
-      
-      
-        0
-        0
-        7443
-        OpenLDAP
-      
-      
-        0
-        0
-        12351
-        zlib
-      
-      
-        0
-        0
-        32047
-        Heimdal
-      
-      
-        0
-        0
-        44532
-        c-ares
-      
-    
-  
-
+%includetext %SRCDIR/data/data-xml1%
 
 
 
diff --git a/tests/testutil.pm b/tests/testutil.pm
index 126f83e021..35fe4bd633 100644
--- a/tests/testutil.pm
+++ b/tests/testutil.pm
@@ -100,8 +100,11 @@ sub clearlogs {
 #######################################################################
 
 sub includefile {
-    my ($f) = @_;
+    my ($f, $text) = @_;
     open(F, "<$f");
+    if($text) {
+        binmode F, ':crlf';
+    }
     my @a = ;
     close(F);
     return join("", @a);
@@ -147,12 +150,15 @@ sub subbase64 {
         $$thing =~ s/%%DAYS%%/%alternatives[$d,$d2]/;
     }
 
+    # include a file, expand space macros
+    $$thing =~ s/%includetext ([^%]*)%[\n\r]+/includefile($1, 1)/ge;
+
     $$thing =~ s/%SP/ /g;    # space
     $$thing =~ s/%TAB/\t/g;  # horizontal tab
     $$thing =~ s/%CR/\r/g;   # carriage return aka \r aka 0x0d
 
     # include a file
-    $$thing =~ s/%include ([^%]*)%[\n\r]+/includefile($1)/ge;
+    $$thing =~ s/%include ([^%]*)%[\n\r]+/includefile($1, 0)/ge;
 }
 
 my $prevupdate;  # module scope so it remembers the last value

From 78a610cb832e9cd6441edc1b9cf5acf57bef28f5 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Wed, 12 Nov 2025 12:15:42 +0100
Subject: [PATCH 0833/2408] lib: rename curlx_timediff to curlx_timeleft_ms

Rename `Curl_timeleft()` to `Curl_timeleft_ms()` to make the units in
the returned `timediff_t` clear. (We used to always have ms there, but
with QUIC started to sometimes calc ns as well).

Rename some assigned vars without `_ms` suffix for clarity as well.

Closes #19486
---
 lib/asyn-ares.c         | 50 ++++++++++++++++++++---------------------
 lib/asyn-thrdd.c        |  6 ++---
 lib/cf-h1-proxy.c       |  4 +---
 lib/cf-h2-proxy.c       |  4 +---
 lib/cf-https-connect.c  | 11 ++++-----
 lib/cf-ip-happy.c       | 16 ++++++-------
 lib/cf-socket.c         | 16 ++++++-------
 lib/cfilters.c          |  2 +-
 lib/conncache.c         |  6 ++---
 lib/connect.c           | 14 ++++++------
 lib/connect.h           |  6 ++---
 lib/cshutdn.c           |  8 +++----
 lib/curlx/timeval.c     |  5 +++--
 lib/curlx/timeval.h     |  5 +++--
 lib/doh.c               |  2 +-
 lib/easy.c              |  8 +++----
 lib/gopher.c            |  2 +-
 lib/hostip.c            |  6 ++---
 lib/http.c              |  2 +-
 lib/mqtt.c              |  2 +-
 lib/multi.c             | 18 +++++++--------
 lib/pingpong.c          |  6 ++---
 lib/progress.c          |  8 +++----
 lib/rename.c            |  2 +-
 lib/socketpair.c        |  2 +-
 lib/socks.c             |  2 +-
 lib/speedcheck.c        |  2 +-
 lib/telnet.c            |  4 ++--
 lib/tftp.c              |  6 ++---
 lib/transfer.c          |  6 ++---
 lib/url.c               | 10 ++++-----
 lib/vquic/curl_ngtcp2.c | 10 ++++-----
 lib/vquic/curl_osslq.c  |  8 +++----
 lib/vquic/curl_quiche.c |  6 ++---
 lib/vssh/libssh.c       | 10 ++++-----
 lib/vssh/libssh2.c      | 10 ++++-----
 lib/vtls/gtls.c         |  2 +-
 lib/vtls/openssl.c      |  2 +-
 lib/vtls/schannel.c     | 28 +++++++++++------------
 lib/vtls/wolfssl.c      |  2 +-
 lib/ws.c                |  2 +-
 src/tool_cb_prg.c       |  4 ++--
 src/tool_cb_rea.c       |  2 +-
 src/tool_operate.c      |  6 ++---
 src/tool_progress.c     |  8 +++----
 tests/data/test1303     |  4 ++--
 tests/libtest/first.h   |  2 +-
 tests/libtest/lib1501.c |  2 +-
 tests/libtest/lib1507.c |  2 +-
 tests/libtest/lib1564.c | 10 ++++-----
 tests/unit/unit1303.c   |  2 +-
 tests/unit/unit1323.c   |  2 +-
 tests/unit/unit2600.c   | 10 ++++-----
 53 files changed, 187 insertions(+), 188 deletions(-)

diff --git a/lib/asyn-ares.c b/lib/asyn-ares.c
index 96768feb11..c729aebdaf 100644
--- a/lib/asyn-ares.c
+++ b/lib/asyn-ares.c
@@ -317,7 +317,7 @@ CURLcode Curl_async_is_resolved(struct Curl_easy *data,
      /* This is only set to non-zero if the timer was started. */
      && (ares->happy_eyeballs_dns_time.tv_sec
          || ares->happy_eyeballs_dns_time.tv_usec)
-     && (curlx_timediff(curlx_now(), ares->happy_eyeballs_dns_time)
+     && (curlx_timediff_ms(curlx_now(), ares->happy_eyeballs_dns_time)
          >= HAPPY_EYEBALLS_DNS_TIMEOUT)) {
     /* Remember that the EXPIRE_HAPPY_EYEBALLS_DNS timer is no longer
        running. */
@@ -394,47 +394,47 @@ CURLcode Curl_async_await(struct Curl_easy *data,
 {
   struct async_ares_ctx *ares = &data->state.async.ares;
   CURLcode result = CURLE_OK;
-  timediff_t timeout;
+  timediff_t timeout_ms;
   struct curltime now = curlx_now();
 
   DEBUGASSERT(entry);
   *entry = NULL; /* clear on entry */
 
-  timeout = Curl_timeleft(data, &now, TRUE);
-  if(timeout < 0) {
+  timeout_ms = Curl_timeleft_ms(data, &now, TRUE);
+  if(timeout_ms < 0) {
     /* already expired! */
     connclose(data->conn, "Timed out before name resolve started");
     return CURLE_OPERATION_TIMEDOUT;
   }
-  if(!timeout)
-    timeout = CURL_TIMEOUT_RESOLVE * 1000; /* default name resolve timeout */
+  if(!timeout_ms)
+    timeout_ms = CURL_TIMEOUT_RESOLVE * 1000; /* default name resolve */
 
   /* Wait for the name resolve query to complete. */
   while(!result) {
-    struct timeval *tvp, tv, store;
-    int itimeout;
-    timediff_t timeout_ms;
+    struct timeval *real_timeout, time_buf, max_timeout;
+    int itimeout_ms;
+    timediff_t call_timeout_ms;
 
 #if TIMEDIFF_T_MAX > INT_MAX
-    itimeout = (timeout > INT_MAX) ? INT_MAX : (int)timeout;
+    itimeout_ms = (timeout_ms > INT_MAX) ? INT_MAX : (int)timeout_ms;
 #else
-    itimeout = (int)timeout;
+    itimeout_ms = (int)timeout_ms;
 #endif
 
-    store.tv_sec = itimeout/1000;
-    store.tv_usec = (itimeout%1000)*1000;
+    max_timeout.tv_sec = itimeout_ms/1000;
+    max_timeout.tv_usec = (itimeout_ms%1000)*1000;
 
-    tvp = ares_timeout(ares->channel, &store, &tv);
+    real_timeout = ares_timeout(ares->channel, &max_timeout, &time_buf);
 
     /* use the timeout period ares returned to us above if less than one
        second is left, otherwise just use 1000ms to make sure the progress
        callback gets called frequent enough */
-    if(!tvp->tv_sec)
-      timeout_ms = (timediff_t)(tvp->tv_usec/1000);
+    if(!real_timeout->tv_sec)
+      call_timeout_ms = (timediff_t)(real_timeout->tv_usec/1000);
     else
-      timeout_ms = 1000;
+      call_timeout_ms = 1000;
 
-    if(Curl_ares_perform(ares->channel, timeout_ms) < 0)
+    if(Curl_ares_perform(ares->channel, call_timeout_ms) < 0)
       return CURLE_UNRECOVERABLE_POLL;
 
     result = Curl_async_is_resolved(data, entry);
@@ -445,16 +445,16 @@ CURLcode Curl_async_await(struct Curl_easy *data,
       result = CURLE_ABORTED_BY_CALLBACK;
     else {
       struct curltime now2 = curlx_now();
-      timediff_t timediff = curlx_timediff(now2, now); /* spent time */
-      if(timediff <= 0)
-        timeout -= 1; /* always deduct at least 1 */
-      else if(timediff > timeout)
-        timeout = -1;
+      timediff_t elapsed_ms = curlx_timediff_ms(now2, now); /* spent time */
+      if(elapsed_ms <= 0)
+        timeout_ms -= 1; /* always deduct at least 1 */
+      else if(elapsed_ms > timeout_ms)
+        timeout_ms = -1;
       else
-        timeout -= timediff;
+        timeout_ms -= elapsed_ms;
       now = now2; /* for next loop */
     }
-    if(timeout < 0)
+    if(timeout_ms < 0)
       result = CURLE_OPERATION_TIMEDOUT;
   }
 
diff --git a/lib/asyn-thrdd.c b/lib/asyn-thrdd.c
index 2ee4629890..d1652d0ff4 100644
--- a/lib/asyn-thrdd.c
+++ b/lib/asyn-thrdd.c
@@ -660,8 +660,8 @@ CURLcode Curl_async_is_resolved(struct Curl_easy *data,
   else {
     /* poll for name lookup done with exponential backoff up to 250ms */
     /* should be fine even if this converts to 32-bit */
-    timediff_t elapsed = curlx_timediff(curlx_now(),
-                                       data->progress.t_startsingle);
+    timediff_t elapsed = curlx_timediff_ms(curlx_now(),
+                                           data->progress.t_startsingle);
     if(elapsed < 0)
       elapsed = 0;
 
@@ -711,7 +711,7 @@ CURLcode Curl_async_pollset(struct Curl_easy *data, struct easy_pollset *ps)
     result = Curl_pollset_add_in(data, ps, thrdd->addr->sock_pair[0]);
 #else
     timediff_t milli;
-    timediff_t ms = curlx_timediff(curlx_now(), thrdd->addr->start);
+    timediff_t ms = curlx_timediff_ms(curlx_now(), thrdd->addr->start);
     if(ms < 3)
       milli = 0;
     else if(ms <= 50)
diff --git a/lib/cf-h1-proxy.c b/lib/cf-h1-proxy.c
index f46cc09616..be01891bf0 100644
--- a/lib/cf-h1-proxy.c
+++ b/lib/cf-h1-proxy.c
@@ -535,10 +535,8 @@ static CURLcode H1_CONNECT(struct Curl_cfilter *cf,
     return CURLE_RECV_ERROR; /* Need a cfilter close and new bootstrap */
 
   do {
-    timediff_t check;
 
-    check = Curl_timeleft(data, NULL, TRUE);
-    if(check <= 0) {
+    if(Curl_timeleft_ms(data, NULL, TRUE) < 0) {
       failf(data, "Proxy CONNECT aborted due to timeout");
       result = CURLE_OPERATION_TIMEDOUT;
       goto out;
diff --git a/lib/cf-h2-proxy.c b/lib/cf-h2-proxy.c
index 318fe54253..148caca71b 100644
--- a/lib/cf-h2-proxy.c
+++ b/lib/cf-h2-proxy.c
@@ -1073,7 +1073,6 @@ static CURLcode cf_h2_proxy_connect(struct Curl_cfilter *cf,
   struct cf_h2_proxy_ctx *ctx = cf->ctx;
   CURLcode result = CURLE_OK;
   struct cf_call_data save;
-  timediff_t check;
   struct tunnel_stream *ts = &ctx->tunnel;
 
   if(cf->connected) {
@@ -1098,8 +1097,7 @@ static CURLcode cf_h2_proxy_connect(struct Curl_cfilter *cf,
   }
   DEBUGASSERT(ts->authority);
 
-  check = Curl_timeleft(data, NULL, TRUE);
-  if(check <= 0) {
+  if(Curl_timeleft_ms(data, NULL, TRUE) < 0) {
     failf(data, "Proxy CONNECT aborted due to timeout");
     result = CURLE_OPERATION_TIMEDOUT;
     goto out;
diff --git a/lib/cf-https-connect.c b/lib/cf-https-connect.c
index 085b93da64..dfd82bd9a1 100644
--- a/lib/cf-https-connect.c
+++ b/lib/cf-https-connect.c
@@ -215,12 +215,13 @@ static CURLcode baller_connected(struct Curl_cfilter *cf,
   reply_ms = cf_hc_baller_reply_ms(winner, data);
   if(reply_ms >= 0)
     CURL_TRC_CF(data, cf, "connect+handshake %s: %dms, 1st data: %dms",
-                winner->name, (int)curlx_timediff(curlx_now(),
-                                                  winner->started), reply_ms);
+                winner->name,
+                (int)curlx_timediff_ms(curlx_now(),
+                                       winner->started), reply_ms);
   else
     CURL_TRC_CF(data, cf, "deferred handshake %s: %dms",
-                winner->name, (int)curlx_timediff(curlx_now(),
-                                                  winner->started));
+                winner->name, (int)curlx_timediff_ms(curlx_now(),
+                                                     winner->started));
 
   /* install the winning filter below this one. */
   cf->next = winner->cf;
@@ -269,7 +270,7 @@ static bool time_to_start_next(struct Curl_cfilter *cf,
                 ctx->ballers[idx].name);
     return TRUE;
   }
-  elapsed_ms = curlx_timediff(now, ctx->started);
+  elapsed_ms = curlx_timediff_ms(now, ctx->started);
   if(elapsed_ms >= ctx->hard_eyeballs_timeout_ms) {
     CURL_TRC_CF(data, cf, "hard timeout of %" FMT_TIMEDIFF_T "ms reached, "
                 "starting %s",
diff --git a/lib/cf-ip-happy.c b/lib/cf-ip-happy.c
index 22ae260ce0..2e522322c3 100644
--- a/lib/cf-ip-happy.c
+++ b/lib/cf-ip-happy.c
@@ -413,8 +413,8 @@ evaluate:
       more_possible = cf_ai_iter_has_more(&bs->ipv6_iter);
 #endif
     do_more = more_possible &&
-              (curlx_timediff(now, bs->last_attempt_started) >=
-              bs->attempt_delay_ms);
+              (curlx_timediff_ms(now, bs->last_attempt_started) >=
+               bs->attempt_delay_ms);
     if(do_more)
       CURL_TRC_CF(data, cf, "happy eyeballs timeout expired, "
                   "start next attempt");
@@ -460,7 +460,7 @@ evaluate:
     else if(inconclusive) {
       /* tried all addresses, no success but some where inconclusive.
        * Let's restart the inconclusive ones. */
-      timediff_t since_ms = curlx_timediff(now, bs->last_attempt_started);
+      timediff_t since_ms = curlx_timediff_ms(now, bs->last_attempt_started);
       timediff_t delay_ms = bs->attempt_delay_ms - since_ms;
       if(delay_ms <= 0) {
         CURL_TRC_CF(data, cf, "all attempts inconclusive, restarting one");
@@ -505,10 +505,10 @@ out:
     bool more_possible;
 
     /* when do we need to be called again? */
-    next_expire_ms = Curl_timeleft(data, &now, TRUE);
+    next_expire_ms = Curl_timeleft_ms(data, &now, TRUE);
     if(next_expire_ms <= 0) {
       failf(data, "Connection timeout after %" FMT_OFF_T " ms",
-            curlx_timediff(now, data->progress.t_startsingle));
+            curlx_timediff_ms(now, data->progress.t_startsingle));
       return CURLE_OPERATION_TIMEDOUT;
     }
 
@@ -519,7 +519,7 @@ out:
 #endif
     if(more_possible) {
       timediff_t expire_ms, elapsed_ms;
-      elapsed_ms = curlx_timediff(now, bs->last_attempt_started);
+      elapsed_ms = curlx_timediff_ms(now, bs->last_attempt_started);
       expire_ms = CURLMAX(bs->attempt_delay_ms - elapsed_ms, 0);
       next_expire_ms = CURLMIN(next_expire_ms, expire_ms);
       if(next_expire_ms <= 0) {
@@ -682,7 +682,7 @@ static CURLcode is_connected(struct Curl_cfilter *cf,
           proxy_name ? "via " : "",
           proxy_name ? proxy_name : "",
           proxy_name ? " " : "",
-          curlx_timediff(curlx_now(), data->progress.t_startsingle),
+          curlx_timediff_ms(curlx_now(), data->progress.t_startsingle),
           curl_easy_strerror(result));
   }
 
@@ -707,7 +707,7 @@ static CURLcode start_connect(struct Curl_cfilter *cf,
   if(!dns)
     return CURLE_FAILED_INIT;
 
-  if(Curl_timeleft(data, NULL, TRUE) < 0) {
+  if(Curl_timeleft_ms(data, NULL, TRUE) < 0) {
     /* a precaution, no need to continue if time already is up */
     failf(data, "Connection time-out");
     return CURLE_OPERATION_TIMEDOUT;
diff --git a/lib/cf-socket.c b/lib/cf-socket.c
index 667bf1e1be..d4244fc2ad 100644
--- a/lib/cf-socket.c
+++ b/lib/cf-socket.c
@@ -1428,7 +1428,7 @@ static void win_update_sndbuf_size(struct cf_socket_ctx *ctx)
   DWORD ideallen;
   struct curltime n = curlx_now();
 
-  if(curlx_timediff(n, ctx->last_sndbuf_query_at) > 1000) {
+  if(curlx_timediff_ms(n, ctx->last_sndbuf_query_at) > 1000) {
     if(!WSAIoctl(ctx->sock, SIO_IDEAL_SEND_BACKLOG_QUERY, 0, 0,
                   &ideal, sizeof(ideal), &ideallen, 0, 0) &&
        ideal != ctx->sndbuf_size &&
@@ -1701,7 +1701,7 @@ static CURLcode cf_socket_query(struct Curl_cfilter *cf,
     return CURLE_OK;
   case CF_QUERY_CONNECT_REPLY_MS:
     if(ctx->got_first_byte) {
-      timediff_t ms = curlx_timediff(ctx->first_byte_at, ctx->started_at);
+      timediff_t ms = curlx_timediff_ms(ctx->first_byte_at, ctx->started_at);
       *pres1 = (ms < INT_MAX) ? (int)ms : INT_MAX;
     }
     else
@@ -2020,7 +2020,7 @@ static timediff_t cf_tcp_accept_timeleft(struct Curl_cfilter *cf,
 {
   struct cf_socket_ctx *ctx = cf->ctx;
   timediff_t timeout_ms = DEFAULT_ACCEPT_TIMEOUT;
-  timediff_t other;
+  timediff_t other_ms;
   struct curltime now;
 
 #ifndef CURL_DISABLE_FTP
@@ -2030,14 +2030,14 @@ static timediff_t cf_tcp_accept_timeleft(struct Curl_cfilter *cf,
 
   now = curlx_now();
   /* check if the generic timeout possibly is set shorter */
-  other = Curl_timeleft(data, &now, FALSE);
-  if(other && (other < timeout_ms))
-    /* note that this also works fine for when other happens to be negative
+  other_ms = Curl_timeleft_ms(data, &now, FALSE);
+  if(other_ms && (other_ms < timeout_ms))
+    /* note that this also works fine for when other_ms happens to be negative
        due to it already having elapsed */
-    timeout_ms = other;
+    timeout_ms = other_ms;
   else {
     /* subtract elapsed time */
-    timeout_ms -= curlx_timediff(now, ctx->started_at);
+    timeout_ms -= curlx_timediff_ms(now, ctx->started_at);
     if(!timeout_ms)
       /* avoid returning 0 as that means no timeout! */
       timeout_ms = -1;
diff --git a/lib/cfilters.c b/lib/cfilters.c
index 090365fdd6..507512f8aa 100644
--- a/lib/cfilters.c
+++ b/lib/cfilters.c
@@ -526,7 +526,7 @@ CURLcode Curl_conn_connect(struct Curl_easy *data,
       goto out;
     else {
       /* check allowed time left */
-      const timediff_t timeout_ms = Curl_timeleft(data, NULL, TRUE);
+      const timediff_t timeout_ms = Curl_timeleft_ms(data, NULL, TRUE);
       curl_socket_t sockfd = Curl_conn_cf_get_socket(cf, data);
       int rc;
 
diff --git a/lib/conncache.c b/lib/conncache.c
index 7dc21d967a..86dcce7138 100644
--- a/lib/conncache.c
+++ b/lib/conncache.c
@@ -299,7 +299,7 @@ cpool_bundle_get_oldest_idle(struct cpool_bundle *bundle)
 
     if(!CONN_INUSE(conn)) {
       /* Set higher score for the age passed since the connection was used */
-      score = curlx_timediff(now, conn->lastused);
+      score = curlx_timediff_ms(now, conn->lastused);
 
       if(score > highscore) {
         highscore = score;
@@ -336,7 +336,7 @@ static struct connectdata *cpool_get_oldest_idle(struct cpool *cpool)
       if(CONN_INUSE(conn) || conn->bits.close || conn->connect_only)
         continue;
       /* Set higher score for the age passed since the connection was used */
-      score = curlx_timediff(now, conn->lastused);
+      score = curlx_timediff_ms(now, conn->lastused);
       if(score > highscore) {
         highscore = score;
         oldest_idle = conn;
@@ -745,7 +745,7 @@ void Curl_cpool_prune_dead(struct Curl_easy *data)
 
   rctx.now = curlx_now();
   CPOOL_LOCK(cpool, data);
-  elapsed = curlx_timediff(rctx.now, cpool->last_cleanup);
+  elapsed = curlx_timediff_ms(rctx.now, cpool->last_cleanup);
 
   if(elapsed >= 1000L) {
     while(cpool_foreach(data, cpool, &rctx, cpool_reap_dead_cb))
diff --git a/lib/connect.c b/lib/connect.c
index e3295524b0..18d9028c6c 100644
--- a/lib/connect.c
+++ b/lib/connect.c
@@ -101,7 +101,7 @@ enum alpnid Curl_alpn2alpnid(const char *name, size_t len)
 #endif
 
 /*
- * Curl_timeleft() returns the amount of milliseconds left allowed for the
+ * Curl_timeleft_ms() returns the amount of milliseconds left allowed for the
  * transfer/connection. If the value is 0, there is no timeout (ie there is
  * infinite time left). If the value is negative, the timeout time has already
  * elapsed.
@@ -110,9 +110,9 @@ enum alpnid Curl_alpn2alpnid(const char *name, size_t len)
  * @param duringconnect TRUE iff connect timeout is also taken into account.
  * @unittest: 1303
  */
-timediff_t Curl_timeleft(struct Curl_easy *data,
-                         struct curltime *nowp,
-                         bool duringconnect)
+timediff_t Curl_timeleft_ms(struct Curl_easy *data,
+                            struct curltime *nowp,
+                            bool duringconnect)
 {
   timediff_t timeleft_ms = 0;
   timediff_t ctimeleft_ms = 0;
@@ -133,7 +133,7 @@ timediff_t Curl_timeleft(struct Curl_easy *data,
 
   if(data->set.timeout) {
     timeleft_ms = data->set.timeout -
-      curlx_timediff(*nowp, data->progress.t_startop);
+      curlx_timediff_ms(*nowp, data->progress.t_startop);
     if(!timeleft_ms)
       timeleft_ms = -1; /* 0 is "no limit", fake 1 ms expiry */
     if(!duringconnect)
@@ -144,7 +144,7 @@ timediff_t Curl_timeleft(struct Curl_easy *data,
     timediff_t ctimeout_ms = (data->set.connecttimeout > 0) ?
       data->set.connecttimeout : DEFAULT_CONNECT_TIMEOUT;
     ctimeleft_ms = ctimeout_ms -
-                   curlx_timediff(*nowp, data->progress.t_startsingle);
+                   curlx_timediff_ms(*nowp, data->progress.t_startsingle);
     if(!ctimeleft_ms)
       ctimeleft_ms = -1; /* 0 is "no limit", fake 1 ms expiry */
     if(!timeleft_ms)
@@ -191,7 +191,7 @@ timediff_t Curl_shutdown_timeleft(struct connectdata *conn, int sockindex,
     nowp = &now;
   }
   left_ms = conn->shutdown.timeout_ms -
-            curlx_timediff(*nowp, conn->shutdown.start[sockindex]);
+            curlx_timediff_ms(*nowp, conn->shutdown.start[sockindex]);
   return left_ms ? left_ms : -1;
 }
 
diff --git a/lib/connect.h b/lib/connect.h
index cb185b2c57..ebf756c562 100644
--- a/lib/connect.h
+++ b/lib/connect.h
@@ -36,9 +36,9 @@ enum alpnid Curl_alpn2alpnid(const char *name, size_t len);
 
 /* generic function that returns how much time there is left to run, according
    to the timeouts set */
-timediff_t Curl_timeleft(struct Curl_easy *data,
-                         struct curltime *nowp,
-                         bool duringconnect);
+timediff_t Curl_timeleft_ms(struct Curl_easy *data,
+                            struct curltime *nowp,
+                            bool duringconnect);
 
 #define DEFAULT_CONNECT_TIMEOUT 300000 /* milliseconds == five minutes */
 
diff --git a/lib/cshutdn.c b/lib/cshutdn.c
index 1ce34606ec..f9f636640a 100644
--- a/lib/cshutdn.c
+++ b/lib/cshutdn.c
@@ -291,7 +291,7 @@ static void cshutdn_terminate_all(struct cshutdn *cshutdn,
   sigpipe_apply(data, &pipe_st);
 
   while(Curl_llist_head(&cshutdn->list)) {
-    timediff_t timespent;
+    timediff_t spent_ms;
     int remain_ms;
 
     cshutdn_perform(cshutdn, data);
@@ -302,14 +302,14 @@ static void cshutdn_terminate_all(struct cshutdn *cshutdn,
     }
 
     /* wait for activity, timeout or "nothing" */
-    timespent = curlx_timediff(curlx_now(), started);
-    if(timespent >= (timediff_t)timeout_ms) {
+    spent_ms = curlx_timediff_ms(curlx_now(), started);
+    if(spent_ms >= (timediff_t)timeout_ms) {
       CURL_TRC_M(data, "[SHUTDOWN] shutdown finished, %s",
                 (timeout_ms > 0) ? "timeout" : "best effort done");
       break;
     }
 
-    remain_ms = timeout_ms - (int)timespent;
+    remain_ms = timeout_ms - (int)spent_ms;
     if(cshutdn_wait(cshutdn, data, remain_ms)) {
       CURL_TRC_M(data, "[SHUTDOWN] shutdown finished, aborted");
       break;
diff --git a/lib/curlx/timeval.c b/lib/curlx/timeval.c
index bd8b9bcee2..a27525855b 100644
--- a/lib/curlx/timeval.c
+++ b/lib/curlx/timeval.c
@@ -220,7 +220,7 @@ struct curltime curlx_now(void)
  *
  * @unittest: 1323
  */
-timediff_t curlx_timediff(struct curltime newer, struct curltime older)
+timediff_t curlx_timediff_ms(struct curltime newer, struct curltime older)
 {
   timediff_t diff = (timediff_t)newer.tv_sec-older.tv_sec;
   if(diff >= (TIMEDIFF_T_MAX/1000))
@@ -234,7 +234,8 @@ timediff_t curlx_timediff(struct curltime newer, struct curltime older)
  * Returns: time difference in number of milliseconds, rounded up.
  * For too large diffs it returns max value.
  */
-timediff_t curlx_timediff_ceil(struct curltime newer, struct curltime older)
+timediff_t curlx_timediff_ceil_ms(struct curltime newer,
+                                  struct curltime older)
 {
   timediff_t diff = (timediff_t)newer.tv_sec-older.tv_sec;
   if(diff >= (TIMEDIFF_T_MAX/1000))
diff --git a/lib/curlx/timeval.h b/lib/curlx/timeval.h
index 1f8fe5e8ad..14819157fd 100644
--- a/lib/curlx/timeval.h
+++ b/lib/curlx/timeval.h
@@ -46,7 +46,7 @@ struct curltime curlx_now(void);
  *
  * Returns: the time difference in number of milliseconds.
  */
-timediff_t curlx_timediff(struct curltime newer, struct curltime older);
+timediff_t curlx_timediff_ms(struct curltime newer, struct curltime older);
 
 /*
  * Make sure that the first argument (newer) is the more recent time and older
@@ -54,7 +54,8 @@ timediff_t curlx_timediff(struct curltime newer, struct curltime older);
  *
  * Returns: the time difference in number of milliseconds, rounded up.
  */
-timediff_t curlx_timediff_ceil(struct curltime newer, struct curltime older);
+timediff_t curlx_timediff_ceil_ms(struct curltime newer,
+                                  struct curltime older);
 
 /*
  * Make sure that the first argument (newer) is the more recent time and older
diff --git a/lib/doh.c b/lib/doh.c
index 3552cba7b5..636f0f41cf 100644
--- a/lib/doh.c
+++ b/lib/doh.c
@@ -311,7 +311,7 @@ static CURLcode doh_probe_run(struct Curl_easy *data,
     goto error;
   }
 
-  timeout_ms = Curl_timeleft(data, NULL, TRUE);
+  timeout_ms = Curl_timeleft_ms(data, NULL, TRUE);
   if(timeout_ms <= 0) {
     result = CURLE_OPERATION_TIMEDOUT;
     goto error;
diff --git a/lib/easy.c b/lib/easy.c
index 919ed80e8b..c5ccc5b1e6 100644
--- a/lib/easy.c
+++ b/lib/easy.c
@@ -654,16 +654,16 @@ static CURLcode wait_or_timeout(struct Curl_multi *multi, struct events *ev)
         /* If nothing updated the timeout, we decrease it by the spent time.
          * If it was updated, it has the new timeout time stored already.
          */
-        timediff_t timediff = curlx_timediff(curlx_now(), before);
-        if(timediff > 0) {
+        timediff_t spent_ms = curlx_timediff_ms(curlx_now(), before);
+        if(spent_ms > 0) {
 #if DEBUG_EV_POLL
         curl_mfprintf(stderr, "poll timeout %ldms not updated, decrease by "
                       "time spent %ldms\n", ev->ms, (long)timediff);
 #endif
-          if(timediff > ev->ms)
+          if(spent_ms > ev->ms)
             ev->ms = 0;
           else
-            ev->ms -= (long)timediff;
+            ev->ms -= (long)spent_ms;
         }
       }
     }
diff --git a/lib/gopher.c b/lib/gopher.c
index 3a6c73e6a2..1d4c75295c 100644
--- a/lib/gopher.c
+++ b/lib/gopher.c
@@ -202,7 +202,7 @@ static CURLcode gopher_do(struct Curl_easy *data, bool *done)
     else
       break;
 
-    timeout_ms = Curl_timeleft(data, NULL, FALSE);
+    timeout_ms = Curl_timeleft_ms(data, NULL, FALSE);
     if(timeout_ms < 0) {
       result = CURLE_OPERATION_TIMEDOUT;
       break;
diff --git a/lib/hostip.c b/lib/hostip.c
index ff7ac18c99..ef000aab69 100644
--- a/lib/hostip.c
+++ b/lib/hostip.c
@@ -200,7 +200,7 @@ dnscache_entry_is_stale(void *datap, void *hc)
 
   if(dns->timestamp.tv_sec || dns->timestamp.tv_usec) {
     /* get age in milliseconds */
-    timediff_t age = curlx_timediff(prune->now, dns->timestamp);
+    timediff_t age = curlx_timediff_ms(prune->now, dns->timestamp);
     if(!dns->addr)
       age *= 2; /* negative entries age twice as fast */
     if(age >= prune->max_age_ms)
@@ -1177,8 +1177,8 @@ clean_up:
      the time we spent until now! */
   if(prev_alarm) {
     /* there was an alarm() set before us, now put it back */
-    timediff_t elapsed_secs = curlx_timediff(curlx_now(),
-                                            data->conn->created) / 1000;
+    timediff_t elapsed_secs = curlx_timediff_ms(curlx_now(),
+                                                data->conn->created) / 1000;
 
     /* the alarm period is counted in even number of seconds */
     unsigned long alarm_set = (unsigned long)(prev_alarm - elapsed_secs);
diff --git a/lib/http.c b/lib/http.c
index 6726d23a43..0555291d0b 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -4945,7 +4945,7 @@ static CURLcode cr_exp100_read(struct Curl_easy *data,
     *eos = FALSE;
     return CURLE_READ_ERROR;
   case EXP100_AWAITING_CONTINUE:
-    ms = curlx_timediff(curlx_now(), ctx->start);
+    ms = curlx_timediff_ms(curlx_now(), ctx->start);
     if(ms < data->set.expect_100_timeout) {
       DEBUGF(infof(data, "cr_exp100_read, AWAITING_CONTINUE, not expired"));
       data->req.keepon &= ~KEEP_SEND;
diff --git a/lib/mqtt.c b/lib/mqtt.c
index 713e4aa02c..58458a8416 100644
--- a/lib/mqtt.c
+++ b/lib/mqtt.c
@@ -847,7 +847,7 @@ static CURLcode mqtt_ping(struct Curl_easy *data)
      !mq->pingsent &&
      data->set.upkeep_interval_ms > 0) {
     struct curltime t = curlx_now();
-    timediff_t diff = curlx_timediff(t, mq->lastTime);
+    timediff_t diff = curlx_timediff_ms(t, mq->lastTime);
 
     if(diff > data->set.upkeep_interval_ms) {
       /* 0xC0 is PINGREQ, and 0x00 is remaining length */
diff --git a/lib/multi.c b/lib/multi.c
index efc240b4fa..1e24ce8c46 100644
--- a/lib/multi.c
+++ b/lib/multi.c
@@ -1739,7 +1739,7 @@ static bool multi_handle_timeout(struct Curl_easy *data,
                                  CURLcode *result)
 {
   bool connect_timeout = data->mstate < MSTATE_DO;
-  timediff_t timeout_ms = Curl_timeleft(data, now, connect_timeout);
+  timediff_t timeout_ms = Curl_timeleft_ms(data, now, connect_timeout);
   if(timeout_ms < 0) {
     /* Handle timed out */
     struct curltime since;
@@ -1749,22 +1749,22 @@ static bool multi_handle_timeout(struct Curl_easy *data,
       since = data->progress.t_startop;
     if(data->mstate == MSTATE_RESOLVING)
       failf(data, "Resolving timed out after %" FMT_TIMEDIFF_T
-            " milliseconds", curlx_timediff(*now, since));
+            " milliseconds", curlx_timediff_ms(*now, since));
     else if(data->mstate == MSTATE_CONNECTING)
       failf(data, "Connection timed out after %" FMT_TIMEDIFF_T
-            " milliseconds", curlx_timediff(*now, since));
+            " milliseconds", curlx_timediff_ms(*now, since));
     else {
       struct SingleRequest *k = &data->req;
       if(k->size != -1) {
         failf(data, "Operation timed out after %" FMT_TIMEDIFF_T
               " milliseconds with %" FMT_OFF_T " out of %"
               FMT_OFF_T " bytes received",
-              curlx_timediff(*now, since), k->bytecount, k->size);
+              curlx_timediff_ms(*now, since), k->bytecount, k->size);
       }
       else {
         failf(data, "Operation timed out after %" FMT_TIMEDIFF_T
               " milliseconds with %" FMT_OFF_T " bytes received",
-              curlx_timediff(*now, since), k->bytecount);
+              curlx_timediff_ms(*now, since), k->bytecount);
       }
     }
     *result = CURLE_OPERATION_TIMEDOUT;
@@ -3410,13 +3410,13 @@ static CURLMcode multi_timeout(struct Curl_multi *multi,
     if(multi->timetree &&
        curlx_timediff_us(multi->timetree->key, now) > 0) {
       /* some time left before expiration */
-      timediff_t diff = curlx_timediff_ceil(multi->timetree->key, now);
+      timediff_t diff_ms = curlx_timediff_ceil_ms(multi->timetree->key, now);
 #ifndef CURL_DISABLE_VERBOSE_STRINGS
       data = Curl_splayget(multi->timetree);
 #endif
       /* this should be safe even on 32-bit archs, as we do not use that
          overly long timeouts */
-      *timeout_ms = (long)diff;
+      *timeout_ms = (long)diff_ms;
     }
     else {
 #ifndef CURL_DISABLE_VERBOSE_STRINGS
@@ -3574,7 +3574,7 @@ multi_addtimeout(struct Curl_easy *data,
     /* find the correct spot in the list */
     for(e = Curl_llist_head(timeoutlist); e; e = Curl_node_next(e)) {
       struct time_node *check = Curl_node_elem(e);
-      timediff_t diff = curlx_timediff(check->time, node->time);
+      timediff_t diff = curlx_timediff_ms(check->time, node->time);
       if(diff > 0)
         break;
       prev = e;
@@ -3625,7 +3625,7 @@ void Curl_expire_ex(struct Curl_easy *data,
     /* This means that the struct is added as a node in the splay tree.
        Compare if the new time is earlier, and only remove-old/add-new if it
        is. */
-    timediff_t diff = curlx_timediff(set, *curr_expire);
+    timediff_t diff = curlx_timediff_ms(set, *curr_expire);
     int rc;
 
     if(diff > 0) {
diff --git a/lib/pingpong.c b/lib/pingpong.c
index d0959470be..670d37c38e 100644
--- a/lib/pingpong.c
+++ b/lib/pingpong.c
@@ -61,17 +61,17 @@ timediff_t Curl_pp_state_timeout(struct Curl_easy *data,
 
   /* Without a requested timeout, we only wait 'response_time' seconds for the
      full response to arrive before we bail out */
-  timeout_ms = response_time - curlx_timediff(now, pp->response);
+  timeout_ms = response_time - curlx_timediff_ms(now, pp->response);
 
   if(data->set.timeout && !disconnecting) {
     /* if timeout is requested, find out how much overall remains */
-    timediff_t timeout2_ms = Curl_timeleft(data, &now, FALSE);
+    timediff_t timeout2_ms = Curl_timeleft_ms(data, &now, FALSE);
     /* pick the lowest number */
     timeout_ms = CURLMIN(timeout_ms, timeout2_ms);
   }
 
   if(disconnecting) {
-    timediff_t total_left_ms = Curl_timeleft(data, NULL, FALSE);
+    timediff_t total_left_ms = Curl_timeleft_ms(data, NULL, FALSE);
     timeout_ms = CURLMIN(timeout_ms, CURLMAX(total_left_ms, 0));
   }
 
diff --git a/lib/progress.c b/lib/progress.c
index 211212d4ed..02841544dd 100644
--- a/lib/progress.c
+++ b/lib/progress.c
@@ -271,7 +271,7 @@ timediff_t Curl_pgrsLimitWaitTime(struct pgrs_dir *d,
     return 0;
 
   /* The time it took us to have `bytes` */
-  took_ms = curlx_timediff_ceil(now, d->limit.start);
+  took_ms = curlx_timediff_ceil_ms(now, d->limit.start);
 
   /* The time it *should* have taken us to have `bytes`
    * when obeying the bytes_per_sec speed_limit. */
@@ -311,14 +311,14 @@ void Curl_ratelimit(struct Curl_easy *data, struct curltime now)
 {
   /* do not set a new stamp unless the time since last update is long enough */
   if(data->set.max_recv_speed) {
-    if(curlx_timediff(now, data->progress.dl.limit.start) >=
+    if(curlx_timediff_ms(now, data->progress.dl.limit.start) >=
        MIN_RATE_LIMIT_PERIOD) {
       data->progress.dl.limit.start = now;
       data->progress.dl.limit.start_size = data->progress.dl.cur_size;
     }
   }
   if(data->set.max_send_speed) {
-    if(curlx_timediff(now, data->progress.ul.limit.start) >=
+    if(curlx_timediff_ms(now, data->progress.ul.limit.start) >=
        MIN_RATE_LIMIT_PERIOD) {
       data->progress.ul.limit.start = now;
       data->progress.ul.limit.start_size = data->progress.ul.cur_size;
@@ -424,7 +424,7 @@ static bool progress_calc(struct Curl_easy *data, struct curltime now)
       checkindex = (p->speeder_c >= CURR_TIME) ? p->speeder_c%CURR_TIME : 0;
 
       /* Figure out the exact time for the time span */
-      span_ms = curlx_timediff(now, p->speeder_time[checkindex]);
+      span_ms = curlx_timediff_ms(now, p->speeder_time[checkindex]);
       if(span_ms == 0)
         span_ms = 1; /* at least one millisecond MUST have passed */
 
diff --git a/lib/rename.c b/lib/rename.c
index 4c66ce4ed0..225811e65a 100644
--- a/lib/rename.c
+++ b/lib/rename.c
@@ -54,7 +54,7 @@ int Curl_rename(const char *oldpath, const char *newpath)
       curlx_unicodefree(tchar_newpath);
       break;
     }
-    diff = curlx_timediff(curlx_now(), start);
+    diff = curlx_timediff_ms(curlx_now(), start);
     if(diff < 0 || diff > max_wait_ms) {
       curlx_unicodefree(tchar_oldpath);
       curlx_unicodefree(tchar_newpath);
diff --git a/lib/socketpair.c b/lib/socketpair.c
index 45e908bbf3..08753c8a8c 100644
--- a/lib/socketpair.c
+++ b/lib/socketpair.c
@@ -228,7 +228,7 @@ int Curl_socketpair(int domain, int type, int protocol,
       if(nread == -1) {
         int sockerr = SOCKERRNO;
         /* Do not block forever */
-        if(curlx_timediff(curlx_now(), start) > (60 * 1000))
+        if(curlx_timediff_ms(curlx_now(), start) > (60 * 1000))
           goto error;
         if(
 #ifdef USE_WINSOCK
diff --git a/lib/socks.c b/lib/socks.c
index 5daf5393cd..5185913a24 100644
--- a/lib/socks.c
+++ b/lib/socks.c
@@ -137,7 +137,7 @@ CURLcode Curl_blockread_all(struct Curl_cfilter *cf,
 
   *pnread = 0;
   for(;;) {
-    timediff_t timeout_ms = Curl_timeleft(data, NULL, TRUE);
+    timediff_t timeout_ms = Curl_timeleft_ms(data, NULL, TRUE);
     if(timeout_ms < 0) {
       /* we already got the timeout */
       return CURLE_OPERATION_TIMEDOUT;
diff --git a/lib/speedcheck.c b/lib/speedcheck.c
index b063e5d4f2..3b128655f5 100644
--- a/lib/speedcheck.c
+++ b/lib/speedcheck.c
@@ -53,7 +53,7 @@ CURLcode Curl_speedcheck(struct Curl_easy *data,
         data->state.keeps_speed = now;
       else {
         /* how long has it been under the limit */
-        timediff_t howlong = curlx_timediff(now, data->state.keeps_speed);
+        timediff_t howlong = curlx_timediff_ms(now, data->state.keeps_speed);
 
         if(howlong >= data->set.low_speed_time * 1000) {
           /* too long */
diff --git a/lib/telnet.c b/lib/telnet.c
index a939ae1a73..45a70808ea 100644
--- a/lib/telnet.c
+++ b/lib/telnet.c
@@ -1531,7 +1531,7 @@ static CURLcode telnet_do(struct Curl_easy *data, bool *done)
 
     if(data->set.timeout) {
       now = curlx_now();
-      if(curlx_timediff(now, conn->created) >= data->set.timeout) {
+      if(curlx_timediff_ms(now, conn->created) >= data->set.timeout) {
         failf(data, "Time-out");
         result = CURLE_OPERATION_TIMEDOUT;
         keepon = FALSE;
@@ -1652,7 +1652,7 @@ static CURLcode telnet_do(struct Curl_easy *data, bool *done)
 
     if(data->set.timeout) {
       now = curlx_now();
-      if(curlx_timediff(now, conn->created) >= data->set.timeout) {
+      if(curlx_timediff_ms(now, conn->created) >= data->set.timeout) {
         failf(data, "Time-out");
         result = CURLE_OPERATION_TIMEDOUT;
         keepon = FALSE;
diff --git a/lib/tftp.c b/lib/tftp.c
index 6536543151..91a8c25ff3 100644
--- a/lib/tftp.c
+++ b/lib/tftp.c
@@ -211,7 +211,7 @@ static CURLcode tftp_set_timeouts(struct tftp_conn *state)
   bool start = (state->state == TFTP_STATE_START);
 
   /* Compute drop-dead time */
-  timeout_ms = Curl_timeleft(state->data, NULL, start);
+  timeout_ms = Curl_timeleft_ms(state->data, NULL, start);
 
   if(timeout_ms < 0) {
     /* time-out, bail out, go home */
@@ -1199,8 +1199,8 @@ static timediff_t tftp_state_timeout(struct tftp_conn *state,
   if(event)
     *event = TFTP_EVENT_NONE;
 
-  timeout_ms = Curl_timeleft(state->data, NULL,
-                             (state->state == TFTP_STATE_START));
+  timeout_ms = Curl_timeleft_ms(state->data, NULL,
+                                (state->state == TFTP_STATE_START));
   if(timeout_ms < 0) {
     state->error = TFTP_ERR_TIMEOUT;
     state->state = TFTP_STATE_FIN;
diff --git a/lib/transfer.c b/lib/transfer.c
index 2b77219a9c..6ae21e1a40 100644
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -422,18 +422,18 @@ CURLcode Curl_sendrecv(struct Curl_easy *data, struct curltime *nowp)
     goto out;
 
   if(k->keepon) {
-    if(0 > Curl_timeleft(data, nowp, FALSE)) {
+    if(Curl_timeleft_ms(data, nowp, FALSE) < 0) {
       if(k->size != -1) {
         failf(data, "Operation timed out after %" FMT_TIMEDIFF_T
               " milliseconds with %" FMT_OFF_T " out of %"
               FMT_OFF_T " bytes received",
-              curlx_timediff(*nowp, data->progress.t_startsingle),
+              curlx_timediff_ms(*nowp, data->progress.t_startsingle),
               k->bytecount, k->size);
       }
       else {
         failf(data, "Operation timed out after %" FMT_TIMEDIFF_T
               " milliseconds with %" FMT_OFF_T " bytes received",
-              curlx_timediff(*nowp, data->progress.t_startsingle),
+              curlx_timediff_ms(*nowp, data->progress.t_startsingle),
               k->bytecount);
       }
       result = CURLE_OPERATION_TIMEDOUT;
diff --git a/lib/url.c b/lib/url.c
index e816da442a..0a0b6ff3a2 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -655,7 +655,7 @@ static bool conn_maxage(struct Curl_easy *data,
   timediff_t age_ms;
 
   if(data->set.conn_max_idle_ms) {
-    age_ms = curlx_timediff(now, conn->lastused);
+    age_ms = curlx_timediff_ms(now, conn->lastused);
     if(age_ms > data->set.conn_max_idle_ms) {
       infof(data, "Too old connection (%" FMT_TIMEDIFF_T
             " ms idle, max idle is %" FMT_TIMEDIFF_T " ms), disconnect it",
@@ -665,7 +665,7 @@ static bool conn_maxage(struct Curl_easy *data,
   }
 
   if(data->set.conn_max_age_ms) {
-    age_ms = curlx_timediff(now, conn->created);
+    age_ms = curlx_timediff_ms(now, conn->created);
     if(age_ms > data->set.conn_max_age_ms) {
       infof(data,
             "Too old connection (created %" FMT_TIMEDIFF_T
@@ -750,7 +750,7 @@ CURLcode Curl_conn_upkeep(struct Curl_easy *data,
                           struct curltime *now)
 {
   CURLcode result = CURLE_OK;
-  if(curlx_timediff(*now, conn->keepalive) <= data->set.upkeep_interval_ms)
+  if(curlx_timediff_ms(*now, conn->keepalive) <= data->set.upkeep_interval_ms)
     return result;
 
   /* briefly attach for action */
@@ -3217,7 +3217,7 @@ static CURLcode resolve_server(struct Curl_easy *data,
 {
   struct hostname *ehost;
   int eport;
-  timediff_t timeout_ms = Curl_timeleft(data, NULL, TRUE);
+  timediff_t timeout_ms = Curl_timeleft_ms(data, NULL, TRUE);
   const char *peertype = "host";
   CURLcode result;
 
@@ -3275,7 +3275,7 @@ static CURLcode resolve_server(struct Curl_easy *data,
   else if(result == CURLE_OPERATION_TIMEDOUT) {
     failf(data, "Failed to resolve %s '%s' with timeout after %"
           FMT_TIMEDIFF_T " ms", peertype, ehost->dispname,
-          curlx_timediff(curlx_now(), data->progress.t_startsingle));
+          curlx_timediff_ms(curlx_now(), data->progress.t_startsingle));
     return CURLE_OPERATION_TIMEDOUT;
   }
   else if(result) {
diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c
index 36bd28926d..1f70e0b480 100644
--- a/lib/vquic/curl_ngtcp2.c
+++ b/lib/vquic/curl_ngtcp2.c
@@ -517,11 +517,11 @@ static int cf_ngtcp2_handshake_completed(ngtcp2_conn *tconn, void *user_data)
   if(Curl_trc_is_verbose(data)) {
     const ngtcp2_transport_params *rp;
     rp = ngtcp2_conn_get_remote_transport_params(ctx->qconn);
-    CURL_TRC_CF(data, cf, "handshake complete after %dms, remote transport["
-                "max_udp_payload=%" FMT_PRIu64
+    CURL_TRC_CF(data, cf, "handshake complete after %" FMT_TIMEDIFF_T
+                "ms, remote transport[max_udp_payload=%" FMT_PRIu64
                 ", initial_max_data=%" FMT_PRIu64
                 "]",
-               (int)curlx_timediff(ctx->handshake_at, ctx->started_at),
+               curlx_timediff_ms(ctx->handshake_at, ctx->started_at),
                (curl_uint64_t)rp->max_udp_payload_size,
                (curl_uint64_t)rp->initial_max_data);
   }
@@ -2722,7 +2722,7 @@ static CURLcode cf_ngtcp2_query(struct Curl_cfilter *cf,
   }
   case CF_QUERY_CONNECT_REPLY_MS:
     if(ctx->q.got_first_byte) {
-      timediff_t ms = curlx_timediff(ctx->q.first_byte_at, ctx->started_at);
+      timediff_t ms = curlx_timediff_ms(ctx->q.first_byte_at, ctx->started_at);
       *pres1 = (ms < INT_MAX) ? (int)ms : INT_MAX;
     }
     else
@@ -2783,7 +2783,7 @@ static bool cf_ngtcp2_conn_is_alive(struct Curl_cfilter *cf,
    * it will close the connection when it expires. */
   rp = ngtcp2_conn_get_remote_transport_params(ctx->qconn);
   if(rp && rp->max_idle_timeout) {
-    timediff_t idletime_ms = curlx_timediff(curlx_now(), ctx->q.last_io);
+    timediff_t idletime_ms = curlx_timediff_ms(curlx_now(), ctx->q.last_io);
     if(idletime_ms > 0) {
       uint64_t max_idle_ms =
         (uint64_t)(rp->max_idle_timeout / NGTCP2_MILLISECONDS);
diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c
index efa653cf80..145a2831db 100644
--- a/lib/vquic/curl_osslq.c
+++ b/lib/vquic/curl_osslq.c
@@ -1805,8 +1805,8 @@ static CURLcode cf_osslq_connect(struct Curl_cfilter *cf,
     /* connected */
     ctx->handshake_at = now;
     ctx->q.last_io = now;
-    CURL_TRC_CF(data, cf, "handshake complete after %dms",
-               (int)curlx_timediff(now, ctx->started_at));
+    CURL_TRC_CF(data, cf, "handshake complete after %" FMT_TIMEDIFF_T "ms",
+                curlx_timediff_ms(now, ctx->started_at));
     result = cf_osslq_verify_peer(cf, data);
     if(!result) {
       CURL_TRC_CF(data, cf, "peer verified");
@@ -2247,7 +2247,7 @@ static bool cf_osslq_conn_is_alive(struct Curl_cfilter *cf,
     }
     CURL_TRC_CF(data, cf, "negotiated idle timeout: %" FMT_PRIu64 "ms",
                 (curl_uint64_t)idle_ms);
-    idletime = curlx_timediff(curlx_now(), ctx->q.last_io);
+    idletime = curlx_timediff_ms(curlx_now(), ctx->q.last_io);
     if(idle_ms && idletime > 0 && (uint64_t)idletime > idle_ms)
       goto out;
   }
@@ -2337,7 +2337,7 @@ static CURLcode cf_osslq_query(struct Curl_cfilter *cf,
   }
   case CF_QUERY_CONNECT_REPLY_MS:
     if(ctx->got_first_byte) {
-      timediff_t ms = curlx_timediff(ctx->first_byte_at, ctx->started_at);
+      timediff_t ms = curlx_timediff_ms(ctx->first_byte_at, ctx->started_at);
       *pres1 = (ms < INT_MAX) ? (int)ms : INT_MAX;
     }
     else
diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c
index fc1c55526e..d8d063b2ec 100644
--- a/lib/vquic/curl_quiche.c
+++ b/lib/vquic/curl_quiche.c
@@ -1402,8 +1402,8 @@ static CURLcode cf_quiche_connect(struct Curl_cfilter *cf,
 
   if(quiche_conn_is_established(ctx->qconn)) {
     ctx->handshake_at = ctx->q.last_op;
-    CURL_TRC_CF(data, cf, "handshake complete after %dms",
-                (int)curlx_timediff(ctx->handshake_at, ctx->started_at));
+    CURL_TRC_CF(data, cf, "handshake complete after %" FMT_TIMEDIFF_T "ms",
+                curlx_timediff_ms(ctx->handshake_at, ctx->started_at));
     result = cf_quiche_verify_peer(cf, data);
     if(!result) {
       CURL_TRC_CF(data, cf, "peer verified");
@@ -1534,7 +1534,7 @@ static CURLcode cf_quiche_query(struct Curl_cfilter *cf,
   }
   case CF_QUERY_CONNECT_REPLY_MS:
     if(ctx->q.got_first_byte) {
-      timediff_t ms = curlx_timediff(ctx->q.first_byte_at, ctx->started_at);
+      timediff_t ms = curlx_timediff_ms(ctx->q.first_byte_at, ctx->started_at);
       *pres1 = (ms < INT_MAX) ? (int)ms : INT_MAX;
     }
     else
diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c
index 781c5dafc3..07036f900a 100644
--- a/lib/vssh/libssh.c
+++ b/lib/vssh/libssh.c
@@ -2481,7 +2481,7 @@ static CURLcode myssh_block_statemach(struct Curl_easy *data,
 
   while((sshc->state != SSH_STOP) && !result) {
     bool block;
-    timediff_t left = 1000;
+    timediff_t left_ms = 1000;
     struct curltime now = curlx_now();
 
     result = myssh_statemach_act(data, sshc, sshp, &block);
@@ -2496,8 +2496,8 @@ static CURLcode myssh_block_statemach(struct Curl_easy *data,
       if(result)
         break;
 
-      left = Curl_timeleft(data, NULL, FALSE);
-      if(left < 0) {
+      left_ms = Curl_timeleft_ms(data, NULL, FALSE);
+      if(left_ms < 0) {
         failf(data, "Operation timed out");
         return CURLE_OPERATION_TIMEDOUT;
       }
@@ -2506,8 +2506,8 @@ static CURLcode myssh_block_statemach(struct Curl_easy *data,
     if(block) {
       curl_socket_t fd_read = conn->sock[FIRSTSOCKET];
       /* wait for the socket to become ready */
-      (void)Curl_socket_check(fd_read, CURL_SOCKET_BAD,
-                              CURL_SOCKET_BAD, left > 1000 ? 1000 : left);
+      (void)Curl_socket_check(fd_read, CURL_SOCKET_BAD, CURL_SOCKET_BAD,
+                              left_ms > 1000 ? 1000 : left_ms);
     }
 
   }
diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c
index d3d6cb1dc9..b414dfcf2d 100644
--- a/lib/vssh/libssh2.c
+++ b/lib/vssh/libssh2.c
@@ -3124,7 +3124,7 @@ static CURLcode ssh_block_statemach(struct Curl_easy *data,
 
   while((sshc->state != SSH_STOP) && !result) {
     bool block;
-    timediff_t left = 1000;
+    timediff_t left_ms = 1000;
     struct curltime now = curlx_now();
 
     result = ssh_statemachine(data, sshc, sshp, &block);
@@ -3139,13 +3139,13 @@ static CURLcode ssh_block_statemach(struct Curl_easy *data,
       if(result)
         break;
 
-      left = Curl_timeleft(data, NULL, FALSE);
-      if(left < 0) {
+      left_ms = Curl_timeleft_ms(data, NULL, FALSE);
+      if(left_ms < 0) {
         failf(data, "Operation timed out");
         return CURLE_OPERATION_TIMEDOUT;
       }
     }
-    else if(curlx_timediff(now, dis) > 1000) {
+    else if(curlx_timediff_ms(now, dis) > 1000) {
       /* disconnect timeout */
       failf(data, "Disconnect timed out");
       result = CURLE_OK;
@@ -3163,7 +3163,7 @@ static CURLcode ssh_block_statemach(struct Curl_easy *data,
         fd_write = sock;
       /* wait for the socket to become ready */
       (void)Curl_socket_check(fd_read, CURL_SOCKET_BAD, fd_write,
-                              left > 1000 ? 1000 : left);
+                              left_ms > 1000 ? 1000 : left_ms);
     }
   }
 
diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index 34d9b84d79..a692ce31c7 100644
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -544,7 +544,7 @@ static bool gtls_shared_creds_expired(const struct Curl_easy *data,
 {
   const struct ssl_general_config *cfg = &data->set.general_ssl;
   struct curltime now = curlx_now();
-  timediff_t elapsed_ms = curlx_timediff(now, sc->time);
+  timediff_t elapsed_ms = curlx_timediff_ms(now, sc->time);
   timediff_t timeout_ms = cfg->ca_cache_timeout * (timediff_t)1000;
 
   if(timeout_ms < 0)
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 2c6c05e53d..533597ed41 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -3573,7 +3573,7 @@ ossl_cached_x509_store_expired(const struct Curl_easy *data,
     return FALSE;
   else {
     struct curltime now = curlx_now();
-    timediff_t elapsed_ms = curlx_timediff(now, mb->time);
+    timediff_t elapsed_ms = curlx_timediff_ms(now, mb->time);
     timediff_t timeout_ms = cfg->ca_cache_timeout * (timediff_t)1000;
 
     return elapsed_ms >= timeout_ms;
diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c
index 863524e4ee..137e525722 100644
--- a/lib/vtls/schannel.c
+++ b/lib/vtls/schannel.c
@@ -1767,7 +1767,7 @@ schannel_recv_renegotiate(struct Curl_cfilter *cf, struct Curl_easy *data,
     curl_socket_t readfd, writefd;
     timediff_t elapsed;
 
-    elapsed = curlx_timediff(curlx_now(), rs->start_time);
+    elapsed = curlx_timediff_ms(curlx_now(), rs->start_time);
     if(elapsed >= MAX_RENEG_BLOCK_TIME) {
       failf(data, "schannel: renegotiation timeout");
       result = CURLE_SSL_CONNECT_ERROR;
@@ -1827,14 +1827,14 @@ schannel_recv_renegotiate(struct Curl_cfilter *cf, struct Curl_easy *data,
 
     for(;;) {
       int what;
-      timediff_t timeout, remaining;
+      timediff_t timeout_ms, remaining;
 
       if(Curl_pgrsUpdate(data)) {
         result = CURLE_ABORTED_BY_CALLBACK;
         break;
       }
 
-      elapsed = curlx_timediff(curlx_now(), rs->start_time);
+      elapsed = curlx_timediff_ms(curlx_now(), rs->start_time);
       if(elapsed >= MAX_RENEG_BLOCK_TIME) {
         failf(data, "schannel: renegotiation timeout");
         result = CURLE_SSL_CONNECT_ERROR;
@@ -1843,31 +1843,31 @@ schannel_recv_renegotiate(struct Curl_cfilter *cf, struct Curl_easy *data,
       remaining = MAX_RENEG_BLOCK_TIME - elapsed;
 
       if(blocking) {
-        timeout = Curl_timeleft(data, NULL, FALSE);
+        timeout_ms = Curl_timeleft_ms(data, NULL, FALSE);
 
-        if(timeout < 0) {
+        if(timeout_ms < 0) {
           result = CURLE_OPERATION_TIMEDOUT;
           break;
         }
 
         /* the blocking is in intervals so that the progress function can be
            called every second */
-        if(!timeout || timeout > 1000)
-          timeout = 1000;
+        if(!timeout_ms || timeout_ms > 1000)
+          timeout_ms = 1000;
 
-        if(timeout > remaining)
-          timeout = remaining;
+        if(timeout_ms > remaining)
+          timeout_ms = remaining;
       }
       else
-        timeout = 0;
+        timeout_ms = 0;
 
       SCH_DEV(infof(data, "schannel: renegotiation wait until socket is"
                     "%s%s for up to %" FMT_TIMEDIFF_T " ms",
                     ((readfd != CURL_SOCKET_BAD) ? " readable" : ""),
                     ((writefd != CURL_SOCKET_BAD) ? " writeable" : ""),
-                    timeout));
+                    timeout_ms));
 
-      what = Curl_socket_check(readfd, CURL_SOCKET_BAD, writefd, timeout);
+      what = Curl_socket_check(readfd, CURL_SOCKET_BAD, writefd, timeout_ms);
 
       if(what > 0 && (what & (CURL_CSELECT_IN | CURL_CSELECT_OUT))) {
         SCH_DEV(infof(data, "schannel: renegotiation socket %s%s",
@@ -1997,7 +1997,7 @@ schannel_send(struct Curl_cfilter *cf, struct Curl_easy *data,
     while(len > *pnwritten) {
       size_t this_write = 0;
       int what;
-      timediff_t timeout_ms = Curl_timeleft(data, NULL, FALSE);
+      timediff_t timeout_ms = Curl_timeleft_ms(data, NULL, FALSE);
       if(timeout_ms < 0) {
         /* we already got the timeout */
         failf(data, "schannel: timed out sending data "
@@ -2801,7 +2801,7 @@ HCERTSTORE Curl_schannel_get_cached_cert_store(struct Curl_cfilter *cf,
   timeout_ms = cfg->ca_cache_timeout * (timediff_t)1000;
   if(timeout_ms >= 0) {
     now = curlx_now();
-    elapsed_ms = curlx_timediff(now, share->time);
+    elapsed_ms = curlx_timediff_ms(now, share->time);
     if(elapsed_ms >= timeout_ms) {
       return NULL;
     }
diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c
index bf39ccf9b1..34fc17d994 100644
--- a/lib/vtls/wolfssl.c
+++ b/lib/vtls/wolfssl.c
@@ -733,7 +733,7 @@ wssl_cached_x509_store_expired(const struct Curl_easy *data,
 {
   const struct ssl_general_config *cfg = &data->set.general_ssl;
   struct curltime now = curlx_now();
-  timediff_t elapsed_ms = curlx_timediff(now, mb->time);
+  timediff_t elapsed_ms = curlx_timediff_ms(now, mb->time);
   timediff_t timeout_ms = cfg->ca_cache_timeout * (timediff_t)1000;
 
   if(timeout_ms < 0)
diff --git a/lib/ws.c b/lib/ws.c
index 891a53dbb4..ddf49c9d2d 100644
--- a/lib/ws.c
+++ b/lib/ws.c
@@ -1703,7 +1703,7 @@ static CURLcode ws_send_raw_blocking(struct Curl_easy *data,
 
       CURL_TRC_WS(data, "ws_send_raw_blocking() partial, %zu left to send",
                   buflen);
-      left_ms = Curl_timeleft(data, NULL, FALSE);
+      left_ms = Curl_timeleft_ms(data, NULL, FALSE);
       if(left_ms < 0) {
         failf(data, "[WS] Timeout waiting for socket becoming writable");
         return CURLE_SEND_ERROR;
diff --git a/src/tool_cb_prg.c b/src/tool_cb_prg.c
index dd460a4bf6..5f33c7c29c 100644
--- a/src/tool_cb_prg.c
+++ b/src/tool_cb_prg.c
@@ -171,13 +171,13 @@ int tool_progress_cb(void *clientp,
       if(bar->prev == point)
         /* progress did not change since last invoke */
         return 0;
-      else if((curlx_timediff(now, bar->prevtime) < 100L) && point < total)
+      else if((curlx_timediff_ms(now, bar->prevtime) < 100L) && point < total)
         /* limit progress-bar updating to 10 Hz except when we are at 100% */
         return 0;
     }
     else {
       /* total is unknown */
-      if(curlx_timediff(now, bar->prevtime) < 100L)
+      if(curlx_timediff_ms(now, bar->prevtime) < 100L)
         /* limit progress-bar updating to 10 Hz */
         return 0;
       update_width(bar);
diff --git a/src/tool_cb_rea.c b/src/tool_cb_rea.c
index b5c6143845..a4c475be8e 100644
--- a/src/tool_cb_rea.c
+++ b/src/tool_cb_rea.c
@@ -101,7 +101,7 @@ size_t tool_read_cb(char *buffer, size_t sz, size_t nmemb, void *userdata)
 
   if(config->timeout_ms) {
     struct curltime now = curlx_now();
-    long msdelta = (long)curlx_timediff(now, per->start);
+    long msdelta = (long)curlx_timediff_ms(now, per->start);
 
     if(msdelta > config->timeout_ms)
       /* timeout */
diff --git a/src/tool_operate.c b/src/tool_operate.c
index 401abe12f9..2c85839d17 100644
--- a/src/tool_operate.c
+++ b/src/tool_operate.c
@@ -476,7 +476,7 @@ static CURLcode retrycheck(struct OperationConfig *config,
            maximum time allowed for retrying, then exit the retries right
            away */
         if(config->retry_maxtime_ms) {
-          timediff_t ms = curlx_timediff(curlx_now(), per->retrystart);
+          timediff_t ms = curlx_timediff_ms(curlx_now(), per->retrystart);
 
           if((CURL_OFF_T_MAX - sleeptime < ms) ||
              (ms + sleeptime > config->retry_maxtime_ms)) {
@@ -713,7 +713,7 @@ static CURLcode post_per_transfer(struct per_transfer *per,
      time */
   if(per->retry_remaining &&
      (!config->retry_maxtime_ms ||
-      (curlx_timediff(curlx_now(), per->retrystart) <
+      (curlx_timediff_ms(curlx_now(), per->retrystart) <
        config->retry_maxtime_ms)) ) {
     result = retrycheck(config, per, result, retryp, delay);
     if(!result && *retryp)
@@ -1984,7 +1984,7 @@ static CURLcode serial_transfers(CURLSH *share)
     if(per && global->ms_per_transfer) {
       /* how long time did the most recent transfer take in number of
          milliseconds */
-      timediff_t milli = curlx_timediff(curlx_now(), start);
+      timediff_t milli = curlx_timediff_ms(curlx_now(), start);
       if(milli < global->ms_per_transfer) {
         notef("Transfer took %" CURL_FORMAT_CURL_OFF_T " ms, "
               "waits %ldms as set by --rate",
diff --git a/src/tool_progress.c b/src/tool_progress.c
index ad4cd98eb7..f9fbd83574 100644
--- a/src/tool_progress.c
+++ b/src/tool_progress.c
@@ -156,7 +156,7 @@ bool progress_meter(CURLM *multi,
     return FALSE;
 
   now = curlx_now();
-  diff = curlx_timediff(now, stamp);
+  diff = curlx_timediff_ms(now, stamp);
 
   if(!header) {
     header = TRUE;
@@ -169,7 +169,7 @@ bool progress_meter(CURLM *multi,
     char time_total[10];
     char time_spent[10];
     char buffer[3][6];
-    curl_off_t spent = curlx_timediff(now, *start)/1000;
+    curl_off_t spent = curlx_timediff_ms(now, *start)/1000;
     char dlpercen[4]="--";
     char ulpercen[4]="--";
     struct per_transfer *per;
@@ -236,13 +236,13 @@ bool progress_meter(CURLM *multi,
       curl_off_t uls;
       if(indexwrapped) {
         /* 'speedindex' is the oldest stored data */
-        deltams = curlx_timediff(now, speedstore[speedindex].stamp);
+        deltams = curlx_timediff_ms(now, speedstore[speedindex].stamp);
         dl = all_dlnow - speedstore[speedindex].dl;
         ul = all_ulnow - speedstore[speedindex].ul;
       }
       else {
         /* since the beginning */
-        deltams = curlx_timediff(now, *start);
+        deltams = curlx_timediff_ms(now, *start);
         dl = all_dlnow;
         ul = all_ulnow;
       }
diff --git a/tests/data/test1303 b/tests/data/test1303
index 705a04111d..6d97bfe99f 100644
--- a/tests/data/test1303
+++ b/tests/data/test1303
@@ -2,7 +2,7 @@
 
 
 unittest
-Curl_timeleft
+Curl_timeleft_ms
 
 
 
@@ -13,7 +13,7 @@ Curl_timeleft
 unittest
 
 
-Curl_timeleft unit tests
+Curl_timeleft_ms unit tests
 
 
 
diff --git a/tests/libtest/first.h b/tests/libtest/first.h
index 52a6395ad1..5557411754 100644
--- a/tests/libtest/first.h
+++ b/tests/libtest/first.h
@@ -461,7 +461,7 @@ void ws_close(CURL *curl);
 #define TEST_HANG_TIMEOUT 60 * 1000  /* global default */
 
 #define exe_test_timedout(T,Y,Z) do {                                   \
-  timediff_t timediff = curlx_timediff(curlx_now(), tv_test_start);     \
+  timediff_t timediff = curlx_timediff_ms(curlx_now(), tv_test_start);  \
   if(timediff > (T)) {                                                  \
     curl_mfprintf(stderr, "%s:%d ABORTING TEST, since it seems "        \
                   "that it would have run forever (%ld ms > %ld ms)\n", \
diff --git a/tests/libtest/lib1501.c b/tests/libtest/lib1501.c
index feb775f136..5b5e64c48c 100644
--- a/tests/libtest/lib1501.c
+++ b/tests/libtest/lib1501.c
@@ -87,7 +87,7 @@ static CURLcode test_lib1501(const char *URL)
     abort_on_test_timeout_custom(HANG_TIMEOUT);
 
     after = curlx_now();
-    e = curlx_timediff(after, before);
+    e = curlx_timediff_ms(after, before);
     curl_mfprintf(stderr, "pong = %ld\n", (long)e);
 
     if(e > MAX_BLOCKED_TIME_MS) {
diff --git a/tests/libtest/lib1507.c b/tests/libtest/lib1507.c
index a02a07e61b..d9f85a3318 100644
--- a/tests/libtest/lib1507.c
+++ b/tests/libtest/lib1507.c
@@ -112,7 +112,7 @@ static CURLcode test_lib1507(const char *URL)
 
     rc = select(maxfd + 1, &fdread, &fdwrite, &fdexcep, &timeout);
 
-    if(curlx_timediff(curlx_now(), mp_start) > MULTI_PERFORM_HANG_TIMEOUT) {
+    if(curlx_timediff_ms(curlx_now(), mp_start) > MULTI_PERFORM_HANG_TIMEOUT) {
       curl_mfprintf(stderr, "ABORTING TEST, since it seems "
                     "that it would have run forever.\n");
       break;
diff --git a/tests/libtest/lib1564.c b/tests/libtest/lib1564.c
index 283f9dcf39..42b3a07d1a 100644
--- a/tests/libtest/lib1564.c
+++ b/tests/libtest/lib1564.c
@@ -49,7 +49,7 @@ static CURLcode test_lib1564(const char *URL)
   multi_poll(multi, NULL, 0, 1000, &numfds);
   time_after_wait = curlx_now();
 
-  if(curlx_timediff(time_after_wait, time_before_wait) < 500) {
+  if(curlx_timediff_ms(time_after_wait, time_before_wait) < 500) {
     curl_mfprintf(stderr, "%s:%d curl_multi_poll returned too early\n",
                   __FILE__, __LINE__);
     res = TEST_ERR_MAJOR_BAD;
@@ -66,7 +66,7 @@ static CURLcode test_lib1564(const char *URL)
   multi_poll(multi, NULL, 0, 1000, &numfds);
   time_after_wait = curlx_now();
 
-  if(curlx_timediff(time_after_wait, time_before_wait) > 500) {
+  if(curlx_timediff_ms(time_after_wait, time_before_wait) > 500) {
     curl_mfprintf(stderr, "%s:%d curl_multi_poll returned too late\n",
                   __FILE__, __LINE__);
     res = TEST_ERR_MAJOR_BAD;
@@ -81,7 +81,7 @@ static CURLcode test_lib1564(const char *URL)
   multi_poll(multi, NULL, 0, 1000, &numfds);
   time_after_wait = curlx_now();
 
-  if(curlx_timediff(time_after_wait, time_before_wait) < 500) {
+  if(curlx_timediff_ms(time_after_wait, time_before_wait) < 500) {
     curl_mfprintf(stderr, "%s:%d curl_multi_poll returned too early\n",
                   __FILE__, __LINE__);
     res = TEST_ERR_MAJOR_BAD;
@@ -99,7 +99,7 @@ static CURLcode test_lib1564(const char *URL)
   multi_poll(multi, NULL, 0, 1000, &numfds);
   time_after_wait = curlx_now();
 
-  if(curlx_timediff(time_after_wait, time_before_wait) > 500) {
+  if(curlx_timediff_ms(time_after_wait, time_before_wait) > 500) {
     curl_mfprintf(stderr, "%s:%d curl_multi_poll returned too late\n",
                   __FILE__, __LINE__);
     res = TEST_ERR_MAJOR_BAD;
@@ -114,7 +114,7 @@ static CURLcode test_lib1564(const char *URL)
   multi_poll(multi, NULL, 0, 1000, &numfds);
   time_after_wait = curlx_now();
 
-  if(curlx_timediff(time_after_wait, time_before_wait) < 500) {
+  if(curlx_timediff_ms(time_after_wait, time_before_wait) < 500) {
     curl_mfprintf(stderr, "%s:%d curl_multi_poll returned too early\n",
                   __FILE__, __LINE__);
     res = TEST_ERR_MAJOR_BAD;
diff --git a/tests/unit/unit1303.c b/tests/unit/unit1303.c
index 1ce367b6a7..b02cb3abad 100644
--- a/tests/unit/unit1303.c
+++ b/tests/unit/unit1303.c
@@ -148,7 +148,7 @@ static CURLcode test_unit1303(const char *arg)
     timediff_t timeout;
     NOW(run[i].now_s, run[i].now_us);
     TIMEOUTS(run[i].timeout_ms, run[i].connecttimeout_ms);
-    timeout = Curl_timeleft(easy, &now, run[i].connecting);
+    timeout = Curl_timeleft_ms(easy, &now, run[i].connecting);
     if(timeout != run[i].result)
       fail(run[i].comment);
   }
diff --git a/tests/unit/unit1323.c b/tests/unit/unit1323.c
index a4e3eab2e1..15d140e10a 100644
--- a/tests/unit/unit1323.c
+++ b/tests/unit/unit1323.c
@@ -43,7 +43,7 @@ static CURLcode test_unit1323(const char *arg)
   size_t i;
 
   for(i = 0; i < CURL_ARRAYSIZE(tests); i++) {
-    timediff_t result = curlx_timediff(tests[i].first, tests[i].second);
+    timediff_t result = curlx_timediff_ms(tests[i].first, tests[i].second);
     if(result != tests[i].result) {
       curl_mprintf("%ld.%06u to %ld.%06u got %" FMT_TIMEDIFF_T
                    ", but expected %" FMT_TIMEDIFF_T "\n",
diff --git a/tests/unit/unit2600.c b/tests/unit/unit2600.c
index 08b2ca6fbd..fbf53c5107 100644
--- a/tests/unit/unit2600.c
+++ b/tests/unit/unit2600.c
@@ -122,7 +122,7 @@ static void cf_test_destroy(struct Curl_cfilter *cf, struct Curl_easy *data)
   struct cf_test_ctx *ctx = cf->ctx;
 #ifndef CURL_DISABLE_VERBOSE_STRINGS
   infof(data, "%04dms: cf[%s] destroyed",
-        (int)curlx_timediff(curlx_now(), current_tr->started), ctx->id);
+        (int)curlx_timediff_ms(curlx_now(), current_tr->started), ctx->id);
 #else
   (void)data;
 #endif
@@ -139,7 +139,7 @@ static CURLcode cf_test_connect(struct Curl_cfilter *cf,
 
   (void)data;
   *done = FALSE;
-  duration_ms = curlx_timediff(curlx_now(), ctx->started);
+  duration_ms = curlx_timediff_ms(curlx_now(), ctx->started);
   if(duration_ms >= ctx->fail_delay_ms) {
     infof(data, "%04dms: cf[%s] fail delay reached",
           (int)duration_ms, ctx->id);
@@ -218,7 +218,7 @@ static CURLcode cf_test_create(struct Curl_cfilter **pcf,
     ctx->stats->creations++;
   }
 
-  created_at = curlx_timediff(ctx->started, current_tr->started);
+  created_at = curlx_timediff_ms(ctx->started, current_tr->started);
   if(ctx->stats->creations == 1)
     ctx->stats->first_created = created_at;
   ctx->stats->last_created = created_at;
@@ -245,7 +245,7 @@ static void check_result(const struct test_case *tc,
   char msg[256];
   timediff_t duration_ms;
 
-  duration_ms = curlx_timediff(tr->ended, tr->started);
+  duration_ms = curlx_timediff_ms(tr->ended, tr->started);
   curl_mfprintf(stderr, "%d: test case took %dms\n", tc->id, (int)duration_ms);
 
   if(tr->result != tc->exp_result
@@ -267,7 +267,7 @@ static void check_result(const struct test_case *tc,
     fail(msg);
   }
 
-  duration_ms = curlx_timediff(tr->ended, tr->started);
+  duration_ms = curlx_timediff_ms(tr->ended, tr->started);
   if(duration_ms < tc->min_duration_ms) {
     curl_msprintf(msg, "%d: expected min duration of %dms, but took %dms",
                   tc->id, (int)tc->min_duration_ms, (int)duration_ms);

From cb2bcb681fc9044d2a7adaaa6210b61e2f7cff59 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Wed, 12 Nov 2025 15:58:49 +0100
Subject: [PATCH 0834/2408] lib: eliminate size_t casts

Add new functions in `curlx/warnless.h` for controlled type
conversions:

* curlx_uitouz, convert unsigned into to size_t (should always work)
* curlx_uztoso, convert size_t to curl_off_t, capping at CURL_OFF_T_MAX
* curlx_sztouz, convert ssize_t to size_t, return TRUE when ok
* curlx_sotouz_range, convert curl_off_t to size_t interval, capping
  values to interval bounds

Remove some unnecesary casts, convert some internal recv functions
to the "return result, have size_t* arg" pattern.

Closes #19495
---
 lib/cf-h1-proxy.c       |  2 +-
 lib/cf-h2-proxy.c       |  2 +-
 lib/curlx/warnless.c    | 35 +++++++++++++++
 lib/curlx/warnless.h    | 12 ++++++
 lib/dict.c              |  4 +-
 lib/http.c              |  8 ++--
 lib/http2.c             | 96 +++++++++++++++++++++--------------------
 lib/multi.c             | 13 +++---
 lib/sendf.c             | 25 ++---------
 lib/setopt.c            | 12 +++---
 lib/transfer.c          | 58 +++++++++++--------------
 lib/vquic/curl_ngtcp2.c | 23 +++-------
 lib/ws.c                | 36 ++++++++--------
 13 files changed, 170 insertions(+), 156 deletions(-)

diff --git a/lib/cf-h1-proxy.c b/lib/cf-h1-proxy.c
index be01891bf0..ac0dc596f2 100644
--- a/lib/cf-h1-proxy.c
+++ b/lib/cf-h1-proxy.c
@@ -268,7 +268,7 @@ static CURLcode send_CONNECT(struct Curl_cfilter *cf,
 
   DEBUGASSERT(blen >= nwritten);
   ts->nsent += nwritten;
-  Curl_debug(data, CURLINFO_HEADER_OUT, buf, (size_t)nwritten);
+  Curl_debug(data, CURLINFO_HEADER_OUT, buf, nwritten);
 
 out:
   if(result)
diff --git a/lib/cf-h2-proxy.c b/lib/cf-h2-proxy.c
index 148caca71b..d38bd46952 100644
--- a/lib/cf-h2-proxy.c
+++ b/lib/cf-h2-proxy.c
@@ -847,7 +847,7 @@ static int tunnel_recv_callback(nghttp2_session *session, uint8_t flags,
 #endif
   }
   /* tunnel.recbuf has soft limit, any success MUST add all data */
-  DEBUGASSERT((size_t)nwritten == len);
+  DEBUGASSERT(nwritten == len);
   return 0;
 }
 
diff --git a/lib/curlx/warnless.c b/lib/curlx/warnless.c
index bb636a9327..a0aa5eda13 100644
--- a/lib/curlx/warnless.c
+++ b/lib/curlx/warnless.c
@@ -290,3 +290,38 @@ size_t curlx_sitouz(int sinum)
 #  pragma warning(pop)
 #endif
 }
+
+size_t curlx_uitouz(unsigned int uinum)
+{
+  return (size_t)uinum;
+}
+
+size_t curlx_sotouz_range(curl_off_t sonum, size_t uzmin, size_t uzmax)
+{
+  if(sonum < 0)
+    return uzmin;
+#if SIZEOF_CURL_OFF_T > SIZEOF_SIZE_T
+  if(sonum > SIZE_MAX)
+    return uzmax;
+#endif
+  return CURLMIN(CURLMAX((size_t)sonum, uzmin), uzmax);
+}
+
+bool curlx_sztouz(ssize_t sznum, size_t *puznum)
+{
+  if(sznum < 0) {
+    *puznum = 0;
+    return FALSE;
+  }
+  *puznum = (size_t)sznum;
+  return TRUE;
+}
+
+curl_off_t curlx_uztoso(size_t uznum)
+{
+#if SIZEOF_SIZE_T >= SIZEOF_CURL_OFF_T
+  if(uznum > (size_t)CURL_OFF_T_MAX)
+    return CURL_OFF_T_MAX;
+#endif
+  return (curl_off_t)uznum;
+}
diff --git a/lib/curlx/warnless.h b/lib/curlx/warnless.h
index 0a0c608073..a128f71488 100644
--- a/lib/curlx/warnless.h
+++ b/lib/curlx/warnless.h
@@ -57,6 +57,18 @@ unsigned short curlx_uitous(unsigned int uinum);
 
 size_t curlx_sitouz(int sinum);
 
+size_t curlx_uitouz(unsigned int uinum);
+
+/* Convert a curl_off_t to fit into size_t interval [uzmin, uzmax].
+ * values outside this interval give the lower/upper bound. */
+size_t curlx_sotouz_range(curl_off_t sonum, size_t uzmin, size_t uzmax);
+
+/* Convert a size_t to curl_off_t, return CURL_OFF_T_MAX if too large. */
+curl_off_t curlx_uztoso(size_t uznum);
+
+/* Convert a ssize_t to size_t, return FALSE if negative and set 0 */
+bool curlx_sztouz(ssize_t sznum, size_t *puznum);
+
 #ifdef _WIN32
 #undef  read
 #define read(fd, buf, count)  (ssize_t)_read(fd, buf, curlx_uztoui(count))
diff --git a/lib/dict.c b/lib/dict.c
index 3296a45466..5c7ba7f622 100644
--- a/lib/dict.c
+++ b/lib/dict.c
@@ -160,9 +160,9 @@ static CURLcode sendf(struct Curl_easy *data, const char *fmt, ...)
     if(result)
       break;
 
-    Curl_debug(data, CURLINFO_DATA_OUT, sptr, (size_t)bytes_written);
+    Curl_debug(data, CURLINFO_DATA_OUT, sptr, bytes_written);
 
-    if((size_t)bytes_written != write_len) {
+    if(bytes_written != write_len) {
       /* if not all was written at once, we must advance the pointer, decrease
          the size left and try again! */
       write_len -= bytes_written;
diff --git a/lib/http.c b/lib/http.c
index 0555291d0b..f3444d46a9 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -2222,9 +2222,11 @@ static CURLcode set_reader(struct Curl_easy *data, Curl_HttpReq httpreq)
       result = Curl_creader_set_null(data);
     }
     else if(data->set.postfields) {
-      if(postsize > 0)
-        result = Curl_creader_set_buf(data, data->set.postfields,
-                                      (size_t)postsize);
+      size_t plen = curlx_sotouz_range(postsize, 0, SIZE_MAX);
+      if(plen == SIZE_MAX)
+        return CURLE_OUT_OF_MEMORY;
+      else if(plen)
+        result = Curl_creader_set_buf(data, data->set.postfields, plen);
       else
         result = Curl_creader_set_null(data);
     }
diff --git a/lib/http2.c b/lib/http2.c
index de1113c1e4..5c8b0cab38 100644
--- a/lib/http2.c
+++ b/lib/http2.c
@@ -45,6 +45,7 @@
 #include "curlx/strparse.h"
 #include "transfer.h"
 #include "curlx/dynbuf.h"
+#include "curlx/warnless.h"
 #include "headers.h"
 
 /* The last 3 #include files should be in this order */
@@ -539,10 +540,12 @@ static CURLcode cf_h2_ctx_open(struct Curl_cfilter *cf,
      * in the H1 request and we upgrade from there. This stream
      * is opened implicitly as #1. */
     uint8_t binsettings[H2_BINSETTINGS_LEN];
-    ssize_t binlen; /* length of the binsettings data */
+    ssize_t rclen;
+    size_t binlen; /* length of the binsettings data */
 
-    binlen = populate_binsettings(binsettings, data);
-    if(binlen <= 0) {
+    rclen = populate_binsettings(binsettings, data);
+
+    if(!curlx_sztouz(rclen, &binlen) || !binlen) {
       failf(data, "nghttp2 unexpectedly failed on pack_settings_payload");
       result = CURLE_FAILED_INIT;
       goto out;
@@ -554,7 +557,7 @@ static CURLcode cf_h2_ctx_open(struct Curl_cfilter *cf,
     DEBUGASSERT(stream);
     stream->id = 1;
     /* queue SETTINGS frame (again) */
-    rc = nghttp2_session_upgrade2(ctx->h2, binsettings, (size_t)binlen,
+    rc = nghttp2_session_upgrade2(ctx->h2, binsettings, binlen,
                                   data->state.httpreq == HTTPREQ_HEAD,
                                   NULL);
     if(rc) {
@@ -627,16 +630,16 @@ static CURLcode h2_process_pending_input(struct Curl_cfilter *cf,
 {
   struct cf_h2_ctx *ctx = cf->ctx;
   const unsigned char *buf;
-  size_t blen;
+  size_t blen, nread;
   ssize_t rv;
 
   while(Curl_bufq_peek(&ctx->inbufq, &buf, &blen)) {
     rv = nghttp2_session_mem_recv(ctx->h2, (const uint8_t *)buf, blen);
-    if(rv < 0) {
+    if(!curlx_sztouz(rv, &nread)) {
       failf(data, "nghttp2 recv error %zd: %s", rv, nghttp2_strerror((int)rv));
       return CURLE_HTTP2;
     }
-    Curl_bufq_skip(&ctx->inbufq, (size_t)rv);
+    Curl_bufq_skip(&ctx->inbufq, nread);
     if(Curl_bufq_is_empty(&ctx->inbufq)) {
       break;
     }
@@ -1804,16 +1807,17 @@ CURLcode Curl_http2_request_upgrade(struct dynbuf *req,
   size_t blen;
   struct SingleRequest *k = &data->req;
   uint8_t binsettings[H2_BINSETTINGS_LEN];
-  ssize_t binlen; /* length of the binsettings data */
+  ssize_t rc;
+  size_t binlen; /* length of the binsettings data */
 
-  binlen = populate_binsettings(binsettings, data);
-  if(binlen <= 0) {
+  rc = populate_binsettings(binsettings, data);
+  if(!curlx_sztouz(rc, &binlen) || !binlen) {
     failf(data, "nghttp2 unexpectedly failed on pack_settings_payload");
     curlx_dyn_free(req);
     return CURLE_FAILED_INIT;
   }
 
-  result = curlx_base64url_encode((const char *)binsettings, (size_t)binlen,
+  result = curlx_base64url_encode((const char *)binsettings, binlen,
                                   &base64, &blen);
   if(result) {
     curlx_dyn_free(req);
@@ -2173,15 +2177,16 @@ out:
   return result;
 }
 
-static ssize_t cf_h2_body_send(struct Curl_cfilter *cf,
-                               struct Curl_easy *data,
-                               struct h2_stream_ctx *stream,
-                               const void *buf, size_t blen, bool eos,
-                               CURLcode *err)
+static CURLcode cf_h2_body_send(struct Curl_cfilter *cf,
+                                struct Curl_easy *data,
+                                struct h2_stream_ctx *stream,
+                                const void *buf, size_t blen, bool eos,
+                                size_t *pnwritten)
 {
   struct cf_h2_ctx *ctx = cf->ctx;
-  size_t nwritten;
+  CURLcode result;
 
+  *pnwritten = 0;
   if(stream->closed) {
     if(stream->resp_hds_complete) {
       /* Server decided to close the stream after having sent us a final
@@ -2193,31 +2198,29 @@ static ssize_t cf_h2_body_send(struct Curl_cfilter *cf,
                   "on closed stream with response", stream->id);
       if(eos)
         stream->body_eos = TRUE;
-      *err = CURLE_OK;
-      return (ssize_t)blen;
+      *pnwritten = blen;
+      return CURLE_OK;
     }
     /* Server closed before we got a response, this is an error */
     infof(data, "stream %u closed", stream->id);
-    *err = CURLE_SEND_ERROR;
-    return -1;
+    return CURLE_SEND_ERROR;
   }
 
-  *err = Curl_bufq_write(&stream->sendbuf, buf, blen, &nwritten);
-  if(*err)
-    return -1;
+  result = Curl_bufq_write(&stream->sendbuf, buf, blen, pnwritten);
+  if(result)
+    return result;
 
-  if(eos && (blen == nwritten))
+  if(eos && (blen == *pnwritten))
     stream->body_eos = TRUE;
 
   if(eos || !Curl_bufq_is_empty(&stream->sendbuf)) {
     /* resume the potentially suspended stream */
     int rv = nghttp2_session_resume_data(ctx->h2, stream->id);
-    if(nghttp2_is_fatal(rv)) {
-      *err = CURLE_SEND_ERROR;
-      return -1;
-    }
+    if(nghttp2_is_fatal(rv))
+      return CURLE_SEND_ERROR;
   }
-  return (ssize_t)nwritten;
+
+  return CURLE_OK;
 }
 
 static CURLcode h2_submit(struct h2_stream_ctx **pstream,
@@ -2234,7 +2237,8 @@ static CURLcode h2_submit(struct h2_stream_ctx **pstream,
   nghttp2_data_provider data_prd;
   int32_t stream_id;
   nghttp2_priority_spec pri_spec;
-  ssize_t nwritten;
+  ssize_t rc;
+  size_t nwritten;
   CURLcode result = CURLE_OK;
 
   *pnwritten = 0;
@@ -2244,10 +2248,10 @@ static CURLcode h2_submit(struct h2_stream_ctx **pstream,
   if(result)
     goto out;
 
-  nwritten = Curl_h1_req_parse_read(&stream->h1, buf, len, NULL, 0, &result);
-  if(nwritten < 0)
+  rc = Curl_h1_req_parse_read(&stream->h1, buf, len, NULL, 0, &result);
+  if(!curlx_sztouz(rc, &nwritten))
     goto out;
-  *pnwritten = (size_t)nwritten;
+  *pnwritten = nwritten;
   if(!stream->h1.done) {
     /* need more data */
     goto out;
@@ -2321,8 +2325,9 @@ static CURLcode h2_submit(struct h2_stream_ctx **pstream,
   bodylen = len - *pnwritten;
 
   if(bodylen || eos) {
-    ssize_t n = cf_h2_body_send(cf, data, stream, body, bodylen, eos, &result);
-    if(n >= 0)
+    size_t n;
+    result = cf_h2_body_send(cf, data, stream, body, bodylen, eos, &n);
+    if(!result)
       *pnwritten += n;
     else if(result == CURLE_AGAIN)
       result = CURLE_OK;
@@ -2347,7 +2352,6 @@ static CURLcode cf_h2_send(struct Curl_cfilter *cf, struct Curl_easy *data,
   struct cf_h2_ctx *ctx = cf->ctx;
   struct h2_stream_ctx *stream = H2_STREAM_CTX(ctx, data);
   struct cf_call_data save;
-  ssize_t nwritten;
   CURLcode result = CURLE_OK, r2;
 
   CF_DATA_SAVE(save, cf, data);
@@ -2364,21 +2368,19 @@ static CURLcode cf_h2_send(struct Curl_cfilter *cf, struct Curl_easy *data,
      * being able to flush stream->sendbuf. Make a 0-length write
      * to trigger flushing again.
      * If this works, we report to have written `len` bytes. */
+    size_t n;
     DEBUGASSERT(eos);
-    nwritten = cf_h2_body_send(cf, data, stream, buf, 0, eos, &result);
-    CURL_TRC_CF(data, cf, "[%d] cf_body_send last CHUNK -> %zd, %d, eos=%d",
-                stream->id, nwritten, result, eos);
-    if(nwritten < 0) {
+    result = cf_h2_body_send(cf, data, stream, buf, 0, eos, &n);
+    CURL_TRC_CF(data, cf, "[%d] cf_body_send last CHUNK -> %d, %zu, eos=%d",
+                stream->id, result, n, eos);
+    if(result)
       goto out;
-    }
     *pnwritten = len;
   }
   else {
-    nwritten = cf_h2_body_send(cf, data, stream, buf, len, eos, &result);
-    CURL_TRC_CF(data, cf, "[%d] cf_body_send(len=%zu) -> %zd, %d, eos=%d",
-                stream->id, len, nwritten, result, eos);
-    if(nwritten >= 0)
-      *pnwritten = (size_t)nwritten;
+    result = cf_h2_body_send(cf, data, stream, buf, len, eos, pnwritten);
+    CURL_TRC_CF(data, cf, "[%d] cf_body_send(len=%zu) -> %d, %zu, eos=%d",
+                stream->id, len, result, *pnwritten, eos);
   }
 
   /* Call the nghttp2 send loop and flush to write ALL buffered data,
diff --git a/lib/multi.c b/lib/multi.c
index 1e24ce8c46..a47336457b 100644
--- a/lib/multi.c
+++ b/lib/multi.c
@@ -3879,10 +3879,10 @@ CURLcode Curl_multi_xfer_buf_borrow(struct Curl_easy *data,
   }
 
   if(!data->multi->xfer_buf) {
-    data->multi->xfer_buf = malloc((size_t)data->set.buffer_size);
+    data->multi->xfer_buf = malloc(curlx_uitouz(data->set.buffer_size));
     if(!data->multi->xfer_buf) {
-      failf(data, "could not allocate xfer_buf of %zu bytes",
-            (size_t)data->set.buffer_size);
+      failf(data, "could not allocate xfer_buf of %u bytes",
+            data->set.buffer_size);
       return CURLE_OUT_OF_MEMORY;
     }
     data->multi->xfer_buf_len = data->set.buffer_size;
@@ -3932,10 +3932,11 @@ CURLcode Curl_multi_xfer_ulbuf_borrow(struct Curl_easy *data,
   }
 
   if(!data->multi->xfer_ulbuf) {
-    data->multi->xfer_ulbuf = malloc((size_t)data->set.upload_buffer_size);
+    data->multi->xfer_ulbuf =
+      malloc(curlx_uitouz(data->set.upload_buffer_size));
     if(!data->multi->xfer_ulbuf) {
-      failf(data, "could not allocate xfer_ulbuf of %zu bytes",
-            (size_t)data->set.upload_buffer_size);
+      failf(data, "could not allocate xfer_ulbuf of %u bytes",
+            data->set.upload_buffer_size);
       return CURLE_OUT_OF_MEMORY;
     }
     data->multi->xfer_ulbuf_len = data->set.upload_buffer_size;
diff --git a/lib/sendf.c b/lib/sendf.c
index 980fae23e6..655444a295 100644
--- a/lib/sendf.c
+++ b/lib/sendf.c
@@ -209,20 +209,7 @@ static size_t get_max_body_write_len(struct Curl_easy *data, curl_off_t limit)
 {
   if(limit != -1) {
     /* How much more are we allowed to write? */
-    curl_off_t remain_diff;
-    remain_diff = limit - data->req.bytecount;
-    if(remain_diff < 0) {
-      /* already written too much! */
-      return 0;
-    }
-#if SIZEOF_CURL_OFF_T > SIZEOF_SIZE_T
-    else if(remain_diff > SSIZE_MAX) {
-      return SIZE_MAX;
-    }
-#endif
-    else {
-      return (size_t)remain_diff;
-    }
+    return curlx_sotouz_range(limit - data->req.bytecount, 0, SIZE_MAX);
   }
   return SIZE_MAX;
 }
@@ -678,11 +665,7 @@ static CURLcode cr_in_read(struct Curl_easy *data,
   }
   /* respect length limitations */
   if(ctx->total_len >= 0) {
-    curl_off_t remain = ctx->total_len - ctx->read_len;
-    if(remain <= 0)
-      blen = 0;
-    else if(remain < (curl_off_t)blen)
-      blen = (size_t)remain;
+    blen = curlx_sotouz_range(ctx->total_len - ctx->read_len, 0, blen);
   }
   nread = 0;
   if(ctx->read_cb && blen) {
@@ -1363,9 +1346,9 @@ static CURLcode cr_buf_resume_from(struct Curl_easy *data,
   /* already started reading? */
   if(ctx->index)
     return CURLE_READ_ERROR;
-  if(offset <= 0)
+  boffset = curlx_sotouz_range(offset, 0, SIZE_MAX);
+  if(!boffset)
     return CURLE_OK;
-  boffset = (size_t)offset;
   if(boffset > ctx->blen)
     return CURLE_READ_ERROR;
 
diff --git a/lib/setopt.c b/lib/setopt.c
index 9f43b1b60d..338e94d1bb 100644
--- a/lib/setopt.c
+++ b/lib/setopt.c
@@ -1689,22 +1689,20 @@ static CURLcode setopt_cptr(struct Curl_easy *data, CURLoption option,
     if(!ptr || s->postfieldsize == -1)
       result = Curl_setstropt(&s->str[STRING_COPYPOSTFIELDS], ptr);
     else {
+      size_t pflen;
+
       if(s->postfieldsize < 0)
         return CURLE_BAD_FUNCTION_ARGUMENT;
-#if SIZEOF_CURL_OFF_T > SIZEOF_SIZE_T
-      /*
-       *  Check that requested length does not overflow the size_t type.
-       */
-      else if(s->postfieldsize > SIZE_MAX)
+      pflen = curlx_sotouz_range(s->postfieldsize, 0, SIZE_MAX);
+      if(pflen == SIZE_MAX)
         return CURLE_OUT_OF_MEMORY;
-#endif
       else {
         /* Allocate even when size == 0. This satisfies the need of possible
            later address compare to detect the COPYPOSTFIELDS mode, and to
            mark that postfields is used rather than read function or form
            data.
         */
-        char *p = Curl_memdup0(ptr, (size_t)s->postfieldsize);
+        char *p = Curl_memdup0(ptr, pflen);
         if(!p)
           return CURLE_OUT_OF_MEMORY;
         else {
diff --git a/lib/transfer.c b/lib/transfer.c
index 6ae21e1a40..4c17cbb50d 100644
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -82,6 +82,7 @@
 #include "hsts.h"
 #include "setopt.h"
 #include "headers.h"
+#include "curlx/warnless.h"
 
 /* The last 2 #include files should be in this order */
 #include "curl_memory.h"
@@ -189,53 +190,44 @@ CURLcode Curl_xfer_send_shutdown(struct Curl_easy *data, bool *done)
  * @param err error    code in case of -1 return
  * @return number of bytes read or -1 for error
  */
-static ssize_t xfer_recv_resp(struct Curl_easy *data,
-                              char *buf, size_t blen,
-                              bool eos_reliable,
-                              CURLcode *err)
+static CURLcode xfer_recv_resp(struct Curl_easy *data,
+                               char *buf, size_t blen,
+                               bool eos_reliable,
+                               size_t *pnread)
 {
-  size_t nread;
+  CURLcode result;
 
   DEBUGASSERT(blen > 0);
+  *pnread = 0;
   /* If we are reading BODY data and the connection does NOT handle EOF
    * and we know the size of the BODY data, limit the read amount */
   if(!eos_reliable && !data->req.header && data->req.size != -1) {
-    curl_off_t totalleft = data->req.size - data->req.bytecount;
-    if(totalleft <= 0)
-      blen = 0;
-    else if(totalleft < (curl_off_t)blen)
-      blen = (size_t)totalleft;
+    blen = curlx_sotouz_range(data->req.size - data->req.bytecount, 0, blen);
   }
   else if(xfer_recv_shutdown_started(data)) {
     /* we already received everything. Do not try more. */
     blen = 0;
   }
 
-  if(!blen) {
-    /* want nothing more */
-    *err = CURLE_OK;
-    nread = 0;
-  }
-  else {
-    *err = Curl_xfer_recv(data, buf, blen, &nread);
+  if(blen) {
+    result = Curl_xfer_recv(data, buf, blen, pnread);
+    if(result)
+      return result;
   }
 
-  if(*err)
-    return -1;
-  if(nread == 0) {
+  if(*pnread == 0) {
     if(data->req.shutdown) {
       bool done;
-      *err = xfer_recv_shutdown(data, &done);
-      if(*err)
-        return -1;
+      result = xfer_recv_shutdown(data, &done);
+      if(result)
+        return result;
       if(!done) {
-        *err = CURLE_AGAIN;
-        return -1;
+        return CURLE_AGAIN;
       }
     }
     DEBUGF(infof(data, "sendrecv_dl: we are done"));
   }
-  return (ssize_t)nread;
+  return CURLE_OK;
 }
 
 /*
@@ -264,7 +256,6 @@ static CURLcode sendrecv_dl(struct Curl_easy *data,
      read or we get a CURLE_AGAIN */
   do {
     size_t bytestoread;
-    ssize_t nread;
 
     if(!is_multiplex) {
       /* Multiplexed connection have inherent handling of EOF and we do not
@@ -288,9 +279,9 @@ static CURLcode sendrecv_dl(struct Curl_easy *data,
     }
 
     rcvd_eagain = FALSE;
-    nread = xfer_recv_resp(data, buf, bytestoread, is_multiplex, &result);
-    if(nread < 0) {
-      if(CURLE_AGAIN != result)
+    result = xfer_recv_resp(data, buf, bytestoread, is_multiplex, &blen);
+    if(result) {
+      if(result != CURLE_AGAIN)
         goto out; /* real error */
       rcvd_eagain = TRUE;
       result = CURLE_OK;
@@ -298,7 +289,7 @@ static CURLcode sendrecv_dl(struct Curl_easy *data,
          !data->req.resp_trailer) {
         DEBUGF(infof(data, "EAGAIN, download done, no trailer announced, "
                "not waiting for EOS"));
-        nread = 0;
+        blen = 0;
         /* continue as if we received the EOS */
       }
       else
@@ -306,7 +297,6 @@ static CURLcode sendrecv_dl(struct Curl_easy *data,
     }
 
     /* We only get a 0-length receive at the end of the response */
-    blen = (size_t)nread;
     is_eos = (blen == 0);
 
     if(!blen && (conn->recv[FIRSTSOCKET] == Curl_cf_recv)) {
@@ -899,8 +889,8 @@ CURLcode Curl_xfer_recv(struct Curl_easy *data,
   DEBUGASSERT(data->conn);
   DEBUGASSERT(data->set.buffer_size > 0);
 
-  if((size_t)data->set.buffer_size < blen)
-    blen = (size_t)data->set.buffer_size;
+  if(curlx_uitouz(data->set.buffer_size) < blen)
+    blen = curlx_uitouz(data->set.buffer_size);
   return Curl_conn_recv(data, data->conn->recv_idx, buf, blen, pnrcvd);
 }
 
diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c
index 1f70e0b480..475060ebdd 100644
--- a/lib/vquic/curl_ngtcp2.c
+++ b/lib/vquic/curl_ngtcp2.c
@@ -1320,32 +1320,25 @@ static CURLcode init_ngh3_conn(struct Curl_cfilter *cf,
   return CURLE_OK;
 }
 
-static ssize_t recv_closed_stream(struct Curl_cfilter *cf,
+static CURLcode recv_closed_stream(struct Curl_cfilter *cf,
                                   struct Curl_easy *data,
                                   struct h3_stream_ctx *stream,
-                                  CURLcode *err)
+                                  size_t *pnread)
 {
-  ssize_t nread = -1;
-
   (void)cf;
+  *pnread = 0;
   if(stream->reset) {
     failf(data, "HTTP/3 stream %" FMT_PRId64 " reset by server", stream->id);
-    *err = data->req.bytecount ? CURLE_PARTIAL_FILE : CURLE_HTTP3;
-    goto out;
+    return data->req.bytecount ? CURLE_PARTIAL_FILE : CURLE_HTTP3;
   }
   else if(!stream->resp_hds_complete) {
     failf(data,
           "HTTP/3 stream %" FMT_PRId64 " was closed cleanly, but before "
           "getting all response header fields, treated as error",
           stream->id);
-    *err = CURLE_HTTP3;
-    goto out;
+    return CURLE_HTTP3;
   }
-  *err = CURLE_OK;
-  nread = 0;
-
-out:
-  return nread;
+  return CURLE_OK;
 }
 
 /* incoming data frames on the h3 stream */
@@ -1393,9 +1386,7 @@ static CURLcode cf_ngtcp2_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
     goto out;
   }
   else if(stream->closed) {
-    ssize_t nread = recv_closed_stream(cf, data, stream, &result);
-    if(nread > 0)
-      *pnread = (size_t)nread;
+    result = recv_closed_stream(cf, data, stream, pnread);
     goto out;
   }
   result = CURLE_AGAIN;
diff --git a/lib/ws.c b/lib/ws.c
index ddf49c9d2d..96a0d61378 100644
--- a/lib/ws.c
+++ b/lib/ws.c
@@ -41,6 +41,7 @@
 #include "select.h"
 #include "curlx/nonblock.h"
 #include "curlx/strparse.h"
+#include "curlx/warnless.h"
 
 /* The last 2 #include files should be in this order */
 #include "curl_memory.h"
@@ -489,12 +490,13 @@ static CURLcode ws_dec_pass_payload(struct ws_decoder *dec,
   size_t inlen;
   size_t nwritten;
   CURLcode result;
-  curl_off_t remain = dec->payload_len - dec->payload_offset;
+  size_t remain = curlx_sotouz_range(dec->payload_len - dec->payload_offset,
+                                     0, SIZE_MAX);
 
   (void)data;
   while(remain && Curl_bufq_peek(inraw, &inbuf, &inlen)) {
-    if((curl_off_t)inlen > remain)
-      inlen = (size_t)remain;
+    if(inlen > remain)
+      inlen = remain;
     result = write_cb(inbuf, inlen, dec->frame_age, dec->frame_flags,
                       dec->payload_offset, dec->payload_len,
                       write_ctx, &nwritten);
@@ -502,9 +504,10 @@ static CURLcode ws_dec_pass_payload(struct ws_decoder *dec,
       return result;
     Curl_bufq_skip(inraw, nwritten);
     dec->payload_offset += nwritten;
-    remain = dec->payload_len - dec->payload_offset;
-    CURL_TRC_WS(data, "passed %zu bytes payload, %"
-                FMT_OFF_T " remain", nwritten, remain);
+    remain = curlx_sotouz_range(dec->payload_len - dec->payload_offset,
+                                0, SIZE_MAX);
+    CURL_TRC_WS(data, "passed %zu bytes payload, %zu remain",
+                nwritten, remain);
   }
 
   return remain ? CURLE_AGAIN : CURLE_OK;
@@ -651,16 +654,13 @@ static curl_off_t ws_payload_remain(curl_off_t payload_total,
                                     curl_off_t payload_offset,
                                     size_t payload_buffered)
 {
-  curl_off_t remain = payload_total - payload_offset;
+  curl_off_t buffered, remain = payload_total - payload_offset;
   if((payload_total < 0) || (payload_offset < 0) || (remain < 0))
     return -1;
-#if SIZEOF_SIZE_T >= SIZEOF_CURL_OFF_T
-  if(payload_buffered > (size_t)CURL_OFF_T_MAX)
+  buffered = curlx_uztoso(payload_buffered);
+  if(remain < buffered)
     return -1;
-#endif
-  if(remain < (curl_off_t)payload_buffered)
-    return -1;
-  return remain - (curl_off_t)payload_buffered;
+  return remain - buffered;
 }
 
 static CURLcode ws_cw_dec_next(const unsigned char *buf, size_t buflen,
@@ -947,7 +947,7 @@ static CURLcode ws_enc_write_payload(struct ws_encoder *enc,
                                      struct bufq *out, size_t *pnwritten)
 {
   CURLcode result;
-  size_t i, len, n;
+  size_t i, len, n, remain;
 
   *pnwritten = 0;
   if(Curl_bufq_is_full(out))
@@ -955,8 +955,9 @@ static CURLcode ws_enc_write_payload(struct ws_encoder *enc,
 
   /* not the most performant way to do this */
   len = buflen;
-  if((curl_off_t)len > enc->payload_remain)
-    len = (size_t)enc->payload_remain;
+  remain = curlx_sotouz_range(enc->payload_remain, 0, SIZE_MAX);
+  if(remain < len)
+    len = remain;
 
   for(i = 0; i < len; ++i) {
     unsigned char c = buf[i] ^ enc->mask[enc->xori];
@@ -1167,8 +1168,7 @@ static CURLcode cr_ws_read(struct Curl_easy *data,
     if(ws->enc.payload_remain) {
       CURL_TRC_WS(data, "current frame, %" FMT_OFF_T " remaining",
                   ws->enc.payload_remain);
-      if(ws->enc.payload_remain < (curl_off_t)blen)
-        blen = (size_t)ws->enc.payload_remain;
+      blen = curlx_sotouz_range(ws->enc.payload_remain, 0, blen);
     }
 
     result = Curl_creader_read(data, reader->next, buf, blen, &nread, &eos);

From 833c429627ea3771d2fd027d85721bf9549342aa Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Thu, 13 Nov 2025 13:19:01 +0100
Subject: [PATCH 0835/2408] wolfssl: simplify wssl_send_earlydata

Move out logic from a switch() expression and return error directly
instead of using goto. This also removes the odd-looking two subsequent
closing braces at the same indent level.

Closes #19509
---
 lib/vtls/wolfssl.c | 22 +++++++---------------
 1 file changed, 7 insertions(+), 15 deletions(-)

diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c
index 34fc17d994..9d6b094ff1 100644
--- a/lib/vtls/wolfssl.c
+++ b/lib/vtls/wolfssl.c
@@ -1618,7 +1618,6 @@ static CURLcode wssl_send_earlydata(struct Curl_cfilter *cf,
 {
   struct ssl_connect_data *connssl = cf->ctx;
   struct wssl_ctx *wssl = (struct wssl_ctx *)connssl->backend;
-  CURLcode result = CURLE_OK;
   const unsigned char *buf;
   size_t blen;
 
@@ -1633,23 +1632,17 @@ static CURLcode wssl_send_earlydata(struct Curl_cfilter *cf,
                 blen, rc, nwritten);
     if(rc < 0) {
       int err = wolfSSL_get_error(wssl->ssl, rc);
+      char error_buffer[256];
       switch(err) {
       case WOLFSSL_ERROR_NONE: /* just did not get anything */
       case WOLFSSL_ERROR_WANT_READ:
       case WOLFSSL_ERROR_WANT_WRITE:
-        result = CURLE_AGAIN;
-        break;
-      default: {
-        char error_buffer[256];
-        CURL_TRC_CF(data, cf, "SSL send early data, error: '%s'(%d)",
-                    wssl_strerror((unsigned long)err, error_buffer,
-                                  sizeof(error_buffer)),
-                    err);
-        result = CURLE_SEND_ERROR;
-        break;
+        return CURLE_AGAIN;
       }
-      }
-      goto out;
+      CURL_TRC_CF(data, cf, "SSL send early data, error: '%s'(%d)",
+                  wssl_strerror((unsigned long)err, error_buffer,
+                                sizeof(error_buffer)), err);
+      return CURLE_SEND_ERROR;
     }
 
     Curl_bufq_skip(&connssl->earlydata, (size_t)nwritten);
@@ -1659,8 +1652,7 @@ static CURLcode wssl_send_earlydata(struct Curl_cfilter *cf,
   if(!Curl_ssl_cf_is_proxy(cf))
     Curl_pgrsEarlyData(data, (curl_off_t)connssl->earlydata_skip);
   infof(data, "SSL sending %zu bytes of early data", connssl->earlydata_skip);
-out:
-  return result;
+  return CURLE_OK;
 }
 #endif /* WOLFSSL_EARLY_DATA */
 

From bb1391f94394e635c1a5c58253e7a3d3b36bde57 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 13 Nov 2025 12:46:59 +0100
Subject: [PATCH 0836/2408] tests/server: replace `atoi()` and `atol()` with
 `curlx_str_number()`

Closes #19510
---
 tests/server/dnsd.c     |  6 +++-
 tests/server/first.h    |  1 -
 tests/server/mqttd.c    | 31 ++++++++++++++------
 tests/server/rtspd.c    | 26 ++++++++++++++---
 tests/server/sockfilt.c | 12 +++++---
 tests/server/socksd.c   | 64 +++++++++++++++++++++++++++--------------
 tests/server/sws.c      | 41 +++++++++++++++++---------
 tests/server/tftpd.c    | 16 +++++++++--
 tests/server/util.c     |  6 ----
 9 files changed, 141 insertions(+), 62 deletions(-)

diff --git a/tests/server/dnsd.c b/tests/server/dnsd.c
index 93edcb2397..c541b05295 100644
--- a/tests/server/dnsd.c
+++ b/tests/server/dnsd.c
@@ -399,6 +399,8 @@ static int test_dnsd(int argc, char **argv)
   serverlogslocked = 0;
 
   while(argc > arg) {
+    const char *opt;
+    curl_off_t num;
     if(!strcmp("--verbose", argv[arg])) {
       arg++;
       /* nothing yet */
@@ -450,7 +452,9 @@ static int test_dnsd(int argc, char **argv)
     else if(!strcmp("--port", argv[arg])) {
       arg++;
       if(argc > arg) {
-        port = (unsigned short)atoi(argv[arg]);
+        opt = argv[arg];
+        if(!curlx_str_number(&opt, &num, 0xffff))
+          port = (unsigned short)num;
         arg++;
       }
     }
diff --git a/tests/server/first.h b/tests/server/first.h
index 8e69a2b976..3a7255ccb8 100644
--- a/tests/server/first.h
+++ b/tests/server/first.h
@@ -128,7 +128,6 @@ extern int getpart(char **outbuf, size_t *outlen,
 extern char *data_to_hex(char *data, size_t len);
 extern void logmsg(const char *msg, ...);
 extern void loghex(unsigned char *buffer, ssize_t len);
-extern unsigned char byteval(char *value);
 extern int win32_init(void);
 extern FILE *test2fopen(long testno, const char *logdir2);
 extern curl_off_t our_getpid(void);
diff --git a/tests/server/mqttd.c b/tests/server/mqttd.c
index acb427a37c..c99a0e8084 100644
--- a/tests/server/mqttd.c
+++ b/tests/server/mqttd.c
@@ -81,10 +81,15 @@ static void mqttd_getconfig(void)
     while(fgets(buffer, sizeof(buffer), fp)) {
       char key[32];
       char value[32];
+      const char *pval;
+      curl_off_t num;
       if(sscanf(buffer, "%31s %31s", key, value) == 2) {
         if(!strcmp(key, "version")) {
-          m_config.version = byteval(value);
-          logmsg("version [%d] set", m_config.version);
+          pval = value;
+          if(!curlx_str_number(&pval, &num, 0xff)) {
+            m_config.version = (unsigned char)num;
+            logmsg("version [%d] set", m_config.version);
+          }
         }
         else if(!strcmp(key, "PUBLISH-before-SUBACK")) {
           logmsg("PUBLISH-before-SUBACK set");
@@ -95,12 +100,18 @@ static void mqttd_getconfig(void)
           m_config.short_publish = TRUE;
         }
         else if(!strcmp(key, "error-CONNACK")) {
-          m_config.error_connack = byteval(value);
-          logmsg("error-CONNACK = %d", m_config.error_connack);
+          pval = value;
+          if(!curlx_str_number(&pval, &num, 0xff)) {
+            m_config.error_connack = (unsigned char)num;
+            logmsg("error-CONNACK = %d", m_config.error_connack);
+          }
         }
         else if(!strcmp(key, "Testnum")) {
-          m_config.testnum = atoi(value);
-          logmsg("testnum = %d", m_config.testnum);
+          pval = value;
+          if(!curlx_str_number(&pval, &num, INT_MAX)) {
+            m_config.testnum = (int)num;
+            logmsg("testnum = %d", m_config.testnum);
+          }
         }
         else if(!strcmp(key, "excessive-remaining")) {
           logmsg("excessive-remaining set");
@@ -734,6 +745,8 @@ static int test_mqttd(int argc, char *argv[])
   server_port = 1883; /* MQTT default port */
 
   while(argc > arg) {
+    const char *opt;
+    curl_off_t num;
     if(!strcmp("--version", argv[arg])) {
       printf("mqttd IPv4%s\n",
 #ifdef USE_IPV6
@@ -787,13 +800,13 @@ static int test_mqttd(int argc, char *argv[])
     else if(!strcmp("--port", argv[arg])) {
       arg++;
       if(argc > arg) {
-        int inum = atoi(argv[arg]);
-        if(inum && ((inum < 1025) || (inum > 65535))) {
+        opt = argv[arg];
+        if(curlx_str_number(&opt, &num, 0xffff) || num < 1025) {
           fprintf(stderr, "mqttd: invalid --port argument (%s)\n",
                   argv[arg]);
           return 0;
         }
-        server_port = (unsigned short)inum;
+        server_port = (unsigned short)num;
         arg++;
       }
     }
diff --git a/tests/server/rtspd.c b/tests/server/rtspd.c
index d13b8ff9a9..c3d4678ae4 100644
--- a/tests/server/rtspd.c
+++ b/tests/server/rtspd.c
@@ -165,6 +165,8 @@ static int rtspd_ProcessRequest(struct rtspd_httprequest *req)
             &prot_major,
             &prot_minor) == 5) {
     char *ptr;
+    const char *pval;
+    curl_off_t testnum;
 
     if(!strcmp(prot_str, "HTTP")) {
       req->protocol = RPROT_HTTP;
@@ -211,7 +213,14 @@ static int rtspd_ProcessRequest(struct rtspd_httprequest *req)
       while(*ptr && !ISDIGIT(*ptr))
         ptr++;
 
-      req->testno = atol(ptr);
+      pval = ptr;
+      if(!curlx_str_number(&pval, &testnum, INT_MAX))
+        req->testno = (long)testnum;
+      else {
+        req->protocol = RPROT_NONE;
+        logmsg("rtspd: failed to read the test number from '%s'", doc);
+        return 1;
+      }
 
       if(req->testno > 10000) {
         req->partno = req->testno % 10000;
@@ -359,8 +368,13 @@ static int rtspd_ProcessRequest(struct rtspd_httprequest *req)
           /* if the host name starts with test, the port number used in the
              CONNECT line will be used as test number! */
           char *portp = strchr(doc, ':');
-          if(portp && (*(portp + 1) != '\0') && ISDIGIT(*(portp + 1)))
-            req->testno = atol(portp + 1);
+          if(portp && (*(portp + 1) != '\0') && ISDIGIT(*(portp + 1))) {
+            pval = portp + 1;
+            if(!curlx_str_number(&pval, &testnum, INT_MAX))
+              req->testno = (long)testnum;
+            else
+              req->testno = DOCNUMBER_CONNECT;
+          }
           else
             req->testno = DOCNUMBER_CONNECT;
         }
@@ -1006,6 +1020,8 @@ static int test_rtspd(int argc, char *argv[])
   serverlogslocked = 0;
 
   while(argc > arg) {
+    const char *opt;
+    curl_off_t num;
     if(!strcmp("--version", argv[arg])) {
       printf("rtspd IPv4%s"
              "\n"
@@ -1055,7 +1071,9 @@ static int test_rtspd(int argc, char *argv[])
     else if(!strcmp("--port", argv[arg])) {
       arg++;
       if(argc > arg) {
-        port = (unsigned short)atol(argv[arg]);
+        opt = argv[arg];
+        if(!curlx_str_number(&opt, &num, 0xffff))
+          port = (unsigned short)num;
         arg++;
       }
     }
diff --git a/tests/server/sockfilt.c b/tests/server/sockfilt.c
index 48728bfd01..91ebb7c9a1 100644
--- a/tests/server/sockfilt.c
+++ b/tests/server/sockfilt.c
@@ -1240,6 +1240,8 @@ static int test_sockfilt(int argc, char *argv[])
   server_port = 8999;
 
   while(argc > arg) {
+    const char *opt;
+    curl_off_t num;
     if(!strcmp("--version", argv[arg])) {
       printf("sockfilt IPv4%s\n",
 #ifdef USE_IPV6
@@ -1291,7 +1293,9 @@ static int test_sockfilt(int argc, char *argv[])
     else if(!strcmp("--port", argv[arg])) {
       arg++;
       if(argc > arg) {
-        server_port = (unsigned short)atol(argv[arg]);
+        opt = argv[arg];
+        if(!curlx_str_number(&opt, &num, 0xffff))
+          server_port = (unsigned short)num;
         arg++;
       }
     }
@@ -1300,13 +1304,13 @@ static int test_sockfilt(int argc, char *argv[])
          doing a passive server-style listening. */
       arg++;
       if(argc > arg) {
-        int inum = atoi(argv[arg]);
-        if(inum && ((inum < 1025) || (inum > 65535))) {
+        opt = argv[arg];
+        if(curlx_str_number(&opt, &num, 0xffff) || num < 1025) {
           fprintf(stderr, "sockfilt: invalid --connect argument (%s)\n",
                   argv[arg]);
           return 0;
         }
-        server_connectport = (unsigned short)inum;
+        server_connectport = (unsigned short)num;
         arg++;
       }
     }
diff --git a/tests/server/socksd.c b/tests/server/socksd.c
index 1f2460ec29..f14ee13ee4 100644
--- a/tests/server/socksd.c
+++ b/tests/server/socksd.c
@@ -106,12 +106,6 @@ static void socksd_resetdefaults(void)
   strcpy(s_config.password, "password");
 }
 
-static unsigned short shortval(char *value)
-{
-  unsigned long num = (unsigned long)atol(value);
-  return num & 0xffff;
-}
-
 static void socksd_getconfig(void)
 {
   FILE *fp = fopen(configfile, FOPEN_READTEXT);
@@ -122,26 +116,40 @@ static void socksd_getconfig(void)
     while(fgets(buffer, sizeof(buffer), fp)) {
       char key[32];
       char value[260];
+      const char *pval;
+      curl_off_t num;
       if(sscanf(buffer, "%31s %259s", key, value) == 2) {
         if(!strcmp(key, "version")) {
-          s_config.version = byteval(value);
-          logmsg("version [%d] set", s_config.version);
+          pval = value;
+          if(!curlx_str_number(&pval, &num, 0xff)) {
+            s_config.version = (unsigned char)num;
+            logmsg("version [%d] set", s_config.version);
+          }
         }
         else if(!strcmp(key, "nmethods_min")) {
-          s_config.nmethods_min = byteval(value);
-          logmsg("nmethods_min [%d] set", s_config.nmethods_min);
+          pval = value;
+          if(!curlx_str_number(&pval, &num, 0xff)) {
+            s_config.nmethods_min = (unsigned char)num;
+            logmsg("nmethods_min [%d] set", s_config.nmethods_min);
+          }
         }
         else if(!strcmp(key, "nmethods_max")) {
-          s_config.nmethods_max = byteval(value);
-          logmsg("nmethods_max [%d] set", s_config.nmethods_max);
+          pval = value;
+          if(!curlx_str_number(&pval, &num, 0xff)) {
+            s_config.nmethods_max = (unsigned char)num;
+            logmsg("nmethods_max [%d] set", s_config.nmethods_max);
+          }
         }
         else if(!strcmp(key, "backend")) {
           strcpy(s_config.addr, value);
           logmsg("backend [%s] set", s_config.addr);
         }
         else if(!strcmp(key, "backendport")) {
-          s_config.port = shortval(value);
-          logmsg("backendport [%d] set", s_config.port);
+          pval = value;
+          if(!curlx_str_number(&pval, &num, 0xffff)) {
+            s_config.port = (unsigned short)num;
+            logmsg("backendport [%d] set", s_config.port);
+          }
         }
         else if(!strcmp(key, "user")) {
           strcpy(s_config.user, value);
@@ -157,12 +165,18 @@ static void socksd_getconfig(void)
            o  X'02' USERNAME/PASSWORD
         */
         else if(!strcmp(key, "method")) {
-          s_config.responsemethod = byteval(value);
-          logmsg("method [%d] set", s_config.responsemethod);
+          pval = value;
+          if(!curlx_str_number(&pval, &num, 0xff)) {
+            s_config.responsemethod = (unsigned char)num;
+            logmsg("method [%d] set", s_config.responsemethod);
+          }
         }
         else if(!strcmp(key, "response")) {
-          s_config.connectrep = byteval(value);
-          logmsg("response [%d] set", s_config.connectrep);
+          pval = value;
+          if(!curlx_str_number(&pval, &num, 0xff)) {
+            s_config.connectrep = (unsigned char)num;
+            logmsg("response [%d] set", s_config.connectrep);
+          }
         }
       }
     }
@@ -754,6 +768,8 @@ static int test_socksd(int argc, char *argv[])
   server_port = 8905;
 
   while(argc > arg) {
+    const char *opt;
+    curl_off_t num;
     if(!strcmp("--version", argv[arg])) {
       printf("socksd IPv4%s\n",
 #ifdef USE_IPV6
@@ -786,8 +802,12 @@ static int test_socksd(int argc, char *argv[])
     }
     else if(!strcmp("--backendport", argv[arg])) {
       arg++;
-      if(argc > arg)
-        backendport = (unsigned short)atoi(argv[arg++]);
+      if(argc > arg) {
+        opt = argv[arg];
+        if(!curlx_str_number(&opt, &num, 0xffff))
+          backendport = (unsigned short)num;
+        arg++;
+      }
     }
     else if(!strcmp("--logfile", argv[arg])) {
       arg++;
@@ -834,7 +854,9 @@ static int test_socksd(int argc, char *argv[])
     else if(!strcmp("--port", argv[arg])) {
       arg++;
       if(argc > arg) {
-        server_port = (unsigned short)atol(argv[arg]);
+        opt = argv[arg];
+        if(!curlx_str_number(&opt, &num, 0xffff))
+          server_port = (unsigned short)num;
         arg++;
       }
     }
diff --git a/tests/server/sws.c b/tests/server/sws.c
index caa5605534..ab73ec3369 100644
--- a/tests/server/sws.c
+++ b/tests/server/sws.c
@@ -308,6 +308,8 @@ static int sws_ProcessRequest(struct sws_httprequest *req)
   int prot_major = 0;
   int prot_minor = 0;
   char *end = strstr(line, end_of_headers);
+  const char *pval;
+  curl_off_t num;
 
   req->callcount++;
 
@@ -391,7 +393,9 @@ static int sws_ProcessRequest(struct sws_httprequest *req)
 
         ptr++; /* skip the slash */
 
-        req->testno = atol(ptr);
+        pval = ptr;
+        if(!curlx_str_number(&pval, &num, INT_MAX))
+          req->testno = (long)num;
 
         if(req->testno > 10000) {
           req->partno = req->testno % 10000;
@@ -450,12 +454,12 @@ static int sws_ProcessRequest(struct sws_httprequest *req)
             portp = strchr(doc, ':');
 
           if(portp && (*(portp + 1) != '\0') && ISDIGIT(*(portp + 1))) {
-            int inum = atoi(portp + 1);
-            if((inum <= 0) || (inum > 65535))
+            pval = portp + 1;
+            if(curlx_str_number(&pval, &num, 0xffff) ||
+               (num <= 0) || (num > 65535))
               logmsg("Invalid CONNECT port received");
             else
-              req->connect_port = (unsigned short)inum;
-
+              req->connect_port = (unsigned short)num;
           }
           logmsg("Port number: %d, test case number: %ld",
                  req->connect_port, req->testno);
@@ -491,8 +495,13 @@ static int sws_ProcessRequest(struct sws_httprequest *req)
     /* check for a Testno: header with the test case number */
     char *testno = strstr(line, "\nTestno: ");
     if(testno) {
-      req->testno = atol(&testno[9]);
-      logmsg("Found test number %ld in Testno: header!", req->testno);
+      pval = &testno[9];
+      if(!curlx_str_number(&pval, &num, INT_MAX)) {
+        req->testno = (long)num;
+        logmsg("Found test number %ld in Testno: header!", req->testno);
+      }
+      else
+        logmsg("No Testno: number");
     }
     else {
       logmsg("No Testno: header");
@@ -517,7 +526,9 @@ static int sws_ProcessRequest(struct sws_httprequest *req)
       while(*ptr && !ISDIGIT(*ptr))
         ptr++;
 
-      req->testno = atol(ptr);
+      pval = ptr;
+      if(!curlx_str_number(&pval, &num, INT_MAX))
+        req->testno = (long)num;
 
       if(req->testno > 10000) {
         req->partno = req->testno % 10000;
@@ -2005,6 +2016,8 @@ static int test_sws(int argc, char *argv[])
   serverlogslocked = 0;
 
   while(argc > arg) {
+    const char *opt;
+    curl_off_t num;
     if(!strcmp("--version", argv[arg])) {
       puts("sws IPv4"
 #ifdef USE_IPV6
@@ -2082,13 +2095,13 @@ static int test_sws(int argc, char *argv[])
     else if(!strcmp("--port", argv[arg])) {
       arg++;
       if(argc > arg) {
-        int inum = atoi(argv[arg]);
-        if(inum && ((inum < 1025) || (inum > 65535))) {
+        opt = argv[arg];
+        if(curlx_str_number(&opt, &num, 0xffff) || num < 1025) {
           fprintf(stderr, "sws: invalid --port argument (%s)\n",
                   argv[arg]);
           return 0;
         }
-        port = (unsigned short)inum;
+        port = (unsigned short)num;
         arg++;
       }
     }
@@ -2102,13 +2115,13 @@ static int test_sws(int argc, char *argv[])
     else if(!strcmp("--keepalive", argv[arg])) {
       arg++;
       if(argc > arg) {
-        int inum = atoi(argv[arg]);
-        if(inum && (inum > 65535)) {
+        opt = argv[arg];
+        if(curlx_str_number(&opt, &num, 0xffff)) {
           fprintf(stderr, "sws: invalid --keepalive argument (%s), must "
                   "be number of seconds\n", argv[arg]);
           return 0;
         }
-        keepalive_secs = (unsigned short)inum;
+        keepalive_secs = (unsigned short)num;
         arg++;
       }
     }
diff --git a/tests/server/tftpd.c b/tests/server/tftpd.c
index 31ae5c8a39..819f06bf2d 100644
--- a/tests/server/tftpd.c
+++ b/tests/server/tftpd.c
@@ -561,6 +561,8 @@ static int test_tftpd(int argc, char **argv)
   serverlogslocked = 0;
 
   while(argc > arg) {
+    const char *opt;
+    curl_off_t num;
     if(!strcmp("--version", argv[arg])) {
       printf("tftpd IPv4%s\n",
 #ifdef USE_IPV6
@@ -608,7 +610,9 @@ static int test_tftpd(int argc, char **argv)
     else if(!strcmp("--port", argv[arg])) {
       arg++;
       if(argc > arg) {
-        port = (unsigned short)atol(argv[arg]);
+        opt = argv[arg];
+        if(!curlx_str_number(&opt, &num, 0xffff))
+          port = (unsigned short)num;
         arg++;
       }
     }
@@ -1095,6 +1099,8 @@ static int validate_access(struct testcase *test,
     char partbuf[80]="data";
     long partno;
     long testno;
+    const char *pval;
+    curl_off_t num;
     FILE *stream;
 
     ptr++; /* skip the slash */
@@ -1104,7 +1110,13 @@ static int validate_access(struct testcase *test,
       ptr++;
 
     /* get the number */
-    testno = atol(ptr);
+    pval = ptr;
+    if(!curlx_str_number(&pval, &num, INT_MAX))
+      testno = (long)num;
+    else {
+      logmsg("tftpd: failed to read the test number from '%s'", filename);
+      return TFTP_EACCESS;
+    }
 
     if(testno > 10000) {
       partno = testno % 10000;
diff --git a/tests/server/util.c b/tests/server/util.c
index 0e34f4ab21..6de8000327 100644
--- a/tests/server/util.c
+++ b/tests/server/util.c
@@ -132,12 +132,6 @@ void logmsg(const char *msg, ...)
   }
 }
 
-unsigned char byteval(char *value)
-{
-  unsigned int num = (unsigned int)atoi(value);
-  return num & 0xff;
-}
-
 #ifdef _WIN32
 /* use instead of perror() on generic Windows */
 static void win32_perror(const char *msg)

From 6384e2aca0045e72d7d81c9fbdca1d284ed704b6 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 12 Nov 2025 23:37:06 +0100
Subject: [PATCH 0837/2408] checksrc: disallow `atoi` and `atol` globally

No longer used in core and test code.

Also: allowlist in docs/examples.

Closes #19508
---
 docs/examples/.checksrc | 2 ++
 scripts/checksrc.pl     | 2 ++
 src/.checksrc           | 1 -
 3 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/docs/examples/.checksrc b/docs/examples/.checksrc
index e35dccc726..c47627467f 100644
--- a/docs/examples/.checksrc
+++ b/docs/examples/.checksrc
@@ -2,6 +2,8 @@
 #
 # SPDX-License-Identifier: curl
 
+allowfunc atoi
+allowfunc atol
 allowfunc fclose
 allowfunc fdopen
 allowfunc fopen
diff --git a/scripts/checksrc.pl b/scripts/checksrc.pl
index 5dcad3e315..caf60e1c4d 100755
--- a/scripts/checksrc.pl
+++ b/scripts/checksrc.pl
@@ -72,6 +72,8 @@ my %banfunc = (
     "strtok_r" => 1,
     "strtol" => 1,
     "strtoul" => 1,
+    "atoi" => 1,
+    "atol" => 1,
     "_mbscat" => 1,
     "_mbsncat" => 1,
     "_tcscat" => 1,
diff --git a/src/.checksrc b/src/.checksrc
index 37b81cfe2f..bc97c06028 100644
--- a/src/.checksrc
+++ b/src/.checksrc
@@ -3,4 +3,3 @@
 # SPDX-License-Identifier: curl
 
 enable STDERR
-banfunc atoi

From f2a75a14dd95e06cf9121c7d3bd5dc559748f350 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Thu, 13 Nov 2025 16:39:10 +0100
Subject: [PATCH 0838/2408] sws: repair --port, and accept any port

Also for mqttd and sockfilt. The < 1025 check was not serving any
purpose.

Follow-up to bb1391f94394e635c1a5c58253e7a3d3b36bde57
---
 tests/server/mqttd.c    | 2 +-
 tests/server/sockfilt.c | 2 +-
 tests/server/sws.c      | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/tests/server/mqttd.c b/tests/server/mqttd.c
index c99a0e8084..df5fb36903 100644
--- a/tests/server/mqttd.c
+++ b/tests/server/mqttd.c
@@ -801,7 +801,7 @@ static int test_mqttd(int argc, char *argv[])
       arg++;
       if(argc > arg) {
         opt = argv[arg];
-        if(curlx_str_number(&opt, &num, 0xffff) || num < 1025) {
+        if(curlx_str_number(&opt, &num, 0xffff)) {
           fprintf(stderr, "mqttd: invalid --port argument (%s)\n",
                   argv[arg]);
           return 0;
diff --git a/tests/server/sockfilt.c b/tests/server/sockfilt.c
index 91ebb7c9a1..7320fa6fe9 100644
--- a/tests/server/sockfilt.c
+++ b/tests/server/sockfilt.c
@@ -1305,7 +1305,7 @@ static int test_sockfilt(int argc, char *argv[])
       arg++;
       if(argc > arg) {
         opt = argv[arg];
-        if(curlx_str_number(&opt, &num, 0xffff) || num < 1025) {
+        if(curlx_str_number(&opt, &num, 0xffff)) {
           fprintf(stderr, "sockfilt: invalid --connect argument (%s)\n",
                   argv[arg]);
           return 0;
diff --git a/tests/server/sws.c b/tests/server/sws.c
index ab73ec3369..29e69d893b 100644
--- a/tests/server/sws.c
+++ b/tests/server/sws.c
@@ -2096,7 +2096,7 @@ static int test_sws(int argc, char *argv[])
       arg++;
       if(argc > arg) {
         opt = argv[arg];
-        if(curlx_str_number(&opt, &num, 0xffff) || num < 1025) {
+        if(curlx_str_number(&opt, &num, 0xffff)) {
           fprintf(stderr, "sws: invalid --port argument (%s)\n",
                   argv[arg]);
           return 0;

From 75955c0851cba958aa0f3137312ecb2a06f282a2 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Thu, 13 Nov 2025 16:26:24 +0100
Subject: [PATCH 0839/2408] tool_operate: exit on curl_share_setopt errors

Continuing when one of these has failed is fragile and error-prone.

Closes #19513
---
 src/tool_operate.c | 95 ++++++++++++++++++++++++++++------------------
 1 file changed, 58 insertions(+), 37 deletions(-)

diff --git a/src/tool_operate.c b/src/tool_operate.c
index 2c85839d17..9aee520f06 100644
--- a/src/tool_operate.c
+++ b/src/tool_operate.c
@@ -2200,6 +2200,36 @@ static CURLcode run_all_transfers(CURLSH *share,
   return result;
 }
 
+static CURLcode share_setopt(CURLSH *share, int opt)
+{
+  CURLSHcode shres = curl_share_setopt(share, CURLSHOPT_SHARE, opt);
+  if(!shres || (shres == CURLSHE_NOT_BUILT_IN))
+    return CURLE_OK;
+  return CURLE_FAILED_INIT;
+}
+
+static CURLcode share_setup(CURLSH *share)
+{
+  CURLcode result = CURLE_OK;
+  int i;
+  static int options[7] = {
+    CURL_LOCK_DATA_COOKIE,
+    CURL_LOCK_DATA_DNS,
+    CURL_LOCK_DATA_SSL_SESSION,
+    CURL_LOCK_DATA_PSL,
+    CURL_LOCK_DATA_HSTS,
+    0, /* 5 might be set below */
+    0
+  };
+  /* Running parallel, use the multi connection cache */
+  if(!global->parallel)
+    options[5] = CURL_LOCK_DATA_CONNECT;
+  for(i = 0; !result && options[i]; i++)
+    result = share_setopt(share, options[i]);
+  return result;
+}
+
+
 CURLcode operate(int argc, argv_item_t argv[])
 {
   CURLcode result = CURLE_OK;
@@ -2286,51 +2316,42 @@ CURLcode operate(int argc, argv_item_t argv[])
           result = CURLE_OUT_OF_MEMORY;
         }
 
+        if(!result)
+          result = share_setup(share);
+
+        if(!result && global->ssl_sessions && feature_ssls_export)
+          result = tool_ssls_load(global->first, share,
+                                  global->ssl_sessions);
+
         if(!result) {
-          curl_share_setopt(share, CURLSHOPT_SHARE, CURL_LOCK_DATA_COOKIE);
-          curl_share_setopt(share, CURLSHOPT_SHARE, CURL_LOCK_DATA_DNS);
-          curl_share_setopt(share, CURLSHOPT_SHARE,
-                            CURL_LOCK_DATA_SSL_SESSION);
-          /* Running parallel, use the multi connection cache */
-          if(!global->parallel)
-            curl_share_setopt(share, CURLSHOPT_SHARE, CURL_LOCK_DATA_CONNECT);
-          curl_share_setopt(share, CURLSHOPT_SHARE, CURL_LOCK_DATA_PSL);
-          curl_share_setopt(share, CURLSHOPT_SHARE, CURL_LOCK_DATA_HSTS);
+          /* Get the required arguments for each operation */
+          do {
+            result = get_args(operation, count++);
 
-          if(global->ssl_sessions && feature_ssls_export)
-            result = tool_ssls_load(global->first, share,
-                                    global->ssl_sessions);
+            operation = operation->next;
+          } while(!result && operation);
 
-          if(!result) {
-            /* Get the required arguments for each operation */
-            do {
-              result = get_args(operation, count++);
+          /* Set the current operation pointer */
+          global->current = global->first;
 
-              operation = operation->next;
-            } while(!result && operation);
+          /* now run! */
+          result = run_all_transfers(share, result);
 
-            /* Set the current operation pointer */
-            global->current = global->first;
-
-            /* now run! */
-            result = run_all_transfers(share, result);
-
-            if(global->ssl_sessions && feature_ssls_export) {
-              CURLcode r2 = tool_ssls_save(global->first, share,
-                                           global->ssl_sessions);
-              if(r2 && !result)
-                result = r2;
-            }
+          if(global->ssl_sessions && feature_ssls_export) {
+            CURLcode r2 = tool_ssls_save(global->first, share,
+                                         global->ssl_sessions);
+            if(r2 && !result)
+              result = r2;
           }
+        }
 
-          curl_share_cleanup(share);
-          if(global->libcurl) {
-            /* Cleanup the libcurl source output */
-            easysrc_cleanup();
+        curl_share_cleanup(share);
+        if(global->libcurl) {
+          /* Cleanup the libcurl source output */
+          easysrc_cleanup();
 
-            /* Dump the libcurl code if previously enabled */
-            dumpeasysrc();
-          }
+          /* Dump the libcurl code if previously enabled */
+          dumpeasysrc();
         }
       }
       else

From 0afb52a0cd2abfb2d6b9ac8400db36be8a7a49b2 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Thu, 13 Nov 2025 13:50:49 +0100
Subject: [PATCH 0840/2408] code: minor indent fixes before closing braces

Closes #19512
---
 docs/examples/ghiper.c     | 29 ++++++++----
 lib/http2.c                |  2 +-
 lib/if2ip.h                | 18 ++++----
 lib/strcase.c              | 62 +++++++++++++-------------
 lib/vtls/gtls.c            |  2 +-
 lib/vtls/mbedtls.c         |  5 +--
 lib/vtls/wolfssl.c         | 10 ++---
 packages/OS400/ccsidcurl.c | 38 ++++++++--------
 packages/OS400/curlmain.c  |  2 +-
 src/tool_formparse.c       |  2 +-
 src/tool_getparam.c        | 16 +++----
 src/tool_getpass.c         | 15 +++----
 tests/unit/unit1603.c      |  2 +-
 tests/unit/unit1651.c      |  3 +-
 tests/unit/unit1656.c      | 54 ++++++++++++-----------
 tests/unit/unit1660.c      | 90 +++++++++++++++++++-------------------
 16 files changed, 182 insertions(+), 168 deletions(-)

diff --git a/docs/examples/ghiper.c b/docs/examples/ghiper.c
index 61771c7ad7..45c129faea 100644
--- a/docs/examples/ghiper.c
+++ b/docs/examples/ghiper.c
@@ -101,14 +101,27 @@ static void mcode_or_die(const char *where, CURLMcode code)
   if(CURLM_OK != code) {
     const char *s;
     switch(code) {
-    case     CURLM_BAD_HANDLE:         s = "CURLM_BAD_HANDLE";         break;
-    case     CURLM_BAD_EASY_HANDLE:    s = "CURLM_BAD_EASY_HANDLE";    break;
-    case     CURLM_OUT_OF_MEMORY:      s = "CURLM_OUT_OF_MEMORY";      break;
-    case     CURLM_INTERNAL_ERROR:     s = "CURLM_INTERNAL_ERROR";     break;
-    case     CURLM_BAD_SOCKET:         s = "CURLM_BAD_SOCKET";         break;
-    case     CURLM_UNKNOWN_OPTION:     s = "CURLM_UNKNOWN_OPTION";     break;
-    case     CURLM_LAST:               s = "CURLM_LAST";               break;
-    default: s = "CURLM_unknown";
+    case CURLM_BAD_HANDLE:
+      s = "CURLM_BAD_HANDLE";
+      break;
+    case CURLM_BAD_EASY_HANDLE:
+      s = "CURLM_BAD_EASY_HANDLE";
+      break;
+    case CURLM_OUT_OF_MEMORY:
+      s = "CURLM_OUT_OF_MEMORY";
+      break;
+    case CURLM_INTERNAL_ERROR:
+      s = "CURLM_INTERNAL_ERROR";
+      break;
+    case CURLM_BAD_SOCKET:
+      s = "CURLM_BAD_SOCKET";
+      break;
+    case CURLM_UNKNOWN_OPTION:
+      s = "CURLM_UNKNOWN_OPTION";
+      break;
+    default:
+      s = "CURLM_unknown";
+      break;
     }
     MSG_OUT("ERROR: %s returns %s\n", where, s);
     exit(code);
diff --git a/lib/http2.c b/lib/http2.c
index 5c8b0cab38..68446d5177 100644
--- a/lib/http2.c
+++ b/lib/http2.c
@@ -716,7 +716,7 @@ static CURLcode http2_send_ping(struct Curl_cfilter *cf,
   if(rc) {
     failf(data, "nghttp2_submit_ping() failed: %s(%d)",
           nghttp2_strerror(rc), rc);
-   return CURLE_HTTP2;
+    return CURLE_HTTP2;
   }
 
   rc = nghttp2_session_send(ctx->h2);
diff --git a/lib/if2ip.h b/lib/if2ip.h
index b33e41aebd..42ec7b033a 100644
--- a/lib/if2ip.h
+++ b/lib/if2ip.h
@@ -62,15 +62,15 @@ struct ifreq {
     char ifrn_name[IFNAMSIZ]; /* if name, e.g. "en0" */
   } ifr_ifrn;
 
- union {
-   struct sockaddr ifru_addr;
-   struct sockaddr ifru_broadaddr;
-   struct sockaddr ifru_netmask;
-   struct sockaddr ifru_hwaddr;
-   short ifru_flags;
-   int ifru_metric;
-   int ifru_mtu;
- } ifr_ifru;
+  union {
+    struct sockaddr ifru_addr;
+    struct sockaddr ifru_broadaddr;
+    struct sockaddr ifru_netmask;
+    struct sockaddr ifru_hwaddr;
+    short ifru_flags;
+    int ifru_metric;
+    int ifru_mtu;
+  } ifr_ifru;
 };
 
 /* This define exists to avoid an extra #ifdef INTERIX in the C code. */
diff --git a/lib/strcase.c b/lib/strcase.c
index ee5b9072c4..78d4dc5b3d 100644
--- a/lib/strcase.c
+++ b/lib/strcase.c
@@ -30,40 +30,42 @@
 
 /* Mapping table to go from lowercase to uppercase for plain ASCII.*/
 static const unsigned char touppermap[256] = {
-0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21,
-22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40,
-41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59,
-60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78,
-79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 65,
-66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84,
-85, 86, 87, 88, 89, 90, 123, 124, 125, 126, 127, 128, 129, 130, 131, 132, 133,
-134, 135, 136, 137, 138, 139, 140, 141, 142, 143, 144, 145, 146, 147, 148, 149,
-150, 151, 152, 153, 154, 155, 156, 157, 158, 159, 160, 161, 162, 163, 164, 165,
-166, 167, 168, 169, 170, 171, 172, 173, 174, 175, 176, 177, 178, 179, 180, 181,
-182, 183, 184, 185, 186, 187, 188, 189, 190, 191, 192, 193, 194, 195, 196, 197,
-198, 199, 200, 201, 202, 203, 204, 205, 206, 207, 208, 209, 210, 211, 212, 213,
-214, 215, 216, 217, 218, 219, 220, 221, 222, 223, 224, 225, 226, 227, 228, 229,
-230, 231, 232, 233, 234, 235, 236, 237, 238, 239, 240, 241, 242, 243, 244, 245,
-246, 247, 248, 249, 250, 251, 252, 253, 254, 255
+  0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21,
+  22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40,
+  41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59,
+  60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78,
+  79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 65,
+  66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84,
+  85, 86, 87, 88, 89, 90, 123, 124, 125, 126, 127, 128, 129, 130, 131, 132,
+  133, 134, 135, 136, 137, 138, 139, 140, 141, 142, 143, 144, 145, 146, 147,
+  148, 149, 150, 151, 152, 153, 154, 155, 156, 157, 158, 159, 160, 161, 162,
+  163, 164, 165, 166, 167, 168, 169, 170, 171, 172, 173, 174, 175, 176, 177,
+  178, 179, 180, 181, 182, 183, 184, 185, 186, 187, 188, 189, 190, 191, 192,
+  193, 194, 195, 196, 197, 198, 199, 200, 201, 202, 203, 204, 205, 206, 207,
+  208, 209, 210, 211, 212, 213, 214, 215, 216, 217, 218, 219, 220, 221, 222,
+  223, 224, 225, 226, 227, 228, 229, 230, 231, 232, 233, 234, 235, 236, 237,
+  238, 239, 240, 241, 242, 243, 244, 245, 246, 247, 248, 249, 250, 251, 252,
+  253, 254, 255
 };
 
 /* Mapping table to go from uppercase to lowercase for plain ASCII.*/
 static const unsigned char tolowermap[256] = {
-0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21,
-22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41,
-42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61,
-62, 63, 64, 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110,
-111, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122, 91, 92, 93, 94, 95,
-96, 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111,
-112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122, 123, 124, 125, 126, 127,
-128, 129, 130, 131, 132, 133, 134, 135, 136, 137, 138, 139, 140, 141, 142, 143,
-144, 145, 146, 147, 148, 149, 150, 151, 152, 153, 154, 155, 156, 157, 158, 159,
-160, 161, 162, 163, 164, 165, 166, 167, 168, 169, 170, 171, 172, 173, 174, 175,
-176, 177, 178, 179, 180, 181, 182, 183, 184, 185, 186, 187, 188, 189, 190, 191,
-192, 193, 194, 195, 196, 197, 198, 199, 200, 201, 202, 203, 204, 205, 206, 207,
-208, 209, 210, 211, 212, 213, 214, 215, 216, 217, 218, 219, 220, 221, 222, 223,
-224, 225, 226, 227, 228, 229, 230, 231, 232, 233, 234, 235, 236, 237, 238, 239,
-240, 241, 242, 243, 244, 245, 246, 247, 248, 249, 250, 251, 252, 253, 254, 255
+  0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21,
+  22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40,
+  41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59,
+  60, 61, 62, 63, 64, 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 107, 108,
+  109, 110, 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122, 91, 92,
+  93, 94, 95, 96, 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 107, 108, 109,
+  110, 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122, 123, 124,
+  125, 126, 127, 128, 129, 130, 131, 132, 133, 134, 135, 136, 137, 138, 139,
+  140, 141, 142, 143, 144, 145, 146, 147, 148, 149, 150, 151, 152, 153, 154,
+  155, 156, 157, 158, 159, 160, 161, 162, 163, 164, 165, 166, 167, 168, 169,
+  170, 171, 172, 173, 174, 175, 176, 177, 178, 179, 180, 181, 182, 183, 184,
+  185, 186, 187, 188, 189, 190, 191, 192, 193, 194, 195, 196, 197, 198, 199,
+  200, 201, 202, 203, 204, 205, 206, 207, 208, 209, 210, 211, 212, 213, 214,
+  215, 216, 217, 218, 219, 220, 221, 222, 223, 224, 225, 226, 227, 228, 229,
+  230, 231, 232, 233, 234, 235, 236, 237, 238, 239, 240, 241, 242, 243, 244,
+  245, 246, 247, 248, 249, 250, 251, 252, 253, 254, 255
 };
 
 
diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index a692ce31c7..4ac6bad016 100644
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -346,7 +346,7 @@ gnutls_set_ssl_version_min_max(struct Curl_easy *data,
     if(ssl_version_max < CURL_SSLVERSION_MAX_TLSv1_3) {
       failf(data, "QUIC needs at least TLS version 1.3");
       return CURLE_SSL_CONNECT_ERROR;
-     }
+    }
     *prioritylist = QUIC_PRIORITY;
     return CURLE_OK;
   }
diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c
index f5302499bd..9a30749959 100644
--- a/lib/vtls/mbedtls.c
+++ b/lib/vtls/mbedtls.c
@@ -1350,6 +1350,7 @@ static CURLcode mbed_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
   if(nread > 0)
     *pnread = (size_t)nread;
   else {
+    char errorbuf[128];
     CURL_TRC_CF(data, cf, "mbedtls_ssl_read(len=%zu) -> -0x%04X",
                 buffersize, -nread);
     switch(nread) {
@@ -1369,14 +1370,12 @@ static CURLcode mbed_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
     case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
       result = CURLE_OK;
       break;
-    default: {
-      char errorbuf[128];
+    default:
       mbedtls_strerror(nread, errorbuf, sizeof(errorbuf));
       failf(data, "ssl_read returned: (-0x%04X) %s", -nread, errorbuf);
       result = CURLE_RECV_ERROR;
       break;
     }
-    }
   }
   return result;
 }
diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c
index 9d6b094ff1..a7883fe08a 100644
--- a/lib/vtls/wolfssl.c
+++ b/lib/vtls/wolfssl.c
@@ -868,9 +868,9 @@ CURLcode Curl_wssl_setup_x509_store(struct Curl_cfilter *cf,
     }
   }
   else {
-   /* We never share the CTX's store, use it. */
-   WOLFSSL_X509_STORE *store = wolfSSL_CTX_get_cert_store(wssl->ssl_ctx);
-   result = wssl_populate_x509_store(cf, data, store, wssl);
+    /* We never share the CTX's store, use it. */
+    WOLFSSL_X509_STORE *store = wolfSSL_CTX_get_cert_store(wssl->ssl_ctx);
+    result = wssl_populate_x509_store(cf, data, store, wssl);
   }
 
   return result;
@@ -1389,8 +1389,8 @@ CURLcode Curl_wssl_ctx_init(struct wssl_ctx *wctx,
         }
       }
       else {
-       trying_ech_now = 1;
-       infof(data, "ECH: ECHConfig from command line");
+        trying_ech_now = 1;
+        infof(data, "ECH: ECHConfig from command line");
       }
     }
     else {
diff --git a/packages/OS400/ccsidcurl.c b/packages/OS400/ccsidcurl.c
index 76b182cf17..b176def67d 100644
--- a/packages/OS400/ccsidcurl.c
+++ b/packages/OS400/ccsidcurl.c
@@ -296,7 +296,7 @@ curl_easy_escape_ccsid(CURL *handle, const char *string, int length,
     /* !checksrc! disable ERRNOVAR 1 */
     errno = EINVAL;
     return (char *) NULL;
-    }
+  }
 
   s = dynconvert(ASCII_CCSID, string, length ? length : -1, sccsid, NULL);
 
@@ -327,7 +327,7 @@ curl_easy_unescape_ccsid(CURL *handle, const char *string, int length,
     /* !checksrc! disable ERRNOVAR 1 */
     errno = EINVAL;
     return (char *) NULL;
-    }
+  }
 
   s = dynconvert(ASCII_CCSID, string, length ? length : -1, sccsid, NULL);
 
@@ -728,7 +728,7 @@ Curl_formadd_convert(struct curl_forms *forms,
   if(l < 0) {
     free(cp);
     return -1;
-    }
+  }
 
   cp2 = realloc(cp, l);         /* Shorten buffer to the string size. */
 
@@ -810,10 +810,10 @@ curl_formadd_ccsid(struct curl_httppost **httppost,
       if(!tforms) {
         result = CURL_FORMADD_MEMORY;
         break;
-        }
+      }
 
       lforms = tforms;
-      }
+    }
 
     /* Get next option. */
 
@@ -823,7 +823,7 @@ curl_formadd_ccsid(struct curl_httppost **httppost,
       option = forms->option;
       value = forms->value;
       forms++;
-      }
+    }
     else {
       /* Get option from arguments. */
 
@@ -845,7 +845,7 @@ curl_formadd_ccsid(struct curl_httppost **httppost,
       if(!forms) {
         forms = va_arg(arg, struct curl_forms *);
         continue;
-        }
+      }
 
       result = CURL_FORMADD_ILLEGAL_ARRAY;
       break;
@@ -862,11 +862,11 @@ curl_formadd_ccsid(struct curl_httppost **httppost,
       if(!forms) {
         value = va_arg(arg, char *);
         nameccsid = (unsigned int) va_arg(arg, long);
-        }
+      }
       else {
         nameccsid = (unsigned int) forms->value;
         forms++;
-        }
+      }
 
       break;
 
@@ -879,11 +879,11 @@ curl_formadd_ccsid(struct curl_httppost **httppost,
       if(!forms) {
         value = va_arg(arg, char *);
         contentccsid = (unsigned int) va_arg(arg, long);
-        }
+      }
       else {
         contentccsid = (unsigned int) forms->value;
         forms++;
-        }
+      }
 
       break;
 
@@ -942,7 +942,7 @@ curl_formadd_ccsid(struct curl_httppost **httppost,
       if(Curl_formadd_convert(lforms, contentx, lengthx, contentccsid) < 0) {
         result = CURL_FORMADD_MEMORY;
         break;
-        }
+      }
 
       contentx = -1;
       lengthx = -1;
@@ -954,16 +954,16 @@ curl_formadd_ccsid(struct curl_httppost **httppost,
       if(!Curl_is_formadd_string(option)) {
         result = CURL_FORMADD_UNKNOWN_OPTION;
         break;
-        }
+      }
 
       if(!forms) {
         value = va_arg(arg, char *);
         ccsid = (unsigned int) va_arg(arg, long);
-        }
+      }
       else {
         ccsid = (unsigned int) forms->value;
         forms++;
-        }
+      }
 
       /* Do the conversion. */
 
@@ -972,17 +972,17 @@ curl_formadd_ccsid(struct curl_httppost **httppost,
       if(Curl_formadd_convert(lforms, nargs, -1, ccsid) < 0) {
         result = CURL_FORMADD_MEMORY;
         break;
-        }
+      }
 
       value = lforms[nargs].value;
-      }
+    }
 
     if(result != CURL_FORMADD_OK)
       break;
 
     lforms[nargs].value = value;
     lforms[nargs++].option = option;
-    }
+  }
 
   va_end(arg);
 
@@ -1047,7 +1047,7 @@ Curl_formget_callback_ccsid(void *arg, const char *buf, size_t len)
   if(l < 0) {
     free(b);
     return (size_t) -1;
-    }
+  }
 
   ret = (*p->append)(p->arg, b, l);
   free(b);
diff --git a/packages/OS400/curlmain.c b/packages/OS400/curlmain.c
index 079b9b0d9d..19328f7c84 100644
--- a/packages/OS400/curlmain.c
+++ b/packages/OS400/curlmain.c
@@ -85,7 +85,7 @@ int main(int argc, char **argv)
 
     /* Reset the shift state. */
     iconv(cd, NULL, &inbytesleft, &outbuf, &outbytesleft);
-   }
+  }
 
   /* Allocate memory for the ASCII arguments and vector. */
   argv = (char **) malloc((argc + 1) * sizeof(*argv) + bytecount);
diff --git a/src/tool_formparse.c b/src/tool_formparse.c
index 004ad6ff4c..1d127a5842 100644
--- a/src/tool_formparse.c
+++ b/src/tool_formparse.c
@@ -116,7 +116,7 @@ static struct tool_mime *tool_mime_new_filedata(struct tool_mime *parent,
         m->data = filedup;
         if(!isremotefile)
           m->kind = TOOLMIME_FILEDATA;
-       *errcode = CURLE_OK;
+        *errcode = CURLE_OK;
       }
     }
   }
diff --git a/src/tool_getparam.c b/src/tool_getparam.c
index 8d5d89a752..b74b73806d 100644
--- a/src/tool_getparam.c
+++ b/src/tool_getparam.c
@@ -1654,15 +1654,15 @@ static ParameterError parse_upload_flags(struct OperationConfig *config,
       }
     }
 
-   if(!map->name) {
-     err = PARAM_OPTION_UNKNOWN;
-     break;
-   }
+    if(!map->name) {
+      err = PARAM_OPTION_UNKNOWN;
+      break;
+    }
 
-   if(next)
-     /* move over the comma */
-     next++;
-   flag = next;
+    if(next)
+      /* move over the comma */
+      next++;
+    flag = next;
   }
 
   return err;
diff --git a/src/tool_getpass.c b/src/tool_getpass.c
index a92fb7594c..a4dea347ef 100644
--- a/src/tool_getpass.c
+++ b/src/tool_getpass.c
@@ -60,15 +60,12 @@ char *getpass_r(const char *prompt, char *buffer, size_t buflen)
   long sts;
   short chan;
 
-  /* MSK, 23-JAN-2004, iosbdef.h was not in VAX V7.2 or CC 6.4  */
-  /* distribution so I created this. May revert back later to */
-  /* struct _iosb iosb;                                        */
-  struct _iosb
-     {
-     short int iosb$w_status; /* status     */
-     short int iosb$w_bcnt;   /* byte count */
-     int       unused;        /* unused     */
-     } iosb;
+  /* iosbdef.h was not in VAX V7.2 or CC 6.4  */
+  struct _isb {
+    short int iosb$w_status; /* status     */
+    short int iosb$w_bcnt;   /* byte count */
+    int unused;              /* unused     */
+  } iosb;
 
   $DESCRIPTOR(ttdesc, "TT");
 
diff --git a/tests/unit/unit1603.c b/tests/unit/unit1603.c
index d59b458d57..b4ec152936 100644
--- a/tests/unit/unit1603.c
+++ b/tests/unit/unit1603.c
@@ -32,7 +32,7 @@ static const size_t slots = 3;
 static void t1603_mydtor(void *p)
 {
   /* Data are statically allocated */
- (void)p;
+  (void)p;
 }
 
 static size_t elem_dtor_calls;
diff --git a/tests/unit/unit1651.c b/tests/unit/unit1651.c
index 5ebce7aabd..a038caacbd 100644
--- a/tests/unit/unit1651.c
+++ b/tests/unit/unit1651.c
@@ -32,7 +32,8 @@ static CURLcode test_unit1651(const char *arg)
 #if defined(USE_GNUTLS) || defined(USE_SCHANNEL)
 
   /* cert captured from gdb when connecting to curl.se on October 26
-     2018 */
+     2018.
+     !checksrc! disable CLOSEBRACE 1 */
   static unsigned char cert[] = {
   0x30, 0x82, 0x0F, 0x5B, 0x30, 0x82, 0x0E, 0x43, 0xA0, 0x03, 0x02, 0x01, 0x02,
   0x02, 0x0C, 0x08, 0x77, 0x99, 0x2C, 0x6B, 0x67, 0xE1, 0x18, 0xD6, 0x66, 0x66,
diff --git a/tests/unit/unit1656.c b/tests/unit/unit1656.c
index 520a430fe9..98e25b7c22 100644
--- a/tests/unit/unit1656.c
+++ b/tests/unit/unit1656.c
@@ -61,32 +61,34 @@ static CURLcode test_unit1656(const char *arg)
   UNITTEST_BEGIN_SIMPLE
 
   static const struct test_spec test_specs[] = {
-  { "190321134340", "1903-21-13 43:40:00", CURLE_OK },
-  { "", NULL, CURLE_BAD_FUNCTION_ARGUMENT },
-  { "WTF", NULL, CURLE_BAD_FUNCTION_ARGUMENT },
-  { "0WTF", NULL, CURLE_BAD_FUNCTION_ARGUMENT },
-  { "19032113434", NULL, CURLE_BAD_FUNCTION_ARGUMENT },
-  { "19032113434WTF", NULL, CURLE_BAD_FUNCTION_ARGUMENT },
-  { "190321134340.", NULL, CURLE_BAD_FUNCTION_ARGUMENT },
-  { "190321134340.1", "1903-21-13 43:40:00.1", CURLE_OK },
-  { "19032113434017.0", "1903-21-13 43:40:17", CURLE_OK },
-  { "19032113434017.01", "1903-21-13 43:40:17.01", CURLE_OK },
-  { "19032113434003.001", "1903-21-13 43:40:03.001", CURLE_OK },
-  { "19032113434003.090", "1903-21-13 43:40:03.09", CURLE_OK },
-  { "190321134340Z", "1903-21-13 43:40:00 GMT", CURLE_OK },
-  { "19032113434017.0Z", "1903-21-13 43:40:17 GMT", CURLE_OK },
-  { "19032113434017.01Z", "1903-21-13 43:40:17.01 GMT", CURLE_OK },
-  { "19032113434003.001Z", "1903-21-13 43:40:03.001 GMT", CURLE_OK },
-  { "19032113434003.090Z", "1903-21-13 43:40:03.09 GMT", CURLE_OK },
-  { "190321134340CET", "1903-21-13 43:40:00 CET", CURLE_OK },
-  { "19032113434017.0CET", "1903-21-13 43:40:17 CET", CURLE_OK },
-  { "19032113434017.01CET", "1903-21-13 43:40:17.01 CET", CURLE_OK },
-  { "190321134340+02:30", "1903-21-13 43:40:00 UTC+02:30", CURLE_OK },
-  { "19032113434017.0+02:30", "1903-21-13 43:40:17 UTC+02:30", CURLE_OK },
-  { "19032113434017.01+02:30", "1903-21-13 43:40:17.01 UTC+02:30", CURLE_OK },
-  { "190321134340-3", "1903-21-13 43:40:00 UTC-3", CURLE_OK },
-  { "19032113434017.0-04", "1903-21-13 43:40:17 UTC-04", CURLE_OK },
-  { "19032113434017.01-01:10", "1903-21-13 43:40:17.01 UTC-01:10", CURLE_OK },
+    { "190321134340", "1903-21-13 43:40:00", CURLE_OK },
+    { "", NULL, CURLE_BAD_FUNCTION_ARGUMENT },
+    { "WTF", NULL, CURLE_BAD_FUNCTION_ARGUMENT },
+    { "0WTF", NULL, CURLE_BAD_FUNCTION_ARGUMENT },
+    { "19032113434", NULL, CURLE_BAD_FUNCTION_ARGUMENT },
+    { "19032113434WTF", NULL, CURLE_BAD_FUNCTION_ARGUMENT },
+    { "190321134340.", NULL, CURLE_BAD_FUNCTION_ARGUMENT },
+    { "190321134340.1", "1903-21-13 43:40:00.1", CURLE_OK },
+    { "19032113434017.0", "1903-21-13 43:40:17", CURLE_OK },
+    { "19032113434017.01", "1903-21-13 43:40:17.01", CURLE_OK },
+    { "19032113434003.001", "1903-21-13 43:40:03.001", CURLE_OK },
+    { "19032113434003.090", "1903-21-13 43:40:03.09", CURLE_OK },
+    { "190321134340Z", "1903-21-13 43:40:00 GMT", CURLE_OK },
+    { "19032113434017.0Z", "1903-21-13 43:40:17 GMT", CURLE_OK },
+    { "19032113434017.01Z", "1903-21-13 43:40:17.01 GMT", CURLE_OK },
+    { "19032113434003.001Z", "1903-21-13 43:40:03.001 GMT", CURLE_OK },
+    { "19032113434003.090Z", "1903-21-13 43:40:03.09 GMT", CURLE_OK },
+    { "190321134340CET", "1903-21-13 43:40:00 CET", CURLE_OK },
+    { "19032113434017.0CET", "1903-21-13 43:40:17 CET", CURLE_OK },
+    { "19032113434017.01CET", "1903-21-13 43:40:17.01 CET", CURLE_OK },
+    { "190321134340+02:30", "1903-21-13 43:40:00 UTC+02:30", CURLE_OK },
+    { "19032113434017.0+02:30", "1903-21-13 43:40:17 UTC+02:30", CURLE_OK },
+    { "19032113434017.01+02:30", "1903-21-13 43:40:17.01 UTC+02:30",
+      CURLE_OK },
+    { "190321134340-3", "1903-21-13 43:40:00 UTC-3", CURLE_OK },
+    { "19032113434017.0-04", "1903-21-13 43:40:17 UTC-04", CURLE_OK },
+    { "19032113434017.01-01:10", "1903-21-13 43:40:17.01 UTC-01:10",
+      CURLE_OK },
   };
 
   size_t i;
diff --git a/tests/unit/unit1660.c b/tests/unit/unit1660.c
index e74285d74e..cbb7820215 100644
--- a/tests/unit/unit1660.c
+++ b/tests/unit/unit1660.c
@@ -58,56 +58,56 @@ static CURLcode test_unit1660(const char *arg)
   };
 
   static const struct testit headers[] = {
-  /* two entries read from disk cache, verify first */
-  { "-", "readfrom.example", NULL, CURLE_OK},
-  { "-", "old.example", NULL, CURLE_OK},
-  /* delete the remaining one read from disk */
-  { "readfrom.example", NULL, "max-age=\"0\"", CURLE_OK},
+    /* two entries read from disk cache, verify first */
+    { "-", "readfrom.example", NULL, CURLE_OK},
+    { "-", "old.example", NULL, CURLE_OK},
+    /* delete the remaining one read from disk */
+    { "readfrom.example", NULL, "max-age=\"0\"", CURLE_OK},
 
-  { "example.com", NULL, "max-age=\"31536000\"\r\n", CURLE_OK },
-  { "example.com", NULL, "max-age=\"21536000\"\r\n", CURLE_OK },
-  { "example.com", NULL, "max-age=\"21536000\"; \r\n", CURLE_OK },
-  { "example.com", NULL, "max-age=\"21536000\"; includeSubDomains\r\n",
-    CURLE_OK },
-  { "example.org", NULL, "max-age=\"31536000\"\r\n", CURLE_OK },
-  { "this.example", NULL, "max=\"31536\";", CURLE_BAD_FUNCTION_ARGUMENT },
-  { "this.example", NULL, "max-age=\"31536", CURLE_BAD_FUNCTION_ARGUMENT },
-  { "this.example", NULL, "max-age=31536\"", CURLE_OK },
-  /* max-age=0 removes the entry */
-  { "this.example", NULL, "max-age=0", CURLE_OK },
-  { "another.example", NULL, "includeSubDomains; ",
-    CURLE_BAD_FUNCTION_ARGUMENT },
+    { "example.com", NULL, "max-age=\"31536000\"\r\n", CURLE_OK },
+    { "example.com", NULL, "max-age=\"21536000\"\r\n", CURLE_OK },
+    { "example.com", NULL, "max-age=\"21536000\"; \r\n", CURLE_OK },
+    { "example.com", NULL, "max-age=\"21536000\"; includeSubDomains\r\n",
+      CURLE_OK },
+    { "example.org", NULL, "max-age=\"31536000\"\r\n", CURLE_OK },
+    { "this.example", NULL, "max=\"31536\";", CURLE_BAD_FUNCTION_ARGUMENT },
+    { "this.example", NULL, "max-age=\"31536", CURLE_BAD_FUNCTION_ARGUMENT },
+    { "this.example", NULL, "max-age=31536\"", CURLE_OK },
+    /* max-age=0 removes the entry */
+    { "this.example", NULL, "max-age=0", CURLE_OK },
+    { "another.example", NULL, "includeSubDomains; ",
+      CURLE_BAD_FUNCTION_ARGUMENT },
 
-  /* Two max-age is illegal */
-  { "example.com", NULL,
-    "max-age=\"21536000\"; includeSubDomains; max-age=\"3\";",
-    CURLE_BAD_FUNCTION_ARGUMENT },
-  /* Two includeSubDomains is illegal */
-  { "2.example.com", NULL,
-    "max-age=\"21536000\"; includeSubDomains; includeSubDomains;",
-    CURLE_BAD_FUNCTION_ARGUMENT },
-  /* use an unknown directive "include" that should be ignored */
-  { "3.example.com", NULL, "max-age=\"21536000\"; include; includeSubDomains;",
-    CURLE_OK },
-  /* remove the "3.example.com" one, should still match the example.com */
-  { "3.example.com", NULL, "max-age=\"0\"; includeSubDomains;",
-    CURLE_OK },
-  { "-", "foo.example.com", NULL, CURLE_OK},
-  { "-", "foo.xample.com", NULL, CURLE_OK},
+    /* Two max-age is illegal */
+    { "example.com", NULL,
+      "max-age=\"21536000\"; includeSubDomains; max-age=\"3\";",
+      CURLE_BAD_FUNCTION_ARGUMENT },
+    /* Two includeSubDomains is illegal */
+    { "2.example.com", NULL,
+      "max-age=\"21536000\"; includeSubDomains; includeSubDomains;",
+      CURLE_BAD_FUNCTION_ARGUMENT },
+    /* use an unknown directive "include" that should be ignored */
+    { "3.example.com", NULL,
+      "max-age=\"21536000\"; include; includeSubDomains;", CURLE_OK },
+    /* remove the "3.example.com" one, should still match the example.com */
+    { "3.example.com", NULL, "max-age=\"0\"; includeSubDomains;",
+      CURLE_OK },
+    { "-", "foo.example.com", NULL, CURLE_OK},
+    { "-", "foo.xample.com", NULL, CURLE_OK},
 
-  /* should not match */
-  { "example.net", "forexample.net", "max-age=\"31536000\"\r\n", CURLE_OK },
+    /* should not match */
+    { "example.net", "forexample.net", "max-age=\"31536000\"\r\n", CURLE_OK },
 
-  /* should not match either, since forexample.net is not in the example.net
-     domain */
-  { "example.net", "forexample.net",
-    "max-age=\"31536000\"; includeSubDomains\r\n", CURLE_OK },
-  /* remove example.net again */
-  { "example.net", NULL, "max-age=\"0\"; includeSubDomains\r\n", CURLE_OK },
+    /* should not match either, since forexample.net is not in the example.net
+       domain */
+    { "example.net", "forexample.net",
+      "max-age=\"31536000\"; includeSubDomains\r\n", CURLE_OK },
+    /* remove example.net again */
+    { "example.net", NULL, "max-age=\"0\"; includeSubDomains\r\n", CURLE_OK },
 
-  /* make this live for 7 seconds */
-  { "expire.example", NULL, "max-age=\"7\"\r\n", CURLE_OK },
-  { NULL, NULL, NULL, CURLE_OK }
+    /* make this live for 7 seconds */
+    { "expire.example", NULL, "max-age=\"7\"\r\n", CURLE_OK },
+    { NULL, NULL, NULL, CURLE_OK }
   };
 
   CURLcode result;

From 42098d1ee6874aa6a69b051e41e2a6d96ad30ffa Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 11 Nov 2025 15:52:33 +0100
Subject: [PATCH 0841/2408] checksrc: verify close brace indent level

Closes #19512
---
 scripts/checksrc.pl | 16 ++++++++++++++++
 tests/data/test1185 | 43 ++++++++++++++++++++++++-------------------
 2 files changed, 40 insertions(+), 19 deletions(-)

diff --git a/scripts/checksrc.pl b/scripts/checksrc.pl
index caf60e1c4d..4224934a5e 100755
--- a/scripts/checksrc.pl
+++ b/scripts/checksrc.pl
@@ -126,6 +126,7 @@ my %warnings = (
     'BRACEPOS'              => 'wrong position for an open brace',
     'BRACEWHILE'            => 'A single space between open brace and while',
     'COMMANOSPACE'          => 'comma without following space',
+    "CLOSEBRACE"            => 'close brace indent level vs line above is off',
     'COMMENTNOSPACEEND'     => 'no space before */',
     'COMMENTNOSPACESTART'   => 'no space following /*',
     'COPYRIGHT'             => 'file missing a copyright statement',
@@ -880,6 +881,21 @@ sub scanfile {
             }
         }
 
+        # when the line starts with a brace
+        if($l =~ /^( *)\}/) {
+            my $tlen = length($1);
+            if($prevl =~ /^( *)(.)/) {
+                my $plen = length($1);
+                my $firstc = $2;
+                # skips the check if the previous line starts with a close
+                # brace since we see the occasional legit use of that oddity
+                if(($tlen + $indent) > $plen && ($firstc ne "}")) {
+                    checkwarn("CLOSEBRACE",
+                              $line, $plen, $file, $prevl,
+                              "Suspicious close brace indentation");
+                }
+            }
+        }
         # check for "} else"
         if($l =~ /^(.*)\} *else/) {
             checkwarn("BRACEELSE",
diff --git a/tests/data/test1185 b/tests/data/test1185
index 26852a6418..5571888aae 100644
--- a/tests/data/test1185
+++ b/tests/data/test1185
@@ -65,6 +65,8 @@ void startfunc(int a, int b) {
  int foo = bar;
  int foo = bar;foo++;
  for(;;)  {
+    moo();
+  moo();
  }
 
  int a = sizeof int;
@@ -156,52 +158,55 @@ void startfunc(int a, int b) {
 ./%LOGDIR/code1185.c:49:10: warning: multiple spaces (MULTISPACE)
   for(;;)  {
           ^
-./%LOGDIR/code1185.c:50:2: warning: not indented 2 steps (uses 0) (INDENTATION)
-  }
-  ^
-./%LOGDIR/code1185.c:52:16: warning: sizeof without parenthesis (SIZEOFNOPAREN)
+./%LOGDIR/code1185.c:50:5: warning: not indented 2 steps (uses 3) (INDENTATION)
+     moo();
+     ^
+./%LOGDIR/code1185.c:52:3: warning: Suspicious close brace indentation (CLOSEBRACE)
+   moo();
+   ^
+./%LOGDIR/code1185.c:54:16: warning: sizeof without parenthesis (SIZEOFNOPAREN)
   int a = sizeof int;
                 ^
-./%LOGDIR/code1185.c:53:10: warning: use of magicbad is banned (BANNEDFUNC)
+./%LOGDIR/code1185.c:55:10: warning: use of magicbad is banned (BANNEDFUNC)
   int a = magicbad(buffer, alsobad(buffer), "%d", 99);
           ^
-./%LOGDIR/code1185.c:53:27: warning: use of alsobad is banned (BANNEDFUNC)
+./%LOGDIR/code1185.c:55:27: warning: use of alsobad is banned (BANNEDFUNC)
   int a = magicbad(buffer, alsobad(buffer), "%d", 99);
                            ^
-./%LOGDIR/code1185.c:54:21: warning: missing space before colon (NOSPACEC)
+./%LOGDIR/code1185.c:56:21: warning: missing space before colon (NOSPACEC)
   int moo = hej?wrong:a>b;
                      ^
-./%LOGDIR/code1185.c:54:22: warning: missing space after colon (NOSPACEC)
+./%LOGDIR/code1185.c:56:22: warning: missing space after colon (NOSPACEC)
   int moo = hej?wrong:a>b;
                       ^
-./%LOGDIR/code1185.c:54:15: warning: missing space before question mark (NOSPACEQ)
+./%LOGDIR/code1185.c:56:15: warning: missing space before question mark (NOSPACEQ)
   int moo = hej?wrong:a>b;
                ^
-./%LOGDIR/code1185.c:54:16: warning: missing space after question mark (NOSPACEQ)
+./%LOGDIR/code1185.c:56:16: warning: missing space after question mark (NOSPACEQ)
   int moo = hej?wrong:a>b;
                 ^
-./%LOGDIR/code1185.c:54:23: warning: missing space before less or greater than (NOSPACETHAN)
+./%LOGDIR/code1185.c:56:23: warning: missing space before less or greater than (NOSPACETHAN)
   int moo = hej?wrong:a>b;
                        ^
-./%LOGDIR/code1185.c:54:23: warning: missing space after less or greater than (NOSPACETHAN)
+./%LOGDIR/code1185.c:56:23: warning: missing space after less or greater than (NOSPACETHAN)
   int moo = hej?wrong:a>b;
                        ^
-./%LOGDIR/code1185.c:55:23: warning: missing space before less or greater than (NOSPACETHAN)
+./%LOGDIR/code1185.c:57:23: warning: missing space before less or greater than (NOSPACETHAN)
   int moo2 = wrong2:(a)>(b);
                        ^
-./%LOGDIR/code1185.c:55:23: warning: missing space after less or greater than (NOSPACETHAN)
+./%LOGDIR/code1185.c:57:23: warning: missing space after less or greater than (NOSPACETHAN)
   int moo2 = wrong2:(a)>(b);
                        ^
-./%LOGDIR/code1185.c:57:7: warning: conditional block on the same line (ONELINECONDITION)
+./%LOGDIR/code1185.c:59:7: warning: conditional block on the same line (ONELINECONDITION)
   if(a) b++;
        ^
-./%LOGDIR/code1185.c:59:5: warning: use of sprintf is banned (BANNEDFUNC)
+./%LOGDIR/code1185.c:61:5: warning: use of sprintf is banned (BANNEDFUNC)
   if(sprintf(buffer, "%s", moo)) {}
      ^
-./%LOGDIR/code1185.c:60:25: warning: use of alsobad is banned (BANNEDFUNC)
+./%LOGDIR/code1185.c:62:25: warning: use of alsobad is banned (BANNEDFUNC)
   *buffer_len = (ssize_t)alsobad((char *)buffer, NULL, 16);
                          ^
-./%LOGDIR/code1185.c:62:2: warning: // comment (CPPCOMMENTS)
+./%LOGDIR/code1185.c:64:2: warning: // comment (CPPCOMMENTS)
   // CPP comment ?
   ^
 ./%LOGDIR/code1185.c:1:1: error: Missing copyright statement (COPYRIGHT)
@@ -210,7 +215,7 @@ void startfunc(int a, int b) {
 ./%LOGDIR/code1185.c:1:1: error: Missing closing comment (OPENCOMMENT)
 %SP
  ^
-checksrc: 0 errors and 41 warnings
+checksrc: 0 errors and 42 warnings
 
 
 5

From e3e0559ed26fbc0bac193e5a815c0990fdb48175 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Thu, 13 Nov 2025 22:24:32 +0100
Subject: [PATCH 0842/2408] config2setopts: exit if curl_url_set() fails on OOM

An error case that previously did not properly return error.

Closes #19517
---
 src/config2setopts.c | 44 ++++++++++++++++++++++++--------------------
 1 file changed, 24 insertions(+), 20 deletions(-)

diff --git a/src/config2setopts.c b/src/config2setopts.c
index 929123cfbf..57e7a73376 100644
--- a/src/config2setopts.c
+++ b/src/config2setopts.c
@@ -137,30 +137,34 @@ static CURLcode url_proto_and_rewrite(char **url,
   DEBUGASSERT(url && *url);
   if(uh) {
     char *schemep = NULL;
-    if(!curl_url_set(uh, CURLUPART_URL, *url,
-                     CURLU_GUESS_SCHEME | CURLU_NON_SUPPORT_SCHEME) &&
-       !curl_url_get(uh, CURLUPART_SCHEME, &schemep,
-                     CURLU_DEFAULT_SCHEME)) {
+    CURLUcode uc =
+      curl_url_set(uh, CURLUPART_URL, *url,
+                   CURLU_GUESS_SCHEME | CURLU_NON_SUPPORT_SCHEME);
+    if(!uc) {
+      if(!curl_url_get(uh, CURLUPART_SCHEME, &schemep,
+                       CURLU_DEFAULT_SCHEME)) {
 #ifdef CURL_DISABLE_IPFS
-      (void)config;
+        (void)config;
 #else
-      if(curl_strequal(schemep, proto_ipfs) ||
-         curl_strequal(schemep, proto_ipns)) {
-        result = ipfs_url_rewrite(uh, schemep, url, config);
-        /* short-circuit proto_token, we know it is ipfs or ipns */
-        if(curl_strequal(schemep, proto_ipfs))
-          proto = proto_ipfs;
-        else if(curl_strequal(schemep, proto_ipns))
-          proto = proto_ipns;
-        if(result)
-          config->synthetic_error = TRUE;
-      }
-      else
+        if(curl_strequal(schemep, proto_ipfs) ||
+           curl_strequal(schemep, proto_ipns)) {
+          result = ipfs_url_rewrite(uh, schemep, url, config);
+          /* short-circuit proto_token, we know it is ipfs or ipns */
+          if(curl_strequal(schemep, proto_ipfs))
+            proto = proto_ipfs;
+          else if(curl_strequal(schemep, proto_ipns))
+            proto = proto_ipns;
+          if(result)
+            config->synthetic_error = TRUE;
+        }
+        else
 #endif /* !CURL_DISABLE_IPFS */
-        proto = proto_token(schemep);
-
-      curl_free(schemep);
+          proto = proto_token(schemep);
+        curl_free(schemep);
+      }
     }
+    else if(uc == CURLUE_OUT_OF_MEMORY)
+      result = CURLE_OUT_OF_MEMORY;
     curl_url_cleanup(uh);
   }
   else

From 96500f466ef9abb3a416f8e0cc65de7fa0669217 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 13 Nov 2025 20:31:51 +0100
Subject: [PATCH 0843/2408] tidy-up: result code variable names in tests and
 examples

Sync outliers with the rest of the code.

Also:
- return error in some failed init cases, instead of `CURLE_OK`:
  1908, 1910, 1913, 2082, 3010
- lib1541: delete unused struct member.

Closes #19515
---
 docs/examples/sftpuploadresume.c       |  21 +++--
 docs/examples/websocket-updown.c       |   9 +-
 tests/libtest/cli_h2_pausing.c         |  26 +++---
 tests/libtest/cli_h2_serverpush.c      |  10 +--
 tests/libtest/cli_h2_upgrade_extreme.c |   6 +-
 tests/libtest/cli_hx_download.c        |  32 +++----
 tests/libtest/cli_hx_upload.c          |  16 ++--
 tests/libtest/cli_tls_session_reuse.c  |  10 +--
 tests/libtest/cli_upload_pausing.c     |  18 ++--
 tests/libtest/cli_ws_data.c            |   8 +-
 tests/libtest/cli_ws_pingpong.c        |  12 +--
 tests/libtest/first.c                  |  32 ++++---
 tests/libtest/lib1156.c                |   6 +-
 tests/libtest/lib1485.c                |  20 ++---
 tests/libtest/lib1523.c                |  18 ++--
 tests/libtest/lib1541.c                |   1 -
 tests/libtest/lib1568.c                |  10 +--
 tests/libtest/lib1908.c                |  10 +--
 tests/libtest/lib1910.c                |   6 +-
 tests/libtest/lib1911.c                |   8 +-
 tests/libtest/lib1913.c                |   6 +-
 tests/libtest/lib2082.c                |  13 +--
 tests/libtest/lib2301.c                |   6 +-
 tests/libtest/lib2304.c                |   6 +-
 tests/libtest/lib3010.c                |  16 ++--
 tests/libtest/lib3207.c                |  10 +--
 tests/unit/unit1606.c                  |   6 +-
 tests/unit/unit1651.c                  |   6 +-
 tests/unit/unit1654.c                  | 112 ++++++++++++-------------
 tests/unit/unit1656.c                  |  12 +--
 tests/unit/unit1657.c                  |  16 ++--
 tests/unit/unit1658.c                  |  10 +--
 tests/unit/unit1660.c                  |  14 ++--
 tests/unit/unit1661.c                  |   6 +-
 tests/unit/unit2600.c                  |  26 +++---
 tests/unit/unit2601.c                  |  56 ++++++-------
 tests/unit/unit2602.c                  |  16 ++--
 tests/unit/unit2604.c                  |  12 +--
 tests/unit/unit2605.c                  |  14 ++--
 tests/unit/unit3200.c                  |  48 +++++------
 40 files changed, 342 insertions(+), 348 deletions(-)

diff --git a/docs/examples/sftpuploadresume.c b/docs/examples/sftpuploadresume.c
index c15d103b5f..cb5d1cf33e 100644
--- a/docs/examples/sftpuploadresume.c
+++ b/docs/examples/sftpuploadresume.c
@@ -53,7 +53,7 @@ static curl_off_t sftpGetRemoteFileSize(const char *i_remoteFile)
   CURL *curl = curl_easy_init();
 
   if(curl) {
-    CURLcode result;
+    CURLcode res;
 
     curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
 
@@ -63,12 +63,11 @@ static curl_off_t sftpGetRemoteFileSize(const char *i_remoteFile)
     curl_easy_setopt(curl, CURLOPT_HEADER, 1L);
     curl_easy_setopt(curl, CURLOPT_FILETIME, 1L);
 
-    result = curl_easy_perform(curl);
-    if(CURLE_OK == result) {
-      result = curl_easy_getinfo(curl,
-                                 CURLINFO_CONTENT_LENGTH_DOWNLOAD_T,
-                                 &remoteFileSizeByte);
-      if(result)
+    res = curl_easy_perform(curl);
+    if(CURLE_OK == res) {
+      res = curl_easy_getinfo(curl, CURLINFO_CONTENT_LENGTH_DOWNLOAD_T,
+                              &remoteFileSizeByte);
+      if(res)
         return -1;
       printf("filesize: %" CURL_FORMAT_CURL_OFF_T "\n", remoteFileSizeByte);
     }
@@ -83,7 +82,7 @@ static int sftpResumeUpload(CURL *curl, const char *remotepath,
                             const char *localpath)
 {
   FILE *f = NULL;
-  CURLcode result = CURLE_GOT_NOTHING;
+  CURLcode res = CURLE_GOT_NOTHING;
 
   curl_off_t remoteFileSizeByte = sftpGetRemoteFileSize(remotepath);
   if(remoteFileSizeByte == -1) {
@@ -110,14 +109,14 @@ static int sftpResumeUpload(CURL *curl, const char *remotepath,
   fseek(f, (long)remoteFileSizeByte, SEEK_SET);
 #endif
   curl_easy_setopt(curl, CURLOPT_APPEND, 1L);
-  result = curl_easy_perform(curl);
+  res = curl_easy_perform(curl);
 
   fclose(f);
 
-  if(result == CURLE_OK)
+  if(res == CURLE_OK)
     return 1;
   else {
-    fprintf(stderr, "%s\n", curl_easy_strerror(result));
+    fprintf(stderr, "%s\n", curl_easy_strerror(res));
     return 0;
   }
 }
diff --git a/docs/examples/websocket-updown.c b/docs/examples/websocket-updown.c
index 88d7b6e6e9..87f7aea287 100644
--- a/docs/examples/websocket-updown.c
+++ b/docs/examples/websocket-updown.c
@@ -60,15 +60,14 @@ static size_t read_cb(char *buf, size_t nitems, size_t buflen, void *p)
   struct read_ctx *ctx = p;
   size_t len = nitems * buflen;
   size_t left = ctx->blen - ctx->nsent;
-  CURLcode result;
+  CURLcode res;
 
   if(!ctx->nsent) {
     /* On first call, set the FRAME information to be used (it defaults
      * to CURLWS_BINARY otherwise). */
-    result = curl_ws_start_frame(ctx->curl, CURLWS_TEXT,
-                                 (curl_off_t)ctx->blen);
-    if(result) {
-      fprintf(stderr, "error starting frame: %d\n", result);
+    res = curl_ws_start_frame(ctx->curl, CURLWS_TEXT, (curl_off_t)ctx->blen);
+    if(res) {
+      fprintf(stderr, "error starting frame: %d\n", res);
       return CURL_READFUNC_ABORT;
     }
   }
diff --git a/tests/libtest/cli_h2_pausing.c b/tests/libtest/cli_h2_pausing.c
index 692b0a3211..0f06dadd52 100644
--- a/tests/libtest/cli_h2_pausing.c
+++ b/tests/libtest/cli_h2_pausing.c
@@ -88,7 +88,7 @@ static CURLcode test_cli_h2_pausing(const char *URL)
   size_t i;
   CURLMsg *msg;
   int rounds = 0;
-  CURLcode result = CURLE_OK;
+  CURLcode res = CURLE_OK;
   CURLU *cu;
   struct curl_slist *resolve = NULL;
   char resolve_buf[1024];
@@ -145,22 +145,22 @@ static CURLcode test_cli_h2_pausing(const char *URL)
   cu = curl_url();
   if(!cu) {
     curl_mfprintf(stderr, "out of memory\n");
-    result = (CURLcode)1;
+    res = (CURLcode)1;
     goto cleanup;
   }
   if(curl_url_set(cu, CURLUPART_URL, url, 0)) {
     curl_mfprintf(stderr, "not a URL: '%s'\n", url);
-    result = (CURLcode)1;
+    res = (CURLcode)1;
     goto cleanup;
   }
   if(curl_url_get(cu, CURLUPART_HOST, &host, 0)) {
     curl_mfprintf(stderr, "could not get host of '%s'\n", url);
-    result = (CURLcode)1;
+    res = (CURLcode)1;
     goto cleanup;
   }
   if(curl_url_get(cu, CURLUPART_PORT, &port, 0)) {
     curl_mfprintf(stderr, "could not get port of '%s'\n", url);
-    result = (CURLcode)1;
+    res = (CURLcode)1;
     goto cleanup;
   }
   memset(&resolve, 0, sizeof(resolve));
@@ -192,7 +192,7 @@ static CURLcode test_cli_h2_pausing(const char *URL)
       curl_easy_setopt(handles[i].curl, CURLOPT_PIPEWAIT, 1L) != CURLE_OK ||
       curl_easy_setopt(handles[i].curl, CURLOPT_URL, url) != CURLE_OK) {
       curl_mfprintf(stderr, "failed configuring easy handle - bailing out\n");
-      result = (CURLcode)2;
+      res = (CURLcode)2;
       goto cleanup;
     }
     curl_easy_setopt(handles[i].curl, CURLOPT_HTTP_VERSION, http_version);
@@ -201,14 +201,14 @@ static CURLcode test_cli_h2_pausing(const char *URL)
   multi = curl_multi_init();
   if(!multi) {
     curl_mfprintf(stderr, "curl_multi_init() failed - bailing out\n");
-    result = (CURLcode)2;
+    res = (CURLcode)2;
     goto cleanup;
   }
 
   for(i = 0; i < CURL_ARRAYSIZE(handles); i++) {
     if(curl_multi_add_handle(multi, handles[i].curl) != CURLM_OK) {
       curl_mfprintf(stderr, "curl_multi_add_handle() failed - bailing out\n");
-      result = (CURLcode)2;
+      res = (CURLcode)2;
       goto cleanup;
     }
   }
@@ -217,7 +217,7 @@ static CURLcode test_cli_h2_pausing(const char *URL)
     curl_mfprintf(stderr, "INFO: multi_perform round %d\n", rounds);
     if(curl_multi_perform(multi, &still_running) != CURLM_OK) {
       curl_mfprintf(stderr, "curl_multi_perform() failed - bailing out\n");
-      result = (CURLcode)2;
+      res = (CURLcode)2;
       goto cleanup;
     }
 
@@ -247,14 +247,14 @@ static CURLcode test_cli_h2_pausing(const char *URL)
       if(!as_expected) {
         curl_mfprintf(stderr, "ERROR: handles not in expected state "
                       "after %d rounds\n", rounds);
-        result = (CURLcode)1;
+        res = (CURLcode)1;
       }
       break;
     }
 
     if(curl_multi_poll(multi, NULL, 0, 100, &numfds) != CURLM_OK) {
       curl_mfprintf(stderr, "curl_multi_poll() failed - bailing out\n");
-      result = (CURLcode)2;
+      res = (CURLcode)2;
       goto cleanup;
     }
 
@@ -268,7 +268,7 @@ static CURLcode test_cli_h2_pausing(const char *URL)
                             "resumed=%d, result %d - wtf?\n", i,
                             handles[i].paused,
                             handles[i].resumed, msg->data.result);
-              result = (CURLcode)1;
+              res = (CURLcode)1;
               goto cleanup;
             }
           }
@@ -314,5 +314,5 @@ cleanup:
   curl_multi_cleanup(multi);
   curl_global_cleanup();
 
-  return result;
+  return res;
 }
diff --git a/tests/libtest/cli_h2_serverpush.c b/tests/libtest/cli_h2_serverpush.c
index 6936b3b0d6..ad3ae4f914 100644
--- a/tests/libtest/cli_h2_serverpush.c
+++ b/tests/libtest/cli_h2_serverpush.c
@@ -109,7 +109,7 @@ static CURLcode test_cli_h2_serverpush(const char *URL)
   CURL *curl = NULL;
   CURLM *multi;
   int transfers = 1; /* we start with one */
-  CURLcode result = CURLE_OK;
+  CURLcode res = CURLE_OK;
 
   debug_config.nohex = TRUE;
   debug_config.tracetime = FALSE;
@@ -126,19 +126,19 @@ static CURLcode test_cli_h2_serverpush(const char *URL)
 
   multi = curl_multi_init();
   if(!multi) {
-    result = (CURLcode)1;
+    res = (CURLcode)1;
     goto cleanup;
   }
 
   curl = curl_easy_init();
   if(!curl) {
-    result = (CURLcode)1;
+    res = (CURLcode)1;
     goto cleanup;
   }
 
   if(setup_h2_serverpush(curl, URL)) {
     curl_mfprintf(stderr, "failed\n");
-    result = (CURLcode)1;
+    res = (CURLcode)1;
     goto cleanup;
   }
 
@@ -189,5 +189,5 @@ cleanup:
 
   curl_global_cleanup();
 
-  return result;
+  return res;
 }
diff --git a/tests/libtest/cli_h2_upgrade_extreme.c b/tests/libtest/cli_h2_upgrade_extreme.c
index eb05493800..b5c6c31b1b 100644
--- a/tests/libtest/cli_h2_upgrade_extreme.c
+++ b/tests/libtest/cli_h2_upgrade_extreme.c
@@ -43,7 +43,7 @@ static CURLcode test_cli_h2_upgrade_extreme(const char *URL)
   CURLMsg *msg;
   int msgs_in_queue;
   char range[128];
-  CURLcode result = (CURLcode)1;
+  CURLcode res = (CURLcode)1;
 
   if(!URL) {
     curl_mfprintf(stderr, "need URL as argument\n");
@@ -149,7 +149,7 @@ static CURLcode test_cli_h2_upgrade_extreme(const char *URL)
   } while(running_handles > 0 || start_count);
 
   curl_mfprintf(stderr, "exiting\n");
-  result = CURLE_OK;
+  res = CURLE_OK;
 
 cleanup:
 
@@ -168,5 +168,5 @@ cleanup:
 
   curl_global_cleanup();
 
-  return result;
+  return res;
 }
diff --git a/tests/libtest/cli_hx_download.c b/tests/libtest/cli_hx_download.c
index 365348455a..f88a456a20 100644
--- a/tests/libtest/cli_hx_download.c
+++ b/tests/libtest/cli_hx_download.c
@@ -63,7 +63,7 @@ struct transfer_d {
   int resumed;
   int done;
   int checked_ssl;
-  CURLcode result;
+  CURLcode res;
 };
 
 static size_t transfer_count_d = 1;
@@ -296,7 +296,7 @@ static CURLcode test_cli_hx_download(const char *URL)
   size_t max_host_conns = 0;
   size_t max_total_conns = 0;
   int fresh_connect = 0;
-  CURLcode result = CURLE_OK;
+  CURLcode res = CURLE_OK;
 
   (void)URL;
 
@@ -307,7 +307,7 @@ static CURLcode test_cli_hx_download(const char *URL)
     switch(ch) {
     case 'h':
       usage_hx_download(NULL);
-      result = (CURLcode)2;
+      res = (CURLcode)2;
       goto optcleanup;
     case 'a':
       abort_paused = 1;
@@ -362,14 +362,14 @@ static CURLcode test_cli_hx_download(const char *URL)
         http_version = CURL_HTTP_VERSION_3ONLY;
       else {
         usage_hx_download("invalid http version");
-        result = (CURLcode)1;
+        res = (CURLcode)1;
         goto optcleanup;
       }
       break;
     }
     default:
       usage_hx_download("invalid option");
-      result = (CURLcode)1;
+      res = (CURLcode)1;
       goto optcleanup;
     }
   }
@@ -380,14 +380,14 @@ static CURLcode test_cli_hx_download(const char *URL)
 
   if(test_argc != 1) {
     usage_hx_download("not enough arguments");
-    result = (CURLcode)2;
+    res = (CURLcode)2;
     goto optcleanup;
   }
   url = test_argv[0];
 
   if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) {
     curl_mfprintf(stderr, "curl_global_init() failed\n");
-    result = (CURLcode)3;
+    res = (CURLcode)3;
     goto optcleanup;
   }
 
@@ -397,7 +397,7 @@ static CURLcode test_cli_hx_download(const char *URL)
   share = curl_share_init();
   if(!share) {
     curl_mfprintf(stderr, "error allocating share\n");
-    result = (CURLcode)1;
+    res = (CURLcode)1;
     goto cleanup;
   }
   curl_share_setopt(share, CURLSHOPT_SHARE, CURL_LOCK_DATA_COOKIE);
@@ -410,7 +410,7 @@ static CURLcode test_cli_hx_download(const char *URL)
   transfer_d = calloc(transfer_count_d, sizeof(*transfer_d));
   if(!transfer_d) {
     curl_mfprintf(stderr, "error allocating transfer structs\n");
-    result = (CURLcode)1;
+    res = (CURLcode)1;
     goto cleanup;
   }
 
@@ -438,7 +438,7 @@ static CURLcode test_cli_hx_download(const char *URL)
        setup_hx_download(t->curl, url, t, http_version, host, share,
                          use_earlydata, fresh_connect)) {
       curl_mfprintf(stderr, "[t-%zu] FAILED setup\n", i);
-      result = (CURLcode)1;
+      res = (CURLcode)1;
       goto cleanup;
     }
     curl_multi_add_handle(multi, t->curl);
@@ -469,9 +469,9 @@ static CURLcode test_cli_hx_download(const char *URL)
         t = get_transfer_for_easy_d(easy);
         if(t) {
           t->done = 1;
-          t->result = m->data.result;
+          t->res = m->data.result;
           curl_mfprintf(stderr, "[t-%zu] FINISHED with result %d\n",
-                        t->idx, t->result);
+                        t->idx, t->res);
           if(use_earlydata) {
             curl_off_t sent;
             curl_easy_getinfo(easy, CURLINFO_EARLYDATA_SENT_T, &sent);
@@ -521,7 +521,7 @@ static CURLcode test_cli_hx_download(const char *URL)
               setup_hx_download(t->curl, url, t, http_version, host, share,
                                 use_earlydata, fresh_connect)) {
               curl_mfprintf(stderr, "[t-%zu] FAILED setup\n", i);
-              result = (CURLcode)1;
+              res = (CURLcode)1;
               goto cleanup;
             }
             curl_multi_add_handle(multi, t->curl);
@@ -554,8 +554,8 @@ cleanup:
         curl_easy_cleanup(t->curl);
         t->curl = NULL;
       }
-      if(t->result)
-        result = t->result;
+      if(t->res)
+        res = t->res;
       else /* on success we expect ssl to have been checked */
         assert(t->checked_ssl);
     }
@@ -571,5 +571,5 @@ optcleanup:
 
   free(resolve);
 
-  return result;
+  return res;
 }
diff --git a/tests/libtest/cli_hx_upload.c b/tests/libtest/cli_hx_upload.c
index dc053ae755..9ce955bba6 100644
--- a/tests/libtest/cli_hx_upload.c
+++ b/tests/libtest/cli_hx_upload.c
@@ -246,7 +246,7 @@ static CURLcode test_cli_hx_upload(const char *URL)
   struct curl_slist *host = NULL;
   const char *resolve = NULL;
   int ch;
-  CURLcode result = CURLE_OK;
+  CURLcode res = CURLE_OK;
 
   (void)URL;
 
@@ -348,7 +348,7 @@ static CURLcode test_cli_hx_upload(const char *URL)
   share = curl_share_init();
   if(!share) {
     curl_mfprintf(stderr, "error allocating share\n");
-    result = (CURLcode)1;
+    res = (CURLcode)1;
     goto cleanup;
   }
   curl_share_setopt(share, CURLSHOPT_SHARE, CURL_LOCK_DATA_COOKIE);
@@ -361,7 +361,7 @@ static CURLcode test_cli_hx_upload(const char *URL)
   transfer_u = calloc(transfer_count_u, sizeof(*transfer_u));
   if(!transfer_u) {
     curl_mfprintf(stderr, "error allocating transfer structs\n");
-    result = (CURLcode)1;
+    res = (CURLcode)1;
     goto cleanup;
   }
 
@@ -380,7 +380,7 @@ static CURLcode test_cli_hx_upload(const char *URL)
     CURL *curl = curl_easy_init();
     if(!curl) {
       curl_mfprintf(stderr, "failed to init easy handle\n");
-      result = (CURLcode)1;
+      res = (CURLcode)1;
       goto cleanup;
     }
     for(i = 0; i < transfer_count_u; ++i) {
@@ -390,7 +390,7 @@ static CURLcode test_cli_hx_upload(const char *URL)
       if(setup_hx_upload(t->curl, url, t, http_version, host, share,
                          use_earlydata, announce_length)) {
         curl_mfprintf(stderr, "[t-%zu] FAILED setup\n", i);
-        result = (CURLcode)1;
+        res = (CURLcode)1;
         goto cleanup;
       }
 
@@ -413,7 +413,7 @@ static CURLcode test_cli_hx_upload(const char *URL)
       if(!t->curl || setup_hx_upload(t->curl, url, t, http_version, host,
                                      share, use_earlydata, announce_length)) {
         curl_mfprintf(stderr, "[t-%zu] FAILED setup\n", i);
-        result = (CURLcode)1;
+        res = (CURLcode)1;
         goto cleanup;
       }
       curl_multi_add_handle(multi, t->curl);
@@ -500,7 +500,7 @@ static CURLcode test_cli_hx_upload(const char *URL)
                                              host, share, use_earlydata,
                                              announce_length)) {
                 curl_mfprintf(stderr, "[t-%zu] FAILED setup\n", i);
-                result = (CURLcode)1;
+                res = (CURLcode)1;
                 goto cleanup;
               }
               curl_multi_add_handle(multi, t->curl);
@@ -546,5 +546,5 @@ cleanup:
   curl_slist_free_all(host);
   curl_global_cleanup();
 
-  return result;
+  return res;
 }
diff --git a/tests/libtest/cli_tls_session_reuse.c b/tests/libtest/cli_tls_session_reuse.c
index 2a6c0ea3bf..2f6bde43e3 100644
--- a/tests/libtest/cli_tls_session_reuse.c
+++ b/tests/libtest/cli_tls_session_reuse.c
@@ -109,7 +109,7 @@ static CURLcode test_cli_tls_session_reuse(const char *URL)
   int add_more, waits, ongoing = 0;
   char *host = NULL, *port = NULL;
   long http_version = CURL_HTTP_VERSION_1_1;
-  CURLcode result = (CURLcode)1;
+  CURLcode res = (CURLcode)1;
 
   if(!URL || !libtest_arg2) {
     curl_mfprintf(stderr, "need args: URL proto\n");
@@ -129,7 +129,7 @@ static CURLcode test_cli_tls_session_reuse(const char *URL)
   cu = curl_url();
   if(!cu) {
     curl_mfprintf(stderr, "out of memory\n");
-    result = (CURLcode)1;
+    res = (CURLcode)1;
     goto cleanup;
   }
   if(curl_url_set(cu, CURLUPART_URL, URL, 0)) {
@@ -236,12 +236,12 @@ static CURLcode test_cli_tls_session_reuse(const char *URL)
 
   if(!tse_found_tls_session) {
     curl_mfprintf(stderr, "CURLINFO_TLS_SSL_PTR not found during run\n");
-    result = CURLE_FAILED_INIT;
+    res = CURLE_FAILED_INIT;
     goto cleanup;
   }
 
   curl_mfprintf(stderr, "exiting\n");
-  result = CURLE_OK;
+  res = CURLE_OK;
 
 cleanup:
 
@@ -265,5 +265,5 @@ cleanup:
     curl_url_cleanup(cu);
   curl_global_cleanup();
 
-  return result;
+  return res;
 }
diff --git a/tests/libtest/cli_upload_pausing.c b/tests/libtest/cli_upload_pausing.c
index 971157c313..441ce899a0 100644
--- a/tests/libtest/cli_upload_pausing.c
+++ b/tests/libtest/cli_upload_pausing.c
@@ -86,7 +86,7 @@ static void usage_upload_pausing(const char *msg)
 static CURLcode test_cli_upload_pausing(const char *URL)
 {
   CURL *curl = NULL;
-  CURLcode result = CURLE_OK;
+  CURLcode res = CURLE_OK;
   CURLU *cu;
   struct curl_slist *resolve = NULL;
   char resolve_buf[1024];
@@ -136,22 +136,22 @@ static CURLcode test_cli_upload_pausing(const char *URL)
   cu = curl_url();
   if(!cu) {
     curl_mfprintf(stderr, "out of memory\n");
-    result = (CURLcode)1;
+    res = (CURLcode)1;
     goto cleanup;
   }
   if(curl_url_set(cu, CURLUPART_URL, url, 0)) {
     curl_mfprintf(stderr, "not a URL: '%s'\n", url);
-    result = (CURLcode)1;
+    res = (CURLcode)1;
     goto cleanup;
   }
   if(curl_url_get(cu, CURLUPART_HOST, &host, 0)) {
     curl_mfprintf(stderr, "could not get host of '%s'\n", url);
-    result = (CURLcode)1;
+    res = (CURLcode)1;
     goto cleanup;
   }
   if(curl_url_get(cu, CURLUPART_PORT, &port, 0)) {
     curl_mfprintf(stderr, "could not get port of '%s'\n", url);
-    result = (CURLcode)1;
+    res = (CURLcode)1;
     goto cleanup;
   }
   memset(&resolve, 0, sizeof(resolve));
@@ -162,7 +162,7 @@ static CURLcode test_cli_upload_pausing(const char *URL)
   curl = curl_easy_init();
   if(!curl) {
     curl_mfprintf(stderr, "out of memory\n");
-    result = (CURLcode)1;
+    res = (CURLcode)1;
     goto cleanup;
   }
   /* We want to use our own read function. */
@@ -190,14 +190,14 @@ static CURLcode test_cli_upload_pausing(const char *URL)
      curl_easy_setopt(curl, CURLOPT_DEBUGFUNCTION, cli_debug_cb) != CURLE_OK ||
      curl_easy_setopt(curl, CURLOPT_RESOLVE, resolve) != CURLE_OK) {
     curl_mfprintf(stderr, "something unexpected went wrong - bailing out!\n");
-    result = (CURLcode)2;
+    res = (CURLcode)2;
     goto cleanup;
   }
 
   curl_easy_setopt(curl, CURLOPT_URL, url);
   curl_easy_setopt(curl, CURLOPT_HTTP_VERSION, http_version);
 
-  result = curl_easy_perform(curl);
+  res = curl_easy_perform(curl);
 
 cleanup:
 
@@ -210,5 +210,5 @@ cleanup:
     curl_url_cleanup(cu);
   curl_global_cleanup();
 
-  return result;
+  return res;
 }
diff --git a/tests/libtest/cli_ws_data.c b/tests/libtest/cli_ws_data.c
index 7e5479b743..aa43bc6058 100644
--- a/tests/libtest/cli_ws_data.c
+++ b/tests/libtest/cli_ws_data.c
@@ -411,7 +411,7 @@ static void test_ws_data_usage(const char *msg)
 static CURLcode test_cli_ws_data(const char *URL)
 {
 #ifndef CURL_DISABLE_WEBSOCKETS
-  CURLcode result = CURLE_OK;
+  CURLcode res = CURLE_OK;
   const char *url;
   size_t plen_min = 0, plen_max = 0, count = 1;
   int ch, model = 2;
@@ -472,13 +472,13 @@ static CURLcode test_cli_ws_data(const char *URL)
   }
 
   if(model == 1)
-    result = test_ws_data_m1_echo(url, plen_min, plen_max);
+    res = test_ws_data_m1_echo(url, plen_min, plen_max);
   else
-    result = test_ws_data_m2_echo(url, count, plen_min, plen_max);
+    res = test_ws_data_m2_echo(url, count, plen_min, plen_max);
 
   curl_global_cleanup();
 
-  return result;
+  return res;
 
 #else /* !CURL_DISABLE_WEBSOCKETS */
   (void)URL;
diff --git a/tests/libtest/cli_ws_pingpong.c b/tests/libtest/cli_ws_pingpong.c
index 995c1e3f7c..0a8e957aa4 100644
--- a/tests/libtest/cli_ws_pingpong.c
+++ b/tests/libtest/cli_ws_pingpong.c
@@ -56,7 +56,7 @@ static CURLcode test_cli_ws_pingpong(const char *URL)
 {
 #ifndef CURL_DISABLE_WEBSOCKETS
   CURL *curl;
-  CURLcode result = CURLE_OK;
+  CURLcode res = CURLE_OK;
   const char *payload;
 
   if(!URL || !libtest_arg2) {
@@ -78,16 +78,16 @@ static CURLcode test_cli_ws_pingpong(const char *URL)
     curl_easy_setopt(curl, CURLOPT_USERAGENT, "ws-pingpong");
     curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
     curl_easy_setopt(curl, CURLOPT_CONNECT_ONLY, 2L); /* websocket style */
-    result = curl_easy_perform(curl);
-    curl_mfprintf(stderr, "curl_easy_perform() returned %u\n", result);
-    if(result == CURLE_OK)
-      result = pingpong(curl, payload);
+    res = curl_easy_perform(curl);
+    curl_mfprintf(stderr, "curl_easy_perform() returned %u\n", res);
+    if(res == CURLE_OK)
+      res = pingpong(curl, payload);
 
     /* always cleanup */
     curl_easy_cleanup(curl);
   }
   curl_global_cleanup();
-  return result;
+  return res;
 
 #else /* !CURL_DISABLE_WEBSOCKETS */
   (void)URL;
diff --git a/tests/libtest/first.c b/tests/libtest/first.c
index ad1f929971..7ab38a9fd8 100644
--- a/tests/libtest/first.c
+++ b/tests/libtest/first.c
@@ -163,11 +163,10 @@ char *hexdump(const unsigned char *buf, size_t len)
 CURLcode ws_send_ping(CURL *curl, const char *send_payload)
 {
   size_t sent;
-  CURLcode result = curl_ws_send(curl, send_payload, strlen(send_payload),
-                                 &sent, 0, CURLWS_PING);
-  curl_mfprintf(stderr, "ws: curl_ws_send returned %u, sent %zu\n",
-                result, sent);
-  return result;
+  CURLcode res = curl_ws_send(curl, send_payload, strlen(send_payload),
+                              &sent, 0, CURLWS_PING);
+  curl_mfprintf(stderr, "ws: curl_ws_send returned %u, sent %zu\n", res, sent);
+  return res;
 }
 
 CURLcode ws_recv_pong(CURL *curl, const char *expected_payload)
@@ -175,11 +174,11 @@ CURLcode ws_recv_pong(CURL *curl, const char *expected_payload)
   size_t rlen;
   const struct curl_ws_frame *meta;
   char buffer[256];
-  CURLcode result = curl_ws_recv(curl, buffer, sizeof(buffer), &rlen, &meta);
-  if(result) {
+  CURLcode res = curl_ws_recv(curl, buffer, sizeof(buffer), &rlen, &meta);
+  if(res) {
     curl_mfprintf(stderr, "ws: curl_ws_recv returned %u, received %zu\n",
-                  result, rlen);
-    return result;
+                  res, rlen);
+    return res;
   }
 
   if(!(meta->flags & CURLWS_PONG)) {
@@ -192,7 +191,7 @@ CURLcode ws_recv_pong(CURL *curl, const char *expected_payload)
   if(rlen == strlen(expected_payload) &&
      !memcmp(expected_payload, buffer, rlen)) {
     curl_mfprintf(stderr, "ws: got the same payload back\n");
-    return CURLE_OK;  /* lib2304 returned 'result' here. Intentional? */
+    return CURLE_OK;  /* lib2304 returned 'res' here. Intentional? */
   }
   curl_mfprintf(stderr, "ws: did NOT get the same payload back\n");
   return CURLE_RECV_ERROR;
@@ -202,9 +201,8 @@ CURLcode ws_recv_pong(CURL *curl, const char *expected_payload)
 void ws_close(CURL *curl)
 {
   size_t sent;
-  CURLcode result = curl_ws_send(curl, "", 0, &sent, 0, CURLWS_CLOSE);
-  curl_mfprintf(stderr, "ws: curl_ws_send returned %u, sent %zu\n",
-                result, sent);
+  CURLcode res = curl_ws_send(curl, "", 0, &sent, 0, CURLWS_CLOSE);
+  curl_mfprintf(stderr, "ws: curl_ws_send returned %u, sent %zu\n", res, sent);
 }
 #endif /* CURL_DISABLE_WEBSOCKETS */
 
@@ -212,7 +210,7 @@ void ws_close(CURL *curl)
 int main(int argc, const char **argv)
 {
   const char *URL = "";
-  CURLcode result;
+  CURLcode res;
   entry_func_t entry_func;
   const char *entry_name;
   const char *env;
@@ -279,8 +277,8 @@ int main(int argc, const char **argv)
       testnum = (int)num;
   }
 
-  result = entry_func(URL);
-  curl_mfprintf(stderr, "Test ended with result %d\n", result);
+  res = entry_func(URL);
+  curl_mfprintf(stderr, "Test ended with result %d\n", res);
 
 #ifdef _WIN32
   /* flush buffers of all streams regardless of mode */
@@ -289,5 +287,5 @@ int main(int argc, const char **argv)
 
   /* Regular program status codes are limited to 0..127 and 126 and 127 have
    * special meanings by the shell, so limit a normal return code to 125 */
-  return (int)result <= 125 ? (int)result : 125;
+  return (int)res <= 125 ? (int)res : 125;
 }
diff --git a/tests/libtest/lib1156.c b/tests/libtest/lib1156.c
index 07f8e46a04..6ceb6894e7 100644
--- a/tests/libtest/lib1156.c
+++ b/tests/libtest/lib1156.c
@@ -44,7 +44,7 @@
 
 struct testparams {
   unsigned int flags; /* ORed flags as above. */
-  CURLcode result; /* Code that should be returned by curl_easy_perform(). */
+  CURLcode res; /* Code that should be returned by curl_easy_perform(). */
 };
 
 static const struct testparams testparams[] = {
@@ -102,14 +102,14 @@ static int onetest(CURL *curl, const char *url, const struct testparams *p,
   test_setopt(curl, CURLOPT_FAILONERROR, (p->flags & F_FAIL) ? 1L : 0L);
   hasbody = 0;
   res = curl_easy_perform(curl);
-  if(res != p->result) {
+  if(res != p->res) {
     curl_mprintf("%zu: bad error code (%d): resume=%s, fail=%s, http416=%s, "
                  "content-range=%s, expected=%d\n", num, res,
                  (p->flags & F_RESUME) ? "yes": "no",
                  (p->flags & F_FAIL) ? "yes": "no",
                  (p->flags & F_HTTP416) ? "yes": "no",
                  (p->flags & F_CONTENTRANGE) ? "yes": "no",
-                 p->result);
+                 p->res);
     return 1;
   }
   if(hasbody && (p->flags & F_IGNOREBODY)) {
diff --git a/tests/libtest/lib1485.c b/tests/libtest/lib1485.c
index 36be7cd1e8..7fea83317c 100644
--- a/tests/libtest/lib1485.c
+++ b/tests/libtest/lib1485.c
@@ -29,7 +29,7 @@ struct t1485_transfer_status {
   CURL *curl;
   curl_off_t out_len;
   size_t hd_line;
-  CURLcode result;
+  CURLcode res;
   int http_status;
 };
 
@@ -39,7 +39,7 @@ static size_t t1485_header_callback(char *ptr, size_t size, size_t nmemb,
   struct t1485_transfer_status *st = (struct t1485_transfer_status *)userp;
   const char *hd = ptr;
   size_t len = size * nmemb;
-  CURLcode result;
+  CURLcode res;
 
   (void)fwrite(ptr, size, nmemb, stdout);
   ++st->hd_line;
@@ -47,22 +47,22 @@ static size_t t1485_header_callback(char *ptr, size_t size, size_t nmemb,
     curl_off_t clen;
     long httpcode = 0;
     /* end of a response */
-    result = curl_easy_getinfo(st->curl, CURLINFO_RESPONSE_CODE, &httpcode);
+    res = curl_easy_getinfo(st->curl, CURLINFO_RESPONSE_CODE, &httpcode);
     curl_mfprintf(stderr, "header_callback, get status: %ld, %d\n",
-                  httpcode, result);
+                  httpcode, res);
     if(httpcode < 100 || httpcode >= 1000) {
       curl_mfprintf(stderr, "header_callback, invalid status: %ld, %d\n",
-                    httpcode, result);
+                    httpcode, res);
       return CURLE_WRITE_ERROR;
     }
     st->http_status = (int)httpcode;
     if(st->http_status >= 200 && st->http_status < 300) {
-      result = curl_easy_getinfo(st->curl, CURLINFO_CONTENT_LENGTH_DOWNLOAD_T,
-                                 &clen);
+      res = curl_easy_getinfo(st->curl, CURLINFO_CONTENT_LENGTH_DOWNLOAD_T,
+                              &clen);
       curl_mfprintf(stderr, "header_callback, info Content-Length: "
-                    "%" CURL_FORMAT_CURL_OFF_T ", %d\n", clen, result);
-      if(result) {
-        st->result = result;
+                    "%" CURL_FORMAT_CURL_OFF_T ", %d\n", clen, res);
+      if(res) {
+        st->res = res;
         return CURLE_WRITE_ERROR;
       }
       if(clen < 0) {
diff --git a/tests/libtest/lib1523.c b/tests/libtest/lib1523.c
index 36bdce8e83..5c9a01a5eb 100644
--- a/tests/libtest/lib1523.c
+++ b/tests/libtest/lib1523.c
@@ -55,7 +55,7 @@ static CURLcode run(CURL *curl, long limit, long time)
 
 static CURLcode test_lib1523(const char *URL)
 {
-  CURLcode ret;
+  CURLcode res;
   CURL *curl;
   char buffer[CURL_ERROR_SIZE];
   curl_global_init(CURL_GLOBAL_ALL);
@@ -66,18 +66,18 @@ static CURLcode test_lib1523(const char *URL)
   curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 0L);
   curl_easy_setopt(curl, CURLOPT_XFERINFOFUNCTION, dload_progress_cb);
 
-  ret = run(curl, 1, 2);
-  if(ret)
-    curl_mfprintf(stderr, "error (%d) %s\n", ret, buffer);
+  res = run(curl, 1, 2);
+  if(res)
+    curl_mfprintf(stderr, "error (%d) %s\n", res, buffer);
 
-  ret = run(curl, 12000, 1);
-  if(ret != CURLE_OPERATION_TIMEDOUT)
-    curl_mfprintf(stderr, "error (%d) %s\n", ret, buffer);
+  res = run(curl, 12000, 1);
+  if(res != CURLE_OPERATION_TIMEDOUT)
+    curl_mfprintf(stderr, "error (%d) %s\n", res, buffer);
   else
-    ret = CURLE_OK;
+    res = CURLE_OK;
 
   curl_easy_cleanup(curl);
   curl_global_cleanup();
 
-  return ret;
+  return res;
 }
diff --git a/tests/libtest/lib1541.c b/tests/libtest/lib1541.c
index a2caaef8c3..150fd2e30b 100644
--- a/tests/libtest/lib1541.c
+++ b/tests/libtest/lib1541.c
@@ -29,7 +29,6 @@ struct t1541_transfer_status {
   CURL *curl;
   int hd_count;
   int bd_count;
-  CURLcode result;
 };
 
 #define KN(a)   a, #a
diff --git a/tests/libtest/lib1568.c b/tests/libtest/lib1568.c
index a7c454edf7..89dd83480d 100644
--- a/tests/libtest/lib1568.c
+++ b/tests/libtest/lib1568.c
@@ -27,15 +27,15 @@
 
 static CURLcode test_lib1568(const char *URL)
 {
-  CURLcode ret = TEST_ERR_MAJOR_BAD;
+  CURLcode res = TEST_ERR_MAJOR_BAD;
   CURL *curl;
   curl_off_t port;
 
   if(curlx_str_number(&libtest_arg2, &port, 0xffff))
-    return ret;
+    return res;
 
   if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK)
-    return ret;
+    return res;
 
   curl = curl_easy_init();
   curl_easy_setopt(curl, CURLOPT_URL, URL);
@@ -47,10 +47,10 @@ static CURLcode test_lib1568(const char *URL)
   curl_easy_setopt(curl, CURLOPT_MAXREDIRS, 50L);
   curl_easy_setopt(curl, CURLOPT_PORT, (long)port);
 
-  ret = curl_easy_perform(curl);
+  res = curl_easy_perform(curl);
 
   curl_easy_cleanup(curl);
 
   curl_global_cleanup();
-  return ret;
+  return res;
 }
diff --git a/tests/libtest/lib1908.c b/tests/libtest/lib1908.c
index 500120066e..1613d03e01 100644
--- a/tests/libtest/lib1908.c
+++ b/tests/libtest/lib1908.c
@@ -27,7 +27,7 @@
 
 static CURLcode test_lib1908(const char *URL)
 {
-  CURLcode ret = CURLE_OK;
+  CURLcode res = TEST_ERR_MAJOR_BAD;
   CURL *curl;
   start_test_timing();
 
@@ -38,13 +38,13 @@ static CURLcode test_lib1908(const char *URL)
     curl_easy_setopt(curl, CURLOPT_URL, URL);
     curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 1L);
     curl_easy_setopt(curl, CURLOPT_ALTSVC, libtest_arg2);
-    ret = curl_easy_perform(curl);
+    res = curl_easy_perform(curl);
 
-    if(!ret) {
+    if(!res) {
       /* make a copy and check that this also has alt-svc activated */
       CURL *curldupe = curl_easy_duphandle(curl);
       if(curldupe) {
-        ret = curl_easy_perform(curldupe);
+        res = curl_easy_perform(curldupe);
         /* we close the second handle first, which makes it store the alt-svc
            file only to get overwritten when the next handle is closed! */
         curl_easy_cleanup(curldupe);
@@ -58,5 +58,5 @@ static CURLcode test_lib1908(const char *URL)
     curl_easy_cleanup(curl);
   }
   curl_global_cleanup();
-  return ret;
+  return res;
 }
diff --git a/tests/libtest/lib1910.c b/tests/libtest/lib1910.c
index 425598bf88..ebe86c1245 100644
--- a/tests/libtest/lib1910.c
+++ b/tests/libtest/lib1910.c
@@ -27,7 +27,7 @@
 
 static CURLcode test_lib1910(const char *URL)
 {
-  CURLcode ret = CURLE_OK;
+  CURLcode res = TEST_ERR_MAJOR_BAD;
   CURL *curl;
   start_test_timing();
 
@@ -39,9 +39,9 @@ static CURLcode test_lib1910(const char *URL)
     curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 1L);
     curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
     curl_easy_setopt(curl, CURLOPT_USERPWD, "user\nname:pass\nword");
-    ret = curl_easy_perform(curl);
+    res = curl_easy_perform(curl);
     curl_easy_cleanup(curl);
   }
   curl_global_cleanup();
-  return ret;
+  return res;
 }
diff --git a/tests/libtest/lib1911.c b/tests/libtest/lib1911.c
index 7add65ec48..46c73ffb36 100644
--- a/tests/libtest/lib1911.c
+++ b/tests/libtest/lib1911.c
@@ -55,7 +55,7 @@ static CURLcode test_lib1911(const char *URL)
       o;
       o = curl_easy_option_next(o)) {
     if(o->type == CURLOT_STRING) {
-      CURLcode result;
+      CURLcode res;
       /*
        * Whitelist string options that are safe for abuse
        */
@@ -72,8 +72,8 @@ static CURLcode test_lib1911(const char *URL)
 
       /* This is a string. Make sure that passing in a string longer
          CURL_MAX_INPUT_LENGTH returns an error */
-      result = curl_easy_setopt(curl, o->id, testbuf);
-      switch(result) {
+      res = curl_easy_setopt(curl, o->id, testbuf);
+      switch(res) {
       case CURLE_BAD_FUNCTION_ARGUMENT: /* the most normal */
       case CURLE_UNKNOWN_OPTION: /* left out from the build */
       case CURLE_NOT_BUILT_IN: /* not supported */
@@ -82,7 +82,7 @@ static CURLcode test_lib1911(const char *URL)
       default:
         /* all other return codes are unexpected */
         curl_mfprintf(stderr, "curl_easy_setopt(%s...) returned %d\n",
-                      o->name, result);
+                      o->name, res);
         error++;
         break;
       }
diff --git a/tests/libtest/lib1913.c b/tests/libtest/lib1913.c
index 94a319f0c7..cea7a6c6ec 100644
--- a/tests/libtest/lib1913.c
+++ b/tests/libtest/lib1913.c
@@ -27,7 +27,7 @@
 
 static CURLcode test_lib1913(const char *URL)
 {
-  CURLcode ret = CURLE_OK;
+  CURLcode res = TEST_ERR_MAJOR_BAD;
   CURL *curl;
   start_test_timing();
 
@@ -40,9 +40,9 @@ static CURLcode test_lib1913(const char *URL)
     if(libtest_arg2)
       /* test1914 sets this extra arg */
       curl_easy_setopt(curl, CURLOPT_FILETIME, 1L);
-    ret = curl_easy_perform(curl);
+    res = curl_easy_perform(curl);
     curl_easy_cleanup(curl);
   }
   curl_global_cleanup();
-  return ret;
+  return res;
 }
diff --git a/tests/libtest/lib2082.c b/tests/libtest/lib2082.c
index 093eebda31..9e41d43b0d 100644
--- a/tests/libtest/lib2082.c
+++ b/tests/libtest/lib2082.c
@@ -53,10 +53,11 @@ static int prereq_callback(void *clientp,
 
 static CURLcode test_lib2082(const char *URL)  /* libprereq */
 {
-  struct prcs prereq_cb;
-  CURLcode ret = CURLE_OK;
+  CURLcode res = TEST_ERR_MAJOR_BAD;
   CURL *curl = NULL;
 
+  struct prcs prereq_cb;
+
   prereq_cb.prereq_retcode = CURL_PREREQFUNC_OK;
   prereq_cb.ipv6 = 0;
 
@@ -83,11 +84,11 @@ static CURLcode test_lib2082(const char *URL)  /* libprereq */
       curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
     }
 
-    ret = curl_easy_perform(curl);
-    if(ret) {
+    res = curl_easy_perform(curl);
+    if(res) {
       curl_mfprintf(stderr,
                     "%s:%d curl_easy_perform() failed with code %d (%s)\n",
-                    __FILE__, __LINE__, ret, curl_easy_strerror(ret));
+                    __FILE__, __LINE__, res, curl_easy_strerror(res));
       goto test_cleanup;
     }
   }
@@ -96,5 +97,5 @@ test_cleanup:
   curl_easy_cleanup(curl);
   curl_global_cleanup();
 
-  return ret;
+  return res;
 }
diff --git a/tests/libtest/lib2301.c b/tests/libtest/lib2301.c
index 40e357a3ba..6fb9e48618 100644
--- a/tests/libtest/lib2301.c
+++ b/tests/libtest/lib2301.c
@@ -57,10 +57,10 @@ static size_t t2301_write_cb(char *b, size_t size, size_t nitems, void *p)
   curl_mfprintf(stderr, "\n");
   (void)size;
   if(buffer[0] == 0x89) {
-    CURLcode result;
+    CURLcode res;
     curl_mfprintf(stderr, "send back a simple PONG\n");
-    result = curl_ws_send(curl, pong, 2, &sent, 0, 0);
-    if(result)
+    res = curl_ws_send(curl, pong, 2, &sent, 0, 0);
+    if(res)
       nitems = 0;
   }
   if(nitems != incoming)
diff --git a/tests/libtest/lib2304.c b/tests/libtest/lib2304.c
index 4a2abe5f7b..cc86e76a10 100644
--- a/tests/libtest/lib2304.c
+++ b/tests/libtest/lib2304.c
@@ -29,9 +29,9 @@ static CURLcode recv_any(CURL *curl)
   size_t rlen;
   const struct curl_ws_frame *meta;
   char buffer[256];
-  CURLcode result = curl_ws_recv(curl, buffer, sizeof(buffer), &rlen, &meta);
-  if(result)
-    return result;
+  CURLcode res = curl_ws_recv(curl, buffer, sizeof(buffer), &rlen, &meta);
+  if(res)
+    return res;
 
   curl_mfprintf(stderr, "recv_any: got %zu bytes rflags %x\n", rlen,
                 meta->flags);
diff --git a/tests/libtest/lib3010.c b/tests/libtest/lib3010.c
index 58271772ab..4595f4de35 100644
--- a/tests/libtest/lib3010.c
+++ b/tests/libtest/lib3010.c
@@ -27,7 +27,7 @@
 
 static CURLcode test_lib3010(const char *URL)
 {
-  CURLcode ret = CURLE_OK;
+  CURLcode res = TEST_ERR_MAJOR_BAD;
   CURL *curl = NULL;
   curl_off_t retry_after;
   char *follow_url = NULL;
@@ -37,22 +37,22 @@ static CURLcode test_lib3010(const char *URL)
 
   if(curl) {
     curl_easy_setopt(curl, CURLOPT_URL, URL);
-    ret = curl_easy_perform(curl);
-    if(ret) {
+    res = curl_easy_perform(curl);
+    if(res) {
       curl_mfprintf(stderr,
                     "%s:%d curl_easy_perform() failed with code %d (%s)\n",
-                    __FILE__, __LINE__, ret, curl_easy_strerror(ret));
+                    __FILE__, __LINE__, res, curl_easy_strerror(res));
       goto test_cleanup;
     }
     curl_easy_getinfo(curl, CURLINFO_REDIRECT_URL, &follow_url);
     curl_easy_getinfo(curl, CURLINFO_RETRY_AFTER, &retry_after);
     curl_mprintf("Retry-After %" CURL_FORMAT_CURL_OFF_T "\n", retry_after);
     curl_easy_setopt(curl, CURLOPT_URL, follow_url);
-    ret = curl_easy_perform(curl);
-    if(ret) {
+    res = curl_easy_perform(curl);
+    if(res) {
       curl_mfprintf(stderr,
                     "%s:%d curl_easy_perform() failed with code %d (%s)\n",
-                    __FILE__, __LINE__, ret, curl_easy_strerror(ret));
+                    __FILE__, __LINE__, res, curl_easy_strerror(res));
       goto test_cleanup;
     }
 
@@ -65,5 +65,5 @@ test_cleanup:
   curl_easy_cleanup(curl);
   curl_global_cleanup();
 
-  return ret;
+  return res;
 }
diff --git a/tests/libtest/lib3207.c b/tests/libtest/lib3207.c
index 316258c86e..8ba88e4a66 100644
--- a/tests/libtest/lib3207.c
+++ b/tests/libtest/lib3207.c
@@ -37,7 +37,7 @@
 struct Ctx {
   const char *URL;
   CURLSH *share;
-  CURLcode result;
+  CURLcode res;
   size_t thread_id;
   struct curl_slist *contents;
 };
@@ -109,7 +109,7 @@ static unsigned int test_thread(void *ptr)
   }
 
 test_cleanup:
-  ctx->result = res;
+  ctx->res = res;
   return 0;
 }
 
@@ -192,15 +192,15 @@ static CURLcode test_lib3207(const char *URL)
     ctx[i].share = share;
     ctx[i].URL = URL;
     ctx[i].thread_id = i;
-    ctx[i].result = CURLE_OK;
+    ctx[i].res = CURLE_OK;
     ctx[i].contents = NULL;
   }
 
   execute(share, ctx);
 
   for(i = 0; i < CURL_ARRAYSIZE(ctx); i++) {
-    if(ctx[i].result) {
-      res = ctx[i].result;
+    if(ctx[i].res) {
+      res = ctx[i].res;
     }
     else {
       struct curl_slist *item = ctx[i].contents;
diff --git a/tests/unit/unit1606.c b/tests/unit/unit1606.c
index e39ecaecdc..d323b5ce02 100644
--- a/tests/unit/unit1606.c
+++ b/tests/unit/unit1606.c
@@ -53,7 +53,7 @@ static int runawhile(struct Curl_easy *easy,
 {
   int counter = 1;
   struct curltime now = {1, 0};
-  CURLcode result;
+  CURLcode res;
   int finaltime;
 
   curl_easy_setopt(easy, CURLOPT_LOW_SPEED_LIMIT, speed_limit);
@@ -63,8 +63,8 @@ static int runawhile(struct Curl_easy *easy,
   do {
     /* fake the current transfer speed */
     easy->progress.current_speed = speed;
-    result = Curl_speedcheck(easy, now);
-    if(result)
+    res = Curl_speedcheck(easy, now);
+    if(res)
       break;
     /* step the time */
     now.tv_sec = ++counter;
diff --git a/tests/unit/unit1651.c b/tests/unit/unit1651.c
index a038caacbd..d3620d99f2 100644
--- a/tests/unit/unit1651.c
+++ b/tests/unit/unit1651.c
@@ -340,7 +340,7 @@ static CURLcode test_unit1651(const char *arg)
   0x61, 0x54, 0x4A, 0x2B, 0xB7, 0x6A, 0x12, 0x08, 0xFB,
   };
 
-  CURLcode result;
+  CURLcode res;
   const char *beg = (const char *)&cert[0];
   const char *end = (const char *)&cert[sizeof(cert)];
   struct Curl_easy *data;
@@ -354,9 +354,9 @@ static CURLcode test_unit1651(const char *arg)
 
   data = curl_easy_init();
   if(data) {
-    result = Curl_extract_certinfo(data, 0, beg, end);
+    res = Curl_extract_certinfo(data, 0, beg, end);
 
-    fail_unless(result == CURLE_OK, "Curl_extract_certinfo returned error");
+    fail_unless(res == CURLE_OK, "Curl_extract_certinfo returned error");
 
     /* a poor man's fuzzing of some initial data to make sure nothing bad
        happens */
diff --git a/tests/unit/unit1654.c b/tests/unit/unit1654.c
index 4fe2439907..d2144fc214 100644
--- a/tests/unit/unit1654.c
+++ b/tests/unit/unit1654.c
@@ -33,12 +33,12 @@ static CURLcode test_unit1654(const char *arg)
 #if !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_ALTSVC)
   char outname[256];
   CURL *curl;
-  CURLcode result;
+  CURLcode res;
   struct altsvcinfo *asi = Curl_altsvc_init();
   abort_if(!asi, "Curl_altsvc_i");
-  result = Curl_altsvc_load(asi, arg);
-  if(result) {
-    fail_if(result, "Curl_altsvc_load");
+  res = Curl_altsvc_load(asi, arg);
+  if(res) {
+    fail_if(res, "Curl_altsvc_load");
     goto fail;
   }
   curl_global_init(CURL_GLOBAL_ALL);
@@ -50,88 +50,86 @@ static CURLcode test_unit1654(const char *arg)
   fail_unless(Curl_llist_count(&asi->list) == 4, "wrong number of entries");
   curl_msnprintf(outname, sizeof(outname), "%s-out", arg);
 
-  result = Curl_altsvc_parse(curl, asi, "h2=\"example.com:8080\"\r\n",
-                             ALPN_h1, "example.org", 8080);
-  fail_if(result, "Curl_altsvc_parse() failed!");
+  res = Curl_altsvc_parse(curl, asi, "h2=\"example.com:8080\"\r\n",
+                          ALPN_h1, "example.org", 8080);
+  fail_if(res, "Curl_altsvc_parse() failed!");
   fail_unless(Curl_llist_count(&asi->list) == 5, "wrong number of entries");
 
-  result = Curl_altsvc_parse(curl, asi, "h3=\":8080\"\r\n",
-                             ALPN_h1, "2.example.org", 8080);
-  fail_if(result, "Curl_altsvc_parse(2) failed!");
+  res = Curl_altsvc_parse(curl, asi, "h3=\":8080\"\r\n",
+                          ALPN_h1, "2.example.org", 8080);
+  fail_if(res, "Curl_altsvc_parse(2) failed!");
   fail_unless(Curl_llist_count(&asi->list) == 6, "wrong number of entries");
 
-  result = Curl_altsvc_parse(curl, asi,
-                             "h2=\"example.com:8080\", "
-                             "h3=\"yesyes.com:8080\"\r\n",
-                             ALPN_h1, "3.example.org", 8080);
-  fail_if(result, "Curl_altsvc_parse(3) failed!");
+  res = Curl_altsvc_parse(curl, asi,
+                          "h2=\"example.com:8080\", "
+                          "h3=\"yesyes.com:8080\"\r\n",
+                          ALPN_h1, "3.example.org", 8080);
+  fail_if(res, "Curl_altsvc_parse(3) failed!");
   /* that one should make two entries */
   fail_unless(Curl_llist_count(&asi->list) == 8, "wrong number of entries");
 
-  result = Curl_altsvc_parse(curl, asi,
-                             "h2=\"example.com:443\"; ma = 120;\r\n",
-                             ALPN_h2, "example.org", 80);
-  fail_if(result, "Curl_altsvc_parse(4) failed!");
+  res = Curl_altsvc_parse(curl, asi,
+                          "h2=\"example.com:443\"; ma = 120;\r\n",
+                          ALPN_h2, "example.org", 80);
+  fail_if(res, "Curl_altsvc_parse(4) failed!");
   fail_unless(Curl_llist_count(&asi->list) == 9, "wrong number of entries");
 
   /* quoted 'ma' value */
-  result = Curl_altsvc_parse(curl, asi,
-                             "h2=\"example.net:443\"; ma=\"180\";\r\n",
-                             ALPN_h2, "example.net", 80);
-  fail_if(result, "Curl_altsvc_parse(5) failed!");
+  res = Curl_altsvc_parse(curl, asi,
+                          "h2=\"example.net:443\"; ma=\"180\";\r\n",
+                          ALPN_h2, "example.net", 80);
+  fail_if(res, "Curl_altsvc_parse(5) failed!");
   fail_unless(Curl_llist_count(&asi->list) == 10, "wrong number of entries");
 
-  result =
-    Curl_altsvc_parse(curl, asi,
-                      "h2=\":443\", h3=\":443\"; "
-                      "persist = \"1\"; ma = 120;\r\n",
-                      ALPN_h1, "curl.se", 80);
-  fail_if(result, "Curl_altsvc_parse(6) failed!");
+  res = Curl_altsvc_parse(curl, asi,
+                          "h2=\":443\", h3=\":443\"; "
+                          "persist = \"1\"; ma = 120;\r\n",
+                          ALPN_h1, "curl.se", 80);
+  fail_if(res, "Curl_altsvc_parse(6) failed!");
   fail_unless(Curl_llist_count(&asi->list) == 12, "wrong number of entries");
 
   /* clear that one again and decrease the counter */
-  result = Curl_altsvc_parse(curl, asi, "clear;\r\n",
-                             ALPN_h1, "curl.se", 80);
-  fail_if(result, "Curl_altsvc_parse(7) failed!");
+  res = Curl_altsvc_parse(curl, asi, "clear;\r\n",
+                          ALPN_h1, "curl.se", 80);
+  fail_if(res, "Curl_altsvc_parse(7) failed!");
   fail_unless(Curl_llist_count(&asi->list) == 10, "wrong number of entries");
 
-  result =
-    Curl_altsvc_parse(curl, asi,
-                      "h2=\":443\", h3=\":443\"; "
-                      "persist = \"1\"; ma = 120;\r\n",
-                      ALPN_h1, "curl.se", 80);
-  fail_if(result, "Curl_altsvc_parse(6) failed!");
+  res = Curl_altsvc_parse(curl, asi,
+                          "h2=\":443\", h3=\":443\"; "
+                          "persist = \"1\"; ma = 120;\r\n",
+                          ALPN_h1, "curl.se", 80);
+  fail_if(res, "Curl_altsvc_parse(6) failed!");
   fail_unless(Curl_llist_count(&asi->list) == 12, "wrong number of entries");
 
   /* clear - without semicolon */
-  result = Curl_altsvc_parse(curl, asi, "clear\r\n",
-                             ALPN_h1, "curl.se", 80);
-  fail_if(result, "Curl_altsvc_parse(7) failed!");
+  res = Curl_altsvc_parse(curl, asi, "clear\r\n",
+                          ALPN_h1, "curl.se", 80);
+  fail_if(res, "Curl_altsvc_parse(7) failed!");
   fail_unless(Curl_llist_count(&asi->list) == 10, "wrong number of entries");
 
   /* only a non-existing alpn */
-  result = Curl_altsvc_parse(curl, asi,
-                             "h6=\"example.net:443\"; ma=\"180\";\r\n",
-                             ALPN_h2, "5.example.net", 80);
-  fail_if(result, "Curl_altsvc_parse(8) failed!");
+  res = Curl_altsvc_parse(curl, asi,
+                          "h6=\"example.net:443\"; ma=\"180\";\r\n",
+                          ALPN_h2, "5.example.net", 80);
+  fail_if(res, "Curl_altsvc_parse(8) failed!");
 
   /* missing quote in alpn host */
-  result = Curl_altsvc_parse(curl, asi,
-                             "h2=\"example.net:443,; ma=\"180\";\r\n",
-                             ALPN_h2, "6.example.net", 80);
-  fail_if(result, "Curl_altsvc_parse(9) failed!");
+  res = Curl_altsvc_parse(curl, asi,
+                          "h2=\"example.net:443,; ma=\"180\";\r\n",
+                          ALPN_h2, "6.example.net", 80);
+  fail_if(res, "Curl_altsvc_parse(9) failed!");
 
   /* missing port in host name */
-  result = Curl_altsvc_parse(curl, asi,
-                             "h2=\"example.net\"; ma=\"180\";\r\n",
-                             ALPN_h2, "7.example.net", 80);
-  fail_if(result, "Curl_altsvc_parse(10) failed!");
+  res = Curl_altsvc_parse(curl, asi,
+                          "h2=\"example.net\"; ma=\"180\";\r\n",
+                          ALPN_h2, "7.example.net", 80);
+  fail_if(res, "Curl_altsvc_parse(10) failed!");
 
   /* illegal port in host name */
-  result = Curl_altsvc_parse(curl, asi,
-                             "h2=\"example.net:70000\"; ma=\"180\";\r\n",
-                             ALPN_h2, "8.example.net", 80);
-  fail_if(result, "Curl_altsvc_parse(11) failed!");
+  res = Curl_altsvc_parse(curl, asi,
+                          "h2=\"example.net:70000\"; ma=\"180\";\r\n",
+                          ALPN_h2, "8.example.net", 80);
+  fail_if(res, "Curl_altsvc_parse(11) failed!");
 
   Curl_altsvc_save(curl, asi, outname);
 
diff --git a/tests/unit/unit1656.c b/tests/unit/unit1656.c
index 98e25b7c22..322aa2dbe3 100644
--- a/tests/unit/unit1656.c
+++ b/tests/unit/unit1656.c
@@ -30,23 +30,23 @@
 struct test_spec {
   const char *input;
   const char *exp_output;
-  CURLcode exp_result;
+  CURLcode exp_res;
 };
 
 static bool do_test(const struct test_spec *spec, size_t i,
                     struct dynbuf *dbuf)
 {
-  CURLcode result;
+  CURLcode res;
   const char *in = spec->input;
 
   curlx_dyn_reset(dbuf);
-  result = Curl_x509_GTime2str(dbuf, in, in + strlen(in));
-  if(result != spec->exp_result) {
+  res = Curl_x509_GTime2str(dbuf, in, in + strlen(in));
+  if(res != spec->exp_res) {
     curl_mfprintf(stderr, "test %zu: expect result %d, got %d\n",
-                  i, spec->exp_result, result);
+                  i, spec->exp_res, res);
     return FALSE;
   }
-  else if(!result && strcmp(spec->exp_output, curlx_dyn_ptr(dbuf))) {
+  else if(!res && strcmp(spec->exp_output, curlx_dyn_ptr(dbuf))) {
     curl_mfprintf(stderr,
                   "test %zu: input '%s', expected output '%s', got '%s'\n",
                   i, in, spec->exp_output, curlx_dyn_ptr(dbuf));
diff --git a/tests/unit/unit1657.c b/tests/unit/unit1657.c
index 4898d6c139..c03cd51f55 100644
--- a/tests/unit/unit1657.c
+++ b/tests/unit/unit1657.c
@@ -30,7 +30,7 @@
 struct test1657_spec {
   CURLcode (*setbuf)(const struct test1657_spec *spec, struct dynbuf *buf);
   size_t n;
-  CURLcode exp_result;
+  CURLcode exp_res;
 };
 
 static CURLcode make1657_nested(const struct test1657_spec *spec,
@@ -64,22 +64,22 @@ static const struct test1657_spec test1657_specs[] = {
 static bool do_test1657(const struct test1657_spec *spec, size_t i,
                         struct dynbuf *buf)
 {
-  CURLcode result;
+  CURLcode res;
   struct Curl_asn1Element elem;
   const char *in;
 
   memset(&elem, 0, sizeof(elem));
   curlx_dyn_reset(buf);
-  result = spec->setbuf(spec, buf);
-  if(result) {
-    curl_mfprintf(stderr, "test %zu: error setting buf %d\n", i, result);
+  res = spec->setbuf(spec, buf);
+  if(res) {
+    curl_mfprintf(stderr, "test %zu: error setting buf %d\n", i, res);
     return FALSE;
   }
   in = curlx_dyn_ptr(buf);
-  result = Curl_x509_getASN1Element(&elem, in, in + curlx_dyn_len(buf));
-  if(result != spec->exp_result) {
+  res = Curl_x509_getASN1Element(&elem, in, in + curlx_dyn_len(buf));
+  if(res != spec->exp_res) {
     curl_mfprintf(stderr, "test %zu: expect result %d, got %d\n",
-                  i, spec->exp_result, result);
+                  i, spec->exp_res, res);
     return FALSE;
   }
   return TRUE;
diff --git a/tests/unit/unit1658.c b/tests/unit/unit1658.c
index 6db1043092..3273c2141a 100644
--- a/tests/unit/unit1658.c
+++ b/tests/unit/unit1658.c
@@ -48,11 +48,11 @@ extern void doh_print_httpsrr(struct Curl_easy *data,
  */
 
 static char rrbuffer[256];
-static void rrresults(struct Curl_https_rrinfo *rr, CURLcode result)
+static void rrresults(struct Curl_https_rrinfo *rr, CURLcode res)
 {
   char *p = rrbuffer;
   char *pend = rrbuffer + sizeof(rrbuffer);
-  curl_msnprintf(rrbuffer, sizeof(rrbuffer), "r:%d|", (int)result);
+  curl_msnprintf(rrbuffer, sizeof(rrbuffer), "r:%d|", (int)res);
   p += strlen(rrbuffer);
 
   if(rr) {
@@ -502,7 +502,7 @@ static CURLcode test_unit1658(const char *arg)
     }
   };
 
-  CURLcode result = CURLE_OUT_OF_MEMORY;
+  CURLcode res = CURLE_OUT_OF_MEMORY;
   CURL *easy;
 
   easy = curl_easy_init();
@@ -516,10 +516,10 @@ static CURLcode test_unit1658(const char *arg)
 
       curl_mprintf("test %u: %s\n", i, t[i].name);
 
-      result = doh_resp_decode_httpsrr(easy, t[i].dns, t[i].len, &hrr);
+      res = doh_resp_decode_httpsrr(easy, t[i].dns, t[i].len, &hrr);
 
       /* create an output */
-      rrresults(hrr, result);
+      rrresults(hrr, res);
 
       /* is the output the expected? */
       if(strcmp(rrbuffer, t[i].expect)) {
diff --git a/tests/unit/unit1660.c b/tests/unit/unit1660.c
index cbb7820215..376f6bdcfa 100644
--- a/tests/unit/unit1660.c
+++ b/tests/unit/unit1660.c
@@ -54,7 +54,7 @@ static CURLcode test_unit1660(const char *arg)
     const char *host;
     const char *chost; /* if non-NULL, use to lookup with */
     const char *hdr; /* if NULL, just do the lookup */
-    const CURLcode result; /* parse result */
+    const CURLcode res; /* parse result */
   };
 
   static const struct testit headers[] = {
@@ -110,7 +110,7 @@ static CURLcode test_unit1660(const char *arg)
     { NULL, NULL, NULL, CURLE_OK }
   };
 
-  CURLcode result;
+  CURLcode res;
   struct stsentry *e;
   struct hsts *h = Curl_hsts_init();
   int i;
@@ -132,16 +132,16 @@ static CURLcode test_unit1660(const char *arg)
 
   for(i = 0; headers[i].host ; i++) {
     if(headers[i].hdr) {
-      result = Curl_hsts_parse(h, headers[i].host, headers[i].hdr);
+      res = Curl_hsts_parse(h, headers[i].host, headers[i].hdr);
 
-      if(result != headers[i].result) {
+      if(res != headers[i].res) {
         curl_mfprintf(stderr, "Curl_hsts_parse(%s) failed: %d\n",
-                      headers[i].hdr, result);
+                      headers[i].hdr, res);
         unitfail++;
         continue;
       }
-      else if(result) {
-        curl_mprintf("Input %u: error %d\n", i, (int) result);
+      else if(res) {
+        curl_mprintf("Input %u: error %d\n", i, (int)res);
         continue;
       }
     }
diff --git a/tests/unit/unit1661.c b/tests/unit/unit1661.c
index 446ef51bda..6cc4485544 100644
--- a/tests/unit/unit1661.c
+++ b/tests/unit/unit1661.c
@@ -52,7 +52,7 @@ static CURLcode test_unit1661(const char *arg)
   UNITTEST_BEGIN(t1661_setup(&bufref))
 
   const char *buffer = NULL;
-  CURLcode result = CURLE_OK;
+  CURLcode res = CURLE_OK;
 
   /**
    * testing Curl_bufref_init.
@@ -90,8 +90,8 @@ static CURLcode test_unit1661(const char *arg)
   /**
    * testing Curl_bufref_memdup
    */
-  result = Curl_bufref_memdup(&bufref, "1661", 3);
-  abort_unless(result == CURLE_OK, curl_easy_strerror(result));
+  res = Curl_bufref_memdup(&bufref, "1661", 3);
+  abort_unless(res == CURLE_OK, curl_easy_strerror(res));
   fail_unless(freecount == 1, "Destructor not called");
   fail_unless((const char *)bufref.ptr != buffer, "Returned pointer not set");
   buffer = (const char *)Curl_bufref_ptr(&bufref);
diff --git a/tests/unit/unit2600.c b/tests/unit/unit2600.c
index fbf53c5107..6a03c438dc 100644
--- a/tests/unit/unit2600.c
+++ b/tests/unit/unit2600.c
@@ -84,7 +84,7 @@ struct test_case {
   int exp_cf6_creations;
   timediff_t min_duration_ms;
   timediff_t max_duration_ms;
-  CURLcode exp_result;
+  CURLcode exp_res;
   const char *pref_family;
 };
 
@@ -96,7 +96,7 @@ struct ai_family_stats {
 };
 
 struct test_result {
-  CURLcode result;
+  CURLcode res;
   struct curltime started;
   struct curltime ended;
   struct ai_family_stats cf4;
@@ -189,13 +189,13 @@ static CURLcode cf_test_create(struct Curl_cfilter **pcf,
   struct cf_test_ctx *ctx = NULL;
   struct Curl_cfilter *cf = NULL;
   timediff_t created_at;
-  CURLcode result;
+  CURLcode res;
 
   (void)data;
   (void)conn;
   ctx = calloc(1, sizeof(*ctx));
   if(!ctx) {
-    result = CURLE_OUT_OF_MEMORY;
+    res = CURLE_OUT_OF_MEMORY;
     goto out;
   }
   ctx->idx = test_idx++;
@@ -224,19 +224,19 @@ static CURLcode cf_test_create(struct Curl_cfilter **pcf,
   ctx->stats->last_created = created_at;
   infof(data, "%04dms: cf[%s] created", (int)created_at, ctx->id);
 
-  result = Curl_cf_create(&cf, &cft_test, ctx);
-  if(result)
+  res = Curl_cf_create(&cf, &cft_test, ctx);
+  if(res)
     goto out;
 
   Curl_expire(data, ctx->fail_delay_ms, EXPIRE_TIMEOUT);
 
 out:
-  *pcf = (!result) ? cf : NULL;
-  if(result) {
+  *pcf = (!res) ? cf : NULL;
+  if(res) {
     free(cf);
     free(ctx);
   }
-  return result;
+  return res;
 }
 
 static void check_result(const struct test_case *tc,
@@ -248,12 +248,12 @@ static void check_result(const struct test_case *tc,
   duration_ms = curlx_timediff_ms(tr->ended, tr->started);
   curl_mfprintf(stderr, "%d: test case took %dms\n", tc->id, (int)duration_ms);
 
-  if(tr->result != tc->exp_result
-    && CURLE_OPERATION_TIMEDOUT != tr->result) {
+  if(tr->res != tc->exp_res
+    && CURLE_OPERATION_TIMEDOUT != tr->res) {
     /* on CI we encounter the TIMEOUT result, since images get less CPU
      * and events are not as sharply timed. */
     curl_msprintf(msg, "%d: expected result %d but got %d",
-                  tc->id, tc->exp_result, tr->result);
+                  tc->id, tc->exp_res, tr->res);
     fail(msg);
   }
   if(tr->cf4.creations != tc->exp_cf4_creations) {
@@ -326,7 +326,7 @@ static void test_connect(CURL *easy, const struct test_case *tc)
   tr.cf4.family = "v4";
 
   tr.started = curlx_now();
-  tr.result = curl_easy_perform(easy);
+  tr.res = curl_easy_perform(easy);
   tr.ended = curlx_now();
 
   curl_easy_setopt(easy, CURLOPT_RESOLVE, NULL);
diff --git a/tests/unit/unit2601.c b/tests/unit/unit2601.c
index aadd69fc12..8411c19e98 100644
--- a/tests/unit/unit2601.c
+++ b/tests/unit/unit2601.c
@@ -85,7 +85,7 @@ static void check_bufq(size_t pool_spares,
   struct bufq q;
   struct bufc_pool pool;
   size_t max_len = chunk_size * max_chunks;
-  CURLcode result;
+  CURLcode res;
   ssize_t i;
   size_t n2;
   size_t nwritten, nread;
@@ -105,20 +105,20 @@ static void check_bufq(size_t pool_spares,
   fail_unless(q.spare == NULL, "init: spare not NULL");
   fail_unless(Curl_bufq_len(&q) == 0, "init: bufq length != 0");
 
-  result = Curl_bufq_write(&q, test_data, wsize, &n2);
+  res = Curl_bufq_write(&q, test_data, wsize, &n2);
   fail_unless(n2 <= wsize, "write: wrong size returned");
-  fail_unless(result == CURLE_OK, "write: wrong result returned");
+  fail_unless(res == CURLE_OK, "write: wrong result returned");
 
   /* write empty bufq full */
   nwritten = 0;
   Curl_bufq_reset(&q);
   while(!Curl_bufq_is_full(&q)) {
-    result = Curl_bufq_write(&q, test_data, wsize, &n2);
-    if(!result) {
+    res = Curl_bufq_write(&q, test_data, wsize, &n2);
+    if(!res) {
       nwritten += n2;
     }
-    else if(result != CURLE_AGAIN) {
-      fail_unless(result == CURLE_AGAIN, "write-loop: unexpected result");
+    else if(res != CURLE_AGAIN) {
+      fail_unless(res == CURLE_AGAIN, "write-loop: unexpected result");
       break;
     }
   }
@@ -132,12 +132,12 @@ static void check_bufq(size_t pool_spares,
   /* read full bufq empty */
   nread = 0;
   while(!Curl_bufq_is_empty(&q)) {
-    result = Curl_bufq_read(&q, test_data, rsize, &n2);
-    if(!result) {
+    res = Curl_bufq_read(&q, test_data, rsize, &n2);
+    if(!res) {
       nread += n2;
     }
-    else if(result != CURLE_AGAIN) {
-      fail_unless(result == CURLE_AGAIN, "read-loop: unexpected result");
+    else if(res != CURLE_AGAIN) {
+      fail_unless(res == CURLE_AGAIN, "read-loop: unexpected result");
       break;
     }
   }
@@ -153,14 +153,14 @@ static void check_bufq(size_t pool_spares,
   }
 
   for(i = 0; i < 1000; ++i) {
-    result = Curl_bufq_write(&q, test_data, wsize, &n2);
-    if(result && result != CURLE_AGAIN) {
-      fail_unless(result == CURLE_AGAIN, "rw-loop: unexpected write result");
+    res = Curl_bufq_write(&q, test_data, wsize, &n2);
+    if(res && res != CURLE_AGAIN) {
+      fail_unless(res == CURLE_AGAIN, "rw-loop: unexpected write result");
       break;
     }
-    result = Curl_bufq_read(&q, test_data, rsize, &n2);
-    if(result && result != CURLE_AGAIN) {
-      fail_unless(result == CURLE_AGAIN, "rw-loop: unexpected read result");
+    res = Curl_bufq_read(&q, test_data, rsize, &n2);
+    if(res && res != CURLE_AGAIN) {
+      fail_unless(res == CURLE_AGAIN, "rw-loop: unexpected read result");
       break;
     }
   }
@@ -170,9 +170,9 @@ static void check_bufq(size_t pool_spares,
   Curl_bufq_init2(&q, chunk_size, max_chunks, (opts|BUFQ_OPT_SOFT_LIMIT));
   nwritten = 0;
   while(!Curl_bufq_is_full(&q)) {
-    result = Curl_bufq_write(&q, test_data, wsize, &n2);
-    if(result || n2 != wsize) {
-      fail_unless(!result && n2 == wsize, "write should be complete");
+    res = Curl_bufq_write(&q, test_data, wsize, &n2);
+    if(res || n2 != wsize) {
+      fail_unless(!res && n2 == wsize, "write should be complete");
       break;
     }
     nwritten += n2;
@@ -184,15 +184,15 @@ static void check_bufq(size_t pool_spares,
     fail_if(TRUE, "write: bufq full but nwritten wrong");
   }
   /* do one more write on a full bufq, should work */
-  result = Curl_bufq_write(&q, test_data, wsize, &n2);
-  fail_unless(!result && n2 == wsize, "write should be complete");
+  res = Curl_bufq_write(&q, test_data, wsize, &n2);
+  fail_unless(!res && n2 == wsize, "write should be complete");
   nwritten += n2;
   /* see that we get all out again */
   nread = 0;
   while(!Curl_bufq_is_empty(&q)) {
-    result = Curl_bufq_read(&q, test_data, rsize, &n2);
-    if(result) {
-      fail_unless(result, "read-loop: unexpected fail");
+    res = Curl_bufq_read(&q, test_data, rsize, &n2);
+    if(res) {
+      fail_unless(res, "read-loop: unexpected fail");
       break;
     }
     nread += n2;
@@ -211,12 +211,12 @@ static CURLcode test_unit2601(const char *arg)
 
   struct bufq q;
   size_t n;
-  CURLcode result;
+  CURLcode res;
   unsigned char buf[16*1024];
 
   Curl_bufq_init(&q, 8*1024, 12);
-  result = Curl_bufq_read(&q, buf, 128, &n);
-  fail_unless(result && result == CURLE_AGAIN, "read empty fail");
+  res = Curl_bufq_read(&q, buf, 128, &n);
+  fail_unless(res && res == CURLE_AGAIN, "read empty fail");
   Curl_bufq_free(&q);
 
   check_bufq(0, 1024, 4, 128, 128, BUFQ_OPT_NONE);
diff --git a/tests/unit/unit2602.c b/tests/unit/unit2602.c
index f031132986..da2b7dba54 100644
--- a/tests/unit/unit2602.c
+++ b/tests/unit/unit2602.c
@@ -33,7 +33,7 @@ static CURLcode test_unit2602(const char *arg)
 
   struct dynhds hds;
   struct dynbuf dbuf;
-  CURLcode result;
+  CURLcode res;
   size_t i;
 
   /* add 1 more header than allowed */
@@ -62,8 +62,8 @@ static CURLcode test_unit2602(const char *arg)
   }
   fail_unless(Curl_dynhds_count(&hds) == 2, "should hold 2");
   /* exceed limit on # of entries */
-  result = Curl_dynhds_add(&hds, "test3", 5, "789", 3);
-  fail_unless(result, "add should have failed");
+  res = Curl_dynhds_add(&hds, "test3", 5, "789", 3);
+  fail_unless(res, "add should have failed");
 
   fail_unless(Curl_dynhds_count_name(&hds, "test", 4) == 0, "false positive");
   fail_unless(Curl_dynhds_count_name(&hds, "test1", 4) == 0, "false positive");
@@ -94,9 +94,9 @@ static CURLcode test_unit2602(const char *arg)
   fail_unless(Curl_dynhds_cremove(&hds, "blablabla") == 2, "should");
   fail_if(Curl_dynhds_ccontains(&hds, "blablabla"), "should not");
 
-  result = Curl_dynhds_h1_cadd_line(&hds, "blablabla thingies");
-  fail_unless(result, "add should have failed");
-  if(!result) {
+  res = Curl_dynhds_h1_cadd_line(&hds, "blablabla thingies");
+  fail_unless(res, "add should have failed");
+  if(!res) {
     fail_unless(Curl_dynhds_ccount_name(&hds, "bLABlaBlA") == 0, "should");
     fail_if(Curl_dynhds_cadd(&hds, "Bla-Bla", "thingies"), "add failed");
 
@@ -113,8 +113,8 @@ static CURLcode test_unit2602(const char *arg)
   Curl_dynhds_free(&hds);
   Curl_dynhds_init(&hds, 128, 4*1024);
   /* continuation without previous header fails */
-  result = Curl_dynhds_h1_cadd_line(&hds, " indented value");
-  fail_unless(result, "add should have failed");
+  res = Curl_dynhds_h1_cadd_line(&hds, " indented value");
+  fail_unless(res, "add should have failed");
 
   /* continuation with previous header must succeed */
   fail_if(Curl_dynhds_h1_cadd_line(&hds, "ti1: val1"), "add");
diff --git a/tests/unit/unit2604.c b/tests/unit/unit2604.c
index 13f7e80d8a..695b121007 100644
--- a/tests/unit/unit2604.c
+++ b/tests/unit/unit2604.c
@@ -36,7 +36,7 @@ static CURLcode test_unit2604(const char *arg)
     const char *expect; /* the returned content */
     const char *next;   /* what cp points to after the call */
     const char *home;
-    CURLcode result;
+    CURLcode res;
   };
 
 #if defined(CURL_GNUC_DIAG) || defined(__clang__)
@@ -86,14 +86,14 @@ static CURLcode test_unit2604(const char *arg)
   for(i = 0; list[i].home; i++) {
     char *path;
     const char *cp = i == 0 ? cp0 : list[i].cp;
-    CURLcode result = Curl_get_pathname(&cp, &path, list[i].home);
+    CURLcode res = Curl_get_pathname(&cp, &path, list[i].home);
     curl_mprintf("%u - Curl_get_pathname(\"%s\", ... \"%s\") == %u\n", i,
-                 list[i].cp, list[i].home, list[i].result);
-    if(result != list[i].result) {
-      curl_mprintf("... returned %d\n", result);
+                 list[i].cp, list[i].home, list[i].res);
+    if(res != list[i].res) {
+      curl_mprintf("... returned %d\n", res);
       unitfail++;
     }
-    if(!result) {
+    if(!res) {
       if(cp && strcmp(cp, list[i].next)) {
         curl_mprintf("... cp points to '%s', not '%s' as expected \n",
                      cp, list[i].next);
diff --git a/tests/unit/unit2605.c b/tests/unit/unit2605.c
index b94e87e78c..71c37f32cf 100644
--- a/tests/unit/unit2605.c
+++ b/tests/unit/unit2605.c
@@ -36,7 +36,7 @@ static CURLcode test_unit2605(const char *arg)
     curl_off_t filesize;
     curl_off_t start;
     curl_off_t size;
-    CURLcode result;
+    CURLcode res;
   };
 
   int i;
@@ -78,16 +78,16 @@ static CURLcode test_unit2605(const char *arg)
     for(i = 0; list[i].r; i++) {
       curl_off_t start;
       curl_off_t size;
-      CURLcode result;
+      CURLcode res;
       curl_mprintf("%u: '%s' (file size: %" FMT_OFF_T ")\n",
                    i, list[i].r, list[i].filesize);
-      result = Curl_ssh_range(curl, list[i].r, list[i].filesize,
-                              &start, &size);
-      if(result != list[i].result) {
-        curl_mprintf("... returned %d\n", result);
+      res = Curl_ssh_range(curl, list[i].r, list[i].filesize,
+                           &start, &size);
+      if(res != list[i].res) {
+        curl_mprintf("... returned %d\n", res);
         unitfail++;
       }
-      if(!result) {
+      if(!res) {
         if(start != list[i].start) {
           curl_mprintf("... start (%" FMT_OFF_T ") was not %" FMT_OFF_T " \n",
                        start, list[i].start);
diff --git a/tests/unit/unit3200.c b/tests/unit/unit3200.c
index 15abba25db..0b3c876911 100644
--- a/tests/unit/unit3200.c
+++ b/tests/unit/unit3200.c
@@ -76,7 +76,7 @@ static CURLcode test_unit3200(const char *arg)
 #endif
 
   size_t i;
-  CURLcode result = CURLE_OK;
+  CURLcode res = CURLE_OK;
   for(i = 0; i < CURL_ARRAYSIZE(filecontents); i++) {
     FILE *fp;
     struct dynbuf buf;
@@ -96,62 +96,62 @@ static CURLcode test_unit3200(const char *arg)
     curl_mfprintf(stderr, "Test %zd...", i);
     switch(i) {
       case 0:
-        result = Curl_get_line(&buf, fp, &eof);
+        res = Curl_get_line(&buf, fp, &eof);
         line = curlx_dyn_ptr(&buf);
-        fail_unless(!result && line && !strcmp("LINE1\n", line),
+        fail_unless(!res && line && !strcmp("LINE1\n", line),
                     "First line failed (1)");
-        result = Curl_get_line(&buf, fp, &eof);
+        res = Curl_get_line(&buf, fp, &eof);
         line = curlx_dyn_ptr(&buf);
-        fail_unless(!result && line && !strcmp("LINE2 NEWLINE\n", line),
+        fail_unless(!res && line && !strcmp("LINE2 NEWLINE\n", line),
                     "Second line failed (1)");
-        result = Curl_get_line(&buf, fp, &eof);
+        res = Curl_get_line(&buf, fp, &eof);
         abort_unless(eof, "Missed EOF (1)");
         break;
       case 1:
-        result = Curl_get_line(&buf, fp, &eof);
+        res = Curl_get_line(&buf, fp, &eof);
         line = curlx_dyn_ptr(&buf);
-        fail_unless(!result && line && !strcmp("LINE1\n", line),
+        fail_unless(!res && line && !strcmp("LINE1\n", line),
                     "First line failed (2)");
-        result = Curl_get_line(&buf, fp, &eof);
+        res = Curl_get_line(&buf, fp, &eof);
         line = curlx_dyn_ptr(&buf);
-        fail_unless(!result && line && !strcmp("LINE2 NONEWLINE\n", line),
+        fail_unless(!res && line && !strcmp("LINE2 NONEWLINE\n", line),
                     "Second line failed (2)");
-        result = Curl_get_line(&buf, fp, &eof);
+        res = Curl_get_line(&buf, fp, &eof);
         abort_unless(eof, "Missed EOF (2)");
         break;
       case 2:
-        result = Curl_get_line(&buf, fp, &eof);
+        res = Curl_get_line(&buf, fp, &eof);
         line = curlx_dyn_ptr(&buf);
-        fail_unless(!result && line && !strcmp("LINE1\n", line),
+        fail_unless(!res && line && !strcmp("LINE1\n", line),
                     "First line failed (3)");
-        result = Curl_get_line(&buf, fp, &eof);
+        res = Curl_get_line(&buf, fp, &eof);
         fail_unless(!curlx_dyn_len(&buf),
                     "Did not detect max read on EOF (3)");
         break;
       case 3:
-        result = Curl_get_line(&buf, fp, &eof);
+        res = Curl_get_line(&buf, fp, &eof);
         line = curlx_dyn_ptr(&buf);
-        fail_unless(!result && line && !strcmp("LINE1\n", line),
+        fail_unless(!res && line && !strcmp("LINE1\n", line),
                     "First line failed (4)");
-        result = Curl_get_line(&buf, fp, &eof);
+        res = Curl_get_line(&buf, fp, &eof);
         fail_unless(!curlx_dyn_len(&buf),
                     "Did not ignore partial on EOF (4)");
         break;
       case 4:
-        result = Curl_get_line(&buf, fp, &eof);
+        res = Curl_get_line(&buf, fp, &eof);
         line = curlx_dyn_ptr(&buf);
-        fail_unless(!result && line && !strcmp("LINE1\n", line),
+        fail_unless(!res && line && !strcmp("LINE1\n", line),
                     "First line failed (5)");
-        result = Curl_get_line(&buf, fp, &eof);
+        res = Curl_get_line(&buf, fp, &eof);
         fail_unless(!curlx_dyn_len(&buf),
                     "Did not bail out on too long line");
         break;
       case 5:
-        result = Curl_get_line(&buf, fp, &eof);
+        res = Curl_get_line(&buf, fp, &eof);
         line = curlx_dyn_ptr(&buf);
-        fail_unless(!result && line && !strcmp("LINE1\x1aTEST\n", line),
+        fail_unless(!res && line && !strcmp("LINE1\x1aTEST\n", line),
                     "Missed/Misinterpreted ^Z (6)");
-        result = Curl_get_line(&buf, fp, &eof);
+        res = Curl_get_line(&buf, fp, &eof);
         abort_unless(eof, "Missed EOF (6)");
         break;
       default:
@@ -162,7 +162,7 @@ static CURLcode test_unit3200(const char *arg)
     curlx_fclose(fp);
     curl_mfprintf(stderr, "OK\n");
   }
-  return result;
+  return res;
 
 #endif
 

From ae7b4eeade0e4903e97fe2a9bac013efc034221f Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 13 Nov 2025 23:47:10 +0100
Subject: [PATCH 0844/2408] curl_setup.h: drop stray `#undef stat` (Windows)

Follow-up to 9678ff5b1bfea1c847aee4f9edf023e8f01c9293 #18776

Closes #19519
---
 lib/curl_setup.h | 1 -
 1 file changed, 1 deletion(-)

diff --git a/lib/curl_setup.h b/lib/curl_setup.h
index 7c033623c5..d41c9b8cea 100644
--- a/lib/curl_setup.h
+++ b/lib/curl_setup.h
@@ -493,7 +493,6 @@
 #    define lseek(fdes, offset, whence)  _lseeki64(fdes, offset, whence)
 #    undef  fstat
 #    define fstat(fdes,stp)              _fstati64(fdes, stp)
-#    undef  stat
 #    define struct_stat                  struct _stati64
 #    define LSEEK_ERROR                  (__int64)-1
 #  else

From 3fc31c4ee200c7ae9b5fd8dbd9b590a6405395cc Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Thu, 13 Nov 2025 23:03:52 +0100
Subject: [PATCH 0845/2408] config2setopts: bail out if curl_url_get() returns
 OOM

Closes #19518
---
 src/config2setopts.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/config2setopts.c b/src/config2setopts.c
index 57e7a73376..7d099602d3 100644
--- a/src/config2setopts.c
+++ b/src/config2setopts.c
@@ -141,8 +141,9 @@ static CURLcode url_proto_and_rewrite(char **url,
       curl_url_set(uh, CURLUPART_URL, *url,
                    CURLU_GUESS_SCHEME | CURLU_NON_SUPPORT_SCHEME);
     if(!uc) {
-      if(!curl_url_get(uh, CURLUPART_SCHEME, &schemep,
-                       CURLU_DEFAULT_SCHEME)) {
+      uc = curl_url_get(uh, CURLUPART_SCHEME, &schemep,
+                        CURLU_DEFAULT_SCHEME);
+      if(!uc) {
 #ifdef CURL_DISABLE_IPFS
         (void)config;
 #else
@@ -162,6 +163,8 @@ static CURLcode url_proto_and_rewrite(char **url,
           proto = proto_token(schemep);
         curl_free(schemep);
       }
+      else if(uc == CURLUE_OUT_OF_MEMORY)
+        result = CURLE_OUT_OF_MEMORY;
     }
     else if(uc == CURLUE_OUT_OF_MEMORY)
       result = CURLE_OUT_OF_MEMORY;

From 5f4cd4c689c822ce957bb415076f0c78e5f474b5 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 10 Nov 2025 09:59:25 +0100
Subject: [PATCH 0846/2408] DEPRECATE: remove RTMP support in April 2026

URL: https://curl.se/mail/lib-2025-11/0008.html
---
 docs/DEPRECATE.md | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/docs/DEPRECATE.md b/docs/DEPRECATE.md
index 43c94875b1..48c44e6c6b 100644
--- a/docs/DEPRECATE.md
+++ b/docs/DEPRECATE.md
@@ -70,6 +70,18 @@ stack.
 
 We remove the OpenSSL-QUIC backend in March 2026.
 
+## RTMP
+
+RTMP in curl is powered by the 3rd party library librtmp.
+
+ - RTMP is barely used by curl users (2.2% in the 2025 survey)
+ - librtmp has no test cases, makes no proper releases and has not had a single
+   commit within the last year
+ - librtmp parses the URL itself and requires non-compliant URLs for this
+ - we have no RTMP tests
+
+Support for RTMP in libcurl gets removed in April 2026.
+
 ## Past removals
 
  - axTLS (removed in 7.63.0)

From 971e8d661c68ce8859885c3ae865ff9441b62f0e Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Fri, 14 Nov 2025 12:51:31 +0100
Subject: [PATCH 0847/2408] examples/multithread: fix race condition

Reported-by: Nick Korepanov
Fixes #19524
Closes #19526
---
 docs/examples/multithread.c | 22 +++++++++++++++-------
 1 file changed, 15 insertions(+), 7 deletions(-)

diff --git a/docs/examples/multithread.c b/docs/examples/multithread.c
index 36836ef475..3ecca25908 100644
--- a/docs/examples/multithread.c
+++ b/docs/examples/multithread.c
@@ -50,14 +50,19 @@ static const char * const urls[NUMT]= {
   "www.example"
 };
 
-static void *pull_one_url(void *pindex)
+struct targ {
+  const char *url;
+};
+
+
+static void *pull_one_url(void *p)
 {
   CURL *curl;
+  struct targ *targ = p;
 
   curl = curl_easy_init();
   if(curl) {
-    int i = *(int *)pindex;
-    curl_easy_setopt(curl, CURLOPT_URL, urls[i]);
+    curl_easy_setopt(curl, CURLOPT_URL, targ->url);
     (void)curl_easy_perform(curl); /* ignores error */
     curl_easy_cleanup(curl);
   }
@@ -76,6 +81,7 @@ int main(void)
 {
   CURLcode res;
   pthread_t tid[NUMT];
+  struct targ targs[NUMT];
   int i;
 
   /* Must initialize libcurl before any threads are started */
@@ -84,10 +90,12 @@ int main(void)
     return (int)res;
 
   for(i = 0; i < NUMT; i++) {
-    int error = pthread_create(&tid[i],
-                               NULL, /* default attributes please */
-                               pull_one_url,
-                               (void *)&i);
+    int error;
+    targs[i].url = urls[i];
+    error = pthread_create(&tid[i],
+                           NULL, /* default attributes please */
+                           pull_one_url,
+                           (void *)&targs[i]);
     if(error)
       fprintf(stderr, "Couldn't run thread number %d, errno %d\n", i, error);
     else

From 9a633ec04f3a7f5e9260ff73c08f0140fa6668de Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Fri, 14 Nov 2025 10:52:43 +0100
Subject: [PATCH 0848/2408] connect: reshuffle Curl_timeleft_ms to avoid
 'redundant condition'

Line 143: "if(duringconnect)" would always equal true. While this is
harmless, I believe this minor tweak makes the flow slightly more
obvious to the reader and avoids the redundant condition.

Pointed out by CodeSonar

Closes #19523
---
 lib/connect.c | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/lib/connect.c b/lib/connect.c
index 18d9028c6c..573b02952b 100644
--- a/lib/connect.c
+++ b/lib/connect.c
@@ -116,6 +116,7 @@ timediff_t Curl_timeleft_ms(struct Curl_easy *data,
 {
   timediff_t timeleft_ms = 0;
   timediff_t ctimeleft_ms = 0;
+  timediff_t ctimeout_ms;
   struct curltime now;
 
   /* The duration of a connect and the total transfer are calculated from two
@@ -136,20 +137,19 @@ timediff_t Curl_timeleft_ms(struct Curl_easy *data,
       curlx_timediff_ms(*nowp, data->progress.t_startop);
     if(!timeleft_ms)
       timeleft_ms = -1; /* 0 is "no limit", fake 1 ms expiry */
-    if(!duringconnect)
-      return timeleft_ms; /* no connect check, this is it */
   }
 
-  if(duringconnect) {
-    timediff_t ctimeout_ms = (data->set.connecttimeout > 0) ?
-      data->set.connecttimeout : DEFAULT_CONNECT_TIMEOUT;
-    ctimeleft_ms = ctimeout_ms -
-                   curlx_timediff_ms(*nowp, data->progress.t_startsingle);
-    if(!ctimeleft_ms)
-      ctimeleft_ms = -1; /* 0 is "no limit", fake 1 ms expiry */
-    if(!timeleft_ms)
-      return ctimeleft_ms; /* no general timeout, this is it */
-  }
+  if(!duringconnect)
+    return timeleft_ms; /* no connect check, this is it */
+  ctimeout_ms = (data->set.connecttimeout > 0) ?
+    data->set.connecttimeout : DEFAULT_CONNECT_TIMEOUT;
+  ctimeleft_ms = ctimeout_ms -
+    curlx_timediff_ms(*nowp, data->progress.t_startsingle);
+  if(!ctimeleft_ms)
+    ctimeleft_ms = -1; /* 0 is "no limit", fake 1 ms expiry */
+  if(!timeleft_ms)
+    return ctimeleft_ms; /* no general timeout, this is it */
+
   /* return minimal time left or max amount already expired */
   return (ctimeleft_ms < timeleft_ms) ? ctimeleft_ms : timeleft_ms;
 }

From 0abb72210ee07cb2630d8393a1d2e7b53c255732 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Fri, 14 Nov 2025 12:45:58 +0100
Subject: [PATCH 0849/2408] getinfo: improve perf in debug mode

Save some cpu cycles in debug mode for getinfo. Look up env vars for
overwriting variables only when variables are actually requested.

Closes #19525
---
 lib/getinfo.c | 115 ++++++++++++++++++++++++++------------------------
 1 file changed, 59 insertions(+), 56 deletions(-)

diff --git a/lib/getinfo.c b/lib/getinfo.c
index f57a454d5d..6a16258b13 100644
--- a/lib/getinfo.c
+++ b/lib/getinfo.c
@@ -204,31 +204,31 @@ static CURLcode getinfo_long(struct Curl_easy *data, CURLINFO info,
   } lptr;
 
 #ifdef DEBUGBUILD
-  const char *timestr = getenv("CURL_TIME");
-  if(timestr) {
-    curl_off_t val;
-    curlx_str_number(×tr, &val, TIME_T_MAX);
-    switch(info) {
-    case CURLINFO_LOCAL_PORT:
-      *param_longp = (long)val;
-      return CURLE_OK;
-    default:
-      break;
-    }
-  }
+  const char *envstr;
+
   /* use another variable for this to allow different values */
-  timestr = getenv("CURL_DEBUG_SIZE");
-  if(timestr) {
-    curl_off_t val;
-    curlx_str_number(×tr, &val, LONG_MAX);
-    switch(info) {
-    case CURLINFO_HEADER_SIZE:
-    case CURLINFO_REQUEST_SIZE:
+  switch(info) {
+  case CURLINFO_LOCAL_PORT:
+    envstr = getenv("CURL_TIME");
+    if(envstr) {
+      curl_off_t val;
+      curlx_str_number(&envstr, &val, TIME_T_MAX);
       *param_longp = (long)val;
       return CURLE_OK;
-    default:
-      break;
     }
+    break;
+  case CURLINFO_HEADER_SIZE:
+  case CURLINFO_REQUEST_SIZE:
+    envstr = getenv("CURL_DEBUG_SIZE");
+    if(envstr) {
+      curl_off_t val;
+      curlx_str_number(&envstr, &val, LONG_MAX);
+      *param_longp = (long)val;
+      return CURLE_OK;
+    }
+    break;
+  default:
+    break;
   }
 #endif
 
@@ -381,28 +381,29 @@ static CURLcode getinfo_offt(struct Curl_easy *data, CURLINFO info,
                              curl_off_t *param_offt)
 {
 #ifdef DEBUGBUILD
-  const char *timestr = getenv("CURL_TIME");
-  if(timestr) {
-    curl_off_t val;
-    curlx_str_number(×tr, &val, CURL_OFF_T_MAX);
-
-    switch(info) {
-    case CURLINFO_TOTAL_TIME_T:
-    case CURLINFO_NAMELOOKUP_TIME_T:
-    case CURLINFO_CONNECT_TIME_T:
-    case CURLINFO_APPCONNECT_TIME_T:
-    case CURLINFO_PRETRANSFER_TIME_T:
-    case CURLINFO_POSTTRANSFER_TIME_T:
-    case CURLINFO_QUEUE_TIME_T:
-    case CURLINFO_STARTTRANSFER_TIME_T:
-    case CURLINFO_REDIRECT_TIME_T:
-    case CURLINFO_SPEED_DOWNLOAD_T:
-    case CURLINFO_SPEED_UPLOAD_T:
+  const char *envstr;
+  switch(info) {
+  case CURLINFO_TOTAL_TIME_T:
+  case CURLINFO_NAMELOOKUP_TIME_T:
+  case CURLINFO_CONNECT_TIME_T:
+  case CURLINFO_APPCONNECT_TIME_T:
+  case CURLINFO_PRETRANSFER_TIME_T:
+  case CURLINFO_POSTTRANSFER_TIME_T:
+  case CURLINFO_QUEUE_TIME_T:
+  case CURLINFO_STARTTRANSFER_TIME_T:
+  case CURLINFO_REDIRECT_TIME_T:
+  case CURLINFO_SPEED_DOWNLOAD_T:
+  case CURLINFO_SPEED_UPLOAD_T:
+    envstr = getenv("CURL_TIME");
+    if(envstr) {
+      curl_off_t val;
+      curlx_str_number(&envstr, &val, CURL_OFF_T_MAX);
       *param_offt = (curl_off_t)val;
       return CURLE_OK;
-    default:
-      break;
     }
+    break;
+  default:
+    break;
   }
 #endif
   switch(info) {
@@ -480,26 +481,28 @@ static CURLcode getinfo_double(struct Curl_easy *data, CURLINFO info,
                                double *param_doublep)
 {
 #ifdef DEBUGBUILD
-  const char *timestr = getenv("CURL_TIME");
-  if(timestr) {
-    curl_off_t val;
-    curlx_str_number(×tr, &val, CURL_OFF_T_MAX);
+  const char *envstr;
 
-    switch(info) {
-    case CURLINFO_TOTAL_TIME:
-    case CURLINFO_NAMELOOKUP_TIME:
-    case CURLINFO_CONNECT_TIME:
-    case CURLINFO_APPCONNECT_TIME:
-    case CURLINFO_PRETRANSFER_TIME:
-    case CURLINFO_STARTTRANSFER_TIME:
-    case CURLINFO_REDIRECT_TIME:
-    case CURLINFO_SPEED_DOWNLOAD:
-    case CURLINFO_SPEED_UPLOAD:
+  switch(info) {
+  case CURLINFO_TOTAL_TIME:
+  case CURLINFO_NAMELOOKUP_TIME:
+  case CURLINFO_CONNECT_TIME:
+  case CURLINFO_APPCONNECT_TIME:
+  case CURLINFO_PRETRANSFER_TIME:
+  case CURLINFO_STARTTRANSFER_TIME:
+  case CURLINFO_REDIRECT_TIME:
+  case CURLINFO_SPEED_DOWNLOAD:
+  case CURLINFO_SPEED_UPLOAD:
+    envstr = getenv("CURL_TIME");
+    if(envstr) {
+      curl_off_t val;
+      curlx_str_number(&envstr, &val, CURL_OFF_T_MAX);
       *param_doublep = (double)val;
       return CURLE_OK;
-    default:
-      break;
     }
+    break;
+  default:
+    break;
   }
 #endif
   switch(info) {

From 9f979ea683253b5c2517dc822c060734bfec287a Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Fri, 14 Nov 2025 15:25:04 +0100
Subject: [PATCH 0850/2408] vtls: pinned key check

Cleanup the vtls pinned key matching somewhat. Add a DEBUGF
for pinned key hashes that do not match, so we can see in
traces what was going on.

Ref #19489
Closes #19529
---
 lib/vtls/vtls.c | 58 ++++++++++++++++++++-----------------------------
 1 file changed, 23 insertions(+), 35 deletions(-)

diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
index 3858cad983..918a4686fc 100644
--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
@@ -772,8 +772,9 @@ CURLcode Curl_pin_peer_pubkey(struct Curl_easy *data,
   /* only do this if pinnedpubkey starts with "sha256//", length 8 */
   if(!strncmp(pinnedpubkey, "sha256//", 8)) {
     CURLcode encode;
-    size_t encodedlen = 0;
-    char *encoded = NULL, *pinkeycopy, *begin_pos, *end_pos;
+    char *cert_hash = NULL;
+    const char *pinned_hash, *end_pos;
+    size_t cert_hash_len = 0, pinned_hash_len;
     unsigned char *sha256sumdigest;
 
     if(!Curl_ssl->sha256sum) {
@@ -790,50 +791,37 @@ CURLcode Curl_pin_peer_pubkey(struct Curl_easy *data,
 
     if(!encode)
       encode = curlx_base64_encode((char *)sha256sumdigest,
-                                   CURL_SHA256_DIGEST_LENGTH, &encoded,
-                                   &encodedlen);
+                                   CURL_SHA256_DIGEST_LENGTH,
+                                   &cert_hash, &cert_hash_len);
     Curl_safefree(sha256sumdigest);
 
     if(encode)
       return encode;
 
-    infof(data, " public key hash: sha256//%s", encoded);
+    infof(data, " public key hash: sha256//%s", cert_hash);
 
-    /* it starts with sha256//, copy so we can modify it */
-    pinkeycopy = strdup(pinnedpubkey);
-    if(!pinkeycopy) {
-      Curl_safefree(encoded);
-      return CURLE_OUT_OF_MEMORY;
-    }
-    /* point begin_pos to the copy, and start extracting keys */
-    begin_pos = pinkeycopy;
-    do {
-      end_pos = strstr(begin_pos, ";sha256//");
-      /*
-       * if there is an end_pos, null-terminate, otherwise it will go to the
-       * end of the original string
-       */
-      if(end_pos)
-        end_pos[0] = '\0';
+    pinned_hash = pinnedpubkey;
+    while(pinned_hash &&
+          !strncmp(pinned_hash, "sha256//", (sizeof("sha256//")-1))) {
+      pinned_hash = pinned_hash + (sizeof("sha256//")-1);
+      end_pos = strchr(pinned_hash, ';');
+      pinned_hash_len = end_pos ?
+                        (size_t)(end_pos - pinned_hash) : strlen(pinned_hash);
 
-      /* compare base64 sha256 digests, 8 is the length of "sha256//" */
-      if(encodedlen == strlen(begin_pos + 8) &&
-         !memcmp(encoded, begin_pos + 8, encodedlen)) {
+      /* compare base64 sha256 digests" */
+      if(cert_hash_len == pinned_hash_len &&
+         !memcmp(cert_hash, pinned_hash, cert_hash_len)) {
+        DEBUGF(infof(data, "public key hash matches pinned value"));
         result = CURLE_OK;
         break;
       }
 
-      /*
-       * change back the null-terminator we changed earlier,
-       * and look for next begin
-       */
-      if(end_pos) {
-        end_pos[0] = ';';
-        begin_pos = strstr(end_pos, "sha256//");
-      }
-    } while(end_pos && begin_pos);
-    Curl_safefree(encoded);
-    Curl_safefree(pinkeycopy);
+      DEBUGF(infof(data, "public key hash does not match 'sha256//%.*s'",
+                   (int)pinned_hash_len, pinned_hash));
+      /* next one or we are at the end */
+      pinned_hash = end_pos ? (end_pos + 1) : NULL;
+    }
+    Curl_safefree(cert_hash);
   }
   else {
     long filesize;

From dc34498d18d3303d67364423b4aa0daab4afb3ba Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Fri, 14 Nov 2025 14:18:12 +0100
Subject: [PATCH 0851/2408] cf-socket: trace ignored errors

Instead of blasting the user with infof() statements.

Reported-by: Aleksandr Sergeev
Fixes #19520
Closes #19527
---
 lib/cf-socket.c | 95 ++++++++++++++++++++++++++-----------------------
 1 file changed, 51 insertions(+), 44 deletions(-)

diff --git a/lib/cf-socket.c b/lib/cf-socket.c
index d4244fc2ad..555bb77903 100644
--- a/lib/cf-socket.c
+++ b/lib/cf-socket.c
@@ -103,7 +103,9 @@ static void set_ipv6_v6only(curl_socket_t sockfd, int on)
 #define set_ipv6_v6only(x,y)
 #endif
 
-static void tcpnodelay(struct Curl_easy *data, curl_socket_t sockfd)
+static void tcpnodelay(struct Curl_cfilter *cf,
+                       struct Curl_easy *data,
+                       curl_socket_t sockfd)
 {
 #if defined(TCP_NODELAY) && defined(CURL_TCP_NODELAY_SUPPORTED)
   curl_socklen_t onoff = (curl_socklen_t) 1;
@@ -112,9 +114,10 @@ static void tcpnodelay(struct Curl_easy *data, curl_socket_t sockfd)
 
   if(setsockopt(sockfd, level, TCP_NODELAY,
                 (void *)&onoff, sizeof(onoff)) < 0)
-    infof(data, "Could not set TCP_NODELAY: %s",
-          curlx_strerror(SOCKERRNO, buffer, sizeof(buffer)));
+    CURL_TRC_CF(data, cf, "Could not set TCP_NODELAY: %s",
+                curlx_strerror(SOCKERRNO, buffer, sizeof(buffer)));
 #else
+  (void)cf;
   (void)data;
   (void)sockfd;
 #endif
@@ -125,22 +128,25 @@ static void tcpnodelay(struct Curl_easy *data, curl_socket_t sockfd)
    sending data to a dead peer (instead of relying on the 4th argument to send
    being MSG_NOSIGNAL). Possibly also existing and in use on other BSD
    systems? */
-static void nosigpipe(struct Curl_easy *data,
+static void nosigpipe(struct Curl_cfilter *cf,
+                      struct Curl_easy *data,
                       curl_socket_t sockfd)
 {
   int onoff = 1;
-  (void)data;
   if(setsockopt(sockfd, SOL_SOCKET, SO_NOSIGPIPE,
                 (void *)&onoff, sizeof(onoff)) < 0) {
 #ifndef CURL_DISABLE_VERBOSE_STRINGS
     char buffer[STRERROR_LEN];
-    infof(data, "Could not set SO_NOSIGPIPE: %s",
-          curlx_strerror(SOCKERRNO, buffer, sizeof(buffer)));
+    CURL_TRC_CF(data, cf, "Could not set SO_NOSIGPIPE: %s",
+                curlx_strerror(SOCKERRNO, buffer, sizeof(buffer)));
+#else
+    (void)cf;
+    (void)data;
 #endif
   }
 }
 #else
-#define nosigpipe(x,y) Curl_nop_stmt
+#define nosigpipe(x,y,z) Curl_nop_stmt
 #endif
 
 #if defined(USE_WINSOCK) && \
@@ -172,7 +178,8 @@ struct tcp_keepalive {
 #endif
 
 static void
-tcpkeepalive(struct Curl_easy *data,
+tcpkeepalive(struct Curl_cfilter *cf,
+             struct Curl_easy *data,
              curl_socket_t sockfd)
 {
   int optval = data->set.tcp_keepalive ? 1 : 0;
@@ -180,9 +187,9 @@ tcpkeepalive(struct Curl_easy *data,
   /* only set IDLE and INTVL if setting KEEPALIVE is successful */
   if(setsockopt(sockfd, SOL_SOCKET, SO_KEEPALIVE,
                 (void *)&optval, sizeof(optval)) < 0) {
-    infof(data, "Failed to set SO_KEEPALIVE on fd "
-          "%" FMT_SOCKET_T ": errno %d",
-          sockfd, SOCKERRNO);
+    CURL_TRC_CF(data, cf, "Failed to set SO_KEEPALIVE on fd "
+                "%" FMT_SOCKET_T ": errno %d",
+                sockfd, SOCKERRNO);
   }
   else {
 #ifdef SIO_KEEPALIVE_VALS /* Windows */
@@ -192,24 +199,24 @@ tcpkeepalive(struct Curl_easy *data,
     KEEPALIVE_FACTOR(optval);
     if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPIDLE,
                 (const char *)&optval, sizeof(optval)) < 0) {
-      infof(data, "Failed to set TCP_KEEPIDLE on fd "
-            "%" FMT_SOCKET_T ": errno %d",
-            sockfd, SOCKERRNO);
+      CURL_TRC_CF(data, cf, "Failed to set TCP_KEEPIDLE on fd "
+                  "%" FMT_SOCKET_T ": errno %d",
+                  sockfd, SOCKERRNO);
     }
     optval = curlx_sltosi(data->set.tcp_keepintvl);
     KEEPALIVE_FACTOR(optval);
     if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPINTVL,
                 (const char *)&optval, sizeof(optval)) < 0) {
-      infof(data, "Failed to set TCP_KEEPINTVL on fd "
-            "%" FMT_SOCKET_T ": errno %d",
-            sockfd, SOCKERRNO);
+      CURL_TRC_CF(data, cf, "Failed to set TCP_KEEPINTVL on fd "
+                  "%" FMT_SOCKET_T ": errno %d",
+                  sockfd, SOCKERRNO);
     }
     optval = curlx_sltosi(data->set.tcp_keepcnt);
     if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPCNT,
                 (const char *)&optval, sizeof(optval)) < 0) {
-      infof(data, "Failed to set TCP_KEEPCNT on fd "
-            "%" FMT_SOCKET_T ": errno %d",
-            sockfd, SOCKERRNO);
+      CURL_TRC_CF(data, cf, "Failed to set TCP_KEEPCNT on fd "
+                  "%" FMT_SOCKET_T ": errno %d",
+                  sockfd, SOCKERRNO);
     }
 #else /* Windows < 10.0.16299 */
     struct tcp_keepalive vals;
@@ -223,8 +230,8 @@ tcpkeepalive(struct Curl_easy *data,
     vals.keepaliveinterval = (u_long)optval;
     if(WSAIoctl(sockfd, SIO_KEEPALIVE_VALS, (LPVOID) &vals, sizeof(vals),
                 NULL, 0, &dummy, NULL, NULL) != 0) {
-      infof(data, "Failed to set SIO_KEEPALIVE_VALS on fd "
-            "%" FMT_SOCKET_T ": errno %d", sockfd, SOCKERRNO);
+      CURL_TRC_CF(data, cf, "Failed to set SIO_KEEPALIVE_VALS on fd "
+                  "%" FMT_SOCKET_T ": errno %d", sockfd, SOCKERRNO);
     }
 #endif
 #else /* !Windows */
@@ -233,9 +240,9 @@ tcpkeepalive(struct Curl_easy *data,
     KEEPALIVE_FACTOR(optval);
     if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPIDLE,
                   (void *)&optval, sizeof(optval)) < 0) {
-      infof(data, "Failed to set TCP_KEEPIDLE on fd "
-            "%" FMT_SOCKET_T ": errno %d",
-            sockfd, SOCKERRNO);
+      CURL_TRC_CF(data, cf, "Failed to set TCP_KEEPIDLE on fd "
+                  "%" FMT_SOCKET_T ": errno %d",
+                  sockfd, SOCKERRNO);
     }
 #elif defined(TCP_KEEPALIVE)
     /* macOS style */
@@ -243,9 +250,9 @@ tcpkeepalive(struct Curl_easy *data,
     KEEPALIVE_FACTOR(optval);
     if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPALIVE,
                   (void *)&optval, sizeof(optval)) < 0) {
-      infof(data, "Failed to set TCP_KEEPALIVE on fd "
-            "%" FMT_SOCKET_T ": errno %d",
-            sockfd, SOCKERRNO);
+      CURL_TRC_CF(data, cf, "Failed to set TCP_KEEPALIVE on fd "
+                  "%" FMT_SOCKET_T ": errno %d",
+                  sockfd, SOCKERRNO);
     }
 #elif defined(TCP_KEEPALIVE_THRESHOLD)
     /* Solaris <11.4 style */
@@ -253,9 +260,9 @@ tcpkeepalive(struct Curl_easy *data,
     KEEPALIVE_FACTOR(optval);
     if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPALIVE_THRESHOLD,
                   (void *)&optval, sizeof(optval)) < 0) {
-      infof(data, "Failed to set TCP_KEEPALIVE_THRESHOLD on fd "
-            "%" FMT_SOCKET_T ": errno %d",
-            sockfd, SOCKERRNO);
+      CURL_TRC_CF(data, cf, "Failed to set TCP_KEEPALIVE_THRESHOLD on fd "
+                  "%" FMT_SOCKET_T ": errno %d",
+                  sockfd, SOCKERRNO);
     }
 #endif
 #ifdef TCP_KEEPINTVL
@@ -263,9 +270,9 @@ tcpkeepalive(struct Curl_easy *data,
     KEEPALIVE_FACTOR(optval);
     if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPINTVL,
                   (void *)&optval, sizeof(optval)) < 0) {
-      infof(data, "Failed to set TCP_KEEPINTVL on fd "
-            "%" FMT_SOCKET_T ": errno %d",
-            sockfd, SOCKERRNO);
+      CURL_TRC_CF(data, cf, "Failed to set TCP_KEEPINTVL on fd "
+                  "%" FMT_SOCKET_T ": errno %d",
+                  sockfd, SOCKERRNO);
     }
 #elif defined(TCP_KEEPALIVE_ABORT_THRESHOLD)
     /* Solaris <11.4 style */
@@ -284,16 +291,16 @@ tcpkeepalive(struct Curl_easy *data,
     KEEPALIVE_FACTOR(optval);
     if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPALIVE_ABORT_THRESHOLD,
                   (void *)&optval, sizeof(optval)) < 0) {
-      infof(data, "Failed to set TCP_KEEPALIVE_ABORT_THRESHOLD on fd "
-            "%" FMT_SOCKET_T ": errno %d", sockfd, SOCKERRNO);
+      CURL_TRC_CF(data, cf, "Failed to set TCP_KEEPALIVE_ABORT_THRESHOLD"
+                  " on fd %" FMT_SOCKET_T ": errno %d", sockfd, SOCKERRNO);
     }
 #endif
 #ifdef TCP_KEEPCNT
     optval = curlx_sltosi(data->set.tcp_keepcnt);
     if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPCNT,
                   (void *)&optval, sizeof(optval)) < 0) {
-      infof(data, "Failed to set TCP_KEEPCNT on fd "
-            "%" FMT_SOCKET_T ": errno %d", sockfd, SOCKERRNO);
+      CURL_TRC_CF(data, cf, "Failed to set TCP_KEEPCNT on fd "
+                  "%" FMT_SOCKET_T ": errno %d", sockfd, SOCKERRNO);
     }
 #endif
 #endif
@@ -1150,14 +1157,14 @@ static CURLcode cf_socket_open(struct Curl_cfilter *cf,
            ctx->addr.socktype == SOCK_STREAM;
 #endif
   if(is_tcp && data->set.tcp_nodelay)
-    tcpnodelay(data, ctx->sock);
+    tcpnodelay(cf, data, ctx->sock);
 
-  nosigpipe(data, ctx->sock);
+  nosigpipe(cf, data, ctx->sock);
 
   Curl_sndbuf_init(ctx->sock);
 
   if(is_tcp && data->set.tcp_keepalive)
-    tcpkeepalive(data, ctx->sock);
+    tcpkeepalive(cf, data, ctx->sock);
 
   if(data->set.fsockopt) {
     /* activate callback for setting socket options */
@@ -1271,8 +1278,8 @@ static int do_connect(struct Curl_cfilter *cf, struct Curl_easy *data,
 #elif defined(TCP_FASTOPEN_CONNECT) /* Linux >= 4.11 */
     if(setsockopt(ctx->sock, IPPROTO_TCP, TCP_FASTOPEN_CONNECT,
                   (void *)&optval, sizeof(optval)) < 0)
-      infof(data, "Failed to enable TCP Fast Open on fd %" FMT_SOCKET_T,
-            ctx->sock);
+      CURL_TRC_CF(data, cf, "Failed to enable TCP Fast Open on fd %"
+                  FMT_SOCKET_T, ctx->sock);
 
     rc = connect(ctx->sock, &ctx->addr.curl_sa_addr, ctx->addr.addrlen);
 #elif defined(MSG_FASTOPEN) /* old Linux */

From 3d91ca8cdb3b434226e743946d428b4dd3acf2c9 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Fri, 14 Nov 2025 16:42:23 +0100
Subject: [PATCH 0852/2408] vquic-tls/gnutls: call Curl_gtls_verifyserver
 unconditionally

Closes #19531
---
 lib/vquic/vquic-tls.c | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/lib/vquic/vquic-tls.c b/lib/vquic/vquic-tls.c
index f4ef06c33b..46bb4c7d4c 100644
--- a/lib/vquic/vquic-tls.c
+++ b/lib/vquic/vquic-tls.c
@@ -168,13 +168,11 @@ CURLcode Curl_vquic_tls_verify_peer(struct curl_tls_ctx *ctx,
   (void)conn_config;
   result = Curl_ossl_check_peer_cert(cf, data, &ctx->ossl, peer);
 #elif defined(USE_GNUTLS)
-  if(conn_config->verifyhost) {
-    result = Curl_gtls_verifyserver(cf, data, ctx->gtls.session,
-                                    conn_config, &data->set.ssl, peer,
-                                    data->set.str[STRING_SSL_PINNEDPUBLICKEY]);
-    if(result)
-      return result;
-  }
+  result = Curl_gtls_verifyserver(cf, data, ctx->gtls.session,
+                                  conn_config, &data->set.ssl, peer,
+                                  data->set.str[STRING_SSL_PINNEDPUBLICKEY]);
+  if(result)
+    return result;
 #elif defined(USE_WOLFSSL)
   (void)data;
   if(conn_config->verifyhost) {

From f37c956d0f6a05081bc6d05d9f5fe7fe9843ef98 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Fri, 14 Nov 2025 16:26:14 +0100
Subject: [PATCH 0853/2408] test07_22: fix flakiness

The HTTP/3 tests did send 20 transfers against nghttpx with a backend
that failed the uploads with a 400 and an incomplete response body. This
causes stream resets.

Apache keeps the connection open, but newer nghttpx closes the front
connection after "too many" reset. When that bites, it depends on the
number of transfers ongoing how the test case fails. This led to flaky
outcomes.

Reduce the transfers to just a single one and check the result of
that one. Parallelism is not important here.

refs #19489
Closes #19530
---
 tests/http/test_07_upload.py | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/tests/http/test_07_upload.py b/tests/http/test_07_upload.py
index ad2db48a8c..93d1fb26bf 100644
--- a/tests/http/test_07_upload.py
+++ b/tests/http/test_07_upload.py
@@ -263,15 +263,18 @@ class TestUpload:
         r.check_response(count=count, http_status=200)
         self.check_download(r, count, fdata, curl)
 
-    # upload large data parallel to a URL that denies uploads
+    # upload single large data to a URL that fails uploads, causing RESETs
+    # (We used to do this for 20 parallel transfers, but the triggered
+    #  stream resets make nghttpx drop the connection after several, which
+    #  then gives a non-deterministic number of completely failed transfers)
     @pytest.mark.parametrize("proto", ['h2', 'h3'])
-    def test_07_22_upload_parallel_fail(self, env: Env, httpd, nghttpx, proto):
+    def test_07_22_upload_fail(self, env: Env, httpd, nghttpx, proto):
         if proto == 'h2' and not env.have_h2_curl():
             pytest.skip("h2 not supported")
         if proto == 'h3' and not env.have_h3():
             pytest.skip("h3 not supported")
         fdata = os.path.join(env.gen_dir, 'data-10m')
-        count = 20
+        count = 1
         curl = CurlClient(env=env)
         url = f'https://{env.authority_for(env.domain1, proto)}'\
             f'/curltest/tweak?status=400&delay=5ms&chunks=1&body_error=reset&id=[0-{count-1}]'

From 57b4fe1817b150d822ea1faeb144854b4de02fed Mon Sep 17 00:00:00 2001
From: nait-furry 
Date: Wed, 12 Nov 2025 01:51:37 +0300
Subject: [PATCH 0854/2408] limit-rate: add example using --limit-rate and
 --max-time together

Closes #19473
---
 docs/cmdline-opts/limit-rate.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/docs/cmdline-opts/limit-rate.md b/docs/cmdline-opts/limit-rate.md
index c5e276e1b5..f58fd1fcd8 100644
--- a/docs/cmdline-opts/limit-rate.md
+++ b/docs/cmdline-opts/limit-rate.md
@@ -15,6 +15,7 @@ Example:
   - --limit-rate 100K $URL
   - --limit-rate 1000 $URL
   - --limit-rate 10M $URL
+  - --limit-rate 200K --max-time 60 $URL
 ---
 
 # `--limit-rate`

From f3095f0dbd7e842d4a72c0300ba4817a755c74f5 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Fri, 14 Nov 2025 15:39:40 +0100
Subject: [PATCH 0855/2408] GHA/checksrc: check XML files for errors

Closes #19528
---
 .github/workflows/checksrc.yml | 20 ++++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/checksrc.yml b/.github/workflows/checksrc.yml
index 7aa8faf6a2..94407ff677 100644
--- a/.github/workflows/checksrc.yml
+++ b/.github/workflows/checksrc.yml
@@ -103,10 +103,6 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 3
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
-        with:
-          persist-credentials: false
-
       - name: 'install pmccabe'
         run: |
           sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list
@@ -115,9 +111,25 @@ jobs:
           sudo apt-get -o Dpkg::Use-Pty=0 install \
             pmccabe
 
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        with:
+          persist-credentials: false
+
       - name: 'check scores'
         run: ./scripts/top-complexity
 
+  xmllint:
+    name: 'xmllint'
+    runs-on: macos-latest
+    timeout-minutes: 1
+    steps:
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        with:
+          persist-credentials: false
+
+      - name: 'check'
+        run: git grep -z -i -l -E '^<\?xml' | xargs -0 -r xmllint >/dev/null
+
   miscchecks:
     name: 'misc checks'
     runs-on: ubuntu-latest

From af4c789e0084f5076fd1f370363b054a842e79f5 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Fri, 14 Nov 2025 16:58:05 +0100
Subject: [PATCH 0856/2408] badwords: fix two exceptions and drop them

Also:
- extend `dir` rule to exclude C assignments.

Closes #19532
---
 .github/scripts/badwords.txt   |  2 +-
 .github/workflows/checksrc.yml |  2 +-
 lib/ftp.h                      |  6 +++---
 lib/http_aws_sigv4.c           |  4 ++--
 lib/urldata.h                  |  2 +-
 lib/vssh/libssh.c              | 12 ++++++------
 lib/vssh/libssh2.c             | 12 ++++++------
 lib/vssh/ssh.h                 |  4 ++--
 src/tool_cfgable.h             |  2 +-
 src/tool_ipfs.c                |  2 +-
 src/tool_operate.c             |  2 +-
 src/tool_operhlp.c             |  2 +-
 src/tool_writeout.h            |  2 +-
 13 files changed, 27 insertions(+), 27 deletions(-)

diff --git a/.github/scripts/badwords.txt b/.github/scripts/badwords.txt
index 7f6bca32b6..705c54fbac 100644
--- a/.github/scripts/badwords.txt
+++ b/.github/scripts/badwords.txt
@@ -45,7 +45,7 @@ there's:there is
 ^(And|So|But) = Rewrite it somehow?
 \. But: Rewrite it somehow?
 \. So : Rewrite without "so" ?
- dir :directory
+ dir [^=]:directory
 sub-director:subdirector
 you'd:you would
 you'll:you will
diff --git a/.github/workflows/checksrc.yml b/.github/workflows/checksrc.yml
index 94407ff677..663811ef93 100644
--- a/.github/workflows/checksrc.yml
+++ b/.github/workflows/checksrc.yml
@@ -176,4 +176,4 @@ jobs:
 
       # we allow some extra in source code
       - name: 'badwords'
-        run: grep -Ev '(\\bwill| url | dir )' .github/scripts/badwords.txt | .github/scripts/badwords.pl src lib include
+        run: grep -Ev '(\\bwill)' .github/scripts/badwords.txt | .github/scripts/badwords.pl src lib include
diff --git a/lib/ftp.h b/lib/ftp.h
index 8d5f9c2031..f4ddb1a37c 100644
--- a/lib/ftp.h
+++ b/lib/ftp.h
@@ -61,11 +61,11 @@ enum {
   FTP_STOR_PREQUOTE,
   FTP_LIST_PREQUOTE,
   FTP_POSTQUOTE,
-  FTP_CWD,  /* change dir */
-  FTP_MKD,  /* if the dir did not exist */
+  FTP_CWD,  /* change directory */
+  FTP_MKD,  /* if the directory did not exist */
   FTP_MDTM, /* to figure out the datestamp */
   FTP_TYPE, /* to set type when doing a head-like request */
-  FTP_LIST_TYPE, /* set type when about to do a dir list */
+  FTP_LIST_TYPE, /* set type when about to do a directory list */
   FTP_RETR_LIST_TYPE,
   FTP_RETR_TYPE, /* set type when about to RETR a file */
   FTP_STOR_TYPE, /* set type when about to STOR a file */
diff --git a/lib/http_aws_sigv4.c b/lib/http_aws_sigv4.c
index b5601f45a2..d3d4760be7 100644
--- a/lib/http_aws_sigv4.c
+++ b/lib/http_aws_sigv4.c
@@ -1141,10 +1141,10 @@ static CURLcode http_aws_decode_encode(const char *in, size_t in_len,
 static bool should_urlencode(struct Curl_str *service_name)
 {
   /*
-   * These services require unmodified (not additionally url encoded) URL
+   * These services require unmodified (not additionally URL-encoded) URL
    * paths.
    * should_urlencode == true is equivalent to should_urlencode_uri_path
-   * from the AWS SDK. Urls are already normalized by the curl url parser
+   * from the AWS SDK. Urls are already normalized by the curl URL parser
    */
 
   if(curlx_str_cmp(service_name, "s3") ||
diff --git a/lib/urldata.h b/lib/urldata.h
index f92bfcb3b2..4b112e7072 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -238,7 +238,7 @@ struct ssl_backend_data;
 struct Curl_ssl_scache_entry;
 
 struct ssl_primary_config {
-  char *CApath;          /* certificate dir (does not work on Windows) */
+  char *CApath;          /* certificate directory (does not work on Windows) */
   char *CAfile;          /* certificate to verify peer against */
   char *issuercert;      /* optional issuer certificate filename */
   char *clientcert;
diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c
index 07036f900a..74a1da5a3e 100644
--- a/lib/vssh/libssh.c
+++ b/lib/vssh/libssh.c
@@ -1677,7 +1677,7 @@ static int myssh_in_SFTP_QUOTE(struct Curl_easy *data,
   else if(!strncmp(cmd, "mkdir ", 6)) {
     if(*cp)
       return return_quote_error(data, sshc);
-    /* create dir */
+    /* create directory */
     myssh_to(data, sshc, SSH_SFTP_QUOTE_MKDIR);
     return SSH_NO_ERROR;
   }
@@ -1703,7 +1703,7 @@ static int myssh_in_SFTP_QUOTE(struct Curl_easy *data,
     return SSH_NO_ERROR;
   }
   else if(!strncmp(cmd, "rmdir ", 6)) {
-    /* delete dir */
+    /* delete directory */
     if(*cp)
       return return_quote_error(data, sshc);
     myssh_to(data, sshc, SSH_SFTP_QUOTE_RMDIR);
@@ -2157,9 +2157,9 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data,
       ++sshc->slash_pos;
       if(rc < 0) {
         /*
-         * Abort if failure was not that the dir already exists or the
-         * permission was denied (creation might succeed further down the
-         * path) - retry on unspecific FAILURE also
+         * Abort if failure was not that the directory already exists or
+         * the permission was denied (creation might succeed further down
+         * the path) - retry on unspecific FAILURE also
          */
         err = sftp_get_error(sshc->sftp_session);
         if((err != SSH_FX_FILE_ALREADY_EXISTS) &&
@@ -2744,7 +2744,7 @@ static CURLcode myssh_do_it(struct Curl_easy *data, bool *done)
   data->req.size = -1;          /* make sure this is unknown at this point */
 
   sshc->actualcode = CURLE_OK;  /* reset error code */
-  sshc->secondCreateDirs = 0;   /* reset the create dir attempt state
+  sshc->secondCreateDirs = 0;   /* reset the create directory attempt state
                                    variable */
 
   Curl_pgrsSetUploadCounter(data, 0);
diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c
index b414dfcf2d..49044669fc 100644
--- a/lib/vssh/libssh2.c
+++ b/lib/vssh/libssh2.c
@@ -957,7 +957,7 @@ static CURLcode sftp_quote(struct Curl_easy *data,
   else if(!strncmp(cmd, "mkdir ", 6)) {
     if(*cp)
       return_quote_error(data, sshc);
-    /* create dir */
+    /* create directory */
     myssh_state(data, sshc, SSH_SFTP_QUOTE_MKDIR);
     return result;
   }
@@ -980,7 +980,7 @@ static CURLcode sftp_quote(struct Curl_easy *data,
   else if(!strncmp(cmd, "rmdir ", 6)) {
     if(*cp)
       return_quote_error(data, sshc);
-    /* delete dir */
+    /* delete directory */
     myssh_state(data, sshc, SSH_SFTP_QUOTE_RMDIR);
     return result;
   }
@@ -2275,9 +2275,9 @@ static CURLcode ssh_state_sftp_create_dirs_mkdir(struct Curl_easy *data,
   ++sshc->slash_pos;
   if(rc < 0) {
     /*
-     * Abort if failure was not that the dir already exists or the
-     * permission was denied (creation might succeed further down the
-     * path) - retry on unspecific FAILURE also
+     * Abort if failure was not that the directory already exists or
+     * the permission was denied (creation might succeed further down
+     * the path) - retry on unspecific FAILURE also
      */
     unsigned long sftperr = libssh2_sftp_last_error(sshc->sftp_session);
     if((sftperr != LIBSSH2_FX_FILE_ALREADY_EXISTS) &&
@@ -3528,7 +3528,7 @@ static CURLcode ssh_do(struct Curl_easy *data, bool *done)
     return CURLE_FAILED_INIT;
 
   data->req.size = -1; /* make sure this is unknown at this point */
-  sshc->secondCreateDirs = 0;   /* reset the create dir attempt state
+  sshc->secondCreateDirs = 0;   /* reset the create directory attempt state
                                    variable */
 
   Curl_pgrsSetUploadCounter(data, 0);
diff --git a/lib/vssh/ssh.h b/lib/vssh/ssh.h
index 9d03b52f40..5317351478 100644
--- a/lib/vssh/ssh.h
+++ b/lib/vssh/ssh.h
@@ -149,8 +149,8 @@ struct ssh_conn {
   char *quote_path1;          /* two generic pointers for the QUOTE stuff */
   char *quote_path2;
 
-  char *homedir;              /* when doing SFTP we figure out home dir in the
-                                 connect phase */
+  char *homedir;              /* when doing SFTP we figure out home directory
+                                 in the connect phase */
   /* end of READDIR stuff */
 
   int secondCreateDirs;         /* counter use by the code to see if the
diff --git a/src/tool_cfgable.h b/src/tool_cfgable.h
index 630f23fd96..cac22483b7 100644
--- a/src/tool_cfgable.h
+++ b/src/tool_cfgable.h
@@ -248,7 +248,7 @@ struct OperationConfig {
   BIT(autoreferer);         /* automatically set referer */
   BIT(show_headers);        /* show headers to data output */
   BIT(no_body);             /* do not get the body */
-  BIT(dirlistonly);         /* only get the FTP dir list */
+  BIT(dirlistonly);         /* only get the FTP directory list */
   BIT(unrestricted_auth);   /* Continue to send authentication (user+password)
                                when following redirects, even when hostname
                                changed */
diff --git a/src/tool_ipfs.c b/src/tool_ipfs.c
index 89d12fc1c6..0214a2004f 100644
--- a/src/tool_ipfs.c
+++ b/src/tool_ipfs.c
@@ -176,7 +176,7 @@ CURLcode ipfs_url_rewrite(CURLU *uh, const char *protocol, char **url,
     goto clean;
   /* inputpath might be NULL or a valid pointer now */
 
-  /* set gateway parts in input url */
+  /* set gateway parts in input URL */
   if(curl_url_set(uh, CURLUPART_SCHEME, gwscheme, CURLU_URLENCODE) ||
      curl_url_set(uh, CURLUPART_HOST, gwhost, CURLU_URLENCODE) ||
      curl_url_set(uh, CURLUPART_PORT, gwport, CURLU_URLENCODE))
diff --git a/src/tool_operate.c b/src/tool_operate.c
index 9aee520f06..1317e73551 100644
--- a/src/tool_operate.c
+++ b/src/tool_operate.c
@@ -2123,7 +2123,7 @@ static CURLcode transfer_per_config(struct OperationConfig *config,
   CURLcode result;
   *added = FALSE;
 
-  /* Check we have a url */
+  /* Check we have a URL */
   if(!config->url_list || !config->url_list->url) {
     helpf("(%d) no URL specified", CURLE_FAILED_INIT);
     result = CURLE_FAILED_INIT;
diff --git a/src/tool_operhlp.c b/src/tool_operhlp.c
index a832390540..d25fccf46c 100644
--- a/src/tool_operhlp.c
+++ b/src/tool_operhlp.c
@@ -80,7 +80,7 @@ CURLcode urlerr_cvt(CURLUcode ucode)
 
 /*
  * Adds the filename to the URL if it does not already have one.
- * url will be freed before return if the returned pointer is different
+ * URL will be freed before return if the returned pointer is different
  */
 CURLcode add_file_name_to_url(CURL *curl, char **inurlp, const char *filename)
 {
diff --git a/src/tool_writeout.h b/src/tool_writeout.h
index eebfde03b2..70b3cd148b 100644
--- a/src/tool_writeout.h
+++ b/src/tool_writeout.h
@@ -56,7 +56,7 @@ typedef enum {
   VAR_INPUT_URLQUERY,
   VAR_INPUT_URLFRAGMENT,
   VAR_INPUT_URLZONEID,
-  /* the same ones again for url *effective* */
+  /* the same ones again for URL *effective* */
   VAR_INPUT_URLESCHEME, /* keep this the first URLE* variable */
   VAR_INPUT_URLEUSER,
   VAR_INPUT_URLEPASSWORD,

From 231e8a71e12a5f1c4b6db9e50ad8f7b9dec78ee4 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Fri, 14 Nov 2025 17:09:50 +0100
Subject: [PATCH 0857/2408] docs: fix checksrc warning, fix checkdocs CI filter

Also:
- GHA/checkdocs: fix CI filters to catch it early.
  Follow-up to 28dd14aafe2692a3e7dceb40340554c03c127cf1 #15797

Closes #19533
---
 .github/workflows/checkdocs.yml    | 2 ++
 docs/libcurl/curl_multi_perform.md | 3 +--
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/checkdocs.yml b/.github/workflows/checkdocs.yml
index dbdd556557..8caf9479fd 100644
--- a/.github/workflows/checkdocs.yml
+++ b/.github/workflows/checkdocs.yml
@@ -14,6 +14,7 @@ name: 'Docs'
       - '*/ci'
     paths:
       - '.github/workflows/checkdocs.yml'
+      - '.github/scripts/**'
       - '.github/scripts/mdlinkcheck'
       - '/scripts/**'
       - '**.md'
@@ -25,6 +26,7 @@ name: 'Docs'
       - '.github/workflows/checkdocs.yml'
       - '.github/scripts/**'
       - '.github/scripts/mdlinkcheck'
+      - '/scripts/**'
       - '**.md'
       - 'docs/*'
 
diff --git a/docs/libcurl/curl_multi_perform.md b/docs/libcurl/curl_multi_perform.md
index 9ca13c6793..6e5f0cd8cf 100644
--- a/docs/libcurl/curl_multi_perform.md
+++ b/docs/libcurl/curl_multi_perform.md
@@ -85,8 +85,7 @@ int main(void)
         break;
       }
 
-    /* if there are still transfers, loop */
-    } while(still_running);
+    } while(still_running);  /* if there are still transfers, loop */
   }
 }
 ~~~

From 7bb59a7dc7e17cee3a820099d586d31c5782fdd5 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Fri, 14 Nov 2025 17:57:03 +0100
Subject: [PATCH 0858/2408] badwords.pl: fix variable in printf mask

Causing warnings if a matched line has mask patterns.

Closes #19534
---
 .github/scripts/badwords.pl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/scripts/badwords.pl b/.github/scripts/badwords.pl
index c6229f4ad4..e119617d0a 100755
--- a/.github/scripts/badwords.pl
+++ b/.github/scripts/badwords.pl
@@ -94,7 +94,7 @@ sub file {
                 }
 
                 print STDERR  "$f:$l:$c: error: found bad word \"$w\"\n";
-                printf STDERR " %4d | $in\n", $l;
+                printf STDERR " %4d | %s\n", $l, $in;
                 printf STDERR "      | %*s^%s\n", length($p), " ",
                     "~" x (length($w)-1);
                 printf STDERR " maybe use \"%s\" instead?\n", $alt{$w};

From 8a968095df066410f23861597c3f8a3b04239bb5 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 4 Nov 2025 12:55:25 +0100
Subject: [PATCH 0859/2408] mk-ca-bundle.pl: default to SHA256 fingerprints
 with `-t` option

Replacing previous default: MD5.

You can use the existing `-s` option to override the default.

Also bump version to 1.30.

Closes #19359
---
 scripts/mk-ca-bundle.pl | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/scripts/mk-ca-bundle.pl b/scripts/mk-ca-bundle.pl
index af31ccd10e..d4b5418e0c 100755
--- a/scripts/mk-ca-bundle.pl
+++ b/scripts/mk-ca-bundle.pl
@@ -60,7 +60,7 @@ $opt_d = 'release';
 # If the OpenSSL commandline is not in search path you can configure it here!
 my $openssl = 'openssl';
 
-my $version = '1.29';
+my $version = '1.30';
 
 $opt_w = 76; # default base64 encoded lines length
 
@@ -100,7 +100,7 @@ my @valid_mozilla_trust_levels = (
                             # for delegates (i.e. it is not a CA).
 );
 
-my $default_signature_algorithms = $opt_s = "MD5";
+my $default_signature_algorithms = $opt_s = "SHA256";
 
 my @valid_signature_algorithms = (
     "MD5",

From 2dc71ba8bf70fa8d7e345cb0baeb4a4ea804994e Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Fri, 14 Nov 2025 17:55:33 +0100
Subject: [PATCH 0860/2408] badwords: check indented lines in source code, fix
 fallouts

- badwords.pl: add `-a` option to check all lines in source code files.
  Before this patch indented lines were skipped (to avoid Markdown code
  fences.)
- GHA/checksrc: use `-a` when verifying the source code.
- GHA/checksrc: disable `So` and `But` rules for source code.
- GHA/checksrc: add docs/examples to the verified sources.
- badwords.txt: delete 4 duplicates.
- badwords.txt: group and sort contractions.
- badwords.txt: allow ` url = `, `DIR`, `= 0x20) && (ptr[i + c] < 0x80) ? ptr[i + c] : '.');
-      /* check again for 0D0A, to avoid an extra \n if it's at width */
+      /* check again for 0D0A, to avoid an extra \n if it is at width */
       if(nohex && (i + c + 2 < size) && ptr[i + c + 1] == 0x0D &&
          ptr[i + c + 2] == 0x0A) {
         i += (c + 3 - width);
diff --git a/docs/examples/ephiperfifo.c b/docs/examples/ephiperfifo.c
index 026967f3ec..b47cbbedbf 100644
--- a/docs/examples/ephiperfifo.c
+++ b/docs/examples/ephiperfifo.c
@@ -133,7 +133,7 @@ static void mcode_or_die(const char *where, CURLMcode code)
 
 static void timer_cb(struct GlobalInfo *g, int revents);
 
-/* Update the timer after curl_multi library does its thing. Curl informs the
+/* Update the timer after curl_multi library does its thing. curl informs the
  * application through this callback what it wants the new timeout to be,
  * after it does some work. */
 static int multi_timer_cb(CURLM *multi, long timeout_ms, struct GlobalInfo *g)
@@ -219,7 +219,7 @@ static void timer_cb(struct GlobalInfo *g, int revents)
   err = read(g->tfd, &count, sizeof(uint64_t));
   if(err == -1) {
     /* Note that we may call the timer callback even if the timerfd is not
-     * readable. It's possible that there are multiple events stored in the
+     * readable. It is possible that there are multiple events stored in the
      * epoll buffer (i.e. the timer may have fired multiple times). The event
      * count is cleared after the first call so future events in the epoll
      * buffer fails to read from the timer. */
diff --git a/docs/examples/ftpupload.c b/docs/examples/ftpupload.c
index 0df41005f5..26db7f5953 100644
--- a/docs/examples/ftpupload.c
+++ b/docs/examples/ftpupload.c
@@ -90,7 +90,7 @@ int main(void)
   /* get a FILE * of the file */
   hd_src = fopen(LOCAL_FILE, "rb");
   if(!hd_src) {
-    printf("Couldn't open '%s': %s\n", LOCAL_FILE, strerror(errno));
+    printf("Could not open '%s': %s\n", LOCAL_FILE, strerror(errno));
     return 2;
   }
 
diff --git a/docs/examples/htmltidy.c b/docs/examples/htmltidy.c
index 0bf3155570..97eff2b45a 100644
--- a/docs/examples/htmltidy.c
+++ b/docs/examples/htmltidy.c
@@ -50,7 +50,7 @@ void dumpNode(TidyDoc doc, TidyNode tnod, int indent)
   for(child = tidyGetChild(tnod); child; child = tidyGetNext(child) ) {
     ctmbstr name = tidyNodeGetName(child);
     if(name) {
-      /* if it has a name, then it's an HTML tag ... */
+      /* if it has a name, then it is an HTML tag ... */
       TidyAttr attr;
       printf("%*.*s%s ", indent, indent, "<", name);
       /* walk the attribute list */
@@ -62,7 +62,7 @@ void dumpNode(TidyDoc doc, TidyNode tnod, int indent)
       printf(">\n");
     }
     else {
-      /* if it does not have a name, then it's probably text, cdata, etc... */
+      /* if it does not have a name, then it is probably text, cdata, etc... */
       TidyBuffer buf;
       tidyBufInit(&buf);
       tidyNodeGetText(doc, child, &buf);
diff --git a/docs/examples/htmltitle.cpp b/docs/examples/htmltitle.cpp
index 2251a215e8..cdbf0afa08 100644
--- a/docs/examples/htmltitle.cpp
+++ b/docs/examples/htmltitle.cpp
@@ -22,7 +22,7 @@
  *
  ***************************************************************************/
 /* 
- * Get a web page, extract the title with libxml.
+ * Get a webpage, extract the title with libxml.
  * 
 
  Written by Lars Nilsson
diff --git a/docs/examples/http2-download.c b/docs/examples/http2-download.c
index efc7472153..ca61a92d91 100644
--- a/docs/examples/http2-download.c
+++ b/docs/examples/http2-download.c
@@ -90,7 +90,7 @@ static void dump(const char *text, int num, unsigned char *ptr,
       }
       fprintf(stderr, "%c",
               (ptr[i + c] >= 0x20) && (ptr[i + c] < 0x80) ? ptr[i + c] : '.');
-      /* check again for 0D0A, to avoid an extra \n if it's at width */
+      /* check again for 0D0A, to avoid an extra \n if it is at width */
       if(nohex && (i + c + 2 < size) && ptr[i + c + 1] == 0x0D &&
          ptr[i + c + 2] == 0x0A) {
         i += (c + 3 - width);
diff --git a/docs/examples/http2-serverpush.c b/docs/examples/http2-serverpush.c
index d501f24199..8c43075b93 100644
--- a/docs/examples/http2-serverpush.c
+++ b/docs/examples/http2-serverpush.c
@@ -78,7 +78,7 @@ static void dump(const char *text, unsigned char *ptr, size_t size, char nohex)
       }
       fprintf(stderr, "%c",
               (ptr[i + c] >= 0x20) && (ptr[i + c] < 0x80) ? ptr[i + c] : '.');
-      /* check again for 0D0A, to avoid an extra \n if it's at width */
+      /* check again for 0D0A, to avoid an extra \n if it is at width */
       if(nohex && (i + c + 2 < size) && ptr[i + c + 1] == 0x0D &&
          ptr[i + c + 2] == 0x0A) {
         i += (c + 3 - width);
diff --git a/docs/examples/http2-upload.c b/docs/examples/http2-upload.c
index 2bff0d0506..7ba150e91a 100644
--- a/docs/examples/http2-upload.c
+++ b/docs/examples/http2-upload.c
@@ -128,7 +128,7 @@ static void dump(const char *text, int num, unsigned char *ptr,
       }
       fprintf(stderr, "%c",
               (ptr[i + c] >= 0x20) && (ptr[i + c] < 0x80) ? ptr[i + c] : '.');
-      /* check again for 0D0A, to avoid an extra \n if it's at width */
+      /* check again for 0D0A, to avoid an extra \n if it is at width */
       if(nohex && (i + c + 2 < size) && ptr[i + c + 1] == 0x0D &&
          ptr[i + c + 2] == 0x0A) {
         i += (c + 3 - width);
@@ -305,7 +305,7 @@ int main(int argc, char **argv)
       num_transfers = 3;  /* a suitable low default */
 
     if(argc > 2)
-      /* if given a file name, upload this! */
+      /* if given a filename, upload this! */
       filename = argv[2];
   }
   else
diff --git a/docs/examples/http3.c b/docs/examples/http3.c
index 323f6d7d17..217974f93c 100644
--- a/docs/examples/http3.c
+++ b/docs/examples/http3.c
@@ -22,7 +22,7 @@
  *
  ***************************************************************************/
 /* 
- * Very simple HTTP/3 GET
+ * Simple HTTP/3 GET
  * 
  */
 #include 
diff --git a/docs/examples/https.c b/docs/examples/https.c
index 23729afcaa..1f7f5e1fbb 100644
--- a/docs/examples/https.c
+++ b/docs/examples/https.c
@@ -56,7 +56,7 @@ int main(void)
 
 #ifdef SKIP_HOSTNAME_VERIFICATION
     /*
-     * If the site you are connecting to uses a different host name that what
+     * If the site you are connecting to uses a different hostname that what
      * they have mentioned in their server certificate's commonName (or
      * subjectAltName) fields, libcurl refuses to connect. You can skip this
      * check, but it makes the connection insecure.
diff --git a/docs/examples/imap-ssl.c b/docs/examples/imap-ssl.c
index 59edd130e5..6eb49ae978 100644
--- a/docs/examples/imap-ssl.c
+++ b/docs/examples/imap-ssl.c
@@ -68,7 +68,7 @@ int main(void)
     curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
 #endif
 
-    /* If the site you are connecting to uses a different host name that what
+    /* If the site you are connecting to uses a different hostname that what
      * they have mentioned in their server certificate's commonName (or
      * subjectAltName) fields, libcurl refuses to connect. You can skip this
      * check, but it makes the connection insecure. */
diff --git a/docs/examples/log_failed_transfers.c b/docs/examples/log_failed_transfers.c
index c9c0009763..350d41affa 100644
--- a/docs/examples/log_failed_transfers.c
+++ b/docs/examples/log_failed_transfers.c
@@ -140,8 +140,8 @@ static int mem_addf(struct mem *mem, const char *format, ...)
   /* we need about 100 chars or less to write 95% of lines */
   x = 128;
 
-  /* first try: there's probably enough memory to write everything.
-     second try: there's definitely enough memory to write everything. */
+  /* first try: there is probably enough memory to write everything.
+     second try: there is definitely enough memory to write everything. */
   for(i = 0; i < 2; ++i) {
     if(x < 0 || mem_need(mem, (size_t)x + 1) < 0)
       break;
diff --git a/docs/examples/multi-debugcallback.c b/docs/examples/multi-debugcallback.c
index 758cfca1de..d838feed40 100644
--- a/docs/examples/multi-debugcallback.c
+++ b/docs/examples/multi-debugcallback.c
@@ -71,7 +71,7 @@ static void dump(const char *text, FILE *stream, unsigned char *ptr,
       }
       fprintf(stream, "%c",
               (ptr[i + c] >= 0x20) && (ptr[i + c] < 0x80) ? ptr[i + c] : '.');
-      /* check again for 0D0A, to avoid an extra \n if it's at width */
+      /* check again for 0D0A, to avoid an extra \n if it is at width */
       if(nohex && (i + c + 2 < size) && ptr[i + c + 1] == 0x0D &&
          ptr[i + c + 2] == 0x0A) {
         i += (c + 3 - width);
diff --git a/docs/examples/multi-formadd.c b/docs/examples/multi-formadd.c
index 7a1b9eb95d..068412827a 100644
--- a/docs/examples/multi-formadd.c
+++ b/docs/examples/multi-formadd.c
@@ -51,7 +51,7 @@ int main(void)
 
   CURL_IGNORE_DEPRECATION(
     /* Fill in the file upload field. This makes libcurl load data from
-       the given file name when curl_easy_perform() is called. */
+       the given filename when curl_easy_perform() is called. */
     curl_formadd(&formpost,
                  &lastptr,
                  CURLFORM_COPYNAME, "sendfile",
diff --git a/docs/examples/multithread.c b/docs/examples/multithread.c
index 3ecca25908..535788e394 100644
--- a/docs/examples/multithread.c
+++ b/docs/examples/multithread.c
@@ -97,7 +97,7 @@ int main(void)
                            pull_one_url,
                            (void *)&targs[i]);
     if(error)
-      fprintf(stderr, "Couldn't run thread number %d, errno %d\n", i, error);
+      fprintf(stderr, "Could not run thread number %d, errno %d\n", i, error);
     else
       fprintf(stderr, "Thread %d, gets %s\n", i, urls[i]);
   }
diff --git a/docs/examples/parseurl.c b/docs/examples/parseurl.c
index 8675adc623..1514a79823 100644
--- a/docs/examples/parseurl.c
+++ b/docs/examples/parseurl.c
@@ -51,7 +51,7 @@ int main(void)
   /* extract hostname from the parsed URL */
   uc = curl_url_get(h, CURLUPART_HOST, &host, 0);
   if(!uc) {
-    printf("Host name: %s\n", host);
+    printf("Hostname: %s\n", host);
     curl_free(host);
   }
 
diff --git a/docs/examples/pop3-ssl.c b/docs/examples/pop3-ssl.c
index 63a9edca70..1be48adc82 100644
--- a/docs/examples/pop3-ssl.c
+++ b/docs/examples/pop3-ssl.c
@@ -67,7 +67,7 @@ int main(void)
     curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
 #endif
 
-    /* If the site you are connecting to uses a different host name that what
+    /* If the site you are connecting to uses a different hostname that what
      * they have mentioned in their server certificate's commonName (or
      * subjectAltName) fields, libcurl refuses to connect. You can skip this
      * check, but it makes the connection insecure. */
diff --git a/docs/examples/rtsp-options.c b/docs/examples/rtsp-options.c
index 50d5e2f27e..8c160f6b76 100644
--- a/docs/examples/rtsp-options.c
+++ b/docs/examples/rtsp-options.c
@@ -22,7 +22,7 @@
  *
  ***************************************************************************/
 /* 
- * Very simple RTSP request sending OPTIONS.
+ * Simple RTSP request sending OPTIONS.
  * 
  */
 #include 
diff --git a/docs/examples/simple.c b/docs/examples/simple.c
index 29ed14313e..a427266fd4 100644
--- a/docs/examples/simple.c
+++ b/docs/examples/simple.c
@@ -22,7 +22,7 @@
  *
  ***************************************************************************/
 /* 
- * Very simple HTTP GET
+ * Simple HTTP GET
  * 
  */
 #include 
diff --git a/docs/examples/simplepost.c b/docs/examples/simplepost.c
index b1175ba924..824e073e2a 100644
--- a/docs/examples/simplepost.c
+++ b/docs/examples/simplepost.c
@@ -22,7 +22,7 @@
  *
  ***************************************************************************/
 /* 
- * Very simple HTTP POST
+ * Simple HTTP POST
  * 
  */
 #include 
diff --git a/docs/examples/smooth-gtk-thread.c b/docs/examples/smooth-gtk-thread.c
index 0fcffe2501..0d1438e7d7 100644
--- a/docs/examples/smooth-gtk-thread.c
+++ b/docs/examples/smooth-gtk-thread.c
@@ -133,7 +133,7 @@ void *create_thread(void *progress_bar)
                                pull_one_url,
                                NULL);
     if(error)
-      fprintf(stderr, "Couldn't run thread number %d, errno %d\n", i, error);
+      fprintf(stderr, "Could not run thread number %d, errno %d\n", i, error);
     else
       fprintf(stderr, "Thread %d, gets %s\n", i, urls[i]);
   }
diff --git a/docs/examples/smtp-ssl.c b/docs/examples/smtp-ssl.c
index 5391f3e222..36ecd18d74 100644
--- a/docs/examples/smtp-ssl.c
+++ b/docs/examples/smtp-ssl.c
@@ -116,7 +116,7 @@ int main(void)
     curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
 #endif
 
-    /* If the site you are connecting to uses a different host name that what
+    /* If the site you are connecting to uses a different hostname that what
      * they have mentioned in their server certificate's commonName (or
      * subjectAltName) fields, libcurl refuses to connect. You can skip this
      * check, but it makes the connection insecure. */
diff --git a/docs/examples/threaded-ssl.c b/docs/examples/threaded-ssl.c
index 5d984a670a..8119113695 100644
--- a/docs/examples/threaded-ssl.c
+++ b/docs/examples/threaded-ssl.c
@@ -91,7 +91,7 @@ int main(int argc, char **argv)
                                pull_one_url,
                                (void *)&i);
     if(error)
-      fprintf(stderr, "Couldn't run thread number %d, errno %d\n", i, error);
+      fprintf(stderr, "Could not run thread number %d, errno %d\n", i, error);
     else
       fprintf(stderr, "Thread %d, gets %s\n", i, urls[i]);
   }
diff --git a/docs/examples/urlapi.c b/docs/examples/urlapi.c
index 82ef3e19aa..7afc759fa1 100644
--- a/docs/examples/urlapi.c
+++ b/docs/examples/urlapi.c
@@ -42,7 +42,7 @@ int main(void)
   if(res)
     return (int)res;
 
-  /* init Curl URL */
+  /* init curl URL */
   urlp = curl_url();
   uc = curl_url_set(urlp, CURLUPART_URL,
                     "http://example.com/path/index.html", 0);
diff --git a/lib/altsvc.c b/lib/altsvc.c
index d9933f2298..357d3bc209 100644
--- a/lib/altsvc.c
+++ b/lib/altsvc.c
@@ -559,7 +559,7 @@ CURLcode Curl_altsvc_parse(struct Curl_easy *data,
             }
           }
           else {
-            /* IPv6 host name */
+            /* IPv6 hostname */
             if(curlx_str_until(&p, &dsthost, MAX_IPADR_LEN, ']') ||
                curlx_str_single(&p, ']')) {
               infof(data, "Bad alt-svc IPv6 hostname, ignoring.");
diff --git a/lib/cf-h2-proxy.c b/lib/cf-h2-proxy.c
index d38bd46952..9a8312a042 100644
--- a/lib/cf-h2-proxy.c
+++ b/lib/cf-h2-proxy.c
@@ -311,7 +311,7 @@ static CURLcode cf_h2_proxy_ctx_init(struct Curl_cfilter *cf,
 
   rc = nghttp2_session_callbacks_new(&cbs);
   if(rc) {
-    failf(data, "Couldn't initialize nghttp2 callbacks");
+    failf(data, "Could not initialize nghttp2 callbacks");
     goto out;
   }
 
@@ -331,7 +331,7 @@ static CURLcode cf_h2_proxy_ctx_init(struct Curl_cfilter *cf,
   /* The nghttp2 session is not yet setup, do it */
   rc = proxy_h2_client_new(cf, cbs);
   if(rc) {
-    failf(data, "Couldn't initialize nghttp2");
+    failf(data, "Could not initialize nghttp2");
     goto out;
   }
 
diff --git a/lib/cf-socket.c b/lib/cf-socket.c
index 555bb77903..a8fa997de0 100644
--- a/lib/cf-socket.c
+++ b/lib/cf-socket.c
@@ -664,7 +664,7 @@ static CURLcode bindlocal(struct Curl_easy *data, struct connectdata *conn,
           /* Do not fall back to treating it as a hostname */
           char buffer[STRERROR_LEN];
           data->state.os_errno = error = SOCKERRNO;
-          failf(data, "Couldn't bind to interface '%s' with errno %d: %s",
+          failf(data, "Could not bind to interface '%s' with errno %d: %s",
                 iface, error, curlx_strerror(error, buffer, sizeof(buffer)));
           return CURLE_INTERFACE_FAILED;
         }
@@ -768,7 +768,7 @@ static CURLcode bindlocal(struct Curl_easy *data, struct connectdata *conn,
       char buffer[STRERROR_LEN];
       data->state.errorbuf = FALSE;
       data->state.os_errno = error = SOCKERRNO;
-      failf(data, "Couldn't bind to '%s' with errno %d: %s", host,
+      failf(data, "Could not bind to '%s' with errno %d: %s", host,
             error, curlx_strerror(error, buffer, sizeof(buffer)));
       return CURLE_INTERFACE_FAILED;
     }
diff --git a/lib/cookie.c b/lib/cookie.c
index fce628cb97..3155c4b3e4 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -458,7 +458,7 @@ parse_cookie_header(struct Curl_easy *data,
        */
 
       if(!co->name) {
-        /* The very first name/value pair is the actual cookie name */
+        /* The first name/value pair is the actual cookie name */
         if(!sep)
           /* Bad name/value pair. */
           return CURLE_OK;
diff --git a/lib/curl_gethostname.c b/lib/curl_gethostname.c
index c3fa864eff..9f2624ff05 100644
--- a/lib/curl_gethostname.c
+++ b/lib/curl_gethostname.c
@@ -62,7 +62,7 @@ int Curl_gethostname(char * const name, GETHOSTNAME_TYPE_ARG2 namelen)
     if(strlen(force_hostname) < (size_t)namelen)
       strcpy(name, force_hostname);
     else
-      return 1; /* can't do it */
+      return 1; /* cannot do it */
     err = 0;
   }
   else {
diff --git a/lib/curlx/fopen.c b/lib/curlx/fopen.c
index cc164c8c29..9509e83148 100644
--- a/lib/curlx/fopen.c
+++ b/lib/curlx/fopen.c
@@ -142,7 +142,7 @@ static bool fix_excessive_path(const TCHAR *in, TCHAR **out)
   else if(!wcsncmp(fbuf, L"\\\\.\\", 4))
     fbuf[2] = '?';
   else if(!wcsncmp(fbuf, L"\\\\.", 3) || !wcsncmp(fbuf, L"\\\\?", 3)) {
-    /* Unexpected, not UNC. The formatting doc doesn't allow this AFAICT. */
+    /* Unexpected, not UNC. The formatting doc does not allow this AFAICT. */
     goto cleanup;
   }
   else {
diff --git a/lib/curlx/inet_ntop.c b/lib/curlx/inet_ntop.c
index 884cfb79c2..a9595d0c2f 100644
--- a/lib/curlx/inet_ntop.c
+++ b/lib/curlx/inet_ntop.c
@@ -160,7 +160,7 @@ static char *inet_ntop6(const unsigned char *src, char *dst, size_t size)
       break;
     }
     else {
-      /* Lower-case digits. Can't use the set from mprintf.c since this
+      /* Lower-case digits. Cannot use the set from mprintf.c since this
          needs to work as a curlx function */
       static const unsigned char ldigits[] = "0123456789abcdef";
 
diff --git a/lib/fake_addrinfo.c b/lib/fake_addrinfo.c
index 80edf78648..9789d1ef62 100644
--- a/lib/fake_addrinfo.c
+++ b/lib/fake_addrinfo.c
@@ -180,7 +180,7 @@ int r_getaddrinfo(const char *node,
         curl_mfprintf(stderr, "ares_set_servers_ports_csv failed: %d", rc);
         /* Cleanup */
         ares_destroy(channel);
-        return EAI_MEMORY; /* we can't run */
+        return EAI_MEMORY; /* we cannot run */
       }
     }
   }
diff --git a/lib/file.c b/lib/file.c
index f45a487c90..5656202834 100644
--- a/lib/file.c
+++ b/lib/file.c
@@ -275,7 +275,7 @@ static CURLcode file_connect(struct Curl_easy *data, bool *done)
 
   file->fd = fd;
   if(!data->state.upload && (fd == -1)) {
-    failf(data, "Couldn't open file %s", data->state.up.path);
+    failf(data, "Could not open file %s", data->state.up.path);
     file_done(data, CURLE_FILE_COULDNT_READ_FILE, FALSE);
     return CURLE_FILE_COULDNT_READ_FILE;
   }
diff --git a/lib/ftp.c b/lib/ftp.c
index ca6b9497b2..108310bf30 100644
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -1867,7 +1867,7 @@ static CURLcode ftp_state_pasv_resp(struct Curl_easy *data,
     }
 
     if(!*str) {
-      failf(data, "Couldn't interpret the 227-response");
+      failf(data, "Could not interpret the 227-response");
       return CURLE_FTP_WEIRD_227_FORMAT;
     }
 
@@ -2202,7 +2202,7 @@ static CURLcode ftp_state_type_resp(struct Curl_easy *data,
     /* "sasserftpd" and "(u)r(x)bot ftpd" both responds with 226 after a
        successful 'TYPE I'. While that is not as RFC959 says, it is still a
        positive response code and we allow that. */
-    failf(data, "Couldn't set desired mode");
+    failf(data, "Could not set desired mode");
     return CURLE_FTP_COULDNT_SET_TYPE;
   }
   if(ftpcode != 200)
@@ -2392,7 +2392,7 @@ static CURLcode ftp_state_rest_resp(struct Curl_easy *data,
 
   case FTP_RETR_REST:
     if(ftpcode != 350) {
-      failf(data, "Couldn't use REST");
+      failf(data, "Could not use REST");
       result = CURLE_FTP_COULDNT_USE_REST;
     }
     else {
@@ -2537,7 +2537,7 @@ static CURLcode ftp_state_get_resp(struct Curl_easy *data,
   }
   else {
     if((instate == FTP_LIST) && (ftpcode == 450)) {
-      /* simply no matching files in the dir listing */
+      /* simply no matching files in the directory listing */
       ftp->transfer = PPTRANSFER_NONE; /* do not download anything */
       ftp_state(data, ftpc, FTP_STOP); /* this phase is over */
     }
@@ -3052,7 +3052,7 @@ static CURLcode ftp_pp_statemachine(struct Curl_easy *data,
 
   case FTP_MKD:
     if((ftpcode/100 != 2) && !ftpc->count3--) {
-      /* failure to MKD the dir */
+      /* failure to MKD the directory */
       failf(data, "Failed to MKD dir: %03d", ftpcode);
       result = CURLE_REMOTE_ACCESS_DENIED;
     }
@@ -3306,7 +3306,7 @@ static CURLcode ftp_done(struct Curl_easy *data, CURLcode status,
       }
     }
     if(ftpc->prevpath)
-      infof(data, "Remembering we are in dir \"%s\"", ftpc->prevpath);
+      infof(data, "Remembering we are in directory \"%s\"", ftpc->prevpath);
   }
 
   /* shut down the socket to inform the server we are done */
@@ -4192,7 +4192,7 @@ CURLcode ftp_parse_url_path(struct Curl_easy *data,
 
         ftpc->dirs[0].start = 0;
         ftpc->dirs[0].len = (int)dirlen;
-        ftpc->dirdepth = 1; /* we consider it to be a single dir */
+        ftpc->dirdepth = 1; /* we consider it to be a single directory */
         fileName = slashPos + 1; /* rest is filename */
       }
       else
@@ -4208,7 +4208,7 @@ CURLcode ftp_parse_url_path(struct Curl_easy *data,
       size_t dirAlloc = numof_slashes(rawPath);
 
       if(dirAlloc >= FTP_MAX_DIR_DEPTH)
-        /* suspiciously deep dir hierarchy */
+        /* suspiciously deep directory hierarchy */
         return CURLE_URL_MALFORMAT;
 
       if(dirAlloc) {
diff --git a/lib/headers.c b/lib/headers.c
index 5a57257113..feb52e087d 100644
--- a/lib/headers.c
+++ b/lib/headers.c
@@ -51,7 +51,7 @@ static void copy_header_external(struct Curl_header_store *hs,
   h->index = index;
   /* this will randomly OR a reserved bit for the sole purpose of making it
      impossible for applications to do == comparisons, as that would otherwise
-     be very tempting and then lead to the reserved bits not being reserved
+     be tempting and then lead to the reserved bits not being reserved
      anymore. */
   h->origin = (unsigned int)(hs->type | (1 << 27));
   h->anchor = e;
diff --git a/lib/hostip.c b/lib/hostip.c
index ef000aab69..ce79e5fc4b 100644
--- a/lib/hostip.c
+++ b/lib/hostip.c
@@ -956,7 +956,7 @@ out:
     /* we got a response, create a dns entry, add to cache, return */
     dns = Curl_dnscache_mk_entry(data, addr, hostname, 0, port, FALSE);
     if(!dns || Curl_dnscache_add(data, dns)) {
-      /* this is OOM or similar, don't store such negative resolves */
+      /* this is OOM or similar, do not store such negative resolves */
       keep_negative = FALSE;
       goto error;
     }
@@ -1393,7 +1393,7 @@ CURLcode Curl_loadhostpairs(struct Curl_easy *data)
       error = FALSE;
 err:
       if(error) {
-        failf(data, "Couldn't parse CURLOPT_RESOLVE entry '%s'",
+        failf(data, "Could not parse CURLOPT_RESOLVE entry '%s'",
               hostp->data);
         Curl_freeaddrinfo(head);
         return CURLE_SETOPT_OPTION_SYNTAX;
diff --git a/lib/hsts.c b/lib/hsts.c
index 4e41155f30..437851b8ba 100644
--- a/lib/hsts.c
+++ b/lib/hsts.c
@@ -277,7 +277,7 @@ struct stsentry *Curl_hsts(struct hsts *h, const char *hostname,
           blen = ntail;
         }
       }
-      /* avoid curl_strequal because the host name is not null-terminated */
+      /* avoid curl_strequal because the hostname is not null-terminated */
       if((hlen == ntail) && curl_strnequal(hostname, sts->host, hlen))
         return sts;
     }
diff --git a/lib/http.c b/lib/http.c
index f3444d46a9..7458d8b640 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -504,7 +504,7 @@ static CURLcode http_perhapsrewind(struct Curl_easy *data,
     return CURLE_OK;
 
   if(abort_upload) {
-    /* We'd like to abort the upload - but should we? */
+    /* We would like to abort the upload - but should we? */
 #ifdef USE_NTLM
     if((data->state.authproxy.picked == CURLAUTH_NTLM) ||
        (data->state.authhost.picked == CURLAUTH_NTLM)) {
@@ -1716,7 +1716,7 @@ CURLcode Curl_add_custom_headers(struct Curl_easy *data,
           curlx_str_untilnl(&p, &val, MAX_HTTP_RESP_HEADER_SIZE);
           curlx_str_trimblanks(&val);
           if(!curlx_strlen(&val))
-            /* no content, don't send this */
+            /* no content, do not send this */
             continue;
         }
         else
@@ -2404,7 +2404,7 @@ static CURLcode http_add_content_hds(struct Curl_easy *data,
        (data->req.authneg ||
         !Curl_checkheaders(data, STRCONST("Content-Length")))) {
       /* we allow replacing this header if not during auth negotiation,
-         although it is not very wise to actually set your own */
+         although it is not wise to actually set your own */
       result = curlx_dyn_addf(r, "Content-Length: %" FMT_OFF_T "\r\n",
                               req_clen);
     }
@@ -4018,7 +4018,7 @@ static CURLcode http_on_response(struct Curl_easy *data,
        *
        * The check for close above is done simply because of something
        * else has already deemed the connection to get closed then
-       * something else should've considered the big picture and we
+       * something else should have considered the big picture and we
        * avoid this check.
        *
        */
@@ -4187,7 +4187,7 @@ static CURLcode http_rw_hd(struct Curl_easy *data,
                 k->httpcode = (p[0] - '0') * 100 + (p[1] - '0') * 10 +
                   (p[2] - '0');
                 /* RFC 9112 requires a single space following the status code,
-                   but the browsers don't so let's not insist */
+                   but the browsers do not so let's not insist */
                 fine_statusline = TRUE;
               }
             }
diff --git a/lib/http2.c b/lib/http2.c
index 68446d5177..2e1e5bd07e 100644
--- a/lib/http2.c
+++ b/lib/http2.c
@@ -506,7 +506,7 @@ static CURLcode cf_h2_ctx_open(struct Curl_cfilter *cf,
 
   rc = nghttp2_session_callbacks_new(&cbs);
   if(rc) {
-    failf(data, "Couldn't initialize nghttp2 callbacks");
+    failf(data, "Could not initialize nghttp2 callbacks");
     goto out;
   }
 
@@ -530,7 +530,7 @@ static CURLcode cf_h2_ctx_open(struct Curl_cfilter *cf,
   /* The nghttp2 session is not yet setup, do it */
   rc = h2_client_new(cf, cbs);
   if(rc) {
-    failf(data, "Couldn't initialize nghttp2");
+    failf(data, "Could not initialize nghttp2");
     goto out;
   }
   ctx->max_concurrent_streams = DEFAULT_MAX_CONCURRENT_STREAMS;
@@ -972,7 +972,7 @@ static int push_promise(struct Curl_cfilter *cf,
 
     rv = set_transfer_url(newhandle, &heads);
     if(rv) {
-      CURL_TRC_CF(data, cf, "[%d] PUSH_PROMISE, failed to set url -> %d",
+      CURL_TRC_CF(data, cf, "[%d] PUSH_PROMISE, failed to set URL -> %d",
                   frame->promised_stream_id, rv);
       discard_newhandle(cf, newhandle);
       rv = CURL_PUSH_DENY;
diff --git a/lib/multi.c b/lib/multi.c
index a47336457b..c52ee54c77 100644
--- a/lib/multi.c
+++ b/lib/multi.c
@@ -1038,7 +1038,7 @@ CURLMcode Curl_multi_pollset(struct Curl_easy *data,
 
   case MSTATE_RESOLVING:
     result = Curl_resolv_pollset(data, ps);
-    /* connection filters are not involved in this phase. It's ok if we get no
+    /* connection filters are not involved in this phase. It is OK if we get no
      * sockets to wait for. Resolving can wake up from other sources. */
     expect_sockets = FALSE;
     break;
diff --git a/lib/multi_ev.c b/lib/multi_ev.c
index ff755caa6a..f5000a4562 100644
--- a/lib/multi_ev.c
+++ b/lib/multi_ev.c
@@ -340,7 +340,7 @@ static CURLMcode mev_pollset_diff(struct Curl_multi *multi,
     /* What was the previous action the transfer had regarding this socket?
      * If the transfer is new to the socket, disregard the information
      * in `last_poll`, because the socket might have been destroyed and
-     * reopened. We'd have cleared the sh_entry for that, but the socket
+     * reopened. We would have cleared the sh_entry for that, but the socket
      * might still be mentioned in the hashed pollsets. */
     last_action = 0;
     if(first_time) {
diff --git a/lib/pop3.c b/lib/pop3.c
index affd64276c..d469dc0766 100644
--- a/lib/pop3.c
+++ b/lib/pop3.c
@@ -1742,9 +1742,8 @@ static CURLcode pop3_write(struct Curl_easy *data, const char *str,
 
     /* Did we have a partial match which has subsequently failed? */
     if(prev && prev >= pop3c->eob) {
-      /* Strip can only be non-zero for the very first mismatch after CRLF
-         and then both prev and strip are equal and nothing will be output
-         below */
+      /* Strip can only be non-zero for the first mismatch after CRLF and
+         then both prev and strip are equal and nothing will be output below */
       while(prev && pop3c->strip) {
         prev--;
         pop3c->strip--;
diff --git a/lib/progress.c b/lib/progress.c
index 02841544dd..228f5dc197 100644
--- a/lib/progress.c
+++ b/lib/progress.c
@@ -280,7 +280,7 @@ timediff_t Curl_pgrsLimitWaitTime(struct pgrs_dir *d,
     should_ms = (timediff_t) (1000 * bytes / bytes_per_sec);
   }
   else {
-    /* very large `bytes`, first calc the seconds it should have taken.
+    /* large `bytes`, first calc the seconds it should have taken.
      * if that is small enough, convert to milliseconds. */
     should_ms = (timediff_t) (bytes / bytes_per_sec);
     if(should_ms < TIMEDIFF_T_MAX/1000)
diff --git a/lib/socks.c b/lib/socks.c
index 5185913a24..3434030c83 100644
--- a/lib/socks.c
+++ b/lib/socks.c
@@ -308,7 +308,7 @@ static CURLproxycode socks4_req_add_user(struct socks_state *sx,
       return CURLPX_SEND_REQUEST;
   }
   else {
-    /* empty user name */
+    /* empty username */
     unsigned char b = 0;
     result = Curl_bufq_write(&sx->iobuf, &b, 1, &nwritten);
     if(result || (nwritten != 1))
diff --git a/lib/speedcheck.c b/lib/speedcheck.c
index 3b128655f5..aede060019 100644
--- a/lib/speedcheck.c
+++ b/lib/speedcheck.c
@@ -49,7 +49,7 @@ CURLcode Curl_speedcheck(struct Curl_easy *data,
   if((data->progress.current_speed >= 0) && data->set.low_speed_time) {
     if(data->progress.current_speed < data->set.low_speed_limit) {
       if(!data->state.keeps_speed.tv_sec)
-        /* under the limit at this very moment */
+        /* under the limit at this moment */
         data->state.keeps_speed = now;
       else {
         /* how long has it been under the limit */
diff --git a/lib/url.c b/lib/url.c
index 0a0b6ff3a2..cf34514b1a 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -1283,7 +1283,7 @@ static bool url_match_result(bool result, void *userdata)
     return TRUE;
   }
   else if(match->seen_single_use_conn && !match->seen_multiplex_conn) {
-    /* We've seen a single-use, existing connection to the destination and
+    /* We have seen a single-use, existing connection to the destination and
      * no multiplexed one. It seems safe to assume that the server does
      * not support multiplexing. */
     match->wait_pipe = FALSE;
@@ -2740,7 +2740,7 @@ static CURLcode override_login(struct Curl_easy *data,
                                       data->set.str[STRING_NETRC_FILE]);
       if(ret && ((ret == NETRC_NO_MATCH) ||
                  (data->set.use_netrc == CURL_NETRC_OPTIONAL))) {
-        infof(data, "Couldn't find host %s in the %s file; using defaults",
+        infof(data, "Could not find host %s in the %s file; using defaults",
               conn->host.name,
               (data->set.str[STRING_NETRC_FILE] ?
                data->set.str[STRING_NETRC_FILE] : ".netrc"));
@@ -2752,7 +2752,7 @@ static CURLcode override_login(struct Curl_easy *data,
       }
       else {
         if(!(conn->handler->flags&PROTOPT_USERPWDCTRL)) {
-          /* if the protocol can't handle control codes in credentials, make
+          /* if the protocol cannot handle control codes in credentials, make
              sure there are none */
           if(str_has_ctrl(*userp) || str_has_ctrl(*passwdp)) {
             failf(data, "control code detected in .netrc credentials");
diff --git a/lib/urlapi.c b/lib/urlapi.c
index 73f476ed3f..a3d9efdb91 100644
--- a/lib/urlapi.c
+++ b/lib/urlapi.c
@@ -1940,7 +1940,7 @@ nomem:
         if(!n)
           bad = TRUE; /* empty hostname is not okay */
         else if(!urlencode) {
-          /* if the host name part was not URL encoded here, it was set ready
+          /* if the hostname part was not URL encoded here, it was set ready
              URL encoded so we need to decode it to check */
           size_t dlen;
           char *decoded = NULL;
diff --git a/lib/vauth/digest.c b/lib/vauth/digest.c
index a8d4ffe5b7..c1c0ab2ab2 100644
--- a/lib/vauth/digest.c
+++ b/lib/vauth/digest.c
@@ -216,7 +216,7 @@ static bool auth_digest_get_key_value(const char *chlg, const char *key,
       if(curlx_str_cmp(&name, key)) {
         /* if this is our key, return the value */
         if(curlx_strlen(&data) >= buflen)
-          /* doesn't fit */
+          /* does not fit */
           return FALSE;
         memcpy(buf, curlx_str(&data), curlx_strlen(&data));
         buf[curlx_strlen(&data)] = 0;
diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c
index 145a2831db..75dc5cc694 100644
--- a/lib/vquic/curl_osslq.c
+++ b/lib/vquic/curl_osslq.c
@@ -781,7 +781,7 @@ static CURLcode write_resp_raw(struct Curl_cfilter *cf,
 
   if(nwritten < memlen) {
     /* This MUST not happen. Our recbuf is dimensioned to hold the
-     * full max_stream_window and then some for this very reason. */
+     * full max_stream_window and then some for this reason. */
     DEBUGASSERT(0);
     return CURLE_RECV_ERROR;
   }
diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c
index d8d063b2ec..ff3e76b063 100644
--- a/lib/vquic/curl_quiche.c
+++ b/lib/vquic/curl_quiche.c
@@ -342,7 +342,7 @@ static CURLcode write_resp_raw(struct Curl_cfilter *cf,
 
   if(nwritten < memlen) {
     /* This MUST not happen. Our recbuf is dimensioned to hold the
-     * full max_stream_window and then some for this very reason. */
+     * full max_stream_window and then some for this reason. */
     DEBUGASSERT(0);
     return CURLE_RECV_ERROR;
   }
diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c
index 74a1da5a3e..8653c4901d 100644
--- a/lib/vssh/libssh.c
+++ b/lib/vssh/libssh.c
@@ -1574,8 +1574,8 @@ static int myssh_in_SFTP_QUOTE(struct Curl_easy *data,
     Curl_debug(data, CURLINFO_HEADER_OUT, "PWD\n", 4);
     Curl_debug(data, CURLINFO_HEADER_IN, tmp, strlen(tmp));
 
-    /* this sends an FTP-like "header" to the header callback so that the
-       current directory can be read very similar to how it is read when
+    /* this sends an FTP-like "header" to the header callback so that
+       the current directory can be read similar to how it is read when
        using ordinary FTP. */
     result = Curl_client_write(data, CLIENTWRITE_HEADER, tmp, strlen(tmp));
     free(tmp);
@@ -1860,7 +1860,7 @@ static int myssh_in_SFTP_QUOTE_STAT(struct Curl_easy *data,
       return SSH_NO_ERROR;
     }
     if(date > UINT_MAX)
-      /* because the liubssh API can't deal with a larger value */
+      /* because the liubssh API cannot deal with a larger value */
       date = UINT_MAX;
     if(!strncmp(cmd, "atime", 5))
       sshc->quote_attrs->atime = (uint32_t)date;
diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c
index 49044669fc..f5cb5f9a1d 100644
--- a/lib/vssh/libssh2.c
+++ b/lib/vssh/libssh2.c
@@ -878,8 +878,8 @@ static CURLcode sftp_quote(struct Curl_easy *data,
     Curl_debug(data, CURLINFO_HEADER_OUT, "PWD\n", 4);
     Curl_debug(data, CURLINFO_HEADER_IN, tmp, strlen(tmp));
 
-    /* this sends an FTP-like "header" to the header callback so that the
-       current directory can be read very similar to how it is read when
+    /* this sends an FTP-like "header" to the header callback so that
+       the current directory can be read similar to how it is read when
        using ordinary FTP. */
     result = Curl_client_write(data, CLIENTWRITE_HEADER, tmp, strlen(tmp));
     free(tmp);
diff --git a/lib/vtls/apple.c b/lib/vtls/apple.c
index 87d5208d73..297ebc39f3 100644
--- a/lib/vtls/apple.c
+++ b/lib/vtls/apple.c
@@ -148,7 +148,7 @@ CURLcode Curl_vtls_apple_verify(struct Curl_cfilter *cf,
          * add `kSecRevocationRequirePositiveResponse` to the Apple
          * Trust policies, it interprets this as it NEEDs a confirmation
          * of a cert being NOT REVOKED. Which not in general available for
-         * certificates on the internet.
+         * certificates on the Internet.
          * It seems that applications using this policy are expected to PIN
          * their certificate public keys or verification will fail.
          * This does not seem to be what we want here. */
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 533597ed41..f7a5727a11 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -1688,7 +1688,7 @@ static CURLcode client_cert(struct Curl_easy *data,
         failf(data,
               "could not load PEM client certificate from %s, " OSSL_PACKAGE
               " error %s, "
-              "(no key found, wrong pass phrase, or wrong file format?)",
+              "(no key found, wrong passphrase, or wrong file format?)",
               (cert_blob ? "CURLOPT_SSLCERT_BLOB" : cert_file),
               ossl_strerror(ERR_get_error(), error_buffer,
                             sizeof(error_buffer)) );
@@ -1708,7 +1708,7 @@ static CURLcode client_cert(struct Curl_easy *data,
         failf(data,
               "could not load ASN1 client certificate from %s, " OSSL_PACKAGE
               " error %s, "
-              "(no key found, wrong pass phrase, or wrong file format?)",
+              "(no key found, wrong passphrase, or wrong file format?)",
               (cert_blob ? "CURLOPT_SSLCERT_BLOB" : cert_file),
               ossl_strerror(ERR_get_error(), error_buffer,
                             sizeof(error_buffer)) );
@@ -5154,7 +5154,7 @@ CURLcode Curl_ossl_check_peer_cert(struct Curl_cfilter *cf,
 #endif
 
   if(data->set.ssl.certinfo && !octx->reused_session) {
-    /* asked to gather certificate info. Reused sessions don't have cert
+    /* asked to gather certificate info. Reused sessions do not have cert
        chains */
     result = ossl_certchain(data, octx->ssl);
     if(result)
@@ -5684,7 +5684,7 @@ static CURLcode ossl_get_channel_binding(struct Curl_easy *data, int sockindex,
 
   cert = SSL_get1_peer_certificate(octx->ssl);
   if(!cert)
-    /* No server certificate, don't do channel binding */
+    /* No server certificate, do not do channel binding */
     return CURLE_OK;
 
   if(!OBJ_find_sigid_algs(X509_get_signature_nid(cert), &algo_nid, NULL)) {
diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c
index 137e525722..f2a907cb09 100644
--- a/lib/vtls/schannel.c
+++ b/lib/vtls/schannel.c
@@ -1286,7 +1286,7 @@ schannel_connect_step2(struct Curl_cfilter *cf, struct Curl_easy *data)
 
     /* The socket must be writeable (or a poll error occurred) before we call
        InitializeSecurityContext to continue processing the received TLS
-       records. This is because that function is not idempotent and we don't
+       records. This is because that function is not idempotent and we do not
        support partial save/resume sending replies of handshake tokens. */
     if(!SOCKET_WRITABLE(Curl_conn_cf_get_socket(cf, data), 0)) {
       SCH_DEV(infof(data, "schannel: handshake waiting for writeable socket"));
@@ -1809,7 +1809,7 @@ schannel_recv_renegotiate(struct Curl_cfilter *cf, struct Curl_easy *data,
      * data needs to be sent then we block for a writeable socket that should
      * be writeable immediately except for OS resource constraints. For caller
      * send if handshake data needs to be received then we block for a readable
-     * socket, which could take some time, but it's more likely the user has
+     * socket, which could take some time, but it is more likely the user has
      * called recv since they had called it prior (only recv can start
      * renegotiation and probably the user is going to call it again to get
      * more of their data before calling send).
diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
index 918a4686fc..ed0af3d53b 100644
--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
@@ -1423,7 +1423,7 @@ static CURLcode ssl_cf_connect_deferred(struct Curl_cfilter *cf,
     result = ssl_cf_set_earlydata(cf, data, buf, blen);
     if(result)
       return result;
-    /* we buffered any early data we'd like to send. Actually
+    /* we buffered any early data we would like to send. Actually
      * do the connect now which sends it and performs the handshake. */
     connssl->earlydata_state = ssl_earlydata_sending;
     connssl->earlydata_skip = Curl_bufq_len(&connssl->earlydata);
diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c
index a7883fe08a..7b567fd892 100644
--- a/lib/vtls/wolfssl.c
+++ b/lib/vtls/wolfssl.c
@@ -1725,7 +1725,7 @@ static CURLcode wssl_handshake(struct Curl_cfilter *cf,
   if(ret == WOLFSSL_SUCCESS &&
      conn_config->verifyhost &&
      !connssl->peer.sni) {
-    /* we have an IP address as host name. */
+    /* we have an IP address as hostname. */
     WOLFSSL_X509* cert = wolfSSL_get_peer_certificate(wssl->ssl);
     if(!cert) {
       failf(data, "unable to get peer certificate");
diff --git a/lib/ws.c b/lib/ws.c
index 96a0d61378..5a61c65aa8 100644
--- a/lib/ws.c
+++ b/lib/ws.c
@@ -1037,7 +1037,7 @@ static CURLcode ws_enc_send(struct Curl_easy *data,
      * that needs to be encoded into the buffer */
     if(buflen < ws->sendbuf_payload) {
       /* We have been called with LESS buffer data than before. This
-       * is not how it's supposed too work. */
+       * is not how it is supposed too work. */
       failf(data, "[WS] curl_ws_send() called with smaller 'buflen' than "
             "bytes already buffered in previous call, %zu vs %zu",
             buflen, ws->sendbuf_payload);
diff --git a/src/config2setopts.c b/src/config2setopts.c
index 7d099602d3..154319231f 100644
--- a/src/config2setopts.c
+++ b/src/config2setopts.c
@@ -212,11 +212,11 @@ static CURLcode ssh_setopts(struct OperationConfig *config, CURL *curl)
       config->knownhosts = known;
     }
     else if(!config->hostpubmd5 && !config->hostpubsha256) {
-      errorf("Couldn't find a known_hosts file");
+      errorf("Could not find a known_hosts file");
       return CURLE_FAILED_INIT;
     }
     else
-      warnf("Couldn't find a known_hosts file");
+      warnf("Could not find a known_hosts file");
   }
   return CURLE_OK; /* ignore if SHA256 did not work */
 }
diff --git a/src/tool_cb_rea.c b/src/tool_cb_rea.c
index a4c475be8e..6c119047ce 100644
--- a/src/tool_cb_rea.c
+++ b/src/tool_cb_rea.c
@@ -60,7 +60,7 @@ static bool waitfd(int waitms, int fd)
   struct timeval timeout;
 
   if(fd >= FD_SETSIZE)
-    /* can't wait! */
+    /* cannot wait! */
     return FALSE;
 
   /* wait this long at the most */
diff --git a/src/tool_cb_see.c b/src/tool_cb_see.c
index 68899c5829..292da1c251 100644
--- a/src/tool_cb_see.c
+++ b/src/tool_cb_see.c
@@ -55,8 +55,8 @@ int tool_seek_cb(void *userdata, curl_off_t offset, int whence)
 
   if(offset > OUR_MAX_SEEK_O) {
     /* Some precaution code to work around problems with different data sizes
-       to allow seeking >32-bit even if off_t is 32-bit. Should be very rare
-       and is really valid on weirdo-systems. */
+       to allow seeking >32-bit even if off_t is 32-bit. Should be rare and
+       is really valid on weirdo-systems. */
     curl_off_t left = offset;
 
     if(whence != SEEK_SET)
diff --git a/src/tool_doswin.c b/src/tool_doswin.c
index 8e9e5f023d..2b19a163ce 100644
--- a/src/tool_doswin.c
+++ b/src/tool_doswin.c
@@ -874,7 +874,7 @@ curl_socket_t win32_stdin_read_thread(void)
       break;
     }
 
-    /* Start up the thread. We don't bother keeping a reference to it
+    /* Start up the thread. We do not bother keeping a reference to it
        because it runs until program termination. From here on out all reads
        from the stdin handle or file descriptor 0 will be reading from the
        socket that is fed by the thread. */
diff --git a/src/tool_getparam.c b/src/tool_getparam.c
index b74b73806d..bd90da1ec7 100644
--- a/src/tool_getparam.c
+++ b/src/tool_getparam.c
@@ -1213,7 +1213,7 @@ static ParameterError parse_ech(struct OperationConfig *config,
         file = curlx_fopen(nextarg, FOPEN_READTEXT);
       }
       if(!file) {
-        warnf("Couldn't read file \"%s\" "
+        warnf("Could not read file \"%s\" "
               "specified for \"--ech ecl:\" option",
               nextarg);
         return PARAM_BAD_USE; /*  */
@@ -2084,7 +2084,7 @@ static ParameterError opt_bool(struct OperationConfig *config,
     config->doh_insecure_ok = toggle;
     break;
   case C_LIST_ONLY: /* --list-only */
-    config->dirlistonly = toggle; /* only list the names of the FTP dir */
+    config->dirlistonly = toggle; /* only list names of the FTP directory */
     break;
   case C_MANUAL: /* --manual */
     if(toggle)   /* --no-manual shows no manual... */
@@ -2876,7 +2876,7 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */
     /* is there an '=' ? */
     if(!curlx_str_until(&p, &out, MAX_OPTION_LEN, '=') &&
        !curlx_str_single(&p, '=') ) {
-      /* there's an equal sign */
+      /* there is an equal sign */
       char tempword[MAX_OPTION_LEN + 1];
       memcpy(tempword, curlx_str(&out), curlx_strlen(&out));
       tempword[curlx_strlen(&out)] = 0;
diff --git a/src/tool_operate.c b/src/tool_operate.c
index 1317e73551..b7c8805b3a 100644
--- a/src/tool_operate.c
+++ b/src/tool_operate.c
@@ -2252,7 +2252,7 @@ CURLcode operate(int argc, argv_item_t argv[])
       strcmp(first_arg, "--disable"))) {
     parseconfig(NULL, CONFIG_MAX_LEVELS); /* ignore possible failure */
 
-    /* If we had no arguments then make sure a url was specified in .curlrc */
+    /* If we had no arguments then make sure a URL was specified in .curlrc */
     if((argc < 2) && (!global->first->url_list)) {
       helpf(NULL);
       result = CURLE_FAILED_INIT;
diff --git a/src/tool_operhlp.c b/src/tool_operhlp.c
index d25fccf46c..e17955bec3 100644
--- a/src/tool_operhlp.c
+++ b/src/tool_operhlp.c
@@ -211,7 +211,7 @@ CURLcode get_url_file_name(char **filename, const char *url)
       else {
         /* no slash => empty string, use default */
         *filename = strdup("curl_response");
-        warnf("No remote file name, uses \"%s\"", *filename);
+        warnf("No remote filename, uses \"%s\"", *filename);
       }
 
       curl_free(path);
diff --git a/src/tool_paramhlp.c b/src/tool_paramhlp.c
index 008f0fc388..2e7b98f26e 100644
--- a/src/tool_paramhlp.c
+++ b/src/tool_paramhlp.c
@@ -135,7 +135,7 @@ ParameterError file2memory_range(char **bufp, size_t *size, FILE *file,
         offset = starto;
       }
       else
-        /* we can't seek stdin, read 'starto' bytes and throw them away */
+        /* we cannot seek stdin, read 'starto' bytes and throw them away */
         throwaway = starto;
     }
 
diff --git a/src/tool_parsecfg.c b/src/tool_parsecfg.c
index 03f9930c5d..46096d5b5a 100644
--- a/src/tool_parsecfg.c
+++ b/src/tool_parsecfg.c
@@ -103,7 +103,7 @@ ParameterError parseconfig(const char *filename, int max_recursive)
 #if defined(_WIN32) && !defined(UNDER_CE)
     else {
       char *fullp;
-      /* check for .curlrc then _curlrc in the dir of the executable */
+      /* check for .curlrc then _curlrc in the directory of the executable */
       file = tool_execpath(".curlrc", &fullp);
       if(!file)
         file = tool_execpath("_curlrc", &fullp);

From 554dfa556886c3d7425f6690f3fc408128bf4744 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 15 Jul 2025 00:36:08 +0200
Subject: [PATCH 0861/2408] build: drop Windows CE / CeGCC support

Windows CE support was limited to successful builds with ming32ce
(a toolchain that hasn't seen an update since 2009, using an ancient gcc
version and "old mingw"-style SDK headers, that curl deprecated earlier).
Builds with MSVC were broken for a long time. mingw32ce builds were never
actually tested and runtime and unlikely to work due to missing stubs.
Windows CE toolchains also miss to comply with C89. Paired with lack of
demand and support for the platform, curl deprecated it earlier.

This patch removes support from the codebase to ease maintaining Windows
codepaths.

Follow-up to f98c0ba834d4b4da480373b732a86976f9064ccd #17924
Follow-up to 8491e6574cde770b227ca0e1cd66548291f49661 #17379
Follow-up to 2a292c39846107228201674d686be5b3ed96674d #15975

Closes #17927
---
 CMake/CurlSymbolHiding.cmake         |   2 +-
 CMake/win32-cache.cmake              |  24 +--
 CMakeLists.txt                       | 103 +++--------
 acinclude.m4                         |  12 +-
 configure.ac                         |  64 +------
 docs/DEPRECATE.md                    |   8 +-
 docs/INSTALL.md                      |   4 +-
 docs/examples/anyauthput.c           |   5 -
 docs/examples/block_ip.c             |   2 +-
 docs/examples/externalsocket.c       |   4 -
 docs/examples/fileupload.c           |   5 -
 docs/examples/ftpupload.c            |   9 -
 docs/examples/ftpuploadresume.c      |   2 -
 docs/examples/http2-download.c       |   4 -
 docs/examples/http2-upload.c         |  13 +-
 docs/examples/httpput.c              |   5 -
 docs/examples/log_failed_transfers.c |   8 +-
 docs/examples/sftpuploadresume.c     |   4 +-
 include/curl/system.h                |  21 +--
 lib/asyn-thrdd.c                     |   2 +-
 lib/cf-socket.c                      |  13 --
 lib/config-win32.h                   |  93 ++--------
 lib/connect.c                        |   2 +-
 lib/curl_fopen.c                     |   9 +-
 lib/curl_setup.h                     |  43 +----
 lib/curl_setup_once.h                |   4 +-
 lib/curl_sspi.c                      |   4 -
 lib/curl_sspi.h                      | 252 ---------------------------
 lib/curl_threads.c                   |  13 +-
 lib/curlx/fopen.c                    |  10 +-
 lib/curlx/fopen.h                    |   2 +-
 lib/curlx/inet_ntop.c                |  10 +-
 lib/curlx/inet_pton.c                |   2 +-
 lib/curlx/strerr.c                   |   7 +-
 lib/curlx/version_win32.c            |   8 +-
 lib/curlx/winapi.c                   |   5 +-
 lib/easy.c                           |   8 +-
 lib/file.c                           |   2 +-
 lib/ftp.c                            |   4 -
 lib/getenv.c                         |   2 +-
 lib/hostip.c                         |   2 -
 lib/md4.c                            |   5 -
 lib/md5.c                            |   4 -
 lib/memdebug.c                       |   2 +-
 lib/rename.c                         |   2 +-
 lib/sha256.c                         |   4 -
 lib/strerror.c                       |   2 +-
 lib/system_win32.c                   |  18 +-
 lib/transfer.c                       |   2 -
 lib/vtls/schannel.c                  |  30 +---
 lib/vtls/schannel_verify.c           |  77 --------
 lib/vtls/vtls_scache.c               |   5 +-
 m4/xc-lt-iface.m4                    |   4 +-
 src/CMakeLists.txt                   |   2 +-
 src/terminal.c                       |   2 +-
 src/tool_cb_hdr.c                    |   2 +-
 src/tool_cb_rea.c                    |   6 +-
 src/tool_cb_see.c                    |   2 +-
 src/tool_cb_wrt.c                    |   6 +-
 src/tool_cfgable.c                   |   2 +-
 src/tool_cfgable.h                   |   4 +-
 src/tool_dirhie.c                    |   4 +-
 src/tool_doswin.c                    |  12 +-
 src/tool_doswin.h                    |   6 +-
 src/tool_formparse.c                 |   4 -
 src/tool_getparam.h                  |   2 +-
 src/tool_getpass.c                   |   4 +-
 src/tool_main.c                      |  11 +-
 src/tool_operate.c                   |  22 +--
 src/tool_parsecfg.c                  |   2 +-
 src/tool_setup.h                     |   9 -
 src/tool_util.c                      |  11 +-
 src/tool_util.h                      |   2 +-
 tests/libtest/lib505.c               |   5 -
 tests/libtest/lib525.c               |   5 -
 tests/libtest/lib541.c               |   5 -
 tests/libtest/lib556.c               |   4 -
 tests/libtest/lib582.c               |   5 -
 tests/server/first.h                 |   2 -
 tests/server/sockfilt.c              |  29 +--
 tests/server/util.c                  |  20 +--
 81 files changed, 166 insertions(+), 975 deletions(-)

diff --git a/CMake/CurlSymbolHiding.cmake b/CMake/CurlSymbolHiding.cmake
index 217c8832c9..2576a1aff3 100644
--- a/CMake/CurlSymbolHiding.cmake
+++ b/CMake/CurlSymbolHiding.cmake
@@ -29,7 +29,7 @@ if(WIN32 AND (ENABLE_DEBUG OR ENABLE_CURLDEBUG))
   # e.g. curl_easy_perform_ev() or curl_dbg_*(),
   # so disable symbol hiding for debug builds and for memory tracking.
   set(CURL_HIDDEN_SYMBOLS OFF)
-elseif(DOS OR AMIGA OR MINGW32CE)
+elseif(DOS OR AMIGA)
   set(CURL_HIDDEN_SYMBOLS OFF)
 endif()
 
diff --git a/CMake/win32-cache.cmake b/CMake/win32-cache.cmake
index 8cb9b58b39..50c319d1b6 100644
--- a/CMake/win32-cache.cmake
+++ b/CMake/win32-cache.cmake
@@ -193,7 +193,7 @@ if(MINGW OR MSVC)
   curl_prefill_type_size("CURL_OFF_T" 8)
   curl_prefill_type_size("CURL_SOCKET_T" ${CMAKE_SIZEOF_VOID_P})
   curl_prefill_type_size("SIZE_T" ${CMAKE_SIZEOF_VOID_P})
-  # TIME_T: 8 for _WIN64 or UCRT or MSVC and not Windows CE, 4 otherwise
+  # TIME_T: 8 for _WIN64 or UCRT or MSVC, 4 otherwise
   #   Also 4 for non-UCRT 32-bit when _USE_32BIT_TIME_T is set.
   #   mingw-w64 sets _USE_32BIT_TIME_T unless __MINGW_USE_VC2005_COMPAT is explicit defined.
   if(MSVC)
@@ -206,25 +206,3 @@ if(MINGW OR MSVC)
     curl_prefill_type_size("OFF_T" 8)  # mingw-w64 v3+
   endif()
 endif()
-
-# Windows CE exceptions
-
-if(WINCE)
-  set(HAVE_FREEADDRINFO 0)
-  set(HAVE_GETADDRINFO 0)
-  set(HAVE_LOCALE_H 0)
-  set(HAVE_SETLOCALE 0)
-  set(HAVE_SETMODE 0)
-  set(HAVE_SIGNAL 0)
-  set(HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID 0)
-  curl_prefill_type_size("CURL_SOCKET_T" 4)
-  curl_prefill_type_size("TIME_T" 4)
-  curl_prefill_type_size("SIZE_T" 4)
-  if(MINGW32CE)
-    set(HAVE_STRTOK_R 0)
-    set(HAVE__SETMODE 0)
-    set(HAVE_FILE_OFFSET_BITS 0)
-    curl_prefill_type_size("SSIZE_T" 4)
-    curl_prefill_type_size("OFF_T" 4)
-  endif()
-endif()
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 8113cdea90..0b9b666adb 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -71,37 +71,6 @@ if(WINDOWS_STORE AND MINGW)  # mingw UWP build
   # CMake (as of v3.31.2) gets confused and applies the MSVC rc.exe command-line
   # template to windres. Reset it to the windres template via 'Modules/Platform/Windows-windres.cmake':
   set(CMAKE_RC_COMPILE_OBJECT " -O coff     ")
-elseif(WIN32 AND WINCE AND CMAKE_C_COMPILER_ID STREQUAL "GNU")  # mingw32ce build
-  if(NOT MINGW32CE_LIBRARY_DIR)
-    message(FATAL_ERROR "Set MINGW32CE_LIBRARY_DIR variable to the mingw32ce platform library directory.")
-  endif()
-
-  set(MINGW 1)
-  set(MINGW32CE 1)
-
-  # Build implib with libcurl DLL. Copied from CMake's 'Modules/Platform/Windows-GNU.cmake'.
-  set(CMAKE_C_CREATE_SHARED_LIBRARY "   ")
-  string(APPEND CMAKE_C_CREATE_SHARED_LIBRARY "  -o  -Wl,--out-implib,")
-  string(APPEND CMAKE_C_CREATE_SHARED_LIBRARY " ${CMAKE_GNULD_IMAGE_VERSION}  ")
-
-  # Build resources. Copied from CMake's 'Modules/Platform/Windows-windres.cmake'.
-  set(CMAKE_RC_COMPILE_OBJECT " -O coff     ")
-  enable_language(RC)
-
-  # To compile long long integer literals
-  set_property(DIRECTORY APPEND PROPERTY COMPILE_OPTIONS "-std=gnu99")
-  string(APPEND CMAKE_REQUIRED_FLAGS " -std=gnu99")
-
-  set(CMAKE_C_COMPILE_OPTIONS_PIC "")  # CMake sets it to '-fPIC', confusing the toolchain and breaking builds. Zap it.
-
-  set(CMAKE_STATIC_LIBRARY_PREFIX "lib")
-  set(CMAKE_STATIC_LIBRARY_SUFFIX ".a")
-  set(CMAKE_SHARED_LIBRARY_PREFIX "lib")
-  set(CMAKE_SHARED_LIBRARY_SUFFIX ".dll")
-  set(CMAKE_IMPORT_LIBRARY_PREFIX "lib")
-  set(CMAKE_IMPORT_LIBRARY_SUFFIX ".dll.a")
-  set(CMAKE_FIND_LIBRARY_PREFIXES "lib" "")
-  set(CMAKE_FIND_LIBRARY_SUFFIXES ".dll.a" ".a" ".lib")
 elseif(DOS AND CMAKE_C_COMPILER_ID STREQUAL "GNU")  # DJGPP
   set(CMAKE_STATIC_LIBRARY_PREFIX "lib")
   set(CMAKE_STATIC_LIBRARY_SUFFIX ".a")
@@ -130,9 +99,6 @@ endif()
 if(WIN32)
   string(APPEND _target_flags " WIN32")
 endif()
-if(WINCE)
-  string(APPEND _target_flags " WINCE")
-endif()
 if(WINDOWS_STORE)
   string(APPEND _target_flags " UWP")
 endif()
@@ -213,12 +179,12 @@ option(CURL_DISABLE_INSTALL "Disable installation targets" OFF)
 
 if(WIN32)
   option(ENABLE_UNICODE "Use the Unicode version of the Windows API functions" OFF)
-  if(WINDOWS_STORE OR WINCE)
+  if(WINDOWS_STORE)
     set(ENABLE_UNICODE ON)
   endif()
   if(ENABLE_UNICODE)
     set_property(DIRECTORY APPEND PROPERTY COMPILE_DEFINITIONS "UNICODE" "_UNICODE")
-    if(MINGW AND NOT MINGW32CE)
+    if(MINGW)
       set_property(DIRECTORY APPEND PROPERTY COMPILE_OPTIONS "-municode")
     endif()
   endif()
@@ -538,7 +504,7 @@ if(HTTP_ONLY)
   set(CURL_DISABLE_TFTP ON)
 endif()
 
-if(WINDOWS_STORE OR WINCE)
+if(WINDOWS_STORE)
   set(CURL_DISABLE_TELNET ON)  # telnet code needs fixing to compile for UWP.
 endif()
 
@@ -624,21 +590,7 @@ if(ENABLE_THREADED_RESOLVER)
 endif()
 
 # Check for all needed libraries
-if(WIN32)
-  if(WINCE)
-    set(_win32_winsock "ws2")
-  else()
-    set(_win32_winsock "ws2_32")
-  endif()
-  set(_win32_crypt32 "crypt32")
-  set(_win32_secur32 "secur32")
-
-  if(MINGW32CE)  # FIXME upstream: must specify the full path to avoid CMake converting "ws2" to "ws2.lib"
-    set(_win32_winsock "${MINGW32CE_LIBRARY_DIR}/lib${_win32_winsock}.a")
-    set(_win32_crypt32 "${MINGW32CE_LIBRARY_DIR}/lib${_win32_crypt32}.a")
-    set(_win32_secur32 "${MINGW32CE_LIBRARY_DIR}/lib${_win32_secur32}.a")
-  endif()
-elseif(DOS)
+if(DOS)
   if(WATT_ROOT)
     set(USE_WATT32 ON)
     # FIXME upstream: must specify the full path to avoid CMake converting "watt" to "watt.lib"
@@ -659,7 +611,7 @@ elseif(AMIGA)
     set(CURL_USE_OPENSSL ON)
     set(CURL_CA_FALLBACK ON CACHE BOOL "")
   endif()
-elseif(NOT APPLE)
+elseif(NOT WIN32 AND NOT APPLE)
   check_library_exists("socket" "connect" "" HAVE_LIBSOCKET)
   if(HAVE_LIBSOCKET)
     set(CURL_NETWORK_AND_TIME_LIBS "socket" ${CURL_NETWORK_AND_TIME_LIBS})
@@ -694,7 +646,7 @@ if(ENABLE_IPV6)
     endif()
   endif()
 endif()
-if(ENABLE_IPV6 AND NOT WINCE)
+if(ENABLE_IPV6)
   set(USE_IPV6 ON)
 endif()
 
@@ -1035,7 +987,7 @@ macro(curl_openssl_check_exists)
     if(HAVE_LIBZ)
       list(APPEND CMAKE_REQUIRED_LIBRARIES ZLIB::ZLIB)
     endif()
-    if(WIN32 AND NOT WINCE)
+    if(WIN32)
       list(APPEND CMAKE_REQUIRED_LIBRARIES "bcrypt")  # for OpenSSL/LibreSSL
     endif()
   endif()
@@ -1049,7 +1001,7 @@ macro(curl_openssl_check_exists)
     list(APPEND CMAKE_REQUIRED_DEFINITIONS "-DHAVE_UINTPTR_T")  # to pull in stdint.h (as of wolfSSL v5.5.4)
   endif()
   if(WIN32)
-    list(APPEND CMAKE_REQUIRED_LIBRARIES "${_win32_winsock}" "${_win32_crypt32}")  # for OpenSSL/wolfSSL
+    list(APPEND CMAKE_REQUIRED_LIBRARIES "ws2_32" "crypt32")  # for OpenSSL/wolfSSL
   endif()
   if(${ARGC} EQUAL 2)
     check_function_exists(${ARGN})
@@ -1262,7 +1214,7 @@ if(NOT CURL_DISABLE_SRP AND (HAVE_GNUTLS_SRP OR HAVE_OPENSSL_SRP))
 endif()
 
 if(NOT CURL_DISABLE_LDAP)
-  if(WIN32 AND NOT WINDOWS_STORE AND NOT WINCE)
+  if(WIN32 AND NOT WINDOWS_STORE)
     option(USE_WIN32_LDAP "Use Windows LDAP implementation" ON)
     if(USE_WIN32_LDAP)
       list(APPEND CURL_LIBS "wldap32")
@@ -1501,7 +1453,7 @@ if(USE_LIBRTMP)
 endif()
 
 option(ENABLE_UNIX_SOCKETS "Enable Unix domain sockets support" ON)
-if(ENABLE_UNIX_SOCKETS AND NOT WINCE)
+if(ENABLE_UNIX_SOCKETS)
   if(WIN32 OR DOS)
     set(USE_UNIX_SOCKETS 1)
   else()
@@ -1618,7 +1570,7 @@ if(WIN32)
   list(APPEND CURL_INCLUDES "winsock2.h")
   list(APPEND CURL_INCLUDES "ws2tcpip.h")
 
-  if(HAVE_WIN32_WINNT AND HAVE_WIN32_WINNT LESS 0x0501 AND NOT WINCE)
+  if(HAVE_WIN32_WINNT AND HAVE_WIN32_WINNT LESS 0x0501)
     # Windows XP is required for freeaddrinfo, getaddrinfo
     message(FATAL_ERROR "Building for Windows XP or newer is required.")
   endif()
@@ -1626,7 +1578,7 @@ if(WIN32)
   # Pre-fill detection results based on target OS version
   if(_CURL_PREFILL)
     if(NOT HAVE_WIN32_WINNT OR HAVE_WIN32_WINNT LESS 0x0600 OR  # older than Windows Vista
-       WINCE OR WINDOWS_STORE)
+       WINDOWS_STORE)
       set(HAVE_IF_NAMETOINDEX 0)
       unset(HAVE_IF_NAMETOINDEX CACHE)
     elseif(MSVC OR MINGW)
@@ -1734,8 +1686,8 @@ endif()
 
 # Apply to all feature checks
 if(WIN32)
-  list(APPEND CMAKE_REQUIRED_LIBRARIES "${_win32_winsock}")
-  if(NOT WINCE AND NOT WINDOWS_STORE)
+  list(APPEND CMAKE_REQUIRED_LIBRARIES "ws2_32")
+  if(NOT WINDOWS_STORE)
     list(APPEND CMAKE_REQUIRED_LIBRARIES "iphlpapi")
   endif()
 elseif(HAVE_LIBSOCKET)
@@ -1805,11 +1757,9 @@ else()
   check_symbol_exists("strcmpi"         "string.h" HAVE_STRCMPI)
 endif()
 
-if(NOT MINGW32CE)  # Avoid false detections
-  check_function_exists("setmode" HAVE_SETMODE)
-  if(WIN32 OR CYGWIN)
-    check_function_exists("_setmode" HAVE__SETMODE)
-  endif()
+check_function_exists("setmode" HAVE_SETMODE)
+if(WIN32 OR CYGWIN)
+  check_function_exists("_setmode" HAVE__SETMODE)
 endif()
 
 if(AMIGA)
@@ -1971,17 +1921,13 @@ include(CMake/OtherTests.cmake)
 set_property(DIRECTORY APPEND PROPERTY COMPILE_DEFINITIONS "HAVE_CONFIG_H")
 
 if(WIN32)
-  list(APPEND CURL_NETWORK_AND_TIME_LIBS "${_win32_winsock}")
-  if(NOT WINCE AND NOT WINDOWS_STORE)
+  list(APPEND CURL_NETWORK_AND_TIME_LIBS "ws2_32")
+  if(NOT WINDOWS_STORE)
     list(APPEND CURL_NETWORK_AND_TIME_LIBS "iphlpapi")
   endif()
-  if(NOT WINCE)
-    list(APPEND CURL_LIBS "bcrypt")
-  endif()
+  list(APPEND CURL_LIBS "bcrypt")
 
-  if(NOT WINCE)
-    set(USE_WIN32_LARGE_FILES ON)
-  endif()
+  set(USE_WIN32_LARGE_FILES ON)
 
   # We use crypto functions that are not available for UWP apps
   if(NOT WINDOWS_STORE)
@@ -1990,13 +1936,10 @@ if(WIN32)
 
   # Link required libraries for USE_WIN32_CRYPTO or USE_SCHANNEL
   if(USE_WIN32_CRYPTO OR USE_SCHANNEL)
-    if(NOT WINCE)
-      list(APPEND CURL_LIBS "advapi32")
-    endif()
-    list(APPEND CURL_LIBS "${_win32_crypt32}")
+    list(APPEND CURL_LIBS "advapi32" "crypt32")
   endif()
   if(USE_WINDOWS_SSPI)
-    list(APPEND CURL_LIBS "${_win32_secur32}")
+    list(APPEND CURL_LIBS "secur32")
   endif()
 endif()
 
diff --git a/acinclude.m4 b/acinclude.m4
index 517de0c4a6..7038f32a8b 100644
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -1315,13 +1315,8 @@ AC_DEFUN([CURL_CHECK_WIN32_LARGEFILE], [
   AC_REQUIRE([CURL_CHECK_NATIVE_WINDOWS])dnl
   if test "$curl_cv_native_windows" = 'yes'; then
     AC_MSG_CHECKING([whether build target supports Win32 large files])
-    if test "$curl_cv_wince" = 'yes'; then
-      dnl Windows CE does not support large files
-      curl_win32_has_largefile='no'
-    else
-      dnl All mingw-w64 versions support large files
-      curl_win32_has_largefile='yes'
-    fi
+    dnl All mingw-w64 versions support large files
+    curl_win32_has_largefile='yes'
     case "$curl_win32_has_largefile" in
       yes)
         if test x"$enable_largefile" = 'xno'; then
@@ -1478,9 +1473,6 @@ AC_DEFUN([CURL_PREPARE_BUILDINFO], [
   if test "$curl_cv_native_windows" = 'yes'; then
     curl_pflags="${curl_pflags} WIN32"
   fi
-  if test "$curl_cv_wince" = 'yes'; then
-    curl_pflags="${curl_pflags} WINCE"
-  fi
   if test "$curl_cv_winuwp" = 'yes'; then
     curl_pflags="${curl_pflags} UWP"
   fi
diff --git a/configure.ac b/configure.ac
index e493369b9d..9602be344f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -529,12 +529,8 @@ dnl for --enable-code-coverage
 CURL_COVERAGE
 CURL_CHECK_NATIVE_WINDOWS
 
-curl_cv_wince='no'
 curl_cv_winuwp='no'
 if test "$curl_cv_native_windows" = "yes"; then
-  case $host_os in
-    mingw32ce*) curl_cv_wince='yes';;
-  esac
   case "$CPPFLAGS" in
     *-DWINSTORECOMPAT*) curl_cv_winuwp='yes';;
   esac
@@ -896,7 +892,7 @@ AS_HELP_STRING([--disable-telnet],[Disable TELNET support]),
     AC_MSG_RESULT(yes)
 )
 
-if test "$curl_cv_winuwp" = 'yes' -o "$curl_cv_wince" = 'yes'; then
+if test "$curl_cv_winuwp" = 'yes'; then
   AC_DEFINE(CURL_DISABLE_TELNET, 1, [to disable TELNET])
   CURL_DISABLE_TELNET=1
 fi
@@ -1177,37 +1173,6 @@ if test "$HAVE_GETHOSTBYNAME" != "1"; then
   ])
 fi
 
-if test "$HAVE_GETHOSTBYNAME" != "1"; then
-  if test "$curl_cv_wince" = 'yes'; then
-    dnl This is for Windows CE systems
-    winsock_LIB="-lws2"
-    if test ! -z "$winsock_LIB"; then
-      my_ac_save_LIBS=$LIBS
-      LIBS="$winsock_LIB $LIBS"
-      AC_MSG_CHECKING([for gethostbyname in $winsock_LIB])
-      AC_LINK_IFELSE([
-        AC_LANG_PROGRAM([[
-          #ifdef _WIN32
-          #ifndef WIN32_LEAN_AND_MEAN
-          #define WIN32_LEAN_AND_MEAN
-          #endif
-          #include 
-          #endif
-        ]],[[
-          gethostbyname("localhost");
-        ]])
-      ],[
-        AC_MSG_RESULT([yes])
-        HAVE_GETHOSTBYNAME="1"
-      ],[
-        AC_MSG_RESULT([no])
-        winsock_LIB=""
-        LIBS=$my_ac_save_LIBS
-      ])
-    fi
-  fi
-fi
-
 # In UWP mode gethostbyname gets detected via the core libs, but some
 # code (in6addr_any) still need ws2_32, so let us detect and add it.
 if test "$HAVE_GETHOSTBYNAME" != "1" -o "$curl_cv_winuwp" = "yes"; then
@@ -1693,10 +1658,6 @@ AS_HELP_STRING([--disable-ipv6],[Disable IPv6 support]),
   )
 )
 
-if test "$curl_cv_wince" = 'yes'; then
-  ipv6=no
-fi
-
 if test "$ipv6" = yes; then
   curl_ipv6_msg="enabled"
   AC_DEFINE(USE_IPV6, 1, [Define if you want to enable IPv6 support])
@@ -1998,14 +1959,11 @@ CURL_WITH_APPLE_SECTRUST
 
 dnl link required libraries for USE_WIN32_CRYPTO or SCHANNEL_ENABLED
 if test "x$USE_WIN32_CRYPTO" = "x1" -o "x$SCHANNEL_ENABLED" = "x1"; then
-  LIBS="-lcrypt32 $LIBS"
-  if test "$curl_cv_wince" = 'no'; then
-    LIBS="-ladvapi32 $LIBS"
-  fi
+  LIBS="-ladvapi32 -lcrypt32 $LIBS"
 fi
 
 dnl link bcrypt for BCryptGenRandom() (used when building for Vista or newer)
-if test "x$curl_cv_native_windows" = "xyes" -a "$curl_cv_wince" = 'no'; then
+if test "x$curl_cv_native_windows" = "xyes"; then
   LIBS="-lbcrypt $LIBS"
 fi
 
@@ -2750,11 +2708,7 @@ dnl ----------------------------
 dnl check Windows Unicode option
 dnl ----------------------------
 
-if test "$curl_cv_wince" = 'yes'; then
-  want_winuni="yes"
-else
-  want_winuni="no"
-fi
+want_winuni="no"
 if test "$curl_cv_native_windows" = "yes"; then
   if test "$curl_cv_winuwp" = 'yes'; then
     want_winuni="yes"
@@ -4266,11 +4220,9 @@ else
   CURL_CHECK_FUNC_STRICMP
 fi
 
-if test "$curl_cv_wince" = 'no'; then
-  AC_CHECK_FUNCS([setmode])
-  if test "$curl_cv_native_windows" = 'yes' -o "$curl_cv_cygwin" = 'yes'; then
-    AC_CHECK_FUNCS([_setmode])
-  fi
+AC_CHECK_FUNCS([setmode])
+if test "$curl_cv_native_windows" = 'yes' -o "$curl_cv_cygwin" = 'yes'; then
+  AC_CHECK_FUNCS([_setmode])
 fi
 
 if test -z "$ssl_backends"; then
@@ -4639,7 +4591,7 @@ AS_HELP_STRING([--disable-unix-sockets],[Disable Unix domain sockets]),
     want_unix_sockets=auto
     ]
 )
-if test "x$want_unix_sockets" != "xno" -a "$curl_cv_wince" = 'no'; then
+if test "x$want_unix_sockets" != "xno"; then
   if test "x$curl_cv_native_windows" = "xyes"; then
     USE_UNIX_SOCKETS=1
     AC_DEFINE(USE_UNIX_SOCKETS, 1, [Use Unix domain sockets])
diff --git a/docs/DEPRECATE.md b/docs/DEPRECATE.md
index 48c44e6c6b..d02174d8ca 100644
--- a/docs/DEPRECATE.md
+++ b/docs/DEPRECATE.md
@@ -12,13 +12,6 @@ email the
 as soon as possible and explain to us why this is a problem for you and
 how your use case cannot be satisfied properly using a workaround.
 
-## Windows CE
-
-Windows CE "mainstream support" ended on October 9, 2018, and "Extended
-Support" ended on October 10, 2023.
-
-curl drops all support in November 2025.
-
 ## VS2008
 
 curl drops support for getting built with Microsoft Visual Studio 2008 in
@@ -100,3 +93,4 @@ Support for RTMP in libcurl gets removed in April 2026.
  - BearSSL (removed in 8.15.0)
  - msh3 (removed in 8.16.0)
  - winbuild build system (removed in 8.17.0)
+ - Windows CE (removed in 8.18.0)
diff --git a/docs/INSTALL.md b/docs/INSTALL.md
index dfbc1eebfd..0db7848a22 100644
--- a/docs/INSTALL.md
+++ b/docs/INSTALL.md
@@ -650,7 +650,7 @@ This is a probably incomplete list of known CPU architectures and operating
 systems that curl has been compiled for. If you know a system curl compiles
 and runs on, that is not listed, please let us know.
 
-## 109 Operating Systems
+## 108 Operating Systems
 
     AIX, AmigaOS, Android, ArcaOS, Aros, Atari FreeMiNT, Azure Sphere, BeOS,
     Blackberry 10, Blackberry Tablet OS, Cell OS, Cesium, CheriBSD, Chrome OS,
@@ -665,7 +665,7 @@ and runs on, that is not listed, please let us know.
     SINIX-Z, SkyOS, SmartOS, Solaris, Sortix, SunOS, Syllable OS, Symbian,
     Tizen, TPF, Tru64, tvOS, ucLinux, Ultrix, UNICOS, UnixWare, visionOS, VMS,
     vxWorks, watchOS, Wear OS, WebOS, Wii System Software, Wii U, Windows,
-    Windows CE, Xbox System, Xenix, z/OS, z/TPF, z/VM, z/VSE, Zephyr
+    Xbox System, Xenix, z/OS, z/TPF, z/VM, z/VSE, Zephyr
 
 ## 28 CPU Architectures
 
diff --git a/docs/examples/anyauthput.c b/docs/examples/anyauthput.c
index b13593a041..12d8de76c9 100644
--- a/docs/examples/anyauthput.c
+++ b/docs/examples/anyauthput.c
@@ -103,12 +103,7 @@ int main(int argc, char **argv)
   if(!fp)
     return 2;
 
-#ifdef UNDER_CE
-  /* !checksrc! disable BANNEDFUNC 1 */
-  if(stat(file, &file_info) != 0) {
-#else
   if(fstat(fileno(fp), &file_info) != 0) {
-#endif
     fclose(fp);
     return 1; /* cannot continue */
   }
diff --git a/docs/examples/block_ip.c b/docs/examples/block_ip.c
index b99fab58c3..290f92a61e 100644
--- a/docs/examples/block_ip.c
+++ b/docs/examples/block_ip.c
@@ -29,7 +29,7 @@
  * filter IP addresses.
  */
 
-#if defined(__AMIGA__) || defined(UNDER_CE)
+#ifdef __AMIGA__
 #include 
 int main(void) { printf("Platform not supported.\n"); return 1; }
 #else
diff --git a/docs/examples/externalsocket.c b/docs/examples/externalsocket.c
index 7415cff81f..6cab781a46 100644
--- a/docs/examples/externalsocket.c
+++ b/docs/examples/externalsocket.c
@@ -46,11 +46,7 @@
 #include            /*  misc. Unix functions      */
 #endif
 
-#ifdef UNDER_CE
-#define strerror(e) "?"
-#else
 #include 
-#endif
 
 /* The IP address and port number to connect to */
 #define IPADDR "127.0.0.1"
diff --git a/docs/examples/fileupload.c b/docs/examples/fileupload.c
index 03dd323bda..fa9de2aa4f 100644
--- a/docs/examples/fileupload.c
+++ b/docs/examples/fileupload.c
@@ -57,12 +57,7 @@ int main(void)
   }
 
   /* to get the file size */
-#ifdef UNDER_CE
-  /* !checksrc! disable BANNEDFUNC 1 */
-  if(stat("debugit", &file_info) != 0) {
-#else
   if(fstat(fileno(fd), &file_info) != 0) {
-#endif
     fclose(fd);
     curl_global_cleanup();
     return 1; /* cannot continue */
diff --git a/docs/examples/ftpupload.c b/docs/examples/ftpupload.c
index 26db7f5953..b334ad3273 100644
--- a/docs/examples/ftpupload.c
+++ b/docs/examples/ftpupload.c
@@ -28,11 +28,7 @@
 #include 
 #include 
 #include 
-#ifdef UNDER_CE
-#define strerror(e) "?"
-#else
 #include 
-#endif
 #ifdef _WIN32
 #include 
 #undef stat
@@ -95,12 +91,7 @@ int main(void)
   }
 
   /* to get the file size */
-#ifdef UNDER_CE
-  /* !checksrc! disable BANNEDFUNC 1 */
-  if(stat(LOCAL_FILE, &file_info) != 0) {
-#else
   if(fstat(fileno(hd_src), &file_info) != 0) {
-#endif
     fclose(hd_src);
     return 1; /* cannot continue */
   }
diff --git a/docs/examples/ftpuploadresume.c b/docs/examples/ftpuploadresume.c
index ea972ec193..e9d723d70d 100644
--- a/docs/examples/ftpuploadresume.c
+++ b/docs/examples/ftpuploadresume.c
@@ -77,9 +77,7 @@ static int upload(CURL *curl, const char *remotepath,
 
   f = fopen(localpath, "rb");
   if(!f) {
-#ifndef UNDER_CE
     perror(NULL);
-#endif
     return 0;
   }
 
diff --git a/docs/examples/http2-download.c b/docs/examples/http2-download.c
index ca61a92d91..e58742e59c 100644
--- a/docs/examples/http2-download.c
+++ b/docs/examples/http2-download.c
@@ -28,11 +28,7 @@
 #include 
 #include 
 #include 
-#ifdef UNDER_CE
-#define strerror(e) "?"
-#else
 #include 
-#endif
 
 #if defined(_MSC_VER) && (_MSC_VER < 1900)
 #define snprintf _snprintf
diff --git a/docs/examples/http2-upload.c b/docs/examples/http2-upload.c
index 7ba150e91a..84b0e18ea1 100644
--- a/docs/examples/http2-upload.c
+++ b/docs/examples/http2-upload.c
@@ -30,11 +30,7 @@
 #include 
 #include 
 #include 
-#ifdef UNDER_CE
-#define strerror(e) "?"
-#else
 #include 
-#endif
 
 /* somewhat Unix-specific */
 #ifndef _MSC_VER
@@ -231,14 +227,9 @@ static int setup(struct input *t, int num, const char *upload)
     return 1;
   }
 
-#ifdef UNDER_CE
-  /* !checksrc! disable BANNEDFUNC 1 */
-  if(stat(upload, &file_info) != 0) {
-#else
   if(fstat(fileno(t->in), &file_info) != 0) {
-#endif
-    fprintf(stderr, "error: could not stat file %s: %s\n",
-            upload, strerror(errno));
+    fprintf(stderr, "error: could not stat file %s: %s\n", upload,
+            strerror(errno));
     fclose(t->out);
     t->out = NULL;
     return 1;
diff --git a/docs/examples/httpput.c b/docs/examples/httpput.c
index 794ea99ae5..a7fac75b4a 100644
--- a/docs/examples/httpput.c
+++ b/docs/examples/httpput.c
@@ -90,12 +90,7 @@ int main(int argc, char **argv)
     return 2;
 
   /* get the file size of the local file */
-#ifdef UNDER_CE
-  /* !checksrc! disable BANNEDFUNC 1 */
-  if(stat(file, &file_info) != 0) {
-#else
   if(fstat(fileno(hd_src), &file_info) != 0) {
-#endif
     fclose(hd_src);
     return 1; /* cannot continue */
   }
diff --git a/docs/examples/log_failed_transfers.c b/docs/examples/log_failed_transfers.c
index 350d41affa..23208d232c 100644
--- a/docs/examples/log_failed_transfers.c
+++ b/docs/examples/log_failed_transfers.c
@@ -32,9 +32,7 @@
  *
  */
 
-#ifndef UNDER_CE
 #include 
-#endif
 #include 
 #include 
 #include 
@@ -156,7 +154,7 @@ static int mem_addf(struct mem *mem, const char *format, ...)
       return x;
     }
 
-#if defined(_WIN32) && !defined(UNDER_CE)
+#ifdef _WIN32
     /* Not all versions of Windows CRT vsnprintf are compliant with C99. Some
        return -1 if buffer too small. Try _vscprintf to get the needed size. */
     if(!i && x < 0) {
@@ -297,11 +295,9 @@ int main(void)
       }
     }
     else {
-#ifndef UNDER_CE
       mem_addf(&t->log, "Failed to create body output file %s: %s\n",
                t->bodyfile, strerror(errno));
       fprintf(stderr, "%s", t->log.recent);
-#endif
       failed = 1;
     }
 
@@ -310,12 +306,10 @@ int main(void)
 
       if(fp && t->log.len == fwrite(t->log.buf, 1, t->log.len, fp))
         fprintf(stderr, "Transfer log written to %s\n", t->logfile);
-#ifndef UNDER_CE
       else {
         fprintf(stderr, "Failed to write transfer log to %s: %s\n",
                 t->logfile, strerror(errno));
       }
-#endif
 
       if(fp)
         fclose(fp);
diff --git a/docs/examples/sftpuploadresume.c b/docs/examples/sftpuploadresume.c
index cb5d1cf33e..72ae41382c 100644
--- a/docs/examples/sftpuploadresume.c
+++ b/docs/examples/sftpuploadresume.c
@@ -92,9 +92,7 @@ static int sftpResumeUpload(CURL *curl, const char *remotepath,
 
   f = fopen(localpath, "rb");
   if(!f) {
-#ifndef UNDER_CE
     perror(NULL);
-#endif
     return 0;
   }
 
@@ -103,7 +101,7 @@ static int sftpResumeUpload(CURL *curl, const char *remotepath,
   curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_cb);
   curl_easy_setopt(curl, CURLOPT_READDATA, f);
 
-#if defined(_WIN32) && !defined(UNDER_CE)
+#ifdef _WIN32
   _fseeki64(f, remoteFileSizeByte, SEEK_SET);
 #else
   fseek(f, (long)remoteFileSizeByte, SEEK_SET);
diff --git a/include/curl/system.h b/include/curl/system.h
index 62ed2b0f43..a5b3e9eba7 100644
--- a/include/curl/system.h
+++ b/include/curl/system.h
@@ -135,21 +135,12 @@
 #  endif
 
 #elif defined(UNDER_CE)
-#  ifdef __MINGW32CE__
-#    define CURL_TYPEOF_CURL_OFF_T     long long
-#    define CURL_FORMAT_CURL_OFF_T     "lld"
-#    define CURL_FORMAT_CURL_OFF_TU    "llu"
-#    define CURL_SUFFIX_CURL_OFF_T     LL
-#    define CURL_SUFFIX_CURL_OFF_TU    ULL
-#    define CURL_TYPEOF_CURL_SOCKLEN_T int
-#  else
-#    define CURL_TYPEOF_CURL_OFF_T     __int64
-#    define CURL_FORMAT_CURL_OFF_T     "I64d"
-#    define CURL_FORMAT_CURL_OFF_TU    "I64u"
-#    define CURL_SUFFIX_CURL_OFF_T     i64
-#    define CURL_SUFFIX_CURL_OFF_TU    ui64
-#    define CURL_TYPEOF_CURL_SOCKLEN_T int
-#  endif
+#  define CURL_TYPEOF_CURL_OFF_T     __int64
+#  define CURL_FORMAT_CURL_OFF_T     "I64d"
+#  define CURL_FORMAT_CURL_OFF_TU    "I64u"
+#  define CURL_SUFFIX_CURL_OFF_T     i64
+#  define CURL_SUFFIX_CURL_OFF_TU    ui64
+#  define CURL_TYPEOF_CURL_SOCKLEN_T int
 
 #elif defined(__MINGW32__)
 #  include 
diff --git a/lib/asyn-thrdd.c b/lib/asyn-thrdd.c
index d1652d0ff4..07b6663049 100644
--- a/lib/asyn-thrdd.c
+++ b/lib/asyn-thrdd.c
@@ -473,7 +473,7 @@ static bool async_thrdd_init(struct Curl_easy *data,
 err_exit:
   CURL_TRC_DNS(data, "resolve thread failed init: %d", err);
   async_thrdd_destroy(data);
-  CURL_SETERRNO(err);
+  errno = err;
   return FALSE;
 }
 
diff --git a/lib/cf-socket.c b/lib/cf-socket.c
index a8fa997de0..d1a99d3ece 100644
--- a/lib/cf-socket.c
+++ b/lib/cf-socket.c
@@ -853,24 +853,11 @@ static bool verifyconnect(curl_socket_t sockfd, int *error)
    *
    *    Someone got to verify this on Win-NT 4.0, 2000."
    */
-
-#ifdef UNDER_CE
-  Sleep(0);
-#else
   SleepEx(0, FALSE);
-#endif
-
 #endif
 
   if(getsockopt(sockfd, SOL_SOCKET, SO_ERROR, (void *)&err, &errSize))
     err = SOCKERRNO;
-#ifdef UNDER_CE
-  /* Old Windows CE versions do not support SO_ERROR */
-  if(WSAENOPROTOOPT == err) {
-    SET_SOCKERRNO(0);
-    err = 0;
-  }
-#endif
 #if defined(EBADIOCTL) && defined(__minix)
   /* Minix 3.1.x does not support getsockopt on UDP sockets */
   if(EBADIOCTL == err) {
diff --git a/lib/config-win32.h b/lib/config-win32.h
index 408606d611..bf9038a894 100644
--- a/lib/config-win32.h
+++ b/lib/config-win32.h
@@ -28,8 +28,6 @@
 /*               Hand crafted config file for Windows               */
 /* ================================================================ */
 
-#ifndef UNDER_CE
-
 /* Define some minimum and default build targets for Visual Studio */
 #ifdef _MSC_VER
    /* VS2012 default target settings and minimum build target check. */
@@ -78,8 +76,6 @@
 #  endif
 #endif /* _MSC_VER */
 
-#endif /* UNDER_CE */
-
 /* ---------------------------------------------------------------- */
 /*                          HEADER FILES                            */
 /* ---------------------------------------------------------------- */
@@ -87,19 +83,15 @@
 /* Define if you have the  header file. */
 /* #define HAVE_ARPA_INET_H 1 */
 
-#ifndef UNDER_CE
-
 /* Define if you have the  header file. */
-#define HAVE_FCNTL_H 1  /* exists on __MINGW32CE__ */
+#define HAVE_FCNTL_H 1
 
 /* Define if you have the  header file. */
-#define HAVE_IO_H 1  /* exists on __MINGW32CE__ */
+#define HAVE_IO_H 1
 
 /* Define if you have the  header file. */
 #define HAVE_LOCALE_H 1
 
-#endif
-
 /* Define if you have the  header file. */
 /* #define HAVE_NETDB_H 1 */
 
@@ -107,10 +99,8 @@
 /* #define HAVE_NETINET_IN_H 1 */
 
 /* Define to 1 if you have the  header file. */
-#ifndef UNDER_CE
 #if (defined(_MSC_VER) && (_MSC_VER >= 1800)) || defined(__MINGW32__)
-#define HAVE_STDBOOL_H 1  /* exists on __MINGW32CE__ */
-#endif
+#define HAVE_STDBOOL_H 1
 #endif
 
 /* Define to 1 if you have the  header file. */
@@ -159,10 +149,8 @@
 #define STDC_HEADERS 1
 
 /* Define to 1 if bool is an available type. */
-#ifndef UNDER_CE
 #if (defined(_MSC_VER) && (_MSC_VER >= 1800)) || defined(__MINGW32__)
-#define HAVE_BOOL_T 1  /* exists on __MINGW32CE__ */
-#endif
+#define HAVE_BOOL_T 1
 #endif
 
 /* ---------------------------------------------------------------- */
@@ -200,7 +188,6 @@
 /* Define if you have the select function. */
 #define HAVE_SELECT 1
 
-#ifndef UNDER_CE
 /* Define if you have the setlocale function. */
 #define HAVE_SETLOCALE 1
 
@@ -209,7 +196,6 @@
 
 /* Define if you have the _setmode function. */
 #define HAVE__SETMODE 1
-#endif
 
 /* Define if you have the socket function. */
 #define HAVE_SOCKET 1
@@ -276,9 +262,7 @@
 #endif
 
 /* Define to 1 if you have the signal function. */
-#ifndef UNDER_CE
 #define HAVE_SIGNAL 1
-#endif
 
 /* ---------------------------------------------------------------- */
 /*                       TYPEDEF REPLACEMENTS                       */
@@ -347,11 +331,9 @@
 #endif
 
 /* Windows XP is required for freeaddrinfo, getaddrinfo */
-#ifndef UNDER_CE
 #define HAVE_FREEADDRINFO           1
 #define HAVE_GETADDRINFO            1
 #define HAVE_GETADDRINFO_THREADSAFE 1
-#endif
 
 /* ---------------------------------------------------------------- */
 /*                          STRUCT RELATED                          */
@@ -370,8 +352,6 @@
 /*                        LARGE FILE SUPPORT                        */
 /* ---------------------------------------------------------------- */
 
-#ifndef UNDER_CE
-
 #if defined(_MSC_VER) || defined(__MINGW32__)
 #  define USE_WIN32_LARGE_FILES
 /* Number of bits in a file offset, on hosts where this is settable. */
@@ -390,8 +370,6 @@
 #  define SIZEOF_OFF_T 4
 #endif
 
-#endif /* UNDER_CE */
-
 /* ---------------------------------------------------------------- */
 /*                       DNS RESOLVER SPECIALTY                     */
 /* ---------------------------------------------------------------- */
@@ -420,7 +398,7 @@
 #ifdef CURL_HAS_OPENLDAP_LDAPSDK
 #undef USE_WIN32_LDAP
 #define HAVE_LDAP_URL_PARSE 1
-#elif !defined(CURL_WINDOWS_UWP) && !defined(UNDER_CE)
+#elif !defined(CURL_WINDOWS_UWP)
 #undef HAVE_LDAP_URL_PARSE
 #define HAVE_LDAP_SSL 1
 #define USE_WIN32_LDAP 1
@@ -432,9 +410,7 @@
 #endif
 
 /* Define to use Unix sockets. */
-#ifndef UNDER_CE
 #define USE_UNIX_SOCKETS
-#endif
 
 /* ---------------------------------------------------------------- */
 /*                       ADDITIONAL DEFINITIONS                     */
@@ -442,52 +418,19 @@
 
 /* Define cpu-machine-OS */
 #ifndef CURL_OS
-#  ifdef UNDER_CE
-#    ifdef _M_ARM
-#    define CURL_OS "arm-pc-win32ce"
-#    else
-#    define CURL_OS "i386-pc-win32ce"
-#    endif
-#  else /* !UNDER_CE */
-#    if defined(_M_IX86) || defined(__i386__) /* x86 (MSVC or gcc) */
-#    define CURL_OS "i386-pc-win32"
-#    elif defined(_M_X64) || defined(__x86_64__) /* x86_64 (VS2005+ or gcc) */
-#    define CURL_OS "x86_64-pc-win32"
-#    elif defined(_M_IA64) || defined(__ia64__) /* Itanium */
-#    define CURL_OS "ia64-pc-win32"
-#    elif defined(_M_ARM_NT) || defined(__arm__) /* ARMv7-Thumb2 */
-#    define CURL_OS "thumbv7a-pc-win32"
-#    elif defined(_M_ARM64) || defined(__aarch64__) /* ARM64 (Windows 10) */
-#    define CURL_OS "aarch64-pc-win32"
-#    else
-#    define CURL_OS "unknown-pc-win32"
-#    endif
-#  endif /* UNDER_CE */
+#  if defined(_M_IX86) || defined(__i386__) /* x86 (MSVC or gcc) */
+#  define CURL_OS "i386-pc-win32"
+#  elif defined(_M_X64) || defined(__x86_64__) /* x86_64 (VS2005+ or gcc) */
+#  define CURL_OS "x86_64-pc-win32"
+#  elif defined(_M_IA64) || defined(__ia64__) /* Itanium */
+#  define CURL_OS "ia64-pc-win32"
+#  elif defined(_M_ARM_NT) || defined(__arm__) /* ARMv7-Thumb2 */
+#  define CURL_OS "thumbv7a-pc-win32"
+#  elif defined(_M_ARM64) || defined(__aarch64__) /* ARM64 (Windows 10) */
+#  define CURL_OS "aarch64-pc-win32"
+#  else
+#  define CURL_OS "unknown-pc-win32"
+#  endif
 #endif /* !CURL_OS */
 
-/* ---------------------------------------------------------------- */
-/*                            Windows CE                            */
-/* ---------------------------------------------------------------- */
-
-#ifdef UNDER_CE
-
-#ifndef UNICODE
-#define UNICODE
-#endif
-
-#ifndef _UNICODE
-#define _UNICODE
-#endif
-
-#define CURL_DISABLE_FILE 1
-#define CURL_DISABLE_TELNET 1
-#define CURL_DISABLE_LDAP 1
-
-#ifndef _MSC_VER
-/* !checksrc! disable BANNEDFUNC 1 */
-extern int stat(const char *path, struct stat *buffer);
-#endif
-
-#endif /* UNDER_CE */
-
 #endif /* HEADER_CURL_CONFIG_WIN32_H */
diff --git a/lib/connect.c b/lib/connect.c
index 573b02952b..b5de9b4f5e 100644
--- a/lib/connect.c
+++ b/lib/connect.c
@@ -280,7 +280,7 @@ bool Curl_addr2string(struct sockaddr *sa, curl_socklen_t salen,
 
   addr[0] = '\0';
   *port = 0;
-  CURL_SETERRNO(SOCKEAFNOSUPPORT);
+  errno = SOCKEAFNOSUPPORT;
   return FALSE;
 }
 
diff --git a/lib/curl_fopen.c b/lib/curl_fopen.c
index c41cff21cd..fd0c7c65d2 100644
--- a/lib/curl_fopen.c
+++ b/lib/curl_fopen.c
@@ -101,14 +101,7 @@ CURLcode Curl_fopen(struct Curl_easy *data, const char *filename,
   *fh = curlx_fopen(filename, FOPEN_WRITETEXT);
   if(!*fh)
     goto fail;
-  if(
-#ifdef UNDER_CE
-     /* !checksrc! disable BANNEDFUNC 1 */
-     stat(filename, &sb) == -1
-#else
-     fstat(fileno(*fh), &sb) == -1
-#endif
-     || !S_ISREG(sb.st_mode)) {
+  if(fstat(fileno(*fh), &sb) == -1 || !S_ISREG(sb.st_mode)) {
     return CURLE_OK;
   }
   curlx_fclose(*fh);
diff --git a/lib/curl_setup.h b/lib/curl_setup.h
index d41c9b8cea..fe3b9e0ee3 100644
--- a/lib/curl_setup.h
+++ b/lib/curl_setup.h
@@ -75,7 +75,7 @@
 #endif
 #endif
 
-#if defined(__MINGW32__) && !defined(__MINGW32CE__) && \
+#if defined(__MINGW32__) && \
   (!defined(__MINGW64_VERSION_MAJOR) || (__MINGW64_VERSION_MAJOR < 3))
 #error "Building curl requires mingw-w64 3.0 or later"
 #endif
@@ -122,14 +122,6 @@
 #  endif
 #endif
 
-/* Avoid bogus format check warnings with mingw32ce gcc 4.4.0 in
-   C99 (-std=gnu99) mode */
-#if defined(__MINGW32CE__) && !defined(CURL_NO_FMT_CHECKS) && \
-  (defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L) && \
-  (defined(__GNUC__) && (__GNUC__ == 4) && (__GNUC_MINOR__ == 4))
-#define CURL_NO_FMT_CHECKS
-#endif
-
 /* Compatibility */
 #ifdef ENABLE_IPV6
 #define USE_IPV6 1
@@ -497,12 +489,10 @@
 #    define LSEEK_ERROR                  (__int64)-1
 #  else
      /* Small file (<2Gb) support using Win32 functions. */
-#    ifndef UNDER_CE
-#      undef  lseek
-#      define lseek(fdes, offset, whence)  _lseek(fdes, (long)offset, whence)
-#      define fstat(fdes, stp)             _fstat(fdes, stp)
-#      define struct_stat                  struct _stat
-#    endif
+#    undef  lseek
+#    define lseek(fdes, offset, whence)  _lseek(fdes, (long)offset, whence)
+#    define fstat(fdes, stp)             _fstat(fdes, stp)
+#    define struct_stat                  struct _stat
 #    define LSEEK_ERROR                  (long)-1
 #  endif
 #elif defined(__DJGPP__)
@@ -817,27 +807,6 @@
 #include "curl_setup_once.h"
 #endif
 
-#ifdef UNDER_CE
-#define getenv curl_getenv  /* Windows CE does not support getenv() */
-#define raise(s) ((void)(s))
-/* Terrible workarounds to make Windows CE compile */
-#define errno 0
-#define CURL_SETERRNO(x) ((void)(x))
-#define EINTR  4
-#define EAGAIN 11
-#define ENOMEM 12
-#define EACCES 13
-#define EEXIST 17
-#define EISDIR 21
-#define EINVAL 22
-#define ENOSPC 28
-#define strerror(x) "?"
-#undef STDIN_FILENO
-#define STDIN_FILENO 0
-#else
-#define CURL_SETERRNO(x) (errno = (x))
-#endif
-
 /*
  * Definition of our NOP statement Object-like macro
  */
@@ -926,7 +895,7 @@ endings either CRLF or LF so 't' is appropriate.
 
 /* for systems that do not detect this in configure */
 #ifndef CURL_SA_FAMILY_T
-#  if defined(_WIN32) && !defined(UNDER_CE)
+#  ifdef _WIN32
 #    define CURL_SA_FAMILY_T ADDRESS_FAMILY
 #  elif defined(HAVE_SA_FAMILY_T)
 #    define CURL_SA_FAMILY_T sa_family_t
diff --git a/lib/curl_setup_once.h b/lib/curl_setup_once.h
index 7a54760e16..1c2194c502 100644
--- a/lib/curl_setup_once.h
+++ b/lib/curl_setup_once.h
@@ -33,9 +33,7 @@
 #include 
 #include 
 #include 
-#ifndef UNDER_CE
 #include 
-#endif
 
 #ifdef HAVE_SYS_TYPES_H
 #include 
@@ -356,7 +354,7 @@ typedef unsigned int bit;
 
 #ifdef __VMS
 #define argv_item_t  __char_ptr32
-#elif defined(_UNICODE) && !defined(UNDER_CE)
+#elif defined(_UNICODE)
 #define argv_item_t  wchar_t *
 #else
 #define argv_item_t  char *
diff --git a/lib/curl_sspi.c b/lib/curl_sspi.c
index c819b1c22e..32b4c894d6 100644
--- a/lib/curl_sspi.c
+++ b/lib/curl_sspi.c
@@ -62,11 +62,7 @@ CURLcode Curl_sspi_global_init(void)
   /* If security interface is not yet initialized try to do this */
   if(!Curl_pSecFn) {
     /* Get pointer to Security Service Provider Interface dispatch table */
-#ifdef __MINGW32CE__
-    Curl_pSecFn = InitSecurityInterfaceW();
-#else
     Curl_pSecFn = InitSecurityInterface();
-#endif
     if(!Curl_pSecFn)
       return CURLE_FAILED_INIT;
   }
diff --git a/lib/curl_sspi.h b/lib/curl_sspi.h
index 8ecd81fdea..89ebc9b0ba 100644
--- a/lib/curl_sspi.h
+++ b/lib/curl_sspi.h
@@ -70,225 +70,6 @@ extern PSecurityFunctionTable Curl_pSecFn;
 #define ISC_REQ_USE_HTTP_STYLE                0x01000000
 #endif
 
-#ifdef __MINGW32CE__
-#ifndef ISC_RET_REPLAY_DETECT
-#define ISC_RET_REPLAY_DETECT                 0x00000004
-#endif
-#ifndef ISC_RET_SEQUENCE_DETECT
-#define ISC_RET_SEQUENCE_DETECT               0x00000008
-#endif
-#ifndef ISC_RET_CONFIDENTIALITY
-#define ISC_RET_CONFIDENTIALITY               0x00000010
-#endif
-#ifndef ISC_RET_ALLOCATED_MEMORY
-#define ISC_RET_ALLOCATED_MEMORY              0x00000100
-#endif
-#ifndef ISC_RET_STREAM
-#define ISC_RET_STREAM                        0x00008000
-#endif
-
-#ifndef SEC_E_INSUFFICIENT_MEMORY
-#define SEC_E_INSUFFICIENT_MEMORY             ((HRESULT)0x80090300L)
-#endif
-#ifndef SEC_E_INVALID_HANDLE
-#define SEC_E_INVALID_HANDLE                  ((HRESULT)0x80090301L)
-#endif
-#ifndef SEC_E_UNSUPPORTED_FUNCTION
-#define SEC_E_UNSUPPORTED_FUNCTION            ((HRESULT)0x80090302L)
-#endif
-#ifndef SEC_E_TARGET_UNKNOWN
-#define SEC_E_TARGET_UNKNOWN                  ((HRESULT)0x80090303L)
-#endif
-#ifndef SEC_E_INTERNAL_ERROR
-#define SEC_E_INTERNAL_ERROR                  ((HRESULT)0x80090304L)
-#endif
-#ifndef SEC_E_SECPKG_NOT_FOUND
-#define SEC_E_SECPKG_NOT_FOUND                ((HRESULT)0x80090305L)
-#endif
-#ifndef SEC_E_NOT_OWNER
-#define SEC_E_NOT_OWNER                       ((HRESULT)0x80090306L)
-#endif
-#ifndef SEC_E_CANNOT_INSTALL
-#define SEC_E_CANNOT_INSTALL                  ((HRESULT)0x80090307L)
-#endif
-#ifndef SEC_E_INVALID_TOKEN
-#define SEC_E_INVALID_TOKEN                   ((HRESULT)0x80090308L)
-#endif
-#ifndef SEC_E_CANNOT_PACK
-#define SEC_E_CANNOT_PACK                     ((HRESULT)0x80090309L)
-#endif
-#ifndef SEC_E_QOP_NOT_SUPPORTED
-#define SEC_E_QOP_NOT_SUPPORTED               ((HRESULT)0x8009030AL)
-#endif
-#ifndef SEC_E_NO_IMPERSONATION
-#define SEC_E_NO_IMPERSONATION                ((HRESULT)0x8009030BL)
-#endif
-#ifndef SEC_E_LOGON_DENIED
-#define SEC_E_LOGON_DENIED                    ((HRESULT)0x8009030CL)
-#endif
-#ifndef SEC_E_UNKNOWN_CREDENTIALS
-#define SEC_E_UNKNOWN_CREDENTIALS             ((HRESULT)0x8009030DL)
-#endif
-#ifndef SEC_E_NO_CREDENTIALS
-#define SEC_E_NO_CREDENTIALS                  ((HRESULT)0x8009030EL)
-#endif
-#ifndef SEC_E_MESSAGE_ALTERED
-#define SEC_E_MESSAGE_ALTERED                 ((HRESULT)0x8009030FL)
-#endif
-#ifndef SEC_E_OUT_OF_SEQUENCE
-#define SEC_E_OUT_OF_SEQUENCE                 ((HRESULT)0x80090310L)
-#endif
-#ifndef SEC_E_NO_AUTHENTICATING_AUTHORITY
-#define SEC_E_NO_AUTHENTICATING_AUTHORITY     ((HRESULT)0x80090311L)
-#endif
-#ifndef SEC_E_BAD_PKGID
-#define SEC_E_BAD_PKGID                       ((HRESULT)0x80090316L)
-#endif
-#ifndef SEC_E_CONTEXT_EXPIRED
-#define SEC_E_CONTEXT_EXPIRED                 ((HRESULT)0x80090317L)
-#endif
-#ifndef SEC_E_INCOMPLETE_MESSAGE
-#define SEC_E_INCOMPLETE_MESSAGE              ((HRESULT)0x80090318L)
-#endif
-#ifndef SEC_E_INCOMPLETE_CREDENTIALS
-#define SEC_E_INCOMPLETE_CREDENTIALS          ((HRESULT)0x80090320L)
-#endif
-#ifndef SEC_E_BUFFER_TOO_SMALL
-#define SEC_E_BUFFER_TOO_SMALL                ((HRESULT)0x80090321L)
-#endif
-#ifndef SEC_E_WRONG_PRINCIPAL
-#define SEC_E_WRONG_PRINCIPAL                 ((HRESULT)0x80090322L)
-#endif
-#ifndef SEC_E_TIME_SKEW
-#define SEC_E_TIME_SKEW                       ((HRESULT)0x80090324L)
-#endif
-#ifndef SEC_E_UNTRUSTED_ROOT
-#define SEC_E_UNTRUSTED_ROOT                  ((HRESULT)0x80090325L)
-#endif
-#ifndef SEC_E_ILLEGAL_MESSAGE
-#define SEC_E_ILLEGAL_MESSAGE                 ((HRESULT)0x80090326L)
-#endif
-#ifndef SEC_E_CERT_UNKNOWN
-#define SEC_E_CERT_UNKNOWN                    ((HRESULT)0x80090327L)
-#endif
-#ifndef SEC_E_CERT_EXPIRED
-#define SEC_E_CERT_EXPIRED                    ((HRESULT)0x80090328L)
-#endif
-#ifndef SEC_E_ENCRYPT_FAILURE
-#define SEC_E_ENCRYPT_FAILURE                 ((HRESULT)0x80090329L)
-#endif
-#ifndef SEC_E_DECRYPT_FAILURE
-#define SEC_E_DECRYPT_FAILURE                 ((HRESULT)0x80090330L)
-#endif
-#ifndef SEC_E_ALGORITHM_MISMATCH
-#define SEC_E_ALGORITHM_MISMATCH              ((HRESULT)0x80090331L)
-#endif
-#ifndef SEC_E_SECURITY_QOS_FAILED
-#define SEC_E_SECURITY_QOS_FAILED             ((HRESULT)0x80090332L)
-#endif
-#ifndef SEC_E_UNFINISHED_CONTEXT_DELETED
-#define SEC_E_UNFINISHED_CONTEXT_DELETED      ((HRESULT)0x80090333L)
-#endif
-#ifndef SEC_E_NO_TGT_REPLY
-#define SEC_E_NO_TGT_REPLY                    ((HRESULT)0x80090334L)
-#endif
-#ifndef SEC_E_NO_IP_ADDRESSES
-#define SEC_E_NO_IP_ADDRESSES                 ((HRESULT)0x80090335L)
-#endif
-#ifndef SEC_E_WRONG_CREDENTIAL_HANDLE
-#define SEC_E_WRONG_CREDENTIAL_HANDLE         ((HRESULT)0x80090336L)
-#endif
-#ifndef SEC_E_CRYPTO_SYSTEM_INVALID
-#define SEC_E_CRYPTO_SYSTEM_INVALID           ((HRESULT)0x80090337L)
-#endif
-#ifndef SEC_E_MAX_REFERRALS_EXCEEDED
-#define SEC_E_MAX_REFERRALS_EXCEEDED          ((HRESULT)0x80090338L)
-#endif
-#ifndef SEC_E_MUST_BE_KDC
-#define SEC_E_MUST_BE_KDC                     ((HRESULT)0x80090339L)
-#endif
-#ifndef SEC_E_STRONG_CRYPTO_NOT_SUPPORTED
-#define SEC_E_STRONG_CRYPTO_NOT_SUPPORTED     ((HRESULT)0x8009033AL)
-#endif
-#ifndef SEC_E_TOO_MANY_PRINCIPALS
-#define SEC_E_TOO_MANY_PRINCIPALS             ((HRESULT)0x8009033BL)
-#endif
-#ifndef SEC_E_NO_PA_DATA
-#define SEC_E_NO_PA_DATA                      ((HRESULT)0x8009033CL)
-#endif
-#ifndef SEC_E_PKINIT_NAME_MISMATCH
-#define SEC_E_PKINIT_NAME_MISMATCH            ((HRESULT)0x8009033DL)
-#endif
-#ifndef SEC_E_SMARTCARD_LOGON_REQUIRED
-#define SEC_E_SMARTCARD_LOGON_REQUIRED        ((HRESULT)0x8009033EL)
-#endif
-#ifndef SEC_E_SHUTDOWN_IN_PROGRESS
-#define SEC_E_SHUTDOWN_IN_PROGRESS            ((HRESULT)0x8009033FL)
-#endif
-#ifndef SEC_E_KDC_INVALID_REQUEST
-#define SEC_E_KDC_INVALID_REQUEST             ((HRESULT)0x80090340L)
-#endif
-#ifndef SEC_E_KDC_UNABLE_TO_REFER
-#define SEC_E_KDC_UNABLE_TO_REFER             ((HRESULT)0x80090341L)
-#endif
-#ifndef SEC_E_KDC_UNKNOWN_ETYPE
-#define SEC_E_KDC_UNKNOWN_ETYPE               ((HRESULT)0x80090342L)
-#endif
-#ifndef SEC_E_UNSUPPORTED_PREAUTH
-#define SEC_E_UNSUPPORTED_PREAUTH             ((HRESULT)0x80090343L)
-#endif
-#ifndef SEC_E_DELEGATION_REQUIRED
-#define SEC_E_DELEGATION_REQUIRED             ((HRESULT)0x80090345L)
-#endif
-#ifndef SEC_E_BAD_BINDINGS
-#define SEC_E_BAD_BINDINGS                    ((HRESULT)0x80090346L)
-#endif
-#ifndef SEC_E_MULTIPLE_ACCOUNTS
-#define SEC_E_MULTIPLE_ACCOUNTS               ((HRESULT)0x80090347L)
-#endif
-#ifndef SEC_E_NO_KERB_KEY
-#define SEC_E_NO_KERB_KEY                     ((HRESULT)0x80090348L)
-#endif
-#ifndef SEC_E_CERT_WRONG_USAGE
-#define SEC_E_CERT_WRONG_USAGE                ((HRESULT)0x80090349L)
-#endif
-#ifndef SEC_E_DOWNGRADE_DETECTED
-#define SEC_E_DOWNGRADE_DETECTED              ((HRESULT)0x80090350L)
-#endif
-#ifndef SEC_E_SMARTCARD_CERT_REVOKED
-#define SEC_E_SMARTCARD_CERT_REVOKED          ((HRESULT)0x80090351L)
-#endif
-#ifndef SEC_E_ISSUING_CA_UNTRUSTED
-#define SEC_E_ISSUING_CA_UNTRUSTED            ((HRESULT)0x80090352L)
-#endif
-#ifndef SEC_E_REVOCATION_OFFLINE_C
-#define SEC_E_REVOCATION_OFFLINE_C            ((HRESULT)0x80090353L)
-#endif
-#ifndef SEC_E_PKINIT_CLIENT_FAILURE
-#define SEC_E_PKINIT_CLIENT_FAILURE           ((HRESULT)0x80090354L)
-#endif
-#ifndef SEC_E_SMARTCARD_CERT_EXPIRED
-#define SEC_E_SMARTCARD_CERT_EXPIRED          ((HRESULT)0x80090355L)
-#endif
-#ifndef SEC_E_NO_S4U_PROT_SUPPORT
-#define SEC_E_NO_S4U_PROT_SUPPORT             ((HRESULT)0x80090356L)
-#endif
-#ifndef SEC_E_CROSSREALM_DELEGATION_FAILURE
-#define SEC_E_CROSSREALM_DELEGATION_FAILURE   ((HRESULT)0x80090357L)
-#endif
-#ifndef SEC_E_REVOCATION_OFFLINE_KDC
-#define SEC_E_REVOCATION_OFFLINE_KDC          ((HRESULT)0x80090358L)
-#endif
-#ifndef SEC_E_ISSUING_CA_UNTRUSTED_KDC
-#define SEC_E_ISSUING_CA_UNTRUSTED_KDC        ((HRESULT)0x80090359L)
-#endif
-#ifndef SEC_E_KDC_CERT_EXPIRED
-#define SEC_E_KDC_CERT_EXPIRED                ((HRESULT)0x8009035AL)
-#endif
-#ifndef SEC_E_KDC_CERT_REVOKED
-#define SEC_E_KDC_CERT_REVOKED                ((HRESULT)0x8009035BL)
-#endif
-#endif /* __MINGW32CE__ */
 /* Offered by mingw-w64 v8+. MS SDK 6.0A+. */
 #ifndef SEC_E_INVALID_PARAMETER
 #define SEC_E_INVALID_PARAMETER               ((HRESULT)0x8009035DL)
@@ -302,44 +83,11 @@ extern PSecurityFunctionTable Curl_pSecFn;
 #define SEC_E_POLICY_NLTM_ONLY                ((HRESULT)0x8009035FL)
 #endif
 
-#ifdef __MINGW32CE__
-#ifndef SEC_I_CONTINUE_NEEDED
-#define SEC_I_CONTINUE_NEEDED                 ((HRESULT)0x00090312L)
-#endif
-#ifndef SEC_I_COMPLETE_NEEDED
-#define SEC_I_COMPLETE_NEEDED                 ((HRESULT)0x00090313L)
-#endif
-#ifndef SEC_I_COMPLETE_AND_CONTINUE
-#define SEC_I_COMPLETE_AND_CONTINUE           ((HRESULT)0x00090314L)
-#endif
-#ifndef SEC_I_LOCAL_LOGON
-#define SEC_I_LOCAL_LOGON                     ((HRESULT)0x00090315L)
-#endif
-#ifndef SEC_I_CONTEXT_EXPIRED
-#define SEC_I_CONTEXT_EXPIRED                 ((HRESULT)0x00090317L)
-#endif
-#ifndef SEC_I_INCOMPLETE_CREDENTIALS
-#define SEC_I_INCOMPLETE_CREDENTIALS          ((HRESULT)0x00090320L)
-#endif
-#ifndef SEC_I_RENEGOTIATE
-#define SEC_I_RENEGOTIATE                     ((HRESULT)0x00090321L)
-#endif
-#ifndef SEC_I_NO_LSA_CONTEXT
-#define SEC_I_NO_LSA_CONTEXT                  ((HRESULT)0x00090323L)
-#endif
-#endif /* __MINGW32CE__ */
-
 /* Offered by mingw-w64 v8+. MS SDK 6.0A+. */
 #ifndef SEC_I_SIGNATURE_NEEDED
 #define SEC_I_SIGNATURE_NEEDED                ((HRESULT)0x0009035CL)
 #endif
 
-#ifdef __MINGW32CE__
-#ifndef CRYPT_E_NOT_IN_REVOCATION_DATABASE
-#define CRYPT_E_NOT_IN_REVOCATION_DATABASE    ((HRESULT)0x80092014L)
-#endif
-#endif /* __MINGW32CE__ */
-
 /*
  * Definitions required from ntsecapi.h are directly provided below this point
  * to avoid including ntsecapi.h due to a conflict with OpenSSL's safestack.h
diff --git a/lib/curl_threads.c b/lib/curl_threads.c
index 68bfddddcb..a0308f06b2 100644
--- a/lib/curl_threads.c
+++ b/lib/curl_threads.c
@@ -69,7 +69,7 @@ curl_thread_t Curl_thread_create(CURL_THREAD_RETURN_T
 
   rc = pthread_create(t, NULL, curl_thread_create_thunk, ac);
   if(rc) {
-    CURL_SETERRNO(rc);
+    errno = rc;
     goto err;
   }
 
@@ -109,10 +109,9 @@ curl_thread_t Curl_thread_create(CURL_THREAD_RETURN_T
   if(!t) {
     DWORD gle = GetLastError();
     /* !checksrc! disable ERRNOVAR 1 */
-    int err = (gle == ERROR_ACCESS_DENIED ||
-               gle == ERROR_NOT_ENOUGH_MEMORY) ?
-               EACCES : EINVAL;
-    CURL_SETERRNO(err);
+    errno = (gle == ERROR_ACCESS_DENIED ||
+             gle == ERROR_NOT_ENOUGH_MEMORY) ?
+             EACCES : EINVAL;
     return curl_thread_t_null;
   }
   return t;
@@ -128,11 +127,7 @@ void Curl_thread_destroy(curl_thread_t *hnd)
 
 int Curl_thread_join(curl_thread_t *hnd)
 {
-#ifdef UNDER_CE
-  int ret = (WaitForSingleObject(*hnd, INFINITE) == WAIT_OBJECT_0);
-#else
   int ret = (WaitForSingleObjectEx(*hnd, INFINITE, FALSE) == WAIT_OBJECT_0);
-#endif
 
   Curl_thread_destroy(hnd);
 
diff --git a/lib/curlx/fopen.c b/lib/curlx/fopen.c
index 9509e83148..a5311874b8 100644
--- a/lib/curlx/fopen.c
+++ b/lib/curlx/fopen.c
@@ -47,7 +47,7 @@ int curlx_fseek(void *stream, curl_off_t offset, int whence)
 #endif
 }
 
-#if defined(_WIN32) && !defined(UNDER_CE)
+#ifdef _WIN32
 
 #include "multibyte.h"
 
@@ -235,7 +235,7 @@ int curlx_win32_open(const char *filename, int oflag, ...)
   }
   else
     /* !checksrc! disable ERRNOVAR 1 */
-    CURL_SETERRNO(EINVAL);
+    errno = EINVAL;
 #else
   if(fix_excessive_path(filename, &fixed))
     target = fixed;
@@ -266,7 +266,7 @@ FILE *curlx_win32_fopen(const char *filename, const char *mode)
   }
   else
     /* !checksrc! disable ERRNOVAR 1 */
-    CURL_SETERRNO(EINVAL);
+    errno = EINVAL;
   curlx_unicodefree(filename_w);
   curlx_unicodefree(mode_w);
 #else
@@ -304,7 +304,7 @@ int curlx_win32_stat(const char *path, struct_stat *buffer)
   }
   else
     /* !checksrc! disable ERRNOVAR 1 */
-    CURL_SETERRNO(EINVAL);
+    errno = EINVAL;
 #else
   if(fix_excessive_path(path, &fixed))
     target = fixed;
@@ -321,4 +321,4 @@ int curlx_win32_stat(const char *path, struct_stat *buffer)
   return result;
 }
 
-#endif /* _WIN32 && !UNDER_CE */
+#endif /* _WIN32 */
diff --git a/lib/curlx/fopen.h b/lib/curlx/fopen.h
index 51f4dbca17..da9eb55ec9 100644
--- a/lib/curlx/fopen.h
+++ b/lib/curlx/fopen.h
@@ -34,7 +34,7 @@
 
 int curlx_fseek(void *stream, curl_off_t offset, int whence);
 
-#if defined(_WIN32) && !defined(UNDER_CE)
+#ifdef _WIN32
 FILE *curlx_win32_fopen(const char *filename, const char *mode);
 int curlx_win32_stat(const char *path, struct_stat *buffer);
 int curlx_win32_open(const char *filename, int oflag, ...);
diff --git a/lib/curlx/inet_ntop.c b/lib/curlx/inet_ntop.c
index a9595d0c2f..d4053f1a60 100644
--- a/lib/curlx/inet_ntop.c
+++ b/lib/curlx/inet_ntop.c
@@ -72,9 +72,9 @@ static char *inet_ntop4(const unsigned char *src, char *dst, size_t size)
   len = strlen(tmp);
   if(len == 0 || len >= size) {
 #ifdef USE_WINSOCK
-    CURL_SETERRNO(WSAEINVAL);
+    errno = WSAEINVAL;
 #else
-    CURL_SETERRNO(ENOSPC);
+    errno = ENOSPC;
 #endif
     return NULL;
   }
@@ -186,9 +186,9 @@ static char *inet_ntop6(const unsigned char *src, char *dst, size_t size)
    */
   if((size_t)(tp - tmp) > size) {
 #ifdef USE_WINSOCK
-    CURL_SETERRNO(WSAEINVAL);
+    errno = WSAEINVAL;
 #else
-    CURL_SETERRNO(ENOSPC);
+    errno = ENOSPC;
 #endif
     return NULL;
   }
@@ -215,7 +215,7 @@ char *curlx_inet_ntop(int af, const void *src, char *buf, size_t size)
   case AF_INET6:
     return inet_ntop6((const unsigned char *)src, buf, size);
   default:
-    CURL_SETERRNO(SOCKEAFNOSUPPORT);
+    errno = SOCKEAFNOSUPPORT;
     return NULL;
   }
 }
diff --git a/lib/curlx/inet_pton.c b/lib/curlx/inet_pton.c
index d2b39ae9f1..b78fa5d746 100644
--- a/lib/curlx/inet_pton.c
+++ b/lib/curlx/inet_pton.c
@@ -82,7 +82,7 @@ curlx_inet_pton(int af, const char *src, void *dst)
   case AF_INET6:
     return inet_pton6(src, (unsigned char *)dst);
   default:
-    CURL_SETERRNO(SOCKEAFNOSUPPORT);
+    errno = SOCKEAFNOSUPPORT;
     return -1;
   }
   /* NOTREACHED */
diff --git a/lib/curlx/strerr.c b/lib/curlx/strerr.c
index e5227554e5..047588ed18 100644
--- a/lib/curlx/strerr.c
+++ b/lib/curlx/strerr.c
@@ -287,13 +287,10 @@ const char *curlx_strerror(int err, char *buf, size_t buflen)
   *buf = '\0';
 
 #ifdef _WIN32
-#ifndef UNDER_CE
   /* 'sys_nerr' is the maximum errno number, it is not widely portable */
   if(err >= 0 && err < sys_nerr)
     SNPRINTF(buf, buflen, "%s", sys_errlist[err]);
-  else
-#endif
-  {
+  else {
     if(
 #ifdef USE_WINSOCK
       !get_winsock_error(err, buf, buflen) &&
@@ -350,7 +347,7 @@ const char *curlx_strerror(int err, char *buf, size_t buflen)
     *p = '\0';
 
   if(errno != old_errno)
-    CURL_SETERRNO(old_errno);
+    errno = old_errno;
 
 #ifdef _WIN32
   if(old_win_err != GetLastError())
diff --git a/lib/curlx/version_win32.c b/lib/curlx/version_win32.c
index 7e415dfe89..cc86b71d3e 100644
--- a/lib/curlx/version_win32.c
+++ b/lib/curlx/version_win32.c
@@ -111,12 +111,6 @@ bool curlx_verify_windows_version(const unsigned int majorVersion,
     /* we are always running on PLATFORM_WINNT */
     matched = FALSE;
   }
-#elif defined(UNDER_CE)
-  (void)majorVersion;
-  (void)minorVersion;
-  (void)buildVersion;
-  (void)platform;
-  (void)condition;
 #else
   ULONGLONG cm = 0;
   struct OUR_OSVERSIONINFOEXW osver;
@@ -139,7 +133,7 @@ bool curlx_verify_windows_version(const unsigned int majorVersion,
 #pragma clang diagnostic ignored "-Wcast-function-type-strict"
 #endif
     pRtlVerifyVersionInfo = CURLX_FUNCTION_CAST(RTLVERIFYVERSIONINFO_FN,
-      GetProcAddress(GetModuleHandleA("ntdll"), "RtlVerifyVersionInfo"));
+      GetProcAddress(GetModuleHandle(TEXT("ntdll")), "RtlVerifyVersionInfo"));
 #if defined(__clang__) && __clang_major__ >= 16
 #pragma clang diagnostic pop
 #endif
diff --git a/lib/curlx/winapi.c b/lib/curlx/winapi.c
index de1218cec7..2dc277c1c1 100644
--- a/lib/curlx/winapi.c
+++ b/lib/curlx/winapi.c
@@ -61,8 +61,7 @@ const char *curlx_get_winapi_error(DWORD err, char *buf, size_t buflen)
 
   /* We return the local codepage version of the error string because if it is
      output to the user's terminal it will likely be with functions which
-     expect the local codepage (eg fprintf, failf, infof).
-     FormatMessageW -> wcstombs is used for Windows CE compatibility. */
+     expect the local codepage (eg fprintf, failf, infof). */
   if(FormatMessageW((FORMAT_MESSAGE_FROM_SYSTEM |
                      FORMAT_MESSAGE_IGNORE_INSERTS), NULL, err,
                     LANG_NEUTRAL, wbuf, CURL_ARRAYSIZE(wbuf), NULL)) {
@@ -118,7 +117,7 @@ const char *curlx_winapi_strerror(DWORD err, char *buf, size_t buflen)
 #endif
 
   if(errno != old_errno)
-    CURL_SETERRNO(old_errno);
+    errno = old_errno;
 
   if(old_win_err != GetLastError())
     SetLastError(old_win_err);
diff --git a/lib/easy.c b/lib/easy.c
index c5ccc5b1e6..54896a8d55 100644
--- a/lib/easy.c
+++ b/lib/easy.c
@@ -106,12 +106,10 @@ static curl_simple_lock s_lock = CURL_SIMPLE_LOCK_INIT;
  * ways, but at this point it must be defined as the system-supplied strdup
  * so the callback pointer is initialized correctly.
  */
-#ifdef UNDER_CE
-#define system_strdup _strdup
-#elif !defined(HAVE_STRDUP)
-#define system_strdup Curl_strdup
-#else
+#ifdef HAVE_STRDUP
 #define system_strdup strdup
+#else
+#define system_strdup Curl_strdup
 #endif
 
 #if defined(_MSC_VER) && defined(_DLL)
diff --git a/lib/file.c b/lib/file.c
index 5656202834..5fff5d0a82 100644
--- a/lib/file.c
+++ b/lib/file.c
@@ -572,7 +572,7 @@ static CURLcode file_do(struct Curl_easy *data, bool *done)
 
   if(data->state.resume_from) {
     if(!S_ISDIR(statbuf.st_mode)) {
-#if defined(__AMIGA__) || defined(__MINGW32CE__)
+#ifdef __AMIGA__
       if(data->state.resume_from !=
           lseek(fd, (off_t)data->state.resume_from, SEEK_SET))
 #else
diff --git a/lib/ftp.c b/lib/ftp.c
index 108310bf30..bcf4b809cc 100644
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -3311,10 +3311,6 @@ static CURLcode ftp_done(struct Curl_easy *data, CURLcode status,
 
   /* shut down the socket to inform the server we are done */
 
-#ifdef UNDER_CE
-  shutdown(conn->sock[SECONDARYSOCKET], 2);  /* SD_BOTH */
-#endif
-
   if(Curl_conn_is_setup(conn, SECONDARYSOCKET)) {
     if(!result && ftpc->dont_check && data->req.maxdownload > 0) {
       /* partial download completed */
diff --git a/lib/getenv.c b/lib/getenv.c
index 3bfcf707a4..a2d8056fcc 100644
--- a/lib/getenv.c
+++ b/lib/getenv.c
@@ -31,7 +31,7 @@
 
 static char *GetEnv(const char *variable)
 {
-#if defined(CURL_WINDOWS_UWP) || defined(UNDER_CE) || \
+#if defined(CURL_WINDOWS_UWP) || \
   defined(__ORBIS__) || defined(__PROSPERO__) /* PlayStation 4 and 5 */
   (void)variable;
   return NULL;
diff --git a/lib/hostip.c b/lib/hostip.c
index ce79e5fc4b..48889dcb43 100644
--- a/lib/hostip.c
+++ b/lib/hostip.c
@@ -42,9 +42,7 @@
 #endif
 
 #include 
-#ifndef UNDER_CE
 #include 
-#endif
 
 #include "urldata.h"
 #include "sendf.h"
diff --git a/lib/md4.c b/lib/md4.c
index d86a24628c..0cc62f8152 100644
--- a/lib/md4.c
+++ b/lib/md4.c
@@ -133,12 +133,7 @@ static int MD4_Init(MD4_CTX *ctx)
 
 static void MD4_Update(MD4_CTX *ctx, const void *data, unsigned long size)
 {
-#ifdef __MINGW32CE__
-  CryptHashData(ctx->hHash, (BYTE *)CURL_UNCONST(data),
-                (unsigned int) size, 0);
-#else
   CryptHashData(ctx->hHash, (const BYTE *)data, (unsigned int) size, 0);
-#endif
 }
 
 static void MD4_Final(unsigned char *result, MD4_CTX *ctx)
diff --git a/lib/md5.c b/lib/md5.c
index d99554a4aa..4b38bb070b 100644
--- a/lib/md5.c
+++ b/lib/md5.c
@@ -240,11 +240,7 @@ static void my_md5_update(void *in,
                           unsigned int inputLen)
 {
   my_md5_ctx *ctx = in;
-#ifdef __MINGW32CE__
-  CryptHashData(ctx->hHash, (BYTE *)CURL_UNCONST(input), inputLen, 0);
-#else
   CryptHashData(ctx->hHash, (const BYTE *)input, inputLen, 0);
-#endif
 }
 
 static void my_md5_final(unsigned char *digest, void *in)
diff --git a/lib/memdebug.c b/lib/memdebug.c
index 7ded52c1e9..11e924a55b 100644
--- a/lib/memdebug.c
+++ b/lib/memdebug.c
@@ -117,7 +117,7 @@ static bool countcheck(const char *func, int line, const char *source)
                     source, line, func);
       fflush(curl_dbg_logfile); /* because it might crash now */
       /* !checksrc! disable ERRNOVAR 1 */
-      CURL_SETERRNO(ENOMEM);
+      errno = ENOMEM;
       return TRUE; /* RETURN ERROR! */
     }
     else
diff --git a/lib/rename.c b/lib/rename.c
index 225811e65a..911afca575 100644
--- a/lib/rename.c
+++ b/lib/rename.c
@@ -39,7 +39,7 @@
 /* return 0 on success, 1 on error */
 int Curl_rename(const char *oldpath, const char *newpath)
 {
-#if defined(_WIN32) && !defined(UNDER_CE)
+#ifdef _WIN32
   /* rename() on Windows does not overwrite, so we cannot use it here.
      MoveFileEx() will overwrite and is usually atomic, however it fails
      when there are open handles to the file. */
diff --git a/lib/sha256.c b/lib/sha256.c
index f7bb545613..3e3205e36b 100644
--- a/lib/sha256.c
+++ b/lib/sha256.c
@@ -214,11 +214,7 @@ static void my_sha256_update(void *in,
                              unsigned int length)
 {
   my_sha256_ctx *ctx = (my_sha256_ctx *)in;
-#ifdef __MINGW32CE__
-  CryptHashData(ctx->hHash, (BYTE *)CURL_UNCONST(data), length, 0);
-#else
   CryptHashData(ctx->hHash, (const BYTE *)data, length, 0);
-#endif
 }
 
 static void my_sha256_final(unsigned char *digest, void *in)
diff --git a/lib/strerror.c b/lib/strerror.c
index 5b82d7f965..afe69756bc 100644
--- a/lib/strerror.c
+++ b/lib/strerror.c
@@ -679,7 +679,7 @@ const char *Curl_sspi_strerror(SECURITY_STATUS err, char *buf, size_t buflen)
 #endif
 
   if(errno != old_errno)
-    CURL_SETERRNO(old_errno);
+    errno = old_errno;
 
 #ifdef _WIN32
   if(old_win_err != GetLastError())
diff --git a/lib/system_win32.c b/lib/system_win32.c
index cd01fd2ebf..bdbed66162 100644
--- a/lib/system_win32.c
+++ b/lib/system_win32.c
@@ -99,15 +99,9 @@ CURLcode Curl_win32_init(long flags)
   s_hIpHlpApiDll = curl_load_library(TEXT("iphlpapi.dll"));
   if(s_hIpHlpApiDll) {
     /* Get the address of the if_nametoindex function */
-#ifdef UNDER_CE
-    #define CURL_TEXT(n) TEXT(n)
-#else
-    #define CURL_TEXT(n) (n)
-#endif
     IF_NAMETOINDEX_FN pIfNameToIndex =
       CURLX_FUNCTION_CAST(IF_NAMETOINDEX_FN,
-                          GetProcAddress(s_hIpHlpApiDll,
-                                         CURL_TEXT("if_nametoindex")));
+                          GetProcAddress(s_hIpHlpApiDll, "if_nametoindex"));
 
     if(pIfNameToIndex)
       Curl_if_nametoindex = pIfNameToIndex;
@@ -164,13 +158,9 @@ typedef HMODULE (APIENTRY *LOADLIBRARYEX_FN)(LPCTSTR, HANDLE, DWORD);
 
 /* See function definitions in winbase.h */
 #ifdef UNICODE
-#  ifdef UNDER_CE
-#    define LOADLIBARYEX  L"LoadLibraryExW"
-#  else
-#    define LOADLIBARYEX  "LoadLibraryExW"
-#  endif
+#  define LOADLIBARYEX  "LoadLibraryExW"
 #else
-#  define LOADLIBARYEX    "LoadLibraryExA"
+#  define LOADLIBARYEX  "LoadLibraryExA"
 #endif
 
 /*
@@ -189,7 +179,7 @@ typedef HMODULE (APIENTRY *LOADLIBRARYEX_FN)(LPCTSTR, HANDLE, DWORD);
  */
 static HMODULE curl_load_library(LPCTSTR filename)
 {
-#if !defined(CURL_WINDOWS_UWP) && !defined(UNDER_CE)
+#ifndef CURL_WINDOWS_UWP
   HMODULE hModule = NULL;
   LOADLIBRARYEX_FN pLoadLibraryEx = NULL;
 
diff --git a/lib/transfer.c b/lib/transfer.c
index 4c17cbb50d..2b06566f73 100644
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -39,9 +39,7 @@
 #ifdef HAVE_SYS_IOCTL_H
 #include 
 #endif
-#ifndef UNDER_CE
 #include 
-#endif
 
 #ifdef HAVE_SYS_PARAM_H
 #include 
diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c
index f2a907cb09..6311f4a416 100644
--- a/lib/vtls/schannel.c
+++ b/lib/vtls/schannel.c
@@ -119,12 +119,6 @@
 #define CALG_SHA_256 0x0000800c
 #endif
 
-/* Work around typo in CeGCC (as of 0.59.1) w32api headers */
-#if defined(__MINGW32CE__) && \
-  !defined(ALG_CLASS_DHASH) && defined(ALG_CLASS_HASH)
-#define ALG_CLASS_DHASH ALG_CLASS_HASH
-#endif
-
 /* Offered by mingw-w64 v4+. MS SDK 6.0A+. */
 #ifndef PKCS12_NO_PERSIST_KEY
 #define PKCS12_NO_PERSIST_KEY 0x00008000
@@ -385,7 +379,6 @@ set_ssl_ciphers(SCHANNEL_CRED *schannel_cred, char *ciphers,
   return CURLE_OK;
 }
 
-#ifndef UNDER_CE
 /* Function allocates memory for store_path only if CURLE_OK is returned */
 static CURLcode
 get_cert_location(TCHAR *path, DWORD *store_name, TCHAR **store_path,
@@ -441,7 +434,6 @@ get_cert_location(TCHAR *path, DWORD *store_name, TCHAR **store_path,
 
   return CURLE_OK;
 }
-#endif
 
 static CURLcode
 schannel_acquire_credential_handle(struct Curl_cfilter *cf,
@@ -536,7 +528,6 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf,
     return CURLE_SSL_CONNECT_ERROR;
   }
 
-#ifndef UNDER_CE
   /* client certificate */
   if(data->set.ssl.primary.clientcert || data->set.ssl.primary.cert_blob) {
     DWORD cert_store_name = 0;
@@ -744,7 +735,6 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf,
     }
     client_cert_store = cert_store;
   }
-#endif
 
   /* allocate memory for the reusable credential handle */
   backend->cred = (struct Curl_schannel_cred *)
@@ -875,9 +865,7 @@ schannel_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data)
   struct ssl_connect_data *connssl = cf->ctx;
   struct schannel_ssl_backend_data *backend =
     (struct schannel_ssl_backend_data *)connssl->backend;
-#ifndef UNDER_CE
   struct ssl_primary_config *conn_config = Curl_ssl_cf_get_primary_config(cf);
-#endif
   struct ssl_config_data *ssl_config = Curl_ssl_cf_get_config(cf, data);
   SecBuffer outbuf;
   SecBufferDesc outbuf_desc;
@@ -908,11 +896,6 @@ schannel_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data)
   backend->use_alpn = FALSE;
 #endif
 
-#ifdef UNDER_CE
-  /* certificate validation on Windows CE does not seem to work right; we will
-   * do it following a more manual process. */
-  backend->use_manual_cred_validation = TRUE;
-#else
   if(conn_config->CAfile || conn_config->ca_info_blob) {
     if(curlx_verify_windows_version(6, 1, 0, PLATFORM_WINNT,
                                     VERSION_GREATER_THAN_EQUAL)) {
@@ -926,7 +909,6 @@ schannel_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data)
   }
   else
     backend->use_manual_cred_validation = FALSE;
-#endif
 
   backend->cred = NULL;
 
@@ -2573,7 +2555,7 @@ static void schannel_close(struct Curl_cfilter *cf, struct Curl_easy *data)
 
 static int schannel_init(void)
 {
-#if defined(HAS_ALPN_SCHANNEL) && !defined(UNDER_CE)
+#ifdef HAS_ALPN_SCHANNEL
   typedef const char *(APIENTRY *WINE_GET_VERSION_FN)(void);
 #if defined(__clang__) && __clang_major__ >= 16
 #pragma clang diagnostic push
@@ -2581,8 +2563,7 @@ static int schannel_init(void)
 #endif
   WINE_GET_VERSION_FN p_wine_get_version =
     CURLX_FUNCTION_CAST(WINE_GET_VERSION_FN,
-                        GetProcAddress(GetModuleHandleA("ntdll"),
-                                       "wine_get_version"));
+      GetProcAddress(GetModuleHandle(TEXT("ntdll")), "wine_get_version"));
 #if defined(__clang__) && __clang_major__ >= 16
 #pragma clang diagnostic pop
 #endif
@@ -2599,7 +2580,7 @@ static int schannel_init(void)
     s_win_has_alpn = curlx_verify_windows_version(6, 3, 0, PLATFORM_WINNT,
                                                   VERSION_GREATER_THAN_EQUAL);
   }
-#endif /* HAS_ALPN_SCHANNEL && !UNDER_CE */
+#endif /* HAS_ALPN_SCHANNEL */
 
   return Curl_sspi_global_init() == CURLE_OK ? 1 : 0;
 }
@@ -2716,12 +2697,7 @@ static void schannel_checksum(const unsigned char *input,
     if(!CryptCreateHash(hProv, algId, 0, 0, &hHash))
       break; /* failed */
 
-#ifdef __MINGW32CE__
-    /* workaround for CeGCC, should be (const BYTE*) */
-    if(!CryptHashData(hHash, (BYTE*)CURL_UNCONST(input), (DWORD)inputlen, 0))
-#else
     if(!CryptHashData(hHash, input, (DWORD)inputlen, 0))
-#endif
       break; /* failed */
 
     /* get hash size */
diff --git a/lib/vtls/schannel_verify.c b/lib/vtls/schannel_verify.c
index a508494484..6b8aec5613 100644
--- a/lib/vtls/schannel_verify.c
+++ b/lib/vtls/schannel_verify.c
@@ -55,22 +55,6 @@
 
 #define BACKEND ((struct schannel_ssl_backend_data *)connssl->backend)
 
-#ifdef __MINGW32CE__
-#define CERT_QUERY_OBJECT_BLOB 0x00000002
-#define CERT_QUERY_CONTENT_CERT 1
-#define CERT_QUERY_CONTENT_FLAG_CERT (1 << CERT_QUERY_CONTENT_CERT)
-#define CERT_QUERY_FORMAT_BINARY 1
-#define CERT_QUERY_FORMAT_BASE64_ENCODED 2
-#define CERT_QUERY_FORMAT_ASN_ASCII_HEX_ENCODED 3
-#define CERT_QUERY_FORMAT_FLAG_ALL               \
-  (1 << CERT_QUERY_FORMAT_BINARY) |              \
-  (1 << CERT_QUERY_FORMAT_BASE64_ENCODED) |      \
-  (1 << CERT_QUERY_FORMAT_ASN_ASCII_HEX_ENCODED)
-#define CERT_CHAIN_REVOCATION_CHECK_CHAIN 0x20000000
-#define CERT_NAME_DISABLE_IE4_UTF8_FLAG 0x00010000
-#define CERT_TRUST_IS_OFFLINE_REVOCATION 0x01000000
-#endif /* __MINGW32CE__ */
-
 #define MAX_CAFILE_SIZE 1048576 /* 1 MiB */
 #define BEGIN_CERT "-----BEGIN CERTIFICATE-----"
 #define END_CERT "\n-----END CERTIFICATE-----"
@@ -112,7 +96,6 @@ struct cert_chain_engine_config_win7 {
   HCERTSTORE hExclusiveTrustedPeople;
 };
 
-#ifndef UNDER_CE
 static int is_cr_or_lf(char c)
 {
   return c == '\r' || c == '\n';
@@ -534,7 +517,6 @@ static bool get_alt_name_info(struct Curl_easy *data,
   result = TRUE;
   return result;
 }
-#endif /* !UNDER_CE */
 
 /* Verify the server's hostname */
 CURLcode Curl_verify_host(struct Curl_cfilter *cf,
@@ -543,58 +525,6 @@ CURLcode Curl_verify_host(struct Curl_cfilter *cf,
   CURLcode result = CURLE_PEER_FAILED_VERIFICATION;
   struct ssl_connect_data *connssl = cf->ctx;
   CERT_CONTEXT *pCertContextServer = NULL;
-#ifdef UNDER_CE
-  TCHAR cert_hostname_buff[256];
-  DWORD len;
-
-  /* This code does not support certificates with multiple alternative names.
-   * Right now we are only asking for the first preferred alternative name.
-   * Instead we would need to do all via CERT_NAME_SEARCH_ALL_NAMES_FLAG
-   * (If Windows CE supports that?) and run this section in a loop for each.
-   * https://learn.microsoft.com/windows/win32/api/wincrypt/nf-wincrypt-certgetnamestringa
-   * curl: (51) schannel: CertGetNameString() certificate hostname
-   * (.google.com) did not match connection (google.com)
-   */
-  len = CertGetNameString(pCertContextServer,
-                          CERT_NAME_DNS_TYPE,
-                          CERT_NAME_DISABLE_IE4_UTF8_FLAG,
-                          NULL,
-                          cert_hostname_buff,
-                          256);
-  if(len > 0) {
-    /* Comparing the cert name and the connection hostname encoded as UTF-8
-     * is acceptable since both values are assumed to use ASCII
-     * (or some equivalent) encoding
-     */
-    char *cert_hostname = curlx_convert_tchar_to_UTF8(cert_hostname_buff);
-    if(!cert_hostname) {
-      result = CURLE_OUT_OF_MEMORY;
-    }
-    else{
-      const char *conn_hostname = connssl->peer.hostname;
-      if(Curl_cert_hostcheck(cert_hostname, strlen(cert_hostname),
-                             conn_hostname, strlen(conn_hostname))) {
-        infof(data,
-              "schannel: connection hostname (%s) validated "
-              "against certificate name (%s)",
-              conn_hostname, cert_hostname);
-        result = CURLE_OK;
-      }
-      else{
-        failf(data,
-              "schannel: connection hostname (%s) "
-              "does not match certificate name (%s)",
-              conn_hostname, cert_hostname);
-      }
-      Curl_safefree(cert_hostname);
-    }
-  }
-  else {
-    failf(data,
-          "schannel: CertGetNameString did not provide any "
-          "certificate name information");
-  }
-#else
   SECURITY_STATUS sspi_status;
   TCHAR *cert_hostname_buff = NULL;
   size_t cert_hostname_buff_index = 0;
@@ -740,7 +670,6 @@ cleanup:
 
   if(pCertContextServer)
     CertFreeCertificateContext(pCertContextServer);
-#endif /* !UNDER_CE */
 
   return result;
 }
@@ -757,10 +686,8 @@ CURLcode Curl_verify_certificate(struct Curl_cfilter *cf,
   CERT_CONTEXT *pCertContextServer = NULL;
   const CERT_CHAIN_CONTEXT *pChainContext = NULL;
   HCERTCHAINENGINE cert_chain_engine = NULL;
-#ifndef UNDER_CE
   HCERTSTORE trust_store = NULL;
   HCERTSTORE own_trust_store = NULL;
-#endif /* !UNDER_CE */
 
   DEBUGASSERT(BACKEND);
 
@@ -776,7 +703,6 @@ CURLcode Curl_verify_certificate(struct Curl_cfilter *cf,
     result = CURLE_PEER_FAILED_VERIFICATION;
   }
 
-#ifndef UNDER_CE
   if(result == CURLE_OK &&
      (conn_config->CAfile || conn_config->ca_info_blob) &&
      BACKEND->use_manual_cred_validation) {
@@ -870,7 +796,6 @@ CURLcode Curl_verify_certificate(struct Curl_cfilter *cf,
       }
     }
   }
-#endif /* !UNDER_CE */
 
   if(result == CURLE_OK) {
     CERT_CHAIN_PARA ChainPara;
@@ -934,7 +859,6 @@ CURLcode Curl_verify_certificate(struct Curl_cfilter *cf,
     }
   }
 
-#ifndef UNDER_CE
   if(cert_chain_engine) {
     CertFreeCertificateChainEngine(cert_chain_engine);
   }
@@ -942,7 +866,6 @@ CURLcode Curl_verify_certificate(struct Curl_cfilter *cf,
   if(own_trust_store) {
     CertCloseStore(own_trust_store, 0);
   }
-#endif /* !UNDER_CE */
 
   if(pChainContext)
     CertFreeCertificateChain(pChainContext);
diff --git a/lib/vtls/vtls_scache.c b/lib/vtls/vtls_scache.c
index b9abc6e3fa..328b12403e 100644
--- a/lib/vtls/vtls_scache.c
+++ b/lib/vtls/vtls_scache.c
@@ -386,10 +386,7 @@ static CURLcode cf_ssl_peer_key_add_path(struct dynbuf *buf,
      * valid when used in another process with different CWD. However,
      * when a path does not exist, this does not work. Then, we add
      * the path as is. */
-#ifdef UNDER_CE
-    (void)is_local;
-    return curlx_dyn_addf(buf, ":%s-%s", name, path);
-#elif defined(_WIN32)
+#ifdef _WIN32
     char abspath[_MAX_PATH];
     if(_fullpath(abspath, path, _MAX_PATH))
       return curlx_dyn_addf(buf, ":%s-%s", name, abspath);
diff --git a/m4/xc-lt-iface.m4 b/m4/xc-lt-iface.m4
index a408800353..22eecd349f 100644
--- a/m4/xc-lt-iface.m4
+++ b/m4/xc-lt-iface.m4
@@ -74,7 +74,7 @@ fi
 if test "x$xc_lt_want_enable_shared" = 'xyes' &&
   test "x$xc_lt_want_enable_static" = 'xyes'; then
   case $host_os in @%:@ (
-    cegcc* | os2* | aix*)
+    os2* | aix*)
       xc_lt_want_enable_static='no'
       ;;
   esac
@@ -265,7 +265,7 @@ elif test "x$allow_undefined_flag" = 'xunsupported'; then
   xc_lt_shlib_use_no_undefined='yes'
 fi
 case $host_os in @%:@ (
-  cygwin* | mingw* | cegcc* | os2* | aix*)
+  cygwin* | mingw* | os2* | aix*)
     xc_lt_shlib_use_no_undefined='yes'
     ;;
 esac
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index a70c96b765..9e2bbed8f0 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -121,7 +121,7 @@ if(CURL_HAS_LTO)
   set_target_properties(${EXE_NAME} PROPERTIES INTERPROCEDURAL_OPTIMIZATION TRUE)
 endif()
 
-if(ENABLE_UNICODE AND MINGW AND NOT MINGW32CE)
+if(ENABLE_UNICODE AND MINGW)
   if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.13)
     set_property(TARGET ${EXE_NAME} APPEND PROPERTY LINK_OPTIONS "-municode")
   else()
diff --git a/src/terminal.c b/src/terminal.c
index 014e2df8c0..867ca6edcf 100644
--- a/src/terminal.c
+++ b/src/terminal.c
@@ -64,7 +64,7 @@ unsigned int get_terminal_columns(void)
     struct winsize ts;
     if(!ioctl(STDIN_FILENO, TIOCGWINSZ, &ts))
       cols = (int)ts.ws_col;
-#elif defined(_WIN32) && !defined(CURL_WINDOWS_UWP) && !defined(UNDER_CE)
+#elif defined(_WIN32) && !defined(CURL_WINDOWS_UWP)
     {
       HANDLE stderr_hnd = GetStdHandle(STD_ERROR_HANDLE);
       CONSOLE_SCREEN_BUFFER_INFO console_info;
diff --git a/src/tool_cb_hdr.c b/src/tool_cb_hdr.c
index 2ea8801705..d4431a74b9 100644
--- a/src/tool_cb_hdr.c
+++ b/src/tool_cb_hdr.c
@@ -156,7 +156,7 @@ size_t tool_header_cb(char *ptr, size_t size, size_t nmemb, void *userdata)
           /*
            * Truncate the etag save stream, it can have an existing etag value.
            */
-#if defined(HAVE_FTRUNCATE) && !defined(__MINGW32CE__)
+#ifdef HAVE_FTRUNCATE
           if(ftruncate(fileno(etag_save->stream), 0)) {
             return CURL_WRITEFUNC_ERROR;
           }
diff --git a/src/tool_cb_rea.c b/src/tool_cb_rea.c
index 6c119047ce..cc7ef5a550 100644
--- a/src/tool_cb_rea.c
+++ b/src/tool_cb_rea.c
@@ -122,11 +122,11 @@ size_t tool_read_cb(char *buffer, size_t sz, size_t nmemb, void *userdata)
    On Linux per->infd should be stdin (0) and the block below should not
    execute */
   if(per->uploadfile && !strcmp(per->uploadfile, ".") && per->infd > 0) {
-#if defined(_WIN32) && !defined(CURL_WINDOWS_UWP) && !defined(UNDER_CE)
+#if defined(_WIN32) && !defined(CURL_WINDOWS_UWP)
     rc = CURL_RECV(per->infd, buffer, curlx_uztosi(sz * nmemb), 0);
     if(rc < 0) {
       if(SOCKERRNO == SOCKEWOULDBLOCK) {
-        CURL_SETERRNO(0);
+        errno = 0;
         config->readbusy = TRUE;
         return CURL_READFUNC_PAUSE;
       }
@@ -142,7 +142,7 @@ size_t tool_read_cb(char *buffer, size_t sz, size_t nmemb, void *userdata)
     rc = read(per->infd, buffer, sz*nmemb);
     if(rc < 0) {
       if(errno == EAGAIN) {
-        CURL_SETERRNO(0);
+        errno = 0;
         config->readbusy = TRUE;
         return CURL_READFUNC_PAUSE;
       }
diff --git a/src/tool_cb_see.c b/src/tool_cb_see.c
index 292da1c251..fd1b4c563c 100644
--- a/src/tool_cb_see.c
+++ b/src/tool_cb_see.c
@@ -78,7 +78,7 @@ int tool_seek_cb(void *userdata, curl_off_t offset, int whence)
   }
 #endif
 
-#if defined(__AMIGA__) || defined(__MINGW32CE__)
+#ifdef __AMIGA__
   if(LSEEK_ERROR == lseek(per->infd, (off_t)offset, whence))
 #else
   if(LSEEK_ERROR == lseek(per->infd, offset, whence))
diff --git a/src/tool_cb_wrt.c b/src/tool_cb_wrt.c
index 724706b7a1..48f5fea3c9 100644
--- a/src/tool_cb_wrt.c
+++ b/src/tool_cb_wrt.c
@@ -109,7 +109,7 @@ bool tool_create_output_file(struct OutStruct *outs,
   return TRUE;
 }
 
-#if defined(_WIN32) && !defined(UNDER_CE)
+#ifdef _WIN32
 static size_t win_console(intptr_t fhnd, struct OutStruct *outs,
                           char *buffer, size_t bytes,
                           size_t *retp)
@@ -247,7 +247,7 @@ size_t tool_write_cb(char *buffer, size_t sz, size_t nmemb, void *userdata)
   struct OperationConfig *config = per->config;
   size_t bytes = sz * nmemb;
   bool is_tty = global->isatty;
-#if defined(_WIN32) && !defined(UNDER_CE)
+#ifdef _WIN32
   CONSOLE_SCREEN_BUFFER_INFO console_info;
   intptr_t fhnd;
 #endif
@@ -321,7 +321,7 @@ size_t tool_write_cb(char *buffer, size_t sz, size_t nmemb, void *userdata)
     }
   }
 
-#if defined(_WIN32) && !defined(UNDER_CE)
+#ifdef _WIN32
   fhnd = _get_osfhandle(fileno(outs->stream));
   /* if Windows console then UTF-8 must be converted to UTF-16 */
   if(isatty(fileno(outs->stream)) &&
diff --git a/src/tool_cfgable.c b/src/tool_cfgable.c
index 29d5ecc782..2ddb0ad2fc 100644
--- a/src/tool_cfgable.c
+++ b/src/tool_cfgable.c
@@ -261,7 +261,7 @@ static void free_globalconfig(void)
   global->trace_stream = NULL;
 
   tool_safefree(global->libcurl);
-#if defined(_WIN32) && !defined(UNDER_CE)
+#ifdef _WIN32
   free(global->term.buf);
 #endif
 }
diff --git a/src/tool_cfgable.h b/src/tool_cfgable.h
index cac22483b7..dc78f2db44 100644
--- a/src/tool_cfgable.h
+++ b/src/tool_cfgable.h
@@ -326,7 +326,7 @@ struct OperationConfig {
   BIT(skip_existing);
 };
 
-#if defined(_WIN32) && !defined(UNDER_CE)
+#ifdef _WIN32
 struct termout {
   wchar_t *buf;
   DWORD len;
@@ -343,7 +343,7 @@ struct GlobalConfig {
   struct OperationConfig *first;
   struct OperationConfig *current;
   struct OperationConfig *last;
-#if defined(_WIN32) && !defined(UNDER_CE)
+#ifdef _WIN32
   struct termout term;
 #endif
   timediff_t ms_per_transfer;     /* start next transfer after (at least) this
diff --git a/src/tool_dirhie.c b/src/tool_dirhie.c
index 91cc1b60cb..17b2d01e9b 100644
--- a/src/tool_dirhie.c
+++ b/src/tool_dirhie.c
@@ -23,8 +23,8 @@
  ***************************************************************************/
 #include "tool_setup.h"
 
-#if defined(_WIN32) && !defined(UNDER_CE)
-#  include 
+#ifdef _WIN32
+#include 
 #endif
 
 #include "tool_dirhie.h"
diff --git a/src/tool_doswin.c b/src/tool_doswin.c
index 2b19a163ce..6204296a8b 100644
--- a/src/tool_doswin.c
+++ b/src/tool_doswin.c
@@ -561,7 +561,7 @@ char **__crt0_glob_function(char *arg)
 
 #ifdef _WIN32
 
-#if !defined(CURL_WINDOWS_UWP) && !defined(UNDER_CE) && \
+#if !defined(CURL_WINDOWS_UWP) && \
   !defined(CURL_DISABLE_CA_SEARCH) && !defined(CURL_CA_SEARCH_SAFE)
 /* Search and set the CA cert file for Windows.
  *
@@ -613,7 +613,7 @@ CURLcode FindWin32CACert(struct OperationConfig *config,
 struct curl_slist *GetLoadedModulePaths(void)
 {
   struct curl_slist *slist = NULL;
-#if !defined(CURL_WINDOWS_UWP) && !defined(UNDER_CE)
+#ifndef CURL_WINDOWS_UWP
   HANDLE hnd = INVALID_HANDLE_VALUE;
   MODULEENTRY32 mod = {0};
 
@@ -664,7 +664,7 @@ cleanup:
 
 bool tool_term_has_bold;
 
-#if !defined(CURL_WINDOWS_UWP) && !defined(UNDER_CE)
+#ifndef CURL_WINDOWS_UWP
 /* The terminal settings to restore on exit */
 static struct TerminalSettings {
   HANDLE hStdOut;
@@ -735,14 +735,14 @@ static void init_terminal(void)
 CURLcode win32_init(void)
 {
   curlx_now_init();
-#if !defined(CURL_WINDOWS_UWP) && !defined(UNDER_CE)
+#ifndef CURL_WINDOWS_UWP
   init_terminal();
 #endif
 
   return CURLE_OK;
 }
 
-#if !defined(CURL_WINDOWS_UWP) && !defined(UNDER_CE)
+#ifndef CURL_WINDOWS_UWP
 /* The following STDIN non - blocking read techniques are heavily inspired
    by nmap and ncat (https://nmap.org/ncat/) */
 struct win_thread_data {
@@ -949,7 +949,7 @@ curl_socket_t win32_stdin_read_thread(void)
   return socket_r;
 }
 
-#endif /* !CURL_WINDOWS_UWP && !UNDER_CE */
+#endif /* !CURL_WINDOWS_UWP */
 
 #endif /* _WIN32 */
 
diff --git a/src/tool_doswin.h b/src/tool_doswin.h
index 7fe5260476..01500bdbf7 100644
--- a/src/tool_doswin.h
+++ b/src/tool_doswin.h
@@ -47,7 +47,7 @@ char **__crt0_glob_function(char *arg);
 
 #ifdef _WIN32
 
-#if !defined(CURL_WINDOWS_UWP) && !defined(UNDER_CE) && \
+#if !defined(CURL_WINDOWS_UWP) && \
   !defined(CURL_DISABLE_CA_SEARCH) && !defined(CURL_CA_SEARCH_SAFE)
 CURLcode FindWin32CACert(struct OperationConfig *config,
                          const TCHAR *bundle_file);
@@ -55,9 +55,9 @@ CURLcode FindWin32CACert(struct OperationConfig *config,
 struct curl_slist *GetLoadedModulePaths(void);
 CURLcode win32_init(void);
 
-#if !defined(CURL_WINDOWS_UWP) && !defined(UNDER_CE)
+#ifndef CURL_WINDOWS_UWP
 curl_socket_t win32_stdin_read_thread(void);
-#endif /* !CURL_WINDOWS_UWP && !UNDER_CE */
+#endif
 
 #endif /* _WIN32 */
 
diff --git a/src/tool_formparse.c b/src/tool_formparse.c
index 1d127a5842..c1e9abe9d0 100644
--- a/src/tool_formparse.c
+++ b/src/tool_formparse.c
@@ -121,11 +121,7 @@ static struct tool_mime *tool_mime_new_filedata(struct tool_mime *parent,
     }
   }
   else {        /* Standard input. */
-#ifdef UNDER_CE
-    int fd = STDIN_FILENO;
-#else
     int fd = fileno(stdin);
-#endif
     char *data = NULL;
     curl_off_t size;
     curl_off_t origin;
diff --git a/src/tool_getparam.h b/src/tool_getparam.h
index 6b37cc50eb..d5ef54a81d 100644
--- a/src/tool_getparam.h
+++ b/src/tool_getparam.h
@@ -379,7 +379,7 @@ void parse_cert_parameter(const char *cert_parameter,
 
 ParameterError parse_args(int argc, argv_item_t argv[]);
 
-#if defined(UNICODE) && defined(_WIN32) && !defined(UNDER_CE)
+#if defined(UNICODE) && defined(_WIN32)
 
 #define convert_UTF8_to_tchar(ptr) curlx_convert_UTF8_to_wchar((ptr))
 #define convert_tchar_to_UTF8(ptr) curlx_convert_wchar_to_UTF8((ptr))
diff --git a/src/tool_getpass.c b/src/tool_getpass.c
index a4dea347ef..014c22813a 100644
--- a/src/tool_getpass.c
+++ b/src/tool_getpass.c
@@ -42,7 +42,7 @@
 #  include iodef
 #endif
 
-#if defined(_WIN32) && !defined(UNDER_CE)
+#ifdef _WIN32
 #  include 
 #endif
 
@@ -115,7 +115,7 @@ char *getpass_r(const char *prompt, char *buffer, size_t buflen)
   return buffer; /* we always return success */
 }
 #define DONE
-#endif /* _WIN32 && !UNDER_CE */
+#endif /* _WIN32 */
 
 #ifndef DONE /* not previously provided */
 
diff --git a/src/tool_main.c b/src/tool_main.c
index 4e70c1081c..8df63ef05a 100644
--- a/src/tool_main.c
+++ b/src/tool_main.c
@@ -27,9 +27,7 @@
 #include 
 #endif
 
-#ifndef UNDER_CE
 #include 
-#endif
 
 #ifdef HAVE_FCNTL_H
 #include 
@@ -143,7 +141,7 @@ static void memory_tracking_init(void)
 /*
 ** curl tool main function.
 */
-#if defined(_UNICODE) && !defined(UNDER_CE)
+#ifdef _UNICODE
 #if defined(__GNUC__) || defined(__clang__)
 /* GCC does not know about wmain() */
 #pragma GCC diagnostic push
@@ -159,7 +157,7 @@ int main(int argc, char *argv[])
 
   tool_init_stderr();
 
-#if defined(_WIN32) && !defined(UNDER_CE)
+#ifdef _WIN32
   /* Undocumented diagnostic option to list the full paths of all loaded
      modules. This is purposely pre-init. */
   if(argc == 2 && !_tcscmp(argv[1], _T("--dump-module-paths"))) {
@@ -169,8 +167,7 @@ int main(int argc, char *argv[])
     curl_slist_free_all(head);
     return head ? 0 : 1;
   }
-#endif
-#ifdef _WIN32
+
   /* win32_init must be called before other init routines. */
   result = win32_init();
   if(result) {
@@ -214,7 +211,7 @@ int main(int argc, char *argv[])
 #endif
 }
 
-#if defined(_UNICODE) && !defined(UNDER_CE)
+#ifdef _UNICODE
 #if defined(__GNUC__) || defined(__clang__)
 #pragma GCC diagnostic pop
 #endif
diff --git a/src/tool_operate.c b/src/tool_operate.c
index b7c8805b3a..8949ce2a52 100644
--- a/src/tool_operate.c
+++ b/src/tool_operate.c
@@ -555,25 +555,19 @@ static CURLcode retrycheck(struct OperationConfig *config,
     }
 
     if(truncate && outs->bytes && outs->filename && outs->stream) {
-#ifndef __MINGW32CE__
       struct_stat fileinfo;
 
       /* The output can be a named pipe or a character device etc that
          cannot be truncated. Only truncate regular files. */
       if(!fstat(fileno(outs->stream), &fileinfo) &&
-         S_ISREG(fileinfo.st_mode))
-#else
-        /* Windows CE's fileno() is bad so just skip the check */
-#endif
-      {
+         S_ISREG(fileinfo.st_mode)) {
         int rc;
         /* We have written data to an output file, we truncate file */
         fflush(outs->stream);
         notef("Throwing away %"  CURL_FORMAT_CURL_OFF_T " bytes",
               outs->bytes);
         /* truncate file at the position where we started appending */
-#if defined(HAVE_FTRUNCATE) && !defined(__DJGPP__) && !defined(__AMIGA__) && \
-  !defined(__MINGW32CE__)
+#if defined(HAVE_FTRUNCATE) && !defined(__DJGPP__) && !defined(__AMIGA__)
         if(ftruncate(fileno(outs->stream), outs->init)) {
           /* when truncate fails, we cannot just append as then we will
              create something strange, bail out */
@@ -625,7 +619,7 @@ static CURLcode post_per_transfer(struct per_transfer *per,
 
   if(per->uploadfile) {
     if(!strcmp(per->uploadfile, ".") && per->infd > 0) {
-#if defined(_WIN32) && !defined(CURL_WINDOWS_UWP) && !defined(UNDER_CE)
+#if defined(_WIN32) && !defined(CURL_WINDOWS_UWP)
       sclose(per->infd);
 #else
       warnf("Closing per->infd != 0: FD == "
@@ -1122,7 +1116,7 @@ static void check_stdin_upload(struct OperationConfig *config,
 
   CURLX_SET_BINMODE(stdin);
   if(!strcmp(per->uploadfile, ".")) {
-#if defined(_WIN32) && !defined(CURL_WINDOWS_UWP) && !defined(UNDER_CE)
+#if defined(_WIN32) && !defined(CURL_WINDOWS_UWP)
     /* non-blocking stdin behavior on Windows is challenging
        Spawn a new thread that will read from stdin and write
        out to a socket */
@@ -2100,8 +2094,7 @@ static CURLcode cacertpaths(struct OperationConfig *config)
         goto fail;
       }
     }
-#elif !defined(CURL_WINDOWS_UWP) && !defined(UNDER_CE) && \
-  !defined(CURL_DISABLE_CA_SEARCH)
+#elif !defined(CURL_WINDOWS_UWP) && !defined(CURL_DISABLE_CA_SEARCH)
     result = FindWin32CACert(config, TEXT("curl-ca-bundle.crt"));
     if(result)
       goto fail;
@@ -2234,11 +2227,8 @@ CURLcode operate(int argc, argv_item_t argv[])
 {
   CURLcode result = CURLE_OK;
   const char *first_arg;
-#ifdef UNDER_CE
-  first_arg = argc > 1 ? strdup(argv[1]) : NULL;
-#else
+
   first_arg = argc > 1 ? convert_tchar_to_UTF8(argv[1]) : NULL;
-#endif
 
 #ifdef HAVE_SETLOCALE
   /* Override locale for number parsing (only) */
diff --git a/src/tool_parsecfg.c b/src/tool_parsecfg.c
index 46096d5b5a..5fce4e24d1 100644
--- a/src/tool_parsecfg.c
+++ b/src/tool_parsecfg.c
@@ -100,7 +100,7 @@ ParameterError parseconfig(const char *filename, int max_recursive)
       }
       filename = pathalloc = curlrc;
     }
-#if defined(_WIN32) && !defined(UNDER_CE)
+#ifdef _WIN32
     else {
       char *fullp;
       /* check for .curlrc then _curlrc in the directory of the executable */
diff --git a/src/tool_setup.h b/src/tool_setup.h
index a661040737..17c2f420b5 100644
--- a/src/tool_setup.h
+++ b/src/tool_setup.h
@@ -93,15 +93,6 @@ extern FILE *tool_stderr;
 /* set in init_terminal() */
 extern bool tool_term_has_bold;
 
-#ifdef UNDER_CE
-#  undef isatty
-#  define isatty(fd) 0  /* fd is void*, expects int */
-#  undef _get_osfhandle
-#  define _get_osfhandle(fd) (fd)
-#  undef _getch
-#  define _getch() 0
-#endif
-
 #ifndef HAVE_FTRUNCATE
 
 int tool_ftruncate64(int fd, curl_off_t where);
diff --git a/src/tool_util.c b/src/tool_util.c
index f8415d2a17..a2798876ea 100644
--- a/src/tool_util.c
+++ b/src/tool_util.c
@@ -80,17 +80,9 @@ int struplocompare4sort(const void *p1, const void *p2)
 }
 
 #ifdef USE_TOOL_FTRUNCATE
-
-#ifdef UNDER_CE
-/* 64-bit lseek-like function unavailable */
-#  undef _lseeki64
-#  define _lseeki64(hnd,ofs,whence) lseek(hnd,ofs,whence)
-#endif
-
 /*
  * Truncate a file handle at a 64-bit position 'where'.
  */
-
 int tool_ftruncate64(int fd, curl_off_t where)
 {
   intptr_t handle = _get_osfhandle(fd);
@@ -103,10 +95,9 @@ int tool_ftruncate64(int fd, curl_off_t where)
 
   return 0;
 }
-
 #endif /* USE_TOOL_FTRUNCATE */
 
-#if defined(_WIN32) && !defined(UNDER_CE)
+#ifdef _WIN32
 FILE *tool_execpath(const char *filename, char **pathp)
 {
   static char filebuffer[512];
diff --git a/src/tool_util.h b/src/tool_util.h
index c97c1c03c2..12206ce980 100644
--- a/src/tool_util.h
+++ b/src/tool_util.h
@@ -34,7 +34,7 @@ struct timeval tvrealnow(void);
 int struplocompare(const char *p1, const char *p2);
 int struplocompare4sort(const void *p1, const void *p2);
 
-#if defined(_WIN32) && !defined(UNDER_CE)
+#ifdef _WIN32
 FILE *tool_execpath(const char *filename, char **pathp);
 #endif
 
diff --git a/tests/libtest/lib505.c b/tests/libtest/lib505.c
index b4f7702851..88cbdd8a44 100644
--- a/tests/libtest/lib505.c
+++ b/tests/libtest/lib505.c
@@ -61,12 +61,7 @@ static CURLcode test_lib505(const char *URL)
   }
 
   /* get the file size of the local file */
-#ifdef UNDER_CE
-  /* !checksrc! disable BANNEDFUNC 1 */
-  hd = stat(libtest_arg2, &file_info);
-#else
   hd = fstat(fileno(hd_src), &file_info);
-#endif
   if(hd == -1) {
     /* can't open file, bail out */
     curl_mfprintf(stderr, "fstat() failed with error (%d) %s\n",
diff --git a/tests/libtest/lib525.c b/tests/libtest/lib525.c
index 4c33973ec9..292dd59f21 100644
--- a/tests/libtest/lib525.c
+++ b/tests/libtest/lib525.c
@@ -52,12 +52,7 @@ static CURLcode test_lib525(const char *URL)
   }
 
   /* get the file size of the local file */
-#ifdef UNDER_CE
-  /* !checksrc! disable BANNEDFUNC 1 */
-  hd = stat(libtest_arg2, &file_info);
-#else
   hd = fstat(fileno(hd_src), &file_info);
-#endif
   if(hd == -1) {
     /* can't open file, bail out */
     curl_mfprintf(stderr, "fstat() failed with error (%d) %s\n",
diff --git a/tests/libtest/lib541.c b/tests/libtest/lib541.c
index dfe585d9da..8a2b76f8d0 100644
--- a/tests/libtest/lib541.c
+++ b/tests/libtest/lib541.c
@@ -52,12 +52,7 @@ static CURLcode test_lib541(const char *URL)
   }
 
   /* get the file size of the local file */
-#ifdef UNDER_CE
-  /* !checksrc! disable BANNEDFUNC 1 */
-  hd = stat(libtest_arg2, &file_info);
-#else
   hd = fstat(fileno(hd_src), &file_info);
-#endif
   if(hd == -1) {
     /* can't open file, bail out */
     curl_mfprintf(stderr, "fstat() failed with error (%d) %s\n",
diff --git a/tests/libtest/lib556.c b/tests/libtest/lib556.c
index 78b89975e8..daf92fe1e6 100644
--- a/tests/libtest/lib556.c
+++ b/tests/libtest/lib556.c
@@ -80,11 +80,7 @@ again:
 
       if(nread) {
         /* send received stuff to stdout */
-#ifdef UNDER_CE
-        if((size_t)fwrite(buf, sizeof(buf[0]), nread, stdout) != nread) {
-#else
         if((size_t)write(STDOUT_FILENO, buf, nread) != nread) {
-#endif
           char errbuf[STRERROR_LEN];
           curl_mfprintf(stderr, "write() failed: errno %d (%s)\n",
                         errno, curlx_strerror(errno, errbuf, sizeof(errbuf)));
diff --git a/tests/libtest/lib582.c b/tests/libtest/lib582.c
index e013daedff..9601f29c71 100644
--- a/tests/libtest/lib582.c
+++ b/tests/libtest/lib582.c
@@ -254,12 +254,7 @@ static CURLcode test_lib582(const char *URL)
   }
 
   /* get the file size of the local file */
-#ifdef UNDER_CE
-  /* !checksrc! disable BANNEDFUNC 1 */
-  hd = stat(libtest_arg2, &file_info);
-#else
   hd = fstat(fileno(hd_src), &file_info);
-#endif
   if(hd == -1) {
     /* can't open file, bail out */
     curl_mfprintf(stderr, "fstat() failed with error (%d) %s\n",
diff --git a/tests/server/first.h b/tests/server/first.h
index 3a7255ccb8..fc581487e6 100644
--- a/tests/server/first.h
+++ b/tests/server/first.h
@@ -48,9 +48,7 @@ struct entry_s {
 
 extern const struct entry_s s_entries[];
 
-#ifndef UNDER_CE
 #include 
-#endif
 #ifdef HAVE_NETINET_IN_H
 #include 
 #endif
diff --git a/tests/server/sockfilt.c b/tests/server/sockfilt.c
index 7320fa6fe9..b4896260b9 100644
--- a/tests/server/sockfilt.c
+++ b/tests/server/sockfilt.c
@@ -101,7 +101,7 @@ enum sockmode {
   ACTIVE_DISCONNECT  /* as a client, disconnected from server */
 };
 
-#if defined(_WIN32) && !defined(CURL_WINDOWS_UWP) && !defined(UNDER_CE)
+#if defined(_WIN32) && !defined(CURL_WINDOWS_UWP)
 /*
  * read-wrapper to support reading from stdin on Windows.
  */
@@ -128,7 +128,7 @@ static ssize_t read_wincon(int fd, void *buf, size_t count)
     return rcount;
   }
 
-  CURL_SETERRNO((int)GetLastError());
+  errno = (int)GetLastError();
   return -1;
 }
 
@@ -161,7 +161,7 @@ static ssize_t write_wincon(int fd, const void *buf, size_t count)
     return wcount;
   }
 
-  CURL_SETERRNO((int)GetLastError());
+  errno = (int)GetLastError();
   return -1;
 }
 #define SOCKFILT_read  read_wincon
@@ -171,8 +171,6 @@ static ssize_t write_wincon(int fd, const void *buf, size_t count)
 #define SOCKFILT_write write
 #endif
 
-#ifndef UNDER_CE
-
 /* On Windows, we sometimes get this for a broken pipe, seemingly
  * when the client just closed stdin? */
 #define CURL_WIN32_EPIPE      109
@@ -296,7 +294,6 @@ static bool read_stdin(void *buffer, size_t nbytes)
   }
   return TRUE;
 }
-#endif
 
 /*
  * write_stdout tries to write to stdio nbytes from the given buffer. This is a
@@ -308,12 +305,7 @@ static bool read_stdin(void *buffer, size_t nbytes)
 static bool write_stdout(const void *buffer, size_t nbytes)
 {
   ssize_t nwrite;
-#ifdef UNDER_CE
-  puts(buffer);
-  nwrite = nbytes;
-#else
   nwrite = fullwrite(fileno(stdout), buffer, nbytes);
-#endif
   if(nwrite != (ssize_t)nbytes) {
     logmsg("exiting...");
     return FALSE;
@@ -321,7 +313,6 @@ static bool write_stdout(const void *buffer, size_t nbytes)
   return TRUE;
 }
 
-#ifndef UNDER_CE
 static void lograw(unsigned char *buffer, ssize_t len)
 {
   char data[120];
@@ -401,10 +392,8 @@ static bool read_data_block(unsigned char *buffer, ssize_t maxlen,
 
   return TRUE;
 }
-#endif
 
-
-#if defined(USE_WINSOCK) && !defined(CURL_WINDOWS_UWP) && !defined(UNDER_CE)
+#if defined(USE_WINSOCK) && !defined(CURL_WINDOWS_UWP)
 /*
  * Winsock select() does not support standard file descriptors,
  * it can only check SOCKETs. The following function is an attempt
@@ -867,8 +856,6 @@ static int select_ws(int nfds, fd_set *readfds, fd_set *writefds,
 #define SOCKFILT_select(a,b,c,d,e) select(a,b,c,d,e)
 #endif  /* USE_WINSOCK */
 
-
-#ifndef UNDER_CE
 /* Perform the disconnect handshake with sockfilt
  * This involves waiting for the disconnect acknowledgment after the DISC
  * command, while throwing away anything else that might come in before
@@ -923,7 +910,6 @@ static bool disc_handshake(void)
   } while(TRUE);
   return TRUE;
 }
-#endif
 
 /*
   sockfdp is a pointer to an established stream or CURL_SOCKET_BAD
@@ -935,12 +921,6 @@ static bool juggle(curl_socket_t *sockfdp,
                    curl_socket_t listenfd,
                    enum sockmode *mode)
 {
-#ifdef UNDER_CE
-  (void)sockfdp;
-  (void)listenfd;
-  (void)mode;
-  return FALSE;
-#else
   struct timeval timeout;
   fd_set fds_read;
   fd_set fds_write;
@@ -1217,7 +1197,6 @@ static bool juggle(curl_socket_t *sockfdp,
   }
 
   return TRUE;
-#endif
 }
 
 static int test_sockfilt(int argc, char *argv[])
diff --git a/tests/server/util.c b/tests/server/util.c
index 6de8000327..afe6986263 100644
--- a/tests/server/util.c
+++ b/tests/server/util.c
@@ -333,7 +333,7 @@ static SIGHANDLER_T old_sigterm_handler = SIG_ERR;
 static SIGHANDLER_T old_sigbreak_handler = SIG_ERR;
 #endif
 
-#if defined(_WIN32) && !defined(CURL_WINDOWS_UWP) && !defined(UNDER_CE)
+#if defined(_WIN32) && !defined(CURL_WINDOWS_UWP)
 static DWORD thread_main_id = 0;
 static HANDLE thread_main_window = NULL;
 static HWND hidden_main_window = NULL;
@@ -344,7 +344,6 @@ static HWND hidden_main_window = NULL;
  * The first time this is called it will set got_exit_signal to one and
  * store in exit_signal the signal that triggered its execution.
  */
-#ifndef UNDER_CE
 /*
  * Only call signal-safe functions from the signal handler, as required by
  * the POSIX specification:
@@ -387,11 +386,10 @@ static void exit_signal_handler(int signum)
 #endif
   }
   (void)signal(signum, exit_signal_handler);
-  CURL_SETERRNO(old_errno);
+  errno = old_errno;
 }
-#endif
 
-#if defined(_WIN32) && !defined(UNDER_CE)
+#ifdef _WIN32
 /* CTRL event handler for Windows Console applications to simulate
  * SIGINT, SIGTERM and SIGBREAK on CTRL events and trigger signal handler.
  *
@@ -439,7 +437,7 @@ static BOOL WINAPI ctrl_event_handler(DWORD dwCtrlType)
 }
 #endif
 
-#if defined(_WIN32) && !defined(CURL_WINDOWS_UWP) && !defined(UNDER_CE)
+#if defined(_WIN32) && !defined(CURL_WINDOWS_UWP)
 /* Window message handler for Windows applications to add support
  * for graceful process termination via taskkill (without /f) which
  * sends WM_CLOSE to all Windows of a process (even hidden ones).
@@ -519,7 +517,6 @@ static DWORD WINAPI main_window_loop(void *lpParameter)
 }
 #endif
 
-#ifndef UNDER_CE
 static SIGHANDLER_T set_signal(int signum, SIGHANDLER_T handler,
                                bool restartable)
 {
@@ -549,7 +546,6 @@ static SIGHANDLER_T set_signal(int signum, SIGHANDLER_T handler,
   return oldhdlr;
 #endif
 }
-#endif
 
 void install_signal_handlers(bool keep_sigalrm)
 {
@@ -608,12 +604,10 @@ void install_signal_handlers(bool keep_sigalrm)
            errno, curlx_strerror(errno, errbuf, sizeof(errbuf)));
 #endif
 #ifdef _WIN32
-#ifndef UNDER_CE
   if(!SetConsoleCtrlHandler(ctrl_event_handler, TRUE))
     logmsg("cannot install CTRL event handler");
-#endif
 
-#if !defined(CURL_WINDOWS_UWP) && !defined(UNDER_CE)
+#ifndef CURL_WINDOWS_UWP
   thread_main_window = CreateThread(NULL, 0, &main_window_loop,
                                     GetModuleHandle(NULL), 0, &thread_main_id);
   if(!thread_main_window || !thread_main_id)
@@ -653,10 +647,8 @@ void restore_signal_handlers(bool keep_sigalrm)
     (void)set_signal(SIGBREAK, old_sigbreak_handler, FALSE);
 #endif
 #ifdef _WIN32
-#ifndef UNDER_CE
   (void)SetConsoleCtrlHandler(ctrl_event_handler, FALSE);
-#endif
-#if !defined(CURL_WINDOWS_UWP) && !defined(UNDER_CE)
+#ifndef CURL_WINDOWS_UWP
   if(thread_main_window && thread_main_id) {
     if(PostThreadMessage(thread_main_id, WM_APP, 0, 0)) {
       if(WaitForSingleObjectEx(thread_main_window, INFINITE, TRUE)) {

From 2e1a045d8985e5daa4d9a4f908ed870a16d8e41e Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sun, 13 Jul 2025 12:57:26 +0200
Subject: [PATCH 0862/2408] build: drop support for VS2008 (Windows)

Require Visual Studio 2010 or newer.

Ref: https://github.com/curl/curl/discussions/15972

Follow-up to dc28bb86c1e466c667ce220fd2e51355cd8bae8d #17798
Follow-up to 63e513b106113db0b1b68bab347b80cb4cef4e65 #17380

Closes #17931
---
 CMake/win32-cache.cmake |  6 +-----
 docs/DEPRECATE.md       | 12 +-----------
 docs/INSTALL.md         |  2 +-
 lib/config-win32.h      | 19 +++++++++----------
 lib/curl_setup.h        |  4 ++--
 lib/curl_setup_once.h   |  2 --
 lib/rand.c              |  4 ----
 lib/vtls/schannel_int.h |  2 +-
 lib/vtls/vtls_spack.c   | 11 -----------
 9 files changed, 15 insertions(+), 47 deletions(-)

diff --git a/CMake/win32-cache.cmake b/CMake/win32-cache.cmake
index 50c319d1b6..870acf80de 100644
--- a/CMake/win32-cache.cmake
+++ b/CMake/win32-cache.cmake
@@ -53,11 +53,7 @@ else()
   if(MSVC)
     set(HAVE_UNISTD_H 0)
     set(HAVE_STDDEF_H 1)  # detected by CMake internally in check_type_size()
-    if(MSVC_VERSION GREATER_EQUAL 1600)
-      set(HAVE_STDINT_H 1)  # detected by CMake internally in check_type_size()
-    else()
-      set(HAVE_STDINT_H 0)  # detected by CMake internally in check_type_size()
-    endif()
+    set(HAVE_STDINT_H 1)  # detected by CMake internally in check_type_size()
     if(MSVC_VERSION GREATER_EQUAL 1800)
       set(HAVE_STDBOOL_H 1)
     else()
diff --git a/docs/DEPRECATE.md b/docs/DEPRECATE.md
index d02174d8ca..102969e4b1 100644
--- a/docs/DEPRECATE.md
+++ b/docs/DEPRECATE.md
@@ -12,17 +12,6 @@ email the
 as soon as possible and explain to us why this is a problem for you and
 how your use case cannot be satisfied properly using a workaround.
 
-## VS2008
-
-curl drops support for getting built with Microsoft Visual Studio 2008 in
-November 2025.
-
-The only reason we kept support for this version is for Windows CE - and we
-intend to remove support for that Operating System in this time frame as well.
-Bumping the minimum to VS2010. VS2008 is a pain to support.
-
-Previous discussion and details: https://github.com/curl/curl/discussions/15972
-
 ## Windows XP
 
 In January 2026, curl drops support for Windows XP and Server 2003. Their
@@ -94,3 +83,4 @@ Support for RTMP in libcurl gets removed in April 2026.
  - msh3 (removed in 8.16.0)
  - winbuild build system (removed in 8.17.0)
  - Windows CE (removed in 8.18.0)
+ - Support for Visual Studio 2008 (removed in 8.18.0)
diff --git a/docs/INSTALL.md b/docs/INSTALL.md
index 0db7848a22..f3db34da28 100644
--- a/docs/INSTALL.md
+++ b/docs/INSTALL.md
@@ -200,7 +200,7 @@ Building for Windows XP is required as a minimum.
 
 You can build curl with:
 
-- Microsoft Visual Studio 2008 v9.0 or later (`_MSC_VER >= 1500`)
+- Microsoft Visual Studio 2010 v10.0 or later (`_MSC_VER >= 1600`)
 - MinGW-w64 3.0 or later (`__MINGW64_VERSION_MAJOR >= 3`)
 
 ## Building Windows DLLs and C runtime (CRT) linkage issues
diff --git a/lib/config-win32.h b/lib/config-win32.h
index bf9038a894..4bf034bea3 100644
--- a/lib/config-win32.h
+++ b/lib/config-win32.h
@@ -56,22 +56,21 @@
 #        error VS2012 does not support build targets prior to Windows Vista
 #      endif
 #    endif
-   /* Default target settings and minimum build target check for
-      VS2008 and VS2010 */
+   /* VS2010 default target settings and minimum build target check. */
 #  else
-#    define VS2008_MIN_TARGET 0x0501  /* XP */
-     /* VS2008 default build target is Windows Vista (0x0600).
+     /* VS2010 default build target is Windows 7 (0x0601).
         We override default target to be Windows XP. */
-#    define VS2008_DEF_TARGET 0x0501  /* XP */
+#    define VS2010_MIN_TARGET 0x0501  /* XP */
+#    define VS2010_DEF_TARGET 0x0501  /* XP */
 
 #    ifndef _WIN32_WINNT
-#    define _WIN32_WINNT VS2008_DEF_TARGET
+#    define _WIN32_WINNT VS2010_DEF_TARGET
 #    endif
 #    ifndef WINVER
-#    define WINVER VS2008_DEF_TARGET
+#    define WINVER VS2010_DEF_TARGET
 #    endif
-#    if (_WIN32_WINNT < VS2008_MIN_TARGET) || (WINVER < VS2008_MIN_TARGET)
-#      error VS2008 does not support build targets prior to Windows XP
+#    if (_WIN32_WINNT < VS2010_MIN_TARGET) || (WINVER < VS2010_MIN_TARGET)
+#      error VS2010 does not support build targets prior to Windows XP
 #    endif
 #  endif
 #endif /* _MSC_VER */
@@ -104,7 +103,7 @@
 #endif
 
 /* Define to 1 if you have the  header file. */
-#if (defined(_MSC_VER) && (_MSC_VER >= 1600)) || defined(__MINGW32__)
+#if defined(_MSC_VER) || defined(__MINGW32__)
 #define HAVE_STDINT_H 1
 #endif
 
diff --git a/lib/curl_setup.h b/lib/curl_setup.h
index fe3b9e0ee3..bf7030f693 100644
--- a/lib/curl_setup.h
+++ b/lib/curl_setup.h
@@ -80,9 +80,9 @@
 #error "Building curl requires mingw-w64 3.0 or later"
 #endif
 
-/* Visual Studio 2008 is the minimum Visual Studio version we support.
+/* Visual Studio 2010 is the minimum Visual Studio version we support.
    Workarounds for older versions of Visual Studio have been removed. */
-#if defined(_MSC_VER) && (_MSC_VER < 1500)
+#if defined(_MSC_VER) && (_MSC_VER < 1600)
 #error "Ancient versions of Visual Studio are no longer supported due to bugs."
 #endif
 
diff --git a/lib/curl_setup_once.h b/lib/curl_setup_once.h
index 1c2194c502..7caf6c9bc5 100644
--- a/lib/curl_setup_once.h
+++ b/lib/curl_setup_once.h
@@ -65,8 +65,6 @@
    Use it for APIs that do not or cannot support the const qualifier. */
 #ifdef HAVE_STDINT_H
 #  define CURL_UNCONST(p) ((void *)(uintptr_t)(const void *)(p))
-#elif defined(_WIN32)  /* for VS2008 */
-#  define CURL_UNCONST(p) ((void *)(ULONG_PTR)(const void *)(p))
 #else
 #  define CURL_UNCONST(p) ((void *)(p))  /* Fall back to simple cast */
 #endif
diff --git a/lib/rand.c b/lib/rand.c
index cbfcbf2740..5eace02833 100644
--- a/lib/rand.c
+++ b/lib/rand.c
@@ -50,10 +50,6 @@
 #  include 
 #  ifdef _MSC_VER
 #    pragma comment(lib, "bcrypt.lib")
-#  endif
-   /* Offered by mingw-w64 v3+. MS SDK v7.0A+. */
-#  ifndef BCRYPT_USE_SYSTEM_PREFERRED_RNG
-#  define BCRYPT_USE_SYSTEM_PREFERRED_RNG 0x00000002
 #  endif
 #  ifndef STATUS_SUCCESS
 #  define STATUS_SUCCESS ((NTSTATUS)0x00000000L)
diff --git a/lib/vtls/schannel_int.h b/lib/vtls/schannel_int.h
index 05116dfa1a..88f03aaf68 100644
--- a/lib/vtls/schannel_int.h
+++ b/lib/vtls/schannel_int.h
@@ -31,7 +31,7 @@
 #include "vtls.h"
 #include "../curl_sha256.h"
 
-#if defined(_MSC_VER) && (_MSC_VER <= 1600)
+#if defined(_MSC_VER) && (_MSC_VER < 1700)
 /* Workaround for warning:
    'type cast' : conversion from 'int' to 'LPCSTR' of greater size */
 #undef CERT_STORE_PROV_MEMORY
diff --git a/lib/vtls/vtls_spack.c b/lib/vtls/vtls_spack.c
index 10d16f213d..d86f31d727 100644
--- a/lib/vtls/vtls_spack.c
+++ b/lib/vtls/vtls_spack.c
@@ -36,17 +36,6 @@
 #include "../curl_memory.h"
 #include "../memdebug.h"
 
-#ifdef _MSC_VER
-#if _MSC_VER >= 1600
-#include 
-#else
-typedef unsigned char uint8_t;
-typedef unsigned __int16 uint16_t;
-typedef unsigned __int32 uint32_t;
-typedef unsigned __int64 uint64_t;
-#endif
-#endif /* _MSC_VER */
-
 #ifndef UINT16_MAX
 #define UINT16_MAX    0xffff
 #endif

From 69c89bf3d3137fcbb2b8bc57233182adcf1e2817 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 27 Aug 2025 00:54:22 +0200
Subject: [PATCH 0863/2408] openssl: bump minimum OpenSSL version to 3.0.0

It also means that all supported OpenSSL versions and forks support
TLSv1.3 after this patch.

It reduces `openssl.c` size by more than 10%, or 400 LOC.

Ref: #18822
Closes #18330
---
 .github/workflows/linux.yml |   6 +-
 CMakeLists.txt              |   3 +-
 appveyor.sh                 |   5 +-
 appveyor.yml                |  15 +-
 docs/INTERNALS.md           |   2 +-
 lib/curl_sha512_256.c       |   6 +-
 lib/dllmain.c               |   2 +-
 lib/vtls/openssl.c          | 477 ++----------------------------------
 lib/vtls/openssl.h          |   3 +-
 m4/curl-openssl.m4          |  33 ++-
 10 files changed, 59 insertions(+), 493 deletions(-)

diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml
index 773e5b4e91..fd70d825ec 100644
--- a/.github/workflows/linux.yml
+++ b/.github/workflows/linux.yml
@@ -329,10 +329,10 @@ jobs:
             install_steps: intel
             configure: CC=icc --enable-debug --with-openssl
 
-          - name: 'Slackware openssl gssapi gcc'
-            # These are essentially the same flags used to build the curl Slackware package
+          - name: 'Slackware !ssl gssapi gcc'
+            # Flags used to build the curl Slackware package, except OpenSSL 1.1.0:
             # https://ftpmirror.infania.net/slackware/slackware64-current/source/n/curl/curl.SlackBuild
-            configure: --enable-debug --with-openssl --with-libssh2 --with-gssapi --enable-ares --enable-static=no --without-ca-bundle --with-ca-path=/etc/ssl/certs
+            configure: --enable-debug --without-ssl --with-libssh2 --with-gssapi --enable-ares --enable-static=no --without-ca-bundle --with-ca-path=/etc/ssl/certs
             # Docker Hub image that `container-job` executes in
             container: 'andy5995/slackware-build-essential:15.0'
 
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 0b9b666adb..8876b5e636 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -2152,8 +2152,7 @@ message(STATUS "Features: ${SUPPORT_FEATURES}")
 # Clear list and collect SSL backends
 set(_items "")
 curl_add_if("Schannel"         _ssl_enabled AND USE_SCHANNEL)
-curl_add_if("${_openssl}"      _ssl_enabled AND USE_OPENSSL AND OPENSSL_VERSION VERSION_LESS 3.0.0)
-curl_add_if("${_openssl} v3+"  _ssl_enabled AND USE_OPENSSL AND OPENSSL_VERSION VERSION_GREATER_EQUAL 3.0.0)
+curl_add_if("${_openssl}"      _ssl_enabled AND USE_OPENSSL)
 curl_add_if("mbedTLS"          _ssl_enabled AND USE_MBEDTLS)
 curl_add_if("wolfSSL"          _ssl_enabled AND USE_WOLFSSL)
 curl_add_if("GnuTLS"           _ssl_enabled AND USE_GNUTLS)
diff --git a/appveyor.sh b/appveyor.sh
index 81407f7f33..ccd0cc86b0 100644
--- a/appveyor.sh
+++ b/appveyor.sh
@@ -35,12 +35,11 @@ esac
 
 if [ "${APPVEYOR_BUILD_WORKER_IMAGE}" = 'Visual Studio 2022' ]; then
   openssl_root_win="C:/OpenSSL-v35${openssl_suffix}"
+  openssl_root="$(cygpath "${openssl_root_win}")"
 elif [ "${APPVEYOR_BUILD_WORKER_IMAGE}" = 'Visual Studio 2019' ]; then
   openssl_root_win="C:/OpenSSL-v30${openssl_suffix}"
-else
-  openssl_root_win="C:/OpenSSL-v111${openssl_suffix}"
+  openssl_root="$(cygpath "${openssl_root_win}")"
 fi
-openssl_root="$(cygpath "${openssl_root_win}")"
 
 if [ "${BUILD_SYSTEM}" = 'CMake' ]; then
   # Set env CHKPREFILL to the value '_chkprefill' to compare feature detection
diff --git a/appveyor.yml b/appveyor.yml
index 98e6e51609..3d5c6b55ac 100644
--- a/appveyor.yml
+++ b/appveyor.yml
@@ -70,35 +70,34 @@ environment:
       SCHANNEL: 'ON'
       SHARED: 'ON'
       EXAMPLES: 'ON'
-    - job_name: 'CM VS2012, Release, x86, OpenSSL 1.1.1 + Schannel, Shared, Build-tests'
+    - job_name: 'CM VS2012, Release, x86, Schannel, Shared, Build-tests'
       APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2015'
       PRJ_GEN: 'Visual Studio 11 2012'
       TARGET: '-A Win32'
       PRJ_CFG: Release
-      OPENSSL: 'ON'
       SCHANNEL: 'ON'
       SHARED: 'ON'
-    - job_name: 'CM VS2013, Debug, x64, OpenSSL 1.1.1, Shared, Build-only'
+    - job_name: 'CM VS2013, Debug, x64, Schannel, Shared, Build-only'
       APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2015'
       PRJ_GEN: 'Visual Studio 12 2013'
       TARGET: '-A x64'
       PRJ_CFG: Debug
-      OPENSSL: 'ON'
+      SCHANNEL: 'ON'
       SHARED: 'ON'
       TFLAGS: 'skipall'
-    - job_name: 'CM VS2015, Debug, x64, OpenSSL 1.1.1, Static, Build-only'
+    - job_name: 'CM VS2015, Debug, x64, Schannel, Static, Build-only'
       APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2015'
       PRJ_GEN: 'Visual Studio 14 2015'
       TARGET: '-A x64'
       PRJ_CFG: Debug
-      OPENSSL: 'ON'
+      SCHANNEL: 'ON'
       TFLAGS: 'skipall'
-    - job_name: 'CM VS2017, Debug, x64, OpenSSL 1.1.1, Shared, Build-only'
+    - job_name: 'CM VS2017, Debug, x64, Schannel, Shared, Build-only'
       APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2017'
       PRJ_GEN: 'Visual Studio 15 2017'
       TARGET: '-A x64'
       PRJ_CFG: Debug
-      OPENSSL: 'ON'
+      SCHANNEL: 'ON'
       SHARED: 'ON'
       TFLAGS: 'skipall'
     - job_name: 'CM VS2019, Debug, x64, OpenSSL 3.0 + Schannel, Shared, Build-tests'
diff --git a/docs/INTERNALS.md b/docs/INTERNALS.md
index ac90d3fe82..c21d5a9120 100644
--- a/docs/INTERNALS.md
+++ b/docs/INTERNALS.md
@@ -24,7 +24,7 @@ versions of libs and build tools.
 
  We aim to support these or later versions.
 
- - OpenSSL      1.0.2a
+ - OpenSSL      3.0.0
  - LibreSSL     2.9.1
  - GnuTLS       3.1.10
  - mbedTLS      3.2.0
diff --git a/lib/curl_sha512_256.c b/lib/curl_sha512_256.c
index 0d2cd3c3f9..070d1722cb 100644
--- a/lib/curl_sha512_256.c
+++ b/lib/curl_sha512_256.c
@@ -40,10 +40,8 @@
 
 #ifdef USE_OPENSSL
 #  include 
-#  if (!defined(LIBRESSL_VERSION_NUMBER) && \
-       OPENSSL_VERSION_NUMBER >= 0x10101000L) || \
-      (defined(LIBRESSL_VERSION_NUMBER) && \
-       LIBRESSL_VERSION_NUMBER >= 0x3080000fL)
+#  if !defined(LIBRESSL_VERSION_NUMBER) || \
+  (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3080000fL)
 #    include 
 #    if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA512)
 #      include 
diff --git a/lib/dllmain.c b/lib/dllmain.c
index d871a52484..011090589b 100644
--- a/lib/dllmain.c
+++ b/lib/dllmain.c
@@ -37,7 +37,7 @@
 
 #if defined(USE_OPENSSL) && \
   !defined(OPENSSL_IS_BORINGSSL) && !defined(OPENSSL_IS_AWSLC) && \
-  !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
+  !defined(LIBRESSL_VERSION_NUMBER)
 #define PREVENT_OPENSSL_MEMLEAK
 #endif
 
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index f7a5727a11..72ca0f6cb3 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -108,8 +108,10 @@
 #  if LIBRESSL_VERSION_NUMBER < 0x2090100fL /* 2019-04-13 */
 #    error "LibreSSL 2.9.1 or later required"
 #  endif
-#elif OPENSSL_VERSION_NUMBER < 0x1000201fL /* 2015-03-19 */
-#  error "OpenSSL 1.0.2a or later required"
+#elif !defined(HAVE_BORINGSSL_LIKE)
+#  ifndef HAVE_OPENSSL3 /* 2021-09-07 */
+#    error "OpenSSL 3.0.0 or later required"
+#  endif
 #endif
 
 #if defined(HAVE_OPENSSL3) && !defined(OPENSSL_NO_UI_CONSOLE)
@@ -123,8 +125,7 @@ static void ossl_provider_cleanup(struct Curl_easy *data);
 
 /* AWS-LC fixed a bug with large buffers in v1.61.0 which also introduced
  * X509_V_ERR_EC_KEY_EXPLICIT_PARAMS. */
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && \
-  !defined(LIBRESSL_VERSION_NUMBER) && !defined(OPENSSL_IS_BORINGSSL) && \
+#if !defined(LIBRESSL_VERSION_NUMBER) && !defined(OPENSSL_IS_BORINGSSL) && \
   (!defined(OPENSSL_IS_AWSLC) || defined(X509_V_ERR_EC_KEY_EXPLICIT_PARAMS))
 #define HAVE_SSL_CTX_SET_DEFAULT_READ_BUFFER_LEN 1
 #endif
@@ -137,31 +138,6 @@ static void ossl_provider_cleanup(struct Curl_easy *data);
 
 #if defined(USE_OPENSSL_ENGINE) || defined(OPENSSL_HAS_PROVIDERS)
 #include 
-
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
-#define OSSL_UI_METHOD_CAST(x) (x)
-#else
-#define OSSL_UI_METHOD_CAST(x) CURL_UNCONST(x)
-#endif
-#endif
-
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L /* OpenSSL 1.1.0+ and LibreSSL */
-#define HAVE_X509_GET0_EXTENSIONS 1 /* added in 1.1.0 -pre1 */
-#define HAVE_OPAQUE_EVP_PKEY 1 /* since 1.1.0 -pre3 */
-#define HAVE_OPAQUE_RSA_DSA_DH 1 /* since 1.1.0 -pre5 */
-#define HAVE_ERR_REMOVE_THREAD_STATE_DEPRECATED 1
-#else
-/* For OpenSSL before 1.1.0 */
-#define ASN1_STRING_get0_data(x) ASN1_STRING_data(x)
-#define X509_get0_notBefore(x) X509_get_notBefore(x)
-#define X509_get0_notAfter(x) X509_get_notAfter(x)
-#define OpenSSL_version_num() SSLeay()
-#endif
-
-#if OPENSSL_VERSION_NUMBER >= 0x10002003L && \
-  OPENSSL_VERSION_NUMBER <= 0x10002FFFL && \
-  !defined(OPENSSL_NO_COMP)
-#define HAVE_SSL_COMP_FREE_COMPRESSION_METHODS 1
 #endif
 
 #ifdef HAVE_OPENSSL3
@@ -182,8 +158,7 @@ static void ossl_provider_cleanup(struct Curl_easy *data);
  * BoringSSL: no
  * LibreSSL: supported since 3.4.1 (released 2021-10-14)
  */
-#if ((OPENSSL_VERSION_NUMBER >= 0x10101000L && \
-      !defined(LIBRESSL_VERSION_NUMBER)) || \
+#if (!defined(LIBRESSL_VERSION_NUMBER) || \
      (defined(LIBRESSL_VERSION_NUMBER) && \
       LIBRESSL_VERSION_NUMBER >= 0x3040100fL)) && \
     !defined(OPENSSL_IS_BORINGSSL)
@@ -198,7 +173,7 @@ static void ossl_provider_cleanup(struct Curl_easy *data);
  * BoringSSL: supported since 0.20240913.0 (commit 826ce15)
  * LibreSSL: no
  */
-#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
+#ifndef LIBRESSL_VERSION_NUMBER
 #define HAVE_SSL_CTX_SET1_SIGALGS
 #endif
 
@@ -224,30 +199,6 @@ typedef unsigned long sslerr_t;
 #endif
 #define ossl_valsize_t numcert_t
 
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
-/* up2date versions of OpenSSL maintain reasonably secure defaults without
- * breaking compatibility, so it is better not to override the defaults in curl
- */
-#define DEFAULT_CIPHER_SELECTION NULL
-#else
-/* not the case with old versions of OpenSSL */
-#define DEFAULT_CIPHER_SELECTION \
-  "ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH"
-#endif
-
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
-#define HAVE_RANDOM_INIT_BY_DEFAULT 1
-#endif
-
-/*
- * Whether the OpenSSL version has the API needed to support sharing an
- * X509_STORE between connections. The API is:
- * * `X509_STORE_up_ref`       -- Introduced: OpenSSL 1.1.0.
- */
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L /* OpenSSL >= 1.1.0 */
-#define HAVE_SSL_X509_STORE_SHARE
-#endif
-
 static CURLcode ossl_certchain(struct Curl_easy *data, SSL *ssl);
 
 static CURLcode push_certinfo(struct Curl_easy *data,
@@ -280,27 +231,12 @@ static CURLcode pubkey_show(struct Curl_easy *data,
   return push_certinfo(data, mem, namebuf, num);
 }
 
-#ifdef HAVE_OPAQUE_RSA_DSA_DH
 #define print_pubkey_BN(_type, _name, _num)              \
   pubkey_show(data, mem, _num, #_type, #_name, _name)
 
-#else
-#define print_pubkey_BN(_type, _name, _num)    \
-do {                              \
-  if(_type->_name) { \
-    pubkey_show(data, mem, _num, #_type, #_name, _type->_name); \
-  } \
-} while(0)
-#endif
-
 static int asn1_object_dump(const ASN1_OBJECT *a, char *buf, size_t len)
 {
-  int i;
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
-  i = i2t_ASN1_OBJECT(buf, (int)len, a);
-#else
-  i = i2t_ASN1_OBJECT(buf, (int)len, CURL_UNCONST(a));
-#endif
+  int i = i2t_ASN1_OBJECT(buf, (int)len, a);
   return (i >= (int)len);  /* buffer too small */
 }
 
@@ -310,10 +246,10 @@ static CURLcode X509V3_ext(struct Curl_easy *data,
 {
   int i;
   CURLcode result = CURLE_OK;
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-  const STACK_OF(X509_EXTENSION) *exts = extsarg;
-#else
+#ifdef LIBRESSL_VERSION_NUMBER
   STACK_OF(X509_EXTENSION) *exts = CURL_UNCONST(extsarg);
+#else
+  const STACK_OF(X509_EXTENSION) *exts = extsarg;
 #endif
 
   if((int)sk_X509_EXTENSION_num(exts) <= 0)
@@ -409,7 +345,6 @@ static CURLcode ossl_certchain(struct Curl_easy *data, SSL *ssl)
     if(result)
       break;
 
-#ifdef HAVE_X509_GET0_EXTENSIONS
     {
       const X509_ALGOR *sigalg = NULL;
       X509_PUBKEY *xpubkey = NULL;
@@ -440,28 +375,6 @@ static CURLcode ossl_certchain(struct Curl_easy *data, SSL *ssl)
       if(result)
         break;
     }
-#else
-    {
-      /* before OpenSSL 1.0.2 */
-      X509_CINF *cinf = x->cert_info;
-
-      i2a_ASN1_OBJECT(mem, cinf->signature->algorithm);
-      result = push_certinfo(data, mem, "Signature Algorithm", i);
-
-      if(!result) {
-        i2a_ASN1_OBJECT(mem, cinf->key->algor->algorithm);
-        result = push_certinfo(data, mem, "Public Key Algorithm", i);
-      }
-
-      if(!result)
-        result = X509V3_ext(data, i, cinf->extensions);
-
-      if(result)
-        break;
-
-      psig = x->signature;
-    }
-#endif
 
     ASN1_TIME_print(mem, X509_get0_notBefore(x));
     result = push_certinfo(data, mem, "Start date", i);
@@ -477,25 +390,14 @@ static CURLcode ossl_certchain(struct Curl_easy *data, SSL *ssl)
     if(!pubkey)
       infof(data, "   Unable to load public key");
     else {
-      int pktype;
-#ifdef HAVE_OPAQUE_EVP_PKEY
-      pktype = EVP_PKEY_id(pubkey);
-#else
-      pktype = pubkey->type;
-#endif
-      switch(pktype) {
+      switch(EVP_PKEY_id(pubkey)) {
       case EVP_PKEY_RSA: {
 #ifndef HAVE_EVP_PKEY_GET_PARAMS
         RSA *rsa;
-#ifdef HAVE_OPAQUE_EVP_PKEY
         rsa = EVP_PKEY_get0_RSA(pubkey);
-#else
-        rsa = pubkey->pkey.rsa;
-#endif /* HAVE_OPAQUE_EVP_PKEY */
 #endif /* !HAVE_EVP_PKEY_GET_PARAMS */
 
         {
-#ifdef HAVE_OPAQUE_RSA_DSA_DH
           DECLARE_PKEY_PARAM_BIGNUM(n);
           DECLARE_PKEY_PARAM_BIGNUM(e);
 #ifdef HAVE_EVP_PKEY_GET_PARAMS
@@ -505,9 +407,6 @@ static CURLcode ossl_certchain(struct Curl_easy *data, SSL *ssl)
           RSA_get0_key(rsa, &n, &e, NULL);
 #endif /* HAVE_EVP_PKEY_GET_PARAMS */
           BIO_printf(mem, "%d", n ? BN_num_bits(n) : 0);
-#else
-          BIO_printf(mem, "%d", rsa->n ? BN_num_bits(rsa->n) : 0);
-#endif /* HAVE_OPAQUE_RSA_DSA_DH */
           result = push_certinfo(data, mem, "RSA Public Key", i);
           if(result)
             break;
@@ -523,15 +422,9 @@ static CURLcode ossl_certchain(struct Curl_easy *data, SSL *ssl)
       {
 #ifndef OPENSSL_NO_DSA
 #ifndef HAVE_EVP_PKEY_GET_PARAMS
-        DSA *dsa;
-#ifdef HAVE_OPAQUE_EVP_PKEY
-        dsa = EVP_PKEY_get0_DSA(pubkey);
-#else
-        dsa = pubkey->pkey.dsa;
-#endif /* HAVE_OPAQUE_EVP_PKEY */
+        DSA *dsa = EVP_PKEY_get0_DSA(pubkey);
 #endif /* !HAVE_EVP_PKEY_GET_PARAMS */
         {
-#ifdef HAVE_OPAQUE_RSA_DSA_DH
           DECLARE_PKEY_PARAM_BIGNUM(p);
           DECLARE_PKEY_PARAM_BIGNUM(q);
           DECLARE_PKEY_PARAM_BIGNUM(g);
@@ -545,7 +438,6 @@ static CURLcode ossl_certchain(struct Curl_easy *data, SSL *ssl)
           DSA_get0_pqg(dsa, &p, &q, &g);
           DSA_get0_key(dsa, &pub_key, NULL);
 #endif /* HAVE_EVP_PKEY_GET_PARAMS */
-#endif /* HAVE_OPAQUE_RSA_DSA_DH */
           print_pubkey_BN(dsa, p, i);
           print_pubkey_BN(dsa, q, i);
           print_pubkey_BN(dsa, g, i);
@@ -560,15 +452,9 @@ static CURLcode ossl_certchain(struct Curl_easy *data, SSL *ssl)
       }
       case EVP_PKEY_DH: {
 #ifndef HAVE_EVP_PKEY_GET_PARAMS
-        DH *dh;
-#ifdef HAVE_OPAQUE_EVP_PKEY
-        dh = EVP_PKEY_get0_DH(pubkey);
-#else
-        dh = pubkey->pkey.dh;
-#endif /* HAVE_OPAQUE_EVP_PKEY */
+        DH *dh = EVP_PKEY_get0_DH(pubkey);
 #endif /* !HAVE_EVP_PKEY_GET_PARAMS */
         {
-#ifdef HAVE_OPAQUE_RSA_DSA_DH
           DECLARE_PKEY_PARAM_BIGNUM(p);
           DECLARE_PKEY_PARAM_BIGNUM(q);
           DECLARE_PKEY_PARAM_BIGNUM(g);
@@ -585,10 +471,6 @@ static CURLcode ossl_certchain(struct Curl_easy *data, SSL *ssl)
           print_pubkey_BN(dh, p, i);
           print_pubkey_BN(dh, q, i);
           print_pubkey_BN(dh, g, i);
-#else
-          print_pubkey_BN(dh, p, i);
-          print_pubkey_BN(dh, g, i);
-#endif /* HAVE_OPAQUE_RSA_DSA_DH */
           print_pubkey_BN(dh, pub_key, i);
           FREE_PKEY_PARAM_BIGNUM(p);
           FREE_PKEY_PARAM_BIGNUM(q);
@@ -626,21 +508,10 @@ static CURLcode ossl_certchain(struct Curl_easy *data, SSL *ssl)
 
 #ifdef USE_OPENSSL
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-#define BIO_set_init(x,v)          ((x)->init=(v))
-#define BIO_get_data(x)            ((x)->ptr)
-#define BIO_set_data(x,v)          ((x)->ptr=(v))
-#define BIO_get_shutdown(x)        ((x)->shutdown)
-#define BIO_set_shutdown(x,v)      ((x)->shutdown=(v))
-#endif /* HAVE_PRE_1_1_API */
-
 static int ossl_bio_cf_create(BIO *bio)
 {
   BIO_set_shutdown(bio, 1);
   BIO_set_init(bio, 1);
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-  bio->num = -1;
-#endif
   BIO_set_data(bio, NULL);
   return 1;
 }
@@ -759,30 +630,6 @@ static int ossl_bio_cf_in_read(BIO *bio, char *buf, int blen)
   return result ? -1 : (int)nread;
 }
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-
-static BIO_METHOD ossl_bio_cf_meth_1_0 = {
-  BIO_TYPE_MEM,
-  "OpenSSL CF BIO",
-  ossl_bio_cf_out_write,
-  ossl_bio_cf_in_read,
-  NULL,                    /* puts is never called */
-  NULL,                    /* gets is never called */
-  ossl_bio_cf_ctrl,
-  ossl_bio_cf_create,
-  ossl_bio_cf_destroy,
-  NULL
-};
-
-static BIO_METHOD *ossl_bio_cf_method_create(void)
-{
-  return &ossl_bio_cf_meth_1_0;
-}
-
-#define ossl_bio_cf_method_free(m) Curl_nop_stmt
-
-#else
-
 static BIO_METHOD *ossl_bio_cf_method_create(void)
 {
   BIO_METHOD *m = BIO_meth_new(BIO_TYPE_MEM, "OpenSSL CF BIO");
@@ -802,9 +649,6 @@ static void ossl_bio_cf_method_free(BIO_METHOD *m)
     BIO_meth_free(m);
 }
 
-#endif
-
-
 #ifdef HAVE_KEYLOG_CALLBACK
 static void ossl_keylog_callback(const SSL *ssl, const char *line)
 {
@@ -834,19 +678,9 @@ ossl_log_tls12_secret(const SSL *ssl, bool *keylog_done)
     return;
   }
 
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
-  /* ssl->s3 is not checked in OpenSSL 1.1.0-pre6, but let's assume that
-   * we have a valid SSL context if we have a non-NULL session. */
   SSL_get_client_random(ssl, client_random, SSL3_RANDOM_SIZE);
   master_key_length = (int)
     SSL_SESSION_get_master_key(session, master_key, SSL_MAX_MASTER_KEY_LENGTH);
-#else
-  if(ssl->s3 && session->master_key_length > 0) {
-    master_key_length = session->master_key_length;
-    memcpy(master_key, session->master_key, session->master_key_length);
-    memcpy(client_random, ssl->s3->client_random, SSL3_RANDOM_SIZE);
-  }
-#endif
 
   ERR_pop_to_mark();
 
@@ -968,58 +802,8 @@ static CURLcode ossl_seed(struct Curl_easy *data)
       data->multi->ssl_seeded = TRUE;
     return CURLE_OK;
   }
-#ifdef HAVE_RANDOM_INIT_BY_DEFAULT
-  /* with OpenSSL 1.1.0+, a failed RAND_status is a showstopper */
   failf(data, "Insufficient randomness");
   return CURLE_SSL_CONNECT_ERROR;
-#else
-
-  /* fallback to a custom seeding of the PRNG using a hash based on a current
-     time */
-  do {
-    unsigned char randb[64];
-    size_t len = sizeof(randb);
-    size_t i, i_max;
-    for(i = 0, i_max = len / sizeof(struct curltime); i < i_max; ++i) {
-      struct curltime tv = curlx_now();
-      curlx_wait_ms(1);
-      tv.tv_sec *= (time_t)i + 1;
-      tv.tv_usec *= (int)i + 2;
-      tv.tv_sec ^= ((curlx_now().tv_sec + (time_t)curlx_now().tv_usec) *
-                    (time_t)(i + 3)) << 8;
-      tv.tv_usec ^= (int) ((curlx_now().tv_sec + (time_t)curlx_now().tv_usec) *
-                           (time_t)(i + 4)) << 16;
-      memcpy(&randb[i * sizeof(struct curltime)], &tv,
-             sizeof(struct curltime));
-    }
-    RAND_add(randb, (int)len, (double)len/2);
-  } while(!rand_enough());
-
-  /*
-   * Number of bytes to read from the random number seed file. This must be
-   * a finite value (because some entropy "files" like /dev/urandom have
-   * an infinite length), but must be large enough to provide enough
-   * entropy to properly seed OpenSSL's PRNG.
-   */
-#  define RAND_LOAD_LENGTH 1024
-
-  {
-    /* generates a default path for the random seed file */
-    char fname[256];
-    fname[0] = 0; /* blank it first */
-    RAND_file_name(fname, sizeof(fname));
-    if(fname[0]) {
-      /* we got a filename to try */
-      RAND_load_file(fname, RAND_LOAD_LENGTH);
-      if(rand_enough())
-        return CURLE_OK;
-    }
-  }
-
-  infof(data, "libcurl is now using a weak random seed");
-  return rand_enough() ? CURLE_OK :
-         CURLE_SSL_CONNECT_ERROR; /* confusing error code */
-#endif
 }
 
 #ifndef SSL_FILETYPE_ENGINE
@@ -1247,7 +1031,7 @@ static int enginecheck(struct Curl_easy *data,
 
   if(data->state.engine) {
     UI_METHOD *ui_method =
-      UI_create_method(OSSL_UI_METHOD_CAST("curl user interface"));
+      UI_create_method("curl user interface");
     if(!ui_method) {
       failf(data, "unable to create " OSSL_PACKAGE " user-interface method");
       return 0;
@@ -1309,7 +1093,7 @@ static int providercheck(struct Curl_easy *data,
     OSSL_STORE_CTX *store = NULL;
     OSSL_STORE_INFO *info = NULL;
     UI_METHOD *ui_method =
-      UI_create_method(OSSL_UI_METHOD_CAST("curl user interface"));
+      UI_create_method("curl user interface");
     if(!ui_method) {
       failf(data, "unable to create " OSSL_PACKAGE " user-interface method");
       return 0;
@@ -1797,13 +1581,7 @@ static CURLcode client_cert(struct Curl_easy *data,
       /* If RSA is used, do not check the private key if its flags indicate
        * it does not support it. */
       EVP_PKEY *priv_key = SSL_get_privatekey(ssl);
-      int pktype;
-#ifdef HAVE_OPAQUE_EVP_PKEY
-      pktype = EVP_PKEY_id(priv_key);
-#else
-      pktype = priv_key->type;
-#endif
-      if(pktype == EVP_PKEY_RSA) {
+      if(EVP_PKEY_id(priv_key) == EVP_PKEY_RSA) {
         RSA *rsa = EVP_PKEY_get1_RSA(priv_key);
         if(RSA_flags(rsa) & RSA_METHOD_FLAG_NO_CHECK)
           check_privkey = FALSE;
@@ -1861,7 +1639,6 @@ static CURLcode x509_name_oneline(X509_NAME *a, struct dynbuf *d)
  */
 static int ossl_init(void)
 {
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
   const uint64_t flags =
 #ifdef OPENSSL_INIT_ENGINE_ALL_BUILTIN
     /* not present in BoringSSL */
@@ -1874,28 +1651,6 @@ static int ossl_init(void)
 #endif
     0;
   OPENSSL_init_ssl(flags, NULL);
-#else
-  OPENSSL_load_builtin_modules();
-
-#ifdef USE_OPENSSL_ENGINE
-  ENGINE_load_builtin_engines();
-#endif
-
-#ifndef CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG
-  CONF_modules_load_file(NULL, NULL,
-                         CONF_MFLAGS_DEFAULT_SECTION|
-                         CONF_MFLAGS_IGNORE_MISSING_FILE);
-#endif
-
-  /* Let's get nice error messages */
-  SSL_load_error_strings();
-
-  /* Init the global ciphers and digests */
-  if(!SSLeay_add_ssl_algorithms())
-    return 0;
-
-  OpenSSL_add_all_algorithms();
-#endif
 
   Curl_tls_keylog_open();
 
@@ -1905,32 +1660,6 @@ static int ossl_init(void)
 /* Global cleanup */
 static void ossl_cleanup(void)
 {
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
-  /* OpenSSL 1.1 deprecates all these cleanup functions and
-     turns them into no-ops in OpenSSL 1.0 compatibility mode */
-#else
-  /* Free ciphers and digests lists */
-  EVP_cleanup();
-
-#ifdef USE_OPENSSL_ENGINE
-  /* Free engine list */
-  ENGINE_cleanup();
-#endif
-
-  /* Free OpenSSL error strings */
-  ERR_free_strings();
-
-  /* Free thread local error state, destroying hash upon zero refcount */
-  ERR_remove_thread_state(NULL);
-
-  /* Free all memory allocated by all configuration modules */
-  CONF_modules_free();
-
-#ifdef HAVE_SSL_COMP_FREE_COMPRESSION_METHODS
-  SSL_COMP_free_compression_methods();
-#endif
-#endif
-
   Curl_tls_keylog_close();
 }
 
@@ -2284,13 +2013,6 @@ static void ossl_close_all(struct Curl_easy *data)
 #ifdef OPENSSL_HAS_PROVIDERS
   ossl_provider_cleanup(data);
 #endif
-#ifndef HAVE_ERR_REMOVE_THREAD_STATE_DEPRECATED
-  /* OpenSSL 1.0.1 and 1.0.2 build an error queue that is stored per-thread
-     so we need to clean it here in case the thread will be killed. All OpenSSL
-     code should extract the error in association with the error so clearing
-     this queue here should be harmless at worst. */
-  ERR_remove_thread_state(NULL);
-#endif
 }
 
 /* ====================================================== */
@@ -2777,7 +2499,7 @@ static void ossl_trace(int direction, int ssl_ver, int content_type,
                        const void *buf, size_t len, SSL *ssl,
                        void *userp)
 {
-  const char *verstr = "???";
+  const char *verstr;
   struct Curl_cfilter *cf = userp;
   struct Curl_easy *data = NULL;
   char unknown[32];
@@ -2812,13 +2534,9 @@ static void ossl_trace(int direction, int ssl_ver, int content_type,
     verstr = "TLSv1.2";
     break;
 #endif
-#ifdef TLS1_3_VERSION  /* OpenSSL 1.1.1+, all forks */
   case TLS1_3_VERSION:
     verstr = "TLSv1.3";
     break;
-#endif
-  case 0:
-    break;
   default:
     curl_msnprintf(unknown, sizeof(unknown), "(%x)", ssl_ver);
     verstr = unknown;
@@ -2884,7 +2602,6 @@ static void ossl_trace(int direction, int ssl_ver, int content_type,
 #  define HAS_ALPN_OPENSSL
 #endif
 
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L /* 1.1.0 */
 static CURLcode
 ossl_set_ssl_version_min_max(struct Curl_cfilter *cf, SSL_CTX *ctx,
                              unsigned int ssl_version_min)
@@ -2916,12 +2633,8 @@ ossl_set_ssl_version_min_max(struct Curl_cfilter *cf, SSL_CTX *ctx,
     ossl_ssl_version_min = TLS1_2_VERSION;
     break;
   case CURL_SSLVERSION_TLSv1_3:
-#ifdef TLS1_3_VERSION
     ossl_ssl_version_min = TLS1_3_VERSION;
     break;
-#else
-    return CURLE_NOT_BUILT_IN;
-#endif
   }
 
   /* ... then, TLS max version */
@@ -2938,11 +2651,9 @@ ossl_set_ssl_version_min_max(struct Curl_cfilter *cf, SSL_CTX *ctx,
   case CURL_SSLVERSION_MAX_TLSv1_2:
     ossl_ssl_version_max = TLS1_2_VERSION;
     break;
-#ifdef TLS1_3_VERSION
   case CURL_SSLVERSION_MAX_TLSv1_3:
     ossl_ssl_version_max = TLS1_3_VERSION;
     break;
-#endif
   case CURL_SSLVERSION_MAX_NONE:  /* none selected */
   case CURL_SSLVERSION_MAX_DEFAULT:  /* max selected */
   default:
@@ -2959,80 +2670,15 @@ ossl_set_ssl_version_min_max(struct Curl_cfilter *cf, SSL_CTX *ctx,
 
   return CURLE_OK;
 }
-#endif
 
 #ifdef HAVE_BORINGSSL_LIKE
 typedef uint32_t ctx_option_t;
 #elif defined(HAVE_OPENSSL3)
 typedef uint64_t ctx_option_t;
-#elif OPENSSL_VERSION_NUMBER >= 0x10100000L && \
-  !defined(LIBRESSL_VERSION_NUMBER)
-typedef unsigned long ctx_option_t;
-#else
+#elif defined(LIBRESSL_VERSION_NUMBER)
 typedef long ctx_option_t;
-#endif
-
-#if OPENSSL_VERSION_NUMBER < 0x10100000L /* 1.1.0 */
-static CURLcode
-ossl_set_ssl_version_min_max_legacy(ctx_option_t *ctx_options,
-                                    struct Curl_cfilter *cf,
-                                    struct Curl_easy *data)
-{
-  struct ssl_primary_config *conn_config = Curl_ssl_cf_get_primary_config(cf);
-  long ssl_version = conn_config->version;
-  long ssl_version_max = conn_config->version_max;
-
-  (void)data; /* In case it is unused. */
-
-  switch(ssl_version) {
-  case CURL_SSLVERSION_TLSv1_3:
-#ifdef TLS1_3_VERSION
-  {
-    struct ssl_connect_data *connssl = cf->ctx;
-    struct ossl_ctx *octx = (struct ossl_ctx *)connssl->backend;
-    DEBUGASSERT(octx);
-    SSL_CTX_set_max_proto_version(octx->ssl_ctx, TLS1_3_VERSION);
-    *ctx_options |= SSL_OP_NO_TLSv1_2;
-  }
 #else
-  (void)ctx_options;
-  failf(data, OSSL_PACKAGE " was built without TLS 1.3 support");
-  return CURLE_NOT_BUILT_IN;
-#endif
-  FALLTHROUGH();
-  case CURL_SSLVERSION_TLSv1_2:
-    *ctx_options |= SSL_OP_NO_TLSv1_1;
-    FALLTHROUGH();
-  case CURL_SSLVERSION_TLSv1_1:
-    *ctx_options |= SSL_OP_NO_TLSv1;
-    FALLTHROUGH();
-  case CURL_SSLVERSION_TLSv1_0:
-  case CURL_SSLVERSION_TLSv1:
-    break;
-  }
-
-  switch(ssl_version_max) {
-  case CURL_SSLVERSION_MAX_TLSv1_0:
-    *ctx_options |= SSL_OP_NO_TLSv1_1;
-    FALLTHROUGH();
-  case CURL_SSLVERSION_MAX_TLSv1_1:
-    *ctx_options |= SSL_OP_NO_TLSv1_2;
-    FALLTHROUGH();
-  case CURL_SSLVERSION_MAX_TLSv1_2:
-#ifdef TLS1_3_VERSION
-    *ctx_options |= SSL_OP_NO_TLSv1_3;
-#endif
-    break;
-  case CURL_SSLVERSION_MAX_TLSv1_3:
-#ifdef TLS1_3_VERSION
-    break;
-#else
-    failf(data, OSSL_PACKAGE " was built without TLS 1.3 support");
-    return CURLE_NOT_BUILT_IN;
-#endif
-  }
-  return CURLE_OK;
-}
+typedef unsigned long ctx_option_t;
 #endif
 
 CURLcode Curl_ossl_add_session(struct Curl_cfilter *cf,
@@ -3538,8 +3184,6 @@ static CURLcode ossl_populate_x509_store(struct Curl_cfilter *cf,
   return result;
 }
 
-#ifdef HAVE_SSL_X509_STORE_SHARE
-
 /* key to use at `multi->proto_hash` */
 #define MPROTO_OSSL_X509_KEY   "tls:ossl:x509:share"
 
@@ -3706,25 +3350,6 @@ CURLcode Curl_ssl_setup_x509_store(struct Curl_cfilter *cf,
 
   return result;
 }
-#else /* HAVE_SSL_X509_STORE_SHARE */
-CURLcode Curl_ssl_setup_x509_store(struct Curl_cfilter *cf,
-                                   struct Curl_easy *data,
-                                   struct ossl_ctx *octx)
-{
-  CURLcode result;
-  X509_STORE *store;
-
-  ERR_set_mark();
-
-  store = SSL_CTX_get_cert_store(octx->ssl_ctx);
-  result = ossl_populate_x509_store(cf, data, octx, store);
-
-  ERR_pop_to_mark();
-
-  return result;
-}
-#endif /* HAVE_SSL_X509_STORE_SHARE */
-
 
 static CURLcode
 ossl_init_session_and_alpns(struct ossl_ctx *octx,
@@ -4020,11 +3645,7 @@ static CURLcode ossl_init_method(struct Curl_cfilter *cf,
     case CURL_SSLVERSION_TLSv1_2:
     case CURL_SSLVERSION_TLSv1_3:
       /* it will be handled later with the context options */
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
       *pmethod = TLS_client_method();
-#else
-      *pmethod = SSLv23_client_method();
-#endif
       break;
     case CURL_SSLVERSION_SSLv2:
       failf(data, "No SSLv2 support");
@@ -4048,10 +3669,8 @@ static CURLcode ossl_init_method(struct Curl_cfilter *cf,
 
 #ifdef USE_OPENSSL_QUIC
     *pmethod = OSSL_QUIC_client_method();
-#elif (OPENSSL_VERSION_NUMBER >= 0x10100000L)
-    *pmethod = TLS_method();
 #else
-    *pmethod = SSLv23_client_method();
+    *pmethod = TLS_method();
 #endif
     break;
   default:
@@ -4187,11 +3806,7 @@ CURLcode Curl_ossl_ctx_init(struct ossl_ctx *octx,
     ctx_options |= SSL_OP_NO_SSLv2;
     ctx_options |= SSL_OP_NO_SSLv3;
 
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L /* 1.1.0 */
     result = ossl_set_ssl_version_min_max(cf, octx->ssl_ctx, ssl_version_min);
-#else
-    result = ossl_set_ssl_version_min_max_legacy(&ctx_options, cf, data);
-#endif
     if(result)
       return result;
     break;
@@ -4222,7 +3837,7 @@ CURLcode Curl_ossl_ctx_init(struct ossl_ctx *octx,
 
   ciphers = conn_config->cipher_list;
   if(!ciphers && (peer->transport != TRNSPRT_QUIC))
-    ciphers = DEFAULT_CIPHER_SELECTION;
+    ciphers = NULL;
   if(ciphers && (ssl_version_min < CURL_SSLVERSION_TLSv1_3)) {
     if(!SSL_CTX_set_cipher_list(octx->ssl_ctx, ciphers)) {
       failf(data, "failed setting cipher list: %s", ciphers);
@@ -4829,9 +4444,8 @@ static CURLcode ossl_pkp_pin_peer_pubkey(struct Curl_easy *data, X509* cert,
   return result;
 }
 
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L &&  \
-  !(defined(LIBRESSL_VERSION_NUMBER) && \
-    LIBRESSL_VERSION_NUMBER < 0x3060000fL) && \
+#if !(defined(LIBRESSL_VERSION_NUMBER) && \
+  LIBRESSL_VERSION_NUMBER < 0x3060000fL) && \
   !defined(HAVE_BORINGSSL_LIKE) && !defined(CURL_DISABLE_VERBOSE_STRINGS)
 static void infof_certstack(struct Curl_easy *data, const SSL *ssl)
 {
@@ -5650,8 +5264,6 @@ out:
 static CURLcode ossl_get_channel_binding(struct Curl_easy *data, int sockindex,
                                          struct dynbuf *binding)
 {
-  /* required for X509_get_signature_nid support */
-#if OPENSSL_VERSION_NUMBER > 0x10100000L
   X509 *cert;
   int algo_nid;
   const EVP_MD *algo_type;
@@ -5726,13 +5338,6 @@ static CURLcode ossl_get_channel_binding(struct Curl_easy *data, int sockindex,
 error:
   X509_free(cert);
   return result;
-#else
-  /* No X509_get_signature_nid support */
-  (void)data;
-  (void)sockindex;
-  (void)binding;
-  return CURLE_OK;
-#endif
 }
 
 size_t Curl_ossl_version(char *buffer, size_t size)
@@ -5761,41 +5366,9 @@ size_t Curl_ossl_version(char *buffer, size_t size)
 #elif defined(OPENSSL_IS_AWSLC)
   return curl_msnprintf(buffer, size, "%s/%s",
                         OSSL_PACKAGE, AWSLC_VERSION_NUMBER_STRING);
-#elif defined(OPENSSL_VERSION_STRING)  /* OpenSSL 3+ */
+#else /* OpenSSL 3+ */
   return curl_msnprintf(buffer, size, "%s/%s",
                         OSSL_PACKAGE, OpenSSL_version(OPENSSL_VERSION_STRING));
-#else
-  /* not LibreSSL, BoringSSL and not using OpenSSL_version */
-
-  char sub[3];
-  unsigned long ssleay_value;
-  sub[2]='\0';
-  sub[1]='\0';
-  ssleay_value = OpenSSL_version_num();
-  if(ssleay_value&0xff0) {
-    int minor_ver = (ssleay_value >> 4) & 0xff;
-    if(minor_ver > 26) {
-      /* handle extended version introduced for 0.9.8za */
-      sub[1] = (char) ((minor_ver - 1) % 26 + 'a' + 1);
-      sub[0] = 'z';
-    }
-    else {
-      sub[0] = (char) (minor_ver + 'a' - 1);
-    }
-  }
-  else
-    sub[0]='\0';
-
-  return curl_msnprintf(buffer, size, "%s/%lx.%lx.%lx%s"
-#ifdef OPENSSL_FIPS
-                        "-fips"
-#endif
-                        ,
-                        OSSL_PACKAGE,
-                        (ssleay_value >> 28) & 0xf,
-                        (ssleay_value >> 20) & 0xff,
-                        (ssleay_value >> 12) & 0xff,
-                        sub);
 #endif
 }
 
diff --git a/lib/vtls/openssl.h b/lib/vtls/openssl.h
index 021d754a62..5b6f35396d 100644
--- a/lib/vtls/openssl.h
+++ b/lib/vtls/openssl.h
@@ -51,8 +51,7 @@
  * BoringSSL: supported since d28f59c27bac (committed 2015-11-19)
  * LibreSSL: not supported. 3.5.0+ has a stub function that does nothing.
  */
-#if (OPENSSL_VERSION_NUMBER >= 0x10101000L && \
-  !defined(LIBRESSL_VERSION_NUMBER)) || defined(HAVE_BORINGSSL_LIKE)
+#if !defined(LIBRESSL_VERSION_NUMBER) || defined(HAVE_BORINGSSL_LIKE)
 #define HAVE_KEYLOG_CALLBACK
 #endif
 
diff --git a/m4/curl-openssl.m4 b/m4/curl-openssl.m4
index 18c929e2b2..c34268ca94 100644
--- a/m4/curl-openssl.m4
+++ b/m4/curl-openssl.m4
@@ -282,23 +282,22 @@ if test "x$OPT_OPENSSL" != xno; then
       AC_MSG_RESULT([no])
     ])
 
-    AC_MSG_CHECKING([for OpenSSL >= v3])
-    AC_COMPILE_IFELSE([
-      AC_LANG_PROGRAM([[
-        #include 
-      ]],[[
-        #if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
-        return 0;
-        #else
-        #error older than 3
-        #endif
-      ]])
-    ],[
-      AC_MSG_RESULT([yes])
-      ssl_msg="OpenSSL v3+"
-    ],[
-      AC_MSG_RESULT([no])
-    ])
+    if test "$ssl_msg" = 'OpenSSL'; then
+      AC_MSG_CHECKING([for OpenSSL >= v3])
+      AC_COMPILE_IFELSE([
+        AC_LANG_PROGRAM([[
+          #include 
+        ]],[[
+          #if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
+          return 0;
+          #else
+          #error older than 3
+          #endif
+        ]])
+      ],[],[
+        AC_MSG_ERROR([OpenSSL 3.0.0 or upper required.])
+      ])
+    fi
   fi
 
   dnl is this OpenSSL (fork) providing the original QUIC API?

From bb213bd76915368ac49c5db9da9d6462c6b8e6cf Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sat, 15 Nov 2025 19:33:37 +0100
Subject: [PATCH 0864/2408] DEPRECATE.md: move OpenSSL to past removals

Follow-up to 69c89bf3d3137fcbb2b8bc57233182adcf1e2817 #18330

Closes #19542
---
 docs/DEPRECATE.md | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)

diff --git a/docs/DEPRECATE.md b/docs/DEPRECATE.md
index 102969e4b1..3e30be0cfb 100644
--- a/docs/DEPRECATE.md
+++ b/docs/DEPRECATE.md
@@ -23,14 +23,6 @@ Making the new minimum target Windows version Vista / Server 2008.
 
 In March 2026, we drop support for all c-ares versions before 1.16.0.
 
-## OpenSSL 1.0.2
-
-OpenSSL and others only ship fixes for this version to paying customers,
-meaning users of the free version risk being vulnerable.
-
-We remove support for this OpenSSL version from curl in December 2025.
-
-## OpenSSL 1.1.1
 
 OpenSSL and others only ship fixes to paying customers, meaning users of the
 free version risk being vulnerable.
@@ -84,3 +76,4 @@ Support for RTMP in libcurl gets removed in April 2026.
  - winbuild build system (removed in 8.17.0)
  - Windows CE (removed in 8.18.0)
  - Support for Visual Studio 2008 (removed in 8.18.0)
+ - OpenSSL 1.1.1 and older (removed in 8.18.0)

From dbe06f38ae34ec43a373c74d65474480ac49191e Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sat, 15 Nov 2025 22:32:56 +0100
Subject: [PATCH 0865/2408] DEPRECATE.md: move OpenSSL to past removals (fixup)

Follow-up to bb213bd76915368ac49c5db9da9d6462c6b8e6cf #19542
---
 docs/DEPRECATE.md | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/docs/DEPRECATE.md b/docs/DEPRECATE.md
index 3e30be0cfb..1629af1fff 100644
--- a/docs/DEPRECATE.md
+++ b/docs/DEPRECATE.md
@@ -23,12 +23,6 @@ Making the new minimum target Windows version Vista / Server 2008.
 
 In March 2026, we drop support for all c-ares versions before 1.16.0.
 
-
-OpenSSL and others only ship fixes to paying customers, meaning users of the
-free version risk being vulnerable.
-
-We remove support for this OpenSSL version from curl in December 2025.
-
 ## OpenSSL-QUIC
 
 OpenSSL-QUIC is what we call the curl QUIC backend that uses the OpenSSL QUIC

From 8ba10a790a39dd48536c38e1d4569ab9fac537a1 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sun, 16 Nov 2025 00:18:31 +0100
Subject: [PATCH 0866/2408] CI: bump Circle CI jobs to Ubuntu 22.04 runners for
 OpenSSL 3

Ref: https://packages.ubuntu.com/jammy/libssl-dev

Follow-up to 69c89bf3d3137fcbb2b8bc57233182adcf1e2817 #18330

Closes #19546
---
 .circleci/config.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 63eae308c4..8e015bf7e9 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -118,7 +118,7 @@ commands:
 executors:
   ubuntu:
     machine:
-      image: ubuntu-2004:2024.01.1
+      image: ubuntu-2204:2025.09.1
 
 jobs:
   basic:
@@ -161,7 +161,7 @@ jobs:
 
   arm:
     machine:
-      image: ubuntu-2004:2024.01.1
+      image: ubuntu-2204:2025.09.1
     resource_class: arm.medium
     steps:
       - checkout
@@ -172,7 +172,7 @@ jobs:
 
   arm-cares:
     machine:
-      image: ubuntu-2004:2024.01.1
+      image: ubuntu-2204:2025.09.1
     resource_class: arm.medium
     steps:
       - checkout

From 6225d7ba2f7dcad322776fc1cadae63e530de705 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sun, 16 Nov 2025 00:22:59 +0100
Subject: [PATCH 0867/2408] CI: drop no longer used `install-wolfssl` step in
 Circle CI

Follow-up to b011e3fcfb06d6c0278595ee2ee297036fbe9793 #18700

Closes #19547
---
 .circleci/config.yml | 14 --------------
 1 file changed, 14 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 8e015bf7e9..680949c2b5 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -47,20 +47,6 @@ commands:
             sudo apt-get update && sudo apt-get install -y libpsl-dev libbrotli-dev libzstd-dev zlib1g-dev python3-pip libpsl-dev
             sudo python3 -m pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary -r tests/requirements.txt
 
-  install-wolfssl:
-    steps:
-      - run:
-          command: |
-            # renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?.+)-stable$ registryUrl=https://github.com
-            WOLFSSL_VERSION=5.8.0
-            echo "Installing wolfSSL $WOLFSSL_VERSION"
-            curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \
-              --location "https://github.com/wolfSSL/wolfssl/archive/v$WOLFSSL_VERSION-stable.tar.gz" | tar -xz
-            cd wolfssl-$WOLFSSL_VERSION-stable
-            ./autogen.sh
-            ./configure --disable-dependency-tracking --enable-tls13 --enable-all --enable-harden --prefix=$HOME/wssl
-            make install
-
   configure:
     steps:
       - run:

From 4c76cdc157651b857ab142d97cf0380809745930 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sat, 1 Nov 2025 02:20:32 +0100
Subject: [PATCH 0868/2408] runtests: drop Python 2 support remains

Used in the test SMB and telnet servers.

Closes #19544
---
 tests/smbserver.py | 9 +--------
 tests/util.py      | 3 ---
 2 files changed, 1 insertion(+), 11 deletions(-)

diff --git a/tests/smbserver.py b/tests/smbserver.py
index bbaea6069e..1fc76f3416 100755
--- a/tests/smbserver.py
+++ b/tests/smbserver.py
@@ -23,9 +23,6 @@
 #
 """Server for testing SMB."""
 
-from __future__ import (absolute_import, division, print_function,
-                        unicode_literals)
-
 import argparse
 import logging
 import os
@@ -33,15 +30,11 @@ import signal
 import sys
 import tempfile
 import threading
+import configparser
 
 # Import our curl test data helper
 from util import ClosingFileHandler, TestData
 
-if sys.version_info.major >= 3:
-    import configparser
-else:
-    import ConfigParser as configparser
-
 # impacket needs to be installed in the Python environment
 try:
     import impacket  # noqa: F401
diff --git a/tests/util.py b/tests/util.py
index 8ed8c89267..4d08ecc93a 100755
--- a/tests/util.py
+++ b/tests/util.py
@@ -23,9 +23,6 @@
 #
 """Module for extracting test data from the test data folder and other utils."""
 
-from __future__ import (absolute_import, division, print_function,
-                        unicode_literals)
-
 import logging
 import os
 import re

From 517a12922e8a02caf94b70877bf65328a842b87f Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sun, 16 Nov 2025 00:42:14 +0100
Subject: [PATCH 0869/2408] GHA/linux: add missing condition for nghttp2-filc
 cache step

Follow-up to 67ef4a34f2e11aa45f0965909d0dd542643deede #19457

Closes #19548
---
 .github/workflows/linux.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml
index fd70d825ec..90376ac505 100644
--- a/.github/workflows/linux.yml
+++ b/.github/workflows/linux.yml
@@ -439,6 +439,7 @@ jobs:
           cmake --install .
 
       - name: 'cache nghttp2 (filc)'
+        if: ${{ contains(matrix.build.install_steps, 'nghttp2-filc') }}
         uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
         id: cache-nghttp2-filc
         env:

From eeff93013c1df0b4063df98f64e5e6feddf46c40 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Sat, 15 Nov 2025 23:56:31 +0100
Subject: [PATCH 0870/2408] rustls: minor adjustment of sizeof()

The mistake is harmless because it is still a size of a pointer, but
this is the correct pointer.

Acked-by: Daniel McCarney
Reported-by: pelioro on hackerone
Bug: https://hackerone.com/reports/3427460
Closes #19545
---
 lib/vtls/rustls.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c
index ab22909278..f5e3288316 100644
--- a/lib/vtls/rustls.c
+++ b/lib/vtls/rustls.c
@@ -586,7 +586,7 @@ init_config_builder(struct Curl_easy *data,
   }
 #endif /* USE_ECH */
 
-  cipher_suites = malloc(sizeof(cipher_suites) * (cipher_suites_len));
+  cipher_suites = malloc(sizeof(*cipher_suites) * (cipher_suites_len));
   if(!cipher_suites) {
     result = CURLE_OUT_OF_MEMORY;
     goto cleanup;

From 6d9c5c91b9fd5f3a2733363d1ded8f70b6c24e5d Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sun, 16 Nov 2025 01:06:24 +0100
Subject: [PATCH 0871/2408] CI: avoid restart prompt on libssh-dev install in
 CircleCI

By setting `DEBIAN_FRONTEND=noninteractive`.

Also:
- add `curl -V` step to CircleCI jobs.
- drop duplicate `libpsl` from `apt install`.
- replace sudo pip with venv, fixing a warning and syncing with GHA.
- Note that test 1459 was disabled on Ubuntu 20.04 due to past issues.
  When running on newer CircleCI Ubuntu runners (22.04 or 24.04), the
  test is not disabled, and also fails with the issue seen in the past.
  I've identified the root cause and will fix it in a separate PR.

Ref: https://circleci.com/developer/images?imageType=machine
Ref: https://discuss.circleci.com/t/ubuntu-20-04-22-04-24-04-q3-current-release/51856/7
Ref: https://app.circleci.com/pipelines/github/curl/curl/16450/workflows/af1f2a99-6452-4cc3-96c1-18a217ebabfc/jobs/155194

Follow-up to 8ba10a790a39dd48536c38e1d4569ab9fac537a1 #19546

Closes #19549
---
 .circleci/config.yml | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 680949c2b5..64fb03c875 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -38,14 +38,16 @@ commands:
     steps:
       - run:
           command: |
+            export DEBIAN_FRONTEND=noninteractive
             sudo apt-get update && sudo apt-get install -y libssh-dev
 
   install-deps:
     steps:
       - run:
           command: |
-            sudo apt-get update && sudo apt-get install -y libpsl-dev libbrotli-dev libzstd-dev zlib1g-dev python3-pip libpsl-dev
-            sudo python3 -m pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary -r tests/requirements.txt
+            sudo apt-get update && sudo apt-get install -y libpsl-dev libbrotli-dev libzstd-dev zlib1g-dev python3-pip
+            python3 -m venv ~/venv
+            ~/venv/bin/pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary -r tests/requirements.txt
 
   configure:
     steps:
@@ -95,11 +97,15 @@ commands:
   build:
     steps:
       - run: make -j3 V=1
+      - run: src/curl --disable --version
       - run: make -j3 V=1 examples
 
   test:
     steps:
-      - run: make -j3 V=1 test-ci TFLAGS='-j14'
+      - run:
+          command: |
+            source ~/venv/bin/activate
+            make -j3 V=1 test-ci TFLAGS='-j14'
 
 executors:
   ubuntu:

From ea2203c1aafb5f103b376a2b6a30965cb4d48163 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sun, 16 Nov 2025 13:14:04 +0100
Subject: [PATCH 0872/2408] GHA/codeql: limit cron job to the origin repository

To avoid running it in every fork, every week.

Closes #19552
---
 .github/workflows/codeql.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 5cbde8de05..d464562ab2 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -39,6 +39,7 @@ permissions: {}
 
 jobs:
   gha_python:
+    if: ${{ github.repository_owner == 'curl' || github.event_name != 'schedule' }}
     name: 'GHA and Python'
     runs-on: ubuntu-latest
     permissions:
@@ -58,6 +59,7 @@ jobs:
         uses: github/codeql-action/analyze@e296a935590eb16afc0c0108289f68c87e2a89a5 # v4.30.7
 
   c:
+    if: ${{ github.repository_owner == 'curl' || github.event_name != 'schedule' }}
     name: 'C'
     runs-on: ${{ matrix.platform == 'Linux' && 'ubuntu-latest' || 'windows-2022' }}
     permissions:

From c07a7f6bf82f8f9aa59d189573378e494439164a Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sun, 16 Nov 2025 19:56:39 +0100
Subject: [PATCH 0873/2408] runtests: detect bad libssh differently for test
 1459 (fixing CircleCI libssh job)

test 1459 "SFTP with corrupted known_hosts" was seen failing in the past.
To fix it, the test was automatically disabled when detecting libssh
0.9.3 or older, as in the curl CircleCI job, running on Ubuntu 20.04.
This work for a long time, until bumping the CircleCI runner to Ubuntu
22.04 (to have OpenSSL 3), where the test was running again, and failing
with the isssue seen in the past.

- Test skipped with Ubuntu 20.04 (libssh 0.9.3):
  https://app.circleci.com/pipelines/github/curl/curl/16445/workflows/7f198763-e0b0-4037-9245-4c4b40ab8726/jobs/155164
- Failure seen with Ubuntu 22.04 (libssh 0.9.6):
  https://app.circleci.com/pipelines/github/curl/curl/16452/workflows/b817a808-0fd4-40b0-8eb0-d064926efe12/jobs/155206?invite=true#step-107-211709_45
- Failure seen with Ubuntu 24.04 (libssh 0.10.6):
  https://app.circleci.com/pipelines/github/curl/curl/16455/workflows/86c631f1-3c5f-4438-b398-3df2bdab5d20/jobs/155218

Turns out the issue issue isn't libssh 0.9.3 itself, but
a CircleCI-specific default configuration in `/etc/ssh/ssh_config`:
```
# BEGIN ANSIBLE MANAGED BLOCK
Host *
StrictHostKeyChecking no     <------ this particular line
HashKnownHosts no
SendEnv LANG LC_*
# END ANSIBLE MANAGED BLOCK
```

libssh will consult configuration files on hard-coded default system
locations and alter its behavior based on settings found in them.

This libssh behavior is present in all supported versions:
https://gitlab.com/libssh/libssh-mirror/-/commit/5a2abd34ce9ad97c69906c5fb7b07e26e96fceaa
https://gitlab.com/libssh/libssh-mirror/-/tags/libssh-0.9.0

It means the existing disable logic based on libssh version worked by
coincidence, and what needs to be checked is these configurations
to decide if it's safe to run the test. Another, simpler option is
to also accept the result code 67, though in that case the test
wouldn't actually test what we want, but would pass anyway.

With the old `oldlibssh` workaround deleted, and the problematic setting
manually overridden (`StrictHostKeyChecking yes`):
- CircleCI Ubuntu 20.04 passes with 1459 enabled:
  https://app.circleci.com/pipelines/github/curl/curl/16483/workflows/87a9f389-76a2-4a32-acde-c0b411a4c842/jobs/155302
- CircleCI Ubuntu 22.04 does too:
  https://app.circleci.com/pipelines/github/curl/curl/16483/workflows/87a9f389-76a2-4a32-acde-c0b411a4c842/jobs/155303

To fix, replace the `runtests` `oldlibssh` detection logic to parse
libssh config files (instead of checking for libssh version) and disable
test 1459 based on that. Notice the detection is making a light attempt
to parse these files, and does not implement most config file features
(such as includes, quoted values and `=` operator.)

The new runtests workaround tests OK with the:
- default CircleCI configuration, disabling 1459 automatically.
- a sudoless configuration fix, with 1459 run successfully.
  Also keep setting this option in CircleCI jobs.
- a sudo configuration fix, with 1459 run successfully.
Ref: https://app.circleci.com/pipelines/github/curl/curl/16492/workflows/56f39335-97ba-412c-9a9b-3d662694375a

GHA jobs are not affected and they work fine, with 1459 running successfully
before and after this patch.

It's possible the libssh API offers ways to control config file use
and/or set the strict host checking option programatically. Maybe
to enable in debug mode (albeit CircleCI job are not debug-enabled),
or offer an option for them. It may be something for a future patch.

Follow-up to 23540923e1b09ce00dc08bab3bb3a2c0e62ba4e7 #8622
Follow-up to 4b01a57c95fd4c041dfa4a41834c761658ea89ee #8548
Follow-up to bdc664a64002a7df66f34159454844e6b6f5515f #8490
Follow-up to 7c140f6b2d90975629ba81a23acbef4363a3e6fe #8444

Ref: 6d9c5c91b9fd5f3a2733363d1ded8f70b6c24e5d #19549

Closes #19557
---
 .circleci/config.yml     |  4 ++++
 docs/tests/FILEFORMAT.md |  2 +-
 tests/data/test1459      |  5 +++--
 tests/runtests.pl        | 19 ++++++++++++++-----
 4 files changed, 22 insertions(+), 8 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 64fb03c875..30eec16e5a 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -105,6 +105,10 @@ commands:
       - run:
           command: |
             source ~/venv/bin/activate
+            # Revert a CircleCI-specific local setting that makes test 1459
+            # return 67 (CURLE_LOGIN_DENIED) instead of the
+            # expected 60 (CURLE_PEER_FAILED_VERIFICATION).
+            echo 'StrictHostKeyChecking yes' >> ~/.ssh/config
             make -j3 V=1 test-ci TFLAGS='-j14'
 
 executors:
diff --git a/docs/tests/FILEFORMAT.md b/docs/tests/FILEFORMAT.md
index 3897deb9cb..c5c1bcfe90 100644
--- a/docs/tests/FILEFORMAT.md
+++ b/docs/tests/FILEFORMAT.md
@@ -504,7 +504,7 @@ Features testable here are:
 - `large-size` (size_t is larger than 32-bit)
 - `libssh2`
 - `libssh`
-- `oldlibssh` (versions before 0.9.4)
+- `badlibssh` (libssh configuration incompatible with the test suite)
 - `libz`
 - `local-http`. The HTTP server runs on 127.0.0.1
 - `manual`
diff --git a/tests/data/test1459 b/tests/data/test1459
index e4901d74f0..6f3105e8ed 100644
--- a/tests/data/test1459
+++ b/tests/data/test1459
@@ -14,7 +14,7 @@ sftp
 
 
 sftp
-!oldlibssh
+!badlibssh
 
 
 SFTP with corrupted known_hosts
@@ -30,7 +30,8 @@ R93Ey5VtBeBblYTRlFXBWJgKFcTKBRJ/O4qBZwbUgt10AHj31i6h8NehfT19tR8wG/YCmj3KtYLHmwdz
 
 # Verify data after the test has been "shot"
 
-# old libssh installs return the wrong thing
+# badlibssh configurations return the wrong thing: 67 CURLE_LOGIN_DENIED,
+# instead of 60 CURLE_PEER_FAILED_VERIFICATION.
 
 60
 
diff --git a/tests/runtests.pl b/tests/runtests.pl
index 226573941d..e1608e0aaa 100755
--- a/tests/runtests.pl
+++ b/tests/runtests.pl
@@ -632,11 +632,20 @@ sub checksystemfeatures {
             }
             if($libcurl =~ /libssh\/([0-9.]*)\//i) {
                 $feature{"libssh"} = 1;
-                if($1 =~ /(\d+)\.(\d+).(\d+)/) {
-                    my $v = $1 * 100 + $2 * 10 + $3;
-                    if($v < 94) {
-                        # before 0.9.4
-                        $feature{"oldlibssh"} = 1;
+                # Detect simple cases of default libssh configuration files ending up
+                # setting `StrictHostKeyChecking no`. include files, quoted values,
+                # '=value' format not implemented.
+                $feature{"badlibssh"} = 0;
+                foreach my $libssh_configfile (('/etc/ssh/ssh_config', $ENV{'HOME'} . '/.ssh/config')) {
+                    if(open(my $fd, '<', $libssh_configfile)) {
+                        while(my $line = <$fd>) {
+                            chomp $line;
+                            if($line =~ /^\s*StrictHostKeyChecking\s+(yes|no)\s*$/) {
+                                $feature{"badlibssh"} = ($1 eq 'no' ? 1 : 0);
+                                last;  # Do as openssh and libssh
+                            }
+                        }
+                        close($fd);
                     }
                 }
             }

From 205a8e861ff9a05ac81d21f9589e7d2de270ff66 Mon Sep 17 00:00:00 2001
From: x2018 
Date: Mon, 17 Nov 2025 01:52:02 +0800
Subject: [PATCH 0874/2408] wolfssl: fix a potential memory leak of session

Closes #19555
---
 lib/vtls/wolfssl.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c
index 7b567fd892..a8090d1bf1 100644
--- a/lib/vtls/wolfssl.c
+++ b/lib/vtls/wolfssl.c
@@ -581,8 +581,10 @@ wssl_setup_session(struct Curl_cfilter *cf,
           bool do_early_data = FALSE;
           if(sess_reuse_cb) {
             result = sess_reuse_cb(cf, data, alpns, scs, &do_early_data);
-            if(result)
+            if(result) {
+              wolfSSL_SESSION_free(session);
               goto out;
+            }
           }
 #ifdef WOLFSSL_EARLY_DATA
           if(do_early_data) {

From f5fa8048f76ec5cc149f61ec25f123597375d07c Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Sun, 16 Nov 2025 23:38:48 +0100
Subject: [PATCH 0875/2408] RELEASE-NOTES: synced

---
 RELEASE-NOTES | 66 ++++++++++++++++++++++++++++++++++++++++++++-------
 1 file changed, 58 insertions(+), 8 deletions(-)

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 64d4988060..4bfa8d81d5 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -4,10 +4,13 @@ curl and libcurl 8.18.0
  Command line options:         273
  curl_easy_setopt() options:   308
  Public functions in libcurl:  100
- Contributors:                 3537
+ Contributors:                 3541
 
 This release includes the following changes:
 
+ o build: drop support for VS2008 (Windows) [62]
+ o build: drop Windows CE / CeGCC support [69]
+ o openssl: bump minimum OpenSSL version to 3.0.0 [60]
 
 This release includes the following bugfixes:
 
@@ -16,12 +19,19 @@ This release includes the following bugfixes:
  o autotools: drop autoconf <2.59 compatibility code (zz60-xc-ovr) [70]
  o ccsidcurl: make curl_mime_data_ccsid() use the converted size [74]
  o cf-https-connect: allocate ctx at first in cf_hc_create() [79]
+ o cf-socket: trace ignored errors [97]
  o checksrc.pl: detect assign followed by more than one space [26]
  o cmake: adjust defaults for target platforms not supporting shared libs [35]
  o cmake: disable `CURL_CA_PATH` auto-detection if `USE_APPLE_SECTRUST=ON` [16]
+ o code: minor indent fixes before closing braces [107]
+ o config2setopts: bail out if curl_url_get() returns OOM [102]
+ o config2setopts: exit if curl_url_set() fails on OOM [105]
  o conncache: silence `-Wnull-dereference` on gcc 14 RISC-V 64 [17]
+ o connect: reshuffle Curl_timeleft_ms to avoid 'redundant condition' [100]
+ o cookie: propagate errors better, cleanup the internal API [118]
  o cshutdn: acknowledge FD_SETSIZE for shutdown descriptors [25]
  o curl: fix progress meter in parallel mode [15]
+ o curl_setup.h: drop stray `#undef stat` (Windows) [103]
  o CURLINFO: remove 'get' and 'get the' from each short desc [50]
  o CURLINFO_SCHEME/PROTOCOL: they return the "scheme" for a "transfer" [48]
  o CURLINFO_TLS_SSL_PTR.md: remove CURLINFO_TLS_SESSION text [49]
@@ -31,8 +41,10 @@ This release includes the following bugfixes:
  o docs: fix checksrc `EQUALSPACE` warnings [21]
  o docs: mention umask need when curl creates files [56]
  o examples/crawler: fix variable [92]
+ o examples/multithread: fix race condition [101]
  o ftp: refactor a piece of code by merging the repeated part [40]
  o ftp: remove #ifdef for define that is always defined [76]
+ o getinfo: improve perf in debug mode [99]
  o gnutls: report accurate error when TLS-SRP is not built-in [18]
  o gtls: add return checks and optimize the code [2]
  o gtls: skip session resumption when verifystatus is set
@@ -41,12 +53,15 @@ This release includes the following bugfixes:
  o INSTALL-CMAKE.md: document static option defaults more [37]
  o krb5_sspi: unify a part of error handling [80]
  o lib: cleanup for some typos about spaces and code style [3]
+ o lib: eliminate size_t casts [112]
  o lib: fix gssapi.h include on IBMi [55]
  o lib: refactor the type of funcs which have useless return and checks [1]
  o libssh2: cleanup ssh_force_knownhost_key_type [64]
  o libssh2: replace atoi() in ssh_force_knownhost_key_type [63]
+ o limit-rate: add example using --limit-rate and --max-time together [89]
  o m4/sectrust: fix test(1) operator [4]
  o mbedtls: fix potential use of uninitialized `nread` [8]
+ o mk-ca-bundle.pl: default to SHA256 fingerprints with `-t` option [73]
  o mk-ca-bundle.pl: use `open()` with argument list to replace backticks [71]
  o mqtt: reject overly big messages [39]
  o noproxy: replace atoi with curlx_str_number [67]
@@ -59,8 +74,12 @@ This release includes the following bugfixes:
  o pytest: skip H2 tests if feature missing from curl [46]
  o rtmp: fix double-free on URL parse errors [27]
  o rtmp: precaution for a potential integer truncation [54]
+ o runtests: detect bad libssh differently for test 1459 [11]
+ o runtests: drop Python 2 support remains [45]
  o rustls: fix a potential memory issue [81]
+ o rustls: minor adjustment of sizeof() [38]
  o schannel: fix memory leak of cert_store_path on four error paths [23]
+ o schannel: replace atoi() with curlx_str_number() [119]
  o scripts: fix shellcheck SC2046 warnings [90]
  o scripts: use end-of-options marker in `find -exec` commands [87]
  o setopt: disable CURLOPT_HAPROXY_CLIENT_IP on NULL [30]
@@ -68,25 +87,32 @@ This release includes the following bugfixes:
  o sftp: fix range downloads in both SSH backends [82]
  o socks_sspi: use free() not FreeContextBuffer() [93]
  o telnet: replace atoi for BINARY handling with curlx_str_number [66]
+ o test07_22: fix flakiness [95]
  o test2045: replace HTML multi-line comment markup with `#` comments [36]
  o test363: delete stray character (typo) from a section tag [52]
  o tests/data: replace hard-coded test numbers with `%TESTNUMBER` [33]
  o tests/data: support using native newlines on disk, drop `.gitattributes` [91]
  o tests/server: do not fall back to original data file in `test2fopen()` [32]
+ o tests/server: replace `atoi()` and `atol()` with `curlx_str_number()` [110]
  o tftp: release filename if conn_get_remote_addr fails [42]
  o tool: consider (some) curl_easy_setopt errors fatal [7]
  o tool_help: add checks to avoid unsigned wrap around [14]
  o tool_ipfs: check return codes better [20]
+ o tool_operate: exit on curl_share_setopt errors [108]
  o tool_operate: remove redundant condition [19]
  o tool_operate: use curlx_str_number instead of atoi [68]
  o tool_paramhlp: refuse --proto remove all protocols [10]
  o urlapi: fix mem-leaks in curl_url_get error paths [22]
  o verify-release: update to avoid shellcheck warning SC2034 [88]
+ o vquic-tls/gnutls: call Curl_gtls_verifyserver unconditionally [96]
  o vtls: fix CURLOPT_CAPATH use [51]
  o vtls: handle possible malicious certs_num from peer [53]
+ o vtls: pinned key check [98]
  o wcurl: import v2025.11.09 [29]
  o wolfSSL: able to differentiate between IP and DNS in alt names [13]
  o wolfssl: avoid NULL dereference in OOM situation [77]
+ o wolfssl: fix a potential memory leak of session [6]
+ o wolfssl: simplify wssl_send_earlydata [111]
 
 This release includes the following known bugs:
 
@@ -99,23 +125,21 @@ For all changes ever done in curl:
 Planned upcoming removals include:
 
  o Builds using VS2008
- o OpenSSL 1.x support
  o OpenSSL-QUIC
  o Support for c-ares versions before 1.16.0
- o Support for Windows XP/2003
- o Windows CE support
 
  See https://curl.se/dev/deprecate.html
 
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 
-  Andrew Kirillov, Brad King, Dan Fandrich, Daniel Stenberg,
-  Fd929c2CE5fA on github, Gisle Vanem, Jiyong Yang, Juliusz Sosinowicz,
-  Leonardo Taccari, Patrick Monnerat, Ray Satiro, renovate[bot],
+  Aleksandr Sergeev, Andrew Kirillov, Brad King, Dan Fandrich, Daniel McCarney,
+  Daniel Stenberg, Fd929c2CE5fA on github, Gisle Vanem, Jiyong Yang,
+  Juliusz Sosinowicz, Leonardo Taccari, nait-furry, Nick Korepanov,
+  Patrick Monnerat, pelioro on hackerone, Ray Satiro, renovate[bot],
   Samuel Henrique, Stanislav Fort, Stefan Eissing, Thomas Klausner,
   Viktor Szakats, Xiaoke Wang
-  (18 contributors)
+  (23 contributors)
 
 References to bug reports and discussions on issues:
 
@@ -124,10 +148,12 @@ References to bug reports and discussions on issues:
  [3] = https://curl.se/bug/?i=19370
  [4] = https://curl.se/bug/?i=19371
  [5] = https://curl.se/bug/?i=19394
+ [6] = https://curl.se/bug/?i=19555
  [7] = https://curl.se/bug/?i=19385
  [8] = https://curl.se/bug/?i=19393
  [9] = https://curl.se/bug/?i=19389
  [10] = https://curl.se/bug/?i=19388
+ [11] = https://curl.se/bug/?i=19557
  [12] = https://curl.se/bug/?i=19426
  [13] = https://curl.se/bug/?i=19364
  [14] = https://curl.se/bug/?i=19377
@@ -152,11 +178,13 @@ References to bug reports and discussions on issues:
  [35] = https://curl.se/bug/?i=19420
  [36] = https://curl.se/bug/?i=19498
  [37] = https://curl.se/bug/?i=19419
+ [38] = https://hackerone.com/reports/3427460
  [39] = https://curl.se/bug/?i=19415
  [40] = https://curl.se/bug/?i=19411
  [41] = https://curl.se/bug/?i=19410
  [42] = https://curl.se/bug/?i=19409
  [43] = https://curl.se/bug/?i=19405
+ [45] = https://curl.se/bug/?i=19544
  [46] = https://curl.se/bug/?i=19412
  [47] = https://curl.se/bug/?i=19402
  [48] = https://curl.se/bug/?i=19403
@@ -168,15 +196,19 @@ References to bug reports and discussions on issues:
  [54] = https://curl.se/bug/?i=19399
  [55] = https://curl.se/bug/?i=19336
  [56] = https://curl.se/bug/?i=19396
+ [60] = https://curl.se/bug/?i=18330
  [61] = https://curl.se/bug/?i=19484
+ [62] = https://curl.se/bug/?i=17931
  [63] = https://curl.se/bug/?i=19479
  [64] = https://curl.se/bug/?i=19479
  [65] = https://curl.se/bug/?i=19478
  [66] = https://curl.se/bug/?i=19477
  [67] = https://curl.se/bug/?i=19475
  [68] = https://curl.se/bug/?i=19480
+ [69] = https://curl.se/bug/?i=17927
  [70] = https://curl.se/bug/?i=19464
  [71] = https://curl.se/bug/?i=19461
+ [73] = https://curl.se/bug/?i=19359
  [74] = https://curl.se/bug/?i=19465
  [76] = https://curl.se/bug/?i=19463
  [77] = https://curl.se/bug/?i=19459
@@ -188,8 +220,26 @@ References to bug reports and discussions on issues:
  [86] = https://curl.se/bug/?i=19451
  [87] = https://curl.se/bug/?i=19450
  [88] = https://curl.se/bug/?i=19449
+ [89] = https://curl.se/bug/?i=19473
  [90] = https://curl.se/bug/?i=19432
  [91] = https://curl.se/bug/?i=19398
  [92] = https://curl.se/bug/?i=19446
  [93] = https://curl.se/bug/?i=19445
  [94] = https://curl.se/bug/?i=19444
+ [95] = https://curl.se/bug/?i=19530
+ [96] = https://curl.se/bug/?i=19531
+ [97] = https://curl.se/bug/?i=19520
+ [98] = https://curl.se/bug/?i=19529
+ [99] = https://curl.se/bug/?i=19525
+ [100] = https://curl.se/bug/?i=19523
+ [101] = https://curl.se/bug/?i=19524
+ [102] = https://curl.se/bug/?i=19518
+ [103] = https://curl.se/bug/?i=19519
+ [105] = https://curl.se/bug/?i=19517
+ [107] = https://curl.se/bug/?i=19512
+ [108] = https://curl.se/bug/?i=19513
+ [110] = https://curl.se/bug/?i=19510
+ [111] = https://curl.se/bug/?i=19509
+ [112] = https://curl.se/bug/?i=19495
+ [118] = https://curl.se/bug/?i=19493
+ [119] = https://curl.se/bug/?i=19483

From b3d4f17e3d902b70a4967e1fa9fc574c1cac676d Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Fri, 14 Nov 2025 23:00:05 +0100
Subject: [PATCH 0876/2408] curl_sasl: make Curl_sasl_decode_mech compare case
 insenstively

The provided mechanisms should be compared case insenstively.

Found by ZeroPath

Closes #19535
---
 lib/curl_sasl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c
index b04e958268..1c9f259de4 100644
--- a/lib/curl_sasl.c
+++ b/lib/curl_sasl.c
@@ -96,7 +96,7 @@ unsigned short Curl_sasl_decode_mech(const char *ptr, size_t maxlen,
 
   for(i = 0; mechtable[i].name; i++) {
     if(maxlen >= mechtable[i].len &&
-       !memcmp(ptr, mechtable[i].name, mechtable[i].len)) {
+       curl_strnequal(ptr, mechtable[i].name, mechtable[i].len)) {
       if(len)
         *len = mechtable[i].len;
 

From 217f0e4d59717fa2a9fd428a4e7458dde26e6e94 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Sat, 15 Nov 2025 12:45:54 +0100
Subject: [PATCH 0877/2408] pytest fixes and improvements

- fix test_17_20 flakiness: the test case did not have `nghttpx` in
  its parameters, causing it to no check if a reload was necessary.
  When that test ran behind one that gave nghttpx another certificate,
  eg. in parallel mode, it used the wrong pinned pubkey.
- Have `env` provide lists of HTTP protocol versions available for
  testing. Replace parameterized tests on a fixed protocol list with
  the dynamic one from env. This makes checks for protocol availability
  in the test function bodies superfluous.

refs #19489
Closes #19540
---
 tests/http/test_01_basic.py      |  64 +++-------
 tests/http/test_02_download.py   | 206 ++++++-------------------------
 tests/http/test_03_goaway.py     |   3 +-
 tests/http/test_04_stuttered.py  |  24 +---
 tests/http/test_05_errors.py     |  15 +--
 tests/http/test_07_upload.py     | 186 +++++-----------------------
 tests/http/test_08_caddy.py      |  57 ++-------
 tests/http/test_09_push.py       |   6 +-
 tests/http/test_10_proxy.py      |  54 +++-----
 tests/http/test_13_proxy_auth.py |  12 +-
 tests/http/test_14_auth.py       |  36 +-----
 tests/http/test_16_info.py       |  18 +--
 tests/http/test_17_ssl_use.py    |  74 +++--------
 tests/http/test_18_methods.py    |   9 +-
 tests/http/test_19_shutdown.py   |  10 +-
 tests/http/test_40_socks.py      |  14 +--
 tests/http/testenv/env.py        |  33 ++++-
 17 files changed, 191 insertions(+), 630 deletions(-)

diff --git a/tests/http/test_01_basic.py b/tests/http/test_01_basic.py
index c786488c2e..c734318890 100644
--- a/tests/http/test_01_basic.py
+++ b/tests/http/test_01_basic.py
@@ -55,9 +55,8 @@ class TestBasic:
 
     # simple https: GET, h2 wanted and got
     @pytest.mark.skipif(condition=not Env.have_ssl_curl(), reason="curl without SSL")
+    @pytest.mark.skipif(condition=not Env.have_h2_curl(), reason="curl without h2")
     def test_01_03_h2_get(self, env: Env, httpd):
-        if not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         curl = CurlClient(env=env)
         url = f'https://{env.domain1}:{env.https_port}/data.json'
         r = curl.http_get(url=url, extra_args=['--http2'])
@@ -66,9 +65,8 @@ class TestBasic:
 
     # simple https: GET, h2 unsupported, fallback to h1
     @pytest.mark.skipif(condition=not Env.have_ssl_curl(), reason="curl without SSL")
+    @pytest.mark.skipif(condition=not Env.have_h2_curl(), reason="curl without h2")
     def test_01_04_h2_unsupported(self, env: Env, httpd):
-        if not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         curl = CurlClient(env=env)
         url = f'https://{env.domain2}:{env.https_port}/data.json'
         r = curl.http_get(url=url, extra_args=['--http2'])
@@ -86,12 +84,8 @@ class TestBasic:
 
     # simple download, check connect/handshake timings
     @pytest.mark.skipif(condition=not Env.have_ssl_curl(), reason="curl without SSL")
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_01_06_timings(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
         url = f'https://{env.authority_for(env.domain1, proto)}/data.json'
         r = curl.http_download(urls=[url], alpn_proto=proto, with_stats=True)
@@ -103,13 +97,9 @@ class TestBasic:
         assert r.stats[0]['time_appconnect'] > 0, f'{r.stats[0]}'
 
     # simple https: HEAD
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     @pytest.mark.skipif(condition=not Env.have_ssl_curl(), reason="curl without SSL")
     def test_01_07_head(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
         url = f'https://{env.authority_for(env.domain1, proto)}/data.json'
         r = curl.http_download(urls=[url], with_stats=True, with_headers=True,
@@ -122,9 +112,8 @@ class TestBasic:
         assert r.stats[0]['size_download'] == 0, f'{r.stats[0]}'
 
     # http: GET for HTTP/2, see Upgrade:, 101 switch
+    @pytest.mark.skipif(condition=not Env.have_h2_curl(), reason="curl without h2")
     def test_01_08_h2_upgrade(self, env: Env, httpd):
-        if not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         curl = CurlClient(env=env)
         url = f'http://{env.domain1}:{env.http_port}/data.json'
         r = curl.http_get(url=url, extra_args=['--http2'])
@@ -136,9 +125,8 @@ class TestBasic:
         assert r.json['server'] == env.domain1
 
     # http: GET for HTTP/2 with prior knowledge
+    @pytest.mark.skipif(condition=not Env.have_h2_curl(), reason="curl without h2")
     def test_01_09_h2_prior_knowledge(self, env: Env, httpd):
-        if not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         curl = CurlClient(env=env)
         url = f'http://{env.domain1}:{env.http_port}/data.json'
         r = curl.http_get(url=url, extra_args=['--http2-prior-knowledge'])
@@ -149,9 +137,8 @@ class TestBasic:
         assert r.json['server'] == env.domain1
 
     # http: strip TE header in HTTP/2 requests
+    @pytest.mark.skipif(condition=not Env.have_h2_curl(), reason="curl without h2")
     def test_01_10_te_strip(self, env: Env, httpd):
-        if not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         curl = CurlClient(env=env)
         url = f'https://{env.authority_for(env.domain1, "h2")}/data.json'
         r = curl.http_get(url=url, extra_args=['--http2', '-H', 'TE: gzip'])
@@ -164,12 +151,8 @@ class TestBasic:
     # send 48KB+ sized response headers to check we handle that correctly
     # larger than 64KB headers expose a bug in Apache HTTP/2 that is not
     # RSTing the stream correctly when its internal limits are exceeded.
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_01_11_large_resp_headers(self, env: Env, httpd, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
         url = f'https://{env.authority_for(env.domain1, proto)}' \
             f'/curltest/tweak?x-hd={48 * 1024}'
@@ -181,10 +164,8 @@ class TestBasic:
     # http: response headers larger than what curl buffers for
     @pytest.mark.skipif(condition=not Env.httpd_is_at_least('2.4.64'),
                         reason='httpd must be at least 2.4.64')
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
+    @pytest.mark.parametrize("proto", Env.http_h1_h2_protos())
     def test_01_12_xlarge_resp_headers(self, env: Env, httpd, configures_httpd, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         httpd.set_extra_config('base', [
             f'H2MaxHeaderBlockLen {130 * 1024}',
         ])
@@ -200,10 +181,8 @@ class TestBasic:
     # http: 1 response header larger than what curl buffers for
     @pytest.mark.skipif(condition=not Env.httpd_is_at_least('2.4.64'),
                         reason='httpd must be at least 2.4.64')
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
+    @pytest.mark.parametrize("proto", Env.http_h1_h2_protos())
     def test_01_13_megalarge_resp_headers(self, env: Env, httpd, configures_httpd, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         httpd.set_extra_config('base', [
             'LogLevel http2:trace2',
             f'H2MaxHeaderBlockLen {130 * 1024}',
@@ -222,10 +201,8 @@ class TestBasic:
     # nghttp2 error -905: Too many CONTINUATION frames following a HEADER frame
     @pytest.mark.skipif(condition=not Env.httpd_is_at_least('2.4.64'),
                         reason='httpd must be at least 2.4.64')
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
+    @pytest.mark.parametrize("proto", Env.http_h1_h2_protos())
     def test_01_14_gigalarge_resp_headers(self, env: Env, httpd, configures_httpd, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         httpd.set_extra_config('base', [
             'LogLevel http2:trace2',
             f'H2MaxHeaderBlockLen {1024 * 1024}',
@@ -243,10 +220,8 @@ class TestBasic:
     # http: one response header > 256 KB
     @pytest.mark.skipif(condition=not Env.httpd_is_at_least('2.4.64'),
                         reason='httpd must be at least 2.4.64')
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
+    @pytest.mark.parametrize("proto", Env.http_h1_h2_protos())
     def test_01_15_gigalarge_resp_headers(self, env: Env, httpd, configures_httpd, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         httpd.set_extra_config('base', [
             'LogLevel http2:trace2',
             f'H2MaxHeaderBlockLen {1024 * 1024}',
@@ -262,12 +237,8 @@ class TestBasic:
             r.check_exit_code(100)  # CURLE_TOO_LARGE
 
     # http: invalid request headers, GET, issue #16998
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_01_16_inv_req_get(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
         url = f'https://{env.authority_for(env.domain1, proto)}/curltest/echo'
         r = curl.http_get(url=url, alpn_proto=proto, extra_args=[
@@ -287,10 +258,9 @@ class TestBasic:
         pytest.param('gzip ;q=0.2;x="y,x", trailers', 'trailers', id='gzip+q+x+trailers'),
         pytest.param('gzip ;x="trailers", chunks', None, id='gzip+x+chunks'),
     ])
+    @pytest.mark.skipif(condition=not Env.have_h2_curl(), reason="curl without h2")
     def test_01_17_TE(self, env: Env, httpd, te_in, te_out):
         proto = 'h2'
-        if not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         curl = CurlClient(env=env)
         url = f'https://{env.authority_for(env.domain1, proto)}/curltest/echo'
         r = curl.http_download(urls=[url], alpn_proto=proto, with_stats=True,
@@ -303,10 +273,9 @@ class TestBasic:
             assert 'request-te' not in r.responses[0]['header'], f'{r.responses[0]}'
 
     # check that an existing https: connection is not reused for http:
+    @pytest.mark.skipif(condition=not Env.have_h2_curl(), reason="curl without h2")
     def test_01_18_tls_reuse(self, env: Env, httpd):
         proto = 'h2'
-        if not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         curl = CurlClient(env=env)
         url1 = f'https://{env.authority_for(env.domain1, proto)}/data.json'
         url2 = f'http://{env.authority_for(env.domain1, proto)}/data.json'
@@ -315,10 +284,9 @@ class TestBasic:
         assert r.total_connects == 2, f'{r.dump_logs()}'
 
     # check that an existing http: connection is not reused for https:
+    @pytest.mark.skipif(condition=not Env.have_h2_curl(), reason="curl without h2")
     def test_01_19_plain_reuse(self, env: Env, httpd):
         proto = 'h2'
-        if not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         curl = CurlClient(env=env)
         url1 = f'http://{env.domain1}:{env.http_port}/data.json'
         url2 = f'https://{env.domain1}:{env.http_port}/data.json'
diff --git a/tests/http/test_02_download.py b/tests/http/test_02_download.py
index 13d5d2a0f0..68c75d4d3e 100644
--- a/tests/http/test_02_download.py
+++ b/tests/http/test_02_download.py
@@ -53,36 +53,24 @@ class TestDownload:
         env.make_data_gzipbomb(indir=indir, fname="bomb-100m.txt", fsize=100*1024*1024)
 
     # download 1 file
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_02_01_download_1(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
         url = f'https://{env.authority_for(env.domain1, proto)}/data.json'
         r = curl.http_download(urls=[url], alpn_proto=proto)
         r.check_response(http_status=200)
 
     # download 2 files
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_02_02_download_2(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
         url = f'https://{env.authority_for(env.domain1, proto)}/data.json?[0-1]'
         r = curl.http_download(urls=[url], alpn_proto=proto)
         r.check_response(http_status=200, count=2)
 
     # download 100 files sequentially
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_02_03_download_sequential(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         if (proto == 'http/1.1' or proto == 'h2') and env.curl_uses_lib('mbedtls') and \
            sys.platform.startswith('darwin') and env.ci_run:
             pytest.skip('mbedtls 3.6.3 fails this test on macOS CI runners')
@@ -93,12 +81,8 @@ class TestDownload:
         r.check_response(http_status=200, count=count, connect_count=1)
 
     # download 100 files parallel
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_02_04_download_parallel(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         if proto == 'h2' and env.curl_uses_lib('mbedtls') and \
            sys.platform.startswith('darwin') and env.ci_run:
             pytest.skip('mbedtls 3.6.3 fails this test on macOS CI runners')
@@ -118,12 +102,8 @@ class TestDownload:
             assert r.total_connects == 1, r.dump_logs()
 
     # download 500 files sequential
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_02_05_download_many_sequential(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         if proto == 'h2' and env.curl_uses_lib('mbedtls') and \
            sys.platform.startswith('darwin') and env.ci_run:
             pytest.skip('mbedtls 3.6.3 fails this test on macOS CI runners')
@@ -140,12 +120,8 @@ class TestDownload:
             assert r.total_connects == 1, r.dump_logs()
 
     # download 500 files parallel
-    @pytest.mark.parametrize("proto", ['h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_mplx_protos())
     def test_02_06_download_many_parallel(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         if proto == 'h2' and env.curl_uses_lib('mbedtls') and \
            sys.platform.startswith('darwin') and env.ci_run:
             pytest.skip('mbedtls 3.6.3 fails this test on macOS CI runners')
@@ -159,12 +135,8 @@ class TestDownload:
         r.check_response(http_status=200, count=count, connect_count=1)
 
     # download files parallel, check connection reuse/multiplex
-    @pytest.mark.parametrize("proto", ['h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_mplx_protos())
     def test_02_07_download_reuse(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 200
         curl = CurlClient(env=env)
         urln = f'https://{env.authority_for(env.domain1, proto)}/data.json?[0-{count-1}]'
@@ -192,24 +164,16 @@ class TestDownload:
         # http/1.1 should have used count connections
         assert r.total_connects == count, "http/1.1 should use this many connections"
 
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_02_08_1MB_serial(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 5
         urln = f'https://{env.authority_for(env.domain1, proto)}/data-1m?[0-{count-1}]'
         curl = CurlClient(env=env)
         r = curl.http_download(urls=[urln], alpn_proto=proto)
         r.check_response(count=count, http_status=200)
 
-    @pytest.mark.parametrize("proto", ['h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_mplx_protos())
     def test_02_09_1MB_parallel(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 5
         urln = f'https://{env.authority_for(env.domain1, proto)}/data-1m?[0-{count-1}]'
         curl = CurlClient(env=env)
@@ -220,12 +184,8 @@ class TestDownload:
 
     @pytest.mark.skipif(condition=Env().slow_network, reason="not suitable for slow network tests")
     @pytest.mark.skipif(condition=Env().ci_run, reason="not suitable for CI runs")
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_02_10_10MB_serial(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 3
         urln = f'https://{env.authority_for(env.domain1, proto)}/data-10m?[0-{count-1}]'
         curl = CurlClient(env=env)
@@ -234,12 +194,8 @@ class TestDownload:
 
     @pytest.mark.skipif(condition=Env().slow_network, reason="not suitable for slow network tests")
     @pytest.mark.skipif(condition=Env().ci_run, reason="not suitable for CI runs")
-    @pytest.mark.parametrize("proto", ['h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_mplx_protos())
     def test_02_11_10MB_parallel(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 3
         urln = f'https://{env.authority_for(env.domain1, proto)}/data-10m?[0-{count-1}]'
         curl = CurlClient(env=env)
@@ -248,12 +204,8 @@ class TestDownload:
         ])
         r.check_response(count=count, http_status=200)
 
-    @pytest.mark.parametrize("proto", ['h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_mplx_protos())
     def test_02_12_head_serial_https(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 5
         urln = f'https://{env.authority_for(env.domain1, proto)}/data-10m?[0-{count-1}]'
         curl = CurlClient(env=env)
@@ -263,11 +215,8 @@ class TestDownload:
         r.check_response(count=count, http_status=200)
 
     @pytest.mark.parametrize("proto", ['h2'])
+    @pytest.mark.skipif(condition=not Env.have_h2_curl(), reason="curl without h2")
     def test_02_13_head_serial_h2c(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 5
         urln = f'http://{env.domain1}:{env.http_port}/data-10m?[0-{count-1}]'
         curl = CurlClient(env=env)
@@ -276,12 +225,8 @@ class TestDownload:
         ])
         r.check_response(count=count, http_status=200)
 
-    @pytest.mark.parametrize("proto", ['h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_mplx_protos())
     def test_02_14_not_found(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 5
         urln = f'https://{env.authority_for(env.domain1, proto)}/not-found?[0-{count-1}]'
         curl = CurlClient(env=env)
@@ -292,12 +237,8 @@ class TestDownload:
                       remote_port=env.port_for(alpn_proto=proto),
                       remote_ip='127.0.0.1')
 
-    @pytest.mark.parametrize("proto", ['h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_mplx_protos())
     def test_02_15_fail_not_found(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 5
         urln = f'https://{env.authority_for(env.domain1, proto)}/not-found?[0-{count-1}]'
         curl = CurlClient(env=env)
@@ -309,9 +250,8 @@ class TestDownload:
                       remote_ip='127.0.0.1')
 
     @pytest.mark.skipif(condition=Env().slow_network, reason="not suitable for slow network tests")
+    @pytest.mark.skipif(condition=not Env.have_h2_curl(), reason="curl without h2")
     def test_02_20_h2_small_frames(self, env: Env, httpd, configures_httpd):
-        if not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         # Test case to reproduce content corruption as observed in
         # https://github.com/curl/curl/issues/10525
         # To reliably reproduce, we need an Apache httpd that supports
@@ -358,10 +298,9 @@ class TestDownload:
     # debug-override stream window size to reproduce #16955
     @pytest.mark.parametrize("pause_offset", [0, 10*1024, 100*1023, 640000])
     @pytest.mark.parametrize("swin_max", [0, 10*1024])
+    @pytest.mark.skipif(condition=not Env.have_h2_curl(), reason="curl without h2")
     def test_02_21_h2_lib_serial(self, env: Env, httpd, pause_offset, swin_max):
         proto = 'h2'
-        if not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         count = 2
         docname = 'data-10m'
         url = f'https://localhost:{env.https_port}/{docname}'
@@ -381,12 +320,8 @@ class TestDownload:
 
     # download via lib client, several at a time, pause/resume
     @pytest.mark.parametrize("pause_offset", [100*1023])
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_02_22_lib_parallel_resume(self, env: Env, httpd, nghttpx, proto, pause_offset):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 2
         max_parallel = 5
         docname = 'data-10m'
@@ -403,19 +338,15 @@ class TestDownload:
         self.check_downloads(client, srcfile, count)
 
     # download, several at a time, pause and abort paused
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_02_23a_lib_abort_paused(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         if proto == 'h3' and env.curl_uses_ossl_quic():
             pytest.skip('OpenSSL QUIC fails here')
         if proto == 'h3' and env.ci_run and env.curl_uses_lib('quiche'):
             pytest.skip("fails in CI, but works locally for unknown reasons")
         count = 10
         max_parallel = 5
-        if proto in ['h2', 'h3']:
+        if proto in Env.http_mplx_protos():
             pause_offset = 64 * 1024
         else:
             pause_offset = 12 * 1024
@@ -434,19 +365,15 @@ class TestDownload:
         self.check_downloads(client, srcfile, count, complete=False)
 
     # download, several at a time, abort after n bytes
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_02_23b_lib_abort_offset(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         if proto == 'h3' and env.curl_uses_ossl_quic():
             pytest.skip('OpenSSL QUIC fails here')
         if proto == 'h3' and env.ci_run and env.curl_uses_lib('quiche'):
             pytest.skip("fails in CI, but works locally for unknown reasons")
         count = 10
         max_parallel = 5
-        if proto in ['h2', 'h3']:
+        if proto in Env.http_mplx_protos():
             abort_offset = 64 * 1024
         else:
             abort_offset = 12 * 1024
@@ -465,19 +392,15 @@ class TestDownload:
         self.check_downloads(client, srcfile, count, complete=False)
 
     # download, several at a time, abort after n bytes
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_02_23c_lib_fail_offset(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         if proto == 'h3' and env.curl_uses_ossl_quic():
             pytest.skip('OpenSSL QUIC fails here')
         if proto == 'h3' and env.ci_run and env.curl_uses_lib('quiche'):
             pytest.skip("fails in CI, but works locally for unknown reasons")
         count = 10
         max_parallel = 5
-        if proto in ['h2', 'h3']:
+        if proto in Env.http_mplx_protos():
             fail_offset = 64 * 1024
         else:
             fail_offset = 12 * 1024
@@ -496,12 +419,8 @@ class TestDownload:
         self.check_downloads(client, srcfile, count, complete=False)
 
     # speed limited download
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_02_24_speed_limit(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 1
         url = f'https://{env.authority_for(env.domain1, proto)}/data-1m'
         curl = CurlClient(env=env)
@@ -527,12 +446,8 @@ class TestDownload:
 
     # Special client that tests TLS session reuse in parallel transfers
     # TODO: just uses a single connection for h2/h3. Not sure how to prevent that
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_02_26_session_shared_reuse(self, env: Env, proto, httpd, nghttpx):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         url = f'https://{env.authority_for(env.domain1, proto)}/data-100k'
         client = LocalClient(name='cli_tls_session_reuse', env=env)
         if not client.exists():
@@ -541,12 +456,8 @@ class TestDownload:
         r.check_exit_code(0)
 
     # test on paused transfers, based on issue #11982
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_02_27a_paused_no_cl(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         url = f'https://{env.authority_for(env.domain1, proto)}' \
             '/curltest/tweak/?&chunks=6&chunk_size=8000'
         client = LocalClient(env=env, name='cli_h2_pausing')
@@ -554,12 +465,8 @@ class TestDownload:
         r.check_exit_code(0)
 
     # test on paused transfers, based on issue #11982
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_02_27b_paused_no_cl(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         url = f'https://{env.authority_for(env.domain1, proto)}' \
             '/curltest/tweak/?error=502'
         client = LocalClient(env=env, name='cli_h2_pausing')
@@ -567,26 +474,18 @@ class TestDownload:
         r.check_exit_code(0)
 
     # test on paused transfers, based on issue #11982
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_02_27c_paused_no_cl(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         url = f'https://{env.authority_for(env.domain1, proto)}' \
             '/curltest/tweak/?status=200&chunks=1&chunk_size=100'
         client = LocalClient(env=env, name='cli_h2_pausing')
         r = client.run(args=['-V', proto, url])
         r.check_exit_code(0)
 
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_02_28_get_compressed(self, env: Env, httpd, nghttpx, proto):
         if not env.have_compressed_curl():
             pytest.skip("--compressed not supported")
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 1
         urln = f'https://{env.authority_for(env.domain1brotli, proto)}/data-100k?[0-{count-1}]'
         curl = CurlClient(env=env)
@@ -611,12 +510,8 @@ class TestDownload:
 
     # download via lib client, 1 at a time, pause/resume at different offsets
     @pytest.mark.parametrize("pause_offset", [0, 10*1024, 100*1023, 640000])
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_02_29_h2_lib_serial(self, env: Env, httpd, nghttpx, proto, pause_offset):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 2
         docname = 'data-10m'
         url = f'https://localhost:{env.https_port}/{docname}'
@@ -631,9 +526,8 @@ class TestDownload:
         self.check_downloads(client, srcfile, count)
 
     # download parallel with prior knowledge
+    @pytest.mark.skipif(condition=not Env.have_h2_curl(), reason="curl without h2")
     def test_02_30_parallel_prior_knowledge(self, env: Env, httpd):
-        if not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         count = 3
         curl = CurlClient(env=env)
         urln = f'http://{env.domain1}:{env.http_port}/data.json?[0-{count-1}]'
@@ -644,9 +538,8 @@ class TestDownload:
         assert r.total_connects == 1, r.dump_logs()
 
     # download parallel with h2 "Upgrade:"
+    @pytest.mark.skipif(condition=not Env.have_h2_curl(), reason="curl without h2")
     def test_02_31_parallel_upgrade(self, env: Env, httpd, nghttpx):
-        if not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         count = 3
         curl = CurlClient(env=env)
         urln = f'http://{env.domain1}:{env.http_port}/data.json?[0-{count-1}]'
@@ -663,15 +556,12 @@ class TestDownload:
     @pytest.mark.skipif(condition=not Env.have_nghttpx(), reason="no nghttpx")
     @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug")
     @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings")
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_02_32_earlydata(self, env: Env, httpd, nghttpx, proto):
         if not env.curl_can_early_data():
             pytest.skip('TLS earlydata not implemented')
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and \
-           (not env.have_h3() or not env.curl_can_h3_early_data()):
-            pytest.skip("h3 not supported")
+        if proto == 'h3' and not env.curl_can_h3_early_data():
+            pytest.skip("h3 early data not supported")
         if proto != 'h3' and sys.platform.startswith('darwin') and env.ci_run:
             pytest.skip('failing on macOS CI runners')
         if proto == 'h3' and sys.platform.startswith('darwin') and env.curl_uses_lib('wolfssl'):
@@ -718,17 +608,13 @@ class TestDownload:
         elif proto == 'h3':
             assert earlydata[1] == 109, f'{earlydata}'
 
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
+    @pytest.mark.parametrize("proto", Env.http_h1_h2_protos())
     @pytest.mark.parametrize("max_host_conns", [0, 1, 5])
     def test_02_33_max_host_conns(self, env: Env, httpd, nghttpx, proto, max_host_conns):
         if not env.curl_is_debug():
             pytest.skip('only works for curl debug builds')
         if not env.curl_is_verbose():
             pytest.skip('only works for curl with verbose strings')
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 50
         max_parallel = 50
         docname = 'data-10k'
@@ -760,17 +646,13 @@ class TestDownload:
                     assert n <= max_host_conns
             assert matched_lines > 0
 
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
+    @pytest.mark.parametrize("proto", Env.http_h1_h2_protos())
     @pytest.mark.parametrize("max_total_conns", [0, 1, 5])
     def test_02_34_max_total_conns(self, env: Env, httpd, nghttpx, proto, max_total_conns):
         if not env.curl_is_debug():
             pytest.skip('only works for curl debug builds')
         if not env.curl_is_verbose():
             pytest.skip('only works for curl with verbose strings')
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 50
         max_parallel = 50
         docname = 'data-10k'
@@ -812,12 +694,8 @@ class TestDownload:
     # * h2/h3: server continues sending what the stream window allows and
     #   since the one connection involved unpaused transfers, data continues
     #   to be received, requiring buffering.
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_02_35_pause_bomb(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 2
         pause_offset = 1024 * 1024
         docname = 'bomb-100m.txt.var'
@@ -832,13 +710,9 @@ class TestDownload:
         r.check_exit_code(0)
 
     # download with looong urls
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     @pytest.mark.parametrize("url_junk", [1024, 16*1024, 32*1024, 64*1024, 80*1024, 96*1024])
     def test_02_36_looong_urls(self, env: Env, httpd, nghttpx, proto, url_junk):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         if proto == 'h3' and env.curl_uses_lib('quiche'):
             pytest.skip("quiche fails from 16k onwards")
         curl = CurlClient(env=env)
diff --git a/tests/http/test_03_goaway.py b/tests/http/test_03_goaway.py
index 8acaa9dc65..2e1d6a5802 100644
--- a/tests/http/test_03_goaway.py
+++ b/tests/http/test_03_goaway.py
@@ -39,10 +39,9 @@ log = logging.getLogger(__name__)
 class TestGoAway:
 
     # download files sequentially with delay, reload server for GOAWAY
+    @pytest.mark.skipif(condition=not Env.have_h2_curl(), reason="curl without h2")
     def test_03_01_h2_goaway(self, env: Env, httpd, nghttpx):
         proto = 'h2'
-        if not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         count = 3
         self.r = None
 
diff --git a/tests/http/test_04_stuttered.py b/tests/http/test_04_stuttered.py
index bd2c5e1f77..7fa2fe37a5 100644
--- a/tests/http/test_04_stuttered.py
+++ b/tests/http/test_04_stuttered.py
@@ -39,12 +39,8 @@ log = logging.getLogger(__name__)
 class TestStuttered:
 
     # download 1 file, check that delayed response works in general
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_04_01_download_1(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 1
         curl = CurlClient(env=env)
         urln = f'https://{env.authority_for(env.domain1, proto)}' \
@@ -56,12 +52,8 @@ class TestStuttered:
     # download 50 files in 100 chunks a 100 bytes with 10ms delay between
     # prepend 100 file requests to warm up connection processing limits
     # (Apache2 increases # of parallel processed requests after successes)
-    @pytest.mark.parametrize("proto", ['h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_mplx_protos())
     def test_04_02_100_100_10(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 50
         warmups = 100
         curl = CurlClient(env=env)
@@ -80,12 +72,8 @@ class TestStuttered:
     # download 50 files in 1000 chunks a 10 bytes with 1ms delay between
     # prepend 100 file requests to warm up connection processing limits
     # (Apache2 increases # of parallel processed requests after successes)
-    @pytest.mark.parametrize("proto", ['h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_mplx_protos())
     def test_04_03_1000_10_1(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 50
         warmups = 100
         curl = CurlClient(env=env)
@@ -104,12 +92,8 @@ class TestStuttered:
     # download 50 files in 10000 chunks a 1 byte with 10us delay between
     # prepend 100 file requests to warm up connection processing limits
     # (Apache2 increases # of parallel processed requests after successes)
-    @pytest.mark.parametrize("proto", ['h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_mplx_protos())
     def test_04_04_1000_10_1(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 50
         warmups = 100
         curl = CurlClient(env=env)
diff --git a/tests/http/test_05_errors.py b/tests/http/test_05_errors.py
index 8d8ea707bb..258b7f11d5 100644
--- a/tests/http/test_05_errors.py
+++ b/tests/http/test_05_errors.py
@@ -38,12 +38,8 @@ log = logging.getLogger(__name__)
 class TestErrors:
 
     # download 1 file, check that we get CURLE_PARTIAL_FILE
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_05_01_partial_1(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 1
         curl = CurlClient(env=env)
         urln = f'https://{env.authority_for(env.domain1, proto)}' \
@@ -60,12 +56,8 @@ class TestErrors:
         assert len(invalid_stats) == 0, f'failed: {invalid_stats}'
 
     # download files, check that we get CURLE_PARTIAL_FILE for all
-    @pytest.mark.parametrize("proto", ['h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_mplx_protos())
     def test_05_02_partial_20(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         if proto == 'h3' and env.curl_uses_ossl_quic():
             pytest.skip("openssl-quic is flaky in yielding proper error codes")
         count = 20
@@ -85,9 +77,8 @@ class TestErrors:
         assert len(invalid_stats) == 0, f'failed: {invalid_stats}'
 
     # access a resource that, on h2, RST the stream with HTTP_1_1_REQUIRED
+    @pytest.mark.skipif(condition=not Env.have_h2_curl(), reason="curl without h2")
     def test_05_03_required(self, env: Env, httpd, nghttpx):
-        if not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         curl = CurlClient(env=env)
         proto = 'http/1.1'
         urln = f'https://{env.authority_for(env.domain1, proto)}/curltest/1_1'
diff --git a/tests/http/test_07_upload.py b/tests/http/test_07_upload.py
index 93d1fb26bf..8d69018841 100644
--- a/tests/http/test_07_upload.py
+++ b/tests/http/test_07_upload.py
@@ -51,12 +51,8 @@ class TestUpload:
         env.make_data_file(indir=env.gen_dir, fname="data-10m", fsize=10*1024*1024)
 
     # upload small data, check that this is what was echoed
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_07_01_upload_1_small(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         data = '0123456789'
         curl = CurlClient(env=env)
         url = f'https://{env.authority_for(env.domain1, proto)}/curltest/echo?id=[0-0]'
@@ -66,12 +62,8 @@ class TestUpload:
         assert respdata == [data]
 
     # upload large data, check that this is what was echoed
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_07_02_upload_1_large(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         fdata = os.path.join(env.gen_dir, 'data-100k')
         curl = CurlClient(env=env)
         url = f'https://{env.authority_for(env.domain1, proto)}/curltest/echo?id=[0-0]'
@@ -82,12 +74,8 @@ class TestUpload:
         assert respdata == indata
 
     # upload data sequentially, check that they were echoed
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_07_10_upload_sequential(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 20
         data = '0123456789'
         curl = CurlClient(env=env)
@@ -99,12 +87,8 @@ class TestUpload:
             assert respdata == [data]
 
     # upload data parallel, check that they were echoed
-    @pytest.mark.parametrize("proto", ['h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_mplx_protos())
     def test_07_11_upload_parallel(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         # limit since we use a separate connection in h1
         count = 20
         data = '0123456789'
@@ -118,12 +102,8 @@ class TestUpload:
             assert respdata == [data]
 
     # upload large data sequentially, check that this is what was echoed
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_07_12_upload_seq_large(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         fdata = os.path.join(env.gen_dir, 'data-100k')
         count = 10
         curl = CurlClient(env=env)
@@ -137,12 +117,8 @@ class TestUpload:
             assert respdata == indata
 
     # upload very large data sequentially, check that this is what was echoed
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_07_13_upload_seq_large(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         fdata = os.path.join(env.gen_dir, 'data-10m')
         count = 2
         curl = CurlClient(env=env)
@@ -155,15 +131,11 @@ class TestUpload:
             assert respdata == indata
 
     # upload from stdin, issue #14870
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     @pytest.mark.parametrize("indata", [
         '', '1', '123\n456andsomething\n\n'
     ])
     def test_07_14_upload_stdin(self, env: Env, httpd, nghttpx, proto, indata):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 1
         curl = CurlClient(env=env)
         url = f'https://{env.authority_for(env.domain1, proto)}/curltest/put?id=[0-{count-1}]'
@@ -173,12 +145,8 @@ class TestUpload:
             respdata = open(curl.response_file(i)).readlines()
             assert respdata == [f'{len(indata)}']
 
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_07_15_hx_put(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 2
         upload_size = 128*1024
         url = f'https://localhost:{env.https_port}/curltest/put'
@@ -191,12 +159,8 @@ class TestUpload:
         r.check_exit_code(0)
         self.check_downloads(client, r, [f"{upload_size}"], count)
 
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_07_16_hx_put_reuse(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 2
         upload_size = 128*1024
         url = f'https://localhost:{env.https_port}/curltest/put'
@@ -209,12 +173,8 @@ class TestUpload:
         r.check_exit_code(0)
         self.check_downloads(client, r, [f"{upload_size}"], count)
 
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_07_17_hx_post_reuse(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 2
         upload_size = 128*1024
         url = f'https://localhost:{env.https_port}/curltest/echo'
@@ -228,12 +188,8 @@ class TestUpload:
         self.check_downloads(client, r, ["x" * upload_size], count)
 
     # upload data parallel, check that they were echoed
-    @pytest.mark.parametrize("proto", ['h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_mplx_protos())
     def test_07_20_upload_parallel(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         # limit since we use a separate connection in h1
         count = 10
         data = '0123456789'
@@ -247,12 +203,8 @@ class TestUpload:
             assert respdata == [data]
 
     # upload large data parallel, check that this is what was echoed
-    @pytest.mark.parametrize("proto", ['h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_mplx_protos())
     def test_07_21_upload_parallel_large(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         fdata = os.path.join(env.gen_dir, 'data-100k')
         # limit since we use a separate connection in h1
         count = 10
@@ -267,12 +219,8 @@ class TestUpload:
     # (We used to do this for 20 parallel transfers, but the triggered
     #  stream resets make nghttpx drop the connection after several, which
     #  then gives a non-deterministic number of completely failed transfers)
-    @pytest.mark.parametrize("proto", ['h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_mplx_protos())
     def test_07_22_upload_fail(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         fdata = os.path.join(env.gen_dir, 'data-10m')
         count = 1
         curl = CurlClient(env=env)
@@ -285,12 +233,8 @@ class TestUpload:
         r.check_stats(count=count, exitcode=[18, 55, 56, 92, 95])
 
     # PUT 100k
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_07_30_put_100k(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         fdata = os.path.join(env.gen_dir, 'data-100k')
         count = 1
         curl = CurlClient(env=env)
@@ -305,12 +249,8 @@ class TestUpload:
             assert respdata == exp_data
 
     # PUT 10m
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_07_31_put_10m(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         fdata = os.path.join(env.gen_dir, 'data-10m')
         count = 1
         curl = CurlClient(env=env)
@@ -325,12 +265,8 @@ class TestUpload:
             assert respdata == exp_data
 
     # issue #10591
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_07_32_issue_10591(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         fdata = os.path.join(env.gen_dir, 'data-10m')
         count = 1
         curl = CurlClient(env=env)
@@ -340,10 +276,9 @@ class TestUpload:
 
     # issue #11157, upload that is 404'ed by server, needs to terminate
     # correctly and not time out on sending
+    @pytest.mark.skipif(condition=not Env.have_h2_curl(), reason="curl without h2")
     def test_07_33_issue_11157a(self, env: Env, httpd, nghttpx):
         proto = 'h2'
-        if not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         fdata = os.path.join(env.gen_dir, 'data-10m')
         # send a POST to our PUT handler which will send immediately a 404 back
         url = f'https://{env.authority_for(env.domain1, proto)}/curltest/put'
@@ -363,10 +298,9 @@ class TestUpload:
         r.check_stats(1, 404)
 
     # issue #11157, send upload that is slowly read in
+    @pytest.mark.skipif(condition=not Env.have_h2_curl(), reason="curl without h2")
     def test_07_33_issue_11157b(self, env: Env, httpd, nghttpx):
         proto = 'h2'
-        if not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         fdata = os.path.join(env.gen_dir, 'data-10m')
         # tell our test PUT handler to read the upload more slowly, so
         # that the send buffering and transfer loop needs to wait
@@ -387,10 +321,9 @@ class TestUpload:
         assert r.exit_code == 0, r.dump_logs()
         r.check_stats(1, 200)
 
+    @pytest.mark.skipif(condition=not Env.have_h2_curl(), reason="curl without h2")
     def test_07_34_issue_11194(self, env: Env, httpd, nghttpx):
         proto = 'h2'
-        if not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         # tell our test PUT handler to read the upload more slowly, so
         # that the send buffering and transfer loop needs to wait
         fdata = os.path.join(env.gen_dir, 'data-100k')
@@ -409,9 +342,8 @@ class TestUpload:
         r.check_stats(1, 200)
 
     # upload large data on a h1 to h2 upgrade
+    @pytest.mark.skipif(condition=not Env.have_h2_curl(), reason="curl without h2")
     def test_07_35_h1_h2_upgrade_upload(self, env: Env, httpd, nghttpx):
-        if not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         fdata = os.path.join(env.gen_dir, 'data-100k')
         curl = CurlClient(env=env)
         url = f'http://{env.domain1}:{env.http_port}/curltest/echo?id=[0-0]'
@@ -427,12 +359,8 @@ class TestUpload:
 
     # upload to a 301,302,303 response
     @pytest.mark.parametrize("redir", ['301', '302', '303'])
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_07_36_upload_30x(self, env: Env, httpd, nghttpx, redir, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         if proto == 'h3' and env.curl_uses_ossl_quic():
             pytest.skip("OpenSSL's own QUIC is flaky here")
         data = '0123456789' * 10
@@ -446,12 +374,8 @@ class TestUpload:
         assert respdata == []  # was transformed to a GET
 
     # upload to a 307 response
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_07_37_upload_307(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         if proto == 'h3' and env.curl_uses_ossl_quic():
             pytest.skip("OpenSSL's own QUIC is flaky here")
         data = '0123456789' * 10
@@ -465,12 +389,8 @@ class TestUpload:
         assert respdata == [data]  # was POST again
 
     # POST form data, yet another code path in transfer
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_07_38_form_small(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
         url = f'https://{env.authority_for(env.domain1, proto)}/curltest/echo?id=[0-0]'
         r = curl.http_form(urls=[url], alpn_proto=proto, form={
@@ -479,12 +399,8 @@ class TestUpload:
         r.check_stats(count=1, http_status=200, exitcode=0)
 
     # POST data urlencoded, small enough to be sent with request headers
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_07_39_post_urlenc_small(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         fdata = os.path.join(env.gen_dir, 'data-63k')
         curl = CurlClient(env=env)
         url = f'https://{env.authority_for(env.domain1, proto)}/curltest/echo?id=[0-0]'
@@ -497,12 +413,8 @@ class TestUpload:
         assert respdata == indata
 
     # POST data urlencoded, large enough to be sent separate from request headers
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_07_40_post_urlenc_large(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         fdata = os.path.join(env.gen_dir, 'data-64k')
         curl = CurlClient(env=env)
         url = f'https://{env.authority_for(env.domain1, proto)}/curltest/echo?id=[0-0]'
@@ -519,12 +431,8 @@ class TestUpload:
     # than our default upload buffer length (64KB).
     # Unfixed, this will fail when run with CURL_DBG_SOCK_WBLOCK=80 most
     # of the time
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_07_41_post_urlenc_small(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         if proto == 'h3' and env.curl_uses_lib('quiche'):
             pytest.skip("quiche has CWND issues with large requests")
         fdata = os.path.join(env.gen_dir, 'data-63k')
@@ -554,12 +462,8 @@ class TestUpload:
 
     # upload data, pause, let connection die with an incomplete response
     # issues #11769 #13260
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_07_42a_upload_disconnect(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         client = LocalClient(name='cli_upload_pausing', env=env, timeout=60)
         if not client.exists():
             pytest.skip(f'example client not built: {client.name}')
@@ -576,12 +480,8 @@ class TestUpload:
             r.check_exit_code(18)  # will fail as it should
 
     # upload data, pause, let connection die without any response at all
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_07_42b_upload_disconnect(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         client = LocalClient(name='cli_upload_pausing', env=env, timeout=60)
         if not client.exists():
             pytest.skip(f'example client not built: {client.name}')
@@ -593,12 +493,8 @@ class TestUpload:
         r.check_exit_code(exp_code)  # GOT_NOTHING
 
     # upload data, pause, let connection die after 100 continue
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_07_42c_upload_disconnect(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         client = LocalClient(name='cli_upload_pausing', env=env, timeout=60)
         if not client.exists():
             pytest.skip(f'example client not built: {client.name}')
@@ -609,12 +505,8 @@ class TestUpload:
             exp_code = 0  # we get a 500 from the server
         r.check_exit_code(exp_code)  # GOT_NOTHING
 
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_07_43_upload_denied(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         if proto == 'h3' and env.curl_uses_ossl_quic():
             pytest.skip("openssl-quic is flaky in filed PUTs")
         fdata = os.path.join(env.gen_dir, 'data-10m')
@@ -627,13 +519,9 @@ class TestUpload:
                           extra_args=['--trace-config', 'all'])
         r.check_stats(count=count, http_status=413, exitcode=0)
 
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     @pytest.mark.parametrize("httpcode", [301, 302, 307, 308])
     def test_07_44_put_redir(self, env: Env, httpd, nghttpx, proto, httpcode):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 1
         upload_size = 128*1024
         url = f'https://localhost:{env.https_port}/curltest/put-redir-{httpcode}'
@@ -654,12 +542,8 @@ class TestUpload:
             assert httpcodes[0] == httpcode, f'{r}'
 
     # speed limited on put handler
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_07_50_put_speed_limit(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 1
         fdata = os.path.join(env.gen_dir, 'data-100k')
         up_len = 100 * 1024
@@ -676,12 +560,8 @@ class TestUpload:
         assert (speed_limit * 0.5) <= up_speed <= (speed_limit * 1.5), f'{r.stats[0]}'
 
     # speed limited on echo handler
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_07_51_echo_speed_limit(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 1
         fdata = os.path.join(env.gen_dir, 'data-100k')
         speed_limit = 50 * 1024
diff --git a/tests/http/test_08_caddy.py b/tests/http/test_08_caddy.py
index afacee5917..9229ce1f22 100644
--- a/tests/http/test_08_caddy.py
+++ b/tests/http/test_08_caddy.py
@@ -68,24 +68,16 @@ class TestCaddy:
         env.make_data_file(indir=env.gen_dir, fname="data-10m", fsize=10*1024*1024)
 
     # download 1 file
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_08_01_download_1(self, env: Env, caddy: Caddy, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3_curl():
-            pytest.skip("h3 not supported in curl")
         curl = CurlClient(env=env)
         url = f'https://{env.domain1}:{caddy.port}/data.json'
         r = curl.http_download(urls=[url], alpn_proto=proto)
         r.check_response(count=1, http_status=200)
 
     # download 1MB files sequentially
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_08_02_download_1mb_sequential(self, env: Env, caddy: Caddy, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3_curl():
-            pytest.skip("h3 not supported in curl")
         count = 50
         curl = CurlClient(env=env)
         urln = f'https://{env.domain1}:{caddy.port}/data1.data?[0-{count-1}]'
@@ -93,12 +85,8 @@ class TestCaddy:
         r.check_response(count=count, http_status=200, connect_count=1)
 
     # download 1MB files parallel
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_08_03_download_1mb_parallel(self, env: Env, caddy: Caddy, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3_curl():
-            pytest.skip("h3 not supported in curl")
         count = 20
         curl = CurlClient(env=env)
         urln = f'https://{env.domain1}:{caddy.port}/data1.data?[0-{count-1}]'
@@ -114,12 +102,8 @@ class TestCaddy:
 
     # download 5MB files sequentially
     @pytest.mark.skipif(condition=Env().slow_network, reason="not suitable for slow network tests")
-    @pytest.mark.parametrize("proto", ['h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_mplx_protos())
     def test_08_04a_download_10mb_sequential(self, env: Env, caddy: Caddy, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3_curl():
-            pytest.skip("h3 not supported in curl")
         count = 40
         curl = CurlClient(env=env)
         urln = f'https://{env.domain1}:{caddy.port}/data5.data?[0-{count-1}]'
@@ -128,12 +112,8 @@ class TestCaddy:
 
     # download 10MB files sequentially
     @pytest.mark.skipif(condition=Env().slow_network, reason="not suitable for slow network tests")
-    @pytest.mark.parametrize("proto", ['h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_mplx_protos())
     def test_08_04b_download_10mb_sequential(self, env: Env, caddy: Caddy, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3_curl():
-            pytest.skip("h3 not supported in curl")
         count = 20
         curl = CurlClient(env=env)
         urln = f'https://{env.domain1}:{caddy.port}/data10.data?[0-{count-1}]'
@@ -142,12 +122,8 @@ class TestCaddy:
 
     # download 10MB files parallel
     @pytest.mark.skipif(condition=Env().slow_network, reason="not suitable for slow network tests")
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_08_05_download_1mb_parallel(self, env: Env, caddy: Caddy, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3_curl():
-            pytest.skip("h3 not supported in curl")
         if proto == 'http/1.1' and env.curl_uses_lib('mbedtls'):
             pytest.skip("mbedtls 3.6.0 fails on 50 connections with: "
                         "ssl_handshake returned: (-0x7F00) SSL - Memory allocation failed")
@@ -165,12 +141,8 @@ class TestCaddy:
             assert r.total_connects == 1, r.dump_logs()
 
     # post data parallel, check that they were echoed
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_08_06_post_parallel(self, env: Env, httpd, caddy, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         # limit since we use a separate connection in h1
         count = 20
         data = '0123456789'
@@ -184,12 +156,8 @@ class TestCaddy:
             assert respdata == [data]
 
     # put large file, check that they length were echoed
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_08_07_put_large(self, env: Env, httpd, caddy, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         # limit since we use a separate connection in h1<
         count = 1
         fdata = os.path.join(env.gen_dir, 'data-10m')
@@ -202,15 +170,12 @@ class TestCaddy:
             respdata = open(curl.response_file(i)).readlines()
             assert respdata == exp_data
 
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_08_08_earlydata(self, env: Env, httpd, caddy, proto):
         if not env.curl_can_early_data():
             pytest.skip('TLS earlydata not implemented')
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and \
-           (not env.have_h3() or not env.curl_can_h3_early_data()):
-            pytest.skip("h3 not supported")
+        if proto == 'h3' and not env.curl_can_h3_early_data():
+            pytest.skip("h3 early data not supported")
         count = 2
         docname = 'data10k.data'
         url = f'https://{env.domain1}:{caddy.port}/{docname}'
diff --git a/tests/http/test_09_push.py b/tests/http/test_09_push.py
index ea73bbc7e5..35425d11b7 100644
--- a/tests/http/test_09_push.py
+++ b/tests/http/test_09_push.py
@@ -60,9 +60,8 @@ class TestPush:
         httpd.reload_if_config_changed()
 
     # download a file that triggers a "103 Early Hints" response
+    @pytest.mark.skipif(condition=not Env.have_h2_curl(), reason="curl without h2")
     def test_09_01_h2_early_hints(self, env: Env, httpd, configures_httpd):
-        if not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         self.httpd_configure(env, httpd)
         curl = CurlClient(env=env)
         url = f'https://{env.domain1}:{env.https_port}/push/data1'
@@ -74,9 +73,8 @@ class TestPush:
         assert 'link' in r.responses[0]['header'], f'{r.responses[0]}'
         assert r.responses[0]['header']['link'] == '; rel=preload', f'{r.responses[0]}'
 
+    @pytest.mark.skipif(condition=not Env.have_h2_curl(), reason="curl without h2")
     def test_09_02_h2_push(self, env: Env, httpd, configures_httpd):
-        if not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         self.httpd_configure(env, httpd)
         # use localhost as we do not have resolve support in local client
         url = f'https://localhost:{env.https_port}/push/data1'
diff --git a/tests/http/test_10_proxy.py b/tests/http/test_10_proxy.py
index aa4e43a380..13993b2b52 100644
--- a/tests/http/test_10_proxy.py
+++ b/tests/http/test_10_proxy.py
@@ -71,10 +71,8 @@ class TestProxy:
     # download via https: proxy (no tunnel)
     @pytest.mark.skipif(condition=not Env.curl_has_feature('HTTPS-proxy'),
                         reason='curl lacks HTTPS-proxy support')
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
+    @pytest.mark.parametrize("proto", Env.http_h1_h2_protos())
     def test_10_02_proxys_down(self, env: Env, httpd, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         if proto == 'h2' and not env.curl_uses_lib('nghttp2'):
             pytest.skip('only supported with nghttp2')
         curl = CurlClient(env=env)
@@ -87,7 +85,7 @@ class TestProxy:
 
     # upload via https: with proto (no tunnel)
     @pytest.mark.skipif(condition=not Env.have_ssl_curl(), reason="curl without SSL")
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
+    @pytest.mark.parametrize("proto", Env.http_h1_h2_protos())
     @pytest.mark.parametrize("fname, fcount", [
         ['data.json', 5],
         ['data-100k', 5],
@@ -97,8 +95,6 @@ class TestProxy:
                         reason="no nghttpx available")
     def test_10_02_proxys_up(self, env: Env, httpd, nghttpx, proto,
                              fname, fcount):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         if proto == 'h2' and not env.curl_uses_lib('nghttp2'):
             pytest.skip('only supported with nghttp2')
         count = fcount
@@ -137,11 +133,9 @@ class TestProxy:
         r.check_response(count=1, http_status=200)
 
     # download https: with proto via http: proxytunnel
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
+    @pytest.mark.parametrize("proto", Env.http_h1_h2_protos())
     @pytest.mark.skipif(condition=not Env.have_ssl_curl(), reason="curl without SSL")
     def test_10_05_proxytunnel_http(self, env: Env, httpd, nghttpx_fwd, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         curl = CurlClient(env=env)
         url = f'https://localhost:{env.https_port}/data.json'
         xargs = curl.get_proxy_args(proxys=False, tunnel=True)
@@ -153,14 +147,12 @@ class TestProxy:
     # download https: with proto via https: proxytunnel
     @pytest.mark.skipif(condition=not Env.curl_has_feature('HTTPS-proxy'),
                         reason='curl lacks HTTPS-proxy support')
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
-    @pytest.mark.parametrize("tunnel", ['http/1.1', 'h2'])
+    @pytest.mark.parametrize("proto", Env.http_h1_h2_protos())
+    @pytest.mark.parametrize("tunnel", Env.http_h1_h2_protos())
     @pytest.mark.skipif(condition=not Env.have_nghttpx(), reason="no nghttpx available")
     @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug")
     @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings")
     def test_10_06_proxytunnel_https(self, env: Env, httpd, nghttpx_fwd, proto, tunnel):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         if tunnel == 'h2' and not env.curl_uses_lib('nghttp2'):
             pytest.skip('only supported with nghttp2')
         curl = CurlClient(env=env)
@@ -179,8 +171,8 @@ class TestProxy:
     @pytest.mark.skipif(condition=not Env.have_ssl_curl(), reason="curl without SSL")
     @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug")
     @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings")
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
-    @pytest.mark.parametrize("tunnel", ['http/1.1', 'h2'])
+    @pytest.mark.parametrize("proto", Env.http_h1_h2_protos())
+    @pytest.mark.parametrize("tunnel", Env.http_h1_h2_protos())
     @pytest.mark.parametrize("fname, fcount", [
         ['data.json', 100],
         ['data-100k', 20],
@@ -189,8 +181,6 @@ class TestProxy:
     @pytest.mark.skipif(condition=not Env.have_nghttpx(), reason="no nghttpx available")
     def test_10_07_pts_down_small(self, env: Env, httpd, nghttpx_fwd, proto,
                                   tunnel, fname, fcount):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         if tunnel == 'h2' and not env.curl_uses_lib('nghttp2'):
             pytest.skip('only supported with nghttp2')
         if env.curl_uses_lib('mbedtls') and \
@@ -213,8 +203,8 @@ class TestProxy:
 
     # upload many https: with proto via https: proxytunnel
     @pytest.mark.skipif(condition=not Env.have_ssl_curl(), reason="curl without SSL")
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
-    @pytest.mark.parametrize("tunnel", ['http/1.1', 'h2'])
+    @pytest.mark.parametrize("proto", Env.http_h1_h2_protos())
+    @pytest.mark.parametrize("tunnel", Env.http_h1_h2_protos())
     @pytest.mark.parametrize("fname, fcount", [
         ['data.json', 50],
         ['data-100k', 20],
@@ -225,8 +215,6 @@ class TestProxy:
     @pytest.mark.skipif(condition=not Env.have_nghttpx(), reason="no nghttpx available")
     def test_10_08_upload_seq_large(self, env: Env, httpd, nghttpx, proto,
                                     tunnel, fname, fcount):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         if tunnel == 'h2' and not env.curl_uses_lib('nghttp2'):
             pytest.skip('only supported with nghttp2')
         if env.curl_uses_lib('mbedtls') and \
@@ -248,13 +236,11 @@ class TestProxy:
             assert respdata == indata, f'response {i} differs'
 
     @pytest.mark.skipif(condition=not Env.have_ssl_curl(), reason="curl without SSL")
-    @pytest.mark.parametrize("tunnel", ['http/1.1', 'h2'])
+    @pytest.mark.parametrize("tunnel", Env.http_h1_h2_protos())
     @pytest.mark.skipif(condition=not Env.have_nghttpx(), reason="no nghttpx available")
     @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug")
     @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings")
     def test_10_09_reuse_server(self, env: Env, httpd, nghttpx_fwd, tunnel):
-        if tunnel == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         if tunnel == 'h2' and not env.curl_uses_lib('nghttp2'):
             pytest.skip('only supported with nghttp2')
         curl = CurlClient(env=env)
@@ -274,14 +260,12 @@ class TestProxy:
             assert r.total_connects == 2
 
     @pytest.mark.skipif(condition=not Env.have_ssl_curl(), reason="curl without SSL")
-    @pytest.mark.parametrize("tunnel", ['http/1.1', 'h2'])
+    @pytest.mark.parametrize("tunnel", Env.http_h1_h2_protos())
     @pytest.mark.skipif(condition=not Env.have_nghttpx(), reason="no nghttpx available")
     @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug")
     @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings")
     def test_10_10_reuse_proxy(self, env: Env, httpd, nghttpx_fwd, tunnel):
         # url twice via https: proxy separated with '--next', will reuse
-        if tunnel == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         if tunnel == 'h2' and not env.curl_uses_lib('nghttp2'):
             pytest.skip('only supported with nghttp2')
         if env.curl_uses_lib('mbedtls') and \
@@ -304,15 +288,13 @@ class TestProxy:
         assert r2.total_connects == 1
 
     @pytest.mark.skipif(condition=not Env.have_ssl_curl(), reason="curl without SSL")
-    @pytest.mark.parametrize("tunnel", ['http/1.1', 'h2'])
+    @pytest.mark.parametrize("tunnel", Env.http_h1_h2_protos())
     @pytest.mark.skipif(condition=not Env.have_nghttpx(), reason="no nghttpx available")
     @pytest.mark.skipif(condition=not Env.curl_uses_lib('openssl'), reason="tls13-ciphers not supported")
     @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug")
     @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings")
     def test_10_11_noreuse_proxy_https(self, env: Env, httpd, nghttpx_fwd, tunnel):
         # different --proxy-tls13-ciphers, no reuse of connection for https:
-        if tunnel == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         curl = CurlClient(env=env)
         if tunnel == 'h2' and not env.curl_uses_lib('nghttp2'):
             pytest.skip('only supported with nghttp2')
@@ -333,15 +315,13 @@ class TestProxy:
         assert r2.total_connects == 2
 
     @pytest.mark.skipif(condition=not Env.have_ssl_curl(), reason="curl without SSL")
-    @pytest.mark.parametrize("tunnel", ['http/1.1', 'h2'])
+    @pytest.mark.parametrize("tunnel", Env.http_h1_h2_protos())
     @pytest.mark.skipif(condition=not Env.have_nghttpx(), reason="no nghttpx available")
     @pytest.mark.skipif(condition=not Env.curl_uses_lib('openssl'), reason="tls13-ciphers not supported")
     @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug")
     @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings")
     def test_10_12_noreuse_proxy_http(self, env: Env, httpd, nghttpx_fwd, tunnel):
         # different --proxy-tls13-ciphers, no reuse of connection for http:
-        if tunnel == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         if tunnel == 'h2' and not env.curl_uses_lib('nghttp2'):
             pytest.skip('only supported with nghttp2')
         curl = CurlClient(env=env)
@@ -362,15 +342,13 @@ class TestProxy:
         assert r2.total_connects == 2
 
     @pytest.mark.skipif(condition=not Env.have_ssl_curl(), reason="curl without SSL")
-    @pytest.mark.parametrize("tunnel", ['http/1.1', 'h2'])
+    @pytest.mark.parametrize("tunnel", Env.http_h1_h2_protos())
     @pytest.mark.skipif(condition=not Env.have_nghttpx(), reason="no nghttpx available")
     @pytest.mark.skipif(condition=not Env.curl_uses_lib('openssl'), reason="tls13-ciphers not supported")
     @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug")
     @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings")
     def test_10_13_noreuse_https(self, env: Env, httpd, nghttpx_fwd, tunnel):
         # different --tls13-ciphers on https: same proxy config
-        if tunnel == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         if tunnel == 'h2' and not env.curl_uses_lib('nghttp2'):
             pytest.skip('only supported with nghttp2')
         curl = CurlClient(env=env)
@@ -393,10 +371,8 @@ class TestProxy:
     # download via https: proxy (no tunnel) using IP address
     @pytest.mark.skipif(condition=not Env.curl_has_feature('HTTPS-proxy'),
                         reason='curl lacks HTTPS-proxy support')
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
+    @pytest.mark.parametrize("proto", Env.http_h1_h2_protos())
     def test_10_14_proxys_ip_addr(self, env: Env, httpd, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         if proto == 'h2' and not env.curl_uses_lib('nghttp2'):
             pytest.skip('only supported with nghttp2')
         curl = CurlClient(env=env)
diff --git a/tests/http/test_13_proxy_auth.py b/tests/http/test_13_proxy_auth.py
index 6576bdba1a..080adef187 100644
--- a/tests/http/test_13_proxy_auth.py
+++ b/tests/http/test_13_proxy_auth.py
@@ -121,11 +121,9 @@ class TestProxyAuth:
                         reason='curl lacks HTTPS-proxy support')
     @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug")
     @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings")
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
-    @pytest.mark.parametrize("tunnel", ['http/1.1', 'h2'])
+    @pytest.mark.parametrize("proto", Env.http_h1_h2_protos())
+    @pytest.mark.parametrize("tunnel", Env.http_h1_h2_protos())
     def test_13_07_tunnels_no_auth(self, env: Env, httpd, configures_httpd, nghttpx_fwd, proto, tunnel):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         self.httpd_configure(env, httpd)
         if tunnel == 'h2' and not env.curl_uses_lib('nghttp2'):
             pytest.skip('only supported with nghttp2')
@@ -143,11 +141,9 @@ class TestProxyAuth:
                         reason='curl lacks HTTPS-proxy support')
     @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug")
     @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings")
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
-    @pytest.mark.parametrize("tunnel", ['http/1.1', 'h2'])
+    @pytest.mark.parametrize("proto", Env.http_h1_h2_protos())
+    @pytest.mark.parametrize("tunnel", Env.http_h1_h2_protos())
     def test_13_08_tunnels_auth(self, env: Env, httpd, configures_httpd, nghttpx_fwd, proto, tunnel):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         self.httpd_configure(env, httpd)
         if tunnel == 'h2' and not env.curl_uses_lib('nghttp2'):
             pytest.skip('only supported with nghttp2')
diff --git a/tests/http/test_14_auth.py b/tests/http/test_14_auth.py
index 3e15b22447..0187c76a6a 100644
--- a/tests/http/test_14_auth.py
+++ b/tests/http/test_14_auth.py
@@ -41,26 +41,18 @@ class TestAuth:
         env.make_data_file(indir=env.gen_dir, fname="data-10m", fsize=10*1024*1024)
 
     # download 1 file, not authenticated
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_14_01_digest_get_noauth(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
         url = f'https://{env.authority_for(env.domain1, proto)}/restricted/digest/data.json'
         r = curl.http_download(urls=[url], alpn_proto=proto)
         r.check_response(http_status=401)
 
     # download 1 file, authenticated
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_14_02_digest_get_auth(self, env: Env, httpd, nghttpx, proto):
         if not env.curl_has_feature('digest'):
             pytest.skip("curl built without digest")
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
         url = f'https://{env.authority_for(env.domain1, proto)}/restricted/digest/data.json'
         r = curl.http_download(urls=[url], alpn_proto=proto, extra_args=[
@@ -69,14 +61,10 @@ class TestAuth:
         r.check_response(http_status=200)
 
     # PUT data, authenticated
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_14_03_digest_put_auth(self, env: Env, httpd, nghttpx, proto):
         if not env.curl_has_feature('digest'):
             pytest.skip("curl built without digest")
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         if proto == 'h3' and env.curl_uses_ossl_quic():
             pytest.skip("openssl-quic is flaky in retrying POST")
         data='0123456789'
@@ -88,14 +76,10 @@ class TestAuth:
         r.check_response(http_status=200)
 
     # PUT data, digest auth large pw
-    @pytest.mark.parametrize("proto", ['h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_mplx_protos())
     def test_14_04_digest_large_pw(self, env: Env, httpd, nghttpx, proto):
         if not env.curl_has_feature('digest'):
             pytest.skip("curl built without digest")
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         data='0123456789'
         password = 'x' * 65535
         curl = CurlClient(env=env)
@@ -109,12 +93,8 @@ class TestAuth:
         r.check_response(http_status=401)
 
     # PUT data, basic auth large pw
-    @pytest.mark.parametrize("proto", ['h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_mplx_protos())
     def test_14_05_basic_large_pw(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         if proto == 'h3' and not env.curl_uses_lib('ngtcp2'):
             # See 
             pytest.skip("quiche/openssl-quic have problems with large requests")
@@ -131,12 +111,8 @@ class TestAuth:
         r.check_response(http_status=431)
 
     # PUT data, basic auth with very large pw
-    @pytest.mark.parametrize("proto", ['h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_mplx_protos())
     def test_14_06_basic_very_large_pw(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         if proto == 'h3' and env.curl_uses_lib('quiche'):
             # See 
             pytest.skip("quiche has problems with large requests")
diff --git a/tests/http/test_16_info.py b/tests/http/test_16_info.py
index 017f799881..4e0d1ed5b1 100644
--- a/tests/http/test_16_info.py
+++ b/tests/http/test_16_info.py
@@ -45,12 +45,8 @@ class TestInfo:
         env.make_data_file(indir=env.gen_dir, fname="data-100k", fsize=100*1024)
 
     # download plain file
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_16_01_info_download(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 2
         curl = CurlClient(env=env)
         url = f'https://{env.authority_for(env.domain1, proto)}/data.json?[0-{count-1}]'
@@ -62,12 +58,8 @@ class TestInfo:
             self.check_stat(idx, s, r, dl_size=30, ul_size=0)
 
     # download plain file with a 302 redirect
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_16_02_info_302_download(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 2
         curl = CurlClient(env=env)
         url = f'https://{env.authority_for(env.domain1, proto)}/data.json.302?[0-{count-1}]'
@@ -80,12 +72,8 @@ class TestInfo:
         for idx, s in enumerate(r.stats):
             self.check_stat(idx, s, r, dl_size=30, ul_size=0)
 
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_16_03_info_upload(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 2
         fdata = os.path.join(env.gen_dir, 'data-100k')
         fsize = 100 * 1024
diff --git a/tests/http/test_17_ssl_use.py b/tests/http/test_17_ssl_use.py
index 49a20c6994..427ca70fdd 100644
--- a/tests/http/test_17_ssl_use.py
+++ b/tests/http/test_17_ssl_use.py
@@ -116,12 +116,8 @@ class TestSSLUse:
                 assert djson['SSL_SESSION_RESUMED'] == exp_resumed, f'{i}: {djson}\n{r.dump_logs()}'
 
     # use host name with trailing dot, verify handshake
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_17_03_trailing_dot(self, env: Env, proto, httpd, nghttpx):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
         domain = f'{env.domain1}.'
         url = f'https://{env.authority_for(domain, proto)}/curltest/sslinfo'
@@ -133,12 +129,8 @@ class TestSSLUse:
             assert r.json['SSL_TLS_SNI'] == env.domain1, f'{r.json}'
 
     # use host name with double trailing dot, verify handshake
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_17_04_double_dot(self, env: Env, proto, httpd, nghttpx):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
         domain = f'{env.domain1}..'
         url = f'https://{env.authority_for(domain, proto)}/curltest/sslinfo'
@@ -157,14 +149,10 @@ class TestSSLUse:
         assert r.exit_code in [7, 35, 60], f'{r}'
 
     # use ip address for connect
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_17_05_good_ip_addr(self, env: Env, proto, httpd, nghttpx):
         if env.curl_uses_lib('mbedtls'):
             pytest.skip("mbedTLS does use IP addresses in SNI")
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
         domain = '127.0.0.1'
         url = f'https://{env.authority_for(domain, proto)}/curltest/sslinfo'
@@ -176,14 +164,10 @@ class TestSSLUse:
             assert 'SSL_TLS_SNI' not in r.json, f'{r.json}'
 
     # use IP address that is not in cert
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_17_05_bad_ip_addr(self, env: Env, proto,
                                httpd, configures_httpd,
                                nghttpx, configures_nghttpx):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         httpd.set_domain1_cred_name('domain1-no-ip')
         httpd.reload_if_config_changed()
         if proto == 'h3':
@@ -195,14 +179,10 @@ class TestSSLUse:
         assert r.exit_code == 60, f'{r}'
 
     # use IP address that is in cert as DNS name (not really legal)
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_17_05_very_bad_ip_addr(self, env: Env, proto,
                                     httpd, configures_httpd,
                                     nghttpx, configures_nghttpx):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         if env.curl_uses_lib('mbedtls'):
             pytest.skip("mbedtls falsely verifies a DNS: altname as IP address")
         if env.curl_uses_lib('wolfssl') and \
@@ -219,12 +199,8 @@ class TestSSLUse:
         assert r.exit_code == 60, f'{r}'
 
     # use localhost for connect
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_17_06_localhost(self, env: Env, proto, httpd, nghttpx):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
         domain = 'localhost'
         url = f'https://{env.authority_for(domain, proto)}/curltest/sslinfo'
@@ -310,12 +286,8 @@ class TestSSLUse:
         else:
             assert r.exit_code != 0, r.dump_logs()
 
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_17_08_cert_status(self, env: Env, proto, httpd, nghttpx):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         if not env.curl_uses_lib('openssl') and \
            not env.curl_uses_lib('gnutls') and \
            not env.curl_uses_lib('quictls'):
@@ -433,12 +405,8 @@ class TestSSLUse:
         assert reused_session, f'{r}\n{r.dump_logs()}'
 
     # use host name server has no certificate for
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_17_11_wrong_host(self, env: Env, proto, httpd, nghttpx):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
         domain = f'insecure.{env.tld}'
         url = f'https://{domain}:{env.port_for(proto)}/curltest/sslinfo'
@@ -446,12 +414,8 @@ class TestSSLUse:
         assert r.exit_code == 60, f'{r}'
 
     # use host name server has no cert for with --insecure
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_17_12_insecure(self, env: Env, proto, httpd, nghttpx):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         curl = CurlClient(env=env)
         domain = f'insecure.{env.tld}'
         url = f'https://{domain}:{env.port_for(proto)}/curltest/sslinfo'
@@ -462,10 +426,8 @@ class TestSSLUse:
         assert r.json, f'{r}'
 
     # connect to an expired certificate
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
+    @pytest.mark.parametrize("proto", Env.http_h1_h2_protos())
     def test_17_14_expired_cert(self, env: Env, proto, httpd):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         curl = CurlClient(env=env)
         url = f'https://{env.expired_domain}:{env.port_for(proto)}/'
         r = curl.http_get(url=url, alpn_proto=proto)
@@ -588,12 +550,8 @@ class TestSSLUse:
         else:
             assert r.exit_code != 0, r.dump_logs()
 
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
-    def test_17_19_wrong_pin(self, env: Env, proto, httpd):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
+    @pytest.mark.parametrize("proto", Env.http_protos())
+    def test_17_19_wrong_pin(self, env: Env, proto, httpd, nghttpx):
         if env.curl_uses_lib('rustls-ffi'):
             pytest.skip('TLS backend ignores --pinnedpubkey')
         curl = CurlClient(env=env)
@@ -604,12 +562,8 @@ class TestSSLUse:
         # expect NOT_IMPLEMENTED or CURLE_SSL_PINNEDPUBKEYNOTMATCH
         assert r.exit_code in [2, 90], f'{r.dump_logs()}'
 
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
-    def test_17_20_correct_pin(self, env: Env, proto, httpd):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
+    @pytest.mark.parametrize("proto", Env.http_protos())
+    def test_17_20_correct_pin(self, env: Env, proto, httpd, nghttpx):
         curl = CurlClient(env=env)
         creds = env.get_credentials(env.domain1)
         assert creds
diff --git a/tests/http/test_18_methods.py b/tests/http/test_18_methods.py
index 10f4867c15..d693b67e89 100644
--- a/tests/http/test_18_methods.py
+++ b/tests/http/test_18_methods.py
@@ -43,12 +43,8 @@ class TestMethods:
         env.make_data_file(indir=indir, fname="data-1m", fsize=1024*1024)
 
     # download 1 file
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_18_01_delete(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 1
         curl = CurlClient(env=env)
         url = f'https://{env.authority_for(env.domain1, proto)}/curltest/tweak?id=[0-{count-1}]'
@@ -59,10 +55,9 @@ class TestMethods:
     # - HEADER frame with 204 and eos=0
     # - 10ms later DATA frame length=0 and eos=1
     # should be accepted
+    @pytest.mark.skipif(condition=not Env.have_h2_curl(), reason="curl without h2")
     def test_18_02_delete_h2_special(self, env: Env, httpd, nghttpx):
         proto = 'h2'
-        if not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         count = 1
         curl = CurlClient(env=env)
         url = f'https://{env.authority_for(env.domain1, proto)}/curltest/tweak?id=[0-{count-1}]'\
diff --git a/tests/http/test_19_shutdown.py b/tests/http/test_19_shutdown.py
index 7bbc035f28..efa7657fe9 100644
--- a/tests/http/test_19_shutdown.py
+++ b/tests/http/test_19_shutdown.py
@@ -66,10 +66,8 @@ class TestShutdown:
 
     # check with `tcpdump` that we do NOT see TCP RST when CURL_GRACEFUL_SHUTDOWN set
     @pytest.mark.skipif(condition=not Env.tcpdump(), reason="tcpdump not available")
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
+    @pytest.mark.parametrize("proto", Env.http_h1_h2_protos())
     def test_19_02_check_shutdown(self, env: Env, httpd, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         if not env.curl_is_debug():
             pytest.skip('only works for curl debug builds')
         run_env = os.environ.copy()
@@ -164,12 +162,8 @@ class TestShutdown:
         assert len(removes) == count, f'{removes}'
 
     # check graceful shutdown on multiplexed http
-    @pytest.mark.parametrize("proto", ['h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_mplx_protos())
     def test_19_06_check_shutdown(self, env: Env, httpd, nghttpx, proto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         if not env.curl_is_debug():
             pytest.skip('only works for curl debug builds')
         if not env.curl_is_verbose():
diff --git a/tests/http/test_40_socks.py b/tests/http/test_40_socks.py
index 2dd61cc2ec..8c6a81f4f6 100644
--- a/tests/http/test_40_socks.py
+++ b/tests/http/test_40_socks.py
@@ -61,12 +61,8 @@ class TestSocks:
         r.check_response(http_status=200)
 
     @pytest.mark.parametrize("sproto", ['socks4', 'socks5'])
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_40_02_socks_https(self, env: Env, sproto, proto, danted: Dante, httpd):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         curl = CurlClient(env=env, socks_args=[
             f'--{sproto}', f'127.0.0.1:{danted.port}'
         ])
@@ -78,10 +74,8 @@ class TestSocks:
             r.check_response(http_status=200)
 
     @pytest.mark.parametrize("sproto", ['socks4', 'socks5'])
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
+    @pytest.mark.parametrize("proto", Env.http_h1_h2_protos())
     def test_40_03_dl_serial(self, env: Env, httpd, danted, proto, sproto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         count = 3
         urln = f'https://{env.authority_for(env.domain1, proto)}/data-10m?[0-{count-1}]'
         curl = CurlClient(env=env, socks_args=[
@@ -91,10 +85,8 @@ class TestSocks:
         r.check_response(count=count, http_status=200)
 
     @pytest.mark.parametrize("sproto", ['socks4', 'socks5'])
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h2'])
+    @pytest.mark.parametrize("proto", Env.http_h1_h2_protos())
     def test_40_04_ul_serial(self, env: Env, httpd, danted, proto, sproto):
-        if proto == 'h2' and not env.have_h2_curl():
-            pytest.skip("h2 not supported")
         fdata = os.path.join(env.gen_dir, 'data-10m')
         count = 2
         curl = CurlClient(env=env, socks_args=[
diff --git a/tests/http/testenv/env.py b/tests/http/testenv/env.py
index 31db104994..5e6bcfc687 100644
--- a/tests/http/testenv/env.py
+++ b/tests/http/testenv/env.py
@@ -506,6 +506,36 @@ class Env:
         return Env.curl_can_early_data() and \
             Env.curl_uses_lib('ngtcp2')
 
+    @staticmethod
+    def http_protos() -> List[str]:
+        # http protocols we can test
+        if Env.have_h2_curl():
+            if Env.have_h3():
+                return ['http/1.1', 'h2', 'h3']
+            else:
+                return ['http/1.1', 'h2']
+        else:
+            return ['http/1.1']
+
+    @staticmethod
+    def http_h1_h2_protos() -> List[str]:
+        # http 1+2 protocols we can test
+        if Env.have_h2_curl():
+            return ['http/1.1', 'h2']
+        else:
+            return ['http/1.1']
+
+    @staticmethod
+    def http_mplx_protos() -> List[str]:
+        # http multiplexing protocols we can test
+        if Env.have_h2_curl():
+            if Env.have_h3():
+                return ['h2', 'h3']
+            else:
+                return ['h2']
+        else:
+            return []
+
     @staticmethod
     def have_h3() -> bool:
         return Env.have_h3_curl() and Env.have_h3_server()
@@ -560,7 +590,8 @@ class Env:
 
     def issue_certs(self):
         if self._ca is None:
-            ca_dir = os.path.join(self.CONFIG.gen_root, 'ca')
+            # ca_dir = os.path.join(self.CONFIG.gen_root, 'ca')
+            ca_dir = os.path.join(self.gen_dir, 'ca')
             os.makedirs(ca_dir, exist_ok=True)
             lock_file = os.path.join(ca_dir, 'ca.lock')
             with FileLock(lock_file):

From f2460e2cb5a017e7e441d5e968b94d9c3e2ba9d1 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sun, 16 Nov 2025 23:54:54 +0100
Subject: [PATCH 0878/2408] RELEASE-NOTES: update upcoming removals

Also add a missed commit (noticed by accident)

Closes #19558
---
 RELEASE-NOTES | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 4bfa8d81d5..e24762bafd 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -56,6 +56,7 @@ This release includes the following bugfixes:
  o lib: eliminate size_t casts [112]
  o lib: fix gssapi.h include on IBMi [55]
  o lib: refactor the type of funcs which have useless return and checks [1]
+ o libtests: replace `atoi()` with `curlx_str_number()` [120]
  o libssh2: cleanup ssh_force_knownhost_key_type [64]
  o libssh2: replace atoi() in ssh_force_knownhost_key_type [63]
  o limit-rate: add example using --limit-rate and --max-time together [89]
@@ -124,9 +125,9 @@ For all changes ever done in curl:
 
 Planned upcoming removals include:
 
- o Builds using VS2008
  o OpenSSL-QUIC
  o Support for c-ares versions before 1.16.0
+ o Support for Windows XP/2003
 
  See https://curl.se/dev/deprecate.html
 
@@ -243,3 +244,4 @@ References to bug reports and discussions on issues:
  [112] = https://curl.se/bug/?i=19495
  [118] = https://curl.se/bug/?i=19493
  [119] = https://curl.se/bug/?i=19483
+ [120] = https://curl.se/bug/?i=19506

From f0de14168a4d1c3a4ed43a04af92c5755c84b9fc Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 17 Nov 2025 01:16:07 +0100
Subject: [PATCH 0879/2408] cf-socket: limit use of `TCP_KEEP*` to Windows
 10.0.16299+ at runtime

Before this patch `TCP_KEEP*` socket options were unconditionally used
if the build-time SDK supported them. This caused curl logging errors
(or trace messages since #19527) on Windows versions missing support
for them. After this patch, use them only when the runtime environment
supports it and fall back to the alternate method (`SIO_KEEPALIVE_VALS`)
dynamically.

Also:
- log a trace message when using the Win10 method.
- document which SDK versions offer `TCP_KEEP*` macros.

Ref: https://learn.microsoft.com/windows/win32/winsock/ipproto-tcp-socket-options
Ref: https://learn.microsoft.com/windows/win32/winsock/sio-keepalive-vals

Reported-by: Aleksandr Sergeev
Fixes #19520
Follow-up to dc34498d18d3303d67364423b4aa0daab4afb3ba #19527
Closes #19559
---
 lib/cf-socket.c | 118 ++++++++++++++++++++++++------------------------
 1 file changed, 58 insertions(+), 60 deletions(-)

diff --git a/lib/cf-socket.c b/lib/cf-socket.c
index d1a99d3ece..8661647ba5 100644
--- a/lib/cf-socket.c
+++ b/lib/cf-socket.c
@@ -149,13 +149,7 @@ static void nosigpipe(struct Curl_cfilter *cf,
 #define nosigpipe(x,y,z) Curl_nop_stmt
 #endif
 
-#if defined(USE_WINSOCK) && \
-    defined(TCP_KEEPIDLE) && defined(TCP_KEEPINTVL) && defined(TCP_KEEPCNT)
-/*  Win 10, v 1709 (10.0.16299) and later can use SetSockOpt TCP_KEEP____
- *  so should use seconds */
-#define CURL_WINSOCK_KEEP_SSO
-#define KEEPALIVE_FACTOR(x)
-#elif defined(USE_WINSOCK) || \
+#if defined(USE_WINSOCK) || \
    (defined(__sun) && !defined(TCP_KEEPIDLE)) || \
    (defined(__DragonFly__) && __DragonFly_version < 500702) || \
    (defined(_WIN32) && !defined(TCP_KEEPIDLE))
@@ -166,17 +160,6 @@ static void nosigpipe(struct Curl_cfilter *cf,
 #define KEEPALIVE_FACTOR(x)
 #endif
 
-/* Offered by mingw-w64 and MS SDK. Latter only when targeting Win7+. */
-#if defined(USE_WINSOCK) && !defined(SIO_KEEPALIVE_VALS)
-#define SIO_KEEPALIVE_VALS    _WSAIOW(IOC_VENDOR,4)
-
-struct tcp_keepalive {
-  u_long onoff;
-  u_long keepalivetime;
-  u_long keepaliveinterval;
-};
-#endif
-
 static void
 tcpkeepalive(struct Curl_cfilter *cf,
              struct Curl_easy *data,
@@ -192,49 +175,64 @@ tcpkeepalive(struct Curl_cfilter *cf,
                 sockfd, SOCKERRNO);
   }
   else {
-#ifdef SIO_KEEPALIVE_VALS /* Windows */
-/* Windows 10, version 1709 (10.0.16299) and later versions */
-#ifdef CURL_WINSOCK_KEEP_SSO
-    optval = curlx_sltosi(data->set.tcp_keepidle);
-    KEEPALIVE_FACTOR(optval);
-    if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPIDLE,
-                (const char *)&optval, sizeof(optval)) < 0) {
-      CURL_TRC_CF(data, cf, "Failed to set TCP_KEEPIDLE on fd "
-                  "%" FMT_SOCKET_T ": errno %d",
-                  sockfd, SOCKERRNO);
-    }
-    optval = curlx_sltosi(data->set.tcp_keepintvl);
-    KEEPALIVE_FACTOR(optval);
-    if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPINTVL,
-                (const char *)&optval, sizeof(optval)) < 0) {
-      CURL_TRC_CF(data, cf, "Failed to set TCP_KEEPINTVL on fd "
-                  "%" FMT_SOCKET_T ": errno %d",
-                  sockfd, SOCKERRNO);
-    }
-    optval = curlx_sltosi(data->set.tcp_keepcnt);
-    if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPCNT,
-                (const char *)&optval, sizeof(optval)) < 0) {
-      CURL_TRC_CF(data, cf, "Failed to set TCP_KEEPCNT on fd "
-                  "%" FMT_SOCKET_T ": errno %d",
-                  sockfd, SOCKERRNO);
-    }
-#else /* Windows < 10.0.16299 */
-    struct tcp_keepalive vals;
-    DWORD dummy;
-    vals.onoff = 1;
-    optval = curlx_sltosi(data->set.tcp_keepidle);
-    KEEPALIVE_FACTOR(optval);
-    vals.keepalivetime = (u_long)optval;
-    optval = curlx_sltosi(data->set.tcp_keepintvl);
-    KEEPALIVE_FACTOR(optval);
-    vals.keepaliveinterval = (u_long)optval;
-    if(WSAIoctl(sockfd, SIO_KEEPALIVE_VALS, (LPVOID) &vals, sizeof(vals),
-                NULL, 0, &dummy, NULL, NULL) != 0) {
-      CURL_TRC_CF(data, cf, "Failed to set SIO_KEEPALIVE_VALS on fd "
-                  "%" FMT_SOCKET_T ": errno %d", sockfd, SOCKERRNO);
+#ifdef USE_WINSOCK
+/* Offered by mingw-w64 v12+. MS SDK ~10+/~VS2017+. */
+#if defined(TCP_KEEPIDLE) && defined(TCP_KEEPINTVL) && defined(TCP_KEEPCNT)
+    /* Windows 10, version 1709 (10.0.16299) and later versions can use
+       setsockopt() TCP_KEEP*. Older versions return with failure. */
+    if(curlx_verify_windows_version(10, 0, 16299, PLATFORM_WINNT,
+                                    VERSION_GREATER_THAN_EQUAL)) {
+      CURL_TRC_CF(data, cf, "Set TCP_KEEP* on fd=%" FMT_SOCKET_T, sockfd);
+      optval = curlx_sltosi(data->set.tcp_keepidle);
+      if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPIDLE,
+                    (const char *)&optval, sizeof(optval)) < 0) {
+        CURL_TRC_CF(data, cf, "Failed to set TCP_KEEPIDLE on fd "
+                    "%" FMT_SOCKET_T ": errno %d",
+                    sockfd, SOCKERRNO);
+      }
+      optval = curlx_sltosi(data->set.tcp_keepintvl);
+      if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPINTVL,
+                    (const char *)&optval, sizeof(optval)) < 0) {
+        CURL_TRC_CF(data, cf, "Failed to set TCP_KEEPINTVL on fd "
+                    "%" FMT_SOCKET_T ": errno %d",
+                    sockfd, SOCKERRNO);
+      }
+      optval = curlx_sltosi(data->set.tcp_keepcnt);
+      if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPCNT,
+                    (const char *)&optval, sizeof(optval)) < 0) {
+        CURL_TRC_CF(data, cf, "Failed to set TCP_KEEPCNT on fd "
+                    "%" FMT_SOCKET_T ": errno %d",
+                    sockfd, SOCKERRNO);
+      }
     }
+    else
+#endif /* TCP_KEEPIDLE && TCP_KEEPINTVL && TCP_KEEPCNT */
+    {
+/* Offered by mingw-w64 and MS SDK. Latter only when targeting Win7+. */
+#ifndef SIO_KEEPALIVE_VALS
+#define SIO_KEEPALIVE_VALS  _WSAIOW(IOC_VENDOR,4)
+      struct tcp_keepalive {
+        u_long onoff;
+        u_long keepalivetime;
+        u_long keepaliveinterval;
+      };
 #endif
-#else /* !Windows */
+      struct tcp_keepalive vals;
+      DWORD dummy;
+      vals.onoff = 1;
+      optval = curlx_sltosi(data->set.tcp_keepidle);
+      KEEPALIVE_FACTOR(optval);
+      vals.keepalivetime = (u_long)optval;
+      optval = curlx_sltosi(data->set.tcp_keepintvl);
+      KEEPALIVE_FACTOR(optval);
+      vals.keepaliveinterval = (u_long)optval;
+      if(WSAIoctl(sockfd, SIO_KEEPALIVE_VALS, (LPVOID)&vals, sizeof(vals),
+                  NULL, 0, &dummy, NULL, NULL) != 0) {
+        CURL_TRC_CF(data, cf, "Failed to set SIO_KEEPALIVE_VALS on fd "
+                    "%" FMT_SOCKET_T ": errno %d", sockfd, SOCKERRNO);
+      }
+    }
+#else /* !USE_WINSOCK */
 #ifdef TCP_KEEPIDLE
     optval = curlx_sltosi(data->set.tcp_keepidle);
     KEEPALIVE_FACTOR(optval);
@@ -303,7 +301,7 @@ tcpkeepalive(struct Curl_cfilter *cf,
                   "%" FMT_SOCKET_T ": errno %d", sockfd, SOCKERRNO);
     }
 #endif
-#endif
+#endif /* USE_WINSOCK */
   }
 }
 

From a87383828e4534c17c282cc6498d45a0cadee1d2 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sat, 15 Nov 2025 00:27:38 +0100
Subject: [PATCH 0880/2408] badwords: fix issues found in tests

There remain some false positives, hits in test data, and `dir` use,
around 100 issues in total.

There is no plan to enforce badwords on tests.

Also:
- badwords.txt: let a few `manpage[s]` occurrences through
  (in Perl code).

Closes #19541
---
 .github/scripts/badwords.txt                  |   4 +-
 tests/Makefile.am                             |   8 +-
 tests/allversions.pm                          |   2 +-
 tests/certs/genserv.pl                        |   2 +-
 tests/certs/test-ca.prm                       |   2 +-
 tests/certs/test-client-cert.prm              |   2 +-
 tests/certs/test-client-eku-only.prm          |   2 +-
 tests/certs/test-localhost-san-first.prm      |   2 +-
 tests/certs/test-localhost-san-last.prm       |   2 +-
 tests/certs/test-localhost.nn.prm             |   2 +-
 tests/certs/test-localhost.prm                |   2 +-
 tests/certs/test-localhost0h.prm              |   2 +-
 tests/data/test1034                           |   4 +-
 tests/data/test1035                           |   2 +-
 tests/data/test1038                           |   4 +-
 tests/data/test1039                           |   4 +-
 tests/data/test1041                           |   2 +-
 tests/data/test1059                           |   2 +-
 tests/data/test1069                           |   2 +-
 tests/data/test1101                           |   2 +-
 tests/data/test1108                           |   2 +-
 tests/data/test112                            |   4 +-
 tests/data/test1173                           |   2 +-
 tests/data/test1185                           |   2 +-
 tests/data/test1187                           |   2 +-
 tests/data/test1208                           |   2 +-
 tests/data/test1216                           |   2 +-
 tests/data/test1218                           |   2 +-
 tests/data/test1229                           |   2 +-
 tests/data/test1233                           |   2 +-
 tests/data/test1237                           |   2 +-
 tests/data/test1238                           |   2 +-
 tests/data/test1246                           |   2 +-
 tests/data/test1264                           |   2 +-
 tests/data/test1318                           |   2 +-
 tests/data/test1411                           |   2 +-
 tests/data/test1421                           |   2 +-
 tests/data/test1447                           |   2 +-
 tests/data/test1448                           |   2 +-
 tests/data/test1453                           |   2 +-
 tests/data/test1456                           |   2 +-
 tests/data/test1468                           |   2 +-
 tests/data/test1470                           |   2 +-
 tests/data/test1471                           |   2 +-
 tests/data/test1472                           |   2 +-
 tests/data/test1491                           |   2 +-
 tests/data/test151                            |   4 +-
 tests/data/test1513                           |   2 +-
 tests/data/test1516                           |   2 +-
 tests/data/test152                            |   4 +-
 tests/data/test1553                           |   2 +-
 tests/data/test1555                           |   2 +-
 tests/data/test1557                           |   2 +-
 tests/data/test1561                           |   2 +-
 tests/data/test1590                           |   2 +-
 tests/data/test1592                           |   2 +-
 tests/data/test161                            |   2 +-
 tests/data/test162                            |   6 +-
 tests/data/test1631                           |   2 +-
 tests/data/test1632                           |   2 +-
 tests/data/test165                            |   2 +-
 tests/data/test187                            |   2 +-
 tests/data/test189                            |   2 +-
 tests/data/test1915                           |   2 +-
 tests/data/test1917                           |   2 +-
 tests/data/test20                             |   2 +-
 tests/data/test2024                           |   2 +-
 tests/data/test2025                           |   2 +-
 tests/data/test2026                           |   2 +-
 tests/data/test2027                           |   2 +-
 tests/data/test2028                           |   2 +-
 tests/data/test2029                           |   2 +-
 tests/data/test2030                           |   4 +-
 tests/data/test2046                           |   2 +-
 tests/data/test2047                           |   2 +-
 tests/data/test2102                           |   2 +-
 tests/data/test2103                           |   2 +-
 tests/data/test2104                           |   2 +-
 tests/data/test2205                           |   2 +-
 tests/data/test2302                           |   2 +-
 tests/data/test2304                           |   2 +-
 tests/data/test235                            |   4 +-
 tests/data/test24                             |   2 +-
 tests/data/test258                            |   2 +-
 tests/data/test259                            |   2 +-
 tests/data/test3016                           |   2 +-
 tests/data/test3202                           |   2 +-
 tests/data/test3203                           |   2 +-
 tests/data/test328                            |   2 +-
 tests/data/test331                            |   2 +-
 tests/data/test336                            |   2 +-
 tests/data/test349                            |   2 +-
 tests/data/test357                            |   2 +-
 tests/data/test361                            |   2 +-
 tests/data/test367                            |   2 +-
 tests/data/test380                            |   2 +-
 tests/data/test389                            |   2 +-
 tests/data/test399                            |   2 +-
 tests/data/test410                            |   2 +-
 tests/data/test412                            |   2 +-
 tests/data/test413                            |   2 +-
 tests/data/test440                            |   2 +-
 tests/data/test441                            |   2 +-
 tests/data/test458                            |   2 +-
 tests/data/test506                            |   2 +-
 tests/data/test507                            |   2 +-
 tests/data/test517                            |   6 +-
 tests/data/test531                            |   2 +-
 tests/data/test542                            |   2 +-
 tests/data/test543                            |   2 +-
 tests/data/test554                            |   2 +-
 tests/data/test562                            |   4 +-
 tests/data/test563                            |   2 +-
 tests/data/test579                            |   2 +-
 tests/data/test583                            |   6 +-
 tests/data/test588                            |   4 +-
 tests/data/test643                            |   2 +-
 tests/data/test645                            |   2 +-
 tests/data/test678                            |   2 +-
 tests/data/test716                            |   2 +-
 tests/data/test717                            |   2 +-
 tests/data/test721                            |   2 +-
 tests/data/test726                            |   4 +-
 tests/data/test729                            |   2 +-
 tests/data/test739                            |   2 +-
 tests/data/test742                            |   4 +-
 tests/data/test752                            |   2 +-
 tests/data/test775                            |   2 +-
 tests/data/test804                            |   2 +-
 tests/data/test841                            |   2 +-
 tests/data/test842                            |   2 +-
 tests/data/test87                             |   3 +-
 tests/devtest.pl                              |   6 +-
 tests/dictserver.py                           |   4 +-
 tests/ech_tests.sh                            |  42 +++----
 tests/ftpserver.pl                            |  42 +++----
 tests/getpart.pm                              |   4 +-
 tests/http/scorecard.py                       |   2 +-
 tests/http/test_02_download.py                |   2 +-
 tests/http/test_10_proxy.py                   |   2 +-
 tests/http/test_17_ssl_use.py                 |   8 +-
 tests/http/testenv/caddy.py                   |   4 +-
 tests/http/testenv/httpd.py                   |  12 +-
 .../http/testenv/mod_curltest/mod_curltest.c  |  14 +--
 tests/http/testenv/nghttpx.py                 |   4 +-
 tests/http/testenv/vsftpd.py                  |   2 +-
 tests/libtest/cli_hx_download.c               |   2 +-
 tests/libtest/cli_hx_upload.c                 |   2 +-
 tests/libtest/first.c                         |   2 +-
 tests/libtest/first.h                         |   6 +-
 tests/libtest/lib1308.c                       |   2 +-
 tests/libtest/lib1531.c                       |   2 +-
 tests/libtest/lib1560.c                       |  10 +-
 tests/libtest/lib1565.c                       |   4 +-
 tests/libtest/lib1592.c                       |  18 +--
 tests/libtest/lib1593.c                       |   2 +-
 tests/libtest/lib1906.c                       |   4 +-
 tests/libtest/lib1907.c                       |   2 +-
 tests/libtest/lib1908.c                       |   2 +-
 tests/libtest/lib1918.c                       |   4 +-
 tests/libtest/lib1939.c                       |   2 +-
 tests/libtest/lib1940.c                       |   2 +-
 tests/libtest/lib1945.c                       |   2 +-
 tests/libtest/lib2032.c                       |   4 +-
 tests/libtest/lib2405.c                       |   6 +-
 tests/libtest/lib3026.c                       |   6 +-
 tests/libtest/lib3102.c                       |   2 +-
 tests/libtest/lib505.c                        |   4 +-
 tests/libtest/lib506.c                        |   2 +-
 tests/libtest/lib518.c                        |   6 +-
 tests/libtest/lib525.c                        |   2 +-
 tests/libtest/lib530.c                        |   4 +-
 tests/libtest/lib537.c                        |  10 +-
 tests/libtest/lib540.c                        |   2 +-
 tests/libtest/lib541.c                        |   4 +-
 tests/libtest/lib542.c                        |   2 +-
 tests/libtest/lib554.c                        |   2 +-
 tests/libtest/lib557.c                        |   2 +-
 tests/libtest/lib562.c                        |   2 +-
 tests/libtest/lib568.c                        |   4 +-
 tests/libtest/lib569.c                        |   2 +-
 tests/libtest/lib571.c                        |   2 +-
 tests/libtest/lib572.c                        |   4 +-
 tests/libtest/lib579.c                        |   4 +-
 tests/libtest/lib582.c                        |   8 +-
 tests/libtest/lib586.c                        |   2 +-
 tests/libtest/lib643.c                        |   2 +-
 tests/libtest/lib659.c                        |   2 +-
 tests/libtest/lib694.c                        |   2 +-
 tests/libtest/lib758.c                        |   4 +-
 tests/libtest/mk-lib1521.pl                   |   2 +-
 tests/libtest/test1013.pl                     |   4 +-
 tests/libtest/test1022.pl                     |   6 +-
 tests/libtest/test307.pl                      |   2 +-
 tests/libtest/test613.pl                      |   2 +-
 tests/libtest/testtrace.c                     |   4 +-
 tests/libtest/testutil.c                      |   2 +-
 tests/libtest/testutil.h                      |   2 +-
 tests/memanalyze.pl                           |   2 +-
 tests/negtelnetserver.py                      |  10 +-
 tests/pathhelp.pm                             |   4 +-
 tests/runner.pm                               |  26 ++---
 tests/runtests.pl                             |  82 +++++++-------
 tests/secureserver.pl                         |   6 +-
 tests/server/first.h                          |   2 +-
 tests/server/getpart.c                        |   2 +-
 tests/server/mqttd.c                          |   6 +-
 tests/server/resolve.c                        |   4 +-
 tests/server/rtspd.c                          |  28 ++---
 tests/server/sockfilt.c                       |   8 +-
 tests/server/socksd.c                         |   4 +-
 tests/server/sws.c                            |  34 +++---
 tests/server/tftpd.c                          |  12 +-
 tests/server/util.c                           |   6 +-
 tests/serverhelp.pm                           |  24 ++--
 tests/servers.pm                              | 104 +++++++++---------
 tests/smbserver.py                            |   8 +-
 tests/sshserver.pl                            |  24 ++--
 tests/test1119.pl                             |   8 +-
 tests/test1132.pl                             |   6 +-
 tests/test1135.pl                             |   2 +-
 tests/test1139.pl                             |   6 +-
 tests/test1165.pl                             |   6 +-
 tests/test1167.pl                             |   6 +-
 tests/test1173.pl                             |  10 +-
 tests/test1175.pl                             |   2 +-
 tests/test1222.pl                             |   4 +-
 tests/test1477.pl                             |   4 +-
 tests/test1486.pl                             |   2 +-
 tests/test1488.pl                             |   4 +-
 tests/test745.pl                              |   2 +-
 tests/test971.pl                              |   4 +-
 tests/testcurl.pl                             |  42 +++----
 tests/testutil.pm                             |   2 +-
 tests/unit/README.md                          |   4 +-
 tests/unit/unit1300.c                         |   2 +-
 tests/unit/unit1303.c                         |   2 +-
 tests/unit/unit1307.c                         |   4 +-
 tests/unit/unit1605.c                         |   4 +-
 tests/unit/unit1607.c                         |   2 +-
 tests/unit/unit1609.c                         |   2 +-
 tests/unit/unit1652.c                         |   2 +-
 tests/unit/unit1653.c                         |   2 +-
 tests/unit/unit1654.c                         |   4 +-
 tests/unit/unit1655.c                         |   2 +-
 tests/unit/unit1658.c                         |   2 +-
 tests/util.py                                 |   6 +-
 247 files changed, 594 insertions(+), 595 deletions(-)

diff --git a/.github/scripts/badwords.txt b/.github/scripts/badwords.txt
index d24d97faac..ca86745ebf 100644
--- a/.github/scripts/badwords.txt
+++ b/.github/scripts/badwords.txt
@@ -75,5 +75,5 @@ file names\b:filenames
 ---WWW::Curl
 ---NET::Curl
 ---Curl Corporation
-\bmanpages[^./&:-]:man pages
-\bmanpage[^si./&:-]:man page
+\bmanpages[^./;=&{:-]:man pages
+\bmanpage[^si./;=&{:-]:man page
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 12fdc29cda..677a17cd99 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -84,7 +84,7 @@ EXTRA_DIST =        \
  valgrind.supp      \
  $(TESTSCRIPTS)
 
-# we have two variables here to make sure DIST_SUBDIRS won't get 'unit'
+# we have two variables here to make sure DIST_SUBDIRS does not get 'unit'
 # added twice as then targets such as 'distclean' misbehave and try to
 # do things twice in that subdir at times (and thus fails).
 if BUILD_UNITTESTS
@@ -108,7 +108,7 @@ curl:
 TEST_COMMON =
 
 if CROSSCOMPILING
-TEST = @echo "NOTICE: we can't run the tests when cross-compiling!"
+TEST = @echo "NOTICE: we cannot run the tests when cross-compiling!"
 PYTEST = $(TEST)
 else # if not cross-compiling:
 
@@ -124,8 +124,8 @@ TEST_F = -a -w -p -r
 TEST_T = -a -w -t -j20
 TEST_E = -a -w -e
 
-# ~ means that it will run all tests matching the keyword, but will
-# ignore their results (since these ones are likely to fail for no good reason)
+# ~ means that it runs all tests matching the keyword, but ignores
+# their results (since these ones are likely to fail for no good reason)
 TEST_NF = -a -w -p ~flaky ~timing-dependent
 
 # special target for CI use
diff --git a/tests/allversions.pm b/tests/allversions.pm
index 7673a5fcca..8ae47fc599 100644
--- a/tests/allversions.pm
+++ b/tests/allversions.pm
@@ -33,7 +33,7 @@ our %pastversion;
 sub allversions {
     my ($file) = @_;
     open(A, "<$file") ||
-        die "can't open the versions file $file\n";
+        die "cannot open the versions file $file\n";
     my $before = 1;
     my $relcount;
     while() {
diff --git a/tests/certs/genserv.pl b/tests/certs/genserv.pl
index 42aba5370e..2e61ecece6 100755
--- a/tests/certs/genserv.pl
+++ b/tests/certs/genserv.pl
@@ -55,7 +55,7 @@ if(!$CAPREFIX) {
 } elsif(! -f "$CAPREFIX-ca.cacert" ||
         ! -f "$CAPREFIX-ca.key") {
 
-    if($OPENSSL eq basename($OPENSSL)) {  # has no dir component
+    if($OPENSSL eq basename($OPENSSL)) {  # has no directory component
         # find openssl in PATH
         my $found = 0;
         foreach(File::Spec->path()) {
diff --git a/tests/certs/test-ca.prm b/tests/certs/test-ca.prm
index 5b91802981..c86c4e40cc 100644
--- a/tests/certs/test-ca.prm
+++ b/tests/certs/test-ca.prm
@@ -27,6 +27,6 @@ string_mask             = utf8only
 countryName             = "Country Name"
 countryName_value       = NN
 organizationName        = "Organization Name"
-organizationName_value  = Edel Curl Arctic Illudium Research Cloud
+organizationName_value  = Edel curl Arctic Illudium Research Cloud
 commonName              = "Common Name"
 commonName_value        = Northern Nowhere Trust Anchor
diff --git a/tests/certs/test-client-cert.prm b/tests/certs/test-client-cert.prm
index e78225c674..99962e21c1 100644
--- a/tests/certs/test-client-cert.prm
+++ b/tests/certs/test-client-cert.prm
@@ -29,6 +29,6 @@ string_mask             = utf8only
 countryName             = "Country Name is Northern Nowhere"
 countryName_value       = NN
 organizationName        = "Organization Name"
-organizationName_value  = Edel Curl Arctic Illudium Research Cloud
+organizationName_value  = Edel curl Arctic Illudium Research Cloud
 commonName              = "Common Name"
 commonName_value        = localhost
diff --git a/tests/certs/test-client-eku-only.prm b/tests/certs/test-client-eku-only.prm
index c4e61eec46..2ada8f9e7e 100644
--- a/tests/certs/test-client-eku-only.prm
+++ b/tests/certs/test-client-eku-only.prm
@@ -29,6 +29,6 @@ string_mask             = utf8only
 countryName             = "Country Name is Northern Nowhere"
 countryName_value       = NN
 organizationName        = "Organization Name"
-organizationName_value  = Edel Curl Arctic Illudium Research Cloud
+organizationName_value  = Edel curl Arctic Illudium Research Cloud
 commonName              = "Common Name"
 commonName_value        = localhost
diff --git a/tests/certs/test-localhost-san-first.prm b/tests/certs/test-localhost-san-first.prm
index 40ac460445..d354eda819 100644
--- a/tests/certs/test-localhost-san-first.prm
+++ b/tests/certs/test-localhost-san-first.prm
@@ -29,6 +29,6 @@ string_mask             = utf8only
 countryName             = "Country Name is Northern Nowhere"
 countryName_value       = NN
 organizationName        = "Organization Name"
-organizationName_value  = Edel Curl Arctic Illudium Research Cloud
+organizationName_value  = Edel curl Arctic Illudium Research Cloud
 commonName              = "Common Name"
 commonName_value        = localhost.nn
diff --git a/tests/certs/test-localhost-san-last.prm b/tests/certs/test-localhost-san-last.prm
index 2de9dd8bab..e8c87a19b0 100644
--- a/tests/certs/test-localhost-san-last.prm
+++ b/tests/certs/test-localhost-san-last.prm
@@ -29,6 +29,6 @@ string_mask             = utf8only
 countryName             = "Country Name is Northern Nowhere"
 countryName_value       = NN
 organizationName        = "Organization Name"
-organizationName_value  = Edel Curl Arctic Illudium Research Cloud
+organizationName_value  = Edel curl Arctic Illudium Research Cloud
 commonName              = "Common Name"
 commonName_value        = localhost.nn
diff --git a/tests/certs/test-localhost.nn.prm b/tests/certs/test-localhost.nn.prm
index 16411614ca..aa3f3650bd 100644
--- a/tests/certs/test-localhost.nn.prm
+++ b/tests/certs/test-localhost.nn.prm
@@ -29,6 +29,6 @@ string_mask             = utf8only
 countryName             = "Country Name is Northern Nowhere"
 countryName_value       = NN
 organizationName        = "Organization Name"
-organizationName_value  = Edel Curl Arctic Illudium Research Cloud
+organizationName_value  = Edel curl Arctic Illudium Research Cloud
 commonName              = "Common Name"
 commonName_value        = localhost.nn
diff --git a/tests/certs/test-localhost.prm b/tests/certs/test-localhost.prm
index ca7eced96d..1d574a6b6c 100644
--- a/tests/certs/test-localhost.prm
+++ b/tests/certs/test-localhost.prm
@@ -29,6 +29,6 @@ string_mask             = utf8only
 countryName             = "Country Name is Northern Nowhere"
 countryName_value       = NN
 organizationName        = "Organization Name"
-organizationName_value  = Edel Curl Arctic Illudium Research Cloud
+organizationName_value  = Edel curl Arctic Illudium Research Cloud
 commonName              = "Common Name"
 commonName_value        = localhost
diff --git a/tests/certs/test-localhost0h.prm b/tests/certs/test-localhost0h.prm
index 03bd2f12cf..2b6b059377 100644
--- a/tests/certs/test-localhost0h.prm
+++ b/tests/certs/test-localhost0h.prm
@@ -30,6 +30,6 @@ string_mask             = utf8only
 countryName             = "Country Name is Northern Nowhere"
 countryName_value       = NN
 organizationName        = "Organization Name"
-organizationName_value  = Edel Curl Arctic Illudium Research Cloud
+organizationName_value  = Edel curl Arctic Illudium Research Cloud
 commonName              = "Common Name"
 commonName_value        = localhost
diff --git a/tests/data/test1034 b/tests/data/test1034
index b99368fb9f..f503d97700 100644
--- a/tests/data/test1034
+++ b/tests/data/test1034
@@ -29,10 +29,10 @@ codeset-utf8
 LC_ALL=C.UTF-8
 
 
-HTTP over proxy with malformatted IDN host name
+HTTP over proxy with malformatted IDN hostname
 
 
-# This host name contains an invalid UTF-8 byte sequence that can't be
+# This hostname contains an invalid UTF-8 byte sequence that cannot be
 # converted into an IDN name
 
 url = "http://invalid-utf8-%hex[%e2%90]hex%.local/page/%TESTNUMBER"
diff --git a/tests/data/test1035 b/tests/data/test1035
index 50a762d726..b36872fd3e 100644
--- a/tests/data/test1035
+++ b/tests/data/test1035
@@ -27,7 +27,7 @@ codeset-utf8
 LC_ALL=C.UTF-8
 
 
-HTTP over proxy with too long IDN host name
+HTTP over proxy with too long IDN hostname
 
 
 http://too-long-IDN-name-c%hex[%c3%bc]hex%rl-r%hex[%c3%bc]hex%le%hex[%c3%9f]hex%-la-la-la-dee-da-flooby-nooby.local/page/%TESTNUMBER -x %HOSTIP:%NOLISTENPORT
diff --git a/tests/data/test1038 b/tests/data/test1038
index 294c7b94c1..f384a1d236 100644
--- a/tests/data/test1038
+++ b/tests/data/test1038
@@ -26,7 +26,7 @@ FTP PASV upload resume from end of file
 ftp://%HOSTIP:%FTPPORT/%TESTNUMBER -T %LOGDIR/upload%TESTNUMBER -C -
 
 
-this is the *****cr@p******** that we're gonna upload
+this is the *****cr@p******** that we are gonna upload
 
 worx?
 
@@ -45,7 +45,7 @@ APPE %TESTNUMBER
 QUIT
 
 
-cr@p******** that we're gonna upload
+cr@p******** that we are gonna upload
 
 worx?
 
diff --git a/tests/data/test1039 b/tests/data/test1039
index 6637c5721b..39709ddb5a 100644
--- a/tests/data/test1039
+++ b/tests/data/test1039
@@ -26,7 +26,7 @@ FTP PASV upload resume from end of empty file
 ftp://%HOSTIP:%FTPPORT/%TESTNUMBER -T %LOGDIR/upload%TESTNUMBER -C -
 
 
-this is the *****cr@p******** that we're gonna upload
+this is the *****cr@p******** that we are gonna upload
 
 worx?
 
@@ -45,7 +45,7 @@ STOR %TESTNUMBER
 QUIT
 
 
-this is the *****cr@p******** that we're gonna upload
+this is the *****cr@p******** that we are gonna upload
 
 worx?
 
diff --git a/tests/data/test1041 b/tests/data/test1041
index 68ec259d6f..ebc62d3006 100644
--- a/tests/data/test1041
+++ b/tests/data/test1041
@@ -50,7 +50,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -T%LOGDIR/test%TESTNUMBER.txt -C -
 
 # Verify data after the test has been "shot"
 
-# curl doesn't do a HEAD request on the remote file so it has no idea whether
+# curl does not do a HEAD request on the remote file so it has no idea whether
 # it can skip part of the file or not.  Instead, it sends the entire file.
 
 PUT /%TESTNUMBER HTTP/1.1
diff --git a/tests/data/test1059 b/tests/data/test1059
index 688b92850a..66b6dcf6d1 100644
--- a/tests/data/test1059
+++ b/tests/data/test1059
@@ -42,7 +42,7 @@ ftp://test-number:%TESTNUMBER/wanted/page -p -x %HOSTIP:%HTTPPORT
 #
 # Verify data after the test has been "shot"
 
-# The server doesn't implement CONNECT for ftp, so this must be a failure test
+# The server does not implement CONNECT for ftp, so this must be a failure test
 
 56
 
diff --git a/tests/data/test1069 b/tests/data/test1069
index 5156941833..2976ff1d6d 100644
--- a/tests/data/test1069
+++ b/tests/data/test1069
@@ -23,7 +23,7 @@ HTTP 1.0 PUT from stdin with no content length
 http://%HOSTIP:%HTTPPORT/bzz/%TESTNUMBER -T - -0
 
 
-this data can't be sent
+this data cannot be sent
 
 
 
diff --git a/tests/data/test1101 b/tests/data/test1101
index a6471a4a64..9f2678ec46 100644
--- a/tests/data/test1101
+++ b/tests/data/test1101
@@ -28,7 +28,7 @@ boo
 http
 
 
-NO_PROXY test, with user name in URL
+NO_PROXY test, with username in URL
 
 
 
diff --git a/tests/data/test1108 b/tests/data/test1108
index 107ef8d55c..1318e0a1b9 100644
--- a/tests/data/test1108
+++ b/tests/data/test1108
@@ -37,7 +37,7 @@ PASS ftp@example.com
 PWD
 PRET RETR %TESTNUMBER
 
-# we expect that the server doesn't understand PRET
+# we expect that the server does not understand PRET
 
 84
 
diff --git a/tests/data/test112 b/tests/data/test112
index 9a73da35a5..d680d05e90 100644
--- a/tests/data/test112
+++ b/tests/data/test112
@@ -20,10 +20,10 @@ ftp
 FTP PASV upload resume
 
 
-ftp://%HOSTIP:%FTPPORT/%TESTNUMBER -T %LOGDIR/upload%TESTNUMBER -C 40
+ftp://%HOSTIP:%FTPPORT/%TESTNUMBER -T %LOGDIR/upload%TESTNUMBER -C 41
 
 
-this is the *****crap******** that we're gonna upload
+this is the *****crap******** that we are gonna upload
 
 worx?
 
diff --git a/tests/data/test1173 b/tests/data/test1173
index e49ed9336f..bc666872d7 100644
--- a/tests/data/test1173
+++ b/tests/data/test1173
@@ -11,7 +11,7 @@ documentation
 # Client-side
 
 
-Manpage syntax checks
+Man page syntax checks
 
 
 
diff --git a/tests/data/test1185 b/tests/data/test1185
index 5571888aae..e5efc45e2e 100644
--- a/tests/data/test1185
+++ b/tests/data/test1185
@@ -81,7 +81,7 @@ void startfunc(int a, int b) {
 
  // CPP comment ?
 
- /* comment doesn't end
+ /* comment does not end
 
 
 
diff --git a/tests/data/test1187 b/tests/data/test1187
index 3cae202eb1..82debafd04 100644
--- a/tests/data/test1187
+++ b/tests/data/test1187
@@ -21,7 +21,7 @@ Mime
 smtp
 
 
-SMTP multipart with file name escaping
+SMTP multipart with filename escaping
 
 
 From: different
diff --git a/tests/data/test1208 b/tests/data/test1208
index 8acf3c1cd7..4c0e6aafda 100644
--- a/tests/data/test1208
+++ b/tests/data/test1208
@@ -41,7 +41,7 @@ FTP PORT download, no data conn and no transient negative reply
 s/^EPRT \|1\|(\S*)/EPRT \|1\|/
 
 
-# This test doesn't send a QUIT because the main state machine in multi.c
+# This test does not send a QUIT because the main state machine in multi.c
 # triggers the timeout and sets the CURLE_OPERATION_TIMEDOUT error (28) for
 # which the FTP disconnect code generically has to assume could mean the
 # control the connection and thus it cannot send any command.
diff --git a/tests/data/test1216 b/tests/data/test1216
index bb8e043b81..87718fd8d9 100644
--- a/tests/data/test1216
+++ b/tests/data/test1216
@@ -28,7 +28,7 @@ This server says moo
 http
 
 
-HTTP cookie domains tailmatching the host name
+HTTP cookie domains tailmatching the hostname
 
 
 http://example.fake/c/%TESTNUMBER http://bexample.fake/c/%TESTNUMBER -b %LOGDIR/injar%TESTNUMBER -x %HOSTIP:%HTTPPORT
diff --git a/tests/data/test1218 b/tests/data/test1218
index e66d84e1eb..28f4fb0649 100644
--- a/tests/data/test1218
+++ b/tests/data/test1218
@@ -8,7 +8,7 @@ cookies
 
 
 
-# This test is very similar to 1216, only that it sets the cookies from the
+# This test is similar to 1216, only that it sets the cookies from the
 # first site instead of reading from a file
 
 
diff --git a/tests/data/test1229 b/tests/data/test1229
index 781fa61b7a..eddce04f25 100644
--- a/tests/data/test1229
+++ b/tests/data/test1229
@@ -57,7 +57,7 @@ crypto
 digest
 
 
-HTTP with Digest authorization with user name needing escape
+HTTP with Digest authorization with username needing escape
 
 
 http://%5cuser%22:password@%HOSTIP:%HTTPPORT/%TESTNUMBER --digest
diff --git a/tests/data/test1233 b/tests/data/test1233
index e8b45cd040..4a0b7023a4 100644
--- a/tests/data/test1233
+++ b/tests/data/test1233
@@ -9,7 +9,7 @@ connect to non-listen
 # Server-side
 
 
-# Assuming there's nothing listening on port 1
+# Assuming there is nothing listening on port 1
 REPLY EPSV 229 Entering Passive Mode (|||1|)
 
 
diff --git a/tests/data/test1237 b/tests/data/test1237
index 2c572ace27..285e467929 100644
--- a/tests/data/test1237
+++ b/tests/data/test1237
@@ -24,7 +24,7 @@ Content-Type: text/html
 http
 
 
-URL with 1000+ letter user name + password
+URL with 1000+ letter username + password
 
 
 "%repeat[1000 x A]%:%repeat[1002 x B]%@%HOSTIP:%HTTPPORT/%TESTNUMBER"
diff --git a/tests/data/test1238 b/tests/data/test1238
index 49b9e65e57..66d0dde84c 100644
--- a/tests/data/test1238
+++ b/tests/data/test1238
@@ -15,7 +15,7 @@ DELAY
 
 writedelay: 2000
 
-# ~1200 bytes (so that they don't fit in two 512 byte chunks)
+# ~1200 bytes (so that they do not fit in two 512 byte chunks)
 
 012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789
 
diff --git a/tests/data/test1246 b/tests/data/test1246
index e1f11cef5b..02054a3199 100644
--- a/tests/data/test1246
+++ b/tests/data/test1246
@@ -35,7 +35,7 @@ Connection: close
 http
 
 
-URL with '#' at end of host name instead of '/'
+URL with '#' at end of hostname instead of '/'
 
 
 --proxy http://%HOSTIP:%HTTPPORT http://test.remote.haxx.se.%TESTNUMBER:%HTTPPORT#@127.0.0.1/tricked.html no-scheme-url.com.%TESTNUMBER:%HTTPPORT#@127.127.127.127/again.html
diff --git a/tests/data/test1264 b/tests/data/test1264
index 9eebd58f94..dbe4152d40 100644
--- a/tests/data/test1264
+++ b/tests/data/test1264
@@ -16,7 +16,7 @@ HTTP GET
 http
 
 
-HTTP URL with space in host name
+HTTP URL with space in hostname
 
 
 -g "http://127.0.0.1 www.example.com/we/want/%TESTNUMBER"
diff --git a/tests/data/test1318 b/tests/data/test1318
index 27e0d80c13..0ccd123eb8 100644
--- a/tests/data/test1318
+++ b/tests/data/test1318
@@ -33,7 +33,7 @@ Content-Length: 0
 http
 
 
-HTTP with --resolve and same host name using different cases
+HTTP with --resolve and same hostname using different cases
 
 
 --resolve MiXeDcAsE.cOm:%HTTPPORT:%HOSTIP http://MiXeDcAsE.cOm:%HTTPPORT/%TESTNUMBER http://mixedcase.com:%HTTPPORT/%TESTNUMBER0001
diff --git a/tests/data/test1411 b/tests/data/test1411
index ae58242f22..6eaa65d328 100644
--- a/tests/data/test1411
+++ b/tests/data/test1411
@@ -31,7 +31,7 @@ Funny-head: yesyes
 http
 
 
-# make sure there's no Expect: 100-continue when there's no file to send!
+# make sure there is no Expect: 100-continue when there is no file to send!
 
 HTTP with zero size file PUT
 
diff --git a/tests/data/test1421 b/tests/data/test1421
index 3cab703b4a..82a8061a1f 100644
--- a/tests/data/test1421
+++ b/tests/data/test1421
@@ -30,7 +30,7 @@ connection-monitor
 http
 
 
-Reusing HTTP proxy connection for two different host names
+Reusing HTTP proxy connection for two different hostnames
 
 
 --proxy http://%HOSTIP:%HTTPPORT http://test.remote.haxx.se.%TESTNUMBER:8990/ http://different.remote.haxx.se.%TESTNUMBER:8990
diff --git a/tests/data/test1447 b/tests/data/test1447
index 517c22b04d..f28c250226 100644
--- a/tests/data/test1447
+++ b/tests/data/test1447
@@ -28,7 +28,7 @@ Provide illegal proxy name
 #
 # Verify data after the test has been "shot"
 
-# Couldn't resolve proxy name
+# Could not resolve proxy name
 
 5
 
diff --git a/tests/data/test1448 b/tests/data/test1448
index aed178fc58..d35d5b5e6f 100644
--- a/tests/data/test1448
+++ b/tests/data/test1448
@@ -46,7 +46,7 @@ codeset-utf8
 LC_ALL=C.UTF-8
 
 
-Redirect following to UTF-8 IDN host name
+Redirect following to UTF-8 IDN hostname
 
 
 
diff --git a/tests/data/test1453 b/tests/data/test1453
index 28f6ed732f..bfbe692032 100644
--- a/tests/data/test1453
+++ b/tests/data/test1453
@@ -27,7 +27,7 @@ tftp://%HOSTIP:%NOLISTENPORT/%repeat[503 x a]%z
 #
 # Verify data after the test has been "shot"
 
-# TFTP file name too long
+# TFTP filename too long
 
 71
 
diff --git a/tests/data/test1456 b/tests/data/test1456
index 6f1b0260d5..c80df3b7c6 100644
--- a/tests/data/test1456
+++ b/tests/data/test1456
@@ -23,7 +23,7 @@ Connection: close
 Content-Type: text/html
 Funny-head: yesyes
 
-These data aren't actually sent to the client
+These data are not actually sent to the client
 
 
 
diff --git a/tests/data/test1468 b/tests/data/test1468
index ec004b368b..7cb9b13456 100644
--- a/tests/data/test1468
+++ b/tests/data/test1468
@@ -40,7 +40,7 @@ http
 socks5unix
 
 
-HTTP GET with host name using SOCKS5h via Unix sockets
+HTTP GET with hostname using SOCKS5h via Unix sockets
 
 
 http://this.is.a.host.name:%HTTPPORT/%TESTNUMBER --proxy socks5h://localhost%SOCKSUNIXPATH
diff --git a/tests/data/test1470 b/tests/data/test1470
index 2a8e0ea295..c93af27f7d 100644
--- a/tests/data/test1470
+++ b/tests/data/test1470
@@ -41,7 +41,7 @@ https
 socks5unix
 
 
-HTTPS GET with host name using SOCKS5h via Unix sockets
+HTTPS GET with hostname using SOCKS5h via Unix sockets
 
 
 https://this.is.a.host.name:%HTTPSPORT/%TESTNUMBER --insecure --proxy socks5h://localhost%SOCKSUNIXPATH
diff --git a/tests/data/test1471 b/tests/data/test1471
index 27343fd2fc..b07af3a9ae 100644
--- a/tests/data/test1471
+++ b/tests/data/test1471
@@ -28,7 +28,7 @@ red.onion
 #
 # Verify data after the test has been "shot"
 
-# Couldn't resolve host name
+# Could not resolve hostname
 
 6
 
diff --git a/tests/data/test1472 b/tests/data/test1472
index 2266e3ec9b..ed15302a04 100644
--- a/tests/data/test1472
+++ b/tests/data/test1472
@@ -28,7 +28,7 @@ tasty.onion.
 #
 # Verify data after the test has been "shot"
 
-# Couldn't resolve host name
+# Could not resolve hostname
 
 6
 
diff --git a/tests/data/test1491 b/tests/data/test1491
index 84d4e94e0f..fc856671e4 100644
--- a/tests/data/test1491
+++ b/tests/data/test1491
@@ -14,7 +14,7 @@ FILE
 file
 
 
-file:// don't overwrite self with --skip-existing
+file:// do not overwrite self with --skip-existing
 
 
 file://localhost%FILE_PWD/%LOGDIR/test%TESTNUMBER.txt -o %LOGDIR/test%TESTNUMBER.txt --skip-existing
diff --git a/tests/data/test151 b/tests/data/test151
index 727a7e9100..92a513986e 100644
--- a/tests/data/test151
+++ b/tests/data/test151
@@ -13,8 +13,8 @@ HTTP/1.0 401 BAD BOY
 Server: swsclose
 Content-Type: text/html
 
-This contains a response code >= 400, so curl shouldn't display this.  Even
-though it's a response code that triggers authentication, we're not using
+This contains a response code >= 400, so curl should not display this.  Even
+though it is a response code that triggers authentication, we are not using
 authentication so we should still fail.
 
 
diff --git a/tests/data/test1513 b/tests/data/test1513
index ff8c03f279..d4e741c534 100644
--- a/tests/data/test1513
+++ b/tests/data/test1513
@@ -29,7 +29,7 @@ lib%TESTNUMBER
 return failure immediately from progress callback
 
 
-# this server/host won't be used for real
+# this server/host will not be used for real
 
 http://%HOSTIP:%HTTPPORT/%TESTNUMBER
 
diff --git a/tests/data/test1516 b/tests/data/test1516
index 5c30305bf1..226b8d3c9d 100644
--- a/tests/data/test1516
+++ b/tests/data/test1516
@@ -10,7 +10,7 @@ resolve
 
 
 
-# Close the connection after the first request but don't tell the client to do
+# Close the connection after the first request but do not tell the client to do
 # so! When starting the second request it'll detect a dead connection and must
 # not clean the DNS entries added manually.
 
diff --git a/tests/data/test152 b/tests/data/test152
index 2f4ee6938d..0a9a12d334 100644
--- a/tests/data/test152
+++ b/tests/data/test152
@@ -14,8 +14,8 @@ HTTP/1.0 401 BAD BOY
 Server: swsclose
 Content-Type: text/html
 
-This contains a response code >= 400, so curl shouldn't display this.  Even
-though it's a response code that triggers authentication, we're not using
+This contains a response code >= 400, so curl should not display this.  Even
+though it is a response code that triggers authentication, we are not using
 authentication so we should still fail.
 
 
diff --git a/tests/data/test1553 b/tests/data/test1553
index 5b4f11e554..7deea6869b 100644
--- a/tests/data/test1553
+++ b/tests/data/test1553
@@ -42,7 +42,7 @@ IMAP cleanup before a connection was created
 lib%TESTNUMBER
 
 
-# this MUST use a host name that doesn't resolve
+# this MUST use a hostname that does not resolve
 
 imap://non-existing-host.haxx.se:%IMAPPORT/%TESTNUMBER
 
diff --git a/tests/data/test1555 b/tests/data/test1555
index 75e1e5c258..5332aca6eb 100644
--- a/tests/data/test1555
+++ b/tests/data/test1555
@@ -29,7 +29,7 @@ lib%TESTNUMBER
 verify api is protected against calls from callbacks
 
 
-# this server/host won't be used for real
+# this server/host will not be used for real
 
 http://%HOSTIP:%HTTPPORT/%TESTNUMBER
 
diff --git a/tests/data/test1557 b/tests/data/test1557
index 0c308f0335..0e0a3515a3 100644
--- a/tests/data/test1557
+++ b/tests/data/test1557
@@ -15,7 +15,7 @@ lib%TESTNUMBER
 
 
 
-Remove easy handle in pending connections doesn't leave dangling entry
+Remove easy handle in pending connections does not leave dangling entry
 
 
 hostname.invalid
diff --git a/tests/data/test1561 b/tests/data/test1561
index 5af47edce0..df9477dd47 100644
--- a/tests/data/test1561
+++ b/tests/data/test1561
@@ -69,7 +69,7 @@ https
 https
 
 
-Cookies set over HTTP can't override secure ones
+Cookies set over HTTP cannot override secure ones
 
 
 --insecure https://%HOSTIP:%HTTPSPORT/%TESTNUMBER0001 -L -c %LOGDIR/jar%TESTNUMBER.txt -H "Host: www.example.com"  http://%HOSTIP:%HTTPPORT/%TESTNUMBER0002 -L -c %LOGDIR/jar%TESTNUMBER.txt -H "Host: www.example.com"
diff --git a/tests/data/test1590 b/tests/data/test1590
index 8d459601be..309ec3801a 100644
--- a/tests/data/test1590
+++ b/tests/data/test1590
@@ -42,7 +42,7 @@ IMAP cleanup before a connection was created
 lib1553
 
 
-# it is important this uses a host name that resolves successfully
+# it is important this uses a hostname that resolves successfully
 
 imap://localhost:%IMAPPORT/%TESTNUMBER
 
diff --git a/tests/data/test1592 b/tests/data/test1592
index aacdb9eadb..9a3aa800c3 100644
--- a/tests/data/test1592
+++ b/tests/data/test1592
@@ -16,7 +16,7 @@ timing-dependent
 lib%TESTNUMBER
 
 
-HTTP request, remove handle while resolving, don't block
+HTTP request, remove handle while resolving, do not block
 
 
 
diff --git a/tests/data/test161 b/tests/data/test161
index 201fe52bfa..7908c41d2a 100644
--- a/tests/data/test161
+++ b/tests/data/test161
@@ -32,7 +32,7 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER
 
 # Verify data after the test has been "shot"
 
-# This doesn't send QUIT because of known bug:
+# This does not send QUIT because of known bug:
 # "7.8 Premature transfer end but healthy control channel"
 
 USER anonymous
diff --git a/tests/data/test162 b/tests/data/test162
index 02809e8127..196475ac86 100644
--- a/tests/data/test162
+++ b/tests/data/test162
@@ -17,9 +17,9 @@ Proxy-Authenticate: Basic realm="Squid proxy-caching web server"
 Server: swsclose
 Content-Type: text/html
 
-Even though it's the response code that triggers authentication, we're
-using NTLM and the server isn't, so we should fail.  We know the server
-isn't because there's no Proxy-Authorization: NTLM header
+Even though it is the response code that triggers authentication, we are
+using NTLM and the server is not, so we should fail.  We know the server
+is not because there is no Proxy-Authorization: NTLM header
 
 
 
diff --git a/tests/data/test1631 b/tests/data/test1631
index 6e28263b3d..af6a95bb8b 100644
--- a/tests/data/test1631
+++ b/tests/data/test1631
@@ -56,7 +56,7 @@ proxy
 
 
 # The second CONNECT will be made to the dynamic port number the FTP server
-# opens for us, so we can't compare with a known pre-existing number!
+# opens for us, so we cannot compare with a known pre-existing number!
 
 s/((https.proxy):(\d+))/$2:12345/
 
diff --git a/tests/data/test1632 b/tests/data/test1632
index ebf91098d5..bfb446fd33 100644
--- a/tests/data/test1632
+++ b/tests/data/test1632
@@ -65,7 +65,7 @@ proxy
 
 
 # The second and third CONNECT will be made to the dynamic port number the FTP
-# server opens for us, so we can't compare with known pre-existing numbers!
+# server opens for us, so we cannot compare with known pre-existing numbers!
 
 
 s/((https.proxy):(\d+))/$2:12345/
diff --git a/tests/data/test165 b/tests/data/test165
index 0d1c2ebdd0..cd193b5532 100644
--- a/tests/data/test165
+++ b/tests/data/test165
@@ -36,7 +36,7 @@ codeset-utf8
 LC_ALL=C.UTF-8
 
 
-HTTP over proxy with IDN host name
+HTTP over proxy with IDN hostname
 
 
 http://www.%hex[%c3%a5%c3%a4%c3%b6]hex%.se/page/%TESTNUMBER -x %HOSTIP:%HTTPPORT http://www.gro%hex[%c3%9f]hex%e.de/page/%TESTNUMBER
diff --git a/tests/data/test187 b/tests/data/test187
index c3d1199a23..2a405281bc 100644
--- a/tests/data/test187
+++ b/tests/data/test187
@@ -51,7 +51,7 @@ If this is received, the location following worked
 http
 
 
-HTTP redirect with bad host name separation and slash in parameters
+HTTP redirect with bad hostname separation and slash in parameters
 
 
 http://%HOSTIP:%HTTPPORT?oh=what-weird=test/%TESTNUMBER -L
diff --git a/tests/data/test189 b/tests/data/test189
index e8e8044049..173293b9c4 100644
--- a/tests/data/test189
+++ b/tests/data/test189
@@ -42,7 +42,7 @@ Content-Length: 15
 http
 
 
-HTTP GET with resume and redirect (to a page that doesn't resume)
+HTTP GET with resume and redirect (to a page that does not resume)
 
 
 http://%HOSTIP:%HTTPPORT/%TESTNUMBER -C 50 -L
diff --git a/tests/data/test1915 b/tests/data/test1915
index 3043259317..0c7c770547 100644
--- a/tests/data/test1915
+++ b/tests/data/test1915
@@ -32,7 +32,7 @@ http://%HOSTIP:%NOLISTENPORT/not-there/%TESTNUMBER
 
 # Verify data after the test has been "shot"
 
-# 7 CURLE_COULDNT_CONNECT (expected since there's nothing listening there)
+# 7 CURLE_COULDNT_CONNECT (expected since there is nothing listening there)
 # 42 CURLE_ABORTED_BY_CALLBACK
 
 42
diff --git a/tests/data/test1917 b/tests/data/test1917
index 622623dc55..2d1850d7ab 100644
--- a/tests/data/test1917
+++ b/tests/data/test1917
@@ -21,7 +21,7 @@ hello
 # Client-side
 
 
-# require HTTP too as otherwise CURLOPT_POST doesn't exist
+# require HTTP too as otherwise CURLOPT_POST does not exist
 
 mqtt
 http
diff --git a/tests/data/test20 b/tests/data/test20
index a84928a2dc..072df696e7 100644
--- a/tests/data/test20
+++ b/tests/data/test20
@@ -17,7 +17,7 @@ non-existing host
 http
 
 
-attempt connect to non-existing host name
+attempt connect to non-existing hostname
 
 
 --ipv4 non-existing-host.haxx.se.
diff --git a/tests/data/test2024 b/tests/data/test2024
index 7838aeb2eb..45fe1a8359 100644
--- a/tests/data/test2024
+++ b/tests/data/test2024
@@ -11,7 +11,7 @@ HTTP Digest auth
 
 
 
+ensure that the order does not matter. -->
 
 
 
diff --git a/tests/data/test2025 b/tests/data/test2025
index 2b2c6f33f8..3bda645570 100644
--- a/tests/data/test2025
+++ b/tests/data/test2025
@@ -12,7 +12,7 @@ NTLM
 
 
 
+ensure that the order does not matter. -->
 
 
 
diff --git a/tests/data/test2026 b/tests/data/test2026
index d576725c4c..8db0142a9c 100644
--- a/tests/data/test2026
+++ b/tests/data/test2026
@@ -11,7 +11,7 @@ HTTP Digest auth
 
 
 
+ensure that the order does not matter. -->
 
 
 
diff --git a/tests/data/test2027 b/tests/data/test2027
index bff987e1cc..24d26eb760 100644
--- a/tests/data/test2027
+++ b/tests/data/test2027
@@ -13,7 +13,7 @@ HTTP Digest auth
 
  Explanation for the duplicate 400 requests:
 
- libcurl doesn't detect that a given Digest password is wrong already on the
+ libcurl does not detect that a given Digest password is wrong already on the
  first 401 response (as the data400 gives). libcurl will instead consider the
  new response just as a duplicate and it sends another and detects the auth
  problem on the second 401 response!
diff --git a/tests/data/test2028 b/tests/data/test2028
index 7f71f0549c..0e1dfcd41d 100644
--- a/tests/data/test2028
+++ b/tests/data/test2028
@@ -12,7 +12,7 @@ NTLM
 
 
 
+ensure that the order does not matter. -->
 
 
 
diff --git a/tests/data/test2029 b/tests/data/test2029
index 08a955fed7..f056952159 100644
--- a/tests/data/test2029
+++ b/tests/data/test2029
@@ -12,7 +12,7 @@ NTLM
 
 
 
+ensure that the order does not matter. -->
 
 
 
diff --git a/tests/data/test2030 b/tests/data/test2030
index b02d219201..47f01a14ed 100644
--- a/tests/data/test2030
+++ b/tests/data/test2030
@@ -12,13 +12,13 @@ NTLM
 
 
 
+ensure that the order does not matter. -->
 
 
+
 
 !win32
 
diff --git a/tests/data/test3202 b/tests/data/test3202
index d4ea6a33c3..44414c03aa 100644
--- a/tests/data/test3202
+++ b/tests/data/test3202
@@ -23,7 +23,7 @@ Connection: close
 Content-Type: text/html
 Funny-head: yesyes
 
-These data aren't actually sent to the client
+These data are not actually sent to the client
 
 
 
diff --git a/tests/data/test3203 b/tests/data/test3203
index 527e870a49..0c5507d1db 100644
--- a/tests/data/test3203
+++ b/tests/data/test3203
@@ -16,7 +16,7 @@ file
 
 GET a directory using file://
 
-
+
 
 !win32
 
diff --git a/tests/data/test328 b/tests/data/test328
index 602b6efa19..92f3133565 100644
--- a/tests/data/test328
+++ b/tests/data/test328
@@ -26,7 +26,7 @@ Q- What did 0 say to 8? A- Nice Belt!
 http
 
 
-# we're actually more interested in any compression support but this is the
+# we are actually more interested in any compression support but this is the
 # best we can do right now
 
 libz
diff --git a/tests/data/test331 b/tests/data/test331
index 4b613c5e13..bbc77a0997 100644
--- a/tests/data/test331
+++ b/tests/data/test331
@@ -37,7 +37,7 @@ Funny-head: yesyes swsclose
 http
 
 
-HTTP with cookie using host name 'moo'
+HTTP with cookie using hostname 'moo'
 
 
 -x http://%HOSTIP:%HTTPPORT http://moo/we/want/%TESTNUMBER -b none http://moo/we/want/%TESTNUMBER0002
diff --git a/tests/data/test336 b/tests/data/test336
index ddf4266b46..66552f8f71 100644
--- a/tests/data/test336
+++ b/tests/data/test336
@@ -32,7 +32,7 @@ REPLY SIZE 500 no such command
 ftp
 
 
-FTP range download when SIZE doesn't work
+FTP range download when SIZE does not work
 
 
 ftp://%HOSTIP:%FTPPORT/%TESTNUMBER --range 3-6
diff --git a/tests/data/test349 b/tests/data/test349
index 07d9d07a00..42e2882cb9 100644
--- a/tests/data/test349
+++ b/tests/data/test349
@@ -12,7 +12,7 @@ HTTP GET
 HTTP/1.0 404 BAD BOY swsclose
 Content-Type: text/html
 
-This silly page doesn't reaaaaaly exist so you should not get it.
+This silly page does not reaaaaaly exist so you should not get it.
 
 
 
diff --git a/tests/data/test357 b/tests/data/test357
index d0b7b7325f..5bed285069 100644
--- a/tests/data/test357
+++ b/tests/data/test357
@@ -8,7 +8,7 @@ Expect: 100-continue
 
 # Server-side
 
-# 417 means the server didn't like the Expect header
+# 417 means the server did not like the Expect header
 
 HTTP/1.1 417 BAD swsbounce
 Date: Tue, 09 Nov 2010 14:49:00 GMT
diff --git a/tests/data/test361 b/tests/data/test361
index c333a8ce08..b574b4aa39 100644
--- a/tests/data/test361
+++ b/tests/data/test361
@@ -12,7 +12,7 @@ HTTP GET
 HTTP/1.0 404 BAD BOY swsclose
 Content-Type: text/html
 
-This silly page doesn't reaaaaaly exist so you should not get it.
+This silly page does not reaaaaaly exist so you should not get it.
 
 
 
diff --git a/tests/data/test367 b/tests/data/test367
index 335d59e662..42a7ec2c32 100644
--- a/tests/data/test367
+++ b/tests/data/test367
@@ -26,7 +26,7 @@ Connection: close
 http
 
 
-Empty user name provided in URL
+Empty username provided in URL
 
 
 http://:example@%HOSTIP:%HTTPPORT/%TESTNUMBER
diff --git a/tests/data/test380 b/tests/data/test380
index 6fe29288b6..a418dae4ae 100644
--- a/tests/data/test380
+++ b/tests/data/test380
@@ -32,7 +32,7 @@ dr-xr-xr-x   5 0        1            512 Oct  1  1997 usr
 ftp
 
 
-pick netrc password based on user name in URL
+pick netrc password based on username in URL
 
 
 
diff --git a/tests/data/test389 b/tests/data/test389
index 65bf1e9ad9..dcae640ecf 100644
--- a/tests/data/test389
+++ b/tests/data/test389
@@ -40,7 +40,7 @@ local-http
 
 -4 http://curlmachine.localhost:%HTTPPORT/%TESTNUMBER
 
-# Ensure that we're running on localhost
+# Ensure that we are running on localhost
 
 
 #
diff --git a/tests/data/test399 b/tests/data/test399
index da4b3f7cf7..bd73155253 100644
--- a/tests/data/test399
+++ b/tests/data/test399
@@ -13,7 +13,7 @@ URL
 http
 
 
-65536 bytes long host name in URL
+65536 bytes long hostname in URL
 
 
 url = http://%repeat[65536 x a]%/399
diff --git a/tests/data/test410 b/tests/data/test410
index 3eb4eb4c8b..aab2fd7259 100644
--- a/tests/data/test410
+++ b/tests/data/test410
@@ -29,7 +29,7 @@ SSL
 https
 
 
-HTTPS GET with very long request header
+HTTPS GET with 49 KB long request header
 
 # 14 characters repeated 3500 times makes 49000 bytes
 
diff --git a/tests/data/test412 b/tests/data/test412
index 7a8e83e685..0f38d17ff6 100644
--- a/tests/data/test412
+++ b/tests/data/test412
@@ -34,7 +34,7 @@ Debug
 http
 
 
-alt-svc using host name with trailing dot in URL
+alt-svc using hostname with trailing dot in URL
 
 
 # make Debug-curl accept Alt-Svc over plain HTTP
diff --git a/tests/data/test413 b/tests/data/test413
index e365b1dfea..89877f5370 100644
--- a/tests/data/test413
+++ b/tests/data/test413
@@ -34,7 +34,7 @@ Debug
 http
 
 
-alt-svc using host name with trailing dot on host from file
+alt-svc using hostname with trailing dot on host from file
 
 
 # make Debug-curl accept Alt-Svc over plain HTTP
diff --git a/tests/data/test440 b/tests/data/test440
index 161e6e3d9a..127fb16270 100644
--- a/tests/data/test440
+++ b/tests/data/test440
@@ -39,7 +39,7 @@ this.hsts.example "99991001 04:47:41"
 
 
 
-HSTS with trailing-dot host name in URL but none in hsts file
+HSTS with trailing-dot hostname in URL but none in hsts file
 
 
 -x http://%HOSTIP:%HTTPPORT http://this.hsts.example./%TESTNUMBER --hsts %LOGDIR/input%TESTNUMBER -w '%{url_effective}\n'
diff --git a/tests/data/test441 b/tests/data/test441
index 033c534304..eba5281291 100644
--- a/tests/data/test441
+++ b/tests/data/test441
@@ -39,7 +39,7 @@ this.hsts.example. "99991001 04:47:41"
 
 
 
-HSTS with no t-dot host name in URL but t-dot in file
+HSTS with no t-dot hostname in URL but t-dot in file
 
 
 -x http://%HOSTIP:%HTTPPORT http://this.hsts.example/%TESTNUMBER --hsts %LOGDIR/input%TESTNUMBER -w '%{url_effective}\n'
diff --git a/tests/data/test458 b/tests/data/test458
index 66027b087e..c2e0501fed 100644
--- a/tests/data/test458
+++ b/tests/data/test458
@@ -36,7 +36,7 @@ FUNVALUE=contents%TESTNUMBER
 VALUE2=curl
 
 
-variable expand the file name with --expand-output
+variable expand the filename with --expand-output
 
 
 --variable %FUNVALUE
diff --git a/tests/data/test506 b/tests/data/test506
index 5b4d16d9bc..d7618272dd 100644
--- a/tests/data/test506
+++ b/tests/data/test506
@@ -55,7 +55,7 @@ run 3: overwrite cookie 1 and 4, set cookie 6 with and without tailmatch
 
 http
 
-# don't run this with the threaded-resolver or c-ares since the events might
+# do not run this with the threaded-resolver or c-ares since the events might
 # trigger in a different order!
 
 !threaded-resolver
diff --git a/tests/data/test507 b/tests/data/test507
index 49d7517608..aa4ec61ef6 100644
--- a/tests/data/test507
+++ b/tests/data/test507
@@ -18,7 +18,7 @@ non-existing host
 http
 
 
-multi interface get with non-existing host name
+multi interface get with non-existing hostname
 
 
 lib%TESTNUMBER
diff --git a/tests/data/test517 b/tests/data/test517
index 859e54f319..a60a46dfda 100644
--- a/tests/data/test517
+++ b/tests/data/test517
@@ -30,9 +30,9 @@ curl_getdate() testing
 
 # This test case previously tested an overflow case ("2094 Nov 6 =>
 # 2147483647") for 32-bit time_t, but since some systems have 64-bit time_t and
-# handles this (returning 3939840000), and some 64-bit time_t systems don't
-# handle this and return -1 for this, it turned very tricky to write a fine
-# test case and thus it is now removed until we have a way to write test cases
+# handles this (returning 3939840000), and some 64-bit time_t systems do not
+# handle this and return -1 for this, it turned tricky to write a fine test
+# case and thus it is now removed until we have a way to write test cases
 # for this kind of things.
 
 
diff --git a/tests/data/test531 b/tests/data/test531
index e018d7d60c..4e22a64840 100644
--- a/tests/data/test531
+++ b/tests/data/test531
@@ -33,7 +33,7 @@ ftp://%HOSTIP:%FTPPORT/path/%TESTNUMBER %LOGDIR/upload%TESTNUMBER
 
 
 Moooooooooooo
-don't upload this
+do not upload this
 
 
 
diff --git a/tests/data/test542 b/tests/data/test542
index 8f6bdf8945..14aeeae9e9 100644
--- a/tests/data/test542
+++ b/tests/data/test542
@@ -41,7 +41,7 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER
 
 # Verify data after the test has been "shot"
 #
-# There's no MTDM in the protocol here since this code doesn't ask for the
+# There is no MTDM in the protocol here since this code does not ask for the
 # time/date of the file
 
 
diff --git a/tests/data/test543 b/tests/data/test543
index c9a5a21398..917e957260 100644
--- a/tests/data/test543
+++ b/tests/data/test543
@@ -18,7 +18,7 @@ curl_easy_escape
 
 # Verify data after the test has been "shot"
 #
-# There's no MTDM in the protocol here since this code doesn't ask for the
+# There is no MTDM in the protocol here since this code does not ask for the
 # time/date of the file
 
 
diff --git a/tests/data/test554 b/tests/data/test554
index 9336930f92..1db9fa9b67 100644
--- a/tests/data/test554
+++ b/tests/data/test554
@@ -107,7 +107,7 @@ Content-Length: 794%CR
 Content-Type: multipart/form-data; boundary=----------------------------%CR
 %CR
 ------------------------------%CR
-Content-Disposition: form-data; name="sendfile alternative"; filename="file name 2"%CR
+Content-Disposition: form-data; name="sendfile alternative"; filename="filename 2 "%CR
 %CR
 this is what we post to the silly web server
 %CR
diff --git a/tests/data/test562 b/tests/data/test562
index d7871f18ec..9c7d01be52 100644
--- a/tests/data/test562
+++ b/tests/data/test562
@@ -26,7 +26,7 @@ lib%TESTNUMBER
 FTP a type=A URL and CURLOPT_PORT set
 
 
-# note that we need quotes around the URL below to make sure the shell doesn't
+# note that we need quotes around the URL below to make sure the shell does not
 # treat the semicolon as a separator!
 
 'ftp://%HOSTIP:23456/%TESTNUMBER;type=A' %FTPPORT
@@ -36,7 +36,7 @@ FTP a type=A URL and CURLOPT_PORT set
 
 # Verify data after the test has been "shot"
 #
-# There's no MTDM in the protocol here since this code doesn't ask for the
+# There is no MTDM in the protocol here since this code does not ask for the
 # time/date of the file
 
 
diff --git a/tests/data/test563 b/tests/data/test563
index 12f0368d58..30730fd792 100644
--- a/tests/data/test563
+++ b/tests/data/test563
@@ -38,7 +38,7 @@ proxy
 
 ftp_proxy=http://%HOSTIP:%HTTPPORT/
 
-# note that we need quotes around the URL below to make sure the shell doesn't
+# note that we need quotes around the URL below to make sure the shell does not
 # treat the semicolon as a separator!
 
 "ftp://%HOSTIP:23456/%TESTNUMBER;type=A" %FTPPORT
diff --git a/tests/data/test579 b/tests/data/test579
index a4e63b612d..be3c910998 100644
--- a/tests/data/test579
+++ b/tests/data/test579
@@ -66,7 +66,7 @@ lib%TESTNUMBER
 
 
 
-small chunked HTTP POSTs with digest auth. and progress callback
+small chunked HTTP POSTs with digest auth and progress callback
 
 
 http://%HOSTIP:%HTTPPORT/%TESTNUMBER %LOGDIR/ip%TESTNUMBER
diff --git a/tests/data/test583 b/tests/data/test583
index 8f87bcef9d..46a937631c 100644
--- a/tests/data/test583
+++ b/tests/data/test583
@@ -25,9 +25,9 @@ SFTP with multi interface, remove handle early
 
 
 # The command here uses 'localhost' just to make sure that curl_multi_perform
-# won't reach too far in the first invoke. When using c-ares at least, the
-# name resolve will cause it to return rather quickly and thus we could trigger
-# the problem we're looking to verify.
+# does not reach too far in the first invoke. When using c-ares at least, the
+# name resolve causes it to return rather quickly and thus we could trigger
+# the problem we are looking to verify.
 
 sftp://localhost:%SSHPORT%SFTP_PWD/%LOGDIR/upload%TESTNUMBER.txt %USER: %LOGDIR/server/curl_client_key.pub %LOGDIR/server/curl_client_key
 
diff --git a/tests/data/test588 b/tests/data/test588
index 5c53e04554..24d05ef747 100644
--- a/tests/data/test588
+++ b/tests/data/test588
@@ -1,7 +1,7 @@
 
 #
 # This test is exactly like 525 but the server rejects the EPRT command.
-# Written up to make sure that there's nothing in the multi interface
+# Written up to make sure that there is nothing in the multi interface
 # active connection case that differs between PORT and EPRT use
 #
 
@@ -32,7 +32,7 @@ ftp
 lib525
 
 
-FTP PORT upload using multi interface, EPRT doesn't work
+FTP PORT upload using multi interface, EPRT does not work
 
 
 ftp://%HOSTIP:%FTPPORT/path/%TESTNUMBER %LOGDIR/upload%TESTNUMBER
diff --git a/tests/data/test643 b/tests/data/test643
index 14bbd4aa39..b0ecd42cd8 100644
--- a/tests/data/test643
+++ b/tests/data/test643
@@ -106,7 +106,7 @@ Content-Length: 690%CR
 Content-Type: multipart/form-data; boundary=----------------------------%CR
 %CR
 ------------------------------%CR
-Content-Disposition: form-data; name="sendfile alternative"; filename="file name 2"%CR
+Content-Disposition: form-data; name="sendfile alternative"; filename="filename 2 "%CR
 %CR
 dummy
 %CR
diff --git a/tests/data/test645 b/tests/data/test645
index 6370a5a478..9b59eb8f69 100644
--- a/tests/data/test645
+++ b/tests/data/test645
@@ -139,7 +139,7 @@ Expect: 100-continue%CR
 %CR
 8a%CR
 ------------------------------%CR
-Content-Disposition: form-data; name="sendfile alternative"; filename="file name 2"%CR
+Content-Disposition: form-data; name="sendfile alternative"; filename="filename 2 "%CR
 %CR
 d%CR
 1%CR
diff --git a/tests/data/test678 b/tests/data/test678
index 48b65076b0..cac12ca071 100644
--- a/tests/data/test678
+++ b/tests/data/test678
@@ -39,7 +39,7 @@ lib%TESTNUMBER
 
 https://localhost:%HTTPSPORT/%TESTNUMBER %CERTDIR/certs/test-ca.crt
 
-# Ensure that we're running on localhost because we're checking the host name
+# Ensure that we are running on localhost because we are checking the hostname
 
 %LIBTESTS lib%TESTNUMBER check
 
diff --git a/tests/data/test716 b/tests/data/test716
index d6910718b3..fb03233eac 100644
--- a/tests/data/test716
+++ b/tests/data/test716
@@ -26,7 +26,7 @@ http
 proxy
 
 
-SOCKS5 proxy with too long user name
+SOCKS5 proxy with too long username
 
 
 # it should never connect to the target server
diff --git a/tests/data/test717 b/tests/data/test717
index ca377a4bce..afd9b63966 100644
--- a/tests/data/test717
+++ b/tests/data/test717
@@ -43,7 +43,7 @@ http
 SOCKS5 proxy auth
 
 
-# target a port that won't work without the SOCKS magic
+# target a port that does not work without the SOCKS magic
 
 http://%HOSTIP:1/%TESTNUMBER -x socks5://uz3r:p4ssworm@%HOSTIP:%SOCKSPORT
 
diff --git a/tests/data/test721 b/tests/data/test721
index 23878f5b2f..46ee2674a1 100644
--- a/tests/data/test721
+++ b/tests/data/test721
@@ -38,7 +38,7 @@ http
 socks5
 
 
-HTTP GET with host name using SOCKS5h
+HTTP GET with hostname using SOCKS5h
 
 
 http://this.is.a.host.name:%HTTPPORT/%TESTNUMBER --proxy socks5h://%HOSTIP:%SOCKSPORT
diff --git a/tests/data/test726 b/tests/data/test726
index 54a07de70c..048b1ff4cb 100644
--- a/tests/data/test726
+++ b/tests/data/test726
@@ -21,7 +21,7 @@ http
 
 
 #
-# Set a home that doesn't have a ".ipfs" folder. %PWD should be good.
+# Set a home that does not have a ".ipfs" folder. %PWD should be good.
 # This is to prevent the automatic gateway detection from finding a gateway file in your home folder.
 HOME=%PWD
 
@@ -34,7 +34,7 @@ ipfs://bafybeidecnvkrygux6uoukouzps5ofkeevoqland7kopseiod6pzqvjg7u
 
 
 #
-# Verify with no gateway url and no auto detection
+# Verify with no gateway URL and no auto detection
 
 
 37
diff --git a/tests/data/test729 b/tests/data/test729
index fca56ade55..172b06ffe9 100644
--- a/tests/data/test729
+++ b/tests/data/test729
@@ -23,7 +23,7 @@ http
 socks4
 
 
-SOCKS4 with very long proxy user name
+SOCKS4 with long proxy username
 
 
 http://fake --limit-rate 1 -x socks4a://%repeat[1015 x a]%@%HOSTIP:%SOCKSPORT
diff --git a/tests/data/test739 b/tests/data/test739
index 41fa8e1dbe..41f3599e4d 100644
--- a/tests/data/test739
+++ b/tests/data/test739
@@ -20,7 +20,7 @@ ipfs
 http
 
 
-IPNS path and query args for gateway and IPFS url (malformed gateway url)
+IPNS path and query args for gateway and IPFS URL (malformed gateway URL)
 
 
 --ipfs-gateway "http://%HOSTIP:%HTTPPORT/some/path?biz=baz" "ipns://fancy.tld/a/b?foo=bar&aaa=bbb"
diff --git a/tests/data/test742 b/tests/data/test742
index 4cffe4d33d..d94d8b0da1 100644
--- a/tests/data/test742
+++ b/tests/data/test742
@@ -40,10 +40,10 @@ socks5
 http
 
 
-SOCKS5-hostname with max length credentials and max host name length
+SOCKS5-hostname with max length credentials and max hostname length
 
 
-# target a port that won't work without the SOCKS magic
+# target a port that does not work without the SOCKS magic
 
 http://%repeat[254 x c]%:%HTTPPORT -x socks5h://%repeat[255 x a]%:%repeat[255 x b]%@%HOSTIP:%SOCKSPORT
 
diff --git a/tests/data/test752 b/tests/data/test752
index 28866bc312..76f792a003 100644
--- a/tests/data/test752
+++ b/tests/data/test752
@@ -48,7 +48,7 @@ Funny-head: yesyes
 http
 
 
---retry and -f on a HTTP 404 response
+--retry and -f on an HTTP 404 response
 
 
 http://%HOSTIP:%HTTPPORT/%TESTNUMBER -f --retry 1
diff --git a/tests/data/test775 b/tests/data/test775
index aa016a0955..9ca0223ba4 100644
--- a/tests/data/test775
+++ b/tests/data/test775
@@ -43,7 +43,7 @@ SSL
 http
 
 
-HTTP with NTLM with too long user name
+HTTP with NTLM with too long username
 
 
 http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser%repeat[1100 x A]%:testpass --ntlm
diff --git a/tests/data/test804 b/tests/data/test804
index 9df5decafe..9912f018a4 100644
--- a/tests/data/test804
+++ b/tests/data/test804
@@ -25,7 +25,7 @@ body
 imap
 
 
-IMAP doesn't perform SELECT if reusing the same mailbox
+IMAP does not perform SELECT if reusing the same mailbox
 
 
 'imap://%HOSTIP:%IMAPPORT/%TESTNUMBER/;MAILINDEX=123/;SECTION=1' 'imap://%HOSTIP:%IMAPPORT/%TESTNUMBER/;MAILINDEX=456/;SECTION=2.3' -u user:secret
diff --git a/tests/data/test841 b/tests/data/test841
index 321512431c..18bf7ae859 100644
--- a/tests/data/test841
+++ b/tests/data/test841
@@ -35,7 +35,7 @@ body
 imap
 
 
-IMAP custom request doesn't check continuation data
+IMAP custom request does not check continuation data
 
 
  imap://%HOSTIP:%IMAPPORT/%TESTNUMBER/ -u user:secret -X 'FETCH 123 BODY[1]'
diff --git a/tests/data/test842 b/tests/data/test842
index cc0dcd9c00..63c4a9d393 100644
--- a/tests/data/test842
+++ b/tests/data/test842
@@ -40,7 +40,7 @@ IMAP OAuth 2.0 (OAUTHBEARER) authentication
 
 'imap://%HOSTIP:%IMAPPORT/%TESTNUMBER/;MAILINDEX=1' -u user --oauth2-bearer mF_9.B5f-4.1JqM
 
-# The protocol section doesn't support ways of specifying the raw data in the
+# The protocol section does not support ways of specifying the raw data in the
 # base64 encoded message so we must assert this
 
 
diff --git a/tests/data/test87 b/tests/data/test87
index b22578f82f..c1909df972 100644
--- a/tests/data/test87
+++ b/tests/data/test87
@@ -46,8 +46,7 @@ urlglob with out of range -o #[num] usage
 
 #
 # Verify data after the test has been "shot". Note that the command line
-# will write both responses into the same file name so only the second
-# survives
+# writes both responses into the same filename so only the second survives
 #
 
 
diff --git a/tests/devtest.pl b/tests/devtest.pl
index 30124a9f91..a2a9cde875 100755
--- a/tests/devtest.pl
+++ b/tests/devtest.pl
@@ -24,13 +24,13 @@
 ###########################################################################
 
 # This script is intended for developers to test some internals of the
-# runtests.pl harness. Don't try to use this unless you know what you're
+# runtests.pl harness. Do not try to use this unless you know what you are
 # doing!
 
 # An example command-line that starts a test http server for test 11 and waits
 # for the user before stopping it:
 #   ./devtest.pl --verbose serverfortest https echo "Started https" protoport https preprocess 11 pause echo Stopping stopservers echo Done
-# curl can connect to the server while it's running like this:
+# curl can connect to the server while it is running like this:
 #   curl -vkL https://localhost:/11
 
 use strict;
@@ -94,7 +94,7 @@ sub parseprotocols {
 
     # Generate a "proto-ipv6" version of each protocol to match the
     # IPv6  name and a "proto-unix" to match the variant which
-    # uses Unix domain sockets. This works even if support isn't
+    # uses Unix domain sockets. This works even if support is not
     # compiled in because the  test will fail.
     push @protocols, map(("$_-ipv6", "$_-unix"), @protocols);
 
diff --git a/tests/dictserver.py b/tests/dictserver.py
index ad65e55957..3ecb86785d 100755
--- a/tests/dictserver.py
+++ b/tests/dictserver.py
@@ -115,9 +115,9 @@ def get_options():
     parser.add_argument("--verbose", action="store", type=int, default=0,
                         help="verbose output")
     parser.add_argument("--pidfile", action="store",
-                        help="file name for the PID")
+                        help="filename for the PID")
     parser.add_argument("--logfile", action="store",
-                        help="file name for the log")
+                        help="filename for the log")
     parser.add_argument("--srcdir", action="store", help="test directory")
     parser.add_argument("--id", action="store", help="server ID")
     parser.add_argument("--ipv4", action="store_true", default=0,
diff --git a/tests/ech_tests.sh b/tests/ech_tests.sh
index f55a0f12ec..3944793b70 100755
--- a/tests/ech_tests.sh
+++ b/tests/ech_tests.sh
@@ -25,7 +25,7 @@
 #
 
 # Run some tests against servers we know to support ECH (CF, defo.ie, etc.).
-# as well as some we know don't do ECH but have an HTTPS RR, and finally some
+# as well as some we know do not do ECH but have an HTTPS RR, and finally some
 # for which neither is the case.
 
 # TODO: Translate this into something that approximates a valid curl test:-)
@@ -36,9 +36,9 @@
 
 # set -x
 
-# Exit with an error if there's an active ech stanza in ~/.curlrc
-# as that'd likely skew some results (e.g. turning a fail into a
-# success or vice versa)
+# Exit with an error if there is an active ech stanza in ~/.curlrc
+# as that would likely skew some results (e.g. turning a fail into
+# a success or vice versa)
 : "${CURL_CFG_FILE=$HOME/.curlrc}"
 active_ech=$(grep ech "$CURL_CFG_FILE" | grep -v "#.*ech")
 if [[ "$active_ech" != "" ]]; then
@@ -88,7 +88,7 @@ declare -A neither_targets=(
 # Variables that can be over-ridden from environment
 #
 
-# Top of curl test tree, assume we're there
+# Top of curl test tree, assume we are there
 : "${CTOP:=.}"
 
 # Place to put test log output
@@ -214,7 +214,7 @@ if [ ! -d "$LTOP" ]; then
   mkdir -p "$LTOP"
 fi
 if [ ! -d "$LTOP" ]; then
-  echo "Can't see $LTOP for logs - exiting"
+  echo "Cannot see $LTOP for logs - exiting"
   exit 1
 fi
 logfile=$LTOP/${BINNAME}_$NOW.log
@@ -223,7 +223,7 @@ echo "-----" > "$logfile"
 echo "Running $0 at $NOW" >> "$logfile"
 echo "Running $0 at $NOW"
 
-# check we have the binaries needed and which TLS library we'll be using
+# check we have the binaries needed and which TLS library we will be using
 if [ -f "$OSSL"/libssl.so ]; then
   have_ossl="yes"
 fi
@@ -254,8 +254,8 @@ wolf_cnt=$($CURL "${CURL_PARAMS[@]}" -V 2> /dev/null | grep -c wolfSSL)
 if ((wolf_cnt == 1)); then
   using_wolf="yes"
   # for some reason curl+wolfSSL dislikes certs that are ok
-  # for browsers, so we'll test using "insecure" mode (-k)
-  # but that's ok here as we're only interested in ECH testing
+  # for browsers, so we will test using "insecure" mode (-k)
+  # but that is ok here as we are only interested in ECH testing
   CURL_PARAMS+=(-k)
 fi
 # check if we have dig and it knows https or not
@@ -274,7 +274,7 @@ digout=$($digcmd https defo.ie)
 if [[ $digout != "1 . "* ]]; then
   digout=$($digcmd -t TYPE65 defo.ie)
   if [[ $digout == "1 . "* ]]; then
-    # we're good
+    # we are good
     have_presout="yes"
   fi
 else
@@ -282,7 +282,7 @@ else
 fi
 
 # Check if ports other than 443 are blocked from this
-# vantage point (I run tests in a n/w where that's
+# vantage point (I run tests in a n/w where that is
 # sadly true sometimes;-)
 # echo "Checking if ports other than 443 are maybe blocked"
 not443testurl="https://draft-13.esni.defo.ie:9413/"
@@ -317,7 +317,7 @@ echo "dig command: |$digcmd|"
 echo "ports != 443 blocked: $have_portsblocked"
 
 if [[ "$have_curl" == "no" ]]; then
-  echo "Can't proceed without curl - exiting"
+  echo "Cannot proceed without curl - exiting"
   exit 32
 fi
 
@@ -379,7 +379,7 @@ if [[ "$using_ossl" == "yes" ]]; then
       continue
     fi
     if [[ "$host" == "cloudflare-ech.com" ]]; then
-      echo "Skipping $host as they've blocked PN override"
+      echo "Skipping $host as they have blocked PN override"
       continue
     fi
     path=${ech_targets[$targ]}
@@ -472,9 +472,9 @@ for targ in "${!neither_targets[@]}"; do
   echo "" >> "$logfile"
 done
 
-# Check various command line options, if we're good so far
+# Check various command line options, if we are good so far
 if [[ "$using_ossl" == "yes" && "$allgood" == "yes" ]]; then
-  # use this test URL as it'll tell us if things worked
+  # use this test URL as it will tell us if things worked
   turl="https://defo.ie/ech-check.php"
   echo "cli_test with $turl"
   echo "cli_test with $turl" >> "$logfile"
@@ -490,8 +490,8 @@ fi
 
 fi # skip
 
-# Check combinations of command line options, if we're good so far
-# Most of this only works for OpenSSL, which is ok, as we're checking
+# Check combinations of command line options, if we are good so far
+# Most of this only works for OpenSSL, which is ok, as we are checking
 # the argument handling here, not the ECH protocol
 if [[ "$using_ossl" == "yes" && "$allgood" == "yes" ]]; then
   # ech can be hard, true, grease or false
@@ -786,11 +786,11 @@ if [[ "$using_ossl" == "yes" && "$allgood" == "yes" ]]; then
   cli_test "$turl" 1 1 --ech true --ech pn:"$goodpn"
   [ "$allgood" != "yes" ] && echo "$LINENO"
 
-  # a target URL that doesn't support ECH
+  # a target URL that does not support ECH
   turl="https://tcd.ie"
   echo "cli_test with $turl"
   echo "cli_test with $turl" >> "$logfile"
-  # the params below don't matter much here as we'll fail anyway
+  # the params below do not matter much here as we will fail anyway
   echconfiglist=$(get_ech_configlist defo.ie)
   goodecl=$echconfiglist
   badecl="$goodecl"
@@ -1083,13 +1083,13 @@ else
   echo "NOT all good, log in $logfile"
 fi
 
-# send a mail to root (will be fwd'd) but just once every 24 hours
+# send a mail to root (will be forwarded) but just once every 24 hours
 # 'cause we only really need "new" news
 itsnews="yes"
 age_of_news=0
 if [ -f "$LTOP"/bad_runs ]; then
   age_of_news=$(fileage "$LTOP"/bad_runs)
-  # only consider news "new" if we haven't mailed today
+  # only consider news "new" if we have not mailed today
   if ((age_of_news < 24*3600)); then
     itsnews="no"
   fi
diff --git a/tests/ftpserver.pl b/tests/ftpserver.pl
index cd725fccfd..10ac7c7c14 100755
--- a/tests/ftpserver.pl
+++ b/tests/ftpserver.pl
@@ -32,7 +32,7 @@
 # protocols simultaneously.
 #
 # It is meant to exercise curl, it is not meant to be a fully working
-# or even very standard compliant server.
+# or even overly standard compliant server.
 #
 # You may optionally specify port on the command line, otherwise it'll
 # default to port 8921.
@@ -104,11 +104,11 @@ my $port = 8921;               # default primary listener port
 my $listenaddr = '127.0.0.1';  # default address for listener port
 
 #**********************************************************************
-# global vars used for file names
+# global vars used for filenames
 #
-my $PORTFILE="ftpserver.port"; # server port file name
+my $PORTFILE="ftpserver.port"; # server port filename
 my $portfile;           # server port file path
-my $pidfile;            # server pid file name
+my $pidfile;            # server pid filename
 my $mainsockf_pidfile;  # pid file for primary connection sockfilt process
 my $mainsockf_logfile;  # log file for primary connection sockfilt process
 my $datasockf_pidfile;  # pid file for secondary connection sockfilt process
@@ -147,15 +147,15 @@ my %displaytext;   # text returned to client before callback runs
 #
 my $ctrldelay;     # set if server should throttle ctrl stream
 my $datadelay;     # set if server should throttle data stream
-my $retrweirdo;    # set if ftp server should use RETRWEIRDO
-my $retrnosize;    # set if ftp server should use RETRNOSIZE
-my $retrsize;      # set if ftp server should use RETRSIZE
-my $pasvbadip;     # set if ftp server should use PASVBADIP
-my $nosave;        # set if ftp server should not save uploaded data
-my $nodataconn;    # set if ftp srvr doesn't establish or accepts data channel
-my $nodataconn425; # set if ftp srvr doesn't establish data ch and replies 425
-my $nodataconn421; # set if ftp srvr doesn't establish data ch and replies 421
-my $nodataconn150; # set if ftp srvr doesn't establish data ch and replies 150
+my $retrweirdo;    # set if FTP server should use RETRWEIRDO
+my $retrnosize;    # set if FTP server should use RETRNOSIZE
+my $retrsize;      # set if FTP server should use RETRSIZE
+my $pasvbadip;     # set if FTP server should use PASVBADIP
+my $nosave;        # set if FTP server should not save uploaded data
+my $nodataconn;    # set if FTP srvr does not establish or accepts data channel
+my $nodataconn425; # set if FTP srvr does not establish data ch and replies 425
+my $nodataconn421; # set if FTP srvr does not establish data ch and replies 421
+my $nodataconn150; # set if FTP srvr does not establish data ch and replies 150
 my $storeresp;
 my $postfetch;
 my @capabilities;  # set if server supports capability commands
@@ -166,7 +166,7 @@ my %customcount;   #
 my %delayreply;    #
 
 #**********************************************************************
-# global variables for to test ftp wildcardmatching or other test that
+# global variables for to test FTP wildcardmatching or other test that
 # need flexible LIST responses.. and corresponding files.
 # $ftptargetdir is keeping the fake "name" of LIST directory.
 #
@@ -174,7 +174,7 @@ my $ftplistparserstate;
 my $ftptargetdir="";
 
 #**********************************************************************
-# global variables used when running a ftp server to keep state info
+# global variables used when running an FTP server to keep state info
 # relative to the secondary or data sockfilt process. Values of these
 # variables should only be modified using datasockf_state() sub, given
 # that they are closely related and relationship is a bit awkward.
@@ -768,7 +768,7 @@ sub EHLO_smtp {
     my @data;
 
     # TODO: Get the IP address of the client connection to use in the
-    # EHLO response when the client doesn't specify one but for now use
+    # EHLO response when the client does not specify one but for now use
     # 127.0.0.1
     if(!$client) {
         $client = "[127.0.0.1]";
@@ -823,7 +823,7 @@ sub HELO_smtp {
     my ($client) = @_;
 
     # TODO: Get the IP address of the client connection to use in the HELO
-    # response when the client doesn't specify one but for now use 127.0.0.1
+    # response when the client does not specify one but for now use 127.0.0.1
     if(!$client) {
         $client = "[127.0.0.1]";
     }
@@ -864,7 +864,7 @@ sub MAIL_smtp {
             }
         }
 
-        # this server doesn't "validate" MAIL FROM addresses
+        # this server does not "validate" MAIL FROM addresses
         if(length($from)) {
             my @found;
             my $valid = 1;
@@ -2765,7 +2765,7 @@ sub datasockf_state {
     }
     elsif($state eq 'PASSIVE_NODATACONN') {
         # Data sockfilter bound port without listening,
-        # client won't be able to establish data connection.
+        # client will not be able to establish data connection.
         $datasockf_state = $state;
         $datasockf_mode = 'passive';
         $datasockf_runs = 'yes';
@@ -2930,7 +2930,7 @@ sub customize {
             @auth_mechs = split(/ /, $1);
         }
         elsif($_ =~ /NOSAVE/) {
-            # don't actually store the file we upload - to be used when
+            # do not actually store the file we upload - to be used when
             # uploading insanely huge amounts
             $nosave = 1;
             logmsg "FTPD: NOSAVE prevents saving of uploaded data\n";
@@ -3332,7 +3332,7 @@ while(1) {
                     $check = 0;
                 }
 
-                # only perform this if we're not faking a reply
+                # only perform this if we are not faking a reply
                 my $func = $commandfunc{uc($FTPCMD)};
                 if($func) {
                     &$func($FTPARG, $FTPCMD);
diff --git a/tests/getpart.pm b/tests/getpart.pm
index 75eb8dfe5d..c9382ad7f2 100644
--- a/tests/getpart.pm
+++ b/tests/getpart.pm
@@ -47,13 +47,13 @@ BEGIN {
 use Memoize;
 
 my @xml;      # test data file contents
-my $xmlfile;  # test data file name
+my $xmlfile;  # test data filename
 
 my $warning=0;
 my $trace=0;
 
 # Normalize the part function arguments for proper caching. This includes the
-# file name in the arguments since that is an implied parameter that affects the
+# filename in the arguments since that is an implied parameter that affects the
 # return value.  Any error messages will only be displayed the first time, but
 # those are disabled by default anyway, so should never been seen outside
 # development.
diff --git a/tests/http/scorecard.py b/tests/http/scorecard.py
index 6afb9c7401..c3ad9bbc41 100644
--- a/tests/http/scorecard.py
+++ b/tests/http/scorecard.py
@@ -845,7 +845,7 @@ def print_file(filename):
 
 def main():
     parser = argparse.ArgumentParser(prog='scorecard', description="""
-        Run a range of tests to give a scorecard for a HTTP protocol
+        Run a range of tests to give a scorecard for an HTTP protocol
         'h3' or 'h2' implementation in curl.
         """)
     parser.add_argument("-v", "--verbose", action='count', default=1,
diff --git a/tests/http/test_02_download.py b/tests/http/test_02_download.py
index 68c75d4d3e..9abe497539 100644
--- a/tests/http/test_02_download.py
+++ b/tests/http/test_02_download.py
@@ -716,7 +716,7 @@ class TestDownload:
         if proto == 'h3' and env.curl_uses_lib('quiche'):
             pytest.skip("quiche fails from 16k onwards")
         curl = CurlClient(env=env)
-        # url is longer than 'url_len'
+        # 'url' is longer than 'url_len'
         url = f'https://{env.authority_for(env.domain1, proto)}/data.json?{"x"*(url_junk)}'
         r = curl.http_download(urls=[url], alpn_proto=proto)
         if url_junk <= 1024:
diff --git a/tests/http/test_10_proxy.py b/tests/http/test_10_proxy.py
index 13993b2b52..37797181f8 100644
--- a/tests/http/test_10_proxy.py
+++ b/tests/http/test_10_proxy.py
@@ -265,7 +265,7 @@ class TestProxy:
     @pytest.mark.skipif(condition=not Env.curl_is_debug(), reason="needs curl debug")
     @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs curl verbose strings")
     def test_10_10_reuse_proxy(self, env: Env, httpd, nghttpx_fwd, tunnel):
-        # url twice via https: proxy separated with '--next', will reuse
+        # URL twice via https: proxy separated with '--next', will reuse
         if tunnel == 'h2' and not env.curl_uses_lib('nghttp2'):
             pytest.skip('only supported with nghttp2')
         if env.curl_uses_lib('mbedtls') and \
diff --git a/tests/http/test_17_ssl_use.py b/tests/http/test_17_ssl_use.py
index 427ca70fdd..58ad7fdf15 100644
--- a/tests/http/test_17_ssl_use.py
+++ b/tests/http/test_17_ssl_use.py
@@ -115,7 +115,7 @@ class TestSSLUse:
             else:
                 assert djson['SSL_SESSION_RESUMED'] == exp_resumed, f'{i}: {djson}\n{r.dump_logs()}'
 
-    # use host name with trailing dot, verify handshake
+    # use hostname with trailing dot, verify handshake
     @pytest.mark.parametrize("proto", Env.http_protos())
     def test_17_03_trailing_dot(self, env: Env, proto, httpd, nghttpx):
         curl = CurlClient(env=env)
@@ -128,7 +128,7 @@ class TestSSLUse:
             # the SNI the server received is without trailing dot
             assert r.json['SSL_TLS_SNI'] == env.domain1, f'{r.json}'
 
-    # use host name with double trailing dot, verify handshake
+    # use hostname with double trailing dot, verify handshake
     @pytest.mark.parametrize("proto", Env.http_protos())
     def test_17_04_double_dot(self, env: Env, proto, httpd, nghttpx):
         curl = CurlClient(env=env)
@@ -404,7 +404,7 @@ class TestSSLUse:
                 reused_session = True
         assert reused_session, f'{r}\n{r.dump_logs()}'
 
-    # use host name server has no certificate for
+    # use hostname server has no certificate for
     @pytest.mark.parametrize("proto", Env.http_protos())
     def test_17_11_wrong_host(self, env: Env, proto, httpd, nghttpx):
         curl = CurlClient(env=env)
@@ -413,7 +413,7 @@ class TestSSLUse:
         r = curl.http_get(url=url, alpn_proto=proto)
         assert r.exit_code == 60, f'{r}'
 
-    # use host name server has no cert for with --insecure
+    # use hostname server has no cert for with --insecure
     @pytest.mark.parametrize("proto", Env.http_protos())
     def test_17_12_insecure(self, env: Env, proto, httpd, nghttpx):
         curl = CurlClient(env=env)
diff --git a/tests/http/testenv/caddy.py b/tests/http/testenv/caddy.py
index d7f6a0d729..d7386bc28a 100644
--- a/tests/http/testenv/caddy.py
+++ b/tests/http/testenv/caddy.py
@@ -165,10 +165,10 @@ class Caddy:
     def _write_config(self):
         domain1 = self.env.domain1
         creds1 = self.env.get_credentials(domain1)
-        assert creds1  # convince pytype this isn't None
+        assert creds1  # convince pytype this is not None
         domain2 = self.env.domain2
         creds2 = self.env.get_credentials(domain2)
-        assert creds2  # convince pytype this isn't None
+        assert creds2  # convince pytype this is not None
         self._mkpath(self._docs_dir)
         self._mkpath(self._tmp_dir)
         with open(os.path.join(self._docs_dir, 'data.json'), 'w') as fd:
diff --git a/tests/http/testenv/httpd.py b/tests/http/testenv/httpd.py
index 740237abc4..52578be7d6 100644
--- a/tests/http/testenv/httpd.py
+++ b/tests/http/testenv/httpd.py
@@ -100,9 +100,9 @@ class Httpd:
             raise Exception(f'{env.apxs} failed to query libexecdir: {p}')
         self._mods_dir = p.stdout.strip()
         if self._mods_dir is None:
-            raise Exception('apache modules dir cannot be found')
+            raise Exception('apache modules directory cannot be found')
         if not os.path.exists(self._mods_dir):
-            raise Exception(f'apache modules dir does not exist: {self._mods_dir}')
+            raise Exception(f'apache modules directory does not exist: {self._mods_dir}')
         self._maybe_running = False
         self.ports = {}
         self._rmf(self._error_log)
@@ -260,17 +260,17 @@ class Httpd:
         domain1 = self.env.domain1
         domain1brotli = self.env.domain1brotli
         creds1 = self.env.get_credentials(self._domain1_cred_name)
-        assert creds1  # convince pytype this isn't None
+        assert creds1  # convince pytype this is not None
         self._loaded_domain1_cred_name = self._domain1_cred_name
         domain2 = self.env.domain2
         creds2 = self.env.get_credentials(domain2)
-        assert creds2  # convince pytype this isn't None
+        assert creds2  # convince pytype this is not None
         exp_domain = self.env.expired_domain
         exp_creds = self.env.get_credentials(exp_domain)
-        assert exp_creds  # convince pytype this isn't None
+        assert exp_creds  # convince pytype this is not None
         proxy_domain = self.env.proxy_domain
         proxy_creds = self.env.get_credentials(proxy_domain)
-        assert proxy_creds  # convince pytype this isn't None
+        assert proxy_creds  # convince pytype this is not None
         self._mkpath(self._conf_dir)
         self._mkpath(self._docs_dir)
         self._mkpath(self._logs_dir)
diff --git a/tests/http/testenv/mod_curltest/mod_curltest.c b/tests/http/testenv/mod_curltest/mod_curltest.c
index 17d0688ace..cb236557e0 100644
--- a/tests/http/testenv/mod_curltest/mod_curltest.c
+++ b/tests/http/testenv/mod_curltest/mod_curltest.c
@@ -45,10 +45,10 @@ static int curltest_sslinfo_handler(request_rec *r);
 AP_DECLARE_MODULE(curltest) =
 {
   STANDARD20_MODULE_STUFF,
-  NULL, /* func to create per dir config */
-  NULL,  /* func to merge per dir config */
-  NULL, /* func to create per server config */
-  NULL,  /* func to merge per server config */
+  NULL, /* func to create per-directory config */
+  NULL,  /* func to merge per-directory config */
+  NULL, /* func to create per-server config */
+  NULL,  /* func to merge per-server config */
   NULL,              /* command handlers */
   curltest_hooks,
 #ifdef AP_MODULE_FLAG_NONE
@@ -398,7 +398,7 @@ static int curltest_tweak_handler(request_rec *r)
           }
         }
         else if(!strcmp("id", arg)) {
-          /* just an id for repeated requests with curl's url globbing */
+          /* just an id for repeated requests with curl's URL globbing */
           request_id = val;
           continue;
         }
@@ -606,7 +606,7 @@ static int curltest_put_handler(request_rec *r)
         *s = '\0';
         val = s + 1;
         if(!strcmp("id", arg)) {
-          /* just an id for repeated requests with curl's url globbing */
+          /* just an id for repeated requests with curl's URL globbing */
           request_id = val;
           continue;
         }
@@ -804,7 +804,7 @@ static int curltest_sslinfo_handler(request_rec *r)
         *s = '\0';
         val = s + 1;
         if(!strcmp("id", arg)) {
-          /* just an id for repeated requests with curl's url globbing */
+          /* just an id for repeated requests with curl's URL globbing */
           request_id = val;
           continue;
         }
diff --git a/tests/http/testenv/nghttpx.py b/tests/http/testenv/nghttpx.py
index dfb416334c..6db888b901 100644
--- a/tests/http/testenv/nghttpx.py
+++ b/tests/http/testenv/nghttpx.py
@@ -238,7 +238,7 @@ class NghttpxQuic(Nghttpx):
         if self._process:
             self.stop()
         creds = self.env.get_credentials(self._cred_name)
-        assert creds  # convince pytype this isn't None
+        assert creds  # convince pytype this is not None
         self._loaded_cred_name = self._cred_name
         args = [self._cmd, f'--frontend=*,{self._port};tls']
         if self.supports_h3():
@@ -297,7 +297,7 @@ class NghttpxFwd(Nghttpx):
         if self._process:
             self.stop()
         creds = self.env.get_credentials(self._cred_name)
-        assert creds  # convince pytype this isn't None
+        assert creds  # convince pytype this is not None
         self._loaded_cred_name = self._cred_name
         args = [
             self._cmd,
diff --git a/tests/http/testenv/vsftpd.py b/tests/http/testenv/vsftpd.py
index 0819861c62..acf86b989e 100644
--- a/tests/http/testenv/vsftpd.py
+++ b/tests/http/testenv/vsftpd.py
@@ -202,7 +202,7 @@ class VsFTPD:
         ]
         if self._with_ssl:
             creds = self.env.get_credentials(self.domain)
-            assert creds  # convince pytype this isn't None
+            assert creds  # convince pytype this is not None
             conf.extend([
                 'ssl_enable=YES',
                 'debug_ssl=YES',
diff --git a/tests/libtest/cli_hx_download.c b/tests/libtest/cli_hx_download.c
index f88a456a20..82e8c1b70d 100644
--- a/tests/libtest/cli_hx_download.c
+++ b/tests/libtest/cli_hx_download.c
@@ -256,7 +256,7 @@ static void usage_hx_download(const char *msg)
     curl_mfprintf(stderr, "%s\n", msg);
   curl_mfprintf(stderr,
     "usage: [options] url\n"
-    "  download a url with following options:\n"
+    "  download a URL with following options:\n"
     "  -a         abort paused transfer\n"
     "  -m number  max parallel downloads\n"
     "  -e         use TLS early data when possible\n"
diff --git a/tests/libtest/cli_hx_upload.c b/tests/libtest/cli_hx_upload.c
index 9ce955bba6..f0183f6df2 100644
--- a/tests/libtest/cli_hx_upload.c
+++ b/tests/libtest/cli_hx_upload.c
@@ -208,7 +208,7 @@ static void usage_hx_upload(const char *msg)
     curl_mfprintf(stderr, "%s\n", msg);
   curl_mfprintf(stderr,
     "usage: [options] url\n"
-    "  upload to a url with following options:\n"
+    "  upload to a URL with following options:\n"
     "  -a         abort paused transfer\n"
     "  -e         use TLS earlydata\n"
     "  -m number  max parallel uploads\n"
diff --git a/tests/libtest/first.c b/tests/libtest/first.c
index 7ab38a9fd8..a8e2e91cf0 100644
--- a/tests/libtest/first.c
+++ b/tests/libtest/first.c
@@ -131,7 +131,7 @@ static void memory_tracking_init(void)
   /* if CURL_MEMDEBUG is set, this starts memory tracking message logging */
   env = getenv("CURL_MEMDEBUG");
   if(env) {
-    /* use the value as file name */
+    /* use the value as filename */
     curl_dbg_memdebug(env);
   }
   /* if CURL_MEMLIMIT is set, this enables fail-on-alloc-number-N feature */
diff --git a/tests/libtest/first.h b/tests/libtest/first.h
index 5557411754..f5cbc60237 100644
--- a/tests/libtest/first.h
+++ b/tests/libtest/first.h
@@ -27,9 +27,9 @@
 #define CURL_DISABLE_DEPRECATION
 
 /* Now include the curl_setup.h file from libcurl's private libdir (the source
-   version, but that might include "curl_config.h" from the build dir so we
-   need both of them in the include path), so that we get good in-depth
-   knowledge about the system we're building this on */
+   version, but that might include "curl_config.h" from the build directory so
+   we need both of them in the include path), so that we get good in-depth
+   knowledge about the system we are building this on */
 #include "curl_setup.h"
 
 #include 
diff --git a/tests/libtest/lib1308.c b/tests/libtest/lib1308.c
index 1455b0b0df..b859d4da5f 100644
--- a/tests/libtest/lib1308.c
+++ b/tests/libtest/lib1308.c
@@ -56,7 +56,7 @@ static CURLcode test_lib1308(const char *URL)
                     CURLFORM_COPYCONTENTS, "content", CURLFORM_END);
   t1308_fail_unless(rc == 0, "curl_formadd returned error");
 
-  /* after the first curl_formadd when there's a single entry, both pointers
+  /* after the first curl_formadd when there is a single entry, both pointers
      should point to the same struct */
   t1308_fail_unless(post == last, "post and last weren't the same");
 
diff --git a/tests/libtest/lib1531.c b/tests/libtest/lib1531.c
index 6e69c5baee..65b20c2993 100644
--- a/tests/libtest/lib1531.c
+++ b/tests/libtest/lib1531.c
@@ -50,7 +50,7 @@ static CURLcode test_lib1531(const char *URL)
   /* add the individual transfer */
   curl_multi_add_handle(multi, curl);
 
-  /* set the options (I left out a few, you'll get the point anyway) */
+  /* set the options (I left out a few, you get the point anyway) */
   curl_easy_setopt(curl, CURLOPT_URL, URL);
   curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE_LARGE, testDataSize);
   curl_easy_setopt(curl, CURLOPT_POSTFIELDS, testData);
diff --git a/tests/libtest/lib1560.c b/tests/libtest/lib1560.c
index 0071bb0f8b..db85fe7382 100644
--- a/tests/libtest/lib1560.c
+++ b/tests/libtest/lib1560.c
@@ -399,7 +399,7 @@ static const struct testcase get_parts_list[] ={
    CURLU_DEFAULT_SCHEME, 0, CURLUE_BAD_IPV6},
   {"http://[ab.be]/x", "",
    CURLU_DEFAULT_SCHEME, 0, CURLUE_BAD_IPV6},
-  /* URL without host name */
+  /* URL without hostname */
   {"http://a:b@/x", "",
    CURLU_DEFAULT_SCHEME, 0, CURLUE_NO_HOST},
   {"boing:80",
@@ -641,7 +641,7 @@ static const struct urltestcase get_url_list[] = {
   {"mailto:infobot@example.com?body=send%20current-issue", "", 0, 0,
    CURLUE_UNSUPPORTED_SCHEME},
   {"about:80", "https://about:80/", CURLU_DEFAULT_SCHEME, 0, CURLUE_OK},
-  /* percent encoded host names */
+  /* percent encoded hostnames */
   {"http://example.com%40127.0.0.1/", "", 0, 0, CURLUE_BAD_HOSTNAME},
   {"http://example.com%21127.0.0.1/", "", 0, 0, CURLUE_BAD_HOSTNAME},
   {"http://example.com%3f127.0.0.1/", "", 0, 0, CURLUE_BAD_HOSTNAME},
@@ -996,7 +996,7 @@ static const struct setcase set_parts_list[] = {
    0, /* set */
    CURLUE_OK, CURLUE_BAD_HOSTNAME},
   {"https://example.com/",
-   "host=0xff,", /* '++' there's no automatic URL decode when setting this
+   "host=0xff,", /* '++' there is no automatic URL decode when setting this
                   part */
    "https://0xff/",
    0, /* get */
@@ -1016,7 +1016,7 @@ static const struct setcase set_parts_list[] = {
    "https://example.com/",
    0, CURLU_NON_SUPPORT_SCHEME, CURLUE_OK, CURLUE_BAD_SCHEME},
   {"https://example.com/",
-   /* Set a 41 bytes scheme. That's too long so the old scheme remains set. */
+   /* Set a 41 bytes scheme. That is too long so the old scheme remains set. */
    "scheme=bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbc,",
    "https://example.com/",
    0, CURLU_NON_SUPPORT_SCHEME, CURLUE_OK, CURLUE_BAD_SCHEME},
@@ -1069,7 +1069,7 @@ static const struct setcase set_parts_list[] = {
    "scheme=https,user=   @:,host=foobar,",
    "https://%20%20%20%40%3A@foobar/",
    0, CURLU_URLENCODE, CURLUE_OK, CURLUE_OK},
-  /* Setting a host name with spaces is not OK: */
+  /* Setting a hostname with spaces is not OK: */
   {NULL,
    "scheme=https,host=  ,path= ,user= ,password= ,query= ,fragment= ,",
    "[nothing]",
diff --git a/tests/libtest/lib1565.c b/tests/libtest/lib1565.c
index 893950b90d..7e983978e7 100644
--- a/tests/libtest/lib1565.c
+++ b/tests/libtest/lib1565.c
@@ -111,7 +111,7 @@ static CURLcode test_lib1565(const char *URL)
   if(!result)
     tid_valid = true;
   else {
-    curl_mfprintf(stderr, "%s:%d Couldn't create thread, errno %d\n",
+    curl_mfprintf(stderr, "%s:%d Could not create thread, errno %d\n",
                   __FILE__, __LINE__, result);
     goto test_cleanup;
   }
@@ -198,7 +198,7 @@ test_cleanup:
   return t1565_test_failure;
 }
 
-#else /* without pthread, this test doesn't work */
+#else /* without pthread, this test does not work */
 static CURLcode test_lib1565(const char *URL)
 {
   (void)URL;
diff --git a/tests/libtest/lib1592.c b/tests/libtest/lib1592.c
index 1a36c4a925..021a016351 100644
--- a/tests/libtest/lib1592.c
+++ b/tests/libtest/lib1592.c
@@ -29,9 +29,9 @@
  * only tests whichever resolver curl is actually built with.
  */
 
-/* We're willing to wait a very generous two seconds for the removal.  This is
+/* We are willing to wait a generous two seconds for the removal.  This is
    as low as we can go while still easily supporting SIGALRM timing for the
-   non-threaded blocking resolver.  It doesn't matter that much because when
+   non-threaded blocking resolver.  It does not matter that much because when
    the test passes, we never wait this long. We set it much higher via
    the default TEST_HANG_TIMEOUT to avoid issues when running on overloaded
    CI machines. */
@@ -66,14 +66,14 @@ static CURLcode test_lib1592(const char *URL)
        blocks. */
     timeout = TEST_HANG_TIMEOUT * 2;
   else {
-    /* If we can't set the DNS server, presume that we are configured to use a
-       resolver that can't be cancelled (i.e. the threaded resolver or the
+    /* If we cannot set the DNS server, presume that we are configured to use
+       a resolver that cannot be cancelled (i.e. the threaded resolver or the
        non-threaded blocking resolver).  So, we just test that the
        curl_multi_remove_handle() call does finish well within our test
        timeout.
 
-       But, it is very unlikely that the resolver request will take any time at
-       all because we haven't been able to configure the resolver to use an
+       But, it is unlikely that the resolver request will take any time at
+       all because we have not been able to configure the resolver to use an
        non-responsive DNS server.  At least we exercise the flow.
        */
     curl_mfprintf(stderr,
@@ -83,7 +83,7 @@ static CURLcode test_lib1592(const char *URL)
   }
 
   /* Setting a timeout on the request should ensure that even if we have to
-     wait for the resolver during curl_multi_remove_handle(), it won't take
+     wait for the resolver during curl_multi_remove_handle(), it will not take
      longer than this, because the resolver request inherits its timeout from
      this. */
   easy_setopt(curl, CURLOPT_TIMEOUT_MS, timeout);
@@ -108,8 +108,8 @@ static CURLcode test_lib1592(const char *URL)
   curl_mfprintf(stderr, "curl_multi_remove_handle() succeeded\n");
 
   /* Fail the test if it took too long to remove.  This happens after the fact,
-     and says "it seems that it would have run forever", which isn't true, but
-     it's close enough, and simple to do. */
+     and says "it seems that it would have run forever", which is not true, but
+     it is close enough, and simple to do. */
   abort_on_test_timeout();
 
 test_cleanup:
diff --git a/tests/libtest/lib1593.c b/tests/libtest/lib1593.c
index 22a07e2920..5b6e57d4f7 100644
--- a/tests/libtest/lib1593.c
+++ b/tests/libtest/lib1593.c
@@ -41,7 +41,7 @@ static CURLcode test_lib1593(const char *URL)
 
   easy_setopt(curl, CURLOPT_URL, URL);
   easy_setopt(curl, CURLOPT_TIMECONDITION, CURL_TIMECOND_IFMODSINCE);
-  /* Some TIMEVALUE; it doesn't matter. */
+  /* Some TIMEVALUE; it does not matter. */
   easy_setopt(curl, CURLOPT_TIMEVALUE, 1566210680L);
 
   header = curl_slist_append(NULL, "If-Modified-Since:");
diff --git a/tests/libtest/lib1906.c b/tests/libtest/lib1906.c
index 72486d6227..da0f9f56b9 100644
--- a/tests/libtest/lib1906.c
+++ b/tests/libtest/lib1906.c
@@ -54,7 +54,7 @@ static CURLcode test_lib1906(const char *URL)
   }
   res = CURLE_OK;  /* reset for next use */
 
-  /* print the used url */
+  /* print the used URL */
   curl_url_get(curlu, CURLUPART_URL, &url_after, 0);
   curl_mfprintf(stderr, "curlu now: <%s>\n", url_after);
   curl_free(url_after);
@@ -69,7 +69,7 @@ static CURLcode test_lib1906(const char *URL)
                   "curl_easy_perform returned %d: <%s>, <%s>\n",
                   res, curl_easy_strerror(res), error_buffer);
 
-  /* print url */
+  /* print URL */
   curl_url_get(curlu, CURLUPART_URL, &url_after, 0);
   curl_mfprintf(stderr, "curlu now: <%s>\n", url_after);
 
diff --git a/tests/libtest/lib1907.c b/tests/libtest/lib1907.c
index 2aed892407..0a3556719b 100644
--- a/tests/libtest/lib1907.c
+++ b/tests/libtest/lib1907.c
@@ -43,7 +43,7 @@ static CURLcode test_lib1907(const char *URL)
                   "curl_easy_perform returned %d: <%s>, <%s>\n",
                   res, curl_easy_strerror(res), error_buffer);
 
-  /* print the used url */
+  /* print the used URL */
   if(!curl_easy_getinfo(curl, CURLINFO_EFFECTIVE_URL, &url_after))
     curl_mprintf("Effective URL: %s\n", url_after);
 
diff --git a/tests/libtest/lib1908.c b/tests/libtest/lib1908.c
index 1613d03e01..ac841ca1a1 100644
--- a/tests/libtest/lib1908.c
+++ b/tests/libtest/lib1908.c
@@ -53,7 +53,7 @@ static CURLcode test_lib1908(const char *URL)
 
     curl_easy_reset(curl);
 
-    /* using the same file name for the alt-svc cache, this clobbers the
+    /* using the same filename for the alt-svc cache, this clobbers the
        content just written from the 'curldupe' handle */
     curl_easy_cleanup(curl);
   }
diff --git a/tests/libtest/lib1918.c b/tests/libtest/lib1918.c
index 86fa84c92f..de9252107b 100644
--- a/tests/libtest/lib1918.c
+++ b/tests/libtest/lib1918.c
@@ -41,11 +41,11 @@ static CURLcode test_lib1918(const char *URL)
       curl_easy_option_by_id(o->id);
 
     if(ename->id != o->id) {
-      curl_mprintf("name lookup id %d doesn't match %d\n",
+      curl_mprintf("name lookup id %d does not match %d\n",
                    ename->id, o->id);
     }
     else if(eid->id != o->id) {
-      curl_mprintf("ID lookup %d doesn't match %d\n",
+      curl_mprintf("ID lookup %d does not match %d\n",
                    ename->id, o->id);
     }
   }
diff --git a/tests/libtest/lib1939.c b/tests/libtest/lib1939.c
index 5a10db96b1..9985af5adc 100644
--- a/tests/libtest/lib1939.c
+++ b/tests/libtest/lib1939.c
@@ -48,7 +48,7 @@ static CURLcode test_lib1939(const char *URL)
 
       if(!c) {
 
-        /* We're going to drive the transfer using multi interface here,
+        /* We are going to drive the transfer using multi interface here,
            because we want to stop during the middle. */
         m = curl_multi_add_handle(multi, curl);
 
diff --git a/tests/libtest/lib1940.c b/tests/libtest/lib1940.c
index 117afecf2f..283128dc31 100644
--- a/tests/libtest/lib1940.c
+++ b/tests/libtest/lib1940.c
@@ -98,7 +98,7 @@ static CURLcode test_lib1940(const char *URL)
   /* ignores any content */
   easy_setopt(curl, CURLOPT_WRITEFUNCTION, t1940_write_cb);
 
-  /* if there's a proxy set, use it */
+  /* if there is a proxy set, use it */
   if(libtest_arg2 && *libtest_arg2) {
     easy_setopt(curl, CURLOPT_PROXY, libtest_arg2);
     easy_setopt(curl, CURLOPT_HTTPPROXYTUNNEL, 1L);
diff --git a/tests/libtest/lib1945.c b/tests/libtest/lib1945.c
index f0a92d6033..ee8e69f100 100644
--- a/tests/libtest/lib1945.c
+++ b/tests/libtest/lib1945.c
@@ -60,7 +60,7 @@ static CURLcode test_lib1945(const char *URL)
   /* ignores any content */
   curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, t1945_write_cb);
 
-  /* if there's a proxy set, use it */
+  /* if there is a proxy set, use it */
   if(libtest_arg2 && *libtest_arg2) {
     curl_easy_setopt(curl, CURLOPT_PROXY, libtest_arg2);
     curl_easy_setopt(curl, CURLOPT_HTTPPROXYTUNNEL, 1L);
diff --git a/tests/libtest/lib2032.c b/tests/libtest/lib2032.c
index 81c949ab44..e0f9990f59 100644
--- a/tests/libtest/lib2032.c
+++ b/tests/libtest/lib2032.c
@@ -123,7 +123,7 @@ static CURLcode test_lib2032(const char *URL)  /* libntlmconnect */
     int maxfd = -99;
     bool found_new_socket = FALSE;
 
-    /* Start a new handle if we aren't at the max */
+    /* Start a new handle if we are not at the max */
     if(state == ReadyForNewHandle) {
       easy_init(ntlm_curls[num_handles]);
 
@@ -204,7 +204,7 @@ static CURLcode test_lib2032(const char *URL)  /* libntlmconnect */
       interval.tv_sec = 0;
       interval.tv_usec = 5000;
 
-      /* if there's no timeout and we get here on the last handle, we may
+      /* if there is no timeout and we get here on the last handle, we may
          already have read the last part of the stream so waiting makes no
          sense */
       if(!running && num_handles == MAX_EASY_HANDLES) {
diff --git a/tests/libtest/lib2405.c b/tests/libtest/lib2405.c
index 2945b45b6c..4f3c8015c6 100644
--- a/tests/libtest/lib2405.c
+++ b/tests/libtest/lib2405.c
@@ -223,7 +223,7 @@ static CURLcode test_run(const char *URL, long option,
       break;
     }
 
-    /* checking case when we don't have enough space for waitfds */
+    /* checking case when we do not have enough space for waitfds */
     mc = curl_multi_waitfds(multi, ufds1, fd_count - 1, &fd_count_chk);
 
     if(mc != CURLM_OUT_OF_MEMORY) {
@@ -236,7 +236,7 @@ static CURLcode test_run(const char *URL, long option,
     if(fd_count_chk < fd_count) {
       curl_mfprintf(stderr,
                     "curl_multi_waitfds() should return the amount of fds "
-                    "needed if enough isn't passed in (%u vs. %u).\n",
+                    "needed if enough is not passed in (%u vs. %u).\n",
                     fd_count_chk, fd_count);
       res = TEST_ERR_FAILURE;
       break;
@@ -264,7 +264,7 @@ static CURLcode test_run(const char *URL, long option,
     if(fd_count_chk < fd_count) {
       curl_mfprintf(stderr,
                     "curl_multi_waitfds() should return the amount of fds "
-                    "needed if enough isn't passed in (%u vs. %u).\n",
+                    "needed if enough is not passed in (%u vs. %u).\n",
                     fd_count_chk, fd_count);
       res = TEST_ERR_FAILURE;
       break;
diff --git a/tests/libtest/lib3026.c b/tests/libtest/lib3026.c
index 75d419cb58..55d933462f 100644
--- a/tests/libtest/lib3026.c
+++ b/tests/libtest/lib3026.c
@@ -59,7 +59,7 @@ static CURLcode test_lib3026(const char *URL)
     results[i] = CURL_LAST; /* initialize with invalid value */
     th = CreateThread(NULL, 0, t3026_run_thread, &results[i], 0, NULL);
     if(!th) {
-      curl_mfprintf(stderr, "%s:%d Couldn't create thread, "
+      curl_mfprintf(stderr, "%s:%d Could not create thread, "
                     "GetLastError 0x%08lx\n",
                     __FILE__, __LINE__, GetLastError());
       tid_count = i;
@@ -120,7 +120,7 @@ static CURLcode test_lib3026(const char *URL)
     results[i] = CURL_LAST; /* initialize with invalid value */
     res = pthread_create(&tids[i], NULL, t3026_run_thread, &results[i]);
     if(res) {
-      curl_mfprintf(stderr, "%s:%d Couldn't create thread, errno %d\n",
+      curl_mfprintf(stderr, "%s:%d Could not create thread, errno %d\n",
                     __FILE__, __LINE__, res);
       tid_count = i;
       test_failure = TEST_ERR_MAJOR_BAD;
@@ -142,7 +142,7 @@ cleanup:
   return test_failure;
 }
 
-#else /* without pthread or Windows, this test doesn't work */
+#else /* without pthread or Windows, this test does not work */
 static CURLcode test_lib3026(const char *URL)
 {
   curl_version_info_data *ver;
diff --git a/tests/libtest/lib3102.c b/tests/libtest/lib3102.c
index 136ec0a1b7..9cc87543dc 100644
--- a/tests/libtest/lib3102.c
+++ b/tests/libtest/lib3102.c
@@ -106,7 +106,7 @@ static CURLcode test_lib3102(const char *URL)
     return TEST_ERR_MAJOR_BAD;
   }
 
-  /* Set the HTTPS url to retrieve. */
+  /* Set the HTTPS URL to retrieve. */
   test_setopt(curl, CURLOPT_URL, URL);
 
   /* Capture certificate information */
diff --git a/tests/libtest/lib505.c b/tests/libtest/lib505.c
index 88cbdd8a44..37cc1e0b3f 100644
--- a/tests/libtest/lib505.c
+++ b/tests/libtest/lib505.c
@@ -63,7 +63,7 @@ static CURLcode test_lib505(const char *URL)
   /* get the file size of the local file */
   hd = fstat(fileno(hd_src), &file_info);
   if(hd == -1) {
-    /* can't open file, bail out */
+    /* cannot open file, bail out */
     curl_mfprintf(stderr, "fstat() failed with error (%d) %s\n",
                   errno, curlx_strerror(errno, errbuf, sizeof(errbuf)));
     curl_mfprintf(stderr, "Error opening file '%s'\n", libtest_arg2);
@@ -132,7 +132,7 @@ static CURLcode test_lib505(const char *URL)
   test_setopt(curl, CURLOPT_INFILESIZE_LARGE,
                    (curl_off_t)file_info.st_size);
 
-  /* Now run off and do what you've been told! */
+  /* Now run off and do what you have been told! */
   res = curl_easy_perform(curl);
 
 test_cleanup:
diff --git a/tests/libtest/lib506.c b/tests/libtest/lib506.c
index 7971fbeb17..928c33b13c 100644
--- a/tests/libtest/lib506.c
+++ b/tests/libtest/lib506.c
@@ -150,7 +150,7 @@ static void *t506_test_fire(void *ptr)
   code = curl_easy_perform(curl);
   if(code) {
     int i = 0;
-    curl_mfprintf(stderr, "perform url '%s' repeat %d failed, curlcode %d\n",
+    curl_mfprintf(stderr, "perform URL '%s' repeat %d failed, curlcode %d\n",
                   tdata->url, i, code);
   }
 
diff --git a/tests/libtest/lib518.c b/tests/libtest/lib518.c
index a2cb3471bf..b8a9ec4a6a 100644
--- a/tests/libtest/lib518.c
+++ b/tests/libtest/lib518.c
@@ -142,7 +142,7 @@ static int t518_test_rlimit(int keep_open)
       curl_mfprintf(stderr, "raising soft limit up to OPEN_MAX\n");
       rl.rlim_cur = OPEN_MAX;
       if(setrlimit(RLIMIT_NOFILE, &rl) != 0) {
-        /* on failure don't abort just issue a warning */
+        /* on failure do not abort just issue a warning */
         t518_store_errmsg("setrlimit() failed", errno);
         curl_mfprintf(stderr, "%s\n", t518_msgbuff);
         t518_msgbuff[0] = '\0';
@@ -153,7 +153,7 @@ static int t518_test_rlimit(int keep_open)
     curl_mfprintf(stderr, "raising soft limit up to hard limit\n");
     rl.rlim_cur = rl.rlim_max;
     if(setrlimit(RLIMIT_NOFILE, &rl) != 0) {
-      /* on failure don't abort just issue a warning */
+      /* on failure do not abort just issue a warning */
       t518_store_errmsg("setrlimit() failed", errno);
       curl_mfprintf(stderr, "%s\n", t518_msgbuff);
       t518_msgbuff[0] = '\0';
@@ -248,7 +248,7 @@ static int t518_test_rlimit(int keep_open)
 
   t518_num_open.rlim_max = NUM_OPEN;
 
-  /* verify that we won't overflow size_t in malloc() */
+  /* verify that we do not overflow size_t in malloc() */
 
   if((size_t)(t518_num_open.rlim_max) > ((size_t)-1) / sizeof(*t518_testfd)) {
     tutil_rlim2str(strbuff1, sizeof(strbuff1), t518_num_open.rlim_max);
diff --git a/tests/libtest/lib525.c b/tests/libtest/lib525.c
index 292dd59f21..4ca7ab7d65 100644
--- a/tests/libtest/lib525.c
+++ b/tests/libtest/lib525.c
@@ -54,7 +54,7 @@ static CURLcode test_lib525(const char *URL)
   /* get the file size of the local file */
   hd = fstat(fileno(hd_src), &file_info);
   if(hd == -1) {
-    /* can't open file, bail out */
+    /* cannot open file, bail out */
     curl_mfprintf(stderr, "fstat() failed with error (%d) %s\n",
                   errno, curlx_strerror(errno, errbuf, sizeof(errbuf)));
     curl_mfprintf(stderr, "Error opening file '%s'\n", libtest_arg2);
diff --git a/tests/libtest/lib530.c b/tests/libtest/lib530.c
index 5558487122..e7e86a32cc 100644
--- a/tests/libtest/lib530.c
+++ b/tests/libtest/lib530.c
@@ -257,7 +257,7 @@ static CURLMcode socket_action(CURLM *multi, curl_socket_t s, int evBitmask,
   CURLMcode result = curl_multi_socket_action(multi, s, evBitmask,
                                               &numhandles);
   if(result != CURLM_OK) {
-    curl_mfprintf(stderr, "%s Curl error on %s (%i) %s\n",
+    curl_mfprintf(stderr, "%s curl error on %s (%i) %s\n",
                   t530_tag(), info, result, curl_multi_strerror(result));
   }
   return result;
@@ -365,7 +365,7 @@ static CURLcode testone(const char *URL, int timer_fail_at, int socket_fail_at)
 
     if(timeout.tv_sec != (time_t)-1 &&
        t530_getMicroSecondTimeout(&timeout) == 0) {
-      /* Curl's timer has elapsed. */
+      /* curl's timer has elapsed. */
       if(socket_action(multi, CURL_SOCKET_TIMEOUT, 0, "timeout")) {
         res = TEST_ERR_BAD_TIMEOUT;
         goto test_cleanup;
diff --git a/tests/libtest/lib537.c b/tests/libtest/lib537.c
index 05d50cba7f..02d4a89b26 100644
--- a/tests/libtest/lib537.c
+++ b/tests/libtest/lib537.c
@@ -143,7 +143,7 @@ static int t537_test_rlimit(int keep_open)
       curl_mfprintf(stderr, "raising soft limit up to OPEN_MAX\n");
       rl.rlim_cur = OPEN_MAX;
       if(setrlimit(RLIMIT_NOFILE, &rl) != 0) {
-        /* on failure don't abort just issue a warning */
+        /* on failure do not abort just issue a warning */
         t537_store_errmsg("setrlimit() failed", errno);
         curl_mfprintf(stderr, "%s\n", t537_msgbuff);
         t537_msgbuff[0] = '\0';
@@ -154,7 +154,7 @@ static int t537_test_rlimit(int keep_open)
     curl_mfprintf(stderr, "raising soft limit up to hard limit\n");
     rl.rlim_cur = rl.rlim_max;
     if(setrlimit(RLIMIT_NOFILE, &rl) != 0) {
-      /* on failure don't abort just issue a warning */
+      /* on failure do not abort just issue a warning */
       t537_store_errmsg("setrlimit() failed", errno);
       curl_mfprintf(stderr, "%s\n", t537_msgbuff);
       t537_msgbuff[0] = '\0';
@@ -182,7 +182,7 @@ static int t537_test_rlimit(int keep_open)
    * test 537 is all about testing libcurl functionality
    * when the system has nearly exhausted the number of
    * available file descriptors. Test 537 will try to run
-   * with a very small number of file descriptors available.
+   * with a small number of file descriptors available.
    * This implies that any file descriptor which is open
    * when the test runs will have a number in the high range
    * of whatever the system supports.
@@ -243,7 +243,7 @@ static int t537_test_rlimit(int keep_open)
     t537_num_open.rlim_max = nitems;
   }
 
-  /* verify that we won't overflow size_t in malloc() */
+  /* verify that we do not overflow size_t in malloc() */
 
   if((size_t)(t537_num_open.rlim_max) > ((size_t)-1) / sizeof(*t537_testfd)) {
     tutil_rlim2str(strbuff1, sizeof(strbuff1), t537_num_open.rlim_max);
@@ -343,7 +343,7 @@ static int t537_test_rlimit(int keep_open)
       curl_mfprintf(stderr, "shrinking array for %s file descriptors\n",
                     strbuff);
 
-      /* we don't care if we can't shrink it */
+      /* we do not care if we cannot shrink it */
 
       tmpfd = realloc(t537_testfd,
                       sizeof(*t537_testfd) * (size_t)(t537_num_open.rlim_max));
diff --git a/tests/libtest/lib540.c b/tests/libtest/lib540.c
index 9eb7e407c0..55d5adad07 100644
--- a/tests/libtest/lib540.c
+++ b/tests/libtest/lib540.c
@@ -27,7 +27,7 @@
  * argv1 = URL
  * argv2 = proxy
  * argv3 = proxyuser:password
- * argv4 = host name to use for the custom Host: header
+ * argv4 = hostname to use for the custom Host: header
  */
 
 #include "first.h"
diff --git a/tests/libtest/lib541.c b/tests/libtest/lib541.c
index 8a2b76f8d0..ebab472456 100644
--- a/tests/libtest/lib541.c
+++ b/tests/libtest/lib541.c
@@ -54,7 +54,7 @@ static CURLcode test_lib541(const char *URL)
   /* get the file size of the local file */
   hd = fstat(fileno(hd_src), &file_info);
   if(hd == -1) {
-    /* can't open file, bail out */
+    /* cannot open file, bail out */
     curl_mfprintf(stderr, "fstat() failed with error (%d) %s\n",
                   errno, curlx_strerror(errno, errbuf, sizeof(errbuf)));
     curl_mfprintf(stderr, "Error opening file '%s'\n", libtest_arg2);
@@ -95,7 +95,7 @@ static CURLcode test_lib541(const char *URL)
   /* now specify which file to upload */
   test_setopt(curl, CURLOPT_READDATA, hd_src);
 
-  /* Now run off and do what you've been told! */
+  /* Now run off and do what you have been told! */
   res = curl_easy_perform(curl);
   if(res)
     goto test_cleanup;
diff --git a/tests/libtest/lib542.c b/tests/libtest/lib542.c
index e6e73131fd..b29a2733ff 100644
--- a/tests/libtest/lib542.c
+++ b/tests/libtest/lib542.c
@@ -59,7 +59,7 @@ static CURLcode test_lib542(const char *URL)
   /* specify target */
   test_setopt(curl, CURLOPT_URL, URL);
 
-  /* Now run off and do what you've been told! */
+  /* Now run off and do what you have been told! */
   res = curl_easy_perform(curl);
 
 test_cleanup:
diff --git a/tests/libtest/lib554.c b/tests/libtest/lib554.c
index 23cb5a7046..230da065a1 100644
--- a/tests/libtest/lib554.c
+++ b/tests/libtest/lib554.c
@@ -90,7 +90,7 @@ static CURLcode t554_test_once(const char *URL, bool oldstyle)
                           CURLFORM_COPYNAME, "sendfile alternative",
                           CURLFORM_STREAM, &pooh,
                           CURLFORM_CONTENTLEN, (curl_off_t)pooh.sizeleft,
-                          CURLFORM_FILENAME, "file name 2",
+                          CURLFORM_FILENAME, "filename 2 ",
                           CURLFORM_END);
   }
 
diff --git a/tests/libtest/lib557.c b/tests/libtest/lib557.c
index ba796f1ceb..42602eeeeb 100644
--- a/tests/libtest/lib557.c
+++ b/tests/libtest/lib557.c
@@ -1413,7 +1413,7 @@ static int test_float_formatting(void)
   curl_msnprintf(buf, sizeof(buf), "%.*f", 0, 9.2987654);
   errors += string_check(buf, "9");
 
-  /* very large precisions easily turn into system specific outputs so we only
+  /* large precisions easily turn into system specific outputs so we only
      check the output buffer length here as we know the internal limit */
 
   curl_msnprintf(buf, sizeof(buf), "%.*f", (1 << 30), 9.2987654);
diff --git a/tests/libtest/lib562.c b/tests/libtest/lib562.c
index e9716e5768..3f2c912c91 100644
--- a/tests/libtest/lib562.c
+++ b/tests/libtest/lib562.c
@@ -64,7 +64,7 @@ static CURLcode test_lib562(const char *URL)
   /* specify target */
   test_setopt(curl, CURLOPT_URL, URL);
 
-  /* Now run off and do what you've been told! */
+  /* Now run off and do what you have been told! */
   res = curl_easy_perform(curl);
 
 test_cleanup:
diff --git a/tests/libtest/lib568.c b/tests/libtest/lib568.c
index 6e53b79989..5465ca0c8b 100644
--- a/tests/libtest/lib568.c
+++ b/tests/libtest/lib568.c
@@ -68,7 +68,7 @@ static CURLcode test_lib568(const char *URL)
 
   sdp = curlx_open(libtest_arg2, O_RDONLY);
   if(sdp == -1) {
-    curl_mfprintf(stderr, "can't open %s\n", libtest_arg2);
+    curl_mfprintf(stderr, "cannot open %s\n", libtest_arg2);
     res = TEST_ERR_MAJOR_BAD;
     goto test_cleanup;
   }
@@ -77,7 +77,7 @@ static CURLcode test_lib568(const char *URL)
 
   sdpf = curlx_fopen(libtest_arg2, "rb");
   if(!sdpf) {
-    curl_mfprintf(stderr, "can't fopen %s\n", libtest_arg2);
+    curl_mfprintf(stderr, "cannot fopen %s\n", libtest_arg2);
     res = TEST_ERR_MAJOR_BAD;
     goto test_cleanup;
   }
diff --git a/tests/libtest/lib569.c b/tests/libtest/lib569.c
index b1a80a7b01..1c44153d00 100644
--- a/tests/libtest/lib569.c
+++ b/tests/libtest/lib569.c
@@ -40,7 +40,7 @@ static CURLcode test_lib569(const char *URL)
 
   FILE *idfile = curlx_fopen(libtest_arg2, "wb");
   if(!idfile) {
-    curl_mfprintf(stderr, "couldn't open the Session ID File\n");
+    curl_mfprintf(stderr, "Could not open the Session ID File\n");
     return TEST_ERR_MAJOR_BAD;
   }
 
diff --git a/tests/libtest/lib571.c b/tests/libtest/lib571.c
index 49afc2211d..509557f0f5 100644
--- a/tests/libtest/lib571.c
+++ b/tests/libtest/lib571.c
@@ -97,7 +97,7 @@ static CURLcode test_lib571(const char *URL)
 
   FILE *protofile = curlx_fopen(libtest_arg2, "wb");
   if(!protofile) {
-    curl_mfprintf(stderr, "Couldn't open the protocol dump file\n");
+    curl_mfprintf(stderr, "Could not open the protocol dump file\n");
     return TEST_ERR_MAJOR_BAD;
   }
 
diff --git a/tests/libtest/lib572.c b/tests/libtest/lib572.c
index c3951f8d1d..2865372f5f 100644
--- a/tests/libtest/lib572.c
+++ b/tests/libtest/lib572.c
@@ -86,7 +86,7 @@ static CURLcode test_lib572(const char *URL)
   /* PUT style GET_PARAMETERS */
   params = curlx_open(libtest_arg2, O_RDONLY);
   if(params == -1) {
-    curl_mfprintf(stderr, "can't open %s\n", libtest_arg2);
+    curl_mfprintf(stderr, "cannot open %s\n", libtest_arg2);
     res = TEST_ERR_MAJOR_BAD;
     goto test_cleanup;
   }
@@ -95,7 +95,7 @@ static CURLcode test_lib572(const char *URL)
 
   paramsf = curlx_fopen(libtest_arg2, "rb");
   if(!paramsf) {
-    curl_mfprintf(stderr, "can't fopen %s\n", libtest_arg2);
+    curl_mfprintf(stderr, "cannot fopen %s\n", libtest_arg2);
     res = TEST_ERR_MAJOR_BAD;
     goto test_cleanup;
   }
diff --git a/tests/libtest/lib579.c b/tests/libtest/lib579.c
index 29396941cc..9e626c1300 100644
--- a/tests/libtest/lib579.c
+++ b/tests/libtest/lib579.c
@@ -41,7 +41,7 @@ static void progress_final_report(void)
   if(moo)
     curlx_fclose(moo);
   else
-    curl_mfprintf(stderr, "Progress: end UL, can't open %s\n", libtest_arg2);
+    curl_mfprintf(stderr, "Progress: end UL, cannot open %s\n", libtest_arg2);
   started = FALSE;
 }
 
@@ -65,7 +65,7 @@ static int t579_progress_callback(void *clientp, double dltotal, double dlnow,
     if(moo)
       curlx_fclose(moo);
     else
-      curl_mfprintf(stderr, "Progress: start UL, can't open %s\n",
+      curl_mfprintf(stderr, "Progress: start UL, cannot open %s\n",
                     libtest_arg2);
     started = TRUE;
   }
diff --git a/tests/libtest/lib582.c b/tests/libtest/lib582.c
index 9601f29c71..4318096e1f 100644
--- a/tests/libtest/lib582.c
+++ b/tests/libtest/lib582.c
@@ -78,7 +78,7 @@ static void t582_addFd(struct t582_Sockets *sockets, curl_socket_t fd,
     sockets->max_count = 20;
   }
   else if(sockets->count >= sockets->max_count) {
-    /* this can't happen in normal cases */
+    /* this cannot happen in normal cases */
     curl_mfprintf(stderr, "too many file handles error\n");
     exit(2);
   }
@@ -203,7 +203,7 @@ static void notifyCurl(CURLM *multi, curl_socket_t s, int evBitmask,
   CURLMcode result = curl_multi_socket_action(multi, s, evBitmask,
                                               &numhandles);
   if(result != CURLM_OK) {
-    curl_mfprintf(stderr, "Curl error on %s (%i) %s\n",
+    curl_mfprintf(stderr, "curl error on %s (%i) %s\n",
                   info, result, curl_multi_strerror(result));
   }
 }
@@ -256,7 +256,7 @@ static CURLcode test_lib582(const char *URL)
   /* get the file size of the local file */
   hd = fstat(fileno(hd_src), &file_info);
   if(hd == -1) {
-    /* can't open file, bail out */
+    /* cannot open file, bail out */
     curl_mfprintf(stderr, "fstat() failed with error (%d) %s\n",
                   errno, curlx_strerror(errno, errbuf, sizeof(errbuf)));
     curl_mfprintf(stderr, "Error opening file '%s'\n", libtest_arg2);
@@ -334,7 +334,7 @@ static CURLcode test_lib582(const char *URL)
 
     if(timeout.tv_sec != (time_t)-1 &&
        t582_getMicroSecondTimeout(&timeout) == 0) {
-      /* Curl's timer has elapsed. */
+      /* curl's timer has elapsed. */
       notifyCurl(multi, CURL_SOCKET_TIMEOUT, 0, "timeout");
     }
 
diff --git a/tests/libtest/lib586.c b/tests/libtest/lib586.c
index 5ee1582a8e..dac6751b35 100644
--- a/tests/libtest/lib586.c
+++ b/tests/libtest/lib586.c
@@ -119,7 +119,7 @@ static void *t586_test_fire(void *ptr)
   code = curl_easy_perform(curl);
   if(code != CURLE_OK) {
     int i = 0;
-    curl_mfprintf(stderr, "perform url '%s' repeat %d failed, curlcode %d\n",
+    curl_mfprintf(stderr, "perform URL '%s' repeat %d failed, curlcode %d\n",
                   tdata->url, i, code);
   }
 
diff --git a/tests/libtest/lib643.c b/tests/libtest/lib643.c
index a0fef02dda..d74d7ea9ee 100644
--- a/tests/libtest/lib643.c
+++ b/tests/libtest/lib643.c
@@ -114,7 +114,7 @@ static CURLcode t643_test_once(const char *URL, bool oldstyle)
       res = curl_mime_data_cb(part, datasize, t643_read_cb,
                               NULL, NULL, &pooh);
     if(!res)
-      res = curl_mime_filename(part, "file name 2");
+      res = curl_mime_filename(part, "filename 2 ");
   }
 
   if(res)
diff --git a/tests/libtest/lib659.c b/tests/libtest/lib659.c
index 44fe7b0c49..84c3ecc8cd 100644
--- a/tests/libtest/lib659.c
+++ b/tests/libtest/lib659.c
@@ -45,7 +45,7 @@ static CURLcode test_lib659(const char *URL)
     goto test_cleanup;
   }
 
-  /* this doesn't set the PATH part */
+  /* this does not set the PATH part */
   if(curl_url_set(urlp, CURLUPART_HOST, "www.example.com", 0) ||
      curl_url_set(urlp, CURLUPART_SCHEME, "http", 0) ||
      curl_url_set(urlp, CURLUPART_PORT, "80", 0)) {
diff --git a/tests/libtest/lib694.c b/tests/libtest/lib694.c
index eb760fbee2..5b477ecebd 100644
--- a/tests/libtest/lib694.c
+++ b/tests/libtest/lib694.c
@@ -64,7 +64,7 @@ static CURLcode test_lib694(const char *URL)
       curl_mprintf("CURLINFO_HTTPAUTH_USED did not say NTLM\n");
     }
 
-    /* set a new URL for the second, so that we don't restart NTLM */
+    /* set a new URL for the second, so that we do not restart NTLM */
     test_setopt(curl, CURLOPT_URL, libtest_arg2);
   } while(!res && ++count < 2);
 
diff --git a/tests/libtest/lib758.c b/tests/libtest/lib758.c
index 35e60cc04f..ab6ce481b7 100644
--- a/tests/libtest/lib758.c
+++ b/tests/libtest/lib758.c
@@ -303,7 +303,7 @@ static CURLMcode t758_saction(CURLM *multi, curl_socket_t s,
   CURLMcode result = curl_multi_socket_action(multi, s, evBitmask,
                                               &numhandles);
   if(result != CURLM_OK) {
-    curl_mfprintf(stderr, "%s Curl error on %s (%i) %s\n",
+    curl_mfprintf(stderr, "%s curl error on %s (%i) %s\n",
                   t758_tag(), info, result, curl_multi_strerror(result));
   }
   return result;
@@ -457,7 +457,7 @@ static CURLcode t758_one(const char *URL, int timer_fail_at,
 
     if(timeout.tv_sec != (time_t)-1 &&
        t758_getMicroSecondTimeout(&timeout) == 0) {
-      /* Curl's timer has elapsed. */
+      /* curl's timer has elapsed. */
       if(t758_saction(multi, CURL_SOCKET_TIMEOUT, 0, "timeout")) {
         res = TEST_ERR_BAD_TIMEOUT;
         goto test_cleanup;
diff --git a/tests/libtest/mk-lib1521.pl b/tests/libtest/mk-lib1521.pl
index 95a600c3d0..156422eccc 100755
--- a/tests/libtest/mk-lib1521.pl
+++ b/tests/libtest/mk-lib1521.pl
@@ -174,7 +174,7 @@ MOO
     ;
 
 if(!$ARGV[0]) {
-    die "missing target file name";
+    die "missing target filename";
 }
 
 use File::Temp qw/ :mktemp  /;
diff --git a/tests/libtest/test1013.pl b/tests/libtest/test1013.pl
index b97341d0cb..98ea642044 100755
--- a/tests/libtest/test1013.pl
+++ b/tests/libtest/test1013.pl
@@ -36,7 +36,7 @@ my $what=$ARGV[2];
 
 # Read the output of curl --version
 my $curl_protocols="";
-open(CURL, "$ARGV[1]") || die "Can't get curl $what list\n";
+open(CURL, "$ARGV[1]") || die "Cannot get curl $what list\n";
 while() {
     $curl_protocols = $_ if(/$what:/i);
 }
@@ -48,7 +48,7 @@ my @curl = split / /,$1;
 
 # Read the output of curl-config
 my @curl_config;
-open(CURLCONFIG, "sh $ARGV[0] --$what|") || die "Can't get curl-config $what list\n";
+open(CURLCONFIG, "sh $ARGV[0] --$what|") || die "Cannot get curl-config $what list\n";
 while() {
     chomp;
     $_ = lc($_) if($what eq "protocols");  # accept uppercase protocols in curl-config
diff --git a/tests/libtest/test1022.pl b/tests/libtest/test1022.pl
index e1c3cd598e..7309372d22 100755
--- a/tests/libtest/test1022.pl
+++ b/tests/libtest/test1022.pl
@@ -34,7 +34,7 @@ if($#ARGV != 2) {
 my $what=$ARGV[2];
 
 # Read the output of curl --version
-open(CURL, "$ARGV[1]") || die "Can't open curl --version list in $ARGV[1]\n";
+open(CURL, "$ARGV[1]") || die "Cannot open curl --version list in $ARGV[1]\n";
 $_ = ;
 chomp;
 /libcurl\/([\.\d]+((-DEV)|(-rc\d)|(-\d+))?)/;
@@ -44,7 +44,7 @@ close CURL;
 my $curlconfigversion;
 
 # Read the output of curl-config --version/--vernum
-open(CURLCONFIG, "sh $ARGV[0] --$what|") || die "Can't get curl-config --$what list\n";
+open(CURLCONFIG, "sh $ARGV[0] --$what|") || die "Cannot get curl-config --$what list\n";
 $_ = ;
 chomp;
 my $filever=$_;
@@ -65,7 +65,7 @@ else { # "vernum" case
         $curlconfigversion = "illegal value";
     }
 
-    # Strip off the -DEV and -rc suffixes from the curl version if they're there
+    # Strip off the -DEV and -rc suffixes from the curl version if they are there
     $version =~ s/-\w*$//;
 }
 close CURLCONFIG;
diff --git a/tests/libtest/test307.pl b/tests/libtest/test307.pl
index 5a0a97a3a6..bef5ebae14 100755
--- a/tests/libtest/test307.pl
+++ b/tests/libtest/test307.pl
@@ -31,7 +31,7 @@ if($#ARGV != 0) {
     exit 3;
 }
 if(!open(CURL, "$ARGV[0] -s --engine list|")) {
-    print "Can't get SSL engine list\n";
+    print "Cannot get SSL engine list\n";
     exit 2;
 }
 while() {
diff --git a/tests/libtest/test613.pl b/tests/libtest/test613.pl
index d45e2e4e96..88c0e49682 100755
--- a/tests/libtest/test613.pl
+++ b/tests/libtest/test613.pl
@@ -29,7 +29,7 @@ use warnings;
 use Time::Local;
 
 if($#ARGV < 1) {
-    print "Usage: $0 prepare|postprocess dir [logfile]\n";
+    print "Usage: $0 prepare|postprocess directory [logfile]\n";
     exit 1;
 }
 
diff --git a/tests/libtest/testtrace.c b/tests/libtest/testtrace.c
index 092aca8385..7c45173787 100644
--- a/tests/libtest/testtrace.c
+++ b/tests/libtest/testtrace.c
@@ -69,7 +69,7 @@ void debug_dump(const char *timebuf, const char *text,
       curl_mfprintf(stream, "%c",
                     ((ptr[i + c] >= 0x20) && (ptr[i + c] < 0x80)) ?
                     ptr[i + c] : '.');
-      /* check again for 0D0A, to avoid an extra \n if it's at width */
+      /* check again for 0D0A, to avoid an extra \n if it is at width */
       if(nohex && (i + c + 2 < size) && ptr[i + c + 1] == 0x0D &&
          ptr[i + c + 2] == 0x0A) {
         i += (c + 3 - width);
@@ -105,7 +105,7 @@ int libtest_debug_cb(CURL *curl, curl_infotype type,
     }
     secs = epoch_offset + tv.tv_sec;
     /* !checksrc! disable BANNEDFUNC 1 */
-    now = localtime(&secs);  /* not thread safe but we don't care */
+    now = localtime(&secs);  /* not thread safe but we do not care */
     curl_msnprintf(timebuf, sizeof(timebuf), "%02d:%02d:%02d.%06ld ",
                    now->tm_hour, now->tm_min, now->tm_sec, (long)tv.tv_usec);
   }
diff --git a/tests/libtest/testutil.c b/tests/libtest/testutil.c
index 269479c3ce..b5cfa70369 100644
--- a/tests/libtest/testutil.c
+++ b/tests/libtest/testutil.c
@@ -25,7 +25,7 @@
 
 #include "memdebug.h"
 
-/* build request url */
+/* build request URL */
 char *tutil_suburl(const char *base, int i)
 {
   return curl_maprintf("%s%.4d", base, i);
diff --git a/tests/libtest/testutil.h b/tests/libtest/testutil.h
index 7c98e0aade..3dcd7e3417 100644
--- a/tests/libtest/testutil.h
+++ b/tests/libtest/testutil.h
@@ -25,7 +25,7 @@
  ***************************************************************************/
 #include "first.h"
 
-/* build request url */
+/* build request URL */
 char *tutil_suburl(const char *base, int i);
 
 #ifdef HAVE_SYS_RESOURCE_H
diff --git a/tests/memanalyze.pl b/tests/memanalyze.pl
index f0ebd7fbaf..e35b2e7aba 100755
--- a/tests/memanalyze.pl
+++ b/tests/memanalyze.pl
@@ -420,7 +420,7 @@ if($totalmem) {
         $addr = $_;
         $size = $sizeataddr{$addr};
         if($size > 0) {
-            print "At $addr, there's $size bytes.\n";
+            print "At $addr, there is $size bytes.\n";
             print " allocated by ".$getmem{$addr}."\n";
         }
     }
diff --git a/tests/negtelnetserver.py b/tests/negtelnetserver.py
index e043d538e5..61bc1d0359 100755
--- a/tests/negtelnetserver.py
+++ b/tests/negtelnetserver.py
@@ -135,7 +135,7 @@ class Negotiator(object):
         """
         buffer = bytearray()
 
-        # If we keep receiving negotiation sequences, we won't fill the buffer.
+        # If we keep receiving negotiation sequences, we will not fill the buffer.
         # Keep looping while we can, and until we have something to give back
         # to the caller.
         while len(buffer) == 0:
@@ -190,8 +190,8 @@ class Negotiator(object):
             log.debug("Client can do")
             self.state = self.DO
         elif byte_int == NegTokens.DONT:
-            # Client is indicating they can't do an option
-            log.debug("Client can't do")
+            # Client is indicating they cannot do an option
+            log.debug("Client cannot do")
             self.state = self.DONT
         else:
             # Received an unexpected byte. Stop negotiations
@@ -296,9 +296,9 @@ def get_options():
     parser.add_argument("--verbose", action="store", type=int, default=0,
                         help="verbose output")
     parser.add_argument("--pidfile", action="store",
-                        help="file name for the PID")
+                        help="filename for the PID")
     parser.add_argument("--logfile", action="store",
-                        help="file name for the log")
+                        help="filename for the log")
     parser.add_argument("--srcdir", action="store", help="test directory")
     parser.add_argument("--id", action="store", help="server ID")
     parser.add_argument("--ipv4", action="store_true", default=0,
diff --git a/tests/pathhelp.pm b/tests/pathhelp.pm
index 49987f7453..92871617b3 100644
--- a/tests/pathhelp.pm
+++ b/tests/pathhelp.pm
@@ -36,7 +36,7 @@
 # Forward slashes are simpler processed in Perl, do not require extra escaping
 # for shell (unlike back slashes) and accepted by Windows native programs, so
 # all functions return paths with only forward slashes.
-# All returned paths don't contain any duplicated slashes, only single slashes
+# All returned paths do not contain any duplicated slashes, only single slashes
 # are used as directory separators on output.
 # On non-Windows platforms functions acts as transparent wrappers for similar
 # Perl's functions or return unmodified string (depending on functionality),
@@ -195,7 +195,7 @@ sub dirsepadd {
 
 #######################################################################
 # Quote an argument for passing safely to a Bourne shell
-# This does the same thing as String::ShellQuote but doesn't need a package.
+# This does the same thing as String::ShellQuote but does not need a package.
 #
 sub shell_quote {
     my ($s)=@_;
diff --git a/tests/runner.pm b/tests/runner.pm
index fe43ed05ba..6113c18745 100644
--- a/tests/runner.pm
+++ b/tests/runner.pm
@@ -190,7 +190,7 @@ sub runner_init {
             $SIG{INT} = 'IGNORE';
             $SIG{TERM} = 'IGNORE';
             eval {
-                # some msys2 perl versions don't define SIGUSR1, also missing from Win32 Perl
+                # some MSYS2 Perl versions do not define SIGUSR1, also missing from Win32 Perl
                 $SIG{USR1} = 'IGNORE';
             };
 
@@ -214,7 +214,7 @@ sub runner_init {
             # handle IPC calls
             event_loop();
 
-            # Can't rely on logmsg here in case it's buffered
+            # Cannot rely on logmsg here in case it is buffered
             print "Runner $thisrunnerid exiting\n" if($verbose);
 
             # To reach this point, either the controller has sent
@@ -234,7 +234,7 @@ sub runner_init {
         # Create our pid directory
         mkdir("$LOGDIR/$PIDDIR", 0777);
 
-        # Don't create a separate process
+        # Do not create a separate process
         $thisrunnerid = "integrated";
     }
 
@@ -522,7 +522,7 @@ sub torture {
         delete $ENV{'CURL_MEMLIMIT'} if($ENV{'CURL_MEMLIMIT'});
 
         if(-r "core") {
-            # there's core file present now!
+            # there is core file present now!
             logmsg " core dumped\n";
             $dumped_core = 1;
             $fail = 2;
@@ -542,8 +542,8 @@ sub torture {
             }
         }
 
-        # verify that it returns a proper error code, doesn't leak memory
-        # and doesn't core dump
+        # verify that it returns a proper error code, does not leak memory
+        # and does not core dump
         if(($ret & 255) || ($ret >> 8) >= 128) {
             logmsg " system() returned $ret\n";
             $fail=1;
@@ -885,7 +885,7 @@ sub singletest_run {
                 chomp $dis[0] if($dis[0]);
                 if($dis[0] eq "test-duphandle") {
                     # marked to not run with duphandle
-                    logmsg " $testnum: IGNORED: Can't run test-duphandle\n";
+                    logmsg " $testnum: IGNORED: Cannot run test-duphandle\n";
                     return (-1, 0, 0, "", "", 0);
                 }
             }
@@ -1059,7 +1059,7 @@ sub singletest_clean {
 
     if(!$dumped_core) {
         if(-r "core") {
-            # there's core file present now!
+            # there is core file present now!
             $dumped_core = 1;
         }
     }
@@ -1144,7 +1144,7 @@ sub singletest_postcheck {
             logmsg "postcheck $cmd\n" if($verbose);
             my $rc = runclient("$cmd");
             # Must run the postcheck command in torture mode in order
-            # to clean up, but the result can't be relied upon.
+            # to clean up, but the result cannot be relied upon.
             if($rc != 0 && !$torture) {
                 logmsg " $testnum: postcheck FAILED\n";
                 return -1;
@@ -1317,7 +1317,7 @@ sub controlleripccall {
     # Get the name of the function from the reference
     my $cv = svref_2object($funcref);
     my $gv = $cv->GV;
-    # Prepend the name to the function arguments so it's marshalled along with them
+    # Prepend the name to the function arguments so it is marshalled along with them
     unshift @_, $gv->NAME;
     # Marshall the arguments into a flat string
     my $margs = freeze \@_;
@@ -1368,7 +1368,7 @@ sub runnerar {
     my $resarrayref = thaw $buf;
 
     # First argument is runner ID
-    # TODO: remove this; it's unneeded since it's passed in
+    # TODO: remove this; it is unneeded since it is passed in
     unshift @$resarrayref, $runnerid;
     return @$resarrayref;
 }
@@ -1376,7 +1376,7 @@ sub runnerar {
 ###################################################################
 # Returns runner ID if a response from an async call is ready or error
 # First value is ready, second is error, however an error case shows up
-# as ready in Linux, so you can't trust it.
+# as ready in Linux, so you cannot trust it.
 # argument is 0 for nonblocking, undef for blocking, anything else for timeout
 # Called by controller
 sub runnerar_ready {
@@ -1402,7 +1402,7 @@ sub runnerar_ready {
     my $e_in = $r_in;
     if(select(my $r_out=$r_in, undef, my $e_out=$e_in, $blocking) >= 1) {
         for my $fd (0..$maxfileno) {
-            # Return an error condition first in case it's both
+            # Return an error condition first in case it is both
             if(vec($e_out, $fd, 1)) {
                 return (undef, $idbyfileno{$fd});
             }
diff --git a/tests/runtests.pl b/tests/runtests.pl
index e1608e0aaa..192c92a641 100755
--- a/tests/runtests.pl
+++ b/tests/runtests.pl
@@ -54,7 +54,7 @@
 # to check the remote system's PATH, and the places in the code where
 # the curl binary is read directly to determine its type also need to be
 # fixed. As long as the -g option is never given, and the -n is always
-# given, this won't be a problem.
+# given, this will not be a problem.
 
 use strict;
 use warnings;
@@ -233,7 +233,7 @@ sub singletest_logmsg {
 }
 
 #######################################################################
-# Stop buffering log messages, but don't touch them
+# Stop buffering log messages, but do not touch them
 sub singletest_unbufferlogs {
     undef $singletest_bufferedrunner;
 }
@@ -276,7 +276,7 @@ sub catch_usr1 {
 }
 
 eval {
-    # some msys2 perl versions don't define SIGUSR1
+    # some msys2 perl versions do not define SIGUSR1
     $SIG{USR1} = \&catch_usr1;
 };
 $SIG{PIPE} = 'IGNORE';  # these errors are captured in the read/write calls
@@ -293,7 +293,7 @@ foreach my $protocol (('ftp', 'http', 'ftps', 'https', 'no', 'all')) {
     delete $ENV{uc($proxy)} if($ENV{uc($proxy)});
 }
 
-# make sure we don't get affected by other variables that control our
+# make sure we do not get affected by other variables that control our
 # behavior
 
 delete $ENV{'SSL_CERT_DIR'} if($ENV{'SSL_CERT_DIR'});
@@ -331,7 +331,7 @@ if($ENV{"NGHTTPX"}) {
 my $disttests = "";
 sub get_disttests {
     # If a non-default $TESTDIR is being used there may not be any
-    # Makefile.am in which case there's nothing to do.
+    # Makefile.am in which case there is nothing to do.
     open(my $dh, "<", "$TESTDIR/Makefile.am") or return;
     while(<$dh>) {
         chomp $_;
@@ -354,9 +354,9 @@ sub cleardir {
 
     # Get all files
     opendir(my $dh, $dir) ||
-        return 0; # can't open dir
+        return 0; # cannot open dir
     while($file = readdir($dh)) {
-        # Don't clear the $PIDDIR or $LOCKDIR since those need to live beyond
+        # Do not clear the $PIDDIR or $LOCKDIR since those need to live beyond
         # one test
         if(($file !~ /^(\.|\.\.)\z/) &&
             "$file" ne $PIDDIR && "$file" ne $LOCKDIR) {
@@ -469,7 +469,7 @@ sub parseprotocols {
 
     # Generate a "proto-ipv6" version of each protocol to match the
     # IPv6  name and a "proto-unix" to match the variant which
-    # uses Unix domain sockets. This works even if support isn't
+    # uses Unix domain sockets. This works even if support is not
     # compiled in because the  test will fail.
     push @protocols, map(("$_-ipv6", "$_-unix"), @protocols);
 
@@ -776,7 +776,7 @@ sub checksystemfeatures {
         displaylogcontent("$curlverout");
         logmsg "contents of $curlvererr: \n";
         displaylogcontent("$curlvererr");
-        die "couldn't get curl's version";
+        die "Could not get curl's version";
     }
 
     if(-r "../lib/curl_config.h") {
@@ -848,12 +848,12 @@ sub checksystemfeatures {
 
     if($torture) {
         if(!$feature{"TrackMemory"}) {
-            die "can't run torture tests since curl was built without ".
+            die "cannot run torture tests since curl was built without ".
                 "TrackMemory feature (--enable-curldebug)";
         }
         if($feature{"threaded-resolver"} && !$valgrind) {
-            die "can't run torture tests since curl was built with the ".
-                "threaded resolver, and we aren't running with valgrind";
+            die "cannot run torture tests since curl was built with the ".
+                "threaded resolver, and we are not running with valgrind";
         }
     }
 
@@ -970,7 +970,7 @@ sub citest_starttestrun {
         $AZURE_RUN_ID = azure_create_test_run($ACURL);
         logmsg "Azure Run ID: $AZURE_RUN_ID\n" if($verbose);
     }
-    # Appveyor doesn't require anything here
+    # Appveyor does not require anything here
 }
 
 
@@ -1010,7 +1010,7 @@ sub citest_finishtestrun {
     if(azure_check_environment() && $AZURE_RUN_ID) {
         $AZURE_RUN_ID = azure_update_test_run($ACURL, $AZURE_RUN_ID);
     }
-    # Appveyor doesn't require anything here
+    # Appveyor does not require anything here
 }
 
 
@@ -1067,7 +1067,7 @@ sub getrunnerlogdir {
 # Verify that this test case should be run
 sub singletest_shouldrun {
     my $testnum = $_[0];
-    my $why;   # why the test won't be run
+    my $why;   # why the test will not be run
     my $errorreturncode = 1; # 1 means normal error, 2 means ignored error
     my @what;  # what features are needed
 
@@ -1090,7 +1090,7 @@ sub singletest_shouldrun {
     if(loadtest("${TESTDIR}/test${testnum}", 1)) {
         if($verbose) {
             # this is not a test
-            logmsg "RUN: $testnum doesn't look like a test case\n";
+            logmsg "RUN: $testnum does not look like a test case\n";
         }
         $why = "no test";
     }
@@ -1214,7 +1214,7 @@ sub singletest_count {
     my ($testnum, $why) = @_;
 
     if($why && !$listonly) {
-        # there's a problem, count it as "skipped"
+        # there is a problem, count it as "skipped"
         $skipped{$why}++;
         $teststat[$testnum]=$why; # store reason for this test case
 
@@ -1229,7 +1229,7 @@ sub singletest_count {
         return -1;
     }
 
-    # At this point we've committed to run this test
+    # At this point we have committed to run this test
     logmsg sprintf("test %04d...", $testnum) if(!$automakestyle);
 
     # name of the test
@@ -1403,7 +1403,7 @@ sub singletest_check {
         # Verify the sent request
         my @out = loadarray("$logdir/$SERVERIN");
 
-        # check if there's any attributes on the verify/protocol section
+        # check if there is any attributes on the verify/protocol section
         my %hash = getpartattr("verify", "protocol");
 
         if($hash{'nonewline'}) {
@@ -1573,7 +1573,7 @@ sub singletest_check {
     my @proxyprot = getpart("verify", "proxy");
     if(@proxyprot) {
         # Verify the sent proxy request
-        # check if there's any attributes on the verify/protocol section
+        # check if there is any attributes on the verify/protocol section
         my %hash = getpartattr("verify", "proxy");
 
         if($hash{'nonewline'}) {
@@ -1622,7 +1622,7 @@ sub singletest_check {
     for my $partsuffix (('', '1', '2', '3', '4')) {
         my @outfile=getpart("verify", "file".$partsuffix);
         if(@outfile || partexists("verify", "file".$partsuffix) ) {
-            # we're supposed to verify a dynamically generated file!
+            # we are supposed to verify a dynamically generated file!
             my %hash = getpartattr("verify", "file".$partsuffix);
 
             my $filename=$hash{'name'};
@@ -1713,7 +1713,7 @@ sub singletest_check {
 
     my @dnsd = getpart("verify", "dns");
     if(@dnsd) {
-        # we're supposed to verify a dynamically generated file!
+        # we are supposed to verify a dynamically generated file!
         my %hash = getpartattr("verify", "dns");
         my $hostname=$hash{'host'};
 
@@ -1982,7 +1982,7 @@ sub singletest {
         ###################################################################
         # Restore environment variables that were modified in a previous run.
         # Test definition may instruct to (un)set environment vars.
-        # This is done this early so that leftover variables don't affect
+        # This is done this early so that leftover variables do not affect
         # starting servers or CI registration.
         # restore_test_env(1);
 
@@ -2350,8 +2350,8 @@ while(@ARGV) {
         # use this path to a curl used to verify servers
 
         # Particularly useful when you introduce a crashing bug somewhere in
-        # the development version as then it won't be able to run any tests
-        # since it can't verify the servers!
+        # the development version as then it will not be able to run any tests
+        # since it cannot verify the servers!
 
         $VCURL=shell_quote($ARGV[1]);
         shift @ARGV;
@@ -2381,7 +2381,7 @@ while(@ARGV) {
         # load additional reasons to skip tests
         shift @ARGV;
         my $exclude_file = $ARGV[0];
-        open(my $fd, "<", $exclude_file) or die "Couldn't open '$exclude_file': $!";
+        open(my $fd, "<", $exclude_file) or die "Could not open '$exclude_file': $!";
         while(my $line = <$fd>) {
             next if($line =~ /^#/);
             chomp $line;
@@ -2665,7 +2665,7 @@ if($valgrind) {
 
         # since valgrind 2.1.x, '--tool' option is mandatory
         # use it, if it is supported by the version installed on the system
-        # (this happened in 2003, so we could probably don't need to care about
+        # (this happened in 2003, so we could probably do not need to care about
         # that old version any longer and just delete this check)
         runclient("valgrind --help 2>&1 | grep -- --tool >$dev_null 2>&1");
         if(($? >> 8)) {
@@ -2680,7 +2680,7 @@ if($valgrind) {
         close($curlh);
 
         # valgrind 3 renamed the --logfile option to --log-file!!!
-        # (this happened in 2005, so we could probably don't need to care about
+        # (this happened in 2005, so we could probably do not need to care about
         # that old version any longer and just delete this check)
         my $ver=join(' ', runclientoutput("valgrind --version"));
         # cut off all but digits and dots
@@ -2712,7 +2712,7 @@ if($gdbthis) {
 # clear and create logging directory:
 #
 
-# TODO: figure how to get around this. This dir is needed for checksystemfeatures()
+# TODO: figure how to get around this. This directory is needed for checksystemfeatures()
 # Maybe create & use & delete a temporary directory in that function
 cleardir($LOGDIR);
 mkdir($LOGDIR, 0777);
@@ -2815,7 +2815,7 @@ sub disabledtests {
 
 if($TESTCASES eq "all") {
     # Get all commands and find out their test numbers
-    opendir(DIR, $TESTDIR) || die "can't opendir $TESTDIR: $!";
+    opendir(DIR, $TESTDIR) || die "cannot opendir $TESTDIR: $!";
     my @cmds = grep { /^test([0-9]+)$/ && -f "$TESTDIR/$_" } readdir(DIR);
     closedir(DIR);
 
@@ -2919,11 +2919,11 @@ sub displaylogs {
     my ($runnerid, $testnum)=@_;
     my $logdir = getrunnerlogdir($runnerid);
     opendir(DIR, "$logdir") ||
-        die "can't open dir: $!";
+        die "cannot open dir: $!";
     my @logs = readdir(DIR);
     closedir(DIR);
 
-    logmsg "== Contents of files in the $logdir/ dir after test $testnum\n";
+    logmsg "== Contents of files in the $logdir/ directory after test $testnum\n";
     foreach my $log (sort @logs) {
         if($log =~ /\.(\.|)$/) {
             next; # skip "." and ".."
@@ -2965,7 +2965,7 @@ sub displaylogs {
             next; # skip valgrindNnn of other tests
         }
         if(($log =~ /^test$testnum$/)) {
-            next; # skip test$testnum since it can be very big
+            next; # skip test$testnum since it can be big
         }
         logmsg "=== Start of file $log\n";
         displaylogcontent("$logdir/$log");
@@ -3088,7 +3088,7 @@ while() {
         }
     }
 
-    # See if we've completed all the tests
+    # See if we have completed all the tests
     if(!scalar(%runnersrunning)) {
         # No runners are running; we must be done
         scalar(@runtests) && die 'Internal error: still have tests to run';
@@ -3096,7 +3096,7 @@ while() {
     }
 
     # See if a test runner needs attention
-    # If we could be running more tests, don't wait so we can schedule a new
+    # If we could be running more tests, do not wait so we can schedule a new
     # one immediately. If all runners are busy, wait a fraction of a second
     # for one to finish so we can still loop around to check the abort flag.
     my $runnerwait = scalar(@runnersidle) && scalar(@runtests) ? 0.1 : 1.0;
@@ -3131,7 +3131,7 @@ while() {
                         next;
                     }
 
-                    $total++; # number of tests we've run
+                    $total++; # number of tests we have run
                     $executed++;
 
                     if($error>0) {
@@ -3200,9 +3200,9 @@ while() {
     $endwaitcnt += $runnerwait;
     if($endwaitcnt >= 10) {
         # Once all tests have been scheduled on a runner at the end of a test
-        # run, we just wait for their results to come in. If we're still
+        # run, we just wait for their results to come in. If we are still
         # waiting after a couple of minutes ($endwaitcnt multiplied by
-        # $runnerwait, plus $jobs because that number won't time out), display
+        # $runnerwait, plus $jobs because that number will not time out), display
         # the same test runner status as we give with a SIGUSR1. This will
         # likely point to a single test that has hung.
         logmsg "Hmmm, the tests are taking a while to finish. Here is the status:\n";
@@ -3231,9 +3231,9 @@ foreach my $runnerid (values %runnerids) {
 }
 
 # Kill the runners
-# There is a race condition here since we don't know exactly when the runners
-# have each finished shutting themselves down, but we're about to exit so it
-# doesn't make much difference.
+# There is a race condition here since we do not know exactly when the runners
+# have each finished shutting themselves down, but we are about to exit so it
+# does not make much difference.
 foreach my $runnerid (values %runnerids) {
     runnerac_shutdown($runnerid);
     sleep 0;  # give runner a context switch so it can shut itself down
diff --git a/tests/secureserver.pl b/tests/secureserver.pl
index 930845e971..a773a86b86 100755
--- a/tests/secureserver.pl
+++ b/tests/secureserver.pl
@@ -217,7 +217,7 @@ foreach my $veropt (('-version', '-V')) {
             $ver_minor = $2;
         }
         elsif($verstr =~ /^sslVersion.*fips *= *yes/) {
-            # the fips option causes an error if stunnel doesn't support it
+            # the fips option causes an error if stunnel does not support it
             $fips_support = 1;
             last
         }
@@ -304,7 +304,7 @@ if($stunnel_version >= 400) {
             print $stunconf "verifyChain = yes\n";
         }
         if($fips_support) {
-            # disable fips in case OpenSSL doesn't support it
+            # disable fips in case OpenSSL does not support it
             print $stunconf "fips = no\n";
         }
         if(!$tstunnel_windows) {
@@ -358,7 +358,7 @@ if($tstunnel_windows) {
 
     # Put an "exec" in front of the command so that the child process
     # keeps this child's process ID by being tied to the spawned shell.
-    exec("exec $cmd") || die "Can't exec() $cmd: $!";
+    exec("exec $cmd") || die "Cannot exec() $cmd: $!";
     # exec() will create a new process, but ties the existence of the
     # new process to the parent waiting perl.exe and sh.exe processes.
 
diff --git a/tests/server/first.h b/tests/server/first.h
index fc581487e6..2979239ad3 100644
--- a/tests/server/first.h
+++ b/tests/server/first.h
@@ -150,7 +150,7 @@ extern curl_socket_t sockdaemon(curl_socket_t sock,
                                 bool bind_only);
 
 /* global variables */
-static const char *srcpath = "."; /* pointing to the test dir */
+static const char *srcpath = "."; /* pointing to the test directory */
 static const char *pidname = NULL;
 static const char *portname = NULL; /* none by default */
 static const char *serverlogfile = NULL;
diff --git a/tests/server/getpart.c b/tests/server/getpart.c
index 6bff92ab1a..efec3de634 100644
--- a/tests/server/getpart.c
+++ b/tests/server/getpart.c
@@ -50,7 +50,7 @@ static size_t line_length(const char *buffer, int bytestocheck)
   }
   if(*buffer != '\n') {
     /*
-     * We didn't find a new line so the last byte must be a
+     * We did not find a new line so the last byte must be a
      * '\0' character inserted by fgets() which we should not
      * count.
      */
diff --git a/tests/server/mqttd.c b/tests/server/mqttd.c
index df5fb36903..2701d61260 100644
--- a/tests/server/mqttd.c
+++ b/tests/server/mqttd.c
@@ -563,7 +563,7 @@ static curl_socket_t mqttit(curl_socket_t fd)
       memcpy(topic, &buffer[4], topic_len);
       topic[topic_len] = 0;
 
-      /* there's a QoS byte (two bits) after the topic */
+      /* there is a QoS byte (two bits) after the topic */
 
       logmsg("SUBSCRIBE to '%s' [%d]", topic, packet_id);
       stream = test2fopen(testno, logdir);
@@ -572,7 +572,7 @@ static curl_socket_t mqttit(curl_socket_t fd)
         error = errno;
         logmsg("fopen() failed with error (%d) %s",
                error, curlx_strerror(error, errbuf, sizeof(errbuf)));
-        logmsg("Couldn't open test file %ld", testno);
+        logmsg("Could not open test file %ld", testno);
         goto end;
       }
       error = getpart(&data, &datalen, "reply", "data", stream);
@@ -679,7 +679,7 @@ static bool mqttd_incoming(curl_socket_t listenfd)
     FD_ZERO(&fds_write);
     FD_ZERO(&fds_err);
 
-    /* there's always a socket to wait for */
+    /* there is always a socket to wait for */
 #ifdef __DJGPP__
 #pragma GCC diagnostic push
 #pragma GCC diagnostic ignored "-Warith-conversion"
diff --git a/tests/server/resolve.c b/tests/server/resolve.c
index cab3cb7dff..c41c2fc68a 100644
--- a/tests/server/resolve.c
+++ b/tests/server/resolve.c
@@ -93,7 +93,7 @@ static int test_resolve(int argc, char *argv[])
     /* Check that the system has IPv6 enabled before checking the resolver */
     curl_socket_t s = socket(PF_INET6, SOCK_DGRAM, 0);
     if(s == CURL_SOCKET_BAD)
-      /* an IPv6 address was requested and we can't get/use one */
+      /* an IPv6 address was requested and we cannot get/use one */
       rc = -1;
     else {
       sclose(s);
@@ -128,7 +128,7 @@ static int test_resolve(int argc, char *argv[])
 #endif
 
   if(rc)
-    printf("Resolving %s '%s' didn't work\n", ipv_inuse, host);
+    printf("Resolving %s '%s' did not work\n", ipv_inuse, host);
 
   return !!rc;
 }
diff --git a/tests/server/rtspd.c b/tests/server/rtspd.c
index c3d4678ae4..5ffd0f28e5 100644
--- a/tests/server/rtspd.c
+++ b/tests/server/rtspd.c
@@ -62,8 +62,8 @@ struct rtspd_httprequest {
   long testno;       /* test number found in the request */
   long partno;       /* part number found in the request */
   bool open;      /* keep connection open info, as found in the request */
-  bool auth_req;  /* authentication required, don't wait for body unless
-                     there's an Authorization header */
+  bool auth_req;  /* authentication required, do not wait for body unless
+                     there is an Authorization header */
   bool auth;      /* Authorization header present in the incoming request */
   size_t cl;      /* Content-Length of the incoming request */
   bool digest;    /* Authorization digest header found */
@@ -238,7 +238,7 @@ static int rtspd_ProcessRequest(struct rtspd_httprequest *req)
         int error = errno;
         logmsg("fopen() failed with error (%d) %s",
                error, curlx_strerror(error, errbuf, sizeof(errbuf)));
-        logmsg("Couldn't open test file %ld", req->testno);
+        logmsg("Could not open test file %ld", req->testno);
         req->open = FALSE; /* closes connection */
         return 1; /* done */
       }
@@ -285,7 +285,7 @@ static int rtspd_ProcessRequest(struct rtspd_httprequest *req)
               if(num < 0)
                 logmsg("negative pipe size ignored");
               else if(num > 0)
-                req->pipe = num-1; /* decrease by one since we don't count the
+                req->pipe = num-1; /* decrease by one since we do not count the
                                       first request in this number */
             }
             else if(sscanf(ptr, "skip: %d", &num) == 1) {
@@ -362,10 +362,10 @@ static int rtspd_ProcessRequest(struct rtspd_httprequest *req)
           req->open = FALSE; /* HTTP 1.0 closes connection by default */
 
         if(!strncmp(doc, "bad", 3))
-          /* if the host name starts with bad, we fake an error here */
+          /* if the hostname starts with bad, we fake an error here */
           req->testno = DOCNUMBER_BADCONNECT;
         else if(!strncmp(doc, "test", 4)) {
-          /* if the host name starts with test, the port number used in the
+          /* if the hostname starts with test, the port number used in the
              CONNECT line will be used as test number! */
           char *portp = strchr(doc, ':');
           if(portp && (*(portp + 1) != '\0') && ISDIGIT(*(portp + 1))) {
@@ -389,7 +389,7 @@ static int rtspd_ProcessRequest(struct rtspd_httprequest *req)
   }
 
   if(!end) {
-    /* we don't have a complete request yet! */
+    /* we do not have a complete request yet! */
     logmsg("rtspd_ProcessRequest returned without a complete request");
     return 0; /* not complete yet */
   }
@@ -403,7 +403,7 @@ static int rtspd_ProcessRequest(struct rtspd_httprequest *req)
   /* **** Persistence ****
    *
    * If the request is an HTTP/1.0 one, we close the connection unconditionally
-   * when we're done.
+   * when we are done.
    *
    * If the request is an HTTP/1.1 one, we MUST check for a "Connection:"
    * header that might say "close". If it does, we close a connection when
@@ -416,8 +416,8 @@ static int rtspd_ProcessRequest(struct rtspd_httprequest *req)
       return 1; /* done */
 
     if((req->cl == 0) && !CURL_STRNICMP("Content-Length:", line, 15)) {
-      /* If we don't ignore content-length, we read it and we read the whole
-         request including the body before we return. If we've been told to
+      /* If we do not ignore content-length, we read it and we read the whole
+         request including the body before we return. If we have been told to
          ignore the content-length, we will return as soon as all headers
          have been received */
       curl_off_t clen;
@@ -645,7 +645,7 @@ static int rtspd_get_request(curl_socket_t sock, struct rtspd_httprequest *req)
     else {
       if(req->skip)
         /* we are instructed to not read the entire thing, so we make sure to
-           only read what we're supposed to and NOT read the entire thing the
+           only read what we are supposed to and NOT read the entire thing the
            client wants to send! */
         got = sread(sock, reqbuf + req->offset, req->cl);
       else
@@ -810,7 +810,7 @@ static int rtspd_send_doc(curl_socket_t sock, struct rtspd_httprequest *req)
       error = errno;
       logmsg("fopen() failed with error (%d) %s",
              error, curlx_strerror(error, errbuf, sizeof(errbuf)));
-      logmsg("Couldn't open test file");
+      logmsg("Could not open test file");
       return 0;
     }
     else {
@@ -834,7 +834,7 @@ static int rtspd_send_doc(curl_socket_t sock, struct rtspd_httprequest *req)
       error = errno;
       logmsg("fopen() failed with error (%d) %s",
              error, curlx_strerror(error, errbuf, sizeof(errbuf)));
-      logmsg("Couldn't open test file");
+      logmsg("Could not open test file");
       free(ptr);
       return 0;
     }
@@ -876,7 +876,7 @@ static int rtspd_send_doc(curl_socket_t sock, struct rtspd_httprequest *req)
     logmsg("fopen() failed with error (%d) %s",
            error, curlx_strerror(error, errbuf, sizeof(errbuf)));
     logmsg("Error opening file '%s'", responsedump);
-    logmsg("couldn't create logfile '%s'", responsedump);
+    logmsg("could not create logfile '%s'", responsedump);
     free(ptr);
     free(cmd);
     return -1;
diff --git a/tests/server/sockfilt.c b/tests/server/sockfilt.c
index b4896260b9..e30f54c415 100644
--- a/tests/server/sockfilt.c
+++ b/tests/server/sockfilt.c
@@ -901,7 +901,7 @@ static bool disc_handshake(void)
          * The only other messages that could occur here are PING and PORT,
          * and both of them occur at the start of a test when nothing should be
          * trying to DISC. Therefore, we should not ever get here, but if we
-         * do, it's probably due to some kind of unclean shutdown situation so
+         * do, it is probably due to some kind of unclean shutdown situation so
          * us shutting down is what we probably ought to be doing, anyway.
          */
         return FALSE;
@@ -970,7 +970,7 @@ static bool juggle(curl_socket_t *sockfdp,
 
     /* server mode */
     sockfd = listenfd;
-    /* there's always a socket to wait for */
+    /* there is always a socket to wait for */
 #ifdef __DJGPP__
 #pragma GCC diagnostic push
 #pragma GCC diagnostic ignored "-Warith-conversion"
@@ -991,7 +991,7 @@ static bool juggle(curl_socket_t *sockfdp,
       maxfd = 0; /* stdin */
     }
     else {
-      /* there's always a socket to wait for */
+      /* there is always a socket to wait for */
 #ifdef __DJGPP__
 #pragma GCC diagnostic push
 #pragma GCC diagnostic ignored "-Warith-conversion"
@@ -1150,7 +1150,7 @@ static bool juggle(curl_socket_t *sockfdp,
   if((sockfd != CURL_SOCKET_BAD) && (FD_ISSET(sockfd, &fds_read)) ) {
     ssize_t nread_socket;
     if(*mode == PASSIVE_LISTEN) {
-      /* there's no stream set up yet, this is an indication that there's a
+      /* there is no stream set up yet, this is an indication that there is a
          client connecting. */
       curl_socket_t newfd = accept(sockfd, NULL, NULL);
       if(CURL_SOCKET_BAD == newfd) {
diff --git a/tests/server/socksd.c b/tests/server/socksd.c
index f14ee13ee4..1a1d40113b 100644
--- a/tests/server/socksd.c
+++ b/tests/server/socksd.c
@@ -42,7 +42,7 @@
  *                              state
  * "nmethods_max [number: 3]" - the minimum numberf NMETHODS the client must
  *                              state
- * "user [string]" - the user name that must match (if method is 2)
+ * "user [string]" - the username that must match (if method is 2)
  * "password [string]" - the password that must match (if method is 2)
  * "backend [IPv4]" - numerical IPv4 address of backend to connect to
  * "backendport [number:0]" - TCP port of backend to connect to. 0 means use
@@ -644,7 +644,7 @@ static bool socksd_incoming(curl_socket_t listenfd)
     FD_ZERO(&fds_write);
     FD_ZERO(&fds_err);
 
-    /* there's always a socket to wait for */
+    /* there is always a socket to wait for */
 #ifdef __DJGPP__
 #pragma GCC diagnostic push
 #pragma GCC diagnostic ignored "-Warith-conversion"
diff --git a/tests/server/sws.c b/tests/server/sws.c
index 29e69d893b..d590cd6fef 100644
--- a/tests/server/sws.c
+++ b/tests/server/sws.c
@@ -59,8 +59,8 @@ struct sws_httprequest {
   long testno;       /* test number found in the request */
   long partno;       /* part number found in the request */
   bool open;      /* keep connection open info, as found in the request */
-  bool auth_req;  /* authentication required, don't wait for body unless
-                     there's an Authorization header */
+  bool auth_req;  /* authentication required, do not wait for body unless
+                     there is an Authorization header */
   bool auth;      /* Authorization header present in the incoming request */
   size_t cl;      /* Content-Length of the incoming request */
   bool digest;    /* Authorization digest header found */
@@ -76,7 +76,7 @@ struct sws_httprequest {
   int prot_version;  /* HTTP version * 10 */
   int callcount;  /* times sws_ProcessRequest() gets called */
   bool skipall;   /* skip all incoming data */
-  bool noexpect;  /* refuse Expect: (don't read the body) */
+  bool noexpect;  /* refuse Expect: (do not read the body) */
   bool connmon;   /* monitor the state of the connection, log disconnects */
   bool upgrade;   /* test case allows upgrade */
   bool upgrade_request; /* upgrade request found and allowed */
@@ -208,7 +208,7 @@ static int sws_parse_servercmd(struct sws_httprequest *req)
     error = errno;
     logmsg("fopen() failed with error (%d) %s",
            error, curlx_strerror(error, errbuf, sizeof(errbuf)));
-    logmsg("  Couldn't open test file %ld", req->testno);
+    logmsg("  Could not open test file %ld", req->testno);
     req->open = FALSE; /* closes connection */
     return 1; /* done */
   }
@@ -340,7 +340,7 @@ static int sws_ProcessRequest(struct sws_httprequest *req)
       if(http && sscanf(http, "HTTP/%d.%d",
                         &prot_major,
                         &prot_minor) == 2) {
-        /* between the request keyword and HTTP/ there's a path */
+        /* between the request keyword and HTTP/ there is a path */
         httppath = line + strlen(request);
         npath = http - httppath;
 
@@ -414,7 +414,7 @@ static int sws_ProcessRequest(struct sws_httprequest *req)
       }
 
       if(req->testno == DOCNUMBER_NOTHING) {
-        /* didn't find any in the first scan, try alternative test case
+        /* did not find any in the first scan, try alternative test case
            number placements */
         static char doc[MAXDOCNAMELEN];
         if(sscanf(req->reqbuf, "CONNECT %" MAXDOCNAMELEN_TXT "s HTTP/%d.%d",
@@ -485,7 +485,7 @@ static int sws_ProcessRequest(struct sws_httprequest *req)
   }
 
   if(!end) {
-    /* we don't have a complete request yet! */
+    /* we do not have a complete request yet! */
     logmsg("request not complete yet");
     return 0; /* not complete yet */
   }
@@ -545,7 +545,7 @@ static int sws_ProcessRequest(struct sws_httprequest *req)
   /* **** Persistence ****
    *
    * If the request is an HTTP/1.0 one, we close the connection unconditionally
-   * when we're done.
+   * when we are done.
    *
    * If the request is an HTTP/1.1 one, we MUST check for a "Connection:"
    * header that might say "close". If it does, we close a connection when
@@ -558,8 +558,8 @@ static int sws_ProcessRequest(struct sws_httprequest *req)
       return 1; /* done */
 
     if((req->cl == 0) && !CURL_STRNICMP("Content-Length:", line, 15)) {
-      /* If we don't ignore content-length, we read it and we read the whole
-         request including the body before we return. If we've been told to
+      /* If we do not ignore content-length, we read it and we read the whole
+         request including the body before we return. If we have been told to
          ignore the content-length, we will return as soon as all headers
          have been received */
       curl_off_t clen;
@@ -883,7 +883,7 @@ static int sws_get_request(curl_socket_t sock, struct sws_httprequest *req)
   else {
     if(req->skip)
       /* we are instructed to not read the entire thing, so we make sure to
-         only read what we're supposed to and NOT read the entire thing the
+         only read what we are supposed to and NOT read the entire thing the
          client wants to send! */
       got = sread(sock, reqbuf + req->offset, req->cl);
     else
@@ -1955,7 +1955,7 @@ static int service_connection(curl_socket_t *msgsock,
   if(req->connect_request) {
     /* a CONNECT request, setup and talk the tunnel */
     if(!is_proxy) {
-      logmsg("received CONNECT but isn't running as proxy!");
+      logmsg("received CONNECT but not running as proxy!");
       return 1;
     }
     else {
@@ -2419,7 +2419,7 @@ static int test_sws(int argc, char *argv[])
 
             if(!req->open)
               /* When instructed to close connection after server-reply we
-                 wait a very small amount of time before doing so. If this
+                 wait a small amount of time before doing so. If this
                  is not done client might get an ECONNRESET before reading
                  a single byte of server-reply. */
               curlx_wait_ms(50);
@@ -2437,7 +2437,7 @@ static int test_sws(int argc, char *argv[])
               goto sws_cleanup;
           }
 
-          /* Reset the request, unless we're still in the middle of reading */
+          /* Reset the request, unless we are still in the middle of reading */
           if(rc && !req->upgrade_request)
             /* Note: resetting the HTTP request here can cause problems if:
              * 1) req->skipall is TRUE,
@@ -2448,9 +2448,9 @@ static int test_sws(int argc, char *argv[])
              * data (in service_connection()) as the first data received on
              * this new HTTP request and report "** Unusual request" (skipall
              * would have otherwise caused that data to be ignored). Normally,
-             * that socket will be closed by the client and there won't be any
-             * stale data to cause this, but stranger things have happened (see
-             * issue #11678).
+             * that socket will be closed by the client and there will not be
+             * any stale data to cause this, but stranger things have happened
+             * (see issue #11678).
              */
             init_httprequest(req);
         } while(rc > 0);
diff --git a/tests/server/tftpd.c b/tests/server/tftpd.c
index 819f06bf2d..a701f223c5 100644
--- a/tests/server/tftpd.c
+++ b/tests/server/tftpd.c
@@ -310,7 +310,7 @@ static struct tftphdr *rw_init(int x)
 {
   newline = 0;                    /* init crlf flag */
   prevchar = -1;
-  bfs[0].counter = BF_ALLOC;     /* pass out the first buffer */
+  bfs[0].counter = BF_ALLOC;      /* pass out the first buffer */
   current = 0;
   bfs[1].counter = BF_FREE;
   nextone = x;                    /* ahead or behind? */
@@ -339,7 +339,7 @@ static int readit(struct testcase *test, struct tftphdr * volatile *dpp,
   current = !current;             /* "incr" current */
 
   b = &bfs[current];              /* look at new buffer */
-  if(b->counter == BF_FREE)      /* if it's empty */
+  if(b->counter == BF_FREE)       /* if empty */
     read_ahead(test, convert);    /* fill it */
 
   *dpp = &b->buf.hdr;             /* set caller's ptr */
@@ -360,7 +360,7 @@ static void read_ahead(struct testcase *test,
   struct tftphdr *dp;
 
   b = &bfs[nextone];              /* look at "next" buffer */
-  if(b->counter != BF_FREE)      /* nop if not free */
+  if(b->counter != BF_FREE)       /* nop if not free */
     return;
   nextone = !nextone;             /* "incr" next buffer ptr */
 
@@ -447,7 +447,7 @@ static ssize_t write_behind(struct testcase *test, int convert)
     snprintf(outfile, sizeof(outfile), "%s/upload.%ld", logdir, test->testno);
     test->ofile = open(outfile, O_CREAT|O_RDWR|CURL_O_BINARY, 0777);
     if(test->ofile == -1) {
-      logmsg("Couldn't create and/or open file %s for upload!", outfile);
+      logmsg("Could not create and/or open file %s for upload!", outfile);
       return -1; /* failure! */
     }
   }
@@ -1017,7 +1017,7 @@ static int tftpd_parse_servercmd(struct testcase *req)
     error = errno;
     logmsg("fopen() failed with error (%d) %s",
            error, curlx_strerror(error, errbuf, sizeof(errbuf)));
-    logmsg("  Couldn't open test file %ld", req->testno);
+    logmsg("  Could not open test file %ld", req->testno);
     return 1; /* done */
   }
   else {
@@ -1141,7 +1141,7 @@ static int validate_access(struct testcase *test,
       int error = errno;
       logmsg("fopen() failed with error (%d) %s",
              error, curlx_strerror(error, errbuf, sizeof(errbuf)));
-      logmsg("Couldn't open test file for test: %ld", testno);
+      logmsg("Could not open test file for test: %ld", testno);
       return TFTP_EACCESS;
     }
     else {
diff --git a/tests/server/util.c b/tests/server/util.c
index afe6986263..6551e47426 100644
--- a/tests/server/util.c
+++ b/tests/server/util.c
@@ -97,7 +97,7 @@ void logmsg(const char *msg, ...)
   }
   sec = epoch_offset + tv.tv_sec;
   /* !checksrc! disable BANNEDFUNC 1 */
-  now = localtime(&sec); /* not thread safe but we don't care */
+  now = localtime(&sec); /* not thread safe but we do not care */
 
   snprintf(timebuf, sizeof(timebuf), "%02d:%02d:%02d.%06ld",
            (int)now->tm_hour, (int)now->tm_min, (int)now->tm_sec,
@@ -227,7 +227,7 @@ int write_pidfile(const char *filename)
   pidfile = fopen(filename, "wb");
   if(!pidfile) {
     char errbuf[STRERROR_LEN];
-    logmsg("Couldn't write pid file: %s (%d) %s", filename,
+    logmsg("Could not write pid file: %s (%d) %s", filename,
            errno, curlx_strerror(errno, errbuf, sizeof(errbuf)));
     return 0; /* fail */
   }
@@ -243,7 +243,7 @@ int write_portfile(const char *filename, int port)
   FILE *portfile = fopen(filename, "wb");
   if(!portfile) {
     char errbuf[STRERROR_LEN];
-    logmsg("Couldn't write port file: %s (%d) %s", filename,
+    logmsg("Could not write port file: %s (%d) %s", filename,
            errno, curlx_strerror(errno, errbuf, sizeof(errbuf)));
     return 0; /* fail */
   }
diff --git a/tests/serverhelp.pm b/tests/serverhelp.pm
index 1a3c997755..c79528af71 100644
--- a/tests/serverhelp.pm
+++ b/tests/serverhelp.pm
@@ -64,7 +64,7 @@ use testutil qw(
     exerunner
     );
 
-our $logfile;  # server log file name, for logmsg
+our $logfile;  # server log filename, for logmsg
 
 #***************************************************************************
 # Just for convenience, test harness uses 'https' and 'httptls' literals as
@@ -153,7 +153,7 @@ sub servername_id {
 
 
 #***************************************************************************
-# Return server name string formatted for file name purposes
+# Return server name string formatted for filename purposes
 #
 sub servername_canon {
     my ($proto, $ipver, $idnum) = @_;
@@ -165,7 +165,7 @@ sub servername_canon {
 
 
 #***************************************************************************
-# Return file name for server pid file.
+# Return filename for server pid file.
 #
 sub server_pidfilename {
     my ($piddir, $proto, $ipver, $idnum) = @_;
@@ -174,7 +174,7 @@ sub server_pidfilename {
 }
 
 #***************************************************************************
-# Return file name for server port file.
+# Return filename for server port file.
 #
 sub server_portfilename {
     my ($piddir, $proto, $ipver, $idnum) = @_;
@@ -184,7 +184,7 @@ sub server_portfilename {
 
 
 #***************************************************************************
-# Return file name for server log file.
+# Return filename for server log file.
 #
 sub server_logfilename {
     my ($logdir, $proto, $ipver, $idnum) = @_;
@@ -195,7 +195,7 @@ sub server_logfilename {
 
 
 #***************************************************************************
-# Return file name for server commands file.
+# Return filename for server commands file.
 #
 sub server_cmdfilename {
     my ($logdir, $proto, $ipver, $idnum) = @_;
@@ -205,7 +205,7 @@ sub server_cmdfilename {
 
 
 #***************************************************************************
-# Return file name for server input file.
+# Return filename for server input file.
 #
 sub server_inputfilename {
     my ($logdir, $proto, $ipver, $idnum) = @_;
@@ -215,7 +215,7 @@ sub server_inputfilename {
 
 
 #***************************************************************************
-# Return file name for server output file.
+# Return filename for server output file.
 #
 sub server_outputfilename {
     my ($logdir, $proto, $ipver, $idnum) = @_;
@@ -253,7 +253,7 @@ sub server_exe_args {
 
 
 #***************************************************************************
-# Return file name for main or primary sockfilter pid file.
+# Return filename for main or primary sockfilter pid file.
 #
 sub mainsockf_pidfilename {
     my ($piddir, $proto, $ipver, $idnum) = @_;
@@ -265,7 +265,7 @@ sub mainsockf_pidfilename {
 
 
 #***************************************************************************
-# Return file name for main or primary sockfilter log file.
+# Return filename for main or primary sockfilter log file.
 #
 sub mainsockf_logfilename {
     my ($logdir, $proto, $ipver, $idnum) = @_;
@@ -277,7 +277,7 @@ sub mainsockf_logfilename {
 
 
 #***************************************************************************
-# Return file name for data or secondary sockfilter pid file.
+# Return filename for data or secondary sockfilter pid file.
 #
 sub datasockf_pidfilename {
     my ($piddir, $proto, $ipver, $idnum) = @_;
@@ -289,7 +289,7 @@ sub datasockf_pidfilename {
 
 
 #***************************************************************************
-# Return file name for data or secondary sockfilter log file.
+# Return filename for data or secondary sockfilter log file.
 #
 sub datasockf_logfilename {
     my ($logdir, $proto, $ipver, $idnum) = @_;
diff --git a/tests/servers.pm b/tests/servers.pm
index e5505886f6..db4b3757b5 100644
--- a/tests/servers.pm
+++ b/tests/servers.pm
@@ -118,12 +118,12 @@ use testutil qw(
     );
 
 
-my %serverpidfile; # all server pid file names, identified by server id
-my %serverportfile;# all server port file names, identified by server id
+my %serverpidfile; # all server pid filenames, identified by server id
+my %serverportfile;# all server port filenames, identified by server id
 my $sshdvernum;  # for socks server, ssh daemon version number
 my $sshdverstr;  # for socks server, ssh daemon version string
 my $sshderror;   # for socks server, ssh daemon version error
-my %doesntrun;    # servers that don't work, identified by pidfile
+my %doesntrun;    # servers that do not work, identified by pidfile
 my %PORT = (nolisten => 47); # port we use for a local non-listening service
 my $server_response_maxtime=13;
 my $httptlssrv = find_httptlssrv();
@@ -185,7 +185,7 @@ sub getfreeport {
                                  Type      => SOCK_STREAM,
                                  Reuse     => 1,
                                  Listen    => 10 )
-        or die "Couldn't create tcp server socket: $@\n";
+        or die "Could not create tcp server socket: $@\n";
 
     return $server->sockport();
 }
@@ -225,7 +225,7 @@ sub initserverconfig {
 }
 
 #######################################################################
-# Load serverpidfile and serverportfile hashes with file names for all
+# Load serverpidfile and serverportfile hashes with filenames for all
 # possible servers.
 #
 sub init_serverpidfile_hash {
@@ -362,14 +362,14 @@ sub startnew {
 
         # Put an "exec" in front of the command so that the child process
         # keeps this child's process ID.
-        exec("exec $cmd") || die "Can't exec() $cmd: $!";
+        exec("exec $cmd") || die "Cannot exec() $cmd: $!";
 
         # exec() should never return back here to this process. We protect
         # ourselves by calling die() just in case something goes really bad.
         die "error: exec() has returned";
     }
 
-    # Ugly hack but ssh client and gnutls-serv don't support pid files
+    # Ugly hack but ssh client and gnutls-serv do not support pid files
     if($fakepidfile) {
         if(open(my $out, ">", "$pidfile")) {
             print $out $child . "\n";
@@ -400,7 +400,7 @@ sub startnew {
         if(checkdied($child)) {
             logmsg "startnew: child process has died, server might start up\n"
                 if($verbose);
-            # We can't just abort waiting for the server with a
+            # We cannot just abort waiting for the server with a
             # return (-1,-1);
             # because the server might have forked and could still start
             # up normally. Instead, just reduce the amount of time we remain
@@ -427,7 +427,7 @@ sub protoport {
 
 
 #######################################################################
-# Stop a test server along with pids which aren't in the %run hash yet.
+# Stop a test server along with pids which are not in the %run hash yet.
 # This also stops all servers which are relative to the given one.
 #
 sub stopserver {
@@ -523,7 +523,7 @@ sub getexternalproxyflags {
 #######################################################################
 # Verify that the server that runs on $ip, $port is our server.  This also
 # implies that we can speak with it, as there might be occasions when the
-# server runs fine but we cannot talk to it ("Failed to connect to ::1: Can't
+# server runs fine but we cannot talk to it ("Failed to connect to ::1: Cannot
 # assign requested address")
 #
 sub verifyhttp {
@@ -596,7 +596,7 @@ sub verifyhttp {
         $pid = 0+$1;
     }
     elsif($res == 6) {
-        # curl: (6) Couldn't resolve host '::1'
+        # curl: (6) Could not resolve hostname '::1'
         logmsg "RUN: failed to resolve host ($proto://$ip:$port/verifiedserver)\n";
         return -1;
     }
@@ -610,7 +610,7 @@ sub verifyhttp {
 #######################################################################
 # Verify that the server that runs on $ip, $port is our server.  This also
 # implies that we can speak with it, as there might be occasions when the
-# server runs fine but we cannot talk to it ("Failed to connect to ::1: Can't
+# server runs fine but we cannot talk to it ("Failed to connect to ::1: Cannot
 # assign requested address")
 #
 sub verifyftp {
@@ -677,7 +677,7 @@ sub verifyftp {
 #######################################################################
 # Verify that the server that runs on $ip, $port is our server.  This also
 # implies that we can speak with it, as there might be occasions when the
-# server runs fine but we cannot talk to it ("Failed to connect to ::1: Can't
+# server runs fine but we cannot talk to it ("Failed to connect to ::1: Cannot
 # assign requested address")
 #
 sub verifyrtsp {
@@ -739,7 +739,7 @@ sub verifyrtsp {
         $pid = 0+$1;
     }
     elsif($res == 6) {
-        # curl: (6) Couldn't resolve host '::1'
+        # curl: (6) Could not resolve hostname '::1'
         logmsg "RUN: failed to resolve host ($proto://$ip:$port/verifiedserver)\n";
         return -1;
     }
@@ -774,13 +774,13 @@ sub verifysftp {
     my ($proto, $ipvnum, $idnum, $ip, $port) = @_;
     my $server = servername_id($proto, $ipvnum, $idnum);
     my $verified = 0;
-    # Find out sftp client canonical file name
+    # Find out sftp client canonical filename
     my $sftp = find_sftp();
     if(!$sftp) {
         logmsg "RUN: SFTP server cannot find $sftpexe\n";
         return -1;
     }
-    # Find out ssh client canonical file name
+    # Find out ssh client canonical filename
     my $ssh = find_ssh();
     if(!$ssh) {
         logmsg "RUN: SFTP server cannot find $sshexe\n";
@@ -807,7 +807,7 @@ sub verifysftp {
 # Verify that the non-stunnel HTTP TLS extensions capable server that runs
 # on $ip, $port is our server.  This also implies that we can speak with it,
 # as there might be occasions when the server runs fine but we cannot talk
-# to it ("Failed to connect to ::1: Can't assign requested address")
+# to it ("Failed to connect to ::1: Cannot assign requested address")
 #
 sub verifyhttptls {
     my ($proto, $ipvnum, $idnum, $ip, $port) = @_;
@@ -874,7 +874,7 @@ sub verifyhttptls {
         return $pid;
     }
     elsif($res == 6) {
-        # curl: (6) Couldn't resolve host '::1'
+        # curl: (6) Could not resolve hostname '::1'
         logmsg "RUN: failed to resolve host (https://$ip:$port/verifiedserver)\n";
         return -1;
     }
@@ -902,7 +902,7 @@ sub verifypid {
 #######################################################################
 # Verify that the server that runs on $ip, $port is our server.  This also
 # implies that we can speak with it, as there might be occasions when the
-# server runs fine but we cannot talk to it ("Failed to connect to ::1: Can't
+# server runs fine but we cannot talk to it ("Failed to connect to ::1: Cannot
 # assign requested address")
 #
 sub verifysmb {
@@ -962,7 +962,7 @@ sub verifysmb {
 #######################################################################
 # Verify that the server that runs on $ip, $port is our server.  This also
 # implies that we can speak with it, as there might be occasions when the
-# server runs fine but we cannot talk to it ("Failed to connect to ::1: Can't
+# server runs fine but we cannot talk to it ("Failed to connect to ::1: Cannot
 # assign requested address")
 #
 sub verifytelnet {
@@ -1110,7 +1110,7 @@ sub runhttpserver {
 
     my $pidfile = $serverpidfile{$server};
 
-    # don't retry if the server doesn't work
+    # do not retry if the server does not work
     if($doesntrun{$pidfile}) {
         return (2, 0, 0, 0);
     }
@@ -1189,7 +1189,7 @@ sub runhttp2server {
 
     my $pidfile = $serverpidfile{$server};
 
-    # don't retry if the server doesn't work
+    # do not retry if the server does not work
     if($doesntrun{$pidfile}) {
         return (2, 0, 0, 0, 0);
     }
@@ -1250,7 +1250,7 @@ sub runhttp3server {
 
     my $pidfile = $serverpidfile{$server};
 
-    # don't retry if the server doesn't work
+    # do not retry if the server does not work
     if($doesntrun{$pidfile}) {
         return (2, 0, 0, 0);
     }
@@ -1316,7 +1316,7 @@ sub runhttpsserver {
 
     my $pidfile = $serverpidfile{$server};
 
-    # don't retry if the server doesn't work
+    # do not retry if the server does not work
     if($doesntrun{$pidfile}) {
         return (2, 0, 0, 0);
     }
@@ -1360,7 +1360,7 @@ sub runhttpsserver {
 
     if($httpspid <= 0 || !pidexists($httpspid)) {
         # it is NOT alive
-        # don't call stopserver since that will also kill the dependent
+        # do not call stopserver since that will also kill the dependent
         # server that has already been started properly
         $doesntrun{$pidfile} = 1;
         $httpspid = $pid2 = 0;
@@ -1397,7 +1397,7 @@ sub runhttptlsserver {
 
     my $pidfile = $serverpidfile{$server};
 
-    # don't retry if the server doesn't work
+    # do not retry if the server does not work
     if($doesntrun{$pidfile}) {
         return (2, 0, 0, 0);
     }
@@ -1460,7 +1460,7 @@ sub runpingpongserver {
     my $pidfile = $serverpidfile{$server};
     my $portfile = $serverportfile{$server};
 
-    # don't retry if the server doesn't work
+    # do not retry if the server does not work
     if($doesntrun{$pidfile}) {
         return (2, 0, 0);
     }
@@ -1531,7 +1531,7 @@ sub runsecureserver {
 
     my $pidfile = $serverpidfile{$server};
 
-    # don't retry if the server doesn't work
+    # do not retry if the server does not work
     if($doesntrun{$pidfile}) {
         return (2, 0, 0, 0);
     }
@@ -1564,7 +1564,7 @@ sub runsecureserver {
 
     if($protospid <= 0 || !pidexists($protospid)) {
         # it is NOT alive
-        # don't call stopserver since that will also kill the dependent
+        # do not call stopserver since that will also kill the dependent
         # server that has already been started properly
         $doesntrun{$pidfile} = 1;
         $protospid = $pid2 = 0;
@@ -1602,7 +1602,7 @@ sub runtftpserver {
 
     my $pidfile = $serverpidfile{$server};
 
-    # don't retry if the server doesn't work
+    # do not retry if the server does not work
     if($doesntrun{$pidfile}) {
         return (2, 0, 0, 0);
     }
@@ -1673,7 +1673,7 @@ sub rundnsserver {
 
     my $pidfile = $serverpidfile{$server};
 
-    # don't retry if the server doesn't work
+    # do not retry if the server does not work
     if($doesntrun{$pidfile}) {
         return (2, 0, 0, 0);
     }
@@ -1746,7 +1746,7 @@ sub runrtspserver {
     my $pidfile = $serverpidfile{$server};
     my $portfile = $serverportfile{$server};
 
-    # don't retry if the server doesn't work
+    # do not retry if the server does not work
     if($doesntrun{$pidfile}) {
         return (2, 0, 0, 0);
     }
@@ -1808,7 +1808,7 @@ sub runsshserver {
     my $idnum = ($id && ($id =~ /^(\d+)$/) && ($id > 1)) ? $id : 1;
 
     if(!$USER) {
-        logmsg "Can't start ssh server due to lack of USER name\n";
+        logmsg "Cannot start ssh server due to lack of username\n";
         return (4, 0, 0, 0);
     }
 
@@ -1816,7 +1816,7 @@ sub runsshserver {
 
     my $pidfile = $serverpidfile{$server};
 
-    # don't retry if the server doesn't work
+    # do not retry if the server does not work
     if($doesntrun{$pidfile}) {
         return (2, 0, 0, 0);
     }
@@ -1870,8 +1870,8 @@ sub runsshserver {
 
     # once it is known that the ssh server is alive, sftp server
     # verification is performed actually connecting to it, authenticating
-    # and performing a very simple remote command.  This verification is
-    # tried only one time.
+    # and performing a simple remote command.  This verification is tried
+    # only one time.
 
     $sshdlog = server_logfilename($LOGDIR, 'ssh', $ipvnum, $idnum);
     $sftplog = server_logfilename($LOGDIR, 'sftp', $ipvnum, $idnum);
@@ -1889,7 +1889,7 @@ sub runsshserver {
         logmsg "RUN: failed to verify the $srvrname server on $port\n";
         return (5, 0, 0, 0);
     }
-    # we're happy, no need to loop anymore!
+    # we are happy, no need to loop anymore!
     $doesntrun{$pidfile} = 0;
 
     my $hostfile;
@@ -1934,7 +1934,7 @@ sub runmqttserver {
     my $pidfile = $serverpidfile{$server};
     my $portfile = $serverportfile{$server};
 
-    # don't retry if the server doesn't work
+    # do not retry if the server does not work
     if($doesntrun{$pidfile}) {
         return (2, 0, 0);
     }
@@ -1996,7 +1996,7 @@ sub runsocksserver {
 
     my $pidfile = $serverpidfile{$server};
 
-    # don't retry if the server doesn't work
+    # do not retry if the server does not work
     if($doesntrun{$pidfile}) {
         return (2, 0, 0, 0);
     }
@@ -2079,7 +2079,7 @@ sub rundictserver {
 
     my $pidfile = $serverpidfile{$server};
 
-    # don't retry if the server doesn't work
+    # do not retry if the server does not work
     if($doesntrun{$pidfile}) {
         return (2, 0, 0, 0);
     }
@@ -2140,7 +2140,7 @@ sub runsmbserver {
 
     my $pidfile = $serverpidfile{$server};
 
-    # don't retry if the server doesn't work
+    # do not retry if the server does not work
     if($doesntrun{$pidfile}) {
         return (2, 0, 0, 0);
     }
@@ -2201,7 +2201,7 @@ sub runnegtelnetserver {
 
     my $pidfile = $serverpidfile{$server};
 
-    # don't retry if the server doesn't work
+    # do not retry if the server does not work
     if($doesntrun{$pidfile}) {
         return (2, 0, 0, 0);
     }
@@ -2584,7 +2584,7 @@ sub startservers {
         elsif($what =~ /^(ftp|imap|pop3|smtp)s$/) {
             my $cproto = $1;
             if(!$stunnel) {
-                # we can't run ftps tests without stunnel
+                # we cannot run ftps tests without stunnel
                 return ("no stunnel", 4);
             }
             if($runcert{$what} && ($runcert{$what} ne $certfile)) {
@@ -2624,7 +2624,7 @@ sub startservers {
         }
         elsif($what eq "https" || $what eq "https-mtls") {
             if(!$stunnel) {
-                # we can't run https tests without stunnel
+                # we cannot run https tests without stunnel
                 return ("no stunnel", 4);
             }
             if($runcert{$what} && ($runcert{$what} ne $certfile)) {
@@ -2677,7 +2677,7 @@ sub startservers {
             }
         }
         elsif($what eq "http/2") {
-            # http/2 server proxies to a http server
+            # http/2 server proxies to an HTTP server
             if($run{'http/2'} &&
                !responsive_http_server("https", $verbose, 0, protoport('http2tls'))) {
                 logmsg "* restarting unresponsive HTTP/2 server\n";
@@ -2718,7 +2718,7 @@ sub startservers {
             }
         }
         elsif($what eq "http/3") {
-            # http/3 server proxies to a http server
+            # http/3 server proxies to an HTTP server
             if($run{'http/3'} &&
                !responsive_http_server("https", $verbose, 0, protoport('http3'), 1)) {
                 logmsg "* restarting unresponsive HTTP/3 server\n";
@@ -2759,7 +2759,7 @@ sub startservers {
         }
         elsif($what eq "gophers") {
             if(!$stunnel) {
-                # we can't run TLS tests without stunnel
+                # we cannot run TLS tests without stunnel
                 return ("no stunnel", 4);
             }
             if($runcert{'gophers'} && ($runcert{'gophers'} ne $certfile)) {
@@ -2803,7 +2803,7 @@ sub startservers {
         }
         elsif($what eq "https-proxy") {
             if(!$stunnel) {
-                # we can't run https-proxy tests without stunnel
+                # we cannot run https-proxy tests without stunnel
                 return ("no stunnel", 4);
             }
             if($runcert{'https-proxy'} &&
@@ -2834,7 +2834,7 @@ sub startservers {
         }
         elsif($what eq "httptls") {
             if(!$httptlssrv) {
-                # for now, we can't run http TLS-EXT tests without gnutls-serv
+                # for now, we cannot run http TLS-EXT tests without gnutls-serv
                 return ("no gnutls-serv (with SRP support)", 4);
             }
             if($run{'httptls'} &&
@@ -2856,7 +2856,7 @@ sub startservers {
         }
         elsif($what eq "httptls-ipv6") {
             if(!$httptlssrv) {
-                # for now, we can't run http TLS-EXT tests without gnutls-serv
+                # for now, we cannot run http TLS-EXT tests without gnutls-serv
                 return ("no gnutls-serv", 4);
             }
             if($run{'httptls-ipv6'} &&
@@ -3027,7 +3027,7 @@ sub startservers {
             }
         }
         else {
-            warn "we don't support a server for $what";
+            warn "we do not support a server for $what";
             return ("no server for $what", 4);
         }
     }
@@ -3188,7 +3188,7 @@ sub subvariables {
     # The purpose of FTPTIME2 is to provide times that can be
     # used for time-out tests and that would work on most hosts as these
     # adjust for the startup/check time for this particular host. We needed to
-    # do this to make the test suite run better on very slow hosts.
+    # do this to make the test suite run better on slow hosts.
     my $ftp2 = $ftpchecktime * 8;
 
     $$thing =~ s/${prefix}FTPTIME2/$ftp2/g;
diff --git a/tests/smbserver.py b/tests/smbserver.py
index 1fc76f3416..aff9bb067e 100755
--- a/tests/smbserver.py
+++ b/tests/smbserver.py
@@ -171,7 +171,7 @@ class TestSmbServer(imp_smbserver.SMBSERVER):
         self.ctd = TestData(test_data_directory)
 
         # Override smbComNtCreateAndX so we can pretend to have files which
-        # don't exist.
+        # do not exist.
         self.hookSmbCommand(imp_smb.SMB.SMB_COM_NT_CREATE_ANDX,
                             self.create_and_x)
 
@@ -311,7 +311,7 @@ class TestSmbServer(imp_smbserver.SMBSERVER):
         log.debug("[SMB] Get server path '%s'", requested_filename)
 
         if requested_filename not in [VERIFIED_REQ]:
-            raise SmbError(STATUS_NO_SUCH_FILE, "Couldn't find the file")
+            raise SmbError(STATUS_NO_SUCH_FILE, "Could not find the file")
 
         fid, filename = tempfile.mkstemp()
         log.debug("[SMB] Created %s (%d) for storing '%s'",
@@ -383,9 +383,9 @@ def get_options():
     parser.add_argument("--verbose", action="store", type=int, default=0,
                         help="verbose output")
     parser.add_argument("--pidfile", action="store",
-                        help="file name for the PID")
+                        help="filename for the PID")
     parser.add_argument("--logfile", action="store",
-                        help="file name for the log")
+                        help="filename for the log")
     parser.add_argument("--srcdir", action="store", help="test directory")
     parser.add_argument("--id", action="store", help="server ID")
     parser.add_argument("--ipv4", action="store_true", default=0,
diff --git a/tests/sshserver.pl b/tests/sshserver.pl
index 98c15bc2a9..20aceebc24 100755
--- a/tests/sshserver.pl
+++ b/tests/sshserver.pl
@@ -107,7 +107,7 @@ my $error;
 my @cfgarr;
 
 #***************************************************************************
-# Returns a path of the given file name in the log directory (PiddirPath)
+# Returns a path of the given filename in the log directory (PiddirPath)
 #
 sub pp {
     my $file = $_[0];
@@ -201,7 +201,7 @@ while(@ARGV) {
 #
 
 #***************************************************************************
-# Default ssh daemon pid file name & directory
+# Default ssh daemon pid filename & directory
 #
 if($pidfile) {
     # Use our pidfile directory to store server config files
@@ -214,7 +214,7 @@ else {
 }
 
 #***************************************************************************
-# ssh and sftp server log file names
+# ssh and sftp server log filenames
 #
 $sshdlog = server_logfilename($logdir, 'ssh', $ipvnum, $idnum);
 $sftplog = server_logfilename($logdir, 'sftp', $ipvnum, $idnum);
@@ -230,7 +230,7 @@ my $loglevel = $debugprotocol?'DEBUG3':'DEBUG2';
 # Validate username
 #
 if(!$username) {
-    $error = 'Will not run ssh server without a user name';
+    $error = 'Will not run ssh server without a username';
 }
 elsif($username eq 'root') {
     $error = 'Will not run ssh server as root to mitigate security risks';
@@ -242,7 +242,7 @@ if($error) {
 
 
 #***************************************************************************
-# Find out ssh daemon canonical file name
+# Find out ssh daemon canonical filename
 #
 my $sshd = find_sshd();
 if(!$sshd) {
@@ -293,7 +293,7 @@ if((($sshdid =~ /OpenSSH/) && ($sshdvernum < 299)) ||
 
 
 #***************************************************************************
-# Find out sftp server plugin canonical file name
+# Find out sftp server plugin canonical filename
 #
 my $sftpsrv = find_sftpsrv();
 if(!$sftpsrv) {
@@ -304,7 +304,7 @@ logmsg "sftp server plugin found $sftpsrv\n" if($verbose);
 
 
 #***************************************************************************
-# Find out sftp client canonical file name
+# Find out sftp client canonical filename
 #
 my $sftp = find_sftp();
 if(!$sftp) {
@@ -315,7 +315,7 @@ logmsg "sftp client found $sftp\n" if($verbose);
 
 
 #***************************************************************************
-# Find out ssh keygen canonical file name
+# Find out ssh keygen canonical filename
 #
 my $sshkeygen = find_sshkeygen();
 if(!$sshkeygen) {
@@ -326,7 +326,7 @@ logmsg "ssh keygen found $sshkeygen\n" if($verbose);
 
 
 #***************************************************************************
-# Find out ssh client canonical file name
+# Find out ssh client canonical filename
 #
 my $ssh = find_ssh();
 if(!$ssh) {
@@ -406,7 +406,7 @@ if((! -e pp($hstprvkeyf)) || (! -s pp($hstprvkeyf)) ||
    (! -e pp($hstpubsha256f)) || (! -s pp($hstpubsha256f)) ||
    (! -e pp($cliprvkeyf)) || (! -s pp($cliprvkeyf)) ||
    (! -e pp($clipubkeyf)) || (! -s pp($clipubkeyf))) {
-    # Make sure all files are gone so ssh-keygen doesn't complain
+    # Make sure all files are gone so ssh-keygen does not complain
     unlink(pp($hstprvkeyf), pp($hstpubkeyf), pp($hstpubmd5f),
            pp($hstpubsha256f), pp($cliprvkeyf), pp($clipubkeyf));
 
@@ -435,7 +435,7 @@ if((! -e pp($hstprvkeyf)) || (! -s pp($hstprvkeyf)) ||
         exit 1;
     }
     display_file_top(pp($cliprvkeyf)) if($verbose);
-    # Make sure that permissions are restricted so openssh doesn't complain
+    # Make sure that permissions are restricted so openssh does not complain
     chmod 0600, pp($hstprvkeyf);
     chmod 0600, pp($cliprvkeyf);
     if(($^O eq 'cygwin' || $^O eq 'msys') && -e "/bin/setfacl") {
@@ -1207,7 +1207,7 @@ if($sshdid =~ /OpenSSH-Windows/) {
 
     # Put an "exec" in front of the command so that the child process
     # keeps this child's process ID by being tied to the spawned shell.
-    exec("exec $cmd") || die "Can't exec() $cmd: $!";
+    exec("exec $cmd") || die "Cannot exec() $cmd: $!";
     # exec() will create a new process, but ties the existence of the
     # new process to the parent waiting perl.exe and sh.exe processes.
 
diff --git a/tests/test1119.pl b/tests/test1119.pl
index 45196926c3..48d080bc7a 100755
--- a/tests/test1119.pl
+++ b/tests/test1119.pl
@@ -47,7 +47,7 @@ if(!$rc) {
     $Cpreprocessor = 'cpp';
 }
 
-# we may get the dir root pointed out
+# we may get the directory root pointed out
 my $root=$ARGV[0] || ".";
 
 # need an include directory when building out-of-tree
@@ -93,7 +93,7 @@ sub scanheader {
 sub scanallheaders {
     my $d = "$root/include/curl";
     opendir(my $dh, $d) ||
-        die "Can't opendir: $!";
+        die "Cannot opendir: $!";
     my @headers = grep { /.h\z/ } readdir($dh);
     closedir $dh;
     foreach my $h (@headers) {
@@ -126,7 +126,7 @@ sub checkmanpage {
 sub scanman_md_dir {
     my ($d) = @_;
     opendir(my $dh, $d) ||
-        die "Can't opendir: $!";
+        die "Cannot opendir: $!";
     my @mans = grep { /.md\z/ } readdir($dh);
     closedir $dh;
     for my $m (@mans) {
@@ -197,7 +197,7 @@ for my $e (sort @syms) {
 # now scan through all symbols that were present in the symbols-in-versions
 # but not in the headers
 #
-# If the symbols were marked 'removed' in symbols-in-versions we don't output
+# If the symbols were marked 'removed' in symbols-in-versions we do not output
 # anything about it since that is perfectly fine.
 #
 
diff --git a/tests/test1132.pl b/tests/test1132.pl
index e808c2e8c8..966bd09a48 100755
--- a/tests/test1132.pl
+++ b/tests/test1132.pl
@@ -72,10 +72,10 @@ sub scanfile {
         }
         else {
             if(!$memdebug) {
-                print STDERR "$file doesn't include \"memdebug.h\"!\n";
+                print STDERR "$file does not include \"memdebug.h\"!\n";
             }
             if(!$curlmem) {
-                print STDERR "$file doesn't include \"curl_memory.h\"!\n";
+                print STDERR "$file does not include \"curl_memory.h\"!\n";
             }
             return 1;
         }
@@ -83,7 +83,7 @@ sub scanfile {
     return 0;
 }
 
-opendir(my $dh, $dir) || die "can't opendir $dir: $!";
+opendir(my $dh, $dir) || die "cannot opendir $dir: $!";
 my @cfiles = grep { /\.c\z/ && -f "$dir/$_" } readdir($dh);
 closedir $dh;
 
diff --git a/tests/test1135.pl b/tests/test1135.pl
index b64e4bf8a8..15982e659d 100755
--- a/tests/test1135.pl
+++ b/tests/test1135.pl
@@ -28,7 +28,7 @@ use warnings;
 
 my $sort = 0;
 
-# we may get the dir root pointed out
+# we may get the directory root pointed out
 my $root = shift @ARGV;
 while(defined $root) {
 
diff --git a/tests/test1139.pl b/tests/test1139.pl
index e2eb8946eb..bfe636578f 100755
--- a/tests/test1139.pl
+++ b/tests/test1139.pl
@@ -34,14 +34,14 @@
 # src/tool_getparam.c lists all options curl can parse
 # docs/curl.1 documents all command line options
 # src/tool_listhelp.c outputs all options with curl -h
-# - make sure they're all in sync
+# - make sure they are all in sync
 #
 # Output all deviances to stderr.
 
 use strict;
 use warnings;
 
-# we may get the dir roots pointed out
+# we may get the directory roots pointed out
 my $root=$ARGV[0] || ".";
 my $buildroot=$ARGV[1] || ".";
 my $syms = "$root/docs/libcurl/symbols-in-versions";
@@ -126,7 +126,7 @@ while(<$r>) {
         }
         elsif($rem) {
             # $opt was removed in $rem
-            # so don't check for that
+            # so do not check for that
         }
         else {
             if($type eq "OPT") {
diff --git a/tests/test1165.pl b/tests/test1165.pl
index a15071c256..654a2ad642 100755
--- a/tests/test1165.pl
+++ b/tests/test1165.pl
@@ -37,7 +37,7 @@ my %file;
 # the DISABLE options that are documented
 my %docs;
 
-# we may get the dir root pointed out
+# we may get the directory root pointed out
 my $root=$ARGV[0] || ".";
 my $DOCS="CURL-DISABLE.md";
 
@@ -54,7 +54,7 @@ sub scanconf {
 }
 
 sub scan_configure {
-    opendir(my $m, "$root/m4") || die "Can't opendir $root/m4: $!";
+    opendir(my $m, "$root/m4") || die "Cannot opendir $root/m4: $!";
     my @m4 = grep { /\.m4$/ } readdir($m);
     closedir $m;
     scanconf("$root/configure.ac");
@@ -105,7 +105,7 @@ sub scan_file {
 
 sub scan_dir {
     my ($dir)=@_;
-    opendir(my $dh, $dir) || die "Can't opendir $dir: $!";
+    opendir(my $dh, $dir) || die "Cannot opendir $dir: $!";
     my @cfiles = grep { /\.[ch]\z/ && -f "$dir/$_" } readdir($dh);
     closedir $dh;
     for my $f (sort @cfiles) {
diff --git a/tests/test1167.pl b/tests/test1167.pl
index e2965b784a..1bcaedddcd 100755
--- a/tests/test1167.pl
+++ b/tests/test1167.pl
@@ -55,7 +55,7 @@ if($ARGV[0] eq "-v") {
     shift;
 }
 
-# we may get the dir root pointed out
+# we may get the directory root pointed out
 my $root=$ARGV[0] || ".";
 
 # need an include directory when building out-of-tree
@@ -77,7 +77,7 @@ sub scanenums {
     while() {
         my ($line, $linenum) = ($_, $.);
         if(/^#(line|) (\d+) \"(.*)\"/) {
-            # if the included file isn't in our incdir, then we skip this section
+            # if the included file is not in our incdir, then we skip this section
             # until next #line
             #
             if($3 !~ /^$incdir/) {
@@ -135,7 +135,7 @@ sub scanheader {
 }
 
 
-opendir(my $dh, $incdir) || die "Can't opendir $incdir: $!";
+opendir(my $dh, $incdir) || die "Cannot opendir $incdir: $!";
 my @hfiles = grep { /\.h$/ } readdir($dh);
 closedir $dh;
 
diff --git a/tests/test1173.pl b/tests/test1173.pl
index 19bcd1af8c..493ce37ca7 100755
--- a/tests/test1173.pl
+++ b/tests/test1173.pl
@@ -31,10 +31,10 @@ use strict;
 use warnings;
 use File::Basename;
 
-# get the file name first
+# get the filename first
 my $symbolsinversions=shift @ARGV;
 
-# we may get the dir roots pointed out
+# we may get the directory roots pointed out
 my @manpages=@ARGV;
 my $errors = 0;
 
@@ -119,7 +119,7 @@ sub checkref {
     }
 }
 
-# option-looking words that aren't options
+# option-looking words that are not options
 my %allownonref = (
     'CURLINFO_TEXT' => 1,
     'CURLINFO_HEADER_IN' => 1,
@@ -148,7 +148,7 @@ sub scanmanpage {
     open(my $m, "<", "$file") ||
         die "test1173.pl could not open $file";
     if($file =~ /[\/\\](CURL|curl_)([^\/\\]*).3/) {
-        # This is a man page for libcurl. It requires an example unless it's
+        # This is a man page for libcurl. It requires an example unless it is
         # considered deprecated.
         $reqex = 1 unless defined $deprecated{'CURL'.$2};
         if($1 eq "CURL") {
@@ -372,7 +372,7 @@ sub scanmanpage {
 allsymbols();
 
 if(!$symbol{'CURLALTSVC_H1'}) {
-    print STDERR "didn't get the symbols-in-version!\n";
+    print STDERR "did not get the symbols-in-version!\n";
     exit;
 }
 
diff --git a/tests/test1175.pl b/tests/test1175.pl
index 2e67142613..54e0a1fe76 100755
--- a/tests/test1175.pl
+++ b/tests/test1175.pl
@@ -26,7 +26,7 @@
 use strict;
 use warnings;
 
-# we may get the dir root pointed out
+# we may get the directory root pointed out
 my $root = $ARGV[0] || ".";
 
 my %error; # from the include file
diff --git a/tests/test1222.pl b/tests/test1222.pl
index 8186d63511..6aebc9646a 100755
--- a/tests/test1222.pl
+++ b/tests/test1222.pl
@@ -259,8 +259,8 @@ if(!glob("$libdocdir/*.3")) {
     exit 0;
 }
 
-# Get header file names,
-opendir(my $dh, $incdir) || die "Can't opendir $incdir";
+# Get header filenames,
+opendir(my $dh, $incdir) || die "Cannot opendir $incdir";
 my @hfiles = grep { /\.h$/ } readdir($dh);
 closedir $dh;
 
diff --git a/tests/test1477.pl b/tests/test1477.pl
index 44a0f90200..2ce5d8e89b 100755
--- a/tests/test1477.pl
+++ b/tests/test1477.pl
@@ -29,7 +29,7 @@
 use strict;
 use warnings;
 
-# we may get the dir roots pointed out
+# we may get the directory roots pointed out
 my $root=$ARGV[0] || ".";
 my $buildroot=$ARGV[1] || ".";
 my $manpge = "$buildroot/docs/libcurl/libcurl-errors.3";
@@ -79,7 +79,7 @@ sub scanmanpage {
 }
 
 
-opendir(my $dh, $curlh) || die "Can't opendir $curlh: $!";
+opendir(my $dh, $curlh) || die "Cannot opendir $curlh: $!";
 my @hfiles = grep { /\.h$/ } readdir($dh);
 closedir $dh;
 
diff --git a/tests/test1486.pl b/tests/test1486.pl
index f679261061..05006ebc63 100755
--- a/tests/test1486.pl
+++ b/tests/test1486.pl
@@ -26,7 +26,7 @@
 use strict;
 use warnings;
 
-# we may get the dir root pointed out
+# we may get the directory root pointed out
 my $root=$ARGV[0] || ".";
 
 my %insrc; # variable set in source
diff --git a/tests/test1488.pl b/tests/test1488.pl
index 1994f93bee..3d67908195 100755
--- a/tests/test1488.pl
+++ b/tests/test1488.pl
@@ -48,7 +48,7 @@ if(!$rc) {
     $Cpreprocessor = 'cpp';
 }
 
-# we may get the dir root pointed out
+# we may get the directory root pointed out
 my $root=$ARGV[0] || ".";
 
 # need an include directory when building out-of-tree
@@ -98,7 +98,7 @@ sub checkmanpage {
 sub scanman_md_dir {
     my ($d) = @_;
     opendir(my $dh, $d) ||
-        die "Can't opendir: $!";
+        die "Cannot opendir: $!";
     my @mans = grep { /.md\z/ } readdir($dh);
     closedir $dh;
     for my $m (@mans) {
diff --git a/tests/test745.pl b/tests/test745.pl
index 4395eb9681..766496f238 100755
--- a/tests/test745.pl
+++ b/tests/test745.pl
@@ -26,7 +26,7 @@
 use strict;
 use warnings;
 
-# we may get the dir root pointed out
+# we may get the directory root pointed out
 my $root=$ARGV[0] || ".";
 
 my %typecheck; # from the include file
diff --git a/tests/test971.pl b/tests/test971.pl
index b7046ac678..a0b900282b 100755
--- a/tests/test971.pl
+++ b/tests/test971.pl
@@ -24,7 +24,7 @@
 ###########################################################################
 #
 # - Get all options mentioned in the $cmddir.
-# - Make sure they're all mentioned in the $opts document
+# - Make sure they are all mentioned in the $opts document
 # - Make sure that the version in $opts matches the version in the file in
 #   $cmddir
 #
@@ -45,7 +45,7 @@ my $error = 0;
 sub cmdfiles {
     my ($dir)=@_;
 
-    opendir(my $dh, $dir) || die "Can't opendir $dir: $!";
+    opendir(my $dh, $dir) || die "Cannot opendir $dir: $!";
     my @opts = grep { /[a-z0-9].*\.md$/ && -f "$dir/$_" } readdir($dh);
     closedir $dh;
 
diff --git a/tests/testcurl.pl b/tests/testcurl.pl
index 4f3eade703..109272da3f 100755
--- a/tests/testcurl.pl
+++ b/tests/testcurl.pl
@@ -33,8 +33,8 @@
 # at a regular interval. The output is suitable to be mailed to
 # curl-autocompile@haxx.se to be dealt with automatically (make sure the
 # subject includes the word "autobuild" as the mail gets silently discarded
-# otherwise).  The most current build status (with a reasonable backlog) will
-# be published on the curl site, at https://curl.se/auto/
+# otherwise).  The most current build status (with a reasonable backlog) is
+# published on the curl site, at https://curl.se/auto/
 
 # USAGE:
 # testcurl.pl [options] [curl-daily-name] > output
@@ -49,12 +49,12 @@
 # --mktarball=[command]    Command to run after completed test
 # --name=[name]            Set name to report as
 # --notes=[notes]          More human-readable information about this configuration
-# --nocvsup                Don't pull from git even though it is a git tree
-# --nogitpull              Don't pull from git even though it is a git tree
-# --nobuildconf            Don't run autoreconf -fi
-# --noconfigure            Don't run configure
+# --nocvsup                Do not pull from git even though it is a git tree
+# --nogitpull              Do not pull from git even though it is a git tree
+# --nobuildconf            Do not run autoreconf -fi
+# --noconfigure            Do not run configure
 # --runtestopts=[options]  Options to pass to runtests.pl
-# --setup=[file name]      File name to read setup from (deprecated)
+# --setup=[filename]       Filename to read setup from (deprecated)
 # --target=[your os]       Specify your target environment.
 #
 # if [curl-daily-name] is omitted, a 'curl' git directory is assumed.
@@ -66,7 +66,7 @@ use warnings;
 use Cwd;
 use File::Spec;
 
-# Turn on warnings (equivalent to -w, which can't be used with /usr/bin/env)
+# Turn on warnings (equivalent to -w, which cannot be used with /usr/bin/env)
 #BEGIN { $^W = 1; }
 
 use vars qw($version $fixed $infixed $CURLDIR $git $pwd $build $buildlog
@@ -84,7 +84,7 @@ $runtestopts='';
 $version='2024-11-28';
 $fixed=0;
 
-# Determine if we're running from git or a canned copy of curl,
+# Determine if we are running from git or a canned copy of curl,
 # or if we got a specific target option or setup file option.
 $CURLDIR="curl";
 if(-f ".git/config") {
@@ -362,7 +362,7 @@ logit "date = $timestamp";  # When the test build starts
 
 $str1066os = undef;
 
-# Make $pwd to become the path without newline. We'll use that in order to cut
+# Make $pwd to become the path without newline. We use that in order to cut
 # off that path from all possible logs and error messages etc.
 $pwd = getcwd();
 
@@ -374,14 +374,14 @@ if(-d $CURLDIR) {
         # remove the generated sources to force them to be re-generated each
         # time we run this test
         unlink "$CURLDIR/src/tool_hugehelp.c";
-        # find out if curl source dir has an in-tree c-ares repo
+        # find out if curl source directory has an in-tree c-ares repo
         $have_embedded_ares = 1 if(-f "$CURLDIR/ares/GIT-INFO");
     } elsif(!$git && -f "$CURLDIR/tests/testcurl.pl") {
         logit "$CURLDIR is verified to be a fine daily source dir";
-        # find out if curl source dir has an in-tree c-ares extracted tarball
+        # find out if curl source directory has an in-tree c-ares extracted tarball
         $have_embedded_ares = 1 if(-f "$CURLDIR/ares/ares_build.h");
     } else {
-        mydie "$CURLDIR is not a daily source dir or checked out from git!"
+        mydie "$CURLDIR is not a daily source directory or checked out from git!"
     }
 }
 
@@ -399,13 +399,13 @@ rmtree "buildlog-*";
 # this is to remove old build logs that ended up in the wrong dir
 foreach(glob("$CURLDIR/buildlog-*")) { unlink $_; }
 
-# create a dir to build in
+# create a directory to build in
 mkdir $build, 0777;
 
 if(-d $build) {
-    logit "build dir $build was created fine";
+    logit "build directory $build was created fine";
 } else {
-    mydie "failed to create dir $build";
+    mydie "failed to create directory $build";
 }
 
 # get in the curl source tree root
@@ -500,7 +500,7 @@ if($git) {
     }
 }
 
-# Set timestamp to the one in curlver.h if this isn't a git test build.
+# Set timestamp to the one in curlver.h if this is not a git test build.
 if((-f "include/curl/curlver.h") &&
     (open(my $f, "<", "include/curl/curlver.h"))) {
     while(<$f>) {
@@ -548,7 +548,7 @@ sub findinpath {
 
 my $make = findinpath("gmake", "make", "nmake");
 if(!$make) {
-    mydie "Couldn't find make in the PATH";
+    mydie "Could not find make in the PATH";
 }
 # force to 'nmake' for VC builds
 $make = "nmake" if($targetos =~ /vc/);
@@ -564,10 +564,10 @@ if($configurebuild) {
     if(-f "lib/Makefile") {
         logit "configure seems to have finished fine";
     } else {
-        mydie "configure didn't work";
+        mydie "configure did not work";
     }
 } else {
-    logit "copying files to build dir ...";
+    logit "copying files to build directory ...";
     if($^O eq 'MSWin32') {
         system("xcopy /s /q \"$CURLDIR\" .");
     }
@@ -777,7 +777,7 @@ else {
             close($log);
             chdir "$pwd/$build";
         }
-        logit_spaced "cross-compiling, can't run tests";
+        logit_spaced "cross-compiling, cannot run tests";
     }
     # dummy message to feign success
     print "TESTDONE: 1 tests out of 0 (dummy message)\n";
diff --git a/tests/testutil.pm b/tests/testutil.pm
index 35fe4bd633..6317a5e931 100644
--- a/tests/testutil.pm
+++ b/tests/testutil.pm
@@ -183,7 +183,7 @@ sub subnewlines {
     }
     else {
         if(($$thing =~ /^\n\z/) && $prevupdate) {
-            # if there's a blank link after a line we update, we hope it is
+            # if there is a blank link after a line we update, we hope it is
             # the empty line following headers
             $$thing =~ s/\x0a/\x0d\x0a/;
         }
diff --git a/tests/unit/README.md b/tests/unit/README.md
index 80e2c5c469..190821b33b 100644
--- a/tests/unit/README.md
+++ b/tests/unit/README.md
@@ -47,7 +47,7 @@ For the actual C file, here's a simple example:
 ~~~c
     #include "unitcheck.h"
 
-    #include "a libcurl header.h" /* from the lib dir */
+    #include "a libcurl header.h" /* from the lib directory */
 
     static CURLcode test_unit9998(const char *arg)
     {
@@ -68,7 +68,7 @@ Here's an example using optional initialization and cleanup:
 ~~~c
     #include "unitcheck.h"
 
-    #include "a libcurl header.h" /* from the lib dir */
+    #include "a libcurl header.h" /* from the lib directory */
 
     static CURLcode t9999_setup(void)
     {
diff --git a/tests/unit/unit1300.c b/tests/unit/unit1300.c
index a5ddf11f49..77fb1fb386 100644
--- a/tests/unit/unit1300.c
+++ b/tests/unit/unit1300.c
@@ -127,7 +127,7 @@ static CURLcode test_unit1300(const char *arg)
   fail_unless(Curl_node_elem(Curl_node_next(Curl_llist_head(&llist))) ==
               &unusedData_case2,
               "the node next to head is not getting set correctly");
-  /* better safe than sorry, check that the tail isn't corrupted */
+  /* better safe than sorry, check that the tail is not corrupted */
   fail_unless(Curl_node_elem(Curl_llist_tail(&llist)) != &unusedData_case2,
               "the list tail is not getting set correctly");
 
diff --git a/tests/unit/unit1303.c b/tests/unit/unit1303.c
index b02cb3abad..03673c544e 100644
--- a/tests/unit/unit1303.c
+++ b/tests/unit/unit1303.c
@@ -47,7 +47,7 @@ static void t1303_stop(struct Curl_easy *easy)
 }
 
 /* BASE is just a define to make us fool around with decently large number so
-   that we aren't zero-based */
+   that we are not zero-based */
 #define BASE 1000000
 
 /* macro to set the pretended current time */
diff --git a/tests/unit/unit1307.c b/tests/unit/unit1307.c
index 248adb99c2..d5fcf5c6b1 100644
--- a/tests/unit/unit1307.c
+++ b/tests/unit/unit1307.c
@@ -186,13 +186,13 @@ static CURLcode test_unit1307(const char *arg)
     { "[[:foo:]]",                "bar",                    NOMATCH|MAC_FAIL},
     { "[[:foo:]]",                "f]",         MATCH|LINUX_NOMATCH|MAC_FAIL},
 
-    { "Curl[[:blank:]];-)",       "Curl ;-)",               MATCH },
+    { "curl[[:blank:]];-)",       "curl ;-)",               MATCH },
     { "*[[:blank:]]*",            " ",                      MATCH },
     { "*[[:blank:]]*",            "",                       NOMATCH },
     { "*[[:blank:]]*",            "hi, im_Pavel",           MATCH },
 
     /* common using */
-    { "filename.dat",             "filename.dat",           MATCH },
+    { "Filename.dat",             "Filename.dat",           MATCH },
     { "*curl*",                   "lets use curl!!",        MATCH },
     { "filename.txt",             "filename.dat",           NOMATCH },
     { "*.txt",                    "text.txt",               MATCH },
diff --git a/tests/unit/unit1605.c b/tests/unit/unit1605.c
index a092ff1639..8b1ec447ca 100644
--- a/tests/unit/unit1605.c
+++ b/tests/unit/unit1605.c
@@ -54,10 +54,10 @@ static CURLcode test_unit1605(const char *arg)
   char *esc;
 
   esc = curl_easy_escape(easy, "", -1);
-  fail_unless(esc == NULL, "negative string length can't work");
+  fail_unless(esc == NULL, "negative string length cannot work");
 
   esc = curl_easy_unescape(easy, "%41%41%41%41", -1, &len);
-  fail_unless(esc == NULL, "negative string length can't work");
+  fail_unless(esc == NULL, "negative string length cannot work");
 
   UNITTEST_END(t1605_stop(easy))
 }
diff --git a/tests/unit/unit1607.c b/tests/unit/unit1607.c
index dda6769782..089caa1c45 100644
--- a/tests/unit/unit1607.c
+++ b/tests/unit/unit1607.c
@@ -66,7 +66,7 @@ static CURLcode test_unit1607(const char *arg)
 
   /* CURLOPT_RESOLVE address parsing tests */
   static const struct testcase tests[] = {
-    /* spaces aren't allowed, for now */
+    /* spaces are not allowed, for now */
     { "test.com:80:127.0.0.1, 127.0.0.2",
       "test.com", 80, TRUE, { NULL, }
     },
diff --git a/tests/unit/unit1609.c b/tests/unit/unit1609.c
index 26934d89bf..00164617f5 100644
--- a/tests/unit/unit1609.c
+++ b/tests/unit/unit1609.c
@@ -85,7 +85,7 @@ static CURLcode test_unit1609(const char *arg)
   };
 
   static const struct testcase tests[] = {
-    /* spaces aren't allowed, for now */
+    /* spaces are not allowed, for now */
     { "test.com:80:127.0.0.1",
       "test.com", 80, { "127.0.0.1", }
     },
diff --git a/tests/unit/unit1652.c b/tests/unit/unit1652.c
index 0b3337f688..d90dea36d4 100644
--- a/tests/unit/unit1652.c
+++ b/tests/unit/unit1652.c
@@ -37,7 +37,7 @@ static char output[4096];
 
 /*
  * This debugf callback is simply dumping the string into the static buffer
- * for the unit test to inspect. Since we know that we're only dealing with
+ * for the unit test to inspect. Since we know that we are only dealing with
  * text we can afford the luxury of skipping the type check here.
  */
 static int debugf_cb(CURL *handle, curl_infotype type, char *buf, size_t size,
diff --git a/tests/unit/unit1653.c b/tests/unit/unit1653.c
index 1e6fd9ef26..714b52a8e6 100644
--- a/tests/unit/unit1653.c
+++ b/tests/unit/unit1653.c
@@ -173,7 +173,7 @@ static CURLcode test_unit1653(const char *arg)
   free_and_clear(ipv6port);
   curl_url_cleanup(u);
 
-  /* Incorrect zone index syntax, but the port extractor doesn't care */
+  /* Incorrect zone index syntax, but the port extractor does not care */
   u = curl_url();
   if(!u)
     goto fail;
diff --git a/tests/unit/unit1654.c b/tests/unit/unit1654.c
index d2144fc214..c16a9ebfd6 100644
--- a/tests/unit/unit1654.c
+++ b/tests/unit/unit1654.c
@@ -119,13 +119,13 @@ static CURLcode test_unit1654(const char *arg)
                           ALPN_h2, "6.example.net", 80);
   fail_if(res, "Curl_altsvc_parse(9) failed!");
 
-  /* missing port in host name */
+  /* missing port in hostname */
   res = Curl_altsvc_parse(curl, asi,
                           "h2=\"example.net\"; ma=\"180\";\r\n",
                           ALPN_h2, "7.example.net", 80);
   fail_if(res, "Curl_altsvc_parse(10) failed!");
 
-  /* illegal port in host name */
+  /* illegal port in hostname */
   res = Curl_altsvc_parse(curl, asi,
                           "h2=\"example.net:70000\"; ma=\"180\";\r\n",
                           ALPN_h2, "8.example.net", 80);
diff --git a/tests/unit/unit1655.c b/tests/unit/unit1655.c
index 8b49fb32f8..ab42b971ef 100644
--- a/tests/unit/unit1655.c
+++ b/tests/unit/unit1655.c
@@ -23,7 +23,7 @@
  ***************************************************************************/
 #include "unitcheck.h"
 
-#include "doh.h" /* from the lib dir */
+#include "doh.h"
 
 static CURLcode test_unit1655(const char *arg)
 {
diff --git a/tests/unit/unit1658.c b/tests/unit/unit1658.c
index 3273c2141a..d60fa96b8f 100644
--- a/tests/unit/unit1658.c
+++ b/tests/unit/unit1658.c
@@ -23,7 +23,7 @@
  ***************************************************************************/
 #include "unitcheck.h"
 
-#include "doh.h" /* from the lib dir */
+#include "doh.h"
 
 /* DoH + HTTPSRR are required */
 #if !defined(CURL_DISABLE_DOH) && defined(USE_HTTPSRR)
diff --git a/tests/util.py b/tests/util.py
index 4d08ecc93a..3982f2b671 100755
--- a/tests/util.py
+++ b/tests/util.py
@@ -66,7 +66,7 @@ class TestData(object):
         self.data_folder = data_folder
 
     def get_test_data(self, test_number):
-        # Create the test file name
+        # Create the test filename
         filename = os.path.join(self.data_folder,
                                 "test{0}".format(test_number))
 
@@ -77,9 +77,9 @@ class TestData(object):
 
         m = REPLY_DATA.search(contents)
         if not m:
-            raise Exception("Couldn't find a  section")
+            raise Exception("Could not find a  section")
 
-        # Left-strip the data so we don't get a newline before our data.
+        # Left-strip the data so we do not get a newline before our data.
         return m.group(1).lstrip()
 
 

From 1b48c6148a0708f401e2cef8aaee445ffb689ea9 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sat, 25 Oct 2025 23:32:14 +0200
Subject: [PATCH 0881/2408] tidy-up: miscellaneous

- schannel: delete superfluous parenthesis.
- tftp: delete stray space from log output.
- ws: update guard comment.
- docs/examples: constify variables.
- runtests/servers: enclose unknown parameter between quotes.
- scripts/perlcheck.sh: drop redundant grep `-E` option.
- THANKS: move names from comments to THANKS.
- sync `--depth` option style across scripts.
- sync git repo URL ending between some scripts.
- BINDINGS.md: drop protocol from archive.org URL path.
- whitespace, indent, unfold lines.

Closes #19565
---
 .github/workflows/http3-linux.yml   | 20 ++++++++++----------
 .github/workflows/linux.yml         |  2 +-
 CMakeLists.txt                      | 13 ++++++-------
 docs/BINDINGS.md                    |  2 +-
 docs/HTTP3.md                       |  2 +-
 docs/THANKS                         |  4 +++-
 docs/examples/crawler.c             |  2 +-
 docs/examples/ftpuploadfrommem.c    |  2 +-
 docs/examples/ftpuploadresume.c     |  2 +-
 docs/examples/ghiper.c              |  4 ++--
 docs/examples/headerapi.c           |  2 +-
 docs/examples/http2-upload.c        |  2 +-
 docs/examples/multi-debugcallback.c |  2 +-
 lib/cf-socket.c                     | 24 ++++++++----------------
 lib/curl_ntlm_core.c                |  6 +++---
 lib/parsedate.c                     |  2 +-
 lib/tftp.c                          |  4 ++--
 lib/vtls/rustls.c                   |  2 +-
 lib/vtls/schannel.c                 |  4 ++--
 lib/ws.c                            |  2 +-
 scripts/mk-ca-bundle.pl             |  2 +-
 scripts/perlcheck.sh                |  2 +-
 tests/ech_combos.py                 |  8 +++-----
 tests/ftpserver.pl                  |  2 +-
 tests/getpart.pm                    |  2 +-
 tests/http-server.pl                |  2 +-
 tests/http2-server.pl               |  2 +-
 tests/http3-server.pl               |  2 +-
 tests/rtspserver.pl                 |  2 +-
 tests/secureserver.pl               |  2 +-
 tests/sshserver.pl                  |  2 +-
 tests/tftpserver.pl                 |  2 +-
 32 files changed, 62 insertions(+), 71 deletions(-)

diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml
index a844eb6c14..2979e9d7d1 100644
--- a/.github/workflows/http3-linux.yml
+++ b/.github/workflows/http3-linux.yml
@@ -189,7 +189,7 @@ jobs:
         if: ${{ steps.cache-openssl-http3-no-deprecated.outputs.cache-hit != 'true' }}
         run: |
           cd ~
-          git clone --quiet --depth=1 -b "openssl-${OPENSSL_VERSION}" https://github.com/openssl/openssl
+          git clone --quiet --depth 1 -b "openssl-${OPENSSL_VERSION}" https://github.com/openssl/openssl
           cd openssl
           ./config --prefix="$PWD"/build --libdir=lib no-makedepend no-apps no-docs no-tests no-deprecated
           make
@@ -232,7 +232,7 @@ jobs:
         if: ${{ steps.cache-gnutls.outputs.cache-hit != 'true' }}
         run: |
           cd ~
-          git clone --quiet --depth=1 -b "${GNUTLS_VERSION}" https://github.com/gnutls/gnutls.git
+          git clone --quiet --depth 1 -b "${GNUTLS_VERSION}" https://github.com/gnutls/gnutls
           cd gnutls
           # required: nettle-dev libp11-kit-dev libev-dev autopoint bison gperf gtk-doc-tools libtasn1-bin
           ./bootstrap
@@ -247,7 +247,7 @@ jobs:
         if: ${{ steps.cache-wolfssl.outputs.cache-hit != 'true' }}
         run: |
           cd ~
-          git clone --quiet --depth=1 -b "v${WOLFSSL_VERSION}-stable" https://github.com/wolfSSL/wolfssl.git
+          git clone --quiet --depth 1 -b "v${WOLFSSL_VERSION}-stable" https://github.com/wolfSSL/wolfssl
           cd wolfssl
           ./autogen.sh
           ./configure --disable-dependency-tracking --enable-all --enable-quic \
@@ -259,9 +259,9 @@ jobs:
         if: ${{ steps.cache-nghttp3.outputs.cache-hit != 'true' }}
         run: |
           cd ~
-          git clone --quiet --depth=1 -b "v${NGHTTP3_VERSION}" https://github.com/ngtcp2/nghttp3
+          git clone --quiet --depth 1 -b "v${NGHTTP3_VERSION}" https://github.com/ngtcp2/nghttp3
           cd nghttp3
-          git submodule update --init --depth=1
+          git submodule update --init --depth 1
           autoreconf -fi
           ./configure --disable-dependency-tracking --prefix="$PWD"/build --enable-lib-only
           make
@@ -272,7 +272,7 @@ jobs:
         # building twice to get crypto libs for ossl, libressl and awslc installed
         run: |
           cd ~
-          git clone --quiet --depth=1 -b "v${NGTCP2_VERSION}" https://github.com/ngtcp2/ngtcp2
+          git clone --quiet --depth 1 -b "v${NGTCP2_VERSION}" https://github.com/ngtcp2/ngtcp2
           cd ngtcp2
           autoreconf -fi
           ./configure --disable-dependency-tracking --prefix="$PWD"/build \
@@ -290,7 +290,7 @@ jobs:
         if: ${{ steps.cache-ngtcp2-boringssl.outputs.cache-hit != 'true' }}
         run: |
           cd ~
-          git clone --quiet --depth=1 -b "v${NGTCP2_VERSION}" https://github.com/ngtcp2/ngtcp2 ngtcp2-boringssl
+          git clone --quiet --depth 1 -b "v${NGTCP2_VERSION}" https://github.com/ngtcp2/ngtcp2 ngtcp2-boringssl
           cd ngtcp2-boringssl
           autoreconf -fi
           ./configure --disable-dependency-tracking --prefix="$PWD"/build \
@@ -303,9 +303,9 @@ jobs:
         if: ${{ steps.cache-nghttp2.outputs.cache-hit != 'true' }}
         run: |
           cd ~
-          git clone --quiet --depth=1 -b "v${NGHTTP2_VERSION}" https://github.com/nghttp2/nghttp2
+          git clone --quiet --depth 1 -b "v${NGHTTP2_VERSION}" https://github.com/nghttp2/nghttp2
           cd nghttp2
-          git submodule update --init --depth=1
+          git submodule update --init --depth 1
           autoreconf -fi
           # required (for nghttpx application): libc-ares-dev libev-dev zlib1g-dev
           # optional (for nghttpx application): libbrotli-dev
@@ -578,7 +578,7 @@ jobs:
         if: ${{ matrix.build.name == 'quiche' && steps.cache-quiche.outputs.cache-hit != 'true' }}
         run: |
           cd ~
-          git clone --quiet --depth=1 -b "${QUICHE_VERSION}" --recursive https://github.com/cloudflare/quiche.git
+          git clone --quiet --depth 1 -b "${QUICHE_VERSION}" --recursive https://github.com/cloudflare/quiche
           cd quiche
           #### Work-around https://github.com/curl/curl/issues/7927 #######
           #### See https://github.com/alexcrichton/cmake-rs/issues/131 ####
diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml
index 90376ac505..4cea194c76 100644
--- a/.github/workflows/linux.yml
+++ b/.github/workflows/linux.yml
@@ -580,7 +580,7 @@ jobs:
       - name: 'build openssl (thread sanitizer)'
         if: ${{ contains(matrix.build.install_steps, 'openssl-tsan') && steps.cache-openssl-tsan.outputs.cache-hit != 'true' }}
         run: |
-          git clone --quiet --depth=1 -b "openssl-${OPENSSL_VERSION}" https://github.com/openssl/openssl
+          git clone --quiet --depth 1 -b "openssl-${OPENSSL_VERSION}" https://github.com/openssl/openssl
           cd openssl
           CC=clang CFLAGS='-fsanitize=thread' LDFLAGS='-fsanitize=thread' ./config --prefix=/home/runner/openssl --libdir=lib no-makedepend no-apps no-docs no-tests
           make
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 8876b5e636..30cb5f398e 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -21,7 +21,6 @@
 # SPDX-License-Identifier: curl
 #
 ###########################################################################
-# by Tetetest and Sukender (Benoit Neil)
 
 cmake_minimum_required(VERSION 3.7...3.16 FATAL_ERROR)
 message(STATUS "Using CMake version ${CMAKE_VERSION}")
@@ -1741,9 +1740,9 @@ check_function_exists("eventfd"       HAVE_EVENTFD)
 check_symbol_exists("ftruncate"       "unistd.h" HAVE_FTRUNCATE)
 check_symbol_exists("getpeername"     "${CURL_INCLUDES}" HAVE_GETPEERNAME)  # winsock2.h unistd.h proto/bsdsocket.h
 check_symbol_exists("getsockname"     "${CURL_INCLUDES}" HAVE_GETSOCKNAME)  # winsock2.h unistd.h proto/bsdsocket.h
-check_function_exists("getrlimit"       HAVE_GETRLIMIT)
-check_function_exists("setlocale"       HAVE_SETLOCALE)
-check_function_exists("setrlimit"       HAVE_SETRLIMIT)
+check_function_exists("getrlimit"     HAVE_GETRLIMIT)
+check_function_exists("setlocale"     HAVE_SETLOCALE)
+check_function_exists("setrlimit"     HAVE_SETRLIMIT)
 
 if(WIN32)
   # include wincrypt.h as a workaround for mingw-w64 __MINGW64_VERSION_MAJOR <= 5 header bug */
@@ -1752,9 +1751,9 @@ else()
   check_function_exists("if_nametoindex"  HAVE_IF_NAMETOINDEX)  # net/if.h
   check_function_exists("realpath"        HAVE_REALPATH)
   check_function_exists("sched_yield"     HAVE_SCHED_YIELD)
-  check_symbol_exists("strcasecmp"      "string.h" HAVE_STRCASECMP)
-  check_symbol_exists("stricmp"         "string.h" HAVE_STRICMP)
-  check_symbol_exists("strcmpi"         "string.h" HAVE_STRCMPI)
+  check_symbol_exists("strcasecmp"        "string.h" HAVE_STRCASECMP)
+  check_symbol_exists("stricmp"           "string.h" HAVE_STRICMP)
+  check_symbol_exists("strcmpi"           "string.h" HAVE_STRCMPI)
 endif()
 
 check_function_exists("setmode" HAVE_SETMODE)
diff --git a/docs/BINDINGS.md b/docs/BINDINGS.md
index 9ddbde5c42..065126efd7 100644
--- a/docs/BINDINGS.md
+++ b/docs/BINDINGS.md
@@ -61,7 +61,7 @@ Go: [go-curl](https://github.com/andelf/go-curl) by ShuYu Wang
 
 [Haskell](https://hackage.haskell.org/package/curl) Written by Galois, Inc
 
-[Hollywood](https://web.archive.org/web/20250116185836/https://www.hollywood-mal.com/download.html) hURL by Andreas Falkenhahn
+[Hollywood](https://web.archive.org/web/20250116185836/www.hollywood-mal.com/download.html) hURL by Andreas Falkenhahn
 
 [Java](https://github.com/covers1624/curl4j)
 
diff --git a/docs/HTTP3.md b/docs/HTTP3.md
index b3ddcbaaf8..def30798ec 100644
--- a/docs/HTTP3.md
+++ b/docs/HTTP3.md
@@ -54,7 +54,7 @@ versions do not work.
 
 Build OpenSSL (version 3.5.0 or newer):
 
-     % git clone --quiet --depth=1 -b openssl-$OPENSSL_VERSION https://github.com/openssl/openssl
+     % git clone --depth 1 -b openssl-$OPENSSL_VERSION https://github.com/openssl/openssl
      % cd openssl
      % ./config --prefix= --libdir=lib
      % make
diff --git a/docs/THANKS b/docs/THANKS
index fd4015468e..d3b3efc0f1 100644
--- a/docs/THANKS
+++ b/docs/THANKS
@@ -361,7 +361,7 @@ Benjamin Sergeant
 Ben Kohler
 Ben Madsen
 Ben Noordhuis
-Benoit Neil
+Benoit Neil (Sukender)
 Benoit Pierre
 Benoit Sigoure
 Ben Van Hof
@@ -3148,6 +3148,7 @@ Temprimus
 Terence Eden
 Terri Oda
 Terry Wu
+Tetetest
 thanhchungbtc on github
 TheAssassin on github
 TheBitBrine
@@ -3328,6 +3329,7 @@ UrsusArctos on github
 User Sg
 ustcqidi on github
 Vadim Grinshpun
+Vaibhav Kumar
 Valentin David
 Valentín Gutiérrez
 Valentin Richter
diff --git a/docs/examples/crawler.c b/docs/examples/crawler.c
index 4812a67d14..bda931eb13 100644
--- a/docs/examples/crawler.c
+++ b/docs/examples/crawler.c
@@ -170,7 +170,7 @@ static size_t follow_links(CURLM *multi, struct memory *mem,
   return count;
 }
 
-static int is_html(char *ctype)
+static int is_html(const char *ctype)
 {
   return ctype != NULL && strlen(ctype) > 10 && strstr(ctype, "text/html");
 }
diff --git a/docs/examples/ftpuploadfrommem.c b/docs/examples/ftpuploadfrommem.c
index 3ae71fa4ab..9baf538b99 100644
--- a/docs/examples/ftpuploadfrommem.c
+++ b/docs/examples/ftpuploadfrommem.c
@@ -48,7 +48,7 @@ struct WriteThis {
 static size_t read_cb(char *ptr, size_t size, size_t nmemb, void *userp)
 {
   struct WriteThis *upload = (struct WriteThis *)userp;
-  size_t max = size*nmemb;
+  size_t max = size * nmemb;
 
   if(max < 1)
     return 0;
diff --git a/docs/examples/ftpuploadresume.c b/docs/examples/ftpuploadresume.c
index e9d723d70d..b86c23ab86 100644
--- a/docs/examples/ftpuploadresume.c
+++ b/docs/examples/ftpuploadresume.c
@@ -39,7 +39,7 @@ static size_t getcontentlengthfunc(void *ptr, size_t size, size_t nmemb,
 
   r = sscanf(ptr, "Content-Length: %ld\n", &len);
   if(r == 1)
-    *((long *) stream) = len;
+    *((long *)stream) = len;
 
   return size * nmemb;
 }
diff --git a/docs/examples/ghiper.c b/docs/examples/ghiper.c
index 45c129faea..b9edb517d3 100644
--- a/docs/examples/ghiper.c
+++ b/docs/examples/ghiper.c
@@ -430,9 +430,9 @@ int init_fifo(void)
 int main(void)
 {
   struct GlobalInfo *g = g_malloc0(sizeof(struct GlobalInfo));
-  GMainLoop*gmain;
+  GMainLoop *gmain;
   int fd;
-  GIOChannel* ch;
+  GIOChannel *ch;
 
   CURLcode res = curl_global_init(CURL_GLOBAL_ALL);
   if(res)
diff --git a/docs/examples/headerapi.c b/docs/examples/headerapi.c
index 428374bac6..18588cf33f 100644
--- a/docs/examples/headerapi.c
+++ b/docs/examples/headerapi.c
@@ -33,7 +33,7 @@ static size_t write_cb(char *data, size_t n, size_t l, void *userp)
   /* take care of the data here, ignored in this example */
   (void)data;
   (void)userp;
-  return n*l;
+  return n * l;
 }
 
 int main(void)
diff --git a/docs/examples/http2-upload.c b/docs/examples/http2-upload.c
index 84b0e18ea1..0365d93bc5 100644
--- a/docs/examples/http2-upload.c
+++ b/docs/examples/http2-upload.c
@@ -88,7 +88,7 @@ struct input {
   int num;
 };
 
-static void dump(const char *text, int num, unsigned char *ptr,
+static void dump(const char *text, int num, const unsigned char *ptr,
                  size_t size, char nohex)
 {
   size_t i;
diff --git a/docs/examples/multi-debugcallback.c b/docs/examples/multi-debugcallback.c
index d838feed40..52f00ce482 100644
--- a/docs/examples/multi-debugcallback.c
+++ b/docs/examples/multi-debugcallback.c
@@ -34,7 +34,7 @@
 
 #define TRUE 1
 
-static void dump(const char *text, FILE *stream, unsigned char *ptr,
+static void dump(const char *text, FILE *stream, const unsigned char *ptr,
                  size_t size, char nohex)
 {
   size_t i;
diff --git a/lib/cf-socket.c b/lib/cf-socket.c
index 8661647ba5..80ed212721 100644
--- a/lib/cf-socket.c
+++ b/lib/cf-socket.c
@@ -171,8 +171,7 @@ tcpkeepalive(struct Curl_cfilter *cf,
   if(setsockopt(sockfd, SOL_SOCKET, SO_KEEPALIVE,
                 (void *)&optval, sizeof(optval)) < 0) {
     CURL_TRC_CF(data, cf, "Failed to set SO_KEEPALIVE on fd "
-                "%" FMT_SOCKET_T ": errno %d",
-                sockfd, SOCKERRNO);
+                "%" FMT_SOCKET_T ": errno %d", sockfd, SOCKERRNO);
   }
   else {
 #ifdef USE_WINSOCK
@@ -187,22 +186,19 @@ tcpkeepalive(struct Curl_cfilter *cf,
       if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPIDLE,
                     (const char *)&optval, sizeof(optval)) < 0) {
         CURL_TRC_CF(data, cf, "Failed to set TCP_KEEPIDLE on fd "
-                    "%" FMT_SOCKET_T ": errno %d",
-                    sockfd, SOCKERRNO);
+                    "%" FMT_SOCKET_T ": errno %d", sockfd, SOCKERRNO);
       }
       optval = curlx_sltosi(data->set.tcp_keepintvl);
       if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPINTVL,
                     (const char *)&optval, sizeof(optval)) < 0) {
         CURL_TRC_CF(data, cf, "Failed to set TCP_KEEPINTVL on fd "
-                    "%" FMT_SOCKET_T ": errno %d",
-                    sockfd, SOCKERRNO);
+                    "%" FMT_SOCKET_T ": errno %d", sockfd, SOCKERRNO);
       }
       optval = curlx_sltosi(data->set.tcp_keepcnt);
       if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPCNT,
                     (const char *)&optval, sizeof(optval)) < 0) {
         CURL_TRC_CF(data, cf, "Failed to set TCP_KEEPCNT on fd "
-                    "%" FMT_SOCKET_T ": errno %d",
-                    sockfd, SOCKERRNO);
+                    "%" FMT_SOCKET_T ": errno %d", sockfd, SOCKERRNO);
       }
     }
     else
@@ -239,8 +235,7 @@ tcpkeepalive(struct Curl_cfilter *cf,
     if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPIDLE,
                   (void *)&optval, sizeof(optval)) < 0) {
       CURL_TRC_CF(data, cf, "Failed to set TCP_KEEPIDLE on fd "
-                  "%" FMT_SOCKET_T ": errno %d",
-                  sockfd, SOCKERRNO);
+                  "%" FMT_SOCKET_T ": errno %d", sockfd, SOCKERRNO);
     }
 #elif defined(TCP_KEEPALIVE)
     /* macOS style */
@@ -249,8 +244,7 @@ tcpkeepalive(struct Curl_cfilter *cf,
     if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPALIVE,
                   (void *)&optval, sizeof(optval)) < 0) {
       CURL_TRC_CF(data, cf, "Failed to set TCP_KEEPALIVE on fd "
-                  "%" FMT_SOCKET_T ": errno %d",
-                  sockfd, SOCKERRNO);
+                  "%" FMT_SOCKET_T ": errno %d", sockfd, SOCKERRNO);
     }
 #elif defined(TCP_KEEPALIVE_THRESHOLD)
     /* Solaris <11.4 style */
@@ -259,8 +253,7 @@ tcpkeepalive(struct Curl_cfilter *cf,
     if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPALIVE_THRESHOLD,
                   (void *)&optval, sizeof(optval)) < 0) {
       CURL_TRC_CF(data, cf, "Failed to set TCP_KEEPALIVE_THRESHOLD on fd "
-                  "%" FMT_SOCKET_T ": errno %d",
-                  sockfd, SOCKERRNO);
+                  "%" FMT_SOCKET_T ": errno %d", sockfd, SOCKERRNO);
     }
 #endif
 #ifdef TCP_KEEPINTVL
@@ -269,8 +262,7 @@ tcpkeepalive(struct Curl_cfilter *cf,
     if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPINTVL,
                   (void *)&optval, sizeof(optval)) < 0) {
       CURL_TRC_CF(data, cf, "Failed to set TCP_KEEPINTVL on fd "
-                  "%" FMT_SOCKET_T ": errno %d",
-                  sockfd, SOCKERRNO);
+                  "%" FMT_SOCKET_T ": errno %d", sockfd, SOCKERRNO);
     }
 #elif defined(TCP_KEEPALIVE_ABORT_THRESHOLD)
     /* Solaris <11.4 style */
diff --git a/lib/curl_ntlm_core.c b/lib/curl_ntlm_core.c
index 28ae16d187..d013929d4d 100644
--- a/lib/curl_ntlm_core.c
+++ b/lib/curl_ntlm_core.c
@@ -469,13 +469,13 @@ static void time2filetime(struct ms_filetime *ft, time_t t)
 {
 #if SIZEOF_TIME_T > 4
   t = (t + (curl_off_t)11644473600) * 10000000;
-  ft->dwLowDateTime = (unsigned int) (t & 0xFFFFFFFF);
-  ft->dwHighDateTime = (unsigned int) (t >> 32);
+  ft->dwLowDateTime = (unsigned int)(t & 0xFFFFFFFF);
+  ft->dwHighDateTime = (unsigned int)(t >> 32);
 #else
   unsigned int r, s;
   unsigned int i;
 
-  ft->dwLowDateTime = (unsigned int)t & 0xFFFFFFFF;
+  ft->dwLowDateTime = (unsigned int)(t & 0xFFFFFFFF);
   ft->dwHighDateTime = 0;
 
 # ifndef HAVE_TIME_T_UNSIGNED
diff --git a/lib/parsedate.c b/lib/parsedate.c
index 3fa5919c05..2c3eb67fd2 100644
--- a/lib/parsedate.c
+++ b/lib/parsedate.c
@@ -286,7 +286,7 @@ enum assume {
 static time_t time2epoch(int sec, int min, int hour,
                          int mday, int mon, int year)
 {
-  static const int month_days_cumulative [12] =
+  static const int month_days_cumulative[12] =
     { 0, 31, 59, 90, 120, 151, 181, 212, 243, 273, 304, 334 };
   int leap_days = year - (mon <= 1);
   leap_days = ((leap_days / 4) - (leap_days / 100) + (leap_days / 400)
diff --git a/lib/tftp.c b/lib/tftp.c
index 91a8c25ff3..c730f8499e 100644
--- a/lib/tftp.c
+++ b/lib/tftp.c
@@ -241,7 +241,7 @@ static CURLcode tftp_set_timeouts(struct tftp_conn *state)
     state->retry_time = 1;
 
   infof(state->data,
-        "set timeouts for state %d; Total % " FMT_OFF_T ", retry %d maxtry %d",
+        "set timeouts for state %d; Total %" FMT_OFF_T ", retry %d maxtry %d",
         (int)state->state, timeout_ms, state->retry_time, state->retry_max);
 
   /* init RX time */
@@ -381,7 +381,7 @@ static CURLcode tftp_parse_option_ack(struct tftp_conn *state,
 static CURLcode tftp_option_add(struct tftp_conn *state, size_t *csize,
                                 char *buf, const char *option)
 {
-  if(( strlen(option) + *csize + 1) > (size_t)state->blksize)
+  if((strlen(option) + *csize + 1) > (size_t)state->blksize)
     return CURLE_TFTP_ILLEGAL;
   strcpy(buf, option);
   *csize += strlen(option) + 1;
diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c
index f5e3288316..3b5bea2c6f 100644
--- a/lib/vtls/rustls.c
+++ b/lib/vtls/rustls.c
@@ -494,7 +494,7 @@ add_ciphers:
     for(j = 0; j < default_len; j++) {
       entry = rustls_default_crypto_provider_ciphersuites_get(j);
       if(rustls_supported_ciphersuite_protocol_version(entry) ==
-          RUSTLS_TLS_VERSION_TLSV1_3)
+         RUSTLS_TLS_VERSION_TLSV1_3)
         continue;
 
       /* No duplicates allowed (so selected cannot overflow) */
diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c
index 6311f4a416..a40c440234 100644
--- a/lib/vtls/schannel.c
+++ b/lib/vtls/schannel.c
@@ -566,8 +566,8 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf,
       }
     }
 
-    if((fInCert || blob) && (data->set.ssl.cert_type) &&
-       (!curl_strequal(data->set.ssl.cert_type, "P12"))) {
+    if((fInCert || blob) && data->set.ssl.cert_type &&
+       !curl_strequal(data->set.ssl.cert_type, "P12")) {
       failf(data, "schannel: certificate format compatibility error "
             " for %s",
             blob ? "(memory blob)" : data->set.ssl.primary.clientcert);
diff --git a/lib/ws.c b/lib/ws.c
index 5a61c65aa8..140bdece47 100644
--- a/lib/ws.c
+++ b/lib/ws.c
@@ -2016,4 +2016,4 @@ CURL_EXTERN CURLcode curl_ws_start_frame(CURL *curl,
   return CURLE_NOT_BUILT_IN;
 }
 
-#endif /* !CURL_DISABLE_WEBSOCKETS */
+#endif /* !CURL_DISABLE_WEBSOCKETS && !CURL_DISABLE_HTTP */
diff --git a/scripts/mk-ca-bundle.pl b/scripts/mk-ca-bundle.pl
index d4b5418e0c..71880653b2 100755
--- a/scripts/mk-ca-bundle.pl
+++ b/scripts/mk-ca-bundle.pl
@@ -357,7 +357,7 @@ if(!$opt_n) {
             report "LWP is not available (LWP::UserAgent not found)";
             exit 1;
         }
-        my $ua  = new LWP::UserAgent(agent => "$0/$version");
+        my $ua = new LWP::UserAgent(agent => "$0/$version");
         $ua->env_proxy();
         $resp = $ua->mirror($url, $txt);
         if($resp && $resp->code eq '304') {
diff --git a/scripts/perlcheck.sh b/scripts/perlcheck.sh
index 7ec23983d5..9e3c87f695 100755
--- a/scripts/perlcheck.sh
+++ b/scripts/perlcheck.sh
@@ -42,7 +42,7 @@ echo "parallel: ${procs}"
   elif git rev-parse --is-inside-work-tree >/dev/null 2>&1; then
     {
       git ls-files | grep -E '\.(pl|pm)$'
-      git grep -l -E '^#!/usr/bin/env perl'
+      git grep -l '^#!/usr/bin/env perl'
     } | sort -u
   else
     # strip off the leading ./ to make the grep regexes work properly
diff --git a/tests/ech_combos.py b/tests/ech_combos.py
index 66daaa373d..4eba4de1c2 100755
--- a/tests/ech_combos.py
+++ b/tests/ech_combos.py
@@ -31,7 +31,7 @@
 # ECH command line args
 
 def CombinationRepetitionUtil(chosen, arr, badarr, index,
-                            r, start, end):
+                              r, start, end):
 
     # Current combination is ready,
     # print it
@@ -68,9 +68,9 @@ def CombinationRepetitionUtil(chosen, arr, badarr, index,
     # with next (Note that i+1 is passed,
     # but index is not changed)
     CombinationRepetitionUtil(chosen, arr, badarr, index + 1,
-                            r, start, end)
+                              r, start, end)
     CombinationRepetitionUtil(chosen, arr, badarr, index,
-                            r, start + 1, end)
+                              r, start + 1, end)
 
 # The main function that prints all
 # combinations of size r in arr[] of
@@ -94,5 +94,3 @@ r = 8
 n = len(arr) - 1
 
 CombinationRepetition(arr, badarr, n, r)
-
-# This code is contributed by Vaibhav Kumar 12.
diff --git a/tests/ftpserver.pl b/tests/ftpserver.pl
index 10ac7c7c14..0ca3ac5281 100755
--- a/tests/ftpserver.pl
+++ b/tests/ftpserver.pl
@@ -3044,7 +3044,7 @@ while(@ARGV) {
         }
     }
     else {
-        print STDERR "\nWarning: ftpserver.pl unknown parameter: $ARGV[0]\n";
+        print STDERR "\nWarning: ftpserver.pl unknown parameter: '$ARGV[0]'\n";
     }
     shift @ARGV;
 }
diff --git a/tests/getpart.pm b/tests/getpart.pm
index c9382ad7f2..ba611d761f 100644
--- a/tests/getpart.pm
+++ b/tests/getpart.pm
@@ -398,7 +398,7 @@ sub writearray {
     my ($filename, $arrayref)=@_;
 
     open(my $temp, ">", "$filename") || die "Failure writing file";
-    binmode($temp,":raw");  # Cygwin fix by Kevin Roth
+    binmode($temp,":raw");  # Cygwin fix
     for(@$arrayref) {
         print $temp $_;
     }
diff --git a/tests/http-server.pl b/tests/http-server.pl
index d100caef68..006b6f3817 100755
--- a/tests/http-server.pl
+++ b/tests/http-server.pl
@@ -140,7 +140,7 @@ while(@ARGV) {
         $verbose = 1;
     }
     else {
-        print STDERR "\nWarning: http-server.pl unknown parameter: $ARGV[0]\n";
+        print STDERR "\nWarning: http-server.pl unknown parameter: '$ARGV[0]'\n";
     }
     shift @ARGV;
 }
diff --git a/tests/http2-server.pl b/tests/http2-server.pl
index 73dbf62e40..3ab38803f1 100755
--- a/tests/http2-server.pl
+++ b/tests/http2-server.pl
@@ -102,7 +102,7 @@ while(@ARGV) {
         }
     }
     elsif($ARGV[0]) {
-        print STDERR "\nWarning: http2-server.pl unknown parameter: $ARGV[0]\n";
+        print STDERR "\nWarning: http2-server.pl unknown parameter: '$ARGV[0]'\n";
     }
     shift @ARGV;
 }
diff --git a/tests/http3-server.pl b/tests/http3-server.pl
index b7f9dd3009..13cc49a9df 100755
--- a/tests/http3-server.pl
+++ b/tests/http3-server.pl
@@ -102,7 +102,7 @@ while(@ARGV) {
         }
     }
     else {
-        print STDERR "\nWarning: http3-server.pl unknown parameter: $ARGV[0]\n";
+        print STDERR "\nWarning: http3-server.pl unknown parameter: '$ARGV[0]'\n";
     }
     shift @ARGV;
 }
diff --git a/tests/rtspserver.pl b/tests/rtspserver.pl
index d2e1339073..d23ed7e637 100755
--- a/tests/rtspserver.pl
+++ b/tests/rtspserver.pl
@@ -104,7 +104,7 @@ while(@ARGV) {
         $verbose = 1;
     }
     else {
-        print STDERR "\nWarning: rtspserver.pl unknown parameter: $ARGV[0]\n";
+        print STDERR "\nWarning: rtspserver.pl unknown parameter: '$ARGV[0]'\n";
     }
     shift @ARGV;
 }
diff --git a/tests/secureserver.pl b/tests/secureserver.pl
index a773a86b86..0e34bf1d7c 100755
--- a/tests/secureserver.pl
+++ b/tests/secureserver.pl
@@ -176,7 +176,7 @@ while(@ARGV) {
         $mtls = 1;
     }
     else {
-        print STDERR "\nWarning: secureserver.pl unknown parameter: $ARGV[0]\n";
+        print STDERR "\nWarning: secureserver.pl unknown parameter: '$ARGV[0]'\n";
     }
     shift @ARGV;
 }
diff --git a/tests/sshserver.pl b/tests/sshserver.pl
index 20aceebc24..ae1a2579f2 100755
--- a/tests/sshserver.pl
+++ b/tests/sshserver.pl
@@ -191,7 +191,7 @@ while(@ARGV) {
         }
     }
     else {
-        print STDERR "\nWarning: sshserver.pl unknown parameter: $ARGV[0]\n";
+        print STDERR "\nWarning: sshserver.pl unknown parameter: '$ARGV[0]'\n";
     }
     shift @ARGV;
 }
diff --git a/tests/tftpserver.pl b/tests/tftpserver.pl
index 862d21cd13..bb96bb743e 100755
--- a/tests/tftpserver.pl
+++ b/tests/tftpserver.pl
@@ -104,7 +104,7 @@ while(@ARGV) {
         $verbose = 1;
     }
     else {
-        print STDERR "\nWarning: tftpserver.pl unknown parameter: $ARGV[0]\n";
+        print STDERR "\nWarning: tftpserver.pl unknown parameter: '$ARGV[0]'\n";
     }
     shift @ARGV;
 }

From e9a973c513d232d7746664783fa4bce790e583b4 Mon Sep 17 00:00:00 2001
From: Marcel Raad 
Date: Mon, 17 Nov 2025 09:25:22 +0100
Subject: [PATCH 0882/2408] build: exclude clang prereleases from compiler
 warning options

Starting with clang 18, stable clang releases start with minor version 1.
Exclude pre-releases with minor version 0 from the compiler warning
options for that major version.

This fixes the build with Android NDK r29, which uses a prerelease
version of clang 21 that doesn't know the new options yet.

Closes #19566
---
 CMake/PickyWarnings.cmake | 14 +++++++-------
 m4/curl-compilers.m4      |  4 ++--
 2 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/CMake/PickyWarnings.cmake b/CMake/PickyWarnings.cmake
index d46c878d46..e9a0d61c0e 100644
--- a/CMake/PickyWarnings.cmake
+++ b/CMake/PickyWarnings.cmake
@@ -232,20 +232,20 @@ if(PICKY_COMPILER)
           -Wcast-function-type-strict      # clang 16.0            appleclang 16.0
         )
       endif()
-      if(CMAKE_C_COMPILER_ID STREQUAL "Clang"      AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 21.0)
+      if(CMAKE_C_COMPILER_ID STREQUAL "Clang"      AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 21.1)
         list(APPEND _picky_enable
-          -Warray-compare                  # clang 20.0  gcc 12.0  appleclang ?
-          -Wc++-hidden-decl                # clang 21.0            appleclang ?
-          -Wno-implicit-void-ptr-cast      # clang 21.0            appleclang ?
-          -Wtentative-definition-compat    # clang 21.0            appleclang ?
+          -Warray-compare                  # clang 20.1  gcc 12.0  appleclang ?
+          -Wc++-hidden-decl                # clang 21.1            appleclang ?
+          -Wno-implicit-void-ptr-cast      # clang 21.1            appleclang ?
+          -Wtentative-definition-compat    # clang 21.1            appleclang ?
         )
         if(WIN32)
           list(APPEND _picky_enable
-            -Wno-c++-keyword               # clang 21.0            appleclang ?  # `wchar_t` triggers it on Windows
+            -Wno-c++-keyword               # clang 21.1            appleclang ?  # `wchar_t` triggers it on Windows
           )
         else()
           list(APPEND _picky_enable
-            -Wc++-keyword                  # clang 21.0            appleclang ?
+            -Wc++-keyword                  # clang 21.1            appleclang ?
           )
         endif()
       endif()
diff --git a/m4/curl-compilers.m4 b/m4/curl-compilers.m4
index 0e4c4e2655..9aab2736a7 100644
--- a/m4/curl-compilers.m4
+++ b/m4/curl-compilers.m4
@@ -937,11 +937,11 @@ AC_DEFUN([CURL_SET_COMPILER_WARNING_OPTS], [
             CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [cast-function-type-strict])  # with Apple clang it requires 16.0 or above
           fi
           dnl clang 20 or later
-          if test "$compiler_num" -ge "2000"; then
+          if test "$compiler_num" -ge "2001"; then
             CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [array-compare])
           fi
           dnl clang 21 or later
-          if test "$compiler_num" -ge "2100"; then
+          if test "$compiler_num" -ge "2101"; then
             CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [c++-hidden-decl])
             tmp_CFLAGS="$tmp_CFLAGS -Wno-implicit-void-ptr-cast"
             CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [tentative-definition-compat])

From b42f226b94409defd7487347b543911f18eb1468 Mon Sep 17 00:00:00 2001
From: x2018 
Date: Mon, 17 Nov 2025 18:36:42 +0800
Subject: [PATCH 0883/2408] libssh: properly free sftp_attributes

Closes #19564
---
 lib/vssh/libssh.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c
index 8653c4901d..9428a20a5f 100644
--- a/lib/vssh/libssh.c
+++ b/lib/vssh/libssh.c
@@ -1137,14 +1137,13 @@ static int myssh_in_UPLOAD_INIT(struct Curl_easy *data,
       attrs = sftp_stat(sshc->sftp_session, sshp->path);
       if(attrs) {
         curl_off_t size = attrs->size;
+        sftp_attributes_free(attrs);
         if(size < 0) {
           failf(data, "Bad file size (%" FMT_OFF_T ")", size);
           rc = myssh_to_ERROR(data, sshc, CURLE_BAD_DOWNLOAD_RESUME);
           return rc;
         }
-        data->state.resume_from = attrs->size;
-
-        sftp_attributes_free(attrs);
+        data->state.resume_from = size;
       }
       else {
         data->state.resume_from = 0;

From a6c940a7523a05822e40a164e949341009a3ff44 Mon Sep 17 00:00:00 2001
From: x2018 
Date: Mon, 17 Nov 2025 02:25:57 +0800
Subject: [PATCH 0884/2408] schannel_verify: fix a memory leak of cert_context

Closes #19556
---
 lib/vtls/schannel_verify.c | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/lib/vtls/schannel_verify.c b/lib/vtls/schannel_verify.c
index 6b8aec5613..72c42ed353 100644
--- a/lib/vtls/schannel_verify.c
+++ b/lib/vtls/schannel_verify.c
@@ -166,6 +166,7 @@ static CURLcode add_certs_data_to_store(HCERTSTORE trust_store,
 
         cert_blob.pbData = (BYTE *)CURL_UNCONST(begin_cert_ptr);
         cert_blob.cbData = cert_size;
+        /* Caution: CryptQueryObject() is deprecated */
         if(!CryptQueryObject(CERT_QUERY_OBJECT_BLOB,
                              &cert_blob,
                              CERT_QUERY_CONTENT_FLAG_CERT,
@@ -204,7 +205,6 @@ static CURLcode add_certs_data_to_store(HCERTSTORE trust_store,
                                                cert_context,
                                                CERT_STORE_ADD_ALWAYS,
                                                NULL);
-            CertFreeCertificateContext(cert_context);
             if(!add_cert_result) {
               char buffer[WINAPI_ERROR_LEN];
               failf(data,
@@ -220,6 +220,21 @@ static CURLcode add_certs_data_to_store(HCERTSTORE trust_store,
               num_certs++;
             }
           }
+
+          switch(actual_content_type) {
+          case CERT_QUERY_CONTENT_CERT:
+          case CERT_QUERY_CONTENT_SERIALIZED_CERT:
+            CertFreeCertificateContext(cert_context);
+            break;
+          case CERT_QUERY_CONTENT_CRL:
+          case CERT_QUERY_CONTENT_SERIALIZED_CRL:
+            CertFreeCRLContext((PCCRL_CONTEXT)cert_context);
+            break;
+          case CERT_QUERY_CONTENT_CTL:
+          case CERT_QUERY_CONTENT_SERIALIZED_CTL:
+            CertFreeCTLContext((PCCTL_CONTEXT)cert_context);
+            break;
+          }
         }
       }
     }

From 22b8a6430dca99b4db7170fd02b2041f538fd1bd Mon Sep 17 00:00:00 2001
From: x2018 
Date: Mon, 17 Nov 2025 14:12:14 +0800
Subject: [PATCH 0885/2408] openssl: fix a potential memory leak of params.cert

Closes #19560
---
 lib/vtls/openssl.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 72ca0f6cb3..9b3ca9b5ea 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -1214,6 +1214,7 @@ static int engineload(struct Curl_easy *data,
       failf(data, "unable to set client certificate [%s]",
             ossl_strerror(ERR_get_error(), error_buffer,
                           sizeof(error_buffer)));
+      X509_free(params.cert);
       return 0;
     }
     X509_free(params.cert); /* we do not need the handle any more... */

From 11c0aaa339fb1c52e3952264b7bad776fe43441f Mon Sep 17 00:00:00 2001
From: x2018 
Date: Mon, 17 Nov 2025 14:26:24 +0800
Subject: [PATCH 0886/2408] openssl: fix a potential memory leak of bio_out

Closes #19561
---
 lib/vtls/openssl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 9b3ca9b5ea..fd6396471c 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -1625,8 +1625,8 @@ static CURLcode x509_name_oneline(X509_NAME *a, struct dynbuf *d)
     if(rc != -1) {
       BIO_get_mem_ptr(bio_out, &biomem);
       result = curlx_dyn_addn(d, biomem->data, biomem->length);
-      BIO_free(bio_out);
     }
+    BIO_free(bio_out);
   }
   return result;
 }

From 821cba8facfea8394b4e9f9401700758cd0a63e3 Mon Sep 17 00:00:00 2001
From: x2018 
Date: Mon, 17 Nov 2025 19:37:35 +0800
Subject: [PATCH 0887/2408] digest_sspi: fix a memory leak on error path

Closes #19567
---
 lib/vauth/digest_sspi.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lib/vauth/digest_sspi.c b/lib/vauth/digest_sspi.c
index f04c3845ab..f730c52987 100644
--- a/lib/vauth/digest_sspi.c
+++ b/lib/vauth/digest_sspi.c
@@ -583,6 +583,7 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
     /* Allocate our new context handle */
     digest->http_context = calloc(1, sizeof(CtxtHandle));
     if(!digest->http_context) {
+      Curl_pSecFn->FreeCredentialsHandle(&credentials);
       curlx_unicodefree(spn);
       Curl_sspi_free_identity(p_identity);
       free(output_token);

From 4075339db28b49beffd304375841ea1c2f96681e Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 17 Nov 2025 14:53:33 +0100
Subject: [PATCH 0888/2408] projects/README.md: Markdown fixes

Closes #19569
---
 projects/README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/projects/README.md b/projects/README.md
index 1777074c6d..bf373accde 100644
--- a/projects/README.md
+++ b/projects/README.md
@@ -105,7 +105,7 @@ that:
  3. Navigate to 'Configuration Properties > Debugging > Environment'
  4. Add `PATH='Path to DLL';C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem`
 
-... where 'Path to DLL` is the configuration specific path. For example the
+... where `Path to DLL` is the configuration specific path. For example the
 following configurations in Visual Studio 2010 might be:
 
 DLL Debug - DLL OpenSSL (Win32):
@@ -119,7 +119,7 @@ DLL Debug - DLL OpenSSL (x64):
     C:\Windows;C:\Windows\System32\Wbem
 
 If you are using a configuration that uses multiple third-party library DLLs
-(such as DLL Debug - DLL OpenSSL - DLL libssh2) then 'Path to DLL' need to
+(such as `DLL Debug - DLL OpenSSL - DLL libssh2`) then 'Path to DLL' need to
 contain the path to both of these.
 
 ## Notes

From 2459dc7a2221b04c7c27e144bcef879c69c795f5 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 17 Nov 2025 13:28:48 +0100
Subject: [PATCH 0889/2408] http: the :authority header should never contain
 user+password

Pointed-out-by: Stanislav Fort
Closes #19568
---
 lib/http.c | 27 ++-------------------------
 1 file changed, 2 insertions(+), 25 deletions(-)

diff --git a/lib/http.c b/lib/http.c
index 7458d8b640..aa921fd602 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -4558,12 +4558,12 @@ out:
 
 static CURLcode req_assign_url_authority(struct httpreq *req, CURLU *url)
 {
-  char *user, *pass, *host, *port;
+  char *host, *port;
   struct dynbuf buf;
   CURLUcode uc;
   CURLcode result = CURLE_URL_MALFORMAT;
 
-  user = pass = host = port = NULL;
+  host = port = NULL;
   curlx_dyn_init(&buf, DYN_HTTP_REQUEST);
 
   uc = curl_url_get(url, CURLUPART_HOST, &host, 0);
@@ -4578,28 +4578,7 @@ static CURLcode req_assign_url_authority(struct httpreq *req, CURLU *url)
   uc = curl_url_get(url, CURLUPART_PORT, &port, CURLU_NO_DEFAULT_PORT);
   if(uc && uc != CURLUE_NO_PORT)
     goto out;
-  uc = curl_url_get(url, CURLUPART_USER, &user, 0);
-  if(uc && uc != CURLUE_NO_USER)
-    goto out;
-  if(user) {
-    uc = curl_url_get(url, CURLUPART_PASSWORD, &pass, 0);
-    if(uc && uc != CURLUE_NO_PASSWORD)
-      goto out;
-  }
 
-  if(user) {
-    result = curlx_dyn_add(&buf, user);
-    if(result)
-      goto out;
-    if(pass) {
-      result = curlx_dyn_addf(&buf, ":%s", pass);
-      if(result)
-        goto out;
-    }
-    result = curlx_dyn_add(&buf, "@");
-    if(result)
-      goto out;
-  }
   result = curlx_dyn_add(&buf, host);
   if(result)
     goto out;
@@ -4614,8 +4593,6 @@ static CURLcode req_assign_url_authority(struct httpreq *req, CURLU *url)
   result = CURLE_OK;
 
 out:
-  free(user);
-  free(pass);
   free(host);
   free(port);
   curlx_dyn_free(&buf);

From ea105708c973bfbf2e3ae2881693d10c321b92c0 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Mon, 17 Nov 2025 09:56:48 +0100
Subject: [PATCH 0890/2408] h2/h3: handle methods with spaces

The parsing of the HTTP/1.1 formatted request into the h2/h3 header
structures should detect CURLOPT_CUSTOMREQUEST methods and forward them
correctly.

Add test_01_20 to verify

Fixes #19543
Reported-by: Omdahake on github
Closes #19563
---
 lib/http1.c                 | 23 ++++++++++++++++-------
 lib/http1.h                 |  5 +++--
 lib/http2.c                 |  5 ++++-
 lib/vquic/curl_ngtcp2.c     |  5 ++++-
 lib/vquic/curl_osslq.c      |  5 ++++-
 lib/vquic/curl_quiche.c     |  5 ++++-
 tests/http/test_01_basic.py | 22 ++++++++++++++++++++++
 tests/unit/unit2603.c       | 31 +++++++++++++++++++++++--------
 8 files changed, 80 insertions(+), 21 deletions(-)

diff --git a/lib/http1.c b/lib/http1.c
index 0403e95ba2..c487597e34 100644
--- a/lib/http1.c
+++ b/lib/http1.c
@@ -134,7 +134,9 @@ static ssize_t next_line(struct h1_req_parser *parser,
 }
 
 static CURLcode start_req(struct h1_req_parser *parser,
-                          const char *scheme_default, int options)
+                          const char *scheme_default,
+                          const char *custom_method,
+                          int options)
 {
   const char *p, *m, *target, *hv, *scheme, *authority, *path;
   size_t m_len, target_len, hv_len, scheme_len, authority_len, path_len;
@@ -144,9 +146,15 @@ static CURLcode start_req(struct h1_req_parser *parser,
 
   DEBUGASSERT(!parser->req);
   /* line must match: "METHOD TARGET HTTP_VERSION" */
-  p = memchr(parser->line, ' ', parser->line_len);
-  if(!p || p == parser->line)
-    goto out;
+  if(custom_method && custom_method[0] &&
+     !strncmp(custom_method, parser->line, strlen(custom_method))) {
+    p = parser->line + strlen(custom_method);
+  }
+  else {
+    p = memchr(parser->line, ' ', parser->line_len);
+    if(!p || p == parser->line)
+      goto out;
+  }
 
   m = parser->line;
   m_len = p - parser->line;
@@ -258,8 +266,9 @@ out:
 
 ssize_t Curl_h1_req_parse_read(struct h1_req_parser *parser,
                                const char *buf, size_t buflen,
-                               const char *scheme_default, int options,
-                               CURLcode *err)
+                               const char *scheme_default,
+                               const char *custom_method,
+                               int options, CURLcode *err)
 {
   ssize_t nread = 0, n;
 
@@ -285,7 +294,7 @@ ssize_t Curl_h1_req_parse_read(struct h1_req_parser *parser,
         goto out;
     }
     else if(!parser->req) {
-      *err = start_req(parser, scheme_default, options);
+      *err = start_req(parser, scheme_default, custom_method, options);
       if(*err) {
         nread = -1;
         goto out;
diff --git a/lib/http1.h b/lib/http1.h
index b38b32f591..94b5a44e31 100644
--- a/lib/http1.h
+++ b/lib/http1.h
@@ -50,8 +50,9 @@ void Curl_h1_req_parse_free(struct h1_req_parser *parser);
 
 ssize_t Curl_h1_req_parse_read(struct h1_req_parser *parser,
                                const char *buf, size_t buflen,
-                               const char *scheme_default, int options,
-                               CURLcode *err);
+                               const char *scheme_default,
+                               const char *custom_method,
+                               int options, CURLcode *err);
 
 CURLcode Curl_h1_req_dprint(const struct httpreq *req,
                             struct dynbuf *dbuf);
diff --git a/lib/http2.c b/lib/http2.c
index 2e1e5bd07e..1565e0b9ea 100644
--- a/lib/http2.c
+++ b/lib/http2.c
@@ -2248,7 +2248,10 @@ static CURLcode h2_submit(struct h2_stream_ctx **pstream,
   if(result)
     goto out;
 
-  rc = Curl_h1_req_parse_read(&stream->h1, buf, len, NULL, 0, &result);
+  rc = Curl_h1_req_parse_read(&stream->h1, buf, len, NULL,
+                              !data->state.http_ignorecustom ?
+                              data->set.str[STRING_CUSTOMREQUEST] : NULL,
+                              0, &result);
   if(!curlx_sztouz(rc, &nwritten))
     goto out;
   *pnwritten = nwritten;
diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c
index 475060ebdd..ce5786ca83 100644
--- a/lib/vquic/curl_ngtcp2.c
+++ b/lib/vquic/curl_ngtcp2.c
@@ -1531,7 +1531,10 @@ static CURLcode h3_stream_open(struct Curl_cfilter *cf,
     goto out;
   }
 
-  nwritten = Curl_h1_req_parse_read(&stream->h1, buf, len, NULL, 0, &result);
+  nwritten = Curl_h1_req_parse_read(&stream->h1, buf, len, NULL,
+                                    !data->state.http_ignorecustom ?
+                                    data->set.str[STRING_CUSTOMREQUEST] : NULL,
+                                    0, &result);
   if(nwritten < 0)
     goto out;
   *pnwritten = (size_t)nwritten;
diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c
index 75dc5cc694..f328c08e35 100644
--- a/lib/vquic/curl_osslq.c
+++ b/lib/vquic/curl_osslq.c
@@ -1900,7 +1900,10 @@ static ssize_t h3_stream_open(struct Curl_cfilter *cf,
     goto out;
   }
 
-  nwritten = Curl_h1_req_parse_read(&stream->h1, buf, len, NULL, 0, err);
+  nwritten = Curl_h1_req_parse_read(&stream->h1, buf, len, NULL,
+                                    !data->state.http_ignorecustom ?
+                                    data->set.str[STRING_CUSTOMREQUEST] : NULL,
+                                    0, err);
   if(nwritten < 0)
     goto out;
   if(!stream->h1.done) {
diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c
index ff3e76b063..02b679ab84 100644
--- a/lib/vquic/curl_quiche.c
+++ b/lib/vquic/curl_quiche.c
@@ -991,7 +991,10 @@ static CURLcode h3_open_stream(struct Curl_cfilter *cf,
   Curl_dynhds_init(&h2_headers, 0, DYN_HTTP_REQUEST);
 
   DEBUGASSERT(stream);
-  nwritten = Curl_h1_req_parse_read(&stream->h1, buf, blen, NULL, 0, &result);
+  nwritten = Curl_h1_req_parse_read(&stream->h1, buf, blen, NULL,
+                                    !data->state.http_ignorecustom ?
+                                    data->set.str[STRING_CUSTOMREQUEST] : NULL,
+                                    0, &result);
   if(nwritten < 0)
     goto out;
   if(!stream->h1.done) {
diff --git a/tests/http/test_01_basic.py b/tests/http/test_01_basic.py
index c734318890..aa94238c3f 100644
--- a/tests/http/test_01_basic.py
+++ b/tests/http/test_01_basic.py
@@ -25,6 +25,7 @@
 ###########################################################################
 #
 import logging
+import re
 import pytest
 
 from testenv import Env
@@ -293,3 +294,24 @@ class TestBasic:
         r = curl.http_download(urls=[url1, url2], alpn_proto=proto, with_stats=True)
         assert len(r.stats) == 2
         assert r.total_connects == 2, f'{r.dump_logs()}'
+
+    # use a custom method containing a space
+    # check that h2/h3 did send that in the :method pseudo header. #19543
+    @pytest.mark.skipif(condition=not Env.curl_is_verbose(), reason="needs verbosecurl")
+    @pytest.mark.parametrize("proto", Env.http_protos())
+    def test_01_20_method_space(self, env: Env, proto, httpd):
+        curl = CurlClient(env=env)
+        method = 'IN SANE'
+        url = f'https://{env.authority_for(env.domain1, proto)}/curltest/echo'
+        r = curl.http_download(urls=[url], alpn_proto=proto, with_stats=True,
+                               extra_args=['-X', method])
+        assert len(r.stats) == 1
+        if proto == 'h2' or proto == 'h3':
+            r.check_response(http_status=0)
+            re_m = re.compile(r'.*\[:method: ([^\]]+)\].*')
+            lines = [line for line in r.trace_lines if re_m.match(line)]
+            assert len(lines) == 1, f'{r.dump_logs()}'
+            m = re_m.match(lines[0])
+            assert m.group(1) == method, f'{r.dump_logs()}'
+        else:
+            r.check_response(http_status=400)
diff --git a/tests/unit/unit2603.c b/tests/unit/unit2603.c
index 5915555f8b..a8ed09f1c2 100644
--- a/tests/unit/unit2603.c
+++ b/tests/unit/unit2603.c
@@ -51,6 +51,7 @@ static void check_eq(const char *s, const char *exp_s, const char *name)
 struct tcase {
   const char **input;
   const char *default_scheme;
+  const char *custom_method;
   const char *method;
   const char *scheme;
   const char *authority;
@@ -74,7 +75,7 @@ static void parse_success(const struct tcase *t)
     buflen = strlen(buf);
     in_len += buflen;
     nread = Curl_h1_req_parse_read(&p, buf, buflen, t->default_scheme,
-                                   0, &err);
+                                   t->custom_method, 0, &err);
     if(nread < 0) {
       curl_mfprintf(stderr, "got err %d parsing: '%s'\n", err, buf);
       fail("error consuming");
@@ -122,10 +123,10 @@ static CURLcode test_unit2603(const char *arg)
     NULL,
   };
   static const struct tcase TEST1a = {
-    T1_INPUT, NULL, "GET", NULL, NULL, "/path", 1, 0
+    T1_INPUT, NULL, NULL, "GET", NULL, NULL, "/path", 1, 0
   };
   static const struct tcase TEST1b = {
-    T1_INPUT, "https", "GET", "https", NULL, "/path", 1, 0
+    T1_INPUT, "https", NULL, "GET", "https", NULL, "/path", 1, 0
   };
 
   static const char *T2_INPUT[] = {
@@ -136,7 +137,7 @@ static CURLcode test_unit2603(const char *arg)
     NULL,
   };
   static const struct tcase TEST2 = {
-    T2_INPUT, NULL, "GET", NULL, NULL, "/path", 1, 8
+    T2_INPUT, NULL, NULL, "GET", NULL, NULL, "/path", 1, 8
   };
 
   static const char *T3_INPUT[] = {
@@ -145,7 +146,7 @@ static CURLcode test_unit2603(const char *arg)
     NULL,
   };
   static const struct tcase TEST3a = {
-    T3_INPUT, NULL, "GET", "ftp", "ftp.curl.se", "/xxx?a=2", 2, 0
+    T3_INPUT, NULL, NULL, "GET", "ftp", "ftp.curl.se", "/xxx?a=2", 2, 0
   };
 
   static const char *T4_INPUT[] = {
@@ -155,7 +156,7 @@ static CURLcode test_unit2603(const char *arg)
     NULL,
   };
   static const struct tcase TEST4a = {
-    T4_INPUT, NULL, "CONNECT", NULL, "ftp.curl.se:123", NULL, 3, 2
+    T4_INPUT, NULL, NULL, "CONNECT", NULL, "ftp.curl.se:123", NULL, 3, 2
   };
 
   static const char *T5_INPUT[] = {
@@ -165,7 +166,7 @@ static CURLcode test_unit2603(const char *arg)
     NULL,
   };
   static const struct tcase TEST5a = {
-    T5_INPUT, NULL, "OPTIONS", NULL, NULL, "*", 2, 3
+    T5_INPUT, NULL, NULL, "OPTIONS", NULL, NULL, "*", 2, 3
   };
 
   static const char *T6_INPUT[] = {
@@ -173,7 +174,19 @@ static CURLcode test_unit2603(const char *arg)
     NULL,
   };
   static const struct tcase TEST6a = {
-    T6_INPUT, NULL, "PUT", NULL, NULL, "/path", 1, 3
+    T6_INPUT, NULL, NULL, "PUT", NULL, NULL, "/path", 1, 3
+  };
+
+  /* test a custom method with space, #19543 */
+  static const char *T7_INPUT[] = {
+    "IN SANE /path HTTP/1.1\r\nContent-Length: 0\r\n\r\n",
+    NULL,
+  };
+  static const struct tcase TEST7a = {
+    T7_INPUT, NULL, NULL, "IN", NULL, NULL, "SANE /path", 1, 0
+  };
+  static const struct tcase TEST7b = {
+    T7_INPUT, NULL, "IN SANE", "IN SANE", NULL, NULL, "/path", 1, 0
   };
 
   parse_success(&TEST1a);
@@ -183,6 +196,8 @@ static CURLcode test_unit2603(const char *arg)
   parse_success(&TEST4a);
   parse_success(&TEST5a);
   parse_success(&TEST6a);
+  parse_success(&TEST7a);
+  parse_success(&TEST7b);
 #endif
 
   UNITTEST_END_SIMPLE

From 142fd1cf32268df85ace2d3b0b9017fe9a126afa Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 17 Nov 2025 14:55:14 +0100
Subject: [PATCH 0891/2408] appveyor: add VS2010 x86 Release VS project job and
 switch VS2013 to x64

To have a test case for VS2010 after bumping to minimum Vista.

Ref: #18009
Closes #19570
---
 appveyor.sh  | 8 +++++---
 appveyor.yml | 9 ++++++++-
 2 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/appveyor.sh b/appveyor.sh
index ccd0cc86b0..b20838da42 100644
--- a/appveyor.sh
+++ b/appveyor.sh
@@ -75,7 +75,7 @@ if [ "${BUILD_SYSTEM}" = 'CMake' ]; then
       -DCURL_USE_OPENSSL="${OPENSSL}" \
       -DCURL_USE_LIBPSL=OFF \
       ${options} \
-      || { cat ${root}/_bld/CMakeFiles/CMake* 2>/dev/null; false; }
+      || { cat "${root}"/_bld/CMakeFiles/CMake* 2>/dev/null; false; }
     [ "${APPVEYOR_BUILD_WORKER_IMAGE}" = 'Visual Studio 2013' ] && cd ..
   done
   if [ -d _bld_chkprefill ] && ! diff -u _bld/lib/curl_config.h _bld_chkprefill/lib/curl_config.h; then
@@ -92,9 +92,11 @@ elif [ "${BUILD_SYSTEM}" = 'VisualStudioSolution' ]; then
   (
     cd projects
     ./generate.bat "${VC_VERSION}"
-    msbuild.exe -maxcpucount "-property:Configuration=${PRJ_CFG}" "Windows/${VC_VERSION}/curl-all.sln"
+    msbuild.exe -maxcpucount "-property:Configuration=${PRJ_CFG}" "-property:Platform=${PLAT}" "Windows/${VC_VERSION}/curl-all.sln"
   )
-  curl="build/Win32/${VC_VERSION}/${PRJ_CFG}/curld.exe"
+  [ "${PLAT}" = 'x64' ] && platdir='Win64' || platdir='Win32'
+  [[ "${PRJ_CFG}" = *'Debug'* ]] && binsuffix='d' || binsuffix=''
+  curl="build/${platdir}/${VC_VERSION}/${PRJ_CFG}/curl${binsuffix}.exe"
 fi
 
 find . \( -name '*.exe' -o -name '*.dll' -o -name '*.lib' -o -name '*.pdb' \) -exec file -- '{}' \;
diff --git a/appveyor.yml b/appveyor.yml
index 3d5c6b55ac..d10f8d3961 100644
--- a/appveyor.yml
+++ b/appveyor.yml
@@ -148,10 +148,17 @@ environment:
 
     # generated VisualStudioSolution-based builds
 
-    - job_name: 'VisualStudioSolution VS2013, Debug, x86, Schannel, Build-only'
+    - job_name: 'VisualStudioSolution VS2010, Release, x86, Schannel, Build-only'
+      APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2013'
+      BUILD_SYSTEM: VisualStudioSolution
+      PRJ_CFG: 'DLL Release - DLL Windows SSPI - DLL WinIDN'
+      PLAT: 'Win32'
+      VC_VERSION: VC10
+    - job_name: 'VisualStudioSolution VS2013, Debug, x64, Schannel, Build-only'
       APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2015'
       BUILD_SYSTEM: VisualStudioSolution
       PRJ_CFG: 'DLL Debug - DLL Windows SSPI - DLL WinIDN'
+      PLAT: 'x64'
       VC_VERSION: VC12
 
 install:

From b360fc62fb55112c6ef620ef73062600136bfa1a Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 17 Nov 2025 13:54:24 +0100
Subject: [PATCH 0892/2408] http: avoid two strdup()s and do minor
 simplifications

Closes #19571
---
 lib/http.c | 34 +++++++++++-----------------------
 1 file changed, 11 insertions(+), 23 deletions(-)

diff --git a/lib/http.c b/lib/http.c
index aa921fd602..a470c04449 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -4587,15 +4587,12 @@ static CURLcode req_assign_url_authority(struct httpreq *req, CURLU *url)
     if(result)
       goto out;
   }
-  req->authority = strdup(curlx_dyn_ptr(&buf));
-  if(!req->authority)
-    goto out;
-  result = CURLE_OK;
-
+  req->authority = curlx_dyn_ptr(&buf);
 out:
   free(host);
   free(port);
-  curlx_dyn_free(&buf);
+  if(result)
+    curlx_dyn_free(&buf);
   return result;
 }
 
@@ -4609,41 +4606,32 @@ static CURLcode req_assign_url_path(struct httpreq *req, CURLU *url)
   path = query = NULL;
   curlx_dyn_init(&buf, DYN_HTTP_REQUEST);
 
-  uc = curl_url_get(url, CURLUPART_PATH, &path, CURLU_PATH_AS_IS);
+  uc = curl_url_get(url, CURLUPART_PATH, &path, 0);
   if(uc)
     goto out;
   uc = curl_url_get(url, CURLUPART_QUERY, &query, 0);
   if(uc && uc != CURLUE_NO_QUERY)
     goto out;
 
-  if(!path && !query) {
-    req->path = NULL;
-  }
-  else if(path && !query) {
+  if(!query) {
     req->path = path;
     path = NULL;
   }
   else {
-    if(path) {
-      result = curlx_dyn_add(&buf, path);
-      if(result)
-        goto out;
-    }
-    if(query) {
+    result = curlx_dyn_add(&buf, path);
+    if(!result)
       result = curlx_dyn_addf(&buf, "?%s", query);
-      if(result)
-        goto out;
-    }
-    req->path = strdup(curlx_dyn_ptr(&buf));
-    if(!req->path)
+    if(result)
       goto out;
+    req->path = curlx_dyn_ptr(&buf);
   }
   result = CURLE_OK;
 
 out:
   free(path);
   free(query);
-  curlx_dyn_free(&buf);
+  if(result)
+    curlx_dyn_free(&buf);
   return result;
 }
 

From 39320e1e1b1b42dccbfa7db38f28327c31545793 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Fri, 14 Nov 2025 00:47:55 +0000
Subject: [PATCH 0893/2408] GHA: update dependencies

- github/codeql-action to 4.31.3
- google/boringssl to v0.20251110.0
- ruff to 0.14.5

Closes #19442
Closes #19455
---
 .github/scripts/requirements.txt  | 2 +-
 .github/workflows/codeql.yml      | 8 ++++----
 .github/workflows/http3-linux.yml | 2 +-
 .github/workflows/linux.yml       | 2 +-
 4 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/.github/scripts/requirements.txt b/.github/scripts/requirements.txt
index 8cb1d11d0a..874e710997 100644
--- a/.github/scripts/requirements.txt
+++ b/.github/scripts/requirements.txt
@@ -6,4 +6,4 @@ cmakelang==0.6.13
 codespell==2.4.1
 pytype==2024.10.11
 reuse==6.2.0
-ruff==0.14.2
+ruff==0.14.5
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index d464562ab2..87a041563c 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -50,13 +50,13 @@ jobs:
           persist-credentials: false
 
       - name: 'initialize'
-        uses: github/codeql-action/init@e296a935590eb16afc0c0108289f68c87e2a89a5 # v4.30.7
+        uses: github/codeql-action/init@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3
         with:
           languages: actions, python
           queries: security-extended
 
       - name: 'perform analysis'
-        uses: github/codeql-action/analyze@e296a935590eb16afc0c0108289f68c87e2a89a5 # v4.30.7
+        uses: github/codeql-action/analyze@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3
 
   c:
     if: ${{ github.repository_owner == 'curl' || github.event_name != 'schedule' }}
@@ -87,7 +87,7 @@ jobs:
           persist-credentials: false
 
       - name: 'initialize'
-        uses: github/codeql-action/init@e296a935590eb16afc0c0108289f68c87e2a89a5 # v4.30.7
+        uses: github/codeql-action/init@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3
         with:
           languages: cpp
           build-mode: manual
@@ -133,4 +133,4 @@ jobs:
           fi
 
       - name: 'perform analysis'
-        uses: github/codeql-action/analyze@e296a935590eb16afc0c0108289f68c87e2a89a5 # v4.30.7
+        uses: github/codeql-action/analyze@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3
diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml
index 2979e9d7d1..007f346127 100644
--- a/.github/workflows/http3-linux.yml
+++ b/.github/workflows/http3-linux.yml
@@ -45,7 +45,7 @@ env:
   # renovate: datasource=github-tags depName=awslabs/aws-lc versioning=semver registryUrl=https://github.com
   AWSLC_VERSION: 1.63.0
   # renovate: datasource=github-tags depName=google/boringssl versioning=semver registryUrl=https://github.com
-  BORINGSSL_VERSION: 0.20251002.0
+  BORINGSSL_VERSION: 0.20251110.0
   # renovate: datasource=github-tags depName=gnutls/gnutls versioning=semver registryUrl=https://github.com
   GNUTLS_VERSION: 3.8.10
   # renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?.+)-stable$ registryUrl=https://github.com
diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml
index 4cea194c76..55f005993d 100644
--- a/.github/workflows/linux.yml
+++ b/.github/workflows/linux.yml
@@ -48,7 +48,7 @@ env:
   # renovate: datasource=github-tags depName=awslabs/aws-lc versioning=semver registryUrl=https://github.com
   AWSLC_VERSION: 1.63.0
   # renovate: datasource=github-tags depName=google/boringssl versioning=semver registryUrl=https://github.com
-  BORINGSSL_VERSION: 0.20251002.0
+  BORINGSSL_VERSION: 0.20251110.0
   # handled in renovate.json
   OPENSSL_VERSION: 3.6.0
   # renovate: datasource=github-tags depName=rustls/rustls-ffi versioning=semver registryUrl=https://github.com

From 42c43f695c43777d84f7e02e0187ef9740d77387 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 17 Nov 2025 16:49:49 +0100
Subject: [PATCH 0894/2408] renovate.json: replace `CI:` prefix with `GHA:`

All bumped dependencies are in GHA.

Follow-up to 6225d7ba2f7dcad322776fc1cadae63e530de705 #19547
---
 renovate.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/renovate.json b/renovate.json
index 616fd1aaed..3342181818 100644
--- a/renovate.json
+++ b/renovate.json
@@ -21,7 +21,7 @@
         "pinDigest",
         "digest"
       ],
-      "commitMessagePrefix": "CI: ",
+      "commitMessagePrefix": "GHA: ",
       "labels": [
         "CI"
       ]
@@ -30,7 +30,7 @@
       "matchManagers": [
         "custom.regex"
       ],
-      "commitMessagePrefix": "CI: ",
+      "commitMessagePrefix": "GHA: ",
       "labels": [
         "CI"
       ]

From ad35ecba9763933121ec01013fea9cc7d22ba1d6 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 17 Nov 2025 16:06:00 +0100
Subject: [PATCH 0895/2408] badwords: fix issues found in scripts and other
 files

Single pass, not enforced.

Also:
- pyspelling.words: drop `web page`

Closes #19572
---
 .github/labeler.yml                           |  2 +-
 .github/scripts/cleancmd.pl                   |  8 ++---
 .github/scripts/pyspelling.words              |  1 -
 .github/stale.yml                             |  2 +-
 .github/workflows/linux-old.yml               |  6 ++--
 .github/workflows/linux.yml                   |  2 +-
 CMake/Macros.cmake                            |  4 +--
 CMakeLists.txt                                |  2 +-
 packages/OS400/curl.cmd                       |  2 +-
 packages/OS400/make-lib.sh                    |  4 +--
 packages/OS400/rpg-examples/HEADERAPI         |  2 +-
 packages/OS400/rpg-examples/HTTPPOST          |  2 +-
 packages/OS400/rpg-examples/INMEMORY          |  2 +-
 packages/OS400/rpg-examples/SIMPLE1           |  2 +-
 packages/OS400/rpg-examples/SIMPLE2           |  2 +-
 packages/OS400/rpg-examples/SMTPSRCMBR        |  2 +-
 packages/vms/build_gnv_curl_pcsi_desc.com     |  2 +-
 packages/vms/build_gnv_curl_pcsi_text.com     |  4 +--
 packages/vms/build_gnv_curl_release_notes.com | 10 +++---
 packages/vms/build_vms.com                    |  8 ++---
 packages/vms/compare_curl_source.com          |  2 +-
 packages/vms/curl_crtl_init.c                 |  2 +-
 packages/vms/curl_gnv_build_steps.txt         |  6 ++--
 packages/vms/curl_release_note_start.txt      |  8 ++---
 packages/vms/curl_startup.com                 |  4 +--
 packages/vms/generate_config_vms_h_curl.com   |  6 ++--
 packages/vms/gnv_curl_configure.sh            |  2 +-
 packages/vms/gnv_link_curl.com                |  8 ++---
 packages/vms/make_gnv_curl_install.sh         |  2 +-
 packages/vms/pcsi_gnv_curl_file_list.txt      |  2 +-
 packages/vms/pcsi_product_gnv_curl.com        |  6 ++--
 packages/vms/readme                           | 10 +++---
 packages/vms/setup_gnv_curl_build.com         |  2 +-
 scripts/cd2nroff                              |  8 ++---
 scripts/cdall                                 |  2 +-
 scripts/checksrc.pl                           | 10 +++---
 scripts/ciconfig.pl                           |  4 +--
 scripts/cmakelint.sh                          |  2 +-
 scripts/completion.pl                         |  8 ++---
 scripts/managen                               |  4 +--
 scripts/mk-ca-bundle.pl                       | 32 +++++++++----------
 scripts/perlcheck.sh                          |  2 +-
 scripts/release-notes.pl                      |  4 +--
 scripts/release-tools.sh                      |  2 +-
 scripts/top-complexity                        |  2 +-
 45 files changed, 104 insertions(+), 105 deletions(-)

diff --git a/.github/labeler.yml b/.github/labeler.yml
index 75ea8686da..7ff3971bdc 100644
--- a/.github/labeler.yml
+++ b/.github/labeler.yml
@@ -11,7 +11,7 @@
 # the files fit into the category, and the any-glob-to-any-file ones are added
 # as long as any file matches. The first ones are for "major" categories (the
 # PR is all about that one topic, like HTTP/3), while the second ones are
-# "addendums" that give useful information about a PR that's really mostly
+# "addendums" that give useful information about a PR that is really mostly
 # something else (e.g. CI if the PR also touches CI jobs).
 #
 # N.B. any-glob-to-all-files is misnamed; it acts like one-glob-to-all-files.
diff --git a/.github/scripts/cleancmd.pl b/.github/scripts/cleancmd.pl
index f90b31d8f1..06b38f1022 100755
--- a/.github/scripts/cleancmd.pl
+++ b/.github/scripts/cleancmd.pl
@@ -16,7 +16,7 @@ use warnings;
 my @asyms;
 
 open(S, "<./docs/libcurl/symbols-in-versions")
-    || die "can't find symbols-in-versions";
+    || die "cannot find symbols-in-versions";
 while() {
     if(/^([^ ]*) /) {
         push @asyms, $1;
@@ -30,7 +30,7 @@ my @aopts = (
     );
 
 open(O, "<./docs/options-in-versions")
-    || die "can't find options-in-versions";
+    || die "cannot find options-in-versions";
 while() {
     chomp;
     if(/^([^ ]+)/) {
@@ -50,7 +50,7 @@ while() {
 close(O);
 
 open(C, "<./.github/scripts/spellcheck.curl")
-    || die "can't find spellcheck.curl";
+    || die "cannot find spellcheck.curl";
 while() {
     if(/^\#/) {
         next;
@@ -99,7 +99,7 @@ sub process {
         # *italics*
         $l =~ s/\*(\S.*?)\*//g;
 
-        # strip out https URLs, we don't want them spellchecked
+        # strip out https URLs, we do not want them spellchecked
         $l =~ s!https://[a-z0-9\#_/.-]+!!gi;
 
         $out .= $l;
diff --git a/.github/scripts/pyspelling.words b/.github/scripts/pyspelling.words
index 76889a05bb..f6a5405999 100644
--- a/.github/scripts/pyspelling.words
+++ b/.github/scripts/pyspelling.words
@@ -957,7 +957,6 @@ watchOS
 WAV
 WB
 wcurl
-web page
 WebDAV
 WebOS
 webpage
diff --git a/.github/stale.yml b/.github/stale.yml
index dc239b56ce..69a822e78b 100644
--- a/.github/stale.yml
+++ b/.github/stale.yml
@@ -6,7 +6,7 @@
 daysUntilStale: 180
 # Number of days of inactivity before a stale issue is closed
 daysUntilClose: 14
-# Issues with these labels will never be considered stale
+# Issues with these labels are never considered stale
 exemptLabels:
   - pinned
   - security
diff --git a/.github/workflows/linux-old.yml b/.github/workflows/linux-old.yml
index 7cba9243cb..8ac42855e0 100644
--- a/.github/workflows/linux-old.yml
+++ b/.github/workflows/linux-old.yml
@@ -11,10 +11,10 @@
 # is still supported (as of this writing).
 # stretch has ELTS support from Freexian until 2027-06-30
 # For ELTS info see https://www.freexian.com/lts/extended/docs/how-to-use-extended-lts/
-# The Debian key will expire 2025-05-20, after which package signature
+# The Debian key expires 2025-05-20, after which package signature
 # verification may need to be disabled.
 # httrack is one of the smallest downloaders, needed to bootstrap ELTS,
-# and won't conflict with the curl we're building.
+# and doesn not conflict with the curl we are building.
 
 name: 'Linux Old'
 
@@ -74,7 +74,7 @@ jobs:
           apt-get -o Dpkg::Use-Pty=0 update
           apt-get -o Dpkg::Use-Pty=0 install -y --no-install-suggests --no-install-recommends cmake make automake autoconf libtool gcc pkg-config libpsl-dev libzstd-dev zlib1g-dev libgnutls28-dev libc-ares-dev libkrb5-dev libldap2-dev librtmp-dev stunnel4 groff
           # GitHub's actions/checkout needs newer glibc and libstdc++. The latter also depends on
-          # gcc-8-base, but it doesn't actually seem used in our situation and isn't available in
+          # gcc-8-base, but it does not actually seem used in our situation and is not available in
           # the main repo, so force the install.
           httrack --get https://deb.freexian.com/extended-lts/pool/main/g/glibc/libc6_2.28-10+deb10u5_amd64.deb
           httrack --get https://deb.freexian.com/extended-lts/pool/main/g/gcc-8/libstdc++6_8.3.0-6_amd64.deb
diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml
index 55f005993d..20a7c4351c 100644
--- a/.github/workflows/linux.yml
+++ b/.github/workflows/linux.yml
@@ -647,7 +647,7 @@ jobs:
           rm ~/rustls/librustls.zip
 
       - name: 'build rustls'
-        # Note: we don't check cache-hit here. If the cache is hit, we still need to dpkg install the deb.
+        # Note: we do not check cache-hit here. If the cache is hit, we need to dpkg install the deb.
         if: ${{ contains(matrix.build.install_steps, 'rustls') }}
         run: sudo dpkg -i ~/rustls/"librustls_${RUSTLS_VERSION}_amd64.deb"
 
diff --git a/CMake/Macros.cmake b/CMake/Macros.cmake
index 710df70116..80173fb03b 100644
--- a/CMake/Macros.cmake
+++ b/CMake/Macros.cmake
@@ -56,10 +56,10 @@ macro(curl_internal_test _curl_test)
         "${_curl_test_add_libraries}"
       OUTPUT_VARIABLE CURL_TEST_OUTPUT)
     if(${_curl_test})
-      set(${_curl_test} 1 CACHE INTERNAL "Curl test")
+      set(${_curl_test} 1 CACHE INTERNAL "curl test")
       message(STATUS "Performing Test ${_curl_test} - Success")
     else()
-      set(${_curl_test} "" CACHE INTERNAL "Curl test")
+      set(${_curl_test} "" CACHE INTERNAL "curl test")
       message(STATUS "Performing Test ${_curl_test} - Failed")
     endif()
   endif()
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 30cb5f398e..7de2162c6c 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1856,7 +1856,7 @@ check_type_size("off_t" SIZEOF_OFF_T)
 
 if(NOT WIN32)
   # fseeko may not exist with _FILE_OFFSET_BITS=64 but can exist with
-  # _FILE_OFFSET_BITS unset or 32 (e.g. Android ARMv7 with NDK 26b and API level < 24)
+  # _FILE_OFFSET_BITS unset or 32 (as in Android ARMv7 with NDK 26b and API level < 24)
   # so we need to test fseeko after testing for _FILE_OFFSET_BITS
   check_symbol_exists("fseeko" "${CURL_INCLUDES};stdio.h" HAVE_FSEEKO)
 
diff --git a/packages/OS400/curl.cmd b/packages/OS400/curl.cmd
index 822f4db207..fa6aaa59a5 100644
--- a/packages/OS400/curl.cmd
+++ b/packages/OS400/curl.cmd
@@ -29,4 +29,4 @@
 
              PARM       KWD(CMDARGS) TYPE(*CHAR) LEN(5000) VARY(*YES *INT2)   +
                           CASE(*MIXED) EXPR(*YES) MIN(1)                      +
-                          PROMPT('Curl command arguments')
+                          PROMPT('curl command arguments')
diff --git a/packages/OS400/make-lib.sh b/packages/OS400/make-lib.sh
index e7b5b519e7..cd3f71897f 100755
--- a/packages/OS400/make-lib.sh
+++ b/packages/OS400/make-lib.sh
@@ -79,7 +79,7 @@ fi
 if [ -n "${LINK}" ]
 then    rm -rf "${LIBIFSNAME}/${STATBNDDIR}.BNDDIR"
         CMD="CRTBNDDIR BNDDIR(${TARGETLIB}/${STATBNDDIR})"
-        CMD="${CMD} TEXT('LibCurl API static binding directory')"
+        CMD="${CMD} TEXT('libcurl API static binding directory')"
         CLcommand "${CMD}"
 
         for MODULE in ${MODULES}
@@ -173,7 +173,7 @@ fi
 if [ -n "${LINK}" ]
 then    rm -rf "${LIBIFSNAME}/${DYNBNDDIR}.BNDDIR"
         CMD="CRTBNDDIR BNDDIR(${TARGETLIB}/${DYNBNDDIR})"
-        CMD="${CMD} TEXT('LibCurl API dynamic binding directory')"
+        CMD="${CMD} TEXT('libcurl API dynamic binding directory')"
         CLcommand "${CMD}"
         CMD="ADDBNDDIRE BNDDIR(${TARGETLIB}/${DYNBNDDIR})"
         CMD="${CMD} OBJ((*LIBL/${SRVPGM} *SRVPGM))"
diff --git a/packages/OS400/rpg-examples/HEADERAPI b/packages/OS400/rpg-examples/HEADERAPI
index 2046306bb8..f6ef80bbd4 100644
--- a/packages/OS400/rpg-examples/HEADERAPI
+++ b/packages/OS400/rpg-examples/HEADERAPI
@@ -1,4 +1,4 @@
-      * Curl header API: extract headers post transfer
+      * curl header API: extract headers post transfer
       *
      h DFTACTGRP(*NO) ACTGRP(*NEW)
      h OPTION(*NOSHOWCPY)
diff --git a/packages/OS400/rpg-examples/HTTPPOST b/packages/OS400/rpg-examples/HTTPPOST
index 9a562e9084..8e5d0d74bb 100644
--- a/packages/OS400/rpg-examples/HTTPPOST
+++ b/packages/OS400/rpg-examples/HTTPPOST
@@ -1,4 +1,4 @@
-      * Curl MIME post data and display response
+      * curl MIME post data and display response
       *
      h DFTACTGRP(*NO) ACTGRP(*NEW)
      h OPTION(*NOSHOWCPY)
diff --git a/packages/OS400/rpg-examples/INMEMORY b/packages/OS400/rpg-examples/INMEMORY
index ab425fc22f..7111d565e9 100644
--- a/packages/OS400/rpg-examples/INMEMORY
+++ b/packages/OS400/rpg-examples/INMEMORY
@@ -1,4 +1,4 @@
-      * Curl get in memory and count HTML tags
+      * curl get in memory and count HTML tags
       *
      h DFTACTGRP(*NO) ACTGRP(*NEW)
      h OPTION(*NOSHOWCPY)
diff --git a/packages/OS400/rpg-examples/SIMPLE1 b/packages/OS400/rpg-examples/SIMPLE1
index e1286d1215..2d2296ed40 100644
--- a/packages/OS400/rpg-examples/SIMPLE1
+++ b/packages/OS400/rpg-examples/SIMPLE1
@@ -1,4 +1,4 @@
-      * Curl simple URL request
+      * curl simple URL request
       *
      h DFTACTGRP(*NO) ACTGRP(*NEW)
      h OPTION(*NOSHOWCPY)
diff --git a/packages/OS400/rpg-examples/SIMPLE2 b/packages/OS400/rpg-examples/SIMPLE2
index b0c590cc29..2fead8517c 100644
--- a/packages/OS400/rpg-examples/SIMPLE2
+++ b/packages/OS400/rpg-examples/SIMPLE2
@@ -1,4 +1,4 @@
-      * Curl simple URL request (free-format RPG)
+      * curl simple URL request (free-format RPG)
       *
         ctl-opt dftactgrp(*NO) actgrp(*NEW)
                 option(*NOSHOWCPY)
diff --git a/packages/OS400/rpg-examples/SMTPSRCMBR b/packages/OS400/rpg-examples/SMTPSRCMBR
index d11ea96307..7e3a3fce6c 100644
--- a/packages/OS400/rpg-examples/SMTPSRCMBR
+++ b/packages/OS400/rpg-examples/SMTPSRCMBR
@@ -1,4 +1,4 @@
-      * Curl SMTP send source member as attachment
+      * curl SMTP send source member as attachment
       *
      h DFTACTGRP(*NO) ACTGRP(*NEW)
      h OPTION(*NOSHOWCPY)
diff --git a/packages/vms/build_gnv_curl_pcsi_desc.com b/packages/vms/build_gnv_curl_pcsi_desc.com
index 85674261ce..566384de02 100644
--- a/packages/vms/build_gnv_curl_pcsi_desc.com
+++ b/packages/vms/build_gnv_curl_pcsi_desc.com
@@ -22,7 +22,7 @@ $!
 $! The PCSI system can really only handle ODS-2 format filenames and
 $! assumes that there is only one source directory.  It also assumes that
 $! all destination files with the same name come from the same source file.
-$! Fortunately CURL does not trip most of these issues, so those steps
+$! Fortunately curl does not trip most of these issues, so those steps
 $! above are marked N/A.
 $!
 $! A rename action section is needed to make sure that the files are
diff --git a/packages/vms/build_gnv_curl_pcsi_text.com b/packages/vms/build_gnv_curl_pcsi_text.com
index 8f109c1e7e..b67ad8f187 100644
--- a/packages/vms/build_gnv_curl_pcsi_text.com
+++ b/packages/vms/build_gnv_curl_pcsi_text.com
@@ -2,9 +2,9 @@ $! File: Build_GNV_curl_pcsi_text.com
 $!
 $! Build the *.pcsi$text file from the four components:
 $!    1. Generated =product header section
-$!    2. [--]readme. file from the Curl distribution, modified to fit
+$!    2. [--]readme. file from the curl distribution, modified to fit
 $!       a pcsi$text file format.
-$!    3. [--]copying file from the Curl distribution, modified to fit
+$!    3. [--]copying file from the curl distribution, modified to fit
 $!       a pcsi$text file format.
 $!    4. Generated Producer section.
 $!
diff --git a/packages/vms/build_gnv_curl_release_notes.com b/packages/vms/build_gnv_curl_release_notes.com
index 0da94454d5..89b30ecbe9 100644
--- a/packages/vms/build_gnv_curl_release_notes.com
+++ b/packages/vms/build_gnv_curl_release_notes.com
@@ -3,7 +3,7 @@ $!
 $! Build the release note file from the four components:
 $!    1. The curl_release_note_start.txt
 $!    2. The hp_ssl_release_info.txt
-$!    3. [--]readme. file from the Curl distribution.
+$!    3. [--]readme. file from the curl distribution.
 $!    4. The Curl_gnv-build_steps.txt.
 $!
 $! Set the name of the release notes from the GNV_PCSI_FILENAME_BASE
@@ -42,7 +42,7 @@ $   curl_readme = f$search("sys$disk:[--]$README.")
 $ endif
 $ if curl_readme .eqs. ""
 $ then
-$    write sys$output "Can not find Curl readme file."
+$    write sys$output "Can not find curl readme file."
 $    goto all_exit
 $ endif
 $!
@@ -53,7 +53,7 @@ $   curl_copying = f$search("sys$disk:[--]$COPYING.")
 $ endif
 $ if curl_copying .eqs. ""
 $ then
-$    write sys$output "Can not find Curl copying file."
+$    write sys$output "Can not find curl copying file."
 $    goto all_exit
 $ endif
 $!
@@ -64,7 +64,7 @@ $   vms_readme = f$search("sys$disk:[]$README.")
 $ endif
 $ if vms_readme .eqs. ""
 $ then
-$   write sys$output "Can not find VMS specific Curl readme file."
+$   write sys$output "Can not find VMS specific curl readme file."
 $   goto all_exit
 $ endif
 $!
@@ -75,7 +75,7 @@ $   curl_release_notes = f$search("sys$disk:[--]$RELEASE-NOTES.")
 $ endif
 $ if curl_release_notes .eqs. ""
 $ then
-$    write sys$output "Can not find Curl release-notes file."
+$    write sys$output "Can not find curl release-notes file."
 $    goto all_exit
 $ endif
 $!
diff --git a/packages/vms/build_vms.com b/packages/vms/build_vms.com
index d8f89f6ef4..e8bbee86b4 100644
--- a/packages/vms/build_vms.com
+++ b/packages/vms/build_vms.com
@@ -516,7 +516,7 @@ $ endif
 $!
 $!
 $! CC /LIST, LINK /MAP, and MESSAGE /LIST are defaults in batch mode,
-$! so be explicit when they're not desired.
+$! so be explicit when they are not desired.
 $!
 $
 $ if list .eq. 0
@@ -744,7 +744,7 @@ $   endif
 $   if ((f$search(ossl_lib1) .eqs. "") .or. -
         (f$search(ossl_lib2) .eqs. ""))
 $   then
-$       write sys$output "Can't find OpenSSL ''msg':"
+$       write sys$output "Cannot find OpenSSL ''msg':"
 $       write sys$output "   ''ossl_lib1'"
 $       write sys$output "   ''ossl_lib2'"
 $       goto Common_Exit
@@ -943,7 +943,7 @@ $   reset = f$search( "reset", 1)
 $Loop:
 $   file = f$search( search, 1)
 $   if file .eqs. "" then goto EndLoop
-$!  Skip a name if it's in the P4 exclusion list.
+$!  Skip a name if it is in the P4 exclusion list.
 $   if (p4 .nes. "")
 $   then
 $       name__ = "," + -
@@ -1016,7 +1016,7 @@ $   endif
 $ ENDSUBROUTINE   ! Compile
 $!
 $! Do a diff of the file specified in P1 with that in P2.  If different
-$! copy P1 to P2.  This also covers if P2 doesn't exist, but not if P2
+$! copy P1 to P2.  This also covers if P2 does not exist, but not if P2
 $! is an invalid filespec.
 $!
 $MoveIfDiff:  subroutine
diff --git a/packages/vms/compare_curl_source.com b/packages/vms/compare_curl_source.com
index 13ff4667f9..b63080620e 100644
--- a/packages/vms/compare_curl_source.com
+++ b/packages/vms/compare_curl_source.com
@@ -255,7 +255,7 @@ $   then
 $       ref_fname = f$edit(ref_fname, "LOWERCASE")
 $   endif
 $!
-$!  These files are in the wrong format for VMS diff, and we don't change them.
+$!  These files are in the wrong format for VMS diff, and we do not change them.
 $   ref_skip = 0
 $   if ref_type .eqs. ".PDF" then ref_skip = 1
 $   if ref_type .eqs. ".HTML" then ref_skip = 1
diff --git a/packages/vms/curl_crtl_init.c b/packages/vms/curl_crtl_init.c
index 1c90847cd2..1c21f1e881 100644
--- a/packages/vms/curl_crtl_init.c
+++ b/packages/vms/curl_crtl_init.c
@@ -33,7 +33,7 @@
  * will turn on some CRTL features that are not enabled by default.
  *
  * The CRTL features can also be turned on via logical names, but that
- * impacts all programs and some aren't ready, willing, or able to handle
+ * impacts all programs and some are not ready, willing, or able to handle
  * those settings.
  *
  * On VMS versions that are too old to use the feature setting API, this
diff --git a/packages/vms/curl_gnv_build_steps.txt b/packages/vms/curl_gnv_build_steps.txt
index 46c2c6e0a6..0c30924998 100644
--- a/packages/vms/curl_gnv_build_steps.txt
+++ b/packages/vms/curl_gnv_build_steps.txt
@@ -16,11 +16,11 @@ From File: curl_gnv_build_steps.txt
 
  SPDX-License-Identifier: ISC
 
-Currently building Curl using GNV takes longer than building Curl via DCL.
+Currently building curl using GNV takes longer than building curl via DCL.
 The GNV procedure actually uses the same configure and makefiles that
 Unix builds use.
 
-Building CURL on OpenVMS using GNV requires GNV V2.1-2 or the updated
+Building curl on OpenVMS using GNV requires GNV V2.1-2 or the updated
 images that are available via anonymous FTP at encompasserve.org in the gnv
 directory.  It also requires the GNV Bash 4.2.45 kit as an update from the
 same location or from the sourceforge.net GNV project.
@@ -100,7 +100,7 @@ Note to builders:
 
 GNV currently has a bug where configure scripts take a long time to run.
 Some of the configure steps take a while to complete, and on a 600 Mhz
-DS10 with IDE disks, taking an hour to run the CURL configure is normal.
+DS10 with IDE disks, taking an hour to run the curl configure is normal.
 
 The following messages can be ignored and may get fixed in a future version
 of GNV.  The GNV$*.OPT files are used to find the libraries as many have
diff --git a/packages/vms/curl_release_note_start.txt b/packages/vms/curl_release_note_start.txt
index 62b2836359..1a67b36020 100644
--- a/packages/vms/curl_release_note_start.txt
+++ b/packages/vms/curl_release_note_start.txt
@@ -16,16 +16,16 @@ OpenVMS specific building and kitting instructions are after the standard
 curl readme file.
 
 This product may be available for your platform in a PCSI kit.  The source kit
-contains files for building CURL using GNV or with a DCL procedure.
+contains files for building curl using GNV or with a DCL procedure.
 
 The GNV based build creates a libcurl share imaged which is supplied in the
 PCSI kit.
 
-This version of CURL will return VMS compatible status codes when run from
+This version of curl will return VMS compatible status codes when run from
 DCL and Unix compatible exit codes and messages when run with the SHELL
 environment variable set.
 
-This port of Curl uses the OpenSSL, Ldap, and Kerberos V5 that are bundled
+This port of curl uses the OpenSSL, Ldap, and Kerberos V5 that are bundled
 with OpenVMS or supplied as updates by HP.  Ldap and Kerberos are not available
 on the VAX platform.  See section below for a special note about HP OpenSSL
 on Alpha and IA64.
@@ -61,7 +61,7 @@ For the HP SSL work around to work for GNV do the following:
 Similar workarounds will be needed for any program linked with GNV$LIBCURL
 until the HP OpenSSL is upgraded to the current 1.4 version or later.
 
-If you are installing a "daily" build instead of a release build of Curl, some
+If you are installing a "daily" build instead of a release build of curl, some
 things have been changed so that it can be installed at the same time as
 a production build without conflicts.
 
diff --git a/packages/vms/curl_startup.com b/packages/vms/curl_startup.com
index e90bbecbb9..7e5b2729d8 100644
--- a/packages/vms/curl_startup.com
+++ b/packages/vms/curl_startup.com
@@ -1,6 +1,6 @@
 $! File: curl_Startup.com
 $!
-$! Procedure to setup the CURL libraries for use by programs from the
+$! Procedure to setup the curl libraries for use by programs from the
 $! VMS SYSTARTUP*.COM procedure.
 $!
 $! Copyright (C) John Malmberg
@@ -75,7 +75,7 @@ $ define/system/exec gnv$curl_ssl_libcryptoshr32 'curl_ssl_libcrypto32'
 $ define/system/exec gnv$curl_ssl_libsslshr32 'curl_ssl_libssl32'
 $!
 $!
-$! CURL setup
+$! curl setup
 $ define/system/exec gnv$libcurl gnv$gnu:[usr.lib]GNV$LIBCURL.EXE
 $ define/system/exec gnv$curl_include gnv$gnu:[usr.include.curl]
 $ if .not. f$file_attributes("gnv$libcurl", "known")
diff --git a/packages/vms/generate_config_vms_h_curl.com b/packages/vms/generate_config_vms_h_curl.com
index d7bc8bfc8f..245d072d20 100644
--- a/packages/vms/generate_config_vms_h_curl.com
+++ b/packages/vms/generate_config_vms_h_curl.com
@@ -1,6 +1,6 @@
 $! File: GENERATE_CONFIG_H_CURL.COM
 $!
-$! Curl like most open source products uses a variant of a config.h file.
+$! curl like most open source products uses a variant of a config.h file.
 $! Depending on the curl version, this could be config.h or curl_config.h.
 $!
 $! For GNV based builds, the configure script is run and that produces
@@ -197,7 +197,7 @@ $write cvh "#define __CONFIG_VMS_H__"
 $write cvh ""
 $write cvh "/* Define cpu-machine-OS */"
 $!
-$! Curl uses an OS macro to set the build environment.
+$! curl uses an OS macro to set the build environment.
 $!----------------------------------------------------
 $! Now the DCL builds usually say xxx-HP-VMS and configure scripts
 $! may put DEC or COMPAQ or HP for the middle part.
@@ -345,7 +345,7 @@ $!
 $!
 $! I can not figure out where the C compiler is finding the ALLOCA.H file
 $! in the text libraries, so CONFIG_H.COM can not find it either.
-$! Usually the header file name is the module name in the text library.
+$! Usually the header filename is the module name in the text library.
 $! It does not appear to hurt anything to not find header file, so we
 $! are not overriding it here.
 $!
diff --git a/packages/vms/gnv_curl_configure.sh b/packages/vms/gnv_curl_configure.sh
index 21558001ed..7e74da3463 100755
--- a/packages/vms/gnv_curl_configure.sh
+++ b/packages/vms/gnv_curl_configure.sh
@@ -1,6 +1,6 @@
 # File: gnv_curl_configure.sh
 #
-# Set up and run the configure script for Curl so that it can find the
+# Set up and run the configure script for curl so that it can find the
 # proper options for VMS.
 #
 # Copyright (C) John Malmberg
diff --git a/packages/vms/gnv_link_curl.com b/packages/vms/gnv_link_curl.com
index 83a8e021e8..9fc944c778 100644
--- a/packages/vms/gnv_link_curl.com
+++ b/packages/vms/gnv_link_curl.com
@@ -259,7 +259,7 @@ This package is built on with the OpenSSL version listed below and requires
 the shared images from the HP OpenSSL product that is kitted with that
 version or a compatible later version.
 
-For Alpha and IA64 platforms, see the url below to register to get the
+For Alpha and IA64 platforms, see the URL below to register to get the
 download URL.  The kit will be HP 1.4-467 or later.
   https://h41379.www4.hpe.com/openvms/products/ssl/ssl.html
 
@@ -269,10 +269,10 @@ download URLs provided and put in CPQ-VAXVMS-SSL-V0101-B-1.PCSI-DCX_VAXEXE
 If your system can not be upgraded to a compatible version of OpenSSL, then
 you can extract the two shared images from the kit and place them in the
 [vms$common.gnv.lib]directory of the volume that you are installing GNV and
-or GNV compatible components like Curl.
+or GNV compatible components like curl.
 
 If GNV is installed, you must run the GNV startup procedure before these steps
-and before installing Curl.
+and before installing curl.
 
 
   1.  make sure that [vms$common.gnv.lib] exists by using the following
@@ -387,7 +387,7 @@ $!
 $ if f$search("[.src]curl-tool_main.o") .nes. ""
 $ then
 $!  From src/makefile.inc:
-$!  # libcurl has sources that provide functions named curlx_* that aren't
+$!  # libcurl has sources that provide functions named curlx_* that are not
 $!  # part of the official API, but we reuse the code here to avoid
 $!  # duplication.
 $!
diff --git a/packages/vms/make_gnv_curl_install.sh b/packages/vms/make_gnv_curl_install.sh
index b85ef0ced2..4723070387 100755
--- a/packages/vms/make_gnv_curl_install.sh
+++ b/packages/vms/make_gnv_curl_install.sh
@@ -1,6 +1,6 @@
 # File: make_gnv_curl_install.sh
 #
-# Set up and run the make script for Curl.
+# Set up and run the make script for curl.
 #
 # This makes the library, the curl binary and attempts an install.
 # A search list should be set up for GNU (GNV$GNU).
diff --git a/packages/vms/pcsi_gnv_curl_file_list.txt b/packages/vms/pcsi_gnv_curl_file_list.txt
index 586f7e7675..9ae49d5977 100644
--- a/packages/vms/pcsi_gnv_curl_file_list.txt
+++ b/packages/vms/pcsi_gnv_curl_file_list.txt
@@ -1,7 +1,7 @@
 ! File: PCSI_GNV_CURL_FILE_LIST.TXT
 !
 ! File list for building a PCSI kit.
-! Very simple format so that the parsing logic can be simple.
+! Simple format so that the parsing logic can be simple.
 ! links first, directory second, and files third.
 !
 ! link -> file tells procedure to create/remove a link on install/uninstall
diff --git a/packages/vms/pcsi_product_gnv_curl.com b/packages/vms/pcsi_product_gnv_curl.com
index 83d8fa3b66..2369613f47 100644
--- a/packages/vms/pcsi_product_gnv_curl.com
+++ b/packages/vms/pcsi_product_gnv_curl.com
@@ -1,6 +1,6 @@
 $! File: PCSI_PRODUCT_GNV_CURL.COM
 $!
-$! This command file packages up the product CURL into a sequential
+$! This command file packages up the product curl into a sequential
 $! format kit
 $!
 $! Copyright (C) John Malmberg
@@ -85,8 +85,8 @@ $   endif
 $   @gnv_link_curl.com
 $ endif
 $!
-$! Make sure that the release note file name is up to date
-$!---------------------------------------------------------
+$! Make sure that the release note filename is up to date
+$!--------------------------------------------------------
 $ @BUILD_GNV_CURL_RELEASE_NOTES.COM
 $!
 $!
diff --git a/packages/vms/readme b/packages/vms/readme
index 042a22b807..7cf3fc6867 100644
--- a/packages/vms/readme
+++ b/packages/vms/readme
@@ -202,17 +202,17 @@ Other Notes:
 This release fixes known bugs #22, and #57 in the [curl.docs]known_bugs.
 file.
 
-The libcurl formdata.c module and Curl tools post form now have some
+The libcurl formdata.c module and curl tools post form now have some
 understanding of VMS file types.  Files will be posted in STREAM_LF format.
 
-The Curl tool now has some understanding of VMS file types and will upload the
+The curl tool now has some understanding of VMS file types and will upload the
 files in STREAM_LF format.
 
-When CURL is uploading a VARIABLE format VMS file, it is less efficient as in
+When curl is uploading a VARIABLE format VMS file, it is less efficient as in
 order to get the file size, it will first read the entire file once, and then
 read the file again for the actual upload.
 
-The Curl tool will now always download files into STREAM_LF format.  Even if a
+The curl tool will now always download files into STREAM_LF format.  Even if a
 file by that name with a different format already exists.  This is needed to
 allow interrupted downloads to be continued.
 
@@ -225,4 +225,4 @@ The test suites are not supported as of 7.11.0.
 The curlmsg.sdl and curlmsg.h files are generated from curlmsg.msg.
 This is not done automatically, since the .MSG file is a hand edit
 of the relevant stuff from the curl.h file.  If you want to do this
-yourself you'll need the SDL package from the freeware collection.
+yourself you need the SDL package from the freeware collection.
diff --git a/packages/vms/setup_gnv_curl_build.com b/packages/vms/setup_gnv_curl_build.com
index 49882463f3..e2d058a8b9 100644
--- a/packages/vms/setup_gnv_curl_build.com
+++ b/packages/vms/setup_gnv_curl_build.com
@@ -1,6 +1,6 @@
 $! File: setup_gnv_curl_build.com
 $!
-$! Set up build environment for building Curl under GNV on VMS.
+$! Set up build environment for building curl under GNV on VMS.
 $!
 $! GNV needs some files moved into the other directories to help with
 $! the configure script and the build.
diff --git a/scripts/cd2nroff b/scripts/cd2nroff
index 992cf37b5a..3f1162a739 100755
--- a/scripts/cd2nroff
+++ b/scripts/cd2nroff
@@ -55,10 +55,10 @@ while(@ARGV) {
         print < Write the output to the file name from the meta-data in the
+-d  Write the output to the filename from the meta-data in the
          specified directory, instead of writing to stdout
 -e  If -d is used, this option can provide an added "extension", arbitrary
-         text really, to append to the file name.
+         text really, to append to the filename.
 -h       This help text,
 -v       Show version then exit
 HELP
@@ -373,7 +373,7 @@ sub single {
     my $blankline = 0;
     my $header = 0;
 
-    # cut off the leading path from the file name, if any
+    # cut off the leading path from the filename, if any
     $f =~ s/^(.*[\\\/])//;
 
     push @desc, ".\\\" generated by cd2nroff $cd2nroff from $f\n";
@@ -515,7 +515,7 @@ sub single {
             $blankline++;
         }
         else {
-            # don't output newlines if this is the first content after a
+            # do not output newlines if this is the first content after a
             # header
             push @desc, "\n" if($blankline && !$header);
             $blankline = 0;
diff --git a/scripts/cdall b/scripts/cdall
index aab41b6505..3c5c68b525 100755
--- a/scripts/cdall
+++ b/scripts/cdall
@@ -23,7 +23,7 @@
 #
 ###########################################################################
 
-# provide all dir names to scan on the cmdline
+# provide all directory names to scan on the command-line
 
 use strict;
 use warnings;
diff --git a/scripts/checksrc.pl b/scripts/checksrc.pl
index 4224934a5e..5f9ea33526 100755
--- a/scripts/checksrc.pl
+++ b/scripts/checksrc.pl
@@ -181,7 +181,7 @@ sub readskiplist {
 
 # Reads the .checksrc in $dir for any extended warnings to enable locally.
 # Currently there is no support for disabling warnings from the standard set,
-# and since that's already handled via !checksrc! commands there is probably
+# and since that is already handled via !checksrc! commands there is probably
 # little use to add it.
 sub readlocalfile {
     my ($file) = @_;
@@ -246,7 +246,7 @@ sub checkwarn {
     my $nowarn=0;
 
     #if(!$warnings{$name}) {
-    #    print STDERR "Dev! there's no description for $name!\n";
+    #    print STDERR "Dev! there is no description for $name!\n";
     #}
 
     # checksrc.skip
@@ -351,7 +351,7 @@ if(!$file) {
     print "  -A[rule]  Accept this violation, can be used multiple times\n";
     print "  -a[func]  Allow use of this function\n";
     print "  -b[func]  Ban use of this function\n";
-    print "  -D[DIR]   Directory to prepend file names\n";
+    print "  -D[DIR]   Directory to prepend filenames\n";
     print "  -h        Show help output\n";
     print "  -W[file]  Skip the given file - ignore all its flaws\n";
     print "  -i     Indent spaces. Default: 2\n";
@@ -971,7 +971,7 @@ sub scanfile {
         }
 
         # check for open brace first on line but not first column only alert
-        # if previous line ended with a close paren and it wasn't a cpp line
+        # if previous line ended with a close paren and it was not a cpp line
         if(($prevl =~ /\)\z/) && ($l =~ /^( +)\{/) && !$prevp) {
             checkwarn("BRACEPOS",
                       $line, length($1), $file, $ol, "badly placed open brace");
@@ -995,7 +995,7 @@ sub scanfile {
         }
 
         # if the previous line starts with if/while/for AND ends with a closed
-        # parenthesis and there's an equal number of open and closed
+        # parenthesis and there is an equal number of open and closed
         # parentheses, check that this line is indented $indent more steps, if
         # not a cpp line
         elsif(!$prevp && ($prevl =~ /^( *)(if|while|for)(\(.*\))\z/)) {
diff --git a/scripts/ciconfig.pl b/scripts/ciconfig.pl
index 1d8f235564..c56c31e2be 100755
--- a/scripts/ciconfig.pl
+++ b/scripts/ciconfig.pl
@@ -182,7 +182,7 @@ for my $w (sort keys %avail) {
     }
 }
 
-print "Never ENABLED configure options that aren't on by default\n";
+print "Never ENABLED configure options that are not on by default\n";
 for my $w (sort keys %avail) {
     if(!$with{$w} && !$defaulton{$w}) {
         printf "  %s\n", $w;
@@ -190,7 +190,7 @@ for my $w (sort keys %avail) {
 }
 
 
-print "ENABLED configure options that aren't available\n";
+print "ENABLED configure options that are not available\n";
 for my $w (sort keys %with) {
     if(!$avail{$w}) {
         printf "  %s\n", $w;
diff --git a/scripts/cmakelint.sh b/scripts/cmakelint.sh
index 9462081f21..325a07b5e6 100755
--- a/scripts/cmakelint.sh
+++ b/scripts/cmakelint.sh
@@ -34,7 +34,7 @@
 # cmake-lint can be installed from PyPi with the command "python3 -m pip
 # install cmakelang".
 #
-# The xargs invocation is portable, but does not preserve spaces in file names.
+# The xargs invocation is portable, but does not preserve spaces in filenames.
 # If such a file is ever added, then this can be portably fixed by switching to
 # "xargs -I{}" and appending {} to the end of the xargs arguments (which will
 # call cmakelint once per file) or by using the GNU extension "xargs -d'\n'".
diff --git a/scripts/completion.pl b/scripts/completion.pl
index 7b689c74fb..27e2f062e7 100755
--- a/scripts/completion.pl
+++ b/scripts/completion.pl
@@ -84,8 +84,8 @@ sub parse_main_opts {
     @files = readdir($dir_handle);
     closedir($dir_handle) || die "Unable to close handle on dir: $opts_dir due to error: $!";
 
-    # We want regular files that end with .md and don't start with an underscore
-    # Edge case: MANPAGE.md doesn't start with an underscore but also isn't documentation for an option
+    # We want regular files that end with .md and do not start with an underscore
+    # Edge case: MANPAGE.md does not start with an underscore but also is not documentation for an option
     @files = grep { $_ =~ /\.md$/i && !/^_/ && -f "$opts_dir/$_" && $_ ne "MANPAGE.md" } @files;
 
     for my $file (@files) {
@@ -145,8 +145,8 @@ sub parse_main_opts {
         push(@list, $option);
     }
 
-    # Sort longest first, because zsh won't complete an option listed
-    # after one that's a prefix of it. When length is equal, fall back
+    # Sort longest first, because zsh does not complete an option listed
+    # after one that is a prefix of it. When length is equal, fall back
     # to stringwise cmp.
     @list = sort {
         $a =~ /([^=]*)/; my $ma = $1;
diff --git a/scripts/managen b/scripts/managen
index 6099f0ff4d..61dae8cc1f 100755
--- a/scripts/managen
+++ b/scripts/managen
@@ -538,7 +538,7 @@ sub render {
         exit 3;
     }
     if($quote) {
-        # don't leave the quote "hanging"
+        # do not leave the quote "hanging"
         push @desc, ".fi\n" if($manpage);
     }
     if($tablemode) {
@@ -1052,7 +1052,7 @@ sub sourcecategories {
     my ($dir) = @_;
     my %cats;
     open(H, "<$dir/../../src/tool_help.h") ||
-        die "can't find the header file";
+        die "cannot find the header file";
     while() {
         if(/^\#define CURLHELP_([A-Z0-9]*)/) {
             $cats{lc($1)}++;
diff --git a/scripts/mk-ca-bundle.pl b/scripts/mk-ca-bundle.pl
index 71880653b2..e43463c27a 100755
--- a/scripts/mk-ca-bundle.pl
+++ b/scripts/mk-ca-bundle.pl
@@ -92,7 +92,7 @@ my @valid_mozilla_trust_purposes = (
 my @valid_mozilla_trust_levels = (
     "TRUSTED_DELEGATOR",    # CAs
     "NOT_TRUSTED",          # Don't trust these certs.
-    "MUST_VERIFY_TRUST",    # This explicitly tells us that it ISN'T a CA but is
+    "MUST_VERIFY_TRUST",    # This explicitly tells us that it IS NOT a CA but is
                             # otherwise ok. In other words, this should tell the
                             # app to ignore any other sources that claim this is
                             # a CA.
@@ -154,7 +154,7 @@ sub warning_message() {
         print "  2) Default to 'release', but more recent updates may be found in other trees\n";
         print "  3) certdata.txt file format may change, lag time to update this script\n";
         print "  4) Generally unwise to blindly trust CAs without manual review & verification\n";
-        print "  5) Mozilla apps use additional security checks aren't represented in certdata\n";
+        print "  5) Mozilla apps use additional security checks are not represented in certdata\n";
         print "  6) Use of this script will make a security engineer grind his teeth and\n";
         print "     swear at you.  ;)\n";
         exit;
@@ -241,7 +241,7 @@ sub parse_csv_param($$@) {
 sub sha256 {
     my $result;
     if($Digest::SHA::VERSION || $Digest::SHA::PurePerl::VERSION) {
-        open(FILE, $_[0]) or die "Can't open '$_[0]': $!";
+        open(FILE, $_[0]) or die "Could not open '$_[0]': $!";
         binmode(FILE);
         $result = $MOD_SHA->new(256)->addfile(*FILE)->hexdigest;
         close(FILE);
@@ -401,9 +401,9 @@ my $currentdate = scalar gmtime($filedate);
 
 my $format = $opt_t ? "plain text and " : "";
 if($stdout) {
-    open(CRT, '> -') or die "Couldn't open STDOUT: $!\n";
+    open(CRT, '> -') or die "Could not open STDOUT: $!\n";
 } else {
-    open(CRT,">$crt.~") or die "Couldn't open $crt.~: $!\n";
+    open(CRT,">$crt.~") or die "Could not open $crt.~: $!\n";
 }
 print CRT <) {
     if(/\*\*\*\*\* BEGIN LICENSE BLOCK \*\*\*\*\*/) {
         print CRT;
@@ -629,25 +629,25 @@ while() {
                     $pipe = "|$openssl x509 -" . $hash . " -fingerprint -noout -inform PEM";
                     if(!$stdout) {
                         $pipe .= " >> $crt.~";
-                        close(CRT) or die "Couldn't close $crt.~: $!";
+                        close(CRT) or die "Could not close $crt.~: $!";
                     }
-                    open(TMP, $pipe) or die "Couldn't open openssl pipe: $!";
+                    open(TMP, $pipe) or die "Could not open openssl pipe: $!";
                     print TMP $pem;
-                    close(TMP) or die "Couldn't close openssl pipe: $!";
+                    close(TMP) or die "Could not close openssl pipe: $!";
                     if(!$stdout) {
-                        open(CRT, ">>$crt.~") or die "Couldn't open $crt.~: $!";
+                        open(CRT, ">>$crt.~") or die "Could not open $crt.~: $!";
                     }
                 }
                 $pipe = "|$openssl x509 -text -inform PEM";
                 if(!$stdout) {
                     $pipe .= " >> $crt.~";
-                    close(CRT) or die "Couldn't close $crt.~: $!";
+                    close(CRT) or die "Could not close $crt.~: $!";
                 }
-                open(TMP, $pipe) or die "Couldn't open openssl pipe: $!";
+                open(TMP, $pipe) or die "Could not open openssl pipe: $!";
                 print TMP $pem;
-                close(TMP) or die "Couldn't close openssl pipe: $!";
+                close(TMP) or die "Could not close openssl pipe: $!";
                 if(!$stdout) {
-                    open(CRT, ">>$crt.~") or die "Couldn't open $crt.~: $!";
+                    open(CRT, ">>$crt.~") or die "Could not open $crt.~: $!";
                 }
             }
             report "Processed: $caname" if($opt_v);
@@ -655,8 +655,8 @@ while() {
         }
     }
 }
-close(TXT) or die "Couldn't close $txt: $!\n";
-close(CRT) or die "Couldn't close $crt.~: $!\n";
+close(TXT) or die "Could not close $txt: $!\n";
+close(CRT) or die "Could not close $crt.~: $!\n";
 unless($stdout) {
     if($opt_b && -e $crt) {
         my $bk = 1;
diff --git a/scripts/perlcheck.sh b/scripts/perlcheck.sh
index 9e3c87f695..4d2996d2f7 100755
--- a/scripts/perlcheck.sh
+++ b/scripts/perlcheck.sh
@@ -23,7 +23,7 @@
 #
 ###########################################################################
 
-# The xargs invocation is portable, but does not preserve spaces in file names.
+# The xargs invocation is portable, but does not preserve spaces in filenames.
 # If such a file is ever added, then this can be portably fixed by switching to
 # "xargs -I{}" and appending {} to the end of the xargs arguments (which will
 # call cmakelint once per file) or by using the GNU extension "xargs -d'\n'".
diff --git a/scripts/release-notes.pl b/scripts/release-notes.pl
index 593d7965a3..a4b4e2550f 100755
--- a/scripts/release-notes.pl
+++ b/scripts/release-notes.pl
@@ -31,10 +31,10 @@
 #
 # $ ./scripts/release-notes.pl
 #
-# 2. Edit RELEASE-NOTES and remove all entries that don't belong.  Unused
+# 2. Edit RELEASE-NOTES and remove all entries that do not belong.  Unused
 # references below will be cleaned up in the next step. Make sure to move
 # "changes" up to the changes section. All entries will by default be listed
-# under bug-fixes as this script can't know where to put them.
+# under bug-fixes as this script cannot know where to put them.
 #
 # 3. Run the cleanup script and let it sort the entries and remove unused
 # references from lines you removed in step (2):
diff --git a/scripts/release-tools.sh b/scripts/release-tools.sh
index 4c4ed7d809..fc5d87fb90 100755
--- a/scripts/release-tools.sh
+++ b/scripts/release-tools.sh
@@ -31,7 +31,7 @@ version=${2:-unknown}
 tag=$(echo "curl-$version" | tr '.' '_')
 commit=${3}
 if [ -n "$commit" ] && [ -r "docs/tarball-commit.txt.dist" ]; then
-  # If commit is given, then the tag likely doesn't actually exist
+  # If commit is given, then the tag likely does not actually exist
   tag="$(cat docs/tarball-commit.txt.dist)"
 fi
 
diff --git a/scripts/top-complexity b/scripts/top-complexity
index 414adaf56c..cd132697f7 100755
--- a/scripts/top-complexity
+++ b/scripts/top-complexity
@@ -64,7 +64,7 @@ open(F, "git ls-files '*.c'|");
 while() {
     chomp $_;
     my $file = $_;
-    # we can't filter these with git so do it here
+    # we cannot filter these with git so do it here
     if($file =~ /^(lib|src)/) {
         push @files, $file;
     }

From 1e1ec7f6c2864abef038822077e5e6a7f4e47cbb Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 17 Nov 2025 18:03:22 +0100
Subject: [PATCH 0896/2408] badwords: add more contractions, fix fallouts

Also fix hits in autotools scripts (not to enforce).

Closes #19576
---
 .github/scripts/badwords.txt             | 13 ++++++
 Makefile.am                              |  2 +-
 acinclude.m4                             | 20 ++++-----
 configure.ac                             | 56 ++++++++++++------------
 docs/examples/simplessl.c                |  2 +-
 docs/libcurl/opts/CURLOPT_SSL_OPTIONS.md |  2 +-
 lib/arpa_telnet.h                        |  2 +-
 lib/asyn-ares.c                          |  2 +-
 lib/cf-h1-proxy.c                        |  2 +-
 lib/cookie.c                             |  2 +-
 lib/ftp.c                                |  4 +-
 lib/vtls/gtls.c                          |  2 +-
 m4/curl-compilers.m4                     |  4 +-
 m4/curl-functions.m4                     |  2 +-
 m4/curl-gnutls.m4                        |  8 ++--
 m4/curl-mbedtls.m4                       |  4 +-
 m4/curl-openssl.m4                       | 14 +++---
 m4/curl-override.m4                      |  2 +-
 m4/curl-reentrant.m4                     |  4 +-
 m4/curl-rustls.m4                        |  6 +--
 m4/curl-wolfssl.m4                       |  8 ++--
 m4/xc-val-flgs.m4                        |  2 +-
 m4/zz40-xc-ovr.m4                        |  4 +-
 m4/zz50-xc-ovr.m4                        |  2 +-
 packages/OS400/os400sys.c                |  2 +-
 packages/vms/build_vms.com               |  8 ++--
 packages/vms/curl_crtl_init.c            |  2 +-
 scripts/mk-ca-bundle.pl                  |  2 +-
 src/tool_parsecfg.c                      |  2 +-
 tests/data/test1425                      |  2 +-
 tests/data/test1516                      |  2 +-
 tests/data/test1566                      |  2 +-
 tests/data/test555                       |  2 +-
 tests/dictserver.py                      |  2 +-
 tests/ftpserver.pl                       | 12 ++---
 tests/getpart.pm                         |  6 +--
 tests/libtest/lib1308.c                  |  2 +-
 tests/libtest/lib557.c                   |  4 +-
 tests/libtest/lib560.c                   |  2 +-
 tests/negtelnetserver.py                 |  2 +-
 tests/processhelp.pm                     |  2 +-
 tests/runtests.pl                        |  2 +-
 tests/server/sockfilt.c                  |  2 +-
 tests/server/tftpd.c                     |  4 +-
 tests/smbserver.py                       |  4 +-
 tests/test1173.pl                        |  2 +-
 46 files changed, 126 insertions(+), 113 deletions(-)

diff --git a/.github/scripts/badwords.txt b/.github/scripts/badwords.txt
index ca86745ebf..d8f4461d26 100644
--- a/.github/scripts/badwords.txt
+++ b/.github/scripts/badwords.txt
@@ -18,21 +18,34 @@ couldn't:could not
 didn't:did not
 doesn't:does not
 don't=do not
+haven't:have not
+i'd:I would
+i'll:I will
 i'm:I am
+i've:I have
 isn't:is not
 it'd:it would
+it'll:it will
+might've:might have
+needn't:need not
 should've:should have
+shouldn't:should not
 that's:that is
 there's:there is
 they'd:They would
 they'll:They will
 they're:They are
 they've:They have
+this'll:this will
+wasn't:was not
 we'd:we would
 we'll:we will
 we're:we are
 we've:we have
+weren't:were not
 won't:will not
+would've:would have
+wouldn't:would not
 you'd:you would
 you'll:you will
 you're:you are
diff --git a/Makefile.am b/Makefile.am
index f60c50e5ac..1ed54423e5 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -111,7 +111,7 @@ pytest: test
 pytest-ci: test
 
 test:
-	@echo "NOTICE: we can't run the tests when cross-compiling!"
+	@echo "NOTICE: we cannot run the tests when cross-compiling!"
 
 else
 
diff --git a/acinclude.m4 b/acinclude.m4
index 7038f32a8b..60e05add11 100644
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -820,7 +820,7 @@ AC_DEFUN([CURL_CHECK_FUNC_CLOCK_GETTIME_MONOTONIC], [
   ])
 
   dnl Definition of HAVE_CLOCK_GETTIME_MONOTONIC is intentionally postponed
-  dnl until library linking and run-time checks for clock_gettime succeed.
+  dnl until library linking and runtime checks for clock_gettime succeed.
 ])
 
 dnl CURL_CHECK_FUNC_CLOCK_GETTIME_MONOTONIC_RAW
@@ -1085,8 +1085,8 @@ AC_DEFUN([CURL_VERIFY_RUNTIMELIBS], [
   if test "x$cross_compiling" != xyes; then
 
     dnl just run a program to verify that the libs checked for previous to this
-    dnl point also is available run-time!
-    AC_MSG_CHECKING([run-time libs availability])
+    dnl point also is available runtime!
+    AC_MSG_CHECKING([runtime libs availability])
     CURL_RUN_IFELSE([
       int main(void)
       {
@@ -1095,7 +1095,7 @@ AC_DEFUN([CURL_VERIFY_RUNTIMELIBS], [
     ],
     AC_MSG_RESULT([fine]),
     AC_MSG_RESULT([failed])
-    AC_MSG_ERROR([one or more libs available at link-time are not available run-time. Libs used at link-time: $LIBS])
+    AC_MSG_ERROR([one or more libs available at link-time are not available runtime. Libs used at link-time: $LIBS])
     )
 
     dnl if this test fails, configure has already stopped
@@ -1122,7 +1122,7 @@ AC_DEFUN([CURL_CHECK_CA_BUNDLE], [
   AC_ARG_WITH(ca-bundle,
 AS_HELP_STRING([--with-ca-bundle=FILE],
   [Absolute path to a file containing CA certificates (example: /etc/ca-bundle.crt)])
-AS_HELP_STRING([--without-ca-bundle], [Don't use a default CA bundle]),
+AS_HELP_STRING([--without-ca-bundle], [Do not use a default CA bundle]),
   [
     want_ca="$withval"
     if test "x$want_ca" = "xyes"; then
@@ -1136,7 +1136,7 @@ AS_HELP_STRING([--with-ca-path=DIRECTORY],
 their filenames in a hash format. This option can be used with the OpenSSL, \
 GnuTLS, mbedTLS and wolfSSL backends. Refer to OpenSSL c_rehash for details. \
 (example: /etc/certificates)])
-AS_HELP_STRING([--without-ca-path], [Don't use a default CA path]),
+AS_HELP_STRING([--without-ca-path], [Do not use a default CA path]),
   [
     want_capath="$withval"
     if test "x$want_capath" = "xyes"; then
@@ -1255,7 +1255,7 @@ AS_HELP_STRING([--without-ca-path], [Don't use a default CA path]),
   AC_MSG_CHECKING([whether to use OpenSSL's built-in CA store])
   AC_ARG_WITH(ca-fallback,
 AS_HELP_STRING([--with-ca-fallback], [Use OpenSSL's built-in CA store])
-AS_HELP_STRING([--without-ca-fallback], [Don't use OpenSSL's built-in CA store]),
+AS_HELP_STRING([--without-ca-fallback], [Do not use OpenSSL's built-in CA store]),
   [
     if test "x$with_ca_fallback" != "xyes" -a "x$with_ca_fallback" != "xno"; then
       AC_MSG_ERROR([--with-ca-fallback only allows yes or no as parameter])
@@ -1283,7 +1283,7 @@ AC_DEFUN([CURL_CHECK_CA_EMBED], [
   AC_ARG_WITH(ca-embed,
 AS_HELP_STRING([--with-ca-embed=FILE],
   [Absolute path to a file containing CA certificates to embed in the curl tool (example: /etc/ca-bundle.crt)])
-AS_HELP_STRING([--without-ca-embed], [Don't embed a default CA bundle in the curl tool]),
+AS_HELP_STRING([--without-ca-embed], [Do not embed a default CA bundle in the curl tool]),
   [
     want_ca_embed="$withval"
     if test "x$want_ca_embed" = "xyes"; then
@@ -1566,7 +1566,7 @@ TEST EINVAL TEST
 dnl CURL_DARWIN_CFLAGS
 dnl
 dnl Set -Werror=partial-availability to detect possible breaking code
-dnl with very low deployment targets.
+dnl with low deployment targets.
 dnl
 
 AC_DEFUN([CURL_DARWIN_CFLAGS], [
@@ -1583,7 +1583,7 @@ AC_DEFUN([CURL_DARWIN_CFLAGS], [
 dnl CURL_SUPPORTS_BUILTIN_AVAILABLE
 dnl
 dnl Check to see if the compiler supports __builtin_available. This built-in
-dnl compiler function first appeared in Apple LLVM 9.0.0. It's so new that, at
+dnl compiler function first appeared in Apple LLVM 9.0.0. It is so new that, at
 dnl the time this macro was written, the function was not yet documented. Its
 dnl purpose is to return true if the code is running under a certain OS version
 dnl or later.
diff --git a/configure.ac b/configure.ac
index 9602be344f..6c1b9c9ba6 100644
--- a/configure.ac
+++ b/configure.ac
@@ -25,7 +25,7 @@ dnl Process this file with autoconf to produce a configure script.
 
 AC_PREREQ(2.59)
 
-dnl We don't know the version number "statically" so we use a dash here
+dnl We do not know the version number "statically" so we use a dash here
 AC_INIT([curl], [-], [a suitable curl mailing list: https://curl.se/mail/])
 
 XC_OVR_ZZ50
@@ -328,7 +328,7 @@ AS_HELP_STRING([--with-test-vsftpd=PATH],[where to find vsftpd for testing]),
 )
 AC_SUBST(VSFTPD)
 
-dnl we'd like a httpd as test server
+dnl we would like an httpd as test server
 dnl
 HTTPD_ENABLED="maybe"
 AC_ARG_WITH(test-httpd, [AS_HELP_STRING([--with-test-httpd=PATH],
@@ -378,7 +378,7 @@ fi
 AC_SUBST(HTTPD)
 AC_SUBST(APXS)
 
-dnl we'd like a dante as test socks server
+dnl we would like a dante as test socks server
 dnl
 DANTED_ENABLED="maybe"
 AC_ARG_WITH(test-danted, [AS_HELP_STRING([--with-test-danted=PATH],
@@ -1368,7 +1368,7 @@ else
     [
       dnl zlib.h was found
       HAVE_ZLIB_H="1"
-      dnl if the lib wasn't found already, try again with the new paths
+      dnl if the lib was not found already, try again with the new paths
       if test "$HAVE_LIBZ" != "1"; then
         AC_CHECK_LIB(z, gzread,
           [
@@ -1500,8 +1500,8 @@ if test X"$OPT_BROTLI" != Xno; then
 
   if test "$HAVE_BROTLI" = "1"; then
     if test -n "$DIR_BROTLI"; then
-      dnl when the brotli shared libs were found in a path that the run-time
-      dnl linker doesn't search through, we need to add it to CURL_LIBRARY_PATH
+      dnl when the brotli shared libs were found in a path that the runtime
+      dnl linker does not search through, we need to add it to CURL_LIBRARY_PATH
       dnl to prevent further configure tests to fail due to this
 
       if test "x$cross_compiling" != "xyes"; then
@@ -1589,8 +1589,8 @@ if test X"$OPT_ZSTD" != Xno; then
 
   if test "$HAVE_ZSTD" = "1"; then
     if test -n "$DIR_ZSTD"; then
-      dnl when the zstd shared lib were found in a path that the run-time
-      dnl linker doesn't search through, we need to add it to
+      dnl when the zstd shared lib were found in a path that the runtime
+      dnl linker does not search through, we need to add it to
       dnl CURL_LIBRARY_PATH to prevent further configure tests to fail due to
       dnl this
 
@@ -1836,7 +1836,7 @@ if test x"$want_gss" = xyes; then
         CURL_CHECK_PKGCONFIG(mit-krb5-gssapi)
       fi
       if test -n "$host_alias" -a -f "$GSSAPI_ROOT/bin/$host_alias-krb5-config"; then
-        dnl krb5-config doesn't have --libs-only-L or similar, put everything
+        dnl krb5-config does not have --libs-only-L or similar, put everything
         dnl into LIBS
         gss_libs=`$GSSAPI_ROOT/bin/$host_alias-krb5-config --libs gssapi`
         LIBS="$gss_libs $LIBS"
@@ -1845,7 +1845,7 @@ if test x"$want_gss" = xyes; then
         LIBS="$gss_libs $LIBS"
         link_pkgconfig=1
       elif test -f "$KRB5CONFIG"; then
-        dnl krb5-config doesn't have --libs-only-L or similar, put everything
+        dnl krb5-config does not have --libs-only-L or similar, put everything
         dnl into LIBS
         gss_libs=`$KRB5CONFIG --libs gssapi`
         LIBS="$gss_libs $LIBS"
@@ -2286,8 +2286,8 @@ if test X"$OPT_LIBSSH2" != Xno; then
 
   if test "$USE_LIBSSH2" = "1"; then
     if test -n "$DIR_SSH2"; then
-      dnl when the libssh2 shared libs were found in a path that the run-time
-      dnl linker doesn't search through, we need to add it to CURL_LIBRARY_PATH
+      dnl when the libssh2 shared libs were found in a path that the runtime
+      dnl linker does not search through, we need to add it to CURL_LIBRARY_PATH
       dnl to prevent further configure tests to fail due to this
 
       if test "x$cross_compiling" != "xyes"; then
@@ -2366,8 +2366,8 @@ elif test X"$OPT_LIBSSH" != Xno; then
       LIBS="-liphlpapi $LIBS"
     fi
     if test -n "$DIR_SSH"; then
-      dnl when the libssh shared libs were found in a path that the run-time
-      dnl linker doesn't search through, we need to add it to CURL_LIBRARY_PATH
+      dnl when the libssh shared libs were found in a path that the runtime
+      dnl linker does not search through, we need to add it to CURL_LIBRARY_PATH
       dnl to prevent further configure tests to fail due to this
 
       if test "x$cross_compiling" != "xyes"; then
@@ -2420,7 +2420,7 @@ case "$OPT_LDAP" in
     want_ldap="yes"
     ;;
   off)
-    dnl no --with-ldap option given, don't change anything
+    dnl no --with-ldap option given, do not change anything
     want_ldap="default"
     ;;
   *)
@@ -2477,7 +2477,7 @@ if test x$CURL_DISABLE_LDAP != x1 && test "$want_ldap" != "no"; then
 
     if test "$ldap_lib_ok" = "no"; then
       if test -n "$ldap_askedfor"; then
-        AC_MSG_ERROR([couldn't detect the LDAP libraries])
+        AC_MSG_ERROR([could not detect the LDAP libraries])
       fi
       AC_MSG_WARN(["$LDAPLIBNAME" is not an LDAP library: LDAP disabled])
       AC_DEFINE(CURL_DISABLE_LDAP, 1, [to disable LDAP])
@@ -2495,7 +2495,7 @@ if test x$CURL_DISABLE_LDAP != x1 && test "$want_ldap" != "no"; then
     case X-"$curl_cv_ldap_LIBS" in
       X-unknown)
         if test -n "$ldap_askedfor"; then
-          AC_MSG_ERROR([couldn't detect the LDAP libraries])
+          AC_MSG_ERROR([could not detect the LDAP libraries])
         fi
         AC_MSG_WARN([Cannot find libraries for LDAP support: LDAP disabled])
         AC_DEFINE(CURL_DISABLE_LDAP, 1, [to disable LDAP])
@@ -2514,8 +2514,8 @@ fi
 if test x$CURL_DISABLE_LDAP != x1; then
   dnl Add to library path if needed
   if test -n "$DIR_LDAP"; then
-    dnl when the ldap shared lib were found in a path that the run-time
-    dnl linker doesn't search through, we need to add it to
+    dnl when the ldap shared lib were found in a path that the runtime
+    dnl linker does not search through, we need to add it to
     dnl CURL_LIBRARY_PATH to prevent further configure tests to fail due to
     dnl this
 
@@ -2527,8 +2527,8 @@ if test x$CURL_DISABLE_LDAP != x1; then
   fi
 
   if test "$LBERLIBNAME"; then
-    dnl If name is "no" then don't define this library at all
-    dnl (it's only needed if libldap.so's dependencies are broken).
+    dnl If name is "no" then do not define this library at all
+    dnl (it is only needed if libldap.so's dependencies are broken).
     dnl Skip this check if we already determined we need both libraries above
     if test "$LBERLIBNAME" != "no" -a "$ldap_lib_ok" != "yes"; then
       AC_CHECK_LIB("$LBERLIBNAME", ber_free,, [
@@ -3789,7 +3789,7 @@ if test X"$want_quiche" != Xno; then
         )
       ],
         dnl not found, revert back to clean variables
-        AC_MSG_ERROR([couldn't use quiche])
+        AC_MSG_ERROR([could not use quiche])
     )
   else
     dnl no quiche pkg-config found, deal with it
@@ -3955,7 +3955,7 @@ if test -z "$PERL" -a x"$FISH_FUNCTIONS_DIR" != x; then
 fi
 AM_CONDITIONAL(USE_FISH_COMPLETION, test x"$FISH_FUNCTIONS_DIR" != x)
 
-dnl Now check for the very most basic headers. Then we can use these
+dnl Now check for the most basic headers. Then we can use these
 dnl ones as default-headers when checking for the rest!
 AC_CHECK_HEADERS(
   sys/types.h \
@@ -4053,7 +4053,7 @@ AC_CHECK_TYPE(long long,
 )
 
 if test ${ac_cv_sizeof_curl_off_t} -lt 8; then
-  AC_MSG_ERROR([64 bit curl_off_t is required])
+  AC_MSG_ERROR([64-bit curl_off_t is required])
 fi
 
 # check for ssize_t
@@ -4297,7 +4297,7 @@ if test "$want_threaded_resolver" = "yes" && test "$USE_THREADS_WIN32" != "1"; t
           ;;
       esac
 
-      dnl if it wasn't found without lib, search for it in pthread lib
+      dnl if it was not found without lib, search for it in pthread lib
       if test "$USE_THREADS_POSIX" != "1"; then
         # assign PTHREAD for pkg-config use
         PTHREAD=" -pthread"
@@ -4908,7 +4908,7 @@ AS_HELP_STRING([--disable-headers-api],[Disable headers-api support]),
     AC_MSG_RESULT(yes)
 )
 
-dnl only check for HSTS if there's SSL present
+dnl only check for HSTS if there is SSL present
 if test -n "$SSL_ENABLED"; then
   dnl ************************************************************
   dnl switch on/off hsts
@@ -5029,9 +5029,9 @@ if test "x$CURL_DISABLE_HTTP" != "x1"; then
       if test ${ac_cv_sizeof_curl_off_t} -gt 4; then
         AC_MSG_RESULT(yes)
       else
-        dnl WebSockets requires >32 bit curl_off_t
+        dnl WebSockets requires >32-bit curl_off_t
         AC_MSG_RESULT(no)
-        AC_MSG_WARN([WebSockets disabled due to lack of >32 bit curl_off_t])
+        AC_MSG_WARN([WebSockets disabled due to lack of >32-bit curl_off_t])
         AC_DEFINE(CURL_DISABLE_WEBSOCKETS, [1], [disable WebSockets])
         CURL_DISABLE_WEBSOCKETS=1
       fi
diff --git a/docs/examples/simplessl.c b/docs/examples/simplessl.c
index 9fc2e41484..cf5477f945 100644
--- a/docs/examples/simplessl.c
+++ b/docs/examples/simplessl.c
@@ -103,7 +103,7 @@ int main(void)
 #endif
 
   /* cert is stored PEM coded in file... */
-  /* since PEM is default, we needn't set it for PEM */
+  /* since PEM is default, we need not set it for PEM */
   curl_easy_setopt(curl, CURLOPT_SSLCERTTYPE, "PEM");
 
   /* set the cert for client authentication */
diff --git a/docs/libcurl/opts/CURLOPT_SSL_OPTIONS.md b/docs/libcurl/opts/CURLOPT_SSL_OPTIONS.md
index 2065fe6f16..79ced71ea7 100644
--- a/docs/libcurl/opts/CURLOPT_SSL_OPTIONS.md
+++ b/docs/libcurl/opts/CURLOPT_SSL_OPTIONS.md
@@ -100,7 +100,7 @@ Tell libcurl to try sending application data as TLS1.3 early data. This option
 is supported for GnuTLS, wolfSSL, quictls and OpenSSL (but not BoringSSL
 or AWS-LC). It works on TCP and QUIC connections using ngtcp2.
 This option works on a best effort basis,
-in cases when it wasn't possible to send early data the request is resent
+in cases when it was not possible to send early data the request is resent
 normally post-handshake.
 This option does not work when using QUIC.
 (Added in 8.11.0 for GnuTLS and 8.13.0 for wolfSSL, quictls and OpenSSL)
diff --git a/lib/arpa_telnet.h b/lib/arpa_telnet.h
index d641a01da8..055aa98b10 100644
--- a/lib/arpa_telnet.h
+++ b/lib/arpa_telnet.h
@@ -79,7 +79,7 @@ static const char * const telnetoptions[]=
 #define CURL_WILL 251 /* Our side WILL use this option */
 #define CURL_WONT 252 /* Our side will not use this option */
 #define CURL_DO   253 /* DO use this option! */
-#define CURL_DONT 254 /* DON'T use this option! */
+#define CURL_DONT 254 /* DO NOT use this option! */
 #define CURL_IAC  255 /* Interpret As Command */
 
 #ifndef CURL_DISABLE_VERBOSE_STRINGS
diff --git a/lib/asyn-ares.c b/lib/asyn-ares.c
index c729aebdaf..ad9147a01c 100644
--- a/lib/asyn-ares.c
+++ b/lib/asyn-ares.c
@@ -566,7 +566,7 @@ static void async_ares_hostbyname_cb(void *user_data,
        So, now that we have a usable answer (some IPv4 addresses, some IPv6
        addresses, or "no such domain"), we start a timeout for the remaining
        pending responses. Even though it is typical that this resolved
-       request came back quickly, that needn't be the case. It might be that
+       request came back quickly, that need not be the case. It might be that
        this completing request did not get a result from the first DNS
        server or even the first round of the whole DNS server pool. So it
        could already be quite some time after we issued the DNS queries in
diff --git a/lib/cf-h1-proxy.c b/lib/cf-h1-proxy.c
index ac0dc596f2..91d690e31a 100644
--- a/lib/cf-h1-proxy.c
+++ b/lib/cf-h1-proxy.c
@@ -175,7 +175,7 @@ static void h1_tunnel_go_state(struct Curl_cfilter *cf,
     curlx_dyn_reset(&ts->rcvbuf);
     curlx_dyn_reset(&ts->request_data);
     /* restore the protocol pointer */
-    data->info.httpcode = 0; /* clear it as it might've been used for the
+    data->info.httpcode = 0; /* clear it as it might have been used for the
                                 proxy */
     /* If a proxy-authorization header was used for the proxy, then we should
        make sure that it is not accidentally used for the document request
diff --git a/lib/cookie.c b/lib/cookie.c
index 3155c4b3e4..c7dedc95e8 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -1629,7 +1629,7 @@ void Curl_flush_cookies(struct Curl_easy *data, bool cleanup)
   Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
   /* only save the cookie file if a transfer was started (data->state.url is
      set), as otherwise the cookies were not completely initialized and there
-     might be cookie files that weren't loaded so saving the file is the wrong
+     might be cookie files that were not loaded so saving the file is the wrong
      thing. */
   if(data->set.str[STRING_COOKIEJAR] && data->state.url) {
     /* if we have a destination file for all the cookies to get dumped to */
diff --git a/lib/ftp.c b/lib/ftp.c
index bcf4b809cc..7a0bb8ce01 100644
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -1902,7 +1902,7 @@ static CURLcode ftp_state_pasv_resp(struct Curl_easy *data,
 #ifndef CURL_DISABLE_PROXY
   if(conn->bits.proxy) {
     /* This connection uses a proxy and we need to connect to the proxy again
-     * here. We do not want to rely on a former host lookup that might've
+     * here. We do not want to rely on a former host lookup that might have
      * expired now, instead we remake the lookup here and now! */
     struct ip_quadruple ipquad;
     bool is_ipv6;
@@ -1964,7 +1964,7 @@ static CURLcode ftp_state_pasv_resp(struct Curl_easy *data,
   }
 
   /*
-   * When this is used from the multi interface, this might've returned with
+   * When this is used from the multi interface, this might have returned with
    * the 'connected' set to FALSE and thus we are now awaiting a non-blocking
    * connect to connect.
    */
diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index 4ac6bad016..eba5fb36f0 100644
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -691,7 +691,7 @@ CURLcode Curl_gtls_cache_session(struct Curl_cfilter *cf,
 
   /* we always unconditionally get the session id here, as even if we
      already got it from the cache and asked to use it in the connection, it
-     might've been rejected and then a new one is in use now and we need to
+     might have been rejected and then a new one is in use now and we need to
      detect that. */
 
   /* get the session ID data size */
diff --git a/m4/curl-compilers.m4 b/m4/curl-compilers.m4
index 9aab2736a7..dda5b7934e 100644
--- a/m4/curl-compilers.m4
+++ b/m4/curl-compilers.m4
@@ -119,7 +119,7 @@ AC_DEFUN([CURL_CHECK_COMPILER_CLANG], [
     compiler_ver="$clangver"
     compiler_num=`(expr $clangvhi "*" 100 + $clangvlo) 2>/dev/null`
     if test "$appleclang" = '1' && test "$oldapple" = '0'; then
-      dnl Starting with Xcode 7 / clang 3.7, Apple clang won't tell its upstream version
+      dnl Starting with Xcode 7 / clang 3.7, Apple clang does not tell its upstream version
       if   test "$compiler_num" -ge '1700'; then compiler_num='1901'
       elif test "$compiler_num" -ge '1600'; then compiler_num='1700'
       elif test "$compiler_num" -ge '1500'; then compiler_num='1600'
@@ -555,7 +555,7 @@ AC_DEFUN([CURL_SET_COMPILER_BASIC_OPTS], [
         #
       HP_UX_C)
         #
-        dnl Disallow run-time dereferencing of null pointers
+        dnl Disallow runtime dereferencing of null pointers
         tmp_CFLAGS="$tmp_CFLAGS -z"
         dnl Disable some remarks
         dnl #4227: padding struct with n bytes to align member
diff --git a/m4/curl-functions.m4 b/m4/curl-functions.m4
index 3640f0c84e..a9b9ee5844 100644
--- a/m4/curl-functions.m4
+++ b/m4/curl-functions.m4
@@ -3915,7 +3915,7 @@ dnl      char *strerror_r(int errnum, char *workbuf, size_t bufsize);
 dnl
 dnl  glibc-style strerror_r returns a pointer to the error string,
 dnl  and might use the provided workbuf as a scratch area if needed. A
-dnl  quick test on a few systems shows that it's usually not used at all.
+dnl  quick test on a few systems shows that it is usually not used at all.
 dnl
 dnl POSIX-style strerror_r:
 dnl
diff --git a/m4/curl-gnutls.m4 b/m4/curl-gnutls.m4
index e934f870dd..9fa7e24515 100644
--- a/m4/curl-gnutls.m4
+++ b/m4/curl-gnutls.m4
@@ -60,7 +60,7 @@ if test "x$OPT_GNUTLS" != xno; then
         fi
       fi
     else
-      dnl this is with a given path, first check if there's a libgnutls-config
+      dnl this is with a given path, first check if there is a libgnutls-config
       dnl there and if not, make an educated guess
       cfg=$OPT_GNUTLS/bin/libgnutls-config
       check=`$cfg --version 2>/dev/null`
@@ -74,7 +74,7 @@ if test "x$OPT_GNUTLS" != xno; then
         addlib=-lgnutls
         addld=-L$OPT_GNUTLS/lib$libsuff
         addcflags=-I$OPT_GNUTLS/include
-        version="" # we just don't know
+        version="" # we just do not know
         gtlslib=$OPT_GNUTLS/lib$libsuff
       fi
     fi
@@ -117,8 +117,8 @@ if test "x$OPT_GNUTLS" != xno; then
         AC_MSG_NOTICE([detected GnuTLS version $version])
         check_for_ca_bundle=1
         if test -n "$gtlslib"; then
-          dnl when shared libs were found in a path that the run-time
-          dnl linker doesn't search through, we need to add it to
+          dnl when shared libs were found in a path that the runtime
+          dnl linker does not search through, we need to add it to
           dnl CURL_LIBRARY_PATH to prevent further configure tests to fail
           dnl due to this
           if test "x$cross_compiling" != "xyes"; then
diff --git a/m4/curl-mbedtls.m4 b/m4/curl-mbedtls.m4
index 573db4c3ab..93da5b25e0 100644
--- a/m4/curl-mbedtls.m4
+++ b/m4/curl-mbedtls.m4
@@ -92,8 +92,8 @@ if test "x$OPT_MBEDTLS" != xno; then
       LIBS="-lmbedtls -lmbedx509 -lmbedcrypto $LIBS"
 
       if test -n "$mbedtlslib"; then
-        dnl when shared libs were found in a path that the run-time
-        dnl linker doesn't search through, we need to add it to
+        dnl when shared libs were found in a path that the runtime
+        dnl linker does not search through, we need to add it to
         dnl CURL_LIBRARY_PATH to prevent further configure tests to fail
         dnl due to this
         if test "x$cross_compiling" != "xyes"; then
diff --git a/m4/curl-openssl.m4 b/m4/curl-openssl.m4
index c34268ca94..b9b93e2ea0 100644
--- a/m4/curl-openssl.m4
+++ b/m4/curl-openssl.m4
@@ -76,7 +76,7 @@ if test "x$OPT_OPENSSL" != xno; then
       PREFIX_OPENSSL=$OPT_OPENSSL
 
       dnl Try pkg-config even when cross-compiling.  Since we
-      dnl specify PKG_CONFIG_LIBDIR we're only looking where
+      dnl specify PKG_CONFIG_LIBDIR we are only looking where
       dnl the user told us to look
       OPENSSL_PCDIR="$OPT_OPENSSL/lib/pkgconfig"
       if test -f "$OPENSSL_PCDIR/openssl.pc"; then
@@ -132,9 +132,9 @@ if test "x$OPT_OPENSSL" != xno; then
       dnl use the values pkg-config reported.  This is here
       dnl instead of below with CPPFLAGS and LDFLAGS because we only
       dnl learn about this via pkg-config.  If we only have
-      dnl the argument to --with-openssl we don't know what
+      dnl the argument to --with-openssl we do not know what
       dnl additional libs may be necessary.  Hope that we
-      dnl don't need any.
+      dnl do not need any.
       LIBS="$SSL_LIBS $LIBS"
     fi
   fi
@@ -153,7 +153,7 @@ if test "x$OPT_OPENSSL" != xno; then
       LDFLAGSPC="$CLEANLDFLAGSPC -L$LIB_OPENSSL"
     fi
     if test "$PKGCONFIG" = "no" -a -n "$PREFIX_OPENSSL" ; then
-      # only set this if pkg-config wasn't used
+      # only set this if pkg-config was not used
       CPPFLAGS="$CLEANCPPFLAGS -I$PREFIX_OPENSSL/include"
     fi
     # Linking previously failed, try extra paths from --with-openssl or
@@ -316,8 +316,8 @@ if test "x$OPT_OPENSSL" != xno; then
 
   if test "$OPENSSL_ENABLED" = "1"; then
     if test -n "$LIB_OPENSSL"; then
-      dnl when the ssl shared libs were found in a path that the run-time
-      dnl linker doesn't search through, we need to add it to CURL_LIBRARY_PATH
+      dnl when the ssl shared libs were found in a path that the runtime
+      dnl linker does not search through, we need to add it to CURL_LIBRARY_PATH
       dnl to prevent further configure tests to fail due to this
       if test "x$cross_compiling" != "xyes"; then
         CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$LIB_OPENSSL"
@@ -391,7 +391,7 @@ AS_HELP_STRING([--enable-openssl-auto-load-config],[Enable automatic loading of
 AS_HELP_STRING([--disable-openssl-auto-load-config],[Disable automatic loading of OpenSSL configuration]),
   [ if test X"$enableval" = X"no"; then
       AC_MSG_NOTICE([automatic loading of OpenSSL configuration disabled])
-      AC_DEFINE(CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG, 1, [if the OpenSSL configuration won't be loaded automatically])
+      AC_DEFINE(CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG, 1, [if the OpenSSL configuration will not be loaded automatically])
     fi
   ])
 
diff --git a/m4/curl-override.m4 b/m4/curl-override.m4
index e36c0c6c74..e84b4ca5fa 100644
--- a/m4/curl-override.m4
+++ b/m4/curl-override.m4
@@ -42,7 +42,7 @@ AC_BEFORE([$0],[AC_PROG_LIBTOOL])
 dnl Override Autoconf's AC_LANG_PROGRAM (C)
 dnl -------------------------------------------------
 dnl This is done to prevent compiler warning
-dnl 'function declaration isn't a prototype'
+dnl 'function declaration is not a prototype'
 dnl in function main. This requires at least
 dnl a C89 compiler and does not support K&R.
 
diff --git a/m4/curl-reentrant.m4 b/m4/curl-reentrant.m4
index 95e539c152..5141622aef 100644
--- a/m4/curl-reentrant.m4
+++ b/m4/curl-reentrant.m4
@@ -359,7 +359,7 @@ _EOF
 dnl CURL_CONFIGURE_REENTRANT
 dnl -------------------------------------------------
 dnl This first checks if the preprocessor _REENTRANT
-dnl symbol is already defined. If it isn't currently
+dnl symbol is already defined. If it is not currently
 dnl defined a set of checks are performed to verify
 dnl if its definition is required to make visible to
 dnl the compiler a set of *_r functions. Finally, if
@@ -421,7 +421,7 @@ AC_DEFUN([CURL_CONFIGURE_REENTRANT], [
 dnl CURL_CONFIGURE_THREAD_SAFE
 dnl -------------------------------------------------
 dnl This first checks if the preprocessor _THREAD_SAFE
-dnl symbol is already defined. If it isn't currently
+dnl symbol is already defined. If it is not currently
 dnl defined a set of checks are performed to verify
 dnl if its definition is required. Finally, if
 dnl _THREAD_SAFE is already defined or needed it takes
diff --git a/m4/curl-rustls.m4 b/m4/curl-rustls.m4
index 8abcc6544b..7b7e997524 100644
--- a/m4/curl-rustls.m4
+++ b/m4/curl-rustls.m4
@@ -127,9 +127,9 @@ if test "x$OPT_RUSTLS" != xno; then
       dnl use the values pkg-config reported.  This is here
       dnl instead of below with CPPFLAGS and LDFLAGS because we only
       dnl learn about this via pkg-config.  If we only have
-      dnl the argument to --with-rustls we don't know what
+      dnl the argument to --with-rustls we do not know what
       dnl additional libs may be necessary.  Hope that we
-      dnl don't need any.
+      dnl do not need any.
       LIBS="$SSL_LIBS $LIBS"
       link_pkgconfig=1
       ssl_msg="Rustls"
@@ -157,7 +157,7 @@ if test "x$OPT_RUSTLS" != xno; then
     check_for_ca_bundle=1
 
     if test -n "$LIB_RUSTLS"; then
-      dnl when shared libs were found in a path that the run-time
+      dnl when shared libs were found in a path that the runtime
       dnl linker does not search through, we need to add it to
       dnl CURL_LIBRARY_PATH so that further configure tests do not
       dnl fail due to this
diff --git a/m4/curl-wolfssl.m4 b/m4/curl-wolfssl.m4
index e2c58a94af..0eba972b63 100644
--- a/m4/curl-wolfssl.m4
+++ b/m4/curl-wolfssl.m4
@@ -51,7 +51,7 @@ if test "x$OPT_WOLFSSL" != xno; then
 
     dnl try pkg-config magic
     CURL_CHECK_PKGCONFIG(wolfssl, [$wolfpkg])
-    AC_MSG_NOTICE([Check dir $wolfpkg])
+    AC_MSG_NOTICE([Check directory $wolfpkg])
 
     addld=""
     addlib=""
@@ -160,8 +160,8 @@ if test "x$OPT_WOLFSSL" != xno; then
       fi
 
       if test -n "$wolfssllibpath"; then
-        dnl when shared libs were found in a path that the run-time
-        dnl linker doesn't search through, we need to add it to
+        dnl when shared libs were found in a path that the runtime
+        dnl linker does not search through, we need to add it to
         dnl CURL_LIBRARY_PATH to prevent further configure tests to fail
         dnl due to this
         if test "x$cross_compiling" != "xyes"; then
@@ -172,7 +172,7 @@ if test "x$OPT_WOLFSSL" != xno; then
       fi
       LIBCURL_PC_REQUIRES_PRIVATE="$LIBCURL_PC_REQUIRES_PRIVATE wolfssl"
     else
-      AC_MSG_ERROR([--with-wolfssl but wolfSSL was not found or doesn't work])
+      AC_MSG_ERROR([--with-wolfssl but wolfSSL was not found or does not work])
     fi
 
   fi dnl wolfSSL not disabled
diff --git a/m4/xc-val-flgs.m4 b/m4/xc-val-flgs.m4
index e2225c2e57..4715163c9e 100644
--- a/m4/xc-val-flgs.m4
+++ b/m4/xc-val-flgs.m4
@@ -226,7 +226,7 @@ dnl script might have set. When checks fails, user
 dnl is noticed about errors detected in all of them
 dnl but script continues execution.
 dnl
-dnl Intended to be used very late in configure script.
+dnl Intended to be used late in configure script.
 
 AC_DEFUN([XC_CHECK_BUILD_FLAGS], [
   AC_PREREQ([2.50])dnl
diff --git a/m4/zz40-xc-ovr.m4 b/m4/zz40-xc-ovr.m4
index 6faa94e43e..5389a45561 100644
--- a/m4/zz40-xc-ovr.m4
+++ b/m4/zz40-xc-ovr.m4
@@ -448,7 +448,7 @@ dnl -------------------------------------------------
 dnl Public macro.
 dnl
 dnl This macro emits shell code which does some
-dnl very basic checks related with the availability
+dnl basic checks related with the availability
 dnl of some commands and utilities needed to allow
 dnl configure script bootstrapping itself when using
 dnl these to figure out other settings. Also emits
@@ -602,7 +602,7 @@ dnl overrides the auto-detected one.
 dnl
 dnl Strictly speaking the check is done in two steps. The
 dnl first, which does the actual check, takes place in
-dnl XC_CONFIGURE_PREAMBLE macro and happens very early in
+dnl XC_CONFIGURE_PREAMBLE macro and happens early in
 dnl generated configure script. The second one shows and
 dnl logs the result of the check into config.log at a later
 dnl configure stage. Placement of this second stage in
diff --git a/m4/zz50-xc-ovr.m4 b/m4/zz50-xc-ovr.m4
index 735df2f59b..1a1e4a0177 100644
--- a/m4/zz50-xc-ovr.m4
+++ b/m4/zz50-xc-ovr.m4
@@ -35,7 +35,7 @@ dnl -------------------------------------------------
 dnl This is done to prevent Libtool 1.5.X from doing
 dnl unnecessary C++, Fortran and Java tests when only
 dnl using C language and reduce resulting configure
-dnl script by nearly 300 Kb.
+dnl script by nearly 300 KB.
 
 m4_ifdef([AC_LIBTOOL_LANG_CXX_CONFIG],
   [m4_undefine([AC_LIBTOOL_LANG_CXX_CONFIG])])
diff --git a/packages/OS400/os400sys.c b/packages/OS400/os400sys.c
index 40eca6edc2..4d31d3827c 100644
--- a/packages/OS400/os400sys.c
+++ b/packages/OS400/os400sys.c
@@ -702,7 +702,7 @@ Curl_ldap_get_values_len_a(void *ld, LDAPMessage *entry, const char *attr)
   result = ldap_get_values_len(ld, entry, cp);
   free(cp);
 
-  /* Result data are binary in nature, so they haven't been
+  /* Result data are binary in nature, so they have not been
      converted to EBCDIC. Therefore do not convert. */
 
   return result;
diff --git a/packages/vms/build_vms.com b/packages/vms/build_vms.com
index e8bbee86b4..7ce3617805 100644
--- a/packages/vms/build_vms.com
+++ b/packages/vms/build_vms.com
@@ -1,6 +1,6 @@
 $! BUILD_VMS.COM
 $!
-$! I've taken the original build_vms.com, supplied by Nico Baggus, if
+$! I have taken the original build_vms.com, supplied by Nico Baggus, if
 $! memory serves me correctly, and made some modifications.
 $!
 $! SSL support is controlled by logical names.  If SSL$INCLUDE is
@@ -45,14 +45,14 @@ $!    LIST      Create C compiler listings and linker maps.
 $!                 /list/show=(expan,includ)/machine
 $!    FULLLIST  Full detailed listing.
 $!                 /list/show=(all, nomessages)/machine
-$!    NOHPSSL   Don't use HP SSL, even if available.
+$!    NOHPSSL   Do not use HP SSL, even if available.
 $!              Note, you must match the pointer size that the OpenSSL
 $!              shared image expects.  This procedure will select the
 $!              correct HP OpenSSL image.
-$!    NOSSL     Don't use any SSL, even if available.
+$!    NOSSL     Do not use any SSL, even if available.
 $!    OSSLOLB   Use OpenSSL object libraries (.OLB), even if shared
 $!              images (.EXE) are available.
-$!    NOZLIB    Don't use GNV$ZLIB shared image even if available.
+$!    NOZLIB    Do not use GNV$ZLIB shared image even if available.
 $!    REALCLEAN Delete product files for all host architectures.  (No
 $!              build done.)  Alias for CLEAN_ALL
 $!
diff --git a/packages/vms/curl_crtl_init.c b/packages/vms/curl_crtl_init.c
index 1c21f1e881..d6500c08cd 100644
--- a/packages/vms/curl_crtl_init.c
+++ b/packages/vms/curl_crtl_init.c
@@ -236,7 +236,7 @@ static void set_features(void)
   set_feature_default("DECC$EXEC_FILEATTR_INHERITANCE", 2);
 #endif
 
-  /* Don't display trailing dot after files without type */
+  /* Do not display trailing dot after files without type */
   set_feature_default("DECC$READDIR_DROPDOTNOTYPE", ENABLE);
 
   /* For standard output channels buffer output until terminator */
diff --git a/scripts/mk-ca-bundle.pl b/scripts/mk-ca-bundle.pl
index e43463c27a..d52edbe734 100755
--- a/scripts/mk-ca-bundle.pl
+++ b/scripts/mk-ca-bundle.pl
@@ -91,7 +91,7 @@ my @valid_mozilla_trust_purposes = (
 
 my @valid_mozilla_trust_levels = (
     "TRUSTED_DELEGATOR",    # CAs
-    "NOT_TRUSTED",          # Don't trust these certs.
+    "NOT_TRUSTED",          # Do not trust these certs.
     "MUST_VERIFY_TRUST",    # This explicitly tells us that it IS NOT a CA but is
                             # otherwise ok. In other words, this should tell the
                             # app to ignore any other sources that claim this is
diff --git a/src/tool_parsecfg.c b/src/tool_parsecfg.c
index 5fce4e24d1..53b63746b5 100644
--- a/src/tool_parsecfg.c
+++ b/src/tool_parsecfg.c
@@ -54,7 +54,7 @@ static int unslashquote(const char *line, struct dynbuf *param)
       /* default is to output the letter after the backslash */
       switch(out = *line) {
       case '\0':
-        continue; /* this'll break out of the loop */
+        continue; /* this breaks out of the loop */
       case 't':
         out = '\t';
         break;
diff --git a/tests/data/test1425 b/tests/data/test1425
index 51a38cc01c..b8b8d0eaa5 100644
--- a/tests/data/test1425
+++ b/tests/data/test1425
@@ -69,7 +69,7 @@ Content-Type: text/html
 Funny-head: yesyes
 
 
-# 23 == CURLE_WRITE_ERROR, curl wouldn't accept the binary output
+# 23 == CURLE_WRITE_ERROR, curl would not accept the binary output
 
 23
 
diff --git a/tests/data/test1516 b/tests/data/test1516
index 226b8d3c9d..54c8e5af5b 100644
--- a/tests/data/test1516
+++ b/tests/data/test1516
@@ -11,7 +11,7 @@ resolve
 
 
 # Close the connection after the first request but do not tell the client to do
-# so! When starting the second request it'll detect a dead connection and must
+# so! When starting the second request it detects a dead connection and must
 # not clean the DNS entries added manually.
 
 HTTP/1.1 200 OK
diff --git a/tests/data/test1566 b/tests/data/test1566
index ba1b609a0e..4990221315 100644
--- a/tests/data/test1566
+++ b/tests/data/test1566
@@ -29,7 +29,7 @@ Content-Type: text/html
 http
 
 
---etag-compare that gets a 304 back shouldn't overwrite the file
+--etag-compare that gets a 304 back should not overwrite the file
 
 
 http://%HOSTIP:%HTTPPORT/%TESTNUMBER -o %LOGDIR/output%TESTNUMBER --etag-compare %LOGDIR/etag%TESTNUMBER
diff --git a/tests/data/test555 b/tests/data/test555
index 1d42c8da2f..738f96f16f 100644
--- a/tests/data/test555
+++ b/tests/data/test555
@@ -1,6 +1,6 @@
 
 # NOTE: this test case is a duplicate of 547 but the tool is built to use the
-# multi interface instead of easy, but that shouldn't be noticeable at all in
+# multi interface instead of easy, but that should not be noticeable at all in
 # this file!
 
 
diff --git a/tests/dictserver.py b/tests/dictserver.py
index 3ecb86785d..41143d6f71 100755
--- a/tests/dictserver.py
+++ b/tests/dictserver.py
@@ -140,7 +140,7 @@ def setup_logging(options):
         handler.setLevel(logging.DEBUG)
         root_logger.addHandler(handler)
     else:
-        # The logfile wasn't specified. Add a stdout logger.
+        # The logfile was not specified. Add a stdout logger.
         add_stdout = True
 
     if options.verbose:
diff --git a/tests/ftpserver.pl b/tests/ftpserver.pl
index 0ca3ac5281..74c7ec4fa9 100755
--- a/tests/ftpserver.pl
+++ b/tests/ftpserver.pl
@@ -34,8 +34,8 @@
 # It is meant to exercise curl, it is not meant to be a fully working
 # or even overly standard compliant server.
 #
-# You may optionally specify port on the command line, otherwise it'll
-# default to port 8921.
+# You may optionally specify port on the command line, otherwise it
+# defaults to port 8921.
 #
 # All socket/network/TCP related stuff is done by the 'sockfilt' program.
 #
@@ -989,7 +989,7 @@ sub DATA_smtp {
         }
 
         if($nosave) {
-            print $file "$ulsize bytes would've been stored here\n";
+            print $file "$ulsize bytes would have been stored here\n";
         }
 
         close($file);
@@ -1336,7 +1336,7 @@ sub APPEND_imap {
         }
 
         if($nosave) {
-            print $file "$size bytes would've been stored here\n";
+            print $file "$size bytes would have been stored here\n";
         }
 
         close($file);
@@ -2439,7 +2439,7 @@ sub STOR_ftp {
         }
     }
     if($nosave) {
-        print $file "$ulsize bytes would've been stored here\n";
+        print $file "$ulsize bytes would have been stored here\n";
     }
     close($file);
     close_dataconn($disc);
@@ -3342,7 +3342,7 @@ while(1) {
         }
 
         if($check) {
-            logmsg "$FTPCMD wasn't handled!\n";
+            logmsg "$FTPCMD was not handled!\n";
             if($proto eq 'pop3') {
                 sendcontrol "-ERR $FTPCMD is not dealt with!\r\n";
             }
diff --git a/tests/getpart.pm b/tests/getpart.pm
index ba611d761f..7fa703d0b1 100644
--- a/tests/getpart.pm
+++ b/tests/getpart.pm
@@ -115,7 +115,7 @@ sub getpartattr {
             }
             last;
         }
-        # detect end of section when part wasn't found
+        # detect end of section when part was not found
         elsif((1 ==$inside) && ($_ =~ /^ *\<\/$section\>/)) {
             last;
         }
@@ -242,7 +242,7 @@ sub loadtest {
     else {
         # failure
         if($warning) {
-            print STDERR "file $file wouldn't open!\n";
+            print STDERR "file $file would not open!\n";
         }
         return 1;
     }
@@ -310,7 +310,7 @@ sub savetest {
     else {
         # failure
         if($warning) {
-            print STDERR "file $file wouldn't open!\n";
+            print STDERR "file $file would not open!\n";
         }
         return 1;
     }
diff --git a/tests/libtest/lib1308.c b/tests/libtest/lib1308.c
index b859d4da5f..6f7b9c264e 100644
--- a/tests/libtest/lib1308.c
+++ b/tests/libtest/lib1308.c
@@ -58,7 +58,7 @@ static CURLcode test_lib1308(const char *URL)
 
   /* after the first curl_formadd when there is a single entry, both pointers
      should point to the same struct */
-  t1308_fail_unless(post == last, "post and last weren't the same");
+  t1308_fail_unless(post == last, "post and last were not the same");
 
   rc = curl_formadd(&post, &last, CURLFORM_COPYNAME, "htmlcode",
                     CURLFORM_COPYCONTENTS, "",
diff --git a/tests/libtest/lib557.c b/tests/libtest/lib557.c
index 42602eeeeb..38d93a687e 100644
--- a/tests/libtest/lib557.c
+++ b/tests/libtest/lib557.c
@@ -1108,7 +1108,7 @@ static int test_curl_off_t_formatting(void)
 static int string_check_low(int linenumber, char *buf, const char *buf2)
 {
   if(strcmp(buf, buf2)) {
-    /* they shouldn't differ */
+    /* they should not differ */
     curl_mprintf("sprintf line %d failed:\nwe      '%s'\nsystem: '%s'\n",
                  linenumber, buf, buf2);
     return 1;
@@ -1121,7 +1121,7 @@ static int strlen_check_low(int linenumber, char *buf, size_t len)
 {
   size_t buflen = strlen(buf);
   if(len != buflen) {
-    /* they shouldn't differ */
+    /* they should not differ */
     curl_mprintf("sprintf strlen:%d failed:\nwe '%zu'\nsystem: '%zu'\n",
                  linenumber, buflen, len);
     return 1;
diff --git a/tests/libtest/lib560.c b/tests/libtest/lib560.c
index bbdb7990e4..45f137aabe 100644
--- a/tests/libtest/lib560.c
+++ b/tests/libtest/lib560.c
@@ -30,7 +30,7 @@
  *
  * This test was added after the HTTPS-using-multi-interface with OpenSSL
  * regression of 7.19.1 to hopefully prevent this embarrassing mistake from
- * appearing again... Unfortunately the bug wasn't triggered by this test,
+ * appearing again... Unfortunately the bug was not triggered by this test,
  * which presumably is because the connect to a local server is too
  * fast/different compared to the real/distant servers we saw the bug happen
  * with.
diff --git a/tests/negtelnetserver.py b/tests/negtelnetserver.py
index 61bc1d0359..f671907ae6 100755
--- a/tests/negtelnetserver.py
+++ b/tests/negtelnetserver.py
@@ -323,7 +323,7 @@ def setup_logging(options):
         handler.setLevel(logging.DEBUG)
         root_logger.addHandler(handler)
     else:
-        # The logfile wasn't specified. Add a stdout logger.
+        # The logfile was not specified. Add a stdout logger.
         add_stdout = True
 
     if options.verbose:
diff --git a/tests/processhelp.pm b/tests/processhelp.pm
index 8c436d5eab..80b961159f 100644
--- a/tests/processhelp.pm
+++ b/tests/processhelp.pm
@@ -317,7 +317,7 @@ sub processexists {
 
 #######################################################################
 # killpid attempts to gracefully stop processes in the given pid list
-# with a SIGTERM signal and SIGKILLs those which haven't died on time.
+# with a SIGTERM signal and SIGKILLs those which have not died on time.
 #
 sub killpid {
     my ($verbose, $pidlist) = @_;
diff --git a/tests/runtests.pl b/tests/runtests.pl
index 192c92a641..354be91f08 100755
--- a/tests/runtests.pl
+++ b/tests/runtests.pl
@@ -242,7 +242,7 @@ sub singletest_unbufferlogs {
 # Clear the buffered log messages & stop buffering after returning them
 sub singletest_dumplogs {
     if(!defined $singletest_bufferedrunner) {
-        # probably not multiprocess mode and logs weren't buffered
+        # probably not multiprocess mode and logs were not buffered
         return undef;
     }
     my $logsref = $singletest_logs{$singletest_bufferedrunner};
diff --git a/tests/server/sockfilt.c b/tests/server/sockfilt.c
index e30f54c415..08ece51ea1 100644
--- a/tests/server/sockfilt.c
+++ b/tests/server/sockfilt.c
@@ -44,7 +44,7 @@
  *
  * o We want FTP-SSL support, which means that a connection that starts with
  *   plain sockets needs to be able to "go SSL" in the midst. This would also
- *   require some nasty perl stuff I'd rather avoid.
+ *   require some nasty perl stuff I would rather avoid.
  *
  * (Source originally based on sws.c)
  */
diff --git a/tests/server/tftpd.c b/tests/server/tftpd.c
index a701f223c5..dd7291c7ce 100644
--- a/tests/server/tftpd.c
+++ b/tests/server/tftpd.c
@@ -148,7 +148,7 @@ struct bf {
   tftphdr_storage_t buf;  /* room for data packet */
 };
 
-#define BF_ALLOC -3       /* alloc'd but not yet filled */
+#define BF_ALLOC -3       /* allocated but not yet filled */
 #define BF_FREE  -2       /* free */
 
 #define opcode_RRQ   1
@@ -417,7 +417,7 @@ static int writeit(struct testcase *test, struct tftphdr * volatile *dpp,
   current = !current;             /* switch to other buffer */
   if(bfs[current].counter != BF_FREE)     /* if not free */
     write_behind(test, convert);          /* flush it */
-  bfs[current].counter = BF_ALLOC;        /* mark as alloc'd */
+  bfs[current].counter = BF_ALLOC;        /* mark as allocated */
   *dpp = &bfs[current].buf.hdr;
   return ct;                      /* this is a lie of course */
 }
diff --git a/tests/smbserver.py b/tests/smbserver.py
index aff9bb067e..397a40e220 100755
--- a/tests/smbserver.py
+++ b/tests/smbserver.py
@@ -76,7 +76,7 @@ class ShutdownHandler(threading.Thread):
         signal.signal(signal.SIGTERM, self._sighandler)
 
     def __exit__(self, *_):
-        # Call for shutdown just in case it wasn't done already
+        # Call for shutdown just in case it was not done already
         self.shutdown_event.set()
         # Wait for thread, and therefore also the server, to finish
         self.join()
@@ -408,7 +408,7 @@ def setup_logging(options):
         handler.setLevel(logging.DEBUG)
         root_logger.addHandler(handler)
     else:
-        # The logfile wasn't specified. Add a stdout logger.
+        # The logfile was not specified. Add a stdout logger.
         add_stdout = True
 
     if options.verbose:
diff --git a/tests/test1173.pl b/tests/test1173.pl
index 493ce37ca7..80b03d8f94 100755
--- a/tests/test1173.pl
+++ b/tests/test1173.pl
@@ -254,7 +254,7 @@ sub scanmanpage {
         if($_ =~ /(.*)\\f([^BIP])/) {
             my ($pre, $format) = ($1, $2);
             if($pre !~ /\\\z/) {
-                # only if there wasn't another backslash before the \f
+                # only if there was not another backslash before the \f
                 print STDERR "$file:$line suspicious \\f format!\n";
                 $errors++;
             }

From 5fa2d8320c4196435c1d554b06dfdcca73824dec Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 21 Oct 2025 11:51:02 +0200
Subject: [PATCH 0897/2408] build: tidy-up MSVC CRT warning suppression macros

- curl_setup.h: replace `_CRT_SECURE_NO_DEPRECATE` with
  `_CRT_SECURE_NO_WARNINGS`, which seems to be the preferred,
  more recent macro for this. Also syncing with libssh2.
  They are equivalent for curl sources with the supported compilers.
- cmake: stop setting `_CRT_SECURE_NO_DEPRECATE` globally for examples.
- examples: suppress CRT deprecation warnings on a per-file basis.
  To make it work when compiling examples out of curl's build systems.
  Use `_CRT_SECURE_NO_WARNINGS`.
- examples: document the functions requiring `_CRT_SECURE_NO_WARNINGS`.
- examples/block_ip: delete superfluous `_CRT_SECURE_NO_WARNINGS`.
- examples/block_ip: limit `_CRT_NONSTDC_NO_DEPRECATE` to MSVC.
- examples/log_failed_transfers: fix to set `_CRT_SECURE_NO_WARNINGS`
  before headers and limit to MSVC.
- curl_setup.h: document which SDKs support `_CRT_NONSTDC_NO_DEPRECATE`.

Closes #19175
---
 docs/examples/CMakeLists.txt         |  3 +--
 docs/examples/anyauthput.c           |  6 ++++++
 docs/examples/block_ip.c             | 10 +++++-----
 docs/examples/chkspeed.c             |  5 +++++
 docs/examples/cookie_interface.c     |  5 +++++
 docs/examples/externalsocket.c       |  3 +++
 docs/examples/fileupload.c           | 11 +++++++++--
 docs/examples/ftp-wildcard.c         |  9 ++++++++-
 docs/examples/ftpget.c               | 13 +++++++++----
 docs/examples/ftpgetinfo.c           | 15 ++++++++++-----
 docs/examples/ftpgetresp.c           | 14 ++++++++++----
 docs/examples/ftpsget.c              | 14 +++++++++-----
 docs/examples/ftpupload.c            | 26 ++++++++++++++++----------
 docs/examples/ftpuploadresume.c      |  6 ++++++
 docs/examples/hsts-preload.c         |  7 +++++++
 docs/examples/http2-download.c       | 14 ++++++++++----
 docs/examples/http2-serverpush.c     | 14 ++++++++++----
 docs/examples/http2-upload.c         | 27 +++++++++++++++++----------
 docs/examples/httpput.c              |  6 ++++++
 docs/examples/log_failed_transfers.c |  9 ++++++---
 docs/examples/sepheaders.c           |  6 ++++++
 docs/examples/sftpget.c              |  5 +++++
 docs/examples/sftpuploadresume.c     |  6 ++++++
 docs/examples/simplessl.c            |  6 ++++++
 docs/examples/synctime.c             |  6 ++++++
 docs/examples/url2file.c             |  6 ++++++
 lib/curl_setup.h                     | 12 ++++++++----
 27 files changed, 201 insertions(+), 63 deletions(-)

diff --git a/docs/examples/CMakeLists.txt b/docs/examples/CMakeLists.txt
index c86e8439fd..31f2808981 100644
--- a/docs/examples/CMakeLists.txt
+++ b/docs/examples/CMakeLists.txt
@@ -83,8 +83,7 @@ foreach(_target IN LISTS COMPLICATED_MAY_BUILD check_PROGRAMS _all)  # keep 'COM
     add_dependencies(curl-examples ${_target_name})
   endif()
   target_link_libraries(${_target_name} ${LIB_SELECTED} ${CURL_NETWORK_AND_TIME_LIBS} ${_more_libs})
-  target_compile_definitions(${_target_name} PRIVATE "CURL_NO_OLDIES"
-    "$<$:WIN32_LEAN_AND_MEAN>" "$<$:_CRT_SECURE_NO_DEPRECATE>")
+  target_compile_definitions(${_target_name} PRIVATE "CURL_NO_OLDIES" "$<$:WIN32_LEAN_AND_MEAN>")
   set_target_properties(${_target_name} PROPERTIES OUTPUT_NAME "${_target}" PROJECT_LABEL "Example ${_target}" UNITY_BUILD OFF)
 endforeach()
 
diff --git a/docs/examples/anyauthput.c b/docs/examples/anyauthput.c
index 12d8de76c9..eb5959ca22 100644
--- a/docs/examples/anyauthput.c
+++ b/docs/examples/anyauthput.c
@@ -26,6 +26,12 @@
  * one the server supports/wants.
  * 
  */
+#ifdef _MSC_VER
+#ifndef _CRT_SECURE_NO_WARNINGS
+#define _CRT_SECURE_NO_WARNINGS  /* for fopen() */
+#endif
+#endif
+
 #include 
 #include 
 #include 
diff --git a/docs/examples/block_ip.c b/docs/examples/block_ip.c
index 290f92a61e..ef7056dc43 100644
--- a/docs/examples/block_ip.c
+++ b/docs/examples/block_ip.c
@@ -34,13 +34,13 @@
 int main(void) { printf("Platform not supported.\n"); return 1; }
 #else
 
-#ifdef _WIN32
-#ifndef _CRT_SECURE_NO_WARNINGS
-#define _CRT_SECURE_NO_WARNINGS
-#endif
+#ifdef _MSC_VER
 #ifndef _CRT_NONSTDC_NO_DEPRECATE
-#define _CRT_NONSTDC_NO_DEPRECATE
+#define _CRT_NONSTDC_NO_DEPRECATE  /* for strdup() */
 #endif
+#endif
+
+#ifdef _WIN32
 #if !defined(_WIN32_WINNT) || _WIN32_WINNT < 0x0600
 #undef _WIN32_WINNT
 #define _WIN32_WINNT 0x0600  /* Requires Windows Vista */
diff --git a/docs/examples/chkspeed.c b/docs/examples/chkspeed.c
index ea71e6ad70..962180a560 100644
--- a/docs/examples/chkspeed.c
+++ b/docs/examples/chkspeed.c
@@ -34,6 +34,11 @@
  * dd if=/dev/urandom of=file_1M.bin bs=1M count=1
  *
  */
+#ifdef _MSC_VER
+#ifndef _CRT_SECURE_NO_WARNINGS
+#define _CRT_SECURE_NO_WARNINGS  /* for ctime() */
+#endif
+#endif
 
 #include 
 #include 
diff --git a/docs/examples/cookie_interface.c b/docs/examples/cookie_interface.c
index 4eee1a605d..a031380f12 100644
--- a/docs/examples/cookie_interface.c
+++ b/docs/examples/cookie_interface.c
@@ -25,6 +25,11 @@
  * Import and export cookies with COOKIELIST.
  * 
  */
+#ifdef _MSC_VER
+#ifndef _CRT_SECURE_NO_WARNINGS
+#define _CRT_SECURE_NO_WARNINGS  /* for _snprintf() */
+#endif
+#endif
 
 #include 
 #include 
diff --git a/docs/examples/externalsocket.c b/docs/examples/externalsocket.c
index 6cab781a46..11fedb07a2 100644
--- a/docs/examples/externalsocket.c
+++ b/docs/examples/externalsocket.c
@@ -26,6 +26,9 @@
  * 
  */
 #ifdef _MSC_VER
+#ifndef _CRT_SECURE_NO_WARNINGS
+#define _CRT_SECURE_NO_WARNINGS  /* for strerror() */
+#endif
 #ifndef _WINSOCK_DEPRECATED_NO_WARNINGS
 #define _WINSOCK_DEPRECATED_NO_WARNINGS  /* for inet_addr() */
 #endif
diff --git a/docs/examples/fileupload.c b/docs/examples/fileupload.c
index fa9de2aa4f..da69e4a8ea 100644
--- a/docs/examples/fileupload.c
+++ b/docs/examples/fileupload.c
@@ -25,10 +25,17 @@
  * Upload to a file:// URL
  * 
  */
+#ifdef _MSC_VER
+#ifndef _CRT_SECURE_NO_WARNINGS
+#define _CRT_SECURE_NO_WARNINGS  /* for fopen() */
+#endif
+#endif
+
 #include 
-#include 
-#include 
 #include 
+#include 
+
+#include 
 
 #ifdef _WIN32
 #undef stat
diff --git a/docs/examples/ftp-wildcard.c b/docs/examples/ftp-wildcard.c
index 79386f9834..3bd2f69083 100644
--- a/docs/examples/ftp-wildcard.c
+++ b/docs/examples/ftp-wildcard.c
@@ -25,9 +25,16 @@
  * FTP wildcard pattern matching
  * 
  */
-#include 
+#ifdef _MSC_VER
+#ifndef _CRT_SECURE_NO_WARNINGS
+#define _CRT_SECURE_NO_WARNINGS  /* for fopen() */
+#endif
+#endif
+
 #include 
 
+#include 
+
 struct callback_data {
   FILE *output;
 };
diff --git a/docs/examples/ftpget.c b/docs/examples/ftpget.c
index 391324bf64..f57974de1f 100644
--- a/docs/examples/ftpget.c
+++ b/docs/examples/ftpget.c
@@ -21,14 +21,19 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-#include 
-
-#include 
-
 /* 
  * Get a single file from an FTP server.
  * 
  */
+#ifdef _MSC_VER
+#ifndef _CRT_SECURE_NO_WARNINGS
+#define _CRT_SECURE_NO_WARNINGS  /* for fopen() */
+#endif
+#endif
+
+#include 
+
+#include 
 
 struct FtpFile {
   const char *filename;
diff --git a/docs/examples/ftpgetinfo.c b/docs/examples/ftpgetinfo.c
index 549d3003a8..105bc60855 100644
--- a/docs/examples/ftpgetinfo.c
+++ b/docs/examples/ftpgetinfo.c
@@ -21,15 +21,20 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-#include 
-#include 
-
-#include 
-
 /* 
  * Checks a single file's size and mtime from an FTP server.
  * 
  */
+#ifdef _MSC_VER
+#ifndef _CRT_SECURE_NO_WARNINGS
+#define _CRT_SECURE_NO_WARNINGS  /* for fopen() */
+#endif
+#endif
+
+#include 
+#include 
+
+#include 
 
 static size_t throw_away(void *ptr, size_t size, size_t nmemb, void *data)
 {
diff --git a/docs/examples/ftpgetresp.c b/docs/examples/ftpgetresp.c
index 6dce4ab749..eec727bf94 100644
--- a/docs/examples/ftpgetresp.c
+++ b/docs/examples/ftpgetresp.c
@@ -21,15 +21,21 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-#include 
-
-#include 
-
 /* 
  * Similar to ftpget.c but also stores the received response-lines
  * in a separate file using our own callback!
  * 
  */
+#ifdef _MSC_VER
+#ifndef _CRT_SECURE_NO_WARNINGS
+#define _CRT_SECURE_NO_WARNINGS  /* for fopen() */
+#endif
+#endif
+
+#include 
+
+#include 
+
 static size_t write_response(void *ptr, size_t size, size_t nmemb, void *data)
 {
   FILE *writehere = (FILE *)data;
diff --git a/docs/examples/ftpsget.c b/docs/examples/ftpsget.c
index f39046885e..22c94b8e93 100644
--- a/docs/examples/ftpsget.c
+++ b/docs/examples/ftpsget.c
@@ -21,15 +21,19 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
-#include 
-
-#include 
-
 /* 
  * Get a single file from an FTPS server.
  * 
  */
+#ifdef _MSC_VER
+#ifndef _CRT_SECURE_NO_WARNINGS
+#define _CRT_SECURE_NO_WARNINGS  /* for fopen() */
+#endif
+#endif
+
+#include 
+
+#include 
 
 struct FtpFile {
   const char *filename;
diff --git a/docs/examples/ftpupload.c b/docs/examples/ftpupload.c
index b334ad3273..0a241db21c 100644
--- a/docs/examples/ftpupload.c
+++ b/docs/examples/ftpupload.c
@@ -21,14 +21,26 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
+/* 
+ * Performs an FTP upload and renames the file just after a successful
+ * transfer.
+ * 
+ */
+#ifdef _MSC_VER
+#ifndef _CRT_SECURE_NO_WARNINGS
+#define _CRT_SECURE_NO_WARNINGS  /* for fopen(), strerror() */
+#endif
+#endif
+
 #include 
 #include 
+#include 
+#include 
+#include 
+#include 
 
 #include 
-#include 
-#include 
-#include 
-#include 
+
 #ifdef _WIN32
 #include 
 #undef stat
@@ -40,12 +52,6 @@
 #include 
 #endif
 
-/* 
- * Performs an FTP upload and renames the file just after a successful
- * transfer.
- * 
- */
-
 #define LOCAL_FILE      "/tmp/uploadthis.txt"
 #define UPLOAD_FILE_AS  "while-uploading.txt"
 #define REMOTE_URL      "ftp://example.com/"  UPLOAD_FILE_AS
diff --git a/docs/examples/ftpuploadresume.c b/docs/examples/ftpuploadresume.c
index b86c23ab86..a9af3f12cd 100644
--- a/docs/examples/ftpuploadresume.c
+++ b/docs/examples/ftpuploadresume.c
@@ -25,9 +25,15 @@
  * Upload to FTP, resuming failed transfers. Active mode.
  * 
  */
+#ifdef _MSC_VER
+#ifndef _CRT_SECURE_NO_WARNINGS
+#define _CRT_SECURE_NO_WARNINGS  /* for fopen(), sscanf() */
+#endif
+#endif
 
 #include 
 #include 
+
 #include 
 
 /* parse headers for Content-Length */
diff --git a/docs/examples/hsts-preload.c b/docs/examples/hsts-preload.c
index a775ec9778..ad71c62cad 100644
--- a/docs/examples/hsts-preload.c
+++ b/docs/examples/hsts-preload.c
@@ -25,8 +25,15 @@
  * Preload domains to HSTS
  * 
  */
+#ifdef _MSC_VER
+#ifndef _CRT_SECURE_NO_WARNINGS
+#define _CRT_SECURE_NO_WARNINGS  /* for strcpy() */
+#endif
+#endif
+
 #include 
 #include 
+
 #include 
 
 struct entry {
diff --git a/docs/examples/http2-download.c b/docs/examples/http2-download.c
index e58742e59c..2caeaba512 100644
--- a/docs/examples/http2-download.c
+++ b/docs/examples/http2-download.c
@@ -25,15 +25,17 @@
  * Multiplexed HTTP/2 downloads over a single connection
  * 
  */
+#ifdef _MSC_VER
+#ifndef _CRT_SECURE_NO_WARNINGS
+#define _CRT_SECURE_NO_WARNINGS  /* for _snprintf(), fopen(), strerror() */
+#endif
+#endif
+
 #include 
 #include 
 #include 
 #include 
 
-#if defined(_MSC_VER) && (_MSC_VER < 1900)
-#define snprintf _snprintf
-#endif
-
 /* curl stuff */
 #include 
 
@@ -44,6 +46,10 @@
 #define CURLPIPE_MULTIPLEX 0L
 #endif
 
+#if defined(_MSC_VER) && (_MSC_VER < 1900)
+#define snprintf _snprintf
+#endif
+
 struct transfer {
   FILE *out;
   CURL *curl;
diff --git a/docs/examples/http2-serverpush.c b/docs/examples/http2-serverpush.c
index 8c43075b93..2664158a1f 100644
--- a/docs/examples/http2-serverpush.c
+++ b/docs/examples/http2-serverpush.c
@@ -25,6 +25,12 @@
  * HTTP/2 server push
  * 
  */
+#ifdef _MSC_VER
+#ifndef _CRT_SECURE_NO_WARNINGS
+#define _CRT_SECURE_NO_WARNINGS  /* for _snprintf(), fopen() */
+#endif
+#endif
+
 #include 
 #include 
 #include 
@@ -32,14 +38,14 @@
 /* curl stuff */
 #include 
 
-#if defined(_MSC_VER) && (_MSC_VER < 1900)
-#define snprintf _snprintf
-#endif
-
 #ifndef CURLPIPE_MULTIPLEX
 #error "too old libcurl, cannot do HTTP/2 server push!"
 #endif
 
+#if defined(_MSC_VER) && (_MSC_VER < 1900)
+#define snprintf _snprintf
+#endif
+
 static FILE *out_download;
 
 static void dump(const char *text, unsigned char *ptr, size_t size, char nohex)
diff --git a/docs/examples/http2-upload.c b/docs/examples/http2-upload.c
index 0365d93bc5..e546ded162 100644
--- a/docs/examples/http2-upload.c
+++ b/docs/examples/http2-upload.c
@@ -25,6 +25,13 @@
  * Multiplexed HTTP/2 uploads over a single connection
  * 
  */
+#ifdef _MSC_VER
+#ifndef _CRT_SECURE_NO_WARNINGS
+#define _CRT_SECURE_NO_WARNINGS  /* for '_snprintf(), fopen(), localtime(),
+                                    strerror() */
+#endif
+#endif
+
 #include 
 #include 
 #include 
@@ -38,6 +45,16 @@
 #include 
 #endif
 
+/* curl stuff */
+#include 
+
+#ifndef CURLPIPE_MULTIPLEX
+/* This little trick makes sure that we do not enable pipelining for libcurls
+   old enough to not have this symbol. It is _not_ defined to zero in a recent
+   libcurl header. */
+#define CURLPIPE_MULTIPLEX 0L
+#endif
+
 #ifdef _WIN32
 #undef stat
 #define stat _stat
@@ -50,16 +67,6 @@
 #define snprintf _snprintf
 #endif
 
-/* curl stuff */
-#include 
-
-#ifndef CURLPIPE_MULTIPLEX
-/* This little trick makes sure that we do not enable pipelining for libcurls
-   old enough to not have this symbol. It is _not_ defined to zero in a recent
-   libcurl header. */
-#define CURLPIPE_MULTIPLEX 0L
-#endif
-
 #ifdef _MSC_VER
 #define gettimeofday(a, b) my_gettimeofday((a), (b))
 static int my_gettimeofday(struct timeval *tp, void *tzp)
diff --git a/docs/examples/httpput.c b/docs/examples/httpput.c
index a7fac75b4a..38fb641f52 100644
--- a/docs/examples/httpput.c
+++ b/docs/examples/httpput.c
@@ -25,6 +25,12 @@
  * HTTP PUT with easy interface and read callback
  * 
  */
+#ifdef _MSC_VER
+#ifndef _CRT_SECURE_NO_WARNINGS
+#define _CRT_SECURE_NO_WARNINGS  /* for fopen() */
+#endif
+#endif
+
 #include 
 #include 
 #include 
diff --git a/docs/examples/log_failed_transfers.c b/docs/examples/log_failed_transfers.c
index 23208d232c..a0d209ffc3 100644
--- a/docs/examples/log_failed_transfers.c
+++ b/docs/examples/log_failed_transfers.c
@@ -31,18 +31,21 @@
  * The transfer's log is written to disk only if the transfer fails.
  *
  */
+#ifdef _MSC_VER
+#ifndef _CRT_SECURE_NO_WARNINGS
+#define _CRT_SECURE_NO_WARNINGS  /* for fopen(), strerror(), vsnprintf() */
+#endif
+#endif
 
 #include 
 #include 
 #include 
 #include 
 #include 
+
 #include 
 
 #ifdef _WIN32
-#ifndef _CRT_SECURE_NO_WARNINGS
-#define _CRT_SECURE_NO_WARNINGS
-#endif
 #include 
 #define strcasecmp _stricmp
 #define strncasecmp _strnicmp
diff --git a/docs/examples/sepheaders.c b/docs/examples/sepheaders.c
index 85938dc223..613bc26a3c 100644
--- a/docs/examples/sepheaders.c
+++ b/docs/examples/sepheaders.c
@@ -25,6 +25,12 @@
  * Simple HTTP GET that stores the headers in a separate file
  * 
  */
+#ifdef _MSC_VER
+#ifndef _CRT_SECURE_NO_WARNINGS
+#define _CRT_SECURE_NO_WARNINGS  /* for fopen() */
+#endif
+#endif
+
 #include 
 #include 
 
diff --git a/docs/examples/sftpget.c b/docs/examples/sftpget.c
index 5eaf3416e8..287d5b253e 100644
--- a/docs/examples/sftpget.c
+++ b/docs/examples/sftpget.c
@@ -25,6 +25,11 @@
  * Gets a file using an SFTP URL.
  * 
  */
+#ifdef _MSC_VER
+#ifndef _CRT_SECURE_NO_WARNINGS
+#define _CRT_SECURE_NO_WARNINGS  /* for fopen() */
+#endif
+#endif
 
 #include 
 
diff --git a/docs/examples/sftpuploadresume.c b/docs/examples/sftpuploadresume.c
index 72ae41382c..84bb425549 100644
--- a/docs/examples/sftpuploadresume.c
+++ b/docs/examples/sftpuploadresume.c
@@ -25,9 +25,15 @@
  * Upload to SFTP, resuming a previously aborted transfer.
  * 
  */
+#ifdef _MSC_VER
+#ifndef _CRT_SECURE_NO_WARNINGS
+#define _CRT_SECURE_NO_WARNINGS  /* for fopen() */
+#endif
+#endif
 
 #include 
 #include 
+
 #include 
 
 /* read data to upload */
diff --git a/docs/examples/simplessl.c b/docs/examples/simplessl.c
index cf5477f945..a41a9ac29e 100644
--- a/docs/examples/simplessl.c
+++ b/docs/examples/simplessl.c
@@ -25,6 +25,12 @@
  * Shows HTTPS usage with client certs and optional ssl engine use.
  * 
  */
+#ifdef _MSC_VER
+#ifndef _CRT_SECURE_NO_WARNINGS
+#define _CRT_SECURE_NO_WARNINGS  /* for fopen() */
+#endif
+#endif
+
 #include 
 
 #include 
diff --git a/docs/examples/synctime.c b/docs/examples/synctime.c
index 43fe5d312e..a9a746c30a 100644
--- a/docs/examples/synctime.c
+++ b/docs/examples/synctime.c
@@ -56,6 +56,12 @@
  * This software synchronises your computer clock only when you issue
  * it with --synctime. By default, it only display the webserver's clock.
  */
+#ifdef _MSC_VER
+#ifndef _CRT_SECURE_NO_WARNINGS
+#define _CRT_SECURE_NO_WARNINGS  /* for _snprintf(), fopen(), gmtime(),
+                                    localtime(), sscanf() */
+#endif
+#endif
 
 #include 
 
diff --git a/docs/examples/url2file.c b/docs/examples/url2file.c
index a0523f62db..b4cbe1c7eb 100644
--- a/docs/examples/url2file.c
+++ b/docs/examples/url2file.c
@@ -25,6 +25,12 @@
  * Download a given URL into a local file named page.out.
  * 
  */
+#ifdef _MSC_VER
+#ifndef _CRT_SECURE_NO_WARNINGS
+#define _CRT_SECURE_NO_WARNINGS  /* for fopen() */
+#endif
+#endif
+
 #include 
 #include 
 
diff --git a/lib/curl_setup.h b/lib/curl_setup.h
index bf7030f693..15688aab2c 100644
--- a/lib/curl_setup.h
+++ b/lib/curl_setup.h
@@ -90,11 +90,15 @@
 /* Disable Visual Studio warnings: 4127 "conditional expression is constant" */
 #pragma warning(disable:4127)
 /* Avoid VS2005 and upper complaining about portable C functions. */
-#ifndef _CRT_NONSTDC_NO_DEPRECATE
-#define _CRT_NONSTDC_NO_DEPRECATE  /* for strdup(), write(), etc. */
+#ifndef _CRT_NONSTDC_NO_DEPRECATE  /* mingw-w64 v2+. MS SDK ~10+/~VS2017+. */
+#define _CRT_NONSTDC_NO_DEPRECATE  /* for close(), fileno(), strdup(),
+                                      unlink(), etc. */
 #endif
-#ifndef _CRT_SECURE_NO_DEPRECATE
-#define _CRT_SECURE_NO_DEPRECATE  /* for fopen(), getenv(), etc. */
+#ifndef _CRT_SECURE_NO_WARNINGS
+#define _CRT_SECURE_NO_WARNINGS  /* for __sys_errlist, __sys_nerr, _wfopen(),
+                                    _wopen(), freopen(), getenv(), gmtime(),
+                                    sprintf(), strcpy(), wcscpy(), wcsncpy()
+                                    in tests: localtime(), open(), sscanf() */
 #endif
 #endif /* _MSC_VER */
 

From 0a2618b265c4ae30bd0528718e05cdcea0a9a693 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 17 Nov 2025 22:19:54 +0100
Subject: [PATCH 0898/2408] examples: make functions/data static where missing

Also to avoid compiler warnings on missing declarations.
Missed by CI for these "complicated" examples.

Closes #19579
---
 docs/examples/htmltidy.c          |  5 ++---
 docs/examples/smooth-gtk-thread.c | 18 ++++++++----------
 2 files changed, 10 insertions(+), 13 deletions(-)

diff --git a/docs/examples/htmltidy.c b/docs/examples/htmltidy.c
index 97eff2b45a..de1bd7399e 100644
--- a/docs/examples/htmltidy.c
+++ b/docs/examples/htmltidy.c
@@ -35,7 +35,7 @@
 #include 
 
 /* curl write callback, to fill tidy's input buffer...  */
-uint write_cb(char *in, uint size, uint nmemb, TidyBuffer *out)
+static uint write_cb(char *in, uint size, uint nmemb, TidyBuffer *out)
 {
   uint r;
   r = size * nmemb;
@@ -44,7 +44,7 @@ uint write_cb(char *in, uint size, uint nmemb, TidyBuffer *out)
 }
 
 /* Traverse the document tree */
-void dumpNode(TidyDoc doc, TidyNode tnod, int indent)
+static void dumpNode(TidyDoc doc, TidyNode tnod, int indent)
 {
   TidyNode child;
   for(child = tidyGetChild(tnod); child; child = tidyGetNext(child) ) {
@@ -73,7 +73,6 @@ void dumpNode(TidyDoc doc, TidyNode tnod, int indent)
   }
 }
 
-
 int main(int argc, char **argv)
 {
   CURL *curl;
diff --git a/docs/examples/smooth-gtk-thread.c b/docs/examples/smooth-gtk-thread.c
index 0d1438e7d7..2a3cdbc0ef 100644
--- a/docs/examples/smooth-gtk-thread.c
+++ b/docs/examples/smooth-gtk-thread.c
@@ -45,10 +45,10 @@
 
 #define NUMT 4
 
-pthread_mutex_t lock = PTHREAD_MUTEX_INITIALIZER;
-int j = 0;
-gint num_urls = 9; /* Just make sure this is less than urls[]*/
-const char * const urls[]= {
+static pthread_mutex_t lock = PTHREAD_MUTEX_INITIALIZER;
+static int j = 0;
+static gint num_urls = 9; /* Just make sure this is less than urls[] */
+static const char * const urls[] = {
   "90022",
   "90023",
   "90024",
@@ -60,7 +60,7 @@ const char * const urls[]= {
   "90030"
 };
 
-size_t write_cb(void *ptr, size_t size, size_t nmemb, FILE *stream)
+static size_t write_cb(void *ptr, size_t size, size_t nmemb, FILE *stream)
 {
   return fwrite(ptr, size, nmemb, stream);
 }
@@ -89,7 +89,7 @@ static void run_one(gchar *http, int j)
   }
 }
 
-void *pull_one_url(void *NaN)
+static void *pull_one_url(void *NaN)
 {
   /* protect the reading and increasing of 'j' with a mutex */
   pthread_mutex_lock(&lock);
@@ -109,7 +109,7 @@ void *pull_one_url(void *NaN)
 }
 
 
-gboolean pulse_bar(gpointer data)
+static gboolean pulse_bar(gpointer data)
 {
   gdk_threads_enter();
   gtk_progress_bar_pulse(GTK_PROGRESS_BAR (data));
@@ -121,7 +121,7 @@ gboolean pulse_bar(gpointer data)
   return TRUE;
 }
 
-void *create_thread(void *progress_bar)
+static void *create_thread(void *progress_bar)
 {
   pthread_t tid[NUMT];
   int i;
@@ -155,9 +155,7 @@ void *create_thread(void *progress_bar)
   /* [Un]Comment this out to kill the program rather than pushing close. */
   /* gtk_main_quit(); */
 
-
   return NULL;
-
 }
 
 static gboolean cb_delete(GtkWidget *window, gpointer data)

From 3c7cf8eac3cad4f425cfe7fb487fc6a6f22f6f63 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 17 Nov 2025 23:48:39 +0100
Subject: [PATCH 0899/2408] examples: tidy-up headers and includes

To have a more similar layout across examples.

Closes #19580
---
 docs/examples/address-scope.c           |  1 +
 docs/examples/altsvc.c                  |  1 +
 docs/examples/cacertinmem.c             |  4 +++-
 docs/examples/connect-to.c              |  1 +
 docs/examples/crawler.c                 | 14 ++++++++------
 docs/examples/debug.c                   |  1 +
 docs/examples/default-scheme.c          |  1 +
 docs/examples/evhiperfifo.c             | 14 ++++++++------
 docs/examples/externalsocket.c          |  1 +
 docs/examples/ftp-delete.c              |  7 +++----
 docs/examples/ftpuploadfrommem.c        |  1 +
 docs/examples/getinfo.c                 |  1 +
 docs/examples/getinmemory.c             |  1 -
 docs/examples/getredirect.c             |  1 +
 docs/examples/getreferrer.c             |  1 +
 docs/examples/ghiper.c                  |  5 +++--
 docs/examples/headerapi.c               |  1 +
 docs/examples/hiperfifo.c               | 15 ++++++++-------
 docs/examples/htmltidy.c                |  3 ++-
 docs/examples/htmltitle.cpp             |  2 ++
 docs/examples/http-options.c            |  1 +
 docs/examples/http-post.c               |  1 +
 docs/examples/http2-download.c          |  1 -
 docs/examples/http2-pushinmemory.c      |  1 -
 docs/examples/http2-serverpush.c        |  1 -
 docs/examples/http2-upload.c            |  1 -
 docs/examples/http3-present.c           |  1 +
 docs/examples/http3.c                   |  1 +
 docs/examples/httpcustomheader.c        |  1 +
 docs/examples/httpput-postfields.c      |  1 +
 docs/examples/httpput.c                 |  1 +
 docs/examples/https.c                   |  1 +
 docs/examples/imap-append.c             |  3 +--
 docs/examples/imap-authzid.c            |  3 +--
 docs/examples/imap-copy.c               |  3 +--
 docs/examples/imap-create.c             |  3 +--
 docs/examples/imap-delete.c             |  3 +--
 docs/examples/imap-examine.c            |  3 +--
 docs/examples/imap-fetch.c              |  3 +--
 docs/examples/imap-list.c               |  3 +--
 docs/examples/imap-lsub.c               |  3 +--
 docs/examples/imap-multi.c              |  3 +--
 docs/examples/imap-noop.c               |  3 +--
 docs/examples/imap-search.c             |  3 +--
 docs/examples/imap-ssl.c                |  3 +--
 docs/examples/imap-store.c              |  3 +--
 docs/examples/imap-tls.c                |  3 +--
 docs/examples/interface.c               |  1 +
 docs/examples/ipv6.c                    |  1 +
 docs/examples/keepalive.c               |  1 +
 docs/examples/localport.c               |  1 +
 docs/examples/maxconnects.c             |  1 +
 docs/examples/multi-app.c               |  2 --
 docs/examples/multi-debugcallback.c     |  2 --
 docs/examples/multi-double.c            |  1 -
 docs/examples/multi-event.c             |  4 ++--
 docs/examples/multi-formadd.c           |  6 ++----
 docs/examples/multi-legacy.c            |  2 --
 docs/examples/multi-post.c              |  1 -
 docs/examples/multi-single.c            |  1 -
 docs/examples/multi-uv.c                |  3 ++-
 docs/examples/multithread.c             |  2 ++
 docs/examples/netrc.c                   |  1 +
 docs/examples/parseurl.c                |  1 +
 docs/examples/pop3-authzid.c            |  3 +--
 docs/examples/pop3-dele.c               |  3 +--
 docs/examples/pop3-list.c               |  3 +--
 docs/examples/pop3-multi.c              |  3 +--
 docs/examples/pop3-noop.c               |  3 +--
 docs/examples/pop3-retr.c               |  3 +--
 docs/examples/pop3-ssl.c                |  3 +--
 docs/examples/pop3-stat.c               |  3 +--
 docs/examples/pop3-tls.c                |  3 +--
 docs/examples/pop3-top.c                |  3 +--
 docs/examples/pop3-uidl.c               |  3 +--
 docs/examples/post-callback.c           |  1 +
 docs/examples/postinmemory.c            |  1 +
 docs/examples/postit2-formadd.c         |  2 --
 docs/examples/postit2.c                 |  1 -
 docs/examples/progressfunc.c            |  1 +
 docs/examples/protofeats.c              |  1 +
 docs/examples/resolve.c                 |  1 +
 docs/examples/rtsp-options.c            |  1 +
 docs/examples/sendrecv.c                |  2 +-
 docs/examples/shared-connection-cache.c |  1 +
 docs/examples/simple.c                  |  1 +
 docs/examples/simplepost.c              |  1 +
 docs/examples/smtp-authzid.c            |  3 +--
 docs/examples/smtp-expn.c               |  3 +--
 docs/examples/smtp-mail.c               |  3 +--
 docs/examples/smtp-mime.c               |  3 +--
 docs/examples/smtp-multi.c              |  3 +--
 docs/examples/smtp-ssl.c                |  3 +--
 docs/examples/smtp-tls.c                |  3 +--
 docs/examples/smtp-vrfy.c               |  3 +--
 docs/examples/xmlstream.c               |  2 +-
 96 files changed, 116 insertions(+), 121 deletions(-)

diff --git a/docs/examples/address-scope.c b/docs/examples/address-scope.c
index 82607e2df5..adfcf2789b 100644
--- a/docs/examples/address-scope.c
+++ b/docs/examples/address-scope.c
@@ -26,6 +26,7 @@
  * 
  */
 #include 
+
 #include 
 
 #if !defined(_WIN32) && !defined(MSDOS) && !defined(__AMIGA__)
diff --git a/docs/examples/altsvc.c b/docs/examples/altsvc.c
index 4021c90002..99b92c0157 100644
--- a/docs/examples/altsvc.c
+++ b/docs/examples/altsvc.c
@@ -26,6 +26,7 @@
  * 
  */
 #include 
+
 #include 
 
 int main(void)
diff --git a/docs/examples/cacertinmem.c b/docs/examples/cacertinmem.c
index 15b11a3b61..ed8f40aef4 100644
--- a/docs/examples/cacertinmem.c
+++ b/docs/examples/cacertinmem.c
@@ -30,9 +30,11 @@
 
 #include 
 #include 
-#include 
+
 #include 
 
+#include 
+
 #if defined(__GNUC__) || defined(__clang__)
 #pragma GCC diagnostic ignored "-Woverlength-strings"
 #endif
diff --git a/docs/examples/connect-to.c b/docs/examples/connect-to.c
index b2848772d8..3353c6a6c2 100644
--- a/docs/examples/connect-to.c
+++ b/docs/examples/connect-to.c
@@ -26,6 +26,7 @@
  * 
  */
 #include 
+
 #include 
 
 int main(void)
diff --git a/docs/examples/crawler.c b/docs/examples/crawler.c
index bda931eb13..419ceab26d 100644
--- a/docs/examples/crawler.c
+++ b/docs/examples/crawler.c
@@ -20,25 +20,27 @@
  *
  * SPDX-License-Identifier: curl
  *
- * To compile:
- *   gcc crawler.c $(pkg-config --cflags --libs libxml-2.0 libcurl)
- *
- */
+ ***************************************************************************/
 /* 
  * Web crawler based on curl and libxml2 to stress-test curl with
  * hundreds of concurrent connections to various servers.
  * 
  */
-
+/*
+ * To compile:
+ *   gcc crawler.c $(pkg-config --cflags --libs libxml-2.0 libcurl)
+ */
 #include 
 #include 
 #include 
-#include 
+
 #include 
 #include 
 #include 
 #include 
 
+#include 
+
 /* Parameters */
 static int max_con = 200;
 static int max_total = 20000;
diff --git a/docs/examples/debug.c b/docs/examples/debug.c
index 5df7aae90f..ff59d9c8ab 100644
--- a/docs/examples/debug.c
+++ b/docs/examples/debug.c
@@ -26,6 +26,7 @@
  * 
  */
 #include 
+
 #include 
 
 struct data {
diff --git a/docs/examples/default-scheme.c b/docs/examples/default-scheme.c
index b4ea5fa3bf..db50636107 100644
--- a/docs/examples/default-scheme.c
+++ b/docs/examples/default-scheme.c
@@ -26,6 +26,7 @@
  * 
  */
 #include 
+
 #include 
 
 int main(void)
diff --git a/docs/examples/evhiperfifo.c b/docs/examples/evhiperfifo.c
index 21f188549b..b6b957d54e 100644
--- a/docs/examples/evhiperfifo.c
+++ b/docs/examples/evhiperfifo.c
@@ -62,18 +62,20 @@ callback.
 
 */
 
+#include 
+#include 
 #include 
-#include 
 #include 
+#include 
+#include 
+#include 
 #include 
 #include 
 #include 
-#include 
-#include 
+
 #include 
-#include 
-#include 
-#include 
+
+#include 
 
 #define MSG_OUT stdout /* Send info to stdout, change to stderr if you want */
 
diff --git a/docs/examples/externalsocket.c b/docs/examples/externalsocket.c
index 11fedb07a2..610a835272 100644
--- a/docs/examples/externalsocket.c
+++ b/docs/examples/externalsocket.c
@@ -37,6 +37,7 @@
 #include 
 #include 
 #include 
+
 #include 
 
 #ifdef _WIN32
diff --git a/docs/examples/ftp-delete.c b/docs/examples/ftp-delete.c
index e43dd30f2f..795dae851e 100644
--- a/docs/examples/ftp-delete.c
+++ b/docs/examples/ftp-delete.c
@@ -21,14 +21,13 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-#include 
-
-#include 
-
 /* 
  * Delete a single file from an FTP server.
  * 
  */
+#include 
+
+#include 
 
 static size_t write_cb(void *buffer, size_t size, size_t nmemb, void *stream)
 {
diff --git a/docs/examples/ftpuploadfrommem.c b/docs/examples/ftpuploadfrommem.c
index 9baf538b99..af88f52f1a 100644
--- a/docs/examples/ftpuploadfrommem.c
+++ b/docs/examples/ftpuploadfrommem.c
@@ -27,6 +27,7 @@
  */
 #include 
 #include 
+
 #include 
 
 static const char data[]=
diff --git a/docs/examples/getinfo.c b/docs/examples/getinfo.c
index d6257afa79..8d43375395 100644
--- a/docs/examples/getinfo.c
+++ b/docs/examples/getinfo.c
@@ -26,6 +26,7 @@
  * 
  */
 #include 
+
 #include 
 
 int main(void)
diff --git a/docs/examples/getinmemory.c b/docs/examples/getinmemory.c
index 025ebe67a5..1deeeda266 100644
--- a/docs/examples/getinmemory.c
+++ b/docs/examples/getinmemory.c
@@ -26,7 +26,6 @@
  * chunk of memory instead of storing it in a file.
  * 
  */
-
 #include 
 #include 
 #include 
diff --git a/docs/examples/getredirect.c b/docs/examples/getredirect.c
index 908cd5f850..b1f42dc9fd 100644
--- a/docs/examples/getredirect.c
+++ b/docs/examples/getredirect.c
@@ -26,6 +26,7 @@
  * 
  */
 #include 
+
 #include 
 
 int main(void)
diff --git a/docs/examples/getreferrer.c b/docs/examples/getreferrer.c
index ae42f4605f..6827055c2b 100644
--- a/docs/examples/getreferrer.c
+++ b/docs/examples/getreferrer.c
@@ -26,6 +26,7 @@
  * 
  */
 #include 
+
 #include 
 
 int main(void)
diff --git a/docs/examples/ghiper.c b/docs/examples/ghiper.c
index b9edb517d3..f27521971c 100644
--- a/docs/examples/ghiper.c
+++ b/docs/examples/ghiper.c
@@ -55,14 +55,15 @@
  callback.
 
 */
-
 #include 
-#include 
+
 #include 
 #include 
 #include 
 #include 
 #include 
+#include 
+
 #include 
 
 #define MSG_OUT g_print   /* Change to "g_error" to write to stderr */
diff --git a/docs/examples/headerapi.c b/docs/examples/headerapi.c
index 18588cf33f..089a23a070 100644
--- a/docs/examples/headerapi.c
+++ b/docs/examples/headerapi.c
@@ -26,6 +26,7 @@
  * 
  */
 #include 
+
 #include 
 
 static size_t write_cb(char *data, size_t n, size_t l, void *userp)
diff --git a/docs/examples/hiperfifo.c b/docs/examples/hiperfifo.c
index 314d7dd9d9..60288b4bd2 100644
--- a/docs/examples/hiperfifo.c
+++ b/docs/examples/hiperfifo.c
@@ -58,21 +58,22 @@ This is purely a demo app, all retrieved data is simply discarded by the write
 callback.
 
 */
-
+#include 
+#include 
 #include 
-#include 
 #include 
+#include 
+#include 
+#include 
+#include 
 #include 
 #include 
 #include 
-#include 
+
 #include 
+
 #include 
 #include 
-#include 
-#include 
-#include 
-#include 
 
 #define MSG_OUT stdout /* Send info to stdout, change to stderr if you want */
 
diff --git a/docs/examples/htmltidy.c b/docs/examples/htmltidy.c
index de1bd7399e..04b4809317 100644
--- a/docs/examples/htmltidy.c
+++ b/docs/examples/htmltidy.c
@@ -28,10 +28,11 @@
 /*
  * LibTidy => https://www.html-tidy.org/
  */
-
 #include 
+
 #include 
 #include 
+
 #include 
 
 /* curl write callback, to fill tidy's input buffer...  */
diff --git a/docs/examples/htmltitle.cpp b/docs/examples/htmltitle.cpp
index cdbf0afa08..97b924b180 100644
--- a/docs/examples/htmltitle.cpp
+++ b/docs/examples/htmltitle.cpp
@@ -36,7 +36,9 @@
 #include 
 #include 
 #include 
+
 #include 
+
 #include 
 
 //
diff --git a/docs/examples/http-options.c b/docs/examples/http-options.c
index 9520670bae..f1542edbbe 100644
--- a/docs/examples/http-options.c
+++ b/docs/examples/http-options.c
@@ -26,6 +26,7 @@
  * 
  */
 #include 
+
 #include 
 
 int main(void)
diff --git a/docs/examples/http-post.c b/docs/examples/http-post.c
index fb91822bb8..510c4c3839 100644
--- a/docs/examples/http-post.c
+++ b/docs/examples/http-post.c
@@ -26,6 +26,7 @@
  * 
  */
 #include 
+
 #include 
 
 int main(void)
diff --git a/docs/examples/http2-download.c b/docs/examples/http2-download.c
index 2caeaba512..e6fdbd6b9c 100644
--- a/docs/examples/http2-download.c
+++ b/docs/examples/http2-download.c
@@ -36,7 +36,6 @@
 #include 
 #include 
 
-/* curl stuff */
 #include 
 
 #ifndef CURLPIPE_MULTIPLEX
diff --git a/docs/examples/http2-pushinmemory.c b/docs/examples/http2-pushinmemory.c
index e15f151697..14f37dbbbc 100644
--- a/docs/examples/http2-pushinmemory.c
+++ b/docs/examples/http2-pushinmemory.c
@@ -29,7 +29,6 @@
 #include 
 #include 
 
-/* curl stuff */
 #include 
 
 struct Memory {
diff --git a/docs/examples/http2-serverpush.c b/docs/examples/http2-serverpush.c
index 2664158a1f..5c817ead58 100644
--- a/docs/examples/http2-serverpush.c
+++ b/docs/examples/http2-serverpush.c
@@ -35,7 +35,6 @@
 #include 
 #include 
 
-/* curl stuff */
 #include 
 
 #ifndef CURLPIPE_MULTIPLEX
diff --git a/docs/examples/http2-upload.c b/docs/examples/http2-upload.c
index e546ded162..9ec8cbf5bc 100644
--- a/docs/examples/http2-upload.c
+++ b/docs/examples/http2-upload.c
@@ -45,7 +45,6 @@
 #include 
 #endif
 
-/* curl stuff */
 #include 
 
 #ifndef CURLPIPE_MULTIPLEX
diff --git a/docs/examples/http3-present.c b/docs/examples/http3-present.c
index 084f265c46..0052d50188 100644
--- a/docs/examples/http3-present.c
+++ b/docs/examples/http3-present.c
@@ -26,6 +26,7 @@
  * 
  */
 #include 
+
 #include 
 
 int main(void)
diff --git a/docs/examples/http3.c b/docs/examples/http3.c
index 217974f93c..99de5f8e2e 100644
--- a/docs/examples/http3.c
+++ b/docs/examples/http3.c
@@ -26,6 +26,7 @@
  * 
  */
 #include 
+
 #include 
 
 int main(void)
diff --git a/docs/examples/httpcustomheader.c b/docs/examples/httpcustomheader.c
index 0657313ddf..3af5c1a2db 100644
--- a/docs/examples/httpcustomheader.c
+++ b/docs/examples/httpcustomheader.c
@@ -26,6 +26,7 @@
  * 
  */
 #include 
+
 #include 
 
 int main(void)
diff --git a/docs/examples/httpput-postfields.c b/docs/examples/httpput-postfields.c
index b855f454ae..29fd6273d7 100644
--- a/docs/examples/httpput-postfields.c
+++ b/docs/examples/httpput-postfields.c
@@ -27,6 +27,7 @@
  */
 #include 
 #include 
+
 #include 
 
 static const char olivertwist[]=
diff --git a/docs/examples/httpput.c b/docs/examples/httpput.c
index 38fb641f52..5c3fc314b8 100644
--- a/docs/examples/httpput.c
+++ b/docs/examples/httpput.c
@@ -34,6 +34,7 @@
 #include 
 #include 
 #include 
+
 #include 
 
 #ifdef _WIN32
diff --git a/docs/examples/https.c b/docs/examples/https.c
index 1f7f5e1fbb..905cdb07f2 100644
--- a/docs/examples/https.c
+++ b/docs/examples/https.c
@@ -26,6 +26,7 @@
  * 
  */
 #include 
+
 #include 
 
 int main(void)
diff --git a/docs/examples/imap-append.c b/docs/examples/imap-append.c
index c78462a508..81ca682ffd 100644
--- a/docs/examples/imap-append.c
+++ b/docs/examples/imap-append.c
@@ -21,14 +21,13 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * Send email with IMAP
  * 
  */
-
 #include 
 #include 
+
 #include 
 
 /* This is a simple example showing how to send mail using libcurl's IMAP
diff --git a/docs/examples/imap-authzid.c b/docs/examples/imap-authzid.c
index b7c2e43f99..690b1d77c7 100644
--- a/docs/examples/imap-authzid.c
+++ b/docs/examples/imap-authzid.c
@@ -21,13 +21,12 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * Retrieve emails from a shared IMAP mailbox
  * 
  */
-
 #include 
+
 #include 
 
 /* This is a simple example showing how to fetch mail using libcurl's IMAP
diff --git a/docs/examples/imap-copy.c b/docs/examples/imap-copy.c
index 8adb8b8c6d..7a5b52e10f 100644
--- a/docs/examples/imap-copy.c
+++ b/docs/examples/imap-copy.c
@@ -21,13 +21,12 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * Copy an email from one IMAP folder to another
  * 
  */
-
 #include 
+
 #include 
 
 /* This is a simple example showing how to copy a mail from one mailbox folder
diff --git a/docs/examples/imap-create.c b/docs/examples/imap-create.c
index 51fbe5f142..2477a00385 100644
--- a/docs/examples/imap-create.c
+++ b/docs/examples/imap-create.c
@@ -21,13 +21,12 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * Create a new IMAP folder
  * 
  */
-
 #include 
+
 #include 
 
 /* This is a simple example showing how to create a new mailbox folder using
diff --git a/docs/examples/imap-delete.c b/docs/examples/imap-delete.c
index a7682f7664..6744613cd1 100644
--- a/docs/examples/imap-delete.c
+++ b/docs/examples/imap-delete.c
@@ -21,13 +21,12 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * Delete an IMAP folder
  * 
  */
-
 #include 
+
 #include 
 
 /* This is a simple example showing how to delete an existing mailbox folder
diff --git a/docs/examples/imap-examine.c b/docs/examples/imap-examine.c
index a46d450d21..32f38493f1 100644
--- a/docs/examples/imap-examine.c
+++ b/docs/examples/imap-examine.c
@@ -21,13 +21,12 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * Obtain information about an IMAP folder
  * 
  */
-
 #include 
+
 #include 
 
 /* This is a simple example showing how to obtain information about a mailbox
diff --git a/docs/examples/imap-fetch.c b/docs/examples/imap-fetch.c
index 937d3e05b8..ab25ba552b 100644
--- a/docs/examples/imap-fetch.c
+++ b/docs/examples/imap-fetch.c
@@ -21,13 +21,12 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * Retrieve IMAP emails
  * 
  */
-
 #include 
+
 #include 
 
 /* This is a simple example showing how to fetch mail using libcurl's IMAP
diff --git a/docs/examples/imap-list.c b/docs/examples/imap-list.c
index 2d882503d0..e0201e464a 100644
--- a/docs/examples/imap-list.c
+++ b/docs/examples/imap-list.c
@@ -21,13 +21,12 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * List the folders within an IMAP mailbox
  * 
  */
-
 #include 
+
 #include 
 
 /* This is a simple example showing how to list the folders within an IMAP
diff --git a/docs/examples/imap-lsub.c b/docs/examples/imap-lsub.c
index 74472d42ec..e967518565 100644
--- a/docs/examples/imap-lsub.c
+++ b/docs/examples/imap-lsub.c
@@ -21,13 +21,12 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * List the subscribed IMAP folders
  * 
  */
-
 #include 
+
 #include 
 
 /* This is a simple example showing how to list the subscribed folders within
diff --git a/docs/examples/imap-multi.c b/docs/examples/imap-multi.c
index 56a9147bc8..afbcfbb515 100644
--- a/docs/examples/imap-multi.c
+++ b/docs/examples/imap-multi.c
@@ -21,14 +21,13 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * Get IMAP email with the multi interface
  * 
  */
-
 #include 
 #include 
+
 #include 
 
 /* This is a simple example showing how to fetch mail using libcurl's IMAP
diff --git a/docs/examples/imap-noop.c b/docs/examples/imap-noop.c
index 1d8607590f..a4a53ead4f 100644
--- a/docs/examples/imap-noop.c
+++ b/docs/examples/imap-noop.c
@@ -21,13 +21,12 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * Perform an IMAP noop
  * 
  */
-
 #include 
+
 #include 
 
 /* This is a simple example showing how to perform a noop using libcurl's IMAP
diff --git a/docs/examples/imap-search.c b/docs/examples/imap-search.c
index b4e1576b38..ebef27b369 100644
--- a/docs/examples/imap-search.c
+++ b/docs/examples/imap-search.c
@@ -21,13 +21,12 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * Search for new IMAP emails
  * 
  */
-
 #include 
+
 #include 
 
 /* This is a simple example showing how to search for new messages using
diff --git a/docs/examples/imap-ssl.c b/docs/examples/imap-ssl.c
index 6eb49ae978..d56d89331a 100644
--- a/docs/examples/imap-ssl.c
+++ b/docs/examples/imap-ssl.c
@@ -21,13 +21,12 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * IMAP with implicit SSL
  * 
  */
-
 #include 
+
 #include 
 
 /* This is a simple example showing how to fetch mail using libcurl's IMAP
diff --git a/docs/examples/imap-store.c b/docs/examples/imap-store.c
index 95d8f07476..c70c70ebce 100644
--- a/docs/examples/imap-store.c
+++ b/docs/examples/imap-store.c
@@ -21,13 +21,12 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * Modify the properties of an email over IMAP
  * 
  */
-
 #include 
+
 #include 
 
 /* This is a simple example showing how to modify an existing mail using
diff --git a/docs/examples/imap-tls.c b/docs/examples/imap-tls.c
index 9009174ccf..61f4cea45b 100644
--- a/docs/examples/imap-tls.c
+++ b/docs/examples/imap-tls.c
@@ -21,13 +21,12 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * IMAP using TLS
  * 
  */
-
 #include 
+
 #include 
 
 /* This is a simple example showing how to fetch mail using libcurl's IMAP
diff --git a/docs/examples/interface.c b/docs/examples/interface.c
index 0698b6a8e2..904131c93a 100644
--- a/docs/examples/interface.c
+++ b/docs/examples/interface.c
@@ -26,6 +26,7 @@
  * 
  */
 #include 
+
 #include 
 
 int main(void)
diff --git a/docs/examples/ipv6.c b/docs/examples/ipv6.c
index 1a55d64049..d16bfc4393 100644
--- a/docs/examples/ipv6.c
+++ b/docs/examples/ipv6.c
@@ -26,6 +26,7 @@
  * 
  */
 #include 
+
 #include 
 
 int main(void)
diff --git a/docs/examples/keepalive.c b/docs/examples/keepalive.c
index 8d55c71337..5f5c39f57a 100644
--- a/docs/examples/keepalive.c
+++ b/docs/examples/keepalive.c
@@ -26,6 +26,7 @@
  * 
  */
 #include 
+
 #include 
 
 int main(void)
diff --git a/docs/examples/localport.c b/docs/examples/localport.c
index 2700457211..21e632d8a7 100644
--- a/docs/examples/localport.c
+++ b/docs/examples/localport.c
@@ -26,6 +26,7 @@
  * 
  */
 #include 
+
 #include 
 
 int main(void)
diff --git a/docs/examples/maxconnects.c b/docs/examples/maxconnects.c
index e89f971cf4..658b38d711 100644
--- a/docs/examples/maxconnects.c
+++ b/docs/examples/maxconnects.c
@@ -26,6 +26,7 @@
  * 
  */
 #include 
+
 #include 
 
 int main(void)
diff --git a/docs/examples/multi-app.c b/docs/examples/multi-app.c
index 8c0d8b4041..460c93057a 100644
--- a/docs/examples/multi-app.c
+++ b/docs/examples/multi-app.c
@@ -26,11 +26,9 @@
  * transfers in parallel.
  * 
  */
-
 #include 
 #include 
 
-/* curl stuff */
 #include 
 
 /*
diff --git a/docs/examples/multi-debugcallback.c b/docs/examples/multi-debugcallback.c
index 52f00ce482..561a967abf 100644
--- a/docs/examples/multi-debugcallback.c
+++ b/docs/examples/multi-debugcallback.c
@@ -25,11 +25,9 @@
  * multi interface and debug callback
  * 
  */
-
 #include 
 #include 
 
-/* curl stuff */
 #include 
 
 #define TRUE 1
diff --git a/docs/examples/multi-double.c b/docs/examples/multi-double.c
index 1149f21b78..8a0c3d27fe 100644
--- a/docs/examples/multi-double.c
+++ b/docs/examples/multi-double.c
@@ -28,7 +28,6 @@
 #include 
 #include 
 
-/* curl stuff */
 #include 
 
 /*
diff --git a/docs/examples/multi-event.c b/docs/examples/multi-event.c
index abf907afe5..2698e24678 100644
--- a/docs/examples/multi-event.c
+++ b/docs/examples/multi-event.c
@@ -21,15 +21,15 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * multi_socket API using libevent
  * 
  */
-
 #include 
 #include 
+
 #include 
+
 #include 
 
 static struct event_base *base;
diff --git a/docs/examples/multi-formadd.c b/docs/examples/multi-formadd.c
index 068412827a..7374fae092 100644
--- a/docs/examples/multi-formadd.c
+++ b/docs/examples/multi-formadd.c
@@ -25,12 +25,10 @@
  * using the multi interface to do a multipart formpost without blocking
  * 
  */
-
 /*
- * Warning: this example uses the deprecated form api. See "multi-post.c"
- *          for a similar example using the mime api.
+ * Warning: this example uses the deprecated form API. See "multi-post.c"
+ *          for a similar example using the mime API.
  */
-
 #include 
 #include 
 
diff --git a/docs/examples/multi-legacy.c b/docs/examples/multi-legacy.c
index 93b50c169f..ca2c0a4c7a 100644
--- a/docs/examples/multi-legacy.c
+++ b/docs/examples/multi-legacy.c
@@ -26,7 +26,6 @@
  * transfers in parallel without curl_multi_wait/poll.
  * 
  */
-
 #include 
 #include 
 
@@ -36,7 +35,6 @@
 #include 
 #endif
 
-/* curl stuff */
 #include 
 
 /*
diff --git a/docs/examples/multi-post.c b/docs/examples/multi-post.c
index c6cb60e898..678fb78d0b 100644
--- a/docs/examples/multi-post.c
+++ b/docs/examples/multi-post.c
@@ -25,7 +25,6 @@
  * using the multi interface to do a multipart formpost without blocking
  * 
  */
-
 #include 
 #include 
 
diff --git a/docs/examples/multi-single.c b/docs/examples/multi-single.c
index ee2676bae3..6c3f341164 100644
--- a/docs/examples/multi-single.c
+++ b/docs/examples/multi-single.c
@@ -29,7 +29,6 @@
 #include 
 #include 
 
-/* curl stuff */
 #include 
 
 /*
diff --git a/docs/examples/multi-uv.c b/docs/examples/multi-uv.c
index de6beda210..190bed3ef4 100644
--- a/docs/examples/multi-uv.c
+++ b/docs/examples/multi-uv.c
@@ -25,7 +25,6 @@
  * multi_socket API using libuv
  * 
  */
-
 /* Use the socket_action interface to download multiple files in parallel,
    powered by libuv.
 
@@ -38,7 +37,9 @@
 
 #include 
 #include 
+
 #include 
+
 #include 
 
 /* object to pass to the callbacks */
diff --git a/docs/examples/multithread.c b/docs/examples/multithread.c
index 535788e394..7de1baea90 100644
--- a/docs/examples/multithread.c
+++ b/docs/examples/multithread.c
@@ -29,7 +29,9 @@
 /* Requires: HAVE_PTHREAD_H */
 
 #include 
+
 #include 
+
 #include 
 
 #define NUMT 4
diff --git a/docs/examples/netrc.c b/docs/examples/netrc.c
index 148a7e422b..91f8df96dc 100644
--- a/docs/examples/netrc.c
+++ b/docs/examples/netrc.c
@@ -26,6 +26,7 @@
  * 
  */
 #include 
+
 #include 
 
 int main(void)
diff --git a/docs/examples/parseurl.c b/docs/examples/parseurl.c
index 1514a79823..f70df19bef 100644
--- a/docs/examples/parseurl.c
+++ b/docs/examples/parseurl.c
@@ -26,6 +26,7 @@
  * 
  */
 #include 
+
 #include 
 
 #if !CURL_AT_LEAST_VERSION(7, 62, 0)
diff --git a/docs/examples/pop3-authzid.c b/docs/examples/pop3-authzid.c
index 8cfe80bca2..85c28d700e 100644
--- a/docs/examples/pop3-authzid.c
+++ b/docs/examples/pop3-authzid.c
@@ -21,13 +21,12 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * Retrieve emails from a shared POP3 mailbox
  * 
  */
-
 #include 
+
 #include 
 
 /* This is a simple example showing how to retrieve mail using libcurl's POP3
diff --git a/docs/examples/pop3-dele.c b/docs/examples/pop3-dele.c
index 84592da4f9..bd220d7169 100644
--- a/docs/examples/pop3-dele.c
+++ b/docs/examples/pop3-dele.c
@@ -21,13 +21,12 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * Delete POP3 emails
  * 
  */
-
 #include 
+
 #include 
 
 /* This is a simple example showing how to delete an existing mail using
diff --git a/docs/examples/pop3-list.c b/docs/examples/pop3-list.c
index 05ecc66233..cef33c2b4f 100644
--- a/docs/examples/pop3-list.c
+++ b/docs/examples/pop3-list.c
@@ -21,13 +21,12 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * List the contents of a POP3 mailbox
  * 
  */
-
 #include 
+
 #include 
 
 /* This is a simple example using libcurl's POP3 capabilities to list the
diff --git a/docs/examples/pop3-multi.c b/docs/examples/pop3-multi.c
index d88d119349..be028a777a 100644
--- a/docs/examples/pop3-multi.c
+++ b/docs/examples/pop3-multi.c
@@ -21,14 +21,13 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * Get POP3 email using the multi interface
  * 
  */
-
 #include 
 #include 
+
 #include 
 
 /* This is a simple example showing how to retrieve mail using libcurl's POP3
diff --git a/docs/examples/pop3-noop.c b/docs/examples/pop3-noop.c
index 0ab6eb2d14..4bed103fc8 100644
--- a/docs/examples/pop3-noop.c
+++ b/docs/examples/pop3-noop.c
@@ -21,13 +21,12 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * Perform a POP3 noop
  * 
  */
-
 #include 
+
 #include 
 
 /* This is a simple example showing how to perform a noop using libcurl's POP3
diff --git a/docs/examples/pop3-retr.c b/docs/examples/pop3-retr.c
index c89c77e5d6..5cb6e1b545 100644
--- a/docs/examples/pop3-retr.c
+++ b/docs/examples/pop3-retr.c
@@ -21,13 +21,12 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * Retrieve POP3 email
  * 
  */
-
 #include 
+
 #include 
 
 /* This is a simple example showing how to retrieve mail using libcurl's POP3
diff --git a/docs/examples/pop3-ssl.c b/docs/examples/pop3-ssl.c
index 1be48adc82..0f5ac3692d 100644
--- a/docs/examples/pop3-ssl.c
+++ b/docs/examples/pop3-ssl.c
@@ -21,13 +21,12 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * Get POP3 email using implicit SSL
  * 
  */
-
 #include 
+
 #include 
 
 /* This is a simple example showing how to retrieve mail using libcurl's POP3
diff --git a/docs/examples/pop3-stat.c b/docs/examples/pop3-stat.c
index afaf79c9a4..929422af98 100644
--- a/docs/examples/pop3-stat.c
+++ b/docs/examples/pop3-stat.c
@@ -21,13 +21,12 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * Obtain POP3 message statistics
  * 
  */
-
 #include 
+
 #include 
 
 /* This is a simple example showing how to obtain message statistics using
diff --git a/docs/examples/pop3-tls.c b/docs/examples/pop3-tls.c
index a4a7208986..7693e63219 100644
--- a/docs/examples/pop3-tls.c
+++ b/docs/examples/pop3-tls.c
@@ -21,13 +21,12 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * POP3 using TLS
  * 
  */
-
 #include 
+
 #include 
 
 /* This is a simple example showing how to retrieve mail using libcurl's POP3
diff --git a/docs/examples/pop3-top.c b/docs/examples/pop3-top.c
index 7584503b0c..3a8776f0b2 100644
--- a/docs/examples/pop3-top.c
+++ b/docs/examples/pop3-top.c
@@ -21,13 +21,12 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * POP3 example showing how to retrieve only the headers of an email
  * 
  */
-
 #include 
+
 #include 
 
 /* This is a simple example showing how to retrieve only the headers of a mail
diff --git a/docs/examples/pop3-uidl.c b/docs/examples/pop3-uidl.c
index aec1034231..01df011eef 100644
--- a/docs/examples/pop3-uidl.c
+++ b/docs/examples/pop3-uidl.c
@@ -21,13 +21,12 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * List the contents of a POP3 mailbox by unique ID
  * 
  */
-
 #include 
+
 #include 
 
 /* This is a simple example using libcurl's POP3 capabilities to list the
diff --git a/docs/examples/post-callback.c b/docs/examples/post-callback.c
index ed5b4b1972..bbab002790 100644
--- a/docs/examples/post-callback.c
+++ b/docs/examples/post-callback.c
@@ -27,6 +27,7 @@
  */
 #include 
 #include 
+
 #include 
 
 /* silly test data to POST */
diff --git a/docs/examples/postinmemory.c b/docs/examples/postinmemory.c
index a6ff7fa377..fc42251ddd 100644
--- a/docs/examples/postinmemory.c
+++ b/docs/examples/postinmemory.c
@@ -28,6 +28,7 @@
 #include 
 #include 
 #include 
+
 #include 
 
 struct MemoryStruct {
diff --git a/docs/examples/postit2-formadd.c b/docs/examples/postit2-formadd.c
index 81f8bfd27c..086cae0e51 100644
--- a/docs/examples/postit2-formadd.c
+++ b/docs/examples/postit2-formadd.c
@@ -25,7 +25,6 @@
  * HTTP Multipart formpost with file upload and two additional parts.
  * 
  */
-
 /*
  * Example code that uploads a filename 'foo' to a remote script that accepts
  * "HTML form based" (as described in RFC 1738) uploads using HTTP POST.
@@ -41,7 +40,6 @@
  * 
  * 
  */
-
 #include 
 #include 
 
diff --git a/docs/examples/postit2.c b/docs/examples/postit2.c
index 57c7c86e3a..e5cb963369 100644
--- a/docs/examples/postit2.c
+++ b/docs/examples/postit2.c
@@ -37,7 +37,6 @@
  * 
  *
  */
-
 #include 
 #include 
 
diff --git a/docs/examples/progressfunc.c b/docs/examples/progressfunc.c
index 052620dcdf..59477951f9 100644
--- a/docs/examples/progressfunc.c
+++ b/docs/examples/progressfunc.c
@@ -27,6 +27,7 @@
  * 
  */
 #include 
+
 #include 
 
 #define MINIMAL_PROGRESS_FUNCTIONALITY_INTERVAL     3000000
diff --git a/docs/examples/protofeats.c b/docs/examples/protofeats.c
index fef4a3798d..f93dccef00 100644
--- a/docs/examples/protofeats.c
+++ b/docs/examples/protofeats.c
@@ -26,6 +26,7 @@
  * 
  */
 #include 
+
 #include 
 
 #if !CURL_AT_LEAST_VERSION(7,87,0)
diff --git a/docs/examples/resolve.c b/docs/examples/resolve.c
index 4ccc3ff1d8..95adb3c1ba 100644
--- a/docs/examples/resolve.c
+++ b/docs/examples/resolve.c
@@ -27,6 +27,7 @@
  * 
  */
 #include 
+
 #include 
 
 int main(void)
diff --git a/docs/examples/rtsp-options.c b/docs/examples/rtsp-options.c
index 8c160f6b76..5e732e105f 100644
--- a/docs/examples/rtsp-options.c
+++ b/docs/examples/rtsp-options.c
@@ -26,6 +26,7 @@
  * 
  */
 #include 
+
 #include 
 
 int main(void)
diff --git a/docs/examples/sendrecv.c b/docs/examples/sendrecv.c
index 71faeb4ad3..6f7cbb1b51 100644
--- a/docs/examples/sendrecv.c
+++ b/docs/examples/sendrecv.c
@@ -25,9 +25,9 @@
  * Demonstrate curl_easy_send() and curl_easy_recv() usage.
  * 
  */
-
 #include 
 #include 
+
 #include 
 
 /* Avoid warning in FD_SET() with pre-2020 Cygwin/MSYS releases:
diff --git a/docs/examples/shared-connection-cache.c b/docs/examples/shared-connection-cache.c
index 4af62fee94..bc1239428b 100644
--- a/docs/examples/shared-connection-cache.c
+++ b/docs/examples/shared-connection-cache.c
@@ -26,6 +26,7 @@
  * 
  */
 #include 
+
 #include 
 
 static void my_lock(CURL *curl, curl_lock_data data,
diff --git a/docs/examples/simple.c b/docs/examples/simple.c
index a427266fd4..e7ea3be611 100644
--- a/docs/examples/simple.c
+++ b/docs/examples/simple.c
@@ -26,6 +26,7 @@
  * 
  */
 #include 
+
 #include 
 
 int main(void)
diff --git a/docs/examples/simplepost.c b/docs/examples/simplepost.c
index 824e073e2a..ff7295c59d 100644
--- a/docs/examples/simplepost.c
+++ b/docs/examples/simplepost.c
@@ -27,6 +27,7 @@
  */
 #include 
 #include 
+
 #include 
 
 int main(void)
diff --git a/docs/examples/smtp-authzid.c b/docs/examples/smtp-authzid.c
index 539997d945..a375d839b1 100644
--- a/docs/examples/smtp-authzid.c
+++ b/docs/examples/smtp-authzid.c
@@ -21,14 +21,13 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * Send email on behalf of another user with SMTP
  * 
  */
-
 #include 
 #include 
+
 #include 
 
 /*
diff --git a/docs/examples/smtp-expn.c b/docs/examples/smtp-expn.c
index 727880d619..60722a5688 100644
--- a/docs/examples/smtp-expn.c
+++ b/docs/examples/smtp-expn.c
@@ -21,14 +21,13 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * Expand an SMTP email mailing list
  * 
  */
-
 #include 
 #include 
+
 #include 
 
 /* This is a simple example showing how to expand an email mailing list.
diff --git a/docs/examples/smtp-mail.c b/docs/examples/smtp-mail.c
index 39aa86a818..e6e77b97a3 100644
--- a/docs/examples/smtp-mail.c
+++ b/docs/examples/smtp-mail.c
@@ -21,14 +21,13 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * Send email with SMTP
  * 
  */
-
 #include 
 #include 
+
 #include 
 
 /*
diff --git a/docs/examples/smtp-mime.c b/docs/examples/smtp-mime.c
index d26021ef34..553947b097 100644
--- a/docs/examples/smtp-mime.c
+++ b/docs/examples/smtp-mime.c
@@ -21,14 +21,13 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * Send SMTP mime emails
  * 
  */
-
 #include 
 #include 
+
 #include 
 
 /* This is a simple example showing how to send mime mail using libcurl's SMTP
diff --git a/docs/examples/smtp-multi.c b/docs/examples/smtp-multi.c
index 3dabfbb980..ab7165cd52 100644
--- a/docs/examples/smtp-multi.c
+++ b/docs/examples/smtp-multi.c
@@ -21,13 +21,12 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * Send SMTP email with the multi interface
  * 
  */
-
 #include 
+
 #include 
 
 /* This is an example showing how to send mail using libcurl's SMTP
diff --git a/docs/examples/smtp-ssl.c b/docs/examples/smtp-ssl.c
index 36ecd18d74..a87a033fc4 100644
--- a/docs/examples/smtp-ssl.c
+++ b/docs/examples/smtp-ssl.c
@@ -21,14 +21,13 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * Send SMTP email using implicit SSL
  * 
  */
-
 #include 
 #include 
+
 #include 
 
 /* This is a simple example showing how to send mail using libcurl's SMTP
diff --git a/docs/examples/smtp-tls.c b/docs/examples/smtp-tls.c
index b2ea769b21..f6b3bb6053 100644
--- a/docs/examples/smtp-tls.c
+++ b/docs/examples/smtp-tls.c
@@ -21,14 +21,13 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * Send SMTP email using implicit TLS
  * 
  */
-
 #include 
 #include 
+
 #include 
 
 /* This is a simple example showing how to send mail using libcurl's SMTP
diff --git a/docs/examples/smtp-vrfy.c b/docs/examples/smtp-vrfy.c
index 33d439ec9c..e58ed9491d 100644
--- a/docs/examples/smtp-vrfy.c
+++ b/docs/examples/smtp-vrfy.c
@@ -21,14 +21,13 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 /* 
  * Verify an SMTP email address
  * 
  */
-
 #include 
 #include 
+
 #include 
 
 /* This is a simple example showing how to verify an email address from an
diff --git a/docs/examples/xmlstream.c b/docs/examples/xmlstream.c
index 04fc3afd85..0aec24cc67 100644
--- a/docs/examples/xmlstream.c
+++ b/docs/examples/xmlstream.c
@@ -32,12 +32,12 @@
  * gcc -Wall -I/usr/local/include xmlstream.c -lcurl -lexpat -o xmlstream
  *
  */
-
 #include 
 #include 
 #include 
 
 #include 
+
 #include 
 
 struct MemoryStruct {

From a41cea7d677702664ab15894880b3a2f7ba27547 Mon Sep 17 00:00:00 2001
From: boingball 
Date: Mon, 17 Nov 2025 22:49:27 +0000
Subject: [PATCH 0900/2408] AmigaOS: increase minimum stack size for tool_main

In testing, the older stack size of 16384 was causing curl to crash on
heavy TLS loads

Closes #19578
---
 src/tool_main.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/tool_main.c b/src/tool_main.c
index 8df63ef05a..8047e663c8 100644
--- a/src/tool_main.c
+++ b/src/tool_main.c
@@ -65,7 +65,7 @@ int vms_show = 0;
 #else
 #define CURL_USED
 #endif
-static const char CURL_USED min_stack[] = "$STACK:16384";
+static const char CURL_USED min_stack[] = "$STACK:32768";
 #endif
 
 #ifdef __MINGW32__

From 1cbe510d8bb862bb391dc81d3aa35a146a52dc31 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 18 Nov 2025 09:22:24 +0100
Subject: [PATCH 0901/2408] TEST-SUITE.md: correct the man page's path

Closes #19586
---
 docs/tests/TEST-SUITE.md | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/docs/tests/TEST-SUITE.md b/docs/tests/TEST-SUITE.md
index 2110cfb362..527a8599ea 100644
--- a/docs/tests/TEST-SUITE.md
+++ b/docs/tests/TEST-SUITE.md
@@ -23,22 +23,24 @@ SPDX-License-Identifier: curl
     make test TFLAGS="-j10"
 
   "make test" builds the test suite support code and invokes the 'runtests.pl'
-  perl script to run all the tests. The value of `TFLAGS` is passed
-  directly to 'runtests.pl'.
+  perl script to run all the tests. The value of `TFLAGS` is passed directly
+  to 'runtests.pl'.
 
-  When you run tests via make, the flags `-a` and `-s` are passed, meaning
-  to continue running tests even after one fails, and to emit short output.
+  When you run tests via make, the flags `-a` and `-s` are passed, meaning to
+  continue running tests even after one fails, and to emit short output.
 
-  If you would like to not use those flags, you can run 'runtests.pl' directly.
-  You must `chdir` into the tests directory, then you can run it like so:
+  If you would like to not use those flags, you can run 'runtests.pl'
+  directly. You must `chdir` into the tests directory, then you can run it
+  like so:
 
     ./runtests.pl 303 410
 
   You must have run `make test` at least once first to build the support code.
 
-  To see what flags are available for runtests.pl, and what output it emits, run:
+  To see what flags are available for runtests.pl, and what output it emits,
+  run:
 
-    man ./tests/runtests.1
+    man ./docs/runtests.1
 
   After a test fails, examine the tests/log directory for stdout, stderr, and
   output from the servers used in the test.

From 54a3f63520f23d3f81743a949be7eb2f9a46599e Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 18 Nov 2025 02:45:17 +0100
Subject: [PATCH 0902/2408] GHA: reduce timeouts for Linux and macOS jobs

Also syncing the run tests timeout in GHA/linux with GHA/maos.

Closes #19582
---
 .github/workflows/linux.yml | 4 ++--
 .github/workflows/macos.yml | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml
index 20a7c4351c..d164f08e41 100644
--- a/.github/workflows/linux.yml
+++ b/.github/workflows/linux.yml
@@ -65,7 +65,7 @@ jobs:
     name: ${{ matrix.build.generate && 'CM' || 'AM' }} ${{ matrix.build.name }}
     runs-on: ${{ matrix.build.image || 'ubuntu-latest' }}
     container: ${{ matrix.build.container }}
-    timeout-minutes: 45
+    timeout-minutes: 25
     env:
       MATRIX_BUILD: ${{ matrix.build.generate && 'cmake' || 'autotools' }}
       MATRIX_INSTALL_PACKAGES: '${{ matrix.build.install_packages }}'
@@ -759,7 +759,7 @@ jobs:
 
       - name: 'run tests'
         if: ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') }}
-        timeout-minutes: ${{ contains(matrix.build.install_packages, 'valgrind') && 30 || 15 }}
+        timeout-minutes: ${{ contains(matrix.build.install_packages, 'valgrind') && 20 || 10 }}
         env:
           TEST_TARGET: ${{ matrix.build.torture && 'test-torture' || 'test-ci' }}
           TFLAGS: '${{ matrix.build.tflags }}'
diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml
index fc624dc09a..56d895f6ab 100644
--- a/.github/workflows/macos.yml
+++ b/.github/workflows/macos.yml
@@ -205,7 +205,7 @@ jobs:
   macos:
     name: "${{ matrix.build.generate && 'CM' || 'AM' }} ${{ matrix.compiler }} ${{ matrix.build.name }}"
     runs-on: 'macos-15'
-    timeout-minutes: 45
+    timeout-minutes: 25
     env:
       DEVELOPER_DIR: "/Applications/Xcode${{ matrix.build.xcode && format('_{0}', matrix.build.xcode) || '' }}.app/Contents/Developer"
       CC: '${{ matrix.compiler }}'

From 88024c6d39db0a7797f12a386cad38ec1e155e32 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 18 Nov 2025 09:04:42 +0100
Subject: [PATCH 0903/2408] tool_getparam: verify that a file exists for some
 options

Passing the option as-is to libcurl is fine, but checking that the file
exists allows the tool to better provide a helpful message.

This now done for the following options:

  --cacert, --crlfile, --knownhosts, --netrc-file, --proxy-cacert amd
  --proxy-crlfile

Bonus: bail out properly on OOM errors in the --cert parser.

Reported-by: Wesley Moore
Fixes #19583
Closes #19585
---
 src/tool_getparam.c    |  77 +++++++++++++++++++++----------
 src/tool_getparam.h    |   6 +--
 tests/data/test305     |   7 ++-
 tests/data/test404     |   7 ++-
 tests/data/test697     |   2 +-
 tests/tunit/tool1394.c | 101 ++++++++++++++++++++++-------------------
 6 files changed, 121 insertions(+), 79 deletions(-)

diff --git a/src/tool_getparam.c b/src/tool_getparam.c
index bd90da1ec7..337ad33280 100644
--- a/src/tool_getparam.c
+++ b/src/tool_getparam.c
@@ -385,20 +385,21 @@ static const struct LongShort aliases[]= {
 #ifndef UNITTESTS
 static
 #endif
-void parse_cert_parameter(const char *cert_parameter,
-                          char **certname,
-                          char **passphrase)
+ParameterError parse_cert_parameter(const char *cert_parameter,
+                                    char **certname,
+                                    char **passphrase)
 {
   size_t param_length = strlen(cert_parameter);
   size_t span;
   const char *param_place = NULL;
   char *certname_place = NULL;
+  ParameterError err = PARAM_OK;
   *certname = NULL;
   *passphrase = NULL;
 
   /* most trivial assumption: cert_parameter is empty */
   if(param_length == 0)
-    return;
+    return PARAM_BLANK_STRING;
 
   /* next less trivial: cert_parameter starts 'pkcs11:' and thus
    * looks like a RFC7512 PKCS#11 URI which can be used as-is.
@@ -407,12 +408,16 @@ void parse_cert_parameter(const char *cert_parameter,
   if(curl_strnequal(cert_parameter, "pkcs11:", 7) ||
      !strpbrk(cert_parameter, ":\\")) {
     *certname = strdup(cert_parameter);
-    return;
+    if(!*certname)
+      return PARAM_NO_MEM;
+    return PARAM_OK;
   }
   /* deal with escaped chars; find unescaped colon if it exists */
   certname_place = malloc(param_length + 1);
-  if(!certname_place)
-    return;
+  if(!certname_place) {
+    err = PARAM_NO_MEM;
+    goto done;
+  }
 
   *certname = certname_place;
   param_place = cert_parameter;
@@ -471,12 +476,19 @@ void parse_cert_parameter(const char *cert_parameter,
       param_place++;
       if(*param_place) {
         *passphrase = strdup(param_place);
+        if(!*passphrase)
+          err = PARAM_NO_MEM;
       }
       goto done;
     }
   }
 done:
-  *certname_place = '\0';
+  if(err) {
+    tool_safefree(*certname);
+  }
+  else
+    *certname_place = '\0';
+  return err;
 }
 
 /* Replace (in-place) '%20' by '+' according to RFC1866 */
@@ -507,18 +519,22 @@ static size_t replace_url_encoded_space_by_plus(char *url)
   return new_index; /* new size */
 }
 
-static void
+static ParameterError
 GetFileAndPassword(const char *nextarg, char **file, char **password)
 {
   char *certname, *passphrase;
+  ParameterError err;
   /* nextarg is never NULL here */
-  parse_cert_parameter(nextarg, &certname, &passphrase);
-  free(*file);
-  *file = certname;
-  if(passphrase) {
-    free(*password);
-    *password = passphrase;
+  err = parse_cert_parameter(nextarg, &certname, &passphrase);
+  if(!err) {
+    free(*file);
+    *file = certname;
+    if(passphrase) {
+      free(*password);
+      *password = passphrase;
+    }
   }
+  return err;
 }
 
 /* Get a size parameter for '--limit-rate' or '--max-filesize'.
@@ -2164,6 +2180,19 @@ static ParameterError opt_bool(struct OperationConfig *config,
   return PARAM_OK;
 }
 
+static ParameterError existingfile(char **store,
+                                   const struct LongShort *a,
+                                   const char *filename)
+{
+  struct_stat info;
+  if(curlx_stat(filename, &info)) {
+    errorf("The file '%s' provided to --%s does not exist",
+           filename, a->lname);
+    return PARAM_BAD_USE;
+  }
+  return getstr(store, filename, DENY_BLANK);
+}
+
 /* opt_file handles file options */
 static ParameterError opt_file(struct OperationConfig *config,
                                const struct LongShort *a,
@@ -2181,13 +2210,13 @@ static ParameterError opt_file(struct OperationConfig *config,
     err = getstr(&config->unix_socket_path, nextarg, DENY_BLANK);
     break;
   case C_CACERT: /* --cacert */
-    err = getstr(&config->cacert, nextarg, DENY_BLANK);
+    err = existingfile(&config->cacert, a, nextarg);
     break;
   case C_CAPATH: /* --capath */
     err = getstr(&config->capath, nextarg, DENY_BLANK);
     break;
   case C_CERT: /* --cert */
-    GetFileAndPassword(nextarg, &config->cert, &config->key_passwd);
+    err = GetFileAndPassword(nextarg, &config->cert, &config->key_passwd);
     break;
   case C_CONFIG: /* --config */
     if(--max_recursive < 0) {
@@ -2200,7 +2229,7 @@ static ParameterError opt_file(struct OperationConfig *config,
     }
     break;
   case C_CRLFILE: /* --crlfile */
-    err = getstr(&config->crlfile, nextarg, DENY_BLANK);
+    err = existingfile(&config->crlfile, a, nextarg);
     break;
   case C_DUMP_HEADER: /* --dump-header */
     err = getstr(&config->headerfile, nextarg, DENY_BLANK);
@@ -2225,26 +2254,26 @@ static ParameterError opt_file(struct OperationConfig *config,
     err = getstr(&config->key, nextarg, DENY_BLANK);
     break;
   case C_KNOWNHOSTS: /* --knownhosts */
-    err = getstr(&config->knownhosts, nextarg, DENY_BLANK);
+    err = existingfile(&config->knownhosts, a, nextarg);
     break;
   case C_NETRC_FILE: /* --netrc-file */
-    err = getstr(&config->netrc_file, nextarg, DENY_BLANK);
+    err = existingfile(&config->netrc_file, a, nextarg);
     break;
   case C_OUTPUT: /* --output */
     err = parse_output(config, nextarg);
     break;
   case C_PROXY_CACERT: /* --proxy-cacert */
-    err = getstr(&config->proxy_cacert, nextarg, DENY_BLANK);
+    err = existingfile(&config->proxy_cacert, a, nextarg);
     break;
   case C_PROXY_CAPATH: /* --proxy-capath */
     err = getstr(&config->proxy_capath, nextarg, DENY_BLANK);
     break;
   case C_PROXY_CERT: /* --proxy-cert */
-    GetFileAndPassword(nextarg, &config->proxy_cert,
-                       &config->proxy_key_passwd);
+    err = GetFileAndPassword(nextarg, &config->proxy_cert,
+                             &config->proxy_key_passwd);
     break;
   case C_PROXY_CRLFILE: /* --proxy-crlfile */
-    err = getstr(&config->proxy_crlfile, nextarg, DENY_BLANK);
+    err = existingfile(&config->proxy_crlfile, a, nextarg);
     break;
   case C_PROXY_KEY: /* --proxy-key */
     err = getstr(&config->proxy_key, nextarg, ALLOW_BLANK);
diff --git a/src/tool_getparam.h b/src/tool_getparam.h
index d5ef54a81d..d4812f6ceb 100644
--- a/src/tool_getparam.h
+++ b/src/tool_getparam.h
@@ -372,9 +372,9 @@ ParameterError getparameter(const char *flag, const char *nextarg,
                             int max_recursive);
 
 #ifdef UNITTESTS
-void parse_cert_parameter(const char *cert_parameter,
-                          char **certname,
-                          char **passphrase);
+ParameterError parse_cert_parameter(const char *cert_parameter,
+                                    char **certname,
+                                    char **passphrase);
 #endif
 
 ParameterError parse_args(int argc, argv_item_t argv[]);
diff --git a/tests/data/test305 b/tests/data/test305
index 2d4ffd1aab..25656d2289 100644
--- a/tests/data/test305
+++ b/tests/data/test305
@@ -19,14 +19,17 @@ https
 insecure HTTPS without permission
 
 
-https://%HOSTIP:%HTTPSPORT/want/%TESTNUMBER --cacert moooo --no-ca-native
+https://%HOSTIP:%HTTPSPORT/want/%TESTNUMBER --cacert "%LOGDIR/cacert" --no-ca-native
 
+
+made up content
+
 
 
 # Verify data after the test has been "shot"
 
 
-77
+77,60
 
 
 
diff --git a/tests/data/test404 b/tests/data/test404
index 8461abfc00..a4fc826ed9 100644
--- a/tests/data/test404
+++ b/tests/data/test404
@@ -19,14 +19,17 @@ ftps
 FTPS with invalid cacert
 
 
---ftp-ssl-control --cacert moooo ftps://%HOSTIP:%FTPSPORT/
+--ftp-ssl-control --cacert "%LOGDIR/cacert" ftps://%HOSTIP:%FTPSPORT/
 
+
+made up content
+
 
 
 # Verify data after the test has been "shot"
 
 
-77
+77,60
 
 
 
diff --git a/tests/data/test697 b/tests/data/test697
index f1958e83e7..d6cfd76136 100644
--- a/tests/data/test697
+++ b/tests/data/test697
@@ -28,7 +28,7 @@ netrc with missing netrc file
 # Verify data after the test has been "shot"
 
 
-26
+2
 
 
 
diff --git a/tests/tunit/tool1394.c b/tests/tunit/tool1394.c
index 3a5256bae1..71be2c87c4 100644
--- a/tests/tunit/tool1394.c
+++ b/tests/tunit/tool1394.c
@@ -31,84 +31,91 @@ static CURLcode test_tool1394(const char *arg)
 {
   UNITTEST_BEGIN_SIMPLE
 
-  static const char *values[] = {
-    /* -E parameter */        /* exp. cert name */  /* exp. passphrase */
-    "foo:bar:baz",            "foo",                "bar:baz",
-    "foo\\:bar:baz",          "foo:bar",            "baz",
-    "foo\\\\:bar:baz",        "foo\\",              "bar:baz",
-    "foo:bar\\:baz",          "foo",                "bar\\:baz",
-    "foo:bar\\\\:baz",        "foo",                "bar\\\\:baz",
-    "foo\\bar\\baz",          "foo\\bar\\baz",      NULL,
-    "foo\\\\bar\\\\baz",      "foo\\bar\\baz",      NULL,
-    "foo\\",                  "foo\\",              NULL,
-    "foo\\\\",                "foo\\",              NULL,
-    "foo:bar\\",              "foo",                "bar\\",
-    "foo:bar\\\\",            "foo",                "bar\\\\",
-    "foo:bar:",               "foo",                "bar:",
-    "foo\\::bar\\:",          "foo:",               "bar\\:",
-    "pkcs11:foobar",          "pkcs11:foobar",      NULL,
-    "PKCS11:foobar",          "PKCS11:foobar",      NULL,
-    "PkCs11:foobar",          "PkCs11:foobar",      NULL,
-#ifdef _WIN32
-    "c:\\foo:bar:baz",        "c:\\foo",            "bar:baz",
-    "c:\\foo\\:bar:baz",      "c:\\foo:bar",        "baz",
-    "c:\\foo\\\\:bar:baz",    "c:\\foo\\",          "bar:baz",
-    "c:\\foo:bar\\:baz",      "c:\\foo",            "bar\\:baz",
-    "c:\\foo:bar\\\\:baz",    "c:\\foo",            "bar\\\\:baz",
-    "c:\\foo\\bar\\baz",      "c:\\foo\\bar\\baz",  NULL,
-    "c:\\foo\\\\bar\\\\baz",  "c:\\foo\\bar\\baz",  NULL,
-    "c:\\foo\\",              "c:\\foo\\",          NULL,
-    "c:\\foo\\\\",            "c:\\foo\\",          NULL,
-    "c:\\foo:bar\\",          "c:\\foo",            "bar\\",
-    "c:\\foo:bar\\\\",        "c:\\foo",            "bar\\\\",
-    "c:\\foo:bar:",           "c:\\foo",            "bar:",
-    "c:\\foo\\::bar\\:",      "c:\\foo:",           "bar\\:",
-#endif
-    NULL,                     NULL,                 NULL,
+  struct cert {
+    const char *param;
+    const char *cert;
+    const char *passwd;
   };
-  const char **p;
+
+  static const struct cert values[] = {
+    /* -E parameter */        /* exp. cert name */  /* exp. passphrase */
+    {"foo:bar:baz",            "foo",                "bar:baz"},
+    {"foo\\:bar:baz",          "foo:bar",            "baz"},
+    {"foo\\\\:bar:baz",        "foo\\",              "bar:baz"},
+    {"foo:bar\\:baz",          "foo",                "bar\\:baz"},
+    {"foo:bar\\\\:baz",        "foo",                "bar\\\\:baz"},
+    {"foo\\bar\\baz",          "foo\\bar\\baz",      NULL},
+    {"foo\\\\bar\\\\baz",      "foo\\bar\\baz",      NULL},
+    {"foo\\",                  "foo\\",              NULL},
+    {"foo\\\\",                "foo\\",              NULL},
+    {"foo:bar\\",              "foo",                "bar\\"},
+    {"foo:bar\\\\",            "foo",                "bar\\\\"},
+    {"foo:bar:",               "foo",                "bar:"},
+    {"foo\\::bar\\:",          "foo:",               "bar\\:"},
+    {"pkcs11:foobar",          "pkcs11:foobar",      NULL},
+    {"PKCS11:foobar",          "PKCS11:foobar",      NULL},
+    {"PkCs11:foobar",          "PkCs11:foobar",      NULL},
+#ifdef _WIN32
+    {"c:\\foo:bar:baz",        "c:\\foo",            "bar:baz"},
+    {"c:\\foo\\:bar:baz",      "c:\\foo:bar",        "baz"},
+    {"c:\\foo\\\\:bar:baz",    "c:\\foo\\",          "bar:baz"},
+    {"c:\\foo:bar\\:baz",      "c:\\foo",            "bar\\:baz"},
+    {"c:\\foo:bar\\\\:baz",    "c:\\foo",            "bar\\\\:baz"},
+    {"c:\\foo\\bar\\baz",      "c:\\foo\\bar\\baz",  NULL},
+    {"c:\\foo\\\\bar\\\\baz",  "c:\\foo\\bar\\baz",  NULL},
+    {"c:\\foo\\",              "c:\\foo\\",          NULL},
+    {"c:\\foo\\\\",            "c:\\foo\\",          NULL},
+    {"c:\\foo:bar\\",          "c:\\foo",            "bar\\"},
+    {"c:\\foo:bar\\\\",        "c:\\foo",            "bar\\\\"},
+    {"c:\\foo:bar:",           "c:\\foo",            "bar:"},
+    {"c:\\foo\\::bar\\:",      "c:\\foo:",           "bar\\:"},
+#endif
+    {NULL, NULL, NULL}
+  };
+  const struct cert *p;
   char *certname, *passphrase;
-  for(p = values; *p; p += 3) {
-    parse_cert_parameter(p[0], &certname, &passphrase);
-    if(p[1]) {
+  ParameterError err;
+  for(p = &values[0]; p->param; p++) {
+    err = parse_cert_parameter(p->param, &certname, &passphrase);
+    if(!err) {
       if(certname) {
-        if(strcmp(p[1], certname)) {
+        if(strcmp(p->cert, certname)) {
           curl_mprintf("expected certname '%s' but got '%s' "
-                       "for -E param '%s'\n", p[1], certname, p[0]);
+                       "for -E param '%s'\n", p->cert, certname, p->param);
           fail("assertion failure");
         }
       }
       else {
         curl_mprintf("expected certname '%s' but got NULL "
-                     "for -E param '%s'\n", p[1], p[0]);
+                     "for -E param '%s'\n", p->cert, p->param);
         fail("assertion failure");
       }
     }
     else {
       if(certname) {
         curl_mprintf("expected certname NULL but got '%s' "
-                     "for -E param '%s'\n", certname, p[0]);
+                     "for -E param '%s'\n", certname, p->param);
         fail("assertion failure");
       }
     }
-    if(p[2]) {
+    if(p->passwd) {
       if(passphrase) {
-        if(strcmp(p[2], passphrase)) {
+        if(strcmp(p->passwd, passphrase)) {
           curl_mprintf("expected passphrase '%s' but got '%s'"
-                       "for -E param '%s'\n", p[2], passphrase, p[0]);
+                       "for -E param '%s'\n", p->passwd, passphrase, p->param);
           fail("assertion failure");
         }
       }
       else {
         curl_mprintf("expected passphrase '%s' but got NULL "
-                     "for -E param '%s'\n", p[2], p[0]);
+                     "for -E param '%s'\n", p->passwd, p->param);
         fail("assertion failure");
       }
     }
     else {
       if(passphrase) {
         curl_mprintf("expected passphrase NULL but got '%s' "
-                     "for -E param '%s'\n", passphrase, p[0]);
+                     "for -E param '%s'\n", passphrase, p->param);
         fail("assertion failure");
       }
     }

From 833efb437dd8fb8b3ff48274531b83a03798b24b Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 11 Nov 2025 22:40:31 +0100
Subject: [PATCH 0904/2408] openssl: exit properly on OOM when getting
 certchain

Previously, a momentary OOM error in the middle could produce a broken
result instead of correctly returning error.

Closes #19471
---
 lib/vtls/openssl.c | 197 ++++++++++++++++++++++++++-------------------
 1 file changed, 112 insertions(+), 85 deletions(-)

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index fd6396471c..80d01c3160 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -215,6 +215,13 @@ static CURLcode push_certinfo(struct Curl_easy *data,
   return result;
 }
 
+static CURLcode pubkey_show(struct Curl_easy *data,
+                            BIO *mem,
+                            int num,
+                            const char *type,
+                            const char *name,
+                            const BIGNUM *bn) WARN_UNUSED_RESULT;
+
 static CURLcode pubkey_show(struct Curl_easy *data,
                             BIO *mem,
                             int num,
@@ -231,7 +238,7 @@ static CURLcode pubkey_show(struct Curl_easy *data,
   return push_certinfo(data, mem, namebuf, num);
 }
 
-#define print_pubkey_BN(_type, _name, _num)              \
+#define print_pubkey_BN(_type, _name, _num)             \
   pubkey_show(data, mem, _num, #_type, #_name, _name)
 
 static int asn1_object_dump(const ASN1_OBJECT *a, char *buf, size_t len)
@@ -285,6 +292,103 @@ static CURLcode X509V3_ext(struct Curl_easy *data,
   return result;
 }
 
+static CURLcode get_pkey_rsa(struct Curl_easy *data,
+                             EVP_PKEY *pubkey, BIO *mem, int i)
+{
+  CURLcode result = CURLE_OK;
+#ifndef HAVE_EVP_PKEY_GET_PARAMS
+  RSA *rsa = EVP_PKEY_get0_RSA(pubkey);
+#endif /* !HAVE_EVP_PKEY_GET_PARAMS */
+  DECLARE_PKEY_PARAM_BIGNUM(n);
+  DECLARE_PKEY_PARAM_BIGNUM(e);
+#ifdef HAVE_EVP_PKEY_GET_PARAMS
+  EVP_PKEY_get_bn_param(pubkey, OSSL_PKEY_PARAM_RSA_N, &n);
+  EVP_PKEY_get_bn_param(pubkey, OSSL_PKEY_PARAM_RSA_E, &e);
+#else
+  RSA_get0_key(rsa, &n, &e, NULL);
+#endif /* HAVE_EVP_PKEY_GET_PARAMS */
+  BIO_printf(mem, "%d", n ? BN_num_bits(n) : 0);
+  result = push_certinfo(data, mem, "RSA Public Key", i);
+  if(!result) {
+    result = print_pubkey_BN(rsa, n, i);
+    if(!result)
+      result = print_pubkey_BN(rsa, e, i);
+  }
+  FREE_PKEY_PARAM_BIGNUM(n);
+  FREE_PKEY_PARAM_BIGNUM(e);
+  return result;
+}
+
+static CURLcode get_pkey_dsa(struct Curl_easy *data,
+                             EVP_PKEY *pubkey, BIO *mem, int i)
+{
+  CURLcode result = CURLE_OK;
+#ifndef OPENSSL_NO_DSA
+#ifndef HAVE_EVP_PKEY_GET_PARAMS
+  DSA *dsa = EVP_PKEY_get0_DSA(pubkey);
+#endif /* !HAVE_EVP_PKEY_GET_PARAMS */
+  DECLARE_PKEY_PARAM_BIGNUM(p);
+  DECLARE_PKEY_PARAM_BIGNUM(q);
+  DECLARE_PKEY_PARAM_BIGNUM(g);
+  DECLARE_PKEY_PARAM_BIGNUM(pub_key);
+#ifdef HAVE_EVP_PKEY_GET_PARAMS
+  EVP_PKEY_get_bn_param(pubkey, OSSL_PKEY_PARAM_FFC_P, &p);
+  EVP_PKEY_get_bn_param(pubkey, OSSL_PKEY_PARAM_FFC_Q, &q);
+  EVP_PKEY_get_bn_param(pubkey, OSSL_PKEY_PARAM_FFC_G, &g);
+  EVP_PKEY_get_bn_param(pubkey, OSSL_PKEY_PARAM_PUB_KEY, &pub_key);
+#else
+  DSA_get0_pqg(dsa, &p, &q, &g);
+  DSA_get0_key(dsa, &pub_key, NULL);
+#endif /* HAVE_EVP_PKEY_GET_PARAMS */
+  result = print_pubkey_BN(dsa, p, i);
+  if(!result)
+    result = print_pubkey_BN(dsa, q, i);
+  if(!result)
+    result = print_pubkey_BN(dsa, g, i);
+  if(!result)
+    result = print_pubkey_BN(dsa, pub_key, i);
+  FREE_PKEY_PARAM_BIGNUM(p);
+  FREE_PKEY_PARAM_BIGNUM(q);
+  FREE_PKEY_PARAM_BIGNUM(g);
+  FREE_PKEY_PARAM_BIGNUM(pub_key);
+#endif /* !OPENSSL_NO_DSA */
+  return result;
+}
+
+static CURLcode get_pkey_dh(struct Curl_easy *data,
+                            EVP_PKEY *pubkey, BIO *mem, int i)
+{
+  CURLcode result;
+#ifndef HAVE_EVP_PKEY_GET_PARAMS
+  DH *dh = EVP_PKEY_get0_DH(pubkey);
+#endif /* !HAVE_EVP_PKEY_GET_PARAMS */
+  DECLARE_PKEY_PARAM_BIGNUM(p);
+  DECLARE_PKEY_PARAM_BIGNUM(q);
+  DECLARE_PKEY_PARAM_BIGNUM(g);
+  DECLARE_PKEY_PARAM_BIGNUM(pub_key);
+#ifdef HAVE_EVP_PKEY_GET_PARAMS
+  EVP_PKEY_get_bn_param(pubkey, OSSL_PKEY_PARAM_FFC_P, &p);
+  EVP_PKEY_get_bn_param(pubkey, OSSL_PKEY_PARAM_FFC_Q, &q);
+  EVP_PKEY_get_bn_param(pubkey, OSSL_PKEY_PARAM_FFC_G, &g);
+  EVP_PKEY_get_bn_param(pubkey, OSSL_PKEY_PARAM_PUB_KEY, &pub_key);
+#else
+  DH_get0_pqg(dh, &p, &q, &g);
+  DH_get0_key(dh, &pub_key, NULL);
+#endif /* HAVE_EVP_PKEY_GET_PARAMS */
+  result = print_pubkey_BN(dh, p, i);
+  if(!result)
+    result = print_pubkey_BN(dh, q, i);
+  if(!result)
+    result = print_pubkey_BN(dh, g, i);
+  if(!result)
+    result = print_pubkey_BN(dh, pub_key, i);
+  FREE_PKEY_PARAM_BIGNUM(p);
+  FREE_PKEY_PARAM_BIGNUM(q);
+  FREE_PKEY_PARAM_BIGNUM(g);
+  FREE_PKEY_PARAM_BIGNUM(pub_key);
+  return result;
+}
+
 static CURLcode ossl_certchain(struct Curl_easy *data, SSL *ssl)
 {
   CURLcode result;
@@ -391,95 +495,18 @@ static CURLcode ossl_certchain(struct Curl_easy *data, SSL *ssl)
       infof(data, "   Unable to load public key");
     else {
       switch(EVP_PKEY_id(pubkey)) {
-      case EVP_PKEY_RSA: {
-#ifndef HAVE_EVP_PKEY_GET_PARAMS
-        RSA *rsa;
-        rsa = EVP_PKEY_get0_RSA(pubkey);
-#endif /* !HAVE_EVP_PKEY_GET_PARAMS */
-
-        {
-          DECLARE_PKEY_PARAM_BIGNUM(n);
-          DECLARE_PKEY_PARAM_BIGNUM(e);
-#ifdef HAVE_EVP_PKEY_GET_PARAMS
-          EVP_PKEY_get_bn_param(pubkey, OSSL_PKEY_PARAM_RSA_N, &n);
-          EVP_PKEY_get_bn_param(pubkey, OSSL_PKEY_PARAM_RSA_E, &e);
-#else
-          RSA_get0_key(rsa, &n, &e, NULL);
-#endif /* HAVE_EVP_PKEY_GET_PARAMS */
-          BIO_printf(mem, "%d", n ? BN_num_bits(n) : 0);
-          result = push_certinfo(data, mem, "RSA Public Key", i);
-          if(result)
-            break;
-          print_pubkey_BN(rsa, n, i);
-          print_pubkey_BN(rsa, e, i);
-          FREE_PKEY_PARAM_BIGNUM(n);
-          FREE_PKEY_PARAM_BIGNUM(e);
-        }
-
+      case EVP_PKEY_RSA:
+        result = get_pkey_rsa(data, pubkey, mem, i);
         break;
-      }
+
       case EVP_PKEY_DSA:
-      {
-#ifndef OPENSSL_NO_DSA
-#ifndef HAVE_EVP_PKEY_GET_PARAMS
-        DSA *dsa = EVP_PKEY_get0_DSA(pubkey);
-#endif /* !HAVE_EVP_PKEY_GET_PARAMS */
-        {
-          DECLARE_PKEY_PARAM_BIGNUM(p);
-          DECLARE_PKEY_PARAM_BIGNUM(q);
-          DECLARE_PKEY_PARAM_BIGNUM(g);
-          DECLARE_PKEY_PARAM_BIGNUM(pub_key);
-#ifdef HAVE_EVP_PKEY_GET_PARAMS
-          EVP_PKEY_get_bn_param(pubkey, OSSL_PKEY_PARAM_FFC_P, &p);
-          EVP_PKEY_get_bn_param(pubkey, OSSL_PKEY_PARAM_FFC_Q, &q);
-          EVP_PKEY_get_bn_param(pubkey, OSSL_PKEY_PARAM_FFC_G, &g);
-          EVP_PKEY_get_bn_param(pubkey, OSSL_PKEY_PARAM_PUB_KEY, &pub_key);
-#else
-          DSA_get0_pqg(dsa, &p, &q, &g);
-          DSA_get0_key(dsa, &pub_key, NULL);
-#endif /* HAVE_EVP_PKEY_GET_PARAMS */
-          print_pubkey_BN(dsa, p, i);
-          print_pubkey_BN(dsa, q, i);
-          print_pubkey_BN(dsa, g, i);
-          print_pubkey_BN(dsa, pub_key, i);
-          FREE_PKEY_PARAM_BIGNUM(p);
-          FREE_PKEY_PARAM_BIGNUM(q);
-          FREE_PKEY_PARAM_BIGNUM(g);
-          FREE_PKEY_PARAM_BIGNUM(pub_key);
-        }
-#endif /* !OPENSSL_NO_DSA */
+        result = get_pkey_dsa(data, pubkey, mem, i);
         break;
-      }
-      case EVP_PKEY_DH: {
-#ifndef HAVE_EVP_PKEY_GET_PARAMS
-        DH *dh = EVP_PKEY_get0_DH(pubkey);
-#endif /* !HAVE_EVP_PKEY_GET_PARAMS */
-        {
-          DECLARE_PKEY_PARAM_BIGNUM(p);
-          DECLARE_PKEY_PARAM_BIGNUM(q);
-          DECLARE_PKEY_PARAM_BIGNUM(g);
-          DECLARE_PKEY_PARAM_BIGNUM(pub_key);
-#ifdef HAVE_EVP_PKEY_GET_PARAMS
-          EVP_PKEY_get_bn_param(pubkey, OSSL_PKEY_PARAM_FFC_P, &p);
-          EVP_PKEY_get_bn_param(pubkey, OSSL_PKEY_PARAM_FFC_Q, &q);
-          EVP_PKEY_get_bn_param(pubkey, OSSL_PKEY_PARAM_FFC_G, &g);
-          EVP_PKEY_get_bn_param(pubkey, OSSL_PKEY_PARAM_PUB_KEY, &pub_key);
-#else
-          DH_get0_pqg(dh, &p, &q, &g);
-          DH_get0_key(dh, &pub_key, NULL);
-#endif /* HAVE_EVP_PKEY_GET_PARAMS */
-          print_pubkey_BN(dh, p, i);
-          print_pubkey_BN(dh, q, i);
-          print_pubkey_BN(dh, g, i);
-          print_pubkey_BN(dh, pub_key, i);
-          FREE_PKEY_PARAM_BIGNUM(p);
-          FREE_PKEY_PARAM_BIGNUM(q);
-          FREE_PKEY_PARAM_BIGNUM(g);
-          FREE_PKEY_PARAM_BIGNUM(pub_key);
-        }
+
+      case EVP_PKEY_DH:
+        result = get_pkey_dh(data, pubkey, mem, i);
         break;
       }
-      }
       EVP_PKEY_free(pubkey);
     }
 

From 6dac2631df4b513e89464c29b257d168ce32155e Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 18 Nov 2025 14:29:36 +0100
Subject: [PATCH 0905/2408] url: if OOM in parse_proxy() return error

Closes #19590
---
 lib/url.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/lib/url.c b/lib/url.c
index cf34514b1a..527d698390 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -2285,7 +2285,11 @@ static CURLcode parse_proxy(struct Curl_easy *data,
     conn->bits.proxy_user_passwd = TRUE; /* enable it */
   }
 
-  (void)curl_url_get(uhp, CURLUPART_PORT, &portptr, 0);
+  uc = curl_url_get(uhp, CURLUPART_PORT, &portptr, 0);
+  if(uc == CURLUE_OUT_OF_MEMORY) {
+    result = CURLE_OUT_OF_MEMORY;
+    goto error;
+  }
 
   if(portptr) {
     curl_off_t num;

From 80005b4c8a5743aa48f6164f5da602cd8416451d Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 18 Nov 2025 15:00:50 +0100
Subject: [PATCH 0906/2408] cookie: return error on OOM

Follow-up to 3f0629ca443825916cbc0795bcd5f241fbf710
Closes #19591
---
 lib/cookie.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/lib/cookie.c b/lib/cookie.c
index c7dedc95e8..85356d563b 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -464,10 +464,11 @@ parse_cookie_header(struct Curl_easy *data,
           return CURLE_OK;
 
         strstore(&co->name, curlx_str(&name), curlx_strlen(&name));
-        strstore(&co->value, curlx_str(&val), curlx_strlen(&val));
-        done = TRUE;
+        if(co->name)
+          strstore(&co->value, curlx_str(&val), curlx_strlen(&val));
         if(!co->name || !co->value)
-          return CURLE_OK;
+          return CURLE_OUT_OF_MEMORY;
+        done = TRUE;
 
         if(invalid_octets(co->value) || invalid_octets(co->name)) {
           infof(data, "invalid octets in name/value, cookie dropped");

From 97169a91d9ce0efef2bea7a185b1daa3c1f376be Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 18 Nov 2025 16:13:28 +0100
Subject: [PATCH 0907/2408] hsts: propagate and error out correctly on OOM

Closes #19593
---
 lib/hsts.c     | 8 ++++++--
 lib/hsts.h     | 4 ++--
 lib/transfer.c | 7 ++++---
 3 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/lib/hsts.c b/lib/hsts.c
index 437851b8ba..ec332392c4 100644
--- a/lib/hsts.c
+++ b/lib/hsts.c
@@ -571,18 +571,22 @@ CURLcode Curl_hsts_loadcb(struct Curl_easy *data, struct hsts *h)
   return CURLE_OK;
 }
 
-void Curl_hsts_loadfiles(struct Curl_easy *data)
+CURLcode Curl_hsts_loadfiles(struct Curl_easy *data)
 {
+  CURLcode result = CURLE_OK;
   struct curl_slist *l = data->state.hstslist;
   if(l) {
     Curl_share_lock(data, CURL_LOCK_DATA_HSTS, CURL_LOCK_ACCESS_SINGLE);
 
     while(l) {
-      (void)Curl_hsts_loadfile(data, data->hsts, l->data);
+      result = Curl_hsts_loadfile(data, data->hsts, l->data);
+      if(result)
+        break;
       l = l->next;
     }
     Curl_share_unlock(data, CURL_LOCK_DATA_HSTS);
   }
+  return result;
 }
 
 #if defined(DEBUGBUILD) || defined(UNITTESTS)
diff --git a/lib/hsts.h b/lib/hsts.h
index 8ec9637cb0..cb83ada790 100644
--- a/lib/hsts.h
+++ b/lib/hsts.h
@@ -59,11 +59,11 @@ CURLcode Curl_hsts_loadfile(struct Curl_easy *data,
                             struct hsts *h, const char *file);
 CURLcode Curl_hsts_loadcb(struct Curl_easy *data,
                           struct hsts *h);
-void Curl_hsts_loadfiles(struct Curl_easy *data);
+CURLcode Curl_hsts_loadfiles(struct Curl_easy *data);
 #else
 #define Curl_hsts_cleanup(x)
 #define Curl_hsts_loadcb(x,y) CURLE_OK
 #define Curl_hsts_save(x,y,z)
-#define Curl_hsts_loadfiles(x)
+#define Curl_hsts_loadfiles(x) CURLE_OK
 #endif /* CURL_DISABLE_HTTP || CURL_DISABLE_HSTS */
 #endif /* HEADER_CURL_HSTS_H */
diff --git a/lib/transfer.c b/lib/transfer.c
index 2b06566f73..b576e6b88d 100644
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -554,8 +554,9 @@ CURLcode Curl_pretransfer(struct Curl_easy *data)
   if(!result && data->state.resolve)
     result = Curl_loadhostpairs(data);
 
-  /* If there is a list of hsts files to read */
-  Curl_hsts_loadfiles(data);
+  if(!result)
+    /* If there is a list of hsts files to read */
+    result = Curl_hsts_loadfiles(data);
 
   if(!result) {
     /* Allow data->set.use_port to set which port to use. This needs to be
@@ -608,7 +609,7 @@ CURLcode Curl_pretransfer(struct Curl_easy *data)
    * basically anything through an HTTP proxy we cannot limit this based on
    * protocol.
    */
-  if(data->set.str[STRING_USERAGENT]) {
+  if(!result && data->set.str[STRING_USERAGENT]) {
     free(data->state.aptr.uagent);
     data->state.aptr.uagent =
       curl_maprintf("User-Agent: %s\r\n", data->set.str[STRING_USERAGENT]);

From de49cc89abc917cb4f273ebea8c6fb584d097de2 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 11 Nov 2025 20:21:44 +0100
Subject: [PATCH 0908/2408] tests/data: more XML-compliance via `%LT` and `%GT`
 macros in email addresses

Reduce number of files failing `xmllint --format` from 133 to 57 (-76)
(3% of 1894), by replacing `<` and `>` with new macro `%LT` and `%GT`,
in most places, which is in email addresses (192 lines).

Follow-up to a9ec2a676c4257cf522a4349fb24fa547ed48aad #19491

Closes #19470
---
 tests/data/test1015 |  2 +-
 tests/data/test1187 |  6 +++---
 tests/data/test1221 |  2 +-
 tests/data/test1320 |  4 ++--
 tests/data/test1406 |  6 +++---
 tests/data/test1507 |  4 ++--
 tests/data/test1520 |  4 ++--
 tests/data/test1711 |  4 ++--
 tests/data/test3002 | 12 ++++++------
 tests/data/test3003 | 12 ++++++------
 tests/data/test3004 | 12 ++++++------
 tests/data/test3005 | 12 ++++++------
 tests/data/test3006 | 12 ++++++------
 tests/data/test3007 |  4 ++--
 tests/data/test3209 |  8 ++++----
 tests/data/test3210 |  8 ++++----
 tests/data/test3215 |  6 +++---
 tests/data/test646  |  8 ++++----
 tests/data/test647  |  8 ++++----
 tests/data/test648  |  4 ++--
 tests/data/test649  |  4 ++--
 tests/data/test652  |  4 ++--
 tests/data/test805  |  8 ++++----
 tests/data/test864  |  2 +-
 tests/data/test900  |  4 ++--
 tests/data/test901  |  4 ++--
 tests/data/test902  |  4 ++--
 tests/data/test903  |  4 ++--
 tests/data/test904  |  4 ++--
 tests/data/test905  |  4 ++--
 tests/data/test906  |  4 ++--
 tests/data/test907  |  4 ++--
 tests/data/test908  |  4 ++--
 tests/data/test909  |  4 ++--
 tests/data/test910  |  4 ++--
 tests/data/test911  |  4 ++--
 tests/data/test912  |  4 ++--
 tests/data/test913  |  2 +-
 tests/data/test914  |  2 +-
 tests/data/test915  |  4 ++--
 tests/data/test916  |  4 ++--
 tests/data/test917  | 12 ++++++------
 tests/data/test918  |  6 +++---
 tests/data/test919  |  4 ++--
 tests/data/test920  |  4 ++--
 tests/data/test921  |  4 ++--
 tests/data/test922  |  4 ++--
 tests/data/test924  |  6 +++---
 tests/data/test927  |  6 +++---
 tests/data/test935  |  4 ++--
 tests/data/test936  |  4 ++--
 tests/data/test937  |  4 ++--
 tests/data/test938  |  8 ++++----
 tests/data/test939  |  4 ++--
 tests/data/test940  |  4 ++--
 tests/data/test941  |  4 ++--
 tests/data/test942  |  4 ++--
 tests/data/test943  |  4 ++--
 tests/data/test944  |  4 ++--
 tests/data/test945  |  4 ++--
 tests/data/test946  |  4 ++--
 tests/data/test947  |  4 ++--
 tests/data/test950  |  2 +-
 tests/data/test951  |  4 ++--
 tests/data/test952  |  4 ++--
 tests/data/test953  |  4 ++--
 tests/data/test955  |  2 +-
 tests/data/test956  |  4 ++--
 tests/data/test959  |  2 +-
 tests/data/test960  |  4 ++--
 tests/data/test962  |  4 ++--
 tests/data/test963  |  4 ++--
 tests/data/test965  |  4 ++--
 tests/data/test966  |  4 ++--
 tests/data/test969  |  6 +++---
 tests/data/test981  |  4 ++--
 tests/data/test984  |  4 ++--
 tests/data/test987  |  4 ++--
 tests/data/test992  |  4 ++--
 tests/testutil.pm   |  2 ++
 80 files changed, 195 insertions(+), 193 deletions(-)

diff --git a/tests/data/test1015 b/tests/data/test1015
index beabcd1b90..9f2a53d49a 100644
--- a/tests/data/test1015
+++ b/tests/data/test1015
@@ -31,7 +31,7 @@ http
 http://%HOSTIP:%HTTPPORT/%TESTNUMBER --data-urlencode "my name is moo[]" --data-urlencode "y e s=s_i_r" --data-urlencode "v_alue@%LOGDIR/%TESTNUMBER.txt" --data-urlencode @%LOGDIR/%TESTNUMBER.txt
 
 
-content to _?!#$'|<>
+content to _?!#$'|%LT%GT
 
 
 
diff --git a/tests/data/test1187 b/tests/data/test1187
index 82debafd04..fdfadd847f 100644
--- a/tests/data/test1187
+++ b/tests/data/test1187
@@ -30,7 +30,7 @@ To: another
 body
 
 
-smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -F  "=This is the mail text" -F '=File content;filename="strange\file\"name"'
+smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -F "=This is the mail text" -F '=File content;filename="strange\file\"name"'
 
 
 
@@ -43,8 +43,8 @@ s/boundary=------------------------[A-Za-z0-9]*/boundary=-----------------------
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test1221 b/tests/data/test1221
index 6a410d95b8..1bfc61bdee 100644
--- a/tests/data/test1221
+++ b/tests/data/test1221
@@ -32,7 +32,7 @@ http
 http://%HOSTIP:%HTTPPORT/%TESTNUMBER --url-query "my name is moo[]" --url-query "yes=s i r" --url-query "v_alue@%LOGDIR/%TESTNUMBER.txt" --url-query @%LOGDIR/%TESTNUMBER.txt --url-query "+%3d%3d" --data-urlencode "start=once upon the time"
 
 
-content to _?!#$'|<>
+content to _?!#$'|%LT%GT
 
 
 
diff --git a/tests/data/test1320 b/tests/data/test1320
index 92a23a4e9f..8c189ee9c7 100644
--- a/tests/data/test1320
+++ b/tests/data/test1320
@@ -48,8 +48,8 @@ smtp://smtp.%TESTNUMBER:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test1406 b/tests/data/test1406
index bdd142159d..492b5b8b31 100644
--- a/tests/data/test1406
+++ b/tests/data/test1406
@@ -49,9 +49,9 @@ ftp
 
 
 EHLO %TESTNUMBER
-MAIL FROM: SIZE=38
-RCPT TO:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT SIZE=38
+RCPT TO:%LTrecipient.one@example.com%GT
+RCPT TO:%LTrecipient.two@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test1507 b/tests/data/test1507
index afc8712056..f48eff4de8 100644
--- a/tests/data/test1507
+++ b/tests/data/test1507
@@ -41,8 +41,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER
 
 
 EHLO %TESTNUMBER
-MAIL FROM:<%TESTNUMBER-realuser@example.com>
-RCPT TO:<%TESTNUMBER-recipient@example.com>
+MAIL FROM:%LT%TESTNUMBER-realuser@example.com%GT
+RCPT TO:%LT%TESTNUMBER-recipient@example.com%GT
 DATA
 
 
diff --git a/tests/data/test1520 b/tests/data/test1520
index f49b914779..acd3413e2c 100644
--- a/tests/data/test1520
+++ b/tests/data/test1520
@@ -41,8 +41,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test1711 b/tests/data/test1711
index 709266eac6..d7725e96e5 100644
--- a/tests/data/test1711
+++ b/tests/data/test1711
@@ -35,8 +35,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test3002 b/tests/data/test3002
index ffb6e49a49..fdb657bd71 100644
--- a/tests/data/test3002
+++ b/tests/data/test3002
@@ -43,12 +43,12 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
-RCPT TO:
-RCPT TO:
-RCPT TO:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTinvalid.one%GT
+RCPT TO:%LTrecipient.two@example.com%GT
+RCPT TO:%LTrecipient.three@example.com%GT
+RCPT TO:%LTrecipient.four@example.com%GT
+RCPT TO:%LTrecipient.five@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test3003 b/tests/data/test3003
index 07c72f0798..f382e0ec58 100644
--- a/tests/data/test3003
+++ b/tests/data/test3003
@@ -43,12 +43,12 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
-RCPT TO:
-RCPT TO:
-RCPT TO:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient.one@example.com%GT
+RCPT TO:%LTrecipient.two@example.com%GT
+RCPT TO:%LTrecipient.three@example.com%GT
+RCPT TO:%LTrecipient.four@example.com%GT
+RCPT TO:%LTinvalid.five%GT
 DATA
 QUIT
 
diff --git a/tests/data/test3004 b/tests/data/test3004
index 52ef1188b9..d11e3dafe5 100644
--- a/tests/data/test3004
+++ b/tests/data/test3004
@@ -43,12 +43,12 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
-RCPT TO:
-RCPT TO:
-RCPT TO:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient.one@example.com%GT
+RCPT TO:%LTrecipient.two@example.com%GT
+RCPT TO:%LTinvalid.three%GT
+RCPT TO:%LTrecipient.four@example.com%GT
+RCPT TO:%LTrecipient.five@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test3005 b/tests/data/test3005
index 68dedd2fc0..725cfce20c 100644
--- a/tests/data/test3005
+++ b/tests/data/test3005
@@ -43,12 +43,12 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
-RCPT TO:
-RCPT TO:
-RCPT TO:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTinvalid.one%GT
+RCPT TO:%LTrecipient.two@example.com%GT
+RCPT TO:%LTinvalid.three%GT
+RCPT TO:%LTinvalid.four%GT
+RCPT TO:%LTinvalid.five%GT
 DATA
 QUIT
 
diff --git a/tests/data/test3006 b/tests/data/test3006
index d5086c23d6..2c705448da 100644
--- a/tests/data/test3006
+++ b/tests/data/test3006
@@ -47,12 +47,12 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
-RCPT TO:
-RCPT TO:
-RCPT TO:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTinvalid.one%GT
+RCPT TO:%LTinvalid.two%GT
+RCPT TO:%LTinvalid.three%GT
+RCPT TO:%LTinvalid.four%GT
+RCPT TO:%LTinvalid.five%GT
 QUIT
 
 
diff --git a/tests/data/test3007 b/tests/data/test3007
index 3cc0aedc86..752aafb2b3 100644
--- a/tests/data/test3007
+++ b/tests/data/test3007
@@ -43,8 +43,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTinvalid.one%GT
 QUIT
 
 
diff --git a/tests/data/test3209 b/tests/data/test3209
index 4c1c1888eb..d9cac89867 100644
--- a/tests/data/test3209
+++ b/tests/data/test3209
@@ -27,10 +27,10 @@ imap://%HOSTIP:%IMAPPORT/%TESTNUMBER -T %LOGDIR/upload%TESTNUMBER -u user:secret
 
 
 Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)
-From: Fred Foobar 
+From: Fred Foobar %LTfoobar@example.COM%GT
 Subject: afternoon meeting
 To: joe@example.com
-Message-Id: 
+Message-Id: %LTB27397-0100000@example.COM%GT
 MIME-Version: 1.0
 Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
 
@@ -49,10 +49,10 @@ A004 LOGOUT
 
 
 Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)
-From: Fred Foobar 
+From: Fred Foobar %LTfoobar@example.COM%GT
 Subject: afternoon meeting
 To: joe@example.com
-Message-Id: 
+Message-Id: %LTB27397-0100000@example.COM%GT
 MIME-Version: 1.0
 Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
 
diff --git a/tests/data/test3210 b/tests/data/test3210
index 7056b9c644..2cf71305e4 100644
--- a/tests/data/test3210
+++ b/tests/data/test3210
@@ -27,10 +27,10 @@ imap://%HOSTIP:%IMAPPORT/%TESTNUMBER -T %LOGDIR/upload%TESTNUMBER -u user:secret
 
 
 Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)
-From: Fred Foobar 
+From: Fred Foobar %LTfoobar@example.COM%GT
 Subject: afternoon meeting
 To: joe@example.com
-Message-Id: 
+Message-Id: %LTB27397-0100000@example.COM%GT
 MIME-Version: 1.0
 Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
 
@@ -49,10 +49,10 @@ A004 LOGOUT
 
 
 Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)
-From: Fred Foobar 
+From: Fred Foobar %LTfoobar@example.COM%GT
 Subject: afternoon meeting
 To: joe@example.com
-Message-Id: 
+Message-Id: %LTB27397-0100000@example.COM%GT
 MIME-Version: 1.0
 Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
 
diff --git a/tests/data/test3215 b/tests/data/test3215
index 97183c21d4..49d78e30c8 100644
--- a/tests/data/test3215
+++ b/tests/data/test3215
@@ -31,7 +31,7 @@ To: another
 body
 
 
-smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt " NOTIFY=SUCCESS,FAILURE" --mail-from " RET=HDRS" -T -
+smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt "%LTrecipient@example.com%GT NOTIFY=SUCCESS,FAILURE" --mail-from "%LTsender@example.com%GT RET=HDRS" -T -
 
 
 
@@ -40,8 +40,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt " NOTIFY
 
 
 EHLO %TESTNUMBER
-MAIL FROM: RET=HDRS
-RCPT TO: NOTIFY=SUCCESS,FAILURE
+MAIL FROM:%LTsender@example.com%GT RET=HDRS
+RCPT TO:%LTrecipient@example.com%GT NOTIFY=SUCCESS,FAILURE
 DATA
 QUIT
 
diff --git a/tests/data/test646 b/tests/data/test646
index cc400604db..1ef0c9f21b 100644
--- a/tests/data/test646
+++ b/tests/data/test646
@@ -40,7 +40,7 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER
 -F "=@%LOGDIR/test%TESTNUMBER.txt;headers=<%LOGDIR/headers%TESTNUMBER"
 -H "From: different"
 -H "To: another"
--H "Reply-To: "
+-H "Reply-To: %LTfollowup@example.com%GT"
 
 
 This is an attached file.
@@ -66,8 +66,8 @@ s/boundary=------------------------[A-Za-z0-9]*/boundary=-----------------------
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
@@ -76,7 +76,7 @@ Content-Type: multipart/mixed; boundary=----------------------------%CR
 Mime-Version: 1.0%CR
 From: different%CR
 To: another%CR
-Reply-To: %CR
+Reply-To: %LTfollowup@example.com%GT%CR
 %CR
 ------------------------------%CR
 Content-Type: multipart/alternative; boundary=----------------------------%CR
diff --git a/tests/data/test647 b/tests/data/test647
index e6edb72c68..47297776ce 100644
--- a/tests/data/test647
+++ b/tests/data/test647
@@ -33,9 +33,9 @@ imap://%HOSTIP:%IMAPPORT/%TESTNUMBER
 -F "=)"
 -F "=@%LOGDIR/test%TESTNUMBER.txt"
 -H "Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)"
--H "From: Fred Foobar "
+-H "From: Fred Foobar %LTfoobar@example.com%GT"
 -H "To: joe@example.com"
--H "Message-Id: "
+-H "Message-Id: %LTB27397-0100000@example.com%GT"
 -H "Subject: afternoon meeting"
 -u user:secret
 
@@ -63,9 +63,9 @@ A004 LOGOUT
 Content-Type: multipart/mixed; boundary=----------------------------%CR
 Mime-Version: 1.0%CR
 Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)%CR
-From: Fred Foobar %CR
+From: Fred Foobar %LTfoobar@example.com%GT%CR
 To: joe@example.com%CR
-Message-Id: %CR
+Message-Id: %LTB27397-0100000@example.com%GT%CR
 Subject: afternoon meeting%CR
 %CR
 ------------------------------%CR
diff --git a/tests/data/test648 b/tests/data/test648
index d36823e88f..3123c33e34 100644
--- a/tests/data/test648
+++ b/tests/data/test648
@@ -54,8 +54,8 @@ s/boundary=------------------------[A-Za-z0-9]*/boundary=-----------------------
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test649 b/tests/data/test649
index 97f4f099ca..0e66c9d2f3 100644
--- a/tests/data/test649
+++ b/tests/data/test649
@@ -44,8 +44,8 @@ It contains at least an 8-bit byte value.
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 
 
diff --git a/tests/data/test652 b/tests/data/test652
index 25e5a6d9e3..4130012848 100644
--- a/tests/data/test652
+++ b/tests/data/test652
@@ -41,8 +41,8 @@ s/boundary=------------------------[A-Za-z0-9]*/boundary=-----------------------
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsomebody@example.com%GT
+RCPT TO:%LTsomeone@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test805 b/tests/data/test805
index eadd8a4cb7..834d7c1de4 100644
--- a/tests/data/test805
+++ b/tests/data/test805
@@ -27,10 +27,10 @@ imap://%HOSTIP:%IMAPPORT/%TESTNUMBER -T %LOGDIR/upload%TESTNUMBER -u user:secret
 
 
 Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)
-From: Fred Foobar 
+From: Fred Foobar %LTfoobar@example.COM%GT
 Subject: afternoon meeting
 To: joe@example.com
-Message-Id: 
+Message-Id: %LTB27397-0100000@example.COM%GT
 MIME-Version: 1.0
 Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
 
@@ -49,10 +49,10 @@ A004 LOGOUT
 
 
 Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)
-From: Fred Foobar 
+From: Fred Foobar %LTfoobar@example.COM%GT
 Subject: afternoon meeting
 To: joe@example.com
-Message-Id: 
+Message-Id: %LTB27397-0100000@example.COM%GT
 MIME-Version: 1.0
 Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
 
diff --git a/tests/data/test864 b/tests/data/test864
index a21fc25175..80b7b462a5 100644
--- a/tests/data/test864
+++ b/tests/data/test864
@@ -11,7 +11,7 @@ APOP
 
 
 CAPA APOP
-REPLY welcome +OK curl POP3 server ready to serve <1972.987654321\@curl>
+REPLY welcome +OK curl POP3 server ready to serve %LT1972.987654321\@curl%GT
 
 
 From: me@somewhere
diff --git a/tests/data/test900 b/tests/data/test900
index 8eb433b78e..59468252e5 100644
--- a/tests/data/test900
+++ b/tests/data/test900
@@ -37,8 +37,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test901 b/tests/data/test901
index 7e0b7034ac..8e3ca8ad3c 100644
--- a/tests/data/test901
+++ b/tests/data/test901
@@ -41,8 +41,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test902 b/tests/data/test902
index b913e4fcc8..ccf213a9cd 100644
--- a/tests/data/test902
+++ b/tests/data/test902
@@ -41,8 +41,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr
 
 EHLO %TESTNUMBER
 HELO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test903 b/tests/data/test903
index 07c2cd3d3a..13d6bc0ecc 100644
--- a/tests/data/test903
+++ b/tests/data/test903
@@ -43,8 +43,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr
 EHLO %TESTNUMBER
 AUTH PLAIN
 AHVzZXIAc2VjcmV0
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test904 b/tests/data/test904
index 1c60c28fe5..81c6b107bc 100644
--- a/tests/data/test904
+++ b/tests/data/test904
@@ -44,8 +44,8 @@ EHLO %TESTNUMBER
 AUTH LOGIN
 dXNlcg==
 c2VjcmV0
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test905 b/tests/data/test905
index 2c6f6e7c57..fe6a62f806 100644
--- a/tests/data/test905
+++ b/tests/data/test905
@@ -47,8 +47,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr
 EHLO %TESTNUMBER
 AUTH CRAM-MD5
 dXNlciA3MDMxNzI1NTk5ZmRiYjVkNDEyNjg5YWEzMjNlM2UwYg==
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test906 b/tests/data/test906
index 4b99598e37..c19ece3cd2 100644
--- a/tests/data/test906
+++ b/tests/data/test906
@@ -50,8 +50,8 @@ EHLO %TESTNUMBER
 AUTH NTLM
 TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
 TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04=
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test907 b/tests/data/test907
index 48ae320b81..d4bab329dc 100644
--- a/tests/data/test907
+++ b/tests/data/test907
@@ -54,8 +54,8 @@ EHLO %TESTNUMBER
 AUTH DIGEST-MD5
 dXNlcm5hbWU9InVzZXIiLHJlYWxtPSJjdXJsIixub25jZT0iNTMwMGQxN2ExZDY5NWJkNDExZTRjZGY5NmY5NTQ4YzIzY2VkNjE3NSIsY25vbmNlPSIzNDMzMzIzMTM1MzMzMjMxMzYzMzMyMzEzNzMzMzIzMSIsbmM9IjAwMDAwMDAxIixkaWdlc3QtdXJpPSJzbXRwLzEyNy4wLjAuMSIscmVzcG9uc2U9YTI3YzQzOTVmMzM4Njc0M2JlMTIyMDdiN2QxMTIxYzUscW9wPWF1dGg=
 
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test908 b/tests/data/test908
index 7bd4d5190b..4d8291186e 100644
--- a/tests/data/test908
+++ b/tests/data/test908
@@ -43,8 +43,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr
 EHLO %TESTNUMBER
 AUTH XOAUTH2
 dXNlcj11c2VyAWF1dGg9QmVhcmVyIG1GXzkuQjVmLTQuMUpxTQEB
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test909 b/tests/data/test909
index 91b7207257..0290eef8dd 100644
--- a/tests/data/test909
+++ b/tests/data/test909
@@ -35,8 +35,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test910 b/tests/data/test910
index bc572a36ee..60911603a7 100644
--- a/tests/data/test910
+++ b/tests/data/test910
@@ -35,8 +35,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test911 b/tests/data/test911
index 0ee44f2b84..9ee0fd7bf4 100644
--- a/tests/data/test911
+++ b/tests/data/test911
@@ -34,8 +34,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test912 b/tests/data/test912
index a5e284c7e6..0cdc9ca4f6 100644
--- a/tests/data/test912
+++ b/tests/data/test912
@@ -39,8 +39,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr
 
 
 EHLO %TESTNUMBER
-MAIL FROM: SIZE=38
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT SIZE=38
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test913 b/tests/data/test913
index 20373cf183..8e9c0429a8 100644
--- a/tests/data/test913
+++ b/tests/data/test913
@@ -43,7 +43,7 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr
 
 
 EHLO %TESTNUMBER
-MAIL FROM: SIZE=38
+MAIL FROM:%LTsender@example.com%GT SIZE=38
 QUIT
 
 
diff --git a/tests/data/test914 b/tests/data/test914
index a4a617a8be..0891b5fd6d 100644
--- a/tests/data/test914
+++ b/tests/data/test914
@@ -42,7 +42,7 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
+MAIL FROM:%LTinvalid%GT
 QUIT
 
 
diff --git a/tests/data/test915 b/tests/data/test915
index 5243da9003..3a761b4bbe 100644
--- a/tests/data/test915
+++ b/tests/data/test915
@@ -35,8 +35,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com -T -
 
 
 EHLO %TESTNUMBER
-MAIL FROM:<>
-RCPT TO:
+MAIL FROM:%LT%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test916 b/tests/data/test916
index 9d25ccae3d..e0108edb9f 100644
--- a/tests/data/test916
+++ b/tests/data/test916
@@ -39,8 +39,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt invalid --mail-from sender@exam
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTinvalid%GT
 QUIT
 
 
diff --git a/tests/data/test917 b/tests/data/test917
index 3ccc533452..a28ce3d3bc 100644
--- a/tests/data/test917
+++ b/tests/data/test917
@@ -42,12 +42,12 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
-RCPT TO:
-RCPT TO:
-RCPT TO:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient.one@example.com%GT
+RCPT TO:%LTrecipient.two@example.com%GT
+RCPT TO:%LTrecipient.three@example.com%GT
+RCPT TO:%LTrecipient.four@example.com%GT
+RCPT TO:%LTrecipient.five@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test918 b/tests/data/test918
index d81b44db16..9507b769db 100644
--- a/tests/data/test918
+++ b/tests/data/test918
@@ -46,9 +46,9 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient.one@example.com%GT
+RCPT TO:%LTinvalid%GT
 QUIT
 
 
diff --git a/tests/data/test919 b/tests/data/test919
index 0d2ff8e119..97739093f3 100644
--- a/tests/data/test919
+++ b/tests/data/test919
@@ -42,8 +42,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr
 
 EHLO %TESTNUMBER
 AUTH PLAIN AHVzZXIAc2VjcmV0
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test920 b/tests/data/test920
index 8720386662..8f4c981a26 100644
--- a/tests/data/test920
+++ b/tests/data/test920
@@ -43,8 +43,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr
 EHLO %TESTNUMBER
 AUTH LOGIN dXNlcg==
 c2VjcmV0
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test921 b/tests/data/test921
index 664b98d80c..3bed5ed0f0 100644
--- a/tests/data/test921
+++ b/tests/data/test921
@@ -49,8 +49,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr
 EHLO %TESTNUMBER
 AUTH NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
 TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04=
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test922 b/tests/data/test922
index a8b1e20a44..d370087629 100644
--- a/tests/data/test922
+++ b/tests/data/test922
@@ -42,8 +42,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr
 
 EHLO %TESTNUMBER
 AUTH XOAUTH2 dXNlcj11c2VyAWF1dGg9QmVhcmVyIG1GXzkuQjVmLTQuMUpxTQEB
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test924 b/tests/data/test924
index 986b4e9956..c1bd9f2286 100644
--- a/tests/data/test924
+++ b/tests/data/test924
@@ -11,9 +11,9 @@ VRFY
 
 
 553-Ambiguous; Possibilities are:
-553-Joe Smith 
-553-Harry Smith 
-553 Melvin Smith 
+553-Joe Smith %LTjoe.smith@example.com%GT
+553-Harry Smith %LTharry.smith@example.com%GT
+553 Melvin Smith %LTmelvin.smith@example.com%GT
 
 
 
diff --git a/tests/data/test927 b/tests/data/test927
index 7c81632d9b..173caa2907 100644
--- a/tests/data/test927
+++ b/tests/data/test927
@@ -11,9 +11,9 @@ CUSTOMREQUEST
 # Server-side
 
 
-250-Joe Smith 
-250-Harry Smith 
-250 Melvin Smith 
+250-Joe Smith %LTjoe.smith@example.com%GT
+250-Harry Smith %LTharry.smith@example.com%GT
+250 Melvin Smith %LTmelvin.smith@example.com%GT
 
 
 
diff --git a/tests/data/test935 b/tests/data/test935
index 5f0dc9b0d3..07e7387cff 100644
--- a/tests/data/test935
+++ b/tests/data/test935
@@ -53,8 +53,8 @@ AUTH CRAM-MD5
 *
 AUTH PLAIN
 AHVzZXIAc2VjcmV0
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test936 b/tests/data/test936
index cd0fe30e3f..3586ed965a 100644
--- a/tests/data/test936
+++ b/tests/data/test936
@@ -55,8 +55,8 @@ TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
 *
 AUTH PLAIN
 AHVzZXIAc2VjcmV0
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test937 b/tests/data/test937
index 8060d8e940..9c8641a178 100644
--- a/tests/data/test937
+++ b/tests/data/test937
@@ -55,8 +55,8 @@ AUTH DIGEST-MD5
 *
 AUTH PLAIN
 AHVzZXIAc2VjcmV0
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test938 b/tests/data/test938
index a77a3a08e1..70d6b20748 100644
--- a/tests/data/test938
+++ b/tests/data/test938
@@ -46,15 +46,15 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER002 --mail-rcpt recipient@example.com --mail
 EHLO %TESTNUMBER001
 AUTH PLAIN
 dXNlci5vbmUAdXNlci5vbmUAc2VjcmV0
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 EHLO %TESTNUMBER002
 AUTH PLAIN
 dXNlci50d28AdXNlci50d28Ac2VjcmV0
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test939 b/tests/data/test939
index 68fc9f87c7..bebc9286c8 100644
--- a/tests/data/test939
+++ b/tests/data/test939
@@ -37,8 +37,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr
 
 EHLO %TESTNUMBER
 HELO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test940 b/tests/data/test940
index fa64163bd9..4395698a19 100644
--- a/tests/data/test940
+++ b/tests/data/test940
@@ -32,8 +32,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test941 b/tests/data/test941
index 36544e43c8..06a65b86da 100644
--- a/tests/data/test941
+++ b/tests/data/test941
@@ -44,8 +44,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test942 b/tests/data/test942
index 664ba4ea7d..7d2b40e6d0 100644
--- a/tests/data/test942
+++ b/tests/data/test942
@@ -43,8 +43,8 @@ mail body
 EHLO %TESTNUMBER
 AUTH EXTERNAL
 dXNlcg==
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test943 b/tests/data/test943
index 2003caf904..6244ca5bd1 100644
--- a/tests/data/test943
+++ b/tests/data/test943
@@ -43,8 +43,8 @@ mail body
 EHLO %TESTNUMBER
 AUTH EXTERNAL
 =
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test944 b/tests/data/test944
index a00a44e635..5cc76d59e4 100644
--- a/tests/data/test944
+++ b/tests/data/test944
@@ -42,8 +42,8 @@ mail body
 
 EHLO %TESTNUMBER
 AUTH EXTERNAL dXNlcg==
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test945 b/tests/data/test945
index 5f34e31ab7..c470072607 100644
--- a/tests/data/test945
+++ b/tests/data/test945
@@ -42,8 +42,8 @@ mail body
 
 EHLO %TESTNUMBER
 AUTH EXTERNAL =
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test946 b/tests/data/test946
index f463bfc4eb..dbbbe66b95 100644
--- a/tests/data/test946
+++ b/tests/data/test946
@@ -44,8 +44,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr
 EHLO %TESTNUMBER
 AUTH OAUTHBEARER
 %b64[n,a=user,%01host=127.0.0.1%01port=%SMTPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64%
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test947 b/tests/data/test947
index 995e54ed28..ade9aaef7b 100644
--- a/tests/data/test947
+++ b/tests/data/test947
@@ -43,8 +43,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr
 
 EHLO %TESTNUMBER
 AUTH OAUTHBEARER %b64[n,a=user,%01host=127.0.0.1%01port=%SMTPPORT%01auth=Bearer mF_9.B5f-4.1JqM%01%01]b64%
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test950 b/tests/data/test950
index 6f18037370..160773bee6 100644
--- a/tests/data/test950
+++ b/tests/data/test950
@@ -11,7 +11,7 @@ VRFY
 # Server-side
 
 
-250 
+250 %LTrecipient@example.com%GT
 
 
 
diff --git a/tests/data/test951 b/tests/data/test951
index 616c6cd523..46c981cc60 100644
--- a/tests/data/test951
+++ b/tests/data/test951
@@ -32,8 +32,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test952 b/tests/data/test952
index f2a90bfbbd..7325e823e5 100644
--- a/tests/data/test952
+++ b/tests/data/test952
@@ -32,8 +32,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test953 b/tests/data/test953
index 04ebe21466..2fe9459283 100644
--- a/tests/data/test953
+++ b/tests/data/test953
@@ -43,8 +43,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr
 EHLO %TESTNUMBER
 AUTH PLAIN
 dXJzZWwAa3VydAB4aXBqM3BsbXE=
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test955 b/tests/data/test955
index be0565842f..eac15f0adc 100644
--- a/tests/data/test955
+++ b/tests/data/test955
@@ -49,7 +49,7 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
+MAIL FROM:%LTAvs%hex[%c3%a4]hex%ndaren@example.com%GT
 QUIT
 
 
diff --git a/tests/data/test956 b/tests/data/test956
index aaae3544d0..f0e1e4d207 100644
--- a/tests/data/test956
+++ b/tests/data/test956
@@ -46,8 +46,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt St%hex[%c3%b6]hex%dmottagaren@e
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTSt%hex[%c3%b6]hex%dmottagaren@example.com%GT
 QUIT
 
 
diff --git a/tests/data/test959 b/tests/data/test959
index 3ee988c57f..ae21234d78 100644
--- a/tests/data/test959
+++ b/tests/data/test959
@@ -50,7 +50,7 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
+MAIL FROM:%LTsender@%hex[%c3%a5%c3%a4%c3%b6]hex%.se%GT
 QUIT
 
 
diff --git a/tests/data/test960 b/tests/data/test960
index 64d5050a30..8420e02295 100644
--- a/tests/data/test960
+++ b/tests/data/test960
@@ -47,8 +47,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@%hex[%c3%a5%c3%a4%c3%
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@%hex[%c3%a5%c3%a4%c3%b6]hex%.se%GT
 QUIT
 
 
diff --git a/tests/data/test962 b/tests/data/test962
index 59ced3bc77..98be6f0e22 100644
--- a/tests/data/test962
+++ b/tests/data/test962
@@ -44,8 +44,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@xn--4cab6c.se%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test963 b/tests/data/test963
index 8b411458c6..0b042f0aa9 100644
--- a/tests/data/test963
+++ b/tests/data/test963
@@ -44,8 +44,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@%hex[%c3%a5%c3%a4%c3%
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@xn--4cab6c.se%GT
 DATA
 QUIT
 
diff --git a/tests/data/test965 b/tests/data/test965
index b4ccc70425..54f1f51b0a 100644
--- a/tests/data/test965
+++ b/tests/data/test965
@@ -47,8 +47,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr
 
 
 EHLO %TESTNUMBER
-MAIL FROM: SMTPUTF8
-RCPT TO:
+MAIL FROM:%LTAvs%hex[%c3%a4]hex%ndaren@xn--4cab6c.se%GT SMTPUTF8
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test966 b/tests/data/test966
index 24ef559766..958df6858d 100644
--- a/tests/data/test966
+++ b/tests/data/test966
@@ -47,8 +47,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt St%hex[%c3%b6]hex%dmottagaren@%
 
 
 EHLO %TESTNUMBER
-MAIL FROM: SMTPUTF8
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT SMTPUTF8
+RCPT TO:%LTSt%hex[%c3%b6]hex%dmottagaren@xn--4cab6c.se%GT
 DATA
 QUIT
 
diff --git a/tests/data/test969 b/tests/data/test969
index 00311d5f19..875ea6d4b5 100644
--- a/tests/data/test969
+++ b/tests/data/test969
@@ -15,9 +15,9 @@ IDN
 CAPA SMTPUTF8
 
 
-250-Joe Smith 
-250-Harry Smith 
-250 Melvin Smith 
+250-Joe Smith %LTjoe.smith@example.com%GT
+250-Harry Smith %LTharry.smith@example.com%GT
+250 Melvin Smith %LTmelvin.smith@example.com%GT
 
 
 
diff --git a/tests/data/test981 b/tests/data/test981
index 94de9dfbea..f1ac9aa20f 100644
--- a/tests/data/test981
+++ b/tests/data/test981
@@ -33,10 +33,10 @@ imap://%HOSTIP:%IMAPPORT/%TESTNUMBER -T %LOGDIR/upload%TESTNUMBER -u user:secret
 
 
 Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)
-From: Fred Foobar 
+From: Fred Foobar %LTfoobar@example.COM%GT
 Subject: afternoon meeting
 To: joe@example.com
-Message-Id: 
+Message-Id: %LTB27397-0100000@example.COM%GT
 MIME-Version: 1.0
 Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
 
diff --git a/tests/data/test984 b/tests/data/test984
index e79efdf84b..4e802a1d2e 100644
--- a/tests/data/test984
+++ b/tests/data/test984
@@ -31,10 +31,10 @@ imap://%HOSTIP:%IMAPPORT/%TESTNUMBER -T %LOGDIR/upload%TESTNUMBER -u user:secret
 
 
 Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)
-From: Fred Foobar 
+From: Fred Foobar %LTfoobar@example.COM%GT
 Subject: afternoon meeting
 To: joe@example.com
-Message-Id: 
+Message-Id: %LTB27397-0100000@example.COM%GT
 MIME-Version: 1.0
 Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
 
diff --git a/tests/data/test987 b/tests/data/test987
index 312c406a70..7c158128fb 100644
--- a/tests/data/test987
+++ b/tests/data/test987
@@ -36,8 +36,8 @@ body
 
 
 EHLO %TESTNUMBER
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/data/test992 b/tests/data/test992
index 772ad91e79..bf8b0fb1c4 100644
--- a/tests/data/test992
+++ b/tests/data/test992
@@ -41,8 +41,8 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-fr
 EHLO %TESTNUMBER
 AUTH XOAUTH2
 dXNlcj11c2VyAWF1dGg9QmVhcmVyIG1GXzkuQjVmLTQuMUpxTQEB
-MAIL FROM:
-RCPT TO:
+MAIL FROM:%LTsender@example.com%GT
+RCPT TO:%LTrecipient@example.com%GT
 DATA
 QUIT
 
diff --git a/tests/testutil.pm b/tests/testutil.pm
index 6317a5e931..7e2b279f07 100644
--- a/tests/testutil.pm
+++ b/tests/testutil.pm
@@ -156,6 +156,8 @@ sub subbase64 {
     $$thing =~ s/%SP/ /g;    # space
     $$thing =~ s/%TAB/\t/g;  # horizontal tab
     $$thing =~ s/%CR/\r/g;   # carriage return aka \r aka 0x0d
+    $$thing =~ s/%LT//g;
 
     # include a file
     $$thing =~ s/%include ([^%]*)%[\n\r]+/includefile($1, 0)/ge;

From 9726fc8259ad7ebf16822ff513dc4ad987f7f8fe Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 18 Nov 2025 12:02:36 +0100
Subject: [PATCH 0909/2408] test2405, 2407: mark tests based on lib2405 flaky

Flaky in macOS CI jobs.

2405:
https://github.com/curl/curl/actions/runs/19448567968/job/55648448197 CM gcc-13 aws-lc
https://github.com/curl/curl/actions/runs/19432797208/job/55595742192 AM clang !ssl
https://github.com/curl/curl/actions/runs/19431697816/job/55591941993 AM clang !ssl !debug brotli zstd
https://github.com/curl/curl/actions/runs/19421214342/job/55558775785 CM llvm@18 GnuTLS !ldap krb5 +examples
https://github.com/curl/curl/actions/runs/19413038235/job/55537174590 CM llvm@18 mbedTLS !ldap brotli zstd MultiSSL AppleIDN

2407:
https://github.com/curl/curl/actions/runs/19462732039/job/55691022408 AM clang !ssl
https://github.com/curl/curl/actions/runs/19440283144/job/55621665647 CM gcc-13 OpenSSL gsasl rtmp AppleIDN SecTrust +examples
https://github.com/curl/curl/actions/runs/19440283144/job/55621665682 AM gcc-13 !ssl !debug
https://github.com/curl/curl/actions/runs/19436530386/job/55608724437 CM gcc-13 aws-lc
https://github.com/curl/curl/actions/runs/19436530386/job/55608724641 CM llvm@18 GnuTLS !ldap krb5 +examples
https://github.com/curl/curl/actions/runs/19435651588/job/55605648449 CM llvm@18 OpenSSL gsasl rtmp AppleIDN SecTrust +examples

Ref: https://testclutch.curl.se/static/reports/results-count.html

Bug: https://github.com/curl/curl/pull/19487#issuecomment-3546858203
Bug: https://github.com/curl/curl/pull/19487#issuecomment-3546921877

Follow-up to 2c7e1792a06b81b2bf41c9d348d374a83621340b #19487
Follow-up to 96a5ce5a82eb0f08650649ffafb7bb4e51fc4444 #19481
Follow-up to c78044c07e97cb720049579f4fe3cab33a7ea8d3 #15146 #15155

Closes #19587
---
 tests/data/test2405 | 1 +
 tests/data/test2407 | 1 +
 2 files changed, 2 insertions(+)

diff --git a/tests/data/test2405 b/tests/data/test2405
index 79f5e337c3..c9eb3ca8fa 100644
--- a/tests/data/test2405
+++ b/tests/data/test2405
@@ -3,6 +3,7 @@
 
 multi
 HTTP
+flaky
 
 
 
diff --git a/tests/data/test2407 b/tests/data/test2407
index c103cf74a1..1794daf2ab 100644
--- a/tests/data/test2407
+++ b/tests/data/test2407
@@ -4,6 +4,7 @@
 multi
 HTTP
 HTTP/2
+flaky
 
 
 

From 318cd4f2ee4840a13634bacce462676b40dabe71 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 18 Nov 2025 17:01:30 +0100
Subject: [PATCH 0910/2408] lib: error for OOM when extracting URL query

Closes #19594
---
 lib/imap.c | 6 ++++--
 lib/url.c  | 4 +++-
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/lib/imap.c b/lib/imap.c
index d23076a48f..faa595561d 100644
--- a/lib/imap.c
+++ b/lib/imap.c
@@ -2315,8 +2315,10 @@ static CURLcode imap_parse_url_path(struct Curl_easy *data,
      and no UID as per RFC-5092 */
   if(imap->mailbox && !imap->uid && !imap->mindex) {
     /* Get the query parameter, URL decoded */
-    (void)curl_url_get(data->state.uh, CURLUPART_QUERY, &imap->query,
-                       CURLU_URLDECODE);
+    CURLUcode uc = curl_url_get(data->state.uh, CURLUPART_QUERY, &imap->query,
+                                CURLU_URLDECODE);
+    if(uc == CURLUE_OUT_OF_MEMORY)
+      return CURLE_OUT_OF_MEMORY;
   }
 
   /* Any extra stuff at the end of the URL is an error */
diff --git a/lib/url.c b/lib/url.c
index 527d698390..b4069e30f1 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -1974,7 +1974,9 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data,
       conn->remote_port = (unsigned short)port;
   }
 
-  (void)curl_url_get(uh, CURLUPART_QUERY, &data->state.up.query, 0);
+  uc = curl_url_get(uh, CURLUPART_QUERY, &data->state.up.query, 0);
+  if(uc && (uc != CURLUE_NO_QUERY))
+    return CURLE_OUT_OF_MEMORY;
 
 #ifdef USE_IPV6
   if(data->set.scope_id)

From 36d0f128814177b9927e2dff96940aa2a2c09bb0 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 18 Nov 2025 21:41:42 +0100
Subject: [PATCH 0911/2408] DISTROS.md: add OpenBSD

Closes #19596
---
 docs/DISTROS.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/docs/DISTROS.md b/docs/DISTROS.md
index 40a9bf5716..132ad86a0c 100644
--- a/docs/DISTROS.md
+++ b/docs/DISTROS.md
@@ -222,6 +222,12 @@ can also be used on other distributions
 - curl issues: https://support.oracle.com/ (requires support contract)
 - curl patches: https://github.com/oracle/solaris-userland/tree/master/components/curl/patches
 
+## OpenBSD
+
+- curl: https://github.com/openbsd/ports/tree/master/net/curl
+- curl issues: https://www.openbsd.org/mail.html (ports mailing list)
+- curl patches: https://github.com/openbsd/ports/tree/master/net/curl/patches
+
 ## OpenEmbedded / Yocto Project
 
 *Rolling Release*

From 7f3731ce142c1d74023abad183cc8ce0fd527fab Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 18 Nov 2025 19:10:53 +0100
Subject: [PATCH 0912/2408] tests/data: mark non-XML-compliant files as such,
 xmllint the rest in CI

There are 58 non-compliant files. Mark them with the `notxml` keyword.
Also include the compliant ones in the GHA/checksrc xmllint CI job.

Also:
- delete XML prolog from the 3 test data files that had them.
- FILEFORMAT.md: document the `notxml` keyword.
- FILEFORMAT.md: fix a typo.

Follow-up to de49cc89abc917cb4f273ebea8c6fb584d097de2 #19470
Follow-up to f3095f0dbd7e842d4a72c0300ba4817a755c74f5 #19528
Follow-up to 87ba80a6df1dfd7ceaaa52352c9f23afff0ed513

Closes #19595
---
 .github/scripts/pyspelling.words | 2 ++
 .github/workflows/checksrc.yml   | 6 +++++-
 docs/tests/FILEFORMAT.md         | 7 ++++++-
 tests/data/test1011              | 1 +
 tests/data/test1012              | 1 +
 tests/data/test1015              | 1 +
 tests/data/test1034              | 1 -
 tests/data/test1076              | 1 +
 tests/data/test1105              | 1 +
 tests/data/test1138              | 1 +
 tests/data/test1158              | 1 +
 tests/data/test1160              | 1 -
 tests/data/test1186              | 1 +
 tests/data/test1189              | 1 +
 tests/data/test1221              | 1 +
 tests/data/test1332              | 1 +
 tests/data/test1400              | 1 +
 tests/data/test1401              | 1 +
 tests/data/test1402              | 1 +
 tests/data/test1403              | 1 +
 tests/data/test1404              | 1 +
 tests/data/test1405              | 1 +
 tests/data/test1406              | 1 +
 tests/data/test1407              | 1 +
 tests/data/test1420              | 1 +
 tests/data/test1445              | 1 +
 tests/data/test1446              | 1 +
 tests/data/test1461              | 1 +
 tests/data/test1463              | 1 +
 tests/data/test1464              | 1 +
 tests/data/test1465              | 1 +
 tests/data/test1481              | 1 +
 tests/data/test1506              | 1 +
 tests/data/test1510              | 1 +
 tests/data/test1512              | 1 +
 tests/data/test1524              | 1 +
 tests/data/test1542              | 1 +
 tests/data/test1598              | 1 +
 tests/data/test163               | 1 +
 tests/data/test1683              | 1 +
 tests/data/test1705              | 1 +
 tests/data/test1706              | 1 +
 tests/data/test1977              | 1 +
 tests/data/test199               | 1 +
 tests/data/test2402              | 1 +
 tests/data/test2404              | 1 +
 tests/data/test2502              | 1 +
 tests/data/test3                 | 1 +
 tests/data/test32                | 1 +
 tests/data/test320               | 1 +
 tests/data/test39                | 1 +
 tests/data/test40                | 1 +
 tests/data/test439               | 1 +
 tests/data/test446               | 1 -
 tests/data/test45                | 1 +
 tests/data/test48                | 1 +
 tests/data/test568               | 1 +
 tests/data/test646               | 1 +
 tests/data/test733               | 1 +
 tests/data/test734               | 1 +
 tests/data/test735               | 1 +
 tests/data/test739               | 1 +
 tests/data/test787               | 1 +
 tests/data/test96                | 1 +
 64 files changed, 71 insertions(+), 5 deletions(-)

diff --git a/.github/scripts/pyspelling.words b/.github/scripts/pyspelling.words
index f6a5405999..5c96701cd0 100644
--- a/.github/scripts/pyspelling.words
+++ b/.github/scripts/pyspelling.words
@@ -463,6 +463,7 @@ libWebSocket
 libz
 libzstd
 LineageOS
+linter
 linux
 lldb
 ln
@@ -981,6 +982,7 @@ Xbox
 XDG
 xdigit
 Xilinx
+xmllint
 XP
 Xtensa
 XYZ
diff --git a/.github/workflows/checksrc.yml b/.github/workflows/checksrc.yml
index 9ed049c13f..6076617356 100644
--- a/.github/workflows/checksrc.yml
+++ b/.github/workflows/checksrc.yml
@@ -128,7 +128,11 @@ jobs:
           persist-credentials: false
 
       - name: 'check'
-        run: git grep -z -i -l -E '^<\?xml' | xargs -0 -r xmllint >/dev/null
+        run: |
+          {
+            git grep -z -i -l -E '^<\?xml' || true
+            git grep -z -L -F 'notxml' 'tests/data/test*' || true
+          } | xargs -0 -r xmllint >/dev/null
 
   miscchecks:
     name: 'misc checks'
diff --git a/docs/tests/FILEFORMAT.md b/docs/tests/FILEFORMAT.md
index c5c1bcfe90..7851e08e25 100644
--- a/docs/tests/FILEFORMAT.md
+++ b/docs/tests/FILEFORMAT.md
@@ -239,7 +239,7 @@ When running a unit test and the keywords include `unittest`, the ``
 section can be left empty to use the standard unit test tool name `unitN` where
 `N` is the test number.
 
-The `text-ci` make target automatically skips test with the `flaky` keyword.
+The `test-ci` make target automatically skips test with the `flaky` keyword.
 
 Tests that have strict timing dependencies have the `timing-dependent` keyword.
 These are intended to eventually be treated specially on CI builds which are
@@ -248,6 +248,11 @@ often run on overloaded machines with unpredictable timing.
 Tests using non-7-bit-ASCII characters must provide them with `%hex[]` or
 similar.
 
+In most cases test files comply with the XML format, and pass xmllint cleanly.
+If the data file uses the `&` character, or has other, non-compliant content,
+and making it XML-compliant is not possible or unpractical, use the `notxml`
+keyword to exclude it from linter checks.
+
 ## ``
 
 ### ``
diff --git a/tests/data/test1011 b/tests/data/test1011
index f4de4df6a2..4f5111dea2 100644
--- a/tests/data/test1011
+++ b/tests/data/test1011
@@ -4,6 +4,7 @@
 HTTP
 HTTP POST
 followlocation
+notxml
 
 
 #
diff --git a/tests/data/test1012 b/tests/data/test1012
index d15e10f28e..ef2d679bfc 100644
--- a/tests/data/test1012
+++ b/tests/data/test1012
@@ -4,6 +4,7 @@
 HTTP
 HTTP POST
 followlocation
+notxml
 
 
 #
diff --git a/tests/data/test1015 b/tests/data/test1015
index 9f2a53d49a..4fe79c7b99 100644
--- a/tests/data/test1015
+++ b/tests/data/test1015
@@ -4,6 +4,7 @@
 HTTP
 HTTP POST
 --data-urlencode
+notxml
 
 
 
diff --git a/tests/data/test1034 b/tests/data/test1034
index f503d97700..db0528a789 100644
--- a/tests/data/test1034
+++ b/tests/data/test1034
@@ -1,4 +1,3 @@
-
 
 
 
diff --git a/tests/data/test1076 b/tests/data/test1076
index 8613a9a922..08eba396c5 100644
--- a/tests/data/test1076
+++ b/tests/data/test1076
@@ -4,6 +4,7 @@
 HTTP
 HTTP POST
 followlocation
+notxml
 
 
 #
diff --git a/tests/data/test1105 b/tests/data/test1105
index d23b92f560..ea42efb6a9 100644
--- a/tests/data/test1105
+++ b/tests/data/test1105
@@ -5,6 +5,7 @@ HTTP
 HTTP POST
 cookies
 cookiejar
+notxml
 
 
 
diff --git a/tests/data/test1138 b/tests/data/test1138
index 7579fcd21d..a3e65d0e0f 100644
--- a/tests/data/test1138
+++ b/tests/data/test1138
@@ -4,6 +4,7 @@
 HTTP
 HTTP GET
 followlocation
+notxml
 
 
 #
diff --git a/tests/data/test1158 b/tests/data/test1158
index c2a7330fe6..a791c6fd4c 100644
--- a/tests/data/test1158
+++ b/tests/data/test1158
@@ -3,6 +3,7 @@
 
 HTTP
 HTTP FORMPOST
+notxml
 
 
 # Server-side
diff --git a/tests/data/test1160 b/tests/data/test1160
index 6b7c904ceb..9eca524c65 100644
--- a/tests/data/test1160
+++ b/tests/data/test1160
@@ -1,4 +1,3 @@
-
 
 
 
diff --git a/tests/data/test1186 b/tests/data/test1186
index f9edac8f36..7a8b69486b 100644
--- a/tests/data/test1186
+++ b/tests/data/test1186
@@ -3,6 +3,7 @@
 
 HTTP
 HTTP FORMPOST
+notxml
 
 
 # Server-side
diff --git a/tests/data/test1189 b/tests/data/test1189
index 0fb354a88e..b5574cef50 100644
--- a/tests/data/test1189
+++ b/tests/data/test1189
@@ -3,6 +3,7 @@
 
 HTTP
 HTTP FORMPOST
+notxml
 
 
 # Server-side
diff --git a/tests/data/test1221 b/tests/data/test1221
index 1bfc61bdee..12a82be1ee 100644
--- a/tests/data/test1221
+++ b/tests/data/test1221
@@ -5,6 +5,7 @@ HTTP
 HTTP POST
 --data-urlencode
 --url-query
+notxml
 
 
 
diff --git a/tests/data/test1332 b/tests/data/test1332
index c852d84b5d..f1b596e310 100644
--- a/tests/data/test1332
+++ b/tests/data/test1332
@@ -5,6 +5,7 @@
 HTTP
 HTTP POST
 followlocation
+notxml
 
 
 #
diff --git a/tests/data/test1400 b/tests/data/test1400
index 5ed32360d9..1d2ece68e4 100644
--- a/tests/data/test1400
+++ b/tests/data/test1400
@@ -4,6 +4,7 @@
 HTTP
 HTTP GET
 --libcurl
+notxml
 
 
 
diff --git a/tests/data/test1401 b/tests/data/test1401
index a24c81cb94..31259e079f 100644
--- a/tests/data/test1401
+++ b/tests/data/test1401
@@ -7,6 +7,7 @@ HTTP Basic auth
 HTTP set cookie
 cookies
 --libcurl
+notxml
 
 
 
diff --git a/tests/data/test1402 b/tests/data/test1402
index 9c0330532d..c256611b0d 100644
--- a/tests/data/test1402
+++ b/tests/data/test1402
@@ -4,6 +4,7 @@
 HTTP
 HTTP POST
 --libcurl
+notxml
 
 
 
diff --git a/tests/data/test1403 b/tests/data/test1403
index 9632816894..2a2f3617cd 100644
--- a/tests/data/test1403
+++ b/tests/data/test1403
@@ -4,6 +4,7 @@
 HTTP
 HTTP GET
 --libcurl
+notxml
 
 
 
diff --git a/tests/data/test1404 b/tests/data/test1404
index 7ae7d8b501..732c2678a6 100644
--- a/tests/data/test1404
+++ b/tests/data/test1404
@@ -6,6 +6,7 @@ HTTP
 HTTP FORMPOST
 HTTP file upload
 --libcurl
+notxml
 
 
 
diff --git a/tests/data/test1405 b/tests/data/test1405
index 1860f408c8..a71a522cfa 100644
--- a/tests/data/test1405
+++ b/tests/data/test1405
@@ -6,6 +6,7 @@ FTP
 post-quote
 pre-quote
 --libcurl
+notxml
 
 
 # Server-side
diff --git a/tests/data/test1406 b/tests/data/test1406
index 492b5b8b31..5f935d2d07 100644
--- a/tests/data/test1406
+++ b/tests/data/test1406
@@ -5,6 +5,7 @@
 
 SMTP
 --libcurl
+notxml
 
 
 
diff --git a/tests/data/test1407 b/tests/data/test1407
index fad62abd06..9ab40cef40 100644
--- a/tests/data/test1407
+++ b/tests/data/test1407
@@ -6,6 +6,7 @@ POP3
 Clear Text
 LIST
 --libcurl
+notxml
 
 
 
diff --git a/tests/data/test1420 b/tests/data/test1420
index dbd671b1aa..4a6be82437 100644
--- a/tests/data/test1420
+++ b/tests/data/test1420
@@ -6,6 +6,7 @@ IMAP
 Clear Text
 FETCH
 --libcurl
+notxml
 
 
 
diff --git a/tests/data/test1445 b/tests/data/test1445
index f52be8f725..705162be2d 100644
--- a/tests/data/test1445
+++ b/tests/data/test1445
@@ -3,6 +3,7 @@
 
 FILE
 --remote-time
+notxml
 
 
 
diff --git a/tests/data/test1446 b/tests/data/test1446
index 8babaea5d5..448eefbc1f 100644
--- a/tests/data/test1446
+++ b/tests/data/test1446
@@ -3,6 +3,7 @@
 
 SFTP
 --remote-time
+notxml
 
 
 
diff --git a/tests/data/test1461 b/tests/data/test1461
index 4ee109a122..f45d0dcd12 100644
--- a/tests/data/test1461
+++ b/tests/data/test1461
@@ -2,6 +2,7 @@
 
 
 --help
+notxml
 
 
 
diff --git a/tests/data/test1463 b/tests/data/test1463
index 55174be508..e67bdfdae4 100644
--- a/tests/data/test1463
+++ b/tests/data/test1463
@@ -3,6 +3,7 @@
 
 FILE
 --help
+notxml
 
 
 
diff --git a/tests/data/test1464 b/tests/data/test1464
index c005b5afca..4a4f6b3633 100644
--- a/tests/data/test1464
+++ b/tests/data/test1464
@@ -3,6 +3,7 @@
 
 FILE
 --help
+notxml
 
 
 
diff --git a/tests/data/test1465 b/tests/data/test1465
index bef59be3c0..686c28b0ba 100644
--- a/tests/data/test1465
+++ b/tests/data/test1465
@@ -4,6 +4,7 @@
 HTTP
 HTTP POST
 --libcurl
+notxml
 
 
 
diff --git a/tests/data/test1481 b/tests/data/test1481
index 3121ae5369..209c3f87e0 100644
--- a/tests/data/test1481
+++ b/tests/data/test1481
@@ -4,6 +4,7 @@
 HTTP
 HTTP GET
 --libcurl
+notxml
 
 
 
diff --git a/tests/data/test1506 b/tests/data/test1506
index 98af4b19fe..cd7654a0d8 100644
--- a/tests/data/test1506
+++ b/tests/data/test1506
@@ -4,6 +4,7 @@
 HTTP
 multi
 verbose logs
+notxml
 
 
 
diff --git a/tests/data/test1510 b/tests/data/test1510
index c4fca7251a..febe7d76ea 100644
--- a/tests/data/test1510
+++ b/tests/data/test1510
@@ -4,6 +4,7 @@
 HTTP
 verbose logs
 flaky
+notxml
 
 
 
diff --git a/tests/data/test1512 b/tests/data/test1512
index cb1d8f72f1..3798d7325b 100644
--- a/tests/data/test1512
+++ b/tests/data/test1512
@@ -3,6 +3,7 @@
 
 HTTP
 GLOBAL DNS CACHE
+notxml
 
 
 
diff --git a/tests/data/test1524 b/tests/data/test1524
index 05433d47c2..fcfd9f4c00 100644
--- a/tests/data/test1524
+++ b/tests/data/test1524
@@ -4,6 +4,7 @@
 HTTP
 HTTP PUT
 followlocation
+notxml
 
 
 #
diff --git a/tests/data/test1542 b/tests/data/test1542
index dad66aff3d..044fe518a4 100644
--- a/tests/data/test1542
+++ b/tests/data/test1542
@@ -6,6 +6,7 @@ connection reuse
 persistent connection
 CURLOPT_MAXLIFETIME_CONN
 verbose logs
+notxml
 
 
 
diff --git a/tests/data/test1598 b/tests/data/test1598
index a85c124692..f3143432ed 100644
--- a/tests/data/test1598
+++ b/tests/data/test1598
@@ -5,6 +5,7 @@ HTTP
 HTTP POST
 CURLOPT_HTTPTRAILER_FUNCTION
 CURLOPT_HTTPTRAILER_DATA
+notxml
 
 
 
diff --git a/tests/data/test163 b/tests/data/test163
index 14332c16c7..7a7406c136 100644
--- a/tests/data/test163
+++ b/tests/data/test163
@@ -3,6 +3,7 @@
 
 HTTP
 HTTP POST
+notxml
 
 
 
diff --git a/tests/data/test1683 b/tests/data/test1683
index 66f41cea55..47d280cd14 100644
--- a/tests/data/test1683
+++ b/tests/data/test1683
@@ -4,6 +4,7 @@
 HTTP
 HTTP GET
 --no-clobber
+notxml
 
 
 
diff --git a/tests/data/test1705 b/tests/data/test1705
index c85886b96a..dc21207860 100644
--- a/tests/data/test1705
+++ b/tests/data/test1705
@@ -4,6 +4,7 @@
 script
 documentation
 managen
+notxml
 
 
 
diff --git a/tests/data/test1706 b/tests/data/test1706
index f821618d27..dd24365d05 100644
--- a/tests/data/test1706
+++ b/tests/data/test1706
@@ -4,6 +4,7 @@
 script
 documentation
 managen
+notxml
 
 
 
diff --git a/tests/data/test1977 b/tests/data/test1977
index b8e2bb4f2b..d62ed337e6 100644
--- a/tests/data/test1977
+++ b/tests/data/test1977
@@ -3,6 +3,7 @@
 
 CURLOPT_CURLU
 CURLINFO_EFFECTIVE_URL
+notxml
 
 
 
diff --git a/tests/data/test199 b/tests/data/test199
index 763e7bf49e..fc8a8e96a0 100644
--- a/tests/data/test199
+++ b/tests/data/test199
@@ -4,6 +4,7 @@
 HTTP
 HTTP GET
 globbing
+notxml
 
 
 #
diff --git a/tests/data/test2402 b/tests/data/test2402
index 1903534dc8..ba3fcc85b4 100644
--- a/tests/data/test2402
+++ b/tests/data/test2402
@@ -5,6 +5,7 @@ HTTP
 HTTP/2
 multi
 verbose logs
+notxml
 
 
 
diff --git a/tests/data/test2404 b/tests/data/test2404
index 1ed03968db..5034a15c3c 100644
--- a/tests/data/test2404
+++ b/tests/data/test2404
@@ -5,6 +5,7 @@ HTTP
 HTTP/2
 multi
 verbose logs
+notxml
 
 
 
diff --git a/tests/data/test2502 b/tests/data/test2502
index ab460c29d5..627cfdccad 100644
--- a/tests/data/test2502
+++ b/tests/data/test2502
@@ -5,6 +5,7 @@ HTTP
 HTTP/3
 multi
 verbose logs
+notxml
 
 
 
diff --git a/tests/data/test3 b/tests/data/test3
index 3f4b4ee9e2..50fdfeea48 100644
--- a/tests/data/test3
+++ b/tests/data/test3
@@ -4,6 +4,7 @@
 HTTP
 HTTP POST
 HTTP Basic auth
+notxml
 
 
 #
diff --git a/tests/data/test32 b/tests/data/test32
index d02a541ae3..94b9531ca5 100644
--- a/tests/data/test32
+++ b/tests/data/test32
@@ -4,6 +4,7 @@
 HTTP
 HTTP GET
 -G
+notxml
 
 
 #
diff --git a/tests/data/test320 b/tests/data/test320
index 00615e5d71..0967823d38 100644
--- a/tests/data/test320
+++ b/tests/data/test320
@@ -4,6 +4,7 @@
 HTTPS
 HTTP GET
 TLS-SRP
+notxml
 
 
 
diff --git a/tests/data/test39 b/tests/data/test39
index 02a4659e09..b006254337 100644
--- a/tests/data/test39
+++ b/tests/data/test39
@@ -3,6 +3,7 @@
 
 HTTP
 HTTP FORMPOST
+notxml
 
 
 # Server-side
diff --git a/tests/data/test40 b/tests/data/test40
index 959a7505dc..04efdbbc70 100644
--- a/tests/data/test40
+++ b/tests/data/test40
@@ -4,6 +4,7 @@
 HTTP
 HTTP GET
 followlocation
+notxml
 
 
 #
diff --git a/tests/data/test439 b/tests/data/test439
index 2659f139e9..8529797242 100644
--- a/tests/data/test439
+++ b/tests/data/test439
@@ -3,6 +3,7 @@
 
 HTTP
 aws-sigv4
+notxml
 
 
 
diff --git a/tests/data/test446 b/tests/data/test446
index ceae26b7e7..eeb9366bb5 100644
--- a/tests/data/test446
+++ b/tests/data/test446
@@ -1,4 +1,3 @@
-
 
 
 
diff --git a/tests/data/test45 b/tests/data/test45
index 54c41dec92..3d4df02f13 100644
--- a/tests/data/test45
+++ b/tests/data/test45
@@ -4,6 +4,7 @@
 HTTP
 HTTP GET
 followlocation
+notxml
 
 
 # Server-side
diff --git a/tests/data/test48 b/tests/data/test48
index 564e8f3a74..c161ba5dca 100644
--- a/tests/data/test48
+++ b/tests/data/test48
@@ -4,6 +4,7 @@
 HTTP
 HTTP HEAD
 -G
+notxml
 
 
 #
diff --git a/tests/data/test568 b/tests/data/test568
index caadd95d12..a2438916d4 100644
--- a/tests/data/test568
+++ b/tests/data/test568
@@ -5,6 +5,7 @@
 
 RTSP
 ANNOUNCE
+notxml
 
 
 
diff --git a/tests/data/test646 b/tests/data/test646
index 1ef0c9f21b..39fafa573c 100644
--- a/tests/data/test646
+++ b/tests/data/test646
@@ -3,6 +3,7 @@
 
 SMTP
 MULTIPART
+notxml
 
 
 
diff --git a/tests/data/test733 b/tests/data/test733
index ffe058bf34..0bf953cca2 100644
--- a/tests/data/test733
+++ b/tests/data/test733
@@ -2,6 +2,7 @@
 
 
 IPFS
+notxml
 
 
 
diff --git a/tests/data/test734 b/tests/data/test734
index e8d40141a3..01107fbf6b 100644
--- a/tests/data/test734
+++ b/tests/data/test734
@@ -2,6 +2,7 @@
 
 
 IPFS
+notxml
 
 
 
diff --git a/tests/data/test735 b/tests/data/test735
index d78c3cc996..574d8bd492 100644
--- a/tests/data/test735
+++ b/tests/data/test735
@@ -2,6 +2,7 @@
 
 
 IPFS
+notxml
 
 
 
diff --git a/tests/data/test739 b/tests/data/test739
index 41f3599e4d..3e712f513e 100644
--- a/tests/data/test739
+++ b/tests/data/test739
@@ -2,6 +2,7 @@
 
 
 IPFS
+notxml
 
 
 
diff --git a/tests/data/test787 b/tests/data/test787
index 798d2d368f..e95a18d17b 100644
--- a/tests/data/test787
+++ b/tests/data/test787
@@ -3,6 +3,7 @@
 
 HTTP
 --variable
+notxml
 
 
 
diff --git a/tests/data/test96 b/tests/data/test96
index a96b617623..de4b7c18ad 100644
--- a/tests/data/test96
+++ b/tests/data/test96
@@ -2,6 +2,7 @@
 
 
 TrackMemory
+notxml
 
 
 

From 8bb8984e9d5882a9b3f92717441a9ab92f33ace5 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 19 Nov 2025 01:36:28 +0100
Subject: [PATCH 0913/2408] curl_setup.h: document more funcs flagged by
 `_CRT_SECURE_NO_WARNINGS`

Based on these logs (non-Unicode, Unicode Schannel):
https://github.com/curl/curl/actions/runs/19446115443/job/55640968722?pr=19175
https://github.com/curl/curl/actions/runs/19446115443/job/55640968764?pr=19175

Follow-up to 5fa2d8320c4196435c1d554b06dfdcca73824dec #19175

Closes #19597
---
 lib/curl_setup.h | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/lib/curl_setup.h b/lib/curl_setup.h
index 15688aab2c..f5b9111f61 100644
--- a/lib/curl_setup.h
+++ b/lib/curl_setup.h
@@ -95,9 +95,10 @@
                                       unlink(), etc. */
 #endif
 #ifndef _CRT_SECURE_NO_WARNINGS
-#define _CRT_SECURE_NO_WARNINGS  /* for __sys_errlist, __sys_nerr, _wfopen(),
-                                    _wopen(), freopen(), getenv(), gmtime(),
-                                    sprintf(), strcpy(), wcscpy(), wcsncpy()
+#define _CRT_SECURE_NO_WARNINGS  /* for __sys_errlist, __sys_nerr, _open(),
+                                    _wfopen(), _wopen(), fopen(), freopen(),
+                                    getenv(), gmtime(), mbstowcs(), sprintf(),
+                                    strcpy(), wcscpy(), wcsncpy(), wcstombs(),
                                     in tests: localtime(), open(), sscanf() */
 #endif
 #endif /* _MSC_VER */

From c255d2fdcbf27b4bfd668ae3784bb657449d6889 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Wed, 19 Nov 2025 08:32:41 +0100
Subject: [PATCH 0914/2408] tool_cfgable: free ssl-sessions at exit

Also free the memory correctly in tool_ssls_load

Closes #19602
---
 src/tool_cfgable.c |  1 +
 src/tool_cfgable.h |  1 +
 src/tool_ssls.c    | 12 ++++++------
 3 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/src/tool_cfgable.c b/src/tool_cfgable.c
index 2ddb0ad2fc..086e4ac216 100644
--- a/src/tool_cfgable.c
+++ b/src/tool_cfgable.c
@@ -260,6 +260,7 @@ static void free_globalconfig(void)
     curlx_fclose(global->trace_stream);
   global->trace_stream = NULL;
 
+  tool_safefree(global->ssl_sessions);
   tool_safefree(global->libcurl);
 #ifdef _WIN32
   free(global->term.buf);
diff --git a/src/tool_cfgable.h b/src/tool_cfgable.h
index dc78f2db44..717d35a1f5 100644
--- a/src/tool_cfgable.h
+++ b/src/tool_cfgable.h
@@ -29,6 +29,7 @@
 #include "tool_sdecls.h"
 #include "tool_urlglob.h"
 #include "var.h"
+#include "memdebug.h" /* keep this as LAST include */
 
 /* the type we use for storing a single boolean bit */
 #ifndef BIT
diff --git a/src/tool_ssls.c b/src/tool_ssls.c
index 2b8cc10672..ab78014c0a 100644
--- a/src/tool_ssls.c
+++ b/src/tool_ssls.c
@@ -80,8 +80,8 @@ CURLcode tool_ssls_load(struct OperationConfig *config,
   i = imported = 0;
   while(my_get_line(fp, &buf, &error)) {
     ++i;
-    curl_free(shmac);
-    curl_free(sdata);
+    tool_safefree(shmac);
+    tool_safefree(sdata);
     line = curlx_dyn_ptr(&buf);
 
     c = memchr(line, ':', strlen(line));
@@ -125,8 +125,8 @@ out:
   if(fp)
     curlx_fclose(fp);
   curlx_dyn_free(&buf);
-  curl_free(shmac);
-  curl_free(sdata);
+  free(shmac);
+  free(sdata);
   return r;
 }
 
@@ -165,7 +165,7 @@ static CURLcode tool_ssls_exp(CURL *easy, void *userptr,
     goto out;
   if(EOF == fputc(':', ctx->fp))
     goto out;
-  curl_free(enc);
+  tool_safefree(enc);
   r = curlx_base64_encode((const char *)sdata, sdata_len, &enc, &enc_len);
   if(r)
     goto out;
@@ -179,7 +179,7 @@ static CURLcode tool_ssls_exp(CURL *easy, void *userptr,
 out:
   if(r)
     warnf("Warning: error saving SSL session for '%s': %d", session_key, r);
-  curl_free(enc);
+  free(enc);
   return r;
 }
 

From abe6ea053116b9121571c685d6c13222f934c283 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Wed, 19 Nov 2025 08:30:49 +0100
Subject: [PATCH 0915/2408] curlinfo: add "ssl-sessions" as a feature to show

To allow tests depend on it
---
 src/curlinfo.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/curlinfo.c b/src/curlinfo.c
index da75a45876..852aee8201 100644
--- a/src/curlinfo.c
+++ b/src/curlinfo.c
@@ -235,6 +235,13 @@ static const char *disabled[]={
   "ON"
 #else
   "OFF"
+#endif
+  ,
+  "ssl-sessions: "
+#ifdef USE_SSLS_EXPORT
+  "ON"
+#else
+  "OFF"
 #endif
 };
 

From b98e791e57200c7192fa391a5ecf19fc5d70e478 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Wed, 19 Nov 2025 08:32:13 +0100
Subject: [PATCH 0916/2408] test777: simple ---ssl-sessions test with wrong
 sessions

---
 tests/data/Makefile.am |  2 +-
 tests/data/test777     | 48 ++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 49 insertions(+), 1 deletion(-)
 create mode 100644 tests/data/test777

diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am
index d417a70a40..fc10723814 100644
--- a/tests/data/Makefile.am
+++ b/tests/data/Makefile.am
@@ -110,7 +110,7 @@ test736 test737 test738 test739 test740 test741 test742 test743 test744 \
 test745 test746 test747 test748 test749 test750 test751 test752 test753 \
 test754 test755 test756 test757 test758 test759 test760 test761 test762 \
 test763 test764 test765 test766 test767 test768 test769 test770 test771 \
-test772 test773 test774 test775 test776 \
+test772 test773 test774 test775 test776 test777 \
 test780 test781 test782 test783 test784 test785 test786 test787 test788 \
 test789 test790 test791 test792 test793 test794         test796 test797 \
 \
diff --git a/tests/data/test777 b/tests/data/test777
new file mode 100644
index 0000000000..4f6f83785c
--- /dev/null
+++ b/tests/data/test777
@@ -0,0 +1,48 @@
+
+
+
+--ssl-sessions
+
+
+
+#
+# Server-side
+
+
+HTTP/1.1 200
+Date: Tue, 09 Nov 2030 14:49:00 GMT
+Server: test-server/fake swsclose
+Content-Type: text/html
+
+
+
+
+#
+# Client-side
+
+
+http
+
+
+ssl-sessions
+
+
+--ssl-sessions with weird sessions in file
+
+
+http://%HOSTIP:%HTTPPORT/%TESTNUMBER --ssl-sessions "%LOGDIR/sessions"
+
+
+# Your SSL session cache. https://curl.se/docs/ssl-sessions.html
+# This file was generated by libcurl! Edit at your own risk.
+%b64[this is a funny test]b64%:%b64[second sequence]b64%
+%b64[also a funny test]b64%:%b64[second different sequence]b64%
+bad base64:also!bad
+
+
+
+#
+# Verify data after the test has been "shot"
+
+
+

From b0d23b901fd9dbc2eeef4e1048a53431a03f358b Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 19 Nov 2025 04:53:55 +0100
Subject: [PATCH 0917/2408] GHA: set `--buildinfo` for `test-torture` jobs

Only the `test-ci` build target sets `--buildinfo` automatically,
since 985f39c0ce78b546e832c250588c14023123edfb. It needs to be set
manually for other targets used in CI, such as `test-torture`,
to enable the `buildinfo.txt` dump in the runtests step.

For Test Clutch. In an attempt to re-sync `targetarch` with the rest of
macOS jobs on the feature matrix page:
https://testclutch.curl.se/static/reports/feature-matrix.html
Before this patch and possibly since the breaking update It's `aarch64e`
for torture jobs and `aarch64` for the rest

(stricly speaking `aarch64e` is the correct value for all macOS jobs, but
autotools and cmake report arm64/aarch64 without the `e`.)

Regression from 985f39c0ce78b546e832c250588c14023123edfb #18147

Closes #19601
---
 .github/workflows/linux.yml | 2 ++
 .github/workflows/macos.yml | 3 +++
 2 files changed, 5 insertions(+)

diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml
index d164f08e41..39f7a4b13a 100644
--- a/.github/workflows/linux.yml
+++ b/.github/workflows/linux.yml
@@ -770,6 +770,8 @@ jobs:
             if [[ "${MATRIX_INSTALL_PACKAGES}" = *'libgss-dev'* ]]; then
               TFLAGS+=' ~2077 ~2078'  # memory leaks from Curl_auth_decode_spnego_message() -> gss_init_sec_context()
             fi
+          elif [ "${TEST_TARGET}" != 'test-ci' ]; then
+            TFLAGS+=' --buildinfo'  # only test-ci sets this by default, set it manually for test-torture
           fi
           [ -f ~/venv/bin/activate ] && source ~/venv/bin/activate
           if [[ "${MATRIX_INSTALL_STEPS}" = *'codeset-test'* ]]; then
diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml
index 56d895f6ab..739809d47a 100644
--- a/.github/workflows/macos.yml
+++ b/.github/workflows/macos.yml
@@ -497,6 +497,9 @@ jobs:
           TFLAGS: '${{ matrix.build.tflags }}'
         run: |
           TFLAGS="-j20 ${TFLAGS}"
+          if [ "${TEST_TARGET}" != 'test-ci' ]; then
+            TFLAGS+=' --buildinfo'  # only test-ci sets this by default, set it manually for test-torture
+          fi
           source ~/venv/bin/activate
           if [[ "${MATRIX_INSTALL_STEPS}" = *'codeset-test'* ]]; then
             locale || true

From 47b8e1dbd3ad27d246409402081dcd554d4e13d7 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 19 Nov 2025 13:30:25 +0100
Subject: [PATCH 0918/2408] tidy-up: move `CURL_UNCONST()` out from macro
 `curl_unicodefree()`

To stop applying it where not needed (most uses) and make it visible
where it's actually used (5 uses).

Follow-up to f4e23950c7b1c389cf0dde8b91353d85b8361b64 #16142

Closes #19606
---
 lib/curlx/multibyte.h | 2 +-
 src/tool_getparam.c   | 8 ++++----
 src/tool_operate.c    | 2 +-
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/lib/curlx/multibyte.h b/lib/curlx/multibyte.h
index c60ce258c9..8b698c1b73 100644
--- a/lib/curlx/multibyte.h
+++ b/lib/curlx/multibyte.h
@@ -78,6 +78,6 @@ typedef union {
 #endif /* UNICODE && _WIN32 */
 
 /* the purpose of this macro is to free() without being traced by memdebug */
-#define curlx_unicodefree(ptr) (free)(CURL_UNCONST(ptr))
+#define curlx_unicodefree(ptr) (free)(ptr)
 
 #endif /* HEADER_CURL_MULTIBYTE_H */
diff --git a/src/tool_getparam.c b/src/tool_getparam.c
index 337ad33280..0bb1329b54 100644
--- a/src/tool_getparam.c
+++ b/src/tool_getparam.c
@@ -3050,7 +3050,7 @@ ParameterError parse_args(int argc, argv_item_t argv[])
         if(i < (argc - 1)) {
           nextarg = convert_tchar_to_UTF8(argv[i + 1]);
           if(!nextarg) {
-            unicodefree(orig_opt);
+            unicodefree(CURL_UNCONST(orig_opt));
             return PARAM_NO_MEM;
           }
         }
@@ -3058,7 +3058,7 @@ ParameterError parse_args(int argc, argv_item_t argv[])
         result = getparameter(orig_opt, nextarg, &passarg, config,
                               CONFIG_MAX_LEVELS);
 
-        unicodefree(nextarg);
+        unicodefree(CURL_UNCONST(nextarg));
         config = global->last;
         if(result == PARAM_NEXT_OPERATION) {
           /* Reset result as PARAM_NEXT_OPERATION is only used here and not
@@ -3096,7 +3096,7 @@ ParameterError parse_args(int argc, argv_item_t argv[])
     }
 
     if(!result) {
-      unicodefree(orig_opt);
+      unicodefree(CURL_UNCONST(orig_opt));
       orig_opt = NULL;
     }
   }
@@ -3119,6 +3119,6 @@ ParameterError parse_args(int argc, argv_item_t argv[])
       helpf("%s", reason);
   }
 
-  unicodefree(orig_opt);
+  unicodefree(CURL_UNCONST(orig_opt));
   return result;
 }
diff --git a/src/tool_operate.c b/src/tool_operate.c
index 8949ce2a52..b969375422 100644
--- a/src/tool_operate.c
+++ b/src/tool_operate.c
@@ -2249,7 +2249,7 @@ CURLcode operate(int argc, argv_item_t argv[])
     }
   }
 
-  unicodefree(first_arg);
+  unicodefree(CURL_UNCONST(first_arg));
 
   if(!result) {
     /* Parse the command line arguments */

From 9fb843ac8f3dc14cfeb4dd2902f1b23445a717ac Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Wed, 19 Nov 2025 14:07:03 +0100
Subject: [PATCH 0919/2408] ftp: use size_t instead of ssize_t

Make type conversions unnecessary.

Closes #19607
---
 lib/ftp.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/lib/ftp.c b/lib/ftp.c
index 7a0bb8ce01..ac4fdc25c9 100644
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -417,7 +417,7 @@ static const struct Curl_cwtype ftp_cw_lc = {
 
 #endif /* CURL_PREFER_LF_LINEENDS */
 
-static CURLcode getftpresponse(struct Curl_easy *data, ssize_t *nread,
+static CURLcode getftpresponse(struct Curl_easy *data, size_t *nread,
                                int *ftpcode);
 
 /***********************************************************************
@@ -431,7 +431,7 @@ static CURLcode ftp_check_ctrl_on_data_wait(struct Curl_easy *data,
   struct connectdata *conn = data->conn;
   curl_socket_t ctrl_sock = conn->sock[FIRSTSOCKET];
   struct pingpong *pp = &ftpc->pp;
-  ssize_t nread;
+  size_t nread;
   int ftpcode;
   bool response = FALSE;
 
@@ -602,7 +602,7 @@ static CURLcode ftp_readresp(struct Curl_easy *data,
  *
  */
 static CURLcode getftpresponse(struct Curl_easy *data,
-                               ssize_t *nreadp, /* return number of bytes
+                               size_t *nreadp, /* return number of bytes
                                                    read */
                                int *ftpcodep) /* return the ftp-code */
 {
@@ -3225,7 +3225,7 @@ static CURLcode ftp_done(struct Curl_easy *data, CURLcode status,
   struct FTP *ftp = Curl_meta_get(data, CURL_META_FTP_EASY);
   struct ftp_conn *ftpc = Curl_conn_meta_get(data->conn, CURL_META_FTP_CONN);
   struct pingpong *pp;
-  ssize_t nread;
+  size_t nread;
   int ftpcode;
   CURLcode result = CURLE_OK;
 
@@ -3437,7 +3437,7 @@ CURLcode ftp_sendquote(struct Curl_easy *data,
   item = quote;
   while(item) {
     if(item->data) {
-      ssize_t nread;
+      size_t nread;
       char *cmd = item->data;
       bool acceptfail = FALSE;
       CURLcode result;

From 30afc66b88a2020842d7ddb78116f44ac6b34310 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Wed, 19 Nov 2025 14:20:49 +0100
Subject: [PATCH 0920/2408] gopher: convert ssize_t to size_t

Make type conversions unnecessary.

Closes #19608
---
 lib/gopher.c | 41 +++++++++++++++++++----------------------
 1 file changed, 19 insertions(+), 22 deletions(-)

diff --git a/lib/gopher.c b/lib/gopher.c
index 1d4c75295c..45d43f6ebd 100644
--- a/lib/gopher.c
+++ b/lib/gopher.c
@@ -139,11 +139,10 @@ static CURLcode gopher_do(struct Curl_easy *data, bool *done)
   char *gopherpath;
   char *path = data->state.up.path;
   char *query = data->state.up.query;
-  char *sel = NULL;
-  char *sel_org = NULL;
+  const char *buf = NULL;
+  char *buf_alloc = NULL;
+  size_t nwritten, buf_len;
   timediff_t timeout_ms;
-  ssize_t k;
-  size_t amount, len;
   int what;
 
   *done = TRUE; /* unconditionally */
@@ -161,8 +160,8 @@ static CURLcode gopher_do(struct Curl_easy *data, bool *done)
 
   /* Create selector. Degenerate cases: / and /1 => convert to "" */
   if(strlen(gopherpath) <= 2) {
-    sel = (char *)CURL_UNCONST("");
-    len = strlen(sel);
+    buf = "";
+    buf_len = 0;
     free(gopherpath);
   }
   else {
@@ -173,30 +172,28 @@ static CURLcode gopher_do(struct Curl_easy *data, bool *done)
     newp += 2;
 
     /* ... and finally unescape */
-    result = Curl_urldecode(newp, 0, &sel, &len, REJECT_ZERO);
+    result = Curl_urldecode(newp, 0, &buf_alloc, &buf_len, REJECT_ZERO);
     free(gopherpath);
     if(result)
       return result;
-    sel_org = sel;
+    buf = buf_alloc;
   }
 
-  k = curlx_uztosz(len);
+  for(; buf_len;) {
 
-  for(;;) {
-    /* Break out of the loop if the selector is empty because OpenSSL and/or
-       LibreSSL fail with errno 0 if this is the case. */
-    if(strlen(sel) < 1)
-      break;
-
-    result = Curl_xfer_send(data, sel, k, FALSE, &amount);
+    result = Curl_xfer_send(data, buf, buf_len, FALSE, &nwritten);
     if(!result) { /* Which may not have written it all! */
-      result = Curl_client_write(data, CLIENTWRITE_HEADER, sel, amount);
+      result = Curl_client_write(data, CLIENTWRITE_HEADER, buf, nwritten);
       if(result)
         break;
 
-      k -= amount;
-      sel += amount;
-      if(k < 1)
+      if(nwritten > buf_len) {
+        DEBUGASSERT(0);
+        break;
+      }
+      buf_len -= nwritten;
+      buf += nwritten;
+      if(!buf_len)
         break; /* but it did write it all */
     }
     else
@@ -227,10 +224,10 @@ static CURLcode gopher_do(struct Curl_easy *data, bool *done)
     }
   }
 
-  free(sel_org);
+  free(buf_alloc);
 
   if(!result)
-    result = Curl_xfer_send(data, "\r\n", 2, FALSE, &amount);
+    result = Curl_xfer_send(data, "\r\n", 2, FALSE, &nwritten);
   if(result) {
     failf(data, "Failed sending Gopher request");
     return result;

From 17dc43ce6cfe536e4a30c1be42de1a9cdd585a9a Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Wed, 19 Nov 2025 15:09:57 +0100
Subject: [PATCH 0921/2408] http: eliminate ssize_t

Use size_t to avoid conversions.

Closes #19610
---
 lib/http1.c             | 103 +++++++++++++++++++---------------------
 lib/http1.h             |  10 ++--
 lib/http2.c             |  11 ++---
 lib/vquic/curl_ngtcp2.c |  12 ++---
 lib/vquic/curl_osslq.c  |  54 ++++++++++-----------
 lib/vquic/curl_quiche.c |   9 ++--
 tests/unit/unit2603.c   |  10 ++--
 7 files changed, 97 insertions(+), 112 deletions(-)

diff --git a/lib/http1.c b/lib/http1.c
index c487597e34..b1d8097636 100644
--- a/lib/http1.c
+++ b/lib/http1.c
@@ -80,57 +80,58 @@ static CURLcode trim_line(struct h1_req_parser *parser, int options)
   return CURLE_OK;
 }
 
-static ssize_t detect_line(struct h1_req_parser *parser,
-                           const char *buf, const size_t buflen,
-                           CURLcode *err)
+static CURLcode detect_line(struct h1_req_parser *parser,
+                            const char *buf, const size_t buflen,
+                            size_t *pnread)
 {
   const char *line_end;
 
   DEBUGASSERT(!parser->line);
+  *pnread = 0;
   line_end = memchr(buf, '\n', buflen);
-  if(!line_end) {
-    *err = CURLE_AGAIN;
-    return -1;
-  }
+  if(!line_end)
+    return CURLE_AGAIN;
   parser->line = buf;
   parser->line_len = line_end - buf + 1;
-  *err = CURLE_OK;
-  return (ssize_t)parser->line_len;
+  *pnread = parser->line_len;
+  return CURLE_OK;
 }
 
-static ssize_t next_line(struct h1_req_parser *parser,
-                         const char *buf, const size_t buflen, int options,
-                         CURLcode *err)
+static CURLcode next_line(struct h1_req_parser *parser,
+                          const char *buf, const size_t buflen, int options,
+                          size_t *pnread)
 {
-  ssize_t nread = 0;
+  CURLcode result;
 
+  *pnread = 0;
   if(parser->line) {
     parser->line = NULL;
     parser->line_len = 0;
     curlx_dyn_reset(&parser->scratch);
   }
 
-  nread = detect_line(parser, buf, buflen, err);
-  if(nread >= 0) {
+  result = detect_line(parser, buf, buflen, pnread);
+  if(!result) {
     if(curlx_dyn_len(&parser->scratch)) {
       /* append detected line to scratch to have the complete line */
-      *err = curlx_dyn_addn(&parser->scratch, parser->line, parser->line_len);
-      if(*err)
-        return -1;
+      result = curlx_dyn_addn(&parser->scratch, parser->line,
+                              parser->line_len);
+      if(result)
+        return result;
       parser->line = curlx_dyn_ptr(&parser->scratch);
       parser->line_len = curlx_dyn_len(&parser->scratch);
     }
-    *err = trim_line(parser, options);
-    if(*err)
-      return -1;
+    result = trim_line(parser, options);
+    if(result)
+      return result;
   }
-  else if(*err == CURLE_AGAIN) {
+  else if(result == CURLE_AGAIN) {
     /* no line end in `buf`, add it to our scratch */
-    *err = curlx_dyn_addn(&parser->scratch, (const unsigned char *)buf,
-                          buflen);
-    nread = (*err) ? -1 : (ssize_t)buflen;
+    result = curlx_dyn_addn(&parser->scratch, (const unsigned char *)buf,
+                            buflen);
+    *pnread = buflen;
   }
-  return nread;
+  return result;
 }
 
 static CURLcode start_req(struct h1_req_parser *parser,
@@ -264,29 +265,28 @@ out:
   return result;
 }
 
-ssize_t Curl_h1_req_parse_read(struct h1_req_parser *parser,
-                               const char *buf, size_t buflen,
-                               const char *scheme_default,
-                               const char *custom_method,
-                               int options, CURLcode *err)
+CURLcode Curl_h1_req_parse_read(struct h1_req_parser *parser,
+                                const char *buf, size_t buflen,
+                                const char *scheme_default,
+                                const char *custom_method,
+                                int options, size_t *pnread)
 {
-  ssize_t nread = 0, n;
+  CURLcode result = CURLE_OK;
+  size_t nread;
 
-  *err = CURLE_OK;
+  *pnread = 0;
   while(!parser->done) {
-    n = next_line(parser, buf, buflen, options, err);
-    if(n < 0) {
-      if(*err != CURLE_AGAIN) {
-        nread = -1;
-      }
-      *err = CURLE_OK;
+    result = next_line(parser, buf, buflen, options, &nread);
+    if(result) {
+      if(result == CURLE_AGAIN)
+        result = CURLE_OK;
       goto out;
     }
 
     /* Consume this line */
-    nread += (size_t)n;
-    buf += (size_t)n;
-    buflen -= (size_t)n;
+    *pnread += nread;
+    buf += nread;
+    buflen -= nread;
 
     if(!parser->line) {
       /* consumed bytes, but line not complete */
@@ -294,17 +294,14 @@ ssize_t Curl_h1_req_parse_read(struct h1_req_parser *parser,
         goto out;
     }
     else if(!parser->req) {
-      *err = start_req(parser, scheme_default, custom_method, options);
-      if(*err) {
-        nread = -1;
+      result = start_req(parser, scheme_default, custom_method, options);
+      if(result)
         goto out;
-      }
     }
     else if(parser->line_len == 0) {
       /* last, empty line, we are finished */
       if(!parser->req) {
-        *err = CURLE_URL_MALFORMAT;
-        nread = -1;
+        result = CURLE_URL_MALFORMAT;
         goto out;
       }
       parser->done = TRUE;
@@ -312,17 +309,15 @@ ssize_t Curl_h1_req_parse_read(struct h1_req_parser *parser,
       /* last chance adjustments */
     }
     else {
-      *err = Curl_dynhds_h1_add_line(&parser->req->headers,
-                                     parser->line, parser->line_len);
-      if(*err) {
-        nread = -1;
+      result = Curl_dynhds_h1_add_line(&parser->req->headers,
+                                       parser->line, parser->line_len);
+      if(result)
         goto out;
-      }
     }
   }
 
 out:
-  return nread;
+  return result;
 }
 
 CURLcode Curl_h1_req_write_head(struct httpreq *req, int http_minor,
diff --git a/lib/http1.h b/lib/http1.h
index 94b5a44e31..944e9038dd 100644
--- a/lib/http1.h
+++ b/lib/http1.h
@@ -48,11 +48,11 @@ struct h1_req_parser {
 void Curl_h1_req_parse_init(struct h1_req_parser *parser, size_t max_line_len);
 void Curl_h1_req_parse_free(struct h1_req_parser *parser);
 
-ssize_t Curl_h1_req_parse_read(struct h1_req_parser *parser,
-                               const char *buf, size_t buflen,
-                               const char *scheme_default,
-                               const char *custom_method,
-                               int options, CURLcode *err);
+CURLcode Curl_h1_req_parse_read(struct h1_req_parser *parser,
+                                const char *buf, size_t buflen,
+                                const char *scheme_default,
+                                const char *custom_method,
+                                int options, size_t *pnread);
 
 CURLcode Curl_h1_req_dprint(const struct httpreq *req,
                             struct dynbuf *dbuf);
diff --git a/lib/http2.c b/lib/http2.c
index 1565e0b9ea..a1caa2020f 100644
--- a/lib/http2.c
+++ b/lib/http2.c
@@ -2237,7 +2237,6 @@ static CURLcode h2_submit(struct h2_stream_ctx **pstream,
   nghttp2_data_provider data_prd;
   int32_t stream_id;
   nghttp2_priority_spec pri_spec;
-  ssize_t rc;
   size_t nwritten;
   CURLcode result = CURLE_OK;
 
@@ -2248,11 +2247,11 @@ static CURLcode h2_submit(struct h2_stream_ctx **pstream,
   if(result)
     goto out;
 
-  rc = Curl_h1_req_parse_read(&stream->h1, buf, len, NULL,
-                              !data->state.http_ignorecustom ?
-                              data->set.str[STRING_CUSTOMREQUEST] : NULL,
-                              0, &result);
-  if(!curlx_sztouz(rc, &nwritten))
+  result = Curl_h1_req_parse_read(&stream->h1, buf, len, NULL,
+                                  !data->state.http_ignorecustom ?
+                                  data->set.str[STRING_CUSTOMREQUEST] : NULL,
+                                  0, &nwritten);
+  if(result)
     goto out;
   *pnwritten = nwritten;
   if(!stream->h1.done) {
diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c
index ce5786ca83..ecfa895a2e 100644
--- a/lib/vquic/curl_ngtcp2.c
+++ b/lib/vquic/curl_ngtcp2.c
@@ -1513,7 +1513,6 @@ static CURLcode h3_stream_open(struct Curl_cfilter *cf,
   nghttp3_nv *nva = NULL;
   int rc = 0;
   unsigned int i;
-  ssize_t nwritten = -1;
   nghttp3_data_reader reader;
   nghttp3_data_reader *preader = NULL;
   CURLcode result;
@@ -1531,13 +1530,12 @@ static CURLcode h3_stream_open(struct Curl_cfilter *cf,
     goto out;
   }
 
-  nwritten = Curl_h1_req_parse_read(&stream->h1, buf, len, NULL,
-                                    !data->state.http_ignorecustom ?
-                                    data->set.str[STRING_CUSTOMREQUEST] : NULL,
-                                    0, &result);
-  if(nwritten < 0)
+  result = Curl_h1_req_parse_read(&stream->h1, buf, len, NULL,
+                                  !data->state.http_ignorecustom ?
+                                  data->set.str[STRING_CUSTOMREQUEST] : NULL,
+                                  0, pnwritten);
+  if(result)
     goto out;
-  *pnwritten = (size_t)nwritten;
 
   if(!stream->h1.done) {
     /* need more data */
diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c
index f328c08e35..68666d5915 100644
--- a/lib/vquic/curl_osslq.c
+++ b/lib/vquic/curl_osslq.c
@@ -1872,10 +1872,10 @@ out:
   return result;
 }
 
-static ssize_t h3_stream_open(struct Curl_cfilter *cf,
-                              struct Curl_easy *data,
-                              const void *buf, size_t len,
-                              CURLcode *err)
+static CURLcode h3_stream_open(struct Curl_cfilter *cf,
+                               struct Curl_easy *data,
+                               const void *buf, size_t len,
+                               size_t *pnwritten)
 {
   struct cf_osslq_ctx *ctx = cf->ctx;
   struct h3_stream_ctx *stream = NULL;
@@ -1884,27 +1884,27 @@ static ssize_t h3_stream_open(struct Curl_cfilter *cf,
   nghttp3_nv *nva = NULL;
   int rc = 0;
   unsigned int i;
-  ssize_t nwritten = -1;
   nghttp3_data_reader reader;
   nghttp3_data_reader *preader = NULL;
+  CURLcode result;
 
   Curl_dynhds_init(&h2_headers, 0, DYN_HTTP_REQUEST);
 
-  *err = h3_data_setup(cf, data);
-  if(*err)
+  result = h3_data_setup(cf, data);
+  if(result)
     goto out;
   stream = H3_STREAM_CTX(ctx, data);
   DEBUGASSERT(stream);
   if(!stream) {
-    *err = CURLE_FAILED_INIT;
+    result = CURLE_FAILED_INIT;
     goto out;
   }
 
-  nwritten = Curl_h1_req_parse_read(&stream->h1, buf, len, NULL,
-                                    !data->state.http_ignorecustom ?
-                                    data->set.str[STRING_CUSTOMREQUEST] : NULL,
-                                    0, err);
-  if(nwritten < 0)
+  result = Curl_h1_req_parse_read(&stream->h1, buf, len, NULL,
+                                  !data->state.http_ignorecustom ?
+                                  data->set.str[STRING_CUSTOMREQUEST] : NULL,
+                                  0, pnwritten);
+  if(result)
     goto out;
   if(!stream->h1.done) {
     /* need more data */
@@ -1912,19 +1912,16 @@ static ssize_t h3_stream_open(struct Curl_cfilter *cf,
   }
   DEBUGASSERT(stream->h1.req);
 
-  *err = Curl_http_req_to_h2(&h2_headers, stream->h1.req, data);
-  if(*err) {
-    nwritten = -1;
+  result = Curl_http_req_to_h2(&h2_headers, stream->h1.req, data);
+  if(result)
     goto out;
-  }
   /* no longer needed */
   Curl_h1_req_parse_free(&stream->h1);
 
   nheader = Curl_dynhds_count(&h2_headers);
   nva = malloc(sizeof(nghttp3_nv) * nheader);
   if(!nva) {
-    *err = CURLE_OUT_OF_MEMORY;
-    nwritten = -1;
+    result = CURLE_OUT_OF_MEMORY;
     goto out;
   }
 
@@ -1938,11 +1935,11 @@ static ssize_t h3_stream_open(struct Curl_cfilter *cf,
   }
 
   DEBUGASSERT(stream->s.id == -1);
-  *err = cf_osslq_stream_open(&stream->s, ctx->tls.ossl.ssl, 0,
-                              &ctx->stream_bufcp, data);
-  if(*err) {
+  result = cf_osslq_stream_open(&stream->s, ctx->tls.ossl.ssl, 0,
+                                &ctx->stream_bufcp, data);
+  if(result) {
     failf(data, "cannot get bidi streams");
-    *err = CURLE_SEND_ERROR;
+    result = CURLE_SEND_ERROR;
     goto out;
   }
 
@@ -1983,8 +1980,7 @@ static ssize_t h3_stream_open(struct Curl_cfilter *cf,
                   stream->s.id, rc, nghttp3_strerror(rc));
       break;
     }
-    *err = CURLE_SEND_ERROR;
-    nwritten = -1;
+    result = CURLE_SEND_ERROR;
     goto out;
   }
 
@@ -2002,7 +1998,7 @@ static ssize_t h3_stream_open(struct Curl_cfilter *cf,
 out:
   free(nva);
   Curl_dynhds_free(&h2_headers);
-  return nwritten;
+  return result;
 }
 
 static CURLcode cf_osslq_send(struct Curl_cfilter *cf, struct Curl_easy *data,
@@ -2012,7 +2008,6 @@ static CURLcode cf_osslq_send(struct Curl_cfilter *cf, struct Curl_easy *data,
   struct cf_osslq_ctx *ctx = cf->ctx;
   struct h3_stream_ctx *stream = NULL;
   struct cf_call_data save;
-  ssize_t nwritten;
   CURLcode result = CURLE_OK;
 
   (void)eos; /* use to end stream */
@@ -2032,13 +2027,12 @@ static CURLcode cf_osslq_send(struct Curl_cfilter *cf, struct Curl_easy *data,
 
   stream = H3_STREAM_CTX(ctx, data);
   if(!stream || stream->s.id < 0) {
-    nwritten = h3_stream_open(cf, data, buf, len, &result);
-    if(nwritten < 0) {
+    result = h3_stream_open(cf, data, buf, len, pnwritten);
+    if(result) {
       CURL_TRC_CF(data, cf, "failed to open stream -> %d", result);
       goto out;
     }
     stream = H3_STREAM_CTX(ctx, data);
-    *pnwritten = (size_t)nwritten;
   }
   else if(stream->closed) {
     if(stream->resp_hds_complete) {
diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c
index 02b679ab84..0ab7e0c296 100644
--- a/lib/vquic/curl_quiche.c
+++ b/lib/vquic/curl_quiche.c
@@ -977,7 +977,6 @@ static CURLcode h3_open_stream(struct Curl_cfilter *cf,
   struct dynhds h2_headers;
   quiche_h3_header *nva = NULL;
   CURLcode result = CURLE_OK;
-  ssize_t nwritten;
 
   *pnwritten = 0;
   if(!stream) {
@@ -991,11 +990,12 @@ static CURLcode h3_open_stream(struct Curl_cfilter *cf,
   Curl_dynhds_init(&h2_headers, 0, DYN_HTTP_REQUEST);
 
   DEBUGASSERT(stream);
-  nwritten = Curl_h1_req_parse_read(&stream->h1, buf, blen, NULL,
+
+  result = Curl_h1_req_parse_read(&stream->h1, buf, blen, NULL,
                                     !data->state.http_ignorecustom ?
                                     data->set.str[STRING_CUSTOMREQUEST] : NULL,
-                                    0, &result);
-  if(nwritten < 0)
+                                    0, pnwritten);
+  if(result)
     goto out;
   if(!stream->h1.done) {
     /* need more data */
@@ -1025,7 +1025,6 @@ static CURLcode h3_open_stream(struct Curl_cfilter *cf,
     nva[i].value_len = e->valuelen;
   }
 
-  *pnwritten = (size_t)nwritten;
   buf += *pnwritten;
   blen -= *pnwritten;
 
diff --git a/tests/unit/unit2603.c b/tests/unit/unit2603.c
index a8ed09f1c2..61295de37e 100644
--- a/tests/unit/unit2603.c
+++ b/tests/unit/unit2603.c
@@ -66,7 +66,7 @@ static void parse_success(const struct tcase *t)
   const char *buf;
   size_t buflen, i, in_len, in_consumed;
   CURLcode err;
-  ssize_t nread;
+  size_t nread;
 
   Curl_h1_req_parse_init(&p, 1024);
   in_len = in_consumed = 0;
@@ -74,14 +74,14 @@ static void parse_success(const struct tcase *t)
     buf = t->input[i];
     buflen = strlen(buf);
     in_len += buflen;
-    nread = Curl_h1_req_parse_read(&p, buf, buflen, t->default_scheme,
-                                   t->custom_method, 0, &err);
-    if(nread < 0) {
+    err = Curl_h1_req_parse_read(&p, buf, buflen, t->default_scheme,
+                                 t->custom_method, 0, &nread);
+    if(err) {
       curl_mfprintf(stderr, "got err %d parsing: '%s'\n", err, buf);
       fail("error consuming");
     }
     in_consumed += (size_t)nread;
-    if((size_t)nread != buflen) {
+    if(nread != buflen) {
       if(!p.done) {
         curl_mfprintf(stderr, "only %zd/%zu consumed for: '%s'\n",
                       nread, buflen, buf);

From 991119051c2e54d2e9b6b002811f7f9da71c37eb Mon Sep 17 00:00:00 2001
From: Christian Schmitz 
Date: Wed, 19 Nov 2025 13:15:37 +0100
Subject: [PATCH 0922/2408] libssh2: add paths to error messages for quote
 commands

We really like to know what path curl parsed from our input.

Closes #19605
---
 lib/vssh/libssh2.c | 29 ++++++++++++++++-------------
 1 file changed, 16 insertions(+), 13 deletions(-)

diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c
index f5cb5f9a1d..3a7e14053f 100644
--- a/lib/vssh/libssh2.c
+++ b/lib/vssh/libssh2.c
@@ -2067,10 +2067,10 @@ static CURLcode ssh_state_sftp_quote_setstat(struct Curl_easy *data,
 
   if(rc && !sshc->acceptfail) {
     unsigned long sftperr = libssh2_sftp_last_error(sshc->sftp_session);
+    failf(data, "Attempt to set SFTP stats for \"%s\" failed: %s",
+          sshc->quote_path2, sftp_libssh2_strerror(sftperr));
     Curl_safefree(sshc->quote_path1);
     Curl_safefree(sshc->quote_path2);
-    failf(data, "Attempt to set SFTP stats failed: %s",
-          sftp_libssh2_strerror(sftperr));
     myssh_state(data, sshc, SSH_SFTP_CLOSE);
     sshc->nextstate = SSH_NO_STATE;
     return CURLE_QUOTE_ERROR;
@@ -2093,10 +2093,11 @@ static CURLcode ssh_state_sftp_quote_symlink(struct Curl_easy *data,
 
   if(rc && !sshc->acceptfail) {
     unsigned long sftperr = libssh2_sftp_last_error(sshc->sftp_session);
+    failf(data, "symlink \"%s\" to \"%s\" failed: %s",
+          sshc->quote_path1, sshc->quote_path2,
+          sftp_libssh2_strerror(sftperr));
     Curl_safefree(sshc->quote_path1);
     Curl_safefree(sshc->quote_path2);
-    failf(data, "symlink command failed: %s",
-          sftp_libssh2_strerror(sftperr));
     myssh_state(data, sshc, SSH_SFTP_CLOSE);
     sshc->nextstate = SSH_NO_STATE;
     return CURLE_QUOTE_ERROR;
@@ -2116,9 +2117,9 @@ static CURLcode ssh_state_sftp_quote_mkdir(struct Curl_easy *data,
 
   if(rc && !sshc->acceptfail) {
     unsigned long sftperr = libssh2_sftp_last_error(sshc->sftp_session);
+    failf(data, "mkdir \"%s\" failed: %s",
+          sshc->quote_path1, sftp_libssh2_strerror(sftperr));
     Curl_safefree(sshc->quote_path1);
-    failf(data, "mkdir command failed: %s",
-          sftp_libssh2_strerror(sftperr));
     myssh_state(data, sshc, SSH_SFTP_CLOSE);
     sshc->nextstate = SSH_NO_STATE;
     return CURLE_QUOTE_ERROR;
@@ -2144,10 +2145,11 @@ static CURLcode ssh_state_sftp_quote_rename(struct Curl_easy *data,
 
   if(rc && !sshc->acceptfail) {
     unsigned long sftperr = libssh2_sftp_last_error(sshc->sftp_session);
+    failf(data, "rename \"%s\" to \"%s\" failed: %s",
+          sshc->quote_path1, sshc->quote_path2,
+          sftp_libssh2_strerror(sftperr));
     Curl_safefree(sshc->quote_path1);
     Curl_safefree(sshc->quote_path2);
-    failf(data, "rename command failed: %s",
-          sftp_libssh2_strerror(sftperr));
     myssh_state(data, sshc, SSH_SFTP_CLOSE);
     sshc->nextstate = SSH_NO_STATE;
     return CURLE_QUOTE_ERROR;
@@ -2166,9 +2168,9 @@ static CURLcode ssh_state_sftp_quote_rmdir(struct Curl_easy *data,
 
   if(rc && !sshc->acceptfail) {
     unsigned long sftperr = libssh2_sftp_last_error(sshc->sftp_session);
+    failf(data, "rmdir \"%s\" failed: %s",
+          sshc->quote_path1, sftp_libssh2_strerror(sftperr));
     Curl_safefree(sshc->quote_path1);
-    failf(data, "rmdir command failed: %s",
-          sftp_libssh2_strerror(sftperr));
     myssh_state(data, sshc, SSH_SFTP_CLOSE);
     sshc->nextstate = SSH_NO_STATE;
     return CURLE_QUOTE_ERROR;
@@ -2187,8 +2189,9 @@ static CURLcode ssh_state_sftp_quote_unlink(struct Curl_easy *data,
 
   if(rc && !sshc->acceptfail) {
     unsigned long sftperr = libssh2_sftp_last_error(sshc->sftp_session);
+    failf(data, "rm \"%s\" failed: %s",
+          sshc->quote_path1, sftp_libssh2_strerror(sftperr));
     Curl_safefree(sshc->quote_path1);
-    failf(data, "rm command failed: %s", sftp_libssh2_strerror(sftperr));
     myssh_state(data, sshc, SSH_SFTP_CLOSE);
     sshc->nextstate = SSH_NO_STATE;
     return CURLE_QUOTE_ERROR;
@@ -2210,9 +2213,9 @@ static CURLcode ssh_state_sftp_quote_statvfs(struct Curl_easy *data,
 
   if(rc && !sshc->acceptfail) {
     unsigned long sftperr = libssh2_sftp_last_error(sshc->sftp_session);
+    failf(data, "statvfs \"%s\" failed: %s",
+          sshc->quote_path1, sftp_libssh2_strerror(sftperr));
     Curl_safefree(sshc->quote_path1);
-    failf(data, "statvfs command failed: %s",
-          sftp_libssh2_strerror(sftperr));
     myssh_state(data, sshc, SSH_SFTP_CLOSE);
     sshc->nextstate = SSH_NO_STATE;
     return CURLE_QUOTE_ERROR;

From 2decbb1c1f8a975425e2be5afebb3096b50de599 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sat, 1 Nov 2025 03:07:36 +0100
Subject: [PATCH 0923/2408] runtests: add `-m=seconds` to override test curl
 command timeout

To override the curl default of 5 minutes (300000 ms).

Sometimes a simple test data change can result in a stuck test, this
option makes it exit with an error early. Possible future use in CI
or fast machines to prevent a single test taking 5 minutes and failing
the whole job.

Example hangers:

tests/data/test65:
```diff
-
+
```

tests/data/tests993:
```diff
-%repeat[1000 x 95 328485%0d%0a]%
+%repeat[1000 x 95 328485%0d%0a]%
+
```

Closes #19319
---
 docs/runtests.md      | 4 ++++
 tests/data/test1400   | 1 +
 tests/data/test1401   | 1 +
 tests/data/test1402   | 1 +
 tests/data/test1403   | 1 +
 tests/data/test1404   | 1 +
 tests/data/test1405   | 1 +
 tests/data/test1406   | 1 +
 tests/data/test1407   | 1 +
 tests/data/test1420   | 1 +
 tests/data/test1465   | 1 +
 tests/data/test1481   | 1 +
 tests/data/test285    | 2 +-
 tests/globalconfig.pm | 2 ++
 tests/runner.pm       | 3 +++
 tests/runtests.pl     | 5 +++++
 16 files changed, 26 insertions(+), 1 deletion(-)

diff --git a/docs/runtests.md b/docs/runtests.md
index 373f07618d..b449b3f411 100644
--- a/docs/runtests.md
+++ b/docs/runtests.md
@@ -180,6 +180,10 @@ regression test suite.
 
 Lists all test case names.
 
+## `-m=[seconds]`
+
+Set timeout for curl commands in tests
+
 ## `-n`
 
 Disable the check for and use of valgrind.
diff --git a/tests/data/test1400 b/tests/data/test1400
index 1d2ece68e4..9c54240c2f 100644
--- a/tests/data/test1400
+++ b/tests/data/test1400
@@ -59,6 +59,7 @@ $_ = '' if /CURLOPT_HTTP_VERSION/
 $_ = '' if /CURLOPT_SSLVERSION/
 $_ = '' if /CURLOPT_HTTP09_ALLOWED/
 $_ = '' if /CURLOPT_INTERLEAVEDATA/
+$_ = '' if /CURLOPT_TIMEOUT_MS/
 
 
 /********* Sample code generated by the curl command line tool **********
diff --git a/tests/data/test1401 b/tests/data/test1401
index 31259e079f..e2f51f3911 100644
--- a/tests/data/test1401
+++ b/tests/data/test1401
@@ -68,6 +68,7 @@ $_ = '' if /CURLOPT_SSH_KNOWNHOSTS/
 $_ = '' if /CURLOPT_HTTP_VERSION/
 $_ = '' if /CURLOPT_INTERLEAVEDATA/
 $_ = '' if /CURLOPT_SSLVERSION/
+$_ = '' if /CURLOPT_TIMEOUT_MS/
 
 
 /********* Sample code generated by the curl command line tool **********
diff --git a/tests/data/test1402 b/tests/data/test1402
index c256611b0d..77c0798da2 100644
--- a/tests/data/test1402
+++ b/tests/data/test1402
@@ -62,6 +62,7 @@ $_ = '' if /CURLOPT_SSH_KNOWNHOSTS/
 $_ = '' if /CURLOPT_HTTP_VERSION/
 $_ = '' if /CURLOPT_INTERLEAVEDATA/
 $_ = '' if /CURLOPT_SSLVERSION/
+$_ = '' if /CURLOPT_TIMEOUT_MS/
 
 
 /********* Sample code generated by the curl command line tool **********
diff --git a/tests/data/test1403 b/tests/data/test1403
index 2a2f3617cd..94ada0fdd9 100644
--- a/tests/data/test1403
+++ b/tests/data/test1403
@@ -59,6 +59,7 @@ $_ = '' if /CURLOPT_SSH_KNOWNHOSTS/
 $_ = '' if /CURLOPT_HTTP_VERSION/
 $_ = '' if /CURLOPT_INTERLEAVEDATA/
 $_ = '' if /CURLOPT_SSLVERSION/
+$_ = '' if /CURLOPT_TIMEOUT_MS/
 
 
 /********* Sample code generated by the curl command line tool **********
diff --git a/tests/data/test1404 b/tests/data/test1404
index 732c2678a6..3ffcde8939 100644
--- a/tests/data/test1404
+++ b/tests/data/test1404
@@ -104,6 +104,7 @@ $_ = '' if /CURLOPT_SSH_KNOWNHOSTS/
 $_ = '' if /CURLOPT_HTTP_VERSION/
 $_ = '' if /CURLOPT_INTERLEAVEDATA/
 $_ = '' if /CURLOPT_SSLVERSION/
+$_ = '' if /CURLOPT_TIMEOUT_MS/
 # CURL_DOES_CONVERSION generates an extra comment.
 $_ = '' if /\/\* "value" \*\//
 
diff --git a/tests/data/test1405 b/tests/data/test1405
index a71a522cfa..84ccd6a0fb 100644
--- a/tests/data/test1405
+++ b/tests/data/test1405
@@ -144,6 +144,7 @@ $_ = '' if /CURLOPT_HTTP_VERSION/
 $_ = '' if /CURLOPT_HTTP09_ALLOWED/
 $_ = '' if /CURLOPT_INTERLEAVEDATA/
 $_ = '' if /CURLOPT_SSLVERSION/
+$_ = '' if /CURLOPT_TIMEOUT_MS/
 
 
 
diff --git a/tests/data/test1406 b/tests/data/test1406
index 5f935d2d07..776c880dad 100644
--- a/tests/data/test1406
+++ b/tests/data/test1406
@@ -131,6 +131,7 @@ $_ = '' if /CURLOPT_HTTP_VERSION/
 $_ = '' if /CURLOPT_HTTP09_ALLOWED/
 $_ = '' if /CURLOPT_INTERLEAVEDATA/
 $_ = '' if /CURLOPT_SSLVERSION/
+$_ = '' if /CURLOPT_TIMEOUT_MS/
 
 
 
diff --git a/tests/data/test1407 b/tests/data/test1407
index 9ab40cef40..f767622b0b 100644
--- a/tests/data/test1407
+++ b/tests/data/test1407
@@ -109,6 +109,7 @@ $_ = '' if /CURLOPT_HTTP_VERSION/
 $_ = '' if /CURLOPT_HTTP09_ALLOWED/
 $_ = '' if /CURLOPT_INTERLEAVEDATA/
 $_ = '' if /CURLOPT_SSLVERSION/
+$_ = '' if /CURLOPT_TIMEOUT_MS/
 
 
 
diff --git a/tests/data/test1420 b/tests/data/test1420
index 4a6be82437..22d918acf5 100644
--- a/tests/data/test1420
+++ b/tests/data/test1420
@@ -113,6 +113,7 @@ $_ = '' if /CURLOPT_SSH_KNOWNHOSTS/
 $_ = '' if /CURLOPT_HTTP_VERSION/
 $_ = '' if /CURLOPT_INTERLEAVEDATA/
 $_ = '' if /CURLOPT_SSLVERSION/
+$_ = '' if /CURLOPT_TIMEOUT_MS/
 
 
 
diff --git a/tests/data/test1465 b/tests/data/test1465
index 686c28b0ba..b9e85535ba 100644
--- a/tests/data/test1465
+++ b/tests/data/test1465
@@ -65,6 +65,7 @@ $_ = '' if /CURLOPT_SSH_KNOWNHOSTS/
 $_ = '' if /CURLOPT_HTTP_VERSION/
 $_ = '' if /CURLOPT_INTERLEAVEDATA/
 $_ = '' if /CURLOPT_SSLVERSION/
+$_ = '' if /CURLOPT_TIMEOUT_MS/
 
 
 /********* Sample code generated by the curl command line tool **********
diff --git a/tests/data/test1481 b/tests/data/test1481
index 209c3f87e0..30b6d420e1 100644
--- a/tests/data/test1481
+++ b/tests/data/test1481
@@ -61,6 +61,7 @@ $_ = '' if /CURLOPT_SSH_KNOWNHOSTS/
 $_ = '' if /CURLOPT_HTTP_VERSION/
 $_ = '' if /CURLOPT_HTTP09_ALLOWED/
 $_ = '' if /CURLOPT_INTERLEAVEDATA/
+$_ = '' if /CURLOPT_TIMEOUT_MS/
 
 
 /********* Sample code generated by the curl command line tool **********
diff --git a/tests/data/test285 b/tests/data/test285
index 03dc96f6a0..edba1d3300 100644
--- a/tests/data/test285
+++ b/tests/data/test285
@@ -16,7 +16,7 @@ tftp
 TFTP send
 
 
--T %LOGDIR/test%TESTNUMBER.txt tftp://%HOSTIP:%TFTPPORT// --connect-timeout 549
+-T %LOGDIR/test%TESTNUMBER.txt tftp://%HOSTIP:%TFTPPORT// --connect-timeout 549 --max-time 599
 
 
 a chunk of
diff --git a/tests/globalconfig.pm b/tests/globalconfig.pm
index 6203b62749..8543b3aec4 100644
--- a/tests/globalconfig.pm
+++ b/tests/globalconfig.pm
@@ -49,6 +49,7 @@ BEGIN {
         $buildinfo
         $LOCKDIR
         $LOGDIR
+        $maxtime
         $memanalyze
         $MEMDUMP
         $perlcmd
@@ -103,6 +104,7 @@ our $anyway;          # continue anyway, even if a test fail
 our $CURLVERSION="";  # curl's reported version number
 our $CURLVERNUM="";   # curl's reported version number (without -DEV)
 our $randseed = 0;    # random number seed
+our $maxtime;         # curl command timeout override
 
 # paths
 our $pwd = getcwd();  # current working directory
diff --git a/tests/runner.pm b/tests/runner.pm
index 6113c18745..a73f9d5999 100644
--- a/tests/runner.pm
+++ b/tests/runner.pm
@@ -972,6 +972,9 @@ sub singletest_run {
         if((!$cmdhash{'option'}) || ($cmdhash{'option'} !~ /no-q/)) {
             $CMDLINE .= " -q";
         }
+        if($maxtime) {
+            $CMDLINE .= " --max-time $maxtime";
+        }
     }
 
     if(use_valgrind() && !$disablevalgrind) {
diff --git a/tests/runtests.pl b/tests/runtests.pl
index 354be91f08..54ac77e2e9 100755
--- a/tests/runtests.pl
+++ b/tests/runtests.pl
@@ -2421,6 +2421,10 @@ while(@ARGV) {
         $short=1;
         $automakestyle=1;
     }
+    elsif($ARGV[0] =~ /-m=(\d+)/) {
+        my ($num)=($1);
+        $maxtime=$num;
+    }
     elsif($ARGV[0] eq "-n") {
         # no valgrind
         undef $valgrind;
@@ -2563,6 +2567,7 @@ Usage: runtests.pl [options] [test selection(s)]
   -k       keep stdout and stderr files present after tests
   -L path  require an additional perl library file to replace certain functions
   -l       list all test case names/descriptions
+  -m=[seconds] set timeout for curl commands in tests
   -n       no valgrind
   --no-debuginfod disable the valgrind debuginfod functionality
   -o variable=value set internal variable to the specified value

From 3d80d37cf0bdfc25645bd150c692d122e94ef1cb Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 19 Nov 2025 01:10:48 +0100
Subject: [PATCH 0924/2408] curlx: add and use `curlx_freopen()`

To complement the existing `curlx_fopen()` internal API.
It's used by the curl's `--stderr` option.

`curlx_freopen()` adds two features to the bare `freopen()`:
- tracing for debug-enabled builds.
- Unicode and long-filename support for Windows builds.

In effect this adds long-filename and enables Unicode support for
the `--stderr ` curl command-line option on Windows.

Also add to checksrc.

Follow-up to 2f17a9b654121dd1ecf4fc043c6d08a9da3522db #10673

Closes #19598
---
 docs/internals/CHECKSRC.md |  3 ++-
 lib/curl_setup.h           |  3 +++
 lib/curlx/fopen.c          | 34 ++++++++++++++++++++++++++++++++++
 lib/curlx/fopen.h          | 18 ++++++++++++------
 lib/memdebug.c             | 16 ++++++++++++++--
 scripts/checksrc.pl        |  3 ++-
 src/tool_stderr.c          |  2 +-
 7 files changed, 68 insertions(+), 11 deletions(-)

diff --git a/docs/internals/CHECKSRC.md b/docs/internals/CHECKSRC.md
index 9c4f142879..1740b2bef5 100644
--- a/docs/internals/CHECKSRC.md
+++ b/docs/internals/CHECKSRC.md
@@ -76,7 +76,8 @@ warnings are:
 
 - `EXCLAMATIONSPACE`: space found after exclamations mark
 
-- `FOPENMODE`: `curlx_fopen()` needs a macro for the mode string, use it
+- `FOPENMODE`: `curlx_fopen()`, `curlx_freopen()` need a macro for the mode
+  string, use it
 
 - `INDENTATION`: detected a wrong start column for code. Note that this
    warning only checks some specific places and can certainly miss many bad
diff --git a/lib/curl_setup.h b/lib/curl_setup.h
index f5b9111f61..0df96d5efd 100644
--- a/lib/curl_setup.h
+++ b/lib/curl_setup.h
@@ -1041,6 +1041,9 @@ CURL_EXTERN int curl_dbg_fclose(FILE *file, int line, const char *source);
 CURL_EXTERN ALLOC_FUNC
   FILE *curl_dbg_fopen(const char *file, const char *mode,
                        int line, const char *source);
+CURL_EXTERN ALLOC_FUNC
+  FILE *curl_dbg_freopen(const char *file, const char *mode, FILE *fh,
+                         int line, const char *source);
 CURL_EXTERN ALLOC_FUNC
   FILE *curl_dbg_fdopen(int filedes, const char *mode,
                         int line, const char *source);
diff --git a/lib/curlx/fopen.c b/lib/curlx/fopen.c
index a5311874b8..333eff7de7 100644
--- a/lib/curlx/fopen.c
+++ b/lib/curlx/fopen.c
@@ -282,6 +282,40 @@ FILE *curlx_win32_fopen(const char *filename, const char *mode)
   return result;
 }
 
+FILE *curlx_win32_freopen(const char *filename, const char *mode, FILE *fp)
+{
+  FILE *result = NULL;
+  TCHAR *fixed = NULL;
+  const TCHAR *target = NULL;
+
+#ifdef _UNICODE
+  wchar_t *filename_w = curlx_convert_UTF8_to_wchar(filename);
+  wchar_t *mode_w = curlx_convert_UTF8_to_wchar(mode);
+  if(filename_w && mode_w) {
+    if(fix_excessive_path(filename_w, &fixed))
+      target = fixed;
+    else
+      target = filename_w;
+    result = _wfreopen(target, mode_w, fp);
+  }
+  else
+    /* !checksrc! disable ERRNOVAR 1 */
+    errno = EINVAL;
+  curlx_unicodefree(filename_w);
+  curlx_unicodefree(mode_w);
+#else
+  if(fix_excessive_path(filename, &fixed))
+    target = fixed;
+  else
+    target = filename;
+  /* !checksrc! disable BANNEDFUNC 1 */
+  result = freopen(target, mode, fp);
+#endif
+
+  (free)(fixed);
+  return result;
+}
+
 int curlx_win32_stat(const char *path, struct_stat *buffer)
 {
   int result = -1;
diff --git a/lib/curlx/fopen.h b/lib/curlx/fopen.h
index da9eb55ec9..eeb3fda946 100644
--- a/lib/curlx/fopen.h
+++ b/lib/curlx/fopen.h
@@ -36,23 +36,29 @@ int curlx_fseek(void *stream, curl_off_t offset, int whence);
 
 #ifdef _WIN32
 FILE *curlx_win32_fopen(const char *filename, const char *mode);
+FILE *curlx_win32_freopen(const char *filename, const char *mode, FILE *fh);
 int curlx_win32_stat(const char *path, struct_stat *buffer);
 int curlx_win32_open(const char *filename, int oflag, ...);
-#define CURLX_FOPEN_LOW(fname, mode) curlx_win32_fopen(fname, mode)
-#define curlx_stat(fname, stp)       curlx_win32_stat(fname, stp)
-#define curlx_open                   curlx_win32_open
+#define CURLX_FOPEN_LOW(fname, mode)       curlx_win32_fopen(fname, mode)
+#define CURLX_FREOPEN_LOW(fname, mode, fh) curlx_win32_freopen(fname, mode, fh)
+#define curlx_stat(fname, stp)             curlx_win32_stat(fname, stp)
+#define curlx_open                         curlx_win32_open
 #else
-#define CURLX_FOPEN_LOW              fopen
-#define curlx_stat(fname, stp)       stat(fname, stp)
-#define curlx_open                   open
+#define CURLX_FOPEN_LOW                   fopen
+#define CURLX_FREOPEN_LOW                 freopen
+#define curlx_stat(fname, stp)            stat(fname, stp)
+#define curlx_open                        open
 #endif
 
 #ifdef CURLDEBUG
 #define curlx_fopen(file,mode)  curl_dbg_fopen(file,mode,__LINE__,__FILE__)
+#define curlx_freopen(file,mode,fh) \
+  curl_dbg_freopen(file,mode,fh,__LINE__,__FILE__)
 #define curlx_fdopen(file,mode) curl_dbg_fdopen(file,mode,__LINE__,__FILE__)
 #define curlx_fclose(file)      curl_dbg_fclose(file,__LINE__,__FILE__)
 #else
 #define curlx_fopen             CURLX_FOPEN_LOW
+#define curlx_freopen           CURLX_FREOPEN_LOW
 #define curlx_fdopen            fdopen
 #define curlx_fclose            fclose
 #endif
diff --git a/lib/memdebug.c b/lib/memdebug.c
index 11e924a55b..758c7b6aa7 100644
--- a/lib/memdebug.c
+++ b/lib/memdebug.c
@@ -29,7 +29,7 @@
 #include 
 
 #include "urldata.h"
-#include "curlx/fopen.h"  /* for CURLX_FOPEN_LOW() */
+#include "curlx/fopen.h"  /* for CURLX_FOPEN_LOW(), CURLX_FREOPEN_LOW() */
 
 /* The last 2 #include files should be in this order */
 #include "curl_memory.h"
@@ -424,7 +424,19 @@ FILE *curl_dbg_fopen(const char *file, const char *mode,
   FILE *res = CURLX_FOPEN_LOW(file, mode);
   if(source)
     curl_dbg_log("FILE %s:%d fopen(\"%s\",\"%s\") = %p\n",
-                source, line, file, mode, (void *)res);
+                 source, line, file, mode, (void *)res);
+
+  return res;
+}
+
+ALLOC_FUNC
+FILE *curl_dbg_freopen(const char *file, const char *mode, FILE *fh,
+                       int line, const char *source)
+{
+  FILE *res = CURLX_FREOPEN_LOW(file, mode, fh);
+  if(source)
+    curl_dbg_log("FILE %s:%d freopen(\"%s\",\"%s\",%p) = %p\n",
+                 source, line, file, mode, (void *)fh, (void *)res);
 
   return res;
 }
diff --git a/scripts/checksrc.pl b/scripts/checksrc.pl
index 5f9ea33526..c9f008f1a1 100755
--- a/scripts/checksrc.pl
+++ b/scripts/checksrc.pl
@@ -106,6 +106,7 @@ my %banfunc = (
     "fclose" => 1,
     "fdopen" => 1,
     "fopen" => 1,
+    "freopen" => 1,
     "open" => 1,
     "stat" => 1,
     );
@@ -961,7 +962,7 @@ sub scanfile {
         }
 
         # scan for use of non-binary fopen without the macro
-        if($l =~ /^(.*\W)(curlx_fopen|CURLX_FOPEN_LOW)\s*\([^,]*, *\"([^"]*)/) {
+        if($l =~ /^(.*\W)(curlx_fopen|CURLX_FOPEN_LOW|curlx_freopen|CURLX_FREOPEN_LOW)\s*\([^,]*, *\"([^"]*)/) {
             my $mode = $3;
             if($mode !~ /b/) {
                 checkwarn("FOPENMODE",
diff --git a/src/tool_stderr.c b/src/tool_stderr.c
index 1116c30092..8812f8bf8e 100644
--- a/src/tool_stderr.c
+++ b/src/tool_stderr.c
@@ -60,7 +60,7 @@ void tool_set_stderr_file(const char *filename)
   /* freopen the actual stderr (stdio.h stderr) instead of tool_stderr since
      the latter may be set to stdout. */
   /* !checksrc! disable STDERR 1 */
-  fp = freopen(filename, FOPEN_WRITETEXT, stderr);
+  fp = curlx_freopen(filename, FOPEN_WRITETEXT, stderr);
   if(!fp) {
     /* stderr may have been closed by freopen. there is nothing to be done. */
     DEBUGASSERT(0);

From 7e8f36bf8e56e632e4f8be54b584f758e3aaa086 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 19 Nov 2025 23:33:52 +0100
Subject: [PATCH 0925/2408] cmake: honor `CURL_DISABLE_INSTALL` and
 `CURL_ENABLE_EXPORT_TARGET` in lib and src

Based on existing code and commit history it appears
`CURL_DISABLE_INSTALL` means to prevent calling `install()`;
`CURL_ENABLE_EXPORT_TARGET` means to prevent calling `export()` and
`install()`s with `EXPORT` in them.

Fix them to also apply to the lib and src directories in that vain:
- lib: honor `CURL_DISABLE_INSTALL`
- src: honor `CURL_DISABLE_INSTALL`
- src: honor `CURL_ENABLE_EXPORT_TARGET`

https://cmake.org/cmake/help/v4.2/command/install.html
https://cmake.org/cmake/help/v4.2/command/export.html

- `CURL_DISABLE_INSTALL` follow-up to:
  aace27b0965c10394544d1dacc9c2cb2fe0de3d3 #12287
- `CURL_ENABLE_EXPORT_TARGET` follow-up to:
  8698825106f7a9987ab3924128eee885278f66bb #9638
  643ec296456ba98c536857fce3ecfd021d44d913 #7060

Closes #19144
---
 docs/libcurl/opts/CMakeLists.txt |  1 +
 lib/CMakeLists.txt               |  4 ++--
 src/CMakeLists.txt               | 15 ++++++++++-----
 3 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/docs/libcurl/opts/CMakeLists.txt b/docs/libcurl/opts/CMakeLists.txt
index c3e2c2cc6b..f8b5aaa2de 100644
--- a/docs/libcurl/opts/CMakeLists.txt
+++ b/docs/libcurl/opts/CMakeLists.txt
@@ -28,6 +28,7 @@ include("${CMAKE_CURRENT_BINARY_DIR}/Makefile.inc.cmake")
 curl_add_manual_pages(man_MANS)
 add_custom_target(curl-opts-man DEPENDS ${man_MANS})
 add_dependencies(curl-man curl-opts-man)
+
 if(NOT CURL_DISABLE_INSTALL)
   set(_src "")
   foreach(_file IN LISTS man_MANS)
diff --git a/lib/CMakeLists.txt b/lib/CMakeLists.txt
index d9857a50c2..b468eec0a2 100644
--- a/lib/CMakeLists.txt
+++ b/lib/CMakeLists.txt
@@ -304,7 +304,7 @@ add_library(${LIB_NAME} ALIAS ${LIB_SELECTED})
 add_library(${PROJECT_NAME}::${LIB_NAME} ALIAS ${LIB_SELECTED})
 
 if(CURL_ENABLE_EXPORT_TARGET)
-  if(BUILD_STATIC_LIBS)
+  if(NOT CURL_DISABLE_INSTALL AND BUILD_STATIC_LIBS)
     install(TARGETS ${LIB_STATIC}
       EXPORT ${TARGETS_EXPORT_NAME}
       ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR}
@@ -312,7 +312,7 @@ if(CURL_ENABLE_EXPORT_TARGET)
       RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR}
     )
   endif()
-  if(BUILD_SHARED_LIBS)
+  if(NOT CURL_DISABLE_INSTALL AND BUILD_SHARED_LIBS)
     install(TARGETS ${LIB_SHARED}
       EXPORT ${TARGETS_EXPORT_NAME}
       ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR}
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index 9e2bbed8f0..33f288b915 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -141,8 +141,13 @@ endif()
 
 ################################################################################
 
-install(TARGETS ${EXE_NAME} EXPORT ${TARGETS_EXPORT_NAME} DESTINATION ${CMAKE_INSTALL_BINDIR})
-export(TARGETS ${EXE_NAME}
-  FILE "${PROJECT_BINARY_DIR}/curl-target.cmake"
-  NAMESPACE ${PROJECT_NAME}::
-)
+if(CURL_ENABLE_EXPORT_TARGET)
+  if(NOT CURL_DISABLE_INSTALL)
+    install(TARGETS ${EXE_NAME} EXPORT ${TARGETS_EXPORT_NAME} DESTINATION ${CMAKE_INSTALL_BINDIR})
+  endif()
+
+  export(TARGETS ${EXE_NAME}
+    FILE "${PROJECT_BINARY_DIR}/curl-target.cmake"
+    NAMESPACE ${PROJECT_NAME}::
+  )
+endif()

From d9e9dd7f20344fbac78c17e85ada094f54b65782 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Thu, 20 Nov 2025 10:37:46 +0100
Subject: [PATCH 0926/2408] h2-proxy: eliminate size_t cast

Use curlx_sztouz() instead.

Closes #19616
---
 lib/cf-h2-proxy.c | 28 ++++++++++++++--------------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/lib/cf-h2-proxy.c b/lib/cf-h2-proxy.c
index 9a8312a042..b963bb718c 100644
--- a/lib/cf-h2-proxy.c
+++ b/lib/cf-h2-proxy.c
@@ -42,6 +42,7 @@
 #include "multiif.h"
 #include "sendf.h"
 #include "select.h"
+#include "curlx/warnless.h"
 #include "cf-h2-proxy.h"
 
 /* The last 2 #include files should be in this order */
@@ -408,32 +409,30 @@ static CURLcode proxy_h2_nw_out_flush(struct Curl_cfilter *cf,
  * This function returns 0 if it succeeds, or -1 and error code will
  * be assigned to *err.
  */
-static int proxy_h2_process_pending_input(struct Curl_cfilter *cf,
-                                          struct Curl_easy *data,
-                                          CURLcode *err)
+static CURLcode proxy_h2_process_pending_input(struct Curl_cfilter *cf,
+                                               struct Curl_easy *data)
 {
   struct cf_h2_proxy_ctx *ctx = cf->ctx;
   const unsigned char *buf;
-  size_t blen;
+  size_t blen, nread;
   ssize_t rv;
 
   while(Curl_bufq_peek(&ctx->inbufq, &buf, &blen)) {
 
     rv = nghttp2_session_mem_recv(ctx->h2, (const uint8_t *)buf, blen);
     CURL_TRC_CF(data, cf, "[0] %zu bytes to nghttp2 -> %zd", blen, rv);
-    if(rv < 0) {
+    if(!curlx_sztouz(rv, &nread)) {
       failf(data,
             "process_pending_input: nghttp2_session_mem_recv() returned "
             "%zd:%s", rv, nghttp2_strerror((int)rv));
-      *err = CURLE_RECV_ERROR;
-      return -1;
+      return CURLE_RECV_ERROR;
     }
-    else if(!rv) {
+    else if(!nread) {
       /* nghttp2 does not want to process more, but has no error. This
        * probably cannot happen, but be safe. */
       break;
     }
-    Curl_bufq_skip(&ctx->inbufq, (size_t)rv);
+    Curl_bufq_skip(&ctx->inbufq, nread);
     if(Curl_bufq_is_empty(&ctx->inbufq)) {
       CURL_TRC_CF(data, cf, "[0] all data in connection buffer processed");
       break;
@@ -443,8 +442,7 @@ static int proxy_h2_process_pending_input(struct Curl_cfilter *cf,
                   "in connection buffer", Curl_bufq_len(&ctx->inbufq));
     }
   }
-
-  return 0;
+  return CURLE_OK;
 }
 
 static CURLcode proxy_h2_progress_ingress(struct Curl_cfilter *cf,
@@ -458,7 +456,8 @@ static CURLcode proxy_h2_progress_ingress(struct Curl_cfilter *cf,
   if(!Curl_bufq_is_empty(&ctx->inbufq)) {
     CURL_TRC_CF(data, cf, "[0] process %zu bytes in connection buffer",
                 Curl_bufq_len(&ctx->inbufq));
-    if(proxy_h2_process_pending_input(cf, data, &result) < 0)
+    result = proxy_h2_process_pending_input(cf, data);
+    if(result)
       return result;
   }
 
@@ -484,7 +483,8 @@ static CURLcode proxy_h2_progress_ingress(struct Curl_cfilter *cf,
       break;
     }
 
-    if(proxy_h2_process_pending_input(cf, data, &result))
+    result = proxy_h2_process_pending_input(cf, data);
+    if(result)
       return result;
   }
 
@@ -1483,7 +1483,7 @@ static bool proxy_h2_connisalive(struct Curl_cfilter *cf,
     *input_pending = FALSE;
     result = Curl_cf_recv_bufq(cf->next, data, &ctx->inbufq, 0, &nread);
     if(!result) {
-      if(proxy_h2_process_pending_input(cf, data, &result) < 0)
+      if(proxy_h2_process_pending_input(cf, data))
         /* immediate error, considered dead */
         alive = FALSE;
       else {

From b812be567a153ba4450d325a38e939aab94a15cc Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Thu, 20 Nov 2025 11:40:23 +0100
Subject: [PATCH 0927/2408] mqtt: eliminate size_t cast

Use new curlx_sotouz_fits() instead.

Closes #19622
---
 lib/curlx/warnless.c | 16 ++++++++++++++++
 lib/curlx/warnless.h |  4 ++++
 lib/mqtt.c           |  9 +++++----
 3 files changed, 25 insertions(+), 4 deletions(-)

diff --git a/lib/curlx/warnless.c b/lib/curlx/warnless.c
index a0aa5eda13..5ed27b3e4c 100644
--- a/lib/curlx/warnless.c
+++ b/lib/curlx/warnless.c
@@ -317,6 +317,22 @@ bool curlx_sztouz(ssize_t sznum, size_t *puznum)
   return TRUE;
 }
 
+bool curlx_sotouz_fits(curl_off_t sonum, size_t *puznum)
+{
+  if(sonum < 0) {
+    *puznum = 0;
+    return FALSE;
+  }
+#if SIZEOF_CURL_OFF_T > SIZEOF_SIZE_T
+  if(sonum > SIZE_MAX) {
+    *puznum = 0;
+    return FALSE;
+  }
+#endif
+  *puznum = (size_t)sonum;
+  return TRUE;
+}
+
 curl_off_t curlx_uztoso(size_t uznum)
 {
 #if SIZEOF_SIZE_T >= SIZEOF_CURL_OFF_T
diff --git a/lib/curlx/warnless.h b/lib/curlx/warnless.h
index a128f71488..c8861d8488 100644
--- a/lib/curlx/warnless.h
+++ b/lib/curlx/warnless.h
@@ -69,6 +69,10 @@ curl_off_t curlx_uztoso(size_t uznum);
 /* Convert a ssize_t to size_t, return FALSE if negative and set 0 */
 bool curlx_sztouz(ssize_t sznum, size_t *puznum);
 
+/* Convert a curl_off_t to size_t, return FALSE if negative or
+ * too large and set 0 */
+bool curlx_sotouz_fits(curl_off_t sonum, size_t *puznum);
+
 #ifdef _WIN32
 #undef  read
 #define read(fd, buf, count)  (ssize_t)_read(fd, buf, curlx_uztoui(count))
diff --git a/lib/mqtt.c b/lib/mqtt.c
index 58458a8416..9cbe800ded 100644
--- a/lib/mqtt.c
+++ b/lib/mqtt.c
@@ -192,7 +192,7 @@ static CURLcode mqtt_send(struct Curl_easy *data,
   if(result)
     return result;
   mq->lastTime = curlx_now();
-  Curl_debug(data, CURLINFO_HEADER_OUT, buf, (size_t)n);
+  Curl_debug(data, CURLINFO_HEADER_OUT, buf, n);
   if(len != n) {
     size_t nsend = len - n;
     if(curlx_dyn_len(&mq->sendbuf)) {
@@ -602,10 +602,11 @@ static CURLcode mqtt_publish(struct Curl_easy *data)
     DEBUGF(infof(data, "mqtt_publish without payload, return bad arg"));
     return CURLE_BAD_FUNCTION_ARGUMENT;
   }
-  if(postfieldsize < 0)
+  if(!curlx_sotouz_fits(postfieldsize, &payloadlen)) {
+    if(postfieldsize > 0) /* off_t does not fit into size_t */
+      return CURLE_BAD_FUNCTION_ARGUMENT;
     payloadlen = strlen(payload);
-  else
-    payloadlen = (size_t)postfieldsize;
+  }
 
   result = mqtt_get_topic(data, &topic, &topiclen);
   if(result)

From ffcf8c5ce4091457fea3457e918b60d729d36b2c Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Thu, 20 Nov 2025 11:06:14 +0100
Subject: [PATCH 0928/2408] rtmp: eliminate size_t casts

Use curlx_sztouz() instead.

Closes #19619
---
 lib/curl_rtmp.c | 15 ++++++---------
 1 file changed, 6 insertions(+), 9 deletions(-)

diff --git a/lib/curl_rtmp.c b/lib/curl_rtmp.c
index 4a5e5cb637..2d2daf4148 100644
--- a/lib/curl_rtmp.c
+++ b/lib/curl_rtmp.c
@@ -335,15 +335,15 @@ static CURLcode rtmp_recv(struct Curl_easy *data, int sockindex, char *buf,
   struct connectdata *conn = data->conn;
   RTMP *r = Curl_conn_meta_get(conn, CURL_META_RTMP_CONN);
   CURLcode result = CURLE_OK;
-  ssize_t nread;
+  ssize_t rv;
 
   (void)sockindex;
   *pnread = 0;
   if(!r)
     return CURLE_FAILED_INIT;
 
-  nread = RTMP_Read(r, buf, curlx_uztosi(len));
-  if(nread < 0) {
+  rv = RTMP_Read(r, buf, curlx_uztosi(len));
+  if(!curlx_sztouz(rv, pnread)) {
     if(r->m_read.status == RTMP_READ_COMPLETE ||
        r->m_read.status == RTMP_READ_EOF) {
       data->req.size = data->req.bytecount;
@@ -351,8 +351,6 @@ static CURLcode rtmp_recv(struct Curl_easy *data, int sockindex, char *buf,
     else
       result = CURLE_RECV_ERROR;
   }
-  else
-    *pnread = (size_t)nread;
 
   return result;
 }
@@ -363,7 +361,7 @@ static CURLcode rtmp_send(struct Curl_easy *data, int sockindex,
 {
   struct connectdata *conn = data->conn;
   RTMP *r = Curl_conn_meta_get(conn, CURL_META_RTMP_CONN);
-  ssize_t nwritten;
+  ssize_t rv;
 
   (void)sockindex;
   (void)eos;
@@ -371,11 +369,10 @@ static CURLcode rtmp_send(struct Curl_easy *data, int sockindex,
   if(!r)
     return CURLE_FAILED_INIT;
 
-  nwritten = RTMP_Write(r, (const char *)buf, curlx_uztosi(len));
-  if(nwritten < 0)
+  rv = RTMP_Write(r, (const char *)buf, curlx_uztosi(len));
+  if(!curlx_sztouz(rv, pnwritten))
     return CURLE_SEND_ERROR;
 
-  *pnwritten = (size_t)nwritten;
   return CURLE_OK;
 }
 

From d2ab42d7867abc21e7f840c6ff46a0bc15ea5f4b Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Thu, 20 Nov 2025 10:46:35 +0100
Subject: [PATCH 0929/2408] cf-socket: elminiate size_t casts

Use curlx_sztouz() instead.

Closes #19617
---
 lib/cf-socket.c | 20 ++++++++------------
 1 file changed, 8 insertions(+), 12 deletions(-)

diff --git a/lib/cf-socket.c b/lib/cf-socket.c
index 80ed212721..0055f2d48c 100644
--- a/lib/cf-socket.c
+++ b/lib/cf-socket.c
@@ -1432,7 +1432,7 @@ static CURLcode cf_socket_send(struct Curl_cfilter *cf, struct Curl_easy *data,
 {
   struct cf_socket_ctx *ctx = cf->ctx;
   curl_socket_t fdsave;
-  ssize_t nwritten;
+  ssize_t rv;
   size_t orig_len = len;
   CURLcode result = CURLE_OK;
 
@@ -1463,15 +1463,15 @@ static CURLcode cf_socket_send(struct Curl_cfilter *cf, struct Curl_easy *data,
 
 #if defined(MSG_FASTOPEN) && !defined(TCP_FASTOPEN_CONNECT) /* Linux */
   if(cf->conn->bits.tcp_fastopen) {
-    nwritten = sendto(ctx->sock, buf, len, MSG_FASTOPEN,
-                      &ctx->addr.curl_sa_addr, ctx->addr.addrlen);
+    rv = sendto(ctx->sock, buf, len, MSG_FASTOPEN,
+                &ctx->addr.curl_sa_addr, ctx->addr.addrlen);
     cf->conn->bits.tcp_fastopen = FALSE;
   }
   else
 #endif
-    nwritten = swrite(ctx->sock, buf, len);
+    rv = swrite(ctx->sock, buf, len);
 
-  if(nwritten < 0) {
+  if(!curlx_sztouz(rv, pnwritten)) {
     int sockerr = SOCKERRNO;
 
     if(
@@ -1498,8 +1498,6 @@ static CURLcode cf_socket_send(struct Curl_cfilter *cf, struct Curl_easy *data,
       result = CURLE_SEND_ERROR;
     }
   }
-  else
-    *pnwritten = (size_t)nwritten;
 
 #ifdef USE_WINSOCK
   if(!result)
@@ -1517,7 +1515,7 @@ static CURLcode cf_socket_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
 {
   struct cf_socket_ctx *ctx = cf->ctx;
   CURLcode result = CURLE_OK;
-  ssize_t nread;
+  ssize_t rv;
 
   *pnread = 0;
 #ifdef DEBUGBUILD
@@ -1538,9 +1536,9 @@ static CURLcode cf_socket_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
   }
 #endif
 
-  nread = sread(ctx->sock, buf, len);
+  rv = sread(ctx->sock, buf, len);
 
-  if(nread < 0) {
+  if(!curlx_sztouz(rv, pnread)) {
     int sockerr = SOCKERRNO;
 
     if(
@@ -1566,8 +1564,6 @@ static CURLcode cf_socket_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
       result = CURLE_RECV_ERROR;
     }
   }
-  else
-    *pnread = (size_t)nread;
 
   CURL_TRC_CF(data, cf, "recv(len=%zu) -> %d, %zu", len, result, *pnread);
   if(!result && !ctx->got_first_byte) {

From 6c55dd0028b5d12750d185abcae015aad2177a93 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Thu, 20 Nov 2025 12:28:01 +0100
Subject: [PATCH 0930/2408] vquic: eliminate size_t casts

Use new curlx_sotouz_fits() instead.

Closes #19624
---
 lib/vquic/vquic.c | 49 +++++++++++++++++++++++------------------------
 1 file changed, 24 insertions(+), 25 deletions(-)

diff --git a/lib/vquic/vquic.c b/lib/vquic/vquic.c
index 33f7fe092b..539d9bfeae 100644
--- a/lib/vquic/vquic.c
+++ b/lib/vquic/vquic.c
@@ -34,6 +34,7 @@
 #include "../bufq.h"
 #include "../curlx/dynbuf.h"
 #include "../curlx/fopen.h"
+#include "../curlx/warnless.h"
 #include "../cfilters.h"
 #include "../curl_trc.h"
 #include "curl_ngtcp2.h"
@@ -128,7 +129,7 @@ static CURLcode do_sendmsg(struct Curl_cfilter *cf,
 #ifdef HAVE_SENDMSG
   struct iovec msg_iov;
   struct msghdr msg = {0};
-  ssize_t sent;
+  ssize_t rv;
 #if defined(__linux__) && defined(UDP_SEGMENT)
   uint8_t msg_ctrl[32];
   struct cmsghdr *cm;
@@ -155,11 +156,11 @@ static CURLcode do_sendmsg(struct Curl_cfilter *cf,
   }
 #endif
 
-  while((sent = sendmsg(qctx->sockfd, &msg, 0)) == -1 &&
+  while((rv = sendmsg(qctx->sockfd, &msg, 0)) == -1 &&
         SOCKERRNO == SOCKEINTR)
     ;
 
-  if(sent == -1) {
+  if(!curlx_sztouz(rv, psent)) {
     switch(SOCKERRNO) {
     case EAGAIN:
 #if EAGAIN != SOCKEWOULDBLOCK
@@ -172,41 +173,41 @@ static CURLcode do_sendmsg(struct Curl_cfilter *cf,
     case EIO:
       if(pktlen > gsolen) {
         /* GSO failure */
-        infof(data, "sendmsg() returned %zd (errno %d); disable GSO", sent,
+        infof(data, "sendmsg() returned %zd (errno %d); disable GSO", rv,
               SOCKERRNO);
         qctx->no_gso = TRUE;
         return send_packet_no_gso(cf, data, qctx, pkt, pktlen, gsolen, psent);
       }
       FALLTHROUGH();
     default:
-      failf(data, "sendmsg() returned %zd (errno %d)", sent, SOCKERRNO);
+      failf(data, "sendmsg() returned %zd (errno %d)", rv, SOCKERRNO);
       result = CURLE_SEND_ERROR;
       goto out;
     }
   }
-  else if(pktlen != (size_t)sent) {
-    failf(data, "sendmsg() sent only %zd/%zu bytes", sent, pktlen);
+  else if(pktlen != *psent) {
+    failf(data, "sendmsg() sent only %zu/%zu bytes", *psent, pktlen);
     result = CURLE_SEND_ERROR;
     goto out;
   }
 #else
-  ssize_t sent;
+  ssize_t rv;
   (void)gsolen;
 
   *psent = 0;
 
-  while((sent = CURL_SEND(qctx->sockfd, (const char *)pkt,
-                          (SEND_TYPE_ARG3)pktlen, 0)) == -1 &&
+  while((rv = CURL_SEND(qctx->sockfd, (const char *)pkt,
+                        (SEND_TYPE_ARG3)pktlen, 0)) == -1 &&
         SOCKERRNO == SOCKEINTR)
     ;
 
-  if(sent == -1) {
+  if(!curlx_sztouz(rv, psent)) {
     if(SOCKERRNO == EAGAIN || SOCKERRNO == SOCKEWOULDBLOCK) {
       result = CURLE_AGAIN;
       goto out;
     }
     else {
-      failf(data, "send() returned %zd (errno %d)", sent, SOCKERRNO);
+      failf(data, "send() returned %zd (errno %d)", rv, SOCKERRNO);
       if(SOCKERRNO != SOCKEMSGSIZE) {
         result = CURLE_SEND_ERROR;
         goto out;
@@ -217,7 +218,6 @@ static CURLcode do_sendmsg(struct Curl_cfilter *cf,
   }
 #endif
   (void)cf;
-  *psent = pktlen;
 
 out:
   return result;
@@ -506,7 +506,7 @@ static CURLcode recvmsg_packets(struct Curl_cfilter *cf,
     while((rc = recvmsg(qctx->sockfd, &msg, 0)) == -1 &&
           (SOCKERRNO == SOCKEINTR || SOCKERRNO == SOCKEMSGSIZE))
       ;
-    if(rc == -1) {
+    if(!curlx_sztouz(rc, &nread)) {
       if(SOCKERRNO == EAGAIN || SOCKERRNO == SOCKEWOULDBLOCK) {
         goto out;
       }
@@ -525,7 +525,6 @@ static CURLcode recvmsg_packets(struct Curl_cfilter *cf,
       goto out;
     }
 
-    nread = (size_t)rc;
     total_nread += nread;
     ++calls;
 
@@ -559,19 +558,19 @@ static CURLcode recvfrom_packets(struct Curl_cfilter *cf,
   int bufsize = (int)sizeof(buf);
   struct sockaddr_storage remote_addr;
   socklen_t remote_addrlen = sizeof(remote_addr);
-  size_t total_nread, pkts, calls = 0;
-  ssize_t nread;
+  size_t total_nread, pkts, calls = 0, nread;
+  ssize_t rv;
   char errstr[STRERROR_LEN];
   CURLcode result = CURLE_OK;
 
   DEBUGASSERT(max_pkts > 0);
   for(pkts = 0, total_nread = 0; pkts < max_pkts;) {
-    while((nread = recvfrom(qctx->sockfd, (char *)buf, bufsize, 0,
-                            (struct sockaddr *)&remote_addr,
-                            &remote_addrlen)) == -1 &&
+    while((rv = recvfrom(qctx->sockfd, (char *)buf, bufsize, 0,
+                         (struct sockaddr *)&remote_addr,
+                         &remote_addrlen)) == -1 &&
           (SOCKERRNO == SOCKEINTR || SOCKERRNO == SOCKEMSGSIZE))
       ;
-    if(nread == -1) {
+    if(!curlx_sztouz(rv, &nread)) {
       if(SOCKERRNO == EAGAIN || SOCKERRNO == SOCKEWOULDBLOCK) {
         CURL_TRC_CF(data, cf, "ingress, recvfrom -> EAGAIN");
         goto out;
@@ -586,16 +585,16 @@ static CURLcode recvfrom_packets(struct Curl_cfilter *cf,
       }
       curlx_strerror(SOCKERRNO, errstr, sizeof(errstr));
       failf(data, "QUIC: recvfrom() unexpectedly returned %zd (errno=%d; %s)",
-                  nread, SOCKERRNO, errstr);
+                  rv, SOCKERRNO, errstr);
       result = CURLE_RECV_ERROR;
       goto out;
     }
 
     ++pkts;
     ++calls;
-    total_nread += (size_t)nread;
-    result = recv_cb(buf, (size_t)nread, (size_t)nread,
-                     &remote_addr, remote_addrlen, 0, userp);
+    total_nread += nread;
+    result = recv_cb(buf, nread, nread, &remote_addr, remote_addrlen,
+                     0, userp);
     if(result)
       goto out;
   }

From ad9b12d4114819b2c0704b89ae48c20033f05f7a Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Thu, 20 Nov 2025 11:28:41 +0100
Subject: [PATCH 0931/2408] httpsrr/altsvc: eliminate size_t casts

Treat alpn raw data as unsigned chars, avoids size_t and char* casts.
Add method to convert a struct Curl_str to an alpnid.

Closes #19621
---
 lib/altsvc.c  |  9 +++------
 lib/connect.c | 17 ++++++++++++-----
 lib/connect.h |  4 +++-
 lib/httpsrr.c |  6 +++---
 4 files changed, 21 insertions(+), 15 deletions(-)

diff --git a/lib/altsvc.c b/lib/altsvc.c
index 357d3bc209..c05dff04e2 100644
--- a/lib/altsvc.c
+++ b/lib/altsvc.c
@@ -136,10 +136,8 @@ static struct altsvc *altsvc_create(struct Curl_str *srchost,
                                     size_t srcport,
                                     size_t dstport)
 {
-  enum alpnid dstalpnid =
-    Curl_alpn2alpnid(curlx_str(dstalpn), curlx_strlen(dstalpn));
-  enum alpnid srcalpnid =
-    Curl_alpn2alpnid(curlx_str(srcalpn), curlx_strlen(srcalpn));
+  enum alpnid dstalpnid = Curl_str2alpnid(dstalpn);
+  enum alpnid srcalpnid = Curl_str2alpnid(srcalpn);
   if(!srcalpnid || !dstalpnid)
     return NULL;
   return altsvc_createid(curlx_str(srchost), curlx_strlen(srchost),
@@ -545,8 +543,7 @@ CURLcode Curl_altsvc_parse(struct Curl_easy *data,
   do {
     if(!curlx_str_single(&p, '=')) {
       /* [protocol]="[host][:port], [protocol]="[host][:port]" */
-      enum alpnid dstalpnid =
-        Curl_alpn2alpnid(curlx_str(&alpn), curlx_strlen(&alpn));
+      enum alpnid dstalpnid = Curl_str2alpnid(&alpn);
       if(!curlx_str_single(&p, '\"')) {
         struct Curl_str dsthost;
         curl_off_t port = 0;
diff --git a/lib/connect.c b/lib/connect.c
index b5de9b4f5e..4f9453907b 100644
--- a/lib/connect.c
+++ b/lib/connect.c
@@ -66,6 +66,7 @@
 #include "sockaddr.h" /* required for Curl_sockaddr_storage */
 #include "curlx/inet_ntop.h"
 #include "curlx/inet_pton.h"
+#include "curlx/strparse.h"
 #include "vtls/vtls.h" /* for vtsl cfilters */
 #include "progress.h"
 #include "curlx/warnless.h"
@@ -81,23 +82,29 @@
 
 #if !defined(CURL_DISABLE_ALTSVC) || defined(USE_HTTPSRR)
 
-enum alpnid Curl_alpn2alpnid(const char *name, size_t len)
+enum alpnid Curl_alpn2alpnid(const unsigned char *name, size_t len)
 {
   if(len == 2) {
-    if(curl_strnequal(name, "h1", 2))
+    if(!memcmp(name, "h1", 2))
       return ALPN_h1;
-    if(curl_strnequal(name, "h2", 2))
+    if(!memcmp(name, "h2", 2))
       return ALPN_h2;
-    if(curl_strnequal(name, "h3", 2))
+    if(!memcmp(name, "h3", 2))
       return ALPN_h3;
   }
   else if(len == 8) {
-    if(curl_strnequal(name, "http/1.1", 8))
+    if(!memcmp(name, "http/1.1", 8))
       return ALPN_h1;
   }
   return ALPN_none; /* unknown, probably rubbish input */
 }
 
+enum alpnid Curl_str2alpnid(const struct Curl_str *cstr)
+{
+  return Curl_alpn2alpnid((const unsigned char *)curlx_str(cstr),
+                          curlx_strlen(cstr));
+}
+
 #endif
 
 /*
diff --git a/lib/connect.h b/lib/connect.h
index ebf756c562..b6d9b8e836 100644
--- a/lib/connect.h
+++ b/lib/connect.h
@@ -31,8 +31,10 @@
 
 struct Curl_dns_entry;
 struct ip_quadruple;
+struct Curl_str;
 
-enum alpnid Curl_alpn2alpnid(const char *name, size_t len);
+enum alpnid Curl_alpn2alpnid(const unsigned char *name, size_t len);
+enum alpnid Curl_str2alpnid(const struct Curl_str *str);
 
 /* generic function that returns how much time there is left to run, according
    to the timeouts set */
diff --git a/lib/httpsrr.c b/lib/httpsrr.c
index c0392d16c4..0cf5b131bd 100644
--- a/lib/httpsrr.c
+++ b/lib/httpsrr.c
@@ -37,7 +37,7 @@
 #include "curl_memory.h"
 #include "memdebug.h"
 
-static CURLcode httpsrr_decode_alpn(const char *cp, size_t len,
+static CURLcode httpsrr_decode_alpn(const uint8_t *cp, size_t len,
                                     unsigned char *alpns)
 {
   /*
@@ -49,7 +49,7 @@ static CURLcode httpsrr_decode_alpn(const char *cp, size_t len,
   int idnum = 0;
 
   while(len > 0) {
-    size_t tlen = (size_t) *cp++;
+    size_t tlen = *cp++;
     enum alpnid id;
     len--;
     if(tlen > len)
@@ -84,7 +84,7 @@ CURLcode Curl_httpsrr_set(struct Curl_easy *data,
     CURL_TRC_DNS(data, "HTTPS RR MANDATORY left to implement");
     break;
   case HTTPS_RR_CODE_ALPN: /* str_list */
-    result = httpsrr_decode_alpn((const char *)val, vlen, hi->alpns);
+    result = httpsrr_decode_alpn(val, vlen, hi->alpns);
     CURL_TRC_DNS(data, "HTTPS RR ALPN: %u %u %u %u",
                  hi->alpns[0], hi->alpns[1], hi->alpns[2], hi->alpns[3]);
     break;

From 01623e26d06ecb31121e7c6a2b51871933dc0acc Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Thu, 20 Nov 2025 18:06:37 +0100
Subject: [PATCH 0932/2408] http: error on OOM when creating range header

Closes #19630
---
 lib/http.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lib/http.c b/lib/http.c
index a470c04449..095a9127a4 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -2538,6 +2538,8 @@ static CURLcode http_range(struct Curl_easy *data,
       free(data->state.aptr.rangeline);
       data->state.aptr.rangeline = curl_maprintf("Range: bytes=%s\r\n",
                                                  data->state.range);
+      if(!data->state.aptr.rangeline)
+        return CURLE_OUT_OF_MEMORY;
     }
     else if((httpreq == HTTPREQ_POST || httpreq == HTTPREQ_PUT) &&
             !Curl_checkheaders(data, STRCONST("Content-Range"))) {

From 92d9dbe4c008646dd467d23dea963fa32e16cf85 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Wed, 19 Nov 2025 16:35:25 +0100
Subject: [PATCH 0933/2408] INTERNALS: add release dates to the oldest
 supported dependencies

Closes #19611
---
 docs/INTERNALS.md | 26 +++++++++++++-------------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/docs/INTERNALS.md b/docs/INTERNALS.md
index c21d5a9120..d957c69ab7 100644
--- a/docs/INTERNALS.md
+++ b/docs/INTERNALS.md
@@ -24,19 +24,19 @@ versions of libs and build tools.
 
  We aim to support these or later versions.
 
- - OpenSSL      3.0.0
- - LibreSSL     2.9.1
- - GnuTLS       3.1.10
- - mbedTLS      3.2.0
- - zlib         1.2.5.2
- - libssh2      1.9.0
- - c-ares       1.6.0
- - libssh       0.9.0
- - libidn2      2.0.0
- - wolfSSL      3.4.6
- - OpenLDAP     2.0
- - MIT Kerberos 1.3
- - nghttp2      1.15.0
+ - OpenSSL      3.0.0 (2021-09-07)
+ - LibreSSL     2.9.1 (2019-04-22)
+ - GnuTLS       3.1.10 (2013-03-22)
+ - mbedTLS      3.2.0 (2022-07-11)
+ - zlib         1.2.5.2 (2011-12-11)
+ - libssh2      1.9.0 (2019-06-20)
+ - c-ares       1.6.0 (2008-12-09)
+ - libssh       0.9.0 (2019-06-28)
+ - libidn2      2.0.0 (2017-03-29)
+ - wolfSSL      3.4.6 (2017-09-22)
+ - OpenLDAP     2.0 (2000-08-01)
+ - MIT Kerberos 1.3 (2003-07-31)
+ - nghttp2      1.15.0 (2016-09-25)
 
 ## Build tools
 

From c5ef882e900d8e949ab65cbf0c8e1dd8e967f626 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Thu, 20 Nov 2025 16:40:52 +0000
Subject: [PATCH 0934/2408] GHA: update actions/checkout action to v6 from v5

Closes #19628
---
 .github/workflows/checkdocs.yml          | 10 +++++-----
 .github/workflows/checksrc.yml           | 10 +++++-----
 .github/workflows/codeql.yml             |  4 ++--
 .github/workflows/configure-vs-cmake.yml |  6 +++---
 .github/workflows/curl-for-win.yml       | 12 ++++++------
 .github/workflows/distcheck.yml          |  8 ++++----
 .github/workflows/http3-linux.yml        |  2 +-
 .github/workflows/linux-old.yml          |  2 +-
 .github/workflows/linux.yml              |  2 +-
 .github/workflows/macos.yml              |  6 +++---
 .github/workflows/non-native.yml         |  8 ++++----
 .github/workflows/windows.yml            | 10 +++++-----
 12 files changed, 40 insertions(+), 40 deletions(-)

diff --git a/.github/workflows/checkdocs.yml b/.github/workflows/checkdocs.yml
index 8caf9479fd..6f67b44fca 100644
--- a/.github/workflows/checkdocs.yml
+++ b/.github/workflows/checkdocs.yml
@@ -95,7 +95,7 @@ jobs:
     name: 'linkcheck'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 
@@ -106,7 +106,7 @@ jobs:
     name: 'pyspelling'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 
@@ -135,7 +135,7 @@ jobs:
     name: 'badwords, synopsis'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 
@@ -149,7 +149,7 @@ jobs:
     name: 'man-examples'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 
@@ -161,7 +161,7 @@ jobs:
     runs-on: ubuntu-24.04-arm
     timeout-minutes: 5
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 
diff --git a/.github/workflows/checksrc.yml b/.github/workflows/checksrc.yml
index 6076617356..32f825214d 100644
--- a/.github/workflows/checksrc.yml
+++ b/.github/workflows/checksrc.yml
@@ -38,7 +38,7 @@ jobs:
     name: 'checksrc'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 
@@ -49,7 +49,7 @@ jobs:
     name: 'spellcheck, linters, REUSE'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 
@@ -111,7 +111,7 @@ jobs:
           sudo apt-get -o Dpkg::Use-Pty=0 install \
             pmccabe
 
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 
@@ -123,7 +123,7 @@ jobs:
     runs-on: macos-latest
     timeout-minutes: 1
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 
@@ -142,7 +142,7 @@ jobs:
       - name: 'install prereqs'
         run: HOMEBREW_NO_AUTO_UPDATE=1 /home/linuxbrew/.linuxbrew/bin/brew install actionlint shellcheck zizmor
 
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 87a041563c..c7b6383cf1 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -45,7 +45,7 @@ jobs:
     permissions:
       security-events: write  # To create/update security events
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 
@@ -82,7 +82,7 @@ jobs:
             libnghttp2-dev libldap-dev libkrb5-dev librtmp-dev libgnutls28-dev libwolfssl-dev
           HOMEBREW_NO_AUTO_UPDATE=1 /home/linuxbrew/.linuxbrew/bin/brew install c-ares gsasl libnghttp3 libngtcp2 mbedtls rustls-ffi
 
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 
diff --git a/.github/workflows/configure-vs-cmake.yml b/.github/workflows/configure-vs-cmake.yml
index ade83e0c60..53775a44fd 100644
--- a/.github/workflows/configure-vs-cmake.yml
+++ b/.github/workflows/configure-vs-cmake.yml
@@ -41,7 +41,7 @@ jobs:
     name: 'Linux'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 
@@ -88,7 +88,7 @@ jobs:
       - name: 'toolchain versions'
         run: echo '::group::brew packages installed'; ls -l /opt/homebrew/opt; echo '::endgroup::'
 
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 
@@ -137,7 +137,7 @@ jobs:
           sudo rm -f /var/lib/man-db/auto-update
           sudo apt-get -o Dpkg::Use-Pty=0 install gcc-mingw-w64-x86-64-win32
 
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 
diff --git a/.github/workflows/curl-for-win.yml b/.github/workflows/curl-for-win.yml
index a068f773d5..f0214b2874 100644
--- a/.github/workflows/curl-for-win.yml
+++ b/.github/workflows/curl-for-win.yml
@@ -47,7 +47,7 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 10
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
           path: 'curl'
@@ -76,7 +76,7 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 5
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
           path: 'curl'
@@ -103,7 +103,7 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 10
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
           path: 'curl'
@@ -132,7 +132,7 @@ jobs:
     env:
       CW_JOBS: '4'
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
           path: 'curl'
@@ -150,7 +150,7 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 10
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
           path: 'curl'
@@ -177,7 +177,7 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 10
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
           path: 'curl'
diff --git a/.github/workflows/distcheck.yml b/.github/workflows/distcheck.yml
index fef5de4f7b..442a7f18a1 100644
--- a/.github/workflows/distcheck.yml
+++ b/.github/workflows/distcheck.yml
@@ -28,7 +28,7 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 10
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 
@@ -214,7 +214,7 @@ jobs:
     timeout-minutes: 5
     needs: maketgz-and-verify-in-tree
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 
@@ -230,7 +230,7 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 10
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 
@@ -302,7 +302,7 @@ jobs:
             printf '%s' ~/cmake-"${OLD_CMAKE_VERSION}"-Darwin-x86_64/CMake.app/Contents/bin/cmake > ~/old-cmake-path.txt
           fi
 
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 
diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml
index 007f346127..ff32e6c5d9 100644
--- a/.github/workflows/http3-linux.yml
+++ b/.github/workflows/http3-linux.yml
@@ -594,7 +594,7 @@ jobs:
           # lib dir
           # /home/runner/quiche/quiche/deps/boringssl/src/lib
 
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 
diff --git a/.github/workflows/linux-old.yml b/.github/workflows/linux-old.yml
index 8ac42855e0..f79cee94ac 100644
--- a/.github/workflows/linux-old.yml
+++ b/.github/workflows/linux-old.yml
@@ -80,7 +80,7 @@ jobs:
           httrack --get https://deb.freexian.com/extended-lts/pool/main/g/gcc-8/libstdc++6_8.3.0-6_amd64.deb
           dpkg -i --force-depends libc6_*_amd64.deb libstdc++6_*_amd64.deb
 
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 
diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml
index 39f7a4b13a..a6823b4c9d 100644
--- a/.github/workflows/linux.yml
+++ b/.github/workflows/linux.yml
@@ -662,7 +662,7 @@ jobs:
           source /opt/intel/oneapi/setvars.sh
           printenv >> "$GITHUB_ENV"
 
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 
diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml
index 739809d47a..cd72073155 100644
--- a/.github/workflows/macos.yml
+++ b/.github/workflows/macos.yml
@@ -135,7 +135,7 @@ jobs:
           cmake --build .
           cmake --install . --verbose
 
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 
@@ -383,7 +383,7 @@ jobs:
           echo '::group::macros predefined'; "${CC}" -dM -E - < /dev/null | sort || true; echo '::endgroup::'
           echo '::group::brew packages installed'; ls -l /opt/homebrew/opt; echo '::endgroup::'
 
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 
@@ -606,7 +606,7 @@ jobs:
           echo '::group::macros predefined'; "${CC}" -dM -E - < /dev/null | sort || true; echo '::endgroup::'
           echo '::group::brew packages preinstalled'; ls -l /opt/homebrew/opt; echo '::endgroup::'
 
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 
diff --git a/.github/workflows/non-native.yml b/.github/workflows/non-native.yml
index 7813c694a5..d05a0791a7 100644
--- a/.github/workflows/non-native.yml
+++ b/.github/workflows/non-native.yml
@@ -47,7 +47,7 @@ jobs:
       matrix:
         arch: ['x86_64']
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
       - name: 'cmake'
@@ -92,7 +92,7 @@ jobs:
       matrix:
         arch: ['x86_64']
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
       - name: 'cmake'
@@ -142,7 +142,7 @@ jobs:
           - { build: 'cmake'    , arch: 'arm64' , compiler: 'clang' }
       fail-fast: false
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
       - name: '${{ matrix.build }}'
@@ -261,7 +261,7 @@ jobs:
 
       fail-fast: false
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 
diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml
index 15a586b12f..d4019ed176 100644
--- a/.github/workflows/windows.yml
+++ b/.github/workflows/windows.yml
@@ -75,7 +75,7 @@ jobs:
             libnghttp2-devel
             ${{ matrix.install }}
 
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 
@@ -247,7 +247,7 @@ jobs:
             mingw-w64-${{ matrix.env }}-c-ares
             ${{ matrix.install }}
 
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 
@@ -500,7 +500,7 @@ jobs:
           rm -r -f pack.bin
           ls -l
 
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 
@@ -613,7 +613,7 @@ jobs:
           sudo rm -f /var/lib/man-db/auto-update
           sudo apt-get -o Dpkg::Use-Pty=0 install gcc-mingw-w64-x86-64-win32
 
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 
@@ -802,7 +802,7 @@ jobs:
         timeout-minutes: 45
         run: vcpkg x-set-installed ${MATRIX_INSTALL_VCPKG} --triplet="${MATRIX_ARCH}-${MATRIX_PLAT}"
 
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
 

From 5f273fdddf76544de960bf342844a9d3f2a36392 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Thu, 20 Nov 2025 09:58:14 +0100
Subject: [PATCH 0935/2408] tool_urlglob: clean up used memory on errors better

Previously it had to realloc the pattern array to store the last entry
even when that last entry triggered an error and could be only half
filled in.

Also cleaned up for readability and better reallocs for sets.

Reported-by: letshack9707 on hackerone
Closes #19614
---
 src/tool_urlglob.c | 202 ++++++++++++++++++++++++++-------------------
 src/tool_urlglob.h |   3 +-
 2 files changed, 121 insertions(+), 84 deletions(-)

diff --git a/src/tool_urlglob.c b/src/tool_urlglob.c
index 4a28376e14..7185e80f66 100644
--- a/src/tool_urlglob.c
+++ b/src/tool_urlglob.c
@@ -40,21 +40,24 @@ static CURLcode globerror(struct URLGlob *glob, const char *err,
 
 static CURLcode glob_fixed(struct URLGlob *glob, char *fixed, size_t len)
 {
-  struct URLPattern *pat = &glob->pattern[glob->size];
+  struct URLPattern *pat = &glob->pattern[glob->pnum];
   pat->type = GLOB_SET;
-  pat->c.set.size = 1;
-  pat->c.set.idx = 0;
   pat->globindex = -1;
-
+  pat->c.set.size = 0;
+  pat->c.set.idx = 0;
   pat->c.set.elem = malloc(sizeof(char *));
 
   if(!pat->c.set.elem)
     return globerror(glob, NULL, 0, CURLE_OUT_OF_MEMORY);
 
   pat->c.set.elem[0] = memdup0(fixed, len);
-  if(!pat->c.set.elem[0])
+  if(!pat->c.set.elem[0]) {
+    tool_safefree(pat->c.set.elem);
     return globerror(glob, NULL, 0, CURLE_OUT_OF_MEMORY);
+  }
 
+  pat->c.set.palloc = 1;
+  pat->c.set.size = 1;
   return CURLE_OK;
 }
 
@@ -98,59 +101,66 @@ static CURLcode glob_set(struct URLGlob *glob, const char **patternp,
   const char *pattern = *patternp;
   const char *opattern = pattern;
   size_t opos = *posp-1;
-
-  pat = &glob->pattern[glob->size];
-  /* patterns 0,1,2,... correspond to size=1,3,5,... */
-  pat->type = GLOB_SET;
-  pat->c.set.size = 0;
-  pat->c.set.idx = 0;
-  pat->c.set.elem = NULL;
-  pat->globindex = globindex;
+  CURLcode result = CURLE_OK;
+  size_t size = 0;
+  char **elem = NULL;
+  size_t palloc = 0; /* start with this */
 
   while(!done) {
     switch(*pattern) {
     case '\0':                  /* URL ended while set was still open */
-      return globerror(glob, "unmatched brace", opos, CURLE_URL_MALFORMAT);
+      result = globerror(glob, "unmatched brace", opos, CURLE_URL_MALFORMAT);
+      goto error;
 
     case '{':
     case '[':                   /* no nested expressions at this time */
-      return globerror(glob, "nested brace", *posp, CURLE_URL_MALFORMAT);
+      result = globerror(glob, "nested brace", *posp, CURLE_URL_MALFORMAT);
+      goto error;
 
     case '}':                           /* set element completed */
-      if(opattern == pattern)
-        return globerror(glob, "empty string within braces", *posp,
-                         CURLE_URL_MALFORMAT);
+      if(opattern == pattern) {
+        result = globerror(glob, "empty string within braces", *posp,
+                           CURLE_URL_MALFORMAT);
+        goto error;
+      }
 
       /* add 1 to size since it will be incremented below */
-      if(multiply(amount, pat->c.set.size + 1))
-        return globerror(glob, "range overflow", 0, CURLE_URL_MALFORMAT);
+      if(multiply(amount, size + 1)) {
+        result = globerror(glob, "range overflow", 0, CURLE_URL_MALFORMAT);
+        goto error;
+      }
       done = TRUE;
       FALLTHROUGH();
     case ',':
-      if(pat->c.set.elem) {
-        char **arr;
+      if(size >= 100000)
+        return globerror(glob, "range overflow", 0, CURLE_URL_MALFORMAT);
 
-        if(pat->c.set.size >= (curl_off_t)(SIZE_MAX/(sizeof(char *))))
-          return globerror(glob, "range overflow", 0, CURLE_URL_MALFORMAT);
-
-        arr = realloc(pat->c.set.elem, (size_t)(pat->c.set.size + 1) *
-                      sizeof(char *));
-        if(!arr)
-          return globerror(glob, NULL, 0, CURLE_OUT_OF_MEMORY);
-
-        pat->c.set.elem = arr;
+      if(!palloc) {
+        palloc = 5; /* a reasonable default */
+        elem = malloc(palloc * sizeof(char *));
+      }
+      else if(size >= palloc) {
+        char **arr = realloc(elem, palloc * 2 * sizeof(char *));
+        if(!arr) {
+          result = globerror(glob, NULL, 0, CURLE_OUT_OF_MEMORY);
+          goto error;
+        }
+        elem = arr;
+        palloc *= 2;
       }
-      else
-        pat->c.set.elem = malloc(sizeof(char *));
 
-      if(!pat->c.set.elem)
-        return globerror(glob, NULL, 0, CURLE_OUT_OF_MEMORY);
+      if(!elem) {
+        result = globerror(glob, NULL, 0, CURLE_OUT_OF_MEMORY);
+        goto error;
+      }
 
-      pat->c.set.elem[pat->c.set.size] = strdup(curlx_dyn_ptr(&glob->buf) ?
-                                                curlx_dyn_ptr(&glob->buf): "");
-      if(!pat->c.set.elem[pat->c.set.size])
-        return globerror(glob, NULL, 0, CURLE_OUT_OF_MEMORY);
-      ++pat->c.set.size;
+      elem[size] =
+        strdup(curlx_dyn_ptr(&glob->buf) ? curlx_dyn_ptr(&glob->buf) : "");
+      if(!elem[size]) {
+        result = globerror(glob, NULL, 0, CURLE_OUT_OF_MEMORY);
+        goto error;
+      }
+      ++size;
       curlx_dyn_reset(&glob->buf);
 
       ++pattern;
@@ -159,8 +169,9 @@ static CURLcode glob_set(struct URLGlob *glob, const char **patternp,
       break;
 
     case ']':                           /* illegal closing bracket */
-      return globerror(glob, "unexpected close bracket", *posp,
-                       CURLE_URL_MALFORMAT);
+      result = globerror(glob, "unexpected close bracket", *posp,
+                         CURLE_URL_MALFORMAT);
+      goto error;
 
     case '\\':                          /* escaped character, skip '\' */
       if(pattern[1]) {
@@ -170,14 +181,33 @@ static CURLcode glob_set(struct URLGlob *glob, const char **patternp,
       FALLTHROUGH();
     default:
       /* copy character to set element */
-      if(curlx_dyn_addn(&glob->buf, pattern++, 1))
-        return CURLE_OUT_OF_MEMORY;
+      if(curlx_dyn_addn(&glob->buf, pattern++, 1)) {
+        result = CURLE_OUT_OF_MEMORY;
+        goto error;
+      }
       ++(*posp);
     }
   }
 
   *patternp = pattern; /* return with the new position */
+
+  pat = &glob->pattern[glob->pnum];
+  pat->type = GLOB_SET;
+  pat->globindex = globindex;
+  pat->c.set.elem = elem;
+  pat->c.set.size = size;
+  pat->c.set.idx = 0;
+  pat->c.set.palloc = palloc;
+
   return CURLE_OK;
+error:
+  {
+    size_t i;
+    for(i = 0; i < size; i++)
+      tool_safefree(elem[i]);
+  }
+  free(elem);
+  return result;
 }
 
 static CURLcode glob_range(struct URLGlob *glob, const char **patternp,
@@ -194,7 +224,7 @@ static CURLcode glob_range(struct URLGlob *glob, const char **patternp,
   const char *pattern = *patternp;
   const char *c;
 
-  pat = &glob->pattern[glob->size];
+  pat = &glob->pattern[glob->pnum];
   pat->globindex = globindex;
 
   if(ISALPHA(*pattern)) {
@@ -349,6 +379,25 @@ static bool peek_ipv6(const char *str, size_t *skip)
   return rc ? FALSE : TRUE;
 }
 
+static CURLcode add_glob(struct URLGlob *glob, size_t pos)
+{
+  DEBUGASSERT(glob->pattern[glob->pnum].type);
+
+  if(++glob->pnum >= glob->palloc) {
+    struct URLPattern *np = NULL;
+    glob->palloc *= 2;
+    if(glob->pnum < 255) { /* avoid ridiculous amounts */
+      np = realloc(glob->pattern, glob->palloc * sizeof(struct URLPattern));
+      if(!np)
+        return globerror(glob, NULL, pos, CURLE_OUT_OF_MEMORY);
+    }
+    else
+      return globerror(glob, "too many {} sets", pos, CURLE_URL_MALFORMAT);
+    glob->pattern = np;
+  }
+  return CURLE_OK;
+}
+
 static CURLcode glob_parse(struct URLGlob *glob, const char *pattern,
                            size_t pos, curl_off_t *amount)
 {
@@ -381,8 +430,8 @@ static CURLcode glob_parse(struct URLGlob *glob, const char *pattern,
 
       /* only allow \ to escape known "special letters" */
       if(*pattern == '\\' &&
-         (*(pattern + 1) == '{' || *(pattern + 1) == '[' ||
-          *(pattern + 1) == '}' || *(pattern + 1) == ']') ) {
+         (pattern[1] == '{' || pattern[1] == '[' ||
+          pattern[1] == '}' || pattern[1] == ']') ) {
 
         /* escape character, skip '\' */
         ++pattern;
@@ -397,41 +446,30 @@ static CURLcode glob_parse(struct URLGlob *glob, const char *pattern,
       /* we got a literal string, add it as a single-item list */
       res = glob_fixed(glob, curlx_dyn_ptr(&glob->buf),
                        curlx_dyn_len(&glob->buf));
+      if(!res)
+        res = add_glob(glob, pos);
       curlx_dyn_reset(&glob->buf);
     }
     else {
-      switch(*pattern) {
-      case '\0': /* done  */
+      if(!*pattern) /* done  */
         break;
-
-      case '{':
+      else if(*pattern =='{') {
         /* process set pattern */
         pattern++;
         pos++;
         res = glob_set(glob, &pattern, &pos, amount, globindex++);
-        break;
-
-      case '[':
+        if(!res)
+          res = add_glob(glob, pos);
+      }
+      else if(*pattern == '[') {
         /* process range pattern */
         pattern++;
         pos++;
         res = glob_range(glob, &pattern, &pos, amount, globindex++);
-        break;
+        if(!res)
+          res = add_glob(glob, pos);
       }
     }
-
-    if(++glob->size >= glob->palloc) {
-      struct URLPattern *np = NULL;
-      glob->palloc *= 2;
-      if(glob->size < 255) { /* avoid ridiculous amounts */
-        np = realloc(glob->pattern, glob->palloc * sizeof(struct URLPattern));
-        if(!np)
-          return globerror(glob, NULL, pos, CURLE_OUT_OF_MEMORY);
-      }
-      else
-        return globerror(glob, "too many {} sets", pos, CURLE_URL_MALFORMAT);
-      glob->pattern = np;
-    }
   }
   return res;
 }
@@ -459,9 +497,7 @@ CURLcode glob_url(struct URLGlob *glob, char *url, curl_off_t *urlnum,
   glob->palloc = 2;
 
   res = glob_parse(glob, url, 1, &amount);
-  if(!res)
-    *urlnum = amount;
-  else {
+  if(res) {
     if(error && glob->error) {
       char text[512];
       const char *t;
@@ -477,25 +513,24 @@ CURLcode glob_url(struct URLGlob *glob, char *url, curl_off_t *urlnum,
       /* send error description to the error-stream */
       curl_mfprintf(error, "curl: (%d) %s\n", res, t);
     }
-    /* it failed, we cleanup */
-    glob_cleanup(glob);
     *urlnum = 1;
     return res;
   }
-
+  *urlnum = amount;
   return CURLE_OK;
 }
 
 void glob_cleanup(struct URLGlob *glob)
 {
   size_t i;
-  curl_off_t elem;
 
   if(glob->pattern) {
-    for(i = 0; i < glob->size; i++) {
+    for(i = 0; i < glob->pnum; i++) {
+      DEBUGASSERT(glob->pattern[i].type);
       if((glob->pattern[i].type == GLOB_SET) &&
          (glob->pattern[i].c.set.elem)) {
-        for(elem = glob->pattern[i].c.set.size - 1; elem >= 0; --elem)
+        curl_off_t elem;
+        for(elem = 0; elem < glob->pattern[i].c.set.size; elem++)
           tool_safefree(glob->pattern[i].c.set.elem[elem]);
         tool_safefree(glob->pattern[i].c.set.elem);
       }
@@ -521,9 +556,9 @@ CURLcode glob_next_url(char **globbed, struct URLGlob *glob)
 
     /* implement a counter over the index ranges of all patterns, starting
        with the rightmost pattern */
-    for(i = 0; carry && (i < glob->size); i++) {
+    for(i = 0; carry && (i < glob->pnum); i++) {
       carry = FALSE;
-      pat = &glob->pattern[glob->size - 1 - i];
+      pat = &glob->pattern[glob->pnum - 1 - i];
       switch(pat->type) {
       case GLOB_SET:
         if((pat->c.set.elem) && (++pat->c.set.idx == pat->c.set.size)) {
@@ -555,7 +590,7 @@ CURLcode glob_next_url(char **globbed, struct URLGlob *glob)
     }
   }
 
-  for(i = 0; i < glob->size; ++i) {
+  for(i = 0; i < glob->pnum; ++i) {
     pat = &glob->pattern[i];
     switch(pat->type) {
     case GLOB_SET:
@@ -581,7 +616,8 @@ CURLcode glob_next_url(char **globbed, struct URLGlob *glob)
     }
   }
 
-  *globbed = strdup(curlx_dyn_ptr(&glob->buf));
+  *globbed =
+    strdup(curlx_dyn_ptr(&glob->buf) ? curlx_dyn_ptr(&glob->buf) : "");
   if(!*globbed)
     return CURLE_OUT_OF_MEMORY;
 
@@ -605,11 +641,11 @@ CURLcode glob_match_url(char **output, const char *filename,
       curl_off_t num;
       struct URLPattern *pat = NULL;
       filename++;
-      if(!curlx_str_number(&filename, &num, glob->size) && num) {
+      if(!curlx_str_number(&filename, &num, glob->pnum) && num) {
         size_t i;
         num--; /* make it zero based */
         /* find the correct glob entry */
-        for(i = 0; i < glob->size; i++) {
+        for(i = 0; i < glob->pnum; i++) {
           if(glob->pattern[i].globindex == (int)num) {
             pat = &glob->pattern[i];
             break;
diff --git a/src/tool_urlglob.h b/src/tool_urlglob.h
index 4bcf229ecc..d0a807f796 100644
--- a/src/tool_urlglob.h
+++ b/src/tool_urlglob.h
@@ -40,6 +40,7 @@ struct URLPattern {
       char **elem;
       curl_off_t size;
       curl_off_t idx;
+      size_t palloc; /* elem entries allocated */
     } set;
     struct {
       int min;
@@ -64,7 +65,7 @@ struct URLGlob {
   struct dynbuf buf;
   struct URLPattern *pattern;
   size_t palloc; /* number of pattern entries allocated */
-  size_t size;
+  size_t pnum; /* number of patterns used */
   char beenhere;
   const char *error; /* error message */
   size_t pos;        /* column position of error or 0 */

From 7a22141de1a3a1be9d01bdf84f11b4b761604b51 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Thu, 20 Nov 2025 11:12:53 +0100
Subject: [PATCH 0936/2408] file: eliminate size_t cast

Use curlx_sztouz() instead.

Closes #19620
---
 lib/file.c | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/lib/file.c b/lib/file.c
index 5fff5d0a82..826bed6d80 100644
--- a/lib/file.c
+++ b/lib/file.c
@@ -373,8 +373,8 @@ static CURLcode file_upload(struct Curl_easy *data,
     goto out;
 
   while(!result && !eos) {
-    size_t nread;
-    ssize_t nwrite;
+    size_t nread, nwritten;
+    ssize_t rv;
     size_t readcount;
 
     result = Curl_client_read(data, xfer_ulbuf, xfer_ulblen, &readcount, &eos);
@@ -403,13 +403,12 @@ static CURLcode file_upload(struct Curl_easy *data,
       sendbuf = xfer_ulbuf;
 
     /* write the data to the target */
-    nwrite = write(fd, sendbuf, nread);
-    if((size_t)nwrite != nread) {
+    rv = write(fd, sendbuf, nread);
+    if(!curlx_sztouz(rv, &nwritten) || (nwritten != nread)) {
       result = CURLE_SEND_ERROR;
       break;
     }
-
-    bytecount += nread;
+    bytecount += nwritten;
 
     Curl_pgrsSetUploadCounter(data, bytecount);
 

From de1a6f80ebfa72e9e9bd6de70b38f88e88f3e027 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Thu, 20 Nov 2025 12:12:52 +0100
Subject: [PATCH 0937/2408] quiche: eliminate size_t casts

Use new curlx_sotouz_fits() instead.

Remove an unnecessary cast in osslq code while we are here.

Closes #19623
---
 lib/vquic/curl_osslq.c  |  2 +-
 lib/vquic/curl_quiche.c | 72 +++++++++++++++++++----------------------
 2 files changed, 35 insertions(+), 39 deletions(-)

diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c
index 68666d5915..f447e8dddf 100644
--- a/lib/vquic/curl_osslq.c
+++ b/lib/vquic/curl_osslq.c
@@ -777,7 +777,7 @@ static CURLcode write_resp_raw(struct Curl_cfilter *cf,
     return result;
 
   if(!flow)
-    stream->recv_buf_nonflow += (size_t)nwritten;
+    stream->recv_buf_nonflow += nwritten;
 
   if(nwritten < memlen) {
     /* This MUST not happen. Our recbuf is dimensioned to hold the
diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c
index 0ab7e0c296..4fc25acad0 100644
--- a/lib/vquic/curl_quiche.c
+++ b/lib/vquic/curl_quiche.c
@@ -47,6 +47,7 @@
 #include "../transfer.h"
 #include "../url.h"
 #include "../curlx/inet_pton.h"
+#include "../curlx/warnless.h"
 #include "../vtls/openssl.h"
 #include "../vtls/keylog.h"
 #include "../vtls/vtls.h"
@@ -408,12 +409,9 @@ static CURLcode stream_resp_read(void *reader_ctx,
     return CURLE_RECV_ERROR;
 
   nread = quiche_h3_recv_body(ctx->h3c, ctx->qconn, stream->id, buf, len);
-  if(nread >= 0) {
-    *pnread = (size_t)nread;
-    return CURLE_OK;
-  }
-  else
+  if(!curlx_sztouz(nread, pnread))
     return CURLE_AGAIN;
+  return CURLE_OK;
 }
 
 static CURLcode cf_recv_body(struct Curl_cfilter *cf,
@@ -633,8 +631,8 @@ static CURLcode cf_quiche_recv_pkts(const unsigned char *buf, size_t buflen,
   struct recv_ctx *r = userp;
   struct cf_quiche_ctx *ctx = r->cf->ctx;
   quiche_recv_info recv_info;
-  size_t pktlen, offset;
-  ssize_t nread;
+  size_t pktlen, offset, nread;
+  ssize_t rv;
 
   (void)ecn;
 
@@ -645,11 +643,11 @@ static CURLcode cf_quiche_recv_pkts(const unsigned char *buf, size_t buflen,
 
   for(offset = 0; offset < buflen; offset += gso_size) {
     pktlen = ((offset + gso_size) <= buflen) ? gso_size : (buflen - offset);
-    nread = quiche_conn_recv(ctx->qconn,
-                             (unsigned char *)CURL_UNCONST(buf + offset),
-                             pktlen, &recv_info);
-    if(nread < 0) {
-      if(QUICHE_ERR_DONE == nread) {
+    rv = quiche_conn_recv(ctx->qconn,
+                          (unsigned char *)CURL_UNCONST(buf + offset),
+                          pktlen, &recv_info);
+    if(!curlx_sztouz(rv, &nread)) {
+      if(QUICHE_ERR_DONE == rv) {
         if(quiche_conn_is_draining(ctx->qconn)) {
           CURL_TRC_CF(r->data, r->cf, "ingress, connection is draining");
           return CURLE_RECV_ERROR;
@@ -661,7 +659,7 @@ static CURLcode cf_quiche_recv_pkts(const unsigned char *buf, size_t buflen,
         CURL_TRC_CF(r->data, r->cf, "ingress, quiche is DONE");
         return CURLE_OK;
       }
-      else if(QUICHE_ERR_TLS_FAIL == nread) {
+      else if(QUICHE_ERR_TLS_FAIL == rv) {
         long verify_ok = SSL_get_verify_result(ctx->tls.ossl.ssl);
         if(verify_ok != X509_V_OK) {
           failf(r->data, "SSL certificate problem: %s",
@@ -672,12 +670,12 @@ static CURLcode cf_quiche_recv_pkts(const unsigned char *buf, size_t buflen,
         return CURLE_RECV_ERROR;
       }
       else {
-        failf(r->data, "quiche reports error %zd on receive", nread);
+        failf(r->data, "quiche reports error %zd on receive", rv);
         return CURLE_RECV_ERROR;
       }
     }
-    else if((size_t)nread < pktlen) {
-      CURL_TRC_CF(r->data, r->cf, "ingress, quiche only read %zd/%zu bytes",
+    else if(nread < pktlen) {
+      CURL_TRC_CF(r->data, r->cf, "ingress, quiche only read %zu/%zu bytes",
                   nread, pktlen);
     }
     ++r->pkts;
@@ -728,18 +726,17 @@ static CURLcode read_pkt_to_send(void *userp,
 {
   struct read_ctx *x = userp;
   struct cf_quiche_ctx *ctx = x->cf->ctx;
-  ssize_t n;
+  ssize_t rv;
 
   *pnread = 0;
-  n = quiche_conn_send(ctx->qconn, buf, buflen, &x->send_info);
-  if(n == QUICHE_ERR_DONE)
+  rv = quiche_conn_send(ctx->qconn, buf, buflen, &x->send_info);
+  if(rv == QUICHE_ERR_DONE)
     return CURLE_AGAIN;
 
-  if(n < 0) {
-    failf(x->data, "quiche_conn_send returned %zd", n);
+  if(!curlx_sztouz(rv, pnread)) {
+    failf(x->data, "quiche_conn_send returned %zd", rv);
     return CURLE_SEND_ERROR;
   }
-  *pnread = (size_t)n;
   return CURLE_OK;
 }
 
@@ -924,12 +921,12 @@ static CURLcode cf_quiche_send_body(struct Curl_cfilter *cf,
                                     size_t *pnwritten)
 {
   struct cf_quiche_ctx *ctx = cf->ctx;
-  ssize_t nwritten;
+  ssize_t rv;
 
   *pnwritten = 0;
-  nwritten = quiche_h3_send_body(ctx->h3c, ctx->qconn, stream->id,
-                                 (uint8_t *)CURL_UNCONST(buf), len, eos);
-  if(nwritten == QUICHE_H3_ERR_DONE || (nwritten == 0 && len > 0)) {
+  rv = quiche_h3_send_body(ctx->h3c, ctx->qconn, stream->id,
+                           (uint8_t *)CURL_UNCONST(buf), len, eos);
+  if(rv == QUICHE_H3_ERR_DONE || (rv == 0 && len > 0)) {
     /* Blocked on flow control and should HOLD sending. But when do we open
      * again? */
     if(!quiche_conn_stream_writable(ctx->qconn, stream->id, len)) {
@@ -939,28 +936,27 @@ static CURLcode cf_quiche_send_body(struct Curl_cfilter *cf,
     }
     return CURLE_AGAIN;
   }
-  else if(nwritten == QUICHE_H3_TRANSPORT_ERR_INVALID_STREAM_STATE) {
+  else if(rv == QUICHE_H3_TRANSPORT_ERR_INVALID_STREAM_STATE) {
     CURL_TRC_CF(data, cf, "[%" FMT_PRIu64 "] send_body(len=%zu) "
                 "-> invalid stream state", stream->id, len);
     return CURLE_HTTP3;
   }
-  else if(nwritten == QUICHE_H3_TRANSPORT_ERR_FINAL_SIZE) {
+  else if(rv == QUICHE_H3_TRANSPORT_ERR_FINAL_SIZE) {
     CURL_TRC_CF(data, cf, "[%" FMT_PRIu64 "] send_body(len=%zu) "
                 "-> exceeds size", stream->id, len);
     return CURLE_SEND_ERROR;
   }
-  else if(nwritten < 0) {
+  else if(!curlx_sztouz(rv, pnwritten)) {
     CURL_TRC_CF(data, cf, "[%" FMT_PRIu64 "] send_body(len=%zu) "
-                "-> quiche err %zd", stream->id, len, nwritten);
+                "-> quiche err %zd", stream->id, len, rv);
     return CURLE_SEND_ERROR;
   }
   else {
-    if(eos && (len == (size_t)nwritten))
+    if(eos && (len == *pnwritten))
       stream->send_closed = TRUE;
     CURL_TRC_CF(data, cf, "[%" FMT_PRIu64 "] send body(len=%zu, "
-                "eos=%d) -> %zd",
-                stream->id, len, stream->send_closed, nwritten);
-    *pnwritten = (size_t)nwritten;
+                "eos=%d) -> %zu",
+                stream->id, len, stream->send_closed, *pnwritten);
     return CURLE_OK;
   }
 }
@@ -1068,15 +1064,15 @@ static CURLcode h3_open_stream(struct Curl_cfilter *cf,
   }
 
   if(blen) {  /* after the headers, there was request BODY data */
-    size_t bwritten;
+    size_t nwritten;
     CURLcode r2 = CURLE_OK;
 
-    r2 = cf_quiche_send_body(cf, data, stream, buf, blen, eos, &bwritten);
+    r2 = cf_quiche_send_body(cf, data, stream, buf, blen, eos, &nwritten);
     if(r2 && (CURLE_AGAIN != r2)) {  /* real error, fail */
       result = r2;
     }
-    else if(bwritten > 0) {
-      *pnwritten += (size_t)bwritten;
+    else if(nwritten > 0) {
+      *pnwritten += nwritten;
     }
   }
 

From 8e1c7165bc25a440ebd80664048ae25fecbd7f0f Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Thu, 20 Nov 2025 22:42:32 +0100
Subject: [PATCH 0938/2408] RELEASE-NOTES: synced

---
 RELEASE-NOTES | 87 +++++++++++++++++++++++++++++++++++++++++++++------
 1 file changed, 78 insertions(+), 9 deletions(-)

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index e24762bafd..698357e43b 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -4,7 +4,7 @@ curl and libcurl 8.18.0
  Command line options:         273
  curl_easy_setopt() options:   308
  Public functions in libcurl:  100
- Contributors:                 3541
+ Contributors:                 3546
 
 This release includes the following changes:
 
@@ -15,50 +15,72 @@ This release includes the following changes:
 This release includes the following bugfixes:
 
  o _PROGRESS.md: add the E unit, mention kibibyte [24]
+ o AmigaOS: increase minimum stack size for tool_main [137]
  o asyn-thrdd: release rrname if ares_init_options fails [41]
  o autotools: drop autoconf <2.59 compatibility code (zz60-xc-ovr) [70]
+ o badwords: fix issues found in scripts and other files [142]
+ o badwords: fix issues found in tests [156]
+ o build: exclude clang prereleases from compiler warning options [154]
+ o build: tidy-up MSVC CRT warning suppression macros [140]
  o ccsidcurl: make curl_mime_data_ccsid() use the converted size [74]
  o cf-https-connect: allocate ctx at first in cf_hc_create() [79]
+ o cf-socket: limit use of `TCP_KEEP*` to Windows 10.0.16299+ at runtime [157]
  o cf-socket: trace ignored errors [97]
  o checksrc.pl: detect assign followed by more than one space [26]
  o cmake: adjust defaults for target platforms not supporting shared libs [35]
  o cmake: disable `CURL_CA_PATH` auto-detection if `USE_APPLE_SECTRUST=ON` [16]
+ o cmake: honor `CURL_DISABLE_INSTALL` and `CURL_ENABLE_EXPORT_TARGET` [106]
  o code: minor indent fixes before closing braces [107]
  o config2setopts: bail out if curl_url_get() returns OOM [102]
  o config2setopts: exit if curl_url_set() fails on OOM [105]
  o conncache: silence `-Wnull-dereference` on gcc 14 RISC-V 64 [17]
  o connect: reshuffle Curl_timeleft_ms to avoid 'redundant condition' [100]
  o cookie: propagate errors better, cleanup the internal API [118]
+ o cookie: return error on OOM [131]
  o cshutdn: acknowledge FD_SETSIZE for shutdown descriptors [25]
  o curl: fix progress meter in parallel mode [15]
+ o curl_sasl: make Curl_sasl_decode_mech compare case insenstively [160]
+ o curl_setup.h: document more funcs flagged by `_CRT_SECURE_NO_WARNINGS` [124]
  o curl_setup.h: drop stray `#undef stat` (Windows) [103]
  o CURLINFO: remove 'get' and 'get the' from each short desc [50]
  o CURLINFO_SCHEME/PROTOCOL: they return the "scheme" for a "transfer" [48]
  o CURLINFO_TLS_SSL_PTR.md: remove CURLINFO_TLS_SESSION text [49]
  o CURLOPT_READFUNCTION.md: clarify the size of the buffer [47]
  o CURLOPT_SSH_KEYFUNCTION.md: fix minor indent mistake in example
+ o digest_sspi: fix a memory leak on error path [149]
  o digest_sspi: properly free sspi identity [12]
+ o DISTROS.md: add OpenBSD [126]
  o docs: fix checksrc `EQUALSPACE` warnings [21]
  o docs: mention umask need when curl creates files [56]
  o examples/crawler: fix variable [92]
  o examples/multithread: fix race condition [101]
+ o examples: make functions/data static where missing [139]
+ o examples: tidy-up headers and includes [138]
  o ftp: refactor a piece of code by merging the repeated part [40]
  o ftp: remove #ifdef for define that is always defined [76]
  o getinfo: improve perf in debug mode [99]
  o gnutls: report accurate error when TLS-SRP is not built-in [18]
  o gtls: add return checks and optimize the code [2]
  o gtls: skip session resumption when verifystatus is set
+ o h2/h3: handle methods with spaces [146]
  o hostip: don't store negative lookup on OOM [61]
+ o hsts: propagate and error out correctly on OOM [130]
+ o http: avoid two strdup()s and do minor simplifications [144]
+ o http: error on OOM when creating range header [59]
  o http: replace atoi use in Curl_http_follow with curlx_str_number [65]
+ o http: the :authority header should never contain user+password [147]
  o INSTALL-CMAKE.md: document static option defaults more [37]
  o krb5_sspi: unify a part of error handling [80]
  o lib: cleanup for some typos about spaces and code style [3]
  o lib: eliminate size_t casts [112]
+ o lib: error for OOM when extracting URL query [127]
  o lib: fix gssapi.h include on IBMi [55]
  o lib: refactor the type of funcs which have useless return and checks [1]
- o libtests: replace `atoi()` with `curlx_str_number()` [120]
+ o libssh2: add paths to error messages for quote commands [114]
  o libssh2: cleanup ssh_force_knownhost_key_type [64]
  o libssh2: replace atoi() in ssh_force_knownhost_key_type [63]
+ o libssh: properly free sftp_attributes [153]
+ o libtests: replace `atoi()` with `curlx_str_number()` [120]
  o limit-rate: add example using --limit-rate and --max-time together [89]
  o m4/sectrust: fix test(1) operator [4]
  o mbedtls: fix potential use of uninitialized `nread` [8]
@@ -66,12 +88,17 @@ This release includes the following bugfixes:
  o mk-ca-bundle.pl: use `open()` with argument list to replace backticks [71]
  o mqtt: reject overly big messages [39]
  o noproxy: replace atoi with curlx_str_number [67]
+ o openssl: exit properly on OOM when getting certchain [133]
+ o openssl: fix a potential memory leak of bio_out [150]
+ o openssl: fix a potential memory leak of params.cert [151]
  o openssl: release ssl_session if sess_reuse_cb fails [43]
  o openssl: remove code handling default version [28]
  o OS400/ccsidcurl: fix curl_easy_setopt_ccsid for non-converted blobs [94]
  o OS400/makefile.sh: fix shellcheck warning SC2038 [86]
  o osslq: code readability [5]
  o progress: show fewer digits [78]
+ o projects/README.md: Markdown fixes [148]
+ o pytest fixes and improvements [159]
  o pytest: skip H2 tests if feature missing from curl [46]
  o rtmp: fix double-free on URL parse errors [27]
  o rtmp: precaution for a potential integer truncation [54]
@@ -81,6 +108,7 @@ This release includes the following bugfixes:
  o rustls: minor adjustment of sizeof() [38]
  o schannel: fix memory leak of cert_store_path on four error paths [23]
  o schannel: replace atoi() with curlx_str_number() [119]
+ o schannel_verify: fix a memory leak of cert_context [152]
  o scripts: fix shellcheck SC2046 warnings [90]
  o scripts: use end-of-options marker in `find -exec` commands [87]
  o setopt: disable CURLOPT_HAPROXY_CLIENT_IP on NULL [30]
@@ -88,6 +116,7 @@ This release includes the following bugfixes:
  o sftp: fix range downloads in both SSH backends [82]
  o socks_sspi: use free() not FreeContextBuffer() [93]
  o telnet: replace atoi for BINARY handling with curlx_str_number [66]
+ o TEST-SUITE.md: correct the man page's path [136]
  o test07_22: fix flakiness [95]
  o test2045: replace HTML multi-line comment markup with `#` comments [36]
  o test363: delete stray character (typo) from a section tag [52]
@@ -96,13 +125,18 @@ This release includes the following bugfixes:
  o tests/server: do not fall back to original data file in `test2fopen()` [32]
  o tests/server: replace `atoi()` and `atol()` with `curlx_str_number()` [110]
  o tftp: release filename if conn_get_remote_addr fails [42]
+ o tidy-up: move `CURL_UNCONST()` out from macro `curl_unicodefree()` [121]
  o tool: consider (some) curl_easy_setopt errors fatal [7]
+ o tool_cfgable: free ssl-sessions at exit [123]
+ o tool_getparam: verify that a file exists for some options [134]
  o tool_help: add checks to avoid unsigned wrap around [14]
  o tool_ipfs: check return codes better [20]
  o tool_operate: exit on curl_share_setopt errors [108]
  o tool_operate: remove redundant condition [19]
  o tool_operate: use curlx_str_number instead of atoi [68]
  o tool_paramhlp: refuse --proto remove all protocols [10]
+ o tool_urlglob: clean up used memory on errors better [44]
+ o url: if OOM in parse_proxy() return error [132]
  o urlapi: fix mem-leaks in curl_url_get error paths [22]
  o verify-release: update to avoid shellcheck warning SC2034 [88]
  o vquic-tls/gnutls: call Curl_gtls_verifyserver unconditionally [96]
@@ -134,13 +168,14 @@ Planned upcoming removals include:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 
-  Aleksandr Sergeev, Andrew Kirillov, Brad King, Dan Fandrich, Daniel McCarney,
-  Daniel Stenberg, Fd929c2CE5fA on github, Gisle Vanem, Jiyong Yang,
-  Juliusz Sosinowicz, Leonardo Taccari, nait-furry, Nick Korepanov,
-  Patrick Monnerat, pelioro on hackerone, Ray Satiro, renovate[bot],
-  Samuel Henrique, Stanislav Fort, Stefan Eissing, Thomas Klausner,
-  Viktor Szakats, Xiaoke Wang
-  (23 contributors)
+  Aleksandr Sergeev, Andrew Kirillov, boingball, Brad King, Christian Schmitz,
+  Dan Fandrich, Daniel McCarney, Daniel Stenberg, Fd929c2CE5fA on github,
+  Gisle Vanem, Jiyong Yang, Juliusz Sosinowicz, Leonardo Taccari,
+  letshack9707 on hackerone, Marcel Raad, nait-furry, Nick Korepanov,
+  Omdahake on github, Patrick Monnerat, pelioro on hackerone, Ray Satiro,
+  renovate[bot], Samuel Henrique, Stanislav Fort, Stefan Eissing,
+  Thomas Klausner, Viktor Szakats, Wesley Moore, Xiaoke Wang
+  (29 contributors)
 
 References to bug reports and discussions on issues:
 
@@ -185,6 +220,7 @@ References to bug reports and discussions on issues:
  [41] = https://curl.se/bug/?i=19410
  [42] = https://curl.se/bug/?i=19409
  [43] = https://curl.se/bug/?i=19405
+ [44] = https://curl.se/bug/?i=19614
  [45] = https://curl.se/bug/?i=19544
  [46] = https://curl.se/bug/?i=19412
  [47] = https://curl.se/bug/?i=19402
@@ -197,6 +233,7 @@ References to bug reports and discussions on issues:
  [54] = https://curl.se/bug/?i=19399
  [55] = https://curl.se/bug/?i=19336
  [56] = https://curl.se/bug/?i=19396
+ [59] = https://curl.se/bug/?i=19630
  [60] = https://curl.se/bug/?i=18330
  [61] = https://curl.se/bug/?i=19484
  [62] = https://curl.se/bug/?i=17931
@@ -237,11 +274,43 @@ References to bug reports and discussions on issues:
  [102] = https://curl.se/bug/?i=19518
  [103] = https://curl.se/bug/?i=19519
  [105] = https://curl.se/bug/?i=19517
+ [106] = https://curl.se/bug/?i=19144
  [107] = https://curl.se/bug/?i=19512
  [108] = https://curl.se/bug/?i=19513
  [110] = https://curl.se/bug/?i=19510
  [111] = https://curl.se/bug/?i=19509
  [112] = https://curl.se/bug/?i=19495
+ [114] = https://curl.se/bug/?i=19605
  [118] = https://curl.se/bug/?i=19493
  [119] = https://curl.se/bug/?i=19483
  [120] = https://curl.se/bug/?i=19506
+ [121] = https://curl.se/bug/?i=19606
+ [123] = https://curl.se/bug/?i=19602
+ [124] = https://curl.se/bug/?i=19597
+ [126] = https://curl.se/bug/?i=19596
+ [127] = https://curl.se/bug/?i=19594
+ [130] = https://curl.se/bug/?i=19593
+ [131] = https://curl.se/bug/?i=19591
+ [132] = https://curl.se/bug/?i=19590
+ [133] = https://curl.se/bug/?i=19471
+ [134] = https://curl.se/bug/?i=19583
+ [136] = https://curl.se/bug/?i=19586
+ [137] = https://curl.se/bug/?i=19578
+ [138] = https://curl.se/bug/?i=19580
+ [139] = https://curl.se/bug/?i=19579
+ [140] = https://curl.se/bug/?i=19175
+ [142] = https://curl.se/bug/?i=19572
+ [144] = https://curl.se/bug/?i=19571
+ [146] = https://curl.se/bug/?i=19543
+ [147] = https://curl.se/bug/?i=19568
+ [148] = https://curl.se/bug/?i=19569
+ [149] = https://curl.se/bug/?i=19567
+ [150] = https://curl.se/bug/?i=19561
+ [151] = https://curl.se/bug/?i=19560
+ [152] = https://curl.se/bug/?i=19556
+ [153] = https://curl.se/bug/?i=19564
+ [154] = https://curl.se/bug/?i=19566
+ [156] = https://curl.se/bug/?i=19541
+ [157] = https://curl.se/bug/?i=19520
+ [159] = https://curl.se/bug/?i=19540
+ [160] = https://curl.se/bug/?i=19535

From 51f5d30a36a42f3ee73a1024500fee5dc6e931fe Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Thu, 20 Nov 2025 23:59:10 +0100
Subject: [PATCH 0939/2408] RELEASE-NOTES: spellfix

---
 RELEASE-NOTES | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 698357e43b..3af5605c8d 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -39,7 +39,7 @@ This release includes the following bugfixes:
  o cookie: return error on OOM [131]
  o cshutdn: acknowledge FD_SETSIZE for shutdown descriptors [25]
  o curl: fix progress meter in parallel mode [15]
- o curl_sasl: make Curl_sasl_decode_mech compare case insenstively [160]
+ o curl_sasl: make Curl_sasl_decode_mech compare case insensitively [160]
  o curl_setup.h: document more funcs flagged by `_CRT_SECURE_NO_WARNINGS` [124]
  o curl_setup.h: drop stray `#undef stat` (Windows) [103]
  o CURLINFO: remove 'get' and 'get the' from each short desc [50]

From 27a7cf40bb7e8771c356fb3b16714f77f1d126d8 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Fri, 21 Nov 2025 02:14:59 +0000
Subject: [PATCH 0940/2408] GHA: update dependency wolfSSL/wolfssl to v5.8.4

Closes #19633
---
 .github/workflows/http3-linux.yml | 2 +-
 .github/workflows/linux.yml       | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml
index ff32e6c5d9..223c6afbf4 100644
--- a/.github/workflows/http3-linux.yml
+++ b/.github/workflows/http3-linux.yml
@@ -49,7 +49,7 @@ env:
   # renovate: datasource=github-tags depName=gnutls/gnutls versioning=semver registryUrl=https://github.com
   GNUTLS_VERSION: 3.8.10
   # renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?.+)-stable$ registryUrl=https://github.com
-  WOLFSSL_VERSION: 5.8.2
+  WOLFSSL_VERSION: 5.8.4
   # renovate: datasource=github-tags depName=ngtcp2/nghttp3 versioning=semver registryUrl=https://github.com
   NGHTTP3_VERSION: 1.12.0
   # renovate: datasource=github-tags depName=ngtcp2/ngtcp2 versioning=semver registryUrl=https://github.com
diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml
index a6823b4c9d..0db8ca33b4 100644
--- a/.github/workflows/linux.yml
+++ b/.github/workflows/linux.yml
@@ -40,7 +40,7 @@ env:
   # renovate: datasource=github-tags depName=libressl/portable versioning=semver registryUrl=https://github.com
   LIBRESSL_VERSION: 4.2.1
   # renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?.+)-stable$ registryUrl=https://github.com
-  WOLFSSL_VERSION: 5.8.2
+  WOLFSSL_VERSION: 5.8.4
   # renovate: datasource=github-tags depName=Mbed-TLS/mbedtls versioning=semver registryUrl=https://github.com
   MBEDTLS_VERSION: 4.0.0
   # renovate: datasource=github-tags depName=Mbed-TLS/mbedtls versioning=semver:^3.0.0 registryUrl=https://github.com

From fdacf34aaeac79ad14fa48dcafae24a6de68823d Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Fri, 21 Nov 2025 02:44:08 +0100
Subject: [PATCH 0941/2408] GHA/codeql: add tweak to successfully build
 libtests for CodeQL

Turns out the cause of CodeQL hangs (or probably just extreme long
compile) is the header `curl/typecheck-gcc.h`. By accident I noticed
that the preprocessed output of libtests.c is 75 MB (megabytes). This
is much higher than the amounf of source code hinted, also compared to
e.g. units.c or other build targets. The reason for the extreme size
is each easy option call pulling in the large checker logic defined
in this header.

By compiling with `-DCURL_DISABLE_TYPECHECK`, preprocessed output drops
to 2.2 MB (34x), and the libtests target builds without issues.

Also build all tests and examples with the Linux HTTP/3 config, covering
3 more files.

With these, CodeQL C coverage is 893 out of 930 (96%) (was: 645 69%)

Follow-up to 71fc11e6bbf530b90bf6e93a02cb32bdaecc933b #18695
Follow-up to a333fd4411b95fc0c3061b2d675de9287b6123e0 #18557
Follow-up to b4922b1295333dc6679eb1d588ddc2fb6b7fd5b7 #18564

Closes https://github.com/vszakats/curl/pull/11
Closes #19632
---
 .github/workflows/codeql.yml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index c7b6383cf1..c42d717735 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -109,24 +109,24 @@ jobs:
             # MultiSSL
             export PKG_CONFIG_PATH; PKG_CONFIG_PATH="$(brew --prefix c-ares)/lib/pkgconfig:$(brew --prefix mbedtls)/lib/pkgconfig:$(brew --prefix rustls-ffi)/lib/pkgconfig:$(brew --prefix gsasl)/lib/pkgconfig"
             cmake -B _bld1 -G Ninja -DENABLE_DEBUG=ON \
+              -DCMAKE_C_FLAGS=-DCURL_DISABLE_TYPECHECK \
               -DCURL_USE_GNUTLS=ON -DCURL_USE_MBEDTLS=ON -DCURL_USE_RUSTLS=ON -DCURL_USE_WOLFSSL=ON \
               -DUSE_LIBRTMP=ON -DCURL_USE_GSASL=ON -DCURL_USE_GSSAPI=ON -DUSE_SSLS_EXPORT=ON -DUSE_ECH=ON -DENABLE_ARES=ON \
               -DCURL_DISABLE_VERBOSE_STRINGS=ON
             cmake --build _bld1
-            cmake --build _bld1 --target curlinfo
-            cmake --build _bld1 --target servers
-            cmake --build _bld1 --target tunits
-            cmake --build _bld1 --target units
+            cmake --build _bld1 --target testdeps
             cmake --build _bld1 --target curl-examples-build
 
             # HTTP/3
             export PKG_CONFIG_PATH; PKG_CONFIG_PATH="$(brew --prefix libnghttp3)/lib/pkgconfig:$(brew --prefix libngtcp2)/lib/pkgconfig:$(brew --prefix gsasl)/lib/pkgconfig"
             cmake -B _bld2 -G Ninja \
+              -DCMAKE_C_FLAGS=-DCURL_DISABLE_TYPECHECK \
               -DCURL_USE_OPENSSL=ON -DOPENSSL_ROOT_DIR="$(brew --prefix openssl)" -DUSE_NGTCP2=ON \
               -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=ON \
               -DUSE_LIBRTMP=ON -DCURL_USE_GSASL=ON -DCURL_USE_GSSAPI=ON -DUSE_SSLS_EXPORT=ON
             cmake --build _bld2
-            cmake --build _bld2 --target servers
+            cmake --build _bld2 --target testdeps
+            cmake --build _bld2 --target curl-examples-build
 
             _bld1/src/curl --disable --version
             _bld2/src/curl --disable --version

From b4220bde0ba79486c63e60de71037df912134dfb Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Fri, 21 Nov 2025 03:52:04 +0100
Subject: [PATCH 0942/2408] GHA/checksrc: switch xmllint job to Linux (from
 macOS)

macOS was chosen because xmllint comes preinstalled, saving the prereq
install step. But, macOS's xmllint jobs sometimes doesn't finish in 1m
(instead of under 1 second) and gets cancelled, causing flaky failures.
Go with Linux and an install phase (of 15s) instead.

Examples:
https://github.com/curl/curl/actions/runs/19558021722/job/56004334495

Closes #19634
---
 .github/workflows/checksrc.yml | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/checksrc.yml b/.github/workflows/checksrc.yml
index 32f825214d..2f7b0b0e94 100644
--- a/.github/workflows/checksrc.yml
+++ b/.github/workflows/checksrc.yml
@@ -120,9 +120,17 @@ jobs:
 
   xmllint:
     name: 'xmllint'
-    runs-on: macos-latest
+    runs-on: ubuntu-latest
     timeout-minutes: 1
     steps:
+      - name: 'install prereqs'
+        run: |
+          sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list
+          sudo apt-get -o Dpkg::Use-Pty=0 update
+          sudo rm -f /var/lib/man-db/auto-update
+          sudo apt-get -o Dpkg::Use-Pty=0 install \
+            libxml2-utils
+
       - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false

From fd23d9505c7263814bfb2963e9c406a53b0295a2 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 20 Nov 2025 17:39:53 +0100
Subject: [PATCH 0943/2408] src: move `memdebug.h` to be the last include

`memdebug.h` must be included last within each source. This breaks when
including it in a header, which ends up being included in the middle of
other headers, and `memdebug.h` also ending up in the middle of
includes.

Follow-up to c255d2fdcbf27b4bfd668ae3784bb657449d6889 #19602

Closes #19629
---
 src/tool_cfgable.h | 1 -
 src/tool_ssls.c    | 2 ++
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/tool_cfgable.h b/src/tool_cfgable.h
index 717d35a1f5..dc78f2db44 100644
--- a/src/tool_cfgable.h
+++ b/src/tool_cfgable.h
@@ -29,7 +29,6 @@
 #include "tool_sdecls.h"
 #include "tool_urlglob.h"
 #include "var.h"
-#include "memdebug.h" /* keep this as LAST include */
 
 /* the type we use for storing a single boolean bit */
 #ifndef BIT
diff --git a/src/tool_ssls.c b/src/tool_ssls.c
index ab78014c0a..4c9d1ee008 100644
--- a/src/tool_ssls.c
+++ b/src/tool_ssls.c
@@ -30,6 +30,8 @@
 #include "tool_ssls.h"
 #include "tool_parsecfg.h"
 
+#include "memdebug.h" /* keep this as LAST include */
+
 /* The maximum line length for an ecoded session ticket */
 #define MAX_SSLS_LINE (64 * 1024)
 

From 529f61388f8c235fc250aa466163396a8965b362 Mon Sep 17 00:00:00 2001
From: Marc Aldorasi 
Date: Wed, 19 Nov 2025 11:12:31 -0500
Subject: [PATCH 0944/2408] gnutls: implement CURLOPT_CAINFO_BLOB

This adds support for in-memory CA certs using CURLOPT_CAINFO_BLOB to
the GnuTLS backend.

Closes #19612
---
 docs/libcurl/opts/CURLOPT_CAINFO_BLOB.md |  3 ++-
 lib/vtls/gtls.c                          | 27 +++++++++++++++++++++++-
 2 files changed, 28 insertions(+), 2 deletions(-)

diff --git a/docs/libcurl/opts/CURLOPT_CAINFO_BLOB.md b/docs/libcurl/opts/CURLOPT_CAINFO_BLOB.md
index 149c9b795f..99bfaf11e6 100644
--- a/docs/libcurl/opts/CURLOPT_CAINFO_BLOB.md
+++ b/docs/libcurl/opts/CURLOPT_CAINFO_BLOB.md
@@ -13,6 +13,7 @@ See-also:
   - CURLOPT_SSL_VERIFYPEER (3)
 TLS-backend:
   - OpenSSL
+  - GnuTLS
   - mbedTLS
   - rustls
   - wolfSSL
@@ -80,7 +81,7 @@ int main(void)
 # HISTORY
 
 This option is supported by the mbedTLS (since 7.81.0), Rustls (since 7.82.0),
-wolfSSL (since 8.2.0), OpenSSL and Schannel backends.
+wolfSSL (since 8.2.0), GnuTLS (since 8.18.0), OpenSSL and Schannel backends.
 
 # %AVAILABILITY%
 
diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index eba5fb36f0..c0e248642b 100644
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -477,7 +477,31 @@ static CURLcode gtls_populate_creds(struct Curl_cfilter *cf,
 #endif
   }
 
-  if(config->CAfile) {
+  if(config->ca_info_blob) {
+    gnutls_datum_t ca_info_datum;
+    if(config->ca_info_blob->len > (size_t)UINT_MAX) {
+      failf(data, "certificate blob too long: %zu bytes",
+            config->ca_info_blob->len);
+      return CURLE_SSL_CACERT_BADFILE;
+    }
+    ca_info_datum.data = config->ca_info_blob->data;
+    ca_info_datum.size = (unsigned int)config->ca_info_blob->len;
+    rc = gnutls_certificate_set_x509_trust_mem(creds, &ca_info_datum,
+                                               GNUTLS_X509_FMT_PEM);
+    creds_are_empty = creds_are_empty && (rc <= 0);
+    if(rc < 0) {
+      infof(data, "error reading ca cert blob (%s)%s", gnutls_strerror(rc),
+            (creds_are_empty ? "" : ", continuing anyway"));
+      if(creds_are_empty) {
+        ssl_config->certverifyresult = rc;
+        return CURLE_SSL_CACERT_BADFILE;
+      }
+    }
+    else
+      infof(data, "  CA Blob: %d certificates", rc);
+  }
+  /* CURLOPT_CAINFO_BLOB overrides CURLOPT_CAINFO */
+  else if(config->CAfile) {
     /* set the trusted CA cert bundle file */
     gnutls_certificate_set_verify_flags(creds,
                                         GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT);
@@ -2335,6 +2359,7 @@ const struct Curl_ssl Curl_ssl_gnutls = {
   SSLSUPP_CERTINFO |
   SSLSUPP_PINNEDPUBKEY |
   SSLSUPP_HTTPS_PROXY |
+  SSLSUPP_CAINFO_BLOB |
   SSLSUPP_CIPHER_LIST |
   SSLSUPP_CA_CACHE,
 

From 49ab46c9c50511dcc304a92f3a2e458d4a9fa131 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Wed, 19 Nov 2025 15:05:17 +0100
Subject: [PATCH 0945/2408] gtls: drop support for GnuTLS < 3.6.5

Release date 2018-12-01. Has TLS 1.3 support.

Closes #19609
---
 docs/INTERNALS.md |  2 +-
 lib/vtls/gtls.c   | 49 ++---------------------------------------------
 2 files changed, 3 insertions(+), 48 deletions(-)

diff --git a/docs/INTERNALS.md b/docs/INTERNALS.md
index d957c69ab7..e9bb82a33d 100644
--- a/docs/INTERNALS.md
+++ b/docs/INTERNALS.md
@@ -26,7 +26,7 @@ versions of libs and build tools.
 
  - OpenSSL      3.0.0 (2021-09-07)
  - LibreSSL     2.9.1 (2019-04-22)
- - GnuTLS       3.1.10 (2013-03-22)
+ - GnuTLS       3.6.5 (2018-12-01)
  - mbedTLS      3.2.0 (2022-07-11)
  - zlib         1.2.5.2 (2011-12-11)
  - libssh2      1.9.0 (2019-06-20)
diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index c0e248642b..dbb442f363 100644
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -73,7 +73,7 @@ static void tls_log_func(int level, const char *str)
 }
 #endif
 
-#if !defined(GNUTLS_VERSION_NUMBER) || (GNUTLS_VERSION_NUMBER < 0x03010a)
+#if !defined(GNUTLS_VERSION_NUMBER) || (GNUTLS_VERSION_NUMBER < 0x030605)
 #error "too old GnuTLS version"
 #endif
 
@@ -767,10 +767,8 @@ int Curl_glts_get_ietf_proto(gnutls_session_t session)
     return CURL_IETF_PROTO_TLS1_1;
   case GNUTLS_TLS1_2:
     return CURL_IETF_PROTO_TLS1_2;
-#if GNUTLS_VERSION_NUMBER >= 0x030603
   case GNUTLS_TLS1_3:
     return CURL_IETF_PROTO_TLS1_3;
-#endif
   default:
     return CURL_IETF_PROTO_UNKNOWN;
   }
@@ -1841,51 +1839,8 @@ Curl_gtls_verifyserver(struct Curl_cfilter *cf,
   rc = (int)gnutls_x509_crt_check_hostname(x509_cert,
                                            peer->sni ? peer->sni :
                                            peer->hostname);
-#if GNUTLS_VERSION_NUMBER < 0x030306
-  /* Before 3.3.6, gnutls_x509_crt_check_hostname() did not check IP
-     addresses. */
-  if(!rc) {
-#ifdef USE_IPV6
-    #define use_addr in6_addr
-#else
-    #define use_addr in_addr
-#endif
-    unsigned char addrbuf[sizeof(struct use_addr)];
-    size_t addrlen = 0;
-
-    if(curlx_inet_pton(AF_INET, peer->hostname, addrbuf) > 0)
-      addrlen = 4;
-#ifdef USE_IPV6
-    else if(curlx_inet_pton(AF_INET6, peer->hostname, addrbuf) > 0)
-      addrlen = 16;
-#endif
-
-    if(addrlen) {
-      unsigned char certaddr[sizeof(struct use_addr)];
-      int i;
-
-      for(i = 0; ; i++) {
-        size_t certaddrlen = sizeof(certaddr);
-        int ret = gnutls_x509_crt_get_subject_alt_name(x509_cert, i, certaddr,
-                                                       &certaddrlen, NULL);
-        /* If this happens, it was not an IP address. */
-        if(ret == GNUTLS_E_SHORT_MEMORY_BUFFER)
-          continue;
-        if(ret < 0)
-          break;
-        if(ret != GNUTLS_SAN_IPADDRESS)
-          continue;
-        if(certaddrlen == addrlen && !memcmp(addrbuf, certaddr, addrlen)) {
-          rc = 1;
-          break;
-        }
-      }
-    }
-  }
-#endif
-
   result = (!rc && config->verifyhost) ?
-           CURLE_PEER_FAILED_VERIFICATION : CURLE_OK;
+    CURLE_PEER_FAILED_VERIFICATION : CURLE_OK;
   gtls_msg_verify_result(data, peer, x509_cert, rc, config->verifyhost);
   if(result)
     goto out;

From de7ee1c96265013c71a367575abbcf97b843fde3 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Fri, 21 Nov 2025 09:19:21 +0100
Subject: [PATCH 0946/2408] GHA: disable TLS in the linux-old build

There are no supported TLS libraries left in "stretch".
---
 .github/workflows/linux-old.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/linux-old.yml b/.github/workflows/linux-old.yml
index f79cee94ac..64958f4bd6 100644
--- a/.github/workflows/linux-old.yml
+++ b/.github/workflows/linux-old.yml
@@ -72,7 +72,7 @@ jobs:
           dpkg -i freexian-archive-keyring_2022.06.08_all.deb
           echo 'deb http://deb.freexian.com/extended-lts stretch-lts main contrib non-free' | tee /etc/apt/sources.list.d/extended-lts.list
           apt-get -o Dpkg::Use-Pty=0 update
-          apt-get -o Dpkg::Use-Pty=0 install -y --no-install-suggests --no-install-recommends cmake make automake autoconf libtool gcc pkg-config libpsl-dev libzstd-dev zlib1g-dev libgnutls28-dev libc-ares-dev libkrb5-dev libldap2-dev librtmp-dev stunnel4 groff
+          apt-get -o Dpkg::Use-Pty=0 install -y --no-install-suggests --no-install-recommends cmake make automake autoconf libtool gcc pkg-config libpsl-dev libzstd-dev zlib1g-dev libc-ares-dev libkrb5-dev libldap2-dev librtmp-dev stunnel4 groff
           # GitHub's actions/checkout needs newer glibc and libstdc++. The latter also depends on
           # gcc-8-base, but it does not actually seem used in our situation and is not available in
           # the main repo, so force the install.
@@ -89,7 +89,7 @@ jobs:
           mkdir bld-1
           cd bld-1
           cmake .. -DCMAKE_UNITY_BUILD=ON -DCURL_WERROR=ON -DBUILD_SHARED_LIBS=ON \
-            -DCURL_USE_GNUTLS=ON -DENABLE_ARES=OFF -DCURL_ZSTD=OFF -DCURL_USE_GSSAPI=OFF -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=OFF -DUSE_LIBRTMP=ON
+            -DCURL_ENABLE_SSL=OFF -DENABLE_ARES=OFF -DCURL_ZSTD=OFF -DCURL_USE_GSSAPI=OFF -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=OFF -DUSE_LIBRTMP=ON
 
       - name: 'CM build-only build'
         run: VERBOSE=1 make -C bld-1 install
@@ -113,7 +113,7 @@ jobs:
           mkdir bld-cares
           cd bld-cares
           cmake .. -DCMAKE_UNITY_BUILD=ON -DCURL_WERROR=ON -DBUILD_SHARED_LIBS=ON \
-            -DCURL_USE_GNUTLS=ON -DENABLE_ARES=ON -DCURL_USE_GSSAPI=ON -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=OFF -DUSE_LIBRTMP=ON \
+            -DCURL_ENABLE_SSL=OFF -DENABLE_ARES=ON -DCURL_USE_GSSAPI=ON -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=OFF -DUSE_LIBRTMP=ON \
             -DCURL_LIBCURL_VERSIONED_SYMBOLS=ON
 
       - name: 'CM configure log'
@@ -151,7 +151,7 @@ jobs:
           mkdir bld-am
           cd bld-am
           ../configure --disable-dependency-tracking --enable-unity --enable-warnings --enable-werror \
-            --with-gnutls --enable-ares --without-libssh2 --with-zstd --with-gssapi --with-librtmp \
+            --without-ssl --enable-ares --without-libssh2 --with-zstd --with-gssapi --with-librtmp \
             --prefix="$PWD"/../curl-install-am
 
       - name: 'AM configure log'

From dd36dacd3e1518c1744e233d4aa3ec5a3a1c7bbc Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Thu, 20 Nov 2025 13:17:03 +0100
Subject: [PATCH 0947/2408] openssl: no verify failf message unless strict

If verifypeer and verifyhost are disabled, to not generate
a failf() message for failed verifications.

Fixes #19615
Reported-by: ncaklovic on github
Closes #19625
---
 lib/vtls/openssl.c | 30 +++++++++++++-----------------
 1 file changed, 13 insertions(+), 17 deletions(-)

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 80d01c3160..909c9a135b 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -4557,7 +4557,7 @@ static CURLcode ossl_check_issuer(struct Curl_cfilter *cf,
   X509 *issuer = NULL;
   BIO *fp = NULL;
   char err_buf[256]="";
-  bool strict = (conn_config->verifypeer || conn_config->verifyhost);
+  bool verify_enabled = (conn_config->verifypeer || conn_config->verifyhost);
   CURLcode result = CURLE_OK;
 
   /* e.g. match issuer name with provided issuer certificate */
@@ -4581,7 +4581,7 @@ static CURLcode ossl_check_issuer(struct Curl_cfilter *cf,
     }
 
     if(BIO_read_filename(fp, conn_config->issuercert) <= 0) {
-      if(strict)
+      if(verify_enabled)
         failf(data, "SSL: Unable to open issuer cert (%s)",
               conn_config->issuercert);
       result = CURLE_SSL_ISSUER_ERROR;
@@ -4592,7 +4592,7 @@ static CURLcode ossl_check_issuer(struct Curl_cfilter *cf,
   if(fp) {
     issuer = PEM_read_bio_X509(fp, NULL, ZERO_NULL, NULL);
     if(!issuer) {
-      if(strict)
+      if(verify_enabled)
         failf(data, "SSL: Unable to read issuer cert (%s)",
               conn_config->issuercert);
       result = CURLE_SSL_ISSUER_ERROR;
@@ -4600,7 +4600,7 @@ static CURLcode ossl_check_issuer(struct Curl_cfilter *cf,
     }
 
     if(X509_check_issued(issuer, server_cert) != X509_V_OK) {
-      if(strict)
+      if(verify_enabled)
         failf(data, "SSL: Certificate issuer check failed (%s)",
               conn_config->issuercert);
       result = CURLE_SSL_ISSUER_ERROR;
@@ -4648,8 +4648,6 @@ static CURLcode ossl_infof_cert(struct Curl_cfilter *cf,
                                 struct Curl_easy *data,
                                 X509 *server_cert)
 {
-  struct ssl_primary_config *conn_config = Curl_ssl_cf_get_primary_config(cf);
-  bool strict = (conn_config->verifypeer || conn_config->verifyhost);
   BIO *mem = NULL;
   struct dynbuf dname;
   char err_buf[256] = "";
@@ -4686,12 +4684,8 @@ static CURLcode ossl_infof_cert(struct Curl_cfilter *cf,
   (void)BIO_reset(mem);
 
   result = x509_name_oneline(X509_get_issuer_name(server_cert), &dname);
-  if(result) {
-    if(strict)
-      failf(data, "SSL: could not get X509-issuer name");
-    result = CURLE_PEER_FAILED_VERIFICATION;
+  if(result) /* should be only fatal stuff like OOM */
     goto out;
-  }
   infof(data, "  issuer: %s", curlx_dyn_ptr(&dname));
 
 out:
@@ -4788,7 +4782,6 @@ CURLcode Curl_ossl_check_peer_cert(struct Curl_cfilter *cf,
   struct ssl_primary_config *conn_config = Curl_ssl_cf_get_primary_config(cf);
   CURLcode result = CURLE_OK;
   long ossl_verify;
-  bool strict = (conn_config->verifypeer || conn_config->verifyhost);
   X509 *server_cert;
   bool verified = FALSE;
 #ifdef USE_APPLE_SECTRUST
@@ -4805,7 +4798,8 @@ CURLcode Curl_ossl_check_peer_cert(struct Curl_cfilter *cf,
 
   server_cert = SSL_get1_peer_certificate(octx->ssl);
   if(!server_cert) {
-    if(!strict)
+    /* no verification at all, this maybe acceptable */
+    if(!(conn_config->verifypeer || conn_config->verifyhost))
       goto out;
 
     failf(data, "SSL: could not get peer certificate");
@@ -4825,6 +4819,7 @@ CURLcode Curl_ossl_check_peer_cert(struct Curl_cfilter *cf,
     if(result)
       goto out;
   }
+  /* `verifyhost` is either OK or not requested from here on */
 
   ossl_verify = SSL_get_verify_result(octx->ssl);
   ssl_config->certverifyresult = ossl_verify;
@@ -4853,11 +4848,12 @@ CURLcode Curl_ossl_check_peer_cert(struct Curl_cfilter *cf,
 
   if(!verified) {
     /* no trust established, report the OpenSSL status */
-    failf(data, "SSL certificate OpenSSL verify result: %s (%ld)",
-          X509_verify_cert_error_string(ossl_verify), ossl_verify);
-    result = CURLE_PEER_FAILED_VERIFICATION;
-    if(conn_config->verifypeer)
+    if(conn_config->verifypeer) {
+      failf(data, "SSL certificate OpenSSL verify result: %s (%ld)",
+            X509_verify_cert_error_string(ossl_verify), ossl_verify);
+      result = CURLE_PEER_FAILED_VERIFICATION;
       goto out;
+    }
     infof(data, " SSL certificate verification failed, continuing anyway!");
   }
 

From 3561f2c7bfe8d6c4d535a038b67d5f731fe0012f Mon Sep 17 00:00:00 2001
From: x2018 
Date: Wed, 19 Nov 2025 23:25:57 +0800
Subject: [PATCH 0948/2408] lib: cleanup some whitespace nits

Closes #19588
---
 lib/vtls/openssl.c | 2 +-
 src/tool_operhlp.c | 2 +-
 src/tool_setopt.c  | 2 +-
 src/tool_ssls.c    | 4 ++--
 4 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 909c9a135b..5d35ba1a15 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -277,7 +277,7 @@ static CURLcode X509V3_ext(struct Curl_easy *data,
 
     if(asn1_object_dump(obj, namebuf, sizeof(namebuf)))
       /* make sure the name is null-terminated */
-      namebuf [ sizeof(namebuf) - 1] = 0;
+      namebuf[sizeof(namebuf) - 1] = 0;
 
     if(!X509V3_EXT_print(bio_out, ext, 0, 0))
       ASN1_STRING_print(bio_out, (ASN1_STRING *)X509_EXTENSION_get_data(ext));
diff --git a/src/tool_operhlp.c b/src/tool_operhlp.c
index e17955bec3..0d6c2cb6e0 100644
--- a/src/tool_operhlp.c
+++ b/src/tool_operhlp.c
@@ -92,7 +92,7 @@ CURLcode add_file_name_to_url(CURL *curl, char **inurlp, const char *filename)
   if(uh) {
     char *ptr;
     uerr = curl_url_set(uh, CURLUPART_URL, *inurlp,
-                    CURLU_GUESS_SCHEME|CURLU_NON_SUPPORT_SCHEME);
+                        CURLU_GUESS_SCHEME|CURLU_NON_SUPPORT_SCHEME);
     if(uerr) {
       result = urlerr_cvt(uerr);
       goto fail;
diff --git a/src/tool_setopt.c b/src/tool_setopt.c
index ccecd3a7e0..b7039fbb48 100644
--- a/src/tool_setopt.c
+++ b/src/tool_setopt.c
@@ -623,7 +623,7 @@ CURLcode tool_setopt_offt(CURL *curl, const char *name, CURLoption tag,
   if(global->libcurl && !ret && lval) {
     /* we only use this for real if --libcurl was used */
     ret = easysrc_addf(&easysrc_code, "curl_easy_setopt(hnd, %s, (curl_off_t)%"
-          CURL_FORMAT_CURL_OFF_T ");", name, lval);
+                       CURL_FORMAT_CURL_OFF_T ");", name, lval);
   }
 
   return ret;
diff --git a/src/tool_ssls.c b/src/tool_ssls.c
index 4c9d1ee008..40e67a8044 100644
--- a/src/tool_ssls.c
+++ b/src/tool_ssls.c
@@ -156,8 +156,8 @@ static CURLcode tool_ssls_exp(CURL *easy, void *userptr,
   (void)earlydata_max;
   if(!ctx->exported)
     fputs("# Your SSL session cache. https://curl.se/docs/ssl-sessions.html\n"
-        "# This file was generated by libcurl! Edit at your own risk.\n",
-        ctx->fp);
+          "# This file was generated by libcurl! Edit at your own risk.\n",
+          ctx->fp);
 
   r = curlx_base64_encode((const char *)shmac, shmac_len, &enc, &enc_len);
   if(r)

From eaa7651374898cef89e5783b0219bdffcc0eb60e Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 17 Nov 2025 23:49:15 +0100
Subject: [PATCH 0949/2408] lib: replace `_tcsncpy`/`wcsncpy`/`wcscpy` with
 `_s` counterparts (Windows)

Replace:
- curl_sspi: macro `_tcsncpy()` with `_tcsncpy_s()`.
- curlx/fopen: `wcsncpy()` with `wcsncpy_s()`.
- curlx/fopen: `wcscpy()` with `wcscpy_s()`.

Use of the pre-existing functions were safe. This patch aims to use the
recommended Windows CRT functions. Handle errors returned by them. Also
to avoid the compiler warnings silenced via `_CRT_SECURE_NO_WARNINGS`:

```
lib/curl_sspi.c(152): warning C4996: 'wcsncpy': This function or variable may be unsafe. Consider using wcsncpy_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS.
lib/curlx/fopen.c(161): warning C4996: 'wcsncpy': This function or variable may be unsafe. Consider using wcsncpy_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS.
lib/curlx/fopen.c(162): warning C4996: 'wcscpy': This function or variable may be unsafe. Consider using wcscpy_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS.
lib/curlx/fopen.c(174): warning C4996: 'wcsncpy': This function or variable may be unsafe. Consider using wcsncpy_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS.
lib/curlx/fopen.c(175): warning C4996: 'wcscpy': This function or variable may be unsafe. Consider using wcscpy_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS.
```

Refs:
https://learn.microsoft.com/cpp/c-runtime-library/reference/strncpy-strncpy-l-wcsncpy-wcsncpy-l-mbsncpy-mbsncpy-l
https://learn.microsoft.com/cpp/c-runtime-library/reference/strncpy-s-strncpy-s-l-wcsncpy-s-wcsncpy-s-l-mbsncpy-s-mbsncpy-s-l
https://learn.microsoft.com/cpp/c-runtime-library/security-features-in-the-crt

Cherry-picked from #19581 (in part)
Closes #19589
---
 lib/curl_setup.h  |  2 +-
 lib/curl_sspi.c   |  7 +++++--
 lib/curlx/fopen.c | 20 ++++++++++++++++----
 3 files changed, 22 insertions(+), 7 deletions(-)

diff --git a/lib/curl_setup.h b/lib/curl_setup.h
index 0df96d5efd..05e6149f61 100644
--- a/lib/curl_setup.h
+++ b/lib/curl_setup.h
@@ -98,7 +98,7 @@
 #define _CRT_SECURE_NO_WARNINGS  /* for __sys_errlist, __sys_nerr, _open(),
                                     _wfopen(), _wopen(), fopen(), freopen(),
                                     getenv(), gmtime(), mbstowcs(), sprintf(),
-                                    strcpy(), wcscpy(), wcsncpy(), wcstombs(),
+                                    strcpy(), wcstombs(),
                                     in tests: localtime(), open(), sscanf() */
 #endif
 #endif /* _MSC_VER */
diff --git a/lib/curl_sspi.c b/lib/curl_sspi.c
index 32b4c894d6..369cf18967 100644
--- a/lib/curl_sspi.c
+++ b/lib/curl_sspi.c
@@ -149,8 +149,11 @@ CURLcode Curl_create_sspi_identity(const char *userp, const char *passwdp,
     curlx_unicodefree(useranddomain.tchar_ptr);
     return CURLE_OUT_OF_MEMORY;
   }
-  _tcsncpy(dup_domain.tchar_ptr, domain.tchar_ptr, domlen);
-  *(dup_domain.tchar_ptr + domlen) = TEXT('\0');
+  if(_tcsncpy_s(dup_domain.tchar_ptr, domlen + 1, domain.tchar_ptr, domlen)) {
+    curlx_unicodefree(dup_domain.tchar_ptr);
+    curlx_unicodefree(useranddomain.tchar_ptr);
+    return CURLE_OUT_OF_MEMORY;
+  }
   identity->Domain = dup_domain.tbyte_ptr;
   identity->DomainLength = curlx_uztoul(domlen);
   dup_domain.tchar_ptr = NULL;
diff --git a/lib/curlx/fopen.c b/lib/curlx/fopen.c
index 333eff7de7..f330753162 100644
--- a/lib/curlx/fopen.c
+++ b/lib/curlx/fopen.c
@@ -158,8 +158,14 @@ static bool fix_excessive_path(const TCHAR *in, TCHAR **out)
       if(!temp)
         goto cleanup;
 
-      wcsncpy(temp, L"\\\\?\\UNC\\", 8);
-      wcscpy(temp + 8, fbuf + 2);
+      if(wcsncpy_s(temp, needed, L"\\\\?\\UNC\\", 8)) {
+        (free)(temp);
+        goto cleanup;
+      }
+      if(wcscpy_s(temp + 8, needed, fbuf + 2)) {
+        (free)(temp);
+        goto cleanup;
+      }
     }
     else {
       /* "\\?\" + full path + null */
@@ -171,8 +177,14 @@ static bool fix_excessive_path(const TCHAR *in, TCHAR **out)
       if(!temp)
         goto cleanup;
 
-      wcsncpy(temp, L"\\\\?\\", 4);
-      wcscpy(temp + 4, fbuf);
+      if(wcsncpy_s(temp, needed, L"\\\\?\\", 4)) {
+        (free)(temp);
+        goto cleanup;
+      }
+      if(wcscpy_s(temp + 4, needed, fbuf)) {
+        (free)(temp);
+        goto cleanup;
+      }
     }
 
     (free)(fbuf);

From 9e6f1c5efb7a70e1f33e467a738f3e3f652f3174 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Fri, 21 Nov 2025 12:43:54 +0100
Subject: [PATCH 0950/2408] build: add build-level `CURL_DISABLE_TYPECHECK`
 options

Usage:
- autotools: `--disable-typecheck` (or `--enable-typecheck` (default))
- cmake: `-DCURL_DISABLE_TYPECHECK=ON`.

To disable `curl_easy_setopt()`/`curl_easy_getinfo()` type checking with
supported (new) gcc and clang compilers. It is useful to improve build
performance for the `tests/libtest` target. In particular the CodeQL
analyzer may take above an hour to compile with type checking enabled,
and disabling it brings it down to seconds. On local machines it may
also cut build times in half when build testdeps, depending on platform
and compiler.

Other than these cases, we recommend leaving type checking enabled.

Ref: fdacf34aaeac79ad14fa48dcafae24a6de68823d #19632

Also:
- GHA/codeql: use it.
- test1165: check in `include/curl`.
- lib1912: delete stray todo comment.
- spelling and comment nits.

Closes #19637
---
 .github/workflows/codeql.yml |  6 +--
 CMakeLists.txt               |  4 +-
 configure.ac                 | 82 +++++++++++++++++++++++-------------
 docs/CURL-DISABLE.md         | 10 ++++-
 docs/INSTALL-CMAKE.md        |  3 +-
 include/curl/typecheck-gcc.h |  4 +-
 lib/curl_config.h.cmake      |  5 ++-
 tests/libtest/lib1912.c      |  3 +-
 tests/test1165.pl            |  3 +-
 9 files changed, 76 insertions(+), 44 deletions(-)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index c42d717735..9ee723cf73 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -108,8 +108,7 @@ jobs:
 
             # MultiSSL
             export PKG_CONFIG_PATH; PKG_CONFIG_PATH="$(brew --prefix c-ares)/lib/pkgconfig:$(brew --prefix mbedtls)/lib/pkgconfig:$(brew --prefix rustls-ffi)/lib/pkgconfig:$(brew --prefix gsasl)/lib/pkgconfig"
-            cmake -B _bld1 -G Ninja -DENABLE_DEBUG=ON \
-              -DCMAKE_C_FLAGS=-DCURL_DISABLE_TYPECHECK \
+            cmake -B _bld1 -G Ninja -DCURL_DISABLE_TYPECHECK=ON -DENABLE_DEBUG=ON \
               -DCURL_USE_GNUTLS=ON -DCURL_USE_MBEDTLS=ON -DCURL_USE_RUSTLS=ON -DCURL_USE_WOLFSSL=ON \
               -DUSE_LIBRTMP=ON -DCURL_USE_GSASL=ON -DCURL_USE_GSSAPI=ON -DUSE_SSLS_EXPORT=ON -DUSE_ECH=ON -DENABLE_ARES=ON \
               -DCURL_DISABLE_VERBOSE_STRINGS=ON
@@ -119,8 +118,7 @@ jobs:
 
             # HTTP/3
             export PKG_CONFIG_PATH; PKG_CONFIG_PATH="$(brew --prefix libnghttp3)/lib/pkgconfig:$(brew --prefix libngtcp2)/lib/pkgconfig:$(brew --prefix gsasl)/lib/pkgconfig"
-            cmake -B _bld2 -G Ninja \
-              -DCMAKE_C_FLAGS=-DCURL_DISABLE_TYPECHECK \
+            cmake -B _bld2 -G Ninja -DCURL_DISABLE_TYPECHECK=ON \
               -DCURL_USE_OPENSSL=ON -DOPENSSL_ROOT_DIR="$(brew --prefix openssl)" -DUSE_NGTCP2=ON \
               -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=ON \
               -DUSE_LIBRTMP=ON -DCURL_USE_GSASL=ON -DCURL_USE_GSSAPI=ON -DUSE_SSLS_EXPORT=ON
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 7de2162c6c..20336e097c 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -462,7 +462,7 @@ option(CURL_DISABLE_SMB "Disable SMB" OFF)
 mark_as_advanced(CURL_DISABLE_SMB)
 option(CURL_DISABLE_SMTP "Disable SMTP" OFF)
 mark_as_advanced(CURL_DISABLE_SMTP)
-option(CURL_DISABLE_SOCKETPAIR "Disable use of socketpair for curl_multi_poll" OFF)
+option(CURL_DISABLE_SOCKETPAIR "Disable use of socketpair for curl_multi_poll()" OFF)
 mark_as_advanced(CURL_DISABLE_SOCKETPAIR)
 option(CURL_DISABLE_WEBSOCKETS "Disable WebSocket" OFF)
 mark_as_advanced(CURL_DISABLE_WEBSOCKETS)
@@ -470,6 +470,8 @@ option(CURL_DISABLE_TELNET "Disable Telnet" OFF)
 mark_as_advanced(CURL_DISABLE_TELNET)
 option(CURL_DISABLE_TFTP "Disable TFTP" OFF)
 mark_as_advanced(CURL_DISABLE_TFTP)
+option(CURL_DISABLE_TYPECHECK "Disable curl_easy_setopt()/curl_easy_getinfo() type checking" OFF)
+mark_as_advanced(CURL_DISABLE_TYPECHECK)
 option(CURL_DISABLE_VERBOSE_STRINGS "Disable verbose strings" OFF)
 mark_as_advanced(CURL_DISABLE_VERBOSE_STRINGS)
 
diff --git a/configure.ac b/configure.ac
index 6c1b9c9ba6..d72b33d528 100644
--- a/configure.ac
+++ b/configure.ac
@@ -140,36 +140,37 @@ AC_SUBST(VERSIONNUM)
 
 dnl
 dnl initialize all the info variables
-    curl_ssl_msg="no      (--with-{openssl,gnutls,mbedtls,wolfssl,schannel,amissl,rustls} )"
-    curl_ssh_msg="no      (--with-{libssh,libssh2})"
-   curl_zlib_msg="no      (--with-zlib)"
- curl_brotli_msg="no      (--with-brotli)"
-   curl_zstd_msg="no      (--with-zstd)"
-    curl_gss_msg="no      (--with-gssapi)"
-  curl_gsasl_msg="no      (--with-gsasl)"
-curl_tls_srp_msg="no      (--enable-tls-srp)"
-    curl_res_msg="blocking (--enable-ares / --enable-threaded-resolver)"
-   curl_ipv6_msg="no      (--enable-ipv6)"
-curl_unix_sockets_msg="no      (--enable-unix-sockets)"
-    curl_idn_msg="no      (--with-{libidn2,winidn})"
-   curl_docs_msg="enabled (--disable-docs)"
- curl_manual_msg="no      (--enable-manual)"
-curl_libcurl_msg="enabled (--disable-libcurl-option)"
-curl_verbose_msg="enabled (--disable-verbose)"
-   curl_sspi_msg="no      (--enable-sspi)"
-   curl_ldap_msg="no      (--enable-ldap / --with-ldap-lib / --with-lber-lib)"
-  curl_ldaps_msg="no      (--enable-ldaps)"
-   curl_ipfs_msg="no      (--enable-ipfs)"
-   curl_rtsp_msg="no      (--enable-rtsp)"
-   curl_rtmp_msg="no      (--with-librtmp)"
-    curl_psl_msg="no      (--with-libpsl)"
- curl_altsvc_msg="enabled (--disable-alt-svc)"
-curl_headers_msg="enabled (--disable-headers-api)"
-   curl_hsts_msg="enabled (--disable-hsts)"
-    ssl_backends=
-     curl_h1_msg="enabled (internal)"
-     curl_h2_msg="no      (--with-nghttp2)"
-     curl_h3_msg="no      (--with-ngtcp2 --with-nghttp3, --with-quiche, --with-openssl-quic)"
+         curl_ssl_msg="no       (--with-{openssl,gnutls,mbedtls,wolfssl,schannel,amissl,rustls} )"
+         curl_ssh_msg="no       (--with-{libssh,libssh2})"
+        curl_zlib_msg="no       (--with-zlib)"
+      curl_brotli_msg="no       (--with-brotli)"
+        curl_zstd_msg="no       (--with-zstd)"
+         curl_gss_msg="no       (--with-gssapi)"
+       curl_gsasl_msg="no       (--with-gsasl)"
+     curl_tls_srp_msg="no       (--enable-tls-srp)"
+         curl_res_msg="blocking (--enable-ares / --enable-threaded-resolver)"
+        curl_ipv6_msg="no       (--enable-ipv6)"
+curl_unix_sockets_msg="no       (--enable-unix-sockets)"
+         curl_idn_msg="no       (--with-{libidn2,winidn})"
+        curl_docs_msg="enabled  (--disable-docs)"
+      curl_manual_msg="no       (--enable-manual)"
+     curl_libcurl_msg="enabled  (--disable-libcurl-option)"
+   curl_typecheck_msg="enabled  (--disable-typecheck)"
+     curl_verbose_msg="enabled  (--disable-verbose)"
+        curl_sspi_msg="no       (--enable-sspi)"
+        curl_ldap_msg="no       (--enable-ldap / --with-ldap-lib / --with-lber-lib)"
+       curl_ldaps_msg="no       (--enable-ldaps)"
+        curl_ipfs_msg="no       (--enable-ipfs)"
+        curl_rtsp_msg="no       (--enable-rtsp)"
+        curl_rtmp_msg="no       (--with-librtmp)"
+         curl_psl_msg="no       (--with-libpsl)"
+      curl_altsvc_msg="enabled  (--disable-alt-svc)"
+     curl_headers_msg="enabled  (--disable-headers-api)"
+        curl_hsts_msg="enabled  (--disable-hsts)"
+         ssl_backends=
+          curl_h1_msg="enabled  (internal)"
+          curl_h2_msg="no       (--with-nghttp2)"
+          curl_h3_msg="no       (--with-ngtcp2 --with-nghttp3, --with-quiche, --with-openssl-quic)"
 
 enable_altsvc="yes"
 hsts="yes"
@@ -4345,6 +4346,26 @@ AC_CHECK_HEADER(dirent.h,
 
 CURL_CONVERT_INCLUDE_TO_ISYSTEM
 
+dnl ************************************************************
+dnl disable curl_easy_setopt()/curl_easy_getinfo() type checking
+dnl
+AC_MSG_CHECKING([whether to enable curl_easy_setopt()/curl_easy_getinfo() type checking])
+AC_ARG_ENABLE(typecheck,
+AS_HELP_STRING([--enable-typecheck],[Enable type checking (default)])
+AS_HELP_STRING([--disable-typecheck],[Disable type checking]),
+[ case "$enableval" in
+  no)
+    AC_MSG_RESULT(no)
+    AC_DEFINE(CURL_DISABLE_TYPECHECK, 1, [to disable type checking])
+    curl_typecheck_msg="no"
+    ;;
+  *)
+    AC_MSG_RESULT(yes)
+    ;;
+  esac ],
+    AC_MSG_RESULT(yes)
+)
+
 dnl ************************************************************
 dnl disable verbose text strings
 dnl
@@ -5521,6 +5542,7 @@ AC_MSG_NOTICE([Configured to build curl/libcurl:
   Build libcurl:    Shared=${enable_shared}, Static=${enable_static}
   Built-in manual:  ${curl_manual_msg}
   --libcurl option: ${curl_libcurl_msg}
+  Type checking:    ${curl_typecheck_msg}
   Verbose errors:   ${curl_verbose_msg}
   Code coverage:    ${curl_coverage_msg}
   SSPI:             ${curl_sspi_msg}
diff --git a/docs/CURL-DISABLE.md b/docs/CURL-DISABLE.md
index 63de4026a6..c266f0c0ad 100644
--- a/docs/CURL-DISABLE.md
+++ b/docs/CURL-DISABLE.md
@@ -68,8 +68,8 @@ Disable the FTP (and FTPS) protocol
 
 ## `CURL_DISABLE_GETOPTIONS`
 
-Disable the `curl_easy_options` API calls that lets users get information
-about existing options to `curl_easy_setopt`.
+Disable the `curl_easy_options()` API calls that lets users get information
+about existing options to `curl_easy_setopt()`.
 
 ## `CURL_DISABLE_GOPHER`
 
@@ -182,6 +182,12 @@ Disable the TELNET protocol
 
 Disable the TFTP protocol
 
+## `CURL_DISABLE_TYPECHECK`
+
+Disable `curl_easy_setopt()`/`curl_easy_getinfo()` type checking.
+
+Useful to improve build performance for the `tests/libtest` test tool.
+
 ## `CURL_DISABLE_VERBOSE_STRINGS`
 
 Disable verbose strings and error messages.
diff --git a/docs/INSTALL-CMAKE.md b/docs/INSTALL-CMAKE.md
index 9921fbf12c..bd9555b614 100644
--- a/docs/INSTALL-CMAKE.md
+++ b/docs/INSTALL-CMAKE.md
@@ -317,10 +317,11 @@ target_link_libraries(my_target PRIVATE CURL::libcurl)
 - `CURL_DISABLE_SHUFFLE_DNS`:               Disable shuffle DNS feature. Default: `OFF`
 - `CURL_DISABLE_SMB`:                       Disable SMB. Default: `OFF`
 - `CURL_DISABLE_SMTP`:                      Disable SMTP. Default: `OFF`
-- `CURL_DISABLE_SOCKETPAIR`:                Disable use of socketpair for curl_multi_poll. Default: `OFF`
+- `CURL_DISABLE_SOCKETPAIR`:                Disable use of socketpair for curl_multi_poll(). Default: `OFF`
 - `CURL_DISABLE_SRP`:                       Disable TLS-SRP support. Default: `OFF`
 - `CURL_DISABLE_TELNET`:                    Disable Telnet. Default: `OFF`
 - `CURL_DISABLE_TFTP`:                      Disable TFTP. Default: `OFF`
+- `CURL_DISABLE_TYPECHECK`:                 Disable curl_easy_setopt()/curl_easy_getinfo() type checking. Default: `OFF`
 - `CURL_DISABLE_VERBOSE_STRINGS`:           Disable verbose strings. Default: `OFF`
 - `CURL_DISABLE_WEBSOCKETS`:                Disable WebSocket. Default: `OFF`
 - `HTTP_ONLY`:                              Disable all protocols except HTTP (This overrides all `CURL_DISABLE_*` options). Default: `OFF`
diff --git a/include/curl/typecheck-gcc.h b/include/curl/typecheck-gcc.h
index 063cea57e6..bf03e0d935 100644
--- a/include/curl/typecheck-gcc.h
+++ b/include/curl/typecheck-gcc.h
@@ -24,7 +24,7 @@
  *
  ***************************************************************************/
 
-/* wraps curl_easy_setopt() with typechecking */
+/* wraps curl_easy_setopt() with type checking */
 
 /* To add a new kind of warning, add an
  *   if(curlcheck_sometype_option(_curl_opt))
@@ -159,7 +159,7 @@
       curl_easy_setopt(handle, option, value);                          \
     })
 
-/* wraps curl_easy_getinfo() with typechecking */
+/* wraps curl_easy_getinfo() with type checking */
 #define curl_easy_getinfo(handle, info, arg)                            \
   __extension__({                                                       \
       if(__builtin_constant_p(info)) {                                  \
diff --git a/lib/curl_config.h.cmake b/lib/curl_config.h.cmake
index 88b991d7ef..acbb428575 100644
--- a/lib/curl_config.h.cmake
+++ b/lib/curl_config.h.cmake
@@ -151,7 +151,7 @@
 /* disabled WebSocket */
 #cmakedefine CURL_DISABLE_WEBSOCKETS 1
 
-/* disables use of socketpair for curl_multi_poll */
+/* disables use of socketpair for curl_multi_poll() */
 #cmakedefine CURL_DISABLE_SOCKETPAIR 1
 
 /* disables TELNET */
@@ -160,6 +160,9 @@
 /* disables TFTP */
 #cmakedefine CURL_DISABLE_TFTP 1
 
+/* disables curl_easy_setopt()/curl_easy_getinfo() type checking */
+#cmakedefine CURL_DISABLE_TYPECHECK 1
+
 /* disables verbose strings */
 #cmakedefine CURL_DISABLE_VERBOSE_STRINGS 1
 
diff --git a/tests/libtest/lib1912.c b/tests/libtest/lib1912.c
index dd3e638816..0dd246e461 100644
--- a/tests/libtest/lib1912.c
+++ b/tests/libtest/lib1912.c
@@ -31,7 +31,7 @@
 
 static CURLcode test_lib1912(const char *URL)
 {
-/* Only test if GCC typechecking is available */
+/* Only test if GCC/clang type checking is available */
   int error = 0;
 #ifdef CURLINC_TYPECHECK_GCC_H
   const struct curl_easyoption *o;
@@ -73,7 +73,6 @@ static CURLcode test_lib1912(const char *URL)
       print_err(o->name, "CURLOT_OBJECT");
       error++;
     }
-    /* Todo: no gcc typecheck for CURLOPTTYPE_BLOB types? */
   }
 #endif
   (void)URL;
diff --git a/tests/test1165.pl b/tests/test1165.pl
index 654a2ad642..049b764647 100755
--- a/tests/test1165.pl
+++ b/tests/test1165.pl
@@ -86,7 +86,7 @@ sub scan_cmake_config_h {
     scanconf_cmake(\%disable_cmake_config_h, "$root/lib/curl_config.h.cmake");
 }
 
-my %whitelisted = ("CURL_DISABLE_TYPECHECK" => 1);
+my %whitelisted = ('CURL_DISABLE_DEPRECATION' => 1);
 
 sub scan_file {
     my ($source)=@_;
@@ -114,6 +114,7 @@ sub scan_dir {
 }
 
 sub scan_sources {
+    scan_dir("$root/include/curl");
     scan_dir("$root/src");
     scan_dir("$root/lib");
     scan_dir("$root/lib/vtls");

From 6aa8fa3fdfdb1a0d4d022cc04e478f13e2b6b880 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Fri, 21 Nov 2025 13:06:00 +0100
Subject: [PATCH 0951/2408] apple-sectrust: always ask when `native_ca_store`
 is in use

When OpenSSL fails to verify the peer certificate, we checked for
one specific reason code and did not ask Apple SecTrust for any
other failure.

Always ask Apple SecTrust after OpenSSL fails when the `native_ca_store`
is enabled. If the user configures a CAfile or CApath, the native store
is disabled, so this does not affect use cases where users asks curl
to use a specific set of trust anchors.

Do the same for GnuTLS

Fixes #19636
Reported-by: ffath-vo on github
Closes #19638
---
 lib/vtls/gtls.c    | 3 +--
 lib/vtls/openssl.c | 4 +---
 2 files changed, 2 insertions(+), 5 deletions(-)

diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index dbb442f363..55a75fa721 100644
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -1687,8 +1687,7 @@ Curl_gtls_verifyserver(struct Curl_cfilter *cf,
       infof(data, "  SSL certificate verified by GnuTLS");
 
 #ifdef USE_APPLE_SECTRUST
-    if(!verified && ssl_config->native_ca_store &&
-       (verify_status & GNUTLS_CERT_SIGNER_NOT_FOUND)) {
+    if(!verified && ssl_config->native_ca_store) {
       result = glts_apple_verify(cf, data, peer, &chain, &verified);
       if(result && (result != CURLE_PEER_FAILED_VERIFICATION))
         goto out; /* unexpected error */
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 5d35ba1a15..8991d965d9 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -4829,9 +4829,7 @@ CURLcode Curl_ossl_check_peer_cert(struct Curl_cfilter *cf,
     infof(data, "SSL certificate verified via OpenSSL.");
 
 #ifdef USE_APPLE_SECTRUST
-  if(!verified &&
-     conn_config->verifypeer && ssl_config->native_ca_store &&
-     (ossl_verify == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY)) {
+  if(!verified && conn_config->verifypeer && ssl_config->native_ca_store) {
     /* we verify using Apple SecTrust *unless* OpenSSL already verified.
      * This may happen if the application intercepted the OpenSSL callback
      * and installed its own. */

From 047b36d7a698c952b7d76ea3ce303a3d58ae637a Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Fri, 21 Nov 2025 14:34:31 +0100
Subject: [PATCH 0952/2408] smb: fix a size check to be overflow safe

In smb_send_message, although it could never actually overflow it might
as well be done correctly. Also do the check earlier.

Closes #19640
---
 lib/smb.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib/smb.c b/lib/smb.c
index 2aa8e96644..4ef35c295d 100644
--- a/lib/smb.c
+++ b/lib/smb.c
@@ -668,12 +668,12 @@ static CURLcode smb_send_message(struct Curl_easy *data,
                                  unsigned char cmd,
                                  const void *msg, size_t msg_len)
 {
-  smb_format_message(smbc, req, (struct smb_header *)smbc->send_buf,
-                     cmd, msg_len);
-  if((sizeof(struct smb_header) + msg_len) > MAX_MESSAGE_SIZE) {
+  if((MAX_MESSAGE_SIZE - sizeof(struct smb_header)) < msg_len) {
     DEBUGASSERT(0);
     return CURLE_SEND_ERROR;
   }
+  smb_format_message(smbc, req, (struct smb_header *)smbc->send_buf,
+                     cmd, msg_len);
   memcpy(smbc->send_buf + sizeof(struct smb_header), msg, msg_len);
 
   return smb_send(data, smbc, sizeof(struct smb_header) + msg_len, 0);

From e2be5689744716b63477d2e250b53fcac1f8c3b4 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Thu, 20 Nov 2025 10:58:54 +0100
Subject: [PATCH 0953/2408] multi: make max_total_* members size_t

Check size_t conversion on setting these members via CURLMIPT_*. Use
members without casting.

Closes #19618
---
 lib/cshutdn.c        |  3 +--
 lib/curl_setup.h     |  3 +++
 lib/curlx/warnless.c | 12 ++++++++++++
 lib/curlx/warnless.h |  4 ++++
 lib/multi.c          |  6 ++++--
 lib/multihandle.h    |  9 ++++-----
 lib/url.c            |  2 +-
 7 files changed, 29 insertions(+), 10 deletions(-)

diff --git a/lib/cshutdn.c b/lib/cshutdn.c
index f9f636640a..e039d02762 100644
--- a/lib/cshutdn.c
+++ b/lib/cshutdn.c
@@ -414,8 +414,7 @@ void Curl_cshutdn_add(struct cshutdn *cshutdn,
                       size_t conns_in_pool)
 {
   struct Curl_easy *data = cshutdn->multi->admin;
-  size_t max_total = (cshutdn->multi->max_total_connections > 0) ?
-                     (size_t)cshutdn->multi->max_total_connections : 0;
+  size_t max_total = cshutdn->multi->max_total_connections;
 
   /* Add the connection to our shutdown list for non-blocking shutdown
    * during multi processing. */
diff --git a/lib/curl_setup.h b/lib/curl_setup.h
index 05e6149f61..d75de9416c 100644
--- a/lib/curl_setup.h
+++ b/lib/curl_setup.h
@@ -627,6 +627,9 @@
 #endif
 #endif
 
+#if SIZEOF_LONG > SIZEOF_SIZE_T
+#error "unexpected: 'long' is larger than 'size_t'"
+#endif
 /*
  * Arg 2 type for gethostname in case it has not been defined in config file.
  */
diff --git a/lib/curlx/warnless.c b/lib/curlx/warnless.c
index 5ed27b3e4c..fafa83c98c 100644
--- a/lib/curlx/warnless.c
+++ b/lib/curlx/warnless.c
@@ -333,6 +333,18 @@ bool curlx_sotouz_fits(curl_off_t sonum, size_t *puznum)
   return TRUE;
 }
 
+
+bool curlx_sltouz(long slnum, size_t *puznum)
+{
+  if(slnum < 0) {
+    *puznum = 0;
+    return FALSE;
+  }
+  /* We error in curl_setup.h if SIZEOF_LONG > SIZEOF_SIZE_T */
+  *puznum = (size_t)slnum;
+  return TRUE;
+}
+
 curl_off_t curlx_uztoso(size_t uznum)
 {
 #if SIZEOF_SIZE_T >= SIZEOF_CURL_OFF_T
diff --git a/lib/curlx/warnless.h b/lib/curlx/warnless.h
index c8861d8488..52e7ec2a5c 100644
--- a/lib/curlx/warnless.h
+++ b/lib/curlx/warnless.h
@@ -73,6 +73,10 @@ bool curlx_sztouz(ssize_t sznum, size_t *puznum);
  * too large and set 0 */
 bool curlx_sotouz_fits(curl_off_t sonum, size_t *puznum);
 
+/* Convert a long to size_t, return FALSE if negative or too large
+ * and set 0 */
+bool curlx_sltouz(long sznum, size_t *puznum);
+
 #ifdef _WIN32
 #undef  read
 #define read(fd, buf, count)  (ssize_t)_read(fd, buf, curlx_uztoui(count))
diff --git a/lib/multi.c b/lib/multi.c
index c52ee54c77..3fc1c948f5 100644
--- a/lib/multi.c
+++ b/lib/multi.c
@@ -3271,10 +3271,12 @@ CURLMcode curl_multi_setopt(CURLM *m,
       multi->maxconnects = (unsigned int)uarg;
     break;
   case CURLMOPT_MAX_HOST_CONNECTIONS:
-    multi->max_host_connections = va_arg(param, long);
+    if(!curlx_sltouz(va_arg(param, long), &multi->max_host_connections))
+      res = CURLM_BAD_FUNCTION_ARGUMENT;
     break;
   case CURLMOPT_MAX_TOTAL_CONNECTIONS:
-    multi->max_total_connections = va_arg(param, long);
+    if(!curlx_sltouz(va_arg(param, long), &multi->max_total_connections))
+      res = CURLM_BAD_FUNCTION_ARGUMENT;
     break;
     /* options formerly used for pipelining */
   case CURLMOPT_MAX_PIPELINE_LENGTH:
diff --git a/lib/multihandle.h b/lib/multihandle.h
index 69f977bb94..fbb8bdfeeb 100644
--- a/lib/multihandle.h
+++ b/lib/multihandle.h
@@ -149,11 +149,10 @@ struct Curl_multi {
   struct cshutdn cshutdn; /* connection shutdown handling */
   struct cpool cpool;     /* connection pool (bundles) */
 
-  long max_host_connections; /* if >0, a fixed limit of the maximum number
-                                of connections per host */
-
-  long max_total_connections; /* if >0, a fixed limit of the maximum number
-                                 of connections in total */
+  size_t max_host_connections; /* if >0, a fixed limit of the maximum number
+                                  of connections per host */
+  size_t max_total_connections; /* if >0, a fixed limit of the maximum number
+                                   of connections in total */
 
   /* timer callback and user data pointer for the *socket() API */
   curl_multi_timer_callback timer_cb;
diff --git a/lib/url.c b/lib/url.c
index b4069e30f1..7e4d455a8c 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -3690,7 +3690,7 @@ static CURLcode create_conn(struct Curl_easy *data,
           CURL_TRC_M(data, "Allowing sub-requests (like DoH) to override "
                      "max connection limit");
         else {
-          infof(data, "No connections available, total of %ld reached.",
+          infof(data, "No connections available, total of %zu reached.",
                 data->multi->max_total_connections);
           connections_available = FALSE;
         }

From a439fc0e372c3de7df3b8ae3ca7752bc3cbca826 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Thu, 20 Nov 2025 05:59:59 +0000
Subject: [PATCH 0954/2408] GHA: update gnutls/gnutls to 3.8.11 from 3.8.10

Closes #19613
---
 .github/workflows/http3-linux.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml
index 223c6afbf4..10aac5e0c6 100644
--- a/.github/workflows/http3-linux.yml
+++ b/.github/workflows/http3-linux.yml
@@ -47,7 +47,7 @@ env:
   # renovate: datasource=github-tags depName=google/boringssl versioning=semver registryUrl=https://github.com
   BORINGSSL_VERSION: 0.20251110.0
   # renovate: datasource=github-tags depName=gnutls/gnutls versioning=semver registryUrl=https://github.com
-  GNUTLS_VERSION: 3.8.10
+  GNUTLS_VERSION: 3.8.11
   # renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?.+)-stable$ registryUrl=https://github.com
   WOLFSSL_VERSION: 5.8.4
   # renovate: datasource=github-tags depName=ngtcp2/nghttp3 versioning=semver registryUrl=https://github.com

From acfcc2b28806a1be7e027205673b1a33618ddfb5 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Fri, 21 Nov 2025 15:57:17 +0100
Subject: [PATCH 0955/2408] checksrc: ban `_tcsncpy`, `wcscpy`, `wcsncpy`

Follow-up to eaa7651374898cef89e5783b0219bdffcc0eb60e #19589

Closes #19641
---
 scripts/checksrc.pl | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/scripts/checksrc.pl b/scripts/checksrc.pl
index c9f008f1a1..88db59f116 100755
--- a/scripts/checksrc.pl
+++ b/scripts/checksrc.pl
@@ -78,11 +78,14 @@ my %banfunc = (
     "_mbsncat" => 1,
     "_tcscat" => 1,
     "_tcsdup" => 1,
+    "_tcsncpy" => 1,
     "_tcsncat" => 1,
     "_wcscat" => 1,
     "_wcsncat" => 1,
     "_wcsdup" => 1,
     "wcsdup" => 1,
+    "wcscpy" => 1,
+    "wcsncpy" => 1,
     "LoadLibrary" => 1,
     "LoadLibraryA" => 1,
     "LoadLibraryW" => 1,

From 18b94293133c1e035b5ac5b4fde854d1f17418a3 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 18 Nov 2025 01:48:04 +0100
Subject: [PATCH 0956/2408] curlx: replace `mbstowcs`/`wcstombs` with `_s`
 counterparts (Windows)

They are used in Windows-specific `fopen()`, `freopen`, `open()` and
`curlx_get_winapi_error()` calls, and in `fix_excessive_path()` in
Unicode builds.

Refs:
https://learn.microsoft.com/cpp/c-runtime-library/reference/mbstowcs-mbstowcs-l
https://learn.microsoft.com/cpp/c-runtime-library/reference/mbstowcs-s-mbstowcs-s-l
https://learn.microsoft.com/cpp/c-runtime-library/reference/wcstombs-wcstombs-l
https://learn.microsoft.com/cpp/c-runtime-library/reference/wcstombs-s-wcstombs-s-l

Also ban these functions via checksrc.

Co-authored-by: Jay Satiro

Closes #19581
---
 lib/curl_setup.h    |  3 +--
 lib/curlx/fopen.c   | 22 ++++++++++++----------
 lib/curlx/winapi.c  | 30 +++++++++++++-----------------
 scripts/checksrc.pl |  2 ++
 4 files changed, 28 insertions(+), 29 deletions(-)

diff --git a/lib/curl_setup.h b/lib/curl_setup.h
index d75de9416c..db438a8b0a 100644
--- a/lib/curl_setup.h
+++ b/lib/curl_setup.h
@@ -97,8 +97,7 @@
 #ifndef _CRT_SECURE_NO_WARNINGS
 #define _CRT_SECURE_NO_WARNINGS  /* for __sys_errlist, __sys_nerr, _open(),
                                     _wfopen(), _wopen(), fopen(), freopen(),
-                                    getenv(), gmtime(), mbstowcs(), sprintf(),
-                                    strcpy(), wcstombs(),
+                                    getenv(), gmtime(), sprintf(), strcpy(),
                                     in tests: localtime(), open(), sscanf() */
 #endif
 #endif /* _MSC_VER */
diff --git a/lib/curlx/fopen.c b/lib/curlx/fopen.c
index f330753162..dc1c2bb4e6 100644
--- a/lib/curlx/fopen.c
+++ b/lib/curlx/fopen.c
@@ -97,15 +97,16 @@ static bool fix_excessive_path(const TCHAR *in, TCHAR **out)
 
 #ifndef _UNICODE
   /* convert multibyte input to unicode */
-  needed = mbstowcs(NULL, in, 0);
-  if(needed == (size_t)-1 || needed >= max_path_len)
+  if(mbstowcs_s(&needed, NULL, 0, in, 0))
+    goto cleanup;
+  if(!needed || needed >= max_path_len)
     goto cleanup;
-  ++needed; /* for NUL */
   ibuf = (malloc)(needed * sizeof(wchar_t));
   if(!ibuf)
     goto cleanup;
-  count = mbstowcs(ibuf, in, needed);
-  if(count == (size_t)-1 || count >= needed)
+  if(mbstowcs_s(&count, ibuf, needed, in, needed - 1))
+    goto cleanup;
+  if(count != needed)
     goto cleanup;
   in_w = ibuf;
 #else
@@ -193,15 +194,16 @@ static bool fix_excessive_path(const TCHAR *in, TCHAR **out)
 
 #ifndef _UNICODE
   /* convert unicode full path to multibyte output */
-  needed = wcstombs(NULL, fbuf, 0);
-  if(needed == (size_t)-1 || needed >= max_path_len)
+  if(wcstombs_s(&needed, NULL, 0, fbuf, 0))
+    goto cleanup;
+  if(!needed || needed >= max_path_len)
     goto cleanup;
-  ++needed; /* for NUL */
   obuf = (malloc)(needed);
   if(!obuf)
     goto cleanup;
-  count = wcstombs(obuf, fbuf, needed);
-  if(count == (size_t)-1 || count >= needed)
+  if(wcstombs_s(&count, obuf, needed, fbuf, needed - 1))
+    goto cleanup;
+  if(count != needed)
     goto cleanup;
   *out = obuf;
   obuf = NULL;
diff --git a/lib/curlx/winapi.c b/lib/curlx/winapi.c
index 2dc277c1c1..7b3d6b6036 100644
--- a/lib/curlx/winapi.c
+++ b/lib/curlx/winapi.c
@@ -52,6 +52,7 @@ const char *curlx_get_winapi_error(DWORD err, char *buf, size_t buflen)
 {
   char *p;
   wchar_t wbuf[256];
+  DWORD wlen;
 
   if(!buflen)
     return NULL;
@@ -62,23 +63,18 @@ const char *curlx_get_winapi_error(DWORD err, char *buf, size_t buflen)
   /* We return the local codepage version of the error string because if it is
      output to the user's terminal it will likely be with functions which
      expect the local codepage (eg fprintf, failf, infof). */
-  if(FormatMessageW((FORMAT_MESSAGE_FROM_SYSTEM |
-                     FORMAT_MESSAGE_IGNORE_INSERTS), NULL, err,
-                    LANG_NEUTRAL, wbuf, CURL_ARRAYSIZE(wbuf), NULL)) {
-    size_t written = wcstombs(buf, wbuf, buflen - 1);
-    if(written != (size_t)-1)
-      buf[written] = '\0';
-    else
-      *buf = '\0';
-  }
-
-  /* Truncate multiple lines */
-  p = strchr(buf, '\n');
-  if(p) {
-    if(p > buf && *(p-1) == '\r')
-      *(p-1) = '\0';
-    else
-      *p = '\0';
+  wlen = FormatMessageW((FORMAT_MESSAGE_FROM_SYSTEM |
+                         FORMAT_MESSAGE_IGNORE_INSERTS), NULL, err,
+                        LANG_NEUTRAL, wbuf, CURL_ARRAYSIZE(wbuf), NULL);
+  if(wlen && !wcstombs_s(NULL, buf, buflen, wbuf, wlen)) {
+    /* Truncate multiple lines */
+    p = strchr(buf, '\n');
+    if(p) {
+      if(p > buf && *(p-1) == '\r')
+        *(p-1) = '\0';
+      else
+        *p = '\0';
+    }
   }
 
   return *buf ? buf : NULL;
diff --git a/scripts/checksrc.pl b/scripts/checksrc.pl
index 88db59f116..a2f458b6c1 100755
--- a/scripts/checksrc.pl
+++ b/scripts/checksrc.pl
@@ -86,6 +86,8 @@ my %banfunc = (
     "wcsdup" => 1,
     "wcscpy" => 1,
     "wcsncpy" => 1,
+    "mbstowcs" => 1,
+    "wcstombs" => 1,
     "LoadLibrary" => 1,
     "LoadLibraryA" => 1,
     "LoadLibraryW" => 1,

From 905b718de3fb9287c7c0037b2737aa395f01ad3c Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Fri, 21 Nov 2025 16:53:51 +0100
Subject: [PATCH 0957/2408] Revert "GHA: update gnutls/gnutls to 3.8.11 from
 3.8.10"

This reverts commit a439fc0e372c3de7df3b8ae3ca7752bc3cbca826.

It requires a version of libnettle that is not included in these Ubuntu
versions: "Libnettle 3.10 was not found"

Closes #19642
---
 .github/workflows/http3-linux.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml
index 10aac5e0c6..223c6afbf4 100644
--- a/.github/workflows/http3-linux.yml
+++ b/.github/workflows/http3-linux.yml
@@ -47,7 +47,7 @@ env:
   # renovate: datasource=github-tags depName=google/boringssl versioning=semver registryUrl=https://github.com
   BORINGSSL_VERSION: 0.20251110.0
   # renovate: datasource=github-tags depName=gnutls/gnutls versioning=semver registryUrl=https://github.com
-  GNUTLS_VERSION: 3.8.11
+  GNUTLS_VERSION: 3.8.10
   # renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?.+)-stable$ registryUrl=https://github.com
   WOLFSSL_VERSION: 5.8.4
   # renovate: datasource=github-tags depName=ngtcp2/nghttp3 versioning=semver registryUrl=https://github.com

From 7d75c728a65be961c63169fcf9f307c3324e440b Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Thu, 20 Nov 2025 23:57:04 +0100
Subject: [PATCH 0958/2408] KNOWN_RISKS: known risks when running and using
 curl and libcurl

Closes #19631
---
 docs/KNOWN_RISKS.md | 138 ++++++++++++++++++++++++++++++++++++++++++++
 docs/Makefile.am    |   1 +
 2 files changed, 139 insertions(+)
 create mode 100644 docs/KNOWN_RISKS.md

diff --git a/docs/KNOWN_RISKS.md b/docs/KNOWN_RISKS.md
new file mode 100644
index 0000000000..3773b94f86
--- /dev/null
+++ b/docs/KNOWN_RISKS.md
@@ -0,0 +1,138 @@
+
+
+# Known Risks
+
+This is an incomplete list of known risks when running and using curl and
+libcurl.
+
+## Insecure transfers
+
+When using curl to perform transfers with protocols that are insecure or the
+server identity is unverified, everything that is sent and received can be
+intercepted by eavesdroppers and the servers can easily be spoofed by
+impostors.
+
+## Untrusted input
+
+You should **never** run curl command lines or use curl config files provided
+to you from untrusted sources.
+
+curl can do a lot of things, and you should only ask it do things you want and
+deem correct.
+
+Even just accepting just the URL part without careful vetting might make curl
+do things you do not like. Like accessing internal hosts, like connecting to
+rogue servers that redirect to even weirder places, like using ports or
+protocols that play tricks on you.
+
+## Command line misuse
+
+The command line tool and its options should be used and be expected to work
+as documented. Relying on undocumented functions or side-effects is unreliable
+as they may cause problems or get changed behavior between releases.
+
+For several command line options, you can confuse either curl or the involved
+server endpoint by using characters or byte sequences for the option that are
+not expected. For example, adding line feeds and/or carriage returns to inputs
+can produce unexpected, invalid, or insecure results.
+
+## API misuse
+
+Applications using the libcurl API in a way that is not documented to work or
+even documented to not work, is unsafe and might cause security problems. We
+only guarantee secure and proper functionality when the APIs are used as
+documented.
+
+## Local attackers already present
+
+When there is a local attacker present locally, curl cannot prevent such an
+adversary to use curl's full potential. Possibly in malicious ways.
+
+## Remote attackers already present
+
+When there is a remote attacker already present in the server, curl cannot
+protect its operations against mischief. For example, if an attacker manages
+to insert a symlink in your remote upload directory the upload may cause
+havoc. Maybe the attacker makes certain responses come back with unexpected
+content.
+
+## Debug & Experiments
+
+We encourage users to test curl experiments and use debug code, but only in
+controlled environments and setups - never in production.
+
+Using debug builds and experimental curl features in production is a security
+risk. Do not do that.
+
+The same applies to scripts and software which are not installed by default
+through the make install rule: they are not intended or made for production
+use.
+
+## URL inconsistencies
+
+URL parser inconsistencies between browsers and curl are expected and are not
+considered security vulnerabilities. The WHATWG URL Specification and RFC
+3986+ (the plus meaning that it is an extended version) [are not completely
+interoperable](https://github.com/bagder/docs/blob/master/URL-interop.md).
+
+You must never expect two independent URL parsers to treat every URL
+identically.
+
+## Visible command line arguments
+
+The curl command blanks the contents of a number of command line arguments to
+prevent them from appearing in process listings. It does not blank all
+arguments, even though some that are not blanked might contain sensitive data.
+
+ - not all systems allow the arguments to be blanked in the first place
+ - since curl blanks the argument itself they are readable for a short moment
+   no matter what
+ - virtually every argument can contain sensitive data, depending on use
+ - blanking all arguments would make it impractical for users to differentiate
+   curl command lines in process listings
+
+## HTTP headers in redirects
+
+It is powerful to provide a set of custom headers to curl. Beware that when
+asking curl to follow HTTP redirects, it also sends those headers to the new
+URL which might be a different server. That might do another redirect etc.
+
+curl makes some limited attempts to not leak credentials this way when set
+using the standard curl options, but when you pass on custom headers curl
+cannot know what headers or details in those headers are sensitive.
+
+## Verbose logs
+
+When asked to provide verbose output and trace logging, curl may output and
+show details that are private and sensitive. Like for example raw credentials
+or the password weakly disguised using base64 encoding.
+
+## Terminal output and escape sequences
+
+Content that is transferred from a server and gets displayed in a terminal by
+curl may contain escape sequences or use other tricks to fool the user. Escape
+sequences, moving cursor, changing color etc, is also frequently used for
+good. To reduce the risk of getting fooled, save files and browse them after
+download using a display method that minimizes risks.
+
+## Legacy dependencies
+
+Every curl build is made to use a range of third party libraries. Each third
+party library also needs to be safe and secure for the entire operation to be
+risk-free.
+
+Relying on legacy dependencies is a risk.
+
+## Weak algorithms
+
+curl supports several cryptographic algorithms that are considered weak, like
+DES and MD5. These algorithms are still in use because some protocols and
+transfer options require use of them. For example NTLM or legacy HTTP Digest
+authentication.
+
+curl users should consider switching to servers and options that use modern
+and secure algorithms.
diff --git a/docs/Makefile.am b/docs/Makefile.am
index 65ba28c0eb..5349c63cc2 100644
--- a/docs/Makefile.am
+++ b/docs/Makefile.am
@@ -108,6 +108,7 @@ EXTRA_DIST =                                    \
  INTERNALS.md                                   \
  IPFS.md                                        \
  KNOWN_BUGS                                     \
+ KNOWN_RISKS.md                                 \
  MAIL-ETIQUETTE.md                              \
  MANUAL.md                                      \
  options-in-versions                            \

From 4ebef2f0d9e3d14c31bdc342235863ef30bdf7d1 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Sat, 22 Nov 2025 18:03:40 +0100
Subject: [PATCH 0959/2408] tool_operate: fix case of ignoring return code in
 single_transfer

When glob_url() returns error, stop.

Closes #19649
---
 src/tool_operate.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/tool_operate.c b/src/tool_operate.c
index b969375422..eea5ff37a2 100644
--- a/src/tool_operate.c
+++ b/src/tool_operate.c
@@ -1199,7 +1199,7 @@ static CURLcode single_transfer(struct OperationConfig *config,
     if(u->infile) {
       if(!config->globoff && !glob_inuse(&state->inglob))
         result = glob_url(&state->inglob, u->infile, &state->upnum, err);
-      if(!state->uploadfile) {
+      if(!result && !state->uploadfile) {
         if(glob_inuse(&state->inglob))
           result = glob_next_url(&state->uploadfile, &state->inglob);
         else if(!state->upidx) {

From 36b9987acbc42734b1dab0e3f96d64aba1350839 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Sat, 22 Nov 2025 19:09:42 +0100
Subject: [PATCH 0960/2408] tool_operate: fix a case of ignoring return code in
 operate()

If get_args() returns error, do not overwrite the variable in the next
call.

Also, avoid allocating memory for the default user-agent.

Closes #19650
---
 src/config2setopts.c |  4 +++-
 src/tool_operate.c   | 20 +++++++++++---------
 src/tool_paramhlp.c  | 17 -----------------
 3 files changed, 14 insertions(+), 27 deletions(-)

diff --git a/src/config2setopts.c b/src/config2setopts.c
index 154319231f..d3bd39c864 100644
--- a/src/config2setopts.c
+++ b/src/config2setopts.c
@@ -37,6 +37,7 @@
 #include "tool_cb_see.h"
 #include "tool_cb_dbg.h"
 #include "tool_helpers.h"
+#include "tool_version.h"
 
 #define BUFFER_SIZE 102400L
 
@@ -874,7 +875,8 @@ CURLcode config2setopts(struct OperationConfig *config,
 
   if(proto_http || proto_rtsp) {
     MY_SETOPT_STR(curl, CURLOPT_REFERER, config->referer);
-    MY_SETOPT_STR(curl, CURLOPT_USERAGENT, config->useragent);
+    MY_SETOPT_STR(curl, CURLOPT_USERAGENT, config->useragent ?
+                  config->useragent : CURL_NAME "/" CURL_VERSION);
   }
 
   if(use_proto == proto_http || use_proto == proto_https) {
diff --git a/src/tool_operate.c b/src/tool_operate.c
index eea5ff37a2..69cfef96d7 100644
--- a/src/tool_operate.c
+++ b/src/tool_operate.c
@@ -2321,17 +2321,19 @@ CURLcode operate(int argc, argv_item_t argv[])
             operation = operation->next;
           } while(!result && operation);
 
-          /* Set the current operation pointer */
-          global->current = global->first;
+          if(!result) {
+            /* Set the current operation pointer */
+            global->current = global->first;
 
-          /* now run! */
-          result = run_all_transfers(share, result);
+            /* now run! */
+            result = run_all_transfers(share, result);
 
-          if(global->ssl_sessions && feature_ssls_export) {
-            CURLcode r2 = tool_ssls_save(global->first, share,
-                                         global->ssl_sessions);
-            if(r2 && !result)
-              result = r2;
+            if(global->ssl_sessions && feature_ssls_export) {
+              CURLcode r2 = tool_ssls_save(global->first, share,
+                                           global->ssl_sessions);
+              if(r2 && !result)
+                result = r2;
+            }
           }
         }
 
diff --git a/src/tool_paramhlp.c b/src/tool_paramhlp.c
index 2e7b98f26e..15293c0cc6 100644
--- a/src/tool_paramhlp.c
+++ b/src/tool_paramhlp.c
@@ -650,14 +650,6 @@ long delegation(const char *str)
   return CURLGSSAPI_DELEGATION_NONE;
 }
 
-/*
- * my_useragent: returns allocated string with default user agent
- */
-static char *my_useragent(void)
-{
-  return strdup(CURL_NAME "/" CURL_VERSION);
-}
-
 #define isheadersep(x) ((((x)==':') || ((x)==';')))
 
 /*
@@ -705,15 +697,6 @@ CURLcode get_args(struct OperationConfig *config, const size_t i)
   if(!result && config->proxyuserpwd)
     result = checkpasswd("proxy", i, last, &config->proxyuserpwd);
 
-  /* Check if we have a user agent */
-  if(!result && !config->useragent) {
-    config->useragent = my_useragent();
-    if(!config->useragent) {
-      errorf("out of memory");
-      result = CURLE_OUT_OF_MEMORY;
-    }
-  }
-
   return result;
 }
 

From f13f320dee7ea37bc01cc7b4282450b6165373c9 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Sat, 22 Nov 2025 22:44:39 +0100
Subject: [PATCH 0961/2408] tool_msgs: make voutf() use stack instead of heap

For printf()ing the message to show.

Closes #19651
---
 src/tool_msgs.c | 16 ++++++----------
 1 file changed, 6 insertions(+), 10 deletions(-)

diff --git a/src/tool_msgs.c b/src/tool_msgs.c
index 896788745c..ae0b6b9835 100644
--- a/src/tool_msgs.c
+++ b/src/tool_msgs.c
@@ -42,18 +42,15 @@ static void voutf(const char *prefix,
                   const char *fmt,
                   va_list ap)
 {
-  size_t width = (get_terminal_columns() - strlen(prefix));
   size_t len;
   char *ptr;
-  char *print_buffer;
+  char buffer[1024];
+  size_t termw = get_terminal_columns();
+  size_t prefw = strlen(prefix);
+  size_t width = termw > prefw ? termw - prefw : SIZE_MAX;
   DEBUGASSERT(!strchr(fmt, '\n'));
-
-  print_buffer = curl_mvaprintf(fmt, ap);
-  if(!print_buffer)
-    return;
-  len = strlen(print_buffer);
-
-  ptr = print_buffer;
+  len = curl_mvsnprintf(buffer, sizeof(buffer), fmt, ap);
+  ptr = buffer;
   while(len > 0) {
     fputs(prefix, tool_stderr);
 
@@ -79,7 +76,6 @@ static void voutf(const char *prefix,
       len = 0;
     }
   }
-  curl_free(print_buffer);
 }
 
 /*

From 74f7505974836f633c955dbce7514f12f78ddc5b Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Sun, 23 Nov 2025 14:42:59 +0100
Subject: [PATCH 0962/2408] asyn-ares: remove hostname free on OOM

The freeing of the already allocated hostname is done by
Curl_async_shutdown(). This extra free in the RR code path made a
double-free.

Presumably not detected because the CI torture tests don't run HTTPS-RR
enabled?

Follow-up to 8d0bfe74fb
Closes #19658
---
 lib/asyn-ares.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/lib/asyn-ares.c b/lib/asyn-ares.c
index ad9147a01c..e01f7ba3d2 100644
--- a/lib/asyn-ares.c
+++ b/lib/asyn-ares.c
@@ -748,10 +748,8 @@ struct Curl_addrinfo *Curl_async_getaddrinfo(struct Curl_easy *data,
 #ifdef USE_HTTPSRR
   if(port != 443) {
     rrname = curl_maprintf("_%d_.https.%s", port, hostname);
-    if(!rrname) {
-      free(data->state.async.hostname);
+    if(!rrname)
       return NULL;
-    }
   }
 #endif
 

From 29b3b1ae6d7ce561700cfe81aaba3b3ebc8a7a6a Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Sun, 23 Nov 2025 16:59:40 +0100
Subject: [PATCH 0963/2408] wolfssl: fix cipher list, skip 5.8.4 regression

- adjust cipher list in infof() statement for min/max TLS version

- skip test_17_07 for wolfSSL 5.8.4 when CHACHA20 is negotiated
  due to regression with homebrew build on ARM systems.

Fixes #19644
Reported-by: Viktor Szakats
Closes #19662
---
 lib/vtls/wolfssl.c            | 52 +++++++++++++++++++++--------------
 tests/http/test_17_ssl_use.py |  4 +++
 2 files changed, 35 insertions(+), 21 deletions(-)

diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c
index a8090d1bf1..c8fc8c4add 100644
--- a/lib/vtls/wolfssl.c
+++ b/lib/vtls/wolfssl.c
@@ -1043,62 +1043,69 @@ static CURLcode client_certificate(struct Curl_easy *data,
 
 static CURLcode ssl_version(struct Curl_easy *data,
                             struct ssl_primary_config *conn_config,
-                            struct wssl_ctx *wctx)
+                            struct wssl_ctx *wctx,
+                            int *min_version, int *max_version)
 {
   int res;
+  *min_version = *max_version = 0;
   switch(conn_config->version) {
   case CURL_SSLVERSION_DEFAULT:
   case CURL_SSLVERSION_TLSv1:
   case CURL_SSLVERSION_TLSv1_0:
-    res = wolfSSL_CTX_set_min_proto_version(wctx->ssl_ctx, TLS1_VERSION);
+    *min_version = TLS1_VERSION;
     break;
   case CURL_SSLVERSION_TLSv1_1:
-    res = wolfSSL_CTX_set_min_proto_version(wctx->ssl_ctx, TLS1_1_VERSION);
+    *min_version = TLS1_1_VERSION;
     break;
   case CURL_SSLVERSION_TLSv1_2:
-    res = wolfSSL_CTX_set_min_proto_version(wctx->ssl_ctx, TLS1_2_VERSION);
+    *min_version = TLS1_2_VERSION;
     break;
 #ifdef WOLFSSL_TLS13
   case CURL_SSLVERSION_TLSv1_3:
-    res = wolfSSL_CTX_set_min_proto_version(wctx->ssl_ctx, TLS1_3_VERSION);
+    *min_version = TLS1_3_VERSION;
     break;
 #endif
   default:
     failf(data, "wolfSSL: unsupported minimum TLS version value");
     return CURLE_SSL_CONNECT_ERROR;
   }
-  if(res != WOLFSSL_SUCCESS) {
-    failf(data, "wolfSSL: failed set the minimum TLS version");
-    return CURLE_SSL_CONNECT_ERROR;
-  }
 
   switch(conn_config->version_max) {
 #ifdef WOLFSSL_TLS13
   case CURL_SSLVERSION_MAX_TLSv1_3:
-    res = wolfSSL_CTX_set_max_proto_version(wctx->ssl_ctx, TLS1_3_VERSION);
+    *max_version = TLS1_3_VERSION;
     break;
 #endif
   case CURL_SSLVERSION_MAX_TLSv1_2:
-    res = wolfSSL_CTX_set_max_proto_version(wctx->ssl_ctx, TLS1_2_VERSION);
+    *max_version = TLS1_2_VERSION;
     break;
   case CURL_SSLVERSION_MAX_TLSv1_1:
-    res = wolfSSL_CTX_set_max_proto_version(wctx->ssl_ctx, TLS1_1_VERSION);
+    *max_version = TLS1_1_VERSION;
     break;
   case CURL_SSLVERSION_MAX_TLSv1_0:
-    res = wolfSSL_CTX_set_max_proto_version(wctx->ssl_ctx, TLS1_VERSION);
+    *max_version = TLS1_VERSION;
     break;
   case CURL_SSLVERSION_MAX_DEFAULT:
   case CURL_SSLVERSION_MAX_NONE:
-    res = WOLFSSL_SUCCESS;
     break;
   default:
     failf(data, "wolfSSL: unsupported maximum TLS version value");
     return CURLE_SSL_CONNECT_ERROR;
   }
+
+  res = wolfSSL_CTX_set_min_proto_version(wctx->ssl_ctx, *min_version);
   if(res != WOLFSSL_SUCCESS) {
-    failf(data, "wolfSSL: failed set the maximum TLS version");
+    failf(data, "wolfSSL: failed set the minimum TLS version");
     return CURLE_SSL_CONNECT_ERROR;
   }
+
+  if(*max_version) {
+    res = wolfSSL_CTX_set_max_proto_version(wctx->ssl_ctx, *max_version);
+    if(res != WOLFSSL_SUCCESS) {
+      failf(data, "wolfSSL: failed set the maximum TLS version");
+      return CURLE_SSL_CONNECT_ERROR;
+    }
+  }
   return CURLE_OK;
 }
 
@@ -1126,6 +1133,7 @@ CURLcode Curl_wssl_ctx_init(struct wssl_ctx *wctx,
 #endif
   CURLcode result = CURLE_FAILED_INIT;
   unsigned char transport;
+  int tls_min, tls_max;
 
   DEBUGASSERT(!wctx->ssl_ctx);
   DEBUGASSERT(!wctx->ssl);
@@ -1159,7 +1167,7 @@ CURLcode Curl_wssl_ctx_init(struct wssl_ctx *wctx,
     goto out;
   }
 
-  result = ssl_version(data, conn_config, wctx);
+  result = ssl_version(data, conn_config, wctx, &tls_min, &tls_max);
   if(result)
     goto out;
 
@@ -1183,12 +1191,14 @@ CURLcode Curl_wssl_ctx_init(struct wssl_ctx *wctx,
     struct dynbuf c;
     curlx_dyn_init(&c, MAX_CIPHER_LEN);
 
-    if(ciphers13)
-      result = curlx_dyn_add(&c, ciphers13);
-    else
-      result = wssl_add_default_ciphers(TRUE, &c);
+    if(!tls_max || (tls_max >= TLS1_3_VERSION)) {
+      if(ciphers13)
+        result = curlx_dyn_add(&c, ciphers13);
+      else
+        result = wssl_add_default_ciphers(TRUE, &c);
+    }
 
-    if(!result) {
+    if(!result && (tls_min < TLS1_3_VERSION)) {
       if(ciphers12) {
         if(curlx_dyn_len(&c))
           result = curlx_dyn_addn(&c, ":", 1);
diff --git a/tests/http/test_17_ssl_use.py b/tests/http/test_17_ssl_use.py
index 58ad7fdf15..85c43d568e 100644
--- a/tests/http/test_17_ssl_use.py
+++ b/tests/http/test_17_ssl_use.py
@@ -258,6 +258,10 @@ class TestSSLUse:
         curl = CurlClient(env=env)
         url = f'https://{env.authority_for(env.domain1, proto)}/curltest/sslinfo'
         # SSL backend specifics
+        # see wolfSSL/wolfssl#9462
+        if env.curl_uses_lib('wolfssl') and env.curl_lib_version('wolfssl') == '5.8.4' \
+           and ciphers13 and 'TLS_CHACHA20_POLY1305_SHA256' in ciphers13:
+            pytest.skip('wolfSSL 5.8.4 is borked on ARM with CHACHA20')
         if env.curl_uses_lib('gnutls'):
             pytest.skip('GnuTLS does not support setting ciphers')
         elif env.curl_uses_lib('boringssl'):

From 74cf7725d7c47cb66818063bbb1773b4fc6e1247 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Sun, 23 Nov 2025 09:37:41 +0000
Subject: [PATCH 0964/2408] GHA: update ngtcp2/ngtcp2 to v1.18.0 from v1.17.0

Closes #19655
---
 .github/workflows/http3-linux.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml
index 223c6afbf4..e7406c16eb 100644
--- a/.github/workflows/http3-linux.yml
+++ b/.github/workflows/http3-linux.yml
@@ -53,7 +53,7 @@ env:
   # renovate: datasource=github-tags depName=ngtcp2/nghttp3 versioning=semver registryUrl=https://github.com
   NGHTTP3_VERSION: 1.12.0
   # renovate: datasource=github-tags depName=ngtcp2/ngtcp2 versioning=semver registryUrl=https://github.com
-  NGTCP2_VERSION: 1.17.0
+  NGTCP2_VERSION: 1.18.0
   # renovate: datasource=github-tags depName=nghttp2/nghttp2 versioning=semver registryUrl=https://github.com
   NGHTTP2_VERSION: 1.68.0
   # renovate: datasource=github-tags depName=cloudflare/quiche versioning=semver registryUrl=https://github.com

From 4d04a0301629d1d37476e312202c0c62b5db309e Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Sun, 23 Nov 2025 18:23:32 +0000
Subject: [PATCH 0965/2408] GHA: update ngtcp2/nghttp3 to v1.13.0 from v1.12.0

Closes #19654
---
 .github/workflows/http3-linux.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml
index e7406c16eb..a6c5972cd9 100644
--- a/.github/workflows/http3-linux.yml
+++ b/.github/workflows/http3-linux.yml
@@ -51,7 +51,7 @@ env:
   # renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?.+)-stable$ registryUrl=https://github.com
   WOLFSSL_VERSION: 5.8.4
   # renovate: datasource=github-tags depName=ngtcp2/nghttp3 versioning=semver registryUrl=https://github.com
-  NGHTTP3_VERSION: 1.12.0
+  NGHTTP3_VERSION: 1.13.0
   # renovate: datasource=github-tags depName=ngtcp2/ngtcp2 versioning=semver registryUrl=https://github.com
   NGTCP2_VERSION: 1.18.0
   # renovate: datasource=github-tags depName=nghttp2/nghttp2 versioning=semver registryUrl=https://github.com

From b5265b24b059c1d37512d76b767ff832a68ab817 Mon Sep 17 00:00:00 2001
From: bttrfl on github <33011292+bttrfl@users.noreply.github.com>
Date: Sun, 23 Nov 2025 06:55:16 +0300
Subject: [PATCH 0966/2408] speedcheck: do not trigger low speed cancel on
 transfers with CURL_READFUNC_PAUSE

When a trasfer is paused from a read callback with a CURL_READFUNC_PAUSE
code, it should be excluded from the speedcheck. Currently only
transfers paused from write callbacks are excluded, because the code
only checks for "recv direction" of the transfer. This commit adds a
check for "send direction".

Issue similar to https://github.com/curl/curl/issues/6358

Closes #19653
---
 lib/speedcheck.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/speedcheck.c b/lib/speedcheck.c
index aede060019..b074199c37 100644
--- a/lib/speedcheck.c
+++ b/lib/speedcheck.c
@@ -42,7 +42,7 @@ void Curl_speedinit(struct Curl_easy *data)
 CURLcode Curl_speedcheck(struct Curl_easy *data,
                          struct curltime now)
 {
-  if(Curl_xfer_recv_is_paused(data))
+  if(Curl_xfer_recv_is_paused(data) || Curl_xfer_send_is_paused(data))
     /* A paused transfer is not qualified for speed checks */
     return CURLE_OK;
 

From c77bed81a2e1325ffdebc223c27e3d1355147529 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 18 Nov 2025 14:29:09 +0100
Subject: [PATCH 0967/2408] memdebug: produce stack trace dump with
 libbacktrace

Enable with "configure --enable-backtrace", inserts a backtrace in the
memdump log when a torture test limit is reached.

Closes #19657
---
 configure.ac        | 16 ++++++++++++++++
 lib/memdebug.c      | 38 ++++++++++++++++++++++++++++++++++++++
 tests/memanalyze.pl |  5 ++++-
 3 files changed, 58 insertions(+), 1 deletion(-)

diff --git a/configure.ac b/configure.ac
index d72b33d528..1481a096b2 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1108,6 +1108,22 @@ AS_HELP_STRING([--enable-libgcc],[use libgcc when linking]),
     AC_MSG_RESULT(no)
 )
 
+AC_MSG_CHECKING([whether to use libbacktrace])
+AC_ARG_WITH(backtrace,
+AS_HELP_STRING([--enable-backtrace],[use libbacktrace when linking]),
+[ case "$enableval" in
+  yes)
+    LIBS="-lbacktrace $LIBS"
+    AC_DEFINE(USE_BACKTRACE, 1, [if libbacktrace is in use])
+    AC_MSG_RESULT(yes)
+    ;;
+  *)
+    AC_MSG_RESULT(no)
+    ;;
+  esac ],
+    AC_MSG_RESULT(no)
+)
+
 CURL_CHECK_LIB_XNET
 
 dnl gethostbyname without lib or in the nsl lib?
diff --git a/lib/memdebug.c b/lib/memdebug.c
index 758c7b6aa7..cbda4a2be1 100644
--- a/lib/memdebug.c
+++ b/lib/memdebug.c
@@ -31,6 +31,10 @@
 #include "urldata.h"
 #include "curlx/fopen.h"  /* for CURLX_FOPEN_LOW(), CURLX_FREOPEN_LOW() */
 
+#ifdef USE_BACKTRACE
+#include "backtrace.h"
+#endif
+
 /* The last 2 #include files should be in this order */
 #include "curl_memory.h"
 #include "memdebug.h"
@@ -58,6 +62,9 @@ FILE *curl_dbg_logfile = NULL;
 static bool registered_cleanup = FALSE; /* atexit registered cleanup */
 static bool memlimit = FALSE; /* enable memory limit */
 static long memsize = 0;  /* set number of mallocs allowed */
+#ifdef USE_BACKTRACE
+struct backtrace_state *btstate;
+#endif
 
 /* LeakSantizier (LSAN) calls _exit() instead of exit() when a leak is detected
    on exit so the logfile must be closed explicitly or data could be lost.
@@ -73,6 +80,33 @@ static void curl_dbg_cleanup(void)
   }
   curl_dbg_logfile = NULL;
 }
+#ifdef USE_BACKTRACE
+static void error_callback(void *data, const char *message, int error_number)
+{
+  (void)data;
+  if(error_number == -1)
+    curl_dbg_log("compile with -g\n\n");
+  else
+    curl_dbg_log("Backtrace error %d: %s\n", error_number, message);
+}
+
+static int full_callback(void *data, uintptr_t pc, const char *pathname,
+                         int line_number, const char *function)
+{
+  (void)data;
+  (void)pc;
+  if(pathname || function || line_number)
+    curl_dbg_log("BT %s:%d -- %s\n", pathname, line_number, function);
+  return 0;
+}
+
+static void dump_bt(void)
+{
+  backtrace_full(btstate, 0, full_callback, error_callback, NULL);
+}
+#else
+#define dump_bt() /* nothing to do */
+#endif
 
 /* this sets the log filename */
 void curl_dbg_memdebug(const char *logname)
@@ -88,6 +122,9 @@ void curl_dbg_memdebug(const char *logname)
       setbuf(curl_dbg_logfile, (char *)NULL);
 #endif
   }
+#ifdef USE_BACKTRACE
+  btstate = backtrace_create_state(NULL, 0, error_callback, NULL);
+#endif
   if(!registered_cleanup)
     registered_cleanup = !atexit(curl_dbg_cleanup);
 }
@@ -115,6 +152,7 @@ static bool countcheck(const char *func, int line, const char *source)
       /* log to stderr also */
       curl_mfprintf(stderr, "LIMIT %s:%d %s reached memlimit\n",
                     source, line, func);
+      dump_bt();
       fflush(curl_dbg_logfile); /* because it might crash now */
       /* !checksrc! disable ERRNOVAR 1 */
       errno = ENOMEM;
diff --git a/tests/memanalyze.pl b/tests/memanalyze.pl
index e35b2e7aba..2b38e5e8a4 100755
--- a/tests/memanalyze.pl
+++ b/tests/memanalyze.pl
@@ -130,7 +130,10 @@ while(<$fileh>) {
     chomp $_;
     my $line = $_;
     $lnum++;
-    if($line =~ /^LIMIT ([^ ]*):(\d*) (.*)/) {
+    if($line =~ /^BT/) {
+        # back-trace, ignore
+    }
+    elsif($line =~ /^LIMIT ([^ ]*):(\d*) (.*)/) {
         # new memory limit test prefix
         my $i = $3;
         my ($source, $linenum) = ($1, $2);

From 039fb84cb4e05cc899bb00b2c8456677516529c1 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 24 Nov 2025 13:08:37 +0100
Subject: [PATCH 0968/2408] tool_writeout: bail out proper on OOM

Closes #19667
---
 src/tool_writeout.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/tool_writeout.c b/src/tool_writeout.c
index cdfa23a752..52b35345f4 100644
--- a/src/tool_writeout.c
+++ b/src/tool_writeout.c
@@ -763,6 +763,8 @@ void ourWriteOut(struct OperationConfig *config, struct per_transfer *per,
                          variables, CURL_ARRAYSIZE(variables),
                          sizeof(variables[0]), matchvar);
           }
+          else
+            break;
           if(wv) {
             switch(wv->id) {
             case VAR_ONERROR:

From d03712169b7a02e3a9b3c3a5c060395ed37b626e Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 24 Nov 2025 12:49:15 +0100
Subject: [PATCH 0969/2408] cmake: add support for libbacktrace, fix two build
 issues

Also:
- memdebug: fix symbol collision in unity builds.
- memdebug: fix compiler warning by making a variable static.

Follow-up to c77bed81a2e1325ffdebc223c27e3d1355147529 #19657

Closes #19666
---
 .github/scripts/pyspelling.words |  1 +
 CMake/FindLibbacktrace.cmake     | 52 ++++++++++++++++++++++++++++++++
 CMakeLists.txt                   | 15 +++++++++
 Makefile.am                      |  1 +
 docs/INSTALL-CMAKE.md            |  3 ++
 lib/curl_config.h.cmake          |  3 ++
 lib/memdebug.c                   |  9 +++---
 7 files changed, 80 insertions(+), 4 deletions(-)
 create mode 100644 CMake/FindLibbacktrace.cmake

diff --git a/.github/scripts/pyspelling.words b/.github/scripts/pyspelling.words
index 5c96701cd0..984424200b 100644
--- a/.github/scripts/pyspelling.words
+++ b/.github/scripts/pyspelling.words
@@ -434,6 +434,7 @@ LDAPS
 ldaps
 LF
 LGTM
+libbacktrace
 libbrotlidec
 libc
 libcurl
diff --git a/CMake/FindLibbacktrace.cmake b/CMake/FindLibbacktrace.cmake
new file mode 100644
index 0000000000..444c5f90fd
--- /dev/null
+++ b/CMake/FindLibbacktrace.cmake
@@ -0,0 +1,52 @@
+#***************************************************************************
+#                                  _   _ ____  _
+#  Project                     ___| | | |  _ \| |
+#                             / __| | | | |_) | |
+#                            | (__| |_| |  _ <| |___
+#                             \___|\___/|_| \_\_____|
+#
+# Copyright (C) Daniel Stenberg, , et al.
+#
+# This software is licensed as described in the file COPYING, which
+# you should have received as part of this distribution. The terms
+# are also available at https://curl.se/docs/copyright.html.
+#
+# You may opt to use, copy, modify, merge, publish, distribute and/or sell
+# copies of the Software, and permit persons to whom the Software is
+# furnished to do so, under the terms of the COPYING file.
+#
+# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+# KIND, either express or implied.
+#
+# SPDX-License-Identifier: curl
+#
+###########################################################################
+# Find the libbacktrace library
+#
+# Input variables:
+#
+# - `LIBBACKTRACE_INCLUDE_DIR`:   Absolute path to libbacktrace include directory.
+# - `LIBBACKTRACE_LIBRARY`:       Absolute path to `libbacktrace` library.
+#
+# Result variables:
+#
+# - `LIBBACKTRACE_FOUND`:         System has libbacktrace.
+# - `LIBBACKTRACE_INCLUDE_DIRS`:  The libbacktrace include directories.
+# - `LIBBACKTRACE_LIBRARIES`:     The libbacktrace library names.
+
+find_path(LIBBACKTRACE_INCLUDE_DIR NAMES "backtrace.h")
+find_library(LIBBACKTRACE_LIBRARY NAMES "backtrace" "libbacktrace")
+
+include(FindPackageHandleStandardArgs)
+find_package_handle_standard_args(Libbacktrace
+  REQUIRED_VARS
+    LIBBACKTRACE_INCLUDE_DIR
+    LIBBACKTRACE_LIBRARY
+)
+
+if(LIBBACKTRACE_FOUND)
+  set(LIBBACKTRACE_INCLUDE_DIRS ${LIBBACKTRACE_INCLUDE_DIR})
+  set(LIBBACKTRACE_LIBRARIES    ${LIBBACKTRACE_LIBRARY})
+endif()
+
+mark_as_advanced(LIBBACKTRACE_INCLUDE_DIR LIBBACKTRACE_LIBRARY)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 20336e097c..5d6e7ca3e6 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1421,6 +1421,21 @@ if(CURL_USE_GSSAPI)
   endif()
 endif()
 
+# libbacktrace
+option(CURL_USE_LIBBACKTRACE "Use libbacktrace. Requires build with TrackMemory and DWARF debug information." OFF)
+if(CURL_USE_LIBBACKTRACE)
+  if(NOT ENABLE_CURLDEBUG)
+    message(FATAL_ERROR "libbacktrace requires TrackMemory enabled")
+  endif()
+  if(NOT CMAKE_BUILD_TYPE MATCHES "(Debug|RelWithDebInfo)")
+    message(FATAL_ERROR "libbacktrace requires debug information")
+  endif()
+  find_package(Libbacktrace REQUIRED)
+  list(APPEND CURL_LIBS ${LIBBACKTRACE_LIBRARIES})
+  include_directories(SYSTEM ${LIBBACKTRACE_INCLUDE_DIRS})
+  set(USE_BACKTRACE ON)
+endif()
+
 # libuv
 option(CURL_USE_LIBUV "Use libuv for event-based tests" OFF)
 if(CURL_USE_LIBUV)
diff --git a/Makefile.am b/Makefile.am
index 1ed54423e5..d289f33d57 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -37,6 +37,7 @@ CMAKE_DIST =                                    \
  CMake/FindGnuTLS.cmake                         \
  CMake/FindGSS.cmake                            \
  CMake/FindLDAP.cmake                           \
+ CMake/FindLibbacktrace.cmake                   \
  CMake/FindLibgsasl.cmake                       \
  CMake/FindLibidn2.cmake                        \
  CMake/FindLibpsl.cmake                         \
diff --git a/docs/INSTALL-CMAKE.md b/docs/INSTALL-CMAKE.md
index bd9555b614..026db07628 100644
--- a/docs/INSTALL-CMAKE.md
+++ b/docs/INSTALL-CMAKE.md
@@ -355,6 +355,7 @@ Details via CMake
 - `CURL_USE_GNUTLS`:                        Enable GnuTLS for SSL/TLS. Default: `OFF`
 - `CURL_USE_GSASL`:                         Use libgsasl. Default: `OFF`
 - `CURL_USE_GSSAPI`:                        Use GSSAPI implementation. Default: `OFF`
+- `CURL_USE_LIBBACKTRACE`:                  Use [libbacktrace](https://github.com/ianlancetaylor/libbacktrace). Requires build with TrackMemory and DWARF debug information. Default: `OFF`
 - `CURL_USE_LIBPSL`:                        Use libpsl. Default: `ON`
 - `CURL_USE_LIBSSH2`:                       Use libssh2. Default: `ON`
 - `CURL_USE_LIBSSH`:                        Use libssh. Default: `OFF`
@@ -411,6 +412,8 @@ Details via CMake
 - `LDAP_INCLUDE_DIR`:                       Absolute path to LDAP include directory.
 - `LDAP_LIBRARY`:                           Absolute path to `ldap` library.
 - `LDAP_LBER_LIBRARY`:                      Absolute path to `lber` library.
+- `LIBBACKTRACE_INCLUDE_DIR`:               Absolute path to libbacktrace include directory (https://github.com/ianlancetaylor/libbacktrace).
+- `LIBBACKTRACE_LIBRARY`:                   Absolute path to `libbacktrace` library.
 - `LIBGSASL_INCLUDE_DIR`:                   Absolute path to libgsasl include directory.
 - `LIBGSASL_LIBRARY`:                       Absolute path to `libgsasl` library.
 - `LIBIDN2_INCLUDE_DIR`:                    Absolute path to libidn2 include directory.
diff --git a/lib/curl_config.h.cmake b/lib/curl_config.h.cmake
index acbb428575..37ec3d9a65 100644
--- a/lib/curl_config.h.cmake
+++ b/lib/curl_config.h.cmake
@@ -730,6 +730,9 @@ ${SIZEOF_TIME_T_CODE}
 /* Define to 1 if you have the  header file. */
 #cmakedefine HAVE_UV_H 1
 
+/* if libbacktrace is in use */
+#cmakedefine USE_BACKTRACE 1
+
 /* Define to 1 if you do not want the OpenSSL configuration to be loaded
    automatically */
 #cmakedefine CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG 1
diff --git a/lib/memdebug.c b/lib/memdebug.c
index cbda4a2be1..6ec292654f 100644
--- a/lib/memdebug.c
+++ b/lib/memdebug.c
@@ -63,7 +63,7 @@ static bool registered_cleanup = FALSE; /* atexit registered cleanup */
 static bool memlimit = FALSE; /* enable memory limit */
 static long memsize = 0;  /* set number of mallocs allowed */
 #ifdef USE_BACKTRACE
-struct backtrace_state *btstate;
+static struct backtrace_state *btstate;
 #endif
 
 /* LeakSantizier (LSAN) calls _exit() instead of exit() when a leak is detected
@@ -81,7 +81,8 @@ static void curl_dbg_cleanup(void)
   curl_dbg_logfile = NULL;
 }
 #ifdef USE_BACKTRACE
-static void error_callback(void *data, const char *message, int error_number)
+static void error_bt_callback(void *data, const char *message,
+                              int error_number)
 {
   (void)data;
   if(error_number == -1)
@@ -102,7 +103,7 @@ static int full_callback(void *data, uintptr_t pc, const char *pathname,
 
 static void dump_bt(void)
 {
-  backtrace_full(btstate, 0, full_callback, error_callback, NULL);
+  backtrace_full(btstate, 0, full_callback, error_bt_callback, NULL);
 }
 #else
 #define dump_bt() /* nothing to do */
@@ -123,7 +124,7 @@ void curl_dbg_memdebug(const char *logname)
 #endif
   }
 #ifdef USE_BACKTRACE
-  btstate = backtrace_create_state(NULL, 0, error_callback, NULL);
+  btstate = backtrace_create_state(NULL, 0, error_bt_callback, NULL);
 #endif
   if(!registered_cleanup)
     registered_cleanup = !atexit(curl_dbg_cleanup);

From 537987d8c66aac6ec96cde098ab45525e156b54e Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sat, 22 Nov 2025 01:20:44 +0100
Subject: [PATCH 0970/2408] curl_fopen: do not pass invalid mode flags to
 `open()` on Windows

The safe (`_s`) variants of the Windows `open()` reject these flags,
while the classic ones silently accepted them.

Also:
- also drop the now unused `stat()` call on Windows.
- replace magic number with their equivalent Windows and Unix-specific
  `S_*` macros.

Refs:
https://learn.microsoft.com/cpp/c-runtime-library/reference/open-wopen
https://learn.microsoft.com/cpp/c-runtime-library/reference/fstat-fstat32-fstat64-fstati64-fstat32i64-fstat64i32

Cherry-picked from #19643
Closes #19645
---
 lib/curl_fopen.c | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/lib/curl_fopen.c b/lib/curl_fopen.c
index fd0c7c65d2..f16b3d6cde 100644
--- a/lib/curl_fopen.c
+++ b/lib/curl_fopen.c
@@ -93,11 +93,14 @@ CURLcode Curl_fopen(struct Curl_easy *data, const char *filename,
   CURLcode result = CURLE_WRITE_ERROR;
   unsigned char randbuf[41];
   char *tempstore = NULL;
+#ifndef _WIN32
   struct_stat sb;
+#endif
   int fd = -1;
   char *dir = NULL;
   *tempname = NULL;
 
+#ifndef _WIN32
   *fh = curlx_fopen(filename, FOPEN_WRITETEXT);
   if(!*fh)
     goto fail;
@@ -105,6 +108,7 @@ CURLcode Curl_fopen(struct Curl_easy *data, const char *filename,
     return CURLE_OK;
   }
   curlx_fclose(*fh);
+#endif
   *fh = NULL;
 
   result = Curl_rand_alnum(data, randbuf, sizeof(randbuf));
@@ -125,13 +129,16 @@ CURLcode Curl_fopen(struct Curl_easy *data, const char *filename,
   }
 
   result = CURLE_WRITE_ERROR;
-#if (defined(ANDROID) || defined(__ANDROID__)) && \
+#ifdef _WIN32
+  fd = curlx_open(tempstore, O_WRONLY | O_CREAT | O_EXCL,
+                  S_IREAD | S_IWRITE);
+#elif (defined(ANDROID) || defined(__ANDROID__)) && \
   (defined(__i386__) || defined(__arm__))
   fd = curlx_open(tempstore, O_WRONLY | O_CREAT | O_EXCL,
-                  (mode_t)(0600 | sb.st_mode));
+                  (mode_t)(S_IRUSR | S_IWUSR | sb.st_mode));
 #else
   fd = curlx_open(tempstore, O_WRONLY | O_CREAT | O_EXCL,
-                  0600 | sb.st_mode);
+                  S_IRUSR | S_IWUSR | sb.st_mode);
 #endif
   if(fd == -1)
     goto fail;

From 82013066a6149aa906b1fda3f8f1f27bd272a6c2 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sat, 22 Nov 2025 01:42:15 +0100
Subject: [PATCH 0971/2408] file: do not pass invalid mode flags to `open()` on
 upload (Windows)

Ref: https://learn.microsoft.com/cpp/c-runtime-library/reference/open-wopen

Ref: #19645
Cherry-picked from #19643
Closes #19647
---
 lib/file.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/lib/file.c b/lib/file.c
index 826bed6d80..6937069074 100644
--- a/lib/file.c
+++ b/lib/file.c
@@ -343,7 +343,10 @@ static CURLcode file_upload(struct Curl_easy *data,
   else
     mode |= O_TRUNC;
 
-#if (defined(ANDROID) || defined(__ANDROID__)) && \
+#ifdef _WIN32
+  fd = curlx_open(file->path, mode,
+                  data->set.new_file_perms & (_S_IREAD | _S_IWRITE));
+#elif (defined(ANDROID) || defined(__ANDROID__)) && \
   (defined(__i386__) || defined(__arm__))
   fd = curlx_open(file->path, mode, (mode_t)data->set.new_file_perms);
 #else

From 1eca08a5417740320501448b64e8584de349126c Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Fri, 21 Nov 2025 15:55:33 +0100
Subject: [PATCH 0972/2408] curlx/strerr: use `strerror_s()` on Windows

To replace deprecated, unsafe `sys_nerr`, `sys_errlist` global
variables with the function suggested by the CRT warning silenced via
`_CRT_SECURE_NO_WARNINGS`:
```
lib/curlx/strerr.c(291): warning C4996: '__sys_nerr': This function or variable may be unsafe. Consider using strerror instead.
lib/curlx/strerr.c(292): warning C4996: '__sys_errlist': This function or variable may be unsafe. Consider using strerror instead.
```
(where `strerror` in turn suggests `strerror_s`...)

Upside: returns an error and has a Unicode variant. Downaside: happy
to return success when passing unrecognized error codes. Work it around
by looking for the string "Unknown error" returned in such cases and
falling back to other methods to retrieve a description.

Refs:
https://learn.microsoft.com/cpp/c-runtime-library/errno-doserrno-sys-errlist-and-sys-nerr
https://learn.microsoft.com/cpp/c-runtime-library/reference/strerror-s-strerror-s-wcserror-s-wcserror-s

Closes #19646
---
 lib/curl_setup.h   |  6 +++---
 lib/curlx/strerr.c | 13 ++++---------
 2 files changed, 7 insertions(+), 12 deletions(-)

diff --git a/lib/curl_setup.h b/lib/curl_setup.h
index db438a8b0a..886a881493 100644
--- a/lib/curl_setup.h
+++ b/lib/curl_setup.h
@@ -95,9 +95,9 @@
                                       unlink(), etc. */
 #endif
 #ifndef _CRT_SECURE_NO_WARNINGS
-#define _CRT_SECURE_NO_WARNINGS  /* for __sys_errlist, __sys_nerr, _open(),
-                                    _wfopen(), _wopen(), fopen(), freopen(),
-                                    getenv(), gmtime(), sprintf(), strcpy(),
+#define _CRT_SECURE_NO_WARNINGS  /* for _open(), _wfopen(), _wopen(), fopen(),
+                                    freopen(), getenv(), gmtime(), sprintf(),
+                                    strcpy(),
                                     in tests: localtime(), open(), sscanf() */
 #endif
 #endif /* _MSC_VER */
diff --git a/lib/curlx/strerr.c b/lib/curlx/strerr.c
index 047588ed18..376f68b0b2 100644
--- a/lib/curlx/strerr.c
+++ b/lib/curlx/strerr.c
@@ -287,17 +287,12 @@ const char *curlx_strerror(int err, char *buf, size_t buflen)
   *buf = '\0';
 
 #ifdef _WIN32
-  /* 'sys_nerr' is the maximum errno number, it is not widely portable */
-  if(err >= 0 && err < sys_nerr)
-    SNPRINTF(buf, buflen, "%s", sys_errlist[err]);
-  else {
-    if(
+  if((!strerror_s(buf, buflen, err) || !strcmp(buf, "Unknown error")) &&
 #ifdef USE_WINSOCK
-      !get_winsock_error(err, buf, buflen) &&
+     !get_winsock_error(err, buf, buflen) &&
 #endif
-      !curlx_get_winapi_error((DWORD)err, buf, buflen))
-      SNPRINTF(buf, buflen, "Unknown error %d (%#x)", err, err);
-  }
+     !curlx_get_winapi_error((DWORD)err, buf, buflen))
+    SNPRINTF(buf, buflen, "Unknown error %d (%#x)", err, err);
 #else /* !_WIN32 */
 
 #if defined(HAVE_STRERROR_R) && defined(HAVE_POSIX_STRERROR_R)

From 3696ac4e29836dd3e5e3b2101d53294846a6ec1b Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Mon, 24 Nov 2025 10:43:14 +0000
Subject: [PATCH 0973/2408] GHA: update dependency ngtcp2/nghttp3 to v1.13.1

Closes #19664
---
 .github/workflows/http3-linux.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml
index a6c5972cd9..3f52c14656 100644
--- a/.github/workflows/http3-linux.yml
+++ b/.github/workflows/http3-linux.yml
@@ -51,7 +51,7 @@ env:
   # renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?.+)-stable$ registryUrl=https://github.com
   WOLFSSL_VERSION: 5.8.4
   # renovate: datasource=github-tags depName=ngtcp2/nghttp3 versioning=semver registryUrl=https://github.com
-  NGHTTP3_VERSION: 1.13.0
+  NGHTTP3_VERSION: 1.13.1
   # renovate: datasource=github-tags depName=ngtcp2/ngtcp2 versioning=semver registryUrl=https://github.com
   NGTCP2_VERSION: 1.18.0
   # renovate: datasource=github-tags depName=nghttp2/nghttp2 versioning=semver registryUrl=https://github.com

From fa1270a0d1c8234929e1d399ff06ef8f31a2b0b9 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 24 Nov 2025 14:43:49 +0100
Subject: [PATCH 0974/2408] vquic: do not pass invalid mode flags to `open()`
 (Windows)

Follow-up to 82013066a6149aa906b1fda3f8f1f27bd272a6c2 #19647

Closes #19670
---
 lib/vquic/vquic.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/lib/vquic/vquic.c b/lib/vquic/vquic.c
index 539d9bfeae..562a99e4fe 100644
--- a/lib/vquic/vquic.c
+++ b/lib/vquic/vquic.c
@@ -665,7 +665,11 @@ CURLcode Curl_qlogdir(struct Curl_easy *data,
     if(!result) {
       int qlogfd = curlx_open(curlx_dyn_ptr(&fname),
                               O_WRONLY | O_CREAT | CURL_O_BINARY,
-                              data->set.new_file_perms);
+                              data->set.new_file_perms
+#ifdef _WIN32
+                              & (_S_IREAD | _S_IWRITE)
+#endif
+                              );
       if(qlogfd != -1)
         *qlogfdp = qlogfd;
     }

From 2b7515ae8e1d448fd6da2fddb74d36c4867cca80 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 24 Nov 2025 14:51:18 +0100
Subject: [PATCH 0975/2408] tftpd: fix/tidy up `open()` mode flags

- replace 0777 with `S_I*` macros.
- fix to not pass invalid flags on Windows.

Follow-up to 537987d8c66aac6ec96cde098ab45525e156b54e #19645

Closes #19671
---
 tests/server/tftpd.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/tests/server/tftpd.c b/tests/server/tftpd.c
index dd7291c7ce..6631e2439b 100644
--- a/tests/server/tftpd.c
+++ b/tests/server/tftpd.c
@@ -445,7 +445,15 @@ static ssize_t write_behind(struct testcase *test, int convert)
   if(!test->ofile) {
     char outfile[256];
     snprintf(outfile, sizeof(outfile), "%s/upload.%ld", logdir, test->testno);
-    test->ofile = open(outfile, O_CREAT|O_RDWR|CURL_O_BINARY, 0777);
+    test->ofile = open(outfile, O_CREAT | O_RDWR | CURL_O_BINARY,
+#ifdef _WIN32
+                       S_IREAD | S_IWRITE
+#else
+                       S_IRUSR | S_IWUSR | S_IXUSR |
+                       S_IRGRP | S_IWGRP | S_IXGRP |
+                       S_IROTH | S_IWOTH | S_IXOTH
+#endif
+                       );
     if(test->ofile == -1) {
       logmsg("Could not create and/or open file %s for upload!", outfile);
       return -1; /* failure! */

From 2b57d415e5a0d0afceeb90c54b45a1644a4f8a40 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 24 Nov 2025 19:38:34 +0100
Subject: [PATCH 0976/2408] content_encoding: drop a guard for brotli 1.0.0+
 macro

Also add comment with version requirement for the other guard.

Refs:
https://github.com/google/brotli/commit/19d86fb9a60aa7034d4981b69a5b656f5b90017e
https://github.com/google/brotli/commit/03739d2b113afe60638069c4e1604dc2ac27380d

Ref: #19672
Follow-up to e639d4ca4d794c222dde4680d9ff35053f501042
Closes #19673
---
 lib/content_encoding.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/lib/content_encoding.c b/lib/content_encoding.c
index b724b576b4..f128f7565f 100644
--- a/lib/content_encoding.c
+++ b/lib/content_encoding.c
@@ -384,12 +384,10 @@ static CURLcode brotli_map_error(BrotliDecoderErrorCode be)
   case BROTLI_DECODER_ERROR_FORMAT_WINDOW_BITS:
   case BROTLI_DECODER_ERROR_FORMAT_PADDING_1:
   case BROTLI_DECODER_ERROR_FORMAT_PADDING_2:
-#ifdef BROTLI_DECODER_ERROR_COMPOUND_DICTIONARY
+#ifdef BROTLI_DECODER_ERROR_COMPOUND_DICTIONARY  /* brotli v1.1.0+ */
   case BROTLI_DECODER_ERROR_COMPOUND_DICTIONARY:
 #endif
-#ifdef BROTLI_DECODER_ERROR_DICTIONARY_NOT_SET
   case BROTLI_DECODER_ERROR_DICTIONARY_NOT_SET:
-#endif
   case BROTLI_DECODER_ERROR_INVALID_ARGUMENTS:
     return CURLE_BAD_CONTENT_ENCODING;
   case BROTLI_DECODER_ERROR_ALLOC_CONTEXT_MODES:

From be4462a415a96c203be5be9c59d956b24d43f5c2 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 24 Nov 2025 18:45:53 +0100
Subject: [PATCH 0977/2408] INTERNALS.md: add brotli and zstd version info

And alpha-sort the dependency list

Closes #19672
---
 docs/INTERNALS.md | 20 +++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

diff --git a/docs/INTERNALS.md b/docs/INTERNALS.md
index e9bb82a33d..acc4506e67 100644
--- a/docs/INTERNALS.md
+++ b/docs/INTERNALS.md
@@ -24,19 +24,21 @@ versions of libs and build tools.
 
  We aim to support these or later versions.
 
- - OpenSSL      3.0.0 (2021-09-07)
- - LibreSSL     2.9.1 (2019-04-22)
- - GnuTLS       3.6.5 (2018-12-01)
- - mbedTLS      3.2.0 (2022-07-11)
- - zlib         1.2.5.2 (2011-12-11)
- - libssh2      1.9.0 (2019-06-20)
+ - brotli       1.0.0 (2017-09-21)
  - c-ares       1.6.0 (2008-12-09)
- - libssh       0.9.0 (2019-06-28)
+ - GnuTLS       3.6.5 (2018-12-01)
  - libidn2      2.0.0 (2017-03-29)
- - wolfSSL      3.4.6 (2017-09-22)
- - OpenLDAP     2.0 (2000-08-01)
+ - LibreSSL     2.9.1 (2019-04-22)
+ - libssh       0.9.0 (2019-06-28)
+ - libssh2      1.9.0 (2019-06-20)
+ - mbedTLS      3.2.0 (2022-07-11)
  - MIT Kerberos 1.3 (2003-07-31)
  - nghttp2      1.15.0 (2016-09-25)
+ - OpenLDAP     2.0 (2000-08-01)
+ - OpenSSL      3.0.0 (2021-09-07)
+ - wolfSSL      3.4.6 (2017-09-22)
+ - zlib         1.2.5.2 (2011-12-11)
+ - zstd         1.0 (2016-08-31)
 
 ## Build tools
 

From bfde7811213d482789683094510f0680ee0291e4 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 24 Nov 2025 23:32:59 +0100
Subject: [PATCH 0978/2408] RELEASE-NOTES: synced

---
 RELEASE-NOTES | 56 +++++++++++++++++++++++++++++++++++++++++++++------
 1 file changed, 50 insertions(+), 6 deletions(-)

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 3af5605c8d..217f8c7504 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -4,22 +4,27 @@ curl and libcurl 8.18.0
  Command line options:         273
  curl_easy_setopt() options:   308
  Public functions in libcurl:  100
- Contributors:                 3546
+ Contributors:                 3549
 
 This release includes the following changes:
 
  o build: drop support for VS2008 (Windows) [62]
  o build: drop Windows CE / CeGCC support [69]
+ o gnutls: drop support for GnuTLS < 3.6.5 [167]
+ o gnutls: implement CURLOPT_CAINFO_BLOB [168]
  o openssl: bump minimum OpenSSL version to 3.0.0 [60]
 
 This release includes the following bugfixes:
 
  o _PROGRESS.md: add the E unit, mention kibibyte [24]
  o AmigaOS: increase minimum stack size for tool_main [137]
+ o apple-sectrust: always ask when `native_ca_store` is in use [162]
+ o asyn-ares: remove hostname free on OOM [122]
  o asyn-thrdd: release rrname if ares_init_options fails [41]
  o autotools: drop autoconf <2.59 compatibility code (zz60-xc-ovr) [70]
  o badwords: fix issues found in scripts and other files [142]
  o badwords: fix issues found in tests [156]
+ o build: add build-level `CURL_DISABLE_TYPECHECK` options [163]
  o build: exclude clang prereleases from compiler warning options [154]
  o build: tidy-up MSVC CRT warning suppression macros [140]
  o ccsidcurl: make curl_mime_data_ccsid() use the converted size [74]
@@ -39,6 +44,7 @@ This release includes the following bugfixes:
  o cookie: return error on OOM [131]
  o cshutdn: acknowledge FD_SETSIZE for shutdown descriptors [25]
  o curl: fix progress meter in parallel mode [15]
+ o curl_fopen: do not pass invalid mode flags to `open()` on Windows [84]
  o curl_sasl: make Curl_sasl_decode_mech compare case insensitively [160]
  o curl_setup.h: document more funcs flagged by `_CRT_SECURE_NO_WARNINGS` [124]
  o curl_setup.h: drop stray `#undef stat` (Windows) [103]
@@ -47,6 +53,8 @@ This release includes the following bugfixes:
  o CURLINFO_TLS_SSL_PTR.md: remove CURLINFO_TLS_SESSION text [49]
  o CURLOPT_READFUNCTION.md: clarify the size of the buffer [47]
  o CURLOPT_SSH_KEYFUNCTION.md: fix minor indent mistake in example
+ o curlx/strerr: use `strerror_s()` on Windows [75]
+ o curlx: replace `mbstowcs`/`wcstombs` with `_s` counterparts (Windows) [143]
  o digest_sspi: fix a memory leak on error path [149]
  o digest_sspi: properly free sspi identity [12]
  o DISTROS.md: add OpenBSD [126]
@@ -56,6 +64,7 @@ This release includes the following bugfixes:
  o examples/multithread: fix race condition [101]
  o examples: make functions/data static where missing [139]
  o examples: tidy-up headers and includes [138]
+ o file: do not pass invalid mode flags to `open()` on upload (Windows) [83]
  o ftp: refactor a piece of code by merging the repeated part [40]
  o ftp: remove #ifdef for define that is always defined [76]
  o getinfo: improve perf in debug mode [99]
@@ -76,6 +85,7 @@ This release includes the following bugfixes:
  o lib: error for OOM when extracting URL query [127]
  o lib: fix gssapi.h include on IBMi [55]
  o lib: refactor the type of funcs which have useless return and checks [1]
+ o lib: replace `_tcsncpy`/`wcsncpy`/`wcscpy` with `_s` counterparts (Windows) [164]
  o libssh2: add paths to error messages for quote commands [114]
  o libssh2: cleanup ssh_force_knownhost_key_type [64]
  o libssh2: replace atoi() in ssh_force_knownhost_key_type [63]
@@ -87,10 +97,12 @@ This release includes the following bugfixes:
  o mk-ca-bundle.pl: default to SHA256 fingerprints with `-t` option [73]
  o mk-ca-bundle.pl: use `open()` with argument list to replace backticks [71]
  o mqtt: reject overly big messages [39]
+ o multi: make max_total_* members size_t [158]
  o noproxy: replace atoi with curlx_str_number [67]
  o openssl: exit properly on OOM when getting certchain [133]
  o openssl: fix a potential memory leak of bio_out [150]
  o openssl: fix a potential memory leak of params.cert [151]
+ o openssl: no verify failf message unless strict [166]
  o openssl: release ssl_session if sess_reuse_cb fails [43]
  o openssl: remove code handling default version [28]
  o OS400/ccsidcurl: fix curl_easy_setopt_ccsid for non-converted blobs [94]
@@ -114,7 +126,9 @@ This release includes the following bugfixes:
  o setopt: disable CURLOPT_HAPROXY_CLIENT_IP on NULL [30]
  o setopt: when setting bad protocols, don't store them [9]
  o sftp: fix range downloads in both SSH backends [82]
+ o smb: fix a size check to be overflow safe [161]
  o socks_sspi: use free() not FreeContextBuffer() [93]
+ o speedcheck: do not trigger low speed cancel on transfers with CURL_READFUNC_PAUSE [113]
  o telnet: replace atoi for BINARY handling with curlx_str_number [66]
  o TEST-SUITE.md: correct the man page's path [136]
  o test07_22: fix flakiness [95]
@@ -125,21 +139,27 @@ This release includes the following bugfixes:
  o tests/server: do not fall back to original data file in `test2fopen()` [32]
  o tests/server: replace `atoi()` and `atol()` with `curlx_str_number()` [110]
  o tftp: release filename if conn_get_remote_addr fails [42]
+ o tftpd: fix/tidy up `open()` mode flags [57]
  o tidy-up: move `CURL_UNCONST()` out from macro `curl_unicodefree()` [121]
  o tool: consider (some) curl_easy_setopt errors fatal [7]
  o tool_cfgable: free ssl-sessions at exit [123]
  o tool_getparam: verify that a file exists for some options [134]
  o tool_help: add checks to avoid unsigned wrap around [14]
  o tool_ipfs: check return codes better [20]
+ o tool_msgs: make voutf() use stack instead of heap [125]
  o tool_operate: exit on curl_share_setopt errors [108]
+ o tool_operate: fix a case of ignoring return code in operate() [128]
+ o tool_operate: fix case of ignoring return code in single_transfer [129]
  o tool_operate: remove redundant condition [19]
  o tool_operate: use curlx_str_number instead of atoi [68]
  o tool_paramhlp: refuse --proto remove all protocols [10]
  o tool_urlglob: clean up used memory on errors better [44]
+ o tool_writeout: bail out proper on OOM [104]
  o url: if OOM in parse_proxy() return error [132]
  o urlapi: fix mem-leaks in curl_url_get error paths [22]
  o verify-release: update to avoid shellcheck warning SC2034 [88]
  o vquic-tls/gnutls: call Curl_gtls_verifyserver unconditionally [96]
+ o vquic: do not pass invalid mode flags to `open()` (Windows) [58]
  o vtls: fix CURLOPT_CAPATH use [51]
  o vtls: handle possible malicious certs_num from peer [53]
  o vtls: pinned key check [98]
@@ -147,6 +167,7 @@ This release includes the following bugfixes:
  o wolfSSL: able to differentiate between IP and DNS in alt names [13]
  o wolfssl: avoid NULL dereference in OOM situation [77]
  o wolfssl: fix a potential memory leak of session [6]
+ o wolfssl: fix cipher list, skip 5.8.4 regression [117]
  o wolfssl: simplify wssl_send_earlydata [111]
 
 This release includes the following known bugs:
@@ -160,6 +181,7 @@ For all changes ever done in curl:
 Planned upcoming removals include:
 
  o OpenSSL-QUIC
+ o RTMP support
  o Support for c-ares versions before 1.16.0
  o Support for Windows XP/2003
 
@@ -168,14 +190,15 @@ Planned upcoming removals include:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 
-  Aleksandr Sergeev, Andrew Kirillov, boingball, Brad King, Christian Schmitz,
-  Dan Fandrich, Daniel McCarney, Daniel Stenberg, Fd929c2CE5fA on github,
-  Gisle Vanem, Jiyong Yang, Juliusz Sosinowicz, Leonardo Taccari,
-  letshack9707 on hackerone, Marcel Raad, nait-furry, Nick Korepanov,
+  Aleksandr Sergeev, Andrew Kirillov, boingball, Brad King, bttrfl on github,
+  Christian Schmitz, Dan Fandrich, Daniel McCarney, Daniel Stenberg,
+  Fd929c2CE5fA on github, ffath-vo on github, Gisle Vanem, Jiyong Yang,
+  Juliusz Sosinowicz, Leonardo Taccari, letshack9707 on hackerone,
+  Marc Aldorasi, Marcel Raad, nait-furry, ncaklovic on github, Nick Korepanov,
   Omdahake on github, Patrick Monnerat, pelioro on hackerone, Ray Satiro,
   renovate[bot], Samuel Henrique, Stanislav Fort, Stefan Eissing,
   Thomas Klausner, Viktor Szakats, Wesley Moore, Xiaoke Wang
-  (29 contributors)
+  (33 contributors)
 
 References to bug reports and discussions on issues:
 
@@ -233,6 +256,8 @@ References to bug reports and discussions on issues:
  [54] = https://curl.se/bug/?i=19399
  [55] = https://curl.se/bug/?i=19336
  [56] = https://curl.se/bug/?i=19396
+ [57] = https://curl.se/bug/?i=19671
+ [58] = https://curl.se/bug/?i=19670
  [59] = https://curl.se/bug/?i=19630
  [60] = https://curl.se/bug/?i=18330
  [61] = https://curl.se/bug/?i=19484
@@ -248,6 +273,7 @@ References to bug reports and discussions on issues:
  [71] = https://curl.se/bug/?i=19461
  [73] = https://curl.se/bug/?i=19359
  [74] = https://curl.se/bug/?i=19465
+ [75] = https://curl.se/bug/?i=19646
  [76] = https://curl.se/bug/?i=19463
  [77] = https://curl.se/bug/?i=19459
  [78] = https://curl.se/bug/?i=19431
@@ -255,6 +281,8 @@ References to bug reports and discussions on issues:
  [80] = https://curl.se/bug/?i=19452
  [81] = https://curl.se/bug/?i=19425
  [82] = https://curl.se/bug/?i=19460
+ [83] = https://curl.se/bug/?i=19647
+ [84] = https://curl.se/bug/?i=19645
  [86] = https://curl.se/bug/?i=19451
  [87] = https://curl.se/bug/?i=19450
  [88] = https://curl.se/bug/?i=19449
@@ -273,6 +301,7 @@ References to bug reports and discussions on issues:
  [101] = https://curl.se/bug/?i=19524
  [102] = https://curl.se/bug/?i=19518
  [103] = https://curl.se/bug/?i=19519
+ [104] = https://curl.se/bug/?i=19667
  [105] = https://curl.se/bug/?i=19517
  [106] = https://curl.se/bug/?i=19144
  [107] = https://curl.se/bug/?i=19512
@@ -280,15 +309,21 @@ References to bug reports and discussions on issues:
  [110] = https://curl.se/bug/?i=19510
  [111] = https://curl.se/bug/?i=19509
  [112] = https://curl.se/bug/?i=19495
+ [113] = https://curl.se/bug/?i=19653
  [114] = https://curl.se/bug/?i=19605
+ [117] = https://curl.se/bug/?i=19644
  [118] = https://curl.se/bug/?i=19493
  [119] = https://curl.se/bug/?i=19483
  [120] = https://curl.se/bug/?i=19506
  [121] = https://curl.se/bug/?i=19606
+ [122] = https://curl.se/bug/?i=19658
  [123] = https://curl.se/bug/?i=19602
  [124] = https://curl.se/bug/?i=19597
+ [125] = https://curl.se/bug/?i=19651
  [126] = https://curl.se/bug/?i=19596
  [127] = https://curl.se/bug/?i=19594
+ [128] = https://curl.se/bug/?i=19650
+ [129] = https://curl.se/bug/?i=19649
  [130] = https://curl.se/bug/?i=19593
  [131] = https://curl.se/bug/?i=19591
  [132] = https://curl.se/bug/?i=19590
@@ -300,6 +335,7 @@ References to bug reports and discussions on issues:
  [139] = https://curl.se/bug/?i=19579
  [140] = https://curl.se/bug/?i=19175
  [142] = https://curl.se/bug/?i=19572
+ [143] = https://curl.se/bug/?i=19581
  [144] = https://curl.se/bug/?i=19571
  [146] = https://curl.se/bug/?i=19543
  [147] = https://curl.se/bug/?i=19568
@@ -312,5 +348,13 @@ References to bug reports and discussions on issues:
  [154] = https://curl.se/bug/?i=19566
  [156] = https://curl.se/bug/?i=19541
  [157] = https://curl.se/bug/?i=19520
+ [158] = https://curl.se/bug/?i=19618
  [159] = https://curl.se/bug/?i=19540
  [160] = https://curl.se/bug/?i=19535
+ [161] = https://curl.se/bug/?i=19640
+ [162] = https://curl.se/bug/?i=19636
+ [163] = https://curl.se/bug/?i=19637
+ [164] = https://curl.se/bug/?i=19589
+ [166] = https://curl.se/bug/?i=19615
+ [167] = https://curl.se/bug/?i=19609
+ [168] = https://curl.se/bug/?i=19612

From 24b36fdd1585ea22e5e1f00791f1c20423433cde Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Tue, 11 Nov 2025 14:26:48 +0100
Subject: [PATCH 0979/2408] ratelimit: redesign

Description of how this works in `docs/internal/RATELIMITS.ms`.

Notable implementation changes:
- KEEP_SEND_PAUSE/KEEP_SEND_HOLD and KEEP_RECV_PAUSE/KEEP_RECV_HOLD
  no longer exist. Pausing is down via blocked the new rlimits.
- KEEP_SEND_TIMED no longer exists. Pausing "100-continue" transfers
  is done in the new `Curl_http_perform_pollset()` method.
- HTTP/2 rate limiting implemented via window updates. When
  transfer initiaiting connection has a ratelimit, adjust the
  initial window size
- HTTP/3 ngtcp2 rate limitin implemnented via ack updates
- HTTP/3 quiche does not seem to support this via its API
- the default progress-meter has been improved for accuracy
  in "current speed" results.

pytest speed tests have been improved.

Closes #19384
---
 docs/Makefile.am               |   1 +
 docs/internals/RATELIMITS.md   | 100 +++++++++++
 lib/Makefile.inc               |   4 +-
 lib/cf-h1-proxy.c              |  13 +-
 lib/file.c                     |  19 +-
 lib/ftp.c                      |   9 +-
 lib/http.c                     |  36 ++--
 lib/http.h                     |   6 +-
 lib/http2.c                    | 113 ++++++++----
 lib/imap.c                     |   5 +-
 lib/ldap.c                     |   2 +-
 lib/multi.c                    | 276 +++++++++++++++--------------
 lib/multi_ev.c                 |   2 +-
 lib/multiif.h                  |   3 +-
 lib/pingpong.c                 |   7 +-
 lib/pop3.c                     |   5 +-
 lib/progress.c                 | 315 +++++++++++++++++----------------
 lib/progress.h                 |  26 ++-
 lib/ratelimit.c                | 200 +++++++++++++++++++++
 lib/ratelimit.h                |  92 ++++++++++
 lib/request.c                  |  13 +-
 lib/request.h                  |   1 +
 lib/rtsp.c                     |   5 +-
 lib/select.c                   |  15 +-
 lib/select.h                   |  14 +-
 lib/sendf.c                    |  23 +++
 lib/setopt.c                   |   2 +
 lib/smtp.c                     |   5 +-
 lib/speedcheck.c               |  80 ---------
 lib/speedcheck.h               |  35 ----
 lib/telnet.c                   |   7 +-
 lib/tftp.c                     |  11 +-
 lib/transfer.c                 |  87 ++++-----
 lib/transfer.h                 |   3 -
 lib/url.c                      |   6 +-
 lib/urldata.h                  |  41 +----
 lib/vquic/curl_ngtcp2.c        |  53 ++++--
 lib/vssh/libssh.c              |  12 +-
 lib/vssh/libssh2.c             |  11 +-
 lib/vtls/schannel.c            |   5 +-
 lib/ws.c                       |   8 +-
 tests/data/Makefile.am         |   2 +-
 tests/data/test3216            |  19 ++
 tests/http/test_02_download.py |  14 +-
 tests/http/test_07_upload.py   |   4 +-
 tests/unit/Makefile.inc        |   2 +-
 tests/unit/unit1606.c          |   6 +-
 tests/unit/unit3216.c          | 103 +++++++++++
 48 files changed, 1146 insertions(+), 675 deletions(-)
 create mode 100644 docs/internals/RATELIMITS.md
 create mode 100644 lib/ratelimit.c
 create mode 100644 lib/ratelimit.h
 delete mode 100644 lib/speedcheck.c
 delete mode 100644 lib/speedcheck.h
 create mode 100644 tests/data/test3216
 create mode 100644 tests/unit/unit3216.c

diff --git a/docs/Makefile.am b/docs/Makefile.am
index 5349c63cc2..da5812a0eb 100644
--- a/docs/Makefile.am
+++ b/docs/Makefile.am
@@ -63,6 +63,7 @@ INTERNALDOCS =                                  \
  internals/MULTI-EV.md                          \
  internals/NEW-PROTOCOL.md                      \
  internals/PORTING.md                           \
+ internals/RATELIMITS.md                        \
  internals/README.md                            \
  internals/SCORECARD.md                         \
  internals/SPLAY.md                             \
diff --git a/docs/internals/RATELIMITS.md b/docs/internals/RATELIMITS.md
new file mode 100644
index 0000000000..af72211b78
--- /dev/null
+++ b/docs/internals/RATELIMITS.md
@@ -0,0 +1,100 @@
+
+
+# Rate Limiting Transfers
+
+Rate limiting a transfer means that no more than "n bytes per second"
+shall be sent or received. It can be set individually for both directions
+via `CURLOPT_MAX_RECV_SPEED_LARGE` and `CURLOPT_MAX_SEND_SPEED_LARGE`. These
+options may be adjusted for an ongoing transfer.
+
+### Implementation Base
+
+`ratelimit.[ch]` implements `struct Curl_rlimit` and functions to manage
+such limits. It has the following properties:
+
+* `rate_per_sec`: how many "tokens" can be used per second, 0 for infinite.
+* `tokens`: the currently available tokens to consume
+* `burst_per_sec`: an upper limit on tokens available
+* `ts`: the microsecond timestamp of the last tokens update
+* `spare_us`: elapsed microseconds that have not counted yet for a token update
+* `blocked`: if the limit is blocked
+
+Tokens can be *drained* from an `rlimit`. This reduces `tokens`, even to
+negative values. To enforce the limits, tokens should not be drained
+further when they reach 0, but such things may happen.
+
+An `rlimit`can be asked how long to wait until `tokens` are positive again.
+This is given in milliseconds. When token are available, this wait
+time is 0.
+
+Ideally a user of `rlimit` would consume the available tokens to 0, then
+get a wait times of 1000ms, after which the set rate of tokens has
+regenerated. Rinse and repeat.
+
+Should a user drain twice the amount of the rate, tokens are negative
+and the wait time is 2 seconds. The `spare_us` account for the
+time that has passed for the consumption. When a user takes 250ms to
+consume the rate, the wait time is then 750ms.
+
+When a user drains nothing for two seconds, the available tokens would
+grow to twice the rate, unless a burst rate is set.
+
+Finally, an `rlimit` may be set to `blocked` and later unblocked again.
+A blocked `rlimit` has no tokens available. This works also when the rate
+is unlimited (`rate_per_sec` set to 0).
+
+### Downloads
+
+`rlimit` is in `data->progress.dl.rlimit`. `setopt.c` initializes it whenever
+the application sets `CURLOPT_MAX_RECV_SPEED_LARGE`. This may be done
+in the middle of a transfer.
+
+`rlimit` tokens are drained in the "protocol" client writer. Checks for
+capacity depend on the protocol:
+
+* HTTP and other plain protocols: `transfer.c:sendrecv_dl()` reads only
+up to capacity.
+* HTTP/2: capacity is used to adjust a stream's window size. Since all
+streams start with `64kb`, `rlimit` takes a few seconds to take effect.
+* HTTP/3: ngtcp2 acknowledges stream data according to capacity. It
+keeps track of bytes not acknowledged yet. This has the same effect as HTTP/2
+window sizes.
+
+(The quiche API does not offer control of `ACK`s and `rlimits` for download
+do not work in that backend.)
+
+### Uploads
+
+`rlimit` is in `data->progress.ul.rlimit`. `setopt.c` initializes it whenever
+the application sets `CURLOPT_MAX_SEND_SPEED_LARGE`. This may be done
+in the middle of a transfer.
+
+The upload capacity is checked in `Curl_client_read()` and readers are
+only asked to read bytes up to the `rlimit` capacity. This limits upload
+of data for all protocols in the same way.
+
+### Pause/Unpause
+
+Pausing of up-/downloads sets the corresponding `rlimit` to blocked. Unpausing
+removes that block.
+
+### Suspending transfers
+
+While obeying the `rlimit` for up-/download leads to the desired transfer
+rates, the other issue that needs care is CPU consumption.
+
+`rlimits` are inspected when computing the "pollset" of a transfer. When
+a transfer wants to send, but not send tokens are available, the `POLLOUT`
+is removed from the pollset. Same for receiving.
+
+For a transfer that is, due to `rlimit`, not able to progress, the pollset
+is then empty. No socket events are monitored, no CPU activity
+happens. For paused transfers, this is sufficient.
+
+Draining `rlimit` happens when a transfer is in `PERFORM` state and
+exhausted limits cause the timer `TOOFAST` to be set. When the fires,
+the transfer runs again and `rlimit`s are re-evaluated.
diff --git a/lib/Makefile.inc b/lib/Makefile.inc
index 4bdf293f89..9c9d5c9186 100644
--- a/lib/Makefile.inc
+++ b/lib/Makefile.inc
@@ -234,6 +234,7 @@ LIB_CFILES =         \
   progress.c         \
   psl.c              \
   rand.c             \
+  ratelimit.c        \
   rename.c           \
   request.c          \
   rtsp.c             \
@@ -249,7 +250,6 @@ LIB_CFILES =         \
   socks.c            \
   socks_gssapi.c     \
   socks_sspi.c       \
-  speedcheck.c       \
   splay.c            \
   strcase.c          \
   strdup.c           \
@@ -366,6 +366,7 @@ LIB_HFILES =         \
   progress.h         \
   psl.h              \
   rand.h             \
+  ratelimit.h        \
   rename.h           \
   request.h          \
   rtsp.h             \
@@ -383,7 +384,6 @@ LIB_HFILES =         \
   sockaddr.h         \
   socketpair.h       \
   socks.h            \
-  speedcheck.h       \
   splay.h            \
   strcase.h          \
   strdup.h           \
diff --git a/lib/cf-h1-proxy.c b/lib/cf-h1-proxy.c
index 91d690e31a..985500f23e 100644
--- a/lib/cf-h1-proxy.c
+++ b/lib/cf-h1-proxy.c
@@ -384,8 +384,8 @@ static CURLcode recv_CONNECT_resp(struct Curl_cfilter *cf,
       /* socket buffer drained, return */
       return CURLE_OK;
 
-    if(Curl_pgrsUpdate(data))
-      return CURLE_ABORTED_BY_CALLBACK;
+    if(!result)
+      result = Curl_pgrsUpdate(data);
 
     if(result) {
       ts->keepon = KEEPON_DONE;
@@ -565,10 +565,8 @@ static CURLcode H1_CONNECT(struct Curl_cfilter *cf,
       /* read what is there */
       CURL_TRC_CF(data, cf, "CONNECT receive");
       result = recv_CONNECT_resp(cf, data, ts, &done);
-      if(Curl_pgrsUpdate(data)) {
-        result = CURLE_ABORTED_BY_CALLBACK;
-        goto out;
-      }
+      if(!result)
+        result = Curl_pgrsUpdate(data);
       /* error or not complete yet. return for more multi-multi */
       if(result || !done)
         goto out;
@@ -671,8 +669,7 @@ out:
     /* The real request will follow the CONNECT, reset request partially */
     Curl_req_soft_reset(&data->req, data);
     Curl_client_reset(data);
-    Curl_pgrsSetUploadCounter(data, 0);
-    Curl_pgrsSetDownloadCounter(data, 0);
+    Curl_pgrsReset(data);
 
     tunnel_free(cf, data);
   }
diff --git a/lib/file.c b/lib/file.c
index 6937069074..3de92408c4 100644
--- a/lib/file.c
+++ b/lib/file.c
@@ -60,7 +60,6 @@
 #include "sendf.h"
 #include "escape.h"
 #include "file.h"
-#include "speedcheck.h"
 #include "multiif.h"
 #include "transfer.h"
 #include "url.h"
@@ -415,13 +414,10 @@ static CURLcode file_upload(struct Curl_easy *data,
 
     Curl_pgrsSetUploadCounter(data, bytecount);
 
-    if(Curl_pgrsUpdate(data))
-      result = CURLE_ABORTED_BY_CALLBACK;
-    else
-      result = Curl_speedcheck(data, curlx_now());
+    result = Curl_pgrsCheck(data);
   }
-  if(!result && Curl_pgrsUpdate(data))
-    result = CURLE_ABORTED_BY_CALLBACK;
+  if(!result)
+    result = Curl_pgrsUpdate(data);
 
 out:
   close(fd);
@@ -620,10 +616,7 @@ static CURLcode file_do(struct Curl_easy *data, bool *done)
       if(result)
         goto out;
 
-      if(Curl_pgrsUpdate(data))
-        result = CURLE_ABORTED_BY_CALLBACK;
-      else
-        result = Curl_speedcheck(data, curlx_now());
+      result = Curl_pgrsCheck(data);
       if(result)
         goto out;
     }
@@ -657,8 +650,8 @@ static CURLcode file_do(struct Curl_easy *data, bool *done)
 #endif
   }
 
-  if(Curl_pgrsUpdate(data))
-    result = CURLE_ABORTED_BY_CALLBACK;
+  if(!result)
+    result = Curl_pgrsUpdate(data);
 
 out:
   Curl_multi_xfer_buf_release(data, xfer_buf);
diff --git a/lib/ftp.c b/lib/ftp.c
index ac4fdc25c9..c289581fd5 100644
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -65,7 +65,6 @@
 #include "sockaddr.h" /* required for Curl_sockaddr_storage */
 #include "multiif.h"
 #include "url.h"
-#include "speedcheck.h"
 #include "curlx/warnless.h"
 #include "http_proxy.h"
 #include "socks.h"
@@ -675,8 +674,7 @@ static CURLcode getftpresponse(struct Curl_easy *data,
         return CURLE_RECV_ERROR;
       }
       else if(ev == 0) {
-        if(Curl_pgrsUpdate(data))
-          return CURLE_ABORTED_BY_CALLBACK;
+        result = Curl_pgrsUpdate(data);
         continue; /* just continue in our loop for the timeout duration */
       }
     }
@@ -4344,10 +4342,7 @@ CURLcode ftp_regular_transfer(struct Curl_easy *data,
   bool connected = FALSE;
   data->req.size = -1; /* make sure this is unknown at this point */
 
-  Curl_pgrsSetUploadCounter(data, 0);
-  Curl_pgrsSetDownloadCounter(data, 0);
-  Curl_pgrsSetUploadSize(data, -1);
-  Curl_pgrsSetDownloadSize(data, -1);
+  Curl_pgrsReset(data);
 
   ftpc->ctl_valid = TRUE; /* starts good */
 
diff --git a/lib/http.c b/lib/http.c
index 095a9127a4..a1e449d354 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -129,9 +129,9 @@ const struct Curl_handler Curl_handler_http = {
   ZERO_NULL,                            /* connecting */
   ZERO_NULL,                            /* doing */
   ZERO_NULL,                            /* proto_pollset */
-  Curl_http_do_pollset,                 /* doing_pollset */
+  Curl_http_doing_pollset,              /* doing_pollset */
   ZERO_NULL,                            /* domore_pollset */
-  ZERO_NULL,                            /* perform_pollset */
+  Curl_http_perform_pollset,            /* perform_pollset */
   ZERO_NULL,                            /* disconnect */
   Curl_http_write_resp,                 /* write_resp */
   Curl_http_write_resp_hd,              /* write_resp_hd */
@@ -159,9 +159,9 @@ const struct Curl_handler Curl_handler_https = {
   NULL,                                 /* connecting */
   ZERO_NULL,                            /* doing */
   NULL,                                 /* proto_pollset */
-  Curl_http_do_pollset,                 /* doing_pollset */
+  Curl_http_doing_pollset,              /* doing_pollset */
   ZERO_NULL,                            /* domore_pollset */
-  ZERO_NULL,                            /* perform_pollset */
+  Curl_http_perform_pollset,            /* perform_pollset */
   ZERO_NULL,                            /* disconnect */
   Curl_http_write_resp,                 /* write_resp */
   Curl_http_write_resp_hd,              /* write_resp_hd */
@@ -1560,13 +1560,30 @@ CURLcode Curl_http_connect(struct Curl_easy *data, bool *done)
 /* this returns the socket to wait for in the DO and DOING state for the multi
    interface and then we are always _sending_ a request and thus we wait for
    the single socket to become writable only */
-CURLcode Curl_http_do_pollset(struct Curl_easy *data,
-                              struct easy_pollset *ps)
+CURLcode Curl_http_doing_pollset(struct Curl_easy *data,
+                                 struct easy_pollset *ps)
 {
   /* write mode */
   return Curl_pollset_add_out(data, ps, data->conn->sock[FIRSTSOCKET]);
 }
 
+CURLcode Curl_http_perform_pollset(struct Curl_easy *data,
+                                   struct easy_pollset *ps)
+{
+  struct connectdata *conn = data->conn;
+  CURLcode result = CURLE_OK;
+
+  if(CURL_WANT_RECV(data)) {
+    result = Curl_pollset_add_in(data, ps, conn->sock[FIRSTSOCKET]);
+  }
+
+  /* on a "Expect: 100-continue" timed wait, do not poll for outgoing */
+  if(!result && Curl_req_want_send(data) && !http_exp100_is_waiting(data)) {
+    result = Curl_pollset_add_out(data, ps, conn->sock[FIRSTSOCKET]);
+  }
+  return result;
+}
+
 /*
  * Curl_http_done() gets called after a single HTTP request has been
  * performed.
@@ -4872,8 +4889,6 @@ static void http_exp100_continue(struct Curl_easy *data,
   struct cr_exp100_ctx *ctx = reader->ctx;
   if(ctx->state > EXP100_SEND_DATA) {
     ctx->state = EXP100_SEND_DATA;
-    data->req.keepon |= KEEP_SEND;
-    data->req.keepon &= ~KEEP_SEND_TIMED;
     Curl_expire_done(data, EXPIRE_100_TIMEOUT);
   }
 }
@@ -4903,8 +4918,6 @@ static CURLcode cr_exp100_read(struct Curl_easy *data,
     ctx->state = EXP100_AWAITING_CONTINUE;
     ctx->start = curlx_now();
     Curl_expire(data, data->set.expect_100_timeout, EXPIRE_100_TIMEOUT);
-    data->req.keepon &= ~KEEP_SEND;
-    data->req.keepon |= KEEP_SEND_TIMED;
     *nread = 0;
     *eos = FALSE;
     return CURLE_OK;
@@ -4917,8 +4930,6 @@ static CURLcode cr_exp100_read(struct Curl_easy *data,
     ms = curlx_timediff_ms(curlx_now(), ctx->start);
     if(ms < data->set.expect_100_timeout) {
       DEBUGF(infof(data, "cr_exp100_read, AWAITING_CONTINUE, not expired"));
-      data->req.keepon &= ~KEEP_SEND;
-      data->req.keepon |= KEEP_SEND_TIMED;
       *nread = 0;
       *eos = FALSE;
       return CURLE_OK;
@@ -4938,7 +4949,6 @@ static void cr_exp100_done(struct Curl_easy *data,
 {
   struct cr_exp100_ctx *ctx = reader->ctx;
   ctx->state = premature ? EXP100_FAILED : EXP100_SEND_DATA;
-  data->req.keepon &= ~KEEP_SEND_TIMED;
   Curl_expire_done(data, EXPIRE_100_TIMEOUT);
 }
 
diff --git a/lib/http.h b/lib/http.h
index 67ef17f5b9..ef41d7bb22 100644
--- a/lib/http.h
+++ b/lib/http.h
@@ -115,8 +115,10 @@ CURLcode Curl_http_setup_conn(struct Curl_easy *data,
 CURLcode Curl_http(struct Curl_easy *data, bool *done);
 CURLcode Curl_http_done(struct Curl_easy *data, CURLcode, bool premature);
 CURLcode Curl_http_connect(struct Curl_easy *data, bool *done);
-CURLcode Curl_http_do_pollset(struct Curl_easy *data,
-                              struct easy_pollset *ps);
+CURLcode Curl_http_doing_pollset(struct Curl_easy *data,
+                                 struct easy_pollset *ps);
+CURLcode Curl_http_perform_pollset(struct Curl_easy *data,
+                                   struct easy_pollset *ps);
 CURLcode Curl_http_write_resp(struct Curl_easy *data,
                               const char *buf, size_t blen,
                               bool is_eos);
diff --git a/lib/http2.c b/lib/http2.c
index a1caa2020f..5d1a502810 100644
--- a/lib/http2.c
+++ b/lib/http2.c
@@ -98,33 +98,6 @@
 #define H2_SETTINGS_IV_LEN  3
 #define H2_BINSETTINGS_LEN 80
 
-static size_t populate_settings(nghttp2_settings_entry *iv,
-                                struct Curl_easy *data)
-{
-  iv[0].settings_id = NGHTTP2_SETTINGS_MAX_CONCURRENT_STREAMS;
-  iv[0].value = Curl_multi_max_concurrent_streams(data->multi);
-
-  iv[1].settings_id = NGHTTP2_SETTINGS_INITIAL_WINDOW_SIZE;
-  iv[1].value = H2_STREAM_WINDOW_SIZE_INITIAL;
-
-  iv[2].settings_id = NGHTTP2_SETTINGS_ENABLE_PUSH;
-  iv[2].value = data->multi->push_cb != NULL;
-
-  return 3;
-}
-
-static ssize_t populate_binsettings(uint8_t *binsettings,
-                                    struct Curl_easy *data)
-{
-  nghttp2_settings_entry iv[H2_SETTINGS_IV_LEN];
-  size_t ivlen;
-
-  ivlen = populate_settings(iv, data);
-  /* this returns number of bytes it wrote or a negative number on error. */
-  return nghttp2_pack_settings_payload(binsettings, H2_BINSETTINGS_LEN,
-                                       iv, ivlen);
-}
-
 struct cf_h2_ctx {
   nghttp2_session *h2;
   /* The easy handle used in the current filter call, cleared at return */
@@ -137,6 +110,7 @@ struct cf_h2_ctx {
 
   struct uint_hash streams; /* hash of `data->mid` to `h2_stream_ctx` */
   size_t drain_total; /* sum of all stream's UrlState drain */
+  uint32_t initial_win_size; /* current initial window size (settings) */
   uint32_t max_concurrent_streams;
   uint32_t goaway_error;        /* goaway error code from server */
   int32_t remote_max_sid;       /* max id processed by server */
@@ -204,6 +178,60 @@ static void cf_h2_ctx_close(struct cf_h2_ctx *ctx)
   }
 }
 
+static uint32_t cf_h2_initial_win_size(struct Curl_easy *data)
+{
+#if NGHTTP2_HAS_SET_LOCAL_WINDOW_SIZE
+  /* If the transfer has a rate-limit lower than the default initial
+   * stream window size, use that. It needs to be at least 8k or servers
+   * may be unhappy. */
+  if(data->progress.dl.rlimit.rate_per_step &&
+     (data->progress.dl.rlimit.rate_per_step < H2_STREAM_WINDOW_SIZE_INITIAL))
+    return CURLMAX((uint32_t)data->progress.dl.rlimit.rate_per_step, 8192);
+#endif
+  return H2_STREAM_WINDOW_SIZE_INITIAL;
+}
+
+static size_t populate_settings(nghttp2_settings_entry *iv,
+                                  struct Curl_easy *data,
+                                  struct cf_h2_ctx *ctx)
+{
+  iv[0].settings_id = NGHTTP2_SETTINGS_MAX_CONCURRENT_STREAMS;
+  iv[0].value = Curl_multi_max_concurrent_streams(data->multi);
+
+  iv[1].settings_id = NGHTTP2_SETTINGS_INITIAL_WINDOW_SIZE;
+  iv[1].value = cf_h2_initial_win_size(data);
+  if(ctx)
+    ctx->initial_win_size = iv[1].value;
+  iv[2].settings_id = NGHTTP2_SETTINGS_ENABLE_PUSH;
+  iv[2].value = data->multi->push_cb != NULL;
+
+  return 3;
+}
+
+static ssize_t populate_binsettings(uint8_t *binsettings,
+                                    struct Curl_easy *data)
+{
+  nghttp2_settings_entry iv[H2_SETTINGS_IV_LEN];
+  size_t ivlen;
+
+  ivlen = populate_settings(iv, data, NULL);
+  /* this returns number of bytes it wrote or a negative number on error. */
+  return nghttp2_pack_settings_payload(binsettings, H2_BINSETTINGS_LEN,
+                                       iv, ivlen);
+}
+
+static CURLcode cf_h2_update_settings(struct cf_h2_ctx *ctx,
+                                      uint32_t initial_win_size)
+{
+  nghttp2_settings_entry entry;
+  entry.settings_id = NGHTTP2_SETTINGS_INITIAL_WINDOW_SIZE;
+  entry.value = initial_win_size;
+  if(nghttp2_submit_settings(ctx->h2, NGHTTP2_FLAG_NONE, &entry, 1))
+    return CURLE_SEND_ERROR;
+  ctx->initial_win_size = initial_win_size;
+  return CURLE_OK;
+}
+
 static CURLcode nw_out_flush(struct Curl_cfilter *cf,
                              struct Curl_easy *data);
 
@@ -296,16 +324,18 @@ static void h2_stream_hash_free(unsigned int id, void *stream)
 static int32_t cf_h2_get_desired_local_win(struct Curl_cfilter *cf,
                                            struct Curl_easy *data)
 {
+  curl_off_t avail = Curl_rlimit_avail(&data->progress.dl.rlimit,
+                                       curlx_now());
+
   (void)cf;
-  if(data->set.max_recv_speed && data->set.max_recv_speed < INT32_MAX) {
-    /* The transfer should only receive `max_recv_speed` bytes per second.
-     * We restrict the stream's local window size, so that the server cannot
-     * send us "too much" at a time.
-     * This gets less precise the higher the latency. */
-    return (int32_t)data->set.max_recv_speed;
+  if(avail < CURL_OFF_T_MAX) { /* limit in place */
+    if(avail <= 0)
+      return 0;
+    else if(avail < INT32_MAX)
+      return (int32_t)avail;
   }
 #ifdef DEBUGBUILD
-  else {
+  {
     struct cf_h2_ctx *ctx = cf->ctx;
     CURL_TRC_CF(data, cf, "stream_win_max=%d", ctx->stream_win_max);
     return ctx->stream_win_max;
@@ -580,7 +610,7 @@ static CURLcode cf_h2_ctx_open(struct Curl_cfilter *cf,
     nghttp2_settings_entry iv[H2_SETTINGS_IV_LEN];
     size_t ivlen;
 
-    ivlen = populate_settings(iv, data);
+    ivlen = populate_settings(iv, data, ctx);
     rc = nghttp2_submit_settings(ctx->h2, NGHTTP2_FLAG_NONE,
                                  iv, ivlen);
     if(rc) {
@@ -2007,6 +2037,9 @@ static CURLcode stream_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
   (void)len;
   *pnread = 0;
 
+  if(!stream->xfer_result)
+    stream->xfer_result = cf_h2_update_local_win(cf, data, stream);
+
   if(stream->xfer_result) {
     CURL_TRC_CF(data, cf, "[%d] xfer write failed", stream->id);
     result = stream->xfer_result;
@@ -2239,6 +2272,7 @@ static CURLcode h2_submit(struct h2_stream_ctx **pstream,
   nghttp2_priority_spec pri_spec;
   size_t nwritten;
   CURLcode result = CURLE_OK;
+  uint32_t initial_win_size;
 
   *pnwritten = 0;
   Curl_dynhds_init(&h2_headers, 0, DYN_HTTP_REQUEST);
@@ -2276,6 +2310,15 @@ static CURLcode h2_submit(struct h2_stream_ctx **pstream,
   if(!nghttp2_session_check_request_allowed(ctx->h2))
     CURL_TRC_CF(data, cf, "send request NOT allowed (via nghttp2)");
 
+  /* Check the initial windows size of the transfer (rate-limits?) and
+   * send an updated settings on changes from previous value. */
+  initial_win_size = cf_h2_initial_win_size(data);
+  if(initial_win_size != ctx->initial_win_size) {
+    result = cf_h2_update_settings(ctx, initial_win_size);
+    if(result)
+      goto out;
+  }
+
   switch(data->state.httpreq) {
   case HTTPREQ_POST:
   case HTTPREQ_POST_FORM:
diff --git a/lib/imap.c b/lib/imap.c
index faa595561d..181b0d7009 100644
--- a/lib/imap.c
+++ b/lib/imap.c
@@ -1938,10 +1938,7 @@ static CURLcode imap_regular_transfer(struct Curl_easy *data,
   data->req.size = -1;
 
   /* Set the progress data */
-  Curl_pgrsSetUploadCounter(data, 0);
-  Curl_pgrsSetDownloadCounter(data, 0);
-  Curl_pgrsSetUploadSize(data, -1);
-  Curl_pgrsSetDownloadSize(data, -1);
+  Curl_pgrsReset(data);
 
   /* Carry out the perform */
   result = imap_perform(data, &connected, dophase_done);
diff --git a/lib/ldap.c b/lib/ldap.c
index f0bc2f2a37..fa1a4a4d25 100644
--- a/lib/ldap.c
+++ b/lib/ldap.c
@@ -509,7 +509,7 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done)
     goto quit;
   }
 
-  Curl_pgrsSetDownloadCounter(data, 0);
+  Curl_pgrsReset(data);
   rc = ldap_search_s(server, ludp->lud_dn,
                      (curl_ldap_num_t)ludp->lud_scope,
                      ludp->lud_filter, ludp->lud_attrs, 0, &ldapmsg);
diff --git a/lib/multi.c b/lib/multi.c
index 3fc1c948f5..5ea93348e4 100644
--- a/lib/multi.c
+++ b/lib/multi.c
@@ -43,7 +43,6 @@
 #include "select.h"
 #include "curlx/warnless.h"
 #include "curlx/wait.h"
-#include "speedcheck.h"
 #include "conncache.h"
 #include "multihandle.h"
 #include "sigpipe.h"
@@ -923,79 +922,145 @@ void Curl_attach_connection(struct Curl_easy *data,
     conn->handler->attach(data, conn);
 }
 
+/* adjust pollset for rate limits/pauses */
+static CURLcode multi_adjust_pollset(struct Curl_easy *data,
+                                     struct easy_pollset *ps)
+{
+  CURLcode result = CURLE_OK;
+
+  if(ps->n) {
+    struct curltime now = curlx_now();
+    bool send_blocked, recv_blocked;
+
+    recv_blocked = (Curl_rlimit_avail(&data->progress.dl.rlimit, now) <= 0);
+    send_blocked = (Curl_rlimit_avail(&data->progress.ul.rlimit, now) <= 0);
+    if(send_blocked || recv_blocked) {
+      int i;
+      for(i = 0; i <= SECONDARYSOCKET; ++i) {
+        curl_socket_t sock = data->conn->sock[i];
+        if(sock == CURL_SOCKET_BAD)
+          continue;
+        if(recv_blocked && Curl_pollset_want_recv(data, ps, sock)) {
+          result = Curl_pollset_remove_in(data, ps, sock);
+          if(result)
+            break;
+        }
+        if(send_blocked && Curl_pollset_want_send(data, ps, sock)) {
+          result = Curl_pollset_remove_out(data, ps, sock);
+          if(result)
+            break;
+        }
+      }
+    }
+
+    /* Not blocked and wanting to receive. If there is data pending
+     * in the connection filters, make transfer run again. */
+    if(!recv_blocked &&
+       ((Curl_pollset_want_recv(data, ps, data->conn->sock[FIRSTSOCKET]) &&
+         Curl_conn_data_pending(data, FIRSTSOCKET)) ||
+        (Curl_pollset_want_recv(data, ps, data->conn->sock[SECONDARYSOCKET]) &&
+         Curl_conn_data_pending(data, SECONDARYSOCKET)))) {
+      CURL_TRC_M(data, "pollset[] has POLLIN, but there is still "
+                 "buffered input -> mark as dirty");
+      Curl_multi_mark_dirty(data);
+    }
+  }
+  return result;
+}
+
 static CURLcode mstate_connecting_pollset(struct Curl_easy *data,
                                           struct easy_pollset *ps)
 {
-  if(data->conn) {
-    curl_socket_t sockfd = Curl_conn_get_first_socket(data);
-    if(sockfd != CURL_SOCKET_BAD) {
-      /* Default is to wait to something from the server */
-      return Curl_pollset_change(data, ps, sockfd, CURL_POLL_IN, 0);
-    }
+  struct connectdata *conn = data->conn;
+  curl_socket_t sockfd;
+  CURLcode result = CURLE_OK;
+
+  if(Curl_xfer_recv_is_paused(data))
+    return CURLE_OK;
+  /* If a socket is set, receiving is default. If the socket
+   * has not been determined yet (eyeballing), always ask the
+   * connection filters for what to monitor. */
+  sockfd = Curl_conn_get_first_socket(data);
+  if(sockfd != CURL_SOCKET_BAD) {
+    result = Curl_pollset_change(data, ps, sockfd, CURL_POLL_IN, 0);
+    if(!result)
+      result = multi_adjust_pollset(data, ps);
   }
-  return CURLE_OK;
+  if(!result)
+    result = Curl_conn_adjust_pollset(data, conn, ps);
+  return result;
 }
 
 static CURLcode mstate_protocol_pollset(struct Curl_easy *data,
                                         struct easy_pollset *ps)
 {
   struct connectdata *conn = data->conn;
-  if(conn) {
-    curl_socket_t sockfd;
-    if(conn->handler->proto_pollset)
-      return conn->handler->proto_pollset(data, ps);
-    sockfd = conn->sock[FIRSTSOCKET];
+  CURLcode result = CURLE_OK;
+
+  if(conn->handler->proto_pollset)
+    result = conn->handler->proto_pollset(data, ps);
+  else {
+    curl_socket_t sockfd = conn->sock[FIRSTSOCKET];
     if(sockfd != CURL_SOCKET_BAD) {
       /* Default is to wait to something from the server */
-      return Curl_pollset_change(data, ps, sockfd, CURL_POLL_IN, 0);
+      result = Curl_pollset_change(data, ps, sockfd, CURL_POLL_IN, 0);
     }
   }
-  return CURLE_OK;
+  if(!result)
+    result = multi_adjust_pollset(data, ps);
+  if(!result)
+    result = Curl_conn_adjust_pollset(data, conn, ps);
+  return result;
 }
 
 static CURLcode mstate_do_pollset(struct Curl_easy *data,
                                   struct easy_pollset *ps)
 {
   struct connectdata *conn = data->conn;
-  if(conn) {
-    if(conn->handler->doing_pollset)
-      return conn->handler->doing_pollset(data, ps);
-    else if(CONN_SOCK_IDX_VALID(conn->send_idx)) {
-      /* Default is that we want to send something to the server */
-      return Curl_pollset_add_out(
-        data, ps, conn->sock[conn->send_idx]);
-    }
+  CURLcode result = CURLE_OK;
+
+  if(conn->handler->doing_pollset)
+    result = conn->handler->doing_pollset(data, ps);
+  else if(CONN_SOCK_IDX_VALID(conn->send_idx)) {
+    /* Default is that we want to send something to the server */
+    result = Curl_pollset_add_out(data, ps, conn->sock[conn->send_idx]);
   }
-  return CURLE_OK;
+  if(!result)
+    result = multi_adjust_pollset(data, ps);
+  if(!result)
+    result = Curl_conn_adjust_pollset(data, conn, ps);
+  return result;
 }
 
 static CURLcode mstate_domore_pollset(struct Curl_easy *data,
                                       struct easy_pollset *ps)
 {
   struct connectdata *conn = data->conn;
-  if(conn) {
-    if(conn->handler->domore_pollset)
-      return conn->handler->domore_pollset(data, ps);
-    else if(CONN_SOCK_IDX_VALID(conn->send_idx)) {
-      /* Default is that we want to send something to the server */
-      return Curl_pollset_add_out(
-        data, ps, conn->sock[conn->send_idx]);
-    }
+  CURLcode result = CURLE_OK;
+
+  if(conn->handler->domore_pollset)
+    result = conn->handler->domore_pollset(data, ps);
+  else if(CONN_SOCK_IDX_VALID(conn->send_idx)) {
+    /* Default is that we want to send something to the server */
+    result = Curl_pollset_add_out(data, ps, conn->sock[conn->send_idx]);
   }
-  return CURLE_OK;
+  if(!result)
+    result = multi_adjust_pollset(data, ps);
+  if(!result)
+    result = Curl_conn_adjust_pollset(data, conn, ps);
+  return result;
 }
 
 static CURLcode mstate_perform_pollset(struct Curl_easy *data,
                                        struct easy_pollset *ps)
 {
   struct connectdata *conn = data->conn;
-  if(!conn)
-    return CURLE_OK;
-  else if(conn->handler->perform_pollset)
-    return conn->handler->perform_pollset(data, ps);
+  CURLcode result = CURLE_OK;
+
+  if(conn->handler->perform_pollset)
+    result = conn->handler->perform_pollset(data, ps);
   else {
     /* Default is to obey the data->req.keepon flags for send/recv */
-    CURLcode result = CURLE_OK;
     if(CURL_WANT_RECV(data) && CONN_SOCK_IDX_VALID(conn->recv_idx)) {
       result = Curl_pollset_add_in(
         data, ps, conn->sock[conn->recv_idx]);
@@ -1006,19 +1071,21 @@ static CURLcode mstate_perform_pollset(struct Curl_easy *data,
       result = Curl_pollset_add_out(
         data, ps, conn->sock[conn->send_idx]);
     }
-    return result;
   }
+  if(!result)
+    result = multi_adjust_pollset(data, ps);
+  if(!result)
+    result = Curl_conn_adjust_pollset(data, conn, ps);
+  return result;
 }
 
 /* Initializes `poll_set` with the current socket poll actions needed
  * for transfer `data`. */
 CURLMcode Curl_multi_pollset(struct Curl_easy *data,
-                             struct easy_pollset *ps,
-                             const char *caller)
+                             struct easy_pollset *ps)
 {
   CURLMcode mresult = CURLM_OK;
   CURLcode result = CURLE_OK;
-  bool expect_sockets = TRUE;
 
   /* If the transfer has no connection, this is fine. Happens when
      called via curl_multi_remove_handle() => Curl_multi_ev_assess() =>
@@ -1033,70 +1100,49 @@ CURLMcode Curl_multi_pollset(struct Curl_easy *data,
   case MSTATE_SETUP:
   case MSTATE_CONNECT:
     /* nothing to poll for yet */
-    expect_sockets = FALSE;
     break;
 
   case MSTATE_RESOLVING:
     result = Curl_resolv_pollset(data, ps);
-    /* connection filters are not involved in this phase. It is OK if we get no
-     * sockets to wait for. Resolving can wake up from other sources. */
-    expect_sockets = FALSE;
     break;
 
   case MSTATE_CONNECTING:
   case MSTATE_TUNNELING:
-    if(!Curl_xfer_recv_is_paused(data)) {
-      result = mstate_connecting_pollset(data, ps);
-      if(!result)
-        result = Curl_conn_adjust_pollset(data, data->conn, ps);
-    }
-    else
-      expect_sockets = FALSE;
+    result = mstate_connecting_pollset(data, ps);
     break;
 
   case MSTATE_PROTOCONNECT:
   case MSTATE_PROTOCONNECTING:
     result = mstate_protocol_pollset(data, ps);
-    if(!result)
-      result = Curl_conn_adjust_pollset(data, data->conn, ps);
     break;
 
   case MSTATE_DO:
   case MSTATE_DOING:
     result = mstate_do_pollset(data, ps);
-    if(!result)
-      result = Curl_conn_adjust_pollset(data, data->conn, ps);
     break;
 
   case MSTATE_DOING_MORE:
     result = mstate_domore_pollset(data, ps);
-    if(!result)
-      result = Curl_conn_adjust_pollset(data, data->conn, ps);
     break;
 
   case MSTATE_DID: /* same as PERFORMING in regard to polling */
   case MSTATE_PERFORMING:
     result = mstate_perform_pollset(data, ps);
-    if(!result)
-      result = Curl_conn_adjust_pollset(data, data->conn, ps);
     break;
 
   case MSTATE_RATELIMITING:
     /* we need to let time pass, ignore socket(s) */
-    expect_sockets = FALSE;
     break;
 
   case MSTATE_DONE:
   case MSTATE_COMPLETED:
   case MSTATE_MSGSENT:
     /* nothing more to poll for */
-    expect_sockets = FALSE;
     break;
 
   default:
     failf(data, "multi_getsock: unexpected multi state %d", data->mstate);
     DEBUGASSERT(0);
-    expect_sockets = FALSE;
     break;
   }
 
@@ -1110,39 +1156,27 @@ CURLMcode Curl_multi_pollset(struct Curl_easy *data,
     goto out;
   }
 
-  /* Unblocked and waiting to receive with buffered input.
-   * Make transfer run again at next opportunity. */
-  if(!Curl_xfer_is_blocked(data) && !Curl_xfer_is_too_fast(data) &&
-     ((Curl_pollset_want_read(data, ps, data->conn->sock[FIRSTSOCKET]) &&
-       Curl_conn_data_pending(data, FIRSTSOCKET)) ||
-      (Curl_pollset_want_read(data, ps, data->conn->sock[SECONDARYSOCKET]) &&
-       Curl_conn_data_pending(data, SECONDARYSOCKET)))) {
-    CURL_TRC_M(data, "%s pollset[] has POLLIN, but there is still "
-               "buffered input to consume -> mark as dirty", caller);
-    Curl_multi_mark_dirty(data);
-  }
-
 #ifndef CURL_DISABLE_VERBOSE_STRINGS
   if(CURL_TRC_M_is_verbose(data)) {
     size_t timeout_count = Curl_llist_count(&data->state.timeoutlist);
     switch(ps->n) {
       case 0:
-        CURL_TRC_M(data, "%s pollset[], timeouts=%zu, paused %d/%d (r/w)",
-                   caller, timeout_count,
+        CURL_TRC_M(data, "pollset[], timeouts=%zu, paused %d/%d (r/w)",
+                   timeout_count,
                    Curl_xfer_send_is_paused(data),
                    Curl_xfer_recv_is_paused(data));
         break;
       case 1:
-        CURL_TRC_M(data, "%s pollset[fd=%" FMT_SOCKET_T " %s%s], timeouts=%zu",
-                   caller, ps->sockets[0],
+        CURL_TRC_M(data, "pollset[fd=%" FMT_SOCKET_T " %s%s], timeouts=%zu",
+                   ps->sockets[0],
                    (ps->actions[0] & CURL_POLL_IN) ? "IN" : "",
                    (ps->actions[0] & CURL_POLL_OUT) ? "OUT" : "",
                    timeout_count);
         break;
       case 2:
-        CURL_TRC_M(data, "%s pollset[fd=%" FMT_SOCKET_T " %s%s, "
+        CURL_TRC_M(data, "pollset[fd=%" FMT_SOCKET_T " %s%s, "
                    "fd=%" FMT_SOCKET_T " %s%s], timeouts=%zu",
-                   caller, ps->sockets[0],
+                   ps->sockets[0],
                    (ps->actions[0] & CURL_POLL_IN) ? "IN" : "",
                    (ps->actions[0] & CURL_POLL_OUT) ? "OUT" : "",
                    ps->sockets[1],
@@ -1151,27 +1185,14 @@ CURLMcode Curl_multi_pollset(struct Curl_easy *data,
                    timeout_count);
         break;
       default:
-        CURL_TRC_M(data, "%s pollset[fds=%u], timeouts=%zu",
-                   caller, ps->n, timeout_count);
+        CURL_TRC_M(data, "pollset[fds=%u], timeouts=%zu",
+                   ps->n, timeout_count);
         break;
     }
     CURL_TRC_EASY_TIMERS(data);
   }
 #endif
 
-  if(expect_sockets && !ps->n && data->multi &&
-     !Curl_uint_bset_contains(&data->multi->dirty, data->mid) &&
-     !Curl_llist_count(&data->state.timeoutlist) &&
-     !Curl_cwriter_is_paused(data) && !Curl_creader_is_paused(data) &&
-     Curl_conn_is_ip_connected(data, FIRSTSOCKET)) {
-    /* We expected sockets for POLL monitoring, but none are set.
-     * We are not dirty (and run anyway).
-     * We are not waiting on any timer.
-     * None of the READ/WRITE directions are paused.
-     * We are connected to the server on IP level, at least. */
-    infof(data, "WARNING: no socket in pollset or timer, transfer may stall!");
-    DEBUGASSERT(0);
-  }
 out:
   return mresult;
 }
@@ -1205,7 +1226,7 @@ CURLMcode curl_multi_fdset(CURLM *m,
         continue;
       }
 
-      Curl_multi_pollset(data, &ps, "curl_multi_fdset");
+      Curl_multi_pollset(data, &ps);
       for(i = 0; i < ps.n; i++) {
         if(!FDSET_SOCK(ps.sockets[i]))
           /* pretend it does not exist */
@@ -1268,7 +1289,7 @@ CURLMcode curl_multi_waitfds(CURLM *m,
         Curl_uint_bset_remove(&multi->dirty, mid);
         continue;
       }
-      Curl_multi_pollset(data, &ps, "curl_multi_waitfds");
+      Curl_multi_pollset(data, &ps);
       need += Curl_waitfds_add_ps(&cwfds, &ps);
     }
     while(Curl_uint_bset_next(&multi->process, mid, &mid));
@@ -1354,7 +1375,7 @@ static CURLMcode multi_wait(struct Curl_multi *multi,
         Curl_uint_bset_remove(&multi->dirty, mid);
         continue;
       }
-      Curl_multi_pollset(data, &ps, "multi_wait");
+      Curl_multi_pollset(data, &ps);
       if(Curl_pollfds_add_ps(&cpfds, &ps)) {
         result = CURLM_OUT_OF_MEMORY;
         goto out;
@@ -1907,35 +1928,28 @@ static CURLcode multi_follow(struct Curl_easy *data,
 }
 
 static CURLcode mspeed_check(struct Curl_easy *data,
-                             struct curltime *nowp)
+                             struct curltime now)
 {
   timediff_t recv_wait_ms = 0;
   timediff_t send_wait_ms = 0;
 
-  /* check if over send speed */
-  if(data->set.max_send_speed)
-    send_wait_ms = Curl_pgrsLimitWaitTime(&data->progress.ul,
-                                          data->set.max_send_speed,
-                                          *nowp);
-
-  /* check if over recv speed */
-  if(data->set.max_recv_speed)
-    recv_wait_ms = Curl_pgrsLimitWaitTime(&data->progress.dl,
-                                          data->set.max_recv_speed,
-                                          *nowp);
+  /* check if our send/recv limits require idle waits */
+  send_wait_ms = Curl_rlimit_wait_ms(&data->progress.ul.rlimit, now);
+  recv_wait_ms = Curl_rlimit_wait_ms(&data->progress.dl.rlimit, now);
 
   if(send_wait_ms || recv_wait_ms) {
     if(data->mstate != MSTATE_RATELIMITING) {
-      Curl_ratelimit(data, *nowp);
       multistate(data, MSTATE_RATELIMITING);
     }
     Curl_expire(data, CURLMAX(send_wait_ms, recv_wait_ms), EXPIRE_TOOFAST);
     Curl_multi_clear_dirty(data);
+    CURL_TRC_M(data, "[RLIMIT] waiting %" FMT_TIMEDIFF_T "ms",
+               CURLMAX(send_wait_ms, recv_wait_ms));
     return CURLE_AGAIN;
   }
   else if(data->mstate != MSTATE_PERFORMING) {
+    CURL_TRC_M(data, "[RLIMIT] wait over, continue");
     multistate(data, MSTATE_PERFORMING);
-    Curl_ratelimit(data, *nowp);
   }
   return CURLE_OK;
 }
@@ -1951,7 +1965,7 @@ static CURLMcode state_performing(struct Curl_easy *data,
   CURLcode result = *resultp = CURLE_OK;
   *stream_errorp = FALSE;
 
-  if(mspeed_check(data, nowp) == CURLE_AGAIN)
+  if(mspeed_check(data, *nowp) == CURLE_AGAIN)
     return CURLM_OK;
 
   /* read/write data if it is ready to do so */
@@ -2073,7 +2087,8 @@ static CURLMcode state_performing(struct Curl_easy *data,
     }
   }
   else { /* not errored, not done */
-    mspeed_check(data, nowp);
+    *nowp = curlx_now();
+    mspeed_check(data, *nowp);
   }
   free(newurl);
   *resultp = result;
@@ -2228,10 +2243,7 @@ static CURLMcode state_ratelimiting(struct Curl_easy *data,
   CURLMcode rc = CURLM_OK;
   DEBUGASSERT(data->conn);
   /* if both rates are within spec, resume transfer */
-  if(Curl_pgrsUpdate(data))
-    result = CURLE_ABORTED_BY_CALLBACK;
-  else
-    result = Curl_speedcheck(data, *nowp);
+  result = Curl_pgrsCheck(data);
 
   if(result) {
     if(!(data->conn->handler->flags & PROTOPT_DUAL) &&
@@ -2242,7 +2254,7 @@ static CURLMcode state_ratelimiting(struct Curl_easy *data,
     multi_done(data, result, TRUE);
   }
   else {
-    if(!mspeed_check(data, nowp))
+    if(!mspeed_check(data, *nowp))
       rc = CURLM_CALL_MULTI_PERFORM;
   }
   *resultp = result;
@@ -2387,6 +2399,8 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi,
        (HTTP/2), or the full connection for older protocols */
     bool stream_error = FALSE;
     rc = CURLM_OK;
+    /* update at start for continuous increase when looping */
+    *nowp = curlx_now();
 
     if(multi_ischanged(multi, TRUE)) {
       CURL_TRC_M(data, "multi changed, check CONNECT_PEND queue");
@@ -2704,16 +2718,18 @@ statemachine_end:
         rc = CURLM_CALL_MULTI_PERFORM;
       }
       /* if there is still a connection to use, call the progress function */
-      else if(data->conn && Curl_pgrsUpdate(data)) {
-        /* aborted due to progress callback return code must close the
-           connection */
-        result = CURLE_ABORTED_BY_CALLBACK;
-        streamclose(data->conn, "Aborted by callback");
+      else if(data->conn) {
+        result = Curl_pgrsUpdate(data);
+        if(result) {
+          /* aborted due to progress callback return code must close the
+             connection */
+          streamclose(data->conn, "Aborted by callback");
 
-        /* if not yet in DONE state, go there, otherwise COMPLETED */
-        multistate(data, (data->mstate < MSTATE_DONE) ?
-                   MSTATE_DONE : MSTATE_COMPLETED);
-        rc = CURLM_CALL_MULTI_PERFORM;
+          /* if not yet in DONE state, go there, otherwise COMPLETED */
+          multistate(data, (data->mstate < MSTATE_DONE) ?
+                     MSTATE_DONE : MSTATE_COMPLETED);
+          rc = CURLM_CALL_MULTI_PERFORM;
+        }
       }
     }
 
diff --git a/lib/multi_ev.c b/lib/multi_ev.c
index f5000a4562..098f8da643 100644
--- a/lib/multi_ev.c
+++ b/lib/multi_ev.c
@@ -508,7 +508,7 @@ static CURLMcode mev_assess(struct Curl_multi *multi,
     }
   }
   else
-    Curl_multi_pollset(data, &ps, "ev assess");
+    Curl_multi_pollset(data, &ps);
   last_ps = mev_get_last_pollset(data, conn);
 
   if(!last_ps && ps.n) {
diff --git a/lib/multiif.h b/lib/multiif.h
index 1423d5a03d..81cf665bd3 100644
--- a/lib/multiif.h
+++ b/lib/multiif.h
@@ -73,8 +73,7 @@ CURLMcode Curl_multi_add_perform(struct Curl_multi *multi,
 unsigned int Curl_multi_max_concurrent_streams(struct Curl_multi *multi);
 
 CURLMcode Curl_multi_pollset(struct Curl_easy *data,
-                             struct easy_pollset *ps,
-                             const char *caller);
+                             struct easy_pollset *ps);
 
 /**
  * Borrow the transfer buffer from the multi, suitable
diff --git a/lib/pingpong.c b/lib/pingpong.c
index 670d37c38e..297389043f 100644
--- a/lib/pingpong.c
+++ b/lib/pingpong.c
@@ -33,7 +33,6 @@
 #include "sendf.h"
 #include "select.h"
 #include "progress.h"
-#include "speedcheck.h"
 #include "pingpong.h"
 #include "multiif.h"
 #include "vtls/vtls.h"
@@ -122,11 +121,7 @@ CURLcode Curl_pp_statemach(struct Curl_easy *data,
 
   if(block) {
     /* if we did not wait, we do not have to spend time on this now */
-    if(Curl_pgrsUpdate(data))
-      result = CURLE_ABORTED_BY_CALLBACK;
-    else
-      result = Curl_speedcheck(data, curlx_now());
-
+    result = Curl_pgrsCheck(data);
     if(result)
       return result;
   }
diff --git a/lib/pop3.c b/lib/pop3.c
index d469dc0766..05203c1a07 100644
--- a/lib/pop3.c
+++ b/lib/pop3.c
@@ -1503,10 +1503,7 @@ static CURLcode pop3_regular_transfer(struct Curl_easy *data,
   data->req.size = -1;
 
   /* Set the progress data */
-  Curl_pgrsSetUploadCounter(data, 0);
-  Curl_pgrsSetDownloadCounter(data, 0);
-  Curl_pgrsSetUploadSize(data, -1);
-  Curl_pgrsSetDownloadSize(data, -1);
+  Curl_pgrsReset(data);
 
   /* Carry out the perform */
   result = pop3_perform(data, &connected, dophase_done);
diff --git a/lib/progress.c b/lib/progress.c
index 228f5dc197..3985e1c1bf 100644
--- a/lib/progress.c
+++ b/lib/progress.c
@@ -28,6 +28,7 @@
 #include "sendf.h"
 #include "multiif.h"
 #include "progress.h"
+#include "transfer.h"
 #include "curlx/timeval.h"
 
 /* check rate limits within this many recent milliseconds, at minimum. */
@@ -92,6 +93,55 @@ static char *max6data(curl_off_t bytes, char *max6)
 }
 #endif
 
+static void pgrs_speedinit(struct Curl_easy *data)
+{
+  memset(&data->state.keeps_speed, 0, sizeof(struct curltime));
+}
+
+/*
+ * @unittest: 1606
+ */
+UNITTEST CURLcode pgrs_speedcheck(struct Curl_easy *data,
+                                  struct curltime *pnow)
+{
+  if(!data->set.low_speed_time || !data->set.low_speed_limit ||
+     Curl_xfer_recv_is_paused(data) || Curl_xfer_send_is_paused(data))
+    /* A paused transfer is not qualified for speed checks */
+    return CURLE_OK;
+
+  if((data->progress.current_speed >= 0) && data->set.low_speed_time) {
+    if(data->progress.current_speed < data->set.low_speed_limit) {
+      if(!data->state.keeps_speed.tv_sec)
+        /* under the limit at this moment */
+        data->state.keeps_speed = *pnow;
+      else {
+        /* how long has it been under the limit */
+        timediff_t howlong = curlx_timediff_ms(*pnow, data->state.keeps_speed);
+
+        if(howlong >= data->set.low_speed_time * 1000) {
+          /* too long */
+          failf(data,
+                "Operation too slow. "
+                "Less than %ld bytes/sec transferred the last %ld seconds",
+                data->set.low_speed_limit,
+                data->set.low_speed_time);
+          return CURLE_OPERATION_TIMEDOUT;
+        }
+      }
+    }
+    else
+      /* faster right now */
+      data->state.keeps_speed.tv_sec = 0;
+  }
+
+  if(data->set.low_speed_limit)
+    /* if low speed limit is enabled, set the expire timer to make this
+       connection's speed get checked again in a second */
+    Curl_expire(data, 1000, EXPIRE_SPEEDCHECK);
+
+  return CURLE_OK;
+}
+
 /*
 
    New proposed interface, 9th of February 2000:
@@ -119,10 +169,19 @@ int Curl_pgrsDone(struct Curl_easy *data)
      * hidden */
     curl_mfprintf(data->set.err, "\n");
 
-  data->progress.speeder_c = 0; /* reset the progress meter display */
   return 0;
 }
 
+void Curl_pgrsReset(struct Curl_easy *data)
+{
+  Curl_pgrsSetUploadCounter(data, 0);
+  Curl_pgrsSetDownloadCounter(data, 0);
+  Curl_pgrsSetUploadSize(data, -1);
+  Curl_pgrsSetDownloadSize(data, -1);
+  data->progress.speeder_c = 0; /* reset speed records */
+  pgrs_speedinit(data);
+}
+
 /* reset the known transfer sizes */
 void Curl_pgrsResetTransferSizes(struct Curl_easy *data)
 {
@@ -130,6 +189,14 @@ void Curl_pgrsResetTransferSizes(struct Curl_easy *data)
   Curl_pgrsSetUploadSize(data, -1);
 }
 
+void Curl_pgrsRecvPause(struct Curl_easy *data, bool enable)
+{
+  if(!enable) {
+    data->progress.speeder_c = 0; /* reset speed records */
+    pgrs_speedinit(data); /* reset low speed measurements */
+  }
+}
+
 /*
  *
  * Curl_pgrsTimeWas(). Store the timestamp time at the given label.
@@ -228,72 +295,11 @@ void Curl_pgrsStartNow(struct Curl_easy *data)
   p->speeder_c = 0; /* reset the progress meter display */
   p->start = curlx_now();
   p->is_t_startransfer_set = FALSE;
-  p->ul.limit.start = p->start;
-  p->dl.limit.start = p->start;
-  p->ul.limit.start_size = 0;
-  p->dl.limit.start_size = 0;
   p->dl.cur_size = 0;
   p->ul.cur_size = 0;
   /* the sizes are unknown at start */
   p->dl_size_known = FALSE;
   p->ul_size_known = FALSE;
-  Curl_ratelimit(data, p->start);
-}
-
-/*
- * This is used to handle speed limits, calculating how many milliseconds to
- * wait until we are back under the speed limit, if needed.
- *
- * The way it works is by having a "starting point" (time & amount of data
- * transferred by then) used in the speed computation, to be used instead of
- * the start of the transfer. This starting point is regularly moved as
- * transfer goes on, to keep getting accurate values (instead of average over
- * the entire transfer).
- *
- * This function takes the current amount of data transferred, the amount at
- * the starting point, the limit (in bytes/s), the time of the starting point
- * and the current time.
- *
- * Returns 0 if no waiting is needed or when no waiting is needed but the
- * starting point should be reset (to current); or the number of milliseconds
- * to wait to get back under the speed limit.
- */
-timediff_t Curl_pgrsLimitWaitTime(struct pgrs_dir *d,
-                                  curl_off_t bytes_per_sec,
-                                  struct curltime now)
-{
-  curl_off_t bytes = d->cur_size - d->limit.start_size;
-  timediff_t should_ms;
-  timediff_t took_ms;
-
-  /* no limit or we did not get to any bytes yet */
-  if(!bytes_per_sec || !bytes)
-    return 0;
-
-  /* The time it took us to have `bytes` */
-  took_ms = curlx_timediff_ceil_ms(now, d->limit.start);
-
-  /* The time it *should* have taken us to have `bytes`
-   * when obeying the bytes_per_sec speed_limit. */
-  if(bytes < CURL_OFF_T_MAX/1000) {
-    /* (1000 * bytes / (bytes / sec)) = 1000 * sec = ms */
-    should_ms = (timediff_t) (1000 * bytes / bytes_per_sec);
-  }
-  else {
-    /* large `bytes`, first calc the seconds it should have taken.
-     * if that is small enough, convert to milliseconds. */
-    should_ms = (timediff_t) (bytes / bytes_per_sec);
-    if(should_ms < TIMEDIFF_T_MAX/1000)
-      should_ms *= 1000;
-    else
-      should_ms = TIMEDIFF_T_MAX;
-  }
-
-  if(took_ms < should_ms) {
-    /* when gotten to `bytes` too fast, wait the difference */
-    return should_ms - took_ms;
-  }
-  return 0;
 }
 
 /*
@@ -304,28 +310,6 @@ void Curl_pgrsSetDownloadCounter(struct Curl_easy *data, curl_off_t size)
   data->progress.dl.cur_size = size;
 }
 
-/*
- * Update the timestamp and sizestamp to use for rate limit calculations.
- */
-void Curl_ratelimit(struct Curl_easy *data, struct curltime now)
-{
-  /* do not set a new stamp unless the time since last update is long enough */
-  if(data->set.max_recv_speed) {
-    if(curlx_timediff_ms(now, data->progress.dl.limit.start) >=
-       MIN_RATE_LIMIT_PERIOD) {
-      data->progress.dl.limit.start = now;
-      data->progress.dl.limit.start_size = data->progress.dl.cur_size;
-    }
-  }
-  if(data->set.max_send_speed) {
-    if(curlx_timediff_ms(now, data->progress.ul.limit.start) >=
-       MIN_RATE_LIMIT_PERIOD) {
-      data->progress.ul.limit.start = now;
-      data->progress.ul.limit.start_size = data->progress.ul.cur_size;
-    }
-  }
-}
-
 /*
  * Set the number of uploaded bytes so far.
  */
@@ -378,75 +362,82 @@ static curl_off_t trspeed(curl_off_t size, /* number of bytes */
 }
 
 /* returns TRUE if it is time to show the progress meter */
-static bool progress_calc(struct Curl_easy *data, struct curltime now)
+static bool progress_calc(struct Curl_easy *data, struct curltime *pnow)
 {
-  bool timetoshow = FALSE;
   struct Progress * const p = &data->progress;
+  int i_next, i_oldest, i_latest;
+  timediff_t duration_ms;
+  curl_off_t amount;
 
   /* The time spent so far (from the start) in microseconds */
-  p->timespent = curlx_timediff_us(now, p->start);
+  p->timespent = curlx_timediff_us(*pnow, p->start);
   p->dl.speed = trspeed(p->dl.cur_size, p->timespent);
   p->ul.speed = trspeed(p->ul.cur_size, p->timespent);
 
-  /* Calculations done at most once a second, unless end is reached */
-  if(p->lastshow != now.tv_sec) {
-    int countindex; /* amount of seconds stored in the speeder array */
-    int nowindex = p->speeder_c% CURR_TIME;
-    p->lastshow = now.tv_sec;
-    timetoshow = TRUE;
-
-    /* Let's do the "current speed" thing, with the dl + ul speeds
-       combined. Store the speed at entry 'nowindex'. */
-    p->speeder[ nowindex ] = p->dl.cur_size + p->ul.cur_size;
-
-    /* remember the exact time for this moment */
-    p->speeder_time [ nowindex ] = now;
-
-    /* advance our speeder_c counter, which is increased every time we get
-       here and we expect it to never wrap as 2^32 is a lot of seconds! */
+  if(!p->speeder_c) { /* no previous record exists */
+    p->speed_amount[0] = p->dl.cur_size + p->ul.cur_size;
+    p->speed_time[0] = *pnow;
     p->speeder_c++;
+    /* use the overall average at the start */
+    p->current_speed = p->ul.speed + p->dl.speed;
+    p->lastshow = pnow->tv_sec;
+    return TRUE;
+  }
+  /* We have at least one record now. Where to put the next and
+   * where is the latest one? */
+  i_next = p->speeder_c % CURL_SPEED_RECORDS;
+  i_latest = (i_next > 0) ? (i_next - 1) : (CURL_SPEED_RECORDS - 1);
 
-    /* figure out how many index entries of data we have stored in our speeder
-       array. With N_ENTRIES filled in, we have about N_ENTRIES-1 seconds of
-       transfer. Imagine, after one second we have filled in two entries,
-       after two seconds we have filled in three entries etc. */
-    countindex = ((p->speeder_c >= CURR_TIME) ? CURR_TIME : p->speeder_c) - 1;
-
-    /* first of all, we do not do this if there is no counted seconds yet */
-    if(countindex) {
-      int checkindex;
-      timediff_t span_ms;
-      curl_off_t amount;
-
-      /* Get the index position to compare with the 'nowindex' position.
-         Get the oldest entry possible. While we have less than CURR_TIME
-         entries, the first entry will remain the oldest. */
-      checkindex = (p->speeder_c >= CURR_TIME) ? p->speeder_c%CURR_TIME : 0;
-
-      /* Figure out the exact time for the time span */
-      span_ms = curlx_timediff_ms(now, p->speeder_time[checkindex]);
-      if(span_ms == 0)
-        span_ms = 1; /* at least one millisecond MUST have passed */
-
-      /* Calculate the average speed the last 'span_ms' milliseconds */
-      amount = p->speeder[nowindex]- p->speeder[checkindex];
-
-      if(amount > (0xffffffff/1000))
-        /* the 'amount' value is bigger than would fit in 32 bits if
-           multiplied with 1000, so we use the double math for this */
-        p->current_speed = (curl_off_t)
-          ((double)amount/((double)span_ms/1000.0));
-      else
-        /* the 'amount' value is small enough to fit within 32 bits even
-           when multiplied with 1000 */
-        p->current_speed = amount * 1000/span_ms;
+  /* Make a new record only when some time has passed.
+   * Too frequent calls otherwise ruin the history. */
+  if(curlx_timediff_ms(*pnow, p->speed_time[i_latest]) >= 1000) {
+    p->speeder_c++;
+    i_latest = i_next;
+    p->speed_amount[i_latest] = p->dl.cur_size + p->ul.cur_size;
+    p->speed_time[i_latest] = *pnow;
+  }
+  else if(data->req.done) {
+    /* When a transfer is done, and we did not have a current speed
+     * already, update the last record. Otherwise, stay at the speed
+     * we have. The last chunk of data, when rate limiting, would increase
+     * reported speed since it no longer measures a full second. */
+    if(!p->current_speed) {
+      p->speed_amount[i_latest] = p->dl.cur_size + p->ul.cur_size;
+      p->speed_time[i_latest] = *pnow;
     }
-    else
-      /* the first second we use the average */
-      p->current_speed = p->ul.speed + p->dl.speed;
+  }
+  else {
+    /* transfer ongoing, wait for more time to pass. */
+    return FALSE;
+  }
 
-  } /* Calculations end */
-  return timetoshow;
+  i_oldest = (p->speeder_c < CURL_SPEED_RECORDS) ? 0 :
+             ((i_latest + 1) % CURL_SPEED_RECORDS);
+
+  /* How much we transferred between oldest and current records */
+  amount = p->speed_amount[i_latest]- p->speed_amount[i_oldest];
+  /* How long this took */
+  duration_ms = curlx_timediff_ms(p->speed_time[i_latest],
+                                  p->speed_time[i_oldest]);
+  if(duration_ms <= 0)
+    duration_ms = 1;
+
+  if(amount > (CURL_OFF_T_MAX/1000)) {
+    /* the 'amount' value is bigger than would fit in 64 bits if
+       multiplied with 1000, so we use the double math for this */
+    p->current_speed = (curl_off_t)
+      (((double)amount * 1000.0)/(double)duration_ms);
+  }
+  else {
+    /* the 'amount' value is small enough to fit within 32 bits even
+       when multiplied with 1000 */
+    p->current_speed = amount * 1000 / duration_ms;
+  }
+
+  if((p->lastshow == pnow->tv_sec) && !data->req.done)
+    return FALSE;
+  p->lastshow = pnow->tv_sec;
+  return TRUE;
 }
 
 #ifndef CURL_DISABLE_PROGRESS_METER
@@ -568,7 +559,7 @@ static void progress_meter(struct Curl_easy *data)
  * Curl_pgrsUpdate() returns 0 for success or the value returned by the
  * progress callback!
  */
-static int pgrsupdate(struct Curl_easy *data, bool showprogress)
+static CURLcode pgrsupdate(struct Curl_easy *data, bool showprogress)
 {
   if(!data->progress.hide) {
     if(data->set.fxferinfo) {
@@ -582,9 +573,11 @@ static int pgrsupdate(struct Curl_easy *data, bool showprogress)
                                    data->progress.ul.cur_size);
       Curl_set_in_callback(data, FALSE);
       if(result != CURL_PROGRESSFUNC_CONTINUE) {
-        if(result)
+        if(result) {
           failf(data, "Callback aborted");
-        return result;
+          return CURLE_ABORTED_BY_CALLBACK;
+        }
+        return CURLE_OK;
       }
     }
     else if(data->set.fprogress) {
@@ -598,9 +591,11 @@ static int pgrsupdate(struct Curl_easy *data, bool showprogress)
                                    (double)data->progress.ul.cur_size);
       Curl_set_in_callback(data, FALSE);
       if(result != CURL_PROGRESSFUNC_CONTINUE) {
-        if(result)
+        if(result) {
           failf(data, "Callback aborted");
-        return result;
+          return CURLE_ABORTED_BY_CALLBACK;
+        }
+        return CURLE_OK;
       }
     }
 
@@ -608,14 +603,30 @@ static int pgrsupdate(struct Curl_easy *data, bool showprogress)
       progress_meter(data);
   }
 
-  return 0;
+  return CURLE_OK;
 }
 
-int Curl_pgrsUpdate(struct Curl_easy *data)
+static CURLcode pgrs_update(struct Curl_easy *data, struct curltime *pnow)
+{
+  bool showprogress = progress_calc(data, pnow);
+  return pgrsupdate(data, showprogress);
+}
+
+CURLcode Curl_pgrsUpdate(struct Curl_easy *data)
 {
   struct curltime now = curlx_now(); /* what time is it */
-  bool showprogress = progress_calc(data, now);
-  return pgrsupdate(data, showprogress);
+  return pgrs_update(data, &now);
+}
+
+CURLcode Curl_pgrsCheck(struct Curl_easy *data)
+{
+  struct curltime now = curlx_now();
+  CURLcode result;
+
+  result = pgrs_update(data, &now);
+  if(!result && !data->req.done)
+    result = pgrs_speedcheck(data, &now);
+  return result;
 }
 
 /*
@@ -624,5 +635,5 @@ int Curl_pgrsUpdate(struct Curl_easy *data)
 void Curl_pgrsUpdate_nometer(struct Curl_easy *data)
 {
   struct curltime now = curlx_now(); /* what time is it */
-  (void)progress_calc(data, now);
+  (void)progress_calc(data, &now);
 }
diff --git a/lib/progress.h b/lib/progress.h
index 7a176b7554..96a26fe1a4 100644
--- a/lib/progress.h
+++ b/lib/progress.h
@@ -26,6 +26,7 @@
 
 #include "curlx/timeval.h"
 
+struct Curl_easy;
 
 typedef enum {
   TIMER_NONE,
@@ -50,15 +51,23 @@ void Curl_pgrsSetUploadSize(struct Curl_easy *data, curl_off_t size);
 
 void Curl_pgrsSetDownloadCounter(struct Curl_easy *data, curl_off_t size);
 void Curl_pgrsSetUploadCounter(struct Curl_easy *data, curl_off_t size);
-void Curl_ratelimit(struct Curl_easy *data, struct curltime now);
-int Curl_pgrsUpdate(struct Curl_easy *data);
-void Curl_pgrsUpdate_nometer(struct Curl_easy *data);
 
+/* perform progress update, invoking callbacks at intervals */
+CURLcode Curl_pgrsUpdate(struct Curl_easy *data);
+/* perform progress update, no callbacks invoked */
+void Curl_pgrsUpdate_nometer(struct Curl_easy *data);
+/* perform progress update with callbacks and speed checks */
+CURLcode Curl_pgrsCheck(struct Curl_easy *data);
+
+/* Inform progress/speedcheck about receive pausing */
+void Curl_pgrsRecvPause(struct Curl_easy *data, bool enable);
+
+/* Reset sizes and couners for up- and download. */
+void Curl_pgrsReset(struct Curl_easy *data);
+/* Reset sizes for up- and download. */
 void Curl_pgrsResetTransferSizes(struct Curl_easy *data);
+
 struct curltime Curl_pgrsTime(struct Curl_easy *data, timerid timer);
-timediff_t Curl_pgrsLimitWaitTime(struct pgrs_dir *d,
-                                  curl_off_t speed_limit,
-                                  struct curltime now);
 /**
  * Update progress timer with the elapsed time from its start to `timestamp`.
  * This allows updating timers later and is used by happy eyeballing, where
@@ -69,4 +78,9 @@ void Curl_pgrsTimeWas(struct Curl_easy *data, timerid timer,
 
 void Curl_pgrsEarlyData(struct Curl_easy *data, curl_off_t sent);
 
+#ifdef UNITTESTS
+UNITTEST CURLcode pgrs_speedcheck(struct Curl_easy *data,
+                                  struct curltime *pnow);
+#endif
+
 #endif /* HEADER_CURL_PROGRESS_H */
diff --git a/lib/ratelimit.c b/lib/ratelimit.c
new file mode 100644
index 0000000000..8b34d77e13
--- /dev/null
+++ b/lib/ratelimit.c
@@ -0,0 +1,200 @@
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) Daniel Stenberg, , et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ * SPDX-License-Identifier: curl
+ *
+ ***************************************************************************/
+
+#include "curl_setup.h"
+
+#include "curlx/timeval.h"
+#include "ratelimit.h"
+
+
+#define CURL_US_PER_SEC      1000000
+#define CURL_RLIMIT_MIN_CHUNK (16 * 1024)
+#define CURL_RLIMIT_MAX_STEPS 2   /* 500ms interval */
+
+void Curl_rlimit_init(struct Curl_rlimit *r,
+                      curl_off_t rate_per_s,
+                      curl_off_t burst_per_s,
+                      struct curltime ts)
+{
+  curl_off_t rate_steps;
+
+  DEBUGASSERT(rate_per_s >= 0);
+  DEBUGASSERT(burst_per_s >= rate_per_s || !burst_per_s);
+  r->step_us = CURL_US_PER_SEC;
+  r->rate_per_step = rate_per_s;
+  r->burst_per_step = burst_per_s;
+  /* On rates that are multiples of CURL_RLIMIT_MIN_CHUNK, we reduce
+   * the interval `step_us` from 1 second to smaller steps with at
+   * most CURL_RLIMIT_MAX_STEPS.
+   * Smaller means more CPU, but also more precision. */
+  rate_steps = rate_per_s / CURL_RLIMIT_MIN_CHUNK;
+  rate_steps = CURLMIN(rate_steps, CURL_RLIMIT_MAX_STEPS);
+  if(rate_steps >= 2) {
+    r->step_us /= rate_steps;
+    r->rate_per_step /= rate_steps;
+    r->burst_per_step /= rate_steps;
+  }
+  r->tokens = r->rate_per_step;
+  r->spare_us = 0;
+  r->ts = ts;
+  r->blocked = FALSE;
+}
+
+void Curl_rlimit_start(struct Curl_rlimit *r, struct curltime ts)
+{
+  r->tokens = r->rate_per_step;
+  r->spare_us = 0;
+  r->ts = ts;
+}
+
+bool Curl_rlimit_active(struct Curl_rlimit *r)
+{
+  return (r->rate_per_step > 0) || r->blocked;
+}
+
+bool Curl_rlimit_is_blocked(struct Curl_rlimit *r)
+{
+  return r->blocked;
+}
+
+static void ratelimit_update(struct Curl_rlimit *r,
+                             struct curltime ts)
+{
+  timediff_t elapsed_us, elapsed_steps;
+  curl_off_t token_gain;
+
+  DEBUGASSERT(r->rate_per_step);
+  if((r->ts.tv_sec == ts.tv_sec) && (r->ts.tv_usec == ts.tv_usec))
+    return;
+
+  elapsed_us = curlx_timediff_us(ts, r->ts);
+  if(elapsed_us < 0) { /* not going back in time */
+    curl_mfprintf(stderr, "rlimit: neg elapsed time %" FMT_TIMEDIFF_T "us\n",
+                  elapsed_us);
+    DEBUGASSERT(0);
+    return;
+  }
+
+  elapsed_us += r->spare_us;
+  if(elapsed_us < r->step_us)
+    return;
+
+  /* we do the update */
+  r->ts = ts;
+  elapsed_steps = elapsed_us / r->step_us;
+  r->spare_us = elapsed_us % r->step_us;
+
+  /* How many tokens did we gain since the last update? */
+  if(r->rate_per_step > (CURL_OFF_T_MAX / elapsed_steps))
+    token_gain = CURL_OFF_T_MAX;
+  else {
+    token_gain = r->rate_per_step * elapsed_steps;
+  }
+
+  /* Limit the token again by the burst rate per second (if set), so we
+   * do not suddenly have a huge number of tokens after inactivity. */
+  r->tokens += token_gain;
+  if(r->burst_per_step && (r->tokens > r->burst_per_step)) {
+    r->tokens = r->burst_per_step;
+  }
+}
+
+curl_off_t Curl_rlimit_avail(struct Curl_rlimit *r,
+                             struct curltime ts)
+{
+  if(r->blocked)
+    return 0;
+  else if(r->rate_per_step) {
+    ratelimit_update(r, ts);
+    return r->tokens;
+  }
+  else
+    return CURL_OFF_T_MAX;
+}
+
+void Curl_rlimit_drain(struct Curl_rlimit *r,
+                       size_t tokens,
+                       struct curltime ts)
+{
+  if(r->blocked || !r->rate_per_step)
+    return;
+
+  ratelimit_update(r, ts);
+#if SIZEOF_CURL_OFF_T <= SIZEOF_SIZE_T
+  if(tokens > CURL_OFF_T_MAX) {
+    r->tokens = CURL_OFF_T_MIN;
+    return;
+  }
+  else
+#endif
+  {
+    curl_off_t val = (curl_off_t)tokens;
+    if((CURL_OFF_T_MIN + val) < r->tokens)
+      r->tokens -= val;
+    else
+      r->tokens = CURL_OFF_T_MIN;
+  }
+}
+
+timediff_t Curl_rlimit_wait_ms(struct Curl_rlimit *r,
+                               struct curltime ts)
+{
+  timediff_t wait_us, elapsed_us;
+
+  if(r->blocked || !r->rate_per_step)
+    return 0;
+  ratelimit_update(r, ts);
+  if(r->tokens > 0)
+    return 0;
+
+  /* How much time will it take tokens to become positive again?
+   * Deduct `spare_us` and check against already elapsed time */
+  wait_us = (1 + (-r->tokens / r->rate_per_step)) * r->step_us;
+  wait_us -= r->spare_us;
+
+  elapsed_us = curlx_timediff_us(ts, r->ts);
+  if(elapsed_us >= wait_us)
+    return 0;
+  wait_us -= elapsed_us;
+  return (wait_us + 999) / 1000; /* in milliseconds */
+}
+
+void Curl_rlimit_block(struct Curl_rlimit *r,
+                       bool activate,
+                       struct curltime ts)
+{
+  if(!activate == !r->blocked)
+    return;
+
+  r->ts = ts;
+  r->blocked = activate;
+  if(!r->blocked) {
+    /* Start rate limiting fresh. The amount of time this was blocked
+     * does not generate extra tokens. */
+    Curl_rlimit_start(r, ts);
+  }
+  else {
+    r->tokens = 0;
+  }
+}
diff --git a/lib/ratelimit.h b/lib/ratelimit.h
new file mode 100644
index 0000000000..53f8030391
--- /dev/null
+++ b/lib/ratelimit.h
@@ -0,0 +1,92 @@
+#ifndef HEADER_Curl_rlimit_H
+#define HEADER_Curl_rlimit_H
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) Daniel Stenberg, , et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ * SPDX-License-Identifier: curl
+ *
+ ***************************************************************************/
+
+#include "curlx/timeval.h"
+
+/* This is a rate limiter that provides "tokens" to be consumed
+ * per second with a "burst" rate limitation. Example:
+ * A rate limit of 1 megabyte per second with a burst rate of 1.5MB.
+ * - initially 1 million tokens are available.
+ * - these are drained in the first second.
+ * - checking available tokens before the 2nd second will return 0.
+ * - at/after the 2nd second, 1 million tokens are available again.
+ * - nothing happens for a second, the 1 million tokens would grow
+ *   to 2 million, however the burst limit caps those at 1.5 million.
+ * Thus:
+ * - setting "burst" to CURL_OFF_T_MAX would average tokens over the
+ *   complete lifetime. E.g. for a download, at the *end* of it, the
+ *   average rate from start to finish would be the rate limit.
+ * - setting "burst" to the same value as "rate" would make a
+ *   download always try to stay *at/below* the rate and slow times will
+ *   not generate extra tokens.
+ * A rate limit can be blocked, causing the available tokens to become
+ * always 0 until unblocked. After unblocking, the rate limiting starts
+ * again with no history of the past.
+ * Finally, a rate limiter with rate 0 will always have CURL_OFF_T_MAX
+ * tokens available, unless blocked.
+ */
+
+struct Curl_rlimit {
+  curl_off_t rate_per_step; /* rate tokens are generated per step us */
+  curl_off_t burst_per_step; /* burst rate of tokens per step us */
+  timediff_t step_us;     /* microseconds between token increases */
+  curl_off_t tokens;      /* tokens available in the next second */
+  timediff_t spare_us;    /* microseconds unaffecting tokens */
+  struct curltime ts;     /* time of the last update */
+  BIT(blocked);           /* blocking sets available tokens to 0 */
+};
+
+void Curl_rlimit_init(struct Curl_rlimit *r,
+                      curl_off_t rate_per_s,
+                      curl_off_t burst_per_s,
+                      struct curltime ts);
+
+/* Start ratelimiting with the given timestamp. Resets available tokens. */
+void Curl_rlimit_start(struct Curl_rlimit *r, struct curltime ts);
+
+/* How many milliseconds to wait until token are available again. */
+timediff_t Curl_rlimit_wait_ms(struct Curl_rlimit *r,
+                               struct curltime ts);
+
+/* Return if rate limiting of tokens is active */
+bool Curl_rlimit_active(struct Curl_rlimit *r);
+bool Curl_rlimit_is_blocked(struct Curl_rlimit *r);
+
+/* Return how many tokens are available to spend, may be negative */
+curl_off_t Curl_rlimit_avail(struct Curl_rlimit *r,
+                             struct curltime ts);
+
+/* Drain tokens from the ratelimit, return how many are now available. */
+void Curl_rlimit_drain(struct Curl_rlimit *r,
+                       size_t tokens,
+                       struct curltime ts);
+
+/* Block/unblock ratelimiting. A blocked ratelimit has 0 tokens available. */
+void Curl_rlimit_block(struct Curl_rlimit *r,
+                       bool activate,
+                       struct curltime ts);
+
+#endif /* HEADER_Curl_rlimit_H */
diff --git a/lib/request.c b/lib/request.c
index 9778a0c953..5bfcdfbfb8 100644
--- a/lib/request.c
+++ b/lib/request.c
@@ -258,7 +258,7 @@ static CURLcode req_set_upload_done(struct Curl_easy *data)
 {
   DEBUGASSERT(!data->req.upload_done);
   data->req.upload_done = TRUE;
-  data->req.keepon &= ~(KEEP_SEND|KEEP_SEND_TIMED); /* we are done sending */
+  data->req.keepon &= ~KEEP_SEND; /* we are done sending */
 
   Curl_pgrsTime(data, TIMER_POSTRANSFER);
   Curl_creader_done(data, data->req.upload_aborted);
@@ -420,9 +420,9 @@ bool Curl_req_want_send(struct Curl_easy *data)
    * - or request has buffered data to send
    * - or transfer connection has pending data to send */
   return !data->req.done &&
-         (((data->req.keepon & KEEP_SENDBITS) == KEEP_SEND) ||
-           !Curl_req_sendbuf_empty(data) ||
-           Curl_xfer_needs_flush(data));
+         ((data->req.keepon & KEEP_SEND) ||
+          !Curl_req_sendbuf_empty(data) ||
+          Curl_xfer_needs_flush(data));
 }
 
 bool Curl_req_done_sending(struct Curl_easy *data)
@@ -458,8 +458,7 @@ CURLcode Curl_req_abort_sending(struct Curl_easy *data)
   if(!data->req.upload_done) {
     Curl_bufq_reset(&data->req.sendbuf);
     data->req.upload_aborted = TRUE;
-    /* no longer KEEP_SEND and KEEP_SEND_PAUSE */
-    data->req.keepon &= ~KEEP_SENDBITS;
+    data->req.keepon &= ~KEEP_SEND;
     return req_set_upload_done(data);
   }
   return CURLE_OK;
@@ -470,6 +469,6 @@ CURLcode Curl_req_stop_send_recv(struct Curl_easy *data)
   /* stop receiving and ALL sending as well, including PAUSE and HOLD.
    * We might still be paused on receive client writes though, so
    * keep those bits around. */
-  data->req.keepon &= ~(KEEP_RECV|KEEP_SENDBITS);
+  data->req.keepon &= ~(KEEP_RECV|KEEP_SEND);
   return Curl_req_abort_sending(data);
 }
diff --git a/lib/request.h b/lib/request.h
index e12d5efdcb..0f9e0a6ff4 100644
--- a/lib/request.h
+++ b/lib/request.h
@@ -130,6 +130,7 @@ struct SingleRequest {
   BIT(sendbuf_init); /* sendbuf is initialized */
   BIT(shutdown);     /* request end will shutdown connection */
   BIT(shutdown_err_ignore); /* errors in shutdown will not fail request */
+  BIT(reader_started); /* client reads have started */
 };
 
 /**
diff --git a/lib/rtsp.c b/lib/rtsp.c
index 95215b8d4b..b4b3d6dd55 100644
--- a/lib/rtsp.c
+++ b/lib/rtsp.c
@@ -142,7 +142,7 @@ const struct Curl_handler Curl_handler_rtsp = {
   ZERO_NULL,                            /* proto_pollset */
   rtsp_do_pollset,                      /* doing_pollset */
   ZERO_NULL,                            /* domore_pollset */
-  ZERO_NULL,                            /* perform_pollset */
+  Curl_http_perform_pollset,            /* perform_pollset */
   ZERO_NULL,                            /* disconnect */
   rtsp_rtp_write_resp,                  /* write_resp */
   rtsp_rtp_write_resp_hd,               /* write_resp_hd */
@@ -668,8 +668,7 @@ static CURLcode rtsp_do(struct Curl_easy *data, bool *done)
     /* if a request-body has been sent off, we make sure this progress is
        noted properly */
     Curl_pgrsSetUploadCounter(data, data->req.writebytecount);
-    if(Curl_pgrsUpdate(data))
-      result = CURLE_ABORTED_BY_CALLBACK;
+    result = Curl_pgrsUpdate(data);
   }
 out:
   curlx_dyn_free(&req_buffer);
diff --git a/lib/select.c b/lib/select.c
index 7818082e75..041733973e 100644
--- a/lib/select.c
+++ b/lib/select.c
@@ -711,7 +711,7 @@ void Curl_pollset_check(struct Curl_easy *data,
   *pwant_read = *pwant_write = FALSE;
 }
 
-bool Curl_pollset_want_read(struct Curl_easy *data,
+bool Curl_pollset_want_recv(struct Curl_easy *data,
                             struct easy_pollset *ps,
                             curl_socket_t sock)
 {
@@ -723,3 +723,16 @@ bool Curl_pollset_want_read(struct Curl_easy *data,
   }
   return FALSE;
 }
+
+bool Curl_pollset_want_send(struct Curl_easy *data,
+                            struct easy_pollset *ps,
+                            curl_socket_t sock)
+{
+  unsigned int i;
+  (void)data;
+  for(i = 0; i < ps->n; ++i) {
+    if((ps->sockets[i] == sock) && (ps->actions[i] & CURL_POLL_OUT))
+      return TRUE;
+  }
+  return FALSE;
+}
diff --git a/lib/select.h b/lib/select.h
index c1f975e9d7..fb54686af3 100644
--- a/lib/select.h
+++ b/lib/select.h
@@ -163,8 +163,12 @@ CURLcode Curl_pollset_set(struct Curl_easy *data,
 
 #define Curl_pollset_add_in(data, ps, sock) \
           Curl_pollset_change((data), (ps), (sock), CURL_POLL_IN, 0)
+#define Curl_pollset_remove_in(data, ps, sock) \
+          Curl_pollset_change((data), (ps), (sock), 0, CURL_POLL_IN)
 #define Curl_pollset_add_out(data, ps, sock) \
           Curl_pollset_change((data), (ps), (sock), CURL_POLL_OUT, 0)
+#define Curl_pollset_remove_out(data, ps, sock) \
+          Curl_pollset_change((data), (ps), (sock), 0, CURL_POLL_OUT)
 #define Curl_pollset_add_inout(data, ps, sock) \
           Curl_pollset_change((data), (ps), (sock), \
                                CURL_POLL_IN|CURL_POLL_OUT, 0)
@@ -188,10 +192,12 @@ void Curl_pollset_check(struct Curl_easy *data,
                         struct easy_pollset *ps, curl_socket_t sock,
                         bool *pwant_read, bool *pwant_write);
 
-/**
- * Return TRUE if the pollset contains socket with CURL_POLL_IN.
- */
-bool Curl_pollset_want_read(struct Curl_easy *data,
+/* TRUE if the pollset contains socket with CURL_POLL_IN. */
+bool Curl_pollset_want_recv(struct Curl_easy *data,
+                            struct easy_pollset *ps,
+                            curl_socket_t sock);
+/* TRUE if the pollset contains socket with CURL_POLL_OUT. */
+bool Curl_pollset_want_send(struct Curl_easy *data,
                             struct easy_pollset *ps,
                             curl_socket_t sock);
 
diff --git a/lib/sendf.c b/lib/sendf.c
index 655444a295..f70abb5797 100644
--- a/lib/sendf.c
+++ b/lib/sendf.c
@@ -108,6 +108,7 @@ static void cl_reset_writer(struct Curl_easy *data)
 static void cl_reset_reader(struct Curl_easy *data)
 {
   struct Curl_creader *reader = data->req.reader_stack;
+  data->req.reader_started = FALSE;
   while(reader) {
     data->req.reader_stack = reader->next;
     reader->crt->do_close(data, reader);
@@ -231,6 +232,7 @@ static CURLcode cw_download_write(struct Curl_easy *data,
 
   if(!is_connect && !ctx->started_response) {
     Curl_pgrsTime(data, TIMER_STARTTRANSFER);
+    Curl_rlimit_start(&data->progress.dl.rlimit, curlx_now());
     ctx->started_response = TRUE;
   }
 
@@ -301,7 +303,9 @@ static CURLcode cw_download_write(struct Curl_easy *data,
     if(result)
       return result;
   }
+
   /* Update stats, write and report progress */
+  Curl_rlimit_drain(&data->progress.dl.rlimit, nwrite, curlx_now());
   data->req.bytecount += nwrite;
   Curl_pgrsSetDownloadCounter(data, data->req.bytecount);
 
@@ -1198,9 +1202,28 @@ CURLcode Curl_client_read(struct Curl_easy *data, char *buf, size_t blen,
       return result;
     DEBUGASSERT(data->req.reader_stack);
   }
+  if(!data->req.reader_started) {
+    Curl_rlimit_start(&data->progress.ul.rlimit, curlx_now());
+    data->req.reader_started = TRUE;
+  }
 
+  if(Curl_rlimit_active(&data->progress.ul.rlimit)) {
+    curl_off_t ul_avail =
+      Curl_rlimit_avail(&data->progress.ul.rlimit, curlx_now());
+    if(ul_avail <= 0) {
+      result = CURLE_OK;
+      *eos = FALSE;
+      goto out;
+    }
+    if(ul_avail < (curl_off_t)blen)
+      blen = (size_t)ul_avail;
+  }
   result = Curl_creader_read(data, data->req.reader_stack, buf, blen,
                              nread, eos);
+  if(!result)
+    Curl_rlimit_drain(&data->progress.ul.rlimit, *nread, curlx_now());
+
+out:
   CURL_TRC_READ(data, "client_read(len=%zu) -> %d, nread=%zu, eos=%d",
                 blen, result, *nread, *eos);
   return result;
diff --git a/lib/setopt.c b/lib/setopt.c
index 338e94d1bb..1147deb116 100644
--- a/lib/setopt.c
+++ b/lib/setopt.c
@@ -2842,6 +2842,7 @@ static CURLcode setopt_offt(struct Curl_easy *data, CURLoption option,
     if(offt < 0)
       return CURLE_BAD_FUNCTION_ARGUMENT;
     s->max_send_speed = offt;
+    Curl_rlimit_init(&data->progress.ul.rlimit, offt, offt, curlx_now());
     break;
   case CURLOPT_MAX_RECV_SPEED_LARGE:
     /*
@@ -2851,6 +2852,7 @@ static CURLcode setopt_offt(struct Curl_easy *data, CURLoption option,
     if(offt < 0)
       return CURLE_BAD_FUNCTION_ARGUMENT;
     s->max_recv_speed = offt;
+    Curl_rlimit_init(&data->progress.dl.rlimit, offt, offt, curlx_now());
     break;
   case CURLOPT_RESUME_FROM_LARGE:
     /*
diff --git a/lib/smtp.c b/lib/smtp.c
index f36459634e..af4676dc18 100644
--- a/lib/smtp.c
+++ b/lib/smtp.c
@@ -1697,10 +1697,7 @@ static CURLcode smtp_regular_transfer(struct Curl_easy *data,
   data->req.size = -1;
 
   /* Set the progress data */
-  Curl_pgrsSetUploadCounter(data, 0);
-  Curl_pgrsSetDownloadCounter(data, 0);
-  Curl_pgrsSetUploadSize(data, -1);
-  Curl_pgrsSetDownloadSize(data, -1);
+  Curl_pgrsReset(data);
 
   /* Carry out the perform */
   result = smtp_perform(data, smtpc, smtp, &connected, dophase_done);
diff --git a/lib/speedcheck.c b/lib/speedcheck.c
deleted file mode 100644
index b074199c37..0000000000
--- a/lib/speedcheck.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/***************************************************************************
- *                                  _   _ ____  _
- *  Project                     ___| | | |  _ \| |
- *                             / __| | | | |_) | |
- *                            | (__| |_| |  _ <| |___
- *                             \___|\___/|_| \_\_____|
- *
- * Copyright (C) Daniel Stenberg, , et al.
- *
- * This software is licensed as described in the file COPYING, which
- * you should have received as part of this distribution. The terms
- * are also available at https://curl.se/docs/copyright.html.
- *
- * You may opt to use, copy, modify, merge, publish, distribute and/or sell
- * copies of the Software, and permit persons to whom the Software is
- * furnished to do so, under the terms of the COPYING file.
- *
- * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
- * KIND, either express or implied.
- *
- * SPDX-License-Identifier: curl
- *
- ***************************************************************************/
-
-#include "curl_setup.h"
-
-#include 
-#include "urldata.h"
-#include "sendf.h"
-#include "transfer.h"
-#include "multiif.h"
-#include "speedcheck.h"
-
-void Curl_speedinit(struct Curl_easy *data)
-{
-  memset(&data->state.keeps_speed, 0, sizeof(struct curltime));
-}
-
-/*
- * @unittest: 1606
- */
-CURLcode Curl_speedcheck(struct Curl_easy *data,
-                         struct curltime now)
-{
-  if(Curl_xfer_recv_is_paused(data) || Curl_xfer_send_is_paused(data))
-    /* A paused transfer is not qualified for speed checks */
-    return CURLE_OK;
-
-  if((data->progress.current_speed >= 0) && data->set.low_speed_time) {
-    if(data->progress.current_speed < data->set.low_speed_limit) {
-      if(!data->state.keeps_speed.tv_sec)
-        /* under the limit at this moment */
-        data->state.keeps_speed = now;
-      else {
-        /* how long has it been under the limit */
-        timediff_t howlong = curlx_timediff_ms(now, data->state.keeps_speed);
-
-        if(howlong >= data->set.low_speed_time * 1000) {
-          /* too long */
-          failf(data,
-                "Operation too slow. "
-                "Less than %ld bytes/sec transferred the last %ld seconds",
-                data->set.low_speed_limit,
-                data->set.low_speed_time);
-          return CURLE_OPERATION_TIMEDOUT;
-        }
-      }
-    }
-    else
-      /* faster right now */
-      data->state.keeps_speed.tv_sec = 0;
-  }
-
-  if(data->set.low_speed_limit)
-    /* if low speed limit is enabled, set the expire timer to make this
-       connection's speed get checked again in a second */
-    Curl_expire(data, 1000, EXPIRE_SPEEDCHECK);
-
-  return CURLE_OK;
-}
diff --git a/lib/speedcheck.h b/lib/speedcheck.h
deleted file mode 100644
index f54365cadf..0000000000
--- a/lib/speedcheck.h
+++ /dev/null
@@ -1,35 +0,0 @@
-#ifndef HEADER_CURL_SPEEDCHECK_H
-#define HEADER_CURL_SPEEDCHECK_H
-/***************************************************************************
- *                                  _   _ ____  _
- *  Project                     ___| | | |  _ \| |
- *                             / __| | | | |_) | |
- *                            | (__| |_| |  _ <| |___
- *                             \___|\___/|_| \_\_____|
- *
- * Copyright (C) Daniel Stenberg, , et al.
- *
- * This software is licensed as described in the file COPYING, which
- * you should have received as part of this distribution. The terms
- * are also available at https://curl.se/docs/copyright.html.
- *
- * You may opt to use, copy, modify, merge, publish, distribute and/or sell
- * copies of the Software, and permit persons to whom the Software is
- * furnished to do so, under the terms of the COPYING file.
- *
- * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
- * KIND, either express or implied.
- *
- * SPDX-License-Identifier: curl
- *
- ***************************************************************************/
-
-#include "curl_setup.h"
-
-#include "curlx/timeval.h"
-struct Curl_easy;
-void Curl_speedinit(struct Curl_easy *data);
-CURLcode Curl_speedcheck(struct Curl_easy *data,
-                         struct curltime now);
-
-#endif /* HEADER_CURL_SPEEDCHECK_H */
diff --git a/lib/telnet.c b/lib/telnet.c
index 45a70808ea..d0ca5a66ce 100644
--- a/lib/telnet.c
+++ b/lib/telnet.c
@@ -1659,9 +1659,10 @@ static CURLcode telnet_do(struct Curl_easy *data, bool *done)
       }
     }
 
-    if(Curl_pgrsUpdate(data)) {
-      result = CURLE_ABORTED_BY_CALLBACK;
-      break;
+    if(!result) {
+      result = Curl_pgrsUpdate(data);
+      if(result)
+        keepon = FALSE;
     }
   }
 #endif
diff --git a/lib/tftp.c b/lib/tftp.c
index c730f8499e..ce9d200f05 100644
--- a/lib/tftp.c
+++ b/lib/tftp.c
@@ -59,7 +59,6 @@
 #include "multiif.h"
 #include "url.h"
 #include "strcase.h"
-#include "speedcheck.h"
 #include "select.h"
 #include "escape.h"
 #include "curlx/strerr.h"
@@ -1175,9 +1174,10 @@ static CURLcode tftp_receive_packet(struct Curl_easy *data,
     }
 
     /* Update the progress meter */
-    if(Curl_pgrsUpdate(data)) {
+    result = Curl_pgrsUpdate(data);
+    if(result) {
       tftp_state_machine(state, TFTP_EVENT_ERROR);
-      return CURLE_ABORTED_BY_CALLBACK;
+      return result;
     }
   }
   return result;
@@ -1297,10 +1297,7 @@ static CURLcode tftp_doing(struct Curl_easy *data, bool *dophase_done)
     /* The multi code does not have this logic for the DOING state so we
        provide it for TFTP since it may do the entire transfer in this
        state. */
-    if(Curl_pgrsUpdate(data))
-      result = CURLE_ABORTED_BY_CALLBACK;
-    else
-      result = Curl_speedcheck(data, curlx_now());
+    result = Curl_pgrsCheck(data);
   }
   return result;
 }
diff --git a/lib/transfer.c b/lib/transfer.c
index b576e6b88d..fbacdf4290 100644
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -65,7 +65,6 @@
 #include "cw-out.h"
 #include "transfer.h"
 #include "sendf.h"
-#include "speedcheck.h"
 #include "progress.h"
 #include "http.h"
 #include "url.h"
@@ -241,10 +240,9 @@ static CURLcode sendrecv_dl(struct Curl_easy *data,
   char *buf, *xfer_buf;
   size_t blen, xfer_blen;
   int maxloops = 10;
-  curl_off_t total_received = 0;
   bool is_multiplex = FALSE;
   bool rcvd_eagain = FALSE;
-  bool is_eos = FALSE;
+  bool is_eos = FALSE, rate_limited = FALSE;
 
   result = Curl_multi_xfer_buf_borrow(data, &xfer_buf, &xfer_blen);
   if(result)
@@ -265,15 +263,21 @@ static CURLcode sendrecv_dl(struct Curl_easy *data,
     buf = xfer_buf;
     bytestoread = xfer_blen;
 
-    if(bytestoread && data->set.max_recv_speed > 0) {
-      /* In case of speed limit on receiving: if this loop already got
-       * a quarter of the quota, break out. We want to stutter a bit
-       * to keep in the limit, but too small receives will just cost
-       * cpu unnecessarily. */
-      if(total_received && (total_received >= (data->set.max_recv_speed / 4)))
+    if(bytestoread && Curl_rlimit_active(&data->progress.dl.rlimit)) {
+      curl_off_t dl_avail = Curl_rlimit_avail(&data->progress.dl.rlimit,
+                                              curlx_now());
+      /* DEBUGF(infof(data, "dl_rlimit, available=%" FMT_OFF_T, dl_avail));
+       */
+      /* In case of rate limited downloads: if this loop already got
+       * data and less than 16k is left in the limit, break out.
+       * We want to stutter a bit to keep in the limit, but too small
+       * receives will just cost cpu unnecessarily. */
+      if(dl_avail <= 0) {
+        rate_limited = TRUE;
         break;
-      if(data->set.max_recv_speed < (curl_off_t)bytestoread)
-        bytestoread = (size_t)data->set.max_recv_speed;
+      }
+      if(dl_avail < (curl_off_t)bytestoread)
+        bytestoread = (size_t)dl_avail;
     }
 
     rcvd_eagain = FALSE;
@@ -315,7 +319,6 @@ static CURLcode sendrecv_dl(struct Curl_easy *data,
       if(k->eos_written) /* already did write this to client, leave */
         break;
     }
-    total_received += blen;
 
     result = Curl_xfer_write_resp(data, buf, blen, is_eos);
     if(result || data->req.done)
@@ -327,13 +330,13 @@ static CURLcode sendrecv_dl(struct Curl_easy *data,
     if((!is_multiplex && data->req.download_done) || is_eos) {
       data->req.keepon &= ~KEEP_RECV;
     }
-    /* if we are PAUSEd or stopped receiving, leave the loop */
-    if((k->keepon & KEEP_RECV_PAUSE) || !(k->keepon & KEEP_RECV))
+    /* if we stopped receiving, leave the loop */
+    if(!(k->keepon & KEEP_RECV))
       break;
 
   } while(maxloops--);
 
-  if(!is_eos && !Curl_xfer_is_blocked(data) &&
+  if(!is_eos && !rate_limited && CURL_WANT_RECV(data) &&
      (!rcvd_eagain || data_pending(data, rcvd_eagain))) {
     /* Did not read until EAGAIN/EOS or there is still data pending
      * in buffers. Mark as read-again via simulated SELECT results. */
@@ -396,16 +399,13 @@ CURLcode Curl_sendrecv(struct Curl_easy *data, struct curltime *nowp)
   }
 
   /* If we still have writing to do, we check if we have a writable socket. */
-  if(Curl_req_want_send(data) || (data->req.keepon & KEEP_SEND_TIMED)) {
+  if(Curl_req_want_send(data)) {
     result = sendrecv_ul(data);
     if(result)
       goto out;
   }
 
-  if(Curl_pgrsUpdate(data))
-    result = CURLE_ABORTED_BY_CALLBACK;
-  else
-    result = Curl_speedcheck(data, *nowp);
+  result = Curl_pgrsCheck(data);
   if(result)
     goto out;
 
@@ -440,16 +440,14 @@ CURLcode Curl_sendrecv(struct Curl_easy *data, struct curltime *nowp)
       result = CURLE_PARTIAL_FILE;
       goto out;
     }
-    if(Curl_pgrsUpdate(data)) {
-      result = CURLE_ABORTED_BY_CALLBACK;
-      goto out;
-    }
   }
 
   /* If there is nothing more to send/recv, the request is done */
-  if((k->keepon & (KEEP_RECVBITS|KEEP_SENDBITS)) == 0)
+  if((k->keepon & (KEEP_RECV|KEEP_SEND)) == 0)
     data->req.done = TRUE;
 
+  result = Curl_pgrsUpdate(data);
+
 out:
   if(result)
     DEBUGF(infof(data, "Curl_sendrecv() -> %d", result));
@@ -913,51 +911,30 @@ bool Curl_xfer_is_blocked(struct Curl_easy *data)
 
 bool Curl_xfer_send_is_paused(struct Curl_easy *data)
 {
-  return (data->req.keepon & KEEP_SEND_PAUSE);
+  return Curl_rlimit_is_blocked(&data->progress.ul.rlimit);
 }
 
 bool Curl_xfer_recv_is_paused(struct Curl_easy *data)
 {
-  return (data->req.keepon & KEEP_RECV_PAUSE);
+  return Curl_rlimit_is_blocked(&data->progress.dl.rlimit);
 }
 
 CURLcode Curl_xfer_pause_send(struct Curl_easy *data, bool enable)
 {
   CURLcode result = CURLE_OK;
-  if(enable) {
-    data->req.keepon |= KEEP_SEND_PAUSE;
-  }
-  else {
-    data->req.keepon &= ~KEEP_SEND_PAUSE;
-    if(Curl_creader_is_paused(data))
-      result = Curl_creader_unpause(data);
-  }
+  Curl_rlimit_block(&data->progress.ul.rlimit, enable, curlx_now());
+  if(!enable && Curl_creader_is_paused(data))
+    result = Curl_creader_unpause(data);
   return result;
 }
 
 CURLcode Curl_xfer_pause_recv(struct Curl_easy *data, bool enable)
 {
   CURLcode result = CURLE_OK;
-  if(enable) {
-    data->req.keepon |= KEEP_RECV_PAUSE;
-  }
-  else {
-    data->req.keepon &= ~KEEP_RECV_PAUSE;
-    if(Curl_cwriter_is_paused(data))
-      result = Curl_cwriter_unpause(data);
-  }
+  Curl_rlimit_block(&data->progress.dl.rlimit, enable, curlx_now());
+  if(!enable && Curl_cwriter_is_paused(data))
+    result = Curl_cwriter_unpause(data);
   Curl_conn_ev_data_pause(data, enable);
+  Curl_pgrsRecvPause(data, enable);
   return result;
 }
-
-bool Curl_xfer_is_too_fast(struct Curl_easy *data)
-{
-  struct Curl_llist_node *e = Curl_llist_head(&data->state.timeoutlist);
-  while(e) {
-    struct time_node *n = Curl_node_elem(e);
-    e = Curl_node_next(e);
-    if(n->eid == EXPIRE_TOOFAST)
-      return TRUE;
-  }
-  return FALSE;
-}
diff --git a/lib/transfer.h b/lib/transfer.h
index 6145efb4a5..b96629d979 100644
--- a/lib/transfer.h
+++ b/lib/transfer.h
@@ -143,7 +143,4 @@ bool Curl_xfer_recv_is_paused(struct Curl_easy *data);
 CURLcode Curl_xfer_pause_send(struct Curl_easy *data, bool enable);
 CURLcode Curl_xfer_pause_recv(struct Curl_easy *data, bool enable);
 
-/* Query if transfer has expire timeout TOOFAST set. */
-bool Curl_xfer_is_too_fast(struct Curl_easy *data);
-
 #endif /* HEADER_CURL_TRANSFER_H */
diff --git a/lib/url.c b/lib/url.c
index 7e4d455a8c..f9b1ed0808 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -88,7 +88,6 @@
 #include "select.h"
 #include "multiif.h"
 #include "easyif.h"
-#include "speedcheck.h"
 #include "curlx/warnless.h"
 #include "getinfo.h"
 #include "pop3.h"
@@ -3884,7 +3883,6 @@ CURLcode Curl_connect(struct Curl_easy *data,
 
 CURLcode Curl_init_do(struct Curl_easy *data, struct connectdata *conn)
 {
-  /* if this is a pushed stream, we need this: */
   CURLcode result;
 
   if(conn) {
@@ -3904,9 +3902,7 @@ CURLcode Curl_init_do(struct Curl_easy *data, struct connectdata *conn)
 
   result = Curl_req_start(&data->req, data);
   if(!result) {
-    Curl_speedinit(data);
-    Curl_pgrsSetUploadCounter(data, 0);
-    Curl_pgrsSetDownloadCounter(data, 0);
+    Curl_pgrsReset(data);
   }
   return result;
 }
diff --git a/lib/urldata.h b/lib/urldata.h
index 4b112e7072..e4fc49753f 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -156,6 +156,7 @@ typedef unsigned int curl_prot_t;
 #include "curlx/dynbuf.h"
 #include "dynhds.h"
 #include "request.h"
+#include "ratelimit.h"
 #include "netrc.h"
 
 /* On error return, the value of `pnwritten` has no meaning */
@@ -426,30 +427,11 @@ struct hostname {
 #define KEEP_NONE       0
 #define KEEP_RECV       (1<<0) /* there is or may be data to read */
 #define KEEP_SEND       (1<<1) /* there is or may be data to write */
-#define KEEP_RECV_HOLD  (1<<2) /* when set, no reading should be done but there
-                                  might still be data to read */
-#define KEEP_SEND_HOLD  (1<<3) /* when set, no writing should be done but there
-                                  might still be data to write */
-#define KEEP_RECV_PAUSE (1<<4) /* reading is paused */
-#define KEEP_SEND_PAUSE (1<<5) /* writing is paused */
 
-/* KEEP_SEND_TIMED is set when the transfer should attempt sending
- * at timer (or other) events. A transfer waiting on a timer will
-  * remove KEEP_SEND to suppress POLLOUTs of the connection.
-  * Adding KEEP_SEND_TIMED will then attempt to send whenever the transfer
-  * enters the "readwrite" loop, e.g. when a timer fires.
-  * This is used in HTTP for 'Expect: 100-continue' waiting. */
-#define KEEP_SEND_TIMED (1<<6)
-
-#define KEEP_RECVBITS (KEEP_RECV | KEEP_RECV_HOLD | KEEP_RECV_PAUSE)
-#define KEEP_SENDBITS (KEEP_SEND | KEEP_SEND_HOLD | KEEP_SEND_PAUSE)
-
-/* transfer wants to send is not PAUSE or HOLD */
-#define CURL_WANT_SEND(data) \
-  (((data)->req.keepon & KEEP_SENDBITS) == KEEP_SEND)
-/* transfer receive is not on PAUSE or HOLD */
-#define CURL_WANT_RECV(data) \
-  (((data)->req.keepon & KEEP_RECVBITS) == KEEP_RECV)
+/* transfer wants to send */
+#define CURL_WANT_SEND(data) ((data)->req.keepon & KEEP_SEND)
+/* transfer wants to receive */
+#define CURL_WANT_RECV(data) ((data)->req.keepon & KEEP_RECV)
 
 #define FIRSTSOCKET     0
 #define SECONDARYSOCKET 1
@@ -805,16 +787,11 @@ struct PureInfo {
   BIT(used_proxy); /* the transfer used a proxy */
 };
 
-struct pgrs_measure {
-  struct curltime start; /* when measure started */
-  curl_off_t start_size; /* the 'cur_size' the measure started at */
-};
-
 struct pgrs_dir {
   curl_off_t total_size; /* total expected bytes */
   curl_off_t cur_size; /* transferred bytes so far */
   curl_off_t speed; /* bytes per second transferred */
-  struct pgrs_measure limit;
+  struct Curl_rlimit rlimit; /* speed limiting / pausing */
 };
 
 struct Progress {
@@ -843,10 +820,10 @@ struct Progress {
   struct curltime t_startqueue;
   struct curltime t_acceptdata;
 
-#define CURR_TIME (5 + 1) /* 6 entries for 5 seconds */
+#define CURL_SPEED_RECORDS (5 + 1) /* 6 entries for 5 seconds */
 
-  curl_off_t speeder[ CURR_TIME ];
-  struct curltime speeder_time[ CURR_TIME ];
+  curl_off_t speed_amount[ CURL_SPEED_RECORDS ];
+  struct curltime speed_time[ CURL_SPEED_RECORDS ];
   unsigned char speeder_c;
   BIT(hide);
   BIT(ul_size_known);
diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c
index ecfa895a2e..f63162b344 100644
--- a/lib/vquic/curl_ngtcp2.c
+++ b/lib/vquic/curl_ngtcp2.c
@@ -80,10 +80,9 @@
 #define QUIC_HANDSHAKE_TIMEOUT (10*NGTCP2_SECONDS)
 
 /* A stream window is the maximum amount we need to buffer for
- * each active transfer. We use HTTP/3 flow control and only ACK
- * when we take things out of the buffer.
+ * each active transfer.
  * Chunk size is large enough to take a full DATA frame */
-#define H3_STREAM_WINDOW_SIZE (128 * 1024)
+#define H3_STREAM_WINDOW_SIZE (64 * 1024)
 #define H3_STREAM_CHUNK_SIZE   (16 * 1024)
 #if H3_STREAM_CHUNK_SIZE < NGTCP2_MAX_UDP_PAYLOAD_SIZE
 #error H3_STREAM_CHUNK_SIZE smaller than NGTCP2_MAX_UDP_PAYLOAD_SIZE
@@ -242,6 +241,7 @@ struct h3_stream_ctx {
   size_t sendbuf_len_in_flight; /* sendbuf amount "in flight" */
   curl_uint64_t error3; /* HTTP/3 stream error code */
   curl_off_t upload_left; /* number of request bytes left to upload */
+  uint64_t download_unacked; /* bytes not acknowledged yet */
   int status_code; /* HTTP status code */
   CURLcode xfer_result; /* result from xfer_resp_write(_hd) */
   BIT(resp_hds_complete); /* we have a complete, final response */
@@ -472,7 +472,7 @@ static void quic_settings(struct cf_ngtcp2_ctx *ctx,
   s->handshake_timeout = (data->set.connecttimeout > 0) ?
     data->set.connecttimeout * NGTCP2_MILLISECONDS : QUIC_HANDSHAKE_TIMEOUT;
   s->max_window = 100 * ctx->max_stream_window;
-  s->max_stream_window = 10 * ctx->max_stream_window;
+  s->max_stream_window = ctx->max_stream_window;
   s->no_pmtud = FALSE;
 #ifdef NGTCP2_SETTINGS_V3
   /* try ten times the ngtcp2 defaults here for problems with Caddy */
@@ -1057,6 +1057,35 @@ static void h3_xfer_write_resp(struct Curl_cfilter *cf,
   }
 }
 
+static void cf_ngtcp2_ack_stream(struct Curl_cfilter *cf,
+                                 struct Curl_easy *data,
+                                 struct h3_stream_ctx *stream)
+{
+  struct cf_ngtcp2_ctx *ctx = cf->ctx;
+  struct curltime now = curlx_now();
+  curl_off_t avail;
+  uint64_t ack_len = 0;
+
+  /* How many byte to ack on the stream? */
+
+  /* how much does rate limiting allow us to acknowledge? */
+  avail = Curl_rlimit_avail(&data->progress.dl.rlimit, now);
+  if(avail == CURL_OFF_T_MAX) { /* no rate limit, ack all */
+    ack_len = stream->download_unacked;
+  }
+  else if(avail > 0) {
+    ack_len = CURLMIN(stream->download_unacked, (uint64_t)avail);
+  }
+
+  if(ack_len) {
+    CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] ACK %" PRIu64
+                "/%" PRIu64 " bytes of DATA", stream->id,
+                ack_len, stream->download_unacked);
+    ngtcp2_conn_extend_max_stream_offset(ctx->qconn, stream->id, ack_len);
+    stream->download_unacked -= ack_len;
+  }
+}
+
 static int cb_h3_recv_data(nghttp3_conn *conn, int64_t stream3_id,
                            const uint8_t *buf, size_t blen,
                            void *user_data, void *stream_user_data)
@@ -1073,13 +1102,15 @@ static int cb_h3_recv_data(nghttp3_conn *conn, int64_t stream3_id,
     return NGHTTP3_ERR_CALLBACK_FAILURE;
 
   h3_xfer_write_resp(cf, data, stream, (const char *)buf, blen, FALSE);
-  if(blen) {
-    CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] ACK %zu bytes of DATA",
-                stream->id, blen);
-    ngtcp2_conn_extend_max_stream_offset(ctx->qconn, stream->id, blen);
-    ngtcp2_conn_extend_max_offset(ctx->qconn, blen);
-  }
   CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] DATA len=%zu", stream->id, blen);
+
+  ngtcp2_conn_extend_max_offset(ctx->qconn, blen);
+  if(UINT64_MAX - blen < stream->download_unacked)
+    stream->download_unacked = UINT64_MAX; /* unlikely */
+  else
+    stream->download_unacked += blen;
+
+  cf_ngtcp2_ack_stream(cf, data, stream);
   return 0;
 }
 
@@ -1374,6 +1405,8 @@ static CURLcode cf_ngtcp2_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
     goto out;
   }
 
+  cf_ngtcp2_ack_stream(cf, data, stream);
+
   if(cf_progress_ingress(cf, data, &pktx)) {
     result = CURLE_RECV_ERROR;
     goto out;
diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c
index 9428a20a5f..77a915884a 100644
--- a/lib/vssh/libssh.c
+++ b/lib/vssh/libssh.c
@@ -54,7 +54,6 @@
 #include "../http.h"               /* for HTTP proxy tunnel stuff */
 #include "ssh.h"
 #include "../url.h"
-#include "../speedcheck.h"
 #include "../vtls/vtls.h"
 #include "../cfilters.h"
 #include "../connect.h"
@@ -2481,17 +2480,13 @@ static CURLcode myssh_block_statemach(struct Curl_easy *data,
   while((sshc->state != SSH_STOP) && !result) {
     bool block;
     timediff_t left_ms = 1000;
-    struct curltime now = curlx_now();
 
     result = myssh_statemach_act(data, sshc, sshp, &block);
     if(result)
       break;
 
     if(!disconnect) {
-      if(Curl_pgrsUpdate(data))
-        return CURLE_ABORTED_BY_CALLBACK;
-
-      result = Curl_speedcheck(data, now);
+      result = Curl_pgrsCheck(data);
       if(result)
         break;
 
@@ -2746,10 +2741,7 @@ static CURLcode myssh_do_it(struct Curl_easy *data, bool *done)
   sshc->secondCreateDirs = 0;   /* reset the create directory attempt state
                                    variable */
 
-  Curl_pgrsSetUploadCounter(data, 0);
-  Curl_pgrsSetDownloadCounter(data, 0);
-  Curl_pgrsSetUploadSize(data, -1);
-  Curl_pgrsSetDownloadSize(data, -1);
+  Curl_pgrsReset(data);
 
   if(conn->handler->protocol & CURLPROTO_SCP)
     result = scp_perform(data, &connected, done);
diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c
index 3a7e14053f..714e395373 100644
--- a/lib/vssh/libssh2.c
+++ b/lib/vssh/libssh2.c
@@ -53,7 +53,6 @@
 #include "../http.h" /* for HTTP proxy tunnel stuff */
 #include "ssh.h"
 #include "../url.h"
-#include "../speedcheck.h"
 #include "../vtls/vtls.h"
 #include "../cfilters.h"
 #include "../connect.h"
@@ -3135,10 +3134,7 @@ static CURLcode ssh_block_statemach(struct Curl_easy *data,
       break;
 
     if(!disconnect) {
-      if(Curl_pgrsUpdate(data))
-        return CURLE_ABORTED_BY_CALLBACK;
-
-      result = Curl_speedcheck(data, now);
+      result = Curl_pgrsCheck(data);
       if(result)
         break;
 
@@ -3534,10 +3530,7 @@ static CURLcode ssh_do(struct Curl_easy *data, bool *done)
   sshc->secondCreateDirs = 0;   /* reset the create directory attempt state
                                    variable */
 
-  Curl_pgrsSetUploadCounter(data, 0);
-  Curl_pgrsSetDownloadCounter(data, 0);
-  Curl_pgrsSetUploadSize(data, -1);
-  Curl_pgrsSetDownloadSize(data, -1);
+  Curl_pgrsReset(data);
 
   if(conn->handler->protocol & CURLPROTO_SCP)
     result = scp_perform(data, &connected, done);
diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c
index a40c440234..f7e831f002 100644
--- a/lib/vtls/schannel.c
+++ b/lib/vtls/schannel.c
@@ -1811,10 +1811,9 @@ schannel_recv_renegotiate(struct Curl_cfilter *cf, struct Curl_easy *data,
       int what;
       timediff_t timeout_ms, remaining;
 
-      if(Curl_pgrsUpdate(data)) {
-        result = CURLE_ABORTED_BY_CALLBACK;
+      result = Curl_pgrsUpdate(data);
+      if(result)
         break;
-      }
 
       elapsed = curlx_timediff_ms(curlx_now(), rs->start_time);
       if(elapsed >= MAX_RENEG_BLOCK_TIME) {
diff --git a/lib/ws.c b/lib/ws.c
index 140bdece47..b5c02bda95 100644
--- a/lib/ws.c
+++ b/lib/ws.c
@@ -1927,9 +1927,9 @@ const struct Curl_handler Curl_handler_ws = {
   ZERO_NULL,                            /* connecting */
   ZERO_NULL,                            /* doing */
   ZERO_NULL,                            /* proto_pollset */
-  Curl_http_do_pollset,                 /* doing_pollset */
+  Curl_http_doing_pollset,              /* doing_pollset */
   ZERO_NULL,                            /* domore_pollset */
-  ZERO_NULL,                            /* perform_pollset */
+  Curl_http_perform_pollset,            /* perform_pollset */
   ZERO_NULL,                            /* disconnect */
   Curl_http_write_resp,                 /* write_resp */
   Curl_http_write_resp_hd,              /* write_resp_hd */
@@ -1954,9 +1954,9 @@ const struct Curl_handler Curl_handler_wss = {
   NULL,                                 /* connecting */
   ZERO_NULL,                            /* doing */
   NULL,                                 /* proto_pollset */
-  Curl_http_do_pollset,                 /* doing_pollset */
+  Curl_http_doing_pollset,              /* doing_pollset */
   ZERO_NULL,                            /* domore_pollset */
-  ZERO_NULL,                            /* perform_pollset */
+  Curl_http_perform_pollset,            /* perform_pollset */
   ZERO_NULL,                            /* disconnect */
   Curl_http_write_resp,                 /* write_resp */
   Curl_http_write_resp_hd,              /* write_resp_hd */
diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am
index fc10723814..bc3abbc7d8 100644
--- a/tests/data/Makefile.am
+++ b/tests/data/Makefile.am
@@ -280,7 +280,7 @@ test3032 test3033 test3034 test3035 \
 test3100 test3101 test3102 test3103 test3104 test3105 \
 \
 test3200 test3201 test3202 test3203 test3204 test3205 test3206 test3207 test3208 \
-test3209 test3210 test3211 test3212 test3213 test3214 test3215 \
+test3209 test3210 test3211 test3212 test3213 test3214 test3215 test3216 \
 test4000 test4001
 
 EXTRA_DIST = $(TESTCASES) DISABLED data-xml1
diff --git a/tests/data/test3216 b/tests/data/test3216
new file mode 100644
index 0000000000..923090c70a
--- /dev/null
+++ b/tests/data/test3216
@@ -0,0 +1,19 @@
+
+
+
+unittest
+ratelimit
+
+
+
+#
+# Client-side
+
+
+unittest
+
+
+ratelimit unit tests
+
+
+
diff --git a/tests/http/test_02_download.py b/tests/http/test_02_download.py
index 9abe497539..8cfd68b204 100644
--- a/tests/http/test_02_download.py
+++ b/tests/http/test_02_download.py
@@ -27,11 +27,9 @@
 import difflib
 import filecmp
 import logging
-import math
 import os
 import re
 import sys
-from datetime import timedelta
 import pytest
 
 from testenv import Env, CurlClient, LocalClient
@@ -424,15 +422,17 @@ class TestDownload:
         count = 1
         url = f'https://{env.authority_for(env.domain1, proto)}/data-1m'
         curl = CurlClient(env=env)
-        speed_limit = 384 * 1024
-        min_duration = math.floor((1024 * 1024)/speed_limit)
+        speed_limit = 256 * 1024
         r = curl.http_download(urls=[url], alpn_proto=proto, extra_args=[
             '--limit-rate', f'{speed_limit}'
         ])
         r.check_response(count=count, http_status=200)
-        assert r.duration > timedelta(seconds=min_duration), \
-            f'rate limited transfer should take more than {min_duration}s, '\
-            f'not {r.duration}'
+        dl_speed = r.stats[0]['speed_download']
+        # speed limit is only exact on long durations. Ideally this transfer
+        # would take 4 seconds, but it may end just after 3 because then
+        # we have downloaded the rest and will not wait for the rate
+        # limit to increase again.
+        assert dl_speed <= ((1024*1024)/3), f'{r.stats[0]}'
 
     # make extreme parallel h2 upgrades, check invalid conn reuse
     # before protocol switch has happened
diff --git a/tests/http/test_07_upload.py b/tests/http/test_07_upload.py
index 8d69018841..9e49ad7f47 100644
--- a/tests/http/test_07_upload.py
+++ b/tests/http/test_07_upload.py
@@ -557,7 +557,7 @@ class TestUpload:
         r.check_response(count=count, http_status=200)
         assert r.responses[0]['header']['received-length'] == f'{up_len}', f'{r.responses[0]}'
         up_speed = r.stats[0]['speed_upload']
-        assert (speed_limit * 0.5) <= up_speed <= (speed_limit * 1.5), f'{r.stats[0]}'
+        assert up_speed <= (speed_limit * 1.1), f'{r.stats[0]}'
 
     # speed limited on echo handler
     @pytest.mark.parametrize("proto", Env.http_protos())
@@ -573,7 +573,7 @@ class TestUpload:
         ])
         r.check_response(count=count, http_status=200)
         up_speed = r.stats[0]['speed_upload']
-        assert (speed_limit * 0.5) <= up_speed <= (speed_limit * 1.5), f'{r.stats[0]}'
+        assert up_speed <= (speed_limit * 1.1), f'{r.stats[0]}'
 
     # upload larger data, triggering "Expect: 100-continue" code paths
     @pytest.mark.parametrize("proto", ['http/1.1'])
diff --git a/tests/unit/Makefile.inc b/tests/unit/Makefile.inc
index 7027973d2f..af5e2ebc75 100644
--- a/tests/unit/Makefile.inc
+++ b/tests/unit/Makefile.inc
@@ -42,4 +42,4 @@ TESTS_C = \
   unit1979.c unit1980.c \
   unit2600.c unit2601.c unit2602.c unit2603.c unit2604.c unit2605.c \
   unit3200.c                                             unit3205.c \
-  unit3211.c unit3212.c unit3213.c unit3214.c
+  unit3211.c unit3212.c unit3213.c unit3214.c            unit3216.c
diff --git a/tests/unit/unit1606.c b/tests/unit/unit1606.c
index d323b5ce02..4e290db72a 100644
--- a/tests/unit/unit1606.c
+++ b/tests/unit/unit1606.c
@@ -23,7 +23,7 @@
  ***************************************************************************/
 #include "unitcheck.h"
 
-#include "speedcheck.h"
+#include "progress.h"
 #include "urldata.h"
 
 static CURLcode t1606_setup(struct Curl_easy **easy)
@@ -58,12 +58,12 @@ static int runawhile(struct Curl_easy *easy,
 
   curl_easy_setopt(easy, CURLOPT_LOW_SPEED_LIMIT, speed_limit);
   curl_easy_setopt(easy, CURLOPT_LOW_SPEED_TIME, time_limit);
-  Curl_speedinit(easy);
+  Curl_pgrsReset(easy);
 
   do {
     /* fake the current transfer speed */
     easy->progress.current_speed = speed;
-    res = Curl_speedcheck(easy, now);
+    res = pgrs_speedcheck(easy, &now);
     if(res)
       break;
     /* step the time */
diff --git a/tests/unit/unit3216.c b/tests/unit/unit3216.c
new file mode 100644
index 0000000000..cbe9a5f0bf
--- /dev/null
+++ b/tests/unit/unit3216.c
@@ -0,0 +1,103 @@
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) Daniel Stenberg, , et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ * SPDX-License-Identifier: curl
+ *
+ ***************************************************************************/
+#include "unitcheck.h"
+
+#include "ratelimit.h"
+
+static CURLcode test_unit3216(const char *arg)
+{
+  UNITTEST_BEGIN_SIMPLE
+  struct Curl_rlimit r;
+  struct curltime ts;
+
+  /* A ratelimit that is unlimited */
+  ts = curlx_now();
+  Curl_rlimit_init(&r, 0, 0, ts);
+  fail_unless(Curl_rlimit_avail(&r, ts) == CURL_OFF_T_MAX, "inf");
+  Curl_rlimit_drain(&r, 1000000, ts);
+  fail_unless(Curl_rlimit_avail(&r, ts) == CURL_OFF_T_MAX, "drain keep inf");
+  fail_unless(Curl_rlimit_wait_ms(&r, ts) == 0, "inf never waits");
+
+  Curl_rlimit_block(&r, TRUE, ts);
+  fail_unless(Curl_rlimit_avail(&r, ts) == 0, "inf blocked to 0");
+  Curl_rlimit_drain(&r, 1000000, ts);
+  fail_unless(Curl_rlimit_avail(&r, ts) == 0, "blocked inf");
+  Curl_rlimit_block(&r, FALSE, ts);
+  fail_unless(Curl_rlimit_avail(&r, ts) == CURL_OFF_T_MAX,
+    "unblocked unlimited");
+
+  /* A ratelimit that give 10 tokens per second */
+  ts = curlx_now();
+  Curl_rlimit_init(&r, 10, 0, ts);
+  fail_unless(Curl_rlimit_avail(&r, ts) == 10, "initial 10");
+  Curl_rlimit_drain(&r, 5, ts);
+  fail_unless(Curl_rlimit_avail(&r, ts) == 5, "drain to 5");
+  Curl_rlimit_drain(&r, 3, ts);
+  fail_unless(Curl_rlimit_avail(&r, ts) == 2, "drain to 2");
+  ts.tv_usec += 1000; /* 1ms */
+  Curl_rlimit_drain(&r, 3, ts);
+  fail_unless(Curl_rlimit_avail(&r, ts) == -1, "drain to -1");
+  fail_unless(Curl_rlimit_wait_ms(&r, ts) == 999, "wait 999ms");
+  ts.tv_usec += 1000; /* 1ms */
+  fail_unless(Curl_rlimit_wait_ms(&r, ts) == 998, "wait 998ms");
+  ts.tv_sec += 1;
+  fail_unless(Curl_rlimit_avail(&r, ts) == 9, "10 inc per sec");
+  ts.tv_sec += 1;
+  fail_unless(Curl_rlimit_avail(&r, ts) == 19, "10 inc per sec(2)");
+
+  Curl_rlimit_block(&r, TRUE, curlx_now());
+  fail_unless(Curl_rlimit_avail(&r, curlx_now()) == 0, "10 blocked to 0");
+  Curl_rlimit_block(&r, FALSE, curlx_now());
+  fail_unless(Curl_rlimit_avail(&r, curlx_now()) == 10, "unblocked 10");
+
+  /* A ratelimit that give 10 tokens per second, max burst 15/s */
+  ts = curlx_now();
+  Curl_rlimit_init(&r, 10, 15, ts);
+  fail_unless(Curl_rlimit_avail(&r, ts) == 10, "initial 10");
+  Curl_rlimit_drain(&r, 5, ts);
+  fail_unless(Curl_rlimit_avail(&r, ts) == 5, "drain to 5");
+  Curl_rlimit_drain(&r, 3, ts);
+  fail_unless(Curl_rlimit_avail(&r, ts) == 2, "drain to 2");
+  Curl_rlimit_drain(&r, 3, ts);
+  fail_unless(Curl_rlimit_avail(&r, ts) == -1, "drain to -1");
+  ts.tv_sec += 1;
+  fail_unless(Curl_rlimit_avail(&r, ts) == 9, "10 inc per sec");
+  ts.tv_sec += 1;
+  fail_unless(Curl_rlimit_avail(&r, ts) == 15, "10/15 burst limit");
+  ts.tv_sec += 1;
+  fail_unless(Curl_rlimit_avail(&r, ts) == 15, "10/15 burst limit(2)");
+  Curl_rlimit_drain(&r, 15, ts);
+  fail_unless(Curl_rlimit_avail(&r, ts) == 0, "drain to 0");
+  fail_unless(Curl_rlimit_wait_ms(&r, ts) == 1000, "wait 1 sec");
+  ts.tv_usec += 500000; /* half a sec, cheating on second carry */
+  fail_unless(Curl_rlimit_avail(&r, ts) == 0, "0 after 0.5 sec");
+  fail_unless(Curl_rlimit_wait_ms(&r, ts) == 500, "wait 0.5 sec");
+  ts.tv_sec += 1;
+  fail_unless(Curl_rlimit_avail(&r, ts) == 10, "10 after 1.5 sec");
+  fail_unless(Curl_rlimit_wait_ms(&r, ts) == 0, "wait 0");
+  ts.tv_usec += 500000; /* half a sec, cheating on second carry */
+  fail_unless(Curl_rlimit_avail(&r, ts) == 15, "10 after 2 sec");
+
+  UNITTEST_END_SIMPLE
+}

From 56f2479c1433bd4f886295fcdce2459d1333eecf Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 24 Nov 2025 12:46:01 +0100
Subject: [PATCH 0980/2408] manage: expand the 'libcurl support required'
 message

Example of old text:

 --dns-ipv4-addr requires that libcurl is built to support c-ares.

New version:

 For --dns-ipv4-addr to work, it requires that the underlying libcurl is
 built to support c-ares.

Closes #19665
---
 scripts/managen | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/managen b/scripts/managen
index 61dae8cc1f..d8ff9bae51 100755
--- a/scripts/managen
+++ b/scripts/managen
@@ -854,7 +854,7 @@ sub single {
 
     if($requires) {
         my $l = manpageify($long, $manpage);
-        push @foot, "$l requires that libcurl".
+        push @foot, "For $l to work, it requires that the underlying libcurl".
             " is built to support $requires.\n";
     }
     if($mutexed) {

From 3887069c661b40e76b053a4867eb565d4761ab3e Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Fri, 21 Nov 2025 20:36:26 +0100
Subject: [PATCH 0981/2408] lib: rename internal header `share.h` to
 `curl_share.h` to avoid collision

Windows CRTs have a `share.h`. Before this patch when trying to
`#include ` it, the compiler picked up curl's internal
`lib/share.h` instead. Rename it to avoid this issue.

CRT `share.h` has constants necessary for using safe open CRT functions.

Also rename `lib/share.c` to keep matching the header.

Ref: https://learn.microsoft.com/cpp/c-runtime-library/sharing-constants
Ref: 625f2c1644da58b9617479775badea21f125ce6d #16949 #16991
Cherry-picked from #19643
Closes #19676
---
 lib/Makefile.inc              | 4 ++--
 lib/asyn-ares.c               | 2 +-
 lib/asyn-base.c               | 2 +-
 lib/asyn-thrdd.c              | 2 +-
 lib/cf-socket.c               | 2 +-
 lib/conncache.c               | 2 +-
 lib/connect.c                 | 2 +-
 lib/cookie.c                  | 2 +-
 lib/{share.c => curl_share.c} | 2 +-
 lib/{share.h => curl_share.h} | 0
 lib/doh.c                     | 2 +-
 lib/easy.c                    | 2 +-
 lib/hostip.c                  | 2 +-
 lib/hostip4.c                 | 2 +-
 lib/hostip6.c                 | 2 +-
 lib/hsts.c                    | 2 +-
 lib/http.c                    | 2 +-
 lib/multi.c                   | 2 +-
 lib/psl.c                     | 2 +-
 lib/setopt.c                  | 2 +-
 lib/url.c                     | 2 +-
 lib/vtls/vtls.c               | 2 +-
 lib/vtls/vtls_scache.c        | 2 +-
 tests/unit/unit1607.c         | 2 +-
 tests/unit/unit1609.c         | 2 +-
 25 files changed, 25 insertions(+), 25 deletions(-)
 rename lib/{share.c => curl_share.c} (99%)
 rename lib/{share.h => curl_share.h} (100%)

diff --git a/lib/Makefile.inc b/lib/Makefile.inc
index 9c9d5c9186..cad02c8237 100644
--- a/lib/Makefile.inc
+++ b/lib/Makefile.inc
@@ -172,6 +172,7 @@ LIB_CFILES =         \
   curl_rtmp.c        \
   curl_sasl.c        \
   curl_sha512_256.c  \
+  curl_share.c       \
   curl_sspi.c        \
   curl_threads.c     \
   curl_trc.c         \
@@ -242,7 +243,6 @@ LIB_CFILES =         \
   sendf.c            \
   setopt.c           \
   sha256.c           \
-  share.c            \
   slist.c            \
   smb.c              \
   smtp.c             \
@@ -311,6 +311,7 @@ LIB_HFILES =         \
   curl_setup_once.h  \
   curl_sha256.h      \
   curl_sha512_256.h  \
+  curl_share.h       \
   curl_sspi.h        \
   curl_threads.h     \
   curl_trc.h         \
@@ -376,7 +377,6 @@ LIB_HFILES =         \
   setup-os400.h      \
   setup-vms.h        \
   setup-win32.h      \
-  share.h            \
   sigpipe.h          \
   slist.h            \
   smb.h              \
diff --git a/lib/asyn-ares.c b/lib/asyn-ares.c
index e01f7ba3d2..ab57d5e00b 100644
--- a/lib/asyn-ares.c
+++ b/lib/asyn-ares.c
@@ -52,7 +52,7 @@
 #include "sendf.h"
 #include "hostip.h"
 #include "hash.h"
-#include "share.h"
+#include "curl_share.h"
 #include "url.h"
 #include "multiif.h"
 #include "curlx/inet_pton.h"
diff --git a/lib/asyn-base.c b/lib/asyn-base.c
index a49e1752a5..d7e8e7d15b 100644
--- a/lib/asyn-base.c
+++ b/lib/asyn-base.c
@@ -51,7 +51,7 @@
 #include "hash.h"
 #include "multiif.h"
 #include "select.h"
-#include "share.h"
+#include "curl_share.h"
 #include "url.h"
 #include "curl_memory.h"
 /* The last #include file should be: */
diff --git a/lib/asyn-thrdd.c b/lib/asyn-thrdd.c
index 07b6663049..f4f57b547a 100644
--- a/lib/asyn-thrdd.c
+++ b/lib/asyn-thrdd.c
@@ -59,7 +59,7 @@
 #include "sendf.h"
 #include "hostip.h"
 #include "hash.h"
-#include "share.h"
+#include "curl_share.h"
 #include "url.h"
 #include "multiif.h"
 #include "curl_threads.h"
diff --git a/lib/cf-socket.c b/lib/cf-socket.c
index 0055f2d48c..2930f95fe2 100644
--- a/lib/cf-socket.c
+++ b/lib/cf-socket.c
@@ -75,7 +75,7 @@
 #include "conncache.h"
 #include "multihandle.h"
 #include "rand.h"
-#include "share.h"
+#include "curl_share.h"
 #include "strdup.h"
 #include "system_win32.h"
 #include "curlx/version_win32.h"
diff --git a/lib/conncache.c b/lib/conncache.c
index 86dcce7138..275e490f23 100644
--- a/lib/conncache.c
+++ b/lib/conncache.c
@@ -38,7 +38,7 @@
 #include "conncache.h"
 #include "http_negotiate.h"
 #include "http_ntlm.h"
-#include "share.h"
+#include "curl_share.h"
 #include "sigpipe.h"
 #include "connect.h"
 #include "select.h"
diff --git a/lib/connect.c b/lib/connect.c
index 4f9453907b..fbb5dcabff 100644
--- a/lib/connect.c
+++ b/lib/connect.c
@@ -72,7 +72,7 @@
 #include "curlx/warnless.h"
 #include "conncache.h"
 #include "multihandle.h"
-#include "share.h"
+#include "curl_share.h"
 #include "http_proxy.h"
 #include "socks.h"
 
diff --git a/lib/cookie.c b/lib/cookie.c
index 85356d563b..6099c6ea56 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -31,7 +31,7 @@
 #include "psl.h"
 #include "sendf.h"
 #include "slist.h"
-#include "share.h"
+#include "curl_share.h"
 #include "strcase.h"
 #include "curl_fopen.h"
 #include "curl_get_line.h"
diff --git a/lib/share.c b/lib/curl_share.c
similarity index 99%
rename from lib/share.c
rename to lib/curl_share.c
index fdb80f5f64..b65d16c628 100644
--- a/lib/share.c
+++ b/lib/curl_share.c
@@ -27,7 +27,7 @@
 #include 
 #include "urldata.h"
 #include "connect.h"
-#include "share.h"
+#include "curl_share.h"
 #include "psl.h"
 #include "vtls/vtls.h"
 #include "vtls/vtls_scache.h"
diff --git a/lib/share.h b/lib/curl_share.h
similarity index 100%
rename from lib/share.h
rename to lib/curl_share.h
diff --git a/lib/doh.c b/lib/doh.c
index 636f0f41cf..45524edf4c 100644
--- a/lib/doh.c
+++ b/lib/doh.c
@@ -33,7 +33,7 @@
 #include "sendf.h"
 #include "multiif.h"
 #include "url.h"
-#include "share.h"
+#include "curl_share.h"
 #include "curlx/base64.h"
 #include "connect.h"
 #include "strdup.h"
diff --git a/lib/easy.c b/lib/easy.c
index 54896a8d55..8c7b9c23da 100644
--- a/lib/easy.c
+++ b/lib/easy.c
@@ -53,7 +53,7 @@
 #include "url.h"
 #include "getinfo.h"
 #include "hostip.h"
-#include "share.h"
+#include "curl_share.h"
 #include "strdup.h"
 #include "progress.h"
 #include "easyif.h"
diff --git a/lib/hostip.c b/lib/hostip.c
index 48889dcb43..d5f753f4b4 100644
--- a/lib/hostip.c
+++ b/lib/hostip.c
@@ -50,7 +50,7 @@
 #include "hostip.h"
 #include "hash.h"
 #include "rand.h"
-#include "share.h"
+#include "curl_share.h"
 #include "url.h"
 #include "curlx/inet_ntop.h"
 #include "curlx/inet_pton.h"
diff --git a/lib/hostip4.c b/lib/hostip4.c
index e1ed007aaf..d543c1e14b 100644
--- a/lib/hostip4.c
+++ b/lib/hostip4.c
@@ -47,7 +47,7 @@
 #include "sendf.h"
 #include "hostip.h"
 #include "hash.h"
-#include "share.h"
+#include "curl_share.h"
 #include "url.h"
 
 /* The last 2 #include files should be in this order */
diff --git a/lib/hostip6.c b/lib/hostip6.c
index 9419b9e4d5..0f628b3fb5 100644
--- a/lib/hostip6.c
+++ b/lib/hostip6.c
@@ -48,7 +48,7 @@
 #include "sendf.h"
 #include "hostip.h"
 #include "hash.h"
-#include "share.h"
+#include "curl_share.h"
 #include "url.h"
 #include "curlx/inet_pton.h"
 #include "connect.h"
diff --git a/lib/hsts.c b/lib/hsts.c
index ec332392c4..836481cd4c 100644
--- a/lib/hsts.c
+++ b/lib/hsts.c
@@ -37,7 +37,7 @@
 #include "sendf.h"
 #include "parsedate.h"
 #include "rename.h"
-#include "share.h"
+#include "curl_share.h"
 #include "strdup.h"
 #include "curlx/strparse.h"
 
diff --git a/lib/http.c b/lib/http.c
index a1e449d354..ae932cd7c9 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -65,7 +65,7 @@
 #include "http_aws_sigv4.h"
 #include "url.h"
 #include "urlapi-int.h"
-#include "share.h"
+#include "curl_share.h"
 #include "hostip.h"
 #include "dynhds.h"
 #include "http.h"
diff --git a/lib/multi.c b/lib/multi.c
index 5ea93348e4..00af3ca2bd 100644
--- a/lib/multi.c
+++ b/lib/multi.c
@@ -33,7 +33,7 @@
 #include "connect.h"
 #include "progress.h"
 #include "easyif.h"
-#include "share.h"
+#include "curl_share.h"
 #include "psl.h"
 #include "multiif.h"
 #include "multi_ev.h"
diff --git a/lib/psl.c b/lib/psl.c
index 832d6d21b9..f645763d06 100644
--- a/lib/psl.c
+++ b/lib/psl.c
@@ -29,7 +29,7 @@
 #ifdef USE_LIBPSL
 
 #include "psl.h"
-#include "share.h"
+#include "curl_share.h"
 
 /* The last 2 #include files should be in this order */
 #include "curl_memory.h"
diff --git a/lib/setopt.c b/lib/setopt.c
index 1147deb116..fc95389312 100644
--- a/lib/setopt.c
+++ b/lib/setopt.c
@@ -41,7 +41,7 @@
 #include "progress.h"
 #include "content_encoding.h"
 #include "strcase.h"
-#include "share.h"
+#include "curl_share.h"
 #include "vtls/vtls.h"
 #include "curlx/warnless.h"
 #include "sendf.h"
diff --git a/lib/url.c b/lib/url.c
index f9b1ed0808..1d4c6b1fc4 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -81,7 +81,7 @@
 #include "cookie.h"
 #include "strcase.h"
 #include "escape.h"
-#include "share.h"
+#include "curl_share.h"
 #include "content_encoding.h"
 #include "http_digest.h"
 #include "http_negotiate.h"
diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
index ed0af3d53b..d116ec91ed 100644
--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
@@ -63,7 +63,7 @@
 #include "../strcase.h"
 #include "../url.h"
 #include "../progress.h"
-#include "../share.h"
+#include "../curl_share.h"
 #include "../multiif.h"
 #include "../curlx/fopen.h"
 #include "../curlx/timeval.h"
diff --git a/lib/vtls/vtls_scache.c b/lib/vtls/vtls_scache.c
index 328b12403e..3524a25a44 100644
--- a/lib/vtls/vtls_scache.c
+++ b/lib/vtls/vtls_scache.c
@@ -41,7 +41,7 @@
 #include "../strcase.h"
 #include "../url.h"
 #include "../llist.h"
-#include "../share.h"
+#include "../curl_share.h"
 #include "../curl_trc.h"
 #include "../curl_sha256.h"
 #include "../rand.h"
diff --git a/tests/unit/unit1607.c b/tests/unit/unit1607.c
index 089caa1c45..3e4d53d0be 100644
--- a/tests/unit/unit1607.c
+++ b/tests/unit/unit1607.c
@@ -25,7 +25,7 @@
 
 #include "urldata.h"
 #include "connect.h"
-#include "share.h"
+#include "curl_share.h"
 
 #include "memdebug.h" /* LAST include file */
 
diff --git a/tests/unit/unit1609.c b/tests/unit/unit1609.c
index 00164617f5..f3f318f2cf 100644
--- a/tests/unit/unit1609.c
+++ b/tests/unit/unit1609.c
@@ -25,7 +25,7 @@
 
 #include "urldata.h"
 #include "connect.h"
-#include "share.h"
+#include "curl_share.h"
 
 #include "memdebug.h" /* LAST include file */
 

From 56bfde6554716f302998a29a192c82bf681a62ee Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 24 Nov 2025 23:55:57 +0100
Subject: [PATCH 0982/2408] INTERNALS.md: add release dates to build
 dependencies

Also:
- delete `roffit`, that's not used anymore.
  Follow-up to ea0b575dab86a3c44dd1d547dc500276266aa382 #12753

Follow-up to 92d9dbe4c008646dd467d23dea963fa32e16cf85 #19611

Closes #19677
---
 docs/INTERNALS.md | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/docs/INTERNALS.md b/docs/INTERNALS.md
index acc4506e67..75393a5d1c 100644
--- a/docs/INTERNALS.md
+++ b/docs/INTERNALS.md
@@ -46,13 +46,12 @@ versions of libs and build tools.
  we use a few "build tools" and we make sure that we remain functional with
  these versions:
 
- - GNU Libtool  1.4.2
- - GNU Autoconf 2.59
- - GNU Automake 1.7
- - GNU M4       1.4
- - perl         5.8 (5.22 on Windows)
- - roffit       0.5
- - cmake        3.7
+ - GNU libtool  1.4.2 (2001-09-11)
+ - GNU autoconf 2.59 (2003-11-06)
+ - GNU automake 1.7 (2002-09-25)
+ - GNU m4       1.4 (2007-09-21)
+ - perl         5.8 (2002-07-19), on Windows: 5.22 (2015-06-01)
+ - cmake        3.7 (2016-11-11)
 
 Library Symbols
 ===============

From ee97c2a96a07bad19504973df1384b18419a8eac Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 24 Nov 2025 15:55:17 +0100
Subject: [PATCH 0983/2408] tests/server: use curlx file open/close functions

Replace:
- `open()` with `curlx_open()` (1 call).
- `fopen()` with `curlx_fopen()`.
- `fclose()` with `curlx_fclose()`.

To centralize interacting with the CRT in preparation for using "safe"
alternatives on Windows. This also adds long-filename and Unicode
support for these operations on Windows.

Keep using `open()` in the signal handler to avoid any issues with
calling code not allowed in signal handlers.

Cherry-picked from #19643
Closes #19679
---
 tests/server/.checksrc |  2 --
 tests/server/dnsd.c    | 10 +++++-----
 tests/server/mqttd.c   | 10 +++++-----
 tests/server/rtspd.c   | 14 +++++++-------
 tests/server/socksd.c  |  8 ++++----
 tests/server/sws.c     | 18 +++++++++---------
 tests/server/tftpd.c   | 20 ++++++++++----------
 tests/server/util.c    | 18 +++++++++---------
 8 files changed, 49 insertions(+), 51 deletions(-)

diff --git a/tests/server/.checksrc b/tests/server/.checksrc
index a4e094e1c9..0386c677e6 100644
--- a/tests/server/.checksrc
+++ b/tests/server/.checksrc
@@ -3,8 +3,6 @@
 # SPDX-License-Identifier: curl
 
 allowfunc accept
-allowfunc fclose
-allowfunc fopen
 allowfunc fprintf
 allowfunc freeaddrinfo
 allowfunc getaddrinfo
diff --git a/tests/server/dnsd.c b/tests/server/dnsd.c
index c541b05295..9b3a42e159 100644
--- a/tests/server/dnsd.c
+++ b/tests/server/dnsd.c
@@ -102,7 +102,7 @@ static int store_incoming(const unsigned char *data, size_t size,
   snprintf(dumpfile, sizeof(dumpfile), "%s/dnsd.input", logdir);
 
   /* Open request dump file. */
-  server = fopen(dumpfile, "ab");
+  server = curlx_fopen(dumpfile, "ab");
   if(!server) {
     char errbuf[STRERROR_LEN];
     int error = errno;
@@ -162,7 +162,7 @@ static int store_incoming(const unsigned char *data, size_t size,
     if(*qlen > qbuflen) {
       logmsg("dnsd: query too large: %lu > %lu",
              (unsigned long)*qlen, (unsigned long)qbuflen);
-      fclose(server);
+      curlx_fclose(server);
       return -1;
     }
     memcpy(qbuf, qptr, *qlen);
@@ -176,7 +176,7 @@ static int store_incoming(const unsigned char *data, size_t size,
   fprintf(server, "\n");
 #endif
 
-  fclose(server);
+  curlx_fclose(server);
 
   return 0;
 }
@@ -325,7 +325,7 @@ static void read_instructions(void)
   char file[256];
   FILE *f;
   snprintf(file, sizeof(file), "%s/" INSTRUCTIONS, logdir);
-  f = fopen(file, FOPEN_READTEXT);
+  f = curlx_fopen(file, FOPEN_READTEXT);
   if(f) {
     char buf[256];
     ancount_aaaa = ancount_a = 0;
@@ -375,7 +375,7 @@ static void read_instructions(void)
         }
       }
     }
-    fclose(f);
+    curlx_fclose(f);
   }
   else
     logmsg("Error opening file '%s'", file);
diff --git a/tests/server/mqttd.c b/tests/server/mqttd.c
index 2701d61260..59c7540dcf 100644
--- a/tests/server/mqttd.c
+++ b/tests/server/mqttd.c
@@ -73,7 +73,7 @@ static void mqttd_resetdefaults(void)
 
 static void mqttd_getconfig(void)
 {
-  FILE *fp = fopen(configfile, FOPEN_READTEXT);
+  FILE *fp = curlx_fopen(configfile, FOPEN_READTEXT);
   mqttd_resetdefaults();
   if(fp) {
     char buffer[512];
@@ -119,7 +119,7 @@ static void mqttd_getconfig(void)
         }
       }
     }
-    fclose(fp);
+    curlx_fclose(fp);
   }
   else {
     logmsg("No config file '%s' to read", configfile);
@@ -430,7 +430,7 @@ static curl_socket_t mqttit(curl_socket_t fd)
     0x04              /* protocol level */
   };
   snprintf(dumpfile, sizeof(dumpfile), "%s/%s", logdir, REQUEST_DUMP);
-  dump = fopen(dumpfile, "ab");
+  dump = curlx_fopen(dumpfile, "ab");
   if(!dump)
     goto end;
 
@@ -636,9 +636,9 @@ end:
   if(buffer)
     free(buffer);
   if(dump)
-    fclose(dump);
+    curlx_fclose(dump);
   if(stream)
-    fclose(stream);
+    curlx_fclose(stream);
   return CURL_SOCKET_BAD;
 }
 
diff --git a/tests/server/rtspd.c b/tests/server/rtspd.c
index 5ffd0f28e5..335bbaaa69 100644
--- a/tests/server/rtspd.c
+++ b/tests/server/rtspd.c
@@ -255,7 +255,7 @@ static int rtspd_ProcessRequest(struct rtspd_httprequest *req)
 
         /* get the custom server control "commands" */
         int error = getpart(&cmd, &cmdsize, "reply", "servercmd", stream);
-        fclose(stream);
+        curlx_fclose(stream);
         if(error) {
           logmsg("getpart() failed with error (%d)", error);
           req->open = FALSE; /* closes connection */
@@ -557,7 +557,7 @@ static void rtspd_storerequest(char *reqbuf, size_t totalsize)
     return;
 
   do {
-    dump = fopen(dumpfile, "ab");
+    dump = curlx_fopen(dumpfile, "ab");
     /* !checksrc! disable ERRNOVAR 1 */
   } while(!dump && ((error = errno) == EINTR));
   if(!dump) {
@@ -589,7 +589,7 @@ static void rtspd_storerequest(char *reqbuf, size_t totalsize)
 
 storerequest_cleanup:
 
-  res = fclose(dump);
+  res = curlx_fclose(dump);
   if(res)
     logmsg("Error closing file %s error (%d) %s", dumpfile,
            errno, curlx_strerror(errno, errbuf, sizeof(errbuf)));
@@ -815,7 +815,7 @@ static int rtspd_send_doc(curl_socket_t sock, struct rtspd_httprequest *req)
     }
     else {
       error = getpart(&ptr, &count, "reply", partbuf, stream);
-      fclose(stream);
+      curlx_fclose(stream);
       if(error) {
         logmsg("getpart() failed with error (%d)", error);
         return 0;
@@ -841,7 +841,7 @@ static int rtspd_send_doc(curl_socket_t sock, struct rtspd_httprequest *req)
     else {
       /* get the custom server control "commands" */
       error = getpart(&cmd, &cmdsize, "reply", "postcmd", stream);
-      fclose(stream);
+      curlx_fclose(stream);
       if(error) {
         logmsg("getpart() failed with error (%d)", error);
         free(ptr);
@@ -870,7 +870,7 @@ static int rtspd_send_doc(curl_socket_t sock, struct rtspd_httprequest *req)
   else
     rtspd_prevbounce = FALSE;
 
-  dump = fopen(responsedump, "ab");
+  dump = curlx_fopen(responsedump, "ab");
   if(!dump) {
     error = errno;
     logmsg("fopen() failed with error (%d) %s",
@@ -928,7 +928,7 @@ static int rtspd_send_doc(curl_socket_t sock, struct rtspd_httprequest *req)
     req->rtp_buffersize = 0;
   }
 
-  res = fclose(dump);
+  res = curlx_fclose(dump);
   if(res)
     logmsg("Error closing file %s error (%d) %s", responsedump,
            errno, curlx_strerror(errno, errbuf, sizeof(errbuf)));
diff --git a/tests/server/socksd.c b/tests/server/socksd.c
index 1a1d40113b..4205d26880 100644
--- a/tests/server/socksd.c
+++ b/tests/server/socksd.c
@@ -108,7 +108,7 @@ static void socksd_resetdefaults(void)
 
 static void socksd_getconfig(void)
 {
-  FILE *fp = fopen(configfile, FOPEN_READTEXT);
+  FILE *fp = curlx_fopen(configfile, FOPEN_READTEXT);
   socksd_resetdefaults();
   if(fp) {
     char buffer[512];
@@ -180,7 +180,7 @@ static void socksd_getconfig(void)
         }
       }
     }
-    fclose(fp);
+    curlx_fclose(fp);
   }
 }
 
@@ -470,7 +470,7 @@ static curl_socket_t sockit(curl_socket_t fd)
 
   {
     FILE *dump;
-    dump = fopen(reqlogfile, "ab");
+    dump = curlx_fopen(reqlogfile, "ab");
     if(dump) {
       int i;
       fprintf(dump, "atyp %u =>", type);
@@ -493,7 +493,7 @@ static curl_socket_t sockit(curl_socket_t fd)
         fprintf(dump, "\n");
         break;
       }
-      fclose(dump);
+      curlx_fclose(dump);
     }
   }
 
diff --git a/tests/server/sws.c b/tests/server/sws.c
index d590cd6fef..b070614f52 100644
--- a/tests/server/sws.c
+++ b/tests/server/sws.c
@@ -178,7 +178,7 @@ static bool socket_domain_is_ip(void)
 /* parse the file on disk that might have a test number for us */
 static int parse_cmdfile(struct sws_httprequest *req)
 {
-  FILE *f = fopen(cmdfile, FOPEN_READTEXT);
+  FILE *f = curlx_fopen(cmdfile, FOPEN_READTEXT);
   if(f) {
     int testnum = DOCNUMBER_NOTHING;
     char buf[256];
@@ -188,7 +188,7 @@ static int parse_cmdfile(struct sws_httprequest *req)
         req->testno = testnum;
       }
     }
-    fclose(f);
+    curlx_fclose(f);
   }
   return 0;
 }
@@ -220,7 +220,7 @@ static int sws_parse_servercmd(struct sws_httprequest *req)
 
     /* get the custom server control "commands" */
     error = getpart(&orgcmd, &cmdsize, "reply", "servercmd", stream);
-    fclose(stream);
+    curlx_fclose(stream);
     if(error) {
       logmsg("getpart() failed with error (%d)", error);
       req->open = FALSE; /* closes connection */
@@ -734,7 +734,7 @@ static void sws_storerequest(const char *reqbuf, size_t totalsize)
     return;
 
   do {
-    dump = fopen(dumpfile, "ab");
+    dump = curlx_fopen(dumpfile, "ab");
     /* !checksrc! disable ERRNOVAR 1 */
   } while(!dump && ((error = errno) == EINTR));
   if(!dump) {
@@ -766,7 +766,7 @@ static void sws_storerequest(const char *reqbuf, size_t totalsize)
 
 storerequest_cleanup:
 
-  res = fclose(dump);
+  res = curlx_fclose(dump);
   if(res)
     logmsg("Error closing file %s error (%d) %s", dumpfile,
            errno, curlx_strerror(errno, errbuf, sizeof(errbuf)));
@@ -1050,7 +1050,7 @@ static int sws_send_doc(curl_socket_t sock, struct sws_httprequest *req)
     }
     else {
       error = getpart(&ptr, &count, "reply", partbuf, stream);
-      fclose(stream);
+      curlx_fclose(stream);
       if(error) {
         logmsg("getpart() failed with error (%d)", error);
         return 0;
@@ -1075,7 +1075,7 @@ static int sws_send_doc(curl_socket_t sock, struct sws_httprequest *req)
     else {
       /* get the custom server control "commands" */
       error = getpart(&cmd, &cmdsize, "reply", "postcmd", stream);
-      fclose(stream);
+      curlx_fclose(stream);
       if(error) {
         logmsg("getpart() failed with error (%d)", error);
         free(ptr);
@@ -1104,7 +1104,7 @@ static int sws_send_doc(curl_socket_t sock, struct sws_httprequest *req)
   else
     sws_prevbounce = FALSE;
 
-  dump = fopen(responsedump, "ab");
+  dump = curlx_fopen(responsedump, "ab");
   if(!dump) {
     error = errno;
     logmsg("fopen() failed with error (%d) %s",
@@ -1158,7 +1158,7 @@ retry:
     }
   } while((count > 0) && !got_exit_signal);
 
-  res = fclose(dump);
+  res = curlx_fclose(dump);
   if(res)
     logmsg("Error closing file %s error (%d) %s", responsedump,
            errno, curlx_strerror(errno, errbuf, sizeof(errbuf)));
diff --git a/tests/server/tftpd.c b/tests/server/tftpd.c
index 6631e2439b..2eb31ff5ec 100644
--- a/tests/server/tftpd.c
+++ b/tests/server/tftpd.c
@@ -445,13 +445,13 @@ static ssize_t write_behind(struct testcase *test, int convert)
   if(!test->ofile) {
     char outfile[256];
     snprintf(outfile, sizeof(outfile), "%s/upload.%ld", logdir, test->testno);
-    test->ofile = open(outfile, O_CREAT | O_RDWR | CURL_O_BINARY,
+    test->ofile = curlx_open(outfile, O_CREAT | O_RDWR | CURL_O_BINARY,
 #ifdef _WIN32
-                       S_IREAD | S_IWRITE
+                             S_IREAD | S_IWRITE
 #else
-                       S_IRUSR | S_IWUSR | S_IXUSR |
-                       S_IRGRP | S_IWGRP | S_IXGRP |
-                       S_IROTH | S_IWOTH | S_IXOTH
+                             S_IRUSR | S_IWUSR | S_IXUSR |
+                             S_IRGRP | S_IWGRP | S_IXGRP |
+                             S_IROTH | S_IWOTH | S_IXOTH
 #endif
                        );
     if(test->ofile == -1) {
@@ -910,7 +910,7 @@ static int do_tftp(struct testcase *test, struct tftphdr *tp, ssize_t size)
   snprintf(dumpfile, sizeof(dumpfile), "%s/%s", logdir, REQUEST_DUMP);
 
   /* Open request dump file. */
-  server = fopen(dumpfile, "ab");
+  server = curlx_fopen(dumpfile, "ab");
   if(!server) {
     char errbuf[STRERROR_LEN];
     int error = errno;
@@ -963,7 +963,7 @@ static int do_tftp(struct testcase *test, struct tftphdr *tp, ssize_t size)
 
   if(*cp || !mode) {
     nak(TFTP_EBADOP);
-    fclose(server);
+    curlx_fclose(server);
     return 3;
   }
 
@@ -975,7 +975,7 @@ static int do_tftp(struct testcase *test, struct tftphdr *tp, ssize_t size)
       *cp = (char)tolower((int)*cp);
 
   /* store input protocol */
-  fclose(server);
+  curlx_fclose(server);
 
   for(pf = formata; pf->f_mode; pf++)
     if(strcmp(pf->f_mode, mode) == 0)
@@ -1036,7 +1036,7 @@ static int tftpd_parse_servercmd(struct testcase *req)
 
     /* get the custom server control "commands" */
     error = getpart(&orgcmd, &cmdsize, "reply", "servercmd", stream);
-    fclose(stream);
+    curlx_fclose(stream);
     if(error) {
       logmsg("getpart() failed with error (%d)", error);
       return 1; /* done */
@@ -1155,7 +1155,7 @@ static int validate_access(struct testcase *test,
     else {
       size_t count;
       int error = getpart(&test->buffer, &count, "reply", partbuf, stream);
-      fclose(stream);
+      curlx_fclose(stream);
       if(error) {
         logmsg("getpart() failed with error (%d)", error);
         return TFTP_EACCESS;
diff --git a/tests/server/util.c b/tests/server/util.c
index 6551e47426..8d8bf12c99 100644
--- a/tests/server/util.c
+++ b/tests/server/util.c
@@ -115,12 +115,12 @@ void logmsg(const char *msg, ...)
   va_end(ap);
 
   do {
-    logfp = fopen(serverlogfile, "ab");
+    logfp = curlx_fopen(serverlogfile, "ab");
     /* !checksrc! disable ERRNOVAR 1 */
   } while(!logfp && (errno == EINTR));
   if(logfp) {
     fprintf(logfp, "%s %s\n", timebuf, buffer);
-    fclose(logfp);
+    curlx_fclose(logfp);
   }
   else {
     char errbuf[STRERROR_LEN];
@@ -193,7 +193,7 @@ FILE *test2fopen(long testno, const char *logdir2)
   char filename[256];
   /* first try the alternative, preprocessed, file */
   snprintf(filename, sizeof(filename), "%s/test%ld", logdir2, testno);
-  stream = fopen(filename, "rb");
+  stream = curlx_fopen(filename, "rb");
 
   return stream;
 }
@@ -224,7 +224,7 @@ int write_pidfile(const char *filename)
   curl_off_t pid;
 
   pid = our_getpid();
-  pidfile = fopen(filename, "wb");
+  pidfile = curlx_fopen(filename, "wb");
   if(!pidfile) {
     char errbuf[STRERROR_LEN];
     logmsg("Could not write pid file: %s (%d) %s", filename,
@@ -232,7 +232,7 @@ int write_pidfile(const char *filename)
     return 0; /* fail */
   }
   fprintf(pidfile, "%ld\n", (long)pid);
-  fclose(pidfile);
+  curlx_fclose(pidfile);
   logmsg("Wrote pid %ld to %s", (long)pid, filename);
   return 1; /* success */
 }
@@ -240,7 +240,7 @@ int write_pidfile(const char *filename)
 /* store the used port number in a file */
 int write_portfile(const char *filename, int port)
 {
-  FILE *portfile = fopen(filename, "wb");
+  FILE *portfile = curlx_fopen(filename, "wb");
   if(!portfile) {
     char errbuf[STRERROR_LEN];
     logmsg("Could not write port file: %s (%d) %s", filename,
@@ -248,7 +248,7 @@ int write_portfile(const char *filename, int port)
     return 0; /* fail */
   }
   fprintf(portfile, "%d\n", port);
-  fclose(portfile);
+  curlx_fclose(portfile);
   logmsg("Wrote port %d to %s", port, filename);
   return 1; /* success */
 }
@@ -261,7 +261,7 @@ void set_advisor_read_lock(const char *filename)
   int res;
 
   do {
-    lockfile = fopen(filename, "wb");
+    lockfile = curlx_fopen(filename, "wb");
     /* !checksrc! disable ERRNOVAR 1 */
   } while(!lockfile && ((error = errno) == EINTR));
   if(!lockfile) {
@@ -270,7 +270,7 @@ void set_advisor_read_lock(const char *filename)
     return;
   }
 
-  res = fclose(lockfile);
+  res = curlx_fclose(lockfile);
   if(res)
     logmsg("Error closing lock file %s error (%d) %s", filename,
            errno, curlx_strerror(errno, errbuf, sizeof(errbuf)));

From 1e7d0bafc6d25d98ec72ff419df65fda3cf147a7 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 18 Nov 2025 01:32:43 +0100
Subject: [PATCH 0984/2408] curlx/fopen: replace open CRT functions their with
 `_s` counterparts (Windows)

- `_wopen`        -> `_wsopen_s`
- `_open`, `open` -> `_sopen_s`
- `_wfopen`       -> `_wfopen_s`
- `fopen`         -> `fopen_s`
- `_wfreopen`     -> `_wfreopen_s`
- `freopen`       -> `freopen_s`

For better error handling and for using the CRT functions recommended
via warnings suppressed by `_CRT_SECURE_NO_WARNINGS`.

Also:
- add missing `freopen_s()` prototype when building with mingw-w64 <5.
  https://sourceforge.net/p/mingw-w64/mingw-w64/ci/a5d824654cdc57f6eac1bb581b078986f3eb6856/
- tests/server: replace `open()` in the signal handler with `_sopen_s()`
  on Windows.
- tests/server: reduce scope of a checksrc exception to a single line.
- checksrc: ban replaced functions.

Refs:
https://learn.microsoft.com/cpp/c-runtime-library/reference/open-wopen
https://learn.microsoft.com/cpp/c-runtime-library/reference/sopen-s-wsopen-s
https://learn.microsoft.com/cpp/c-runtime-library/reference/freopen-wfreopen
https://learn.microsoft.com/cpp/c-runtime-library/reference/fopen-wfopen
https://learn.microsoft.com/cpp/c-runtime-library/reference/fopen-s-wfopen-s
https://learn.microsoft.com/cpp/c-runtime-library/reference/freopen-s-wfreopen-s

Closes #19643
---
 lib/curl_setup.h       |  5 ++---
 lib/curlx/fopen.c      | 21 +++++++++++++--------
 scripts/checksrc.pl    |  4 ++++
 tests/server/.checksrc |  1 -
 tests/server/util.c    | 16 ++++++++++++----
 5 files changed, 31 insertions(+), 16 deletions(-)

diff --git a/lib/curl_setup.h b/lib/curl_setup.h
index 886a881493..0e5ebb60c9 100644
--- a/lib/curl_setup.h
+++ b/lib/curl_setup.h
@@ -95,10 +95,9 @@
                                       unlink(), etc. */
 #endif
 #ifndef _CRT_SECURE_NO_WARNINGS
-#define _CRT_SECURE_NO_WARNINGS  /* for _open(), _wfopen(), _wopen(), fopen(),
-                                    freopen(), getenv(), gmtime(), sprintf(),
+#define _CRT_SECURE_NO_WARNINGS  /* for getenv(), gmtime(), sprintf(),
                                     strcpy(),
-                                    in tests: localtime(), open(), sscanf() */
+                                    in tests: localtime(), sscanf() */
 #endif
 #endif /* _MSC_VER */
 
diff --git a/lib/curlx/fopen.c b/lib/curlx/fopen.c
index dc1c2bb4e6..0dc9699206 100644
--- a/lib/curlx/fopen.c
+++ b/lib/curlx/fopen.c
@@ -51,6 +51,8 @@ int curlx_fseek(void *stream, curl_off_t offset, int whence)
 
 #include "multibyte.h"
 
+#include   /* for _SH_DENYNO */
+
 /* declare GetFullPathNameW for mingw-w64 UWP builds targeting old windows */
 #if defined(CURL_WINDOWS_UWP) && defined(__MINGW32__) && \
   (_WIN32_WINNT < _WIN32_WINNT_WIN10)
@@ -244,7 +246,7 @@ int curlx_win32_open(const char *filename, int oflag, ...)
       target = fixed;
     else
       target = filename_w;
-    result = _wopen(target, oflag, pmode);
+    errno = _wsopen_s(&result, target, oflag, _SH_DENYNO, pmode);
     curlx_unicodefree(filename_w);
   }
   else
@@ -255,7 +257,7 @@ int curlx_win32_open(const char *filename, int oflag, ...)
     target = fixed;
   else
     target = filename;
-  result = _open(target, oflag, pmode);
+  errno = _sopen_s(&result, target, oflag, _SH_DENYNO, pmode);
 #endif
 
   (free)(fixed);
@@ -276,7 +278,7 @@ FILE *curlx_win32_fopen(const char *filename, const char *mode)
       target = fixed;
     else
       target = filename_w;
-    result = _wfopen(target, mode_w);
+    errno = _wfopen_s(&result, target, mode_w);
   }
   else
     /* !checksrc! disable ERRNOVAR 1 */
@@ -288,14 +290,18 @@ FILE *curlx_win32_fopen(const char *filename, const char *mode)
     target = fixed;
   else
     target = filename;
-  /* !checksrc! disable BANNEDFUNC 1 */
-  result = fopen(target, mode);
+  errno = fopen_s(&result, target, mode);
 #endif
 
   (free)(fixed);
   return result;
 }
 
+#if defined(__MINGW32__) && (__MINGW64_VERSION_MAJOR < 5)
+_CRTIMP errno_t __cdecl freopen_s(FILE **file, const char *filename,
+                                  const char *mode, FILE *stream);
+#endif
+
 FILE *curlx_win32_freopen(const char *filename, const char *mode, FILE *fp)
 {
   FILE *result = NULL;
@@ -310,7 +316,7 @@ FILE *curlx_win32_freopen(const char *filename, const char *mode, FILE *fp)
       target = fixed;
     else
       target = filename_w;
-    result = _wfreopen(target, mode_w, fp);
+    errno = _wfreopen_s(&result, target, mode_w, fp);
   }
   else
     /* !checksrc! disable ERRNOVAR 1 */
@@ -322,8 +328,7 @@ FILE *curlx_win32_freopen(const char *filename, const char *mode, FILE *fp)
     target = fixed;
   else
     target = filename;
-  /* !checksrc! disable BANNEDFUNC 1 */
-  result = freopen(target, mode, fp);
+  errno = freopen_s(&result, target, mode, fp);
 #endif
 
   (free)(fixed);
diff --git a/scripts/checksrc.pl b/scripts/checksrc.pl
index a2f458b6c1..d38ffecdb9 100755
--- a/scripts/checksrc.pl
+++ b/scripts/checksrc.pl
@@ -113,6 +113,10 @@ my %banfunc = (
     "fopen" => 1,
     "freopen" => 1,
     "open" => 1,
+    "_open" => 1,
+    "_wfopen" => 1,
+    "_wfreopen" => 1,
+    "_wopen" => 1,
     "stat" => 1,
     );
 
diff --git a/tests/server/.checksrc b/tests/server/.checksrc
index 0386c677e6..163a217ee4 100644
--- a/tests/server/.checksrc
+++ b/tests/server/.checksrc
@@ -6,7 +6,6 @@ allowfunc accept
 allowfunc fprintf
 allowfunc freeaddrinfo
 allowfunc getaddrinfo
-allowfunc open
 allowfunc printf
 allowfunc recv
 allowfunc send
diff --git a/tests/server/util.c b/tests/server/util.c
index 8d8bf12c99..ae21ff8b1a 100644
--- a/tests/server/util.c
+++ b/tests/server/util.c
@@ -27,6 +27,10 @@
 #include 
 #endif
 
+#ifdef _WIN32
+#include 
+#endif
+
 /* This function returns a pointer to STATIC memory. It converts the given
  * binary lump to a hex formatted string usable for output in logs or
  * whatever.
@@ -359,13 +363,17 @@ static void exit_signal_handler(int signum)
     (void)!write(STDERR_FILENO, msg, sizeof(msg) - 1);
   }
   else {
+    int fd = -1;
 #ifdef _WIN32
-#define OPENMODE S_IREAD | S_IWRITE
+    if(!_sopen_s(&fd, serverlogfile, O_WRONLY | O_CREAT | O_APPEND,
+                 _SH_DENYNO, S_IREAD | S_IWRITE) &&
+       fd != -1) {
 #else
-#define OPENMODE S_IRUSR | S_IWUSR
-#endif
-    int fd = open(serverlogfile, O_WRONLY | O_CREAT | O_APPEND, OPENMODE);
+    /* !checksrc! disable BANNEDFUNC 1 */
+    fd = open(serverlogfile,
+              O_WRONLY | O_CREAT | O_APPEND, S_IRUSR | S_IWUSR);
     if(fd != -1) {
+#endif
       static const char msg[] = "exit_signal_handler: called\n";
       (void)!write(fd, msg, sizeof(msg) - 1);
       close(fd);

From a075d1c0d8684c0151cebf50b5cb64be6505c59d Mon Sep 17 00:00:00 2001
From: Sunny 
Date: Tue, 25 Nov 2025 08:29:32 +0100
Subject: [PATCH 0985/2408] examples: fix minor typo

Closes #19683
---
 docs/examples/https.c    | 2 +-
 docs/examples/imap-ssl.c | 2 +-
 docs/examples/pop3-ssl.c | 2 +-
 docs/examples/smtp-ssl.c | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/docs/examples/https.c b/docs/examples/https.c
index 905cdb07f2..02fd8b87bd 100644
--- a/docs/examples/https.c
+++ b/docs/examples/https.c
@@ -57,7 +57,7 @@ int main(void)
 
 #ifdef SKIP_HOSTNAME_VERIFICATION
     /*
-     * If the site you are connecting to uses a different hostname that what
+     * If the site you are connecting to uses a different hostname than what
      * they have mentioned in their server certificate's commonName (or
      * subjectAltName) fields, libcurl refuses to connect. You can skip this
      * check, but it makes the connection insecure.
diff --git a/docs/examples/imap-ssl.c b/docs/examples/imap-ssl.c
index d56d89331a..259eddc26f 100644
--- a/docs/examples/imap-ssl.c
+++ b/docs/examples/imap-ssl.c
@@ -67,7 +67,7 @@ int main(void)
     curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
 #endif
 
-    /* If the site you are connecting to uses a different hostname that what
+    /* If the site you are connecting to uses a different hostname than what
      * they have mentioned in their server certificate's commonName (or
      * subjectAltName) fields, libcurl refuses to connect. You can skip this
      * check, but it makes the connection insecure. */
diff --git a/docs/examples/pop3-ssl.c b/docs/examples/pop3-ssl.c
index 0f5ac3692d..4dd808c3f1 100644
--- a/docs/examples/pop3-ssl.c
+++ b/docs/examples/pop3-ssl.c
@@ -66,7 +66,7 @@ int main(void)
     curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
 #endif
 
-    /* If the site you are connecting to uses a different hostname that what
+    /* If the site you are connecting to uses a different hostname than what
      * they have mentioned in their server certificate's commonName (or
      * subjectAltName) fields, libcurl refuses to connect. You can skip this
      * check, but it makes the connection insecure. */
diff --git a/docs/examples/smtp-ssl.c b/docs/examples/smtp-ssl.c
index a87a033fc4..4ebc58f1b5 100644
--- a/docs/examples/smtp-ssl.c
+++ b/docs/examples/smtp-ssl.c
@@ -115,7 +115,7 @@ int main(void)
     curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
 #endif
 
-    /* If the site you are connecting to uses a different hostname that what
+    /* If the site you are connecting to uses a different hostname than what
      * they have mentioned in their server certificate's commonName (or
      * subjectAltName) fields, libcurl refuses to connect. You can skip this
      * check, but it makes the connection insecure. */

From ce06fe7771052549ff430c86173b2eaca91f8a9c Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 24 Nov 2025 14:00:09 +0100
Subject: [PATCH 0986/2408] hostip: make more functions return CURLcode

- Curl_async_getaddrinfo() always returned NULL so it was pointless.
  Return proper curlcode instead to distinguish between errors. Same for
  Curl_doh().
- simplify the IP address handling
- make Curl_str2addr() function return CURLcode

Closes #19669
---
 lib/asyn-ares.c        |  22 +++----
 lib/asyn-thrdd.c       |  17 ++----
 lib/asyn.h             |   7 +--
 lib/curl_addrinfo.c    |  41 +++++++++----
 lib/curl_addrinfo.h    |   6 +-
 lib/doh.c              |  22 ++++---
 lib/doh.h              |  11 ++--
 lib/hostip.c           | 132 +++++++++++++++++------------------------
 tests/libtest/lib655.c |   4 +-
 9 files changed, 117 insertions(+), 145 deletions(-)

diff --git a/lib/asyn-ares.c b/lib/asyn-ares.c
index ab57d5e00b..d459fd4a75 100644
--- a/lib/asyn-ares.c
+++ b/lib/asyn-ares.c
@@ -718,25 +718,18 @@ static void async_ares_rr_done(void *user_data, ares_status_t status,
 /*
  * Curl_async_getaddrinfo() - when using ares
  *
- * Returns name information about the given hostname and port number. If
- * successful, the 'hostent' is returned and the fourth argument will point to
- * memory we need to free after use. That memory *MUST* be freed with
- * Curl_freeaddrinfo(), nothing else.
+ * Starts a name resolve for the given hostname and port number.
  */
-struct Curl_addrinfo *Curl_async_getaddrinfo(struct Curl_easy *data,
-                                             const char *hostname,
-                                             int port,
-                                             int ip_version,
-                                             int *waitp)
+CURLcode Curl_async_getaddrinfo(struct Curl_easy *data, const char *hostname,
+                                int port, int ip_version)
 {
   struct async_ares_ctx *ares = &data->state.async.ares;
 #ifdef USE_HTTPSRR
   char *rrname = NULL;
 #endif
-  *waitp = 0; /* default to synchronous response */
 
   if(async_ares_init_lazy(data))
-    return NULL;
+    return CURLE_FAILED_INIT;
 
   data->state.async.done = FALSE;   /* not done */
   data->state.async.dns = NULL;     /* clear */
@@ -744,12 +737,12 @@ struct Curl_addrinfo *Curl_async_getaddrinfo(struct Curl_easy *data,
   data->state.async.ip_version = ip_version;
   data->state.async.hostname = strdup(hostname);
   if(!data->state.async.hostname)
-    return NULL;
+    return CURLE_OUT_OF_MEMORY;
 #ifdef USE_HTTPSRR
   if(port != 443) {
     rrname = curl_maprintf("_%d_.https.%s", port, hostname);
     if(!rrname)
-      return NULL;
+      return CURLE_OUT_OF_MEMORY;
   }
 #endif
 
@@ -836,9 +829,8 @@ struct Curl_addrinfo *Curl_async_getaddrinfo(struct Curl_easy *data,
                       async_ares_rr_done, data, NULL);
   }
 #endif
-  *waitp = 1; /* expect asynchronous response */
 
-  return NULL; /* no struct yet */
+  return CURLE_OK;
 }
 
 /* Set what DNS server are is to use. This is called in 2 situations:
diff --git a/lib/asyn-thrdd.c b/lib/asyn-thrdd.c
index f4f57b547a..71e31e6d0d 100644
--- a/lib/asyn-thrdd.c
+++ b/lib/asyn-thrdd.c
@@ -755,15 +755,11 @@ struct Curl_addrinfo *Curl_async_getaddrinfo(struct Curl_easy *data,
 /*
  * Curl_async_getaddrinfo() - for getaddrinfo
  */
-struct Curl_addrinfo *Curl_async_getaddrinfo(struct Curl_easy *data,
-                                             const char *hostname,
-                                             int port,
-                                             int ip_version,
-                                             int *waitp)
+CURLcode Curl_async_getaddrinfo(struct Curl_easy *data, const char *hostname,
+                                int port, int ip_version)
 {
   struct addrinfo hints;
   int pf = PF_INET;
-  *waitp = 0; /* default to synchronous response */
 
   CURL_TRC_DNS(data, "init threaded resolve of %s:%d", hostname, port);
 #ifdef CURLRES_IPV6
@@ -785,14 +781,11 @@ struct Curl_addrinfo *Curl_async_getaddrinfo(struct Curl_easy *data,
     SOCK_STREAM : SOCK_DGRAM;
 
   /* fire up a new resolver thread! */
-  if(async_thrdd_init(data, hostname, port, ip_version, &hints)) {
-    *waitp = 1; /* expect asynchronous response */
-    return NULL;
-  }
+  if(async_thrdd_init(data, hostname, port, ip_version, &hints))
+    return CURLE_OK;
 
   failf(data, "getaddrinfo() thread failed to start");
-  return NULL;
-
+  return CURLE_FAILED_INIT;
 }
 
 #endif /* !HAVE_GETADDRINFO */
diff --git a/lib/asyn.h b/lib/asyn.h
index 7863042bbe..8da7dd9720 100644
--- a/lib/asyn.h
+++ b/lib/asyn.h
@@ -118,11 +118,8 @@ CURLcode Curl_async_await(struct Curl_easy *data,
  * Each resolver backend must of course make sure to return data in the
  * correct format to comply with this.
  */
-struct Curl_addrinfo *Curl_async_getaddrinfo(struct Curl_easy *data,
-                                             const char *hostname,
-                                             int port,
-                                             int ip_version,
-                                             int *waitp);
+CURLcode Curl_async_getaddrinfo(struct Curl_easy *data, const char *hostname,
+                                int port, int ip_version);
 
 #ifdef USE_ARES
 /* common functions for c-ares and threaded resolver with HTTPSRR */
diff --git a/lib/curl_addrinfo.c b/lib/curl_addrinfo.c
index fc26bef833..cd9b52feba 100644
--- a/lib/curl_addrinfo.c
+++ b/lib/curl_addrinfo.c
@@ -347,7 +347,7 @@ Curl_he2ai(const struct hostent *he, int port)
 #endif
 
 /*
- * Curl_ip2addr()
+ * ip2addr()
  *
  * This function takes an Internet address, in binary form, as input parameter
  * along with its address family and the string version of the address, and it
@@ -355,8 +355,9 @@ Curl_he2ai(const struct hostent *he, int port)
  * given address/host
  */
 
-struct Curl_addrinfo *
-Curl_ip2addr(int af, const void *inaddr, const char *hostname, int port)
+static CURLcode
+ip2addr(struct Curl_addrinfo **addrp,
+        int af, const void *inaddr, const char *hostname, int port)
 {
   struct Curl_addrinfo *ai;
   size_t addrsize;
@@ -369,6 +370,7 @@ Curl_ip2addr(int af, const void *inaddr, const char *hostname, int port)
   DEBUGASSERT(inaddr && hostname);
 
   namelen = strlen(hostname) + 1;
+  *addrp = NULL;
 
   if(af == AF_INET)
     addrsize = sizeof(struct sockaddr_in);
@@ -377,12 +379,12 @@ Curl_ip2addr(int af, const void *inaddr, const char *hostname, int port)
     addrsize = sizeof(struct sockaddr_in6);
 #endif
   else
-    return NULL;
+    return CURLE_BAD_FUNCTION_ARGUMENT;
 
   /* allocate memory to hold the struct, the address and the name */
   ai = calloc(1, sizeof(struct Curl_addrinfo) + addrsize + namelen);
   if(!ai)
-    return NULL;
+    return CURLE_OUT_OF_MEMORY;
   /* put the address after the struct */
   ai->ai_addr = (void *)((char *)ai + sizeof(struct Curl_addrinfo));
   /* then put the name after the address */
@@ -412,29 +414,46 @@ Curl_ip2addr(int af, const void *inaddr, const char *hostname, int port)
     break;
 #endif
   }
-
-  return ai;
+  *addrp = ai;
+  return CURLE_OK;
 }
 
 /*
  * Given an IPv4 or IPv6 dotted string address, this converts it to a proper
  * allocated Curl_addrinfo struct and returns it.
  */
-struct Curl_addrinfo *Curl_str2addr(char *address, int port)
+CURLcode Curl_str2addr(const char *address, int port,
+                       struct Curl_addrinfo **addrp)
 {
   struct in_addr in;
   if(curlx_inet_pton(AF_INET, address, &in) > 0)
     /* This is a dotted IP address 123.123.123.123-style */
-    return Curl_ip2addr(AF_INET, &in, address, port);
+    return ip2addr(addrp, AF_INET, &in, address, port);
 #ifdef USE_IPV6
   {
     struct in6_addr in6;
     if(curlx_inet_pton(AF_INET6, address, &in6) > 0)
       /* This is a dotted IPv6 address ::1-style */
-      return Curl_ip2addr(AF_INET6, &in6, address, port);
+      return ip2addr(addrp, AF_INET6, &in6, address, port);
   }
 #endif
-  return NULL; /* bad input format */
+  return CURLE_BAD_FUNCTION_ARGUMENT; /* bad input format */
+}
+
+bool Curl_is_ipaddr(const char *address)
+{
+  struct in_addr in;
+  if(curlx_inet_pton(AF_INET, address, &in) > 0)
+    return TRUE;
+#ifdef USE_IPV6
+  {
+    struct in6_addr in6;
+    if(curlx_inet_pton(AF_INET6, address, &in6) > 0)
+      /* This is a dotted IPv6 address ::1-style */
+      return TRUE;
+  }
+#endif
+  return FALSE;
 }
 
 #ifdef USE_UNIX_SOCKETS
diff --git a/lib/curl_addrinfo.h b/lib/curl_addrinfo.h
index 2303e95e31..9a26c67849 100644
--- a/lib/curl_addrinfo.h
+++ b/lib/curl_addrinfo.h
@@ -76,10 +76,8 @@ struct Curl_addrinfo *
 Curl_he2ai(const struct hostent *he, int port);
 #endif
 
-struct Curl_addrinfo *
-Curl_ip2addr(int af, const void *inaddr, const char *hostname, int port);
-
-struct Curl_addrinfo *Curl_str2addr(char *dotted, int port);
+bool Curl_is_ipaddr(const char *address);
+CURLcode Curl_str2addr(const char *dotted, int port, struct Curl_addrinfo **);
 
 #ifdef USE_UNIX_SOCKETS
 struct Curl_addrinfo *Curl_unix2addr(const char *path, bool *longpath,
diff --git a/lib/doh.c b/lib/doh.c
index 45524edf4c..83a83f5346 100644
--- a/lib/doh.c
+++ b/lib/doh.c
@@ -441,15 +441,12 @@ error:
 }
 
 /*
- * Curl_doh() resolves a name using DoH. It resolves a name and returns a
- * 'Curl_addrinfo *' with the address information.
+ * Curl_doh() starts a name resolve using DoH. It resolves a name and returns
+ * a 'Curl_addrinfo *' with the address information.
  */
 
-struct Curl_addrinfo *Curl_doh(struct Curl_easy *data,
-                               const char *hostname,
-                               int port,
-                               int ip_version,
-                               int *waitp)
+CURLcode Curl_doh(struct Curl_easy *data, const char *hostname,
+                  int port, int ip_version)
 {
   CURLcode result = CURLE_OK;
   struct doh_probes *dohp = NULL;
@@ -467,12 +464,12 @@ struct Curl_addrinfo *Curl_doh(struct Curl_easy *data,
   data->state.async.ip_version = ip_version;
   data->state.async.hostname = strdup(hostname);
   if(!data->state.async.hostname)
-    return NULL;
+    return CURLE_OUT_OF_MEMORY;
 
   /* start clean, consider allocating this struct on demand */
   data->state.async.doh = dohp = calloc(1, sizeof(struct doh_probes));
   if(!dohp)
-    return NULL;
+    return CURLE_OUT_OF_MEMORY;
 
   for(i = 0; i < DOH_SLOT_COUNT; ++i) {
     dohp->probe_resp[i].probe_mid = UINT_MAX;
@@ -527,12 +524,11 @@ struct Curl_addrinfo *Curl_doh(struct Curl_easy *data,
     dohp->pending++;
   }
 #endif
-  *waitp = TRUE; /* this never returns synchronously */
-  return NULL;
+  return CURLE_OK;
 
 error:
   Curl_doh_cleanup(data);
-  return NULL;
+  return result;
 }
 
 static DOHcode doh_skipqname(const unsigned char *doh, size_t dohlen,
@@ -1300,6 +1296,8 @@ CURLcode Curl_doh_is_resolved(struct Curl_easy *data,
         result = Curl_dnscache_add(data, dns);
         *dnsp = data->state.async.dns;
       }
+      else
+        Curl_freeaddrinfo(ai);
     } /* address processing done */
 
     /* All done */
diff --git a/lib/doh.h b/lib/doh.h
index 3fd7de2c1c..726fb9f735 100644
--- a/lib/doh.h
+++ b/lib/doh.h
@@ -112,15 +112,12 @@ struct doh_probes {
 };
 
 /*
- * Curl_doh() resolve a name using DoH (DNS-over-HTTPS). It resolves a name
- * and returns a 'Curl_addrinfo *' with the address information.
+ * Curl_doh() starts a name resolve using DoH (DNS-over-HTTPS). It resolves a
+ * name and returns a 'Curl_addrinfo *' with the address information.
  */
 
-struct Curl_addrinfo *Curl_doh(struct Curl_easy *data,
-                               const char *hostname,
-                               int port,
-                               int ip_version,
-                               int *waitp);
+CURLcode Curl_doh(struct Curl_easy *data, const char *hostname,
+                  int port, int ip_version);
 
 CURLcode Curl_doh_is_resolved(struct Curl_easy *data,
                               struct Curl_dns_entry **dns);
diff --git a/lib/hostip.c b/lib/hostip.c
index d5f753f4b4..4c1bb92367 100644
--- a/lib/hostip.c
+++ b/lib/hostip.c
@@ -509,10 +509,8 @@ Curl_dnscache_mk_entry(struct Curl_easy *data,
   /* shuffle addresses if requested */
   if(data->set.dns_shuffle_addresses) {
     CURLcode result = Curl_shuffle_addr(data, &addr);
-    if(result) {
-      Curl_freeaddrinfo(addr);
+    if(result)
       return NULL;
-    }
   }
 #else
   (void)data;
@@ -522,10 +520,8 @@ Curl_dnscache_mk_entry(struct Curl_easy *data,
 
   /* Create a new cache entry */
   dns = calloc(1, sizeof(struct Curl_dns_entry) + hostlen);
-  if(!dns) {
-    Curl_freeaddrinfo(addr);
+  if(!dns)
     return NULL;
-  }
 
   dns->refcount = 1; /* the cache has the first reference */
   dns->addr = addr; /* this is the address(es) */
@@ -569,6 +565,7 @@ dnscache_add_addr(struct Curl_easy *data,
   dns2 = Curl_hash_add(&dnscache->entries, entry_id, entry_len + 1,
                        (void *)dns);
   if(!dns2) {
+    dns->addr = NULL;
     dnscache_entry_free(dns);
     return NULL;
   }
@@ -744,40 +741,6 @@ static bool tailmatch(const char *full, size_t flen,
   return curl_strnequal(part, &full[flen - plen], plen);
 }
 
-static struct Curl_addrinfo *
-convert_ipaddr_direct(const char *hostname, int port, bool *is_ipaddr)
-{
-  struct in_addr in;
-  *is_ipaddr = FALSE;
-  /* First check if this is an IPv4 address string */
-  if(curlx_inet_pton(AF_INET, hostname, &in) > 0) {
-    /* This is a dotted IP address 123.123.123.123-style */
-    *is_ipaddr = TRUE;
-#ifdef USE_RESOLVE_ON_IPS
-    (void)port;
-    return NULL;
-#else
-    return Curl_ip2addr(AF_INET, &in, hostname, port);
-#endif
-  }
-#ifdef USE_IPV6
-  else {
-    struct in6_addr in6;
-    /* check if this is an IPv6 address string */
-    if(curlx_inet_pton(AF_INET6, hostname, &in6) > 0) {
-      /* This is an IPv6 address literal */
-      *is_ipaddr = TRUE;
-#ifdef USE_RESOLVE_ON_IPS
-      return NULL;
-#else
-      return Curl_ip2addr(AF_INET6, &in6, hostname, port);
-#endif
-    }
-  }
-#endif /* USE_IPV6 */
-  return NULL;
-}
-
 static bool can_resolve_ip_version(struct Curl_easy *data, int ip_version)
 {
 #ifdef CURLRES_IPV6
@@ -841,10 +804,10 @@ CURLcode Curl_resolv(struct Curl_easy *data,
   struct Curl_dnscache *dnscache = dnscache_get(data);
   struct Curl_dns_entry *dns = NULL;
   struct Curl_addrinfo *addr = NULL;
-  int respwait = 0;
-  bool is_ipaddr;
+  bool respwait = FALSE;
   size_t hostname_len;
   bool keep_negative = TRUE; /* cache a negative result */
+  CURLcode result = CURLE_COULDNT_RESOLVE_HOST;
 
   *entry = NULL;
 
@@ -853,8 +816,11 @@ CURLcode Curl_resolv(struct Curl_easy *data,
 #else
   (void)allowDOH;
 #endif
-  if(!dnscache)
+  DEBUGASSERT(dnscache);
+  if(!dnscache) {
+    result = CURLE_BAD_FUNCTION_ARGUMENT;
     goto error;
+  }
 
   /* We should intentionally error and not resolve .onion TLDs */
   hostname_len = strlen(hostname);
@@ -874,6 +840,7 @@ CURLcode Curl_resolv(struct Curl_easy *data,
   dnscache_unlock(data, dnscache);
   if(dns) {
     infof(data, "Hostname %s was found in DNS cache", hostname);
+    result = CURLE_OK;
     goto out;
   }
 
@@ -882,7 +849,8 @@ CURLcode Curl_resolv(struct Curl_easy *data,
     void *resolver = NULL;
     int st;
 #ifdef CURLRES_ASYNCH
-    if(Curl_async_get_impl(data, &resolver))
+    result = Curl_async_get_impl(data, &resolver);
+    if(result)
       goto error;
 #endif
     Curl_set_in_callback(data, TRUE);
@@ -891,57 +859,58 @@ CURLcode Curl_resolv(struct Curl_easy *data,
     Curl_set_in_callback(data, FALSE);
     if(st) {
       keep_negative = FALSE;
+      result = CURLE_ABORTED_BY_CALLBACK;
       goto error;
     }
   }
 
-  /* shortcut literal IP addresses, if we are not told to resolve them. */
-  addr = convert_ipaddr_direct(hostname, port, &is_ipaddr);
-  if(addr)
-    goto out;
-
+  if(Curl_is_ipaddr(hostname)) {
 #ifndef USE_RESOLVE_ON_IPS
-  /* allowed to convert, hostname is IP address, then NULL means error */
-  if(is_ipaddr) {
-    keep_negative = FALSE;
-    goto error;
-  }
+    /* shortcut literal IP addresses, if we are not told to resolve them. */
+    result = Curl_str2addr(hostname, port, &addr);
+    if(result)
+      goto error;
+    goto out;
 #endif
+  }
 
-  /* Really need a resolver for hostname. */
-  if(ip_version == CURL_IPRESOLVE_V6 && !Curl_ipv6works(data))
-    goto error;
-
-  if(!is_ipaddr &&
-     (curl_strequal(hostname, "localhost") ||
-      curl_strequal(hostname, "localhost.") ||
-      tailmatch(hostname, hostname_len, STRCONST(".localhost")) ||
-      tailmatch(hostname, hostname_len, STRCONST(".localhost.")))) {
+  if(curl_strequal(hostname, "localhost") ||
+     curl_strequal(hostname, "localhost.") ||
+     tailmatch(hostname, hostname_len, STRCONST(".localhost")) ||
+     tailmatch(hostname, hostname_len, STRCONST(".localhost."))) {
     addr = get_localhost(port, hostname);
+    result = addr ? CURLE_OK : CURLE_OUT_OF_MEMORY;
   }
 #ifndef CURL_DISABLE_DOH
-  else if(!is_ipaddr && allowDOH && data->set.doh) {
-    addr = Curl_doh(data, hostname, port, ip_version, &respwait);
+  else if(!Curl_is_ipaddr(hostname) && allowDOH && data->set.doh) {
+    result = Curl_doh(data, hostname, port, ip_version);
+    respwait = TRUE;
   }
 #endif
   else {
     /* Can we provide the requested IP specifics in resolving? */
-    if(!can_resolve_ip_version(data, ip_version))
+    if(!can_resolve_ip_version(data, ip_version)) {
+      result = CURLE_COULDNT_RESOLVE_HOST;
       goto error;
+    }
 
 #ifdef CURLRES_ASYNCH
-    addr = Curl_async_getaddrinfo(data, hostname, port, ip_version, &respwait);
+    result = Curl_async_getaddrinfo(data, hostname, port, ip_version);
+    respwait = TRUE;
 #else
-    respwait = 0; /* no async waiting here */
+    respwait = FALSE; /* no async waiting here */
     addr = Curl_sync_getaddrinfo(data, hostname, port, ip_version);
+    if(addr)
+      result = CURLE_OK;
 #endif
   }
 
 out:
-  /* We either have found a `dns` or looked up the `addr`
-   * or `respwait` is set for an async operation.
-   * Everything else is a failure to resolve. */
-  if(dns) {
+  /* We either have found a `dns` or looked up the `addr` or `respwait` is set
+   * for an async operation. Everything else is a failure to resolve. */
+  if(result)
+    ;
+  else if(dns) {
     if(!dns->addr) {
       infof(data, "Negative DNS entry");
       dns->refcount--;
@@ -955,7 +924,12 @@ out:
     dns = Curl_dnscache_mk_entry(data, addr, hostname, 0, port, FALSE);
     if(!dns || Curl_dnscache_add(data, dns)) {
       /* this is OOM or similar, do not store such negative resolves */
+      Curl_freeaddrinfo(addr);
+      if(dns)
+        /* avoid a dangling pointer to addr in the dying dns entry */
+        dns->addr = NULL;
       keep_negative = FALSE;
+      result = CURLE_OUT_OF_MEMORY;
       goto error;
     }
     show_resolve_info(data, dns);
@@ -967,6 +941,7 @@ out:
       *entry = dns;
       return dns ? CURLE_OK : CURLE_AGAIN;
     }
+    result = CURLE_COULDNT_RESOLVE_HOST;
   }
 error:
   if(dns)
@@ -974,7 +949,8 @@ error:
   Curl_async_shutdown(data);
   if(keep_negative)
     store_negative_resolve(data, hostname, port);
-  return CURLE_COULDNT_RESOLVE_HOST;
+  DEBUGASSERT(result);
+  return result;
 }
 
 CURLcode Curl_resolv_blocking(struct Curl_easy *data,
@@ -1338,6 +1314,7 @@ CURLcode Curl_loadhostpairs(struct Curl_easy *data)
       while(*host) {
         struct Curl_str target;
         struct Curl_addrinfo *ai;
+        CURLcode result;
 
         if(!curlx_str_single(&host, '[')) {
           if(curlx_str_until(&host, &target, MAX_IPADR_LEN, ']') ||
@@ -1368,8 +1345,8 @@ CURLcode Curl_loadhostpairs(struct Curl_easy *data)
         memcpy(address, curlx_str(&target), curlx_strlen(&target));
         address[curlx_strlen(&target)] = '\0';
 
-        ai = Curl_str2addr(address, (int)port);
-        if(!ai) {
+        result = Curl_str2addr(address, (int)port, &ai);
+        if(result) {
           infof(data, "Resolve address '%s' found illegal", address);
           goto err;
         }
@@ -1428,11 +1405,12 @@ err:
       /* put this new host in the cache */
       dns = dnscache_add_addr(data, dnscache, head, curlx_str(&source),
                               curlx_strlen(&source), (int)port, permanent);
-      if(dns) {
+      if(dns)
         /* release the returned reference; the cache itself will keep the
          * entry alive: */
         dns->refcount--;
-      }
+      else
+        Curl_freeaddrinfo(head);
 
       dnscache_unlock(data, dnscache);
 
diff --git a/tests/libtest/lib655.c b/tests/libtest/lib655.c
index 07392cbd86..a213a1c493 100644
--- a/tests/libtest/lib655.c
+++ b/tests/libtest/lib655.c
@@ -82,9 +82,9 @@ static CURLcode test_lib655(const char *URL)
 
   /* this should fail */
   res = curl_easy_perform(curl);
-  if(res != CURLE_COULDNT_RESOLVE_HOST) {
+  if(res != CURLE_ABORTED_BY_CALLBACK) {
     curl_mfprintf(stderr, "curl_easy_perform should have returned "
-                  "CURLE_COULDNT_RESOLVE_HOST but instead returned error %d\n",
+                  "CURLE_ABORTED_BY_CALLBACK but instead returned error %d\n",
                   res);
     if(res == CURLE_OK)
       res = TEST_ERR_FAILURE;

From 729f36e90fa8927ce85c4f1f7b67724988c35f00 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 25 Nov 2025 08:53:59 +0100
Subject: [PATCH 0987/2408] sendf: fix uninitialized variable in trace output

Initialize *nread early on.

Pointed out by CodeSonar

Closes #19684
---
 lib/sendf.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lib/sendf.c b/lib/sendf.c
index f70abb5797..4eabc14402 100644
--- a/lib/sendf.c
+++ b/lib/sendf.c
@@ -1195,6 +1195,7 @@ CURLcode Curl_client_read(struct Curl_easy *data, char *buf, size_t blen,
   DEBUGASSERT(blen);
   DEBUGASSERT(nread);
   DEBUGASSERT(eos);
+  *nread = 0;
 
   if(!data->req.reader_stack) {
     result = Curl_creader_set_fread(data, data->state.infilesize);

From d0ad652552564cbcf5c2f14869db0add4ff4ac50 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 25 Nov 2025 09:09:50 +0100
Subject: [PATCH 0988/2408] progress: remove two redundant variable checks

The entry condition in the function already exits early if either
low_speed_time or low_speed_limit is not set.

Pointed out by CodeSonar

Closes #19686
---
 lib/progress.c | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/lib/progress.c b/lib/progress.c
index 3985e1c1bf..59c5b9a00f 100644
--- a/lib/progress.c
+++ b/lib/progress.c
@@ -109,7 +109,7 @@ UNITTEST CURLcode pgrs_speedcheck(struct Curl_easy *data,
     /* A paused transfer is not qualified for speed checks */
     return CURLE_OK;
 
-  if((data->progress.current_speed >= 0) && data->set.low_speed_time) {
+  if(data->progress.current_speed >= 0) {
     if(data->progress.current_speed < data->set.low_speed_limit) {
       if(!data->state.keeps_speed.tv_sec)
         /* under the limit at this moment */
@@ -134,10 +134,9 @@ UNITTEST CURLcode pgrs_speedcheck(struct Curl_easy *data,
       data->state.keeps_speed.tv_sec = 0;
   }
 
-  if(data->set.low_speed_limit)
-    /* if low speed limit is enabled, set the expire timer to make this
-       connection's speed get checked again in a second */
-    Curl_expire(data, 1000, EXPIRE_SPEEDCHECK);
+  /* since low speed limit is enabled, set the expire timer to make this
+     connection's speed get checked again in a second */
+  Curl_expire(data, 1000, EXPIRE_SPEEDCHECK);
 
   return CURLE_OK;
 }

From b8f83738c3ab01c214a314981626c86c9ffaca72 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 25 Nov 2025 10:07:30 +0100
Subject: [PATCH 0989/2408] asyn-ares: handle Curl_dnscache_mk_entry() OOM
 error

To avoid leaking memory.

Follow-up to ce06fe7771052549ff430
Closes #19688
---
 lib/asyn-ares.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/asyn-ares.c b/lib/asyn-ares.c
index d459fd4a75..1bc0f3247b 100644
--- a/lib/asyn-ares.c
+++ b/lib/asyn-ares.c
@@ -343,7 +343,8 @@ CURLcode Curl_async_is_resolved(struct Curl_easy *data,
         Curl_dnscache_mk_entry(data, ares->temp_ai,
                                data->state.async.hostname, 0,
                                data->state.async.port, FALSE);
-      ares->temp_ai = NULL; /* temp_ai now owned by entry */
+      if(data->state.async.dns)
+        ares->temp_ai = NULL; /* temp_ai now owned by entry */
 #ifdef HTTPSRR_WORKS
       if(data->state.async.dns) {
         struct Curl_https_rrinfo *lhrr = Curl_httpsrr_dup_move(&ares->hinfo);

From 6069c340b42a2a4d05f5dc76c49cd3e20e09ccb7 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 25 Nov 2025 10:14:28 +0100
Subject: [PATCH 0990/2408] tool_doswin: clear pointer when thread takes
 ownership

Attempt to address #19675
Closes #19689
---
 src/tool_doswin.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/src/tool_doswin.c b/src/tool_doswin.c
index 6204296a8b..cd0ec3b9c1 100644
--- a/src/tool_doswin.c
+++ b/src/tool_doswin.c
@@ -801,10 +801,7 @@ ThreadCleanup:
   if(socket_w != CURL_SOCKET_BAD)
     sclose(socket_w);
 
-  if(tdata) {
-    free(tdata);
-  }
-
+  free(tdata);
   return 0;
 }
 
@@ -884,6 +881,7 @@ curl_socket_t win32_stdin_read_thread(void)
       errorf("CreateThread error: 0x%08lx", GetLastError());
       break;
     }
+    tdata = NULL; /* win_stdin_thread_func owns it now */
 
     /* Connect to the thread and rearrange our own STDIN handles */
     socket_r = CURL_SOCKET(AF_INET, SOCK_STREAM, IPPROTO_TCP);

From ba65073037152555aae279a5ef8eae808e3e675e Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Tue, 25 Nov 2025 09:30:34 +0100
Subject: [PATCH 0991/2408] speedlimit: also reset on send unpausing

The low speedlimit currently counts both up- and download speed
accumulated. So, when unpausing upload, also reset the counter.

Closes #19687
---
 lib/progress.c | 8 ++++++++
 lib/progress.h | 3 ++-
 lib/transfer.c | 1 +
 3 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/lib/progress.c b/lib/progress.c
index 59c5b9a00f..7124a307d1 100644
--- a/lib/progress.c
+++ b/lib/progress.c
@@ -196,6 +196,14 @@ void Curl_pgrsRecvPause(struct Curl_easy *data, bool enable)
   }
 }
 
+void Curl_pgrsSendPause(struct Curl_easy *data, bool enable)
+{
+  if(!enable) {
+    data->progress.speeder_c = 0; /* reset speed records */
+    pgrs_speedinit(data); /* reset low speed measurements */
+  }
+}
+
 /*
  *
  * Curl_pgrsTimeWas(). Store the timestamp time at the given label.
diff --git a/lib/progress.h b/lib/progress.h
index 96a26fe1a4..5535c69cbf 100644
--- a/lib/progress.h
+++ b/lib/progress.h
@@ -59,8 +59,9 @@ void Curl_pgrsUpdate_nometer(struct Curl_easy *data);
 /* perform progress update with callbacks and speed checks */
 CURLcode Curl_pgrsCheck(struct Curl_easy *data);
 
-/* Inform progress/speedcheck about receive pausing */
+/* Inform progress/speedcheck about receive/send pausing */
 void Curl_pgrsRecvPause(struct Curl_easy *data, bool enable);
+void Curl_pgrsSendPause(struct Curl_easy *data, bool enable);
 
 /* Reset sizes and couners for up- and download. */
 void Curl_pgrsReset(struct Curl_easy *data);
diff --git a/lib/transfer.c b/lib/transfer.c
index fbacdf4290..04a013361e 100644
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -925,6 +925,7 @@ CURLcode Curl_xfer_pause_send(struct Curl_easy *data, bool enable)
   Curl_rlimit_block(&data->progress.ul.rlimit, enable, curlx_now());
   if(!enable && Curl_creader_is_paused(data))
     result = Curl_creader_unpause(data);
+  Curl_pgrsSendPause(data, enable);
   return result;
 }
 

From 92e6782d1f0dbf0f011fe01ecc4c17b4109561b2 Mon Sep 17 00:00:00 2001
From: Patrick Monnerat 
Date: Mon, 24 Nov 2025 19:50:26 +0100
Subject: [PATCH 0992/2408] doc: some returned in-memory data may not be
 altered

Some public prototypes do not declare return values or out parameters as
const where they should be. Avoid changing the public interface, but
document those values as read-only.

Closes #19692
---
 docs/libcurl/curl_easy_escape.md       | 3 ++-
 docs/libcurl/curl_easy_unescape.md     | 3 ++-
 docs/libcurl/curl_escape.md            | 3 ++-
 docs/libcurl/curl_getenv.md            | 3 ++-
 docs/libcurl/curl_mprintf.md           | 2 +-
 docs/libcurl/curl_multi_get_handles.md | 3 ++-
 docs/libcurl/curl_pushheader_byname.md | 3 ++-
 docs/libcurl/curl_pushheader_bynum.md  | 3 ++-
 docs/libcurl/curl_slist_append.md      | 4 ++--
 docs/libcurl/curl_unescape.md          | 3 ++-
 docs/libcurl/curl_url.md               | 3 +++
 docs/libcurl/curl_url_get.md           | 1 +
 12 files changed, 23 insertions(+), 11 deletions(-)

diff --git a/docs/libcurl/curl_easy_escape.md b/docs/libcurl/curl_easy_escape.md
index b10500ac26..1480a75c59 100644
--- a/docs/libcurl/curl_easy_escape.md
+++ b/docs/libcurl/curl_easy_escape.md
@@ -30,7 +30,8 @@ char *curl_easy_escape(CURL *curl, const char *string, int length);
 This function converts the given input *string* to a URL encoded string and
 returns that as a new allocated string. All input characters that are not a-z,
 A-Z, 0-9, '-', '.', '_' or '~' are converted to their "URL escaped" version
-(**%NN** where **NN** is a two-digit hexadecimal number).
+(**%NN** where **NN** is a two-digit hexadecimal number). Although not
+constrained by its type, the returned string may not be altered.
 
 If *length* is set to 0 (zero), curl_easy_escape(3) uses strlen() on the input
 *string* to find out the size. This function does not accept input strings
diff --git a/docs/libcurl/curl_easy_unescape.md b/docs/libcurl/curl_easy_unescape.md
index 2e78ad5d9f..49e4c6bf26 100644
--- a/docs/libcurl/curl_easy_unescape.md
+++ b/docs/libcurl/curl_easy_unescape.md
@@ -30,7 +30,8 @@ char *curl_easy_unescape(CURL *curl, const char *input,
 This function converts the URL encoded string **input** to a "plain string"
 and returns that in an allocated memory area. All input characters that are URL
 encoded (%XX where XX is a two-digit hexadecimal number) are converted to their
-binary versions.
+binary versions. Although not constrained by its type, the returned data may
+not be altered.
 
 If the **length** argument is set to 0 (zero), curl_easy_unescape(3)
 uses strlen() on **input** to find out the size.
diff --git a/docs/libcurl/curl_escape.md b/docs/libcurl/curl_escape.md
index c24d1890d4..967d375a97 100644
--- a/docs/libcurl/curl_escape.md
+++ b/docs/libcurl/curl_escape.md
@@ -31,7 +31,8 @@ Obsolete function. Use curl_easy_escape(3) instead.
 This function converts the given input **string** to a URL encoded string
 and return that as a new allocated string. All input characters that are not
 a-z, A-Z or 0-9 are converted to their "URL escaped" version (**%NN** where
-**NN** is a two-digit hexadecimal number).
+**NN** is a two-digit hexadecimal number). Although not constrained by its
+type, the returned string may not be altered.
 
 If the **length** argument is set to 0, curl_escape(3) uses strlen()
 on **string** to find out the size.
diff --git a/docs/libcurl/curl_getenv.md b/docs/libcurl/curl_getenv.md
index 2cfb58148c..047c913f25 100644
--- a/docs/libcurl/curl_getenv.md
+++ b/docs/libcurl/curl_getenv.md
@@ -29,7 +29,8 @@ curl_getenv() is a portable wrapper for the getenv() function, meant to
 emulate its behavior and provide an identical interface for all operating
 systems libcurl builds on (including Windows).
 
-You must curl_free(3) the returned string when you are done with it.
+You must curl_free(3) the returned string when you are done with it and,
+although not constrained by its type, it may not be altered.
 
 # %PROTOCOLS%
 
diff --git a/docs/libcurl/curl_mprintf.md b/docs/libcurl/curl_mprintf.md
index 4f5c090579..a592cfb3e6 100644
--- a/docs/libcurl/curl_mprintf.md
+++ b/docs/libcurl/curl_mprintf.md
@@ -67,7 +67,7 @@ the value of *ap* is undefined after the call.
 
 The functions **curl_maprintf()** and **curl_mvaprintf()** return the
 output string as pointer to a newly allocated memory area. The returned string
-must be curl_free(3)ed by the receiver.
+may not be overwritten and must be curl_free(3)ed by the receiver.
 
 All of these functions write the output under the control of a format string
 that specifies how subsequent arguments are converted for output.
diff --git a/docs/libcurl/curl_multi_get_handles.md b/docs/libcurl/curl_multi_get_handles.md
index f94436a889..56da272b8a 100644
--- a/docs/libcurl/curl_multi_get_handles.md
+++ b/docs/libcurl/curl_multi_get_handles.md
@@ -41,7 +41,8 @@ are out of sync.
 
 The order of the easy handles within the array is not guaranteed.
 
-The returned array must be freed with a call to curl_free(3) after use.
+The returned array may not be overwritten and must be freed with a call to
+curl_free(3) after use.
 
 # %PROTOCOLS%
 
diff --git a/docs/libcurl/curl_pushheader_byname.md b/docs/libcurl/curl_pushheader_byname.md
index d066ea7b85..e2968fcd46 100644
--- a/docs/libcurl/curl_pushheader_byname.md
+++ b/docs/libcurl/curl_pushheader_byname.md
@@ -33,7 +33,8 @@ elsewhere and it has no function then.
 It returns the value for the given header field name (or NULL) for the
 incoming server push request. This is a shortcut so that the application does
 not have to loop through all headers to find the one it is interested in. The
-data this function points to is freed when this callback returns. If more than
+data this function points to is freed when this callback returns and,
+although not constrained by its type, may not be altered. If more than
 one header field use the same name, this returns only the first one.
 
 # %PROTOCOLS%
diff --git a/docs/libcurl/curl_pushheader_bynum.md b/docs/libcurl/curl_pushheader_bynum.md
index 12555c57f0..2431ff446b 100644
--- a/docs/libcurl/curl_pushheader_bynum.md
+++ b/docs/libcurl/curl_pushheader_bynum.md
@@ -33,7 +33,8 @@ elsewhere and it has no function then.
 It returns the value for the header field at the given index **num**, for
 the incoming server push request or NULL. The data pointed to is freed by
 libcurl when this callback returns. The returned pointer points to a
-"name:value" string that gets freed when this callback returns.
+"name:value" string that gets freed when this callback returns; although
+not constrained by its type, this string may not be altered.
 
 # %PROTOCOLS%
 
diff --git a/docs/libcurl/curl_slist_append.md b/docs/libcurl/curl_slist_append.md
index b2766f728d..3ebc19e354 100644
--- a/docs/libcurl/curl_slist_append.md
+++ b/docs/libcurl/curl_slist_append.md
@@ -33,8 +33,8 @@ new list. The specified **string** has been appended when this function
 returns. curl_slist_append(3) copies the string. The **string** argument must
 be a valid string pointer and cannot be NULL.
 
-The list should be freed again (after usage) with
-curl_slist_free_all(3).
+The list should be freed (after usage) with curl_slist_free_all(3).
+Its nodes and pointed content may not be altered outside this function.
 
 # %PROTOCOLS%
 
diff --git a/docs/libcurl/curl_unescape.md b/docs/libcurl/curl_unescape.md
index 2600f14361..453fd53145 100644
--- a/docs/libcurl/curl_unescape.md
+++ b/docs/libcurl/curl_unescape.md
@@ -33,7 +33,8 @@ Deprecated. Use curl_easy_unescape(3) instead.
 This function converts the URL encoded string **input** to a "plain string"
 and return that as a new allocated string. All input characters that are URL
 encoded (%XX where XX is a two-digit hexadecimal number) are converted to
-their plain text versions.
+their plain text versions. Although not constrained by its type, the returned
+data may not be altered.
 
 If the **length** argument is set to 0, curl_unescape(3) calls
 strlen() on **input** to find out the size.
diff --git a/docs/libcurl/curl_url.md b/docs/libcurl/curl_url.md
index 5872134e13..8053e630b8 100644
--- a/docs/libcurl/curl_url.md
+++ b/docs/libcurl/curl_url.md
@@ -38,6 +38,9 @@ single URL. When the object is first created, there is of course no components
 stored. They are then set in the object with the curl_url_set(3)
 function.
 
+The object must be destroyed with a call to curl_url_cleanup(3) when no
+longer needed.
+
 # %PROTOCOLS%
 
 # EXAMPLE
diff --git a/docs/libcurl/curl_url_get.md b/docs/libcurl/curl_url_get.md
index a9bb0bdc23..bed1c02f17 100644
--- a/docs/libcurl/curl_url_get.md
+++ b/docs/libcurl/curl_url_get.md
@@ -43,6 +43,7 @@ allocated string with the contents.
 The *flags* argument is a bitmask with individual features.
 
 The returned content pointer must be freed with curl_free(3) after use.
+Although not constrained by its type, the pointed string may not be altered.
 
 # FLAGS
 

From 74bd3e2f98b26b283dbdb5af543e0c43e61a6155 Mon Sep 17 00:00:00 2001
From: Patrick Monnerat 
Date: Mon, 24 Nov 2025 14:57:38 +0100
Subject: [PATCH 0993/2408] slist: constify Curl_slist_append_nodup() string
 argument

Although finally stored as a non-const pointer, the string is intended
to be left unchanged.

This change allows using the function without the need of a cast for
const pointers.

Closes #19692
---
 lib/slist.c | 5 +++--
 lib/slist.h | 2 +-
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/lib/slist.c b/lib/slist.c
index 366b247609..88fdd8a2ba 100644
--- a/lib/slist.c
+++ b/lib/slist.c
@@ -58,7 +58,8 @@ static struct curl_slist *slist_get_last(struct curl_slist *list)
  * If an error occurs, NULL is returned and the string argument is NOT
  * released.
  */
-struct curl_slist *Curl_slist_append_nodup(struct curl_slist *list, char *data)
+struct curl_slist *Curl_slist_append_nodup(struct curl_slist *list,
+                                           const char *data)
 {
   struct curl_slist     *last;
   struct curl_slist     *new_item;
@@ -70,7 +71,7 @@ struct curl_slist *Curl_slist_append_nodup(struct curl_slist *list, char *data)
     return NULL;
 
   new_item->next = NULL;
-  new_item->data = data;
+  new_item->data = CURL_UNCONST(data);
 
   /* if this is the first item, then new_item *is* the list */
   if(!list)
diff --git a/lib/slist.h b/lib/slist.h
index 9561fd0226..47a30824db 100644
--- a/lib/slist.h
+++ b/lib/slist.h
@@ -36,6 +36,6 @@ struct curl_slist *Curl_slist_duplicate(struct curl_slist *inlist);
  * it to the list.
  */
 struct curl_slist *Curl_slist_append_nodup(struct curl_slist *list,
-                                           char *data);
+                                           const char *data);
 
 #endif /* HEADER_CURL_SLIST_H */

From 62683ad3f49aeb60ab311cf52aacc5630116418a Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 25 Nov 2025 03:35:40 +0100
Subject: [PATCH 0994/2408] curlx: replace `sprintf` with `snprintf`

To avoid using a deprecated function on Windows.

Also: de-dupe `SNPRINTF` definition in curlx.

Closes #19681
---
 lib/Makefile.inc      |  1 +
 lib/curl_setup.h      |  3 +--
 lib/curlx/inet_ntop.c | 14 +++++++-------
 lib/curlx/snprintf.h  | 36 ++++++++++++++++++++++++++++++++++++
 lib/curlx/strerr.c    | 15 +--------------
 lib/curlx/winapi.c    | 15 +--------------
 src/Makefile.inc      |  1 +
 7 files changed, 48 insertions(+), 37 deletions(-)
 create mode 100644 lib/curlx/snprintf.h

diff --git a/lib/Makefile.inc b/lib/Makefile.inc
index cad02c8237..85faa875e0 100644
--- a/lib/Makefile.inc
+++ b/lib/Makefile.inc
@@ -50,6 +50,7 @@ LIB_CURLX_HFILES = \
   curlx/inet_pton.h \
   curlx/multibyte.h \
   curlx/nonblock.h \
+  curlx/snprintf.h \
   curlx/strerr.h   \
   curlx/strparse.h \
   curlx/timediff.h \
diff --git a/lib/curl_setup.h b/lib/curl_setup.h
index 0e5ebb60c9..664aa14325 100644
--- a/lib/curl_setup.h
+++ b/lib/curl_setup.h
@@ -95,8 +95,7 @@
                                       unlink(), etc. */
 #endif
 #ifndef _CRT_SECURE_NO_WARNINGS
-#define _CRT_SECURE_NO_WARNINGS  /* for getenv(), gmtime(), sprintf(),
-                                    strcpy(),
+#define _CRT_SECURE_NO_WARNINGS  /* for getenv(), gmtime(), strcpy(),
                                     in tests: localtime(), sscanf() */
 #endif
 #endif /* _MSC_VER */
diff --git a/lib/curlx/inet_ntop.c b/lib/curlx/inet_ntop.c
index d4053f1a60..771af81474 100644
--- a/lib/curlx/inet_ntop.c
+++ b/lib/curlx/inet_ntop.c
@@ -32,6 +32,7 @@
 #endif
 
 #include "inet_ntop.h"
+#include "snprintf.h"
 
 #define IN6ADDRSZ       16
 /* #define INADDRSZ         4 */
@@ -61,13 +62,12 @@ static char *inet_ntop4(const unsigned char *src, char *dst, size_t size)
 
   DEBUGASSERT(size >= 16);
 
-  /* this sprintf() does not overflow the buffer. Avoids snprintf to work more
-     widely. Avoids the msnprintf family to work as a curlx function. */
-  (void)(sprintf)(tmp, "%d.%d.%d.%d",
-                  ((int)((unsigned char)src[0])) & 0xff,
-                  ((int)((unsigned char)src[1])) & 0xff,
-                  ((int)((unsigned char)src[2])) & 0xff,
-                  ((int)((unsigned char)src[3])) & 0xff);
+  /* this snprintf() does not overflow the buffer. */
+  SNPRINTF(tmp, sizeof(tmp), "%d.%d.%d.%d",
+           ((int)((unsigned char)src[0])) & 0xff,
+           ((int)((unsigned char)src[1])) & 0xff,
+           ((int)((unsigned char)src[2])) & 0xff,
+           ((int)((unsigned char)src[3])) & 0xff);
 
   len = strlen(tmp);
   if(len == 0 || len >= size) {
diff --git a/lib/curlx/snprintf.h b/lib/curlx/snprintf.h
new file mode 100644
index 0000000000..266ea137fa
--- /dev/null
+++ b/lib/curlx/snprintf.h
@@ -0,0 +1,36 @@
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) Daniel Stenberg, , et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ * SPDX-License-Identifier: curl
+ *
+ ***************************************************************************/
+
+/* Raw snprintf() for curlx */
+
+#ifdef WITHOUT_LIBCURL /* when built for the test servers */
+#if defined(_MSC_VER) && (_MSC_VER < 1900)  /* adjust for old MSVC */
+#define SNPRINTF _snprintf
+#else
+#define SNPRINTF snprintf
+#endif
+#else /* !WITHOUT_LIBCURL */
+#include 
+#define SNPRINTF curl_msnprintf
+#endif /* WITHOUT_LIBCURL */
diff --git a/lib/curlx/strerr.c b/lib/curlx/strerr.c
index 376f68b0b2..c33d107011 100644
--- a/lib/curlx/strerr.c
+++ b/lib/curlx/strerr.c
@@ -34,21 +34,8 @@
 
 #include 
 
-#ifndef WITHOUT_LIBCURL
-#include 
-#define SNPRINTF curl_msnprintf
-#else
-/* when built for the test servers */
-
-/* adjust for old MSVC */
-#if defined(_MSC_VER) && (_MSC_VER < 1900)
-#define SNPRINTF _snprintf
-#else
-#define SNPRINTF snprintf
-#endif
-#endif /* !WITHOUT_LIBCURL */
-
 #include "winapi.h"
+#include "snprintf.h"
 #include "strerr.h"
 /* The last 2 #include files should be in this order */
 #include "../curl_memory.h"
diff --git a/lib/curlx/winapi.c b/lib/curlx/winapi.c
index 7b3d6b6036..4cacbcb618 100644
--- a/lib/curlx/winapi.c
+++ b/lib/curlx/winapi.c
@@ -29,20 +29,7 @@
  */
 #ifdef _WIN32
 #include "winapi.h"
-
-#ifndef WITHOUT_LIBCURL
-#include 
-#define SNPRINTF curl_msnprintf
-#else
-/* when built for the test servers */
-
-/* adjust for old MSVC */
-#if defined(_MSC_VER) && (_MSC_VER < 1900)
-#define SNPRINTF _snprintf
-#else
-#define SNPRINTF snprintf
-#endif
-#endif /* !WITHOUT_LIBCURL */
+#include "snprintf.h"
 
 /* This is a helper function for curlx_strerror that converts Windows API error
  * codes (GetLastError) to error messages.
diff --git a/src/Makefile.inc b/src/Makefile.inc
index fa55837552..6e5e31f806 100644
--- a/src/Makefile.inc
+++ b/src/Makefile.inc
@@ -54,6 +54,7 @@ CURLX_HFILES = \
   ../lib/curlx/fopen.h \
   ../lib/curlx/multibyte.h \
   ../lib/curlx/nonblock.h \
+  ../lib/curlx/snprintf.h \
   ../lib/curlx/strerr.h \
   ../lib/curlx/strparse.h \
   ../lib/curlx/timediff.h \

From 4f807db155815800fde49c3ef8291a3f7c345429 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 25 Nov 2025 10:42:07 +0100
Subject: [PATCH 0995/2408] INTERNALS.md: add more dependency versions and
 dates

Closes #19691
---
 docs/INTERNALS.md | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/docs/INTERNALS.md b/docs/INTERNALS.md
index 75393a5d1c..222d9ab5ed 100644
--- a/docs/INTERNALS.md
+++ b/docs/INTERNALS.md
@@ -36,6 +36,7 @@ versions of libs and build tools.
  - nghttp2      1.15.0 (2016-09-25)
  - OpenLDAP     2.0 (2000-08-01)
  - OpenSSL      3.0.0 (2021-09-07)
+ - Windows      XP 5.1 (2001-08-24 - 2009-04-14)
  - wolfSSL      3.4.6 (2017-09-22)
  - zlib         1.2.5.2 (2011-12-11)
  - zstd         1.0 (2016-08-31)
@@ -46,12 +47,14 @@ versions of libs and build tools.
  we use a few "build tools" and we make sure that we remain functional with
  these versions:
 
- - GNU libtool  1.4.2 (2001-09-11)
- - GNU autoconf 2.59 (2003-11-06)
- - GNU automake 1.7 (2002-09-25)
- - GNU m4       1.4 (2007-09-21)
- - perl         5.8 (2002-07-19), on Windows: 5.22 (2015-06-01)
- - cmake        3.7 (2016-11-11)
+ - cmake          3.7 (2016-11-11)
+ - GNU autoconf   2.59 (2003-11-06)
+ - GNU automake   1.7 (2002-09-25)
+ - GNU libtool    1.4.2 (2001-09-11)
+ - GNU m4         1.4 (2007-09-21)
+ - mingw-w64      3.0 (2013-09-20)
+ - perl           5.8 (2002-07-19), on Windows: 5.22 (2015-06-01)
+ - Visual Studio  2010 10.0 (2010-04-12 - 2020-07-14)
 
 Library Symbols
 ===============

From 2b0ca15c49e2f437741603d6de29aaa7a7928d18 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Tue, 25 Nov 2025 11:39:04 +0100
Subject: [PATCH 0996/2408] ratelimit: remove a debug mprintf

Follow-up to 24b36fdd1585ea22e5e

Closes #19694
---
 lib/ratelimit.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/lib/ratelimit.c b/lib/ratelimit.c
index 8b34d77e13..c3593d5937 100644
--- a/lib/ratelimit.c
+++ b/lib/ratelimit.c
@@ -90,8 +90,6 @@ static void ratelimit_update(struct Curl_rlimit *r,
 
   elapsed_us = curlx_timediff_us(ts, r->ts);
   if(elapsed_us < 0) { /* not going back in time */
-    curl_mfprintf(stderr, "rlimit: neg elapsed time %" FMT_TIMEDIFF_T "us\n",
-                  elapsed_us);
     DEBUGASSERT(0);
     return;
   }

From fc09a2da4ad0595292ecabda6f50f5d415b70527 Mon Sep 17 00:00:00 2001
From: Yedaya Katsman 
Date: Sun, 23 Nov 2025 21:29:46 +0200
Subject: [PATCH 0997/2408] tool: log when loading .curlrc in verbose mode

Inspired by @vszakats in
https://github.com/curl/curl/pull/19631#issuecomment-3560803674

Closes #19663
---
 src/tool_getparam.c |  2 +-
 src/tool_operate.c  | 10 +++++++++-
 src/tool_parsecfg.c |  8 +++++++-
 src/tool_parsecfg.h |  3 ++-
 4 files changed, 19 insertions(+), 4 deletions(-)

diff --git a/src/tool_getparam.c b/src/tool_getparam.c
index 0bb1329b54..76113e45bd 100644
--- a/src/tool_getparam.c
+++ b/src/tool_getparam.c
@@ -2225,7 +2225,7 @@ static ParameterError opt_file(struct OperationConfig *config,
       err = PARAM_BAD_USE;
     }
     else {
-      err = parseconfig(nextarg, max_recursive);
+      err = parseconfig(nextarg, max_recursive, NULL);
     }
     break;
   case C_CRLFILE: /* --crlfile */
diff --git a/src/tool_operate.c b/src/tool_operate.c
index 69cfef96d7..eb591935db 100644
--- a/src/tool_operate.c
+++ b/src/tool_operate.c
@@ -2227,6 +2227,8 @@ CURLcode operate(int argc, argv_item_t argv[])
 {
   CURLcode result = CURLE_OK;
   const char *first_arg;
+  char *curlrc_path = NULL;
+  bool found_curlrc = FALSE;
 
   first_arg = argc > 1 ? convert_tchar_to_UTF8(argv[1]) : NULL;
 
@@ -2240,7 +2242,8 @@ CURLcode operate(int argc, argv_item_t argv[])
   if((argc == 1) ||
      (first_arg && strncmp(first_arg, "-q", 2) &&
       strcmp(first_arg, "--disable"))) {
-    parseconfig(NULL, CONFIG_MAX_LEVELS); /* ignore possible failure */
+    if(!parseconfig(NULL, CONFIG_MAX_LEVELS, &curlrc_path))
+      found_curlrc = TRUE;
 
     /* If we had no arguments then make sure a URL was specified in .curlrc */
     if((argc < 2) && (!global->first->url_list)) {
@@ -2254,6 +2257,11 @@ CURLcode operate(int argc, argv_item_t argv[])
   if(!result) {
     /* Parse the command line arguments */
     ParameterError res = parse_args(argc, argv);
+    if(found_curlrc) {
+      /* After parse_args so notef knows the verbosity */
+      notef("Read config file from '%s'", curlrc_path);
+      free(curlrc_path);
+    }
     if(res) {
       result = CURLE_OK;
 
diff --git a/src/tool_parsecfg.c b/src/tool_parsecfg.c
index 53b63746b5..e7a00cf708 100644
--- a/src/tool_parsecfg.c
+++ b/src/tool_parsecfg.c
@@ -81,7 +81,8 @@ static int unslashquote(const char *line, struct dynbuf *param)
 #define MAX_CONFIG_LINE_LENGTH (10*1024*1024)
 
 /* return 0 on everything-is-fine, and non-zero otherwise */
-ParameterError parseconfig(const char *filename, int max_recursive)
+ParameterError parseconfig(const char *filename, int max_recursive,
+                           char **resolved)
 {
   FILE *file = NULL;
   bool usedarg = FALSE;
@@ -264,6 +265,11 @@ ParameterError parseconfig(const char *filename, int max_recursive)
   if((err == PARAM_READ_ERROR) && filename)
     errorf("cannot read config from '%s'", filename);
 
+  if(!err && resolved) {
+    *resolved = strdup(filename);
+    if(!*resolved)
+      err = PARAM_NO_MEM;
+  }
   free(pathalloc);
   return err;
 }
diff --git a/src/tool_parsecfg.h b/src/tool_parsecfg.h
index 3aad9bdd9c..860b9df38e 100644
--- a/src/tool_parsecfg.h
+++ b/src/tool_parsecfg.h
@@ -27,7 +27,8 @@
 
 /* only allow this many levels of recursive --config use */
 #define CONFIG_MAX_LEVELS 5
-ParameterError parseconfig(const char *filename, int max_recursive);
+ParameterError parseconfig(const char *filename, int max_recursive,
+                           char **resolved);
 bool my_get_line(FILE *fp, struct dynbuf *db, bool *error);
 
 #endif /* HEADER_CURL_TOOL_PARSECFG_H */

From 208a6aebf223200293a5f0c1bdc3cced36d5af1f Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Tue, 25 Nov 2025 10:00:23 +0100
Subject: [PATCH 0998/2408] lib: timer stats improvements

* move the TIMER_POSTQUEUE to the time a connection is chosen,
  so that TIMER_NAMELOOKUP always happens afterwards
* client writer: do not trigger TIMER_STARTTRANSFER on CLIENTWRITE_INFO
  as ftp and other pingpong protocols write that before starting anything
  that is the tranfer itself
* Elimnating debug trancing of "closed stream/connection - bailing"
  as confusing, as connection is not really closed on most cases.
* Setting 'data->req.upload_done` correctly, so that no "abort upload"
  is happening at the end of a perfectly fine download.
* Adding test cases with up-/download of 0-length files.
* pytest: add a "timeline" of timer value checks to Resulst in curl.py,
  so that this can be used in several test cases, replacing the local
  stuff in test_16
* add timeline checks to ftp test cases

Closes #19269
---
 lib/cfilters.c                    | 13 +++---
 lib/multi.c                       |  2 +-
 lib/request.c                     | 10 ++++-
 lib/sendf.c                       |  3 +-
 lib/transfer.c                    | 13 +-----
 lib/url.c                         |  1 +
 lib/vquic/curl_osslq.c            |  8 ++++
 tests/http/test_02_download.py    |  6 ++-
 tests/http/test_16_info.py        | 56 ++---------------------
 tests/http/test_30_vsftpd.py      | 21 ++++++---
 tests/http/test_31_vsftpds.py     |  5 +++
 tests/http/test_32_ftps_vsftpd.py |  6 +++
 tests/http/testenv/curl.py        | 74 +++++++++++++++++++++++++++++++
 tests/libtest/lib500.c            |  5 ++-
 14 files changed, 141 insertions(+), 82 deletions(-)

diff --git a/lib/cfilters.c b/lib/cfilters.c
index 507512f8aa..f0da4778a6 100644
--- a/lib/cfilters.c
+++ b/lib/cfilters.c
@@ -63,8 +63,8 @@ CURLcode Curl_cf_def_shutdown(struct Curl_cfilter *cf,
   return CURLE_OK;
 }
 
-static void conn_report_connect_stats(struct Curl_easy *data,
-                                      struct connectdata *conn);
+static void conn_report_connect_stats(struct Curl_cfilter *cf,
+                                      struct Curl_easy *data);
 
 CURLcode Curl_cf_def_adjust_pollset(struct Curl_cfilter *cf,
                                     struct Curl_easy *data,
@@ -508,7 +508,7 @@ CURLcode Curl_conn_connect(struct Curl_easy *data,
        * persist information at the connection. E.g. cf-socket sets the
        * socket and ip related information. */
       cf_cntrl_update_info(data, data->conn);
-      conn_report_connect_stats(data, data->conn);
+      conn_report_connect_stats(cf, data);
       data->conn->keepalive = curlx_now();
 #ifndef CURL_DISABLE_VERBOSE_STRINGS
       result = cf_verboseconnect(data, cf);
@@ -518,7 +518,7 @@ CURLcode Curl_conn_connect(struct Curl_easy *data,
     else if(result) {
       CURL_TRC_CF(data, cf, "Curl_conn_connect(), filter returned %d",
                   result);
-      conn_report_connect_stats(data, data->conn);
+      conn_report_connect_stats(cf, data);
       goto out;
     }
 
@@ -1008,10 +1008,9 @@ static void cf_cntrl_update_info(struct Curl_easy *data,
 /**
  * Update connection statistics
  */
-static void conn_report_connect_stats(struct Curl_easy *data,
-                                      struct connectdata *conn)
+static void conn_report_connect_stats(struct Curl_cfilter *cf,
+                                      struct Curl_easy *data)
 {
-  struct Curl_cfilter *cf = conn->cfilter[FIRSTSOCKET];
   if(cf) {
     struct curltime connected;
     struct curltime appconnected;
diff --git a/lib/multi.c b/lib/multi.c
index 00af3ca2bd..db04d64c23 100644
--- a/lib/multi.c
+++ b/lib/multi.c
@@ -2337,7 +2337,7 @@ static CURLMcode state_connect(struct Curl_multi *multi,
     process_pending_handles(data->multi);
 
   if(!result) {
-    *nowp = Curl_pgrsTime(data, TIMER_POSTQUEUE);
+    *nowp = curlx_now();
     if(async)
       /* We are now waiting for an asynchronous name lookup */
       multistate(data, MSTATE_RESOLVING);
diff --git a/lib/request.c b/lib/request.c
index 5bfcdfbfb8..324c4c48f9 100644
--- a/lib/request.c
+++ b/lib/request.c
@@ -393,6 +393,11 @@ CURLcode Curl_req_send(struct Curl_easy *data, struct dynbuf *req,
       return result;
     buf += nwritten;
     blen -= nwritten;
+    if(!blen) {
+      result = req_set_upload_done(data);
+      if(result)
+        return result;
+    }
   }
 
   if(blen) {
@@ -469,6 +474,9 @@ CURLcode Curl_req_stop_send_recv(struct Curl_easy *data)
   /* stop receiving and ALL sending as well, including PAUSE and HOLD.
    * We might still be paused on receive client writes though, so
    * keep those bits around. */
+  CURLcode result = CURLE_OK;
+  if(data->req.keepon & KEEP_SEND)
+    result = Curl_req_abort_sending(data);
   data->req.keepon &= ~(KEEP_RECV|KEEP_SEND);
-  return Curl_req_abort_sending(data);
+  return result;
 }
diff --git a/lib/sendf.c b/lib/sendf.c
index 4eabc14402..6731cd874b 100644
--- a/lib/sendf.c
+++ b/lib/sendf.c
@@ -230,7 +230,8 @@ static CURLcode cw_download_write(struct Curl_easy *data,
   size_t nwrite, excess_len = 0;
   bool is_connect = !!(type & CLIENTWRITE_CONNECT);
 
-  if(!is_connect && !ctx->started_response) {
+  if(!ctx->started_response &&
+     !(type & (CLIENTWRITE_INFO|CLIENTWRITE_CONNECT))) {
     Curl_pgrsTime(data, TIMER_STARTTRANSFER);
     Curl_rlimit_start(&data->progress.dl.rlimit, curlx_now());
     ctx->started_response = TRUE;
diff --git a/lib/transfer.c b/lib/transfer.c
index 04a013361e..f2df2cef8c 100644
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -301,18 +301,7 @@ static CURLcode sendrecv_dl(struct Curl_easy *data,
     /* We only get a 0-length receive at the end of the response */
     is_eos = (blen == 0);
 
-    if(!blen && (conn->recv[FIRSTSOCKET] == Curl_cf_recv)) {
-      /* if we receive 0 or less here and the protocol handler did not
-         replace the connection's `recv` callback, either the data transfer
-         is done or the server closed the connection and
-         we bail out from this!
-         With a `recv` replacement, we assume the protocol handler knows
-         what it is doing and a 0-length receive is fine. For example,
-         SFTP downloads of an empty file would show this. See #19165. */
-      if(is_multiplex)
-        DEBUGF(infof(data, "nread == 0, stream closed, bailing"));
-      else
-        DEBUGF(infof(data, "nread <= 0, server closed connection, bailing"));
+    if(!blen) {
       result = Curl_req_stop_send_recv(data);
       if(result)
         goto out;
diff --git a/lib/url.c b/lib/url.c
index 1d4c6b1fc4..d953734dce 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -3834,6 +3834,7 @@ CURLcode Curl_connect(struct Curl_easy *data,
 
   if(!result) {
     DEBUGASSERT(conn);
+    Curl_pgrsTime(data, TIMER_POSTQUEUE);
     if(reused) {
       if(CONN_ATTACHED(conn) > 1)
         /* multiplexed */
diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c
index f447e8dddf..b890a8d951 100644
--- a/lib/vquic/curl_osslq.c
+++ b/lib/vquic/curl_osslq.c
@@ -1803,6 +1803,14 @@ static CURLcode cf_osslq_connect(struct Curl_cfilter *cf,
 
   if(err == 1) {
     /* connected */
+    if(!ctx->got_first_byte) {
+      /* if not recorded yet, take the timestamp before we called
+       * SSL_do_handshake() as the time we received the first packet. */
+      ctx->got_first_byte = TRUE;
+      ctx->first_byte_at = now;
+    }
+    /* Record the handshake complete with a new time stamp. */
+    now = curlx_now();
     ctx->handshake_at = now;
     ctx->q.last_io = now;
     CURL_TRC_CF(data, cf, "handshake complete after %" FMT_TIMEDIFF_T "ms",
diff --git a/tests/http/test_02_download.py b/tests/http/test_02_download.py
index 8cfd68b204..dcfe9690bc 100644
--- a/tests/http/test_02_download.py
+++ b/tests/http/test_02_download.py
@@ -43,6 +43,7 @@ class TestDownload:
     @pytest.fixture(autouse=True, scope='class')
     def _class_scope(self, env, httpd):
         indir = httpd.docs_dir
+        env.make_data_file(indir=indir, fname="data-0k", fsize=0)
         env.make_data_file(indir=indir, fname="data-10k", fsize=10*1024)
         env.make_data_file(indir=indir, fname="data-100k", fsize=100*1024)
         env.make_data_file(indir=indir, fname="data-1m", fsize=1024*1024)
@@ -52,9 +53,10 @@ class TestDownload:
 
     # download 1 file
     @pytest.mark.parametrize("proto", Env.http_protos())
-    def test_02_01_download_1(self, env: Env, httpd, nghttpx, proto):
+    @pytest.mark.parametrize("docname", ['data.json', 'data-0k', 'data-10k', 'data-100k'])
+    def test_02_01_download_1(self, env: Env, httpd, nghttpx, proto, docname):
         curl = CurlClient(env=env)
-        url = f'https://{env.authority_for(env.domain1, proto)}/data.json'
+        url = f'https://{env.authority_for(env.domain1, proto)}/{docname}'
         r = curl.http_download(urls=[url], alpn_proto=proto)
         r.check_response(http_status=200)
 
diff --git a/tests/http/test_16_info.py b/tests/http/test_16_info.py
index 4e0d1ed5b1..80984a284e 100644
--- a/tests/http/test_16_info.py
+++ b/tests/http/test_16_info.py
@@ -56,6 +56,7 @@ class TestInfo:
                       remote_ip='127.0.0.1')
         for idx, s in enumerate(r.stats):
             self.check_stat(idx, s, r, dl_size=30, ul_size=0)
+            r.check_stats_timeline(idx)
 
     # download plain file with a 302 redirect
     @pytest.mark.parametrize("proto", Env.http_protos())
@@ -71,6 +72,7 @@ class TestInfo:
                       remote_ip='127.0.0.1')
         for idx, s in enumerate(r.stats):
             self.check_stat(idx, s, r, dl_size=30, ul_size=0)
+            r.check_stats_timeline(idx)
 
     @pytest.mark.parametrize("proto", Env.http_protos())
     def test_16_03_info_upload(self, env: Env, httpd, nghttpx, proto):
@@ -89,6 +91,7 @@ class TestInfo:
                       remote_ip='127.0.0.1')
         for idx, s in enumerate(r.stats):
             self.check_stat(idx, s, r, dl_size=fsize, ul_size=fsize)
+            r.check_stats_timeline(idx)
 
     # download plain file via http: ('time_appconnect' is 0)
     @pytest.mark.parametrize("proto", ['http/1.1'])
@@ -101,9 +104,9 @@ class TestInfo:
                       remote_port=env.http_port, remote_ip='127.0.0.1')
         for idx, s in enumerate(r.stats):
             self.check_stat(idx, s, r, dl_size=30, ul_size=0)
+            r.check_stats_timeline(idx)
 
     def check_stat(self, idx, s, r, dl_size=None, ul_size=None):
-        self.check_stat_times(s, idx)
         # we always send something
         self.check_stat_positive(s, idx, 'size_request')
         # we always receive response headers
@@ -118,54 +121,3 @@ class TestInfo:
     def check_stat_positive(self, s, idx, key):
         assert key in s, f'stat #{idx} "{key}" missing: {s}'
         assert s[key] > 0, f'stat #{idx} "{key}" not positive: {s}'
-
-    def check_stat_positive_or_0(self, s, idx, key):
-        assert key in s, f'stat #{idx} "{key}" missing: {s}'
-        assert s[key] >= 0, f'stat #{idx} "{key}" not positive: {s}'
-
-    def check_stat_zero(self, s, key):
-        assert key in s, f'stat "{key}" missing: {s}'
-        assert s[key] == 0, f'stat "{key}" not zero: {s}'
-
-    def check_stat_times(self, s, idx):
-        # check timings reported on a transfer for consistency
-        url = s['url_effective']
-        # connect time is sometimes reported as 0 by openssl-quic (sigh)
-        self.check_stat_positive_or_0(s, idx, 'time_connect')
-        # all stat keys which reporting timings
-        all_keys = {
-            'time_appconnect', 'time_redirect',
-            'time_pretransfer', 'time_starttransfer', 'time_total'
-        }
-        # stat keys where we expect a positive value
-        pos_keys = {'time_pretransfer', 'time_starttransfer', 'time_total', 'time_queue'}
-        if s['num_connects'] > 0:
-            if url.startswith('https:'):
-                pos_keys.add('time_appconnect')
-        if s['num_redirects'] > 0:
-            pos_keys.add('time_redirect')
-        zero_keys = all_keys - pos_keys
-        # assert all zeros are zeros and the others are positive
-        for key in zero_keys:
-            self.check_stat_zero(s, key)
-        for key in pos_keys:
-            self.check_stat_positive(s, idx, key)
-        # assert that all timers before "time_pretransfer" are less or equal
-        for key in ['time_appconnect', 'time_connect', 'time_namelookup']:
-            assert s[key] < s['time_pretransfer'], f'time "{key}" larger than' \
-                f'"time_pretransfer": {s}'
-        # assert transfer total is after pretransfer.
-        # (in MOST situations, pretransfer is before starttransfer, BUT
-        # in protocols like HTTP we might get a server response already before
-        # we transition to multi state DID.)
-        assert s['time_pretransfer'] <= s['time_total'], f'"time_pretransfer" '\
-            f'greater than "time_total", {s}'
-        # assert that transfer start is before total
-        assert s['time_starttransfer'] <= s['time_total'], f'"time_starttransfer" '\
-            f'greater than "time_total", {s}'
-        if s['num_redirects'] > 0:
-            assert s['time_queue'] < s['time_starttransfer'], f'"time_queue" '\
-                f'greater/equal than "time_starttransfer", {s}'
-        else:
-            assert s['time_queue'] <= s['time_starttransfer'], f'"time_queue" '\
-                f'greater than "time_starttransfer", {s}'
diff --git a/tests/http/test_30_vsftpd.py b/tests/http/test_30_vsftpd.py
index bffeae35cf..7d113d5363 100644
--- a/tests/http/test_30_vsftpd.py
+++ b/tests/http/test_30_vsftpd.py
@@ -63,10 +63,12 @@ class TestVsFTPD:
             shutil.rmtree(vsftpd.docs_dir)
         if not os.path.exists(vsftpd.docs_dir):
             os.makedirs(vsftpd.docs_dir)
+        self._make_docs_file(docs_dir=vsftpd.docs_dir, fname='data-0k', fsize=0)
         self._make_docs_file(docs_dir=vsftpd.docs_dir, fname='data-1k', fsize=1024)
         self._make_docs_file(docs_dir=vsftpd.docs_dir, fname='data-10k', fsize=10*1024)
         self._make_docs_file(docs_dir=vsftpd.docs_dir, fname='data-1m', fsize=1024*1024)
         self._make_docs_file(docs_dir=vsftpd.docs_dir, fname='data-10m', fsize=10*1024*1024)
+        env.make_data_file(indir=env.gen_dir, fname="upload-0k", fsize=0)
         env.make_data_file(indir=env.gen_dir, fname="upload-1k", fsize=1024)
         env.make_data_file(indir=env.gen_dir, fname="upload-100k", fsize=100*1024)
         env.make_data_file(indir=env.gen_dir, fname="upload-1m", fsize=1024*1024)
@@ -77,11 +79,12 @@ class TestVsFTPD:
         r = curl.ftp_get(urls=[url], with_stats=True)
         r.check_stats(count=1, http_status=226)
         lines = open(os.path.join(curl.run_dir, 'download_#1.data')).readlines()
-        assert len(lines) == 4, f'list: {lines}'
+        assert len(lines) == 5, f'list: {lines}'
+        r.check_stats_timelines()
 
     # download 1 file, no SSL
     @pytest.mark.parametrize("docname", [
-        'data-1k', 'data-1m', 'data-10m'
+        'data-0k', 'data-1k', 'data-1m', 'data-10m'
     ])
     def test_30_02_download_1(self, env: Env, vsftpd: VsFTPD, docname):
         curl = CurlClient(env=env)
@@ -91,9 +94,10 @@ class TestVsFTPD:
         r = curl.ftp_get(urls=[url], with_stats=True)
         r.check_stats(count=count, http_status=226)
         self.check_downloads(curl, srcfile, count)
+        r.check_stats_timelines()
 
     @pytest.mark.parametrize("docname", [
-        'data-1k', 'data-1m', 'data-10m'
+        'data-0k', 'data-1k', 'data-1m', 'data-10m'
     ])
     def test_30_03_download_10_serial(self, env: Env, vsftpd: VsFTPD, docname):
         curl = CurlClient(env=env)
@@ -104,9 +108,10 @@ class TestVsFTPD:
         r.check_stats(count=count, http_status=226)
         self.check_downloads(curl, srcfile, count)
         assert r.total_connects == count + 1, 'should reuse the control conn'
+        r.check_stats_timelines()
 
     @pytest.mark.parametrize("docname", [
-        'data-1k', 'data-1m', 'data-10m'
+        'data-0k', 'data-1k', 'data-1m', 'data-10m'
     ])
     def test_30_04_download_10_parallel(self, env: Env, vsftpd: VsFTPD, docname):
         curl = CurlClient(env=env)
@@ -119,9 +124,10 @@ class TestVsFTPD:
         r.check_stats(count=count, http_status=226)
         self.check_downloads(curl, srcfile, count)
         assert r.total_connects > count + 1, 'should have used several control conns'
+        r.check_stats_timelines()
 
     @pytest.mark.parametrize("docname", [
-        'upload-1k', 'upload-100k', 'upload-1m'
+        'upload-0k', 'upload-1k', 'upload-100k', 'upload-1m'
     ])
     def test_30_05_upload_1(self, env: Env, vsftpd: VsFTPD, docname):
         curl = CurlClient(env=env)
@@ -133,6 +139,7 @@ class TestVsFTPD:
         r = curl.ftp_upload(urls=[url], fupload=f'{srcfile}', with_stats=True)
         r.check_stats(count=count, http_status=226)
         self.check_upload(env, vsftpd, docname=docname)
+        r.check_stats_timelines()
 
     def _rmf(self, path):
         if os.path.exists(path):
@@ -188,6 +195,7 @@ class TestVsFTPD:
         ])
         r.check_stats(count=count, http_status=226)
         self.check_downloads(curl, srcfile, count)
+        r.check_stats_timelines()
 
     def test_30_09_active_up_file(self, env: Env, vsftpd: VsFTPD):
         docname = 'upload-1k'
@@ -202,6 +210,7 @@ class TestVsFTPD:
         ])
         r.check_stats(count=count, http_status=226)
         self.check_upload(env, vsftpd, docname=docname)
+        r.check_stats_timelines()
 
     def test_30_10_active_up_ascii(self, env: Env, vsftpd: VsFTPD):
         docname = 'upload-1k'
@@ -216,6 +225,7 @@ class TestVsFTPD:
         ])
         r.check_stats(count=count, http_status=226)
         self.check_upload(env, vsftpd, docname=docname, binary=False)
+        r.check_stats_timelines()
 
     def test_30_11_download_non_existing(self, env: Env, vsftpd: VsFTPD):
         curl = CurlClient(env=env)
@@ -223,6 +233,7 @@ class TestVsFTPD:
         r = curl.ftp_get(urls=[url], with_stats=True)
         r.check_exit_code(78)
         r.check_stats(count=1, exitcode=78)
+        r.check_stats_timelines()
 
     def check_downloads(self, client, srcfile: str, count: int,
                         complete: bool = True):
diff --git a/tests/http/test_31_vsftpds.py b/tests/http/test_31_vsftpds.py
index f7e32cb77b..93fef708cc 100644
--- a/tests/http/test_31_vsftpds.py
+++ b/tests/http/test_31_vsftpds.py
@@ -85,6 +85,7 @@ class TestVsFTPD:
         r.check_stats(count=1, http_status=226)
         lines = open(os.path.join(curl.run_dir, 'download_#1.data')).readlines()
         assert len(lines) == 4, f'list: {lines}'
+        r.check_stats_timelines()
 
     # download 1 file, no SSL
     @pytest.mark.parametrize("docname", [
@@ -98,6 +99,7 @@ class TestVsFTPD:
         r = curl.ftp_ssl_get(urls=[url], with_stats=True)
         r.check_stats(count=count, http_status=226)
         self.check_downloads(curl, srcfile, count)
+        r.check_stats_timelines()
 
     @pytest.mark.parametrize("docname", [
         'data-1k', 'data-1m', 'data-10m'
@@ -111,6 +113,7 @@ class TestVsFTPD:
         r.check_stats(count=count, http_status=226)
         self.check_downloads(curl, srcfile, count)
         assert r.total_connects == count + 1, 'should reuse the control conn'
+        r.check_stats_timelines()
 
     @pytest.mark.parametrize("docname", [
         'data-1k', 'data-1m', 'data-10m'
@@ -126,6 +129,7 @@ class TestVsFTPD:
         r.check_stats(count=count, http_status=226)
         self.check_downloads(curl, srcfile, count)
         assert r.total_connects > count + 1, 'should have used several control conns'
+        r.check_stats_timelines()
 
     @pytest.mark.parametrize("docname", [
         'upload-1k', 'upload-100k', 'upload-1m'
@@ -140,6 +144,7 @@ class TestVsFTPD:
         r = curl.ftp_ssl_upload(urls=[url], fupload=f'{srcfile}', with_stats=True)
         r.check_stats(count=count, http_status=226)
         self.check_upload(env, vsftpds, docname=docname)
+        r.check_stats_timelines()
 
     def _rmf(self, path):
         if os.path.exists(path):
diff --git a/tests/http/test_32_ftps_vsftpd.py b/tests/http/test_32_ftps_vsftpd.py
index 46690a8435..7a849d3740 100644
--- a/tests/http/test_32_ftps_vsftpd.py
+++ b/tests/http/test_32_ftps_vsftpd.py
@@ -85,6 +85,7 @@ class TestFtpsVsFTPD:
         r.check_stats(count=1, http_status=226)
         lines = open(os.path.join(curl.run_dir, 'download_#1.data')).readlines()
         assert len(lines) == 4, f'list: {lines}'
+        r.check_stats_timelines()
 
     # download 1 file, no SSL
     @pytest.mark.parametrize("docname", [
@@ -98,6 +99,7 @@ class TestFtpsVsFTPD:
         r = curl.ftp_get(urls=[url], with_stats=True)
         r.check_stats(count=count, http_status=226)
         self.check_downloads(curl, srcfile, count)
+        r.check_stats_timelines()
 
     @pytest.mark.parametrize("docname", [
         'data-1k', 'data-1m', 'data-10m'
@@ -111,6 +113,7 @@ class TestFtpsVsFTPD:
         r.check_stats(count=count, http_status=226)
         self.check_downloads(curl, srcfile, count)
         assert r.total_connects == count + 1, 'should reuse the control conn'
+        r.check_stats_timelines()
 
     # 2 serial transfers, first with 'ftps://' and second with 'ftp://'
     # we want connection reuse in this case
@@ -123,6 +126,7 @@ class TestFtpsVsFTPD:
         r = curl.ftp_get(urls=[url1, url2], with_stats=True)
         r.check_stats(count=count, http_status=226)
         assert r.total_connects == count + 1, 'should reuse the control conn'
+        r.check_stats_timelines()
 
     @pytest.mark.parametrize("docname", [
         'data-1k', 'data-1m', 'data-10m'
@@ -138,6 +142,7 @@ class TestFtpsVsFTPD:
         r.check_stats(count=count, http_status=226)
         self.check_downloads(curl, srcfile, count)
         assert r.total_connects > count + 1, 'should have used several control conns'
+        r.check_stats_timelines()
 
     @pytest.mark.parametrize("docname", [
         'upload-1k', 'upload-100k', 'upload-1m'
@@ -152,6 +157,7 @@ class TestFtpsVsFTPD:
         r = curl.ftp_upload(urls=[url], fupload=f'{srcfile}', with_stats=True)
         r.check_stats(count=count, http_status=226)
         self.check_upload(env, vsftpds, docname=docname)
+        r.check_stats_timelines()
 
     def _rmf(self, path):
         if os.path.exists(path):
diff --git a/tests/http/testenv/curl.py b/tests/http/testenv/curl.py
index a92e4f681f..e486715fa7 100644
--- a/tests/http/testenv/curl.py
+++ b/tests/http/testenv/curl.py
@@ -493,6 +493,80 @@ class ExecResult:
                         f'status #{idx} remote_ip: expected {remote_ip}, '\
                         f'got {x["remote_ip"]}\n{self.dump_stat(x)}'
 
+    def check_stat_positive(self, s, idx, key):
+        assert key in s, f'stat #{idx} "{key}" missing: {s}'
+        assert s[key] > 0, f'stat #{idx} "{key}" not positive: {s}'
+
+    def check_stat_positive_or_0(self, s, idx, key):
+        assert key in s, f'stat #{idx} "{key}" missing: {s}'
+        assert s[key] >= 0, f'stat #{idx} "{key}" not positive: {s}'
+
+    def check_stat_zero(self, s, key):
+        assert key in s, f'stat "{key}" missing: {s}'
+        assert s[key] == 0, f'stat "{key}" not zero: {s}'
+
+    def check_stats_timelines(self):
+        for i in range(len(self._stats)):
+            self.check_stats_timeline(i)
+
+    def check_stats_timeline(self, idx):
+        # check timings reported on a transfer for consistency
+        s = self._stats[idx]
+
+        url = s['url_effective']
+        # connect time is sometimes reported as 0 by openssl-quic (sigh)
+        self.check_stat_positive_or_0(s, idx, 'time_connect')
+        # all stat keys which reporting timings
+        all_keys = {
+            'time_queue', 'time_namelookup',
+            'time_connect', 'time_appconnect',
+            'time_pretransfer', 'time_posttransfer',
+            'time_starttransfer', 'time_total',
+        }
+        # stat keys where we expect a positive value
+        ref_tl = []
+        exact_match = True
+        # redirects mess up the queue time, only count without
+        if s['time_redirect'] == 0:
+            ref_tl += ['time_queue']
+        else:
+            exact_match = False
+        # connect events?
+        if url.startswith('ftp'):
+            # ftp is messy with connect events for its DATA connection
+            exact_match = False
+        elif s['num_connects'] > 0:
+            ref_tl += ['time_namelookup', 'time_connect']
+            if url.startswith('https:'):
+                ref_tl += ['time_appconnect']
+        # what kind of transfer was it?
+        if s['size_upload'] == 0 and s['size_download'] > 0:
+            # this is a download
+            dl_tl = ['time_pretransfer', 'time_starttransfer']
+            if s['size_request'] > 0:
+                dl_tl = ['time_posttransfer'] + dl_tl
+            ref_tl += dl_tl
+        elif s['size_upload'] > 0 and s['size_download'] == 0:
+            # this is an upload
+            ul_tl = ['time_pretransfer', 'time_posttransfer']
+            ref_tl += ul_tl
+        else:
+            # could be a 0-length upload or 0-length download, not sure
+            exact_match = False
+        # always there at the end
+        ref_tl += ['time_total']
+
+        # assert all events in reference timeline are > 0
+        for key in ref_tl:
+            self.check_stat_positive(s, idx, key)
+        if exact_match:
+            # assert all events not in reference timeline are 0
+            for key in [key for key in all_keys if key not in ref_tl]:
+                self.check_stat_zero(s, key)
+        # calculate the timeline that did happen
+        seen_tl = sorted(ref_tl, key=lambda ts: s[ts])
+        assert seen_tl == ref_tl, f'{[f"{ts}: {s[ts]}" for ts in seen_tl]}'
+
     def dump_logs(self):
         lines = ['>>--stdout ----------------------------------------------\n']
         lines.extend(self._stdout)
diff --git a/tests/libtest/lib500.c b/tests/libtest/lib500.c
index ffb974f4f0..ff886a05ca 100644
--- a/tests/libtest/lib500.c
+++ b/tests/libtest/lib500.c
@@ -128,7 +128,10 @@ static CURLcode test_lib500(const char *URL)
                         (time_pretransfer / 1000000),
                         (long)(time_pretransfer % 1000000));
         }
-        if(time_pretransfer > time_posttransfer) {
+        if(time_posttransfer > time_pretransfer) {
+          /* counter-intuitive: on a GET request, all bytes are sent *before*
+           * PRETRANSFER happens. Thus POSTTRANSFER has to be smaller.
+           * The reverse would be true for a POST/PUT. */
           curl_mfprintf(moo, "pretransfer vs posttransfer: %"
                         CURL_FORMAT_CURL_OFF_T
                         ".%06ld %" CURL_FORMAT_CURL_OFF_T ".%06ld\n",

From 16b44f6a3ad13386a25dfc005794696a69f949b0 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Wed, 19 Nov 2025 11:54:36 +0100
Subject: [PATCH 0999/2408] multi: simplify admin handle processing

Fold the special connection pool shutdown handling in multi the things
the admin handle cares about. Add the admin handle to the 'process'
bitset, deduce it from the 'running' count.

The admin handle is the processed like any other transfer, but has a
special case in `multi_runsingle()`. Simplifies all other multi
processing parts.

Closes #19604
---
 lib/multi.c    | 82 ++++++++++++++++++++++----------------------------
 lib/multi_ev.c |  5 ++-
 lib/multi_ev.h |  3 +-
 3 files changed, 39 insertions(+), 51 deletions(-)

diff --git a/lib/multi.c b/lib/multi.c
index db04d64c23..5789861026 100644
--- a/lib/multi.c
+++ b/lib/multi.c
@@ -101,9 +101,9 @@ static void move_pending_to_connect(struct Curl_multi *multi,
 static CURLMcode add_next_timeout(struct curltime now,
                                   struct Curl_multi *multi,
                                   struct Curl_easy *d);
-static CURLMcode multi_timeout(struct Curl_multi *multi,
-                               struct curltime *expire_time,
-                               long *timeout_ms);
+static void multi_timeout(struct Curl_multi *multi,
+                          struct curltime *expire_time,
+                          long *timeout_ms);
 static void process_pending_handles(struct Curl_multi *multi);
 static void multi_xfer_bufs_free(struct Curl_multi *multi);
 #ifdef DEBUGBUILD
@@ -273,11 +273,13 @@ struct Curl_multi *Curl_multi_handle(unsigned int xfer_table_size,
   multi->admin->multi = multi;
   multi->admin->state.internal = TRUE;
   Curl_llist_init(&multi->admin->state.timeoutlist, NULL);
+
 #ifdef DEBUGBUILD
   if(getenv("CURL_DEBUG"))
     multi->admin->set.verbose = TRUE;
 #endif
   Curl_uint_tbl_add(&multi->xfers, multi->admin, &multi->admin->mid);
+  Curl_uint_bset_add(&multi->process, multi->admin->mid);
 
   if(Curl_cshutdn_init(&multi->cshutdn, multi))
     goto error;
@@ -413,7 +415,6 @@ static CURLMcode multi_xfers_add(struct Curl_multi *multi,
   return CURLM_OK;
 }
 
-
 CURLMcode curl_multi_add_handle(CURLM *m, CURL *d)
 {
   CURLMcode rc;
@@ -500,6 +501,7 @@ CURLMcode curl_multi_add_handle(CURLM *m, CURL *d)
 
   /* Make sure the new handle will run */
   Curl_multi_mark_dirty(data);
+
   /* Necessary in event based processing, where dirty handles trigger
    * a timeout callback invocation. */
   rc = Curl_update_timer(multi);
@@ -1441,7 +1443,7 @@ static CURLMcode multi_wait(struct Curl_multi *multi,
    * poll. Collecting the sockets may install new timers by protocols
    * and connection filters.
    * Use the shorter one of the internal and the caller requested timeout. */
-  (void)multi_timeout(multi, &expire_time, &timeout_internal);
+  multi_timeout(multi, &expire_time, &timeout_internal);
   if((timeout_internal >= 0) && (timeout_internal < (long)timeout_ms))
     timeout_ms = (int)timeout_internal;
 
@@ -1562,7 +1564,8 @@ static CURLMcode multi_wait(struct Curl_multi *multi,
     long sleep_ms = 0;
 
     /* Avoid busy-looping when there is nothing particular to wait for */
-    if(!curl_multi_timeout(multi, &sleep_ms) && sleep_ms) {
+    multi_timeout(multi, &expire_time, &sleep_ms);
+    if(sleep_ms) {
       if(sleep_ms > timeout_ms)
         sleep_ms = timeout_ms;
       /* when there are no easy handles in the multi, this holds a -1
@@ -2394,6 +2397,11 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi,
    * again during processing, triggering a re-run later. */
   Curl_uint_bset_remove(&multi->dirty, data->mid);
 
+  if(data == multi->admin) {
+    Curl_cshutdn_perform(&multi->cshutdn, multi->admin, CURL_SOCKET_TIMEOUT);
+    return CURLM_OK;
+  }
+
   do {
     /* A "stream" here is a logical stream if the protocol can handle that
        (HTTP/2), or the full connection for older protocols */
@@ -2810,19 +2818,13 @@ CURLMcode curl_multi_perform(CURLM *m, int *running_handles)
         Curl_uint_bset_remove(&multi->dirty, mid);
         continue;
       }
-      if(data != multi->admin) {
-        /* admin handle is processed below */
-        sigpipe_apply(data, &pipe_st);
-        result = multi_runsingle(multi, &now, data);
-        if(result)
-          returncode = result;
-      }
+      sigpipe_apply(data, &pipe_st);
+      result = multi_runsingle(multi, &now, data);
+      if(result)
+        returncode = result;
     }
     while(Curl_uint_bset_next(&multi->process, mid, &mid));
   }
-
-  sigpipe_apply(multi->admin, &pipe_st);
-  Curl_cshutdn_perform(&multi->cshutdn, multi->admin, CURL_SOCKET_TIMEOUT);
   sigpipe_restore(&pipe_st);
 
   if(multi_ischanged(m, TRUE))
@@ -3077,7 +3079,6 @@ struct multi_run_ctx {
   struct curltime now;
   size_t run_xfers;
   SIGPIPE_MEMBER(pipe_st);
-  bool run_cpool;
 };
 
 static void multi_mark_expired_as_dirty(struct multi_run_ctx *mrc)
@@ -3127,12 +3128,7 @@ static CURLMcode multi_run_dirty(struct multi_run_ctx *mrc)
       if(data) {
         CURL_TRC_M(data, "multi_run_dirty");
 
-        if(data == multi->admin) {
-          Curl_uint_bset_remove(&multi->dirty, mid);
-          mrc->run_cpool = TRUE;
-          continue;
-        }
-        else if(!Curl_uint_bset_contains(&multi->process, mid)) {
+        if(!Curl_uint_bset_contains(&multi->process, mid)) {
           /* We are no longer processing this transfer */
           Curl_uint_bset_remove(&multi->dirty, mid);
           continue;
@@ -3185,13 +3181,12 @@ static CURLMcode multi_socket(struct Curl_multi *multi,
       /* Reassess event status of all active transfers */
       result = Curl_multi_ev_assess_xfer_bset(multi, &multi->process);
     }
-    mrc.run_cpool = TRUE;
     goto out;
   }
 
   if(s != CURL_SOCKET_TIMEOUT) {
     /* Mark all transfers of that socket as dirty */
-    Curl_multi_ev_dirty_xfers(multi, s, &mrc.run_cpool);
+    Curl_multi_ev_dirty_xfers(multi, s);
   }
   else {
     /* Asked to run due to time-out. Clear the 'last_expire_ts' variable to
@@ -3200,7 +3195,6 @@ static CURLMcode multi_socket(struct Curl_multi *multi,
        handles the case when the application asks libcurl to run the timeout
        prematurely. */
     memset(&multi->last_expire_ts, 0, sizeof(multi->last_expire_ts));
-    mrc.run_cpool = TRUE;
   }
 
   multi_mark_expired_as_dirty(&mrc);
@@ -3220,10 +3214,6 @@ static CURLMcode multi_socket(struct Curl_multi *multi,
   }
 
 out:
-  if(mrc.run_cpool) {
-    sigpipe_apply(multi->admin, &mrc.pipe_st);
-    Curl_cshutdn_perform(&multi->cshutdn, multi->admin, s);
-  }
   sigpipe_restore(&mrc.pipe_st);
 
   if(multi_ischanged(multi, TRUE))
@@ -3394,9 +3384,9 @@ static bool multi_has_dirties(struct Curl_multi *multi)
   return FALSE;
 }
 
-static CURLMcode multi_timeout(struct Curl_multi *multi,
-                               struct curltime *expire_time,
-                               long *timeout_ms)
+static void multi_timeout(struct Curl_multi *multi,
+                          struct curltime *expire_time,
+                          long *timeout_ms)
 {
   static const struct curltime tv_zero = {0, 0};
 #ifndef CURL_DISABLE_VERBOSE_STRINGS
@@ -3405,13 +3395,13 @@ static CURLMcode multi_timeout(struct Curl_multi *multi,
 
   if(multi->dead) {
     *timeout_ms = 0;
-    return CURLM_OK;
+    return;
   }
 
   if(multi_has_dirties(multi)) {
     *expire_time = curlx_now();
     *timeout_ms = 0;
-    return CURLM_OK;
+    return;
   }
   else if(multi->timetree) {
     /* we have a tree of expire times */
@@ -3462,8 +3452,6 @@ static CURLMcode multi_timeout(struct Curl_multi *multi,
     }
   }
 #endif
-
-  return CURLM_OK;
 }
 
 CURLMcode curl_multi_timeout(CURLM *m,
@@ -3479,7 +3467,8 @@ CURLMcode curl_multi_timeout(CURLM *m,
   if(multi->in_callback)
     return CURLM_RECURSIVE_API_CALL;
 
-  return multi_timeout(multi, &expire_time, timeout_ms);
+  multi_timeout(multi, &expire_time, timeout_ms);
+  return CURLM_OK;
 }
 
 /*
@@ -3495,9 +3484,7 @@ CURLMcode Curl_update_timer(struct Curl_multi *multi)
 
   if(!multi->timer_cb || multi->dead)
     return CURLM_OK;
-  if(multi_timeout(multi, &expire_ts, &timeout_ms)) {
-    return CURLM_OK;
-  }
+  multi_timeout(multi, &expire_ts, &timeout_ms);
 
   if(timeout_ms < 0 && multi->last_timeout_ms < 0) {
     /* nothing to do */
@@ -3836,6 +3823,7 @@ CURLMcode curl_multi_get_offt(CURLM *m,
                               curl_off_t *pvalue)
 {
   struct Curl_multi *multi = m;
+  unsigned int n;
 
   if(!GOOD_MULTI_HANDLE(multi))
     return CURLM_BAD_HANDLE;
@@ -3843,15 +3831,17 @@ CURLMcode curl_multi_get_offt(CURLM *m,
     return CURLM_BAD_FUNCTION_ARGUMENT;
 
   switch(info) {
-  case CURLMINFO_XFERS_CURRENT: {
-    unsigned int n = Curl_uint_tbl_count(&multi->xfers);
+  case CURLMINFO_XFERS_CURRENT:
+    n = Curl_uint_tbl_count(&multi->xfers);
     if(n && multi->admin)
       --n;
     *pvalue = (curl_off_t)n;
     return CURLM_OK;
-  }
   case CURLMINFO_XFERS_RUNNING:
-    *pvalue = (curl_off_t)Curl_uint_bset_count(&multi->process);
+    n = Curl_uint_bset_count(&multi->process);
+    if(n && Curl_uint_bset_contains(&multi->process, multi->admin->mid))
+      --n;
+    *pvalue = (curl_off_t)n;
     return CURLM_OK;
   case CURLMINFO_XFERS_PENDING:
     *pvalue = (curl_off_t)Curl_uint_bset_count(&multi->pending);
@@ -4037,7 +4027,7 @@ static void multi_xfer_bufs_free(struct Curl_multi *multi)
 struct Curl_easy *Curl_multi_get_easy(struct Curl_multi *multi,
                                       unsigned int mid)
 {
-  struct Curl_easy *data = mid ? Curl_uint_tbl_get(&multi->xfers, mid) : NULL;
+  struct Curl_easy *data = Curl_uint_tbl_get(&multi->xfers, mid);
   if(data && GOOD_EASY_HANDLE(data))
     return data;
   CURL_TRC_M(multi->admin, "invalid easy handle in xfer table for mid=%u",
diff --git a/lib/multi_ev.c b/lib/multi_ev.c
index 098f8da643..086b037527 100644
--- a/lib/multi_ev.c
+++ b/lib/multi_ev.c
@@ -574,8 +574,7 @@ CURLMcode Curl_multi_ev_assign(struct Curl_multi *multi,
 }
 
 void Curl_multi_ev_dirty_xfers(struct Curl_multi *multi,
-                               curl_socket_t s,
-                               bool *run_cpool)
+                               curl_socket_t s)
 {
   struct mev_sh_entry *entry;
 
@@ -606,7 +605,7 @@ void Curl_multi_ev_dirty_xfers(struct Curl_multi *multi,
     }
 
     if(entry->conn)
-      *run_cpool = TRUE;
+      Curl_multi_mark_dirty(multi->admin);
   }
 }
 
diff --git a/lib/multi_ev.h b/lib/multi_ev.h
index 20c1aeac81..34548c3232 100644
--- a/lib/multi_ev.h
+++ b/lib/multi_ev.h
@@ -63,8 +63,7 @@ CURLMcode Curl_multi_ev_assess_conn(struct Curl_multi *multi,
 
 /* Mark all transfers tied to the given socket as dirty */
 void Curl_multi_ev_dirty_xfers(struct Curl_multi *multi,
-                               curl_socket_t s,
-                               bool *run_cpool);
+                               curl_socket_t s);
 
 /* Socket will be closed, forget anything we know about it. */
 void Curl_multi_ev_socket_done(struct Curl_multi *multi,

From 7e5f379d71b60f35f2a6b24e4bd5cf1935400c13 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Tue, 25 Nov 2025 10:24:14 +0100
Subject: [PATCH 1000/2408] bufq: use uint8_t

instead of unsigned char

Closes #19690
---
 lib/bufq.c | 30 +++++++++++++++---------------
 lib/bufq.h | 16 ++++++++--------
 2 files changed, 23 insertions(+), 23 deletions(-)

diff --git a/lib/bufq.c b/lib/bufq.c
index e429ccf8e3..d38b78c6d5 100644
--- a/lib/bufq.c
+++ b/lib/bufq.c
@@ -51,9 +51,9 @@ static void chunk_reset(struct buf_chunk *chunk)
 }
 
 static size_t chunk_append(struct buf_chunk *chunk,
-                           const unsigned char *buf, size_t len)
+                           const uint8_t *buf, size_t len)
 {
-  unsigned char *p = &chunk->x.data[chunk->w_offset];
+  uint8_t *p = &chunk->x.data[chunk->w_offset];
   size_t n = chunk->dlen - chunk->w_offset;
   DEBUGASSERT(chunk->dlen >= chunk->w_offset);
   if(n) {
@@ -65,9 +65,9 @@ static size_t chunk_append(struct buf_chunk *chunk,
 }
 
 static size_t chunk_read(struct buf_chunk *chunk,
-                         unsigned char *buf, size_t len)
+                         uint8_t *buf, size_t len)
 {
-  unsigned char *p = &chunk->x.data[chunk->r_offset];
+  uint8_t *p = &chunk->x.data[chunk->r_offset];
   size_t n = chunk->w_offset - chunk->r_offset;
   DEBUGASSERT(chunk->w_offset >= chunk->r_offset);
   if(!n) {
@@ -89,7 +89,7 @@ static CURLcode chunk_slurpn(struct buf_chunk *chunk, size_t max_len,
                              Curl_bufq_reader *reader,
                              void *reader_ctx, size_t *pnread)
 {
-  unsigned char *p = &chunk->x.data[chunk->w_offset];
+  uint8_t *p = &chunk->x.data[chunk->w_offset];
   size_t n = chunk->dlen - chunk->w_offset; /* free amount */
   CURLcode result;
 
@@ -108,7 +108,7 @@ static CURLcode chunk_slurpn(struct buf_chunk *chunk, size_t max_len,
 }
 
 static void chunk_peek(const struct buf_chunk *chunk,
-                       const unsigned char **pbuf, size_t *plen)
+                       const uint8_t **pbuf, size_t *plen)
 {
   DEBUGASSERT(chunk->w_offset >= chunk->r_offset);
   *pbuf = &chunk->x.data[chunk->r_offset];
@@ -116,7 +116,7 @@ static void chunk_peek(const struct buf_chunk *chunk,
 }
 
 static void chunk_peek_at(const struct buf_chunk *chunk, size_t offset,
-                          const unsigned char **pbuf, size_t *plen)
+                          const uint8_t **pbuf, size_t *plen)
 {
   offset += chunk->r_offset;
   DEBUGASSERT(chunk->w_offset >= offset);
@@ -370,7 +370,7 @@ static struct buf_chunk *get_non_full_tail(struct bufq *q)
 }
 
 CURLcode Curl_bufq_write(struct bufq *q,
-                         const unsigned char *buf, size_t len,
+                         const uint8_t *buf, size_t len,
                          size_t *pnwritten)
 {
   struct buf_chunk *tail;
@@ -400,10 +400,10 @@ CURLcode Curl_bufq_cwrite(struct bufq *q,
                           const char *buf, size_t len,
                           size_t *pnwritten)
 {
-  return Curl_bufq_write(q, (const unsigned char *)buf, len, pnwritten);
+  return Curl_bufq_write(q, (const uint8_t *)buf, len, pnwritten);
 }
 
-CURLcode Curl_bufq_read(struct bufq *q, unsigned char *buf, size_t len,
+CURLcode Curl_bufq_read(struct bufq *q, uint8_t *buf, size_t len,
                         size_t *pnread)
 {
   *pnread = 0;
@@ -422,11 +422,11 @@ CURLcode Curl_bufq_read(struct bufq *q, unsigned char *buf, size_t len,
 CURLcode Curl_bufq_cread(struct bufq *q, char *buf, size_t len,
                          size_t *pnread)
 {
-  return Curl_bufq_read(q, (unsigned char *)buf, len, pnread);
+  return Curl_bufq_read(q, (uint8_t *)buf, len, pnread);
 }
 
 bool Curl_bufq_peek(struct bufq *q,
-                    const unsigned char **pbuf, size_t *plen)
+                    const uint8_t **pbuf, size_t *plen)
 {
   if(q->head && chunk_is_empty(q->head)) {
     prune_head(q);
@@ -441,7 +441,7 @@ bool Curl_bufq_peek(struct bufq *q,
 }
 
 bool Curl_bufq_peek_at(struct bufq *q, size_t offset,
-                       const unsigned char **pbuf, size_t *plen)
+                       const uint8_t **pbuf, size_t *plen)
 {
   struct buf_chunk *c = q->head;
   size_t clen;
@@ -477,7 +477,7 @@ void Curl_bufq_skip(struct bufq *q, size_t amount)
 CURLcode Curl_bufq_pass(struct bufq *q, Curl_bufq_writer *writer,
                         void *writer_ctx, size_t *pwritten)
 {
-  const unsigned char *buf;
+  const uint8_t *buf;
   size_t blen;
   CURLcode result = CURLE_OK;
 
@@ -507,7 +507,7 @@ CURLcode Curl_bufq_pass(struct bufq *q, Curl_bufq_writer *writer,
 }
 
 CURLcode Curl_bufq_write_pass(struct bufq *q,
-                              const unsigned char *buf, size_t len,
+                              const uint8_t *buf, size_t len,
                               Curl_bufq_writer *writer, void *writer_ctx,
                               size_t *pwritten)
 {
diff --git a/lib/bufq.h b/lib/bufq.h
index ad8e6435fa..9557e5d33b 100644
--- a/lib/bufq.h
+++ b/lib/bufq.h
@@ -38,7 +38,7 @@ struct buf_chunk {
   size_t r_offset;         /* first unread bytes */
   size_t w_offset;         /* one after last written byte */
   union {
-    unsigned char data[1]; /* the buffer for `dlen` bytes */
+    uint8_t data[1]; /* the buffer for `dlen` bytes */
     void *dummy;           /* alignment */
   } x;
 };
@@ -166,7 +166,7 @@ bool Curl_bufq_is_full(const struct bufq *q);
  * CURLE_AGAIN is returned if the buffer queue is full.
  */
 CURLcode Curl_bufq_write(struct bufq *q,
-                         const unsigned char *buf, size_t len,
+                         const uint8_t *buf, size_t len,
                          size_t *pnwritten);
 
 CURLcode Curl_bufq_cwrite(struct bufq *q,
@@ -177,7 +177,7 @@ CURLcode Curl_bufq_cwrite(struct bufq *q,
  * Read buf from the start of the buffer queue. The buf is copied
  * and the amount of copied bytes is returned.
  */
-CURLcode Curl_bufq_read(struct bufq *q, unsigned char *buf, size_t len,
+CURLcode Curl_bufq_read(struct bufq *q, uint8_t *buf, size_t len,
                         size_t *pnread);
 
 CURLcode Curl_bufq_cread(struct bufq *q, char *buf, size_t len,
@@ -193,10 +193,10 @@ CURLcode Curl_bufq_cread(struct bufq *q, char *buf, size_t len,
  * is modified, see `Curl_bufq_skip()``
  */
 bool Curl_bufq_peek(struct bufq *q,
-                    const unsigned char **pbuf, size_t *plen);
+                    const uint8_t **pbuf, size_t *plen);
 
 bool Curl_bufq_peek_at(struct bufq *q, size_t offset,
-                       const unsigned char **pbuf, size_t *plen);
+                       const uint8_t **pbuf, size_t *plen);
 
 /**
  * Tell the buffer queue to discard `amount` buf bytes at the head
@@ -206,7 +206,7 @@ bool Curl_bufq_peek_at(struct bufq *q, size_t offset,
 void Curl_bufq_skip(struct bufq *q, size_t amount);
 
 typedef CURLcode Curl_bufq_writer(void *writer_ctx,
-                                  const unsigned char *buf, size_t len,
+                                  const uint8_t *buf, size_t len,
                                   size_t *pwritten);
 /**
  * Passes the chunks in the buffer queue to the writer and returns
@@ -221,7 +221,7 @@ CURLcode Curl_bufq_pass(struct bufq *q, Curl_bufq_writer *writer,
                         void *writer_ctx, size_t *pwritten);
 
 typedef CURLcode Curl_bufq_reader(void *reader_ctx,
-                                  unsigned char *buf, size_t len,
+                                  uint8_t *buf, size_t len,
                                   size_t *pnread);
 
 /**
@@ -253,7 +253,7 @@ CURLcode Curl_bufq_sipn(struct bufq *q, size_t max_len,
  * amount buffered, chunk size, etc.
  */
 CURLcode Curl_bufq_write_pass(struct bufq *q,
-                              const unsigned char *buf, size_t len,
+                              const uint8_t *buf, size_t len,
                               Curl_bufq_writer *writer, void *writer_ctx,
                               size_t *pwritten);
 

From 0f6ad5ab7d040bf1b9dcc16d12430209079378a6 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Tue, 25 Nov 2025 13:03:04 +0100
Subject: [PATCH 1001/2408] ngtcp2: use stdint types

Use int64_t and uint64_t directly without needing to cast to
curl_int64_t and curl_uint64_t.

Closes #19696
---
 lib/vquic/curl_ngtcp2.c | 138 ++++++++++++++++++----------------------
 1 file changed, 63 insertions(+), 75 deletions(-)

diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c
index f63162b344..d643928784 100644
--- a/lib/vquic/curl_ngtcp2.c
+++ b/lib/vquic/curl_ngtcp2.c
@@ -215,10 +215,10 @@ static void cf_ngtcp2_setup_keep_alive(struct Curl_cfilter *cf,
     ngtcp2_duration keep_ns;
     keep_ns = (rp->max_idle_timeout > 1) ? (rp->max_idle_timeout / 2) : 1;
     ngtcp2_conn_set_keep_alive_timeout(ctx->qconn, keep_ns);
-    CURL_TRC_CF(data, cf, "peer idle timeout is %" FMT_PRIu64 "ms, "
-                "set keep-alive to %" FMT_PRIu64 " ms.",
-                (curl_uint64_t)(rp->max_idle_timeout / NGTCP2_MILLISECONDS),
-                (curl_uint64_t)(keep_ns / NGTCP2_MILLISECONDS));
+    CURL_TRC_CF(data, cf, "peer idle timeout is %" PRIu64 "ms, "
+                "set keep-alive to %" PRIu64 " ms.",
+                (rp->max_idle_timeout / NGTCP2_MILLISECONDS),
+                (keep_ns / NGTCP2_MILLISECONDS));
   }
 }
 
@@ -235,11 +235,11 @@ static CURLcode cf_progress_egress(struct Curl_cfilter *cf,
  * All about the H3 internals of a stream
  */
 struct h3_stream_ctx {
-  curl_int64_t id; /* HTTP/3 protocol identifier */
+  int64_t id; /* HTTP/3 protocol identifier */
   struct bufq sendbuf;   /* h3 request body */
   struct h1_req_parser h1; /* h1 request parsing */
   size_t sendbuf_len_in_flight; /* sendbuf amount "in flight" */
-  curl_uint64_t error3; /* HTTP/3 stream error code */
+  uint64_t error3; /* HTTP/3 stream error code */
   curl_off_t upload_left; /* number of request bytes left to upload */
   uint64_t download_unacked; /* bytes not acknowledged yet */
   int status_code; /* HTTP status code */
@@ -301,7 +301,7 @@ static CURLcode h3_data_setup(struct Curl_cfilter *cf,
 
 #if NGTCP2_VERSION_NUM < 0x011100
 struct cf_ngtcp2_sfind_ctx {
-  curl_int64_t stream_id;
+  int64_t stream_id;
   struct h3_stream_ctx *stream;
   unsigned int mid;
 };
@@ -320,7 +320,7 @@ static bool cf_ngtcp2_sfind(unsigned int mid, void *value, void *user_data)
 }
 
 static struct h3_stream_ctx *
-cf_ngtcp2_get_stream(struct cf_ngtcp2_ctx *ctx, curl_int64_t stream_id)
+cf_ngtcp2_get_stream(struct cf_ngtcp2_ctx *ctx, int64_t stream_id)
 {
   struct cf_ngtcp2_sfind_ctx fctx;
   fctx.stream_id = stream_id;
@@ -330,7 +330,7 @@ cf_ngtcp2_get_stream(struct cf_ngtcp2_ctx *ctx, curl_int64_t stream_id)
 }
 #else
 static struct h3_stream_ctx *cf_ngtcp2_get_stream(struct cf_ngtcp2_ctx *ctx,
-                                                  curl_int64_t stream_id)
+                                                  int64_t stream_id)
 {
   struct Curl_easy *data =
     ngtcp2_conn_get_stream_user_data(ctx->qconn, stream_id);
@@ -360,7 +360,7 @@ static void cf_ngtcp2_stream_close(struct Curl_cfilter *cf,
                                       NGHTTP3_H3_REQUEST_CANCELLED);
     result = cf_progress_egress(cf, data, NULL);
     if(result)
-      CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] cancel stream -> %d",
+      CURL_TRC_CF(data, cf, "[%" PRId64 "] cancel stream -> %d",
                   stream->id, result);
   }
 }
@@ -371,7 +371,7 @@ static void h3_data_done(struct Curl_cfilter *cf, struct Curl_easy *data)
   struct h3_stream_ctx *stream = H3_STREAM_CTX(ctx, data);
   (void)cf;
   if(stream) {
-    CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] easy handle is done",
+    CURL_TRC_CF(data, cf, "[%" PRId64 "] easy handle is done",
                 stream->id);
     cf_ngtcp2_stream_close(cf, data, stream);
     Curl_uint_hash_remove(&ctx->streams, data->mid);
@@ -518,12 +518,11 @@ static int cf_ngtcp2_handshake_completed(ngtcp2_conn *tconn, void *user_data)
     const ngtcp2_transport_params *rp;
     rp = ngtcp2_conn_get_remote_transport_params(ctx->qconn);
     CURL_TRC_CF(data, cf, "handshake complete after %" FMT_TIMEDIFF_T
-                "ms, remote transport[max_udp_payload=%" FMT_PRIu64
-                ", initial_max_data=%" FMT_PRIu64
+                "ms, remote transport[max_udp_payload=%" PRIu64
+                ", initial_max_data=%" PRIu64
                 "]",
                curlx_timediff_ms(ctx->handshake_at, ctx->started_at),
-               (curl_uint64_t)rp->max_udp_payload_size,
-               (curl_uint64_t)rp->initial_max_data);
+               rp->max_udp_payload_size, rp->initial_max_data);
   }
 #endif
 
@@ -607,13 +606,12 @@ static void cf_ngtcp2_h3_err_set(struct Curl_cfilter *cf,
 }
 
 static int cb_recv_stream_data(ngtcp2_conn *tconn, uint32_t flags,
-                               int64_t sid, uint64_t offset,
+                               int64_t stream_id, uint64_t offset,
                                const uint8_t *buf, size_t buflen,
                                void *user_data, void *stream_user_data)
 {
   struct Curl_cfilter *cf = user_data;
   struct cf_ngtcp2_ctx *ctx = cf->ctx;
-  curl_int64_t stream_id = (curl_int64_t)sid;
   nghttp3_ssize nconsumed;
   int fin = (flags & NGTCP2_STREAM_DATA_FLAG_FIN) ? 1 : 0;
   struct Curl_easy *data = stream_user_data;
@@ -625,12 +623,12 @@ static int cb_recv_stream_data(ngtcp2_conn *tconn, uint32_t flags,
   if(!data)
     data = CF_DATA_CURRENT(cf);
   if(data)
-    CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] read_stream(len=%zu) -> %zd",
+    CURL_TRC_CF(data, cf, "[%" PRId64 "] read_stream(len=%zu) -> %zd",
                 stream_id, buflen, nconsumed);
   if(nconsumed < 0) {
     struct h3_stream_ctx *stream = H3_STREAM_CTX(ctx, data);
     if(data && stream) {
-      CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] error on known stream, "
+      CURL_TRC_CF(data, cf, "[%" PRId64 "] error on known stream, "
                   "reset=%d, closed=%d",
                   stream_id, stream->reset, stream->closed);
     }
@@ -669,13 +667,12 @@ cb_acked_stream_data_offset(ngtcp2_conn *tconn, int64_t stream_id,
 }
 
 static int cb_stream_close(ngtcp2_conn *tconn, uint32_t flags,
-                           int64_t sid, uint64_t app_error_code,
+                           int64_t stream_id, uint64_t app_error_code,
                            void *user_data, void *stream_user_data)
 {
   struct Curl_cfilter *cf = user_data;
   struct cf_ngtcp2_ctx *ctx = cf->ctx;
   struct Curl_easy *data = stream_user_data;
-  curl_int64_t stream_id = (curl_int64_t)sid;
   int rv;
 
   (void)tconn;
@@ -690,9 +687,8 @@ static int cb_stream_close(ngtcp2_conn *tconn, uint32_t flags,
   }
 
   rv = nghttp3_conn_close_stream(ctx->h3conn, stream_id, app_error_code);
-  CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] quic close(app_error=%"
-              FMT_PRIu64 ") -> %d", stream_id, (curl_uint64_t)app_error_code,
-              rv);
+  CURL_TRC_CF(data, cf, "[%" PRId64 "] quic close(app_error=%"
+              PRIu64 ") -> %d", stream_id, app_error_code, rv);
   if(rv && rv != NGHTTP3_ERR_STREAM_NOT_FOUND) {
     cf_ngtcp2_h3_err_set(cf, data, rv);
     return NGTCP2_ERR_CALLBACK_FAILURE;
@@ -701,13 +697,12 @@ static int cb_stream_close(ngtcp2_conn *tconn, uint32_t flags,
   return 0;
 }
 
-static int cb_stream_reset(ngtcp2_conn *tconn, int64_t sid,
+static int cb_stream_reset(ngtcp2_conn *tconn, int64_t stream_id,
                            uint64_t final_size, uint64_t app_error_code,
                            void *user_data, void *stream_user_data)
 {
   struct Curl_cfilter *cf = user_data;
   struct cf_ngtcp2_ctx *ctx = cf->ctx;
-  curl_int64_t stream_id = (curl_int64_t)sid;
   struct Curl_easy *data = stream_user_data;
   int rv;
   (void)tconn;
@@ -716,7 +711,7 @@ static int cb_stream_reset(ngtcp2_conn *tconn, int64_t sid,
   (void)data;
 
   rv = nghttp3_conn_shutdown_stream_read(ctx->h3conn, stream_id);
-  CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] reset -> %d", stream_id, rv);
+  CURL_TRC_CF(data, cf, "[%" PRId64 "] reset -> %d", stream_id, rv);
   if(rv && rv != NGHTTP3_ERR_STREAM_NOT_FOUND) {
     return NGTCP2_ERR_CALLBACK_FAILURE;
   }
@@ -754,9 +749,8 @@ static int cb_extend_max_local_streams_bidi(ngtcp2_conn *tconn,
   (void)tconn;
   ctx->max_bidi_streams = max_streams;
   if(data)
-    CURL_TRC_CF(data, cf, "max bidi streams now %" FMT_PRIu64
-                ", used %" FMT_PRIu64, (curl_uint64_t)ctx->max_bidi_streams,
-                (curl_uint64_t)ctx->used_bidi_streams);
+    CURL_TRC_CF(data, cf, "max bidi streams now %" PRIu64 ", used %" PRIu64,
+                ctx->max_bidi_streams, ctx->used_bidi_streams);
   return 0;
 }
 
@@ -778,8 +772,7 @@ static int cb_extend_max_stream_data(ngtcp2_conn *tconn, int64_t stream_id,
   }
   stream = H3_STREAM_CTX(ctx, s_data);
   if(stream && stream->quic_flow_blocked) {
-    CURL_TRC_CF(s_data, cf, "[%" FMT_PRId64 "] unblock quic flow",
-                (curl_int64_t)stream_id);
+    CURL_TRC_CF(s_data, cf, "[%" PRId64 "] unblock quic flow", stream_id);
     stream->quic_flow_blocked = FALSE;
     Curl_multi_mark_dirty(s_data);
   }
@@ -986,14 +979,13 @@ static CURLcode cf_ngtcp2_adjust_pollset(struct Curl_cfilter *cf,
   return result;
 }
 
-static int cb_h3_stream_close(nghttp3_conn *conn, int64_t sid,
+static int cb_h3_stream_close(nghttp3_conn *conn, int64_t stream_id,
                               uint64_t app_error_code, void *user_data,
                               void *stream_user_data)
 {
   struct Curl_cfilter *cf = user_data;
   struct cf_ngtcp2_ctx *ctx = cf->ctx;
   struct Curl_easy *data = stream_user_data;
-  curl_int64_t stream_id = (curl_int64_t)sid;
   struct h3_stream_ctx *stream = H3_STREAM_CTX(ctx, data);
   (void)conn;
   (void)stream_id;
@@ -1003,15 +995,15 @@ static int cb_h3_stream_close(nghttp3_conn *conn, int64_t sid,
     return 0;
 
   stream->closed = TRUE;
-  stream->error3 = (curl_uint64_t)app_error_code;
+  stream->error3 = app_error_code;
   if(stream->error3 != NGHTTP3_H3_NO_ERROR) {
     stream->reset = TRUE;
     stream->send_closed = TRUE;
-    CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] RESET: error %" FMT_PRIu64,
+    CURL_TRC_CF(data, cf, "[%" PRId64 "] RESET: error %" PRIu64,
                 stream->id, stream->error3);
   }
   else {
-    CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] CLOSED", stream->id);
+    CURL_TRC_CF(data, cf, "[%" PRId64 "] CLOSED", stream->id);
   }
   Curl_multi_mark_dirty(data);
   return 0;
@@ -1031,7 +1023,7 @@ static void h3_xfer_write_resp_hd(struct Curl_cfilter *cf,
   if(!stream->xfer_result) {
     stream->xfer_result = Curl_xfer_write_resp_hd(data, buf, blen, eos);
     if(stream->xfer_result)
-      CURL_TRC_CF(data, cf, "[%"FMT_PRId64"] error %d writing %zu "
+      CURL_TRC_CF(data, cf, "[%" PRId64 "] error %d writing %zu "
                   "bytes of headers", stream->id, stream->xfer_result, blen);
   }
 }
@@ -1051,8 +1043,8 @@ static void h3_xfer_write_resp(struct Curl_cfilter *cf,
     stream->xfer_result = Curl_xfer_write_resp(data, buf, blen, eos);
     /* If the transfer write is errored, we do not want any more data */
     if(stream->xfer_result) {
-      CURL_TRC_CF(data, cf, "[%"FMT_PRId64"] error %d writing %zu bytes "
-                  "of data", stream->id, stream->xfer_result, blen);
+      CURL_TRC_CF(data, cf, "[%" PRId64 "] error %d writing %zu bytes of data",
+                  stream->id, stream->xfer_result, blen);
     }
   }
 }
@@ -1078,7 +1070,7 @@ static void cf_ngtcp2_ack_stream(struct Curl_cfilter *cf,
   }
 
   if(ack_len) {
-    CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] ACK %" PRIu64
+    CURL_TRC_CF(data, cf, "[%" PRId64 "] ACK %" PRIu64
                 "/%" PRIu64 " bytes of DATA", stream->id,
                 ack_len, stream->download_unacked);
     ngtcp2_conn_extend_max_stream_offset(ctx->qconn, stream->id, ack_len);
@@ -1102,7 +1094,7 @@ static int cb_h3_recv_data(nghttp3_conn *conn, int64_t stream3_id,
     return NGHTTP3_ERR_CALLBACK_FAILURE;
 
   h3_xfer_write_resp(cf, data, stream, (const char *)buf, blen, FALSE);
-  CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] DATA len=%zu", stream->id, blen);
+  CURL_TRC_CF(data, cf, "[%" PRId64 "] DATA len=%zu", stream->id, blen);
 
   ngtcp2_conn_extend_max_offset(ctx->qconn, blen);
   if(UINT64_MAX - blen < stream->download_unacked)
@@ -1130,13 +1122,12 @@ static int cb_h3_deferred_consume(nghttp3_conn *conn, int64_t stream3_id,
   return 0;
 }
 
-static int cb_h3_end_headers(nghttp3_conn *conn, int64_t sid,
+static int cb_h3_end_headers(nghttp3_conn *conn, int64_t stream_id,
                              int fin, void *user_data, void *stream_user_data)
 {
   struct Curl_cfilter *cf = user_data;
   struct cf_ngtcp2_ctx *ctx = cf->ctx;
   struct Curl_easy *data = stream_user_data;
-  curl_int64_t stream_id = (curl_int64_t)sid;
   struct h3_stream_ctx *stream = H3_STREAM_CTX(ctx, data);
   (void)conn;
   (void)stream_id;
@@ -1148,7 +1139,7 @@ static int cb_h3_end_headers(nghttp3_conn *conn, int64_t sid,
   /* add a CRLF only if we have received some headers */
   h3_xfer_write_resp_hd(cf, data, stream, STRCONST("\r\n"), stream->closed);
 
-  CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] end_headers, status=%d",
+  CURL_TRC_CF(data, cf, "[%" PRId64 "] end_headers, status=%d",
               stream_id, stream->status_code);
   if(stream->status_code / 100 != 1) {
     stream->resp_hds_complete = TRUE;
@@ -1157,14 +1148,13 @@ static int cb_h3_end_headers(nghttp3_conn *conn, int64_t sid,
   return 0;
 }
 
-static int cb_h3_recv_header(nghttp3_conn *conn, int64_t sid,
+static int cb_h3_recv_header(nghttp3_conn *conn, int64_t stream_id,
                              int32_t token, nghttp3_rcbuf *name,
                              nghttp3_rcbuf *value, uint8_t flags,
                              void *user_data, void *stream_user_data)
 {
   struct Curl_cfilter *cf = user_data;
   struct cf_ngtcp2_ctx *ctx = cf->ctx;
-  curl_int64_t stream_id = (curl_int64_t)sid;
   nghttp3_vec h3name = nghttp3_rcbuf_get_buf(name);
   nghttp3_vec h3val = nghttp3_rcbuf_get_buf(value);
   struct Curl_easy *data = stream_user_data;
@@ -1196,7 +1186,7 @@ static int cb_h3_recv_header(nghttp3_conn *conn, int64_t sid,
     if(!result)
       h3_xfer_write_resp_hd(cf, data, stream, curlx_dyn_ptr(&ctx->scratch),
                             curlx_dyn_len(&ctx->scratch), FALSE);
-    CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] status: %s",
+    CURL_TRC_CF(data, cf, "[%" PRId64 "] status: %s",
                 stream_id, curlx_dyn_ptr(&ctx->scratch));
     if(result) {
       return NGHTTP3_ERR_CALLBACK_FAILURE;
@@ -1204,7 +1194,7 @@ static int cb_h3_recv_header(nghttp3_conn *conn, int64_t sid,
   }
   else {
     /* store as an HTTP1-style header */
-    CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] header: %.*s: %.*s",
+    CURL_TRC_CF(data, cf, "[%" PRId64 "] header: %.*s: %.*s",
                 stream_id, (int)h3name.len, h3name.base,
                 (int)h3val.len, h3val.base);
     curlx_dyn_reset(&ctx->scratch);
@@ -1243,13 +1233,12 @@ static int cb_h3_stop_sending(nghttp3_conn *conn, int64_t stream_id,
   return 0;
 }
 
-static int cb_h3_reset_stream(nghttp3_conn *conn, int64_t sid,
+static int cb_h3_reset_stream(nghttp3_conn *conn, int64_t stream_id,
                               uint64_t app_error_code, void *user_data,
                               void *stream_user_data)
 {
   struct Curl_cfilter *cf = user_data;
   struct cf_ngtcp2_ctx *ctx = cf->ctx;
-  curl_int64_t stream_id = (curl_int64_t)sid;
   struct Curl_easy *data = stream_user_data;
   int rv;
   (void)conn;
@@ -1257,7 +1246,7 @@ static int cb_h3_reset_stream(nghttp3_conn *conn, int64_t sid,
 
   rv = ngtcp2_conn_shutdown_stream_write(ctx->qconn, 0, stream_id,
                                          app_error_code);
-  CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] reset -> %d", stream_id, rv);
+  CURL_TRC_CF(data, cf, "[%" PRId64 "] reset -> %d", stream_id, rv);
   if(rv && rv != NGTCP2_ERR_STREAM_NOT_FOUND) {
     return NGHTTP3_ERR_CALLBACK_FAILURE;
   }
@@ -1359,12 +1348,12 @@ static CURLcode recv_closed_stream(struct Curl_cfilter *cf,
   (void)cf;
   *pnread = 0;
   if(stream->reset) {
-    failf(data, "HTTP/3 stream %" FMT_PRId64 " reset by server", stream->id);
+    failf(data, "HTTP/3 stream %" PRId64 " reset by server", stream->id);
     return data->req.bytecount ? CURLE_PARTIAL_FILE : CURLE_HTTP3;
   }
   else if(!stream->resp_hds_complete) {
     failf(data,
-          "HTTP/3 stream %" FMT_PRId64 " was closed cleanly, but before "
+          "HTTP/3 stream %" PRId64 " was closed cleanly, but before "
           "getting all response header fields, treated as error",
           stream->id);
     return CURLE_HTTP3;
@@ -1413,7 +1402,7 @@ static CURLcode cf_ngtcp2_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
   }
 
   if(stream->xfer_result) {
-    CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] xfer write failed", stream->id);
+    CURL_TRC_CF(data, cf, "[%" PRId64 "] xfer write failed", stream->id);
     cf_ngtcp2_stream_close(cf, data, stream);
     result = stream->xfer_result;
     goto out;
@@ -1428,7 +1417,7 @@ out:
   result = Curl_1st_err(result, cf_progress_egress(cf, data, &pktx));
   result = Curl_1st_err(result, check_and_set_expiry(cf, data, &pktx));
 denied:
-  CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] cf_recv(blen=%zu) -> %d, %zu",
+  CURL_TRC_CF(data, cf, "[%" PRId64 "] cf_recv(blen=%zu) -> %d, %zu",
               stream ? stream->id : -1, blen, result, *pnread);
   CF_DATA_RESTORE(cf, save);
   return result;
@@ -1519,12 +1508,12 @@ cb_h3_read_req_body(nghttp3_conn *conn, int64_t stream_id,
   }
   else if(!nwritten) {
     /* Not EOF, and nothing to give, we signal WOULDBLOCK. */
-    CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] read req body -> AGAIN",
+    CURL_TRC_CF(data, cf, "[%" PRId64 "] read req body -> AGAIN",
                 stream->id);
     return NGHTTP3_ERR_WOULDBLOCK;
   }
 
-  CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] read req body -> "
+  CURL_TRC_CF(data, cf, "[%" PRId64 "] read req body -> "
               "%d vecs%s with %zu (buffered=%zu, left=%" FMT_OFF_T ")",
               stream->id, (int)nvecs,
               *pflags == NGHTTP3_DATA_FLAG_EOF ? " EOF" : "",
@@ -1605,7 +1594,7 @@ static CURLcode h3_stream_open(struct Curl_cfilter *cf,
     result = CURLE_SEND_ERROR;
     goto out;
   }
-  stream->id = (curl_int64_t)sid;
+  stream->id = sid;
   ++ctx->used_bidi_streams;
 
   switch(data->state.httpreq) {
@@ -1637,11 +1626,11 @@ static CURLcode h3_stream_open(struct Curl_cfilter *cf,
   if(rc) {
     switch(rc) {
     case NGHTTP3_ERR_CONN_CLOSING:
-      CURL_TRC_CF(data, cf, "h3sid[%" FMT_PRId64 "] failed to send, "
+      CURL_TRC_CF(data, cf, "h3sid[%" PRId64 "] failed to send, "
                   "connection is closing", stream->id);
       break;
     default:
-      CURL_TRC_CF(data, cf, "h3sid[%" FMT_PRId64 "] failed to send -> "
+      CURL_TRC_CF(data, cf, "h3sid[%" PRId64 "] failed to send -> "
                   "%d (%s)", stream->id, rc, nghttp3_strerror(rc));
       break;
     }
@@ -1651,10 +1640,10 @@ static CURLcode h3_stream_open(struct Curl_cfilter *cf,
   }
 
   if(Curl_trc_is_verbose(data)) {
-    infof(data, "[HTTP/3] [%" FMT_PRId64 "] OPENED stream for %s",
+    infof(data, "[HTTP/3] [%" PRId64 "] OPENED stream for %s",
           stream->id, data->state.url);
     for(i = 0; i < nheader; ++i) {
-      infof(data, "[HTTP/3] [%" FMT_PRId64 "] [%.*s: %.*s]", stream->id,
+      infof(data, "[HTTP/3] [%" PRId64 "] [%.*s: %.*s]", stream->id,
             (int)nva[i].namelen, nva[i].name,
             (int)nva[i].valuelen, nva[i].value);
     }
@@ -1708,7 +1697,7 @@ static CURLcode cf_ngtcp2_send(struct Curl_cfilter *cf, struct Curl_easy *data,
     stream = H3_STREAM_CTX(ctx, data);
   }
   else if(stream->xfer_result) {
-    CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] xfer write failed", stream->id);
+    CURL_TRC_CF(data, cf, "[%" PRId64 "] xfer write failed", stream->id);
     cf_ngtcp2_stream_close(cf, data, stream);
     result = stream->xfer_result;
     goto out;
@@ -1720,13 +1709,13 @@ static CURLcode cf_ngtcp2_send(struct Curl_cfilter *cf, struct Curl_easy *data,
        * body. This happens on 30x or 40x responses.
        * We silently discard the data sent, since this is not a transport
        * error situation. */
-      CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] discarding data"
+      CURL_TRC_CF(data, cf, "[%" PRId64 "] discarding data"
                   "on closed stream with response", stream->id);
       result = CURLE_OK;
       *pnwritten = len;
       goto out;
     }
-    CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] send_body(len=%zu) "
+    CURL_TRC_CF(data, cf, "[%" PRId64 "] send_body(len=%zu) "
                 "-> stream closed", stream->id, len);
     result = CURLE_HTTP3;
     goto out;
@@ -1738,7 +1727,7 @@ static CURLcode cf_ngtcp2_send(struct Curl_cfilter *cf, struct Curl_easy *data,
   }
   else {
     result = Curl_bufq_write(&stream->sendbuf, buf, len, pnwritten);
-    CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] cf_send, add to "
+    CURL_TRC_CF(data, cf, "[%" PRId64 "] cf_send, add to "
                 "sendbuf(len=%zu) -> %d, %zu",
                 stream->id, len, result, *pnwritten);
     if(result)
@@ -1755,7 +1744,7 @@ static CURLcode cf_ngtcp2_send(struct Curl_cfilter *cf, struct Curl_easy *data,
 out:
   result = Curl_1st_err(result, check_and_set_expiry(cf, data, &pktx));
 denied:
-  CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] cf_send(len=%zu) -> %d, %zu",
+  CURL_TRC_CF(data, cf, "[%" PRId64 "] cf_send(len=%zu) -> %d, %zu",
               stream ? stream->id : -1, len, result, *pnwritten);
   CF_DATA_RESTORE(cf, save);
   return result;
@@ -1886,8 +1875,8 @@ static CURLcode read_pkt_to_send(void *userp,
         struct h3_stream_ctx *stream;
         DEBUGASSERT(ndatalen == -1);
         nghttp3_conn_block_stream(ctx->h3conn, stream_id);
-        CURL_TRC_CF(x->data, x->cf, "[%" FMT_PRId64 "] block quic flow",
-                    (curl_int64_t)stream_id);
+        CURL_TRC_CF(x->data, x->cf, "[%" PRId64 "] block quic flow",
+                    stream_id);
         stream = cf_ngtcp2_get_stream(ctx, stream_id);
         if(stream) /* it might be not one of our h3 streams? */
           stream->quic_flow_blocked = TRUE;
@@ -2171,8 +2160,8 @@ static CURLcode cf_ngtcp2_shutdown(struct Curl_cfilter *cf,
       (uint8_t *)buffer, sizeof(buffer),
       &ctx->last_error, pktx.ts);
     CURL_TRC_CF(data, cf, "start shutdown(err_type=%d, err_code=%"
-                FMT_PRIu64 ") -> %d", ctx->last_error.type,
-                (curl_uint64_t)ctx->last_error.error_code, (int)nwritten);
+                PRIu64 ") -> %d", ctx->last_error.type,
+                ctx->last_error.error_code, (int)nwritten);
     /* there are cases listed in ngtcp2 documentation where this call
      * may fail. Since we are doing a connection shutdown as graceful
      * as we can, such an error is ignored here. */
@@ -2670,9 +2659,8 @@ out:
 
     result = CURLE_COULDNT_CONNECT;
     if(cerr) {
-      CURL_TRC_CF(data, cf, "connect error, type=%d, code=%"
-                  FMT_PRIu64,
-                  cerr->type, (curl_uint64_t)cerr->error_code);
+      CURL_TRC_CF(data, cf, "connect error, type=%d, code=%" PRIu64,
+                  cerr->type, cerr->error_code);
       switch(cerr->type) {
       case NGTCP2_CCERR_TYPE_VERSION_NEGOTIATION:
         CURL_TRC_CF(data, cf, "error in version negotiation");

From ef4f791337cd13da7dd39e1867e7b038ee98f3a5 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Tue, 25 Nov 2025 13:21:25 +0100
Subject: [PATCH 1002/2408] quiche: use stdint types

Use int64_t and uint64_t directly without needing to cast to
curl_int64_t and curl_uint64_t.

Closes #19697
---
 lib/vquic/curl_quiche.c | 120 +++++++++++++++++++---------------------
 1 file changed, 58 insertions(+), 62 deletions(-)

diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c
index 4fc25acad0..51cadd2e6e 100644
--- a/lib/vquic/curl_quiche.c
+++ b/lib/vquic/curl_quiche.c
@@ -171,10 +171,10 @@ static CURLcode cf_flush_egress(struct Curl_cfilter *cf,
  * All about the H3 internals of a stream
  */
 struct h3_stream_ctx {
-  curl_uint64_t id; /* HTTP/3 protocol stream identifier */
+  uint64_t id; /* HTTP/3 protocol stream identifier */
   struct bufq recvbuf; /* h3 response */
   struct h1_req_parser h1; /* h1 request parsing */
-  curl_uint64_t error3; /* HTTP/3 stream error code */
+  uint64_t error3; /* HTTP/3 stream error code */
   BIT(opened); /* TRUE after stream has been opened */
   BIT(closed); /* TRUE on stream close */
   BIT(reset);  /* TRUE on stream reset */
@@ -243,7 +243,7 @@ static bool cf_quiche_do_resume(struct Curl_cfilter *cf,
   if(stream->quic_flow_blocked) {
     stream->quic_flow_blocked = FALSE;
     Curl_multi_mark_dirty(sdata);
-    CURL_TRC_CF(sdata, cf, "[%"FMT_PRIu64"] unblock", stream->id);
+    CURL_TRC_CF(sdata, cf, "[%" PRIu64 "] unblock", stream->id);
   }
   return TRUE;
 }
@@ -294,7 +294,7 @@ static void h3_data_done(struct Curl_cfilter *cf, struct Curl_easy *data)
 
   (void)cf;
   if(stream) {
-    CURL_TRC_CF(data, cf, "[%"FMT_PRIu64"] easy handle is done", stream->id);
+    CURL_TRC_CF(data, cf, "[%" PRIu64 "] easy handle is done", stream->id);
     if(ctx->qconn && !stream->closed) {
       quiche_conn_stream_shutdown(ctx->qconn, stream->id,
                                   QUICHE_SHUTDOWN_READ, CURL_H3_NO_ERROR);
@@ -368,7 +368,7 @@ static int cb_each_header(uint8_t *name, size_t name_len,
     return CURLE_OK;
 
   if((name_len == 7) && !strncmp(HTTP_PSEUDO_STATUS, (char *)name, 7)) {
-    CURL_TRC_CF(x->data, x->cf, "[%" FMT_PRIu64 "] status: %.*s",
+    CURL_TRC_CF(x->data, x->cf, "[%" PRIu64 "] status: %.*s",
                 stream->id, (int)value_len, value);
     result = write_resp_raw(x->cf, x->data, "HTTP/3 ", sizeof("HTTP/3 ") - 1);
     if(!result)
@@ -377,7 +377,7 @@ static int cb_each_header(uint8_t *name, size_t name_len,
       result = write_resp_raw(x->cf, x->data, " \r\n", 3);
   }
   else {
-    CURL_TRC_CF(x->data, x->cf, "[%" FMT_PRIu64 "] header: %.*s: %.*s",
+    CURL_TRC_CF(x->data, x->cf, "[%" PRIu64 "] header: %.*s: %.*s",
                 stream->id, (int)name_len, name,
                 (int)value_len, value);
     result = write_resp_raw(x->cf, x->data, name, name_len);
@@ -389,7 +389,7 @@ static int cb_each_header(uint8_t *name, size_t name_len,
       result = write_resp_raw(x->cf, x->data, "\r\n", 2);
   }
   if(result) {
-    CURL_TRC_CF(x->data, x->cf, "[%"FMT_PRIu64"] on header error %d",
+    CURL_TRC_CF(x->data, x->cf, "[%" PRIu64 "] on header error %d",
                 stream->id, result);
   }
   return result;
@@ -439,9 +439,9 @@ static CURLcode cf_recv_body(struct Curl_cfilter *cf,
                            stream_resp_read, &cb_ctx, &nread);
 
   if(result && result != CURLE_AGAIN) {
-    CURL_TRC_CF(data, cf, "[%"FMT_PRIu64"] recv_body error %zu",
+    CURL_TRC_CF(data, cf, "[%" PRIu64 "] recv_body error %zu",
                 stream->id, nread);
-    failf(data, "Error %d in HTTP/3 response body for stream[%"FMT_PRIu64"]",
+    failf(data, "Error %d in HTTP/3 response body for stream[%" PRIu64 "]",
           result, stream->id);
     stream->closed = TRUE;
     stream->reset = TRUE;
@@ -492,11 +492,11 @@ static CURLcode h3_process_event(struct Curl_cfilter *cf,
     cb_ctx.data = data;
     rc = quiche_h3_event_for_each_header(ev, cb_each_header, &cb_ctx);
     if(rc) {
-      failf(data, "Error %d in HTTP/3 response header for stream[%"
-            FMT_PRIu64"]", rc, stream->id);
+      failf(data, "Error %d in HTTP/3 response header for stream[%" PRIu64 "]",
+            rc, stream->id);
       return CURLE_RECV_ERROR;
     }
-    CURL_TRC_CF(data, cf, "[%"FMT_PRIu64"] <- [HEADERS]", stream->id);
+    CURL_TRC_CF(data, cf, "[%" PRIu64 "] <- [HEADERS]", stream->id);
     break;
 
   case QUICHE_H3_EVENT_DATA:
@@ -506,7 +506,7 @@ static CURLcode h3_process_event(struct Curl_cfilter *cf,
     break;
 
   case QUICHE_H3_EVENT_RESET:
-    CURL_TRC_CF(data, cf, "[%"FMT_PRIu64"] RESET", stream->id);
+    CURL_TRC_CF(data, cf, "[%" PRIu64 "] RESET", stream->id);
     stream->closed = TRUE;
     stream->reset = TRUE;
     stream->send_closed = TRUE;
@@ -514,7 +514,7 @@ static CURLcode h3_process_event(struct Curl_cfilter *cf,
     break;
 
   case QUICHE_H3_EVENT_FINISHED:
-    CURL_TRC_CF(data, cf, "[%"FMT_PRIu64"] CLOSED", stream->id);
+    CURL_TRC_CF(data, cf, "[%" PRIu64 "] CLOSED", stream->id);
     if(!stream->resp_hds_complete) {
       result = write_resp_raw(cf, data, "\r\n", 2);
       if(result)
@@ -526,11 +526,11 @@ static CURLcode h3_process_event(struct Curl_cfilter *cf,
     break;
 
   case QUICHE_H3_EVENT_GOAWAY:
-    CURL_TRC_CF(data, cf, "[%"FMT_PRIu64"] <- [GOAWAY]", stream->id);
+    CURL_TRC_CF(data, cf, "[%" PRIu64 "] <- [GOAWAY]", stream->id);
     break;
 
   default:
-    CURL_TRC_CF(data, cf, "[%"FMT_PRIu64"] recv, unhandled event %d",
+    CURL_TRC_CF(data, cf, "[%" PRIu64 "] recv, unhandled event %d",
                 stream->id, quiche_h3_event_type(ev));
     break;
   }
@@ -545,14 +545,13 @@ static CURLcode cf_quiche_ev_process(struct Curl_cfilter *cf,
   CURLcode result = h3_process_event(cf, data, stream, ev);
   Curl_multi_mark_dirty(data);
   if(result)
-    CURL_TRC_CF(data, cf, "error processing event %s "
-                "for [%"FMT_PRIu64"] -> %d", cf_ev_name(ev),
-                stream->id, result);
+    CURL_TRC_CF(data, cf, "error processing event %s for [%" PRIu64 "] -> %d",
+                cf_ev_name(ev), stream->id, result);
   return result;
 }
 
 struct cf_quich_disp_ctx {
-  curl_uint64_t stream_id;
+  uint64_t stream_id;
   struct Curl_cfilter *cf;
   struct Curl_multi *multi;
   quiche_h3_event *ev;
@@ -582,17 +581,17 @@ static CURLcode cf_poll_events(struct Curl_cfilter *cf,
 
   /* Take in the events and distribute them to the transfers. */
   while(ctx->h3c) {
-    curl_int64_t stream3_id = quiche_h3_conn_poll(ctx->h3c, ctx->qconn, &ev);
-    if(stream3_id == QUICHE_H3_ERR_DONE) {
+    int64_t rv = quiche_h3_conn_poll(ctx->h3c, ctx->qconn, &ev);
+    if(rv == QUICHE_H3_ERR_DONE) {
       break;
     }
-    else if(stream3_id < 0) {
-      CURL_TRC_CF(data, cf, "error poll: %"FMT_PRId64, stream3_id);
+    else if(rv < 0) {
+      CURL_TRC_CF(data, cf, "error poll: %" PRId64, rv);
       return CURLE_HTTP3;
     }
     else {
       struct cf_quich_disp_ctx dctx;
-      dctx.stream_id = (curl_uint64_t)stream3_id;
+      dctx.stream_id = (uint64_t)rv;
       dctx.cf = cf;
       dctx.multi = data->multi;
       dctx.ev = ev;
@@ -750,8 +749,8 @@ static CURLcode cf_flush_egress(struct Curl_cfilter *cf,
   struct cf_quiche_ctx *ctx = cf->ctx;
   size_t nread;
   CURLcode result;
-  curl_int64_t expiry_ns;
-  curl_int64_t timeout_ns;
+  int64_t expiry_ns;
+  int64_t timeout_ns;
   struct read_ctx readx;
   size_t pkt_count, gsolen;
 
@@ -837,15 +836,13 @@ static CURLcode recv_closed_stream(struct Curl_cfilter *cf,
   DEBUGASSERT(stream);
   *pnread = 0;
   if(stream->reset) {
-    failf(data,
-          "HTTP/3 stream %" FMT_PRIu64 " reset by server", stream->id);
+    failf(data, "HTTP/3 stream %" PRIu64 " reset by server", stream->id);
     result = data->req.bytecount ? CURLE_PARTIAL_FILE : CURLE_HTTP3;
-    CURL_TRC_CF(data, cf, "[%" FMT_PRIu64 "] cf_recv, was reset -> %d",
+    CURL_TRC_CF(data, cf, "[%" PRIu64 "] cf_recv, was reset -> %d",
                 stream->id, result);
   }
   else if(!stream->resp_got_header) {
-    failf(data,
-          "HTTP/3 stream %" FMT_PRIu64 " was closed cleanly, but before "
+    failf(data, "HTTP/3 stream %" PRIu64 " was closed cleanly, but before "
           "getting all response header fields, treated as error",
           stream->id);
     result = CURLE_HTTP3;
@@ -868,7 +865,7 @@ static CURLcode cf_quiche_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
 
   if(!Curl_bufq_is_empty(&stream->recvbuf)) {
     result = Curl_bufq_cread(&stream->recvbuf, buf, len, pnread);
-    CURL_TRC_CF(data, cf, "[%" FMT_PRIu64 "] read recvbuf(len=%zu) "
+    CURL_TRC_CF(data, cf, "[%" PRIu64 "] read recvbuf(len=%zu) "
                 "-> %d, %zu", stream->id, len, result, *pnread);
     if(result)
       goto out;
@@ -883,7 +880,7 @@ static CURLcode cf_quiche_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
   /* recvbuf had nothing before, maybe after progressing ingress? */
   if(!*pnread && !Curl_bufq_is_empty(&stream->recvbuf)) {
     result = Curl_bufq_cread(&stream->recvbuf, buf, len, pnread);
-    CURL_TRC_CF(data, cf, "[%" FMT_PRIu64 "] read recvbuf(len=%zu) "
+    CURL_TRC_CF(data, cf, "[%" PRIu64 "] read recvbuf(len=%zu) "
                 "-> %d, %zu", stream->id, len, result, *pnread);
     if(result)
       goto out;
@@ -908,7 +905,7 @@ out:
   result = Curl_1st_err(result, cf_flush_egress(cf, data));
   if(*pnread > 0)
     ctx->data_recvd += *pnread;
-  CURL_TRC_CF(data, cf, "[%"FMT_PRIu64"] cf_recv(total=%"
+  CURL_TRC_CF(data, cf, "[%" PRIu64 "] cf_recv(total=%"
               FMT_OFF_T ") -> %d, %zu",
               stream->id, ctx->data_recvd, result, *pnread);
   return result;
@@ -930,32 +927,31 @@ static CURLcode cf_quiche_send_body(struct Curl_cfilter *cf,
     /* Blocked on flow control and should HOLD sending. But when do we open
      * again? */
     if(!quiche_conn_stream_writable(ctx->qconn, stream->id, len)) {
-      CURL_TRC_CF(data, cf, "[%" FMT_PRIu64 "] send_body(len=%zu) "
+      CURL_TRC_CF(data, cf, "[%" PRIu64 "] send_body(len=%zu) "
                   "-> window exhausted", stream->id, len);
       stream->quic_flow_blocked = TRUE;
     }
     return CURLE_AGAIN;
   }
   else if(rv == QUICHE_H3_TRANSPORT_ERR_INVALID_STREAM_STATE) {
-    CURL_TRC_CF(data, cf, "[%" FMT_PRIu64 "] send_body(len=%zu) "
+    CURL_TRC_CF(data, cf, "[%" PRIu64 "] send_body(len=%zu) "
                 "-> invalid stream state", stream->id, len);
     return CURLE_HTTP3;
   }
   else if(rv == QUICHE_H3_TRANSPORT_ERR_FINAL_SIZE) {
-    CURL_TRC_CF(data, cf, "[%" FMT_PRIu64 "] send_body(len=%zu) "
-                "-> exceeds size", stream->id, len);
+    CURL_TRC_CF(data, cf, "[%" PRIu64 "] send_body(len=%zu) -> exceeds size",
+                stream->id, len);
     return CURLE_SEND_ERROR;
   }
   else if(!curlx_sztouz(rv, pnwritten)) {
-    CURL_TRC_CF(data, cf, "[%" FMT_PRIu64 "] send_body(len=%zu) "
-                "-> quiche err %zd", stream->id, len, rv);
+    CURL_TRC_CF(data, cf, "[%" PRIu64 "] send_body(len=%zu) -> quiche err %zd",
+                stream->id, len, rv);
     return CURLE_SEND_ERROR;
   }
   else {
     if(eos && (len == *pnwritten))
       stream->send_closed = TRUE;
-    CURL_TRC_CF(data, cf, "[%" FMT_PRIu64 "] send body(len=%zu, "
-                "eos=%d) -> %zu",
+    CURL_TRC_CF(data, cf, "[%" PRIu64 "] send body(len=%zu, eos=%d) -> %zu",
                 stream->id, len, stream->send_closed, *pnwritten);
     return CURLE_OK;
   }
@@ -969,7 +965,7 @@ static CURLcode h3_open_stream(struct Curl_cfilter *cf,
   struct cf_quiche_ctx *ctx = cf->ctx;
   struct h3_stream_ctx *stream = H3_STREAM_CTX(ctx, data);
   size_t nheader, i;
-  curl_int64_t stream3_id;
+  int64_t rv;
   struct dynhds h2_headers;
   quiche_h3_header *nva = NULL;
   CURLcode result = CURLE_OK;
@@ -1027,37 +1023,37 @@ static CURLcode h3_open_stream(struct Curl_cfilter *cf,
   if(eos && !blen)
     stream->send_closed = TRUE;
 
-  stream3_id = quiche_h3_send_request(ctx->h3c, ctx->qconn, nva, nheader,
-                                      stream->send_closed);
-  CURL_TRC_CF(data, cf, "quiche_send_request() -> %" FMT_PRIu64, stream3_id);
-  if(stream3_id < 0) {
-    if(QUICHE_H3_ERR_STREAM_BLOCKED == stream3_id) {
+  rv = quiche_h3_send_request(ctx->h3c, ctx->qconn, nva, nheader,
+                              stream->send_closed);
+  CURL_TRC_CF(data, cf, "quiche_send_request() -> %" PRId64, rv);
+  if(rv < 0) {
+    if(QUICHE_H3_ERR_STREAM_BLOCKED == rv) {
       /* quiche seems to report this error if the connection window is
        * exhausted. Which happens frequently and intermittent. */
-      CURL_TRC_CF(data, cf, "[%"FMT_PRIu64"] blocked", stream->id);
+      CURL_TRC_CF(data, cf, "[%" PRIu64 "] blocked", stream->id);
       stream->quic_flow_blocked = TRUE;
       result = CURLE_AGAIN;
       goto out;
     }
     else {
-      CURL_TRC_CF(data, cf, "send_request(%s) -> %" FMT_PRIu64,
-                  data->state.url, stream3_id);
+      CURL_TRC_CF(data, cf, "send_request(%s) -> %" PRId64,
+                  data->state.url, rv);
     }
     result = CURLE_SEND_ERROR;
     goto out;
   }
 
   DEBUGASSERT(!stream->opened);
-  stream->id = stream3_id;
+  stream->id = (uint64_t)rv;
   stream->opened = TRUE;
   stream->closed = FALSE;
   stream->reset = FALSE;
 
   if(Curl_trc_is_verbose(data)) {
-    infof(data, "[HTTP/3] [%" FMT_PRIu64 "] OPENED stream for %s",
+    infof(data, "[HTTP/3] [%" PRIu64 "] OPENED stream for %s",
           stream->id, data->state.url);
     for(i = 0; i < nheader; ++i) {
-      infof(data, "[HTTP/3] [%" FMT_PRIu64 "] [%.*s: %.*s]", stream->id,
+      infof(data, "[HTTP/3] [%" PRIu64 "] [%.*s: %.*s]", stream->id,
             (int)nva[i].name_len, nva[i].name,
             (int)nva[i].value_len, nva[i].value);
     }
@@ -1113,13 +1109,13 @@ static CURLcode cf_quiche_send(struct Curl_cfilter *cf, struct Curl_easy *data,
        * sending the 30x response.
        * This is sort of a race: had the transfer loop called recv first,
        * it would see the response and stop/discard sending on its own- */
-      CURL_TRC_CF(data, cf, "[%" FMT_PRIu64 "] discarding data"
+      CURL_TRC_CF(data, cf, "[%" PRIu64 "] discarding data"
                   "on closed stream with response", stream->id);
       result = CURLE_OK;
       *pnwritten = len;
       goto out;
     }
-    CURL_TRC_CF(data, cf, "[%" FMT_PRIu64 "] send_body(len=%zu) "
+    CURL_TRC_CF(data, cf, "[%" PRIu64 "] send_body(len=%zu) "
                 "-> stream closed", stream->id, len);
     result = CURLE_HTTP3;
     goto out;
@@ -1131,8 +1127,8 @@ static CURLcode cf_quiche_send(struct Curl_cfilter *cf, struct Curl_easy *data,
 out:
   result = Curl_1st_err(result, cf_flush_egress(cf, data));
 
-  CURL_TRC_CF(data, cf, "[%" FMT_PRIu64 "] cf_send(len=%zu) -> %d, %zu",
-              stream ? stream->id : (curl_uint64_t)~0, len,
+  CURL_TRC_CF(data, cf, "[%" PRIu64 "] cf_send(len=%zu) -> %d, %zu",
+              stream ? stream->id : (uint64_t)~0, len,
               result, *pnwritten);
   return result;
 }
@@ -1144,7 +1140,7 @@ static bool stream_is_writeable(struct Curl_cfilter *cf,
   struct h3_stream_ctx *stream = H3_STREAM_CTX(ctx, data);
 
   return stream && (quiche_conn_stream_writable(
-    ctx->qconn, (curl_uint64_t)stream->id, 1) > 0);
+    ctx->qconn, stream->id, 1) > 0);
 }
 
 static CURLcode cf_quiche_adjust_pollset(struct Curl_cfilter *cf,
@@ -1229,7 +1225,7 @@ static CURLcode cf_quiche_cntrl(struct Curl_cfilter *cf,
       stream->send_closed = TRUE;
       body[0] = 'X';
       result = cf_quiche_send(cf, data, body, 0, TRUE, &sent);
-      CURL_TRC_CF(data, cf, "[%"FMT_PRIu64"] DONE_SEND -> %d, %zu",
+      CURL_TRC_CF(data, cf, "[%" PRIu64 "] DONE_SEND -> %d, %zu",
                   stream->id, result, sent);
     }
     break;
@@ -1520,7 +1516,7 @@ static CURLcode cf_quiche_query(struct Curl_cfilter *cf,
 
   switch(query) {
   case CF_QUERY_MAX_CONCURRENT: {
-    curl_uint64_t max_streams = CONN_ATTACHED(cf->conn);
+    uint64_t max_streams = CONN_ATTACHED(cf->conn);
     if(!ctx->goaway && ctx->qconn) {
       max_streams += quiche_conn_peer_streams_left_bidi(ctx->qconn);
     }

From bb63518ba71c3d7bb58e6eb605bb0a5962d7835e Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Tue, 25 Nov 2025 13:39:35 +0100
Subject: [PATCH 1003/2408] openssl-quic: use stdint types

Use int64_t and uint64_t directly without needing to cast to
curl_int64_t and curl_uint64_t.

Closes #19698
---
 lib/vquic/curl_osslq.c | 106 ++++++++++++++++++++---------------------
 1 file changed, 51 insertions(+), 55 deletions(-)

diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c
index b890a8d951..9d0193d554 100644
--- a/lib/vquic/curl_osslq.c
+++ b/lib/vquic/curl_osslq.c
@@ -207,7 +207,7 @@ out:
 
 /* QUIC stream (not necessarily H3) */
 struct cf_osslq_stream {
-  curl_int64_t id;
+  int64_t id;
   SSL *ssl;
   struct bufq recvbuf; /* QUIC war data recv buffer */
   BIT(recvd_eos);
@@ -228,7 +228,7 @@ static CURLcode cf_osslq_stream_open(struct cf_osslq_stream *s,
   if(!s->ssl) {
     return CURLE_FAILED_INIT;
   }
-  s->id = (curl_int64_t)SSL_get_stream_id(s->ssl);
+  s->id = SSL_get_stream_id(s->ssl);
   SSL_set_app_data(s->ssl, user_data);
   return CURLE_OK;
 }
@@ -450,7 +450,7 @@ static CURLcode cf_osslq_h3conn_add_stream(struct cf_osslq_h3conn *h3,
                                            struct Curl_easy *data)
 {
   struct cf_osslq_ctx *ctx = cf->ctx;
-  curl_int64_t stream_id = (curl_int64_t)SSL_get_stream_id(stream_ssl);
+  int64_t stream_id = (int64_t)SSL_get_stream_id(stream_ssl);
   int stype = SSL_get_stream_type(stream_ssl);
   /* This could be a GREASE stream, e.g. HTTP/3 rfc9114 ch 6.2.3
    * reserved stream type that is supposed to be discarded silently.
@@ -461,7 +461,7 @@ static CURLcode cf_osslq_h3conn_add_stream(struct cf_osslq_h3conn *h3,
       struct cf_osslq_stream *nstream;
       if(h3->remote_ctrl_n >= CURL_ARRAYSIZE(h3->remote_ctrl)) {
         /* rejected, we are full */
-        CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] reject remote uni stream",
+        CURL_TRC_CF(data, cf, "[%" PRId64 "] reject remote uni stream",
                     stream_id);
         SSL_free(stream_ssl);
         return CURLE_OK;
@@ -470,12 +470,12 @@ static CURLcode cf_osslq_h3conn_add_stream(struct cf_osslq_h3conn *h3,
       nstream->id = stream_id;
       nstream->ssl = stream_ssl;
       Curl_bufq_initp(&nstream->recvbuf, &ctx->stream_bufcp, 1, BUFQ_OPT_NONE);
-      CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] accepted remote uni stream",
+      CURL_TRC_CF(data, cf, "[%" PRId64 "] accepted remote uni stream",
                   stream_id);
       return CURLE_OK;
     }
     default:
-      CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] reject remote %s"
+      CURL_TRC_CF(data, cf, "[%" PRId64 "] reject remote %s"
                   " stream, type=%x", stream_id,
                   (stype == SSL_STREAM_TYPE_BIDI) ? "bidi" : "write", stype);
       SSL_free(stream_ssl);
@@ -579,7 +579,7 @@ struct h3_stream_ctx {
   struct h1_req_parser h1; /* h1 request parsing */
   size_t sendbuf_len_in_flight; /* sendbuf amount "in flight" */
   size_t recv_buf_nonflow; /* buffered bytes, not counting for flow control */
-  curl_uint64_t error3; /* HTTP/3 stream error code */
+  uint64_t error3; /* HTTP/3 stream error code */
   curl_off_t upload_left; /* number of request bytes left to upload */
   curl_off_t download_recvd; /* number of response DATA bytes received */
   int status_code; /* HTTP status code */
@@ -649,7 +649,7 @@ static void h3_data_done(struct Curl_cfilter *cf, struct Curl_easy *data)
 
   (void)cf;
   if(stream) {
-    CURL_TRC_CF(data, cf, "[%"FMT_PRId64"] easy handle is done",
+    CURL_TRC_CF(data, cf, "[%" PRIu64 "] easy handle is done",
                 stream->s.id);
     if(ctx->h3.conn && (stream->s.id >= 0) && !stream->closed) {
       nghttp3_conn_shutdown_stream_read(ctx->h3.conn, stream->s.id);
@@ -664,7 +664,7 @@ static void h3_data_done(struct Curl_cfilter *cf, struct Curl_easy *data)
 }
 
 struct cf_ossq_find_ctx {
-  curl_int64_t stream_id;
+  int64_t stream_id;
   struct h3_stream_ctx *stream;
 };
 
@@ -743,11 +743,11 @@ static int cb_h3_stream_close(nghttp3_conn *conn, int64_t stream_id,
   if(stream->error3 != NGHTTP3_H3_NO_ERROR) {
     stream->reset = TRUE;
     stream->send_closed = TRUE;
-    CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] RESET: error %" FMT_PRIu64,
+    CURL_TRC_CF(data, cf, "[%" PRId64 "] RESET: error %" PRIu64,
                 stream->s.id, stream->error3);
   }
   else {
-    CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] CLOSED", stream->s.id);
+    CURL_TRC_CF(data, cf, "[%" PRId64 "] CLOSED", stream->s.id);
   }
   Curl_multi_mark_dirty(data);
   return 0;
@@ -806,12 +806,12 @@ static int cb_h3_recv_data(nghttp3_conn *conn, int64_t stream3_id,
 
   result = write_resp_raw(cf, data, buf, buflen, TRUE);
   if(result) {
-    CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] DATA len=%zu, ERROR %d",
+    CURL_TRC_CF(data, cf, "[%" PRId64 "] DATA len=%zu, ERROR %d",
                 stream->s.id, buflen, result);
     return NGHTTP3_ERR_CALLBACK_FAILURE;
   }
   stream->download_recvd += (curl_off_t)buflen;
-  CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] DATA len=%zu, total=%" FMT_OFF_T,
+  CURL_TRC_CF(data, cf, "[%" PRId64 "] DATA len=%zu, total=%" FMT_OFF_T,
               stream->s.id, buflen, stream->download_recvd);
   Curl_multi_mark_dirty(data);
   return 0;
@@ -829,18 +829,17 @@ static int cb_h3_deferred_consume(nghttp3_conn *conn, int64_t stream_id,
   (void)conn;
   (void)stream_id;
   if(stream)
-    CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] deferred consume %zu bytes",
+    CURL_TRC_CF(data, cf, "[%" PRId64 "] deferred consume %zu bytes",
                 stream->s.id, consumed);
   return 0;
 }
 
-static int cb_h3_recv_header(nghttp3_conn *conn, int64_t sid,
+static int cb_h3_recv_header(nghttp3_conn *conn, int64_t stream_id,
                              int32_t token, nghttp3_rcbuf *name,
                              nghttp3_rcbuf *value, uint8_t flags,
                              void *user_data, void *stream_user_data)
 {
   struct Curl_cfilter *cf = user_data;
-  curl_int64_t stream_id = sid;
   struct cf_osslq_ctx *ctx = cf->ctx;
   nghttp3_vec h3name = nghttp3_rcbuf_get_buf(name);
   nghttp3_vec h3val = nghttp3_rcbuf_get_buf(value);
@@ -867,7 +866,7 @@ static int cb_h3_recv_header(nghttp3_conn *conn, int64_t sid,
       return -1;
     ncopy = curl_msnprintf(line, sizeof(line), "HTTP/3 %03d \r\n",
                            stream->status_code);
-    CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] status: %s", stream_id, line);
+    CURL_TRC_CF(data, cf, "[%" PRId64 "] status: %s", stream_id, line);
     result = write_resp_raw(cf, data, line, ncopy, FALSE);
     if(result) {
       return -1;
@@ -875,7 +874,7 @@ static int cb_h3_recv_header(nghttp3_conn *conn, int64_t sid,
   }
   else {
     /* store as an HTTP1-style header */
-    CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] header: %.*s: %.*s",
+    CURL_TRC_CF(data, cf, "[%" PRId64 "] header: %.*s: %.*s",
                 stream_id, (int)h3name.len, h3name.base,
                 (int)h3val.len, h3val.base);
     result = write_resp_raw(cf, data, h3name.base, h3name.len, FALSE);
@@ -898,13 +897,12 @@ static int cb_h3_recv_header(nghttp3_conn *conn, int64_t sid,
   return 0;
 }
 
-static int cb_h3_end_headers(nghttp3_conn *conn, int64_t sid,
+static int cb_h3_end_headers(nghttp3_conn *conn, int64_t stream_id,
                              int fin, void *user_data, void *stream_user_data)
 {
   struct Curl_cfilter *cf = user_data;
   struct cf_osslq_ctx *ctx = cf->ctx;
   struct Curl_easy *data = stream_user_data;
-  curl_int64_t stream_id = sid;
   struct h3_stream_ctx *stream = H3_STREAM_CTX(ctx, data);
   CURLcode result = CURLE_OK;
   (void)conn;
@@ -920,7 +918,7 @@ static int cb_h3_end_headers(nghttp3_conn *conn, int64_t sid,
     return -1;
   }
 
-  CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] end_headers, status=%d",
+  CURL_TRC_CF(data, cf, "[%" PRId64 "] end_headers, status=%d",
               stream_id, stream->status_code);
   if(stream->status_code / 100 != 1) {
     stream->resp_hds_complete = TRUE;
@@ -929,14 +927,13 @@ static int cb_h3_end_headers(nghttp3_conn *conn, int64_t sid,
   return 0;
 }
 
-static int cb_h3_stop_sending(nghttp3_conn *conn, int64_t sid,
+static int cb_h3_stop_sending(nghttp3_conn *conn, int64_t stream_id,
                               uint64_t app_error_code, void *user_data,
                               void *stream_user_data)
 {
   struct Curl_cfilter *cf = user_data;
   struct cf_osslq_ctx *ctx = cf->ctx;
   struct Curl_easy *data = stream_user_data;
-  curl_int64_t stream_id = sid;
   struct h3_stream_ctx *stream = H3_STREAM_CTX(ctx, data);
   (void)conn;
   (void)app_error_code;
@@ -944,19 +941,18 @@ static int cb_h3_stop_sending(nghttp3_conn *conn, int64_t sid,
   if(!stream || !stream->s.ssl)
     return 0;
 
-  CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] stop_sending", stream_id);
+  CURL_TRC_CF(data, cf, "[%" PRId64 "] stop_sending", stream_id);
   cf_osslq_stream_close(&stream->s);
   return 0;
 }
 
-static int cb_h3_reset_stream(nghttp3_conn *conn, int64_t sid,
+static int cb_h3_reset_stream(nghttp3_conn *conn, int64_t stream_id,
                               uint64_t app_error_code, void *user_data,
                               void *stream_user_data)
 {
   struct Curl_cfilter *cf = user_data;
   struct cf_osslq_ctx *ctx = cf->ctx;
   struct Curl_easy *data = stream_user_data;
-  curl_int64_t stream_id = sid;
   struct h3_stream_ctx *stream = H3_STREAM_CTX(ctx, data);
   int rv;
   (void)conn;
@@ -965,7 +961,7 @@ static int cb_h3_reset_stream(nghttp3_conn *conn, int64_t sid,
     SSL_STREAM_RESET_ARGS args = {0};
     args.quic_error_code = app_error_code;
     rv = !SSL_stream_reset(stream->s.ssl, &args, sizeof(args));
-    CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] reset -> %d", stream_id, rv);
+    CURL_TRC_CF(data, cf, "[%" PRId64 "] reset -> %d", stream_id, rv);
     if(!rv) {
       return NGHTTP3_ERR_CALLBACK_FAILURE;
     }
@@ -1025,12 +1021,12 @@ cb_h3_read_req_body(nghttp3_conn *conn, int64_t stream_id,
   }
   else if(!nwritten) {
     /* Not EOF, and nothing to give, we signal WOULDBLOCK. */
-    CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] read req body -> AGAIN",
+    CURL_TRC_CF(data, cf, "[%" PRId64 "] read req body -> AGAIN",
                 stream->s.id);
     return NGHTTP3_ERR_WOULDBLOCK;
   }
 
-  CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] read req body -> "
+  CURL_TRC_CF(data, cf, "[%" PRId64 "] read req body -> "
               "%d vecs%s with %zu (buffered=%zu, left=%" FMT_OFF_T ")",
               stream->s.id, (int)nvecs,
               *pflags == NGHTTP3_DATA_FLAG_EOF ? " EOF" : "",
@@ -1262,7 +1258,7 @@ static CURLcode h3_quic_recv(void *reader_ctx,
       return CURLE_AGAIN;
     }
     else if(detail == SSL_ERROR_ZERO_RETURN) {
-      CURL_TRC_CF(x->data, x->cf, "[%" FMT_PRId64 "] h3_quic_recv -> EOS",
+      CURL_TRC_CF(x->data, x->cf, "[%" PRId64 "] h3_quic_recv -> EOS",
                   x->s->id);
       x->s->recvd_eos = TRUE;
       return CURLE_OK;
@@ -1275,7 +1271,7 @@ static CURLcode h3_quic_recv(void *reader_ctx,
         return CURLE_RECV_ERROR;
       }
       else {
-        CURL_TRC_CF(x->data, x->cf, "[%" FMT_PRId64 "] h3_quic_recv -> RESET, "
+        CURL_TRC_CF(x->data, x->cf, "[%" PRId64 "] h3_quic_recv -> RESET, "
                     "rv=%d, app_err=%" FMT_PRIu64,
                     x->s->id, rv, (curl_uint64_t)app_error_code);
         if(app_error_code != NGHTTP3_H3_NO_ERROR)
@@ -1332,7 +1328,7 @@ static CURLcode cf_osslq_stream_recv(struct cf_osslq_stream *s,
       while(Curl_bufq_peek(&s->recvbuf, &buf, &blen)) {
         nread = nghttp3_conn_read_stream(ctx->h3.conn, s->id,
                                          buf, blen, 0);
-        CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] forward %zu bytes "
+        CURL_TRC_CF(data, cf, "[%" PRId64 "] forward %zu bytes "
                     "to nghttp3 -> %zd", s->id, blen, nread);
         if(nread < 0) {
           failf(data, "nghttp3_conn_read_stream(len=%zu) error: %s",
@@ -1372,7 +1368,7 @@ static CURLcode cf_osslq_stream_recv(struct cf_osslq_stream *s,
         rv = nghttp3_conn_close_stream(ctx->h3.conn, s->id,
                                        NGHTTP3_H3_NO_ERROR);
         s->closed = TRUE;
-        CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] close nghttp3 stream -> %d",
+        CURL_TRC_CF(data, cf, "[%" PRId64 "] close nghttp3 stream -> %d",
                     s->id, rv);
         if(rv < 0 && rv != NGHTTP3_ERR_STREAM_NOT_FOUND) {
           failf(data, "nghttp3_conn_close_stream returned error: %s",
@@ -1385,7 +1381,7 @@ static CURLcode cf_osslq_stream_recv(struct cf_osslq_stream *s,
   }
 out:
   if(result)
-    CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] cf_osslq_stream_recv -> %d",
+    CURL_TRC_CF(data, cf, "[%" PRId64 "] cf_osslq_stream_recv -> %d",
                 s->id, result);
   return result;
 }
@@ -1609,7 +1605,7 @@ static CURLcode h3_send_streams(struct Curl_cfilter *cf,
     s = cf_osslq_get_qstream(cf, data, stream_id);
     if(!s) {
       failf(data, "nghttp3_conn_writev_stream gave unknown stream %"
-            FMT_PRId64, (curl_int64_t)stream_id);
+            PRId64, stream_id);
       result = CURLE_SEND_ERROR;
       goto out;
     }
@@ -1630,7 +1626,7 @@ static CURLcode h3_send_streams(struct Curl_cfilter *cf,
       if(ok) {
         /* As OpenSSL buffers the data, we count this as acknowledged
          * from nghttp3's point of view */
-        CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] send %zu bytes to QUIC ok",
+        CURL_TRC_CF(data, cf, "[%" PRId64 "] send %zu bytes to QUIC ok",
                     s->id, vec[i].len);
         acked_len += vec[i].len;
       }
@@ -1640,14 +1636,14 @@ static CURLcode h3_send_streams(struct Curl_cfilter *cf,
         case SSL_ERROR_WANT_WRITE:
         case SSL_ERROR_WANT_READ:
           /* QUIC blocked us from writing more */
-          CURL_TRC_CF(data, cf, "[%"FMT_PRId64 "] send %zu bytes to "
+          CURL_TRC_CF(data, cf, "[%" PRId64 "] send %zu bytes to "
                       "QUIC blocked", s->id, vec[i].len);
           written = 0;
           nghttp3_conn_block_stream(ctx->h3.conn, s->id);
           s->send_blocked = blocked = TRUE;
           break;
         default:
-          failf(data, "[%"FMT_PRId64 "] send %zu bytes to QUIC, SSL error %d",
+          failf(data, "[%" PRId64 "] send %zu bytes to QUIC, SSL error %d",
                 s->id, vec[i].len, detail);
           result = cf_osslq_ssl_err(cf, data, detail, CURLE_HTTP3);
           goto out;
@@ -1673,13 +1669,13 @@ static CURLcode h3_send_streams(struct Curl_cfilter *cf,
         result = CURLE_SEND_ERROR;
         goto out;
       }
-      CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] forwarded %zu/%zu h3 bytes "
+      CURL_TRC_CF(data, cf, "[%" PRId64 "] forwarded %zu/%zu h3 bytes "
                   "to QUIC, eos=%d", s->id, acked_len, total_len, eos);
     }
 
     if(eos && !s->send_blocked && !eos_written) {
       /* wrote everything and H3 indicates end of stream */
-      CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] closing QUIC stream", s->id);
+      CURL_TRC_CF(data, cf, "[%" PRId64 "] closing QUIC stream", s->id);
       SSL_stream_conclude(s->ssl, 0);
     }
   }
@@ -1980,11 +1976,11 @@ static CURLcode h3_stream_open(struct Curl_cfilter *cf,
   if(rc) {
     switch(rc) {
     case NGHTTP3_ERR_CONN_CLOSING:
-      CURL_TRC_CF(data, cf, "h3sid[%"FMT_PRId64"] failed to send, "
+      CURL_TRC_CF(data, cf, "h3sid[%" PRId64 "] failed to send, "
                   "connection is closing", stream->s.id);
       break;
     default:
-      CURL_TRC_CF(data, cf, "h3sid[%"FMT_PRId64 "] failed to send -> %d (%s)",
+      CURL_TRC_CF(data, cf, "h3sid[%" PRId64 "] failed to send -> %d (%s)",
                   stream->s.id, rc, nghttp3_strerror(rc));
       break;
     }
@@ -1993,10 +1989,10 @@ static CURLcode h3_stream_open(struct Curl_cfilter *cf,
   }
 
   if(Curl_trc_is_verbose(data)) {
-    infof(data, "[HTTP/3] [%" FMT_PRId64 "] OPENED stream for %s",
+    infof(data, "[HTTP/3] [%" PRId64 "] OPENED stream for %s",
           stream->s.id, data->state.url);
     for(i = 0; i < nheader; ++i) {
-      infof(data, "[HTTP/3] [%" FMT_PRId64 "] [%.*s: %.*s]",
+      infof(data, "[HTTP/3] [%" PRId64 "] [%.*s: %.*s]",
             stream->s.id,
             (int)nva[i].namelen, nva[i].name,
             (int)nva[i].valuelen, nva[i].value);
@@ -2049,20 +2045,20 @@ static CURLcode cf_osslq_send(struct Curl_cfilter *cf, struct Curl_easy *data,
        * body. This happens on 30x or 40x responses.
        * We silently discard the data sent, since this is not a transport
        * error situation. */
-      CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] discarding data"
+      CURL_TRC_CF(data, cf, "[%" PRId64 "] discarding data"
                   "on closed stream with response", stream->s.id);
       result = CURLE_OK;
       *pnwritten = len;
       goto out;
     }
-    CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] send_body(len=%zu) "
+    CURL_TRC_CF(data, cf, "[%" PRId64 "] send_body(len=%zu) "
                 "-> stream closed", stream->s.id, len);
     result = CURLE_HTTP3;
     goto out;
   }
   else {
     result = Curl_bufq_write(&stream->sendbuf, buf, len, pnwritten);
-    CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] cf_send, add to "
+    CURL_TRC_CF(data, cf, "[%" PRId64 "] cf_send, add to "
                 "sendbuf(len=%zu) -> %d, %zu",
                 stream->s.id, len, result, *pnwritten);
     if(result)
@@ -2075,7 +2071,7 @@ static CURLcode cf_osslq_send(struct Curl_cfilter *cf, struct Curl_easy *data,
 out:
   result = Curl_1st_err(result, check_and_set_expiry(cf, data));
 
-  CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] cf_send(len=%zu) -> %d, %zu",
+  CURL_TRC_CF(data, cf, "[%" PRId64 "] cf_send(len=%zu) -> %d, %zu",
               stream ? stream->s.id : -1, len, result, *pnwritten);
   CF_DATA_RESTORE(cf, save);
   return result;
@@ -2090,13 +2086,13 @@ static CURLcode recv_closed_stream(struct Curl_cfilter *cf,
   *pnread = 0;
   if(stream->reset) {
     failf(data,
-          "HTTP/3 stream %" FMT_PRId64 " reset by server",
+          "HTTP/3 stream %" PRId64 " reset by server",
           stream->s.id);
     return data->req.bytecount ? CURLE_PARTIAL_FILE : CURLE_HTTP3;
   }
   else if(!stream->resp_hds_complete) {
     failf(data,
-          "HTTP/3 stream %" FMT_PRId64
+          "HTTP/3 stream %" PRId64
           " was closed cleanly, but before getting"
           " all response header fields, treated as error",
           stream->s.id);
@@ -2128,8 +2124,8 @@ static CURLcode cf_osslq_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
   if(!Curl_bufq_is_empty(&stream->recvbuf)) {
     result = Curl_bufq_cread(&stream->recvbuf, buf, len, pnread);
     if(result) {
-      CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] read recvbuf(len=%zu) "
-                  "-> %d, %zu", stream->s.id, len, result, *pnread);
+      CURL_TRC_CF(data, cf, "[%" PRId64 "] read recvbuf(len=%zu) -> %d, %zu",
+                  stream->s.id, len, result, *pnread);
       goto out;
     }
   }
@@ -2142,8 +2138,8 @@ static CURLcode cf_osslq_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
   if(!*pnread && !Curl_bufq_is_empty(&stream->recvbuf)) {
     result = Curl_bufq_cread(&stream->recvbuf, buf, len, pnread);
     if(result) {
-      CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] read recvbuf(len=%zu) "
-                  "-> %d, %zu", stream->s.id, len, result, *pnread);
+      CURL_TRC_CF(data, cf, "[%" PRId64 "] read recvbuf(len=%zu) -> %d, %zu",
+                  stream->s.id, len, result, *pnread);
       goto out;
     }
   }
@@ -2163,7 +2159,7 @@ out:
   result = Curl_1st_err(result, cf_progress_egress(cf, data));
   result = Curl_1st_err(result, check_and_set_expiry(cf, data));
 
-  CURL_TRC_CF(data, cf, "[%" FMT_PRId64 "] cf_recv(len=%zu) -> %d, %zu",
+  CURL_TRC_CF(data, cf, "[%" PRId64 "] cf_recv(len=%zu) -> %d, %zu",
               stream ? stream->s.id : -1, len, result, *pnread);
   CF_DATA_RESTORE(cf, save);
   return result;

From 4701a6d2ae9f0b66a0feac4061868e944353449b Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Tue, 25 Nov 2025 11:33:38 +0100
Subject: [PATCH 1004/2408] lib: change uint sets to operate on uint32_t

- clarify names and change types
- make multi's `mid` a uint32_t
- update documentation

Closes #19695
---
 docs/internals/UINT_SETS.md |  40 ++---
 lib/doh.c                   |  16 +-
 lib/doh.h                   |   2 +-
 lib/easy.c                  |   6 +-
 lib/http2.c                 |  10 +-
 lib/multi.c                 | 282 ++++++++++++++++++------------------
 lib/multi_ev.c              |  36 ++---
 lib/multi_ev.h              |   4 +-
 lib/multi_ntfy.c            |  22 +--
 lib/multi_ntfy.h            |   2 +-
 lib/multihandle.h           |  10 +-
 lib/multiif.h               |   2 +-
 lib/uint-bset.c             | 102 ++++++-------
 lib/uint-bset.h             |  38 ++---
 lib/uint-hash.c             |  94 ++++++------
 lib/uint-hash.h             |  40 ++---
 lib/uint-spbset.c           | 128 ++++++++--------
 lib/uint-spbset.h           |  42 +++---
 lib/uint-table.c            |  82 +++++------
 lib/uint-table.h            |  40 ++---
 lib/url.c                   |  10 +-
 lib/urldata.h               |  10 +-
 lib/vquic/curl_ngtcp2.c     |  20 +--
 lib/vquic/curl_osslq.c      |  24 +--
 lib/vquic/curl_quiche.c     |  16 +-
 lib/vquic/vquic_int.h       |   2 +-
 tests/unit/unit1616.c       |  18 +--
 tests/unit/unit3211.c       |  65 +++++----
 tests/unit/unit3212.c       |  82 ++++++-----
 tests/unit/unit3213.c       |  38 ++---
 30 files changed, 645 insertions(+), 638 deletions(-)

diff --git a/docs/internals/UINT_SETS.md b/docs/internals/UINT_SETS.md
index de00b9b47a..85952c9803 100644
--- a/docs/internals/UINT_SETS.md
+++ b/docs/internals/UINT_SETS.md
@@ -4,23 +4,23 @@ Copyright (C) Daniel Stenberg, , et al.
 SPDX-License-Identifier: curl
 -->
 
-# Unsigned Int Sets
+# `uint32_t` Sets
 
-The multi handle tracks added easy handles via an unsigned int
-it calls an `mid`. There are four data structures for unsigned int
+The multi handle tracks added easy handles via an `uint32_t`
+it calls an `mid`. There are four data structures for `uint32_t`
 optimized for the multi use case.
 
-## `uint_tbl`
+## `uint32_tbl`
 
-`uint_table`, implemented in `uint-table.[ch]` manages an array
-of `void *`. The unsigned int are the index into this array. It is
+`uint32_table`, implemented in `uint-table.[ch]` manages an array
+of `void *`. The `uint32_t` is the index into this array. It is
 created with a *capacity* which can be *resized*. The table assigns
 the index when a `void *` is *added*. It keeps track of the last
 assigned index and uses the next available larger index for a
 subsequent add. Reaching *capacity* it wraps around.
 
 The table *can not* store `NULL` values. The largest possible index
-is `UINT_MAX - 1`.
+is `UINT32_MAX - 1`.
 
 The table is iterated over by asking for the *first* existing index,
 meaning the smallest number that has an entry, if the table is not
@@ -29,10 +29,10 @@ iteration step. It does not matter if the previous index is still
 in the table. Sample code for a table iteration would look like this:
 
 ```c
-unsigned int mid;
+uint32_t int mid;
 void *entry;
 
-if(Curl_uint_tbl_first(tbl, &mid, &entry)) {
+if(Curl_uint32_tbl_first(tbl, &mid, &entry)) {
   do {
      /* operate on entry with index mid */
   }
@@ -51,7 +51,7 @@ This iteration has the following properties:
 ### Memory
 
 For storing 1000 entries, the table would allocate one block of 8KB on a 64-bit system,
-plus the 2 pointers and 3 unsigned int in its base `struct uint_tbl`. A resize
+plus the 2 pointers and 3 `uint32_t` in its base `struct uint32_tbl`. A resize
 allocates a completely new pointer array, copy the existing entries and free the previous one.
 
 ### Performance
@@ -77,17 +77,17 @@ For these reasons, the simple implementation was preferred. Should this become
 a concern, there are options like "free index lists" or, alternatively, an internal
 bitset that scans better.
 
-## `uint_bset`
+## `uint32_bset`
 
-A bitset for unsigned integers, allowing fast add/remove operations. It is initialized
+A bitset for `uint32_t` values, allowing fast add/remove operations. It is initialized
 with a *capacity*, meaning it can store only the numbers in the range `[0, capacity-1]`.
-It can be *resized* and safely *iterated*. `uint_bset` is designed to operate in combination with `uint_tbl`.
+It can be *resized* and safely *iterated*. `uint32_bset` is designed to operate in combination with `uint_tbl`.
 
-The bitset keeps an array of `curl_uint64_t`. The first array entry keeps the numbers 0 to 63, the
+The bitset keeps an array of `uint64_t`. The first array entry keeps the numbers 0 to 63, the
 second 64 to 127 and so on. A bitset with capacity 1024 would therefore allocate an array
 of 16 64-bit values (128 bytes). Operations for an unsigned int divide it by 64 for the array index and then check/set/clear the bit of the remainder.
 
-Iterator works the same as with `uint_tbl`: ask the bitset for the *first* number present and
+Iterator works the same as with `uint32_tbl`: ask the bitset for the *first* number present and
 then use that to get the *next* higher number present. Like the table, this safe for
 adds/removes and growing the set while iterating.
 
@@ -102,14 +102,14 @@ Operations for add/remove/check are O(1). Iteration needs to scan for the next b
 number of scans is small (see memory footprint) and, for checking bits, many compilers
 offer primitives for special CPU instructions.
 
-## `uint_spbset`
+## `uint32_spbset`
 
-While the memory footprint of `uint_bset` is good, it still needs 5KB to store the single number 40000. This
+While the memory footprint of `uint32_bset` is good, it still needs 5KB to store the single number 40000. This
 is not optimal when many are needed. For example, in event based processing, each socket needs to
 keep track of the transfers involved. There are many sockets potentially, but each one mostly tracks
 a single transfer or few (on HTTP/2 connection borderline up to 100).
 
-For such uses cases, the `uint_spbset` is intended: track a small number of unsigned int, potentially
+For such uses cases, the `uint32_spbset` is intended: track a small number of unsigned int, potentially
 rather "close" together. It keeps "chunks" with an offset and has no capacity limit.
 
 Example: adding the number 40000 to an empty sparse bitset would have one chunk with offset 39936, keeping
@@ -121,8 +121,8 @@ would need to be allocated and linked, resulting in overall 4 KB of memory used.
 
 Iterating a sparse bitset works the same as for bitset and table.
 
-## `uint_hash`
+## `uint32_hash`
 
 At last, there are places in libcurl such as the HTTP/2 and HTTP/3 protocol implementations that need
-to store their own data related to a transfer. `uint_hash` allows then to associate an unsigned int,
+to store their own data related to a transfer. `uint32_hash` allows then to associate an unsigned int,
 e.g. the transfer's `mid`, to their own data.
diff --git a/lib/doh.c b/lib/doh.c
index 83a83f5346..0712981a97 100644
--- a/lib/doh.c
+++ b/lib/doh.c
@@ -286,7 +286,7 @@ static CURLcode doh_probe_run(struct Curl_easy *data,
                               DNStype dnstype,
                               const char *host,
                               const char *url, CURLM *multi,
-                              unsigned int *pmid)
+                              uint32_t *pmid)
 {
   struct Curl_easy *doh = NULL;
   CURLcode result = CURLE_OK;
@@ -294,7 +294,7 @@ static CURLcode doh_probe_run(struct Curl_easy *data,
   struct doh_request *doh_req;
   DOHcode d;
 
-  *pmid = UINT_MAX;
+  *pmid = UINT32_MAX;
 
   doh_req = calloc(1, sizeof(*doh_req));
   if(!doh_req)
@@ -472,7 +472,7 @@ CURLcode Curl_doh(struct Curl_easy *data, const char *hostname,
     return CURLE_OUT_OF_MEMORY;
 
   for(i = 0; i < DOH_SLOT_COUNT; ++i) {
-    dohp->probe_resp[i].probe_mid = UINT_MAX;
+    dohp->probe_resp[i].probe_mid = UINT32_MAX;
     curlx_dyn_init(&dohp->probe_resp[i].body, DYN_DOH_RESPONSE);
   }
 
@@ -1222,8 +1222,8 @@ CURLcode Curl_doh_is_resolved(struct Curl_easy *data,
   if(!dohp)
     return CURLE_OUT_OF_MEMORY;
 
-  if(dohp->probe_resp[DOH_SLOT_IPV4].probe_mid == UINT_MAX &&
-     dohp->probe_resp[DOH_SLOT_IPV6].probe_mid == UINT_MAX) {
+  if(dohp->probe_resp[DOH_SLOT_IPV4].probe_mid == UINT32_MAX &&
+     dohp->probe_resp[DOH_SLOT_IPV6].probe_mid == UINT32_MAX) {
     failf(data, "Could not DoH-resolve: %s", dohp->host);
     return CONN_IS_PROXIED(data->conn) ? CURLE_COULDNT_RESOLVE_PROXY :
       CURLE_COULDNT_RESOLVE_HOST;
@@ -1318,13 +1318,13 @@ void Curl_doh_close(struct Curl_easy *data)
   struct doh_probes *doh = data->state.async.doh;
   if(doh && data->multi) {
     struct Curl_easy *probe_data;
-    unsigned int mid;
+    uint32_t mid;
     size_t slot;
     for(slot = 0; slot < DOH_SLOT_COUNT; slot++) {
       mid = doh->probe_resp[slot].probe_mid;
-      if(mid == UINT_MAX)
+      if(mid == UINT32_MAX)
         continue;
-      doh->probe_resp[slot].probe_mid = UINT_MAX;
+      doh->probe_resp[slot].probe_mid = UINT32_MAX;
       /* should have been called before data is removed from multi handle */
       DEBUGASSERT(data->multi);
       probe_data = data->multi ? Curl_multi_get_easy(data->multi, mid) :
diff --git a/lib/doh.h b/lib/doh.h
index 726fb9f735..ffd0cb0879 100644
--- a/lib/doh.h
+++ b/lib/doh.h
@@ -96,7 +96,7 @@ struct doh_request {
 };
 
 struct doh_response {
-  unsigned int probe_mid;
+  uint32_t probe_mid;
   struct dynbuf body;
   DNStype dnstype;
   CURLcode result;
diff --git a/lib/easy.c b/lib/easy.c
index 8c7b9c23da..db6c419c57 100644
--- a/lib/easy.c
+++ b/lib/easy.c
@@ -988,8 +988,8 @@ CURL *curl_easy_duphandle(CURL *d)
   outcurl->state.lastconnect_id = -1;
   outcurl->state.recent_conn_id = -1;
   outcurl->id = -1;
-  outcurl->mid = UINT_MAX;
-  outcurl->master_mid = UINT_MAX;
+  outcurl->mid = UINT32_MAX;
+  outcurl->master_mid = UINT32_MAX;
 
 #ifndef CURL_DISABLE_HTTP
   Curl_llist_init(&outcurl->state.httphdrs, NULL);
@@ -1126,7 +1126,7 @@ void curl_easy_reset(CURL *d)
 #if !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_DIGEST_AUTH)
   Curl_http_auth_cleanup_digest(data);
 #endif
-  data->master_mid = UINT_MAX;
+  data->master_mid = UINT32_MAX;
 }
 
 /*
diff --git a/lib/http2.c b/lib/http2.c
index 5d1a502810..7b94930a21 100644
--- a/lib/http2.c
+++ b/lib/http2.c
@@ -140,7 +140,7 @@ static void cf_h2_ctx_init(struct cf_h2_ctx *ctx, bool via_h1_upgrade)
   Curl_bufq_initp(&ctx->inbufq, &ctx->stream_bufcp, H2_NW_RECV_CHUNKS, 0);
   Curl_bufq_initp(&ctx->outbufq, &ctx->stream_bufcp, H2_NW_SEND_CHUNKS, 0);
   curlx_dyn_init(&ctx->scratch, CURL_MAX_HTTP_HEADER);
-  Curl_uint_hash_init(&ctx->streams, 63, h2_stream_hash_free);
+  Curl_uint32_hash_init(&ctx->streams, 63, h2_stream_hash_free);
   ctx->remote_max_sid = 2147483647;
   ctx->via_h1_upgrade = via_h1_upgrade;
 #ifdef DEBUGBUILD
@@ -165,7 +165,7 @@ static void cf_h2_ctx_free(struct cf_h2_ctx *ctx)
     Curl_bufq_free(&ctx->outbufq);
     Curl_bufcp_free(&ctx->stream_bufcp);
     curlx_dyn_free(&ctx->scratch);
-    Curl_uint_hash_destroy(&ctx->streams);
+    Curl_uint32_hash_destroy(&ctx->streams);
     memset(ctx, 0, sizeof(*ctx));
   }
   free(ctx);
@@ -269,7 +269,7 @@ struct h2_stream_ctx {
 
 #define H2_STREAM_CTX(ctx,data)                                         \
   ((struct h2_stream_ctx *)(                                            \
-    data? Curl_uint_hash_get(&(ctx)->streams, (data)->mid) : NULL))
+    data? Curl_uint32_hash_get(&(ctx)->streams, (data)->mid) : NULL))
 
 static struct h2_stream_ctx *h2_stream_ctx_create(struct cf_h2_ctx *ctx)
 {
@@ -426,7 +426,7 @@ static CURLcode http2_data_setup(struct Curl_cfilter *cf,
   if(!stream)
     return CURLE_OUT_OF_MEMORY;
 
-  if(!Curl_uint_hash_set(&ctx->streams, data->mid, stream)) {
+  if(!Curl_uint32_hash_set(&ctx->streams, data->mid, stream)) {
     h2_stream_ctx_free(stream);
     return CURLE_OUT_OF_MEMORY;
   }
@@ -466,7 +466,7 @@ static void http2_data_done(struct Curl_cfilter *cf, struct Curl_easy *data)
     }
   }
 
-  Curl_uint_hash_remove(&ctx->streams, data->mid);
+  Curl_uint32_hash_remove(&ctx->streams, data->mid);
 }
 
 static int h2_client_new(struct Curl_cfilter *cf,
diff --git a/lib/multi.c b/lib/multi.c
index 5789861026..57c574a681 100644
--- a/lib/multi.c
+++ b/lib/multi.c
@@ -180,11 +180,11 @@ static void mstate(struct Curl_easy *data, CURLMstate state
     if(oldstate < MSTATE_DONE)
       CURLM_NTFY(data, CURLMNOTIFY_EASY_DONE);
     /* changing to COMPLETED means it is in process and needs to go */
-    DEBUGASSERT(Curl_uint_bset_contains(&data->multi->process, data->mid));
-    Curl_uint_bset_remove(&data->multi->process, data->mid);
-    Curl_uint_bset_remove(&data->multi->pending, data->mid); /* to be sure */
+    DEBUGASSERT(Curl_uint32_bset_contains(&data->multi->process, data->mid));
+    Curl_uint32_bset_remove(&data->multi->process, data->mid);
+    Curl_uint32_bset_remove(&data->multi->pending, data->mid); /* to be sure */
 
-    if(Curl_uint_bset_empty(&data->multi->process)) {
+    if(Curl_uint32_bset_empty(&data->multi->process)) {
       /* free the transfer buffer when we have no more active transfers */
       multi_xfer_bufs_free(data->multi);
     }
@@ -229,7 +229,7 @@ static void multi_addmsg(struct Curl_multi *multi, struct Curl_message *msg)
   Curl_llist_append(&multi->msglist, msg, &msg->list);
 }
 
-struct Curl_multi *Curl_multi_handle(unsigned int xfer_table_size,
+struct Curl_multi *Curl_multi_handle(uint32_t xfer_table_size,
                                      size_t ev_hashsize,  /* event hash */
                                      size_t chashsize, /* connection hash */
                                      size_t dnssize,   /* dns hash */
@@ -245,11 +245,11 @@ struct Curl_multi *Curl_multi_handle(unsigned int xfer_table_size,
   Curl_dnscache_init(&multi->dnscache, dnssize);
   Curl_mntfy_init(multi);
   Curl_multi_ev_init(multi, ev_hashsize);
-  Curl_uint_tbl_init(&multi->xfers, NULL);
-  Curl_uint_bset_init(&multi->process);
-  Curl_uint_bset_init(&multi->dirty);
-  Curl_uint_bset_init(&multi->pending);
-  Curl_uint_bset_init(&multi->msgsent);
+  Curl_uint32_tbl_init(&multi->xfers, NULL);
+  Curl_uint32_bset_init(&multi->process);
+  Curl_uint32_bset_init(&multi->dirty);
+  Curl_uint32_bset_init(&multi->pending);
+  Curl_uint32_bset_init(&multi->msgsent);
   Curl_hash_init(&multi->proto_hash, 23,
                  Curl_hash_str, curlx_str_key_compare, ph_freeentry);
   Curl_llist_init(&multi->msglist, NULL);
@@ -259,11 +259,11 @@ struct Curl_multi *Curl_multi_handle(unsigned int xfer_table_size,
   multi->last_timeout_ms = -1;
 
   if(Curl_mntfy_resize(multi) ||
-     Curl_uint_bset_resize(&multi->process, xfer_table_size) ||
-     Curl_uint_bset_resize(&multi->pending, xfer_table_size) ||
-     Curl_uint_bset_resize(&multi->dirty, xfer_table_size) ||
-     Curl_uint_bset_resize(&multi->msgsent, xfer_table_size) ||
-     Curl_uint_tbl_resize(&multi->xfers, xfer_table_size))
+     Curl_uint32_bset_resize(&multi->process, xfer_table_size) ||
+     Curl_uint32_bset_resize(&multi->pending, xfer_table_size) ||
+     Curl_uint32_bset_resize(&multi->dirty, xfer_table_size) ||
+     Curl_uint32_bset_resize(&multi->msgsent, xfer_table_size) ||
+     Curl_uint32_tbl_resize(&multi->xfers, xfer_table_size))
     goto error;
 
   multi->admin = curl_easy_init();
@@ -278,8 +278,8 @@ struct Curl_multi *Curl_multi_handle(unsigned int xfer_table_size,
   if(getenv("CURL_DEBUG"))
     multi->admin->set.verbose = TRUE;
 #endif
-  Curl_uint_tbl_add(&multi->xfers, multi->admin, &multi->admin->mid);
-  Curl_uint_bset_add(&multi->process, multi->admin->mid);
+  Curl_uint32_tbl_add(&multi->xfers, multi->admin, &multi->admin->mid);
+  Curl_uint32_bset_add(&multi->process, multi->admin->mid);
 
   if(Curl_cshutdn_init(&multi->cshutdn, multi))
     goto error;
@@ -322,11 +322,11 @@ error:
   }
   Curl_mntfy_cleanup(multi);
 
-  Curl_uint_bset_destroy(&multi->process);
-  Curl_uint_bset_destroy(&multi->dirty);
-  Curl_uint_bset_destroy(&multi->pending);
-  Curl_uint_bset_destroy(&multi->msgsent);
-  Curl_uint_tbl_destroy(&multi->xfers);
+  Curl_uint32_bset_destroy(&multi->process);
+  Curl_uint32_bset_destroy(&multi->dirty);
+  Curl_uint32_bset_destroy(&multi->pending);
+  Curl_uint32_bset_destroy(&multi->msgsent);
+  Curl_uint32_tbl_destroy(&multi->xfers);
 
   free(multi);
   return NULL;
@@ -359,12 +359,12 @@ static void multi_warn_debug(struct Curl_multi *multi, struct Curl_easy *data)
 static CURLMcode multi_xfers_add(struct Curl_multi *multi,
                                  struct Curl_easy *data)
 {
-  unsigned int capacity = Curl_uint_tbl_capacity(&multi->xfers);
-  unsigned int new_size = 0;
+  uint32_t capacity = Curl_uint32_tbl_capacity(&multi->xfers);
+  uint32_t new_size = 0;
   /* Prepare to make this into a CURLMOPT_MAX_TRANSFERS, because some
    * applications may want to prevent a run-away of their memory use. */
   /* UINT_MAX is our "invalid" id, do not let the table grow up to that. */
-  const unsigned int max_capacity = UINT_MAX - 1;
+  const uint32_t max_capacity = UINT_MAX - 1;
 
   if(capacity < max_capacity) {
     /* We want `multi->xfers` to have "sufficient" free rows, so that we do
@@ -372,9 +372,9 @@ static CURLMcode multi_xfers_add(struct Curl_multi *multi,
      * Since uint_tbl and uint_bset are quite memory efficient,
      * regard less than 25% free as insufficient.
      * (for low capacities, e.g. multi_easy, 4 or less). */
-    unsigned int used = Curl_uint_tbl_count(&multi->xfers);
-    unsigned int unused = capacity - used;
-    unsigned int min_unused = CURLMAX(capacity >> 2, 4);
+    uint32_t used = Curl_uint32_tbl_count(&multi->xfers);
+    uint32_t unused = capacity - used;
+    uint32_t min_unused = CURLMAX(capacity >> 2, 4);
     if(unused <= min_unused) {
       /* Make sure the uint arithmetic here works on the corner
        * cases where we are close to max_capacity or UINT_MAX */
@@ -397,19 +397,19 @@ static CURLMcode multi_xfers_add(struct Curl_multi *multi,
      * to work properly when larger than the table, but not
      * the other way around. */
     CURL_TRC_M(data, "increasing xfer table size to %u", new_size);
-    if(Curl_uint_bset_resize(&multi->process, new_size) ||
-       Curl_uint_bset_resize(&multi->dirty, new_size) ||
-       Curl_uint_bset_resize(&multi->pending, new_size) ||
-       Curl_uint_bset_resize(&multi->msgsent, new_size) ||
-       Curl_uint_tbl_resize(&multi->xfers, new_size))
+    if(Curl_uint32_bset_resize(&multi->process, new_size) ||
+       Curl_uint32_bset_resize(&multi->dirty, new_size) ||
+       Curl_uint32_bset_resize(&multi->pending, new_size) ||
+       Curl_uint32_bset_resize(&multi->msgsent, new_size) ||
+       Curl_uint32_tbl_resize(&multi->xfers, new_size))
       return CURLM_OUT_OF_MEMORY;
   }
 
   /* Insert the easy into the table now */
-  if(!Curl_uint_tbl_add(&multi->xfers, data, &data->mid)) {
+  if(!Curl_uint32_tbl_add(&multi->xfers, data, &data->mid)) {
     /* MUST only happen when table is full */
-    DEBUGASSERT(Curl_uint_tbl_capacity(&multi->xfers) <=
-                Curl_uint_tbl_count(&multi->xfers));
+    DEBUGASSERT(Curl_uint32_tbl_capacity(&multi->xfers) <=
+                Curl_uint32_tbl_count(&multi->xfers));
     return CURLM_OUT_OF_MEMORY;
   }
   return CURLM_OK;
@@ -441,14 +441,14 @@ CURLMcode curl_multi_add_handle(CURLM *m, CURL *d)
        handles are still alive - but if there are none alive anymore, it is
        fine to start over and unmark the "deadness" of this handle.
        This means only the admin handle MUST be present. */
-    if((Curl_uint_tbl_count(&multi->xfers) != 1) ||
-       !Curl_uint_tbl_contains(&multi->xfers, 0))
+    if((Curl_uint32_tbl_count(&multi->xfers) != 1) ||
+       !Curl_uint32_tbl_contains(&multi->xfers, 0))
       return CURLM_ABORTED_BY_CALLBACK;
     multi->dead = FALSE;
-    Curl_uint_bset_clear(&multi->process);
-    Curl_uint_bset_clear(&multi->dirty);
-    Curl_uint_bset_clear(&multi->pending);
-    Curl_uint_bset_clear(&multi->msgsent);
+    Curl_uint32_bset_clear(&multi->process);
+    Curl_uint32_bset_clear(&multi->dirty);
+    Curl_uint32_bset_clear(&multi->pending);
+    Curl_uint32_bset_clear(&multi->msgsent);
   }
 
   if(data->multi_easy) {
@@ -492,7 +492,7 @@ CURLMcode curl_multi_add_handle(CURLM *m, CURL *d)
 #endif
 
   /* add the easy handle to the process set */
-  Curl_uint_bset_add(&multi->process, data->mid);
+  Curl_uint32_bset_add(&multi->process, data->mid);
   ++multi->xfers_alive;
   ++multi->xfers_total_ever;
 
@@ -507,8 +507,8 @@ CURLMcode curl_multi_add_handle(CURLM *m, CURL *d)
   rc = Curl_update_timer(multi);
   if(rc) {
     data->multi = NULL; /* not anymore */
-    Curl_uint_tbl_remove(&multi->xfers, data->mid);
-    data->mid = UINT_MAX;
+    Curl_uint32_tbl_remove(&multi->xfers, data->mid);
+    data->mid = UINT32_MAX;
     return rc;
   }
 
@@ -523,7 +523,7 @@ CURLMcode curl_multi_add_handle(CURLM *m, CURL *d)
 
   CURL_TRC_M(data, "added to multi, mid=%u, running=%u, total=%u",
              data->mid, Curl_multi_xfers_running(multi),
-             Curl_uint_tbl_count(&multi->xfers));
+             Curl_uint32_tbl_count(&multi->xfers));
   return CURLM_OK;
 }
 
@@ -572,11 +572,11 @@ static void multi_done_locked(struct connectdata *conn,
   Curl_detach_connection(data);
 
   CURL_TRC_M(data, "multi_done_locked, in use=%u",
-             Curl_uint_spbset_count(&conn->xfers_attached));
+             Curl_uint32_spbset_count(&conn->xfers_attached));
   if(CONN_INUSE(conn)) {
     /* Stop if still used. */
     CURL_TRC_M(data, "Connection still in use %u, no more multi_done now!",
-               Curl_uint_spbset_count(&conn->xfers_attached));
+               Curl_uint32_spbset_count(&conn->xfers_attached));
     return;
   }
 
@@ -740,7 +740,7 @@ CURLMcode curl_multi_remove_handle(CURLM *m, CURL *d)
   struct Curl_llist_node *e;
   CURLMcode rc;
   bool removed_timer = FALSE;
-  unsigned int mid;
+  uint32_t mid;
 
   /* First, make some basic checks that the CURLM handle is a good handle */
   if(!GOOD_MULTI_HANDLE(multi))
@@ -758,11 +758,11 @@ CURLMcode curl_multi_remove_handle(CURLM *m, CURL *d)
   if(data->multi != multi)
     return CURLM_BAD_EASY_HANDLE;
 
-  if(data->mid == UINT_MAX) {
+  if(data->mid == UINT32_MAX) {
     DEBUGASSERT(0);
     return CURLM_INTERNAL_ERROR;
   }
-  if(Curl_uint_tbl_get(&multi->xfers, data->mid) != data) {
+  if(Curl_uint32_tbl_get(&multi->xfers, data->mid) != data) {
     DEBUGASSERT(0);
     return CURLM_INTERNAL_ERROR;
   }
@@ -797,7 +797,7 @@ CURLMcode curl_multi_remove_handle(CURLM *m, CURL *d)
   removed_timer = Curl_expire_clear(data);
 
   /* If in `msgsent`, it was deducted from `multi->xfers_alive` already. */
-  if(!Curl_uint_bset_contains(&multi->msgsent, data->mid))
+  if(!Curl_uint32_bset_contains(&multi->msgsent, data->mid))
     --multi->xfers_alive;
 
   Curl_wildcard_dtor(&data->wildcard);
@@ -853,15 +853,15 @@ CURLMcode curl_multi_remove_handle(CURLM *m, CURL *d)
 
   /* clear the association to this multi handle */
   mid = data->mid;
-  DEBUGASSERT(Curl_uint_tbl_contains(&multi->xfers, mid));
-  Curl_uint_tbl_remove(&multi->xfers, mid);
-  Curl_uint_bset_remove(&multi->process, mid);
-  Curl_uint_bset_remove(&multi->dirty, mid);
-  Curl_uint_bset_remove(&multi->pending, mid);
-  Curl_uint_bset_remove(&multi->msgsent, mid);
+  DEBUGASSERT(Curl_uint32_tbl_contains(&multi->xfers, mid));
+  Curl_uint32_tbl_remove(&multi->xfers, mid);
+  Curl_uint32_bset_remove(&multi->process, mid);
+  Curl_uint32_bset_remove(&multi->dirty, mid);
+  Curl_uint32_bset_remove(&multi->pending, mid);
+  Curl_uint32_bset_remove(&multi->msgsent, mid);
   data->multi = NULL;
-  data->mid = UINT_MAX;
-  data->master_mid = UINT_MAX;
+  data->mid = UINT32_MAX;
+  data->master_mid = UINT32_MAX;
 
   /* NOTE NOTE NOTE
      We do not touch the easy handle here! */
@@ -875,7 +875,7 @@ CURLMcode curl_multi_remove_handle(CURLM *m, CURL *d)
 
   CURL_TRC_M(data, "removed from multi, mid=%u, running=%u, total=%u",
              mid, Curl_multi_xfers_running(multi),
-             Curl_uint_tbl_count(&multi->xfers));
+             Curl_uint32_tbl_count(&multi->xfers));
   return CURLM_OK;
 }
 
@@ -895,8 +895,8 @@ void Curl_detach_connection(struct Curl_easy *data)
 {
   struct connectdata *conn = data->conn;
   if(conn) {
-    Curl_uint_spbset_remove(&conn->xfers_attached, data->mid);
-    if(Curl_uint_spbset_empty(&conn->xfers_attached))
+    Curl_uint32_spbset_remove(&conn->xfers_attached, data->mid);
+    if(Curl_uint32_spbset_empty(&conn->xfers_attached))
       conn->attached_multi = NULL;
   }
   data->conn = NULL;
@@ -914,7 +914,7 @@ void Curl_attach_connection(struct Curl_easy *data,
   DEBUGASSERT(!data->conn);
   DEBUGASSERT(conn);
   data->conn = conn;
-  Curl_uint_spbset_add(&conn->xfers_attached, data->mid);
+  Curl_uint32_spbset_add(&conn->xfers_attached, data->mid);
   /* all attached transfers must be from the same multi */
   if(!conn->attached_multi)
     conn->attached_multi = data->multi;
@@ -1219,7 +1219,7 @@ CURLMcode curl_multi_fdset(CURLM *m,
     return CURLM_RECURSIVE_API_CALL;
 
   Curl_pollset_init(&ps);
-  if(Curl_uint_bset_first(&multi->process, &mid)) {
+  if(Curl_uint32_bset_first(&multi->process, &mid)) {
     do {
       struct Curl_easy *data = Curl_multi_get_easy(multi, mid);
 
@@ -1248,7 +1248,7 @@ CURLMcode curl_multi_fdset(CURLM *m,
           this_max_fd = (int)ps.sockets[i];
       }
     }
-    while(Curl_uint_bset_next(&multi->process, mid, &mid));
+    while(Curl_uint32_bset_next(&multi->process, mid, &mid));
   }
 
   Curl_cshutdn_setfds(&multi->cshutdn, multi->admin,
@@ -1282,19 +1282,19 @@ CURLMcode curl_multi_waitfds(CURLM *m,
 
   Curl_pollset_init(&ps);
   Curl_waitfds_init(&cwfds, ufds, size);
-  if(Curl_uint_bset_first(&multi->process, &mid)) {
+  if(Curl_uint32_bset_first(&multi->process, &mid)) {
     do {
       struct Curl_easy *data = Curl_multi_get_easy(multi, mid);
       if(!data) {
         DEBUGASSERT(0);
-        Curl_uint_bset_remove(&multi->process, mid);
-        Curl_uint_bset_remove(&multi->dirty, mid);
+        Curl_uint32_bset_remove(&multi->process, mid);
+        Curl_uint32_bset_remove(&multi->dirty, mid);
         continue;
       }
       Curl_multi_pollset(data, &ps);
       need += Curl_waitfds_add_ps(&cwfds, &ps);
     }
-    while(Curl_uint_bset_next(&multi->process, mid, &mid));
+    while(Curl_uint32_bset_next(&multi->process, mid, &mid));
   }
 
   need += Curl_cshutdn_add_waitfds(&multi->cshutdn, multi->admin, &cwfds);
@@ -1345,7 +1345,7 @@ static CURLMcode multi_wait(struct Curl_multi *multi,
   unsigned int curl_nfds = 0; /* how many pfds are for curl transfers */
   struct Curl_easy *data = NULL;
   CURLMcode result = CURLM_OK;
-  unsigned int mid;
+  uint32_t mid;
 
 #ifdef USE_WINSOCK
   WSANETWORKEVENTS wsa_events;
@@ -1368,13 +1368,13 @@ static CURLMcode multi_wait(struct Curl_multi *multi,
   Curl_pollfds_init(&cpfds, a_few_on_stack, NUM_POLLS_ON_STACK);
 
   /* Add the curl handles to our pollfds first */
-  if(Curl_uint_bset_first(&multi->process, &mid)) {
+  if(Curl_uint32_bset_first(&multi->process, &mid)) {
     do {
       data = Curl_multi_get_easy(multi, mid);
       if(!data) {
         DEBUGASSERT(0);
-        Curl_uint_bset_remove(&multi->process, mid);
-        Curl_uint_bset_remove(&multi->dirty, mid);
+        Curl_uint32_bset_remove(&multi->process, mid);
+        Curl_uint32_bset_remove(&multi->dirty, mid);
         continue;
       }
       Curl_multi_pollset(data, &ps);
@@ -1383,7 +1383,7 @@ static CURLMcode multi_wait(struct Curl_multi *multi,
         goto out;
       }
     }
-    while(Curl_uint_bset_next(&multi->process, mid, &mid));
+    while(Curl_uint32_bset_next(&multi->process, mid, &mid));
   }
 
   if(Curl_cshutdn_add_pollfds(&multi->cshutdn, multi->admin, &cpfds)) {
@@ -2330,9 +2330,9 @@ static CURLMcode state_connect(struct Curl_multi *multi,
        wait for an available connection. */
     multistate(data, MSTATE_PENDING);
     /* move from process to pending set */
-    Curl_uint_bset_remove(&multi->process, data->mid);
-    Curl_uint_bset_remove(&multi->dirty, data->mid);
-    Curl_uint_bset_add(&multi->pending, data->mid);
+    Curl_uint32_bset_remove(&multi->process, data->mid);
+    Curl_uint32_bset_remove(&multi->dirty, data->mid);
+    Curl_uint32_bset_add(&multi->pending, data->mid);
     *resultp = CURLE_OK;
     return rc;
   }
@@ -2395,7 +2395,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi,
 
   /* transfer runs now, clear the dirty bit. This may be set
    * again during processing, triggering a re-run later. */
-  Curl_uint_bset_remove(&multi->dirty, data->mid);
+  Curl_uint32_bset_remove(&multi->dirty, data->mid);
 
   if(data == multi->admin) {
     Curl_cshutdn_perform(&multi->cshutdn, multi->admin, CURL_SOCKET_TIMEOUT);
@@ -2742,7 +2742,7 @@ statemachine_end:
     }
 
     if(MSTATE_COMPLETED == data->mstate) {
-      if(data->master_mid != UINT_MAX) {
+      if(data->master_mid != UINT32_MAX) {
         /* A sub transfer, not for msgsent to application */
         struct Curl_easy *mdata;
 
@@ -2773,10 +2773,10 @@ statemachine_end:
       multistate(data, MSTATE_MSGSENT);
 
       /* remove from the other sets, add to msgsent */
-      Curl_uint_bset_remove(&multi->process, data->mid);
-      Curl_uint_bset_remove(&multi->dirty, data->mid);
-      Curl_uint_bset_remove(&multi->pending, data->mid);
-      Curl_uint_bset_add(&multi->msgsent, data->mid);
+      Curl_uint32_bset_remove(&multi->process, data->mid);
+      Curl_uint32_bset_remove(&multi->dirty, data->mid);
+      Curl_uint32_bset_remove(&multi->pending, data->mid);
+      Curl_uint32_bset_add(&multi->msgsent, data->mid);
       --multi->xfers_alive;
       return CURLM_OK;
     }
@@ -2793,7 +2793,7 @@ CURLMcode curl_multi_perform(CURLM *m, int *running_handles)
   struct Curl_tree *t = NULL;
   struct curltime now = curlx_now();
   struct Curl_multi *multi = m;
-  unsigned int mid;
+  uint32_t mid;
   SIGPIPE_VARIABLE(pipe_st);
 
   if(!GOOD_MULTI_HANDLE(multi))
@@ -2806,7 +2806,7 @@ CURLMcode curl_multi_perform(CURLM *m, int *running_handles)
     return CURLM_RECURSIVE_API_CALL;
 
   sigpipe_init(&pipe_st);
-  if(Curl_uint_bset_first(&multi->process, &mid)) {
+  if(Curl_uint32_bset_first(&multi->process, &mid)) {
     CURL_TRC_M(multi->admin, "multi_perform(running=%u)",
                Curl_multi_xfers_running(multi));
     do {
@@ -2814,8 +2814,8 @@ CURLMcode curl_multi_perform(CURLM *m, int *running_handles)
       CURLMcode result;
       if(!data) {
         DEBUGASSERT(0);
-        Curl_uint_bset_remove(&multi->process, mid);
-        Curl_uint_bset_remove(&multi->dirty, mid);
+        Curl_uint32_bset_remove(&multi->process, mid);
+        Curl_uint32_bset_remove(&multi->dirty, mid);
         continue;
       }
       sigpipe_apply(data, &pipe_st);
@@ -2823,7 +2823,7 @@ CURLMcode curl_multi_perform(CURLM *m, int *running_handles)
       if(result)
         returncode = result;
     }
-    while(Curl_uint_bset_next(&multi->process, mid, &mid));
+    while(Curl_uint32_bset_next(&multi->process, mid, &mid));
   }
   sigpipe_restore(&pipe_st);
 
@@ -2876,7 +2876,7 @@ CURLMcode curl_multi_cleanup(CURLM *m)
   struct Curl_multi *multi = m;
   if(GOOD_MULTI_HANDLE(multi)) {
     void *entry;
-    unsigned int mid;
+    uint32_t mid;
     if(multi->in_callback)
       return CURLM_RECURSIVE_API_CALL;
     if(multi->in_ntfy_callback)
@@ -2884,7 +2884,7 @@ CURLMcode curl_multi_cleanup(CURLM *m)
 
     /* First remove all remaining easy handles,
      * close internal ones. admin handle is special */
-    if(Curl_uint_tbl_first(&multi->xfers, &mid, &entry)) {
+    if(Curl_uint32_tbl_first(&multi->xfers, &mid, &entry)) {
       do {
         struct Curl_easy *data = entry;
         if(!GOOD_EASY_HANDLE(data))
@@ -2906,8 +2906,8 @@ CURLMcode curl_multi_cleanup(CURLM *m)
           (void)multi_done(data, CURLE_OK, TRUE);
 
         data->multi = NULL; /* clear the association */
-        Curl_uint_tbl_remove(&multi->xfers, mid);
-        data->mid = UINT_MAX;
+        Curl_uint32_tbl_remove(&multi->xfers, mid);
+        data->mid = UINT32_MAX;
 
 #ifdef USE_LIBPSL
         if(data->psl == &multi->psl)
@@ -2916,7 +2916,7 @@ CURLMcode curl_multi_cleanup(CURLM *m)
         if(data->state.internal)
           Curl_close(&data);
       }
-      while(Curl_uint_tbl_next(&multi->xfers, mid, &mid, &entry));
+      while(Curl_uint32_tbl_next(&multi->xfers, mid, &mid, &entry));
     }
 
     Curl_cpool_destroy(&multi->cpool);
@@ -2924,7 +2924,7 @@ CURLMcode curl_multi_cleanup(CURLM *m)
     if(multi->admin) {
       CURL_TRC_M(multi->admin, "multi_cleanup, closing admin handle, done");
       multi->admin->multi = NULL;
-      Curl_uint_tbl_remove(&multi->xfers, multi->admin->mid);
+      Curl_uint32_tbl_remove(&multi->xfers, multi->admin->mid);
       Curl_close(&multi->admin);
     }
 
@@ -2952,16 +2952,16 @@ CURLMcode curl_multi_cleanup(CURLM *m)
     multi_xfer_bufs_free(multi);
     Curl_mntfy_cleanup(multi);
 #ifdef DEBUGBUILD
-    if(Curl_uint_tbl_count(&multi->xfers)) {
+    if(Curl_uint32_tbl_count(&multi->xfers)) {
       multi_xfer_tbl_dump(multi);
       DEBUGASSERT(0);
     }
 #endif
-    Curl_uint_bset_destroy(&multi->process);
-    Curl_uint_bset_destroy(&multi->dirty);
-    Curl_uint_bset_destroy(&multi->pending);
-    Curl_uint_bset_destroy(&multi->msgsent);
-    Curl_uint_tbl_destroy(&multi->xfers);
+    Curl_uint32_bset_destroy(&multi->process);
+    Curl_uint32_bset_destroy(&multi->dirty);
+    Curl_uint32_bset_destroy(&multi->pending);
+    Curl_uint32_bset_destroy(&multi->msgsent);
+    Curl_uint32_tbl_destroy(&multi->xfers);
     free(multi);
 
     return CURLM_OK;
@@ -3120,17 +3120,17 @@ static CURLMcode multi_run_dirty(struct multi_run_ctx *mrc)
 {
   struct Curl_multi *multi = mrc->multi;
   CURLMcode result = CURLM_OK;
-  unsigned int mid;
+  uint32_t mid;
 
-  if(Curl_uint_bset_first(&multi->dirty, &mid)) {
+  if(Curl_uint32_bset_first(&multi->dirty, &mid)) {
     do {
       struct Curl_easy *data = Curl_multi_get_easy(multi, mid);
       if(data) {
         CURL_TRC_M(data, "multi_run_dirty");
 
-        if(!Curl_uint_bset_contains(&multi->process, mid)) {
+        if(!Curl_uint32_bset_contains(&multi->process, mid)) {
           /* We are no longer processing this transfer */
-          Curl_uint_bset_remove(&multi->dirty, mid);
+          Curl_uint32_bset_remove(&multi->dirty, mid);
           continue;
         }
 
@@ -3148,10 +3148,10 @@ static CURLMcode multi_run_dirty(struct multi_run_ctx *mrc)
       }
       else {
         CURL_TRC_M(multi->admin, "multi_run_dirty, %u no longer found", mid);
-        Curl_uint_bset_remove(&multi->dirty, mid);
+        Curl_uint32_bset_remove(&multi->dirty, mid);
       }
     }
-    while(Curl_uint_bset_next(&multi->dirty, mid, &mid));
+    while(Curl_uint32_bset_next(&multi->dirty, mid, &mid));
   }
 
 out:
@@ -3364,22 +3364,22 @@ CURLMcode curl_multi_socket_all(CURLM *m, int *running_handles)
 
 static bool multi_has_dirties(struct Curl_multi *multi)
 {
-  unsigned int mid;
-  if(Curl_uint_bset_first(&multi->dirty, &mid)) {
+  uint32_t mid;
+  if(Curl_uint32_bset_first(&multi->dirty, &mid)) {
     do {
       struct Curl_easy *data = Curl_multi_get_easy(multi, mid);
       if(data) {
-        if(Curl_uint_bset_contains(&multi->process, mid))
+        if(Curl_uint32_bset_contains(&multi->process, mid))
           return TRUE;
         /* We are no longer processing this transfer */
-        Curl_uint_bset_remove(&multi->dirty, mid);
+        Curl_uint32_bset_remove(&multi->dirty, mid);
       }
       else {
         CURL_TRC_M(multi->admin, "dirty transfer %u no longer found", mid);
-        Curl_uint_bset_remove(&multi->dirty, mid);
+        Curl_uint32_bset_remove(&multi->dirty, mid);
       }
     }
-    while(Curl_uint_bset_next(&multi->dirty, mid, &mid));
+    while(Curl_uint32_bset_next(&multi->dirty, mid, &mid));
   }
   return FALSE;
 }
@@ -3739,8 +3739,8 @@ static void move_pending_to_connect(struct Curl_multi *multi,
   DEBUGASSERT(data->mstate == MSTATE_PENDING);
 
   /* Remove this node from the pending set, add into process set */
-  Curl_uint_bset_remove(&multi->pending, data->mid);
-  Curl_uint_bset_add(&multi->process, data->mid);
+  Curl_uint32_bset_remove(&multi->pending, data->mid);
+  Curl_uint32_bset_add(&multi->process, data->mid);
 
   multistate(data, MSTATE_CONNECT);
   Curl_multi_mark_dirty(data); /* make it run */
@@ -3762,8 +3762,8 @@ static void move_pending_to_connect(struct Curl_multi *multi,
 */
 static void process_pending_handles(struct Curl_multi *multi)
 {
-  unsigned int mid;
-  if(Curl_uint_bset_first(&multi->pending, &mid)) {
+  uint32_t mid;
+  if(Curl_uint32_bset_first(&multi->pending, &mid)) {
     do {
       struct Curl_easy *data = Curl_multi_get_easy(multi, mid);
       if(data) {
@@ -3771,10 +3771,10 @@ static void process_pending_handles(struct Curl_multi *multi)
         break;
       }
       /* transfer no longer known, should not happen */
-      Curl_uint_bset_remove(&multi->pending, mid);
+      Curl_uint32_bset_remove(&multi->pending, mid);
       DEBUGASSERT(0);
     }
-    while(Curl_uint_bset_next(&multi->pending, mid, &mid));
+    while(Curl_uint32_bset_next(&multi->pending, mid, &mid));
   }
 }
 
@@ -3799,19 +3799,19 @@ CURL **curl_multi_get_handles(CURLM *m)
 {
   struct Curl_multi *multi = m;
   void *entry;
-  unsigned int count = Curl_uint_tbl_count(&multi->xfers);
+  unsigned int count = Curl_uint32_tbl_count(&multi->xfers);
   CURL **a = malloc(sizeof(struct Curl_easy *) * (count + 1));
   if(a) {
     unsigned int i = 0, mid;
 
-    if(Curl_uint_tbl_first(&multi->xfers, &mid, &entry)) {
+    if(Curl_uint32_tbl_first(&multi->xfers, &mid, &entry)) {
       do {
         struct Curl_easy *data = entry;
         DEBUGASSERT(i < count);
         if(!data->state.internal)
           a[i++] = data;
       }
-      while(Curl_uint_tbl_next(&multi->xfers, mid, &mid, &entry));
+      while(Curl_uint32_tbl_next(&multi->xfers, mid, &mid, &entry));
     }
     a[i] = NULL; /* last entry is a NULL */
   }
@@ -3823,7 +3823,7 @@ CURLMcode curl_multi_get_offt(CURLM *m,
                               curl_off_t *pvalue)
 {
   struct Curl_multi *multi = m;
-  unsigned int n;
+  uint32_t n;
 
   if(!GOOD_MULTI_HANDLE(multi))
     return CURLM_BAD_HANDLE;
@@ -3832,22 +3832,22 @@ CURLMcode curl_multi_get_offt(CURLM *m,
 
   switch(info) {
   case CURLMINFO_XFERS_CURRENT:
-    n = Curl_uint_tbl_count(&multi->xfers);
+    n = Curl_uint32_tbl_count(&multi->xfers);
     if(n && multi->admin)
       --n;
     *pvalue = (curl_off_t)n;
     return CURLM_OK;
   case CURLMINFO_XFERS_RUNNING:
-    n = Curl_uint_bset_count(&multi->process);
-    if(n && Curl_uint_bset_contains(&multi->process, multi->admin->mid))
+    n = Curl_uint32_bset_count(&multi->process);
+    if(n && Curl_uint32_bset_contains(&multi->process, multi->admin->mid))
       --n;
     *pvalue = (curl_off_t)n;
     return CURLM_OK;
   case CURLMINFO_XFERS_PENDING:
-    *pvalue = (curl_off_t)Curl_uint_bset_count(&multi->pending);
+    *pvalue = (curl_off_t)Curl_uint32_bset_count(&multi->pending);
     return CURLM_OK;
   case CURLMINFO_XFERS_DONE:
-    *pvalue = (curl_off_t)Curl_uint_bset_count(&multi->msgsent);
+    *pvalue = (curl_off_t)Curl_uint32_bset_count(&multi->msgsent);
     return CURLM_OK;
   case CURLMINFO_XFERS_ADDED:
     *pvalue = multi->xfers_total_ever;
@@ -4025,14 +4025,14 @@ static void multi_xfer_bufs_free(struct Curl_multi *multi)
 }
 
 struct Curl_easy *Curl_multi_get_easy(struct Curl_multi *multi,
-                                      unsigned int mid)
+                                      uint32_t mid)
 {
-  struct Curl_easy *data = Curl_uint_tbl_get(&multi->xfers, mid);
+  struct Curl_easy *data = Curl_uint32_tbl_get(&multi->xfers, mid);
   if(data && GOOD_EASY_HANDLE(data))
     return data;
   CURL_TRC_M(multi->admin, "invalid easy handle in xfer table for mid=%u",
              mid);
-  Curl_uint_tbl_remove(&multi->xfers, mid);
+  Curl_uint32_tbl_remove(&multi->xfers, mid);
   return NULL;
 }
 
@@ -4043,14 +4043,14 @@ unsigned int Curl_multi_xfers_running(struct Curl_multi *multi)
 
 void Curl_multi_mark_dirty(struct Curl_easy *data)
 {
-  if(data->multi && data->mid != UINT_MAX)
-    Curl_uint_bset_add(&data->multi->dirty, data->mid);
+  if(data->multi && data->mid != UINT32_MAX)
+    Curl_uint32_bset_add(&data->multi->dirty, data->mid);
 }
 
 void Curl_multi_clear_dirty(struct Curl_easy *data)
 {
-  if(data->multi && data->mid != UINT_MAX)
-    Curl_uint_bset_remove(&data->multi->dirty, data->mid);
+  if(data->multi && data->mid != UINT32_MAX)
+    Curl_uint32_bset_remove(&data->multi->dirty, data->mid);
 }
 
 CURLMcode curl_multi_notify_enable(CURLM *m, unsigned int notification)
@@ -4072,7 +4072,7 @@ CURLMcode curl_multi_notify_disable(CURLM *m, unsigned int notification)
 }
 
 #ifdef DEBUGBUILD
-static void multi_xfer_dump(struct Curl_multi *multi, unsigned int mid,
+static void multi_xfer_dump(struct Curl_multi *multi, uint32_t mid,
                             void *entry)
 {
   struct Curl_easy *data = entry;
@@ -4092,14 +4092,14 @@ static void multi_xfer_dump(struct Curl_multi *multi, unsigned int mid,
 
 static void multi_xfer_tbl_dump(struct Curl_multi *multi)
 {
-  unsigned int mid;
+  uint32_t mid;
   void *entry;
   curl_mfprintf(stderr, "=== multi xfer table (count=%u, capacity=%u\n",
-                Curl_uint_tbl_count(&multi->xfers),
-                Curl_uint_tbl_capacity(&multi->xfers));
-  if(Curl_uint_tbl_first(&multi->xfers, &mid, &entry)) {
+                Curl_uint32_tbl_count(&multi->xfers),
+                Curl_uint32_tbl_capacity(&multi->xfers));
+  if(Curl_uint32_tbl_first(&multi->xfers, &mid, &entry)) {
     multi_xfer_dump(multi, mid, entry);
-    while(Curl_uint_tbl_next(&multi->xfers, mid, &mid, &entry))
+    while(Curl_uint32_tbl_next(&multi->xfers, mid, &mid, &entry))
       multi_xfer_dump(multi, mid, entry);
   }
   curl_mfprintf(stderr, "===\n");
diff --git a/lib/multi_ev.c b/lib/multi_ev.c
index 086b037527..d5db331cf1 100644
--- a/lib/multi_ev.c
+++ b/lib/multi_ev.c
@@ -55,7 +55,7 @@ static void mev_in_callback(struct Curl_multi *multi, bool value)
  * what to supervise (CURL_POLL_IN/CURL_POLL_OUT/CURL_POLL_REMOVE)
  */
 struct mev_sh_entry {
-  struct uint_spbset xfers; /* bitset of transfers `mid`s on this socket */
+  struct uint32_spbset xfers; /* bitset of transfers `mid`s on this socket */
   struct connectdata *conn; /* connection using this socket or NULL */
   void *user_data;      /* libcurl app data via curl_multi_assign() */
   unsigned int action;  /* CURL_POLL_IN/CURL_POLL_OUT we last told the
@@ -84,7 +84,7 @@ static size_t mev_sh_entry_compare(void *k1, size_t k1_len,
 static void mev_sh_entry_dtor(void *freethis)
 {
   struct mev_sh_entry *entry = (struct mev_sh_entry *)freethis;
-  Curl_uint_spbset_destroy(&entry->xfers);
+  Curl_uint32_spbset_destroy(&entry->xfers);
   free(entry);
 }
 
@@ -116,7 +116,7 @@ mev_sh_entry_add(struct Curl_hash *sh, curl_socket_t s)
   if(!check)
     return NULL; /* major failure */
 
-  Curl_uint_spbset_init(&check->xfers);
+  Curl_uint32_spbset_init(&check->xfers);
 
   /* make/add new hash entry */
   if(!Curl_hash_add(sh, (char *)&s, sizeof(curl_socket_t), check)) {
@@ -135,13 +135,13 @@ static void mev_sh_entry_kill(struct Curl_multi *multi, curl_socket_t s)
 
 static size_t mev_sh_entry_user_count(struct mev_sh_entry *e)
 {
-  return Curl_uint_spbset_count(&e->xfers) + (e->conn ? 1 : 0);
+  return Curl_uint32_spbset_count(&e->xfers) + (e->conn ? 1 : 0);
 }
 
 static bool mev_sh_entry_xfer_known(struct mev_sh_entry *e,
                                     struct Curl_easy *data)
 {
-  return Curl_uint_spbset_contains(&e->xfers, data->mid);
+  return Curl_uint32_spbset_contains(&e->xfers, data->mid);
 }
 
 static bool mev_sh_entry_conn_known(struct mev_sh_entry *e,
@@ -155,7 +155,7 @@ static bool mev_sh_entry_xfer_add(struct mev_sh_entry *e,
 {
    /* detect weird values */
   DEBUGASSERT(mev_sh_entry_user_count(e) < 100000);
-  return Curl_uint_spbset_add(&e->xfers, data->mid);
+  return Curl_uint32_spbset_add(&e->xfers, data->mid);
 }
 
 static bool mev_sh_entry_conn_add(struct mev_sh_entry *e,
@@ -174,9 +174,9 @@ static bool mev_sh_entry_conn_add(struct mev_sh_entry *e,
 static bool mev_sh_entry_xfer_remove(struct mev_sh_entry *e,
                                      struct Curl_easy *data)
 {
-  bool present = Curl_uint_spbset_contains(&e->xfers, data->mid);
+  bool present = Curl_uint32_spbset_contains(&e->xfers, data->mid);
   if(present)
-    Curl_uint_spbset_remove(&e->xfers, data->mid);
+    Curl_uint32_spbset_remove(&e->xfers, data->mid);
   return present;
 }
 
@@ -356,7 +356,7 @@ static CURLMcode mev_pollset_diff(struct Curl_multi *multi,
                  ", total=%u/%d (xfer/conn)", s,
                  conn ? "connection" : "transfer",
                  conn ? conn->connection_id : data->mid,
-                 Curl_uint_spbset_count(&entry->xfers),
+                 Curl_uint32_spbset_count(&entry->xfers),
                  entry->conn ? 1 : 0);
     }
     else {
@@ -424,7 +424,7 @@ static CURLMcode mev_pollset_diff(struct Curl_multi *multi,
         return mresult;
       CURL_TRC_M(data, "ev entry fd=%" FMT_SOCKET_T ", removed transfer, "
                  "total=%u/%d (xfer/conn)", s,
-                 Curl_uint_spbset_count(&entry->xfers),
+                 Curl_uint32_spbset_count(&entry->xfers),
                  entry->conn ? 1 : 0);
     }
     else {
@@ -545,18 +545,18 @@ CURLMcode Curl_multi_ev_assess_conn(struct Curl_multi *multi,
 }
 
 CURLMcode Curl_multi_ev_assess_xfer_bset(struct Curl_multi *multi,
-                                         struct uint_bset *set)
+                                         struct uint32_bset *set)
 {
-  unsigned int mid;
+  uint32_t mid;
   CURLMcode result = CURLM_OK;
 
-  if(multi && multi->socket_cb && Curl_uint_bset_first(set, &mid)) {
+  if(multi && multi->socket_cb && Curl_uint32_bset_first(set, &mid)) {
     do {
       struct Curl_easy *data = Curl_multi_get_easy(multi, mid);
       if(data)
         result = Curl_multi_ev_assess_xfer(multi, data);
     }
-    while(!result && Curl_uint_bset_next(set, mid, &mid));
+    while(!result && Curl_uint32_bset_next(set, mid, &mid));
   }
   return result;
 }
@@ -588,9 +588,9 @@ void Curl_multi_ev_dirty_xfers(struct Curl_multi *multi,
      and just move on. */
   if(entry) {
     struct Curl_easy *data;
-    unsigned int mid;
+    uint32_t mid;
 
-    if(Curl_uint_spbset_first(&entry->xfers, &mid)) {
+    if(Curl_uint32_spbset_first(&entry->xfers, &mid)) {
       do {
         data = Curl_multi_get_easy(multi, mid);
         if(data) {
@@ -598,10 +598,10 @@ void Curl_multi_ev_dirty_xfers(struct Curl_multi *multi,
         }
         else {
           CURL_TRC_M(multi->admin, "socket transfer %u no longer found", mid);
-          Curl_uint_spbset_remove(&entry->xfers, mid);
+          Curl_uint32_spbset_remove(&entry->xfers, mid);
         }
       }
-      while(Curl_uint_spbset_next(&entry->xfers, mid, &mid));
+      while(Curl_uint32_spbset_next(&entry->xfers, mid, &mid));
     }
 
     if(entry->conn)
diff --git a/lib/multi_ev.h b/lib/multi_ev.h
index 34548c3232..4e5b2a454d 100644
--- a/lib/multi_ev.h
+++ b/lib/multi_ev.h
@@ -29,7 +29,7 @@
 struct Curl_easy;
 struct Curl_multi;
 struct easy_pollset;
-struct uint_bset;
+struct uint32_bset;
 
 /* meta key for event pollset at easy handle or connection */
 #define CURL_META_MEV_POLLSET   "meta:mev:ps"
@@ -55,7 +55,7 @@ CURLMcode Curl_multi_ev_assess_xfer(struct Curl_multi *multi,
                                     struct Curl_easy *data);
 /* Assess all easy handles on the list */
 CURLMcode Curl_multi_ev_assess_xfer_bset(struct Curl_multi *multi,
-                                         struct uint_bset *set);
+                                         struct uint32_bset *set);
 /* Assess the connection by getting its current pollset */
 CURLMcode Curl_multi_ev_assess_conn(struct Curl_multi *multi,
                                     struct Curl_easy *data,
diff --git a/lib/multi_ntfy.c b/lib/multi_ntfy.c
index fe7cc0503a..d7913bbbfc 100644
--- a/lib/multi_ntfy.c
+++ b/lib/multi_ntfy.c
@@ -39,8 +39,8 @@
 
 
 struct mntfy_entry {
-  unsigned int mid;
-  unsigned int type;
+  uint32_t mid;
+  uint32_t type;
 };
 
 #define CURL_MNTFY_CHUNK_SIZE   128
@@ -69,7 +69,7 @@ static void mnfty_chunk_reset(struct mntfy_chunk *chunk)
 
 static bool mntfy_chunk_append(struct mntfy_chunk *chunk,
                                struct Curl_easy *data,
-                               unsigned int type)
+                               uint32_t type)
 {
   struct mntfy_entry *e;
 
@@ -116,7 +116,7 @@ static void mntfy_chunk_dispatch_all(struct Curl_multi *multi,
       e = &chunk->entries[chunk->r_offset];
       data = e->mid ? Curl_multi_get_easy(multi, e->mid) : multi->admin;
       /* only when notification has not been disabled in the meantime */
-      if(data && Curl_uint_bset_contains(&multi->ntfy.enabled, e->type)) {
+      if(data && Curl_uint32_bset_contains(&multi->ntfy.enabled, e->type)) {
         /* this may cause new notifications to be added! */
         CURL_TRC_M(multi->admin, "[NTFY] dispatch %d to xfer %u",
                    e->type, e->mid);
@@ -132,12 +132,12 @@ static void mntfy_chunk_dispatch_all(struct Curl_multi *multi,
 void Curl_mntfy_init(struct Curl_multi *multi)
 {
   memset(&multi->ntfy, 0, sizeof(multi->ntfy));
-  Curl_uint_bset_init(&multi->ntfy.enabled);
+  Curl_uint32_bset_init(&multi->ntfy.enabled);
 }
 
 CURLMcode Curl_mntfy_resize(struct Curl_multi *multi)
 {
-  if(Curl_uint_bset_resize(&multi->ntfy.enabled, CURLMNOTIFY_EASY_DONE + 1))
+  if(Curl_uint32_bset_resize(&multi->ntfy.enabled, CURLMNOTIFY_EASY_DONE + 1))
     return CURLM_OUT_OF_MEMORY;
   return CURLM_OK;
 }
@@ -150,14 +150,14 @@ void Curl_mntfy_cleanup(struct Curl_multi *multi)
     mnfty_chunk_destroy(chunk);
   }
   multi->ntfy.tail = NULL;
-  Curl_uint_bset_destroy(&multi->ntfy.enabled);
+  Curl_uint32_bset_destroy(&multi->ntfy.enabled);
 }
 
 CURLMcode Curl_mntfy_enable(struct Curl_multi *multi, unsigned int type)
 {
   if(type > CURLMNOTIFY_EASY_DONE)
     return CURLM_UNKNOWN_OPTION;
-  Curl_uint_bset_add(&multi->ntfy.enabled, type);
+  Curl_uint32_bset_add(&multi->ntfy.enabled, type);
   return CURLM_OK;
 }
 
@@ -165,7 +165,7 @@ CURLMcode Curl_mntfy_disable(struct Curl_multi *multi, unsigned int type)
 {
   if(type > CURLMNOTIFY_EASY_DONE)
     return CURLM_UNKNOWN_OPTION;
-  Curl_uint_bset_remove(&multi->ntfy.enabled, type);
+  Curl_uint32_bset_remove(&multi->ntfy.enabled, (uint32_t)type);
   return CURLM_OK;
 }
 
@@ -173,12 +173,12 @@ void Curl_mntfy_add(struct Curl_easy *data, unsigned int type)
 {
   struct Curl_multi *multi = data ? data->multi : NULL;
   if(multi && multi->ntfy.ntfy_cb && !multi->ntfy.failure &&
-     Curl_uint_bset_contains(&multi->ntfy.enabled, type)) {
+     Curl_uint32_bset_contains(&multi->ntfy.enabled, (uint32_t)type)) {
     /* append to list of outstanding notifications */
     struct mntfy_chunk *tail = mntfy_non_full_tail(&multi->ntfy);
   CURL_TRC_M(data, "[NTFY] add %d for xfer %u", type, data->mid);
     if(tail)
-      mntfy_chunk_append(tail, data, type);
+      mntfy_chunk_append(tail, data, (uint32_t)type);
     else
       multi->ntfy.failure = CURLM_OUT_OF_MEMORY;
   }
diff --git a/lib/multi_ntfy.h b/lib/multi_ntfy.h
index d920b3295d..c3094a9ebe 100644
--- a/lib/multi_ntfy.h
+++ b/lib/multi_ntfy.h
@@ -32,7 +32,7 @@ struct Curl_multi;
 struct curl_multi_ntfy {
   curl_notify_callback ntfy_cb;
   void *ntfy_cb_data;
-  struct uint_bset enabled;
+  struct uint32_bset enabled;
   CURLMcode failure;
   struct mntfy_chunk *head;
   struct mntfy_chunk *tail;
diff --git a/lib/multihandle.h b/lib/multihandle.h
index fbb8bdfeeb..a267a209ee 100644
--- a/lib/multihandle.h
+++ b/lib/multihandle.h
@@ -91,12 +91,12 @@ struct Curl_multi {
   unsigned int xfers_alive; /* amount of added transfers that have
                                not yet reached COMPLETE state */
   curl_off_t xfers_total_ever; /* total of added transfers, ever. */
-  struct uint_tbl xfers; /* transfers added to this multi */
+  struct uint32_tbl xfers; /* transfers added to this multi */
   /* Each transfer's mid may be present in at most one of these */
-  struct uint_bset process; /* transfer being processed */
-  struct uint_bset dirty; /* transfer to be run NOW, e.g. ASAP. */
-  struct uint_bset pending; /* transfers in waiting (conn limit etc.) */
-  struct uint_bset msgsent; /* transfers done with message for application */
+  struct uint32_bset process; /* transfer being processed */
+  struct uint32_bset dirty; /* transfer to be run NOW, e.g. ASAP. */
+  struct uint32_bset pending; /* transfers in waiting (conn limit etc.) */
+  struct uint32_bset msgsent; /* transfers done with message for application */
 
   struct Curl_llist msglist; /* a list of messages from completed transfers */
 
diff --git a/lib/multiif.h b/lib/multiif.h
index 81cf665bd3..62c68c9ced 100644
--- a/lib/multiif.h
+++ b/lib/multiif.h
@@ -153,7 +153,7 @@ void Curl_multi_xfer_sockbuf_release(struct Curl_easy *data, char *buf);
  * Returns NULL if not found.
  */
 struct Curl_easy *Curl_multi_get_easy(struct Curl_multi *multi,
-                                      unsigned int mid);
+                                      uint32_t mid);
 
 /* Get the # of transfers current in process/pending. */
 unsigned int Curl_multi_xfers_running(struct Curl_multi *multi);
diff --git a/lib/uint-bset.c b/lib/uint-bset.c
index 7b822344c1..82440c5637 100644
--- a/lib/uint-bset.c
+++ b/lib/uint-bset.c
@@ -30,32 +30,32 @@
 #include "memdebug.h"
 
 #ifdef DEBUGBUILD
-#define CURL_UINT_BSET_MAGIC  0x62757473
+#define CURL_UINT32_BSET_MAGIC  0x62757473
 #endif
 
-void Curl_uint_bset_init(struct uint_bset *bset)
+void Curl_uint32_bset_init(struct uint32_bset *bset)
 {
   memset(bset, 0, sizeof(*bset));
 #ifdef DEBUGBUILD
-  bset->init = CURL_UINT_BSET_MAGIC;
+  bset->init = CURL_UINT32_BSET_MAGIC;
 #endif
 }
 
 
-CURLcode Curl_uint_bset_resize(struct uint_bset *bset, unsigned int nmax)
+CURLcode Curl_uint32_bset_resize(struct uint32_bset *bset, uint32_t nmax)
 {
-  unsigned int nslots = (nmax < (UINT_MAX-63)) ?
-                        ((nmax + 63) / 64) : (UINT_MAX / 64);
+  uint32_t nslots = (nmax < (UINT32_MAX-63)) ?
+                    ((nmax + 63) / 64) : (UINT32_MAX / 64);
 
-  DEBUGASSERT(bset->init == CURL_UINT_BSET_MAGIC);
+  DEBUGASSERT(bset->init == CURL_UINT32_BSET_MAGIC);
   if(nslots != bset->nslots) {
-    curl_uint64_t *slots = calloc(nslots, sizeof(curl_uint64_t));
+    uint64_t *slots = calloc(nslots, sizeof(uint64_t));
     if(!slots)
       return CURLE_OUT_OF_MEMORY;
 
     if(bset->slots) {
       memcpy(slots, bset->slots,
-             (CURLMIN(nslots, bset->nslots) * sizeof(curl_uint64_t)));
+             (CURLMIN(nslots, bset->nslots) * sizeof(uint64_t)));
       free(bset->slots);
     }
     bset->slots = slots;
@@ -66,24 +66,24 @@ CURLcode Curl_uint_bset_resize(struct uint_bset *bset, unsigned int nmax)
 }
 
 
-void Curl_uint_bset_destroy(struct uint_bset *bset)
+void Curl_uint32_bset_destroy(struct uint32_bset *bset)
 {
-  DEBUGASSERT(bset->init == CURL_UINT_BSET_MAGIC);
+  DEBUGASSERT(bset->init == CURL_UINT32_BSET_MAGIC);
   free(bset->slots);
   memset(bset, 0, sizeof(*bset));
 }
 
 #ifdef UNITTESTS
-UNITTEST unsigned int Curl_uint_bset_capacity(struct uint_bset *bset)
+UNITTEST uint32_t Curl_uint32_bset_capacity(struct uint32_bset *bset)
 {
   return bset->nslots * 64;
 }
 #endif
 
-unsigned int Curl_uint_bset_count(struct uint_bset *bset)
+uint32_t Curl_uint32_bset_count(struct uint32_bset *bset)
 {
-  unsigned int i;
-  unsigned int n = 0;
+  uint32_t i;
+  uint32_t n = 0;
   for(i = 0; i < bset->nslots; ++i) {
     if(bset->slots[i])
       n += CURL_POPCOUNT64(bset->slots[i]);
@@ -91,9 +91,9 @@ unsigned int Curl_uint_bset_count(struct uint_bset *bset)
   return n;
 }
 
-bool Curl_uint_bset_empty(struct uint_bset *bset)
+bool Curl_uint32_bset_empty(struct uint32_bset *bset)
 {
-  unsigned int i;
+  uint32_t i;
   for(i = bset->first_slot_used; i < bset->nslots; ++i) {
     if(bset->slots[i])
       return FALSE;
@@ -102,47 +102,47 @@ bool Curl_uint_bset_empty(struct uint_bset *bset)
 }
 
 
-void Curl_uint_bset_clear(struct uint_bset *bset)
+void Curl_uint32_bset_clear(struct uint32_bset *bset)
 {
   if(bset->nslots) {
-    memset(bset->slots, 0, bset->nslots * sizeof(curl_uint64_t));
-    bset->first_slot_used = UINT_MAX;
+    memset(bset->slots, 0, bset->nslots * sizeof(uint64_t));
+    bset->first_slot_used = UINT32_MAX;
   }
 }
 
 
-bool Curl_uint_bset_add(struct uint_bset *bset, unsigned int i)
+bool Curl_uint32_bset_add(struct uint32_bset *bset, uint32_t i)
 {
-  unsigned int islot = i / 64;
+  uint32_t islot = i / 64;
   if(islot >= bset->nslots)
     return FALSE;
-  bset->slots[islot] |= ((curl_uint64_t)1 << (i % 64));
+  bset->slots[islot] |= ((uint64_t)1 << (i % 64));
   if(islot < bset->first_slot_used)
     bset->first_slot_used = islot;
   return TRUE;
 }
 
 
-void Curl_uint_bset_remove(struct uint_bset *bset, unsigned int i)
+void Curl_uint32_bset_remove(struct uint32_bset *bset, uint32_t i)
 {
   size_t islot = i / 64;
   if(islot < bset->nslots)
-    bset->slots[islot] &= ~((curl_uint64_t)1 << (i % 64));
+    bset->slots[islot] &= ~((uint64_t)1 << (i % 64));
 }
 
 
-bool Curl_uint_bset_contains(struct uint_bset *bset, unsigned int i)
+bool Curl_uint32_bset_contains(struct uint32_bset *bset, uint32_t i)
 {
-  unsigned int islot = i / 64;
+  uint32_t islot = i / 64;
   if(islot >= bset->nslots)
     return FALSE;
-  return (bset->slots[islot] & ((curl_uint64_t)1 << (i % 64))) != 0;
+  return (bset->slots[islot] & ((uint64_t)1 << (i % 64))) != 0;
 }
 
 
-bool Curl_uint_bset_first(struct uint_bset *bset, unsigned int *pfirst)
+bool Curl_uint32_bset_first(struct uint32_bset *bset, uint32_t *pfirst)
 {
-  unsigned int i;
+  uint32_t i;
   for(i = bset->first_slot_used; i < bset->nslots; ++i) {
     if(bset->slots[i]) {
       *pfirst = (i * 64) + CURL_CTZ64(bset->slots[i]);
@@ -150,15 +150,15 @@ bool Curl_uint_bset_first(struct uint_bset *bset, unsigned int *pfirst)
       return TRUE;
     }
   }
-  bset->first_slot_used = *pfirst = UINT_MAX;
+  bset->first_slot_used = *pfirst = UINT32_MAX;
   return FALSE;
 }
 
-bool Curl_uint_bset_next(struct uint_bset *bset, unsigned int last,
-                         unsigned int *pnext)
+bool Curl_uint32_bset_next(struct uint32_bset *bset, uint32_t last,
+                           uint32_t *pnext)
 {
-  unsigned int islot;
-  curl_uint64_t x;
+  uint32_t islot;
+  uint64_t x;
 
   ++last; /* look for number one higher than last */
   islot = last / 64; /* the slot this would be in */
@@ -178,42 +178,42 @@ bool Curl_uint_bset_next(struct uint_bset *bset, unsigned int last,
       }
     }
   }
-  *pnext = UINT_MAX; /* a value we cannot store */
+  *pnext = UINT32_MAX; /* a value we cannot store */
   return FALSE;
 }
 
 #ifdef CURL_POPCOUNT64_IMPLEMENT
-unsigned int Curl_popcount64(curl_uint64_t x)
+uint32_t Curl_popcount64(uint64_t x)
 {
   /* Compute the "Hamming Distance" between 'x' and 0,
    * which is the number of set bits in 'x'.
    * See: https://en.wikipedia.org/wiki/Hamming_weight */
-  const curl_uint64_t m1  = 0x5555555555555555LL; /* 0101+ */
-  const curl_uint64_t m2  = 0x3333333333333333LL; /* 00110011+ */
-  const curl_uint64_t m4  = 0x0f0f0f0f0f0f0f0fLL; /* 00001111+ */
+  const uint64_t m1  = 0x5555555555555555LL; /* 0101+ */
+  const uint64_t m2  = 0x3333333333333333LL; /* 00110011+ */
+  const uint64_t m4  = 0x0f0f0f0f0f0f0f0fLL; /* 00001111+ */
    /* 1 + 256^1 + 256^2 + 256^3 + ... + 256^7 */
-  const curl_uint64_t h01 = 0x0101010101010101LL;
+  const uint64_t h01 = 0x0101010101010101LL;
   x -= (x >> 1) & m1;             /* replace every 2 bits with bits present */
   x = (x & m2) + ((x >> 2) & m2); /* replace every nibble with bits present */
   x = (x + (x >> 4)) & m4;        /* replace every byte with bits present */
   /* top 8 bits of x + (x<<8) + (x<<16) + (x<<24) + ... which makes the
    * top byte the sum of all individual 8 bytes, throw away the rest */
-  return (unsigned int)((x * h01) >> 56);
+  return (uint32_t)((x * h01) >> 56);
 }
 #endif /* CURL_POPCOUNT64_IMPLEMENT */
 
 
 #ifdef CURL_CTZ64_IMPLEMENT
-unsigned int Curl_ctz64(curl_uint64_t x)
+uint32_t Curl_ctz64(uint64_t x)
 {
-  /* count trailing zeros in a curl_uint64_t.
+  /* count trailing zeros in a uint64_t.
    * divide and conquer to find the number of lower 0 bits */
-  const curl_uint64_t ml32 = 0xFFFFFFFF; /* lower 32 bits */
-  const curl_uint64_t ml16 = 0x0000FFFF; /* lower 16 bits */
-  const curl_uint64_t ml8  = 0x000000FF; /* lower 8 bits */
-  const curl_uint64_t ml4  = 0x0000000F; /* lower 4 bits */
-  const curl_uint64_t ml2  = 0x00000003; /* lower 2 bits */
-  unsigned int n;
+  const uint64_t ml32 = 0xFFFFFFFF; /* lower 32 bits */
+  const uint64_t ml16 = 0x0000FFFF; /* lower 16 bits */
+  const uint64_t ml8  = 0x000000FF; /* lower 8 bits */
+  const uint64_t ml4  = 0x0000000F; /* lower 4 bits */
+  const uint64_t ml2  = 0x00000003; /* lower 2 bits */
+  uint32_t n;
 
   if(!x)
     return 64;
@@ -238,6 +238,6 @@ unsigned int Curl_ctz64(curl_uint64_t x)
     n = n + 2;
     x = x >> 2;
   }
-  return n - (unsigned int)(x & 1);
+  return n - (uint32_t)(x & 1);
 }
 #endif /* CURL_CTZ64_IMPLEMENT */
diff --git a/lib/uint-bset.h b/lib/uint-bset.h
index cc405cc656..5e5bbdb8fc 100644
--- a/lib/uint-bset.h
+++ b/lib/uint-bset.h
@@ -39,51 +39,51 @@
  * the price of slightly slower operations.
  */
 
-struct uint_bset {
-  curl_uint64_t *slots;
-  unsigned int nslots;
-  unsigned int first_slot_used;
+struct uint32_bset {
+  uint64_t *slots;
+  uint32_t nslots;
+  uint32_t first_slot_used;
 #ifdef DEBUGBUILD
   int init;
 #endif
 };
 
 /* Initialize the bitset with capacity 0. */
-void Curl_uint_bset_init(struct uint_bset *bset);
+void Curl_uint32_bset_init(struct uint32_bset *bset);
 
 /* Resize the bitset capacity to hold numbers from 0 to `nmax`,
  * which rounds up `nmax` to the next multiple of 64. */
-CURLcode Curl_uint_bset_resize(struct uint_bset *bset, unsigned int nmax);
+CURLcode Curl_uint32_bset_resize(struct uint32_bset *bset, uint32_t nmax);
 
 /* Destroy the bitset, freeing all resources. */
-void Curl_uint_bset_destroy(struct uint_bset *bset);
+void Curl_uint32_bset_destroy(struct uint32_bset *bset);
 
 /* Get the bitset capacity, e.g. can hold numbers from 0 to capacity - 1. */
-unsigned int Curl_uint_bset_capacity(struct uint_bset *bset);
+uint32_t Curl_uint32_bset_capacity(struct uint32_bset *bset);
 
 /* Get the cardinality of the bitset, e.g. numbers present in the set. */
-unsigned int Curl_uint_bset_count(struct uint_bset *bset);
+uint32_t Curl_uint32_bset_count(struct uint32_bset *bset);
 
 /* TRUE of bitset is empty */
-bool Curl_uint_bset_empty(struct uint_bset *bset);
+bool Curl_uint32_bset_empty(struct uint32_bset *bset);
 
 /* Clear the bitset, making it empty. */
-void Curl_uint_bset_clear(struct uint_bset *bset);
+void Curl_uint32_bset_clear(struct uint32_bset *bset);
 
 /* Add the number `i` to the bitset. Return FALSE if the number is
  * outside the set's capacity.
  * Numbers can be added more than once, without making a difference. */
-bool Curl_uint_bset_add(struct uint_bset *bset, unsigned int i);
+bool Curl_uint32_bset_add(struct uint32_bset *bset, uint32_t i);
 
 /* Remove the number `i` from the bitset. */
-void Curl_uint_bset_remove(struct uint_bset *bset, unsigned int i);
+void Curl_uint32_bset_remove(struct uint32_bset *bset, uint32_t i);
 
 /* Return TRUE if the bitset contains number `i`. */
-bool Curl_uint_bset_contains(struct uint_bset *bset, unsigned int i);
+bool Curl_uint32_bset_contains(struct uint32_bset *bset, uint32_t i);
 
 /* Get the first number in the bitset, e.g. the smallest.
  * Returns FALSE when the bitset is empty. */
-bool Curl_uint_bset_first(struct uint_bset *bset, unsigned int *pfirst);
+bool Curl_uint32_bset_first(struct uint32_bset *bset, uint32_t *pfirst);
 
 /* Get the next number in the bitset, following `last` in natural order.
  * Put another way, this is the smallest number greater than `last` in
@@ -96,20 +96,20 @@ bool Curl_uint_bset_first(struct uint_bset *bset, unsigned int *pfirst);
  * - added numbers lower than 'last' will not show up.
  * - removed numbers lower or equal to 'last' will not show up.
  * - removed numbers higher than 'last' will not be visited. */
-bool Curl_uint_bset_next(struct uint_bset *bset, unsigned int last,
-                         unsigned int *pnext);
+bool Curl_uint32_bset_next(struct uint32_bset *bset, uint32_t last,
+                           uint32_t *pnext);
 
 
 #ifndef CURL_POPCOUNT64
 #define CURL_POPCOUNT64(x)   Curl_popcount64(x)
 #define CURL_POPCOUNT64_IMPLEMENT
-unsigned int Curl_popcount64(curl_uint64_t x);
+uint32_t Curl_popcount64(uint64_t x);
 #endif /* !CURL_POPCOUNT64 */
 
 #ifndef CURL_CTZ64
 #define CURL_CTZ64(x)  Curl_ctz64(x)
 #define CURL_CTZ64_IMPLEMENT
-unsigned int Curl_ctz64(curl_uint64_t x);
+uint32_t Curl_ctz64(uint64_t x);
 #endif /* !CURL_CTZ64 */
 
 #endif /* HEADER_CURL_UINT_BSET_H */
diff --git a/lib/uint-hash.c b/lib/uint-hash.c
index 6c66507887..4677c6ac91 100644
--- a/lib/uint-hash.c
+++ b/lib/uint-hash.c
@@ -34,10 +34,10 @@
 
 /* random patterns for API verification */
 #ifdef DEBUGBUILD
-#define CURL_UINTHASHINIT 0x7117e779
+#define CURL_UINT32_HASHINIT 0x7117e779
 #endif
 
-static unsigned int uint_hash_hash(unsigned int id, unsigned int slots)
+static uint32_t uint32_hash_hash(uint32_t id, uint32_t slots)
 {
   return (id % slots);
 }
@@ -46,12 +46,12 @@ static unsigned int uint_hash_hash(unsigned int id, unsigned int slots)
 struct uint_hash_entry {
   struct uint_hash_entry *next;
   void   *value;
-  unsigned int id;
+  uint32_t id;
 };
 
-void Curl_uint_hash_init(struct uint_hash *h,
-                         unsigned int slots,
-                         Curl_uint_hash_dtor *dtor)
+void Curl_uint32_hash_init(struct uint_hash *h,
+                           uint32_t slots,
+                           Curl_uint32_hash_dtor *dtor)
 {
   DEBUGASSERT(h);
   DEBUGASSERT(slots);
@@ -61,11 +61,11 @@ void Curl_uint_hash_init(struct uint_hash *h,
   h->size = 0;
   h->slots = slots;
 #ifdef DEBUGBUILD
-  h->init = CURL_UINTHASHINIT;
+  h->init = CURL_UINT32_HASHINIT;
 #endif
 }
 
-static struct uint_hash_entry *uint_hash_mk_entry(unsigned int id, void *value)
+static struct uint_hash_entry *uint32_hash_mk_entry(uint32_t id, void *value)
 {
   struct uint_hash_entry *e;
 
@@ -79,8 +79,8 @@ static struct uint_hash_entry *uint_hash_mk_entry(unsigned int id, void *value)
   return e;
 }
 
-static void uint_hash_entry_clear(struct uint_hash *h,
-                                  struct uint_hash_entry *e)
+static void uint32_hash_entry_clear(struct uint_hash *h,
+                                    struct uint_hash_entry *e)
 {
   DEBUGASSERT(h);
   DEBUGASSERT(e);
@@ -91,78 +91,78 @@ static void uint_hash_entry_clear(struct uint_hash *h,
   }
 }
 
-static void uint_hash_entry_destroy(struct uint_hash *h,
-                                    struct uint_hash_entry *e)
+static void uint32_hash_entry_destroy(struct uint_hash *h,
+                                      struct uint_hash_entry *e)
 {
-  uint_hash_entry_clear(h, e);
+  uint32_hash_entry_clear(h, e);
   free(e);
 }
 
-static void uint_hash_entry_unlink(struct uint_hash *h,
-                                   struct uint_hash_entry **he_anchor,
-                                   struct uint_hash_entry *he)
+static void uint32_hash_entry_unlink(struct uint_hash *h,
+                                     struct uint_hash_entry **he_anchor,
+                                     struct uint_hash_entry *he)
 {
   *he_anchor = he->next;
   --h->size;
 }
 
-static void uint_hash_elem_link(struct uint_hash *h,
-                                struct uint_hash_entry **he_anchor,
-                                struct uint_hash_entry *he)
+static void uint32_hash_elem_link(struct uint_hash *h,
+                                  struct uint_hash_entry **he_anchor,
+                                  struct uint_hash_entry *he)
 {
   he->next = *he_anchor;
   *he_anchor = he;
   ++h->size;
 }
 
-#define CURL_UINT_HASH_SLOT(h,id)  h->table[uint_hash_hash(id, h->slots)]
-#define CURL_UINT_HASH_SLOT_ADDR(h,id) &CURL_UINT_HASH_SLOT(h,id)
+#define CURL_UINT32_HASH_SLOT(h,id) h->table[uint32_hash_hash(id, h->slots)]
+#define CURL_UINT32_HASH_SLOT_ADDR(h,id) &CURL_UINT32_HASH_SLOT(h,id)
 
-bool Curl_uint_hash_set(struct uint_hash *h, unsigned int id, void *value)
+bool Curl_uint32_hash_set(struct uint_hash *h, uint32_t id, void *value)
 {
   struct uint_hash_entry *he, **slot;
 
   DEBUGASSERT(h);
   DEBUGASSERT(h->slots);
-  DEBUGASSERT(h->init == CURL_UINTHASHINIT);
+  DEBUGASSERT(h->init == CURL_UINT32_HASHINIT);
   if(!h->table) {
     h->table = calloc(h->slots, sizeof(*he));
     if(!h->table)
       return FALSE; /* OOM */
   }
 
-  slot = CURL_UINT_HASH_SLOT_ADDR(h, id);
+  slot = CURL_UINT32_HASH_SLOT_ADDR(h, id);
   for(he = *slot; he; he = he->next) {
     if(he->id == id) {
       /* existing key entry, overwrite by clearing old pointer */
-      uint_hash_entry_clear(h, he);
+      uint32_hash_entry_clear(h, he);
       he->value = value;
       return TRUE;
     }
   }
 
-  he = uint_hash_mk_entry(id, value);
+  he = uint32_hash_mk_entry(id, value);
   if(!he)
     return FALSE; /* OOM */
 
-  uint_hash_elem_link(h, slot, he);
+  uint32_hash_elem_link(h, slot, he);
   return TRUE;
 }
 
-bool Curl_uint_hash_remove(struct uint_hash *h, unsigned int id)
+bool Curl_uint32_hash_remove(struct uint_hash *h, uint32_t id)
 {
   DEBUGASSERT(h);
   DEBUGASSERT(h->slots);
-  DEBUGASSERT(h->init == CURL_UINTHASHINIT);
+  DEBUGASSERT(h->init == CURL_UINT32_HASHINIT);
   if(h->table) {
     struct uint_hash_entry *he, **he_anchor;
 
-    he_anchor = CURL_UINT_HASH_SLOT_ADDR(h, id);
+    he_anchor = CURL_UINT32_HASH_SLOT_ADDR(h, id);
     while(*he_anchor) {
       he = *he_anchor;
       if(id == he->id) {
-        uint_hash_entry_unlink(h, he_anchor, he);
-        uint_hash_entry_destroy(h, he);
+        uint32_hash_entry_unlink(h, he_anchor, he);
+        uint32_hash_entry_destroy(h, he);
         return TRUE;
       }
       he_anchor = &he->next;
@@ -171,14 +171,14 @@ bool Curl_uint_hash_remove(struct uint_hash *h, unsigned int id)
   return FALSE;
 }
 
-void *Curl_uint_hash_get(struct uint_hash *h, unsigned int id)
+void *Curl_uint32_hash_get(struct uint_hash *h, uint32_t id)
 {
   DEBUGASSERT(h);
-  DEBUGASSERT(h->init == CURL_UINTHASHINIT);
+  DEBUGASSERT(h->init == CURL_UINT32_HASHINIT);
   if(h->table) {
     struct uint_hash_entry *he;
     DEBUGASSERT(h->slots);
-    he = CURL_UINT_HASH_SLOT(h, id);
+    he = CURL_UINT32_HASH_SLOT(h, id);
     while(he) {
       if(id == he->id) {
         return he->value;
@@ -194,28 +194,28 @@ static void uint_hash_clear(struct uint_hash *h)
   if(h && h->table) {
     struct uint_hash_entry *he, **he_anchor;
     size_t i;
-    DEBUGASSERT(h->init == CURL_UINTHASHINIT);
+    DEBUGASSERT(h->init == CURL_UINT32_HASHINIT);
     for(i = 0; i < h->slots; ++i) {
       he_anchor = &h->table[i];
       while(*he_anchor) {
         he = *he_anchor;
-        uint_hash_entry_unlink(h, he_anchor, he);
-        uint_hash_entry_destroy(h, he);
+        uint32_hash_entry_unlink(h, he_anchor, he);
+        uint32_hash_entry_destroy(h, he);
       }
     }
   }
 }
 
 #ifdef UNITTESTS
-UNITTEST void Curl_uint_hash_clear(struct uint_hash *h)
+UNITTEST void Curl_uint32_hash_clear(struct uint_hash *h)
 {
   uint_hash_clear(h);
 }
 #endif
 
-void Curl_uint_hash_destroy(struct uint_hash *h)
+void Curl_uint32_hash_destroy(struct uint_hash *h)
 {
-  DEBUGASSERT(h->init == CURL_UINTHASHINIT);
+  DEBUGASSERT(h->init == CURL_UINT32_HASHINIT);
   if(h->table) {
     uint_hash_clear(h);
     Curl_safefree(h->table);
@@ -224,20 +224,20 @@ void Curl_uint_hash_destroy(struct uint_hash *h)
   h->slots = 0;
 }
 
-unsigned int Curl_uint_hash_count(struct uint_hash *h)
+uint32_t Curl_uint32_hash_count(struct uint_hash *h)
 {
-  DEBUGASSERT(h->init == CURL_UINTHASHINIT);
+  DEBUGASSERT(h->init == CURL_UINT32_HASHINIT);
   return h->size;
 }
 
-void Curl_uint_hash_visit(struct uint_hash *h,
-                          Curl_uint_hash_visit_cb *cb,
-                          void *user_data)
+void Curl_uint32_hash_visit(struct uint_hash *h,
+                            Curl_uint32_hash_visit_cb *cb,
+                            void *user_data)
 {
   if(h && h->table && cb) {
     struct uint_hash_entry *he;
     size_t i;
-    DEBUGASSERT(h->init == CURL_UINTHASHINIT);
+    DEBUGASSERT(h->init == CURL_UINT32_HASHINIT);
     for(i = 0; i < h->slots; ++i) {
       for(he = h->table[i]; he; he = he->next) {
         if(!cb(he->id, he->value, user_data))
diff --git a/lib/uint-hash.h b/lib/uint-hash.h
index 1b52dba4c4..330f61208b 100644
--- a/lib/uint-hash.h
+++ b/lib/uint-hash.h
@@ -30,39 +30,39 @@
 
 #include "llist.h"
 
-/* A version with unsigned int as key */
-typedef void Curl_uint_hash_dtor(unsigned int id, void *value);
+/* A version with uint32_t as key */
+typedef void Curl_uint32_hash_dtor(uint32_t id, void *value);
 struct uint_hash_entry;
 
-/* Hash for `unsigned int` as key */
+/* Hash for `uint32_t` as key */
 struct uint_hash {
   struct uint_hash_entry **table;
-  Curl_uint_hash_dtor *dtor;
-  unsigned int slots;
-  unsigned int size;
+  Curl_uint32_hash_dtor *dtor;
+  uint32_t slots;
+  uint32_t size;
 #ifdef DEBUGBUILD
   int init;
 #endif
 };
 
 
-void Curl_uint_hash_init(struct uint_hash *h,
-                         unsigned int slots,
-                         Curl_uint_hash_dtor *dtor);
-void Curl_uint_hash_destroy(struct uint_hash *h);
-void Curl_uint_hash_clear(struct uint_hash *h);
+void Curl_uint32_hash_init(struct uint_hash *h,
+                           uint32_t slots,
+                           Curl_uint32_hash_dtor *dtor);
+void Curl_uint32_hash_destroy(struct uint_hash *h);
+void Curl_uint32_hash_clear(struct uint_hash *h);
 
-bool Curl_uint_hash_set(struct uint_hash *h, unsigned int id, void *value);
-bool Curl_uint_hash_remove(struct uint_hash *h, unsigned int id);
-void *Curl_uint_hash_get(struct uint_hash *h, unsigned int id);
-unsigned int Curl_uint_hash_count(struct uint_hash *h);
+bool Curl_uint32_hash_set(struct uint_hash *h, uint32_t id, void *value);
+bool Curl_uint32_hash_remove(struct uint_hash *h, uint32_t id);
+void *Curl_uint32_hash_get(struct uint_hash *h, uint32_t id);
+uint32_t Curl_uint32_hash_count(struct uint_hash *h);
 
 
-typedef bool Curl_uint_hash_visit_cb(unsigned int id, void *value,
-                                     void *user_data);
+typedef bool Curl_uint32_hash_visit_cb(uint32_t id, void *value,
+                                       void *user_data);
 
-void Curl_uint_hash_visit(struct uint_hash *h,
-                          Curl_uint_hash_visit_cb *cb,
-                          void *user_data);
+void Curl_uint32_hash_visit(struct uint_hash *h,
+                            Curl_uint32_hash_visit_cb *cb,
+                            void *user_data);
 
 #endif /* HEADER_CURL_UINT_HASH_H */
diff --git a/lib/uint-spbset.c b/lib/uint-spbset.c
index 2e8e2a139e..f250bcb1b4 100644
--- a/lib/uint-spbset.c
+++ b/lib/uint-spbset.c
@@ -31,33 +31,33 @@
 #include "memdebug.h"
 
 #ifdef DEBUGBUILD
-#define CURL_UINT_SPBSET_MAGIC  0x70737362
+#define CURL_UINT32_SPBSET_MAGIC  0x70737362
 #endif
 
 /* Clear the bitset, making it empty. */
-UNITTEST void Curl_uint_spbset_clear(struct uint_spbset *bset);
+UNITTEST void Curl_uint32_spbset_clear(struct uint32_spbset *bset);
 
-void Curl_uint_spbset_init(struct uint_spbset *bset)
+void Curl_uint32_spbset_init(struct uint32_spbset *bset)
 {
   memset(bset, 0, sizeof(*bset));
 #ifdef DEBUGBUILD
-  bset->init = CURL_UINT_SPBSET_MAGIC;
+  bset->init = CURL_UINT32_SPBSET_MAGIC;
 #endif
 }
 
-void Curl_uint_spbset_destroy(struct uint_spbset *bset)
+void Curl_uint32_spbset_destroy(struct uint32_spbset *bset)
 {
-  DEBUGASSERT(bset->init == CURL_UINT_SPBSET_MAGIC);
-  Curl_uint_spbset_clear(bset);
+  DEBUGASSERT(bset->init == CURL_UINT32_SPBSET_MAGIC);
+  Curl_uint32_spbset_clear(bset);
 }
 
-unsigned int Curl_uint_spbset_count(struct uint_spbset *bset)
+uint32_t Curl_uint32_spbset_count(struct uint32_spbset *bset)
 {
-  struct uint_spbset_chunk *chunk;
-  unsigned int i, n = 0;
+  struct uint32_spbset_chunk *chunk;
+  uint32_t i, n = 0;
 
   for(chunk = &bset->head; chunk; chunk = chunk->next) {
-    for(i = 0; i < CURL_UINT_SPBSET_CH_SLOTS; ++i) {
+    for(i = 0; i < CURL_UINT32_SPBSET_CH_SLOTS; ++i) {
       if(chunk->slots[i])
         n += CURL_POPCOUNT64(chunk->slots[i]);
     }
@@ -65,13 +65,13 @@ unsigned int Curl_uint_spbset_count(struct uint_spbset *bset)
   return n;
 }
 
-bool Curl_uint_spbset_empty(struct uint_spbset *bset)
+bool Curl_uint32_spbset_empty(struct uint32_spbset *bset)
 {
-  struct uint_spbset_chunk *chunk;
-  unsigned int i;
+  struct uint32_spbset_chunk *chunk;
+  uint32_t i;
 
   for(chunk = &bset->head; chunk; chunk = chunk->next) {
-    for(i = 0; i < CURL_UINT_SPBSET_CH_SLOTS; ++i) {
+    for(i = 0; i < CURL_UINT32_SPBSET_CH_SLOTS; ++i) {
       if(chunk->slots[i])
         return FALSE;
     }
@@ -79,9 +79,9 @@ bool Curl_uint_spbset_empty(struct uint_spbset *bset)
   return TRUE;
 }
 
-UNITTEST void Curl_uint_spbset_clear(struct uint_spbset *bset)
+UNITTEST void Curl_uint32_spbset_clear(struct uint32_spbset *bset)
 {
-  struct uint_spbset_chunk *next, *chunk;
+  struct uint32_spbset_chunk *next, *chunk;
 
   for(chunk = bset->head.next; chunk; chunk = next) {
     next = chunk->next;
@@ -91,11 +91,11 @@ UNITTEST void Curl_uint_spbset_clear(struct uint_spbset *bset)
 }
 
 
-static struct uint_spbset_chunk *
-uint_spbset_get_chunk(struct uint_spbset *bset, unsigned int i, bool grow)
+static struct uint32_spbset_chunk *
+uint32_spbset_get_chunk(struct uint32_spbset *bset, uint32_t i, bool grow)
 {
-  struct uint_spbset_chunk *chunk, **panchor = NULL;
-  unsigned int i_offset = (i & ~CURL_UINT_SPBSET_CH_MASK);
+  struct uint32_spbset_chunk *chunk, **panchor = NULL;
+  uint32_t i_offset = (i & ~CURL_UINT32_SPBSET_CH_MASK);
 
   if(!bset)
     return NULL;
@@ -134,61 +134,61 @@ uint_spbset_get_chunk(struct uint_spbset *bset, unsigned int i, bool grow)
 }
 
 
-bool Curl_uint_spbset_add(struct uint_spbset *bset, unsigned int i)
+bool Curl_uint32_spbset_add(struct uint32_spbset *bset, uint32_t i)
 {
-  struct uint_spbset_chunk *chunk;
-  unsigned int i_chunk;
+  struct uint32_spbset_chunk *chunk;
+  uint32_t i_chunk;
 
-  chunk = uint_spbset_get_chunk(bset, i, TRUE);
+  chunk = uint32_spbset_get_chunk(bset, i, TRUE);
   if(!chunk)
     return FALSE;
 
   DEBUGASSERT(i >= chunk->offset);
   i_chunk = (i - chunk->offset);
-  DEBUGASSERT((i_chunk / 64) < CURL_UINT_SPBSET_CH_SLOTS);
-  chunk->slots[(i_chunk / 64)] |= ((curl_uint64_t)1 << (i_chunk % 64));
+  DEBUGASSERT((i_chunk / 64) < CURL_UINT32_SPBSET_CH_SLOTS);
+  chunk->slots[(i_chunk / 64)] |= ((uint64_t)1 << (i_chunk % 64));
   return TRUE;
 }
 
 
-void Curl_uint_spbset_remove(struct uint_spbset *bset, unsigned int i)
+void Curl_uint32_spbset_remove(struct uint32_spbset *bset, uint32_t i)
 {
-  struct uint_spbset_chunk *chunk;
-  unsigned int i_chunk;
+  struct uint32_spbset_chunk *chunk;
+  uint32_t i_chunk;
 
-  chunk = uint_spbset_get_chunk(bset, i, FALSE);
+  chunk = uint32_spbset_get_chunk(bset, i, FALSE);
   if(chunk) {
     DEBUGASSERT(i >= chunk->offset);
     i_chunk = (i - chunk->offset);
-    DEBUGASSERT((i_chunk / 64) < CURL_UINT_SPBSET_CH_SLOTS);
-    chunk->slots[(i_chunk / 64)] &= ~((curl_uint64_t)1 << (i_chunk % 64));
+    DEBUGASSERT((i_chunk / 64) < CURL_UINT32_SPBSET_CH_SLOTS);
+    chunk->slots[(i_chunk / 64)] &= ~((uint64_t)1 << (i_chunk % 64));
   }
 }
 
 
-bool Curl_uint_spbset_contains(struct uint_spbset *bset, unsigned int i)
+bool Curl_uint32_spbset_contains(struct uint32_spbset *bset, uint32_t i)
 {
-  struct uint_spbset_chunk *chunk;
-  unsigned int i_chunk;
+  struct uint32_spbset_chunk *chunk;
+  uint32_t i_chunk;
 
-  chunk = uint_spbset_get_chunk(bset, i, FALSE);
+  chunk = uint32_spbset_get_chunk(bset, i, FALSE);
   if(chunk) {
     DEBUGASSERT(i >= chunk->offset);
     i_chunk = (i - chunk->offset);
-    DEBUGASSERT((i_chunk / 64) < CURL_UINT_SPBSET_CH_SLOTS);
+    DEBUGASSERT((i_chunk / 64) < CURL_UINT32_SPBSET_CH_SLOTS);
     return (chunk->slots[i_chunk / 64] &
-            ((curl_uint64_t)1 << (i_chunk % 64))) != 0;
+            ((uint64_t)1 << (i_chunk % 64))) != 0;
   }
   return FALSE;
 }
 
-bool Curl_uint_spbset_first(struct uint_spbset *bset, unsigned int *pfirst)
+bool Curl_uint32_spbset_first(struct uint32_spbset *bset, uint32_t *pfirst)
 {
-  struct uint_spbset_chunk *chunk;
-  unsigned int i;
+  struct uint32_spbset_chunk *chunk;
+  uint32_t i;
 
   for(chunk = &bset->head; chunk; chunk = chunk->next) {
-    for(i = 0; i < CURL_UINT_SPBSET_CH_SLOTS; ++i) {
+    for(i = 0; i < CURL_UINT32_SPBSET_CH_SLOTS; ++i) {
       if(chunk->slots[i]) {
         *pfirst = chunk->offset + ((i * 64) + CURL_CTZ64(chunk->slots[i]));
         return TRUE;
@@ -200,29 +200,29 @@ bool Curl_uint_spbset_first(struct uint_spbset *bset, unsigned int *pfirst)
 }
 
 
-static bool uint_spbset_chunk_first(struct uint_spbset_chunk *chunk,
-                                    unsigned int *pfirst)
+static bool uint32_spbset_chunk_first(struct uint32_spbset_chunk *chunk,
+                                      uint32_t *pfirst)
 {
-  unsigned int i;
-  for(i = 0; i < CURL_UINT_SPBSET_CH_SLOTS; ++i) {
+  uint32_t i;
+  for(i = 0; i < CURL_UINT32_SPBSET_CH_SLOTS; ++i) {
     if(chunk->slots[i]) {
       *pfirst = chunk->offset + ((i * 64) + CURL_CTZ64(chunk->slots[i]));
       return TRUE;
     }
   }
-  *pfirst = UINT_MAX; /* a value we cannot store */
+  *pfirst = UINT32_MAX; /* a value we cannot store */
   return FALSE;
 }
 
 
-static bool uint_spbset_chunk_next(struct uint_spbset_chunk *chunk,
-                                   unsigned int last,
-                                   unsigned int *pnext)
+static bool uint32_spbset_chunk_next(struct uint32_spbset_chunk *chunk,
+                                     uint32_t last,
+                                     uint32_t *pnext)
 {
   if(chunk->offset <= last) {
-    curl_uint64_t x;
-    unsigned int i = ((last - chunk->offset) / 64);
-    if(i < CURL_UINT_SPBSET_CH_SLOTS) {
+    uint64_t x;
+    uint32_t i = ((last - chunk->offset) / 64);
+    if(i < CURL_UINT32_SPBSET_CH_SLOTS) {
       x = (chunk->slots[i] >> (last % 64));
       if(x) {
         /* more bits set, next is `last` + trailing0s of the shifted slot */
@@ -230,7 +230,7 @@ static bool uint_spbset_chunk_next(struct uint_spbset_chunk *chunk,
         return TRUE;
       }
       /* no more bits set in the last slot, scan forward */
-      for(i = i + 1; i < CURL_UINT_SPBSET_CH_SLOTS; ++i) {
+      for(i = i + 1; i < CURL_UINT32_SPBSET_CH_SLOTS; ++i) {
         if(chunk->slots[i]) {
           *pnext = chunk->offset + ((i * 64) + CURL_CTZ64(chunk->slots[i]));
           return TRUE;
@@ -238,18 +238,18 @@ static bool uint_spbset_chunk_next(struct uint_spbset_chunk *chunk,
       }
     }
   }
-  *pnext = UINT_MAX;
+  *pnext = UINT32_MAX;
   return FALSE;
 }
 
-bool Curl_uint_spbset_next(struct uint_spbset *bset, unsigned int last,
-                           unsigned int *pnext)
+bool Curl_uint32_spbset_next(struct uint32_spbset *bset, uint32_t last,
+                             uint32_t *pnext)
 {
-  struct uint_spbset_chunk *chunk;
-  unsigned int last_offset;
+  struct uint32_spbset_chunk *chunk;
+  uint32_t last_offset;
 
   ++last; /* look for the next higher number */
-  last_offset = (last & ~CURL_UINT_SPBSET_CH_MASK);
+  last_offset = (last & ~CURL_UINT32_SPBSET_CH_MASK);
 
   for(chunk = &bset->head; chunk; chunk = chunk->next) {
     if(chunk->offset >= last_offset) {
@@ -259,17 +259,17 @@ bool Curl_uint_spbset_next(struct uint_spbset *bset, unsigned int last,
 
   if(chunk && (chunk->offset == last_offset)) {
     /* is there a number higher than last in this chunk? */
-    if(uint_spbset_chunk_next(chunk, last, pnext))
+    if(uint32_spbset_chunk_next(chunk, last, pnext))
       return TRUE;
     /* not in this chunk */
     chunk = chunk->next;
   }
   /* look for the first in the "higher" chunks, if there are any. */
   while(chunk) {
-    if(uint_spbset_chunk_first(chunk, pnext))
+    if(uint32_spbset_chunk_first(chunk, pnext))
       return TRUE;
     chunk = chunk->next;
   }
-  *pnext = UINT_MAX;
+  *pnext = UINT32_MAX;
   return FALSE;
 }
diff --git a/lib/uint-spbset.h b/lib/uint-spbset.h
index bd2347902c..8c46ce4aa8 100644
--- a/lib/uint-spbset.h
+++ b/lib/uint-spbset.h
@@ -27,8 +27,8 @@
 
 #include 
 
-/* A "sparse" bitset for unsigned int values.
- * It can hold any unsigned int value.
+/* A "sparse" bitset for uint32_t values.
+ * It can hold any uint32_t value.
  *
  * Optimized for the case where only a small set of numbers need
  * to be kept, especially when "close" together. Then storage space
@@ -36,48 +36,48 @@
  */
 
 /* 4 slots = 256 bits, keep this a 2^n value. */
-#define CURL_UINT_SPBSET_CH_SLOTS  4
-#define CURL_UINT_SPBSET_CH_MASK   ((CURL_UINT_SPBSET_CH_SLOTS * 64) - 1)
+#define CURL_UINT32_SPBSET_CH_SLOTS  4
+#define CURL_UINT32_SPBSET_CH_MASK   ((CURL_UINT32_SPBSET_CH_SLOTS * 64) - 1)
 
 /* store the uint value from offset to
- * (offset + (CURL_UINT_SPBSET_CHUNK_SLOTS * 64) - 1 */
-struct uint_spbset_chunk {
-  struct uint_spbset_chunk *next;
-  curl_uint64_t slots[CURL_UINT_SPBSET_CH_SLOTS];
-  unsigned int offset;
+ * (offset + (CURL_UINT32_SPBSET_CHUNK_SLOTS * 64) - 1 */
+struct uint32_spbset_chunk {
+  struct uint32_spbset_chunk *next;
+  uint64_t slots[CURL_UINT32_SPBSET_CH_SLOTS];
+  uint32_t offset;
 };
 
-struct uint_spbset {
-  struct uint_spbset_chunk head;
+struct uint32_spbset {
+  struct uint32_spbset_chunk head;
 #ifdef DEBUGBUILD
   int init;
 #endif
 };
 
-void Curl_uint_spbset_init(struct uint_spbset *bset);
+void Curl_uint32_spbset_init(struct uint32_spbset *bset);
 
-void Curl_uint_spbset_destroy(struct uint_spbset *bset);
+void Curl_uint32_spbset_destroy(struct uint32_spbset *bset);
 
 /* Get the cardinality of the bitset, e.g. numbers present in the set. */
-unsigned int Curl_uint_spbset_count(struct uint_spbset *bset);
+uint32_t Curl_uint32_spbset_count(struct uint32_spbset *bset);
 
 /* TRUE of bitset is empty */
-bool Curl_uint_spbset_empty(struct uint_spbset *bset);
+bool Curl_uint32_spbset_empty(struct uint32_spbset *bset);
 
 /* Add the number `i` to the bitset.
  * Numbers can be added more than once, without making a difference.
  * Returns FALSE if allocations failed. */
-bool Curl_uint_spbset_add(struct uint_spbset *bset, unsigned int i);
+bool Curl_uint32_spbset_add(struct uint32_spbset *bset, uint32_t i);
 
 /* Remove the number `i` from the bitset. */
-void Curl_uint_spbset_remove(struct uint_spbset *bset, unsigned int i);
+void Curl_uint32_spbset_remove(struct uint32_spbset *bset, uint32_t i);
 
 /* Return TRUE if the bitset contains number `i`. */
-bool Curl_uint_spbset_contains(struct uint_spbset *bset, unsigned int i);
+bool Curl_uint32_spbset_contains(struct uint32_spbset *bset, uint32_t i);
 
 /* Get the first number in the bitset, e.g. the smallest.
  * Returns FALSE when the bitset is empty. */
-bool Curl_uint_spbset_first(struct uint_spbset *bset, unsigned int *pfirst);
+bool Curl_uint32_spbset_first(struct uint32_spbset *bset, uint32_t *pfirst);
 
 /* Get the next number in the bitset, following `last` in natural order.
  * Put another way, this is the smallest number greater than `last` in
@@ -90,7 +90,7 @@ bool Curl_uint_spbset_first(struct uint_spbset *bset, unsigned int *pfirst);
  * - added numbers lower than 'last' will not show up.
  * - removed numbers lower or equal to 'last' will not show up.
  * - removed numbers higher than 'last' will not be visited. */
-bool Curl_uint_spbset_next(struct uint_spbset *bset, unsigned int last,
-                           unsigned int *pnext);
+bool Curl_uint32_spbset_next(struct uint32_spbset *bset, uint32_t last,
+                             uint32_t *pnext);
 
 #endif /* HEADER_CURL_UINT_SPBSET_H */
diff --git a/lib/uint-table.c b/lib/uint-table.c
index 5077363ab0..5516ab634b 100644
--- a/lib/uint-table.c
+++ b/lib/uint-table.c
@@ -30,29 +30,29 @@
 #include "memdebug.h"
 
 #ifdef DEBUGBUILD
-#define CURL_UINT_TBL_MAGIC  0x62757473
+#define CURL_UINT32_TBL_MAGIC  0x62757473
 #endif
 
 /* Clear the table, making it empty. */
-UNITTEST void Curl_uint_tbl_clear(struct uint_tbl *tbl);
+UNITTEST void Curl_uint32_tbl_clear(struct uint32_tbl *tbl);
 
-void Curl_uint_tbl_init(struct uint_tbl *tbl,
-                        Curl_uint_tbl_entry_dtor *entry_dtor)
+void Curl_uint32_tbl_init(struct uint32_tbl *tbl,
+                          Curl_uint32_tbl_entry_dtor *entry_dtor)
 {
   memset(tbl, 0, sizeof(*tbl));
   tbl->entry_dtor = entry_dtor;
-  tbl->last_key_added = UINT_MAX;
+  tbl->last_key_added = UINT32_MAX;
 #ifdef DEBUGBUILD
-  tbl->init = CURL_UINT_TBL_MAGIC;
+  tbl->init = CURL_UINT32_TBL_MAGIC;
 #endif
 }
 
 
-static void uint_tbl_clear_rows(struct uint_tbl *tbl,
-                                unsigned int from,
-                                unsigned int upto_excluding)
+static void uint32_tbl_clear_rows(struct uint32_tbl *tbl,
+                                  uint32_t from,
+                                  uint32_t upto_excluding)
 {
-  unsigned int i, end;
+  uint32_t i, end;
 
   end = CURLMIN(upto_excluding, tbl->nrows);
   for(i = from; i < end; ++i) {
@@ -66,10 +66,10 @@ static void uint_tbl_clear_rows(struct uint_tbl *tbl,
 }
 
 
-CURLcode Curl_uint_tbl_resize(struct uint_tbl *tbl, unsigned int nrows)
+CURLcode Curl_uint32_tbl_resize(struct uint32_tbl *tbl, uint32_t nrows)
 {
   /* we use `tbl->nrows + 1` during iteration, want that to work */
-  DEBUGASSERT(tbl->init == CURL_UINT_TBL_MAGIC);
+  DEBUGASSERT(tbl->init == CURL_UINT32_TBL_MAGIC);
   if(!nrows)
     return CURLE_BAD_FUNCTION_ARGUMENT;
   if(nrows != tbl->nrows) {
@@ -79,7 +79,7 @@ CURLcode Curl_uint_tbl_resize(struct uint_tbl *tbl, unsigned int nrows)
     if(tbl->rows) {
       memcpy(rows, tbl->rows, (CURLMIN(nrows, tbl->nrows) * sizeof(void *)));
       if(nrows < tbl->nrows)
-        uint_tbl_clear_rows(tbl, nrows, tbl->nrows);
+        uint32_tbl_clear_rows(tbl, nrows, tbl->nrows);
       free(tbl->rows);
     }
     tbl->rows = rows;
@@ -89,49 +89,49 @@ CURLcode Curl_uint_tbl_resize(struct uint_tbl *tbl, unsigned int nrows)
 }
 
 
-void Curl_uint_tbl_destroy(struct uint_tbl *tbl)
+void Curl_uint32_tbl_destroy(struct uint32_tbl *tbl)
 {
-  DEBUGASSERT(tbl->init == CURL_UINT_TBL_MAGIC);
-  Curl_uint_tbl_clear(tbl);
+  DEBUGASSERT(tbl->init == CURL_UINT32_TBL_MAGIC);
+  Curl_uint32_tbl_clear(tbl);
   free(tbl->rows);
   memset(tbl, 0, sizeof(*tbl));
 }
 
-UNITTEST void Curl_uint_tbl_clear(struct uint_tbl *tbl)
+UNITTEST void Curl_uint32_tbl_clear(struct uint32_tbl *tbl)
 {
-  DEBUGASSERT(tbl->init == CURL_UINT_TBL_MAGIC);
-  uint_tbl_clear_rows(tbl, 0, tbl->nrows);
+  DEBUGASSERT(tbl->init == CURL_UINT32_TBL_MAGIC);
+  uint32_tbl_clear_rows(tbl, 0, tbl->nrows);
   DEBUGASSERT(!tbl->nentries);
-  tbl->last_key_added = UINT_MAX;
+  tbl->last_key_added = UINT32_MAX;
 }
 
 
-unsigned int Curl_uint_tbl_capacity(struct uint_tbl *tbl)
+uint32_t Curl_uint32_tbl_capacity(struct uint32_tbl *tbl)
 {
   return tbl->nrows;
 }
 
 
-unsigned int Curl_uint_tbl_count(struct uint_tbl *tbl)
+uint32_t Curl_uint32_tbl_count(struct uint32_tbl *tbl)
 {
   return tbl->nentries;
 }
 
 
-void *Curl_uint_tbl_get(struct uint_tbl *tbl, unsigned int key)
+void *Curl_uint32_tbl_get(struct uint32_tbl *tbl, uint32_t key)
 {
   return (key < tbl->nrows) ? tbl->rows[key] : NULL;
 }
 
 
-bool Curl_uint_tbl_add(struct uint_tbl *tbl, void *entry, unsigned int *pkey)
+bool Curl_uint32_tbl_add(struct uint32_tbl *tbl, void *entry, uint32_t *pkey)
 {
-  unsigned int key, start_pos;
+  uint32_t key, start_pos;
 
-  DEBUGASSERT(tbl->init == CURL_UINT_TBL_MAGIC);
+  DEBUGASSERT(tbl->init == CURL_UINT32_TBL_MAGIC);
   if(!entry || !pkey)
     return FALSE;
-  *pkey = UINT_MAX;
+  *pkey = UINT32_MAX;
   if(tbl->nentries == tbl->nrows)  /* full */
     return FALSE;
 
@@ -161,20 +161,20 @@ bool Curl_uint_tbl_add(struct uint_tbl *tbl, void *entry, unsigned int *pkey)
 }
 
 
-void Curl_uint_tbl_remove(struct uint_tbl *tbl, unsigned int key)
+void Curl_uint32_tbl_remove(struct uint32_tbl *tbl, uint32_t key)
 {
-  uint_tbl_clear_rows(tbl, key, key + 1);
+  uint32_tbl_clear_rows(tbl, key, key + 1);
 }
 
 
-bool Curl_uint_tbl_contains(struct uint_tbl *tbl, unsigned int key)
+bool Curl_uint32_tbl_contains(struct uint32_tbl *tbl, uint32_t key)
 {
   return (key < tbl->nrows) ? !!tbl->rows[key] : FALSE;
 }
 
 
-static bool uint_tbl_next_at(struct uint_tbl *tbl, unsigned int key,
-                             unsigned int *pkey, void **pentry)
+static bool uint32_tbl_next_at(struct uint32_tbl *tbl, uint32_t key,
+                               uint32_t *pkey, void **pentry)
 {
   for(; key < tbl->nrows; ++key) {
     if(tbl->rows[key]) {
@@ -183,33 +183,33 @@ static bool uint_tbl_next_at(struct uint_tbl *tbl, unsigned int key,
       return TRUE;
     }
   }
-  *pkey = UINT_MAX;  /* always invalid */
+  *pkey = UINT32_MAX;  /* always invalid */
   *pentry = NULL;
   return FALSE;
 }
 
-bool Curl_uint_tbl_first(struct uint_tbl *tbl,
-                         unsigned int *pkey, void **pentry)
+bool Curl_uint32_tbl_first(struct uint32_tbl *tbl,
+                           uint32_t *pkey, void **pentry)
 {
   if(!pkey || !pentry)
     return FALSE;
-  if(tbl->nentries && uint_tbl_next_at(tbl, 0, pkey, pentry))
+  if(tbl->nentries && uint32_tbl_next_at(tbl, 0, pkey, pentry))
     return TRUE;
   DEBUGASSERT(!tbl->nentries);
-  *pkey = UINT_MAX;  /* always invalid */
+  *pkey = UINT32_MAX;  /* always invalid */
   *pentry = NULL;
   return FALSE;
 }
 
 
-bool Curl_uint_tbl_next(struct uint_tbl *tbl, unsigned int last_key,
-                        unsigned int *pkey, void **pentry)
+bool Curl_uint32_tbl_next(struct uint32_tbl *tbl, uint32_t last_key,
+                          uint32_t *pkey, void **pentry)
 {
   if(!pkey || !pentry)
     return FALSE;
-  if(uint_tbl_next_at(tbl, last_key + 1, pkey, pentry))
+  if(uint32_tbl_next_at(tbl, last_key + 1, pkey, pentry))
     return TRUE;
-  *pkey = UINT_MAX;  /* always invalid */
+  *pkey = UINT32_MAX;  /* always invalid */
   *pentry = NULL;
   return FALSE;
 }
diff --git a/lib/uint-table.h b/lib/uint-table.h
index c74ec7ad63..f3169fbc8f 100644
--- a/lib/uint-table.h
+++ b/lib/uint-table.h
@@ -28,14 +28,14 @@
 #include 
 
 /* Destructor for a single table entry */
-typedef void Curl_uint_tbl_entry_dtor(unsigned int key, void *entry);
+typedef void Curl_uint32_tbl_entry_dtor(uint32_t key, void *entry);
 
-struct uint_tbl {
+struct uint32_tbl {
   void **rows;  /* array of void* holding entries */
-  Curl_uint_tbl_entry_dtor *entry_dtor;
-  unsigned int nrows;  /* length of `rows` array */
-  unsigned int nentries; /* entries in table */
-  unsigned int last_key_added; /* UINT_MAX or last key added */
+  Curl_uint32_tbl_entry_dtor *entry_dtor;
+  uint32_t nrows;  /* length of `rows` array */
+  uint32_t nentries; /* entries in table */
+  uint32_t last_key_added; /* UINT_MAX or last key added */
 #ifdef DEBUGBUILD
   int init;
 #endif
@@ -44,42 +44,42 @@ struct uint_tbl {
 /* Initialize the table with 0 capacity.
  * The optional `entry_dtor` is called when a table entry is removed,
  * Passing NULL means no action is taken on removal. */
-void Curl_uint_tbl_init(struct uint_tbl *tbl,
-                        Curl_uint_tbl_entry_dtor *entry_dtor);
+void Curl_uint32_tbl_init(struct uint32_tbl *tbl,
+                          Curl_uint32_tbl_entry_dtor *entry_dtor);
 
 /* Resize the table to change capacity `nmax`. When `nmax` is reduced,
  * all present entries with key equal or larger to `nmax` are removed. */
-CURLcode Curl_uint_tbl_resize(struct uint_tbl *tbl, unsigned int nmax);
+CURLcode Curl_uint32_tbl_resize(struct uint32_tbl *tbl, uint32_t nmax);
 
 /* Destroy the table, freeing all entries. */
-void Curl_uint_tbl_destroy(struct uint_tbl *tbl);
+void Curl_uint32_tbl_destroy(struct uint32_tbl *tbl);
 
 /* Get the table capacity. */
-unsigned int Curl_uint_tbl_capacity(struct uint_tbl *tbl);
+uint32_t Curl_uint32_tbl_capacity(struct uint32_tbl *tbl);
 
 /* Get the number of entries in the table. */
-unsigned int Curl_uint_tbl_count(struct uint_tbl *tbl);
+uint32_t Curl_uint32_tbl_count(struct uint32_tbl *tbl);
 
 /* Get the entry for key or NULL if not present */
-void *Curl_uint_tbl_get(struct uint_tbl *tbl, unsigned int key);
+void *Curl_uint32_tbl_get(struct uint32_tbl *tbl, uint32_t key);
 
 /* Add a new entry to the table and assign it a free key.
  * Returns FALSE if the table is full.
  *
  * Keys are assigned in a round-robin manner.
  * No matter the capacity, UINT_MAX is never assigned. */
-bool Curl_uint_tbl_add(struct uint_tbl *tbl, void *entry, unsigned int *pkey);
+bool Curl_uint32_tbl_add(struct uint32_tbl *tbl, void *entry, uint32_t *pkey);
 
 /* Remove the entry with `key`. */
-void Curl_uint_tbl_remove(struct uint_tbl *tbl, unsigned int key);
+void Curl_uint32_tbl_remove(struct uint32_tbl *tbl, uint32_t key);
 
 /* Return TRUE if the table contains an tryn with that keys. */
-bool Curl_uint_tbl_contains(struct uint_tbl *tbl, unsigned int key);
+bool Curl_uint32_tbl_contains(struct uint32_tbl *tbl, uint32_t key);
 
 /* Get the first entry in the table (with the smallest `key`).
  * Returns FALSE if the table is empty. */
-bool Curl_uint_tbl_first(struct uint_tbl *tbl,
-                         unsigned int *pkey, void **pentry);
+bool Curl_uint32_tbl_first(struct uint32_tbl *tbl,
+                           uint32_t *pkey, void **pentry);
 
 /* Get the next key in the table, following `last_key` in natural order.
  * Put another way, this is the smallest key greater than `last_key` in
@@ -92,7 +92,7 @@ bool Curl_uint_tbl_first(struct uint_tbl *tbl,
  * - added keys lower than 'last_key' will not show up.
  * - removed keys lower or equal to 'last_key' will not show up.
  * - removed keys higher than 'last_key' will not be visited. */
-bool Curl_uint_tbl_next(struct uint_tbl *tbl, unsigned int last_key,
-                        unsigned int *pkey, void **pentry);
+bool Curl_uint32_tbl_next(struct uint32_tbl *tbl, uint32_t last_key,
+                          uint32_t *pkey, void **pentry);
 
 #endif /* HEADER_CURL_UINT_TABLE_H */
diff --git a/lib/url.c b/lib/url.c
index d953734dce..8b3f7f5ab7 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -513,8 +513,8 @@ CURLcode Curl_open(struct Curl_easy **curl)
   data->state.recent_conn_id = -1;
   /* and not assigned an id yet */
   data->id = -1;
-  data->mid = UINT_MAX;
-  data->master_mid = UINT_MAX;
+  data->mid = UINT32_MAX;
+  data->master_mid = UINT32_MAX;
   data->progress.hide = TRUE;
   data->state.current_speed = -1; /* init to negative == impossible */
 
@@ -575,7 +575,7 @@ void Curl_conn_free(struct Curl_easy *data, struct connectdata *conn)
   Curl_safefree(conn->unix_domain_socket);
 #endif
   Curl_safefree(conn->destination);
-  Curl_uint_spbset_destroy(&conn->xfers_attached);
+  Curl_uint32_spbset_destroy(&conn->xfers_attached);
   Curl_hash_destroy(&conn->meta_hash);
 
   free(conn); /* free all the connection oriented data */
@@ -1407,7 +1407,7 @@ static struct connectdata *allocate_conn(struct Curl_easy *data)
   conn->transport_wanted = TRNSPRT_TCP; /* most of them are TCP streams */
 
   /* Initialize the attached xfers bitset */
-  Curl_uint_spbset_init(&conn->xfers_attached);
+  Curl_uint32_spbset_init(&conn->xfers_attached);
 
   /* Store the local bind parameters that will be used for this connection */
   if(data->set.str[STRING_DEVICE]) {
@@ -3685,7 +3685,7 @@ static CURLcode create_conn(struct Curl_easy *data,
         connections_available = FALSE;
         break;
       case CPOOL_LIMIT_TOTAL:
-        if(data->master_mid != UINT_MAX)
+        if(data->master_mid != UINT32_MAX)
           CURL_TRC_M(data, "Allowing sub-requests (like DoH) to override "
                      "max connection limit");
         else {
diff --git a/lib/urldata.h b/lib/urldata.h
index e4fc49753f..c71607ea7d 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -610,8 +610,8 @@ struct connectdata {
      handle is still used by one or more easy handles and can only used by any
      other easy handle without careful consideration (== only for
      multiplexing) and it cannot be used by another multi handle! */
-#define CONN_INUSE(c) (!Curl_uint_spbset_empty(&(c)->xfers_attached))
-#define CONN_ATTACHED(c) Curl_uint_spbset_count(&(c)->xfers_attached)
+#define CONN_INUSE(c) (!Curl_uint32_spbset_empty(&(c)->xfers_attached))
+#define CONN_ATTACHED(c) Curl_uint32_spbset_count(&(c)->xfers_attached)
 
   /**** Fields set when inited and not modified again */
   curl_off_t connection_id; /* Contains a unique number to make it easier to
@@ -671,7 +671,7 @@ struct connectdata {
      was used on this connection. */
   struct curltime keepalive;
 
-  struct uint_spbset xfers_attached; /* mids of attached transfers */
+  struct uint32_spbset xfers_attached; /* mids of attached transfers */
   /* A connection cache from a SHARE might be used in several multi handles.
    * We MUST not reuse connections that are running in another multi,
    * for concurrency reasons. That multi might run in another thread.
@@ -1631,8 +1631,8 @@ struct Curl_easy {
   /* once an easy handle is added to a multi, either explicitly by the
    * libcurl application or implicitly during `curl_easy_perform()`,
    * a unique identifier inside this one multi instance. */
-  unsigned int mid;
-  unsigned int master_mid; /* if set, this transfer belongs to a master */
+  uint32_t mid;
+  uint32_t master_mid; /* if set, this transfer belongs to a master */
   multi_sub_xfer_done_cb *sub_xfer_done;
 
   struct connectdata *conn;
diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c
index d643928784..ad1f2b2b25 100644
--- a/lib/vquic/curl_ngtcp2.c
+++ b/lib/vquic/curl_ngtcp2.c
@@ -168,7 +168,7 @@ static void cf_ngtcp2_ctx_init(struct cf_ngtcp2_ctx *ctx)
   Curl_bufcp_init(&ctx->stream_bufcp, H3_STREAM_CHUNK_SIZE,
                   H3_STREAM_POOL_SPARES);
   curlx_dyn_init(&ctx->scratch, CURL_MAX_HTTP_HEADER);
-  Curl_uint_hash_init(&ctx->streams, 63, h3_stream_hash_free);
+  Curl_uint32_hash_init(&ctx->streams, 63, h3_stream_hash_free);
   ctx->initialized = TRUE;
 }
 
@@ -179,7 +179,7 @@ static void cf_ngtcp2_ctx_free(struct cf_ngtcp2_ctx *ctx)
     vquic_ctx_free(&ctx->q);
     Curl_bufcp_free(&ctx->stream_bufcp);
     curlx_dyn_free(&ctx->scratch);
-    Curl_uint_hash_destroy(&ctx->streams);
+    Curl_uint32_hash_destroy(&ctx->streams);
     Curl_ssl_peer_cleanup(&ctx->peer);
   }
   free(ctx);
@@ -207,7 +207,7 @@ static void cf_ngtcp2_setup_keep_alive(struct Curl_cfilter *cf,
     ngtcp2_conn_set_keep_alive_timeout(ctx->qconn, UINT64_MAX);
     CURL_TRC_CF(data, cf, "no peer idle timeout, unset keep-alive");
   }
-  else if(!Curl_uint_hash_count(&ctx->streams)) {
+  else if(!Curl_uint32_hash_count(&ctx->streams)) {
     ngtcp2_conn_set_keep_alive_timeout(ctx->qconn, UINT64_MAX);
     CURL_TRC_CF(data, cf, "no active streams, unset keep-alive");
   }
@@ -288,12 +288,12 @@ static CURLcode h3_data_setup(struct Curl_cfilter *cf,
   stream->sendbuf_len_in_flight = 0;
   Curl_h1_req_parse_init(&stream->h1, H1_PARSE_DEFAULT_MAX_LINE_LEN);
 
-  if(!Curl_uint_hash_set(&ctx->streams, data->mid, stream)) {
+  if(!Curl_uint32_hash_set(&ctx->streams, data->mid, stream)) {
     h3_stream_ctx_free(stream);
     return CURLE_OUT_OF_MEMORY;
   }
 
-  if(Curl_uint_hash_count(&ctx->streams) == 1)
+  if(Curl_uint32_hash_count(&ctx->streams) == 1)
     cf_ngtcp2_setup_keep_alive(cf, data);
 
   return CURLE_OK;
@@ -303,10 +303,10 @@ static CURLcode h3_data_setup(struct Curl_cfilter *cf,
 struct cf_ngtcp2_sfind_ctx {
   int64_t stream_id;
   struct h3_stream_ctx *stream;
-  unsigned int mid;
+  uint32_t mid;
 };
 
-static bool cf_ngtcp2_sfind(unsigned int mid, void *value, void *user_data)
+static bool cf_ngtcp2_sfind(uint32_t mid, void *value, void *user_data)
 {
   struct cf_ngtcp2_sfind_ctx *fctx = user_data;
   struct h3_stream_ctx *stream = value;
@@ -325,7 +325,7 @@ cf_ngtcp2_get_stream(struct cf_ngtcp2_ctx *ctx, int64_t stream_id)
   struct cf_ngtcp2_sfind_ctx fctx;
   fctx.stream_id = stream_id;
   fctx.stream = NULL;
-  Curl_uint_hash_visit(&ctx->streams, cf_ngtcp2_sfind, &fctx);
+  Curl_uint32_hash_visit(&ctx->streams, cf_ngtcp2_sfind, &fctx);
   return fctx.stream;
 }
 #else
@@ -374,8 +374,8 @@ static void h3_data_done(struct Curl_cfilter *cf, struct Curl_easy *data)
     CURL_TRC_CF(data, cf, "[%" PRId64 "] easy handle is done",
                 stream->id);
     cf_ngtcp2_stream_close(cf, data, stream);
-    Curl_uint_hash_remove(&ctx->streams, data->mid);
-    if(!Curl_uint_hash_count(&ctx->streams))
+    Curl_uint32_hash_remove(&ctx->streams, data->mid);
+    if(!Curl_uint32_hash_count(&ctx->streams))
       cf_ngtcp2_setup_keep_alive(cf, data);
   }
 }
diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c
index 9d0193d554..ade94bf40a 100644
--- a/lib/vquic/curl_osslq.c
+++ b/lib/vquic/curl_osslq.c
@@ -305,7 +305,7 @@ static void cf_osslq_ctx_init(struct cf_osslq_ctx *ctx)
   DEBUGASSERT(!ctx->initialized);
   Curl_bufcp_init(&ctx->stream_bufcp, H3_STREAM_CHUNK_SIZE,
                   H3_STREAM_POOL_SPARES);
-  Curl_uint_hash_init(&ctx->streams, 63, h3_stream_hash_free);
+  Curl_uint32_hash_init(&ctx->streams, 63, h3_stream_hash_free);
   ctx->poll_items = NULL;
   ctx->curl_items = NULL;
   ctx->items_max = 0;
@@ -316,7 +316,7 @@ static void cf_osslq_ctx_free(struct cf_osslq_ctx *ctx)
 {
   if(ctx && ctx->initialized) {
     Curl_bufcp_free(&ctx->stream_bufcp);
-    Curl_uint_hash_destroy(&ctx->streams);
+    Curl_uint32_hash_destroy(&ctx->streams);
     Curl_ssl_peer_cleanup(&ctx->peer);
     free(ctx->poll_items);
     free(ctx->curl_items);
@@ -634,7 +634,7 @@ static CURLcode h3_data_setup(struct Curl_cfilter *cf,
   stream->recv_buf_nonflow = 0;
   Curl_h1_req_parse_init(&stream->h1, H1_PARSE_DEFAULT_MAX_LINE_LEN);
 
-  if(!Curl_uint_hash_set(&ctx->streams, data->mid, stream)) {
+  if(!Curl_uint32_hash_set(&ctx->streams, data->mid, stream)) {
     h3_stream_ctx_free(stream);
     return CURLE_OUT_OF_MEMORY;
   }
@@ -659,7 +659,7 @@ static void h3_data_done(struct Curl_cfilter *cf, struct Curl_easy *data)
       stream->closed = TRUE;
     }
 
-    Curl_uint_hash_remove(&ctx->streams, data->mid);
+    Curl_uint32_hash_remove(&ctx->streams, data->mid);
   }
 }
 
@@ -668,7 +668,7 @@ struct cf_ossq_find_ctx {
   struct h3_stream_ctx *stream;
 };
 
-static bool cf_osslq_find_stream(unsigned int mid, void *val, void *user_data)
+static bool cf_osslq_find_stream(uint32_t mid, void *val, void *user_data)
 {
   struct h3_stream_ctx *stream = val;
   struct cf_ossq_find_ctx *fctx = user_data;
@@ -704,7 +704,7 @@ static struct cf_osslq_stream *cf_osslq_get_qstream(struct Curl_cfilter *cf,
     struct cf_ossq_find_ctx fctx;
     fctx.stream_id = stream_id;
     fctx.stream = NULL;
-    Curl_uint_hash_visit(&ctx->streams, cf_osslq_find_stream, &fctx);
+    Curl_uint32_hash_visit(&ctx->streams, cf_osslq_find_stream, &fctx);
     if(fctx.stream)
       return &fctx.stream->s;
   }
@@ -1392,7 +1392,7 @@ struct cf_ossq_recv_ctx {
   CURLcode result;
 };
 
-static bool cf_osslq_iter_recv(unsigned int mid, void *val, void *user_data)
+static bool cf_osslq_iter_recv(uint32_t mid, void *val, void *user_data)
 {
   struct h3_stream_ctx *stream = val;
   struct cf_ossq_recv_ctx *rctx = user_data;
@@ -1455,7 +1455,7 @@ static CURLcode cf_progress_ingress(struct Curl_cfilter *cf,
     rctx.cf = cf;
     rctx.multi = data->multi;
     rctx.result = CURLE_OK;
-    Curl_uint_hash_visit(&ctx->streams, cf_osslq_iter_recv, &rctx);
+    Curl_uint32_hash_visit(&ctx->streams, cf_osslq_iter_recv, &rctx);
     result = rctx.result;
   }
 
@@ -1470,7 +1470,7 @@ struct cf_ossq_fill_ctx {
   size_t n;
 };
 
-static bool cf_osslq_collect_block_send(unsigned int mid, void *val,
+static bool cf_osslq_collect_block_send(uint32_t mid, void *val,
                                         void *user_data)
 {
   struct h3_stream_ctx *stream = val;
@@ -1508,8 +1508,8 @@ static CURLcode cf_osslq_check_and_unblock(struct Curl_cfilter *cf,
   if(ctx->h3.conn) {
     struct cf_ossq_fill_ctx fill_ctx;
 
-    if(ctx->items_max < Curl_uint_hash_count(&ctx->streams)) {
-      size_t nmax = Curl_uint_hash_count(&ctx->streams);
+    if(ctx->items_max < Curl_uint32_hash_count(&ctx->streams)) {
+      size_t nmax = Curl_uint32_hash_count(&ctx->streams);
       ctx->items_max = 0;
       tmpptr = realloc(ctx->poll_items, nmax * sizeof(SSL_POLL_ITEM));
       if(!tmpptr) {
@@ -1534,7 +1534,7 @@ static CURLcode cf_osslq_check_and_unblock(struct Curl_cfilter *cf,
     fill_ctx.ctx = ctx;
     fill_ctx.multi = data->multi;
     fill_ctx.n = 0;
-    Curl_uint_hash_visit(&ctx->streams, cf_osslq_collect_block_send,
+    Curl_uint32_hash_visit(&ctx->streams, cf_osslq_collect_block_send,
                          &fill_ctx);
     poll_count = fill_ctx.n;
     if(poll_count) {
diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c
index 51cadd2e6e..5082dc750b 100644
--- a/lib/vquic/curl_quiche.c
+++ b/lib/vquic/curl_quiche.c
@@ -125,7 +125,7 @@ static void cf_quiche_ctx_init(struct cf_quiche_ctx *ctx)
 #endif
   Curl_bufcp_init(&ctx->stream_bufcp, H3_STREAM_CHUNK_SIZE,
                   H3_STREAM_POOL_SPARES);
-  Curl_uint_hash_init(&ctx->streams, 63, h3_stream_hash_free);
+  Curl_uint32_hash_init(&ctx->streams, 63, h3_stream_hash_free);
   ctx->data_recvd = 0;
   ctx->initialized = TRUE;
 }
@@ -139,7 +139,7 @@ static void cf_quiche_ctx_free(struct cf_quiche_ctx *ctx)
     Curl_ssl_peer_cleanup(&ctx->peer);
     vquic_ctx_free(&ctx->q);
     Curl_bufcp_free(&ctx->stream_bufcp);
-    Curl_uint_hash_destroy(&ctx->streams);
+    Curl_uint32_hash_destroy(&ctx->streams);
   }
   free(ctx);
 }
@@ -210,7 +210,7 @@ struct cf_quiche_visit_ctx {
   void *user_data;
 };
 
-static bool cf_quiche_stream_do(unsigned int mid, void *val, void *user_data)
+static bool cf_quiche_stream_do(uint32_t mid, void *val, void *user_data)
 {
   struct cf_quiche_visit_ctx *vctx = user_data;
   struct h3_stream_ctx *stream = val;
@@ -231,7 +231,7 @@ static void cf_quiche_for_all_streams(struct Curl_cfilter *cf,
   vctx.multi = multi;
   vctx.cb = do_cb;
   vctx.user_data = user_data;
-  Curl_uint_hash_visit(&ctx->streams, cf_quiche_stream_do, &vctx);
+  Curl_uint32_hash_visit(&ctx->streams, cf_quiche_stream_do, &vctx);
 }
 
 static bool cf_quiche_do_resume(struct Curl_cfilter *cf,
@@ -278,7 +278,7 @@ static CURLcode h3_data_setup(struct Curl_cfilter *cf,
                   H3_STREAM_RECV_CHUNKS, BUFQ_OPT_SOFT_LIMIT);
   Curl_h1_req_parse_init(&stream->h1, H1_PARSE_DEFAULT_MAX_LINE_LEN);
 
-  if(!Curl_uint_hash_set(&ctx->streams, data->mid, stream)) {
+  if(!Curl_uint32_hash_set(&ctx->streams, data->mid, stream)) {
     h3_stream_ctx_free(stream);
     return CURLE_OUT_OF_MEMORY;
   }
@@ -308,7 +308,7 @@ static void h3_data_done(struct Curl_cfilter *cf, struct Curl_easy *data)
       if(result)
         CURL_TRC_CF(data, cf, "data_done, flush egress -> %d", result);
     }
-    Curl_uint_hash_remove(&ctx->streams, data->mid);
+    Curl_uint32_hash_remove(&ctx->streams, data->mid);
   }
 }
 
@@ -558,7 +558,7 @@ struct cf_quich_disp_ctx {
   CURLcode result;
 };
 
-static bool cf_quiche_disp_event(unsigned int mid, void *val, void *user_data)
+static bool cf_quiche_disp_event(uint32_t mid, void *val, void *user_data)
 {
   struct cf_quich_disp_ctx *dctx = user_data;
   struct h3_stream_ctx *stream = val;
@@ -607,7 +607,7 @@ static CURLcode cf_poll_events(struct Curl_cfilter *cf,
       else {
         /* another transfer, do not return errors, as they are not for
          * the calling transfer */
-        Curl_uint_hash_visit(&ctx->streams, cf_quiche_disp_event, &dctx);
+        Curl_uint32_hash_visit(&ctx->streams, cf_quiche_disp_event, &dctx);
         quiche_h3_event_free(ev);
       }
     }
diff --git a/lib/vquic/vquic_int.h b/lib/vquic/vquic_int.h
index 4e5959a4f8..ef92ab21b7 100644
--- a/lib/vquic/vquic_int.h
+++ b/lib/vquic/vquic_int.h
@@ -52,7 +52,7 @@ struct cf_quic_ctx {
 };
 
 #define H3_STREAM_CTX(ctx,data)                                         \
-  (data ? Curl_uint_hash_get(&(ctx)->streams, (data)->mid) : NULL)
+  (data ? Curl_uint32_hash_get(&(ctx)->streams, (data)->mid) : NULL)
 
 CURLcode vquic_ctx_init(struct cf_quic_ctx *qctx);
 void vquic_ctx_free(struct cf_quic_ctx *qctx);
diff --git a/tests/unit/unit1616.c b/tests/unit/unit1616.c
index 7641cbeace..5d1e6f247e 100644
--- a/tests/unit/unit1616.c
+++ b/tests/unit/unit1616.c
@@ -36,13 +36,13 @@ static void t1616_mydtor(unsigned int id, void *elem)
 
 static CURLcode t1616_setup(struct uint_hash *hash)
 {
-  Curl_uint_hash_init(hash, 15, t1616_mydtor);
+  Curl_uint32_hash_init(hash, 15, t1616_mydtor);
   return CURLE_OK;
 }
 
 static void t1616_stop(struct uint_hash *hash)
 {
-  Curl_uint_hash_destroy(hash);
+  Curl_uint32_hash_destroy(hash);
 }
 
 static CURLcode test_unit1616(const char *arg)
@@ -61,27 +61,27 @@ static CURLcode test_unit1616(const char *arg)
   value = malloc(sizeof(int));
   abort_unless(value != NULL, "Out of memory");
   *value = 199;
-  ok = Curl_uint_hash_set(&hash, key, value);
+  ok = Curl_uint32_hash_set(&hash, key, value);
   if(!ok)
     free(value);
   abort_unless(ok, "insertion into hash failed");
-  v = Curl_uint_hash_get(&hash, key);
+  v = Curl_uint32_hash_get(&hash, key);
   abort_unless(v == value, "lookup present entry failed");
-  v = Curl_uint_hash_get(&hash, key2);
+  v = Curl_uint32_hash_get(&hash, key2);
   abort_unless(!v, "lookup missing entry failed");
-  Curl_uint_hash_clear(&hash);
+  Curl_uint32_hash_clear(&hash);
 
   /* Attempt to add another key/value pair */
   value2 = malloc(sizeof(int));
   abort_unless(value2 != NULL, "Out of memory");
   *value2 = 204;
-  ok = Curl_uint_hash_set(&hash, key2, value2);
+  ok = Curl_uint32_hash_set(&hash, key2, value2);
   if(!ok)
     free(value2);
   abort_unless(ok, "insertion into hash failed");
-  v = Curl_uint_hash_get(&hash, key2);
+  v = Curl_uint32_hash_get(&hash, key2);
   abort_unless(v == value2, "lookup present entry failed");
-  v = Curl_uint_hash_get(&hash, key);
+  v = Curl_uint32_hash_get(&hash, key);
   abort_unless(!v, "lookup missing entry failed");
 
   UNITTEST_END(t1616_stop(&hash))
diff --git a/tests/unit/unit3211.c b/tests/unit/unit3211.c
index c2fac4bbc5..1ec30ac9a2 100644
--- a/tests/unit/unit3211.c
+++ b/tests/unit/unit3211.c
@@ -30,36 +30,38 @@
 static void check_set(const char *name, unsigned int capacity,
                       const unsigned int *s, size_t slen)
 {
-  struct uint_bset bset;
+  struct uint32_bset bset;
   size_t i, j;
   unsigned int n, c;
 
   curl_mfprintf(stderr, "test %s, capacity=%u, %zu numbers\n",
                 name, capacity, slen);
-  Curl_uint_bset_init(&bset);
-  fail_unless(!Curl_uint_bset_resize(&bset, capacity), "bset resize failed");
-  c = Curl_uint_bset_capacity(&bset);
+  Curl_uint32_bset_init(&bset);
+  fail_unless(!Curl_uint32_bset_resize(&bset, capacity), "bset resize failed");
+  c = Curl_uint32_bset_capacity(&bset);
   fail_unless(c == (((capacity + 63) / 64) * 64), "wrong capacity");
 
-  Curl_uint_bset_clear(&bset);
-  c = Curl_uint_bset_count(&bset);
+  Curl_uint32_bset_clear(&bset);
+  c = Curl_uint32_bset_count(&bset);
   fail_unless(c == 0, "set count is not 0");
 
   for(i = 0; i < slen; ++i) { /* add all */
-    fail_unless(Curl_uint_bset_add(&bset, s[i]), "failed to add");
+    fail_unless(Curl_uint32_bset_add(&bset, s[i]), "failed to add");
     for(j = i + 1; j < slen; ++j)
-      fail_unless(!Curl_uint_bset_contains(&bset, s[j]), "unexpectedly found");
+      fail_unless(!Curl_uint32_bset_contains(&bset, s[j]),
+                  "unexpectedly found");
   }
 
   for(i = 0; i < slen; ++i) { /* all present */
-    fail_unless(Curl_uint_bset_contains(&bset, s[i]), "failed presence check");
+    fail_unless(Curl_uint32_bset_contains(&bset, s[i]),
+                "failed presence check");
   }
 
   /* iterator over all numbers */
-  fail_unless(Curl_uint_bset_first(&bset, &n), "first failed");
+  fail_unless(Curl_uint32_bset_first(&bset, &n), "first failed");
   fail_unless(n == s[0], "first not correct number");
   for(i = 1; i < slen; ++i) {
-    fail_unless(Curl_uint_bset_next(&bset, n, &n), "next failed");
+    fail_unless(Curl_uint32_bset_next(&bset, n, &n), "next failed");
     if(n != s[i]) {
       curl_mfprintf(stderr, "expected next to be %u, not %u\n", s[i], n);
       fail_unless(n == s[i], "next not correct number");
@@ -67,57 +69,58 @@ static void check_set(const char *name, unsigned int capacity,
   }
 
   /* Adding capacity number does not work (0 - capacity-1) */
-  c = Curl_uint_bset_capacity(&bset);
-  fail_unless(!Curl_uint_bset_add(&bset, c), "add out of range worked");
+  c = Curl_uint32_bset_capacity(&bset);
+  fail_unless(!Curl_uint32_bset_add(&bset, c), "add out of range worked");
   /* The count it correct */
-  c = Curl_uint_bset_count(&bset);
+  c = Curl_uint32_bset_count(&bset);
   fail_unless(c == slen, "set count is wrong");
 
   for(i = 0; i < slen; i += 2) { /* remove every 2nd */
-    Curl_uint_bset_remove(&bset, s[i]);
-    fail_unless(!Curl_uint_bset_contains(&bset, s[i]), "unexpectedly found");
+    Curl_uint32_bset_remove(&bset, s[i]);
+    fail_unless(!Curl_uint32_bset_contains(&bset, s[i]), "unexpectedly found");
   }
   for(i = 1; i < slen; i += 2) { /* others still there */
-    fail_unless(Curl_uint_bset_contains(&bset, s[i]), "unexpectedly gone");
+    fail_unless(Curl_uint32_bset_contains(&bset, s[i]), "unexpectedly gone");
   }
   /* The count is half */
-  c = Curl_uint_bset_count(&bset);
+  c = Curl_uint32_bset_count(&bset);
   fail_unless(c == slen/2, "set count is wrong");
 
-  Curl_uint_bset_clear(&bset);
-  c = Curl_uint_bset_count(&bset);
+  Curl_uint32_bset_clear(&bset);
+  c = Curl_uint32_bset_count(&bset);
   fail_unless(c == 0, "set count is not 0");
   for(i = 0; i < slen; i++) { /* none present any longer */
-    fail_unless(!Curl_uint_bset_contains(&bset, s[i]), "unexpectedly there");
+    fail_unless(!Curl_uint32_bset_contains(&bset, s[i]), "unexpectedly there");
   }
 
   for(i = 0; i < slen; ++i) { /* add all again */
-    fail_unless(Curl_uint_bset_add(&bset, s[i]), "failed to add");
+    fail_unless(Curl_uint32_bset_add(&bset, s[i]), "failed to add");
   }
 
-  fail_unless(!Curl_uint_bset_resize(&bset, capacity * 2),
+  fail_unless(!Curl_uint32_bset_resize(&bset, capacity * 2),
               "resize double failed");
   for(i = 0; i < slen; i++) { /* all still present after resize */
-    fail_unless(Curl_uint_bset_contains(&bset, s[i]), "unexpectedly lost");
+    fail_unless(Curl_uint32_bset_contains(&bset, s[i]), "unexpectedly lost");
   }
 
-  fail_unless(!Curl_uint_bset_resize(&bset, capacity), "resize back failed");
+  fail_unless(!Curl_uint32_bset_resize(&bset, capacity), "resize back failed");
   for(i = 0; i < slen; i++)  /* all still present after resize back */
-    fail_unless(Curl_uint_bset_contains(&bset, s[i]), "unexpectedly lost");
+    fail_unless(Curl_uint32_bset_contains(&bset, s[i]), "unexpectedly lost");
 
-  fail_unless(!Curl_uint_bset_resize(&bset, capacity/2), "resize half failed");
+  fail_unless(!Curl_uint32_bset_resize(&bset, capacity/2),
+              "resize half failed");
   /* halved the size, what numbers remain in set? */
-  c = Curl_uint_bset_capacity(&bset);
+  c = Curl_uint32_bset_capacity(&bset);
   n = 0;
   for(i = 0; i < slen; ++i) {
     if(s[i] < c)
       ++n;
   }
-  fail_unless(n == Curl_uint_bset_count(&bset), "set count(halved) wrong");
+  fail_unless(n == Curl_uint32_bset_count(&bset), "set count(halved) wrong");
   for(i = 0; i < n; i++)  /* still present after resize half */
-    fail_unless(Curl_uint_bset_contains(&bset, s[i]), "unexpectedly lost");
+    fail_unless(Curl_uint32_bset_contains(&bset, s[i]), "unexpectedly lost");
 
-  Curl_uint_bset_destroy(&bset);
+  Curl_uint32_bset_destroy(&bset);
 }
 
 static CURLcode test_unit3211(const char *arg)
diff --git a/tests/unit/unit3212.c b/tests/unit/unit3212.c
index 261d294528..0bffd1f79c 100644
--- a/tests/unit/unit3212.c
+++ b/tests/unit/unit3212.c
@@ -30,20 +30,20 @@
 
 #define TBL_SIZE    100
 
-static CURLcode t3212_setup(struct uint_tbl *tbl)
+static CURLcode t3212_setup(struct uint32_tbl *tbl)
 {
-  Curl_uint_tbl_init(tbl, NULL);
-  return Curl_uint_tbl_resize(tbl, TBL_SIZE);
+  Curl_uint32_tbl_init(tbl, NULL);
+  return Curl_uint32_tbl_resize(tbl, TBL_SIZE);
 }
 
-static void t3212_stop(struct uint_tbl *tbl)
+static void t3212_stop(struct uint32_tbl *tbl)
 {
-  Curl_uint_tbl_destroy(tbl);
+  Curl_uint32_tbl_destroy(tbl);
 }
 
 static CURLcode test_unit3212(const char *arg)
 {
-  struct uint_tbl tbl;
+  struct uint32_tbl tbl;
   int dummy;
 
   UNITTEST_BEGIN(t3212_setup(&tbl))
@@ -51,83 +51,85 @@ static CURLcode test_unit3212(const char *arg)
   unsigned int i, key, n;
   void *entry;
 
-  fail_unless(Curl_uint_tbl_capacity(&tbl) == TBL_SIZE, "wrong capacity");
+  fail_unless(Curl_uint32_tbl_capacity(&tbl) == TBL_SIZE, "wrong capacity");
 
   for(i = 0; i < TBL_SIZE; ++i) {
-    fail_unless(Curl_uint_tbl_add(&tbl, &dummy, &key), "failed to add");
+    fail_unless(Curl_uint32_tbl_add(&tbl, &dummy, &key), "failed to add");
     fail_unless(key == i, "unexpected key assigned");
   }
   /* table should be full now */
-  fail_unless(Curl_uint_tbl_count(&tbl) == TBL_SIZE, "wrong count");
-  fail_unless(!Curl_uint_tbl_add(&tbl, &dummy, &key), "could add more");
+  fail_unless(Curl_uint32_tbl_count(&tbl) == TBL_SIZE, "wrong count");
+  fail_unless(!Curl_uint32_tbl_add(&tbl, &dummy, &key), "could add more");
   /* remove every 2nd entry, from full table */
   n = TBL_SIZE;
   for(i = 0; i < TBL_SIZE; i += 2) {
-    Curl_uint_tbl_remove(&tbl, i);
+    Curl_uint32_tbl_remove(&tbl, i);
     --n;
-    fail_unless(Curl_uint_tbl_count(&tbl) == n, "wrong count after remove");
+    fail_unless(Curl_uint32_tbl_count(&tbl) == n, "wrong count after remove");
   }
   /* remove same again, should not change count */
   for(i = 0; i < TBL_SIZE; i += 2) {
-    Curl_uint_tbl_remove(&tbl, i);
-    fail_unless(Curl_uint_tbl_count(&tbl) == n, "wrong count after remove");
+    Curl_uint32_tbl_remove(&tbl, i);
+    fail_unless(Curl_uint32_tbl_count(&tbl) == n, "wrong count after remove");
   }
   /* still contains all odd entries */
   for(i = 1; i < TBL_SIZE; i += 2) {
-    fail_unless(Curl_uint_tbl_contains(&tbl, i), "does not contain");
-    fail_unless(Curl_uint_tbl_get(&tbl, i) == &dummy,
+    fail_unless(Curl_uint32_tbl_contains(&tbl, i), "does not contain");
+    fail_unless(Curl_uint32_tbl_get(&tbl, i) == &dummy,
                 "does not contain dummy");
   }
   /* get the first key */
-  fail_unless(Curl_uint_tbl_first(&tbl, &key, &entry), "first failed");
+  fail_unless(Curl_uint32_tbl_first(&tbl, &key, &entry), "first failed");
   fail_unless(key == 1, "unexpected first key");
   fail_unless(entry == &dummy, "unexpected first entry");
   /* get the second key */
-  fail_unless(Curl_uint_tbl_next(&tbl, 1, &key, &entry), "next1 failed");
+  fail_unless(Curl_uint32_tbl_next(&tbl, 1, &key, &entry), "next1 failed");
   fail_unless(key == 3, "unexpected second key");
   fail_unless(entry == &dummy, "unexpected second entry");
   /* get the key after 42 */
-  fail_unless(Curl_uint_tbl_next(&tbl, 42, &key, &entry), "next42 failed");
+  fail_unless(Curl_uint32_tbl_next(&tbl, 42, &key, &entry), "next42 failed");
   fail_unless(key == 43, "unexpected next42 key");
   fail_unless(entry == &dummy, "unexpected next42 entry");
 
   /* double capacity */
-  n = Curl_uint_tbl_count(&tbl);
-  fail_unless(!Curl_uint_tbl_resize(&tbl, TBL_SIZE * 2),
+  n = Curl_uint32_tbl_count(&tbl);
+  fail_unless(!Curl_uint32_tbl_resize(&tbl, TBL_SIZE * 2),
               "error doubling size");
-  fail_unless(Curl_uint_tbl_count(&tbl) == n, "wrong resize count");
+  fail_unless(Curl_uint32_tbl_count(&tbl) == n, "wrong resize count");
   /* resize to half of original */
-  fail_unless(!Curl_uint_tbl_resize(&tbl, TBL_SIZE / 2), "error halving size");
-  fail_unless(Curl_uint_tbl_count(&tbl) == n / 2, "wrong half size count");
+  fail_unless(!Curl_uint32_tbl_resize(&tbl, TBL_SIZE / 2),
+              "error halving size");
+  fail_unless(Curl_uint32_tbl_count(&tbl) == n / 2, "wrong half size count");
   for(i = 1; i < TBL_SIZE / 2; i += 2) {
-    fail_unless(Curl_uint_tbl_contains(&tbl, i), "does not contain");
-    fail_unless(Curl_uint_tbl_get(&tbl, i) == &dummy,
+    fail_unless(Curl_uint32_tbl_contains(&tbl, i), "does not contain");
+    fail_unless(Curl_uint32_tbl_get(&tbl, i) == &dummy,
                 "does not contain dummy");
   }
   /* clear */
-  Curl_uint_tbl_clear(&tbl);
-  fail_unless(!Curl_uint_tbl_count(&tbl), "count not 0 after clear");
+  Curl_uint32_tbl_clear(&tbl);
+  fail_unless(!Curl_uint32_tbl_count(&tbl), "count not 0 after clear");
   for(i = 0; i < TBL_SIZE / 2; ++i) {
-    fail_unless(!Curl_uint_tbl_contains(&tbl, i), "does contain, should not");
+    fail_unless(!Curl_uint32_tbl_contains(&tbl, i),
+                "does contain, should not");
   }
   /* add after clear gets key 0 again */
-  fail_unless(Curl_uint_tbl_add(&tbl, &dummy, &key), "failed to add");
+  fail_unless(Curl_uint32_tbl_add(&tbl, &dummy, &key), "failed to add");
   fail_unless(key == 0, "unexpected key assigned");
   /* remove it again and add, should get key 1 */
-  Curl_uint_tbl_remove(&tbl, key);
-  fail_unless(Curl_uint_tbl_add(&tbl, &dummy, &key), "failed to add");
+  Curl_uint32_tbl_remove(&tbl, key);
+  fail_unless(Curl_uint32_tbl_add(&tbl, &dummy, &key), "failed to add");
   fail_unless(key == 1, "unexpected key assigned");
   /* clear, fill, remove one, add, should get the removed key again */
-  Curl_uint_tbl_clear(&tbl);
-  for(i = 0; i < Curl_uint_tbl_capacity(&tbl); ++i)
-    fail_unless(Curl_uint_tbl_add(&tbl, &dummy, &key), "failed to add");
-  fail_unless(!Curl_uint_tbl_add(&tbl, &dummy, &key), "add on full");
-  Curl_uint_tbl_remove(&tbl, 17);
-  fail_unless(Curl_uint_tbl_add(&tbl, &dummy, &key), "failed to add again");
+  Curl_uint32_tbl_clear(&tbl);
+  for(i = 0; i < Curl_uint32_tbl_capacity(&tbl); ++i)
+    fail_unless(Curl_uint32_tbl_add(&tbl, &dummy, &key), "failed to add");
+  fail_unless(!Curl_uint32_tbl_add(&tbl, &dummy, &key), "add on full");
+  Curl_uint32_tbl_remove(&tbl, 17);
+  fail_unless(Curl_uint32_tbl_add(&tbl, &dummy, &key), "failed to add again");
   fail_unless(key == 17, "unexpected key assigned");
   /* and again, triggering key search wrap around */
-  Curl_uint_tbl_remove(&tbl, 17);
-  fail_unless(Curl_uint_tbl_add(&tbl, &dummy, &key), "failed to add again");
+  Curl_uint32_tbl_remove(&tbl, 17);
+  fail_unless(Curl_uint32_tbl_add(&tbl, &dummy, &key), "failed to add again");
   fail_unless(key == 17, "unexpected key assigned");
 
   UNITTEST_END(t3212_stop(&tbl))
diff --git a/tests/unit/unit3213.c b/tests/unit/unit3213.c
index 850b275c86..b0d4d2ced5 100644
--- a/tests/unit/unit3213.c
+++ b/tests/unit/unit3213.c
@@ -30,35 +30,35 @@
 
 static void check_spbset(const char *name, const unsigned int *s, size_t slen)
 {
-  struct uint_spbset bset;
+  struct uint32_spbset bset;
   size_t i, j;
   unsigned int n, c;
 
   curl_mfprintf(stderr, "test %s, %zu numbers\n", name, slen);
 
-  Curl_uint_spbset_init(&bset);
+  Curl_uint32_spbset_init(&bset);
 
-  Curl_uint_spbset_clear(&bset);
-  c = Curl_uint_spbset_count(&bset);
+  Curl_uint32_spbset_clear(&bset);
+  c = Curl_uint32_spbset_count(&bset);
   fail_unless(c == 0, "set count is not 0");
 
   for(i = 0; i < slen; ++i) { /* add all */
-    fail_unless(Curl_uint_spbset_add(&bset, s[i]), "failed to add");
+    fail_unless(Curl_uint32_spbset_add(&bset, s[i]), "failed to add");
     for(j = i + 1; j < slen; ++j)
-      fail_unless(!Curl_uint_spbset_contains(&bset, s[j]),
+      fail_unless(!Curl_uint32_spbset_contains(&bset, s[j]),
                   "unexpectedly found");
   }
 
   for(i = 0; i < slen; ++i) { /* all present */
-    fail_unless(Curl_uint_spbset_contains(&bset, s[i]),
+    fail_unless(Curl_uint32_spbset_contains(&bset, s[i]),
                 "failed presence check");
   }
 
   /* iterator over all numbers */
-  fail_unless(Curl_uint_spbset_first(&bset, &n), "first failed");
+  fail_unless(Curl_uint32_spbset_first(&bset, &n), "first failed");
   fail_unless(n == s[0], "first not correct number");
   for(i = 1; i < slen; ++i) {
-    fail_unless(Curl_uint_spbset_next(&bset, n, &n), "next failed");
+    fail_unless(Curl_uint32_spbset_next(&bset, n, &n), "next failed");
     if(n != s[i]) {
       curl_mfprintf(stderr, "expected next to be %u, not %u\n", s[i], n);
       fail_unless(n == s[i], "next not correct number");
@@ -66,28 +66,30 @@ static void check_spbset(const char *name, const unsigned int *s, size_t slen)
   }
 
   for(i = 0; i < slen; i += 2) { /* remove every 2nd */
-    Curl_uint_spbset_remove(&bset, s[i]);
-    fail_unless(!Curl_uint_spbset_contains(&bset, s[i]), "unexpectedly found");
+    Curl_uint32_spbset_remove(&bset, s[i]);
+    fail_unless(!Curl_uint32_spbset_contains(&bset, s[i]),
+                "unexpectedly found");
   }
   for(i = 1; i < slen; i += 2) { /* others still there */
-    fail_unless(Curl_uint_spbset_contains(&bset, s[i]), "unexpectedly gone");
+    fail_unless(Curl_uint32_spbset_contains(&bset, s[i]), "unexpectedly gone");
   }
   /* The count is half */
-  c = Curl_uint_spbset_count(&bset);
+  c = Curl_uint32_spbset_count(&bset);
   fail_unless(c == slen/2, "set count is wrong");
 
-  Curl_uint_spbset_clear(&bset);
-  c = Curl_uint_spbset_count(&bset);
+  Curl_uint32_spbset_clear(&bset);
+  c = Curl_uint32_spbset_count(&bset);
   fail_unless(c == 0, "set count is not 0");
   for(i = 0; i < slen; i++) { /* none present any longer */
-    fail_unless(!Curl_uint_spbset_contains(&bset, s[i]), "unexpectedly there");
+    fail_unless(!Curl_uint32_spbset_contains(&bset, s[i]),
+                "unexpectedly there");
   }
 
   for(i = 0; i < slen; ++i) { /* add all again */
-    fail_unless(Curl_uint_spbset_add(&bset, s[i]), "failed to add");
+    fail_unless(Curl_uint32_spbset_add(&bset, s[i]), "failed to add");
   }
 
-  Curl_uint_spbset_destroy(&bset);
+  Curl_uint32_spbset_destroy(&bset);
 }
 
 static CURLcode test_unit3213(const char *arg)

From 31b1527c1d78d7d91c60abdd132f0d788ec95cfd Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 25 Nov 2025 23:03:33 +0100
Subject: [PATCH 1005/2408] hostip: only store negative response for
 CURLE_COULDNT_RESOLVE_HOST

Follow-up from ce06fe77710525

This allows us to drop the 'keep_negative' variable completely.

Closes #19701
---
 lib/hostip.c | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/lib/hostip.c b/lib/hostip.c
index 4c1bb92367..58a7712cf4 100644
--- a/lib/hostip.c
+++ b/lib/hostip.c
@@ -806,7 +806,6 @@ CURLcode Curl_resolv(struct Curl_easy *data,
   struct Curl_addrinfo *addr = NULL;
   bool respwait = FALSE;
   size_t hostname_len;
-  bool keep_negative = TRUE; /* cache a negative result */
   CURLcode result = CURLE_COULDNT_RESOLVE_HOST;
 
   *entry = NULL;
@@ -858,7 +857,6 @@ CURLcode Curl_resolv(struct Curl_easy *data,
                                   data->set.resolver_start_client);
     Curl_set_in_callback(data, FALSE);
     if(st) {
-      keep_negative = FALSE;
       result = CURLE_ABORTED_BY_CALLBACK;
       goto error;
     }
@@ -928,7 +926,6 @@ out:
       if(dns)
         /* avoid a dangling pointer to addr in the dying dns entry */
         dns->addr = NULL;
-      keep_negative = FALSE;
       result = CURLE_OUT_OF_MEMORY;
       goto error;
     }
@@ -947,7 +944,7 @@ error:
   if(dns)
     Curl_resolv_unlink(data, &dns);
   Curl_async_shutdown(data);
-  if(keep_negative)
+  if(result == CURLE_COULDNT_RESOLVE_HOST)
     store_negative_resolve(data, hostname, port);
   DEBUGASSERT(result);
   return result;

From 4041eea61edd8cf66c6f85c47a430bb5774f017c Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 25 Nov 2025 02:34:26 +0100
Subject: [PATCH 1006/2408] GHA/http3-linux: build nettle manually for GnuTLS
 3.8.11+

GnuTLS 3.8.11 started requiring a nettle version new enough to be
missing from Ubuntu LTS released a year ago. To keep up testing it,
build nettle from source. Besides the necessary one time effort this
has the downside that nettle updates now need to be done manually
a couple of times per year when renovate detects one. (if I got the
renovate formula correct to catch the tag format).

Also:
- switch the local GnuTLS build to use the release tarball instead of
  the Git repo and calling the script `bootstrap`. The script could
  potentially download source code using the cleartext `git:` protocol.
  It's also downloading lots of content, including a full OpenSSL repo.

Ref: https://github.com/gnutls/gnutls/blob/955f7a7fc223642d1ede6d55f094961cb97bfa68/NEWS#L41-L44
Follow-up to 905b718de3fb9287c7c0037b2737aa395f01ad3c #19642
Follow-up to a439fc0e372c3de7df3b8ae3ca7752bc3cbca826 #19613

Closes #19680
---
 .github/workflows/http3-linux.yml | 78 +++++++++++++++++++++++--------
 1 file changed, 58 insertions(+), 20 deletions(-)

diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml
index 3f52c14656..06e8e2e975 100644
--- a/.github/workflows/http3-linux.yml
+++ b/.github/workflows/http3-linux.yml
@@ -46,8 +46,10 @@ env:
   AWSLC_VERSION: 1.63.0
   # renovate: datasource=github-tags depName=google/boringssl versioning=semver registryUrl=https://github.com
   BORINGSSL_VERSION: 0.20251110.0
-  # renovate: datasource=github-tags depName=gnutls/gnutls versioning=semver registryUrl=https://github.com
-  GNUTLS_VERSION: 3.8.10
+  # renovate: datasource=github-tags depName=gnutls/nettle versioning=semver registryUrl=https://github.com
+  NETTLE_VERSION: 3.10.2
+  # renovate: datasource=github-tags depName=gnutls/gnutls versioning=semver extractVersion=^nettle_?(?.+)_release_.+$ registryUrl=https://github.com
+  GNUTLS_VERSION: 3.8.11
   # renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?.+)-stable$ registryUrl=https://github.com
   WOLFSSL_VERSION: 5.8.4
   # renovate: datasource=github-tags depName=ngtcp2/nghttp3 versioning=semver registryUrl=https://github.com
@@ -101,6 +103,15 @@ jobs:
           path: ~/boringssl/build
           key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.BORINGSSL_VERSION }}
 
+      - name: 'cache nettle'
+        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        id: cache-nettle
+        env:
+          cache-name: cache-nettle
+        with:
+          path: ~/nettle/build
+          key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NETTLE_VERSION }}
+
       - name: 'cache gnutls'
         uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
         id: cache-gnutls
@@ -108,7 +119,7 @@ jobs:
           cache-name: cache-gnutls
         with:
           path: ~/gnutls/build
-          key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.GNUTLS_VERSION }}
+          key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.GNUTLS_VERSION }}-${{ env.NETTLE_VERSION }}
 
       - name: 'cache wolfssl'
         uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
@@ -135,7 +146,7 @@ jobs:
           cache-name: cache-ngtcp2
         with:
           path: ~/ngtcp2/build
-          key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.OPENSSL_VERSION }}-${{ env.LIBRESSL_VERSION }}-${{ env.AWSLC_VERSION }}-${{ env.GNUTLS_VERSION }}-${{ env.WOLFSSL_VERSION }}
+          key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.OPENSSL_VERSION }}-${{ env.LIBRESSL_VERSION }}-${{ env.AWSLC_VERSION }}-${{ env.NETTLE_VERSION }}-${{ env.GNUTLS_VERSION }}-${{ env.WOLFSSL_VERSION }}
 
       - name: 'cache ngtcp2 boringssl'
         uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
@@ -161,6 +172,7 @@ jobs:
               steps.cache-libressl.outputs.cache-hit != 'true' ||
               steps.cache-awslc.outputs.cache-hit != 'true' ||
               steps.cache-boringssl.outputs.cache-hit != 'true' ||
+              steps.cache-nettle.outputs.cache-hit != 'true' ||
               steps.cache-gnutls.outputs.cache-hit != 'true' ||
               steps.cache-wolfssl.outputs.cache-hit != 'true' ||
               steps.cache-nghttp3.outputs.cache-hit != 'true' ||
@@ -181,7 +193,7 @@ jobs:
             libbrotli-dev libzstd-dev zlib1g-dev \
             libev-dev \
             libc-ares-dev \
-            nettle-dev libp11-kit-dev autopoint bison gperf gtk-doc-tools libtasn1-bin  # for GnuTLS
+            libp11-kit-dev autopoint bison gperf gtk-doc-tools libtasn1-bin  # for GnuTLS
           echo 'CC=gcc-12' >> "$GITHUB_ENV"
           echo 'CXX=g++-12' >> "$GITHUB_ENV"
 
@@ -228,19 +240,30 @@ jobs:
           cmake --build .
           cmake --install .
 
+      - name: 'build nettle'
+        if: ${{ steps.cache-nettle.outputs.cache-hit != 'true' }}
+        run: |
+          cd ~
+          curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \
+            --location "https://ftpmirror.gnu.org/nettle/nettle-${NETTLE_VERSION}.tar.gz" | tar -xz
+          cd "nettle-${NETTLE_VERSION}"
+          ./configure --disable-dependency-tracking --prefix=/home/runner/nettle/build \
+            --disable-silent-rules --disable-static --disable-openssl --disable-documentation
+          make install
+
       - name: 'build gnutls'
         if: ${{ steps.cache-gnutls.outputs.cache-hit != 'true' }}
         run: |
           cd ~
-          git clone --quiet --depth 1 -b "${GNUTLS_VERSION}" https://github.com/gnutls/gnutls
-          cd gnutls
-          # required: nettle-dev libp11-kit-dev libev-dev autopoint bison gperf gtk-doc-tools libtasn1-bin
-          ./bootstrap
-          ./configure --disable-dependency-tracking --prefix="$PWD"/build \
-            LDFLAGS="-Wl,-rpath,$PWD/build/lib -L$PWD/build/lib" \
+          curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \
+            "https://www.gnupg.org/ftp/gcrypt/gnutls/v${GNUTLS_VERSION%.*}/gnutls-${GNUTLS_VERSION}.tar.xz" | tar -xJ
+          cd "gnutls-${GNUTLS_VERSION}"
+          # required: libp11-kit-dev libev-dev autopoint bison gperf gtk-doc-tools libtasn1-bin
+          ./configure --disable-dependency-tracking --prefix=/home/runner/gnutls/build \
+            PKG_CONFIG_PATH=/home/runner/nettle/build/lib64/pkgconfig \
+            LDFLAGS=-Wl,-rpath,/home/runner/nettle/build/lib64 \
             --with-included-libtasn1 --with-included-unistring \
             --disable-guile --disable-doc --disable-tests --disable-tools
-          make
           make install
 
       - name: 'build wolfssl'
@@ -280,7 +303,7 @@ jobs:
           make install
           make clean
           ./configure --disable-dependency-tracking --prefix="$PWD"/build \
-            PKG_CONFIG_PATH=/home/runner/openssl/build/lib/pkgconfig:/home/runner/gnutls/build/lib/pkgconfig:/home/runner/wolfssl/build/lib/pkgconfig \
+            PKG_CONFIG_PATH=/home/runner/openssl/build/lib/pkgconfig:/home/runner/nettle/build/lib64/pkgconfig:/home/runner/gnutls/build/lib/pkgconfig:/home/runner/wolfssl/build/lib/pkgconfig \
             --enable-lib-only --with-openssl --with-gnutls --with-wolfssl --with-boringssl \
             BORINGSSL_LIBS='-L/home/runner/awslc/build/lib -lssl -lcrypto' \
             BORINGSSL_CFLAGS='-I/home/runner/awslc/build/include'
@@ -383,16 +406,18 @@ jobs:
               -DCMAKE_UNITY_BUILD=ON
 
           - name: 'gnutls'
-            install_packages: nettle-dev libp11-kit-dev
+            install_packages: libp11-kit-dev
             install_steps: skipall
-            PKG_CONFIG_PATH: /home/runner/gnutls/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
+            PKG_CONFIG_PATH: /home/runner/nettle/build/lib64/pkgconfig:/home/runner/gnutls/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
+            LDFLAGS: -Wl,-rpath,/home/runner/gnutls/build/lib -Wl,-rpath,/home/runner/nettle/build/lib64 -L/home/runner/nettle/build/lib64 -Wl,-rpath,/home/runner/ngtcp2/build/lib
+            CPPFLAGS: -I/home/runner/nettle/build/include
             configure: >-
-              LDFLAGS=-Wl,-rpath,/home/runner/gnutls/build/lib
               --with-gnutls=/home/runner/gnutls/build --with-ngtcp2 --enable-ssls-export
 
           - name: 'gnutls'
-            install_packages: nettle-dev libp11-kit-dev
-            PKG_CONFIG_PATH: /home/runner/gnutls/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
+            install_packages: libp11-kit-dev
+            PKG_CONFIG_PATH: /home/runner/nettle/build/lib64/pkgconfig:/home/runner/gnutls/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
+            LDFLAGS: -Wl,-rpath,/home/runner/gnutls/build/lib
             generate: >-
               -DCURL_USE_GNUTLS=ON -DUSE_NGTCP2=ON
               -DCMAKE_UNITY_BUILD=ON
@@ -502,6 +527,17 @@ jobs:
           key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.BORINGSSL_VERSION }}
           fail-on-cache-miss: true
 
+      - name: 'cache nettle'
+        if: ${{ matrix.build.name == 'gnutls' }}
+        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        id: cache-nettle
+        env:
+          cache-name: cache-nettle
+        with:
+          path: ~/nettle/build
+          key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NETTLE_VERSION }}
+          fail-on-cache-miss: true
+
       - name: 'cache gnutls'
         if: ${{ matrix.build.name == 'gnutls' }}
         uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
@@ -510,7 +546,7 @@ jobs:
           cache-name: cache-gnutls
         with:
           path: ~/gnutls/build
-          key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.GNUTLS_VERSION }}
+          key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.GNUTLS_VERSION }}-${{ env.NETTLE_VERSION }}
           fail-on-cache-miss: true
 
       - name: 'cache wolfssl'
@@ -541,7 +577,7 @@ jobs:
           cache-name: cache-ngtcp2
         with:
           path: ~/ngtcp2/build
-          key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.OPENSSL_VERSION }}-${{ env.LIBRESSL_VERSION }}-${{ env.AWSLC_VERSION }}-${{ env.GNUTLS_VERSION }}-${{ env.WOLFSSL_VERSION }}
+          key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.OPENSSL_VERSION }}-${{ env.LIBRESSL_VERSION }}-${{ env.AWSLC_VERSION }}-${{ env.NETTLE_VERSION }}-${{ env.GNUTLS_VERSION }}-${{ env.WOLFSSL_VERSION }}
           fail-on-cache-miss: true
 
       - name: 'cache ngtcp2 boringssl'
@@ -604,6 +640,8 @@ jobs:
 
       - name: 'configure'
         env:
+          CPPFLAGS: '${{ matrix.build.CPPFLAGS }}'
+          LDFLAGS: '${{ matrix.build.LDFLAGS }}'
           MATRIX_CONFIGURE: '${{ matrix.build.configure }}'
           MATRIX_GENERATE: '${{ matrix.build.generate }}'
           MATRIX_PKG_CONFIG_PATH: '${{ matrix.build.PKG_CONFIG_PATH }}'

From ea7df8d07671240536f6ab03eaee5ffb49ddc5f7 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Wed, 26 Nov 2025 00:47:04 +0100
Subject: [PATCH 1007/2408] docs: spell it Rustls with a capital R

I believe this is how the project itself uses it.

Closes #19702
---
 docs/INSTALL.md                                    | 2 +-
 docs/cmdline-opts/ca-native.md                     | 4 ++--
 docs/cmdline-opts/tls-earlydata.md                 | 2 +-
 docs/libcurl/opts/CURLINFO_CERTINFO.md             | 2 +-
 docs/libcurl/opts/CURLOPT_CAINFO_BLOB.md           | 2 +-
 docs/libcurl/opts/CURLOPT_CERTINFO.md              | 2 +-
 docs/libcurl/opts/CURLOPT_CRLFILE.md               | 2 +-
 docs/libcurl/opts/CURLOPT_ECH.md                   | 4 ++--
 docs/libcurl/opts/CURLOPT_PROXY_CAINFO_BLOB.md     | 2 +-
 docs/libcurl/opts/CURLOPT_PROXY_SSL_CIPHER_LIST.md | 2 +-
 docs/libcurl/opts/CURLOPT_PROXY_TLS13_CIPHERS.md   | 2 +-
 docs/libcurl/opts/CURLOPT_SSL_CIPHER_LIST.md       | 2 +-
 docs/libcurl/opts/CURLOPT_SSL_OPTIONS.md           | 4 ++--
 docs/libcurl/opts/CURLOPT_TLS13_CIPHERS.md         | 2 +-
 scripts/cd2nroff                                   | 2 +-
 15 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/docs/INSTALL.md b/docs/INSTALL.md
index f3db34da28..1859dc21ae 100644
--- a/docs/INSTALL.md
+++ b/docs/INSTALL.md
@@ -141,7 +141,7 @@ These options are provided to select the TLS backend to use.
  - GnuTLS: `--with-gnutls`.
  - mbedTLS: `--with-mbedtls`
  - OpenSSL: `--with-openssl` (also for BoringSSL, AWS-LC, LibreSSL, and quictls)
- - rustls: `--with-rustls`
+ - Rustls: `--with-rustls`
  - Schannel: `--with-schannel`
  - wolfSSL: `--with-wolfssl`
 
diff --git a/docs/cmdline-opts/ca-native.md b/docs/cmdline-opts/ca-native.md
index a8e8c5e9a8..4a887df558 100644
--- a/docs/cmdline-opts/ca-native.md
+++ b/docs/cmdline-opts/ca-native.md
@@ -34,8 +34,8 @@ Fedora, RHEL), macOS, Android and iOS. (Added in 8.3.0)
 This option works with GnuTLS (Added in 8.5.0) and also uses Apple
 SecTrust when libcurl is built with it. (Added in 8.17.0)
 
-This option works with rustls on Windows, macOS, Android and iOS. On Linux it
-is equivalent to using the Mozilla CA certificate bundle. When used with rustls
+This option works with Rustls on Windows, macOS, Android and iOS. On Linux it
+is equivalent to using the Mozilla CA certificate bundle. When used with Rustls
 _only_ the native CA store is consulted, not other locations set at run time or
 build time. (Added in 8.13.0)
 
diff --git a/docs/cmdline-opts/tls-earlydata.md b/docs/cmdline-opts/tls-earlydata.md
index 6428977983..8e344758be 100644
--- a/docs/cmdline-opts/tls-earlydata.md
+++ b/docs/cmdline-opts/tls-earlydata.md
@@ -21,7 +21,7 @@ Enable the use of TLSv1.3 early data, also known as '0RTT' where possible.
 This has security implications for the requests sent that way.
 
 This option can be used when curl is built to use GnuTLS, wolfSSL, quictls and
-OpenSSL as a TLS provider (but not BoringSSL, AWS-LC, or rustls).
+OpenSSL as a TLS provider (but not BoringSSL, AWS-LC, or Rustls).
 
 If a server supports this TLSv1.3 feature, and to what extent, is announced
 as part of the TLS "session" sent back to curl. Until curl has seen such
diff --git a/docs/libcurl/opts/CURLINFO_CERTINFO.md b/docs/libcurl/opts/CURLINFO_CERTINFO.md
index f9fd0ad51c..d97c311cc8 100644
--- a/docs/libcurl/opts/CURLINFO_CERTINFO.md
+++ b/docs/libcurl/opts/CURLINFO_CERTINFO.md
@@ -14,7 +14,7 @@ TLS-backend:
   - OpenSSL
   - GnuTLS
   - Schannel
-  - rustls
+  - Rustls
 Added-in: 7.19.1
 ---
 
diff --git a/docs/libcurl/opts/CURLOPT_CAINFO_BLOB.md b/docs/libcurl/opts/CURLOPT_CAINFO_BLOB.md
index 99bfaf11e6..eb0e24f36a 100644
--- a/docs/libcurl/opts/CURLOPT_CAINFO_BLOB.md
+++ b/docs/libcurl/opts/CURLOPT_CAINFO_BLOB.md
@@ -15,7 +15,7 @@ TLS-backend:
   - OpenSSL
   - GnuTLS
   - mbedTLS
-  - rustls
+  - Rustls
   - wolfSSL
   - Schannel
 Added-in: 7.77.0
diff --git a/docs/libcurl/opts/CURLOPT_CERTINFO.md b/docs/libcurl/opts/CURLOPT_CERTINFO.md
index 7c6641a9fd..baddc30797 100644
--- a/docs/libcurl/opts/CURLOPT_CERTINFO.md
+++ b/docs/libcurl/opts/CURLOPT_CERTINFO.md
@@ -16,7 +16,7 @@ TLS-backend:
   - OpenSSL
   - GnuTLS
   - Schannel
-  - rustls
+  - Rustls
 Added-in: 7.19.1
 ---
 
diff --git a/docs/libcurl/opts/CURLOPT_CRLFILE.md b/docs/libcurl/opts/CURLOPT_CRLFILE.md
index d5452db19b..0c4eca6c78 100644
--- a/docs/libcurl/opts/CURLOPT_CRLFILE.md
+++ b/docs/libcurl/opts/CURLOPT_CRLFILE.md
@@ -14,7 +14,7 @@ TLS-backend:
   - GnuTLS
   - mbedTLS
   - OpenSSL
-  - rustls
+  - Rustls
 Added-in: 7.19.0
 ---
 
diff --git a/docs/libcurl/opts/CURLOPT_ECH.md b/docs/libcurl/opts/CURLOPT_ECH.md
index 9ac65a73a0..0cb2d7e4fd 100644
--- a/docs/libcurl/opts/CURLOPT_ECH.md
+++ b/docs/libcurl/opts/CURLOPT_ECH.md
@@ -11,7 +11,7 @@ Protocol:
 TLS-backend:
   - OpenSSL
   - wolfSSL
-  - rustls
+  - Rustls
 Added-in: 8.8.0
 ---
 
@@ -33,7 +33,7 @@ ECH is only compatible with TLSv1.3.
 
 This experimental feature requires a special build of OpenSSL, as ECH is not
 yet supported in OpenSSL releases. In contrast ECH is supported by the latest
-BoringSSL, wolfSSL and rustls-ffi releases.
+BoringSSL, wolfSSL and Rustls-ffi releases.
 
 There is also a known issue with using wolfSSL which does not support ECH when
 the HelloRetryRequest mechanism is used.
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_CAINFO_BLOB.md b/docs/libcurl/opts/CURLOPT_PROXY_CAINFO_BLOB.md
index a352886e06..16af56e5cd 100644
--- a/docs/libcurl/opts/CURLOPT_PROXY_CAINFO_BLOB.md
+++ b/docs/libcurl/opts/CURLOPT_PROXY_CAINFO_BLOB.md
@@ -18,7 +18,7 @@ Protocol:
   - TLS
 TLS-backend:
   - OpenSSL
-  - rustls
+  - Rustls
   - Schannel
 Added-in: 7.77.0
 ---
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SSL_CIPHER_LIST.md b/docs/libcurl/opts/CURLOPT_PROXY_SSL_CIPHER_LIST.md
index 239ce03c73..718b261749 100644
--- a/docs/libcurl/opts/CURLOPT_PROXY_SSL_CIPHER_LIST.md
+++ b/docs/libcurl/opts/CURLOPT_PROXY_SSL_CIPHER_LIST.md
@@ -17,7 +17,7 @@ TLS-backend:
   - Schannel
   - wolfSSL
   - mbedTLS
-  - rustls
+  - Rustls
 Added-in: 7.52.0
 ---
 
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_TLS13_CIPHERS.md b/docs/libcurl/opts/CURLOPT_PROXY_TLS13_CIPHERS.md
index ee17d27e99..18b5516c5e 100644
--- a/docs/libcurl/opts/CURLOPT_PROXY_TLS13_CIPHERS.md
+++ b/docs/libcurl/opts/CURLOPT_PROXY_TLS13_CIPHERS.md
@@ -16,7 +16,7 @@ TLS-backend:
   - OpenSSL
   - wolfSSL
   - mbedTLS
-  - rustls
+  - Rustls
 Added-in: 7.61.0
 ---
 
diff --git a/docs/libcurl/opts/CURLOPT_SSL_CIPHER_LIST.md b/docs/libcurl/opts/CURLOPT_SSL_CIPHER_LIST.md
index c71a58d685..a177d52317 100644
--- a/docs/libcurl/opts/CURLOPT_SSL_CIPHER_LIST.md
+++ b/docs/libcurl/opts/CURLOPT_SSL_CIPHER_LIST.md
@@ -17,7 +17,7 @@ TLS-backend:
   - Schannel
   - wolfSSL
   - mbedTLS
-  - rustls
+  - Rustls
   - GnuTLS
 Added-in: 7.9
 ---
diff --git a/docs/libcurl/opts/CURLOPT_SSL_OPTIONS.md b/docs/libcurl/opts/CURLOPT_SSL_OPTIONS.md
index 79ced71ea7..ddd7965ee2 100644
--- a/docs/libcurl/opts/CURLOPT_SSL_OPTIONS.md
+++ b/docs/libcurl/opts/CURLOPT_SSL_OPTIONS.md
@@ -79,8 +79,8 @@ Works with wolfSSL on Windows, Linux (Debian, Ubuntu, Gentoo, Fedora, RHEL),
 macOS, Android and iOS (added in 8.3.0); with GnuTLS (added in 8.5.0) and with
 OpenSSL and its forks (LibreSSL, BoringSSL, etc) on Windows (Added in 7.71.0).
 
-This works with rustls on Windows, macOS, Android and iOS. On Linux it is
-equivalent to using the Mozilla CA certificate bundle. When used with rustls
+This works with Rustls on Windows, macOS, Android and iOS. On Linux it is
+equivalent to using the Mozilla CA certificate bundle. When used with Rustls
 _only_ the native CA store is consulted, not other locations set at run time or
 build time. (Added in 8.13.0)
 
diff --git a/docs/libcurl/opts/CURLOPT_TLS13_CIPHERS.md b/docs/libcurl/opts/CURLOPT_TLS13_CIPHERS.md
index 62f734f963..41cdec07bc 100644
--- a/docs/libcurl/opts/CURLOPT_TLS13_CIPHERS.md
+++ b/docs/libcurl/opts/CURLOPT_TLS13_CIPHERS.md
@@ -17,7 +17,7 @@ TLS-backend:
   - OpenSSL
   - wolfSSL
   - mbedTLS
-  - rustls
+  - Rustls
 Added-in: 7.61.0
 ---
 
diff --git a/scripts/cd2nroff b/scripts/cd2nroff
index 3f1162a739..e97d1299dd 100755
--- a/scripts/cd2nroff
+++ b/scripts/cd2nroff
@@ -189,7 +189,7 @@ my %knowntls = (
     'GnuTLS' => 1,
     'mbedTLS' => 1,
     'OpenSSL' => 1,
-    'rustls' => 1,
+    'Rustls' => 1,
     'Schannel' => 1,
     'wolfSSL' => 1,
     'All' => 1,

From cb722b32ad163ecdf12b408f2ea86346fe83e199 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Wed, 26 Nov 2025 08:23:04 +0100
Subject: [PATCH 1008/2408] urlapi: handle OOM properly when setting URL

Closes #19704
---
 lib/urlapi.c | 21 +++++++++++++++------
 1 file changed, 15 insertions(+), 6 deletions(-)

diff --git a/lib/urlapi.c b/lib/urlapi.c
index a3d9efdb91..9d3eb0f8cf 100644
--- a/lib/urlapi.c
+++ b/lib/urlapi.c
@@ -1687,22 +1687,31 @@ static CURLUcode set_url(CURLU *u, const char *url, size_t part_size,
   if(!part_size) {
     /* a blank URL is not a valid URL unless we already have a complete one
        and this is a redirect */
-    if(!curl_url_get(u, CURLUPART_URL, &oldurl, flags)) {
+    uc = curl_url_get(u, CURLUPART_URL, &oldurl, flags);
+    if(!uc) {
       /* success, meaning the "" is a fine relative URL, but nothing
          changes */
       free(oldurl);
       return CURLUE_OK;
     }
+    if(uc == CURLUE_OUT_OF_MEMORY)
+      return uc;
     return CURLUE_MALFORMED_INPUT;
   }
 
-  /* if the new thing is absolute or the old one is not (we could not get an
-   * absolute URL in 'oldurl'), then replace the existing with the new. */
+  /* if the new URL is absolute replace the existing with the new. */
   if(Curl_is_absolute_url(url, NULL, 0,
-                          flags & (CURLU_GUESS_SCHEME|CURLU_DEFAULT_SCHEME))
-     || curl_url_get(u, CURLUPART_URL, &oldurl, flags)) {
+                          flags & (CURLU_GUESS_SCHEME|CURLU_DEFAULT_SCHEME)))
     return parseurl_and_replace(url, u, flags);
-  }
+
+  /* if the old URL is incomplete (we cannot get an absolute URL in
+     'oldurl'), replace the existing with the new */
+  uc = curl_url_get(u, CURLUPART_URL, &oldurl, flags);
+  if(uc == CURLUE_OUT_OF_MEMORY)
+    return uc;
+  else if(uc)
+    return parseurl_and_replace(url, u, flags);
+
   DEBUGASSERT(oldurl); /* it is set here */
   /* apply the relative part to create a new URL */
   uc = redirect_url(oldurl, url, u, flags);

From 0d2bb9c7c6d6ccdc48bb0414b80204acbd29f923 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Wed, 26 Nov 2025 11:01:09 +0100
Subject: [PATCH 1009/2408] http: fix OOM exit in Curl_http_follow

Spotted by "strict torture" tests.

Closes #19705
---
 lib/http.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/http.c b/lib/http.c
index ae932cd7c9..144a898ea0 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -1282,7 +1282,7 @@ CURLcode Curl_http_follow(struct Curl_easy *data, const char *newurl,
                      CURLU_ALLOW_SPACE |
                      (data->set.path_as_is ? CURLU_PATH_AS_IS : 0)));
   if(uc) {
-    if(type != FOLLOW_FAKE) {
+    if((uc == CURLUE_OUT_OF_MEMORY) || (type != FOLLOW_FAKE)) {
       failf(data, "The redirect target URL could not be parsed: %s",
             curl_url_strerror(uc));
       return Curl_uc_to_curlcode(uc);

From 2acdc4f549ac4aee691ed5782b32a1c5c9f86dbe Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 26 Nov 2025 02:03:29 +0100
Subject: [PATCH 1010/2408] autotools: add nettle library detection via
 pkg-config (for GnuTLS)

Also:
- fix to restore full state when gnutls canary function is not found.
- fix indentation.

Closes #19703
---
 .github/workflows/http3-linux.yml |  4 +-
 m4/curl-gnutls.m4                 | 73 ++++++++++++++++++++++++++-----
 2 files changed, 62 insertions(+), 15 deletions(-)

diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml
index 06e8e2e975..87738dd791 100644
--- a/.github/workflows/http3-linux.yml
+++ b/.github/workflows/http3-linux.yml
@@ -409,8 +409,7 @@ jobs:
             install_packages: libp11-kit-dev
             install_steps: skipall
             PKG_CONFIG_PATH: /home/runner/nettle/build/lib64/pkgconfig:/home/runner/gnutls/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
-            LDFLAGS: -Wl,-rpath,/home/runner/gnutls/build/lib -Wl,-rpath,/home/runner/nettle/build/lib64 -L/home/runner/nettle/build/lib64 -Wl,-rpath,/home/runner/ngtcp2/build/lib
-            CPPFLAGS: -I/home/runner/nettle/build/include
+            LDFLAGS: -Wl,-rpath,/home/runner/gnutls/build/lib -Wl,-rpath,/home/runner/nettle/build/lib64 -Wl,-rpath,/home/runner/ngtcp2/build/lib
             configure: >-
               --with-gnutls=/home/runner/gnutls/build --with-ngtcp2 --enable-ssls-export
 
@@ -640,7 +639,6 @@ jobs:
 
       - name: 'configure'
         env:
-          CPPFLAGS: '${{ matrix.build.CPPFLAGS }}'
           LDFLAGS: '${{ matrix.build.LDFLAGS }}'
           MATRIX_CONFIGURE: '${{ matrix.build.configure }}'
           MATRIX_GENERATE: '${{ matrix.build.generate }}'
diff --git a/m4/curl-gnutls.m4 b/m4/curl-gnutls.m4
index 9fa7e24515..f1aa04d3fa 100644
--- a/m4/curl-gnutls.m4
+++ b/m4/curl-gnutls.m4
@@ -100,18 +100,20 @@ if test "x$OPT_GNUTLS" != xno; then
 
       dnl this function is selected since it was introduced in 3.1.10
       AC_CHECK_LIB(gnutls, gnutls_x509_crt_get_dn2,
-        [
+      [
         AC_DEFINE(USE_GNUTLS, 1, [if GnuTLS is enabled])
         GNUTLS_ENABLED=1
         USE_GNUTLS="yes"
         ssl_msg="GnuTLS"
         QUIC_ENABLED=yes
         test gnutls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
-        ],
-        [
-          LIBS="$CLEANLIBS"
-          CPPFLAGS="$CLEANCPPFLAGS"
-        ])
+      ],
+      [
+        LIBS="$CLEANLIBS"
+        CPPFLAGS="$CLEANCPPFLAGS"
+        LDFLAGS="$CLEANLDFLAGS"
+        LDFLAGSPC="$CLEANLDFLAGSPC"
+      ])
 
       if test "x$USE_GNUTLS" = "xyes"; then
         AC_MSG_NOTICE([detected GnuTLS version $version])
@@ -127,9 +129,8 @@ if test "x$OPT_GNUTLS" != xno; then
             AC_MSG_NOTICE([Added $gtlslib to CURL_LIBRARY_PATH])
           fi
         fi
-        LIBCURL_PC_REQUIRES_PRIVATE="$LIBCURL_PC_REQUIRES_PRIVATE gnutls nettle"
+        LIBCURL_PC_REQUIRES_PRIVATE="$LIBCURL_PC_REQUIRES_PRIVATE gnutls"
       fi
-
     fi
 
   fi dnl GNUTLS not disabled
@@ -147,12 +148,60 @@ if test "$GNUTLS_ENABLED" = "1"; then
 
   # If not, try linking directly to both of them to see if they are available
   if test "$USE_GNUTLS_NETTLE" = ""; then
-    AC_CHECK_LIB(nettle, nettle_MD5Init, [ USE_GNUTLS_NETTLE=1 ])
+
+    dnl this is with no particular path given
+    CURL_CHECK_PKGCONFIG(nettle)
+
+    if test "$PKGCONFIG" != "no" ; then
+      addlib=`$PKGCONFIG --libs-only-l nettle`
+      addld=`$PKGCONFIG --libs-only-L nettle`
+      addcflags=`$PKGCONFIG --cflags-only-I nettle`
+      version=`$PKGCONFIG --modversion nettle`
+      gtlslib=`echo $addld | $SED -e 's/^-L//'`
+
+      if test -n "$addlib"; then
+
+        CLEANLIBS="$LIBS"
+        CLEANCPPFLAGS="$CPPFLAGS"
+        CLEANLDFLAGS="$LDFLAGS"
+        CLEANLDFLAGSPC="$LDFLAGSPC"
+
+        LIBS="$addlib $LIBS"
+        LDFLAGS="$LDFLAGS $addld"
+        LDFLAGSPC="$LDFLAGSPC $addld"
+        if test "$addcflags" != "-I/usr/include"; then
+          CPPFLAGS="$CPPFLAGS $addcflags"
+        fi
+
+        AC_CHECK_LIB(nettle, nettle_MD5Init,
+        [
+          USE_GNUTLS_NETTLE=1
+        ],
+        [
+          LIBS="$CLEANLIBS"
+          CPPFLAGS="$CLEANCPPFLAGS"
+          LDFLAGS="$CLEANLDFLAGS"
+          LDFLAGSPC="$CLEANLDFLAGSPC"
+        ])
+
+        if test "$USE_GNUTLS_NETTLE" = "1"; then
+          if test -z "$version"; then
+            version="unknown"
+          fi
+          AC_MSG_NOTICE([detected nettle version $version])
+        fi
+      fi
+    fi
+    if test "$USE_GNUTLS_NETTLE" = ""; then
+      AC_MSG_ERROR([GnuTLS found, but nettle was not found])
+    fi
+  else
+    LIBS="-lnettle $LIBS"
   fi
-  if test "$USE_GNUTLS_NETTLE" = ""; then
-    AC_MSG_ERROR([GnuTLS found, but nettle was not found])
+
+  if test "$USE_GNUTLS_NETTLE" = "1"; then
+    LIBCURL_PC_REQUIRES_PRIVATE="$LIBCURL_PC_REQUIRES_PRIVATE nettle"
   fi
-  LIBS="-lnettle $LIBS"
 
   dnl ---
   dnl We require GnuTLS with SRP support.

From c722346518365c401b572f8dbe5fa6792ba923cd Mon Sep 17 00:00:00 2001
From: BANADDA 
Date: Sat, 15 Nov 2025 02:08:10 +0000
Subject: [PATCH 1011/2408] examples/multi-uv: fix invalid req->data access

The on_uv_timeout callback was trying to access req->data as
a curl_context pointer, but uv.timeout.data was never initialized,
making it always NULL. This rendered the code inside the if(context)
block unreachable.

Fixes #19462
Closes #19538
---
 docs/examples/multi-uv.c | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)

diff --git a/docs/examples/multi-uv.c b/docs/examples/multi-uv.c
index 190bed3ef4..75fec20199 100644
--- a/docs/examples/multi-uv.c
+++ b/docs/examples/multi-uv.c
@@ -160,12 +160,19 @@ static void on_uv_socket(uv_poll_t *req, int status, int events)
 /* callback from libuv when timeout expires */
 static void on_uv_timeout(uv_timer_t *req)
 {
-  struct curl_context *context = (struct curl_context *) req->data;
-  if(context) {
-    int running_handles;
-    curl_multi_socket_action(context->uv->multi, CURL_SOCKET_TIMEOUT, 0,
-                             &running_handles);
-    check_multi_info(context);
+  /* get the datauv struct from the timer handle */
+  struct datauv *uv = (struct datauv *)req;
+  int running_handles;
+
+  curl_multi_socket_action(uv->multi, CURL_SOCKET_TIMEOUT, 0,
+                           &running_handles);
+
+  /* We do not have a curl_context here, so we need to check messages
+     differently. Create a temporary context just for the check. */
+  if(running_handles) {
+    struct curl_context temp_context;
+    temp_context.uv = uv;
+    check_multi_info(&temp_context);
   }
 }
 

From 0b09ad8ecbb1e80bc5f621fc012080ab2abf61c4 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 26 Nov 2025 12:56:44 +0100
Subject: [PATCH 1012/2408] examples/multi-uv: simplify passing `uv` struct

Reported-by: st751228051 on github
Follow-up to c722346518365c401b572f8dbe5fa6792ba923cd #19538 #19462
Closes #19707
---
 docs/examples/multi-uv.c | 17 ++++++-----------
 1 file changed, 6 insertions(+), 11 deletions(-)

diff --git a/docs/examples/multi-uv.c b/docs/examples/multi-uv.c
index 75fec20199..1dac320489 100644
--- a/docs/examples/multi-uv.c
+++ b/docs/examples/multi-uv.c
@@ -104,7 +104,7 @@ static void add_download(const char *url, int num, CURLM *multi)
   fprintf(stderr, "Added download %s -> %s\n", url, filename);
 }
 
-static void check_multi_info(struct curl_context *context)
+static void check_multi_info(struct datauv *uv)
 {
   char *done_url;
   CURLMsg *message;
@@ -112,7 +112,7 @@ static void check_multi_info(struct curl_context *context)
   CURL *curl;
   FILE *file;
 
-  while((message = curl_multi_info_read(context->uv->multi, &pending))) {
+  while((message = curl_multi_info_read(uv->multi, &pending))) {
     switch(message->msg) {
     case CURLMSG_DONE:
       /* Do not use message data after calling curl_multi_remove_handle() and
@@ -126,7 +126,7 @@ static void check_multi_info(struct curl_context *context)
       curl_easy_getinfo(curl, CURLINFO_PRIVATE, &file);
       printf("%s DONE\n", done_url);
 
-      curl_multi_remove_handle(context->uv->multi, curl);
+      curl_multi_remove_handle(uv->multi, curl);
       curl_easy_cleanup(curl);
       if(file) {
         fclose(file);
@@ -154,7 +154,7 @@ static void on_uv_socket(uv_poll_t *req, int status, int events)
 
   curl_multi_socket_action(context->uv->multi, context->sockfd, flags,
                            &running_handles);
-  check_multi_info(context);
+  check_multi_info(context->uv);
 }
 
 /* callback from libuv when timeout expires */
@@ -167,13 +167,8 @@ static void on_uv_timeout(uv_timer_t *req)
   curl_multi_socket_action(uv->multi, CURL_SOCKET_TIMEOUT, 0,
                            &running_handles);
 
-  /* We do not have a curl_context here, so we need to check messages
-     differently. Create a temporary context just for the check. */
-  if(running_handles) {
-    struct curl_context temp_context;
-    temp_context.uv = uv;
-    check_multi_info(&temp_context);
-  }
+  if(running_handles)
+    check_multi_info(uv);
 }
 
 /* callback from libcurl to update the timeout expiry */

From 94ce87c39124d9845aa1e3ce170b9b227ddece89 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Wed, 26 Nov 2025 12:02:02 +0100
Subject: [PATCH 1013/2408] types: remove curl_int64_t/curl_uint64_t

These types and the definitions surrounding them are no longer needed.

Closes #19706
---
 lib/curl_setup.h       |  14 ----
 lib/curl_sha512_256.c  | 180 ++++++++++++++++++++---------------------
 lib/vquic/curl_osslq.c |   7 +-
 src/tool_util.c        |   8 +-
 4 files changed, 97 insertions(+), 112 deletions(-)

diff --git a/lib/curl_setup.h b/lib/curl_setup.h
index 664aa14325..48b9ea9ea9 100644
--- a/lib/curl_setup.h
+++ b/lib/curl_setup.h
@@ -571,20 +571,6 @@
 #endif
 #define CURL_OFF_T_MIN (-CURL_OFF_T_MAX - 1)
 
-#if (SIZEOF_CURL_OFF_T != 8)
-#  error "curl_off_t must be exactly 64 bits"
-#else
-  typedef unsigned CURL_TYPEOF_CURL_OFF_T curl_uint64_t;
-  typedef CURL_TYPEOF_CURL_OFF_T  curl_int64_t;
-#  ifndef CURL_SUFFIX_CURL_OFF_TU
-#    error "CURL_SUFFIX_CURL_OFF_TU must be defined"
-#  endif
-#  define CURL_UINT64_SUFFIX  CURL_SUFFIX_CURL_OFF_TU
-#  define CURL_UINT64_C(val)  CURL_CONC_MACROS(val,CURL_UINT64_SUFFIX)
-#  define FMT_PRId64  CURL_FORMAT_CURL_OFF_T
-#  define FMT_PRIu64  CURL_FORMAT_CURL_OFF_TU
-#endif
-
 #define FMT_OFF_T CURL_FORMAT_CURL_OFF_T
 #define FMT_OFF_TU CURL_FORMAT_CURL_OFF_TU
 
diff --git a/lib/curl_sha512_256.c b/lib/curl_sha512_256.c
index 070d1722cb..af768fd2aa 100644
--- a/lib/curl_sha512_256.c
+++ b/lib/curl_sha512_256.c
@@ -287,30 +287,30 @@ static CURLcode Curl_sha512_256_finish(unsigned char *digest,
    Can be moved to other headers to reuse. */
 
 #define CURL_GET_64BIT_BE(ptr)                                  \
-  ( ((curl_uint64_t)(((const unsigned char*)(ptr))[0]) << 56) | \
-    ((curl_uint64_t)(((const unsigned char*)(ptr))[1]) << 48) | \
-    ((curl_uint64_t)(((const unsigned char*)(ptr))[2]) << 40) | \
-    ((curl_uint64_t)(((const unsigned char*)(ptr))[3]) << 32) | \
-    ((curl_uint64_t)(((const unsigned char*)(ptr))[4]) << 24) | \
-    ((curl_uint64_t)(((const unsigned char*)(ptr))[5]) << 16) | \
-    ((curl_uint64_t)(((const unsigned char*)(ptr))[6]) << 8)  | \
-    (curl_uint64_t)(((const unsigned char*)(ptr))[7]) )
+  ( ((uint64_t)(((const uint8_t*)(ptr))[0]) << 56) | \
+    ((uint64_t)(((const uint8_t*)(ptr))[1]) << 48) | \
+    ((uint64_t)(((const uint8_t*)(ptr))[2]) << 40) | \
+    ((uint64_t)(((const uint8_t*)(ptr))[3]) << 32) | \
+    ((uint64_t)(((const uint8_t*)(ptr))[4]) << 24) | \
+    ((uint64_t)(((const uint8_t*)(ptr))[5]) << 16) | \
+    ((uint64_t)(((const uint8_t*)(ptr))[6]) << 8)  | \
+    (uint64_t)(((const uint8_t*)(ptr))[7]) )
 
 #define CURL_PUT_64BIT_BE(ptr,val) do {                                 \
-    ((unsigned char*)(ptr))[7]=(unsigned char)((curl_uint64_t)(val));   \
-    ((unsigned char*)(ptr))[6]=(unsigned char)(((curl_uint64_t)(val)) >> 8); \
-    ((unsigned char*)(ptr))[5]=(unsigned char)(((curl_uint64_t)(val)) >> 16); \
-    ((unsigned char*)(ptr))[4]=(unsigned char)(((curl_uint64_t)(val)) >> 24); \
-    ((unsigned char*)(ptr))[3]=(unsigned char)(((curl_uint64_t)(val)) >> 32); \
-    ((unsigned char*)(ptr))[2]=(unsigned char)(((curl_uint64_t)(val)) >> 40); \
-    ((unsigned char*)(ptr))[1]=(unsigned char)(((curl_uint64_t)(val)) >> 48); \
-    ((unsigned char*)(ptr))[0]=(unsigned char)(((curl_uint64_t)(val)) >> 56); \
+    ((uint8_t*)(ptr))[7]=(uint8_t)((uint64_t)(val));   \
+    ((uint8_t*)(ptr))[6]=(uint8_t)(((uint64_t)(val)) >> 8); \
+    ((uint8_t*)(ptr))[5]=(uint8_t)(((uint64_t)(val)) >> 16); \
+    ((uint8_t*)(ptr))[4]=(uint8_t)(((uint64_t)(val)) >> 24); \
+    ((uint8_t*)(ptr))[3]=(uint8_t)(((uint64_t)(val)) >> 32); \
+    ((uint8_t*)(ptr))[2]=(uint8_t)(((uint64_t)(val)) >> 40); \
+    ((uint8_t*)(ptr))[1]=(uint8_t)(((uint64_t)(val)) >> 48); \
+    ((uint8_t*)(ptr))[0]=(uint8_t)(((uint64_t)(val)) >> 56); \
   } while(0)
 
 /* Defined as a function. The macro version may duplicate the binary code
  * size as each argument is used twice, so if any calculation is used
  * as an argument, the calculation could be done twice. */
-static CURL_FORCEINLINE curl_uint64_t Curl_rotr64(curl_uint64_t value,
+static CURL_FORCEINLINE uint64_t Curl_rotr64(uint64_t value,
                                                   unsigned int bits)
 {
   bits %= 64;
@@ -376,22 +376,22 @@ struct Curl_sha512_256ctx {
    * compilers may automatically use fast load/store instruction for big
    * endian data on little endian machine.
    */
-  curl_uint64_t H[SHA512_256_HASH_SIZE_WORDS];
+  uint64_t H[SHA512_256_HASH_SIZE_WORDS];
   /**
    * SHA-512/256 input data buffer. The buffer is properly aligned. Smart
    * compilers may automatically use fast load/store instruction for big
    * endian data on little endian machine.
    */
-  curl_uint64_t buffer[SHA512_256_BLOCK_SIZE_WORDS];
+  uint64_t buffer[SHA512_256_BLOCK_SIZE_WORDS];
   /**
    * The number of bytes, lower part
    */
-  curl_uint64_t count;
+  uint64_t count;
   /**
    * The number of bits, high part. Unlike lower part, this counts the number
    * of bits, not bytes.
    */
-  curl_uint64_t count_bits_hi;
+  uint64_t count_bits_hi;
 };
 
 /**
@@ -413,23 +413,23 @@ static CURLcode Curl_sha512_256_init(void *context)
   /* Check whether the header and this file use the same numbers */
   DEBUGASSERT(CURL_SHA512_256_DIGEST_LENGTH == CURL_SHA512_256_DIGEST_SIZE);
 
-  DEBUGASSERT(sizeof(curl_uint64_t) == 8);
+  DEBUGASSERT(sizeof(uint64_t) == 8);
 
   /* Initial hash values, see FIPS PUB 180-4 section 5.3.6.2 */
   /* Values generated by "IV Generation Function" as described in
    * section 5.3.6 */
-  ctx->H[0] = CURL_UINT64_C(0x22312194FC2BF72C);
-  ctx->H[1] = CURL_UINT64_C(0x9F555FA3C84C64C2);
-  ctx->H[2] = CURL_UINT64_C(0x2393B86B6F53B151);
-  ctx->H[3] = CURL_UINT64_C(0x963877195940EABD);
-  ctx->H[4] = CURL_UINT64_C(0x96283EE2A88EFFE3);
-  ctx->H[5] = CURL_UINT64_C(0xBE5E1E2553863992);
-  ctx->H[6] = CURL_UINT64_C(0x2B0199FC2C85B8AA);
-  ctx->H[7] = CURL_UINT64_C(0x0EB72DDC81C52CA2);
+  ctx->H[0] = UINT64_C(0x22312194FC2BF72C);
+  ctx->H[1] = UINT64_C(0x9F555FA3C84C64C2);
+  ctx->H[2] = UINT64_C(0x2393B86B6F53B151);
+  ctx->H[3] = UINT64_C(0x963877195940EABD);
+  ctx->H[4] = UINT64_C(0x96283EE2A88EFFE3);
+  ctx->H[5] = UINT64_C(0xBE5E1E2553863992);
+  ctx->H[6] = UINT64_C(0x2B0199FC2C85B8AA);
+  ctx->H[7] = UINT64_C(0x0EB72DDC81C52CA2);
 
   /* Initialise number of bytes and high part of number of bits. */
-  ctx->count = CURL_UINT64_C(0);
-  ctx->count_bits_hi = CURL_UINT64_C(0);
+  ctx->count = UINT64_C(0);
+  ctx->count_bits_hi = UINT64_C(0);
 
   return CURLE_OK;
 }
@@ -442,23 +442,23 @@ static CURLcode Curl_sha512_256_init(void *context)
  * @param data  the data buffer with #CURL_SHA512_256_BLOCK_SIZE bytes block
  */
 static
-void Curl_sha512_256_transform(curl_uint64_t H[SHA512_256_HASH_SIZE_WORDS],
+void Curl_sha512_256_transform(uint64_t H[SHA512_256_HASH_SIZE_WORDS],
                                const void *data)
 {
   /* Working variables,
      see FIPS PUB 180-4 section 6.7, 6.4. */
-  curl_uint64_t a = H[0];
-  curl_uint64_t b = H[1];
-  curl_uint64_t c = H[2];
-  curl_uint64_t d = H[3];
-  curl_uint64_t e = H[4];
-  curl_uint64_t f = H[5];
-  curl_uint64_t g = H[6];
-  curl_uint64_t h = H[7];
+  uint64_t a = H[0];
+  uint64_t b = H[1];
+  uint64_t c = H[2];
+  uint64_t d = H[3];
+  uint64_t e = H[4];
+  uint64_t f = H[5];
+  uint64_t g = H[6];
+  uint64_t h = H[7];
 
   /* Data buffer, used as a cyclic buffer.
      See FIPS PUB 180-4 section 5.2.2, 6.7, 6.4. */
-  curl_uint64_t W[16];
+  uint64_t W[16];
 
   /* 'Ch' and 'Maj' macro functions are defined with widely-used optimization.
      See FIPS PUB 180-4 formulae 4.8, 4.9. */
@@ -480,47 +480,47 @@ void Curl_sha512_256_transform(curl_uint64_t H[SHA512_256_HASH_SIZE_WORDS],
     unsigned int t;
     /* K constants array.
        See FIPS PUB 180-4 section 4.2.3 for K values. */
-    static const curl_uint64_t K[80] = {
-      CURL_UINT64_C(0x428a2f98d728ae22), CURL_UINT64_C(0x7137449123ef65cd),
-      CURL_UINT64_C(0xb5c0fbcfec4d3b2f), CURL_UINT64_C(0xe9b5dba58189dbbc),
-      CURL_UINT64_C(0x3956c25bf348b538), CURL_UINT64_C(0x59f111f1b605d019),
-      CURL_UINT64_C(0x923f82a4af194f9b), CURL_UINT64_C(0xab1c5ed5da6d8118),
-      CURL_UINT64_C(0xd807aa98a3030242), CURL_UINT64_C(0x12835b0145706fbe),
-      CURL_UINT64_C(0x243185be4ee4b28c), CURL_UINT64_C(0x550c7dc3d5ffb4e2),
-      CURL_UINT64_C(0x72be5d74f27b896f), CURL_UINT64_C(0x80deb1fe3b1696b1),
-      CURL_UINT64_C(0x9bdc06a725c71235), CURL_UINT64_C(0xc19bf174cf692694),
-      CURL_UINT64_C(0xe49b69c19ef14ad2), CURL_UINT64_C(0xefbe4786384f25e3),
-      CURL_UINT64_C(0x0fc19dc68b8cd5b5), CURL_UINT64_C(0x240ca1cc77ac9c65),
-      CURL_UINT64_C(0x2de92c6f592b0275), CURL_UINT64_C(0x4a7484aa6ea6e483),
-      CURL_UINT64_C(0x5cb0a9dcbd41fbd4), CURL_UINT64_C(0x76f988da831153b5),
-      CURL_UINT64_C(0x983e5152ee66dfab), CURL_UINT64_C(0xa831c66d2db43210),
-      CURL_UINT64_C(0xb00327c898fb213f), CURL_UINT64_C(0xbf597fc7beef0ee4),
-      CURL_UINT64_C(0xc6e00bf33da88fc2), CURL_UINT64_C(0xd5a79147930aa725),
-      CURL_UINT64_C(0x06ca6351e003826f), CURL_UINT64_C(0x142929670a0e6e70),
-      CURL_UINT64_C(0x27b70a8546d22ffc), CURL_UINT64_C(0x2e1b21385c26c926),
-      CURL_UINT64_C(0x4d2c6dfc5ac42aed), CURL_UINT64_C(0x53380d139d95b3df),
-      CURL_UINT64_C(0x650a73548baf63de), CURL_UINT64_C(0x766a0abb3c77b2a8),
-      CURL_UINT64_C(0x81c2c92e47edaee6), CURL_UINT64_C(0x92722c851482353b),
-      CURL_UINT64_C(0xa2bfe8a14cf10364), CURL_UINT64_C(0xa81a664bbc423001),
-      CURL_UINT64_C(0xc24b8b70d0f89791), CURL_UINT64_C(0xc76c51a30654be30),
-      CURL_UINT64_C(0xd192e819d6ef5218), CURL_UINT64_C(0xd69906245565a910),
-      CURL_UINT64_C(0xf40e35855771202a), CURL_UINT64_C(0x106aa07032bbd1b8),
-      CURL_UINT64_C(0x19a4c116b8d2d0c8), CURL_UINT64_C(0x1e376c085141ab53),
-      CURL_UINT64_C(0x2748774cdf8eeb99), CURL_UINT64_C(0x34b0bcb5e19b48a8),
-      CURL_UINT64_C(0x391c0cb3c5c95a63), CURL_UINT64_C(0x4ed8aa4ae3418acb),
-      CURL_UINT64_C(0x5b9cca4f7763e373), CURL_UINT64_C(0x682e6ff3d6b2b8a3),
-      CURL_UINT64_C(0x748f82ee5defb2fc), CURL_UINT64_C(0x78a5636f43172f60),
-      CURL_UINT64_C(0x84c87814a1f0ab72), CURL_UINT64_C(0x8cc702081a6439ec),
-      CURL_UINT64_C(0x90befffa23631e28), CURL_UINT64_C(0xa4506cebde82bde9),
-      CURL_UINT64_C(0xbef9a3f7b2c67915), CURL_UINT64_C(0xc67178f2e372532b),
-      CURL_UINT64_C(0xca273eceea26619c), CURL_UINT64_C(0xd186b8c721c0c207),
-      CURL_UINT64_C(0xeada7dd6cde0eb1e), CURL_UINT64_C(0xf57d4f7fee6ed178),
-      CURL_UINT64_C(0x06f067aa72176fba), CURL_UINT64_C(0x0a637dc5a2c898a6),
-      CURL_UINT64_C(0x113f9804bef90dae), CURL_UINT64_C(0x1b710b35131c471b),
-      CURL_UINT64_C(0x28db77f523047d84), CURL_UINT64_C(0x32caab7b40c72493),
-      CURL_UINT64_C(0x3c9ebe0a15c9bebc), CURL_UINT64_C(0x431d67c49c100d4c),
-      CURL_UINT64_C(0x4cc5d4becb3e42b6), CURL_UINT64_C(0x597f299cfc657e2a),
-      CURL_UINT64_C(0x5fcb6fab3ad6faec), CURL_UINT64_C(0x6c44198c4a475817)
+    static const uint64_t K[80] = {
+      UINT64_C(0x428a2f98d728ae22), UINT64_C(0x7137449123ef65cd),
+      UINT64_C(0xb5c0fbcfec4d3b2f), UINT64_C(0xe9b5dba58189dbbc),
+      UINT64_C(0x3956c25bf348b538), UINT64_C(0x59f111f1b605d019),
+      UINT64_C(0x923f82a4af194f9b), UINT64_C(0xab1c5ed5da6d8118),
+      UINT64_C(0xd807aa98a3030242), UINT64_C(0x12835b0145706fbe),
+      UINT64_C(0x243185be4ee4b28c), UINT64_C(0x550c7dc3d5ffb4e2),
+      UINT64_C(0x72be5d74f27b896f), UINT64_C(0x80deb1fe3b1696b1),
+      UINT64_C(0x9bdc06a725c71235), UINT64_C(0xc19bf174cf692694),
+      UINT64_C(0xe49b69c19ef14ad2), UINT64_C(0xefbe4786384f25e3),
+      UINT64_C(0x0fc19dc68b8cd5b5), UINT64_C(0x240ca1cc77ac9c65),
+      UINT64_C(0x2de92c6f592b0275), UINT64_C(0x4a7484aa6ea6e483),
+      UINT64_C(0x5cb0a9dcbd41fbd4), UINT64_C(0x76f988da831153b5),
+      UINT64_C(0x983e5152ee66dfab), UINT64_C(0xa831c66d2db43210),
+      UINT64_C(0xb00327c898fb213f), UINT64_C(0xbf597fc7beef0ee4),
+      UINT64_C(0xc6e00bf33da88fc2), UINT64_C(0xd5a79147930aa725),
+      UINT64_C(0x06ca6351e003826f), UINT64_C(0x142929670a0e6e70),
+      UINT64_C(0x27b70a8546d22ffc), UINT64_C(0x2e1b21385c26c926),
+      UINT64_C(0x4d2c6dfc5ac42aed), UINT64_C(0x53380d139d95b3df),
+      UINT64_C(0x650a73548baf63de), UINT64_C(0x766a0abb3c77b2a8),
+      UINT64_C(0x81c2c92e47edaee6), UINT64_C(0x92722c851482353b),
+      UINT64_C(0xa2bfe8a14cf10364), UINT64_C(0xa81a664bbc423001),
+      UINT64_C(0xc24b8b70d0f89791), UINT64_C(0xc76c51a30654be30),
+      UINT64_C(0xd192e819d6ef5218), UINT64_C(0xd69906245565a910),
+      UINT64_C(0xf40e35855771202a), UINT64_C(0x106aa07032bbd1b8),
+      UINT64_C(0x19a4c116b8d2d0c8), UINT64_C(0x1e376c085141ab53),
+      UINT64_C(0x2748774cdf8eeb99), UINT64_C(0x34b0bcb5e19b48a8),
+      UINT64_C(0x391c0cb3c5c95a63), UINT64_C(0x4ed8aa4ae3418acb),
+      UINT64_C(0x5b9cca4f7763e373), UINT64_C(0x682e6ff3d6b2b8a3),
+      UINT64_C(0x748f82ee5defb2fc), UINT64_C(0x78a5636f43172f60),
+      UINT64_C(0x84c87814a1f0ab72), UINT64_C(0x8cc702081a6439ec),
+      UINT64_C(0x90befffa23631e28), UINT64_C(0xa4506cebde82bde9),
+      UINT64_C(0xbef9a3f7b2c67915), UINT64_C(0xc67178f2e372532b),
+      UINT64_C(0xca273eceea26619c), UINT64_C(0xd186b8c721c0c207),
+      UINT64_C(0xeada7dd6cde0eb1e), UINT64_C(0xf57d4f7fee6ed178),
+      UINT64_C(0x06f067aa72176fba), UINT64_C(0x0a637dc5a2c898a6),
+      UINT64_C(0x113f9804bef90dae), UINT64_C(0x1b710b35131c471b),
+      UINT64_C(0x28db77f523047d84), UINT64_C(0x32caab7b40c72493),
+      UINT64_C(0x3c9ebe0a15c9bebc), UINT64_C(0x431d67c49c100d4c),
+      UINT64_C(0x4cc5d4becb3e42b6), UINT64_C(0x597f299cfc657e2a),
+      UINT64_C(0x5fcb6fab3ad6faec), UINT64_C(0x6c44198c4a475817)
     };
 
     /* One step of SHA-512/256 computation,
@@ -541,7 +541,7 @@ void Curl_sha512_256_transform(curl_uint64_t H[SHA512_256_HASH_SIZE_WORDS],
        see FIPS PUB 180-4 section 6.4.2 step 3. This macro version reassigns
        all working variables on each step. */
 #define SHA2STEP64RV(vA,vB,vC,vD,vE,vF,vG,vH,kt,wt) do {                \
-      curl_uint64_t tmp_h_ = (vH);                                      \
+      uint64_t tmp_h_ = (vH);                                           \
       SHA2STEP64((vA),(vB),(vC),(vD),(vE),(vF),(vG),tmp_h_,(kt),(wt));  \
       (vH) = (vG);                                                      \
       (vG) = (vF);                                                      \
@@ -558,7 +558,7 @@ void Curl_sha512_256_transform(curl_uint64_t H[SHA512_256_HASH_SIZE_WORDS],
        see FIPS PUB 180-4 section 3.1.2. */
 #define SHA512_GET_W_FROM_DATA(buf,t)                                   \
     CURL_GET_64BIT_BE(                                                  \
-      ((const unsigned char*) (buf)) + (t) * SHA512_256_BYTES_IN_WORD)
+      ((const uint8_t*) (buf)) + (t) * SHA512_256_BYTES_IN_WORD)
 
     /* During first 16 steps, before making any calculation on each step, the
        W element is read from the input data buffer as a big-endian value and
@@ -573,9 +573,9 @@ void Curl_sha512_256_transform(curl_uint64_t H[SHA512_256_HASH_SIZE_WORDS],
        As only the last 16 'W' are used in calculations, it is possible to
        use 16 elements array of W as a cyclic buffer.
        Note: ((t-16) & 15) have same value as (t & 15) */
-#define Wgen(w,t)                                                       \
-    (curl_uint64_t)( (w)[(t - 16) & 15] + sig1((w)[((t) - 2) & 15])     \
-                     + (w)[((t) - 7) & 15] + sig0((w)[((t) - 15) & 15]) )
+#define Wgen(w,t)                                                  \
+    (uint64_t)( (w)[(t - 16) & 15] + sig1((w)[((t) - 2) & 15])     \
+                + (w)[((t) - 7) & 15] + sig0((w)[((t) - 15) & 15]) )
 
     /* During the last 64 steps, before making any calculation on each step,
        current W element is generated from other W elements of the cyclic
@@ -628,7 +628,7 @@ static CURLcode Curl_sha512_256_update(void *context,
   if(length > ctx->count)
     ctx->count_bits_hi += 1U << 3; /* Value wrap */
   ctx->count_bits_hi += ctx->count >> 61;
-  ctx->count &= CURL_UINT64_C(0x1FFFFFFFFFFFFFFF);
+  ctx->count &= UINT64_C(0x1FFFFFFFFFFFFFFF);
 
   if(bytes_have) {
     unsigned int bytes_left = CURL_SHA512_256_BLOCK_SIZE - bytes_have;
@@ -685,7 +685,7 @@ static CURLcode Curl_sha512_256_update(void *context,
 static CURLcode Curl_sha512_256_finish(unsigned char *digest, void *context)
 {
   struct Curl_sha512_256ctx *const ctx = (struct Curl_sha512_256ctx *)context;
-  curl_uint64_t num_bits;   /**< Number of processed bits */
+  uint64_t num_bits;   /**< Number of processed bits */
   unsigned int bytes_have; /**< Number of bytes in the context buffer */
   /* the void pointer here is required to mute Intel compiler warning */
   void *const ctx_buf = ctx->buffer;
diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c
index ade94bf40a..0f7cc7a91a 100644
--- a/lib/vquic/curl_osslq.c
+++ b/lib/vquic/curl_osslq.c
@@ -1272,8 +1272,8 @@ static CURLcode h3_quic_recv(void *reader_ctx,
       }
       else {
         CURL_TRC_CF(x->data, x->cf, "[%" PRId64 "] h3_quic_recv -> RESET, "
-                    "rv=%d, app_err=%" FMT_PRIu64,
-                    x->s->id, rv, (curl_uint64_t)app_error_code);
+                    "rv=%d, app_err=%" PRIu64,
+                    x->s->id, rv, app_error_code);
         if(app_error_code != NGHTTP3_H3_NO_ERROR)
           x->s->reset = TRUE;
       }
@@ -2246,8 +2246,7 @@ static bool cf_osslq_conn_is_alive(struct Curl_cfilter *cf,
                   "assume connection is dead.");
       goto out;
     }
-    CURL_TRC_CF(data, cf, "negotiated idle timeout: %" FMT_PRIu64 "ms",
-                (curl_uint64_t)idle_ms);
+    CURL_TRC_CF(data, cf, "negotiated idle timeout: %" PRIu64 "ms", idle_ms);
     idletime = curlx_timediff_ms(curlx_now(), ctx->q.last_io);
     if(idle_ms && idletime > 0 && (uint64_t)idletime > idle_ms)
       goto out;
diff --git a/src/tool_util.c b/src/tool_util.c
index a2798876ea..cb64f9a0b9 100644
--- a/src/tool_util.c
+++ b/src/tool_util.c
@@ -31,16 +31,16 @@
 struct timeval tvrealnow(void)
 {
   /* UNIX EPOCH (1970-01-01) in FILETIME (1601-01-01) as 64-bit value */
-  static const curl_uint64_t EPOCH = (curl_uint64_t)116444736000000000ULL;
+  static const uint64_t EPOCH = UINT64_C(116444736000000000);
   SYSTEMTIME systime;
   FILETIME ftime; /* 100ns since 1601-01-01, as double 32-bit value */
-  curl_uint64_t time; /* 100ns since 1601-01-01, as 64-bit value */
+  uint64_t time; /* 100ns since 1601-01-01, as 64-bit value */
   struct timeval now;
 
   GetSystemTime(&systime);
   SystemTimeToFileTime(&systime, &ftime);
-  time = ((curl_uint64_t)ftime.dwLowDateTime);
-  time += ((curl_uint64_t)ftime.dwHighDateTime) << 32;
+  time = ((uint64_t)ftime.dwLowDateTime);
+  time += ((uint64_t)ftime.dwHighDateTime) << 32;
 
   now.tv_sec  = (long)((time - EPOCH) / 10000000L); /* unit is 100ns */
   now.tv_usec = (long)(systime.wMilliseconds * 1000);

From 9ea6f2bc6979addeaaab94f8012ad96ae5abfc83 Mon Sep 17 00:00:00 2001
From: Yedaya Katsman 
Date: Wed, 26 Nov 2025 15:58:40 +0200
Subject: [PATCH 1014/2408] docs: add rustls to supported backends for CERT and
 KEY

Followup to 1c8c93ae15c692c547e3238c4f067f76616a53e8

Closes #19709
---
 docs/libcurl/opts/CURLOPT_SSLCERT.md | 6 +-----
 docs/libcurl/opts/CURLOPT_SSLKEY.md  | 1 +
 2 files changed, 2 insertions(+), 5 deletions(-)

diff --git a/docs/libcurl/opts/CURLOPT_SSLCERT.md b/docs/libcurl/opts/CURLOPT_SSLCERT.md
index 20e7d1a176..40c3a21c25 100644
--- a/docs/libcurl/opts/CURLOPT_SSLCERT.md
+++ b/docs/libcurl/opts/CURLOPT_SSLCERT.md
@@ -11,11 +11,7 @@ See-also:
 Protocol:
   - TLS
 TLS-backend:
-  - OpenSSL
-  - GnuTLS
-  - mbedTLS
-  - Schannel
-  - wolfSSL
+  - All
 Added-in: 7.1
 ---
 
diff --git a/docs/libcurl/opts/CURLOPT_SSLKEY.md b/docs/libcurl/opts/CURLOPT_SSLKEY.md
index 7d311aeec8..bbc486d21f 100644
--- a/docs/libcurl/opts/CURLOPT_SSLKEY.md
+++ b/docs/libcurl/opts/CURLOPT_SSLKEY.md
@@ -15,6 +15,7 @@ TLS-backend:
   - mbedTLS
   - Schannel
   - wolfSSL
+  - Rustls
 Added-in: 7.9.3
 ---
 

From c273de193e6072c4123c4aa95cae316cd728a69f Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 25 Nov 2025 16:14:43 +0100
Subject: [PATCH 1015/2408] test433: verify "Note: Read config file from..."

Which was added in fc09a2da4ad0595292

Closes #19699
---
 tests/data/test2080 |  1 +
 tests/data/test433  | 14 +++++++++++++-
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/tests/data/test2080 b/tests/data/test2080
index 44d16b6ee3..52860addb0 100644
--- a/tests/data/test2080
+++ b/tests/data/test2080
@@ -3,6 +3,7 @@
 
 FILE
 config
+--config
 
 
 
diff --git a/tests/data/test433 b/tests/data/test433
index 63c884fdbe..034f84e0b6 100644
--- a/tests/data/test433
+++ b/tests/data/test433
@@ -36,8 +36,12 @@ CURL_HOME
 
 Verify XDG_CONFIG_HOME use to find curlrc
 
+# set the terminal wide to avoid word wrap in the message
+
+COLUMNS=300
+
 
-%HOSTIP:%HTTPPORT/%TESTNUMBER
+%HOSTIP:%HTTPPORT/%TESTNUMBER --no-progress-meter
 
 
 
@@ -55,5 +59,13 @@ Content-Type: application/x-www-form-urlencoded
 
 curlrc read
 
+
+# On Windows curl may use a backslash, convert that for the comparison
+
+s:\\:/:g
+
+
+Note: Read config file from '%PWD/%LOGDIR/curlrc'
+
 
 

From 9bb5c0578b39e5b086b6a9db5c6eb299a0fe1c5c Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Thu, 27 Nov 2025 12:11:39 +0100
Subject: [PATCH 1016/2408] ngtcp2+openssl: fix leak of session

Fix return value indicating to OpenSSL if reference to session is kept
(it is not), so OpenSSL frees it.

Reported-by: Aleksei Bavshin
Fixes #19717
Closes #19718
---
 lib/vquic/curl_ngtcp2.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c
index ad1f2b2b25..61b233e4ff 100644
--- a/lib/vquic/curl_ngtcp2.c
+++ b/lib/vquic/curl_ngtcp2.c
@@ -2277,7 +2277,6 @@ static int quic_ossl_new_session_cb(SSL *ssl, SSL_SESSION *ssl_sessionid)
 #endif
     Curl_ossl_add_session(cf, data, ctx->peer.scache_key, ssl_sessionid,
                           SSL_version(ssl), "h3", quic_tp, quic_tp_len);
-    return 1;
   }
   return 0;
 }

From a9e7a027ed866b791c12a3c701dc40304f4e00cb Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Thu, 27 Nov 2025 10:23:43 +0100
Subject: [PATCH 1017/2408] vquic: do_sendmsg full init

When passing a `msg_ctrl` to sendmsg() as part of GSO handling, zero the
complete array. This fixes any false positives by valgrind that complain
about uninitialised memory, even though the kernel only ever accesses
the first two bytes.

Reported-by: Aleksei Bavshin
Fixes #19714
Closes #19715
---
 lib/vquic/vquic.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lib/vquic/vquic.c b/lib/vquic/vquic.c
index 562a99e4fe..aa0011c577 100644
--- a/lib/vquic/vquic.c
+++ b/lib/vquic/vquic.c
@@ -145,6 +145,7 @@ static CURLcode do_sendmsg(struct Curl_cfilter *cf,
   if(pktlen > gsolen) {
     /* Only set this, when we need it. macOS, for example,
      * does not seem to like a msg_control of length 0. */
+    memset(msg_ctrl, 0, sizeof(msg_ctrl));
     msg.msg_control = msg_ctrl;
     assert(sizeof(msg_ctrl) >= CMSG_SPACE(sizeof(int)));
     msg.msg_controllen = CMSG_SPACE(sizeof(int));

From feea96851230c7a5a11feaffa0a5e4a4d30e5e63 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Mon, 3 Nov 2025 13:12:50 +0100
Subject: [PATCH 1018/2408] conncontrol: reuse handling

Add protocol handler flag `PROTOPT_CONN_REUSE` to indicate that the
protocol allows reusing connections for other tranfers. Add that
to all handlers that support it.

Create connections with `conn->bits.close = FALSE` and remove all
the `connkeep()` calls in protocol handlers setup/connect implementations.
`PROTOPT_CONN_REUSE` assures that the default behaviour applies
at the end of a transfer without need to juggle the close bit.

`conn->bits.close` now serves as an additional indication that a
connection cannot be reused. Only protocol handles that allow
reuse need to set it to override the default behaviour.

Remove all `connclose()` and `connkeep()` calls from connection
filters. Filters should not modify connection flags. They are
supposed to run in eyeballing situations where a filter is just
one of many determining the outcome.

Fix http response header handling to only honour `Connection: close`
for HTTP/1.x versions.

Closes #19333
---
 lib/cf-h1-proxy.c       |  4 ---
 lib/cf-h2-proxy.c       |  6 +---
 lib/conncache.c         |  1 -
 lib/ftp.c               |  9 +++---
 lib/http.c              | 17 ++++------
 lib/http2.c             |  9 +++---
 lib/imap.c              | 11 +++----
 lib/multi.c             | 70 ++++++++++++++++++++++++-----------------
 lib/openldap.c          |  7 +++--
 lib/pop3.c              | 11 +++----
 lib/rtsp.c              |  2 +-
 lib/smb.c               |  7 ++---
 lib/smtp.c              | 11 +++----
 lib/url.c               |  9 +++---
 lib/urldata.h           |  1 +
 lib/vquic/curl_ngtcp2.c |  1 -
 lib/vquic/curl_osslq.c  |  1 -
 lib/vquic/curl_quiche.c |  4 ---
 lib/vssh/libssh.c       | 11 +++----
 lib/vssh/libssh2.c      | 12 +++----
 lib/vtls/openssl.c      |  3 +-
 21 files changed, 93 insertions(+), 114 deletions(-)

diff --git a/lib/cf-h1-proxy.c b/lib/cf-h1-proxy.c
index 985500f23e..e496d7634d 100644
--- a/lib/cf-h1-proxy.c
+++ b/lib/cf-h1-proxy.c
@@ -127,7 +127,6 @@ static CURLcode tunnel_init(struct Curl_cfilter *cf,
   Curl_httpchunk_init(data, &ts->ch, TRUE);
 
   *pts = ts;
-  connkeep(cf->conn, "HTTP proxy CONNECT");
   return tunnel_reinit(cf, data, ts);
 }
 
@@ -591,7 +590,6 @@ static CURLcode H1_CONNECT(struct Curl_cfilter *cf,
           CURL_TRC_CF(data, cf, "CONNECT need to close+open");
           infof(data, "Connect me again please");
           Curl_conn_cf_close(cf, data);
-          connkeep(conn, "HTTP proxy CONNECT");
           result = Curl_conn_cf_connect(cf->next, data, &done);
           goto out;
         }
@@ -612,8 +610,6 @@ static CURLcode H1_CONNECT(struct Curl_cfilter *cf,
   if(data->info.httpproxycode/100 != 2) {
     /* a non-2xx response and we have no next URL to try. */
     Curl_safefree(data->req.newurl);
-    /* failure, close this connection to avoid reuse */
-    streamclose(conn, "proxy CONNECT failure");
     h1_tunnel_go_state(cf, ts, H1_TUNNEL_FAILED, data);
     failf(data, "CONNECT tunnel failed, response %d", data->req.httpcode);
     return CURLE_RECV_ERROR;
diff --git a/lib/cf-h2-proxy.c b/lib/cf-h2-proxy.c
index b963bb718c..89bc7cc23f 100644
--- a/lib/cf-h2-proxy.c
+++ b/lib/cf-h2-proxy.c
@@ -488,10 +488,6 @@ static CURLcode proxy_h2_progress_ingress(struct Curl_cfilter *cf,
       return result;
   }
 
-  if(ctx->conn_closed && Curl_bufq_is_empty(&ctx->inbufq)) {
-    connclose(cf->conn, "GOAWAY received");
-  }
-
   return CURLE_OK;
 }
 
@@ -1265,7 +1261,7 @@ static CURLcode h2_handle_tunnel_close(struct Curl_cfilter *cf,
   if(ctx->tunnel.error == NGHTTP2_REFUSED_STREAM) {
     CURL_TRC_CF(data, cf, "[%d] REFUSED_STREAM, try again on a new "
                 "connection", ctx->tunnel.stream_id);
-    connclose(cf->conn, "REFUSED_STREAM"); /* do not use this anymore */
+    failf(data, "proxy server refused HTTP/2 stream");
     return CURLE_RECV_ERROR; /* trigger Curl_retry_request() later */
   }
   else if(ctx->tunnel.error != NGHTTP2_NO_ERROR) {
diff --git a/lib/conncache.c b/lib/conncache.c
index 275e490f23..9d3b69bec3 100644
--- a/lib/conncache.c
+++ b/lib/conncache.c
@@ -220,7 +220,6 @@ void Curl_cpool_destroy(struct cpool *cpool)
     while(conn) {
       cpool_remove_conn(cpool, conn);
       sigpipe_apply(cpool->idata, &pipe_st);
-      connclose(conn, "kill all");
       cpool_discard_conn(cpool, cpool->idata, conn, FALSE);
       conn = cpool_get_first(cpool);
     }
diff --git a/lib/ftp.c b/lib/ftp.c
index c289581fd5..ce40012268 100644
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -270,7 +270,8 @@ const struct Curl_handler Curl_handler_ftp = {
   CURLPROTO_FTP,                   /* family */
   PROTOPT_DUAL | PROTOPT_CLOSEACTION | PROTOPT_NEEDSPWD |
   PROTOPT_NOURLQUERY | PROTOPT_PROXY_AS_HTTP |
-  PROTOPT_WILDCARD | PROTOPT_SSL_REUSE /* flags */
+  PROTOPT_WILDCARD | PROTOPT_SSL_REUSE |
+  PROTOPT_CONN_REUSE /* flags */
 };
 
 
@@ -302,7 +303,8 @@ const struct Curl_handler Curl_handler_ftps = {
   CURLPROTO_FTPS,                  /* protocol */
   CURLPROTO_FTP,                   /* family */
   PROTOPT_SSL | PROTOPT_DUAL | PROTOPT_CLOSEACTION |
-  PROTOPT_NEEDSPWD | PROTOPT_NOURLQUERY | PROTOPT_WILDCARD /* flags */
+  PROTOPT_NEEDSPWD | PROTOPT_NOURLQUERY | PROTOPT_WILDCARD |
+  PROTOPT_CONN_REUSE /* flags */
 };
 #endif
 
@@ -3183,9 +3185,6 @@ static CURLcode ftp_connect(struct Curl_easy *data,
   if(!ftpc)
     return CURLE_FAILED_INIT;
   pp = &ftpc->pp;
-  /* We always support persistent connections on ftp */
-  connkeep(conn, "FTP default");
-
   PINGPONG_SETUP(pp, ftp_pp_statemachine, ftp_endofresp);
 
   if(Curl_conn_is_ssl(conn, FIRSTSOCKET)) {
diff --git a/lib/http.c b/lib/http.c
index 144a898ea0..0319be3b65 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -142,7 +142,8 @@ const struct Curl_handler Curl_handler_http = {
   CURLPROTO_HTTP,                       /* protocol */
   CURLPROTO_HTTP,                       /* family */
   PROTOPT_CREDSPERREQUEST |             /* flags */
-  PROTOPT_USERPWDCTRL
+  PROTOPT_USERPWDCTRL | PROTOPT_CONN_REUSE
+
 };
 
 #ifdef USE_SSL
@@ -172,7 +173,7 @@ const struct Curl_handler Curl_handler_https = {
   CURLPROTO_HTTPS,                      /* protocol */
   CURLPROTO_HTTP,                       /* family */
   PROTOPT_SSL | PROTOPT_CREDSPERREQUEST | PROTOPT_ALPN | /* flags */
-  PROTOPT_USERPWDCTRL
+  PROTOPT_USERPWDCTRL | PROTOPT_CONN_REUSE
 };
 
 #endif
@@ -220,7 +221,6 @@ CURLcode Curl_http_setup_conn(struct Curl_easy *data,
 {
   /* allocate the HTTP-specific struct for the Curl_easy, only to survive
      during this request */
-  connkeep(conn, "HTTP default");
   if(data->state.http_neg.wanted == CURL_HTTP_V3x) {
     /* only HTTP/3, needs to work */
     CURLcode result = Curl_conn_may_http3(data, conn, conn->transport_wanted);
@@ -1548,12 +1548,6 @@ Curl_compareheader(const char *headerline, /* line to check */
  */
 CURLcode Curl_http_connect(struct Curl_easy *data, bool *done)
 {
-  struct connectdata *conn = data->conn;
-
-  /* We default to persistent connections. We set this already in this connect
-     function to make the reuse checks properly be able to check this bit. */
-  connkeep(conn, "HTTP default");
-
   return Curl_conn_connect(data, FIRSTSOCKET, FALSE, done);
 }
 
@@ -3257,14 +3251,15 @@ static CURLcode http_header_c(struct Curl_easy *data,
     }
     return CURLE_OK;
   }
-  if(HD_IS_AND_SAYS(hd, hdlen, "Connection:", "close")) {
+  if((k->httpversion < 20) &&
+     HD_IS_AND_SAYS(hd, hdlen, "Connection:", "close")) {
     /*
      * [RFC 2616, section 8.1.2.1]
      * "Connection: close" is HTTP/1.1 language and means that
      * the connection will close when this request has been
      * served.
      */
-    streamclose(conn, "Connection: close used");
+    connclose(conn, "Connection: close used");
     return CURLE_OK;
   }
   if((k->httpversion == 10) &&
diff --git a/lib/http2.c b/lib/http2.c
index 7b94930a21..4f5f5ea52d 100644
--- a/lib/http2.c
+++ b/lib/http2.c
@@ -2071,7 +2071,7 @@ static CURLcode h2_progress_ingress(struct Curl_cfilter *cf,
   size_t nread;
 
   if(should_close_session(ctx)) {
-    CURL_TRC_CF(data, cf, "progress ingress, session is closed");
+    CURL_TRC_CF(data, cf, "[0] ingress: session is closed");
     return CURLE_HTTP2;
   }
 
@@ -2128,15 +2128,16 @@ static CURLcode h2_progress_ingress(struct Curl_cfilter *cf,
     result = h2_process_pending_input(cf, data);
     if(result)
       return result;
-    CURL_TRC_CF(data, cf, "[0] progress ingress: inbufg=%zu",
+    CURL_TRC_CF(data, cf, "[0] ingress: nw-in buffered %zu",
                 Curl_bufq_len(&ctx->inbufq));
   }
 
   if(ctx->conn_closed && Curl_bufq_is_empty(&ctx->inbufq)) {
-    connclose(cf->conn, "GOAWAY received");
+    connclose(cf->conn, ctx->rcvd_goaway ? "server closed with GOAWAY" :
+              "server closed abruptly");
   }
 
-  CURL_TRC_CF(data, cf, "[0] progress ingress: done");
+  CURL_TRC_CF(data, cf, "[0] ingress: done");
   return CURLE_OK;
 }
 
diff --git a/lib/imap.c b/lib/imap.c
index 181b0d7009..af9b124d1e 100644
--- a/lib/imap.c
+++ b/lib/imap.c
@@ -210,9 +210,9 @@ const struct Curl_handler Curl_handler_imap = {
   PORT_IMAP,                        /* defport */
   CURLPROTO_IMAP,                   /* protocol */
   CURLPROTO_IMAP,                   /* family */
-  PROTOPT_CLOSEACTION|              /* flags */
-  PROTOPT_URLOPTIONS|
-  PROTOPT_SSL_REUSE
+  PROTOPT_CLOSEACTION |             /* flags */
+  PROTOPT_URLOPTIONS | PROTOPT_SSL_REUSE |
+  PROTOPT_CONN_REUSE
 };
 
 #ifdef USE_SSL
@@ -243,7 +243,7 @@ const struct Curl_handler Curl_handler_imaps = {
   CURLPROTO_IMAPS,                  /* protocol */
   CURLPROTO_IMAP,                   /* family */
   PROTOPT_CLOSEACTION | PROTOPT_SSL | /* flags */
-  PROTOPT_URLOPTIONS
+  PROTOPT_URLOPTIONS | PROTOPT_CONN_REUSE
 };
 #endif
 
@@ -1680,9 +1680,6 @@ static CURLcode imap_connect(struct Curl_easy *data, bool *done)
   if(!imapc)
     return CURLE_FAILED_INIT;
 
-  /* We always support persistent connections in IMAP */
-  connkeep(data->conn, "IMAP default");
-
   /* Parse the URL options */
   result = imap_parse_url_options(data->conn, imapc);
   if(result)
diff --git a/lib/multi.c b/lib/multi.c
index 57c574a681..f7265a94a9 100644
--- a/lib/multi.c
+++ b/lib/multi.c
@@ -547,6 +547,47 @@ struct multi_done_ctx {
   BIT(premature);
 };
 
+static bool multi_conn_should_close(struct connectdata *conn,
+                                    struct Curl_easy *data,
+                                    bool premature)
+{
+  /* if conn->bits.close is TRUE, it means that the connection should be
+     closed in spite of everything else. */
+  if(conn->bits.close)
+    return TRUE;
+
+  /* if data->set.reuse_forbid is TRUE, it means the libcurl client has
+     forced us to close this connection. This is ignored for requests taking
+     place in a NTLM/NEGOTIATE authentication handshake. */
+  if(data->set.reuse_forbid
+#ifdef USE_NTLM
+     && !(conn->http_ntlm_state == NTLMSTATE_TYPE2 ||
+          conn->proxy_ntlm_state == NTLMSTATE_TYPE2)
+#endif
+#ifdef USE_SPNEGO
+     && !(conn->http_negotiate_state == GSS_AUTHRECV ||
+          conn->proxy_negotiate_state == GSS_AUTHRECV)
+#endif
+     )
+    return TRUE;
+
+  /* Unless this connection is for a "connect-only" transfer, it
+   * needs to be closed if the protocol handler does not support reuse. */
+  if(!data->set.connect_only && conn->handler &&
+     !(conn->handler->flags & PROTOPT_CONN_REUSE))
+    return TRUE;
+
+  /* if premature is TRUE, it means this connection was said to be DONE before
+     the entire request operation is complete and thus we cannot know in what
+     state it is for reusing, so we are forced to close it. In a perfect world
+     we can add code that keep track of if we really must close it here or not,
+     but currently we have no such detail knowledge. */
+  if(premature && !Curl_conn_is_multiplex(conn, FIRSTSOCKET))
+    return TRUE;
+
+  return FALSE;
+}
+
 static void multi_done_locked(struct connectdata *conn,
                               struct Curl_easy *data,
                               void *userdata)
@@ -587,32 +628,7 @@ static void multi_done_locked(struct connectdata *conn,
   Curl_resolv_unlink(data, &data->state.dns[1]);
   Curl_dnscache_prune(data);
 
-  /* if data->set.reuse_forbid is TRUE, it means the libcurl client has
-     forced us to close this connection. This is ignored for requests taking
-     place in a NTLM/NEGOTIATE authentication handshake
-
-     if conn->bits.close is TRUE, it means that the connection should be
-     closed in spite of all our efforts to be nice, due to protocol
-     restrictions in our or the server's end
-
-     if premature is TRUE, it means this connection was said to be DONE before
-     the entire request operation is complete and thus we cannot know in what
-     state it is for reusing, so we are forced to close it. In a perfect world
-     we can add code that keep track of if we really must close it here or not,
-     but currently we have no such detail knowledge.
-  */
-
-  if((data->set.reuse_forbid
-#ifdef USE_NTLM
-      && !(conn->http_ntlm_state == NTLMSTATE_TYPE2 ||
-           conn->proxy_ntlm_state == NTLMSTATE_TYPE2)
-#endif
-#ifdef USE_SPNEGO
-      && !(conn->http_negotiate_state == GSS_AUTHRECV ||
-           conn->proxy_negotiate_state == GSS_AUTHRECV)
-#endif
-     ) || conn->bits.close
-       || (mdctx->premature && !Curl_conn_is_multiplex(conn, FIRSTSOCKET))) {
+  if(multi_conn_should_close(conn, data, mdctx->premature)) {
 #ifndef CURL_DISABLE_VERBOSE_STRINGS
     CURL_TRC_M(data, "multi_done, terminating conn #%" FMT_OFF_T " to %s:%d, "
                "forbid=%d, close=%d, premature=%d, conn_multiplex=%d",
@@ -2127,8 +2143,6 @@ static CURLMcode state_do(struct Curl_easy *data,
   }
 
   if(data->set.connect_only && !data->set.connect_only_ws) {
-    /* keep connection open for application to use the socket */
-    connkeep(data->conn, "CONNECT_ONLY");
     multistate(data, MSTATE_DONE);
     rc = CURLM_CALL_MULTI_PERFORM;
   }
diff --git a/lib/openldap.c b/lib/openldap.c
index 9d6174defe..41419df21b 100644
--- a/lib/openldap.c
+++ b/lib/openldap.c
@@ -139,7 +139,8 @@ const struct Curl_handler Curl_handler_ldap = {
   PORT_LDAP,                            /* defport */
   CURLPROTO_LDAP,                       /* protocol */
   CURLPROTO_LDAP,                       /* family */
-  PROTOPT_SSL_REUSE                     /* flags */
+  PROTOPT_SSL_REUSE |                   /* flags */
+  PROTOPT_CONN_REUSE
 };
 
 #ifdef USE_SSL
@@ -169,7 +170,8 @@ const struct Curl_handler Curl_handler_ldaps = {
   PORT_LDAPS,                           /* defport */
   CURLPROTO_LDAPS,                      /* protocol */
   CURLPROTO_LDAP,                       /* family */
-  PROTOPT_SSL                           /* flags */
+  PROTOPT_SSL |                         /* flags */
+  PROTOPT_CONN_REUSE
 };
 #endif
 
@@ -992,7 +994,6 @@ static CURLcode oldap_do(struct Curl_easy *data, bool *done)
 
   if(!li)
     return CURLE_FAILED_INIT;
-  connkeep(conn, "OpenLDAP do");
 
   infof(data, "LDAP local: %s", data->state.url);
 
diff --git a/lib/pop3.c b/lib/pop3.c
index 05203c1a07..503f4ecb2b 100644
--- a/lib/pop3.c
+++ b/lib/pop3.c
@@ -200,7 +200,8 @@ const struct Curl_handler Curl_handler_pop3 = {
   CURLPROTO_POP3,                   /* protocol */
   CURLPROTO_POP3,                   /* family */
   PROTOPT_CLOSEACTION | PROTOPT_NOURLQUERY | /* flags */
-  PROTOPT_URLOPTIONS | PROTOPT_SSL_REUSE
+  PROTOPT_URLOPTIONS | PROTOPT_SSL_REUSE |
+  PROTOPT_CONN_REUSE
 };
 
 #ifdef USE_SSL
@@ -230,8 +231,9 @@ const struct Curl_handler Curl_handler_pop3s = {
   PORT_POP3S,                       /* defport */
   CURLPROTO_POP3S,                  /* protocol */
   CURLPROTO_POP3,                   /* family */
-  PROTOPT_CLOSEACTION | PROTOPT_SSL
-  | PROTOPT_NOURLQUERY | PROTOPT_URLOPTIONS /* flags */
+  PROTOPT_CLOSEACTION | PROTOPT_SSL | /* flags */
+  PROTOPT_NOURLQUERY | PROTOPT_URLOPTIONS |
+  PROTOPT_CONN_REUSE
 };
 #endif
 
@@ -1295,9 +1297,6 @@ static CURLcode pop3_connect(struct Curl_easy *data, bool *done)
   if(!pop3c)
     return CURLE_FAILED_INIT;
 
-  /* We always support persistent connections in POP3 */
-  connkeep(conn, "POP3 default");
-
   PINGPONG_SETUP(pp, pop3_statemachine, pop3_endofresp);
 
   /* Set the default preferred authentication type and mechanism */
diff --git a/lib/rtsp.c b/lib/rtsp.c
index b4b3d6dd55..dd49ebc42b 100644
--- a/lib/rtsp.c
+++ b/lib/rtsp.c
@@ -152,7 +152,7 @@ const struct Curl_handler Curl_handler_rtsp = {
   PORT_RTSP,                            /* defport */
   CURLPROTO_RTSP,                       /* protocol */
   CURLPROTO_RTSP,                       /* family */
-  PROTOPT_NONE                          /* flags */
+  PROTOPT_CONN_REUSE                    /* flags */
 };
 
 #define MAX_RTP_BUFFERSIZE 1000000 /* arbitrary */
diff --git a/lib/smb.c b/lib/smb.c
index 4ef35c295d..e5fca3ec0b 100644
--- a/lib/smb.c
+++ b/lib/smb.c
@@ -329,7 +329,7 @@ const struct Curl_handler Curl_handler_smb = {
   PORT_SMB,                             /* defport */
   CURLPROTO_SMB,                        /* protocol */
   CURLPROTO_SMB,                        /* family */
-  PROTOPT_NONE                          /* flags */
+  PROTOPT_CONN_REUSE                    /* flags */
 };
 
 #ifdef USE_SSL
@@ -358,7 +358,7 @@ const struct Curl_handler Curl_handler_smbs = {
   PORT_SMBS,                            /* defport */
   CURLPROTO_SMBS,                       /* protocol */
   CURLPROTO_SMB,                        /* family */
-  PROTOPT_SSL                           /* flags */
+  PROTOPT_SSL | PROTOPT_CONN_REUSE      /* flags */
 };
 #endif
 
@@ -513,9 +513,6 @@ static CURLcode smb_connect(struct Curl_easy *data, bool *done)
   if(!smbc->send_buf)
     return CURLE_OUT_OF_MEMORY;
 
-  /* Multiple requests are allowed with this connection */
-  connkeep(conn, "SMB default");
-
   /* Parse the username, domain, and password */
   slash = strchr(conn->user, '/');
   if(!slash)
diff --git a/lib/smtp.c b/lib/smtp.c
index af4676dc18..eca27f1465 100644
--- a/lib/smtp.c
+++ b/lib/smtp.c
@@ -205,7 +205,8 @@ const struct Curl_handler Curl_handler_smtp = {
   CURLPROTO_SMTP,                   /* protocol */
   CURLPROTO_SMTP,                   /* family */
   PROTOPT_CLOSEACTION | PROTOPT_NOURLQUERY | /* flags */
-  PROTOPT_URLOPTIONS | PROTOPT_SSL_REUSE
+  PROTOPT_URLOPTIONS | PROTOPT_SSL_REUSE |
+  PROTOPT_CONN_REUSE
 };
 
 #ifdef USE_SSL
@@ -235,8 +236,9 @@ const struct Curl_handler Curl_handler_smtps = {
   PORT_SMTPS,                       /* defport */
   CURLPROTO_SMTPS,                  /* protocol */
   CURLPROTO_SMTP,                   /* family */
-  PROTOPT_CLOSEACTION | PROTOPT_SSL
-  | PROTOPT_NOURLQUERY | PROTOPT_URLOPTIONS /* flags */
+  PROTOPT_CLOSEACTION | PROTOPT_SSL | /* flags */
+  PROTOPT_NOURLQUERY | PROTOPT_URLOPTIONS |
+  PROTOPT_CONN_REUSE
 };
 #endif
 
@@ -1440,9 +1442,6 @@ static CURLcode smtp_connect(struct Curl_easy *data, bool *done)
   if(!smtpc)
     return CURLE_FAILED_INIT;
 
-  /* We always support persistent connections in SMTP */
-  connkeep(data->conn, "SMTP default");
-
   PINGPONG_SETUP(&smtpc->pp, smtp_pp_statemachine, smtp_endofresp);
 
   /* Initialize the SASL storage */
diff --git a/lib/url.c b/lib/url.c
index 8b3f7f5ab7..b6a60feb38 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -1364,11 +1364,6 @@ static struct connectdata *allocate_conn(struct Curl_easy *data)
   conn->connection_id = -1;    /* no ID */
   conn->remote_port = -1; /* unknown at this point */
 
-  /* Default protocol-independent behavior does not support persistent
-     connections, so we set this to force-close. Protocols that support
-     this need to set this to FALSE in their "curl_do" functions. */
-  connclose(conn, "Default to force-close");
-
   /* Store creation time to help future close decision making */
   conn->created = curlx_now();
 
@@ -1428,6 +1423,7 @@ static struct connectdata *allocate_conn(struct Curl_easy *data)
 #ifdef HAVE_GSSAPI
   conn->gssapi_delegation = data->set.gssapi_delegation;
 #endif
+  DEBUGF(infof(data, "alloc connection, bits.close=%d", conn->bits.close));
   return conn;
 error:
 
@@ -2035,11 +2031,13 @@ static CURLcode setup_connection_internals(struct Curl_easy *data,
   int port;
   CURLcode result;
 
+  DEBUGF(infof(data, "setup connection, bits.close=%d", conn->bits.close));
   if(conn->handler->setup_connection) {
     result = conn->handler->setup_connection(data, conn);
     if(result)
       return result;
   }
+  DEBUGF(infof(data, "setup connection, bits.close=%d", conn->bits.close));
 
   /* Now create the destination name */
 #ifndef CURL_DISABLE_PROXY
@@ -3664,6 +3662,7 @@ static CURLcode create_conn(struct Curl_easy *data,
     /* We have decided that we want a new connection. However, we may not
        be able to do that if we have reached the limit of how many
        connections we are allowed to open. */
+    DEBUGF(infof(data, "new connection, bits.close=%d", conn->bits.close));
 
     if(conn->handler->flags & PROTOPT_ALPN) {
       /* The protocol wants it, so set the bits if enabled in the easy handle
diff --git a/lib/urldata.h b/lib/urldata.h
index c71607ea7d..37ecd1ff9d 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -567,6 +567,7 @@ struct Curl_handler {
 #define PROTOPT_SSL_REUSE (1<<15)   /* this protocol may reuse an existing
                                        SSL connection in the same family
                                        without having PROTOPT_SSL. */
+#define PROTOPT_CONN_REUSE (1<<16)  /* this protocol can reuse connections */
 
 #define CONNCHECK_NONE 0                 /* No checks */
 #define CONNCHECK_ISDEAD (1<<0)          /* Check if the connection is dead. */
diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c
index 61b233e4ff..de767f28dc 100644
--- a/lib/vquic/curl_ngtcp2.c
+++ b/lib/vquic/curl_ngtcp2.c
@@ -2647,7 +2647,6 @@ static CURLcode cf_ngtcp2_connect(struct Curl_cfilter *cf,
       CURL_TRC_CF(data, cf, "peer verified");
       cf->connected = TRUE;
       *done = TRUE;
-      connkeep(cf->conn, "HTTP/3 default");
     }
   }
 
diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c
index 0f7cc7a91a..376705e516 100644
--- a/lib/vquic/curl_osslq.c
+++ b/lib/vquic/curl_osslq.c
@@ -1816,7 +1816,6 @@ static CURLcode cf_osslq_connect(struct Curl_cfilter *cf,
       CURL_TRC_CF(data, cf, "peer verified");
       cf->connected = TRUE;
       *done = TRUE;
-      connkeep(cf->conn, "HTTP/3 default");
     }
   }
   else {
diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c
index 5082dc750b..9274929790 100644
--- a/lib/vquic/curl_quiche.c
+++ b/lib/vquic/curl_quiche.c
@@ -446,7 +446,6 @@ static CURLcode cf_recv_body(struct Curl_cfilter *cf,
     stream->closed = TRUE;
     stream->reset = TRUE;
     stream->send_closed = TRUE;
-    streamclose(cf->conn, "Reset of stream");
     return result;
   }
   return CURLE_OK;
@@ -510,7 +509,6 @@ static CURLcode h3_process_event(struct Curl_cfilter *cf,
     stream->closed = TRUE;
     stream->reset = TRUE;
     stream->send_closed = TRUE;
-    streamclose(cf->conn, "Reset of stream");
     break;
 
   case QUICHE_H3_EVENT_FINISHED:
@@ -522,7 +520,6 @@ static CURLcode h3_process_event(struct Curl_cfilter *cf,
       stream->resp_hds_complete = TRUE;
     }
     stream->closed = TRUE;
-    streamclose(cf->conn, "End of stream");
     break;
 
   case QUICHE_H3_EVENT_GOAWAY:
@@ -1415,7 +1412,6 @@ static CURLcode cf_quiche_connect(struct Curl_cfilter *cf,
       }
       cf->connected = TRUE;
       *done = TRUE;
-      connkeep(cf->conn, "HTTP/3 default");
     }
   }
   else if(quiche_conn_is_draining(ctx->qconn)) {
diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c
index 77a915884a..c76478bc2a 100644
--- a/lib/vssh/libssh.c
+++ b/lib/vssh/libssh.c
@@ -156,7 +156,8 @@ const struct Curl_handler Curl_handler_scp = {
   PORT_SSH,                     /* defport */
   CURLPROTO_SCP,                /* protocol */
   CURLPROTO_SCP,                /* family */
-  PROTOPT_DIRLOCK | PROTOPT_CLOSEACTION | PROTOPT_NOURLQUERY    /* flags */
+  PROTOPT_DIRLOCK | PROTOPT_CLOSEACTION | /* flags */
+  PROTOPT_NOURLQUERY | PROTOPT_CONN_REUSE
 };
 
 /*
@@ -185,8 +186,8 @@ const struct Curl_handler Curl_handler_sftp = {
   PORT_SSH,                             /* defport */
   CURLPROTO_SFTP,                       /* protocol */
   CURLPROTO_SFTP,                       /* family */
-  PROTOPT_DIRLOCK | PROTOPT_CLOSEACTION
-  | PROTOPT_NOURLQUERY                  /* flags */
+  PROTOPT_DIRLOCK | PROTOPT_CLOSEACTION | /* flags */
+  PROTOPT_NOURLQUERY | PROTOPT_CONN_REUSE
 };
 
 static CURLcode sftp_error_to_CURLE(int err)
@@ -2572,10 +2573,6 @@ static CURLcode myssh_connect(struct Curl_easy *data, bool *done)
   if(!sshc || !ssh)
     return CURLE_FAILED_INIT;
 
-  /* We default to persistent connections. We set this already in this connect
-     function to make the reuse checks properly be able to check this bit. */
-  connkeep(conn, "SSH default");
-
   if(conn->handler->protocol & CURLPROTO_SCP) {
     conn->recv[FIRSTSOCKET] = scp_recv;
     conn->send[FIRSTSOCKET] = scp_send;
diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c
index 714e395373..1c9fe5ac01 100644
--- a/lib/vssh/libssh2.c
+++ b/lib/vssh/libssh2.c
@@ -123,8 +123,8 @@ const struct Curl_handler Curl_handler_scp = {
   PORT_SSH,                             /* defport */
   CURLPROTO_SCP,                        /* protocol */
   CURLPROTO_SCP,                        /* family */
-  PROTOPT_DIRLOCK | PROTOPT_CLOSEACTION
-  | PROTOPT_NOURLQUERY                  /* flags */
+  PROTOPT_DIRLOCK | PROTOPT_CLOSEACTION | /* flags */
+  PROTOPT_NOURLQUERY | PROTOPT_CONN_REUSE
 };
 
 
@@ -154,8 +154,8 @@ const struct Curl_handler Curl_handler_sftp = {
   PORT_SSH,                             /* defport */
   CURLPROTO_SFTP,                       /* protocol */
   CURLPROTO_SFTP,                       /* family */
-  PROTOPT_DIRLOCK | PROTOPT_CLOSEACTION
-  | PROTOPT_NOURLQUERY                  /* flags */
+  PROTOPT_DIRLOCK | PROTOPT_CLOSEACTION | /* flags */
+  PROTOPT_NOURLQUERY | PROTOPT_CONN_REUSE
 };
 
 static void
@@ -3323,10 +3323,6 @@ static CURLcode ssh_connect(struct Curl_easy *data, bool *done)
   if(!sshc)
     return CURLE_FAILED_INIT;
 
-  /* We default to persistent connections. We set this already in this connect
-     function to make the reuse checks properly be able to check this bit. */
-  connkeep(conn, "SSH default");
-
   infof(data, "User: '%s'", conn->user);
 #ifdef CURL_LIBSSH2_DEBUG
   infof(data, "Password: %s", conn->passwd);
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 8991d965d9..2f526479c5 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -5175,7 +5175,6 @@ static CURLcode ossl_recv(struct Curl_cfilter *cf,
   char error_buffer[256];
   unsigned long sslerror;
   int buffsize;
-  struct connectdata *conn = cf->conn;
   struct ssl_connect_data *connssl = cf->ctx;
   struct ossl_ctx *octx = (struct ossl_ctx *)connssl->backend;
   CURLcode result = CURLE_OK;
@@ -5205,7 +5204,7 @@ static CURLcode ossl_recv(struct Curl_cfilter *cf,
       if(cf->sockindex == FIRSTSOCKET)
         /* mark the connection for close if it is indeed the control
            connection */
-        connclose(conn, "TLS close_notify");
+        CURL_TRC_CF(data, cf, "TLS close_notify");
       break;
     case SSL_ERROR_WANT_READ:
       connssl->io_need = CURL_SSL_IO_NEED_RECV;

From c4f29cc5081b4b70ba435c64bd8ee81f02b3ceeb Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Wed, 26 Nov 2025 14:05:46 +0100
Subject: [PATCH 1019/2408] ip_quadruple/proxy: make port uint16_t

Make `port` member in these struct of type `uint16_t`.

add `uint8_t transport` to `struct ip_quadruple

Define TRNSPRT_NONE as 0. By assigning a valid transport only on a
successful connection, it is clear when the ip_quadruple members are
valid. Also, for transports not involving ports, the getinfos for
`CURLINFO_PRIMARY_PORT` and `CURLINFO_LOCAL_PORT` will now always return
-1.

Make all `transport` members and parameters of type `uint8_t`.

Document the return value of `CURLINFO_LOCAL_PORT` and
`CURLINFO_PRIMARY_PORT` in this regard. Add tests that writeout stats
report ports correctly.

Closes #19708
---
 docs/libcurl/opts/CURLINFO_LOCAL_PORT.md   |  3 ++
 docs/libcurl/opts/CURLINFO_PRIMARY_PORT.md |  5 +++
 lib/cf-https-connect.c                     | 10 +++---
 lib/cf-ip-happy.c                          | 24 ++++++-------
 lib/cf-ip-happy.h                          |  6 ++--
 lib/cf-socket.c                            | 17 ++++-----
 lib/cf-socket.h                            |  8 ++---
 lib/connect.c                              | 16 ++++-----
 lib/connect.h                              |  4 +--
 lib/getinfo.c                              | 12 ++++---
 lib/setopt.c                               |  4 +--
 lib/url.c                                  | 14 ++++----
 lib/urldata.h                              | 40 +++++++++++++---------
 lib/vquic/vquic.c                          |  2 +-
 lib/vquic/vquic.h                          |  2 +-
 tests/http/test_01_basic.py                |  3 ++
 tests/http/test_11_unix.py                 |  6 ++++
 tests/unit/unit1607.c                      |  2 +-
 tests/unit/unit1609.c                      |  2 +-
 tests/unit/unit2600.c                      |  4 +--
 20 files changed, 104 insertions(+), 80 deletions(-)

diff --git a/docs/libcurl/opts/CURLINFO_LOCAL_PORT.md b/docs/libcurl/opts/CURLINFO_LOCAL_PORT.md
index 67d73b7165..40d1f5fb6a 100644
--- a/docs/libcurl/opts/CURLINFO_LOCAL_PORT.md
+++ b/docs/libcurl/opts/CURLINFO_LOCAL_PORT.md
@@ -35,6 +35,9 @@ connection done with this **curl** handle.
 If the connection was done using QUIC, the port number is a UDP port number,
 otherwise it is a TCP port number.
 
+If no connection was established or if the protocol does not use ports, -1
+is returned.
+
 # %PROTOCOLS%
 
 # EXAMPLE
diff --git a/docs/libcurl/opts/CURLINFO_PRIMARY_PORT.md b/docs/libcurl/opts/CURLINFO_PRIMARY_PORT.md
index b98f246042..85f5767423 100644
--- a/docs/libcurl/opts/CURLINFO_PRIMARY_PORT.md
+++ b/docs/libcurl/opts/CURLINFO_PRIMARY_PORT.md
@@ -36,6 +36,11 @@ If a proxy was used for the most recent transfer, this is the port number of
 the proxy, if no proxy was used it is the port number of the most recently
 accessed URL.
 
+If the connection was done using QUIC, the port number is a UDP port number.
+
+If no connection was established or if the protocol does not use ports, -1
+is returned.
+
 # %PROTOCOLS%
 
 # EXAMPLE
diff --git a/lib/cf-https-connect.c b/lib/cf-https-connect.c
index dfd82bd9a1..5491d7968d 100644
--- a/lib/cf-https-connect.c
+++ b/lib/cf-https-connect.c
@@ -55,7 +55,7 @@ struct cf_hc_baller {
   CURLcode result;
   struct curltime started;
   int reply_ms;
-  unsigned char transport;
+  uint8_t transport;
   enum alpnid alpn_id;
   BIT(shutdown);
 };
@@ -124,7 +124,7 @@ struct cf_hc_ctx {
 
 static void cf_hc_baller_assign(struct cf_hc_baller *b,
                                 enum alpnid alpn_id,
-                                unsigned char def_transport)
+                                uint8_t def_transport)
 {
   b->alpn_id = alpn_id;
   b->transport = def_transport;
@@ -148,7 +148,7 @@ static void cf_hc_baller_assign(struct cf_hc_baller *b,
 static void cf_hc_baller_init(struct cf_hc_baller *b,
                               struct Curl_cfilter *cf,
                               struct Curl_easy *data,
-                              int transport)
+                              uint8_t transport)
 {
   struct Curl_cfilter *save = cf->next;
 
@@ -581,7 +581,7 @@ struct Curl_cftype Curl_cft_http_connect = {
 static CURLcode cf_hc_create(struct Curl_cfilter **pcf,
                              struct Curl_easy *data,
                              enum alpnid *alpnids, size_t alpn_count,
-                             unsigned char def_transport)
+                             uint8_t def_transport)
 {
   struct Curl_cfilter *cf = NULL;
   struct cf_hc_ctx *ctx;
@@ -626,7 +626,7 @@ static CURLcode cf_http_connect_add(struct Curl_easy *data,
                                     struct connectdata *conn,
                                     int sockindex,
                                     enum alpnid *alpn_ids, size_t alpn_count,
-                                    unsigned char def_transport)
+                                    uint8_t def_transport)
 {
   struct Curl_cfilter *cf;
   CURLcode result = CURLE_OK;
diff --git a/lib/cf-ip-happy.c b/lib/cf-ip-happy.c
index 2e522322c3..eb62cd4c73 100644
--- a/lib/cf-ip-happy.c
+++ b/lib/cf-ip-happy.c
@@ -66,7 +66,7 @@
 
 
 struct transport_provider {
-  int transport;
+  uint8_t transport;
   cf_ip_connect_create *cf_create;
 };
 
@@ -87,7 +87,7 @@ struct transport_provider transport_providers[] = {
 #endif
 };
 
-static cf_ip_connect_create *get_cf_create(int transport)
+static cf_ip_connect_create *get_cf_create(uint8_t transport)
 {
   size_t i;
   for(i = 0; i < CURL_ARRAYSIZE(transport_providers); ++i) {
@@ -99,7 +99,7 @@ static cf_ip_connect_create *get_cf_create(int transport)
 
 #ifdef UNITTESTS
 /* used by unit2600.c */
-void Curl_debug_set_transport_provider(int transport,
+void Curl_debug_set_transport_provider(uint8_t transport,
                                        cf_ip_connect_create *cf_create)
 {
   size_t i;
@@ -172,7 +172,7 @@ struct cf_ip_attempt {
   struct curltime started;           /* start of current attempt */
   CURLcode result;
   int ai_family;
-  int transport;
+  uint8_t transport;
   int error;
   BIT(connected);                    /* cf has connected */
   BIT(shutdown);                     /* cf has shutdown */
@@ -195,7 +195,7 @@ static CURLcode cf_ip_attempt_new(struct cf_ip_attempt **pa,
                                   struct Curl_easy *data,
                                   const struct Curl_addrinfo *addr,
                                   int ai_family,
-                                  int transport,
+                                  uint8_t transport,
                                   cf_ip_connect_create *cf_create)
 {
   struct Curl_cfilter *wcf;
@@ -264,7 +264,7 @@ struct cf_ip_ballers {
   struct curltime last_attempt_started;
   timediff_t attempt_delay_ms;
   int last_attempt_ai_family;
-  int transport;
+  uint8_t transport;
 };
 
 static CURLcode cf_ip_attempt_restart(struct cf_ip_attempt *a,
@@ -315,7 +315,7 @@ static void cf_ip_ballers_clear(struct Curl_cfilter *cf,
 static CURLcode cf_ip_ballers_init(struct cf_ip_ballers *bs, int ip_version,
                                    const struct Curl_addrinfo *addr_list,
                                    cf_ip_connect_create *cf_create,
-                                   int transport,
+                                   uint8_t transport,
                                    timediff_t attempt_delay_ms)
 {
   memset(bs, 0, sizeof(*bs));
@@ -626,7 +626,7 @@ typedef enum {
 } cf_connect_state;
 
 struct cf_ip_happy_ctx {
-  int transport;
+  uint8_t transport;
   cf_ip_connect_create *cf_create;
   cf_connect_state state;
   struct cf_ip_ballers ballers;
@@ -713,7 +713,7 @@ static CURLcode start_connect(struct Curl_cfilter *cf,
     return CURLE_OPERATION_TIMEDOUT;
   }
 
-  CURL_TRC_CF(data, cf, "init ip ballers for transport %d", ctx->transport);
+  CURL_TRC_CF(data, cf, "init ip ballers for transport %u", ctx->transport);
   ctx->started = curlx_now();
   return cf_ip_ballers_init(&ctx->ballers, cf->conn->ip_version,
                             dns->addr, ctx->cf_create, ctx->transport,
@@ -933,7 +933,7 @@ static CURLcode cf_ip_happy_create(struct Curl_cfilter **pcf,
                                    struct Curl_easy *data,
                                    struct connectdata *conn,
                                    cf_ip_connect_create *cf_create,
-                                   int transport)
+                                   uint8_t transport)
 {
   struct cf_ip_happy_ctx *ctx = NULL;
   CURLcode result;
@@ -961,7 +961,7 @@ out:
 
 CURLcode cf_ip_happy_insert_after(struct Curl_cfilter *cf_at,
                                   struct Curl_easy *data,
-                                  int transport)
+                                  uint8_t transport)
 {
   cf_ip_connect_create *cf_create;
   struct Curl_cfilter *cf;
@@ -971,7 +971,7 @@ CURLcode cf_ip_happy_insert_after(struct Curl_cfilter *cf_at,
   DEBUGASSERT(cf_at);
   cf_create = get_cf_create(transport);
   if(!cf_create) {
-    CURL_TRC_CF(data, cf_at, "unsupported transport type %d", transport);
+    CURL_TRC_CF(data, cf_at, "unsupported transport type %u", transport);
     return CURLE_UNSUPPORTED_PROTOCOL;
   }
   result = cf_ip_happy_create(&cf, data, cf_at->conn, cf_create, transport);
diff --git a/lib/cf-ip-happy.h b/lib/cf-ip-happy.h
index 96e619ae43..2930f21418 100644
--- a/lib/cf-ip-happy.h
+++ b/lib/cf-ip-happy.h
@@ -43,16 +43,16 @@ typedef CURLcode cf_ip_connect_create(struct Curl_cfilter **pcf,
                                       struct Curl_easy *data,
                                       struct connectdata *conn,
                                       const struct Curl_addrinfo *ai,
-                                      int transport);
+                                      uint8_t transport);
 
 CURLcode cf_ip_happy_insert_after(struct Curl_cfilter *cf_at,
                                   struct Curl_easy *data,
-                                  int transport);
+                                  uint8_t transport);
 
 extern struct Curl_cftype Curl_cft_ip_happy;
 
 #ifdef UNITTESTS
-void Curl_debug_set_transport_provider(int transport,
+void Curl_debug_set_transport_provider(uint8_t transport,
                                        cf_ip_connect_create *cf_create);
 #endif
 
diff --git a/lib/cf-socket.c b/lib/cf-socket.c
index 2930f95fe2..c657330ec6 100644
--- a/lib/cf-socket.c
+++ b/lib/cf-socket.c
@@ -303,7 +303,7 @@ tcpkeepalive(struct Curl_cfilter *cf,
  */
 static CURLcode sock_assign_addr(struct Curl_sockaddr_ex *dest,
                                  const struct Curl_addrinfo *ai,
-                                 int transport)
+                                 uint8_t transport)
 {
   /*
    * The Curl_sockaddr_ex structure is basically libcurl's external API
@@ -404,7 +404,7 @@ static CURLcode socket_open(struct Curl_easy *data,
 CURLcode Curl_socket_open(struct Curl_easy *data,
                           const struct Curl_addrinfo *ai,
                           struct Curl_sockaddr_ex *addr,
-                          int transport,
+                          uint8_t transport,
                           curl_socket_t *sockfd)
 {
   struct Curl_sockaddr_ex dummy;
@@ -909,7 +909,7 @@ static CURLcode socket_connect_result(struct Curl_easy *data,
 }
 
 struct cf_socket_ctx {
-  int transport;
+  uint8_t transport;
   struct Curl_sockaddr_ex addr;      /* address to connect to */
   curl_socket_t sock;                /* current attempt socket */
   struct ip_quadruple ip;            /* The IP quadruple 2x(addr+port) */
@@ -936,7 +936,7 @@ struct cf_socket_ctx {
 
 static CURLcode cf_socket_ctx_init(struct cf_socket_ctx *ctx,
                                    const struct Curl_addrinfo *ai,
-                                   int transport)
+                                   uint8_t transport)
 {
   CURLcode result;
 
@@ -1035,7 +1035,7 @@ static void set_local_ip(struct Curl_cfilter *cf,
 {
   struct cf_socket_ctx *ctx = cf->ctx;
   ctx->ip.local_ip[0] = 0;
-  ctx->ip.local_port = -1;
+  ctx->ip.local_port = 0;
 
 #ifdef HAVE_GETSOCKNAME
   if((ctx->sock != CURL_SOCKET_BAD) &&
@@ -1069,6 +1069,7 @@ static CURLcode set_remote_ip(struct Curl_cfilter *cf,
   struct cf_socket_ctx *ctx = cf->ctx;
 
   /* store remote address and port used in this connection attempt */
+  ctx->ip.transport = ctx->transport;
   if(!Curl_addr2string(&ctx->addr.curl_sa_addr,
                        (curl_socklen_t)ctx->addr.addrlen,
                        ctx->ip.remote_ip, &ctx->ip.remote_port)) {
@@ -1743,7 +1744,7 @@ CURLcode Curl_cf_tcp_create(struct Curl_cfilter **pcf,
                             struct Curl_easy *data,
                             struct connectdata *conn,
                             const struct Curl_addrinfo *ai,
-                            int transport)
+                            uint8_t transport)
 {
   struct cf_socket_ctx *ctx = NULL;
   struct Curl_cfilter *cf = NULL;
@@ -1910,7 +1911,7 @@ CURLcode Curl_cf_udp_create(struct Curl_cfilter **pcf,
                             struct Curl_easy *data,
                             struct connectdata *conn,
                             const struct Curl_addrinfo *ai,
-                            int transport)
+                            uint8_t transport)
 {
   struct cf_socket_ctx *ctx = NULL;
   struct Curl_cfilter *cf = NULL;
@@ -1964,7 +1965,7 @@ CURLcode Curl_cf_unix_create(struct Curl_cfilter **pcf,
                              struct Curl_easy *data,
                              struct connectdata *conn,
                              const struct Curl_addrinfo *ai,
-                             int transport)
+                             uint8_t transport)
 {
   struct cf_socket_ctx *ctx = NULL;
   struct Curl_cfilter *cf = NULL;
diff --git a/lib/cf-socket.h b/lib/cf-socket.h
index e5fc176ee1..432b087045 100644
--- a/lib/cf-socket.h
+++ b/lib/cf-socket.h
@@ -71,7 +71,7 @@ CURLcode Curl_parse_interface(const char *input,
 CURLcode Curl_socket_open(struct Curl_easy *data,
                           const struct Curl_addrinfo *ai,
                           struct Curl_sockaddr_ex *addr,
-                          int transport,
+                          uint8_t transport,
                           curl_socket_t *sockfd);
 
 int Curl_socket_close(struct Curl_easy *data, struct connectdata *conn,
@@ -103,7 +103,7 @@ CURLcode Curl_cf_tcp_create(struct Curl_cfilter **pcf,
                             struct Curl_easy *data,
                             struct connectdata *conn,
                             const struct Curl_addrinfo *ai,
-                            int transport);
+                            uint8_t transport);
 
 /**
  * Creates a cfilter that opens a UDP socket to the given address
@@ -116,7 +116,7 @@ CURLcode Curl_cf_udp_create(struct Curl_cfilter **pcf,
                             struct Curl_easy *data,
                             struct connectdata *conn,
                             const struct Curl_addrinfo *ai,
-                            int transport);
+                            uint8_t transport);
 
 /**
  * Creates a cfilter that opens a UNIX socket to the given address
@@ -129,7 +129,7 @@ CURLcode Curl_cf_unix_create(struct Curl_cfilter **pcf,
                              struct Curl_easy *data,
                              struct connectdata *conn,
                              const struct Curl_addrinfo *ai,
-                             int transport);
+                             uint8_t transport);
 
 /**
  * Creates a cfilter that keeps a listening socket.
diff --git a/lib/connect.c b/lib/connect.c
index fbb5dcabff..e29c2f51bc 100644
--- a/lib/connect.c
+++ b/lib/connect.c
@@ -238,7 +238,7 @@ bool Curl_shutdown_started(struct Curl_easy *data, int sockindex)
 /* retrieves ip address and port from a sockaddr structure. note it calls
    curlx_inet_ntop which sets errno on fail, not SOCKERRNO. */
 bool Curl_addr2string(struct sockaddr *sa, curl_socklen_t salen,
-                      char *addr, int *port)
+                      char *addr, uint16_t *port)
 {
   struct sockaddr_in *si = NULL;
 #ifdef USE_IPV6
@@ -254,8 +254,7 @@ bool Curl_addr2string(struct sockaddr *sa, curl_socklen_t salen,
     case AF_INET:
       si = (struct sockaddr_in *)(void *) sa;
       if(curlx_inet_ntop(sa->sa_family, &si->sin_addr, addr, MAX_IPADR_LEN)) {
-        unsigned short us_port = ntohs(si->sin_port);
-        *port = us_port;
+        *port = ntohs(si->sin_port);
         return TRUE;
       }
       break;
@@ -264,8 +263,7 @@ bool Curl_addr2string(struct sockaddr *sa, curl_socklen_t salen,
       si6 = (struct sockaddr_in6 *)(void *) sa;
       if(curlx_inet_ntop(sa->sa_family, &si6->sin6_addr, addr,
                          MAX_IPADR_LEN)) {
-        unsigned short us_port = ntohs(si6->sin6_port);
-        *port = us_port;
+        *port = ntohs(si6->sin6_port);
         return TRUE;
       }
       break;
@@ -366,7 +364,7 @@ typedef enum {
 struct cf_setup_ctx {
   cf_setup_state state;
   int ssl_mode;
-  int transport;
+  uint8_t transport;
 };
 
 static CURLcode cf_setup_connect(struct Curl_cfilter *cf,
@@ -521,7 +519,7 @@ struct Curl_cftype Curl_cft_setup = {
 
 static CURLcode cf_setup_create(struct Curl_cfilter **pcf,
                                 struct Curl_easy *data,
-                                int transport,
+                                uint8_t transport,
                                 int ssl_mode)
 {
   struct Curl_cfilter *cf = NULL;
@@ -554,7 +552,7 @@ out:
 static CURLcode cf_setup_add(struct Curl_easy *data,
                              struct connectdata *conn,
                              int sockindex,
-                             int transport,
+                             uint8_t transport,
                              int ssl_mode)
 {
   struct Curl_cfilter *cf;
@@ -571,7 +569,7 @@ out:
 
 CURLcode Curl_cf_setup_insert_after(struct Curl_cfilter *cf_at,
                                     struct Curl_easy *data,
-                                    int transport,
+                                    uint8_t transport,
                                     int ssl_mode)
 {
   struct Curl_cfilter *cf;
diff --git a/lib/connect.h b/lib/connect.h
index b6d9b8e836..9060591dce 100644
--- a/lib/connect.h
+++ b/lib/connect.h
@@ -74,7 +74,7 @@ curl_socket_t Curl_getconnectinfo(struct Curl_easy *data,
                                   struct connectdata **connp);
 
 bool Curl_addr2string(struct sockaddr *sa, curl_socklen_t salen,
-                      char *addr, int *port);
+                      char *addr, uint16_t *port);
 
 /*
  * Curl_conncontrol() marks the end of a connection/stream. The 'closeit'
@@ -111,7 +111,7 @@ void Curl_conncontrol(struct connectdata *conn,
 
 CURLcode Curl_cf_setup_insert_after(struct Curl_cfilter *cf_at,
                                     struct Curl_easy *data,
-                                    int transport,
+                                    uint8_t transport,
                                     int ssl_mode);
 
 /**
diff --git a/lib/getinfo.c b/lib/getinfo.c
index 6a16258b13..01c7279356 100644
--- a/lib/getinfo.c
+++ b/lib/getinfo.c
@@ -81,8 +81,6 @@ void Curl_initinfo(struct Curl_easy *data)
   info->wouldredirect = NULL;
 
   memset(&info->primary, 0, sizeof(info->primary));
-  info->primary.remote_port = -1;
-  info->primary.local_port = -1;
   info->retry_after = 0;
 
   info->conn_scheme = 0;
@@ -304,11 +302,17 @@ static CURLcode getinfo_long(struct Curl_easy *data, CURLINFO info,
     break;
   case CURLINFO_PRIMARY_PORT:
     /* Return the (remote) port of the most recent (primary) connection */
-    *param_longp = data->info.primary.remote_port;
+    if(CUR_IP_QUAD_HAS_PORTS(&data->info.primary))
+      *param_longp = data->info.primary.remote_port;
+    else
+      *param_longp = -1;
     break;
   case CURLINFO_LOCAL_PORT:
     /* Return the local port of the most recent (primary) connection */
-    *param_longp = data->info.primary.local_port;
+    if(CUR_IP_QUAD_HAS_PORTS(&data->info.primary))
+      *param_longp = data->info.primary.local_port;
+    else
+      *param_longp = -1;
     break;
   case CURLINFO_PROXY_ERROR:
     *param_longp = (long)data->info.pxcode;
diff --git a/lib/setopt.c b/lib/setopt.c
index fc95389312..36f447cdc5 100644
--- a/lib/setopt.c
+++ b/lib/setopt.c
@@ -1001,9 +1001,9 @@ static CURLcode setopt_long(struct Curl_easy *data, CURLoption option,
 #endif
 #ifndef CURL_DISABLE_PROXY
   case CURLOPT_PROXYPORT:
-    if((arg < 0) || (arg > 65535))
+    if((arg < 0) || (arg > UINT16_MAX))
       return CURLE_BAD_FUNCTION_ARGUMENT;
-    s->proxyport = (unsigned short)arg;
+    s->proxyport = (uint16_t)arg;
     break;
 
   case CURLOPT_PROXYAUTH:
diff --git a/lib/url.c b/lib/url.c
index b6a60feb38..e7f39d5471 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -2171,7 +2171,6 @@ static CURLcode parse_proxy(struct Curl_easy *data,
                             long proxytype)
 {
   char *portptr = NULL;
-  int port = -1;
   char *proxyuser = NULL;
   char *proxypasswd = NULL;
   char *host = NULL;
@@ -2293,24 +2292,23 @@ static CURLcode parse_proxy(struct Curl_easy *data,
   if(portptr) {
     curl_off_t num;
     const char *p = portptr;
-    if(!curlx_str_number(&p, &num, 0xffff))
-      port = (int)num;
+    if(!curlx_str_number(&p, &num, UINT16_MAX))
+      proxyinfo->port = (uint16_t)num;
+    /* Should we not error out when the port number is invalid? */
     free(portptr);
   }
   else {
     if(data->set.proxyport)
       /* None given in the proxy string, then get the default one if it is
          given */
-      port = (int)data->set.proxyport;
+      proxyinfo->port = data->set.proxyport;
     else {
       if(IS_HTTPS_PROXY(proxytype))
-        port = CURL_DEFAULT_HTTPS_PROXY_PORT;
+        proxyinfo->port = CURL_DEFAULT_HTTPS_PROXY_PORT;
       else
-        port = CURL_DEFAULT_PROXY_PORT;
+        proxyinfo->port = CURL_DEFAULT_PROXY_PORT;
     }
   }
-  if(port >= 0)
-    proxyinfo->port = port;
 
   /* now, clone the proxy hostname */
   uc = curl_url_get(uhp, CURLUPART_HOST, &host, CURLU_URLDECODE);
diff --git a/lib/urldata.h b/lib/urldata.h
index 37ecd1ff9d..debc2a3e0a 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -528,7 +528,7 @@ struct Curl_handler {
   CURLcode (*follow)(struct Curl_easy *data, const char *newurl,
                      followtype type);
 
-  int defport;            /* Default port. */
+  uint16_t defport;       /* Default port. */
   curl_prot_t protocol;   /* See CURLPROTO_* - this needs to be the single
                              specific protocol bit */
   curl_prot_t family;     /* single bit for protocol family; basically the
@@ -576,26 +576,32 @@ struct Curl_handler {
 #define CONNRESULT_NONE 0                /* No extra information. */
 #define CONNRESULT_DEAD (1<<0)           /* The connection is dead. */
 
-struct ip_quadruple {
-  char remote_ip[MAX_IPADR_LEN];
-  char local_ip[MAX_IPADR_LEN];
-  int remote_port;
-  int local_port;
-};
-
-struct proxy_info {
-  struct hostname host;
-  int port;
-  unsigned char proxytype; /* what kind of proxy that is in use */
-  char *user;    /* proxy username string, allocated */
-  char *passwd;  /* proxy password string, allocated */
-};
-
+#define TRNSPRT_NONE 0
 #define TRNSPRT_TCP 3
 #define TRNSPRT_UDP 4
 #define TRNSPRT_QUIC 5
 #define TRNSPRT_UNIX 6
 
+struct ip_quadruple {
+  char remote_ip[MAX_IPADR_LEN];
+  char local_ip[MAX_IPADR_LEN];
+  uint16_t remote_port;
+  uint16_t local_port;
+  uint8_t transport;
+};
+
+#define CUR_IP_QUAD_HAS_PORTS(x)  (((x)->transport == TRNSPRT_TCP) || \
+                                   ((x)->transport == TRNSPRT_UDP) || \
+                                   ((x)->transport == TRNSPRT_QUIC))
+
+struct proxy_info {
+  struct hostname host;
+  uint16_t port;
+  unsigned char proxytype; /* what kind of proxy that is in use */
+  char *user;    /* proxy username string, allocated */
+  char *passwd;  /* proxy password string, allocated */
+};
+
 /*
  * The connectdata struct contains all fields and variables that should be
  * unique for an entire connection.
@@ -1364,7 +1370,7 @@ struct UserDefined {
 #ifndef CURL_DISABLE_PROXY
   struct ssl_config_data proxy_ssl;  /* user defined SSL stuff for proxy */
   struct curl_slist *proxyheaders; /* linked list of extra CONNECT headers */
-  unsigned short proxyport; /* If non-zero, use this port number by
+  uint16_t proxyport;       /* If non-zero, use this port number by
                                default. If the proxy string features a
                                ":[port]" that one will override this. */
   unsigned char proxytype; /* what kind of proxy */
diff --git a/lib/vquic/vquic.c b/lib/vquic/vquic.c
index aa0011c577..8b4d678d81 100644
--- a/lib/vquic/vquic.c
+++ b/lib/vquic/vquic.c
@@ -687,7 +687,7 @@ CURLcode Curl_cf_quic_create(struct Curl_cfilter **pcf,
                              struct Curl_easy *data,
                              struct connectdata *conn,
                              const struct Curl_addrinfo *ai,
-                             int transport)
+                             uint8_t transport)
 {
   (void)transport;
   DEBUGASSERT(transport == TRNSPRT_QUIC);
diff --git a/lib/vquic/vquic.h b/lib/vquic/vquic.h
index 0f81334f29..fd2dac7c22 100644
--- a/lib/vquic/vquic.h
+++ b/lib/vquic/vquic.h
@@ -45,7 +45,7 @@ CURLcode Curl_cf_quic_create(struct Curl_cfilter **pcf,
                              struct Curl_easy *data,
                              struct connectdata *conn,
                              const struct Curl_addrinfo *ai,
-                             int transport);
+                             uint8_t transport);
 
 extern struct Curl_cftype Curl_cft_http3;
 
diff --git a/tests/http/test_01_basic.py b/tests/http/test_01_basic.py
index aa94238c3f..14a8dec957 100644
--- a/tests/http/test_01_basic.py
+++ b/tests/http/test_01_basic.py
@@ -96,6 +96,9 @@ class TestBasic:
         # there are cases where time_connect is reported as 0
         assert r.stats[0]['time_connect'] >= 0, f'{r.stats[0]}'
         assert r.stats[0]['time_appconnect'] > 0, f'{r.stats[0]}'
+        # ports are reported correctly
+        assert r.stats[0]['remote_port'] == env.port_for(proto), f'{r.dump_logs()}'
+        assert r.stats[0]['local_port'] > 0, f'{r.dump_logs()}'
 
     # simple https: HEAD
     @pytest.mark.parametrize("proto", Env.http_protos())
diff --git a/tests/http/test_11_unix.py b/tests/http/test_11_unix.py
index 2f2db483f4..1432797da2 100644
--- a/tests/http/test_11_unix.py
+++ b/tests/http/test_11_unix.py
@@ -109,6 +109,8 @@ class TestUnix:
                                  '--unix-socket', uds_faker.path,
                                ])
         r.check_response(count=1, http_status=200)
+        assert r.stats[0]['remote_port'] == -1, f'{r.dump_logs()}'
+        assert r.stats[0]['local_port'] == -1, f'{r.dump_logs()}'
 
     # download https: via Unix socket
     @pytest.mark.skipif(condition=not Env.have_ssl_curl(), reason="curl without SSL")
@@ -120,6 +122,8 @@ class TestUnix:
                                  '--unix-socket', uds_faker.path,
                                ])
         r.check_response(exitcode=35, http_status=None)
+        assert r.stats[0]['remote_port'] == -1, f'{r.dump_logs()}'
+        assert r.stats[0]['local_port'] == -1, f'{r.dump_logs()}'
 
     # download HTTP/3 via Unix socket
     @pytest.mark.skipif(condition=not Env.have_h3(), reason='h3 not supported')
@@ -132,3 +136,5 @@ class TestUnix:
                                  '--unix-socket', uds_faker.path,
                                ])
         r.check_response(exitcode=96, http_status=None)
+        assert r.stats[0]['remote_port'] == -1, f'{r.dump_logs()}'
+        assert r.stats[0]['local_port'] == -1, f'{r.dump_logs()}'
diff --git a/tests/unit/unit1607.c b/tests/unit/unit1607.c
index 3e4d53d0be..f60b5b58a1 100644
--- a/tests/unit/unit1607.c
+++ b/tests/unit/unit1607.c
@@ -141,7 +141,7 @@ static CURLcode test_unit1607(const char *arg)
     addr = dns ? dns->addr : NULL;
 
     for(j = 0; j < addressnum; ++j) {
-      int port = 0;
+      uint16_t port = 0;
       char ipaddress[MAX_IPADR_LEN] = {0};
 
       if(!addr && !tests[i].address[j])
diff --git a/tests/unit/unit1609.c b/tests/unit/unit1609.c
index f3f318f2cf..2a3098c6ef 100644
--- a/tests/unit/unit1609.c
+++ b/tests/unit/unit1609.c
@@ -143,7 +143,7 @@ static CURLcode test_unit1609(const char *arg)
     addr = dns ? dns->addr : NULL;
 
     for(j = 0; j < addressnum; ++j) {
-      int port = 0;
+      uint16_t port = 0;
       char ipaddress[MAX_IPADR_LEN] = {0};
 
       if(!addr && !tests[i].address[j])
diff --git a/tests/unit/unit2600.c b/tests/unit/unit2600.c
index 6a03c438dc..f2adc50edd 100644
--- a/tests/unit/unit2600.c
+++ b/tests/unit/unit2600.c
@@ -110,7 +110,7 @@ static int test_idx;
 struct cf_test_ctx {
   int idx;
   int ai_family;
-  int transport;
+  uint8_t transport;
   char id[16];
   struct curltime started;
   timediff_t fail_delay_ms;
@@ -166,7 +166,7 @@ static CURLcode cf_test_create(struct Curl_cfilter **pcf,
                                struct Curl_easy *data,
                                struct connectdata *conn,
                                const struct Curl_addrinfo *ai,
-                               int transport)
+                               uint8_t transport)
 {
   static const struct Curl_cftype cft_test = {
     "TEST",

From fd5a117a6715326749b0e0d18362c50d767e8268 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Thu, 27 Nov 2025 12:50:04 +0100
Subject: [PATCH 1020/2408] ws: use uint8_t

Convert `unsigned char` use to `uint8_t`.

Closes #19721
---
 lib/ws.c | 82 ++++++++++++++++++++++++++++----------------------------
 1 file changed, 41 insertions(+), 41 deletions(-)

diff --git a/lib/ws.c b/lib/ws.c
index b5c02bda95..36191b2fac 100644
--- a/lib/ws.c
+++ b/lib/ws.c
@@ -91,7 +91,7 @@ struct ws_decoder {
   int frame_flags;      /* See the CURLWS_* defines */
   curl_off_t payload_offset;   /* the offset parsing is at */
   curl_off_t payload_len;
-  unsigned char head[10];
+  uint8_t head[10];
   int head_len, head_total;
   enum ws_dec_state state;
   int cont_flags;
@@ -103,8 +103,8 @@ struct ws_encoder {
   curl_off_t payload_len;  /* payload length of current frame */
   curl_off_t payload_remain;  /* remaining payload of current */
   unsigned int xori; /* xor index */
-  unsigned char mask[4]; /* 32-bit mask for this connection */
-  unsigned char firstbyte; /* first byte of frame we encode */
+  uint8_t mask[4]; /* 32-bit mask for this connection */
+  uint8_t firstbyte; /* first byte of frame we encode */
   BIT(contfragment); /* set TRUE if the previous fragment sent was not final */
 };
 
@@ -114,7 +114,7 @@ struct ws_encoder {
 struct ws_cntrl_frame {
   unsigned int type;
   size_t payload_len;
-  unsigned char payload[WS_MAX_CNTRL_LEN];
+  uint8_t payload[WS_MAX_CNTRL_LEN];
 };
 
 /* A websocket connection with en- and decoder that treat frames
@@ -131,7 +131,7 @@ struct websocket {
 };
 
 
-static const char *ws_frame_name_of_op(unsigned char firstbyte)
+static const char *ws_frame_name_of_op(uint8_t firstbyte)
 {
   switch(firstbyte & WSBIT_OPCODE_MASK) {
     case WSBIT_OPCODE_CONT:
@@ -152,7 +152,7 @@ static const char *ws_frame_name_of_op(unsigned char firstbyte)
 }
 
 static int ws_frame_firstbyte2flags(struct Curl_easy *data,
-                                    unsigned char firstbyte, int cont_flags)
+                                    uint8_t firstbyte, int cont_flags)
 {
   switch(firstbyte) {
     /* 0x00 - intermediate TEXT/BINARY fragment */
@@ -233,7 +233,7 @@ static int ws_frame_firstbyte2flags(struct Curl_easy *data,
 static CURLcode ws_frame_flags2firstbyte(struct Curl_easy *data,
                                          unsigned int flags,
                                          bool contfragment,
-                                         unsigned char *pfirstbyte)
+                                         uint8_t *pfirstbyte)
 {
   *pfirstbyte = 0;
   switch(flags & ~CURLWS_OFFSET) {
@@ -326,7 +326,7 @@ static CURLcode ws_send_raw_blocking(struct Curl_easy *data,
                                      struct websocket *ws,
                                      const char *buffer, size_t buflen);
 
-typedef CURLcode ws_write_payload(const unsigned char *buf, size_t buflen,
+typedef CURLcode ws_write_payload(const uint8_t *buf, size_t buflen,
                                   int frame_age, int frame_flags,
                                   curl_off_t payload_offset,
                                   curl_off_t payload_len,
@@ -364,7 +364,7 @@ static CURLcode ws_dec_read_head(struct ws_decoder *dec,
                                  struct Curl_easy *data,
                                  struct bufq *inraw)
 {
-  const unsigned char *inbuf;
+  const uint8_t *inbuf;
   size_t inlen;
 
   while(Curl_bufq_peek(inraw, &inbuf, &inlen)) {
@@ -486,7 +486,7 @@ static CURLcode ws_dec_pass_payload(struct ws_decoder *dec,
                                     ws_write_payload *write_cb,
                                     void *write_ctx)
 {
-  const unsigned char *inbuf;
+  const uint8_t *inbuf;
   size_t inlen;
   size_t nwritten;
   CURLcode result;
@@ -544,7 +544,7 @@ static CURLcode ws_dec_pass(struct ws_decoder *dec,
     dec->state = WS_DEC_PAYLOAD;
     if(dec->payload_len == 0) {
       size_t nwritten;
-      const unsigned char tmp = '\0';
+      const uint8_t tmp = '\0';
       /* special case of a 0 length frame, need to write once */
       result = write_cb(&tmp, 0, dec->frame_age, dec->frame_flags,
                         0, 0, write_ctx, &nwritten);
@@ -617,7 +617,7 @@ static CURLcode ws_flush(struct Curl_easy *data, struct websocket *ws,
                          bool blocking);
 static CURLcode ws_enc_send(struct Curl_easy *data,
                             struct websocket *ws,
-                            const unsigned char *buffer,
+                            const uint8_t *buffer,
                             size_t buflen,
                             curl_off_t fragsize,
                             unsigned int flags,
@@ -627,7 +627,7 @@ static CURLcode ws_enc_add_pending(struct Curl_easy *data,
 
 static CURLcode ws_enc_add_cntrl(struct Curl_easy *data,
                                  struct websocket *ws,
-                                 const unsigned char *payload,
+                                 const uint8_t *payload,
                                  size_t plen,
                                  unsigned int frame_type)
 {
@@ -663,7 +663,7 @@ static curl_off_t ws_payload_remain(curl_off_t payload_total,
   return remain - buffered;
 }
 
-static CURLcode ws_cw_dec_next(const unsigned char *buf, size_t buflen,
+static CURLcode ws_cw_dec_next(const uint8_t *buf, size_t buflen,
                                int frame_age, int frame_flags,
                                curl_off_t payload_offset,
                                curl_off_t payload_len,
@@ -729,7 +729,7 @@ static CURLcode ws_cw_write(struct Curl_easy *data,
 
   if(nbytes) {
     size_t nwritten;
-    result = Curl_bufq_write(&ctx->buf, (const unsigned char *)buf,
+    result = Curl_bufq_write(&ctx->buf, (const uint8_t *)buf,
                              nbytes, &nwritten);
     if(result) {
       infof(data, "[WS] error adding data to buffer %d", result);
@@ -827,8 +827,8 @@ static CURLcode ws_enc_add_frame(struct Curl_easy *data,
                                  curl_off_t payload_len,
                                  struct bufq *out)
 {
-  unsigned char firstb = 0;
-  unsigned char head[14];
+  uint8_t firstb = 0;
+  uint8_t head[14];
   CURLcode result;
   size_t hlen, nwritten;
 
@@ -871,24 +871,24 @@ static CURLcode ws_enc_add_frame(struct Curl_easy *data,
   head[0] = enc->firstbyte = firstb;
   if(payload_len > 65535) {
     head[1] = 127 | WSBIT_MASK;
-    head[2] = (unsigned char)((payload_len >> 56) & 0xff);
-    head[3] = (unsigned char)((payload_len >> 48) & 0xff);
-    head[4] = (unsigned char)((payload_len >> 40) & 0xff);
-    head[5] = (unsigned char)((payload_len >> 32) & 0xff);
-    head[6] = (unsigned char)((payload_len >> 24) & 0xff);
-    head[7] = (unsigned char)((payload_len >> 16) & 0xff);
-    head[8] = (unsigned char)((payload_len >> 8) & 0xff);
-    head[9] = (unsigned char)(payload_len & 0xff);
+    head[2] = (uint8_t)((payload_len >> 56) & 0xff);
+    head[3] = (uint8_t)((payload_len >> 48) & 0xff);
+    head[4] = (uint8_t)((payload_len >> 40) & 0xff);
+    head[5] = (uint8_t)((payload_len >> 32) & 0xff);
+    head[6] = (uint8_t)((payload_len >> 24) & 0xff);
+    head[7] = (uint8_t)((payload_len >> 16) & 0xff);
+    head[8] = (uint8_t)((payload_len >> 8) & 0xff);
+    head[9] = (uint8_t)(payload_len & 0xff);
     hlen = 10;
   }
   else if(payload_len >= 126) {
     head[1] = 126 | WSBIT_MASK;
-    head[2] = (unsigned char)((payload_len >> 8) & 0xff);
-    head[3] = (unsigned char)(payload_len & 0xff);
+    head[2] = (uint8_t)((payload_len >> 8) & 0xff);
+    head[3] = (uint8_t)(payload_len & 0xff);
     hlen = 4;
   }
   else {
-    head[1] = (unsigned char)payload_len | WSBIT_MASK;
+    head[1] = (uint8_t)payload_len | WSBIT_MASK;
     hlen = 2;
   }
 
@@ -897,7 +897,7 @@ static CURLcode ws_enc_add_frame(struct Curl_easy *data,
 
   /* 4 bytes random */
 
-  result = Curl_rand(data, (unsigned char *)&enc->mask, sizeof(enc->mask));
+  result = Curl_rand(data, (uint8_t *)&enc->mask, sizeof(enc->mask));
   if(result)
     return result;
 
@@ -943,7 +943,7 @@ static CURLcode ws_enc_write_head(struct Curl_easy *data,
 
 static CURLcode ws_enc_write_payload(struct ws_encoder *enc,
                                      struct Curl_easy *data,
-                                     const unsigned char *buf, size_t buflen,
+                                     const uint8_t *buf, size_t buflen,
                                      struct bufq *out, size_t *pnwritten)
 {
   CURLcode result;
@@ -960,7 +960,7 @@ static CURLcode ws_enc_write_payload(struct ws_encoder *enc,
     len = remain;
 
   for(i = 0; i < len; ++i) {
-    unsigned char c = buf[i] ^ enc->mask[enc->xori];
+    uint8_t c = buf[i] ^ enc->mask[enc->xori];
     result = Curl_bufq_write(out, &c, 1, &n);
     if(result) {
       if((result != CURLE_AGAIN) || !i)
@@ -1020,7 +1020,7 @@ out:
 
 static CURLcode ws_enc_send(struct Curl_easy *data,
                             struct websocket *ws,
-                            const unsigned char *buffer,
+                            const uint8_t *buffer,
                             size_t buflen,
                             curl_off_t fragsize,
                             unsigned int flags,
@@ -1198,7 +1198,7 @@ static CURLcode cr_ws_read(struct Curl_easy *data,
         goto out;
     }
 
-    result = ws_enc_write_payload(&ws->enc, data, (unsigned char *)buf,
+    result = ws_enc_write_payload(&ws->enc, data, (uint8_t *)buf,
                                   nread, &ws->sendbuf, &n);
     if(result)
       goto out;
@@ -1244,7 +1244,7 @@ CURLcode Curl_ws_request(struct Curl_easy *data, struct dynbuf *req)
 {
   unsigned int i;
   CURLcode result = CURLE_OK;
-  unsigned char rand[16];
+  uint8_t rand[16];
   char *randstr;
   size_t randlen;
   char keyval[40];
@@ -1273,7 +1273,7 @@ CURLcode Curl_ws_request(struct Curl_easy *data, struct dynbuf *req)
   heads[2].val = &keyval[0];
 
   /* 16 bytes random */
-  result = Curl_rand(data, (unsigned char *)rand, sizeof(rand));
+  result = Curl_rand(data, rand, sizeof(rand));
   if(result)
     return result;
   result = curlx_base64_encode((char *)rand, sizeof(rand), &randstr, &randlen);
@@ -1393,7 +1393,7 @@ CURLcode Curl_ws_accept(struct Curl_easy *data,
     /* In CONNECT_ONLY setup, the payloads from `mem` need to be received
      * when using `curl_ws_recv` later on after this transfer is already
      * marked as DONE. */
-    result = Curl_bufq_write(&ws->recvbuf, (const unsigned char *)mem,
+    result = Curl_bufq_write(&ws->recvbuf, (const uint8_t *)mem,
                              nread, &nwritten);
     if(result)
       goto out;
@@ -1452,7 +1452,7 @@ out:
 struct ws_collect {
   struct Curl_easy *data;
   struct websocket *ws;
-  unsigned char *buffer;
+  uint8_t *buffer;
   size_t buflen;
   size_t bufidx;
   int frame_age;
@@ -1462,7 +1462,7 @@ struct ws_collect {
   bool written;
 };
 
-static CURLcode ws_client_collect(const unsigned char *buf, size_t buflen,
+static CURLcode ws_client_collect(const uint8_t *buf, size_t buflen,
                                   int frame_age, int frame_flags,
                                   curl_off_t payload_offset,
                                   curl_off_t payload_len,
@@ -1519,7 +1519,7 @@ static CURLcode ws_client_collect(const unsigned char *buf, size_t buflen,
 }
 
 static CURLcode nw_in_recv(void *reader_ctx,
-                           unsigned char *buf, size_t buflen,
+                           uint8_t *buf, size_t buflen,
                            size_t *pnread)
 {
   struct Curl_easy *data = reader_ctx;
@@ -1628,7 +1628,7 @@ static CURLcode ws_flush(struct Curl_easy *data, struct websocket *ws,
 {
   if(!Curl_bufq_is_empty(&ws->sendbuf)) {
     CURLcode result;
-    const unsigned char *out;
+    const uint8_t *out;
     size_t outlen, n;
 #ifdef DEBUGBUILD
     /* Simulate a blocking send after this chunk has been sent */
@@ -1766,7 +1766,7 @@ CURLcode curl_ws_send(CURL *d, const void *buffer_arg,
                       unsigned int flags)
 {
   struct websocket *ws;
-  const unsigned char *buffer = buffer_arg;
+  const uint8_t *buffer = buffer_arg;
   CURLcode result = CURLE_OK;
   struct Curl_easy *data = d;
   size_t ndummy;

From bbb929112b13643842eb9dbfa060bd83a5b5cf03 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Thu, 27 Nov 2025 13:18:09 +0100
Subject: [PATCH 1021/2408] curlx_base64_encode: use uint8_t* for input

Change `inputbuff` parameter from `const char *` to `const uint8_t *` to
reflect the binary nature of the input bytes. Half the code was casting
unsigned char to signed already in calling.

Closes #19722
---
 lib/curl_sasl.c         |  2 +-
 lib/curlx/base64.c      | 10 +++++-----
 lib/curlx/base64.h      |  6 +++---
 lib/http.c              |  3 ++-
 lib/http2.c             |  3 +--
 lib/http_ntlm.c         |  4 ++--
 lib/ldap.c              |  3 ++-
 lib/openldap.c          |  3 ++-
 lib/vauth/digest.c      |  2 +-
 lib/vauth/spnego_sspi.c |  2 +-
 lib/vssh/libssh2.c      |  2 +-
 lib/vtls/openssl.c      |  4 ++--
 lib/vtls/vtls.c         |  2 +-
 lib/vtls/wolfssl.c      |  2 +-
 lib/vtls/x509asn1.c     |  2 +-
 lib/ws.c                |  2 +-
 src/tool_ssls.c         |  4 ++--
 src/var.c               |  2 +-
 tests/unit/unit1302.c   |  5 +++--
 19 files changed, 33 insertions(+), 30 deletions(-)

diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c
index 1c9f259de4..f6ec668bfd 100644
--- a/lib/curl_sasl.c
+++ b/lib/curl_sasl.c
@@ -267,7 +267,7 @@ static CURLcode build_message(struct SASL *sasl, struct bufref *msg)
       char *base64;
       size_t base64len;
 
-      result = curlx_base64_encode((const char *) Curl_bufref_ptr(msg),
+      result = curlx_base64_encode(Curl_bufref_ptr(msg),
                                    Curl_bufref_len(msg), &base64, &base64len);
       if(!result)
         Curl_bufref_set(msg, base64, base64len, curl_free);
diff --git a/lib/curlx/base64.c b/lib/curlx/base64.c
index ef07243dd3..3fcd709d1c 100644
--- a/lib/curlx/base64.c
+++ b/lib/curlx/base64.c
@@ -66,7 +66,7 @@ static const unsigned char decodetable[] =
  * @unittest: 1302
  */
 CURLcode curlx_base64_decode(const char *src,
-                             unsigned char **outptr, size_t *outlen)
+                             uint8_t **outptr, size_t *outlen)
 {
   size_t srclen = 0;
   size_t padding = 0;
@@ -170,8 +170,8 @@ bad:
 }
 
 static CURLcode base64_encode(const char *table64,
-                              unsigned char padbyte,
-                              const char *inputbuff, size_t insize,
+                              uint8_t padbyte,
+                              const uint8_t *inputbuff, size_t insize,
                               char **outptr, size_t *outlen)
 {
   char *output;
@@ -245,7 +245,7 @@ static CURLcode base64_encode(const char *table64,
  *
  * @unittest: 1302
  */
-CURLcode curlx_base64_encode(const char *inputbuff, size_t insize,
+CURLcode curlx_base64_encode(const uint8_t *inputbuff, size_t insize,
                              char **outptr, size_t *outlen)
 {
   return base64_encode(Curl_base64encdec, '=',
@@ -267,7 +267,7 @@ CURLcode curlx_base64_encode(const char *inputbuff, size_t insize,
  *
  * @unittest: 1302
  */
-CURLcode curlx_base64url_encode(const char *inputbuff, size_t insize,
+CURLcode curlx_base64url_encode(const uint8_t *inputbuff, size_t insize,
                                 char **outptr, size_t *outlen)
 {
   return base64_encode(base64url, 0, inputbuff, insize, outptr, outlen);
diff --git a/lib/curlx/base64.h b/lib/curlx/base64.h
index 31cfcb36e7..3c97ecc9fe 100644
--- a/lib/curlx/base64.h
+++ b/lib/curlx/base64.h
@@ -24,12 +24,12 @@
  *
  ***************************************************************************/
 
-CURLcode curlx_base64_encode(const char *inputbuff, size_t insize,
+CURLcode curlx_base64_encode(const uint8_t *inputbuff, size_t insize,
                              char **outptr, size_t *outlen);
-CURLcode curlx_base64url_encode(const char *inputbuff, size_t insize,
+CURLcode curlx_base64url_encode(const uint8_t *inputbuff, size_t insize,
                                 char **outptr, size_t *outlen);
 CURLcode curlx_base64_decode(const char *src,
-                             unsigned char **outptr, size_t *outlen);
+                             uint8_t **outptr, size_t *outlen);
 
 extern const char Curl_base64encdec[];
 
diff --git a/lib/http.c b/lib/http.c
index 0319be3b65..672183db0e 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -367,7 +367,8 @@ static CURLcode http_output_basic(struct Curl_easy *data, bool proxy)
   if(!out)
     return CURLE_OUT_OF_MEMORY;
 
-  result = curlx_base64_encode(out, strlen(out), &authorization, &size);
+  result = curlx_base64_encode((uint8_t *)out, strlen(out),
+                               &authorization, &size);
   if(result)
     goto fail;
 
diff --git a/lib/http2.c b/lib/http2.c
index 4f5f5ea52d..4f49efe768 100644
--- a/lib/http2.c
+++ b/lib/http2.c
@@ -1847,8 +1847,7 @@ CURLcode Curl_http2_request_upgrade(struct dynbuf *req,
     return CURLE_FAILED_INIT;
   }
 
-  result = curlx_base64url_encode((const char *)binsettings, binlen,
-                                  &base64, &blen);
+  result = curlx_base64url_encode(binsettings, binlen, &base64, &blen);
   if(result) {
     curlx_dyn_free(req);
     return result;
diff --git a/lib/http_ntlm.c b/lib/http_ntlm.c
index fa375b49bf..8cb6403fdb 100644
--- a/lib/http_ntlm.c
+++ b/lib/http_ntlm.c
@@ -205,7 +205,7 @@ CURLcode Curl_output_ntlm(struct Curl_easy *data, bool proxy)
                                                  hostname, ntlm, &ntlmmsg);
     if(!result) {
       DEBUGASSERT(Curl_bufref_len(&ntlmmsg) != 0);
-      result = curlx_base64_encode((const char *) Curl_bufref_ptr(&ntlmmsg),
+      result = curlx_base64_encode(Curl_bufref_ptr(&ntlmmsg),
                                   Curl_bufref_len(&ntlmmsg), &base64, &len);
       if(!result) {
         free(*allocuserpwd);
@@ -224,7 +224,7 @@ CURLcode Curl_output_ntlm(struct Curl_easy *data, bool proxy)
     result = Curl_auth_create_ntlm_type3_message(data, userp, passwdp,
                                                  ntlm, &ntlmmsg);
     if(!result && Curl_bufref_len(&ntlmmsg)) {
-      result = curlx_base64_encode((const char *) Curl_bufref_ptr(&ntlmmsg),
+      result = curlx_base64_encode(Curl_bufref_ptr(&ntlmmsg),
                                    Curl_bufref_len(&ntlmmsg), &base64, &len);
       if(!result) {
         free(*allocuserpwd);
diff --git a/lib/ldap.c b/lib/ldap.c
index fa1a4a4d25..7f2af36643 100644
--- a/lib/ldap.c
+++ b/lib/ldap.c
@@ -626,7 +626,8 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done)
              curl_strequal(";binary", attr + (attr_len - 7)) ) {
             /* Binary attribute, encode to base64. */
             if(vals[i]->bv_len) {
-              result = curlx_base64_encode(vals[i]->bv_val, vals[i]->bv_len,
+              result = curlx_base64_encode((uint8_t *)vals[i]->bv_val,
+                                           vals[i]->bv_len,
                                            &val_b64, &val_b64_sz);
               if(result) {
                 ldap_value_free_len(vals);
diff --git a/lib/openldap.c b/lib/openldap.c
index 41419df21b..806ccb33cc 100644
--- a/lib/openldap.c
+++ b/lib/openldap.c
@@ -1213,7 +1213,8 @@ static CURLcode oldap_recv(struct Curl_easy *data, int sockindex, char *buf,
 
           /* Binary value, encode to base64. */
           if(bvals[i].bv_len)
-            result = curlx_base64_encode(bvals[i].bv_val, bvals[i].bv_len,
+            result = curlx_base64_encode((uint8_t *)bvals[i].bv_val,
+                                         bvals[i].bv_len,
                                          &val_b64, &val_b64_sz);
           if(!result)
             result = client_write(data, STRCONST(": "), val_b64, val_b64_sz,
diff --git a/lib/vauth/digest.c b/lib/vauth/digest.c
index c1c0ab2ab2..16045707fd 100644
--- a/lib/vauth/digest.c
+++ b/lib/vauth/digest.c
@@ -710,7 +710,7 @@ static CURLcode auth_create_digest_http_message(
     if(result)
       return result;
 
-    result = curlx_base64_encode(cnoncebuf, sizeof(cnoncebuf),
+    result = curlx_base64_encode((uint8_t *)cnoncebuf, sizeof(cnoncebuf),
                                  &cnonce, &cnonce_sz);
     if(result)
       return result;
diff --git a/lib/vauth/spnego_sspi.c b/lib/vauth/spnego_sspi.c
index 9cf554d3b0..b36535557b 100644
--- a/lib/vauth/spnego_sspi.c
+++ b/lib/vauth/spnego_sspi.c
@@ -301,7 +301,7 @@ CURLcode Curl_auth_create_spnego_message(struct negotiatedata *nego,
                                          char **outptr, size_t *outlen)
 {
   /* Base64 encode the already generated response */
-  CURLcode result = curlx_base64_encode((const char *)nego->output_token,
+  CURLcode result = curlx_base64_encode(nego->output_token,
                                         nego->output_token_length, outptr,
                                         outlen);
   if(!result && (!*outptr || !*outlen)) {
diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c
index 1c9fe5ac01..e4ceda8c34 100644
--- a/lib/vssh/libssh2.c
+++ b/lib/vssh/libssh2.c
@@ -602,7 +602,7 @@ static CURLcode ssh_check_fingerprint(struct Curl_easy *data,
 
     /* The length of fingerprint is 32 bytes for SHA256.
      * See libssh2_hostkey_hash documentation. */
-    if(curlx_base64_encode(fingerprint, 32, &fingerprint_b64,
+    if(curlx_base64_encode((const uint8_t *)fingerprint, 32, &fingerprint_b64,
                            &fingerprint_b64_len) != CURLE_OK) {
       myssh_state(data, sshc, SSH_SESSION_FREE);
       return CURLE_PEER_FAILED_VERIFICATION;
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 2f526479c5..7ff5698e7c 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -4132,7 +4132,7 @@ static void ossl_trace_ech_retry_configs(struct Curl_easy *data, SSL* ssl,
   int rv = 1;
 # ifndef HAVE_BORINGSSL_LIKE
   char *inner = NULL;
-  unsigned char *rcs = NULL;
+  uint8_t *rcs = NULL;
   char *outer = NULL;
 # else
   const char *inner = NULL;
@@ -4156,7 +4156,7 @@ static void ossl_trace_ech_retry_configs(struct Curl_easy *data, SSL* ssl,
     char *b64str = NULL;
     size_t blen = 0;
 
-    result = curlx_base64_encode((const char *)rcs, rcl, &b64str, &blen);
+    result = curlx_base64_encode(rcs, rcl, &b64str, &blen);
     if(!result && b64str) {
       infof(data, "ECH: retry_configs %s", b64str);
       free(b64str);
diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
index d116ec91ed..9c76ca7ed3 100644
--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
@@ -790,7 +790,7 @@ CURLcode Curl_pin_peer_pubkey(struct Curl_easy *data,
                                  sha256sumdigest, CURL_SHA256_DIGEST_LENGTH);
 
     if(!encode)
-      encode = curlx_base64_encode((char *)sha256sumdigest,
+      encode = curlx_base64_encode(sha256sumdigest,
                                    CURL_SHA256_DIGEST_LENGTH,
                                    &cert_hash, &cert_hash_len);
     Curl_safefree(sha256sumdigest);
diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c
index c8fc8c4add..e622f909e5 100644
--- a/lib/vtls/wolfssl.c
+++ b/lib/vtls/wolfssl.c
@@ -1816,7 +1816,7 @@ static CURLcode wssl_handshake(struct Curl_cfilter *cf,
         char *b64str = NULL;
         size_t blen = 0;
 
-        result = curlx_base64_encode((const char *)echConfigs, echConfigsLen,
+        result = curlx_base64_encode(echConfigs, echConfigsLen,
                                      &b64str, &blen);
         if(!result && b64str)
           infof(data, "ECH: (not yet) retry_configs %s", b64str);
diff --git a/lib/vtls/x509asn1.c b/lib/vtls/x509asn1.c
index 96eb512b90..417a5382d8 100644
--- a/lib/vtls/x509asn1.c
+++ b/lib/vtls/x509asn1.c
@@ -1228,7 +1228,7 @@ CURLcode Curl_extract_certinfo(struct Curl_easy *data,
   curlx_dyn_reset(&out);
 
   /* Generate PEM certificate. */
-  result = curlx_base64_encode(cert.certificate.beg,
+  result = curlx_base64_encode((const uint8_t *)cert.certificate.beg,
                                cert.certificate.end - cert.certificate.beg,
                                &certptr, &clen);
   if(result)
diff --git a/lib/ws.c b/lib/ws.c
index 36191b2fac..15dc2e9aea 100644
--- a/lib/ws.c
+++ b/lib/ws.c
@@ -1276,7 +1276,7 @@ CURLcode Curl_ws_request(struct Curl_easy *data, struct dynbuf *req)
   result = Curl_rand(data, rand, sizeof(rand));
   if(result)
     return result;
-  result = curlx_base64_encode((char *)rand, sizeof(rand), &randstr, &randlen);
+  result = curlx_base64_encode(rand, sizeof(rand), &randstr, &randlen);
   if(result)
     return result;
   DEBUGASSERT(randlen < sizeof(keyval));
diff --git a/src/tool_ssls.c b/src/tool_ssls.c
index 40e67a8044..2b67be9baa 100644
--- a/src/tool_ssls.c
+++ b/src/tool_ssls.c
@@ -159,7 +159,7 @@ static CURLcode tool_ssls_exp(CURL *easy, void *userptr,
           "# This file was generated by libcurl! Edit at your own risk.\n",
           ctx->fp);
 
-  r = curlx_base64_encode((const char *)shmac, shmac_len, &enc, &enc_len);
+  r = curlx_base64_encode(shmac, shmac_len, &enc, &enc_len);
   if(r)
     goto out;
   r = CURLE_WRITE_ERROR;
@@ -168,7 +168,7 @@ static CURLcode tool_ssls_exp(CURL *easy, void *userptr,
   if(EOF == fputc(':', ctx->fp))
     goto out;
   tool_safefree(enc);
-  r = curlx_base64_encode((const char *)sdata, sdata_len, &enc, &enc_len);
+  r = curlx_base64_encode(sdata, sdata_len, &enc, &enc_len);
   if(r)
     goto out;
   r = CURLE_WRITE_ERROR;
diff --git a/src/var.c b/src/var.c
index 94d79695ac..5cedf1d24a 100644
--- a/src/var.c
+++ b/src/var.c
@@ -150,7 +150,7 @@ static ParameterError varfunc(char *c, /* content */
       if(clen) {
         char *enc;
         size_t elen;
-        CURLcode result = curlx_base64_encode(c, clen, &enc, &elen);
+        CURLcode result = curlx_base64_encode((uint8_t *)c, clen, &enc, &elen);
         if(result) {
           err = PARAM_NO_MEM;
           break;
diff --git a/tests/unit/unit1302.c b/tests/unit/unit1302.c
index 2c4404d727..911432a8c8 100644
--- a/tests/unit/unit1302.c
+++ b/tests/unit/unit1302.c
@@ -133,7 +133,7 @@ static CURLcode test_unit1302(const char *arg)
     size_t dlen;
 
     /* first encode */
-    rc = curlx_base64_encode(e->input, e->ilen, &out, &olen);
+    rc = curlx_base64_encode((const uint8_t *)e->input, e->ilen, &out, &olen);
     abort_unless(rc == CURLE_OK, "return code should be CURLE_OK");
     abort_unless(olen == e->olen, "wrong output size");
     if(memcmp(out, e->output, e->olen)) {
@@ -166,7 +166,8 @@ static CURLcode test_unit1302(const char *arg)
     struct etest *e = &url[i];
     char *out;
     size_t olen;
-    rc = curlx_base64url_encode(e->input, e->ilen, &out, &olen);
+    rc = curlx_base64url_encode((const uint8_t *)e->input, e->ilen,
+                                &out, &olen);
     abort_unless(rc == CURLE_OK, "return code should be CURLE_OK");
     if(olen != e->olen) {
       curl_mfprintf(stderr, "Test %u URL encoded output length %zu "

From 71e9920fcd2683bc63ba1f227307560010ce7deb Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 27 Nov 2025 14:19:48 +0100
Subject: [PATCH 1022/2408] GHA: add timeouts to mitigate hung brew install
 step

Ref: https://github.com/curl/curl/actions/runs/19736703410/job/56550251534?pr=19723

Closes #19726
---
 .github/workflows/checksrc.yml           | 2 ++
 .github/workflows/configure-vs-cmake.yml | 1 +
 .github/workflows/distcheck.yml          | 1 +
 .github/workflows/macos.yml              | 2 ++
 4 files changed, 6 insertions(+)

diff --git a/.github/workflows/checksrc.yml b/.github/workflows/checksrc.yml
index 2f7b0b0e94..d3ef758b48 100644
--- a/.github/workflows/checksrc.yml
+++ b/.github/workflows/checksrc.yml
@@ -73,6 +73,7 @@ jobs:
           .github/scripts/codespell.sh
 
       - name: 'typos'
+        timeout-minutes: 2
         run: |
           HOMEBREW_NO_AUTO_UPDATE=1 /home/linuxbrew/.linuxbrew/bin/brew install typos-cli
           eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"
@@ -148,6 +149,7 @@ jobs:
     timeout-minutes: 5
     steps:
       - name: 'install prereqs'
+        timeout-minutes: 2
         run: HOMEBREW_NO_AUTO_UPDATE=1 /home/linuxbrew/.linuxbrew/bin/brew install actionlint shellcheck zizmor
 
       - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
diff --git a/.github/workflows/configure-vs-cmake.yml b/.github/workflows/configure-vs-cmake.yml
index 53775a44fd..778b306b65 100644
--- a/.github/workflows/configure-vs-cmake.yml
+++ b/.github/workflows/configure-vs-cmake.yml
@@ -81,6 +81,7 @@ jobs:
     runs-on: macos-latest
     steps:
       - name: 'install packages'
+        timeout-minutes: 2
         run: |
           # shellcheck disable=SC2181,SC2034
           while [[ $? == 0 ]]; do for i in 1 2 3; do if brew update && brew install automake libtool; then break 2; else echo Error: wait to try again; sleep 10; fi; done; false Too many retries; done
diff --git a/.github/workflows/distcheck.yml b/.github/workflows/distcheck.yml
index 442a7f18a1..86c05fd0f0 100644
--- a/.github/workflows/distcheck.yml
+++ b/.github/workflows/distcheck.yml
@@ -279,6 +279,7 @@ jobs:
             mingw-w64-x86_64-zlib mingw-w64-x86_64-zstd mingw-w64-x86_64-libpsl mingw-w64-x86_64-libssh2 mingw-w64-x86_64-nghttp2 mingw-w64-x86_64-openssl
 
       - name: 'install prereqs'
+        timeout-minutes: 3
         run: |
           if [[ "${MATRIX_IMAGE}" = *'windows'* ]]; then
             cd ~
diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml
index cd72073155..25ac41c61e 100644
--- a/.github/workflows/macos.yml
+++ b/.github/workflows/macos.yml
@@ -94,6 +94,7 @@ jobs:
     steps:
       - name: 'brew install'
         if: ${{ matrix.build.configure }}
+        timeout-minutes: 5
         run: |
           # shellcheck disable=SC2181,SC2034
           while [[ $? == 0 ]]; do for i in 1 2 3; do if brew update && brew install automake libtool; then break 2; else echo Error: wait to try again; sleep 10; fi; done; false Too many retries; done
@@ -350,6 +351,7 @@ jobs:
 
     steps:
       - name: 'brew install'
+        timeout-minutes: 5
         # Run this command with retries because of spurious failures seen
         # while running the tests, for example
         # https://github.com/curl/curl/runs/4095721123?check_suite_focus=true

From eae2df837e8927bc43ab5b8994252f8b0b0f097a Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 27 Nov 2025 13:02:49 +0100
Subject: [PATCH 1023/2408] runtests: fix showing `nghttpx-h3` in the `Env:`
 log when detected

Ref: #19723
Closes #19728
---
 tests/runtests.pl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/runtests.pl b/tests/runtests.pl
index 54ac77e2e9..3d557d1435 100755
--- a/tests/runtests.pl
+++ b/tests/runtests.pl
@@ -891,7 +891,7 @@ sub checksystemfeatures {
                       $valgrind?"Valgrind ":"",
                       $run_duphandle?"test-duphandle ":"",
                       $run_event_based?"event-based ":"",
-                      $nghttpx_h3,
+                      $nghttpx_h3?"nghttpx-h3 " :"",
                       $libtool?"Libtool ":"");
     if($env) {
         logmsg "* Env: $env\n";

From 7a10f493222cad24a1625bfb283523e73647a6f0 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Fri, 21 Nov 2025 13:46:53 +0100
Subject: [PATCH 1024/2408] badwords: make some words match case-insensitively

Also:
- wcurl.md: sync with upstream to pass the badwords check.

Ref: https://github.com/curl/wcurl/commit/11f840cddd840e03b4281cb7408b246c0d09da0f
Ref: https://github.com/curl/wcurl/pull/79

Closes #19713
---
 .github/scripts/badwords.txt | 10 +++++-----
 docs/wcurl.md                |  2 +-
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/.github/scripts/badwords.txt b/.github/scripts/badwords.txt
index d8f4461d26..9e43c03fa8 100644
--- a/.github/scripts/badwords.txt
+++ b/.github/scripts/badwords.txt
@@ -17,7 +17,7 @@ could've:could have
 couldn't:could not
 didn't:did not
 doesn't:does not
-don't=do not
+don't:do not
 haven't:have not
 i'd:I would
 i'll:I will
@@ -74,10 +74,10 @@ file names\b:filenames
 \buser names\b:usernames
 \bpass phrase:passphrase
 \bwill\b:rewrite to present tense
-\b32bit=32-bit
-\b64bit=64-bit
-32 bit\b=32-bit
-64 bit\b=64-bit
+\b32bit:32-bit
+\b64bit:64-bit
+32 bit\b:32-bit
+64 bit\b:64-bit
 64-bits:64 bits or 64-bit
 32-bits:32 bits or 32-bit
 \bvery\b:rephrase using an alternative word
diff --git a/docs/wcurl.md b/docs/wcurl.md
index 7d1200b2ea..ab5c3aaa97 100644
--- a/docs/wcurl.md
+++ b/docs/wcurl.md
@@ -87,7 +87,7 @@ last value is considered.
 
 ## --no-decode-filename
 
-Don't percent-decode the output filename, even if the percent-encoding in the
+Do not percent-decode the output filename, even if the percent-encoding in the
 URL was done by **wcurl**, e.g.: The URL contained whitespace.
 
 ## --dry-run

From 0081c5b12627ddfb5d6e71198475dc9f95c0a53e Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 27 Nov 2025 15:37:19 +0100
Subject: [PATCH 1025/2408] pytest: disable two H3 earlydata tests for all
 platforms (was: macOS)

Follow-up to 692c7f133e6f9a5053a87b1fffbf3c41697a7742 #19252
Follow-up to eefd03c572996e5de4dec4fe295ad6f103e0eefc #18703

Ref: #19719
Ref: #19723

Fixes #19724
Closes #19730
---
 tests/http/test_02_download.py | 8 ++++----
 tests/http/test_07_upload.py   | 8 ++++----
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/tests/http/test_02_download.py b/tests/http/test_02_download.py
index dcfe9690bc..9fbc116caf 100644
--- a/tests/http/test_02_download.py
+++ b/tests/http/test_02_download.py
@@ -566,10 +566,10 @@ class TestDownload:
             pytest.skip("h3 early data not supported")
         if proto != 'h3' and sys.platform.startswith('darwin') and env.ci_run:
             pytest.skip('failing on macOS CI runners')
-        if proto == 'h3' and sys.platform.startswith('darwin') and env.curl_uses_lib('wolfssl'):
-            pytest.skip('h3 wolfssl early data failing on macOS')
-        if proto == 'h3' and sys.platform.startswith('darwin') and env.curl_uses_lib('gnutls'):
-            pytest.skip('h3 gnutls early data failing on macOS')
+        if proto == 'h3' and env.curl_uses_lib('wolfssl'):
+            pytest.skip('h3 wolfssl early data failing')
+        if proto == 'h3' and env.curl_uses_lib('gnutls'):
+            pytest.skip('h3 gnutls early data failing')
         count = 2
         docname = 'data-10k'
         # we want this test to always connect to nghttpx, since it is
diff --git a/tests/http/test_07_upload.py b/tests/http/test_07_upload.py
index 9e49ad7f47..495ec7a989 100644
--- a/tests/http/test_07_upload.py
+++ b/tests/http/test_07_upload.py
@@ -663,10 +663,10 @@ class TestUpload:
             pytest.skip("h3 not supported")
         if proto != 'h3' and sys.platform.startswith('darwin') and env.ci_run:
             pytest.skip('failing on macOS CI runners')
-        if proto == 'h3' and sys.platform.startswith('darwin') and env.curl_uses_lib('wolfssl'):
-            pytest.skip('h3 wolfssl early data failing on macOS')
-        if proto == 'h3' and sys.platform.startswith('darwin') and env.curl_uses_lib('gnutls'):
-            pytest.skip('h3 gnutls early data failing on macOS')
+        if proto == 'h3' and env.curl_uses_lib('wolfssl'):
+            pytest.skip('h3 wolfssl early data failing')
+        if proto == 'h3' and env.curl_uses_lib('gnutls'):
+            pytest.skip('h3 gnutls early data failing')
         count = 2
         # we want this test to always connect to nghttpx, since it is
         # the only server we have that supports TLS earlydata

From c8b76ff42f5228b0c8e3a9d51755ec7f318af6ba Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 27 Nov 2025 13:44:27 +0100
Subject: [PATCH 1026/2408] GHA/http3-linux: fix broken h3 server in
 non-openssl jobs, for more pytests

It also revealed 3 failing earlydata tests with two backends on Linux,
seen earlier on macOS:
```
LibreSSL     before: 571 passed, 141 skipped in 45.34s
LibreSSL      after: 736 passed,  95 skipped in 68.08s

aws-lc       before: 571 passed, 141 skipped in 78.87s
aws-lc        after: 736 passed,  95 skipped in 66.71s

BoringSSL    before: 511 passed, 201 skipped in 46.47s
BoringSSL     after: 676 passed, 155 skipped in 63.96s

GnuTLS       before: 515 passed, 197 skipped in 48.31s
GnuTLS        after: 688 passed, 140 skipped in 67.79s (3 failed)

wolfSSL      before: 541 passed, 171 skipped in 52.49s
wolfSSL       after: 714 passed, 114 skipped in 83.84s (3 failed)

OpenSSL      before: 757 passed,  74 skipped in 65.43s
OpenSSL       after: 757 passed,  74 skipped in 65.06s

OpenSSL-quic before: 741 passed,  90 skipped in 62.85s
OpenSSL-quic  after: 741 passed,  90 skipped in 57.20s

quiche       before: 511 passed, 201 skipped in 45.94s
quiche        after: 664 passed, 167 skipped in 59.57s
```
Before: https://github.com/curl/curl/actions/runs/19734972379
After: https://github.com/curl/curl/actions/runs/19736703398?pr=19723

Failures address via: 0081c5b12627ddfb5d6e71198475dc9f95c0a53e #19730

Ref: #19724

Closes #19723
---
 .github/workflows/http3-linux.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml
index 87738dd791..353c368142 100644
--- a/.github/workflows/http3-linux.yml
+++ b/.github/workflows/http3-linux.yml
@@ -486,7 +486,6 @@ jobs:
           echo 'CXX=g++-12' >> "$GITHUB_ENV"
 
       - name: 'cache openssl'
-        if: ${{ matrix.build.name == 'openssl' || matrix.build.name == 'openssl-quic' }}
         uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
         id: cache-openssl-http3-no-deprecated
         env:

From a59a3cc7f1593784e496172b9fb4d82ed6fae487 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Thu, 27 Nov 2025 14:25:43 +0100
Subject: [PATCH 1027/2408] cfilters: make conn_forget_socket a private libssh
 function

It is only used for (old) libssh builds.

Closes #19727
---
 lib/cfilters.c    | 13 -------------
 lib/vssh/libssh.c | 15 ++++++++++++++-
 2 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/lib/cfilters.c b/lib/cfilters.c
index f0da4778a6..31c7b07747 100644
--- a/lib/cfilters.c
+++ b/lib/cfilters.c
@@ -931,19 +931,6 @@ Curl_conn_get_remote_addr(struct Curl_easy *data, int sockindex)
   return cf ? cf_get_remote_addr(cf, data) : NULL;
 }
 
-void Curl_conn_forget_socket(struct Curl_easy *data, int sockindex)
-{
-  struct connectdata *conn = data->conn;
-  if(conn && CONN_SOCK_IDX_VALID(sockindex)) {
-    struct Curl_cfilter *cf = conn->cfilter[sockindex];
-    if(cf)
-      (void)Curl_conn_cf_cntrl(cf, data, TRUE,
-                               CF_CTRL_FORGET_SOCKET, 0, NULL);
-    fake_sclose(conn->sock[sockindex]);
-    conn->sock[sockindex] = CURL_SOCKET_BAD;
-  }
-}
-
 static CURLcode cf_cntrl_all(struct connectdata *conn,
                              struct Curl_easy *data,
                              bool ignore_result,
diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c
index c76478bc2a..4b003bd71c 100644
--- a/lib/vssh/libssh.c
+++ b/lib/vssh/libssh.c
@@ -1874,6 +1874,19 @@ static int myssh_in_SFTP_QUOTE_STAT(struct Curl_easy *data,
   return SSH_NO_ERROR;
 }
 
+static void conn_forget_socket(struct Curl_easy *data, int sockindex)
+{
+  struct connectdata *conn = data->conn;
+  if(conn && CONN_SOCK_IDX_VALID(sockindex)) {
+    struct Curl_cfilter *cf = conn->cfilter[sockindex];
+    if(cf)
+      (void)Curl_conn_cf_cntrl(cf, data, TRUE,
+                               CF_CTRL_FORGET_SOCKET, 0, NULL);
+    fake_sclose(conn->sock[sockindex]);
+    conn->sock[sockindex] = CURL_SOCKET_BAD;
+  }
+}
+
 /*
  * ssh_statemach_act() runs the SSH state machine as far as it can without
  * blocking and without reaching the end. The data the pointer 'block' points
@@ -2376,7 +2389,7 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data,
         /* conn->sock[FIRSTSOCKET] is closed by ssh_disconnect behind our back,
            tell the connection to forget about it. This libssh
            bug is fixed in 0.10.0. */
-        Curl_conn_forget_socket(data, FIRSTSOCKET);
+        conn_forget_socket(data, FIRSTSOCKET);
       }
 
       SSH_STRING_FREE_CHAR(sshc->homedir);

From 1e048e932acfe8e46a1e33fb5d7d51406b12e23b Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Thu, 27 Nov 2025 14:19:34 +0100
Subject: [PATCH 1028/2408] ngtcp2: remove the unused Curl_conn_is_ngtcp2
 function

Closes #19725
---
 lib/vquic/curl_ngtcp2.c | 16 ----------------
 lib/vquic/curl_ngtcp2.h |  4 ----
 2 files changed, 20 deletions(-)

diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c
index de767f28dc..22ea0e3ef4 100644
--- a/lib/vquic/curl_ngtcp2.c
+++ b/lib/vquic/curl_ngtcp2.c
@@ -2880,20 +2880,4 @@ out:
   return result;
 }
 
-bool Curl_conn_is_ngtcp2(const struct Curl_easy *data,
-                         const struct connectdata *conn,
-                         int sockindex)
-{
-  struct Curl_cfilter *cf = conn ? conn->cfilter[sockindex] : NULL;
-
-  (void)data;
-  for(; cf; cf = cf->next) {
-    if(cf->cft == &Curl_cft_http3)
-      return TRUE;
-    if(cf->cft->flags & CF_TYPE_IP_CONNECT)
-      return FALSE;
-  }
-  return FALSE;
-}
-
 #endif
diff --git a/lib/vquic/curl_ngtcp2.h b/lib/vquic/curl_ngtcp2.h
index 86753a3a6b..7933e924e1 100644
--- a/lib/vquic/curl_ngtcp2.h
+++ b/lib/vquic/curl_ngtcp2.h
@@ -55,10 +55,6 @@ CURLcode Curl_cf_ngtcp2_create(struct Curl_cfilter **pcf,
                                struct Curl_easy *data,
                                struct connectdata *conn,
                                const struct Curl_addrinfo *ai);
-
-bool Curl_conn_is_ngtcp2(const struct Curl_easy *data,
-                         const struct connectdata *conn,
-                         int sockindex);
 #endif
 
 #endif /* HEADER_CURL_VQUIC_CURL_NGTCP2_H */

From 56e88e7c14dd1a529f9a4f23db5f791302bba6e7 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Thu, 27 Nov 2025 15:13:11 +0100
Subject: [PATCH 1029/2408] cfilter: send uint8_t bytes

Change the send parameter from `const void *` to `const uint8_t *` and
adapt calling code. Several had already unsigned chars and were casting.

Closes #19729
---
 lib/cf-h1-proxy.c       |  4 ++--
 lib/cf-h2-proxy.c       |  6 +++---
 lib/cf-haproxy.c        |  2 +-
 lib/cf-socket.c         |  2 +-
 lib/cfilters.c          |  9 ++++-----
 lib/cfilters.h          |  6 +++---
 lib/http2.c             |  6 +++---
 lib/socks_gssapi.c      | 12 +++++-------
 lib/socks_sspi.c        | 13 +++++--------
 lib/vquic/curl_ngtcp2.c |  6 +++---
 lib/vquic/curl_osslq.c  |  6 +++---
 lib/vquic/curl_quiche.c |  8 ++++----
 lib/vtls/mbedtls.c      |  3 +--
 lib/vtls/openssl.c      |  3 ++-
 lib/vtls/rustls.c       |  2 +-
 lib/vtls/schannel.c     | 12 ++++++++----
 lib/vtls/vtls.c         |  4 ++--
 lib/vtls/wolfssl.c      |  3 ++-
 18 files changed, 53 insertions(+), 54 deletions(-)

diff --git a/lib/cf-h1-proxy.c b/lib/cf-h1-proxy.c
index e496d7634d..417b4df67e 100644
--- a/lib/cf-h1-proxy.c
+++ b/lib/cf-h1-proxy.c
@@ -246,7 +246,7 @@ static CURLcode send_CONNECT(struct Curl_cfilter *cf,
                              struct h1_tunnel_state *ts,
                              bool *done)
 {
-  char *buf = curlx_dyn_ptr(&ts->request_data);
+  uint8_t *buf = curlx_dyn_uptr(&ts->request_data);
   size_t request_len = curlx_dyn_len(&ts->request_data);
   size_t blen = request_len;
   CURLcode result = CURLE_OK;
@@ -267,7 +267,7 @@ static CURLcode send_CONNECT(struct Curl_cfilter *cf,
 
   DEBUGASSERT(blen >= nwritten);
   ts->nsent += nwritten;
-  Curl_debug(data, CURLINFO_HEADER_OUT, buf, nwritten);
+  Curl_debug(data, CURLINFO_HEADER_OUT, (char *)buf, nwritten);
 
 out:
   if(result)
diff --git a/lib/cf-h2-proxy.c b/lib/cf-h2-proxy.c
index 89bc7cc23f..fca916a2c2 100644
--- a/lib/cf-h2-proxy.c
+++ b/lib/cf-h2-proxy.c
@@ -225,7 +225,7 @@ static void drain_tunnel(struct Curl_cfilter *cf,
 }
 
 static CURLcode proxy_h2_nw_out_writer(void *writer_ctx,
-                                       const unsigned char *buf, size_t buflen,
+                                       const uint8_t *buf, size_t buflen,
                                        size_t *pnwritten)
 {
   struct Curl_cfilter *cf = writer_ctx;
@@ -233,7 +233,7 @@ static CURLcode proxy_h2_nw_out_writer(void *writer_ctx,
   if(cf) {
     struct Curl_easy *data = CF_DATA_CURRENT(cf);
     CURLcode result;
-    result = Curl_conn_cf_send(cf->next, data, (const char *)buf, buflen,
+    result = Curl_conn_cf_send(cf->next, data, buf, buflen,
                                FALSE, pnwritten);
     CURL_TRC_CF(data, cf, "[0] nw_out_writer(len=%zu) -> %d, %zu",
                 buflen, result, *pnwritten);
@@ -1356,7 +1356,7 @@ out:
 
 static CURLcode cf_h2_proxy_send(struct Curl_cfilter *cf,
                                  struct Curl_easy *data,
-                                 const void *buf, size_t len, bool eos,
+                                 const uint8_t *buf, size_t len, bool eos,
                                  size_t *pnwritten)
 {
   struct cf_h2_proxy_ctx *ctx = cf->ctx;
diff --git a/lib/cf-haproxy.c b/lib/cf-haproxy.c
index 3231791097..8912604504 100644
--- a/lib/cf-haproxy.c
+++ b/lib/cf-haproxy.c
@@ -133,7 +133,7 @@ static CURLcode cf_haproxy_connect(struct Curl_cfilter *cf,
     if(len > 0) {
       size_t nwritten;
       result = Curl_conn_cf_send(cf->next, data,
-                                 curlx_dyn_ptr(&ctx->data_out), len, FALSE,
+                                 curlx_dyn_uptr(&ctx->data_out), len, FALSE,
                                  &nwritten);
       if(result) {
         if(result != CURLE_AGAIN)
diff --git a/lib/cf-socket.c b/lib/cf-socket.c
index c657330ec6..6e5333602c 100644
--- a/lib/cf-socket.c
+++ b/lib/cf-socket.c
@@ -1428,7 +1428,7 @@ static void win_update_sndbuf_size(struct cf_socket_ctx *ctx)
 #endif /* USE_WINSOCK */
 
 static CURLcode cf_socket_send(struct Curl_cfilter *cf, struct Curl_easy *data,
-                               const void *buf, size_t len, bool eos,
+                               const uint8_t *buf, size_t len, bool eos,
                                size_t *pnwritten)
 {
   struct cf_socket_ctx *ctx = cf->ctx;
diff --git a/lib/cfilters.c b/lib/cfilters.c
index 31c7b07747..7cb10f3928 100644
--- a/lib/cfilters.c
+++ b/lib/cfilters.c
@@ -85,7 +85,7 @@ bool Curl_cf_def_data_pending(struct Curl_cfilter *cf,
 }
 
 CURLcode Curl_cf_def_send(struct Curl_cfilter *cf, struct Curl_easy *data,
-                          const void *buf, size_t len, bool eos,
+                          const uint8_t *buf, size_t len, bool eos,
                           size_t *pnwritten)
 {
   if(cf->next)
@@ -296,12 +296,11 @@ CURLcode Curl_cf_recv_bufq(struct Curl_cfilter *cf,
 }
 
 static CURLcode cf_bufq_writer(void *writer_ctx,
-                               const unsigned char *buf, size_t buflen,
+                               const uint8_t *buf, size_t buflen,
                                size_t *pnwritten)
 {
   struct cf_io_ctx *io = writer_ctx;
-  return Curl_conn_cf_send(io->cf, io->data, (const char *)buf,
-                           buflen, FALSE, pnwritten);
+  return Curl_conn_cf_send(io->cf, io->data, buf, buflen, FALSE, pnwritten);
 }
 
 CURLcode Curl_cf_send_bufq(struct Curl_cfilter *cf,
@@ -422,7 +421,7 @@ void Curl_conn_cf_close(struct Curl_cfilter *cf, struct Curl_easy *data)
 }
 
 CURLcode Curl_conn_cf_send(struct Curl_cfilter *cf, struct Curl_easy *data,
-                           const void *buf, size_t len, bool eos,
+                           const uint8_t *buf, size_t len, bool eos,
                            size_t *pnwritten)
 {
   if(cf)
diff --git a/lib/cfilters.h b/lib/cfilters.h
index 6cb4a6909c..5d39725088 100644
--- a/lib/cfilters.h
+++ b/lib/cfilters.h
@@ -89,7 +89,7 @@ typedef bool     Curl_cft_data_pending(struct Curl_cfilter *cf,
 
 typedef CURLcode Curl_cft_send(struct Curl_cfilter *cf,
                                struct Curl_easy *data, /* transfer */
-                               const void *buf,        /* data to write */
+                               const uint8_t *buf,     /* data to write */
                                size_t len,             /* amount to write */
                                bool eos,               /* last chunk */
                                size_t *pnwritten);     /* how much sent */
@@ -250,7 +250,7 @@ CURLcode Curl_cf_def_adjust_pollset(struct Curl_cfilter *cf,
 bool     Curl_cf_def_data_pending(struct Curl_cfilter *cf,
                                   const struct Curl_easy *data);
 CURLcode Curl_cf_def_send(struct Curl_cfilter *cf, struct Curl_easy *data,
-                          const void *buf, size_t len, bool eos,
+                          const uint8_t *buf, size_t len, bool eos,
                           size_t *pnwritten);
 CURLcode Curl_cf_def_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
                           char *buf, size_t len, size_t *pnread);
@@ -323,7 +323,7 @@ CURLcode Curl_conn_cf_connect(struct Curl_cfilter *cf,
                               bool *done);
 void Curl_conn_cf_close(struct Curl_cfilter *cf, struct Curl_easy *data);
 CURLcode Curl_conn_cf_send(struct Curl_cfilter *cf, struct Curl_easy *data,
-                           const void *buf, size_t len, bool eos,
+                           const uint8_t *buf, size_t len, bool eos,
                            size_t *pnwritten);
 CURLcode Curl_conn_cf_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
                            char *buf, size_t len, size_t *pnread);
diff --git a/lib/http2.c b/lib/http2.c
index 4f49efe768..2e8649c105 100644
--- a/lib/http2.c
+++ b/lib/http2.c
@@ -2258,7 +2258,7 @@ static CURLcode cf_h2_body_send(struct Curl_cfilter *cf,
 
 static CURLcode h2_submit(struct h2_stream_ctx **pstream,
                           struct Curl_cfilter *cf, struct Curl_easy *data,
-                          const void *buf, size_t len,
+                          const uint8_t *buf, size_t len,
                           bool eos, size_t *pnwritten)
 {
   struct cf_h2_ctx *ctx = cf->ctx;
@@ -2281,7 +2281,7 @@ static CURLcode h2_submit(struct h2_stream_ctx **pstream,
   if(result)
     goto out;
 
-  result = Curl_h1_req_parse_read(&stream->h1, buf, len, NULL,
+  result = Curl_h1_req_parse_read(&stream->h1, (const char *)buf, len, NULL,
                                   !data->state.http_ignorecustom ?
                                   data->set.str[STRING_CUSTOMREQUEST] : NULL,
                                   0, &nwritten);
@@ -2391,7 +2391,7 @@ out:
 }
 
 static CURLcode cf_h2_send(struct Curl_cfilter *cf, struct Curl_easy *data,
-                           const void *buf, size_t len, bool eos,
+                           const uint8_t *buf, size_t len, bool eos,
                            size_t *pnwritten)
 {
   struct cf_h2_ctx *ctx = cf->ctx;
diff --git a/lib/socks_gssapi.c b/lib/socks_gssapi.c
index 30fefa5a6d..61c88be605 100644
--- a/lib/socks_gssapi.c
+++ b/lib/socks_gssapi.c
@@ -211,7 +211,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
       us_length = htons((unsigned short)gss_send_token.length);
       memcpy(socksreq + 2, &us_length, sizeof(short));
 
-      code = Curl_conn_cf_send(cf->next, data, (char *)socksreq, 4,
+      code = Curl_conn_cf_send(cf->next, data, socksreq, 4,
                                FALSE, &nwritten);
       if(code || (nwritten != 4)) {
         failf(data, "Failed to send GSS-API authentication request.");
@@ -222,7 +222,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
       }
 
       code = Curl_conn_cf_send(cf->next, data,
-                               (char *)gss_send_token.value,
+                               gss_send_token.value,
                                gss_send_token.length, FALSE, &nwritten);
       if(code || (gss_send_token.length != nwritten)) {
         failf(data, "Failed to send GSS-API authentication token.");
@@ -409,8 +409,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
     memcpy(socksreq + 2, &us_length, sizeof(short));
   }
 
-  code = Curl_conn_cf_send(cf->next, data, (char *)socksreq, 4, FALSE,
-                           &nwritten);
+  code = Curl_conn_cf_send(cf->next, data, socksreq, 4, FALSE, &nwritten);
   if(code || (nwritten != 4)) {
     failf(data, "Failed to send GSS-API encryption request.");
     gss_release_buffer(&gss_status, &gss_w_token);
@@ -420,8 +419,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
 
   if(data->set.socks5_gssapi_nec) {
     memcpy(socksreq, &gss_enc, 1);
-    code = Curl_conn_cf_send(cf->next, data, (char *)socksreq, 1, FALSE,
-                             &nwritten);
+    code = Curl_conn_cf_send(cf->next, data, socksreq, 1, FALSE, &nwritten);
     if(code || (nwritten != 1)) {
       failf(data, "Failed to send GSS-API encryption type.");
       Curl_gss_delete_sec_context(&gss_status, &gss_context, NULL);
@@ -429,7 +427,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
     }
   }
   else {
-    code = Curl_conn_cf_send(cf->next, data, (char *)gss_w_token.value,
+    code = Curl_conn_cf_send(cf->next, data, gss_w_token.value,
                              gss_w_token.length, FALSE, &nwritten);
     if(code || (gss_w_token.length != nwritten)) {
       failf(data, "Failed to send GSS-API encryption type.");
diff --git a/lib/socks_sspi.c b/lib/socks_sspi.c
index 975172576c..14025371ce 100644
--- a/lib/socks_sspi.c
+++ b/lib/socks_sspi.c
@@ -88,7 +88,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
   unsigned char socksreq[4]; /* room for GSS-API exchange header only */
   const char *service = data->set.str[STRING_PROXY_SERVICE_NAME] ?
                         data->set.str[STRING_PROXY_SERVICE_NAME] : "rcmd";
-  char *etbuf;
+  uint8_t *etbuf;
   size_t etbuf_size;
 
   /*   GSS-API request looks like
@@ -201,8 +201,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
       us_length = htons((unsigned short)sspi_send_token.cbBuffer);
       memcpy(socksreq + 2, &us_length, sizeof(short));
 
-      code = Curl_conn_cf_send(cf->next, data, (char *)socksreq, 4, FALSE,
-                               &written);
+      code = Curl_conn_cf_send(cf->next, data, socksreq, 4, FALSE, &written);
       if(code || (written != 4)) {
         failf(data, "Failed to send SSPI authentication request.");
         result = CURLE_COULDNT_CONNECT;
@@ -210,7 +209,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
       }
 
       code = Curl_conn_cf_send(cf->next, data,
-                               (char *)sspi_send_token.pvBuffer,
+                               sspi_send_token.pvBuffer,
                                sspi_send_token.cbBuffer, FALSE, &written);
       if(code || (sspi_send_token.cbBuffer != written)) {
         failf(data, "Failed to send SSPI authentication token.");
@@ -433,8 +432,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
     memcpy(socksreq + 2, &us_length, sizeof(short));
   }
 
-  code = Curl_conn_cf_send(cf->next, data, (char *)socksreq, 4, FALSE,
-                           &written);
+  code = Curl_conn_cf_send(cf->next, data, socksreq, 4, FALSE, &written);
   if(code || (written != 4)) {
     failf(data, "Failed to send SSPI encryption request.");
     result = CURLE_COULDNT_CONNECT;
@@ -443,8 +441,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
 
   if(data->set.socks5_gssapi_nec) {
     memcpy(socksreq, &gss_enc, 1);
-    code = Curl_conn_cf_send(cf->next, data, (char *)socksreq, 1, FALSE,
-                             &written);
+    code = Curl_conn_cf_send(cf->next, data, socksreq, 1, FALSE, &written);
     if(code || (written != 1)) {
       failf(data, "Failed to send SSPI encryption type.");
       result = CURLE_COULDNT_CONNECT;
diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c
index 22ea0e3ef4..86f7428048 100644
--- a/lib/vquic/curl_ngtcp2.c
+++ b/lib/vquic/curl_ngtcp2.c
@@ -1524,7 +1524,7 @@ cb_h3_read_req_body(nghttp3_conn *conn, int64_t stream_id,
 
 static CURLcode h3_stream_open(struct Curl_cfilter *cf,
                                struct Curl_easy *data,
-                               const void *buf, size_t len,
+                               const uint8_t *buf, size_t len,
                                size_t *pnwritten)
 {
   struct cf_ngtcp2_ctx *ctx = cf->ctx;
@@ -1552,7 +1552,7 @@ static CURLcode h3_stream_open(struct Curl_cfilter *cf,
     goto out;
   }
 
-  result = Curl_h1_req_parse_read(&stream->h1, buf, len, NULL,
+  result = Curl_h1_req_parse_read(&stream->h1, (const char *)buf, len, NULL,
                                   !data->state.http_ignorecustom ?
                                   data->set.str[STRING_CUSTOMREQUEST] : NULL,
                                   0, pnwritten);
@@ -1656,7 +1656,7 @@ out:
 }
 
 static CURLcode cf_ngtcp2_send(struct Curl_cfilter *cf, struct Curl_easy *data,
-                               const void *buf, size_t len, bool eos,
+                               const uint8_t *buf, size_t len, bool eos,
                                size_t *pnwritten)
 {
   struct cf_ngtcp2_ctx *ctx = cf->ctx;
diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c
index 376705e516..d6672ce132 100644
--- a/lib/vquic/curl_osslq.c
+++ b/lib/vquic/curl_osslq.c
@@ -1877,7 +1877,7 @@ out:
 
 static CURLcode h3_stream_open(struct Curl_cfilter *cf,
                                struct Curl_easy *data,
-                               const void *buf, size_t len,
+                               const uint8_t *buf, size_t len,
                                size_t *pnwritten)
 {
   struct cf_osslq_ctx *ctx = cf->ctx;
@@ -1903,7 +1903,7 @@ static CURLcode h3_stream_open(struct Curl_cfilter *cf,
     goto out;
   }
 
-  result = Curl_h1_req_parse_read(&stream->h1, buf, len, NULL,
+  result = Curl_h1_req_parse_read(&stream->h1, (const char *)buf, len, NULL,
                                   !data->state.http_ignorecustom ?
                                   data->set.str[STRING_CUSTOMREQUEST] : NULL,
                                   0, pnwritten);
@@ -2005,7 +2005,7 @@ out:
 }
 
 static CURLcode cf_osslq_send(struct Curl_cfilter *cf, struct Curl_easy *data,
-                              const void *buf, size_t len, bool eos,
+                              const uint8_t *buf, size_t len, bool eos,
                               size_t *pnwritten)
 {
   struct cf_osslq_ctx *ctx = cf->ctx;
diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c
index 9274929790..f8fbadeebb 100644
--- a/lib/vquic/curl_quiche.c
+++ b/lib/vquic/curl_quiche.c
@@ -911,7 +911,7 @@ out:
 static CURLcode cf_quiche_send_body(struct Curl_cfilter *cf,
                                     struct Curl_easy *data,
                                     struct h3_stream_ctx *stream,
-                                    const void *buf, size_t len, bool eos,
+                                    const uint8_t *buf, size_t len, bool eos,
                                     size_t *pnwritten)
 {
   struct cf_quiche_ctx *ctx = cf->ctx;
@@ -956,7 +956,7 @@ static CURLcode cf_quiche_send_body(struct Curl_cfilter *cf,
 
 static CURLcode h3_open_stream(struct Curl_cfilter *cf,
                                struct Curl_easy *data,
-                               const char *buf, size_t blen, bool eos,
+                               const uint8_t *buf, size_t blen, bool eos,
                                size_t *pnwritten)
 {
   struct cf_quiche_ctx *ctx = cf->ctx;
@@ -980,7 +980,7 @@ static CURLcode h3_open_stream(struct Curl_cfilter *cf,
 
   DEBUGASSERT(stream);
 
-  result = Curl_h1_req_parse_read(&stream->h1, buf, blen, NULL,
+  result = Curl_h1_req_parse_read(&stream->h1, (const char *)buf, blen, NULL,
                                     !data->state.http_ignorecustom ?
                                     data->set.str[STRING_CUSTOMREQUEST] : NULL,
                                     0, pnwritten);
@@ -1076,7 +1076,7 @@ out:
 }
 
 static CURLcode cf_quiche_send(struct Curl_cfilter *cf, struct Curl_easy *data,
-                               const void *buf, size_t len, bool eos,
+                               const uint8_t *buf, size_t len, bool eos,
                                size_t *pnwritten)
 {
   struct cf_quiche_ctx *ctx = cf->ctx;
diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c
index 9a30749959..2ea3670c1b 100644
--- a/lib/vtls/mbedtls.c
+++ b/lib/vtls/mbedtls.c
@@ -187,8 +187,7 @@ static int mbedtls_bio_cf_write(void *bio,
   if(!data)
     return 0;
 
-  result = Curl_conn_cf_send(cf->next, data, (const char *)buf, blen, FALSE,
-                             &nwritten);
+  result = Curl_conn_cf_send(cf->next, data, buf, blen, FALSE, &nwritten);
   CURL_TRC_CF(data, cf, "mbedtls_bio_cf_out_write(len=%zu) -> %d, %zu",
               blen, result, nwritten);
   if(CURLE_AGAIN == result)
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 7ff5698e7c..d8f99b21c3 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -597,7 +597,8 @@ static int ossl_bio_cf_out_write(BIO *bio, const char *buf, int blen)
   if(blen < 0)
     return 0;
 
-  result = Curl_conn_cf_send(cf->next, data, buf, (size_t)blen, FALSE,
+  result = Curl_conn_cf_send(cf->next, data,
+                             (const uint8_t *)buf, (size_t)blen, FALSE,
                              &nwritten);
   CURL_TRC_CF(data, cf, "ossl_bio_cf_out_write(len=%d) -> %d, %zu",
               blen, result, nwritten);
diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c
index 3b5bea2c6f..cc19a328ed 100644
--- a/lib/vtls/rustls.c
+++ b/lib/vtls/rustls.c
@@ -133,7 +133,7 @@ write_cb(void *userdata, const uint8_t *buf, uintptr_t len, uintptr_t *out_n)
   size_t nwritten;
 
   result = Curl_conn_cf_send(io_ctx->cf->next, io_ctx->data,
-                             (const char *)buf, len, FALSE, &nwritten);
+                             buf, len, FALSE, &nwritten);
   if(result) {
     nwritten = 0;
     if(CURLE_AGAIN == result)
diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c
index f7e831f002..e5fbe40a8c 100644
--- a/lib/vtls/schannel.c
+++ b/lib/vtls/schannel.c
@@ -1074,7 +1074,8 @@ schannel_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data)
 
   /* send initial handshake data which is now stored in output buffer */
   result = Curl_conn_cf_send(cf->next, data,
-                             outbuf.pvBuffer, outbuf.cbBuffer, FALSE,
+                             (const uint8_t *)outbuf.pvBuffer,
+                             outbuf.cbBuffer, FALSE,
                              &written);
   Curl_pSecFn->FreeContextBuffer(outbuf.pvBuffer);
   if(result || (outbuf.cbBuffer != written)) {
@@ -1307,7 +1308,8 @@ schannel_connect_step2(struct Curl_cfilter *cf, struct Curl_easy *data)
 
           /* send handshake token to server */
           result = Curl_conn_cf_send(cf->next, data,
-                                     outbuf[i].pvBuffer, outbuf[i].cbBuffer,
+                                     (const uint8_t *)outbuf[i].pvBuffer,
+                                     outbuf[i].cbBuffer,
                                      FALSE, &written);
           if(result || (outbuf[i].cbBuffer != written)) {
             failf(data, "schannel: failed to send next handshake data: "
@@ -2004,7 +2006,8 @@ schannel_send(struct Curl_cfilter *cf, struct Curl_easy *data,
       /* socket is writable */
 
        result = Curl_conn_cf_send(cf->next, data,
-                                  ptr + *pnwritten, len - *pnwritten,
+                                  (const uint8_t *)ptr + *pnwritten,
+                                  len - *pnwritten,
                                   FALSE, &this_write);
       if(result == CURLE_AGAIN)
         continue;
@@ -2450,7 +2453,8 @@ static CURLcode schannel_shutdown(struct Curl_cfilter *cf,
       size_t written;
 
       result = Curl_conn_cf_send(cf->next, data,
-                                 outbuf.pvBuffer, outbuf.cbBuffer,
+                                 (const uint8_t *)outbuf.pvBuffer,
+                                 outbuf.cbBuffer,
                                  FALSE, &written);
       Curl_pSecFn->FreeContextBuffer(outbuf.pvBuffer);
       if(!result) {
diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
index 9c76ca7ed3..3b242fd485 100644
--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
@@ -1477,7 +1477,7 @@ static bool ssl_cf_data_pending(struct Curl_cfilter *cf,
 
 static CURLcode ssl_cf_send(struct Curl_cfilter *cf,
                             struct Curl_easy *data,
-                            const void *buf, size_t blen,
+                            const uint8_t *buf, size_t blen,
                             bool eos, size_t *pnwritten)
 {
   struct ssl_connect_data *connssl = cf->ctx;
@@ -1509,7 +1509,7 @@ static CURLcode ssl_cf_send(struct Curl_cfilter *cf,
     }
     else {
       *pnwritten = connssl->earlydata_skip;
-      buf = ((const char *)buf) + connssl->earlydata_skip;
+      buf = buf + connssl->earlydata_skip;
       blen -= connssl->earlydata_skip;
       connssl->earlydata_skip = 0;
     }
diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c
index e622f909e5..2ad033f988 100644
--- a/lib/vtls/wolfssl.c
+++ b/lib/vtls/wolfssl.c
@@ -334,7 +334,8 @@ static int wssl_bio_cf_out_write(WOLFSSL_BIO *bio,
     skiplen = (ssize_t)(blen - wssl->io_send_blocked_len);
     blen = wssl->io_send_blocked_len;
   }
-  result = Curl_conn_cf_send(cf->next, data, buf, blen, FALSE, &nwritten);
+  result = Curl_conn_cf_send(cf->next, data,
+                             (const uint8_t *)buf, blen, FALSE, &nwritten);
   wssl->io_result = result;
   CURL_TRC_CF(data, cf, "bio_write(len=%d) -> %d, %zu",
               blen, result, nwritten);

From c1deea4c58f385b172e31a75157931acf278dd74 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 27 Nov 2025 12:17:27 +0100
Subject: [PATCH 1030/2408] GHA/http3-linux: add H3 valgrind tests

Ref: #19714
Ref: #19717

Closes #19719
---
 .github/workflows/http3-linux.yml | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml
index 353c368142..a9117e146e 100644
--- a/.github/workflows/http3-linux.yml
+++ b/.github/workflows/http3-linux.yml
@@ -479,7 +479,7 @@ jobs:
           sudo rm -f /var/lib/man-db/auto-update
           sudo apt-get -o Dpkg::Use-Pty=0 install \
             libtool autoconf automake pkgconf \
-            libpsl-dev libbrotli-dev libzstd-dev zlib1g-dev libidn2-0-dev libldap-dev libuv1-dev \
+            libpsl-dev libbrotli-dev libzstd-dev zlib1g-dev libidn2-0-dev libldap-dev libuv1-dev valgrind \
             ${INSTALL_PACKAGES} \
             ${MATRIX_INSTALL_PACKAGES}
           echo 'CC=gcc-12' >> "$GITHUB_ENV"
@@ -701,6 +701,18 @@ jobs:
       - name: 'run tests'
         if: ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') }}
         run: |
+          export TFLAGS='-n'
+          source ~/venv/bin/activate
+          if [ "${MATRIX_BUILD}" = 'cmake' ]; then
+            cmake --build bld --verbose --target test-ci
+          else
+            make -C bld V=1 test-ci
+          fi
+
+      - name: 'run tests (valgrind)'
+        if: ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') }}
+        run: |
+          export TFLAGS='-j6 HTTP/3'
           source ~/venv/bin/activate
           if [ "${MATRIX_BUILD}" = 'cmake' ]; then
             cmake --build bld --verbose --target test-ci
@@ -714,7 +726,7 @@ jobs:
           [ -d ~/venv ] || python3 -m venv ~/venv
           ~/venv/bin/pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary -r tests/http/requirements.txt
 
-      - name: 'run pytest event based'
+      - name: 'run pytest (event based)'
         if: ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') }}
         env:
           CURL_TEST_EVENT: 1

From 53775baa1d6ba0301a6c041a60350d0914065b7f Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Thu, 27 Nov 2025 15:55:47 +0100
Subject: [PATCH 1031/2408] tests: allow 2500-2503 to use ~2MB malloc

On Linux using UDP_GRO, curl might allocate a (single) 1.5MB buffer for
maximum performance.

Fixes #19716
Closes #19731
---
 tests/data/test2500 | 4 ++++
 tests/data/test2501 | 3 +++
 tests/data/test2502 | 3 +++
 tests/data/test2503 | 3 +++
 4 files changed, 13 insertions(+)

diff --git a/tests/data/test2500 b/tests/data/test2500
index f92cabfd32..bc6790c2c1 100644
--- a/tests/data/test2500
+++ b/tests/data/test2500
@@ -73,5 +73,9 @@ via: 1.1 nghttpx
 
 s/^server: nghttpx.*\r?\n//
 
+
+Allocations: 150
+Maximum allocated: 1800000
+
 
 
diff --git a/tests/data/test2501 b/tests/data/test2501
index 99167ec48e..01505f4ce2 100644
--- a/tests/data/test2501
+++ b/tests/data/test2501
@@ -65,5 +65,8 @@ Via: 3 nghttpx
 
 moo
 
+
+Maximum allocated: 1900000
+
 
 
diff --git a/tests/data/test2502 b/tests/data/test2502
index 627cfdccad..ac6cd3cf58 100644
--- a/tests/data/test2502
+++ b/tests/data/test2502
@@ -101,5 +101,8 @@ Via: 3 nghttpx
 
 $_ = '' if(($_ !~ /left intact/) && ($_ !~ /Closing connection/))
 
+
+Maximum allocated: 1800000
+
 
 
diff --git a/tests/data/test2503 b/tests/data/test2503
index 722d0ceb7a..9e8d4c3d49 100644
--- a/tests/data/test2503
+++ b/tests/data/test2503
@@ -65,5 +65,8 @@ via: 1.1 nghttpx
 "via":["1.1 nghttpx"]
 }
 
+
+Maximum allocated: 1800000
+
 
 

From aa9342058fbf0ce1d387b7c590e674e6acabbda8 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Thu, 27 Nov 2025 16:14:37 +0100
Subject: [PATCH 1032/2408] RELEASE-NOTES: synced

---
 RELEASE-NOTES | 75 ++++++++++++++++++++++++++++++++++++++++++++-------
 1 file changed, 65 insertions(+), 10 deletions(-)

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 217f8c7504..2dbac34d0f 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -4,7 +4,7 @@ curl and libcurl 8.18.0
  Command line options:         273
  curl_easy_setopt() options:   308
  Public functions in libcurl:  100
- Contributors:                 3549
+ Contributors:                 3553
 
 This release includes the following changes:
 
@@ -19,8 +19,10 @@ This release includes the following bugfixes:
  o _PROGRESS.md: add the E unit, mention kibibyte [24]
  o AmigaOS: increase minimum stack size for tool_main [137]
  o apple-sectrust: always ask when `native_ca_store` is in use [162]
+ o asyn-ares: handle Curl_dnscache_mk_entry() OOM error [199]
  o asyn-ares: remove hostname free on OOM [122]
  o asyn-thrdd: release rrname if ares_init_options fails [41]
+ o autotools: add nettle library detection via pkg-config (for GnuTLS) [178]
  o autotools: drop autoconf <2.59 compatibility code (zz60-xc-ovr) [70]
  o badwords: fix issues found in scripts and other files [142]
  o badwords: fix issues found in tests [156]
@@ -31,6 +33,7 @@ This release includes the following bugfixes:
  o cf-https-connect: allocate ctx at first in cf_hc_create() [79]
  o cf-socket: limit use of `TCP_KEEP*` to Windows 10.0.16299+ at runtime [157]
  o cf-socket: trace ignored errors [97]
+ o cfilters: make conn_forget_socket a private libssh function [109]
  o checksrc.pl: detect assign followed by more than one space [26]
  o cmake: adjust defaults for target platforms not supporting shared libs [35]
  o cmake: disable `CURL_CA_PATH` auto-detection if `USE_APPLE_SECTRUST=ON` [16]
@@ -39,6 +42,7 @@ This release includes the following bugfixes:
  o config2setopts: bail out if curl_url_get() returns OOM [102]
  o config2setopts: exit if curl_url_set() fails on OOM [105]
  o conncache: silence `-Wnull-dereference` on gcc 14 RISC-V 64 [17]
+ o conncontrol: reuse handling [170]
  o connect: reshuffle Curl_timeleft_ms to avoid 'redundant condition' [100]
  o cookie: propagate errors better, cleanup the internal API [118]
  o cookie: return error on OOM [131]
@@ -53,15 +57,21 @@ This release includes the following bugfixes:
  o CURLINFO_TLS_SSL_PTR.md: remove CURLINFO_TLS_SESSION text [49]
  o CURLOPT_READFUNCTION.md: clarify the size of the buffer [47]
  o CURLOPT_SSH_KEYFUNCTION.md: fix minor indent mistake in example
+ o curlx/fopen: replace open CRT functions their with `_s` counterparts (Windows) [204]
  o curlx/strerr: use `strerror_s()` on Windows [75]
  o curlx: replace `mbstowcs`/`wcstombs` with `_s` counterparts (Windows) [143]
+ o curlx: replace `sprintf` with `snprintf` [194]
  o digest_sspi: fix a memory leak on error path [149]
  o digest_sspi: properly free sspi identity [12]
  o DISTROS.md: add OpenBSD [126]
+ o doc: some returned in-memory data may not be altered [196]
  o docs: fix checksrc `EQUALSPACE` warnings [21]
  o docs: mention umask need when curl creates files [56]
+ o docs: spell it Rustls with a capital R [181]
  o examples/crawler: fix variable [92]
+ o examples/multi-uv: fix invalid req->data access [177]
  o examples/multithread: fix race condition [101]
+ o examples: fix minor typo [203]
  o examples: make functions/data static where missing [139]
  o examples: tidy-up headers and includes [138]
  o file: do not pass invalid mode flags to `open()` on upload (Windows) [83]
@@ -73,9 +83,12 @@ This release includes the following bugfixes:
  o gtls: skip session resumption when verifystatus is set
  o h2/h3: handle methods with spaces [146]
  o hostip: don't store negative lookup on OOM [61]
+ o hostip: make more functions return CURLcode [202]
+ o hostip: only store negative response for CURLE_COULDNT_RESOLVE_HOST [183]
  o hsts: propagate and error out correctly on OOM [130]
  o http: avoid two strdup()s and do minor simplifications [144]
  o http: error on OOM when creating range header [59]
+ o http: fix OOM exit in Curl_http_follow [179]
  o http: replace atoi use in Curl_http_follow with curlx_str_number [65]
  o http: the :authority header should never contain user+password [147]
  o INSTALL-CMAKE.md: document static option defaults more [37]
@@ -86,6 +99,7 @@ This release includes the following bugfixes:
  o lib: fix gssapi.h include on IBMi [55]
  o lib: refactor the type of funcs which have useless return and checks [1]
  o lib: replace `_tcsncpy`/`wcsncpy`/`wcscpy` with `_s` counterparts (Windows) [164]
+ o lib: timer stats improvements [190]
  o libssh2: add paths to error messages for quote commands [114]
  o libssh2: cleanup ssh_force_knownhost_key_type [64]
  o libssh2: replace atoi() in ssh_force_knownhost_key_type [63]
@@ -93,11 +107,15 @@ This release includes the following bugfixes:
  o libtests: replace `atoi()` with `curlx_str_number()` [120]
  o limit-rate: add example using --limit-rate and --max-time together [89]
  o m4/sectrust: fix test(1) operator [4]
+ o manage: expand the 'libcurl support required' message [208]
  o mbedtls: fix potential use of uninitialized `nread` [8]
  o mk-ca-bundle.pl: default to SHA256 fingerprints with `-t` option [73]
  o mk-ca-bundle.pl: use `open()` with argument list to replace backticks [71]
  o mqtt: reject overly big messages [39]
  o multi: make max_total_* members size_t [158]
+ o multi: simplify admin handle processing [189]
+ o ngtcp2+openssl: fix leak of session [172]
+ o ngtcp2: remove the unused Curl_conn_is_ngtcp2 function [85]
  o noproxy: replace atoi with curlx_str_number [67]
  o openssl: exit properly on OOM when getting certchain [133]
  o openssl: fix a potential memory leak of bio_out [150]
@@ -111,7 +129,9 @@ This release includes the following bugfixes:
  o progress: show fewer digits [78]
  o projects/README.md: Markdown fixes [148]
  o pytest fixes and improvements [159]
+ o pytest: disable two H3 earlydata tests for all platforms (was: macOS) [116]
  o pytest: skip H2 tests if feature missing from curl [46]
+ o ratelimit: redesign [209]
  o rtmp: fix double-free on URL parse errors [27]
  o rtmp: precaution for a potential integer truncation [54]
  o runtests: detect bad libssh differently for test 1459 [11]
@@ -126,9 +146,11 @@ This release includes the following bugfixes:
  o setopt: disable CURLOPT_HAPROXY_CLIENT_IP on NULL [30]
  o setopt: when setting bad protocols, don't store them [9]
  o sftp: fix range downloads in both SSH backends [82]
+ o slist: constify Curl_slist_append_nodup() string argument [195]
  o smb: fix a size check to be overflow safe [161]
  o socks_sspi: use free() not FreeContextBuffer() [93]
  o speedcheck: do not trigger low speed cancel on transfers with CURL_READFUNC_PAUSE [113]
+ o speedlimit: also reset on send unpausing [197]
  o telnet: replace atoi for BINARY handling with curlx_str_number [66]
  o TEST-SUITE.md: correct the man page's path [136]
  o test07_22: fix flakiness [95]
@@ -138,11 +160,14 @@ This release includes the following bugfixes:
  o tests/data: support using native newlines on disk, drop `.gitattributes` [91]
  o tests/server: do not fall back to original data file in `test2fopen()` [32]
  o tests/server: replace `atoi()` and `atol()` with `curlx_str_number()` [110]
+ o tests: allow 2500-2503 to use ~2MB malloc [31]
  o tftp: release filename if conn_get_remote_addr fails [42]
  o tftpd: fix/tidy up `open()` mode flags [57]
  o tidy-up: move `CURL_UNCONST()` out from macro `curl_unicodefree()` [121]
  o tool: consider (some) curl_easy_setopt errors fatal [7]
+ o tool: log when loading .curlrc in verbose mode [191]
  o tool_cfgable: free ssl-sessions at exit [123]
+ o tool_doswin: clear pointer when thread takes ownership [198]
  o tool_getparam: verify that a file exists for some options [134]
  o tool_help: add checks to avoid unsigned wrap around [14]
  o tool_ipfs: check return codes better [20]
@@ -157,9 +182,11 @@ This release includes the following bugfixes:
  o tool_writeout: bail out proper on OOM [104]
  o url: if OOM in parse_proxy() return error [132]
  o urlapi: fix mem-leaks in curl_url_get error paths [22]
+ o urlapi: handle OOM properly when setting URL [180]
  o verify-release: update to avoid shellcheck warning SC2034 [88]
  o vquic-tls/gnutls: call Curl_gtls_verifyserver unconditionally [96]
  o vquic: do not pass invalid mode flags to `open()` (Windows) [58]
+ o vquic: do_sendmsg full init [171]
  o vtls: fix CURLOPT_CAPATH use [51]
  o vtls: handle possible malicious certs_num from peer [53]
  o vtls: pinned key check [98]
@@ -190,15 +217,16 @@ Planned upcoming removals include:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 
-  Aleksandr Sergeev, Andrew Kirillov, boingball, Brad King, bttrfl on github,
-  Christian Schmitz, Dan Fandrich, Daniel McCarney, Daniel Stenberg,
-  Fd929c2CE5fA on github, ffath-vo on github, Gisle Vanem, Jiyong Yang,
-  Juliusz Sosinowicz, Leonardo Taccari, letshack9707 on hackerone,
-  Marc Aldorasi, Marcel Raad, nait-furry, ncaklovic on github, Nick Korepanov,
-  Omdahake on github, Patrick Monnerat, pelioro on hackerone, Ray Satiro,
-  renovate[bot], Samuel Henrique, Stanislav Fort, Stefan Eissing,
-  Thomas Klausner, Viktor Szakats, Wesley Moore, Xiaoke Wang
-  (33 contributors)
+  Aleksandr Sergeev, Aleksei Bavshin, Andrew Kirillov, BANADDA, boingball,
+  Brad King, bttrfl on github, Christian Schmitz, Dan Fandrich,
+  Daniel McCarney, Daniel Stenberg, Fd929c2CE5fA on github, ffath-vo on github,
+  Gisle Vanem, Jiyong Yang, Juliusz Sosinowicz, Leonardo Taccari,
+  letshack9707 on hackerone, Marc Aldorasi, Marcel Raad, nait-furry,
+  ncaklovic on github, Nick Korepanov, Omdahake on github, Patrick Monnerat,
+  pelioro on hackerone, Ray Satiro, renovate[bot], Samuel Henrique,
+  st751228051 on github, Stanislav Fort, Stefan Eissing, Sunny,
+  Thomas Klausner, Viktor Szakats, Wesley Moore, Xiaoke Wang, Yedaya Katsman
+  (38 contributors)
 
 References to bug reports and discussions on issues:
 
@@ -232,6 +260,7 @@ References to bug reports and discussions on issues:
  [28] = https://curl.se/bug/?i=19354
  [29] = https://curl.se/bug/?i=19430
  [30] = https://curl.se/bug/?i=19434
+ [31] = https://curl.se/bug/?i=19716
  [32] = https://curl.se/bug/?i=19429
  [33] = https://curl.se/bug/?i=19427
  [35] = https://curl.se/bug/?i=19420
@@ -283,6 +312,7 @@ References to bug reports and discussions on issues:
  [82] = https://curl.se/bug/?i=19460
  [83] = https://curl.se/bug/?i=19647
  [84] = https://curl.se/bug/?i=19645
+ [85] = https://curl.se/bug/?i=19725
  [86] = https://curl.se/bug/?i=19451
  [87] = https://curl.se/bug/?i=19450
  [88] = https://curl.se/bug/?i=19449
@@ -306,11 +336,13 @@ References to bug reports and discussions on issues:
  [106] = https://curl.se/bug/?i=19144
  [107] = https://curl.se/bug/?i=19512
  [108] = https://curl.se/bug/?i=19513
+ [109] = https://curl.se/bug/?i=19727
  [110] = https://curl.se/bug/?i=19510
  [111] = https://curl.se/bug/?i=19509
  [112] = https://curl.se/bug/?i=19495
  [113] = https://curl.se/bug/?i=19653
  [114] = https://curl.se/bug/?i=19605
+ [116] = https://curl.se/bug/?i=19724
  [117] = https://curl.se/bug/?i=19644
  [118] = https://curl.se/bug/?i=19493
  [119] = https://curl.se/bug/?i=19483
@@ -358,3 +390,26 @@ References to bug reports and discussions on issues:
  [166] = https://curl.se/bug/?i=19615
  [167] = https://curl.se/bug/?i=19609
  [168] = https://curl.se/bug/?i=19612
+ [170] = https://curl.se/bug/?i=19333
+ [171] = https://curl.se/bug/?i=19714
+ [172] = https://curl.se/bug/?i=19717
+ [177] = https://curl.se/bug/?i=19462
+ [178] = https://curl.se/bug/?i=19703
+ [179] = https://curl.se/bug/?i=19705
+ [180] = https://curl.se/bug/?i=19704
+ [181] = https://curl.se/bug/?i=19702
+ [183] = https://curl.se/bug/?i=19701
+ [189] = https://curl.se/bug/?i=19604
+ [190] = https://curl.se/bug/?i=19269
+ [191] = https://curl.se/bug/?i=19663
+ [194] = https://curl.se/bug/?i=19681
+ [195] = https://curl.se/bug/?i=19692
+ [196] = https://curl.se/bug/?i=19692
+ [197] = https://curl.se/bug/?i=19687
+ [198] = https://curl.se/bug/?i=19689
+ [199] = https://curl.se/bug/?i=19688
+ [202] = https://curl.se/bug/?i=19669
+ [203] = https://curl.se/bug/?i=19683
+ [204] = https://curl.se/bug/?i=19643
+ [208] = https://curl.se/bug/?i=19665
+ [209] = https://curl.se/bug/?i=19384

From 5c22bd5384e732755fa00d2fc7fef2ce19e3418b Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Thu, 27 Nov 2025 17:42:55 +0100
Subject: [PATCH 1033/2408] mbedtls_threadlock: avoid calloc, use array

Closes #19732
---
 lib/vtls/mbedtls_threadlock.c | 13 ++-----------
 1 file changed, 2 insertions(+), 11 deletions(-)

diff --git a/lib/vtls/mbedtls_threadlock.c b/lib/vtls/mbedtls_threadlock.c
index ed70308b73..82590929cd 100644
--- a/lib/vtls/mbedtls_threadlock.c
+++ b/lib/vtls/mbedtls_threadlock.c
@@ -44,17 +44,13 @@
 /* number of thread locks */
 #define NUMT                    2
 
-/* This array will store all of the mutexes available to Mbedtls. */
-static MBEDTLS_MUTEX_T *mutex_buf = NULL;
+/* This array stores the mutexes available to Mbedtls */
+static MBEDTLS_MUTEX_T mutex_buf[NUMT];
 
 int Curl_mbedtlsthreadlock_thread_setup(void)
 {
   int i;
 
-  mutex_buf = calloc(1, NUMT * sizeof(MBEDTLS_MUTEX_T));
-  if(!mutex_buf)
-    return 0;     /* error, no number of threads defined */
-
   for(i = 0;  i < NUMT;  i++) {
 #if defined(USE_THREADS_POSIX) && defined(HAVE_PTHREAD_H)
     if(pthread_mutex_init(&mutex_buf[i], NULL))
@@ -73,9 +69,6 @@ int Curl_mbedtlsthreadlock_thread_cleanup(void)
 {
   int i;
 
-  if(!mutex_buf)
-    return 0; /* error, no threads locks defined */
-
   for(i = 0; i < NUMT; i++) {
 #if defined(USE_THREADS_POSIX) && defined(HAVE_PTHREAD_H)
     if(pthread_mutex_destroy(&mutex_buf[i]))
@@ -85,8 +78,6 @@ int Curl_mbedtlsthreadlock_thread_cleanup(void)
       return 0; /* CloseHandle failed */
 #endif /* USE_THREADS_POSIX && HAVE_PTHREAD_H */
   }
-  free(mutex_buf);
-  mutex_buf = NULL;
 
   return 1; /* OK */
 }

From 986e6d4eae316f408f188b3079b1af62dce35850 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 27 Nov 2025 18:32:35 +0100
Subject: [PATCH 1034/2408] CODE_STYLE.md: sync banned function list with
 checksrc.pl

Also alpha sort the list in checksrc.pl.

Closes #19733
---
 docs/internals/CODE_STYLE.md |  36 +++++++++++++
 scripts/checksrc.pl          | 102 +++++++++++++++++------------------
 2 files changed, 87 insertions(+), 51 deletions(-)

diff --git a/docs/internals/CODE_STYLE.md b/docs/internals/CODE_STYLE.md
index 0d072c04c3..7d37df4805 100644
--- a/docs/internals/CODE_STYLE.md
+++ b/docs/internals/CODE_STYLE.md
@@ -334,14 +334,31 @@ This is the full list of functions generally banned.
     _access
     _mbscat
     _mbsncat
+    _open
     _tcscat
     _tcsdup
     _tcsncat
+    _tcsncpy
     _waccess
     _wcscat
     _wcsdup
     _wcsncat
+    _wfopen
+    _wfreopen
+    _wopen
+    accept
+    accept4
     access
+    aprintf
+    atoi
+    atol
+    fclose
+    fdopen
+    fopen
+    fprintf
+    freeaddrinfo
+    freopen
+    getaddrinfo
     gets
     gmtime
     LoadLibrary
@@ -351,9 +368,19 @@ This is the full list of functions generally banned.
     LoadLibraryExW
     LoadLibraryW
     localtime
+    mbstowcs
+    msnprintf
+    mvsnprintf
+    open
+    printf
+    recv
+    send
     snprintf
+    socket
+    socketpair
     sprintf
     sscanf
+    stat
     strcat
     strerror
     strncat
@@ -362,6 +389,15 @@ This is the full list of functions generally banned.
     strtok_r
     strtol
     strtoul
+    vaprintf
+    vfprintf
+    vprintf
     vsnprintf
     vsprintf
+    wcscpy
     wcsdup
+    wcsncpy
+    wcstombs
+    WSASocket
+    WSASocketA
+    WSASocketW
diff --git a/scripts/checksrc.pl b/scripts/checksrc.pl
index d38ffecdb9..49290ff137 100755
--- a/scripts/checksrc.pl
+++ b/scripts/checksrc.pl
@@ -48,76 +48,76 @@ my %ignore_used;
 my @ignore_line;
 
 my %banfunc = (
-    "gmtime" => 1,
-    "localtime" => 1,
-    "gets" => 1,
-    "strtok" => 1,
-    "sprintf" => 1,
-    "snprintf" => 1,
-    "vsprintf" => 1,
-    "vsnprintf" => 1,
+    "_access" => 1,
+    "_mbscat" => 1,
+    "_mbsncat" => 1,
+    "_open" => 1,
+    "_tcscat" => 1,
+    "_tcsdup" => 1,
+    "_tcsncat" => 1,
+    "_tcsncpy" => 1,
+    "_waccess" => 1,
+    "_wcscat" => 1,
+    "_wcsdup" => 1,
+    "_wcsncat" => 1,
+    "_wfopen" => 1,
+    "_wfreopen" => 1,
+    "_wopen" => 1,
+    "accept" => 1,
+    "accept4" => 1,
+    "access" => 1,
     "aprintf" => 1,
+    "atoi" => 1,
+    "atol" => 1,
+    "fclose" => 1,
+    "fdopen" => 1,
+    "fopen" => 1,
     "fprintf" => 1,
+    "freeaddrinfo" => 1,
+    "freopen" => 1,
+    "getaddrinfo" => 1,
+    "gets" => 1,
+    "gmtime" => 1,
+    "LoadLibrary" => 1,
+    "LoadLibraryA" => 1,
+    "LoadLibraryEx" => 1,
+    "LoadLibraryExA" => 1,
+    "LoadLibraryExW" => 1,
+    "LoadLibraryW" => 1,
+    "localtime" => 1,
+    "mbstowcs" => 1,
     "msnprintf" => 1,
     "mvsnprintf" => 1,
+    "open" => 1,
     "printf" => 1,
-    "vaprintf" => 1,
-    "vfprintf" => 1,
-    "vprintf" => 1,
+    "recv" => 1,
+    "send" => 1,
+    "snprintf" => 1,
+    "socket" => 1,
+    "socketpair" => 1,
+    "sprintf" => 1,
     "sscanf" => 1,
+    "stat" => 1,
     "strcat" => 1,
     "strerror" => 1,
     "strncat" => 1,
     "strncpy" => 1,
     "strtok_r" => 1,
+    "strtok" => 1,
     "strtol" => 1,
     "strtoul" => 1,
-    "atoi" => 1,
-    "atol" => 1,
-    "_mbscat" => 1,
-    "_mbsncat" => 1,
-    "_tcscat" => 1,
-    "_tcsdup" => 1,
-    "_tcsncpy" => 1,
-    "_tcsncat" => 1,
-    "_wcscat" => 1,
-    "_wcsncat" => 1,
-    "_wcsdup" => 1,
-    "wcsdup" => 1,
+    "vaprintf" => 1,
+    "vfprintf" => 1,
+    "vprintf" => 1,
+    "vsnprintf" => 1,
+    "vsprintf" => 1,
     "wcscpy" => 1,
+    "wcsdup" => 1,
     "wcsncpy" => 1,
-    "mbstowcs" => 1,
     "wcstombs" => 1,
-    "LoadLibrary" => 1,
-    "LoadLibraryA" => 1,
-    "LoadLibraryW" => 1,
-    "LoadLibraryEx" => 1,
-    "LoadLibraryExA" => 1,
-    "LoadLibraryExW" => 1,
     "WSASocket" => 1,
     "WSASocketA" => 1,
     "WSASocketW" => 1,
-    "_waccess" => 1,
-    "_access" => 1,
-    "access" => 1,
-    "accept" => 1,
-    "accept4" => 1,
-    "freeaddrinfo" => 1,
-    "getaddrinfo" => 1,
-    "recv" => 1,
-    "send" => 1,
-    "socket" => 1,
-    "socketpair" => 1,
-    "fclose" => 1,
-    "fdopen" => 1,
-    "fopen" => 1,
-    "freopen" => 1,
-    "open" => 1,
-    "_open" => 1,
-    "_wfopen" => 1,
-    "_wfreopen" => 1,
-    "_wopen" => 1,
-    "stat" => 1,
     );
 
 my %warnings_extended = (

From 63eb0627b1c6cb2fa267585b4c21f839867e19d2 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 27 Nov 2025 20:08:43 +0100
Subject: [PATCH 1035/2408] curl_setup.h: drop superfluous parenthesis from
 `Curl_safefree` macro

Cherry-picked from #19626
Closes #19734
---
 lib/curl_setup.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/curl_setup.h b/lib/curl_setup.h
index 48b9ea9ea9..6236a71539 100644
--- a/lib/curl_setup.h
+++ b/lib/curl_setup.h
@@ -941,7 +941,7 @@ extern curl_calloc_callback Curl_ccalloc;
  * This macro also assigns NULL to given pointer when free'd.
  */
 #define Curl_safefree(ptr) \
-  do { free((ptr)); (ptr) = NULL;} while(0)
+  do { free(ptr); (ptr) = NULL;} while(0)
 
 #include  /* for CURL_EXTERN, mprintf.h */
 

From 6dc82c80468941a3f08646454bceccd839e46e00 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 20 Nov 2025 03:57:45 +0100
Subject: [PATCH 1036/2408] memdebug: replace `(fwrite)` with `fwrite`

Cherry-picked from #19626
Closes #19735
---
 lib/memdebug.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/memdebug.c b/lib/memdebug.c
index 6ec292654f..1121dc26f5 100644
--- a/lib/memdebug.c
+++ b/lib/memdebug.c
@@ -526,7 +526,7 @@ void curl_dbg_log(const char *format, ...)
     nchars = (int)sizeof(buf) - 1;
 
   if(nchars > 0)
-    (fwrite)(buf, 1, (size_t)nchars, curl_dbg_logfile);
+    fwrite(buf, 1, (size_t)nchars, curl_dbg_logfile);
 }
 
 #endif /* CURLDEBUG */

From 376c7bddc48974d30c9bcc82aa183fe92478d67f Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 27 Nov 2025 20:48:43 +0100
Subject: [PATCH 1037/2408] unit1653: replace local macro with
 `Curl_safefree()`

Cherry-picked from #19626
Closes #19736
---
 tests/unit/unit1653.c | 24 +++++++++++-------------
 1 file changed, 11 insertions(+), 13 deletions(-)

diff --git a/tests/unit/unit1653.c b/tests/unit/unit1653.c
index 714b52a8e6..8f6a5a51cc 100644
--- a/tests/unit/unit1653.c
+++ b/tests/unit/unit1653.c
@@ -27,8 +27,6 @@
 #include "curl/urlapi.h"
 #include "urlapi-int.h"
 
-#define free_and_clear(x) free(x); x = NULL
-
 static CURLUcode parse_port(CURLU *url, char *h, bool has_scheme)
 {
   struct dynbuf host;
@@ -62,7 +60,7 @@ static CURLcode test_unit1653(const char *arg)
   fail_unless(ret == CURLUE_OK, "parse_port returned error");
   ret = curl_url_get(u, CURLUPART_PORT, &portnum, CURLU_NO_DEFAULT_PORT);
   fail_unless(ret != CURLUE_OK, "curl_url_get portnum returned something");
-  free_and_clear(ipv6port);
+  Curl_safefree(ipv6port);
   curl_url_cleanup(u);
 
   /* Invalid IPv6 */
@@ -74,7 +72,7 @@ static CURLcode test_unit1653(const char *arg)
     goto fail;
   ret = parse_port(u, ipv6port, FALSE);
   fail_unless(ret != CURLUE_OK, "parse_port true on error");
-  free_and_clear(ipv6port);
+  Curl_safefree(ipv6port);
   curl_url_cleanup(u);
 
   u = curl_url();
@@ -90,7 +88,7 @@ static CURLcode test_unit1653(const char *arg)
   fail_unless(portnum && !strcmp(portnum, "808"), "Check portnumber");
 
   curl_free(portnum);
-  free_and_clear(ipv6port);
+  Curl_safefree(ipv6port);
   curl_url_cleanup(u);
 
   /* Valid IPv6 with zone index and port number */
@@ -106,7 +104,7 @@ static CURLcode test_unit1653(const char *arg)
   fail_unless(ret == CURLUE_OK, "curl_url_get portnum returned error");
   fail_unless(portnum && !strcmp(portnum, "80"), "Check portnumber");
   curl_free(portnum);
-  free_and_clear(ipv6port);
+  Curl_safefree(ipv6port);
   curl_url_cleanup(u);
 
   /* Valid IPv6 with zone index without port number */
@@ -118,7 +116,7 @@ static CURLcode test_unit1653(const char *arg)
     goto fail;
   ret = parse_port(u, ipv6port, FALSE);
   fail_unless(ret == CURLUE_OK, "parse_port returned error");
-  free_and_clear(ipv6port);
+  Curl_safefree(ipv6port);
   curl_url_cleanup(u);
 
   /* Valid IPv6 with port number */
@@ -134,7 +132,7 @@ static CURLcode test_unit1653(const char *arg)
   fail_unless(ret == CURLUE_OK, "curl_url_get portnum returned error");
   fail_unless(portnum && !strcmp(portnum, "81"), "Check portnumber");
   curl_free(portnum);
-  free_and_clear(ipv6port);
+  Curl_safefree(ipv6port);
   curl_url_cleanup(u);
 
   /* Valid IPv6 with syntax error in the port number */
@@ -146,7 +144,7 @@ static CURLcode test_unit1653(const char *arg)
     goto fail;
   ret = parse_port(u, ipv6port, FALSE);
   fail_unless(ret != CURLUE_OK, "parse_port true on error");
-  free_and_clear(ipv6port);
+  Curl_safefree(ipv6port);
   curl_url_cleanup(u);
 
   u = curl_url();
@@ -157,7 +155,7 @@ static CURLcode test_unit1653(const char *arg)
     goto fail;
   ret = parse_port(u, ipv6port, FALSE);
   fail_unless(ret != CURLUE_OK, "parse_port true on error");
-  free_and_clear(ipv6port);
+  Curl_safefree(ipv6port);
   curl_url_cleanup(u);
 
   /* Valid IPv6 with no port after the colon, should use default if a scheme
@@ -170,7 +168,7 @@ static CURLcode test_unit1653(const char *arg)
     goto fail;
   ret = parse_port(u, ipv6port, TRUE);
   fail_unless(ret == CURLUE_OK, "parse_port returned error");
-  free_and_clear(ipv6port);
+  Curl_safefree(ipv6port);
   curl_url_cleanup(u);
 
   /* Incorrect zone index syntax, but the port extractor does not care */
@@ -186,7 +184,7 @@ static CURLcode test_unit1653(const char *arg)
   fail_unless(ret == CURLUE_OK, "curl_url_get portnum returned error");
   fail_unless(portnum && !strcmp(portnum, "180"), "Check portnumber");
   curl_free(portnum);
-  free_and_clear(ipv6port);
+  Curl_safefree(ipv6port);
   curl_url_cleanup(u);
 
   /* Non percent-encoded zone index */
@@ -198,7 +196,7 @@ static CURLcode test_unit1653(const char *arg)
     goto fail;
   ret = parse_port(u, ipv6port, FALSE);
   fail_unless(ret == CURLUE_OK, "parse_port returned error");
-  free_and_clear(ipv6port);
+  Curl_safefree(ipv6port);
   curl_url_cleanup(u);
 
   /* No scheme and no digits following the colon - not accepted. Because that

From c9e50e9e393508c6a28c695abcf62980b3c1b023 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 27 Nov 2025 23:23:18 +0100
Subject: [PATCH 1038/2408] appveyor: add support for using custom CMake
 versions

To allow more flexibility and not be limited by defaults offered by
the runner machines:
- Visual Studio 2013: CMake 3.12.2
- Visual Studio 2015, 2017: CMake 3.16.2
Ref: https://www.appveyor.com/docs/windows-images-software/

Start using 3.18.4, 3.19.8, 3.20.6 in older VS jobs to add variations.

Time cost is a couple of seconds per job.

Ref: #18704 (Discussion)
Ref: #16973

Closes #19737
---
 appveyor.sh  | 17 +++++++++++++++++
 appveyor.yml |  3 +++
 2 files changed, 20 insertions(+)

diff --git a/appveyor.sh b/appveyor.sh
index b20838da42..56f8cc3527 100644
--- a/appveyor.sh
+++ b/appveyor.sh
@@ -42,6 +42,23 @@ elif [ "${APPVEYOR_BUILD_WORKER_IMAGE}" = 'Visual Studio 2019' ]; then
 fi
 
 if [ "${BUILD_SYSTEM}" = 'CMake' ]; then
+  # Install custom cmake version
+  if [ -n "${CMAKE_VERSION:-}" ]; then
+    cmake_ver=$(printf '%02d%02d' \
+      "$(echo "$CMAKE_VERSION" | cut -f1 -d.)" \
+      "$(echo "$CMAKE_VERSION" | cut -f2 -d.)")
+    if [ "${cmake_ver}" -ge '0320' ]; then
+      fn="cmake-${CMAKE_VERSION}-windows-x86_64"
+    else
+      fn="cmake-${CMAKE_VERSION}-win64-x64"
+    fi
+    curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 60 --retry 3 --retry-connrefused \
+      --location "https://github.com/Kitware/CMake/releases/download/v${CMAKE_VERSION}/${fn}.zip" --output bin.zip
+    7z x -y bin.zip >/dev/null
+    rm -f bin.zip
+    PATH="$PWD/${fn}/bin:$PATH"
+  fi
+
   # Set env CHKPREFILL to the value '_chkprefill' to compare feature detection
   # results with and without the pre-fill feature. They have to match.
   for _chkprefill in '' ${CHKPREFILL:-}; do
diff --git a/appveyor.yml b/appveyor.yml
index d10f8d3961..91a425c7fa 100644
--- a/appveyor.yml
+++ b/appveyor.yml
@@ -79,6 +79,7 @@ environment:
       SHARED: 'ON'
     - job_name: 'CM VS2013, Debug, x64, Schannel, Shared, Build-only'
       APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2015'
+      CMAKE_VERSION: '3.18.4'
       PRJ_GEN: 'Visual Studio 12 2013'
       TARGET: '-A x64'
       PRJ_CFG: Debug
@@ -87,6 +88,7 @@ environment:
       TFLAGS: 'skipall'
     - job_name: 'CM VS2015, Debug, x64, Schannel, Static, Build-only'
       APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2015'
+      CMAKE_VERSION: '3.19.8'
       PRJ_GEN: 'Visual Studio 14 2015'
       TARGET: '-A x64'
       PRJ_CFG: Debug
@@ -94,6 +96,7 @@ environment:
       TFLAGS: 'skipall'
     - job_name: 'CM VS2017, Debug, x64, Schannel, Shared, Build-only'
       APPVEYOR_BUILD_WORKER_IMAGE: 'Visual Studio 2017'
+      CMAKE_VERSION: '3.20.6'
       PRJ_GEN: 'Visual Studio 15 2017'
       TARGET: '-A x64'
       PRJ_CFG: Debug

From 5c275f7fef5337c8e743febc238735298315f902 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Fri, 28 Nov 2025 02:40:19 +0100
Subject: [PATCH 1039/2408] GHA/linux-old: stop installing `groff`, it is
 unused

---
 .github/workflows/linux-old.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/linux-old.yml b/.github/workflows/linux-old.yml
index 64958f4bd6..59da60987c 100644
--- a/.github/workflows/linux-old.yml
+++ b/.github/workflows/linux-old.yml
@@ -72,7 +72,7 @@ jobs:
           dpkg -i freexian-archive-keyring_2022.06.08_all.deb
           echo 'deb http://deb.freexian.com/extended-lts stretch-lts main contrib non-free' | tee /etc/apt/sources.list.d/extended-lts.list
           apt-get -o Dpkg::Use-Pty=0 update
-          apt-get -o Dpkg::Use-Pty=0 install -y --no-install-suggests --no-install-recommends cmake make automake autoconf libtool gcc pkg-config libpsl-dev libzstd-dev zlib1g-dev libc-ares-dev libkrb5-dev libldap2-dev librtmp-dev stunnel4 groff
+          apt-get -o Dpkg::Use-Pty=0 install -y --no-install-suggests --no-install-recommends cmake make automake autoconf libtool gcc pkg-config libpsl-dev libzstd-dev zlib1g-dev libc-ares-dev libkrb5-dev libldap2-dev librtmp-dev stunnel4
           # GitHub's actions/checkout needs newer glibc and libstdc++. The latter also depends on
           # gcc-8-base, but it does not actually seem used in our situation and is not available in
           # the main repo, so force the install.

From e7c2f5bf53838871be4ebd7a9b2521da2a7f9226 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Wed, 26 Nov 2025 01:19:06 +0000
Subject: [PATCH 1040/2408] GHA: update dependency google/boringssl to
 v0.20251124.0

Closes #19685
---
 .github/workflows/http3-linux.yml | 2 +-
 .github/workflows/linux.yml       | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml
index a9117e146e..77fd1edc09 100644
--- a/.github/workflows/http3-linux.yml
+++ b/.github/workflows/http3-linux.yml
@@ -45,7 +45,7 @@ env:
   # renovate: datasource=github-tags depName=awslabs/aws-lc versioning=semver registryUrl=https://github.com
   AWSLC_VERSION: 1.63.0
   # renovate: datasource=github-tags depName=google/boringssl versioning=semver registryUrl=https://github.com
-  BORINGSSL_VERSION: 0.20251110.0
+  BORINGSSL_VERSION: 0.20251124.0
   # renovate: datasource=github-tags depName=gnutls/nettle versioning=semver registryUrl=https://github.com
   NETTLE_VERSION: 3.10.2
   # renovate: datasource=github-tags depName=gnutls/gnutls versioning=semver extractVersion=^nettle_?(?.+)_release_.+$ registryUrl=https://github.com
diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml
index 0db8ca33b4..390cab7292 100644
--- a/.github/workflows/linux.yml
+++ b/.github/workflows/linux.yml
@@ -48,7 +48,7 @@ env:
   # renovate: datasource=github-tags depName=awslabs/aws-lc versioning=semver registryUrl=https://github.com
   AWSLC_VERSION: 1.63.0
   # renovate: datasource=github-tags depName=google/boringssl versioning=semver registryUrl=https://github.com
-  BORINGSSL_VERSION: 0.20251110.0
+  BORINGSSL_VERSION: 0.20251124.0
   # handled in renovate.json
   OPENSSL_VERSION: 3.6.0
   # renovate: datasource=github-tags depName=rustls/rustls-ffi versioning=semver registryUrl=https://github.com

From 9d059e27d1dd7d7baa863a6f7673488c965b3756 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Thu, 27 Nov 2025 01:01:01 +0000
Subject: [PATCH 1041/2408] GHA: update dependency pyspelling to v2.12.1

Closes #19712
---
 .github/scripts/requirements-docs.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/scripts/requirements-docs.txt b/.github/scripts/requirements-docs.txt
index fa26c105d0..6850461de7 100644
--- a/.github/scripts/requirements-docs.txt
+++ b/.github/scripts/requirements-docs.txt
@@ -2,4 +2,4 @@
 #
 # SPDX-License-Identifier: curl
 
-pyspelling==2.12
+pyspelling==2.12.1

From 48939a4575d5db6e875add0ccae93242f56fe581 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Fri, 28 Nov 2025 01:23:57 +0100
Subject: [PATCH 1042/2408] GHA/linux-old: add support for using custom CMake
 versions

Install CMake from the Kitware GitHub release archive. To allow choosing
its version independently from the OS.

Switch to 3.7.0 (from 3.7.2) to test the earliest supported version.
Also tested OK with 3.18.4 and 3.7.2.

The download and install step takes 1-2 seconds.

Follow-up to c9e50e9e393508c6a28c695abcf62980b3c1b023 #19737

Closes #19738
---
 .github/workflows/linux-old.yml | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/linux-old.yml b/.github/workflows/linux-old.yml
index 59da60987c..e282b1c471 100644
--- a/.github/workflows/linux-old.yml
+++ b/.github/workflows/linux-old.yml
@@ -60,6 +60,8 @@ jobs:
     runs-on: 'ubuntu-latest'
     container: 'debian:stretch'
 
+    env:
+      CMAKE_VERSION: '3.7.0'  # Earliest version supported by curl
     steps:
       - name: 'install prereqs'
         # Remember, this shell is dash, not bash
@@ -72,7 +74,7 @@ jobs:
           dpkg -i freexian-archive-keyring_2022.06.08_all.deb
           echo 'deb http://deb.freexian.com/extended-lts stretch-lts main contrib non-free' | tee /etc/apt/sources.list.d/extended-lts.list
           apt-get -o Dpkg::Use-Pty=0 update
-          apt-get -o Dpkg::Use-Pty=0 install -y --no-install-suggests --no-install-recommends cmake make automake autoconf libtool gcc pkg-config libpsl-dev libzstd-dev zlib1g-dev libc-ares-dev libkrb5-dev libldap2-dev librtmp-dev stunnel4
+          apt-get -o Dpkg::Use-Pty=0 install -y --no-install-suggests --no-install-recommends make automake autoconf libtool gcc pkg-config libpsl-dev libzstd-dev zlib1g-dev libc-ares-dev libkrb5-dev libldap2-dev librtmp-dev stunnel4
           # GitHub's actions/checkout needs newer glibc and libstdc++. The latter also depends on
           # gcc-8-base, but it does not actually seem used in our situation and is not available in
           # the main repo, so force the install.
@@ -80,6 +82,15 @@ jobs:
           httrack --get https://deb.freexian.com/extended-lts/pool/main/g/gcc-8/libstdc++6_8.3.0-6_amd64.deb
           dpkg -i --force-depends libc6_*_amd64.deb libstdc++6_*_amd64.deb
 
+      - name: 'install prereqs (cmake)'
+        run: |
+          cd ~
+          fn="cmake-${CMAKE_VERSION}-linux-x86_64"
+          httrack --get "https://github.com/Kitware/CMake/releases/download/v${CMAKE_VERSION}/${fn}.tar.gz"
+          tar -xf "${fn}".tar*.gz
+          rm -f "${fn}".tar*.gz
+          mv "cmake-${CMAKE_VERSION}-Linux-x86_64" cmake
+
       - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
@@ -88,7 +99,7 @@ jobs:
         run: |
           mkdir bld-1
           cd bld-1
-          cmake .. -DCMAKE_UNITY_BUILD=ON -DCURL_WERROR=ON -DBUILD_SHARED_LIBS=ON \
+          "$HOME"/cmake/bin/cmake .. -DCMAKE_UNITY_BUILD=ON -DCURL_WERROR=ON -DBUILD_SHARED_LIBS=ON \
             -DCURL_ENABLE_SSL=OFF -DENABLE_ARES=OFF -DCURL_ZSTD=OFF -DCURL_USE_GSSAPI=OFF -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=OFF -DUSE_LIBRTMP=ON
 
       - name: 'CM build-only build'
@@ -112,7 +123,7 @@ jobs:
         run: |
           mkdir bld-cares
           cd bld-cares
-          cmake .. -DCMAKE_UNITY_BUILD=ON -DCURL_WERROR=ON -DBUILD_SHARED_LIBS=ON \
+          "$HOME"/cmake/bin/cmake .. -DCMAKE_UNITY_BUILD=ON -DCURL_WERROR=ON -DBUILD_SHARED_LIBS=ON \
             -DCURL_ENABLE_SSL=OFF -DENABLE_ARES=ON -DCURL_USE_GSSAPI=ON -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=OFF -DUSE_LIBRTMP=ON \
             -DCURL_LIBCURL_VERSIONED_SYMBOLS=ON
 

From bfc3d131b6b5be7b7219dc016ff600f58e279c6c Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Fri, 28 Nov 2025 09:43:27 +0100
Subject: [PATCH 1043/2408] http: add asserts for null terminator for input
 strings

http_rw_hd() assumes the null terminator is present. These asserts make
sure this remains true.

Closes #19741
---
 lib/http.c     | 2 ++
 lib/transfer.c | 1 +
 2 files changed, 3 insertions(+)

diff --git a/lib/http.c b/lib/http.c
index 672183db0e..8223c6f0e2 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -4142,6 +4142,7 @@ static CURLcode http_rw_hd(struct Curl_easy *data,
   CURLcode result = CURLE_OK;
   struct SingleRequest *k = &data->req;
   int writetype;
+  DEBUGASSERT(!hd[hdlen]); /* null terminated */
 
   *pconsumed = 0;
   if((0x0a == *hd) || (0x0d == *hd)) {
@@ -4426,6 +4427,7 @@ CURLcode Curl_http_write_resp_hd(struct Curl_easy *data,
   CURLcode result;
   size_t consumed;
   char tmp = 0;
+  DEBUGASSERT(!hd[hdlen]); /* null terminated */
 
   result = http_rw_hd(data, hd, hdlen, &tmp, 0, &consumed);
   if(!result && is_eos) {
diff --git a/lib/transfer.c b/lib/transfer.c
index f2df2cef8c..f0ce3c5012 100644
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -820,6 +820,7 @@ CURLcode Curl_xfer_write_resp_hd(struct Curl_easy *data,
                                  const char *hd0, size_t hdlen, bool is_eos)
 {
   if(data->conn->handler->write_resp_hd) {
+    DEBUGASSERT(!hd0[hdlen]); /* null terminated */
     /* protocol handlers offering this function take full responsibility
      * for writing all received download data to the client. */
     return data->conn->handler->write_resp_hd(data, hd0, hdlen, is_eos);

From 193cb00ce9b47e75d42157c650cc3de3fd96d35d Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 8 Oct 2025 02:33:19 +0200
Subject: [PATCH 1044/2408] build: stop overriding standard memory allocation
 functions

Before this patch curl used the C preprocessor to override standard
memory allocation symbols: malloc, calloc, strdup, realloc, free.
The goal of these is to replace them with curl's debug wrappers in
`CURLDEBUG` builds, another was to replace them with the wrappers
calling user-defined allocators in libcurl. This solution needed a bunch
of workarounds to avoid breaking external headers: it relied on include
order to do the overriding last. For "unity" builds it needed to reset
overrides before external includes. Also in test apps, which are always
built as single source files. It also needed the `(symbol)` trick
to avoid overrides in some places. This would still not fix cases where
the standard symbols were macros. It was also fragile and difficult
to figure out which was the actual function behind an alloc or free call
in a specific piece of code. This in turn caused bugs where the wrong
allocator was accidentally called.

To avoid these problems, this patch replaces this solution with
`curlx_`-prefixed allocator macros, and mapping them _once_ to either
the libcurl wrappers, the debug wrappers or the standard ones, matching
the rest of the code in libtests.

This concludes the long journey to avoid redefining standard functions
in the curl codebase.

Note: I did not update `packages/OS400/*.c` sources. They did not
`#include` `curl_setup.h`, `curl_memory.h` or `memdebug.h`, meaning
the overrides were never applied to them. This may or may not have been
correct. For now I suppressed the direct use of standard allocators
via a local `.checksrc`. Probably they (except for `curlcl.c`) should be
updated to include `curl_setup.h` and use the `curlx_` macros.

This patch changes mappings in two places:
- `lib/curl_threads.c` in libtests: Before this patch it mapped to
  libcurl allocators. After, it maps to standard allocators, like
  the rest of libtests code.
- `units`: before this patch it mapped to standard allocators. After, it
  maps to libcurl allocators.

Also:
- drop all position-dependent `curl_memory.h` and `memdebug.h` includes,
  and delete the now unnecessary headers.
- rename `Curl_tcsdup` macro to `curlx_tcsdup` and define like the other
  allocators.
- map `curlx_strdup()` to `_strdup()` on Windows (was: `strdup()`).
  To fix warnings silenced via `_CRT_NONSTDC_NO_DEPRECATE`.
- multibyte: map `curlx_convert_*()` to `_strdup()` on Windows
  (was: `strdup()`).
- src: do not reuse the `strdup` name for the local replacement.
- lib509: call `_strdup()` on Windows (was: `strdup()`).
- test1132: delete test obsoleted by this patch.
- CHECKSRC.md: update text for `SNPRINTF`.
- checksrc: ban standard allocator symbols.

Follow-up to b12da22db1f11da51082977dc21a7edee7858911 #18866
Follow-up to db98daab05aec251bcb6615d2d38dfebec291736 #18844
Follow-up to 4deea9396bc7dd25c6362fa746a57bf309c74ada #18814
Follow-up to 9678ff5b1bfea1c847aee4f9edf023e8f01c9293 #18776
Follow-up to 10bac43b873fe45869e15b36aac1c1e5bc89b6e0 #18774
Follow-up to 20142f5d06f7120ba94cbcc25c998e8d81aec85b #18634
Follow-up to bf7375ecc50e857760b0d0a668c436e208a400bd #18503
Follow-up to 9863599d69b79d290928a89bf9160f4e4e023d4e #18502
Follow-up to 3bb5e58c105d7be450b667858d1b8e7ae3ded555 #17827

Closes #19626
---
 docs/examples/.checksrc                |   5 +
 docs/internals/CHECKSRC.md             |   2 +-
 docs/internals/CODE_STYLE.md           |   5 +
 lib/Makefile.inc                       |   3 -
 lib/altsvc.c                           |  24 ++--
 lib/amigaos.c                          |   8 +-
 lib/asyn-ares.c                        |   8 +-
 lib/asyn-base.c                        |   3 -
 lib/asyn-thrdd.c                       |  20 ++--
 lib/bufq.c                             |  14 +--
 lib/bufref.c                           |   3 -
 lib/cf-h1-proxy.c                      |  12 +-
 lib/cf-h2-proxy.c                      |  10 +-
 lib/cf-haproxy.c                       |   8 +-
 lib/cf-https-connect.c                 |   8 +-
 lib/cf-ip-happy.c                      |  12 +-
 lib/cf-socket.c                        |  16 +--
 lib/cfilters.c                         |   8 +-
 lib/conncache.c                        |   8 +-
 lib/connect.c                          |   8 +-
 lib/content_encoding.c                 |  10 +-
 lib/cookie.c                           |  54 +++++----
 lib/cshutdn.c                          |   4 -
 lib/curl_addrinfo.c                    |  17 ++-
 lib/curl_fnmatch.c                     |   4 -
 lib/curl_fopen.c                       |   8 +-
 lib/curl_get_line.c                    |   3 -
 lib/curl_gssapi.c                      |  24 ++--
 lib/curl_mem_undef.h                   |  37 -------
 lib/curl_memory.h                      |  89 ---------------
 lib/curl_memrchr.c                     |   4 -
 lib/curl_ntlm_core.c                   |  16 +--
 lib/curl_rtmp.c                        |   4 -
 lib/curl_sasl.c                        |   4 -
 lib/curl_setup.h                       |  54 ++++++++-
 lib/curl_share.c                       |  10 +-
 lib/curl_sspi.c                        |  10 +-
 lib/curl_threads.c                     |  17 ++-
 lib/curl_trc.c                         |   4 -
 lib/curlx/base64.c                     |  12 +-
 lib/curlx/dynbuf.c                     |   8 +-
 lib/curlx/fopen.c                      |  59 ++++++----
 lib/curlx/multibyte.c                  |  19 ++--
 lib/curlx/multibyte.h                  |  18 +--
 lib/curlx/strerr.c                     |   3 -
 lib/curlx/version_win32.c              |   4 -
 lib/cw-out.c                           |   8 +-
 lib/cw-pause.c                         |   8 +-
 lib/dict.c                             |  11 +-
 lib/dllmain.c                          |   4 -
 lib/doh.c                              |  18 ++-
 lib/dynhds.c                           |  14 +--
 lib/easy.c                             |  24 ++--
 lib/escape.c                           |  10 +-
 lib/fake_addrinfo.c                    |   8 +-
 lib/file.c                             |  10 +-
 lib/fileinfo.c                         |   7 +-
 lib/formdata.c                         |  44 ++++----
 lib/ftp.c                              |  68 ++++++------
 lib/ftplistparser.c                    |  14 +--
 lib/getenv.c                           |  11 +-
 lib/getinfo.c                          |  10 +-
 lib/gopher.c                           |  12 +-
 lib/hash.c                             |  10 +-
 lib/headers.c                          |  10 +-
 lib/hmac.c                             |  10 +-
 lib/hostip.c                           |  22 ++--
 lib/hostip4.c                          |  14 +--
 lib/hostip6.c                          |   4 -
 lib/hsts.c                             |  24 ++--
 lib/http.c                             | 106 +++++++++---------
 lib/http1.c                            |   4 -
 lib/http2.c                            |  30 +++--
 lib/http_aws_sigv4.c                   |  30 +++--
 lib/http_chunks.c                      |   4 -
 lib/http_digest.c                      |  10 +-
 lib/http_negotiate.c                   |  10 +-
 lib/http_ntlm.c                        |  12 +-
 lib/http_proxy.c                       |  12 +-
 lib/httpsrr.c                          |  14 +--
 lib/idn.c                              |  18 ++-
 lib/if2ip.c                            |   4 -
 lib/imap.c                             |  42 ++++---
 lib/ldap.c                             |  38 +++----
 lib/llist.c                            |   4 -
 lib/md4.c                              |   4 -
 lib/md5.c                              |  18 ++-
 lib/memdebug.c                         |   4 -
 lib/memdebug.h                         |  56 ----------
 lib/mime.c                             |  34 +++---
 lib/mprintf.c                          |   6 +-
 lib/mqtt.c                             |  28 ++---
 lib/multi.c                            |  34 +++---
 lib/multi_ev.c                         |  10 +-
 lib/multi_ntfy.c                       |   9 +-
 lib/netrc.c                            |  28 ++---
 lib/openldap.c                         |  16 +--
 lib/pingpong.c                         |   4 -
 lib/pop3.c                             |  12 +-
 lib/psl.c                              |   4 -
 lib/rand.c                             |   4 -
 lib/rename.c                           |   4 -
 lib/request.c                          |   4 -
 lib/rtsp.c                             |  20 ++--
 lib/select.c                           |  30 +++--
 lib/sendf.c                            |  20 ++--
 lib/setopt.c                           |  26 ++---
 lib/sha256.c                           |   4 -
 lib/slist.c                            |  12 +-
 lib/smb.c                              |  25 ++---
 lib/smtp.c                             |  32 +++---
 lib/socketpair.c                       |   4 -
 lib/socks.c                            |   8 +-
 lib/socks_gssapi.c                     |  12 +-
 lib/socks_sspi.c                       |  32 +++---
 lib/strdup.c                           |  16 +--
 lib/strerror.c                         |   4 -
 lib/system_win32.c                     |   9 +-
 lib/telnet.c                           |   8 +-
 lib/tftp.c                             |  16 +--
 lib/transfer.c                         |  14 +--
 lib/uint-bset.c                        |  10 +-
 lib/uint-hash.c                        |  10 +-
 lib/uint-spbset.c                      |   8 +-
 lib/uint-table.c                       |  10 +-
 lib/url.c                              | 146 ++++++++++++-------------
 lib/urlapi.c                           |  86 +++++++--------
 lib/vauth/cleartext.c                  |   4 -
 lib/vauth/cram.c                       |   4 -
 lib/vauth/digest.c                     |  74 ++++++-------
 lib/vauth/digest_sspi.c                |  52 ++++-----
 lib/vauth/gsasl.c                      |   4 -
 lib/vauth/krb5_gssapi.c                |  14 +--
 lib/vauth/krb5_sspi.c                  |  28 ++---
 lib/vauth/ntlm.c                       |   8 +-
 lib/vauth/ntlm_sspi.c                  |  14 +--
 lib/vauth/oauth2.c                     |   4 -
 lib/vauth/spnego_gssapi.c              |   8 +-
 lib/vauth/spnego_sspi.c                |  18 ++-
 lib/vauth/vauth.c                      |  24 ++--
 lib/vquic/curl_ngtcp2.c                |  16 +--
 lib/vquic/curl_osslq.c                 |  29 +++--
 lib/vquic/curl_quiche.c                |  16 +--
 lib/vquic/vquic-tls.c                  |   4 -
 lib/vquic/vquic.c                      |   6 +-
 lib/vssh/libssh.c                      |  28 +++--
 lib/vssh/libssh2.c                     |  48 ++++----
 lib/vssh/vssh.c                        |  12 +-
 lib/vtls/apple.c                       |  10 +-
 lib/vtls/gtls.c                        |  25 ++---
 lib/vtls/hostcheck.c                   |   4 -
 lib/vtls/keylog.c                      |   4 -
 lib/vtls/mbedtls.c                     |  28 ++---
 lib/vtls/mbedtls_threadlock.c          |   4 -
 lib/vtls/openssl.c                     |  36 +++---
 lib/vtls/rustls.c                      |  10 +-
 lib/vtls/schannel.c                    |  63 +++++------
 lib/vtls/schannel_verify.c             |   8 +-
 lib/vtls/vtls.c                        |  38 +++----
 lib/vtls/vtls_scache.c                 |  45 ++++----
 lib/vtls/vtls_spack.c                  |   6 +-
 lib/vtls/wolfssl.c                     |  24 ++--
 lib/vtls/x509asn1.c                    |   6 +-
 lib/ws.c                               |  12 +-
 packages/Makefile.am                   |   1 +
 packages/OS400/.checksrc               |   9 ++
 scripts/checksrc.pl                    |   5 +
 src/mkhelp.pl                          |  15 ++-
 src/slist_wc.c                         |   7 +-
 src/terminal.c                         |   1 -
 src/tool_bname.c                       |   2 -
 src/tool_cb_dbg.c                      |   2 -
 src/tool_cb_hdr.c                      |  10 +-
 src/tool_cb_prg.c                      |   2 -
 src/tool_cb_rea.c                      |   2 -
 src/tool_cb_see.c                      |   2 -
 src/tool_cb_wrt.c                      |   6 +-
 src/tool_cfgable.c                     |  11 +-
 src/tool_cfgable.h                     |   2 +-
 src/tool_dirhie.c                      |   2 -
 src/tool_doswin.c                      |  29 +++--
 src/tool_easysrc.c                     |   2 -
 src/tool_findfile.c                    |   4 +-
 src/tool_formparse.c                   |  20 ++--
 src/tool_getparam.c                    |  42 ++++---
 src/tool_getpass.c                     |   2 -
 src/tool_help.c                        |   6 +-
 src/tool_helpers.c                     |   1 -
 src/tool_ipfs.c                        |  11 +-
 src/tool_libinfo.c                     |   1 -
 src/tool_libinfo.h                     |   1 -
 src/tool_main.c                        |   9 +-
 src/tool_msgs.c                        |   2 -
 src/tool_operate.c                     |  46 ++++----
 src/tool_operhlp.c                     |   9 +-
 src/tool_paramhlp.c                    |  12 +-
 src/tool_parsecfg.c                    |   7 +-
 src/tool_setopt.c                      |  17 ++-
 src/tool_setup.h                       |   2 +
 src/tool_ssls.c                        |   8 +-
 src/tool_ssls.h                        |   1 -
 src/tool_stderr.c                      |   2 -
 src/tool_strdup.c                      |   7 +-
 src/tool_strdup.h                      |   2 +-
 src/tool_urlglob.c                     |  20 ++--
 src/tool_util.c                        |   1 -
 src/tool_vms.c                         |   1 -
 src/tool_writeout.c                    |   1 -
 src/tool_xattr.c                       |   2 -
 src/var.c                              |  15 ++-
 tests/Makefile.am                      |   1 -
 tests/data/Makefile.am                 |   2 +-
 tests/data/test1132                    |  21 ----
 tests/libtest/cli_h2_pausing.c         |   1 -
 tests/libtest/cli_h2_serverpush.c      |   1 -
 tests/libtest/cli_h2_upgrade_extreme.c |   1 -
 tests/libtest/cli_hx_download.c        |  14 +--
 tests/libtest/cli_hx_upload.c          |   5 +-
 tests/libtest/cli_tls_session_reuse.c  |   1 -
 tests/libtest/cli_upload_pausing.c     |   1 -
 tests/libtest/cli_ws_data.c            |  17 ++-
 tests/libtest/cli_ws_pingpong.c        |   1 -
 tests/libtest/first.c                  |   2 -
 tests/libtest/lib1156.c                |   2 -
 tests/libtest/lib1485.c                |   2 -
 tests/libtest/lib1500.c                |   2 -
 tests/libtest/lib1501.c                |   2 -
 tests/libtest/lib1502.c                |   2 -
 tests/libtest/lib1506.c                |   2 -
 tests/libtest/lib1507.c                |   2 -
 tests/libtest/lib1508.c                |   2 -
 tests/libtest/lib1509.c                |   2 -
 tests/libtest/lib1510.c                |   2 -
 tests/libtest/lib1511.c                |   2 -
 tests/libtest/lib1512.c                |   2 -
 tests/libtest/lib1513.c                |   2 -
 tests/libtest/lib1514.c                |   2 -
 tests/libtest/lib1515.c                |   1 -
 tests/libtest/lib1517.c                |   2 -
 tests/libtest/lib1518.c                |   2 -
 tests/libtest/lib1520.c                |   2 -
 tests/libtest/lib1522.c                |   1 -
 tests/libtest/lib1523.c                |   2 -
 tests/libtest/lib1525.c                |   2 -
 tests/libtest/lib1526.c                |   2 -
 tests/libtest/lib1527.c                |   2 -
 tests/libtest/lib1528.c                |   2 -
 tests/libtest/lib1529.c                |   2 -
 tests/libtest/lib1530.c                |   2 -
 tests/libtest/lib1531.c                |   2 -
 tests/libtest/lib1532.c                |   2 -
 tests/libtest/lib1533.c                |   2 -
 tests/libtest/lib1534.c                |   2 -
 tests/libtest/lib1535.c                |   2 -
 tests/libtest/lib1536.c                |   2 -
 tests/libtest/lib1537.c                |   2 -
 tests/libtest/lib1538.c                |   2 -
 tests/libtest/lib1540.c                |   1 -
 tests/libtest/lib1541.c                |   2 -
 tests/libtest/lib1542.c                |   1 -
 tests/libtest/lib1549.c                |   1 -
 tests/libtest/lib1550.c                |   2 -
 tests/libtest/lib1551.c                |   2 -
 tests/libtest/lib1552.c                |   2 -
 tests/libtest/lib1553.c                |   1 -
 tests/libtest/lib1554.c                |   2 -
 tests/libtest/lib1555.c                |   2 -
 tests/libtest/lib1556.c                |   2 -
 tests/libtest/lib1557.c                |   2 -
 tests/libtest/lib1558.c                |   2 -
 tests/libtest/lib1559.c                |   6 +-
 tests/libtest/lib1560.c                |   2 -
 tests/libtest/lib1564.c                |   2 -
 tests/libtest/lib1565.c                |   2 -
 tests/libtest/lib1567.c                |   2 -
 tests/libtest/lib1568.c                |   2 -
 tests/libtest/lib1569.c                |   2 -
 tests/libtest/lib1571.c                |   2 -
 tests/libtest/lib1576.c                |   2 -
 tests/libtest/lib1582.c                |   2 -
 tests/libtest/lib1591.c                |   2 -
 tests/libtest/lib1593.c                |   2 -
 tests/libtest/lib1594.c                |   2 -
 tests/libtest/lib1597.c                |   2 -
 tests/libtest/lib1598.c                |   2 -
 tests/libtest/lib1900.c                |   2 -
 tests/libtest/lib1901.c                |   2 -
 tests/libtest/lib1902.c                |   2 -
 tests/libtest/lib1903.c                |   2 -
 tests/libtest/lib1905.c                |   2 -
 tests/libtest/lib1906.c                |   2 -
 tests/libtest/lib1907.c                |   2 -
 tests/libtest/lib1908.c                |   2 -
 tests/libtest/lib1910.c                |   2 -
 tests/libtest/lib1911.c                |   2 -
 tests/libtest/lib1912.c                |   2 -
 tests/libtest/lib1913.c                |   2 -
 tests/libtest/lib1915.c                |   1 -
 tests/libtest/lib1916.c                |   2 -
 tests/libtest/lib1918.c                |   2 -
 tests/libtest/lib1919.c                |   2 -
 tests/libtest/lib1933.c                |   2 -
 tests/libtest/lib1934.c                |   2 -
 tests/libtest/lib1935.c                |   2 -
 tests/libtest/lib1936.c                |   2 -
 tests/libtest/lib1937.c                |   2 -
 tests/libtest/lib1938.c                |   2 -
 tests/libtest/lib1939.c                |   2 -
 tests/libtest/lib1940.c                |   2 -
 tests/libtest/lib1945.c                |   2 -
 tests/libtest/lib1947.c                |   2 -
 tests/libtest/lib1955.c                |   2 -
 tests/libtest/lib1956.c                |   2 -
 tests/libtest/lib1957.c                |   2 -
 tests/libtest/lib1958.c                |   2 -
 tests/libtest/lib1959.c                |   2 -
 tests/libtest/lib1960.c                |   2 -
 tests/libtest/lib1964.c                |   2 -
 tests/libtest/lib1970.c                |   2 -
 tests/libtest/lib1971.c                |   2 -
 tests/libtest/lib1972.c                |   2 -
 tests/libtest/lib1973.c                |   2 -
 tests/libtest/lib1974.c                |   2 -
 tests/libtest/lib1975.c                |   2 -
 tests/libtest/lib1977.c                |   2 -
 tests/libtest/lib1978.c                |   2 -
 tests/libtest/lib2023.c                |   6 +-
 tests/libtest/lib2032.c                |   8 +-
 tests/libtest/lib2302.c                |   4 +-
 tests/libtest/lib2402.c                |   2 -
 tests/libtest/lib2404.c                |   2 -
 tests/libtest/lib2405.c                |   2 -
 tests/libtest/lib2502.c                |   1 -
 tests/libtest/lib2700.c                |   1 -
 tests/libtest/lib3010.c                |   2 -
 tests/libtest/lib3025.c                |   2 -
 tests/libtest/lib3027.c                |   2 -
 tests/libtest/lib3033.c                |   2 -
 tests/libtest/lib3100.c                |   2 -
 tests/libtest/lib3101.c                |   2 -
 tests/libtest/lib3102.c                |   2 -
 tests/libtest/lib3103.c                |   2 -
 tests/libtest/lib3104.c                |   2 -
 tests/libtest/lib3105.c                |   2 -
 tests/libtest/lib3207.c                |   6 +-
 tests/libtest/lib3208.c                |   2 -
 tests/libtest/lib500.c                 |   1 -
 tests/libtest/lib501.c                 |   2 -
 tests/libtest/lib502.c                 |   2 -
 tests/libtest/lib503.c                 |   2 -
 tests/libtest/lib504.c                 |   2 -
 tests/libtest/lib505.c                 |   2 -
 tests/libtest/lib506.c                 |   1 -
 tests/libtest/lib507.c                 |   2 -
 tests/libtest/lib508.c                 |   2 -
 tests/libtest/lib509.c                 |  29 +++--
 tests/libtest/lib510.c                 |   2 -
 tests/libtest/lib511.c                 |   2 -
 tests/libtest/lib512.c                 |   2 -
 tests/libtest/lib513.c                 |   2 -
 tests/libtest/lib514.c                 |   2 -
 tests/libtest/lib515.c                 |   2 -
 tests/libtest/lib516.c                 |   2 -
 tests/libtest/lib517.c                 |   2 -
 tests/libtest/lib518.c                 |  35 +++---
 tests/libtest/lib519.c                 |   2 -
 tests/libtest/lib520.c                 |   2 -
 tests/libtest/lib521.c                 |   2 -
 tests/libtest/lib523.c                 |   2 -
 tests/libtest/lib524.c                 |   2 -
 tests/libtest/lib525.c                 |   2 -
 tests/libtest/lib526.c                 |   2 -
 tests/libtest/lib530.c                 |  14 +--
 tests/libtest/lib533.c                 |   2 -
 tests/libtest/lib536.c                 |   2 -
 tests/libtest/lib537.c                 |  36 +++---
 tests/libtest/lib539.c                 |   2 -
 tests/libtest/lib540.c                 |   2 -
 tests/libtest/lib541.c                 |   2 -
 tests/libtest/lib542.c                 |   2 -
 tests/libtest/lib543.c                 |   2 -
 tests/libtest/lib544.c                 |   2 -
 tests/libtest/lib547.c                 |   2 -
 tests/libtest/lib549.c                 |   2 -
 tests/libtest/lib552.c                 |   1 -
 tests/libtest/lib553.c                 |   2 -
 tests/libtest/lib554.c                 |   2 -
 tests/libtest/lib555.c                 |   2 -
 tests/libtest/lib556.c                 |   2 -
 tests/libtest/lib557.c                 |   2 -
 tests/libtest/lib558.c                 |   4 +-
 tests/libtest/lib559.c                 |   2 -
 tests/libtest/lib560.c                 |   2 -
 tests/libtest/lib562.c                 |   2 -
 tests/libtest/lib564.c                 |   1 -
 tests/libtest/lib566.c                 |   2 -
 tests/libtest/lib567.c                 |   2 -
 tests/libtest/lib568.c                 |   1 -
 tests/libtest/lib569.c                 |   1 -
 tests/libtest/lib570.c                 |   1 -
 tests/libtest/lib571.c                 |   1 -
 tests/libtest/lib572.c                 |   1 -
 tests/libtest/lib573.c                 |   1 -
 tests/libtest/lib574.c                 |   2 -
 tests/libtest/lib575.c                 |   2 -
 tests/libtest/lib576.c                 |   2 -
 tests/libtest/lib578.c                 |   2 -
 tests/libtest/lib579.c                 |   2 -
 tests/libtest/lib582.c                 |   8 +-
 tests/libtest/lib583.c                 |   2 -
 tests/libtest/lib586.c                 |   2 -
 tests/libtest/lib589.c                 |   2 -
 tests/libtest/lib590.c                 |   2 -
 tests/libtest/lib591.c                 |   2 -
 tests/libtest/lib597.c                 |   2 -
 tests/libtest/lib598.c                 |   2 -
 tests/libtest/lib599.c                 |   2 -
 tests/libtest/lib643.c                 |   2 -
 tests/libtest/lib650.c                 |   2 -
 tests/libtest/lib651.c                 |   2 -
 tests/libtest/lib652.c                 |   2 -
 tests/libtest/lib653.c                 |   2 -
 tests/libtest/lib654.c                 |   2 -
 tests/libtest/lib655.c                 |   2 -
 tests/libtest/lib658.c                 |   2 -
 tests/libtest/lib659.c                 |   2 -
 tests/libtest/lib661.c                 |   2 -
 tests/libtest/lib666.c                 |   2 -
 tests/libtest/lib667.c                 |   2 -
 tests/libtest/lib668.c                 |   2 -
 tests/libtest/lib670.c                 |   2 -
 tests/libtest/lib674.c                 |   2 -
 tests/libtest/lib676.c                 |   2 -
 tests/libtest/lib677.c                 |   2 -
 tests/libtest/lib678.c                 |   8 +-
 tests/libtest/lib694.c                 |   2 -
 tests/libtest/lib695.c                 |   2 -
 tests/libtest/lib751.c                 |   2 -
 tests/libtest/lib753.c                 |   1 -
 tests/libtest/lib757.c                 |   2 -
 tests/libtest/lib758.c                 |  12 +-
 tests/libtest/lib766.c                 |   2 -
 tests/libtest/memptr.c                 |   2 -
 tests/libtest/mk-lib1521.pl            |   1 -
 tests/libtest/testtrace.c              |   2 -
 tests/libtest/testutil.c               |   2 -
 tests/server/.checksrc                 |   5 +
 tests/test1132.pl                      |  98 -----------------
 tests/tunit/tool1394.c                 |   6 +-
 tests/tunit/tool1604.c                 |  16 ++-
 tests/tunit/tool1621.c                 |   2 -
 tests/unit/unit1302.c                  |   1 -
 tests/unit/unit1303.c                  |   1 -
 tests/unit/unit1304.c                  |  13 +--
 tests/unit/unit1305.c                  |  13 +--
 tests/unit/unit1330.c                  |   4 +-
 tests/unit/unit1395.c                  |   3 +-
 tests/unit/unit1602.c                  |  12 +-
 tests/unit/unit1603.c                  |   2 -
 tests/unit/unit1607.c                  |   4 +-
 tests/unit/unit1609.c                  |   4 +-
 tests/unit/unit1616.c                  |  12 +-
 tests/unit/unit1620.c                  |   8 +-
 tests/unit/unit1653.c                  |  28 ++---
 tests/unit/unit1661.c                  |   5 +-
 tests/unit/unit1663.c                  |   8 +-
 tests/unit/unit1664.c                  |   2 -
 tests/unit/unit2600.c                  |   9 +-
 tests/unit/unit2604.c                  |   5 +-
 tests/unit/unit2605.c                  |   1 -
 tests/unit/unit3200.c                  |   1 -
 471 files changed, 1456 insertions(+), 2785 deletions(-)
 delete mode 100644 lib/curl_mem_undef.h
 delete mode 100644 lib/curl_memory.h
 delete mode 100644 lib/memdebug.h
 create mode 100644 packages/OS400/.checksrc
 delete mode 100644 tests/data/test1132
 delete mode 100755 tests/test1132.pl

diff --git a/docs/examples/.checksrc b/docs/examples/.checksrc
index c47627467f..8c7b0c901e 100644
--- a/docs/examples/.checksrc
+++ b/docs/examples/.checksrc
@@ -4,17 +4,22 @@
 
 allowfunc atoi
 allowfunc atol
+allowfunc calloc
 allowfunc fclose
 allowfunc fdopen
 allowfunc fopen
 allowfunc fprintf
+allowfunc free
 allowfunc gmtime
 allowfunc localtime
+allowfunc malloc
 allowfunc open
 allowfunc printf
+allowfunc realloc
 allowfunc snprintf
 allowfunc socket
 allowfunc sscanf
+allowfunc strdup
 allowfunc strerror
 allowfunc vsnprintf
 
diff --git a/docs/internals/CHECKSRC.md b/docs/internals/CHECKSRC.md
index 1740b2bef5..091a4d3107 100644
--- a/docs/internals/CHECKSRC.md
+++ b/docs/internals/CHECKSRC.md
@@ -107,7 +107,7 @@ warnings are:
   `sizeof(int)` style.
 
 - `SNPRINTF` - Found use of `snprintf()`. Since we use an internal replacement
-   with a different return code etc, we prefer `msnprintf()`.
+   with a different return code etc, we prefer `curl_msnprintf()`.
 
 - `SPACEAFTERPAREN`: there was a space after open parenthesis, `( text`.
 
diff --git a/docs/internals/CODE_STYLE.md b/docs/internals/CODE_STYLE.md
index 7d37df4805..43b873be9b 100644
--- a/docs/internals/CODE_STYLE.md
+++ b/docs/internals/CODE_STYLE.md
@@ -352,10 +352,12 @@ This is the full list of functions generally banned.
     aprintf
     atoi
     atol
+    calloc
     fclose
     fdopen
     fopen
     fprintf
+    free
     freeaddrinfo
     freopen
     getaddrinfo
@@ -368,11 +370,13 @@ This is the full list of functions generally banned.
     LoadLibraryExW
     LoadLibraryW
     localtime
+    malloc
     mbstowcs
     msnprintf
     mvsnprintf
     open
     printf
+    realloc
     recv
     send
     snprintf
@@ -382,6 +386,7 @@ This is the full list of functions generally banned.
     sscanf
     stat
     strcat
+    strdup
     strerror
     strncat
     strncpy
diff --git a/lib/Makefile.inc b/lib/Makefile.inc
index 85faa875e0..cdd5587ec8 100644
--- a/lib/Makefile.inc
+++ b/lib/Makefile.inc
@@ -300,8 +300,6 @@ LIB_HFILES =         \
   curl_ldap.h        \
   curl_md4.h         \
   curl_md5.h         \
-  curl_mem_undef.h   \
-  curl_memory.h      \
   curl_memrchr.h     \
   curl_ntlm_core.h   \
   curl_printf.h      \
@@ -353,7 +351,6 @@ LIB_HFILES =         \
   imap.h             \
   llist.h            \
   macos.h            \
-  memdebug.h         \
   mime.h             \
   mqtt.h             \
   multihandle.h      \
diff --git a/lib/altsvc.c b/lib/altsvc.c
index c05dff04e2..84f6c1b445 100644
--- a/lib/altsvc.c
+++ b/lib/altsvc.c
@@ -42,10 +42,6 @@
 #include "curlx/strparse.h"
 #include "connect.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #define MAX_ALTSVC_LINE 4095
 #define MAX_ALTSVC_DATELEN 256
 #define MAX_ALTSVC_HOSTLEN 2048
@@ -71,9 +67,9 @@ const char *Curl_alpnid2str(enum alpnid id)
 
 static void altsvc_free(struct altsvc *as)
 {
-  free(as->src.host);
-  free(as->dst.host);
-  free(as);
+  curlx_free(as->src.host);
+  curlx_free(as->dst.host);
+  curlx_free(as);
 }
 
 static struct altsvc *altsvc_createid(const char *srchost,
@@ -85,7 +81,7 @@ static struct altsvc *altsvc_createid(const char *srchost,
                                       size_t srcport,
                                       size_t dstport)
 {
-  struct altsvc *as = calloc(1, sizeof(struct altsvc));
+  struct altsvc *as = curlx_calloc(1, sizeof(struct altsvc));
   if(!as)
     return NULL;
   DEBUGASSERT(hlen);
@@ -219,8 +215,8 @@ static CURLcode altsvc_load(struct altsvcinfo *asi, const char *file)
 
   /* we need a private copy of the filename so that the altsvc cache file
      name survives an easy handle reset */
-  free(asi->filename);
-  asi->filename = strdup(file);
+  curlx_free(asi->filename);
+  asi->filename = curlx_strdup(file);
   if(!asi->filename)
     return CURLE_OUT_OF_MEMORY;
 
@@ -299,7 +295,7 @@ static CURLcode altsvc_out(struct altsvc *as, FILE *fp)
  */
 struct altsvcinfo *Curl_altsvc_init(void)
 {
-  struct altsvcinfo *asi = calloc(1, sizeof(struct altsvcinfo));
+  struct altsvcinfo *asi = curlx_calloc(1, sizeof(struct altsvcinfo));
   if(!asi)
     return NULL;
   Curl_llist_init(&asi->list, NULL);
@@ -350,8 +346,8 @@ void Curl_altsvc_cleanup(struct altsvcinfo **altsvcp)
       n = Curl_node_next(e);
       altsvc_free(as);
     }
-    free(altsvc->filename);
-    free(altsvc);
+    curlx_free(altsvc->filename);
+    curlx_free(altsvc);
     *altsvcp = NULL; /* clear the pointer */
   }
 }
@@ -399,7 +395,7 @@ CURLcode Curl_altsvc_save(struct Curl_easy *data,
     if(result && tempstore)
       unlink(tempstore);
   }
-  free(tempstore);
+  curlx_free(tempstore);
   return result;
 }
 
diff --git a/lib/amigaos.c b/lib/amigaos.c
index e51236d126..e4b678d541 100644
--- a/lib/amigaos.c
+++ b/lib/amigaos.c
@@ -42,10 +42,6 @@
 #  endif
 #endif
 
-/* The last #include files should be: */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #ifdef HAVE_PROTO_BSDSOCKET_H
 
 #ifdef __amigaos4__
@@ -135,7 +131,7 @@ struct Curl_addrinfo *Curl_ipv4_resolve_r(const char *hostname,
     LONG h_errnop = 0;
     struct hostent *buf;
 
-    buf = calloc(1, CURL_HOSTENT_SIZE);
+    buf = curlx_calloc(1, CURL_HOSTENT_SIZE);
     if(buf) {
       h = gethostbyname_r((STRPTR)hostname, buf,
                           (char *)buf + sizeof(struct hostent),
@@ -144,7 +140,7 @@ struct Curl_addrinfo *Curl_ipv4_resolve_r(const char *hostname,
       if(h) {
         ai = Curl_he2ai(h, port);
       }
-      free(buf);
+      curlx_free(buf);
     }
   }
   else {
diff --git a/lib/asyn-ares.c b/lib/asyn-ares.c
index 1bc0f3247b..e3ba512b77 100644
--- a/lib/asyn-ares.c
+++ b/lib/asyn-ares.c
@@ -104,10 +104,6 @@
 #define HTTPSRR_WORKS
 #endif
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #define CARES_TIMEOUT_PER_ATTEMPT 2000
 
 static int ares_ver = 0;
@@ -633,7 +629,7 @@ async_ares_node2addr(struct ares_addrinfo_node *node)
     if((size_t)ai->ai_addrlen < ss_size)
       continue;
 
-    ca = malloc(sizeof(struct Curl_addrinfo) + ss_size);
+    ca = curlx_malloc(sizeof(struct Curl_addrinfo) + ss_size);
     if(!ca) {
       error = EAI_MEMORY;
       break;
@@ -736,7 +732,7 @@ CURLcode Curl_async_getaddrinfo(struct Curl_easy *data, const char *hostname,
   data->state.async.dns = NULL;     /* clear */
   data->state.async.port = port;
   data->state.async.ip_version = ip_version;
-  data->state.async.hostname = strdup(hostname);
+  data->state.async.hostname = curlx_strdup(hostname);
   if(!data->state.async.hostname)
     return CURLE_OUT_OF_MEMORY;
 #ifdef USE_HTTPSRR
diff --git a/lib/asyn-base.c b/lib/asyn-base.c
index d7e8e7d15b..6338a3fc6e 100644
--- a/lib/asyn-base.c
+++ b/lib/asyn-base.c
@@ -53,9 +53,6 @@
 #include "select.h"
 #include "curl_share.h"
 #include "url.h"
-#include "curl_memory.h"
-/* The last #include file should be: */
-#include "memdebug.h"
 
 /***********************************************************************
  * Only for builds using asynchronous name resolves
diff --git a/lib/asyn-thrdd.c b/lib/asyn-thrdd.c
index 71e31e6d0d..6c2e02fd18 100644
--- a/lib/asyn-thrdd.c
+++ b/lib/asyn-thrdd.c
@@ -72,10 +72,6 @@
 #endif
 #endif
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 
 /*
  * Curl_async_global_init()
@@ -136,7 +132,7 @@ static void addr_ctx_unlink(struct async_thrdd_addr_ctx **paddr_ctx,
 
   if(destroy) {
     Curl_mutex_destroy(&addr_ctx->mutx);
-    free(addr_ctx->hostname);
+    curlx_free(addr_ctx->hostname);
     if(addr_ctx->res)
       Curl_freeaddrinfo(addr_ctx->res);
 #ifndef CURL_DISABLE_SOCKETPAIR
@@ -145,7 +141,7 @@ static void addr_ctx_unlink(struct async_thrdd_addr_ctx **paddr_ctx,
 #endif
     wakeup_close(addr_ctx->sock_pair[0]);
 #endif
-    free(addr_ctx);
+    curlx_free(addr_ctx);
   }
   *paddr_ctx = NULL;
 }
@@ -156,7 +152,7 @@ addr_ctx_create(struct Curl_easy *data,
                 const char *hostname, int port,
                 const struct addrinfo *hints)
 {
-  struct async_thrdd_addr_ctx *addr_ctx = calloc(1, sizeof(*addr_ctx));
+  struct async_thrdd_addr_ctx *addr_ctx = curlx_calloc(1, sizeof(*addr_ctx));
   if(!addr_ctx)
     return NULL;
 
@@ -186,7 +182,7 @@ addr_ctx_create(struct Curl_easy *data,
   /* Copying hostname string because original can be destroyed by parent
    * thread during gethostbyname execution.
    */
-  addr_ctx->hostname = strdup(hostname);
+  addr_ctx->hostname = curlx_strdup(hostname);
   if(!addr_ctx->hostname)
     goto err_exit;
 
@@ -376,7 +372,7 @@ static CURLcode async_rr_start(struct Curl_easy *data, int port)
   status = ares_init_options(&thrdd->rr.channel, NULL, 0);
   if(status != ARES_SUCCESS) {
     thrdd->rr.channel = NULL;
-    free(rrname);
+    curlx_free(rrname);
     return CURLE_FAILED_INIT;
   }
 #ifdef CURLDEBUG
@@ -384,7 +380,7 @@ static CURLcode async_rr_start(struct Curl_easy *data, int port)
     const char *servers = getenv("CURL_DNS_SERVER");
     status = ares_set_servers_ports_csv(thrdd->rr.channel, servers);
     if(status) {
-      free(rrname);
+      curlx_free(rrname);
       return CURLE_FAILED_INIT;
     }
   }
@@ -435,8 +431,8 @@ static bool async_thrdd_init(struct Curl_easy *data,
   data->state.async.done = FALSE;
   data->state.async.port = port;
   data->state.async.ip_version = ip_version;
-  free(data->state.async.hostname);
-  data->state.async.hostname = strdup(hostname);
+  curlx_free(data->state.async.hostname);
+  data->state.async.hostname = curlx_strdup(hostname);
   if(!data->state.async.hostname)
     goto err_exit;
 
diff --git a/lib/bufq.c b/lib/bufq.c
index d38b78c6d5..5a77fc52d4 100644
--- a/lib/bufq.c
+++ b/lib/bufq.c
@@ -25,10 +25,6 @@
 #include "curl_setup.h"
 #include "bufq.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 static bool chunk_is_empty(const struct buf_chunk *chunk)
 {
   return chunk->r_offset >= chunk->w_offset;
@@ -143,7 +139,7 @@ static void chunk_list_free(struct buf_chunk **anchor)
   while(*anchor) {
     chunk = *anchor;
     *anchor = chunk->next;
-    free(chunk);
+    curlx_free(chunk);
   }
 }
 
@@ -178,7 +174,7 @@ static CURLcode bufcp_take(struct bufc_pool *pool,
     return CURLE_OUT_OF_MEMORY;
   }
 
-  chunk = calloc(1, sizeof(*chunk) + pool->chunk_size);
+  chunk = curlx_calloc(1, sizeof(*chunk) + pool->chunk_size);
   if(!chunk) {
     *pchunk = NULL;
     return CURLE_OUT_OF_MEMORY;
@@ -192,7 +188,7 @@ static void bufcp_put(struct bufc_pool *pool,
                       struct buf_chunk *chunk)
 {
   if(pool->spare_count >= pool->spare_max) {
-    free(chunk);
+    curlx_free(chunk);
   }
   else {
     chunk_reset(chunk);
@@ -311,7 +307,7 @@ static struct buf_chunk *get_spare(struct bufq *q)
       return NULL;
     }
 
-    chunk = calloc(1, sizeof(*chunk) + q->chunk_size);
+    chunk = curlx_calloc(1, sizeof(*chunk) + q->chunk_size);
     if(!chunk)
       return NULL;
     chunk->dlen = q->chunk_size;
@@ -338,7 +334,7 @@ static void prune_head(struct bufq *q)
       /* SOFT_LIMIT allowed us more than max. free spares until
        * we are at max again. Or free them if we are configured
        * to not use spares. */
-      free(chunk);
+      curlx_free(chunk);
       --q->chunk_count;
     }
     else {
diff --git a/lib/bufref.c b/lib/bufref.c
index ac0612071d..d5181a5da6 100644
--- a/lib/bufref.c
+++ b/lib/bufref.c
@@ -27,9 +27,6 @@
 #include "bufref.h"
 #include "strdup.h"
 
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #ifdef DEBUGBUILD
 #define SIGNATURE 0x5c48e9b2    /* Random pattern. */
 #endif
diff --git a/lib/cf-h1-proxy.c b/lib/cf-h1-proxy.c
index 417b4df67e..84ba3d6193 100644
--- a/lib/cf-h1-proxy.c
+++ b/lib/cf-h1-proxy.c
@@ -46,10 +46,6 @@
 #include "multiif.h"
 #include "curlx/strparse.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 
 typedef enum {
     H1_TUNNEL_INIT,     /* init/default/no tunnel state */
@@ -116,7 +112,7 @@ static CURLcode tunnel_init(struct Curl_cfilter *cf,
     return CURLE_UNSUPPORTED_PROTOCOL;
   }
 
-  ts = calloc(1, sizeof(*ts));
+  ts = curlx_calloc(1, sizeof(*ts));
   if(!ts)
     return CURLE_OUT_OF_MEMORY;
 
@@ -194,7 +190,7 @@ static void tunnel_free(struct Curl_cfilter *cf,
       curlx_dyn_free(&ts->rcvbuf);
       curlx_dyn_free(&ts->request_data);
       Curl_httpchunk_free(data, &ts->ch);
-      free(ts);
+      curlx_free(ts);
       cf->ctx = NULL;
     }
   }
@@ -215,7 +211,7 @@ static CURLcode start_CONNECT(struct Curl_cfilter *cf,
 
     /* This only happens if we have looped here due to authentication
        reasons, and we do not really use the newly cloned URL here
-       then. Just free() it. */
+       then. Just free it. */
   Curl_safefree(data->req.newurl);
 
   result = Curl_http_proxy_create_CONNECT(&req, cf, data, 1);
@@ -298,7 +294,7 @@ static CURLcode on_resp_header(struct Curl_cfilter *cf,
     CURL_TRC_CF(data, cf, "CONNECT: fwd auth header '%s'", header);
     result = Curl_http_input_auth(data, proxy, auth);
 
-    free(auth);
+    curlx_free(auth);
 
     if(result)
       return result;
diff --git a/lib/cf-h2-proxy.c b/lib/cf-h2-proxy.c
index fca916a2c2..7066db3b4c 100644
--- a/lib/cf-h2-proxy.c
+++ b/lib/cf-h2-proxy.c
@@ -45,10 +45,6 @@
 #include "curlx/warnless.h"
 #include "cf-h2-proxy.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #define PROXY_H2_CHUNK_SIZE  (16*1024)
 
 #define PROXY_HTTP2_HUGE_WINDOW_SIZE (100 * 1024 * 1024)
@@ -209,7 +205,7 @@ static void cf_h2_proxy_ctx_free(struct cf_h2_proxy_ctx *ctx)
 {
   if(ctx) {
     cf_h2_proxy_ctx_clear(ctx);
-    free(ctx);
+    curlx_free(ctx);
   }
 }
 
@@ -919,7 +915,7 @@ static CURLcode proxy_h2_submit(int32_t *pstream_id,
   result = CURLE_OK;
 
 out:
-  free(nva);
+  curlx_free(nva);
   Curl_dynhds_free(&h2_headers);
   *pstream_id = stream_id;
   return result;
@@ -1594,7 +1590,7 @@ CURLcode Curl_cf_h2_proxy_insert_after(struct Curl_cfilter *cf,
   CURLcode result = CURLE_OUT_OF_MEMORY;
 
   (void)data;
-  ctx = calloc(1, sizeof(*ctx));
+  ctx = curlx_calloc(1, sizeof(*ctx));
   if(!ctx)
     goto out;
 
diff --git a/lib/cf-haproxy.c b/lib/cf-haproxy.c
index 8912604504..a1793c0071 100644
--- a/lib/cf-haproxy.c
+++ b/lib/cf-haproxy.c
@@ -34,10 +34,6 @@
 #include "multiif.h"
 #include "select.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 
 typedef enum {
     HAPROXY_INIT,     /* init/default/no tunnel state */
@@ -61,7 +57,7 @@ static void cf_haproxy_ctx_free(struct cf_haproxy_ctx *ctx)
 {
   if(ctx) {
     curlx_dyn_free(&ctx->data_out);
-    free(ctx);
+    curlx_free(ctx);
   }
 }
 
@@ -217,7 +213,7 @@ static CURLcode cf_haproxy_create(struct Curl_cfilter **pcf,
   CURLcode result;
 
   (void)data;
-  ctx = calloc(1, sizeof(*ctx));
+  ctx = curlx_calloc(1, sizeof(*ctx));
   if(!ctx) {
     result = CURLE_OUT_OF_MEMORY;
     goto out;
diff --git a/lib/cf-https-connect.c b/lib/cf-https-connect.c
index 5491d7968d..ad815a0fe7 100644
--- a/lib/cf-https-connect.c
+++ b/lib/cf-https-connect.c
@@ -38,10 +38,6 @@
 #include "select.h"
 #include "vquic/vquic.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 typedef enum {
   CF_HC_INIT,
   CF_HC_CONNECT,
@@ -588,7 +584,7 @@ static CURLcode cf_hc_create(struct Curl_cfilter **pcf,
   CURLcode result = CURLE_OK;
   size_t i;
 
-  ctx = calloc(1, sizeof(*ctx));
+  ctx = curlx_calloc(1, sizeof(*ctx));
   if(!ctx) {
     result = CURLE_OUT_OF_MEMORY;
     goto out;
@@ -618,7 +614,7 @@ static CURLcode cf_hc_create(struct Curl_cfilter **pcf,
 
 out:
   *pcf = result ? NULL : cf;
-  free(ctx);
+  curlx_free(ctx);
   return result;
 }
 
diff --git a/lib/cf-ip-happy.c b/lib/cf-ip-happy.c
index eb62cd4c73..8901db02c2 100644
--- a/lib/cf-ip-happy.c
+++ b/lib/cf-ip-happy.c
@@ -60,10 +60,6 @@
 #include "select.h"
 #include "vquic/vquic.h" /* for quic cfilters */
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 
 struct transport_provider {
   uint8_t transport;
@@ -186,7 +182,7 @@ static void cf_ip_attempt_free(struct cf_ip_attempt *a,
   if(a) {
     if(a->cf)
       Curl_conn_cf_discard_chain(&a->cf, data);
-    free(a);
+    curlx_free(a);
   }
 }
 
@@ -203,7 +199,7 @@ static CURLcode cf_ip_attempt_new(struct cf_ip_attempt **pa,
   CURLcode result = CURLE_OK;
 
   *pa = NULL;
-  a = calloc(1, sizeof(*a));
+  a = curlx_calloc(1, sizeof(*a));
   if(!a)
     return CURLE_OUT_OF_MEMORY;
 
@@ -941,7 +937,7 @@ static CURLcode cf_ip_happy_create(struct Curl_cfilter **pcf,
   (void)data;
   (void)conn;
   *pcf = NULL;
-  ctx = calloc(1, sizeof(*ctx));
+  ctx = curlx_calloc(1, sizeof(*ctx));
   if(!ctx) {
     result = CURLE_OUT_OF_MEMORY;
     goto out;
@@ -954,7 +950,7 @@ static CURLcode cf_ip_happy_create(struct Curl_cfilter **pcf,
 out:
   if(result) {
     Curl_safefree(*pcf);
-    free(ctx);
+    curlx_free(ctx);
   }
   return result;
 }
diff --git a/lib/cf-socket.c b/lib/cf-socket.c
index 6e5333602c..3172aee5b9 100644
--- a/lib/cf-socket.c
+++ b/lib/cf-socket.c
@@ -82,10 +82,6 @@
 #include "curlx/strerr.h"
 #include "curlx/strparse.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 
 #if defined(USE_IPV6) && defined(IPV6_V6ONLY) && defined(_WIN32)
 /* It makes support for IPv4-mapped IPv6 addresses.
@@ -555,7 +551,7 @@ CURLcode Curl_parse_interface(const char *input,
     ++host_part;
     *host = Curl_memdup0(host_part, len - (host_part - input));
     if(!*host) {
-      free(*iface);
+      curlx_free(*iface);
       *iface = NULL;
       return CURLE_OUT_OF_MEMORY;
     }
@@ -1026,7 +1022,7 @@ static void cf_socket_destroy(struct Curl_cfilter *cf, struct Curl_easy *data)
 
   cf_socket_close(cf, data);
   CURL_TRC_CF(data, cf, "destroy");
-  free(ctx);
+  curlx_free(ctx);
   cf->ctx = NULL;
 }
 
@@ -1758,7 +1754,7 @@ CURLcode Curl_cf_tcp_create(struct Curl_cfilter **pcf,
     goto out;
   }
 
-  ctx = calloc(1, sizeof(*ctx));
+  ctx = curlx_calloc(1, sizeof(*ctx));
   if(!ctx) {
     result = CURLE_OUT_OF_MEMORY;
     goto out;
@@ -1920,7 +1916,7 @@ CURLcode Curl_cf_udp_create(struct Curl_cfilter **pcf,
   (void)data;
   (void)conn;
   DEBUGASSERT(transport == TRNSPRT_UDP || transport == TRNSPRT_QUIC);
-  ctx = calloc(1, sizeof(*ctx));
+  ctx = curlx_calloc(1, sizeof(*ctx));
   if(!ctx) {
     result = CURLE_OUT_OF_MEMORY;
     goto out;
@@ -1974,7 +1970,7 @@ CURLcode Curl_cf_unix_create(struct Curl_cfilter **pcf,
   (void)data;
   (void)conn;
   DEBUGASSERT(transport == TRNSPRT_UNIX);
-  ctx = calloc(1, sizeof(*ctx));
+  ctx = curlx_calloc(1, sizeof(*ctx));
   if(!ctx) {
     result = CURLE_OUT_OF_MEMORY;
     goto out;
@@ -2199,7 +2195,7 @@ CURLcode Curl_conn_tcp_listen_set(struct Curl_easy *data,
   Curl_conn_cf_discard_all(data, conn, sockindex);
   DEBUGASSERT(conn->sock[sockindex] == CURL_SOCKET_BAD);
 
-  ctx = calloc(1, sizeof(*ctx));
+  ctx = curlx_calloc(1, sizeof(*ctx));
   if(!ctx) {
     result = CURLE_OUT_OF_MEMORY;
     goto out;
diff --git a/lib/cfilters.c b/lib/cfilters.c
index 7cb10f3928..7d1f0c3d9e 100644
--- a/lib/cfilters.c
+++ b/lib/cfilters.c
@@ -37,10 +37,6 @@
 #include "curlx/warnless.h"
 #include "curlx/strparse.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 static void cf_cntrl_update_info(struct Curl_easy *data,
                                  struct connectdata *conn);
 
@@ -143,7 +139,7 @@ void Curl_conn_cf_discard_chain(struct Curl_cfilter **pcf,
        */
       cf->next = NULL;
       cf->cft->destroy(cf, data);
-      free(cf);
+      curlx_free(cf);
       cf = cfn;
     }
   }
@@ -332,7 +328,7 @@ CURLcode Curl_cf_create(struct Curl_cfilter **pcf,
   CURLcode result = CURLE_OUT_OF_MEMORY;
 
   DEBUGASSERT(cft);
-  cf = calloc(1, sizeof(*cf));
+  cf = curlx_calloc(1, sizeof(*cf));
   if(!cf)
     goto out;
 
diff --git a/lib/conncache.c b/lib/conncache.c
index 9d3b69bec3..7f38a18757 100644
--- a/lib/conncache.c
+++ b/lib/conncache.c
@@ -45,10 +45,6 @@
 #include "curlx/strparse.h"
 #include "uint-table.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 
 #define CPOOL_IS_LOCKED(c)    ((c) && (c)->locked)
 
@@ -92,7 +88,7 @@ static struct cpool_bundle *cpool_bundle_create(const char *dest)
   struct cpool_bundle *bundle;
   size_t dest_len = strlen(dest) + 1;
 
-  bundle = calloc(1, sizeof(*bundle) + dest_len - 1);
+  bundle = curlx_calloc(1, sizeof(*bundle) + dest_len - 1);
   if(!bundle)
     return NULL;
   Curl_llist_init(&bundle->conns, NULL);
@@ -104,7 +100,7 @@ static struct cpool_bundle *cpool_bundle_create(const char *dest)
 static void cpool_bundle_destroy(struct cpool_bundle *bundle)
 {
   DEBUGASSERT(!Curl_llist_count(&bundle->conns));
-  free(bundle);
+  curlx_free(bundle);
 }
 
 /* Add a connection to a bundle */
diff --git a/lib/connect.c b/lib/connect.c
index e29c2f51bc..72a27fae1c 100644
--- a/lib/connect.c
+++ b/lib/connect.c
@@ -76,10 +76,6 @@
 #include "http_proxy.h"
 #include "socks.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #if !defined(CURL_DISABLE_ALTSVC) || defined(USE_HTTPSRR)
 
 enum alpnid Curl_alpn2alpnid(const unsigned char *name, size_t len)
@@ -527,7 +523,7 @@ static CURLcode cf_setup_create(struct Curl_cfilter **pcf,
   CURLcode result = CURLE_OK;
 
   (void)data;
-  ctx = calloc(1, sizeof(*ctx));
+  ctx = curlx_calloc(1, sizeof(*ctx));
   if(!ctx) {
     result = CURLE_OUT_OF_MEMORY;
     goto out;
@@ -544,7 +540,7 @@ static CURLcode cf_setup_create(struct Curl_cfilter **pcf,
 out:
   *pcf = result ? NULL : cf;
   if(ctx) {
-    free(ctx);
+    curlx_free(ctx);
   }
   return result;
 }
diff --git a/lib/content_encoding.c b/lib/content_encoding.c
index f128f7565f..84ed86c1df 100644
--- a/lib/content_encoding.c
+++ b/lib/content_encoding.c
@@ -52,10 +52,6 @@
 #include "http.h"
 #include "content_encoding.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #define CONTENT_ENCODING_DEFAULT  "identity"
 
 #ifndef CURL_DISABLE_HTTP
@@ -95,15 +91,15 @@ static voidpf
 zalloc_cb(voidpf opaque, unsigned int items, unsigned int size)
 {
   (void)opaque;
-  /* not a typo, keep it calloc() */
-  return (voidpf) calloc(items, size);
+  /* not a typo, keep it curlx_calloc() */
+  return (voidpf)curlx_calloc(items, size);
 }
 
 static void
 zfree_cb(voidpf opaque, voidpf ptr)
 {
   (void)opaque;
-  free(ptr);
+  curlx_free(ptr);
 }
 
 static CURLcode
diff --git a/lib/cookie.c b/lib/cookie.c
index 6099c6ea56..250c7390ce 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -42,10 +42,6 @@
 #include "llist.h"
 #include "curlx/strparse.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 static void strstore(char **str, const char *newstr, size_t len);
 
 /* number of seconds in 400 days */
@@ -70,12 +66,12 @@ static void cap_expires(time_t now, struct Cookie *co)
 
 static void freecookie(struct Cookie *co)
 {
-  free(co->domain);
-  free(co->path);
-  free(co->spath);
-  free(co->name);
-  free(co->value);
-  free(co);
+  curlx_free(co->domain);
+  curlx_free(co->path);
+  curlx_free(co->spath);
+  curlx_free(co->name);
+  curlx_free(co->value);
+  curlx_free(co);
 }
 
 static bool cookie_tailmatch(const char *cookie_domain,
@@ -246,7 +242,7 @@ static char *sanitize_cookie_path(const char *cookie_path)
   /* RFC6265 5.2.4 The Path Attribute */
   if(cookie_path[0] != '/')
     /* Let cookie-path be the default-path. */
-    return strdup("/");
+    return curlx_strdup("/");
 
   /* remove trailing slash when path is non-empty */
   /* convert /hoge/ to /hoge */
@@ -268,7 +264,7 @@ static char *sanitize_cookie_path(const char *cookie_path)
 static void strstore(char **str, const char *newstr, size_t len)
 {
   DEBUGASSERT(str);
-  free(*str);
+  curlx_free(*str);
   if(!len) {
     len++;
     newstr = "";
@@ -506,7 +502,7 @@ parse_cookie_header(struct Curl_easy *data,
         strstore(&co->path, curlx_str(&val), curlx_strlen(&val));
         if(!co->path)
           return CURLE_OUT_OF_MEMORY;
-        free(co->spath); /* if this is set again */
+        curlx_free(co->spath); /* if this is set again */
         co->spath = sanitize_cookie_path(co->path);
         if(!co->spath)
           return CURLE_OUT_OF_MEMORY;
@@ -631,7 +627,7 @@ parse_cookie_header(struct Curl_easy *data,
 
   if(!co->domain && domain) {
     /* no domain was given in the header line, set the default */
-    co->domain = strdup(domain);
+    co->domain = curlx_strdup(domain);
     if(!co->domain)
       return CURLE_OUT_OF_MEMORY;
   }
@@ -739,10 +735,10 @@ parse_netscape(struct Cookie *co,
         break;
       }
       /* this does not look like a path, make one up! */
-      co->path = strdup("/");
+      co->path = curlx_strdup("/");
       if(!co->path)
         return CURLE_OUT_OF_MEMORY;
-      co->spath = strdup("/");
+      co->spath = curlx_strdup("/");
       if(!co->spath)
         return CURLE_OUT_OF_MEMORY;
       fields++; /* add a field and fall down to secure */
@@ -781,7 +777,7 @@ parse_netscape(struct Cookie *co,
   }
   if(fields == 6) {
     /* we got a cookie with blank contents, fix it */
-    co->value = strdup("");
+    co->value = curlx_strdup("");
     if(!co->value)
       return CURLE_OUT_OF_MEMORY;
     else
@@ -981,7 +977,7 @@ Curl_cookie_add(struct Curl_easy *data,
     return CURLE_OK; /* silently ignore */
 
   /* First, alloc and init a new struct for it */
-  co = calloc(1, sizeof(struct Cookie));
+  co = curlx_calloc(1, sizeof(struct Cookie));
   if(!co)
     return CURLE_OUT_OF_MEMORY; /* bail out if we are this low on memory */
 
@@ -1081,7 +1077,7 @@ fail:
 struct CookieInfo *Curl_cookie_init(void)
 {
   int i;
-  struct CookieInfo *ci = calloc(1, sizeof(struct CookieInfo));
+  struct CookieInfo *ci = curlx_calloc(1, sizeof(struct CookieInfo));
   if(!ci)
     return NULL;
 
@@ -1343,7 +1339,7 @@ CURLcode Curl_cookie_getlist(struct Curl_easy *data,
     size_t i;
 
     /* alloc an array and store all cookie pointers */
-    array = malloc(sizeof(struct Cookie *) * matches);
+    array = curlx_malloc(sizeof(struct Cookie *) * matches);
     if(!array) {
       result = CURLE_OUT_OF_MEMORY;
       goto fail;
@@ -1363,7 +1359,7 @@ CURLcode Curl_cookie_getlist(struct Curl_easy *data,
     for(i = 0; i < matches; i++)
       Curl_llist_append(list, array[i], &array[i]->getnode);
 
-    free(array); /* remove the temporary data again */
+    curlx_free(array); /* remove the temporary data again */
   }
 
   *okay = TRUE;
@@ -1435,7 +1431,7 @@ void Curl_cookie_cleanup(struct CookieInfo *ci)
 {
   if(ci) {
     Curl_cookie_clearall(ci);
-    free(ci); /* free the base struct as well */
+    curlx_free(ci); /* free the base struct as well */
   }
 }
 
@@ -1518,7 +1514,7 @@ static CURLcode cookie_output(struct Curl_easy *data,
     struct Cookie **array;
     struct Curl_llist_node *n;
 
-    array = calloc(1, sizeof(struct Cookie *) * ci->numcookies);
+    array = curlx_calloc(1, sizeof(struct Cookie *) * ci->numcookies);
     if(!array) {
       error = CURLE_OUT_OF_MEMORY;
       goto error;
@@ -1540,15 +1536,15 @@ static CURLcode cookie_output(struct Curl_easy *data,
     for(i = 0; i < nvalid; i++) {
       char *format_ptr = get_netscape_format(array[i]);
       if(!format_ptr) {
-        free(array);
+        curlx_free(array);
         error = CURLE_OUT_OF_MEMORY;
         goto error;
       }
       curl_mfprintf(out, "%s\n", format_ptr);
-      free(format_ptr);
+      curlx_free(format_ptr);
     }
 
-    free(array);
+    curlx_free(array);
   }
 
   if(!use_stdout) {
@@ -1565,7 +1561,7 @@ static CURLcode cookie_output(struct Curl_easy *data,
    * no need to inspect the error, any error case should have jumped into the
    * error block below.
    */
-  free(tempstore);
+  curlx_free(tempstore);
   return CURLE_OK;
 
 error:
@@ -1573,7 +1569,7 @@ error:
     curlx_fclose(out);
   if(tempstore) {
     unlink(tempstore);
-    free(tempstore);
+    curlx_free(tempstore);
   }
   return error;
 }
@@ -1605,7 +1601,7 @@ static struct curl_slist *cookie_list(struct Curl_easy *data)
       }
       beg = Curl_slist_append_nodup(list, line);
       if(!beg) {
-        free(line);
+        curlx_free(line);
         curl_slist_free_all(list);
         return NULL;
       }
diff --git a/lib/cshutdn.c b/lib/cshutdn.c
index e039d02762..0a4ab41647 100644
--- a/lib/cshutdn.c
+++ b/lib/cshutdn.c
@@ -42,10 +42,6 @@
 #include "select.h"
 #include "curlx/strparse.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 
 static void cshutdn_run_conn_handler(struct Curl_easy *data,
                                      struct connectdata *conn)
diff --git a/lib/curl_addrinfo.c b/lib/curl_addrinfo.c
index cd9b52feba..67c2f4177d 100644
--- a/lib/curl_addrinfo.c
+++ b/lib/curl_addrinfo.c
@@ -54,10 +54,6 @@
 #include "curlx/inet_pton.h"
 #include "curlx/warnless.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 /*
  * Curl_freeaddrinfo()
  *
@@ -83,7 +79,7 @@ Curl_freeaddrinfo(struct Curl_addrinfo *cahead)
 
   for(ca = cahead; ca; ca = canext) {
     canext = ca->ai_next;
-    free(ca);
+    curlx_free(ca);
   }
 }
 
@@ -146,7 +142,7 @@ Curl_getaddrinfo_ex(const char *nodename,
     if((size_t)ai->ai_addrlen < ss_size)
       continue;
 
-    ca = malloc(sizeof(struct Curl_addrinfo) + ss_size + namelen);
+    ca = curlx_malloc(sizeof(struct Curl_addrinfo) + ss_size + namelen);
     if(!ca) {
       error = EAI_MEMORY;
       break;
@@ -285,7 +281,7 @@ Curl_he2ai(const struct hostent *he, int port)
       ss_size = sizeof(struct sockaddr_in);
 
     /* allocate memory to hold the struct, the address and the name */
-    ai = calloc(1, sizeof(struct Curl_addrinfo) + ss_size + namelen);
+    ai = curlx_calloc(1, sizeof(struct Curl_addrinfo) + ss_size + namelen);
     if(!ai) {
       result = CURLE_OUT_OF_MEMORY;
       break;
@@ -382,7 +378,7 @@ ip2addr(struct Curl_addrinfo **addrp,
     return CURLE_BAD_FUNCTION_ARGUMENT;
 
   /* allocate memory to hold the struct, the address and the name */
-  ai = calloc(1, sizeof(struct Curl_addrinfo) + addrsize + namelen);
+  ai = curlx_calloc(1, sizeof(struct Curl_addrinfo) + addrsize + namelen);
   if(!ai)
     return CURLE_OUT_OF_MEMORY;
   /* put the address after the struct */
@@ -471,7 +467,8 @@ struct Curl_addrinfo *Curl_unix2addr(const char *path, bool *longpath,
 
   *longpath = FALSE;
 
-  ai = calloc(1, sizeof(struct Curl_addrinfo) + sizeof(struct sockaddr_un));
+  ai = curlx_calloc(1,
+                    sizeof(struct Curl_addrinfo) + sizeof(struct sockaddr_un));
   if(!ai)
     return NULL;
   ai->ai_addr = (void *)((char *)ai + sizeof(struct Curl_addrinfo));
@@ -482,7 +479,7 @@ struct Curl_addrinfo *Curl_unix2addr(const char *path, bool *longpath,
   /* sun_path must be able to store the null-terminated path */
   path_len = strlen(path) + 1;
   if(path_len > sizeof(sa_un->sun_path)) {
-    free(ai);
+    curlx_free(ai);
     *longpath = TRUE;
     return NULL;
   }
diff --git a/lib/curl_fnmatch.c b/lib/curl_fnmatch.c
index 3148c472e2..918be89d4b 100644
--- a/lib/curl_fnmatch.c
+++ b/lib/curl_fnmatch.c
@@ -27,10 +27,6 @@
 #include 
 
 #include "curl_fnmatch.h"
-#include "curl_memory.h"
-
-/* The last #include file should be: */
-#include "memdebug.h"
 
 #ifndef HAVE_FNMATCH
 
diff --git a/lib/curl_fopen.c b/lib/curl_fopen.c
index f16b3d6cde..cccf849acb 100644
--- a/lib/curl_fopen.c
+++ b/lib/curl_fopen.c
@@ -31,10 +31,6 @@
 #include "rand.h"
 #include "curl_fopen.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 /*
   The dirslash() function breaks a null-terminated pathname string into
   directory and filename components then returns the directory component up
@@ -120,7 +116,7 @@ CURLcode Curl_fopen(struct Curl_easy *data, const char *filename,
     /* The temp filename should not end up too long for the target file
        system */
     tempstore = curl_maprintf("%s%s.tmp", dir, randbuf);
-    free(dir);
+    curlx_free(dir);
   }
 
   if(!tempstore) {
@@ -156,7 +152,7 @@ fail:
     unlink(tempstore);
   }
 
-  free(tempstore);
+  curlx_free(tempstore);
   return result;
 }
 
diff --git a/lib/curl_get_line.c b/lib/curl_get_line.c
index d5ab7b8427..ea31eb182f 100644
--- a/lib/curl_get_line.c
+++ b/lib/curl_get_line.c
@@ -28,9 +28,6 @@
   !defined(CURL_DISABLE_HSTS) || !defined(CURL_DISABLE_NETRC)
 
 #include "curl_get_line.h"
-#include "curl_memory.h"
-/* The last #include file should be: */
-#include "memdebug.h"
 
 #define appendnl(b)                             \
   curlx_dyn_addn(buf, "\n", 1)
diff --git a/lib/curl_gssapi.c b/lib/curl_gssapi.c
index 947bb9c006..edd555db79 100644
--- a/lib/curl_gssapi.c
+++ b/lib/curl_gssapi.c
@@ -31,10 +31,8 @@
 
 #ifdef DEBUGBUILD
 #if defined(HAVE_GSSGNU) || !defined(_WIN32)
-/* To avoid memdebug macro replacement, wrap the name in parentheses to call
-   the original version. It is freed via the GSS API gss_release_buffer(). */
-#define Curl_gss_alloc (malloc)
-#define Curl_gss_free  (free)
+#define Curl_gss_alloc malloc  /* freed via the GSS API gss_release_buffer() */
+#define Curl_gss_free  free    /* pair of the above */
 #define CURL_GSS_STUB
 /* For correctness this would be required for all platforms, not only Windows,
    but, as of v1.22.1, MIT Kerberos uses a special allocator only for Windows,
@@ -51,10 +49,6 @@
 #endif
 #endif /* DEBUGBUILD */
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #ifdef __GNUC__
 #define CURL_ALIGN8  __attribute__((aligned(8)))
 #else
@@ -208,7 +202,7 @@ stub_gss_init_sec_context(OM_uint32 *min,
       return GSS_S_FAILURE;
     }
 
-    ctx = calloc(1, sizeof(*ctx));
+    ctx = curlx_calloc(1, sizeof(*ctx));
     if(!ctx) {
       *min = STUB_GSS_NO_MEMORY;
       return GSS_S_FAILURE;
@@ -225,7 +219,7 @@ stub_gss_init_sec_context(OM_uint32 *min,
     else if(ctx->have_ntlm)
       ctx->sent = STUB_GSS_NTLM1;
     else {
-      free(ctx);
+      curlx_free(ctx);
       *min = STUB_GSS_NO_MECH;
       return GSS_S_FAILURE;
     }
@@ -236,7 +230,7 @@ stub_gss_init_sec_context(OM_uint32 *min,
 
   token = Curl_gss_alloc(length);
   if(!token) {
-    free(ctx);
+    curlx_free(ctx);
     *min = STUB_GSS_NO_MEMORY;
     return GSS_S_FAILURE;
   }
@@ -250,14 +244,14 @@ stub_gss_init_sec_context(OM_uint32 *min,
                                     &target_desc, &name_type);
     if(GSS_ERROR(major_status)) {
       Curl_gss_free(token);
-      free(ctx);
+      curlx_free(ctx);
       *min = STUB_GSS_NO_MEMORY;
       return GSS_S_FAILURE;
     }
 
     if(strlen(creds) + target_desc.length + 5 >= sizeof(ctx->creds)) {
       Curl_gss_free(token);
-      free(ctx);
+      curlx_free(ctx);
       *min = STUB_GSS_NO_MEMORY;
       return GSS_S_FAILURE;
     }
@@ -273,7 +267,7 @@ stub_gss_init_sec_context(OM_uint32 *min,
 
   if(used >= length) {
     Curl_gss_free(token);
-    free(ctx);
+    curlx_free(ctx);
     *min = STUB_GSS_NO_MEMORY;
     return GSS_S_FAILURE;
   }
@@ -308,7 +302,7 @@ stub_gss_delete_sec_context(OM_uint32 *min,
     return GSS_S_FAILURE;
   }
 
-  free(*context);
+  curlx_free(*context);
   *context = NULL;
   *min = 0;
 
diff --git a/lib/curl_mem_undef.h b/lib/curl_mem_undef.h
deleted file mode 100644
index 2be114cbd5..0000000000
--- a/lib/curl_mem_undef.h
+++ /dev/null
@@ -1,37 +0,0 @@
-/***************************************************************************
- *                                  _   _ ____  _
- *  Project                     ___| | | |  _ \| |
- *                             / __| | | | |_) | |
- *                            | (__| |_| |  _ <| |___
- *                             \___|\___/|_| \_\_____|
- *
- * Copyright (C) Daniel Stenberg, , et al.
- *
- * This software is licensed as described in the file COPYING, which
- * you should have received as part of this distribution. The terms
- * are also available at https://curl.se/docs/copyright.html.
- *
- * You may opt to use, copy, modify, merge, publish, distribute and/or sell
- * copies of the Software, and permit persons to whom the Software is
- * furnished to do so, under the terms of the COPYING file.
- *
- * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
- * KIND, either express or implied.
- *
- * SPDX-License-Identifier: curl
- *
- ***************************************************************************/
-
-/* Unset redefined system symbols. */
-
-#undef strdup
-#undef malloc
-#undef calloc
-#undef realloc
-#undef free
-#ifdef _WIN32
-#undef Curl_tcsdup
-#endif
-
-#undef HEADER_CURL_MEMORY_H
-#undef HEADER_CURL_MEMDEBUG_H
diff --git a/lib/curl_memory.h b/lib/curl_memory.h
deleted file mode 100644
index 7793bb63a3..0000000000
--- a/lib/curl_memory.h
+++ /dev/null
@@ -1,89 +0,0 @@
-#ifndef HEADER_CURL_MEMORY_H
-#define HEADER_CURL_MEMORY_H
-/***************************************************************************
- *                                  _   _ ____  _
- *  Project                     ___| | | |  _ \| |
- *                             / __| | | | |_) | |
- *                            | (__| |_| |  _ <| |___
- *                             \___|\___/|_| \_\_____|
- *
- * Copyright (C) Daniel Stenberg, , et al.
- *
- * This software is licensed as described in the file COPYING, which
- * you should have received as part of this distribution. The terms
- * are also available at https://curl.se/docs/copyright.html.
- *
- * You may opt to use, copy, modify, merge, publish, distribute and/or sell
- * copies of the Software, and permit persons to whom the Software is
- * furnished to do so, under the terms of the COPYING file.
- *
- * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
- * KIND, either express or implied.
- *
- * SPDX-License-Identifier: curl
- *
- ***************************************************************************/
-
-/*
- * Nasty internal details ahead...
- *
- * File curl_memory.h must be included by _all_ *.c source files
- * that use memory related functions strdup, malloc, calloc, realloc
- * or free, and given source file is used to build libcurl library.
- * It should be included immediately before memdebug.h as the last files
- * included to avoid undesired interaction with other memory function
- * headers in dependent libraries.
- *
- * There is nearly no exception to above rule. All libcurl source
- * files in 'lib' subdirectory as well as those living deep inside
- * 'packages' subdirectories and linked together in order to build
- * libcurl library shall follow it.
- *
- * File lib/strdup.c is an exception, given that it provides a strdup
- * clone implementation while using malloc. Extra care needed inside
- * this one.
- *
- * The need for curl_memory.h inclusion is due to libcurl's feature
- * of allowing library user to provide memory replacement functions,
- * memory callbacks, at runtime with curl_global_init_mem()
- *
- * Any *.c source file used to build libcurl library that does not
- * include curl_memory.h and uses any memory function of the five
- * mentioned above will compile without any indication, but it will
- * trigger weird memory related issues at runtime.
- *
- */
-
-#ifndef CURLDEBUG
-
-/*
- * libcurl's 'memory tracking' system defines strdup, malloc, calloc,
- * realloc and free, along with others, in memdebug.h in a different
- * way although still using memory callbacks forward declared above.
- * When using the 'memory tracking' system (CURLDEBUG defined) we do
- * not define here the five memory functions given that definitions
- * from memdebug.h are the ones that shall be used.
- */
-
-#undef strdup
-#define strdup(ptr) Curl_cstrdup(ptr)
-#undef malloc
-#define malloc(size) Curl_cmalloc(size)
-#undef calloc
-#define calloc(nbelem,size) Curl_ccalloc(nbelem, size)
-#undef realloc
-#define realloc(ptr,size) Curl_crealloc(ptr, size)
-#undef free
-#define free(ptr) Curl_cfree(ptr)
-
-#ifdef _WIN32
-#undef Curl_tcsdup
-#ifdef UNICODE
-#define Curl_tcsdup(ptr) Curl_wcsdup(ptr)
-#else
-#define Curl_tcsdup(ptr) Curl_cstrdup(ptr)
-#endif
-#endif /* _WIN32 */
-
-#endif /* CURLDEBUG */
-#endif /* HEADER_CURL_MEMORY_H */
diff --git a/lib/curl_memrchr.c b/lib/curl_memrchr.c
index 5b6a39c022..8146458407 100644
--- a/lib/curl_memrchr.c
+++ b/lib/curl_memrchr.c
@@ -27,10 +27,6 @@
 #include 
 
 #include "curl_memrchr.h"
-#include "curl_memory.h"
-
-/* The last #include file should be: */
-#include "memdebug.h"
 
 #ifndef HAVE_MEMRCHR
 /*
diff --git a/lib/curl_ntlm_core.c b/lib/curl_ntlm_core.c
index d013929d4d..f2c8c2d2a6 100644
--- a/lib/curl_ntlm_core.c
+++ b/lib/curl_ntlm_core.c
@@ -122,10 +122,6 @@
 #include "curl_endian.h"
 #include "curl_md4.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #ifdef USE_CURL_DES_SET_ODD_PARITY
 /*
  * curl_des_set_odd_parity()
@@ -437,7 +433,7 @@ CURLcode Curl_ntlm_core_mk_nt_hash(const char *password,
   CURLcode result;
   if(len > SIZE_MAX/2) /* avoid integer overflow */
     return CURLE_OUT_OF_MEMORY;
-  pw = len ? malloc(len * 2) : (unsigned char *)strdup("");
+  pw = len ? curlx_malloc(len * 2) : (unsigned char *)curlx_strdup("");
   if(!pw)
     return CURLE_OUT_OF_MEMORY;
 
@@ -448,7 +444,7 @@ CURLcode Curl_ntlm_core_mk_nt_hash(const char *password,
   if(!result)
     memset(ntbuffer + 16, 0, 21 - 16);
 
-  free(pw);
+  curlx_free(pw);
 
   return result;
 }
@@ -525,7 +521,7 @@ CURLcode Curl_ntlm_core_mk_ntlmv2_hash(const char *user, size_t userlen,
     return CURLE_OUT_OF_MEMORY;
 
   identity_len = (userlen + domlen) * 2;
-  identity = malloc(identity_len + 1);
+  identity = curlx_malloc(identity_len + 1);
 
   if(!identity)
     return CURLE_OUT_OF_MEMORY;
@@ -535,7 +531,7 @@ CURLcode Curl_ntlm_core_mk_ntlmv2_hash(const char *user, size_t userlen,
 
   result = Curl_hmacit(&Curl_HMAC_MD5, ntlmhash, 16, identity, identity_len,
                        ntlmv2hash);
-  free(identity);
+  curlx_free(identity);
 
   return result;
 }
@@ -598,7 +594,7 @@ CURLcode Curl_ntlm_core_mk_ntlmv2_resp(unsigned char *ntlmv2hash,
   len = HMAC_MD5_LENGTH + NTLMv2_BLOB_LEN;
 
   /* Allocate the response */
-  ptr = calloc(1, len);
+  ptr = curlx_calloc(1, len);
   if(!ptr)
     return CURLE_OUT_OF_MEMORY;
 
@@ -622,7 +618,7 @@ CURLcode Curl_ntlm_core_mk_ntlmv2_resp(unsigned char *ntlmv2hash,
   result = Curl_hmacit(&Curl_HMAC_MD5, ntlmv2hash, HMAC_MD5_LENGTH, ptr + 8,
                        NTLMv2_BLOB_LEN + 8, hmac_output);
   if(result) {
-    free(ptr);
+    curlx_free(ptr);
     return result;
   }
 
diff --git a/lib/curl_rtmp.c b/lib/curl_rtmp.c
index 2d2daf4148..351c9f494c 100644
--- a/lib/curl_rtmp.c
+++ b/lib/curl_rtmp.c
@@ -37,10 +37,6 @@
 #include 
 #include 
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #if defined(_WIN32) && !defined(USE_LWIPSOCK)
 #define setsockopt(a,b,c,d,e) (setsockopt)(a,b,c,(const char *)d,(int)e)
 #define SET_RCVTIMEO(tv,s)   int tv = s*1000
diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c
index f6ec668bfd..aef47dc016 100644
--- a/lib/curl_sasl.c
+++ b/lib/curl_sasl.c
@@ -51,10 +51,6 @@
 #include "curlx/warnless.h"
 #include "sendf.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 /* Supported mechanisms */
 static const struct {
   const char    *name;  /* Name */
diff --git a/lib/curl_setup.h b/lib/curl_setup.h
index 6236a71539..6acac0d17a 100644
--- a/lib/curl_setup.h
+++ b/lib/curl_setup.h
@@ -941,7 +941,7 @@ extern curl_calloc_callback Curl_ccalloc;
  * This macro also assigns NULL to given pointer when free'd.
  */
 #define Curl_safefree(ptr) \
-  do { free(ptr); (ptr) = NULL;} while(0)
+  do { curlx_free(ptr); (ptr) = NULL;} while(0)
 
 #include  /* for CURL_EXTERN, mprintf.h */
 
@@ -1077,6 +1077,56 @@ CURL_EXTERN ALLOC_FUNC
 
 #endif /* CURLDEBUG */
 
+/* Allocator macros */
+
+#ifdef CURLDEBUG
+
+#define curlx_strdup(ptr)         curl_dbg_strdup(ptr, __LINE__, __FILE__)
+#define curlx_malloc(size)        curl_dbg_malloc(size, __LINE__, __FILE__)
+#define curlx_calloc(nbelem,size) \
+                              curl_dbg_calloc(nbelem, size, __LINE__, __FILE__)
+#define curlx_realloc(ptr,size)   \
+                              curl_dbg_realloc(ptr, size, __LINE__, __FILE__)
+#define curlx_free(ptr)           curl_dbg_free(ptr, __LINE__, __FILE__)
+
+#ifdef _WIN32
+#ifdef UNICODE
+#define curlx_tcsdup(ptr)         curl_dbg_wcsdup(ptr, __LINE__, __FILE__)
+#else
+#define curlx_tcsdup(ptr)         curlx_strdup(ptr)
+#endif
+#endif /* _WIN32 */
+
+#else /* !CURLDEBUG */
+
+#ifdef BUILDING_LIBCURL
+#define curlx_strdup(ptr)         Curl_cstrdup(ptr)
+#define curlx_malloc(size)        Curl_cmalloc(size)
+#define curlx_calloc(nbelem,size) Curl_ccalloc(nbelem, size)
+#define curlx_realloc(ptr,size)   Curl_crealloc(ptr, size)
+#define curlx_free(ptr)           Curl_cfree(ptr)
+#else /* !BUILDING_LIBCURL */
+#ifdef _WIN32
+#define curlx_strdup(ptr)         _strdup(ptr)
+#else
+#define curlx_strdup(ptr)         strdup(ptr)
+#endif
+#define curlx_malloc(size)        malloc(size)
+#define curlx_calloc(nbelem,size) calloc(nbelem, size)
+#define curlx_realloc(ptr,size)   realloc(ptr, size)
+#define curlx_free(ptr)           free(ptr)
+#endif /* BUILDING_LIBCURL */
+
+#ifdef _WIN32
+#ifdef UNICODE
+#define curlx_tcsdup(ptr)         Curl_wcsdup(ptr)
+#else
+#define curlx_tcsdup(ptr)         curlx_strdup(ptr)
+#endif
+#endif /* _WIN32 */
+
+#endif /* CURLDEBUG */
+
 /* Some versions of the Android NDK is missing the declaration */
 #if defined(HAVE_GETPWUID_R) && \
   defined(__ANDROID_API__) && (__ANDROID_API__ < 21)
@@ -1167,5 +1217,3 @@ int getpwuid_r(uid_t uid, struct passwd *pwd, char *buf,
 #endif
 
 #endif /* HEADER_CURL_SETUP_H */
-
-#include "curl_mem_undef.h"
diff --git a/lib/curl_share.c b/lib/curl_share.c
index b65d16c628..c6b5126704 100644
--- a/lib/curl_share.c
+++ b/lib/curl_share.c
@@ -34,21 +34,17 @@
 #include "hsts.h"
 #include "url.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 CURLSH *
 curl_share_init(void)
 {
-  struct Curl_share *share = calloc(1, sizeof(struct Curl_share));
+  struct Curl_share *share = curlx_calloc(1, sizeof(struct Curl_share));
   if(share) {
     share->magic = CURL_GOOD_SHARE;
     share->specifier |= (1 << CURL_LOCK_DATA_SHARE);
     Curl_dnscache_init(&share->dnscache, 23);
     share->admin = curl_easy_init();
     if(!share->admin) {
-      free(share);
+      curlx_free(share);
       return NULL;
     }
     /* admin handles have mid 0 */
@@ -272,7 +268,7 @@ curl_share_cleanup(CURLSH *sh)
   if(share->unlockfunc)
     share->unlockfunc(NULL, CURL_LOCK_DATA_SHARE, share->clientdata);
   share->magic = 0;
-  free(share);
+  curlx_free(share);
 
   return CURLSHE_OK;
 }
diff --git a/lib/curl_sspi.c b/lib/curl_sspi.c
index 369cf18967..264703d8cd 100644
--- a/lib/curl_sspi.c
+++ b/lib/curl_sspi.c
@@ -33,10 +33,6 @@
 #include "system_win32.h"
 #include "curlx/warnless.h"
 
-/* The last #include files should be: */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 /* Pointer to SSPI dispatch table */
 PSecurityFunctionTable Curl_pSecFn = NULL;
 
@@ -134,7 +130,7 @@ CURLcode Curl_create_sspi_identity(const char *userp, const char *passwdp,
   }
 
   /* Setup the identity's user and length */
-  dup_user.tchar_ptr = Curl_tcsdup(user.tchar_ptr);
+  dup_user.tchar_ptr = curlx_tcsdup(user.tchar_ptr);
   if(!dup_user.tchar_ptr) {
     curlx_unicodefree(useranddomain.tchar_ptr);
     return CURLE_OUT_OF_MEMORY;
@@ -144,7 +140,7 @@ CURLcode Curl_create_sspi_identity(const char *userp, const char *passwdp,
   dup_user.tchar_ptr = NULL;
 
   /* Setup the identity's domain and length */
-  dup_domain.tchar_ptr = malloc(sizeof(TCHAR) * (domlen + 1));
+  dup_domain.tchar_ptr = curlx_malloc(sizeof(TCHAR) * (domlen + 1));
   if(!dup_domain.tchar_ptr) {
     curlx_unicodefree(useranddomain.tchar_ptr);
     return CURLE_OUT_OF_MEMORY;
@@ -164,7 +160,7 @@ CURLcode Curl_create_sspi_identity(const char *userp, const char *passwdp,
   passwd.tchar_ptr = curlx_convert_UTF8_to_tchar(passwdp);
   if(!passwd.tchar_ptr)
     return CURLE_OUT_OF_MEMORY;
-  dup_passwd.tchar_ptr = Curl_tcsdup(passwd.tchar_ptr);
+  dup_passwd.tchar_ptr = curlx_tcsdup(passwd.tchar_ptr);
   if(!dup_passwd.tchar_ptr) {
     curlx_unicodefree(passwd.tchar_ptr);
     return CURLE_OUT_OF_MEMORY;
diff --git a/lib/curl_threads.c b/lib/curl_threads.c
index a0308f06b2..e4536078be 100644
--- a/lib/curl_threads.c
+++ b/lib/curl_threads.c
@@ -31,9 +31,6 @@
 #endif
 
 #include "curl_threads.h"
-#include "curl_memory.h"
-/* The last #include FILE should be: */
-#include "memdebug.h"
 
 #ifdef USE_THREADS_POSIX
 
@@ -48,7 +45,7 @@ static void *curl_thread_create_thunk(void *arg)
   unsigned int (*func)(void *) = ac->func;
   void *real_arg = ac->arg;
 
-  free(ac);
+  curlx_free(ac);
 
   (*func)(real_arg);
 
@@ -58,8 +55,8 @@ static void *curl_thread_create_thunk(void *arg)
 curl_thread_t Curl_thread_create(CURL_THREAD_RETURN_T
                                  (CURL_STDCALL *func) (void *), void *arg)
 {
-  curl_thread_t t = malloc(sizeof(pthread_t));
-  struct Curl_actual_call *ac = malloc(sizeof(struct Curl_actual_call));
+  curl_thread_t t = curlx_malloc(sizeof(pthread_t));
+  struct Curl_actual_call *ac = curlx_malloc(sizeof(struct Curl_actual_call));
   int rc;
   if(!(ac && t))
     goto err;
@@ -76,8 +73,8 @@ curl_thread_t Curl_thread_create(CURL_THREAD_RETURN_T
   return t;
 
 err:
-  free(t);
-  free(ac);
+  curlx_free(t);
+  curlx_free(ac);
   return curl_thread_t_null;
 }
 
@@ -85,7 +82,7 @@ void Curl_thread_destroy(curl_thread_t *hnd)
 {
   if(*hnd != curl_thread_t_null) {
     pthread_detach(**hnd);
-    free(*hnd);
+    curlx_free(*hnd);
     *hnd = curl_thread_t_null;
   }
 }
@@ -94,7 +91,7 @@ int Curl_thread_join(curl_thread_t *hnd)
 {
   int ret = (pthread_join(**hnd, NULL) == 0);
 
-  free(*hnd);
+  curlx_free(*hnd);
   *hnd = curl_thread_t_null;
 
   return ret;
diff --git a/lib/curl_trc.c b/lib/curl_trc.c
index 0b91315e36..cc06c77e9d 100644
--- a/lib/curl_trc.c
+++ b/lib/curl_trc.c
@@ -47,10 +47,6 @@
 #include "vtls/vtls.h"
 #include "vquic/vquic.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 static void trc_write(struct Curl_easy *data, curl_infotype type,
                       const char *ptr, size_t size)
 {
diff --git a/lib/curlx/base64.c b/lib/curlx/base64.c
index 3fcd709d1c..6a24c20ebd 100644
--- a/lib/curlx/base64.c
+++ b/lib/curlx/base64.c
@@ -30,12 +30,6 @@
 #include "warnless.h"
 #include "base64.h"
 
-/* The last 2 #include files should be in this order */
-#ifdef BUILDING_LIBCURL
-#include "../curl_memory.h"
-#endif
-#include "../memdebug.h"
-
 /* ---- Base64 Encoding/Decoding Table --- */
 const char Curl_base64encdec[]=
   "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
@@ -103,7 +97,7 @@ CURLcode curlx_base64_decode(const char *src,
   rawlen = (numQuantums * 3) - padding;
 
   /* Allocate our buffer including room for a null-terminator */
-  newstr = malloc(rawlen + 1);
+  newstr = curlx_malloc(rawlen + 1);
   if(!newstr)
     return CURLE_OUT_OF_MEMORY;
 
@@ -165,7 +159,7 @@ CURLcode curlx_base64_decode(const char *src,
 
   return CURLE_OK;
 bad:
-  free(newstr);
+  curlx_free(newstr);
   return CURLE_BAD_CONTENT_ENCODING;
 }
 
@@ -189,7 +183,7 @@ static CURLcode base64_encode(const char *table64,
   if(insize > CURL_MAX_BASE64_INPUT)
     return CURLE_TOO_LARGE;
 
-  base64data = output = malloc((insize + 2) / 3 * 4 + 1);
+  base64data = output = curlx_malloc((insize + 2) / 3 * 4 + 1);
   if(!output)
     return CURLE_OUT_OF_MEMORY;
 
diff --git a/lib/curlx/dynbuf.c b/lib/curlx/dynbuf.c
index 447203e42a..e54865f933 100644
--- a/lib/curlx/dynbuf.c
+++ b/lib/curlx/dynbuf.c
@@ -25,10 +25,6 @@
 #include "../curl_setup.h"
 #include "dynbuf.h"
 #include "../curl_printf.h"
-#ifdef BUILDING_LIBCURL
-#include "../curl_memory.h"
-#endif
-#include "../memdebug.h"
 
 #define MIN_FIRST_ALLOC 32
 
@@ -108,7 +104,7 @@ static CURLcode dyn_nappend(struct dynbuf *s,
   if(a != s->allc) {
     /* this logic is not using Curl_saferealloc() to make the tool not have to
        include that as well when it uses this code */
-    void *p = realloc(s->bufr, a);
+    void *p = curlx_realloc(s->bufr, a);
     if(!p) {
       curlx_dyn_free(s);
       return CURLE_OUT_OF_MEMORY;
@@ -212,7 +208,7 @@ CURLcode curlx_dyn_vaddf(struct dynbuf *s, const char *fmt, va_list ap)
 
   if(str) {
     CURLcode result = dyn_nappend(s, (const unsigned char *)str, strlen(str));
-    free(str);
+    curlx_free(str);
     return result;
   }
   /* If we failed, we cleanup the whole buffer and return error */
diff --git a/lib/curlx/fopen.c b/lib/curlx/fopen.c
index 0dc9699206..c8dff428fc 100644
--- a/lib/curlx/fopen.c
+++ b/lib/curlx/fopen.c
@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) Daniel Stenberg, , et al.
+ * Copyright (C) Danieal Stenberg, , et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -23,11 +23,8 @@
  ***************************************************************************/
 
 /*
- * This file is 'mem-include-scan' clean, which means its memory allocations
- * are not tracked by the curl memory tracker memdebug, so they must not use
- * `CURLDEBUG` macro replacements in memdebug.h for free, malloc, etc. To avoid
- * these macro replacements, wrap the names in parentheses to call the original
- * versions: `ptr = (malloc)(123)`, `(free)(ptr)`, etc.
+ * Use system allocators to avoid infinite recursion when called by curl's
+ * memory tracker memdebug functions.
  */
 
 #include "../curl_setup.h"
@@ -103,7 +100,8 @@ static bool fix_excessive_path(const TCHAR *in, TCHAR **out)
     goto cleanup;
   if(!needed || needed >= max_path_len)
     goto cleanup;
-  ibuf = (malloc)(needed * sizeof(wchar_t));
+  /* !checksrc! disable BANNEDFUNC 1 */
+  ibuf = malloc(needed * sizeof(wchar_t));
   if(!ibuf)
     goto cleanup;
   if(mbstowcs_s(&count, ibuf, needed, in, needed - 1))
@@ -124,7 +122,8 @@ static bool fix_excessive_path(const TCHAR *in, TCHAR **out)
   /* skip paths that are not excessive and do not need modification */
   if(needed <= MAX_PATH)
     goto cleanup;
-  fbuf = (malloc)(needed * sizeof(wchar_t));
+  /* !checksrc! disable BANNEDFUNC 1 */
+  fbuf = malloc(needed * sizeof(wchar_t));
   if(!fbuf)
     goto cleanup;
   count = (size_t)GetFullPathNameW(in_w, (DWORD)needed, fbuf, NULL);
@@ -157,16 +156,19 @@ static bool fix_excessive_path(const TCHAR *in, TCHAR **out)
       if(needed > max_path_len)
         goto cleanup;
 
-      temp = (malloc)(needed * sizeof(wchar_t));
+      /* !checksrc! disable BANNEDFUNC 1 */
+      temp = malloc(needed * sizeof(wchar_t));
       if(!temp)
         goto cleanup;
 
       if(wcsncpy_s(temp, needed, L"\\\\?\\UNC\\", 8)) {
-        (free)(temp);
+        /* !checksrc! disable BANNEDFUNC 1 */
+        free(temp);
         goto cleanup;
       }
       if(wcscpy_s(temp + 8, needed, fbuf + 2)) {
-        (free)(temp);
+        /* !checksrc! disable BANNEDFUNC 1 */
+        free(temp);
         goto cleanup;
       }
     }
@@ -176,21 +178,25 @@ static bool fix_excessive_path(const TCHAR *in, TCHAR **out)
       if(needed > max_path_len)
         goto cleanup;
 
-      temp = (malloc)(needed * sizeof(wchar_t));
+      /* !checksrc! disable BANNEDFUNC 1 */
+      temp = malloc(needed * sizeof(wchar_t));
       if(!temp)
         goto cleanup;
 
       if(wcsncpy_s(temp, needed, L"\\\\?\\", 4)) {
-        (free)(temp);
+        /* !checksrc! disable BANNEDFUNC 1 */
+        free(temp);
         goto cleanup;
       }
       if(wcscpy_s(temp + 4, needed, fbuf)) {
-        (free)(temp);
+        /* !checksrc! disable BANNEDFUNC 1 */
+        free(temp);
         goto cleanup;
       }
     }
 
-    (free)(fbuf);
+    /* !checksrc! disable BANNEDFUNC 1 */
+    free(fbuf);
     fbuf = temp;
   }
 
@@ -200,7 +206,8 @@ static bool fix_excessive_path(const TCHAR *in, TCHAR **out)
     goto cleanup;
   if(!needed || needed >= max_path_len)
     goto cleanup;
-  obuf = (malloc)(needed);
+  /* !checksrc! disable BANNEDFUNC 1 */
+  obuf = malloc(needed);
   if(!obuf)
     goto cleanup;
   if(wcstombs_s(&count, obuf, needed, fbuf, needed - 1))
@@ -215,10 +222,12 @@ static bool fix_excessive_path(const TCHAR *in, TCHAR **out)
 #endif
 
 cleanup:
-  (free)(fbuf);
+  /* !checksrc! disable BANNEDFUNC 1 */
+  free(fbuf);
 #ifndef _UNICODE
-  (free)(ibuf);
-  (free)(obuf);
+  /* !checksrc! disable BANNEDFUNC 2 */
+  free(ibuf);
+  free(obuf);
 #endif
   return *out ? true : false;
 }
@@ -260,7 +269,8 @@ int curlx_win32_open(const char *filename, int oflag, ...)
   errno = _sopen_s(&result, target, oflag, _SH_DENYNO, pmode);
 #endif
 
-  (free)(fixed);
+  /* !checksrc! disable BANNEDFUNC 1 */
+  free(fixed);
   return result;
 }
 
@@ -293,7 +303,8 @@ FILE *curlx_win32_fopen(const char *filename, const char *mode)
   errno = fopen_s(&result, target, mode);
 #endif
 
-  (free)(fixed);
+  /* !checksrc! disable BANNEDFUNC 1 */
+  free(fixed);
   return result;
 }
 
@@ -331,7 +342,8 @@ FILE *curlx_win32_freopen(const char *filename, const char *mode, FILE *fp)
   errno = freopen_s(&result, target, mode, fp);
 #endif
 
-  (free)(fixed);
+  /* !checksrc! disable BANNEDFUNC 1 */
+  free(fixed);
   return result;
 }
 
@@ -370,7 +382,8 @@ int curlx_win32_stat(const char *path, struct_stat *buffer)
 #endif
 #endif
 
-  (free)(fixed);
+  /* !checksrc! disable BANNEDFUNC 1 */
+  free(fixed);
   return result;
 }
 
diff --git a/lib/curlx/multibyte.c b/lib/curlx/multibyte.c
index 9e60edf7e3..2583f30870 100644
--- a/lib/curlx/multibyte.c
+++ b/lib/curlx/multibyte.c
@@ -23,11 +23,8 @@
  ***************************************************************************/
 
 /*
- * This file is 'mem-include-scan' clean, which means its memory allocations
- * are not tracked by the curl memory tracker memdebug, so they must not use
- * `CURLDEBUG` macro replacements in memdebug.h for free, malloc, etc. To avoid
- * these macro replacements, wrap the names in parentheses to call the original
- * versions: `ptr = (malloc)(123)`, `(free)(ptr)`, etc.
+ * Use system allocators to avoid infinite recursion when called by curl's
+ * memory tracker memdebug functions.
  */
 
 #include "../curl_setup.h"
@@ -48,11 +45,13 @@ wchar_t *curlx_convert_UTF8_to_wchar(const char *str_utf8)
     int str_w_len = MultiByteToWideChar(CP_UTF8, MB_ERR_INVALID_CHARS,
                                         str_utf8, -1, NULL, 0);
     if(str_w_len > 0) {
-      str_w = (malloc)(str_w_len * sizeof(wchar_t));
+      /* !checksrc! disable BANNEDFUNC 1 */
+      str_w = malloc(str_w_len * sizeof(wchar_t));
       if(str_w) {
         if(MultiByteToWideChar(CP_UTF8, 0, str_utf8, -1, str_w,
                                str_w_len) == 0) {
-          (free)(str_w);
+          /* !checksrc! disable BANNEDFUNC 1 */
+          free(str_w);
           return NULL;
         }
       }
@@ -70,11 +69,13 @@ char *curlx_convert_wchar_to_UTF8(const wchar_t *str_w)
     int bytes = WideCharToMultiByte(CP_UTF8, 0, str_w, -1,
                                     NULL, 0, NULL, NULL);
     if(bytes > 0) {
-      str_utf8 = (malloc)(bytes);
+      /* !checksrc! disable BANNEDFUNC 1 */
+      str_utf8 = malloc(bytes);
       if(str_utf8) {
         if(WideCharToMultiByte(CP_UTF8, 0, str_w, -1, str_utf8, bytes,
                                NULL, NULL) == 0) {
-          (free)(str_utf8);
+          /* !checksrc! disable BANNEDFUNC 1 */
+          free(str_utf8);
           return NULL;
         }
       }
diff --git a/lib/curlx/multibyte.h b/lib/curlx/multibyte.h
index 8b698c1b73..c992214a95 100644
--- a/lib/curlx/multibyte.h
+++ b/lib/curlx/multibyte.h
@@ -44,11 +44,8 @@ char *curlx_convert_wchar_to_UTF8(const wchar_t *str_w);
  *
  * Allocated memory should be free'd with curlx_unicodefree().
  *
- * Note: Because these are curlx functions their memory usage is not tracked
- * by the curl memory tracker memdebug. you will notice that curlx
- * function-like macros call free and strdup in parentheses, eg (strdup)(ptr),
- * and that is to ensure that the curl memdebug override macros do not replace
- * them.
+ * Use system allocators to avoid infinite recursion when called by curl's
+ * memory tracker memdebug functions.
  */
 
 #if defined(UNICODE) && defined(_WIN32)
@@ -65,8 +62,13 @@ typedef union {
 
 #else
 
-#define curlx_convert_UTF8_to_tchar(ptr) (strdup)(ptr)
-#define curlx_convert_tchar_to_UTF8(ptr) (strdup)(ptr)
+#ifdef _WIN32
+#define curlx_convert_UTF8_to_tchar(ptr) _strdup(ptr)
+#define curlx_convert_tchar_to_UTF8(ptr) _strdup(ptr)
+#else
+#define curlx_convert_UTF8_to_tchar(ptr) strdup(ptr)
+#define curlx_convert_tchar_to_UTF8(ptr) strdup(ptr)
+#endif
 
 typedef union {
   char                *tchar_ptr;
@@ -78,6 +80,6 @@ typedef union {
 #endif /* UNICODE && _WIN32 */
 
 /* the purpose of this macro is to free() without being traced by memdebug */
-#define curlx_unicodefree(ptr) (free)(ptr)
+#define curlx_unicodefree(ptr) free(ptr)
 
 #endif /* HEADER_CURL_MULTIBYTE_H */
diff --git a/lib/curlx/strerr.c b/lib/curlx/strerr.c
index c33d107011..3dbeab82ee 100644
--- a/lib/curlx/strerr.c
+++ b/lib/curlx/strerr.c
@@ -37,9 +37,6 @@
 #include "winapi.h"
 #include "snprintf.h"
 #include "strerr.h"
-/* The last 2 #include files should be in this order */
-#include "../curl_memory.h"
-#include "../memdebug.h"
 
 #ifdef USE_WINSOCK
 /* This is a helper function for curlx_strerror that converts Winsock error
diff --git a/lib/curlx/version_win32.c b/lib/curlx/version_win32.c
index cc86b71d3e..9ab72c2fd5 100644
--- a/lib/curlx/version_win32.c
+++ b/lib/curlx/version_win32.c
@@ -30,10 +30,6 @@
 #include "version_win32.h"
 #include "warnless.h"
 
-/* The last 2 #include files should be in this order */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 /* This Unicode version struct works for VerifyVersionInfoW (OSVERSIONINFOEXW)
    and RtlVerifyVersionInfo (RTLOSVERSIONINFOEXW) */
 struct OUR_OSVERSIONINFOEXW {
diff --git a/lib/cw-out.c b/lib/cw-out.c
index 36cfc36aca..4561546d19 100644
--- a/lib/cw-out.c
+++ b/lib/cw-out.c
@@ -35,10 +35,6 @@
 #include "cw-out.h"
 #include "cw-pause.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 
 /**
  * OVERALL DESIGN of this client writer
@@ -85,7 +81,7 @@ struct cw_out_buf {
 
 static struct cw_out_buf *cw_out_buf_create(cw_out_type otype)
 {
-  struct cw_out_buf *cwbuf = calloc(1, sizeof(*cwbuf));
+  struct cw_out_buf *cwbuf = curlx_calloc(1, sizeof(*cwbuf));
   if(cwbuf) {
     cwbuf->type = otype;
     curlx_dyn_init(&cwbuf->b, DYN_PAUSE_BUFFER);
@@ -97,7 +93,7 @@ static void cw_out_buf_free(struct cw_out_buf *cwbuf)
 {
   if(cwbuf) {
     curlx_dyn_free(&cwbuf->b);
-    free(cwbuf);
+    curlx_free(cwbuf);
   }
 }
 
diff --git a/lib/cw-pause.c b/lib/cw-pause.c
index 1af4e8fa41..2a98667ae4 100644
--- a/lib/cw-pause.c
+++ b/lib/cw-pause.c
@@ -34,10 +34,6 @@
 #include "sendf.h"
 #include "cw-pause.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 
 /* body dynbuf sizes */
 #define CW_PAUSE_BUF_CHUNK         (16 * 1024)
@@ -52,7 +48,7 @@ struct cw_pause_buf {
 
 static struct cw_pause_buf *cw_pause_buf_create(int type, size_t buflen)
 {
-  struct cw_pause_buf *cwbuf = calloc(1, sizeof(*cwbuf));
+  struct cw_pause_buf *cwbuf = curlx_calloc(1, sizeof(*cwbuf));
   if(cwbuf) {
     cwbuf->type = type;
     if(type & CLIENTWRITE_BODY)
@@ -68,7 +64,7 @@ static void cw_pause_buf_free(struct cw_pause_buf *cwbuf)
 {
   if(cwbuf) {
     Curl_bufq_free(&cwbuf->b);
-    free(cwbuf);
+    curlx_free(cwbuf);
   }
 }
 
diff --git a/lib/dict.c b/lib/dict.c
index 5c7ba7f622..f208892f73 100644
--- a/lib/dict.c
+++ b/lib/dict.c
@@ -60,11 +60,6 @@
 #include "progress.h"
 #include "dict.h"
 
-/* The last 2 #include files should be: */
-#include "curl_memory.h"
-#include "memdebug.h"
-
-
 #define DICT_MATCH "/MATCH:"
 #define DICT_MATCH2 "/M:"
 #define DICT_MATCH3 "/FIND:"
@@ -172,7 +167,7 @@ static CURLcode sendf(struct Curl_easy *data, const char *fmt, ...)
       break;
   }
 
-  free(s); /* free the output string */
+  curlx_free(s); /* free the output string */
 
   return result;
 }
@@ -310,8 +305,8 @@ static CURLcode dict_do(struct Curl_easy *data, bool *done)
   }
 
 error:
-  free(eword);
-  free(path);
+  curlx_free(eword);
+  curlx_free(path);
   return result;
 }
 #endif /* CURL_DISABLE_DICT */
diff --git a/lib/dllmain.c b/lib/dllmain.c
index 011090589b..7b7d3c7e2e 100644
--- a/lib/dllmain.c
+++ b/lib/dllmain.c
@@ -28,10 +28,6 @@
 #include 
 #endif
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 /* DllMain() must only be defined for Windows DLL builds. */
 #if defined(_WIN32) && !defined(CURL_STATICLIB)
 
diff --git a/lib/doh.c b/lib/doh.c
index 0712981a97..d7b1d54c25 100644
--- a/lib/doh.c
+++ b/lib/doh.c
@@ -41,10 +41,6 @@
 #include "escape.h"
 #include "urlapi-int.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #define DNS_CLASS_IN 0x01
 
 #ifndef CURL_DISABLE_VERBOSE_STRINGS
@@ -269,7 +265,7 @@ static void doh_probe_dtor(void *key, size_t klen, void *e)
     struct doh_request *doh_req = e;
     curl_slist_free_all(doh_req->req_hds);
     curlx_dyn_free(&doh_req->resp_body);
-    free(e);
+    curlx_free(e);
   }
 }
 
@@ -296,7 +292,7 @@ static CURLcode doh_probe_run(struct Curl_easy *data,
 
   *pmid = UINT32_MAX;
 
-  doh_req = calloc(1, sizeof(*doh_req));
+  doh_req = curlx_calloc(1, sizeof(*doh_req));
   if(!doh_req)
     return CURLE_OUT_OF_MEMORY;
   doh_req->dnstype = dnstype;
@@ -462,12 +458,12 @@ CURLcode Curl_doh(struct Curl_easy *data, const char *hostname,
   data->state.async.done = FALSE;
   data->state.async.port = port;
   data->state.async.ip_version = ip_version;
-  data->state.async.hostname = strdup(hostname);
+  data->state.async.hostname = curlx_strdup(hostname);
   if(!data->state.async.hostname)
     return CURLE_OUT_OF_MEMORY;
 
   /* start clean, consider allocating this struct on demand */
-  data->state.async.doh = dohp = calloc(1, sizeof(struct doh_probes));
+  data->state.async.doh = dohp = curlx_calloc(1, sizeof(struct doh_probes));
   if(!dohp)
     return CURLE_OUT_OF_MEMORY;
 
@@ -518,7 +514,7 @@ CURLcode Curl_doh(struct Curl_easy *data, const char *hostname,
                            qname ? qname : hostname, data->set.str[STRING_DOH],
                            data->multi,
                            &dohp->probe_resp[DOH_SLOT_HTTPS_RR].probe_mid);
-    free(qname);
+    curlx_free(qname);
     if(result)
       goto error;
     dohp->pending++;
@@ -963,7 +959,7 @@ static CURLcode doh2ai(const struct dohentry *de, const char *hostname,
       addrtype = AF_INET;
     }
 
-    ai = calloc(1, sizeof(struct Curl_addrinfo) + ss_size + hostlen);
+    ai = curlx_calloc(1, sizeof(struct Curl_addrinfo) + ss_size + hostlen);
     if(!ai) {
       result = CURLE_OUT_OF_MEMORY;
       break;
@@ -1130,7 +1126,7 @@ UNITTEST CURLcode doh_resp_decode_httpsrr(struct Curl_easy *data,
   *hrr = NULL;
   if(len <= 2)
     return CURLE_BAD_FUNCTION_ARGUMENT;
-  lhrr = calloc(1, sizeof(struct Curl_https_rrinfo));
+  lhrr = curlx_calloc(1, sizeof(struct Curl_https_rrinfo));
   if(!lhrr)
     return CURLE_OUT_OF_MEMORY;
   lhrr->priority = doh_get16bit(cp, 0);
diff --git a/lib/dynhds.c b/lib/dynhds.c
index 95d415bf0b..ebe1beae58 100644
--- a/lib/dynhds.c
+++ b/lib/dynhds.c
@@ -31,10 +31,6 @@
 #include 
 #endif /* USE_NGHTTP2 */
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 
 static struct dynhds_entry *
 entry_new(const char *name, size_t namelen,
@@ -45,7 +41,7 @@ entry_new(const char *name, size_t namelen,
 
   DEBUGASSERT(name);
   DEBUGASSERT(value);
-  e = calloc(1, sizeof(*e) + namelen + valuelen + 2);
+  e = curlx_calloc(1, sizeof(*e) + namelen + valuelen + 2);
   if(!e)
     return NULL;
   e->name = p = ((char *)e) + sizeof(*e);
@@ -68,7 +64,7 @@ entry_append(struct dynhds_entry *e,
   char *p;
 
   DEBUGASSERT(value);
-  e2 = calloc(1, sizeof(*e) + e->namelen + valuelen2 + 2);
+  e2 = curlx_calloc(1, sizeof(*e) + e->namelen + valuelen2 + 2);
   if(!e2)
     return NULL;
   e2->name = p = ((char *)e2) + sizeof(*e2);
@@ -85,7 +81,7 @@ entry_append(struct dynhds_entry *e,
 
 static void entry_free(struct dynhds_entry *e)
 {
-  free(e);
+  curlx_free(e);
 }
 
 void Curl_dynhds_init(struct dynhds *dynhds, size_t max_entries,
@@ -186,7 +182,7 @@ entry = entry_new(name, namelen, value, valuelen, dynhds->opts);
     if(dynhds->max_entries && nallc > dynhds->max_entries)
       nallc = dynhds->max_entries;
 
-    nhds = calloc(nallc, sizeof(struct dynhds_entry *));
+    nhds = curlx_calloc(nallc, sizeof(struct dynhds_entry *));
     if(!nhds)
       goto out;
     if(dynhds->hds) {
@@ -374,7 +370,7 @@ CURLcode Curl_dynhds_h1_dprint(struct dynhds *dynhds, struct dynbuf *dbuf)
 
 nghttp2_nv *Curl_dynhds_to_nva(struct dynhds *dynhds, size_t *pcount)
 {
-  nghttp2_nv *nva = calloc(1, sizeof(nghttp2_nv) * dynhds->hds_len);
+  nghttp2_nv *nva = curlx_calloc(1, sizeof(nghttp2_nv) * dynhds->hds_len);
   size_t i;
 
   *pcount = 0;
diff --git a/lib/easy.c b/lib/easy.c
index db6c419c57..476f63c74d 100644
--- a/lib/easy.c
+++ b/lib/easy.c
@@ -80,10 +80,6 @@
 
 #include "easy_lock.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 /* true globals -- for curl_global_init() and curl_global_cleanup() */
 static unsigned int  initialized;
 static long          easy_init_flags;
@@ -198,7 +194,7 @@ static CURLcode global_init(long flags, bool memoryfuncs)
 #ifdef DEBUGBUILD
   if(getenv("CURL_GLOBAL_INIT"))
     /* alloc data that will leak if *cleanup() is not called! */
-    leakpointer = malloc(1);
+    leakpointer = curlx_malloc(1);
 #endif
 
   return CURLE_OK;
@@ -297,7 +293,7 @@ void curl_global_cleanup(void)
   Curl_ssh_cleanup();
 
 #ifdef DEBUGBUILD
-  free(leakpointer);
+  curlx_free(leakpointer);
 #endif
 
   easy_init_flags = 0;
@@ -478,7 +474,7 @@ static int events_socket(CURL *easy,      /* easy handle */
           prev->next = nxt;
         else
           ev->list = nxt;
-        free(m);
+        curlx_free(m);
         infof(data, "socket cb: socket %" FMT_SOCKET_T " REMOVED", s);
       }
       else {
@@ -504,7 +500,7 @@ static int events_socket(CURL *easy,      /* easy handle */
       DEBUGASSERT(0);
     }
     else {
-      m = malloc(sizeof(struct socketmonitor));
+      m = curlx_malloc(sizeof(struct socketmonitor));
       if(m) {
         m->next = ev->list;
         m->socket.fd = s;
@@ -927,7 +923,7 @@ static CURLcode dupset(struct Curl_easy *dst, struct Curl_easy *src)
   i = STRING_COPYPOSTFIELDS;
   if(src->set.str[i]) {
     if(src->set.postfieldsize == -1)
-      dst->set.str[i] = strdup(src->set.str[i]);
+      dst->set.str[i] = curlx_strdup(src->set.str[i]);
     else
       /* postfieldsize is curl_off_t, Curl_memdup() takes a size_t ... */
       dst->set.str[i] = Curl_memdup(src->set.str[i],
@@ -968,7 +964,7 @@ CURL *curl_easy_duphandle(CURL *d)
 
   if(!GOOD_EASY_HANDLE(data))
     goto fail;
-  outcurl = calloc(1, sizeof(struct Curl_easy));
+  outcurl = curlx_calloc(1, sizeof(struct Curl_easy));
   if(!outcurl)
     goto fail;
 
@@ -1022,14 +1018,14 @@ CURL *curl_easy_duphandle(CURL *d)
 #endif
 
   if(data->state.url) {
-    outcurl->state.url = strdup(data->state.url);
+    outcurl->state.url = curlx_strdup(data->state.url);
     if(!outcurl->state.url)
       goto fail;
     outcurl->state.url_alloc = TRUE;
   }
 
   if(data->state.referer) {
-    outcurl->state.referer = strdup(data->state.referer);
+    outcurl->state.referer = curlx_strdup(data->state.referer);
     if(!outcurl->state.referer)
       goto fail;
     outcurl->state.referer_alloc = TRUE;
@@ -1073,13 +1069,13 @@ fail:
 
   if(outcurl) {
 #ifndef CURL_DISABLE_COOKIES
-    free(outcurl->cookies);
+    curlx_free(outcurl->cookies);
 #endif
     curlx_dyn_free(&outcurl->state.headerb);
     Curl_altsvc_cleanup(&outcurl->asi);
     Curl_hsts_cleanup(&outcurl->hsts);
     Curl_freeset(outcurl);
-    free(outcurl);
+    curlx_free(outcurl);
   }
 
   return NULL;
diff --git a/lib/escape.c b/lib/escape.c
index fdc6e438ab..04b46f7a9e 100644
--- a/lib/escape.c
+++ b/lib/escape.c
@@ -37,10 +37,6 @@ struct Curl_easy;
 #include "curlx/strparse.h"
 #include "curl_printf.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 /* for ABI-compatibility with previous versions */
 char *curl_escape(const char *string, int inlength)
 {
@@ -68,7 +64,7 @@ char *curl_easy_escape(CURL *data, const char *string,
 
   length = (inlength ? (size_t)inlength : strlen(string));
   if(!length)
-    return strdup("");
+    return curlx_strdup("");
 
   curlx_dyn_init(&d, length * 3 + 1);
 
@@ -120,7 +116,7 @@ CURLcode Curl_urldecode(const char *string, size_t length,
   DEBUGASSERT(ctrl >= REJECT_NADA); /* crash on TRUE/FALSE */
 
   alloc = (length ? length : strlen(string));
-  ns = malloc(alloc + 1);
+  ns = curlx_malloc(alloc + 1);
 
   if(!ns)
     return CURLE_OUT_OF_MEMORY;
@@ -196,7 +192,7 @@ char *curl_easy_unescape(CURL *data, const char *string,
    the library's memory system */
 void curl_free(void *p)
 {
-  free(p);
+  curlx_free(p);
 }
 
 /*
diff --git a/lib/fake_addrinfo.c b/lib/fake_addrinfo.c
index 9789d1ef62..7d5da09ead 100644
--- a/lib/fake_addrinfo.c
+++ b/lib/fake_addrinfo.c
@@ -31,10 +31,6 @@
 #include 
 #include 
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 void r_freeaddrinfo(struct addrinfo *cahead)
 {
   struct addrinfo *canext;
@@ -42,7 +38,7 @@ void r_freeaddrinfo(struct addrinfo *cahead)
 
   for(ca = cahead; ca; ca = canext) {
     canext = ca->ai_next;
-    free(ca);
+    curlx_free(ca);
   }
 }
 
@@ -90,7 +86,7 @@ static struct addrinfo *mk_getaddrinfo(const struct ares_addrinfo *aihead)
     if((size_t)ai->ai_addrlen < ss_size)
       continue;
 
-    ca = malloc(sizeof(struct addrinfo) + ss_size + namelen);
+    ca = curlx_malloc(sizeof(struct addrinfo) + ss_size + namelen);
     if(!ca) {
       r_freeaddrinfo(cafirst);
       return NULL;
diff --git a/lib/file.c b/lib/file.c
index 3de92408c4..2f30a0297c 100644
--- a/lib/file.c
+++ b/lib/file.c
@@ -68,10 +68,6 @@
 #include "curlx/warnless.h"
 #include "curl_range.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #if defined(_WIN32) || defined(MSDOS)
 #define DOS_FILESYSTEM 1
 #elif defined(__amigaos4__)
@@ -148,7 +144,7 @@ static void file_easy_dtor(void *key, size_t klen, void *entry)
   (void)key;
   (void)klen;
   file_cleanup(file);
-  free(file);
+  curlx_free(file);
 }
 
 static CURLcode file_setup_connection(struct Curl_easy *data,
@@ -157,7 +153,7 @@ static CURLcode file_setup_connection(struct Curl_easy *data,
   struct FILEPROTO *filep;
   (void)conn;
   /* allocate the FILE specific struct */
-  filep = calloc(1, sizeof(*filep));
+  filep = curlx_calloc(1, sizeof(*filep));
   if(!filep ||
      Curl_meta_set(data, CURL_META_FILE_EASY, filep, file_easy_dtor))
     return CURLE_OUT_OF_MEMORY;
@@ -269,7 +265,7 @@ static CURLcode file_connect(struct Curl_easy *data, bool *done)
   file->path = real_path;
   #endif
 #endif
-  free(file->freepath);
+  curlx_free(file->freepath);
   file->freepath = real_path; /* free this when done */
 
   file->fd = fd;
diff --git a/lib/fileinfo.c b/lib/fileinfo.c
index bddd3fe6fb..83d2ef0d00 100644
--- a/lib/fileinfo.c
+++ b/lib/fileinfo.c
@@ -27,13 +27,10 @@
 #ifndef CURL_DISABLE_FTP
 
 #include "fileinfo.h"
-#include "curl_memory.h"
-/* The last #include file should be: */
-#include "memdebug.h"
 
 struct fileinfo *Curl_fileinfo_alloc(void)
 {
-  return calloc(1, sizeof(struct fileinfo));
+  return curlx_calloc(1, sizeof(struct fileinfo));
 }
 
 void Curl_fileinfo_cleanup(struct fileinfo *finfo)
@@ -42,7 +39,7 @@ void Curl_fileinfo_cleanup(struct fileinfo *finfo)
     return;
 
   curlx_dyn_free(&finfo->buf);
-  free(finfo);
+  curlx_free(finfo);
 }
 
 #endif
diff --git a/lib/formdata.c b/lib/formdata.c
index 416bcad4f5..d4bfed89be 100644
--- a/lib/formdata.c
+++ b/lib/formdata.c
@@ -40,10 +40,6 @@ struct Curl_easy;
 #include "curlx/fopen.h"
 #include "curlx/warnless.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 
 #define HTTPPOST_PTRNAME CURL_HTTPPOST_PTRNAME
 #define HTTPPOST_FILENAME CURL_HTTPPOST_FILENAME
@@ -76,7 +72,7 @@ AddHttpPost(struct FormInfo *src,
   if((src->bufferlength > LONG_MAX) || (namelength > LONG_MAX))
     /* avoid overflow in typecasts below */
     return NULL;
-  post = calloc(1, sizeof(struct curl_httppost));
+  post = curlx_calloc(1, sizeof(struct curl_httppost));
   if(post) {
     post->name = src->name;
     post->namelength = (long)namelength;
@@ -127,7 +123,7 @@ static struct FormInfo *AddFormInfo(char *value,
                                     struct FormInfo *parent_form_info)
 {
   struct FormInfo *form_info;
-  form_info = calloc(1, sizeof(struct FormInfo));
+  form_info = curlx_calloc(1, sizeof(struct FormInfo));
   if(!form_info)
     return NULL;
   if(value)
@@ -262,7 +258,7 @@ static CURLFORMcode FormAddCheck(struct FormInfo *first_form,
         type = FILE_CONTENTTYPE_DEFAULT;
 
       /* our contenttype is missing */
-      form->contenttype = strdup(type);
+      form->contenttype = curlx_strdup(type);
       if(!form->contenttype)
         return CURL_FORMADD_MEMORY;
 
@@ -320,7 +316,7 @@ static void free_chain(struct curl_httppost *c)
     struct curl_httppost *next = c->next;
     if(c->more)
       free_chain(c->more);
-    free(c);
+    curlx_free(c);
     c = next;
   }
 }
@@ -346,7 +342,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
   /*
    * We need to allocate the first struct to fill in.
    */
-  first_form = calloc(1, sizeof(struct FormInfo));
+  first_form = curlx_calloc(1, sizeof(struct FormInfo));
   if(!first_form)
     return CURL_FORMADD_MEMORY;
 
@@ -458,7 +454,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
         if(!array_state)
           avalue = va_arg(params, char *);
         if(avalue) {
-          curr->value = strdup(avalue);
+          curr->value = curlx_strdup(avalue);
           if(!curr->value)
             retval = CURL_FORMADD_MEMORY;
           else {
@@ -479,13 +475,13 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
       if(curr->value) {
         if(curr->flags & HTTPPOST_FILENAME) {
           if(avalue) {
-            char *fname = strdup(avalue);
+            char *fname = curlx_strdup(avalue);
             if(!fname)
               retval = CURL_FORMADD_MEMORY;
             else {
               form = AddFormInfo(fname, NULL, curr);
               if(!form) {
-                free(fname);
+                curlx_free(fname);
                 retval = CURL_FORMADD_MEMORY;
               }
               else {
@@ -503,7 +499,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
       }
       else {
         if(avalue) {
-          curr->value = strdup(avalue);
+          curr->value = curlx_strdup(avalue);
           if(!curr->value)
             retval = CURL_FORMADD_MEMORY;
           else {
@@ -566,13 +562,13 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
       if(curr->contenttype) {
         if(curr->flags & HTTPPOST_FILENAME) {
           if(avalue) {
-            char *type = strdup(avalue);
+            char *type = curlx_strdup(avalue);
             if(!type)
               retval = CURL_FORMADD_MEMORY;
             else {
               form = AddFormInfo(NULL, type, curr);
               if(!form) {
-                free(type);
+                curlx_free(type);
                 retval = CURL_FORMADD_MEMORY;
               }
               else {
@@ -590,7 +586,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
       }
       else {
         if(avalue) {
-          curr->contenttype = strdup(avalue);
+          curr->contenttype = curlx_strdup(avalue);
           if(!curr->contenttype)
             retval = CURL_FORMADD_MEMORY;
           else
@@ -623,7 +619,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
       if(curr->showfilename)
         retval = CURL_FORMADD_OPTION_TWICE;
       else {
-        curr->showfilename = strdup(avalue);
+        curr->showfilename = curlx_strdup(avalue);
         if(!curr->showfilename)
           retval = CURL_FORMADD_MEMORY;
         else
@@ -650,7 +646,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
      now by the httppost linked list */
   while(first_form) {
     struct FormInfo *ptr = first_form->more;
-    free(first_form);
+    curlx_free(first_form);
     first_form = ptr;
   }
 
@@ -743,14 +739,14 @@ void curl_formfree(struct curl_httppost *form)
     curl_formfree(form->more);
 
     if(!(form->flags & HTTPPOST_PTRNAME))
-      free(form->name); /* free the name */
+      curlx_free(form->name); /* free the name */
     if(!(form->flags &
          (HTTPPOST_PTRCONTENTS|HTTPPOST_BUFFER|HTTPPOST_CALLBACK))
       )
-      free(form->contents); /* free the contents */
-    free(form->contenttype); /* free the content type */
-    free(form->showfilename); /* free the faked filename */
-    free(form);       /* free the struct */
+      curlx_free(form->contents); /* free the contents */
+    curlx_free(form->contenttype); /* free the content type */
+    curlx_free(form->showfilename); /* free the faked filename */
+    curlx_free(form);       /* free the struct */
     form = next;
   } while(form); /* continue */
 }
@@ -768,7 +764,7 @@ static CURLcode setname(curl_mimepart *part, const char *name, size_t len)
   if(!zname)
     return CURLE_OUT_OF_MEMORY;
   res = curl_mime_name(part, zname);
-  free(zname);
+  curlx_free(zname);
   return res;
 }
 
diff --git a/lib/ftp.c b/lib/ftp.c
index ce40012268..b2b15a89dc 100644
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -72,10 +72,6 @@
 #include "curlx/strerr.h"
 #include "curlx/strparse.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #ifndef NI_MAXHOST
 #define NI_MAXHOST 1025
 #endif
@@ -1419,7 +1415,7 @@ static CURLcode ftp_state_list(struct Curl_easy *data,
     return CURLE_OUT_OF_MEMORY;
 
   result = Curl_pp_sendf(data, &ftpc->pp, "%s", cmd);
-  free(cmd);
+  curlx_free(cmd);
 
   if(!result)
     ftp_state(data, ftpc, FTP_LIST);
@@ -1770,12 +1766,12 @@ static CURLcode ftp_control_addr_dup(struct Curl_easy *data,
      not the ftp host. */
 #ifndef CURL_DISABLE_PROXY
   if(conn->bits.tunnel_proxy || conn->bits.socksproxy)
-    *newhostp = strdup(conn->host.name);
+    *newhostp = curlx_strdup(conn->host.name);
   else
 #endif
   if(!Curl_conn_get_ip_info(data, conn, FIRSTSOCKET, &is_ipv6, &ipquad) &&
      *ipquad.remote_ip)
-    *newhostp = strdup(ipquad.remote_ip);
+    *newhostp = curlx_strdup(ipquad.remote_ip);
   else {
     /* failed to get the remote_ip of the DATA connection */
     failf(data, "unable to get peername of DATA connection");
@@ -1934,7 +1930,7 @@ static CURLcode ftp_state_pasv_resp(struct Curl_easy *data,
 
     /* postponed address resolution in case of tcp fastopen */
     if(conn->bits.tcp_fastopen && !conn->bits.reuse && !newhost[0]) {
-      free(newhost);
+      curlx_free(newhost);
       result = ftp_control_addr_dup(data, &newhost);
       if(result)
         goto error;
@@ -1956,7 +1952,7 @@ static CURLcode ftp_state_pasv_resp(struct Curl_easy *data,
 
   if(result) {
     if(ftpc->count1 == 0 && ftpcode == 229) {
-      free(newhost);
+      curlx_free(newhost);
       return ftp_epsv_disable(data, ftpc, conn);
     }
 
@@ -1973,9 +1969,9 @@ static CURLcode ftp_state_pasv_resp(struct Curl_easy *data,
     /* this just dumps information about this second connection */
     ftp_pasv_verbose(data, dns->addr, newhost, connectport);
 
-  free(conn->secondaryhostname);
+  curlx_free(conn->secondaryhostname);
   conn->secondary_port = newport;
-  conn->secondaryhostname = strdup(newhost);
+  conn->secondaryhostname = curlx_strdup(newhost);
   if(!conn->secondaryhostname) {
     result = CURLE_OUT_OF_MEMORY;
     goto error;
@@ -1985,7 +1981,7 @@ static CURLcode ftp_state_pasv_resp(struct Curl_easy *data,
   ftp_state(data, ftpc, FTP_STOP); /* this phase is completed */
 
 error:
-  free(newhost);
+  curlx_free(newhost);
   return result;
 }
 
@@ -2723,17 +2719,17 @@ static CURLcode ftp_pwd_resp(struct Curl_easy *data,
       if(!ftpc->server_os && dir[0] != '/') {
         result = Curl_pp_sendf(data, &ftpc->pp, "%s", "SYST");
         if(result) {
-          free(dir);
+          curlx_free(dir);
           return result;
         }
       }
 
-      free(ftpc->entrypath);
+      curlx_free(ftpc->entrypath);
       ftpc->entrypath = dir; /* remember this */
       infof(data, "Entry path is '%s'", ftpc->entrypath);
       /* also save it where getinfo can access it: */
-      free(data->state.most_recent_ftp_entrypath);
-      data->state.most_recent_ftp_entrypath = strdup(ftpc->entrypath);
+      curlx_free(data->state.most_recent_ftp_entrypath);
+      data->state.most_recent_ftp_entrypath = curlx_strdup(ftpc->entrypath);
       if(!data->state.most_recent_ftp_entrypath)
         return CURLE_OUT_OF_MEMORY;
 
@@ -2961,18 +2957,18 @@ static CURLcode ftp_pp_statemachine(struct Curl_easy *data,
         /* Force OS400 name format 1. */
         result = Curl_pp_sendf(data, &ftpc->pp, "%s", "SITE NAMEFMT 1");
         if(result) {
-          free(os);
+          curlx_free(os);
           return result;
         }
         /* remember target server OS */
-        free(ftpc->server_os);
+        curlx_free(ftpc->server_os);
         ftpc->server_os = os;
         ftp_state(data, ftpc, FTP_NAMEFMT);
         break;
       }
       /* Nothing special for the target server. */
       /* remember target server OS */
-      free(ftpc->server_os);
+      curlx_free(ftpc->server_os);
       ftpc->server_os = os;
     }
     else {
@@ -3277,7 +3273,7 @@ static CURLcode ftp_done(struct Curl_easy *data, CURLcode status,
      * the error path) */
     ftpc->ctl_valid = FALSE; /* mark control connection as bad */
     connclose(conn, "FTP: out of memory!"); /* mark for connection closure */
-    free(ftpc->prevpath);
+    curlx_free(ftpc->prevpath);
     ftpc->prevpath = NULL; /* no path remembering */
   }
   else { /* remember working directory for connection reuse */
@@ -3288,7 +3284,7 @@ static CURLcode ftp_done(struct Curl_easy *data, CURLcode status,
       else {
         size_t pathLen = strlen(ftpc->rawpath);
 
-        free(ftpc->prevpath);
+        curlx_free(ftpc->prevpath);
 
         if(!ftpc->cwdfail) {
           if(data->set.ftp_filemethod == FTPFILE_NOCWD)
@@ -3757,7 +3753,7 @@ static void wc_data_dtor(void *ptr)
   struct ftp_wc *ftpwc = ptr;
   if(ftpwc && ftpwc->parser)
     Curl_ftp_parselist_data_free(&ftpwc->parser);
-  free(ftpwc);
+  curlx_free(ftpwc);
 }
 
 static CURLcode init_wc_data(struct Curl_easy *data,
@@ -3777,14 +3773,14 @@ static CURLcode init_wc_data(struct Curl_easy *data,
       wildcard->state = CURLWC_CLEAN;
       return ftp_parse_url_path(data, ftpc, ftp);
     }
-    wildcard->pattern = strdup(last_slash);
+    wildcard->pattern = curlx_strdup(last_slash);
     if(!wildcard->pattern)
       return CURLE_OUT_OF_MEMORY;
     last_slash[0] = '\0'; /* cut file from path */
   }
   else { /* there is only 'wildcard pattern' or nothing */
     if(path[0]) {
-      wildcard->pattern = strdup(path);
+      wildcard->pattern = curlx_strdup(path);
       if(!wildcard->pattern)
         return CURLE_OUT_OF_MEMORY;
       path[0] = '\0';
@@ -3799,7 +3795,7 @@ static CURLcode init_wc_data(struct Curl_easy *data,
      resources for wildcard transfer */
 
   /* allocate ftp protocol specific wildcard data */
-  ftpwc = calloc(1, sizeof(struct ftp_wc));
+  ftpwc = curlx_calloc(1, sizeof(struct ftp_wc));
   if(!ftpwc) {
     result = CURLE_OUT_OF_MEMORY;
     goto fail;
@@ -3825,7 +3821,7 @@ static CURLcode init_wc_data(struct Curl_easy *data,
     goto fail;
   }
 
-  wildcard->path = strdup(ftp->path);
+  wildcard->path = curlx_strdup(ftp->path);
   if(!wildcard->path) {
     result = CURLE_OUT_OF_MEMORY;
     goto fail;
@@ -3846,7 +3842,7 @@ static CURLcode init_wc_data(struct Curl_easy *data,
 fail:
   if(ftpwc) {
     Curl_ftp_parselist_data_free(&ftpwc->parser);
-    free(ftpwc);
+    curlx_free(ftpwc);
   }
   Curl_safefree(wildcard->pattern);
   wildcard->dtor = ZERO_NULL;
@@ -3904,7 +3900,7 @@ static CURLcode wc_statemach(struct Curl_easy *data,
         return CURLE_OUT_OF_MEMORY;
 
       /* switch default ftp->path and tmp_path */
-      free(ftp->pathalloc);
+      curlx_free(ftp->pathalloc);
       ftp->pathalloc = ftp->path = tmp_path;
 
       infof(data, "Wildcard - START of \"%s\"", finfo->filename);
@@ -4179,7 +4175,7 @@ CURLcode ftp_parse_url_path(struct Curl_easy *data,
         if(dirlen == 0)
           dirlen = 1;
 
-        ftpc->dirs = calloc(1, sizeof(ftpc->dirs[0]));
+        ftpc->dirs = curlx_calloc(1, sizeof(ftpc->dirs[0]));
         if(!ftpc->dirs)
           return CURLE_OUT_OF_MEMORY;
 
@@ -4205,7 +4201,7 @@ CURLcode ftp_parse_url_path(struct Curl_easy *data,
         return CURLE_URL_MALFORMAT;
 
       if(dirAlloc) {
-        ftpc->dirs = calloc(dirAlloc, sizeof(ftpc->dirs[0]));
+        ftpc->dirs = curlx_calloc(dirAlloc, sizeof(ftpc->dirs[0]));
         if(!ftpc->dirs)
           return CURLE_OUT_OF_MEMORY;
 
@@ -4372,7 +4368,7 @@ static void ftp_easy_dtor(void *key, size_t klen, void *entry)
   (void)key;
   (void)klen;
   Curl_safefree(ftp->pathalloc);
-  free(ftp);
+  curlx_free(ftp);
 }
 
 static void ftp_conn_dtor(void *key, size_t klen, void *entry)
@@ -4387,7 +4383,7 @@ static void ftp_conn_dtor(void *key, size_t klen, void *entry)
   Curl_safefree(ftpc->prevpath);
   Curl_safefree(ftpc->server_os);
   Curl_pp_disconnect(&ftpc->pp);
-  free(ftpc);
+  curlx_free(ftpc);
 }
 
 static void type_url_check(struct Curl_easy *data, struct FTP *ftp)
@@ -4426,19 +4422,19 @@ static CURLcode ftp_setup_connection(struct Curl_easy *data,
   CURLcode result = CURLE_OK;
   struct ftp_conn *ftpc;
 
-  ftp = calloc(1, sizeof(*ftp));
+  ftp = curlx_calloc(1, sizeof(*ftp));
   if(!ftp ||
      Curl_meta_set(data, CURL_META_FTP_EASY, ftp, ftp_easy_dtor))
     return CURLE_OUT_OF_MEMORY;
 
-  ftpc = calloc(1, sizeof(*ftpc));
+  ftpc = curlx_calloc(1, sizeof(*ftpc));
   if(!ftpc ||
      Curl_conn_meta_set(conn, CURL_META_FTP_CONN, ftpc, ftp_conn_dtor))
     return CURLE_OUT_OF_MEMORY;
 
   /* clone connection related data that is FTP specific */
   if(data->set.str[STRING_FTP_ACCOUNT]) {
-    ftpc->account = strdup(data->set.str[STRING_FTP_ACCOUNT]);
+    ftpc->account = curlx_strdup(data->set.str[STRING_FTP_ACCOUNT]);
     if(!ftpc->account) {
       Curl_conn_meta_remove(conn, CURL_META_FTP_CONN);
       return CURLE_OUT_OF_MEMORY;
@@ -4446,7 +4442,7 @@ static CURLcode ftp_setup_connection(struct Curl_easy *data,
   }
   if(data->set.str[STRING_FTP_ALTERNATIVE_TO_USER]) {
     ftpc->alternative_to_user =
-      strdup(data->set.str[STRING_FTP_ALTERNATIVE_TO_USER]);
+      curlx_strdup(data->set.str[STRING_FTP_ALTERNATIVE_TO_USER]);
     if(!ftpc->alternative_to_user) {
       Curl_safefree(ftpc->account);
       Curl_conn_meta_remove(conn, CURL_META_FTP_CONN);
diff --git a/lib/ftplistparser.c b/lib/ftplistparser.c
index d8d155d5c2..b62fa47f65 100644
--- a/lib/ftplistparser.c
+++ b/lib/ftplistparser.c
@@ -52,10 +52,6 @@
 #include "multiif.h"
 #include "curlx/strparse.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 typedef enum {
   PL_UNIX_TOTALSIZE = 0,
   PL_UNIX_FILETYPE,
@@ -205,18 +201,18 @@ void Curl_wildcard_dtor(struct WildcardData **wcp)
   DEBUGASSERT(wc->ftpwc == NULL);
 
   Curl_llist_destroy(&wc->filelist, NULL);
-  free(wc->path);
+  curlx_free(wc->path);
   wc->path = NULL;
-  free(wc->pattern);
+  curlx_free(wc->pattern);
   wc->pattern = NULL;
   wc->state = CURLWC_INIT;
-  free(wc);
+  curlx_free(wc);
   *wcp = NULL;
 }
 
 struct ftp_parselist_data *Curl_ftp_parselist_data_alloc(void)
 {
-  return calloc(1, sizeof(struct ftp_parselist_data));
+  return curlx_calloc(1, sizeof(struct ftp_parselist_data));
 }
 
 
@@ -225,7 +221,7 @@ void Curl_ftp_parselist_data_free(struct ftp_parselist_data **parserp)
   struct ftp_parselist_data *parser = *parserp;
   if(parser)
     Curl_fileinfo_cleanup(parser->file_data);
-  free(parser);
+  curlx_free(parser);
   *parserp = NULL;
 }
 
diff --git a/lib/getenv.c b/lib/getenv.c
index a2d8056fcc..73c62d99cd 100644
--- a/lib/getenv.c
+++ b/lib/getenv.c
@@ -25,9 +25,6 @@
 #include "curl_setup.h"
 
 #include 
-#include "curl_memory.h"
-
-#include "memdebug.h"
 
 static char *GetEnv(const char *variable)
 {
@@ -45,9 +42,9 @@ static char *GetEnv(const char *variable)
   const DWORD max = 32768; /* max env var size from MSCRT source */
 
   for(;;) {
-    tmp = realloc(buf, rc);
+    tmp = curlx_realloc(buf, rc);
     if(!tmp) {
-      free(buf);
+      curlx_free(buf);
       return NULL;
     }
 
@@ -58,7 +55,7 @@ static char *GetEnv(const char *variable)
        Since getenv does not make that distinction we ignore it as well. */
     rc = GetEnvironmentVariableA(variable, buf, bufsize);
     if(!rc || rc == bufsize || rc > max) {
-      free(buf);
+      curlx_free(buf);
       return NULL;
     }
 
@@ -70,7 +67,7 @@ static char *GetEnv(const char *variable)
   }
 #else
   char *env = getenv(variable);
-  return (env && env[0]) ? strdup(env) : NULL;
+  return (env && env[0]) ? curlx_strdup(env) : NULL;
 #endif
 }
 
diff --git a/lib/getinfo.c b/lib/getinfo.c
index 01c7279356..14244d087b 100644
--- a/lib/getinfo.c
+++ b/lib/getinfo.c
@@ -34,10 +34,6 @@
 #include "progress.h"
 #include "curlx/strparse.h"
 
-/* The last #include files should be: */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 /*
  * Initialize statistical and informational data.
  *
@@ -74,10 +70,10 @@ void Curl_initinfo(struct Curl_easy *data)
   info->httpauthpicked = 0;
   info->numconnects = 0;
 
-  free(info->contenttype);
+  curlx_free(info->contenttype);
   info->contenttype = NULL;
 
-  free(info->wouldredirect);
+  curlx_free(info->wouldredirect);
   info->wouldredirect = NULL;
 
   memset(&info->primary, 0, sizeof(info->primary));
@@ -137,7 +133,7 @@ static CURLcode getinfo_char(struct Curl_easy *data, CURLINFO info,
   case CURLINFO_FTP_ENTRY_PATH:
     /* Return the entrypath string from the most recent connection.
        This pointer was copied from the connectdata structure by FTP.
-       The actual string may be free()ed by subsequent libcurl calls so
+       The actual string may be freed by subsequent libcurl calls so
        it must be copied to a safer area before the next libcurl call.
        Callers must never free it themselves. */
     *param_charp = data->state.most_recent_ftp_entrypath;
diff --git a/lib/gopher.c b/lib/gopher.c
index 45d43f6ebd..93e9287c99 100644
--- a/lib/gopher.c
+++ b/lib/gopher.c
@@ -40,10 +40,6 @@
 #include "escape.h"
 #include "curlx/warnless.h"
 
-/* The last 2 #include files should be: */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 /*
  * Forward declarations.
  */
@@ -153,7 +149,7 @@ static CURLcode gopher_do(struct Curl_easy *data, bool *done)
   if(query)
     gopherpath = curl_maprintf("%s?%s", path, query);
   else
-    gopherpath = strdup(path);
+    gopherpath = curlx_strdup(path);
 
   if(!gopherpath)
     return CURLE_OUT_OF_MEMORY;
@@ -162,7 +158,7 @@ static CURLcode gopher_do(struct Curl_easy *data, bool *done)
   if(strlen(gopherpath) <= 2) {
     buf = "";
     buf_len = 0;
-    free(gopherpath);
+    curlx_free(gopherpath);
   }
   else {
     char *newp;
@@ -173,7 +169,7 @@ static CURLcode gopher_do(struct Curl_easy *data, bool *done)
 
     /* ... and finally unescape */
     result = Curl_urldecode(newp, 0, &buf_alloc, &buf_len, REJECT_ZERO);
-    free(gopherpath);
+    curlx_free(gopherpath);
     if(result)
       return result;
     buf = buf_alloc;
@@ -224,7 +220,7 @@ static CURLcode gopher_do(struct Curl_easy *data, bool *done)
     }
   }
 
-  free(buf_alloc);
+  curlx_free(buf_alloc);
 
   if(!result)
     result = Curl_xfer_send(data, "\r\n", 2, FALSE, &nwritten);
diff --git a/lib/hash.c b/lib/hash.c
index 8312fbf050..2d91c855e6 100644
--- a/lib/hash.c
+++ b/lib/hash.c
@@ -28,10 +28,6 @@
 
 #include "hash.h"
 #include "llist.h"
-#include "curl_memory.h"
-
-/* The last #include file should be: */
-#include "memdebug.h"
 
 /* random patterns for API verification */
 #ifdef DEBUGBUILD
@@ -115,7 +111,7 @@ hash_elem_create(const void *key, size_t key_len, const void *p,
   struct Curl_hash_element *he;
 
   /* allocate the struct plus memory after it to store the key */
-  he = malloc(sizeof(struct Curl_hash_element) + key_len);
+  he = curlx_malloc(sizeof(struct Curl_hash_element) + key_len);
   if(he) {
     he->next = NULL;
     /* copy the key */
@@ -145,7 +141,7 @@ static void hash_elem_destroy(struct Curl_hash *h,
                               struct Curl_hash_element *he)
 {
   hash_elem_clear_ptr(h, he);
-  free(he);
+  curlx_free(he);
 }
 
 static void hash_elem_unlink(struct Curl_hash *h,
@@ -177,7 +173,7 @@ void *Curl_hash_add2(struct Curl_hash *h, void *key, size_t key_len, void *p,
   DEBUGASSERT(h->slots);
   DEBUGASSERT(h->init == HASHINIT);
   if(!h->table) {
-    h->table = calloc(h->slots, sizeof(struct Curl_hash_element *));
+    h->table = curlx_calloc(h->slots, sizeof(struct Curl_hash_element *));
     if(!h->table)
       return NULL; /* OOM */
   }
diff --git a/lib/headers.c b/lib/headers.c
index feb52e087d..91715fd51d 100644
--- a/lib/headers.c
+++ b/lib/headers.c
@@ -30,10 +30,6 @@
 #include "headers.h"
 #include "curlx/strparse.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #if !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_HEADERS_API)
 
 /* Generate the curl_header struct for the user. This function MUST assign all
@@ -317,7 +313,7 @@ CURLcode Curl_headers_push(struct Curl_easy *data, const char *header,
     return CURLE_TOO_LARGE;
   }
 
-  hs = calloc(1, sizeof(*hs) + hlen);
+  hs = curlx_calloc(1, sizeof(*hs) + hlen);
   if(!hs)
     return CURLE_OUT_OF_MEMORY;
   memcpy(hs->buffer, header, hlen);
@@ -336,7 +332,7 @@ CURLcode Curl_headers_push(struct Curl_easy *data, const char *header,
   }
   else {
     failf(data, "Invalid response header");
-    free(hs);
+    curlx_free(hs);
   }
   return result;
 }
@@ -417,7 +413,7 @@ CURLcode Curl_headers_cleanup(struct Curl_easy *data)
   for(e = Curl_llist_head(&data->state.httphdrs); e; e = n) {
     struct Curl_header_store *hs = Curl_node_elem(e);
     n = Curl_node_next(e);
-    free(hs);
+    curlx_free(hs);
   }
   headers_reset(data);
   return CURLE_OK;
diff --git a/lib/hmac.c b/lib/hmac.c
index 7842f0601b..4f226e6434 100644
--- a/lib/hmac.c
+++ b/lib/hmac.c
@@ -33,12 +33,8 @@
 #include 
 
 #include "curl_hmac.h"
-#include "curl_memory.h"
 #include "curlx/warnless.h"
 
-/* The last #include file should be: */
-#include "memdebug.h"
-
 /*
  * Generic HMAC algorithm.
  *
@@ -62,7 +58,7 @@ Curl_HMAC_init(const struct HMAC_params *hashparams,
 
   /* Create HMAC context. */
   i = sizeof(*ctxt) + 2 * hashparams->ctxtsize + hashparams->resultlen;
-  ctxt = malloc(i);
+  ctxt = curlx_malloc(i);
 
   if(!ctxt)
     return ctxt;
@@ -103,7 +99,7 @@ Curl_HMAC_init(const struct HMAC_params *hashparams,
   return ctxt;
 
 fail:
-  free(ctxt);
+  curlx_free(ctxt);
   return NULL;
 }
 
@@ -130,7 +126,7 @@ int Curl_HMAC_final(struct HMAC_context *ctxt, unsigned char *output)
   hashparams->hfinal(output, ctxt->hashctxt1);
   hashparams->hupdate(ctxt->hashctxt2, output, hashparams->resultlen);
   hashparams->hfinal(output, ctxt->hashctxt2);
-  free(ctxt);
+  curlx_free(ctxt);
   return 0;
 }
 
diff --git a/lib/hostip.c b/lib/hostip.c
index 58a7712cf4..e81886995e 100644
--- a/lib/hostip.c
+++ b/lib/hostip.c
@@ -62,10 +62,6 @@
 #include "easy_lock.h"
 #include "curlx/strparse.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #if defined(CURLRES_SYNCH) &&                   \
   defined(HAVE_ALARM) &&                        \
   defined(SIGALRM) &&                           \
@@ -451,7 +447,7 @@ UNITTEST CURLcode Curl_shuffle_addr(struct Curl_easy *data,
     struct Curl_addrinfo **nodes;
     infof(data, "Shuffling %i addresses", num_addrs);
 
-    nodes = malloc(num_addrs*sizeof(*nodes));
+    nodes = curlx_malloc(num_addrs*sizeof(*nodes));
     if(nodes) {
       int i;
       unsigned int *rnd;
@@ -463,7 +459,7 @@ UNITTEST CURLcode Curl_shuffle_addr(struct Curl_easy *data,
         nodes[i] = nodes[i-1]->ai_next;
       }
 
-      rnd = malloc(rnd_size);
+      rnd = curlx_malloc(rnd_size);
       if(rnd) {
         /* Fisher-Yates shuffle */
         if(Curl_rand(data, (unsigned char *)rnd, rnd_size) == CURLE_OK) {
@@ -482,11 +478,11 @@ UNITTEST CURLcode Curl_shuffle_addr(struct Curl_easy *data,
           nodes[num_addrs-1]->ai_next = NULL;
           *addr = nodes[0];
         }
-        free(rnd);
+        curlx_free(rnd);
       }
       else
         result = CURLE_OUT_OF_MEMORY;
-      free(nodes);
+      curlx_free(nodes);
     }
     else
       result = CURLE_OUT_OF_MEMORY;
@@ -519,7 +515,7 @@ Curl_dnscache_mk_entry(struct Curl_easy *data,
     hostlen = strlen(hostname);
 
   /* Create a new cache entry */
-  dns = calloc(1, sizeof(struct Curl_dns_entry) + hostlen);
+  dns = curlx_calloc(1, sizeof(struct Curl_dns_entry) + hostlen);
   if(!dns)
     return NULL;
 
@@ -609,7 +605,7 @@ static struct Curl_addrinfo *get_localhost6(int port, const char *name)
   struct sockaddr_in6 sa6;
   unsigned char ipv6[16];
   unsigned short port16 = (unsigned short)(port & 0xffff);
-  ca = calloc(1, sizeof(struct Curl_addrinfo) + ss_size + hostlen + 1);
+  ca = curlx_calloc(1, sizeof(struct Curl_addrinfo) + ss_size + hostlen + 1);
   if(!ca)
     return NULL;
 
@@ -658,7 +654,7 @@ static struct Curl_addrinfo *get_localhost(int port, const char *name)
     return NULL;
   memcpy(&sa.sin_addr, &ipv4, sizeof(ipv4));
 
-  ca = calloc(1, sizeof(struct Curl_addrinfo) + ss_size + hostlen + 1);
+  ca = curlx_calloc(1, sizeof(struct Curl_addrinfo) + ss_size + hostlen + 1);
   if(!ca)
     return NULL;
   ca->ai_flags     = 0;
@@ -1178,10 +1174,10 @@ static void dnscache_entry_free(struct Curl_dns_entry *dns)
 #ifdef USE_HTTPSRR
   if(dns->hinfo) {
     Curl_httpsrr_cleanup(dns->hinfo);
-    free(dns->hinfo);
+    curlx_free(dns->hinfo);
   }
 #endif
-  free(dns);
+  curlx_free(dns);
 }
 
 /*
diff --git a/lib/hostip4.c b/lib/hostip4.c
index d543c1e14b..f01e902fd6 100644
--- a/lib/hostip4.c
+++ b/lib/hostip4.c
@@ -50,10 +50,6 @@
 #include "curl_share.h"
 #include "url.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 
 #ifdef CURLRES_SYNCH
 
@@ -139,7 +135,7 @@ struct Curl_addrinfo *Curl_ipv4_resolve_r(const char *hostname,
    */
   int h_errnop;
 
-  buf = calloc(1, CURL_HOSTENT_SIZE);
+  buf = curlx_calloc(1, CURL_HOSTENT_SIZE);
   if(!buf)
     return NULL; /* major failure */
   /*
@@ -253,8 +249,8 @@ struct Curl_addrinfo *Curl_ipv4_resolve_r(const char *hostname,
      * Since we do not know how big buffer this particular lookup required,
      * we cannot realloc down the huge alloc without doing closer analysis of
      * the returned data. Thus, we always use CURL_HOSTENT_SIZE for every
-     * name lookup. Fixing this would require an extra malloc() and then
-     * calling Curl_addrinfo_copy() that subsequent realloc()s down the new
+     * name lookup. Fixing this would require an extra allocation and then
+     * calling Curl_addrinfo_copy() that subsequent reallocation down the new
      * memory area to the actually used amount.
      */
   }
@@ -262,7 +258,7 @@ struct Curl_addrinfo *Curl_ipv4_resolve_r(const char *hostname,
 #endif /* HAVE_...BYNAME_R_5 || HAVE_...BYNAME_R_6 || HAVE_...BYNAME_R_3 */
   {
     h = NULL; /* set return code to NULL */
-    free(buf);
+    curlx_free(buf);
   }
 #else /* (HAVE_GETADDRINFO && HAVE_GETADDRINFO_THREADSAFE) ||
           HAVE_GETHOSTBYNAME_R */
@@ -280,7 +276,7 @@ struct Curl_addrinfo *Curl_ipv4_resolve_r(const char *hostname,
     ai = Curl_he2ai(h, port);
 
     if(buf) /* used a *_r() function */
-      free(buf);
+      curlx_free(buf);
   }
 #endif
 
diff --git a/lib/hostip6.c b/lib/hostip6.c
index 0f628b3fb5..cfba2a5cbf 100644
--- a/lib/hostip6.c
+++ b/lib/hostip6.c
@@ -53,10 +53,6 @@
 #include "curlx/inet_pton.h"
 #include "connect.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #ifdef CURLRES_SYNCH
 
 #ifdef DEBUG_ADDRINFO
diff --git a/lib/hsts.c b/lib/hsts.c
index 836481cd4c..22add03957 100644
--- a/lib/hsts.c
+++ b/lib/hsts.c
@@ -41,10 +41,6 @@
 #include "strdup.h"
 #include "curlx/strparse.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #define MAX_HSTS_LINE 4095
 #define MAX_HSTS_HOSTLEN 2048
 #define MAX_HSTS_DATELEN 256
@@ -72,7 +68,7 @@ static time_t hsts_debugtime(void *unused)
 
 struct hsts *Curl_hsts_init(void)
 {
-  struct hsts *h = calloc(1, sizeof(struct hsts));
+  struct hsts *h = curlx_calloc(1, sizeof(struct hsts));
   if(h) {
     Curl_llist_init(&h->list, NULL);
   }
@@ -81,8 +77,8 @@ struct hsts *Curl_hsts_init(void)
 
 static void hsts_free(struct stsentry *e)
 {
-  free(CURL_UNCONST(e->host));
-  free(e);
+  curlx_free(CURL_UNCONST(e->host));
+  curlx_free(e);
 }
 
 void Curl_hsts_cleanup(struct hsts **hp)
@@ -96,8 +92,8 @@ void Curl_hsts_cleanup(struct hsts **hp)
       n = Curl_node_next(e);
       hsts_free(sts);
     }
-    free(h->filename);
-    free(h);
+    curlx_free(h->filename);
+    curlx_free(h);
     *hp = NULL;
   }
 }
@@ -116,13 +112,13 @@ static CURLcode hsts_create(struct hsts *h,
     --hlen;
   if(hlen) {
     char *duphost;
-    struct stsentry *sts = calloc(1, sizeof(struct stsentry));
+    struct stsentry *sts = curlx_calloc(1, sizeof(struct stsentry));
     if(!sts)
       return CURLE_OUT_OF_MEMORY;
 
     duphost = Curl_memdup0(hostname, hlen);
     if(!duphost) {
-      free(sts);
+      curlx_free(sts);
       return CURLE_OUT_OF_MEMORY;
     }
 
@@ -385,7 +381,7 @@ CURLcode Curl_hsts_save(struct Curl_easy *data, struct hsts *h,
     if(result && tempstore)
       unlink(tempstore);
   }
-  free(tempstore);
+  curlx_free(tempstore);
 skipsave:
   if(data->set.hsts_write) {
     /* if there is a write callback */
@@ -518,8 +514,8 @@ static CURLcode hsts_load(struct hsts *h, const char *file)
 
   /* we need a private copy of the filename so that the hsts cache file
      name survives an easy handle reset */
-  free(h->filename);
-  h->filename = strdup(file);
+  curlx_free(h->filename);
+  h->filename = curlx_strdup(file);
   if(!h->filename)
     return CURLE_OUT_OF_MEMORY;
 
diff --git a/lib/http.c b/lib/http.c
index 8223c6f0e2..f09d96ee06 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -87,10 +87,6 @@
 #include "curl_ctype.h"
 #include "curlx/strparse.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 /*
  * Forward declarations.
  */
@@ -277,7 +273,7 @@ static bool http_header_is_empty(const char *header)
 
 /*
  * Strip off leading and trailing whitespace from the value in the given HTTP
- * header line and return a strdup()ed copy in 'valp' - returns an empty
+ * header line and return a strdup-ed copy in 'valp' - returns an empty
  * string if the header value consists entirely of whitespace.
  *
  * If the header is provided as "name;", ending with a semicolon, it returns a
@@ -305,7 +301,7 @@ static CURLcode copy_custom_value(const char *header, char **valp)
 
 /*
  * Strip off leading and trailing whitespace from the value in the given HTTP
- * header line and return a strdup()ed copy in 'valp' - returns an empty
+ * header line and return a strdup-ed copy in 'valp' - returns an empty
  * string if the header value consists entirely of whitespace.
  *
  * This function MUST be used after the header has already been confirmed to
@@ -377,18 +373,18 @@ static CURLcode http_output_basic(struct Curl_easy *data, bool proxy)
     goto fail;
   }
 
-  free(*userp);
+  curlx_free(*userp);
   *userp = curl_maprintf("%sAuthorization: Basic %s\r\n",
                          proxy ? "Proxy-" : "",
                          authorization);
-  free(authorization);
+  curlx_free(authorization);
   if(!*userp) {
     result = CURLE_OUT_OF_MEMORY;
     goto fail;
   }
 
 fail:
-  free(out);
+  curlx_free(out);
   return result;
 }
 
@@ -407,7 +403,7 @@ static CURLcode http_output_bearer(struct Curl_easy *data)
   CURLcode result = CURLE_OK;
 
   userp = &data->state.aptr.userpwd;
-  free(*userp);
+  curlx_free(*userp);
   *userp = curl_maprintf("Authorization: Bearer %s\r\n",
                          data->set.str[STRING_BEARER]);
 
@@ -615,8 +611,8 @@ CURLcode Curl_http_auth_act(struct Curl_easy *data)
     /* In case this is GSS auth, the newurl field is already allocated so
        we must make sure to free it before allocating a new one. As figured
        out in bug #2284386 */
-    free(data->req.newurl);
-    data->req.newurl = strdup(data->state.url); /* clone URL */
+    curlx_free(data->req.newurl);
+    data->req.newurl = curlx_strdup(data->state.url); /* clone URL */
     if(!data->req.newurl)
       return CURLE_OUT_OF_MEMORY;
   }
@@ -629,7 +625,7 @@ CURLcode Curl_http_auth_act(struct Curl_easy *data)
        we did not try HEAD or GET */
     if((data->state.httpreq != HTTPREQ_GET) &&
        (data->state.httpreq != HTTPREQ_HEAD)) {
-      data->req.newurl = strdup(data->state.url); /* clone URL */
+      data->req.newurl = curlx_strdup(data->state.url); /* clone URL */
       if(!data->req.newurl)
         return CURLE_OUT_OF_MEMORY;
       data->state.authhost.done = TRUE;
@@ -916,8 +912,8 @@ static CURLcode auth_spnego(struct Curl_easy *data,
       curlnegotiate *negstate = proxy ? &conn->proxy_negotiate_state :
         &conn->http_negotiate_state;
       if(!result) {
-        free(data->req.newurl);
-        data->req.newurl = strdup(data->state.url);
+        curlx_free(data->req.newurl);
+        data->req.newurl = curlx_strdup(data->state.url);
         if(!data->req.newurl)
           return CURLE_OUT_OF_MEMORY;
         data->state.authproblem = FALSE;
@@ -1291,7 +1287,7 @@ CURLcode Curl_http_follow(struct Curl_easy *data, const char *newurl,
 
     /* the URL could not be parsed for some reason, but since this is FAKE
        mode, just duplicate the field as-is */
-    follow_url = strdup(newurl);
+    follow_url = curlx_strdup(newurl);
     if(!follow_url)
       return CURLE_OUT_OF_MEMORY;
   }
@@ -1316,13 +1312,13 @@ CURLcode Curl_http_follow(struct Curl_easy *data, const char *newurl,
         uc = curl_url_get(data->state.uh, CURLUPART_PORT, &portnum,
                           CURLU_DEFAULT_PORT);
         if(uc) {
-          free(follow_url);
+          curlx_free(follow_url);
           return Curl_uc_to_curlcode(uc);
         }
         p = portnum;
         curlx_str_number(&p, &value, 0xffff);
         port = (int)value;
-        free(portnum);
+        curlx_free(portnum);
       }
       if(port != data->info.conn_remote_port) {
         infof(data, "Clear auth, redirects to port from %u to %u",
@@ -1334,7 +1330,7 @@ CURLcode Curl_http_follow(struct Curl_easy *data, const char *newurl,
         const struct Curl_handler *p;
         uc = curl_url_get(data->state.uh, CURLUPART_SCHEME, &scheme, 0);
         if(uc) {
-          free(follow_url);
+          curlx_free(follow_url);
           return Curl_uc_to_curlcode(uc);
         }
 
@@ -1344,7 +1340,7 @@ CURLcode Curl_http_follow(struct Curl_easy *data, const char *newurl,
                 data->info.conn_scheme, scheme);
           clear = TRUE;
         }
-        free(scheme);
+        curlx_free(scheme);
       }
       if(clear) {
         Curl_safefree(data->state.aptr.user);
@@ -1917,7 +1913,7 @@ static CURLcode http_useragent(struct Curl_easy *data)
      with the user-agent string specified, we erase the previously made string
      here. */
   if(Curl_checkheaders(data, STRCONST("User-Agent"))) {
-    free(data->state.aptr.uagent);
+    curlx_free(data->state.aptr.uagent);
     data->state.aptr.uagent = NULL;
   }
   return CURLE_OK;
@@ -1932,9 +1928,9 @@ static CURLcode http_set_aptr_host(struct Curl_easy *data)
 
   if(!data->state.this_is_a_follow) {
     /* Free to avoid leaking memory on multiple requests */
-    free(data->state.first_host);
+    curlx_free(data->state.first_host);
 
-    data->state.first_host = strdup(conn->host.name);
+    data->state.first_host = curlx_strdup(conn->host.name);
     if(!data->state.first_host)
       return CURLE_OUT_OF_MEMORY;
 
@@ -1958,7 +1954,7 @@ static CURLcode http_set_aptr_host(struct Curl_easy *data)
       return result;
     if(!*cookiehost)
       /* ignore empty data */
-      free(cookiehost);
+      curlx_free(cookiehost);
     else {
       /* If the host begins with '[', we start searching for the port after
          the bracket has been closed */
@@ -1977,7 +1973,7 @@ static CURLcode http_set_aptr_host(struct Curl_easy *data)
         if(colon)
           *colon = 0; /* The host must not include an embedded port number */
       }
-      free(aptr->cookiehost);
+      curlx_free(aptr->cookiehost);
       aptr->cookiehost = cookiehost;
     }
 #endif
@@ -2086,7 +2082,7 @@ static CURLcode http_target(struct Curl_easy *data,
     /* target or URL */
     result = curlx_dyn_add(r, data->set.str[STRING_TARGET] ?
       data->set.str[STRING_TARGET] : url);
-    free(url);
+    curlx_free(url);
     if(result)
       return result;
 
@@ -2142,7 +2138,7 @@ static CURLcode set_post_reader(struct Curl_easy *data, Curl_HttpReq httpreq)
     /* Convert the form structure into a mime structure, then keep
        the conversion */
     if(!data->state.formp) {
-      data->state.formp = calloc(1, sizeof(curl_mimepart));
+      data->state.formp = curlx_calloc(1, sizeof(curl_mimepart));
       if(!data->state.formp)
         return CURLE_OUT_OF_MEMORY;
       Curl_mime_cleanpart(data->state.formp);
@@ -2547,7 +2543,7 @@ static CURLcode http_range(struct Curl_easy *data,
     if(((httpreq == HTTPREQ_GET) || (httpreq == HTTPREQ_HEAD)) &&
        !Curl_checkheaders(data, STRCONST("Range"))) {
       /* if a line like this was already allocated, free the previous one */
-      free(data->state.aptr.rangeline);
+      curlx_free(data->state.aptr.rangeline);
       data->state.aptr.rangeline = curl_maprintf("Range: bytes=%s\r\n",
                                                  data->state.range);
       if(!data->state.aptr.rangeline)
@@ -2557,7 +2553,7 @@ static CURLcode http_range(struct Curl_easy *data,
             !Curl_checkheaders(data, STRCONST("Content-Range"))) {
       curl_off_t req_clen = Curl_creader_total_length(data);
       /* if a line like this was already allocated, free the previous one */
-      free(data->state.aptr.rangeline);
+      curlx_free(data->state.aptr.rangeline);
 
       if(data->set.set_resume_from < 0) {
         /* Upload resume was asked for, but we do not know the size of the
@@ -2723,7 +2719,7 @@ static CURLcode http_add_connection_hd(struct Curl_easy *data,
         return result;
       result = curlx_dyn_addf(req, "%s%s", sep, value);
       sep = ", ";
-      free(value);
+      curlx_free(value);
       break; /* leave, having added 1st one */
     }
   }
@@ -3000,7 +2996,7 @@ CURLcode Curl_http(struct Curl_easy *data, bool *done)
     }
     result = Curl_http_output_auth(data, data->conn, method, httpreq,
                                    (pq ? pq : data->state.up.path), FALSE);
-    free(pq);
+    curlx_free(pq);
   }
   if(result)
     goto out;
@@ -3245,9 +3241,9 @@ static CURLcode http_header_c(struct Curl_easy *data,
       return CURLE_OUT_OF_MEMORY;
     if(!*contenttype)
       /* ignore empty data */
-      free(contenttype);
+      curlx_free(contenttype);
     else {
-      free(data->info.contenttype);
+      curlx_free(data->info.contenttype);
       data->info.contenttype = contenttype;
     }
     return CURLE_OK;
@@ -3333,14 +3329,14 @@ static CURLcode http_header_l(struct Curl_easy *data,
     if(!*location ||
        (data->req.location && !strcmp(data->req.location, location))) {
       /* ignore empty header, or exact repeat of a previous one */
-      free(location);
+      curlx_free(location);
       return CURLE_OK;
     }
     else {
       /* has value and is not an exact repeat */
       if(data->req.location) {
         failf(data, "Multiple Location headers");
-        free(location);
+        curlx_free(location);
         return CURLE_WEIRD_SERVER_REPLY;
       }
       data->req.location = location;
@@ -3349,7 +3345,7 @@ static CURLcode http_header_l(struct Curl_easy *data,
          data->set.http_follow_mode) {
         CURLcode result;
         DEBUGASSERT(!data->req.newurl);
-        data->req.newurl = strdup(data->req.location); /* clone */
+        data->req.newurl = curlx_strdup(data->req.location); /* clone */
         if(!data->req.newurl)
           return CURLE_OUT_OF_MEMORY;
 
@@ -3407,7 +3403,7 @@ static CURLcode http_header_p(struct Curl_easy *data,
     CURLcode result = auth ? CURLE_OK : CURLE_OUT_OF_MEMORY;
     if(!result) {
       result = Curl_http_input_auth(data, TRUE, auth);
-      free(auth);
+      curlx_free(auth);
     }
     return result;
   }
@@ -3426,7 +3422,7 @@ static CURLcode http_header_p(struct Curl_easy *data,
       negdata->havenoauthpersist = TRUE;
       infof(data, "Negotiate: noauthpersist -> %d, header part: %s",
             negdata->noauthpersist, persistentauth);
-      free(persistentauth);
+      curlx_free(persistentauth);
     }
   }
 #endif
@@ -3587,7 +3583,7 @@ static CURLcode http_header_w(struct Curl_easy *data,
       result = CURLE_OUT_OF_MEMORY;
     else {
       result = Curl_http_input_auth(data, FALSE, auth);
-      free(auth);
+      curlx_free(auth);
     }
   }
   return result;
@@ -4065,7 +4061,7 @@ static CURLcode http_on_response(struct Curl_easy *data,
             data->state.disableexpect = TRUE;
             Curl_req_abort_sending(data);
             DEBUGASSERT(!data->req.newurl);
-            data->req.newurl = strdup(data->state.url);
+            data->req.newurl = curlx_strdup(data->state.url);
             if(!data->req.newurl) {
               result = CURLE_OUT_OF_MEMORY;
               goto out;
@@ -4533,7 +4529,7 @@ CURLcode Curl_http_req_make(struct httpreq **preq,
 
   DEBUGASSERT(method && m_len);
 
-  req = calloc(1, sizeof(*req) + m_len);
+  req = curlx_calloc(1, sizeof(*req) + m_len);
   if(!req)
     goto out;
 #if defined(__GNUC__) && __GNUC__ >= 13
@@ -4606,8 +4602,8 @@ static CURLcode req_assign_url_authority(struct httpreq *req, CURLU *url)
   }
   req->authority = curlx_dyn_ptr(&buf);
 out:
-  free(host);
-  free(port);
+  curlx_free(host);
+  curlx_free(port);
   if(result)
     curlx_dyn_free(&buf);
   return result;
@@ -4645,8 +4641,8 @@ static CURLcode req_assign_url_path(struct httpreq *req, CURLU *url)
   result = CURLE_OK;
 
 out:
-  free(path);
-  free(query);
+  curlx_free(path);
+  curlx_free(query);
   if(result)
     curlx_dyn_free(&buf);
   return result;
@@ -4662,7 +4658,7 @@ CURLcode Curl_http_req_make2(struct httpreq **preq,
 
   DEBUGASSERT(method && m_len);
 
-  req = calloc(1, sizeof(*req) + m_len);
+  req = curlx_calloc(1, sizeof(*req) + m_len);
   if(!req)
     goto out;
   memcpy(req->method, method, m_len);
@@ -4671,7 +4667,7 @@ CURLcode Curl_http_req_make2(struct httpreq **preq,
   if(uc && uc != CURLUE_NO_SCHEME)
     goto out;
   if(!req->scheme && scheme_default) {
-    req->scheme = strdup(scheme_default);
+    req->scheme = curlx_strdup(scheme_default);
     if(!req->scheme)
       goto out;
   }
@@ -4697,12 +4693,12 @@ out:
 void Curl_http_req_free(struct httpreq *req)
 {
   if(req) {
-    free(req->scheme);
-    free(req->authority);
-    free(req->path);
+    curlx_free(req->scheme);
+    curlx_free(req->authority);
+    curlx_free(req->path);
     Curl_dynhds_free(&req->headers);
     Curl_dynhds_free(&req->trailers);
-    free(req);
+    curlx_free(req);
   }
 }
 
@@ -4840,13 +4836,13 @@ CURLcode Curl_http_resp_make(struct http_resp **presp,
   struct http_resp *resp;
   CURLcode result = CURLE_OUT_OF_MEMORY;
 
-  resp = calloc(1, sizeof(*resp));
+  resp = curlx_calloc(1, sizeof(*resp));
   if(!resp)
     goto out;
 
   resp->status = status;
   if(description) {
-    resp->description = strdup(description);
+    resp->description = curlx_strdup(description);
     if(!resp->description)
       goto out;
   }
@@ -4864,12 +4860,12 @@ out:
 void Curl_http_resp_free(struct http_resp *resp)
 {
   if(resp) {
-    free(resp->description);
+    curlx_free(resp->description);
     Curl_dynhds_free(&resp->headers);
     Curl_dynhds_free(&resp->trailers);
     if(resp->prev)
       Curl_http_resp_free(resp->prev);
-    free(resp);
+    curlx_free(resp);
   }
 }
 
diff --git a/lib/http1.c b/lib/http1.c
index b1d8097636..0a80fedfc7 100644
--- a/lib/http1.c
+++ b/lib/http1.c
@@ -32,10 +32,6 @@
 #include "http1.h"
 #include "urlapi-int.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 
 #define H1_MAX_URL_LEN   (8*1024)
 
diff --git a/lib/http2.c b/lib/http2.c
index 2e8649c105..baaefd439d 100644
--- a/lib/http2.c
+++ b/lib/http2.c
@@ -48,10 +48,6 @@
 #include "curlx/warnless.h"
 #include "headers.h"
 
-/* The last 3 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #if (NGHTTP2_VERSION_NUM < 0x010c00)
 #error too old nghttp2 version, upgrade!
 #endif
@@ -168,7 +164,7 @@ static void cf_h2_ctx_free(struct cf_h2_ctx *ctx)
     Curl_uint32_hash_destroy(&ctx->streams);
     memset(ctx, 0, sizeof(*ctx));
   }
-  free(ctx);
+  curlx_free(ctx);
 }
 
 static void cf_h2_ctx_close(struct cf_h2_ctx *ctx)
@@ -276,7 +272,7 @@ static struct h2_stream_ctx *h2_stream_ctx_create(struct cf_h2_ctx *ctx)
   struct h2_stream_ctx *stream;
 
   (void)ctx;
-  stream = calloc(1, sizeof(*stream));
+  stream = curlx_calloc(1, sizeof(*stream));
   if(!stream)
     return NULL;
 
@@ -299,7 +295,7 @@ static void free_push_headers(struct h2_stream_ctx *stream)
 {
   size_t i;
   for(i = 0; i < stream->push_headers_used; i++)
-    free(stream->push_headers[i]);
+    curlx_free(stream->push_headers[i]);
   Curl_safefree(stream->push_headers);
   stream->push_headers_used = 0;
 }
@@ -310,7 +306,7 @@ static void h2_stream_ctx_free(struct h2_stream_ctx *stream)
   Curl_h1_req_parse_free(&stream->h1);
   Curl_dynhds_free(&stream->resp_trailers);
   free_push_headers(stream);
-  free(stream);
+  curlx_free(stream);
 }
 
 static void h2_stream_hash_free(unsigned int id, void *stream)
@@ -952,7 +948,7 @@ fail:
     return rc;
 
   if(data->state.url_alloc)
-    free(data->state.url);
+    curlx_free(data->state.url);
   data->state.url_alloc = TRUE;
   data->state.url = url;
   return 0;
@@ -1642,15 +1638,15 @@ static int on_header(nghttp2_session *session, const nghttp2_frame *frame,
                                         stream_id, NGHTTP2_PROTOCOL_ERROR);
         rc = NGHTTP2_ERR_CALLBACK_FAILURE;
       }
-      free(check);
+      curlx_free(check);
       if(rc)
         return rc;
     }
 
     if(!stream->push_headers) {
       stream->push_headers_alloc = 10;
-      stream->push_headers = malloc(stream->push_headers_alloc *
-                                    sizeof(char *));
+      stream->push_headers = curlx_malloc(stream->push_headers_alloc *
+                                          sizeof(char *));
       if(!stream->push_headers)
         return NGHTTP2_ERR_CALLBACK_FAILURE;
       stream->push_headers_used = 0;
@@ -1665,8 +1661,8 @@ static int on_header(nghttp2_session *session, const nghttp2_frame *frame,
         return NGHTTP2_ERR_CALLBACK_FAILURE;
       }
       stream->push_headers_alloc *= 2;
-      headp = realloc(stream->push_headers,
-                      stream->push_headers_alloc * sizeof(char *));
+      headp = curlx_realloc(stream->push_headers,
+                            stream->push_headers_alloc * sizeof(char *));
       if(!headp) {
         free_push_headers(stream);
         return NGHTTP2_ERR_CALLBACK_FAILURE;
@@ -1859,7 +1855,7 @@ CURLcode Curl_http2_request_upgrade(struct dynbuf *req,
                           "Upgrade: %s\r\n"
                           "HTTP2-Settings: %s\r\n",
                           NGHTTP2_CLEARTEXT_PROTO_VERSION_ID, base64);
-  free(base64);
+  curlx_free(base64);
 
   k->upgr101 = UPGR101_H2;
   data->conn->bits.upgrade_in_progress = TRUE;
@@ -2881,7 +2877,7 @@ static CURLcode http2_cfilter_add(struct Curl_cfilter **pcf,
   CURLcode result = CURLE_OUT_OF_MEMORY;
 
   DEBUGASSERT(data->conn);
-  ctx = calloc(1, sizeof(*ctx));
+  ctx = curlx_calloc(1, sizeof(*ctx));
   if(!ctx)
     goto out;
   cf_h2_ctx_init(ctx, via_h1_upgrade);
@@ -2909,7 +2905,7 @@ static CURLcode http2_cfilter_insert_after(struct Curl_cfilter *cf,
   CURLcode result = CURLE_OUT_OF_MEMORY;
 
   (void)data;
-  ctx = calloc(1, sizeof(*ctx));
+  ctx = curlx_calloc(1, sizeof(*ctx));
   if(!ctx)
     goto out;
   cf_h2_ctx_init(ctx, via_h1_upgrade);
diff --git a/lib/http_aws_sigv4.c b/lib/http_aws_sigv4.c
index d3d4760be7..0ef18b6fea 100644
--- a/lib/http_aws_sigv4.c
+++ b/lib/http_aws_sigv4.c
@@ -39,10 +39,6 @@
 
 #include 
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #include "slist.h"
 
 #define HMAC_SHA256(k, kl, d, dl, o)                \
@@ -210,12 +206,12 @@ static CURLcode merge_duplicate_headers(struct curl_slist *head)
       if(result)
         return result;
 
-      free(curr->data);
+      curlx_free(curr->data);
       curr->data = curlx_dyn_ptr(&buf);
 
       curr->next = next->next;
-      free(next->data);
-      free(next);
+      curlx_free(next->data);
+      curlx_free(next);
     }
     else {
       curr = curr->next;
@@ -269,7 +265,7 @@ static CURLcode make_headers(struct Curl_easy *data,
     if(fullhost)
       head = Curl_slist_append_nodup(NULL, fullhost);
     if(!head) {
-      free(fullhost);
+      curlx_free(fullhost);
       goto fail;
     }
   }
@@ -307,13 +303,13 @@ static CURLcode make_headers(struct Curl_easy *data,
       ;
     if(!*ptr && ptr != sep + 1) /* a value of whitespace only */
       continue;
-    dupdata = strdup(l->data);
+    dupdata = curlx_strdup(l->data);
     if(!dupdata)
       goto fail;
     dupdata[sep - l->data] = ':';
     tmp_head = Curl_slist_append_nodup(head, dupdata);
     if(!tmp_head) {
-      free(dupdata);
+      curlx_free(dupdata);
       goto fail;
     }
     head = tmp_head;
@@ -964,7 +960,7 @@ CURLcode Curl_output_aws_sigv4(struct Curl_easy *data)
   Curl_strntoupper(&auth_headers[sizeof("Authorization: ") - 1],
                    curlx_str(&provider0), curlx_strlen(&provider0));
 
-  free(data->state.aptr.userpwd);
+  curlx_free(data->state.aptr.userpwd);
   data->state.aptr.userpwd = auth_headers;
   data->state.authhost.done = TRUE;
   result = CURLE_OK;
@@ -974,12 +970,12 @@ fail:
   curlx_dyn_free(&canonical_path);
   curlx_dyn_free(&canonical_headers);
   curlx_dyn_free(&signed_headers);
-  free(canonical_request);
-  free(request_type);
-  free(credential_scope);
-  free(str_to_sign);
-  free(secret);
-  free(date_header);
+  curlx_free(canonical_request);
+  curlx_free(request_type);
+  curlx_free(credential_scope);
+  curlx_free(str_to_sign);
+  curlx_free(secret);
+  curlx_free(date_header);
   return result;
 }
 
diff --git a/lib/http_chunks.c b/lib/http_chunks.c
index 005d34e7b9..9d0a0b324c 100644
--- a/lib/http_chunks.c
+++ b/lib/http_chunks.c
@@ -36,10 +36,6 @@
 #include "curlx/strparse.h"
 #include "curlx/warnless.h"
 
-/* The last #include files should be: */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 /*
  * Chunk format (simplified):
  *
diff --git a/lib/http_digest.c b/lib/http_digest.c
index 097c81fd71..2ca1a12d5d 100644
--- a/lib/http_digest.c
+++ b/lib/http_digest.c
@@ -32,10 +32,6 @@
 #include "http_digest.h"
 #include "curlx/strparse.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 /* Test example headers:
 
 WWW-Authenticate: Digest realm="testrealm", nonce="1053604598"
@@ -152,20 +148,20 @@ CURLcode Curl_output_digest(struct Curl_easy *data,
     }
   }
   if(!tmp)
-    path = (unsigned char *)strdup((const char *) uripath);
+    path = (unsigned char *)curlx_strdup((const char *) uripath);
 
   if(!path)
     return CURLE_OUT_OF_MEMORY;
 
   result = Curl_auth_create_digest_http_message(data, userp, passwdp, request,
                                                 path, digest, &response, &len);
-  free(path);
+  curlx_free(path);
   if(result)
     return result;
 
   *allocuserpwd = curl_maprintf("%sAuthorization: Digest %s\r\n",
                                 proxy ? "Proxy-" : "", response);
-  free(response);
+  curlx_free(response);
   if(!*allocuserpwd)
     return CURLE_OUT_OF_MEMORY;
 
diff --git a/lib/http_negotiate.c b/lib/http_negotiate.c
index 136cb07641..fc80f80fa3 100644
--- a/lib/http_negotiate.c
+++ b/lib/http_negotiate.c
@@ -34,10 +34,6 @@
 #include "vtls/vtls.h"
 #include "curlx/strparse.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 
 static void http_auth_nego_reset(struct connectdata *conn,
                                  struct negotiatedata *neg_ctx,
@@ -223,16 +219,16 @@ CURLcode Curl_output_negotiate(struct Curl_easy *data,
 
     if(proxy) {
 #ifndef CURL_DISABLE_PROXY
-      free(data->state.aptr.proxyuserpwd);
+      curlx_free(data->state.aptr.proxyuserpwd);
       data->state.aptr.proxyuserpwd = userp;
 #endif
     }
     else {
-      free(data->state.aptr.userpwd);
+      curlx_free(data->state.aptr.userpwd);
       data->state.aptr.userpwd = userp;
     }
 
-    free(base64);
+    curlx_free(base64);
 
     if(!userp) {
       return CURLE_OUT_OF_MEMORY;
diff --git a/lib/http_ntlm.c b/lib/http_ntlm.c
index 8cb6403fdb..2856745c34 100644
--- a/lib/http_ntlm.c
+++ b/lib/http_ntlm.c
@@ -49,10 +49,6 @@
 #include "curl_sspi.h"
 #endif
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 CURLcode Curl_input_ntlm(struct Curl_easy *data,
                          bool proxy,         /* if proxy or not */
                          const char *header) /* rest of the www-authenticate:
@@ -208,11 +204,11 @@ CURLcode Curl_output_ntlm(struct Curl_easy *data, bool proxy)
       result = curlx_base64_encode(Curl_bufref_ptr(&ntlmmsg),
                                   Curl_bufref_len(&ntlmmsg), &base64, &len);
       if(!result) {
-        free(*allocuserpwd);
+        curlx_free(*allocuserpwd);
         *allocuserpwd = curl_maprintf("%sAuthorization: NTLM %s\r\n",
                                       proxy ? "Proxy-" : "",
                                       base64);
-        free(base64);
+        curlx_free(base64);
         if(!*allocuserpwd)
           result = CURLE_OUT_OF_MEMORY;
       }
@@ -227,11 +223,11 @@ CURLcode Curl_output_ntlm(struct Curl_easy *data, bool proxy)
       result = curlx_base64_encode(Curl_bufref_ptr(&ntlmmsg),
                                    Curl_bufref_len(&ntlmmsg), &base64, &len);
       if(!result) {
-        free(*allocuserpwd);
+        curlx_free(*allocuserpwd);
         *allocuserpwd = curl_maprintf("%sAuthorization: NTLM %s\r\n",
                                       proxy ? "Proxy-" : "",
                                       base64);
-        free(base64);
+        curlx_free(base64);
         if(!*allocuserpwd)
           result = CURLE_OUT_OF_MEMORY;
         else {
diff --git a/lib/http_proxy.c b/lib/http_proxy.c
index 9bde118baf..21f0cc6211 100644
--- a/lib/http_proxy.c
+++ b/lib/http_proxy.c
@@ -44,10 +44,6 @@
 #include "vauth/vauth.h"
 #include "curlx/strparse.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 static CURLcode dynhds_add_custom(struct Curl_easy *data,
                                   bool is_connect, int httpversion,
                                   struct dynhds *hds)
@@ -270,7 +266,7 @@ out:
     Curl_http_req_free(req);
     req = NULL;
   }
-  free(authority);
+  curlx_free(authority);
   *preq = req;
   return result;
 }
@@ -386,7 +382,7 @@ static void http_proxy_cf_destroy(struct Curl_cfilter *cf,
 
   (void)data;
   CURL_TRC_CF(data, cf, "destroy");
-  free(ctx);
+  curlx_free(ctx);
 }
 
 static void http_proxy_cf_close(struct Curl_cfilter *cf,
@@ -425,7 +421,7 @@ CURLcode Curl_cf_http_proxy_insert_after(struct Curl_cfilter *cf_at,
   CURLcode result;
 
   (void)data;
-  ctx = calloc(1, sizeof(*ctx));
+  ctx = curlx_calloc(1, sizeof(*ctx));
   if(!ctx) {
     result = CURLE_OUT_OF_MEMORY;
     goto out;
@@ -437,7 +433,7 @@ CURLcode Curl_cf_http_proxy_insert_after(struct Curl_cfilter *cf_at,
   Curl_conn_cf_insert_after(cf_at, cf);
 
 out:
-  free(ctx);
+  curlx_free(ctx);
   return result;
 }
 
diff --git a/lib/httpsrr.c b/lib/httpsrr.c
index 0cf5b131bd..34d081b502 100644
--- a/lib/httpsrr.c
+++ b/lib/httpsrr.c
@@ -33,10 +33,6 @@
 #include "sendf.h"
 #include "strdup.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 static CURLcode httpsrr_decode_alpn(const uint8_t *cp, size_t len,
                                     unsigned char *alpns)
 {
@@ -97,7 +93,7 @@ CURLcode Curl_httpsrr_set(struct Curl_easy *data,
   case HTTPS_RR_CODE_IPV4: /* addr4 list */
     if(!vlen || (vlen & 3)) /* the size must be 4-byte aligned */
       return CURLE_BAD_FUNCTION_ARGUMENT;
-    free(hi->ipv4hints);
+    curlx_free(hi->ipv4hints);
     hi->ipv4hints = Curl_memdup(val, vlen);
     if(!hi->ipv4hints)
       return CURLE_OUT_OF_MEMORY;
@@ -107,7 +103,7 @@ CURLcode Curl_httpsrr_set(struct Curl_easy *data,
   case HTTPS_RR_CODE_ECH:
     if(!vlen)
       return CURLE_BAD_FUNCTION_ARGUMENT;
-    free(hi->echconfiglist);
+    curlx_free(hi->echconfiglist);
     hi->echconfiglist = Curl_memdup(val, vlen);
     if(!hi->echconfiglist)
       return CURLE_OUT_OF_MEMORY;
@@ -117,7 +113,7 @@ CURLcode Curl_httpsrr_set(struct Curl_easy *data,
   case HTTPS_RR_CODE_IPV6: /* addr6 list */
     if(!vlen || (vlen & 15)) /* the size must be 16-byte aligned */
       return CURLE_BAD_FUNCTION_ARGUMENT;
-    free(hi->ipv6hints);
+    curlx_free(hi->ipv6hints);
     hi->ipv6hints = Curl_memdup(val, vlen);
     if(!hi->ipv6hints)
       return CURLE_OUT_OF_MEMORY;
@@ -189,8 +185,8 @@ CURLcode Curl_httpsrr_from_ares(struct Curl_easy *data,
        is in ServiceMode */
     target = ares_dns_rr_get_str(rr, ARES_RR_HTTPS_TARGET);
     if(target && target[0]) {
-      free(hinfo->target);
-      hinfo->target = strdup(target);
+      curlx_free(hinfo->target);
+      hinfo->target = curlx_strdup(target);
       if(!hinfo->target) {
         result = CURLE_OUT_OF_MEMORY;
         goto out;
diff --git a/lib/idn.c b/lib/idn.c
index 7e324db6c4..1c404f6543 100644
--- a/lib/idn.c
+++ b/lib/idn.c
@@ -45,10 +45,6 @@
 #endif
 #endif  /* USE_LIBIDN2 */
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 /* for macOS and iOS targets */
 #ifdef USE_APPLE_IDN
 #include 
@@ -108,7 +104,7 @@ static CURLcode mac_idn_to_ascii(const char *in, char **out)
                                      buffer, sizeof(buffer) - 1, &info, &err);
         uidna_close(idna);
         if(!U_FAILURE(err) && !info.errors) {
-          *out = strdup(buffer);
+          *out = curlx_strdup(buffer);
           if(*out)
             return CURLE_OK;
           else
@@ -136,7 +132,7 @@ static CURLcode mac_ascii_to_idn(const char *in, char **out)
                                     sizeof(buffer) - 1, &info, &err);
       uidna_close(idna);
       if(!U_FAILURE(err)) {
-        *out = strdup(buffer);
+        *out = curlx_strdup(buffer);
         if(*out)
           return CURLE_OK;
         else
@@ -179,7 +175,7 @@ static CURLcode win32_idn_to_ascii(const char *in, char **out)
     if(chars) {
       char *mstr = curlx_convert_wchar_to_UTF8(punycode);
       if(mstr) {
-        *out = strdup(mstr);
+        *out = curlx_strdup(mstr);
         curlx_unicodefree(mstr);
         if(!*out)
           return CURLE_OUT_OF_MEMORY;
@@ -209,7 +205,7 @@ static CURLcode win32_ascii_to_idn(const char *in, char **output)
       /* 'chars' is "the number of characters retrieved" */
       char *mstr = curlx_convert_wchar_to_UTF8(idn);
       if(mstr) {
-        out = strdup(mstr);
+        out = curlx_strdup(mstr);
         curlx_unicodefree(mstr);
         if(!out)
           return CURLE_OUT_OF_MEMORY;
@@ -314,7 +310,7 @@ CURLcode Curl_idn_decode(const char *input, char **output)
   CURLcode result = idn_decode(input, &d);
 #ifdef USE_LIBIDN2
   if(!result) {
-    char *c = strdup(d);
+    char *c = curlx_strdup(d);
     idn2_free(d);
     if(c)
       d = c;
@@ -325,7 +321,7 @@ CURLcode Curl_idn_decode(const char *input, char **output)
   if(!result) {
     if(!d[0]) { /* ended up zero length, not acceptable */
       result = CURLE_URL_MALFORMAT;
-      free(d);
+      curlx_free(d);
     }
     else
       *output = d;
@@ -339,7 +335,7 @@ CURLcode Curl_idn_encode(const char *puny, char **output)
   CURLcode result = idn_encode(puny, &d);
 #ifdef USE_LIBIDN2
   if(!result) {
-    char *c = strdup(d);
+    char *c = curlx_strdup(d);
     idn2_free(d);
     if(c)
       d = c;
diff --git a/lib/if2ip.c b/lib/if2ip.c
index 79b0599106..c2b8aafc4d 100644
--- a/lib/if2ip.c
+++ b/lib/if2ip.c
@@ -55,10 +55,6 @@
 #include "curlx/inet_ntop.h"
 #include "if2ip.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 /* ------------------------------------------------------------------ */
 
 #ifdef USE_IPV6
diff --git a/lib/imap.c b/lib/imap.c
index af9b124d1e..d093e46d33 100644
--- a/lib/imap.c
+++ b/lib/imap.c
@@ -78,10 +78,6 @@
 #include "curlx/warnless.h"
 #include "curl_ctype.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 
 /* meta key for storing protocol meta at easy handle */
 #define CURL_META_IMAP_EASY   "meta:proto:imap:easy"
@@ -617,8 +613,8 @@ static CURLcode imap_perform_login(struct Curl_easy *data,
   result = imap_sendf(data, imapc, "LOGIN %s %s", user ? user : "",
                       passwd ? passwd : "");
 
-  free(user);
-  free(passwd);
+  curlx_free(user);
+  curlx_free(passwd);
 
   if(!result)
     imap_state(data, imapc, IMAP_LOGIN);
@@ -751,14 +747,14 @@ static CURLcode imap_perform_list(struct Curl_easy *data,
   else {
     /* Make sure the mailbox is in the correct atom format if necessary */
     char *mailbox = imap->mailbox ? imap_atom(imap->mailbox, TRUE)
-                                  : strdup("");
+                                  : curlx_strdup("");
     if(!mailbox)
       return CURLE_OUT_OF_MEMORY;
 
     /* Send the LIST command */
     result = imap_sendf(data, imapc, "LIST \"%s\" *", mailbox);
 
-    free(mailbox);
+    curlx_free(mailbox);
   }
 
   if(!result)
@@ -797,7 +793,7 @@ static CURLcode imap_perform_select(struct Curl_easy *data,
   /* Send the SELECT command */
   result = imap_sendf(data, imapc, "SELECT %s", mailbox);
 
-  free(mailbox);
+  curlx_free(mailbox);
 
   if(!result)
     imap_state(data, imapc, IMAP_SELECT);
@@ -947,7 +943,7 @@ static CURLcode imap_perform_append(struct Curl_easy *data,
 
 cleanup:
   curlx_dyn_free(&flags);
-  free(mailbox);
+  curlx_free(mailbox);
 
   if(!result)
     imap_state(data, imapc, IMAP_APPEND);
@@ -1338,7 +1334,7 @@ static CURLcode imap_state_select_resp(struct Curl_easy *data,
     else {
       /* Note the currently opened mailbox on this connection */
       DEBUGASSERT(!imapc->mailbox);
-      imapc->mailbox = strdup(imap->mailbox);
+      imapc->mailbox = curlx_strdup(imap->mailbox);
       if(!imapc->mailbox)
         return CURLE_OUT_OF_MEMORY;
 
@@ -1967,7 +1963,7 @@ static void imap_easy_dtor(void *key, size_t klen, void *entry)
   (void)key;
   (void)klen;
   imap_easy_reset(imap);
-  free(imap);
+  curlx_free(imap);
 }
 
 static void imap_conn_dtor(void *key, size_t klen, void *entry)
@@ -1978,7 +1974,7 @@ static void imap_conn_dtor(void *key, size_t klen, void *entry)
   Curl_pp_disconnect(&imapc->pp);
   curlx_dyn_free(&imapc->dyn);
   Curl_safefree(imapc->mailbox);
-  free(imapc);
+  curlx_free(imapc);
 }
 
 static CURLcode imap_setup_connection(struct Curl_easy *data,
@@ -1988,7 +1984,7 @@ static CURLcode imap_setup_connection(struct Curl_easy *data,
   struct pingpong *pp;
   struct IMAP *imap;
 
-  imapc = calloc(1, sizeof(*imapc));
+  imapc = curlx_calloc(1, sizeof(*imapc));
   if(!imapc)
     return CURLE_OUT_OF_MEMORY;
 
@@ -2005,7 +2001,7 @@ static CURLcode imap_setup_connection(struct Curl_easy *data,
   if(Curl_conn_meta_set(conn, CURL_META_IMAP_CONN, imapc, imap_conn_dtor))
     return CURLE_OUT_OF_MEMORY;
 
-  imap = calloc(1, sizeof(struct IMAP));
+  imap = curlx_calloc(1, sizeof(struct IMAP));
   if(!imap ||
      Curl_meta_set(data, CURL_META_IMAP_EASY, imap, imap_easy_dtor))
     return CURLE_OUT_OF_MEMORY;
@@ -2078,7 +2074,7 @@ static char *imap_atom(const char *str, bool escape_only)
   nclean = strcspn(str, "() {%*]\\\"");
   if(len == nclean)
     /* nothing to escape, return a strdup */
-    return strdup(str);
+    return curlx_strdup(str);
 
   curlx_dyn_init(&line, 2000);
 
@@ -2258,7 +2254,7 @@ static CURLcode imap_parse_url_path(struct Curl_easy *data,
     result = Curl_urldecode(begin, ptr - begin, &value, &valuelen,
                             REJECT_CTRL);
     if(result) {
-      free(name);
+      curlx_free(name);
       return result;
     }
 
@@ -2279,7 +2275,7 @@ static CURLcode imap_parse_url_path(struct Curl_easy *data,
           imap->uidvalidity = (unsigned int)num;
           imap->uidvalidity_set = TRUE;
         }
-        free(value);
+        curlx_free(value);
       }
       else if(curl_strequal(name, "UID") && !imap->uid) {
         imap->uid = value;
@@ -2294,15 +2290,15 @@ static CURLcode imap_parse_url_path(struct Curl_easy *data,
         imap->partial = value;
       }
       else {
-        free(name);
-        free(value);
+        curlx_free(name);
+        curlx_free(value);
         return CURLE_URL_MALFORMAT;
       }
     }
     else
       /* blank? */
-      free(value);
-    free(name);
+      curlx_free(value);
+    curlx_free(name);
   }
 
   /* Does the URL contain a query parameter? Only valid when we have a mailbox
@@ -2346,7 +2342,7 @@ static CURLcode imap_parse_custom_request(struct Curl_easy *data,
         params++;
 
       if(*params) {
-        imap->custom_params = strdup(params);
+        imap->custom_params = curlx_strdup(params);
         imap->custom[params - imap->custom] = '\0';
 
         if(!imap->custom_params)
diff --git a/lib/ldap.c b/lib/ldap.c
index 7f2af36643..6c62070385 100644
--- a/lib/ldap.c
+++ b/lib/ldap.c
@@ -94,10 +94,6 @@
 #include "curlx/base64.h"
 #include "connect.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #ifdef USE_WIN32_LDAP
 #define FREE_ON_WINLDAP(x) curlx_unicodefree(x)
 #define curl_ldap_num_t ULONG
@@ -642,7 +638,7 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done)
               if(val_b64_sz > 0) {
                 result = Curl_client_write(data, CLIENTWRITE_BODY, val_b64,
                                            val_b64_sz);
-                free(val_b64);
+                curlx_free(val_b64);
                 if(result) {
                   ldap_value_free_len(vals);
                   FREE_ON_WINLDAP(attr);
@@ -809,15 +805,15 @@ static curl_ldap_num_t ldap_url_parse2_low(struct Curl_easy *data,
   ludp->lud_host  = conn->host.name;
 
   /* Duplicate the path */
-  p = path = strdup(data->state.up.path + 1);
+  p = path = curlx_strdup(data->state.up.path + 1);
   if(!path)
     return LDAP_NO_MEMORY;
 
   /* Duplicate the query if present */
   if(data->state.up.query) {
-    q = query = strdup(data->state.up.query);
+    q = query = curlx_strdup(data->state.up.query);
     if(!query) {
-      free(path);
+      curlx_free(path);
       return LDAP_NO_MEMORY;
     }
   }
@@ -843,7 +839,7 @@ static curl_ldap_num_t ldap_url_parse2_low(struct Curl_easy *data,
     ludp->lud_dn = curlx_convert_UTF8_to_tchar(unescaped);
 
     /* Free the unescaped string as we are done with it */
-    free(unescaped);
+    curlx_free(unescaped);
 
     if(!ludp->lud_dn) {
       rc = LDAP_NO_MEMORY;
@@ -870,9 +866,9 @@ static curl_ldap_num_t ldap_url_parse2_low(struct Curl_easy *data,
 
     /* Allocate our array (+1 for the NULL entry) */
 #ifdef USE_WIN32_LDAP
-    ludp->lud_attrs = calloc(count + 1, sizeof(TCHAR *));
+    ludp->lud_attrs = curlx_calloc(count + 1, sizeof(TCHAR *));
 #else
-    ludp->lud_attrs = calloc(count + 1, sizeof(char *));
+    ludp->lud_attrs = curlx_calloc(count + 1, sizeof(char *));
 #endif
     if(!ludp->lud_attrs) {
       rc = LDAP_NO_MEMORY;
@@ -902,7 +898,7 @@ static curl_ldap_num_t ldap_url_parse2_low(struct Curl_easy *data,
       ludp->lud_attrs[i] = curlx_convert_UTF8_to_tchar(unescaped);
 
       /* Free the unescaped string as we are done with it */
-      free(unescaped);
+      curlx_free(unescaped);
 
       if(!ludp->lud_attrs[i]) {
         rc = LDAP_NO_MEMORY;
@@ -966,7 +962,7 @@ static curl_ldap_num_t ldap_url_parse2_low(struct Curl_easy *data,
     ludp->lud_filter = curlx_convert_UTF8_to_tchar(unescaped);
 
     /* Free the unescaped string as we are done with it */
-    free(unescaped);
+    curlx_free(unescaped);
 
     if(!ludp->lud_filter) {
       rc = LDAP_NO_MEMORY;
@@ -986,8 +982,8 @@ static curl_ldap_num_t ldap_url_parse2_low(struct Curl_easy *data,
   }
 
 quit:
-  free(path);
-  free(query);
+  curlx_free(path);
+  curlx_free(query);
 
   return rc;
 }
@@ -996,7 +992,7 @@ static curl_ldap_num_t ldap_url_parse_low(struct Curl_easy *data,
                                           const struct connectdata *conn,
                                           LDAPURLDesc **ludpp)
 {
-  LDAPURLDesc *ludp = calloc(1, sizeof(*ludp));
+  LDAPURLDesc *ludp = curlx_calloc(1, sizeof(*ludp));
   curl_ldap_num_t rc;
 
   *ludpp = NULL;
@@ -1021,8 +1017,8 @@ static void ldap_free_urldesc_low(LDAPURLDesc *ludp)
   curlx_unicodefree(ludp->lud_dn);
   curlx_unicodefree(ludp->lud_filter);
 #else
-  free(ludp->lud_dn);
-  free(ludp->lud_filter);
+  curlx_free(ludp->lud_dn);
+  curlx_free(ludp->lud_filter);
 #endif
 
   if(ludp->lud_attrs) {
@@ -1031,13 +1027,13 @@ static void ldap_free_urldesc_low(LDAPURLDesc *ludp)
 #ifdef USE_WIN32_LDAP
       curlx_unicodefree(ludp->lud_attrs[i]);
 #else
-      free(ludp->lud_attrs[i]);
+      curlx_free(ludp->lud_attrs[i]);
 #endif
     }
-    free(ludp->lud_attrs);
+    curlx_free(ludp->lud_attrs);
   }
 
-  free(ludp);
+  curlx_free(ludp);
 }
 #endif /* !HAVE_LDAP_URL_PARSE */
 
diff --git a/lib/llist.c b/lib/llist.c
index c9a7d4a8a7..ebcda82a04 100644
--- a/lib/llist.c
+++ b/lib/llist.c
@@ -27,10 +27,6 @@
 #include 
 
 #include "llist.h"
-#include "curl_memory.h"
-
-/* this must be the last include file */
-#include "memdebug.h"
 
 #ifdef DEBUGBUILD
 #define LLISTINIT 0x100cc001 /* random pattern */
diff --git a/lib/md4.c b/lib/md4.c
index 0cc62f8152..7929e57f65 100644
--- a/lib/md4.c
+++ b/lib/md4.c
@@ -71,10 +71,6 @@
 #include 
 #endif
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 
 #if defined(USE_WOLFSSL) && !defined(WOLFSSL_NO_MD4)
 
diff --git a/lib/md5.c b/lib/md5.c
index 4b38bb070b..a579b02c63 100644
--- a/lib/md5.c
+++ b/lib/md5.c
@@ -81,10 +81,6 @@
 #include 
 #endif
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #ifdef USE_GNUTLS
 
 typedef struct md5_ctx my_md5_ctx;
@@ -604,23 +600,23 @@ struct MD5_context *Curl_MD5_init(const struct MD5_params *md5params)
   struct MD5_context *ctxt;
 
   /* Create MD5 context */
-  ctxt = malloc(sizeof(*ctxt));
+  ctxt = curlx_malloc(sizeof(*ctxt));
 
   if(!ctxt)
     return ctxt;
 
-  ctxt->md5_hashctx = malloc(md5params->md5_ctxtsize);
+  ctxt->md5_hashctx = curlx_malloc(md5params->md5_ctxtsize);
 
   if(!ctxt->md5_hashctx) {
-    free(ctxt);
+    curlx_free(ctxt);
     return NULL;
   }
 
   ctxt->md5_hash = md5params;
 
   if((*md5params->md5_init_func)(ctxt->md5_hashctx)) {
-    free(ctxt->md5_hashctx);
-    free(ctxt);
+    curlx_free(ctxt->md5_hashctx);
+    curlx_free(ctxt);
     return NULL;
   }
 
@@ -640,8 +636,8 @@ CURLcode Curl_MD5_final(struct MD5_context *context, unsigned char *result)
 {
   (*context->md5_hash->md5_final_func)(result, context->md5_hashctx);
 
-  free(context->md5_hashctx);
-  free(context);
+  curlx_free(context->md5_hashctx);
+  curlx_free(context);
 
   return CURLE_OK;
 }
diff --git a/lib/memdebug.c b/lib/memdebug.c
index 1121dc26f5..f5b88731ee 100644
--- a/lib/memdebug.c
+++ b/lib/memdebug.c
@@ -35,10 +35,6 @@
 #include "backtrace.h"
 #endif
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 struct memdebug {
   size_t size;
   union {
diff --git a/lib/memdebug.h b/lib/memdebug.h
deleted file mode 100644
index c2b7fad952..0000000000
--- a/lib/memdebug.h
+++ /dev/null
@@ -1,56 +0,0 @@
-#ifndef HEADER_CURL_MEMDEBUG_H
-#define HEADER_CURL_MEMDEBUG_H
-/***************************************************************************
- *                                  _   _ ____  _
- *  Project                     ___| | | |  _ \| |
- *                             / __| | | | |_) | |
- *                            | (__| |_| |  _ <| |___
- *                             \___|\___/|_| \_\_____|
- *
- * Copyright (C) Daniel Stenberg, , et al.
- *
- * This software is licensed as described in the file COPYING, which
- * you should have received as part of this distribution. The terms
- * are also available at https://curl.se/docs/copyright.html.
- *
- * You may opt to use, copy, modify, merge, publish, distribute and/or sell
- * copies of the Software, and permit persons to whom the Software is
- * furnished to do so, under the terms of the COPYING file.
- *
- * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
- * KIND, either express or implied.
- *
- * SPDX-License-Identifier: curl
- *
- ***************************************************************************/
-
-/*
- * CAUTION: this header is designed to work when included by the app-side
- * as well as the library. Do not mix with library internals!
- */
-
-#ifdef CURLDEBUG
-
-/* Set this symbol on the command-line, recompile all lib-sources */
-#undef strdup
-#define strdup(ptr) curl_dbg_strdup(ptr, __LINE__, __FILE__)
-#undef malloc
-#define malloc(size) curl_dbg_malloc(size, __LINE__, __FILE__)
-#undef calloc
-#define calloc(nbelem,size) curl_dbg_calloc(nbelem, size, __LINE__, __FILE__)
-#undef realloc
-#define realloc(ptr,size) curl_dbg_realloc(ptr, size, __LINE__, __FILE__)
-#undef free
-#define free(ptr) curl_dbg_free(ptr, __LINE__, __FILE__)
-
-#ifdef _WIN32
-#undef Curl_tcsdup
-#ifdef UNICODE
-#define Curl_tcsdup(ptr) curl_dbg_wcsdup(ptr, __LINE__, __FILE__)
-#else
-#define Curl_tcsdup(ptr) curl_dbg_strdup(ptr, __LINE__, __FILE__)
-#endif
-#endif /* _WIN32 */
-
-#endif /* CURLDEBUG */
-#endif /* HEADER_CURL_MEMDEBUG_H */
diff --git a/lib/mime.c b/lib/mime.c
index b1f432c0b0..7ebe47315d 100644
--- a/lib/mime.c
+++ b/lib/mime.c
@@ -50,10 +50,6 @@ struct Curl_easy;
 #include "slist.h"
 #include "curlx/dynbuf.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #ifdef _WIN32
 #  ifndef R_OK
 #  define R_OK 4
@@ -357,13 +353,13 @@ static char *strippath(const char *fullfile)
 {
   char *filename;
   char *base;
-  filename = strdup(fullfile); /* duplicate since basename() may ruin the
-                                  buffer it works on */
+  filename = curlx_strdup(fullfile); /* duplicate since basename() may ruin
+                                        the buffer it works on */
   if(!filename)
     return NULL;
-  base = strdup(basename(filename));
+  base = curlx_strdup(basename(filename));
 
-  free(filename); /* free temporary buffer */
+  curlx_free(filename); /* free temporary buffer */
 
   return base; /* returns an allocated string or NULL ! */
 }
@@ -1190,9 +1186,9 @@ void curl_mime_free(curl_mime *mime)
       part = mime->firstpart;
       mime->firstpart = part->nextpart;
       Curl_mime_cleanpart(part);
-      free(part);
+      curlx_free(part);
     }
-    free(mime);
+    curlx_free(mime);
   }
 }
 
@@ -1282,7 +1278,7 @@ curl_mime *curl_mime_init(void *easy)
 {
   curl_mime *mime;
 
-  mime = (curl_mime *) malloc(sizeof(*mime));
+  mime = (curl_mime *)curlx_malloc(sizeof(*mime));
 
   if(mime) {
     mime->parent = NULL;
@@ -1294,7 +1290,7 @@ curl_mime *curl_mime_init(void *easy)
                        (unsigned char *) &mime->boundary[MIME_BOUNDARY_DASHES],
                        MIME_RAND_BOUNDARY_CHARS + 1)) {
       /* failed to get random separator, bail out */
-      free(mime);
+      curlx_free(mime);
       return NULL;
     }
     mimesetstate(&mime->state, MIMESTATE_BEGIN, NULL);
@@ -1319,7 +1315,7 @@ curl_mimepart *curl_mime_addpart(curl_mime *mime)
   if(!mime)
     return NULL;
 
-  part = (curl_mimepart *) malloc(sizeof(*part));
+  part = (curl_mimepart *)curlx_malloc(sizeof(*part));
 
   if(part) {
     Curl_mime_initpart(part);
@@ -1345,7 +1341,7 @@ CURLcode curl_mime_name(curl_mimepart *part, const char *name)
   Curl_safefree(part->name);
 
   if(name) {
-    part->name = strdup(name);
+    part->name = curlx_strdup(name);
     if(!part->name)
       return CURLE_OUT_OF_MEMORY;
   }
@@ -1362,7 +1358,7 @@ CURLcode curl_mime_filename(curl_mimepart *part, const char *filename)
   Curl_safefree(part->filename);
 
   if(filename) {
-    part->filename = strdup(filename);
+    part->filename = curlx_strdup(filename);
     if(!part->filename)
       return CURLE_OUT_OF_MEMORY;
   }
@@ -1415,7 +1411,7 @@ CURLcode curl_mime_filedata(curl_mimepart *part, const char *filename)
     if(curlx_stat(filename, &sbuf))
       result = CURLE_READ_ERROR;
     else {
-      part->data = strdup(filename);
+      part->data = curlx_strdup(filename);
       if(!part->data)
         result = CURLE_OUT_OF_MEMORY;
       else {
@@ -1438,7 +1434,7 @@ CURLcode curl_mime_filedata(curl_mimepart *part, const char *filename)
           result = CURLE_OUT_OF_MEMORY;
         else {
           result = curl_mime_filename(part, base);
-          free(base);
+          curlx_free(base);
         }
       }
     }
@@ -1455,7 +1451,7 @@ CURLcode curl_mime_type(curl_mimepart *part, const char *mimetype)
   Curl_safefree(part->mimetype);
 
   if(mimetype) {
-    part->mimetype = strdup(mimetype);
+    part->mimetype = curlx_strdup(mimetype);
     if(!part->mimetype)
       return CURLE_OUT_OF_MEMORY;
   }
@@ -1696,7 +1692,7 @@ CURLcode Curl_mime_add_header(struct curl_slist **slp, const char *fmt, ...)
     if(hdr)
       *slp = hdr;
     else
-      free(s);
+      curlx_free(s);
   }
 
   return hdr ? CURLE_OK : CURLE_OUT_OF_MEMORY;
diff --git a/lib/mprintf.c b/lib/mprintf.c
index 176f8a3e4b..046917aeb5 100644
--- a/lib/mprintf.c
+++ b/lib/mprintf.c
@@ -27,10 +27,6 @@
 #include "curl_printf.h"
 #include "curlx/strparse.h"
 
-#include "curl_memory.h"
-/* The last #include file should be: */
-#include "memdebug.h"
-
 #ifdef HAVE_LONGLONG
 #  define LONG_LONG_TYPE long long
 #  define HAVE_LONG_LONG_TYPE
@@ -1177,7 +1173,7 @@ char *curl_mvaprintf(const char *format, va_list ap_save)
   }
   if(curlx_dyn_len(info.b))
     return curlx_dyn_ptr(info.b);
-  return strdup("");
+  return curlx_strdup("");
 }
 
 char *curl_maprintf(const char *format, ...)
diff --git a/lib/mqtt.c b/lib/mqtt.c
index 9cbe800ded..a8975d5391 100644
--- a/lib/mqtt.c
+++ b/lib/mqtt.c
@@ -40,10 +40,6 @@
 #include "multiif.h"
 #include "rand.h"
 
-/* The last 2 #includes file should be: */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 /* first byte is command.
    second byte is for flags. */
 #define MQTT_MSG_CONNECT    0x10
@@ -146,14 +142,14 @@ static void mqtt_easy_dtor(void *key, size_t klen, void *entry)
   (void)klen;
   curlx_dyn_free(&mq->sendbuf);
   curlx_dyn_free(&mq->recvbuf);
-  free(mq);
+  curlx_free(mq);
 }
 
 static void mqtt_conn_dtor(void *key, size_t klen, void *entry)
 {
   (void)key;
   (void)klen;
-  free(entry);
+  curlx_free(entry);
 }
 
 static CURLcode mqtt_setup_conn(struct Curl_easy *data,
@@ -163,12 +159,12 @@ static CURLcode mqtt_setup_conn(struct Curl_easy *data,
   struct mqtt_conn *mqtt;
   struct MQTT *mq;
 
-  mqtt = calloc(1, sizeof(*mqtt));
+  mqtt = curlx_calloc(1, sizeof(*mqtt));
   if(!mqtt ||
      Curl_conn_meta_set(conn, CURL_META_MQTT_CONN, mqtt, mqtt_conn_dtor))
     return CURLE_OUT_OF_MEMORY;
 
-  mq = calloc(1, sizeof(struct MQTT));
+  mq = curlx_calloc(1, sizeof(struct MQTT));
   if(!mq)
     return CURLE_OUT_OF_MEMORY;
   curlx_dyn_init(&mq->recvbuf, DYN_MQTT_RECV);
@@ -350,7 +346,7 @@ static CURLcode mqtt_connect(struct Curl_easy *data)
   /* allocating packet */
   if(packetlen > 0xFFFFFFF)
     return CURLE_WEIRD_SERVER_REPLY;
-  packet = calloc(1, packetlen);
+  packet = curlx_calloc(1, packetlen);
   if(!packet)
     return CURLE_OUT_OF_MEMORY;
 
@@ -400,7 +396,7 @@ static CURLcode mqtt_connect(struct Curl_easy *data)
 
 end:
   if(packet)
-    free(packet);
+    curlx_free(packet);
   Curl_safefree(data->state.aptr.user);
   Curl_safefree(data->state.aptr.passwd);
   return result;
@@ -524,7 +520,7 @@ static CURLcode mqtt_subscribe(struct Curl_easy *data)
   n = mqtt_encode_len((char *)encodedsize, packetlen);
   packetlen += n + 1; /* add one for the control packet type byte */
 
-  packet = malloc(packetlen);
+  packet = curlx_malloc(packetlen);
   if(!packet) {
     result = CURLE_OUT_OF_MEMORY;
     goto fail;
@@ -542,8 +538,8 @@ static CURLcode mqtt_subscribe(struct Curl_easy *data)
   result = mqtt_send(data, (const char *)packet, packetlen);
 
 fail:
-  free(topic);
-  free(packet);
+  curlx_free(topic);
+  curlx_free(packet);
   return result;
 }
 
@@ -620,7 +616,7 @@ static CURLcode mqtt_publish(struct Curl_easy *data)
   }
 
   /* add the control byte and the encoded remaining length */
-  pkt = malloc(remaininglength + 1 + encodelen);
+  pkt = curlx_malloc(remaininglength + 1 + encodelen);
   if(!pkt) {
     result = CURLE_OUT_OF_MEMORY;
     goto fail;
@@ -639,8 +635,8 @@ static CURLcode mqtt_publish(struct Curl_easy *data)
   result = mqtt_send(data, (const char *)pkt, i);
 
 fail:
-  free(pkt);
-  free(topic);
+  curlx_free(pkt);
+  curlx_free(topic);
   return result;
 }
 
diff --git a/lib/multi.c b/lib/multi.c
index f7265a94a9..c5b78f53e4 100644
--- a/lib/multi.c
+++ b/lib/multi.c
@@ -54,10 +54,6 @@
 #include "socks.h"
 #include "urlapi-int.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 /* initial multi->xfers table size for a full multi */
 #define CURL_XFER_TABLE_SIZE    512
 
@@ -235,7 +231,7 @@ struct Curl_multi *Curl_multi_handle(uint32_t xfer_table_size,
                                      size_t dnssize,   /* dns hash */
                                      size_t sesssize)  /* TLS session cache */
 {
-  struct Curl_multi *multi = calloc(1, sizeof(struct Curl_multi));
+  struct Curl_multi *multi = curlx_calloc(1, sizeof(struct Curl_multi));
 
   if(!multi)
     return NULL;
@@ -328,7 +324,7 @@ error:
   Curl_uint32_bset_destroy(&multi->msgsent);
   Curl_uint32_tbl_destroy(&multi->xfers);
 
-  free(multi);
+  curlx_free(multi);
   return NULL;
 }
 
@@ -2022,7 +2018,7 @@ static CURLMcode state_performing(struct Curl_easy *data,
       data->state.errorbuf = FALSE;
       if(!newurl)
         /* typically for HTTP_1_1_REQUIRED error on first flight */
-        newurl = strdup(data->state.url);
+        newurl = curlx_strdup(data->state.url);
       if(!newurl) {
         result = CURLE_OUT_OF_MEMORY;
       }
@@ -2068,7 +2064,7 @@ static CURLMcode state_performing(struct Curl_easy *data,
       if(!retry) {
         /* if the URL is a follow-location and not just a retried request then
            figure out the URL here */
-        free(newurl);
+        curlx_free(newurl);
         newurl = data->req.newurl;
         data->req.newurl = NULL;
         follow = FOLLOW_REDIR;
@@ -2089,7 +2085,7 @@ static CURLMcode state_performing(struct Curl_easy *data,
       /* but first check to see if we got a location info even though we are
          not following redirects */
       if(data->req.location) {
-        free(newurl);
+        curlx_free(newurl);
         newurl = data->req.location;
         data->req.location = NULL;
         result = multi_follow(data, handler, newurl, FOLLOW_FAKE);
@@ -2109,7 +2105,7 @@ static CURLMcode state_performing(struct Curl_easy *data,
     *nowp = curlx_now();
     mspeed_check(data, *nowp);
   }
-  free(newurl);
+  curlx_free(newurl);
   *resultp = result;
   return rc;
 }
@@ -2237,7 +2233,7 @@ static CURLMcode state_do(struct Curl_easy *data,
         /* Have error handler disconnect conn if we cannot retry */
         *stream_errorp = TRUE;
       }
-      free(newurl);
+      curlx_free(newurl);
     }
     else {
       /* failure detected */
@@ -2976,7 +2972,7 @@ CURLMcode curl_multi_cleanup(CURLM *m)
     Curl_uint32_bset_destroy(&multi->pending);
     Curl_uint32_bset_destroy(&multi->msgsent);
     Curl_uint32_tbl_destroy(&multi->xfers);
-    free(multi);
+    curlx_free(multi);
 
     return CURLM_OK;
   }
@@ -3814,7 +3810,7 @@ CURL **curl_multi_get_handles(CURLM *m)
   struct Curl_multi *multi = m;
   void *entry;
   unsigned int count = Curl_uint32_tbl_count(&multi->xfers);
-  CURL **a = malloc(sizeof(struct Curl_easy *) * (count + 1));
+  CURL **a = curlx_malloc(sizeof(struct Curl_easy *) * (count + 1));
   if(a) {
     unsigned int i = 0, mid;
 
@@ -3895,13 +3891,13 @@ CURLcode Curl_multi_xfer_buf_borrow(struct Curl_easy *data,
   if(data->multi->xfer_buf &&
      data->set.buffer_size > data->multi->xfer_buf_len) {
     /* not large enough, get a new one */
-    free(data->multi->xfer_buf);
+    curlx_free(data->multi->xfer_buf);
     data->multi->xfer_buf = NULL;
     data->multi->xfer_buf_len = 0;
   }
 
   if(!data->multi->xfer_buf) {
-    data->multi->xfer_buf = malloc(curlx_uitouz(data->set.buffer_size));
+    data->multi->xfer_buf = curlx_malloc(curlx_uitouz(data->set.buffer_size));
     if(!data->multi->xfer_buf) {
       failf(data, "could not allocate xfer_buf of %u bytes",
             data->set.buffer_size);
@@ -3948,14 +3944,14 @@ CURLcode Curl_multi_xfer_ulbuf_borrow(struct Curl_easy *data,
   if(data->multi->xfer_ulbuf &&
      data->set.upload_buffer_size > data->multi->xfer_ulbuf_len) {
     /* not large enough, get a new one */
-    free(data->multi->xfer_ulbuf);
+    curlx_free(data->multi->xfer_ulbuf);
     data->multi->xfer_ulbuf = NULL;
     data->multi->xfer_ulbuf_len = 0;
   }
 
   if(!data->multi->xfer_ulbuf) {
     data->multi->xfer_ulbuf =
-      malloc(curlx_uitouz(data->set.upload_buffer_size));
+      curlx_malloc(curlx_uitouz(data->set.upload_buffer_size));
     if(!data->multi->xfer_ulbuf) {
       failf(data, "could not allocate xfer_ulbuf of %u bytes",
             data->set.upload_buffer_size);
@@ -3996,13 +3992,13 @@ CURLcode Curl_multi_xfer_sockbuf_borrow(struct Curl_easy *data,
 
   if(data->multi->xfer_sockbuf && blen > data->multi->xfer_sockbuf_len) {
     /* not large enough, get a new one */
-    free(data->multi->xfer_sockbuf);
+    curlx_free(data->multi->xfer_sockbuf);
     data->multi->xfer_sockbuf = NULL;
     data->multi->xfer_sockbuf_len = 0;
   }
 
   if(!data->multi->xfer_sockbuf) {
-    data->multi->xfer_sockbuf = malloc(blen);
+    data->multi->xfer_sockbuf = curlx_malloc(blen);
     if(!data->multi->xfer_sockbuf) {
       failf(data, "could not allocate xfer_sockbuf of %zu bytes", blen);
       return CURLE_OUT_OF_MEMORY;
diff --git a/lib/multi_ev.c b/lib/multi_ev.c
index d5db331cf1..026cbd2996 100644
--- a/lib/multi_ev.c
+++ b/lib/multi_ev.c
@@ -41,10 +41,6 @@
 #include "multihandle.h"
 #include "socks.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 
 static void mev_in_callback(struct Curl_multi *multi, bool value)
 {
@@ -85,7 +81,7 @@ static void mev_sh_entry_dtor(void *freethis)
 {
   struct mev_sh_entry *entry = (struct mev_sh_entry *)freethis;
   Curl_uint32_spbset_destroy(&entry->xfers);
-  free(entry);
+  curlx_free(entry);
 }
 
 /* look up a given socket in the socket hash, skip invalid sockets */
@@ -112,7 +108,7 @@ mev_sh_entry_add(struct Curl_hash *sh, curl_socket_t s)
   }
 
   /* not present, add it */
-  check = calloc(1, sizeof(struct mev_sh_entry));
+  check = curlx_calloc(1, sizeof(struct mev_sh_entry));
   if(!check)
     return NULL; /* major failure */
 
@@ -446,7 +442,7 @@ static void mev_pollset_dtor(void *key, size_t klen, void *entry)
   (void)klen;
   if(ps) {
     Curl_pollset_cleanup(ps);
-    free(ps);
+    curlx_free(ps);
   }
 }
 
diff --git a/lib/multi_ntfy.c b/lib/multi_ntfy.c
index d7913bbbfc..43e4db9e82 100644
--- a/lib/multi_ntfy.c
+++ b/lib/multi_ntfy.c
@@ -32,11 +32,6 @@
 #include "multiif.h"
 #include "multi_ntfy.h"
 
-/* The last 3 #include files should be in this order */
-#include "curl_printf.h"
-#include "curl_memory.h"
-#include "memdebug.h"
-
 
 struct mntfy_entry {
   uint32_t mid;
@@ -54,12 +49,12 @@ struct mntfy_chunk {
 
 static struct mntfy_chunk *mnfty_chunk_create(void)
 {
-  return calloc(1, sizeof(struct mntfy_chunk));
+  return curlx_calloc(1, sizeof(struct mntfy_chunk));
 }
 
 static void mnfty_chunk_destroy(struct mntfy_chunk *chunk)
 {
-  free(chunk);
+  curlx_free(chunk);
 }
 
 static void mnfty_chunk_reset(struct mntfy_chunk *chunk)
diff --git a/lib/netrc.c b/lib/netrc.c
index 9c5c6c7f20..f8de408297 100644
--- a/lib/netrc.c
+++ b/lib/netrc.c
@@ -42,10 +42,6 @@
 #include "curlx/fopen.h"
 #include "curlx/strparse.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 /* Get user and password from .netrc when given a machine name */
 
 enum host_lookup_state {
@@ -277,8 +273,8 @@ static NETRCcode parsenetrc(struct store_netrc *store,
             our_login = !Curl_timestrcmp(login, tok);
           else {
             our_login = TRUE;
-            free(login);
-            login = strdup(tok);
+            curlx_free(login);
+            login = curlx_strdup(tok);
             if(!login) {
               retcode = NETRC_OUT_OF_MEMORY; /* allocation failed */
               goto out;
@@ -288,8 +284,8 @@ static NETRCcode parsenetrc(struct store_netrc *store,
           keyword = NONE;
         }
         else if(keyword == PASSWORD) {
-          free(password);
-          password = strdup(tok);
+          curlx_free(password);
+          password = curlx_strdup(tok);
           if(!password) {
             retcode = NETRC_OUT_OF_MEMORY; /* allocation failed */
             goto out;
@@ -346,7 +342,7 @@ out:
   if(!retcode) {
     if(!password && our_login) {
       /* success without a password, set a blank one */
-      password = strdup("");
+      password = curlx_strdup("");
       if(!password)
         retcode = NETRC_OUT_OF_MEMORY; /* out of memory */
     }
@@ -364,8 +360,8 @@ out:
     curlx_dyn_free(filebuf);
     store->loaded = FALSE;
     if(!specific_login)
-      free(login);
-    free(password);
+      curlx_free(login);
+    curlx_free(password);
   }
 
   return retcode;
@@ -444,25 +440,25 @@ NETRCcode Curl_parsenetrc(struct store_netrc *store, const char *host,
 
       filealloc = curl_maprintf("%s%s.netrc", home, DIR_CHAR);
       if(!filealloc) {
-        free(homea);
+        curlx_free(homea);
         return NETRC_OUT_OF_MEMORY;
       }
     }
     retcode = parsenetrc(store, host, loginp, passwordp, filealloc);
-    free(filealloc);
+    curlx_free(filealloc);
 #ifdef _WIN32
     if(retcode == NETRC_FILE_MISSING) {
       /* fallback to the old-style "_netrc" file */
       filealloc = curl_maprintf("%s%s_netrc", home, DIR_CHAR);
       if(!filealloc) {
-        free(homea);
+        curlx_free(homea);
         return NETRC_OUT_OF_MEMORY;
       }
       retcode = parsenetrc(store, host, loginp, passwordp, filealloc);
-      free(filealloc);
+      curlx_free(filealloc);
     }
 #endif
-    free(homea);
+    curlx_free(homea);
   }
   else
     retcode = parsenetrc(store, host, loginp, passwordp, netrcfile);
diff --git a/lib/openldap.c b/lib/openldap.c
index 806ccb33cc..107f6da832 100644
--- a/lib/openldap.c
+++ b/lib/openldap.c
@@ -53,10 +53,6 @@
 #include "curl_sasl.h"
 #include "strcase.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 /*
  * Uncommenting this will enable the built-in debug logging of the openldap
  * library. The debug log level can be set using the CURL_OPENLDAP_TRACE
@@ -577,7 +573,7 @@ static void oldap_easy_dtor(void *key, size_t klen, void *entry)
   struct ldapreqinfo *lr = entry;
   (void)key;
   (void)klen;
-  free(lr);
+  curlx_free(lr);
 }
 
 static void oldap_conn_dtor(void *key, size_t klen, void *entry)
@@ -589,7 +585,7 @@ static void oldap_conn_dtor(void *key, size_t klen, void *entry)
     ldap_unbind_ext(li->ld, NULL, NULL);
     li->ld = NULL;
   }
-  free(li);
+  curlx_free(li);
 }
 
 static CURLcode oldap_connect(struct Curl_easy *data, bool *done)
@@ -606,7 +602,7 @@ static CURLcode oldap_connect(struct Curl_easy *data, bool *done)
 
   (void)done;
 
-  li = calloc(1, sizeof(struct ldapconninfo));
+  li = curlx_calloc(1, sizeof(struct ldapconninfo));
   if(!li) {
     result = CURLE_OUT_OF_MEMORY;
     goto out;
@@ -697,7 +693,7 @@ static CURLcode oldap_connect(struct Curl_easy *data, bool *done)
   result = oldap_perform_bind(data, OLDAP_BIND);
 
 out:
-  free(hosturl);
+  curlx_free(hosturl);
   return result;
 }
 
@@ -1023,7 +1019,7 @@ static CURLcode oldap_do(struct Curl_easy *data, bool *done)
     goto out;
   }
 
-  lr = calloc(1, sizeof(struct ldapreqinfo));
+  lr = curlx_calloc(1, sizeof(struct ldapreqinfo));
   if(!lr ||
      Curl_meta_set(data, CURL_META_LDAP_EASY, lr, oldap_easy_dtor)) {
     ldap_abandon_ext(li->ld, msgid, NULL, NULL);
@@ -1219,7 +1215,7 @@ static CURLcode oldap_recv(struct Curl_easy *data, int sockindex, char *buf,
           if(!result)
             result = client_write(data, STRCONST(": "), val_b64, val_b64_sz,
                                   STRCONST("\n"));
-          free(val_b64);
+          curlx_free(val_b64);
         }
         else
           result = client_write(data, STRCONST(" "),
diff --git a/lib/pingpong.c b/lib/pingpong.c
index 297389043f..7ac321af72 100644
--- a/lib/pingpong.c
+++ b/lib/pingpong.c
@@ -37,10 +37,6 @@
 #include "multiif.h"
 #include "vtls/vtls.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #ifdef USE_PINGPONG
 
 /* Returns timeout in ms. 0 or negative number means the timeout has already
diff --git a/lib/pop3.c b/lib/pop3.c
index 503f4ecb2b..f10108229b 100644
--- a/lib/pop3.c
+++ b/lib/pop3.c
@@ -78,10 +78,6 @@
 #include "curlx/warnless.h"
 #include "strdup.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 /* Authentication type flags */
 #define POP3_TYPE_CLEARTEXT (1 << 0)
 #define POP3_TYPE_APOP      (1 << 1)
@@ -1523,7 +1519,7 @@ static void pop3_easy_dtor(void *key, size_t klen, void *entry)
   /* Cleanup our per-request based variables */
   Curl_safefree(pop3->id);
   Curl_safefree(pop3->custom);
-  free(pop3);
+  curlx_free(pop3);
 }
 
 static void pop3_conn_dtor(void *key, size_t klen, void *entry)
@@ -1534,19 +1530,19 @@ static void pop3_conn_dtor(void *key, size_t klen, void *entry)
   DEBUGASSERT(pop3c);
   Curl_pp_disconnect(&pop3c->pp);
   Curl_safefree(pop3c->apoptimestamp);
-  free(pop3c);
+  curlx_free(pop3c);
 }
 
 static CURLcode pop3_setup_connection(struct Curl_easy *data,
                                       struct connectdata *conn)
 {
   struct pop3_conn *pop3c;
-  struct POP3 *pop3 = calloc(1, sizeof(*pop3));
+  struct POP3 *pop3 = curlx_calloc(1, sizeof(*pop3));
   if(!pop3 ||
      Curl_meta_set(data, CURL_META_POP3_EASY, pop3, pop3_easy_dtor))
     return CURLE_OUT_OF_MEMORY;
 
-  pop3c = calloc(1, sizeof(*pop3c));
+  pop3c = curlx_calloc(1, sizeof(*pop3c));
   if(!pop3c ||
      Curl_conn_meta_set(conn, CURL_META_POP3_CONN, pop3c, pop3_conn_dtor))
     return CURLE_OUT_OF_MEMORY;
diff --git a/lib/psl.c b/lib/psl.c
index f645763d06..5bf96d09bd 100644
--- a/lib/psl.c
+++ b/lib/psl.c
@@ -31,10 +31,6 @@
 #include "psl.h"
 #include "curl_share.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 void Curl_psl_destroy(struct PslCache *pslcache)
 {
   if(pslcache->psl) {
diff --git a/lib/rand.c b/lib/rand.c
index 5eace02833..8c5a2cf71e 100644
--- a/lib/rand.c
+++ b/lib/rand.c
@@ -38,10 +38,6 @@
 #include "rand.h"
 #include "escape.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #ifdef _WIN32
 
 #if defined(_WIN32_WINNT) && _WIN32_WINNT >= _WIN32_WINNT_VISTA && \
diff --git a/lib/rename.c b/lib/rename.c
index 911afca575..d3f80422e6 100644
--- a/lib/rename.c
+++ b/lib/rename.c
@@ -32,10 +32,6 @@
 #include "curlx/multibyte.h"
 #include "curlx/timeval.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 /* return 0 on success, 1 on error */
 int Curl_rename(const char *oldpath, const char *newpath)
 {
diff --git a/lib/request.c b/lib/request.c
index 324c4c48f9..581d7d1453 100644
--- a/lib/request.c
+++ b/lib/request.c
@@ -36,10 +36,6 @@
 #include "url.h"
 #include "curlx/strparse.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 void Curl_req_init(struct SingleRequest *req)
 {
   memset(req, 0, sizeof(*req));
diff --git a/lib/rtsp.c b/lib/rtsp.c
index dd49ebc42b..5a46dc62c4 100644
--- a/lib/rtsp.c
+++ b/lib/rtsp.c
@@ -42,10 +42,6 @@
 #include "strdup.h"
 #include "curlx/strparse.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 
 /* meta key for storing protocol meta at easy handle */
 #define CURL_META_RTSP_EASY   "meta:proto:rtsp:easy"
@@ -162,7 +158,7 @@ static void rtsp_easy_dtor(void *key, size_t klen, void *entry)
   struct RTSP *rtsp = entry;
   (void)key;
   (void)klen;
-  free(rtsp);
+  curlx_free(rtsp);
 }
 
 static void rtsp_conn_dtor(void *key, size_t klen, void *entry)
@@ -171,7 +167,7 @@ static void rtsp_conn_dtor(void *key, size_t klen, void *entry)
   (void)key;
   (void)klen;
   curlx_dyn_free(&rtspc->buf);
-  free(rtspc);
+  curlx_free(rtspc);
 }
 
 static CURLcode rtsp_setup_connection(struct Curl_easy *data,
@@ -180,14 +176,14 @@ static CURLcode rtsp_setup_connection(struct Curl_easy *data,
   struct rtsp_conn *rtspc;
   struct RTSP *rtsp;
 
-  rtspc = calloc(1, sizeof(*rtspc));
+  rtspc = curlx_calloc(1, sizeof(*rtspc));
   if(!rtspc)
     return CURLE_OUT_OF_MEMORY;
   curlx_dyn_init(&rtspc->buf, MAX_RTP_BUFFERSIZE);
   if(Curl_conn_meta_set(conn, CURL_META_RTSP_CONN, rtspc, rtsp_conn_dtor))
     return CURLE_OUT_OF_MEMORY;
 
-  rtsp = calloc(1, sizeof(struct RTSP));
+  rtsp = curlx_calloc(1, sizeof(struct RTSP));
   if(!rtsp ||
      Curl_meta_set(data, CURL_META_RTSP_EASY, rtsp, rtsp_easy_dtor))
     return CURLE_OUT_OF_MEMORY;
@@ -392,7 +388,7 @@ static CURLcode rtsp_do(struct Curl_easy *data, bool *done)
      to this origin */
 
   if(!data->state.first_host) {
-    data->state.first_host = strdup(conn->host.name);
+    data->state.first_host = curlx_strdup(conn->host.name);
     if(!data->state.first_host)
       return CURLE_OUT_OF_MEMORY;
 
@@ -481,7 +477,7 @@ static CURLcode rtsp_do(struct Curl_easy *data, bool *done)
   if(rtspreq == RTSPREQ_SETUP && !p_transport) {
     /* New Transport: setting? */
     if(data->set.str[STRING_RTSP_TRANSPORT]) {
-      free(data->state.aptr.rtsp_transport);
+      curlx_free(data->state.aptr.rtsp_transport);
       data->state.aptr.rtsp_transport =
         curl_maprintf("Transport: %s\r\n",
                       data->set.str[STRING_RTSP_TRANSPORT]);
@@ -507,7 +503,7 @@ static CURLcode rtsp_do(struct Curl_easy *data, bool *done)
     /* Accept-Encoding header */
     if(!Curl_checkheaders(data, STRCONST("Accept-Encoding")) &&
        data->set.str[STRING_ENCODING]) {
-      free(data->state.aptr.accept_encoding);
+      curlx_free(data->state.aptr.accept_encoding);
       data->state.aptr.accept_encoding =
         curl_maprintf("Accept-Encoding: %s\r\n",
                       data->set.str[STRING_ENCODING]);
@@ -563,7 +559,7 @@ static CURLcode rtsp_do(struct Curl_easy *data, bool *done)
 
     /* Check to see if there is a range set in the custom headers */
     if(!Curl_checkheaders(data, STRCONST("Range")) && data->state.range) {
-      free(data->state.aptr.rangeline);
+      curlx_free(data->state.aptr.rangeline);
       data->state.aptr.rangeline = curl_maprintf("Range: %s\r\n",
                                                  data->state.range);
       p_range = data->state.aptr.rangeline;
diff --git a/lib/select.c b/lib/select.c
index 041733973e..5692fc020d 100644
--- a/lib/select.c
+++ b/lib/select.c
@@ -46,10 +46,6 @@
 #include "curlx/wait.h"
 #include "curlx/warnless.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #ifndef HAVE_POLL
 /*
  * This is a wrapper around select() to aid in Windows compatibility. A
@@ -364,7 +360,7 @@ void Curl_pollfds_cleanup(struct curl_pollfds *cpfds)
 {
   DEBUGASSERT(cpfds);
   if(cpfds->allocated_pfds) {
-    free(cpfds->pfds);
+    curlx_free(cpfds->pfds);
   }
   memset(cpfds, 0, sizeof(*cpfds));
 }
@@ -374,13 +370,13 @@ static CURLcode cpfds_increase(struct curl_pollfds *cpfds, unsigned int inc)
   struct pollfd *new_fds;
   unsigned int new_count = cpfds->count + inc;
 
-  new_fds = calloc(new_count, sizeof(struct pollfd));
+  new_fds = curlx_calloc(new_count, sizeof(struct pollfd));
   if(!new_fds)
     return CURLE_OUT_OF_MEMORY;
 
   memcpy(new_fds, cpfds->pfds, cpfds->count * sizeof(struct pollfd));
   if(cpfds->allocated_pfds)
-    free(cpfds->pfds);
+    curlx_free(cpfds->pfds);
   cpfds->pfds = new_fds;
   cpfds->count = new_count;
   cpfds->allocated_pfds = TRUE;
@@ -521,7 +517,7 @@ void Curl_pollset_init(struct easy_pollset *ps)
 
 struct easy_pollset *Curl_pollset_create(void)
 {
-  struct easy_pollset *ps = calloc(1, sizeof(*ps));
+  struct easy_pollset *ps = curlx_calloc(1, sizeof(*ps));
   if(ps)
     Curl_pollset_init(ps);
   return ps;
@@ -533,11 +529,11 @@ void Curl_pollset_cleanup(struct easy_pollset *ps)
   DEBUGASSERT(ps->init == CURL_EASY_POLLSET_MAGIC);
 #endif
   if(ps->sockets != ps->def_sockets) {
-    free(ps->sockets);
+    curlx_free(ps->sockets);
     ps->sockets = ps->def_sockets;
   }
   if(ps->actions != ps->def_actions) {
-    free(ps->actions);
+    curlx_free(ps->actions);
     ps->actions = ps->def_actions;
   }
   ps->count = CURL_ARRAYSIZE(ps->def_sockets);
@@ -614,21 +610,21 @@ CURLcode Curl_pollset_change(struct Curl_easy *data,
                  ps->count, new_count);
       if(new_count <= ps->count)
         return CURLE_OUT_OF_MEMORY;
-      nsockets = calloc(new_count, sizeof(nsockets[0]));
+      nsockets = curlx_calloc(new_count, sizeof(nsockets[0]));
       if(!nsockets)
         return CURLE_OUT_OF_MEMORY;
-      nactions = calloc(new_count, sizeof(nactions[0]));
+      nactions = curlx_calloc(new_count, sizeof(nactions[0]));
       if(!nactions) {
-        free(nsockets);
+        curlx_free(nsockets);
         return CURLE_OUT_OF_MEMORY;
       }
       memcpy(nsockets, ps->sockets, ps->count * sizeof(ps->sockets[0]));
       memcpy(nactions, ps->actions, ps->count * sizeof(ps->actions[0]));
       if(ps->sockets != ps->def_sockets)
-        free(ps->sockets);
+        curlx_free(ps->sockets);
       ps->sockets = nsockets;
       if(ps->actions != ps->def_actions)
-        free(ps->actions);
+        curlx_free(ps->actions);
       ps->actions = nactions;
       ps->count = new_count;
     }
@@ -668,7 +664,7 @@ int Curl_pollset_poll(struct Curl_easy *data,
   if(!ps->n)
     return curlx_wait_ms(timeout_ms);
 
-  pfds = calloc(ps->n, sizeof(*pfds));
+  pfds = curlx_calloc(ps->n, sizeof(*pfds));
   if(!pfds)
     return -1;
 
@@ -689,7 +685,7 @@ int Curl_pollset_poll(struct Curl_easy *data,
   }
 
   result = Curl_poll(pfds, npfds, timeout_ms);
-  free(pfds);
+  curlx_free(pfds);
   return result;
 }
 
diff --git a/lib/sendf.c b/lib/sendf.c
index 6731cd874b..1d73291c92 100644
--- a/lib/sendf.c
+++ b/lib/sendf.c
@@ -55,10 +55,6 @@
 #include "curlx/warnless.h"
 #include "ws.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 
 static CURLcode do_init_writer_stack(struct Curl_easy *data);
 
@@ -100,7 +96,7 @@ static void cl_reset_writer(struct Curl_easy *data)
   while(writer) {
     data->req.writer_stack = writer->next;
     writer->cwt->do_close(data, writer);
-    free(writer);
+    curlx_free(writer);
     writer = data->req.writer_stack;
   }
 }
@@ -112,7 +108,7 @@ static void cl_reset_reader(struct Curl_easy *data)
   while(reader) {
     data->req.reader_stack = reader->next;
     reader->crt->do_close(data, reader);
-    free(reader);
+    curlx_free(reader);
     reader = data->req.reader_stack;
   }
 }
@@ -374,7 +370,7 @@ CURLcode Curl_cwriter_create(struct Curl_cwriter **pwriter,
   void *p;
 
   DEBUGASSERT(cwt->cwriter_size >= sizeof(struct Curl_cwriter));
-  p = calloc(1, cwt->cwriter_size);
+  p = curlx_calloc(1, cwt->cwriter_size);
   if(!p)
     goto out;
 
@@ -387,7 +383,7 @@ CURLcode Curl_cwriter_create(struct Curl_cwriter **pwriter,
 out:
   *pwriter = result ? NULL : writer;
   if(result)
-    free(writer);
+    curlx_free(writer);
   return result;
 }
 
@@ -396,7 +392,7 @@ void Curl_cwriter_free(struct Curl_easy *data,
 {
   if(writer) {
     writer->cwt->do_close(data, writer);
-    free(writer);
+    curlx_free(writer);
   }
 }
 
@@ -938,7 +934,7 @@ CURLcode Curl_creader_create(struct Curl_creader **preader,
   void *p;
 
   DEBUGASSERT(crt->creader_size >= sizeof(struct Curl_creader));
-  p = calloc(1, crt->creader_size);
+  p = curlx_calloc(1, crt->creader_size);
   if(!p)
     goto out;
 
@@ -951,7 +947,7 @@ CURLcode Curl_creader_create(struct Curl_creader **preader,
 out:
   *preader = result ? NULL : reader;
   if(result)
-    free(reader);
+    curlx_free(reader);
   return result;
 }
 
@@ -959,7 +955,7 @@ void Curl_creader_free(struct Curl_easy *data, struct Curl_creader *reader)
 {
   if(reader) {
     reader->crt->do_close(data, reader);
-    free(reader);
+    curlx_free(reader);
   }
 }
 
diff --git a/lib/setopt.c b/lib/setopt.c
index 36f447cdc5..b4ca361ce3 100644
--- a/lib/setopt.c
+++ b/lib/setopt.c
@@ -55,10 +55,6 @@
 #include "strdup.h"
 #include "escape.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 static CURLcode setopt_set_timeout_sec(timediff_t *ptimeout_ms, long secs)
 {
   if(secs < 0)
@@ -98,7 +94,7 @@ CURLcode Curl_setstropt(char **charp, const char *s)
     if(strlen(s) > CURL_MAX_INPUT_LENGTH)
       return CURLE_BAD_FUNCTION_ARGUMENT;
 
-    *charp = strdup(s);
+    *charp = curlx_strdup(s);
     if(!*charp)
       return CURLE_OUT_OF_MEMORY;
   }
@@ -119,8 +115,8 @@ CURLcode Curl_setblobopt(struct curl_blob **blobp,
     if(blob->len > CURL_MAX_INPUT_LENGTH)
       return CURLE_BAD_FUNCTION_ARGUMENT;
     nblob = (struct curl_blob *)
-      malloc(sizeof(struct curl_blob) +
-             ((blob->flags & CURL_BLOB_COPY) ? blob->len : 0));
+      curlx_malloc(sizeof(struct curl_blob) +
+                   ((blob->flags & CURL_BLOB_COPY) ? blob->len : 0));
     if(!nblob)
       return CURLE_OUT_OF_MEMORY;
     *nblob = *blob;
@@ -158,10 +154,10 @@ static CURLcode setstropt_userpwd(char *option, char **userp, char **passwdp)
       return result;
   }
 
-  free(*userp);
+  curlx_free(*userp);
   *userp = user;
 
-  free(*passwdp);
+  curlx_free(*passwdp);
   *passwdp = passwd;
 
   return CURLE_OK;
@@ -185,13 +181,13 @@ static CURLcode setstropt_interface(char *option, char **devp,
     if(result)
       return result;
   }
-  free(*devp);
+  curlx_free(*devp);
   *devp = dev;
 
-  free(*ifacep);
+  curlx_free(*ifacep);
   *ifacep = iface;
 
-  free(*hostp);
+  curlx_free(*hostp);
   *hostp = host;
 
   return CURLE_OK;
@@ -1706,7 +1702,7 @@ static CURLcode setopt_cptr(struct Curl_easy *data, CURLoption option,
         if(!p)
           return CURLE_OUT_OF_MEMORY;
         else {
-          free(s->str[STRING_COPYPOSTFIELDS]);
+          curlx_free(s->str[STRING_COPYPOSTFIELDS]);
           s->str[STRING_COPYPOSTFIELDS] = p;
         }
       }
@@ -2040,8 +2036,8 @@ static CURLcode setopt_cptr(struct Curl_easy *data, CURLoption option,
       result = Curl_urldecode(p, 0, &s->str[STRING_PROXYPASSWORD], NULL,
                               REJECT_ZERO);
     }
-    free(u);
-    free(p);
+    curlx_free(u);
+    curlx_free(p);
   }
     break;
   case CURLOPT_PROXYUSERNAME:
diff --git a/lib/sha256.c b/lib/sha256.c
index 3e3205e36b..977ad3edc4 100644
--- a/lib/sha256.c
+++ b/lib/sha256.c
@@ -59,10 +59,6 @@
 #include 
 #endif
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 /* Please keep the SSL backend-specific #if branches in this order:
  *
  * 1. USE_OPENSSL
diff --git a/lib/slist.c b/lib/slist.c
index 88fdd8a2ba..469ee0ef3b 100644
--- a/lib/slist.c
+++ b/lib/slist.c
@@ -28,10 +28,6 @@
 
 #include "slist.h"
 
-/* The last #include files should be: */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 /* returns last node in linked list */
 static struct curl_slist *slist_get_last(struct curl_slist *list)
 {
@@ -66,7 +62,7 @@ struct curl_slist *Curl_slist_append_nodup(struct curl_slist *list,
 
   DEBUGASSERT(data);
 
-  new_item = malloc(sizeof(struct curl_slist));
+  new_item = curlx_malloc(sizeof(struct curl_slist));
   if(!new_item)
     return NULL;
 
@@ -92,14 +88,14 @@ struct curl_slist *Curl_slist_append_nodup(struct curl_slist *list,
 struct curl_slist *curl_slist_append(struct curl_slist *list,
                                      const char *data)
 {
-  char *dupdata = strdup(data);
+  char *dupdata = curlx_strdup(data);
 
   if(!dupdata)
     return NULL;
 
   list = Curl_slist_append_nodup(list, dupdata);
   if(!list)
-    free(dupdata);
+    curlx_free(dupdata);
 
   return list;
 }
@@ -141,7 +137,7 @@ void curl_slist_free_all(struct curl_slist *list)
   do {
     next = item->next;
     Curl_safefree(item->data);
-    free(item);
+    curlx_free(item);
     item = next;
   } while(next);
 }
diff --git a/lib/smb.c b/lib/smb.c
index e5fca3ec0b..338464961b 100644
--- a/lib/smb.c
+++ b/lib/smb.c
@@ -42,10 +42,6 @@
 #include "escape.h"
 #include "curl_endian.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 
 /* meta key for storing protocol meta at easy handle */
 #define CURL_META_SMB_EASY   "meta:proto:smb:easy"
@@ -451,7 +447,7 @@ static void smb_easy_dtor(void *key, size_t klen, void *entry)
   /* `req->path` points to somewhere in `struct smb_conn` which is
    * kept at the connection meta. If the connection is destroyed first,
    * req->path points to free'd memory. */
-  free(req);
+  curlx_free(req);
 }
 
 static void smb_conn_dtor(void *key, size_t klen, void *entry)
@@ -463,7 +459,7 @@ static void smb_conn_dtor(void *key, size_t klen, void *entry)
   Curl_safefree(smbc->domain);
   Curl_safefree(smbc->recv_buf);
   Curl_safefree(smbc->send_buf);
-  free(smbc);
+  curlx_free(smbc);
 }
 
 /* this should setup things in the connection, not in the easy
@@ -475,13 +471,13 @@ static CURLcode smb_setup_connection(struct Curl_easy *data,
   struct smb_request *req;
 
   /* Initialize the connection state */
-  smbc = calloc(1, sizeof(*smbc));
+  smbc = curlx_calloc(1, sizeof(*smbc));
   if(!smbc ||
      Curl_conn_meta_set(conn, CURL_META_SMB_CONN, smbc, smb_conn_dtor))
     return CURLE_OUT_OF_MEMORY;
 
   /* Initialize the request state */
-  req = calloc(1, sizeof(*req));
+  req = curlx_calloc(1, sizeof(*req));
   if(!req ||
      Curl_meta_set(data, CURL_META_SMB_EASY, req, smb_easy_dtor))
     return CURLE_OUT_OF_MEMORY;
@@ -506,10 +502,10 @@ static CURLcode smb_connect(struct Curl_easy *data, bool *done)
 
   /* Initialize the connection state */
   smbc->state = SMB_CONNECTING;
-  smbc->recv_buf = malloc(MAX_MESSAGE_SIZE);
+  smbc->recv_buf = curlx_malloc(MAX_MESSAGE_SIZE);
   if(!smbc->recv_buf)
     return CURLE_OUT_OF_MEMORY;
-  smbc->send_buf = malloc(MAX_MESSAGE_SIZE);
+  smbc->send_buf = curlx_malloc(MAX_MESSAGE_SIZE);
   if(!smbc->send_buf)
     return CURLE_OUT_OF_MEMORY;
 
@@ -520,14 +516,14 @@ static CURLcode smb_connect(struct Curl_easy *data, bool *done)
 
   if(slash) {
     smbc->user = slash + 1;
-    smbc->domain = strdup(conn->user);
+    smbc->domain = curlx_strdup(conn->user);
     if(!smbc->domain)
       return CURLE_OUT_OF_MEMORY;
     smbc->domain[slash - conn->user] = 0;
   }
   else {
     smbc->user = conn->user;
-    smbc->domain = strdup(conn->host.name);
+    smbc->domain = curlx_strdup(conn->host.name);
     if(!smbc->domain)
       return CURLE_OUT_OF_MEMORY;
   }
@@ -1246,8 +1242,9 @@ static CURLcode smb_parse_url_path(struct Curl_easy *data,
     return result;
 
   /* Parse the path for the share */
-  smbc->share = strdup((*path == '/' || *path == '\\') ? path + 1 : path);
-  free(path);
+  smbc->share = curlx_strdup((*path == '/' || *path == '\\')
+                             ? path + 1 : path);
+  curlx_free(path);
   if(!smbc->share)
     return CURLE_OUT_OF_MEMORY;
 
diff --git a/lib/smtp.c b/lib/smtp.c
index eca27f1465..55a15b36c0 100644
--- a/lib/smtp.c
+++ b/lib/smtp.c
@@ -81,10 +81,6 @@
 #include "idn.h"
 #include "curlx/strparse.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 /* meta key for storing protocol meta at easy handle */
 #define CURL_META_SMTP_EASY   "meta:proto:smtp:easy"
 /* meta key for storing protocol meta at connection */
@@ -646,7 +642,7 @@ static CURLcode smtp_perform_command(struct Curl_easy *data,
                              utf8 ? " SMTPUTF8" : "");
 
       Curl_free_idnconverted_hostname(&host);
-      free(address);
+      curlx_free(address);
     }
     else {
       /* Establish whether we should report that we support SMTPUTF8 for EXPN
@@ -722,11 +718,11 @@ static CURLcode smtp_perform_mail(struct Curl_easy *data,
          worry about that and reply with a 501 error */
       from = curl_maprintf("<%s>%s", address, suffix);
 
-    free(address);
+    curlx_free(address);
   }
   else
     /* Null reverse-path, RFC-5321, sect. 3.6.3 */
-    from = strdup("<>");
+    from = curlx_strdup("<>");
 
   if(!from) {
     result = CURLE_OUT_OF_MEMORY;
@@ -763,11 +759,11 @@ static CURLcode smtp_perform_mail(struct Curl_easy *data,
         /* An invalid mailbox was provided but we will simply let the server
            worry about it */
         auth = curl_maprintf("<%s>%s", address, suffix);
-      free(address);
+      curlx_free(address);
     }
     else
       /* Empty AUTH, RFC-2554, sect. 5 */
-      auth = strdup("<>");
+      auth = curlx_strdup("<>");
 
     if(!auth) {
       result = CURLE_OUT_OF_MEMORY;
@@ -848,9 +844,9 @@ static CURLcode smtp_perform_mail(struct Curl_easy *data,
                                : "");          /* included in our envelope  */
 
 out:
-  free(from);
-  free(auth);
-  free(size);
+  curlx_free(from);
+  curlx_free(auth);
+  curlx_free(size);
 
   if(!result)
     smtp_state(data, smtpc, SMTP_MAIL);
@@ -892,7 +888,7 @@ static CURLcode smtp_perform_rcpt_to(struct Curl_easy *data,
                            address, suffix);
 
   Curl_free_idnconverted_hostname(&host);
-  free(address);
+  curlx_free(address);
 
   if(!result)
     smtp_state(data, smtpc, SMTP_RCPT);
@@ -1716,7 +1712,7 @@ static void smtp_easy_dtor(void *key, size_t klen, void *entry)
   struct SMTP *smtp = entry;
   (void)key;
   (void)klen;
-  free(smtp);
+  curlx_free(smtp);
 }
 
 static void smtp_conn_dtor(void *key, size_t klen, void *entry)
@@ -1726,7 +1722,7 @@ static void smtp_conn_dtor(void *key, size_t klen, void *entry)
   (void)klen;
   Curl_pp_disconnect(&smtpc->pp);
   Curl_safefree(smtpc->domain);
-  free(smtpc);
+  curlx_free(smtpc);
 }
 
 static CURLcode smtp_setup_connection(struct Curl_easy *data,
@@ -1736,14 +1732,14 @@ static CURLcode smtp_setup_connection(struct Curl_easy *data,
   struct SMTP *smtp;
   CURLcode result = CURLE_OK;
 
-  smtpc = calloc(1, sizeof(*smtpc));
+  smtpc = curlx_calloc(1, sizeof(*smtpc));
   if(!smtpc ||
      Curl_conn_meta_set(conn, CURL_META_SMTP_CONN, smtpc, smtp_conn_dtor)) {
      result = CURLE_OUT_OF_MEMORY;
      goto out;
   }
 
-  smtp = calloc(1, sizeof(*smtp));
+  smtp = curlx_calloc(1, sizeof(*smtp));
   if(!smtp ||
      Curl_meta_set(data, CURL_META_SMTP_EASY, smtp, smtp_easy_dtor))
     result = CURLE_OUT_OF_MEMORY;
@@ -1877,7 +1873,7 @@ static CURLcode smtp_parse_address(const char *fqma, char **address,
 
   /* Duplicate the fully qualified email address so we can manipulate it,
      ensuring it does not contain the delimiters if specified */
-  char *dup = strdup(fqma[0] == '<' ? fqma + 1 : fqma);
+  char *dup = curlx_strdup(fqma[0] == '<' ? fqma + 1 : fqma);
   if(!dup)
     return CURLE_OUT_OF_MEMORY;
 
diff --git a/lib/socketpair.c b/lib/socketpair.c
index 08753c8a8c..0b61112044 100644
--- a/lib/socketpair.c
+++ b/lib/socketpair.c
@@ -134,10 +134,6 @@ int Curl_socketpair(int domain, int type, int protocol,
 #include "curlx/timeval.h"  /* needed before select.h */
 #include "select.h"   /* for Curl_poll */
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 int Curl_socketpair(int domain, int type, int protocol,
                     curl_socket_t socks[2], bool nonblocking)
 {
diff --git a/lib/socks.c b/lib/socks.c
index 3434030c83..7160dd1506 100644
--- a/lib/socks.c
+++ b/lib/socks.c
@@ -45,10 +45,6 @@
 #include "curlx/inet_pton.h"
 #include "url.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #if defined(DEBUGBUILD) && !defined(CURL_DISABLE_VERBOSE_STRINGS)
 #define DEBUG_AND_VERBOSE
 #endif
@@ -1215,7 +1211,7 @@ static void socks_proxy_cf_free(struct Curl_cfilter *cf)
   struct socks_state *sxstate = cf->ctx;
   if(sxstate) {
     Curl_bufq_free(&sxstate->iobuf);
-    free(sxstate);
+    curlx_free(sxstate);
     cf->ctx = NULL;
   }
 }
@@ -1247,7 +1243,7 @@ static CURLcode socks_proxy_cf_connect(struct Curl_cfilter *cf,
     return result;
 
   if(!sx) {
-    cf->ctx = sx = calloc(1, sizeof(*sx));
+    cf->ctx = sx = curlx_calloc(1, sizeof(*sx));
     if(!sx) {
       result = CURLE_OUT_OF_MEMORY;
       goto out;
diff --git a/lib/socks_gssapi.c b/lib/socks_gssapi.c
index 61c88be605..6f8a90139d 100644
--- a/lib/socks_gssapi.c
+++ b/lib/socks_gssapi.c
@@ -37,10 +37,6 @@
 #include "curlx/warnless.h"
 #include "strdup.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #if defined(__GNUC__) && defined(__APPLE__)
 #pragma GCC diagnostic push
 #pragma GCC diagnostic ignored "-Wdeprecated-declarations"
@@ -151,8 +147,8 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
                                        (gss_OID) GSS_C_NULL_OID, &server);
   }
   else {
-    service.value = malloc(serviceptr_length +
-                           strlen(conn->socks_proxy.host.name) + 2);
+    service.value = curlx_malloc(serviceptr_length +
+                                 strlen(conn->socks_proxy.host.name) + 2);
     if(!service.value)
       return CURLE_OUT_OF_MEMORY;
     service.length = serviceptr_length +
@@ -277,7 +273,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
     us_length = ntohs(us_length);
 
     gss_recv_token.length = us_length;
-    gss_recv_token.value = malloc(gss_recv_token.length);
+    gss_recv_token.value = curlx_malloc(gss_recv_token.length);
     if(!gss_recv_token.value) {
       failf(data,
             "Could not allocate memory for GSS-API authentication "
@@ -464,7 +460,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
   us_length = ntohs(us_length);
 
   gss_recv_token.length = us_length;
-  gss_recv_token.value = malloc(gss_recv_token.length);
+  gss_recv_token.value = curlx_malloc(gss_recv_token.length);
   if(!gss_recv_token.value) {
     Curl_gss_delete_sec_context(&gss_status, &gss_context, NULL);
     return CURLE_OUT_OF_MEMORY;
diff --git a/lib/socks_sspi.c b/lib/socks_sspi.c
index 14025371ce..92592c5ce0 100644
--- a/lib/socks_sspi.c
+++ b/lib/socks_sspi.c
@@ -38,10 +38,6 @@
 #include "curlx/multibyte.h"
 #include "curlx/warnless.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 /*
  * Helper sspi error functions.
  */
@@ -101,7 +97,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
 
   /* prepare service name */
   if(strchr(service, '/'))
-    service_name = strdup(service);
+    service_name = curlx_strdup(service);
   else
     service_name = curl_maprintf("%s/%s",
                                  service, conn->socks_proxy.host.name);
@@ -267,7 +263,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
     us_length = ntohs(us_length);
 
     sspi_recv_token.cbBuffer = us_length;
-    sspi_recv_token.pvBuffer = malloc(us_length);
+    sspi_recv_token.pvBuffer = curlx_malloc(us_length);
 
     if(!sspi_recv_token.pvBuffer) {
       result = CURLE_OUT_OF_MEMORY;
@@ -371,7 +367,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
 
     sspi_w_token[0].cbBuffer = sspi_sizes.cbSecurityTrailer;
     sspi_w_token[0].BufferType = SECBUFFER_TOKEN;
-    sspi_w_token[0].pvBuffer = malloc(sspi_sizes.cbSecurityTrailer);
+    sspi_w_token[0].pvBuffer = curlx_malloc(sspi_sizes.cbSecurityTrailer);
 
     if(!sspi_w_token[0].pvBuffer) {
       result = CURLE_OUT_OF_MEMORY;
@@ -379,7 +375,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
     }
 
     sspi_w_token[1].cbBuffer = 1;
-    sspi_w_token[1].pvBuffer = malloc(1);
+    sspi_w_token[1].pvBuffer = curlx_malloc(1);
     if(!sspi_w_token[1].pvBuffer) {
       result = CURLE_OUT_OF_MEMORY;
       goto error;
@@ -388,7 +384,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
     memcpy(sspi_w_token[1].pvBuffer, &gss_enc, 1);
     sspi_w_token[2].BufferType = SECBUFFER_PADDING;
     sspi_w_token[2].cbBuffer = sspi_sizes.cbBlockSize;
-    sspi_w_token[2].pvBuffer = malloc(sspi_sizes.cbBlockSize);
+    sspi_w_token[2].pvBuffer = curlx_malloc(sspi_sizes.cbBlockSize);
     if(!sspi_w_token[2].pvBuffer) {
       result = CURLE_OUT_OF_MEMORY;
       goto error;
@@ -409,7 +405,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
       result = CURLE_COULDNT_CONNECT;
       goto error;
     }
-    etbuf = malloc(etbuf_size);
+    etbuf = curlx_malloc(etbuf_size);
     if(!etbuf) {
       result = CURLE_OUT_OF_MEMORY;
       goto error;
@@ -486,7 +482,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
   us_length = ntohs(us_length);
 
   sspi_w_token[0].cbBuffer = us_length;
-  sspi_w_token[0].pvBuffer = malloc(us_length);
+  sspi_w_token[0].pvBuffer = curlx_malloc(us_length);
   if(!sspi_w_token[0].pvBuffer) {
     result = CURLE_OUT_OF_MEMORY;
     goto error;
@@ -514,7 +510,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
 
     /* since sspi_w_token[1].pvBuffer is allocated by the SSPI in this case, it
        must be freed in this block using FreeContextBuffer() instead of
-       potentially in error cleanup using free(). */
+       potentially in error cleanup using curlx_free(). */
 
     if(check_sspi_err(data, status, "DecryptMessage")) {
       failf(data, "Failed to query security context attributes.");
@@ -577,18 +573,18 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
   return CURLE_OK;
 error:
   (void)curlx_nonblock(sock, TRUE);
-  free(service_name);
+  curlx_free(service_name);
   Curl_pSecFn->DeleteSecurityContext(&sspi_context);
   Curl_pSecFn->FreeCredentialsHandle(&cred_handle);
-  free(sspi_recv_token.pvBuffer);
+  curlx_free(sspi_recv_token.pvBuffer);
   if(sspi_send_token.pvBuffer)
     Curl_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer);
   if(names.sUserName)
     Curl_pSecFn->FreeContextBuffer(names.sUserName);
-  free(sspi_w_token[0].pvBuffer);
-  free(sspi_w_token[1].pvBuffer);
-  free(sspi_w_token[2].pvBuffer);
-  free(etbuf);
+  curlx_free(sspi_w_token[0].pvBuffer);
+  curlx_free(sspi_w_token[1].pvBuffer);
+  curlx_free(sspi_w_token[2].pvBuffer);
+  curlx_free(etbuf);
   return result;
 }
 #endif
diff --git a/lib/strdup.c b/lib/strdup.c
index 3339e909ee..375f0f5044 100644
--- a/lib/strdup.c
+++ b/lib/strdup.c
@@ -31,10 +31,6 @@
 #endif
 
 #include "strdup.h"
-#include "curl_memory.h"
-
-/* The last #include file should be: */
-#include "memdebug.h"
 
 #ifndef HAVE_STRDUP
 char *Curl_strdup(const char *str)
@@ -47,7 +43,7 @@ char *Curl_strdup(const char *str)
 
   len = strlen(str) + 1;
 
-  newstr = malloc(len);
+  newstr = curlx_malloc(len);
   if(!newstr)
     return (char *)NULL;
 
@@ -90,7 +86,7 @@ wchar_t *Curl_wcsdup(const wchar_t *src)
  ***************************************************************************/
 void *Curl_memdup(const void *src, size_t length)
 {
-  void *buffer = malloc(length);
+  void *buffer = curlx_malloc(length);
   if(!buffer)
     return NULL; /* fail */
 
@@ -111,7 +107,7 @@ void *Curl_memdup(const void *src, size_t length)
  ***************************************************************************/
 void *Curl_memdup0(const char *src, size_t length)
 {
-  char *buf = (length < SIZE_MAX) ? malloc(length + 1) : NULL;
+  char *buf = (length < SIZE_MAX) ? curlx_malloc(length + 1) : NULL;
   if(!buf)
     return NULL;
   if(length) {
@@ -126,7 +122,7 @@ void *Curl_memdup0(const char *src, size_t length)
  *
  * Curl_saferealloc(ptr, size)
  *
- * Does a normal realloc(), but will free the data pointer if the realloc
+ * Does a normal curlx_realloc(), but will free the data pointer if the realloc
  * fails. If 'size' is non-zero, it will free the data and return a failure.
  *
  * This convenience function is provided and used to help us avoid a common
@@ -138,9 +134,9 @@ void *Curl_memdup0(const char *src, size_t length)
  ***************************************************************************/
 void *Curl_saferealloc(void *ptr, size_t size)
 {
-  void *datap = realloc(ptr, size);
+  void *datap = curlx_realloc(ptr, size);
   if(size && !datap)
     /* only free 'ptr' if size was non-zero */
-    free(ptr);
+    curlx_free(ptr);
   return datap;
 }
diff --git a/lib/strerror.c b/lib/strerror.c
index afe69756bc..4b957bef23 100644
--- a/lib/strerror.c
+++ b/lib/strerror.c
@@ -34,10 +34,6 @@
 #include "curlx/winapi.h"
 #include "strerror.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 const char *
 curl_easy_strerror(CURLcode error)
 {
diff --git a/lib/system_win32.c b/lib/system_win32.c
index bdbed66162..f8a6cbfccc 100644
--- a/lib/system_win32.c
+++ b/lib/system_win32.c
@@ -32,10 +32,6 @@
 #include "curl_sspi.h"
 #include "curlx/warnless.h"
 
-/* The last #include files should be: */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #ifndef HAVE_IF_NAMETOINDEX
 /* Handle of iphlpapp.dll */
 static HMODULE s_hIpHlpApiDll = NULL;
@@ -218,7 +214,8 @@ static HMODULE curl_load_library(LPCTSTR filename)
       /* Allocate space for the full DLL path (Room for the null-terminator
          is included in systemdirlen) */
       size_t filenamelen = _tcslen(filename);
-      TCHAR *path = malloc(sizeof(TCHAR) * (systemdirlen + 1 + filenamelen));
+      TCHAR *path = curlx_malloc(sizeof(TCHAR) *
+                                 (systemdirlen + 1 + filenamelen));
       if(path && GetSystemDirectory(path, systemdirlen)) {
         /* Calculate the full DLL path */
         _tcscpy(path + _tcslen(path), TEXT("\\"));
@@ -230,7 +227,7 @@ static HMODULE curl_load_library(LPCTSTR filename)
           pLoadLibraryEx(path, NULL, LOAD_WITH_ALTERED_SEARCH_PATH) :
           LoadLibrary(path);
       }
-      free(path);
+      curlx_free(path);
     }
   }
   return hModule;
diff --git a/lib/telnet.c b/lib/telnet.c
index d0ca5a66ce..5319130b90 100644
--- a/lib/telnet.c
+++ b/lib/telnet.c
@@ -60,10 +60,6 @@
 #include "curlx/warnless.h"
 #include "curlx/strparse.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #define SUBBUFSIZE 512
 
 #define CURL_SB_CLEAR(x)  x->subpointer = x->subbuffer
@@ -211,7 +207,7 @@ static void telnet_easy_dtor(void *key, size_t klen, void *entry)
   (void)klen;
   curl_slist_free_all(tn->telnet_vars);
   curlx_dyn_free(&tn->out);
-  free(tn);
+  curlx_free(tn);
 }
 
 static
@@ -219,7 +215,7 @@ CURLcode init_telnet(struct Curl_easy *data)
 {
   struct TELNET *tn;
 
-  tn = calloc(1, sizeof(struct TELNET));
+  tn = curlx_calloc(1, sizeof(struct TELNET));
   if(!tn)
     return CURLE_OUT_OF_MEMORY;
 
diff --git a/lib/tftp.c b/lib/tftp.c
index ce9d200f05..5311a4c683 100644
--- a/lib/tftp.c
+++ b/lib/tftp.c
@@ -64,10 +64,6 @@
 #include "curlx/strerr.h"
 #include "curlx/strparse.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 /* RFC2348 allows the block size to be negotiated */
 #define TFTP_BLKSIZE_DEFAULT 512
 #define TFTP_OPTION_BLKSIZE "blksize"
@@ -470,7 +466,7 @@ static CURLcode tftp_send_first(struct tftp_conn *state,
 
     if(strlen(filename) > (state->blksize - strlen(mode) - 4)) {
       failf(data, "TFTP filename too long");
-      free(filename);
+      curlx_free(filename);
       return CURLE_TFTP_ILLEGAL; /* too long filename field */
     }
 
@@ -478,7 +474,7 @@ static CURLcode tftp_send_first(struct tftp_conn *state,
                    state->blksize,
                    "%s%c%s%c", filename, '\0', mode, '\0');
     sbytes = 4 + strlen(filename) + strlen(mode);
-    free(filename);
+    curlx_free(filename);
 
     /* optional addition of TFTP options */
     if(!data->set.tftp_no_options) {
@@ -946,7 +942,7 @@ static void tftp_conn_dtor(void *key, size_t klen, void *entry)
   (void)klen;
   Curl_safefree(state->rpacket.data);
   Curl_safefree(state->spacket.data);
-  free(state);
+  curlx_free(state);
 }
 
 /**********************************************************
@@ -967,7 +963,7 @@ static CURLcode tftp_connect(struct Curl_easy *data, bool *done)
 
   blksize = TFTP_BLKSIZE_DEFAULT;
 
-  state = calloc(1, sizeof(*state));
+  state = curlx_calloc(1, sizeof(*state));
   if(!state ||
      Curl_conn_meta_set(conn, CURL_META_TFTP_CONN, state, tftp_conn_dtor))
     return CURLE_OUT_OF_MEMORY;
@@ -983,14 +979,14 @@ static CURLcode tftp_connect(struct Curl_easy *data, bool *done)
     need_blksize = TFTP_BLKSIZE_DEFAULT;
 
   if(!state->rpacket.data) {
-    state->rpacket.data = calloc(1, need_blksize + 2 + 2);
+    state->rpacket.data = curlx_calloc(1, need_blksize + 2 + 2);
 
     if(!state->rpacket.data)
       return CURLE_OUT_OF_MEMORY;
   }
 
   if(!state->spacket.data) {
-    state->spacket.data = calloc(1, need_blksize + 2 + 2);
+    state->spacket.data = curlx_calloc(1, need_blksize + 2 + 2);
 
     if(!state->spacket.data)
       return CURLE_OUT_OF_MEMORY;
diff --git a/lib/transfer.c b/lib/transfer.c
index f0ce3c5012..d8a0d6c0ba 100644
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -81,10 +81,6 @@
 #include "headers.h"
 #include "curlx/warnless.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #if !defined(CURL_DISABLE_HTTP) || !defined(CURL_DISABLE_SMTP) || \
     !defined(CURL_DISABLE_IMAP)
 /*
@@ -479,7 +475,7 @@ CURLcode Curl_pretransfer(struct Curl_easy *data)
      is allowed to be changed by the user between transfers */
   if(data->set.uh) {
     CURLUcode uc;
-    free(data->set.str[STRING_SET_URL]);
+    curlx_free(data->set.str[STRING_SET_URL]);
     uc = curl_url_get(data->set.uh,
                       CURLUPART_URL, &data->set.str[STRING_SET_URL], 0);
     if(uc) {
@@ -574,7 +570,7 @@ CURLcode Curl_pretransfer(struct Curl_easy *data)
     if(data->state.wildcardmatch) {
       struct WildcardData *wc;
       if(!data->wildcard) {
-        data->wildcard = calloc(1, sizeof(struct WildcardData));
+        data->wildcard = curlx_calloc(1, sizeof(struct WildcardData));
         if(!data->wildcard)
           return CURLE_OUT_OF_MEMORY;
       }
@@ -597,7 +593,7 @@ CURLcode Curl_pretransfer(struct Curl_easy *data)
    * protocol.
    */
   if(!result && data->set.str[STRING_USERAGENT]) {
-    free(data->state.aptr.uagent);
+    curlx_free(data->state.aptr.uagent);
     data->state.aptr.uagent =
       curl_maprintf("User-Agent: %s\r\n", data->set.str[STRING_USERAGENT]);
     if(!data->state.aptr.uagent)
@@ -629,7 +625,7 @@ CURLcode Curl_pretransfer(struct Curl_easy *data)
 
 /* Returns CURLE_OK *and* sets '*url' if a request retry is wanted.
 
-   NOTE: that the *url is malloc()ed. */
+   NOTE: that the *url is curlx_malloc()ed. */
 CURLcode Curl_retry_request(struct Curl_easy *data, char **url)
 {
   struct connectdata *conn = data->conn;
@@ -680,7 +676,7 @@ CURLcode Curl_retry_request(struct Curl_easy *data, char **url)
     }
     infof(data, "Connection died, retrying a fresh connect (retry count: %d)",
           data->state.retrycount);
-    *url = strdup(data->state.url);
+    *url = curlx_strdup(data->state.url);
     if(!*url)
       return CURLE_OUT_OF_MEMORY;
 
diff --git a/lib/uint-bset.c b/lib/uint-bset.c
index 82440c5637..dcad94e42a 100644
--- a/lib/uint-bset.c
+++ b/lib/uint-bset.c
@@ -25,10 +25,6 @@
 #include "curl_setup.h"
 #include "uint-bset.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #ifdef DEBUGBUILD
 #define CURL_UINT32_BSET_MAGIC  0x62757473
 #endif
@@ -49,14 +45,14 @@ CURLcode Curl_uint32_bset_resize(struct uint32_bset *bset, uint32_t nmax)
 
   DEBUGASSERT(bset->init == CURL_UINT32_BSET_MAGIC);
   if(nslots != bset->nslots) {
-    uint64_t *slots = calloc(nslots, sizeof(uint64_t));
+    uint64_t *slots = curlx_calloc(nslots, sizeof(uint64_t));
     if(!slots)
       return CURLE_OUT_OF_MEMORY;
 
     if(bset->slots) {
       memcpy(slots, bset->slots,
              (CURLMIN(nslots, bset->nslots) * sizeof(uint64_t)));
-      free(bset->slots);
+      curlx_free(bset->slots);
     }
     bset->slots = slots;
     bset->nslots = nslots;
@@ -69,7 +65,7 @@ CURLcode Curl_uint32_bset_resize(struct uint32_bset *bset, uint32_t nmax)
 void Curl_uint32_bset_destroy(struct uint32_bset *bset)
 {
   DEBUGASSERT(bset->init == CURL_UINT32_BSET_MAGIC);
-  free(bset->slots);
+  curlx_free(bset->slots);
   memset(bset, 0, sizeof(*bset));
 }
 
diff --git a/lib/uint-hash.c b/lib/uint-hash.c
index 4677c6ac91..166a9ab99b 100644
--- a/lib/uint-hash.c
+++ b/lib/uint-hash.c
@@ -27,10 +27,6 @@
 #include 
 
 #include "uint-hash.h"
-#include "curl_memory.h"
-
-/* The last #include file should be: */
-#include "memdebug.h"
 
 /* random patterns for API verification */
 #ifdef DEBUGBUILD
@@ -70,7 +66,7 @@ static struct uint_hash_entry *uint32_hash_mk_entry(uint32_t id, void *value)
   struct uint_hash_entry *e;
 
   /* allocate the struct for the hash entry */
-  e = malloc(sizeof(*e));
+  e = curlx_malloc(sizeof(*e));
   if(e) {
     e->id = id;
     e->next = NULL;
@@ -95,7 +91,7 @@ static void uint32_hash_entry_destroy(struct uint_hash *h,
                                       struct uint_hash_entry *e)
 {
   uint32_hash_entry_clear(h, e);
-  free(e);
+  curlx_free(e);
 }
 
 static void uint32_hash_entry_unlink(struct uint_hash *h,
@@ -126,7 +122,7 @@ bool Curl_uint32_hash_set(struct uint_hash *h, uint32_t id, void *value)
   DEBUGASSERT(h->slots);
   DEBUGASSERT(h->init == CURL_UINT32_HASHINIT);
   if(!h->table) {
-    h->table = calloc(h->slots, sizeof(*he));
+    h->table = curlx_calloc(h->slots, sizeof(*he));
     if(!h->table)
       return FALSE; /* OOM */
   }
diff --git a/lib/uint-spbset.c b/lib/uint-spbset.c
index f250bcb1b4..c726bfb900 100644
--- a/lib/uint-spbset.c
+++ b/lib/uint-spbset.c
@@ -26,10 +26,6 @@
 #include "uint-bset.h"
 #include "uint-spbset.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #ifdef DEBUGBUILD
 #define CURL_UINT32_SPBSET_MAGIC  0x70737362
 #endif
@@ -85,7 +81,7 @@ UNITTEST void Curl_uint32_spbset_clear(struct uint32_spbset *bset)
 
   for(chunk = bset->head.next; chunk; chunk = next) {
     next = chunk->next;
-    free(chunk);
+    curlx_free(chunk);
   }
   memset(&bset->head, 0, sizeof(bset->head));
 }
@@ -116,7 +112,7 @@ uint32_spbset_get_chunk(struct uint32_spbset *bset, uint32_t i, bool grow)
     return NULL;
 
   /* need a new one */
-  chunk = calloc(1, sizeof(*chunk));
+  chunk = curlx_calloc(1, sizeof(*chunk));
   if(!chunk)
     return NULL;
 
diff --git a/lib/uint-table.c b/lib/uint-table.c
index 5516ab634b..05b53766f3 100644
--- a/lib/uint-table.c
+++ b/lib/uint-table.c
@@ -25,10 +25,6 @@
 #include "curl_setup.h"
 #include "uint-table.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #ifdef DEBUGBUILD
 #define CURL_UINT32_TBL_MAGIC  0x62757473
 #endif
@@ -73,14 +69,14 @@ CURLcode Curl_uint32_tbl_resize(struct uint32_tbl *tbl, uint32_t nrows)
   if(!nrows)
     return CURLE_BAD_FUNCTION_ARGUMENT;
   if(nrows != tbl->nrows) {
-    void **rows = calloc(nrows, sizeof(void *));
+    void **rows = curlx_calloc(nrows, sizeof(void *));
     if(!rows)
       return CURLE_OUT_OF_MEMORY;
     if(tbl->rows) {
       memcpy(rows, tbl->rows, (CURLMIN(nrows, tbl->nrows) * sizeof(void *)));
       if(nrows < tbl->nrows)
         uint32_tbl_clear_rows(tbl, nrows, tbl->nrows);
-      free(tbl->rows);
+      curlx_free(tbl->rows);
     }
     tbl->rows = rows;
     tbl->nrows = nrows;
@@ -93,7 +89,7 @@ void Curl_uint32_tbl_destroy(struct uint32_tbl *tbl)
 {
   DEBUGASSERT(tbl->init == CURL_UINT32_TBL_MAGIC);
   Curl_uint32_tbl_clear(tbl);
-  free(tbl->rows);
+  curlx_free(tbl->rows);
   memset(tbl, 0, sizeof(*tbl));
 }
 
diff --git a/lib/url.c b/lib/url.c
index e7f39d5471..b4c33236cd 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -126,10 +126,6 @@
 #include "curlx/strerr.h"
 #include "curlx/strparse.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #ifdef USE_NGHTTP2
 static void data_priority_cleanup(struct Curl_easy *data);
 #else
@@ -257,7 +253,7 @@ CURLcode Curl_close(struct Curl_easy **datap)
   Curl_expire_clear(data); /* shut off any timers left */
 
   if(data->state.rangestringalloc)
-    free(data->state.range);
+    curlx_free(data->state.range);
 
   /* release any resolve information this transfer kept */
   Curl_async_destroy(data);
@@ -346,7 +342,7 @@ CURLcode Curl_close(struct Curl_easy **datap)
   Curl_freeset(data);
   Curl_headers_cleanup(data);
   Curl_netrc_cleanup(&data->state.netrc);
-  free(data);
+  curlx_free(data);
   return CURLE_OK;
 }
 
@@ -500,7 +496,7 @@ CURLcode Curl_open(struct Curl_easy **curl)
   struct Curl_easy *data;
 
   /* simple start-up: alloc the struct, init it with zeroes and return */
-  data = calloc(1, sizeof(struct Curl_easy));
+  data = curlx_calloc(1, sizeof(struct Curl_easy));
   if(!data) {
     /* this is a serious error */
     DEBUGF(curl_mfprintf(stderr, "Error: calloc of Curl_easy failed\n"));
@@ -578,7 +574,7 @@ void Curl_conn_free(struct Curl_easy *data, struct connectdata *conn)
   Curl_uint32_spbset_destroy(&conn->xfers_attached);
   Curl_hash_destroy(&conn->meta_hash);
 
-  free(conn); /* free all the connection oriented data */
+  curlx_free(conn); /* free all the connection oriented data */
 }
 
 /*
@@ -1351,7 +1347,7 @@ ConnectionExists(struct Curl_easy *data,
  */
 static struct connectdata *allocate_conn(struct Curl_easy *data)
 {
-  struct connectdata *conn = calloc(1, sizeof(struct connectdata));
+  struct connectdata *conn = curlx_calloc(1, sizeof(struct connectdata));
   if(!conn)
     return NULL;
 
@@ -1406,7 +1402,7 @@ static struct connectdata *allocate_conn(struct Curl_easy *data)
 
   /* Store the local bind parameters that will be used for this connection */
   if(data->set.str[STRING_DEVICE]) {
-    conn->localdev = strdup(data->set.str[STRING_DEVICE]);
+    conn->localdev = curlx_strdup(data->set.str[STRING_DEVICE]);
     if(!conn->localdev)
       goto error;
   }
@@ -1427,8 +1423,8 @@ static struct connectdata *allocate_conn(struct Curl_easy *data)
   return conn;
 error:
 
-  free(conn->localdev);
-  free(conn);
+  curlx_free(conn->localdev);
+  curlx_free(conn);
   return NULL;
 }
 
@@ -1747,7 +1743,7 @@ static void zonefrom_url(CURLU *uh, struct Curl_easy *data,
     }
 #endif /* HAVE_IF_NAMETOINDEX || _WIN32 */
 
-    free(zoneid);
+    curlx_free(zoneid);
   }
 }
 #else
@@ -1787,7 +1783,7 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data,
     if(!url)
       return CURLE_OUT_OF_MEMORY;
     if(data->state.url_alloc)
-      free(data->state.url);
+      curlx_free(data->state.url);
     data->state.url = url;
     data->state.url_alloc = TRUE;
   }
@@ -1810,7 +1806,7 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data,
     if(uc)
       return Curl_uc_to_curlcode(uc);
     if(data->state.url_alloc)
-      free(data->state.url);
+      curlx_free(data->state.url);
     data->state.url = newurl;
     data->state.url_alloc = TRUE;
   }
@@ -1844,7 +1840,7 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data,
   }
 
   /* make sure the connect struct gets its own copy of the hostname */
-  conn->host.rawalloc = strdup(hostname ? hostname : "");
+  conn->host.rawalloc = curlx_strdup(hostname ? hostname : "");
   if(!conn->host.rawalloc)
     return CURLE_OUT_OF_MEMORY;
   conn->host.name = conn->host.rawalloc;
@@ -1874,7 +1870,7 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data,
         return Curl_uc_to_curlcode(uc);
       uc = curl_url_get(uh, CURLUPART_SCHEME, &data->state.up.scheme, 0);
       if(uc) {
-        free(url);
+        curlx_free(url);
         return Curl_uc_to_curlcode(uc);
       }
       data->state.url = url;
@@ -1937,7 +1933,7 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data,
   uc = curl_url_get(uh, CURLUPART_OPTIONS, &data->state.up.options,
                     CURLU_URLDECODE);
   if(!uc) {
-    conn->options = strdup(data->state.up.options);
+    conn->options = curlx_strdup(data->state.up.options);
     if(!conn->options)
       return CURLE_OUT_OF_MEMORY;
   }
@@ -1993,12 +1989,12 @@ static CURLcode setup_range(struct Curl_easy *data)
   s->resume_from = data->set.set_resume_from;
   if(s->resume_from || data->set.str[STRING_SET_RANGE]) {
     if(s->rangestringalloc)
-      free(s->range);
+      curlx_free(s->range);
 
     if(s->resume_from)
       s->range = curl_maprintf("%" FMT_OFF_T "-", s->resume_from);
     else
-      s->range = strdup(data->set.str[STRING_SET_RANGE]);
+      s->range = curlx_strdup(data->set.str[STRING_SET_RANGE]);
 
     if(!s->range)
       return CURLE_OUT_OF_MEMORY;
@@ -2261,7 +2257,7 @@ static CURLcode parse_proxy(struct Curl_easy *data,
     goto error;
 
   if(proxyuser || proxypasswd) {
-    free(proxyinfo->user);
+    curlx_free(proxyinfo->user);
     proxyinfo->user = proxyuser;
     result = Curl_setstropt(&data->state.aptr.proxyuser, proxyuser);
     proxyuser = NULL;
@@ -2269,7 +2265,7 @@ static CURLcode parse_proxy(struct Curl_easy *data,
       goto error;
     Curl_safefree(proxyinfo->passwd);
     if(!proxypasswd) {
-      proxypasswd = strdup("");
+      proxypasswd = curlx_strdup("");
       if(!proxypasswd) {
         result = CURLE_OUT_OF_MEMORY;
         goto error;
@@ -2295,7 +2291,7 @@ static CURLcode parse_proxy(struct Curl_easy *data,
     if(!curlx_str_number(&p, &num, UINT16_MAX))
       proxyinfo->port = (uint16_t)num;
     /* Should we not error out when the port number is invalid? */
-    free(portptr);
+    curlx_free(portptr);
   }
   else {
     if(data->set.proxyport)
@@ -2326,13 +2322,13 @@ static CURLcode parse_proxy(struct Curl_easy *data,
     /* path will be "/", if no path was found */
     if(strcmp("/", path)) {
       is_unix_proxy = TRUE;
-      free(host);
+      curlx_free(host);
       host = curl_maprintf(UNIX_SOCKET_PREFIX"%s", path);
       if(!host) {
         result = CURLE_OUT_OF_MEMORY;
         goto error;
       }
-      free(proxyinfo->host.rawalloc);
+      curlx_free(proxyinfo->host.rawalloc);
       proxyinfo->host.rawalloc = host;
       proxyinfo->host.name = host;
       host = NULL;
@@ -2341,7 +2337,7 @@ static CURLcode parse_proxy(struct Curl_easy *data,
 
   if(!is_unix_proxy) {
 #endif
-    free(proxyinfo->host.rawalloc);
+    curlx_free(proxyinfo->host.rawalloc);
     proxyinfo->host.rawalloc = host;
     if(host[0] == '[') {
       /* this is a numerical IPv6, strip off the brackets */
@@ -2357,12 +2353,12 @@ static CURLcode parse_proxy(struct Curl_easy *data,
 #endif
 
 error:
-  free(proxyuser);
-  free(proxypasswd);
-  free(host);
-  free(scheme);
+  curlx_free(proxyuser);
+  curlx_free(proxypasswd);
+  curlx_free(host);
+  curlx_free(scheme);
 #ifdef USE_UNIX_SOCKETS
-  free(path);
+  curlx_free(path);
 #endif
   curl_url_cleanup(uhp);
   return result;
@@ -2380,9 +2376,9 @@ static CURLcode parse_proxy_auth(struct Curl_easy *data,
     data->state.aptr.proxypasswd : "";
   CURLcode result = CURLE_OUT_OF_MEMORY;
 
-  conn->http_proxy.user = strdup(proxyuser);
+  conn->http_proxy.user = curlx_strdup(proxyuser);
   if(conn->http_proxy.user) {
-    conn->http_proxy.passwd = strdup(proxypasswd);
+    conn->http_proxy.passwd = curlx_strdup(proxypasswd);
     if(conn->http_proxy.passwd)
       result = CURLE_OK;
     else
@@ -2414,7 +2410,7 @@ static CURLcode create_conn_helper_init_proxy(struct Curl_easy *data,
    * Detect what (if any) proxy to use
    *************************************************************/
   if(data->set.str[STRING_PROXY]) {
-    proxy = strdup(data->set.str[STRING_PROXY]);
+    proxy = curlx_strdup(data->set.str[STRING_PROXY]);
     /* if global proxy is set, this is it */
     if(!proxy) {
       failf(data, "memory shortage");
@@ -2424,7 +2420,7 @@ static CURLcode create_conn_helper_init_proxy(struct Curl_easy *data,
   }
 
   if(data->set.str[STRING_PRE_PROXY]) {
-    socksproxy = strdup(data->set.str[STRING_PRE_PROXY]);
+    socksproxy = curlx_strdup(data->set.str[STRING_PRE_PROXY]);
     /* if global socks proxy is set, this is it */
     if(!socksproxy) {
       failf(data, "memory shortage");
@@ -2460,20 +2456,21 @@ static CURLcode create_conn_helper_init_proxy(struct Curl_easy *data,
 #ifdef USE_UNIX_SOCKETS
   /* For the time being do not mix proxy and Unix domain sockets. See #1274 */
   if(proxy && conn->unix_domain_socket) {
-    free(proxy);
+    curlx_free(proxy);
     proxy = NULL;
   }
 #endif
 
   if(proxy && (!*proxy || (conn->handler->flags & PROTOPT_NONETWORK))) {
-    free(proxy);  /* Do not bother with an empty proxy string or if the
-                     protocol does not work with network */
+    curlx_free(proxy);  /* Do not bother with an empty proxy string
+                           or if the protocol does not work with network */
     proxy = NULL;
   }
   if(socksproxy && (!*socksproxy ||
                     (conn->handler->flags & PROTOPT_NONETWORK))) {
-    free(socksproxy);  /* Do not bother with an empty socks proxy string or if
-                          the protocol does not work with network */
+    curlx_free(socksproxy);  /* Do not bother with an empty socks proxy string
+                                or if the protocol does not work with
+                                network */
     socksproxy = NULL;
   }
 
@@ -2528,7 +2525,7 @@ static CURLcode create_conn_helper_init_proxy(struct Curl_easy *data,
         if(!conn->socks_proxy.user) {
           conn->socks_proxy.user = conn->http_proxy.user;
           conn->http_proxy.user = NULL;
-          free(conn->socks_proxy.passwd);
+          curlx_free(conn->socks_proxy.passwd);
           conn->socks_proxy.passwd = conn->http_proxy.passwd;
           conn->http_proxy.passwd = NULL;
         }
@@ -2558,8 +2555,8 @@ static CURLcode create_conn_helper_init_proxy(struct Curl_easy *data,
 
 out:
 
-  free(socksproxy);
-  free(proxy);
+  curlx_free(socksproxy);
+  curlx_free(proxy);
   return result;
 }
 #endif /* CURL_DISABLE_PROXY */
@@ -2653,8 +2650,8 @@ CURLcode Curl_parse_login_details(const char *login, const size_t len,
   *passwdp = pbuf;
   return CURLE_OK;
 error:
-  free(ubuf);
-  free(pbuf);
+  curlx_free(ubuf);
+  curlx_free(pbuf);
   return CURLE_OUT_OF_MEMORY;
 }
 
@@ -2712,8 +2709,8 @@ static CURLcode override_login(struct Curl_easy *data,
   char **optionsp = &conn->options;
 
   if(data->set.str[STRING_OPTIONS]) {
-    free(*optionsp);
-    *optionsp = strdup(data->set.str[STRING_OPTIONS]);
+    curlx_free(*optionsp);
+    *optionsp = curlx_strdup(data->set.str[STRING_OPTIONS]);
     if(!*optionsp)
       return CURLE_OUT_OF_MEMORY;
   }
@@ -2767,14 +2764,14 @@ static CURLcode override_login(struct Curl_easy *data,
       }
     }
     if(url_provided) {
-      free(conn->user);
-      conn->user = strdup(*userp);
+      curlx_free(conn->user);
+      conn->user = curlx_strdup(*userp);
       if(!conn->user)
         return CURLE_OUT_OF_MEMORY;
     }
     /* no user was set but a password, set a blank user */
     if(!*userp && *passwdp) {
-      *userp = strdup("");
+      *userp = curlx_strdup("");
       if(!*userp)
         return CURLE_OUT_OF_MEMORY;
     }
@@ -2798,7 +2795,7 @@ static CURLcode override_login(struct Curl_easy *data,
     if(uc)
       return Curl_uc_to_curlcode(uc);
     if(!*userp) {
-      *userp = strdup(data->state.aptr.user);
+      *userp = curlx_strdup(data->state.aptr.user);
       if(!*userp)
         return CURLE_OUT_OF_MEMORY;
     }
@@ -2815,7 +2812,7 @@ static CURLcode override_login(struct Curl_easy *data,
     if(uc)
       return Curl_uc_to_curlcode(uc);
     if(!*passwdp) {
-      *passwdp = strdup(data->state.aptr.passwd);
+      *passwdp = curlx_strdup(data->state.aptr.passwd);
       if(!*passwdp)
         return CURLE_OUT_OF_MEMORY;
     }
@@ -2843,14 +2840,14 @@ static CURLcode set_login(struct Curl_easy *data,
   }
   /* Store the default user */
   if(!conn->user) {
-    conn->user = strdup(setuser);
+    conn->user = curlx_strdup(setuser);
     if(!conn->user)
       return CURLE_OUT_OF_MEMORY;
   }
 
   /* Store the default password */
   if(!conn->passwd) {
-    conn->passwd = strdup(setpasswd);
+    conn->passwd = curlx_strdup(setpasswd);
     if(!conn->passwd)
       result = CURLE_OUT_OF_MEMORY;
   }
@@ -2885,7 +2882,7 @@ static CURLcode parse_connect_to_host_port(struct Curl_easy *data,
   if(!host || !*host)
     return CURLE_OK;
 
-  host_dup = strdup(host);
+  host_dup = curlx_strdup(host);
   if(!host_dup)
     return CURLE_OUT_OF_MEMORY;
 
@@ -2947,7 +2944,7 @@ static CURLcode parse_connect_to_host_port(struct Curl_easy *data,
 
   /* now, clone the cleaned hostname */
   DEBUGASSERT(hostptr);
-  *hostname_result = strdup(hostptr);
+  *hostname_result = curlx_strdup(hostptr);
   if(!*hostname_result) {
     result = CURLE_OUT_OF_MEMORY;
     goto error;
@@ -2956,7 +2953,7 @@ static CURLcode parse_connect_to_host_port(struct Curl_easy *data,
   *port_result = port;
 
 error:
-  free(host_dup);
+  curlx_free(host_dup);
   return result;
 }
 
@@ -2995,7 +2992,7 @@ static CURLcode parse_connect_to_string(struct Curl_easy *data,
     hostname_to_match_len = strlen(hostname_to_match);
     host_match = curl_strnequal(ptr, hostname_to_match,
                                 hostname_to_match_len);
-    free(hostname_to_match);
+    curlx_free(hostname_to_match);
     ptr += hostname_to_match_len;
 
     host_match = host_match && *ptr == ':';
@@ -3136,7 +3133,7 @@ static CURLcode parse_connect_to_slist(struct Curl_easy *data,
     }
 
     if(hit) {
-      char *hostd = strdup((char *)as->dst.host);
+      char *hostd = curlx_strdup((char *)as->dst.host);
       if(!hostd)
         return CURLE_OUT_OF_MEMORY;
       conn->conn_to_host.rawalloc = hostd;
@@ -3188,7 +3185,7 @@ static CURLcode resolve_unix(struct Curl_easy *data,
   /* Unix domain sockets are local. The host gets ignored, just use the
    * specified domain socket address. Do not cache "DNS entries". There is
    * no DNS involved and we already have the file system path available. */
-  hostaddr = calloc(1, sizeof(struct Curl_dns_entry));
+  hostaddr = curlx_calloc(1, sizeof(struct Curl_dns_entry));
   if(!hostaddr)
     return CURLE_OUT_OF_MEMORY;
 
@@ -3198,7 +3195,7 @@ static CURLcode resolve_unix(struct Curl_easy *data,
     if(longpath)
       /* Long paths are not supported for now */
       failf(data, "Unix socket path too long: '%s'", unix_path);
-    free(hostaddr);
+    curlx_free(hostaddr);
     return longpath ? CURLE_COULDNT_RESOLVE_HOST : CURLE_OUT_OF_MEMORY;
   }
 
@@ -3261,7 +3258,7 @@ static CURLcode resolve_server(struct Curl_easy *data,
   }
 
   /* Resolve target host right on */
-  conn->hostname_resolve = strdup(ehost->name);
+  conn->hostname_resolve = curlx_strdup(ehost->name);
   if(!conn->hostname_resolve)
     return CURLE_OUT_OF_MEMORY;
 
@@ -3308,8 +3305,8 @@ static void reuse_conn(struct Curl_easy *data,
    * be new for this request even when we reuse an existing connection */
   if(temp->user) {
     /* use the new username and password though */
-    free(existing->user);
-    free(existing->passwd);
+    curlx_free(existing->user);
+    curlx_free(existing->passwd);
     existing->user = temp->user;
     existing->passwd = temp->passwd;
     temp->user = NULL;
@@ -3320,10 +3317,10 @@ static void reuse_conn(struct Curl_easy *data,
   existing->bits.proxy_user_passwd = temp->bits.proxy_user_passwd;
   if(existing->bits.proxy_user_passwd) {
     /* use the new proxy username and proxy password though */
-    free(existing->http_proxy.user);
-    free(existing->socks_proxy.user);
-    free(existing->http_proxy.passwd);
-    free(existing->socks_proxy.passwd);
+    curlx_free(existing->http_proxy.user);
+    curlx_free(existing->socks_proxy.user);
+    curlx_free(existing->http_proxy.passwd);
+    curlx_free(existing->socks_proxy.passwd);
     existing->http_proxy.user = temp->http_proxy.user;
     existing->socks_proxy.user = temp->socks_proxy.user;
     existing->http_proxy.passwd = temp->http_proxy.passwd;
@@ -3354,7 +3351,7 @@ static void reuse_conn(struct Curl_easy *data,
 
   existing->conn_to_port = temp->conn_to_port;
   existing->remote_port = temp->remote_port;
-  free(existing->hostname_resolve);
+  curlx_free(existing->hostname_resolve);
   existing->hostname_resolve = temp->hostname_resolve;
   temp->hostname_resolve = NULL;
 
@@ -3436,7 +3433,7 @@ static CURLcode create_conn(struct Curl_easy *data,
     goto out;
 
   if(data->set.str[STRING_SASL_AUTHZID]) {
-    conn->sasl_authzid = strdup(data->set.str[STRING_SASL_AUTHZID]);
+    conn->sasl_authzid = curlx_strdup(data->set.str[STRING_SASL_AUTHZID]);
     if(!conn->sasl_authzid) {
       result = CURLE_OUT_OF_MEMORY;
       goto out;
@@ -3444,7 +3441,7 @@ static CURLcode create_conn(struct Curl_easy *data,
   }
 
   if(data->set.str[STRING_BEARER]) {
-    conn->oauth_bearer = strdup(data->set.str[STRING_BEARER]);
+    conn->oauth_bearer = curlx_strdup(data->set.str[STRING_BEARER]);
     if(!conn->oauth_bearer) {
       result = CURLE_OUT_OF_MEMORY;
       goto out;
@@ -3453,7 +3450,8 @@ static CURLcode create_conn(struct Curl_easy *data,
 
 #ifdef USE_UNIX_SOCKETS
   if(data->set.str[STRING_UNIX_SOCKET_PATH]) {
-    conn->unix_domain_socket = strdup(data->set.str[STRING_UNIX_SOCKET_PATH]);
+    conn->unix_domain_socket =
+      curlx_strdup(data->set.str[STRING_UNIX_SOCKET_PATH]);
     if(!conn->unix_domain_socket) {
       result = CURLE_OUT_OF_MEMORY;
       goto out;
@@ -3924,7 +3922,7 @@ static void priority_remove_child(struct Curl_easy *parent,
   DEBUGASSERT(pnode);
   if(pnode) {
     *pnext = pnode->next;
-    free(pnode);
+    curlx_free(pnode);
   }
 
   child->set.priority.parent = 0;
@@ -3943,7 +3941,7 @@ CURLcode Curl_data_priority_add_child(struct Curl_easy *parent,
     struct Curl_data_prio_node **tail;
     struct Curl_data_prio_node *pnode;
 
-    pnode = calloc(1, sizeof(*pnode));
+    pnode = curlx_calloc(1, sizeof(*pnode));
     if(!pnode)
       return CURLE_OUT_OF_MEMORY;
     pnode->data = child;
diff --git a/lib/urlapi.c b/lib/urlapi.c
index 9d3eb0f8cf..ad4d367dc3 100644
--- a/lib/urlapi.c
+++ b/lib/urlapi.c
@@ -37,10 +37,6 @@
 #include "curlx/strparse.h"
 #include "curl_memrchr.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 #ifdef _WIN32
   /* MS-DOS/Windows style drive prefix, eg c: in c:foo */
 #define STARTS_WITH_DRIVE_PREFIX(str) \
@@ -94,16 +90,16 @@ static CURLUcode parseurl_and_replace(const char *url, CURLU *u,
 
 static void free_urlhandle(struct Curl_URL *u)
 {
-  free(u->scheme);
-  free(u->user);
-  free(u->password);
-  free(u->options);
-  free(u->host);
-  free(u->zoneid);
-  free(u->port);
-  free(u->path);
-  free(u->query);
-  free(u->fragment);
+  curlx_free(u->scheme);
+  curlx_free(u->user);
+  curlx_free(u->password);
+  curlx_free(u->options);
+  curlx_free(u->host);
+  curlx_free(u->zoneid);
+  curlx_free(u->port);
+  curlx_free(u->path);
+  curlx_free(u->query);
+  curlx_free(u->fragment);
 }
 
 /*
@@ -384,17 +380,17 @@ static CURLUcode parse_hostname_login(struct Curl_URL *u,
       result = CURLUE_USER_NOT_ALLOWED;
       goto out;
     }
-    free(u->user);
+    curlx_free(u->user);
     u->user = userp;
   }
 
   if(passwdp) {
-    free(u->password);
+    curlx_free(u->password);
     u->password = passwdp;
   }
 
   if(optionsp) {
-    free(u->options);
+    curlx_free(u->options);
     u->options = optionsp;
   }
 
@@ -404,9 +400,9 @@ static CURLUcode parse_hostname_login(struct Curl_URL *u,
 
 out:
 
-  free(userp);
-  free(passwdp);
-  free(optionsp);
+  curlx_free(userp);
+  curlx_free(passwdp);
+  curlx_free(optionsp);
   u->user = NULL;
   u->password = NULL;
   u->options = NULL;
@@ -459,7 +455,7 @@ UNITTEST CURLUcode Curl_parse_port(struct Curl_URL *u, struct dynbuf *host,
 
     u->portnum = (unsigned short) port;
     /* generate a new port number string to get rid of leading zeroes etc */
-    free(u->port);
+    curlx_free(u->port);
     u->port = curl_maprintf("%" CURL_FORMAT_CURL_OFF_T, port);
     if(!u->port)
       return CURLUE_OUT_OF_MEMORY;
@@ -497,7 +493,7 @@ static CURLUcode ipv6_parse(struct Curl_URL *u, char *hostname,
       if(!i || (']' != *h))
         return CURLUE_BAD_IPV6;
       zoneid[i] = 0;
-      u->zoneid = strdup(zoneid);
+      u->zoneid = curlx_strdup(zoneid);
       if(!u->zoneid)
         return CURLUE_OUT_OF_MEMORY;
       hostname[len] = ']'; /* insert end bracket */
@@ -675,7 +671,7 @@ static CURLUcode urldecode_host(struct dynbuf *host)
       return CURLUE_BAD_HOSTNAME;
     curlx_dyn_reset(host);
     result = curlx_dyn_addn(host, decoded, dlen);
-    free(decoded);
+    curlx_free(decoded);
     if(result)
       return cc2cu(result);
   }
@@ -750,7 +746,7 @@ CURLUcode Curl_url_set_authority(CURLU *u, const char *authority)
   if(result)
     curlx_dyn_free(&host);
   else {
-    free(u->host);
+    curlx_free(u->host);
     u->host = curlx_dyn_ptr(&host);
   }
   return result;
@@ -894,7 +890,7 @@ end:
     if(curlx_dyn_len(&out))
       *outp = curlx_dyn_ptr(&out);
     else {
-      *outp = strdup("");
+      *outp = curlx_strdup("");
       if(!*outp)
         return 1;
     }
@@ -940,7 +936,7 @@ static CURLUcode parseurl(const char *url, CURLU *u, unsigned int flags)
     path = &url[5];
     pathlen = urllen - 5;
 
-    u->scheme = strdup("file");
+    u->scheme = curlx_strdup("file");
     if(!u->scheme) {
       result = CURLUE_OUT_OF_MEMORY;
       goto fail;
@@ -1087,7 +1083,7 @@ static CURLUcode parseurl(const char *url, CURLU *u, unsigned int flags)
     }
 
     if(schemep) {
-      u->scheme = strdup(schemep);
+      u->scheme = curlx_strdup(schemep);
       if(!u->scheme) {
         result = CURLUE_OUT_OF_MEMORY;
         goto fail;
@@ -1124,7 +1120,7 @@ static CURLUcode parseurl(const char *url, CURLU *u, unsigned int flags)
         else
           schemep = "http";
 
-        u->scheme = strdup(schemep);
+        u->scheme = curlx_strdup(schemep);
         if(!u->scheme) {
           result = CURLUE_OUT_OF_MEMORY;
           goto fail;
@@ -1197,7 +1193,7 @@ static CURLUcode parseurl(const char *url, CURLU *u, unsigned int flags)
     }
     else {
       /* single byte query */
-      u->query = strdup("");
+      u->query = curlx_strdup("");
       if(!u->query) {
         result = CURLUE_OUT_OF_MEMORY;
         goto fail;
@@ -1241,7 +1237,7 @@ static CURLUcode parseurl(const char *url, CURLU *u, unsigned int flags)
         goto fail;
       }
       if(dedot) {
-        free(u->path);
+        curlx_free(u->path);
         u->path = dedot;
       }
     }
@@ -1277,21 +1273,21 @@ static CURLUcode parseurl_and_replace(const char *url, CURLU *u,
  */
 CURLU *curl_url(void)
 {
-  return calloc(1, sizeof(struct Curl_URL));
+  return curlx_calloc(1, sizeof(struct Curl_URL));
 }
 
 void curl_url_cleanup(CURLU *u)
 {
   if(u) {
     free_urlhandle(u);
-    free(u);
+    curlx_free(u);
   }
 }
 
 #define DUP(dest, src, name)                    \
   do {                                          \
     if(src->name) {                             \
-      dest->name = strdup(src->name);           \
+      dest->name = curlx_strdup(src->name);     \
       if(!dest->name)                           \
         goto fail;                              \
     }                                           \
@@ -1299,7 +1295,7 @@ void curl_url_cleanup(CURLU *u)
 
 CURLU *curl_url_dup(const CURLU *in)
 {
-  struct Curl_URL *u = calloc(1, sizeof(struct Curl_URL));
+  struct Curl_URL *u = curlx_calloc(1, sizeof(struct Curl_URL));
   if(u) {
     DUP(u, in, scheme);
     DUP(u, in, user);
@@ -1373,7 +1369,7 @@ static CURLUcode urlget_format(const CURLU *u, CURLUPart what,
     /* this unconditional rejection of control bytes is documented
        API behavior */
     CURLcode res = Curl_urldecode(part, partlen, &decoded, &dlen, REJECT_CTRL);
-    free(part);
+    curlx_free(part);
     if(res)
       return CURLUE_URLDECODE;
     part = decoded;
@@ -1383,7 +1379,7 @@ static CURLUcode urlget_format(const CURLU *u, CURLUPart what,
     struct dynbuf enc;
     curlx_dyn_init(&enc, CURL_MAX_INPUT_LENGTH);
     uc = urlencode_str(&enc, part, partlen, TRUE, what == CURLUPART_QUERY);
-    free(part);
+    curlx_free(part);
     if(uc)
       return uc;
     part = curlx_dyn_ptr(&enc);
@@ -1392,7 +1388,7 @@ static CURLUcode urlget_format(const CURLU *u, CURLUPart what,
     if(!Curl_is_ASCII_name(u->host)) {
       char *punyversion = NULL;
       uc = host_decode(part, &punyversion);
-      free(part);
+      curlx_free(part);
       if(uc)
         return uc;
       part = punyversion;
@@ -1402,7 +1398,7 @@ static CURLUcode urlget_format(const CURLU *u, CURLUPart what,
     if(Curl_is_ASCII_name(u->host)) {
       char *unpunified = NULL;
       uc = host_encode(part, &unpunified);
-      free(part);
+      curlx_free(part);
       if(uc)
         return uc;
       part = unpunified;
@@ -1520,7 +1516,7 @@ static CURLUcode urlget_url(const CURLU *u, char **part, unsigned int flags)
                         u->query ? u->query : "",
                         show_fragment ? "#": "",
                         u->fragment ? u->fragment : "");
-    free(allochost);
+    curlx_free(allochost);
   }
   if(!url)
     return CURLUE_OUT_OF_MEMORY;
@@ -1666,7 +1662,7 @@ static CURLUcode set_url_port(CURLU *u, const char *provided_port)
   tmp = curl_maprintf("%" CURL_FORMAT_CURL_OFF_T, port);
   if(!tmp)
     return CURLUE_OUT_OF_MEMORY;
-  free(u->port);
+  curlx_free(u->port);
   u->port = tmp;
   u->portnum = (unsigned short)port;
   return CURLUE_OK;
@@ -1691,7 +1687,7 @@ static CURLUcode set_url(CURLU *u, const char *url, size_t part_size,
     if(!uc) {
       /* success, meaning the "" is a fine relative URL, but nothing
          changes */
-      free(oldurl);
+      curlx_free(oldurl);
       return CURLUE_OK;
     }
     if(uc == CURLUE_OUT_OF_MEMORY)
@@ -1715,7 +1711,7 @@ static CURLUcode set_url(CURLU *u, const char *url, size_t part_size,
   DEBUGASSERT(oldurl); /* it is set here */
   /* apply the relative part to create a new URL */
   uc = redirect_url(oldurl, url, u, flags);
-  free(oldurl);
+  curlx_free(oldurl);
   return uc;
 }
 
@@ -1930,7 +1926,7 @@ CURLUcode curl_url_set(CURLU *u, CURLUPart what,
         if(curlx_dyn_add(&qbuf, newp))
           goto nomem;
         curlx_dyn_free(&enc);
-        free(*storep);
+        curlx_free(*storep);
         *storep = curlx_dyn_ptr(&qbuf);
         return CURLUE_OK;
 nomem:
@@ -1957,7 +1953,7 @@ nomem:
             Curl_urldecode(newp, n, &decoded, &dlen, REJECT_CTRL);
           if(result || hostname_check(u, decoded, dlen))
             bad = TRUE;
-          free(decoded);
+          curlx_free(decoded);
         }
         else if(hostname_check(u, (char *)CURL_UNCONST(newp), n))
           bad = TRUE;
@@ -1968,7 +1964,7 @@ nomem:
       }
     }
 
-    free(*storep);
+    curlx_free(*storep);
     *storep = (char *)CURL_UNCONST(newp);
   }
   return CURLUE_OK;
diff --git a/lib/vauth/cleartext.c b/lib/vauth/cleartext.c
index 884ebce0f2..d259bc42b5 100644
--- a/lib/vauth/cleartext.c
+++ b/lib/vauth/cleartext.c
@@ -38,10 +38,6 @@
 #include "../curlx/warnless.h"
 #include "../sendf.h"
 
-/* The last #include files should be: */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 /*
  * Curl_auth_create_plain_message()
  *
diff --git a/lib/vauth/cram.c b/lib/vauth/cram.c
index 2754ddc4a2..3b02e5751f 100644
--- a/lib/vauth/cram.c
+++ b/lib/vauth/cram.c
@@ -36,10 +36,6 @@
 #include "../curl_md5.h"
 #include "../curlx/warnless.h"
 
-/* The last #include files should be: */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 
 /*
  * Curl_auth_create_cram_md5_message()
diff --git a/lib/vauth/digest.c b/lib/vauth/digest.c
index 16045707fd..850891f175 100644
--- a/lib/vauth/digest.c
+++ b/lib/vauth/digest.c
@@ -44,10 +44,6 @@
 #include "../curlx/strparse.h"
 #include "../rand.h"
 
-/* The last #include files should be: */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 #ifndef USE_WINDOWS_SSPI
 #define SESSION_ALGO 1 /* for algos with this bit set */
 
@@ -174,7 +170,7 @@ static char *auth_digest_string_quoted(const char *source)
     ++s;
   }
 
-  dest = malloc(n);
+  dest = curlx_malloc(n);
   if(dest) {
     char *d = dest;
     s = source;
@@ -426,7 +422,7 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data,
   /* Calculate H(A2) */
   ctxt = Curl_MD5_init(&Curl_DIGEST_MD5);
   if(!ctxt) {
-    free(spn);
+    curlx_free(spn);
 
     return CURLE_OUT_OF_MEMORY;
   }
@@ -444,7 +440,7 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data,
   /* Now calculate the response hash */
   ctxt = Curl_MD5_init(&Curl_DIGEST_MD5);
   if(!ctxt) {
-    free(spn);
+    curlx_free(spn);
 
     return CURLE_OUT_OF_MEMORY;
   }
@@ -477,7 +473,7 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data,
                            "response=%s,qop=%s",
                            userp, realm, nonce,
                            cnonce, nonceCount, spn, resp_hash_hex, qop);
-  free(spn);
+  curlx_free(spn);
   if(!response)
     return CURLE_OUT_OF_MEMORY;
 
@@ -522,8 +518,8 @@ CURLcode Curl_auth_decode_digest_http_message(const char *chlg,
     /* Extract a value=content pair */
     if(Curl_auth_digest_get_pair(chlg, value, content, &chlg)) {
       if(curl_strequal(value, "nonce")) {
-        free(digest->nonce);
-        digest->nonce = strdup(content);
+        curlx_free(digest->nonce);
+        digest->nonce = curlx_strdup(content);
         if(!digest->nonce)
           return CURLE_OUT_OF_MEMORY;
       }
@@ -534,14 +530,14 @@ CURLcode Curl_auth_decode_digest_http_message(const char *chlg,
         }
       }
       else if(curl_strequal(value, "realm")) {
-        free(digest->realm);
-        digest->realm = strdup(content);
+        curlx_free(digest->realm);
+        digest->realm = curlx_strdup(content);
         if(!digest->realm)
           return CURLE_OUT_OF_MEMORY;
       }
       else if(curl_strequal(value, "opaque")) {
-        free(digest->opaque);
-        digest->opaque = strdup(content);
+        curlx_free(digest->opaque);
+        digest->opaque = curlx_strdup(content);
         if(!digest->opaque)
           return CURLE_OUT_OF_MEMORY;
       }
@@ -567,21 +563,21 @@ CURLcode Curl_auth_decode_digest_http_message(const char *chlg,
 
         /* Select only auth or auth-int. Otherwise, ignore */
         if(foundAuth) {
-          free(digest->qop);
-          digest->qop = strdup(DIGEST_QOP_VALUE_STRING_AUTH);
+          curlx_free(digest->qop);
+          digest->qop = curlx_strdup(DIGEST_QOP_VALUE_STRING_AUTH);
           if(!digest->qop)
             return CURLE_OUT_OF_MEMORY;
         }
         else if(foundAuthInt) {
-          free(digest->qop);
-          digest->qop = strdup(DIGEST_QOP_VALUE_STRING_AUTH_INT);
+          curlx_free(digest->qop);
+          digest->qop = curlx_strdup(DIGEST_QOP_VALUE_STRING_AUTH_INT);
           if(!digest->qop)
             return CURLE_OUT_OF_MEMORY;
         }
       }
       else if(curl_strequal(value, "algorithm")) {
-        free(digest->algorithm);
-        digest->algorithm = strdup(content);
+        curlx_free(digest->algorithm);
+        digest->algorithm = curlx_strdup(content);
         if(!digest->algorithm)
           return CURLE_OUT_OF_MEMORY;
 
@@ -725,7 +721,7 @@ static CURLcode auth_create_digest_http_message(
       return CURLE_OUT_OF_MEMORY;
 
     result = hash(hashbuf, (unsigned char *) hashthis, strlen(hashthis));
-    free(hashthis);
+    curlx_free(hashthis);
     if(result)
       return result;
     convert_to_ascii(hashbuf, (unsigned char *)userh);
@@ -748,7 +744,7 @@ static CURLcode auth_create_digest_http_message(
     return CURLE_OUT_OF_MEMORY;
 
   result = hash(hashbuf, (unsigned char *) hashthis, strlen(hashthis));
-  free(hashthis);
+  curlx_free(hashthis);
   if(result)
     return result;
   convert_to_ascii(hashbuf, ha1);
@@ -760,7 +756,7 @@ static CURLcode auth_create_digest_http_message(
       return CURLE_OUT_OF_MEMORY;
 
     result = hash(hashbuf, (unsigned char *) tmp, strlen(tmp));
-    free(tmp);
+    curlx_free(tmp);
     if(result)
       return result;
     convert_to_ascii(hashbuf, ha1);
@@ -790,13 +786,13 @@ static CURLcode auth_create_digest_http_message(
 
     result = hash(hashbuf, (const unsigned char *)"", 0);
     if(result) {
-      free(hashthis);
+      curlx_free(hashthis);
       return result;
     }
     convert_to_ascii(hashbuf, (unsigned char *)hashed);
 
     hashthis2 = curl_maprintf("%s:%s", hashthis, hashed);
-    free(hashthis);
+    curlx_free(hashthis);
     hashthis = hashthis2;
   }
 
@@ -804,7 +800,7 @@ static CURLcode auth_create_digest_http_message(
     return CURLE_OUT_OF_MEMORY;
 
   result = hash(hashbuf, (unsigned char *) hashthis, strlen(hashthis));
-  free(hashthis);
+  curlx_free(hashthis);
   if(result)
     return result;
   convert_to_ascii(hashbuf, ha2);
@@ -821,7 +817,7 @@ static CURLcode auth_create_digest_http_message(
     return CURLE_OUT_OF_MEMORY;
 
   result = hash(hashbuf, (unsigned char *) hashthis, strlen(hashthis));
-  free(hashthis);
+  curlx_free(hashthis);
   if(result)
     return result;
   convert_to_ascii(hashbuf, request_digest);
@@ -845,18 +841,18 @@ static CURLcode auth_create_digest_http_message(
   if(digest->realm)
     realm_quoted = auth_digest_string_quoted(digest->realm);
   else {
-    realm_quoted = malloc(1);
+    realm_quoted = curlx_malloc(1);
     if(realm_quoted)
       realm_quoted[0] = 0;
   }
   if(!realm_quoted) {
-    free(userp_quoted);
+    curlx_free(userp_quoted);
     return CURLE_OUT_OF_MEMORY;
   }
   nonce_quoted = auth_digest_string_quoted(digest->nonce);
   if(!nonce_quoted) {
-    free(realm_quoted);
-    free(userp_quoted);
+    curlx_free(realm_quoted);
+    curlx_free(userp_quoted);
     return CURLE_OUT_OF_MEMORY;
   }
 
@@ -893,9 +889,9 @@ static CURLcode auth_create_digest_http_message(
                              uripath,
                              request_digest);
   }
-  free(nonce_quoted);
-  free(realm_quoted);
-  free(userp_quoted);
+  curlx_free(nonce_quoted);
+  curlx_free(realm_quoted);
+  curlx_free(userp_quoted);
   if(!response)
     return CURLE_OUT_OF_MEMORY;
 
@@ -905,12 +901,12 @@ static CURLcode auth_create_digest_http_message(
     /* Append the opaque */
     opaque_quoted = auth_digest_string_quoted(digest->opaque);
     if(!opaque_quoted) {
-      free(response);
+      curlx_free(response);
       return CURLE_OUT_OF_MEMORY;
     }
     tmp = curl_maprintf("%s, opaque=\"%s\"", response, opaque_quoted);
-    free(response);
-    free(opaque_quoted);
+    curlx_free(response);
+    curlx_free(opaque_quoted);
     if(!tmp)
       return CURLE_OUT_OF_MEMORY;
 
@@ -920,7 +916,7 @@ static CURLcode auth_create_digest_http_message(
   if(digest->algorithm) {
     /* Append the algorithm */
     tmp = curl_maprintf("%s, algorithm=%s", response, digest->algorithm);
-    free(response);
+    curlx_free(response);
     if(!tmp)
       return CURLE_OUT_OF_MEMORY;
 
@@ -930,7 +926,7 @@ static CURLcode auth_create_digest_http_message(
   if(digest->userhash) {
     /* Append the userhash */
     tmp = curl_maprintf("%s, userhash=true", response);
-    free(response);
+    curlx_free(response);
     if(!tmp)
       return CURLE_OUT_OF_MEMORY;
 
diff --git a/lib/vauth/digest_sspi.c b/lib/vauth/digest_sspi.c
index f730c52987..ea6a66af9f 100644
--- a/lib/vauth/digest_sspi.c
+++ b/lib/vauth/digest_sspi.c
@@ -41,10 +41,6 @@
 #include "../strcase.h"
 #include "../strerror.h"
 
-/* The last #include files should be: */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 /*
 * Curl_auth_is_digest_supported()
 *
@@ -135,14 +131,14 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data,
   Curl_pSecFn->FreeContextBuffer(SecurityPackage);
 
   /* Allocate our response buffer */
-  output_token = malloc(token_max);
+  output_token = curlx_malloc(token_max);
   if(!output_token)
     return CURLE_OUT_OF_MEMORY;
 
   /* Generate our SPN */
   spn = Curl_auth_build_spn(service, data->conn->host.name, NULL);
   if(!spn) {
-    free(output_token);
+    curlx_free(output_token);
     return CURLE_OUT_OF_MEMORY;
   }
 
@@ -150,8 +146,8 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data,
     /* Populate our identity structure */
     result = Curl_create_sspi_identity(userp, passwdp, &identity);
     if(result) {
-      free(spn);
-      free(output_token);
+      curlx_free(spn);
+      curlx_free(output_token);
       return result;
     }
 
@@ -171,8 +167,8 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data,
 
   if(status != SEC_E_OK) {
     Curl_sspi_free_identity(p_identity);
-    free(spn);
-    free(output_token);
+    curlx_free(spn);
+    curlx_free(output_token);
     return CURLE_LOGIN_DENIED;
   }
 
@@ -208,8 +204,8 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data,
 
     Curl_pSecFn->FreeCredentialsHandle(&credentials);
     Curl_sspi_free_identity(p_identity);
-    free(spn);
-    free(output_token);
+    curlx_free(spn);
+    curlx_free(output_token);
 
     if(status == SEC_E_INSUFFICIENT_MEMORY)
       return CURLE_OUT_OF_MEMORY;
@@ -233,7 +229,7 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data,
   Curl_sspi_free_identity(p_identity);
 
   /* Free the SPN */
-  free(spn);
+  curlx_free(spn);
 
   return result;
 }
@@ -276,13 +272,13 @@ CURLcode Curl_override_sspi_http_realm(const char *chlg,
           if(!domain.tchar_ptr)
             return CURLE_OUT_OF_MEMORY;
 
-          dup_domain.tchar_ptr = Curl_tcsdup(domain.tchar_ptr);
+          dup_domain.tchar_ptr = curlx_tcsdup(domain.tchar_ptr);
           if(!dup_domain.tchar_ptr) {
             curlx_unicodefree(domain.tchar_ptr);
             return CURLE_OUT_OF_MEMORY;
           }
 
-          free(identity->Domain);
+          curlx_free(identity->Domain);
           identity->Domain = dup_domain.tbyte_ptr;
           identity->DomainLength = curlx_uztoul(_tcslen(dup_domain.tchar_ptr));
           dup_domain.tchar_ptr = NULL;
@@ -429,7 +425,7 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
 
   /* Allocate the output buffer according to the max token size as indicated
      by the security package */
-  output_token = malloc(token_max);
+  output_token = curlx_malloc(token_max);
   if(!output_token) {
     return CURLE_OUT_OF_MEMORY;
   }
@@ -495,7 +491,7 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
     if(userp && *userp) {
       /* Populate our identity structure */
       if(Curl_create_sspi_identity(userp, passwdp, &identity)) {
-        free(output_token);
+        curlx_free(output_token);
         return CURLE_OUT_OF_MEMORY;
       }
 
@@ -503,7 +499,7 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
       if(Curl_override_sspi_http_realm((const char *) digest->input_token,
                                        &identity)) {
         Curl_sspi_free_identity(&identity);
-        free(output_token);
+        curlx_free(output_token);
         return CURLE_OUT_OF_MEMORY;
       }
 
@@ -515,20 +511,20 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
       p_identity = NULL;
 
     if(userp) {
-      digest->user = strdup(userp);
+      digest->user = curlx_strdup(userp);
 
       if(!digest->user) {
-        free(output_token);
+        curlx_free(output_token);
         Curl_sspi_free_identity(p_identity);
         return CURLE_OUT_OF_MEMORY;
       }
     }
 
     if(passwdp) {
-      digest->passwd = strdup(passwdp);
+      digest->passwd = curlx_strdup(passwdp);
 
       if(!digest->passwd) {
-        free(output_token);
+        curlx_free(output_token);
         Curl_sspi_free_identity(p_identity);
         Curl_safefree(digest->user);
         return CURLE_OUT_OF_MEMORY;
@@ -543,7 +539,7 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
                                    &credentials, NULL);
     if(status != SEC_E_OK) {
       Curl_sspi_free_identity(p_identity);
-      free(output_token);
+      curlx_free(output_token);
 
       return CURLE_LOGIN_DENIED;
     }
@@ -575,18 +571,18 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
       Curl_pSecFn->FreeCredentialsHandle(&credentials);
 
       Curl_sspi_free_identity(p_identity);
-      free(output_token);
+      curlx_free(output_token);
 
       return CURLE_OUT_OF_MEMORY;
     }
 
     /* Allocate our new context handle */
-    digest->http_context = calloc(1, sizeof(CtxtHandle));
+    digest->http_context = curlx_calloc(1, sizeof(CtxtHandle));
     if(!digest->http_context) {
       Curl_pSecFn->FreeCredentialsHandle(&credentials);
       curlx_unicodefree(spn);
       Curl_sspi_free_identity(p_identity);
-      free(output_token);
+      curlx_free(output_token);
       return CURLE_OUT_OF_MEMORY;
     }
 
@@ -610,7 +606,7 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
       Curl_pSecFn->FreeCredentialsHandle(&credentials);
 
       Curl_sspi_free_identity(p_identity);
-      free(output_token);
+      curlx_free(output_token);
 
       Curl_safefree(digest->http_context);
 
@@ -632,7 +628,7 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
   }
 
   resp = Curl_memdup0((const char *)output_token, output_token_len);
-  free(output_token);
+  curlx_free(output_token);
   if(!resp) {
     return CURLE_OUT_OF_MEMORY;
   }
diff --git a/lib/vauth/gsasl.c b/lib/vauth/gsasl.c
index 119c392cda..debeda0604 100644
--- a/lib/vauth/gsasl.c
+++ b/lib/vauth/gsasl.c
@@ -36,10 +36,6 @@
 
 #include 
 
-/* The last 2 #include files should be in this order */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 bool Curl_auth_gsasl_is_supported(struct Curl_easy *data,
                                   const char *mech,
                                   struct gsasldata *gsasl)
diff --git a/lib/vauth/krb5_gssapi.c b/lib/vauth/krb5_gssapi.c
index a414d0a359..9ea36171fa 100644
--- a/lib/vauth/krb5_gssapi.c
+++ b/lib/vauth/krb5_gssapi.c
@@ -37,10 +37,6 @@
 #include "../curl_gssapi.h"
 #include "../sendf.h"
 
-/* The last #include files should be: */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 #if defined(__GNUC__) && defined(__APPLE__)
 #pragma GCC diagnostic push
 #pragma GCC diagnostic ignored "-Wdeprecated-declarations"
@@ -120,12 +116,12 @@ CURLcode Curl_auth_create_gssapi_user_message(struct Curl_easy *data,
       Curl_gss_log_error(data, "gss_import_name() failed: ",
                          major_status, minor_status);
 
-      free(spn);
+      curlx_free(spn);
 
       return CURLE_AUTH_ERROR;
     }
 
-    free(spn);
+    curlx_free(spn);
   }
 
   if(chlg) {
@@ -258,7 +254,7 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data,
   messagelen = 4;
   if(authzid)
     messagelen += strlen(authzid);
-  message = malloc(messagelen);
+  message = curlx_malloc(messagelen);
   if(!message)
     return CURLE_OUT_OF_MEMORY;
 
@@ -285,7 +281,7 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data,
   if(GSS_ERROR(major_status)) {
     Curl_gss_log_error(data, "gss_wrap() failed: ",
                        major_status, minor_status);
-    free(message);
+    curlx_free(message);
     return CURLE_AUTH_ERROR;
   }
 
@@ -295,7 +291,7 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data,
   gss_release_buffer(&unused_status, &output_token);
 
   /* Free the message buffer */
-  free(message);
+  curlx_free(message);
 
   return result;
 }
diff --git a/lib/vauth/krb5_sspi.c b/lib/vauth/krb5_sspi.c
index cad2412d17..10fbac7644 100644
--- a/lib/vauth/krb5_sspi.c
+++ b/lib/vauth/krb5_sspi.c
@@ -36,10 +36,6 @@
 #include "../curlx/multibyte.h"
 #include "../sendf.h"
 
-/* The last #include files should be: */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 /*
  * Curl_auth_is_gssapi_supported()
  *
@@ -131,7 +127,7 @@ CURLcode Curl_auth_create_gssapi_user_message(struct Curl_easy *data,
     Curl_pSecFn->FreeContextBuffer(SecurityPackage);
 
     /* Allocate our response buffer */
-    krb5->output_token = malloc(krb5->token_max);
+    krb5->output_token = curlx_malloc(krb5->token_max);
     if(!krb5->output_token)
       return CURLE_OUT_OF_MEMORY;
   }
@@ -152,7 +148,7 @@ CURLcode Curl_auth_create_gssapi_user_message(struct Curl_easy *data,
       krb5->p_identity = NULL;
 
     /* Allocate our credentials handle */
-    krb5->credentials = calloc(1, sizeof(CredHandle));
+    krb5->credentials = curlx_calloc(1, sizeof(CredHandle));
     if(!krb5->credentials)
       return CURLE_OUT_OF_MEMORY;
 
@@ -166,7 +162,7 @@ CURLcode Curl_auth_create_gssapi_user_message(struct Curl_easy *data,
       return CURLE_LOGIN_DENIED;
 
     /* Allocate our new context handle */
-    krb5->context = calloc(1, sizeof(CtxtHandle));
+    krb5->context = curlx_calloc(1, sizeof(CtxtHandle));
     if(!krb5->context)
       return CURLE_OUT_OF_MEMORY;
   }
@@ -340,7 +336,7 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data,
   }
 
   /* Allocate the trailer */
-  trailer = malloc(sizes.cbSecurityTrailer);
+  trailer = curlx_malloc(sizes.cbSecurityTrailer);
   if(!trailer)
     return CURLE_OUT_OF_MEMORY;
 
@@ -348,7 +344,7 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data,
   messagelen = 4;
   if(authzid)
     messagelen += strlen(authzid);
-  message = malloc(messagelen);
+  message = curlx_malloc(messagelen);
   if(!message) {
     result = CURLE_OUT_OF_MEMORY;
     goto out;
@@ -367,7 +363,7 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data,
     memcpy(message + 4, authzid, messagelen - 4);
 
   /* Allocate the padding */
-  padding = malloc(sizes.cbBlockSize);
+  padding = curlx_malloc(sizes.cbBlockSize);
   if(!padding) {
     result = CURLE_OUT_OF_MEMORY;
     goto out;
@@ -401,7 +397,7 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data,
   /* Allocate the encryption (wrap) buffer */
   appdatalen = wrap_buf[0].cbBuffer + wrap_buf[1].cbBuffer +
                wrap_buf[2].cbBuffer;
-  appdata = malloc(appdatalen);
+  appdata = curlx_malloc(appdatalen);
   if(!appdata) {
     result = CURLE_OUT_OF_MEMORY;
     goto out;
@@ -416,9 +412,9 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data,
 
 out:
   /* Free all of our local buffers */
-  free(padding);
-  free(message);
-  free(trailer);
+  curlx_free(padding);
+  curlx_free(message);
+  curlx_free(trailer);
 
   if(result)
     return result;
@@ -443,14 +439,14 @@ void Curl_auth_cleanup_gssapi(struct kerberos5data *krb5)
   /* Free our security context */
   if(krb5->context) {
     Curl_pSecFn->DeleteSecurityContext(krb5->context);
-    free(krb5->context);
+    curlx_free(krb5->context);
     krb5->context = NULL;
   }
 
   /* Free our credentials handle */
   if(krb5->credentials) {
     Curl_pSecFn->FreeCredentialsHandle(krb5->credentials);
-    free(krb5->credentials);
+    curlx_free(krb5->credentials);
     krb5->credentials = NULL;
   }
 
diff --git a/lib/vauth/ntlm.c b/lib/vauth/ntlm.c
index 1e9b629d8f..a757d1c8f9 100644
--- a/lib/vauth/ntlm.c
+++ b/lib/vauth/ntlm.c
@@ -48,10 +48,6 @@
 #include "vauth.h"
 #include "../curl_endian.h"
 
-/* The last #include files should be: */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 
 /* NTLM buffer fixed size, large enough for long user + host + domain */
 #define NTLM_BUFSIZE 1024
@@ -282,7 +278,7 @@ static CURLcode ntlm_decode_type2_target(struct Curl_easy *data,
         return CURLE_BAD_CONTENT_ENCODING;
       }
 
-      free(ntlm->target_info); /* replace any previous data */
+      curlx_free(ntlm->target_info); /* replace any previous data */
       ntlm->target_info = Curl_memdup(&type2[target_info_offset],
                                       target_info_len);
       if(!ntlm->target_info)
@@ -842,7 +838,7 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data,
   result = Curl_bufref_memdup(out, ntlmbuf, size);
 
 error:
-  free(ntlmv2resp);  /* Free the dynamic buffer allocated for NTLMv2 */
+  curlx_free(ntlmv2resp);  /* Free the dynamic buffer allocated for NTLMv2 */
 
   Curl_auth_cleanup_ntlm(ntlm);
 
diff --git a/lib/vauth/ntlm_sspi.c b/lib/vauth/ntlm_sspi.c
index 071617182e..d976bc5d21 100644
--- a/lib/vauth/ntlm_sspi.c
+++ b/lib/vauth/ntlm_sspi.c
@@ -36,10 +36,6 @@
 #include "../sendf.h"
 #include "../strdup.h"
 
-/* The last #include files should be: */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 /*
  * Curl_auth_is_ntlm_supported()
  *
@@ -117,7 +113,7 @@ CURLcode Curl_auth_create_ntlm_type1_message(struct Curl_easy *data,
   Curl_pSecFn->FreeContextBuffer(SecurityPackage);
 
   /* Allocate our output buffer */
-  ntlm->output_token = malloc(ntlm->token_max);
+  ntlm->output_token = curlx_malloc(ntlm->token_max);
   if(!ntlm->output_token)
     return CURLE_OUT_OF_MEMORY;
 
@@ -137,7 +133,7 @@ CURLcode Curl_auth_create_ntlm_type1_message(struct Curl_easy *data,
     ntlm->p_identity = NULL;
 
   /* Allocate our credentials handle */
-  ntlm->credentials = calloc(1, sizeof(CredHandle));
+  ntlm->credentials = curlx_calloc(1, sizeof(CredHandle));
   if(!ntlm->credentials)
     return CURLE_OUT_OF_MEMORY;
 
@@ -151,7 +147,7 @@ CURLcode Curl_auth_create_ntlm_type1_message(struct Curl_easy *data,
     return CURLE_LOGIN_DENIED;
 
   /* Allocate our new context handle */
-  ntlm->context = calloc(1, sizeof(CtxtHandle));
+  ntlm->context = curlx_calloc(1, sizeof(CtxtHandle));
   if(!ntlm->context)
     return CURLE_OUT_OF_MEMORY;
 
@@ -343,14 +339,14 @@ void Curl_auth_cleanup_ntlm(struct ntlmdata *ntlm)
   /* Free our security context */
   if(ntlm->context) {
     Curl_pSecFn->DeleteSecurityContext(ntlm->context);
-    free(ntlm->context);
+    curlx_free(ntlm->context);
     ntlm->context = NULL;
   }
 
   /* Free our credentials handle */
   if(ntlm->credentials) {
     Curl_pSecFn->FreeCredentialsHandle(ntlm->credentials);
-    free(ntlm->credentials);
+    curlx_free(ntlm->credentials);
     ntlm->credentials = NULL;
   }
 
diff --git a/lib/vauth/oauth2.c b/lib/vauth/oauth2.c
index cf7addf535..0bb7a9d6bd 100644
--- a/lib/vauth/oauth2.c
+++ b/lib/vauth/oauth2.c
@@ -36,10 +36,6 @@
 #include "vauth.h"
 #include "../curlx/warnless.h"
 
-/* The last #include files should be: */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 /*
  * Curl_auth_create_oauth_bearer_message()
  *
diff --git a/lib/vauth/spnego_gssapi.c b/lib/vauth/spnego_gssapi.c
index 4e9125ba44..f956f2c03e 100644
--- a/lib/vauth/spnego_gssapi.c
+++ b/lib/vauth/spnego_gssapi.c
@@ -38,10 +38,6 @@
 #include "../curlx/multibyte.h"
 #include "../sendf.h"
 
-/* The last #include files should be: */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 #if defined(__GNUC__) && defined(__APPLE__)
 #pragma GCC diagnostic push
 #pragma GCC diagnostic ignored "-Wdeprecated-declarations"
@@ -131,12 +127,12 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
       Curl_gss_log_error(data, "gss_import_name() failed: ",
                          major_status, minor_status);
 
-      free(spn);
+      curlx_free(spn);
 
       return CURLE_AUTH_ERROR;
     }
 
-    free(spn);
+    curlx_free(spn);
   }
 
   if(chlg64 && *chlg64) {
diff --git a/lib/vauth/spnego_sspi.c b/lib/vauth/spnego_sspi.c
index b36535557b..90e622da3d 100644
--- a/lib/vauth/spnego_sspi.c
+++ b/lib/vauth/spnego_sspi.c
@@ -38,10 +38,6 @@
 #include "../sendf.h"
 #include "../strerror.h"
 
-/* The last #include files should be: */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 /*
  * Curl_auth_is_spnego_supported()
  *
@@ -140,7 +136,7 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
     Curl_pSecFn->FreeContextBuffer(SecurityPackage);
 
     /* Allocate our output buffer */
-    nego->output_token = malloc(nego->token_max);
+    nego->output_token = curlx_malloc(nego->token_max);
     if(!nego->output_token)
       return CURLE_OUT_OF_MEMORY;
  }
@@ -161,7 +157,7 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
       nego->p_identity = NULL;
 
     /* Allocate our credentials handle */
-    nego->credentials = calloc(1, sizeof(CredHandle));
+    nego->credentials = curlx_calloc(1, sizeof(CredHandle));
     if(!nego->credentials)
       return CURLE_OUT_OF_MEMORY;
 
@@ -175,7 +171,7 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
       return CURLE_AUTH_ERROR;
 
     /* Allocate our new context handle */
-    nego->context = calloc(1, sizeof(CtxtHandle));
+    nego->context = curlx_calloc(1, sizeof(CtxtHandle));
     if(!nego->context)
       return CURLE_OUT_OF_MEMORY;
   }
@@ -248,7 +244,7 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
                                            &resp_desc, &attrs, NULL);
 
   /* Free the decoded challenge as it is not required anymore */
-  free(chlg);
+  curlx_free(chlg);
 
   if(GSS_ERROR(nego->status)) {
     char buffer[STRERROR_LEN];
@@ -305,7 +301,7 @@ CURLcode Curl_auth_create_spnego_message(struct negotiatedata *nego,
                                         nego->output_token_length, outptr,
                                         outlen);
   if(!result && (!*outptr || !*outlen)) {
-    free(*outptr);
+    curlx_free(*outptr);
     result = CURLE_REMOTE_ACCESS_DENIED;
   }
 
@@ -327,14 +323,14 @@ void Curl_auth_cleanup_spnego(struct negotiatedata *nego)
   /* Free our security context */
   if(nego->context) {
     Curl_pSecFn->DeleteSecurityContext(nego->context);
-    free(nego->context);
+    curlx_free(nego->context);
     nego->context = NULL;
   }
 
   /* Free our credentials handle */
   if(nego->credentials) {
     Curl_pSecFn->FreeCredentialsHandle(nego->credentials);
-    free(nego->credentials);
+    curlx_free(nego->credentials);
     nego->credentials = NULL;
   }
 
diff --git a/lib/vauth/vauth.c b/lib/vauth/vauth.c
index 6ee687dcab..6626ace8bc 100644
--- a/lib/vauth/vauth.c
+++ b/lib/vauth/vauth.c
@@ -32,10 +32,6 @@
 #include "../curlx/multibyte.h"
 #include "../url.h"
 
-/* The last #include files should be: */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 /*
  * Curl_auth_build_spn()
  *
@@ -96,10 +92,10 @@ TCHAR *Curl_auth_build_spn(const char *service, const char *host,
      must be freed by curlx_unicodefree we will dupe the result so that the
      pointer this function returns can be normally free'd. */
   tchar_spn = curlx_convert_UTF8_to_tchar(utf8_spn);
-  free(utf8_spn);
+  curlx_free(utf8_spn);
   if(!tchar_spn)
     return NULL;
-  dupe_tchar_spn = Curl_tcsdup(tchar_spn);
+  dupe_tchar_spn = curlx_tcsdup(tchar_spn);
   curlx_unicodefree(tchar_spn);
   return dupe_tchar_spn;
 }
@@ -170,7 +166,7 @@ static void ntlm_conn_dtor(void *key, size_t klen, void *entry)
   (void)klen;
   DEBUGASSERT(ntlm);
   Curl_auth_cleanup_ntlm(ntlm);
-  free(ntlm);
+  curlx_free(ntlm);
 }
 
 struct ntlmdata *Curl_auth_ntlm_get(struct connectdata *conn, bool proxy)
@@ -179,7 +175,7 @@ struct ntlmdata *Curl_auth_ntlm_get(struct connectdata *conn, bool proxy)
                     CURL_META_NTLM_CONN;
   struct ntlmdata *ntlm = Curl_conn_meta_get(conn, key);
   if(!ntlm) {
-    ntlm = calloc(1, sizeof(*ntlm));
+    ntlm = curlx_calloc(1, sizeof(*ntlm));
     if(!ntlm ||
        Curl_conn_meta_set(conn, key, ntlm, ntlm_conn_dtor))
       return NULL;
@@ -204,14 +200,14 @@ static void krb5_conn_dtor(void *key, size_t klen, void *entry)
   (void)klen;
   DEBUGASSERT(krb5);
   Curl_auth_cleanup_gssapi(krb5);
-  free(krb5);
+  curlx_free(krb5);
 }
 
 struct kerberos5data *Curl_auth_krb5_get(struct connectdata *conn)
 {
   struct kerberos5data *krb5 = Curl_conn_meta_get(conn, CURL_META_KRB5_CONN);
   if(!krb5) {
-    krb5 = calloc(1, sizeof(*krb5));
+    krb5 = curlx_calloc(1, sizeof(*krb5));
     if(!krb5 ||
        Curl_conn_meta_set(conn, CURL_META_KRB5_CONN, krb5, krb5_conn_dtor))
       return NULL;
@@ -230,14 +226,14 @@ static void gsasl_conn_dtor(void *key, size_t klen, void *entry)
   (void)klen;
   DEBUGASSERT(gsasl);
   Curl_auth_gsasl_cleanup(gsasl);
-  free(gsasl);
+  curlx_free(gsasl);
 }
 
 struct gsasldata *Curl_auth_gsasl_get(struct connectdata *conn)
 {
   struct gsasldata *gsasl = Curl_conn_meta_get(conn, CURL_META_GSASL_CONN);
   if(!gsasl) {
-    gsasl = calloc(1, sizeof(*gsasl));
+    gsasl = curlx_calloc(1, sizeof(*gsasl));
     if(!gsasl ||
        Curl_conn_meta_set(conn, CURL_META_GSASL_CONN, gsasl, gsasl_conn_dtor))
       return NULL;
@@ -256,7 +252,7 @@ static void nego_conn_dtor(void *key, size_t klen, void *entry)
   (void)klen;
   DEBUGASSERT(nego);
   Curl_auth_cleanup_spnego(nego);
-  free(nego);
+  curlx_free(nego);
 }
 
 struct negotiatedata *Curl_auth_nego_get(struct connectdata *conn, bool proxy)
@@ -265,7 +261,7 @@ struct negotiatedata *Curl_auth_nego_get(struct connectdata *conn, bool proxy)
                     CURL_META_NEGO_CONN;
   struct negotiatedata *nego = Curl_conn_meta_get(conn, key);
   if(!nego) {
-    nego = calloc(1, sizeof(*nego));
+    nego = curlx_calloc(1, sizeof(*nego));
     if(!nego ||
        Curl_conn_meta_set(conn, key, nego, nego_conn_dtor))
       return NULL;
diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c
index 86f7428048..4767780a92 100644
--- a/lib/vquic/curl_ngtcp2.c
+++ b/lib/vquic/curl_ngtcp2.c
@@ -71,10 +71,6 @@
 
 #include "../curlx/warnless.h"
 
-/* The last 2 #include files should be in this order */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 
 #define QUIC_MAX_STREAMS (256*1024)
 #define QUIC_HANDSHAKE_TIMEOUT (10*NGTCP2_SECONDS)
@@ -182,7 +178,7 @@ static void cf_ngtcp2_ctx_free(struct cf_ngtcp2_ctx *ctx)
     Curl_uint32_hash_destroy(&ctx->streams);
     Curl_ssl_peer_cleanup(&ctx->peer);
   }
-  free(ctx);
+  curlx_free(ctx);
 }
 
 static void cf_ngtcp2_setup_keep_alive(struct Curl_cfilter *cf,
@@ -255,7 +251,7 @@ static void h3_stream_ctx_free(struct h3_stream_ctx *stream)
 {
   Curl_bufq_free(&stream->sendbuf);
   Curl_h1_req_parse_free(&stream->h1);
-  free(stream);
+  curlx_free(stream);
 }
 
 static void h3_stream_hash_free(unsigned int id, void *stream)
@@ -277,7 +273,7 @@ static CURLcode h3_data_setup(struct Curl_cfilter *cf,
   if(stream)
     return CURLE_OK;
 
-  stream = calloc(1, sizeof(*stream));
+  stream = curlx_calloc(1, sizeof(*stream));
   if(!stream)
     return CURLE_OUT_OF_MEMORY;
 
@@ -1573,7 +1569,7 @@ static CURLcode h3_stream_open(struct Curl_cfilter *cf,
   Curl_h1_req_parse_free(&stream->h1);
 
   nheader = Curl_dynhds_count(&h2_headers);
-  nva = malloc(sizeof(nghttp3_nv) * nheader);
+  nva = curlx_malloc(sizeof(nghttp3_nv) * nheader);
   if(!nva) {
     result = CURLE_OUT_OF_MEMORY;
     goto out;
@@ -1650,7 +1646,7 @@ static CURLcode h3_stream_open(struct Curl_cfilter *cf,
   }
 
 out:
-  free(nva);
+  curlx_free(nva);
   Curl_dynhds_free(&h2_headers);
   return result;
 }
@@ -2851,7 +2847,7 @@ CURLcode Curl_cf_ngtcp2_create(struct Curl_cfilter **pcf,
   CURLcode result;
 
   (void)data;
-  ctx = calloc(1, sizeof(*ctx));
+  ctx = curlx_calloc(1, sizeof(*ctx));
   if(!ctx) {
     result = CURLE_OUT_OF_MEMORY;
     goto out;
diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c
index d6672ce132..1c3f0c55b6 100644
--- a/lib/vquic/curl_osslq.c
+++ b/lib/vquic/curl_osslq.c
@@ -57,10 +57,6 @@
 #include "../curlx/warnless.h"
 #include "../curlx/strerr.h"
 
-/* The last 2 #include files should be in this order */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 /* A stream window is the maximum amount we need to buffer for
  * each active transfer. We use HTTP/3 flow control and only ACK
  * when we take things out of the buffer.
@@ -318,10 +314,10 @@ static void cf_osslq_ctx_free(struct cf_osslq_ctx *ctx)
     Curl_bufcp_free(&ctx->stream_bufcp);
     Curl_uint32_hash_destroy(&ctx->streams);
     Curl_ssl_peer_cleanup(&ctx->peer);
-    free(ctx->poll_items);
-    free(ctx->curl_items);
+    curlx_free(ctx->poll_items);
+    curlx_free(ctx->curl_items);
   }
-  free(ctx);
+  curlx_free(ctx);
 }
 
 static void cf_osslq_ctx_close(struct cf_osslq_ctx *ctx)
@@ -596,7 +592,7 @@ static void h3_stream_ctx_free(struct h3_stream_ctx *stream)
   Curl_bufq_free(&stream->sendbuf);
   Curl_bufq_free(&stream->recvbuf);
   Curl_h1_req_parse_free(&stream->h1);
-  free(stream);
+  curlx_free(stream);
 }
 
 static void h3_stream_hash_free(unsigned int id, void *stream)
@@ -618,7 +614,7 @@ static CURLcode h3_data_setup(struct Curl_cfilter *cf,
   if(stream)
     return CURLE_OK;
 
-  stream = calloc(1, sizeof(*stream));
+  stream = curlx_calloc(1, sizeof(*stream));
   if(!stream)
     return CURLE_OUT_OF_MEMORY;
 
@@ -1511,18 +1507,19 @@ static CURLcode cf_osslq_check_and_unblock(struct Curl_cfilter *cf,
     if(ctx->items_max < Curl_uint32_hash_count(&ctx->streams)) {
       size_t nmax = Curl_uint32_hash_count(&ctx->streams);
       ctx->items_max = 0;
-      tmpptr = realloc(ctx->poll_items, nmax * sizeof(SSL_POLL_ITEM));
+      tmpptr = curlx_realloc(ctx->poll_items, nmax * sizeof(SSL_POLL_ITEM));
       if(!tmpptr) {
-        free(ctx->poll_items);
+        curlx_free(ctx->poll_items);
         ctx->poll_items = NULL;
         res = CURLE_OUT_OF_MEMORY;
         goto out;
       }
       ctx->poll_items = tmpptr;
 
-      tmpptr = realloc(ctx->curl_items, nmax * sizeof(struct Curl_easy *));
+      tmpptr = curlx_realloc(ctx->curl_items,
+                             nmax * sizeof(struct Curl_easy *));
       if(!tmpptr) {
-        free(ctx->curl_items);
+        curlx_free(ctx->curl_items);
         ctx->curl_items = NULL;
         res = CURLE_OUT_OF_MEMORY;
         goto out;
@@ -1922,7 +1919,7 @@ static CURLcode h3_stream_open(struct Curl_cfilter *cf,
   Curl_h1_req_parse_free(&stream->h1);
 
   nheader = Curl_dynhds_count(&h2_headers);
-  nva = malloc(sizeof(nghttp3_nv) * nheader);
+  nva = curlx_malloc(sizeof(nghttp3_nv) * nheader);
   if(!nva) {
     result = CURLE_OUT_OF_MEMORY;
     goto out;
@@ -1999,7 +1996,7 @@ static CURLcode h3_stream_open(struct Curl_cfilter *cf,
   }
 
 out:
-  free(nva);
+  curlx_free(nva);
   Curl_dynhds_free(&h2_headers);
   return result;
 }
@@ -2407,7 +2404,7 @@ CURLcode Curl_cf_osslq_create(struct Curl_cfilter **pcf,
   CURLcode result;
 
   (void)data;
-  ctx = calloc(1, sizeof(*ctx));
+  ctx = curlx_calloc(1, sizeof(*ctx));
   if(!ctx) {
     result = CURLE_OUT_OF_MEMORY;
     goto out;
diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c
index f8fbadeebb..c182e1490d 100644
--- a/lib/vquic/curl_quiche.c
+++ b/lib/vquic/curl_quiche.c
@@ -52,10 +52,6 @@
 #include "../vtls/keylog.h"
 #include "../vtls/vtls.h"
 
-/* The last 2 #include files should be in this order */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 /* HTTP/3 error values defined in RFC 9114, ch. 8.1 */
 #define CURL_H3_NO_ERROR  (0x0100)
 
@@ -141,7 +137,7 @@ static void cf_quiche_ctx_free(struct cf_quiche_ctx *ctx)
     Curl_bufcp_free(&ctx->stream_bufcp);
     Curl_uint32_hash_destroy(&ctx->streams);
   }
-  free(ctx);
+  curlx_free(ctx);
 }
 
 static void cf_quiche_ctx_close(struct cf_quiche_ctx *ctx)
@@ -188,7 +184,7 @@ static void h3_stream_ctx_free(struct h3_stream_ctx *stream)
 {
   Curl_bufq_free(&stream->recvbuf);
   Curl_h1_req_parse_free(&stream->h1);
-  free(stream);
+  curlx_free(stream);
 }
 
 static void h3_stream_hash_free(unsigned int id, void *stream)
@@ -269,7 +265,7 @@ static CURLcode h3_data_setup(struct Curl_cfilter *cf,
   if(stream)
     return CURLE_OK;
 
-  stream = calloc(1, sizeof(*stream));
+  stream = curlx_calloc(1, sizeof(*stream));
   if(!stream)
     return CURLE_OUT_OF_MEMORY;
 
@@ -1000,7 +996,7 @@ static CURLcode h3_open_stream(struct Curl_cfilter *cf,
   Curl_h1_req_parse_free(&stream->h1);
 
   nheader = Curl_dynhds_count(&h2_headers);
-  nva = malloc(sizeof(quiche_h3_header) * nheader);
+  nva = curlx_malloc(sizeof(quiche_h3_header) * nheader);
   if(!nva) {
     result = CURLE_OUT_OF_MEMORY;
     goto out;
@@ -1070,7 +1066,7 @@ static CURLcode h3_open_stream(struct Curl_cfilter *cf,
   }
 
 out:
-  free(nva);
+  curlx_free(nva);
   Curl_dynhds_free(&h2_headers);
   return result;
 }
@@ -1633,7 +1629,7 @@ CURLcode Curl_cf_quiche_create(struct Curl_cfilter **pcf,
 
   (void)data;
   (void)conn;
-  ctx = calloc(1, sizeof(*ctx));
+  ctx = curlx_calloc(1, sizeof(*ctx));
   if(!ctx) {
     result = CURLE_OUT_OF_MEMORY;
     goto out;
diff --git a/lib/vquic/vquic-tls.c b/lib/vquic/vquic-tls.c
index 46bb4c7d4c..7a3c99b584 100644
--- a/lib/vquic/vquic-tls.c
+++ b/lib/vquic/vquic-tls.c
@@ -53,10 +53,6 @@
 #include "../vtls/vtls_scache.h"
 #include "vquic-tls.h"
 
-/* The last 2 #include files should be in this order */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 CURLcode Curl_vquic_tls_init(struct curl_tls_ctx *ctx,
                              struct Curl_cfilter *cf,
                              struct Curl_easy *data,
diff --git a/lib/vquic/vquic.c b/lib/vquic/vquic.c
index 8b4d678d81..c1267cef9e 100644
--- a/lib/vquic/vquic.c
+++ b/lib/vquic/vquic.c
@@ -47,10 +47,6 @@
 #include "../curlx/strerr.h"
 #include "../curlx/strparse.h"
 
-/* The last 2 #include files should be in this order */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 
 #if !defined(CURL_DISABLE_HTTP) && defined(USE_HTTP3)
 
@@ -675,7 +671,7 @@ CURLcode Curl_qlogdir(struct Curl_easy *data,
         *qlogfdp = qlogfd;
     }
     curlx_dyn_free(&fname);
-    free(qlog_dir);
+    curlx_free(qlog_dir);
     if(result)
       return result;
   }
diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c
index 4b003bd71c..a5997a6f6c 100644
--- a/lib/vssh/libssh.c
+++ b/lib/vssh/libssh.c
@@ -72,10 +72,6 @@
 #include 
 #endif
 
-/* The last 2 #include files should be in this order */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 /* A recent macro provided by libssh. Or make our own. */
 #ifndef SSH_STRING_FREE_CHAR
 #define SSH_STRING_FREE_CHAR(x)                 \
@@ -491,10 +487,12 @@ static int myssh_is_known(struct Curl_easy *data, struct ssh_conn *sshc)
 
 cleanup:
   if(found_base64) {
-    (free)(found_base64);
+    /* !checksrc! disable BANNEDFUNC 1 */
+    free(found_base64); /* allocated by libssh, deallocate with system free */
   }
   if(known_base64) {
-    (free)(known_base64);
+    /* !checksrc! disable BANNEDFUNC 1 */
+    free(known_base64); /* allocated by libssh, deallocate with system free */
   }
   if(hash)
     ssh_clean_pubkey_hash(&hash);
@@ -605,7 +603,7 @@ static int myssh_in_SFTP_READDIR(struct Curl_easy *data,
       }
       result = Curl_client_write(data, CLIENTWRITE_BODY,
                                  tmpLine, sshc->readdir_len + 1);
-      free(tmpLine);
+      curlx_free(tmpLine);
 
       if(result) {
         myssh_to(data, sshc, SSH_STOP);
@@ -787,7 +785,7 @@ static int myssh_in_SFTP_QUOTE_STATVFS(struct Curl_easy *data,
 
     if(!result) {
       result = Curl_client_write(data, CLIENTWRITE_HEADER, tmp, strlen(tmp));
-      free(tmp);
+      curlx_free(tmp);
     }
     if(result) {
       myssh_to(data, sshc, SSH_SFTP_CLOSE);
@@ -1478,8 +1476,8 @@ static int myssh_in_SFTP_REALPATH(struct Curl_easy *data,
   if(!sshc->homedir)
     return myssh_to_ERROR(data, sshc, CURLE_COULDNT_CONNECT);
 
-  free(data->state.most_recent_ftp_entrypath);
-  data->state.most_recent_ftp_entrypath = strdup(sshc->homedir);
+  curlx_free(data->state.most_recent_ftp_entrypath);
+  data->state.most_recent_ftp_entrypath = curlx_strdup(sshc->homedir);
   if(!data->state.most_recent_ftp_entrypath)
     return myssh_to_ERROR(data, sshc, CURLE_OUT_OF_MEMORY);
 
@@ -1577,7 +1575,7 @@ static int myssh_in_SFTP_QUOTE(struct Curl_easy *data,
        the current directory can be read similar to how it is read when
        using ordinary FTP. */
     result = Curl_client_write(data, CLIENTWRITE_HEADER, tmp, strlen(tmp));
-    free(tmp);
+    curlx_free(tmp);
     if(result) {
       myssh_to(data, sshc, SSH_SFTP_CLOSE);
       sshc->nextstate = SSH_NO_STATE;
@@ -2529,7 +2527,7 @@ static void myssh_easy_dtor(void *key, size_t klen, void *entry)
   (void)key;
   (void)klen;
   Curl_safefree(sshp->path);
-  free(sshp);
+  curlx_free(sshp);
 }
 
 static void myssh_conn_dtor(void *key, size_t klen, void *entry)
@@ -2538,7 +2536,7 @@ static void myssh_conn_dtor(void *key, size_t klen, void *entry)
   (void)key;
   (void)klen;
   sshc_cleanup(sshc);
-  free(sshc);
+  curlx_free(sshc);
 }
 
 /*
@@ -2550,7 +2548,7 @@ static CURLcode myssh_setup_connection(struct Curl_easy *data,
   struct SSHPROTO *sshp;
   struct ssh_conn *sshc;
 
-  sshc = calloc(1, sizeof(*sshc));
+  sshc = curlx_calloc(1, sizeof(*sshc));
   if(!sshc)
     return CURLE_OUT_OF_MEMORY;
 
@@ -2559,7 +2557,7 @@ static CURLcode myssh_setup_connection(struct Curl_easy *data,
   if(Curl_conn_meta_set(conn, CURL_META_SSH_CONN, sshc, myssh_conn_dtor))
     return CURLE_OUT_OF_MEMORY;
 
-  sshp = calloc(1, sizeof(*sshp));
+  sshp = curlx_calloc(1, sizeof(*sshp));
   if(!sshp ||
      Curl_meta_set(data, CURL_META_SSH_EASY, sshp, myssh_easy_dtor))
     return CURLE_OUT_OF_MEMORY;
diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c
index e4ceda8c34..4ac9d89f1a 100644
--- a/lib/vssh/libssh2.c
+++ b/lib/vssh/libssh2.c
@@ -66,10 +66,6 @@
 #include "../curlx/strparse.h"
 #include "../curlx/base64.h" /* for base64 encoding/decoding */
 
-/* The last 2 #include files should be in this order */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 /* Local functions: */
 static const char *sftp_libssh2_strerror(unsigned long err);
 static LIBSSH2_ALLOC_FUNC(my_libssh2_malloc);
@@ -181,7 +177,7 @@ kbd_callback(const char *name, int name_len, const char *instruction,
 #endif  /* CURL_LIBSSH2_DEBUG */
   if(num_prompts == 1) {
     struct connectdata *conn = data->conn;
-    responses[0].text = strdup(conn->passwd);
+    responses[0].text = curlx_strdup(conn->passwd);
     responses[0].length =
       responses[0].text == NULL ? 0 : curlx_uztoui(strlen(conn->passwd));
   }
@@ -635,12 +631,12 @@ static CURLcode ssh_check_fingerprint(struct Curl_easy *data,
       failf(data,
             "Denied establishing ssh session: mismatch sha256 fingerprint. "
             "Remote %s is not equal to %s", fingerprint_b64, pubkey_sha256);
-      free(fingerprint_b64);
+      curlx_free(fingerprint_b64);
       myssh_state(data, sshc, SSH_SESSION_FREE);
       return CURLE_PEER_FAILED_VERIFICATION;
     }
 
-    free(fingerprint_b64);
+    curlx_free(fingerprint_b64);
 
     infof(data, "SHA256 checksum match");
   }
@@ -881,7 +877,7 @@ static CURLcode sftp_quote(struct Curl_easy *data,
        the current directory can be read similar to how it is read when
        using ordinary FTP. */
     result = Curl_client_write(data, CLIENTWRITE_HEADER, tmp, strlen(tmp));
-    free(tmp);
+    curlx_free(tmp);
     if(!result)
       myssh_state(data, sshc, SSH_SFTP_NEXT_QUOTE);
     return result;
@@ -1204,7 +1200,7 @@ static CURLcode ssh_state_pkey_init(struct Curl_easy *data,
     sshc->rsa_pub = sshc->rsa = NULL;
 
     if(data->set.str[STRING_SSH_PRIVATE_KEY])
-      sshc->rsa = strdup(data->set.str[STRING_SSH_PRIVATE_KEY]);
+      sshc->rsa = curlx_strdup(data->set.str[STRING_SSH_PRIVATE_KEY]);
     else {
       /* To ponder about: should really the lib be messing about with the
          HOME environment variable etc? */
@@ -1218,7 +1214,7 @@ static CURLcode ssh_state_pkey_init(struct Curl_easy *data,
         if(!sshc->rsa)
           out_of_memory = TRUE;
         else if(curlx_stat(sshc->rsa, &sbuf)) {
-          free(sshc->rsa);
+          curlx_free(sshc->rsa);
           sshc->rsa = curl_maprintf("%s/.ssh/id_dsa", home);
           if(!sshc->rsa)
             out_of_memory = TRUE;
@@ -1226,19 +1222,19 @@ static CURLcode ssh_state_pkey_init(struct Curl_easy *data,
             Curl_safefree(sshc->rsa);
           }
         }
-        free(home);
+        curlx_free(home);
       }
       if(!out_of_memory && !sshc->rsa) {
         /* Nothing found; try the current dir. */
-        sshc->rsa = strdup("id_rsa");
+        sshc->rsa = curlx_strdup("id_rsa");
         if(sshc->rsa && curlx_stat(sshc->rsa, &sbuf)) {
-          free(sshc->rsa);
-          sshc->rsa = strdup("id_dsa");
+          curlx_free(sshc->rsa);
+          sshc->rsa = curlx_strdup("id_dsa");
           if(sshc->rsa && curlx_stat(sshc->rsa, &sbuf)) {
-            free(sshc->rsa);
+            curlx_free(sshc->rsa);
             /* Out of guesses. Set to the empty string to avoid
              * surprising info messages. */
-            sshc->rsa = strdup("");
+            sshc->rsa = curlx_strdup("");
           }
         }
       }
@@ -1252,7 +1248,7 @@ static CURLcode ssh_state_pkey_init(struct Curl_easy *data,
     if(data->set.str[STRING_SSH_PUBLIC_KEY]
        /* treat empty string the same way as NULL */
        && data->set.str[STRING_SSH_PUBLIC_KEY][0]) {
-      sshc->rsa_pub = strdup(data->set.str[STRING_SSH_PUBLIC_KEY]);
+      sshc->rsa_pub = curlx_strdup(data->set.str[STRING_SSH_PUBLIC_KEY]);
       if(!sshc->rsa_pub)
         out_of_memory = TRUE;
     }
@@ -1936,12 +1932,12 @@ static CURLcode ssh_state_sftp_realpath(struct Curl_easy *data,
 
   myssh_state(data, sshc, SSH_STOP);
   if(rc > 0) {
-    free(sshc->homedir);
-    sshc->homedir = strdup(sshp->readdir_filename);
+    curlx_free(sshc->homedir);
+    sshc->homedir = curlx_strdup(sshp->readdir_filename);
     if(!sshc->homedir)
       return CURLE_OUT_OF_MEMORY;
-    free(data->state.most_recent_ftp_entrypath);
-    data->state.most_recent_ftp_entrypath = strdup(sshc->homedir);
+    curlx_free(data->state.most_recent_ftp_entrypath);
+    data->state.most_recent_ftp_entrypath = curlx_strdup(sshc->homedir);
     if(!data->state.most_recent_ftp_entrypath)
       return CURLE_OUT_OF_MEMORY;
   }
@@ -2251,7 +2247,7 @@ static CURLcode ssh_state_sftp_quote_statvfs(struct Curl_easy *data,
     }
 
     result = Curl_client_write(data, CLIENTWRITE_HEADER, tmp, strlen(tmp));
-    free(tmp);
+    curlx_free(tmp);
     if(result) {
       myssh_state(data, sshc, SSH_SFTP_CLOSE);
       sshc->nextstate = SSH_NO_STATE;
@@ -3177,7 +3173,7 @@ static void myssh_easy_dtor(void *key, size_t klen, void *entry)
   Curl_safefree(sshp->path);
   curlx_dyn_free(&sshp->readdir);
   curlx_dyn_free(&sshp->readdir_link);
-  free(sshp);
+  curlx_free(sshp);
 }
 
 static void myssh_conn_dtor(void *key, size_t klen, void *entry)
@@ -3186,7 +3182,7 @@ static void myssh_conn_dtor(void *key, size_t klen, void *entry)
   (void)key;
   (void)klen;
   sshc_cleanup(sshc, NULL, TRUE);
-  free(sshc);
+  curlx_free(sshc);
 }
 
 /*
@@ -3199,14 +3195,14 @@ static CURLcode ssh_setup_connection(struct Curl_easy *data,
   struct SSHPROTO *sshp;
   (void)conn;
 
-  sshc = calloc(1, sizeof(*sshc));
+  sshc = curlx_calloc(1, sizeof(*sshc));
   if(!sshc)
     return CURLE_OUT_OF_MEMORY;
 
   if(Curl_conn_meta_set(conn, CURL_META_SSH_CONN, sshc, myssh_conn_dtor))
     return CURLE_OUT_OF_MEMORY;
 
-  sshp = calloc(1, sizeof(*sshp));
+  sshp = curlx_calloc(1, sizeof(*sshp));
   if(!sshp)
     return CURLE_OUT_OF_MEMORY;
 
diff --git a/lib/vssh/vssh.c b/lib/vssh/vssh.c
index e33386a16a..a23f9e8e98 100644
--- a/lib/vssh/vssh.c
+++ b/lib/vssh/vssh.c
@@ -30,9 +30,7 @@
 #include 
 #include "../curlx/strparse.h"
 #include "../curl_trc.h"
-#include "../curl_memory.h"
 #include "../escape.h"
-#include "../memdebug.h"
 
 #define MAX_SSHPATH_LEN 100000 /* arbitrary */
 
@@ -59,7 +57,7 @@ CURLcode Curl_getworkingpath(struct Curl_easy *data,
      (working_path_len > 3) && (!memcmp(working_path, "/~/", 3))) {
     /* It is referenced to the home directory, so strip the leading '/~/' */
     if(curlx_dyn_addn(&npath, &working_path[3], working_path_len - 3)) {
-      free(working_path);
+      curlx_free(working_path);
       return CURLE_OUT_OF_MEMORY;
     }
   }
@@ -67,7 +65,7 @@ CURLcode Curl_getworkingpath(struct Curl_easy *data,
           (!strcmp("/~", working_path) ||
            ((working_path_len > 2) && !memcmp(working_path, "/~/", 3)))) {
     if(curlx_dyn_add(&npath, homedir)) {
-      free(working_path);
+      curlx_free(working_path);
       return CURLE_OUT_OF_MEMORY;
     }
     if(working_path_len > 2) {
@@ -82,20 +80,20 @@ CURLcode Curl_getworkingpath(struct Curl_easy *data,
 
       if(curlx_dyn_addn(&npath, &working_path[copyfrom],
                         working_path_len - copyfrom)) {
-        free(working_path);
+        curlx_free(working_path);
         return CURLE_OUT_OF_MEMORY;
       }
     }
     else {
       if(curlx_dyn_add(&npath, "/")) {
-        free(working_path);
+        curlx_free(working_path);
         return CURLE_OUT_OF_MEMORY;
       }
     }
   }
 
   if(curlx_dyn_len(&npath)) {
-    free(working_path);
+    curlx_free(working_path);
 
     /* store the pointer for the caller to receive */
     *path = curlx_dyn_ptr(&npath);
diff --git a/lib/vtls/apple.c b/lib/vtls/apple.c
index 297ebc39f3..62bb9e3bd1 100644
--- a/lib/vtls/apple.c
+++ b/lib/vtls/apple.c
@@ -50,10 +50,6 @@
 #include 
 #endif
 
-/* The last #include files should be: */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 
 #ifdef USE_APPLE_SECTRUST
 #define SSL_SYSTEM_VERIFIER
@@ -244,11 +240,11 @@ CURLcode Curl_vtls_apple_verify(struct Curl_cfilter *cf,
       if(error_ref) {
         CFIndex size = CFStringGetMaximumSizeForEncoding(
           CFStringGetLength(error_ref), kCFStringEncodingUTF8);
-        err_desc = malloc(size + 1);
+        err_desc = curlx_malloc(size + 1);
         if(err_desc) {
           if(!CFStringGetCString(error_ref, err_desc, size,
              kCFStringEncodingUTF8)) {
-            free(err_desc);
+            curlx_free(err_desc);
             err_desc = NULL;
           }
         }
@@ -276,7 +272,7 @@ CURLcode Curl_vtls_apple_verify(struct Curl_cfilter *cf,
   }
 
 out:
-  free(err_desc);
+  curlx_free(err_desc);
   if(error_ref)
     CFRelease(error_ref);
   if(error)
diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index 55a75fa721..c05ab8427b 100644
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -59,9 +59,6 @@
 #include "../curlx/warnless.h"
 #include "x509asn1.h"
 #include "../multiif.h"
-#include "../curl_memory.h"
-/* The last #include file should be: */
-#include "../memdebug.h"
 
 /* Enable GnuTLS debugging by defining GTLSDEBUG */
 /*#define GTLSDEBUG */
@@ -215,10 +212,10 @@ static gnutls_datum_t load_file(const char *file)
   if(fseek(f, 0, SEEK_END) != 0
      || (filelen = ftell(f)) < 0
      || fseek(f, 0, SEEK_SET) != 0
-     || !(ptr = malloc((size_t)filelen)))
+     || !(ptr = curlx_malloc((size_t)filelen)))
     goto out;
   if(fread(ptr, 1, (size_t)filelen, f) < (size_t)filelen) {
-    free(ptr);
+    curlx_free(ptr);
     goto out;
   }
 
@@ -231,7 +228,7 @@ out:
 
 static void unload_file(gnutls_datum_t data)
 {
-  free(data.data);
+  curlx_free(data.data);
 }
 
 
@@ -404,14 +401,14 @@ CURLcode Curl_gtls_shared_creds_create(struct Curl_easy *data,
   int rc;
 
   *pcreds = NULL;
-  shared = calloc(1, sizeof(*shared));
+  shared = curlx_calloc(1, sizeof(*shared));
   if(!shared)
     return CURLE_OUT_OF_MEMORY;
 
   rc = gnutls_certificate_allocate_credentials(&shared->creds);
   if(rc != GNUTLS_E_SUCCESS) {
     failf(data, "gnutls_cert_all_cred() failed: %s", gnutls_strerror(rc));
-    free(shared);
+    curlx_free(shared);
     return CURLE_SSL_CONNECT_ERROR;
   }
 
@@ -439,8 +436,8 @@ void Curl_gtls_shared_creds_free(struct gtls_shared_creds **pcreds)
     --shared->refcount;
     if(!shared->refcount) {
       gnutls_certificate_free_credentials(shared->creds);
-      free(shared->CAfile);
-      free(shared);
+      curlx_free(shared->CAfile);
+      curlx_free(shared);
     }
   }
 }
@@ -629,7 +626,7 @@ static void gtls_set_cached_creds(struct Curl_cfilter *cf,
     return;
 
   if(conn_config->CAfile) {
-    sc->CAfile = strdup(conn_config->CAfile);
+    sc->CAfile = curlx_strdup(conn_config->CAfile);
     if(!sc->CAfile)
       return;
   }
@@ -723,7 +720,7 @@ CURLcode Curl_gtls_cache_session(struct Curl_cfilter *cf,
   if(!sdata_len) /* gnutls does this for some version combinations */
     return CURLE_OK;
 
-  sdata = malloc(sdata_len); /* get a buffer for it */
+  sdata = curlx_malloc(sdata_len); /* get a buffer for it */
   if(!sdata)
     return CURLE_OUT_OF_MEMORY;
 
@@ -737,7 +734,7 @@ CURLcode Curl_gtls_cache_session(struct Curl_cfilter *cf,
   if(quic_tp && quic_tp_len) {
     qtp_clone = Curl_memdup0((char *)quic_tp, quic_tp_len);
     if(!qtp_clone) {
-      free(sdata);
+      curlx_free(sdata);
       return CURLE_OUT_OF_MEMORY;
     }
   }
@@ -1312,7 +1309,7 @@ static CURLcode pkp_pin_peer_pubkey(struct Curl_easy *data,
     if(ret != GNUTLS_E_SHORT_MEMORY_BUFFER || len1 == 0)
       break; /* failed */
 
-    buff1 = malloc(len1);
+    buff1 = curlx_malloc(len1);
     if(!buff1)
       break; /* failed */
 
diff --git a/lib/vtls/hostcheck.c b/lib/vtls/hostcheck.c
index 23ba33951f..672f473db4 100644
--- a/lib/vtls/hostcheck.c
+++ b/lib/vtls/hostcheck.c
@@ -37,10 +37,6 @@
 #include "hostcheck.h"
 #include "../hostip.h"
 
-#include "../curl_memory.h"
-/* The last #include file should be: */
-#include "../memdebug.h"
-
 /* check the two input strings with given length, but do not
    assume they end in nul-bytes */
 static bool pmatch(const char *hostname, size_t hostlen,
diff --git a/lib/vtls/keylog.c b/lib/vtls/keylog.c
index 9179d38fe7..397bac1a36 100644
--- a/lib/vtls/keylog.c
+++ b/lib/vtls/keylog.c
@@ -35,10 +35,6 @@
 #include "../escape.h"
 #include "../curlx/fopen.h"
 
-/* The last #include files should be: */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 /* The fp for the open SSLKEYLOGFILE, or NULL if not open */
 static FILE *keylog_file_fp;
 
diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c
index 2ea3670c1b..9e13ed4641 100644
--- a/lib/vtls/mbedtls.c
+++ b/lib/vtls/mbedtls.c
@@ -75,10 +75,6 @@
 #include "../strdup.h"
 #include "../curl_sha256.h"
 
-/* The last 2 #include files should be in this order */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 /* ALPN for http2 */
 #if defined(USE_HTTP2) && defined(MBEDTLS_SSL_ALPN)
 #  define HAS_ALPN_MBEDTLS
@@ -355,7 +351,7 @@ mbed_set_selected_ciphers(struct Curl_easy *data,
   for(i = 0; supported[i] != 0; i++);
   supported_len = i;
 
-  selected = malloc(sizeof(int) * (supported_len + 1));
+  selected = curlx_malloc(sizeof(int) * (supported_len + 1));
   if(!selected)
     return CURLE_OUT_OF_MEMORY;
 
@@ -433,7 +429,7 @@ add_ciphers:
   selected[count] = 0;
 
   if(count == 0) {
-    free(selected);
+    curlx_free(selected);
     failf(data, "mbedTLS: no supported cipher in list");
     return CURLE_SSL_CIPHER;
   }
@@ -452,7 +448,7 @@ mbed_dump_cert_info(struct Curl_easy *data, const mbedtls_x509_crt *crt)
   (void)data, (void)crt;
 #else
   const size_t bufsize = 16384;
-  char *p, *buffer = malloc(bufsize);
+  char *p, *buffer = curlx_malloc(bufsize);
 
   if(buffer && mbedtls_x509_crt_info(buffer, bufsize, " ", crt) > 0) {
     infof(data, "Server certificate:");
@@ -465,7 +461,7 @@ mbed_dump_cert_info(struct Curl_easy *data, const mbedtls_x509_crt *crt)
   else
     infof(data, "Unable to dump certificate information");
 
-  free(buffer);
+  curlx_free(buffer);
 #endif
 }
 
@@ -597,7 +593,7 @@ mbed_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data)
       return CURLE_OUT_OF_MEMORY;
     ret = mbedtls_x509_crt_parse(&backend->cacert, newblob,
                                  ca_info_blob->len + 1);
-    free(newblob);
+    curlx_free(newblob);
     if(ret < 0) {
       mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
       failf(data, "Error importing ca cert blob - mbedTLS: (-0x%04X) %s",
@@ -670,7 +666,7 @@ mbed_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data)
       return CURLE_OUT_OF_MEMORY;
     ret = mbedtls_x509_crt_parse(&backend->clicert, newblob,
                                  ssl_cert_blob->len + 1);
-    free(newblob);
+    curlx_free(newblob);
 
     if(ret) {
       mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
@@ -1027,12 +1023,12 @@ mbed_connect_step2(struct Curl_cfilter *cf, struct Curl_easy *data)
       return CURLE_SSL_PINNEDPUBKEYNOTMATCH;
     }
 
-    p = calloc(1, sizeof(*p));
+    p = curlx_calloc(1, sizeof(*p));
 
     if(!p)
       return CURLE_OUT_OF_MEMORY;
 
-    pubkey = malloc(PUB_DER_MAX_BYTES);
+    pubkey = curlx_malloc(PUB_DER_MAX_BYTES);
 
     if(!pubkey) {
       result = CURLE_OUT_OF_MEMORY;
@@ -1064,8 +1060,8 @@ mbed_connect_step2(struct Curl_cfilter *cf, struct Curl_easy *data)
                                   &pubkey[PUB_DER_MAX_BYTES - size], size);
 pinnedpubkey_error:
     mbedtls_x509_crt_free(p);
-    free(p);
-    free(pubkey);
+    curlx_free(p);
+    curlx_free(pubkey);
     if(result)
       return result;
   }
@@ -1122,7 +1118,7 @@ mbed_new_session(struct Curl_cfilter *cf, struct Curl_easy *data)
     goto out;
   }
 
-  sdata = malloc(slen);
+  sdata = curlx_malloc(slen);
   if(!sdata) {
     result = CURLE_OUT_OF_MEMORY;
     goto out;
@@ -1147,7 +1143,7 @@ mbed_new_session(struct Curl_cfilter *cf, struct Curl_easy *data)
 out:
   if(msession_alloced)
     mbedtls_ssl_session_free(&session);
-  free(sdata);
+  curlx_free(sdata);
   return result;
 }
 
diff --git a/lib/vtls/mbedtls_threadlock.c b/lib/vtls/mbedtls_threadlock.c
index 82590929cd..91de9eceb5 100644
--- a/lib/vtls/mbedtls_threadlock.c
+++ b/lib/vtls/mbedtls_threadlock.c
@@ -37,10 +37,6 @@
 
 #include "mbedtls_threadlock.h"
 
-/* The last 2 #include files should be: */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 /* number of thread locks */
 #define NUMT                    2
 
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index d8f99b21c3..bdfe527acd 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -132,10 +132,6 @@ static void ossl_provider_cleanup(struct Curl_easy *data);
 
 #include "../curlx/warnless.h"
 
-/* The last #include files should be: */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 #if defined(USE_OPENSSL_ENGINE) || defined(OPENSSL_HAS_PROVIDERS)
 #include 
 #endif
@@ -1831,7 +1827,7 @@ static CURLcode ossl_set_provider(struct Curl_easy *data, const char *iname)
     if(!libctx)
       return CURLE_OUT_OF_MEMORY;
     if(propq) {
-      data->state.propq = strdup(propq);
+      data->state.propq = curlx_strdup(propq);
       if(!data->state.propq) {
         OSSL_LIB_CTX_free(libctx);
         return CURLE_OUT_OF_MEMORY;
@@ -2738,7 +2734,7 @@ CURLcode Curl_ossl_add_session(struct Curl_cfilter *cf,
       goto out;
     }
 
-    der_session_buf = der_session_ptr = malloc(der_session_size);
+    der_session_buf = der_session_ptr = curlx_malloc(der_session_size);
     if(!der_session_buf) {
       result = CURLE_OUT_OF_MEMORY;
       goto out;
@@ -2775,7 +2771,7 @@ CURLcode Curl_ossl_add_session(struct Curl_cfilter *cf,
   }
 
 out:
-  free(der_session_buf);
+  curlx_free(der_session_buf);
   return result;
 }
 
@@ -2932,7 +2928,7 @@ static CURLcode ossl_win_load_store(struct Curl_easy *data,
        */
       if(CertGetEnhancedKeyUsage(pContext, 0, NULL, &req_size)) {
         if(req_size && req_size > enhkey_usage_size) {
-          void *tmp = realloc(enhkey_usage, req_size);
+          void *tmp = curlx_realloc(enhkey_usage, req_size);
 
           if(!tmp) {
             failf(data, "SSL: Out of memory allocating for OID list");
@@ -2990,7 +2986,7 @@ static CURLcode ossl_win_load_store(struct Curl_easy *data,
       X509_free(x509);
     }
 
-    free(enhkey_usage);
+    curlx_free(enhkey_usage);
     CertFreeCertificateContext(pContext);
     CertCloseStore(hStore, 0);
 
@@ -3233,8 +3229,8 @@ static void oss_x509_share_free(void *key, size_t key_len, void *p)
   if(share->store) {
     X509_STORE_free(share->store);
   }
-  free(share->CAfile);
-  free(share);
+  curlx_free(share->CAfile);
+  curlx_free(share);
 }
 
 static bool
@@ -3304,14 +3300,14 @@ static void ossl_set_cached_x509_store(struct Curl_cfilter *cf,
                          sizeof(MPROTO_OSSL_X509_KEY)-1);
 
   if(!share) {
-    share = calloc(1, sizeof(*share));
+    share = curlx_calloc(1, sizeof(*share));
     if(!share)
       return;
     if(!Curl_hash_add2(&multi->proto_hash,
                        CURL_UNCONST(MPROTO_OSSL_X509_KEY),
                        sizeof(MPROTO_OSSL_X509_KEY)-1,
                        share, oss_x509_share_free)) {
-      free(share);
+      curlx_free(share);
       return;
     }
   }
@@ -3320,7 +3316,7 @@ static void ossl_set_cached_x509_store(struct Curl_cfilter *cf,
     char *CAfile = NULL;
 
     if(conn_config->CAfile) {
-      CAfile = strdup(conn_config->CAfile);
+      CAfile = curlx_strdup(conn_config->CAfile);
       if(!CAfile) {
         X509_STORE_free(store);
         return;
@@ -3329,7 +3325,7 @@ static void ossl_set_cached_x509_store(struct Curl_cfilter *cf,
 
     if(share->store) {
       X509_STORE_free(share->store);
-      free(share->CAfile);
+      curlx_free(share->CAfile);
     }
 
     share->time = curlx_now();
@@ -3516,11 +3512,11 @@ static CURLcode ossl_init_ech(struct ossl_ctx *octx,
                                 ech_config_len) != 1) {
       infof(data, "ECH: SSL_ECH_set1_ech_config_list failed");
       if(data->set.tls_ech & CURLECH_HARD) {
-        free(ech_config);
+        curlx_free(ech_config);
         return CURLE_SSL_CONNECT_ERROR;
       }
     }
-    free(ech_config);
+    curlx_free(ech_config);
     trying_ech_now = 1;
 # else
     ech_config = (unsigned char *) data->set.str[STRING_ECH_CONFIG];
@@ -4160,7 +4156,7 @@ static void ossl_trace_ech_retry_configs(struct Curl_easy *data, SSL* ssl,
     result = curlx_base64_encode(rcs, rcl, &b64str, &blen);
     if(!result && b64str) {
       infof(data, "ECH: retry_configs %s", b64str);
-      free(b64str);
+      curlx_free(b64str);
 #ifndef HAVE_BORINGSSL_LIKE
       rv = SSL_ech_get1_status(ssl, &inner, &outer);
       infof(data, "ECH: retry_configs for %s from %s, %d %d",
@@ -4446,7 +4442,7 @@ static CURLcode ossl_pkp_pin_peer_pubkey(struct Curl_easy *data, X509* cert,
     if(len1 < 1)
       break; /* failed */
 
-    buff1 = temp = malloc(len1);
+    buff1 = temp = curlx_malloc(len1);
     if(!buff1)
       break; /* failed */
 
@@ -4468,7 +4464,7 @@ static CURLcode ossl_pkp_pin_peer_pubkey(struct Curl_easy *data, X509* cert,
   } while(0);
 
   if(buff1)
-    free(buff1);
+    curlx_free(buff1);
 
   return result;
 }
diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c
index cc19a328ed..e4251a9151 100644
--- a/lib/vtls/rustls.c
+++ b/lib/vtls/rustls.c
@@ -42,10 +42,6 @@
 #include "cipher_suite.h"
 #include "x509asn1.h"
 
-/* The last #include files should be: */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 struct rustls_ssl_backend_data
 {
   const struct rustls_client_config *config;
@@ -586,7 +582,7 @@ init_config_builder(struct Curl_easy *data,
   }
 #endif /* USE_ECH */
 
-  cipher_suites = malloc(sizeof(*cipher_suites) * (cipher_suites_len));
+  cipher_suites = curlx_malloc(sizeof(*cipher_suites) * (cipher_suites_len));
   if(!cipher_suites) {
     result = CURLE_OUT_OF_MEMORY;
     goto cleanup;
@@ -643,7 +639,7 @@ init_config_builder(struct Curl_easy *data,
 
 cleanup:
   if(cipher_suites) {
-    free(cipher_suites);
+    curlx_free(cipher_suites);
   }
   if(custom_provider_builder) {
     rustls_crypto_provider_builder_free(custom_provider_builder);
@@ -1004,7 +1000,7 @@ init_config_builder_ech(struct Curl_easy *data,
 cleanup:
   /* if we base64 decoded, we can free now */
   if(data->set.tls_ech & CURLECH_CLA_CFG && data->set.str[STRING_ECH_CONFIG]) {
-    free(ech_config);
+    curlx_free(ech_config);
   }
   if(dns) {
     Curl_resolv_unlink(data, &dns);
diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c
index e5fbe40a8c..49a4516cdf 100644
--- a/lib/vtls/schannel.c
+++ b/lib/vtls/schannel.c
@@ -60,10 +60,6 @@
 #include "../progress.h"
 #include "../curl_sha256.h"
 
-/* The last #include file should be: */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 /* Some verbose debug messages are wrapped by SCH_DEV() instead of DEBUGF()
  * and only shown if CURL_SCHANNEL_DEV_DEBUG was defined at build time. These
  * messages are extra verbose and intended for curl developers debugging
@@ -427,7 +423,7 @@ get_cert_location(TCHAR *path, DWORD *store_name, TCHAR **store_path,
     return CURLE_SSL_CERTPROBLEM;
 
   *sep = TEXT('\0');
-  *store_path = Curl_tcsdup(store_path_start);
+  *store_path = curlx_tcsdup(store_path_start);
   *sep = TEXT('\\');
   if(!*store_path)
     return CURLE_OUT_OF_MEMORY;
@@ -571,7 +567,7 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf,
       failf(data, "schannel: certificate format compatibility error "
             " for %s",
             blob ? "(memory blob)" : data->set.ssl.primary.clientcert);
-      free(cert_store_path);
+      curlx_free(cert_store_path);
       curlx_unicodefree(cert_path);
       if(fInCert)
         curlx_fclose(fInCert);
@@ -589,7 +585,7 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf,
       int cert_find_flags;
       const char *cert_showfilename_error = blob ?
         "(memory blob)" : data->set.ssl.primary.clientcert;
-      free(cert_store_path);
+      curlx_free(cert_store_path);
       curlx_unicodefree(cert_path);
       if(fInCert) {
         long cert_tell = 0;
@@ -603,7 +599,7 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf,
         if(continue_reading)
           continue_reading = fseek(fInCert, 0, SEEK_SET) == 0;
         if(continue_reading)
-          certdata = malloc(certsize + 1);
+          certdata = curlx_malloc(certsize + 1);
         if((!certdata) ||
            ((int) fread(certdata, certsize, 1, fInCert) != 1))
           continue_reading = FALSE;
@@ -611,7 +607,7 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf,
         if(!continue_reading) {
           failf(data, "schannel: Failed to read cert file %s",
                 data->set.ssl.primary.clientcert);
-          free(certdata);
+          curlx_free(certdata);
           return CURLE_SSL_CERTPROBLEM;
         }
       }
@@ -622,7 +618,7 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf,
 
       if(data->set.ssl.key_passwd)
         pwd_len = strlen(data->set.ssl.key_passwd);
-      pszPassword = (WCHAR*)malloc(sizeof(WCHAR)*(pwd_len + 1));
+      pszPassword = (WCHAR*)curlx_malloc(sizeof(WCHAR)*(pwd_len + 1));
       if(pszPassword) {
         if(pwd_len > 0)
           str_w_len = MultiByteToWideChar(CP_UTF8,
@@ -642,10 +638,10 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf,
         else
           cert_store = PFXImportCertStore(&datablob, pszPassword, 0);
 
-        free(pszPassword);
+        curlx_free(pszPassword);
       }
       if(!blob)
-        free(certdata);
+        curlx_free(certdata);
       if(!cert_store) {
         DWORD errorcode = GetLastError();
         if(errorcode == ERROR_INVALID_PASSWORD)
@@ -699,12 +695,12 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf,
               cert_store_name,
               (path_utf8 ? path_utf8 : "(unknown)"),
               GetLastError());
-        free(cert_store_path);
+        curlx_free(cert_store_path);
         curlx_unicodefree(path_utf8);
         curlx_unicodefree(cert_path);
         return CURLE_SSL_CERTPROBLEM;
       }
-      free(cert_store_path);
+      curlx_free(cert_store_path);
 
       cert_thumbprint.pbData = cert_thumbprint_data;
       cert_thumbprint.cbData = CERT_THUMBPRINT_DATA_LEN;
@@ -738,7 +734,7 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf,
 
   /* allocate memory for the reusable credential handle */
   backend->cred = (struct Curl_schannel_cred *)
-    calloc(1, sizeof(struct Curl_schannel_cred));
+    curlx_calloc(1, sizeof(struct Curl_schannel_cred));
   if(!backend->cred) {
     failf(data, "schannel: unable to allocate memory");
 
@@ -1019,7 +1015,7 @@ schannel_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data)
 
   /* allocate memory for the security context handle */
   backend->ctxt = (struct Curl_schannel_ctxt *)
-    calloc(1, sizeof(struct Curl_schannel_ctxt));
+    curlx_calloc(1, sizeof(struct Curl_schannel_ctxt));
   if(!backend->ctxt) {
     failf(data, "schannel: unable to allocate memory");
     return CURLE_OUT_OF_MEMORY;
@@ -1170,7 +1166,7 @@ schannel_connect_step2(struct Curl_cfilter *cf, struct Curl_easy *data)
   if(!backend->decdata_buffer) {
     backend->decdata_offset = 0;
     backend->decdata_length = CURL_SCHANNEL_BUFFER_INIT_SIZE;
-    backend->decdata_buffer = malloc(backend->decdata_length);
+    backend->decdata_buffer = curlx_malloc(backend->decdata_length);
     if(!backend->decdata_buffer) {
       failf(data, "schannel: unable to allocate memory");
       return CURLE_OUT_OF_MEMORY;
@@ -1182,7 +1178,7 @@ schannel_connect_step2(struct Curl_cfilter *cf, struct Curl_easy *data)
     backend->encdata_is_incomplete = FALSE;
     backend->encdata_offset = 0;
     backend->encdata_length = CURL_SCHANNEL_BUFFER_INIT_SIZE;
-    backend->encdata_buffer = malloc(backend->encdata_length);
+    backend->encdata_buffer = curlx_malloc(backend->encdata_length);
     if(!backend->encdata_buffer) {
       failf(data, "schannel: unable to allocate memory");
       return CURLE_OUT_OF_MEMORY;
@@ -1195,8 +1191,8 @@ schannel_connect_step2(struct Curl_cfilter *cf, struct Curl_easy *data)
     /* increase internal encrypted data buffer */
     size_t reallocated_length = backend->encdata_offset +
       CURL_SCHANNEL_BUFFER_FREE_SIZE;
-    reallocated_buffer = realloc(backend->encdata_buffer,
-                                 reallocated_length);
+    reallocated_buffer = curlx_realloc(backend->encdata_buffer,
+                                       reallocated_length);
 
     if(!reallocated_buffer) {
       failf(data, "schannel: unable to re-allocate memory");
@@ -1247,7 +1243,8 @@ schannel_connect_step2(struct Curl_cfilter *cf, struct Curl_easy *data)
                   backend->encdata_offset, backend->encdata_length));
 
     /* setup input buffers */
-    InitSecBuffer(&inbuf[0], SECBUFFER_TOKEN, malloc(backend->encdata_offset),
+    InitSecBuffer(&inbuf[0], SECBUFFER_TOKEN,
+                  curlx_malloc(backend->encdata_offset),
                   curlx_uztoul(backend->encdata_offset));
     InitSecBuffer(&inbuf[1], SECBUFFER_EMPTY, NULL, 0);
     InitSecBufferDesc(&inbuf_desc, inbuf, 2);
@@ -1274,7 +1271,7 @@ schannel_connect_step2(struct Curl_cfilter *cf, struct Curl_easy *data)
     if(!SOCKET_WRITABLE(Curl_conn_cf_get_socket(cf, data), 0)) {
       SCH_DEV(infof(data, "schannel: handshake waiting for writeable socket"));
       connssl->io_need = CURL_SSL_IO_NEED_SEND;
-      free(inbuf[0].pvBuffer);
+      curlx_free(inbuf[0].pvBuffer);
       return CURLE_OK;
     }
 
@@ -1931,7 +1928,7 @@ schannel_send(struct Curl_cfilter *cf, struct Curl_easy *data,
   /* calculate the complete message length and allocate a buffer for it */
   data_len = backend->stream_sizes.cbHeader + len +
     backend->stream_sizes.cbTrailer;
-  ptr = (unsigned char *)malloc(data_len);
+  ptr = (unsigned char *)curlx_malloc(data_len);
   if(!ptr) {
     return CURLE_OUT_OF_MEMORY;
   }
@@ -2110,8 +2107,8 @@ schannel_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
       if(reallocated_length < min_encdata_length) {
         reallocated_length = min_encdata_length;
       }
-      reallocated_buffer = realloc(backend->encdata_buffer,
-                                   reallocated_length);
+      reallocated_buffer = curlx_realloc(backend->encdata_buffer,
+                                         reallocated_length);
       if(!reallocated_buffer) {
         result = CURLE_OUT_OF_MEMORY;
         failf(data, "schannel: unable to re-allocate memory");
@@ -2196,8 +2193,8 @@ schannel_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
           if(reallocated_length < len) {
             reallocated_length = len;
           }
-          reallocated_buffer = realloc(backend->decdata_buffer,
-                                       reallocated_length);
+          reallocated_buffer = curlx_realloc(backend->decdata_buffer,
+                                             reallocated_length);
           if(!reallocated_buffer) {
             result = CURLE_OUT_OF_MEMORY;
             failf(data, "schannel: unable to re-allocate memory");
@@ -2819,8 +2816,8 @@ static void schannel_cert_share_free(void *key, size_t key_len, void *p)
   if(share->cert_store) {
     CertCloseStore(share->cert_store, 0);
   }
-  free(share->CAfile);
-  free(share);
+  curlx_free(share->CAfile);
+  curlx_free(share);
 }
 
 bool Curl_schannel_set_cached_cert_store(struct Curl_cfilter *cf,
@@ -2844,7 +2841,7 @@ bool Curl_schannel_set_cached_cert_store(struct Curl_cfilter *cf,
                          CURL_UNCONST(MPROTO_SCHANNEL_CERT_SHARE_KEY),
                          sizeof(MPROTO_SCHANNEL_CERT_SHARE_KEY)-1);
   if(!share) {
-    share = calloc(1, sizeof(*share));
+    share = curlx_calloc(1, sizeof(*share));
     if(!share) {
       return FALSE;
     }
@@ -2852,7 +2849,7 @@ bool Curl_schannel_set_cached_cert_store(struct Curl_cfilter *cf,
                        CURL_UNCONST(MPROTO_SCHANNEL_CERT_SHARE_KEY),
                        sizeof(MPROTO_SCHANNEL_CERT_SHARE_KEY)-1,
                        share, schannel_cert_share_free)) {
-      free(share);
+      curlx_free(share);
       return FALSE;
     }
   }
@@ -2866,7 +2863,7 @@ bool Curl_schannel_set_cached_cert_store(struct Curl_cfilter *cf,
   }
   else {
     if(conn_config->CAfile) {
-      CAfile = strdup(conn_config->CAfile);
+      CAfile = curlx_strdup(conn_config->CAfile);
       if(!CAfile) {
         return FALSE;
       }
@@ -2877,7 +2874,7 @@ bool Curl_schannel_set_cached_cert_store(struct Curl_cfilter *cf,
   if(share->cert_store) {
     CertCloseStore(share->cert_store, 0);
   }
-  free(share->CAfile);
+  curlx_free(share->CAfile);
 
   share->time = curlx_now();
   share->cert_store = cert_store;
diff --git a/lib/vtls/schannel_verify.c b/lib/vtls/schannel_verify.c
index 72c42ed353..4ff7b5d536 100644
--- a/lib/vtls/schannel_verify.c
+++ b/lib/vtls/schannel_verify.c
@@ -49,10 +49,6 @@
 #include "hostcheck.h"
 #include "../curlx/version_win32.h"
 
-/* The last #include file should be: */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 #define BACKEND ((struct schannel_ssl_backend_data *)connssl->backend)
 
 #define MAX_CAFILE_SIZE 1048576 /* 1 MiB */
@@ -319,7 +315,7 @@ static CURLcode add_certs_file_to_store(HCERTSTORE trust_store,
   }
 
   ca_file_bufsize = (size_t)file_size.QuadPart;
-  ca_file_buffer = (char *)malloc(ca_file_bufsize + 1);
+  ca_file_buffer = (char *)curlx_malloc(ca_file_bufsize + 1);
   if(!ca_file_buffer) {
     result = CURLE_OUT_OF_MEMORY;
     goto cleanup;
@@ -606,7 +602,7 @@ CURLcode Curl_verify_host(struct Curl_cfilter *cf,
     /* CertGetNameString guarantees that the returned name will not contain
      * embedded null bytes. This appears to be undocumented behavior.
      */
-    cert_hostname_buff = (LPTSTR)malloc(len * sizeof(TCHAR));
+    cert_hostname_buff = (LPTSTR)curlx_malloc(len * sizeof(TCHAR));
     if(!cert_hostname_buff) {
       result = CURLE_OUT_OF_MEMORY;
       goto cleanup;
diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
index 3b242fd485..6eb60e41cf 100644
--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
@@ -81,15 +81,11 @@
 #include 
 #endif
 
-/* The last #include files should be: */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 
 #define CLONE_STRING(var)                    \
   do {                                       \
     if(source->var) {                        \
-      dest->var = strdup(source->var);       \
+      dest->var = curlx_strdup(source->var); \
       if(!dest->var)                         \
         return FALSE;                        \
     }                                        \
@@ -111,7 +107,7 @@ static CURLcode blobdup(struct curl_blob **dest,
   if(src) {
     /* only if there is data to dupe! */
     struct curl_blob *d;
-    d = malloc(sizeof(struct curl_blob) + src->len);
+    d = curlx_malloc(sizeof(struct curl_blob) + src->len);
     if(!d)
       return CURLE_OUT_OF_MEMORY;
     d->len = src->len;
@@ -503,16 +499,16 @@ static struct ssl_connect_data *cf_ctx_new(struct Curl_easy *data,
   struct ssl_connect_data *ctx;
 
   (void)data;
-  ctx = calloc(1, sizeof(*ctx));
+  ctx = curlx_calloc(1, sizeof(*ctx));
   if(!ctx)
     return NULL;
 
   ctx->ssl_impl = Curl_ssl;
   ctx->alpn = alpn;
   Curl_bufq_init2(&ctx->earlydata, CURL_SSL_EARLY_MAX, 1, BUFQ_OPT_NO_SPARES);
-  ctx->backend = calloc(1, ctx->ssl_impl->sizeof_ssl_backend_data);
+  ctx->backend = curlx_calloc(1, ctx->ssl_impl->sizeof_ssl_backend_data);
   if(!ctx->backend) {
-    free(ctx);
+    curlx_free(ctx);
     return NULL;
   }
   return ctx;
@@ -523,8 +519,8 @@ static void cf_ctx_free(struct ssl_connect_data *ctx)
   if(ctx) {
     Curl_safefree(ctx->negotiated.alpn);
     Curl_bufq_free(&ctx->earlydata);
-    free(ctx->backend);
-    free(ctx);
+    curlx_free(ctx->backend);
+    curlx_free(ctx);
   }
 }
 
@@ -617,7 +613,7 @@ void Curl_ssl_free_certinfo(struct Curl_easy *data)
       ci->certinfo[i] = NULL;
     }
 
-    free(ci->certinfo); /* free the actual array too */
+    curlx_free(ci->certinfo); /* free the actual array too */
     ci->certinfo = NULL;
     ci->num_of_certs = 0;
   }
@@ -632,7 +628,7 @@ CURLcode Curl_ssl_init_certinfo(struct Curl_easy *data, int num)
   Curl_ssl_free_certinfo(data);
 
   /* Allocate the required certificate information structures */
-  table = calloc((size_t) num, sizeof(struct curl_slist *));
+  table = curlx_calloc((size_t) num, sizeof(struct curl_slist *));
   if(!table)
     return CURLE_OUT_OF_MEMORY;
 
@@ -783,7 +779,7 @@ CURLcode Curl_pin_peer_pubkey(struct Curl_easy *data,
     }
 
     /* compute sha256sum of public key */
-    sha256sumdigest = malloc(CURL_SHA256_DIGEST_LENGTH);
+    sha256sumdigest = curlx_malloc(CURL_SHA256_DIGEST_LENGTH);
     if(!sha256sumdigest)
       return CURLE_OUT_OF_MEMORY;
     encode = Curl_ssl->sha256sum(pubkey, pubkeylen,
@@ -1118,7 +1114,7 @@ static int multissl_setup(const struct Curl_ssl *backend)
     for(i = 0; available_backends[i]; i++) {
       if(curl_strequal(env, available_backends[i]->info.name)) {
         Curl_ssl = available_backends[i];
-        free(env);
+        curlx_free(env);
         return 0;
       }
     }
@@ -1129,7 +1125,7 @@ static int multissl_setup(const struct Curl_ssl *backend)
     if(curl_strequal(CURL_DEFAULT_SSL_BACKEND,
                      available_backends[i]->info.name)) {
       Curl_ssl = available_backends[i];
-      free(env);
+      curlx_free(env);
       return 0;
     }
   }
@@ -1137,7 +1133,7 @@ static int multissl_setup(const struct Curl_ssl *backend)
 
   /* Fall back to first available backend */
   Curl_ssl = available_backends[0];
-  free(env);
+  curlx_free(env);
   return 0;
 }
 
@@ -1190,7 +1186,7 @@ void Curl_ssl_peer_cleanup(struct ssl_peer *peer)
 {
   Curl_safefree(peer->sni);
   if(peer->dispname != peer->hostname)
-    free(peer->dispname);
+    curlx_free(peer->dispname);
   peer->dispname = NULL;
   Curl_safefree(peer->hostname);
   Curl_safefree(peer->scache_key);
@@ -1266,13 +1262,13 @@ CURLcode Curl_ssl_peer_init(struct ssl_peer *peer,
     goto out;
   }
 
-  peer->hostname = strdup(ehostname);
+  peer->hostname = curlx_strdup(ehostname);
   if(!peer->hostname)
     goto out;
   if(!edispname || !strcmp(ehostname, edispname))
     peer->dispname = peer->hostname;
   else {
-    peer->dispname = strdup(edispname);
+    peer->dispname = curlx_strdup(edispname);
     if(!peer->dispname)
       goto out;
   }
@@ -1284,7 +1280,7 @@ CURLcode Curl_ssl_peer_init(struct ssl_peer *peer,
     if(len && (peer->hostname[len-1] == '.'))
       len--;
     if(len < USHRT_MAX) {
-      peer->sni = calloc(1, len + 1);
+      peer->sni = curlx_calloc(1, len + 1);
       if(!peer->sni)
         goto out;
       Curl_strntolower(peer->sni, peer->hostname, len);
diff --git a/lib/vtls/vtls_scache.c b/lib/vtls/vtls_scache.c
index 3524a25a44..21dfe2eaa0 100644
--- a/lib/vtls/vtls_scache.c
+++ b/lib/vtls/vtls_scache.c
@@ -47,10 +47,6 @@
 #include "../rand.h"
 #include "../curlx/warnless.h"
 
-/* The last #include files should be: */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 
 static bool cf_ssl_peer_key_is_global(const char *peer_key);
 
@@ -104,10 +100,10 @@ static void cf_ssl_scache_session_ldestroy(void *udata, void *obj)
 {
   struct Curl_ssl_session *s = obj;
   (void)udata;
-  free(CURL_UNCONST(s->sdata));
-  free(CURL_UNCONST(s->quic_tp));
-  free((void *)s->alpn);
-  free(s);
+  curlx_free(CURL_UNCONST(s->sdata));
+  curlx_free(CURL_UNCONST(s->quic_tp));
+  curlx_free((void *)s->alpn);
+  curlx_free(s);
 }
 
 CURLcode
@@ -131,15 +127,15 @@ Curl_ssl_session_create2(void *sdata, size_t sdata_len,
   struct Curl_ssl_session *s;
 
   if(!sdata || !sdata_len) {
-    free(sdata);
+    curlx_free(sdata);
     return CURLE_BAD_FUNCTION_ARGUMENT;
   }
 
   *psession = NULL;
-  s = calloc(1, sizeof(*s));
+  s = curlx_calloc(1, sizeof(*s));
   if(!s) {
-    free(sdata);
-    free(quic_tp);
+    curlx_free(sdata);
+    curlx_free(quic_tp);
     return CURLE_OUT_OF_MEMORY;
   }
 
@@ -151,7 +147,7 @@ Curl_ssl_session_create2(void *sdata, size_t sdata_len,
   s->quic_tp = quic_tp;
   s->quic_tp_len = quic_tp_len;
   if(alpn) {
-    s->alpn = strdup(alpn);
+    s->alpn = curlx_strdup(alpn);
     if(!s->alpn) {
       cf_ssl_scache_session_ldestroy(NULL, s);
       return CURLE_OUT_OF_MEMORY;
@@ -231,7 +227,7 @@ cf_ssl_scache_peer_init(struct Curl_ssl_scache_peer *peer,
 
   DEBUGASSERT(!peer->ssl_peer_key);
   if(ssl_peer_key) {
-    peer->ssl_peer_key = strdup(ssl_peer_key);
+    peer->ssl_peer_key = curlx_strdup(ssl_peer_key);
     if(!peer->ssl_peer_key)
       goto out;
     peer->hmac_set = FALSE;
@@ -246,17 +242,17 @@ cf_ssl_scache_peer_init(struct Curl_ssl_scache_peer *peer,
     goto out;
   }
   if(clientcert) {
-    peer->clientcert = strdup(clientcert);
+    peer->clientcert = curlx_strdup(clientcert);
     if(!peer->clientcert)
       goto out;
   }
   if(srp_username) {
-    peer->srp_username = strdup(srp_username);
+    peer->srp_username = curlx_strdup(srp_username);
     if(!peer->srp_username)
       goto out;
   }
   if(srp_password) {
-    peer->srp_password = strdup(srp_password);
+    peer->srp_password = curlx_strdup(srp_password);
     if(!peer->srp_password)
       goto out;
   }
@@ -315,13 +311,13 @@ CURLcode Curl_ssl_scache_create(size_t max_peers,
   size_t i;
 
   *pscache = NULL;
-  peers = calloc(max_peers, sizeof(*peers));
+  peers = curlx_calloc(max_peers, sizeof(*peers));
   if(!peers)
     return CURLE_OUT_OF_MEMORY;
 
-  scache = calloc(1, sizeof(*scache));
+  scache = curlx_calloc(1, sizeof(*scache));
   if(!scache) {
-    free(peers);
+    curlx_free(peers);
     return CURLE_OUT_OF_MEMORY;
   }
 
@@ -348,8 +344,8 @@ void Curl_ssl_scache_destroy(struct Curl_ssl_scache *scache)
     for(i = 0; i < scache->peer_count; ++i) {
       cf_ssl_scache_clear_peer(&scache->peers[i]);
     }
-    free(scache->peers);
-    free(scache);
+    curlx_free(scache->peers);
+    curlx_free(scache);
   }
 }
 
@@ -396,7 +392,8 @@ static CURLcode cf_ssl_peer_key_add_path(struct dynbuf *buf,
       char *abspath = realpath(path, NULL);
       if(abspath) {
         CURLcode r = curlx_dyn_addf(buf, ":%s-%s", name, abspath);
-        (free)(abspath); /* allocated by libc, free without memdebug */
+        /* !checksrc! disable BANNEDFUNC 1 */
+        free(abspath); /* allocated by libc, free without memdebug */
         return r;
       }
       *is_local = TRUE;
@@ -675,7 +672,7 @@ cf_ssl_find_peer_by_key(struct Curl_easy *data,
         /* remember peer_key for future lookups */
         CURL_TRC_SSLS(data, "peer entry %zu key recovered: %s",
                       i, ssl_peer_key);
-        scache->peers[i].ssl_peer_key = strdup(ssl_peer_key);
+        scache->peers[i].ssl_peer_key = curlx_strdup(ssl_peer_key);
         if(!scache->peers[i].ssl_peer_key) {
           result = CURLE_OUT_OF_MEMORY;
           goto out;
diff --git a/lib/vtls/vtls_spack.c b/lib/vtls/vtls_spack.c
index d86f31d727..070bb485a3 100644
--- a/lib/vtls/vtls_spack.c
+++ b/lib/vtls/vtls_spack.c
@@ -32,10 +32,6 @@
 #include "vtls_spack.h"
 #include "../strdup.h"
 
-/* The last #include files should be: */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 #ifndef UINT16_MAX
 #define UINT16_MAX    0xffff
 #endif
@@ -267,7 +263,7 @@ CURLcode Curl_ssl_session_unpack(struct Curl_easy *data,
     goto out;
   }
 
-  s = calloc(1, sizeof(*s));
+  s = curlx_calloc(1, sizeof(*s));
   if(!s) {
     r = CURLE_OUT_OF_MEMORY;
     goto out;
diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c
index 2ad033f988..eae17078fd 100644
--- a/lib/vtls/wolfssl.c
+++ b/lib/vtls/wolfssl.c
@@ -75,10 +75,6 @@
 #include 
 #include "wolfssl.h"
 
-/* The last #include files should be: */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 #ifdef HAVE_WOLFSSL_CTX_GENERATEECHCONFIG
 #define USE_ECH_WOLFSSL
 #endif
@@ -447,7 +443,7 @@ CURLcode Curl_wssl_cache_session(struct Curl_cfilter *cf,
     result = CURLE_FAILED_INIT;
     goto out;
   }
-  sdata = calloc(1, sdata_len);
+  sdata = curlx_calloc(1, sdata_len);
   if(!sdata) {
     failf(data, "unable to allocate session buffer of %u bytes", sdata_len);
     result = CURLE_OUT_OF_MEMORY;
@@ -462,7 +458,7 @@ CURLcode Curl_wssl_cache_session(struct Curl_cfilter *cf,
   if(quic_tp && quic_tp_len) {
     qtp_clone = Curl_memdup0((char *)quic_tp, quic_tp_len);
     if(!qtp_clone) {
-      free(sdata);
+      curlx_free(sdata);
       return CURLE_OUT_OF_MEMORY;
     }
   }
@@ -483,7 +479,7 @@ CURLcode Curl_wssl_cache_session(struct Curl_cfilter *cf,
   }
 
 out:
-  free(sdata);
+  curlx_free(sdata);
   return result;
 }
 
@@ -726,8 +722,8 @@ static void wssl_x509_share_free(void *key, size_t key_len, void *p)
   if(share->store) {
     wolfSSL_X509_STORE_free(share->store);
   }
-  free(share->CAfile);
-  free(share);
+  curlx_free(share->CAfile);
+  curlx_free(share);
 }
 
 static bool
@@ -792,14 +788,14 @@ static void wssl_set_cached_x509_store(struct Curl_cfilter *cf,
                          sizeof(MPROTO_WSSL_X509_KEY)-1);
 
   if(!share) {
-    share = calloc(1, sizeof(*share));
+    share = curlx_calloc(1, sizeof(*share));
     if(!share)
       return;
     if(!Curl_hash_add2(&multi->proto_hash,
                        CURL_UNCONST(MPROTO_WSSL_X509_KEY),
                        sizeof(MPROTO_WSSL_X509_KEY)-1,
                        share, wssl_x509_share_free)) {
-      free(share);
+      curlx_free(share);
       return;
     }
   }
@@ -808,7 +804,7 @@ static void wssl_set_cached_x509_store(struct Curl_cfilter *cf,
     char *CAfile = NULL;
 
     if(conn_config->CAfile) {
-      CAfile = strdup(conn_config->CAfile);
+      CAfile = curlx_strdup(conn_config->CAfile);
       if(!CAfile) {
         wolfSSL_X509_STORE_free(store);
         return;
@@ -817,7 +813,7 @@ static void wssl_set_cached_x509_store(struct Curl_cfilter *cf,
 
     if(share->store) {
       wolfSSL_X509_STORE_free(share->store);
-      free(share->CAfile);
+      curlx_free(share->CAfile);
     }
 
     share->time = curlx_now();
@@ -1821,7 +1817,7 @@ static CURLcode wssl_handshake(struct Curl_cfilter *cf,
                                      &b64str, &blen);
         if(!result && b64str)
           infof(data, "ECH: (not yet) retry_configs %s", b64str);
-        free(b64str);
+        curlx_free(b64str);
       }
       return CURLE_SSL_CONNECT_ERROR;
     }
diff --git a/lib/vtls/x509asn1.c b/lib/vtls/x509asn1.c
index 417a5382d8..fcc0d0e1da 100644
--- a/lib/vtls/x509asn1.c
+++ b/lib/vtls/x509asn1.c
@@ -49,10 +49,6 @@
 #include "x509asn1.h"
 #include "../curlx/dynbuf.h"
 
-/* The last 2 #include files should be in this order */
-#include "../curl_memory.h"
-#include "../memdebug.h"
-
 /*
  * Constants.
  */
@@ -1260,7 +1256,7 @@ CURLcode Curl_extract_certinfo(struct Curl_easy *data,
     if(!result)
       result = curlx_dyn_add(&out, "-----END CERTIFICATE-----\n");
   }
-  free(certptr);
+  curlx_free(certptr);
   if(!result)
     if(data->set.ssl.certinfo)
       result = ssl_push_certinfo_dyn(data, certnum, "Cert", &out);
diff --git a/lib/ws.c b/lib/ws.c
index 15dc2e9aea..93e13e1ac1 100644
--- a/lib/ws.c
+++ b/lib/ws.c
@@ -43,10 +43,6 @@
 #include "curlx/strparse.h"
 #include "curlx/warnless.h"
 
-/* The last 2 #include files should be in this order */
-#include "curl_memory.h"
-#include "memdebug.h"
-
 
 /***
     RFC 6455 Section 5.2
@@ -1281,11 +1277,11 @@ CURLcode Curl_ws_request(struct Curl_easy *data, struct dynbuf *req)
     return result;
   DEBUGASSERT(randlen < sizeof(keyval));
   if(randlen >= sizeof(keyval)) {
-    free(randstr);
+    curlx_free(randstr);
     return CURLE_FAILED_INIT;
   }
   strcpy(keyval, randstr);
-  free(randstr);
+  curlx_free(randstr);
   for(i = 0; !result && (i < CURL_ARRAYSIZE(heads)); i++) {
     if(!Curl_checkheaders(data, heads[i].name, strlen(heads[i].name))) {
       result = curlx_dyn_addf(req, "%s: %s\r\n", heads[i].name,
@@ -1305,7 +1301,7 @@ static void ws_conn_dtor(void *key, size_t klen, void *entry)
   (void)klen;
   Curl_bufq_free(&ws->recvbuf);
   Curl_bufq_free(&ws->sendbuf);
-  free(ws);
+  curlx_free(ws);
 }
 
 /*
@@ -1325,7 +1321,7 @@ CURLcode Curl_ws_accept(struct Curl_easy *data,
   ws = Curl_conn_meta_get(data->conn, CURL_META_PROTO_WS_CONN);
   if(!ws) {
     size_t chunk_size = WS_CHUNK_SIZE;
-    ws = calloc(1, sizeof(*ws));
+    ws = curlx_calloc(1, sizeof(*ws));
     if(!ws)
       return CURLE_OUT_OF_MEMORY;
 #ifdef DEBUGBUILD
diff --git a/packages/Makefile.am b/packages/Makefile.am
index 43e544a019..8b6d4dc4b2 100644
--- a/packages/Makefile.am
+++ b/packages/Makefile.am
@@ -24,6 +24,7 @@
 SUBDIRS = vms
 
 EXTRA_DIST = README.md \
+  OS400/.checksrc \
   OS400/README.OS400 \
   OS400/rpg-examples \
   OS400/ccsidcurl.c \
diff --git a/packages/OS400/.checksrc b/packages/OS400/.checksrc
new file mode 100644
index 0000000000..aae405506b
--- /dev/null
+++ b/packages/OS400/.checksrc
@@ -0,0 +1,9 @@
+# Copyright (C) Daniel Stenberg, , et al.
+#
+# SPDX-License-Identifier: curl
+
+# Possible not what we want, but cannot test, just silence the warnings
+allowfunc calloc
+allowfunc free
+allowfunc malloc
+allowfunc realloc
diff --git a/scripts/checksrc.pl b/scripts/checksrc.pl
index 49290ff137..87b72af963 100755
--- a/scripts/checksrc.pl
+++ b/scripts/checksrc.pl
@@ -69,10 +69,12 @@ my %banfunc = (
     "aprintf" => 1,
     "atoi" => 1,
     "atol" => 1,
+    "calloc" => 1,
     "fclose" => 1,
     "fdopen" => 1,
     "fopen" => 1,
     "fprintf" => 1,
+    "free" => 1,
     "freeaddrinfo" => 1,
     "freopen" => 1,
     "getaddrinfo" => 1,
@@ -85,11 +87,13 @@ my %banfunc = (
     "LoadLibraryExW" => 1,
     "LoadLibraryW" => 1,
     "localtime" => 1,
+    "malloc" => 1,
     "mbstowcs" => 1,
     "msnprintf" => 1,
     "mvsnprintf" => 1,
     "open" => 1,
     "printf" => 1,
+    "realloc" => 1,
     "recv" => 1,
     "send" => 1,
     "snprintf" => 1,
@@ -99,6 +103,7 @@ my %banfunc = (
     "sscanf" => 1,
     "stat" => 1,
     "strcat" => 1,
+    "strdup" => 1,
     "strerror" => 1,
     "strncat" => 1,
     "strncpy" => 1,
diff --git a/src/mkhelp.pl b/src/mkhelp.pl
index d1a040c0cc..b3a6c5abdc 100755
--- a/src/mkhelp.pl
+++ b/src/mkhelp.pl
@@ -78,7 +78,6 @@ if($c)
 
     print <
-#include  /* keep this as LAST include */
 static const unsigned char hugehelpgz[] = {
   /* This mumbo-jumbo is the huge help text compressed with gzip.
      Thanks to this operation, the size of this data shrank from $gzip
@@ -105,13 +104,13 @@ HEAD
 static voidpf zalloc_func(voidpf opaque, unsigned int items, unsigned int size)
 {
   (void)opaque;
-  /* not a typo, keep it calloc() */
-  return (voidpf) calloc(items, size);
+  /* not a typo, keep it curlx_calloc() */
+  return (voidpf)curlx_calloc(items, size);
 }
 static void zfree_func(voidpf opaque, voidpf ptr)
 {
   (void)opaque;
-  free(ptr);
+  curlx_free(ptr);
 }
 
 #define HEADERLEN 10
@@ -136,7 +135,7 @@ void hugehelp(void)
   if(inflateInit2(&z, -MAX_WBITS) != Z_OK)
     return;
 
-  buf = malloc(BUF_SIZE);
+  buf = curlx_malloc(BUF_SIZE);
   if(buf) {
     while(1) {
       z.avail_out = BUF_SIZE;
@@ -150,7 +149,7 @@ void hugehelp(void)
       else
         break;    /* error */
     }
-    free(buf);
+    curlx_free(buf);
   }
   inflateEnd(&z);
 }
@@ -176,7 +175,7 @@ void showhelp(const char *trigger, const char *arg, const char *endarg)
   if(inflateInit2(&z, -MAX_WBITS) != Z_OK)
     return;
 
-  buf = malloc(BUF_SIZE);
+  buf = curlx_malloc(BUF_SIZE);
   if(buf) {
     while(1) {
       z.avail_out = BUF_SIZE;
@@ -192,7 +191,7 @@ void showhelp(const char *trigger, const char *arg, const char *endarg)
       else
         break;    /* error */
     }
-    free(buf);
+    curlx_free(buf);
   }
   inflateEnd(&z);
 }
diff --git a/src/slist_wc.c b/src/slist_wc.c
index 7f1e8f19be..26a91362b8 100644
--- a/src/slist_wc.c
+++ b/src/slist_wc.c
@@ -28,9 +28,6 @@
 
 #include "slist_wc.h"
 
-/* The last #include files should be: */
-#include "memdebug.h"
-
 /*
  * slist_wc_append() appends a string to the linked list. This function can be
  * used as an initialization function as well as an append function.
@@ -44,7 +41,7 @@ struct slist_wc *slist_wc_append(struct slist_wc *list,
     return NULL;
 
   if(!list) {
-    list = malloc(sizeof(struct slist_wc));
+    list = curlx_malloc(sizeof(struct slist_wc));
 
     if(!list) {
       curl_slist_free_all(new_item);
@@ -68,7 +65,7 @@ void slist_wc_free_all(struct slist_wc *list)
     return;
 
   curl_slist_free_all(list->first);
-  free(list);
+  curlx_free(list);
 }
 
 #endif /* CURL_DISABLE_LIBCURL_OPTION */
diff --git a/src/terminal.c b/src/terminal.c
index 867ca6edcf..bb3e2ac611 100644
--- a/src/terminal.c
+++ b/src/terminal.c
@@ -28,7 +28,6 @@
 #endif
 
 #include "terminal.h"
-#include "memdebug.h" /* keep this as LAST include */
 
 #ifdef HAVE_TERMIOS_H
 #  include 
diff --git a/src/tool_bname.c b/src/tool_bname.c
index 4ba1a3b8ee..50d77abb96 100644
--- a/src/tool_bname.c
+++ b/src/tool_bname.c
@@ -25,8 +25,6 @@
 
 #include "tool_bname.h"
 
-#include "memdebug.h" /* keep this as LAST include */
-
 #ifndef HAVE_BASENAME
 
 char *tool_basename(char *path)
diff --git a/src/tool_cb_dbg.c b/src/tool_cb_dbg.c
index 043daef26d..b858b6688e 100644
--- a/src/tool_cb_dbg.c
+++ b/src/tool_cb_dbg.c
@@ -28,8 +28,6 @@
 #include "tool_cb_dbg.h"
 #include "tool_util.h"
 
-#include "memdebug.h" /* keep this as LAST include */
-
 static void dump(const char *timebuf, const char *idsbuf, const char *text,
                  FILE *stream, const unsigned char *ptr, size_t size,
                  trace tracetype, curl_infotype infotype);
diff --git a/src/tool_cb_hdr.c b/src/tool_cb_hdr.c
index d4431a74b9..7a5a475981 100644
--- a/src/tool_cb_hdr.c
+++ b/src/tool_cb_hdr.c
@@ -36,8 +36,6 @@
 #include "tool_libinfo.h"
 #include "tool_strdup.h"
 
-#include "memdebug.h" /* keep this as LAST include */
-
 static char *parse_filename(const char *ptr, size_t len);
 
 #ifdef _WIN32
@@ -212,14 +210,14 @@ size_t tool_header_cb(char *ptr, size_t size, size_t nmemb, void *userdata)
           if(filename) {
             if(outs->stream) {
               /* indication of problem, get out! */
-              free(filename);
+              curlx_free(filename);
               return CURL_WRITEFUNC_ERROR;
             }
 
             if(per->config->output_dir) {
               outs->filename = curl_maprintf("%s/%s", per->config->output_dir,
                                              filename);
-              free(filename);
+              curlx_free(filename);
               if(!outs->filename)
                 return CURL_WRITEFUNC_ERROR;
             }
@@ -252,7 +250,7 @@ size_t tool_header_cb(char *ptr, size_t size, size_t nmemb, void *userdata)
         if(clone) {
           struct curl_slist *old = hdrcbdata->headlist;
           hdrcbdata->headlist = curl_slist_append(old, clone);
-          free(clone);
+          curlx_free(clone);
           if(!hdrcbdata->headlist) {
             curl_slist_free_all(old);
             return CURL_WRITEFUNC_ERROR;
@@ -479,7 +477,7 @@ locdone:
     curl_free(finalurl);
     curl_free(scheme);
     curl_url_cleanup(u);
-    free(copyloc);
+    curlx_free(copyloc);
   }
 }
 #endif
diff --git a/src/tool_cb_prg.c b/src/tool_cb_prg.c
index 5f33c7c29c..6ae53b3ba2 100644
--- a/src/tool_cb_prg.c
+++ b/src/tool_cb_prg.c
@@ -29,8 +29,6 @@
 #include "tool_operate.h"
 #include "terminal.h"
 
-#include "memdebug.h" /* keep this as LAST include */
-
 #define MAX_BARLENGTH 400
 #define MIN_BARLENGTH 20
 
diff --git a/src/tool_cb_rea.c b/src/tool_cb_rea.c
index cc7ef5a550..0f2bf81771 100644
--- a/src/tool_cb_rea.c
+++ b/src/tool_cb_rea.c
@@ -38,8 +38,6 @@
 #include "tool_util.h"
 #include "tool_msgs.h"
 
-#include "memdebug.h" /* keep this as LAST include */
-
 #ifndef _WIN32
 /* Wait up to a number of milliseconds for socket activity. This function
    waits on read activity on a file descriptor that is not a socket which
diff --git a/src/tool_cb_see.c b/src/tool_cb_see.c
index fd1b4c563c..ea5c8e313b 100644
--- a/src/tool_cb_see.c
+++ b/src/tool_cb_see.c
@@ -27,8 +27,6 @@
 #include "tool_operate.h"
 #include "tool_cb_see.h"
 
-#include "memdebug.h" /* keep this as LAST include */
-
 /*
 ** callback for CURLOPT_SEEKFUNCTION
 **
diff --git a/src/tool_cb_wrt.c b/src/tool_cb_wrt.c
index 48f5fea3c9..5696df2a59 100644
--- a/src/tool_cb_wrt.c
+++ b/src/tool_cb_wrt.c
@@ -28,8 +28,6 @@
 #include "tool_cb_wrt.h"
 #include "tool_operate.h"
 
-#include "memdebug.h" /* keep this as LAST include */
-
 #ifdef _WIN32
 #define OPENMODE S_IREAD | S_IWRITE
 #else
@@ -211,8 +209,8 @@ static size_t win_console(intptr_t fhnd, struct OutStruct *outs,
 
     /* grow the buffer if needed */
     if(len > global->term.len) {
-      wchar_t *buf = (wchar_t *) realloc(global->term.buf,
-                                         len * sizeof(wchar_t));
+      wchar_t *buf = (wchar_t *)curlx_realloc(global->term.buf,
+                                              len * sizeof(wchar_t));
       if(!buf)
         return CURL_WRITEFUNC_ERROR;
       global->term.len = len;
diff --git a/src/tool_cfgable.c b/src/tool_cfgable.c
index 086e4ac216..ab4892b065 100644
--- a/src/tool_cfgable.c
+++ b/src/tool_cfgable.c
@@ -28,7 +28,6 @@
 #include "tool_paramhlp.h"
 #include "tool_main.h"
 #include "tool_msgs.h"
-#include "memdebug.h" /* keep this as LAST include */
 
 static struct GlobalConfig globalconf;
 struct GlobalConfig *global;
@@ -36,7 +35,7 @@ struct GlobalConfig *global;
 struct OperationConfig *config_alloc(void)
 {
   struct OperationConfig *config =
-    calloc(1, sizeof(struct OperationConfig));
+    curlx_calloc(1, sizeof(struct OperationConfig));
   if(!config)
     return NULL;
 
@@ -199,7 +198,7 @@ void config_free(struct OperationConfig *config)
     struct OperationConfig *prev = last->prev;
 
     free_config_fields(last);
-    free(last);
+    curlx_free(last);
 
     last = prev;
   }
@@ -236,12 +235,12 @@ CURLcode globalconf_init(void)
 
       if(result) {
         errorf("error retrieving curl library information");
-        free(global->first);
+        curlx_free(global->first);
       }
     }
     else {
       errorf("error initializing curl library");
-      free(global->first);
+      curlx_free(global->first);
     }
   }
   else {
@@ -263,7 +262,7 @@ static void free_globalconfig(void)
   tool_safefree(global->ssl_sessions);
   tool_safefree(global->libcurl);
 #ifdef _WIN32
-  free(global->term.buf);
+  curlx_free(global->term.buf);
 #endif
 }
 
diff --git a/src/tool_cfgable.h b/src/tool_cfgable.h
index dc78f2db44..0eac0185f2 100644
--- a/src/tool_cfgable.h
+++ b/src/tool_cfgable.h
@@ -42,7 +42,7 @@
 #define checkprefix(a,b)    curl_strnequal(b, STRCONST(a))
 
 #define tool_safefree(ptr)                      \
-  do { free((ptr)); (ptr) = NULL;} while(0)
+  do { curlx_free((ptr)); (ptr) = NULL;} while(0)
 
 extern struct GlobalConfig *global;
 
diff --git a/src/tool_dirhie.c b/src/tool_dirhie.c
index 17b2d01e9b..31962bd1c5 100644
--- a/src/tool_dirhie.c
+++ b/src/tool_dirhie.c
@@ -30,8 +30,6 @@
 #include "tool_dirhie.h"
 #include "tool_msgs.h"
 
-#include "memdebug.h" /* keep this as LAST include */
-
 #if defined(_WIN32) || (defined(MSDOS) && !defined(__DJGPP__))
 #  define mkdir(x,y) (mkdir)((x))
 #  ifndef F_OK
diff --git a/src/tool_doswin.c b/src/tool_doswin.c
index cd0ec3b9c1..ee236178c2 100644
--- a/src/tool_doswin.c
+++ b/src/tool_doswin.c
@@ -40,8 +40,6 @@
 #include "tool_doswin.h"
 #include "tool_msgs.h"
 
-#include "memdebug.h" /* keep this as LAST include */
-
 #ifdef _WIN32
 #  undef  PATH_MAX
 #  define PATH_MAX MAX_PATH
@@ -133,7 +131,7 @@ SANITIZEcode sanitize_file_name(char **const sanitized, const char *file_name,
   if(len > max_sanitized_len)
     return SANITIZE_ERR_INVALID_PATH;
 
-  target = strdup(file_name);
+  target = curlx_strdup(file_name);
   if(!target)
     return SANITIZE_ERR_OUT_OF_MEMORY;
 
@@ -183,28 +181,28 @@ SANITIZEcode sanitize_file_name(char **const sanitized, const char *file_name,
 
 #ifdef MSDOS
   sc = msdosify(&p, target, flags);
-  free(target);
+  curlx_free(target);
   if(sc)
     return sc;
   target = p;
   len = strlen(target);
 
   if(len > max_sanitized_len) {
-    free(target);
+    curlx_free(target);
     return SANITIZE_ERR_INVALID_PATH;
   }
 #endif
 
   if(!(flags & SANITIZE_ALLOW_RESERVED)) {
     sc = rename_if_reserved_dos(&p, target, flags);
-    free(target);
+    curlx_free(target);
     if(sc)
       return sc;
     target = p;
     len = strlen(target);
 
     if(len > max_sanitized_len) {
-      free(target);
+      curlx_free(target);
       return SANITIZE_ERR_INVALID_PATH;
     }
   }
@@ -415,7 +413,7 @@ static SANITIZEcode msdosify(char **const sanitized, const char *file_name,
       return SANITIZE_ERR_INVALID_PATH;
   }
 
-  *sanitized = strdup(dos_name);
+  *sanitized = curlx_strdup(dos_name);
   return *sanitized ? SANITIZE_ERR_OK : SANITIZE_ERR_OUT_OF_MEMORY;
 }
 #endif /* MSDOS */
@@ -457,7 +455,7 @@ static SANITIZEcode rename_if_reserved_dos(char **const sanitized,
 #ifndef MSDOS
   if((flags & SANITIZE_ALLOW_PATH) &&
      file_name[0] == '\\' && file_name[1] == '\\') {
-    *sanitized = strdup(file_name);
+    *sanitized = curlx_strdup(file_name);
     if(!*sanitized)
       return SANITIZE_ERR_OUT_OF_MEMORY;
     return SANITIZE_ERR_OK;
@@ -544,7 +542,7 @@ static SANITIZEcode rename_if_reserved_dos(char **const sanitized,
   }
 #endif
 
-  *sanitized = strdup(fname);
+  *sanitized = curlx_strdup(fname);
   return *sanitized ? SANITIZE_ERR_OK : SANITIZE_ERR_OUT_OF_MEMORY;
 }
 
@@ -597,7 +595,7 @@ CURLcode FindWin32CACert(struct OperationConfig *config,
     char *mstr = curlx_convert_tchar_to_UTF8(buf);
     tool_safefree(config->cacert);
     if(mstr)
-      config->cacert = strdup(mstr);
+      config->cacert = curlx_strdup(mstr);
     curlx_unicodefree(mstr);
     if(!config->cacert)
       result = CURLE_OUT_OF_MEMORY;
@@ -801,7 +799,7 @@ ThreadCleanup:
   if(socket_w != CURL_SOCKET_BAD)
     sclose(socket_w);
 
-  free(tdata);
+  curlx_free(tdata);
   return 0;
 }
 
@@ -824,9 +822,10 @@ curl_socket_t win32_stdin_read_thread(void)
 
   do {
     /* Prepare handles for thread */
-    tdata = (struct win_thread_data*)calloc(1, sizeof(struct win_thread_data));
+    tdata = (struct win_thread_data*)
+      curlx_calloc(1, sizeof(struct win_thread_data));
     if(!tdata) {
-      errorf("calloc() error");
+      errorf("curlx_calloc() error");
       break;
     }
     /* Create the listening socket for the thread. When it starts, it will
@@ -937,7 +936,7 @@ curl_socket_t win32_stdin_read_thread(void)
       if(tdata->socket_l != CURL_SOCKET_BAD)
         sclose(tdata->socket_l);
 
-      free(tdata);
+      curlx_free(tdata);
     }
 
     return CURL_SOCKET_BAD;
diff --git a/src/tool_easysrc.c b/src/tool_easysrc.c
index 65d01d5f85..4747f6dfe6 100644
--- a/src/tool_easysrc.c
+++ b/src/tool_easysrc.c
@@ -31,8 +31,6 @@
 #include "tool_easysrc.h"
 #include "tool_msgs.h"
 
-#include "memdebug.h" /* keep this as LAST include */
-
 /* global variable definitions, for easy-interface source code generation */
 
 struct slist_wc *easysrc_decl; /* Variable declarations */
diff --git a/src/tool_findfile.c b/src/tool_findfile.c
index 6e9fbdfd60..4dbd7bccb4 100644
--- a/src/tool_findfile.c
+++ b/src/tool_findfile.c
@@ -36,8 +36,6 @@
 #include "tool_findfile.h"
 #include "tool_cfgable.h"
 
-#include "memdebug.h" /* keep this as LAST include */
-
 struct finder {
   const char *env;
   const char *append;
@@ -75,7 +73,7 @@ static char *checkhome(const char *home, const char *fname, bool dotscore)
     if(c) {
       int fd = curlx_open(c, O_RDONLY);
       if(fd >= 0) {
-        char *path = strdup(c);
+        char *path = curlx_strdup(c);
         close(fd);
         curl_free(c);
         return path;
diff --git a/src/tool_formparse.c b/src/tool_formparse.c
index c1e9abe9d0..181abf7b86 100644
--- a/src/tool_formparse.c
+++ b/src/tool_formparse.c
@@ -30,13 +30,11 @@
 #include "tool_formparse.h"
 #include "tool_parsecfg.h"
 
-#include "memdebug.h" /* keep this as LAST include */
-
 /* tool_mime functions. */
 static struct tool_mime *tool_mime_new(struct tool_mime *parent,
                                        toolmimekind kind)
 {
-  struct tool_mime *m = (struct tool_mime *) calloc(1, sizeof(*m));
+  struct tool_mime *m = (struct tool_mime *)curlx_calloc(1, sizeof(*m));
 
   if(m) {
     m->kind = kind;
@@ -60,11 +58,11 @@ static struct tool_mime *tool_mime_new_data(struct tool_mime *parent,
   char *mime_data_copy;
   struct tool_mime *m = NULL;
 
-  mime_data_copy = strdup(mime_data);
+  mime_data_copy = curlx_strdup(mime_data);
   if(mime_data_copy) {
     m = tool_mime_new(parent, TOOLMIME_DATA);
     if(!m)
-      free(mime_data_copy);
+      curlx_free(mime_data_copy);
     else
       m->data = mime_data_copy;
   }
@@ -107,11 +105,11 @@ static struct tool_mime *tool_mime_new_filedata(struct tool_mime *parent,
   *errcode = CURLE_OUT_OF_MEMORY;
   if(strcmp(filename, "-")) {
     /* This is a normal file. */
-    char *filedup = strdup(filename);
+    char *filedup = curlx_strdup(filename);
     if(filedup) {
       m = tool_mime_new(parent, TOOLMIME_FILE);
       if(!m)
-        free(filedup);
+        curlx_free(filedup);
       else {
         m->data = filedup;
         if(!isremotefile)
@@ -152,7 +150,7 @@ static struct tool_mime *tool_mime_new_filedata(struct tool_mime *parent,
       default:
         if(!stdinsize) {
           /* Zero-length data has been freed. Re-create it. */
-          data = strdup("");
+          data = curlx_strdup("");
           if(!data)
             return m;
         }
@@ -190,7 +188,7 @@ void tool_mime_free(struct tool_mime *mime)
     tool_safefree(mime->encoder);
     tool_safefree(mime->data);
     curl_slist_free_all(mime->headers);
-    free(mime);
+    curlx_free(mime);
   }
 }
 
@@ -711,7 +709,7 @@ static int get_param_part(char endchar,
 #define SET_TOOL_MIME_PTR(m, field)                                     \
   do {                                                                  \
     if(field) {                                                         \
-      (m)->field = strdup(field);                                       \
+      (m)->field = curlx_strdup(field);                                 \
       if(!(m)->field)                                                   \
         goto fail;                                                      \
     }                                                                   \
@@ -745,7 +743,7 @@ int formparse(const char *input,
   }
 
   /* Make a copy we can overwrite. */
-  contents = strdup(input);
+  contents = curlx_strdup(input);
   if(!contents)
     goto fail;
 
diff --git a/src/tool_getparam.c b/src/tool_getparam.c
index 76113e45bd..7afb0c5fc0 100644
--- a/src/tool_getparam.c
+++ b/src/tool_getparam.c
@@ -38,22 +38,20 @@
 #include "tool_help.h"
 #include "var.h"
 
-#include "memdebug.h" /* keep this as LAST include */
-
 #define ALLOW_BLANK TRUE
 #define DENY_BLANK FALSE
 
 static ParameterError getstr(char **str, const char *val, bool allowblank)
 {
   if(*str) {
-    free(*str);
+    curlx_free(*str);
     *str = NULL;
   }
   DEBUGASSERT(val);
   if(!allowblank && !val[0])
     return PARAM_BLANK_STRING;
 
-  *str = strdup(val);
+  *str = curlx_strdup(val);
   if(!*str)
     return PARAM_NO_MEM;
 
@@ -64,14 +62,14 @@ static ParameterError getstrn(char **str, const char *val,
                               size_t len, bool allowblank)
 {
   if(*str) {
-    free(*str);
+    curlx_free(*str);
     *str = NULL;
   }
   DEBUGASSERT(val);
   if(!allowblank && !val[0])
     return PARAM_BLANK_STRING;
 
-  *str = malloc(len + 1);
+  *str = curlx_malloc(len + 1);
   if(!*str)
     return PARAM_NO_MEM;
 
@@ -407,13 +405,13 @@ ParameterError parse_cert_parameter(const char *cert_parameter,
    * means no passphrase was given and no characters escaped */
   if(curl_strnequal(cert_parameter, "pkcs11:", 7) ||
      !strpbrk(cert_parameter, ":\\")) {
-    *certname = strdup(cert_parameter);
+    *certname = curlx_strdup(cert_parameter);
     if(!*certname)
       return PARAM_NO_MEM;
     return PARAM_OK;
   }
   /* deal with escaped chars; find unescaped colon if it exists */
-  certname_place = malloc(param_length + 1);
+  certname_place = curlx_malloc(param_length + 1);
   if(!certname_place) {
     err = PARAM_NO_MEM;
     goto done;
@@ -475,7 +473,7 @@ ParameterError parse_cert_parameter(const char *cert_parameter,
        * above; if we are still here, this is a separating colon */
       param_place++;
       if(*param_place) {
-        *passphrase = strdup(param_place);
+        *passphrase = curlx_strdup(param_place);
         if(!*passphrase)
           err = PARAM_NO_MEM;
       }
@@ -527,10 +525,10 @@ GetFileAndPassword(const char *nextarg, char **file, char **password)
   /* nextarg is never NULL here */
   err = parse_cert_parameter(nextarg, &certname, &passphrase);
   if(!err) {
-    free(*file);
+    curlx_free(*file);
     *file = certname;
     if(passphrase) {
-      free(*password);
+      curlx_free(*password);
       *password = passphrase;
     }
   }
@@ -668,7 +666,7 @@ static ParameterError data_urlencode(const char *nextarg,
   if(!postdata) {
     /* no data from the file, point to a zero byte string to make this
        get sent as a POST anyway */
-    postdata = strdup("");
+    postdata = curlx_strdup("");
     if(!postdata)
       return PARAM_NO_MEM;
     size = 0;
@@ -870,7 +868,7 @@ static ParameterError url_query(const char *nextarg,
 
   if(*nextarg == '+') {
     /* use without encoding */
-    query = strdup(&nextarg[1]);
+    query = curlx_strdup(&nextarg[1]);
     if(!query)
       err = PARAM_NO_MEM;
   }
@@ -880,11 +878,11 @@ static ParameterError url_query(const char *nextarg,
   if(!err) {
     if(config->query) {
       CURLcode result = curlx_dyn_addf(&dyn, "%s&%s", config->query, query);
-      free(query);
+      curlx_free(query);
       if(result)
         err = PARAM_NO_MEM;
       else {
-        free(config->query);
+        curlx_free(config->query);
         config->query = curlx_dyn_ptr(&dyn);
       }
     }
@@ -944,7 +942,7 @@ static ParameterError set_data(cmdline_t cmd,
     if(!postdata) {
       /* no data from the file, point to a zero byte string to make this
          get sent as a POST anyway */
-      postdata = strdup("");
+      postdata = curlx_strdup("");
       if(!postdata)
         return PARAM_NO_MEM;
     }
@@ -1240,7 +1238,7 @@ static ParameterError parse_ech(struct OperationConfig *config,
       if(err)
         return err;
       config->ech_config = curl_maprintf("ecl:%s",tmpcfg);
-      free(tmpcfg);
+      curlx_free(tmpcfg);
       if(!config->ech_config)
         return PARAM_NO_MEM;
     } /* file done */
@@ -1424,8 +1422,8 @@ static ParameterError parse_range(struct OperationConfig *config,
           "Appending one for you");
     curl_msnprintf(buffer, sizeof(buffer), "%" CURL_FORMAT_CURL_OFF_T "-",
                    value);
-    free(config->range);
-    config->range = strdup(buffer);
+    curlx_free(config->range);
+    config->range = curlx_strdup(buffer);
     if(!config->range)
       err = PARAM_NO_MEM;
   }
@@ -1509,8 +1507,8 @@ static ParameterError parse_verbose(bool toggle)
   switch(global->verbosity) {
   case 0:
     global->verbosity = 1;
-    free(global->trace_dump);
-    global->trace_dump = strdup("%");
+    curlx_free(global->trace_dump);
+    global->trace_dump = curlx_strdup("%");
     if(!global->trace_dump)
       err = PARAM_NO_MEM;
     else {
@@ -3021,7 +3019,7 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */
 
 error:
   if(nextalloc)
-    free(CURL_UNCONST(nextarg));
+    curlx_free(CURL_UNCONST(nextarg));
   return err;
 }
 
diff --git a/src/tool_getpass.c b/src/tool_getpass.c
index 014c22813a..b0316510bc 100644
--- a/src/tool_getpass.c
+++ b/src/tool_getpass.c
@@ -51,8 +51,6 @@
 #endif
 #include "tool_getpass.h"
 
-#include "memdebug.h" /* keep this as LAST include */
-
 #ifdef __VMS
 /* VMS implementation */
 char *getpass_r(const char *prompt, char *buffer, size_t buflen)
diff --git a/src/tool_help.c b/src/tool_help.c
index 4509fa2b94..bbe8dc68a4 100644
--- a/src/tool_help.c
+++ b/src/tool_help.c
@@ -33,8 +33,6 @@
 #include "tool_cfgable.h"
 #include "terminal.h"
 
-#include "memdebug.h" /* keep this as LAST include */
-
 struct category_descriptors {
   const char *opt;
   const char *desc;
@@ -364,7 +362,7 @@ void tool_version_info(void)
 #ifdef CURL_CA_EMBED
     ++feat_ext_count;
 #endif
-    feat_ext = malloc(sizeof(*feature_names) * (feat_ext_count + 1));
+    feat_ext = curlx_malloc(sizeof(*feature_names) * (feat_ext_count + 1));
     if(feat_ext) {
       memcpy((void *)feat_ext, feature_names,
              sizeof(*feature_names) * feature_count);
@@ -379,7 +377,7 @@ void tool_version_info(void)
       for(builtin = feat_ext; *builtin; ++builtin)
         curl_mprintf(" %s", *builtin);
       puts(""); /* newline */
-      free((void *)feat_ext);
+      curlx_free((void *)feat_ext);
     }
   }
   if(strcmp(CURL_VERSION, curlinfo->version)) {
diff --git a/src/tool_helpers.c b/src/tool_helpers.c
index b36bd4af1d..2e308a248f 100644
--- a/src/tool_helpers.c
+++ b/src/tool_helpers.c
@@ -27,7 +27,6 @@
 #include "tool_msgs.h"
 #include "tool_getparam.h"
 #include "tool_helpers.h"
-#include "memdebug.h" /* keep this as LAST include */
 
 /*
 ** Helper functions that are used from more than one source file.
diff --git a/src/tool_ipfs.c b/src/tool_ipfs.c
index 0214a2004f..c1d27fc99b 100644
--- a/src/tool_ipfs.c
+++ b/src/tool_ipfs.c
@@ -28,7 +28,6 @@
 #include "tool_cfgable.h"
 #include "tool_msgs.h"
 #include "tool_ipfs.h"
-#include "memdebug.h" /* keep this as LAST include */
 
 /* input string ends in slash? */
 static bool has_trailing_slash(const char *input)
@@ -45,7 +44,7 @@ static char *ipfs_gateway(void)
   char *gateway_env = getenv("IPFS_GATEWAY");
 
   if(gateway_env)
-    return strdup(gateway_env);
+    return curlx_strdup(gateway_env);
 
   /* Try to find the gateway in the IPFS data folder. */
   ipfs_path_c = curl_getenv("IPFS_PATH");
@@ -133,7 +132,7 @@ CURLcode ipfs_url_rewrite(CURLU *uh, const char *protocol, char **url,
   if(config->ipfs_gateway) {
     if(!curl_url_set(gatewayurl, CURLUPART_URL, config->ipfs_gateway,
                      CURLU_GUESS_SCHEME)) {
-      gateway = strdup(config->ipfs_gateway);
+      gateway = curlx_strdup(config->ipfs_gateway);
       if(!gateway) {
         result = CURLE_URL_MALFORMAT;
         goto clean;
@@ -200,8 +199,8 @@ CURLcode ipfs_url_rewrite(CURLU *uh, const char *protocol, char **url,
   if(curl_url_get(uh, CURLUPART_URL, &cloneurl, CURLU_URLENCODE)) {
     goto clean;
   }
-  /* we need to strdup the URL so that we can call free() on it later */
-  *url = strdup(cloneurl);
+  /* we need to strdup the URL so that we can call curlx_free() on it later */
+  *url = curlx_strdup(cloneurl);
   curl_free(cloneurl);
   if(!*url)
     goto clean;
@@ -209,7 +208,7 @@ CURLcode ipfs_url_rewrite(CURLU *uh, const char *protocol, char **url,
   result = CURLE_OK;
 
 clean:
-  free(gateway);
+  curlx_free(gateway);
   curl_free(gwhost);
   curl_free(gwpath);
   curl_free(gwquery);
diff --git a/src/tool_libinfo.c b/src/tool_libinfo.c
index d755532652..1687005481 100644
--- a/src/tool_libinfo.c
+++ b/src/tool_libinfo.c
@@ -24,7 +24,6 @@
 #include "tool_setup.h"
 
 #include "tool_libinfo.h"
-#include "memdebug.h" /* keep this as LAST include */
 
 /* global variable definitions, for libcurl runtime info */
 
diff --git a/src/tool_libinfo.h b/src/tool_libinfo.h
index 5e6e1de24c..ddc41a1338 100644
--- a/src/tool_libinfo.h
+++ b/src/tool_libinfo.h
@@ -27,7 +27,6 @@
 
 /* global variable declarations, for libcurl runtime info */
 
-
 extern curl_version_info_data *curlinfo;
 
 extern const char * const *built_in_protos;
diff --git a/src/tool_main.c b/src/tool_main.c
index 8047e663c8..eb15ae740d 100644
--- a/src/tool_main.c
+++ b/src/tool_main.c
@@ -42,13 +42,6 @@
 #include "tool_libinfo.h"
 #include "tool_stderr.h"
 
-/*
- * This is low-level hard-hacking memory leak tracking and similar. Using
- * the library level code from this client-side is ugly, but we do this
- * anyway for convenience.
- */
-#include "memdebug.h" /* keep this as LAST include */
-
 #ifdef __VMS
 /*
  * vms_show is a global variable, used in main() as parameter for
@@ -121,7 +114,7 @@ static void memory_tracking_init(void)
     curl_free(env);
     curl_dbg_memdebug(fname);
     /* this weird stuff here is to make curl_free() get called before
-       curl_dbg_memdebug() as otherwise memory tracking will log a free()
+       curl_dbg_memdebug() as otherwise memory tracking will log a curlx_free()
        without an alloc! */
   }
   /* if CURL_MEMLIMIT is set, this enables fail-on-alloc-number-N feature */
diff --git a/src/tool_msgs.c b/src/tool_msgs.c
index ae0b6b9835..b385f75cf8 100644
--- a/src/tool_msgs.c
+++ b/src/tool_msgs.c
@@ -28,8 +28,6 @@
 #include "tool_cb_prg.h"
 #include "terminal.h"
 
-#include "memdebug.h" /* keep this as LAST include */
-
 #define WARN_PREFIX "Warning: "
 #define NOTE_PREFIX "Note: "
 #define ERROR_PREFIX "curl: "
diff --git a/src/tool_operate.c b/src/tool_operate.c
index eb591935db..968dc864f9 100644
--- a/src/tool_operate.c
+++ b/src/tool_operate.c
@@ -90,8 +90,6 @@
 CURL_EXTERN CURLcode curl_easy_perform_ev(CURL *easy);
 #endif
 
-#include "memdebug.h" /* keep this as LAST include */
-
 #ifdef CURL_CA_EMBED
 #ifndef CURL_DECLARED_CURL_CA_EMBED
 #define CURL_DECLARED_CURL_CA_EMBED
@@ -204,7 +202,7 @@ static struct per_transfer *transfersl; /* last node */
 static CURLcode add_per_transfer(struct per_transfer **per)
 {
   struct per_transfer *p;
-  p = calloc(1, sizeof(struct per_transfer));
+  p = curlx_calloc(1, sizeof(struct per_transfer));
   if(!p)
     return CURLE_OUT_OF_MEMORY;
   if(!transfers)
@@ -246,7 +244,7 @@ static struct per_transfer *del_per_transfer(struct per_transfer *per)
   else
     transfersl = p;
 
-  free(per);
+  curlx_free(per);
 
   return n;
 }
@@ -770,10 +768,10 @@ skip:
 
   curl_easy_cleanup(per->curl);
   if(outs->alloc_filename)
-    free(outs->filename);
-  free(per->url);
-  free(per->outfile);
-  free(per->uploadfile);
+    curlx_free(outs->filename);
+  curlx_free(per->url);
+  curlx_free(per->outfile);
+  curlx_free(per->uploadfile);
   curl_slist_free_all(per->hdrcbdata.headlist);
   per->hdrcbdata.headlist = NULL;
   return result;
@@ -785,7 +783,7 @@ static CURLcode set_cert_types(struct OperationConfig *config)
     /* Check if config->cert is a PKCS#11 URI and set the config->cert_type if
      * necessary */
     if(config->cert && !config->cert_type && is_pkcs11_uri(config->cert)) {
-      config->cert_type = strdup("ENG");
+      config->cert_type = curlx_strdup("ENG");
       if(!config->cert_type)
         return CURLE_OUT_OF_MEMORY;
     }
@@ -793,7 +791,7 @@ static CURLcode set_cert_types(struct OperationConfig *config)
     /* Check if config->key is a PKCS#11 URI and set the config->key_type if
      * necessary */
     if(config->key && !config->key_type && is_pkcs11_uri(config->key)) {
-      config->key_type = strdup("ENG");
+      config->key_type = curlx_strdup("ENG");
       if(!config->key_type)
         return CURLE_OUT_OF_MEMORY;
     }
@@ -802,7 +800,7 @@ static CURLcode set_cert_types(struct OperationConfig *config)
      * config->proxy_type if necessary */
     if(config->proxy_cert && !config->proxy_cert_type &&
        is_pkcs11_uri(config->proxy_cert)) {
-      config->proxy_cert_type = strdup("ENG");
+      config->proxy_cert_type = curlx_strdup("ENG");
       if(!config->proxy_cert_type)
         return CURLE_OUT_OF_MEMORY;
     }
@@ -811,7 +809,7 @@ static CURLcode set_cert_types(struct OperationConfig *config)
      * config->proxy_key_type if necessary */
     if(config->proxy_key && !config->proxy_key_type &&
        is_pkcs11_uri(config->proxy_key)) {
-      config->proxy_key_type = strdup("ENG");
+      config->proxy_key_type = curlx_strdup("ENG");
       if(!config->proxy_key_type)
         return CURLE_OUT_OF_MEMORY;
     }
@@ -844,7 +842,7 @@ static CURLcode append2query(struct OperationConfig *config,
       if(uerr)
         result = urlerr_cvt(uerr);
       else {
-        free(per->url); /* free previous URL */
+        curlx_free(per->url); /* free previous URL */
         per->url = updated; /* use our new URL instead! */
       }
     }
@@ -1022,7 +1020,7 @@ static CURLcode setup_outfile(struct OperationConfig *config,
     char *d = curl_maprintf("%s/%s", config->output_dir, per->outfile);
     if(!d)
       return CURLE_WRITE_ERROR;
-    free(per->outfile);
+    curlx_free(per->outfile);
     per->outfile = d;
   }
   /* Create the directory hierarchy, if not pre-existent to a multiple
@@ -1264,7 +1262,7 @@ static CURLcode single_transfer(struct OperationConfig *config,
     }
     per->etag_save = etag_first; /* copy the whole struct */
     if(state->uploadfile) {
-      per->uploadfile = strdup(state->uploadfile);
+      per->uploadfile = curlx_strdup(state->uploadfile);
       if(!per->uploadfile ||
          SetHTTPrequest(TOOL_HTTPREQ_PUT, &config->httpreq)) {
         tool_safefree(per->uploadfile);
@@ -1300,7 +1298,7 @@ static CURLcode single_transfer(struct OperationConfig *config,
     if(glob_inuse(&state->urlglob))
       result = glob_next_url(&per->url, &state->urlglob);
     else if(!state->urlidx) {
-      per->url = strdup(u->url);
+      per->url = curlx_strdup(u->url);
       if(!per->url)
         result = CURLE_OUT_OF_MEMORY;
     }
@@ -1312,7 +1310,7 @@ static CURLcode single_transfer(struct OperationConfig *config,
       return result;
 
     if(u->outfile) {
-      per->outfile = strdup(u->outfile);
+      per->outfile = curlx_strdup(u->outfile);
       if(!per->outfile)
         return CURLE_OUT_OF_MEMORY;
     }
@@ -1586,7 +1584,7 @@ static struct contextuv *create_context(curl_socket_t sockfd,
 {
   struct contextuv *c;
 
-  c = (struct contextuv *) malloc(sizeof(*c));
+  c = (struct contextuv *)curlx_malloc(sizeof(*c));
 
   c->sockfd = sockfd;
   c->uv = uv;
@@ -1600,7 +1598,7 @@ static struct contextuv *create_context(curl_socket_t sockfd,
 static void close_cb(uv_handle_t *handle)
 {
   struct contextuv *c = (struct contextuv *) handle->data;
-  free(c);
+  curlx_free(c);
 }
 
 static void destroy_context(struct contextuv *c)
@@ -2053,7 +2051,7 @@ static CURLcode cacertpaths(struct OperationConfig *config)
 
   env = curl_getenv("CURL_CA_BUNDLE");
   if(env) {
-    config->cacert = strdup(env);
+    config->cacert = curlx_strdup(env);
     curl_free(env);
     if(!config->cacert) {
       result = CURLE_OUT_OF_MEMORY;
@@ -2063,7 +2061,7 @@ static CURLcode cacertpaths(struct OperationConfig *config)
   else {
     env = curl_getenv("SSL_CERT_DIR");
     if(env) {
-      config->capath = strdup(env);
+      config->capath = curlx_strdup(env);
       curl_free(env);
       if(!config->capath) {
         result = CURLE_OUT_OF_MEMORY;
@@ -2072,7 +2070,7 @@ static CURLcode cacertpaths(struct OperationConfig *config)
     }
     env = curl_getenv("SSL_CERT_FILE");
     if(env) {
-      config->cacert = strdup(env);
+      config->cacert = curlx_strdup(env);
       curl_free(env);
       if(!config->cacert) {
         result = CURLE_OUT_OF_MEMORY;
@@ -2088,7 +2086,7 @@ static CURLcode cacertpaths(struct OperationConfig *config)
     FILE *cafile = tool_execpath("curl-ca-bundle.crt", &cacert);
     if(cafile) {
       curlx_fclose(cafile);
-      config->cacert = strdup(cacert);
+      config->cacert = curlx_strdup(cacert);
       if(!config->cacert) {
         result = CURLE_OUT_OF_MEMORY;
         goto fail;
@@ -2260,7 +2258,7 @@ CURLcode operate(int argc, argv_item_t argv[])
     if(found_curlrc) {
       /* After parse_args so notef knows the verbosity */
       notef("Read config file from '%s'", curlrc_path);
-      free(curlrc_path);
+      curlx_free(curlrc_path);
     }
     if(res) {
       result = CURLE_OK;
diff --git a/src/tool_operhlp.c b/src/tool_operhlp.c
index 0d6c2cb6e0..a8b5e94975 100644
--- a/src/tool_operhlp.c
+++ b/src/tool_operhlp.c
@@ -28,7 +28,6 @@
 #include "tool_doswin.h"
 #include "tool_operhlp.h"
 #include "tool_msgs.h"
-#include "memdebug.h" /* keep this as LAST include */
 
 void clean_getout(struct OperationConfig *config)
 {
@@ -144,7 +143,7 @@ CURLcode add_file_name_to_url(CURL *curl, char **inurlp, const char *filename)
         if(!newpath)
           goto fail;
         uerr = curl_url_set(uh, CURLUPART_PATH, newpath, 0);
-        free(newpath);
+        curlx_free(newpath);
         if(uerr) {
           result = urlerr_cvt(uerr);
           goto fail;
@@ -154,7 +153,7 @@ CURLcode add_file_name_to_url(CURL *curl, char **inurlp, const char *filename)
           result = urlerr_cvt(uerr);
           goto fail;
         }
-        free(*inurlp);
+        curlx_free(*inurlp);
         *inurlp = newurl;
         result = CURLE_OK;
       }
@@ -206,11 +205,11 @@ CURLcode get_url_file_name(char **filename, const char *url)
 
       if(pc) {
         /* duplicate the string beyond the slash */
-        *filename = strdup(pc + 1);
+        *filename = curlx_strdup(pc + 1);
       }
       else {
         /* no slash => empty string, use default */
-        *filename = strdup("curl_response");
+        *filename = curlx_strdup("curl_response");
         warnf("No remote filename, uses \"%s\"", *filename);
       }
 
diff --git a/src/tool_paramhlp.c b/src/tool_paramhlp.c
index 15293c0cc6..b16fc42906 100644
--- a/src/tool_paramhlp.c
+++ b/src/tool_paramhlp.c
@@ -32,11 +32,9 @@
 #include "tool_util.h"
 #include "tool_version.h"
 
-#include "memdebug.h" /* keep this as LAST include */
-
 struct getout *new_getout(struct OperationConfig *config)
 {
-  struct getout *node = calloc(1, sizeof(struct getout));
+  struct getout *node = curlx_calloc(1, sizeof(struct getout));
   struct getout *last = config->url_last;
   if(node) {
     static int outnum = 0;
@@ -401,7 +399,7 @@ ParameterError proto2num(const char * const *val, char **ostr, const char *str)
 
   curlx_dyn_init(&obuf, MAX_PROTOSTRING);
 
-  protoset = malloc((proto_count + 1) * sizeof(*protoset));
+  protoset = curlx_malloc((proto_count + 1) * sizeof(*protoset));
   if(!protoset)
     return PARAM_NO_MEM;
 
@@ -499,14 +497,14 @@ ParameterError proto2num(const char * const *val, char **ostr, const char *str)
   for(proto = 0; protoset[proto] && !result; proto++)
     result = curlx_dyn_addf(&obuf, "%s%s", curlx_dyn_len(&obuf) ? "," : "",
                             protoset[proto]);
-  free((char *) protoset);
+  curlx_free((char *)protoset);
   if(result)
     return PARAM_NO_MEM;
   if(!curlx_dyn_len(&obuf)) {
     curlx_dyn_free(&obuf);
     return PARAM_BAD_USE;
   }
-  free(*ostr);
+  curlx_free(*ostr);
   *ostr = curlx_dyn_ptr(&obuf);
   return PARAM_OK;
 }
@@ -592,7 +590,7 @@ static CURLcode checkpasswd(const char *kind, /* for what purpose */
       return CURLE_OUT_OF_MEMORY;
 
     /* return the new string */
-    free(*userpwd);
+    curlx_free(*userpwd);
     *userpwd = curlx_dyn_ptr(&dyn);
   }
 
diff --git a/src/tool_parsecfg.c b/src/tool_parsecfg.c
index e7a00cf708..f901e69e78 100644
--- a/src/tool_parsecfg.c
+++ b/src/tool_parsecfg.c
@@ -30,7 +30,6 @@
 #include "tool_msgs.h"
 #include "tool_parsecfg.h"
 #include "tool_util.h"
-#include "memdebug.h" /* keep this as LAST include */
 
 /* only acknowledge colon or equals as separators if the option was not
    specified with an initial dash! */
@@ -96,7 +95,7 @@ ParameterError parseconfig(const char *filename, int max_recursive,
     if(curlrc) {
       file = curlx_fopen(curlrc, FOPEN_READTEXT);
       if(!file) {
-        free(curlrc);
+        curlx_free(curlrc);
         return PARAM_READ_ERROR;
       }
       filename = pathalloc = curlrc;
@@ -266,11 +265,11 @@ ParameterError parseconfig(const char *filename, int max_recursive,
     errorf("cannot read config from '%s'", filename);
 
   if(!err && resolved) {
-    *resolved = strdup(filename);
+    *resolved = curlx_strdup(filename);
     if(!*resolved)
       err = PARAM_NO_MEM;
   }
-  free(pathalloc);
+  curlx_free(pathalloc);
   return err;
 }
 
diff --git a/src/tool_setopt.c b/src/tool_setopt.c
index b7039fbb48..97d469d76d 100644
--- a/src/tool_setopt.c
+++ b/src/tool_setopt.c
@@ -30,7 +30,6 @@
 #ifndef CURL_DISABLE_LIBCURL_OPTION
 
 #include "tool_msgs.h"
-#include "memdebug.h" /* keep this as LAST include */
 
 /* Lookup tables for converting setopt values back to symbols */
 /* For enums, values may be in any order. */
@@ -385,7 +384,7 @@ static CURLcode libcurl_generate_slist(struct curl_slist *slist, int *slistno)
     ret = easysrc_addf(&easysrc_data,
                        "slist%d = curl_slist_append(slist%d, \"%s\");",
                        *slistno, *slistno, escaped);
-    free(escaped);
+    curlx_free(escaped);
   }
 
   return ret;
@@ -439,7 +438,7 @@ static CURLcode libcurl_generate_mime_part(CURL *curl,
         easysrc_addf(&easysrc_code,
                      "curl_mime_data(part%d, \"%s\", CURL_ZERO_TERMINATED);",
                      mimeno, escaped);
-      free(escaped);
+      curlx_free(escaped);
     }
     break;
 
@@ -452,7 +451,7 @@ static CURLcode libcurl_generate_mime_part(CURL *curl,
       ret = easysrc_addf(&easysrc_code,
                          "curl_mime_filename(part%d, NULL);", mimeno);
     }
-    free(escaped);
+    curlx_free(escaped);
     break;
   }
 
@@ -477,28 +476,28 @@ static CURLcode libcurl_generate_mime_part(CURL *curl,
     char *escaped = c_escape(part->encoder, ZERO_TERMINATED);
     ret = easysrc_addf(&easysrc_code, "curl_mime_encoder(part%d, \"%s\");",
                        mimeno, escaped);
-    free(escaped);
+    curlx_free(escaped);
   }
 
   if(!ret && filename) {
     char *escaped = c_escape(filename, ZERO_TERMINATED);
     ret = easysrc_addf(&easysrc_code, "curl_mime_filename(part%d, \"%s\");",
                        mimeno, escaped);
-    free(escaped);
+    curlx_free(escaped);
   }
 
   if(!ret && part->name) {
     char *escaped = c_escape(part->name, ZERO_TERMINATED);
     ret = easysrc_addf(&easysrc_code, "curl_mime_name(part%d, \"%s\");",
                        mimeno, escaped);
-    free(escaped);
+    curlx_free(escaped);
   }
 
   if(!ret && part->type) {
     char *escaped = c_escape(part->type, ZERO_TERMINATED);
     ret = easysrc_addf(&easysrc_code, "curl_mime_type(part%d, \"%s\");",
                        mimeno, escaped);
-    free(escaped);
+    curlx_free(escaped);
   }
 
   if(!ret && part->headers) {
@@ -687,7 +686,7 @@ CURLcode tool_setopt_str(CURL *curl, struct OperationConfig *config,
       result = easysrc_addf(&easysrc_code,
                             "curl_easy_setopt(hnd, %s, \"%s\");",
                             name, escaped);
-      free(escaped);
+      curlx_free(escaped);
     }
     else
       result = CURLE_OUT_OF_MEMORY;
diff --git a/src/tool_setup.h b/src/tool_setup.h
index 17c2f420b5..f693fc1dae 100644
--- a/src/tool_setup.h
+++ b/src/tool_setup.h
@@ -68,6 +68,8 @@ extern FILE *tool_stderr;
 
 #ifndef HAVE_STRDUP
 #include "tool_strdup.h"
+#undef Curl_strdup
+#define Curl_strdup tool_strdup
 #endif
 
 #ifndef tool_nop_stmt
diff --git a/src/tool_ssls.c b/src/tool_ssls.c
index 2b67be9baa..7ffd6f7074 100644
--- a/src/tool_ssls.c
+++ b/src/tool_ssls.c
@@ -30,8 +30,6 @@
 #include "tool_ssls.h"
 #include "tool_parsecfg.h"
 
-#include "memdebug.h" /* keep this as LAST include */
-
 /* The maximum line length for an ecoded session ticket */
 #define MAX_SSLS_LINE (64 * 1024)
 
@@ -127,8 +125,8 @@ out:
   if(fp)
     curlx_fclose(fp);
   curlx_dyn_free(&buf);
-  free(shmac);
-  free(sdata);
+  curlx_free(shmac);
+  curlx_free(sdata);
   return r;
 }
 
@@ -181,7 +179,7 @@ static CURLcode tool_ssls_exp(CURL *easy, void *userptr,
 out:
   if(r)
     warnf("Warning: error saving SSL session for '%s': %d", session_key, r);
-  free(enc);
+  curlx_free(enc);
   return r;
 }
 
diff --git a/src/tool_ssls.h b/src/tool_ssls.h
index 7a1b95194d..c06e9427cf 100644
--- a/src/tool_ssls.h
+++ b/src/tool_ssls.h
@@ -26,7 +26,6 @@
 #include "tool_setup.h"
 #include "tool_operate.h"
 
-
 CURLcode tool_ssls_load(struct OperationConfig *config,
                         CURLSH *share, const char *filename);
 CURLcode tool_ssls_save(struct OperationConfig *config,
diff --git a/src/tool_stderr.c b/src/tool_stderr.c
index 8812f8bf8e..7871ebc0cc 100644
--- a/src/tool_stderr.c
+++ b/src/tool_stderr.c
@@ -26,8 +26,6 @@
 #include "tool_stderr.h"
 #include "tool_msgs.h"
 
-#include "memdebug.h" /* keep this as LAST include */
-
 FILE *tool_stderr;
 
 void tool_init_stderr(void)
diff --git a/src/tool_strdup.c b/src/tool_strdup.c
index ff80b56b92..c799d1acdf 100644
--- a/src/tool_strdup.c
+++ b/src/tool_strdup.c
@@ -22,10 +22,9 @@
  *
  ***************************************************************************/
 #include "tool_strdup.h"
-#include "memdebug.h" /* keep this as LAST include */
 
 #ifndef HAVE_STRDUP
-char *strdup(const char *str)
+char *tool_strdup(const char *str)
 {
   size_t len;
   char *newstr;
@@ -35,7 +34,7 @@ char *strdup(const char *str)
 
   len = strlen(str) + 1;
 
-  newstr = malloc(len);
+  newstr = curlx_malloc(len);
   if(!newstr)
     return (char *)NULL;
 
@@ -46,7 +45,7 @@ char *strdup(const char *str)
 
 char *memdup0(const char *data, size_t len)
 {
-  char *p = malloc(len + 1);
+  char *p = curlx_malloc(len + 1);
   if(!p)
     return NULL;
   if(len)
diff --git a/src/tool_strdup.h b/src/tool_strdup.h
index 275be7c5d9..0f121e20fd 100644
--- a/src/tool_strdup.h
+++ b/src/tool_strdup.h
@@ -26,7 +26,7 @@
 #include "tool_setup.h"
 
 #ifndef HAVE_STRDUP
-extern char *strdup(const char *str);
+extern char *tool_strdup(const char *str);
 #endif
 char *memdup0(const char *data, size_t len);
 
diff --git a/src/tool_urlglob.c b/src/tool_urlglob.c
index 7185e80f66..9ea8a274fa 100644
--- a/src/tool_urlglob.c
+++ b/src/tool_urlglob.c
@@ -28,7 +28,6 @@
 #include "tool_urlglob.h"
 #include "tool_vms.h"
 #include "tool_strdup.h"
-#include "memdebug.h" /* keep this as LAST include */
 
 static CURLcode globerror(struct URLGlob *glob, const char *err,
                           size_t pos, CURLcode error)
@@ -45,7 +44,7 @@ static CURLcode glob_fixed(struct URLGlob *glob, char *fixed, size_t len)
   pat->globindex = -1;
   pat->c.set.size = 0;
   pat->c.set.idx = 0;
-  pat->c.set.elem = malloc(sizeof(char *));
+  pat->c.set.elem = curlx_malloc(sizeof(char *));
 
   if(!pat->c.set.elem)
     return globerror(glob, NULL, 0, CURLE_OUT_OF_MEMORY);
@@ -137,10 +136,10 @@ static CURLcode glob_set(struct URLGlob *glob, const char **patternp,
 
       if(!palloc) {
         palloc = 5; /* a reasonable default */
-        elem = malloc(palloc * sizeof(char *));
+        elem = curlx_malloc(palloc * sizeof(char *));
       }
       else if(size >= palloc) {
-        char **arr = realloc(elem, palloc * 2 * sizeof(char *));
+        char **arr = curlx_realloc(elem, palloc * 2 * sizeof(char *));
         if(!arr) {
           result = globerror(glob, NULL, 0, CURLE_OUT_OF_MEMORY);
           goto error;
@@ -154,8 +153,8 @@ static CURLcode glob_set(struct URLGlob *glob, const char **patternp,
         goto error;
       }
 
-      elem[size] =
-        strdup(curlx_dyn_ptr(&glob->buf) ? curlx_dyn_ptr(&glob->buf) : "");
+      elem[size] = curlx_strdup(curlx_dyn_ptr(&glob->buf) ?
+                                curlx_dyn_ptr(&glob->buf) : "");
       if(!elem[size]) {
         result = globerror(glob, NULL, 0, CURLE_OUT_OF_MEMORY);
         goto error;
@@ -206,7 +205,7 @@ error:
     for(i = 0; i < size; i++)
       tool_safefree(elem[i]);
   }
-  free(elem);
+  curlx_free(elem);
   return result;
 }
 
@@ -387,7 +386,8 @@ static CURLcode add_glob(struct URLGlob *glob, size_t pos)
     struct URLPattern *np = NULL;
     glob->palloc *= 2;
     if(glob->pnum < 255) { /* avoid ridiculous amounts */
-      np = realloc(glob->pattern, glob->palloc * sizeof(struct URLPattern));
+      np = curlx_realloc(glob->pattern,
+                         glob->palloc * sizeof(struct URLPattern));
       if(!np)
         return globerror(glob, NULL, pos, CURLE_OUT_OF_MEMORY);
     }
@@ -491,7 +491,7 @@ CURLcode glob_url(struct URLGlob *glob, char *url, curl_off_t *urlnum,
 
   memset(glob, 0, sizeof(struct URLGlob));
   curlx_dyn_init(&glob->buf, 1024*1024);
-  glob->pattern = malloc(2 * sizeof(struct URLPattern));
+  glob->pattern = curlx_malloc(2 * sizeof(struct URLPattern));
   if(!glob->pattern)
     return CURLE_OUT_OF_MEMORY;
   glob->palloc = 2;
@@ -617,7 +617,7 @@ CURLcode glob_next_url(char **globbed, struct URLGlob *glob)
   }
 
   *globbed =
-    strdup(curlx_dyn_ptr(&glob->buf) ? curlx_dyn_ptr(&glob->buf) : "");
+    curlx_strdup(curlx_dyn_ptr(&glob->buf) ? curlx_dyn_ptr(&glob->buf) : "");
   if(!*globbed)
     return CURLE_OUT_OF_MEMORY;
 
diff --git a/src/tool_util.c b/src/tool_util.c
index cb64f9a0b9..43dd096783 100644
--- a/src/tool_util.c
+++ b/src/tool_util.c
@@ -24,7 +24,6 @@
 #include "tool_setup.h"
 
 #include "tool_util.h"
-#include "memdebug.h" /* keep this as LAST include */
 
 #ifdef _WIN32
 
diff --git a/src/tool_vms.c b/src/tool_vms.c
index fac0cfc4dd..75aa7d5370 100644
--- a/src/tool_vms.c
+++ b/src/tool_vms.c
@@ -32,7 +32,6 @@
 
 #include "curlmsg_vms.h"
 #include "tool_vms.h"
-#include "memdebug.h" /* keep this as LAST include */
 
 void decc$__posix_exit(int __status);
 void decc$exit(int __status);
diff --git a/src/tool_writeout.c b/src/tool_writeout.c
index 52b35345f4..f846add4e3 100644
--- a/src/tool_writeout.c
+++ b/src/tool_writeout.c
@@ -26,7 +26,6 @@
 #include "tool_cfgable.h"
 #include "tool_writeout.h"
 #include "tool_writeout_json.h"
-#include "memdebug.h" /* keep this as LAST include */
 
 static int writeTime(FILE *stream, const struct writeoutvar *wovar,
                      struct per_transfer *per, CURLcode per_result,
diff --git a/src/tool_xattr.c b/src/tool_xattr.c
index fb0669106e..b111c7b843 100644
--- a/src/tool_xattr.c
+++ b/src/tool_xattr.c
@@ -24,8 +24,6 @@
 #include "tool_setup.h"
 #include "tool_xattr.h"
 
-#include "memdebug.h" /* keep this as LAST include */
-
 #ifdef USE_XATTR
 
 /* mapping table of curl metadata to extended attribute names */
diff --git a/src/var.c b/src/var.c
index 5cedf1d24a..08269e1db7 100644
--- a/src/var.c
+++ b/src/var.c
@@ -33,7 +33,6 @@
 #include "tool_writeout_json.h"
 #include "tool_strdup.h"
 #include "var.h"
-#include "memdebug.h" /* keep this as LAST include */
 
 #define MAX_EXPAND_CONTENT 10000000
 #define MAX_VAR_LEN 128 /* max length of a name */
@@ -45,8 +44,8 @@ void varcleanup(void)
   while(list) {
     struct tool_var *t = list;
     list = list->next;
-    free(CURL_UNCONST(t->content));
-    free(t);
+    curlx_free(CURL_UNCONST(t->content));
+    curlx_free(t);
   }
 }
 
@@ -192,7 +191,7 @@ static ParameterError varfunc(char *c, /* content */
       break;
     }
     if(alloc)
-      free(c);
+      curlx_free(c);
 
     clen = curlx_dyn_len(out);
     c = memdup0(curlx_dyn_ptr(out), clen);
@@ -203,7 +202,7 @@ static ParameterError varfunc(char *c, /* content */
     alloc = TRUE;
   }
   if(alloc)
-    free(c);
+    curlx_free(c);
   if(err)
     curlx_dyn_free(out);
   return err;
@@ -359,7 +358,7 @@ static ParameterError addvariable(const char *name,
   if(check)
     notef("Overwriting variable '%s'", check->name);
 
-  p = calloc(1, sizeof(struct tool_var) + nlen);
+  p = curlx_calloc(1, sizeof(struct tool_var) + nlen);
   if(p) {
     memcpy(p->name, name, nlen);
     /* the null termination byte is already present from above */
@@ -372,7 +371,7 @@ static ParameterError addvariable(const char *name,
       global->variables = p;
       return PARAM_OK;
     }
-    free(p);
+    curlx_free(p);
   }
   return PARAM_NO_MEM;
 }
@@ -496,7 +495,7 @@ ParameterError setvariable(const char *input)
   err = addvariable(name, nlen, content, clen, contalloc);
   if(err) {
     if(contalloc)
-      free(content);
+      curlx_free(content);
   }
   return err;
 }
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 677a17cd99..0371159d68 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -25,7 +25,6 @@
 # scripts used in test cases
 TESTSCRIPTS = \
  test1119.pl  \
- test1132.pl  \
  test1135.pl  \
  test1139.pl  \
  test1140.pl  \
diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am
index bc3abbc7d8..18c6969391 100644
--- a/tests/data/Makefile.am
+++ b/tests/data/Makefile.am
@@ -152,7 +152,7 @@ test1093 test1094 test1095 test1096 test1097 test1098 test1099 test1100 \
 test1101 test1102 test1103 test1104 test1105 test1106 test1107 test1108 \
 test1109 test1110 test1111 test1112 test1113 test1114 test1115 test1116 \
 test1117 test1118 test1119 test1120 test1121 test1122 test1123 test1124 \
-test1125 test1126 test1127 test1128 test1129 test1130 test1131 test1132 \
+test1125 test1126 test1127 test1128 test1129 test1130 test1131 \
 test1133 test1134 test1135 test1136 test1137 test1138 test1139 test1140 \
 test1141 test1142 test1143 test1144 test1145 test1146 test1147 test1148 \
 test1149 test1150 test1151 test1152 test1153 test1154 test1155 test1156 \
diff --git a/tests/data/test1132 b/tests/data/test1132
deleted file mode 100644
index d0ef42a24e..0000000000
--- a/tests/data/test1132
+++ /dev/null
@@ -1,21 +0,0 @@
-
-
-
-source analysis
-memory-includes
-
-
-
-#
-# Client-side
-
-
-Verify memory #include files in libcurl's C source files
-
-
-
-%SRCDIR/test1132.pl %SRCDIR/../lib
-
-
-
-
diff --git a/tests/libtest/cli_h2_pausing.c b/tests/libtest/cli_h2_pausing.c
index 0f06dadd52..25b798af4b 100644
--- a/tests/libtest/cli_h2_pausing.c
+++ b/tests/libtest/cli_h2_pausing.c
@@ -26,7 +26,6 @@
 #include "first.h"
 
 #include "testtrace.h"
-#include "memdebug.h"
 
 static void usage_h2_pausing(const char *msg)
 {
diff --git a/tests/libtest/cli_h2_serverpush.c b/tests/libtest/cli_h2_serverpush.c
index ad3ae4f914..80d8c03136 100644
--- a/tests/libtest/cli_h2_serverpush.c
+++ b/tests/libtest/cli_h2_serverpush.c
@@ -24,7 +24,6 @@
 #include "first.h"
 
 #include "testtrace.h"
-#include "memdebug.h"
 
 static FILE *out_download = NULL;
 
diff --git a/tests/libtest/cli_h2_upgrade_extreme.c b/tests/libtest/cli_h2_upgrade_extreme.c
index b5c6c31b1b..bc28a6f4d0 100644
--- a/tests/libtest/cli_h2_upgrade_extreme.c
+++ b/tests/libtest/cli_h2_upgrade_extreme.c
@@ -24,7 +24,6 @@
 #include "first.h"
 
 #include "testtrace.h"
-#include "memdebug.h"
 
 static size_t write_h2_upg_extreme_cb(char *ptr, size_t size, size_t nmemb,
                                       void *opaque)
diff --git a/tests/libtest/cli_hx_download.c b/tests/libtest/cli_hx_download.c
index 82e8c1b70d..a7f5d20090 100644
--- a/tests/libtest/cli_hx_download.c
+++ b/tests/libtest/cli_hx_download.c
@@ -25,8 +25,6 @@
 
 #include "testtrace.h"
 
-#include "curl_mem_undef.h"
-
 #if defined(USE_QUICHE) || defined(USE_OPENSSL)
 #include 
 #endif
@@ -45,8 +43,6 @@
 #include 
 #endif
 
-#include "memdebug.h"
-
 static int verbose_d = 1;
 
 struct transfer_d {
@@ -346,8 +342,8 @@ static CURLcode test_cli_hx_download(const char *URL)
         pause_offset = (size_t)num;
       break;
     case 'r':
-      free(resolve);
-      resolve = strdup(coptarg);
+      curlx_free(resolve);
+      resolve = curlx_strdup(coptarg);
       break;
     case 'T':
       if(!curlx_str_number(&opt, &num, LONG_MAX))
@@ -407,7 +403,7 @@ static CURLcode test_cli_hx_download(const char *URL)
   curl_share_setopt(share, CURLSHOPT_SHARE, CURL_LOCK_DATA_PSL);
   curl_share_setopt(share, CURLSHOPT_SHARE, CURL_LOCK_DATA_HSTS);
 
-  transfer_d = calloc(transfer_count_d, sizeof(*transfer_d));
+  transfer_d = curlx_calloc(transfer_count_d, sizeof(*transfer_d));
   if(!transfer_d) {
     curl_mfprintf(stderr, "error allocating transfer structs\n");
     res = (CURLcode)1;
@@ -559,7 +555,7 @@ cleanup:
       else /* on success we expect ssl to have been checked */
         assert(t->checked_ssl);
     }
-    free(transfer_d);
+    curlx_free(transfer_d);
   }
 
   curl_share_cleanup(share);
@@ -569,7 +565,7 @@ cleanup:
 
 optcleanup:
 
-  free(resolve);
+  curlx_free(resolve);
 
   return res;
 }
diff --git a/tests/libtest/cli_hx_upload.c b/tests/libtest/cli_hx_upload.c
index f0183f6df2..f7036509fe 100644
--- a/tests/libtest/cli_hx_upload.c
+++ b/tests/libtest/cli_hx_upload.c
@@ -24,7 +24,6 @@
 #include "first.h"
 
 #include "testtrace.h"
-#include "memdebug.h"
 
 static int verbose_u = 1;
 
@@ -358,7 +357,7 @@ static CURLcode test_cli_hx_upload(const char *URL)
   curl_share_setopt(share, CURLSHOPT_SHARE, CURL_LOCK_DATA_PSL);
   curl_share_setopt(share, CURLSHOPT_SHARE, CURL_LOCK_DATA_HSTS);
 
-  transfer_u = calloc(transfer_count_u, sizeof(*transfer_u));
+  transfer_u = curlx_calloc(transfer_count_u, sizeof(*transfer_u));
   if(!transfer_u) {
     curl_mfprintf(stderr, "error allocating transfer structs\n");
     res = (CURLcode)1;
@@ -539,7 +538,7 @@ cleanup:
         curl_mime_free(t->mime);
       }
     }
-    free(transfer_u);
+    curlx_free(transfer_u);
   }
 
   curl_share_cleanup(share);
diff --git a/tests/libtest/cli_tls_session_reuse.c b/tests/libtest/cli_tls_session_reuse.c
index 2f6bde43e3..aa56a0e28c 100644
--- a/tests/libtest/cli_tls_session_reuse.c
+++ b/tests/libtest/cli_tls_session_reuse.c
@@ -24,7 +24,6 @@
 #include "first.h"
 
 #include "testtrace.h"
-#include "memdebug.h"
 
 static int tse_found_tls_session = FALSE;
 
diff --git a/tests/libtest/cli_upload_pausing.c b/tests/libtest/cli_upload_pausing.c
index 441ce899a0..042eddd7d7 100644
--- a/tests/libtest/cli_upload_pausing.c
+++ b/tests/libtest/cli_upload_pausing.c
@@ -26,7 +26,6 @@
 #include "first.h"
 
 #include "testtrace.h"
-#include "memdebug.h"
 
 static size_t total_read = 0;
 
diff --git a/tests/libtest/cli_ws_data.c b/tests/libtest/cli_ws_data.c
index aa43bc6058..2276f0c92c 100644
--- a/tests/libtest/cli_ws_data.c
+++ b/tests/libtest/cli_ws_data.c
@@ -24,7 +24,6 @@
 #include "first.h"
 
 #include "testtrace.h"
-#include "memdebug.h"
 
 #ifndef CURL_DISABLE_WEBSOCKETS
 
@@ -83,8 +82,8 @@ static CURLcode test_ws_data_m2_echo(const char *url,
   size_t i, scount = count, rcount = count;
   int rblock, sblock;
 
-  send_buf = calloc(1, plen_max + 1);
-  recv_buf = calloc(1, plen_max + 1);
+  send_buf = curlx_calloc(1, plen_max + 1);
+  recv_buf = curlx_calloc(1, plen_max + 1);
   if(!send_buf || !recv_buf) {
     r = CURLE_OUT_OF_MEMORY;
     goto out;
@@ -184,8 +183,8 @@ out:
       ws_close(curl);
     curl_easy_cleanup(curl);
   }
-  free(send_buf);
-  free(recv_buf);
+  curlx_free(send_buf);
+  curlx_free(recv_buf);
   return r;
 }
 
@@ -294,8 +293,8 @@ static CURLcode test_ws_data_m1_echo(const char *url,
   curl_mfprintf(stderr, "test_ws_data_m1_echo(min=%zu, max=%zu)\n",
                 plen_min, plen_max);
   memset(&m1_ctx, 0, sizeof(m1_ctx));
-  m1_ctx.send_buf = calloc(1, plen_max + 1);
-  m1_ctx.recv_buf = calloc(1, plen_max + 1);
+  m1_ctx.send_buf = curlx_calloc(1, plen_max + 1);
+  m1_ctx.recv_buf = curlx_calloc(1, plen_max + 1);
   if(!m1_ctx.send_buf || !m1_ctx.recv_buf) {
     r = CURLE_OUT_OF_MEMORY;
     goto out;
@@ -389,8 +388,8 @@ out:
   if(m1_ctx.curl) {
     curl_easy_cleanup(m1_ctx.curl);
   }
-  free(m1_ctx.send_buf);
-  free(m1_ctx.recv_buf);
+  curlx_free(m1_ctx.send_buf);
+  curlx_free(m1_ctx.recv_buf);
   return r;
 }
 
diff --git a/tests/libtest/cli_ws_pingpong.c b/tests/libtest/cli_ws_pingpong.c
index 0a8e957aa4..8449b9d127 100644
--- a/tests/libtest/cli_ws_pingpong.c
+++ b/tests/libtest/cli_ws_pingpong.c
@@ -24,7 +24,6 @@
 #include "first.h"
 
 #include "testtrace.h"
-#include "memdebug.h"
 
 #ifndef CURL_DISABLE_WEBSOCKETS
 
diff --git a/tests/libtest/first.c b/tests/libtest/first.c
index a8e2e91cf0..2f65530882 100644
--- a/tests/libtest/first.c
+++ b/tests/libtest/first.c
@@ -27,8 +27,6 @@
 #include  /* for setlocale() */
 #endif
 
-#include "memdebug.h"
-
 int select_wrapper(int nfds, fd_set *rd, fd_set *wr, fd_set *exc,
                    struct timeval *tv)
 {
diff --git a/tests/libtest/lib1156.c b/tests/libtest/lib1156.c
index 6ceb6894e7..758f6e3f1a 100644
--- a/tests/libtest/lib1156.c
+++ b/tests/libtest/lib1156.c
@@ -34,8 +34,6 @@
 
 */
 
-#include "memdebug.h"
-
 #define F_RESUME        (1 << 0)        /* resume/range. */
 #define F_HTTP416       (1 << 1)        /* Server returns http code 416. */
 #define F_FAIL          (1 << 2)        /* Fail on error. */
diff --git a/tests/libtest/lib1485.c b/tests/libtest/lib1485.c
index 7fea83317c..828e1ede74 100644
--- a/tests/libtest/lib1485.c
+++ b/tests/libtest/lib1485.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 struct t1485_transfer_status {
   CURL *curl;
   curl_off_t out_len;
diff --git a/tests/libtest/lib1500.c b/tests/libtest/lib1500.c
index 5fe8e7ab4f..921d1ce8b1 100644
--- a/tests/libtest/lib1500.c
+++ b/tests/libtest/lib1500.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1500(const char *URL)
 {
   CURL *curl = NULL;
diff --git a/tests/libtest/lib1501.c b/tests/libtest/lib1501.c
index 5b5e64c48c..cd1cd874f7 100644
--- a/tests/libtest/lib1501.c
+++ b/tests/libtest/lib1501.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1501(const char *URL)
 {
   static const long HANG_TIMEOUT = 30 * 1000;
diff --git a/tests/libtest/lib1502.c b/tests/libtest/lib1502.c
index 527f969b11..1546acfaa8 100644
--- a/tests/libtest/lib1502.c
+++ b/tests/libtest/lib1502.c
@@ -31,8 +31,6 @@
 
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1502(const char *URL)
 {
   CURL *curl = NULL;
diff --git a/tests/libtest/lib1506.c b/tests/libtest/lib1506.c
index 5790f3baeb..8b986c59a0 100644
--- a/tests/libtest/lib1506.c
+++ b/tests/libtest/lib1506.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1506(const char *URL)
 {
   CURLcode res = CURLE_OK;
diff --git a/tests/libtest/lib1507.c b/tests/libtest/lib1507.c
index d9f85a3318..ffdaa50df6 100644
--- a/tests/libtest/lib1507.c
+++ b/tests/libtest/lib1507.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static size_t t1507_read_cb(char *ptr, size_t size, size_t nmemb, void *userp)
 {
   (void)ptr;
diff --git a/tests/libtest/lib1508.c b/tests/libtest/lib1508.c
index b7b47daa3f..446e8231a5 100644
--- a/tests/libtest/lib1508.c
+++ b/tests/libtest/lib1508.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1508(const char *URL)
 {
   CURLcode res = CURLE_OK;
diff --git a/tests/libtest/lib1509.c b/tests/libtest/lib1509.c
index 3ab4feea8b..16935de7a7 100644
--- a/tests/libtest/lib1509.c
+++ b/tests/libtest/lib1509.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static size_t realHeaderSize = 0;
 
 static size_t WriteOutput(char *ptr, size_t size, size_t nmemb, void *stream)
diff --git a/tests/libtest/lib1510.c b/tests/libtest/lib1510.c
index e914d48eb7..7a70763813 100644
--- a/tests/libtest/lib1510.c
+++ b/tests/libtest/lib1510.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1510(const char *URL)
 {
   static const int NUM_URLS = 4;
diff --git a/tests/libtest/lib1511.c b/tests/libtest/lib1511.c
index de09d2a6fa..fb65dcae98 100644
--- a/tests/libtest/lib1511.c
+++ b/tests/libtest/lib1511.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1511(const char *URL)
 {
   long unmet;
diff --git a/tests/libtest/lib1512.c b/tests/libtest/lib1512.c
index dd80163d43..16648d7e56 100644
--- a/tests/libtest/lib1512.c
+++ b/tests/libtest/lib1512.c
@@ -30,8 +30,6 @@
 
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1512(const char *URL)
 {
   CURLcode res = CURLE_OK;
diff --git a/tests/libtest/lib1513.c b/tests/libtest/lib1513.c
index c86c5185e2..8bf1613fa1 100644
--- a/tests/libtest/lib1513.c
+++ b/tests/libtest/lib1513.c
@@ -30,8 +30,6 @@
 
 #include "first.h"
 
-#include "memdebug.h"
-
 static int progressKiller(void *arg,
                           double dltotal,
                           double dlnow,
diff --git a/tests/libtest/lib1514.c b/tests/libtest/lib1514.c
index fc7e33e3d3..fa0aa07424 100644
--- a/tests/libtest/lib1514.c
+++ b/tests/libtest/lib1514.c
@@ -28,8 +28,6 @@
 
 #include "first.h"
 
-#include "memdebug.h"
-
 struct t1514_WriteThis {
   char *readptr;
   size_t sizeleft;
diff --git a/tests/libtest/lib1515.c b/tests/libtest/lib1515.c
index 679a413c69..7833f06a10 100644
--- a/tests/libtest/lib1515.c
+++ b/tests/libtest/lib1515.c
@@ -31,7 +31,6 @@
 #include "first.h"
 
 #include "testtrace.h"
-#include "memdebug.h"
 
 #define DNS_TIMEOUT 1L
 
diff --git a/tests/libtest/lib1517.c b/tests/libtest/lib1517.c
index d8ad3b753b..cebdeab0a1 100644
--- a/tests/libtest/lib1517.c
+++ b/tests/libtest/lib1517.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 struct t1517_WriteThis {
   const char *readptr;
   size_t sizeleft;
diff --git a/tests/libtest/lib1518.c b/tests/libtest/lib1518.c
index 63e861910d..1ebe957af3 100644
--- a/tests/libtest/lib1518.c
+++ b/tests/libtest/lib1518.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 /* Test inspired by github issue 3340 */
 
 static size_t t1518_write_cb(char *buffer, size_t size, size_t nitems,
diff --git a/tests/libtest/lib1520.c b/tests/libtest/lib1520.c
index e61727eadc..4cf54388eb 100644
--- a/tests/libtest/lib1520.c
+++ b/tests/libtest/lib1520.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 struct upload_status {
   int lines_read;
 };
diff --git a/tests/libtest/lib1522.c b/tests/libtest/lib1522.c
index 3423f4777c..1ac2332e81 100644
--- a/tests/libtest/lib1522.c
+++ b/tests/libtest/lib1522.c
@@ -26,7 +26,6 @@
 /* test case and code based on https://github.com/curl/curl/issues/2847 */
 
 #include "testtrace.h"
-#include "memdebug.h"
 
 static int sockopt_callback(void *clientp, curl_socket_t curlfd,
                             curlsocktype purpose)
diff --git a/tests/libtest/lib1523.c b/tests/libtest/lib1523.c
index 5c9a01a5eb..711aa3f714 100644
--- a/tests/libtest/lib1523.c
+++ b/tests/libtest/lib1523.c
@@ -25,8 +25,6 @@
 
 /* test case and code based on https://github.com/curl/curl/issues/3927 */
 
-#include "memdebug.h"
-
 static int dload_progress_cb(void *a, curl_off_t b, curl_off_t c,
                              curl_off_t d, curl_off_t e)
 {
diff --git a/tests/libtest/lib1525.c b/tests/libtest/lib1525.c
index 7e7d98ef79..c9a1e1514f 100644
--- a/tests/libtest/lib1525.c
+++ b/tests/libtest/lib1525.c
@@ -30,8 +30,6 @@
 
 #include "first.h"
 
-#include "memdebug.h"
-
 static const char t1525_testdata[] = "Hello Cloud!\n";
 
 static size_t t1525_read_cb(char *ptr, size_t size, size_t nmemb, void *stream)
diff --git a/tests/libtest/lib1526.c b/tests/libtest/lib1526.c
index bf2a07ee9d..031f8bfd27 100644
--- a/tests/libtest/lib1526.c
+++ b/tests/libtest/lib1526.c
@@ -29,8 +29,6 @@
 
 #include "first.h"
 
-#include "memdebug.h"
-
 static const char t1526_testdata[] = "Hello Cloud!\n";
 
 static size_t t1526_read_cb(char *ptr, size_t size, size_t nmemb, void *stream)
diff --git a/tests/libtest/lib1527.c b/tests/libtest/lib1527.c
index 3624728687..1d9a582132 100644
--- a/tests/libtest/lib1527.c
+++ b/tests/libtest/lib1527.c
@@ -29,8 +29,6 @@
 
 #include "first.h"
 
-#include "memdebug.h"
-
 static const char t1527_testdata[] = "Hello Cloud!\n";
 
 static size_t t1527_read_cb(char *ptr, size_t size, size_t nmemb, void *stream)
diff --git a/tests/libtest/lib1528.c b/tests/libtest/lib1528.c
index 98bd2bdaf1..e1dd3657fe 100644
--- a/tests/libtest/lib1528.c
+++ b/tests/libtest/lib1528.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1528(const char *URL)
 {
   CURL *curl = NULL;
diff --git a/tests/libtest/lib1529.c b/tests/libtest/lib1529.c
index ae86b61a5e..24cdd78b03 100644
--- a/tests/libtest/lib1529.c
+++ b/tests/libtest/lib1529.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1529(const char *URL)
 {
   CURL *curl = NULL;
diff --git a/tests/libtest/lib1530.c b/tests/libtest/lib1530.c
index 19b0d9cbde..6cb6d59e87 100644
--- a/tests/libtest/lib1530.c
+++ b/tests/libtest/lib1530.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static curl_socket_t opensocket(void *clientp,
                                 curlsocktype purpose,
                                 struct curl_sockaddr *address)
diff --git a/tests/libtest/lib1531.c b/tests/libtest/lib1531.c
index 65b20c2993..a3554434e6 100644
--- a/tests/libtest/lib1531.c
+++ b/tests/libtest/lib1531.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1531(const char *URL)
 {
   static char const testData[] = ".abc\0xyz";
diff --git a/tests/libtest/lib1532.c b/tests/libtest/lib1532.c
index 83a826de32..e1c5c04702 100644
--- a/tests/libtest/lib1532.c
+++ b/tests/libtest/lib1532.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 /* Test CURLINFO_RESPONSE_CODE */
 
 static CURLcode test_lib1532(const char *URL)
diff --git a/tests/libtest/lib1533.c b/tests/libtest/lib1533.c
index 1c60172734..a2d541c412 100644
--- a/tests/libtest/lib1533.c
+++ b/tests/libtest/lib1533.c
@@ -31,8 +31,6 @@
 
 #include "first.h"
 
-#include "memdebug.h"
-
 struct cb_data {
   CURL *curl;
   int response_received;
diff --git a/tests/libtest/lib1534.c b/tests/libtest/lib1534.c
index af1c0bd520..377df3b2fe 100644
--- a/tests/libtest/lib1534.c
+++ b/tests/libtest/lib1534.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 /* Test CURLINFO_FILETIME */
 
 static CURLcode test_lib1534(const char *URL)
diff --git a/tests/libtest/lib1535.c b/tests/libtest/lib1535.c
index c0e0689d98..c49c3076df 100644
--- a/tests/libtest/lib1535.c
+++ b/tests/libtest/lib1535.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 /* Test CURLINFO_PROTOCOL */
 
 static CURLcode test_lib1535(const char *URL)
diff --git a/tests/libtest/lib1536.c b/tests/libtest/lib1536.c
index 3219724b9a..f89b50a195 100644
--- a/tests/libtest/lib1536.c
+++ b/tests/libtest/lib1536.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 /* Test CURLINFO_SCHEME */
 
 static CURLcode test_lib1536(const char *URL)
diff --git a/tests/libtest/lib1537.c b/tests/libtest/lib1537.c
index cb35fb1908..f521986ebc 100644
--- a/tests/libtest/lib1537.c
+++ b/tests/libtest/lib1537.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1537(const char *URL)
 {
   const unsigned char a[] = {0x2f, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
diff --git a/tests/libtest/lib1538.c b/tests/libtest/lib1538.c
index 9aaec8171a..2a8830c5cc 100644
--- a/tests/libtest/lib1538.c
+++ b/tests/libtest/lib1538.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1538(const char *URL)
 {
   CURLcode res = CURLE_OK;
diff --git a/tests/libtest/lib1540.c b/tests/libtest/lib1540.c
index 7f91234356..849431e796 100644
--- a/tests/libtest/lib1540.c
+++ b/tests/libtest/lib1540.c
@@ -24,7 +24,6 @@
 #include "first.h"
 
 #include "testtrace.h"
-#include "memdebug.h"
 
 struct t1540_transfer_status {
   CURL *curl;
diff --git a/tests/libtest/lib1541.c b/tests/libtest/lib1541.c
index 150fd2e30b..c39bee989c 100644
--- a/tests/libtest/lib1541.c
+++ b/tests/libtest/lib1541.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 struct t1541_transfer_status {
   CURL *curl;
   int hd_count;
diff --git a/tests/libtest/lib1542.c b/tests/libtest/lib1542.c
index 9fc9f17efb..9a6ba0b36e 100644
--- a/tests/libtest/lib1542.c
+++ b/tests/libtest/lib1542.c
@@ -33,7 +33,6 @@
 #include "first.h"
 
 #include "testtrace.h"
-#include "memdebug.h"
 
 static CURLcode test_lib1542(const char *URL)
 {
diff --git a/tests/libtest/lib1549.c b/tests/libtest/lib1549.c
index 10d3183810..fa9515e4f6 100644
--- a/tests/libtest/lib1549.c
+++ b/tests/libtest/lib1549.c
@@ -24,7 +24,6 @@
 #include "first.h"
 
 #include "testtrace.h"
-#include "memdebug.h"
 
 static CURLcode test_lib1549(const char *URL)
 {
diff --git a/tests/libtest/lib1550.c b/tests/libtest/lib1550.c
index 566cbfa192..b328dd27bc 100644
--- a/tests/libtest/lib1550.c
+++ b/tests/libtest/lib1550.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 #include 
 
 static CURLcode test_lib1550(const char *URL)
diff --git a/tests/libtest/lib1551.c b/tests/libtest/lib1551.c
index 80020f5556..ce4989a616 100644
--- a/tests/libtest/lib1551.c
+++ b/tests/libtest/lib1551.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 #include 
 
 static CURLcode test_lib1551(const char *URL)
diff --git a/tests/libtest/lib1552.c b/tests/libtest/lib1552.c
index d0c3469d4c..bceacd354c 100644
--- a/tests/libtest/lib1552.c
+++ b/tests/libtest/lib1552.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1552(const char *URL)
 {
   CURL *curl = NULL;
diff --git a/tests/libtest/lib1553.c b/tests/libtest/lib1553.c
index fa753ac231..d1eaefee4a 100644
--- a/tests/libtest/lib1553.c
+++ b/tests/libtest/lib1553.c
@@ -24,7 +24,6 @@
 #include "first.h"
 
 #include "testtrace.h"
-#include "memdebug.h"
 
 static int t1553_xferinfo(void *p,
                           curl_off_t dltotal, curl_off_t dlnow,
diff --git a/tests/libtest/lib1554.c b/tests/libtest/lib1554.c
index a23d713e63..f330b2df7d 100644
--- a/tests/libtest/lib1554.c
+++ b/tests/libtest/lib1554.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static const char *ldata_names[] = {
   "NONE",
   "SHARE",
diff --git a/tests/libtest/lib1555.c b/tests/libtest/lib1555.c
index 4ebde5c74c..001a8f5bae 100644
--- a/tests/libtest/lib1555.c
+++ b/tests/libtest/lib1555.c
@@ -27,8 +27,6 @@
 
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURL *t1555_curl;
 
 static int progressCallback(void *arg,
diff --git a/tests/libtest/lib1556.c b/tests/libtest/lib1556.c
index 4987fc9f09..e852bb3224 100644
--- a/tests/libtest/lib1556.c
+++ b/tests/libtest/lib1556.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 struct headerinfo {
   size_t largest;
 };
diff --git a/tests/libtest/lib1557.c b/tests/libtest/lib1557.c
index 1c2785dbe3..28162a1b03 100644
--- a/tests/libtest/lib1557.c
+++ b/tests/libtest/lib1557.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1557(const char *URL)
 {
   CURLM *multi = NULL;
diff --git a/tests/libtest/lib1558.c b/tests/libtest/lib1558.c
index 1bbc0f77b7..d299405fe2 100644
--- a/tests/libtest/lib1558.c
+++ b/tests/libtest/lib1558.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1558(const char *URL)
 {
   CURLcode res = CURLE_OK;
diff --git a/tests/libtest/lib1559.c b/tests/libtest/lib1559.c
index 1aa0f830c7..c6851918a6 100644
--- a/tests/libtest/lib1559.c
+++ b/tests/libtest/lib1559.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1559(const char *URL)
 {
   static const int EXCESSIVE = 10*1000*1000;
@@ -38,7 +36,7 @@ static CURLcode test_lib1559(const char *URL)
   global_init(CURL_GLOBAL_ALL);
   easy_init(curl);
 
-  longurl = malloc(EXCESSIVE);
+  longurl = curlx_malloc(EXCESSIVE);
   if(!longurl) {
     res = TEST_ERR_MAJOR_BAD;
     goto test_cleanup;
@@ -70,7 +68,7 @@ static CURLcode test_lib1559(const char *URL)
   }
 
 test_cleanup:
-  free(longurl);
+  curlx_free(longurl);
   curl_easy_cleanup(curl);
   curl_global_cleanup();
 
diff --git a/tests/libtest/lib1560.c b/tests/libtest/lib1560.c
index db85fe7382..2f6608108c 100644
--- a/tests/libtest/lib1560.c
+++ b/tests/libtest/lib1560.c
@@ -35,8 +35,6 @@
 #define USE_IDN
 #endif
 
-#include "memdebug.h" /* LAST include file */
-
 static int checkparts(CURLU *u, const char *in, const char *wanted,
                       unsigned int getflags)
 {
diff --git a/tests/libtest/lib1564.c b/tests/libtest/lib1564.c
index 42b3a07d1a..23d0c2cd6f 100644
--- a/tests/libtest/lib1564.c
+++ b/tests/libtest/lib1564.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 #define WAKEUP_NUM 10
 
 static CURLcode test_lib1564(const char *URL)
diff --git a/tests/libtest/lib1565.c b/tests/libtest/lib1565.c
index 7e983978e7..506959dd90 100644
--- a/tests/libtest/lib1565.c
+++ b/tests/libtest/lib1565.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 #ifdef HAVE_PTHREAD_H
 #include 
 
diff --git a/tests/libtest/lib1567.c b/tests/libtest/lib1567.c
index e001615725..539da3c34f 100644
--- a/tests/libtest/lib1567.c
+++ b/tests/libtest/lib1567.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 #include 
 
 static CURLcode test_lib1567(const char *URL)
diff --git a/tests/libtest/lib1568.c b/tests/libtest/lib1568.c
index 89dd83480d..0db1e49e2f 100644
--- a/tests/libtest/lib1568.c
+++ b/tests/libtest/lib1568.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1568(const char *URL)
 {
   CURLcode res = TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib1569.c b/tests/libtest/lib1569.c
index c2fd27bfe1..44d77a5d45 100644
--- a/tests/libtest/lib1569.c
+++ b/tests/libtest/lib1569.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1569(const char *URL)
 {
   CURLcode res = CURLE_OK;
diff --git a/tests/libtest/lib1571.c b/tests/libtest/lib1571.c
index 622be2f643..8b29a9a1bf 100644
--- a/tests/libtest/lib1571.c
+++ b/tests/libtest/lib1571.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1571(const char *URL)
 {
   CURLcode res;
diff --git a/tests/libtest/lib1576.c b/tests/libtest/lib1576.c
index 203ef2b989..9a5d415193 100644
--- a/tests/libtest/lib1576.c
+++ b/tests/libtest/lib1576.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static char t1576_testdata[] = "request indicates that the client, which made";
 
 static size_t t1576_read_cb(char *ptr, size_t size, size_t nmemb, void *stream)
diff --git a/tests/libtest/lib1582.c b/tests/libtest/lib1582.c
index 0e209beee4..e1877a99ac 100644
--- a/tests/libtest/lib1582.c
+++ b/tests/libtest/lib1582.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1582(const char *URL)
 {
   CURLcode res;
diff --git a/tests/libtest/lib1591.c b/tests/libtest/lib1591.c
index 3031ba1bb7..42761c3065 100644
--- a/tests/libtest/lib1591.c
+++ b/tests/libtest/lib1591.c
@@ -29,8 +29,6 @@
 
 #include "first.h"
 
-#include "memdebug.h"
-
 static size_t consumed = 0;
 
 static size_t t1591_read_cb(char *ptr, size_t size, size_t nmemb, void *stream)
diff --git a/tests/libtest/lib1593.c b/tests/libtest/lib1593.c
index 5b6e57d4f7..f8d7be9d72 100644
--- a/tests/libtest/lib1593.c
+++ b/tests/libtest/lib1593.c
@@ -26,8 +26,6 @@
 
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1593(const char *URL)
 {
   struct curl_slist *header = NULL;
diff --git a/tests/libtest/lib1594.c b/tests/libtest/lib1594.c
index 5c8db3ae92..6cf5cace53 100644
--- a/tests/libtest/lib1594.c
+++ b/tests/libtest/lib1594.c
@@ -26,8 +26,6 @@
 
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1594(const char *URL)
 {
   struct curl_slist *header = NULL;
diff --git a/tests/libtest/lib1597.c b/tests/libtest/lib1597.c
index 251016641e..a338a53944 100644
--- a/tests/libtest/lib1597.c
+++ b/tests/libtest/lib1597.c
@@ -26,8 +26,6 @@
 
 #include "first.h"
 
-#include "memdebug.h"
-
 struct pair {
   const char *in;
   CURLcode *exp;
diff --git a/tests/libtest/lib1598.c b/tests/libtest/lib1598.c
index 4120916ff0..8d9ec7eb8e 100644
--- a/tests/libtest/lib1598.c
+++ b/tests/libtest/lib1598.c
@@ -29,8 +29,6 @@
 
 #include "first.h"
 
-#include "memdebug.h"
-
 /*
  * carefully not leak memory on OOM
  */
diff --git a/tests/libtest/lib1900.c b/tests/libtest/lib1900.c
index 2f0954bb6c..04ce5aa9f1 100644
--- a/tests/libtest/lib1900.c
+++ b/tests/libtest/lib1900.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1900(const char *URL)
 {
   CURLcode res = CURLE_OK;
diff --git a/tests/libtest/lib1901.c b/tests/libtest/lib1901.c
index cb66001f9b..4494633b94 100644
--- a/tests/libtest/lib1901.c
+++ b/tests/libtest/lib1901.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static size_t t1901_read_cb(char *ptr, size_t size, size_t nmemb, void *stream)
 {
   static const char *chunks[] = {
diff --git a/tests/libtest/lib1902.c b/tests/libtest/lib1902.c
index 8e5929e338..e114554ec5 100644
--- a/tests/libtest/lib1902.c
+++ b/tests/libtest/lib1902.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1902(const char *URL)
 {
   CURLcode res = CURLE_OK;
diff --git a/tests/libtest/lib1903.c b/tests/libtest/lib1903.c
index fc2858d5ee..19c2f50e19 100644
--- a/tests/libtest/lib1903.c
+++ b/tests/libtest/lib1903.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1903(const char *URL)
 {
   CURLcode res = CURLE_OK;
diff --git a/tests/libtest/lib1905.c b/tests/libtest/lib1905.c
index 600e696238..d1fdba4d2e 100644
--- a/tests/libtest/lib1905.c
+++ b/tests/libtest/lib1905.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1905(const char *URL)
 {
   CURLSH *share = NULL;
diff --git a/tests/libtest/lib1906.c b/tests/libtest/lib1906.c
index da0f9f56b9..07404f8b90 100644
--- a/tests/libtest/lib1906.c
+++ b/tests/libtest/lib1906.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1906(const char *URL)
 {
   CURLcode res = CURLE_OK;
diff --git a/tests/libtest/lib1907.c b/tests/libtest/lib1907.c
index 0a3556719b..ebf106d3b1 100644
--- a/tests/libtest/lib1907.c
+++ b/tests/libtest/lib1907.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1907(const char *URL)
 {
   char *url_after;
diff --git a/tests/libtest/lib1908.c b/tests/libtest/lib1908.c
index ac841ca1a1..2ceb04d5a2 100644
--- a/tests/libtest/lib1908.c
+++ b/tests/libtest/lib1908.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1908(const char *URL)
 {
   CURLcode res = TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib1910.c b/tests/libtest/lib1910.c
index ebe86c1245..4f22777526 100644
--- a/tests/libtest/lib1910.c
+++ b/tests/libtest/lib1910.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1910(const char *URL)
 {
   CURLcode res = TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib1911.c b/tests/libtest/lib1911.c
index 46c73ffb36..0f88752b6f 100644
--- a/tests/libtest/lib1911.c
+++ b/tests/libtest/lib1911.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 /* The maximum string length limit (CURL_MAX_INPUT_LENGTH) is an internal
    define not publicly exposed so we set our own */
 #define MAX_INPUT_LENGTH 8000000
diff --git a/tests/libtest/lib1912.c b/tests/libtest/lib1912.c
index 0dd246e461..76ba51c447 100644
--- a/tests/libtest/lib1912.c
+++ b/tests/libtest/lib1912.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 #define print_err(name, exp)                                            \
   curl_mfprintf(stderr, "Type mismatch for CURLOPT_%s (expected %s)\n", \
                 name, exp)
diff --git a/tests/libtest/lib1913.c b/tests/libtest/lib1913.c
index cea7a6c6ec..b4b4ab720f 100644
--- a/tests/libtest/lib1913.c
+++ b/tests/libtest/lib1913.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1913(const char *URL)
 {
   CURLcode res = TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib1915.c b/tests/libtest/lib1915.c
index e47ae9ee80..367533aef6 100644
--- a/tests/libtest/lib1915.c
+++ b/tests/libtest/lib1915.c
@@ -24,7 +24,6 @@
 #include "first.h"
 
 #include "testtrace.h"
-#include "memdebug.h"
 
 struct state {
   int index;
diff --git a/tests/libtest/lib1916.c b/tests/libtest/lib1916.c
index 24583ab8a1..4c66b1b97e 100644
--- a/tests/libtest/lib1916.c
+++ b/tests/libtest/lib1916.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1916(const char *URL)
 {
   CURL *curl;
diff --git a/tests/libtest/lib1918.c b/tests/libtest/lib1918.c
index de9252107b..d995639164 100644
--- a/tests/libtest/lib1918.c
+++ b/tests/libtest/lib1918.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1918(const char *URL)
 {
   const struct curl_easyoption *o;
diff --git a/tests/libtest/lib1919.c b/tests/libtest/lib1919.c
index a619850dc7..79d31810a4 100644
--- a/tests/libtest/lib1919.c
+++ b/tests/libtest/lib1919.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1919(const char *URL)
 {
   CURLcode res = CURLE_OK;
diff --git a/tests/libtest/lib1933.c b/tests/libtest/lib1933.c
index bdd914a641..8b02f16aa7 100644
--- a/tests/libtest/lib1933.c
+++ b/tests/libtest/lib1933.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1933(const char *URL)
 {
   CURL *curl;
diff --git a/tests/libtest/lib1934.c b/tests/libtest/lib1934.c
index 2cffaa9bc7..465dfeb5de 100644
--- a/tests/libtest/lib1934.c
+++ b/tests/libtest/lib1934.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1934(const char *URL)
 {
   CURL *curl;
diff --git a/tests/libtest/lib1935.c b/tests/libtest/lib1935.c
index 4f6a1ebb73..61382399a3 100644
--- a/tests/libtest/lib1935.c
+++ b/tests/libtest/lib1935.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1935(const char *URL)
 {
   CURL *curl;
diff --git a/tests/libtest/lib1936.c b/tests/libtest/lib1936.c
index 438cf92c58..20b170397e 100644
--- a/tests/libtest/lib1936.c
+++ b/tests/libtest/lib1936.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1936(const char *URL)
 {
   CURL *curl;
diff --git a/tests/libtest/lib1937.c b/tests/libtest/lib1937.c
index 4903f7409a..c6fb120b6a 100644
--- a/tests/libtest/lib1937.c
+++ b/tests/libtest/lib1937.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1937(const char *URL)
 {
   CURL *curl;
diff --git a/tests/libtest/lib1938.c b/tests/libtest/lib1938.c
index c0bfb6b8ce..b585c53c01 100644
--- a/tests/libtest/lib1938.c
+++ b/tests/libtest/lib1938.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1938(const char *URL)
 {
   CURL *curl;
diff --git a/tests/libtest/lib1939.c b/tests/libtest/lib1939.c
index 9985af5adc..b3d79fc68d 100644
--- a/tests/libtest/lib1939.c
+++ b/tests/libtest/lib1939.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1939(const char *URL)
 {
   CURLM *multi;
diff --git a/tests/libtest/lib1940.c b/tests/libtest/lib1940.c
index 283128dc31..75b8f7818c 100644
--- a/tests/libtest/lib1940.c
+++ b/tests/libtest/lib1940.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static size_t t1940_write_cb(char *data, size_t n, size_t l, void *userp)
 {
   /* take care of the data here, ignored in this example */
diff --git a/tests/libtest/lib1945.c b/tests/libtest/lib1945.c
index ee8e69f100..99044880cf 100644
--- a/tests/libtest/lib1945.c
+++ b/tests/libtest/lib1945.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static void t1945_showem(CURL *curl, unsigned int type)
 {
   struct curl_header *header = NULL;
diff --git a/tests/libtest/lib1947.c b/tests/libtest/lib1947.c
index 19fbcb7af4..acbc260aa1 100644
--- a/tests/libtest/lib1947.c
+++ b/tests/libtest/lib1947.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static size_t t1947_write_cb(char *data, size_t n, size_t l, void *userp)
 {
   /* ignore the data */
diff --git a/tests/libtest/lib1955.c b/tests/libtest/lib1955.c
index e47a52275e..3fe118269e 100644
--- a/tests/libtest/lib1955.c
+++ b/tests/libtest/lib1955.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1955(const char *URL)
 {
   CURL *curl;
diff --git a/tests/libtest/lib1956.c b/tests/libtest/lib1956.c
index 0f1c72e3d2..a86a4c9e4c 100644
--- a/tests/libtest/lib1956.c
+++ b/tests/libtest/lib1956.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1956(const char *URL)
 {
   CURL *curl;
diff --git a/tests/libtest/lib1957.c b/tests/libtest/lib1957.c
index 8eeed09b7c..c7864a150c 100644
--- a/tests/libtest/lib1957.c
+++ b/tests/libtest/lib1957.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1957(const char *URL)
 {
   CURL *curl;
diff --git a/tests/libtest/lib1958.c b/tests/libtest/lib1958.c
index 7a94c76709..9a7f12f286 100644
--- a/tests/libtest/lib1958.c
+++ b/tests/libtest/lib1958.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1958(const char *URL)
 {
   CURL *curl;
diff --git a/tests/libtest/lib1959.c b/tests/libtest/lib1959.c
index d718149772..6739cfe3ab 100644
--- a/tests/libtest/lib1959.c
+++ b/tests/libtest/lib1959.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1959(const char *URL)
 {
   CURL *curl;
diff --git a/tests/libtest/lib1960.c b/tests/libtest/lib1960.c
index 152b1053f1..2dbdf5995f 100644
--- a/tests/libtest/lib1960.c
+++ b/tests/libtest/lib1960.c
@@ -32,8 +32,6 @@
 #include 
 #endif
 
-#include "memdebug.h"
-
 /* to prevent libcurl from closing our socket */
 static int closesocket_cb(void *clientp, curl_socket_t item)
 {
diff --git a/tests/libtest/lib1964.c b/tests/libtest/lib1964.c
index cbad31dcc0..9536575ba8 100644
--- a/tests/libtest/lib1964.c
+++ b/tests/libtest/lib1964.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1964(const char *URL)
 {
   CURL *curl;
diff --git a/tests/libtest/lib1970.c b/tests/libtest/lib1970.c
index 5ba51f6a58..fa110462c2 100644
--- a/tests/libtest/lib1970.c
+++ b/tests/libtest/lib1970.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1970(const char *URL)
 {
   CURL *curl;
diff --git a/tests/libtest/lib1971.c b/tests/libtest/lib1971.c
index bc25226bde..982f06b286 100644
--- a/tests/libtest/lib1971.c
+++ b/tests/libtest/lib1971.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static size_t t1971_read_cb(char *ptr, size_t size, size_t nitems, void *userp)
 {
   (void)ptr;
diff --git a/tests/libtest/lib1972.c b/tests/libtest/lib1972.c
index ec9c9b0698..7931e866bf 100644
--- a/tests/libtest/lib1972.c
+++ b/tests/libtest/lib1972.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1972(const char *URL)
 {
   CURL *curl;
diff --git a/tests/libtest/lib1973.c b/tests/libtest/lib1973.c
index e887e80c2e..2cc1c8ebfe 100644
--- a/tests/libtest/lib1973.c
+++ b/tests/libtest/lib1973.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1973(const char *URL)
 {
   CURL *curl;
diff --git a/tests/libtest/lib1974.c b/tests/libtest/lib1974.c
index b2d0b59450..1534cfadee 100644
--- a/tests/libtest/lib1974.c
+++ b/tests/libtest/lib1974.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1974(const char *URL)
 {
   CURL *curl;
diff --git a/tests/libtest/lib1975.c b/tests/libtest/lib1975.c
index d6c05a1251..c5b6568a07 100644
--- a/tests/libtest/lib1975.c
+++ b/tests/libtest/lib1975.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static size_t t1975_read_cb(char *ptr, size_t size, size_t nitems, void *userp)
 {
   (void)ptr;
diff --git a/tests/libtest/lib1977.c b/tests/libtest/lib1977.c
index dae8bcbae7..10412f66c0 100644
--- a/tests/libtest/lib1977.c
+++ b/tests/libtest/lib1977.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1977(const char *URL)
 {
   CURLcode res = CURLE_OK;
diff --git a/tests/libtest/lib1978.c b/tests/libtest/lib1978.c
index 113f06da8f..6c06e727dc 100644
--- a/tests/libtest/lib1978.c
+++ b/tests/libtest/lib1978.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib1978(const char *URL)
 {
   CURL *curl;
diff --git a/tests/libtest/lib2023.c b/tests/libtest/lib2023.c
index 8c181fa093..1475deb2d3 100644
--- a/tests/libtest/lib2023.c
+++ b/tests/libtest/lib2023.c
@@ -28,14 +28,12 @@
 
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode send_request(CURL *curl, const char *url, int seq,
                              long auth_scheme, const char *userpwd)
 {
   CURLcode res;
   size_t len = strlen(url) + 4 + 1;
-  char *full_url = malloc(len);
+  char *full_url = curlx_malloc(len);
   if(!full_url) {
     curl_mfprintf(stderr, "Not enough memory for full url\n");
     return CURLE_OUT_OF_MEMORY;
@@ -54,7 +52,7 @@ static CURLcode send_request(CURL *curl, const char *url, int seq,
   res = curl_easy_perform(curl);
 
 test_cleanup:
-  free(full_url);
+  curlx_free(full_url);
   return res;
 }
 
diff --git a/tests/libtest/lib2032.c b/tests/libtest/lib2032.c
index e0f9990f59..a733f34e6f 100644
--- a/tests/libtest/lib2032.c
+++ b/tests/libtest/lib2032.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 #define MAX_EASY_HANDLES 3
 
 static int ntlm_counter[MAX_EASY_HANDLES];
@@ -92,7 +90,7 @@ static CURLcode test_lib2032(const char *URL)  /* libntlmconnect */
   int num_handles = 0;
   enum HandleState state = ReadyForNewHandle;
   size_t urllen = strlen(URL) + 4 + 1;
-  char *full_url = malloc(urllen);
+  char *full_url = curlx_malloc(urllen);
 
   start_test_timing();
 
@@ -108,7 +106,7 @@ static CURLcode test_lib2032(const char *URL)  /* libntlmconnect */
 
   res_global_init(CURL_GLOBAL_ALL);
   if(res) {
-    free(full_url);
+    curlx_free(full_url);
     return res;
   }
 
@@ -230,7 +228,7 @@ test_cleanup:
   curl_multi_cleanup(multi);
   curl_global_cleanup();
 
-  free(full_url);
+  curlx_free(full_url);
 
   return res;
 }
diff --git a/tests/libtest/lib2302.c b/tests/libtest/lib2302.c
index 47276197bb..aa0be3d514 100644
--- a/tests/libtest/lib2302.c
+++ b/tests/libtest/lib2302.c
@@ -102,7 +102,7 @@ static CURLcode test_lib2302(const char *URL)
   global_init(CURL_GLOBAL_ALL);
 
   memset(&ws_data, 0, sizeof(ws_data));
-  ws_data.buf = (char *)calloc(LIB2302_BUFSIZE, 1);
+  ws_data.buf = (char *)curlx_calloc(LIB2302_BUFSIZE, 1);
   if(ws_data.buf) {
     curl = curl_easy_init();
     if(curl) {
@@ -120,7 +120,7 @@ static CURLcode test_lib2302(const char *URL)
       curl_easy_cleanup(curl);
       flush_data(&ws_data);
     }
-    free(ws_data.buf);
+    curlx_free(ws_data.buf);
   }
   curl_global_cleanup();
   return res;
diff --git a/tests/libtest/lib2402.c b/tests/libtest/lib2402.c
index 1695208716..58c1b6c431 100644
--- a/tests/libtest/lib2402.c
+++ b/tests/libtest/lib2402.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib2402(const char *URL)
 {
   CURLcode res = CURLE_OK;
diff --git a/tests/libtest/lib2404.c b/tests/libtest/lib2404.c
index 42d81d8d4a..93a3ef926f 100644
--- a/tests/libtest/lib2404.c
+++ b/tests/libtest/lib2404.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib2404(const char *URL)
 {
   CURLcode res = CURLE_OK;
diff --git a/tests/libtest/lib2405.c b/tests/libtest/lib2405.c
index 4f3c8015c6..97d0d5d231 100644
--- a/tests/libtest/lib2405.c
+++ b/tests/libtest/lib2405.c
@@ -39,8 +39,6 @@
 
 #include "first.h"
 
-#include "memdebug.h"
-
 /* ---------------------------------------------------------------- */
 
 #define test_check(expected_fds) \
diff --git a/tests/libtest/lib2502.c b/tests/libtest/lib2502.c
index b9a2cabd79..4b5e0ef683 100644
--- a/tests/libtest/lib2502.c
+++ b/tests/libtest/lib2502.c
@@ -24,7 +24,6 @@
 #include "first.h"
 
 #include "testtrace.h"
-#include "memdebug.h"
 
 static CURLcode test_lib2502(const char *URL)
 {
diff --git a/tests/libtest/lib2700.c b/tests/libtest/lib2700.c
index f509089645..1760d243ea 100644
--- a/tests/libtest/lib2700.c
+++ b/tests/libtest/lib2700.c
@@ -24,7 +24,6 @@
 #include "first.h"
 
 #include "testtrace.h"
-#include "memdebug.h"
 
 #ifndef CURL_DISABLE_WEBSOCKETS
 
diff --git a/tests/libtest/lib3010.c b/tests/libtest/lib3010.c
index 4595f4de35..0f805c2d6f 100644
--- a/tests/libtest/lib3010.c
+++ b/tests/libtest/lib3010.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib3010(const char *URL)
 {
   CURLcode res = TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib3025.c b/tests/libtest/lib3025.c
index b0056193b7..7d94c40626 100644
--- a/tests/libtest/lib3025.c
+++ b/tests/libtest/lib3025.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib3025(const char *URL)
 {
   CURLcode res;
diff --git a/tests/libtest/lib3027.c b/tests/libtest/lib3027.c
index 5cd2bd757d..7a25c214bb 100644
--- a/tests/libtest/lib3027.c
+++ b/tests/libtest/lib3027.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib3027(const char *URL)
 {
   CURLcode ret = CURLE_OK;
diff --git a/tests/libtest/lib3033.c b/tests/libtest/lib3033.c
index b00bba9e74..428de8afc3 100644
--- a/tests/libtest/lib3033.c
+++ b/tests/libtest/lib3033.c
@@ -25,8 +25,6 @@
 
 #include "testtrace.h"
 
-#include "memdebug.h"
-
 static CURLcode t3033_req_test(CURLM *multi, CURL *curl,
                                const char *URL, int index)
 {
diff --git a/tests/libtest/lib3100.c b/tests/libtest/lib3100.c
index b661aa76ce..e9a2b4111c 100644
--- a/tests/libtest/lib3100.c
+++ b/tests/libtest/lib3100.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib3100(const char *URL)
 {
   CURLcode res;
diff --git a/tests/libtest/lib3101.c b/tests/libtest/lib3101.c
index 3f5cbce17c..d95167f0ce 100644
--- a/tests/libtest/lib3101.c
+++ b/tests/libtest/lib3101.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib3101(const char *URL)
 {
   CURLcode res;
diff --git a/tests/libtest/lib3102.c b/tests/libtest/lib3102.c
index 9cc87543dc..72da47551e 100644
--- a/tests/libtest/lib3102.c
+++ b/tests/libtest/lib3102.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 /*
  * Verify correct order of certificates in the chain by comparing the
  * subject and issuer attributes of each certificate.
diff --git a/tests/libtest/lib3103.c b/tests/libtest/lib3103.c
index 5b25e1cd41..4e3a0d79fd 100644
--- a/tests/libtest/lib3103.c
+++ b/tests/libtest/lib3103.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib3103(const char *URL)
 {
   CURLcode res = CURLE_OK;
diff --git a/tests/libtest/lib3104.c b/tests/libtest/lib3104.c
index dd1500ede5..278aa515b1 100644
--- a/tests/libtest/lib3104.c
+++ b/tests/libtest/lib3104.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib3104(const char *URL)
 {
   CURLcode res = CURLE_OK;
diff --git a/tests/libtest/lib3105.c b/tests/libtest/lib3105.c
index 808fd98ca4..a3cbf28bb8 100644
--- a/tests/libtest/lib3105.c
+++ b/tests/libtest/lib3105.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib3105(const char *URL)
 {
   CURL *curl = NULL;
diff --git a/tests/libtest/lib3207.c b/tests/libtest/lib3207.c
index 8ba88e4a66..7757643a26 100644
--- a/tests/libtest/lib3207.c
+++ b/tests/libtest/lib3207.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 #ifdef USE_THREADS_POSIX
 #include 
 #endif
@@ -48,7 +46,7 @@ static size_t write_memory_callback(char *contents, size_t size,
   /* append the data to contents */
   size_t realsize = size * nmemb;
   struct Ctx *mem = (struct Ctx *)userp;
-  char *data = (char *)malloc(realsize + 1);
+  char *data = (char *)curlx_malloc(realsize + 1);
   struct curl_slist *item_append = NULL;
   if(!data) {
     curl_mprintf("not enough memory (malloc returned NULL)\n");
@@ -57,7 +55,7 @@ static size_t write_memory_callback(char *contents, size_t size,
   memcpy(data, contents, realsize);
   data[realsize] = '\0';
   item_append = curl_slist_append(mem->contents, data);
-  free(data);
+  curlx_free(data);
   if(item_append) {
     mem->contents = item_append;
   }
diff --git a/tests/libtest/lib3208.c b/tests/libtest/lib3208.c
index 39585c1597..befa92e6d0 100644
--- a/tests/libtest/lib3208.c
+++ b/tests/libtest/lib3208.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib3208(const char *URL)
 {
   CURL *curl = NULL;
diff --git a/tests/libtest/lib500.c b/tests/libtest/lib500.c
index ff886a05ca..0d01b01026 100644
--- a/tests/libtest/lib500.c
+++ b/tests/libtest/lib500.c
@@ -24,7 +24,6 @@
 #include "first.h"
 
 #include "testtrace.h"
-#include "memdebug.h"
 
 static int testcounter;
 
diff --git a/tests/libtest/lib501.c b/tests/libtest/lib501.c
index d761c8a636..3dbed1cd4f 100644
--- a/tests/libtest/lib501.c
+++ b/tests/libtest/lib501.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib501(const char *URL)
 {
   CURLcode res;
diff --git a/tests/libtest/lib502.c b/tests/libtest/lib502.c
index c33783ea68..4e1fc14a97 100644
--- a/tests/libtest/lib502.c
+++ b/tests/libtest/lib502.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 /*
  * Get a single URL without select().
  */
diff --git a/tests/libtest/lib503.c b/tests/libtest/lib503.c
index 34a6105bf7..48f0b671b9 100644
--- a/tests/libtest/lib503.c
+++ b/tests/libtest/lib503.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 /*
  * Source code in here hugely as reported in bug report 651460 by
  * Christopher R. Palmer.
diff --git a/tests/libtest/lib504.c b/tests/libtest/lib504.c
index fa9338f262..996130c246 100644
--- a/tests/libtest/lib504.c
+++ b/tests/libtest/lib504.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 /*
  * Source code in here hugely as reported in bug report 651464 by
  * Christopher R. Palmer.
diff --git a/tests/libtest/lib505.c b/tests/libtest/lib505.c
index 37cc1e0b3f..b28a01a9ce 100644
--- a/tests/libtest/lib505.c
+++ b/tests/libtest/lib505.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 /*
  * This example shows an FTP upload, with a rename of the file just after
  * a successful upload.
diff --git a/tests/libtest/lib506.c b/tests/libtest/lib506.c
index 928c33b13c..3d2a3556fd 100644
--- a/tests/libtest/lib506.c
+++ b/tests/libtest/lib506.c
@@ -24,7 +24,6 @@
 #include "first.h"
 
 #include "testutil.h"
-#include "memdebug.h"
 
 #define THREADS 2
 
diff --git a/tests/libtest/lib507.c b/tests/libtest/lib507.c
index 9a306d39a6..0496099ce2 100644
--- a/tests/libtest/lib507.c
+++ b/tests/libtest/lib507.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib507(const char *URL)
 {
   CURL *curl = NULL;
diff --git a/tests/libtest/lib508.c b/tests/libtest/lib508.c
index a4c25b7918..6975051500 100644
--- a/tests/libtest/lib508.c
+++ b/tests/libtest/lib508.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 struct t508_WriteThis {
   const char *readptr;
   size_t sizeleft;
diff --git a/tests/libtest/lib509.c b/tests/libtest/lib509.c
index a8be3eae52..b5a0c583e0 100644
--- a/tests/libtest/lib509.c
+++ b/tests/libtest/lib509.c
@@ -29,9 +29,8 @@
  * libcurl and that it works unconditionally no matter how libcurl is built,
  * nothing more.
  *
- * Do not include memdebug.h in this source file, and do not use directly
- * memory related functions in this file except those used inside custom
- * memory callbacks which should be calling 'the real thing'.
+ * Do not use directly memory related functions in this file except those used
+ * inside custom memory callbacks which should be calling 'the real thing'.
  */
 
 static int seen;
@@ -39,31 +38,40 @@ static int seen;
 static void *custom_calloc(size_t nmemb, size_t size)
 {
   seen++;
-  return (calloc)(nmemb, size);
+  /* !checksrc! disable BANNEDFUNC 1 */
+  return calloc(nmemb, size);
 }
 
 static void *custom_malloc(size_t size)
 {
   seen++;
-  return (malloc)(size);
+  /* !checksrc! disable BANNEDFUNC 1 */
+  return malloc(size);
 }
 
 static char *custom_strdup(const char *ptr)
 {
   seen++;
-  return (strdup)(ptr);
+#ifdef _WIN32
+  return _strdup(ptr);
+#else
+  /* !checksrc! disable BANNEDFUNC 1 */
+  return strdup(ptr);
+#endif
 }
 
 static void *custom_realloc(void *ptr, size_t size)
 {
   seen++;
-  return (realloc)(ptr, size);
+  /* !checksrc! disable BANNEDFUNC 1 */
+  return realloc(ptr, size);
 }
 
 static void custom_free(void *ptr)
 {
   seen++;
-  (free)(ptr);
+  /* !checksrc! disable BANNEDFUNC 1 */
+  free(ptr);
 }
 
 
@@ -95,10 +103,11 @@ static CURLcode test_lib509(const char *URL)
     return TEST_ERR_MAJOR_BAD;
   }
 
-  test_setopt(curl, CURLOPT_USERAGENT, "test509"); /* uses strdup() */
+  test_setopt(curl, CURLOPT_USERAGENT, "test509"); /* uses curlx_strdup() */
 
   asize = (int)sizeof(a);
-  str = curl_easy_escape(curl, (const char *)a, asize); /* uses realloc() */
+  /* uses curlx_realloc() */
+  str = curl_easy_escape(curl, (const char *)a, asize);
 
   if(seen)
     curl_mprintf("Callbacks were invoked!\n");
diff --git a/tests/libtest/lib510.c b/tests/libtest/lib510.c
index da270c1c92..d2df0eaf20 100644
--- a/tests/libtest/lib510.c
+++ b/tests/libtest/lib510.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 struct t510_WriteThis {
   int counter;
 };
diff --git a/tests/libtest/lib511.c b/tests/libtest/lib511.c
index 1db4093780..c4e78a1117 100644
--- a/tests/libtest/lib511.c
+++ b/tests/libtest/lib511.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib511(const char *URL)
 {
   CURLcode res;
diff --git a/tests/libtest/lib512.c b/tests/libtest/lib512.c
index 59a1cd7595..be7187542a 100644
--- a/tests/libtest/lib512.c
+++ b/tests/libtest/lib512.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 /* Test case code based on source in a bug report filed by James Bursa on
    28 Apr 2004 */
 
diff --git a/tests/libtest/lib513.c b/tests/libtest/lib513.c
index 3d0afb1191..1458971007 100644
--- a/tests/libtest/lib513.c
+++ b/tests/libtest/lib513.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static size_t t513_read_cb(char *ptr, size_t size, size_t nmemb, void *userp)
 {
   (void)ptr;
diff --git a/tests/libtest/lib514.c b/tests/libtest/lib514.c
index f47cdb321d..0ce96f5be8 100644
--- a/tests/libtest/lib514.c
+++ b/tests/libtest/lib514.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib514(const char *URL)
 {
   CURL *curl;
diff --git a/tests/libtest/lib515.c b/tests/libtest/lib515.c
index d9814525df..b0d3a65d50 100644
--- a/tests/libtest/lib515.c
+++ b/tests/libtest/lib515.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib515(const char *URL)
 {
   CURL *curl;
diff --git a/tests/libtest/lib516.c b/tests/libtest/lib516.c
index b7778a6a76..42b63c9d87 100644
--- a/tests/libtest/lib516.c
+++ b/tests/libtest/lib516.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib516(const char *URL)
 {
   CURL *curl;
diff --git a/tests/libtest/lib517.c b/tests/libtest/lib517.c
index 01d3ac4bad..843c5c03f0 100644
--- a/tests/libtest/lib517.c
+++ b/tests/libtest/lib517.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib517(const char *URL)
 {
   struct dcheck {
diff --git a/tests/libtest/lib518.c b/tests/libtest/lib518.c
index b8a9ec4a6a..d785857bb1 100644
--- a/tests/libtest/lib518.c
+++ b/tests/libtest/lib518.c
@@ -24,7 +24,6 @@
 #include "first.h"
 
 #include "testutil.h"
-#include "memdebug.h"
 
 #ifndef FD_SETSIZE
 #error "this test requires FD_SETSIZE"
@@ -65,7 +64,7 @@ static void t518_close_file_descriptors(void)
       t518_num_open.rlim_cur++)
     if(t518_testfd[t518_num_open.rlim_cur] > 0)
       close(t518_testfd[t518_num_open.rlim_cur]);
-  free(t518_testfd);
+  curlx_free(t518_testfd);
   t518_testfd = NULL;
 }
 
@@ -213,8 +212,8 @@ static int t518_test_rlimit(int keep_open)
    * avoid a low memory condition once the file descriptors are
    * open. System conditions that could make the test fail should
    * be addressed in the precheck phase. This chunk of memory shall
-   * be always free()ed before exiting the t518_test_rlimit() function so
-   * that it becomes available to the test.
+   * be always curlx_free()ed before exiting the t518_test_rlimit()
+   * function so that it becomes available to the test.
    */
 
   for(nitems = i = 1; nitems <= i; i *= 2)
@@ -225,7 +224,7 @@ static int t518_test_rlimit(int keep_open)
     t518_num_open.rlim_max = sizeof(*memchunk) * nitems;
     tutil_rlim2str(strbuff, sizeof(strbuff), t518_num_open.rlim_max);
     curl_mfprintf(stderr, "allocating memchunk %s byte array\n", strbuff);
-    memchunk = malloc(sizeof(*memchunk) * (size_t)nitems);
+    memchunk = curlx_malloc(sizeof(*memchunk) * (size_t)nitems);
     if(!memchunk) {
       curl_mfprintf(stderr, "memchunk, malloc() failed\n");
       nitems /= 2;
@@ -248,7 +247,7 @@ static int t518_test_rlimit(int keep_open)
 
   t518_num_open.rlim_max = NUM_OPEN;
 
-  /* verify that we do not overflow size_t in malloc() */
+  /* verify that we do not overflow size_t in curlx_malloc() */
 
   if((size_t)(t518_num_open.rlim_max) > ((size_t)-1) / sizeof(*t518_testfd)) {
     tutil_rlim2str(strbuff1, sizeof(strbuff1), t518_num_open.rlim_max);
@@ -257,7 +256,7 @@ static int t518_test_rlimit(int keep_open)
                    "file descriptors, would overflow size_t", strbuff1);
     t518_store_errmsg(strbuff, 0);
     curl_mfprintf(stderr, "%s\n", t518_msgbuff);
-    free(memchunk);
+    curlx_free(memchunk);
     return -6;
   }
 
@@ -266,12 +265,12 @@ static int t518_test_rlimit(int keep_open)
   tutil_rlim2str(strbuff, sizeof(strbuff), t518_num_open.rlim_max);
   curl_mfprintf(stderr, "allocating array for %s file descriptors\n", strbuff);
 
-  t518_testfd = malloc(sizeof(*t518_testfd) *
-                       (size_t)(t518_num_open.rlim_max));
+  t518_testfd = curlx_malloc(sizeof(*t518_testfd) *
+                             (size_t)(t518_num_open.rlim_max));
   if(!t518_testfd) {
     t518_store_errmsg("testfd, malloc() failed", errno);
     curl_mfprintf(stderr, "%s\n", t518_msgbuff);
-    free(memchunk);
+    curlx_free(memchunk);
     return -7;
   }
 
@@ -294,9 +293,9 @@ static int t518_test_rlimit(int keep_open)
     curl_msnprintf(strbuff, sizeof(strbuff), "opening of %s failed", DEV_NULL);
     t518_store_errmsg(strbuff, errno);
     curl_mfprintf(stderr, "%s\n", t518_msgbuff);
-    free(t518_testfd);
+    curlx_free(t518_testfd);
     t518_testfd = NULL;
-    free(memchunk);
+    curlx_free(memchunk);
     return -8;
   }
 
@@ -335,9 +334,9 @@ static int t518_test_rlimit(int keep_open)
           t518_testfd[t518_num_open.rlim_cur] >= 0;
           t518_num_open.rlim_cur++)
         close(t518_testfd[t518_num_open.rlim_cur]);
-      free(t518_testfd);
+      curlx_free(t518_testfd);
       t518_testfd = NULL;
-      free(memchunk);
+      curlx_free(memchunk);
       return -9;
     }
   }
@@ -365,7 +364,7 @@ static int t518_test_rlimit(int keep_open)
     t518_store_errmsg(strbuff, 0);
     curl_mfprintf(stderr, "%s\n", t518_msgbuff);
     t518_close_file_descriptors();
-    free(memchunk);
+    curlx_free(memchunk);
     return -10;
   }
 
@@ -380,7 +379,7 @@ static int t518_test_rlimit(int keep_open)
       t518_store_errmsg(strbuff, 0);
       curl_mfprintf(stderr, "%s\n", t518_msgbuff);
       t518_close_file_descriptors();
-      free(memchunk);
+      curlx_free(memchunk);
       return -11;
     }
   }
@@ -405,14 +404,14 @@ static int t518_test_rlimit(int keep_open)
                    "fopen fails with lots of fds open");
     t518_store_errmsg(strbuff, 0);
     t518_close_file_descriptors();
-    free(memchunk);
+    curlx_free(memchunk);
     return -12;
   }
 
   /* free the chunk of memory we were reserving so that it
      becomes available to the test */
 
-  free(memchunk);
+  curlx_free(memchunk);
 
   /* close file descriptors unless instructed to keep them */
 
diff --git a/tests/libtest/lib519.c b/tests/libtest/lib519.c
index 615e8aac8a..0d2f23e0d3 100644
--- a/tests/libtest/lib519.c
+++ b/tests/libtest/lib519.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib519(const char *URL)
 {
   CURLcode res;
diff --git a/tests/libtest/lib520.c b/tests/libtest/lib520.c
index 34f7c541e2..b3e67864e2 100644
--- a/tests/libtest/lib520.c
+++ b/tests/libtest/lib520.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib520(const char *URL)
 {
   CURLcode res;
diff --git a/tests/libtest/lib521.c b/tests/libtest/lib521.c
index acfec70381..0d2bacd16d 100644
--- a/tests/libtest/lib521.c
+++ b/tests/libtest/lib521.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib521(const char *URL)
 {
   CURLcode res = TEST_ERR_MAJOR_BAD;
diff --git a/tests/libtest/lib523.c b/tests/libtest/lib523.c
index 3b56ada894..60648a7da1 100644
--- a/tests/libtest/lib523.c
+++ b/tests/libtest/lib523.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib523(const char *URL)
 {
   CURLcode res;
diff --git a/tests/libtest/lib524.c b/tests/libtest/lib524.c
index e015e58637..5b7e01c087 100644
--- a/tests/libtest/lib524.c
+++ b/tests/libtest/lib524.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib524(const char *URL)
 {
   CURLcode res;
diff --git a/tests/libtest/lib525.c b/tests/libtest/lib525.c
index 4ca7ab7d65..abc75644ce 100644
--- a/tests/libtest/lib525.c
+++ b/tests/libtest/lib525.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib525(const char *URL)
 {
   CURLcode res = CURLE_OK;
diff --git a/tests/libtest/lib526.c b/tests/libtest/lib526.c
index 6f586c5a3e..a4d5ab6b1a 100644
--- a/tests/libtest/lib526.c
+++ b/tests/libtest/lib526.c
@@ -42,8 +42,6 @@
 
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib526(const char *URL)
 {
   CURLcode res = CURLE_OK;
diff --git a/tests/libtest/lib530.c b/tests/libtest/lib530.c
index e7e86a32cc..429a4869f5 100644
--- a/tests/libtest/lib530.c
+++ b/tests/libtest/lib530.c
@@ -30,9 +30,6 @@
 
 #include "first.h"
 
-#include "memdebug.h"
-
-
 static struct t530_ctx {
   int socket_calls;
   int max_socket_calls;
@@ -106,14 +103,15 @@ static int t530_addFd(struct t530_Sockets *sockets, curl_socket_t fd,
    * Allocate array storage when required.
    */
   if(!sockets->sockets) {
-    sockets->sockets = malloc(sizeof(curl_socket_t) * 20U);
+    sockets->sockets = curlx_malloc(sizeof(curl_socket_t) * 20U);
     if(!sockets->sockets)
       return 1;
     sockets->max_count = 20;
   }
   else if(sockets->count + 1 > sockets->max_count) {
-    curl_socket_t *ptr = realloc(sockets->sockets, sizeof(curl_socket_t) *
-                                 (sockets->max_count + 20));
+    curl_socket_t *ptr = curlx_realloc(sockets->sockets,
+                                       sizeof(curl_socket_t) *
+                                       (sockets->max_count + 20));
     if(!ptr)
       /* cleanup in test_cleanup */
       return 1;
@@ -390,8 +388,8 @@ test_cleanup:
   curl_global_cleanup();
 
   /* free local memory */
-  free(sockets.read.sockets);
-  free(sockets.write.sockets);
+  curlx_free(sockets.read.sockets);
+  curlx_free(sockets.write.sockets);
   t530_msg("done");
 
   return res;
diff --git a/tests/libtest/lib533.c b/tests/libtest/lib533.c
index 8f3b0f1474..b730960695 100644
--- a/tests/libtest/lib533.c
+++ b/tests/libtest/lib533.c
@@ -25,8 +25,6 @@
 
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib533(const char *URL)
 {
   CURLcode res = CURLE_OK;
diff --git a/tests/libtest/lib536.c b/tests/libtest/lib536.c
index c0107ed9cb..4810aba83f 100644
--- a/tests/libtest/lib536.c
+++ b/tests/libtest/lib536.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static void proxystat(CURL *curl)
 {
   long wasproxy;
diff --git a/tests/libtest/lib537.c b/tests/libtest/lib537.c
index 02d4a89b26..8027a09c02 100644
--- a/tests/libtest/lib537.c
+++ b/tests/libtest/lib537.c
@@ -24,7 +24,6 @@
 #include "first.h"
 
 #include "testutil.h"
-#include "memdebug.h"
 
 #if !defined(HAVE_POLL) && !defined(USE_WINSOCK) && !defined(FD_SETSIZE)
 #error "this test requires FD_SETSIZE"
@@ -62,7 +61,7 @@ static void t537_close_file_descriptors(void)
       t537_num_open.rlim_cur++)
     if(t537_testfd[t537_num_open.rlim_cur] > 0)
       close(t537_testfd[t537_num_open.rlim_cur]);
-  free(t537_testfd);
+  curlx_free(t537_testfd);
   t537_testfd = NULL;
 }
 
@@ -193,8 +192,8 @@ static int t537_test_rlimit(int keep_open)
    * avoid a low memory condition once the file descriptors are
    * open. System conditions that could make the test fail should
    * be addressed in the precheck phase. This chunk of memory shall
-   * be always free()ed before exiting the t537_test_rlimit() function so
-   * that it becomes available to the test.
+   * be always curlx_free()ed before exiting the t537_test_rlimit()
+   * function so that it becomes available to the test.
    */
 
   for(nitems = i = 1; nitems <= i; i *= 2)
@@ -205,7 +204,7 @@ static int t537_test_rlimit(int keep_open)
     t537_num_open.rlim_max = sizeof(*memchunk) * nitems;
     tutil_rlim2str(strbuff, sizeof(strbuff), t537_num_open.rlim_max);
     curl_mfprintf(stderr, "allocating memchunk %s byte array\n", strbuff);
-    memchunk = malloc(sizeof(*memchunk) * (size_t)nitems);
+    memchunk = curlx_malloc(sizeof(*memchunk) * (size_t)nitems);
     if(!memchunk) {
       curl_mfprintf(stderr, "memchunk, malloc() failed\n");
       nitems /= 2;
@@ -243,7 +242,7 @@ static int t537_test_rlimit(int keep_open)
     t537_num_open.rlim_max = nitems;
   }
 
-  /* verify that we do not overflow size_t in malloc() */
+  /* verify that we do not overflow size_t in curlx_malloc() */
 
   if((size_t)(t537_num_open.rlim_max) > ((size_t)-1) / sizeof(*t537_testfd)) {
     tutil_rlim2str(strbuff1, sizeof(strbuff1), t537_num_open.rlim_max);
@@ -252,7 +251,7 @@ static int t537_test_rlimit(int keep_open)
                    "file descriptors, would overflow size_t", strbuff1);
     t537_store_errmsg(strbuff, 0);
     curl_mfprintf(stderr, "%s\n", t537_msgbuff);
-    free(memchunk);
+    curlx_free(memchunk);
     return -5;
   }
 
@@ -263,8 +262,8 @@ static int t537_test_rlimit(int keep_open)
     curl_mfprintf(stderr, "allocating array for %s file descriptors\n",
                   strbuff);
 
-    t537_testfd = malloc(sizeof(*t537_testfd) *
-                         (size_t)(t537_num_open.rlim_max));
+    t537_testfd = curlx_malloc(sizeof(*t537_testfd) *
+                               (size_t)(t537_num_open.rlim_max));
     if(!t537_testfd) {
       curl_mfprintf(stderr, "testfd, malloc() failed\n");
       t537_num_open.rlim_max /= 2;
@@ -273,7 +272,7 @@ static int t537_test_rlimit(int keep_open)
   if(!t537_testfd) {
     t537_store_errmsg("testfd, malloc() failed", errno);
     curl_mfprintf(stderr, "%s\n", t537_msgbuff);
-    free(memchunk);
+    curlx_free(memchunk);
     return -6;
   }
 
@@ -296,9 +295,9 @@ static int t537_test_rlimit(int keep_open)
     curl_msnprintf(strbuff, sizeof(strbuff), "opening of %s failed", DEV_NULL);
     t537_store_errmsg(strbuff, errno);
     curl_mfprintf(stderr, "%s\n", t537_msgbuff);
-    free(t537_testfd);
+    curlx_free(t537_testfd);
     t537_testfd = NULL;
-    free(memchunk);
+    curlx_free(memchunk);
     return -7;
   }
 
@@ -345,8 +344,9 @@ static int t537_test_rlimit(int keep_open)
 
       /* we do not care if we cannot shrink it */
 
-      tmpfd = realloc(t537_testfd,
-                      sizeof(*t537_testfd) * (size_t)(t537_num_open.rlim_max));
+      tmpfd = curlx_realloc(t537_testfd,
+                            sizeof(*t537_testfd) *
+                            (size_t)(t537_num_open.rlim_max));
       if(tmpfd) {
         t537_testfd = tmpfd;
         tmpfd = NULL;
@@ -379,7 +379,7 @@ static int t537_test_rlimit(int keep_open)
     t537_store_errmsg(strbuff, 0);
     curl_mfprintf(stderr, "%s\n", t537_msgbuff);
     t537_close_file_descriptors();
-    free(memchunk);
+    curlx_free(memchunk);
     return -8;
   }
 
@@ -394,7 +394,7 @@ static int t537_test_rlimit(int keep_open)
       t537_store_errmsg(strbuff, 0);
       curl_mfprintf(stderr, "%s\n", t537_msgbuff);
       t537_close_file_descriptors();
-      free(memchunk);
+      curlx_free(memchunk);
       return -9;
     }
   }
@@ -419,14 +419,14 @@ static int t537_test_rlimit(int keep_open)
                    "fopen fails with lots of fds open");
     t537_store_errmsg(strbuff, 0);
     t537_close_file_descriptors();
-    free(memchunk);
+    curlx_free(memchunk);
     return -10;
   }
 
   /* free the chunk of memory we were reserving so that it
      becomes available to the test */
 
-  free(memchunk);
+  curlx_free(memchunk);
 
   /* close file descriptors unless instructed to keep them */
 
diff --git a/tests/libtest/lib539.c b/tests/libtest/lib539.c
index e4e26c204a..1e6c0fb0ef 100644
--- a/tests/libtest/lib539.c
+++ b/tests/libtest/lib539.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib539(const char *URL)
 {
   CURLcode res;
diff --git a/tests/libtest/lib540.c b/tests/libtest/lib540.c
index 55d5adad07..5e8890d984 100644
--- a/tests/libtest/lib540.c
+++ b/tests/libtest/lib540.c
@@ -32,8 +32,6 @@
 
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURL *t540_curl[2];
 
 static CURLcode init(int num, CURLM *multi, const char *url,
diff --git a/tests/libtest/lib541.c b/tests/libtest/lib541.c
index ebab472456..891c2de525 100644
--- a/tests/libtest/lib541.c
+++ b/tests/libtest/lib541.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 /*
  * Two FTP uploads, the second with no content sent.
  */
diff --git a/tests/libtest/lib542.c b/tests/libtest/lib542.c
index b29a2733ff..d6689517c7 100644
--- a/tests/libtest/lib542.c
+++ b/tests/libtest/lib542.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 /*
  * FTP get with NOBODY but no HEADER
  */
diff --git a/tests/libtest/lib543.c b/tests/libtest/lib543.c
index 579a71a611..9938d269ad 100644
--- a/tests/libtest/lib543.c
+++ b/tests/libtest/lib543.c
@@ -25,8 +25,6 @@
 
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib543(const char *URL)
 {
   static const unsigned char a[] = {
diff --git a/tests/libtest/lib544.c b/tests/libtest/lib544.c
index d0ed914051..0d72af3042 100644
--- a/tests/libtest/lib544.c
+++ b/tests/libtest/lib544.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib544(const char *URL)
 {
   CURL *curl;
diff --git a/tests/libtest/lib547.c b/tests/libtest/lib547.c
index 9184d933a8..8f51fef088 100644
--- a/tests/libtest/lib547.c
+++ b/tests/libtest/lib547.c
@@ -28,8 +28,6 @@
 
 #include "first.h"
 
-#include "memdebug.h"
-
 static const char t547_uploadthis[] = "this is the blurb we want to upload\n";
 #define T547_DATALEN (sizeof(t547_uploadthis)-1)
 
diff --git a/tests/libtest/lib549.c b/tests/libtest/lib549.c
index 4eaacf5868..2793f92bcb 100644
--- a/tests/libtest/lib549.c
+++ b/tests/libtest/lib549.c
@@ -28,8 +28,6 @@
 
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib549(const char *URL)
 {
   CURLcode res;
diff --git a/tests/libtest/lib552.c b/tests/libtest/lib552.c
index 3d5b09c1ec..403ad6fec1 100644
--- a/tests/libtest/lib552.c
+++ b/tests/libtest/lib552.c
@@ -28,7 +28,6 @@
 #include "first.h"
 
 #include "testtrace.h"
-#include "memdebug.h"
 
 static size_t current_offset = 0;
 static char databuf[70000]; /* MUST be more than 64k OR
diff --git a/tests/libtest/lib553.c b/tests/libtest/lib553.c
index 0d44573131..4bc2568a46 100644
--- a/tests/libtest/lib553.c
+++ b/tests/libtest/lib553.c
@@ -28,8 +28,6 @@
 
 #include "first.h"
 
-#include "memdebug.h"
-
 #define POSTLEN 40960
 
 static size_t myreadfunc(char *ptr, size_t size, size_t nmemb, void *stream)
diff --git a/tests/libtest/lib554.c b/tests/libtest/lib554.c
index 230da065a1..dd8c690ddb 100644
--- a/tests/libtest/lib554.c
+++ b/tests/libtest/lib554.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 struct t554_WriteThis {
   const char *readptr;
   size_t sizeleft;
diff --git a/tests/libtest/lib555.c b/tests/libtest/lib555.c
index 19e0480e2a..005fefe72f 100644
--- a/tests/libtest/lib555.c
+++ b/tests/libtest/lib555.c
@@ -32,8 +32,6 @@
 
 #include "first.h"
 
-#include "memdebug.h"
-
 static const char t555_uploadthis[] = "this is the blurb we want to upload\n";
 #define T555_DATALEN (sizeof(t555_uploadthis)-1)
 
diff --git a/tests/libtest/lib556.c b/tests/libtest/lib556.c
index daf92fe1e6..cdf9ebe941 100644
--- a/tests/libtest/lib556.c
+++ b/tests/libtest/lib556.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib556(const char *URL)
 {
   CURLcode res;
diff --git a/tests/libtest/lib557.c b/tests/libtest/lib557.c
index 38d93a687e..fa1ee2fa2f 100644
--- a/tests/libtest/lib557.c
+++ b/tests/libtest/lib557.c
@@ -33,8 +33,6 @@
 #  include  /* for setlocale() */
 #endif
 
-#include "memdebug.h"
-
 #if defined(CURL_GNUC_DIAG) || defined(__clang__)
 #pragma GCC diagnostic push
 #pragma GCC diagnostic ignored "-Wformat"
diff --git a/tests/libtest/lib558.c b/tests/libtest/lib558.c
index c82b6ee969..94dd7f57b8 100644
--- a/tests/libtest/lib558.c
+++ b/tests/libtest/lib558.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib558(const char *URL)
 {
   unsigned char a[] = {0x2f, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
@@ -40,7 +38,7 @@ static CURLcode test_lib558(const char *URL)
     return TEST_ERR_MAJOR_BAD;
   }
 
-  ptr = malloc(558);
+  ptr = curlx_malloc(558);
   Curl_safefree(ptr);
 
   asize = (int)sizeof(a);
diff --git a/tests/libtest/lib559.c b/tests/libtest/lib559.c
index 36a5575126..bf9cd86e63 100644
--- a/tests/libtest/lib559.c
+++ b/tests/libtest/lib559.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib559(const char *URL)
 {
   CURLcode res;
diff --git a/tests/libtest/lib560.c b/tests/libtest/lib560.c
index 45f137aabe..fc156f43d7 100644
--- a/tests/libtest/lib560.c
+++ b/tests/libtest/lib560.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 /*
  * Simply download an HTTPS file!
  *
diff --git a/tests/libtest/lib562.c b/tests/libtest/lib562.c
index 3f2c912c91..fbe2560147 100644
--- a/tests/libtest/lib562.c
+++ b/tests/libtest/lib562.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 /*
  * From "KNOWN_BUGS" April 2009:
 
diff --git a/tests/libtest/lib564.c b/tests/libtest/lib564.c
index b105fc710e..56acfe40f7 100644
--- a/tests/libtest/lib564.c
+++ b/tests/libtest/lib564.c
@@ -24,7 +24,6 @@
 #include "first.h"
 
 #include "testtrace.h"
-#include "memdebug.h"
 
 static CURLcode test_lib564(const char *URL)
 {
diff --git a/tests/libtest/lib566.c b/tests/libtest/lib566.c
index 79f48f235b..89adbdbd9c 100644
--- a/tests/libtest/lib566.c
+++ b/tests/libtest/lib566.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib566(const char *URL)
 {
   CURLcode res;
diff --git a/tests/libtest/lib567.c b/tests/libtest/lib567.c
index a11a6c31f0..95b66f102c 100644
--- a/tests/libtest/lib567.c
+++ b/tests/libtest/lib567.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 /*
  * Test a simple OPTIONS request with a custom header
  */
diff --git a/tests/libtest/lib568.c b/tests/libtest/lib568.c
index 5465ca0c8b..260061f519 100644
--- a/tests/libtest/lib568.c
+++ b/tests/libtest/lib568.c
@@ -24,7 +24,6 @@
 #include "first.h"
 
 #include "testutil.h"
-#include "memdebug.h"
 
 /*
  * Test the Client->Server ANNOUNCE functionality (PUT style)
diff --git a/tests/libtest/lib569.c b/tests/libtest/lib569.c
index 1c44153d00..77e0471e5f 100644
--- a/tests/libtest/lib569.c
+++ b/tests/libtest/lib569.c
@@ -24,7 +24,6 @@
 #include "first.h"
 
 #include "testutil.h"
-#include "memdebug.h"
 
 /*
  * Test Session ID capture
diff --git a/tests/libtest/lib570.c b/tests/libtest/lib570.c
index 300881efa7..f5ada6770b 100644
--- a/tests/libtest/lib570.c
+++ b/tests/libtest/lib570.c
@@ -24,7 +24,6 @@
 #include "first.h"
 
 #include "testutil.h"
-#include "memdebug.h"
 
 static CURLcode test_lib570(const char *URL)
 {
diff --git a/tests/libtest/lib571.c b/tests/libtest/lib571.c
index 509557f0f5..678141b1c5 100644
--- a/tests/libtest/lib571.c
+++ b/tests/libtest/lib571.c
@@ -34,7 +34,6 @@
 #endif
 
 #include "testutil.h"
-#include "memdebug.h"
 
 #define RTP_PKT_CHANNEL(p)   ((int)((unsigned char)((p)[1])))
 
diff --git a/tests/libtest/lib572.c b/tests/libtest/lib572.c
index 2865372f5f..4e20cb3da5 100644
--- a/tests/libtest/lib572.c
+++ b/tests/libtest/lib572.c
@@ -24,7 +24,6 @@
 #include "first.h"
 
 #include "testutil.h"
-#include "memdebug.h"
 
 /*
  * Test GET_PARAMETER: PUT, HEARTBEAT, and POST
diff --git a/tests/libtest/lib573.c b/tests/libtest/lib573.c
index 38612df7b5..ed00bbb042 100644
--- a/tests/libtest/lib573.c
+++ b/tests/libtest/lib573.c
@@ -24,7 +24,6 @@
 #include "first.h"
 
 #include "testtrace.h"
-#include "memdebug.h"
 
 /*
  * Get a single URL without select().
diff --git a/tests/libtest/lib574.c b/tests/libtest/lib574.c
index e82be6c0d6..f74371e973 100644
--- a/tests/libtest/lib574.c
+++ b/tests/libtest/lib574.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static int new_fnmatch(void *ptr,
                        const char *pattern, const char *string)
 {
diff --git a/tests/libtest/lib575.c b/tests/libtest/lib575.c
index 36efe6ef5a..4709708a52 100644
--- a/tests/libtest/lib575.c
+++ b/tests/libtest/lib575.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 /* 3x download!
  * 1. normal
  * 2. dup handle
diff --git a/tests/libtest/lib576.c b/tests/libtest/lib576.c
index 11c0f76d13..7ee7bc9525 100644
--- a/tests/libtest/lib576.c
+++ b/tests/libtest/lib576.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 struct chunk_data {
   int remains;
   int print_content;
diff --git a/tests/libtest/lib578.c b/tests/libtest/lib578.c
index b6be1600f4..799821123d 100644
--- a/tests/libtest/lib578.c
+++ b/tests/libtest/lib578.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 /* The size of data should be kept below MAX_INITIAL_POST_SIZE! */
 static char t578_testdata[] = "this is a short string.\n";
 
diff --git a/tests/libtest/lib579.c b/tests/libtest/lib579.c
index 9e626c1300..aaa81baede 100644
--- a/tests/libtest/lib579.c
+++ b/tests/libtest/lib579.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 struct t579_WriteThis {
   int counter;
 };
diff --git a/tests/libtest/lib582.c b/tests/libtest/lib582.c
index 4318096e1f..e99d5febdf 100644
--- a/tests/libtest/lib582.c
+++ b/tests/libtest/lib582.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 struct t582_Sockets {
   curl_socket_t *sockets;
   int count;      /* number of sockets actually stored in array */
@@ -72,7 +70,7 @@ static void t582_addFd(struct t582_Sockets *sockets, curl_socket_t fd,
    * Allocate array storage when required.
    */
   if(!sockets->sockets) {
-    sockets->sockets = malloc(sizeof(curl_socket_t) * 20U);
+    sockets->sockets = curlx_malloc(sizeof(curl_socket_t) * 20U);
     if(!sockets->sockets)
       return;
     sockets->max_count = 20;
@@ -359,8 +357,8 @@ test_cleanup:
   curlx_fclose(hd_src);
 
   /* free local memory */
-  free(sockets.read.sockets);
-  free(sockets.write.sockets);
+  curlx_free(sockets.read.sockets);
+  curlx_free(sockets.write.sockets);
 
   return res;
 }
diff --git a/tests/libtest/lib583.c b/tests/libtest/lib583.c
index 510c5a3bdc..8f29e310c7 100644
--- a/tests/libtest/lib583.c
+++ b/tests/libtest/lib583.c
@@ -28,8 +28,6 @@
 
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib583(const char *URL)
 {
   int stillRunning;
diff --git a/tests/libtest/lib586.c b/tests/libtest/lib586.c
index dac6751b35..d0671b18fe 100644
--- a/tests/libtest/lib586.c
+++ b/tests/libtest/lib586.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 #define THREADS 2
 
 /* struct containing data of a thread */
diff --git a/tests/libtest/lib589.c b/tests/libtest/lib589.c
index 9b912ab037..46b2a22a05 100644
--- a/tests/libtest/lib589.c
+++ b/tests/libtest/lib589.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib589(const char *URL)
 {
   CURL *curl;
diff --git a/tests/libtest/lib590.c b/tests/libtest/lib590.c
index c804f995de..bba31e9da4 100644
--- a/tests/libtest/lib590.c
+++ b/tests/libtest/lib590.c
@@ -37,8 +37,6 @@
   - Start the request
 */
 
-#include "memdebug.h"
-
 static CURLcode test_lib590(const char *URL)
 {
   CURLcode res;
diff --git a/tests/libtest/lib591.c b/tests/libtest/lib591.c
index c30bde5e8b..521cbb7503 100644
--- a/tests/libtest/lib591.c
+++ b/tests/libtest/lib591.c
@@ -25,8 +25,6 @@
 
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib591(const char *URL)
 {
   CURL *curl = NULL;
diff --git a/tests/libtest/lib597.c b/tests/libtest/lib597.c
index e82d061a22..38e60c0844 100644
--- a/tests/libtest/lib597.c
+++ b/tests/libtest/lib597.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 /*
  * Test case for below scenario:
  *   - Connect to an FTP server using CONNECT_ONLY option
diff --git a/tests/libtest/lib598.c b/tests/libtest/lib598.c
index 56330c4a24..b42743845d 100644
--- a/tests/libtest/lib598.c
+++ b/tests/libtest/lib598.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib598(const char *URL)
 {
   CURLcode res;
diff --git a/tests/libtest/lib599.c b/tests/libtest/lib599.c
index 199ef90dbf..a216aa13a3 100644
--- a/tests/libtest/lib599.c
+++ b/tests/libtest/lib599.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static int t599_progress_callback(void *clientp, double dltotal,
                                   double dlnow, double ultotal, double ulnow)
 {
diff --git a/tests/libtest/lib643.c b/tests/libtest/lib643.c
index d74d7ea9ee..52ea1eb664 100644
--- a/tests/libtest/lib643.c
+++ b/tests/libtest/lib643.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 struct t643_WriteThis {
   const char *readptr;
   curl_off_t sizeleft;
diff --git a/tests/libtest/lib650.c b/tests/libtest/lib650.c
index 069e94f8e5..4aa6ea9d8b 100644
--- a/tests/libtest/lib650.c
+++ b/tests/libtest/lib650.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 /* This test attempts to use all form API features that are not
  * used elsewhere.
  */
diff --git a/tests/libtest/lib651.c b/tests/libtest/lib651.c
index 05e9e381da..7d1d28563f 100644
--- a/tests/libtest/lib651.c
+++ b/tests/libtest/lib651.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib651(const char *URL)
 {
   static char testbuf[17000]; /* more than 16K */
diff --git a/tests/libtest/lib652.c b/tests/libtest/lib652.c
index dcbc5a3ab3..4fae340042 100644
--- a/tests/libtest/lib652.c
+++ b/tests/libtest/lib652.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib652(const char *URL)
 {
   static char testbuf[17000]; /* more than 16K */
diff --git a/tests/libtest/lib653.c b/tests/libtest/lib653.c
index 21948a5720..8447706958 100644
--- a/tests/libtest/lib653.c
+++ b/tests/libtest/lib653.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib653(const char *URL)
 {
   CURL *curl = NULL;
diff --git a/tests/libtest/lib654.c b/tests/libtest/lib654.c
index 5b2236ebb0..1d93798d7c 100644
--- a/tests/libtest/lib654.c
+++ b/tests/libtest/lib654.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 struct t654_WriteThis {
   const char *readptr;
   curl_off_t sizeleft;
diff --git a/tests/libtest/lib655.c b/tests/libtest/lib655.c
index a213a1c493..3a8e0df434 100644
--- a/tests/libtest/lib655.c
+++ b/tests/libtest/lib655.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static const char *TEST_DATA_STRING = "Test data";
 static int cb_count = 0;
 
diff --git a/tests/libtest/lib658.c b/tests/libtest/lib658.c
index 4f0f867d65..edcb263338 100644
--- a/tests/libtest/lib658.c
+++ b/tests/libtest/lib658.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 /*
  * Get a single URL without select().
  */
diff --git a/tests/libtest/lib659.c b/tests/libtest/lib659.c
index 84c3ecc8cd..5071e7fa26 100644
--- a/tests/libtest/lib659.c
+++ b/tests/libtest/lib659.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 /*
  * Get a single URL without select().
  */
diff --git a/tests/libtest/lib661.c b/tests/libtest/lib661.c
index 10a4ab99ce..7cf6d09133 100644
--- a/tests/libtest/lib661.c
+++ b/tests/libtest/lib661.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib661(const char *URL)
 {
   CURLcode res;
diff --git a/tests/libtest/lib666.c b/tests/libtest/lib666.c
index cff244dafb..f47bacb9a8 100644
--- a/tests/libtest/lib666.c
+++ b/tests/libtest/lib666.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib666(const char *URL)
 {
   static char testbuf[17000]; /* more than 16K */
diff --git a/tests/libtest/lib667.c b/tests/libtest/lib667.c
index 2827d00511..1bd612f377 100644
--- a/tests/libtest/lib667.c
+++ b/tests/libtest/lib667.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 struct t667_WriteThis {
   const char *readptr;
   curl_off_t sizeleft;
diff --git a/tests/libtest/lib668.c b/tests/libtest/lib668.c
index 488f862152..5011391736 100644
--- a/tests/libtest/lib668.c
+++ b/tests/libtest/lib668.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 struct t668_WriteThis {
   const char *readptr;
   curl_off_t sizeleft;
diff --git a/tests/libtest/lib670.c b/tests/libtest/lib670.c
index b30d097f68..e97b04319e 100644
--- a/tests/libtest/lib670.c
+++ b/tests/libtest/lib670.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 #define PAUSE_TIME      5
 
 struct t670_ReadThis {
diff --git a/tests/libtest/lib674.c b/tests/libtest/lib674.c
index 668ecdf32d..c84d1af05d 100644
--- a/tests/libtest/lib674.c
+++ b/tests/libtest/lib674.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 /*
  * Get a single URL without select().
  */
diff --git a/tests/libtest/lib676.c b/tests/libtest/lib676.c
index 63437523df..17494b73e7 100644
--- a/tests/libtest/lib676.c
+++ b/tests/libtest/lib676.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib676(const char *URL)
 {
   CURLcode res;
diff --git a/tests/libtest/lib677.c b/tests/libtest/lib677.c
index 526e1706c3..089202b5c5 100644
--- a/tests/libtest/lib677.c
+++ b/tests/libtest/lib677.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib677(const char *URL)
 {
   static const char testcmd[] = "A1 IDLE\r\n";
diff --git a/tests/libtest/lib678.c b/tests/libtest/lib678.c
index 2a2e21321f..ed8731d20d 100644
--- a/tests/libtest/lib678.c
+++ b/tests/libtest/lib678.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static int loadfile(const char *filename, void **filedata, size_t *filesize)
 {
   size_t datasize = 0;
@@ -44,13 +42,13 @@ static int loadfile(const char *filename, void **filedata, size_t *filesize)
       if(continue_reading)
         continue_reading = fseek(fInCert, 0, SEEK_SET) == 0;
       if(continue_reading)
-        data = malloc(datasize + 1);
+        data = curlx_malloc(datasize + 1);
       if((!data) ||
          ((int)fread(data, datasize, 1, fInCert) != 1))
         continue_reading = FALSE;
       curlx_fclose(fInCert);
       if(!continue_reading) {
-        free(data);
+        curlx_free(data);
         datasize = 0;
         data = NULL;
       }
@@ -86,7 +84,7 @@ static CURLcode test_cert_blob(const char *url, const char *cafile)
     blob.len = certsize;
     blob.flags = CURL_BLOB_COPY;
     curl_easy_setopt(curl, CURLOPT_CAINFO_BLOB, &blob);
-    free(certdata);
+    curlx_free(certdata);
     code = curl_easy_perform(curl);
   }
   curl_easy_cleanup(curl);
diff --git a/tests/libtest/lib694.c b/tests/libtest/lib694.c
index 5b477ecebd..25db2694c6 100644
--- a/tests/libtest/lib694.c
+++ b/tests/libtest/lib694.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 static CURLcode test_lib694(const char *URL)
 {
   CURLcode res;
diff --git a/tests/libtest/lib695.c b/tests/libtest/lib695.c
index 325897c357..1177a529fd 100644
--- a/tests/libtest/lib695.c
+++ b/tests/libtest/lib695.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 /* write callback that does nothing */
 static size_t write_it(char *ptr, size_t size, size_t nmemb, void *userdata)
 {
diff --git a/tests/libtest/lib751.c b/tests/libtest/lib751.c
index 42c1aeb117..898ba8d7ef 100644
--- a/tests/libtest/lib751.c
+++ b/tests/libtest/lib751.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 /*
  * Get a single URL without select().
  */
diff --git a/tests/libtest/lib753.c b/tests/libtest/lib753.c
index 19194c4646..f01fa3f5c8 100644
--- a/tests/libtest/lib753.c
+++ b/tests/libtest/lib753.c
@@ -24,7 +24,6 @@
 #include "first.h"
 
 #include "testtrace.h"
-#include "memdebug.h"
 
 struct t753_transfer_status {
   CURL *curl;
diff --git a/tests/libtest/lib757.c b/tests/libtest/lib757.c
index 632818f946..f3a1e0fdb4 100644
--- a/tests/libtest/lib757.c
+++ b/tests/libtest/lib757.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "memdebug.h"
-
 /* write callback that does nothing */
 static size_t write_757(char *ptr, size_t size, size_t nmemb, void *userdata)
 {
diff --git a/tests/libtest/lib758.c b/tests/libtest/lib758.c
index ab6ce481b7..bc6a490d3d 100644
--- a/tests/libtest/lib758.c
+++ b/tests/libtest/lib758.c
@@ -31,7 +31,6 @@
 #include "first.h"
 
 #include "testtrace.h"
-#include "memdebug.h"
 
 #ifdef USE_OPENSSL
 
@@ -121,14 +120,15 @@ static int t758_addFd(struct t758_Sockets *sockets, curl_socket_t fd,
    * Allocate array storage when required.
    */
   if(!sockets->sockets) {
-    sockets->sockets = malloc(sizeof(curl_socket_t) * 20U);
+    sockets->sockets = curlx_malloc(sizeof(curl_socket_t) * 20U);
     if(!sockets->sockets)
       return 1;
     sockets->max_count = 20;
   }
   else if(sockets->count + 1 > sockets->max_count) {
-    curl_socket_t *ptr = realloc(sockets->sockets, sizeof(curl_socket_t) *
-                                 (sockets->max_count + 20));
+    curl_socket_t *ptr = curlx_realloc(sockets->sockets,
+                                       sizeof(curl_socket_t) *
+                                       (sockets->max_count + 20));
     if(!ptr)
       /* cleanup in test_cleanup */
       return 1;
@@ -487,8 +487,8 @@ test_cleanup:
   curl_global_cleanup();
 
   /* free local memory */
-  free(sockets.read.sockets);
-  free(sockets.write.sockets);
+  curlx_free(sockets.read.sockets);
+  curlx_free(sockets.write.sockets);
   t758_msg("done");
 
   return res;
diff --git a/tests/libtest/lib766.c b/tests/libtest/lib766.c
index 53f1dd97b5..bba08e263b 100644
--- a/tests/libtest/lib766.c
+++ b/tests/libtest/lib766.c
@@ -24,8 +24,6 @@
 
 #include "first.h"
 
-#include "memdebug.h"
-
 static int sockopt_766(void *clientp,
                        curl_socket_t curlfd,
                        curlsocktype purpose)
diff --git a/tests/libtest/memptr.c b/tests/libtest/memptr.c
index 64e9fd7f8a..400e72c41a 100644
--- a/tests/libtest/memptr.c
+++ b/tests/libtest/memptr.c
@@ -23,8 +23,6 @@
  ***************************************************************************/
 #include "first.h"
 
-#include "curl_memory.h"
-
 #ifndef CURL_STATICLIB
 
 #if defined(_MSC_VER) && defined(_DLL)
diff --git a/tests/libtest/mk-lib1521.pl b/tests/libtest/mk-lib1521.pl
index 156422eccc..bfb0e590e7 100755
--- a/tests/libtest/mk-lib1521.pl
+++ b/tests/libtest/mk-lib1521.pl
@@ -206,7 +206,6 @@ print $fh <
, et al.
-#
-# This software is licensed as described in the file COPYING, which
-# you should have received as part of this distribution. The terms
-# are also available at https://curl.se/docs/copyright.html.
-#
-# You may opt to use, copy, modify, merge, publish, distribute and/or sell
-# copies of the Software, and permit persons to whom the Software is
-# furnished to do so, under the terms of the COPYING file.
-#
-# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
-# KIND, either express or implied.
-#
-# SPDX-License-Identifier: curl
-#
-###########################################################################
-#
-# This script scans C source files. If they seem to use memory functions,
-# it also makes sure that it #includes the correct two header files!
-#
-# You can also mark a C source as fine by using 'mem-include-scan' anywhere in
-# it.
-#
-
-use strict;
-use warnings;
-
-my $dir = $ARGV[0] || die "specify directory!";
-
-sub scanfile {
-    my ($file) = @_;
-    my $memfunc;
-    my $memdebug;
-    my $curlmem;
-
-    print STDERR "checking $file...\n";
-
-    open(my $f, "<", "$file");
-    while(<$f>) {
-        if($_ =~ /\W(free|alloc|strdup)\(/) {
-            $memfunc++;
-        }
-        elsif($_ =~ /^ *# *include \"memdebug.h\"/) {
-            $memdebug++;
-        }
-        elsif($_ =~ /^ *# *include \"curl_memory.h\"/) {
-            $curlmem++;
-        }
-        elsif($_ =~ /mem-include-scan/) {
-            # free pass
-            close($f);
-            return 0;
-        }
-        if($memfunc && $memdebug && $curlmem) {
-            last;
-        }
-    }
-    close($f);
-
-
-    if($memfunc) {
-        if($memdebug && $curlmem) {
-            return 0;
-        }
-        else {
-            if(!$memdebug) {
-                print STDERR "$file does not include \"memdebug.h\"!\n";
-            }
-            if(!$curlmem) {
-                print STDERR "$file does not include \"curl_memory.h\"!\n";
-            }
-            return 1;
-        }
-    }
-    return 0;
-}
-
-opendir(my $dh, $dir) || die "cannot opendir $dir: $!";
-my @cfiles = grep { /\.c\z/ && -f "$dir/$_" } readdir($dh);
-closedir $dh;
-
-my $errs;
-for(@cfiles) {
-    $errs += scanfile("$dir/$_");
-}
-
-if($errs) {
-    print STDERR "----\n$errs errors detected!\n";
-    exit 2;
-}
diff --git a/tests/tunit/tool1394.c b/tests/tunit/tool1394.c
index 71be2c87c4..9d97dbb0de 100644
--- a/tests/tunit/tool1394.c
+++ b/tests/tunit/tool1394.c
@@ -25,8 +25,6 @@
 
 #include "tool_getparam.h"
 
-#include "memdebug.h" /* LAST include file */
-
 static CURLcode test_tool1394(const char *arg)
 {
   UNITTEST_BEGIN_SIMPLE
@@ -120,9 +118,9 @@ static CURLcode test_tool1394(const char *arg)
       }
     }
     if(certname)
-      free(certname);
+      curlx_free(certname);
     if(passphrase)
-      free(passphrase);
+      curlx_free(passphrase);
   }
 
   UNITTEST_END_SIMPLE
diff --git a/tests/tunit/tool1604.c b/tests/tunit/tool1604.c
index 3b6f006e7c..dcfee4cbac 100644
--- a/tests/tunit/tool1604.c
+++ b/tests/tunit/tool1604.c
@@ -26,12 +26,10 @@
 #include "tool_cfgable.h"
 #include "tool_doswin.h"
 
-#include "memdebug.h" /* LAST include file */
-
 #if defined(_WIN32) || defined(MSDOS)
 static char *getflagstr(int flags)
 {
-  char *buf = malloc(256);
+  char *buf = curlx_malloc(256);
   if(buf) {
     curl_msnprintf(buf, 256, "%s,%s",
                    ((flags & SANITIZE_ALLOW_PATH) ?
@@ -44,7 +42,7 @@ static char *getflagstr(int flags)
 
 static char *getcurlcodestr(int cc)
 {
-  char *buf = malloc(256);
+  char *buf = curlx_malloc(256);
   if(buf) {
     curl_msnprintf(buf, 256, "%s (%d)",
              (cc == SANITIZE_ERR_OK ? "SANITIZE_ERR_OK" :
@@ -212,7 +210,7 @@ static CURLcode test_tool1604(const char *arg)
        ((!output && !data[i].expected_output) ||
         (output && data[i].expected_output &&
          !strcmp(output, data[i].expected_output)))) { /* OK */
-      free(output);
+      curlx_free(output);
       continue;
     }
 
@@ -240,10 +238,10 @@ static CURLcode test_tool1604(const char *arg)
                   data[i].expected_output ? data[i].expected_output : "(null)",
                   expected_ccstr);
 
-    free(output);
-    free(flagstr);
-    free(received_ccstr);
-    free(expected_ccstr);
+    curlx_free(output);
+    curlx_free(flagstr);
+    curlx_free(received_ccstr);
+    curlx_free(expected_ccstr);
   }
   /* END sanitize_file_name */
 #else
diff --git a/tests/tunit/tool1621.c b/tests/tunit/tool1621.c
index bb709cf39d..ba9e280294 100644
--- a/tests/tunit/tool1621.c
+++ b/tests/tunit/tool1621.c
@@ -25,8 +25,6 @@
 
 #include "tool_xattr.h"
 
-#include "memdebug.h" /* LAST include file */
-
 static CURLcode test_tool1621(const char *arg)
 {
   UNITTEST_BEGIN_SIMPLE
diff --git a/tests/unit/unit1302.c b/tests/unit/unit1302.c
index 911432a8c8..d56f7b09f7 100644
--- a/tests/unit/unit1302.c
+++ b/tests/unit/unit1302.c
@@ -25,7 +25,6 @@
 
 #include "urldata.h"
 #include "url.h" /* for Curl_safefree */
-#include "memdebug.h" /* LAST include file */
 
 struct etest {
   const char *input;
diff --git a/tests/unit/unit1303.c b/tests/unit/unit1303.c
index 03673c544e..9bed1ebff6 100644
--- a/tests/unit/unit1303.c
+++ b/tests/unit/unit1303.c
@@ -25,7 +25,6 @@
 
 #include "urldata.h"
 #include "connect.h"
-#include "memdebug.h" /* LAST include file */
 
 static CURLcode t1303_setup(struct Curl_easy **easy)
 {
diff --git a/tests/unit/unit1304.c b/tests/unit/unit1304.c
index 041ce42691..100f3f5828 100644
--- a/tests/unit/unit1304.c
+++ b/tests/unit/unit1304.c
@@ -23,7 +23,6 @@
  ***************************************************************************/
 #include "unitcheck.h"
 #include "netrc.h"
-#include "memdebug.h" /* LAST include file */
 
 #ifndef CURL_DISABLE_NETRC
 
@@ -120,8 +119,8 @@ static CURLcode test_unit1304(const char *arg)
    * Test for the first existing host in our netrc file
    * with login[0] != 0.
    */
-  free(password);
-  free(login);
+  curlx_free(password);
+  curlx_free(login);
   password = NULL;
   login = NULL;
   Curl_netrc_init(&store);
@@ -139,9 +138,9 @@ static CURLcode test_unit1304(const char *arg)
    * Test for the second existing host in our netrc file
    * with login[0] = 0.
    */
-  free(password);
+  curlx_free(password);
   password = NULL;
-  free(login);
+  curlx_free(login);
   login = NULL;
   Curl_netrc_init(&store);
   result = Curl_parsenetrc(&store,
@@ -158,9 +157,9 @@ static CURLcode test_unit1304(const char *arg)
    * Test for the second existing host in our netrc file
    * with login[0] != 0.
    */
-  free(password);
+  curlx_free(password);
   password = NULL;
-  free(login);
+  curlx_free(login);
   login = NULL;
   Curl_netrc_init(&store);
   result = Curl_parsenetrc(&store,
diff --git a/tests/unit/unit1305.c b/tests/unit/unit1305.c
index e95e299453..404d90bec9 100644
--- a/tests/unit/unit1305.c
+++ b/tests/unit/unit1305.c
@@ -36,8 +36,6 @@
 #include "hash.h"
 #include "hostip.h"
 
-#include "memdebug.h" /* LAST include file */
-
 static struct Curl_dnscache hp;
 static char *data_key;
 static struct Curl_dns_entry *data_node;
@@ -52,9 +50,9 @@ static void t1305_stop(void)
 {
   if(data_node) {
     Curl_freeaddrinfo(data_node->addr);
-    free(data_node);
+    curlx_free(data_node);
   }
-  free(data_key);
+  curlx_free(data_key);
   Curl_dnscache_destroy(&hp);
 }
 
@@ -64,8 +62,9 @@ static struct Curl_addrinfo *fake_ai(void)
   static const char dummy[] = "dummy";
   size_t namelen = sizeof(dummy); /* including the null-terminator */
 
-  ai = calloc(1, sizeof(struct Curl_addrinfo) + sizeof(struct sockaddr_in) +
-              namelen);
+  ai = curlx_calloc(1,
+                    sizeof(struct Curl_addrinfo) + sizeof(struct sockaddr_in) +
+                    namelen);
   if(!ai)
     return NULL;
 
@@ -86,7 +85,7 @@ static CURLcode create_node(void)
   if(!data_key)
     return CURLE_OUT_OF_MEMORY;
 
-  data_node = calloc(1, sizeof(struct Curl_dns_entry));
+  data_node = curlx_calloc(1, sizeof(struct Curl_dns_entry));
   if(!data_node)
     return CURLE_OUT_OF_MEMORY;
 
diff --git a/tests/unit/unit1330.c b/tests/unit/unit1330.c
index bd7fc6e259..a98393b532 100644
--- a/tests/unit/unit1330.c
+++ b/tests/unit/unit1330.c
@@ -23,13 +23,11 @@
  ***************************************************************************/
 #include "unitcheck.h"
 
-#include "memdebug.h"
-
 static CURLcode test_unit1330(const char *arg)
 {
   UNITTEST_BEGIN_SIMPLE
 
-  char *ptr = malloc(1330);
+  char *ptr = curlx_malloc(1330);
   Curl_safefree(ptr);
 
   UNITTEST_END_SIMPLE
diff --git a/tests/unit/unit1395.c b/tests/unit/unit1395.c
index e6ac18f081..395f3e7707 100644
--- a/tests/unit/unit1395.c
+++ b/tests/unit/unit1395.c
@@ -22,7 +22,6 @@
  *
  ***************************************************************************/
 #include "unitcheck.h"
-#include "memdebug.h"
 #include "unitprotos.h"
 
 static CURLcode test_unit1395(const char *arg)
@@ -133,7 +132,7 @@ static CURLcode test_unit1395(const char *arg)
     }
     else
       curl_mfprintf(stderr, "Test %u: OK\n", i);
-    free(out);
+    curlx_free(out);
   }
 
   fail_if(fails, "output mismatched");
diff --git a/tests/unit/unit1602.c b/tests/unit/unit1602.c
index e397bdb5ca..5841717691 100644
--- a/tests/unit/unit1602.c
+++ b/tests/unit/unit1602.c
@@ -25,12 +25,10 @@
 
 #include "hash.h"
 
-#include "memdebug.h" /* LAST include file */
-
 static void t1602_mydtor(void *p)
 {
   int *ptr = (int *)p;
-  free(ptr);
+  curlx_free(ptr);
 }
 
 static CURLcode t1602_setup(struct Curl_hash *hash)
@@ -59,22 +57,22 @@ static CURLcode test_unit1602(const char *arg)
   int key = 20;
   int key2 = 25;
 
-  value = malloc(sizeof(int));
+  value = curlx_malloc(sizeof(int));
   abort_unless(value != NULL, "Out of memory");
   *value = 199;
   nodep = Curl_hash_add(&hash, &key, klen, value);
   if(!nodep)
-    free(value);
+    curlx_free(value);
   abort_unless(nodep, "insertion into hash failed");
   Curl_hash_clean(&hash);
 
   /* Attempt to add another key/value pair */
-  value2 = malloc(sizeof(int));
+  value2 = curlx_malloc(sizeof(int));
   abort_unless(value2 != NULL, "Out of memory");
   *value2 = 204;
   nodep = Curl_hash_add(&hash, &key2, klen, value2);
   if(!nodep)
-    free(value2);
+    curlx_free(value2);
   abort_unless(nodep, "insertion into hash failed");
 
   UNITTEST_END(t1602_stop(&hash))
diff --git a/tests/unit/unit1603.c b/tests/unit/unit1603.c
index b4ec152936..81db398cb1 100644
--- a/tests/unit/unit1603.c
+++ b/tests/unit/unit1603.c
@@ -25,8 +25,6 @@
 
 #include "hash.h"
 
-#include "memdebug.h" /* LAST include file */
-
 static const size_t slots = 3;
 
 static void t1603_mydtor(void *p)
diff --git a/tests/unit/unit1607.c b/tests/unit/unit1607.c
index f60b5b58a1..233866da18 100644
--- a/tests/unit/unit1607.c
+++ b/tests/unit/unit1607.c
@@ -27,8 +27,6 @@
 #include "connect.h"
 #include "curl_share.h"
 
-#include "memdebug.h" /* LAST include file */
-
 static CURLcode t1607_setup(void)
 {
   CURLcode res = CURLE_OK;
@@ -135,7 +133,7 @@ static CURLcode test_unit1607(const char *arg)
       goto error;
     dns = Curl_hash_pick(&multi->dnscache.entries,
                          entry_id, strlen(entry_id) + 1);
-    free(entry_id);
+    curlx_free(entry_id);
     entry_id = NULL;
 
     addr = dns ? dns->addr : NULL;
diff --git a/tests/unit/unit1609.c b/tests/unit/unit1609.c
index 2a3098c6ef..bf912b99cd 100644
--- a/tests/unit/unit1609.c
+++ b/tests/unit/unit1609.c
@@ -27,8 +27,6 @@
 #include "connect.h"
 #include "curl_share.h"
 
-#include "memdebug.h" /* LAST include file */
-
 static CURLcode t1609_setup(void)
 {
   CURLcode res = CURLE_OK;
@@ -137,7 +135,7 @@ static CURLcode test_unit1609(const char *arg)
 
     dns = Curl_hash_pick(&multi->dnscache.entries,
                          entry_id, strlen(entry_id) + 1);
-    free(entry_id);
+    curlx_free(entry_id);
     entry_id = NULL;
 
     addr = dns ? dns->addr : NULL;
diff --git a/tests/unit/unit1616.c b/tests/unit/unit1616.c
index 5d1e6f247e..d898444613 100644
--- a/tests/unit/unit1616.c
+++ b/tests/unit/unit1616.c
@@ -25,13 +25,11 @@
 
 #include "uint-hash.h"
 
-#include "memdebug.h" /* LAST include file */
-
 static void t1616_mydtor(unsigned int id, void *elem)
 {
   int *ptr = (int *)elem;
   (void)id;
-  free(ptr);
+  curlx_free(ptr);
 }
 
 static CURLcode t1616_setup(struct uint_hash *hash)
@@ -58,12 +56,12 @@ static CURLcode test_unit1616(const char *arg)
   unsigned int key = 20;
   unsigned int key2 = 25;
 
-  value = malloc(sizeof(int));
+  value = curlx_malloc(sizeof(int));
   abort_unless(value != NULL, "Out of memory");
   *value = 199;
   ok = Curl_uint32_hash_set(&hash, key, value);
   if(!ok)
-    free(value);
+    curlx_free(value);
   abort_unless(ok, "insertion into hash failed");
   v = Curl_uint32_hash_get(&hash, key);
   abort_unless(v == value, "lookup present entry failed");
@@ -72,12 +70,12 @@ static CURLcode test_unit1616(const char *arg)
   Curl_uint32_hash_clear(&hash);
 
   /* Attempt to add another key/value pair */
-  value2 = malloc(sizeof(int));
+  value2 = curlx_malloc(sizeof(int));
   abort_unless(value2 != NULL, "Out of memory");
   *value2 = 204;
   ok = Curl_uint32_hash_set(&hash, key2, value2);
   if(!ok)
-    free(value2);
+    curlx_free(value2);
   abort_unless(ok, "insertion into hash failed");
   v = Curl_uint32_hash_get(&hash, key2);
   abort_unless(v == value2, "lookup present entry failed");
diff --git a/tests/unit/unit1620.c b/tests/unit/unit1620.c
index 4851602eaa..4c1674f5bd 100644
--- a/tests/unit/unit1620.c
+++ b/tests/unit/unit1620.c
@@ -26,8 +26,6 @@
 #include "urldata.h"
 #include "url.h"
 
-#include "memdebug.h" /* LAST include file */
-
 static CURLcode t1620_setup(void)
 {
   CURLcode res = CURLE_OK;
@@ -64,9 +62,9 @@ static void t1620_parse(
                 "options should be equal to exp_options");
   }
 
-  free(userstr);
-  free(passwdstr);
-  free(options);
+  curlx_free(userstr);
+  curlx_free(passwdstr);
+  curlx_free(options);
 }
 
 static CURLcode test_unit1620(const char *arg)
diff --git a/tests/unit/unit1653.c b/tests/unit/unit1653.c
index 8f6a5a51cc..7ea7e380a8 100644
--- a/tests/unit/unit1653.c
+++ b/tests/unit/unit1653.c
@@ -53,7 +53,7 @@ static CURLcode test_unit1653(const char *arg)
   u = curl_url();
   if(!u)
     goto fail;
-  ipv6port = strdup("[fe80::250:56ff:fea7:da15]");
+  ipv6port = curlx_strdup("[fe80::250:56ff:fea7:da15]");
   if(!ipv6port)
     goto fail;
   ret = parse_port(u, ipv6port, FALSE);
@@ -67,7 +67,7 @@ static CURLcode test_unit1653(const char *arg)
   u = curl_url();
   if(!u)
     goto fail;
-  ipv6port = strdup("[fe80::250:56ff:fea7:da15|");
+  ipv6port = curlx_strdup("[fe80::250:56ff:fea7:da15|");
   if(!ipv6port)
     goto fail;
   ret = parse_port(u, ipv6port, FALSE);
@@ -78,7 +78,7 @@ static CURLcode test_unit1653(const char *arg)
   u = curl_url();
   if(!u)
     goto fail;
-  ipv6port = strdup("[fe80::250:56ff;fea7:da15]:808");
+  ipv6port = curlx_strdup("[fe80::250:56ff;fea7:da15]:808");
   if(!ipv6port)
     goto fail;
   ret = parse_port(u, ipv6port, FALSE);
@@ -95,7 +95,7 @@ static CURLcode test_unit1653(const char *arg)
   u = curl_url();
   if(!u)
     goto fail;
-  ipv6port = strdup("[fe80::250:56ff:fea7:da15%25eth3]:80");
+  ipv6port = curlx_strdup("[fe80::250:56ff:fea7:da15%25eth3]:80");
   if(!ipv6port)
     goto fail;
   ret = parse_port(u, ipv6port, FALSE);
@@ -111,7 +111,7 @@ static CURLcode test_unit1653(const char *arg)
   u = curl_url();
   if(!u)
     goto fail;
-  ipv6port = strdup("[fe80::250:56ff:fea7:da15%25eth3]");
+  ipv6port = curlx_strdup("[fe80::250:56ff:fea7:da15%25eth3]");
   if(!ipv6port)
     goto fail;
   ret = parse_port(u, ipv6port, FALSE);
@@ -123,7 +123,7 @@ static CURLcode test_unit1653(const char *arg)
   u = curl_url();
   if(!u)
     goto fail;
-  ipv6port = strdup("[fe80::250:56ff:fea7:da15]:81");
+  ipv6port = curlx_strdup("[fe80::250:56ff:fea7:da15]:81");
   if(!ipv6port)
     goto fail;
   ret = parse_port(u, ipv6port, FALSE);
@@ -139,7 +139,7 @@ static CURLcode test_unit1653(const char *arg)
   u = curl_url();
   if(!u)
     goto fail;
-  ipv6port = strdup("[fe80::250:56ff:fea7:da15];81");
+  ipv6port = curlx_strdup("[fe80::250:56ff:fea7:da15];81");
   if(!ipv6port)
     goto fail;
   ret = parse_port(u, ipv6port, FALSE);
@@ -150,7 +150,7 @@ static CURLcode test_unit1653(const char *arg)
   u = curl_url();
   if(!u)
     goto fail;
-  ipv6port = strdup("[fe80::250:56ff:fea7:da15]80");
+  ipv6port = curlx_strdup("[fe80::250:56ff:fea7:da15]80");
   if(!ipv6port)
     goto fail;
   ret = parse_port(u, ipv6port, FALSE);
@@ -163,7 +163,7 @@ static CURLcode test_unit1653(const char *arg)
   u = curl_url();
   if(!u)
     goto fail;
-  ipv6port = strdup("[fe80::250:56ff:fea7:da15]:");
+  ipv6port = curlx_strdup("[fe80::250:56ff:fea7:da15]:");
   if(!ipv6port)
     goto fail;
   ret = parse_port(u, ipv6port, TRUE);
@@ -175,7 +175,7 @@ static CURLcode test_unit1653(const char *arg)
   u = curl_url();
   if(!u)
     goto fail;
-  ipv6port = strdup("[fe80::250:56ff:fea7:da15!25eth3]:180");
+  ipv6port = curlx_strdup("[fe80::250:56ff:fea7:da15!25eth3]:180");
   if(!ipv6port)
     goto fail;
   ret = parse_port(u, ipv6port, FALSE);
@@ -191,7 +191,7 @@ static CURLcode test_unit1653(const char *arg)
   u = curl_url();
   if(!u)
     goto fail;
-  ipv6port = strdup("[fe80::250:56ff:fea7:da15%eth3]:80");
+  ipv6port = curlx_strdup("[fe80::250:56ff:fea7:da15%eth3]:80");
   if(!ipv6port)
     goto fail;
   ret = parse_port(u, ipv6port, FALSE);
@@ -204,14 +204,14 @@ static CURLcode test_unit1653(const char *arg)
   u = curl_url();
   if(!u)
     goto fail;
-  ipv6port = strdup("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-                    "aaaaaaaaaaaaaaaaaaaaaa:");
+  ipv6port = curlx_strdup("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+                          "aaaaaaaaaaaaaaaaaaaaaa:");
   if(!ipv6port)
     goto fail;
   ret = parse_port(u, ipv6port, FALSE);
   fail_unless(ret == CURLUE_BAD_PORT_NUMBER, "parse_port did wrong");
 fail:
-  free(ipv6port);
+  curlx_free(ipv6port);
   curl_url_cleanup(u);
 
   UNITTEST_END_SIMPLE
diff --git a/tests/unit/unit1661.c b/tests/unit/unit1661.c
index 6cc4485544..d9aa2a61f1 100644
--- a/tests/unit/unit1661.c
+++ b/tests/unit/unit1661.c
@@ -23,7 +23,6 @@
  ***************************************************************************/
 #include "unitcheck.h"
 #include "bufref.h"
-#include "memdebug.h"
 
 static int freecount = 0;
 
@@ -31,7 +30,7 @@ static void test_free(void *p)
 {
   fail_unless(p, "pointer to free may not be NULL");
   freecount++;
-  free(p);
+  curlx_free(p);
 }
 
 static CURLcode t1661_setup(struct bufref *bufref)
@@ -68,7 +67,7 @@ static CURLcode test_unit1661(const char *arg)
   /**
    * testing Curl_bufref_set
    */
-  buffer = malloc(13);
+  buffer = curlx_malloc(13);
   abort_unless(buffer, "Out of memory");
   Curl_bufref_set(&bufref, buffer, 13, test_free);
 
diff --git a/tests/unit/unit1663.c b/tests/unit/unit1663.c
index 0d6fb4bbbe..e4431930a4 100644
--- a/tests/unit/unit1663.c
+++ b/tests/unit/unit1663.c
@@ -32,8 +32,6 @@
 
 #include "cf-socket.h"
 
-#include "memdebug.h" /* LAST include file */
-
 static CURLcode t1663_setup(void)
 {
   CURLcode res = CURLE_OK;
@@ -67,9 +65,9 @@ static void t1663_parse(
                 "host should be equal to exp_host");
   }
 
-  free(dev);
-  free(iface);
-  free(host);
+  curlx_free(dev);
+  curlx_free(iface);
+  curlx_free(host);
 }
 
 static CURLcode test_unit1663(const char *arg)
diff --git a/tests/unit/unit1664.c b/tests/unit/unit1664.c
index 6903c70e92..a24a859e52 100644
--- a/tests/unit/unit1664.c
+++ b/tests/unit/unit1664.c
@@ -30,8 +30,6 @@
 #include 
 #endif
 
-#include "memdebug.h" /* LAST include file */
-
 static CURLcode t1664_setup(void)
 {
   CURLcode res = CURLE_OK;
diff --git a/tests/unit/unit2600.c b/tests/unit/unit2600.c
index f2adc50edd..b69b675b3b 100644
--- a/tests/unit/unit2600.c
+++ b/tests/unit/unit2600.c
@@ -47,7 +47,6 @@
 #include "multiif.h"
 #include "select.h"
 #include "curl_trc.h"
-#include "memdebug.h"
 
 static CURLcode t2600_setup(CURL **easy)
 {
@@ -126,7 +125,7 @@ static void cf_test_destroy(struct Curl_cfilter *cf, struct Curl_easy *data)
 #else
   (void)data;
 #endif
-  free(ctx);
+  curlx_free(ctx);
   cf->ctx = NULL;
 }
 
@@ -193,7 +192,7 @@ static CURLcode cf_test_create(struct Curl_cfilter **pcf,
 
   (void)data;
   (void)conn;
-  ctx = calloc(1, sizeof(*ctx));
+  ctx = curlx_calloc(1, sizeof(*ctx));
   if(!ctx) {
     res = CURLE_OUT_OF_MEMORY;
     goto out;
@@ -233,8 +232,8 @@ static CURLcode cf_test_create(struct Curl_cfilter **pcf,
 out:
   *pcf = (!res) ? cf : NULL;
   if(res) {
-    free(cf);
-    free(ctx);
+    curlx_free(cf);
+    curlx_free(ctx);
   }
   return res;
 }
diff --git a/tests/unit/unit2604.c b/tests/unit/unit2604.c
index 695b121007..fb05189714 100644
--- a/tests/unit/unit2604.c
+++ b/tests/unit/unit2604.c
@@ -23,7 +23,6 @@
  ***************************************************************************/
 #include "unitcheck.h"
 #include "vssh/vssh.h"
-#include "memdebug.h"
 
 static CURLcode test_unit2604(const char *arg)
 {
@@ -79,7 +78,7 @@ static CURLcode test_unit2604(const char *arg)
 #pragma GCC diagnostic pop
 #endif
 
-  char *cp0 = calloc(1, too_long + 1);
+  char *cp0 = curlx_calloc(1, too_long + 1);
   fail_unless(cp0, "could not alloc too long value");
   memset(cp0, 'a', too_long);
 
@@ -108,7 +107,7 @@ static CURLcode test_unit2604(const char *arg)
     }
   }
 
-  free(cp0);
+  curlx_free(cp0);
 
 #endif
 
diff --git a/tests/unit/unit2605.c b/tests/unit/unit2605.c
index 71c37f32cf..49d0b0b000 100644
--- a/tests/unit/unit2605.c
+++ b/tests/unit/unit2605.c
@@ -23,7 +23,6 @@
  ***************************************************************************/
 #include "unitcheck.h"
 #include "vssh/vssh.h"
-#include "memdebug.h"
 
 static CURLcode test_unit2605(const char *arg)
 {
diff --git a/tests/unit/unit3200.c b/tests/unit/unit3200.c
index 0b3c876911..fe00da939d 100644
--- a/tests/unit/unit3200.c
+++ b/tests/unit/unit3200.c
@@ -23,7 +23,6 @@
  ***************************************************************************/
 #include "unitcheck.h"
 #include "curl_get_line.h"
-#include "memdebug.h"
 
 static CURLcode test_unit3200(const char *arg)
 {

From c10dda9ebb6ccaaff7b71000c7c54b86dbd80cc7 Mon Sep 17 00:00:00 2001
From: Yedaya Katsman 
Date: Fri, 28 Nov 2025 15:48:03 +0200
Subject: [PATCH 1045/2408] curlx/fopen: fix typo in copyright

Follow-up to 193cb00ce9b47e75d42157c650cc3de3fd96d35d #19626

Closes #19747
---
 lib/curlx/fopen.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/curlx/fopen.c b/lib/curlx/fopen.c
index c8dff428fc..caf4978af1 100644
--- a/lib/curlx/fopen.c
+++ b/lib/curlx/fopen.c
@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) Danieal Stenberg, , et al.
+ * Copyright (C) Daniel Stenberg, , et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms

From aad3c2e8e14317c99838e3766df6cd2ce8f3f279 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Fri, 28 Nov 2025 14:19:18 +0100
Subject: [PATCH 1046/2408] example: fix formatting nits

Also:
- drop non-portable `__STRING()` macro use where still used.

Closes #19746
---
 docs/examples/10-at-a-time.c            |  2 +-
 docs/examples/anyauthput.c              |  8 +--
 docs/examples/block_ip.c                |  6 +-
 docs/examples/certinfo.c                |  4 +-
 docs/examples/cookie_interface.c        |  3 +-
 docs/examples/crawler.c                 | 15 +++--
 docs/examples/ephiperfifo.c             | 65 +++++++++++----------
 docs/examples/evhiperfifo.c             | 35 ++++++------
 docs/examples/externalsocket.c          |  5 +-
 docs/examples/ftp-wildcard.c            |  5 +-
 docs/examples/ftpget.c                  |  1 -
 docs/examples/ftpgetresp.c              |  2 +-
 docs/examples/ftpuploadfrommem.c        |  4 +-
 docs/examples/getinmemory.c             |  7 +--
 docs/examples/getredirect.c             |  3 +-
 docs/examples/ghiper.c                  | 31 +++++-----
 docs/examples/headerapi.c               |  1 -
 docs/examples/hiperfifo.c               | 75 ++++++++++++++-----------
 docs/examples/hsts-preload.c            |  3 +-
 docs/examples/htmltidy.c                |  4 +-
 docs/examples/htmltitle.cpp             |  7 +--
 docs/examples/http2-pushinmemory.c      |  1 -
 docs/examples/httpput-postfields.c      |  2 +-
 docs/examples/httpput.c                 |  2 +-
 docs/examples/imap-append.c             |  4 +-
 docs/examples/imap-ssl.c                |  2 +-
 docs/examples/log_failed_transfers.c    |  2 +-
 docs/examples/multi-app.c               |  2 +-
 docs/examples/multi-event.c             | 18 +++---
 docs/examples/multi-legacy.c            |  6 +-
 docs/examples/multi-uv.c                | 18 +++---
 docs/examples/multithread.c             |  2 -
 docs/examples/netrc.c                   |  3 +-
 docs/examples/post-callback.c           |  2 +-
 docs/examples/postinmemory.c            |  5 +-
 docs/examples/sftpget.c                 |  4 +-
 docs/examples/sftpuploadresume.c        |  1 -
 docs/examples/shared-connection-cache.c |  4 +-
 docs/examples/simplessl.c               |  8 +--
 docs/examples/smooth-gtk-thread.c       |  9 ++-
 docs/examples/smtp-authzid.c            |  4 +-
 docs/examples/smtp-mail.c               |  4 +-
 docs/examples/smtp-multi.c              |  4 +-
 docs/examples/smtp-ssl.c                |  4 +-
 docs/examples/smtp-tls.c                |  4 +-
 docs/examples/sslbackend.c              |  2 +-
 docs/examples/synctime.c                | 33 ++++++-----
 docs/examples/threaded-ssl.c            |  2 +-
 docs/examples/usercertinmem.c           |  4 +-
 docs/examples/xmlstream.c               | 10 ++--
 50 files changed, 225 insertions(+), 227 deletions(-)

diff --git a/docs/examples/10-at-a-time.c b/docs/examples/10-at-a-time.c
index bddcd15637..22db7c5fc4 100644
--- a/docs/examples/10-at-a-time.c
+++ b/docs/examples/10-at-a-time.c
@@ -81,7 +81,7 @@ static const char *urls[] = {
 };
 
 #define MAX_PARALLEL 10  /* number of simultaneous transfers */
-#define NUM_URLS sizeof(urls)/sizeof(char *)
+#define NUM_URLS (sizeof(urls) / sizeof(char *))
 
 static size_t write_cb(char *data, size_t n, size_t l, void *userp)
 {
diff --git a/docs/examples/anyauthput.c b/docs/examples/anyauthput.c
index eb5959ca22..247d4d0d3b 100644
--- a/docs/examples/anyauthput.c
+++ b/docs/examples/anyauthput.c
@@ -65,9 +65,9 @@
 /* seek callback function */
 static int my_seek(void *userp, curl_off_t offset, int origin)
 {
-  FILE *fp = (FILE *) userp;
+  FILE *fp = (FILE *)userp;
 
-  if(fseek(fp, (long) offset, origin) == -1)
+  if(fseek(fp, (long)offset, origin) == -1)
     /* could not seek */
     return CURL_SEEKFUNC_CANTSEEK;
 
@@ -128,13 +128,13 @@ int main(int argc, char **argv)
     curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_cb);
 
     /* which file to upload */
-    curl_easy_setopt(curl, CURLOPT_READDATA, (void *) fp);
+    curl_easy_setopt(curl, CURLOPT_READDATA, (void *)fp);
 
     /* set the seek function */
     curl_easy_setopt(curl, CURLOPT_SEEKFUNCTION, my_seek);
 
     /* pass the file descriptor to the seek callback as well */
-    curl_easy_setopt(curl, CURLOPT_SEEKDATA, (void *) fp);
+    curl_easy_setopt(curl, CURLOPT_SEEKDATA, (void *)fp);
 
     /* enable "uploading" (which means PUT when doing HTTP) */
     curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L);
diff --git a/docs/examples/block_ip.c b/docs/examples/block_ip.c
index ef7056dc43..bf2193a263 100644
--- a/docs/examples/block_ip.c
+++ b/docs/examples/block_ip.c
@@ -31,7 +31,11 @@
 
 #ifdef __AMIGA__
 #include 
-int main(void) { printf("Platform not supported.\n"); return 1; }
+int main(void)
+{
+  printf("Platform not supported.\n");
+  return 1;
+}
 #else
 
 #ifdef _MSC_VER
diff --git a/docs/examples/certinfo.c b/docs/examples/certinfo.c
index 3176d0a1fc..e799cfc928 100644
--- a/docs/examples/certinfo.c
+++ b/docs/examples/certinfo.c
@@ -29,7 +29,7 @@
 
 #include 
 
-static size_t write_cb(void *ptr,  size_t  size,  size_t  nmemb,  void *stream)
+static size_t write_cb(void *ptr, size_t size, size_t nmemb, void *stream)
 {
   (void)stream;
   (void)ptr;
@@ -74,10 +74,8 @@ int main(void)
 
           for(slist = certinfo->certinfo[i]; slist; slist = slist->next)
             printf("%s\n", slist->data);
-
         }
       }
-
     }
 
     curl_easy_cleanup(curl);
diff --git a/docs/examples/cookie_interface.c b/docs/examples/cookie_interface.c
index a031380f12..0398cdf164 100644
--- a/docs/examples/cookie_interface.c
+++ b/docs/examples/cookie_interface.c
@@ -71,8 +71,7 @@ static int print_cookies(CURL *curl)
   return 0;
 }
 
-int
-main(void)
+int main(void)
 {
   CURL *curl;
   CURLcode res;
diff --git a/docs/examples/crawler.c b/docs/examples/crawler.c
index 419ceab26d..9207199cdf 100644
--- a/docs/examples/crawler.c
+++ b/docs/examples/crawler.c
@@ -65,7 +65,7 @@ struct memory {
 static size_t write_cb(void *contents, size_t sz, size_t nmemb, void *ctx)
 {
   size_t realsize = sz * nmemb;
-  struct memory *mem = (struct memory*) ctx;
+  struct memory *mem = (struct memory *)ctx;
   char *ptr = realloc(mem->buf, mem->size + realsize);
   if(!ptr) {
     /* out of memory */
@@ -109,7 +109,7 @@ static CURL *make_handle(const char *url)
   curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT_MS, 2000L);
   /* skip files larger than a gigabyte */
   curl_easy_setopt(curl, CURLOPT_MAXFILESIZE_LARGE,
-                   (curl_off_t)1024*1024*1024);
+                   (curl_off_t)1024 * 1024 * 1024);
   curl_easy_setopt(curl, CURLOPT_COOKIEFILE, "");
   curl_easy_setopt(curl, CURLOPT_FILETIME, 1L);
   curl_easy_setopt(curl, CURLOPT_USERAGENT, "mini crawler");
@@ -121,8 +121,7 @@ static CURL *make_handle(const char *url)
 }
 
 /* HREF finder implemented in libxml2 but could be any HTML parser */
-static size_t follow_links(CURLM *multi, struct memory *mem,
-                           const char *url)
+static size_t follow_links(CURLM *multi, struct memory *mem, const char *url)
 {
   int opts = HTML_PARSE_NOBLANKS | HTML_PARSE_NOERROR | \
              HTML_PARSE_NOWARNING | HTML_PARSE_NONET;
@@ -135,7 +134,7 @@ static size_t follow_links(CURLM *multi, struct memory *mem,
   xmlXPathObjectPtr result;
   if(!doc)
     return 0;
-  xpath = (xmlChar*) "//a/@href";
+  xpath = (xmlChar *)"//a/@href";
   context = xmlXPathNewContext(doc);
   result = xmlXPathEvalExpression(xpath, context);
   xmlXPathFreeContext(context);
@@ -155,10 +154,10 @@ static size_t follow_links(CURLM *multi, struct memory *mem,
     char *link;
     if(follow_relative_links) {
       xmlChar *orig = href;
-      href = xmlBuildURI(href, (xmlChar *) url);
+      href = xmlBuildURI(href, (xmlChar *)url);
       xmlFree(orig);
     }
-    link = (char *) href;
+    link = (char *)href;
     if(!link || strlen(link) < 20)
       continue;
     if(!strncmp(link, "http://", 7) || !strncmp(link, "https://", 8)) {
@@ -240,7 +239,7 @@ int main(void)
               }
             }
             else {
-              printf("[%d] HTTP %d: %s\n", complete, (int) res_status, url);
+              printf("[%d] HTTP %d: %s\n", complete, (int)res_status, url);
             }
           }
           else {
diff --git a/docs/examples/ephiperfifo.c b/docs/examples/ephiperfifo.c
index b47cbbedbf..e572fffad8 100644
--- a/docs/examples/ephiperfifo.c
+++ b/docs/examples/ephiperfifo.c
@@ -58,7 +58,6 @@ This is purely a demo app, all retrieved data is simply discarded by the write
 callback.
 
 */
-
 #include 
 #include 
 #include 
@@ -77,7 +76,6 @@ callback.
 
 #define MSG_OUT stdout /* Send info to stdout, change to stderr if you want */
 
-
 /* Global information, common to all connections */
 struct GlobalInfo {
   int epfd;    /* epoll filedescriptor */
@@ -105,23 +103,35 @@ struct SockInfo {
   struct GlobalInfo *global;
 };
 
-#define mycase(code) \
-  case code: s = __STRING(code)
-
 /* Die if we get a bad CURLMcode somewhere */
 static void mcode_or_die(const char *where, CURLMcode code)
 {
   if(CURLM_OK != code) {
     const char *s;
     switch(code) {
-      mycase(CURLM_BAD_HANDLE); break;
-      mycase(CURLM_BAD_EASY_HANDLE); break;
-      mycase(CURLM_OUT_OF_MEMORY); break;
-      mycase(CURLM_INTERNAL_ERROR); break;
-      mycase(CURLM_UNKNOWN_OPTION); break;
-      mycase(CURLM_LAST); break;
-      default: s = "CURLM_unknown"; break;
-      mycase(CURLM_BAD_SOCKET);
+    case CURLM_BAD_HANDLE:
+      s = "CURLM_BAD_HANDLE";
+      break;
+    case CURLM_BAD_EASY_HANDLE:
+      s = "CURLM_BAD_EASY_HANDLE";
+      break;
+    case CURLM_OUT_OF_MEMORY:
+      s = "CURLM_OUT_OF_MEMORY";
+      break;
+    case CURLM_INTERNAL_ERROR:
+      s = "CURLM_INTERNAL_ERROR";
+      break;
+    case CURLM_UNKNOWN_OPTION:
+      s = "CURLM_UNKNOWN_OPTION";
+      break;
+    case CURLM_LAST:
+      s = "CURLM_LAST";
+      break;
+    default:
+      s = "CURLM_unknown";
+      break;
+    case CURLM_BAD_SOCKET:
+      s = "CURLM_BAD_SOCKET";
       fprintf(MSG_OUT, "ERROR: %s returns %s\n", where, s);
       /* ignore this error */
       return;
@@ -161,7 +171,7 @@ static int multi_timer_cb(CURLM *multi, long timeout_ms, struct GlobalInfo *g)
     memset(&its, 0, sizeof(its));
   }
 
-  timerfd_settime(g->tfd, /* flags= */0, &its, NULL);
+  timerfd_settime(g->tfd, /* flags= */ 0, &its, NULL);
   return 0;
 }
 
@@ -281,7 +291,7 @@ static void setsock(struct SockInfo *f, curl_socket_t s, CURL *e, int act,
 static void addsock(curl_socket_t s, CURL *curl, int action,
                     struct GlobalInfo *g)
 {
-  struct SockInfo *fdp = (struct SockInfo*)calloc(1, sizeof(struct SockInfo));
+  struct SockInfo *fdp = (struct SockInfo *)calloc(1, sizeof(struct SockInfo));
 
   fdp->global = g;
   setsock(fdp, s, curl, action, g);
@@ -291,12 +301,11 @@ static void addsock(curl_socket_t s, CURL *curl, int action,
 /* CURLMOPT_SOCKETFUNCTION */
 static int sock_cb(CURL *e, curl_socket_t s, int what, void *cbp, void *sockp)
 {
-  struct GlobalInfo *g = (struct GlobalInfo*) cbp;
-  struct SockInfo *fdp = (struct SockInfo*) sockp;
-  const char *whatstr[]={ "none", "IN", "OUT", "INOUT", "REMOVE" };
+  struct GlobalInfo *g = (struct GlobalInfo *)cbp;
+  struct SockInfo *fdp = (struct SockInfo *)sockp;
+  const char *whatstr[] = {"none", "IN", "OUT", "INOUT", "REMOVE"};
 
-  fprintf(MSG_OUT,
-          "socket callback: s=%d e=%p what=%s ", s, e, whatstr[what]);
+  fprintf(MSG_OUT, "socket callback: s=%d e=%p what=%s ", s, e, whatstr[what]);
   if(what == CURL_POLL_REMOVE) {
     fprintf(MSG_OUT, "\n");
     remsock(fdp, g);
@@ -307,8 +316,7 @@ static int sock_cb(CURL *e, curl_socket_t s, int what, void *cbp, void *sockp)
       addsock(s, e, what, g);
     }
     else {
-      fprintf(MSG_OUT,
-              "Changing action from %s to %s\n",
+      fprintf(MSG_OUT, "Changing action from %s to %s\n",
               whatstr[fdp->action], whatstr[what]);
       setsock(fdp, s, e, what, g);
     }
@@ -342,7 +350,7 @@ static void new_conn(const char *url, struct GlobalInfo *g)
   struct ConnInfo *conn;
   CURLMcode rc;
 
-  conn = (struct ConnInfo*)calloc(1, sizeof(*conn));
+  conn = (struct ConnInfo *)calloc(1, sizeof(*conn));
   conn->error[0] = '\0';
 
   conn->curl = curl_easy_init();
@@ -364,8 +372,8 @@ static void new_conn(const char *url, struct GlobalInfo *g)
   curl_easy_setopt(conn->curl, CURLOPT_FOLLOWLOCATION, 1L);
   curl_easy_setopt(conn->curl, CURLOPT_LOW_SPEED_TIME, 3L);
   curl_easy_setopt(conn->curl, CURLOPT_LOW_SPEED_LIMIT, 10L);
-  fprintf(MSG_OUT,
-          "Adding easy %p to multi %p (%s)\n", conn->curl, g->multi, url);
+  fprintf(MSG_OUT, "Adding easy %p to multi %p (%s)\n",
+          conn->curl, g->multi, url);
   rc = curl_multi_add_handle(g->multi, conn->curl);
   mcode_or_die("new_conn: curl_multi_add_handle", rc);
 
@@ -381,9 +389,9 @@ static void fifo_cb(struct GlobalInfo *g, int revents)
   int n = 0;
 
   do {
-    s[0]='\0';
+    s[0] = '\0';
     rv = fscanf(g->input, "%1023s%n", s, &n);
-    s[n]='\0';
+    s[n] = '\0';
     if(n && s[0]) {
       new_conn(s, g); /* if we read a URL, go get it! */
     }
@@ -437,7 +445,6 @@ static void clean_fifo(struct GlobalInfo *g)
   unlink(fifo);
 }
 
-
 int g_should_exit_ = 0;
 
 void sigint_handler(int signo)
@@ -506,7 +513,7 @@ int main(int argc, char **argv)
   while(!g_should_exit_) {
     int idx;
     int err = epoll_wait(g.epfd, events,
-                         sizeof(events)/sizeof(struct epoll_event), 10000);
+                         sizeof(events) / sizeof(struct epoll_event), 10000);
     if(err == -1) {
       /* !checksrc! disable ERRNOVAR 1 */
       if(errno == EINTR) {
diff --git a/docs/examples/evhiperfifo.c b/docs/examples/evhiperfifo.c
index b6b957d54e..178be018a3 100644
--- a/docs/examples/evhiperfifo.c
+++ b/docs/examples/evhiperfifo.c
@@ -61,7 +61,6 @@ This is purely a demo app, all retrieved data is simply discarded by the write
 callback.
 
 */
-
 #include 
 #include 
 #include 
@@ -79,7 +78,6 @@ callback.
 
 #define MSG_OUT stdout /* Send info to stdout, change to stderr if you want */
 
-
 /* Global information, common to all connections */
 struct GlobalInfo {
   struct ev_loop *loop;
@@ -119,7 +117,7 @@ static int multi_timer_cb(CURLM *multi, long timeout_ms, struct GlobalInfo *g)
   ev_timer_stop(g->loop, &g->timer_event);
   if(timeout_ms >= 0) {
     /* -1 means delete, other values are timeout times in milliseconds */
-    double  t = timeout_ms / 1000;
+    double t = timeout_ms / 1000;
     ev_timer_init(&g->timer_event, timer_cb, t, 0.);
     ev_timer_start(g->loop, &g->timer_event);
   }
@@ -196,7 +194,7 @@ static void event_cb(EV_P_ struct ev_io *w, int revents)
   int action;
 
   printf("%s  w %p revents %i\n", __PRETTY_FUNCTION__, (void *)w, revents);
-  g = (struct GlobalInfo*) w->data;
+  g = (struct GlobalInfo *)w->data;
 
   action = ((revents & EV_READ) ? CURL_POLL_IN : 0) |
            ((revents & EV_WRITE) ? CURL_POLL_OUT : 0);
@@ -270,15 +268,14 @@ static void addsock(curl_socket_t s, CURL *curl, int action,
 /* CURLMOPT_SOCKETFUNCTION */
 static int sock_cb(CURL *e, curl_socket_t s, int what, void *cbp, void *sockp)
 {
-  struct GlobalInfo *g = (struct GlobalInfo*) cbp;
-  struct SockInfo *fdp = (struct SockInfo*) sockp;
-  const char *whatstr[]={ "none", "IN", "OUT", "INOUT", "REMOVE"};
+  struct GlobalInfo *g = (struct GlobalInfo *)cbp;
+  struct SockInfo *fdp = (struct SockInfo *)sockp;
+  const char *whatstr[] = {"none", "IN", "OUT", "INOUT", "REMOVE"};
 
   printf("%s e %p s %i what %i cbp %p sockp %p\n",
          __PRETTY_FUNCTION__, e, s, what, cbp, sockp);
 
-  fprintf(MSG_OUT,
-          "socket callback: s=%d e=%p what=%s ", s, e, whatstr[what]);
+  fprintf(MSG_OUT, "socket callback: s=%d e=%p what=%s ", s, e, whatstr[what]);
   if(what == CURL_POLL_REMOVE) {
     fprintf(MSG_OUT, "\n");
     remsock(fdp, g);
@@ -289,8 +286,7 @@ static int sock_cb(CURL *e, curl_socket_t s, int what, void *cbp, void *sockp)
       addsock(s, e, what, g);
     }
     else {
-      fprintf(MSG_OUT,
-              "Changing action from %s to %s\n",
+      fprintf(MSG_OUT, "Changing action from %s to %s\n",
               whatstr[fdp->action], whatstr[what]);
       setsock(fdp, s, e, what, g);
     }
@@ -302,7 +298,7 @@ static int sock_cb(CURL *e, curl_socket_t s, int what, void *cbp, void *sockp)
 static size_t write_cb(void *ptr, size_t size, size_t nmemb, void *data)
 {
   size_t realsize = size * nmemb;
-  struct ConnInfo *conn = (struct ConnInfo*) data;
+  struct ConnInfo *conn = (struct ConnInfo *)data;
   (void)ptr;
   (void)conn;
   return realsize;
@@ -316,8 +312,9 @@ static int xferinfo_cb(void *p, curl_off_t dltotal, curl_off_t dlnow,
   (void)ult;
   (void)uln;
 
-  fprintf(MSG_OUT, "Progress: %s (%" CURL_FORMAT_CURL_OFF_T
-          "/%" CURL_FORMAT_CURL_OFF_T ")\n", conn->url, dlnow, dltotal);
+  fprintf(MSG_OUT, "Progress: %s (%" CURL_FORMAT_CURL_OFF_T "/"
+          "%" CURL_FORMAT_CURL_OFF_T ")\n",
+          conn->url, dlnow, dltotal);
   return 0;
 }
 
@@ -328,7 +325,7 @@ static void new_conn(const char *url, struct GlobalInfo *g)
   CURLMcode rc;
 
   conn = calloc(1, sizeof(*conn));
-  conn->error[0]='\0';
+  conn->error[0] = '\0';
 
   conn->curl = curl_easy_init();
   if(!conn->curl) {
@@ -349,8 +346,8 @@ static void new_conn(const char *url, struct GlobalInfo *g)
   curl_easy_setopt(conn->curl, CURLOPT_LOW_SPEED_TIME, 3L);
   curl_easy_setopt(conn->curl, CURLOPT_LOW_SPEED_LIMIT, 10L);
 
-  fprintf(MSG_OUT,
-          "Adding easy %p to multi %p (%s)\n", conn->curl, g->multi, url);
+  fprintf(MSG_OUT, "Adding easy %p to multi %p (%s)\n",
+          conn->curl, g->multi, url);
   rc = curl_multi_add_handle(g->multi, conn->curl);
   mcode_or_die("new_conn: curl_multi_add_handle", rc);
 
@@ -369,9 +366,9 @@ static void fifo_cb(EV_P_ struct ev_io *w, int revents)
   (void)revents;
 
   do {
-    s[0]='\0';
+    s[0] = '\0';
     rv = fscanf(g->input, "%1023s%n", s, &n);
-    s[n]='\0';
+    s[n] = '\0';
     if(n && s[0]) {
       new_conn(s, g);  /* if we read a URL, go get it! */
     }
diff --git a/docs/examples/externalsocket.c b/docs/examples/externalsocket.c
index 610a835272..632d5f2981 100644
--- a/docs/examples/externalsocket.c
+++ b/docs/examples/externalsocket.c
@@ -124,7 +124,7 @@ int main(void)
 
     memset(&servaddr, 0, sizeof(servaddr));
     servaddr.sin_family = AF_INET;
-    servaddr.sin_port   = htons(PORTNUM);
+    servaddr.sin_port = htons(PORTNUM);
 
     servaddr.sin_addr.s_addr = inet_addr(IPADDR);
     if(INADDR_NONE == servaddr.sin_addr.s_addr) {
@@ -132,8 +132,7 @@ int main(void)
       return 2;
     }
 
-    if(connect(sockfd, (struct sockaddr *) &servaddr, sizeof(servaddr)) ==
-       -1) {
+    if(connect(sockfd, (struct sockaddr *)&servaddr, sizeof(servaddr)) == -1) {
       close(sockfd);
       printf("client error: connect: %s\n", strerror(errno));
       return 1;
diff --git a/docs/examples/ftp-wildcard.c b/docs/examples/ftp-wildcard.c
index 3bd2f69083..fa66628f16 100644
--- a/docs/examples/ftp-wildcard.c
+++ b/docs/examples/ftp-wildcard.c
@@ -85,8 +85,7 @@ static long file_is_downloaded(void *input)
   return CURL_CHUNK_END_FUNC_OK;
 }
 
-static size_t write_cb(char *buff, size_t size, size_t nmemb,
-                       void *cb_data)
+static size_t write_cb(char *buff, size_t size, size_t nmemb, void *cb_data)
 {
   struct callback_data *data = cb_data;
   size_t written = 0;
@@ -104,7 +103,7 @@ int main(int argc, char **argv)
   CURL *curl;
 
   /* help data */
-  struct callback_data data = { 0 };
+  struct callback_data data = {0};
 
   /* global initialization */
   CURLcode res = curl_global_init(CURL_GLOBAL_ALL);
diff --git a/docs/examples/ftpget.c b/docs/examples/ftpget.c
index f57974de1f..4001022074 100644
--- a/docs/examples/ftpget.c
+++ b/docs/examples/ftpget.c
@@ -52,7 +52,6 @@ static size_t write_cb(void *buffer, size_t size, size_t nmemb, void *stream)
   return fwrite(buffer, size, nmemb, out->stream);
 }
 
-
 int main(void)
 {
   CURL *curl;
diff --git a/docs/examples/ftpgetresp.c b/docs/examples/ftpgetresp.c
index eec727bf94..53ada7ccae 100644
--- a/docs/examples/ftpgetresp.c
+++ b/docs/examples/ftpgetresp.c
@@ -90,7 +90,7 @@ int main(void)
     curl_easy_cleanup(curl);
   }
 
-  fclose(ftpfile); /* close the local file */
+  fclose(ftpfile);  /* close the local file */
   fclose(respfile); /* close the response file */
 
   curl_global_cleanup();
diff --git a/docs/examples/ftpuploadfrommem.c b/docs/examples/ftpuploadfrommem.c
index af88f52f1a..7c75f2b8d7 100644
--- a/docs/examples/ftpuploadfrommem.c
+++ b/docs/examples/ftpuploadfrommem.c
@@ -30,7 +30,7 @@
 
 #include 
 
-static const char data[]=
+static const char data[] =
   "Lorem ipsum dolor sit amet, consectetur adipiscing elit. "
   "___ rhoncus odio id venenatis volutpat. Vestibulum dapibus "
   "bibendum ullamcorper. Maecenas finibus elit augue, vel "
@@ -64,7 +64,7 @@ static size_t read_cb(char *ptr, size_t size, size_t nmemb, void *userp)
     return copylen;
   }
 
-  return 0;                          /* no more data left to deliver */
+  return 0;  /* no more data left to deliver */
 }
 
 int main(void)
diff --git a/docs/examples/getinmemory.c b/docs/examples/getinmemory.c
index 1deeeda266..d4d8960487 100644
--- a/docs/examples/getinmemory.c
+++ b/docs/examples/getinmemory.c
@@ -37,8 +37,7 @@ struct MemoryStruct {
   size_t size;
 };
 
-static size_t write_cb(void *contents, size_t size, size_t nmemb,
-                                  void *userp)
+static size_t write_cb(void *contents, size_t size, size_t nmemb, void *userp)
 {
   size_t realsize = size * nmemb;
   struct MemoryStruct *mem = (struct MemoryStruct *)userp;
@@ -69,8 +68,8 @@ int main(void)
   if(res)
     return (int)res;
 
-  chunk.memory = malloc(1);  /* grown as needed by the realloc above */
-  chunk.size = 0;    /* no data at this point */
+  chunk.memory = malloc(1); /* grown as needed by the realloc above */
+  chunk.size = 0;           /* no data at this point */
 
   /* init the curl session */
   curl = curl_easy_init();
diff --git a/docs/examples/getredirect.c b/docs/examples/getredirect.c
index b1f42dc9fd..6ad9b9c1aa 100644
--- a/docs/examples/getredirect.c
+++ b/docs/examples/getredirect.c
@@ -54,8 +54,7 @@ int main(void)
               curl_easy_strerror(res));
     else {
       res = curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &response_code);
-      if((res == CURLE_OK) &&
-         ((response_code / 100) != 3)) {
+      if((res == CURLE_OK) && ((response_code / 100) != 3)) {
         /* a redirect implies a 3xx response code */
         fprintf(stderr, "Not a redirect.\n");
       }
diff --git a/docs/examples/ghiper.c b/docs/examples/ghiper.c
index f27521971c..d7b19abb9b 100644
--- a/docs/examples/ghiper.c
+++ b/docs/examples/ghiper.c
@@ -171,8 +171,8 @@ static int update_timeout_cb(CURLM *multi, long timeout_ms, void *userp)
 {
   struct timeval timeout;
   struct GlobalInfo *g = (struct GlobalInfo *)userp;
-  timeout.tv_sec = timeout_ms/1000;
-  timeout.tv_usec = (timeout_ms%1000)*1000;
+  timeout.tv_sec = timeout_ms / 1000;
+  timeout.tv_usec = (timeout_ms % 1000) * 1000;
 
   MSG_OUT("*** update_timeout_cb %ld => %ld:%ld ***\n",
           timeout_ms, timeout.tv_sec, timeout.tv_usec);
@@ -191,7 +191,7 @@ static int update_timeout_cb(CURLM *multi, long timeout_ms, void *userp)
 /* Called by glib when we get action on a multi socket */
 static gboolean event_cb(GIOChannel *ch, GIOCondition condition, gpointer data)
 {
-  struct GlobalInfo *g = (struct GlobalInfo*) data;
+  struct GlobalInfo *g = (struct GlobalInfo *)data;
   CURLMcode rc;
   int fd = g_io_channel_unix_get_fd(ch);
 
@@ -259,9 +259,9 @@ static void addsock(curl_socket_t s, CURL *curl, int action,
 /* CURLMOPT_SOCKETFUNCTION */
 static int sock_cb(CURL *e, curl_socket_t s, int what, void *cbp, void *sockp)
 {
-  struct GlobalInfo *g = (struct GlobalInfo*) cbp;
-  struct SockInfo *fdp = (struct SockInfo*) sockp;
-  static const char *whatstr[]={ "none", "IN", "OUT", "INOUT", "REMOVE" };
+  struct GlobalInfo *g = (struct GlobalInfo *)cbp;
+  struct SockInfo *fdp = (struct SockInfo *)sockp;
+  static const char *whatstr[] = {"none", "IN", "OUT", "INOUT", "REMOVE"};
 
   MSG_OUT("socket callback: s=%d e=%p what=%s ", s, e, whatstr[what]);
   if(what == CURL_POLL_REMOVE) {
@@ -276,8 +276,7 @@ static int sock_cb(CURL *e, curl_socket_t s, int what, void *cbp, void *sockp)
       addsock(s, e, what, g);
     }
     else {
-      MSG_OUT(
-        "Changing action from %d to %d\n", fdp->action, what);
+      MSG_OUT("Changing action from %d to %d\n", fdp->action, what);
       setsock(fdp, s, e, what, g);
     }
   }
@@ -288,7 +287,7 @@ static int sock_cb(CURL *e, curl_socket_t s, int what, void *cbp, void *sockp)
 static size_t write_cb(void *ptr, size_t size, size_t nmemb, void *data)
 {
   size_t realsize = size * nmemb;
-  struct ConnInfo *conn = (struct ConnInfo*) data;
+  struct ConnInfo *conn = (struct ConnInfo *)data;
   (void)ptr;
   (void)conn;
   return realsize;
@@ -302,8 +301,8 @@ static int xferinfo_cb(void *p, curl_off_t dltotal, curl_off_t dlnow,
   (void)ult;
   (void)uln;
 
-  fprintf(MSG_OUT, "Progress: %s (%" CURL_FORMAT_CURL_OFF_T
-          "/%" CURL_FORMAT_CURL_OFF_T ")\n", conn->url, dlnow, dltotal);
+  fprintf(MSG_OUT, "Progress: %s (%" CURL_FORMAT_CURL_OFF_T "/"
+          "%" CURL_FORMAT_CURL_OFF_T ")\n", conn->url, dlnow, dltotal);
   return 0;
 }
 
@@ -357,18 +356,18 @@ static gboolean fifo_cb(GIOChannel *ch, GIOCondition condition, gpointer data)
     rv = g_io_channel_read_line(ch, &buf, &len, &tp, &err);
     if(buf) {
       if(tp) {
-        buf[tp]='\0';
+        buf[tp] = '\0';
       }
-      new_conn(buf, (struct GlobalInfo*)data);
+      new_conn(buf, (struct GlobalInfo *)data);
       g_free(buf);
     }
     else {
       buf = g_malloc(BUF_SIZE + 1);
       while(TRUE) {
-        buf[BUF_SIZE]='\0';
+        buf[BUF_SIZE] = '\0';
         g_io_channel_read_chars(ch, buf, BUF_SIZE, &len, &err);
         if(len) {
-          buf[len]='\0';
+          buf[len] = '\0';
           if(all) {
             tmp = all;
             all = g_strdup_printf("%s%s", tmp, buf);
@@ -383,7 +382,7 @@ static gboolean fifo_cb(GIOChannel *ch, GIOCondition condition, gpointer data)
         }
       }
       if(all) {
-        new_conn(all, (struct GlobalInfo*)data);
+        new_conn(all, (struct GlobalInfo *)data);
         g_free(all);
       }
       g_free(buf);
diff --git a/docs/examples/headerapi.c b/docs/examples/headerapi.c
index 089a23a070..e1fa33b8f6 100644
--- a/docs/examples/headerapi.c
+++ b/docs/examples/headerapi.c
@@ -76,7 +76,6 @@ int main(void)
           printf(" %s: %s (%u)\n", h->name, h->value, (unsigned int)h->amount);
         prev = h;
       } while(h);
-
     }
     /* always cleanup */
     curl_easy_cleanup(curl);
diff --git a/docs/examples/hiperfifo.c b/docs/examples/hiperfifo.c
index 60288b4bd2..576bbb8d2c 100644
--- a/docs/examples/hiperfifo.c
+++ b/docs/examples/hiperfifo.c
@@ -77,7 +77,6 @@ callback.
 
 #define MSG_OUT stdout /* Send info to stdout, change to stderr if you want */
 
-
 /* Global information, common to all connections */
 struct GlobalInfo {
   struct event_base *evbase;
@@ -107,23 +106,35 @@ struct SockInfo {
   struct GlobalInfo *global;
 };
 
-#define mycase(code) \
-  case code: s = __STRING(code)
-
 /* Die if we get a bad CURLMcode somewhere */
 static void mcode_or_die(const char *where, CURLMcode code)
 {
   if(CURLM_OK != code) {
     const char *s;
     switch(code) {
-      mycase(CURLM_BAD_HANDLE); break;
-      mycase(CURLM_BAD_EASY_HANDLE); break;
-      mycase(CURLM_OUT_OF_MEMORY); break;
-      mycase(CURLM_INTERNAL_ERROR); break;
-      mycase(CURLM_UNKNOWN_OPTION); break;
-      mycase(CURLM_LAST); break;
-      default: s = "CURLM_unknown"; break;
-      mycase(CURLM_BAD_SOCKET);
+    case CURLM_BAD_HANDLE:
+      s = "CURLM_BAD_HANDLE";
+      break;
+    case CURLM_BAD_EASY_HANDLE:
+      s = "CURLM_BAD_EASY_HANDLE";
+      break;
+    case CURLM_OUT_OF_MEMORY:
+      s = "CURLM_OUT_OF_MEMORY";
+      break;
+    case CURLM_INTERNAL_ERROR:
+      s = "CURLM_INTERNAL_ERROR";
+      break;
+    case CURLM_UNKNOWN_OPTION:
+      s = "CURLM_UNKNOWN_OPTION";
+      break;
+    case CURLM_LAST:
+      s = "CURLM_LAST";
+      break;
+    default:
+      s = "CURLM_unknown";
+      break;
+    case CURLM_BAD_SOCKET:
+      s = "CURLM_BAD_SOCKET";
       fprintf(MSG_OUT, "ERROR: %s returns %s\n", where, s);
       /* ignore this error */
       return;
@@ -139,8 +150,8 @@ static int multi_timer_cb(CURLM *multi, long timeout_ms, struct GlobalInfo *g)
   struct timeval timeout;
   (void)multi;
 
-  timeout.tv_sec = timeout_ms/1000;
-  timeout.tv_usec = (timeout_ms%1000)*1000;
+  timeout.tv_sec = timeout_ms / 1000;
+  timeout.tv_usec = (timeout_ms % 1000) * 1000;
   fprintf(MSG_OUT, "multi_timer_cb: Setting timeout to %ld ms\n", timeout_ms);
 
   /*
@@ -185,7 +196,7 @@ static void check_multi_info(struct GlobalInfo *g)
 /* Called by libevent when we get action on a multi socket */
 static void event_cb(int fd, short kind, void *userp)
 {
-  struct GlobalInfo *g = (struct GlobalInfo*) userp;
+  struct GlobalInfo *g = (struct GlobalInfo *)userp;
   CURLMcode rc;
 
   int action =
@@ -261,12 +272,11 @@ static void addsock(curl_socket_t s, CURL *curl, int action,
 /* CURLMOPT_SOCKETFUNCTION */
 static int sock_cb(CURL *e, curl_socket_t s, int what, void *cbp, void *sockp)
 {
-  struct GlobalInfo *g = (struct GlobalInfo*) cbp;
-  struct SockInfo *fdp = (struct SockInfo*) sockp;
-  const char *whatstr[]={ "none", "IN", "OUT", "INOUT", "REMOVE" };
+  struct GlobalInfo *g = (struct GlobalInfo *)cbp;
+  struct SockInfo *fdp = (struct SockInfo *)sockp;
+  const char *whatstr[] = {"none", "IN", "OUT", "INOUT", "REMOVE"};
 
-  fprintf(MSG_OUT,
-          "socket callback: s=%d e=%p what=%s ", s, e, whatstr[what]);
+  fprintf(MSG_OUT, "socket callback: s=%d e=%p what=%s ", s, e, whatstr[what]);
   if(what == CURL_POLL_REMOVE) {
     fprintf(MSG_OUT, "\n");
     remsock(fdp);
@@ -277,8 +287,7 @@ static int sock_cb(CURL *e, curl_socket_t s, int what, void *cbp, void *sockp)
       addsock(s, e, what, g);
     }
     else {
-      fprintf(MSG_OUT,
-              "Changing action from %s to %s\n",
+      fprintf(MSG_OUT, "Changing action from %s to %s\n",
               whatstr[fdp->action], whatstr[what]);
       setsock(fdp, s, e, what, g);
     }
@@ -302,8 +311,8 @@ static int xferinfo_cb(void *p, curl_off_t dltotal, curl_off_t dlnow,
   (void)ult;
   (void)uln;
 
-  fprintf(MSG_OUT, "Progress: %s (%" CURL_FORMAT_CURL_OFF_T
-          "/%" CURL_FORMAT_CURL_OFF_T ")\n", conn->url, dlnow, dltotal);
+  fprintf(MSG_OUT, "Progress: %s (%" CURL_FORMAT_CURL_OFF_T "/"
+          "%" CURL_FORMAT_CURL_OFF_T ")\n", conn->url, dlnow, dltotal);
   return 0;
 }
 
@@ -333,8 +342,8 @@ static void new_conn(const char *url, struct GlobalInfo *g)
   curl_easy_setopt(conn->curl, CURLOPT_XFERINFOFUNCTION, xferinfo_cb);
   curl_easy_setopt(conn->curl, CURLOPT_PROGRESSDATA, conn);
   curl_easy_setopt(conn->curl, CURLOPT_FOLLOWLOCATION, 1L);
-  fprintf(MSG_OUT,
-          "Adding easy %p to multi %p (%s)\n", conn->curl, g->multi, url);
+  fprintf(MSG_OUT, "Adding easy %p to multi %p (%s)\n",
+          conn->curl, g->multi, url);
   rc = curl_multi_add_handle(g->multi, conn->curl);
   mcode_or_die("new_conn: curl_multi_add_handle", rc);
 
@@ -353,9 +362,9 @@ static void fifo_cb(int fd, short event, void *arg)
   (void)event;
 
   do {
-    s[0]='\0';
+    s[0] = '\0';
     rv = fscanf(g->input, "%1023s%n", s, &n);
-    s[n]='\0';
+    s[n] = '\0';
     if(n && s[0]) {
       if(!strcmp(s, "stop")) {
         g->stopped = 1;
@@ -386,7 +395,7 @@ static int init_fifo(struct GlobalInfo *g)
     }
   }
   unlink(fifo);
-  if(mkfifo (fifo, 0600) == -1) {
+  if(mkfifo(fifo, 0600) == -1) {
     perror("mkfifo");
     return 1;
   }
@@ -398,7 +407,7 @@ static int init_fifo(struct GlobalInfo *g)
   g->input = fdopen(sockfd, "r");
 
   fprintf(MSG_OUT, "Now, pipe some URL's into > %s\n", fifo);
-  event_assign(&g->fifo_event, g->evbase, sockfd, EV_READ|EV_PERSIST,
+  event_assign(&g->fifo_event, g->evbase, sockfd, EV_READ | EV_PERSIST,
                fifo_cb, g);
   event_add(&g->fifo_event, NULL);
   return 0;
@@ -406,9 +415,9 @@ static int init_fifo(struct GlobalInfo *g)
 
 static void clean_fifo(struct GlobalInfo *g)
 {
-    event_del(&g->fifo_event);
-    fclose(g->input);
-    unlink(fifo);
+  event_del(&g->fifo_event);
+  fclose(g->input);
+  unlink(fifo);
 }
 
 int main(int argc, char **argv)
diff --git a/docs/examples/hsts-preload.c b/docs/examples/hsts-preload.c
index ad71c62cad..b029df2a0a 100644
--- a/docs/examples/hsts-preload.c
+++ b/docs/examples/hsts-preload.c
@@ -53,8 +53,7 @@ struct state {
 
 /* "read" is from the point of the library, it wants data from us. One domain
    entry per invoke. */
-static CURLSTScode hstsread(CURL *curl, struct curl_hstsentry *e,
-                            void *userp)
+static CURLSTScode hstsread(CURL *curl, struct curl_hstsentry *e, void *userp)
 {
   const char *host;
   const char *expire;
diff --git a/docs/examples/htmltidy.c b/docs/examples/htmltidy.c
index 04b4809317..9865a633ef 100644
--- a/docs/examples/htmltidy.c
+++ b/docs/examples/htmltidy.c
@@ -48,14 +48,14 @@ static uint write_cb(char *in, uint size, uint nmemb, TidyBuffer *out)
 static void dumpNode(TidyDoc doc, TidyNode tnod, int indent)
 {
   TidyNode child;
-  for(child = tidyGetChild(tnod); child; child = tidyGetNext(child) ) {
+  for(child = tidyGetChild(tnod); child; child = tidyGetNext(child)) {
     ctmbstr name = tidyNodeGetName(child);
     if(name) {
       /* if it has a name, then it is an HTML tag ... */
       TidyAttr attr;
       printf("%*.*s%s ", indent, indent, "<", name);
       /* walk the attribute list */
-      for(attr = tidyAttrFirst(child); attr; attr = tidyAttrNext(attr) ) {
+      for(attr = tidyAttrFirst(child); attr; attr = tidyAttrNext(attr)) {
         printf("%s", tidyAttrName(attr));
         tidyAttrValue(attr) ? printf("=\"%s\" ",
                                      tidyAttrValue(attr)) : printf(" ");
diff --git a/docs/examples/htmltitle.cpp b/docs/examples/htmltitle.cpp
index 97b924b180..a6f944ff0e 100644
--- a/docs/examples/htmltitle.cpp
+++ b/docs/examples/htmltitle.cpp
@@ -55,9 +55,8 @@
 //  libxml callback context structure
 //
 
-struct Context
-{
-  Context(): addTitle(false) { }
+struct Context {
+  Context() : addTitle(false) {}
 
   bool addTitle;
   std::string title;
@@ -79,7 +78,7 @@ static size_t writer(char *data, size_t size, size_t nmemb,
   if(writerData == NULL)
     return 0;
 
-  writerData->append(data, size*nmemb);
+  writerData->append(data, size * nmemb);
 
   return size * nmemb;
 }
diff --git a/docs/examples/http2-pushinmemory.c b/docs/examples/http2-pushinmemory.c
index 14f37dbbbc..df896e1af5 100644
--- a/docs/examples/http2-pushinmemory.c
+++ b/docs/examples/http2-pushinmemory.c
@@ -115,7 +115,6 @@ static int server_push_callback(CURL *parent,
   return CURL_PUSH_OK;
 }
 
-
 /*
  * Download a file over HTTP/2, take care of server push.
  */
diff --git a/docs/examples/httpput-postfields.c b/docs/examples/httpput-postfields.c
index 29fd6273d7..4fd92aaffb 100644
--- a/docs/examples/httpput-postfields.c
+++ b/docs/examples/httpput-postfields.c
@@ -30,7 +30,7 @@
 
 #include 
 
-static const char olivertwist[]=
+static const char olivertwist[] =
   "Among other public buildings in a certain town, which for many reasons "
   "it will be prudent to refrain from mentioning, and to which I will assign "
   "no fictitious name, there is one anciently common to most towns, great or "
diff --git a/docs/examples/httpput.c b/docs/examples/httpput.c
index 5c3fc314b8..026fde1210 100644
--- a/docs/examples/httpput.c
+++ b/docs/examples/httpput.c
@@ -77,7 +77,7 @@ int main(int argc, char **argv)
 {
   CURL *curl;
   CURLcode res;
-  FILE * hd_src;
+  FILE *hd_src;
   struct stat file_info;
 
   char *file;
diff --git a/docs/examples/imap-append.c b/docs/examples/imap-append.c
index 81ca682ffd..91cbac6915 100644
--- a/docs/examples/imap-append.c
+++ b/docs/examples/imap-append.c
@@ -64,7 +64,7 @@ static size_t read_cb(char *ptr, size_t size, size_t nmemb, void *userp)
   const char *data;
   size_t room = size * nmemb;
 
-  if((size == 0) || (nmemb == 0) || ((size*nmemb) < 1)) {
+  if((size == 0) || (nmemb == 0) || ((size * nmemb) < 1)) {
     return 0;
   }
 
@@ -95,7 +95,7 @@ int main(void)
   if(curl) {
     size_t filesize;
     long infilesize = LONG_MAX;
-    struct upload_status upload_ctx = { 0 };
+    struct upload_status upload_ctx = {0};
 
     /* Set username and password */
     curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
diff --git a/docs/examples/imap-ssl.c b/docs/examples/imap-ssl.c
index 259eddc26f..52448f492d 100644
--- a/docs/examples/imap-ssl.c
+++ b/docs/examples/imap-ssl.c
@@ -51,7 +51,7 @@ int main(void)
     curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
 
     /* This fetches message 1 from the user's inbox. Note the use of
-    * imaps:// rather than imap:// to request an SSL based connection. */
+     * imaps:// rather than imap:// to request an SSL based connection. */
     curl_easy_setopt(curl, CURLOPT_URL,
                      "imaps://imap.example.com/INBOX/;UID=1");
 
diff --git a/docs/examples/log_failed_transfers.c b/docs/examples/log_failed_transfers.c
index a0d209ffc3..0c5c1a3b54 100644
--- a/docs/examples/log_failed_transfers.c
+++ b/docs/examples/log_failed_transfers.c
@@ -236,7 +236,7 @@ int main(void)
   curl_global_trace("all");
 #endif
 
-  for(i = 0; i < sizeof(transfer)/sizeof(transfer[0]); ++i) {
+  for(i = 0; i < sizeof(transfer) / sizeof(transfer[0]); ++i) {
     int failed = 0;
     struct transfer *t = &transfer[i];
 
diff --git a/docs/examples/multi-app.c b/docs/examples/multi-app.c
index 460c93057a..d58181e027 100644
--- a/docs/examples/multi-app.c
+++ b/docs/examples/multi-app.c
@@ -66,7 +66,7 @@ int main(void)
 
     int still_running = 1; /* keep number of running handles */
 
-    CURLMsg *msg; /* for picking up messages with the transfer status */
+    CURLMsg *msg;  /* for picking up messages with the transfer status */
     int msgs_left; /* how many messages are left */
 
     /* add the individual transfers */
diff --git a/docs/examples/multi-event.c b/docs/examples/multi-event.c
index 2698e24678..901d7dd6e7 100644
--- a/docs/examples/multi-event.c
+++ b/docs/examples/multi-event.c
@@ -47,7 +47,7 @@ static struct curl_context *create_curl_context(curl_socket_t sockfd)
 {
   struct curl_context *context;
 
-  context = (struct curl_context *) malloc(sizeof(*context));
+  context = (struct curl_context *)malloc(sizeof(*context));
 
   context->sockfd = sockfd;
 
@@ -134,10 +134,9 @@ static void curl_perform(int fd, short event, void *arg)
   if(event & EV_WRITE)
     flags |= CURL_CSELECT_OUT;
 
-  context = (struct curl_context *) arg;
+  context = (struct curl_context *)arg;
 
-  curl_multi_socket_action(multi, context->sockfd, flags,
-                           &running_handles);
+  curl_multi_socket_action(multi, context->sockfd, flags, &running_handles);
 
   check_multi_info();
 }
@@ -148,8 +147,7 @@ static void on_timeout(evutil_socket_t fd, short events, void *arg)
   (void)fd;
   (void)events;
   (void)arg;
-  curl_multi_socket_action(multi, CURL_SOCKET_TIMEOUT, 0,
-                           &running_handles);
+  curl_multi_socket_action(multi, CURL_SOCKET_TIMEOUT, 0, &running_handles);
   check_multi_info();
 }
 
@@ -186,9 +184,9 @@ static int handle_socket(CURL *curl, curl_socket_t s, int action, void *userp,
   case CURL_POLL_OUT:
   case CURL_POLL_INOUT:
     curl_context = socketp ?
-      (struct curl_context *) socketp : create_curl_context(s);
+      (struct curl_context *)socketp : create_curl_context(s);
 
-    curl_multi_assign(multi, s, (void *) curl_context);
+    curl_multi_assign(multi, s, (void *)curl_context);
 
     if(action != CURL_POLL_IN)
       events |= EV_WRITE;
@@ -205,8 +203,8 @@ static int handle_socket(CURL *curl, curl_socket_t s, int action, void *userp,
     break;
   case CURL_POLL_REMOVE:
     if(socketp) {
-      event_del(((struct curl_context*) socketp)->event);
-      destroy_curl_context((struct curl_context*) socketp);
+      event_del(((struct curl_context *)socketp)->event);
+      destroy_curl_context((struct curl_context *)socketp);
       curl_multi_assign(multi, s, NULL);
     }
     break;
diff --git a/docs/examples/multi-legacy.c b/docs/examples/multi-legacy.c
index ca2c0a4c7a..e34d1cd710 100644
--- a/docs/examples/multi-legacy.c
+++ b/docs/examples/multi-legacy.c
@@ -72,7 +72,7 @@ int main(void)
 
     int still_running = 0; /* keep number of running handles */
 
-    CURLMsg *msg; /* for picking up messages with the transfer status */
+    CURLMsg *msg;  /* for picking up messages with the transfer status */
     int msgs_left; /* how many messages are left */
 
     /* add the individual transfers */
@@ -85,7 +85,7 @@ int main(void)
     while(still_running) {
 
       struct timeval timeout;
-      int rc; /* select() return code */
+      int rc;       /* select() return code */
       CURLMcode mc; /* curl_multi_fdset() return code */
 
       fd_set fdread;
@@ -155,7 +155,7 @@ int main(void)
       case -1:
         /* select error */
         break;
-      case 0: /* timeout */
+      case 0:  /* timeout */
       default: /* action */
         curl_multi_perform(multi, &still_running);
         break;
diff --git a/docs/examples/multi-uv.c b/docs/examples/multi-uv.c
index 1dac320489..4053cb9061 100644
--- a/docs/examples/multi-uv.c
+++ b/docs/examples/multi-uv.c
@@ -60,7 +60,7 @@ static struct curl_context *create_curl_context(curl_socket_t sockfd,
 {
   struct curl_context *context;
 
-  context = (struct curl_context *) malloc(sizeof(*context));
+  context = (struct curl_context *)malloc(sizeof(*context));
 
   context->sockfd = sockfd;
   context->uv = uv;
@@ -73,13 +73,13 @@ static struct curl_context *create_curl_context(curl_socket_t sockfd,
 
 static void curl_close_cb(uv_handle_t *handle)
 {
-  struct curl_context *context = (struct curl_context *) handle->data;
+  struct curl_context *context = (struct curl_context *)handle->data;
   free(context);
 }
 
 static void destroy_curl_context(struct curl_context *context)
 {
-  uv_close((uv_handle_t *) &context->poll_handle, curl_close_cb);
+  uv_close((uv_handle_t *)&context->poll_handle, curl_close_cb);
 }
 
 static void add_download(const char *url, int num, CURLM *multi)
@@ -145,7 +145,7 @@ static void on_uv_socket(uv_poll_t *req, int status, int events)
 {
   int running_handles;
   int flags = 0;
-  struct curl_context *context = (struct curl_context *) req->data;
+  struct curl_context *context = (struct curl_context *)req->data;
   (void)status;
   if(events & UV_READABLE)
     flags |= CURL_CSELECT_IN;
@@ -202,9 +202,9 @@ static int cb_socket(CURL *curl, curl_socket_t s, int action,
   case CURL_POLL_OUT:
   case CURL_POLL_INOUT:
     curl_context = socketp ?
-      (struct curl_context *) socketp : create_curl_context(s, uv);
+      (struct curl_context *)socketp : create_curl_context(s, uv);
 
-    curl_multi_assign(uv->multi, s, (void *) curl_context);
+    curl_multi_assign(uv->multi, s, (void *)curl_context);
 
     if(action != CURL_POLL_IN)
       events |= UV_WRITABLE;
@@ -215,8 +215,8 @@ static int cb_socket(CURL *curl, curl_socket_t s, int action,
     break;
   case CURL_POLL_REMOVE:
     if(socketp) {
-      uv_poll_stop(&((struct curl_context*)socketp)->poll_handle);
-      destroy_curl_context((struct curl_context*) socketp);
+      uv_poll_stop(&((struct curl_context *)socketp)->poll_handle);
+      destroy_curl_context((struct curl_context *)socketp);
       curl_multi_assign(uv->multi, s, NULL);
     }
     break;
@@ -230,7 +230,7 @@ static int cb_socket(CURL *curl, curl_socket_t s, int action,
 int main(int argc, char **argv)
 {
   CURLcode res;
-  struct datauv uv = { 0 };
+  struct datauv uv = {0};
   int running_handles;
 
   if(argc <= 1)
diff --git a/docs/examples/multithread.c b/docs/examples/multithread.c
index 7de1baea90..308c1168e2 100644
--- a/docs/examples/multithread.c
+++ b/docs/examples/multithread.c
@@ -56,7 +56,6 @@ struct targ {
   const char *url;
 };
 
-
 static void *pull_one_url(void *p)
 {
   CURL *curl;
@@ -72,7 +71,6 @@ static void *pull_one_url(void *p)
   return NULL;
 }
 
-
 /*
    int pthread_create(pthread_t *new_thread_ID,
    const pthread_attr_t *attr,
diff --git a/docs/examples/netrc.c b/docs/examples/netrc.c
index 91f8df96dc..a9eaebff88 100644
--- a/docs/examples/netrc.c
+++ b/docs/examples/netrc.c
@@ -40,8 +40,7 @@ int main(void)
   curl = curl_easy_init();
   if(curl) {
     curl_easy_setopt(curl, CURLOPT_NETRC, CURL_NETRC_OPTIONAL);
-    curl_easy_setopt(curl, CURLOPT_NETRC_FILE,
-                     "/home/daniel/s3cr3ts.txt");
+    curl_easy_setopt(curl, CURLOPT_NETRC_FILE, "/home/daniel/s3cr3ts.txt");
     curl_easy_setopt(curl, CURLOPT_URL, "https://curl.se/");
 
     res = curl_easy_perform(curl);
diff --git a/docs/examples/post-callback.c b/docs/examples/post-callback.c
index bbab002790..c463e3785c 100644
--- a/docs/examples/post-callback.c
+++ b/docs/examples/post-callback.c
@@ -47,7 +47,7 @@ struct WriteThis {
 static size_t read_cb(char *dest, size_t size, size_t nmemb, void *userp)
 {
   struct WriteThis *wt = (struct WriteThis *)userp;
-  size_t buffer_size = size*nmemb;
+  size_t buffer_size = size * nmemb;
 
   if(wt->sizeleft) {
     /* copy as much as possible from the source to the destination */
diff --git a/docs/examples/postinmemory.c b/docs/examples/postinmemory.c
index fc42251ddd..089d9a9c74 100644
--- a/docs/examples/postinmemory.c
+++ b/docs/examples/postinmemory.c
@@ -36,8 +36,7 @@ struct MemoryStruct {
   size_t size;
 };
 
-static size_t write_cb(void *contents, size_t size, size_t nmemb,
-                                  void *userp)
+static size_t write_cb(void *contents, size_t size, size_t nmemb, void *userp)
 {
   size_t realsize = size * nmemb;
   struct MemoryStruct *mem = (struct MemoryStruct *)userp;
@@ -104,7 +103,7 @@ int main(void)
        *
        * Do something nice with it!
        */
-      printf("%s\n",chunk.memory);
+      printf("%s\n", chunk.memory);
     }
 
     /* always cleanup */
diff --git a/docs/examples/sftpget.c b/docs/examples/sftpget.c
index 287d5b253e..470474cafd 100644
--- a/docs/examples/sftpget.c
+++ b/docs/examples/sftpget.c
@@ -50,8 +50,7 @@ struct FtpFile {
   FILE *stream;
 };
 
-static size_t write_cb(void *buffer, size_t size, size_t nmemb,
-                        void *stream)
+static size_t write_cb(void *buffer, size_t size, size_t nmemb, void *stream)
 {
   struct FtpFile *out = (struct FtpFile *)stream;
   if(!out->stream) {
@@ -63,7 +62,6 @@ static size_t write_cb(void *buffer, size_t size, size_t nmemb,
   return fwrite(buffer, size, nmemb, out->stream);
 }
 
-
 int main(void)
 {
   CURL *curl;
diff --git a/docs/examples/sftpuploadresume.c b/docs/examples/sftpuploadresume.c
index 84bb425549..9b78f96ee4 100644
--- a/docs/examples/sftpuploadresume.c
+++ b/docs/examples/sftpuploadresume.c
@@ -83,7 +83,6 @@ static curl_off_t sftpGetRemoteFileSize(const char *i_remoteFile)
   return remoteFileSizeByte;
 }
 
-
 static int sftpResumeUpload(CURL *curl, const char *remotepath,
                             const char *localpath)
 {
diff --git a/docs/examples/shared-connection-cache.c b/docs/examples/shared-connection-cache.c
index bc1239428b..acaa610dec 100644
--- a/docs/examples/shared-connection-cache.c
+++ b/docs/examples/shared-connection-cache.c
@@ -29,8 +29,8 @@
 
 #include 
 
-static void my_lock(CURL *curl, curl_lock_data data,
-                    curl_lock_access laccess, void *useptr)
+static void my_lock(CURL *curl, curl_lock_data data, curl_lock_access laccess,
+                    void *useptr)
 {
   (void)curl;
   (void)data;
diff --git a/docs/examples/simplessl.c b/docs/examples/simplessl.c
index a41a9ac29e..3cf4b462bd 100644
--- a/docs/examples/simplessl.c
+++ b/docs/examples/simplessl.c
@@ -68,11 +68,11 @@ int main(void)
   const char *pKeyType;
 
 #ifdef USE_ENGINE
-  pKeyName  = "rsa_test";
-  pKeyType  = "ENG";
+  pKeyName = "rsa_test";
+  pKeyType = "ENG";
 #else
-  pKeyName  = "testkey.pem";
-  pKeyType  = "PEM";
+  pKeyName = "testkey.pem";
+  pKeyType = "PEM";
 #endif
 
   res = curl_global_init(CURL_GLOBAL_ALL);
diff --git a/docs/examples/smooth-gtk-thread.c b/docs/examples/smooth-gtk-thread.c
index 2a3cdbc0ef..6bf8946721 100644
--- a/docs/examples/smooth-gtk-thread.c
+++ b/docs/examples/smooth-gtk-thread.c
@@ -108,11 +108,10 @@ static void *pull_one_url(void *NaN)
   return NULL;
 }
 
-
 static gboolean pulse_bar(gpointer data)
 {
   gdk_threads_enter();
-  gtk_progress_bar_pulse(GTK_PROGRESS_BAR (data));
+  gtk_progress_bar_pulse(GTK_PROGRESS_BAR(data));
   gdk_threads_leave();
 
   /* Return true so the function is called again; returning false removes this
@@ -127,7 +126,7 @@ static void *create_thread(void *progress_bar)
   int i;
 
   /* Make sure I do not create more threads than urls. */
-  for(i = 0; i < NUMT && i < num_urls ; i++) {
+  for(i = 0; i < NUMT && i < num_urls; i++) {
     int error = pthread_create(&tid[i],
                                NULL, /* default attributes please */
                                pull_one_url,
@@ -196,7 +195,7 @@ int main(int argc, char **argv)
 
   /* Progress bar */
   progress_bar = gtk_progress_bar_new();
-  gtk_progress_bar_pulse(GTK_PROGRESS_BAR (progress_bar));
+  gtk_progress_bar_pulse(GTK_PROGRESS_BAR(progress_bar));
   /* Make uniform pulsing */
   gint pulse_ref = g_timeout_add(300, pulse_bar, progress_bar);
   g_object_set_data(G_OBJECT(progress_bar), "pulse_id",
@@ -206,7 +205,7 @@ int main(int argc, char **argv)
   gtk_widget_show_all(top_window);
   printf("gtk_widget_show_all\n");
 
-  g_signal_connect(G_OBJECT (top_window), "delete-event",
+  g_signal_connect(G_OBJECT(top_window), "delete-event",
                    G_CALLBACK(cb_delete), NULL);
 
   if(!g_thread_create(&create_thread, progress_bar, FALSE, NULL) != 0)
diff --git a/docs/examples/smtp-authzid.c b/docs/examples/smtp-authzid.c
index a375d839b1..e7dd20f590 100644
--- a/docs/examples/smtp-authzid.c
+++ b/docs/examples/smtp-authzid.c
@@ -73,7 +73,7 @@ static size_t read_cb(char *ptr, size_t size, size_t nmemb, void *userp)
   size_t room = size * nmemb;
   size_t len;
 
-  if((size == 0) || (nmemb == 0) || ((size*nmemb) < 1)) {
+  if((size == 0) || (nmemb == 0) || ((size * nmemb) < 1)) {
     return 0;
   }
 
@@ -99,7 +99,7 @@ int main(void)
   curl = curl_easy_init();
   if(curl) {
     struct curl_slist *recipients = NULL;
-    struct upload_status upload_ctx = { 0 };
+    struct upload_status upload_ctx = {0};
 
     /* This is the URL for your mailserver. In this example we connect to the
        smtp-submission port as we require an authenticated connection. */
diff --git a/docs/examples/smtp-mail.c b/docs/examples/smtp-mail.c
index e6e77b97a3..d5074abbf2 100644
--- a/docs/examples/smtp-mail.c
+++ b/docs/examples/smtp-mail.c
@@ -70,7 +70,7 @@ static size_t read_cb(char *ptr, size_t size, size_t nmemb, void *userp)
   size_t room = size * nmemb;
   size_t len;
 
-  if((size == 0) || (nmemb == 0) || ((size*nmemb) < 1)) {
+  if((size == 0) || (nmemb == 0) || ((size * nmemb) < 1)) {
     return 0;
   }
 
@@ -96,7 +96,7 @@ int main(void)
   curl = curl_easy_init();
   if(curl) {
     struct curl_slist *recipients = NULL;
-    struct upload_status upload_ctx = { 0 };
+    struct upload_status upload_ctx = {0};
 
     /* This is the URL for your mailserver */
     curl_easy_setopt(curl, CURLOPT_URL, "smtp://mail.example.com");
diff --git a/docs/examples/smtp-multi.c b/docs/examples/smtp-multi.c
index ab7165cd52..8cb5e65a26 100644
--- a/docs/examples/smtp-multi.c
+++ b/docs/examples/smtp-multi.c
@@ -63,7 +63,7 @@ static size_t read_cb(char *ptr, size_t size, size_t nmemb, void *userp)
   size_t room = size * nmemb;
   size_t len;
 
-  if((size == 0) || (nmemb == 0) || ((size*nmemb) < 1)) {
+  if((size == 0) || (nmemb == 0) || ((size * nmemb) < 1)) {
     return 0;
   }
 
@@ -94,7 +94,7 @@ int main(void)
     if(multi) {
       int still_running = 1;
       struct curl_slist *recipients = NULL;
-      struct upload_status upload_ctx = { 0 };
+      struct upload_status upload_ctx = {0};
 
       /* This is the URL for your mailserver */
       curl_easy_setopt(curl, CURLOPT_URL, "smtp://mail.example.com");
diff --git a/docs/examples/smtp-ssl.c b/docs/examples/smtp-ssl.c
index 4ebc58f1b5..3b140c904c 100644
--- a/docs/examples/smtp-ssl.c
+++ b/docs/examples/smtp-ssl.c
@@ -67,7 +67,7 @@ static size_t read_cb(char *ptr, size_t size, size_t nmemb, void *userp)
   size_t room = size * nmemb;
   size_t len;
 
-  if((size == 0) || (nmemb == 0) || ((size*nmemb) < 1)) {
+  if((size == 0) || (nmemb == 0) || ((size * nmemb) < 1)) {
     return 0;
   }
 
@@ -93,7 +93,7 @@ int main(void)
   curl = curl_easy_init();
   if(curl) {
     struct curl_slist *recipients = NULL;
-    struct upload_status upload_ctx = { 0 };
+    struct upload_status upload_ctx = {0};
 
     /* Set username and password */
     curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
diff --git a/docs/examples/smtp-tls.c b/docs/examples/smtp-tls.c
index f6b3bb6053..3bf3b0cddf 100644
--- a/docs/examples/smtp-tls.c
+++ b/docs/examples/smtp-tls.c
@@ -67,7 +67,7 @@ static size_t read_cb(char *ptr, size_t size, size_t nmemb, void *userp)
   size_t room = size * nmemb;
   size_t len;
 
-  if((size == 0) || (nmemb == 0) || ((size*nmemb) < 1)) {
+  if((size == 0) || (nmemb == 0) || ((size * nmemb) < 1)) {
     return 0;
   }
 
@@ -93,7 +93,7 @@ int main(void)
   curl = curl_easy_init();
   if(curl) {
     struct curl_slist *recipients = NULL;
-    struct upload_status upload_ctx = { 0 };
+    struct upload_status upload_ctx = {0};
 
     /* Set username and password */
     curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
diff --git a/docs/examples/sslbackend.c b/docs/examples/sslbackend.c
index fd2b57534e..5615bec72d 100644
--- a/docs/examples/sslbackend.c
+++ b/docs/examples/sslbackend.c
@@ -38,7 +38,7 @@
  * SSL backend has to be configured).
  *
  *  **** This example only works with libcurl 7.56.0 and later! ****
-*/
+ */
 
 int main(int argc, char **argv)
 {
diff --git a/docs/examples/synctime.c b/docs/examples/synctime.c
index a9a746c30a..b2a3b92607 100644
--- a/docs/examples/synctime.c
+++ b/docs/examples/synctime.c
@@ -66,7 +66,11 @@
 #include 
 
 #ifndef _WIN32
-int main(void) { printf("Platform not supported.\n"); return 1; }
+int main(void)
+{
+  printf("Platform not supported.\n");
+  return 1;
+}
 #else
 
 #if (defined(_WIN32_WINNT) && (_WIN32_WINNT >= 0x0602)) || \
@@ -79,7 +83,11 @@ int main(void) { printf("Platform not supported.\n"); return 1; }
 #endif
 
 #ifdef CURL_WINDOWS_UWP
-int main(void) { printf("Platform not supported.\n"); return 1; }
+int main(void)
+{
+  printf("Platform not supported.\n");
+  return 1;
+}
 #else
 
 #include 
@@ -123,8 +131,7 @@ static SYSTEMTIME LOCALTime;
 #define HTTP_COMMAND_HEAD       0
 #define HTTP_COMMAND_GET        1
 
-static size_t write_cb(void *ptr, size_t size, size_t nmemb,
-                                        void *stream)
+static size_t write_cb(void *ptr, size_t size, size_t nmemb, void *stream)
 {
   fwrite(ptr, size, nmemb, stream);
   return nmemb * size;
@@ -280,7 +287,7 @@ int main(int argc, char *argv[])
         snprintf(conf->http_proxy, MAX_STRING, "%s", &argv[OptionIndex][8]);
 
       if((strcmp(argv[OptionIndex], "--help") == 0) ||
-          (strcmp(argv[OptionIndex], "/?") == 0)) {
+         (strcmp(argv[OptionIndex], "/?") == 0)) {
         showUsage();
         return 0;
       }
@@ -317,9 +324,9 @@ int main(int argc, char *argv[])
     gmt      = gmtime(&tt);
     tt_gmt   = mktime(gmt);
     tzonediffFloat = difftime(tt_local, tt_gmt);
-    tzonediffWord  = (int)(tzonediffFloat/3600.0);
+    tzonediffWord = (int)(tzonediffFloat / 3600.0);
 
-    if(tzonediffWord == (int)(tzonediffFloat/3600.0))
+    if(tzonediffWord == (int)(tzonediffFloat / 3600.0))
       snprintf(tzoneBuf, sizeof(tzoneBuf), "%+03d'00'", tzonediffWord);
     else
       snprintf(tzoneBuf, sizeof(tzoneBuf), "%+03d'30'", tzonediffWord);
@@ -329,9 +336,8 @@ int main(int argc, char *argv[])
     GetLocalTime(&LOCALTime);
     snprintf(timeBuf, 60, "%s, %02d %s %04d %02d:%02d:%02d.%03d, ",
              DayStr[LOCALTime.wDayOfWeek], LOCALTime.wDay,
-             MthStr[LOCALTime.wMonth-1], LOCALTime.wYear,
-             LOCALTime.wHour, LOCALTime.wMinute, LOCALTime.wSecond,
-             LOCALTime.wMilliseconds);
+             MthStr[LOCALTime.wMonth - 1], LOCALTime.wYear, LOCALTime.wHour,
+             LOCALTime.wMinute, LOCALTime.wSecond, LOCALTime.wMilliseconds);
 
     fprintf(stderr, "Fetch: %s\n\n", conf->timeserver);
     fprintf(stderr, "Before HTTP. Date: %s%s\n\n", timeBuf, tzoneBuf);
@@ -343,9 +349,8 @@ int main(int argc, char *argv[])
     GetLocalTime(&LOCALTime);
     snprintf(timeBuf, 60, "%s, %02d %s %04d %02d:%02d:%02d.%03d, ",
              DayStr[LOCALTime.wDayOfWeek], LOCALTime.wDay,
-             MthStr[LOCALTime.wMonth-1], LOCALTime.wYear,
-             LOCALTime.wHour, LOCALTime.wMinute, LOCALTime.wSecond,
-             LOCALTime.wMilliseconds);
+             MthStr[LOCALTime.wMonth - 1], LOCALTime.wYear, LOCALTime.wHour,
+             LOCALTime.wMinute, LOCALTime.wSecond, LOCALTime.wMilliseconds);
     fprintf(stderr, "\nAfter  HTTP. Date: %s%s\n", timeBuf, tzoneBuf);
 
     if(AutoSyncTime == 3) {
@@ -359,7 +364,7 @@ int main(int argc, char *argv[])
         GetLocalTime(&LOCALTime);
         snprintf(timeBuf, 60, "%s, %02d %s %04d %02d:%02d:%02d.%03d, ",
                  DayStr[LOCALTime.wDayOfWeek], LOCALTime.wDay,
-                 MthStr[LOCALTime.wMonth-1], LOCALTime.wYear,
+                 MthStr[LOCALTime.wMonth - 1], LOCALTime.wYear,
                  LOCALTime.wHour, LOCALTime.wMinute, LOCALTime.wSecond,
                  LOCALTime.wMilliseconds);
         fprintf(stderr, "\nNew System's Date: %s%s\n", timeBuf, tzoneBuf);
diff --git a/docs/examples/threaded-ssl.c b/docs/examples/threaded-ssl.c
index 8119113695..8d5d1234fc 100644
--- a/docs/examples/threaded-ssl.c
+++ b/docs/examples/threaded-ssl.c
@@ -46,7 +46,7 @@
 #define NUMT 4
 
 /* List of URLs to fetch.*/
-static const char * const urls[]= {
+static const char * const urls[] = {
   "https://www.example.com/",
   "https://www2.example.com/",
   "https://www3.example.com/",
diff --git a/docs/examples/usercertinmem.c b/docs/examples/usercertinmem.c
index 175dae1151..44a0a15bc7 100644
--- a/docs/examples/usercertinmem.c
+++ b/docs/examples/usercertinmem.c
@@ -114,7 +114,7 @@ static CURLcode sslctx_function(CURL *curl, void *sslctx, void *pointer)
   }
 
   /* tell SSL to use the X509 certificate */
-  ret = SSL_CTX_use_certificate((SSL_CTX*)sslctx, cert);
+  ret = SSL_CTX_use_certificate((SSL_CTX *)sslctx, cert);
   if(ret != 1) {
     printf("Use certificate failed\n");
   }
@@ -132,7 +132,7 @@ static CURLcode sslctx_function(CURL *curl, void *sslctx, void *pointer)
   }
 
   /* tell SSL to use the RSA key from memory */
-  ret = SSL_CTX_use_RSAPrivateKey((SSL_CTX*)sslctx, rsa);
+  ret = SSL_CTX_use_RSAPrivateKey((SSL_CTX *)sslctx, rsa);
   if(ret != 1) {
     printf("Use Key failed\n");
   }
diff --git a/docs/examples/xmlstream.c b/docs/examples/xmlstream.c
index 0aec24cc67..5b35d04861 100644
--- a/docs/examples/xmlstream.c
+++ b/docs/examples/xmlstream.c
@@ -55,7 +55,7 @@ struct ParserStruct {
 static void startElement(void *userData, const XML_Char *name,
                          const XML_Char **atts)
 {
-  struct ParserStruct *state = (struct ParserStruct *) userData;
+  struct ParserStruct *state = (struct ParserStruct *)userData;
   state->tags++;
   state->depth++;
 
@@ -70,7 +70,7 @@ static void startElement(void *userData, const XML_Char *name,
 
 static void characterDataHandler(void *userData, const XML_Char *s, int len)
 {
-  struct ParserStruct *state = (struct ParserStruct *) userData;
+  struct ParserStruct *state = (struct ParserStruct *)userData;
   struct MemoryStruct *mem = &state->characters;
 
   char *ptr = realloc(mem->memory, mem->size + (unsigned long)len + 1);
@@ -89,7 +89,7 @@ static void characterDataHandler(void *userData, const XML_Char *s, int len)
 
 static void endElement(void *userData, const XML_Char *name)
 {
-  struct ParserStruct *state = (struct ParserStruct *) userData;
+  struct ParserStruct *state = (struct ParserStruct *)userData;
   state->depth--;
 
   printf("%5lu   %10lu   %s\n", state->depth, state->characters.size, name);
@@ -98,9 +98,9 @@ static void endElement(void *userData, const XML_Char *name)
 static size_t write_cb(void *contents, size_t length, size_t nmemb,
                        void *userp)
 {
-  XML_Parser parser = (XML_Parser) userp;
+  XML_Parser parser = (XML_Parser)userp;
   size_t real_size = length * nmemb;
-  struct ParserStruct *state = (struct ParserStruct *) XML_GetUserData(parser);
+  struct ParserStruct *state = (struct ParserStruct *)XML_GetUserData(parser);
 
   /* Only parse if we are not already in a failure state. */
   if(state->ok && XML_Parse(parser, contents, (int)real_size, 0) == 0) {

From e25a3c6734458328412c55d236d3a2370593585c Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Fri, 28 Nov 2025 15:16:08 +0100
Subject: [PATCH 1047/2408] GHA/curl-for-win: drop WINE install, do not run
 curl after build

To reduce to amount of Debian packages to install, which hopefully
removes some flakiness due to sometimes very slow Azure package
distro servers. Possible also making these jobs finish 20s faster.

Windows from Debian | llvm               | gcc
:------------------ | :----------------: | :----------------:
build time          |  2m41s  ->  2m20s  |  3m19s  ->  2m57s
installed packages  |  288    ->  142    |  247    ->  99
downloads           |  403 MB ->  240 MB |  297 MB -> 134 MB
disk space          | 2132 MB -> 1289 MB | 1582 MB -> 739 MB

Before: https://github.com/curl/curl/actions/runs/19765983026
After: https://github.com/curl/curl/actions/runs/19766373960?pr=19749

Ref: https://github.com/curl/curl-for-win/commit/02149b7e364a1830d8fa2c947cfc713d925c186d

Closes #19749
---
 .github/workflows/curl-for-win.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/curl-for-win.yml b/.github/workflows/curl-for-win.yml
index f0214b2874..f352529f72 100644
--- a/.github/workflows/curl-for-win.yml
+++ b/.github/workflows/curl-for-win.yml
@@ -159,7 +159,7 @@ jobs:
         run: |
           git clone --depth 1 https://github.com/curl/curl-for-win
           mv curl-for-win/* .
-          export CW_CONFIG='-main-werror-unitybatch-win-x64'
+          export CW_CONFIG='-main-werror-unitybatch-win-x64-noWINE'
           export CW_REVISION="${GITHUB_SHA}"
           . ./_versions.sh
           sudo podman image trust set --type reject default
@@ -186,7 +186,7 @@ jobs:
         run: |
           git clone --depth 1 https://github.com/curl/curl-for-win
           mv curl-for-win/* .
-          export CW_CONFIG='-main-werror-unitybatch-win-x64-gcc-zlibold'
+          export CW_CONFIG='-main-werror-unitybatch-win-x64-gcc-zlibold-noWINE'
           export CW_REVISION="${GITHUB_SHA}"
           . ./_versions.sh
           sudo podman image trust set --type reject default

From 12a3182fc39cb948792e9cc189887cd85b587bb0 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Fri, 28 Nov 2025 12:49:16 +0100
Subject: [PATCH 1048/2408] ssh: tracing and better pollset handling

Remove connection member `waitfor` and keep it in the SSH connection
meta. Add `ssh` to supported tracing features, convert many DEBUGF
printgs to traces.

Closes #19745
---
 docs/libcurl/curl_global_trace.md |   4 +
 lib/curl_trc.c                    |  28 +++++++
 lib/curl_trc.h                    |  13 ++++
 lib/urldata.h                     |   1 -
 lib/vssh/libssh.c                 | 124 ++++++++++++++++--------------
 lib/vssh/libssh2.c                | 112 +++++++++++++++------------
 lib/vssh/ssh.h                    |   3 +-
 7 files changed, 178 insertions(+), 107 deletions(-)

diff --git a/docs/libcurl/curl_global_trace.md b/docs/libcurl/curl_global_trace.md
index 0459eab674..10ec21b4bd 100644
--- a/docs/libcurl/curl_global_trace.md
+++ b/docs/libcurl/curl_global_trace.md
@@ -130,6 +130,10 @@ states.
 Traces reading of upload data from the application in order to send it to the
 server.
 
+## `ssh`
+
+Tracing of SSH related protocols SCP and SFTP.
+
 ## `ssls`
 
 Tracing of SSL Session handling, e.g. caching/import/export.
diff --git a/lib/curl_trc.c b/lib/curl_trc.c
index cc06c77e9d..42711ed01c 100644
--- a/lib/curl_trc.c
+++ b/lib/curl_trc.c
@@ -453,6 +453,24 @@ void Curl_trc_ssls(struct Curl_easy *data, const char *fmt, ...)
 }
 #endif /* USE_SSL */
 
+#ifdef USE_SSH
+struct curl_trc_feat Curl_trc_feat_ssh = {
+  "SSH",
+  CURL_LOG_LVL_NONE,
+};
+
+void Curl_trc_ssh(struct Curl_easy *data, const char *fmt, ...)
+{
+  DEBUGASSERT(!strchr(fmt, '\n'));
+  if(Curl_trc_ft_is_verbose(data, &Curl_trc_feat_ssh)) {
+    va_list ap;
+    va_start(ap, fmt);
+    trc_infof(data, &Curl_trc_feat_ssh, NULL, 0, fmt, ap);
+    va_end(ap);
+  }
+}
+#endif /* USE_SSH */
+
 #if !defined(CURL_DISABLE_WEBSOCKETS) && !defined(CURL_DISABLE_HTTP)
 struct curl_trc_feat Curl_trc_feat_ws = {
   "WS",
@@ -500,6 +518,9 @@ static struct trc_feat_def trc_feats[] = {
 #ifdef USE_SSL
   { &Curl_trc_feat_ssls,      TRC_CT_NETWORK },
 #endif
+#ifdef USE_SSH
+  { &Curl_trc_feat_ssh,      TRC_CT_PROTOCOL },
+#endif
 #if !defined(CURL_DISABLE_WEBSOCKETS) && !defined(CURL_DISABLE_HTTP)
   { &Curl_trc_feat_ws,        TRC_CT_PROTOCOL },
 #endif
@@ -696,6 +717,13 @@ void Curl_trc_ws(struct Curl_easy *data, const char *fmt, ...)
   (void)data; (void)fmt;
 }
 #endif
+#ifdef USE_SSH
+void Curl_trc_ssh(struct Curl_easy *data, const char *fmt, ...)
+{
+  (void)data;
+  (void)fmt;
+}
+#endif
 #ifdef USE_SSL
 void Curl_trc_ssls(struct Curl_easy *data, const char *fmt, ...)
 {
diff --git a/lib/curl_trc.h b/lib/curl_trc.h
index 1a3f8f374e..0ce76ed7ef 100644
--- a/lib/curl_trc.h
+++ b/lib/curl_trc.h
@@ -117,6 +117,11 @@ extern struct curl_trc_feat Curl_trc_feat_ssls;
 void Curl_trc_ssls(struct Curl_easy *data,
                    const char *fmt, ...) CURL_PRINTF(2, 3);
 #endif
+#ifdef USE_SSH
+extern struct curl_trc_feat Curl_trc_feat_ssh;
+void Curl_trc_ssh(struct Curl_easy *data,
+                   const char *fmt, ...) CURL_PRINTF(2, 3);
+#endif
 #if !defined(CURL_DISABLE_WEBSOCKETS) && !defined(CURL_DISABLE_HTTP)
 extern struct curl_trc_feat Curl_trc_feat_ws;
 void Curl_trc_ws(struct Curl_easy *data,
@@ -168,6 +173,11 @@ void Curl_trc_ws(struct Curl_easy *data,
   do { if(Curl_trc_ft_is_verbose(data, &Curl_trc_feat_ssls)) \
          Curl_trc_ssls(data, __VA_ARGS__); } while(0)
 #endif /* USE_SSL */
+#ifdef USE_SSH
+#define CURL_TRC_SSH(data, ...) \
+  do { if(Curl_trc_ft_is_verbose(data, &Curl_trc_feat_ssh)) \
+         Curl_trc_ssh(data, __VA_ARGS__); } while(0)
+#endif /* USE_SSH */
 #if !defined(CURL_DISABLE_WEBSOCKETS) && !defined(CURL_DISABLE_HTTP)
 #define CURL_TRC_WS(data, ...)                             \
   do { if(Curl_trc_ft_is_verbose(data, &Curl_trc_feat_ws)) \
@@ -193,6 +203,9 @@ void Curl_trc_ws(struct Curl_easy *data,
 #ifdef USE_SSL
 #define CURL_TRC_SSLS  Curl_trc_ssls
 #endif
+#ifdef USE_SSH
+#define CURL_TRC_SSH  Curl_trc_ssh
+#endif
 #if !defined(CURL_DISABLE_WEBSOCKETS) && !defined(CURL_DISABLE_HTTP)
 #define CURL_TRC_WS    Curl_trc_ws
 #endif
diff --git a/lib/urldata.h b/lib/urldata.h
index debc2a3e0a..2d28718181 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -713,7 +713,6 @@ struct connectdata {
      wrong connections. */
   char *localdev;
   unsigned short localportrange;
-  int waitfor;      /* current READ/WRITE bits to wait for */
 #if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
   int socks5_gssapi_enctype;
 #endif
diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c
index a5997a6f6c..2b605e4a61 100644
--- a/lib/vssh/libssh.c
+++ b/lib/vssh/libssh.c
@@ -210,26 +210,9 @@ static CURLcode sftp_error_to_CURLE(int err)
   return CURLE_SSH;
 }
 
-#if defined(DEBUGBUILD) && !defined(CURL_DISABLE_VERBOSE_STRINGS)
-#define myssh_to(x,y,z) myssh_set_state(x,y,z, __LINE__)
-#else
-#define myssh_to(x,y,z) myssh_set_state(x,y,z)
-#endif
-
-/*
- * SSH State machine related code
- */
-/* This is the ONLY way to change SSH state! */
-static void myssh_set_state(struct Curl_easy *data,
-                            struct ssh_conn *sshc,
-                            sshstate nowstate
-#if defined(DEBUGBUILD) && !defined(CURL_DISABLE_VERBOSE_STRINGS)
-                          , int lineno
-#endif
-  )
+#if !defined(CURL_DISABLE_VERBOSE_STRINGS)
+static const char *myssh_statename(sshstate state)
 {
-#if defined(DEBUGBUILD) && !defined(CURL_DISABLE_VERBOSE_STRINGS)
-  /* for debug purposes */
   static const char *const names[] = {
     "SSH_STOP",
     "SSH_INIT",
@@ -292,14 +275,34 @@ static void myssh_set_state(struct Curl_easy *data,
     "SSH_SESSION_FREE",
     "QUIT"
   };
+  /* a precaution to make sure the lists are in sync */
+  DEBUGASSERT(CURL_ARRAYSIZE(names) == SSH_LAST);
+  return ((size_t)state < CURL_ARRAYSIZE(names)) ? names[state] : "";
+}
+#else
+#define myssh_statename(x)    ""
+#endif /* !CURL_DISABLE_VERBOSE_STRINGS */
 
+
+#define myssh_to(x,y,z) myssh_set_state(x,y,z)
+
+/*
+ * SSH State machine related code
+ */
+/* This is the ONLY way to change SSH state! */
+static void myssh_set_state(struct Curl_easy *data,
+                            struct ssh_conn *sshc,
+                            sshstate nowstate)
+{
+#if !defined(CURL_DISABLE_VERBOSE_STRINGS)
   if(sshc->state != nowstate) {
-    infof(data, "SSH %p state change from %s to %s (line %d)",
-          (void *) sshc, names[sshc->state], names[nowstate],
-          lineno);
+    CURL_TRC_SSH(data, "[%s] -> [%s]",
+                 myssh_statename(sshc->state),
+                 myssh_statename(nowstate));
   }
-#endif
+#else
   (void)data;
+#endif
   sshc->state = nowstate;
 }
 
@@ -887,7 +890,7 @@ static int myssh_in_S_STARTUP(struct Curl_easy *data,
 
   myssh_block2waitfor(conn, sshc, (rc == SSH_AGAIN));
   if(rc == SSH_AGAIN) {
-    DEBUGF(infof(data, "ssh_connect -> EAGAIN"));
+    CURL_TRC_SSH(data, "connect -> EAGAIN");
   }
   else if(rc != SSH_OK) {
     failf(data, "Failure establishing ssh session");
@@ -1259,10 +1262,6 @@ static int myssh_in_UPLOAD_INIT(struct Curl_easy *data,
   /* not set by Curl_xfer_setup to preserve keepon bits */
   data->conn->recv_idx = FIRSTSOCKET;
 
-  /* store this original bitmask setup to use later on if we cannot
-     figure out a "real" bitmask */
-  sshc->orig_waitfor = data->req.keepon;
-
   /* since we do not really wait for anything at this point, we want the
      state machine to move on as soon as possible so we mark this as dirty */
   Curl_multi_mark_dirty(data);
@@ -1401,7 +1400,7 @@ static int myssh_in_SFTP_CLOSE(struct Curl_easy *data,
   }
   Curl_safefree(sshp->path);
 
-  DEBUGF(infof(data, "SFTP DONE done"));
+  CURL_TRC_SSH(data, "SFTP DONE done");
 
   /* Check if nextstate is set and move .nextstate could be POSTQUOTE_INIT
      After nextstate is executed, the control should come back to
@@ -1485,7 +1484,7 @@ static int myssh_in_SFTP_REALPATH(struct Curl_easy *data,
      we get the homedir here, we get the "workingpath" in the DO action
      since the homedir will remain the same between request but the
      working path will not. */
-  DEBUGF(infof(data, "SSH CONNECT phase done"));
+  CURL_TRC_SSH(data, "CONNECT phase done");
   myssh_to(data, sshc, SSH_STOP);
   return SSH_NO_ERROR;
 }
@@ -2285,10 +2284,6 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data,
       /* not set by Curl_xfer_setup to preserve keepon bits */
       data->conn->recv_idx = FIRSTSOCKET;
 
-      /* store this original bitmask setup to use later on if we cannot
-         figure out a "real" bitmask */
-      sshc->orig_waitfor = data->req.keepon;
-
       myssh_to(data, sshc, SSH_STOP);
 
       break;
@@ -2357,7 +2352,7 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data,
         ssh_scp_free(sshc->scp_session);
         sshc->scp_session = NULL;
       }
-      DEBUGF(infof(data, "SCP DONE phase complete"));
+      CURL_TRC_SSH(data, "SCP DONE phase complete");
 
       ssh_set_blocking(sshc->ssh_session, 0);
 
@@ -2422,7 +2417,8 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data,
   }
   if(!result && (sshc->state == SSH_STOP))
     result = sshc->actualcode;
-  DEBUGF(infof(data, "SSH: myssh_statemach_act -> %d", result));
+  CURL_TRC_SSH(data, "[%s] statemachine() -> %d, block=%d",
+               myssh_statename(sshc->state), result, *block);
   return result;
 }
 
@@ -2432,33 +2428,45 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data,
 static CURLcode myssh_pollset(struct Curl_easy *data,
                               struct easy_pollset *ps)
 {
-  int flags = 0;
   struct connectdata *conn = data->conn;
-  if(conn->waitfor & KEEP_RECV)
-    flags |= CURL_POLL_IN;
-  if(conn->waitfor & KEEP_SEND)
-    flags |= CURL_POLL_OUT;
-  if(!conn->waitfor)
-    flags |= CURL_POLL_OUT;
-  return flags ?
-    Curl_pollset_change(data, ps, conn->sock[FIRSTSOCKET], flags, 0) :
-    CURLE_OK;
+  struct ssh_conn *sshc = Curl_conn_meta_get(conn, CURL_META_SSH_CONN);
+  curl_socket_t sock = conn->sock[FIRSTSOCKET];
+  int waitfor;
+
+  if(!sshc || (sock == CURL_SOCKET_BAD))
+    return CURLE_FAILED_INIT;
+
+  waitfor = sshc->waitfor ? sshc->waitfor : data->req.keepon;
+  if(waitfor) {
+    int flags = 0;
+    if(waitfor & KEEP_RECV)
+      flags |= CURL_POLL_IN;
+    if(waitfor & KEEP_SEND)
+      flags |= CURL_POLL_OUT;
+    DEBUGASSERT(flags);
+    CURL_TRC_SSH(data, "pollset, flags=%x", flags);
+    return Curl_pollset_change(data, ps, sock, flags, 0);
+  }
+  /* While we still have a session, we listen incoming data. */
+  if(sshc->ssh_session)
+    return Curl_pollset_change(data, ps, sock, CURL_POLL_IN, 0);
+  return CURLE_OK;
 }
 
 static void myssh_block2waitfor(struct connectdata *conn,
                                 struct ssh_conn *sshc,
                                 bool block)
 {
+  (void)conn;
   if(block) {
     int dir = ssh_get_poll_flags(sshc->ssh_session);
     /* translate the libssh define bits into our own bit defines */
-    conn->waitfor =
+    sshc->waitfor =
       ((dir & SSH_READ_PENDING) ? KEEP_RECV : 0) |
       ((dir & SSH_WRITE_PENDING) ? KEEP_SEND : 0);
   }
   else
-    /* if it did not block, use the original set */
-    conn->waitfor = sshc->orig_waitfor;
+    sshc->waitfor = 0;
 }
 
 /* called repeatedly until done from multi.c */
@@ -2584,6 +2592,7 @@ static CURLcode myssh_connect(struct Curl_easy *data, bool *done)
   if(!sshc || !ssh)
     return CURLE_FAILED_INIT;
 
+  CURL_TRC_SSH(data, "myssh_connect");
   if(conn->handler->protocol & CURLPROTO_SCP) {
     conn->recv[FIRSTSOCKET] = scp_recv;
     conn->send[FIRSTSOCKET] = scp_send;
@@ -2618,6 +2627,7 @@ static CURLcode myssh_connect(struct Curl_easy *data, bool *done)
     /* ignore */
   }
 
+  CURL_TRC_SSH(data, "myssh_connect, set socket=%" FMT_SOCKET_T, sock);
   rc = ssh_options_set(sshc->ssh_session, SSH_OPTIONS_FD, &sock);
   if(rc != SSH_OK) {
     failf(data, "Could not set socket");
@@ -2691,7 +2701,7 @@ static CURLcode scp_doing(struct Curl_easy *data, bool *dophase_done)
   result = myssh_multi_statemach(data, dophase_done);
 
   if(*dophase_done) {
-    DEBUGF(infof(data, "DO phase is complete"));
+    CURL_TRC_SSH(data, "DO phase is complete");
   }
   return result;
 }
@@ -2712,7 +2722,7 @@ CURLcode scp_perform(struct Curl_easy *data,
   CURLcode result = CURLE_OK;
   struct ssh_conn *sshc = Curl_conn_meta_get(data->conn, CURL_META_SSH_CONN);
 
-  DEBUGF(infof(data, "DO phase starts"));
+  CURL_TRC_SSH(data, "DO phase starts");
 
   *dophase_done = FALSE;        /* not done yet */
   if(!sshc)
@@ -2726,7 +2736,7 @@ CURLcode scp_perform(struct Curl_easy *data,
   *connected = Curl_conn_is_connected(data->conn, FIRSTSOCKET);
 
   if(*dophase_done) {
-    DEBUGF(infof(data, "DO phase is complete"));
+    CURL_TRC_SSH(data, "DO phase is complete");
   }
 
   return result;
@@ -2959,7 +2969,7 @@ CURLcode sftp_perform(struct Curl_easy *data,
   struct ssh_conn *sshc = Curl_conn_meta_get(data->conn, CURL_META_SSH_CONN);
   CURLcode result = CURLE_OK;
 
-  DEBUGF(infof(data, "DO phase starts"));
+  CURL_TRC_SSH(data, "DO phase starts");
 
   *dophase_done = FALSE; /* not done yet */
   if(!sshc)
@@ -2974,7 +2984,7 @@ CURLcode sftp_perform(struct Curl_easy *data,
   *connected = Curl_conn_is_connected(data->conn, FIRSTSOCKET);
 
   if(*dophase_done) {
-    DEBUGF(infof(data, "DO phase is complete"));
+    CURL_TRC_SSH(data, "DO phase is complete");
   }
 
   return result;
@@ -2986,7 +2996,7 @@ static CURLcode sftp_doing(struct Curl_easy *data,
 {
   CURLcode result = myssh_multi_statemach(data, dophase_done);
   if(*dophase_done) {
-    DEBUGF(infof(data, "DO phase is complete"));
+    CURL_TRC_SSH(data, "DO phase is complete");
   }
   return result;
 }
@@ -3003,7 +3013,7 @@ static CURLcode sftp_disconnect(struct Curl_easy *data,
   CURLcode result = CURLE_OK;
   (void)dead_connection;
 
-  DEBUGF(infof(data, "SSH DISCONNECT starts now"));
+  CURL_TRC_SSH(data, "DISCONNECT starts now");
 
   if(sshc && sshc->ssh_session) {
     /* only if there is a session still around to use! */
@@ -3011,7 +3021,7 @@ static CURLcode sftp_disconnect(struct Curl_easy *data,
     result = myssh_block_statemach(data, sshc, sshp, TRUE);
   }
 
-  DEBUGF(infof(data, "SSH DISCONNECT is done"));
+  CURL_TRC_SSH(data, "DISCONNECT is done");
   return result;
 }
 
diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c
index 4ac9d89f1a..31ef5092d3 100644
--- a/lib/vssh/libssh2.c
+++ b/lib/vssh/libssh2.c
@@ -280,17 +280,10 @@ static LIBSSH2_FREE_FUNC(my_libssh2_free)
     Curl_cfree(ptr);
 }
 
-/*
- * SSH State machine related code
- */
-/* This is the ONLY way to change SSH state! */
-static void myssh_state(struct Curl_easy *data,
-                        struct ssh_conn *sshc,
-                        sshstate nowstate)
+#if !defined(CURL_DISABLE_VERBOSE_STRINGS)
+static const char *myssh_statename(sshstate state)
 {
-#if defined(DEBUGBUILD) && !defined(CURL_DISABLE_VERBOSE_STRINGS)
-  /* for debug purposes */
-  static const char * const names[] = {
+  static const char *const names[] = {
     "SSH_STOP",
     "SSH_INIT",
     "SSH_S_STARTUP",
@@ -352,16 +345,34 @@ static void myssh_state(struct Curl_easy *data,
     "SSH_SESSION_FREE",
     "QUIT"
   };
-
   /* a precaution to make sure the lists are in sync */
   DEBUGASSERT(CURL_ARRAYSIZE(names) == SSH_LAST);
+  return ((size_t)state < CURL_ARRAYSIZE(names)) ? names[state] : "";
+}
+#else
+#define myssh_statename(x)    ""
+#endif /* !CURL_DISABLE_VERBOSE_STRINGS */
 
+
+#define myssh_state(x,y,z) myssh_set_state(x,y,z)
+
+/*
+ * SSH State machine related code
+ */
+/* This is the ONLY way to change SSH state! */
+static void myssh_set_state(struct Curl_easy *data,
+                            struct ssh_conn *sshc,
+                            sshstate nowstate)
+{
+#if !defined(CURL_DISABLE_VERBOSE_STRINGS)
   if(sshc->state != nowstate) {
-    infof(data, "SFTP %p state change from %s to %s",
-          (void *)sshc, names[sshc->state], names[nowstate]);
+    CURL_TRC_SSH(data, "[%s] -> [%s]",
+                 myssh_statename(sshc->state),
+                 myssh_statename(nowstate));
   }
-#endif
+#else
   (void)data;
+#endif
   sshc->state = nowstate;
 }
 
@@ -1172,10 +1183,6 @@ sftp_upload_init(struct Curl_easy *data,
   /* not set by Curl_xfer_setup to preserve keepon bits */
   data->conn->recv_idx = FIRSTSOCKET;
 
-  /* store this original bitmask setup to use later on if we cannot
-     figure out a "real" bitmask */
-  sshc->orig_waitfor = data->req.keepon;
-
   /* since we do not really wait for anything at this point, we want the
      state machine to move on as soon as possible so mark this as dirty */
   Curl_multi_mark_dirty(data);
@@ -1951,8 +1958,7 @@ static CURLcode ssh_state_sftp_realpath(struct Curl_easy *data,
       /* in this case, the error was not in the SFTP level but for example a
          time-out or similar */
       result = CURLE_SSH;
-    DEBUGF(infof(data, "error = %lu makes libcurl = %d",
-                 sftperr, (int)result));
+    CURL_TRC_SSH(data, "error = %lu makes libcurl = %d", sftperr, (int)result);
     return result;
   }
 
@@ -1960,7 +1966,7 @@ static CURLcode ssh_state_sftp_realpath(struct Curl_easy *data,
      get the homedir here, we get the "workingpath" in the DO action since the
      homedir will remain the same between request but the working path will
      not. */
-  DEBUGF(infof(data, "SSH CONNECT phase done"));
+  CURL_TRC_SSH(data, "CONNECT phase done");
   return CURLE_OK;
 }
 
@@ -2418,7 +2424,7 @@ static CURLcode ssh_state_sftp_close(struct Curl_easy *data,
 
   Curl_safefree(sshp->path);
 
-  DEBUGF(infof(data, "SFTP DONE done"));
+  CURL_TRC_SSH(data, "SFTP DONE done");
 
   /* Check if nextstate is set and move .nextstate could be POSTQUOTE_INIT
      After nextstate is executed, the control should come back to
@@ -2542,10 +2548,6 @@ static CURLcode ssh_state_scp_upload_init(struct Curl_easy *data,
   /* not set by Curl_xfer_setup to preserve keepon bits */
   data->conn->recv_idx = FIRSTSOCKET;
 
-  /* store this original bitmask setup to use later on if we cannot
-     figure out a "real" bitmask */
-  sshc->orig_waitfor = data->req.keepon;
-
   myssh_state(data, sshc, SSH_STOP);
 
   return CURLE_OK;
@@ -3008,7 +3010,7 @@ static CURLcode ssh_statemachine(struct Curl_easy *data,
         }
         sshc->ssh_channel = NULL;
       }
-      DEBUGF(infof(data, "SCP DONE phase complete"));
+      CURL_TRC_SSH(data, "SCP DONE phase complete");
       myssh_state(data, sshc, SSH_STOP);
       break;
 
@@ -3042,6 +3044,8 @@ static CURLcode ssh_statemachine(struct Curl_easy *data,
     *block = TRUE;
     result = CURLE_OK;
   }
+  CURL_TRC_SSH(data, "[%s] statemachine() -> %d, block=%d",
+               myssh_statename(sshc->state), result, *block);
 
   return result;
 }
@@ -3051,15 +3055,29 @@ static CURLcode ssh_statemachine(struct Curl_easy *data,
 static CURLcode ssh_pollset(struct Curl_easy *data,
                             struct easy_pollset *ps)
 {
-  int flags = 0;
   struct connectdata *conn = data->conn;
-  if(conn->waitfor & KEEP_RECV)
-    flags |= CURL_POLL_IN;
-  if(conn->waitfor & KEEP_SEND)
-    flags |= CURL_POLL_OUT;
-  return flags ?
-    Curl_pollset_change(data, ps, conn->sock[FIRSTSOCKET], flags, 0) :
-    CURLE_OK;
+  struct ssh_conn *sshc = Curl_conn_meta_get(conn, CURL_META_SSH_CONN);
+  curl_socket_t sock = conn->sock[FIRSTSOCKET];
+  int waitfor;
+
+  if(!sshc || (sock == CURL_SOCKET_BAD))
+    return CURLE_FAILED_INIT;
+
+  waitfor = sshc->waitfor ? sshc->waitfor : data->req.keepon;
+  if(waitfor) {
+    int flags = 0;
+    if(waitfor & KEEP_RECV)
+      flags |= CURL_POLL_IN;
+    if(waitfor & KEEP_SEND)
+      flags |= CURL_POLL_OUT;
+    DEBUGASSERT(flags);
+    CURL_TRC_SSH(data, "pollset, flags=%x", flags);
+    return Curl_pollset_change(data, ps, sock, flags, 0);
+  }
+  /* While we still have a session, we listen incoming data. */
+  if(sshc->ssh_session)
+    return Curl_pollset_change(data, ps, sock, CURL_POLL_IN, 0);
+  return CURLE_OK;
 }
 
 /*
@@ -3073,20 +3091,18 @@ static void ssh_block2waitfor(struct Curl_easy *data,
                               struct ssh_conn *sshc,
                               bool block)
 {
-  struct connectdata *conn = data->conn;
   int dir = 0;
+  (void)data;
   if(block) {
     dir = libssh2_session_block_directions(sshc->ssh_session);
     if(dir) {
       /* translate the libssh2 define bits into our own bit defines */
-      conn->waitfor = ((dir&LIBSSH2_SESSION_BLOCK_INBOUND) ? KEEP_RECV : 0) |
+      sshc->waitfor = ((dir&LIBSSH2_SESSION_BLOCK_INBOUND) ? KEEP_RECV : 0) |
         ((dir&LIBSSH2_SESSION_BLOCK_OUTBOUND) ? KEEP_SEND : 0);
     }
   }
   if(!dir)
-    /* It did not block or libssh2 did not reveal in which direction, put back
-       the original set */
-    conn->waitfor = sshc->orig_waitfor;
+    sshc->waitfor = 0;
 }
 
 /* called repeatedly until done from multi.c */
@@ -3468,7 +3484,7 @@ CURLcode scp_perform(struct Curl_easy *data,
   struct ssh_conn *sshc = Curl_conn_meta_get(data->conn, CURL_META_SSH_CONN);
   CURLcode result = CURLE_OK;
 
-  DEBUGF(infof(data, "DO phase starts"));
+  CURL_TRC_SSH(data, "DO phase starts");
 
   *dophase_done = FALSE; /* not done yet */
   if(!sshc)
@@ -3483,7 +3499,7 @@ CURLcode scp_perform(struct Curl_easy *data,
   *connected = Curl_conn_is_connected(data->conn, FIRSTSOCKET);
 
   if(*dophase_done) {
-    DEBUGF(infof(data, "DO phase is complete"));
+    CURL_TRC_SSH(data, "DO phase is complete");
   }
 
   return result;
@@ -3497,7 +3513,7 @@ static CURLcode scp_doing(struct Curl_easy *data,
   result = ssh_multi_statemach(data, dophase_done);
 
   if(*dophase_done) {
-    DEBUGF(infof(data, "DO phase is complete"));
+    CURL_TRC_SSH(data, "DO phase is complete");
   }
   return result;
 }
@@ -3778,7 +3794,7 @@ CURLcode sftp_perform(struct Curl_easy *data,
   struct ssh_conn *sshc = Curl_conn_meta_get(data->conn, CURL_META_SSH_CONN);
   CURLcode result = CURLE_OK;
 
-  DEBUGF(infof(data, "DO phase starts"));
+  CURL_TRC_SSH(data, "DO phase starts");
 
   *dophase_done = FALSE; /* not done yet */
   if(!sshc)
@@ -3793,7 +3809,7 @@ CURLcode sftp_perform(struct Curl_easy *data,
   *connected = Curl_conn_is_connected(data->conn, FIRSTSOCKET);
 
   if(*dophase_done) {
-    DEBUGF(infof(data, "DO phase is complete"));
+    CURL_TRC_SSH(data, "DO phase is complete");
   }
 
   return result;
@@ -3806,7 +3822,7 @@ static CURLcode sftp_doing(struct Curl_easy *data,
   CURLcode result = ssh_multi_statemach(data, dophase_done);
 
   if(*dophase_done) {
-    DEBUGF(infof(data, "DO phase is complete"));
+    CURL_TRC_SSH(data, "DO phase is complete");
   }
   return result;
 }
@@ -3825,10 +3841,10 @@ static CURLcode sftp_disconnect(struct Curl_easy *data,
   if(sshc) {
     if(sshc->ssh_session) {
       /* only if there is a session still around to use! */
-      DEBUGF(infof(data, "SSH DISCONNECT starts now"));
+      CURL_TRC_SSH(data, "DISCONNECT starts now");
       myssh_state(data, sshc, SSH_SFTP_SHUTDOWN);
       result = ssh_block_statemach(data, sshc, sshp, TRUE);
-      DEBUGF(infof(data, "SSH DISCONNECT is done -> %d", result));
+      CURL_TRC_SSH(data, "DISCONNECT is done -> %d", result);
     }
     sshc_cleanup(sshc, data, TRUE);
   }
diff --git a/lib/vssh/ssh.h b/lib/vssh/ssh.h
index 5317351478..92ae72a6a7 100644
--- a/lib/vssh/ssh.h
+++ b/lib/vssh/ssh.h
@@ -156,7 +156,8 @@ struct ssh_conn {
   int secondCreateDirs;         /* counter use by the code to see if the
                                    second attempt has been made to change
                                    to/create a directory */
-  int orig_waitfor;             /* default READ/WRITE bits wait for */
+  int waitfor;                  /* KEEP_RECV/KEEP_SEND bits overriding
+                                   pollset given flags */
   char *slash_pos;              /* used by the SFTP_CREATE_DIRS state */
 
 #ifdef USE_LIBSSH

From b06cd929bd9bdda2fe4dfced73a60bd503be6155 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Fri, 28 Nov 2025 14:05:34 +0100
Subject: [PATCH 1049/2408] libssh: fix state machine loop to progress as it
 should

---
 lib/vssh/libssh.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c
index 2b605e4a61..d0f3d3de5c 100644
--- a/lib/vssh/libssh.c
+++ b/lib/vssh/libssh.c
@@ -2408,7 +2408,9 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data,
       break;
 
     }
-  } while(!rc && (sshc->state != SSH_STOP));
+    /* break the loop only on STOP or SSH_AGAIN. If `rc` is some
+     * other error code, we will have progressed the state accordingly. */
+  } while((rc != SSH_AGAIN) && (sshc->state != SSH_STOP));
 
   if(rc == SSH_AGAIN) {
     /* we would block, we need to wait for the socket to be ready (in the

From 8c68887d2d145b00a912824cc6962d0d64cb8419 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Fri, 28 Nov 2025 10:25:59 +0100
Subject: [PATCH 1050/2408] http1: parse header from uint8_t buffer

To save casting the passed buffer when parsing HTTP/1 request
headers from an uint8_t buffer.

Closes #19742
---
 lib/http1.c             | 10 +++++-----
 lib/http1.h             |  2 +-
 lib/http2.c             |  2 +-
 lib/vquic/curl_ngtcp2.c |  2 +-
 lib/vquic/curl_osslq.c  |  2 +-
 lib/vquic/curl_quiche.c |  2 +-
 tests/unit/unit2603.c   |  6 +++---
 7 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/lib/http1.c b/lib/http1.c
index 0a80fedfc7..657a674105 100644
--- a/lib/http1.c
+++ b/lib/http1.c
@@ -77,7 +77,7 @@ static CURLcode trim_line(struct h1_req_parser *parser, int options)
 }
 
 static CURLcode detect_line(struct h1_req_parser *parser,
-                            const char *buf, const size_t buflen,
+                            const uint8_t *buf, const size_t buflen,
                             size_t *pnread)
 {
   const char *line_end;
@@ -87,14 +87,14 @@ static CURLcode detect_line(struct h1_req_parser *parser,
   line_end = memchr(buf, '\n', buflen);
   if(!line_end)
     return CURLE_AGAIN;
-  parser->line = buf;
-  parser->line_len = line_end - buf + 1;
+  parser->line = (const char *)buf;
+  parser->line_len = line_end - parser->line + 1;
   *pnread = parser->line_len;
   return CURLE_OK;
 }
 
 static CURLcode next_line(struct h1_req_parser *parser,
-                          const char *buf, const size_t buflen, int options,
+                          const uint8_t *buf, const size_t buflen, int options,
                           size_t *pnread)
 {
   CURLcode result;
@@ -262,7 +262,7 @@ out:
 }
 
 CURLcode Curl_h1_req_parse_read(struct h1_req_parser *parser,
-                                const char *buf, size_t buflen,
+                                const uint8_t *buf, size_t buflen,
                                 const char *scheme_default,
                                 const char *custom_method,
                                 int options, size_t *pnread)
diff --git a/lib/http1.h b/lib/http1.h
index 944e9038dd..88bd99798e 100644
--- a/lib/http1.h
+++ b/lib/http1.h
@@ -49,7 +49,7 @@ void Curl_h1_req_parse_init(struct h1_req_parser *parser, size_t max_line_len);
 void Curl_h1_req_parse_free(struct h1_req_parser *parser);
 
 CURLcode Curl_h1_req_parse_read(struct h1_req_parser *parser,
-                                const char *buf, size_t buflen,
+                                const uint8_t *buf, size_t buflen,
                                 const char *scheme_default,
                                 const char *custom_method,
                                 int options, size_t *pnread);
diff --git a/lib/http2.c b/lib/http2.c
index baaefd439d..e75d7431e7 100644
--- a/lib/http2.c
+++ b/lib/http2.c
@@ -2277,7 +2277,7 @@ static CURLcode h2_submit(struct h2_stream_ctx **pstream,
   if(result)
     goto out;
 
-  result = Curl_h1_req_parse_read(&stream->h1, (const char *)buf, len, NULL,
+  result = Curl_h1_req_parse_read(&stream->h1, buf, len, NULL,
                                   !data->state.http_ignorecustom ?
                                   data->set.str[STRING_CUSTOMREQUEST] : NULL,
                                   0, &nwritten);
diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c
index 4767780a92..62255285b6 100644
--- a/lib/vquic/curl_ngtcp2.c
+++ b/lib/vquic/curl_ngtcp2.c
@@ -1548,7 +1548,7 @@ static CURLcode h3_stream_open(struct Curl_cfilter *cf,
     goto out;
   }
 
-  result = Curl_h1_req_parse_read(&stream->h1, (const char *)buf, len, NULL,
+  result = Curl_h1_req_parse_read(&stream->h1, buf, len, NULL,
                                   !data->state.http_ignorecustom ?
                                   data->set.str[STRING_CUSTOMREQUEST] : NULL,
                                   0, pnwritten);
diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c
index 1c3f0c55b6..7bca97b408 100644
--- a/lib/vquic/curl_osslq.c
+++ b/lib/vquic/curl_osslq.c
@@ -1900,7 +1900,7 @@ static CURLcode h3_stream_open(struct Curl_cfilter *cf,
     goto out;
   }
 
-  result = Curl_h1_req_parse_read(&stream->h1, (const char *)buf, len, NULL,
+  result = Curl_h1_req_parse_read(&stream->h1, buf, len, NULL,
                                   !data->state.http_ignorecustom ?
                                   data->set.str[STRING_CUSTOMREQUEST] : NULL,
                                   0, pnwritten);
diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c
index c182e1490d..5aca750c2c 100644
--- a/lib/vquic/curl_quiche.c
+++ b/lib/vquic/curl_quiche.c
@@ -976,7 +976,7 @@ static CURLcode h3_open_stream(struct Curl_cfilter *cf,
 
   DEBUGASSERT(stream);
 
-  result = Curl_h1_req_parse_read(&stream->h1, (const char *)buf, blen, NULL,
+  result = Curl_h1_req_parse_read(&stream->h1, buf, blen, NULL,
                                     !data->state.http_ignorecustom ?
                                     data->set.str[STRING_CUSTOMREQUEST] : NULL,
                                     0, pnwritten);
diff --git a/tests/unit/unit2603.c b/tests/unit/unit2603.c
index 61295de37e..1de774d26f 100644
--- a/tests/unit/unit2603.c
+++ b/tests/unit/unit2603.c
@@ -63,7 +63,7 @@ struct tcase {
 static void parse_success(const struct tcase *t)
 {
   struct h1_req_parser p;
-  const char *buf;
+  const uint8_t *buf;
   size_t buflen, i, in_len, in_consumed;
   CURLcode err;
   size_t nread;
@@ -71,8 +71,8 @@ static void parse_success(const struct tcase *t)
   Curl_h1_req_parse_init(&p, 1024);
   in_len = in_consumed = 0;
   for(i = 0; t->input[i]; ++i) {
-    buf = t->input[i];
-    buflen = strlen(buf);
+    buf = (const uint8_t *)t->input[i];
+    buflen = strlen(t->input[i]);
     in_len += buflen;
     err = Curl_h1_req_parse_read(&p, buf, buflen, t->default_scheme,
                                  t->custom_method, 0, &nread);

From 38961528434e6efdd4c1fba19e67ae0f0585007c Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Fri, 28 Nov 2025 10:44:05 +0100
Subject: [PATCH 1051/2408] connection: give send methods/prototypes an uint8_t
 buffer

To conclude changing the send buffer type from `const void *` to `const
uint8_t *`, change the top level send function and its implementations.

Closes #19743
---
 lib/cfilters.c     | 2 +-
 lib/cfilters.h     | 2 +-
 lib/curl_rtmp.c    | 2 +-
 lib/urldata.h      | 2 +-
 lib/vssh/libssh.c  | 4 ++--
 lib/vssh/libssh2.c | 9 +++++----
 6 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/lib/cfilters.c b/lib/cfilters.c
index 7d1f0c3d9e..dd4cb5210a 100644
--- a/lib/cfilters.c
+++ b/lib/cfilters.c
@@ -242,7 +242,7 @@ CURLcode Curl_cf_recv(struct Curl_easy *data, int num, char *buf,
 }
 
 CURLcode Curl_cf_send(struct Curl_easy *data, int num,
-                      const void *mem, size_t len, bool eos,
+                      const uint8_t *mem, size_t len, bool eos,
                       size_t *pnwritten)
 {
   struct Curl_cfilter *cf;
diff --git a/lib/cfilters.h b/lib/cfilters.h
index 5d39725088..a3bd97a9f1 100644
--- a/lib/cfilters.h
+++ b/lib/cfilters.h
@@ -508,7 +508,7 @@ CURLcode Curl_cf_recv(struct Curl_easy *data, int sockindex, char *buf,
  * in `*pnwritten` or on error.
  */
 CURLcode Curl_cf_send(struct Curl_easy *data, int sockindex,
-                      const void *buf, size_t len, bool eos,
+                      const uint8_t *buf, size_t len, bool eos,
                       size_t *pnwritten);
 
 /**
diff --git a/lib/curl_rtmp.c b/lib/curl_rtmp.c
index 351c9f494c..b2dd937008 100644
--- a/lib/curl_rtmp.c
+++ b/lib/curl_rtmp.c
@@ -352,7 +352,7 @@ static CURLcode rtmp_recv(struct Curl_easy *data, int sockindex, char *buf,
 }
 
 static CURLcode rtmp_send(struct Curl_easy *data, int sockindex,
-                          const void *buf, size_t len, bool eos,
+                          const uint8_t *buf, size_t len, bool eos,
                           size_t *pnwritten)
 {
   struct connectdata *conn = data->conn;
diff --git a/lib/urldata.h b/lib/urldata.h
index 2d28718181..561db56ecd 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -162,7 +162,7 @@ typedef unsigned int curl_prot_t;
 /* On error return, the value of `pnwritten` has no meaning */
 typedef CURLcode (Curl_send)(struct Curl_easy *data,   /* transfer */
                              int sockindex,            /* socketindex */
-                             const void *buf,          /* data to write */
+                             const uint8_t *buf,       /* data to write */
                              size_t len,               /* amount to send */
                              bool eos,                 /* last chunk */
                              size_t *pnwritten);       /* how much sent */
diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c
index d0f3d3de5c..db80bcbf8c 100644
--- a/lib/vssh/libssh.c
+++ b/lib/vssh/libssh.c
@@ -2887,7 +2887,7 @@ static CURLcode scp_done(struct Curl_easy *data, CURLcode status,
 }
 
 static CURLcode scp_send(struct Curl_easy *data, int sockindex,
-                         const void *mem, size_t len, bool eos,
+                         const uint8_t *mem, size_t len, bool eos,
                          size_t *pnwritten)
 {
   int rc;
@@ -3048,7 +3048,7 @@ static CURLcode sftp_done(struct Curl_easy *data, CURLcode status,
 
 /* return number of sent bytes */
 static CURLcode sftp_send(struct Curl_easy *data, int sockindex,
-                          const void *mem, size_t len, bool eos,
+                          const uint8_t *mem, size_t len, bool eos,
                           size_t *pnwritten)
 {
   struct connectdata *conn = data->conn;
diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c
index 31ef5092d3..ce593d5487 100644
--- a/lib/vssh/libssh2.c
+++ b/lib/vssh/libssh2.c
@@ -3715,7 +3715,7 @@ static CURLcode scp_done(struct Curl_easy *data, CURLcode status,
 }
 
 static CURLcode scp_send(struct Curl_easy *data, int sockindex,
-                         const void *mem, size_t len, bool eos,
+                         const uint8_t *mem, size_t len, bool eos,
                          size_t *pnwritten)
 {
   struct connectdata *conn = data->conn;
@@ -3731,7 +3731,8 @@ static CURLcode scp_send(struct Curl_easy *data, int sockindex,
     return CURLE_FAILED_INIT;
 
   /* libssh2_channel_write() returns int! */
-  nwritten = (ssize_t) libssh2_channel_write(sshc->ssh_channel, mem, len);
+  nwritten = (ssize_t) libssh2_channel_write(sshc->ssh_channel,
+                                             (const char *)mem, len);
 
   ssh_block2waitfor(data, sshc, (nwritten == LIBSSH2_ERROR_EAGAIN));
 
@@ -3874,7 +3875,7 @@ static CURLcode sftp_done(struct Curl_easy *data, CURLcode status,
 
 /* return number of sent bytes */
 static CURLcode sftp_send(struct Curl_easy *data, int sockindex,
-                          const void *mem, size_t len, bool eos,
+                          const uint8_t *mem, size_t len, bool eos,
                           size_t *pnwritten)
 {
   struct connectdata *conn = data->conn;
@@ -3888,7 +3889,7 @@ static CURLcode sftp_send(struct Curl_easy *data, int sockindex,
   if(!sshc)
     return CURLE_FAILED_INIT;
 
-  nwrite = libssh2_sftp_write(sshc->sftp_handle, mem, len);
+  nwrite = libssh2_sftp_write(sshc->sftp_handle, (const char *)mem, len);
 
   ssh_block2waitfor(data, sshc, (nwrite == LIBSSH2_ERROR_EAGAIN));
 

From 02aa75a8c240af1a8912145497806e8925859a87 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Fri, 28 Nov 2025 17:41:59 +0100
Subject: [PATCH 1052/2408] runtests: allow a test to switch off memdebug

Test 3207 now uses this as its multi-threading is not fully memdebug
compliant.

Closes #19752
---
 docs/tests/FILEFORMAT.md |  5 ++++-
 lib/memdebug.c           |  2 --
 tests/data/test3207      |  2 +-
 tests/runner.pm          | 11 +++++++++++
 tests/runtests.pl        |  6 ++++--
 5 files changed, 20 insertions(+), 6 deletions(-)

diff --git a/docs/tests/FILEFORMAT.md b/docs/tests/FILEFORMAT.md
index 7851e08e25..1f3aa78991 100644
--- a/docs/tests/FILEFORMAT.md
+++ b/docs/tests/FILEFORMAT.md
@@ -586,7 +586,7 @@ command has been run.
 If the variable name has no assignment, no `=`, then that variable is just
 deleted.
 
-### ``
+### ``
 Command line to run.
 
 If the command spans multiple lines, they are concatenated with a space added
@@ -608,6 +608,9 @@ otherwise written to verify stdout.
 Set `option="no-include"` to prevent the test script to slap on the
 `--include` argument.
 
+Set `option="no-memdebug"` to make the test run without the memdebug tracking
+system. For tests that are incompatible - multi-threaded for example.
+
 Set `option="no-q"` avoid using `-q` as the first argument in the curl command
 line.
 
diff --git a/lib/memdebug.c b/lib/memdebug.c
index f5b88731ee..9fd54d026b 100644
--- a/lib/memdebug.c
+++ b/lib/memdebug.c
@@ -111,8 +111,6 @@ void curl_dbg_memdebug(const char *logname)
   if(!curl_dbg_logfile) {
     if(logname && *logname)
       curl_dbg_logfile = CURLX_FOPEN_LOW(logname, FOPEN_WRITETEXT);
-    else
-      curl_dbg_logfile = stderr;
 #ifdef MEMDEBUG_LOG_SYNC
     /* Flush the log file after every line so the log is not lost in a crash */
     if(curl_dbg_logfile)
diff --git a/tests/data/test3207 b/tests/data/test3207
index 4806ef5474..9aa3ee5a36 100644
--- a/tests/data/test3207
+++ b/tests/data/test3207
@@ -37,7 +37,7 @@ concurrent HTTPS GET using shared ssl session cache
 lib%TESTNUMBER
 
 # provide URL and ca-cert
-
+
 https://localhost:%HTTPSPORT/%TESTNUMBER %CERTDIR/certs/test-ca.crt
 
 
diff --git a/tests/runner.pm b/tests/runner.pm
index a73f9d5999..b69bbf2420 100644
--- a/tests/runner.pm
+++ b/tests/runner.pm
@@ -840,6 +840,7 @@ sub singletest_run {
         $tool = $tool_name . exe_ext('TOOL');
     }
 
+    my $oldmemdebug;
     my $disablevalgrind;
     my $CMDLINE="";
     my $cmdargs;
@@ -1025,6 +1026,11 @@ sub singletest_run {
     # timestamp starting of test command
     $$testtimings{"timetoolini"} = Time::HiRes::time();
 
+    if($cmdhash{'option'} && ($cmdhash{'option'} =~ /no-memdebug/)) {
+        $oldmemdebug = $ENV{'CURL_MEMDEBUG'};
+        delete $ENV{'CURL_MEMDEBUG'};
+    }
+
     # run the command line we built
     if($torture) {
         $cmdres = torture($CMDLINE,
@@ -1048,6 +1054,11 @@ sub singletest_run {
         ($cmdres, $dumped_core) = normalize_cmdres(runclient("$CMDLINE"));
     }
 
+    # restore contents
+    if($oldmemdebug) {
+        $ENV{'CURL_MEMDEBUG'} = $oldmemdebug;
+    }
+
     # timestamp finishing of test command
     $$testtimings{"timetoolend"} = Time::HiRes::time();
 
diff --git a/tests/runtests.pl b/tests/runtests.pl
index 3d557d1435..648666fd30 100755
--- a/tests/runtests.pl
+++ b/tests/runtests.pl
@@ -1763,8 +1763,10 @@ sub singletest_check {
         if(! -f "$logdir/$MEMDUMP") {
             my %cmdhash = getpartattr("client", "command");
             my $cmdtype = $cmdhash{'type'} || "default";
-            logmsg "\n** ALERT! memory tracking with no output file?\n"
-                if($cmdtype ne "perl");
+            if($cmdhash{'option'} !~ /no-memdebug/) {
+                logmsg "\n** ALERT! memory tracking with no output file?\n"
+                    if($cmdtype ne "perl");
+            }
             $ok .= "-"; # problem with memory checking
         }
         else {

From 4be6707910192681c5cb52e7d9eb6c0947b28600 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Fri, 28 Nov 2025 17:39:04 +0100
Subject: [PATCH 1053/2408] curlx/multibyte: stop setting macros for
 non-Windows

These macros are not used for non-Windows. Drop them with the unused
mappings to standard allocators.

Closes #19751
---
 lib/curlx/multibyte.h | 26 +++++++++++---------------
 1 file changed, 11 insertions(+), 15 deletions(-)

diff --git a/lib/curlx/multibyte.h b/lib/curlx/multibyte.h
index c992214a95..fac07c2eeb 100644
--- a/lib/curlx/multibyte.h
+++ b/lib/curlx/multibyte.h
@@ -26,10 +26,6 @@
 #include "../curl_setup.h"
 
 #ifdef _WIN32
-/* MultiByte conversions using Windows kernel32 library. */
-wchar_t *curlx_convert_UTF8_to_wchar(const char *str_utf8);
-char *curlx_convert_wchar_to_UTF8(const wchar_t *str_w);
-#endif
 
 /*
  * Macros curlx_convert_UTF8_to_tchar(), curlx_convert_tchar_to_UTF8()
@@ -48,7 +44,14 @@ char *curlx_convert_wchar_to_UTF8(const wchar_t *str_w);
  * memory tracker memdebug functions.
  */
 
-#if defined(UNICODE) && defined(_WIN32)
+/* MultiByte conversions using Windows kernel32 library. */
+wchar_t *curlx_convert_UTF8_to_wchar(const char *str_utf8);
+char *curlx_convert_wchar_to_UTF8(const wchar_t *str_w);
+
+/* the purpose of this macro is to free() without being traced by memdebug */
+#define curlx_unicodefree(ptr) free(ptr)
+
+#ifdef UNICODE
 
 #define curlx_convert_UTF8_to_tchar(ptr) curlx_convert_UTF8_to_wchar((ptr))
 #define curlx_convert_tchar_to_UTF8(ptr) curlx_convert_wchar_to_UTF8((ptr))
@@ -60,15 +63,10 @@ typedef union {
   const unsigned short *const_tbyte_ptr;
 } xcharp_u;
 
-#else
+#else /* !UNICODE */
 
-#ifdef _WIN32
 #define curlx_convert_UTF8_to_tchar(ptr) _strdup(ptr)
 #define curlx_convert_tchar_to_UTF8(ptr) _strdup(ptr)
-#else
-#define curlx_convert_UTF8_to_tchar(ptr) strdup(ptr)
-#define curlx_convert_tchar_to_UTF8(ptr) strdup(ptr)
-#endif
 
 typedef union {
   char                *tchar_ptr;
@@ -77,9 +75,7 @@ typedef union {
   const unsigned char *const_tbyte_ptr;
 } xcharp_u;
 
-#endif /* UNICODE && _WIN32 */
-
-/* the purpose of this macro is to free() without being traced by memdebug */
-#define curlx_unicodefree(ptr) free(ptr)
+#endif /* UNICODE */
+#endif /* _WIN32 */
 
 #endif /* HEADER_CURL_MULTIBYTE_H */

From d73efc62c15f2d2a3da4b27b90825975298e5c88 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Fri, 28 Nov 2025 21:17:58 +0100
Subject: [PATCH 1054/2408] tests: fix formatting nits

Also:
- lib1948: fix checksrc error TYPEDEFSTRUCT.
  (detected after formatting)

Closes #19754
---
 .../http/testenv/mod_curltest/mod_curltest.c  |  29 +-
 tests/libtest/cli_h2_pausing.c                |   7 +-
 tests/libtest/cli_h2_upgrade_extreme.c        |   2 +-
 tests/libtest/cli_hx_download.c               |   6 +-
 tests/libtest/cli_hx_upload.c                 |   3 +-
 tests/libtest/cli_tls_session_reuse.c         |   6 +-
 tests/libtest/cli_upload_pausing.c            |   2 +-
 tests/libtest/cli_ws_data.c                   |   9 +-
 tests/libtest/first.c                         |   3 +-
 tests/libtest/first.h                         |   2 +-
 tests/libtest/lib1156.c                       |  18 +-
 tests/libtest/lib1308.c                       |   2 +-
 tests/libtest/lib1514.c                       |   2 +-
 tests/libtest/lib1517.c                       |   1 -
 tests/libtest/lib1520.c                       |   2 +-
 tests/libtest/lib1522.c                       |   2 +-
 tests/libtest/lib1523.c                       |   2 +-
 tests/libtest/lib1525.c                       |   2 +-
 tests/libtest/lib1526.c                       |   2 +-
 tests/libtest/lib1527.c                       |   2 +-
 tests/libtest/lib1533.c                       |   1 -
 tests/libtest/lib1534.c                       |   8 +-
 tests/libtest/lib1535.c                       |   8 +-
 tests/libtest/lib1536.c                       |   8 +-
 tests/libtest/lib1559.c                       |   4 +-
 tests/libtest/lib1560.c                       |   4 +-
 tests/libtest/lib1597.c                       |   2 +-
 tests/libtest/lib1662.c                       |   2 +-
 tests/libtest/lib1915.c                       |   3 +-
 tests/libtest/lib1919.c                       |   4 +-
 tests/libtest/lib1940.c                       |   2 +-
 tests/libtest/lib1945.c                       |   4 +-
 tests/libtest/lib1947.c                       |   6 +-
 tests/libtest/lib1948.c                       |   9 +-
 tests/libtest/lib1960.c                       |   8 +-
 tests/libtest/lib1977.c                       |   3 -
 tests/libtest/lib2023.c                       |   2 +-
 tests/libtest/lib2032.c                       |   6 +-
 tests/libtest/lib2402.c                       |   6 +-
 tests/libtest/lib2404.c                       |   6 +-
 tests/libtest/lib2405.c                       |   7 +-
 tests/libtest/lib2502.c                       |   6 +-
 tests/libtest/lib2700.c                       |   3 +-
 tests/libtest/lib3033.c                       |   3 +-
 tests/libtest/lib3102.c                       |  10 +-
 tests/libtest/lib3207.c                       |   6 +-
 tests/libtest/lib505.c                        |   3 +-
 tests/libtest/lib506.c                        |  92 +++---
 tests/libtest/lib508.c                        |   2 +-
 tests/libtest/lib509.c                        |   1 -
 tests/libtest/lib510.c                        |   4 +-
 tests/libtest/lib526.c                        |   1 -
 tests/libtest/lib530.c                        |   2 +-
 tests/libtest/lib536.c                        |   3 +-
 tests/libtest/lib537.c                        |   2 +-
 tests/libtest/lib540.c                        |   4 +-
 tests/libtest/lib547.c                        |   2 +-
 tests/libtest/lib552.c                        |   8 +-
 tests/libtest/lib554.c                        |   2 +-
 tests/libtest/lib555.c                        |   2 +-
 tests/libtest/lib557.c                        |  43 +--
 tests/libtest/lib568.c                        |   2 +-
 tests/libtest/lib570.c                        |   2 +-
 tests/libtest/lib572.c                        |   2 +-
 tests/libtest/lib573.c                        |   2 +-
 tests/libtest/lib574.c                        |   3 +-
 tests/libtest/lib579.c                        |   2 +-
 tests/libtest/lib582.c                        |   2 +-
 tests/libtest/lib586.c                        |  75 +++--
 tests/libtest/lib591.c                        |   4 +-
 tests/libtest/lib597.c                        |   6 +-
 tests/libtest/lib643.c                        |  17 +-
 tests/libtest/lib650.c                        |   7 +-
 tests/libtest/lib651.c                        |   6 +-
 tests/libtest/lib652.c                        |   2 +-
 tests/libtest/lib654.c                        |   6 +-
 tests/libtest/lib666.c                        |   2 +-
 tests/libtest/lib667.c                        |   7 +-
 tests/libtest/lib668.c                        |   8 +-
 tests/libtest/lib670.c                        |   8 +-
 tests/libtest/lib678.c                        |   5 +-
 tests/libtest/lib758.c                        |   8 +-
 tests/server/dnsd.c                           |  17 +-
 tests/server/getpart.c                        |  17 +-
 tests/server/mqttd.c                          |  17 +-
 tests/server/resolve.c                        |   4 +-
 tests/server/rtspd.c                          |  46 ++-
 tests/server/sockfilt.c                       | 302 +++++++++---------
 tests/server/socksd.c                         |  15 +-
 tests/server/sws.c                            |  67 ++--
 tests/server/tftpd.c                          |  20 +-
 tests/server/util.c                           |  55 ++--
 tests/unit/unit1300.c                         |   2 +-
 tests/unit/unit1302.c                         |   4 +-
 tests/unit/unit1304.c                         |  33 +-
 tests/unit/unit1307.c                         |   2 +-
 tests/unit/unit1309.c                         |  12 +-
 tests/unit/unit1397.c                         |   2 +-
 tests/unit/unit1398.c                         |  20 +-
 tests/unit/unit1601.c                         |   2 +-
 tests/unit/unit1606.c                         |  18 +-
 tests/unit/unit1610.c                         |   4 +-
 tests/unit/unit1611.c                         |   4 +-
 tests/unit/unit1612.c                         |   8 +-
 tests/unit/unit1614.c                         |  14 +-
 tests/unit/unit1615.c                         |  14 +-
 tests/unit/unit1620.c                         |   3 +-
 tests/unit/unit1650.c                         |  16 +-
 tests/unit/unit1651.c                         |   4 +-
 tests/unit/unit1655.c                         |   2 +-
 tests/unit/unit1656.c                         |   2 +-
 tests/unit/unit1657.c                         |   2 +-
 tests/unit/unit1660.c                         |   2 +-
 tests/unit/unit1661.c                         |   2 +-
 tests/unit/unit1663.c                         |  11 +-
 tests/unit/unit2600.c                         |   6 +-
 tests/unit/unit2601.c                         |  10 +-
 tests/unit/unit2602.c                         |  12 +-
 tests/unit/unit3200.c                         | 124 +++----
 tests/unit/unit3205.c                         |   4 +-
 tests/unit/unit3211.c                         |   4 +-
 tests/unit/unit3213.c                         |   2 +-
 tests/unit/unit3216.c                         |   2 +-
 123 files changed, 684 insertions(+), 805 deletions(-)

diff --git a/tests/http/testenv/mod_curltest/mod_curltest.c b/tests/http/testenv/mod_curltest/mod_curltest.c
index cb236557e0..b45fd95286 100644
--- a/tests/http/testenv/mod_curltest/mod_curltest.c
+++ b/tests/http/testenv/mod_curltest/mod_curltest.c
@@ -62,7 +62,8 @@ static int curltest_post_config(apr_pool_t *p, apr_pool_t *plog,
   void *data = NULL;
   const char *key = "mod_curltest_init_counter";
 
-  (void)plog;(void)ptemp;
+  (void)plog;
+  (void)ptemp;
 
   apr_pool_userdata_get(&data, key, s->process->pool);
   if(!data) {
@@ -93,8 +94,8 @@ static void curltest_hooks(apr_pool_t *pool)
   ap_hook_handler(curltest_sslinfo_handler, NULL, NULL, APR_HOOK_MIDDLE);
 }
 
-#define SECS_PER_HOUR      (60*60)
-#define SECS_PER_DAY       (24*SECS_PER_HOUR)
+#define SECS_PER_HOUR      (60 * 60)
+#define SECS_PER_DAY       (24 * SECS_PER_HOUR)
 
 static apr_status_t duration_parse(apr_interval_time_t *ptimeout,
                                    const char *value, const char *def_unit)
@@ -124,12 +125,12 @@ static apr_status_t duration_parse(apr_interval_time_t *ptimeout,
     break;
   case 's':
   case 'S':
-    *ptimeout = (apr_interval_time_t) apr_time_from_sec(n);
+    *ptimeout = (apr_interval_time_t)apr_time_from_sec(n);
     break;
   case 'h':
   case 'H':
     /* Time is in hours */
-    *ptimeout = (apr_interval_time_t) apr_time_from_sec(n * SECS_PER_HOUR);
+    *ptimeout = (apr_interval_time_t)apr_time_from_sec(n * SECS_PER_HOUR);
     break;
   case 'm':
   case 'M':
@@ -137,12 +138,12 @@ static apr_status_t duration_parse(apr_interval_time_t *ptimeout,
     /* Time is in milliseconds */
     case 's':
     case 'S':
-      *ptimeout = (apr_interval_time_t) n * 1000;
+      *ptimeout = (apr_interval_time_t)n * 1000;
       break;
     /* Time is in minutes */
     case 'i':
     case 'I':
-      *ptimeout = (apr_interval_time_t) apr_time_from_sec(n * 60);
+      *ptimeout = (apr_interval_time_t)apr_time_from_sec(n * 60);
       break;
     default:
       return APR_EGENERAL;
@@ -154,7 +155,7 @@ static apr_status_t duration_parse(apr_interval_time_t *ptimeout,
     /* Time is in microseconds */
     case 's':
     case 'S':
-      *ptimeout = (apr_interval_time_t) n;
+      *ptimeout = (apr_interval_time_t)n;
       break;
     default:
       return APR_EGENERAL;
@@ -266,8 +267,7 @@ static int curltest_echo_handler(request_rec *r)
                    apr_table_get(r->headers_in, "TE"));
 
   if(read_delay) {
-    ap_log_rerror(APLOG_MARK, APLOG_TRACE1, 0, r,
-                  "put_handler: read_delay");
+    ap_log_rerror(APLOG_MARK, APLOG_TRACE1, 0, r, "put_handler: read_delay");
     apr_sleep(read_delay);
   }
 
@@ -343,7 +343,7 @@ static int curltest_tweak_handler(request_rec *r)
   apr_bucket_brigade *bb;
   apr_bucket *b;
   apr_status_t rv;
-  char buffer[16*1024];
+  char buffer[16 * 1024];
   int i, chunks = 3, error_bucket = 1;
   size_t chunk_size = sizeof(buffer);
   const char *request_id = "none";
@@ -579,7 +579,7 @@ static int curltest_put_handler(request_rec *r)
   apr_bucket_brigade *bb;
   apr_bucket *b;
   apr_status_t rv;
-  char buffer[128*1024];
+  char buffer[128 * 1024];
   const char *ct;
   apr_off_t rbody_len = 0;
   apr_off_t rbody_max_len = -1;
@@ -650,8 +650,7 @@ static int curltest_put_handler(request_rec *r)
   ap_set_content_type(r, ct ? ct : "text/plain");
 
   if(read_delay) {
-    ap_log_rerror(APLOG_MARK, APLOG_TRACE1, 0, r,
-                  "put_handler: read_delay");
+    ap_log_rerror(APLOG_MARK, APLOG_TRACE1, 0, r, "put_handler: read_delay");
     apr_sleep(read_delay);
   }
   bb = apr_brigade_create(r->pool, c->bucket_alloc);
@@ -674,7 +673,7 @@ static int curltest_put_handler(request_rec *r)
     }
   }
   /* we are done */
-  s_rbody_len = apr_psprintf(r->pool, "%"APR_OFF_T_FMT, rbody_len);
+  s_rbody_len = apr_psprintf(r->pool, "%" APR_OFF_T_FMT, rbody_len);
   apr_table_setn(r->headers_out, "Received-Length", s_rbody_len);
   rv = apr_brigade_puts(bb, NULL, NULL, s_rbody_len);
   if(APR_SUCCESS != rv)
diff --git a/tests/libtest/cli_h2_pausing.c b/tests/libtest/cli_h2_pausing.c
index 25b798af4b..30bcfcf043 100644
--- a/tests/libtest/cli_h2_pausing.c
+++ b/tests/libtest/cli_h2_pausing.c
@@ -38,8 +38,7 @@ static void usage_h2_pausing(const char *msg)
   );
 }
 
-struct handle
-{
+struct handle {
   size_t idx;
   int paused;
   int resumed;
@@ -51,7 +50,7 @@ struct handle
 static size_t cb(char *data, size_t size, size_t nmemb, void *clientp)
 {
   size_t realsize = size * nmemb;
-  struct handle *handle = (struct handle *) clientp;
+  struct handle *handle = (struct handle *)clientp;
   curl_off_t totalsize;
 
   (void)data;
@@ -163,7 +162,7 @@ static CURLcode test_cli_h2_pausing(const char *URL)
     goto cleanup;
   }
   memset(&resolve, 0, sizeof(resolve));
-  curl_msnprintf(resolve_buf, sizeof(resolve_buf)-1, "%s:%s:127.0.0.1",
+  curl_msnprintf(resolve_buf, sizeof(resolve_buf) - 1, "%s:%s:127.0.0.1",
                  host, port);
   resolve = curl_slist_append(resolve, resolve_buf);
 
diff --git a/tests/libtest/cli_h2_upgrade_extreme.c b/tests/libtest/cli_h2_upgrade_extreme.c
index bc28a6f4d0..8d5bf8d82c 100644
--- a/tests/libtest/cli_h2_upgrade_extreme.c
+++ b/tests/libtest/cli_h2_upgrade_extreme.c
@@ -120,7 +120,7 @@ static CURLcode test_cli_h2_upgrade_extreme(const char *URL)
         curl_easy_getinfo(msg->easy_handle, CURLINFO_XFER_ID, &xfer_id);
         curl_easy_getinfo(msg->easy_handle, CURLINFO_RESPONSE_CODE, &status);
         if(msg->data.result == CURLE_SEND_ERROR ||
-            msg->data.result == CURLE_RECV_ERROR) {
+           msg->data.result == CURLE_RECV_ERROR) {
           /* We get these if the server had a GOAWAY in transit on
            * reusing a connection */
         }
diff --git a/tests/libtest/cli_hx_download.c b/tests/libtest/cli_hx_download.c
index a7f5d20090..2a36144123 100644
--- a/tests/libtest/cli_hx_download.c
+++ b/tests/libtest/cli_hx_download.c
@@ -88,7 +88,7 @@ static size_t my_write_d_cb(char *buf, size_t nitems, size_t buflen,
                 "pause_at=%" CURL_FORMAT_CURL_OFF_T "\n",
                 t->idx, blen, t->recv_size, t->pause_at);
   if(!t->out) {
-    curl_msnprintf(t->filename, sizeof(t->filename)-1, "download_%zu.data",
+    curl_msnprintf(t->filename, sizeof(t->filename) - 1, "download_%zu.data",
                    t->idx);
     t->out = curlx_fopen(t->filename, "wb");
     if(!t->out)
@@ -149,7 +149,7 @@ static int my_progress_d_cb(void *userdata,
       switch(tls->backend) {
 #if defined(USE_QUICHE) || defined(USE_OPENSSL)
       case CURLSSLBACKEND_OPENSSL: {
-        const char *version = SSL_get_version((SSL*)tls->internals);
+        const char *version = SSL_get_version((SSL *)tls->internals);
         assert(version);
         assert(strcmp(version, "unknown"));
         curl_mfprintf(stderr, "[t-%zu] info OpenSSL using %s\n",
@@ -159,7 +159,7 @@ static int my_progress_d_cb(void *userdata,
 #endif
 #ifdef USE_WOLFSSL
       case CURLSSLBACKEND_WOLFSSL: {
-        const char *version = wolfSSL_get_version((WOLFSSL*)tls->internals);
+        const char *version = wolfSSL_get_version((WOLFSSL *)tls->internals);
         assert(version);
         assert(strcmp(version, "unknown"));
         curl_mfprintf(stderr, "[t-%zu] info wolfSSL using %s\n",
diff --git a/tests/libtest/cli_hx_upload.c b/tests/libtest/cli_hx_upload.c
index f7036509fe..1ffb7c243f 100644
--- a/tests/libtest/cli_hx_upload.c
+++ b/tests/libtest/cli_hx_upload.c
@@ -72,7 +72,7 @@ static size_t my_write_u_cb(char *buf, size_t nitems, size_t buflen,
                 "pause_at=%" CURL_FORMAT_CURL_OFF_T "\n",
                 t->idx, blen, t->recv_size, t->pause_at);
   if(!t->out) {
-    curl_msnprintf(t->filename, sizeof(t->filename)-1, "download_%zu.data",
+    curl_msnprintf(t->filename, sizeof(t->filename) - 1, "download_%zu.data",
                    t->idx);
     t->out = curlx_fopen(t->filename, "wb");
     if(!t->out)
@@ -462,7 +462,6 @@ static CURLcode test_cli_hx_upload(const char *URL)
           }
         }
 
-
         /* nothing happening, maintenance */
         if(abort_paused) {
           /* abort paused transfers */
diff --git a/tests/libtest/cli_tls_session_reuse.c b/tests/libtest/cli_tls_session_reuse.c
index aa56a0e28c..a0e5901e55 100644
--- a/tests/libtest/cli_tls_session_reuse.c
+++ b/tests/libtest/cli_tls_session_reuse.c
@@ -83,7 +83,6 @@ static CURL *tse_add_transfer(CURLM *multi, CURLSH *share,
   if(resolve)
     curl_easy_setopt(curl, CURLOPT_RESOLVE, resolve);
 
-
   mc = curl_multi_add_handle(multi, curl);
   if(mc != CURLM_OK) {
     curl_mfprintf(stderr, "curl_multi_add_handle: %s\n",
@@ -144,7 +143,7 @@ static CURLcode test_cli_tls_session_reuse(const char *URL)
     goto cleanup;
   }
 
-  curl_msnprintf(resolve_buf, sizeof(resolve_buf)-1, "%s:%s:127.0.0.1",
+  curl_msnprintf(resolve_buf, sizeof(resolve_buf) - 1, "%s:%s:127.0.0.1",
                  host, port);
   resolve = curl_slist_append(resolve, resolve_buf);
 
@@ -161,7 +160,6 @@ static CURLcode test_cli_tls_session_reuse(const char *URL)
   }
   curl_share_setopt(share, CURLSHOPT_SHARE, CURL_LOCK_DATA_SSL_SESSION);
 
-
   if(!tse_add_transfer(multi, share, resolve, URL, http_version))
     goto cleanup;
   ++ongoing;
@@ -205,7 +203,7 @@ static CURLcode test_cli_tls_session_reuse(const char *URL)
         curl_easy_getinfo(msg->easy_handle, CURLINFO_XFER_ID, &xfer_id);
         curl_easy_getinfo(msg->easy_handle, CURLINFO_RESPONSE_CODE, &status);
         if(msg->data.result == CURLE_SEND_ERROR ||
-            msg->data.result == CURLE_RECV_ERROR) {
+           msg->data.result == CURLE_RECV_ERROR) {
           /* We get these if the server had a GOAWAY in transit on
            * reusing a connection */
         }
diff --git a/tests/libtest/cli_upload_pausing.c b/tests/libtest/cli_upload_pausing.c
index 042eddd7d7..cb94bcf0a8 100644
--- a/tests/libtest/cli_upload_pausing.c
+++ b/tests/libtest/cli_upload_pausing.c
@@ -154,7 +154,7 @@ static CURLcode test_cli_upload_pausing(const char *URL)
     goto cleanup;
   }
   memset(&resolve, 0, sizeof(resolve));
-  curl_msnprintf(resolve_buf, sizeof(resolve_buf)-1, "%s:%s:127.0.0.1",
+  curl_msnprintf(resolve_buf, sizeof(resolve_buf) - 1, "%s:%s:127.0.0.1",
                  host, port);
   resolve = curl_slist_append(resolve, resolve_buf);
 
diff --git a/tests/libtest/cli_ws_data.c b/tests/libtest/cli_ws_data.c
index 2276f0c92c..35da277886 100644
--- a/tests/libtest/cli_ws_data.c
+++ b/tests/libtest/cli_ws_data.c
@@ -27,10 +27,9 @@
 
 #ifndef CURL_DISABLE_WEBSOCKETS
 
-static CURLcode
-test_ws_data_m2_check_recv(const struct curl_ws_frame *frame,
-                           size_t r_offset, size_t nread,
-                           size_t exp_len)
+static CURLcode test_ws_data_m2_check_recv(const struct curl_ws_frame *frame,
+                                           size_t r_offset, size_t nread,
+                                           size_t exp_len)
 {
   if(!frame)
     return CURLE_OK;
@@ -362,7 +361,6 @@ static CURLcode test_ws_data_m1_echo(const char *url,
         r = CURLE_RECV_ERROR;
         goto out;
       }
-
     }
 
     curl_multi_remove_handle(multi, m1_ctx.curl);
@@ -393,7 +391,6 @@ out:
   return r;
 }
 
-
 static void test_ws_data_usage(const char *msg)
 {
   if(msg)
diff --git a/tests/libtest/first.c b/tests/libtest/first.c
index 2f65530882..e384971c7e 100644
--- a/tests/libtest/first.c
+++ b/tests/libtest/first.c
@@ -62,7 +62,7 @@ int unitfail; /* for unittests */
 int coptind;
 const char *coptarg;
 
-int cgetopt(int argc, const char * const argv[], const char *optstring)
+int cgetopt(int argc, const char *const argv[], const char *optstring)
 {
   static int optpos = 1;
   int coptopt;
@@ -204,7 +204,6 @@ void ws_close(CURL *curl)
 }
 #endif /* CURL_DISABLE_WEBSOCKETS */
 
-
 int main(int argc, const char **argv)
 {
   const char *URL = "";
diff --git a/tests/libtest/first.h b/tests/libtest/first.h
index f5cbc60237..5fa587686b 100644
--- a/tests/libtest/first.h
+++ b/tests/libtest/first.h
@@ -79,7 +79,7 @@ extern struct curltime tv_test_start; /* for test timing */
 
 extern int coptind;
 extern const char *coptarg;
-int cgetopt(int argc, const char * const argv[], const char *optstring);
+int cgetopt(int argc, const char *const argv[], const char *optstring);
 
 extern int select_wrapper(int nfds, fd_set *rd, fd_set *wr, fd_set *exc,
                           struct timeval *tv);
diff --git a/tests/libtest/lib1156.c b/tests/libtest/lib1156.c
index 758f6e3f1a..1468b35e1c 100644
--- a/tests/libtest/lib1156.c
+++ b/tests/libtest/lib1156.c
@@ -96,27 +96,27 @@ static int onetest(CURL *curl, const char *url, const struct testparams *p,
   test_setopt(curl, CURLOPT_VERBOSE, 1L);
   test_setopt(curl, CURLOPT_RESUME_FROM, (p->flags & F_RESUME) ? 3L : 0L);
   test_setopt(curl, CURLOPT_RANGE, !(p->flags & F_RESUME) ?
-                                   "3-1000000": (char *)NULL);
+                                   "3-1000000" : (char *)NULL);
   test_setopt(curl, CURLOPT_FAILONERROR, (p->flags & F_FAIL) ? 1L : 0L);
   hasbody = 0;
   res = curl_easy_perform(curl);
   if(res != p->res) {
     curl_mprintf("%zu: bad error code (%d): resume=%s, fail=%s, http416=%s, "
                  "content-range=%s, expected=%d\n", num, res,
-                 (p->flags & F_RESUME) ? "yes": "no",
-                 (p->flags & F_FAIL) ? "yes": "no",
-                 (p->flags & F_HTTP416) ? "yes": "no",
-                 (p->flags & F_CONTENTRANGE) ? "yes": "no",
+                 (p->flags & F_RESUME) ? "yes" : "no",
+                 (p->flags & F_FAIL) ? "yes" : "no",
+                 (p->flags & F_HTTP416) ? "yes" : "no",
+                 (p->flags & F_CONTENTRANGE) ? "yes" : "no",
                  p->res);
     return 1;
   }
   if(hasbody && (p->flags & F_IGNOREBODY)) {
     curl_mprintf("body should be ignored and is not: resume=%s, fail=%s, "
                  "http416=%s, content-range=%s\n",
-                 (p->flags & F_RESUME) ? "yes": "no",
-                 (p->flags & F_FAIL) ? "yes": "no",
-                 (p->flags & F_HTTP416) ? "yes": "no",
-                 (p->flags & F_CONTENTRANGE) ? "yes": "no");
+                 (p->flags & F_RESUME) ? "yes" : "no",
+                 (p->flags & F_FAIL) ? "yes" : "no",
+                 (p->flags & F_HTTP416) ? "yes" : "no",
+                 (p->flags & F_CONTENTRANGE) ? "yes" : "no");
     return 1;
   }
   return 0;
diff --git a/tests/libtest/lib1308.c b/tests/libtest/lib1308.c
index 6f7b9c264e..6a7e71d792 100644
--- a/tests/libtest/lib1308.c
+++ b/tests/libtest/lib1308.c
@@ -26,7 +26,7 @@
 static size_t print_httppost_callback(void *arg, const char *buf, size_t len)
 {
   fwrite(buf, len, 1, stdout);
-  (*(size_t *) arg) += len;
+  (*(size_t *)arg) += len;
   return len;
 }
 
diff --git a/tests/libtest/lib1514.c b/tests/libtest/lib1514.c
index fa0aa07424..0ae61d41e8 100644
--- a/tests/libtest/lib1514.c
+++ b/tests/libtest/lib1514.c
@@ -37,7 +37,7 @@ static size_t t1514_read_cb(char *ptr, size_t size, size_t nmemb, void *userp)
 {
   struct t1514_WriteThis *pooh = (struct t1514_WriteThis *)userp;
 
-  if(size*nmemb < 1)
+  if(size * nmemb < 1)
     return 0;
 
   if(pooh->sizeleft) {
diff --git a/tests/libtest/lib1517.c b/tests/libtest/lib1517.c
index cebdeab0a1..ab18efe113 100644
--- a/tests/libtest/lib1517.c
+++ b/tests/libtest/lib1517.c
@@ -98,7 +98,6 @@ static CURLcode test_lib1517(const char *URL)
   /* detect HTTP error codes >= 400 */
   /* test_setopt(curl, CURLOPT_FAILONERROR, 1L); */
 
-
   /* Perform the request, res will get the return code */
   res = curl_easy_perform(curl);
 
diff --git a/tests/libtest/lib1520.c b/tests/libtest/lib1520.c
index 4cf54388eb..076ab564d0 100644
--- a/tests/libtest/lib1520.c
+++ b/tests/libtest/lib1520.c
@@ -46,7 +46,7 @@ static size_t t1520_read_cb(char *ptr, size_t size, size_t nmemb, void *userp)
   struct upload_status *upload_ctx = (struct upload_status *)userp;
   const char *data;
 
-  if((size == 0) || (nmemb == 0) || ((size*nmemb) < 1)) {
+  if((size == 0) || (nmemb == 0) || ((size * nmemb) < 1)) {
     return 0;
   }
 
diff --git a/tests/libtest/lib1522.c b/tests/libtest/lib1522.c
index 1ac2332e81..e90b39bc56 100644
--- a/tests/libtest/lib1522.c
+++ b/tests/libtest/lib1522.c
@@ -78,7 +78,7 @@ static CURLcode test_lib1522(const char *URL)
 
     curl_mprintf("uploadSize = %" CURL_FORMAT_CURL_OFF_T "\n", uploadSize);
 
-    if((size_t) uploadSize == sizeof(g_Data)) {
+    if((size_t)uploadSize == sizeof(g_Data)) {
       curl_mprintf("!!!!!!!!!! PASS\n");
     }
     else {
diff --git a/tests/libtest/lib1523.c b/tests/libtest/lib1523.c
index 711aa3f714..23ec23d823 100644
--- a/tests/libtest/lib1523.c
+++ b/tests/libtest/lib1523.c
@@ -41,7 +41,7 @@ static size_t t1523_write_cb(char *d, size_t n, size_t l, void *p)
   /* take care of the data here, ignored in this example */
   (void)d;
   (void)p;
-  return n*l;
+  return n * l;
 }
 
 static CURLcode run(CURL *curl, long limit, long time)
diff --git a/tests/libtest/lib1525.c b/tests/libtest/lib1525.c
index c9a1e1514f..66c18df21e 100644
--- a/tests/libtest/lib1525.c
+++ b/tests/libtest/lib1525.c
@@ -34,7 +34,7 @@ static const char t1525_testdata[] = "Hello Cloud!\n";
 
 static size_t t1525_read_cb(char *ptr, size_t size, size_t nmemb, void *stream)
 {
-  size_t  amount = nmemb * size; /* Total bytes curl wants */
+  size_t amount = nmemb * size; /* Total bytes curl wants */
   if(amount < strlen(t1525_testdata)) {
     return strlen(t1525_testdata);
   }
diff --git a/tests/libtest/lib1526.c b/tests/libtest/lib1526.c
index 031f8bfd27..400544b8e0 100644
--- a/tests/libtest/lib1526.c
+++ b/tests/libtest/lib1526.c
@@ -33,7 +33,7 @@ static const char t1526_testdata[] = "Hello Cloud!\n";
 
 static size_t t1526_read_cb(char *ptr, size_t size, size_t nmemb, void *stream)
 {
-  size_t  amount = nmemb * size; /* Total bytes curl wants */
+  size_t amount = nmemb * size; /* Total bytes curl wants */
   if(amount < strlen(t1526_testdata)) {
     return strlen(t1526_testdata);
   }
diff --git a/tests/libtest/lib1527.c b/tests/libtest/lib1527.c
index 1d9a582132..e55672a3c0 100644
--- a/tests/libtest/lib1527.c
+++ b/tests/libtest/lib1527.c
@@ -33,7 +33,7 @@ static const char t1527_testdata[] = "Hello Cloud!\n";
 
 static size_t t1527_read_cb(char *ptr, size_t size, size_t nmemb, void *stream)
 {
-  size_t  amount = nmemb * size; /* Total bytes curl wants */
+  size_t amount = nmemb * size; /* Total bytes curl wants */
   if(amount < strlen(t1527_testdata)) {
     return strlen(t1527_testdata);
   }
diff --git a/tests/libtest/lib1533.c b/tests/libtest/lib1533.c
index a2d541c412..b859ee3664 100644
--- a/tests/libtest/lib1533.c
+++ b/tests/libtest/lib1533.c
@@ -119,7 +119,6 @@ static CURLcode perform_and_check_connections(CURL *curl,
   return TEST_ERR_SUCCESS;
 }
 
-
 static CURLcode test_lib1533(const char *URL)
 {
   struct cb_data data;
diff --git a/tests/libtest/lib1534.c b/tests/libtest/lib1534.c
index 377df3b2fe..94a02c2986 100644
--- a/tests/libtest/lib1534.c
+++ b/tests/libtest/lib1534.c
@@ -36,7 +36,7 @@ static CURLcode test_lib1534(const char *URL)
   easy_init(curl);
 
   /* Test that a filetime is properly initialized on curl_easy_init.
-  */
+   */
 
   res = curl_easy_getinfo(curl, CURLINFO_FILETIME, &filetime);
   if(res) {
@@ -65,7 +65,7 @@ static CURLcode test_lib1534(const char *URL)
   }
 
   /* Test that a filetime is properly set after receiving an HTTP resource.
-  */
+   */
 
   res = curl_easy_getinfo(curl, CURLINFO_FILETIME, &filetime);
   if(res) {
@@ -83,7 +83,7 @@ static CURLcode test_lib1534(const char *URL)
   }
 
   /* Test that a filetime is properly initialized on curl_easy_duphandle.
-  */
+   */
 
   dupe = curl_easy_duphandle(curl);
   if(!dupe) {
@@ -109,7 +109,7 @@ static CURLcode test_lib1534(const char *URL)
   }
 
   /* Test that a filetime is properly initialized on curl_easy_reset.
-  */
+   */
 
   curl_easy_reset(curl);
 
diff --git a/tests/libtest/lib1535.c b/tests/libtest/lib1535.c
index c49c3076df..a9480429fa 100644
--- a/tests/libtest/lib1535.c
+++ b/tests/libtest/lib1535.c
@@ -36,7 +36,7 @@ static CURLcode test_lib1535(const char *URL)
   easy_init(curl);
 
   /* Test that protocol is properly initialized on curl_easy_init.
-  */
+   */
 
   res = curl_easy_getinfo(curl, CURLINFO_PROTOCOL, &protocol);
 
@@ -65,7 +65,7 @@ static CURLcode test_lib1535(const char *URL)
   }
 
   /* Test that a protocol is properly set after receiving an HTTP resource.
-  */
+   */
 
   res = curl_easy_getinfo(curl, CURLINFO_PROTOCOL, &protocol);
 
@@ -85,7 +85,7 @@ static CURLcode test_lib1535(const char *URL)
   }
 
   /* Test that a protocol is properly initialized on curl_easy_duphandle.
-  */
+   */
 
   dupe = curl_easy_duphandle(curl);
   if(!dupe) {
@@ -112,7 +112,7 @@ static CURLcode test_lib1535(const char *URL)
   }
 
   /* Test that a protocol is properly initialized on curl_easy_reset.
-  */
+   */
 
   curl_easy_reset(curl);
 
diff --git a/tests/libtest/lib1536.c b/tests/libtest/lib1536.c
index f89b50a195..f03e9d98ed 100644
--- a/tests/libtest/lib1536.c
+++ b/tests/libtest/lib1536.c
@@ -36,7 +36,7 @@ static CURLcode test_lib1536(const char *URL)
   easy_init(curl);
 
   /* Test that scheme is properly initialized on curl_easy_init.
-  */
+   */
 
   res = curl_easy_getinfo(curl, CURLINFO_SCHEME, &scheme);
   if(res) {
@@ -64,7 +64,7 @@ static CURLcode test_lib1536(const char *URL)
   }
 
   /* Test that a scheme is properly set after receiving an HTTP resource.
-  */
+   */
 
   res = curl_easy_getinfo(curl, CURLINFO_SCHEME, &scheme);
   if(res) {
@@ -83,7 +83,7 @@ static CURLcode test_lib1536(const char *URL)
   }
 
   /* Test that a scheme is properly initialized on curl_easy_duphandle.
-  */
+   */
 
   dupe = curl_easy_duphandle(curl);
   if(!dupe) {
@@ -108,7 +108,7 @@ static CURLcode test_lib1536(const char *URL)
   }
 
   /* Test that a scheme is properly initialized on curl_easy_reset.
-  */
+   */
 
   curl_easy_reset(curl);
 
diff --git a/tests/libtest/lib1559.c b/tests/libtest/lib1559.c
index c6851918a6..30773add73 100644
--- a/tests/libtest/lib1559.c
+++ b/tests/libtest/lib1559.c
@@ -25,7 +25,7 @@
 
 static CURLcode test_lib1559(const char *URL)
 {
-  static const int EXCESSIVE = 10*1000*1000;
+  static const int EXCESSIVE = 10 * 1000 * 1000;
 
   CURLcode res = CURLE_OK;
   CURL *curl = NULL;
@@ -43,7 +43,7 @@ static CURLcode test_lib1559(const char *URL)
   }
 
   memset(longurl, 'a', EXCESSIVE);
-  longurl[EXCESSIVE-1] = 0;
+  longurl[EXCESSIVE - 1] = 0;
 
   res = curl_easy_setopt(curl, CURLOPT_URL, longurl);
   curl_mprintf("CURLOPT_URL %d bytes URL == %d\n",
diff --git a/tests/libtest/lib1560.c b/tests/libtest/lib1560.c
index 2f6608108c..d080d38aa8 100644
--- a/tests/libtest/lib1560.c
+++ b/tests/libtest/lib1560.c
@@ -68,10 +68,10 @@ static int checkparts(CURLU *u, const char *in, const char *wanted,
     size_t n;
     rc = curl_url_get(u, parts[i].part, &p, getflags);
     if(!rc && p) {
-      curl_msnprintf(bufp, len, "%s%s", buf[0]?" | ":"", p);
+      curl_msnprintf(bufp, len, "%s%s", buf[0] ? " | " : "", p);
     }
     else
-      curl_msnprintf(bufp, len, "%s[%d]", buf[0]?" | ":"", rc);
+      curl_msnprintf(bufp, len, "%s[%d]", buf[0] ? " | " : "", rc);
 
     n = strlen(bufp);
     bufp += n;
diff --git a/tests/libtest/lib1597.c b/tests/libtest/lib1597.c
index a338a53944..0e86517ead 100644
--- a/tests/libtest/lib1597.c
+++ b/tests/libtest/lib1597.c
@@ -80,7 +80,7 @@ static CURLcode test_lib1597(const char *URL)
 
   n = 0;
   for(proto = curlinfo->protocols; *proto; proto++) {
-    if((size_t) n >= sizeof(protolist)) {
+    if((size_t)n >= sizeof(protolist)) {
       puts("protolist buffer too small\n");
       res = TEST_ERR_FAILURE;
       goto test_cleanup;
diff --git a/tests/libtest/lib1662.c b/tests/libtest/lib1662.c
index 41a1bc0bd4..f1e7b55df4 100644
--- a/tests/libtest/lib1662.c
+++ b/tests/libtest/lib1662.c
@@ -34,7 +34,7 @@ static size_t t1662_read_cb(char *ptr, size_t size, size_t nmemb, void *userp)
   struct t1662_WriteThis *pooh = (struct t1662_WriteThis *)userp;
   size_t len = strlen(testdata);
 
-  if(size*nmemb < len)
+  if(size * nmemb < len)
     return 0;
 
   if(pooh->sizeleft) {
diff --git a/tests/libtest/lib1915.c b/tests/libtest/lib1915.c
index 367533aef6..adb589a8c0 100644
--- a/tests/libtest/lib1915.c
+++ b/tests/libtest/lib1915.c
@@ -30,8 +30,7 @@ struct state {
 };
 
 /* "read" is from the point of the library, it wants data from us */
-static CURLSTScode hstsread(CURL *curl, struct curl_hstsentry *e,
-                            void *userp)
+static CURLSTScode hstsread(CURL *curl, struct curl_hstsentry *e, void *userp)
 {
   struct entry {
     const char *name;
diff --git a/tests/libtest/lib1919.c b/tests/libtest/lib1919.c
index 79d31810a4..1a436b00ce 100644
--- a/tests/libtest/lib1919.c
+++ b/tests/libtest/lib1919.c
@@ -33,9 +33,9 @@ static CURLcode test_lib1919(const char *URL)
   easy_init(curl);
   easy_setopt(curl, CURLOPT_HTTPAUTH, CURLAUTH_BEARER);
   easy_setopt(curl, CURLOPT_XOAUTH2_BEARER,
-                   "c4e448d652a961fda0ab64f882c8c161d5985f805d45d80c9ddca1");
+              "c4e448d652a961fda0ab64f882c8c161d5985f805d45d80c9ddca1");
   easy_setopt(curl, CURLOPT_SASL_AUTHZID,
-                   "c4e448d652a961fda0ab64f882c8c161d5985f805d45d80c9ddca2");
+              "c4e448d652a961fda0ab64f882c8c161d5985f805d45d80c9ddca2");
   easy_setopt(curl, CURLOPT_URL, URL);
 
   for(i = 0; i < 2; i++) {
diff --git a/tests/libtest/lib1940.c b/tests/libtest/lib1940.c
index 75b8f7818c..1d9975534a 100644
--- a/tests/libtest/lib1940.c
+++ b/tests/libtest/lib1940.c
@@ -28,7 +28,7 @@ static size_t t1940_write_cb(char *data, size_t n, size_t l, void *userp)
   /* take care of the data here, ignored in this example */
   (void)data;
   (void)userp;
-  return n*l;
+  return n * l;
 }
 
 static void t1940_showem(CURL *curl, int header_request, unsigned int type)
diff --git a/tests/libtest/lib1945.c b/tests/libtest/lib1945.c
index 99044880cf..07a0109514 100644
--- a/tests/libtest/lib1945.c
+++ b/tests/libtest/lib1945.c
@@ -41,7 +41,7 @@ static size_t t1945_write_cb(char *data, size_t n, size_t l, void *userp)
   /* take care of the data here, ignored in this example */
   (void)data;
   (void)userp;
-  return n*l;
+  return n * l;
 }
 
 static CURLcode test_lib1945(const char *URL)
@@ -67,7 +67,7 @@ static CURLcode test_lib1945(const char *URL)
   if(res) {
     curl_mprintf("badness: %d\n", res);
   }
-  t1945_showem(curl, CURLH_CONNECT|CURLH_HEADER|CURLH_TRAILER|CURLH_1XX);
+  t1945_showem(curl, CURLH_CONNECT | CURLH_HEADER | CURLH_TRAILER | CURLH_1XX);
 
 test_cleanup:
   curl_easy_cleanup(curl);
diff --git a/tests/libtest/lib1947.c b/tests/libtest/lib1947.c
index acbc260aa1..43e4c274b8 100644
--- a/tests/libtest/lib1947.c
+++ b/tests/libtest/lib1947.c
@@ -28,7 +28,7 @@ static size_t t1947_write_cb(char *data, size_t n, size_t l, void *userp)
   /* ignore the data */
   (void)data;
   (void)userp;
-  return n*l;
+  return n * l;
 }
 
 static CURLcode test_lib1947(const char *URL)
@@ -56,8 +56,8 @@ static CURLcode test_lib1947(const char *URL)
 
   /* count the number of requests by reading the first header of each
      request. */
-  origins = (CURLH_HEADER|CURLH_TRAILER|CURLH_CONNECT|
-             CURLH_1XX|CURLH_PSEUDO);
+  origins = CURLH_HEADER | CURLH_TRAILER | CURLH_CONNECT | CURLH_1XX |
+            CURLH_PSEUDO;
   do {
     h = curl_easy_nextheader(curl, origins, count, NULL);
     if(h)
diff --git a/tests/libtest/lib1948.c b/tests/libtest/lib1948.c
index 2a138ac695..024080e3e4 100644
--- a/tests/libtest/lib1948.c
+++ b/tests/libtest/lib1948.c
@@ -23,15 +23,14 @@
  ***************************************************************************/
 #include "first.h"
 
-typedef struct
-{
+struct put_buffer {
   const char *buf;
   size_t len;
-} put_buffer;
+};
 
 static size_t put_callback(char *ptr, size_t size, size_t nmemb, void *stream)
 {
-  put_buffer *putdata = (put_buffer *)stream;
+  struct put_buffer *putdata = (struct put_buffer *)stream;
   size_t totalsize = size * nmemb;
   size_t tocopy = (putdata->len < totalsize) ? putdata->len : totalsize;
   memcpy(ptr, putdata->buf, tocopy);
@@ -45,7 +44,7 @@ static CURLcode test_lib1948(const char *URL)
   CURL *curl;
   CURLcode res = CURLE_OK;
   static const char *testput = "This is test PUT data\n";
-  put_buffer pbuf;
+  struct put_buffer pbuf;
 
   curl_global_init(CURL_GLOBAL_DEFAULT);
 
diff --git a/tests/libtest/lib1960.c b/tests/libtest/lib1960.c
index 2dbdf5995f..ff8ad76bc1 100644
--- a/tests/libtest/lib1960.c
+++ b/tests/libtest/lib1960.c
@@ -63,12 +63,11 @@ static int sockopt_cb(void *clientp,
 }
 
 #ifdef __AMIGA__
-#define my_inet_pton(x,y,z) inet_pton(x,(unsigned char *)y,z)
+#define my_inet_pton(x, y, z) inet_pton(x, (unsigned char *)y, z)
 #else
-#define my_inet_pton(x,y,z) inet_pton(x,y,z)
+#define my_inet_pton(x, y, z) inet_pton(x, y, z)
 #endif
 
-
 /* Expected args: URL IP PORT */
 static CURLcode test_lib1960(const char *URL)
 {
@@ -109,7 +108,8 @@ static CURLcode test_lib1960(const char *URL)
     goto test_cleanup;
   }
 
-  status = connect(client_fd, (struct sockaddr*)&serv_addr, sizeof(serv_addr));
+  status = connect(client_fd, (struct sockaddr *)&serv_addr,
+                   sizeof(serv_addr));
   if(status < 0) {
     curl_mfprintf(stderr, "connection failed\n");
     goto test_cleanup;
diff --git a/tests/libtest/lib1977.c b/tests/libtest/lib1977.c
index 10412f66c0..06ab698c36 100644
--- a/tests/libtest/lib1977.c
+++ b/tests/libtest/lib1977.c
@@ -48,7 +48,6 @@ static CURLcode test_lib1977(const char *URL)
     goto test_cleanup;
   curl_mprintf("effective URL: %s\n", effective);
 
-
   /* second transfer: set URL + query in the second CURLU handle */
   curl_url_set(curlu_2, CURLUPART_URL, URL, CURLU_DEFAULT_SCHEME);
   curl_url_set(curlu_2, CURLUPART_QUERY, "foo", 0);
@@ -64,7 +63,6 @@ static CURLcode test_lib1977(const char *URL)
     goto test_cleanup;
   curl_mprintf("effective URL: %s\n", effective);
 
-
   /* third transfer: append extra query in the second CURLU handle, but do not
      set CURLOPT_CURLU again. this is to test that the contents of the handle
      is allowed to change between transfers and is used without having to set
@@ -81,7 +79,6 @@ static CURLcode test_lib1977(const char *URL)
     goto test_cleanup;
   curl_mprintf("effective URL: %s\n", effective);
 
-
 test_cleanup:
   curl_easy_cleanup(curl);
   curl_url_cleanup(curlu);
diff --git a/tests/libtest/lib2023.c b/tests/libtest/lib2023.c
index 1475deb2d3..660d528b2a 100644
--- a/tests/libtest/lib2023.c
+++ b/tests/libtest/lib2023.c
@@ -90,7 +90,7 @@ static CURLcode test_lib2023(const char *URL)  /* libauthretry */
   long fallback_auth_scheme = parse_auth_name(libtest_arg3);
 
   if(main_auth_scheme == CURLAUTH_NONE ||
-      fallback_auth_scheme == CURLAUTH_NONE) {
+     fallback_auth_scheme == CURLAUTH_NONE) {
     curl_mfprintf(stderr, "auth schemes not found on commandline\n");
     return TEST_ERR_MAJOR_BAD;
   }
diff --git a/tests/libtest/lib2032.c b/tests/libtest/lib2032.c
index a733f34e6f..a9cb298571 100644
--- a/tests/libtest/lib2032.c
+++ b/tests/libtest/lib2032.c
@@ -32,7 +32,7 @@ static CURLcode ntlmcb_res = CURLE_OK;
 
 static size_t callback(char *ptr, size_t size, size_t nmemb, void *data)
 {
-  ssize_t idx = ((CURL **) data) - ntlm_curls;
+  ssize_t idx = ((CURL **)data) - ntlm_curls;
   curl_socket_t sock;
   long longdata;
   CURLcode code;
@@ -195,8 +195,8 @@ static CURLcode test_lib2032(const char *URL)  /* libntlmconnect */
 #else
       itimeout = (int)timeout;
 #endif
-      interval.tv_sec = itimeout/1000;
-      interval.tv_usec = (itimeout%1000)*1000;
+      interval.tv_sec = itimeout / 1000;
+      interval.tv_usec = (itimeout % 1000) * 1000;
     }
     else {
       interval.tv_sec = 0;
diff --git a/tests/libtest/lib2402.c b/tests/libtest/lib2402.c
index 58c1b6c431..49d87d1cd4 100644
--- a/tests/libtest/lib2402.c
+++ b/tests/libtest/lib2402.c
@@ -38,8 +38,7 @@ static CURLcode test_lib2402(const char *URL)
 
   (void)URL;
 
-  curl_msnprintf(dnsentry, sizeof(dnsentry), "localhost:%s:%s",
-                 port, address);
+  curl_msnprintf(dnsentry, sizeof(dnsentry), "localhost:%s:%s", port, address);
   curl_mprintf("%s\n", dnsentry);
   slist = curl_slist_append(slist, dnsentry);
   if(!slist) {
@@ -61,8 +60,7 @@ static CURLcode test_lib2402(const char *URL)
     easy_init(curl[i]);
     /* specify target */
     curl_msnprintf(target_url, sizeof(target_url),
-                   "https://localhost:%s/path/2402%04zu",
-                   port, i + 1);
+                   "https://localhost:%s/path/2402%04zu", port, i + 1);
     target_url[sizeof(target_url) - 1] = '\0';
     easy_setopt(curl[i], CURLOPT_URL, target_url);
     /* go http2 */
diff --git a/tests/libtest/lib2404.c b/tests/libtest/lib2404.c
index 93a3ef926f..c202597447 100644
--- a/tests/libtest/lib2404.c
+++ b/tests/libtest/lib2404.c
@@ -38,8 +38,7 @@ static CURLcode test_lib2404(const char *URL)
 
   (void)URL;
 
-  curl_msnprintf(dnsentry, sizeof(dnsentry), "localhost:%s:%s",
-                 port, address);
+  curl_msnprintf(dnsentry, sizeof(dnsentry), "localhost:%s:%s", port, address);
   curl_mprintf("%s\n", dnsentry);
   slist = curl_slist_append(slist, dnsentry);
   if(!slist) {
@@ -61,8 +60,7 @@ static CURLcode test_lib2404(const char *URL)
     easy_init(curl[i]);
     /* specify target */
     curl_msnprintf(target_url, sizeof(target_url),
-                   "https://localhost:%s/path/2404%04zu",
-                   port, i + 1);
+                   "https://localhost:%s/path/2404%04zu", port, i + 1);
     target_url[sizeof(target_url) - 1] = '\0';
     easy_setopt(curl[i], CURLOPT_URL, target_url);
     /* go http2 */
diff --git a/tests/libtest/lib2405.c b/tests/libtest/lib2405.c
index 97d0d5d231..89ab659bdd 100644
--- a/tests/libtest/lib2405.c
+++ b/tests/libtest/lib2405.c
@@ -66,9 +66,10 @@ enum {
   TEST_USE_HTTP2_MPLEX
 };
 
-static size_t emptyWriteFunc(char *ptr, size_t size, size_t nmemb,
-                             void *data) {
-  (void)ptr; (void)data;
+static size_t emptyWriteFunc(char *ptr, size_t size, size_t nmemb, void *data)
+{
+  (void)ptr;
+  (void)data;
   return size * nmemb;
 }
 
diff --git a/tests/libtest/lib2502.c b/tests/libtest/lib2502.c
index 4b5e0ef683..48a8a93f0f 100644
--- a/tests/libtest/lib2502.c
+++ b/tests/libtest/lib2502.c
@@ -40,8 +40,7 @@ static CURLcode test_lib2502(const char *URL)
 
   (void)URL;
 
-  curl_msnprintf(dnsentry, sizeof(dnsentry), "localhost:%s:%s",
-                 port, address);
+  curl_msnprintf(dnsentry, sizeof(dnsentry), "localhost:%s:%s", port, address);
   curl_mprintf("%s\n", dnsentry);
   slist = curl_slist_append(slist, dnsentry);
   if(!slist) {
@@ -63,8 +62,7 @@ static CURLcode test_lib2502(const char *URL)
     easy_init(curl[i]);
     /* specify target */
     curl_msnprintf(target_url, sizeof(target_url),
-                   "https://localhost:%s/path/2502%04zu",
-                   port, i + 1);
+                   "https://localhost:%s/path/2502%04zu", port, i + 1);
     target_url[sizeof(target_url) - 1] = '\0';
     easy_setopt(curl[i], CURLOPT_URL, target_url);
     /* go http2 */
diff --git a/tests/libtest/lib2700.c b/tests/libtest/lib2700.c
index 1760d243ea..1c38f073d5 100644
--- a/tests/libtest/lib2700.c
+++ b/tests/libtest/lib2700.c
@@ -120,8 +120,7 @@ static CURLcode send_chunk(CURL *curl, int flags, const char *buffer,
   size_t nsent;
 
 retry:
-    res = curl_ws_send(curl, buffer + *offset, size - *offset, &nsent, 0,
-                       flags);
+  res = curl_ws_send(curl, buffer + *offset, size - *offset, &nsent, 0, flags);
   if(res == CURLE_AGAIN) {
     assert(nsent == 0);
     goto retry;
diff --git a/tests/libtest/lib3033.c b/tests/libtest/lib3033.c
index 428de8afc3..e2f0099615 100644
--- a/tests/libtest/lib3033.c
+++ b/tests/libtest/lib3033.c
@@ -33,8 +33,7 @@ static CURLcode t3033_req_test(CURLM *multi, CURL *curl,
   int still_running = 0;
 
   if(index == 1) {
-    curl_multi_setopt(multi, CURLMOPT_NETWORK_CHANGED,
-                      CURLMNWC_CLEAR_CONNS);
+    curl_multi_setopt(multi, CURLMOPT_NETWORK_CHANGED, CURLMNWC_CLEAR_CONNS);
     curl_mprintf("[1] signal network change\n");
   }
   else {
diff --git a/tests/libtest/lib3102.c b/tests/libtest/lib3102.c
index 72da47551e..094b32c1fc 100644
--- a/tests/libtest/lib3102.c
+++ b/tests/libtest/lib3102.c
@@ -47,11 +47,11 @@ static bool is_chain_in_order(struct curl_certinfo *cert_info)
       static const char issuer_prefix[] = "Issuer:";
       static const char subject_prefix[] = "Subject:";
 
-      if(!strncmp(slist->data, issuer_prefix, sizeof(issuer_prefix)-1)) {
-        issuer = slist->data + sizeof(issuer_prefix)-1;
+      if(!strncmp(slist->data, issuer_prefix, sizeof(issuer_prefix) - 1)) {
+        issuer = slist->data + sizeof(issuer_prefix) - 1;
       }
-      if(!strncmp(slist->data, subject_prefix, sizeof(subject_prefix)-1)) {
-        subject = slist->data + sizeof(subject_prefix)-1;
+      if(!strncmp(slist->data, subject_prefix, sizeof(subject_prefix) - 1)) {
+        subject = slist->data + sizeof(subject_prefix) - 1;
       }
     }
 
@@ -80,7 +80,7 @@ static bool is_chain_in_order(struct curl_certinfo *cert_info)
   return true;
 }
 
-static size_t wrfu(void *ptr,  size_t  size,  size_t  nmemb,  void *stream)
+static size_t wrfu(void *ptr, size_t size, size_t nmemb, void *stream)
 {
   (void)stream;
   (void)ptr;
diff --git a/tests/libtest/lib3207.c b/tests/libtest/lib3207.c
index 7757643a26..8b20b311eb 100644
--- a/tests/libtest/lib3207.c
+++ b/tests/libtest/lib3207.c
@@ -116,7 +116,7 @@ test_cleanup:
 static void t3207_test_lock(CURL *curl, curl_lock_data data,
                             curl_lock_access laccess, void *useptr)
 {
-  curl_mutex_t *mutexes = (curl_mutex_t*) useptr;
+  curl_mutex_t *mutexes = (curl_mutex_t *)useptr;
   (void)curl;
   (void)laccess;
   Curl_mutex_acquire(&mutexes[data]);
@@ -124,7 +124,7 @@ static void t3207_test_lock(CURL *curl, curl_lock_data data,
 
 static void t3207_test_unlock(CURL *curl, curl_lock_data data, void *useptr)
 {
-  curl_mutex_t *mutexes = (curl_mutex_t*) useptr;
+  curl_mutex_t *mutexes = (curl_mutex_t *)useptr;
   (void)curl;
   Curl_mutex_release(&mutexes[data]);
 }
@@ -175,7 +175,7 @@ static CURLcode test_lib3207(const char *URL)
 {
   CURLcode res = CURLE_OK;
   size_t i;
-  CURLSH* share;
+  CURLSH *share;
   struct Ctx ctx[THREAD_SIZE];
 
   curl_global_init(CURL_GLOBAL_ALL);
diff --git a/tests/libtest/lib505.c b/tests/libtest/lib505.c
index b28a01a9ce..e33614fc58 100644
--- a/tests/libtest/lib505.c
+++ b/tests/libtest/lib505.c
@@ -127,8 +127,7 @@ static CURLcode test_lib505(const char *URL)
   test_setopt(curl, CURLOPT_READDATA, hd_src);
 
   /* and give the size of the upload (optional) */
-  test_setopt(curl, CURLOPT_INFILESIZE_LARGE,
-                   (curl_off_t)file_info.st_size);
+  test_setopt(curl, CURLOPT_INFILESIZE_LARGE, (curl_off_t)file_info.st_size);
 
   /* Now run off and do what you have been told! */
   res = curl_easy_perform(curl);
diff --git a/tests/libtest/lib506.c b/tests/libtest/lib506.c
index 3d2a3556fd..f5c44c3e47 100644
--- a/tests/libtest/lib506.c
+++ b/tests/libtest/lib506.c
@@ -52,21 +52,21 @@ static void t506_test_lock(CURL *curl, curl_lock_data data,
   (void)laccess;
 
   switch(data) {
-    case CURL_LOCK_DATA_SHARE:
-      what = "share";
-      locknum = 0;
-      break;
-    case CURL_LOCK_DATA_DNS:
-      what = "dns";
-      locknum = 1;
-      break;
-    case CURL_LOCK_DATA_COOKIE:
-      what = "cookie";
-      locknum = 2;
-      break;
-    default:
-      curl_mfprintf(stderr, "lock: no such data: %d\n", data);
-      return;
+  case CURL_LOCK_DATA_SHARE:
+    what = "share";
+    locknum = 0;
+    break;
+  case CURL_LOCK_DATA_DNS:
+    what = "dns";
+    locknum = 1;
+    break;
+  case CURL_LOCK_DATA_COOKIE:
+    what = "cookie";
+    locknum = 2;
+    break;
+  default:
+    curl_mfprintf(stderr, "lock: no such data: %d\n", data);
+    return;
   }
 
   /* detect locking of locked locks */
@@ -88,21 +88,21 @@ static void t506_test_unlock(CURL *curl, curl_lock_data data, void *useptr)
   int locknum;
   (void)curl;
   switch(data) {
-    case CURL_LOCK_DATA_SHARE:
-      what = "share";
-      locknum = 0;
-      break;
-    case CURL_LOCK_DATA_DNS:
-      what = "dns";
-      locknum = 1;
-      break;
-    case CURL_LOCK_DATA_COOKIE:
-      what = "cookie";
-      locknum = 2;
-      break;
-    default:
-      curl_mfprintf(stderr, "unlock: no such data: %d\n", data);
-      return;
+  case CURL_LOCK_DATA_SHARE:
+    what = "share";
+    locknum = 0;
+    break;
+  case CURL_LOCK_DATA_DNS:
+    what = "dns";
+    locknum = 1;
+    break;
+  case CURL_LOCK_DATA_COOKIE:
+    what = "cookie";
+    locknum = 2;
+    break;
+  default:
+    curl_mfprintf(stderr, "unlock: no such data: %d\n", data);
+    return;
   }
 
   /* detect unlocking of unlocked locks */
@@ -128,7 +128,7 @@ static void *t506_test_fire(void *ptr)
 {
   CURLcode code;
   struct curl_slist *headers;
-  struct t506_Tdata *tdata = (struct t506_Tdata*)ptr;
+  struct t506_Tdata *tdata = (struct t506_Tdata *)ptr;
   CURL *curl;
 
   curl = curl_easy_init();
@@ -138,9 +138,9 @@ static void *t506_test_fire(void *ptr)
   }
 
   headers = sethost(NULL);
-  curl_easy_setopt(curl, CURLOPT_VERBOSE,    1L);
+  curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
   curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);
-  curl_easy_setopt(curl, CURLOPT_URL,        tdata->url);
+  curl_easy_setopt(curl, CURLOPT_URL, tdata->url);
   curl_easy_setopt(curl, CURLOPT_COOKIEFILE, "");
   curl_mprintf("CURLOPT_SHARE\n");
   curl_easy_setopt(curl, CURLOPT_SHARE, tdata->share);
@@ -233,40 +233,38 @@ static CURLcode test_lib506(const char *URL)
     return TEST_ERR_MAJOR_BAD;
   }
   curl_mprintf("CURLOPT_SHARE\n");
-  test_setopt(curl, CURLOPT_SHARE,      share);
+  test_setopt(curl, CURLOPT_SHARE, share);
   curl_mprintf("CURLOPT_COOKIELIST injected_and_clobbered\n");
   test_setopt(curl, CURLOPT_COOKIELIST,
-               "Set-Cookie: injected_and_clobbered=yes; "
-               "domain=host.foo.com; expires=Sat Feb 2 11:56:27 GMT 2030");
+              "Set-Cookie: injected_and_clobbered=yes; "
+              "domain=host.foo.com; expires=Sat Feb 2 11:56:27 GMT 2030");
   curl_mprintf("CURLOPT_COOKIELIST ALL\n");
   test_setopt(curl, CURLOPT_COOKIELIST, "ALL");
   curl_mprintf("CURLOPT_COOKIELIST session\n");
   test_setopt(curl, CURLOPT_COOKIELIST, "Set-Cookie: session=elephants");
   curl_mprintf("CURLOPT_COOKIELIST injected\n");
   test_setopt(curl, CURLOPT_COOKIELIST,
-               "Set-Cookie: injected=yes; domain=host.foo.com; "
-               "expires=Sat Feb 2 11:56:27 GMT 2030");
+              "Set-Cookie: injected=yes; domain=host.foo.com; "
+              "expires=Sat Feb 2 11:56:27 GMT 2030");
   curl_mprintf("CURLOPT_COOKIELIST SESS\n");
   test_setopt(curl, CURLOPT_COOKIELIST, "SESS");
   curl_mprintf("CLEANUP\n");
   curl_easy_cleanup(curl);
 
-
   /* start treads */
   for(i = 1; i <= THREADS; i++) {
 
     /* set thread data */
-    tdata.url   = tutil_suburl(URL, i); /* must be curl_free()d */
+    tdata.url = tutil_suburl(URL, i); /* must be curl_free()d */
     tdata.share = share;
 
     /* simulate thread, direct call of "thread" function */
-    curl_mprintf("*** run %d\n",i);
+    curl_mprintf("*** run %d\n", i);
     t506_test_fire(&tdata);
 
     curl_free(tdata.url);
   }
 
-
   /* fetch another one and save cookies */
   curl_mprintf("*** run %d\n", i);
   curl = curl_easy_init();
@@ -280,11 +278,11 @@ static CURLcode test_lib506(const char *URL)
   url = tutil_suburl(URL, i);
   headers = sethost(NULL);
   test_setopt(curl, CURLOPT_HTTPHEADER, headers);
-  test_setopt(curl, CURLOPT_URL,        url);
+  test_setopt(curl, CURLOPT_URL, url);
   curl_mprintf("CURLOPT_SHARE\n");
-  test_setopt(curl, CURLOPT_SHARE,      share);
+  test_setopt(curl, CURLOPT_SHARE, share);
   curl_mprintf("CURLOPT_COOKIEJAR\n");
-  test_setopt(curl, CURLOPT_COOKIEJAR,  jar);
+  test_setopt(curl, CURLOPT_COOKIEJAR, jar);
   curl_mprintf("CURLOPT_COOKIELIST FLUSH\n");
   test_setopt(curl, CURLOPT_COOKIELIST, "FLUSH");
 
@@ -307,9 +305,9 @@ static CURLcode test_lib506(const char *URL)
   url = tutil_suburl(URL, i);
   headers = sethost(NULL);
   test_setopt(curl, CURLOPT_HTTPHEADER, headers);
-  test_setopt(curl, CURLOPT_URL,        url);
+  test_setopt(curl, CURLOPT_URL, url);
   curl_mprintf("CURLOPT_SHARE\n");
-  test_setopt(curl, CURLOPT_SHARE,      share);
+  test_setopt(curl, CURLOPT_SHARE, share);
   curl_mprintf("CURLOPT_COOKIELIST ALL\n");
   test_setopt(curl, CURLOPT_COOKIELIST, "ALL");
   curl_mprintf("CURLOPT_COOKIEJAR\n");
diff --git a/tests/libtest/lib508.c b/tests/libtest/lib508.c
index 6975051500..144f967f4a 100644
--- a/tests/libtest/lib508.c
+++ b/tests/libtest/lib508.c
@@ -32,7 +32,7 @@ static size_t t508_read_cb(char *ptr, size_t size, size_t nmemb, void *userp)
 {
   struct t508_WriteThis *pooh = (struct t508_WriteThis *)userp;
 
-  if(size*nmemb < 1)
+  if(size * nmemb < 1)
     return 0;
 
   if(pooh->sizeleft) {
diff --git a/tests/libtest/lib509.c b/tests/libtest/lib509.c
index b5a0c583e0..c065eb87c8 100644
--- a/tests/libtest/lib509.c
+++ b/tests/libtest/lib509.c
@@ -74,7 +74,6 @@ static void custom_free(void *ptr)
   free(ptr);
 }
 
-
 static CURLcode test_lib509(const char *URL)
 {
   static const unsigned char a[] = {0x2f, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
diff --git a/tests/libtest/lib510.c b/tests/libtest/lib510.c
index d2df0eaf20..8d4b6ce155 100644
--- a/tests/libtest/lib510.c
+++ b/tests/libtest/lib510.c
@@ -40,14 +40,14 @@ static size_t t510_read_cb(char *ptr, size_t size, size_t nmemb, void *userp)
   struct t510_WriteThis *pooh = (struct t510_WriteThis *)userp;
   const char *data;
 
-  if(size*nmemb < 1)
+  if(size * nmemb < 1)
     return 0;
 
   data = testpost[pooh->counter];
 
   if(data) {
     size_t len = strlen(data);
-    if(size*nmemb < len) {
+    if(size * nmemb < len) {
       curl_mfprintf(stderr, "read buffer is too small to run test\n");
       return 0;
     }
diff --git a/tests/libtest/lib526.c b/tests/libtest/lib526.c
index a4d5ab6b1a..04e8759c1a 100644
--- a/tests/libtest/lib526.c
+++ b/tests/libtest/lib526.c
@@ -155,7 +155,6 @@ test_cleanup:
 
     curl_multi_cleanup(multi);
     curl_global_cleanup();
-
   }
   else if(testnum == 532) {
     /* undocumented cleanup sequence - type UB */
diff --git a/tests/libtest/lib530.c b/tests/libtest/lib530.c
index 429a4869f5..f32d64b303 100644
--- a/tests/libtest/lib530.c
+++ b/tests/libtest/lib530.c
@@ -229,7 +229,7 @@ static ssize_t t530_getMicroSecondTimeout(struct curltime *timeout)
 /**
  * Update a fd_set with all of the sockets in use.
  */
-static void t530_updateFdSet(struct t530_Sockets *sockets, fd_set* fdset,
+static void t530_updateFdSet(struct t530_Sockets *sockets, fd_set *fdset,
                              curl_socket_t *maxFd)
 {
   int i;
diff --git a/tests/libtest/lib536.c b/tests/libtest/lib536.c
index 4810aba83f..82d839d772 100644
--- a/tests/libtest/lib536.c
+++ b/tests/libtest/lib536.c
@@ -27,8 +27,7 @@ static void proxystat(CURL *curl)
 {
   long wasproxy;
   if(!curl_easy_getinfo(curl, CURLINFO_USED_PROXY, &wasproxy)) {
-    curl_mprintf("This %sthe proxy\n", wasproxy ? "used ":
-                 "DID NOT use ");
+    curl_mprintf("This %sthe proxy\n", wasproxy ? "used " : "DID NOT use ");
   }
 }
 
diff --git a/tests/libtest/lib537.c b/tests/libtest/lib537.c
index 8027a09c02..31c5e30612 100644
--- a/tests/libtest/lib537.c
+++ b/tests/libtest/lib537.c
@@ -118,7 +118,7 @@ static int t537_test_rlimit(int keep_open)
   /* If the OS allows a HUGE number of open files, we do not run.
    * Modern debian sid reports a limit of 134217724 and this tests
    * takes minutes. */
-#define LIMIT_CAP     (256*1024)
+#define LIMIT_CAP     (256 * 1024)
   if(rl.rlim_cur > LIMIT_CAP) {
     curl_mfprintf(stderr, "soft limit above %ld, not running\n",
                   (long)LIMIT_CAP);
diff --git a/tests/libtest/lib540.c b/tests/libtest/lib540.c
index 5e8890d984..21886cfc74 100644
--- a/tests/libtest/lib540.c
+++ b/tests/libtest/lib540.c
@@ -138,8 +138,8 @@ static CURLcode loop(int num, CURLM *multi, const char *url,
 #else
         itimeout = (int)L;
 #endif
-        T.tv_sec = itimeout/1000;
-        T.tv_usec = (itimeout%1000)*1000;
+        T.tv_sec = itimeout / 1000;
+        T.tv_usec = (itimeout % 1000) * 1000;
       }
       else {
         T.tv_sec = 5;
diff --git a/tests/libtest/lib547.c b/tests/libtest/lib547.c
index 8f51fef088..797e6f1fc6 100644
--- a/tests/libtest/lib547.c
+++ b/tests/libtest/lib547.c
@@ -29,7 +29,7 @@
 #include "first.h"
 
 static const char t547_uploadthis[] = "this is the blurb we want to upload\n";
-#define T547_DATALEN (sizeof(t547_uploadthis)-1)
+#define T547_DATALEN (sizeof(t547_uploadthis) - 1)
 
 static size_t t547_read_cb(char *ptr, size_t size, size_t nmemb, void *clientp)
 {
diff --git a/tests/libtest/lib552.c b/tests/libtest/lib552.c
index 403ad6fec1..79cd877b1b 100644
--- a/tests/libtest/lib552.c
+++ b/tests/libtest/lib552.c
@@ -35,10 +35,10 @@ static char databuf[70000]; /* MUST be more than 64k OR
 
 static size_t t552_read_cb(char *ptr, size_t size, size_t nmemb, void *stream)
 {
-  size_t  amount = nmemb * size; /* Total bytes curl wants */
-  size_t  available = sizeof(databuf) - current_offset; /* What we have to
-                                                           give */
-  size_t  given = amount < available ? amount : available; /* What is given */
+  size_t amount = nmemb * size; /* Total bytes curl wants */
+  size_t available = sizeof(databuf) - current_offset; /* What we have to
+                                                          give */
+  size_t given = amount < available ? amount : available; /* What is given */
   (void)stream;
   memcpy(ptr, databuf + current_offset, given);
   current_offset += given;
diff --git a/tests/libtest/lib554.c b/tests/libtest/lib554.c
index dd8c690ddb..0c8349159e 100644
--- a/tests/libtest/lib554.c
+++ b/tests/libtest/lib554.c
@@ -32,7 +32,7 @@ static size_t t554_read_cb(char *ptr, size_t size, size_t nmemb, void *userp)
 {
   struct t554_WriteThis *pooh = (struct t554_WriteThis *)userp;
 
-  if(size*nmemb < 1)
+  if(size * nmemb < 1)
     return 0;
 
   if(pooh->sizeleft) {
diff --git a/tests/libtest/lib555.c b/tests/libtest/lib555.c
index 005fefe72f..c9522f5eae 100644
--- a/tests/libtest/lib555.c
+++ b/tests/libtest/lib555.c
@@ -33,7 +33,7 @@
 #include "first.h"
 
 static const char t555_uploadthis[] = "this is the blurb we want to upload\n";
-#define T555_DATALEN (sizeof(t555_uploadthis)-1)
+#define T555_DATALEN (sizeof(t555_uploadthis) - 1)
 
 static size_t t555_read_cb(char *ptr, size_t size, size_t nmemb, void *clientp)
 {
diff --git a/tests/libtest/lib557.c b/tests/libtest/lib557.c
index fa1ee2fa2f..9c4f7f9b9f 100644
--- a/tests/libtest/lib557.c
+++ b/tests/libtest/lib557.c
@@ -48,56 +48,48 @@
 
 #define BUFSZ    256
 
-
 struct unsshort_st {
   unsigned short num;   /* unsigned short  */
   const char *expected; /* expected string */
   char result[BUFSZ];   /* result string   */
 };
 
-
 struct sigshort_st {
   short num;            /* signed short    */
   const char *expected; /* expected string */
   char result[BUFSZ];   /* result string   */
 };
 
-
 struct unsint_st {
   unsigned int num;     /* unsigned int    */
   const char *expected; /* expected string */
   char result[BUFSZ];   /* result string   */
 };
 
-
 struct sigint_st {
   int num;              /* signed int      */
   const char *expected; /* expected string */
   char result[BUFSZ];   /* result string   */
 };
 
-
 struct unslong_st {
   unsigned long num;    /* unsigned long   */
   const char *expected; /* expected string */
   char result[BUFSZ];   /* result string   */
 };
 
-
 struct siglong_st {
   long num;             /* signed long     */
   const char *expected; /* expected string */
   char result[BUFSZ];   /* result string   */
 };
 
-
 struct curloff_st {
   curl_off_t num;       /* curl_off_t      */
   const char *expected; /* expected string */
   char result[BUFSZ];   /* result string   */
 };
 
-
 static struct unsshort_st us_test[1 + 100];
 static struct sigshort_st ss_test[1 + 100];
 static struct unsint_st   ui_test[1 + 100];
@@ -106,7 +98,6 @@ static struct unslong_st  ul_test[1 + 100];
 static struct siglong_st  sl_test[1 + 100];
 static struct curloff_st  co_test[1 + 100];
 
-
 static int test_unsigned_short_formatting(void)
 {
   int i, j;
@@ -136,7 +127,7 @@ static int test_unsigned_short_formatting(void)
 
     for(j = 0; j < BUFSZ; j++)
       us_test[i].result[j] = 'X';
-    us_test[i].result[BUFSZ-1] = '\0';
+    us_test[i].result[BUFSZ - 1] = '\0';
 
     (void)curl_msprintf(us_test[i].result, "%hu", us_test[i].num);
 
@@ -148,7 +139,6 @@ static int test_unsigned_short_formatting(void)
                    i, us_test[i].expected, us_test[i].result);
       failed++;
     }
-
   }
 
   if(!failed)
@@ -159,7 +149,6 @@ static int test_unsigned_short_formatting(void)
   return failed;
 }
 
-
 static int test_signed_short_formatting(void)
 {
   int i, j;
@@ -211,7 +200,7 @@ static int test_signed_short_formatting(void)
 
     for(j = 0; j < BUFSZ; j++)
       ss_test[i].result[j] = 'X';
-    ss_test[i].result[BUFSZ-1] = '\0';
+    ss_test[i].result[BUFSZ - 1] = '\0';
 
     (void)curl_msprintf(ss_test[i].result, "%hd", ss_test[i].num);
 
@@ -222,7 +211,6 @@ static int test_signed_short_formatting(void)
                    i, ss_test[i].expected, ss_test[i].result);
       failed++;
     }
-
   }
 
   if(!failed)
@@ -233,7 +221,6 @@ static int test_signed_short_formatting(void)
   return failed;
 }
 
-
 static int test_unsigned_int_formatting(void)
 {
   int i, j;
@@ -361,7 +348,7 @@ static int test_unsigned_int_formatting(void)
 
     for(j = 0; j < BUFSZ; j++)
       ui_test[i].result[j] = 'X';
-    ui_test[i].result[BUFSZ-1] = '\0';
+    ui_test[i].result[BUFSZ - 1] = '\0';
 
     (void)curl_msprintf(ui_test[i].result, "%u", ui_test[i].num);
 
@@ -372,7 +359,6 @@ static int test_unsigned_int_formatting(void)
                    i, ui_test[i].expected, ui_test[i].result);
       failed++;
     }
-
   }
 
   if(!failed)
@@ -383,7 +369,6 @@ static int test_unsigned_int_formatting(void)
   return failed;
 }
 
-
 static int test_signed_int_formatting(void)
 {
   int i, j;
@@ -589,7 +574,7 @@ static int test_signed_int_formatting(void)
 
     for(j = 0; j < BUFSZ; j++)
       si_test[i].result[j] = 'X';
-    si_test[i].result[BUFSZ-1] = '\0';
+    si_test[i].result[BUFSZ - 1] = '\0';
 
     (void)curl_msprintf(si_test[i].result, "%d", si_test[i].num);
 
@@ -600,7 +585,6 @@ static int test_signed_int_formatting(void)
                    i, si_test[i].expected, si_test[i].result);
       failed++;
     }
-
   }
 
   if(!failed)
@@ -611,7 +595,6 @@ static int test_signed_int_formatting(void)
   return failed;
 }
 
-
 static int test_unsigned_long_formatting(void)
 {
   int i, j;
@@ -738,7 +721,7 @@ static int test_unsigned_long_formatting(void)
 
     for(j = 0; j < BUFSZ; j++)
       ul_test[i].result[j] = 'X';
-    ul_test[i].result[BUFSZ-1] = '\0';
+    ul_test[i].result[BUFSZ - 1] = '\0';
 
     (void)curl_msprintf(ul_test[i].result, "%lu", ul_test[i].num);
 
@@ -749,7 +732,6 @@ static int test_unsigned_long_formatting(void)
                    i, ul_test[i].expected, ul_test[i].result);
       failed++;
     }
-
   }
 
   if(!failed)
@@ -760,7 +742,6 @@ static int test_unsigned_long_formatting(void)
   return failed;
 }
 
-
 static int test_signed_long_formatting(void)
 {
   int i, j;
@@ -966,7 +947,7 @@ static int test_signed_long_formatting(void)
 
     for(j = 0; j < BUFSZ; j++)
       sl_test[i].result[j] = 'X';
-    sl_test[i].result[BUFSZ-1] = '\0';
+    sl_test[i].result[BUFSZ - 1] = '\0';
 
     (void)curl_msprintf(sl_test[i].result, "%ld", sl_test[i].num);
 
@@ -977,7 +958,6 @@ static int test_signed_long_formatting(void)
                    i, sl_test[i].expected, sl_test[i].result);
       failed++;
     }
-
   }
 
   if(!failed)
@@ -988,7 +968,6 @@ static int test_signed_long_formatting(void)
   return failed;
 }
 
-
 static int test_curl_off_t_formatting(void)
 {
   int i, j;
@@ -1080,7 +1059,7 @@ static int test_curl_off_t_formatting(void)
 
     for(j = 0; j < BUFSZ; j++)
       co_test[i].result[j] = 'X';
-    co_test[i].result[BUFSZ-1] = '\0';
+    co_test[i].result[BUFSZ - 1] = '\0';
 
     (void)curl_msprintf(co_test[i].result, "%" CURL_FORMAT_CURL_OFF_T,
                         co_test[i].num);
@@ -1092,7 +1071,6 @@ static int test_curl_off_t_formatting(void)
                    i, co_test[i].expected, co_test[i].result);
       failed++;
     }
-
   }
 
   if(!failed)
@@ -1113,7 +1091,7 @@ static int string_check_low(int linenumber, char *buf, const char *buf2)
   }
   return 0;
 }
-#define string_check(x,y) string_check_low(__LINE__, x, y)
+#define string_check(x, y) string_check_low(__LINE__, x, y)
 
 static int strlen_check_low(int linenumber, char *buf, size_t len)
 {
@@ -1126,7 +1104,7 @@ static int strlen_check_low(int linenumber, char *buf, size_t len)
   }
   return 0;
 }
-#define strlen_check(x,y) strlen_check_low(__LINE__, x, y)
+#define strlen_check(x, y) strlen_check_low(__LINE__, x, y)
 
 /*
  * The output strings in this test need to have been verified with a system
@@ -1222,7 +1200,6 @@ static int test_width_precision(void)
   return errors;
 }
 
-
 static int test_weird_arguments(void)
 {
   int errors = 0;
@@ -1275,7 +1252,7 @@ static int test_weird_arguments(void)
                       0, 1, 2, 3, 4, 5, 6, 7, 8, 9, /* 10 9 */
                       0, 1, 2, 3, 4, 5, 6, 7, 8, 9, /* 10 10 */
                       0, 1, 2, 3, 4, 5, 6, 7, 8, 9, /* 10 11 */
-                      0, 1, 2, 3, 4, 5, 6, 7); /* 8 */
+                      0, 1, 2, 3, 4, 5, 6, 7);      /* 8 */
 
   if(rc != 128) {
     curl_mprintf("curl_mprintf() returned %d and not 128!\n", rc);
diff --git a/tests/libtest/lib568.c b/tests/libtest/lib568.c
index 260061f519..46e94afb53 100644
--- a/tests/libtest/lib568.c
+++ b/tests/libtest/lib568.c
@@ -84,7 +84,7 @@ static CURLcode test_lib568(const char *URL)
 
   test_setopt(curl, CURLOPT_READDATA, sdpf);
   test_setopt(curl, CURLOPT_UPLOAD, 1L);
-  test_setopt(curl, CURLOPT_INFILESIZE_LARGE, (curl_off_t) file_info.st_size);
+  test_setopt(curl, CURLOPT_INFILESIZE_LARGE, (curl_off_t)file_info.st_size);
   test_setopt(curl, CURLOPT_VERBOSE, 1L);
 
   /* Do the ANNOUNCE */
diff --git a/tests/libtest/lib570.c b/tests/libtest/lib570.c
index f5ada6770b..1a1656d798 100644
--- a/tests/libtest/lib570.c
+++ b/tests/libtest/lib570.c
@@ -70,7 +70,7 @@ static CURLcode test_lib570(const char *URL)
 
   test_setopt(curl, CURLOPT_RTSP_CLIENT_CSEQ, 999L);
   test_setopt(curl, CURLOPT_RTSP_TRANSPORT,
-                    "RAW/RAW/UDP;unicast;client_port=3056-3057");
+              "RAW/RAW/UDP;unicast;client_port=3056-3057");
   test_setopt(curl, CURLOPT_RTSP_REQUEST, CURL_RTSPREQ_SETUP);
 
   stream_uri = tutil_suburl(URL, request++);
diff --git a/tests/libtest/lib572.c b/tests/libtest/lib572.c
index 4e20cb3da5..5e54f3549b 100644
--- a/tests/libtest/lib572.c
+++ b/tests/libtest/lib572.c
@@ -102,7 +102,7 @@ static CURLcode test_lib572(const char *URL)
 
   test_setopt(curl, CURLOPT_READDATA, paramsf);
   test_setopt(curl, CURLOPT_UPLOAD, 1L);
-  test_setopt(curl, CURLOPT_INFILESIZE_LARGE, (curl_off_t) file_info.st_size);
+  test_setopt(curl, CURLOPT_INFILESIZE_LARGE, (curl_off_t)file_info.st_size);
 
   res = curl_easy_perform(curl);
   if(res)
diff --git a/tests/libtest/lib573.c b/tests/libtest/lib573.c
index ed00bbb042..b19782ce0d 100644
--- a/tests/libtest/lib573.c
+++ b/tests/libtest/lib573.c
@@ -41,7 +41,7 @@ static CURLcode test_lib573(const char *URL)
   dbl_epsilon = 1.0;
   do {
     dbl_epsilon /= 2.0;
-  } while((double)(1.0 + (dbl_epsilon/2.0)) > (double)1.0);
+  } while((double)(1.0 + (dbl_epsilon / 2.0)) > (double)1.0);
 
   start_test_timing();
 
diff --git a/tests/libtest/lib574.c b/tests/libtest/lib574.c
index f74371e973..52527c7f41 100644
--- a/tests/libtest/lib574.c
+++ b/tests/libtest/lib574.c
@@ -23,8 +23,7 @@
  ***************************************************************************/
 #include "first.h"
 
-static int new_fnmatch(void *ptr,
-                       const char *pattern, const char *string)
+static int new_fnmatch(void *ptr, const char *pattern, const char *string)
 {
   (void)ptr;
   curl_mfprintf(stderr, "lib574: match string '%s' against pattern '%s'\n",
diff --git a/tests/libtest/lib579.c b/tests/libtest/lib579.c
index aaa81baede..05d4a8432e 100644
--- a/tests/libtest/lib579.c
+++ b/tests/libtest/lib579.c
@@ -84,7 +84,7 @@ static size_t t579_read_cb(char *ptr, size_t size, size_t nmemb, void *userp)
   struct t579_WriteThis *pooh = (struct t579_WriteThis *)userp;
   const char *data;
 
-  if(size*nmemb < 1)
+  if(size * nmemb < 1)
     return 0;
 
   data = testpost[pooh->counter];
diff --git a/tests/libtest/lib582.c b/tests/libtest/lib582.c
index e99d5febdf..dabebed6ce 100644
--- a/tests/libtest/lib582.c
+++ b/tests/libtest/lib582.c
@@ -175,7 +175,7 @@ static ssize_t t582_getMicroSecondTimeout(struct curltime *timeout)
 /**
  * Update a fd_set with all of the sockets in use.
  */
-static void t582_updateFdSet(struct t582_Sockets *sockets, fd_set* fdset,
+static void t582_updateFdSet(struct t582_Sockets *sockets, fd_set *fdset,
                              curl_socket_t *maxFd)
 {
   int i;
diff --git a/tests/libtest/lib586.c b/tests/libtest/lib586.c
index d0671b18fe..310ad77f39 100644
--- a/tests/libtest/lib586.c
+++ b/tests/libtest/lib586.c
@@ -47,21 +47,21 @@ static void t586_test_lock(CURL *curl, curl_lock_data data,
   (void)laccess;
 
   switch(data) {
-    case CURL_LOCK_DATA_SHARE:
-      what = "share";
-      break;
-    case CURL_LOCK_DATA_DNS:
-      what = "dns";
-      break;
-    case CURL_LOCK_DATA_COOKIE:
-      what = "cookie";
-      break;
-    case CURL_LOCK_DATA_SSL_SESSION:
-      what = "ssl_session";
-      break;
-    default:
-      curl_mfprintf(stderr, "lock: no such data: %d\n", data);
-      return;
+  case CURL_LOCK_DATA_SHARE:
+    what = "share";
+    break;
+  case CURL_LOCK_DATA_DNS:
+    what = "dns";
+    break;
+  case CURL_LOCK_DATA_COOKIE:
+    what = "cookie";
+    break;
+  case CURL_LOCK_DATA_SSL_SESSION:
+    what = "ssl_session";
+    break;
+  default:
+    curl_mfprintf(stderr, "lock: no such data: %d\n", data);
+    return;
   }
   curl_mprintf("lock:   %-6s [%s]: %d\n", what, user->text, user->counter);
   user->counter++;
@@ -74,21 +74,21 @@ static void t586_test_unlock(CURL *curl, curl_lock_data data, void *useptr)
   struct t586_userdata *user = (struct t586_userdata *)useptr;
   (void)curl;
   switch(data) {
-    case CURL_LOCK_DATA_SHARE:
-      what = "share";
-      break;
-    case CURL_LOCK_DATA_DNS:
-      what = "dns";
-      break;
-    case CURL_LOCK_DATA_COOKIE:
-      what = "cookie";
-      break;
-    case CURL_LOCK_DATA_SSL_SESSION:
-      what = "ssl_session";
-      break;
-    default:
-      curl_mfprintf(stderr, "unlock: no such data: %d\n", data);
-      return;
+  case CURL_LOCK_DATA_SHARE:
+    what = "share";
+    break;
+  case CURL_LOCK_DATA_DNS:
+    what = "dns";
+    break;
+  case CURL_LOCK_DATA_COOKIE:
+    what = "cookie";
+    break;
+  case CURL_LOCK_DATA_SSL_SESSION:
+    what = "ssl_session";
+    break;
+  default:
+    curl_mfprintf(stderr, "unlock: no such data: %d\n", data);
+    return;
   }
   curl_mprintf("unlock: %-6s [%s]: %d\n", what, user->text, user->counter);
   user->counter++;
@@ -98,7 +98,7 @@ static void t586_test_unlock(CURL *curl, curl_lock_data data, void *useptr)
 static void *t586_test_fire(void *ptr)
 {
   CURLcode code;
-  struct t586_Tdata *tdata = (struct t586_Tdata*)ptr;
+  struct t586_Tdata *tdata = (struct t586_Tdata *)ptr;
   CURL *curl;
 
   curl = curl_easy_init();
@@ -108,8 +108,8 @@ static void *t586_test_fire(void *ptr)
   }
 
   curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
-  curl_easy_setopt(curl, CURLOPT_VERBOSE,    1L);
-  curl_easy_setopt(curl, CURLOPT_URL,        tdata->url);
+  curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
+  curl_easy_setopt(curl, CURLOPT_URL, tdata->url);
   curl_mprintf("CURLOPT_SHARE\n");
   curl_easy_setopt(curl, CURLOPT_SHARE, tdata->share);
 
@@ -181,20 +181,18 @@ static CURLcode test_lib586(const char *URL)
     return TEST_ERR_MAJOR_BAD;
   }
 
-
   /* start treads */
   for(i = 1; i <= THREADS; i++) {
 
     /* set thread data */
-    tdata.url   = URL;
+    tdata.url = URL;
     tdata.share = share;
 
     /* simulate thread, direct call of "thread" function */
-    curl_mprintf("*** run %d\n",i);
+    curl_mprintf("*** run %d\n", i);
     t586_test_fire(&tdata);
   }
 
-
   /* fetch another one */
   curl_mprintf("*** run %d\n", i);
   curl = curl_easy_init();
@@ -233,8 +231,7 @@ test_cleanup:
   curl_mprintf("SHARE_CLEANUP\n");
   scode = curl_share_cleanup(share);
   if(scode != CURLSHE_OK)
-    curl_mfprintf(stderr, "curl_share_cleanup failed, code errno %d\n",
-                  scode);
+    curl_mfprintf(stderr, "curl_share_cleanup failed, code errno %d\n", scode);
 
   curl_mprintf("GLOBAL_CLEANUP\n");
   curl_global_cleanup();
diff --git a/tests/libtest/lib591.c b/tests/libtest/lib591.c
index 521cbb7503..b58a408a02 100644
--- a/tests/libtest/lib591.c
+++ b/tests/libtest/lib591.c
@@ -114,8 +114,8 @@ static CURLcode test_lib591(const char *URL)
 #else
       itimeout = (int)timeout;
 #endif
-      interval.tv_sec = itimeout/1000;
-      interval.tv_usec = (itimeout%1000)*1000;
+      interval.tv_sec = itimeout / 1000;
+      interval.tv_usec = (itimeout % 1000) * 1000;
     }
     else {
       interval.tv_sec = 0;
diff --git a/tests/libtest/lib597.c b/tests/libtest/lib597.c
index 38e60c0844..e02acadab3 100644
--- a/tests/libtest/lib597.c
+++ b/tests/libtest/lib597.c
@@ -94,11 +94,11 @@ static CURLcode test_lib597(const char *URL)
 #else
       itimeout = (int)timeout;
 #endif
-      interval.tv_sec = itimeout/1000;
-      interval.tv_usec = (itimeout%1000)*1000;
+      interval.tv_sec = itimeout / 1000;
+      interval.tv_usec = (itimeout % 1000) * 1000;
     }
     else {
-      interval.tv_sec = TEST_HANG_TIMEOUT/1000 - 1;
+      interval.tv_sec = TEST_HANG_TIMEOUT / 1000 - 1;
       interval.tv_usec = 0;
     }
 
diff --git a/tests/libtest/lib643.c b/tests/libtest/lib643.c
index 52ea1eb664..d096082143 100644
--- a/tests/libtest/lib643.c
+++ b/tests/libtest/lib643.c
@@ -33,7 +33,7 @@ static size_t t643_read_cb(char *ptr, size_t size, size_t nmemb, void *userp)
   struct t643_WriteThis *pooh = (struct t643_WriteThis *)userp;
   int eof;
 
-  if(size*nmemb < 1)
+  if(size * nmemb < 1)
     return 0;
 
   if(testnum == 643) {
@@ -100,8 +100,7 @@ static CURLcode t643_test_once(const char *URL, bool oldstyle)
   if(oldstyle) {
     res = curl_mime_name(part, "sendfile");
     if(!res)
-      res = curl_mime_data_cb(part, datasize, t643_read_cb,
-                              NULL, NULL, &pooh);
+      res = curl_mime_data_cb(part, datasize, t643_read_cb, NULL, NULL, &pooh);
     if(!res)
       res = curl_mime_filename(part, "postit2.c");
   }
@@ -109,8 +108,7 @@ static CURLcode t643_test_once(const char *URL, bool oldstyle)
     /* new style */
     res = curl_mime_name(part, "sendfile alternative");
     if(!res)
-      res = curl_mime_data_cb(part, datasize, t643_read_cb,
-                              NULL, NULL, &pooh);
+      res = curl_mime_data_cb(part, datasize, t643_read_cb, NULL, NULL, &pooh);
     if(!res)
       res = curl_mime_filename(part, "filename 2 ");
   }
@@ -137,8 +135,7 @@ static CURLcode t643_test_once(const char *URL, bool oldstyle)
   /* Fill in the file upload part */
   res = curl_mime_name(part, "callbackdata");
   if(!res)
-    res = curl_mime_data_cb(part, datasize, t643_read_cb,
-                            NULL, NULL, &pooh2);
+    res = curl_mime_data_cb(part, datasize, t643_read_cb, NULL, NULL, &pooh2);
 
   if(res)
     curl_mprintf("curl_mime_xxx(2) = %s\n", curl_easy_strerror(res));
@@ -155,8 +152,7 @@ static CURLcode t643_test_once(const char *URL, bool oldstyle)
   /* Fill in the filename field */
   res = curl_mime_name(part, "filename");
   if(!res)
-    res = curl_mime_data(part, "postit2.c",
-                         CURL_ZERO_TERMINATED);
+    res = curl_mime_data(part, "postit2.c", CURL_ZERO_TERMINATED);
 
   if(res)
     curl_mprintf("curl_mime_xxx(3) = %s\n", curl_easy_strerror(res));
@@ -172,8 +168,7 @@ static CURLcode t643_test_once(const char *URL, bool oldstyle)
   }
   res = curl_mime_name(part, "submit");
   if(!res)
-    res = curl_mime_data(part, "send",
-                         CURL_ZERO_TERMINATED);
+    res = curl_mime_data(part, "send", CURL_ZERO_TERMINATED);
 
   if(res)
     curl_mprintf("curl_mime_xxx(4) = %s\n", curl_easy_strerror(res));
diff --git a/tests/libtest/lib650.c b/tests/libtest/lib650.c
index 4aa6ea9d8b..d749e67d27 100644
--- a/tests/libtest/lib650.c
+++ b/tests/libtest/lib650.c
@@ -30,7 +30,7 @@
 /* curl_formget callback to count characters. */
 static size_t count_chars(void *userp, const char *buf, size_t len)
 {
-  size_t *pcounter = (size_t *) userp;
+  size_t *pcounter = (size_t *)userp;
 
   (void)buf;
   *pcounter += len;
@@ -51,8 +51,7 @@ static CURLcode test_lib650(const char *URL)
   long contentlength = 0;
 
   static const char testname[] = "fieldname";
-  static char testdata[] =
-    "this is what we post to the silly web server";
+  static char testdata[] = "this is what we post to the silly web server";
 
   if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) {
     curl_mfprintf(stderr, "curl_global_init() failed\n");
@@ -141,7 +140,7 @@ static CURLcode test_lib650(const char *URL)
    * This is done before including stdin data because we want to reuse it
    * and stdin cannot be rewound.
    */
-  curl_formget(formpost, (void *) &formlength, count_chars);
+  curl_formget(formpost, (void *)&formlength, count_chars);
 
   /* Include length in data for external check. */
   curl_msnprintf(flbuf, sizeof(flbuf), "%zu", formlength);
diff --git a/tests/libtest/lib651.c b/tests/libtest/lib651.c
index 7d1d28563f..1e38d18895 100644
--- a/tests/libtest/lib651.c
+++ b/tests/libtest/lib651.c
@@ -35,12 +35,12 @@ static CURLcode test_lib651(const char *URL)
 
   /* create a buffer with AAAA...BBBBB...CCCC...etc */
   int i;
-  int size = (int)sizeof(testbuf)/1000;
+  int size = (int)sizeof(testbuf) / 1000;
 
-  for(i = 0; i < size ; i++)
+  for(i = 0; i < size; i++)
     memset(&testbuf[i * 1000], 65 + i, 1000);
 
-  testbuf[sizeof(testbuf)-1] = 0; /* null-terminate */
+  testbuf[sizeof(testbuf) - 1] = 0; /* null-terminate */
 
   if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) {
     curl_mfprintf(stderr, "curl_global_init() failed\n");
diff --git a/tests/libtest/lib652.c b/tests/libtest/lib652.c
index 4fae340042..eea153742f 100644
--- a/tests/libtest/lib652.c
+++ b/tests/libtest/lib652.c
@@ -37,7 +37,7 @@ static CURLcode test_lib652(const char *URL)
   int i;
   int size = (int)sizeof(testbuf) / 10;
 
-  for(i = 0; i < size ; i++)
+  for(i = 0; i < size; i++)
     memset(&testbuf[i * 10], 65 + (i % 26), 10);
 
   if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) {
diff --git a/tests/libtest/lib654.c b/tests/libtest/lib654.c
index 1d93798d7c..7d519d6453 100644
--- a/tests/libtest/lib654.c
+++ b/tests/libtest/lib654.c
@@ -31,7 +31,7 @@ struct t654_WriteThis {
 
 static void free_callback(void *userp)
 {
-  struct t654_WriteThis *pooh = (struct t654_WriteThis *) userp;
+  struct t654_WriteThis *pooh = (struct t654_WriteThis *)userp;
 
   pooh->freecount++;
 }
@@ -41,7 +41,7 @@ static size_t t654_read_cb(char *ptr, size_t size, size_t nmemb, void *userp)
   struct t654_WriteThis *pooh = (struct t654_WriteThis *)userp;
   int eof;
 
-  if(size*nmemb < 1)
+  if(size * nmemb < 1)
     return 0;
 
   eof = pooh->sizeleft <= 0;
@@ -92,7 +92,7 @@ static CURLcode test_lib654(const char *URL)
 
   /* Prepare the callback structure. */
   pooh.readptr = testdata;
-  pooh.sizeleft = (curl_off_t) strlen(testdata);
+  pooh.sizeleft = (curl_off_t)strlen(testdata);
   pooh.freecount = 0;
 
   /* Build the mime tree. */
diff --git a/tests/libtest/lib666.c b/tests/libtest/lib666.c
index f47bacb9a8..e0a36412b0 100644
--- a/tests/libtest/lib666.c
+++ b/tests/libtest/lib666.c
@@ -40,7 +40,7 @@ static CURLcode test_lib666(const char *URL)
     if(i % 77 == 76)
       testbuf[i] = '\n';
     else
-      testbuf[i] = (char) (0x41 + i % 26); /* A...Z */
+      testbuf[i] = (char)(0x41 + i % 26); /* A...Z */
 
   if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) {
     curl_mfprintf(stderr, "curl_global_init() failed\n");
diff --git a/tests/libtest/lib667.c b/tests/libtest/lib667.c
index 1bd612f377..3d835d500f 100644
--- a/tests/libtest/lib667.c
+++ b/tests/libtest/lib667.c
@@ -33,7 +33,7 @@ static size_t t667_read_cb(char *ptr, size_t size, size_t nmemb, void *userp)
   struct t667_WriteThis *pooh = (struct t667_WriteThis *)userp;
   int eof;
 
-  if(size*nmemb < 1)
+  if(size * nmemb < 1)
     return 0;
 
   eof = pooh->sizeleft <= 0;
@@ -82,7 +82,7 @@ static CURLcode test_lib667(const char *URL)
 
   /* Prepare the callback structure. */
   pooh.readptr = testdata;
-  pooh.sizeleft = (curl_off_t) strlen(testdata);
+  pooh.sizeleft = (curl_off_t)strlen(testdata);
 
   /* Build the mime tree. */
   mime = curl_mime_init(curl);
@@ -90,8 +90,7 @@ static CURLcode test_lib667(const char *URL)
   curl_mime_name(part, "field");
   curl_mime_encoder(part, "base64");
   /* Using an undefined length forces chunked transfer. */
-  curl_mime_data_cb(part, (curl_off_t) -1, t667_read_cb,
-                    NULL, NULL, &pooh);
+  curl_mime_data_cb(part, (curl_off_t)-1, t667_read_cb, NULL, NULL, &pooh);
 
   /* Bind mime data to its easy handle. */
   test_setopt(curl, CURLOPT_MIMEPOST, mime);
diff --git a/tests/libtest/lib668.c b/tests/libtest/lib668.c
index 5011391736..e0f291d809 100644
--- a/tests/libtest/lib668.c
+++ b/tests/libtest/lib668.c
@@ -76,7 +76,7 @@ static CURLcode test_lib668(const char *URL)
 
   /* Prepare the callback structures. */
   pooh1.readptr = testdata;
-  pooh1.sizeleft = (curl_off_t) strlen(testdata);
+  pooh1.sizeleft = (curl_off_t)strlen(testdata);
   pooh2 = pooh1;
 
   /* Build the mime tree. */
@@ -84,14 +84,14 @@ static CURLcode test_lib668(const char *URL)
   part = curl_mime_addpart(mime);
   curl_mime_name(part, "field1");
   /* Early end of data detection can be done because the data size is known. */
-  curl_mime_data_cb(part, (curl_off_t) strlen(testdata),
+  curl_mime_data_cb(part, (curl_off_t)strlen(testdata),
                     t668_read_cb, NULL, NULL, &pooh1);
   part = curl_mime_addpart(mime);
   curl_mime_name(part, "field2");
   /* Using an undefined length forces chunked transfer and disables early
      end of data detection for this part. */
-  curl_mime_data_cb(part, (curl_off_t) -1, t668_read_cb,
-                    NULL, NULL, &pooh2);
+  curl_mime_data_cb(part, (curl_off_t)-1,
+                    t668_read_cb, NULL, NULL, &pooh2);
   part = curl_mime_addpart(mime);
   curl_mime_name(part, "field3");
   /* Regular file part sources early end of data can be detected because
diff --git a/tests/libtest/lib670.c b/tests/libtest/lib670.c
index e97b04319e..886bf39a72 100644
--- a/tests/libtest/lib670.c
+++ b/tests/libtest/lib670.c
@@ -33,7 +33,7 @@ struct t670_ReadThis {
 
 static size_t t670_read_cb(char *ptr, size_t size, size_t nmemb, void *userp)
 {
-  struct t670_ReadThis *pooh = (struct t670_ReadThis *) userp;
+  struct t670_ReadThis *pooh = (struct t670_ReadThis *)userp;
   time_t delta;
 
   if(size * nmemb < 1)
@@ -61,7 +61,7 @@ static int t670_xferinfo(void *clientp,
                          curl_off_t dltotal, curl_off_t dlnow,
                          curl_off_t ultotal, curl_off_t ulnow)
 {
-  struct t670_ReadThis *pooh = (struct t670_ReadThis *) clientp;
+  struct t670_ReadThis *pooh = (struct t670_ReadThis *)clientp;
 
   (void)dltotal;
   (void)dlnow;
@@ -102,7 +102,7 @@ static CURLcode test_lib670(const char *URL)
     return TEST_ERR_MAJOR_BAD;
   }
 
-  pooh.origin = (time_t) 0;
+  pooh.origin = (time_t)0;
   pooh.count = 0;
   pooh.curl = curl_easy_init();
 
@@ -128,7 +128,7 @@ static CURLcode test_lib670(const char *URL)
       goto test_cleanup;
     }
 
-    res = curl_mime_data_cb(part, (curl_off_t) 2, t670_read_cb,
+    res = curl_mime_data_cb(part, (curl_off_t)2, t670_read_cb,
                             NULL, NULL, &pooh);
 
     /* Bind mime data to its easy handle. */
diff --git a/tests/libtest/lib678.c b/tests/libtest/lib678.c
index ed8731d20d..525407fddc 100644
--- a/tests/libtest/lib678.c
+++ b/tests/libtest/lib678.c
@@ -43,8 +43,7 @@ static int loadfile(const char *filename, void **filedata, size_t *filesize)
         continue_reading = fseek(fInCert, 0, SEEK_SET) == 0;
       if(continue_reading)
         data = curlx_malloc(datasize + 1);
-      if((!data) ||
-         ((int)fread(data, datasize, 1, fInCert) != 1))
+      if((!data) || ((int)fread(data, datasize, 1, fInCert) != 1))
         continue_reading = FALSE;
       curlx_fclose(fInCert);
       if(!continue_reading) {
@@ -52,7 +51,7 @@ static int loadfile(const char *filename, void **filedata, size_t *filesize)
         datasize = 0;
         data = NULL;
       }
-   }
+    }
   }
   *filesize = datasize;
   *filedata = data;
diff --git a/tests/libtest/lib758.c b/tests/libtest/lib758.c
index bc6a490d3d..fadb1db6fd 100644
--- a/tests/libtest/lib758.c
+++ b/tests/libtest/lib758.c
@@ -69,7 +69,6 @@ static void t758_msg(const char *msg)
   curl_mfprintf(stderr, "%s %s\n", t758_tag(), msg);
 }
 
-
 struct t758_Sockets {
   curl_socket_t *sockets;
   int count;      /* number of sockets actually stored in array */
@@ -203,7 +202,7 @@ static int t758_curlTimerCallback(CURLM *multi, long timeout_ms, void *userp)
 
 static int t758_cert_verify_callback(X509_STORE_CTX *ctx, void *arg)
 {
-  SSL * ssl;
+  SSL *ssl;
   (void)arg;
   ssl = (SSL *)X509_STORE_CTX_get_ex_data(ctx,
         SSL_get_ex_data_X509_STORE_CTX_idx());
@@ -226,7 +225,7 @@ static int t758_cert_verify_callback(X509_STORE_CTX *ctx, void *arg)
 static CURLcode
 t758_set_ssl_ctx_callback(CURL *curl, void *ssl_ctx, void *clientp)
 {
-  SSL_CTX *ctx = (SSL_CTX *) ssl_ctx;
+  SSL_CTX *ctx = (SSL_CTX *)ssl_ctx;
   (void)curl;
   SSL_CTX_set_cert_verify_callback(ctx, t758_cert_verify_callback, clientp);
   return CURLE_OK;
@@ -277,7 +276,7 @@ static ssize_t t758_getMicroSecondTimeout(struct curltime *timeout)
 /**
  * Update a fd_set with all of the sockets in use.
  */
-static void t758_updateFdSet(struct t758_Sockets *sockets, fd_set* fdset,
+static void t758_updateFdSet(struct t758_Sockets *sockets, fd_set *fdset,
                              curl_socket_t *maxFd)
 {
   int i;
@@ -359,7 +358,6 @@ static CURLcode t758_one(const char *URL, int timer_fail_at,
 
   curl_global_trace("all");
 
-
   easy_init(curl);
   debug_config.nohex = TRUE;
   debug_config.tracetime = TRUE;
diff --git a/tests/server/dnsd.c b/tests/server/dnsd.c
index 9b3a42e159..58bbd2f3f8 100644
--- a/tests/server/dnsd.c
+++ b/tests/server/dnsd.c
@@ -26,8 +26,7 @@
 static int dnsd_wrotepidfile = 0;
 static int dnsd_wroteportfile = 0;
 
-static unsigned short get16bit(const unsigned char **pkt,
-                               size_t *size)
+static unsigned short get16bit(const unsigned char **pkt, size_t *size)
 {
   const unsigned char *p = *pkt;
   (*pkt) += 2;
@@ -140,7 +139,7 @@ static int store_incoming(const unsigned char *data, size_t size,
   fprintf(server, "Z: %x\n", (id & 0x70) >> 4);
   fprintf(server, "RCODE: %x\n", (id & 0x0f));
 #endif
-  (void) get16bit(&data, &size);
+  (void)get16bit(&data, &size);
 
   data += 6; /* skip ANCOUNT, NSCOUNT and ARCOUNT */
   size -= 6;
@@ -153,10 +152,9 @@ static int store_incoming(const unsigned char *data, size_t size,
     qd = get16bit(&data, &size);
     fprintf(server, "QNAME %s QTYPE %s\n", name, type2string(qd));
     *qtype = qd;
-    logmsg("Question for '%s' type %x / %s", name, qd,
-           type2string(qd));
+    logmsg("Question for '%s' type %x / %s", name, qd, type2string(qd));
 
-    (void) get16bit(&data, &size);
+    (void)get16bit(&data, &size);
 
     *qlen = qsize - size; /* total size of the query */
     if(*qlen > qbuflen) {
@@ -311,7 +309,7 @@ static int send_response(curl_socket_t sock,
   fprintf(stderr, "Not working\n");
   return -1;
 #else
-  rc = sendto(sock, (const void *)bytes, (SENDTO3) i, 0, addr, addrlen);
+  rc = sendto(sock, (const void *)bytes, (SENDTO3)i, 0, addr, addrlen);
   if(rc != (ssize_t)i) {
     fprintf(stderr, "failed sending %d bytes\n", (int)i);
   }
@@ -319,7 +317,6 @@ static int send_response(curl_socket_t sock,
   return 0;
 }
 
-
 static void read_instructions(void)
 {
   char file[256];
@@ -412,7 +409,7 @@ static int test_dnsd(int argc, char **argv)
 #else
              ""
 #endif
-             );
+      );
       return 0;
     }
     else if(!strcmp("--pidfile", argv[arg])) {
@@ -475,7 +472,7 @@ static int test_dnsd(int argc, char **argv)
   }
 
   snprintf(loglockfile, sizeof(loglockfile), "%s/%s/dnsd-%s.lock",
-            logdir, SERVERLOGS_LOCKDIR, ipv_inuse);
+           logdir, SERVERLOGS_LOCKDIR, ipv_inuse);
 
 #ifdef _WIN32
   if(win32_init())
diff --git a/tests/server/getpart.c b/tests/server/getpart.c
index efec3de634..becde4a9bb 100644
--- a/tests/server/getpart.c
+++ b/tests/server/getpart.c
@@ -182,8 +182,8 @@ static int appenddata(char  **dst_buf,   /* dest buffer */
   return GPE_OK;
 }
 
-static int decodedata(char  **buf,   /* dest buffer */
-                      size_t *len)   /* dest buffer data length */
+static int decodedata(char  **buf, /* dest buffer */
+                      size_t *len) /* dest buffer data length */
 {
   CURLcode error = CURLE_OK;
   unsigned char *buf64 = NULL;
@@ -254,7 +254,7 @@ int getpart(char **outbuf, size_t *outlen,
   char *end;
   union {
     ssize_t sig;
-     size_t uns;
+    size_t uns;
   } len;
   size_t bufsize = 0;
   size_t outalloc = 256;
@@ -288,8 +288,7 @@ int getpart(char **outbuf, size_t *outlen,
     if('<' != *ptr) {
       if(in_wanted_part) {
         show(("=> %s", buffer));
-        error = appenddata(outbuf, outlen, &outalloc, buffer, datalen,
-                           base64);
+        error = appenddata(outbuf, outlen, &outalloc, buffer, datalen, base64);
         if(error)
           break;
       }
@@ -353,7 +352,6 @@ int getpart(char **outbuf, size_t *outlen,
         if(in_wanted_part)
           break;
       }
-
     }
     else if(!in_wanted_part) {
       /*
@@ -411,9 +409,9 @@ int getpart(char **outbuf, size_t *outlen,
           /* start of wanted part */
           in_wanted_part = 1;
           if(strstr(patt, "base64="))
-              /* bit rough test, but "mostly" functional, */
-              /* treat wanted part data as base64 encoded */
-              base64 = 1;
+            /* bit rough test, but "mostly" functional, */
+            /* treat wanted part data as base64 encoded */
+            base64 = 1;
           if(strstr(patt, "nonewline=")) {
             show(("* setting nonewline\n"));
             nonewline = 1;
@@ -421,7 +419,6 @@ int getpart(char **outbuf, size_t *outlen,
         }
         continue;
       }
-
     }
 
     if(in_wanted_part) {
diff --git a/tests/server/mqttd.c b/tests/server/mqttd.c
index 59c7540dcf..081b038d07 100644
--- a/tests/server/mqttd.c
+++ b/tests/server/mqttd.c
@@ -156,7 +156,7 @@ static void logprotocol(mqttdir dir,
 /* return 0 on success */
 static int connack(FILE *dump, curl_socket_t fd)
 {
-  unsigned char packet[]={
+  unsigned char packet[] = {
     MQTT_MSG_CONNACK, 0x02,
     0x00, 0x00
   };
@@ -283,7 +283,6 @@ static size_t encode_length(size_t packetlen,
   return bytes;
 }
 
-
 static size_t decode_length(unsigned char *buffer,
                             size_t buflen, size_t *lenbytes)
 {
@@ -304,7 +303,6 @@ static size_t decode_length(unsigned char *buffer,
   return len;
 }
 
-
 /* return 0 on success */
 static int publish(FILE *dump,
                    curl_socket_t fd, unsigned short packetid,
@@ -408,7 +406,7 @@ static int fixedheader(curl_socket_t fd,
 
 static curl_socket_t mqttit(curl_socket_t fd)
 {
-  size_t buff_size = 10*1024;
+  size_t buff_size = 10 * 1024;
   unsigned char *buffer = NULL;
   ssize_t rc;
   unsigned char byte;
@@ -482,8 +480,7 @@ static curl_socket_t mqttit(curl_socket_t fd)
     }
 
     if(byte == MQTT_MSG_CONNECT) {
-      logprotocol(FROM_CLIENT, "CONNECT", remaining_length,
-                  dump, buffer, rc);
+      logprotocol(FROM_CLIENT, "CONNECT", remaining_length, dump, buffer, rc);
 
       if(memcmp(protocol, buffer, sizeof(protocol))) {
         logmsg("Protocol preamble mismatch");
@@ -607,8 +604,7 @@ static curl_socket_t mqttit(curl_socket_t fd)
       size_t topiclen;
 
       logmsg("Incoming PUBLISH");
-      logprotocol(FROM_CLIENT, "PUBLISH", remaining_length,
-                  dump, buffer, rc);
+      logprotocol(FROM_CLIENT, "PUBLISH", remaining_length, dump, buffer, rc);
 
       topiclen = (size_t)(buffer[1 + bytes] << 8) | buffer[2 + bytes];
       logmsg("Got %zu bytes topic", topiclen);
@@ -754,7 +750,7 @@ static int test_mqttd(int argc, char *argv[])
 #else
              ""
 #endif
-             );
+      );
       return 0;
     }
     else if(!strcmp("--pidfile", argv[arg])) {
@@ -802,8 +798,7 @@ static int test_mqttd(int argc, char *argv[])
       if(argc > arg) {
         opt = argv[arg];
         if(curlx_str_number(&opt, &num, 0xffff)) {
-          fprintf(stderr, "mqttd: invalid --port argument (%s)\n",
-                  argv[arg]);
+          fprintf(stderr, "mqttd: invalid --port argument (%s)\n", argv[arg]);
           return 0;
         }
         server_port = (unsigned short)num;
diff --git a/tests/server/resolve.c b/tests/server/resolve.c
index c41c2fc68a..ed54eef5f3 100644
--- a/tests/server/resolve.c
+++ b/tests/server/resolve.c
@@ -47,7 +47,7 @@ static int test_resolve(int argc, char *argv[])
 #else
              ""
 #endif
-             );
+      );
       return 0;
     }
     else if(!strcmp("--ipv6", argv[arg])) {
@@ -79,7 +79,7 @@ static int test_resolve(int argc, char *argv[])
 #ifdef CURLRES_IPV6
          "\n --ipv6"
 #endif
-         );
+    );
     return 1;
   }
 
diff --git a/tests/server/rtspd.c b/tests/server/rtspd.c
index 335bbaaa69..8425623940 100644
--- a/tests/server/rtspd.c
+++ b/tests/server/rtspd.c
@@ -50,10 +50,10 @@ typedef enum {
   RPROT_HTTP = 2
 } reqprot_t;
 
-#define SET_RTP_PKT_CHN(p,c)  ((p)[1] = (char)((c) & 0xFF))
+#define SET_RTP_PKT_CHN(p, c)  ((p)[1] = (char)((c) & 0xFF))
 
-#define SET_RTP_PKT_LEN(p,l) (((p)[2] = (char)(((l) >> 8) & 0xFF)), \
-                              ((p)[3] = (char)((l) & 0xFF)))
+#define SET_RTP_PKT_LEN(p, l) (((p)[2] = (char)(((l) >> 8) & 0xFF)), \
+                               ((p)[3] = (char)((l) & 0xFF)))
 
 struct rtspd_httprequest {
   char reqbuf[150000]; /* buffer area for the incoming request */
@@ -105,10 +105,8 @@ struct rtspd_httprequest {
 
 #define END_OF_HEADERS "\r\n\r\n"
 
-
 /* sent as reply to a QUIT */
-static const char *docquit_rtsp =
-"HTTP/1.1 200 Goodbye" END_OF_HEADERS;
+static const char *docquit_rtsp = "HTTP/1.1 200 Goodbye" END_OF_HEADERS;
 
 /* sent as reply to a CONNECT */
 static const char *docconnect =
@@ -180,7 +178,7 @@ static int rtspd_ProcessRequest(struct rtspd_httprequest *req)
       return 1;
     }
 
-    req->prot_version = prot_major*10 + prot_minor;
+    req->prot_version = prot_major * 10 + prot_minor;
 
     /* find the last slash */
     ptr = strrchr(doc, '/');
@@ -285,8 +283,8 @@ static int rtspd_ProcessRequest(struct rtspd_httprequest *req)
               if(num < 0)
                 logmsg("negative pipe size ignored");
               else if(num > 0)
-                req->pipe = num-1; /* decrease by one since we do not count the
-                                      first request in this number */
+                req->pipe = num - 1; /* decrease by one since we do not count
+                                        the first request in this number */
             }
             else if(sscanf(ptr, "skip: %d", &num) == 1) {
               logmsg("instructed to skip this number of bytes %d", num);
@@ -569,7 +567,7 @@ static void rtspd_storerequest(char *reqbuf, size_t totalsize)
 
   writeleft = totalsize;
   do {
-    written = fwrite(&reqbuf[totalsize-writeleft], 1, writeleft, dump);
+    written = fwrite(&reqbuf[totalsize - writeleft], 1, writeleft, dump);
     if(got_exit_signal)
       goto storerequest_cleanup;
     if(written > 0)
@@ -584,7 +582,7 @@ static void rtspd_storerequest(char *reqbuf, size_t totalsize)
     logmsg("Error writing file %s error (%d) %s", dumpfile,
            error, curlx_strerror(error, errbuf, sizeof(errbuf)));
     logmsg("Wrote only (%zu bytes) of (%zu bytes) request input to %s",
-           totalsize-writeleft, totalsize, dumpfile);
+           totalsize - writeleft, totalsize, dumpfile);
   }
 
 storerequest_cleanup:
@@ -636,7 +634,7 @@ static int rtspd_get_request(curl_socket_t sock, struct rtspd_httprequest *req)
 
   /*** end of httprequest init ***/
 
-  while(!done_processing && (req->offset < sizeof(req->reqbuf)-1)) {
+  while(!done_processing && (req->offset < sizeof(req->reqbuf) - 1)) {
     if(pipereq_length && pipereq) {
       memmove(reqbuf, pipereq, pipereq_length);
       got = curlx_uztosz(pipereq_length);
@@ -650,7 +648,7 @@ static int rtspd_get_request(curl_socket_t sock, struct rtspd_httprequest *req)
         got = sread(sock, reqbuf + req->offset, req->cl);
       else
         got = sread(sock, reqbuf + req->offset,
-                    sizeof(req->reqbuf)-1 - req->offset);
+                    sizeof(req->reqbuf) - 1 - req->offset);
     }
     if(got_exit_signal)
       return 1;
@@ -686,16 +684,16 @@ static int rtspd_get_request(curl_socket_t sock, struct rtspd_httprequest *req)
     }
   }
 
-  if((req->offset == sizeof(req->reqbuf)-1) && (got > 0)) {
+  if((req->offset == sizeof(req->reqbuf) - 1) && (got > 0)) {
     logmsg("Request would overflow buffer, closing connection");
     /* dump request received so far to external file anyway */
-    reqbuf[sizeof(req->reqbuf)-1] = '\0';
+    reqbuf[sizeof(req->reqbuf) - 1] = '\0';
     fail = 1;
   }
-  else if(req->offset > sizeof(req->reqbuf)-1) {
+  else if(req->offset > sizeof(req->reqbuf) - 1) {
     logmsg("Request buffer overflow, closing connection");
     /* dump request received so far to external file anyway */
-    reqbuf[sizeof(req->reqbuf)-1] = '\0';
+    reqbuf[sizeof(req->reqbuf) - 1] = '\0';
     fail = 1;
   }
   else
@@ -739,10 +737,10 @@ static int rtspd_send_doc(curl_socket_t sock, struct rtspd_httprequest *req)
   case RCMD_STREAM: {
     static const char streamthis[] = "a string to stream 01234567890\n";
     for(;;) {
-      written = swrite(sock, streamthis, sizeof(streamthis)-1);
+      written = swrite(sock, streamthis, sizeof(streamthis) - 1);
       if(got_exit_signal)
         return -1;
-      if(written != (ssize_t)(sizeof(streamthis)-1)) {
+      if(written != (ssize_t)(sizeof(streamthis) - 1)) {
         logmsg("Stopped streaming");
         break;
       }
@@ -803,7 +801,7 @@ static int rtspd_send_doc(curl_socket_t sock, struct rtspd_httprequest *req)
   }
   else {
     FILE *stream = test2fopen(req->testno, logdir);
-    char partbuf[80]="data";
+    char partbuf[80] = "data";
     if(req->partno)
       snprintf(partbuf, sizeof(partbuf), "data%ld", req->partno);
     if(!stream) {
@@ -942,7 +940,7 @@ static int rtspd_send_doc(curl_socket_t sock, struct rtspd_httprequest *req)
   if(sendfailure) {
     logmsg("Sending response failed. Only (%zu bytes) of "
            "(%zu bytes) were sent",
-           responsesize-count, responsesize);
+           responsesize - count, responsesize);
     free(ptr);
     free(cmd);
     return -1;
@@ -997,7 +995,6 @@ static int rtspd_send_doc(curl_socket_t sock, struct rtspd_httprequest *req)
   return 0;
 }
 
-
 static int test_rtspd(int argc, char *argv[])
 {
   srvr_sockaddr_union_t me;
@@ -1031,7 +1028,7 @@ static int test_rtspd(int argc, char *argv[])
 #else
              ""
 #endif
-             );
+      );
       return 0;
     }
     else if(!strcmp("--pidfile", argv[arg])) {
@@ -1126,8 +1123,7 @@ static int test_rtspd(int argc, char *argv[])
   }
 
   flag = 1;
-  if(setsockopt(sock, SOL_SOCKET, SO_REUSEADDR,
-                (void *)&flag, sizeof(flag))) {
+  if(setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *)&flag, sizeof(flag))) {
     error = SOCKERRNO;
     logmsg("setsockopt(SO_REUSEADDR) failed with error (%d) %s",
            error, curlx_strerror(error, errbuf, sizeof(errbuf)));
diff --git a/tests/server/sockfilt.c b/tests/server/sockfilt.c
index 08ece51ea1..9560a39676 100644
--- a/tests/server/sockfilt.c
+++ b/tests/server/sockfilt.c
@@ -420,7 +420,7 @@ static DWORD WINAPI select_ws_wait_thread(void *lpParameter)
   DWORD type, length, ret;
 
   /* retrieve handles from internal structure */
-  data = (struct select_ws_wait_data *) lpParameter;
+  data = (struct select_ws_wait_data *)lpParameter;
   if(data) {
     handle = data->handle;
     handles[0] = data->abort;
@@ -434,120 +434,120 @@ static DWORD WINAPI select_ws_wait_thread(void *lpParameter)
   /* retrieve the type of file to wait on */
   type = GetFileType(handle);
   switch(type) {
-    case FILE_TYPE_DISK:
-       /* The handle represents a file on disk, this means:
-        * - WaitForMultipleObjectsEx will always be signalled for it.
-        * - comparison of current position in file and total size of
-        *   the file can be used to check if we reached the end yet.
-        *
-        * Approach: Loop till either the internal event is signalled
-        *           or if the end of the file has already been reached.
-        */
-      while(WaitForMultipleObjectsEx(1, handles, FALSE, 0, FALSE)
-            == WAIT_TIMEOUT) {
-        /* get total size of file */
-        length = 0;
-        size.QuadPart = 0;
-        size.LowPart = GetFileSize(handle, &length);
-        if((size.LowPart != INVALID_FILE_SIZE) ||
+  case FILE_TYPE_DISK:
+    /* The handle represents a file on disk, this means:
+     * - WaitForMultipleObjectsEx will always be signalled for it.
+     * - comparison of current position in file and total size of
+     *   the file can be used to check if we reached the end yet.
+     *
+     * Approach: Loop till either the internal event is signalled
+     *           or if the end of the file has already been reached.
+     */
+    while(WaitForMultipleObjectsEx(1, handles, FALSE, 0, FALSE)
+          == WAIT_TIMEOUT) {
+      /* get total size of file */
+      length = 0;
+      size.QuadPart = 0;
+      size.LowPart = GetFileSize(handle, &length);
+      if((size.LowPart != INVALID_FILE_SIZE) ||
+         (GetLastError() == NO_ERROR)) {
+        size.HighPart = (LONG)length;
+        /* get the current position within the file */
+        pos.QuadPart = 0;
+        pos.LowPart = SetFilePointer(handle, 0, &pos.HighPart, FILE_CURRENT);
+        if((pos.LowPart != INVALID_SET_FILE_POINTER) ||
            (GetLastError() == NO_ERROR)) {
-          size.HighPart = (LONG)length;
-          /* get the current position within the file */
-          pos.QuadPart = 0;
-          pos.LowPart = SetFilePointer(handle, 0, &pos.HighPart, FILE_CURRENT);
-          if((pos.LowPart != INVALID_SET_FILE_POINTER) ||
-             (GetLastError() == NO_ERROR)) {
-            /* compare position with size, abort if not equal */
-            if(size.QuadPart == pos.QuadPart) {
-              /* sleep and continue waiting */
-              SleepEx(0, FALSE);
-              continue;
-            }
-          }
-        }
-        /* there is some data available, stop waiting */
-        logmsg("[select_ws_wait_thread] data available, DISK: %p", handle);
-        SetEvent(signal);
-      }
-      break;
-
-    case FILE_TYPE_CHAR:
-       /* The handle represents a character input, this means:
-        * - WaitForMultipleObjectsEx will be signalled on any kind of input,
-        *   including mouse and window size events we do not care about.
-        *
-        * Approach: Loop till either the internal event is signalled
-        *           or we get signalled for an actual key-event.
-        */
-      while(WaitForMultipleObjectsEx(2, handles, FALSE, INFINITE, FALSE)
-            == WAIT_OBJECT_0 + 1) {
-        /* check if this is an actual console handle */
-        if(GetConsoleMode(handle, &ret)) {
-          /* retrieve an event from the console buffer */
-          length = 0;
-          if(PeekConsoleInput(handle, &inputrecord, 1, &length)) {
-            /* check if the event is not an actual key-event */
-            if(length == 1 && inputrecord.EventType != KEY_EVENT) {
-              /* purge the non-key-event and continue waiting */
-              ReadConsoleInput(handle, &inputrecord, 1, &length);
-              continue;
-            }
-          }
-        }
-        /* there is some data available, stop waiting */
-        logmsg("[select_ws_wait_thread] data available, CHAR: %p", handle);
-        SetEvent(signal);
-      }
-      break;
-
-    case FILE_TYPE_PIPE:
-       /* The handle represents an anonymous or named pipe, this means:
-        * - WaitForMultipleObjectsEx will always be signalled for it.
-        * - peek into the pipe and retrieve the amount of data available.
-        *
-        * Approach: Loop till either the internal event is signalled
-        *           or there is data in the pipe available for reading.
-        */
-      while(WaitForMultipleObjectsEx(1, handles, FALSE, 0, FALSE)
-            == WAIT_TIMEOUT) {
-        /* peek into the pipe and retrieve the amount of data available */
-        length = 0;
-        if(PeekNamedPipe(handle, NULL, 0, NULL, &length, NULL)) {
-          /* if there is no data available, sleep and continue waiting */
-          if(length == 0) {
+          /* compare position with size, abort if not equal */
+          if(size.QuadPart == pos.QuadPart) {
+            /* sleep and continue waiting */
             SleepEx(0, FALSE);
             continue;
           }
-          else {
-            logmsg("[select_ws_wait_thread] PeekNamedPipe len: %lu", length);
+        }
+      }
+      /* there is some data available, stop waiting */
+      logmsg("[select_ws_wait_thread] data available, DISK: %p", handle);
+      SetEvent(signal);
+    }
+    break;
+
+  case FILE_TYPE_CHAR:
+    /* The handle represents a character input, this means:
+     * - WaitForMultipleObjectsEx will be signalled on any kind of input,
+     *   including mouse and window size events we do not care about.
+     *
+     * Approach: Loop till either the internal event is signalled
+     *           or we get signalled for an actual key-event.
+     */
+    while(WaitForMultipleObjectsEx(2, handles, FALSE, INFINITE, FALSE)
+          == WAIT_OBJECT_0 + 1) {
+      /* check if this is an actual console handle */
+      if(GetConsoleMode(handle, &ret)) {
+        /* retrieve an event from the console buffer */
+        length = 0;
+        if(PeekConsoleInput(handle, &inputrecord, 1, &length)) {
+          /* check if the event is not an actual key-event */
+          if(length == 1 && inputrecord.EventType != KEY_EVENT) {
+            /* purge the non-key-event and continue waiting */
+            ReadConsoleInput(handle, &inputrecord, 1, &length);
+            continue;
           }
         }
+      }
+      /* there is some data available, stop waiting */
+      logmsg("[select_ws_wait_thread] data available, CHAR: %p", handle);
+      SetEvent(signal);
+    }
+    break;
+
+  case FILE_TYPE_PIPE:
+    /* The handle represents an anonymous or named pipe, this means:
+     * - WaitForMultipleObjectsEx will always be signalled for it.
+     * - peek into the pipe and retrieve the amount of data available.
+     *
+     * Approach: Loop till either the internal event is signalled
+     *           or there is data in the pipe available for reading.
+     */
+    while(WaitForMultipleObjectsEx(1, handles, FALSE, 0, FALSE)
+          == WAIT_TIMEOUT) {
+      /* peek into the pipe and retrieve the amount of data available */
+      length = 0;
+      if(PeekNamedPipe(handle, NULL, 0, NULL, &length, NULL)) {
+        /* if there is no data available, sleep and continue waiting */
+        if(length == 0) {
+          SleepEx(0, FALSE);
+          continue;
+        }
         else {
-          /* if the pipe has NOT been closed, sleep and continue waiting */
-          ret = GetLastError();
-          if(ret != ERROR_BROKEN_PIPE) {
-            logmsg("[select_ws_wait_thread] PeekNamedPipe error (%lu)", ret);
-            SleepEx(0, FALSE);
-            continue;
-          }
-          else {
-            logmsg("[select_ws_wait_thread] pipe closed, PIPE: %p", handle);
-          }
+          logmsg("[select_ws_wait_thread] PeekNamedPipe len: %lu", length);
         }
-        /* there is some data available, stop waiting */
-        logmsg("[select_ws_wait_thread] data available, PIPE: %p", handle);
-        SetEvent(signal);
       }
-      break;
+      else {
+        /* if the pipe has NOT been closed, sleep and continue waiting */
+        ret = GetLastError();
+        if(ret != ERROR_BROKEN_PIPE) {
+          logmsg("[select_ws_wait_thread] PeekNamedPipe error (%lu)", ret);
+          SleepEx(0, FALSE);
+          continue;
+        }
+        else {
+          logmsg("[select_ws_wait_thread] pipe closed, PIPE: %p", handle);
+        }
+      }
+      /* there is some data available, stop waiting */
+      logmsg("[select_ws_wait_thread] data available, PIPE: %p", handle);
+      SetEvent(signal);
+    }
+    break;
 
-    default:
-      /* The handle has an unknown type, try to wait on it */
-      if(WaitForMultipleObjectsEx(2, handles, FALSE, INFINITE, FALSE)
-         == WAIT_OBJECT_0 + 1) {
-        logmsg("[select_ws_wait_thread] data available, HANDLE: %p", handle);
-        SetEvent(signal);
-      }
-      break;
+  default:
+    /* The handle has an unknown type, try to wait on it */
+    if(WaitForMultipleObjectsEx(2, handles, FALSE, INFINITE, FALSE)
+       == WAIT_OBJECT_0 + 1) {
+      logmsg("[select_ws_wait_thread] data available, HANDLE: %p", handle);
+      SetEvent(signal);
+    }
+    break;
   }
 
   return 0;
@@ -658,12 +658,12 @@ static int select_ws(int nfds, fd_set *readfds, fd_set *writefds,
 
     if(FD_ISSET(wsasock, readfds)) {
       FD_SET(wsasock, &readsock);
-      wsaevents.lNetworkEvents |= FD_READ|FD_ACCEPT|FD_CLOSE;
+      wsaevents.lNetworkEvents |= FD_READ | FD_ACCEPT | FD_CLOSE;
     }
 
     if(FD_ISSET(wsasock, writefds)) {
       FD_SET(wsasock, &writesock);
-      wsaevents.lNetworkEvents |= FD_WRITE|FD_CONNECT|FD_CLOSE;
+      wsaevents.lNetworkEvents |= FD_WRITE | FD_CONNECT | FD_CLOSE;
     }
 
     if(FD_ISSET(wsasock, exceptfds)) {
@@ -800,11 +800,11 @@ static int select_ws(int nfds, fd_set *readfds, fd_set *writefds,
           wsaevents.lNetworkEvents |= data[i].wsastate;
 
           /* remove from descriptor set if not ready for read/accept/close */
-          if(!(wsaevents.lNetworkEvents & (FD_READ|FD_ACCEPT|FD_CLOSE)))
+          if(!(wsaevents.lNetworkEvents & (FD_READ | FD_ACCEPT | FD_CLOSE)))
             FD_CLR(wsasock, readfds);
 
           /* remove from descriptor set if not ready for write/connect */
-          if(!(wsaevents.lNetworkEvents & (FD_WRITE|FD_CONNECT|FD_CLOSE)))
+          if(!(wsaevents.lNetworkEvents & (FD_WRITE | FD_CONNECT | FD_CLOSE)))
             FD_CLR(wsasock, writefds);
 
           /* remove from descriptor set if not exceptional */
@@ -851,10 +851,10 @@ static int select_ws(int nfds, fd_set *readfds, fd_set *writefds,
 
   return ret;
 }
-#define SOCKFILT_select(a,b,c,d,e) select_ws(a,b,c,d,e)
+#define SOCKFILT_select(a, b, c, d, e) select_ws(a, b, c, d, e)
 #else
-#define SOCKFILT_select(a,b,c,d,e) select(a,b,c,d,e)
-#endif  /* USE_WINSOCK */
+#define SOCKFILT_select(a, b, c, d, e) select(a, b, c, d, e)
+#endif /* USE_WINSOCK */
 
 /* Perform the disconnect handshake with sockfilt
  * This involves waiting for the disconnect acknowledgment after the DISC
@@ -867,46 +867,45 @@ static bool disc_handshake(void)
     return FALSE;
 
   do {
-      unsigned char buffer[BUFFER_SIZE];
-      ssize_t buffer_len;
-      if(!read_stdin(buffer, 5))
-        return FALSE;
-      logmsg("Received %c%c%c%c (on stdin)",
-             buffer[0], buffer[1], buffer[2], buffer[3]);
+    unsigned char buffer[BUFFER_SIZE];
+    ssize_t buffer_len;
+    if(!read_stdin(buffer, 5))
+      return FALSE;
+    logmsg("Received %c%c%c%c (on stdin)",
+           buffer[0], buffer[1], buffer[2], buffer[3]);
 
-      if(!memcmp("ACKD", buffer, 4)) {
-        /* got the ack we were waiting for */
-        break;
-      }
-      else if(!memcmp("DISC", buffer, 4)) {
-        logmsg("Crikey! Client also wants to disconnect");
-        if(!write_stdout("ACKD\n", 5))
-          return FALSE;
-      }
-      else if(!memcmp("DATA", buffer, 4)) {
-        /* We must read more data to stay in sync */
-        logmsg("Throwing away data bytes");
-        if(!read_data_block(buffer, sizeof(buffer), &buffer_len))
-          return FALSE;
-
-      }
-      else if(!memcmp("QUIT", buffer, 4)) {
-        /* just die */
-        logmsg("quits");
+    if(!memcmp("ACKD", buffer, 4)) {
+      /* got the ack we were waiting for */
+      break;
+    }
+    else if(!memcmp("DISC", buffer, 4)) {
+      logmsg("Crikey! Client also wants to disconnect");
+      if(!write_stdout("ACKD\n", 5))
         return FALSE;
-      }
-      else {
-        logmsg("Unexpected message error; aborting");
-        /*
-         * The only other messages that could occur here are PING and PORT,
-         * and both of them occur at the start of a test when nothing should be
-         * trying to DISC. Therefore, we should not ever get here, but if we
-         * do, it is probably due to some kind of unclean shutdown situation so
-         * us shutting down is what we probably ought to be doing, anyway.
-         */
+    }
+    else if(!memcmp("DATA", buffer, 4)) {
+      /* We must read more data to stay in sync */
+      logmsg("Throwing away data bytes");
+      if(!read_data_block(buffer, sizeof(buffer), &buffer_len))
         return FALSE;
-      }
 
+    }
+    else if(!memcmp("QUIT", buffer, 4)) {
+      /* just die */
+      logmsg("quits");
+      return FALSE;
+    }
+    else {
+      logmsg("Unexpected message error; aborting");
+      /*
+       * The only other messages that could occur here are PING and PORT,
+       * and both of them occur at the start of a test when nothing should be
+       * trying to DISC. Therefore, we should not ever get here, but if we
+       * do, it is probably due to some kind of unclean shutdown situation so
+       * us shutting down is what we probably ought to be doing, anyway.
+       */
+      return FALSE;
+    }
   } while(TRUE);
   return TRUE;
 }
@@ -1034,7 +1033,6 @@ static bool juggle(curl_socket_t *sockfdp,
 
   } /* switch(*mode) */
 
-
   do {
 
     /* select() blocking behavior call on blocking descriptors please */
@@ -1058,7 +1056,6 @@ static bool juggle(curl_socket_t *sockfdp,
     /* timeout */
     return TRUE;
 
-
   if(FD_ISSET(fileno(stdin), &fds_read)) {
     ssize_t buffer_len;
     /* read from stdin, commands/data to be dealt with and possibly passed on
@@ -1146,8 +1143,7 @@ static bool juggle(curl_socket_t *sockfdp,
     }
   }
 
-
-  if((sockfd != CURL_SOCKET_BAD) && (FD_ISSET(sockfd, &fds_read)) ) {
+  if((sockfd != CURL_SOCKET_BAD) && (FD_ISSET(sockfd, &fds_read))) {
     ssize_t nread_socket;
     if(*mode == PASSIVE_LISTEN) {
       /* there is no stream set up yet, this is an indication that there is a
@@ -1228,7 +1224,7 @@ static int test_sockfilt(int argc, char *argv[])
 #else
              ""
 #endif
-             );
+      );
       return 0;
     }
     else if(!strcmp("--verbose", argv[arg])) {
diff --git a/tests/server/socksd.c b/tests/server/socksd.c
index 4205d26880..f9fadd2113 100644
--- a/tests/server/socksd.c
+++ b/tests/server/socksd.c
@@ -289,8 +289,8 @@ static curl_socket_t socks4(curl_socket_t fd,
 
 static curl_socket_t sockit(curl_socket_t fd)
 {
-  unsigned char buffer[2*256 + 16];
-  unsigned char response[2*256 + 16];
+  unsigned char buffer[2 * 256 + 16];
+  unsigned char response[2 * 256 + 16];
   ssize_t rc;
   unsigned char len;
   unsigned char type;
@@ -483,7 +483,7 @@ static curl_socket_t sockit(curl_socket_t fd)
       case 3:
         /* The first octet of the address field contains the number of octets
            of name that follow */
-        fprintf(dump, " %.*s\n", len-1, &address[1]);
+        fprintf(dump, " %.*s\n", len - 1, &address[1]);
         break;
       case 4:
         /* 16 bytes IPv6 address */
@@ -579,8 +579,7 @@ static int tunnel(struct perclient *cp, fd_set *fds)
     /* read from client, send to remote */
     nread = recv(cp->clientfd, buffer, sizeof(buffer), 0);
     if(nread > 0) {
-      nwrite = send(cp->remotefd, (char *)buffer,
-                    (SEND_TYPE_ARG3)nread, 0);
+      nwrite = send(cp->remotefd, (char *)buffer, (SEND_TYPE_ARG3)nread, 0);
       if(nwrite != nread)
         return 1;
       cp->fromclient += nwrite;
@@ -592,8 +591,7 @@ static int tunnel(struct perclient *cp, fd_set *fds)
     /* read from remote, send to client */
     nread = recv(cp->remotefd, buffer, sizeof(buffer), 0);
     if(nread > 0) {
-      nwrite = send(cp->clientfd, (char *)buffer,
-                    (SEND_TYPE_ARG3)nread, 0);
+      nwrite = send(cp->clientfd, (char *)buffer, (SEND_TYPE_ARG3)nread, 0);
       if(nwrite != nread)
         return 1;
       cp->fromremote += nwrite;
@@ -725,7 +723,6 @@ static bool socksd_incoming(curl_socket_t listenfd)
           cp->used = TRUE;
           clients++;
         }
-
       }
     }
     for(i = 0; i < 2; i++) {
@@ -777,7 +774,7 @@ static int test_socksd(int argc, char *argv[])
 #else
              ""
 #endif
-             );
+      );
       return 0;
     }
     else if(!strcmp("--pidfile", argv[arg])) {
diff --git a/tests/server/sws.c b/tests/server/sws.c
index b070614f52..13f7455469 100644
--- a/tests/server/sws.c
+++ b/tests/server/sws.c
@@ -51,7 +51,7 @@ static bool sws_prevbounce = FALSE; /* instructs the server to override the
 #define RCMD_STREAM    2 /* told to stream */
 
 struct sws_httprequest {
-  char reqbuf[2*1024*1024]; /* buffer area for the incoming request */
+  char reqbuf[2 * 1024 * 1024]; /* buffer area for the incoming request */
   bool connect_request; /* if a CONNECT */
   unsigned short connect_port; /* the port number CONNECT used */
   size_t checkindex; /* where to start checking of the request */
@@ -138,8 +138,7 @@ static const char *cmdfile = "log/server.cmd";
 static const char *end_of_headers = END_OF_HEADERS;
 
 /* sent as reply to a QUIT */
-static const char *docquit_sws =
-"HTTP/1.1 200 Goodbye" END_OF_HEADERS;
+static const char *docquit_sws = "HTTP/1.1 200 Goodbye" END_OF_HEADERS;
 
 /* send back this on 404 file not found */
 static const char *doc404 = "HTTP/1.1 404 Not Found\r\n"
@@ -169,7 +168,7 @@ static bool socket_domain_is_ip(void)
 #endif
     return true;
   default:
-  /* case AF_UNIX: */
+    /* case AF_UNIX: */
     return false;
   }
 }
@@ -334,12 +333,10 @@ static int sws_ProcessRequest(struct sws_httprequest *req)
     size_t npath = 0; /* httppath length */
 
     if(sscanf(line,
-              "%" REQUEST_KEYWORD_SIZE_TXT"s ", request) == 1) {
+              "%" REQUEST_KEYWORD_SIZE_TXT "s ", request) == 1) {
       http = strstr(line + strlen(request), "HTTP/");
 
-      if(http && sscanf(http, "HTTP/%d.%d",
-                        &prot_major,
-                        &prot_minor) == 2) {
+      if(http && sscanf(http, "HTTP/%d.%d", &prot_major, &prot_minor) == 2) {
         /* between the request keyword and HTTP/ there is a path */
         httppath = line + strlen(request);
         npath = http - httppath;
@@ -361,7 +358,7 @@ static int sws_ProcessRequest(struct sws_httprequest *req)
     if(fine) {
       char *ptr;
 
-      req->prot_version = prot_major*10 + prot_minor;
+      req->prot_version = prot_major * 10 + prot_minor;
 
       /* find the last slash */
       ptr = &httppath[npath];
@@ -746,7 +743,7 @@ static void sws_storerequest(const char *reqbuf, size_t totalsize)
 
   writeleft = totalsize;
   do {
-    written = fwrite(&reqbuf[totalsize-writeleft], 1, writeleft, dump);
+    written = fwrite(&reqbuf[totalsize - writeleft], 1, writeleft, dump);
     if(got_exit_signal)
       goto storerequest_cleanup;
     if(written > 0)
@@ -761,7 +758,7 @@ static void sws_storerequest(const char *reqbuf, size_t totalsize)
     logmsg("Error writing file %s error (%d) %s", dumpfile,
            error, curlx_strerror(error, errbuf, sizeof(errbuf)));
     logmsg("Wrote only (%zu bytes) of (%zu bytes) request input to %s",
-           totalsize-writeleft, totalsize, dumpfile);
+           totalsize - writeleft, totalsize, dumpfile);
   }
 
 storerequest_cleanup:
@@ -876,7 +873,7 @@ static int sws_get_request(curl_socket_t sock, struct sws_httprequest *req)
     return -1;
   }
 
-  if(req->offset >= sizeof(req->reqbuf)-1) {
+  if(req->offset >= sizeof(req->reqbuf) - 1) {
     /* buffer is already full; do nothing */
     overflow = 1;
   }
@@ -888,7 +885,7 @@ static int sws_get_request(curl_socket_t sock, struct sws_httprequest *req)
       got = sread(sock, reqbuf + req->offset, req->cl);
     else
       got = sread(sock, reqbuf + req->offset,
-                  sizeof(req->reqbuf)-1 - req->offset);
+                  sizeof(req->reqbuf) - 1 - req->offset);
 
     if(got_exit_signal)
       return -1;
@@ -924,16 +921,16 @@ static int sws_get_request(curl_socket_t sock, struct sws_httprequest *req)
       return -1;
   }
 
-  if(overflow || (req->offset == sizeof(req->reqbuf)-1 && got > 0)) {
+  if(overflow || (req->offset == sizeof(req->reqbuf) - 1 && got > 0)) {
     logmsg("Request would overflow buffer, closing connection");
     /* dump request received so far to external file anyway */
-    reqbuf[sizeof(req->reqbuf)-1] = '\0';
+    reqbuf[sizeof(req->reqbuf) - 1] = '\0';
     fail = 1;
   }
-  else if(req->offset > sizeof(req->reqbuf)-1) {
+  else if(req->offset > sizeof(req->reqbuf) - 1) {
     logmsg("Request buffer overflow, closing connection");
     /* dump request received so far to external file anyway */
-    reqbuf[sizeof(req->reqbuf)-1] = '\0';
+    reqbuf[sizeof(req->reqbuf) - 1] = '\0';
     fail = 1;
   }
   else
@@ -978,10 +975,10 @@ static int sws_send_doc(curl_socket_t sock, struct sws_httprequest *req)
   case RCMD_STREAM: {
     static const char streamthis[] = "a string to stream 01234567890\n";
     for(;;) {
-      written = swrite(sock, streamthis, sizeof(streamthis)-1);
+      written = swrite(sock, streamthis, sizeof(streamthis) - 1);
       if(got_exit_signal)
         return -1;
-      if(written != (ssize_t)(sizeof(streamthis)-1)) {
+      if(written != (ssize_t)(sizeof(streamthis) - 1)) {
         logmsg("Stopped streaming");
         break;
       }
@@ -1144,7 +1141,7 @@ retry:
     if(req->writedelay) {
       int msecs_left = req->writedelay;
       int intervals = msecs_left / MAX_SLEEP_TIME_MS;
-      if(msecs_left%MAX_SLEEP_TIME_MS)
+      if(msecs_left % MAX_SLEEP_TIME_MS)
         intervals++;
       logmsg("Pausing %d milliseconds after writing %zd bytes",
              msecs_left, written);
@@ -1172,7 +1169,7 @@ retry:
   if(sendfailure) {
     logmsg("Sending response failed. Only (%zu bytes) of (%zu bytes) "
            "were sent",
-           responsesize-count, responsesize);
+           responsesize - count, responsesize);
     sws_prevtestno = req->testno;
     sws_prevpartno = req->partno;
     free(ptr);
@@ -1247,9 +1244,7 @@ static curl_socket_t connect_to(const char *ipaddr, unsigned short port)
   if(!ipaddr)
     return CURL_SOCKET_BAD;
 
-  logmsg("about to connect to %s%s%s:%hu",
-         op_br, ipaddr, cl_br, port);
-
+  logmsg("about to connect to %s%s%s:%hu", op_br, ipaddr, cl_br, port);
 
   serverfd = socket(socket_domain, SOCK_STREAM, 0);
   if(CURL_SOCKET_BAD == serverfd) {
@@ -1389,7 +1384,7 @@ success:
  * must accept a new connection and deal with it appropriately.
  */
 
-#define data_or_ctrl(x) ((x)?"DATA":"CTRL")
+#define data_or_ctrl(x) ((x) ? "DATA" : "CTRL")
 
 #define SWS_CTRL  0
 #define SWS_DATA  1
@@ -1644,7 +1639,7 @@ static void http_connect(curl_socket_t *infdp,
           }
         }
         if(serverfd[i] != CURL_SOCKET_BAD) {
-          len = sizeof(readserver[i])-toc[i];
+          len = sizeof(readserver[i]) - toc[i];
           if(len && FD_ISSET(serverfd[i], &input)) {
             /* read from server */
             rc = sread(serverfd[i], &readserver[i][toc[i]], len);
@@ -1676,7 +1671,7 @@ static void http_connect(curl_socket_t *infdp,
               logmsg("[%s] SENT \"%s\"", data_or_ctrl(i),
                      data_to_hex(readserver[i], rc));
               if(toc[i] - rc)
-                memmove(&readserver[i][0], &readserver[i][rc], toc[i]-rc);
+                memmove(&readserver[i][0], &readserver[i][rc], toc[i] - rc);
               toc[i] -= rc;
             }
           }
@@ -1696,7 +1691,7 @@ static void http_connect(curl_socket_t *infdp,
               logmsg("[%s] SENT \"%s\"", data_or_ctrl(i),
                      data_to_hex(readclient[i], rc));
               if(tos[i] - rc)
-                memmove(&readclient[i][0], &readclient[i][rc], tos[i]-rc);
+                memmove(&readclient[i][0], &readclient[i][rc], tos[i] - rc);
               tos[i] -= rc;
             }
           }
@@ -1826,7 +1821,6 @@ static void http_upgrade(struct sws_httprequest *req)
   /* left to implement */
 }
 
-
 /* returns a socket handle, or 0 if there are no more waiting sockets,
    or < 0 if there was an error */
 static curl_socket_t accept_connection(curl_socket_t sock)
@@ -2021,12 +2015,12 @@ static int test_sws(int argc, char *argv[])
     if(!strcmp("--version", argv[arg])) {
       puts("sws IPv4"
 #ifdef USE_IPV6
-             "/IPv6"
+           "/IPv6"
 #endif
 #ifdef USE_UNIX_SOCKETS
-             "/unix"
+           "/unix"
 #endif
-          );
+      );
       return 0;
     }
     else if(!strcmp("--pidfile", argv[arg])) {
@@ -2097,8 +2091,7 @@ static int test_sws(int argc, char *argv[])
       if(argc > arg) {
         opt = argv[arg];
         if(curlx_str_number(&opt, &num, 0xffff)) {
-          fprintf(stderr, "sws: invalid --port argument (%s)\n",
-                  argv[arg]);
+          fprintf(stderr, "sws: invalid --port argument (%s)\n", argv[arg]);
           return 0;
         }
         port = (unsigned short)num;
@@ -2327,9 +2320,9 @@ static int test_sws(int argc, char *argv[])
     /* Clear out closed sockets */
     for(socket_idx = num_sockets - 1; socket_idx >= 1; --socket_idx) {
       if(CURL_SOCKET_BAD == all_sockets[socket_idx]) {
-        char *dst = (char *) (all_sockets + socket_idx);
-        char *src = (char *) (all_sockets + socket_idx + 1);
-        char *end = (char *) (all_sockets + num_sockets);
+        char *dst = (char *)(all_sockets + socket_idx);
+        char *src = (char *)(all_sockets + socket_idx + 1);
+        char *end = (char *)(all_sockets + num_sockets);
         memmove(dst, src, end - src);
         num_sockets -= 1;
       }
diff --git a/tests/server/tftpd.c b/tests/server/tftpd.c
index 2eb31ff5ec..99c008031e 100644
--- a/tests/server/tftpd.c
+++ b/tests/server/tftpd.c
@@ -380,7 +380,7 @@ static void read_ahead(struct testcase *test,
   }
 
   p = dp->th_data;
-  for(i = 0 ; i < SEGSIZE; i++) {
+  for(i = 0; i < SEGSIZE; i++) {
     if(newline) {
       if(prevchar == '\n')
         c = '\n';       /* lf to cr,lf */
@@ -536,8 +536,7 @@ static int synchnet(curl_socket_t f /* socket to flush */)
       else
         fromaddrlen = sizeof(fromaddr.sa6);
 #endif
-      (void)recvfrom(f, rbuf, sizeof(rbuf), 0,
-                     &fromaddr.sa, &fromaddrlen);
+      (void)recvfrom(f, rbuf, sizeof(rbuf), 0, &fromaddr.sa, &fromaddrlen);
     }
     else
       break;
@@ -578,7 +577,7 @@ static int test_tftpd(int argc, char **argv)
 #else
              ""
 #endif
-             );
+      );
       return 0;
     }
     else if(!strcmp("--pidfile", argv[arg])) {
@@ -674,8 +673,7 @@ static int test_tftpd(int argc, char **argv)
   }
 
   flag = 1;
-  if(setsockopt(sock, SOL_SOCKET, SO_REUSEADDR,
-                (void *)&flag, sizeof(flag))) {
+  if(setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *)&flag, sizeof(flag))) {
     error = SOCKERRNO;
     logmsg("setsockopt(SO_REUSEADDR) failed with error (%d) %s",
            error, curlx_strerror(error, errbuf, sizeof(errbuf)));
@@ -825,7 +823,7 @@ static int test_tftpd(int argc, char **argv)
     }
 #endif
 
-    maxtimeout = 5*TIMEOUT;
+    maxtimeout = 5 * TIMEOUT;
 
     tp = &trsbuf.hdr;
     tp->th_opcode = ntohs(tp->th_opcode);
@@ -1076,7 +1074,6 @@ static int tftpd_parse_servercmd(struct testcase *req)
   return 0; /* OK! */
 }
 
-
 /*
  * Validate file access.
  */
@@ -1104,7 +1101,7 @@ static int validate_access(struct testcase *test,
   ptr = strrchr(filename, '/');
 
   if(ptr) {
-    char partbuf[80]="data";
+    char partbuf[80] = "data";
     long partno;
     long testno;
     const char *pval;
@@ -1209,7 +1206,7 @@ static void sendtftp(struct testcase *test, const struct formats *pf)
     if(test->writedelay) {
       logmsg("Pausing %d seconds before %d bytes", test->writedelay,
              size);
-      curlx_wait_ms(1000*test->writedelay);
+      curlx_wait_ms(1000 * test->writedelay);
     }
 
 send_data:
@@ -1249,11 +1246,10 @@ send_data:
         }
         /* Re-synchronize with the other side */
         (void)synchnet(peer);
-        if(sap->th_block == (sendblock-1)) {
+        if(sap->th_block == (sendblock - 1)) {
           goto send_data;
         }
       }
-
     }
     sendblock++;
   } while(size == SEGSIZE);
diff --git a/tests/server/util.c b/tests/server/util.c
index ae21ff8b1a..624826571a 100644
--- a/tests/server/util.c
+++ b/tests/server/util.c
@@ -37,7 +37,7 @@
  */
 char *data_to_hex(char *data, size_t len)
 {
-  static char buf[256*3];
+  static char buf[256 * 3];
   size_t i;
   char *optr = buf;
   char *iptr = data;
@@ -177,18 +177,18 @@ int win32_init(void)
     }
 
     if(LOBYTE(wsaData.wVersion) != LOBYTE(wVersionRequested) ||
-       HIBYTE(wsaData.wVersion) != HIBYTE(wVersionRequested) ) {
+       HIBYTE(wsaData.wVersion) != HIBYTE(wVersionRequested)) {
       WSACleanup();
       win32_perror("Winsock init failed");
       logmsg("No suitable winsock.dll found -- aborting");
       return 1;
     }
   }
-#endif  /* USE_WINSOCK */
+#endif /* USE_WINSOCK */
   atexit(win32_cleanup);
   return 0;
 }
-#endif  /* _WIN32 */
+#endif /* _WIN32 */
 
 /* fopens the test case file */
 FILE *test2fopen(long testno, const char *logdir2)
@@ -370,8 +370,7 @@ static void exit_signal_handler(int signum)
        fd != -1) {
 #else
     /* !checksrc! disable BANNEDFUNC 1 */
-    fd = open(serverlogfile,
-              O_WRONLY | O_CREAT | O_APPEND, S_IRUSR | S_IWUSR);
+    fd = open(serverlogfile, O_WRONLY | O_CREAT | O_APPEND, S_IRUSR | S_IWUSR);
     if(fd != -1) {
 #endif
       static const char msg[] = "exit_signal_handler: called\n";
@@ -546,7 +545,7 @@ static SIGHANDLER_T set_signal(int signum, SIGHANDLER_T handler,
 
 #ifdef HAVE_SIGINTERRUPT
   if(oldhdlr != SIG_ERR)
-    siginterrupt(signum, (int) restartable);
+    siginterrupt(signum, (int)restartable);
 #else
   (void)restartable;
 #endif
@@ -693,7 +692,7 @@ int bind_unix_socket(curl_socket_t sock, const char *unix_socket,
     return -1;
   }
   strcpy(sau->sun_path, unix_socket);
-  rc = bind(sock, (struct sockaddr*)sau, sizeof(struct sockaddr_un));
+  rc = bind(sock, (struct sockaddr *)sau, sizeof(struct sockaddr_un));
   if(rc && SOCKERRNO == SOCKEADDRINUSE) {
     struct_stat statbuf;
     /* socket already exists. Perhaps it is stale? */
@@ -738,7 +737,7 @@ int bind_unix_socket(curl_socket_t sock, const char *unix_socket,
       return rc;
     }
     /* stale socket is gone, retry bind */
-    rc = bind(sock, (struct sockaddr*)sau, sizeof(struct sockaddr_un));
+    rc = bind(sock, (struct sockaddr *)sau, sizeof(struct sockaddr_un));
   }
   return rc;
 }
@@ -805,29 +804,29 @@ curl_socket_t sockdaemon(curl_socket_t sock,
      request to let the system choose a non-zero available port. */
 
   switch(socket_domain) {
-    case AF_INET:
-      memset(&listener.sa4, 0, sizeof(listener.sa4));
-      listener.sa4.sin_family = AF_INET;
-      listener.sa4.sin_addr.s_addr = INADDR_ANY;
-      listener.sa4.sin_port = htons(*listenport);
-      rc = bind(sock, &listener.sa, sizeof(listener.sa4));
-      break;
+  case AF_INET:
+    memset(&listener.sa4, 0, sizeof(listener.sa4));
+    listener.sa4.sin_family = AF_INET;
+    listener.sa4.sin_addr.s_addr = INADDR_ANY;
+    listener.sa4.sin_port = htons(*listenport);
+    rc = bind(sock, &listener.sa, sizeof(listener.sa4));
+    break;
 #ifdef USE_IPV6
-    case AF_INET6:
-      memset(&listener.sa6, 0, sizeof(listener.sa6));
-      listener.sa6.sin6_family = AF_INET6;
-      listener.sa6.sin6_addr = in6addr_any;
-      listener.sa6.sin6_port = htons(*listenport);
-      rc = bind(sock, &listener.sa, sizeof(listener.sa6));
-      break;
+  case AF_INET6:
+    memset(&listener.sa6, 0, sizeof(listener.sa6));
+    listener.sa6.sin6_family = AF_INET6;
+    listener.sa6.sin6_addr = in6addr_any;
+    listener.sa6.sin6_port = htons(*listenport);
+    rc = bind(sock, &listener.sa, sizeof(listener.sa6));
+    break;
 #endif /* USE_IPV6 */
 #ifdef USE_UNIX_SOCKETS
-    case AF_UNIX:
-      rc = bind_unix_socket(sock, unix_socket, &listener.sau);
-      break;
+  case AF_UNIX:
+    rc = bind_unix_socket(sock, unix_socket, &listener.sau);
+    break;
 #endif
-    default:
-      rc = 1;
+  default:
+    rc = 1;
   }
 
   if(rc) {
diff --git a/tests/unit/unit1300.c b/tests/unit/unit1300.c
index 77fb1fb386..53da9dd4f6 100644
--- a/tests/unit/unit1300.c
+++ b/tests/unit/unit1300.c
@@ -65,7 +65,7 @@ static CURLcode test_unit1300(const char *arg)
    * 2: list head will be NULL
    * 3: list tail will be NULL
    * 4: list dtor will be NULL
-  */
+   */
 
   fail_unless(Curl_llist_count(&llist) == 0,
               "list initial size should be zero");
diff --git a/tests/unit/unit1302.c b/tests/unit/unit1302.c
index d56f7b09f7..157f1f61ed 100644
--- a/tests/unit/unit1302.c
+++ b/tests/unit/unit1302.c
@@ -124,7 +124,7 @@ static CURLcode test_unit1302(const char *arg)
     {"", 0, "aWlpaWlpaQ=", 15} /* unaligned size, missing a padding char */
   };
 
-  for(i = 0 ; i < CURL_ARRAYSIZE(encode); i++) {
+  for(i = 0; i < CURL_ARRAYSIZE(encode); i++) {
     struct etest *e = &encode[i];
     char *out;
     unsigned char *decoded;
@@ -180,7 +180,7 @@ static CURLcode test_unit1302(const char *arg)
     Curl_safefree(out);
   }
 
-  for(i = 0 ; i < CURL_ARRAYSIZE(badecode); i++) {
+  for(i = 0; i < CURL_ARRAYSIZE(badecode); i++) {
     struct etest *e = &badecode[i];
     unsigned char *decoded;
     size_t dlen;
diff --git a/tests/unit/unit1304.c b/tests/unit/unit1304.c
index 100f3f5828..3e09a0c277 100644
--- a/tests/unit/unit1304.c
+++ b/tests/unit/unit1304.c
@@ -46,8 +46,7 @@ static CURLcode test_unit1304(const char *arg)
    * Test a non existent host in our netrc file.
    */
   Curl_netrc_init(&store);
-  result = Curl_parsenetrc(&store,
-                           "test.example.com", &login, &password, arg);
+  result = Curl_parsenetrc(&store, "test.example.com", &login, &password, arg);
   fail_unless(result == 1, "Host not found should return 1");
   abort_unless(password == NULL, "password did not return NULL!");
   abort_unless(login == NULL, "user did not return NULL!");
@@ -58,8 +57,7 @@ static CURLcode test_unit1304(const char *arg)
    */
   login = (char *)CURL_UNCONST("me");
   Curl_netrc_init(&store);
-  result = Curl_parsenetrc(&store,
-                           "example.com", &login, &password, arg);
+  result = Curl_parsenetrc(&store, "example.com", &login, &password, arg);
   fail_unless(result == 0, "Host should have been found");
   abort_unless(password == NULL, "password is not NULL!");
   Curl_netrc_cleanup(&store);
@@ -69,8 +67,7 @@ static CURLcode test_unit1304(const char *arg)
    */
   login = (char *)CURL_UNCONST("me");
   Curl_netrc_init(&store);
-  result = Curl_parsenetrc(&store,
-                           "test.example.com", &login, &password, arg);
+  result = Curl_parsenetrc(&store, "test.example.com", &login, &password, arg);
   fail_unless(result == 1, "Host not found should return 1");
   abort_unless(password == NULL, "password is not NULL!");
   Curl_netrc_cleanup(&store);
@@ -81,8 +78,7 @@ static CURLcode test_unit1304(const char *arg)
    */
   login = (char *)CURL_UNCONST("admi"); /* spellchecker:disable-line */
   Curl_netrc_init(&store);
-  result = Curl_parsenetrc(&store,
-                           "example.com", &login, &password, arg);
+  result = Curl_parsenetrc(&store, "example.com", &login, &password, arg);
   fail_unless(result == 0, "Host should have been found");
   abort_unless(password == NULL, "password is not NULL!");
   Curl_netrc_cleanup(&store);
@@ -93,8 +89,7 @@ static CURLcode test_unit1304(const char *arg)
    */
   login = (char *)CURL_UNCONST("adminn");
   Curl_netrc_init(&store);
-  result = Curl_parsenetrc(&store,
-                           "example.com", &login, &password, arg);
+  result = Curl_parsenetrc(&store, "example.com", &login, &password, arg);
   fail_unless(result == 0, "Host should have been found");
   abort_unless(password == NULL, "password is not NULL!");
   Curl_netrc_cleanup(&store);
@@ -105,8 +100,7 @@ static CURLcode test_unit1304(const char *arg)
    */
   login = NULL;
   Curl_netrc_init(&store);
-  result = Curl_parsenetrc(&store,
-                           "example.com", &login, &password, arg);
+  result = Curl_parsenetrc(&store, "example.com", &login, &password, arg);
   fail_unless(result == 0, "Host should have been found");
   abort_unless(password != NULL, "returned NULL!");
   fail_unless(strncmp(password, "passwd", 6) == 0,
@@ -124,8 +118,7 @@ static CURLcode test_unit1304(const char *arg)
   password = NULL;
   login = NULL;
   Curl_netrc_init(&store);
-  result = Curl_parsenetrc(&store,
-                           "example.com", &login, &password, arg);
+  result = Curl_parsenetrc(&store, "example.com", &login, &password, arg);
   fail_unless(result == 0, "Host should have been found");
   abort_unless(password != NULL, "returned NULL!");
   fail_unless(strncmp(password, "passwd", 6) == 0,
@@ -143,12 +136,10 @@ static CURLcode test_unit1304(const char *arg)
   curlx_free(login);
   login = NULL;
   Curl_netrc_init(&store);
-  result = Curl_parsenetrc(&store,
-                           "curl.example.com", &login, &password, arg);
+  result = Curl_parsenetrc(&store, "curl.example.com", &login, &password, arg);
   fail_unless(result == 0, "Host should have been found");
   abort_unless(password != NULL, "returned NULL!");
-  fail_unless(strncmp(password, "none", 4) == 0,
-              "password should be 'none'");
+  fail_unless(strncmp(password, "none", 4) == 0, "password should be 'none'");
   abort_unless(login != NULL, "returned NULL!");
   fail_unless(strncmp(login, "none", 4) == 0, "login should be 'none'");
   Curl_netrc_cleanup(&store);
@@ -162,12 +153,10 @@ static CURLcode test_unit1304(const char *arg)
   curlx_free(login);
   login = NULL;
   Curl_netrc_init(&store);
-  result = Curl_parsenetrc(&store,
-                           "curl.example.com", &login, &password, arg);
+  result = Curl_parsenetrc(&store, "curl.example.com", &login, &password, arg);
   fail_unless(result == 0, "Host should have been found");
   abort_unless(password != NULL, "returned NULL!");
-  fail_unless(strncmp(password, "none", 4) == 0,
-              "password should be 'none'");
+  fail_unless(strncmp(password, "none", 4) == 0, "password should be 'none'");
   abort_unless(login != NULL, "returned NULL!");
   fail_unless(strncmp(login, "none", 4) == 0, "login should be 'none'");
   Curl_netrc_cleanup(&store);
diff --git a/tests/unit/unit1307.c b/tests/unit/unit1307.c
index d5fcf5c6b1..3651b341ed 100644
--- a/tests/unit/unit1307.c
+++ b/tests/unit/unit1307.c
@@ -290,7 +290,7 @@ static CURLcode test_unit1307(const char *arg)
   for(i = 0; i < CURL_ARRAYSIZE(tests); i++) {
     int result = tests[i].result;
     int rc = Curl_fnmatch(NULL, tests[i].pattern, tests[i].string);
-    if(result & (LINUX_DIFFER|MAC_DIFFER)) {
+    if(result & (LINUX_DIFFER | MAC_DIFFER)) {
       if((result & LINUX_DIFFER) && (machine == SYSTEM_LINUX))
         result >>= LINUX_SHIFT;
       else if((result & MAC_DIFFER) && (machine == SYSTEM_MACOS))
diff --git a/tests/unit/unit1309.c b/tests/unit/unit1309.c
index 2e2af21f2c..af9a29e110 100644
--- a/tests/unit/unit1309.c
+++ b/tests/unit/unit1309.c
@@ -63,8 +63,8 @@ static CURLcode test_unit1309(const char *arg)
 #define NUM_NODES 50
 
   struct Curl_tree *root, *removed;
-  struct Curl_tree nodes[NUM_NODES*3];
-  size_t storage[NUM_NODES*3];
+  struct Curl_tree nodes[NUM_NODES * 3];
+  size_t storage[NUM_NODES * 3];
   int rc;
   int i, j;
   struct curltime tv_now = {0, 0};
@@ -75,7 +75,7 @@ static CURLcode test_unit1309(const char *arg)
     struct curltime key;
 
     key.tv_sec = 0;
-    key.tv_usec = (541*i)%1023;
+    key.tv_usec = (541 * i) % 1023;
     storage[i] = key.tv_usec;
     Curl_splayset(&nodes[i], &storage[i]);
     root = Curl_splayinsert(key, root, &nodes[i]);
@@ -85,7 +85,7 @@ static CURLcode test_unit1309(const char *arg)
   splayprint(root, 0, 1);
 
   for(i = 0; i < NUM_NODES; i++) {
-    int rem = (i + 7)%NUM_NODES;
+    int rem = (i + 7) % NUM_NODES;
     curl_mprintf("Tree look:\n");
     splayprint(root, 0, 1);
     curl_mprintf("remove pointer %d, payload %zu\n", rem,
@@ -105,11 +105,11 @@ static CURLcode test_unit1309(const char *arg)
     struct curltime key;
 
     key.tv_sec = 0;
-    key.tv_usec = (541*i)%1023;
+    key.tv_usec = (541 * i) % 1023;
 
     /* add some nodes with the same key */
     for(j = 0; j <= i % 3; j++) {
-      storage[i * 3 + j] = key.tv_usec*10 + j;
+      storage[i * 3 + j] = key.tv_usec * 10 + j;
       Curl_splayset(&nodes[i * 3 + j], &storage[i * 3 + j]);
       root = Curl_splayinsert(key, root, &nodes[i * 3 + j]);
     }
diff --git a/tests/unit/unit1397.c b/tests/unit/unit1397.c
index 7d3d4fd7f7..e56b894e36 100644
--- a/tests/unit/unit1397.c
+++ b/tests/unit/unit1397.c
@@ -103,7 +103,7 @@ static CURLcode test_unit1397(const char *arg)
                     "did %sMATCH\n",
                     tests[i].host,
                     tests[i].pattern,
-                    tests[i].match ? "NOT ": "");
+                    tests[i].match ? "NOT " : "");
       unitfail++;
     }
   }
diff --git a/tests/unit/unit1398.c b/tests/unit/unit1398.c
index 1b72bf1163..abd4447ca4 100644
--- a/tests/unit/unit1398.c
+++ b/tests/unit/unit1398.c
@@ -118,7 +118,7 @@ static CURLcode test_unit1398(const char *arg)
                       "%s%s%s%s%s%s%s%s%s%s" /* 100 */
                       "%s%s%s%s%s%s%s%s%s%s" /* 110 */
                       "%s%s%s%s%s%s%s%s%s%s" /* 120 */
-                      "%s%s%s%s%s%s%s%s%s", /* 129 */
+                      "%s%s%s%s%s%s%s%s%s",  /* 129 */
 
                       "a", "", "", "", "", "", "", "", "", "", /* 10 */
                       "b", "", "", "", "", "", "", "", "", "", /* 20 */
@@ -132,8 +132,8 @@ static CURLcode test_unit1398(const char *arg)
                       "j", "", "", "", "", "", "", "", "", "", /* 100 */
                       "k", "", "", "", "", "", "", "", "", "", /* 110 */
                       "l", "", "", "", "", "", "", "", "", "", /* 120 */
-                      "m", "", "", "", "", "", "", "", ""  /* 129 */
-    );
+                      "m", "", "", "", "", "", "", "", ""      /* 129 */
+  );
   fail_unless(rc == 0, "return code should be 0");
 
   /* 128 input % flags */
@@ -150,7 +150,7 @@ static CURLcode test_unit1398(const char *arg)
                       "%s%s%s%s%s%s%s%s%s%s" /* 100 */
                       "%s%s%s%s%s%s%s%s%s%s" /* 110 */
                       "%s%s%s%s%s%s%s%s%s%s" /* 120 */
-                      "%s%s%s%s%s%s%s%s", /* 128 */
+                      "%s%s%s%s%s%s%s%s",    /* 128 */
 
                       "a", "", "", "", "", "", "", "", "", "", /* 10 */
                       "b", "", "", "", "", "", "", "", "", "", /* 20 */
@@ -164,8 +164,8 @@ static CURLcode test_unit1398(const char *arg)
                       "j", "", "", "", "", "", "", "", "", "", /* 100 */
                       "k", "", "", "", "", "", "", "", "", "", /* 110 */
                       "l", "", "", "", "", "", "", "", "", "", /* 120 */
-                      "m", "", "", "", "", "", "", ""  /* 128 */
-    );
+                      "m", "", "", "", "", "", "", ""          /* 128 */
+  );
   fail_unless(rc == 13, "return code should be 13");
 
   /* 129 output segments */
@@ -176,8 +176,8 @@ static CURLcode test_unit1398(const char *arg)
                       "%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%" /* 80 */
                       "%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%" /* 100 */
                       "%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%" /* 120 */
-                      "%%%%%%%%%%%%%%%%%%" /* 129 */
-    );
+                      "%%%%%%%%%%%%%%%%%%"                       /* 129 */
+  );
   fail_unless(rc == 0, "return code should be 0");
 
   /* 128 output segments */
@@ -188,8 +188,8 @@ static CURLcode test_unit1398(const char *arg)
                       "%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%" /* 80 */
                       "%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%" /* 100 */
                       "%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%" /* 120 */
-                      "%%%%%%%%%%%%%%%%" /* 128 */
-    );
+                      "%%%%%%%%%%%%%%%%"                         /* 128 */
+  );
   fail_unless(rc == 128, "return code should be 128");
 
   UNITTEST_END_SIMPLE
diff --git a/tests/unit/unit1601.c b/tests/unit/unit1601.c
index d31866bb74..fa7743785d 100644
--- a/tests/unit/unit1601.c
+++ b/tests/unit/unit1601.c
@@ -37,7 +37,7 @@ static CURLcode test_unit1601(const char *arg)
   unsigned char output[MD5_DIGEST_LEN];
   unsigned char *testp = output;
 
-  Curl_md5it(output, (const unsigned char *) string1, strlen(string1));
+  Curl_md5it(output, (const unsigned char *)string1, strlen(string1));
 
   verify_memory(testp, "\xc4\xca\x42\x38\xa0\xb9\x23\x82\x0d\xcc\x50\x9a\x6f"
                 "\x75\x84\x9b", MD5_DIGEST_LEN);
diff --git a/tests/unit/unit1606.c b/tests/unit/unit1606.c
index 4e290db72a..c7f3d718c7 100644
--- a/tests/unit/unit1606.c
+++ b/tests/unit/unit1606.c
@@ -82,18 +82,12 @@ static CURLcode test_unit1606(const char *arg)
 
   UNITTEST_BEGIN(t1606_setup(&easy))
 
-  fail_unless(runawhile(easy, 41, 41, 40, 0) == 41,
-              "wrong low speed timeout");
-  fail_unless(runawhile(easy, 21, 21, 20, 0) == 21,
-              "wrong low speed timeout");
-  fail_unless(runawhile(easy, 60, 60, 40, 0) == 60,
-              "wrong log speed timeout");
-  fail_unless(runawhile(easy, 50, 50, 40, 0) == 50,
-              "wrong log speed timeout");
-  fail_unless(runawhile(easy, 40, 40, 40, 0) == 99,
-              "should not time out");
-  fail_unless(runawhile(easy, 10, 50, 100, 2) == 36,
-              "bad timeout");
+  fail_unless(runawhile(easy, 41, 41, 40, 0) == 41, "wrong low speed timeout");
+  fail_unless(runawhile(easy, 21, 21, 20, 0) == 21, "wrong low speed timeout");
+  fail_unless(runawhile(easy, 60, 60, 40, 0) == 60, "wrong log speed timeout");
+  fail_unless(runawhile(easy, 50, 50, 40, 0) == 50, "wrong log speed timeout");
+  fail_unless(runawhile(easy, 40, 40, 40, 0) == 99, "should not time out");
+  fail_unless(runawhile(easy, 10, 50, 100, 2) == 36, "bad timeout");
 
   UNITTEST_END(t1606_stop(easy))
 }
diff --git a/tests/unit/unit1610.c b/tests/unit/unit1610.c
index 73a546a85e..5c47fe28e2 100644
--- a/tests/unit/unit1610.c
+++ b/tests/unit/unit1610.c
@@ -44,14 +44,14 @@ static CURLcode test_unit1610(const char *arg)
   unsigned char output[CURL_SHA256_DIGEST_LENGTH];
   unsigned char *testp = output;
 
-  Curl_sha256it(output, (const unsigned char *) string1, strlen(string1));
+  Curl_sha256it(output, (const unsigned char *)string1, strlen(string1));
 
   verify_memory(testp,
                 "\x6b\x86\xb2\x73\xff\x34\xfc\xe1\x9d\x6b\x80\x4e\xff\x5a\x3f"
                 "\x57\x47\xad\xa4\xea\xa2\x2f\x1d\x49\xc0\x1e\x52\xdd\xb7\x87"
                 "\x5b\x4b", CURL_SHA256_DIGEST_LENGTH);
 
-  Curl_sha256it(output, (const unsigned char *) string2, strlen(string2));
+  Curl_sha256it(output, (const unsigned char *)string2, strlen(string2));
 
   verify_memory(testp,
                 "\xcb\xb1\x6a\x8a\xb9\xcb\xb9\x35\xa8\xcb\xa0\x2e\x28\xc0\x26"
diff --git a/tests/unit/unit1611.c b/tests/unit/unit1611.c
index 5337aa33a3..88c79eb3d9 100644
--- a/tests/unit/unit1611.c
+++ b/tests/unit/unit1611.c
@@ -35,13 +35,13 @@ static CURLcode test_unit1611(const char *arg)
   unsigned char output[MD4_DIGEST_LENGTH];
   unsigned char *testp = output;
 
-  Curl_md4it(output, (const unsigned char *) string1, strlen(string1));
+  Curl_md4it(output, (const unsigned char *)string1, strlen(string1));
 
   verify_memory(testp,
                 "\x8b\xe1\xec\x69\x7b\x14\xad\x3a\x53\xb3\x71\x43\x61\x20\x64"
                 "\x1d", MD4_DIGEST_LENGTH);
 
-  Curl_md4it(output, (const unsigned char *) string2, strlen(string2));
+  Curl_md4it(output, (const unsigned char *)string2, strlen(string2));
 
   verify_memory(testp,
                 "\xa7\x16\x1c\xad\x7e\xbe\xdb\xbc\xf8\xc7\x23\x10\x2d\x2c\xe2"
diff --git a/tests/unit/unit1612.c b/tests/unit/unit1612.c
index 0cc0c02546..7d8c9acf96 100644
--- a/tests/unit/unit1612.c
+++ b/tests/unit/unit1612.c
@@ -40,8 +40,8 @@ static CURLcode test_unit1612(const char *arg)
   unsigned char *testp = output;
 
   Curl_hmacit(&Curl_HMAC_MD5,
-              (const unsigned char *) password, strlen(password),
-              (const unsigned char *) string1, strlen(string1),
+              (const unsigned char *)password, strlen(password),
+              (const unsigned char *)string1, strlen(string1),
               output);
 
   verify_memory(testp,
@@ -49,8 +49,8 @@ static CURLcode test_unit1612(const char *arg)
                 "\x37", HMAC_MD5_LENGTH);
 
   Curl_hmacit(&Curl_HMAC_MD5,
-              (const unsigned char *) password, strlen(password),
-              (const unsigned char *) string2, strlen(string2),
+              (const unsigned char *)password, strlen(password),
+              (const unsigned char *)string2, strlen(string2),
               output);
 
   verify_memory(testp,
diff --git a/tests/unit/unit1614.c b/tests/unit/unit1614.c
index 10140ee602..675133e5ad 100644
--- a/tests/unit/unit1614.c
+++ b/tests/unit/unit1614.c
@@ -34,12 +34,12 @@ static CURLcode test_unit1614(const char *arg)
   int err = 0;
 
   struct check {
-  const char *a;
+    const char *a;
     const char *n;
     unsigned int bits;
     bool match;
   };
-  struct check list4[]= {
+  struct check list4[] = {
     { "192.160.0.1", "192.160.0.1", 33, FALSE},
     { "192.160.0.1", "192.160.0.1", 32, TRUE},
     { "192.160.0.1", "192.160.0.1", 0, TRUE},
@@ -55,7 +55,7 @@ static CURLcode test_unit1614(const char *arg)
     { NULL, NULL, 0, FALSE} /* end marker */
   };
 #ifdef USE_IPV6
-  struct check list6[]= {
+  struct check list6[] = {
     { "::1", "::1", 0, TRUE},
     { "::1", "::1", 128, TRUE},
     { "::1", "0:0::1", 128, TRUE},
@@ -69,7 +69,7 @@ static CURLcode test_unit1614(const char *arg)
     const char *n;
     bool match;
   };
-  struct noproxy list[]= {
+  struct noproxy list[] = {
     { "www.example.com", "localhost .example.com .example.de", FALSE},
     { "www.example.com", "localhost,.example.com,.example.de", TRUE},
     { "www.example.com.", "localhost,.example.com,.example.de", TRUE},
@@ -161,7 +161,7 @@ static CURLcode test_unit1614(const char *arg)
     if(match != list4[i].match) {
       curl_mfprintf(stderr, "%s in %s/%u should %smatch\n",
                     list4[i].a, list4[i].n, list4[i].bits,
-                    list4[i].match ? "": "not ");
+                    list4[i].match ? "" : "not ");
       err++;
     }
   }
@@ -171,7 +171,7 @@ static CURLcode test_unit1614(const char *arg)
     if(match != list6[i].match) {
       curl_mfprintf(stderr, "%s in %s/%u should %smatch\n",
                     list6[i].a, list6[i].n, list6[i].bits,
-                    list6[i].match ? "": "not ");
+                    list6[i].match ? "" : "not ");
       err++;
     }
   }
@@ -181,7 +181,7 @@ static CURLcode test_unit1614(const char *arg)
     if(match != list[i].match) {
       curl_mfprintf(stderr, "%s in %s should %smatch\n",
                     list[i].a, list[i].n,
-                    list[i].match ? "": "not ");
+                    list[i].match ? "" : "not ");
       err++;
     }
   }
diff --git a/tests/unit/unit1615.c b/tests/unit/unit1615.c
index 44dc1ae045..fadb1aaa59 100644
--- a/tests/unit/unit1615.c
+++ b/tests/unit/unit1615.c
@@ -113,31 +113,31 @@ static CURLcode test_unit1615(const char *arg)
   /* Mute compiler warnings in 'verify_memory' macros below */
   computed_hash = output_buf;
 
-  Curl_sha512_256it(output_buf, (const unsigned char *) test_str1,
+  Curl_sha512_256it(output_buf, (const unsigned char *)test_str1,
                     CURL_ARRAYSIZE(test_str1) - 1);
   verify_memory(computed_hash, precomp_hash1, CURL_SHA512_256_DIGEST_LENGTH);
 
-  Curl_sha512_256it(output_buf, (const unsigned char *) test_str2,
+  Curl_sha512_256it(output_buf, (const unsigned char *)test_str2,
                     CURL_ARRAYSIZE(test_str2) - 1);
   verify_memory(computed_hash, precomp_hash2, CURL_SHA512_256_DIGEST_LENGTH);
 
-  Curl_sha512_256it(output_buf, (const unsigned char *) test_str3,
+  Curl_sha512_256it(output_buf, (const unsigned char *)test_str3,
                     CURL_ARRAYSIZE(test_str3) - 1);
   verify_memory(computed_hash, precomp_hash3, CURL_SHA512_256_DIGEST_LENGTH);
 
-  Curl_sha512_256it(output_buf, (const unsigned char *) test_str4,
+  Curl_sha512_256it(output_buf, (const unsigned char *)test_str4,
                     CURL_ARRAYSIZE(test_str4) - 1);
   verify_memory(computed_hash, precomp_hash4, CURL_SHA512_256_DIGEST_LENGTH);
 
-  Curl_sha512_256it(output_buf, (const unsigned char *) test_str5,
+  Curl_sha512_256it(output_buf, (const unsigned char *)test_str5,
                     CURL_ARRAYSIZE(test_str5) - 1);
   verify_memory(computed_hash, precomp_hash5, CURL_SHA512_256_DIGEST_LENGTH);
 
-  Curl_sha512_256it(output_buf, (const unsigned char *) test_str6,
+  Curl_sha512_256it(output_buf, (const unsigned char *)test_str6,
                     CURL_ARRAYSIZE(test_str6) - 1);
   verify_memory(computed_hash, precomp_hash6, CURL_SHA512_256_DIGEST_LENGTH);
 
-  Curl_sha512_256it(output_buf, (const unsigned char *) test_str7,
+  Curl_sha512_256it(output_buf, (const unsigned char *)test_str7,
                     CURL_ARRAYSIZE(test_str7) - 1);
   verify_memory(computed_hash, precomp_hash7, CURL_SHA512_256_DIGEST_LENGTH);
 
diff --git a/tests/unit/unit1620.c b/tests/unit/unit1620.c
index 4c1674f5bd..b04424ae3b 100644
--- a/tests/unit/unit1620.c
+++ b/tests/unit/unit1620.c
@@ -116,8 +116,7 @@ static CURLcode test_unit1620(const char *arg)
 
   Curl_freeset(empty);
   for(i = (enum dupstring)0; i < STRING_LAST; i++) {
-    fail_unless(empty->set.str[i] == NULL,
-                "Curl_free() did not set to NULL");
+    fail_unless(empty->set.str[i] == NULL, "Curl_free() did not set to NULL");
   }
 
   rc = Curl_close(&empty);
diff --git a/tests/unit/unit1650.c b/tests/unit/unit1650.c
index 89e72262d3..309515d9b1 100644
--- a/tests/unit/unit1650.c
+++ b/tests/unit/unit1650.c
@@ -205,7 +205,7 @@ static CURLcode test_unit1650(const char *arg)
         int j;
         for(j = 0; j < 16; j += 2) {
           size_t l;
-          curl_msnprintf(ptr, len, "%s%02x%02x", j?":":"", a->ip.v6[j],
+          curl_msnprintf(ptr, len, "%s%02x%02x", j ? ":" : "", a->ip.v6[j],
                          a->ip.v6[j + 1]);
           l = strlen(ptr);
           len -= l;
@@ -232,12 +232,12 @@ static CURLcode test_unit1650(const char *arg)
   }
 
   /* pass all sizes into the decoder until full */
-  for(i = 0; i < sizeof(full49)-1; i++) {
+  for(i = 0; i < sizeof(full49) - 1; i++) {
     struct dohentry d;
     DOHcode rc;
     memset(&d, 0, sizeof(d));
-    rc = doh_resp_decode((const unsigned char *)full49, i, CURL_DNS_TYPE_A,
-                         &d);
+    rc = doh_resp_decode((const unsigned char *)full49,
+                         i, CURL_DNS_TYPE_A, &d);
     if(!rc) {
       /* none of them should work */
       curl_mfprintf(stderr, "%zu: %d\n", i, rc);
@@ -250,8 +250,8 @@ static CURLcode test_unit1650(const char *arg)
     struct dohentry d;
     DOHcode rc;
     memset(&d, 0, sizeof(d));
-    rc = doh_resp_decode((const unsigned char *)&full49[i], sizeof(full49)-i-1,
-                         CURL_DNS_TYPE_A, &d);
+    rc = doh_resp_decode((const unsigned char *)&full49[i],
+                         sizeof(full49) - i - 1, CURL_DNS_TYPE_A, &d);
     if(!rc) {
       /* none of them should work */
       curl_mfprintf(stderr, "2 %zu: %d\n", i, rc);
@@ -264,8 +264,8 @@ static CURLcode test_unit1650(const char *arg)
     struct dohentry d;
     struct dohaddr *a;
     memset(&d, 0, sizeof(d));
-    rc = doh_resp_decode((const unsigned char *)full49, sizeof(full49)-1,
-                         CURL_DNS_TYPE_A, &d);
+    rc = doh_resp_decode((const unsigned char *)full49,
+                         sizeof(full49) - 1, CURL_DNS_TYPE_A, &d);
     fail_if(d.numaddr != 1, "missing address");
     a = &d.addr[0];
     p = &a->ip.v4[0];
diff --git a/tests/unit/unit1651.c b/tests/unit/unit1651.c
index d3620d99f2..ffaea47b20 100644
--- a/tests/unit/unit1651.c
+++ b/tests/unit/unit1651.c
@@ -360,10 +360,10 @@ static CURLcode test_unit1651(const char *arg)
 
     /* a poor man's fuzzing of some initial data to make sure nothing bad
        happens */
-    for(byte = 1 ; byte < 255; byte += 17) {
+    for(byte = 1; byte < 255; byte += 17) {
       for(i = 0; i < 45; i++) {
         unsigned char backup = cert[i];
-        cert[i] = (unsigned char) (byte & 0xff);
+        cert[i] = (unsigned char)(byte & 0xff);
         (void)Curl_extract_certinfo(data, 0, beg, end);
         cert[i] = backup;
       }
diff --git a/tests/unit/unit1655.c b/tests/unit/unit1655.c
index ab42b971ef..91aca3f1a4 100644
--- a/tests/unit/unit1655.c
+++ b/tests/unit/unit1655.c
@@ -121,7 +121,7 @@ static CURLcode test_unit1655(const char *arg)
       else {
         if(d == DOH_OK) {
           fail_unless(olen <= sizeof(victim.dohbuffer),
-            "wrote outside bounds");
+                      "wrote outside bounds");
           fail_unless(olen > strlen(name), "unrealistic low size");
         }
       }
diff --git a/tests/unit/unit1656.c b/tests/unit/unit1656.c
index 322aa2dbe3..7cdca884b8 100644
--- a/tests/unit/unit1656.c
+++ b/tests/unit/unit1656.c
@@ -95,7 +95,7 @@ static CURLcode test_unit1656(const char *arg)
   struct dynbuf dbuf;
   bool all_ok = TRUE;
 
-  curlx_dyn_init(&dbuf, 32*1024);
+  curlx_dyn_init(&dbuf, 32 * 1024);
 
   if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) {
     curl_mfprintf(stderr, "curl_global_init() failed\n");
diff --git a/tests/unit/unit1657.c b/tests/unit/unit1657.c
index c03cd51f55..850b3ef730 100644
--- a/tests/unit/unit1657.c
+++ b/tests/unit/unit1657.c
@@ -93,7 +93,7 @@ static CURLcode test_unit1657(const char *arg)
   bool all_ok = TRUE;
   struct dynbuf dbuf;
 
-  curlx_dyn_init(&dbuf, 32*1024);
+  curlx_dyn_init(&dbuf, 32 * 1024);
 
   if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) {
     curl_mfprintf(stderr, "curl_global_init() failed\n");
diff --git a/tests/unit/unit1660.c b/tests/unit/unit1660.c
index 376f6bdcfa..6b1dcce9fc 100644
--- a/tests/unit/unit1660.c
+++ b/tests/unit/unit1660.c
@@ -130,7 +130,7 @@ static CURLcode test_unit1660(const char *arg)
 
   Curl_hsts_loadfile(easy, h, arg);
 
-  for(i = 0; headers[i].host ; i++) {
+  for(i = 0; headers[i].host; i++) {
     if(headers[i].hdr) {
       res = Curl_hsts_parse(h, headers[i].host, headers[i].hdr);
 
diff --git a/tests/unit/unit1661.c b/tests/unit/unit1661.c
index d9aa2a61f1..569b06760b 100644
--- a/tests/unit/unit1661.c
+++ b/tests/unit/unit1661.c
@@ -78,7 +78,7 @@ static CURLcode test_unit1661(const char *arg)
   /**
    * testing Curl_bufref_ptr
    */
-  fail_unless((const char *) Curl_bufref_ptr(&bufref) == buffer,
+  fail_unless((const char *)Curl_bufref_ptr(&bufref) == buffer,
               "Wrong pointer value returned");
 
   /**
diff --git a/tests/unit/unit1663.c b/tests/unit/unit1663.c
index e4431930a4..e0c77c9d78 100644
--- a/tests/unit/unit1663.c
+++ b/tests/unit/unit1663.c
@@ -39,12 +39,11 @@ static CURLcode t1663_setup(void)
   return res;
 }
 
-static void t1663_parse(
-  const char *input_data,
-  const char *exp_dev,
-  const char *exp_iface,
-  const char *exp_host,
-  CURLcode exp_rc)
+static void t1663_parse(const char *input_data,
+                        const char *exp_dev,
+                        const char *exp_iface,
+                        const char *exp_host,
+                        CURLcode exp_rc)
 {
   char *dev = NULL;
   char *iface = NULL;
diff --git a/tests/unit/unit2600.c b/tests/unit/unit2600.c
index b69b675b3b..9af844ca63 100644
--- a/tests/unit/unit2600.c
+++ b/tests/unit/unit2600.c
@@ -238,8 +238,7 @@ out:
   return res;
 }
 
-static void check_result(const struct test_case *tc,
-                         struct test_result *tr)
+static void check_result(const struct test_case *tc, struct test_result *tr)
 {
   char msg[256];
   timediff_t duration_ms;
@@ -247,8 +246,7 @@ static void check_result(const struct test_case *tc,
   duration_ms = curlx_timediff_ms(tr->ended, tr->started);
   curl_mfprintf(stderr, "%d: test case took %dms\n", tc->id, (int)duration_ms);
 
-  if(tr->res != tc->exp_res
-    && CURLE_OPERATION_TIMEDOUT != tr->res) {
+  if(tr->res != tc->exp_res && CURLE_OPERATION_TIMEDOUT != tr->res) {
     /* on CI we encounter the TIMEOUT result, since images get less CPU
      * and events are not as sharply timed. */
     curl_msprintf(msg, "%d: expected result %d but got %d",
diff --git a/tests/unit/unit2601.c b/tests/unit/unit2601.c
index 8411c19e98..6a1ca2f1bd 100644
--- a/tests/unit/unit2601.c
+++ b/tests/unit/unit2601.c
@@ -80,7 +80,7 @@ static void check_bufq(size_t pool_spares,
                        size_t chunk_size, size_t max_chunks,
                        size_t wsize, size_t rsize, int opts)
 {
-  static unsigned char test_data[32*1024];
+  static unsigned char test_data[32 * 1024];
 
   struct bufq q;
   struct bufc_pool pool;
@@ -167,7 +167,7 @@ static void check_bufq(size_t pool_spares,
 
   /* Test SOFT_LIMIT option */
   Curl_bufq_free(&q);
-  Curl_bufq_init2(&q, chunk_size, max_chunks, (opts|BUFQ_OPT_SOFT_LIMIT));
+  Curl_bufq_init2(&q, chunk_size, max_chunks, (opts | BUFQ_OPT_SOFT_LIMIT));
   nwritten = 0;
   while(!Curl_bufq_is_full(&q)) {
     res = Curl_bufq_write(&q, test_data, wsize, &n2);
@@ -212,9 +212,9 @@ static CURLcode test_unit2601(const char *arg)
   struct bufq q;
   size_t n;
   CURLcode res;
-  unsigned char buf[16*1024];
+  unsigned char buf[16 * 1024];
 
-  Curl_bufq_init(&q, 8*1024, 12);
+  Curl_bufq_init(&q, 8 * 1024, 12);
   res = Curl_bufq_read(&q, buf, 128, &n);
   fail_unless(res && res == CURLE_AGAIN, "read empty fail");
   Curl_bufq_free(&q);
@@ -225,7 +225,7 @@ static CURLcode test_unit2601(const char *arg)
   check_bufq(0, 1024, 4, 16000, 3000, BUFQ_OPT_NONE);
 
   check_bufq(0, 8000, 10, 1234, 1234, BUFQ_OPT_NONE);
-  check_bufq(0, 8000, 10, 8*1024, 4*1024, BUFQ_OPT_NONE);
+  check_bufq(0, 8000, 10, 8 * 1024, 4 * 1024, BUFQ_OPT_NONE);
 
   check_bufq(0, 1024, 4, 128, 128, BUFQ_OPT_NO_SPARES);
   check_bufq(0, 1024, 4, 129, 127, BUFQ_OPT_NO_SPARES);
diff --git a/tests/unit/unit2602.c b/tests/unit/unit2602.c
index da2b7dba54..684fa3db83 100644
--- a/tests/unit/unit2602.c
+++ b/tests/unit/unit2602.c
@@ -85,7 +85,7 @@ static CURLcode test_unit2602(const char *arg)
   Curl_dynhds_reset(&hds);
   Curl_dynhds_free(&hds);
 
-  Curl_dynhds_init(&hds, 128, 4*1024);
+  Curl_dynhds_init(&hds, 128, 4 * 1024);
   fail_if(Curl_dynhds_add(&hds, "test1", 5, "123", 3), "add failed");
   fail_if(Curl_dynhds_add(&hds, "test1", 5, "123", 3), "add failed");
   fail_if(Curl_dynhds_cadd(&hds, "blablabla", "thingies"), "add failed");
@@ -100,18 +100,18 @@ static CURLcode test_unit2602(const char *arg)
     fail_unless(Curl_dynhds_ccount_name(&hds, "bLABlaBlA") == 0, "should");
     fail_if(Curl_dynhds_cadd(&hds, "Bla-Bla", "thingies"), "add failed");
 
-    curlx_dyn_init(&dbuf, 32*1024);
+    curlx_dyn_init(&dbuf, 32 * 1024);
     fail_if(Curl_dynhds_h1_dprint(&hds, &dbuf), "h1 print failed");
     if(curlx_dyn_ptr(&dbuf)) {
       fail_if(strcmp(curlx_dyn_ptr(&dbuf),
                      "test1: 123\r\ntest1: 123\r\nBla-Bla: thingies\r\n"),
-                     "h1 format differs");
+              "h1 format differs");
     }
     curlx_dyn_free(&dbuf);
   }
 
   Curl_dynhds_free(&hds);
-  Curl_dynhds_init(&hds, 128, 4*1024);
+  Curl_dynhds_init(&hds, 128, 4 * 1024);
   /* continuation without previous header fails */
   res = Curl_dynhds_h1_cadd_line(&hds, " indented value");
   fail_unless(res, "add should have failed");
@@ -124,13 +124,13 @@ static CURLcode test_unit2602(const char *arg)
   fail_if(Curl_dynhds_h1_cadd_line(&hds, "ti3: val1"), "add");
   fail_if(Curl_dynhds_h1_cadd_line(&hds, "     val2"), "add indent");
 
-  curlx_dyn_init(&dbuf, 32*1024);
+  curlx_dyn_init(&dbuf, 32 * 1024);
   fail_if(Curl_dynhds_h1_dprint(&hds, &dbuf), "h1 print failed");
   if(curlx_dyn_ptr(&dbuf)) {
     curl_mfprintf(stderr, "indent concat: %s\n", curlx_dyn_ptr(&dbuf));
     fail_if(strcmp(curlx_dyn_ptr(&dbuf),
                    "ti1: val1 val2\r\nti2: val1 val2\r\nti3: val1 val2\r\n"),
-                   "wrong format");
+            "wrong format");
   }
   curlx_dyn_free(&dbuf);
 
diff --git a/tests/unit/unit3200.c b/tests/unit/unit3200.c
index fe00da939d..bfd4d1181b 100644
--- a/tests/unit/unit3200.c
+++ b/tests/unit/unit3200.c
@@ -94,68 +94,68 @@ static CURLcode test_unit3200(const char *arg)
 
     curl_mfprintf(stderr, "Test %zd...", i);
     switch(i) {
-      case 0:
-        res = Curl_get_line(&buf, fp, &eof);
-        line = curlx_dyn_ptr(&buf);
-        fail_unless(!res && line && !strcmp("LINE1\n", line),
-                    "First line failed (1)");
-        res = Curl_get_line(&buf, fp, &eof);
-        line = curlx_dyn_ptr(&buf);
-        fail_unless(!res && line && !strcmp("LINE2 NEWLINE\n", line),
-                    "Second line failed (1)");
-        res = Curl_get_line(&buf, fp, &eof);
-        abort_unless(eof, "Missed EOF (1)");
-        break;
-      case 1:
-        res = Curl_get_line(&buf, fp, &eof);
-        line = curlx_dyn_ptr(&buf);
-        fail_unless(!res && line && !strcmp("LINE1\n", line),
-                    "First line failed (2)");
-        res = Curl_get_line(&buf, fp, &eof);
-        line = curlx_dyn_ptr(&buf);
-        fail_unless(!res && line && !strcmp("LINE2 NONEWLINE\n", line),
-                    "Second line failed (2)");
-        res = Curl_get_line(&buf, fp, &eof);
-        abort_unless(eof, "Missed EOF (2)");
-        break;
-      case 2:
-        res = Curl_get_line(&buf, fp, &eof);
-        line = curlx_dyn_ptr(&buf);
-        fail_unless(!res && line && !strcmp("LINE1\n", line),
-                    "First line failed (3)");
-        res = Curl_get_line(&buf, fp, &eof);
-        fail_unless(!curlx_dyn_len(&buf),
-                    "Did not detect max read on EOF (3)");
-        break;
-      case 3:
-        res = Curl_get_line(&buf, fp, &eof);
-        line = curlx_dyn_ptr(&buf);
-        fail_unless(!res && line && !strcmp("LINE1\n", line),
-                    "First line failed (4)");
-        res = Curl_get_line(&buf, fp, &eof);
-        fail_unless(!curlx_dyn_len(&buf),
-                    "Did not ignore partial on EOF (4)");
-        break;
-      case 4:
-        res = Curl_get_line(&buf, fp, &eof);
-        line = curlx_dyn_ptr(&buf);
-        fail_unless(!res && line && !strcmp("LINE1\n", line),
-                    "First line failed (5)");
-        res = Curl_get_line(&buf, fp, &eof);
-        fail_unless(!curlx_dyn_len(&buf),
-                    "Did not bail out on too long line");
-        break;
-      case 5:
-        res = Curl_get_line(&buf, fp, &eof);
-        line = curlx_dyn_ptr(&buf);
-        fail_unless(!res && line && !strcmp("LINE1\x1aTEST\n", line),
-                    "Missed/Misinterpreted ^Z (6)");
-        res = Curl_get_line(&buf, fp, &eof);
-        abort_unless(eof, "Missed EOF (6)");
-        break;
-      default:
-        abort_unless(1, "Unknown case");
-        break;
+    case 0:
+      res = Curl_get_line(&buf, fp, &eof);
+      line = curlx_dyn_ptr(&buf);
+      fail_unless(!res && line && !strcmp("LINE1\n", line),
+                  "First line failed (1)");
+      res = Curl_get_line(&buf, fp, &eof);
+      line = curlx_dyn_ptr(&buf);
+      fail_unless(!res && line && !strcmp("LINE2 NEWLINE\n", line),
+                  "Second line failed (1)");
+      res = Curl_get_line(&buf, fp, &eof);
+      abort_unless(eof, "Missed EOF (1)");
+      break;
+    case 1:
+      res = Curl_get_line(&buf, fp, &eof);
+      line = curlx_dyn_ptr(&buf);
+      fail_unless(!res && line && !strcmp("LINE1\n", line),
+                  "First line failed (2)");
+      res = Curl_get_line(&buf, fp, &eof);
+      line = curlx_dyn_ptr(&buf);
+      fail_unless(!res && line && !strcmp("LINE2 NONEWLINE\n", line),
+                  "Second line failed (2)");
+      res = Curl_get_line(&buf, fp, &eof);
+      abort_unless(eof, "Missed EOF (2)");
+      break;
+    case 2:
+      res = Curl_get_line(&buf, fp, &eof);
+      line = curlx_dyn_ptr(&buf);
+      fail_unless(!res && line && !strcmp("LINE1\n", line),
+                  "First line failed (3)");
+      res = Curl_get_line(&buf, fp, &eof);
+      fail_unless(!curlx_dyn_len(&buf),
+                  "Did not detect max read on EOF (3)");
+      break;
+    case 3:
+      res = Curl_get_line(&buf, fp, &eof);
+      line = curlx_dyn_ptr(&buf);
+      fail_unless(!res && line && !strcmp("LINE1\n", line),
+                  "First line failed (4)");
+      res = Curl_get_line(&buf, fp, &eof);
+      fail_unless(!curlx_dyn_len(&buf),
+                  "Did not ignore partial on EOF (4)");
+      break;
+    case 4:
+      res = Curl_get_line(&buf, fp, &eof);
+      line = curlx_dyn_ptr(&buf);
+      fail_unless(!res && line && !strcmp("LINE1\n", line),
+                  "First line failed (5)");
+      res = Curl_get_line(&buf, fp, &eof);
+      fail_unless(!curlx_dyn_len(&buf),
+                  "Did not bail out on too long line");
+      break;
+    case 5:
+      res = Curl_get_line(&buf, fp, &eof);
+      line = curlx_dyn_ptr(&buf);
+      fail_unless(!res && line && !strcmp("LINE1\x1aTEST\n", line),
+                  "Missed/Misinterpreted ^Z (6)");
+      res = Curl_get_line(&buf, fp, &eof);
+      abort_unless(eof, "Missed EOF (6)");
+      break;
+    default:
+      abort_unless(1, "Unknown case");
+      break;
     }
     curlx_dyn_free(&buf);
     curlx_fclose(fp);
diff --git a/tests/unit/unit3205.c b/tests/unit/unit3205.c
index bb42e9e0c6..bb35fb2f8e 100644
--- a/tests/unit/unit3205.c
+++ b/tests/unit/unit3205.c
@@ -561,9 +561,9 @@ static CURLcode test_unit3205(const char *arg)
     /* suites matched by EDH alias will return the DHE name */
     if(test->id >= 0x0011 && test->id < 0x0017) {
       if(expect && memcmp(expect, "EDH-", 4) == 0)
-        expect = (char *) memcpy(strcpy(alt, expect), "DHE-", 4);
+        expect = (char *)memcpy(strcpy(alt, expect), "DHE-", 4);
       if(expect && memcmp(expect + 4, "EDH-", 4) == 0)
-        expect = (char *) memcpy(strcpy(alt, expect) + 4, "DHE-", 4) - 4;
+        expect = (char *)memcpy(strcpy(alt, expect) + 4, "DHE-", 4) - 4;
     }
 
     if(expect && strcmp(buf, expect) != 0) {
diff --git a/tests/unit/unit3211.c b/tests/unit/unit3211.c
index 1ec30ac9a2..7f6c616909 100644
--- a/tests/unit/unit3211.c
+++ b/tests/unit/unit3211.c
@@ -84,7 +84,7 @@ static void check_set(const char *name, unsigned int capacity,
   }
   /* The count is half */
   c = Curl_uint32_bset_count(&bset);
-  fail_unless(c == slen/2, "set count is wrong");
+  fail_unless(c == slen / 2, "set count is wrong");
 
   Curl_uint32_bset_clear(&bset);
   c = Curl_uint32_bset_count(&bset);
@@ -107,7 +107,7 @@ static void check_set(const char *name, unsigned int capacity,
   for(i = 0; i < slen; i++)  /* all still present after resize back */
     fail_unless(Curl_uint32_bset_contains(&bset, s[i]), "unexpectedly lost");
 
-  fail_unless(!Curl_uint32_bset_resize(&bset, capacity/2),
+  fail_unless(!Curl_uint32_bset_resize(&bset, capacity / 2),
               "resize half failed");
   /* halved the size, what numbers remain in set? */
   c = Curl_uint32_bset_capacity(&bset);
diff --git a/tests/unit/unit3213.c b/tests/unit/unit3213.c
index b0d4d2ced5..dbd26f4aa4 100644
--- a/tests/unit/unit3213.c
+++ b/tests/unit/unit3213.c
@@ -75,7 +75,7 @@ static void check_spbset(const char *name, const unsigned int *s, size_t slen)
   }
   /* The count is half */
   c = Curl_uint32_spbset_count(&bset);
-  fail_unless(c == slen/2, "set count is wrong");
+  fail_unless(c == slen / 2, "set count is wrong");
 
   Curl_uint32_spbset_clear(&bset);
   c = Curl_uint32_spbset_count(&bset);
diff --git a/tests/unit/unit3216.c b/tests/unit/unit3216.c
index cbe9a5f0bf..0f9d27492c 100644
--- a/tests/unit/unit3216.c
+++ b/tests/unit/unit3216.c
@@ -45,7 +45,7 @@ static CURLcode test_unit3216(const char *arg)
   fail_unless(Curl_rlimit_avail(&r, ts) == 0, "blocked inf");
   Curl_rlimit_block(&r, FALSE, ts);
   fail_unless(Curl_rlimit_avail(&r, ts) == CURL_OFF_T_MAX,
-    "unblocked unlimited");
+              "unblocked unlimited");
 
   /* A ratelimit that give 10 tokens per second */
   ts = curlx_now();

From 06e16167d62984976b7a3ea2fcfa61813fd6d81c Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Fri, 28 Nov 2025 17:16:31 +0100
Subject: [PATCH 1055/2408] memdebug: buffer output data

Instead of writing each line to file immediately, this now stores them
in an in-memory buffer until that gets full or curl exits. To make it
run faster and write to file less often.

Closes #19750
---
 lib/memdebug.c | 24 +++++++++++++++++++++---
 1 file changed, 21 insertions(+), 3 deletions(-)

diff --git a/lib/memdebug.c b/lib/memdebug.c
index 9fd54d026b..329b11ea79 100644
--- a/lib/memdebug.c
+++ b/lib/memdebug.c
@@ -62,6 +62,10 @@ static long memsize = 0;  /* set number of mallocs allowed */
 static struct backtrace_state *btstate;
 #endif
 
+#define KEEPSIZE 10000
+static char membuf[KEEPSIZE];
+static size_t memwidx = 0; /* write index */
+
 /* LeakSantizier (LSAN) calls _exit() instead of exit() when a leak is detected
    on exit so the logfile must be closed explicitly or data could be lost.
    Though _exit() does not call atexit handlers such as this, LSAN's call to
@@ -71,6 +75,8 @@ static void curl_dbg_cleanup(void)
   if(curl_dbg_logfile &&
      curl_dbg_logfile != stderr &&
      curl_dbg_logfile != stdout) {
+    if(memwidx)
+      fwrite(membuf, 1, memwidx, curl_dbg_logfile);
     /* !checksrc! disable BANNEDFUNC 1 */
     fclose(curl_dbg_logfile);
   }
@@ -506,7 +512,7 @@ int curl_dbg_fclose(FILE *file, int line, const char *source)
 void curl_dbg_log(const char *format, ...)
 {
   char buf[1024];
-  int nchars;
+  size_t nchars;
   va_list ap;
 
   if(!curl_dbg_logfile)
@@ -519,8 +525,20 @@ void curl_dbg_log(const char *format, ...)
   if(nchars > (int)sizeof(buf) - 1)
     nchars = (int)sizeof(buf) - 1;
 
-  if(nchars > 0)
-    fwrite(buf, 1, (size_t)nchars, curl_dbg_logfile);
+  if(nchars > 0) {
+    if(KEEPSIZE - nchars < memwidx) {
+      /* flush */
+      fwrite(membuf, 1, memwidx, curl_dbg_logfile);
+      fflush(curl_dbg_logfile);
+      memwidx = 0;
+    }
+    if(memwidx) {
+      /* the previous line ends with a newline */
+      DEBUGASSERT(membuf[memwidx - 1] == '\n');
+    }
+    memcpy(&membuf[memwidx], buf, nchars);
+    memwidx += nchars;
+  }
 }
 
 #endif /* CURLDEBUG */

From 16f073ef49f94412000218c9f6ad04e3fd7e4d01 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 27 Mar 2025 01:15:16 +0100
Subject: [PATCH 1056/2408] cmake: define dependencies as `IMPORTED` interface
 targets

Rework the way curl's custom Find modules advertise their properties.

Before this patch, Find modules returned detected dependency properties
(header dirs, libs, libdirs, C flags, etc.) via global variables. curl's
main `CMakeLists.txt` copied their values into global lists, which it
later applied to targets. This solution worked internally, but it was
unsuited for the public, distributed `CURLConfig.cmake` and publishing
curl's Find modules with it, due to polluting the namespace of consumer
projects. It's also impractical to apply the many individual variables
to every targets depending on libcurl.

To allow using Find modules in consumer projects, this patch makes them
define as imported interface targets, named `CURL::`. Then
store dependency information as target properties. It avoids namespace
pollution and makes the dependency information apply automatically
to all targets using `CURL::libcurl_static`.

Find modules continue to return `*_FOUND` and `*_VERSION` variables.

For dependencies detected via `pkg-config`, CMake 3.16+ is recommended.
Older CMake versions have a varying degree of support for
propagating/handling library directories. This may cause issues in envs
where dependencies reside in non-system locations and detected via
`pkg-config` (e.g. macOS + Homebrew). Use `CURL_USE_PKGCONFIG=OFF`
to fix these issues. Or upgrade to newer CMake, or link libcurl
dynamically.

Also:
- re-enable `pkg-config` for old cmake `find_library()` integration
  tests.
- make `curlinfo` build after these changes.
- distribute local Find modules.
- export the raw list of lib dependencies via `CURL_LIBRARIES_PRIVATE`.
- `CURLconfig.cmake`: use curl's Find modules to detect dependencies in
  the consumer env.
- add custom property to target property debug function.
- the curl build process no longer modifies `CMAKE_C_FLAGS`.
  Follow-up to e86542038dda88dadf8959584e803895f979310c #17047

Ref: #14930
Ref: https://github.com/libssh2/libssh2/pull/1535
Ref: https://github.com/libssh2/libssh2/pull/1571
Ref: https://github.com/libssh2/libssh2/pull/1581
Ref: https://github.com/libssh2/libssh2/pull/1623

Closes #16973
---
 CMake/FindBrotli.cmake       |  40 +--
 CMake/FindCares.cmake        |  51 ++--
 CMake/FindGSS.cmake          |  73 +++---
 CMake/FindGnuTLS.cmake       |  47 ++--
 CMake/FindLDAP.cmake         |  42 ++--
 CMake/FindLibbacktrace.cmake |  29 ++-
 CMake/FindLibgsasl.cmake     |  46 ++--
 CMake/FindLibidn2.cmake      |  47 ++--
 CMake/FindLibpsl.cmake       |  47 ++--
 CMake/FindLibrtmp.cmake      |  53 ++--
 CMake/FindLibssh.cmake       |  51 ++--
 CMake/FindLibssh2.cmake      |  47 ++--
 CMake/FindLibuv.cmake        |  47 ++--
 CMake/FindMbedTLS.cmake      |  54 +++--
 CMake/FindNGHTTP2.cmake      |  47 ++--
 CMake/FindNGHTTP3.cmake      |  47 ++--
 CMake/FindNGTCP2.cmake       |  42 ++--
 CMake/FindNettle.cmake       |  47 ++--
 CMake/FindQuiche.cmake       |  47 ++--
 CMake/FindRustls.cmake       |  59 +++--
 CMake/FindWolfSSL.cmake      |  55 +++--
 CMake/FindZstd.cmake         |  47 ++--
 CMake/Utilities.cmake        |   1 +
 CMake/curl-config.cmake.in   | 118 +++++++++
 CMakeLists.txt               | 455 +++++++++++++++--------------------
 lib/CMakeLists.txt           |  26 +-
 src/CMakeLists.txt           |   3 +-
 tests/cmake/test.sh          |   2 +-
 28 files changed, 1010 insertions(+), 660 deletions(-)

diff --git a/CMake/FindBrotli.cmake b/CMake/FindBrotli.cmake
index d2b50d9621..981b30cafd 100644
--- a/CMake/FindBrotli.cmake
+++ b/CMake/FindBrotli.cmake
@@ -29,31 +29,27 @@
 # - `BROTLICOMMON_LIBRARY`:  Absolute path to `brotlicommon` library.
 # - `BROTLIDEC_LIBRARY`:     Absolute path to `brotlidec` library.
 #
-# Result variables:
+# Defines:
 #
 # - `BROTLI_FOUND`:          System has brotli.
-# - `BROTLI_INCLUDE_DIRS`:   The brotli include directories.
-# - `BROTLI_LIBRARIES`:      The brotli library names.
-# - `BROTLI_LIBRARY_DIRS`:   The brotli library directories.
-# - `BROTLI_PC_REQUIRES`:    The brotli pkg-config packages.
-# - `BROTLI_CFLAGS`:         Required compiler flags.
 # - `BROTLI_VERSION`:        Version of brotli.
+# - `CURL::brotli`:          brotli library target.
 
-set(BROTLI_PC_REQUIRES "libbrotlidec" "libbrotlicommon")  # order is significant: brotlidec then brotlicommon
+set(_brotli_pc_requires "libbrotlidec" "libbrotlicommon")  # order is significant: brotlidec then brotlicommon
 
 if(CURL_USE_PKGCONFIG AND
    NOT DEFINED BROTLI_INCLUDE_DIR AND
    NOT DEFINED BROTLICOMMON_LIBRARY AND
    NOT DEFINED BROTLIDEC_LIBRARY)
   find_package(PkgConfig QUIET)
-  pkg_check_modules(BROTLI ${BROTLI_PC_REQUIRES})
+  pkg_check_modules(_brotli ${_brotli_pc_requires})
 endif()
 
-if(BROTLI_FOUND)
+if(_brotli_FOUND)
   set(Brotli_FOUND TRUE)
-  set(BROTLI_VERSION ${BROTLI_libbrotlicommon_VERSION})
-  string(REPLACE ";" " " BROTLI_CFLAGS "${BROTLI_CFLAGS}")
-  message(STATUS "Found Brotli (via pkg-config): ${BROTLI_INCLUDE_DIRS} (found version \"${BROTLI_VERSION}\")")
+  set(BROTLI_FOUND TRUE)
+  set(BROTLI_VERSION ${_brotli_libbrotlicommon_VERSION})
+  message(STATUS "Found Brotli (via pkg-config): ${_brotli_INCLUDE_DIRS} (found version \"${BROTLI_VERSION}\")")
 else()
   find_path(BROTLI_INCLUDE_DIR "brotli/decode.h")
   find_library(BROTLICOMMON_LIBRARY NAMES "brotlicommon")
@@ -68,9 +64,25 @@ else()
   )
 
   if(BROTLI_FOUND)
-    set(BROTLI_INCLUDE_DIRS ${BROTLI_INCLUDE_DIR})
-    set(BROTLI_LIBRARIES ${BROTLIDEC_LIBRARY} ${BROTLICOMMON_LIBRARY})
+    set(_brotli_INCLUDE_DIRS ${BROTLI_INCLUDE_DIR})
+    set(_brotli_LIBRARIES ${BROTLIDEC_LIBRARY} ${BROTLICOMMON_LIBRARY})
   endif()
 
   mark_as_advanced(BROTLI_INCLUDE_DIR BROTLIDEC_LIBRARY BROTLICOMMON_LIBRARY)
 endif()
+
+if(BROTLI_FOUND)
+  if(CMAKE_VERSION VERSION_LESS 3.13)
+    link_directories(${_brotli_LIBRARY_DIRS})
+  endif()
+
+  if(NOT TARGET CURL::brotli)
+    add_library(CURL::brotli INTERFACE IMPORTED)
+    set_target_properties(CURL::brotli PROPERTIES
+      INTERFACE_LIBCURL_PC_MODULES "${_brotli_pc_requires}"
+      INTERFACE_COMPILE_OPTIONS "${_brotli_CFLAGS}"
+      INTERFACE_INCLUDE_DIRECTORIES "${_brotli_INCLUDE_DIRS}"
+      INTERFACE_LINK_DIRECTORIES "${_brotli_LIBRARY_DIRS}"
+      INTERFACE_LINK_LIBRARIES "${_brotli_LIBRARIES}")
+  endif()
+endif()
diff --git a/CMake/FindCares.cmake b/CMake/FindCares.cmake
index ae2db52d85..4a20bc0af4 100644
--- a/CMake/FindCares.cmake
+++ b/CMake/FindCares.cmake
@@ -25,32 +25,29 @@
 #
 # Input variables:
 #
-# - `CARES_INCLUDE_DIR`:   Absolute path to c-ares include directory.
-# - `CARES_LIBRARY`:       Absolute path to `cares` library.
+# - `CARES_INCLUDE_DIR`:  Absolute path to c-ares include directory.
+# - `CARES_LIBRARY`:      Absolute path to `cares` library.
 #
-# Result variables:
+# Defines:
 #
-# - `CARES_FOUND`:         System has c-ares.
-# - `CARES_INCLUDE_DIRS`:  The c-ares include directories.
-# - `CARES_LIBRARIES`:     The c-ares library names.
-# - `CARES_LIBRARY_DIRS`:  The c-ares library directories.
-# - `CARES_PC_REQUIRES`:   The c-ares pkg-config packages.
-# - `CARES_CFLAGS`:        Required compiler flags.
-# - `CARES_VERSION`:       Version of c-ares.
+# - `CARES_FOUND`:        System has c-ares.
+# - `CARES_VERSION`:      Version of c-ares.
+# - `CURL::cares`:        c-ares library target.
 
-set(CARES_PC_REQUIRES "libcares")
+set(_cares_pc_requires "libcares")
 
 if(CURL_USE_PKGCONFIG AND
    NOT DEFINED CARES_INCLUDE_DIR AND
    NOT DEFINED CARES_LIBRARY)
   find_package(PkgConfig QUIET)
-  pkg_check_modules(CARES ${CARES_PC_REQUIRES})
+  pkg_check_modules(_cares ${_cares_pc_requires})
 endif()
 
-if(CARES_FOUND)
+if(_cares_FOUND)
   set(Cares_FOUND TRUE)
-  string(REPLACE ";" " " CARES_CFLAGS "${CARES_CFLAGS}")
-  message(STATUS "Found Cares (via pkg-config): ${CARES_INCLUDE_DIRS} (found version \"${CARES_VERSION}\")")
+  set(CARES_FOUND TRUE)
+  set(CARES_VERSION ${_cares_VERSION})
+  message(STATUS "Found Cares (via pkg-config): ${_cares_INCLUDE_DIRS} (found version \"${CARES_VERSION}\")")
 else()
   find_path(CARES_INCLUDE_DIR NAMES "ares.h")
   find_library(CARES_LIBRARY NAMES ${CARES_NAMES} "cares")
@@ -85,13 +82,29 @@ else()
   )
 
   if(CARES_FOUND)
-    set(CARES_INCLUDE_DIRS ${CARES_INCLUDE_DIR})
-    set(CARES_LIBRARIES    ${CARES_LIBRARY})
+    set(_cares_INCLUDE_DIRS ${CARES_INCLUDE_DIR})
+    set(_cares_LIBRARIES    ${CARES_LIBRARY})
   endif()
 
   mark_as_advanced(CARES_INCLUDE_DIR CARES_LIBRARY)
 endif()
 
-if(CARES_FOUND AND WIN32)
-  list(APPEND CARES_LIBRARIES "iphlpapi")  # for if_indextoname and others
+if(CARES_FOUND)
+  if(WIN32)
+    list(APPEND _cares_LIBRARIES "iphlpapi")  # for if_indextoname and others
+  endif()
+
+  if(CMAKE_VERSION VERSION_LESS 3.13)
+    link_directories(${_cares_LIBRARY_DIRS})
+  endif()
+
+  if(NOT TARGET CURL::cares)
+    add_library(CURL::cares INTERFACE IMPORTED)
+    set_target_properties(CURL::cares PROPERTIES
+      INTERFACE_LIBCURL_PC_MODULES "${_cares_pc_requires}"
+      INTERFACE_COMPILE_OPTIONS "${_cares_CFLAGS}"
+      INTERFACE_INCLUDE_DIRECTORIES "${_cares_INCLUDE_DIRS}"
+      INTERFACE_LINK_DIRECTORIES "${_cares_LIBRARY_DIRS}"
+      INTERFACE_LINK_LIBRARIES "${_cares_LIBRARIES}")
+  endif()
 endif()
diff --git a/CMake/FindGSS.cmake b/CMake/FindGSS.cmake
index 89545aa741..106c4c4edd 100644
--- a/CMake/FindGSS.cmake
+++ b/CMake/FindGSS.cmake
@@ -25,19 +25,15 @@
 #
 # Input variables:
 #
-# - `GSS_ROOT_DIR`:      Absolute path to the root installation of GSS. (also supported as environment)
+# - `GSS_ROOT_DIR`:       Absolute path to the root installation of GSS. (also supported as environment)
 #
-# Result variables:
+# Defines:
 #
-# - `GSS_FOUND`:         System has a GSS library.
-# - `GSS_FLAVOUR`:       "GNU" or "MIT" if anything found.
-# - `GSS_INCLUDE_DIRS`:  The GSS include directories.
-# - `GSS_LIBRARIES`:     The GSS library names.
-# - `GSS_LIBRARY_DIRS`:  The GSS library directories.
-# - `GSS_PC_REQUIRES`:   The GSS pkg-config packages.
-# - `GSS_CFLAGS`:        Required compiler flags.
-# - `GSS_VERSION`:       This is set to version advertised by pkg-config or read from manifest.
-#                        In case the library is found but no version info available it is set to "unknown"
+# - `GSS_FOUND`:          System has a GSS library.
+# - `GSS_VERSION`:        This is set to version advertised by pkg-config or read from manifest.
+#                         In case the library is found but no version info available it is set to "unknown"
+# - `CURL::gss`:          GSS library target.
+#   - CURL_GSS_FLAVOUR`:  Custom property. "GNU" or "MIT" if detected.
 
 set(_gnu_modname "gss")
 set(_mit_modname "mit-krb5-gssapi")
@@ -140,7 +136,7 @@ if(NOT _gss_FOUND)  # Not found by pkg-config. Let us take more traditional appr
 
     # Older versions may not have the "--vendor" parameter. In this case we just do not care.
     if(NOT _gss_configure_failed AND NOT _gss_vendor MATCHES "Heimdal|heimdal")
-      set(GSS_FLAVOUR "MIT")  # assume a default, should not really matter
+      set(_gss_flavour "MIT")  # assume a default, should not really matter
     endif()
 
   else()  # Either there is no config script or we are on a platform that does not provide one (Windows?)
@@ -156,7 +152,7 @@ if(NOT _gss_FOUND)  # Not found by pkg-config. Let us take more traditional appr
       cmake_pop_check_state()
 
       if(_gss_have_mit_headers)
-        set(GSS_FLAVOUR "MIT")
+        set(_gss_flavour "MIT")
         if(WIN32)
           if(CMAKE_SIZEOF_VOID_P EQUAL 8)
             list(APPEND _gss_libdir_suffixes "lib/AMD64")
@@ -174,14 +170,14 @@ if(NOT _gss_FOUND)  # Not found by pkg-config. Let us take more traditional appr
       find_path(_gss_INCLUDE_DIRS NAMES "gss.h" HINTS ${_gss_root_hints} PATH_SUFFIXES "include")
 
       if(_gss_INCLUDE_DIRS)
-        set(GSS_FLAVOUR "GNU")
-        set(GSS_PC_REQUIRES ${_gnu_modname})
+        set(_gss_flavour "GNU")
+        set(_gss_pc_requires ${_gnu_modname})
         set(_gss_libname "gss")
       endif()
     endif()
 
     # If we have headers, look up libraries
-    if(GSS_FLAVOUR)
+    if(_gss_flavour)
       set(_gss_libdir_hints ${_gss_root_hints})
       if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.20)
         cmake_path(GET _gss_INCLUDE_DIRS PARENT_PATH _gss_calculated_potential_root)
@@ -193,34 +189,28 @@ if(NOT _gss_FOUND)  # Not found by pkg-config. Let us take more traditional appr
       find_library(_gss_LIBRARIES NAMES ${_gss_libname} HINTS ${_gss_libdir_hints} PATH_SUFFIXES ${_gss_libdir_suffixes})
     endif()
   endif()
-  if(NOT GSS_FLAVOUR)
+  if(NOT _gss_flavour)
     message(FATAL_ERROR "GNU or MIT GSS is required")
   endif()
 else()
   # _gss_MODULE_NAME set since CMake 3.16.
   # _pkg_check_modules_pkg_name is undocumented and used as a fallback for CMake <3.16 versions.
   if(_gss_MODULE_NAME STREQUAL _gnu_modname OR _pkg_check_modules_pkg_name STREQUAL _gnu_modname)
-    set(GSS_FLAVOUR "GNU")
-    set(GSS_PC_REQUIRES ${_gnu_modname})
+    set(_gss_flavour "GNU")
+    set(_gss_pc_requires ${_gnu_modname})
   elseif(_gss_MODULE_NAME STREQUAL _mit_modname OR _pkg_check_modules_pkg_name STREQUAL _mit_modname)
-    set(GSS_FLAVOUR "MIT")
-    set(GSS_PC_REQUIRES ${_mit_modname})
+    set(_gss_flavour "MIT")
+    set(_gss_pc_requires ${_mit_modname})
   else()
     message(FATAL_ERROR "GNU or MIT GSS is required")
   endif()
-  message(STATUS "Found GSS/${GSS_FLAVOUR} (via pkg-config): ${_gss_INCLUDE_DIRS} (found version \"${_gss_version}\")")
+  message(STATUS "Found GSS/${_gss_flavour} (via pkg-config): ${_gss_INCLUDE_DIRS} (found version \"${_gss_version}\")")
 endif()
 
-string(REPLACE ";" " " _gss_CFLAGS "${_gss_CFLAGS}")
-
-set(GSS_INCLUDE_DIRS ${_gss_INCLUDE_DIRS})
-set(GSS_LIBRARIES ${_gss_LIBRARIES})
-set(GSS_LIBRARY_DIRS ${_gss_LIBRARY_DIRS})
-set(GSS_CFLAGS ${_gss_CFLAGS})
 set(GSS_VERSION ${_gss_version})
 
 if(NOT GSS_VERSION)
-  if(GSS_FLAVOUR STREQUAL "MIT")
+  if(_gss_flavour STREQUAL "MIT")
     if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.24)
       cmake_host_system_information(RESULT _mit_version QUERY WINDOWS_REGISTRY
         "HKLM/SOFTWARE/MIT/Kerberos/SDK/CurrentVersion" VALUE "VersionString")
@@ -234,9 +224,9 @@ if(NOT GSS_VERSION)
       set(GSS_VERSION "MIT Unknown")
     endif()
   else()  # GNU
-    if(GSS_INCLUDE_DIRS AND EXISTS "${GSS_INCLUDE_DIRS}/gss.h")
+    if(_gss_INCLUDE_DIRS AND EXISTS "${_gss_INCLUDE_DIRS}/gss.h")
       set(_version_regex "#[\t ]*define[\t ]+GSS_VERSION[\t ]+\"([^\"]*)\"")
-      file(STRINGS "${GSS_INCLUDE_DIRS}/gss.h" _version_str REGEX "${_version_regex}")
+      file(STRINGS "${_gss_INCLUDE_DIRS}/gss.h" _version_str REGEX "${_version_regex}")
       string(REGEX REPLACE "${_version_regex}" "\\1" _version_str "${_version_str}")
       set(GSS_VERSION "${_version_str}")
       unset(_version_regex)
@@ -248,8 +238,8 @@ endif()
 include(FindPackageHandleStandardArgs)
 find_package_handle_standard_args(GSS
   REQUIRED_VARS
-    GSS_FLAVOUR
-    GSS_LIBRARIES
+    _gss_flavour
+    _gss_LIBRARIES
   VERSION_VAR
     GSS_VERSION
   FAIL_MESSAGE
@@ -266,3 +256,20 @@ mark_as_advanced(
   _gss_PREFIX
   _gss_version
 )
+
+if(GSS_FOUND)
+  if(CMAKE_VERSION VERSION_LESS 3.13)
+    link_directories(${_gss_LIBRARY_DIRS})
+  endif()
+
+  if(NOT TARGET CURL::gss)
+    add_library(CURL::gss INTERFACE IMPORTED)
+    set_target_properties(CURL::gss PROPERTIES
+      INTERFACE_CURL_GSS_FLAVOUR "${_gss_flavour}"
+      INTERFACE_LIBCURL_PC_MODULES "${_gss_pc_requires}"
+      INTERFACE_COMPILE_OPTIONS "${_gss_CFLAGS}"
+      INTERFACE_INCLUDE_DIRECTORIES "${_gss_INCLUDE_DIRS}"
+      INTERFACE_LINK_DIRECTORIES "${_gss_LIBRARY_DIRS}"
+      INTERFACE_LINK_LIBRARIES "${_gss_LIBRARIES}")
+  endif()
+endif()
diff --git a/CMake/FindGnuTLS.cmake b/CMake/FindGnuTLS.cmake
index 4de4f82eee..fff57b2c29 100644
--- a/CMake/FindGnuTLS.cmake
+++ b/CMake/FindGnuTLS.cmake
@@ -25,32 +25,29 @@
 #
 # Input variables:
 #
-# - `GNUTLS_INCLUDE_DIR`:   Absolute path to GnuTLS include directory.
-# - `GNUTLS_LIBRARY`:       Absolute path to `gnutls` library.
+# - `GNUTLS_INCLUDE_DIR`:  Absolute path to GnuTLS include directory.
+# - `GNUTLS_LIBRARY`:      Absolute path to `gnutls` library.
 #
-# Result variables:
+# Defines:
 #
-# - `GNUTLS_FOUND`:         System has GnuTLS.
-# - `GNUTLS_INCLUDE_DIRS`:  The GnuTLS include directories.
-# - `GNUTLS_LIBRARIES`:     The GnuTLS library names.
-# - `GNUTLS_LIBRARY_DIRS`:  The GnuTLS library directories.
-# - `GNUTLS_PC_REQUIRES`:   The GnuTLS pkg-config packages.
-# - `GNUTLS_CFLAGS`:        Required compiler flags.
-# - `GNUTLS_VERSION`:       Version of GnuTLS.
+# - `GNUTLS_FOUND`:        System has GnuTLS.
+# - `GNUTLS_VERSION`:      Version of GnuTLS.
+# - `CURL::gnutls`:        GnuTLS library target.
 
-set(GNUTLS_PC_REQUIRES "gnutls")
+set(_gnutls_pc_requires "gnutls")
 
 if(CURL_USE_PKGCONFIG AND
    NOT DEFINED GNUTLS_INCLUDE_DIR AND
    NOT DEFINED GNUTLS_LIBRARY)
   find_package(PkgConfig QUIET)
-  pkg_check_modules(GNUTLS ${GNUTLS_PC_REQUIRES})
+  pkg_check_modules(_gnutls ${_gnutls_pc_requires})
 endif()
 
-if(GNUTLS_FOUND)
+if(_gnutls_FOUND)
   set(GnuTLS_FOUND TRUE)
-  string(REPLACE ";" " " GNUTLS_CFLAGS "${GNUTLS_CFLAGS}")
-  message(STATUS "Found GnuTLS (via pkg-config): ${GNUTLS_INCLUDE_DIRS} (found version \"${GNUTLS_VERSION}\")")
+  set(GNUTLS_FOUND TRUE)
+  set(GNUTLS_VERSION ${_gnutls_VERSION})
+  message(STATUS "Found GnuTLS (via pkg-config): ${_gnutls_INCLUDE_DIRS} (found version \"${GNUTLS_VERSION}\")")
 else()
   find_path(GNUTLS_INCLUDE_DIR NAMES "gnutls/gnutls.h")
   find_library(GNUTLS_LIBRARY NAMES "gnutls" "libgnutls")
@@ -75,9 +72,25 @@ else()
   )
 
   if(GNUTLS_FOUND)
-    set(GNUTLS_INCLUDE_DIRS ${GNUTLS_INCLUDE_DIR})
-    set(GNUTLS_LIBRARIES    ${GNUTLS_LIBRARY})
+    set(_gnutls_INCLUDE_DIRS ${GNUTLS_INCLUDE_DIR})
+    set(_gnutls_LIBRARIES    ${GNUTLS_LIBRARY})
   endif()
 
   mark_as_advanced(GNUTLS_INCLUDE_DIR GNUTLS_LIBRARY)
 endif()
+
+if(GNUTLS_FOUND)
+  if(CMAKE_VERSION VERSION_LESS 3.13)
+    link_directories(${_gnutls_LIBRARY_DIRS})
+  endif()
+
+  if(NOT TARGET CURL::gnutls)
+    add_library(CURL::gnutls INTERFACE IMPORTED)
+    set_target_properties(CURL::gnutls PROPERTIES
+      INTERFACE_LIBCURL_PC_MODULES "${_gnutls_pc_requires}"
+      INTERFACE_COMPILE_OPTIONS "${_gnutls_CFLAGS}"
+      INTERFACE_INCLUDE_DIRECTORIES "${_gnutls_INCLUDE_DIRS}"
+      INTERFACE_LINK_DIRECTORIES "${_gnutls_LIBRARY_DIRS}"
+      INTERFACE_LINK_LIBRARIES "${_gnutls_LIBRARIES}")
+  endif()
+endif()
diff --git a/CMake/FindLDAP.cmake b/CMake/FindLDAP.cmake
index 0a897aa13f..2f5cc713c7 100644
--- a/CMake/FindLDAP.cmake
+++ b/CMake/FindLDAP.cmake
@@ -29,32 +29,28 @@
 # - `LDAP_LIBRARY`:       Absolute path to `ldap` library.
 # - `LDAP_LBER_LIBRARY`:  Absolute path to `lber` library.
 #
-# Result variables:
+# Defines:
 #
 # - `LDAP_FOUND`:         System has ldap.
-# - `LDAP_INCLUDE_DIRS`:  The ldap include directories.
-# - `LDAP_LIBRARIES`:     The ldap library names.
-# - `LDAP_LIBRARY_DIRS`:  The ldap library directories.
-# - `LDAP_PC_REQUIRES`:   The ldap pkg-config packages.
-# - `LDAP_CFLAGS`:        Required compiler flags.
 # - `LDAP_VERSION`:       Version of ldap.
+# - `CURL::ldap`:         ldap library target.
 
-set(LDAP_PC_REQUIRES "ldap" "lber")
+set(_ldap_pc_requires "ldap" "lber")
 
 if(CURL_USE_PKGCONFIG AND
    NOT DEFINED LDAP_INCLUDE_DIR AND
    NOT DEFINED LDAP_LIBRARY AND
    NOT DEFINED LDAP_LBER_LIBRARY)
   find_package(PkgConfig QUIET)
-  pkg_check_modules(LDAP ${LDAP_PC_REQUIRES})
+  pkg_check_modules(_ldap ${_ldap_pc_requires})
 endif()
 
-if(LDAP_FOUND)
-  set(LDAP_VERSION ${LDAP_ldap_VERSION})
-  string(REPLACE ";" " " LDAP_CFLAGS "${LDAP_CFLAGS}")
-  message(STATUS "Found LDAP (via pkg-config): ${LDAP_INCLUDE_DIRS} (found version \"${LDAP_VERSION}\")")
+if(_ldap_FOUND)
+  set(LDAP_FOUND TRUE)
+  set(LDAP_VERSION ${_ldap_ldap_VERSION})
+  message(STATUS "Found LDAP (via pkg-config): ${_ldap_INCLUDE_DIRS} (found version \"${LDAP_VERSION}\")")
 else()
-  set(LDAP_PC_REQUIRES "")  # Depend on pkg-config only when found via pkg-config
+  set(_ldap_pc_requires "")  # Depend on pkg-config only when found via pkg-config
 
   # On Apple the SDK LDAP gets picked up from
   # 'MacOSX.sdk/System/Library/Frameworks/LDAP.framework/Headers', which contains
@@ -99,9 +95,25 @@ else()
   )
 
   if(LDAP_FOUND)
-    set(LDAP_INCLUDE_DIRS ${LDAP_INCLUDE_DIR})
-    set(LDAP_LIBRARIES    ${LDAP_LIBRARY} ${LDAP_LBER_LIBRARY})
+    set(_ldap_INCLUDE_DIRS ${LDAP_INCLUDE_DIR})
+    set(_ldap_LIBRARIES    ${LDAP_LIBRARY} ${LDAP_LBER_LIBRARY})
   endif()
 
   mark_as_advanced(LDAP_INCLUDE_DIR LDAP_LIBRARY LDAP_LBER_LIBRARY)
 endif()
+
+if(LDAP_FOUND)
+  if(CMAKE_VERSION VERSION_LESS 3.13)
+    link_directories(${_ldap_LIBRARY_DIRS})
+  endif()
+
+  if(NOT TARGET CURL::ldap)
+    add_library(CURL::ldap INTERFACE IMPORTED)
+    set_target_properties(CURL::ldap PROPERTIES
+      INTERFACE_LIBCURL_PC_MODULES "${_ldap_pc_requires}"
+      INTERFACE_COMPILE_OPTIONS "${_ldap_CFLAGS}"
+      INTERFACE_INCLUDE_DIRECTORIES "${_ldap_INCLUDE_DIRS}"
+      INTERFACE_LINK_DIRECTORIES "${_ldap_LIBRARY_DIRS}"
+      INTERFACE_LINK_LIBRARIES "${_ldap_LIBRARIES}")
+  endif()
+endif()
diff --git a/CMake/FindLibbacktrace.cmake b/CMake/FindLibbacktrace.cmake
index 444c5f90fd..c6f7b700c4 100644
--- a/CMake/FindLibbacktrace.cmake
+++ b/CMake/FindLibbacktrace.cmake
@@ -25,14 +25,13 @@
 #
 # Input variables:
 #
-# - `LIBBACKTRACE_INCLUDE_DIR`:   Absolute path to libbacktrace include directory.
-# - `LIBBACKTRACE_LIBRARY`:       Absolute path to `libbacktrace` library.
+# - `LIBBACKTRACE_INCLUDE_DIR`:  Absolute path to libbacktrace include directory.
+# - `LIBBACKTRACE_LIBRARY`:      Absolute path to `libbacktrace` library.
 #
-# Result variables:
+# Defines:
 #
-# - `LIBBACKTRACE_FOUND`:         System has libbacktrace.
-# - `LIBBACKTRACE_INCLUDE_DIRS`:  The libbacktrace include directories.
-# - `LIBBACKTRACE_LIBRARIES`:     The libbacktrace library names.
+# - `LIBBACKTRACE_FOUND`:        System has libbacktrace.
+# - `CURL::libbacktrace`:        libbacktrace library target.
 
 find_path(LIBBACKTRACE_INCLUDE_DIR NAMES "backtrace.h")
 find_library(LIBBACKTRACE_LIBRARY NAMES "backtrace" "libbacktrace")
@@ -45,8 +44,22 @@ find_package_handle_standard_args(Libbacktrace
 )
 
 if(LIBBACKTRACE_FOUND)
-  set(LIBBACKTRACE_INCLUDE_DIRS ${LIBBACKTRACE_INCLUDE_DIR})
-  set(LIBBACKTRACE_LIBRARIES    ${LIBBACKTRACE_LIBRARY})
+  set(_libbacktrace_INCLUDE_DIRS ${LIBBACKTRACE_INCLUDE_DIR})
+  set(_libbacktrace_LIBRARIES    ${LIBBACKTRACE_LIBRARY})
+
+  if(CMAKE_VERSION VERSION_LESS 3.13)
+    link_directories(${_libbacktrace_LIBRARY_DIRS})
+  endif()
+
+  if(NOT TARGET CURL::libbacktrace)
+    add_library(CURL::libbacktrace INTERFACE IMPORTED)
+    set_target_properties(CURL::libbacktrace PROPERTIES
+      INTERFACE_LIBCURL_PC_MODULES "${_libbacktrace_pc_requires}"
+      INTERFACE_COMPILE_OPTIONS "${_libbacktrace_CFLAGS}"
+      INTERFACE_INCLUDE_DIRECTORIES "${_libbacktrace_INCLUDE_DIRS}"
+      INTERFACE_LINK_DIRECTORIES "${_libbacktrace_LIBRARY_DIRS}"
+      INTERFACE_LINK_LIBRARIES "${_libbacktrace_LIBRARIES}")
+  endif()
 endif()
 
 mark_as_advanced(LIBBACKTRACE_INCLUDE_DIR LIBBACKTRACE_LIBRARY)
diff --git a/CMake/FindLibgsasl.cmake b/CMake/FindLibgsasl.cmake
index e584f75371..5ddf957d72 100644
--- a/CMake/FindLibgsasl.cmake
+++ b/CMake/FindLibgsasl.cmake
@@ -25,32 +25,28 @@
 #
 # Input variables:
 #
-# - `LIBGSASL_INCLUDE_DIR`:   Absolute path to libgsasl include directory.
-# - `LIBGSASL_LIBRARY`:       Absolute path to `libgsasl` library.
+# - `LIBGSASL_INCLUDE_DIR`:  Absolute path to libgsasl include directory.
+# - `LIBGSASL_LIBRARY`:      Absolute path to `libgsasl` library.
 #
-# Result variables:
+# Defines:
 #
-# - `LIBGSASL_FOUND`:         System has libgsasl.
-# - `LIBGSASL_INCLUDE_DIRS`:  The libgsasl include directories.
-# - `LIBGSASL_LIBRARIES`:     The libgsasl library names.
-# - `LIBGSASL_LIBRARY_DIRS`:  The libgsasl library directories.
-# - `LIBGSASL_PC_REQUIRES`:   The libgsasl pkg-config packages.
-# - `LIBGSASL_CFLAGS`:        Required compiler flags.
-# - `LIBGSASL_VERSION`:       Version of libgsasl.
+# - `LIBGSASL_FOUND`:        System has libgsasl.
+# - `LIBGSASL_VERSION`:      Version of libgsasl.
+# - `CURL::libgsasl`:        libgsasl library target.
 
-set(LIBGSASL_PC_REQUIRES "libgsasl")
+set(_libgsasl_pc_requires "libgsasl")
 
 if(CURL_USE_PKGCONFIG AND
    NOT DEFINED LIBGSASL_INCLUDE_DIR AND
    NOT DEFINED LIBGSASL_LIBRARY)
   find_package(PkgConfig QUIET)
-  pkg_check_modules(LIBGSASL ${LIBGSASL_PC_REQUIRES})
+  pkg_check_modules(_libgsasl ${_libgsasl_pc_requires})
 endif()
 
-if(LIBGSASL_FOUND)
+if(_libgsasl_FOUND)
   set(Libgsasl_FOUND TRUE)
-  string(REPLACE ";" " " LIBGSASL_CFLAGS "${LIBGSASL_CFLAGS}")
-  message(STATUS "Found Libgsasl (via pkg-config): ${LIBGSASL_INCLUDE_DIRS} (found version \"${LIBGSASL_VERSION}\")")
+  set(LIBGSASL_FOUND TRUE)
+  message(STATUS "Found Libgsasl (via pkg-config): ${_libgsasl_INCLUDE_DIRS} (found version \"${LIBGSASL_VERSION}\")")
 else()
   find_path(LIBGSASL_INCLUDE_DIR NAMES "gsasl.h")
   find_library(LIBGSASL_LIBRARY NAMES "gsasl" "libgsasl")
@@ -75,9 +71,25 @@ else()
   )
 
   if(LIBGSASL_FOUND)
-    set(LIBGSASL_INCLUDE_DIRS ${LIBGSASL_INCLUDE_DIR})
-    set(LIBGSASL_LIBRARIES    ${LIBGSASL_LIBRARY})
+    set(_libgsasl_INCLUDE_DIRS ${LIBGSASL_INCLUDE_DIR})
+    set(_libgsasl_LIBRARIES    ${LIBGSASL_LIBRARY})
   endif()
 
   mark_as_advanced(LIBGSASL_INCLUDE_DIR LIBGSASL_LIBRARY)
 endif()
+
+if(LIBGSASL_FOUND)
+  if(CMAKE_VERSION VERSION_LESS 3.13)
+    link_directories(${_libgsasl_LIBRARY_DIRS})
+  endif()
+
+  if(NOT TARGET CURL::libgsasl)
+    add_library(CURL::libgsasl INTERFACE IMPORTED)
+    set_target_properties(CURL::libgsasl PROPERTIES
+      INTERFACE_LIBCURL_PC_MODULES "${_libgsasl_pc_requires}"
+      INTERFACE_COMPILE_OPTIONS "${_libgsasl_CFLAGS}"
+      INTERFACE_INCLUDE_DIRECTORIES "${_libgsasl_INCLUDE_DIRS}"
+      INTERFACE_LINK_DIRECTORIES "${_libgsasl_LIBRARY_DIRS}"
+      INTERFACE_LINK_LIBRARIES "${_libgsasl_LIBRARIES}")
+  endif()
+endif()
diff --git a/CMake/FindLibidn2.cmake b/CMake/FindLibidn2.cmake
index 9112428f37..336a7f7b40 100644
--- a/CMake/FindLibidn2.cmake
+++ b/CMake/FindLibidn2.cmake
@@ -25,32 +25,29 @@
 #
 # Input variables:
 #
-# - `LIBIDN2_INCLUDE_DIR`:   Absolute path to libidn2 include directory.
-# - `LIBIDN2_LIBRARY`:       Absolute path to `libidn2` library.
+# - `LIBIDN2_INCLUDE_DIR`:  Absolute path to libidn2 include directory.
+# - `LIBIDN2_LIBRARY`:      Absolute path to `libidn2` library.
 #
-# Result variables:
+# Defines:
 #
-# - `LIBIDN2_FOUND`:         System has libidn2.
-# - `LIBIDN2_INCLUDE_DIRS`:  The libidn2 include directories.
-# - `LIBIDN2_LIBRARIES`:     The libidn2 library names.
-# - `LIBIDN2_LIBRARY_DIRS`:  The libidn2 library directories.
-# - `LIBIDN2_PC_REQUIRES`:   The libidn2 pkg-config packages.
-# - `LIBIDN2_CFLAGS`:        Required compiler flags.
-# - `LIBIDN2_VERSION`:       Version of libidn2.
+# - `LIBIDN2_FOUND`:        System has libidn2.
+# - `LIBIDN2_VERSION`:      Version of libidn2.
+# - `CURL::libidn2`:        libidn2 library target.
 
-set(LIBIDN2_PC_REQUIRES "libidn2")
+set(_libidn2_pc_requires "libidn2")
 
 if(CURL_USE_PKGCONFIG AND
    NOT DEFINED LIBIDN2_INCLUDE_DIR AND
    NOT DEFINED LIBIDN2_LIBRARY)
   find_package(PkgConfig QUIET)
-  pkg_check_modules(LIBIDN2 ${LIBIDN2_PC_REQUIRES})
+  pkg_check_modules(_libidn2 ${_libidn2_pc_requires})
 endif()
 
-if(LIBIDN2_FOUND)
+if(_libidn2_FOUND)
   set(Libidn2_FOUND TRUE)
-  string(REPLACE ";" " " LIBIDN2_CFLAGS "${LIBIDN2_CFLAGS}")
-  message(STATUS "Found Libidn2 (via pkg-config): ${LIBIDN2_INCLUDE_DIRS} (found version \"${LIBIDN2_VERSION}\")")
+  set(LIBIDN2_FOUND TRUE)
+  set(LIBIDN2_VERSION ${_libidn2_VERSION})
+  message(STATUS "Found Libidn2 (via pkg-config): ${_libidn2_INCLUDE_DIRS} (found version \"${LIBIDN2_VERSION}\")")
 else()
   find_path(LIBIDN2_INCLUDE_DIR NAMES "idn2.h")
   find_library(LIBIDN2_LIBRARY NAMES "idn2" "libidn2")
@@ -75,9 +72,25 @@ else()
   )
 
   if(LIBIDN2_FOUND)
-    set(LIBIDN2_INCLUDE_DIRS ${LIBIDN2_INCLUDE_DIR})
-    set(LIBIDN2_LIBRARIES    ${LIBIDN2_LIBRARY})
+    set(_libidn2_INCLUDE_DIRS ${LIBIDN2_INCLUDE_DIR})
+    set(_libidn2_LIBRARIES    ${LIBIDN2_LIBRARY})
   endif()
 
   mark_as_advanced(LIBIDN2_INCLUDE_DIR LIBIDN2_LIBRARY)
 endif()
+
+if(LIBIDN2_FOUND)
+  if(CMAKE_VERSION VERSION_LESS 3.13)
+    link_directories(${_libidn2_LIBRARY_DIRS})
+  endif()
+
+  if(NOT TARGET CURL::libidn2)
+    add_library(CURL::libidn2 INTERFACE IMPORTED)
+    set_target_properties(CURL::libidn2 PROPERTIES
+      INTERFACE_LIBCURL_PC_MODULES "${_libidn2_pc_requires}"
+      INTERFACE_COMPILE_OPTIONS "${_libidn2_CFLAGS}"
+      INTERFACE_INCLUDE_DIRECTORIES "${_libidn2_INCLUDE_DIRS}"
+      INTERFACE_LINK_DIRECTORIES "${_libidn2_LIBRARY_DIRS}"
+      INTERFACE_LINK_LIBRARIES "${_libidn2_LIBRARIES}")
+  endif()
+endif()
diff --git a/CMake/FindLibpsl.cmake b/CMake/FindLibpsl.cmake
index 13740fa9b3..9b1a0cdd97 100644
--- a/CMake/FindLibpsl.cmake
+++ b/CMake/FindLibpsl.cmake
@@ -25,32 +25,29 @@
 #
 # Input variables:
 #
-# - `LIBPSL_INCLUDE_DIR`:   Absolute path to libpsl include directory.
-# - `LIBPSL_LIBRARY`:       Absolute path to `libpsl` library.
+# - `LIBPSL_INCLUDE_DIR`:  Absolute path to libpsl include directory.
+# - `LIBPSL_LIBRARY`:      Absolute path to `libpsl` library.
 #
-# Result variables:
+# Defines:
 #
-# - `LIBPSL_FOUND`:         System has libpsl.
-# - `LIBPSL_INCLUDE_DIRS`:  The libpsl include directories.
-# - `LIBPSL_LIBRARIES`:     The libpsl library names.
-# - `LIBPSL_LIBRARY_DIRS`:  The libpsl library directories.
-# - `LIBPSL_PC_REQUIRES`:   The libpsl pkg-config packages.
-# - `LIBPSL_CFLAGS`:        Required compiler flags.
-# - `LIBPSL_VERSION`:       Version of libpsl.
+# - `LIBPSL_FOUND`:        System has libpsl.
+# - `LIBPSL_VERSION`:      Version of libpsl.
+# - `CURL::libpsl`:        libpsl library target.
 
-set(LIBPSL_PC_REQUIRES "libpsl")
+set(_libpsl_pc_requires "libpsl")
 
 if(CURL_USE_PKGCONFIG AND
    NOT DEFINED LIBPSL_INCLUDE_DIR AND
    NOT DEFINED LIBPSL_LIBRARY)
   find_package(PkgConfig QUIET)
-  pkg_check_modules(LIBPSL ${LIBPSL_PC_REQUIRES})
+  pkg_check_modules(_libpsl ${_libpsl_pc_requires})
 endif()
 
-if(LIBPSL_FOUND AND LIBPSL_INCLUDE_DIRS)
+if(_libpsl_FOUND AND _libpsl_INCLUDE_DIRS)
   set(Libpsl_FOUND TRUE)
-  string(REPLACE ";" " " LIBPSL_CFLAGS "${LIBPSL_CFLAGS}")
-  message(STATUS "Found Libpsl (via pkg-config): ${LIBPSL_INCLUDE_DIRS} (found version \"${LIBPSL_VERSION}\")")
+  set(LIBPSL_FOUND TRUE)
+  set(LIBPSL_VERSION ${_libpsl_VERSION})
+  message(STATUS "Found Libpsl (via pkg-config): ${_libpsl_INCLUDE_DIRS} (found version \"${LIBPSL_VERSION}\")")
 else()
   find_path(LIBPSL_INCLUDE_DIR NAMES "libpsl.h")
   find_library(LIBPSL_LIBRARY NAMES "psl" "libpsl")
@@ -75,9 +72,25 @@ else()
   )
 
   if(LIBPSL_FOUND)
-    set(LIBPSL_INCLUDE_DIRS ${LIBPSL_INCLUDE_DIR})
-    set(LIBPSL_LIBRARIES    ${LIBPSL_LIBRARY})
+    set(_libpsl_INCLUDE_DIRS ${LIBPSL_INCLUDE_DIR})
+    set(_libpsl_LIBRARIES    ${LIBPSL_LIBRARY})
   endif()
 
   mark_as_advanced(LIBPSL_INCLUDE_DIR LIBPSL_LIBRARY)
 endif()
+
+if(LIBPSL_FOUND)
+  if(CMAKE_VERSION VERSION_LESS 3.13)
+    link_directories(${_libpsl_LIBRARY_DIRS})
+  endif()
+
+  if(NOT TARGET CURL::libpsl)
+    add_library(CURL::libpsl INTERFACE IMPORTED)
+    set_target_properties(CURL::libpsl PROPERTIES
+      INTERFACE_LIBCURL_PC_MODULES "${_libpsl_pc_requires}"
+      INTERFACE_COMPILE_OPTIONS "${_libpsl_CFLAGS}"
+      INTERFACE_INCLUDE_DIRECTORIES "${_libpsl_INCLUDE_DIRS}"
+      INTERFACE_LINK_DIRECTORIES "${_libpsl_LIBRARY_DIRS}"
+      INTERFACE_LINK_LIBRARIES "${_libpsl_LIBRARIES}")
+  endif()
+endif()
diff --git a/CMake/FindLibrtmp.cmake b/CMake/FindLibrtmp.cmake
index be975794b7..070538578e 100644
--- a/CMake/FindLibrtmp.cmake
+++ b/CMake/FindLibrtmp.cmake
@@ -25,32 +25,29 @@
 #
 # Input variables:
 #
-# - `LIBRTMP_INCLUDE_DIR`:   Absolute path to librtmp include directory.
-# - `LIBRTMP_LIBRARY`:       Absolute path to `librtmp` library.
+# - `LIBRTMP_INCLUDE_DIR`:  Absolute path to librtmp include directory.
+# - `LIBRTMP_LIBRARY`:      Absolute path to `librtmp` library.
 #
-# Result variables:
+# Defines:
 #
-# - `LIBRTMP_FOUND`:         System has librtmp.
-# - `LIBRTMP_INCLUDE_DIRS`:  The librtmp include directories.
-# - `LIBRTMP_LIBRARIES`:     The librtmp library names.
-# - `LIBRTMP_LIBRARY_DIRS`:  The librtmp library directories.
-# - `LIBRTMP_PC_REQUIRES`:   The librtmp pkg-config packages.
-# - `LIBRTMP_CFLAGS`:        Required compiler flags.
-# - `LIBRTMP_VERSION`:       Version of librtmp.
+# - `LIBRTMP_FOUND`:        System has librtmp.
+# - `LIBRTMP_VERSION`:      Version of librtmp.
+# - `CURL::librtmp`:        librtmp library target.
 
-set(LIBRTMP_PC_REQUIRES "librtmp")
+set(_librtmp_pc_requires "librtmp")
 
 if(CURL_USE_PKGCONFIG AND
    NOT DEFINED LIBRTMP_INCLUDE_DIR AND
    NOT DEFINED LIBRTMP_LIBRARY)
   find_package(PkgConfig QUIET)
-  pkg_check_modules(LIBRTMP ${LIBRTMP_PC_REQUIRES})
+  pkg_check_modules(_librtmp ${_librtmp_pc_requires})
 endif()
 
-if(LIBRTMP_FOUND AND LIBRTMP_INCLUDE_DIRS)
+if(_librtmp_FOUND AND _librtmp_INCLUDE_DIRS)
   set(Librtmp_FOUND TRUE)
-  string(REPLACE ";" " " LIBRTMP_CFLAGS "${LIBRTMP_CFLAGS}")
-  message(STATUS "Found Librtmp (via pkg-config): ${LIBRTMP_INCLUDE_DIRS} (found version \"${LIBRTMP_VERSION}\")")
+  set(LIBRTMP_FOUND TRUE)
+  set(LIBRTMP_VERSION ${_librtmp_VERSION})
+  message(STATUS "Found Librtmp (via pkg-config): ${_librtmp_INCLUDE_DIRS} (found version \"${LIBRTMP_VERSION}\")")
 else()
   find_path(LIBRTMP_INCLUDE_DIR NAMES "librtmp/rtmp.h")
   find_library(LIBRTMP_LIBRARY NAMES "rtmp")
@@ -85,8 +82,8 @@ else()
   )
 
   if(LIBRTMP_FOUND)
-    set(LIBRTMP_INCLUDE_DIRS ${LIBRTMP_INCLUDE_DIR})
-    set(LIBRTMP_LIBRARIES    ${LIBRTMP_LIBRARY})
+    set(_librtmp_INCLUDE_DIRS ${LIBRTMP_INCLUDE_DIR})
+    set(_librtmp_LIBRARIES    ${LIBRTMP_LIBRARY})
   endif()
 
   mark_as_advanced(LIBRTMP_INCLUDE_DIR LIBRTMP_LIBRARY)
@@ -94,10 +91,26 @@ else()
   # Necessary when linking a static librtmp
   find_package(OpenSSL)
   if(OPENSSL_FOUND)
-    list(APPEND LIBRTMP_LIBRARIES OpenSSL::SSL OpenSSL::Crypto)
+    list(APPEND _librtmp_LIBRARIES OpenSSL::SSL OpenSSL::Crypto)
   endif()
 endif()
 
-if(LIBRTMP_FOUND AND WIN32)
-  list(APPEND LIBRTMP_LIBRARIES "winmm")
+if(LIBRTMP_FOUND)
+  if(WIN32)
+    list(APPEND _librtmp_LIBRARIES "winmm")
+  endif()
+
+  if(CMAKE_VERSION VERSION_LESS 3.13)
+    link_directories(${_librtmp_LIBRARY_DIRS})
+  endif()
+
+  if(NOT TARGET CURL::librtmp)
+    add_library(CURL::librtmp INTERFACE IMPORTED)
+    set_target_properties(CURL::librtmp PROPERTIES
+      INTERFACE_LIBCURL_PC_MODULES "${_librtmp_pc_requires}"
+      INTERFACE_COMPILE_OPTIONS "${_librtmp_CFLAGS}"
+      INTERFACE_INCLUDE_DIRECTORIES "${_librtmp_INCLUDE_DIRS}"
+      INTERFACE_LINK_DIRECTORIES "${_librtmp_LIBRARY_DIRS}"
+      INTERFACE_LINK_LIBRARIES "${_librtmp_LIBRARIES}")
+  endif()
 endif()
diff --git a/CMake/FindLibssh.cmake b/CMake/FindLibssh.cmake
index cb895aa8d7..ad1248fe00 100644
--- a/CMake/FindLibssh.cmake
+++ b/CMake/FindLibssh.cmake
@@ -25,32 +25,29 @@
 #
 # Input variables:
 #
-# - `LIBSSH_INCLUDE_DIR`:   Absolute path to libssh include directory.
-# - `LIBSSH_LIBRARY`:       Absolute path to `libssh` library.
+# - `LIBSSH_INCLUDE_DIR`:  Absolute path to libssh include directory.
+# - `LIBSSH_LIBRARY`:      Absolute path to `libssh` library.
 #
-# Result variables:
+# Defines:
 #
-# - `LIBSSH_FOUND`:         System has libssh.
-# - `LIBSSH_INCLUDE_DIRS`:  The libssh include directories.
-# - `LIBSSH_LIBRARIES`:     The libssh library names.
-# - `LIBSSH_LIBRARY_DIRS`:  The libssh library directories.
-# - `LIBSSH_PC_REQUIRES`:   The libssh pkg-config packages.
-# - `LIBSSH_CFLAGS`:        Required compiler flags.
-# - `LIBSSH_VERSION`:       Version of libssh.
+# - `LIBSSH_FOUND`:        System has libssh.
+# - `LIBSSH_VERSION`:      Version of libssh.
+# - `CURL::libssh`:        libssh library target.
 
-set(LIBSSH_PC_REQUIRES "libssh")
+set(_libssh_pc_requires "libssh")
 
 if(CURL_USE_PKGCONFIG AND
    NOT DEFINED LIBSSH_INCLUDE_DIR AND
    NOT DEFINED LIBSSH_LIBRARY)
   find_package(PkgConfig QUIET)
-  pkg_check_modules(LIBSSH ${LIBSSH_PC_REQUIRES})
+  pkg_check_modules(_libssh ${_libssh_pc_requires})
 endif()
 
-if(LIBSSH_FOUND)
+if(_libssh_FOUND)
   set(Libssh_FOUND TRUE)
-  string(REPLACE ";" " " LIBSSH_CFLAGS "${LIBSSH_CFLAGS}")
-  message(STATUS "Found Libssh (via pkg-config): ${LIBSSH_INCLUDE_DIRS} (found version \"${LIBSSH_VERSION}\")")
+  set(LIBSSH_FOUND TRUE)
+  set(LIBSSH_VERSION ${_libssh_VERSION})
+  message(STATUS "Found Libssh (via pkg-config): ${_libssh_INCLUDE_DIRS} (found version \"${LIBSSH_VERSION}\")")
 else()
   find_path(LIBSSH_INCLUDE_DIR NAMES "libssh/libssh.h")
   find_library(LIBSSH_LIBRARY NAMES "ssh" "libssh")
@@ -85,13 +82,29 @@ else()
   )
 
   if(LIBSSH_FOUND)
-    set(LIBSSH_INCLUDE_DIRS ${LIBSSH_INCLUDE_DIR})
-    set(LIBSSH_LIBRARIES    ${LIBSSH_LIBRARY})
+    set(_libssh_INCLUDE_DIRS ${LIBSSH_INCLUDE_DIR})
+    set(_libssh_LIBRARIES    ${LIBSSH_LIBRARY})
   endif()
 
   mark_as_advanced(LIBSSH_INCLUDE_DIR LIBSSH_LIBRARY)
 endif()
 
-if(LIBSSH_FOUND AND WIN32)
-  list(APPEND LIBSSH_LIBRARIES "iphlpapi")  # for if_nametoindex
+if(LIBSSH_FOUND)
+  if(WIN32)
+    list(APPEND _libssh_LIBRARIES "iphlpapi")  # for if_nametoindex
+  endif()
+
+  if(CMAKE_VERSION VERSION_LESS 3.13)
+    link_directories(${_libssh_LIBRARY_DIRS})
+  endif()
+
+  if(NOT TARGET CURL::libssh)
+    add_library(CURL::libssh INTERFACE IMPORTED)
+    set_target_properties(CURL::libssh PROPERTIES
+      INTERFACE_LIBCURL_PC_MODULES "${_libssh_pc_requires}"
+      INTERFACE_COMPILE_OPTIONS "${_libssh_CFLAGS}"
+      INTERFACE_INCLUDE_DIRECTORIES "${_libssh_INCLUDE_DIRS}"
+      INTERFACE_LINK_DIRECTORIES "${_libssh_LIBRARY_DIRS}"
+      INTERFACE_LINK_LIBRARIES "${_libssh_LIBRARIES}")
+  endif()
 endif()
diff --git a/CMake/FindLibssh2.cmake b/CMake/FindLibssh2.cmake
index 08415533e0..330611bfe5 100644
--- a/CMake/FindLibssh2.cmake
+++ b/CMake/FindLibssh2.cmake
@@ -25,32 +25,29 @@
 #
 # Input variables:
 #
-# - `LIBSSH2_INCLUDE_DIR`:   Absolute path to libssh2 include directory.
-# - `LIBSSH2_LIBRARY`:       Absolute path to `libssh2` library.
+# - `LIBSSH2_INCLUDE_DIR`:  Absolute path to libssh2 include directory.
+# - `LIBSSH2_LIBRARY`:      Absolute path to `libssh2` library.
 #
-# Result variables:
+# Defines:
 #
-# - `LIBSSH2_FOUND`:         System has libssh2.
-# - `LIBSSH2_INCLUDE_DIRS`:  The libssh2 include directories.
-# - `LIBSSH2_LIBRARIES`:     The libssh2 library names.
-# - `LIBSSH2_LIBRARY_DIRS`:  The libssh2 library directories.
-# - `LIBSSH2_PC_REQUIRES`:   The libssh2 pkg-config packages.
-# - `LIBSSH2_CFLAGS`:        Required compiler flags.
-# - `LIBSSH2_VERSION`:       Version of libssh2.
+# - `LIBSSH2_FOUND`:        System has libssh2.
+# - `LIBSSH2_VERSION`:      Version of libssh2.
+# - `CURL::libssh2`:        libssh2 library target.
 
-set(LIBSSH2_PC_REQUIRES "libssh2")
+set(_libssh2_pc_requires "libssh2")
 
 if(CURL_USE_PKGCONFIG AND
    NOT DEFINED LIBSSH2_INCLUDE_DIR AND
    NOT DEFINED LIBSSH2_LIBRARY)
   find_package(PkgConfig QUIET)
-  pkg_check_modules(LIBSSH2 ${LIBSSH2_PC_REQUIRES})
+  pkg_check_modules(_libssh2 ${_libssh2_pc_requires})
 endif()
 
-if(LIBSSH2_FOUND AND LIBSSH2_INCLUDE_DIRS)
+if(_libssh2_FOUND AND _libssh2_INCLUDE_DIRS)
   set(Libssh2_FOUND TRUE)
-  string(REPLACE ";" " " LIBSSH2_CFLAGS "${LIBSSH2_CFLAGS}")
-  message(STATUS "Found Libssh2 (via pkg-config): ${LIBSSH2_INCLUDE_DIRS} (found version \"${LIBSSH2_VERSION}\")")
+  set(LIBSSH2_FOUND TRUE)
+  set(LIBSSH2_VERSION ${_libssh2_VERSION})
+  message(STATUS "Found Libssh2 (via pkg-config): ${_libssh2_INCLUDE_DIRS} (found version \"${LIBSSH2_VERSION}\")")
 else()
   find_path(LIBSSH2_INCLUDE_DIR NAMES "libssh2.h")
   find_library(LIBSSH2_LIBRARY NAMES "ssh2" "libssh2")
@@ -75,9 +72,25 @@ else()
   )
 
   if(LIBSSH2_FOUND)
-    set(LIBSSH2_INCLUDE_DIRS ${LIBSSH2_INCLUDE_DIR})
-    set(LIBSSH2_LIBRARIES    ${LIBSSH2_LIBRARY})
+    set(_libssh2_INCLUDE_DIRS ${LIBSSH2_INCLUDE_DIR})
+    set(_libssh2_LIBRARIES    ${LIBSSH2_LIBRARY})
   endif()
 
   mark_as_advanced(LIBSSH2_INCLUDE_DIR LIBSSH2_LIBRARY)
 endif()
+
+if(LIBSSH2_FOUND)
+  if(CMAKE_VERSION VERSION_LESS 3.13)
+    link_directories(${_libssh2_LIBRARY_DIRS})
+  endif()
+
+  if(NOT TARGET CURL::libssh2)
+    add_library(CURL::libssh2 INTERFACE IMPORTED)
+    set_target_properties(CURL::libssh2 PROPERTIES
+      INTERFACE_LIBCURL_PC_MODULES "${_libssh2_pc_requires}"
+      INTERFACE_COMPILE_OPTIONS "${_libssh2_CFLAGS}"
+      INTERFACE_INCLUDE_DIRECTORIES "${_libssh2_INCLUDE_DIRS}"
+      INTERFACE_LINK_DIRECTORIES "${_libssh2_LIBRARY_DIRS}"
+      INTERFACE_LINK_LIBRARIES "${_libssh2_LIBRARIES}")
+  endif()
+endif()
diff --git a/CMake/FindLibuv.cmake b/CMake/FindLibuv.cmake
index 2565ba3a38..f9d614bc06 100644
--- a/CMake/FindLibuv.cmake
+++ b/CMake/FindLibuv.cmake
@@ -25,32 +25,29 @@
 #
 # Input variables:
 #
-# - `LIBUV_INCLUDE_DIR`:   Absolute path to libuv include directory.
-# - `LIBUV_LIBRARY`:       Absolute path to `libuv` library.
+# - `LIBUV_INCLUDE_DIR`:  Absolute path to libuv include directory.
+# - `LIBUV_LIBRARY`:      Absolute path to `libuv` library.
 #
-# Result variables:
+# Defines:
 #
-# - `LIBUV_FOUND`:         System has libuv.
-# - `LIBUV_INCLUDE_DIRS`:  The libuv include directories.
-# - `LIBUV_LIBRARIES`:     The libuv library names.
-# - `LIBUV_LIBRARY_DIRS`:  The libuv library directories.
-# - `LIBUV_PC_REQUIRES`:   The libuv pkg-config packages.
-# - `LIBUV_CFLAGS`:        Required compiler flags.
-# - `LIBUV_VERSION`:       Version of libuv.
+# - `LIBUV_FOUND`:        System has libuv.
+# - `LIBUV_VERSION`:      Version of libuv.
+# - `CURL::libuv`:        libuv library target.
 
-set(LIBUV_PC_REQUIRES "libuv")
+set(_libuv_pc_requires "libuv")
 
 if(CURL_USE_PKGCONFIG AND
    NOT DEFINED LIBUV_INCLUDE_DIR AND
    NOT DEFINED LIBUV_LIBRARY)
   find_package(PkgConfig QUIET)
-  pkg_check_modules(LIBUV ${LIBUV_PC_REQUIRES})
+  pkg_check_modules(_libuv ${_libuv_pc_requires})
 endif()
 
-if(LIBUV_FOUND)
+if(_libuv_FOUND)
   set(Libuv_FOUND TRUE)
-  string(REPLACE ";" " " LIBUV_CFLAGS "${LIBUV_CFLAGS}")
-  message(STATUS "Found Libuv (via pkg-config): ${LIBUV_INCLUDE_DIRS} (found version \"${LIBUV_VERSION}\")")
+  set(LIBUV_FOUND TRUE)
+  set(LIBUV_VERSION ${_libuv_VERSION})
+  message(STATUS "Found Libuv (via pkg-config): ${_libuv_INCLUDE_DIRS} (found version \"${LIBUV_VERSION}\")")
 else()
   find_path(LIBUV_INCLUDE_DIR NAMES "uv.h")
   find_library(LIBUV_LIBRARY NAMES "uv" "libuv")
@@ -85,9 +82,25 @@ else()
   )
 
   if(LIBUV_FOUND)
-    set(LIBUV_INCLUDE_DIRS ${LIBUV_INCLUDE_DIR})
-    set(LIBUV_LIBRARIES    ${LIBUV_LIBRARY})
+    set(_libuv_INCLUDE_DIRS ${LIBUV_INCLUDE_DIR})
+    set(_libuv_LIBRARIES    ${LIBUV_LIBRARY})
   endif()
 
   mark_as_advanced(LIBUV_INCLUDE_DIR LIBUV_LIBRARY)
 endif()
+
+if(LIBUV_FOUND)
+  if(CMAKE_VERSION VERSION_LESS 3.13)
+    link_directories(${_libuv_LIBRARY_DIRS})
+  endif()
+
+  if(NOT TARGET CURL::libuv)
+    add_library(CURL::libuv INTERFACE IMPORTED)
+    set_target_properties(CURL::libuv PROPERTIES
+      INTERFACE_LIBCURL_PC_MODULES "${_libuv_pc_requires}"
+      INTERFACE_COMPILE_OPTIONS "${_libuv_CFLAGS}"
+      INTERFACE_INCLUDE_DIRECTORIES "${_libuv_INCLUDE_DIRS}"
+      INTERFACE_LINK_DIRECTORIES "${_libuv_LIBRARY_DIRS}"
+      INTERFACE_LINK_LIBRARIES "${_libuv_LIBRARIES}")
+  endif()
+endif()
diff --git a/CMake/FindMbedTLS.cmake b/CMake/FindMbedTLS.cmake
index 11b4f076f4..97201ab2b3 100644
--- a/CMake/FindMbedTLS.cmake
+++ b/CMake/FindMbedTLS.cmake
@@ -25,20 +25,16 @@
 #
 # Input variables:
 #
-# - `MBEDTLS_INCLUDE_DIR`:   Absolute path to mbedTLS include directory.
-# - `MBEDTLS_LIBRARY`:       Absolute path to `mbedtls` library.
-# - `MBEDX509_LIBRARY`:      Absolute path to `mbedx509` library.
-# - `MBEDCRYPTO_LIBRARY`:    Absolute path to `mbedcrypto` library.
+# - `MBEDTLS_INCLUDE_DIR`:  Absolute path to mbedTLS include directory.
+# - `MBEDTLS_LIBRARY`:      Absolute path to `mbedtls` library.
+# - `MBEDX509_LIBRARY`:     Absolute path to `mbedx509` library.
+# - `MBEDCRYPTO_LIBRARY`:   Absolute path to `mbedcrypto` library.
 #
-# Result variables:
+# Defines:
 #
-# - `MBEDTLS_FOUND`:         System has mbedTLS.
-# - `MBEDTLS_INCLUDE_DIRS`:  The mbedTLS include directories.
-# - `MBEDTLS_LIBRARIES`:     The mbedTLS library names.
-# - `MBEDTLS_LIBRARY_DIRS`:  The mbedTLS library directories.
-# - `MBEDTLS_PC_REQUIRES`:   The mbedTLS pkg-config packages.
-# - `MBEDTLS_CFLAGS`:        Required compiler flags.
-# - `MBEDTLS_VERSION`:       Version of mbedTLS.
+# - `MBEDTLS_FOUND`:        System has mbedTLS.
+# - `MBEDTLS_VERSION`:      Version of mbedTLS.
+# - `CURL::mbedtls`:        mbedTLS library target.
 
 if(DEFINED MBEDTLS_INCLUDE_DIRS AND NOT DEFINED MBEDTLS_INCLUDE_DIR)
   message(WARNING "MBEDTLS_INCLUDE_DIRS is deprecated, use MBEDTLS_INCLUDE_DIR instead.")
@@ -46,7 +42,7 @@ if(DEFINED MBEDTLS_INCLUDE_DIRS AND NOT DEFINED MBEDTLS_INCLUDE_DIR)
   unset(MBEDTLS_INCLUDE_DIRS)
 endif()
 
-set(MBEDTLS_PC_REQUIRES "mbedtls" "mbedx509" "mbedcrypto")
+set(_mbedtls_pc_requires "mbedtls" "mbedx509" "mbedcrypto")
 
 if(CURL_USE_PKGCONFIG AND
    NOT DEFINED MBEDTLS_INCLUDE_DIR AND
@@ -54,16 +50,16 @@ if(CURL_USE_PKGCONFIG AND
    NOT DEFINED MBEDX509_LIBRARY AND
    NOT DEFINED MBEDCRYPTO_LIBRARY)
   find_package(PkgConfig QUIET)
-  pkg_check_modules(MBEDTLS ${MBEDTLS_PC_REQUIRES})
+  pkg_check_modules(_mbedtls ${_mbedtls_pc_requires})
 endif()
 
-if(MBEDTLS_FOUND)
+if(_mbedtls_FOUND)
   set(MbedTLS_FOUND TRUE)
-  set(MBEDTLS_VERSION ${MBEDTLS_mbedtls_VERSION})
-  string(REPLACE ";" " " MBEDTLS_CFLAGS "${MBEDTLS_CFLAGS}")
-  message(STATUS "Found MbedTLS (via pkg-config): ${MBEDTLS_INCLUDE_DIRS} (found version \"${MBEDTLS_VERSION}\")")
+  set(MBEDTLS_FOUND TRUE)
+  set(MBEDTLS_VERSION ${_mbedtls_mbedtls_VERSION})
+  message(STATUS "Found MbedTLS (via pkg-config): ${_mbedtls_INCLUDE_DIRS} (found version \"${MBEDTLS_VERSION}\")")
 else()
-  set(MBEDTLS_PC_REQUIRES "")  # Depend on pkg-config only when found via pkg-config
+  set(_mbedtls_pc_requires "")  # Depend on pkg-config only when found via pkg-config
 
   find_path(MBEDTLS_INCLUDE_DIR NAMES "mbedtls/ssl.h")
   find_library(MBEDTLS_LIBRARY NAMES "mbedtls" "libmbedtls")
@@ -92,9 +88,25 @@ else()
   )
 
   if(MBEDTLS_FOUND)
-    set(MBEDTLS_INCLUDE_DIRS ${MBEDTLS_INCLUDE_DIR})
-    set(MBEDTLS_LIBRARIES    ${MBEDTLS_LIBRARY} ${MBEDX509_LIBRARY} ${MBEDCRYPTO_LIBRARY})
+    set(_mbedtls_INCLUDE_DIRS ${MBEDTLS_INCLUDE_DIR})
+    set(_mbedtls_LIBRARIES    ${MBEDTLS_LIBRARY} ${MBEDX509_LIBRARY} ${MBEDCRYPTO_LIBRARY})
   endif()
 
   mark_as_advanced(MBEDTLS_INCLUDE_DIR MBEDTLS_LIBRARY MBEDX509_LIBRARY MBEDCRYPTO_LIBRARY)
 endif()
+
+if(MBEDTLS_FOUND)
+  if(CMAKE_VERSION VERSION_LESS 3.13)
+    link_directories(${_mbedtls_LIBRARY_DIRS})
+  endif()
+
+  if(NOT TARGET CURL::mbedtls)
+    add_library(CURL::mbedtls INTERFACE IMPORTED)
+    set_target_properties(CURL::mbedtls PROPERTIES
+      INTERFACE_LIBCURL_PC_MODULES "${_mbedtls_pc_requires}"
+      INTERFACE_COMPILE_OPTIONS "${_mbedtls_CFLAGS}"
+      INTERFACE_INCLUDE_DIRECTORIES "${_mbedtls_INCLUDE_DIRS}"
+      INTERFACE_LINK_DIRECTORIES "${_mbedtls_LIBRARY_DIRS}"
+      INTERFACE_LINK_LIBRARIES "${_mbedtls_LIBRARIES}")
+  endif()
+endif()
diff --git a/CMake/FindNGHTTP2.cmake b/CMake/FindNGHTTP2.cmake
index 1ccf641589..8304345a38 100644
--- a/CMake/FindNGHTTP2.cmake
+++ b/CMake/FindNGHTTP2.cmake
@@ -25,31 +25,28 @@
 #
 # Input variables:
 #
-# - `NGHTTP2_INCLUDE_DIR`:   Absolute path to nghttp2 include directory.
-# - `NGHTTP2_LIBRARY`:       Absolute path to `nghttp2` library.
+# - `NGHTTP2_INCLUDE_DIR`:  Absolute path to nghttp2 include directory.
+# - `NGHTTP2_LIBRARY`:      Absolute path to `nghttp2` library.
 #
-# Result variables:
+# Defines:
 #
-# - `NGHTTP2_FOUND`:         System has nghttp2.
-# - `NGHTTP2_INCLUDE_DIRS`:  The nghttp2 include directories.
-# - `NGHTTP2_LIBRARIES`:     The nghttp2 library names.
-# - `NGHTTP2_LIBRARY_DIRS`:  The nghttp2 library directories.
-# - `NGHTTP2_PC_REQUIRES`:   The nghttp2 pkg-config packages.
-# - `NGHTTP2_CFLAGS`:        Required compiler flags.
-# - `NGHTTP2_VERSION`:       Version of nghttp2.
+# - `NGHTTP2_FOUND`:        System has nghttp2.
+# - `NGHTTP2_VERSION`:      Version of nghttp2.
+# - `CURL::nghttp2`:        nghttp2 library target.
 
-set(NGHTTP2_PC_REQUIRES "libnghttp2")
+set(_nghttp2_pc_requires "libnghttp2")
 
 if(CURL_USE_PKGCONFIG AND
    NOT DEFINED NGHTTP2_INCLUDE_DIR AND
    NOT DEFINED NGHTTP2_LIBRARY)
   find_package(PkgConfig QUIET)
-  pkg_check_modules(NGHTTP2 ${NGHTTP2_PC_REQUIRES})
+  pkg_check_modules(_nghttp2 ${_nghttp2_pc_requires})
 endif()
 
-if(NGHTTP2_FOUND)
-  string(REPLACE ";" " " NGHTTP2_CFLAGS "${NGHTTP2_CFLAGS}")
-  message(STATUS "Found NGHTTP2 (via pkg-config): ${NGHTTP2_INCLUDE_DIRS} (found version \"${NGHTTP2_VERSION}\")")
+if(_nghttp2_FOUND)
+  set(NGHTTP2_FOUND TRUE)
+  set(NGHTTP2_VERSION ${_nghttp2_VERSION})
+  message(STATUS "Found NGHTTP2 (via pkg-config): ${_nghttp2_INCLUDE_DIRS} (found version \"${NGHTTP2_VERSION}\")")
 else()
   find_path(NGHTTP2_INCLUDE_DIR NAMES "nghttp2/nghttp2.h")
   find_library(NGHTTP2_LIBRARY NAMES "nghttp2" "nghttp2_static")
@@ -74,9 +71,25 @@ else()
   )
 
   if(NGHTTP2_FOUND)
-    set(NGHTTP2_INCLUDE_DIRS ${NGHTTP2_INCLUDE_DIR})
-    set(NGHTTP2_LIBRARIES    ${NGHTTP2_LIBRARY})
+    set(_nghttp2_INCLUDE_DIRS ${NGHTTP2_INCLUDE_DIR})
+    set(_nghttp2_LIBRARIES    ${NGHTTP2_LIBRARY})
   endif()
 
   mark_as_advanced(NGHTTP2_INCLUDE_DIR NGHTTP2_LIBRARY)
 endif()
+
+if(NGHTTP2_FOUND)
+  if(CMAKE_VERSION VERSION_LESS 3.13)
+    link_directories(${_nghttp2_LIBRARY_DIRS})
+  endif()
+
+  if(NOT TARGET CURL::nghttp2)
+    add_library(CURL::nghttp2 INTERFACE IMPORTED)
+    set_target_properties(CURL::nghttp2 PROPERTIES
+      INTERFACE_LIBCURL_PC_MODULES "${_nghttp2_pc_requires}"
+      INTERFACE_COMPILE_OPTIONS "${_nghttp2_CFLAGS}"
+      INTERFACE_INCLUDE_DIRECTORIES "${_nghttp2_INCLUDE_DIRS}"
+      INTERFACE_LINK_DIRECTORIES "${_nghttp2_LIBRARY_DIRS}"
+      INTERFACE_LINK_LIBRARIES "${_nghttp2_LIBRARIES}")
+  endif()
+endif()
diff --git a/CMake/FindNGHTTP3.cmake b/CMake/FindNGHTTP3.cmake
index fba2c5779b..37ebfe1114 100644
--- a/CMake/FindNGHTTP3.cmake
+++ b/CMake/FindNGHTTP3.cmake
@@ -25,31 +25,28 @@
 #
 # Input variables:
 #
-# - `NGHTTP3_INCLUDE_DIR`:   Absolute path to nghttp3 include directory.
-# - `NGHTTP3_LIBRARY`:       Absolute path to `nghttp3` library.
+# - `NGHTTP3_INCLUDE_DIR`:  Absolute path to nghttp3 include directory.
+# - `NGHTTP3_LIBRARY`:      Absolute path to `nghttp3` library.
 #
-# Result variables:
+# Defines:
 #
-# - `NGHTTP3_FOUND`:         System has nghttp3.
-# - `NGHTTP3_INCLUDE_DIRS`:  The nghttp3 include directories.
-# - `NGHTTP3_LIBRARIES`:     The nghttp3 library names.
-# - `NGHTTP3_LIBRARY_DIRS`:  The nghttp3 library directories.
-# - `NGHTTP3_PC_REQUIRES`:   The nghttp3 pkg-config packages.
-# - `NGHTTP3_CFLAGS`:        Required compiler flags.
-# - `NGHTTP3_VERSION`:       Version of nghttp3.
+# - `NGHTTP3_FOUND`:        System has nghttp3.
+# - `NGHTTP3_VERSION`:      Version of nghttp3.
+# - `CURL::nghttp3`:        nghttp3 library target.
 
-set(NGHTTP3_PC_REQUIRES "libnghttp3")
+set(_nghttp3_pc_requires "libnghttp3")
 
 if(CURL_USE_PKGCONFIG AND
    NOT DEFINED NGHTTP3_INCLUDE_DIR AND
    NOT DEFINED NGHTTP3_LIBRARY)
   find_package(PkgConfig QUIET)
-  pkg_check_modules(NGHTTP3 ${NGHTTP3_PC_REQUIRES})
+  pkg_check_modules(_nghttp3 ${_nghttp3_pc_requires})
 endif()
 
-if(NGHTTP3_FOUND)
-  string(REPLACE ";" " " NGHTTP3_CFLAGS "${NGHTTP3_CFLAGS}")
-  message(STATUS "Found NGHTTP3 (via pkg-config): ${NGHTTP3_INCLUDE_DIRS} (found version \"${NGHTTP3_VERSION}\")")
+if(_nghttp3_FOUND)
+  set(NGHTTP3_FOUND TRUE)
+  set(NGHTTP3_VERSION ${_nghttp3_VERSION})
+  message(STATUS "Found NGHTTP3 (via pkg-config): ${_nghttp3_INCLUDE_DIRS} (found version \"${NGHTTP3_VERSION}\")")
 else()
   find_path(NGHTTP3_INCLUDE_DIR NAMES "nghttp3/nghttp3.h")
   find_library(NGHTTP3_LIBRARY NAMES "nghttp3")
@@ -74,9 +71,25 @@ else()
   )
 
   if(NGHTTP3_FOUND)
-    set(NGHTTP3_INCLUDE_DIRS ${NGHTTP3_INCLUDE_DIR})
-    set(NGHTTP3_LIBRARIES    ${NGHTTP3_LIBRARY})
+    set(_nghttp3_INCLUDE_DIRS ${NGHTTP3_INCLUDE_DIR})
+    set(_nghttp3_LIBRARIES    ${NGHTTP3_LIBRARY})
   endif()
 
   mark_as_advanced(NGHTTP3_INCLUDE_DIR NGHTTP3_LIBRARY)
 endif()
+
+if(NGHTTP3_FOUND)
+  if(CMAKE_VERSION VERSION_LESS 3.13)
+    link_directories(${_nghttp3_LIBRARY_DIRS})
+  endif()
+
+  if(NOT TARGET CURL::nghttp3)
+    add_library(CURL::nghttp3 INTERFACE IMPORTED)
+    set_target_properties(CURL::nghttp3 PROPERTIES
+      INTERFACE_LIBCURL_PC_MODULES "${_nghttp3_pc_requires}"
+      INTERFACE_COMPILE_OPTIONS "${_nghttp3_CFLAGS}"
+      INTERFACE_INCLUDE_DIRECTORIES "${_nghttp3_INCLUDE_DIRS}"
+      INTERFACE_LINK_DIRECTORIES "${_nghttp3_LIBRARY_DIRS}"
+      INTERFACE_LINK_LIBRARIES "${_nghttp3_LIBRARIES}")
+  endif()
+endif()
diff --git a/CMake/FindNGTCP2.cmake b/CMake/FindNGTCP2.cmake
index cda3b0e08c..416ea459f6 100644
--- a/CMake/FindNGTCP2.cmake
+++ b/CMake/FindNGTCP2.cmake
@@ -44,15 +44,11 @@
 # - `NGTCP2_CRYPTO_QUICTLS_LIBRARY`:    Absolute path to `ngtcp2_crypto_quictls` library.
 # - `NGTCP2_CRYPTO_WOLFSSL_LIBRARY`:    Absolute path to `ngtcp2_crypto_wolfssl` library.
 #
-# Result variables:
+# Defines:
 #
 # - `NGTCP2_FOUND`:                     System has ngtcp2.
-# - `NGTCP2_INCLUDE_DIRS`:              The ngtcp2 include directories.
-# - `NGTCP2_LIBRARIES`:                 The ngtcp2 library names.
-# - `NGTCP2_LIBRARY_DIRS`:              The ngtcp2 library directories.
-# - `NGTCP2_PC_REQUIRES`:               The ngtcp2 pkg-config packages.
-# - `NGTCP2_CFLAGS`:                    Required compiler flags.
 # - `NGTCP2_VERSION`:                   Version of ngtcp2.
+# - `CURL::ngtcp2`:                     ngtcp2 library target.
 
 if(NGTCP2_FIND_COMPONENTS)
   set(_ngtcp2_crypto_backend "")
@@ -71,9 +67,9 @@ if(NGTCP2_FIND_COMPONENTS)
   endif()
 endif()
 
-set(NGTCP2_PC_REQUIRES "libngtcp2")
+set(_ngtcp2_pc_requires "libngtcp2")
 if(_ngtcp2_crypto_backend)
-  list(APPEND NGTCP2_PC_REQUIRES "lib${_crypto_library_lower}")
+  list(APPEND _ngtcp2_pc_requires "lib${_crypto_library_lower}")
 endif()
 
 set(_tried_pkgconfig FALSE)
@@ -81,14 +77,14 @@ if(CURL_USE_PKGCONFIG AND
    NOT DEFINED NGTCP2_INCLUDE_DIR AND
    NOT DEFINED NGTCP2_LIBRARY)
   find_package(PkgConfig QUIET)
-  pkg_check_modules(NGTCP2 ${NGTCP2_PC_REQUIRES})
+  pkg_check_modules(_ngtcp2 ${_ngtcp2_pc_requires})
   set(_tried_pkgconfig TRUE)
 endif()
 
-if(NGTCP2_FOUND)
-  set(NGTCP2_VERSION ${NGTCP2_libngtcp2_VERSION})
-  string(REPLACE ";" " " NGTCP2_CFLAGS "${NGTCP2_CFLAGS}")
-  message(STATUS "Found NGTCP2 (via pkg-config): ${NGTCP2_INCLUDE_DIRS} (found version \"${NGTCP2_VERSION}\")")
+if(_ngtcp2_FOUND)
+  set(NGTCP2_FOUND TRUE)
+  set(NGTCP2_VERSION ${_ngtcp2_libngtcp2_VERSION})
+  message(STATUS "Found NGTCP2 (via pkg-config): ${_ngtcp2_INCLUDE_DIRS} (found version \"${NGTCP2_VERSION}\")")
 else()
   find_path(NGTCP2_INCLUDE_DIR NAMES "ngtcp2/ngtcp2.h")
   find_library(NGTCP2_LIBRARY NAMES "ngtcp2")
@@ -128,8 +124,8 @@ else()
   )
 
   if(NGTCP2_FOUND)
-    set(NGTCP2_INCLUDE_DIRS ${NGTCP2_INCLUDE_DIR})
-    set(NGTCP2_LIBRARIES    ${NGTCP2_LIBRARY} ${NGTCP2_CRYPTO_LIBRARY})
+    set(_ngtcp2_INCLUDE_DIRS ${NGTCP2_INCLUDE_DIR})
+    set(_ngtcp2_LIBRARIES    ${NGTCP2_LIBRARY} ${NGTCP2_CRYPTO_LIBRARY})
   endif()
 
   mark_as_advanced(NGTCP2_INCLUDE_DIR NGTCP2_LIBRARY NGTCP2_CRYPTO_LIBRARY)
@@ -139,3 +135,19 @@ else()
     unset(NGTCP2_LIBRARY CACHE)
   endif()
 endif()
+
+if(NGTCP2_FOUND)
+  if(CMAKE_VERSION VERSION_LESS 3.13)
+    link_directories(${_ngtcp2_LIBRARY_DIRS})
+  endif()
+
+  if(NOT TARGET CURL::ngtcp2)
+    add_library(CURL::ngtcp2 INTERFACE IMPORTED)
+    set_target_properties(CURL::ngtcp2 PROPERTIES
+      INTERFACE_LIBCURL_PC_MODULES "${_ngtcp2_pc_requires}"
+      INTERFACE_COMPILE_OPTIONS "${_ngtcp2_CFLAGS}"
+      INTERFACE_INCLUDE_DIRECTORIES "${_ngtcp2_INCLUDE_DIRS}"
+      INTERFACE_LINK_DIRECTORIES "${_ngtcp2_LIBRARY_DIRS}"
+      INTERFACE_LINK_LIBRARIES "${_ngtcp2_LIBRARIES}")
+  endif()
+endif()
diff --git a/CMake/FindNettle.cmake b/CMake/FindNettle.cmake
index 7f2f69c1ca..d22865ffad 100644
--- a/CMake/FindNettle.cmake
+++ b/CMake/FindNettle.cmake
@@ -25,32 +25,29 @@
 #
 # Input variables:
 #
-# - `NETTLE_INCLUDE_DIR`:   Absolute path to nettle include directory.
-# - `NETTLE_LIBRARY`:       Absolute path to `nettle` library.
+# - `NETTLE_INCLUDE_DIR`:  Absolute path to nettle include directory.
+# - `NETTLE_LIBRARY`:      Absolute path to `nettle` library.
 #
-# Result variables:
+# Defines:
 #
-# - `NETTLE_FOUND`:         System has nettle.
-# - `NETTLE_INCLUDE_DIRS`:  The nettle include directories.
-# - `NETTLE_LIBRARIES`:     The nettle library names.
-# - `NETTLE_LIBRARY_DIRS`:  The nettle library directories.
-# - `NETTLE_PC_REQUIRES`:   The nettle pkg-config packages.
-# - `NETTLE_CFLAGS`:        Required compiler flags.
-# - `NETTLE_VERSION`:       Version of nettle.
+# - `NETTLE_FOUND`:        System has nettle.
+# - `NETTLE_VERSION`:      Version of nettle.
+# - `CURL::nettle`:        nettle library target.
 
-set(NETTLE_PC_REQUIRES "nettle")
+set(_nettle_pc_requires "nettle")
 
 if(CURL_USE_PKGCONFIG AND
    NOT DEFINED NETTLE_INCLUDE_DIR AND
    NOT DEFINED NETTLE_LIBRARY)
   find_package(PkgConfig QUIET)
-  pkg_check_modules(NETTLE ${NETTLE_PC_REQUIRES})
+  pkg_check_modules(_nettle ${_nettle_pc_requires})
 endif()
 
-if(NETTLE_FOUND)
+if(_nettle_FOUND)
   set(Nettle_FOUND TRUE)
-  string(REPLACE ";" " " NETTLE_CFLAGS "${NETTLE_CFLAGS}")
-  message(STATUS "Found Nettle (via pkg-config): ${NETTLE_INCLUDE_DIRS} (found version \"${NETTLE_VERSION}\")")
+  set(NETTLE_FOUND TRUE)
+  set(NETTLE_VERSION ${_nettle_VERSION})
+  message(STATUS "Found Nettle (via pkg-config): ${_nettle_INCLUDE_DIRS} (found version \"${NETTLE_VERSION}\")")
 else()
   find_path(NETTLE_INCLUDE_DIR NAMES "nettle/sha2.h")
   find_library(NETTLE_LIBRARY NAMES "nettle")
@@ -80,9 +77,25 @@ else()
   )
 
   if(NETTLE_FOUND)
-    set(NETTLE_INCLUDE_DIRS ${NETTLE_INCLUDE_DIR})
-    set(NETTLE_LIBRARIES    ${NETTLE_LIBRARY})
+    set(_nettle_INCLUDE_DIRS ${NETTLE_INCLUDE_DIR})
+    set(_nettle_LIBRARIES    ${NETTLE_LIBRARY})
   endif()
 
   mark_as_advanced(NETTLE_INCLUDE_DIR NETTLE_LIBRARY)
 endif()
+
+if(NETTLE_FOUND)
+  if(CMAKE_VERSION VERSION_LESS 3.13)
+    link_directories(${_nettle_LIBRARY_DIRS})
+  endif()
+
+  if(NOT TARGET CURL::nettle)
+    add_library(CURL::nettle INTERFACE IMPORTED)
+    set_target_properties(CURL::nettle PROPERTIES
+      INTERFACE_LIBCURL_PC_MODULES "${_nettle_pc_requires}"
+      INTERFACE_COMPILE_OPTIONS "${_nettle_CFLAGS}"
+      INTERFACE_INCLUDE_DIRECTORIES "${_nettle_INCLUDE_DIRS}"
+      INTERFACE_LINK_DIRECTORIES "${_nettle_LIBRARY_DIRS}"
+      INTERFACE_LINK_LIBRARIES "${_nettle_LIBRARIES}")
+  endif()
+endif()
diff --git a/CMake/FindQuiche.cmake b/CMake/FindQuiche.cmake
index 934cf9f69f..22482d79fb 100644
--- a/CMake/FindQuiche.cmake
+++ b/CMake/FindQuiche.cmake
@@ -25,32 +25,29 @@
 #
 # Input variables:
 #
-# - `QUICHE_INCLUDE_DIR`:   Absolute path to quiche include directory.
-# - `QUICHE_LIBRARY`:       Absolute path to `quiche` library.
+# - `QUICHE_INCLUDE_DIR`:  Absolute path to quiche include directory.
+# - `QUICHE_LIBRARY`:      Absolute path to `quiche` library.
 #
-# Result variables:
+# Defines:
 #
-# - `QUICHE_FOUND`:         System has quiche.
-# - `QUICHE_INCLUDE_DIRS`:  The quiche include directories.
-# - `QUICHE_LIBRARIES`:     The quiche library names.
-# - `QUICHE_LIBRARY_DIRS`:  The quiche library directories.
-# - `QUICHE_PC_REQUIRES`:   The quiche pkg-config packages.
-# - `QUICHE_CFLAGS`:        Required compiler flags.
-# - `QUICHE_VERSION`:       Version of quiche.
+# - `QUICHE_FOUND`:        System has quiche.
+# - `QUICHE_VERSION`:      Version of quiche.
+# - `CURL::quiche`:        quiche library target.
 
-set(QUICHE_PC_REQUIRES "quiche")
+set(_quiche_pc_requires "quiche")
 
 if(CURL_USE_PKGCONFIG AND
    NOT DEFINED QUICHE_INCLUDE_DIR AND
    NOT DEFINED QUICHE_LIBRARY)
   find_package(PkgConfig QUIET)
-  pkg_check_modules(QUICHE ${QUICHE_PC_REQUIRES})
+  pkg_check_modules(_quiche ${_quiche_pc_requires})
 endif()
 
-if(QUICHE_FOUND)
+if(_quiche_FOUND)
   set(Quiche_FOUND TRUE)
-  string(REPLACE ";" " " QUICHE_CFLAGS "${QUICHE_CFLAGS}")
-  message(STATUS "Found Quiche (via pkg-config): ${QUICHE_INCLUDE_DIRS} (found version \"${QUICHE_VERSION}\")")
+  set(QUICHE_FOUND TRUE)
+  set(QUICHE_VERSION ${_quiche_VERSION})
+  message(STATUS "Found Quiche (via pkg-config): ${_quiche_INCLUDE_DIRS} (found version \"${QUICHE_VERSION}\")")
 else()
   find_path(QUICHE_INCLUDE_DIR NAMES "quiche.h")
   find_library(QUICHE_LIBRARY NAMES "quiche")
@@ -63,9 +60,25 @@ else()
   )
 
   if(QUICHE_FOUND)
-    set(QUICHE_INCLUDE_DIRS ${QUICHE_INCLUDE_DIR})
-    set(QUICHE_LIBRARIES    ${QUICHE_LIBRARY})
+    set(_quiche_INCLUDE_DIRS ${QUICHE_INCLUDE_DIR})
+    set(_quiche_LIBRARIES    ${QUICHE_LIBRARY})
   endif()
 
   mark_as_advanced(QUICHE_INCLUDE_DIR QUICHE_LIBRARY)
 endif()
+
+if(QUICHE_FOUND)
+  if(CMAKE_VERSION VERSION_LESS 3.13)
+    link_directories(${_quiche_LIBRARY_DIRS})
+  endif()
+
+  if(NOT TARGET CURL::quiche)
+    add_library(CURL::quiche INTERFACE IMPORTED)
+    set_target_properties(CURL::quiche PROPERTIES
+      INTERFACE_LIBCURL_PC_MODULES "${_quiche_pc_requires}"
+      INTERFACE_COMPILE_OPTIONS "${_quiche_CFLAGS}"
+      INTERFACE_INCLUDE_DIRECTORIES "${_quiche_INCLUDE_DIRS}"
+      INTERFACE_LINK_DIRECTORIES "${_quiche_LIBRARY_DIRS}"
+      INTERFACE_LINK_LIBRARIES "${_quiche_LIBRARIES}")
+  endif()
+endif()
diff --git a/CMake/FindRustls.cmake b/CMake/FindRustls.cmake
index a29ce5fa09..37b99be73e 100644
--- a/CMake/FindRustls.cmake
+++ b/CMake/FindRustls.cmake
@@ -25,34 +25,31 @@
 #
 # Input variables:
 #
-# - `RUSTLS_INCLUDE_DIR`:   Absolute path to Rustls include directory.
-# - `RUSTLS_LIBRARY`:       Absolute path to `rustls` library.
+# - `RUSTLS_INCLUDE_DIR`:  Absolute path to Rustls include directory.
+# - `RUSTLS_LIBRARY`:      Absolute path to `rustls` library.
 #
-# Result variables:
+# Defines:
 #
-# - `RUSTLS_FOUND`:         System has Rustls.
-# - `RUSTLS_INCLUDE_DIRS`:  The Rustls include directories.
-# - `RUSTLS_LIBRARIES`:     The Rustls library names.
-# - `RUSTLS_LIBRARY_DIRS`:  The Rustls library directories.
-# - `RUSTLS_PC_REQUIRES`:   The Rustls pkg-config packages.
-# - `RUSTLS_CFLAGS`:        Required compiler flags.
-# - `RUSTLS_VERSION`:       Version of Rustls.
+# - `RUSTLS_FOUND`:        System has Rustls.
+# - `RUSTLS_VERSION`:      Version of Rustls.
+# - `CURL::rustls`:        Rustls library target.
 
-set(RUSTLS_PC_REQUIRES "rustls")
+set(_rustls_pc_requires "rustls")
 
 if(CURL_USE_PKGCONFIG AND
    NOT DEFINED RUSTLS_INCLUDE_DIR AND
    NOT DEFINED RUSTLS_LIBRARY)
   find_package(PkgConfig QUIET)
-  pkg_check_modules(RUSTLS ${RUSTLS_PC_REQUIRES})
+  pkg_check_modules(_rustls ${_rustls_pc_requires})
 endif()
 
-if(RUSTLS_FOUND)
+if(_rustls_FOUND)
   set(Rustls_FOUND TRUE)
-  string(REPLACE ";" " " RUSTLS_CFLAGS "${RUSTLS_CFLAGS}")
-  message(STATUS "Found Rustls (via pkg-config): ${RUSTLS_INCLUDE_DIRS} (found version \"${RUSTLS_VERSION}\")")
+  set(RUSTLS_FOUND TRUE)
+  set(RUSTLS_VERSION ${_rustls_VERSION})
+  message(STATUS "Found Rustls (via pkg-config): ${_rustls_INCLUDE_DIRS} (found version \"${RUSTLS_VERSION}\")")
 else()
-  set(RUSTLS_PC_REQUIRES "")  # Depend on pkg-config only when found via pkg-config
+  set(_rustls_pc_requires "")  # Depend on pkg-config only when found via pkg-config
 
   find_path(RUSTLS_INCLUDE_DIR NAMES "rustls.h")
   find_library(RUSTLS_LIBRARY NAMES "rustls")
@@ -65,8 +62,8 @@ else()
   )
 
   if(RUSTLS_FOUND)
-    set(RUSTLS_INCLUDE_DIRS ${RUSTLS_INCLUDE_DIR})
-    set(RUSTLS_LIBRARIES    ${RUSTLS_LIBRARY})
+    set(_rustls_INCLUDE_DIRS ${RUSTLS_INCLUDE_DIR})
+    set(_rustls_LIBRARIES    ${RUSTLS_LIBRARY})
   endif()
 
   mark_as_advanced(RUSTLS_INCLUDE_DIR RUSTLS_LIBRARY)
@@ -79,31 +76,47 @@ if(RUSTLS_FOUND)
     if(NOT SECURITY_FRAMEWORK)
       message(FATAL_ERROR "Security framework not found")
     endif()
-    list(APPEND RUSTLS_LIBRARIES "-framework Security")
+    list(APPEND _rustls_LIBRARIES "-framework Security")
 
     find_library(FOUNDATION_FRAMEWORK NAMES "Foundation")
     mark_as_advanced(FOUNDATION_FRAMEWORK)
     if(NOT FOUNDATION_FRAMEWORK)
       message(FATAL_ERROR "Foundation framework not found")
     endif()
-    list(APPEND RUSTLS_LIBRARIES "-framework Foundation")
+    list(APPEND _rustls_LIBRARIES "-framework Foundation")
   elseif(NOT WIN32)
     find_library(PTHREAD_LIBRARY NAMES "pthread")
     if(PTHREAD_LIBRARY)
-      list(APPEND RUSTLS_LIBRARIES ${PTHREAD_LIBRARY})
+      list(APPEND _rustls_LIBRARIES ${PTHREAD_LIBRARY})
     endif()
     mark_as_advanced(PTHREAD_LIBRARY)
 
     find_library(DL_LIBRARY NAMES "dl")
     if(DL_LIBRARY)
-      list(APPEND RUSTLS_LIBRARIES ${DL_LIBRARY})
+      list(APPEND _rustls_LIBRARIES ${DL_LIBRARY})
     endif()
     mark_as_advanced(DL_LIBRARY)
 
     find_library(MATH_LIBRARY NAMES "m")
     if(MATH_LIBRARY)
-      list(APPEND RUSTLS_LIBRARIES ${MATH_LIBRARY})
+      list(APPEND _rustls_LIBRARIES ${MATH_LIBRARY})
     endif()
     mark_as_advanced(MATH_LIBRARY)
   endif()
 endif()
+
+if(RUSTLS_FOUND)
+  if(CMAKE_VERSION VERSION_LESS 3.13)
+    link_directories(${_rustls_LIBRARY_DIRS})
+  endif()
+
+  if(NOT TARGET CURL::rustls)
+    add_library(CURL::rustls INTERFACE IMPORTED)
+    set_target_properties(CURL::rustls PROPERTIES
+      INTERFACE_LIBCURL_PC_MODULES "${_rustls_pc_requires}"
+      INTERFACE_COMPILE_OPTIONS "${_rustls_CFLAGS}"
+      INTERFACE_INCLUDE_DIRECTORIES "${_rustls_INCLUDE_DIRS}"
+      INTERFACE_LINK_DIRECTORIES "${_rustls_LIBRARY_DIRS}"
+      INTERFACE_LINK_LIBRARIES "${_rustls_LIBRARIES}")
+  endif()
+endif()
diff --git a/CMake/FindWolfSSL.cmake b/CMake/FindWolfSSL.cmake
index 4d172c029a..3a3c05f0fd 100644
--- a/CMake/FindWolfSSL.cmake
+++ b/CMake/FindWolfSSL.cmake
@@ -25,18 +25,14 @@
 #
 # Input variables:
 #
-# - `WOLFSSL_INCLUDE_DIR`:   Absolute path to wolfSSL include directory.
-# - `WOLFSSL_LIBRARY`:       Absolute path to `wolfssl` library.
+# - `WOLFSSL_INCLUDE_DIR`:  Absolute path to wolfSSL include directory.
+# - `WOLFSSL_LIBRARY`:      Absolute path to `wolfssl` library.
 #
-# Result variables:
+# Defines:
 #
-# - `WOLFSSL_FOUND`:         System has wolfSSL.
-# - `WOLFSSL_INCLUDE_DIRS`:  The wolfSSL include directories.
-# - `WOLFSSL_LIBRARIES`:     The wolfSSL library names.
-# - `WOLFSSL_LIBRARY_DIRS`:  The wolfSSL library directories.
-# - `WOLFSSL_PC_REQUIRES`:   The wolfSSL pkg-config packages.
-# - `WOLFSSL_CFLAGS`:        Required compiler flags.
-# - `WOLFSSL_VERSION`:       Version of wolfSSL.
+# - `WOLFSSL_FOUND`:        System has wolfSSL.
+# - `WOLFSSL_VERSION`:      Version of wolfSSL.
+# - `CURL::wolfssl`:        wolfSSL library target.
 
 if(DEFINED WolfSSL_INCLUDE_DIR AND NOT DEFINED WOLFSSL_INCLUDE_DIR)
   message(WARNING "WolfSSL_INCLUDE_DIR is deprecated, use WOLFSSL_INCLUDE_DIR instead.")
@@ -47,19 +43,20 @@ if(DEFINED WolfSSL_LIBRARY AND NOT DEFINED WOLFSSL_LIBRARY)
   set(WOLFSSL_LIBRARY "${WolfSSL_LIBRARY}")
 endif()
 
-set(WOLFSSL_PC_REQUIRES "wolfssl")
+set(_wolfssl_pc_requires "wolfssl")
 
 if(CURL_USE_PKGCONFIG AND
    NOT DEFINED WOLFSSL_INCLUDE_DIR AND
    NOT DEFINED WOLFSSL_LIBRARY)
   find_package(PkgConfig QUIET)
-  pkg_check_modules(WOLFSSL ${WOLFSSL_PC_REQUIRES})
+  pkg_check_modules(_wolfssl ${_wolfssl_pc_requires})
 endif()
 
-if(WOLFSSL_FOUND)
+if(_wolfssl_FOUND)
   set(WolfSSL_FOUND TRUE)
-  string(REPLACE ";" " " WOLFSSL_CFLAGS "${WOLFSSL_CFLAGS}")
-  message(STATUS "Found WolfSSL (via pkg-config): ${WOLFSSL_INCLUDE_DIRS} (found version \"${WOLFSSL_VERSION}\")")
+  set(WOLFSSL_FOUND TRUE)
+  set(WOLFSSL_VERSION ${_wolfssl_VERSION})
+  message(STATUS "Found WolfSSL (via pkg-config): ${_wolfssl_INCLUDE_DIRS} (found version \"${WOLFSSL_VERSION}\")")
 else()
   find_path(WOLFSSL_INCLUDE_DIR NAMES "wolfssl/ssl.h")
   find_library(WOLFSSL_LIBRARY NAMES "wolfssl")
@@ -84,8 +81,8 @@ else()
   )
 
   if(WOLFSSL_FOUND)
-    set(WOLFSSL_INCLUDE_DIRS ${WOLFSSL_INCLUDE_DIR})
-    set(WOLFSSL_LIBRARIES    ${WOLFSSL_LIBRARY})
+    set(_wolfssl_INCLUDE_DIRS ${WOLFSSL_INCLUDE_DIR})
+    set(_wolfssl_LIBRARIES    ${WOLFSSL_LIBRARY})
   endif()
 
   mark_as_advanced(WOLFSSL_INCLUDE_DIR WOLFSSL_LIBRARY)
@@ -98,19 +95,35 @@ if(WOLFSSL_FOUND)
     if(NOT SECURITY_FRAMEWORK)
       message(FATAL_ERROR "Security framework not found")
     endif()
-    list(APPEND WOLFSSL_LIBRARIES "-framework Security")
+    list(APPEND _wolfssl_LIBRARIES "-framework Security")
 
     find_library(COREFOUNDATION_FRAMEWORK NAMES "CoreFoundation")
     mark_as_advanced(COREFOUNDATION_FRAMEWORK)
     if(NOT COREFOUNDATION_FRAMEWORK)
       message(FATAL_ERROR "CoreFoundation framework not found")
     endif()
-    list(APPEND WOLFSSL_LIBRARIES "-framework CoreFoundation")
-  elseif(NOT WIN32)
+    list(APPEND _wolfssl_LIBRARIES "-framework CoreFoundation")
+  elseif(WIN32)
+    list(APPEND _wolfssl_LIBRARIES "crypt32")
+  else()
     find_library(MATH_LIBRARY NAMES "m")
     if(MATH_LIBRARY)
-      list(APPEND WOLFSSL_LIBRARIES ${MATH_LIBRARY})  # for log and pow
+      list(APPEND _wolfssl_LIBRARIES ${MATH_LIBRARY})  # for log and pow
     endif()
     mark_as_advanced(MATH_LIBRARY)
   endif()
+
+  if(CMAKE_VERSION VERSION_LESS 3.13)
+    link_directories(${_wolfssl_LIBRARY_DIRS})
+  endif()
+
+  if(NOT TARGET CURL::wolfssl)
+    add_library(CURL::wolfssl INTERFACE IMPORTED)
+    set_target_properties(CURL::wolfssl PROPERTIES
+      INTERFACE_LIBCURL_PC_MODULES "${_wolfssl_pc_requires}"
+      INTERFACE_COMPILE_OPTIONS "${_wolfssl_CFLAGS}"
+      INTERFACE_INCLUDE_DIRECTORIES "${_wolfssl_INCLUDE_DIRS}"
+      INTERFACE_LINK_DIRECTORIES "${_wolfssl_LIBRARY_DIRS}"
+      INTERFACE_LINK_LIBRARIES "${_wolfssl_LIBRARIES}")
+  endif()
 endif()
diff --git a/CMake/FindZstd.cmake b/CMake/FindZstd.cmake
index 655f0cc700..954a827b6f 100644
--- a/CMake/FindZstd.cmake
+++ b/CMake/FindZstd.cmake
@@ -25,18 +25,14 @@
 #
 # Input variables:
 #
-# - `ZSTD_INCLUDE_DIR`:   Absolute path to zstd include directory.
-# - `ZSTD_LIBRARY`:       Absolute path to `zstd` library.
+# - `ZSTD_INCLUDE_DIR`:  Absolute path to zstd include directory.
+# - `ZSTD_LIBRARY`:      Absolute path to `zstd` library.
 #
-# Result variables:
+# Defines:
 #
-# - `ZSTD_FOUND`:         System has zstd.
-# - `ZSTD_INCLUDE_DIRS`:  The zstd include directories.
-# - `ZSTD_LIBRARIES`:     The zstd library names.
-# - `ZSTD_LIBRARY_DIRS`:  The zstd library directories.
-# - `ZSTD_PC_REQUIRES`:   The zstd pkg-config packages.
-# - `ZSTD_CFLAGS`:        Required compiler flags.
-# - `ZSTD_VERSION`:       Version of zstd.
+# - `ZSTD_FOUND`:        System has zstd.
+# - `ZSTD_VERSION`:      Version of zstd.
+# - `CURL::zstd`:        zstd library target.
 
 if(DEFINED Zstd_INCLUDE_DIR AND NOT DEFINED ZSTD_INCLUDE_DIR)
   message(WARNING "Zstd_INCLUDE_DIR is deprecated, use ZSTD_INCLUDE_DIR instead.")
@@ -47,19 +43,20 @@ if(DEFINED Zstd_LIBRARY AND NOT DEFINED ZSTD_LIBRARY)
   set(ZSTD_LIBRARY "${Zstd_LIBRARY}")
 endif()
 
-set(ZSTD_PC_REQUIRES "libzstd")
+set(_zstd_pc_requires "libzstd")
 
 if(CURL_USE_PKGCONFIG AND
    NOT DEFINED ZSTD_INCLUDE_DIR AND
    NOT DEFINED ZSTD_LIBRARY)
   find_package(PkgConfig QUIET)
-  pkg_check_modules(ZSTD ${ZSTD_PC_REQUIRES})
+  pkg_check_modules(_zstd ${_zstd_pc_requires})
 endif()
 
-if(ZSTD_FOUND)
+if(_zstd_FOUND)
   set(Zstd_FOUND TRUE)
-  string(REPLACE ";" " " ZSTD_CFLAGS "${ZSTD_CFLAGS}")
-  message(STATUS "Found Zstd (via pkg-config): ${ZSTD_INCLUDE_DIRS} (found version \"${ZSTD_VERSION}\")")
+  set(ZSTD_FOUND TRUE)
+  set(ZSTD_VERSION ${_zstd_VERSION})
+  message(STATUS "Found Zstd (via pkg-config): ${_zstd_INCLUDE_DIRS} (found version \"${ZSTD_VERSION}\")")
 else()
   find_path(ZSTD_INCLUDE_DIR NAMES "zstd.h")
   find_library(ZSTD_LIBRARY NAMES "zstd")
@@ -94,9 +91,25 @@ else()
   )
 
   if(ZSTD_FOUND)
-    set(ZSTD_INCLUDE_DIRS ${ZSTD_INCLUDE_DIR})
-    set(ZSTD_LIBRARIES    ${ZSTD_LIBRARY})
+    set(_zstd_INCLUDE_DIRS ${ZSTD_INCLUDE_DIR})
+    set(_zstd_LIBRARIES    ${ZSTD_LIBRARY})
   endif()
 
   mark_as_advanced(ZSTD_INCLUDE_DIR ZSTD_LIBRARY)
 endif()
+
+if(ZSTD_FOUND)
+  if(CMAKE_VERSION VERSION_LESS 3.13)
+    link_directories(${_zstd_LIBRARY_DIRS})
+  endif()
+
+  if(NOT TARGET CURL::zstd)
+    add_library(CURL::zstd INTERFACE IMPORTED)
+    set_target_properties(CURL::zstd PROPERTIES
+      INTERFACE_LIBCURL_PC_MODULES "${_zstd_pc_requires}"
+      INTERFACE_COMPILE_OPTIONS "${_zstd_CFLAGS}"
+      INTERFACE_INCLUDE_DIRECTORIES "${_zstd_INCLUDE_DIRS}"
+      INTERFACE_LINK_DIRECTORIES "${_zstd_LIBRARY_DIRS}"
+      INTERFACE_LINK_LIBRARIES "${_zstd_LIBRARIES}")
+  endif()
+endif()
diff --git a/CMake/Utilities.cmake b/CMake/Utilities.cmake
index 335713c84c..efa28b7515 100644
--- a/CMake/Utilities.cmake
+++ b/CMake/Utilities.cmake
@@ -59,6 +59,7 @@ function(curl_dumptargetprops _target)
     string(REPLACE "\n" ";" _cmake_property_list "${_cmake_property_list}")
     list(REMOVE_DUPLICATES _cmake_property_list)
     list(REMOVE_ITEM _cmake_property_list "")
+    list(APPEND _cmake_property_list "INTERFACE_LIBCURL_PC_MODULES")
     foreach(_prop IN LISTS _cmake_property_list)
       if(_prop MATCHES "")
         foreach(_config IN ITEMS "DEBUG" "RELEASE" "MINSIZEREL" "RELWITHDEBINFO")
diff --git a/CMake/curl-config.cmake.in b/CMake/curl-config.cmake.in
index d1582b8d41..99949198a3 100644
--- a/CMake/curl-config.cmake.in
+++ b/CMake/curl-config.cmake.in
@@ -23,7 +23,12 @@
 ###########################################################################
 @PACKAGE_INIT@
 
+option(CURL_USE_PKGCONFIG "Enable pkg-config to detect @PROJECT_NAME@ dependencies. Default: @CURL_USE_PKGCONFIG@" "@CURL_USE_PKGCONFIG@")
+
 include(CMakeFindDependencyMacro)
+set(CMAKE_MODULE_PATH ${CMAKE_CURRENT_LIST_DIR} ${CMAKE_MODULE_PATH})
+
+set(_libs "")
 if("@USE_OPENSSL@")
   if("@OPENSSL_VERSION_MAJOR@")
     find_dependency(OpenSSL "@OPENSSL_VERSION_MAJOR@")
@@ -34,6 +39,97 @@ endif()
 if("@HAVE_LIBZ@")
   find_dependency(ZLIB "@ZLIB_VERSION_MAJOR@")
 endif()
+if("@HAVE_BROTLI@")
+  find_dependency(Brotli)
+  list(APPEND _libs CURL::brotli)
+endif()
+if("@USE_ARES@")
+  find_dependency(Cares)
+  list(APPEND _libs CURL::cares)
+endif()
+if("@HAVE_GSSAPI@")
+  find_dependency(GSS)
+  list(APPEND _libs CURL::gss)
+endif()
+if("@USE_BACKTRACE@")
+  find_dependency(Libbacktrace)
+  list(APPEND _libs CURL::libbacktrace)
+endif()
+if("@USE_GSASL@")
+  find_dependency(Libgsasl)
+  list(APPEND _libs CURL::libgsasl)
+endif()
+if(NOT "@USE_WIN32_LDAP@" AND NOT "@CURL_DISABLE_LDAP@")
+  find_dependency(LDAP)
+  list(APPEND _libs CURL::ldap)
+endif()
+if("@HAVE_LIBIDN2@")
+  find_dependency(Libidn2)
+  list(APPEND _libs CURL::libidn2)
+endif()
+if("@USE_LIBPSL@")
+  find_dependency(Libpsl)
+  list(APPEND _libs CURL::libpsl)
+endif()
+if("@USE_LIBRTMP@")
+  find_dependency(Librtmp)
+  list(APPEND _libs CURL::librtmp)
+endif()
+if("@USE_LIBSSH@")
+  find_dependency(Libssh)
+  list(APPEND _libs CURL::libssh)
+endif()
+if("@USE_LIBSSH2@")
+  find_dependency(Libssh2)
+  list(APPEND _libs CURL::libssh2)
+endif()
+if("@USE_LIBUV@")
+  find_dependency(Libuv)
+  list(APPEND _libs CURL::libuv)
+endif()
+if("@USE_MBEDTLS@")
+  find_dependency(MbedTLS)
+  list(APPEND _libs CURL::mbedtls)
+endif()
+if("@USE_NGHTTP2@")
+  find_dependency(NGHTTP2)
+  list(APPEND _libs CURL::nghttp2)
+endif()
+if("@USE_NGHTTP3@")
+  find_dependency(NGHTTP3)
+  list(APPEND _libs CURL::nghttp3)
+endif()
+if("@USE_NGTCP2@")
+  find_dependency(NGTCP2)
+  list(APPEND _libs CURL::ngtcp2)
+endif()
+if("@USE_GNUTLS@")
+  find_dependency(GnuTLS)
+  list(APPEND _libs CURL::gnutls)
+  find_dependency(Nettle)
+  list(APPEND _libs CURL::nettle)
+endif()
+if("@USE_QUICHE@")
+  find_dependency(Quiche)
+  list(APPEND _libs CURL::quiche)
+endif()
+if("@USE_RUSTLS@")
+  find_dependency(Rustls)
+  list(APPEND _libs CURL::rustls)
+endif()
+if("@USE_WOLFSSL@")
+  find_dependency(WolfSSL)
+  list(APPEND _libs CURL::wolfssl)
+endif()
+if("@HAVE_ZSTD@")
+  find_dependency(Zstd)
+  list(APPEND _libs CURL::zstd)
+endif()
+
+if(CMAKE_C_COMPILER_ID STREQUAL "GNU" AND WIN32 AND NOT TARGET CURL::win32_winsock)
+  add_library(CURL::win32_winsock INTERFACE IMPORTED)
+  set_target_properties(CURL::win32_winsock PROPERTIES INTERFACE_LINK_LIBRARIES "@_win32_winsock@")
+endif()
 
 include("${CMAKE_CURRENT_LIST_DIR}/@TARGETS_EXPORT_NAME@.cmake")
 
@@ -45,9 +141,31 @@ if(NOT TARGET @PROJECT_NAME@::@LIB_NAME@)
   add_library(@PROJECT_NAME@::@LIB_NAME@ ALIAS @PROJECT_NAME@::@LIB_SELECTED@)
 endif()
 
+if(TARGET @PROJECT_NAME@::@LIB_STATIC@)
+  # CMake before CMP0099 (CMake 3.17 2020-03-20) did not propagate libdirs to
+  # targets. It expected libs to have an absolute filename. As a workaround,
+  # manually apply dependency libdirs, for CMake consumers without this policy.
+  if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.17)
+    cmake_policy(GET CMP0099 _has_CMP0099)  # https://cmake.org/cmake/help/latest/policy/CMP0099.html
+  endif()
+  if(NOT _has_CMP0099 AND CMAKE_VERSION VERSION_GREATER_EQUAL 3.13 AND _libs)
+    set(_libdirs "")
+    foreach(_lib IN LISTS _libs)
+      get_target_property(_libdir "${_lib}" INTERFACE_LINK_DIRECTORIES)
+      if(_libdir)
+        list(APPEND _libdirs "${_libdir}")
+      endif()
+    endforeach()
+    if(_libdirs)
+      target_link_directories(@PROJECT_NAME@::@LIB_STATIC@ INTERFACE ${_libdirs})
+    endif()
+  endif()
+endif()
+
 # For compatibility with CMake's FindCURL.cmake
 set(CURL_VERSION_STRING "@CURLVERSION@")
 set(CURL_LIBRARIES @PROJECT_NAME@::@LIB_NAME@)
+set(CURL_LIBRARIES_PRIVATE "@LIBCURL_PC_LIBS_PRIVATE_LIST@")
 set_and_check(CURL_INCLUDE_DIRS "@PACKAGE_CMAKE_INSTALL_INCLUDEDIR@")
 
 set(CURL_SUPPORTED_PROTOCOLS "@CURL_SUPPORTED_PROTOCOLS_LIST@")
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 5d6e7ca3e6..2af1679c99 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -358,23 +358,14 @@ else()
 endif()
 option(CURL_USE_PKGCONFIG "Enable pkg-config to detect dependencies" ${_curl_use_pkgconfig_default})
 
-# Initialize variables collecting dependency libs, paths, pkg-config names.
+# Initialize variables collecting system and dependency libs.
 set(CURL_NETWORK_AND_TIME_LIBS "")
 set(CURL_LIBS "")
-set(CURL_LIBDIRS "")
-set(LIBCURL_PC_REQUIRES_PRIVATE "")
 
 if(ENABLE_ARES)
   set(USE_ARES 1)
   find_package(Cares REQUIRED)
-  list(APPEND CURL_LIBS ${CARES_LIBRARIES})
-  list(APPEND CURL_LIBDIRS ${CARES_LIBRARY_DIRS})
-  list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${CARES_PC_REQUIRES})
-  include_directories(SYSTEM ${CARES_INCLUDE_DIRS})
-  link_directories(${CARES_LIBRARY_DIRS})
-  if(CARES_CFLAGS)
-    string(APPEND CMAKE_C_FLAGS " ${CARES_CFLAGS}")
-  endif()
+  list(APPEND CURL_LIBS CURL::cares)
 endif()
 
 include(CurlSymbolHiding)
@@ -762,7 +753,7 @@ if(CURL_USE_OPENSSL)
   # Depend on OpenSSL via imported targets. This allows our dependents to
   # get our dependencies transitively.
   list(APPEND CURL_LIBS OpenSSL::SSL OpenSSL::Crypto)
-  list(APPEND LIBCURL_PC_REQUIRES_PRIVATE "openssl")
+  set_target_properties(OpenSSL::SSL PROPERTIES INTERFACE_LIBCURL_PC_MODULES "openssl")
 
   if(CURL_DEFAULT_SSL_BACKEND AND CURL_DEFAULT_SSL_BACKEND STREQUAL "openssl")
     set(_valid_default_ssl_backend TRUE)
@@ -809,14 +800,7 @@ if(CURL_USE_MBEDTLS)
   endif()
   set(_ssl_enabled ON)
   set(USE_MBEDTLS ON)
-  list(APPEND CURL_LIBS ${MBEDTLS_LIBRARIES})
-  list(APPEND CURL_LIBDIRS ${MBEDTLS_LIBRARY_DIRS})
-  list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${MBEDTLS_PC_REQUIRES})
-  include_directories(SYSTEM ${MBEDTLS_INCLUDE_DIRS})
-  link_directories(${MBEDTLS_LIBRARY_DIRS})
-  if(MBEDTLS_CFLAGS)
-    string(APPEND CMAKE_C_FLAGS " ${MBEDTLS_CFLAGS}")
-  endif()
+  list(APPEND CURL_LIBS CURL::mbedtls)
 
   if(CURL_DEFAULT_SSL_BACKEND AND CURL_DEFAULT_SSL_BACKEND STREQUAL "mbedtls")
     set(_valid_default_ssl_backend TRUE)
@@ -828,9 +812,7 @@ if(CURL_USE_MBEDTLS)
   endif()
   if(NOT DEFINED HAVE_MBEDTLS_DES_CRYPT_ECB)
     cmake_push_check_state()
-    list(APPEND CMAKE_REQUIRED_INCLUDES "${MBEDTLS_INCLUDE_DIRS}")
-    list(APPEND CMAKE_REQUIRED_LIBRARIES "${MBEDTLS_LIBRARIES}")
-    curl_required_libpaths("${MBEDTLS_LIBRARY_DIRS}")
+    list(APPEND CMAKE_REQUIRED_LIBRARIES CURL::mbedtls)
     check_function_exists("mbedtls_des_crypt_ecb" HAVE_MBEDTLS_DES_CRYPT_ECB)  # in mbedTLS <4
     cmake_pop_check_state()
   endif()
@@ -840,14 +822,7 @@ if(CURL_USE_WOLFSSL)
   find_package(WolfSSL REQUIRED)
   set(_ssl_enabled ON)
   set(USE_WOLFSSL ON)
-  list(APPEND CURL_LIBS ${WOLFSSL_LIBRARIES})
-  list(APPEND CURL_LIBDIRS ${WOLFSSL_LIBRARY_DIRS})
-  list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${WOLFSSL_PC_REQUIRES})
-  include_directories(SYSTEM ${WOLFSSL_INCLUDE_DIRS})
-  link_directories(${WOLFSSL_LIBRARY_DIRS})
-  if(WOLFSSL_CFLAGS)
-    string(APPEND CMAKE_C_FLAGS " ${WOLFSSL_CFLAGS}")
-  endif()
+  list(APPEND CURL_LIBS CURL::wolfssl)
 
   if(CURL_DEFAULT_SSL_BACKEND AND CURL_DEFAULT_SSL_BACKEND STREQUAL "wolfssl")
     set(_valid_default_ssl_backend TRUE)
@@ -857,26 +832,11 @@ endif()
 
 if(CURL_USE_GNUTLS)
   find_package(GnuTLS REQUIRED)
-  list(APPEND CURL_LIBS ${GNUTLS_LIBRARIES})
-  list(APPEND CURL_LIBDIRS ${GNUTLS_LIBRARY_DIRS})
-  list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${GNUTLS_PC_REQUIRES})
-  include_directories(SYSTEM ${GNUTLS_INCLUDE_DIRS})
-  link_directories(${GNUTLS_LIBRARY_DIRS})
-  if(GNUTLS_CFLAGS)
-    string(APPEND CMAKE_C_FLAGS " ${GNUTLS_CFLAGS}")
-  endif()
-
+  list(APPEND CURL_LIBS CURL::gnutls)
   find_package(Nettle REQUIRED)
+  list(APPEND CURL_LIBS CURL::nettle)
   set(_ssl_enabled ON)
   set(USE_GNUTLS ON)
-  list(APPEND CURL_LIBS ${NETTLE_LIBRARIES})
-  list(APPEND CURL_LIBDIRS ${NETTLE_LIBRARY_DIRS})
-  list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${NETTLE_PC_REQUIRES})
-  include_directories(SYSTEM ${NETTLE_INCLUDE_DIRS})
-  link_directories(${NETTLE_LIBRARY_DIRS})
-  if(NETTLE_CFLAGS)
-    string(APPEND CMAKE_C_FLAGS " ${NETTLE_CFLAGS}")
-  endif()
 
   if(CURL_DEFAULT_SSL_BACKEND AND CURL_DEFAULT_SSL_BACKEND STREQUAL "gnutls")
     set(_valid_default_ssl_backend TRUE)
@@ -885,9 +845,7 @@ if(CURL_USE_GNUTLS)
 
   if(NOT DEFINED HAVE_GNUTLS_SRP AND NOT CURL_DISABLE_SRP)
     cmake_push_check_state()
-    list(APPEND CMAKE_REQUIRED_INCLUDES "${GNUTLS_INCLUDE_DIRS}")
-    list(APPEND CMAKE_REQUIRED_LIBRARIES "${GNUTLS_LIBRARIES}")
-    curl_required_libpaths("${GNUTLS_LIBRARY_DIRS}")
+    list(APPEND CMAKE_REQUIRED_LIBRARIES CURL::gnutls)
     # In GnuTLS 3.8.0 (2023-02-10) and upper, this check always succeeds.
     # Detecting actual TLS-SRP support needs poking the API at runtime.
     check_symbol_exists("gnutls_srp_verifier" "gnutls/gnutls.h" HAVE_GNUTLS_SRP)
@@ -899,23 +857,14 @@ if(CURL_USE_RUSTLS)
   find_package(Rustls REQUIRED)
   set(_ssl_enabled ON)
   set(USE_RUSTLS ON)
-  list(APPEND CURL_LIBS ${RUSTLS_LIBRARIES})
-  list(APPEND CURL_LIBDIRS ${RUSTLS_LIBRARY_DIRS})
-  list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${RUSTLS_PC_REQUIRES})
-  include_directories(SYSTEM ${RUSTLS_INCLUDE_DIRS})
-  link_directories(${RUSTLS_LIBRARY_DIRS})
-  if(RUSTLS_CFLAGS)
-    string(APPEND CMAKE_C_FLAGS " ${RUSTLS_CFLAGS}")
-  endif()
+  list(APPEND CURL_LIBS CURL::rustls)
 
   if(NOT DEFINED HAVE_RUSTLS_SUPPORTED_HPKE)
     if(RUSTLS_VERSION AND RUSTLS_VERSION VERSION_GREATER_EQUAL 0.15)
       set(HAVE_RUSTLS_SUPPORTED_HPKE TRUE)
     elseif(NOT RUSTLS_VERSION)
       cmake_push_check_state()
-      list(APPEND CMAKE_REQUIRED_INCLUDES "${RUSTLS_INCLUDE_DIRS}")
-      list(APPEND CMAKE_REQUIRED_LIBRARIES "${RUSTLS_LIBRARIES}")
-      curl_required_libpaths("${RUSTLS_LIBRARY_DIRS}")
+      list(APPEND CMAKE_REQUIRED_LIBRARIES CURL::rustls)
       check_symbol_exists("rustls_supported_hpke" "rustls.h" HAVE_RUSTLS_SUPPORTED_HPKE)
       cmake_pop_check_state()
     endif()
@@ -944,21 +893,14 @@ if(ZLIB_FOUND)
   # Depend on ZLIB via imported targets. This allows our dependents to
   # get our dependencies transitively.
   list(APPEND CURL_LIBS ZLIB::ZLIB)
-  list(APPEND LIBCURL_PC_REQUIRES_PRIVATE "zlib")
+  set_target_properties(ZLIB::ZLIB PROPERTIES INTERFACE_LIBCURL_PC_MODULES "zlib")
 endif()
 
 set(HAVE_BROTLI OFF)
 curl_dependency_option(CURL_BROTLI Brotli "brotli")
 if(BROTLI_FOUND)
   set(HAVE_BROTLI ON)
-  list(APPEND CURL_LIBS ${BROTLI_LIBRARIES})
-  list(APPEND CURL_LIBDIRS ${BROTLI_LIBRARY_DIRS})
-  list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${BROTLI_PC_REQUIRES})
-  include_directories(SYSTEM ${BROTLI_INCLUDE_DIRS})
-  link_directories(${BROTLI_LIBRARY_DIRS})
-  if(BROTLI_CFLAGS)
-    string(APPEND CMAKE_C_FLAGS " ${BROTLI_CFLAGS}")
-  endif()
+  list(APPEND CURL_LIBS CURL::brotli)
 endif()
 
 set(HAVE_ZSTD OFF)
@@ -966,14 +908,7 @@ curl_dependency_option(CURL_ZSTD Zstd "zstd")
 if(ZSTD_FOUND)
   if(ZSTD_VERSION VERSION_GREATER_EQUAL 1.0.0)
     set(HAVE_ZSTD ON)
-    list(APPEND CURL_LIBS ${ZSTD_LIBRARIES})
-    list(APPEND CURL_LIBDIRS ${ZSTD_LIBRARY_DIRS})
-    list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${ZSTD_PC_REQUIRES})
-    include_directories(SYSTEM ${ZSTD_INCLUDE_DIRS})
-    link_directories(${ZSTD_LIBRARY_DIRS})
-    if(ZSTD_CFLAGS)
-      string(APPEND CMAKE_C_FLAGS " ${ZSTD_CFLAGS}")
-    endif()
+    list(APPEND CURL_LIBS CURL::zstd)
   else()
     message(WARNING "zstd v1.0.0 or newer is required, disabling zstd support.")
   endif()
@@ -993,9 +928,7 @@ macro(curl_openssl_check_exists)
     endif()
   endif()
   if(USE_WOLFSSL)
-    list(APPEND CMAKE_REQUIRED_INCLUDES "${WOLFSSL_INCLUDE_DIRS}")
-    list(APPEND CMAKE_REQUIRED_LIBRARIES "${WOLFSSL_LIBRARIES}")
-    curl_required_libpaths("${WOLFSSL_LIBRARY_DIRS}")
+    list(APPEND CMAKE_REQUIRED_LIBRARIES CURL::wolfssl)
     if(HAVE_LIBZ)
       list(APPEND CMAKE_REQUIRED_LIBRARIES ZLIB::ZLIB)  # Public wolfSSL headers also require zlib headers
     endif()
@@ -1097,14 +1030,7 @@ option(USE_NGHTTP2 "Use nghttp2 library" ON)
 if(USE_NGHTTP2)
   find_package(NGHTTP2)
   if(NGHTTP2_FOUND)
-    list(APPEND CURL_LIBS ${NGHTTP2_LIBRARIES})
-    list(APPEND CURL_LIBDIRS ${NGHTTP2_LIBRARY_DIRS})
-    list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${NGHTTP2_PC_REQUIRES})
-    include_directories(SYSTEM ${NGHTTP2_INCLUDE_DIRS})
-    link_directories(${NGHTTP2_LIBRARY_DIRS})
-    if(NGHTTP2_CFLAGS)
-      string(APPEND CMAKE_C_FLAGS " ${NGHTTP2_CFLAGS}")
-    endif()
+    list(APPEND CURL_LIBS CURL::nghttp2)
   else()
     set(USE_NGHTTP2 OFF)
   endif()
@@ -1140,25 +1066,11 @@ if(USE_NGTCP2)
   else()
     message(FATAL_ERROR "ngtcp2 requires a supported TLS-backend")
   endif()
-  list(APPEND CURL_LIBS ${NGTCP2_LIBRARIES})
-  list(APPEND CURL_LIBDIRS ${NGTCP2_LIBRARY_DIRS})
-  list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${NGTCP2_PC_REQUIRES})
-  include_directories(SYSTEM ${NGTCP2_INCLUDE_DIRS})
-  link_directories(${NGTCP2_LIBRARY_DIRS})
-  if(NGTCP2_CFLAGS)
-    string(APPEND CMAKE_C_FLAGS " ${NGTCP2_CFLAGS}")
-  endif()
+  list(APPEND CURL_LIBS CURL::ngtcp2)
 
   find_package(NGHTTP3 REQUIRED)
   set(USE_NGHTTP3 ON)
-  list(APPEND CURL_LIBS ${NGHTTP3_LIBRARIES})
-  list(APPEND CURL_LIBDIRS ${NGHTTP3_LIBRARY_DIRS})
-  list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${NGHTTP3_PC_REQUIRES})
-  include_directories(SYSTEM ${NGHTTP3_INCLUDE_DIRS})
-  link_directories(${NGHTTP3_LIBRARY_DIRS})
-  if(NGHTTP3_CFLAGS)
-    string(APPEND CMAKE_C_FLAGS " ${NGHTTP3_CFLAGS}")
-  endif()
+  list(APPEND CURL_LIBS CURL::nghttp3)
 endif()
 
 option(USE_QUICHE "Use quiche library for HTTP/3 support" OFF)
@@ -1173,18 +1085,10 @@ if(USE_QUICHE)
     message(FATAL_ERROR "quiche requires BoringSSL")
   endif()
   curl_openssl_check_quic()
-  list(APPEND CURL_LIBS ${QUICHE_LIBRARIES})
-  list(APPEND CURL_LIBDIRS ${QUICHE_LIBRARY_DIRS})
-  list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${QUICHE_PC_REQUIRES})
-  include_directories(SYSTEM ${QUICHE_INCLUDE_DIRS})
-  link_directories(${QUICHE_LIBRARY_DIRS})
-  if(QUICHE_CFLAGS)
-    string(APPEND CMAKE_C_FLAGS " ${QUICHE_CFLAGS}")
-  endif()
+  list(APPEND CURL_LIBS CURL::quiche)
   if(NOT DEFINED HAVE_QUICHE_CONN_SET_QLOG_FD)
     cmake_push_check_state()
-    list(APPEND CMAKE_REQUIRED_INCLUDES "${QUICHE_INCLUDE_DIRS}")
-    list(APPEND CMAKE_REQUIRED_LIBRARIES "${QUICHE_LIBRARIES}")
+    list(APPEND CMAKE_REQUIRED_LIBRARIES CURL::quiche)
     check_symbol_exists("quiche_conn_set_qlog_fd" "quiche.h" HAVE_QUICHE_CONN_SET_QLOG_FD)
     cmake_pop_check_state()
   endif()
@@ -1200,14 +1104,7 @@ if(USE_OPENSSL_QUIC)
 
   find_package(NGHTTP3 REQUIRED)
   set(USE_NGHTTP3 ON)
-  list(APPEND CURL_LIBS ${NGHTTP3_LIBRARIES})
-  list(APPEND CURL_LIBDIRS ${NGHTTP3_LIBRARY_DIRS})
-  list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${NGHTTP3_PC_REQUIRES})
-  include_directories(SYSTEM ${NGHTTP3_INCLUDE_DIRS})
-  link_directories(${NGHTTP3_LIBRARY_DIRS})
-  if(NGHTTP3_CFLAGS)
-    string(APPEND CMAKE_C_FLAGS " ${NGHTTP3_CFLAGS}")
-  endif()
+  list(APPEND CURL_LIBS CURL::nghttp3)
 endif()
 
 if(NOT CURL_DISABLE_SRP AND (HAVE_GNUTLS_SRP OR HAVE_OPENSSL_SRP))
@@ -1235,22 +1132,12 @@ if(NOT CURL_DISABLE_LDAP)
     find_package(LDAP)
     if(LDAP_FOUND)
       set(HAVE_LBER_H 1)
-      set(CURL_LIBS ${LDAP_LIBRARIES} ${CURL_LIBS})
-      list(APPEND CURL_LIBDIRS ${LDAP_LIBRARY_DIRS})
-      if(LDAP_PC_REQUIRES)
-        set(LIBCURL_PC_REQUIRES_PRIVATE ${LDAP_PC_REQUIRES} ${LIBCURL_PC_REQUIRES_PRIVATE})
-      endif()
-      include_directories(SYSTEM ${LDAP_INCLUDE_DIRS})
-      link_directories(${LDAP_LIBRARY_DIRS})
-      if(LDAP_CFLAGS)
-        string(APPEND CMAKE_C_FLAGS " ${LDAP_CFLAGS}")
-      endif()
+      set(CURL_LIBS CURL::ldap ${CURL_LIBS})
 
       # LDAP feature checks
 
       list(APPEND CMAKE_REQUIRED_DEFINITIONS "-DLDAP_DEPRECATED=1")
-      list(APPEND CMAKE_REQUIRED_LIBRARIES "${LDAP_LIBRARIES}")
-      curl_required_libpaths("${LDAP_LIBRARY_DIRS}")
+      list(APPEND CMAKE_REQUIRED_LIBRARIES CURL::ldap)
 
       check_function_exists("ldap_url_parse" HAVE_LDAP_URL_PARSE)
       check_function_exists("ldap_init_fd" HAVE_LDAP_INIT_FD)
@@ -1312,14 +1199,7 @@ set(HAVE_LIBIDN2 OFF)
 if(USE_LIBIDN2 AND NOT USE_APPLE_IDN AND NOT USE_WIN32_IDN)
   find_package(Libidn2)
   if(LIBIDN2_FOUND)
-    set(CURL_LIBS ${LIBIDN2_LIBRARIES} ${CURL_LIBS})
-    list(APPEND CURL_LIBDIRS ${LIBIDN2_LIBRARY_DIRS})
-    set(LIBCURL_PC_REQUIRES_PRIVATE ${LIBIDN2_PC_REQUIRES} ${LIBCURL_PC_REQUIRES_PRIVATE})
-    include_directories(SYSTEM ${LIBIDN2_INCLUDE_DIRS})
-    link_directories(${LIBIDN2_LIBRARY_DIRS})
-    if(LIBIDN2_CFLAGS)
-      string(APPEND CMAKE_C_FLAGS " ${LIBIDN2_CFLAGS}")
-    endif()
+    set(CURL_LIBS CURL::libidn2 ${CURL_LIBS})
     set(HAVE_IDN2_H 1)
     set(HAVE_LIBIDN2 1)
   endif()
@@ -1329,17 +1209,9 @@ endif()
 option(CURL_USE_LIBPSL "Use libpsl" ON)
 mark_as_advanced(CURL_USE_LIBPSL)
 set(USE_LIBPSL OFF)
-
 if(CURL_USE_LIBPSL)
   find_package(Libpsl REQUIRED)
-  list(APPEND CURL_LIBS ${LIBPSL_LIBRARIES})
-  list(APPEND CURL_LIBDIRS ${LIBPSL_LIBRARY_DIRS})
-  list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${LIBPSL_PC_REQUIRES})
-  include_directories(SYSTEM ${LIBPSL_INCLUDE_DIRS})
-  link_directories(${LIBPSL_LIBRARY_DIRS})
-  if(LIBPSL_CFLAGS)
-    string(APPEND CMAKE_C_FLAGS " ${LIBPSL_CFLAGS}")
-  endif()
+  list(APPEND CURL_LIBS CURL::libpsl)
   set(USE_LIBPSL ON)
 endif()
 
@@ -1347,18 +1219,10 @@ endif()
 option(CURL_USE_LIBSSH2 "Use libssh2" ON)
 mark_as_advanced(CURL_USE_LIBSSH2)
 set(USE_LIBSSH2 OFF)
-
 if(CURL_USE_LIBSSH2)
   find_package(Libssh2)
   if(LIBSSH2_FOUND)
-    set(CURL_LIBS ${LIBSSH2_LIBRARIES} ${CURL_LIBS})  # keep it before TLS-crypto, compression
-    list(APPEND CURL_LIBDIRS ${LIBSSH2_LIBRARY_DIRS})
-    set(LIBCURL_PC_REQUIRES_PRIVATE ${LIBSSH2_PC_REQUIRES} ${LIBCURL_PC_REQUIRES_PRIVATE})
-    include_directories(SYSTEM ${LIBSSH2_INCLUDE_DIRS})
-    link_directories(${LIBSSH2_LIBRARY_DIRS})
-    if(LIBSSH2_CFLAGS)
-      string(APPEND CMAKE_C_FLAGS " ${LIBSSH2_CFLAGS}")
-    endif()
+    set(CURL_LIBS CURL::libssh2 ${CURL_LIBS})  # keep it before TLS-crypto, compression
     set(USE_LIBSSH2 ON)
   endif()
 endif()
@@ -1368,14 +1232,7 @@ option(CURL_USE_LIBSSH "Use libssh" OFF)
 mark_as_advanced(CURL_USE_LIBSSH)
 if(NOT USE_LIBSSH2 AND CURL_USE_LIBSSH)
   find_package(Libssh REQUIRED)
-  set(CURL_LIBS ${LIBSSH_LIBRARIES} ${CURL_LIBS})  # keep it before TLS-crypto, compression
-  list(APPEND CURL_LIBDIRS ${LIBSSH_LIBRARY_DIRS})
-  set(LIBCURL_PC_REQUIRES_PRIVATE ${LIBSSH_PC_REQUIRES} ${LIBCURL_PC_REQUIRES_PRIVATE})
-  include_directories(SYSTEM ${LIBSSH_INCLUDE_DIRS})
-  link_directories(${LIBSSH_LIBRARY_DIRS})
-  if(LIBSSH_CFLAGS)
-    string(APPEND CMAKE_C_FLAGS " ${LIBSSH_CFLAGS}")
-  endif()
+  set(CURL_LIBS CURL::libssh ${CURL_LIBS})  # keep it before TLS-crypto, compression
   set(USE_LIBSSH ON)
 endif()
 
@@ -1383,14 +1240,7 @@ option(CURL_USE_GSASL "Use libgsasl" OFF)
 mark_as_advanced(CURL_USE_GSASL)
 if(CURL_USE_GSASL)
   find_package(Libgsasl REQUIRED)
-  list(APPEND CURL_LIBS ${LIBGSASL_LIBRARIES})
-  list(APPEND CURL_LIBDIRS ${LIBGSASL_LIBRARY_DIRS})
-  list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${LIBGSASL_PC_REQUIRES})
-  include_directories(SYSTEM ${LIBGSASL_INCLUDE_DIRS})
-  link_directories(${LIBGSASL_LIBRARY_DIRS})
-  if(LIBGSASL_CFLAGS)
-    string(APPEND CMAKE_C_FLAGS " ${LIBGSASL_CFLAGS}")
-  endif()
+  list(APPEND CURL_LIBS CURL::libgsasl)
   set(USE_GSASL ON)
 endif()
 
@@ -1402,16 +1252,10 @@ if(CURL_USE_GSSAPI)
 
   set(HAVE_GSSAPI ${GSS_FOUND})
   if(GSS_FOUND)
-    list(APPEND CURL_LIBS ${GSS_LIBRARIES})
-    list(APPEND CURL_LIBDIRS ${GSS_LIBRARY_DIRS})
-    list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${GSS_PC_REQUIRES})
-    include_directories(SYSTEM ${GSS_INCLUDE_DIRS})
-    link_directories(${GSS_LIBRARY_DIRS})
-    if(GSS_CFLAGS)
-      string(APPEND CMAKE_C_FLAGS " ${GSS_CFLAGS}")
-    endif()
+    list(APPEND CURL_LIBS CURL::gss)
 
-    if(GSS_FLAVOUR STREQUAL "GNU")
+    get_target_property(_gss_flavour CURL::gss INTERFACE_CURL_GSS_FLAVOUR)
+    if(_gss_flavour STREQUAL "GNU")
       set(HAVE_GSSGNU 1)
     elseif(GSS_VERSION)  # MIT
       set(CURL_KRB5_VERSION "\"${GSS_VERSION}\"")
@@ -1431,8 +1275,7 @@ if(CURL_USE_LIBBACKTRACE)
     message(FATAL_ERROR "libbacktrace requires debug information")
   endif()
   find_package(Libbacktrace REQUIRED)
-  list(APPEND CURL_LIBS ${LIBBACKTRACE_LIBRARIES})
-  include_directories(SYSTEM ${LIBBACKTRACE_INCLUDE_DIRS})
+  list(APPEND CURL_LIBS CURL::libbacktrace)
   set(USE_BACKTRACE ON)
 endif()
 
@@ -1443,14 +1286,7 @@ if(CURL_USE_LIBUV)
     message(FATAL_ERROR "Using libuv without debug support enabled is useless")
   endif()
   find_package(Libuv REQUIRED)
-  list(APPEND CURL_LIBS ${LIBUV_LIBRARIES})
-  list(APPEND CURL_LIBDIRS ${LIBUV_LIBRARY_DIRS})
-  list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${LIBUV_PC_REQUIRES})
-  include_directories(SYSTEM ${LIBUV_INCLUDE_DIRS})
-  link_directories(${LIBUV_LIBRARY_DIRS})
-  if(LIBUV_CFLAGS)
-    string(APPEND CMAKE_C_FLAGS " ${LIBUV_CFLAGS}")
-  endif()
+  list(APPEND CURL_LIBS CURL::libuv)
   set(USE_LIBUV ON)
   set(HAVE_UV_H ON)
 endif()
@@ -1458,14 +1294,7 @@ endif()
 option(USE_LIBRTMP "Enable librtmp from rtmpdump" OFF)
 if(USE_LIBRTMP)
   find_package(Librtmp REQUIRED)
-  list(APPEND CURL_LIBS ${LIBRTMP_LIBRARIES})
-  list(APPEND CURL_LIBDIRS ${LIBRTMP_LIBRARY_DIRS})
-  list(APPEND LIBCURL_PC_REQUIRES_PRIVATE ${LIBRTMP_PC_REQUIRES})
-  include_directories(SYSTEM ${LIBRTMP_INCLUDE_DIRS})
-  link_directories(${LIBRTMP_LIBRARY_DIRS})
-  if(LIBRTMP_CFLAGS)
-    string(APPEND CMAKE_C_FLAGS " ${LIBRTMP_CFLAGS}")
-  endif()
+  list(APPEND CURL_LIBS CURL::librtmp)
 endif()
 
 option(ENABLE_UNIX_SOCKETS "Enable Unix domain sockets support" ON)
@@ -1964,6 +1793,28 @@ if(CURL_CODE_COVERAGE)
   list(APPEND CURL_LIBS ${CURL_COVERAGE_LIBS})
 endif()
 
+# Hack to add some libraries to the end of the library list to make binutils ld
+# for GCC find symbols when linking statically. Necessary for libs detected via
+# CMake's built-in find modules, which CMake adds to the beginning of the lib
+# list on the linker command-line for some reason. This makes them appear
+# before dependencies detected via curl's custom Find modules, and breaks
+# linkers sensitive to lib order. There must be a better solution to this.
+if(CMAKE_C_COMPILER_ID STREQUAL "GNU")
+  foreach(_lib IN ITEMS OpenSSL::Crypto ZLIB::ZLIB)
+    if(TARGET "${_lib}")
+      add_library(CURL::${_lib} INTERFACE IMPORTED)
+      get_target_property(_libname "${_lib}" LOCATION)
+      set_target_properties(${_lib} PROPERTIES INTERFACE_LINK_LIBRARIES "${_libname}")
+      list(APPEND CURL_LIBS ${_lib})
+    endif()
+  endforeach()
+  if(WIN32)
+    add_library(CURL::win32_winsock INTERFACE IMPORTED)
+    set_target_properties(CURL::win32_winsock PROPERTIES INTERFACE_LINK_LIBRARIES "ws2_32")
+    list(APPEND CURL_LIBS CURL::win32_winsock)
+  endif()
+endif()
+
 if(CMAKE_C_COMPILER_ID STREQUAL "MSVC")  # MSVC but exclude clang-cl
   set_property(DIRECTORY APPEND PROPERTY COMPILE_OPTIONS "-MP")  # Parallel compilation
 endif()
@@ -2028,8 +1879,6 @@ endif()
 
 add_subdirectory(scripts)  # for shell completions
 
-list(REMOVE_DUPLICATES CURL_LIBDIRS)
-
 add_subdirectory(lib)
 
 if(BUILD_CURL_EXE)
@@ -2252,7 +2101,91 @@ if(NOT CURL_DISABLE_INSTALL)
     endif()
   endforeach()
 
-  foreach(_libdir IN LISTS _custom_libdirs CURL_LIBDIRS)
+  set(_implicit_libs "")
+  if(NOT MINGW AND NOT UNIX)
+    set(_implicit_libs "${CMAKE_C_IMPLICIT_LINK_LIBRARIES}")
+  endif()
+
+  set(_explicit_libdirs "")
+  set(LIBCURL_PC_REQUIRES_PRIVATE "")
+  set(LIBCURL_PC_LIBS_PRIVATE_LIST "")
+  foreach(_lib IN LISTS CURL_LIBS _custom_libs _implicit_libs)
+    if(TARGET "${_lib}")
+      set(_explicit_libs "")
+      get_target_property(_imported "${_lib}" IMPORTED)
+      if(NOT _imported)
+        # Reading the LOCATION property on non-imported target will error out.
+        # Assume the user will not need this information in the .pc file.
+        continue()
+      endif()
+      if(_lib MATCHES "CURL::")
+        # This is empty for 'CURL::*' targets and safe to ignore.
+        # Explicitly skip this query to avoid CMake v3.18 and older erroring out.
+        set(_libname "")
+      else()
+        get_target_property(_libname "${_lib}" LOCATION)
+      endif()
+      if(_libname)
+        list(APPEND _explicit_libs "${_libname}")
+      else()
+        get_target_property(_libs "${_lib}" INTERFACE_LINK_LIBRARIES)
+        if(_libs)
+          list(APPEND _explicit_libs "${_libs}")
+        endif()
+        get_target_property(_libdirs "${_lib}" INTERFACE_LINK_DIRECTORIES)
+        if(_libdirs)
+          list(APPEND _explicit_libdirs "${_libdirs}")
+        endif()
+      endif()
+      if(NOT _libname AND NOT _libs AND NOT _libdirs)
+        message(WARNING "Bad lib in library list: ${_lib}")
+      endif()
+      get_target_property(_modules "${_lib}" INTERFACE_LIBCURL_PC_MODULES)
+      if(_modules)
+        list(APPEND LIBCURL_PC_REQUIRES_PRIVATE "${_modules}")
+      endif()
+
+      foreach(_lib IN LISTS _explicit_libs)
+        if(_lib MATCHES "/")
+          # This gets a bit more complex, because we want to specify the
+          # directory separately, and only once per directory
+          if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.20)
+            cmake_path(GET _lib PARENT_PATH _libdir)
+            cmake_path(GET _lib STEM _libname)
+          else()
+            get_filename_component(_libdir "${_lib}" DIRECTORY)
+            get_filename_component(_libname "${_lib}" NAME_WE)
+          endif()
+          if(_libname MATCHES "^lib")
+            if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.20)
+              cmake_path(SET _libdir NORMALIZE "${_libdir}")
+            endif()
+            list(FIND _sys_libdirs "${_libdir}" _libdir_index)
+            if(_libdir_index LESS 0)
+              list(APPEND _ldflags "-L${_libdir}")
+            endif()
+            string(REGEX REPLACE "^lib" "" _libname "${_libname}")
+            list(APPEND LIBCURL_PC_LIBS_PRIVATE "-l${_libname}")
+            list(APPEND LIBCURL_PC_LIBS_PRIVATE_LIST "${_lib}")
+          else()
+            list(APPEND LIBCURL_PC_LIBS_PRIVATE "${_lib}")
+            list(APPEND LIBCURL_PC_LIBS_PRIVATE_LIST "${_lib}")
+          endif()
+        else()
+          list(APPEND LIBCURL_PC_LIBS_PRIVATE "-l${_lib}")
+          list(APPEND LIBCURL_PC_LIBS_PRIVATE_LIST "${_lib}")
+        endif()
+      endforeach()
+    elseif(_lib MATCHES "^-")  # '-framework '
+      list(APPEND _ldflags "${_lib}")
+      list(APPEND LIBCURL_PC_LIBS_PRIVATE_LIST "${_lib}")
+    else()
+      list(APPEND LIBCURL_PC_LIBS_PRIVATE "-l${_lib}")
+      list(APPEND LIBCURL_PC_LIBS_PRIVATE_LIST "${_lib}")
+    endif()
+  endforeach()
+
+  foreach(_libdir IN LISTS _custom_libdirs _explicit_libdirs)
     if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.20)
       cmake_path(SET _libdir NORMALIZE "${_libdir}")
     endif()
@@ -2262,57 +2195,10 @@ if(NOT CURL_DISABLE_INSTALL)
     endif()
   endforeach()
 
-  set(_implicit_libs "")
-  if(NOT MINGW AND NOT UNIX)
-    set(_implicit_libs "${CMAKE_C_IMPLICIT_LINK_LIBRARIES}")
-  endif()
-
-  foreach(_lib IN LISTS _implicit_libs _custom_libs CURL_LIBS)
-    if(TARGET "${_lib}")
-      set(_libname "${_lib}")
-      get_target_property(_imported "${_libname}" IMPORTED)
-      if(NOT _imported)
-        # Reading the LOCATION property on non-imported target will error out.
-        # Assume the user will not need this information in the .pc file.
-        continue()
-      endif()
-      get_target_property(_lib "${_libname}" LOCATION)
-      if(NOT _lib)
-        message(WARNING "Bad lib in library list: ${_libname}")
-        continue()
-      endif()
-    endif()
-    if(_lib MATCHES "^-")  # '-framework '
-      list(APPEND _ldflags "${_lib}")
-    elseif(_lib MATCHES "/")
-      # This gets a bit more complex, because we want to specify the
-      # directory separately, and only once per directory
-      if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.20)
-        cmake_path(GET _lib PARENT_PATH _libdir)
-        cmake_path(GET _lib STEM _libname)
-      else()
-        get_filename_component(_libdir "${_lib}" DIRECTORY)
-        get_filename_component(_libname "${_lib}" NAME_WE)
-      endif()
-      if(_libname MATCHES "^lib")
-        if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.20)
-          cmake_path(SET _libdir NORMALIZE "${_libdir}")
-        endif()
-        list(FIND _sys_libdirs "${_libdir}" _libdir_index)
-        if(_libdir_index LESS 0)
-          list(APPEND _ldflags "-L${_libdir}")
-        endif()
-        string(REGEX REPLACE "^lib" "" _libname "${_libname}")
-        list(APPEND LIBCURL_PC_LIBS_PRIVATE "-l${_libname}")
-      else()
-        list(APPEND LIBCURL_PC_LIBS_PRIVATE "${_lib}")
-      endif()
-    else()
-      list(APPEND LIBCURL_PC_LIBS_PRIVATE "-l${_lib}")
-    endif()
-  endforeach()
+  list(REMOVE_DUPLICATES _ldflags)
 
   if(LIBCURL_PC_REQUIRES_PRIVATE)
+    list(REMOVE_DUPLICATES LIBCURL_PC_REQUIRES_PRIVATE)
     string(REPLACE ";" "," LIBCURL_PC_REQUIRES_PRIVATE "${LIBCURL_PC_REQUIRES_PRIVATE}")
   endif()
   if(LIBCURL_PC_LIBS_PRIVATE)
@@ -2424,13 +2310,37 @@ if(NOT CURL_DISABLE_INSTALL)
 
   # Consumed custom variables:
   #   CURLVERSION
+  #   LIBCURL_PC_LIBS_PRIVATE_LIST
   #   LIB_NAME
   #   LIB_SELECTED
+  #   LIB_STATIC
   #   TARGETS_EXPORT_NAME
-  #   USE_OPENSSL OPENSSL_VERSION_MAJOR
-  #   HAVE_LIBZ ZLIB_VERSION_MAJOR
   #   CURL_SUPPORTED_FEATURES_LIST
   #   CURL_SUPPORTED_PROTOCOLS_LIST
+  #   HAVE_BROTLI
+  #   HAVE_GSSAPI
+  #   HAVE_LIBIDN2
+  #   HAVE_LIBZ ZLIB_VERSION_MAJOR
+  #   HAVE_ZSTD
+  #   USE_ARES
+  #   USE_BACKTRACE
+  #   USE_GNUTLS
+  #   USE_GSASL
+  #   USE_LIBPSL
+  #   USE_LIBRTMP
+  #   USE_LIBSSH
+  #   USE_LIBSSH2
+  #   USE_LIBUV
+  #   USE_MBEDTLS
+  #   USE_NGHTTP2
+  #   USE_NGHTTP3
+  #   USE_NGTCP2
+  #   USE_OPENSSL OPENSSL_VERSION_MAJOR
+  #   USE_QUICHE
+  #   USE_RUSTLS
+  #   USE_WIN32_LDAP CURL_DISABLE_LDAP
+  #   USE_WOLFSSL
+  #   _win32_winsock
   configure_package_config_file("CMake/curl-config.cmake.in"
     "${_project_config}"
     INSTALL_DESTINATION ${_install_cmake_dir}
@@ -2442,7 +2352,32 @@ if(NOT CURL_DISABLE_INSTALL)
       DESTINATION ${_install_cmake_dir})
   endif()
 
-  install(FILES ${_version_config} ${_project_config}
+  install(
+    FILES
+      ${_version_config}
+      ${_project_config}
+      "${CMAKE_CURRENT_SOURCE_DIR}/CMake/FindBrotli.cmake"
+      "${CMAKE_CURRENT_SOURCE_DIR}/CMake/FindCares.cmake"
+      "${CMAKE_CURRENT_SOURCE_DIR}/CMake/FindGSS.cmake"
+      "${CMAKE_CURRENT_SOURCE_DIR}/CMake/FindGnuTLS.cmake"
+      "${CMAKE_CURRENT_SOURCE_DIR}/CMake/FindLDAP.cmake"
+      "${CMAKE_CURRENT_SOURCE_DIR}/CMake/FindLibbacktrace.cmake"
+      "${CMAKE_CURRENT_SOURCE_DIR}/CMake/FindLibgsasl.cmake"
+      "${CMAKE_CURRENT_SOURCE_DIR}/CMake/FindLibidn2.cmake"
+      "${CMAKE_CURRENT_SOURCE_DIR}/CMake/FindLibpsl.cmake"
+      "${CMAKE_CURRENT_SOURCE_DIR}/CMake/FindLibrtmp.cmake"
+      "${CMAKE_CURRENT_SOURCE_DIR}/CMake/FindLibssh.cmake"
+      "${CMAKE_CURRENT_SOURCE_DIR}/CMake/FindLibssh2.cmake"
+      "${CMAKE_CURRENT_SOURCE_DIR}/CMake/FindLibuv.cmake"
+      "${CMAKE_CURRENT_SOURCE_DIR}/CMake/FindMbedTLS.cmake"
+      "${CMAKE_CURRENT_SOURCE_DIR}/CMake/FindNGHTTP2.cmake"
+      "${CMAKE_CURRENT_SOURCE_DIR}/CMake/FindNGHTTP3.cmake"
+      "${CMAKE_CURRENT_SOURCE_DIR}/CMake/FindNGTCP2.cmake"
+      "${CMAKE_CURRENT_SOURCE_DIR}/CMake/FindNettle.cmake"
+      "${CMAKE_CURRENT_SOURCE_DIR}/CMake/FindQuiche.cmake"
+      "${CMAKE_CURRENT_SOURCE_DIR}/CMake/FindRustls.cmake"
+      "${CMAKE_CURRENT_SOURCE_DIR}/CMake/FindWolfSSL.cmake"
+      "${CMAKE_CURRENT_SOURCE_DIR}/CMake/FindZstd.cmake"
     DESTINATION ${_install_cmake_dir})
 
   if(NOT TARGET curl_uninstall)
diff --git a/lib/CMakeLists.txt b/lib/CMakeLists.txt
index b468eec0a2..5ce288a0a8 100644
--- a/lib/CMakeLists.txt
+++ b/lib/CMakeLists.txt
@@ -44,7 +44,7 @@ if(CURL_BUILD_TESTING)
   # special libcurlu library just for unittests
   add_library(curlu STATIC EXCLUDE_FROM_ALL ${HHEADERS} ${CSOURCES})
   target_compile_definitions(curlu PUBLIC "CURL_STATICLIB" "UNITTESTS")
-  target_link_libraries(curlu PRIVATE ${CURL_LIBS})
+  target_link_libraries(curlu PUBLIC ${CURL_LIBS})
   # There is plenty of parallelism when building the testdeps target.
   # Override the curlu batch size with the maximum to optimize performance.
   set_target_properties(curlu PROPERTIES UNITY_BUILD_BATCH_SIZE 0 C_CLANG_TIDY "")
@@ -151,8 +151,7 @@ if(BUILD_STATIC_LIBS)
   set_target_properties(${LIB_STATIC} PROPERTIES
     PREFIX "" OUTPUT_NAME "${LIBCURL_OUTPUT_NAME}"
     SUFFIX "${STATIC_LIB_SUFFIX}${CMAKE_STATIC_LIBRARY_SUFFIX}"
-    INTERFACE_COMPILE_DEFINITIONS "CURL_STATICLIB"
-    INTERFACE_LINK_DIRECTORIES "${CURL_LIBDIRS}")
+    INTERFACE_COMPILE_DEFINITIONS "CURL_STATICLIB")
   if(CURL_HIDES_PRIVATE_SYMBOLS)
     set_property(TARGET ${LIB_STATIC} APPEND PROPERTY COMPILE_OPTIONS "${CURL_CFLAG_SYMBOLS_HIDE}")
     set_property(TARGET ${LIB_STATIC} APPEND PROPERTY COMPILE_DEFINITIONS "CURL_HIDDEN_SYMBOLS")
@@ -174,6 +173,27 @@ if(BUILD_STATIC_LIBS)
   target_include_directories(${LIB_STATIC} INTERFACE
     "$"
     "$")
+
+  # CMake before CMP0099 (CMake 3.17 2020-03-20) did not propagate libdirs to
+  # targets. It expected libs to have an absolute filename. As a workaround,
+  # manually apply dependency libdirs, for CMake consumers without this policy.
+  if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.17)
+    cmake_policy(GET CMP0099 _has_CMP0099)  # https://cmake.org/cmake/help/latest/policy/CMP0099.html
+  endif()
+  if(NOT _has_CMP0099 AND CMAKE_VERSION VERSION_GREATER_EQUAL 3.13 AND CURL_LIBS)
+    set(_libdirs "")
+    foreach(_lib IN LISTS CURL_LIBS)
+      if(TARGET "${_lib}")
+        get_target_property(_libdir "${_lib}" INTERFACE_LINK_DIRECTORIES)
+        if(_libdir)
+          list(APPEND _libdirs "${_libdir}")
+        endif()
+      endif()
+    endforeach()
+    if(_libdirs)
+      target_link_directories(${LIB_STATIC} INTERFACE ${_libdirs})
+    endif()
+  endif()
 endif()
 
 if(BUILD_SHARED_LIBS)
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index 33f288b915..7d28434bd3 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -109,12 +109,13 @@ target_link_libraries(${EXE_NAME} ${LIB_SELECTED_FOR_EXE} ${CURL_LIBS})
 add_executable(${PROJECT_NAME}::${EXE_NAME} ALIAS ${EXE_NAME})
 
 add_executable(curlinfo EXCLUDE_FROM_ALL "curlinfo.c")
+target_link_libraries(curlinfo PRIVATE ${CURL_LIBS})
 set_target_properties(curlinfo PROPERTIES UNITY_BUILD OFF)
 
 # special libcurltool library just for unittests
 add_library(curltool STATIC EXCLUDE_FROM_ALL ${CURL_CFILES} ${CURL_HFILES} ${_curlx_cfiles_lib} ${_curlx_hfiles_lib})
 target_compile_definitions(curltool PUBLIC "CURL_STATICLIB" "UNITTESTS")
-target_link_libraries(curltool PRIVATE ${CURL_LIBS})
+target_link_libraries(curltool PUBLIC ${CURL_LIBS})
 set_target_properties(curltool PROPERTIES C_CLANG_TIDY "")
 
 if(CURL_HAS_LTO)
diff --git a/tests/cmake/test.sh b/tests/cmake/test.sh
index 451235484e..a871372ab6 100755
--- a/tests/cmake/test.sh
+++ b/tests/cmake/test.sh
@@ -114,7 +114,7 @@ if [ "${mode}" = 'all' ] || [ "${mode}" = 'find_package' ]; then
     "${cmake_provider}" --install "${bldp}"
   else
     mkdir "${bldp}"; cd "${bldp}"
-    "${cmake_provider}" "${src}" -G "${gen}" ${cmake_opts} -DCURL_USE_PKGCONFIG=OFF ${TEST_CMAKE_FLAGS:-} "$@" \
+    "${cmake_provider}" "${src}" -G "${gen}" ${cmake_opts} ${TEST_CMAKE_FLAGS:-} "$@" \
       -DBUILD_SHARED_LIBS=ON \
       -DBUILD_STATIC_LIBS=ON \
       -DCMAKE_INSTALL_PREFIX="${prefix}"

From ed331cea80c607344a19b400ab9abf25af09dc36 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sat, 29 Nov 2025 14:17:04 +0100
Subject: [PATCH 1057/2408] cmake: save and restore `CMAKE_MODULE_PATH` in
 `curl-config.cmake`

Reported-by: Kai Pastor
Bug: https://github.com/curl/curl/pull/16973#discussion_r2572957270
Follow-up to 16f073ef49f94412000218c9f6ad04e3fd7e4d01 #16973

Closes #19758
---
 CMake/curl-config.cmake.in | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/CMake/curl-config.cmake.in b/CMake/curl-config.cmake.in
index 99949198a3..c4e9f59e86 100644
--- a/CMake/curl-config.cmake.in
+++ b/CMake/curl-config.cmake.in
@@ -26,6 +26,8 @@
 option(CURL_USE_PKGCONFIG "Enable pkg-config to detect @PROJECT_NAME@ dependencies. Default: @CURL_USE_PKGCONFIG@" "@CURL_USE_PKGCONFIG@")
 
 include(CMakeFindDependencyMacro)
+
+set(_curl_cmake_module_path_save ${CMAKE_MODULE_PATH})
 set(CMAKE_MODULE_PATH ${CMAKE_CURRENT_LIST_DIR} ${CMAKE_MODULE_PATH})
 
 set(_libs "")
@@ -126,6 +128,8 @@ if("@HAVE_ZSTD@")
   list(APPEND _libs CURL::zstd)
 endif()
 
+set(CMAKE_MODULE_PATH ${_curl_cmake_module_path_save})
+
 if(CMAKE_C_COMPILER_ID STREQUAL "GNU" AND WIN32 AND NOT TARGET CURL::win32_winsock)
   add_library(CURL::win32_winsock INTERFACE IMPORTED)
   set_target_properties(CURL::win32_winsock PROPERTIES INTERFACE_LINK_LIBRARIES "@_win32_winsock@")

From 545f2f387d41b4a356705a08c1154c807f4dbb7d Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sat, 29 Nov 2025 16:07:59 +0100
Subject: [PATCH 1058/2408] lib/sendf.h: forward declare two structs
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

To fix non-unity builds using certain header orders (seen in ntlm.c with
the include order changed):
```
lib/vauth/../sendf.h:117:27: error: ‘struct Curl_cwriter’ declared inside parameter list will not be visible outside of this definition or declaration [-Werror]
  117 |                    struct Curl_cwriter *writer);
      |                           ^~~~~~~~~~~~
lib/vauth/../sendf.h:215:54: error: ‘struct Curl_creader’ declared inside parameter list will not be visible outside of this definition or declaration [-Werror]
  215 |   CURLcode (*do_init)(struct Curl_easy *data, struct Curl_creader *reader);
      |                                                      ^~~~~~~~~~~~
[...]
```
Ref: https://github.com/curl/curl/actions/runs/19785420705/job/56691185397?pr=19760

Ref: #19760
Closes #19761
---
 lib/sendf.h | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/lib/sendf.h b/lib/sendf.h
index 6867443901..3a6dccba6a 100644
--- a/lib/sendf.h
+++ b/lib/sendf.h
@@ -52,6 +52,10 @@
 #define CLIENTWRITE_EOS     (1<<7) /* End Of transfer download Stream */
 #define CLIENTWRITE_0LEN    (1<<8) /* write even 0-length buffers */
 
+/* Forward declarations */
+struct Curl_creader;
+struct Curl_cwriter;
+
 /**
  * Write `len` bytes at `prt` to the client. `type` indicates what
  * kind of data is being written.

From db32c0721f9cfbefe6a42b828ef7bfc4b40f71ac Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Fri, 28 Nov 2025 23:59:23 +0100
Subject: [PATCH 1059/2408] rustls: verify that verifier_builder is not NULL

Since this function returns allocated resources there is probably at
least a theoretical risk this can return NULL.

Pointed out by ZeroPath

Closes #19756
---
 lib/vtls/rustls.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c
index e4251a9151..0c13cc81ee 100644
--- a/lib/vtls/rustls.c
+++ b/lib/vtls/rustls.c
@@ -750,6 +750,10 @@ init_config_builder_verifier(struct Curl_easy *data,
   }
 
   verifier_builder = rustls_web_pki_server_cert_verifier_builder_new(roots);
+  if(!verifier_builder) {
+    result = CURLE_OUT_OF_MEMORY;
+    goto cleanup;
+  }
 
   if(conn_config->CRLfile) {
     result = init_config_builder_verifier_crl(data,

From 985f86f0be42a69bae91e9209016e5f7fe3346da Mon Sep 17 00:00:00 2001
From: Daniel McCarney 
Date: Sat, 29 Nov 2025 09:30:48 -0500
Subject: [PATCH 1060/2408] rustls: simplify init err path

Closes #19759
---
 lib/vtls/rustls.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c
index 0c13cc81ee..360a2454ac 100644
--- a/lib/vtls/rustls.c
+++ b/lib/vtls/rustls.c
@@ -744,9 +744,7 @@ init_config_builder_verifier(struct Curl_easy *data,
   if(rr != RUSTLS_RESULT_OK) {
     rustls_failf(data, rr, "failed to build trusted root certificate store");
     result = CURLE_SSL_CACERT_BADFILE;
-    if(result) {
-      goto cleanup;
-    }
+    goto cleanup;
   }
 
   verifier_builder = rustls_web_pki_server_cert_verifier_builder_new(roots);

From c3add7130d7d81add205edbbb75fdfd1f38b3c68 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sat, 29 Nov 2025 19:51:45 +0100
Subject: [PATCH 1061/2408] mbedtls: replace macro constant with
 `CURL_ARRAYSIZE()`

Also move from `int` to `size_t` for index variables.

Closes #19762
---
 lib/vtls/mbedtls_threadlock.c | 23 ++++++++++-------------
 lib/vtls/mbedtls_threadlock.h |  4 ++--
 2 files changed, 12 insertions(+), 15 deletions(-)

diff --git a/lib/vtls/mbedtls_threadlock.c b/lib/vtls/mbedtls_threadlock.c
index 91de9eceb5..89cc2b7d38 100644
--- a/lib/vtls/mbedtls_threadlock.c
+++ b/lib/vtls/mbedtls_threadlock.c
@@ -37,17 +37,14 @@
 
 #include "mbedtls_threadlock.h"
 
-/* number of thread locks */
-#define NUMT                    2
-
-/* This array stores the mutexes available to Mbedtls */
-static MBEDTLS_MUTEX_T mutex_buf[NUMT];
+/* This array stores the mutexes available to mbedTLS */
+static MBEDTLS_MUTEX_T mutex_buf[2];
 
 int Curl_mbedtlsthreadlock_thread_setup(void)
 {
-  int i;
+  size_t i;
 
-  for(i = 0;  i < NUMT;  i++) {
+  for(i = 0; i < CURL_ARRAYSIZE(mutex_buf); i++) {
 #if defined(USE_THREADS_POSIX) && defined(HAVE_PTHREAD_H)
     if(pthread_mutex_init(&mutex_buf[i], NULL))
       return 0; /* pthread_mutex_init failed */
@@ -63,9 +60,9 @@ int Curl_mbedtlsthreadlock_thread_setup(void)
 
 int Curl_mbedtlsthreadlock_thread_cleanup(void)
 {
-  int i;
+  size_t i;
 
-  for(i = 0; i < NUMT; i++) {
+  for(i = 0; i < CURL_ARRAYSIZE(mutex_buf); i++) {
 #if defined(USE_THREADS_POSIX) && defined(HAVE_PTHREAD_H)
     if(pthread_mutex_destroy(&mutex_buf[i]))
       return 0; /* pthread_mutex_destroy failed */
@@ -78,9 +75,9 @@ int Curl_mbedtlsthreadlock_thread_cleanup(void)
   return 1; /* OK */
 }
 
-int Curl_mbedtlsthreadlock_lock_function(int n)
+int Curl_mbedtlsthreadlock_lock_function(size_t n)
 {
-  if(n < NUMT) {
+  if(n < CURL_ARRAYSIZE(mutex_buf)) {
 #if defined(USE_THREADS_POSIX) && defined(HAVE_PTHREAD_H)
     if(pthread_mutex_lock(&mutex_buf[n])) {
       DEBUGF(curl_mfprintf(stderr, "Error: "
@@ -98,9 +95,9 @@ int Curl_mbedtlsthreadlock_lock_function(int n)
   return 1; /* OK */
 }
 
-int Curl_mbedtlsthreadlock_unlock_function(int n)
+int Curl_mbedtlsthreadlock_unlock_function(size_t n)
 {
-  if(n < NUMT) {
+  if(n < CURL_ARRAYSIZE(mutex_buf)) {
 #if defined(USE_THREADS_POSIX) && defined(HAVE_PTHREAD_H)
     if(pthread_mutex_unlock(&mutex_buf[n])) {
       DEBUGF(curl_mfprintf(stderr, "Error: "
diff --git a/lib/vtls/mbedtls_threadlock.h b/lib/vtls/mbedtls_threadlock.h
index 9402af6e41..1855d4cc01 100644
--- a/lib/vtls/mbedtls_threadlock.h
+++ b/lib/vtls/mbedtls_threadlock.h
@@ -33,8 +33,8 @@
 
 int Curl_mbedtlsthreadlock_thread_setup(void);
 int Curl_mbedtlsthreadlock_thread_cleanup(void);
-int Curl_mbedtlsthreadlock_lock_function(int n);
-int Curl_mbedtlsthreadlock_unlock_function(int n);
+int Curl_mbedtlsthreadlock_lock_function(size_t n);
+int Curl_mbedtlsthreadlock_unlock_function(size_t n);
 
 #else
 

From 0eed8b73309fbfb113002f4da8a6d92acff4871f Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Sat, 29 Nov 2025 23:44:23 +0100
Subject: [PATCH 1062/2408] tool_operatate: return error for OOM in
 append2query

Closes #19763
---
 src/tool_operate.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/tool_operate.c b/src/tool_operate.c
index 968dc864f9..71d29af8d8 100644
--- a/src/tool_operate.c
+++ b/src/tool_operate.c
@@ -848,6 +848,8 @@ static CURLcode append2query(struct OperationConfig *config,
     }
     curl_url_cleanup(uh);
   }
+  else
+    result = CURLE_OUT_OF_MEMORY;
   return result;
 }
 

From 2253bc330f56315faaa287c29d7612f5a34d8058 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sat, 29 Nov 2025 02:16:52 +0100
Subject: [PATCH 1063/2408] lib/subdirs: fix formatting nits

Closes #19757
---
 lib/curlx/base64.c            |  20 +-
 lib/curlx/dynbuf.c            |   1 -
 lib/curlx/dynbuf.h            |  22 +-
 lib/curlx/fopen.h             |  11 +-
 lib/curlx/inet_ntop.c         |  11 +-
 lib/curlx/inet_ntop.h         |   4 +-
 lib/curlx/inet_pton.c         |  23 +--
 lib/curlx/inet_pton.h         |   6 +-
 lib/curlx/nonblock.c          |   2 +-
 lib/curlx/strerr.c            |   3 +-
 lib/curlx/strparse.c          |   8 +-
 lib/curlx/timediff.c          |   2 +-
 lib/curlx/timeval.c           |  34 ++--
 lib/curlx/wait.c              |   2 +-
 lib/curlx/warnless.c          | 121 ++++++-----
 lib/curlx/warnless.h          |   2 +-
 lib/curlx/winapi.c            |   5 +-
 lib/vauth/cleartext.c         |   7 +-
 lib/vauth/cram.c              |   2 +-
 lib/vauth/digest.c            |  76 +++----
 lib/vauth/digest_sspi.c       |  16 +-
 lib/vauth/gsasl.c             |   2 +-
 lib/vauth/krb5_gssapi.c       |   2 +-
 lib/vauth/krb5_sspi.c         |   3 +-
 lib/vauth/ntlm.c              |   5 +-
 lib/vauth/ntlm_sspi.c         |  13 +-
 lib/vauth/oauth2.c            |   2 +-
 lib/vauth/spnego_sspi.c       |  14 +-
 lib/vauth/vauth.c             |  16 +-
 lib/vquic/curl_ngtcp2.c       | 128 ++++++------
 lib/vquic/curl_osslq.c        |  99 +++++----
 lib/vquic/curl_quiche.c       |  31 ++-
 lib/vquic/vquic-tls.c         |   7 +-
 lib/vquic/vquic-tls.h         |  16 +-
 lib/vquic/vquic.c             |   9 +-
 lib/vquic/vquic_int.h         |  23 +--
 lib/vssh/libssh.c             | 373 ++++++++++++++++------------------
 lib/vssh/libssh2.c            | 347 +++++++++++++++----------------
 lib/vssh/ssh.h                |   6 +-
 lib/vssh/vssh.c               |   3 +-
 lib/vtls/apple.c              |   5 +-
 lib/vtls/cipher_suite.c       |  42 ++--
 lib/vtls/gtls.c               |  84 ++++----
 lib/vtls/gtls.h               |   3 +-
 lib/vtls/hostcheck.c          |   4 +-
 lib/vtls/keylog.c             |  19 +-
 lib/vtls/mbedtls.c            |  73 ++++---
 lib/vtls/mbedtls_threadlock.c |   5 +-
 lib/vtls/mbedtls_threadlock.h |   3 +-
 lib/vtls/openssl.c            | 148 ++++++--------
 lib/vtls/openssl.h            |   3 +-
 lib/vtls/rustls.c             | 176 +++++++---------
 lib/vtls/schannel.c           | 160 +++++++--------
 lib/vtls/schannel.h           |   9 +-
 lib/vtls/schannel_verify.c    |  51 ++---
 lib/vtls/vtls.c               |  53 +++--
 lib/vtls/vtls.h               |  12 +-
 lib/vtls/vtls_int.h           |  20 +-
 lib/vtls/vtls_scache.c        |  54 +++--
 lib/vtls/vtls_scache.h        |  26 +--
 lib/vtls/vtls_spack.c         |  31 ++-
 lib/vtls/wolfssl.c            | 113 +++++-----
 lib/vtls/wolfssl.h            |   9 +-
 lib/vtls/x509asn1.c           |  54 +++--
 64 files changed, 1218 insertions(+), 1416 deletions(-)

diff --git a/lib/curlx/base64.c b/lib/curlx/base64.c
index 6a24c20ebd..4fc525387e 100644
--- a/lib/curlx/base64.c
+++ b/lib/curlx/base64.c
@@ -31,12 +31,12 @@
 #include "base64.h"
 
 /* ---- Base64 Encoding/Decoding Table --- */
-const char Curl_base64encdec[]=
+const char Curl_base64encdec[] =
   "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
 
 /* The Base 64 encoding with a URL and filename safe alphabet, RFC 4648
    section 5 */
-static const char base64url[]=
+static const char base64url[] =
   "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_";
 
 static const unsigned char decodetable[] =
@@ -188,18 +188,18 @@ static CURLcode base64_encode(const char *table64,
     return CURLE_OUT_OF_MEMORY;
 
   while(insize >= 3) {
-    *output++ = table64[ in[0] >> 2 ];
-    *output++ = table64[ ((in[0] & 0x03) << 4) | (in[1] >> 4) ];
-    *output++ = table64[ ((in[1] & 0x0F) << 2) | ((in[2] & 0xC0) >> 6) ];
-    *output++ = table64[ in[2] & 0x3F ];
+    *output++ = table64[in[0] >> 2];
+    *output++ = table64[((in[0] & 0x03) << 4) | (in[1] >> 4)];
+    *output++ = table64[((in[1] & 0x0F) << 2) | ((in[2] & 0xC0) >> 6)];
+    *output++ = table64[in[2] & 0x3F];
     insize -= 3;
     in += 3;
   }
   if(insize) {
     /* this is only one or two bytes now */
-    *output++ = table64[ in[0] >> 2 ];
+    *output++ = table64[in[0] >> 2];
     if(insize == 1) {
-      *output++ = table64[ ((in[0] & 0x03) << 4) ];
+      *output++ = table64[((in[0] & 0x03) << 4)];
       if(padbyte) {
         *output++ = padbyte;
         *output++ = padbyte;
@@ -207,8 +207,8 @@ static CURLcode base64_encode(const char *table64,
     }
     else {
       /* insize == 2 */
-      *output++ = table64[ ((in[0] & 0x03) << 4) | ((in[1] & 0xF0) >> 4) ];
-      *output++ = table64[ ((in[1] & 0x0F) << 2) ];
+      *output++ = table64[((in[0] & 0x03) << 4) | ((in[1] & 0xF0) >> 4)];
+      *output++ = table64[((in[1] & 0x0F) << 2)];
       if(padbyte)
         *output++ = padbyte;
     }
diff --git a/lib/curlx/dynbuf.c b/lib/curlx/dynbuf.c
index e54865f933..a9ff48367f 100644
--- a/lib/curlx/dynbuf.c
+++ b/lib/curlx/dynbuf.c
@@ -156,7 +156,6 @@ CURLcode curlx_dyn_tail(struct dynbuf *s, size_t trail)
     s->bufr[s->leng] = 0;
   }
   return CURLE_OK;
-
 }
 
 /*
diff --git a/lib/curlx/dynbuf.h b/lib/curlx/dynbuf.h
index 00ca047893..683b484610 100644
--- a/lib/curlx/dynbuf.h
+++ b/lib/curlx/dynbuf.h
@@ -32,7 +32,7 @@ struct dynbuf {
   size_t allc;   /* size of the current allocation */
   size_t toobig; /* size limit for the buffer */
 #ifdef DEBUGBUILD
-  int init;     /* detect API usage mistakes */
+  int init;      /* detect API usage mistakes */
 #endif
 };
 
@@ -62,24 +62,24 @@ int curlx_dyn_vprintf(struct dynbuf *dyn, const char *format, va_list ap_save);
 char *curlx_dyn_take(struct dynbuf *s, size_t *plen);
 
 /* Dynamic buffer max sizes */
-#define MAX_DYNBUF_SIZE (SIZE_MAX/2)
+#define MAX_DYNBUF_SIZE (SIZE_MAX / 2)
 
 #define DYN_DOH_RESPONSE    3000
 #define DYN_DOH_CNAME       256
 #define DYN_PAUSE_BUFFER    (64 * 1024 * 1024)
 #define DYN_HAXPROXY        2048
-#define DYN_HTTP_REQUEST    (1024*1024)
+#define DYN_HTTP_REQUEST    (1024 * 1024)
 #define DYN_APRINTF         8000000
-#define DYN_RTSP_REQ_HEADER (64*1024)
-#define DYN_TRAILERS        (64*1024)
+#define DYN_RTSP_REQ_HEADER (64 * 1024)
+#define DYN_TRAILERS        (64 * 1024)
 #define DYN_PROXY_CONNECT_HEADERS 16384
 #define DYN_QLOG_NAME       1024
 #define DYN_H1_TRAILER      4096
-#define DYN_PINGPPONG_CMD   (64*1024)
-#define DYN_IMAP_CMD        (64*1024)
-#define DYN_MQTT_RECV       (64*1024)
+#define DYN_PINGPPONG_CMD   (64 * 1024)
+#define DYN_IMAP_CMD        (64 * 1024)
+#define DYN_MQTT_RECV       (64 * 1024)
 #define DYN_MQTT_SEND       0xFFFFFFF
-#define DYN_CRLFILE_SIZE    (400*1024*1024) /* 400mb */
-#define DYN_CERTFILE_SIZE   (100*1024) /* 100KiB */
-#define DYN_KEYFILE_SIZE    (100*1024) /* 100KiB */
+#define DYN_CRLFILE_SIZE    (400 * 1024 * 1024) /* 400MiB */
+#define DYN_CERTFILE_SIZE   (100 * 1024) /* 100KiB */
+#define DYN_KEYFILE_SIZE    (100 * 1024) /* 100KiB */
 #endif
diff --git a/lib/curlx/fopen.h b/lib/curlx/fopen.h
index eeb3fda946..fb3277a17e 100644
--- a/lib/curlx/fopen.h
+++ b/lib/curlx/fopen.h
@@ -51,11 +51,12 @@ int curlx_win32_open(const char *filename, int oflag, ...);
 #endif
 
 #ifdef CURLDEBUG
-#define curlx_fopen(file,mode)  curl_dbg_fopen(file,mode,__LINE__,__FILE__)
-#define curlx_freopen(file,mode,fh) \
-  curl_dbg_freopen(file,mode,fh,__LINE__,__FILE__)
-#define curlx_fdopen(file,mode) curl_dbg_fdopen(file,mode,__LINE__,__FILE__)
-#define curlx_fclose(file)      curl_dbg_fclose(file,__LINE__,__FILE__)
+#define curlx_fopen(file, mode) curl_dbg_fopen(file, mode, __LINE__, __FILE__)
+#define curlx_freopen(file, mode, fh) \
+  curl_dbg_freopen(file, mode, fh, __LINE__, __FILE__)
+#define curlx_fdopen(file, mode) \
+  curl_dbg_fdopen(file, mode, __LINE__, __FILE__)
+#define curlx_fclose(file)      curl_dbg_fclose(file, __LINE__, __FILE__)
 #else
 #define curlx_fopen             CURLX_FOPEN_LOW
 #define curlx_freopen           CURLX_FREOPEN_LOW
diff --git a/lib/curlx/inet_ntop.c b/lib/curlx/inet_ntop.c
index 771af81474..96c58273e2 100644
--- a/lib/curlx/inet_ntop.c
+++ b/lib/curlx/inet_ntop.c
@@ -109,17 +109,18 @@ static char *inet_ntop6(const unsigned char *src, char *dst, size_t size)
    */
   memset(words, '\0', sizeof(words));
   for(i = 0; i < IN6ADDRSZ; i++)
-    words[i/2] |= ((unsigned int)src[i] << ((1 - (i % 2)) << 3));
+    words[i / 2] |= ((unsigned int)src[i] << ((1 - (i % 2)) << 3));
 
   best.base = -1;
-  cur.base  = -1;
+  cur.base = -1;
   best.len = 0;
   cur.len = 0;
 
   for(i = 0; i < (IN6ADDRSZ / INT16SZ); i++) {
     if(words[i] == 0) {
       if(cur.base == -1) {
-        cur.base = i; cur.len = 1;
+        cur.base = i;
+        cur.len = 1;
       }
       else
         cur.len++;
@@ -152,7 +153,7 @@ static char *inet_ntop6(const unsigned char *src, char *dst, size_t size)
     /* Is this address an encapsulated IPv4?
      */
     if(i == 6 && best.base == 0 &&
-        (best.len == 6 || (best.len == 5 && words[5] == 0xffff))) {
+       (best.len == 6 || (best.len == 5 && words[5] == 0xffff))) {
       if(!inet_ntop4(src + 12, tp, sizeof(tmp) - (tp - tmp))) {
         return NULL;
       }
@@ -219,4 +220,4 @@ char *curlx_inet_ntop(int af, const void *src, char *buf, size_t size)
     return NULL;
   }
 }
-#endif  /* HAVE_INET_NTOP */
+#endif /* HAVE_INET_NTOP */
diff --git a/lib/curlx/inet_ntop.h b/lib/curlx/inet_ntop.h
index 490f49e8a1..79cdc9e2af 100644
--- a/lib/curlx/inet_ntop.h
+++ b/lib/curlx/inet_ntop.h
@@ -37,11 +37,11 @@
 #include 
 #endif
 #ifdef __AMIGA__
-#define curlx_inet_ntop(af,addr,buf,size)                               \
+#define curlx_inet_ntop(af, addr, buf, size)                            \
   (char *)inet_ntop(af, CURL_UNCONST(addr), (unsigned char *)buf,       \
                     (curl_socklen_t)(size))
 #else
-#define curlx_inet_ntop(af,addr,buf,size)                \
+#define curlx_inet_ntop(af, addr, buf, size)                            \
   inet_ntop(af, addr, buf, (curl_socklen_t)(size))
 #endif
 #else
diff --git a/lib/curlx/inet_pton.c b/lib/curlx/inet_pton.c
index b78fa5d746..7b4a404306 100644
--- a/lib/curlx/inet_pton.c
+++ b/lib/curlx/inet_pton.c
@@ -54,8 +54,8 @@
  * sizeof(int) < 4. sizeof(int) > 4 is fine; all the world's not a VAX.
  */
 
-static int      inet_pton4(const char *src, unsigned char *dst);
-static int      inet_pton6(const char *src, unsigned char *dst);
+static int inet_pton4(const char *src, unsigned char *dst);
+static int inet_pton6(const char *src, unsigned char *dst);
 
 /* int
  * inet_pton(af, src, dst)
@@ -73,8 +73,7 @@ static int      inet_pton6(const char *src, unsigned char *dst);
  * author:
  *      Paul Vixie, 1996.
  */
-int
-curlx_inet_pton(int af, const char *src, void *dst)
+int curlx_inet_pton(int af, const char *src, void *dst)
 {
   switch(af) {
   case AF_INET:
@@ -98,8 +97,7 @@ curlx_inet_pton(int af, const char *src, void *dst)
  * author:
  *      Paul Vixie, 1996.
  */
-static int
-inet_pton4(const char *src, unsigned char *dst)
+static int inet_pton4(const char *src, unsigned char *dst)
 {
   int saw_digit, octets, ch;
   unsigned char tmp[INADDRSZ], *tp;
@@ -151,8 +149,7 @@ inet_pton4(const char *src, unsigned char *dst)
  * author:
  *      Paul Vixie, 1996.
  */
-static int
-inet_pton6(const char *src, unsigned char *dst)
+static int inet_pton6(const char *src, unsigned char *dst)
 {
   unsigned char tmp[IN6ADDRSZ], *tp, *endp, *colonp;
   const char *curtok;
@@ -187,14 +184,14 @@ inet_pton6(const char *src, unsigned char *dst)
       }
       if(tp + INT16SZ > endp)
         return 0;
-      *tp++ = (unsigned char) ((val >> 8) & 0xff);
-      *tp++ = (unsigned char) (val & 0xff);
+      *tp++ = (unsigned char)((val >> 8) & 0xff);
+      *tp++ = (unsigned char)(val & 0xff);
       saw_xdigit = 0;
       val = 0;
       continue;
     }
     if(ch == '.' && ((tp + INADDRSZ) <= endp) &&
-        inet_pton4(curtok, tp) > 0) {
+       inet_pton4(curtok, tp) > 0) {
       tp += INADDRSZ;
       saw_xdigit = 0;
       break;    /* '\0' was seen by inet_pton4(). */
@@ -204,8 +201,8 @@ inet_pton6(const char *src, unsigned char *dst)
   if(saw_xdigit) {
     if(tp + INT16SZ > endp)
       return 0;
-    *tp++ = (unsigned char) ((val >> 8) & 0xff);
-    *tp++ = (unsigned char) (val & 0xff);
+    *tp++ = (unsigned char)((val >> 8) & 0xff);
+    *tp++ = (unsigned char)(val & 0xff);
   }
   if(colonp) {
     /*
diff --git a/lib/curlx/inet_pton.h b/lib/curlx/inet_pton.h
index a9ad24c944..a52ef145da 100644
--- a/lib/curlx/inet_pton.h
+++ b/lib/curlx/inet_pton.h
@@ -37,9 +37,11 @@
 #include 
 #endif
 #ifdef __AMIGA__
-#define curlx_inet_pton(x,y,z) inet_pton(x,(unsigned char *)CURL_UNCONST(y),z)
+#define curlx_inet_pton(x, y, z) \
+  inet_pton(x, (unsigned char *)CURL_UNCONST(y), z)
 #else
-#define curlx_inet_pton(x,y,z) inet_pton(x,y,z)
+#define curlx_inet_pton(x, y, z) \
+  inet_pton(x, y, z)
 #endif
 #else
 int curlx_inet_pton(int, const char *, void *);
diff --git a/lib/curlx/nonblock.c b/lib/curlx/nonblock.c
index b944f9546b..23eb8c0e3a 100644
--- a/lib/curlx/nonblock.c
+++ b/lib/curlx/nonblock.c
@@ -88,6 +88,6 @@ int curlx_nonblock(curl_socket_t sockfd,    /* operate on this */
   return setsockopt(sockfd, SOL_SOCKET, SO_NONBLOCK, &b, sizeof(b));
 
 #else
-#  error "no non-blocking method was found/used/set"
+#error "no non-blocking method was found/used/set"
 #endif
 }
diff --git a/lib/curlx/strerr.c b/lib/curlx/strerr.c
index 3dbeab82ee..70ad1fb813 100644
--- a/lib/curlx/strerr.c
+++ b/lib/curlx/strerr.c
@@ -43,8 +43,7 @@
  * codes (WSAGetLastError) to error messages.
  * Returns NULL if no error message was found for error code.
  */
-static const char *
-get_winsock_error(int err, char *buf, size_t len)
+static const char *get_winsock_error(int err, char *buf, size_t len)
 {
 #ifndef CURL_DISABLE_VERBOSE_STRINGS
   const char *p;
diff --git a/lib/curlx/strparse.c b/lib/curlx/strparse.c
index a29d8be2fd..c5a3ed2102 100644
--- a/lib/curlx/strparse.c
+++ b/lib/curlx/strparse.c
@@ -66,8 +66,7 @@ int curlx_str_until(const char **linep, struct Curl_str *out,
 
 /* Get a word until the first space or end of string. At least one byte long.
    return non-zero on error */
-int curlx_str_word(const char **linep, struct Curl_str *out,
-                   const size_t max)
+int curlx_str_word(const char **linep, struct Curl_str *out, const size_t max)
 {
   return curlx_str_until(linep, out, max, ' ');
 }
@@ -95,7 +94,6 @@ int curlx_str_untilnl(const char **linep, struct Curl_str *out,
   return STRE_OK;
 }
 
-
 /* Get a "quoted" word. No escaping possible.
    return non-zero on error */
 int curlx_str_quotedword(const char **linep, struct Curl_str *out,
@@ -141,8 +139,8 @@ int curlx_str_singlespace(const char **linep)
 }
 
 /* given an ASCII character and max ascii, return TRUE if valid */
-#define valid_digit(x,m) \
-  (((x) >= '0') && ((x) <= m) && Curl_hexasciitable[(x)-'0'])
+#define valid_digit(x, m) \
+  (((x) >= '0') && ((x) <= m) && Curl_hexasciitable[(x) - '0'])
 
 /* We use 16 for the zero index (and the necessary bitwise AND in the loop)
    to be able to have a non-zero value there to make valid_digit() able to
diff --git a/lib/curlx/timediff.c b/lib/curlx/timediff.c
index a90da961ab..d8baabe63e 100644
--- a/lib/curlx/timediff.c
+++ b/lib/curlx/timediff.c
@@ -84,5 +84,5 @@ struct timeval *curlx_mstotv(struct timeval *tv, timediff_t ms)
  */
 timediff_t curlx_tvtoms(struct timeval *tv)
 {
-  return (tv->tv_sec*1000) + (timediff_t)(tv->tv_usec/1000);
+  return (tv->tv_sec * 1000) + (timediff_t)(tv->tv_usec / 1000);
 }
diff --git a/lib/curlx/timeval.c b/lib/curlx/timeval.c
index a27525855b..ff49d7d274 100644
--- a/lib/curlx/timeval.c
+++ b/lib/curlx/timeval.c
@@ -79,7 +79,7 @@ struct curltime curlx_now(void)
   return now;
 }
 
-#elif defined(HAVE_CLOCK_GETTIME_MONOTONIC) ||  \
+#elif defined(HAVE_CLOCK_GETTIME_MONOTONIC) || \
   defined(HAVE_CLOCK_GETTIME_MONOTONIC_RAW)
 
 struct curltime curlx_now(void)
@@ -103,7 +103,7 @@ struct curltime curlx_now(void)
   ** called on unsupported OS version.
   */
 #if defined(__APPLE__) && defined(HAVE_BUILTIN_AVAILABLE) && \
-        (HAVE_BUILTIN_AVAILABLE == 1)
+  (HAVE_BUILTIN_AVAILABLE == 1)
   bool have_clock_gettime = FALSE;
   if(__builtin_available(macOS 10.12, iOS 10, tvOS 10, watchOS 3, *))
     have_clock_gettime = TRUE;
@@ -111,8 +111,8 @@ struct curltime curlx_now(void)
 
 #ifdef HAVE_CLOCK_GETTIME_MONOTONIC_RAW
   if(
-#if defined(__APPLE__) && defined(HAVE_BUILTIN_AVAILABLE) &&    \
-        (HAVE_BUILTIN_AVAILABLE == 1)
+#if defined(__APPLE__) && defined(HAVE_BUILTIN_AVAILABLE) && \
+  (HAVE_BUILTIN_AVAILABLE == 1)
     have_clock_gettime &&
 #endif
     (clock_gettime(CLOCK_MONOTONIC_RAW, &tsnow) == 0)) {
@@ -124,7 +124,7 @@ struct curltime curlx_now(void)
 
   if(
 #if defined(__APPLE__) && defined(HAVE_BUILTIN_AVAILABLE) && \
-        (HAVE_BUILTIN_AVAILABLE == 1)
+  (HAVE_BUILTIN_AVAILABLE == 1)
     have_clock_gettime &&
 #endif
     (clock_gettime(CLOCK_MONOTONIC, &tsnow) == 0)) {
@@ -222,12 +222,12 @@ struct curltime curlx_now(void)
  */
 timediff_t curlx_timediff_ms(struct curltime newer, struct curltime older)
 {
-  timediff_t diff = (timediff_t)newer.tv_sec-older.tv_sec;
-  if(diff >= (TIMEDIFF_T_MAX/1000))
+  timediff_t diff = (timediff_t)newer.tv_sec - older.tv_sec;
+  if(diff >= (TIMEDIFF_T_MAX / 1000))
     return TIMEDIFF_T_MAX;
-  else if(diff <= (TIMEDIFF_T_MIN/1000))
+  else if(diff <= (TIMEDIFF_T_MIN / 1000))
     return TIMEDIFF_T_MIN;
-  return diff * 1000 + (newer.tv_usec-older.tv_usec)/1000;
+  return diff * 1000 + (newer.tv_usec - older.tv_usec) / 1000;
 }
 
 /*
@@ -237,12 +237,12 @@ timediff_t curlx_timediff_ms(struct curltime newer, struct curltime older)
 timediff_t curlx_timediff_ceil_ms(struct curltime newer,
                                   struct curltime older)
 {
-  timediff_t diff = (timediff_t)newer.tv_sec-older.tv_sec;
-  if(diff >= (TIMEDIFF_T_MAX/1000))
+  timediff_t diff = (timediff_t)newer.tv_sec - older.tv_sec;
+  if(diff >= (TIMEDIFF_T_MAX / 1000))
     return TIMEDIFF_T_MAX;
-  else if(diff <= (TIMEDIFF_T_MIN/1000))
+  else if(diff <= (TIMEDIFF_T_MIN / 1000))
     return TIMEDIFF_T_MIN;
-  return diff * 1000 + (newer.tv_usec - older.tv_usec + 999)/1000;
+  return diff * 1000 + (newer.tv_usec - older.tv_usec + 999) / 1000;
 }
 
 /*
@@ -251,10 +251,10 @@ timediff_t curlx_timediff_ceil_ms(struct curltime newer,
  */
 timediff_t curlx_timediff_us(struct curltime newer, struct curltime older)
 {
-  timediff_t diff = (timediff_t)newer.tv_sec-older.tv_sec;
-  if(diff >= (TIMEDIFF_T_MAX/1000000))
+  timediff_t diff = (timediff_t)newer.tv_sec - older.tv_sec;
+  if(diff >= (TIMEDIFF_T_MAX / 1000000))
     return TIMEDIFF_T_MAX;
-  else if(diff <= (TIMEDIFF_T_MIN/1000000))
+  else if(diff <= (TIMEDIFF_T_MIN / 1000000))
     return TIMEDIFF_T_MIN;
-  return diff * 1000000 + newer.tv_usec-older.tv_usec;
+  return diff * 1000000 + newer.tv_usec - older.tv_usec;
 }
diff --git a/lib/curlx/wait.c b/lib/curlx/wait.c
index 4e10a8297a..f1dd6e7a7e 100644
--- a/lib/curlx/wait.c
+++ b/lib/curlx/wait.c
@@ -74,7 +74,7 @@ int curlx_wait_ms(timediff_t timeout_ms)
   /* prevent overflow, timeout_ms is typecast to ULONG/DWORD. */
 #if TIMEDIFF_T_MAX >= ULONG_MAX
   if(timeout_ms >= ULONG_MAX)
-    timeout_ms = ULONG_MAX-1;
+    timeout_ms = ULONG_MAX - 1;
     /* do not use ULONG_MAX, because that is equal to INFINITE */
 #endif
   Sleep((DWORD)timeout_ms);
diff --git a/lib/curlx/warnless.c b/lib/curlx/warnless.c
index fafa83c98c..45442bd462 100644
--- a/lib/curlx/warnless.c
+++ b/lib/curlx/warnless.c
@@ -27,10 +27,10 @@
 #if defined(__INTEL_COMPILER) && defined(__unix__)
 
 #ifdef HAVE_NETINET_IN_H
-#  include 
+#include 
 #endif
 #ifdef HAVE_ARPA_INET_H
-#  include 
+#include 
 #endif
 
 #endif /* __INTEL_COMPILER && __unix__ */
@@ -56,15 +56,15 @@
 unsigned char curlx_ultouc(unsigned long ulnum)
 {
 #ifdef __INTEL_COMPILER
-#  pragma warning(push)
-#  pragma warning(disable:810) /* conversion may lose significant bits */
+#pragma warning(push)
+#pragma warning(disable:810) /* conversion may lose significant bits */
 #endif
 
-  DEBUGASSERT(ulnum <= (unsigned long) CURL_MASK_UCHAR);
-  return (unsigned char)(ulnum & (unsigned long) CURL_MASK_UCHAR);
+  DEBUGASSERT(ulnum <= (unsigned long)CURL_MASK_UCHAR);
+  return (unsigned char)(ulnum & (unsigned long)CURL_MASK_UCHAR);
 
 #ifdef __INTEL_COMPILER
-#  pragma warning(pop)
+#pragma warning(pop)
 #endif
 }
 
@@ -75,15 +75,15 @@ unsigned char curlx_ultouc(unsigned long ulnum)
 int curlx_uztosi(size_t uznum)
 {
 #ifdef __INTEL_COMPILER
-#  pragma warning(push)
-#  pragma warning(disable:810) /* conversion may lose significant bits */
+#pragma warning(push)
+#pragma warning(disable:810) /* conversion may lose significant bits */
 #endif
 
-  DEBUGASSERT(uznum <= (size_t) CURL_MASK_SINT);
-  return (int)(uznum & (size_t) CURL_MASK_SINT);
+  DEBUGASSERT(uznum <= (size_t)CURL_MASK_SINT);
+  return (int)(uznum & (size_t)CURL_MASK_SINT);
 
 #ifdef __INTEL_COMPILER
-#  pragma warning(pop)
+#pragma warning(pop)
 #endif
 }
 
@@ -94,17 +94,17 @@ int curlx_uztosi(size_t uznum)
 unsigned long curlx_uztoul(size_t uznum)
 {
 #ifdef __INTEL_COMPILER
-#  pragma warning(push)
-#  pragma warning(disable:810) /* conversion may lose significant bits */
+#pragma warning(push)
+#pragma warning(disable:810) /* conversion may lose significant bits */
 #endif
 
 #if ULONG_MAX < SIZE_MAX
-  DEBUGASSERT(uznum <= (size_t) CURL_MASK_ULONG);
+  DEBUGASSERT(uznum <= (size_t)CURL_MASK_ULONG);
 #endif
-  return (unsigned long)(uznum & (size_t) CURL_MASK_ULONG);
+  return (unsigned long)(uznum & (size_t)CURL_MASK_ULONG);
 
 #ifdef __INTEL_COMPILER
-#  pragma warning(pop)
+#pragma warning(pop)
 #endif
 }
 
@@ -115,17 +115,17 @@ unsigned long curlx_uztoul(size_t uznum)
 unsigned int curlx_uztoui(size_t uznum)
 {
 #ifdef __INTEL_COMPILER
-#  pragma warning(push)
-#  pragma warning(disable:810) /* conversion may lose significant bits */
+#pragma warning(push)
+#pragma warning(disable:810) /* conversion may lose significant bits */
 #endif
 
 #if UINT_MAX < SIZE_MAX
-  DEBUGASSERT(uznum <= (size_t) CURL_MASK_UINT);
+  DEBUGASSERT(uznum <= (size_t)CURL_MASK_UINT);
 #endif
-  return (unsigned int)(uznum & (size_t) CURL_MASK_UINT);
+  return (unsigned int)(uznum & (size_t)CURL_MASK_UINT);
 
 #ifdef __INTEL_COMPILER
-#  pragma warning(pop)
+#pragma warning(pop)
 #endif
 }
 
@@ -136,18 +136,18 @@ unsigned int curlx_uztoui(size_t uznum)
 int curlx_sltosi(long slnum)
 {
 #ifdef __INTEL_COMPILER
-#  pragma warning(push)
-#  pragma warning(disable:810) /* conversion may lose significant bits */
+#pragma warning(push)
+#pragma warning(disable:810) /* conversion may lose significant bits */
 #endif
 
   DEBUGASSERT(slnum >= 0);
 #if INT_MAX < LONG_MAX
-  DEBUGASSERT((unsigned long) slnum <= (unsigned long) CURL_MASK_SINT);
+  DEBUGASSERT((unsigned long)slnum <= (unsigned long)CURL_MASK_SINT);
 #endif
-  return (int)(slnum & (long) CURL_MASK_SINT);
+  return (int)(slnum & (long)CURL_MASK_SINT);
 
 #ifdef __INTEL_COMPILER
-#  pragma warning(pop)
+#pragma warning(pop)
 #endif
 }
 
@@ -158,18 +158,18 @@ int curlx_sltosi(long slnum)
 unsigned int curlx_sltoui(long slnum)
 {
 #ifdef __INTEL_COMPILER
-#  pragma warning(push)
-#  pragma warning(disable:810) /* conversion may lose significant bits */
+#pragma warning(push)
+#pragma warning(disable:810) /* conversion may lose significant bits */
 #endif
 
   DEBUGASSERT(slnum >= 0);
 #if UINT_MAX < LONG_MAX
-  DEBUGASSERT((unsigned long) slnum <= (unsigned long) CURL_MASK_UINT);
+  DEBUGASSERT((unsigned long)slnum <= (unsigned long)CURL_MASK_UINT);
 #endif
-  return (unsigned int)(slnum & (long) CURL_MASK_UINT);
+  return (unsigned int)(slnum & (long)CURL_MASK_UINT);
 
 #ifdef __INTEL_COMPILER
-#  pragma warning(pop)
+#pragma warning(pop)
 #endif
 }
 
@@ -180,16 +180,16 @@ unsigned int curlx_sltoui(long slnum)
 unsigned short curlx_sltous(long slnum)
 {
 #ifdef __INTEL_COMPILER
-#  pragma warning(push)
-#  pragma warning(disable:810) /* conversion may lose significant bits */
+#pragma warning(push)
+#pragma warning(disable:810) /* conversion may lose significant bits */
 #endif
 
   DEBUGASSERT(slnum >= 0);
-  DEBUGASSERT((unsigned long) slnum <= (unsigned long) CURL_MASK_USHORT);
-  return (unsigned short)(slnum & (long) CURL_MASK_USHORT);
+  DEBUGASSERT((unsigned long)slnum <= (unsigned long)CURL_MASK_USHORT);
+  return (unsigned short)(slnum & (long)CURL_MASK_USHORT);
 
 #ifdef __INTEL_COMPILER
-#  pragma warning(pop)
+#pragma warning(pop)
 #endif
 }
 
@@ -200,15 +200,15 @@ unsigned short curlx_sltous(long slnum)
 ssize_t curlx_uztosz(size_t uznum)
 {
 #ifdef __INTEL_COMPILER
-#  pragma warning(push)
-#  pragma warning(disable:810) /* conversion may lose significant bits */
+#pragma warning(push)
+#pragma warning(disable:810) /* conversion may lose significant bits */
 #endif
 
-  DEBUGASSERT(uznum <= (size_t) CURL_MASK_SSIZE_T);
-  return (ssize_t)(uznum & (size_t) CURL_MASK_SSIZE_T);
+  DEBUGASSERT(uznum <= (size_t)CURL_MASK_SSIZE_T);
+  return (ssize_t)(uznum & (size_t)CURL_MASK_SSIZE_T);
 
 #ifdef __INTEL_COMPILER
-#  pragma warning(pop)
+#pragma warning(pop)
 #endif
 }
 
@@ -219,15 +219,15 @@ ssize_t curlx_uztosz(size_t uznum)
 size_t curlx_sotouz(curl_off_t sonum)
 {
 #ifdef __INTEL_COMPILER
-#  pragma warning(push)
-#  pragma warning(disable:810) /* conversion may lose significant bits */
+#pragma warning(push)
+#pragma warning(disable:810) /* conversion may lose significant bits */
 #endif
 
   DEBUGASSERT(sonum >= 0);
-  return (size_t)(sonum & (curl_off_t) CURL_MASK_USIZE_T);
+  return (size_t)(sonum & (curl_off_t)CURL_MASK_USIZE_T);
 
 #ifdef __INTEL_COMPILER
-#  pragma warning(pop)
+#pragma warning(pop)
 #endif
 }
 
@@ -238,18 +238,18 @@ size_t curlx_sotouz(curl_off_t sonum)
 int curlx_sztosi(ssize_t sznum)
 {
 #ifdef __INTEL_COMPILER
-#  pragma warning(push)
-#  pragma warning(disable:810) /* conversion may lose significant bits */
+#pragma warning(push)
+#pragma warning(disable:810) /* conversion may lose significant bits */
 #endif
 
   DEBUGASSERT(sznum >= 0);
 #if INT_MAX < SSIZE_MAX
-  DEBUGASSERT((size_t) sznum <= (size_t) CURL_MASK_SINT);
+  DEBUGASSERT((size_t)sznum <= (size_t)CURL_MASK_SINT);
 #endif
-  return (int)(sznum & (ssize_t) CURL_MASK_SINT);
+  return (int)(sznum & (ssize_t)CURL_MASK_SINT);
 
 #ifdef __INTEL_COMPILER
-#  pragma warning(pop)
+#pragma warning(pop)
 #endif
 }
 
@@ -260,15 +260,15 @@ int curlx_sztosi(ssize_t sznum)
 unsigned short curlx_uitous(unsigned int uinum)
 {
 #ifdef __INTEL_COMPILER
-#  pragma warning(push)
-#  pragma warning(disable:810) /* conversion may lose significant bits */
+#pragma warning(push)
+#pragma warning(disable:810) /* conversion may lose significant bits */
 #endif
 
-  DEBUGASSERT(uinum <= (unsigned int) CURL_MASK_USHORT);
-  return (unsigned short) (uinum & (unsigned int) CURL_MASK_USHORT);
+  DEBUGASSERT(uinum <= (unsigned int)CURL_MASK_USHORT);
+  return (unsigned short)(uinum & (unsigned int)CURL_MASK_USHORT);
 
 #ifdef __INTEL_COMPILER
-#  pragma warning(pop)
+#pragma warning(pop)
 #endif
 }
 
@@ -279,15 +279,15 @@ unsigned short curlx_uitous(unsigned int uinum)
 size_t curlx_sitouz(int sinum)
 {
 #ifdef __INTEL_COMPILER
-#  pragma warning(push)
-#  pragma warning(disable:810) /* conversion may lose significant bits */
+#pragma warning(push)
+#pragma warning(disable:810) /* conversion may lose significant bits */
 #endif
 
   DEBUGASSERT(sinum >= 0);
-  return (size_t) sinum;
+  return (size_t)sinum;
 
 #ifdef __INTEL_COMPILER
-#  pragma warning(pop)
+#pragma warning(pop)
 #endif
 }
 
@@ -333,7 +333,6 @@ bool curlx_sotouz_fits(curl_off_t sonum, size_t *puznum)
   return TRUE;
 }
 
-
 bool curlx_sltouz(long slnum, size_t *puznum)
 {
   if(slnum < 0) {
diff --git a/lib/curlx/warnless.h b/lib/curlx/warnless.h
index 52e7ec2a5c..5f324ac375 100644
--- a/lib/curlx/warnless.h
+++ b/lib/curlx/warnless.h
@@ -31,7 +31,7 @@
 #endif
 
 #define CURLX_FUNCTION_CAST(target_type, func) \
-  (target_type)(void (*) (void))(func)
+  (target_type)(void (*)(void))(func)
 
 unsigned char curlx_ultouc(unsigned long ulnum);
 
diff --git a/lib/curlx/winapi.c b/lib/curlx/winapi.c
index 4cacbcb618..3243f7cb4a 100644
--- a/lib/curlx/winapi.c
+++ b/lib/curlx/winapi.c
@@ -57,8 +57,8 @@ const char *curlx_get_winapi_error(DWORD err, char *buf, size_t buflen)
     /* Truncate multiple lines */
     p = strchr(buf, '\n');
     if(p) {
-      if(p > buf && *(p-1) == '\r')
-        *(p-1) = '\0';
+      if(p > buf && *(p - 1) == '\r')
+        *(p - 1) = '\0';
       else
         *p = '\0';
     }
@@ -89,7 +89,6 @@ const char *curlx_winapi_strerror(DWORD err, char *buf, size_t buflen)
 #if defined(__GNUC__) && __GNUC__ >= 7
 #pragma GCC diagnostic pop
 #endif
-
   }
 #else
   {
diff --git a/lib/vauth/cleartext.c b/lib/vauth/cleartext.c
index d259bc42b5..862310111e 100644
--- a/lib/vauth/cleartext.c
+++ b/lib/vauth/cleartext.c
@@ -27,8 +27,8 @@
 
 #include "../curl_setup.h"
 
-#if !defined(CURL_DISABLE_IMAP) || !defined(CURL_DISABLE_SMTP) ||       \
-  !defined(CURL_DISABLE_POP3) || \
+#if !defined(CURL_DISABLE_IMAP) || !defined(CURL_DISABLE_SMTP) || \
+  !defined(CURL_DISABLE_POP3) ||                                  \
   (!defined(CURL_DISABLE_LDAP) && defined(USE_OPENLDAP))
 
 #include 
@@ -110,8 +110,7 @@ void Curl_auth_create_login_message(const char *valuep, struct bufref *out)
  *
  * Returns void.
  */
-void Curl_auth_create_external_message(const char *user,
-                                       struct bufref *out)
+void Curl_auth_create_external_message(const char *user, struct bufref *out)
 {
   /* This is the same formatting as the login message */
   Curl_auth_create_login_message(user, out);
diff --git a/lib/vauth/cram.c b/lib/vauth/cram.c
index 3b02e5751f..9bc5544a64 100644
--- a/lib/vauth/cram.c
+++ b/lib/vauth/cram.c
@@ -63,7 +63,7 @@ CURLcode Curl_auth_create_cram_md5_message(const struct bufref *chlg,
 
   /* Compute the digest using the password as the key */
   ctxt = Curl_HMAC_init(&Curl_HMAC_MD5,
-                        (const unsigned char *) passwdp,
+                        (const unsigned char *)passwdp,
                         curlx_uztoui(strlen(passwdp)));
   if(!ctxt)
     return CURLE_OUT_OF_MEMORY;
diff --git a/lib/vauth/digest.c b/lib/vauth/digest.c
index 850891f175..c5fea67394 100644
--- a/lib/vauth/digest.c
+++ b/lib/vauth/digest.c
@@ -138,20 +138,20 @@ bool Curl_auth_digest_get_pair(const char *str, char *value, char *content,
 #ifndef USE_WINDOWS_SSPI
 /* Convert MD5 chunk to RFC2617 (section 3.1.3) -suitable ASCII string */
 static void auth_digest_md5_to_ascii(unsigned char *source, /* 16 bytes */
-                                     unsigned char *dest) /* 33 bytes */
+                                     unsigned char *dest)   /* 33 bytes */
 {
   int i;
   for(i = 0; i < 16; i++)
-    curl_msnprintf((char *) &dest[i * 2], 3, "%02x", source[i]);
+    curl_msnprintf((char *)&dest[i * 2], 3, "%02x", source[i]);
 }
 
 /* Convert sha256 or SHA-512/256 chunk to RFC7616 -suitable ASCII string */
 static void auth_digest_sha256_to_ascii(unsigned char *source, /* 32 bytes */
-                                        unsigned char *dest) /* 65 bytes */
+                                        unsigned char *dest)   /* 65 bytes */
 {
   int i;
   for(i = 0; i < 32; i++)
-    curl_msnprintf((char *) &dest[i * 2], 3, "%02x", source[i]);
+    curl_msnprintf((char *)&dest[i * 2], 3, "%02x", source[i]);
 }
 
 /* Perform quoted-string escaping as described in RFC2616 and its errata */
@@ -272,7 +272,7 @@ static CURLcode auth_decode_digest_md5_message(const struct bufref *chlgref,
                                                char *alg, size_t alen,
                                                char *qop, size_t qlen)
 {
-  const char *chlg = (const char *) Curl_bufref_ptr(chlgref);
+  const char *chlg = (const char *)Curl_bufref_ptr(chlgref);
 
   /* Ensure we have a valid challenge message */
   if(!Curl_bufref_len(chlgref))
@@ -387,13 +387,13 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data,
   if(!ctxt)
     return CURLE_OUT_OF_MEMORY;
 
-  Curl_MD5_update(ctxt, (const unsigned char *) userp,
+  Curl_MD5_update(ctxt, (const unsigned char *)userp,
                   curlx_uztoui(strlen(userp)));
-  Curl_MD5_update(ctxt, (const unsigned char *) ":", 1);
-  Curl_MD5_update(ctxt, (const unsigned char *) realm,
+  Curl_MD5_update(ctxt, (const unsigned char *)":", 1);
+  Curl_MD5_update(ctxt, (const unsigned char *)realm,
                   curlx_uztoui(strlen(realm)));
-  Curl_MD5_update(ctxt, (const unsigned char *) ":", 1);
-  Curl_MD5_update(ctxt, (const unsigned char *) passwdp,
+  Curl_MD5_update(ctxt, (const unsigned char *)":", 1);
+  Curl_MD5_update(ctxt, (const unsigned char *)passwdp,
                   curlx_uztoui(strlen(passwdp)));
   Curl_MD5_final(ctxt, digest);
 
@@ -401,12 +401,12 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data,
   if(!ctxt)
     return CURLE_OUT_OF_MEMORY;
 
-  Curl_MD5_update(ctxt, (const unsigned char *) digest, MD5_DIGEST_LEN);
-  Curl_MD5_update(ctxt, (const unsigned char *) ":", 1);
-  Curl_MD5_update(ctxt, (const unsigned char *) nonce,
+  Curl_MD5_update(ctxt, (const unsigned char *)digest, MD5_DIGEST_LEN);
+  Curl_MD5_update(ctxt, (const unsigned char *)":", 1);
+  Curl_MD5_update(ctxt, (const unsigned char *)nonce,
                   curlx_uztoui(strlen(nonce)));
-  Curl_MD5_update(ctxt, (const unsigned char *) ":", 1);
-  Curl_MD5_update(ctxt, (const unsigned char *) cnonce,
+  Curl_MD5_update(ctxt, (const unsigned char *)":", 1);
+  Curl_MD5_update(ctxt, (const unsigned char *)cnonce,
                   curlx_uztoui(strlen(cnonce)));
   Curl_MD5_final(ctxt, digest);
 
@@ -427,10 +427,10 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data,
     return CURLE_OUT_OF_MEMORY;
   }
 
-  Curl_MD5_update(ctxt, (const unsigned char *) method,
+  Curl_MD5_update(ctxt, (const unsigned char *)method,
                   curlx_uztoui(strlen(method)));
-  Curl_MD5_update(ctxt, (const unsigned char *) ":", 1);
-  Curl_MD5_update(ctxt, (const unsigned char *) spn,
+  Curl_MD5_update(ctxt, (const unsigned char *)":", 1);
+  Curl_MD5_update(ctxt, (const unsigned char *)spn,
                   curlx_uztoui(strlen(spn)));
   Curl_MD5_final(ctxt, digest);
 
@@ -445,23 +445,23 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data,
     return CURLE_OUT_OF_MEMORY;
   }
 
-  Curl_MD5_update(ctxt, (const unsigned char *) HA1_hex, 2 * MD5_DIGEST_LEN);
-  Curl_MD5_update(ctxt, (const unsigned char *) ":", 1);
-  Curl_MD5_update(ctxt, (const unsigned char *) nonce,
+  Curl_MD5_update(ctxt, (const unsigned char *)HA1_hex, 2 * MD5_DIGEST_LEN);
+  Curl_MD5_update(ctxt, (const unsigned char *)":", 1);
+  Curl_MD5_update(ctxt, (const unsigned char *)nonce,
                   curlx_uztoui(strlen(nonce)));
-  Curl_MD5_update(ctxt, (const unsigned char *) ":", 1);
+  Curl_MD5_update(ctxt, (const unsigned char *)":", 1);
 
-  Curl_MD5_update(ctxt, (const unsigned char *) nonceCount,
+  Curl_MD5_update(ctxt, (const unsigned char *)nonceCount,
                   curlx_uztoui(strlen(nonceCount)));
-  Curl_MD5_update(ctxt, (const unsigned char *) ":", 1);
-  Curl_MD5_update(ctxt, (const unsigned char *) cnonce,
+  Curl_MD5_update(ctxt, (const unsigned char *)":", 1);
+  Curl_MD5_update(ctxt, (const unsigned char *)cnonce,
                   curlx_uztoui(strlen(cnonce)));
-  Curl_MD5_update(ctxt, (const unsigned char *) ":", 1);
-  Curl_MD5_update(ctxt, (const unsigned char *) qop,
+  Curl_MD5_update(ctxt, (const unsigned char *)":", 1);
+  Curl_MD5_update(ctxt, (const unsigned char *)qop,
                   curlx_uztoui(strlen(qop)));
-  Curl_MD5_update(ctxt, (const unsigned char *) ":", 1);
+  Curl_MD5_update(ctxt, (const unsigned char *)":", 1);
 
-  Curl_MD5_update(ctxt, (const unsigned char *) HA2_hex, 2 * MD5_DIGEST_LEN);
+  Curl_MD5_update(ctxt, (const unsigned char *)HA2_hex, 2 * MD5_DIGEST_LEN);
   Curl_MD5_final(ctxt, digest);
 
   for(i = 0; i < MD5_DIGEST_LEN; i++)
@@ -553,7 +553,7 @@ CURLcode Curl_auth_decode_digest_http_message(const char *chlg,
           if(curlx_str_casecompare(&out, DIGEST_QOP_VALUE_STRING_AUTH))
             foundAuth = TRUE;
           else if(curlx_str_casecompare(&out,
-                                       DIGEST_QOP_VALUE_STRING_AUTH_INT))
+                                        DIGEST_QOP_VALUE_STRING_AUTH_INT))
             foundAuthInt = TRUE;
           if(curlx_str_single(&token, ','))
             break;
@@ -720,7 +720,7 @@ static CURLcode auth_create_digest_http_message(
     if(!hashthis)
       return CURLE_OUT_OF_MEMORY;
 
-    result = hash(hashbuf, (unsigned char *) hashthis, strlen(hashthis));
+    result = hash(hashbuf, (unsigned char *)hashthis, strlen(hashthis));
     curlx_free(hashthis);
     if(result)
       return result;
@@ -743,7 +743,7 @@ static CURLcode auth_create_digest_http_message(
   if(!hashthis)
     return CURLE_OUT_OF_MEMORY;
 
-  result = hash(hashbuf, (unsigned char *) hashthis, strlen(hashthis));
+  result = hash(hashbuf, (unsigned char *)hashthis, strlen(hashthis));
   curlx_free(hashthis);
   if(result)
     return result;
@@ -755,7 +755,7 @@ static CURLcode auth_create_digest_http_message(
     if(!tmp)
       return CURLE_OUT_OF_MEMORY;
 
-    result = hash(hashbuf, (unsigned char *) tmp, strlen(tmp));
+    result = hash(hashbuf, (unsigned char *)tmp, strlen(tmp));
     curlx_free(tmp);
     if(result)
       return result;
@@ -799,7 +799,7 @@ static CURLcode auth_create_digest_http_message(
   if(!hashthis)
     return CURLE_OUT_OF_MEMORY;
 
-  result = hash(hashbuf, (unsigned char *) hashthis, strlen(hashthis));
+  result = hash(hashbuf, (unsigned char *)hashthis, strlen(hashthis));
   curlx_free(hashthis);
   if(result)
     return result;
@@ -816,7 +816,7 @@ static CURLcode auth_create_digest_http_message(
   if(!hashthis)
     return CURLE_OUT_OF_MEMORY;
 
-  result = hash(hashbuf, (unsigned char *) hashthis, strlen(hashthis));
+  result = hash(hashbuf, (unsigned char *)hashthis, strlen(hashthis));
   curlx_free(hashthis);
   if(result)
     return result;
@@ -1015,9 +1015,9 @@ void Curl_auth_digest_cleanup(struct digestdata *digest)
 
   digest->nc = 0;
   digest->algo = ALGO_MD5; /* default algorithm */
-  digest->stale = FALSE; /* default means normal, not stale */
+  digest->stale = FALSE;   /* default means normal, not stale */
   digest->userhash = FALSE;
 }
-#endif  /* !USE_WINDOWS_SSPI */
+#endif /* !USE_WINDOWS_SSPI */
 
-#endif  /* !CURL_DISABLE_DIGEST_AUTH */
+#endif /* !CURL_DISABLE_DIGEST_AUTH */
diff --git a/lib/vauth/digest_sspi.c b/lib/vauth/digest_sspi.c
index ea6a66af9f..550810acda 100644
--- a/lib/vauth/digest_sspi.c
+++ b/lib/vauth/digest_sspi.c
@@ -42,14 +42,14 @@
 #include "../strerror.h"
 
 /*
-* Curl_auth_is_digest_supported()
-*
-* This is used to evaluate if DIGEST is supported.
-*
-* Parameters: None
-*
-* Returns TRUE if DIGEST is supported by Windows SSPI.
-*/
+ * Curl_auth_is_digest_supported()
+ *
+ * This is used to evaluate if DIGEST is supported.
+ *
+ * Parameters: None
+ *
+ * Returns TRUE if DIGEST is supported by Windows SSPI.
+ */
 bool Curl_auth_is_digest_supported(void)
 {
   PSecPkgInfo SecurityPackage;
diff --git a/lib/vauth/gsasl.c b/lib/vauth/gsasl.c
index debeda0604..8330a4bd71 100644
--- a/lib/vauth/gsasl.c
+++ b/lib/vauth/gsasl.c
@@ -100,7 +100,7 @@ CURLcode Curl_auth_gsasl_token(struct Curl_easy *data,
   size_t outlen;
 
   res = gsasl_step(gsasl->client,
-                   (const char *) Curl_bufref_ptr(chlg), Curl_bufref_len(chlg),
+                   (const char *)Curl_bufref_ptr(chlg), Curl_bufref_len(chlg),
                    &response, &outlen);
   if(res != GSASL_OK && res != GSASL_NEEDS_MORE) {
     failf(data, "GSASL step: %s", gsasl_strerror(res));
diff --git a/lib/vauth/krb5_gssapi.c b/lib/vauth/krb5_gssapi.c
index 9ea36171fa..1590949d68 100644
--- a/lib/vauth/krb5_gssapi.c
+++ b/lib/vauth/krb5_gssapi.c
@@ -159,7 +159,7 @@ CURLcode Curl_auth_create_gssapi_user_message(struct Curl_easy *data,
     gss_release_buffer(&unused_status, &output_token);
   }
   else
-    Curl_bufref_set(out, mutual_auth ? "": NULL, 0, NULL);
+    Curl_bufref_set(out, mutual_auth ? "" : NULL, 0, NULL);
 
   return result;
 }
diff --git a/lib/vauth/krb5_sspi.c b/lib/vauth/krb5_sspi.c
index 10fbac7644..2f82345b98 100644
--- a/lib/vauth/krb5_sspi.c
+++ b/lib/vauth/krb5_sspi.c
@@ -278,8 +278,7 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data,
 
   /* Get our response size information */
   status = Curl_pSecFn->QueryContextAttributes(krb5->context,
-                                               SECPKG_ATTR_SIZES,
-                                               &sizes);
+                                               SECPKG_ATTR_SIZES, &sizes);
 
   if(status == SEC_E_INSUFFICIENT_MEMORY)
     return CURLE_OUT_OF_MEMORY;
diff --git a/lib/vauth/ntlm.c b/lib/vauth/ntlm.c
index a757d1c8f9..e5eb1de5ef 100644
--- a/lib/vauth/ntlm.c
+++ b/lib/vauth/ntlm.c
@@ -48,7 +48,6 @@
 #include "vauth.h"
 #include "../curl_endian.h"
 
-
 /* NTLM buffer fixed size, large enough for long user + host + domain */
 #define NTLM_BUFSIZE 1024
 
@@ -158,7 +157,7 @@
 #define NTLMSSP_SIGNATURE "\x4e\x54\x4c\x4d\x53\x53\x50"
 
 #if DEBUG_ME
-# define DEBUG_OUT(x) x
+#define DEBUG_OUT(x) x
 static void ntlm_print_flags(FILE *handle, unsigned long flags)
 {
   if(flags & NTLMFLAG_NEGOTIATE_UNICODE)
@@ -236,7 +235,7 @@ static void ntlm_print_hex(FILE *handle, const char *buf, size_t len)
     curl_mfprintf(stderr, "%02.2x", (unsigned int)*p++);
 }
 #else
-# define DEBUG_OUT(x) Curl_nop_stmt
+#define DEBUG_OUT(x) Curl_nop_stmt
 #endif
 
 /*
diff --git a/lib/vauth/ntlm_sspi.c b/lib/vauth/ntlm_sspi.c
index d976bc5d21..bab319671c 100644
--- a/lib/vauth/ntlm_sspi.c
+++ b/lib/vauth/ntlm_sspi.c
@@ -221,7 +221,6 @@ CURLcode Curl_auth_decode_ntlm_type2_message(struct Curl_easy *data,
 }
 
 /*
-* Curl_auth_create_ntlm_type3_message()
  * Curl_auth_create_ntlm_type3_message()
  *
  * This is used to generate an already encoded NTLM type-3 message ready for
@@ -267,12 +266,12 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data,
 
 #ifdef SECPKG_ATTR_ENDPOINT_BINDINGS
   /* ssl context comes from schannel.
-  * When extended protection is used in IIS server,
-  * we have to pass a second SecBuffer to the SecBufferDesc
-  * otherwise IIS will not pass the authentication (401 response).
-  * Minimum supported version is Windows 7.
-  * https://learn.microsoft.com/security-updates/SecurityAdvisories/2009/973811
-  */
+   * When extended protection is used in IIS server,
+   * we have to pass a second SecBuffer to the SecBufferDesc
+   * otherwise IIS will not pass the authentication (401 response).
+   * Minimum supported version is Windows 7.
+   * https://learn.microsoft.com/security-updates/SecurityAdvisories/2009/973811
+   */
   if(ntlm->sslContext) {
     SEC_CHANNEL_BINDINGS channelBindings;
     SecPkgContext_Bindings pkgBindings;
diff --git a/lib/vauth/oauth2.c b/lib/vauth/oauth2.c
index 0bb7a9d6bd..3b4d4164f0 100644
--- a/lib/vauth/oauth2.c
+++ b/lib/vauth/oauth2.c
@@ -27,7 +27,7 @@
 #include "../curl_setup.h"
 
 #if !defined(CURL_DISABLE_IMAP) || !defined(CURL_DISABLE_SMTP) || \
-  !defined(CURL_DISABLE_POP3) || \
+  !defined(CURL_DISABLE_POP3) ||                                  \
   (!defined(CURL_DISABLE_LDAP) && defined(USE_OPENLDAP))
 
 #include 
diff --git a/lib/vauth/spnego_sspi.c b/lib/vauth/spnego_sspi.c
index 90e622da3d..2b0504f630 100644
--- a/lib/vauth/spnego_sspi.c
+++ b/lib/vauth/spnego_sspi.c
@@ -139,7 +139,7 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
     nego->output_token = curlx_malloc(nego->token_max);
     if(!nego->output_token)
       return CURLE_OUT_OF_MEMORY;
- }
+  }
 
   if(!nego->credentials) {
     /* Do we have credentials to use or are we using single sign-on? */
@@ -200,12 +200,12 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
 
 #ifdef SECPKG_ATTR_ENDPOINT_BINDINGS
     /* ssl context comes from Schannel.
-    * When extended protection is used in IIS server,
-    * we have to pass a second SecBuffer to the SecBufferDesc
-    * otherwise IIS will not pass the authentication (401 response).
-    * Minimum supported version is Windows 7.
-    * https://learn.microsoft.com/security-updates/SecurityAdvisories/2009/973811
-    */
+     * When extended protection is used in IIS server,
+     * we have to pass a second SecBuffer to the SecBufferDesc
+     * otherwise IIS will not pass the authentication (401 response).
+     * Minimum supported version is Windows 7.
+     * https://learn.microsoft.com/security-updates/SecurityAdvisories/2009/973811
+     */
     if(nego->sslContext) {
       SEC_CHANNEL_BINDINGS channelBindings;
       SecPkgContext_Bindings pkgBindings;
diff --git a/lib/vauth/vauth.c b/lib/vauth/vauth.c
index 6626ace8bc..4ca6cef7c8 100644
--- a/lib/vauth/vauth.c
+++ b/lib/vauth/vauth.c
@@ -171,13 +171,11 @@ static void ntlm_conn_dtor(void *key, size_t klen, void *entry)
 
 struct ntlmdata *Curl_auth_ntlm_get(struct connectdata *conn, bool proxy)
 {
-  const char *key = proxy ? CURL_META_NTLM_PROXY_CONN :
-                    CURL_META_NTLM_CONN;
+  const char *key = proxy ? CURL_META_NTLM_PROXY_CONN : CURL_META_NTLM_CONN;
   struct ntlmdata *ntlm = Curl_conn_meta_get(conn, key);
   if(!ntlm) {
     ntlm = curlx_calloc(1, sizeof(*ntlm));
-    if(!ntlm ||
-       Curl_conn_meta_set(conn, key, ntlm, ntlm_conn_dtor))
+    if(!ntlm || Curl_conn_meta_set(conn, key, ntlm, ntlm_conn_dtor))
       return NULL;
   }
   return ntlm;
@@ -185,8 +183,8 @@ struct ntlmdata *Curl_auth_ntlm_get(struct connectdata *conn, bool proxy)
 
 void Curl_auth_ntlm_remove(struct connectdata *conn, bool proxy)
 {
-  Curl_conn_meta_remove(conn, proxy ?
-    CURL_META_NTLM_PROXY_CONN : CURL_META_NTLM_CONN);
+  Curl_conn_meta_remove(conn, proxy ? CURL_META_NTLM_PROXY_CONN
+                                    : CURL_META_NTLM_CONN);
 }
 
 #endif /* USE_NTLM */
@@ -257,13 +255,11 @@ static void nego_conn_dtor(void *key, size_t klen, void *entry)
 
 struct negotiatedata *Curl_auth_nego_get(struct connectdata *conn, bool proxy)
 {
-  const char *key = proxy ? CURL_META_NEGO_PROXY_CONN :
-                    CURL_META_NEGO_CONN;
+  const char *key = proxy ? CURL_META_NEGO_PROXY_CONN : CURL_META_NEGO_CONN;
   struct negotiatedata *nego = Curl_conn_meta_get(conn, key);
   if(!nego) {
     nego = curlx_calloc(1, sizeof(*nego));
-    if(!nego ||
-       Curl_conn_meta_set(conn, key, nego, nego_conn_dtor))
+    if(!nego || Curl_conn_meta_set(conn, key, nego, nego_conn_dtor))
       return NULL;
   }
   return nego;
diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c
index 62255285b6..09b30229f0 100644
--- a/lib/vquic/curl_ngtcp2.c
+++ b/lib/vquic/curl_ngtcp2.c
@@ -72,14 +72,14 @@
 #include "../curlx/warnless.h"
 
 
-#define QUIC_MAX_STREAMS (256*1024)
-#define QUIC_HANDSHAKE_TIMEOUT (10*NGTCP2_SECONDS)
+#define QUIC_MAX_STREAMS (256 * 1024)
+#define QUIC_HANDSHAKE_TIMEOUT (10 * NGTCP2_SECONDS)
 
 /* A stream window is the maximum amount we need to buffer for
  * each active transfer.
  * Chunk size is large enough to take a full DATA frame */
 #define H3_STREAM_WINDOW_SIZE (64 * 1024)
-#define H3_STREAM_CHUNK_SIZE   (16 * 1024)
+#define H3_STREAM_CHUNK_SIZE  (16 * 1024)
 #if H3_STREAM_CHUNK_SIZE < NGTCP2_MAX_UDP_PAYLOAD_SIZE
 #error H3_STREAM_CHUNK_SIZE smaller than NGTCP2_MAX_UDP_PAYLOAD_SIZE
 #endif
@@ -150,8 +150,7 @@ struct cf_ngtcp2_ctx {
 
 /* How to access `call_data` from a cf_ngtcp2 filter */
 #undef CF_CTX_CALL_DATA
-#define CF_CTX_CALL_DATA(cf)  \
-  ((struct cf_ngtcp2_ctx *)(cf)->ctx)->call_data
+#define CF_CTX_CALL_DATA(cf) ((struct cf_ngtcp2_ctx *)(cf)->ctx)->call_data
 
 static void h3_stream_hash_free(unsigned int id, void *stream);
 
@@ -187,14 +186,14 @@ static void cf_ngtcp2_setup_keep_alive(struct Curl_cfilter *cf,
   struct cf_ngtcp2_ctx *ctx = cf->ctx;
   const ngtcp2_transport_params *rp;
   /* Peer should have sent us its transport parameters. If it
-  * announces a positive `max_idle_timeout` it will close the
-  * connection when it does not hear from us for that time.
-  *
-  * Some servers use this as a keep-alive timer at a rather low
-  * value. We are doing HTTP/3 here and waiting for the response
-  * to a request may take a considerable amount of time. We need
-  * to prevent the peer's QUIC stack from closing in this case.
-  */
+   * announces a positive `max_idle_timeout` it will close the
+   * connection when it does not hear from us for that time.
+   *
+   * Some servers use this as a keep-alive timer at a rather low
+   * value. We are doing HTTP/3 here and waiting for the response
+   * to a request may take a considerable amount of time. We need
+   * to prevent the peer's QUIC stack from closing in this case.
+   */
   if(!ctx->qconn)
     return;
 
@@ -218,7 +217,6 @@ static void cf_ngtcp2_setup_keep_alive(struct Curl_cfilter *cf,
   }
 }
 
-
 struct pkt_io_ctx;
 static CURLcode cf_progress_ingress(struct Curl_cfilter *cf,
                                     struct Curl_easy *data,
@@ -231,20 +229,20 @@ static CURLcode cf_progress_egress(struct Curl_cfilter *cf,
  * All about the H3 internals of a stream
  */
 struct h3_stream_ctx {
-  int64_t id; /* HTTP/3 protocol identifier */
-  struct bufq sendbuf;   /* h3 request body */
-  struct h1_req_parser h1; /* h1 request parsing */
+  int64_t id;                   /* HTTP/3 protocol identifier */
+  struct bufq sendbuf;          /* h3 request body */
+  struct h1_req_parser h1;      /* h1 request parsing */
   size_t sendbuf_len_in_flight; /* sendbuf amount "in flight" */
-  uint64_t error3; /* HTTP/3 stream error code */
-  curl_off_t upload_left; /* number of request bytes left to upload */
-  uint64_t download_unacked; /* bytes not acknowledged yet */
-  int status_code; /* HTTP status code */
-  CURLcode xfer_result; /* result from xfer_resp_write(_hd) */
-  BIT(resp_hds_complete); /* we have a complete, final response */
-  BIT(closed); /* TRUE on stream close */
-  BIT(reset);  /* TRUE on stream reset */
-  BIT(send_closed); /* stream is local closed */
-  BIT(quic_flow_blocked); /* stream is blocked by QUIC flow control */
+  uint64_t error3;              /* HTTP/3 stream error code */
+  curl_off_t upload_left;       /* number of request bytes left to upload */
+  uint64_t download_unacked;    /* bytes not acknowledged yet */
+  int status_code;              /* HTTP status code */
+  CURLcode xfer_result;         /* result from xfer_resp_write(_hd) */
+  BIT(resp_hds_complete);       /* we have a complete, final response */
+  BIT(closed);                  /* TRUE on stream close */
+  BIT(reset);                   /* TRUE on stream reset */
+  BIT(send_closed);             /* stream is local closed */
+  BIT(quic_flow_blocked);       /* stream is blocked by QUIC flow control */
 };
 
 static void h3_stream_ctx_free(struct h3_stream_ctx *stream)
@@ -315,8 +313,8 @@ static bool cf_ngtcp2_sfind(uint32_t mid, void *value, void *user_data)
   return TRUE; /* continue */
 }
 
-static struct h3_stream_ctx *
-cf_ngtcp2_get_stream(struct cf_ngtcp2_ctx *ctx, int64_t stream_id)
+static struct h3_stream_ctx *cf_ngtcp2_get_stream(struct cf_ngtcp2_ctx *ctx,
+                                                  int64_t stream_id)
 {
   struct cf_ngtcp2_sfind_ctx fctx;
   fctx.stream_id = stream_id;
@@ -367,8 +365,7 @@ static void h3_data_done(struct Curl_cfilter *cf, struct Curl_easy *data)
   struct h3_stream_ctx *stream = H3_STREAM_CTX(ctx, data);
   (void)cf;
   if(stream) {
-    CURL_TRC_CF(data, cf, "[%" PRId64 "] easy handle is done",
-                stream->id);
+    CURL_TRC_CF(data, cf, "[%" PRId64 "] easy handle is done", stream->id);
     cf_ngtcp2_stream_close(cf, data, stream);
     Curl_uint32_hash_remove(&ctx->streams, data->mid);
     if(!Curl_uint32_hash_count(&ctx->streams))
@@ -640,10 +637,9 @@ static int cb_recv_stream_data(ngtcp2_conn *tconn, uint32_t flags,
   return 0;
 }
 
-static int
-cb_acked_stream_data_offset(ngtcp2_conn *tconn, int64_t stream_id,
-                            uint64_t offset, uint64_t datalen, void *user_data,
-                            void *stream_user_data)
+static int cb_acked_stream_data_offset(ngtcp2_conn *tconn, int64_t stream_id,
+                                       uint64_t offset, uint64_t datalen,
+                                       void *user_data, void *stream_user_data)
 {
   struct Curl_cfilter *cf = user_data;
   struct cf_ngtcp2_ctx *ctx = cf->ctx;
@@ -830,8 +826,8 @@ static int cb_recv_rx_key(ngtcp2_conn *tconn, ngtcp2_encryption_level level,
 }
 
 #if defined(_MSC_VER) && defined(_DLL)
-#  pragma warning(push)
-#  pragma warning(disable:4232) /* MSVC extension, dllimport identity */
+#pragma warning(push)
+#pragma warning(disable:4232) /* MSVC extension, dllimport identity */
 #endif
 
 static ngtcp2_callbacks ng_callbacks = {
@@ -881,7 +877,7 @@ static ngtcp2_callbacks ng_callbacks = {
 };
 
 #if defined(_MSC_VER) && defined(_DLL)
-#  pragma warning(pop)
+#pragma warning(pop)
 #endif
 
 /**
@@ -1337,9 +1333,9 @@ static CURLcode init_ngh3_conn(struct Curl_cfilter *cf,
 }
 
 static CURLcode recv_closed_stream(struct Curl_cfilter *cf,
-                                  struct Curl_easy *data,
-                                  struct h3_stream_ctx *stream,
-                                  size_t *pnread)
+                                   struct Curl_easy *data,
+                                   struct h3_stream_ctx *stream,
+                                   size_t *pnread)
 {
   (void)cf;
   *pnread = 0;
@@ -1452,11 +1448,10 @@ static int cb_h3_acked_req_body(nghttp3_conn *conn, int64_t stream_id,
   return 0;
 }
 
-static nghttp3_ssize
-cb_h3_read_req_body(nghttp3_conn *conn, int64_t stream_id,
-                    nghttp3_vec *vec, size_t veccnt,
-                    uint32_t *pflags, void *user_data,
-                    void *stream_user_data)
+static nghttp3_ssize cb_h3_read_req_body(nghttp3_conn *conn, int64_t stream_id,
+                                         nghttp3_vec *vec, size_t veccnt,
+                                         uint32_t *pflags, void *user_data,
+                                         void *stream_user_data)
 {
   struct Curl_cfilter *cf = user_data;
   struct cf_ngtcp2_ctx *ctx = cf->ctx;
@@ -1504,8 +1499,7 @@ cb_h3_read_req_body(nghttp3_conn *conn, int64_t stream_id,
   }
   else if(!nwritten) {
     /* Not EOF, and nothing to give, we signal WOULDBLOCK. */
-    CURL_TRC_CF(data, cf, "[%" PRId64 "] read req body -> AGAIN",
-                stream->id);
+    CURL_TRC_CF(data, cf, "[%" PRId64 "] read req body -> AGAIN", stream->id);
     return NGHTTP3_ERR_WOULDBLOCK;
   }
 
@@ -1961,7 +1955,7 @@ static CURLcode cf_progress_egress(struct Curl_cfilter *cf,
    */
   max_payload_size = ngtcp2_conn_get_max_tx_udp_payload_size(ctx->qconn);
   path_max_payload_size =
-      ngtcp2_conn_get_path_max_tx_udp_payload_size(ctx->qconn);
+    ngtcp2_conn_get_path_max_tx_udp_payload_size(ctx->qconn);
   send_quantum = ngtcp2_conn_get_send_quantum(ctx->qconn);
   CURL_TRC_CF(data, cf, "egress, collect and send packets, quantum=%zu",
               send_quantum);
@@ -1977,7 +1971,7 @@ static CURLcode cf_progress_egress(struct Curl_cfilter *cf,
       size_t buflen = Curl_bufq_len(&ctx->q.sendbuf);
       if((buflen >= send_quantum) ||
          ((buflen + gsolen) >= ctx->q.sendbuf.chunk_size))
-         break;
+        break;
       DEBUGASSERT(nread > 0);
       ++pktcnt;
       if(pktcnt == 1) {
@@ -2283,16 +2277,26 @@ static int quic_ossl_new_session_cb(SSL *ssl, SSL_SESSION *ssl_sessionid)
 static const char *gtls_hs_msg_name(int mtype)
 {
   switch(mtype) {
-    case 1: return "ClientHello";
-    case 2: return "ServerHello";
-    case 4: return "SessionTicket";
-    case 8: return "EncryptedExtensions";
-    case 11: return "Certificate";
-    case 13: return "CertificateRequest";
-    case 15: return "CertificateVerify";
-    case 20: return "Finished";
-    case 24: return "KeyUpdate";
-    case 254: return "MessageHash";
+  case 1:
+    return "ClientHello";
+  case 2:
+    return "ServerHello";
+  case 4:
+    return "SessionTicket";
+  case 8:
+    return "EncryptedExtensions";
+  case 11:
+    return "Certificate";
+  case 13:
+    return "CertificateRequest";
+  case 15:
+    return "CertificateVerify";
+  case 20:
+    return "Finished";
+  case 24:
+    return "KeyUpdate";
+  case 254:
+    return "MessageHash";
   }
   return "Unknown";
 }
@@ -2458,7 +2462,7 @@ static CURLcode cf_ngtcp2_on_session_reuse(struct Curl_cfilter *cf,
 #endif /* WOLFSSL_EARLY_DATA */
 #endif
 #if defined(USE_GNUTLS) || defined(USE_WOLFSSL) || \
-    (defined(USE_OPENSSL) && defined(HAVE_OPENSSL_EARLYDATA))
+  (defined(USE_OPENSSL) && defined(HAVE_OPENSSL_EARLYDATA))
   if((!ctx->earlydata_max)) {
     CURL_TRC_CF(data, cf, "SSL session does not allow earlydata");
   }
@@ -2668,7 +2672,7 @@ out:
           CURL_TRC_CF(data, cf, "connection refused by server");
           /* When a QUIC server instance is shutting down, it may send us a
            * CONNECTION_CLOSE with this code right away. We want
-            * to keep on trying in this case. */
+           * to keep on trying in this case. */
           result = CURLE_WEIRD_SERVER_REPLY;
         }
       }
diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c
index 7bca97b408..ece4ce6ad5 100644
--- a/lib/vquic/curl_osslq.c
+++ b/lib/vquic/curl_osslq.c
@@ -453,29 +453,29 @@ static CURLcode cf_osslq_h3conn_add_stream(struct cf_osslq_h3conn *h3,
    * BUT OpenSSL does not offer this information to us. So, we silently
    * ignore all such streams we do not expect. */
   switch(stype) {
-    case SSL_STREAM_TYPE_READ: {
-      struct cf_osslq_stream *nstream;
-      if(h3->remote_ctrl_n >= CURL_ARRAYSIZE(h3->remote_ctrl)) {
-        /* rejected, we are full */
-        CURL_TRC_CF(data, cf, "[%" PRId64 "] reject remote uni stream",
-                    stream_id);
-        SSL_free(stream_ssl);
-        return CURLE_OK;
-      }
-      nstream = &h3->remote_ctrl[h3->remote_ctrl_n++];
-      nstream->id = stream_id;
-      nstream->ssl = stream_ssl;
-      Curl_bufq_initp(&nstream->recvbuf, &ctx->stream_bufcp, 1, BUFQ_OPT_NONE);
-      CURL_TRC_CF(data, cf, "[%" PRId64 "] accepted remote uni stream",
+  case SSL_STREAM_TYPE_READ: {
+    struct cf_osslq_stream *nstream;
+    if(h3->remote_ctrl_n >= CURL_ARRAYSIZE(h3->remote_ctrl)) {
+      /* rejected, we are full */
+      CURL_TRC_CF(data, cf, "[%" PRId64 "] reject remote uni stream",
                   stream_id);
-      return CURLE_OK;
-    }
-    default:
-      CURL_TRC_CF(data, cf, "[%" PRId64 "] reject remote %s"
-                  " stream, type=%x", stream_id,
-                  (stype == SSL_STREAM_TYPE_BIDI) ? "bidi" : "write", stype);
       SSL_free(stream_ssl);
       return CURLE_OK;
+    }
+    nstream = &h3->remote_ctrl[h3->remote_ctrl_n++];
+    nstream->id = stream_id;
+    nstream->ssl = stream_ssl;
+    Curl_bufq_initp(&nstream->recvbuf, &ctx->stream_bufcp, 1, BUFQ_OPT_NONE);
+    CURL_TRC_CF(data, cf, "[%" PRId64 "] accepted remote uni stream",
+                stream_id);
+    return CURLE_OK;
+  }
+  default:
+    CURL_TRC_CF(data, cf, "[%" PRId64 "] reject remote %s"
+                " stream, type=%x", stream_id,
+                (stype == SSL_STREAM_TYPE_BIDI) ? "bidi" : "write", stype);
+    SSL_free(stream_ssl);
+    return CURLE_OK;
   }
 }
 
@@ -505,8 +505,7 @@ static CURLcode cf_osslq_ssl_err(struct Curl_cfilter *cf,
     lerr = SSL_get_verify_result(ctx->tls.ossl.ssl);
     if(lerr != X509_V_OK) {
       ssl_config->certverifyresult = lerr;
-      curl_msnprintf(ebuf, sizeof(ebuf),
-                     "SSL certificate problem: %s",
+      curl_msnprintf(ebuf, sizeof(ebuf), "SSL certificate problem: %s",
                      X509_verify_cert_error_string(lerr));
     }
     else
@@ -540,7 +539,7 @@ static CURLcode cf_osslq_ssl_err(struct Curl_cfilter *cf,
    * the SO_ERROR is also lost.
    */
   if(CURLE_SSL_CONNECT_ERROR == result && errdetail == 0) {
-    char extramsg[80]="";
+    char extramsg[80] = "";
     int sockerr = SOCKERRNO;
     struct ip_quadruple ip;
 
@@ -570,20 +569,21 @@ static CURLcode cf_osslq_verify_peer(struct Curl_cfilter *cf,
  */
 struct h3_stream_ctx {
   struct cf_osslq_stream s;
-  struct bufq sendbuf;   /* h3 request body */
-  struct bufq recvbuf;   /* h3 response body */
-  struct h1_req_parser h1; /* h1 request parsing */
+  struct bufq sendbuf;          /* h3 request body */
+  struct bufq recvbuf;          /* h3 response body */
+  struct h1_req_parser h1;      /* h1 request parsing */
   size_t sendbuf_len_in_flight; /* sendbuf amount "in flight" */
-  size_t recv_buf_nonflow; /* buffered bytes, not counting for flow control */
-  uint64_t error3; /* HTTP/3 stream error code */
-  curl_off_t upload_left; /* number of request bytes left to upload */
-  curl_off_t download_recvd; /* number of response DATA bytes received */
-  int status_code; /* HTTP status code */
-  BIT(resp_hds_complete); /* we have a complete, final response */
-  BIT(closed); /* TRUE on stream close */
-  BIT(reset);  /* TRUE on stream reset */
-  BIT(send_closed); /* stream is local closed */
-  BIT(quic_flow_blocked); /* stream is blocked by QUIC flow control */
+  size_t recv_buf_nonflow;      /* buffered bytes,
+                                   not counting for flow control */
+  uint64_t error3;              /* HTTP/3 stream error code */
+  curl_off_t upload_left;       /* number of request bytes left to upload */
+  curl_off_t download_recvd;    /* number of response DATA bytes received */
+  int status_code;              /* HTTP status code */
+  BIT(resp_hds_complete);       /* we have a complete, final response */
+  BIT(closed);                  /* TRUE on stream close */
+  BIT(reset);                   /* TRUE on stream reset */
+  BIT(send_closed);             /* stream is local closed */
+  BIT(quic_flow_blocked);       /* stream is blocked by QUIC flow control */
 };
 
 static void h3_stream_ctx_free(struct h3_stream_ctx *stream)
@@ -645,8 +645,7 @@ static void h3_data_done(struct Curl_cfilter *cf, struct Curl_easy *data)
 
   (void)cf;
   if(stream) {
-    CURL_TRC_CF(data, cf, "[%" PRIu64 "] easy handle is done",
-                stream->s.id);
+    CURL_TRC_CF(data, cf, "[%" PRIu64 "] easy handle is done", stream->s.id);
     if(ctx->h3.conn && (stream->s.id >= 0) && !stream->closed) {
       nghttp3_conn_shutdown_stream_read(ctx->h3.conn, stream->s.id);
       nghttp3_conn_close_stream(ctx->h3.conn, stream->s.id,
@@ -965,11 +964,10 @@ static int cb_h3_reset_stream(nghttp3_conn *conn, int64_t stream_id,
   return 0;
 }
 
-static nghttp3_ssize
-cb_h3_read_req_body(nghttp3_conn *conn, int64_t stream_id,
-                    nghttp3_vec *vec, size_t veccnt,
-                    uint32_t *pflags, void *user_data,
-                    void *stream_user_data)
+static nghttp3_ssize cb_h3_read_req_body(nghttp3_conn *conn, int64_t stream_id,
+                                         nghttp3_vec *vec, size_t veccnt,
+                                         uint32_t *pflags, void *user_data,
+                                         void *stream_user_data)
 {
   struct Curl_cfilter *cf = user_data;
   struct cf_osslq_ctx *ctx = cf->ctx;
@@ -1106,21 +1104,21 @@ static CURLcode cf_osslq_h3conn_init(struct cf_osslq_ctx *ctx, SSL *conn,
   }
 
   result = cf_osslq_stream_open(&h3->s_ctrl, conn,
-                                SSL_STREAM_FLAG_ADVANCE|SSL_STREAM_FLAG_UNI,
+                                SSL_STREAM_FLAG_ADVANCE | SSL_STREAM_FLAG_UNI,
                                 &ctx->stream_bufcp, NULL);
   if(result) {
     result = CURLE_QUIC_CONNECT_ERROR;
     goto out;
   }
   result = cf_osslq_stream_open(&h3->s_qpack_enc, conn,
-                                SSL_STREAM_FLAG_ADVANCE|SSL_STREAM_FLAG_UNI,
+                                SSL_STREAM_FLAG_ADVANCE | SSL_STREAM_FLAG_UNI,
                                 &ctx->stream_bufcp, NULL);
   if(result) {
     result = CURLE_QUIC_CONNECT_ERROR;
     goto out;
   }
   result = cf_osslq_stream_open(&h3->s_qpack_dec, conn,
-                                SSL_STREAM_FLAG_ADVANCE|SSL_STREAM_FLAG_UNI,
+                                SSL_STREAM_FLAG_ADVANCE | SSL_STREAM_FLAG_UNI,
                                 &ctx->stream_bufcp, NULL);
   if(result) {
     result = CURLE_QUIC_CONNECT_ERROR;
@@ -1221,7 +1219,8 @@ static CURLcode cf_osslq_ctx_start(struct Curl_cfilter *cf,
                                  SSL_INCOMING_STREAM_POLICY_ACCEPT, 0);
   /* from our side, there is no idle timeout */
   SSL_set_value_uint(ctx->tls.ossl.ssl,
-    SSL_VALUE_CLASS_FEATURE_REQUEST, SSL_VALUE_QUIC_IDLE_TIMEOUT, 0);
+                     SSL_VALUE_CLASS_FEATURE_REQUEST,
+                     SSL_VALUE_QUIC_IDLE_TIMEOUT, 0);
   /* setup the H3 things on top of the QUIC connection */
   result = cf_osslq_h3conn_init(ctx, ctx->tls.ossl.ssl, cf);
 
@@ -1532,7 +1531,7 @@ static CURLcode cf_osslq_check_and_unblock(struct Curl_cfilter *cf,
     fill_ctx.multi = data->multi;
     fill_ctx.n = 0;
     Curl_uint32_hash_visit(&ctx->streams, cf_osslq_collect_block_send,
-                         &fill_ctx);
+                           &fill_ctx);
     poll_count = fill_ctx.n;
     if(poll_count) {
       CURL_TRC_CF(data, cf, "polling %zu blocked streams", poll_count);
@@ -1541,7 +1540,7 @@ static CURLcode cf_osslq_check_and_unblock(struct Curl_cfilter *cf,
       res = CURLE_UNRECOVERABLE_POLL;
       if(!SSL_poll(ctx->poll_items, poll_count, sizeof(SSL_POLL_ITEM),
                    &timeout, 0, &result_count))
-          goto out;
+        goto out;
 
       res = CURLE_OK;
 
@@ -1617,7 +1616,7 @@ static CURLcode h3_send_streams(struct Curl_cfilter *cf,
       uint64_t flags = (eos && ((i + 1) == n)) ? SSL_WRITE_FLAG_CONCLUDE : 0;
       written = vec[i].len;
       ok = !s->ssl || SSL_write_ex2(s->ssl, vec[i].base, vec[i].len, flags,
-                                   &written);
+                                    &written);
       if(ok && flags & SSL_WRITE_FLAG_CONCLUDE)
         eos_written = TRUE;
       if(ok) {
diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c
index 5aca750c2c..45f606ec61 100644
--- a/lib/vquic/curl_quiche.c
+++ b/lib/vquic/curl_quiche.c
@@ -167,17 +167,17 @@ static CURLcode cf_flush_egress(struct Curl_cfilter *cf,
  * All about the H3 internals of a stream
  */
 struct h3_stream_ctx {
-  uint64_t id; /* HTTP/3 protocol stream identifier */
-  struct bufq recvbuf; /* h3 response */
+  uint64_t id;             /* HTTP/3 protocol stream identifier */
+  struct bufq recvbuf;     /* h3 response */
   struct h1_req_parser h1; /* h1 request parsing */
-  uint64_t error3; /* HTTP/3 stream error code */
-  BIT(opened); /* TRUE after stream has been opened */
-  BIT(closed); /* TRUE on stream close */
-  BIT(reset);  /* TRUE on stream reset */
-  BIT(send_closed); /* stream is locally closed */
+  uint64_t error3;         /* HTTP/3 stream error code */
+  BIT(opened);             /* TRUE after stream has been opened */
+  BIT(closed);             /* TRUE on stream close */
+  BIT(reset);              /* TRUE on stream reset */
+  BIT(send_closed);        /* stream is locally closed */
   BIT(resp_hds_complete);  /* final response has been received */
-  BIT(resp_got_header); /* TRUE when h3 stream has recvd some HEADER */
-  BIT(quic_flow_blocked); /* stream is blocked by QUIC flow control */
+  BIT(resp_got_header);    /* TRUE when h3 stream has recvd some HEADER */
+  BIT(quic_flow_blocked);  /* stream is blocked by QUIC flow control */
 };
 
 static void h3_stream_ctx_free(struct h3_stream_ctx *stream)
@@ -318,7 +318,7 @@ static void cf_quiche_expire_conn_closed(struct Curl_cfilter *cf,
 
 /*
  * write_resp_raw() copies response data in raw format to the `data`'s
-  * receive buffer. If not enough space is available, it appends to the
+ * receive buffer. If not enough space is available, it appends to the
  * `data`'s overflow buffer.
  */
 static CURLcode write_resp_raw(struct Curl_cfilter *cf,
@@ -813,7 +813,7 @@ out:
   timeout_ns = quiche_conn_timeout_as_nanos(ctx->qconn);
   if(timeout_ns % 1000000)
     timeout_ns += 1000000;
-    /* expire resolution is milliseconds */
+  /* expire resolution is milliseconds */
   Curl_expire(data, (timeout_ns / 1000000), EXPIRE_QUIC);
   return result;
 }
@@ -977,9 +977,9 @@ static CURLcode h3_open_stream(struct Curl_cfilter *cf,
   DEBUGASSERT(stream);
 
   result = Curl_h1_req_parse_read(&stream->h1, buf, blen, NULL,
-                                    !data->state.http_ignorecustom ?
-                                    data->set.str[STRING_CUSTOMREQUEST] : NULL,
-                                    0, pnwritten);
+                                  !data->state.http_ignorecustom ?
+                                  data->set.str[STRING_CUSTOMREQUEST] : NULL,
+                                  0, pnwritten);
   if(result)
     goto out;
   if(!stream->h1.done) {
@@ -1313,8 +1313,7 @@ static CURLcode cf_quiche_ctx_open(struct Curl_cfilter *cf,
     int qfd;
     (void)Curl_qlogdir(data, ctx->scid, sizeof(ctx->scid), &qfd);
     if(qfd != -1)
-      quiche_conn_set_qlog_fd(ctx->qconn, qfd,
-                              "qlog title", "curl qlog");
+      quiche_conn_set_qlog_fd(ctx->qconn, qfd, "qlog title", "curl qlog");
   }
 #endif
 
diff --git a/lib/vquic/vquic-tls.c b/lib/vquic/vquic-tls.c
index 7a3c99b584..99b19b3691 100644
--- a/lib/vquic/vquic-tls.c
+++ b/lib/vquic/vquic-tls.c
@@ -143,7 +143,9 @@ CURLcode Curl_vquic_tls_before_recv(struct curl_tls_ctx *ctx,
       return result;
   }
 #else
-  (void)ctx; (void)cf; (void)data;
+  (void)ctx;
+  (void)cf;
+  (void)data;
 #endif
   return CURLE_OK;
 }
@@ -172,7 +174,7 @@ CURLcode Curl_vquic_tls_verify_peer(struct curl_tls_ctx *ctx,
 #elif defined(USE_WOLFSSL)
   (void)data;
   if(conn_config->verifyhost) {
-    WOLFSSL_X509* cert = wolfSSL_get_peer_certificate(ctx->wssl.ssl);
+    WOLFSSL_X509 *cert = wolfSSL_get_peer_certificate(ctx->wssl.ssl);
     if(!cert)
       result = CURLE_OUT_OF_MEMORY;
     else if(peer->sni &&
@@ -194,7 +196,6 @@ CURLcode Curl_vquic_tls_verify_peer(struct curl_tls_ctx *ctx,
   return result;
 }
 
-
 bool Curl_vquic_tls_get_ssl_info(struct curl_tls_ctx *ctx,
                                  bool give_ssl_ctx,
                                  struct curl_tlssessioninfo *info)
diff --git a/lib/vquic/vquic-tls.h b/lib/vquic/vquic-tls.h
index c694e23e4e..7bddb42c99 100644
--- a/lib/vquic/vquic-tls.h
+++ b/lib/vquic/vquic-tls.h
@@ -69,14 +69,14 @@ typedef CURLcode Curl_vquic_session_reuse_cb(struct Curl_cfilter *cf,
 /**
  * Initialize the QUIC TLS instances based of the SSL configurations
  * for the connection filter, transfer and peer.
- * @param ctx         the TLS context to initialize
- * @param cf          the connection filter involved
- * @param data        the transfer involved
- * @param peer        the peer that will be connected to
- * @param alpns       the ALPN specifications to negotiate, may be NULL
- * @param cb_setup    optional callback for early TLS config
- * @param cb_user_data user_data param for callback
- * @param ssl_user_data  optional pointer to set in TLS application context
+ * @param ctx              the TLS context to initialize
+ * @param cf               the connection filter involved
+ * @param data             the transfer involved
+ * @param peer             the peer that will be connected to
+ * @param alpns            the ALPN specifications to negotiate, may be NULL
+ * @param cb_setup         optional callback for early TLS config
+ * @param cb_user_data     user_data param for callback
+ * @param ssl_user_data    optional pointer to set in TLS application context
  * @param session_reuse_cb callback to handle session reuse, signal early data
  */
 CURLcode Curl_vquic_tls_init(struct curl_tls_ctx *ctx,
diff --git a/lib/vquic/vquic.c b/lib/vquic/vquic.c
index c1267cef9e..a4dea8a77c 100644
--- a/lib/vquic/vquic.c
+++ b/lib/vquic/vquic.c
@@ -266,7 +266,7 @@ static CURLcode vquic_send_packets(struct Curl_cfilter *cf,
     unsigned char c;
     *psent = 0;
     Curl_rand(data, &c, 1);
-    if(c >= ((100-qctx->wblock_percent)*256/100)) {
+    if(c >= ((100 - qctx->wblock_percent) * 256 / 100)) {
       CURL_TRC_CF(data, cf, "vquic_flush() simulate EWOULDBLOCK");
       return CURLE_AGAIN;
     }
@@ -334,8 +334,7 @@ CURLcode vquic_send_tail_split(struct Curl_cfilter *cf, struct Curl_easy *data,
   qctx->split_gsolen = gsolen;
   qctx->gsolen = tail_gsolen;
   CURL_TRC_CF(data, cf, "vquic_send_tail_split: [%zu gso=%zu][%zu gso=%zu]",
-              qctx->split_len, qctx->split_gsolen,
-              tail_len, qctx->gsolen);
+              qctx->split_len, qctx->split_gsolen, tail_len, qctx->gsolen);
   return vquic_flush(cf, data, qctx);
 }
 
@@ -476,7 +475,7 @@ static CURLcode recvmsg_packets(struct Curl_cfilter *cf,
 {
   struct iovec msg_iov;
   struct msghdr msg;
-  uint8_t buf[64*1024];
+  uint8_t buf[64 * 1024];
   struct sockaddr_storage remote_addr;
   size_t total_nread, pkts, calls;
   ssize_t rc;
@@ -551,7 +550,7 @@ static CURLcode recvfrom_packets(struct Curl_cfilter *cf,
                                  size_t max_pkts,
                                  vquic_recv_pkts_cb *recv_cb, void *userp)
 {
-  uint8_t buf[64*1024];
+  uint8_t buf[64 * 1024];
   int bufsize = (int)sizeof(buf);
   struct sockaddr_storage remote_addr;
   socklen_t remote_addrlen = sizeof(remote_addr);
diff --git a/lib/vquic/vquic_int.h b/lib/vquic/vquic_int.h
index ef92ab21b7..b4f2fd8116 100644
--- a/lib/vquic/vquic_int.h
+++ b/lib/vquic/vquic_int.h
@@ -33,25 +33,25 @@
 #define MAX_UDP_PAYLOAD_SIZE  1452
 
 struct cf_quic_ctx {
-  curl_socket_t sockfd; /* connected UDP socket */
+  curl_socket_t sockfd;               /* connected UDP socket */
   struct sockaddr_storage local_addr; /* address socket is bound to */
-  socklen_t local_addrlen; /* length of local address */
+  socklen_t local_addrlen;            /* length of local address */
 
-  struct bufq sendbuf; /* buffer for sending one or more packets */
-  struct curltime first_byte_at;     /* when first byte was recvd */
-  struct curltime last_op; /* last (attempted) send/recv operation */
-  struct curltime last_io; /* last successful socket IO */
-  size_t gsolen; /* length of individual packets in send buf */
-  size_t split_len; /* if != 0, buffer length after which GSO differs */
+  struct bufq sendbuf;           /* buffer for sending one or more packets */
+  struct curltime first_byte_at; /* when first byte was recvd */
+  struct curltime last_op;       /* last (attempted) send/recv operation */
+  struct curltime last_io;       /* last successful socket IO */
+  size_t gsolen;                 /* length of individual packets in send buf */
+  size_t split_len;    /* if != 0, buffer length after which GSO differs */
   size_t split_gsolen; /* length of individual packets after split_len */
 #ifdef DEBUGBUILD
-  int wblock_percent; /* percent of writes doing EAGAIN */
+  int wblock_percent;  /* percent of writes doing EAGAIN */
 #endif
   BIT(got_first_byte); /* if first byte was received */
-  BIT(no_gso); /* do not use gso on sending */
+  BIT(no_gso);         /* do not use gso on sending */
 };
 
-#define H3_STREAM_CTX(ctx,data)                                         \
+#define H3_STREAM_CTX(ctx, data)                                        \
   (data ? Curl_uint32_hash_get(&(ctx)->streams, (data)->mid) : NULL)
 
 CURLcode vquic_ctx_init(struct cf_quic_ctx *qctx);
@@ -77,7 +77,6 @@ CURLcode vquic_send_tail_split(struct Curl_cfilter *cf, struct Curl_easy *data,
 CURLcode vquic_flush(struct Curl_cfilter *cf, struct Curl_easy *data,
                      struct cf_quic_ctx *qctx);
 
-
 typedef CURLcode vquic_recv_pkts_cb(const unsigned char *buf, size_t buflen,
                                     size_t gso_size,
                                     struct sockaddr_storage *remote_addr,
diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c
index db80bcbf8c..cd3a7d6622 100644
--- a/lib/vssh/libssh.c
+++ b/lib/vssh/libssh.c
@@ -74,12 +74,12 @@
 
 /* A recent macro provided by libssh. Or make our own. */
 #ifndef SSH_STRING_FREE_CHAR
-#define SSH_STRING_FREE_CHAR(x)                 \
-  do {                                          \
-    if(x) {                                     \
-      ssh_string_free_char(x);                  \
-      x = NULL;                                 \
-    }                                           \
+#define SSH_STRING_FREE_CHAR(x) \
+  do {                          \
+    if(x) {                     \
+      ssh_string_free_char(x);  \
+      x = NULL;                 \
+    }                           \
   } while(0)
 #endif
 
@@ -111,10 +111,9 @@ static CURLcode sftp_doing(struct Curl_easy *data,
 static CURLcode sftp_disconnect(struct Curl_easy *data,
                                 struct connectdata *conn,
                                 bool dead);
-static
-CURLcode sftp_perform(struct Curl_easy *data,
-                      bool *connected,
-                      bool *dophase_done);
+static CURLcode sftp_perform(struct Curl_easy *data,
+                             bool *connected,
+                             bool *dophase_done);
 
 static CURLcode myssh_pollset(struct Curl_easy *data,
                               struct easy_pollset *ps);
@@ -189,22 +188,22 @@ const struct Curl_handler Curl_handler_sftp = {
 static CURLcode sftp_error_to_CURLE(int err)
 {
   switch(err) {
-    case SSH_FX_OK:
-      return CURLE_OK;
+  case SSH_FX_OK:
+    return CURLE_OK;
 
-    case SSH_FX_NO_SUCH_FILE:
-    case SSH_FX_NO_SUCH_PATH:
-      return CURLE_REMOTE_FILE_NOT_FOUND;
+  case SSH_FX_NO_SUCH_FILE:
+  case SSH_FX_NO_SUCH_PATH:
+    return CURLE_REMOTE_FILE_NOT_FOUND;
 
-    case SSH_FX_PERMISSION_DENIED:
-    case SSH_FX_WRITE_PROTECT:
-      return CURLE_REMOTE_ACCESS_DENIED;
+  case SSH_FX_PERMISSION_DENIED:
+  case SSH_FX_WRITE_PROTECT:
+    return CURLE_REMOTE_ACCESS_DENIED;
 
-    case SSH_FX_FILE_ALREADY_EXISTS:
-      return CURLE_REMOTE_FILE_EXISTS;
+  case SSH_FX_FILE_ALREADY_EXISTS:
+    return CURLE_REMOTE_FILE_EXISTS;
 
-    default:
-      break;
+  default:
+    break;
   }
 
   return CURLE_SSH;
@@ -213,7 +212,7 @@ static CURLcode sftp_error_to_CURLE(int err)
 #if !defined(CURL_DISABLE_VERBOSE_STRINGS)
 static const char *myssh_statename(sshstate state)
 {
-  static const char *const names[] = {
+  static const char * const names[] = {
     "SSH_STOP",
     "SSH_INIT",
     "SSH_S_STARTUP",
@@ -284,7 +283,7 @@ static const char *myssh_statename(sshstate state)
 #endif /* !CURL_DISABLE_VERBOSE_STRINGS */
 
 
-#define myssh_to(x,y,z) myssh_set_state(x,y,z)
+#define myssh_to(x, y, z) myssh_set_state(x, y, z)
 
 /*
  * SSH State machine related code
@@ -328,8 +327,7 @@ static int myssh_is_known(struct Curl_easy *data, struct ssh_conn *sshc)
   enum curl_khmatch keymatch;
   struct curl_khkey foundkey;
   struct curl_khkey *knownkeyp = NULL;
-  curl_sshkeycallback func =
-    data->set.ssh_keyfunc;
+  curl_sshkeycallback func = data->set.ssh_keyfunc;
   struct ssh_knownhosts_entry *knownhostsentry = NULL;
   struct curl_khkey knownkey;
 
@@ -343,8 +341,7 @@ static int myssh_is_known(struct Curl_easy *data, struct ssh_conn *sshc)
     char md5buffer[33];
     const char *pubkey_md5 = data->set.str[STRING_SSH_HOST_PUBLIC_KEY_MD5];
 
-    rc = ssh_get_publickey_hash(pubkey, SSH_PUBLICKEY_HASH_MD5,
-                                &hash, &hlen);
+    rc = ssh_get_publickey_hash(pubkey, SSH_PUBLICKEY_HASH_MD5, &hash, &hlen);
     if(rc != SSH_OK || hlen != 16) {
       failf(data,
             "Denied establishing ssh session: md5 fingerprint not available");
@@ -352,7 +349,7 @@ static int myssh_is_known(struct Curl_easy *data, struct ssh_conn *sshc)
     }
 
     for(i = 0; i < 16; i++)
-      curl_msnprintf(&md5buffer[i*2], 3, "%02x", (unsigned char)hash[i]);
+      curl_msnprintf(&md5buffer[i * 2], 3, "%02x", (unsigned char)hash[i]);
 
     infof(data, "SSH MD5 fingerprint: %s", md5buffer);
 
@@ -461,7 +458,7 @@ static int myssh_is_known(struct Curl_easy *data, struct ssh_conn *sshc)
 
       Curl_set_in_callback(data, TRUE);
       rc = func(data, knownkeyp, /* from the knownhosts file */
-                &foundkey, /* from the remote host */
+                &foundkey,       /* from the remote host */
                 keymatch, data->set.ssh_keyfunc_userp);
       Curl_set_in_callback(data, FALSE);
 
@@ -519,8 +516,7 @@ static int myssh_to_SFTP_CLOSE(struct Curl_easy *data,
                                struct ssh_conn *sshc)
 {
   myssh_to(data, sshc, SSH_SFTP_CLOSE);
-  sshc->actualcode =
-    sftp_error_to_CURLE(sftp_get_error(sshc->sftp_session));
+  sshc->actualcode = sftp_error_to_CURLE(sftp_get_error(sshc->sftp_session));
   return SSH_ERROR;
 }
 
@@ -613,7 +609,6 @@ static int myssh_in_SFTP_READDIR(struct Curl_easy *data,
         sshc->actualcode = result;
         return SSH_NO_ERROR;
       }
-
     }
     else {
       if(curlx_dyn_add(&sshc->readdir_buf, sshc->readdir_longentry)) {
@@ -684,8 +679,7 @@ static int myssh_in_SFTP_READDIR_LINK(struct Curl_easy *data,
 
   Curl_safefree(sshc->readdir_linkPath);
 
-  if(curlx_dyn_addf(&sshc->readdir_buf, " -> %s",
-                    sshc->readdir_filename)) {
+  if(curlx_dyn_addf(&sshc->readdir_buf, " -> %s", sshc->readdir_filename)) {
     /* Not using:
      * return myssh_to_SFTP_CLOSE(data, sshc);
      *
@@ -808,56 +802,56 @@ static int myssh_auth_interactive(struct connectdata *conn,
 
 restart:
   switch(sshc->kbd_state) {
-    case 0:
-      rc = ssh_userauth_kbdint(sshc->ssh_session, NULL, NULL);
-      if(rc == SSH_AUTH_AGAIN)
-        return SSH_AGAIN;
+  case 0:
+    rc = ssh_userauth_kbdint(sshc->ssh_session, NULL, NULL);
+    if(rc == SSH_AUTH_AGAIN)
+      return SSH_AGAIN;
 
-      if(rc != SSH_AUTH_INFO)
-        return SSH_ERROR;
-
-      nprompts = ssh_userauth_kbdint_getnprompts(sshc->ssh_session);
-      if(nprompts != 1)
-        return SSH_ERROR;
-
-      rc = ssh_userauth_kbdint_setanswer(sshc->ssh_session, 0, conn->passwd);
-      if(rc < 0)
-        return SSH_ERROR;
-
-      FALLTHROUGH();
-    case 1:
-      sshc->kbd_state = 1;
-
-      rc = ssh_userauth_kbdint(sshc->ssh_session, NULL, NULL);
-      if(rc == SSH_AUTH_AGAIN)
-        return SSH_AGAIN;
-      else if(rc == SSH_AUTH_SUCCESS)
-        rc = SSH_OK;
-      else if(rc == SSH_AUTH_INFO) {
-        nprompts = ssh_userauth_kbdint_getnprompts(sshc->ssh_session);
-        if(nprompts)
-          return SSH_ERROR;
-
-        sshc->kbd_state = 2;
-        goto restart;
-      }
-      else
-        rc = SSH_ERROR;
-      break;
-    case 2:
-      sshc->kbd_state = 2;
-
-      rc = ssh_userauth_kbdint(sshc->ssh_session, NULL, NULL);
-      if(rc == SSH_AUTH_AGAIN)
-        return SSH_AGAIN;
-      else if(rc == SSH_AUTH_SUCCESS)
-        rc = SSH_OK;
-      else
-        rc = SSH_ERROR;
-
-      break;
-    default:
+    if(rc != SSH_AUTH_INFO)
       return SSH_ERROR;
+
+    nprompts = ssh_userauth_kbdint_getnprompts(sshc->ssh_session);
+    if(nprompts != 1)
+      return SSH_ERROR;
+
+    rc = ssh_userauth_kbdint_setanswer(sshc->ssh_session, 0, conn->passwd);
+    if(rc < 0)
+      return SSH_ERROR;
+
+    FALLTHROUGH();
+  case 1:
+    sshc->kbd_state = 1;
+
+    rc = ssh_userauth_kbdint(sshc->ssh_session, NULL, NULL);
+    if(rc == SSH_AUTH_AGAIN)
+      return SSH_AGAIN;
+    else if(rc == SSH_AUTH_SUCCESS)
+      rc = SSH_OK;
+    else if(rc == SSH_AUTH_INFO) {
+      nprompts = ssh_userauth_kbdint_getnprompts(sshc->ssh_session);
+      if(nprompts)
+        return SSH_ERROR;
+
+      sshc->kbd_state = 2;
+      goto restart;
+    }
+    else
+      rc = SSH_ERROR;
+    break;
+  case 2:
+    sshc->kbd_state = 2;
+
+    rc = ssh_userauth_kbdint(sshc->ssh_session, NULL, NULL);
+    if(rc == SSH_AUTH_AGAIN)
+      return SSH_AGAIN;
+    else if(rc == SSH_AUTH_SUCCESS)
+      rc = SSH_OK;
+    else
+      rc = SSH_ERROR;
+
+    break;
+  default:
+    return SSH_ERROR;
   }
 
   sshc->kbd_state = 0;
@@ -967,8 +961,7 @@ static int myssh_in_AUTH_PKEY_INIT(struct Curl_easy *data,
    * (2) use the "default" keys. */
   if(data->set.str[STRING_SSH_PRIVATE_KEY]) {
     if(sshc->pubkey && !data->set.ssl.key_passwd) {
-      rc = ssh_userauth_try_publickey(sshc->ssh_session, NULL,
-                                      sshc->pubkey);
+      rc = ssh_userauth_try_publickey(sshc->ssh_session, NULL, sshc->pubkey);
       if(rc == SSH_AUTH_AGAIN)
         return SSH_AGAIN;
 
@@ -993,7 +986,7 @@ static int myssh_in_AUTH_PKEY_INIT(struct Curl_easy *data,
   }
   else {
     rc = ssh_userauth_publickey_auto(sshc->ssh_session, NULL,
-                                         data->set.ssl.key_passwd);
+                                     data->set.ssl.key_passwd);
     if(rc == SSH_AUTH_AGAIN)
       return SSH_AGAIN;
 
@@ -1166,7 +1159,7 @@ static int myssh_in_UPLOAD_INIT(struct Curl_easy *data,
   }
   else
     /* Clear file before writing (normal behavior) */
-    flags = O_WRONLY|O_CREAT|O_TRUNC;
+    flags = O_WRONLY | O_CREAT | O_TRUNC;
 
   if(sshc->sftp_file)
     sftp_close(sshc->sftp_file);
@@ -1214,7 +1207,7 @@ static int myssh_in_UPLOAD_INIT(struct Curl_easy *data,
       }
       /* seekerr == CURL_SEEKFUNC_CANTSEEK (cannot seek to offset) */
       do {
-        char scratch[4*1024];
+        char scratch[4 * 1024];
         size_t readthisamountnow =
           (data->state.resume_from - passed >
            (curl_off_t)sizeof(scratch)) ?
@@ -1363,8 +1356,7 @@ static int myssh_in_SFTP_DOWNLOAD_STAT(struct Curl_easy *data,
     /* Now store the number of bytes we are expected to download */
     data->req.size = size - data->state.resume_from;
     data->req.maxdownload = size - data->state.resume_from;
-    Curl_pgrsSetDownloadSize(data,
-                             size - data->state.resume_from);
+    Curl_pgrsSetDownloadSize(data, size - data->state.resume_from);
 
     rc = sftp_seek64(sshc->sftp_file, data->state.resume_from);
     if(rc)
@@ -1877,8 +1869,7 @@ static void conn_forget_socket(struct Curl_easy *data, int sockindex)
   if(conn && CONN_SOCK_IDX_VALID(sockindex)) {
     struct Curl_cfilter *cf = conn->cfilter[sockindex];
     if(cf)
-      (void)Curl_conn_cf_cntrl(cf, data, TRUE,
-                               CF_CTRL_FORGET_SOCKET, 0, NULL);
+      (void)Curl_conn_cf_cntrl(cf, data, TRUE, CF_CTRL_FORGET_SOCKET, 0, NULL);
     fake_sclose(conn->sock[sockindex]);
     conn->sock[sockindex] = CURL_SOCKET_BAD;
   }
@@ -2067,8 +2058,7 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data,
         break;
       if(rc && !sshc->acceptfail) {
         Curl_safefree(sshc->quote_path1);
-        failf(data, "rm command failed: %s",
-              ssh_get_error(sshc->ssh_session));
+        failf(data, "rm command failed: %s", ssh_get_error(sshc->ssh_session));
         myssh_to(data, sshc, SSH_SFTP_CLOSE);
         sshc->nextstate = SSH_NO_STATE;
         sshc->actualcode = CURLE_QUOTE_ERROR;
@@ -2110,7 +2100,7 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data,
       if(data->state.upload)
         myssh_to(data, sshc, SSH_SFTP_UPLOAD_INIT);
       else if(sshp) {
-        if(sshp->path[strlen(sshp->path)-1] == '/')
+        if(sshp->path[strlen(sshp->path) - 1] == '/')
           myssh_to(data, sshc, SSH_SFTP_READDIR_INIT);
         else
           myssh_to(data, sshc, SSH_SFTP_DOWNLOAD_INIT);
@@ -2301,26 +2291,26 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data,
       FALLTHROUGH();
 
     case SSH_SCP_DOWNLOAD: {
-        curl_off_t bytecount;
+      curl_off_t bytecount;
 
-        rc = ssh_scp_pull_request(sshc->scp_session);
-        if(rc != SSH_SCP_REQUEST_NEWFILE) {
-          err_msg = ssh_get_error(sshc->ssh_session);
-          failf(data, "%s", err_msg);
-          rc = myssh_to_ERROR(data, sshc, CURLE_REMOTE_FILE_NOT_FOUND);
-          break;
-        }
-
-        /* download data */
-        bytecount = ssh_scp_request_get_size(sshc->scp_session);
-        data->req.maxdownload = (curl_off_t) bytecount;
-        Curl_xfer_setup_recv(data, FIRSTSOCKET, bytecount);
-
-        /* not set by Curl_xfer_setup to preserve keepon bits */
-        conn->send_idx = 0;
-
-        myssh_to(data, sshc, SSH_STOP);
+      rc = ssh_scp_pull_request(sshc->scp_session);
+      if(rc != SSH_SCP_REQUEST_NEWFILE) {
+        err_msg = ssh_get_error(sshc->ssh_session);
+        failf(data, "%s", err_msg);
+        rc = myssh_to_ERROR(data, sshc, CURLE_REMOTE_FILE_NOT_FOUND);
         break;
+      }
+
+      /* download data */
+      bytecount = ssh_scp_request_get_size(sshc->scp_session);
+      data->req.maxdownload = (curl_off_t)bytecount;
+      Curl_xfer_setup_recv(data, FIRSTSOCKET, bytecount);
+
+      /* not set by Curl_xfer_setup to preserve keepon bits */
+      conn->send_idx = 0;
+
+      myssh_to(data, sshc, SSH_STOP);
+      break;
     }
     case SSH_SCP_DONE:
       if(data->state.upload)
@@ -2406,7 +2396,6 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data,
       sshc->nextstate = SSH_NO_STATE;
       myssh_to(data, sshc, SSH_STOP);
       break;
-
     }
     /* break the loop only on STOP or SSH_AGAIN. If `rc` is some
      * other error code, we will have progressed the state accordingly. */
@@ -2424,7 +2413,6 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data,
   return result;
 }
 
-
 /* called by the multi interface to figure out what socket(s) to wait for and
    for what actions in the DO_DONE, PERFORM and WAITPERFORM states */
 static CURLcode myssh_pollset(struct Curl_easy *data,
@@ -2525,7 +2513,6 @@ static CURLcode myssh_block_statemach(struct Curl_easy *data,
       (void)Curl_socket_check(fd_read, CURL_SOCKET_BAD, CURL_SOCKET_BAD,
                               left_ms > 1000 ? 1000 : left_ms);
     }
-
   }
 
   return result;
@@ -2717,9 +2704,8 @@ static CURLcode scp_doing(struct Curl_easy *data, bool *dophase_done)
  * the options previously setup.
  */
 
-static
-CURLcode scp_perform(struct Curl_easy *data,
-                     bool *connected, bool *dophase_done)
+static CURLcode scp_perform(struct Curl_easy *data,
+                            bool *connected, bool *dophase_done)
 {
   CURLcode result = CURLE_OK;
   struct ssh_conn *sshc = Curl_conn_meta_get(data->conn, CURL_META_SSH_CONN);
@@ -2871,7 +2857,6 @@ static CURLcode myssh_done(struct Curl_easy *data,
   return result;
 }
 
-
 static CURLcode scp_done(struct Curl_easy *data, CURLcode status,
                          bool premature)
 {
@@ -2963,10 +2948,9 @@ static CURLcode scp_recv(struct Curl_easy *data, int sockindex,
  * the options previously setup.
  */
 
-static
-CURLcode sftp_perform(struct Curl_easy *data,
-                      bool *connected,
-                      bool *dophase_done)
+static CURLcode sftp_perform(struct Curl_easy *data,
+                             bool *connected,
+                             bool *dophase_done)
 {
   struct ssh_conn *sshc = Curl_conn_meta_get(data->conn, CURL_META_SSH_CONN);
   CURLcode result = CURLE_OK;
@@ -3064,34 +3048,34 @@ static CURLcode sftp_send(struct Curl_easy *data, int sockindex,
 
 #if LIBSSH_VERSION_INT > SSH_VERSION_INT(0, 11, 0)
   switch(sshc->sftp_send_state) {
-    case 0:
-      sftp_file_set_nonblocking(sshc->sftp_file);
-      if(sftp_aio_begin_write(sshc->sftp_file, mem, len,
-                              &sshc->sftp_send_aio) == SSH_ERROR) {
-        return CURLE_SEND_ERROR;
-      }
-      sshc->sftp_send_state = 1;
-      FALLTHROUGH();
-    case 1:
-      nwrite = sftp_aio_wait_write(&sshc->sftp_send_aio);
-      myssh_block2waitfor(conn, sshc, (nwrite == SSH_AGAIN) ? TRUE : FALSE);
-      if(nwrite == SSH_AGAIN)
-        return CURLE_AGAIN;
-      else if(nwrite < 0)
-        return CURLE_SEND_ERROR;
-
-      /*
-       * sftp_aio_wait_write() would free sftp_send_aio and
-       * assign it NULL in all cases except when it returns
-       * SSH_AGAIN.
-       */
-
-      sshc->sftp_send_state = 0;
-      *pnwritten = (size_t)nwrite;
-      return CURLE_OK;
-    default:
-      /* we never reach here */
+  case 0:
+    sftp_file_set_nonblocking(sshc->sftp_file);
+    if(sftp_aio_begin_write(sshc->sftp_file, mem, len,
+                            &sshc->sftp_send_aio) == SSH_ERROR) {
       return CURLE_SEND_ERROR;
+    }
+    sshc->sftp_send_state = 1;
+    FALLTHROUGH();
+  case 1:
+    nwrite = sftp_aio_wait_write(&sshc->sftp_send_aio);
+    myssh_block2waitfor(conn, sshc, (nwrite == SSH_AGAIN) ? TRUE : FALSE);
+    if(nwrite == SSH_AGAIN)
+      return CURLE_AGAIN;
+    else if(nwrite < 0)
+      return CURLE_SEND_ERROR;
+
+    /*
+     * sftp_aio_wait_write() would free sftp_send_aio and
+     * assign it NULL in all cases except when it returns
+     * SSH_AGAIN.
+     */
+
+    sshc->sftp_send_state = 0;
+    *pnwritten = (size_t)nwrite;
+    return CURLE_OK;
+  default:
+    /* we never reach here */
+    return CURLE_SEND_ERROR;
   }
 #else
   /*
@@ -3143,54 +3127,53 @@ static CURLcode sftp_recv(struct Curl_easy *data, int sockindex,
     return CURLE_FAILED_INIT;
 
   switch(sshc->sftp_recv_state) {
-    case 0:
+  case 0:
 #if LIBSSH_VERSION_INT > SSH_VERSION_INT(0, 11, 0)
-      if(sftp_aio_begin_read(sshc->sftp_file, len,
-                             &sshc->sftp_recv_aio) == SSH_ERROR) {
-        return CURLE_RECV_ERROR;
-      }
-#else
-      sshc->sftp_file_index =
-        sftp_async_read_begin(sshc->sftp_file, (uint32_t)len);
-      if(sshc->sftp_file_index < 0)
-        return CURLE_RECV_ERROR;
-#endif
-
-      FALLTHROUGH();
-    case 1:
-      sshc->sftp_recv_state = 1;
-
-#if LIBSSH_VERSION_INT > SSH_VERSION_INT(0, 11, 0)
-      nread = sftp_aio_wait_read(&sshc->sftp_recv_aio, mem, len);
-#else
-      nread = sftp_async_read(sshc->sftp_file, mem, (uint32_t)len,
-                              (uint32_t)sshc->sftp_file_index);
-#endif
-
-      myssh_block2waitfor(conn, sshc, (nread == SSH_AGAIN));
-
-      if(nread == SSH_AGAIN)
-        return CURLE_AGAIN;
-      else if(nread < 0)
-        return CURLE_RECV_ERROR;
-
-      /*
-       * sftp_aio_wait_read() would free sftp_recv_aio and
-       * assign it NULL in all cases except when it returns
-       * SSH_AGAIN.
-       */
-
-      sshc->sftp_recv_state = 0;
-      *pnread = (size_t)nread;
-      return CURLE_OK;
-
-    default:
-      /* we never reach here */
+    if(sftp_aio_begin_read(sshc->sftp_file, len,
+                           &sshc->sftp_recv_aio) == SSH_ERROR) {
       return CURLE_RECV_ERROR;
+    }
+#else
+    sshc->sftp_file_index =
+      sftp_async_read_begin(sshc->sftp_file, (uint32_t)len);
+    if(sshc->sftp_file_index < 0)
+      return CURLE_RECV_ERROR;
+#endif
+
+    FALLTHROUGH();
+  case 1:
+    sshc->sftp_recv_state = 1;
+
+#if LIBSSH_VERSION_INT > SSH_VERSION_INT(0, 11, 0)
+    nread = sftp_aio_wait_read(&sshc->sftp_recv_aio, mem, len);
+#else
+    nread = sftp_async_read(sshc->sftp_file, mem, (uint32_t)len,
+                            (uint32_t)sshc->sftp_file_index);
+#endif
+
+    myssh_block2waitfor(conn, sshc, (nread == SSH_AGAIN));
+
+    if(nread == SSH_AGAIN)
+      return CURLE_AGAIN;
+    else if(nread < 0)
+      return CURLE_RECV_ERROR;
+
+    /*
+     * sftp_aio_wait_read() would free sftp_recv_aio and
+     * assign it NULL in all cases except when it returns
+     * SSH_AGAIN.
+     */
+
+    sshc->sftp_recv_state = 0;
+    *pnread = (size_t)nread;
+    return CURLE_OK;
+
+  default:
+    /* we never reach here */
+    return CURLE_RECV_ERROR;
   }
 }
 
-
 CURLcode Curl_ssh_init(void)
 {
   if(ssh_init()) {
@@ -3210,4 +3193,4 @@ void Curl_ssh_version(char *buffer, size_t buflen)
   (void)curl_msnprintf(buffer, buflen, "libssh/%s", ssh_version(0));
 }
 
-#endif                          /* USE_LIBSSH */
+#endif /* USE_LIBSSH */
diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c
index ce593d5487..8701775d7d 100644
--- a/lib/vssh/libssh2.c
+++ b/lib/vssh/libssh2.c
@@ -154,12 +154,12 @@ const struct Curl_handler Curl_handler_sftp = {
   PROTOPT_NOURLQUERY | PROTOPT_CONN_REUSE
 };
 
-static void
-kbd_callback(const char *name, int name_len, const char *instruction,
-             int instruction_len, int num_prompts,
-             const LIBSSH2_USERAUTH_KBDINT_PROMPT *prompts,
-             LIBSSH2_USERAUTH_KBDINT_RESPONSE *responses,
-             void **abstract)
+static void kbd_callback(const char *name, int name_len,
+                         const char *instruction, int instruction_len,
+                         int num_prompts,
+                         const LIBSSH2_USERAUTH_KBDINT_PROMPT *prompts,
+                         LIBSSH2_USERAUTH_KBDINT_RESPONSE *responses,
+                         void **abstract)
 {
   struct Curl_easy *data = (struct Curl_easy *)*abstract;
 
@@ -187,30 +187,30 @@ kbd_callback(const char *name, int name_len, const char *instruction,
 static CURLcode sftp_libssh2_error_to_CURLE(unsigned long err)
 {
   switch(err) {
-    case LIBSSH2_FX_OK:
-      return CURLE_OK;
+  case LIBSSH2_FX_OK:
+    return CURLE_OK;
 
-    case LIBSSH2_FX_NO_SUCH_FILE:
-    case LIBSSH2_FX_NO_SUCH_PATH:
-      return CURLE_REMOTE_FILE_NOT_FOUND;
+  case LIBSSH2_FX_NO_SUCH_FILE:
+  case LIBSSH2_FX_NO_SUCH_PATH:
+    return CURLE_REMOTE_FILE_NOT_FOUND;
 
-    case LIBSSH2_FX_PERMISSION_DENIED:
-    case LIBSSH2_FX_WRITE_PROTECT:
-    case LIBSSH2_FX_LOCK_CONFlICT:
-      return CURLE_REMOTE_ACCESS_DENIED;
+  case LIBSSH2_FX_PERMISSION_DENIED:
+  case LIBSSH2_FX_WRITE_PROTECT:
+  case LIBSSH2_FX_LOCK_CONFlICT:
+    return CURLE_REMOTE_ACCESS_DENIED;
 
-    case LIBSSH2_FX_NO_SPACE_ON_FILESYSTEM:
-    case LIBSSH2_FX_QUOTA_EXCEEDED:
-      return CURLE_REMOTE_DISK_FULL;
+  case LIBSSH2_FX_NO_SPACE_ON_FILESYSTEM:
+  case LIBSSH2_FX_QUOTA_EXCEEDED:
+    return CURLE_REMOTE_DISK_FULL;
 
-    case LIBSSH2_FX_FILE_ALREADY_EXISTS:
-      return CURLE_REMOTE_FILE_EXISTS;
+  case LIBSSH2_FX_FILE_ALREADY_EXISTS:
+    return CURLE_REMOTE_FILE_EXISTS;
 
-    case LIBSSH2_FX_DIR_NOT_EMPTY:
-      return CURLE_QUOTE_ERROR;
+  case LIBSSH2_FX_DIR_NOT_EMPTY:
+    return CURLE_QUOTE_ERROR;
 
-    default:
-      break;
+  default:
+    break;
   }
 
   return CURLE_SSH;
@@ -219,39 +219,39 @@ static CURLcode sftp_libssh2_error_to_CURLE(unsigned long err)
 static CURLcode libssh2_session_error_to_CURLE(int err)
 {
   switch(err) {
-    /* Ordered by order of appearance in libssh2.h */
-    case LIBSSH2_ERROR_NONE:
-      return CURLE_OK;
+  /* Ordered by order of appearance in libssh2.h */
+  case LIBSSH2_ERROR_NONE:
+    return CURLE_OK;
 
-    /* This is the error returned by libssh2_scp_recv2
-     * on unknown file */
-    case LIBSSH2_ERROR_SCP_PROTOCOL:
-      return CURLE_REMOTE_FILE_NOT_FOUND;
+  /* This is the error returned by libssh2_scp_recv2
+   * on unknown file */
+  case LIBSSH2_ERROR_SCP_PROTOCOL:
+    return CURLE_REMOTE_FILE_NOT_FOUND;
 
-    case LIBSSH2_ERROR_SOCKET_NONE:
-      return CURLE_COULDNT_CONNECT;
+  case LIBSSH2_ERROR_SOCKET_NONE:
+    return CURLE_COULDNT_CONNECT;
 
-    case LIBSSH2_ERROR_ALLOC:
-      return CURLE_OUT_OF_MEMORY;
+  case LIBSSH2_ERROR_ALLOC:
+    return CURLE_OUT_OF_MEMORY;
 
-    case LIBSSH2_ERROR_SOCKET_SEND:
-      return CURLE_SEND_ERROR;
+  case LIBSSH2_ERROR_SOCKET_SEND:
+    return CURLE_SEND_ERROR;
 
-    case LIBSSH2_ERROR_HOSTKEY_INIT:
-    case LIBSSH2_ERROR_HOSTKEY_SIGN:
-    case LIBSSH2_ERROR_PUBLICKEY_UNRECOGNIZED:
-    case LIBSSH2_ERROR_PUBLICKEY_UNVERIFIED:
-      return CURLE_PEER_FAILED_VERIFICATION;
+  case LIBSSH2_ERROR_HOSTKEY_INIT:
+  case LIBSSH2_ERROR_HOSTKEY_SIGN:
+  case LIBSSH2_ERROR_PUBLICKEY_UNRECOGNIZED:
+  case LIBSSH2_ERROR_PUBLICKEY_UNVERIFIED:
+    return CURLE_PEER_FAILED_VERIFICATION;
 
-    case LIBSSH2_ERROR_PASSWORD_EXPIRED:
-      return CURLE_LOGIN_DENIED;
+  case LIBSSH2_ERROR_PASSWORD_EXPIRED:
+    return CURLE_LOGIN_DENIED;
 
-    case LIBSSH2_ERROR_SOCKET_TIMEOUT:
-    case LIBSSH2_ERROR_TIMEOUT:
-      return CURLE_OPERATION_TIMEDOUT;
+  case LIBSSH2_ERROR_SOCKET_TIMEOUT:
+  case LIBSSH2_ERROR_TIMEOUT:
+    return CURLE_OPERATION_TIMEDOUT;
 
-    case LIBSSH2_ERROR_EAGAIN:
-      return CURLE_AGAIN;
+  case LIBSSH2_ERROR_EAGAIN:
+    return CURLE_AGAIN;
   }
 
   return CURLE_SSH;
@@ -283,7 +283,7 @@ static LIBSSH2_FREE_FUNC(my_libssh2_free)
 #if !defined(CURL_DISABLE_VERBOSE_STRINGS)
 static const char *myssh_statename(sshstate state)
 {
-  static const char *const names[] = {
+  static const char * const names[] = {
     "SSH_STOP",
     "SSH_INIT",
     "SSH_S_STARTUP",
@@ -354,7 +354,7 @@ static const char *myssh_statename(sshstate state)
 #endif /* !CURL_DISABLE_VERBOSE_STRINGS */
 
 
-#define myssh_state(x,y,z) myssh_set_state(x,y,z)
+#define myssh_state(x, y, z) myssh_set_state(x, y, z)
 
 /*
  * SSH State machine related code
@@ -663,7 +663,7 @@ static CURLcode ssh_check_fingerprint(struct Curl_easy *data,
       /* The fingerprint points to static storage (!), do not free() it. */
       int i;
       for(i = 0; i < 16; i++) {
-        curl_msnprintf(&md5buffer[i*2], 3, "%02x",
+        curl_msnprintf(&md5buffer[i * 2], 3, "%02x",
                        (unsigned char)fingerprint[i]);
       }
 
@@ -703,7 +703,7 @@ static CURLcode ssh_check_fingerprint(struct Curl_easy *data,
         rc = data->set.ssh_hostkeyfunc(data->set.ssh_hostkeyfunc_userp,
                                        (int)keytype, remotekey, keylen);
         Curl_set_in_callback(data, FALSE);
-        if(rc!= CURLKHMATCH_OK) {
+        if(rc != CURLKHMATCH_OK) {
           myssh_state(data, sshc, SSH_SESSION_FREE);
           return CURLE_PEER_FAILED_VERIFICATION;
         }
@@ -1009,11 +1009,10 @@ static CURLcode sftp_quote(struct Curl_easy *data,
   return CURLE_QUOTE_ERROR;
 }
 
-static CURLcode
-sftp_upload_init(struct Curl_easy *data,
-                 struct ssh_conn *sshc,
-                 struct SSHPROTO *sshp,
-                 bool *blockp)
+static CURLcode sftp_upload_init(struct Curl_easy *data,
+                                 struct ssh_conn *sshc,
+                                 struct SSHPROTO *sshp,
+                                 bool *blockp)
 {
   unsigned long flags;
 
@@ -1140,7 +1139,7 @@ sftp_upload_init(struct Curl_easy *data,
       }
       /* seekerr == CURL_SEEKFUNC_CANTSEEK (cannot seek to offset) */
       do {
-        char scratch[4*1024];
+        char scratch[4 * 1024];
         size_t readthisamountnow =
           (data->state.resume_from - passed >
            (curl_off_t)sizeof(scratch)) ?
@@ -1283,11 +1282,10 @@ static CURLcode ssh_state_pkey_init(struct Curl_easy *data,
   return 0;
 }
 
-static CURLcode
-sftp_quote_stat(struct Curl_easy *data,
-                struct ssh_conn *sshc,
-                struct SSHPROTO *sshp,
-                bool *blockp)
+static CURLcode sftp_quote_stat(struct Curl_easy *data,
+                                struct ssh_conn *sshc,
+                                struct SSHPROTO *sshp,
+                                bool *blockp)
 {
   char *cmd = sshc->quote_item->data;
   sshc->acceptfail = FALSE;
@@ -1395,11 +1393,10 @@ fail:
   return CURLE_QUOTE_ERROR;
 }
 
-static CURLcode
-sftp_download_stat(struct Curl_easy *data,
-                   struct ssh_conn *sshc,
-                   struct SSHPROTO *sshp,
-                   bool *blockp)
+static CURLcode sftp_download_stat(struct Curl_easy *data,
+                                   struct ssh_conn *sshc,
+                                   struct SSHPROTO *sshp,
+                                   bool *blockp)
 {
   LIBSSH2_SFTP_ATTRIBUTES attrs;
   int rc = libssh2_sftp_stat_ex(sshc->sftp_session, sshp->path,
@@ -1468,8 +1465,7 @@ sftp_download_stat(struct Curl_easy *data,
     /* Now store the number of bytes we are expected to download */
     data->req.size = attrs.filesize - data->state.resume_from;
     data->req.maxdownload = attrs.filesize - data->state.resume_from;
-    Curl_pgrsSetDownloadSize(data,
-                             attrs.filesize - data->state.resume_from);
+    Curl_pgrsSetDownloadSize(data, attrs.filesize - data->state.resume_from);
     libssh2_sftp_seek64(sshc->sftp_handle,
                         (libssh2_uint64_t)data->state.resume_from);
   }
@@ -1507,7 +1503,7 @@ static CURLcode sftp_readdir(struct Curl_easy *data,
     return result;
   }
   if(rc > 0) {
-    size_t readdir_len = (size_t) rc;
+    size_t readdir_len = (size_t)rc;
     sshp->readdir_filename[readdir_len] = '\0';
 
     if(data->set.list_only) {
@@ -1639,8 +1635,7 @@ static CURLcode ssh_state_authlist(struct Curl_easy *data,
     myssh_state(data, sshc, SSH_SESSION_FREE);
     return libssh2_session_error_to_CURLE(rc);
   }
-  infof(data, "SSH authentication methods available: %s",
-        sshc->authlist);
+  infof(data, "SSH authentication methods available: %s", sshc->authlist);
 
   myssh_state(data, sshc, SSH_AUTH_PKEY_INIT);
   return CURLE_OK;
@@ -1679,8 +1674,7 @@ static CURLcode ssh_state_auth_pkey(struct Curl_easy *data,
       err_msg = unknown;
     }
     else {
-      (void)libssh2_session_last_error(sshc->ssh_session,
-                                       &err_msg, NULL, 0);
+      (void)libssh2_session_last_error(sshc->ssh_session, &err_msg, NULL, 0);
     }
     infof(data, "SSH public key authentication failed: %s", err_msg);
     myssh_state(data, sshc, SSH_AUTH_PASS_INIT);
@@ -1742,8 +1736,8 @@ static CURLcode ssh_state_auth_agent_init(struct Curl_easy *data,
                                           struct ssh_conn *sshc)
 {
   int rc = 0;
-  if((data->set.ssh_auth_types & CURLSSH_AUTH_AGENT)
-     && (strstr(sshc->authlist, "publickey") != NULL)) {
+  if((data->set.ssh_auth_types & CURLSSH_AUTH_AGENT) &&
+     (strstr(sshc->authlist, "publickey") != NULL)) {
 
     /* Connect to the ssh-agent */
     /* The agent could be shared by a curl thread i believe
@@ -1838,8 +1832,8 @@ static CURLcode ssh_state_auth_agent(struct Curl_easy *data,
 static CURLcode ssh_state_auth_key_init(struct Curl_easy *data,
                                         struct ssh_conn *sshc)
 {
-  if((data->set.ssh_auth_types & CURLSSH_AUTH_KEYBOARD)
-     && (strstr(sshc->authlist, "keyboard-interactive") != NULL)) {
+  if((data->set.ssh_auth_types & CURLSSH_AUTH_KEYBOARD) &&
+     (strstr(sshc->authlist, "keyboard-interactive") != NULL)) {
     myssh_state(data, sshc, SSH_AUTH_KEY);
   }
   else {
@@ -1913,8 +1907,7 @@ static CURLcode ssh_state_sftp_init(struct Curl_easy *data,
        LIBSSH2_ERROR_EAGAIN)
       return CURLE_AGAIN;
 
-    (void)libssh2_session_last_error(sshc->ssh_session,
-                                     &err_msg, NULL, 0);
+    (void)libssh2_session_last_error(sshc->ssh_session, &err_msg, NULL, 0);
     failf(data, "Failure initializing sftp session: %s", err_msg);
     myssh_state(data, sshc, SSH_SESSION_FREE);
     return CURLE_FAILED_INIT;
@@ -2384,8 +2377,7 @@ static CURLcode ssh_state_scp_download_init(struct Curl_easy *data,
        LIBSSH2_ERROR_EAGAIN)
       return CURLE_AGAIN;
 
-    ssh_err = (int)(libssh2_session_last_error(sshc->ssh_session,
-                                               &err_msg, NULL, 0));
+    ssh_err = libssh2_session_last_error(sshc->ssh_session, &err_msg, NULL, 0);
     failf(data, "%s", err_msg);
     myssh_state(data, sshc, SSH_SCP_CHANNEL_FREE);
     return libssh2_session_error_to_CURLE(ssh_err);
@@ -2415,8 +2407,7 @@ static CURLcode ssh_state_sftp_close(struct Curl_easy *data,
 
     if(rc < 0) {
       char *err_msg = NULL;
-      (void)libssh2_session_last_error(sshc->ssh_session,
-                                       &err_msg, NULL, 0);
+      (void)libssh2_session_last_error(sshc->ssh_session, &err_msg, NULL, 0);
       infof(data, "Failed to close libssh2 file: %d %s", rc, err_msg);
     }
     sshc->sftp_handle = NULL;
@@ -2454,8 +2445,7 @@ static CURLcode ssh_state_sftp_shutdown(struct Curl_easy *data,
 
     if(rc < 0) {
       char *err_msg = NULL;
-      (void)libssh2_session_last_error(sshc->ssh_session, &err_msg,
-                                       NULL, 0);
+      (void)libssh2_session_last_error(sshc->ssh_session, &err_msg, NULL, 0);
       infof(data, "Failed to close libssh2 file: %d %s", rc, err_msg);
     }
     sshc->sftp_handle = NULL;
@@ -2527,8 +2517,7 @@ static CURLcode ssh_state_scp_upload_init(struct Curl_easy *data,
        LIBSSH2_ERROR_EAGAIN)
       return CURLE_AGAIN;
 
-    ssh_err = (int)(libssh2_session_last_error(sshc->ssh_session,
-                                               &err_msg, NULL, 0));
+    ssh_err = libssh2_session_last_error(sshc->ssh_session, &err_msg, NULL, 0);
     failf(data, "%s", err_msg);
     myssh_state(data, sshc, SSH_SCP_CHANNEL_FREE);
     result = libssh2_session_error_to_CURLE(ssh_err);
@@ -2567,10 +2556,8 @@ static CURLcode ssh_state_session_disconnect(struct Curl_easy *data,
 
     if(rc < 0) {
       char *err_msg = NULL;
-      (void)libssh2_session_last_error(sshc->ssh_session,
-                                       &err_msg, NULL, 0);
-      infof(data, "Failed to free libssh2 scp subsystem: %d %s",
-            rc, err_msg);
+      (void)libssh2_session_last_error(sshc->ssh_session, &err_msg, NULL, 0);
+      infof(data, "Failed to free libssh2 scp subsystem: %d %s", rc, err_msg);
     }
     sshc->ssh_channel = NULL;
   }
@@ -2582,10 +2569,8 @@ static CURLcode ssh_state_session_disconnect(struct Curl_easy *data,
 
     if(rc < 0) {
       char *err_msg = NULL;
-      (void)libssh2_session_last_error(sshc->ssh_session,
-                                       &err_msg, NULL, 0);
-      infof(data, "Failed to disconnect libssh2 session: %d %s",
-            rc, err_msg);
+      (void)libssh2_session_last_error(sshc->ssh_session, &err_msg, NULL, 0);
+      infof(data, "Failed to disconnect libssh2 session: %d %s", rc, err_msg);
     }
   }
 
@@ -2750,8 +2735,7 @@ static CURLcode ssh_statemachine(struct Curl_easy *data,
       }
       break;
 
-    case SSH_SFTP_FILETIME:
-    {
+    case SSH_SFTP_FILETIME: {
       LIBSSH2_SFTP_ATTRIBUTES attrs;
       int rc;
 
@@ -2778,7 +2762,7 @@ static CURLcode ssh_statemachine(struct Curl_easy *data,
       if(data->state.upload)
         myssh_state(data, sshc, SSH_SFTP_UPLOAD_INIT);
       else if(sshp) {
-        if(sshp->path[strlen(sshp->path)-1] == '/')
+        if(sshp->path[strlen(sshp->path) - 1] == '/')
           myssh_state(data, sshc, SSH_SFTP_READDIR_INIT);
         else
           myssh_state(data, sshc, SSH_SFTP_DOWNLOAD_INIT);
@@ -3097,8 +3081,8 @@ static void ssh_block2waitfor(struct Curl_easy *data,
     dir = libssh2_session_block_directions(sshc->ssh_session);
     if(dir) {
       /* translate the libssh2 define bits into our own bit defines */
-      sshc->waitfor = ((dir&LIBSSH2_SESSION_BLOCK_INBOUND) ? KEEP_RECV : 0) |
-        ((dir&LIBSSH2_SESSION_BLOCK_OUTBOUND) ? KEEP_SEND : 0);
+      sshc->waitfor = ((dir & LIBSSH2_SESSION_BLOCK_INBOUND) ? KEEP_RECV : 0) |
+                      ((dir & LIBSSH2_SESSION_BLOCK_OUTBOUND) ? KEEP_SEND : 0);
     }
   }
   if(!dir)
@@ -3308,24 +3292,24 @@ static CURLcode ssh_connect(struct Curl_easy *data, bool *done)
   {
     const char *crypto_str;
     switch(libssh2_crypto_engine()) {
-      case libssh2_gcrypt:
-        crypto_str = "libgcrypt";
-        break;
-      case libssh2_mbedtls:
-        crypto_str = "mbedTLS";
-        break;
-      case libssh2_openssl:
-        crypto_str = "openssl compatible";
-        break;
-      case libssh2_os400qc3:
-        crypto_str = "OS400QC3";
-        break;
-      case libssh2_wincng:
-        crypto_str = "WinCNG";
-        break;
-      default:
-        crypto_str = NULL;
-        break;
+    case libssh2_gcrypt:
+      crypto_str = "libgcrypt";
+      break;
+    case libssh2_mbedtls:
+      crypto_str = "mbedTLS";
+      break;
+    case libssh2_openssl:
+      crypto_str = "openssl compatible";
+      break;
+    case libssh2_os400qc3:
+      crypto_str = "OS400QC3";
+      break;
+    case libssh2_wincng:
+      crypto_str = "WinCNG";
+      break;
+    default:
+      crypto_str = NULL;
+      break;
     }
     if(crypto_str)
       infof(data, "libssh2 cryptography backend: %s", crypto_str);
@@ -3476,10 +3460,9 @@ static CURLcode ssh_connect(struct Curl_easy *data, bool *done)
  * the options previously setup.
  */
 
-static
-CURLcode scp_perform(struct Curl_easy *data,
-                     bool *connected,
-                     bool *dophase_done)
+static CURLcode scp_perform(struct Curl_easy *data,
+                            bool *connected,
+                            bool *dophase_done)
 {
   struct ssh_conn *sshc = Curl_conn_meta_get(data->conn, CURL_META_SSH_CONN);
   CURLcode result = CURLE_OK;
@@ -3562,8 +3545,7 @@ static CURLcode sshc_cleanup(struct ssh_conn *sshc, struct Curl_easy *data,
     rc = libssh2_agent_disconnect(sshc->ssh_agent);
     if((rc < 0) && data) {
       char *err_msg = NULL;
-      (void)libssh2_session_last_error(sshc->ssh_session,
-                                       &err_msg, NULL, 0);
+      (void)libssh2_session_last_error(sshc->ssh_session, &err_msg, NULL, 0);
       infof(data, "Failed to disconnect from libssh2 agent: %d %s",
             rc, err_msg);
     }
@@ -3583,8 +3565,7 @@ static CURLcode sshc_cleanup(struct ssh_conn *sshc, struct Curl_easy *data,
     rc = libssh2_sftp_close(sshc->sftp_handle);
     if((rc < 0) && data) {
       char *err_msg = NULL;
-      (void)libssh2_session_last_error(sshc->ssh_session, &err_msg,
-                                       NULL, 0);
+      (void)libssh2_session_last_error(sshc->ssh_session, &err_msg, NULL, 0);
       infof(data, "Failed to close libssh2 file: %d %s", rc, err_msg);
     }
     if(!block && (rc == LIBSSH2_ERROR_EAGAIN))
@@ -3597,10 +3578,8 @@ static CURLcode sshc_cleanup(struct ssh_conn *sshc, struct Curl_easy *data,
     rc = libssh2_channel_free(sshc->ssh_channel);
     if((rc < 0) && data) {
       char *err_msg = NULL;
-      (void)libssh2_session_last_error(sshc->ssh_session,
-                                       &err_msg, NULL, 0);
-      infof(data, "Failed to free libssh2 scp subsystem: %d %s",
-            rc, err_msg);
+      (void)libssh2_session_last_error(sshc->ssh_session, &err_msg, NULL, 0);
+      infof(data, "Failed to free libssh2 scp subsystem: %d %s", rc, err_msg);
     }
     if(!block && (rc == LIBSSH2_ERROR_EAGAIN))
       return CURLE_AGAIN;
@@ -3612,8 +3591,7 @@ static CURLcode sshc_cleanup(struct ssh_conn *sshc, struct Curl_easy *data,
     rc = libssh2_sftp_shutdown(sshc->sftp_session);
     if((rc < 0) && data) {
       char *err_msg = NULL;
-      (void)libssh2_session_last_error(sshc->ssh_session,
-                                       &err_msg, NULL, 0);
+      (void)libssh2_session_last_error(sshc->ssh_session, &err_msg, NULL, 0);
       infof(data, "Failed to stop libssh2 sftp subsystem: %d %s", rc, err_msg);
     }
     if(!block && (rc == LIBSSH2_ERROR_EAGAIN))
@@ -3626,8 +3604,7 @@ static CURLcode sshc_cleanup(struct ssh_conn *sshc, struct Curl_easy *data,
     rc = libssh2_session_free(sshc->ssh_session);
     if((rc < 0) && data) {
       char *err_msg = NULL;
-      (void)libssh2_session_last_error(sshc->ssh_session,
-                                       &err_msg, NULL, 0);
+      (void)libssh2_session_last_error(sshc->ssh_session, &err_msg, NULL, 0);
       infof(data, "Failed to free libssh2 session: %d %s", rc, err_msg);
     }
     if(!block && (rc == LIBSSH2_ERROR_EAGAIN))
@@ -3653,7 +3630,6 @@ static CURLcode sshc_cleanup(struct ssh_conn *sshc, struct Curl_easy *data,
   return CURLE_OK;
 }
 
-
 /* BLOCKING, but the function is using the state machine so the only reason
    this is still blocking is that the multi interface code has no support for
    disconnecting operations that takes a while */
@@ -3701,7 +3677,6 @@ static CURLcode ssh_done(struct Curl_easy *data, CURLcode status)
   return result;
 }
 
-
 static CURLcode scp_done(struct Curl_easy *data, CURLcode status,
                          bool premature)
 {
@@ -3731,8 +3706,8 @@ static CURLcode scp_send(struct Curl_easy *data, int sockindex,
     return CURLE_FAILED_INIT;
 
   /* libssh2_channel_write() returns int! */
-  nwritten = (ssize_t) libssh2_channel_write(sshc->ssh_channel,
-                                             (const char *)mem, len);
+  nwritten = (ssize_t)libssh2_channel_write(sshc->ssh_channel,
+                                            (const char *)mem, len);
 
   ssh_block2waitfor(data, sshc, (nwritten == LIBSSH2_ERROR_EAGAIN));
 
@@ -3761,7 +3736,7 @@ static CURLcode scp_recv(struct Curl_easy *data, int sockindex,
     return CURLE_FAILED_INIT;
 
   /* libssh2_channel_read() returns int */
-  nread = (ssize_t) libssh2_channel_read(sshc->ssh_channel, mem, len);
+  nread = (ssize_t)libssh2_channel_read(sshc->ssh_channel, mem, len);
 
   ssh_block2waitfor(data, sshc, (nread == LIBSSH2_ERROR_EAGAIN));
   if(nread == LIBSSH2_ERROR_EAGAIN)
@@ -3787,10 +3762,9 @@ static CURLcode scp_recv(struct Curl_easy *data, int sockindex,
  * the options previously setup.
  */
 
-static
-CURLcode sftp_perform(struct Curl_easy *data,
-                      bool *connected,
-                      bool *dophase_done)
+static CURLcode sftp_perform(struct Curl_easy *data,
+                             bool *connected,
+                             bool *dophase_done)
 {
   struct ssh_conn *sshc = Curl_conn_meta_get(data->conn, CURL_META_SSH_CONN);
   CURLcode result = CURLE_OK;
@@ -3850,7 +3824,6 @@ static CURLcode sftp_disconnect(struct Curl_easy *data,
     sshc_cleanup(sshc, data, TRUE);
   }
   return result;
-
 }
 
 static CURLcode sftp_done(struct Curl_easy *data, CURLcode status,
@@ -3934,65 +3907,65 @@ static CURLcode sftp_recv(struct Curl_easy *data, int sockindex,
 static const char *sftp_libssh2_strerror(unsigned long err)
 {
   switch(err) {
-    case LIBSSH2_FX_NO_SUCH_FILE:
-      return "No such file or directory";
+  case LIBSSH2_FX_NO_SUCH_FILE:
+    return "No such file or directory";
 
-    case LIBSSH2_FX_PERMISSION_DENIED:
-      return "Permission denied";
+  case LIBSSH2_FX_PERMISSION_DENIED:
+    return "Permission denied";
 
-    case LIBSSH2_FX_FAILURE:
-      return "Operation failed";
+  case LIBSSH2_FX_FAILURE:
+    return "Operation failed";
 
-    case LIBSSH2_FX_BAD_MESSAGE:
-      return "Bad message from SFTP server";
+  case LIBSSH2_FX_BAD_MESSAGE:
+    return "Bad message from SFTP server";
 
-    case LIBSSH2_FX_NO_CONNECTION:
-      return "Not connected to SFTP server";
+  case LIBSSH2_FX_NO_CONNECTION:
+    return "Not connected to SFTP server";
 
-    case LIBSSH2_FX_CONNECTION_LOST:
-      return "Connection to SFTP server lost";
+  case LIBSSH2_FX_CONNECTION_LOST:
+    return "Connection to SFTP server lost";
 
-    case LIBSSH2_FX_OP_UNSUPPORTED:
-      return "Operation not supported by SFTP server";
+  case LIBSSH2_FX_OP_UNSUPPORTED:
+    return "Operation not supported by SFTP server";
 
-    case LIBSSH2_FX_INVALID_HANDLE:
-      return "Invalid handle";
+  case LIBSSH2_FX_INVALID_HANDLE:
+    return "Invalid handle";
 
-    case LIBSSH2_FX_NO_SUCH_PATH:
-      return "No such file or directory";
+  case LIBSSH2_FX_NO_SUCH_PATH:
+    return "No such file or directory";
 
-    case LIBSSH2_FX_FILE_ALREADY_EXISTS:
-      return "File already exists";
+  case LIBSSH2_FX_FILE_ALREADY_EXISTS:
+    return "File already exists";
 
-    case LIBSSH2_FX_WRITE_PROTECT:
-      return "File is write protected";
+  case LIBSSH2_FX_WRITE_PROTECT:
+    return "File is write protected";
 
-    case LIBSSH2_FX_NO_MEDIA:
-      return "No media";
+  case LIBSSH2_FX_NO_MEDIA:
+    return "No media";
 
-    case LIBSSH2_FX_NO_SPACE_ON_FILESYSTEM:
-      return "Disk full";
+  case LIBSSH2_FX_NO_SPACE_ON_FILESYSTEM:
+    return "Disk full";
 
-    case LIBSSH2_FX_QUOTA_EXCEEDED:
-      return "User quota exceeded";
+  case LIBSSH2_FX_QUOTA_EXCEEDED:
+    return "User quota exceeded";
 
-    case LIBSSH2_FX_UNKNOWN_PRINCIPLE:
-      return "Unknown principle";
+  case LIBSSH2_FX_UNKNOWN_PRINCIPLE:
+    return "Unknown principle";
 
-    case LIBSSH2_FX_LOCK_CONFlICT:
-      return "File lock conflict";
+  case LIBSSH2_FX_LOCK_CONFlICT:
+    return "File lock conflict";
 
-    case LIBSSH2_FX_DIR_NOT_EMPTY:
-      return "Directory not empty";
+  case LIBSSH2_FX_DIR_NOT_EMPTY:
+    return "Directory not empty";
 
-    case LIBSSH2_FX_NOT_A_DIRECTORY:
-      return "Not a directory";
+  case LIBSSH2_FX_NOT_A_DIRECTORY:
+    return "Not a directory";
 
-    case LIBSSH2_FX_INVALID_FILENAME:
-      return "Invalid filename";
+  case LIBSSH2_FX_INVALID_FILENAME:
+    return "Invalid filename";
 
-    case LIBSSH2_FX_LINK_LOOP:
-      return "Link points to itself";
+  case LIBSSH2_FX_LINK_LOOP:
+    return "Link points to itself";
   }
   return "Unknown error in libssh2";
 }
diff --git a/lib/vssh/ssh.h b/lib/vssh/ssh.h
index 92ae72a6a7..ad0875f191 100644
--- a/lib/vssh/ssh.h
+++ b/lib/vssh/ssh.h
@@ -217,7 +217,7 @@ struct ssh_conn {
 
 #ifdef USE_LIBSSH
 #if LIBSSH_VERSION_INT < SSH_VERSION_INT(0, 9, 0)
-#  error "SCP/SFTP protocols require libssh 0.9.0 or later"
+#error "SCP/SFTP protocols require libssh 0.9.0 or later"
 #endif
 #endif
 
@@ -227,7 +227,7 @@ struct ssh_conn {
    non-configure platforms */
 
 #if !defined(LIBSSH2_VERSION_NUM) || (LIBSSH2_VERSION_NUM < 0x010208)
-#  error "SCP/SFTP protocols require libssh2 1.2.8 or later"
+#error "SCP/SFTP protocols require libssh2 1.2.8 or later"
 /* 1.2.8 was released on April 5 2011 */
 #endif
 
@@ -247,7 +247,7 @@ void Curl_ssh_attach(struct Curl_easy *data,
 #else
 /* for non-SSH builds */
 #define Curl_ssh_cleanup()
-#define Curl_ssh_attach(x,y)
+#define Curl_ssh_attach(x, y)
 #define Curl_ssh_init() 0
 #endif
 
diff --git a/lib/vssh/vssh.c b/lib/vssh/vssh.c
index a23f9e8e98..bfc0a1eb3a 100644
--- a/lib/vssh/vssh.c
+++ b/lib/vssh/vssh.c
@@ -75,7 +75,7 @@ CURLcode Curl_getworkingpath(struct Curl_easy *data,
       /* Copy a separating '/' if homedir does not end with one */
       len = curlx_dyn_len(&npath);
       p = curlx_dyn_ptr(&npath);
-      if(len && (p[len-1] != '/'))
+      if(len && (p[len - 1] != '/'))
         copyfrom = 2;
 
       if(curlx_dyn_addn(&npath, &working_path[copyfrom],
@@ -147,7 +147,6 @@ CURLcode Curl_get_pathname(const char **cpp, char **path, const char *homedir)
 
     if(!curlx_dyn_len(&out))
       goto fail;
-
   }
   else {
     struct Curl_str word;
diff --git a/lib/vtls/apple.c b/lib/vtls/apple.c
index 62bb9e3bd1..31108763a0 100644
--- a/lib/vtls/apple.c
+++ b/lib/vtls/apple.c
@@ -207,8 +207,7 @@ CURLcode Curl_vtls_apple_verify(struct Curl_cfilter *cf,
 #if defined(HAVE_BUILTIN_AVAILABLE) && defined(SUPPORTS_SecOCSP)
   if(ocsp_len > 0) {
     if(__builtin_available(macOS 10.9, iOS 7, tvOS 9, watchOS 2, *)) {
-      CFDataRef ocspdata =
-        CFDataCreate(NULL, ocsp_buf, (CFIndex)ocsp_len);
+      CFDataRef ocspdata = CFDataCreate(NULL, ocsp_buf, (CFIndex)ocsp_len);
 
       status = SecTrustSetOCSPResponse(trust, ocspdata);
       CFRelease(ocspdata);
@@ -243,7 +242,7 @@ CURLcode Curl_vtls_apple_verify(struct Curl_cfilter *cf,
         err_desc = curlx_malloc(size + 1);
         if(err_desc) {
           if(!CFStringGetCString(error_ref, err_desc, size,
-             kCFStringEncodingUTF8)) {
+                                 kCFStringEncodingUTF8)) {
             curlx_free(err_desc);
             err_desc = NULL;
           }
diff --git a/lib/vtls/cipher_suite.c b/lib/vtls/cipher_suite.c
index 23fb3a3c5d..3726187d7f 100644
--- a/lib/vtls/cipher_suite.c
+++ b/lib/vtls/cipher_suite.c
@@ -547,8 +547,7 @@ static const struct cs_entry cs_list [] = {
 };
 #define CS_LIST_LEN CURL_ARRAYSIZE(cs_list)
 
-static int cs_str_to_zip(const char *cs_str, size_t cs_len,
-                         uint8_t zip[6])
+static int cs_str_to_zip(const char *cs_str, size_t cs_len, uint8_t zip[6])
 {
   uint8_t indexes[8] = {0};
   const char *entry, *cur;
@@ -568,7 +567,8 @@ static int cs_str_to_zip(const char *cs_str, size_t cs_len,
 
     /* determine the length of the part */
     cur = nxt;
-    for(; nxt < end && *nxt != '\0' && *nxt != separator; nxt++);
+    for(; nxt < end && *nxt != '\0' && *nxt != separator; nxt++)
+      ;
     len = nxt - cur;
 
     /* lookup index for the part (skip empty string at 0) */
@@ -581,22 +581,21 @@ static int cs_str_to_zip(const char *cs_str, size_t cs_len,
     if(idx == CS_TXT_LEN)
       return -1;
 
-    indexes[i++] = (uint8_t) idx;
+    indexes[i++] = (uint8_t)idx;
   } while(nxt < end && *(nxt++) != '\0');
 
   /* zip the 8 indexes into 48 bits */
-  zip[0] = (uint8_t) (indexes[0] << 2 | (indexes[1] & 0x3F) >> 4);
-  zip[1] = (uint8_t) (indexes[1] << 4 | (indexes[2] & 0x3F) >> 2);
-  zip[2] = (uint8_t) (indexes[2] << 6 | (indexes[3] & 0x3F));
-  zip[3] = (uint8_t) (indexes[4] << 2 | (indexes[5] & 0x3F) >> 4);
-  zip[4] = (uint8_t) (indexes[5] << 4 | (indexes[6] & 0x3F) >> 2);
-  zip[5] = (uint8_t) (indexes[6] << 6 | (indexes[7] & 0x3F));
+  zip[0] = (uint8_t)(indexes[0] << 2 | (indexes[1] & 0x3F) >> 4);
+  zip[1] = (uint8_t)(indexes[1] << 4 | (indexes[2] & 0x3F) >> 2);
+  zip[2] = (uint8_t)(indexes[2] << 6 | (indexes[3] & 0x3F));
+  zip[3] = (uint8_t)(indexes[4] << 2 | (indexes[5] & 0x3F) >> 4);
+  zip[4] = (uint8_t)(indexes[5] << 4 | (indexes[6] & 0x3F) >> 2);
+  zip[5] = (uint8_t)(indexes[6] << 6 | (indexes[7] & 0x3F));
 
   return 0;
 }
 
-static int cs_zip_to_str(const uint8_t zip[6],
-                         char *buf, size_t buf_size)
+static int cs_zip_to_str(const uint8_t zip[6], char *buf, size_t buf_size)
 {
   uint8_t indexes[8] = {0};
   const char *entry;
@@ -659,13 +658,12 @@ uint16_t Curl_cipher_suite_lookup_id(const char *cs_str, size_t cs_len)
 static bool cs_is_separator(char c)
 {
   switch(c) {
-    case ' ':
-    case '\t':
-    case ':':
-    case ',':
-    case ';':
-      return TRUE;
-    default:;
+  case ' ':
+  case '\t':
+  case ':':
+  case ',':
+  case ';':
+    return TRUE;
   }
   return FALSE;
 }
@@ -673,10 +671,12 @@ static bool cs_is_separator(char c)
 uint16_t Curl_cipher_suite_walk_str(const char **str, const char **end)
 {
   /* move string pointer to first non-separator or end of string */
-  for(; cs_is_separator(*str[0]); (*str)++);
+  for(; cs_is_separator(*str[0]); (*str)++)
+    ;
 
   /* move end pointer to next separator or end of string */
-  for(*end = *str; *end[0] != '\0' && !cs_is_separator(*end[0]); (*end)++);
+  for(*end = *str; *end[0] != '\0' && !cs_is_separator(*end[0]); (*end)++)
+    ;
 
   return Curl_cipher_suite_lookup_id(*str, *end - *str);
 }
diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index c05ab8427b..e0ba48422b 100644
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -66,7 +66,7 @@
 #ifdef GTLSDEBUG
 static void tls_log_func(int level, const char *str)
 {
-    curl_mfprintf(stderr, "|<%d>| %s", level, str);
+  curl_mfprintf(stderr, "|<%d>| %s", level, str);
 }
 #endif
 
@@ -131,8 +131,7 @@ static ssize_t gtls_pull(void *s, void *buf, size_t blen)
   }
 
   result = Curl_conn_cf_recv(cf->next, data, buf, blen, &nread);
-  CURL_TRC_CF(data, cf, "glts_pull(len=%zu) -> %d, %zd",
-              blen, result, nread);
+  CURL_TRC_CF(data, cf, "glts_pull(len=%zu) -> %d, %zd", blen, result, nread);
   backend->gtls.io_result = result;
   if(result) {
     /* !checksrc! disable ERRNOVAR 1 */
@@ -173,9 +172,7 @@ static void gtls_cleanup(void)
 }
 
 #ifndef CURL_DISABLE_VERBOSE_STRINGS
-static void showtime(struct Curl_easy *data,
-                     const char *text,
-                     time_t stamp)
+static void showtime(struct Curl_easy *data, const char *text, time_t stamp)
 {
   struct tm buffer;
   const struct tm *tm = &buffer;
@@ -209,10 +206,10 @@ static gnutls_datum_t load_file(const char *file)
   f = curlx_fopen(file, "rb");
   if(!f)
     return loaded_file;
-  if(fseek(f, 0, SEEK_END) != 0
-     || (filelen = ftell(f)) < 0
-     || fseek(f, 0, SEEK_SET) != 0
-     || !(ptr = curlx_malloc((size_t)filelen)))
+  if(fseek(f, 0, SEEK_END) != 0 ||
+     (filelen = ftell(f)) < 0 ||
+     fseek(f, 0, SEEK_SET) != 0 ||
+     !(ptr = curlx_malloc((size_t)filelen)))
     goto out;
   if(fread(ptr, 1, (size_t)filelen, f) < (size_t)filelen) {
     curlx_free(ptr);
@@ -231,7 +228,6 @@ static void unload_file(gnutls_datum_t data)
   curlx_free(data.data);
 }
 
-
 /* this function does an SSL/TLS (re-)handshake */
 static CURLcode cf_gtls_handshake(struct Curl_cfilter *cf,
                                   struct Curl_easy *data)
@@ -584,20 +580,20 @@ static bool gtls_shared_creds_different(struct Curl_cfilter *cf,
   return strcmp(sc->CAfile, conn_config->CAfile);
 }
 
-static struct gtls_shared_creds*
-gtls_get_cached_creds(struct Curl_cfilter *cf, struct Curl_easy *data)
+static struct gtls_shared_creds *gtls_get_cached_creds(struct Curl_cfilter *cf,
+                                                       struct Curl_easy *data)
 {
   struct gtls_shared_creds *shared_creds;
 
   if(data->multi) {
     shared_creds = Curl_hash_pick(&data->multi->proto_hash,
                                   CURL_UNCONST(MPROTO_GTLS_X509_KEY),
-                                  sizeof(MPROTO_GTLS_X509_KEY)-1);
-     if(shared_creds && shared_creds->creds &&
-        !gtls_shared_creds_expired(data, shared_creds) &&
-        !gtls_shared_creds_different(cf, shared_creds)) {
-       return shared_creds;
-     }
+                                  sizeof(MPROTO_GTLS_X509_KEY) - 1);
+    if(shared_creds && shared_creds->creds &&
+       !gtls_shared_creds_expired(data, shared_creds) &&
+       !gtls_shared_creds_different(cf, shared_creds)) {
+      return shared_creds;
+    }
   }
   return NULL;
 }
@@ -605,7 +601,7 @@ gtls_get_cached_creds(struct Curl_cfilter *cf, struct Curl_easy *data)
 static void gtls_shared_creds_hash_free(void *key, size_t key_len, void *p)
 {
   struct gtls_shared_creds *sc = p;
-  DEBUGASSERT(key_len == (sizeof(MPROTO_GTLS_X509_KEY)-1));
+  DEBUGASSERT(key_len == (sizeof(MPROTO_GTLS_X509_KEY) - 1));
   DEBUGASSERT(!memcmp(MPROTO_GTLS_X509_KEY, key, key_len));
   (void)key;
   (void)key_len;
@@ -635,9 +631,9 @@ static void gtls_set_cached_creds(struct Curl_cfilter *cf,
     return;
 
   if(!Curl_hash_add2(&data->multi->proto_hash,
-                    CURL_UNCONST(MPROTO_GTLS_X509_KEY),
-                    sizeof(MPROTO_GTLS_X509_KEY)-1,
-                    sc, gtls_shared_creds_hash_free)) {
+                     CURL_UNCONST(MPROTO_GTLS_X509_KEY),
+                     sizeof(MPROTO_GTLS_X509_KEY) - 1,
+                     sc, gtls_shared_creds_hash_free)) {
     Curl_gtls_shared_creds_free(&sc); /* down reference again */
     return;
   }
@@ -839,7 +835,7 @@ static CURLcode gtls_set_priority(struct Curl_cfilter *cf,
     if((conn_config->cipher_list[0] == '+') ||
        (conn_config->cipher_list[0] == '-') ||
        (conn_config->cipher_list[0] == '!')) {
-       /* add it to out own */
+      /* add it to out own */
       if(!curlx_dyn_len(&buf)) {  /* not added yet */
         result = curlx_dyn_add(&buf, priority);
         if(result)
@@ -1106,8 +1102,8 @@ static CURLcode gtls_on_session_reuse(struct Curl_cfilter *cf,
     connssl->earlydata_state = ssl_earlydata_await;
     connssl->state = ssl_connection_deferred;
     result = Curl_alpn_set_negotiated(cf, data, connssl,
-                    (const unsigned char *)scs->alpn,
-                    scs->alpn ? strlen(scs->alpn) : 0);
+                                      (const unsigned char *)scs->alpn,
+                                      scs->alpn ? strlen(scs->alpn) : 0);
     *do_early_data = !result;
   }
   return result;
@@ -1225,8 +1221,8 @@ out:
   return result;
 }
 
-static CURLcode
-gtls_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data)
+static CURLcode gtls_connect_step1(struct Curl_cfilter *cf,
+                                   struct Curl_easy *data)
 {
   struct ssl_connect_data *connssl = cf->ctx;
   struct gtls_ssl_backend_data *backend =
@@ -1333,8 +1329,7 @@ static CURLcode pkp_pin_peer_pubkey(struct Curl_easy *data,
   return result;
 }
 
-void Curl_gtls_report_handshake(struct Curl_easy *data,
-                                struct gtls_ctx *gctx)
+void Curl_gtls_report_handshake(struct Curl_easy *data, struct gtls_ctx *gctx)
 {
 #ifndef CURL_DISABLE_VERBOSE_STRINGS
   if(Curl_trc_is_verbose(data)) {
@@ -1580,8 +1575,7 @@ static CURLcode glts_apple_verify(struct Curl_cfilter *cf,
   CURLcode result;
 
   result = Curl_vtls_apple_verify(cf, data, peer, chain->num_certs,
-                                  gtls_chain_get_der, chain,
-                                  NULL, 0);
+                                  gtls_chain_get_der, chain, NULL, 0);
   *pverified = !result;
   if(*pverified)
     infof(data, "  SSL certificate verified by Apple SecTrust.");
@@ -1589,14 +1583,13 @@ static CURLcode glts_apple_verify(struct Curl_cfilter *cf,
 }
 #endif /* USE_APPLE_SECTRUST */
 
-CURLcode
-Curl_gtls_verifyserver(struct Curl_cfilter *cf,
-                       struct Curl_easy *data,
-                       gnutls_session_t session,
-                       struct ssl_primary_config *config,
-                       struct ssl_config_data *ssl_config,
-                       struct ssl_peer *peer,
-                       const char *pinned_key)
+CURLcode Curl_gtls_verifyserver(struct Curl_cfilter *cf,
+                                struct Curl_easy *data,
+                                gnutls_session_t session,
+                                struct ssl_primary_config *config,
+                                struct ssl_config_data *ssl_config,
+                                struct ssl_peer *peer,
+                                const char *pinned_key)
 {
   struct gtls_cert_chain chain;
   gnutls_x509_crt_t x509_cert = NULL, x509_issuer = NULL;
@@ -1651,7 +1644,7 @@ Curl_gtls_verifyserver(struct Curl_cfilter *cf,
         goto out;
 
       for(i = 0; i < chain.num_certs; i++) {
-        const char *beg = (const char *) chain.certs[i].data;
+        const char *beg = (const char *)chain.certs[i].data;
         const char *end = beg + chain.certs[i].size;
 
         result = Curl_extract_certinfo(data, (int)i, beg, end);
@@ -1897,7 +1890,7 @@ static CURLcode gtls_send_earlydata(struct Curl_cfilter *cf,
 {
   struct ssl_connect_data *connssl = cf->ctx;
   struct gtls_ssl_backend_data *backend =
-      (struct gtls_ssl_backend_data *)connssl->backend;
+    (struct gtls_ssl_backend_data *)connssl->backend;
   CURLcode result = CURLE_OK;
   const unsigned char *buf;
   size_t blen;
@@ -1907,8 +1900,7 @@ static CURLcode gtls_send_earlydata(struct Curl_cfilter *cf,
   backend->gtls.io_result = CURLE_OK;
   while(Curl_bufq_peek(&connssl->earlydata, &buf, &blen)) {
     n = gnutls_record_send_early_data(backend->gtls.session, buf, blen);
-    CURL_TRC_CF(data, cf, "gtls_send_earlydata(len=%zu) -> %zd",
-                blen, n);
+    CURL_TRC_CF(data, cf, "gtls_send_earlydata(len=%zu) -> %zd", blen, n);
     if(n < 0) {
       if(n == GNUTLS_E_AGAIN)
         result = CURLE_AGAIN;
@@ -1947,7 +1939,7 @@ static CURLcode gtls_connect_common(struct Curl_cfilter *cf,
 {
   struct ssl_connect_data *connssl = cf->ctx;
   struct gtls_ssl_backend_data *backend =
-      (struct gtls_ssl_backend_data *)connssl->backend;
+    (struct gtls_ssl_backend_data *)connssl->backend;
   CURLcode result = CURLE_OK;
 
   DEBUGASSERT(backend);
@@ -2131,7 +2123,7 @@ static CURLcode gtls_shutdown(struct Curl_cfilter *cf,
   size_t i;
 
   DEBUGASSERT(backend);
-   /* If we have no handshaked connection or already shut down */
+  /* If we have no handshaked connection or already shut down */
   if(!backend->gtls.session || cf->shutdown ||
      connssl->state != ssl_connection_complete) {
     *done = TRUE;
diff --git a/lib/vtls/gtls.h b/lib/vtls/gtls.h
index afbe51eb9c..4949eee2d2 100644
--- a/lib/vtls/gtls.h
+++ b/lib/vtls/gtls.h
@@ -119,8 +119,7 @@ CURLcode Curl_gtls_cache_session(struct Curl_cfilter *cf,
                                  size_t quic_tp_len);
 
 /* Report properties of a successful handshake */
-void Curl_gtls_report_handshake(struct Curl_easy *data,
-                                struct gtls_ctx *gctx);
+void Curl_gtls_report_handshake(struct Curl_easy *data, struct gtls_ctx *gctx);
 
 extern const struct Curl_ssl Curl_ssl_gnutls;
 
diff --git a/lib/vtls/hostcheck.c b/lib/vtls/hostcheck.c
index 672f473db4..fbd460bc15 100644
--- a/lib/vtls/hostcheck.c
+++ b/lib/vtls/hostcheck.c
@@ -84,9 +84,9 @@ static bool hostmatch(const char *hostname,
   DEBUGASSERT(hostlen);
 
   /* normalize pattern and hostname by stripping off trailing dots */
-  if(hostname[hostlen-1]=='.')
+  if(hostname[hostlen - 1] == '.')
     hostlen--;
-  if(pattern[patternlen-1]=='.')
+  if(pattern[patternlen - 1] == '.')
     patternlen--;
 
   if(strncmp(pattern, "*.", 2))
diff --git a/lib/vtls/keylog.c b/lib/vtls/keylog.c
index 397bac1a36..03dda01f8d 100644
--- a/lib/vtls/keylog.c
+++ b/lib/vtls/keylog.c
@@ -38,8 +38,7 @@
 /* The fp for the open SSLKEYLOGFILE, or NULL if not open */
 static FILE *keylog_file_fp;
 
-void
-Curl_tls_keylog_open(void)
+void Curl_tls_keylog_open(void)
 {
   char *keylog_file_name;
 
@@ -63,8 +62,7 @@ Curl_tls_keylog_open(void)
   }
 }
 
-void
-Curl_tls_keylog_close(void)
+void Curl_tls_keylog_close(void)
 {
   if(keylog_file_fp) {
     curlx_fclose(keylog_file_fp);
@@ -72,14 +70,12 @@ Curl_tls_keylog_close(void)
   }
 }
 
-bool
-Curl_tls_keylog_enabled(void)
+bool Curl_tls_keylog_enabled(void)
 {
   return keylog_file_fp != NULL;
 }
 
-bool
-Curl_tls_keylog_write_line(const char *line)
+bool Curl_tls_keylog_write_line(const char *line)
 {
   /* The current maximum valid keylog line length LF and NUL is 195. */
   size_t linelen;
@@ -107,10 +103,9 @@ Curl_tls_keylog_write_line(const char *line)
   return TRUE;
 }
 
-bool
-Curl_tls_keylog_write(const char *label,
-                      const unsigned char client_random[CLIENT_RANDOM_SIZE],
-                      const unsigned char *secret, size_t secretlen)
+bool Curl_tls_keylog_write(const char *label,
+                         const unsigned char client_random[CLIENT_RANDOM_SIZE],
+                         const unsigned char *secret, size_t secretlen)
 {
   size_t pos, i;
   unsigned char line[KEYLOG_LABEL_MAXLEN + 1 + 2 * CLIENT_RANDOM_SIZE + 1 +
diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c
index 9e13ed4641..d331670371 100644
--- a/lib/vtls/mbedtls.c
+++ b/lib/vtls/mbedtls.c
@@ -38,7 +38,7 @@
 
 #include 
 #if MBEDTLS_VERSION_NUMBER < 0x03020000
-  #error "mbedTLS 3.2.0 or later required"
+#error "mbedTLS 3.2.0 or later required"
 #endif
 #include 
 #include 
@@ -77,7 +77,7 @@
 
 /* ALPN for http2 */
 #if defined(USE_HTTP2) && defined(MBEDTLS_SSL_ALPN)
-#  define HAS_ALPN_MBEDTLS
+#define HAS_ALPN_MBEDTLS
 #endif
 
 struct mbed_ssl_backend_data {
@@ -109,7 +109,7 @@ struct mbed_ssl_backend_data {
 #endif
 
 #ifndef MBEDTLS_ERROR_C
-#define mbedtls_strerror(a,b,c) b[0] = 0
+#define mbedtls_strerror(a, b, c) b[0] = 0
 #endif
 
 #if defined(CURL_MBEDTLS_DRBG) && defined(HAS_THREADING_SUPPORT)
@@ -217,8 +217,7 @@ static int mbedtls_bio_cf_read(void *bio, unsigned char *buf, size_t blen)
 /*
  *  profile
  */
-static const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_fr =
-{
+static const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_fr = {
   /* Hashes from SHA-1 and above */
   MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA1) |
   MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_RIPEMD160) |
@@ -307,9 +306,8 @@ mbed_set_ssl_version_min_max(struct Curl_easy *data,
    cipher suite present in other SSL implementations. Provide
    provisional support for specifying the cipher suite here. */
 #ifdef MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
-static int
-mbed_cipher_suite_get_str(uint16_t id, char *buf, size_t buf_size,
-                          bool prefer_rfc)
+static int mbed_cipher_suite_get_str(uint16_t id, char *buf, size_t buf_size,
+                                     bool prefer_rfc)
 {
   if(id == MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8)
     curl_msnprintf(buf, buf_size, "%s", "TLS_ECJPAKE_WITH_AES_128_CCM_8");
@@ -318,8 +316,7 @@ mbed_cipher_suite_get_str(uint16_t id, char *buf, size_t buf_size,
   return 0;
 }
 
-static uint16_t
-mbed_cipher_suite_walk_str(const char **str, const char **end)
+static uint16_t mbed_cipher_suite_walk_str(const char **str, const char **end)
 {
   uint16_t id = Curl_cipher_suite_walk_str(str, end);
   size_t len = *end - *str;
@@ -348,7 +345,8 @@ mbed_set_selected_ciphers(struct Curl_easy *data,
   const char *ptr, *end;
 
   supported = mbedtls_ssl_list_ciphersuites();
-  for(i = 0; supported[i] != 0; i++);
+  for(i = 0; supported[i] != 0; i++)
+    ;
   supported_len = i;
 
   selected = curlx_malloc(sizeof(int) * (supported_len + 1));
@@ -361,7 +359,7 @@ mbed_set_selected_ciphers(struct Curl_easy *data,
   if(!ciphers13) {
     /* Add default TLSv1.3 ciphers to selection */
     for(j = 0; j < supported_len; j++) {
-      uint16_t id = (uint16_t) supported[j];
+      uint16_t id = (uint16_t)supported[j];
       if(strncmp(mbedtls_ssl_get_ciphersuite_name(id), "TLS1-3", 6) != 0)
         continue;
 
@@ -380,23 +378,25 @@ add_ciphers:
 
     /* Check if cipher is supported */
     if(id) {
-      for(i = 0; i < supported_len && supported[i] != id; i++);
+      for(i = 0; i < supported_len && supported[i] != id; i++)
+        ;
       if(i == supported_len)
         id = 0;
     }
     if(!id) {
       if(ptr[0] != '\0')
         infof(data, "mbedTLS: unknown cipher in list: \"%.*s\"",
-              (int) (end - ptr), ptr);
+              (int)(end - ptr), ptr);
       continue;
     }
 
     /* No duplicates allowed (so selected cannot overflow) */
-    for(i = 0; i < count && selected[i] != id; i++);
+    for(i = 0; i < count && selected[i] != id; i++)
+      ;
     if(i < count) {
       if(i >= default13_count)
         infof(data, "mbedTLS: duplicate cipher in list: \"%.*s\"",
-              (int) (end - ptr), ptr);
+              (int)(end - ptr), ptr);
       continue;
     }
 
@@ -412,12 +412,13 @@ add_ciphers:
   if(!ciphers12) {
     /* Add default TLSv1.2 ciphers to selection */
     for(j = 0; j < supported_len; j++) {
-      uint16_t id = (uint16_t) supported[j];
+      uint16_t id = (uint16_t)supported[j];
       if(strncmp(mbedtls_ssl_get_ciphersuite_name(id), "TLS1-3", 6) == 0)
         continue;
 
       /* No duplicates allowed (so selected cannot overflow) */
-      for(i = 0; i < count && selected[i] != id; i++);
+      for(i = 0; i < count && selected[i] != id; i++)
+        ;
       if(i < count)
         continue;
 
@@ -441,8 +442,8 @@ add_ciphers:
   return CURLE_OK;
 }
 
-static void
-mbed_dump_cert_info(struct Curl_easy *data, const mbedtls_x509_crt *crt)
+static void mbed_dump_cert_info(struct Curl_easy *data,
+                                const mbedtls_x509_crt *crt)
 {
 #if defined(CURL_DISABLE_VERBOSE_STRINGS) || defined(MBEDTLS_X509_REMOVE_INFO)
   (void)data, (void)crt;
@@ -454,7 +455,7 @@ mbed_dump_cert_info(struct Curl_easy *data, const mbedtls_x509_crt *crt)
     infof(data, "Server certificate:");
     for(p = buffer; *p; p += *p != '\0') {
       size_t s = strcspn(p, "\n");
-      infof(data, "%.*s", (int) s, p);
+      infof(data, "%.*s", (int)s, p);
       p += s;
     }
   }
@@ -465,8 +466,8 @@ mbed_dump_cert_info(struct Curl_easy *data, const mbedtls_x509_crt *crt)
 #endif
 }
 
-static void
-mbed_extract_certinfo(struct Curl_easy *data, const mbedtls_x509_crt *crt)
+static void mbed_extract_certinfo(struct Curl_easy *data,
+                                  const mbedtls_x509_crt *crt)
 {
   CURLcode result;
   const mbedtls_x509_crt *cur;
@@ -485,7 +486,7 @@ mbed_extract_certinfo(struct Curl_easy *data, const mbedtls_x509_crt *crt)
   result = Curl_ssl_init_certinfo(data, cert_count);
 
   for(i = 0, cur = crt; result == CURLE_OK && cur; ++i, cur = cur->next) {
-    const char *beg = (const char *) cur->raw.p;
+    const char *beg = (const char *)cur->raw.p;
     const char *end = beg + cur->raw.len;
     result = Curl_extract_certinfo(data, i, beg, end);
   }
@@ -494,7 +495,7 @@ mbed_extract_certinfo(struct Curl_easy *data, const mbedtls_x509_crt *crt)
 static int mbed_verify_cb(void *ptr, mbedtls_x509_crt *crt,
                           int depth, uint32_t *flags)
 {
-  struct Curl_cfilter *cf = (struct Curl_cfilter *) ptr;
+  struct Curl_cfilter *cf = (struct Curl_cfilter *)ptr;
   struct ssl_primary_config *conn_config = Curl_ssl_cf_get_primary_config(cf);
   struct Curl_easy *data = CF_DATA_CURRENT(cf);
 
@@ -523,8 +524,8 @@ static int mbed_verify_cb(void *ptr, mbedtls_x509_crt *crt,
   return 0;
 }
 
-static CURLcode
-mbed_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data)
+static CURLcode mbed_connect_step1(struct Curl_cfilter *cf,
+                                   struct Curl_easy *data)
 {
   struct ssl_connect_data *connssl = cf->ctx;
   struct mbed_ssl_backend_data *backend =
@@ -959,8 +960,8 @@ mbed_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data)
   return CURLE_OK;
 }
 
-static CURLcode
-mbed_connect_step2(struct Curl_cfilter *cf, struct Curl_easy *data)
+static CURLcode mbed_connect_step2(struct Curl_cfilter *cf,
+                                   struct Curl_easy *data)
 {
   CURLcode result;
   int ret;
@@ -1004,8 +1005,8 @@ mbed_connect_step2(struct Curl_cfilter *cf, struct Curl_easy *data)
   {
     char cipher_str[64];
     uint16_t cipher_id;
-    cipher_id = (uint16_t)
-                mbedtls_ssl_get_ciphersuite_id_from_ssl(&backend->ssl);
+    cipher_id =
+      (uint16_t)mbedtls_ssl_get_ciphersuite_id_from_ssl(&backend->ssl);
     mbed_cipher_suite_get_str(cipher_id, cipher_str, sizeof(cipher_str), TRUE);
     infof(data, "mbedTLS: %s Handshake complete, cipher is %s",
           mbedtls_ssl_get_version(&backend->ssl), cipher_str);
@@ -1084,8 +1085,8 @@ pinnedpubkey_error:
   return CURLE_OK;
 }
 
-static CURLcode
-mbed_new_session(struct Curl_cfilter *cf, struct Curl_easy *data)
+static CURLcode mbed_new_session(struct Curl_cfilter *cf,
+                                 struct Curl_easy *data)
 {
   struct ssl_connect_data *connssl = cf->ctx;
   struct mbed_ssl_backend_data *backend =
@@ -1148,8 +1149,7 @@ out:
 }
 
 static CURLcode mbed_send(struct Curl_cfilter *cf, struct Curl_easy *data,
-                          const void *mem, size_t len,
-                          size_t *pnwritten)
+                          const void *mem, size_t len, size_t *pnwritten)
 {
   struct ssl_connect_data *connssl = cf->ctx;
   struct mbed_ssl_backend_data *backend =
@@ -1327,8 +1327,7 @@ static void mbedtls_close(struct Curl_cfilter *cf, struct Curl_easy *data)
 }
 
 static CURLcode mbed_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
-                          char *buf, size_t buffersize,
-                          size_t *pnread)
+                          char *buf, size_t buffersize, size_t *pnread)
 {
   struct ssl_connect_data *connssl = cf->ctx;
   struct mbed_ssl_backend_data *backend =
diff --git a/lib/vtls/mbedtls_threadlock.c b/lib/vtls/mbedtls_threadlock.c
index 89cc2b7d38..0a74d60d37 100644
--- a/lib/vtls/mbedtls_threadlock.c
+++ b/lib/vtls/mbedtls_threadlock.c
@@ -24,9 +24,8 @@
  ***************************************************************************/
 #include "../curl_setup.h"
 
-#if defined(USE_MBEDTLS) &&                                     \
-  ((defined(USE_THREADS_POSIX) && defined(HAVE_PTHREAD_H)) ||   \
-    defined(_WIN32))
+#if defined(USE_MBEDTLS) && \
+  ((defined(USE_THREADS_POSIX) && defined(HAVE_PTHREAD_H)) || defined(_WIN32))
 
 #if defined(USE_THREADS_POSIX) && defined(HAVE_PTHREAD_H)
 #  include 
diff --git a/lib/vtls/mbedtls_threadlock.h b/lib/vtls/mbedtls_threadlock.h
index 1855d4cc01..55607e6250 100644
--- a/lib/vtls/mbedtls_threadlock.h
+++ b/lib/vtls/mbedtls_threadlock.h
@@ -28,8 +28,7 @@
 
 #ifdef USE_MBEDTLS
 
-#if (defined(USE_THREADS_POSIX) && defined(HAVE_PTHREAD_H)) || \
-    defined(_WIN32)
+#if (defined(USE_THREADS_POSIX) && defined(HAVE_PTHREAD_H)) || defined(_WIN32)
 
 int Curl_mbedtlsthreadlock_thread_setup(void);
 int Curl_mbedtlsthreadlock_thread_cleanup(void);
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index bdfe527acd..a958698b58 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -179,7 +179,7 @@ static void ossl_provider_cleanup(struct Curl_easy *data);
 #define OSSL_PACKAGE "BoringSSL"
 #elif defined(OPENSSL_IS_AWSLC)
 #define OSSL_PACKAGE "AWS-LC"
-#elif defined(USE_NGTCP2) && defined(USE_NGHTTP3) &&   \
+#elif defined(USE_NGTCP2) && defined(USE_NGHTTP3) && \
   !defined(OPENSSL_QUIC_API2)
 #define OSSL_PACKAGE "quictls"
 #else
@@ -234,7 +234,7 @@ static CURLcode pubkey_show(struct Curl_easy *data,
   return push_certinfo(data, mem, namebuf, num);
 }
 
-#define print_pubkey_BN(_type, _name, _num)             \
+#define print_pubkey_BN(_type, _name, _num)           \
   pubkey_show(data, mem, _num, #_type, #_name, _name)
 
 static int asn1_object_dump(const ASN1_OBJECT *a, char *buf, size_t len)
@@ -685,8 +685,7 @@ static void ossl_keylog_callback(const SSL *ssl, const char *line)
  * ossl_log_tls12_secret is called by libcurl to make the CLIENT_RANDOMs if the
  * OpenSSL being used does not have native support for doing that.
  */
-static void
-ossl_log_tls12_secret(const SSL *ssl, bool *keylog_done)
+static void ossl_log_tls12_secret(const SSL *ssl, bool *keylog_done)
 {
   const SSL_SESSION *session;
   unsigned char client_random[SSL3_RANDOM_SIZE];
@@ -791,8 +790,7 @@ static char *ossl_strerror(unsigned long error, char *buf, size_t size)
   return buf;
 }
 
-static int passwd_callback(char *buf, int num, int encrypting,
-                           void *password)
+static int passwd_callback(char *buf, int num, int encrypting, void *password)
 {
   DEBUGASSERT(encrypting == 0);
 
@@ -932,8 +930,7 @@ static int use_certificate_blob(SSL_CTX *ctx, const struct curl_blob *blob,
   }
   else if(type == SSL_FILETYPE_PEM) {
     /* ERR_R_PEM_LIB; */
-    x = PEM_read_bio_X509(in, NULL,
-                          passwd_callback, CURL_UNCONST(key_passwd));
+    x = PEM_read_bio_X509(in, NULL, passwd_callback, CURL_UNCONST(key_passwd));
   }
   else {
     ret = 0;
@@ -979,9 +976,9 @@ end:
   return ret;
 }
 
-static int
-use_certificate_chain_blob(SSL_CTX *ctx, const struct curl_blob *blob,
-                           const char *key_passwd)
+static int use_certificate_chain_blob(SSL_CTX *ctx,
+                                      const struct curl_blob *blob,
+                                      const char *key_passwd)
 {
   int ret = 0;
   X509 *x = NULL;
@@ -1011,8 +1008,7 @@ use_certificate_chain_blob(SSL_CTX *ctx, const struct curl_blob *blob,
     }
 
     while((ca = PEM_read_bio_X509(in, NULL, passwd_callback,
-                                  CURL_UNCONST(key_passwd)))
-          != NULL) {
+                                  CURL_UNCONST(key_passwd))) != NULL) {
 
       if(!SSL_CTX_add0_chain_cert(ctx, ca)) {
         X509_free(ca);
@@ -1054,8 +1050,7 @@ static int enginecheck(struct Curl_easy *data,
   }
 
   if(data->state.engine) {
-    UI_METHOD *ui_method =
-      UI_create_method("curl user interface");
+    UI_METHOD *ui_method = UI_create_method("curl user interface");
     if(!ui_method) {
       failf(data, "unable to create " OSSL_PACKAGE " user-interface method");
       return 0;
@@ -1116,8 +1111,7 @@ static int providercheck(struct Curl_easy *data,
     EVP_PKEY *priv_key = NULL;
     OSSL_STORE_CTX *store = NULL;
     OSSL_STORE_INFO *info = NULL;
-    UI_METHOD *ui_method =
-      UI_create_method("curl user interface");
+    UI_METHOD *ui_method = UI_create_method("curl user interface");
     if(!ui_method) {
       failf(data, "unable to create " OSSL_PACKAGE " user-interface method");
       return 0;
@@ -1221,16 +1215,15 @@ static int engineload(struct Curl_easy *data,
     /* Load the certificate from the engine */
     if(!ENGINE_ctrl_cmd(data->state.engine, cmd_name,
                         0, ¶ms, NULL, 1)) {
-      failf(data, "ssl engine cannot load client cert with id"
-            " '%s' [%s]", cert_file,
+      failf(data, "ssl engine cannot load client cert with id '%s' [%s]",
+            cert_file,
             ossl_strerror(ERR_get_error(), error_buffer,
                           sizeof(error_buffer)));
       return 0;
     }
 
     if(!params.cert) {
-      failf(data, "ssl engine did not initialized the certificate "
-            "properly.");
+      failf(data, "ssl engine did not initialized the certificate properly.");
       return 0;
     }
 
@@ -1352,8 +1345,7 @@ static int pkcs12load(struct Curl_easy *data,
   if(cert_blob) {
     cert_bio = BIO_new_mem_buf(cert_blob->data, (int)(cert_blob->len));
     if(!cert_bio) {
-      failf(data,
-            "BIO_new_mem_buf NULL, " OSSL_PACKAGE " error %s",
+      failf(data, "BIO_new_mem_buf NULL, " OSSL_PACKAGE " error %s",
             ossl_strerror(ERR_get_error(), error_buffer,
                           sizeof(error_buffer)) );
       return 0;
@@ -1362,8 +1354,7 @@ static int pkcs12load(struct Curl_easy *data,
   else {
     cert_bio = BIO_new(BIO_s_file());
     if(!cert_bio) {
-      failf(data,
-            "BIO_new return NULL, " OSSL_PACKAGE " error %s",
+      failf(data, "BIO_new return NULL, " OSSL_PACKAGE " error %s",
             ossl_strerror(ERR_get_error(), error_buffer,
                           sizeof(error_buffer)) );
       return 0;
@@ -1386,11 +1377,9 @@ static int pkcs12load(struct Curl_easy *data,
   }
 
   if(!PKCS12_parse(p12, key_passwd, &pri, &x509, &ca)) {
-    failf(data,
-          "could not parse PKCS12 file, check password, " OSSL_PACKAGE
+    failf(data, "could not parse PKCS12 file, check password, " OSSL_PACKAGE
           " error %s",
-          ossl_strerror(ERR_get_error(), error_buffer,
-                        sizeof(error_buffer)) );
+          ossl_strerror(ERR_get_error(), error_buffer, sizeof(error_buffer)));
     PKCS12_free(p12);
     return 0;
   }
@@ -1398,17 +1387,14 @@ static int pkcs12load(struct Curl_easy *data,
   PKCS12_free(p12);
 
   if(SSL_CTX_use_certificate(ctx, x509) != 1) {
-    failf(data,
-          "could not load PKCS12 client certificate, " OSSL_PACKAGE
+    failf(data, "could not load PKCS12 client certificate, " OSSL_PACKAGE
           " error %s",
-          ossl_strerror(ERR_get_error(), error_buffer,
-                        sizeof(error_buffer)) );
+          ossl_strerror(ERR_get_error(), error_buffer, sizeof(error_buffer)));
     goto fail;
   }
 
   if(SSL_CTX_use_PrivateKey(ctx, pri) != 1) {
-    failf(data, "unable to use private key from PKCS12 file '%s'",
-          cert_file);
+    failf(data, "unable to use private key from PKCS12 file '%s'", cert_file);
     goto fail;
   }
 
@@ -1500,7 +1486,7 @@ static CURLcode client_cert(struct Curl_easy *data,
               "(no key found, wrong passphrase, or wrong file format?)",
               (cert_blob ? "CURLOPT_SSLCERT_BLOB" : cert_file),
               ossl_strerror(ERR_get_error(), error_buffer,
-                            sizeof(error_buffer)) );
+                            sizeof(error_buffer)));
         return CURLE_SSL_CERTPROBLEM;
       }
       break;
@@ -1520,7 +1506,7 @@ static CURLcode client_cert(struct Curl_easy *data,
               "(no key found, wrong passphrase, or wrong file format?)",
               (cert_blob ? "CURLOPT_SSLCERT_BLOB" : cert_file),
               ossl_strerror(ERR_get_error(), error_buffer,
-                            sizeof(error_buffer)) );
+                            sizeof(error_buffer)));
         return CURLE_SSL_CERTPROBLEM;
       }
       break;
@@ -1850,20 +1836,17 @@ static CURLcode ossl_set_provider(struct Curl_easy *data, const char *iname)
     return CURLE_OK;
   }
 
-  data->state.provider =
-    OSSL_PROVIDER_try_load(data->state.libctx, name, 1);
+  data->state.provider = OSSL_PROVIDER_try_load(data->state.libctx, name, 1);
   if(!data->state.provider) {
     char error_buffer[256];
     failf(data, "Failed to initialize provider: %s",
-          ossl_strerror(ERR_get_error(), error_buffer,
-                        sizeof(error_buffer)));
+          ossl_strerror(ERR_get_error(), error_buffer, sizeof(error_buffer)));
     ossl_provider_cleanup(data);
     return CURLE_SSL_ENGINE_NOTFOUND;
   }
 
   /* load the base provider as well */
-  data->state.baseprov =
-    OSSL_PROVIDER_try_load(data->state.libctx, "base", 1);
+  data->state.baseprov = OSSL_PROVIDER_try_load(data->state.libctx, "base", 1);
   if(!data->state.baseprov) {
     ossl_provider_cleanup(data);
     failf(data, "Failed to load base");
@@ -1875,7 +1858,6 @@ static CURLcode ossl_set_provider(struct Curl_easy *data, const char *iname)
 }
 #endif
 
-
 static CURLcode ossl_shutdown(struct Curl_cfilter *cf,
                               struct Curl_easy *data,
                               bool send_shutdown, bool *done)
@@ -2138,7 +2120,7 @@ static CURLcode ossl_verifyhost(struct Curl_easy *data,
       if(check->type == target) {
         /* get data and length */
         const char *altptr = (const char *)ASN1_STRING_get0_data(check->d.ia5);
-        size_t altlen = (size_t) ASN1_STRING_length(check->d.ia5);
+        size_t altlen = (size_t)ASN1_STRING_length(check->d.ia5);
 
         switch(target) {
         case GEN_DNS: /* name/pattern comparison */
@@ -2166,8 +2148,7 @@ static CURLcode ossl_verifyhost(struct Curl_easy *data,
              our server IP address is */
           if((altlen == addrlen) && !memcmp(altptr, &addr, altlen)) {
             matched = TRUE;
-            infof(data,
-                  "  subjectAltName: \"%s\" matches cert's IP address!",
+            infof(data, "  subjectAltName: \"%s\" matches cert's IP address!",
                   peer->dispname);
           }
           break;
@@ -2242,8 +2223,7 @@ static CURLcode ossl_verifyhost(struct Curl_easy *data,
       /* error already detected, pass through */
       ;
     else if(!cn) {
-      failf(data,
-            "SSL: unable to obtain common name from peer certificate");
+      failf(data, "SSL: unable to obtain common name from peer certificate");
       result = CURLE_PEER_FAILED_VERIFICATION;
     }
     else if(!Curl_cert_hostcheck((const char *)cn, cnlen,
@@ -2780,7 +2760,7 @@ out:
  */
 static int ossl_new_session_cb(SSL *ssl, SSL_SESSION *ssl_sessionid)
 {
-  struct Curl_cfilter *cf = (struct Curl_cfilter*) SSL_get_app_data(ssl);
+  struct Curl_cfilter *cf = (struct Curl_cfilter *)SSL_get_app_data(ssl);
   if(cf) {
     struct Curl_easy *data = CF_DATA_CURRENT(cf);
     struct ssl_connect_data *connssl = cf->ctx;
@@ -3181,7 +3161,7 @@ static CURLcode ossl_populate_x509_store(struct Curl_cfilter *cf,
       failf(data, "error loading CRL file: %s", ssl_crlfile);
       return CURLE_SSL_CRL_BADFILE;
     }
-    x509flags = X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL;
+    x509flags = X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL;
     infof(data, " CRLfile: %s", ssl_crlfile);
   }
 
@@ -3210,7 +3190,7 @@ static CURLcode ossl_populate_x509_store(struct Curl_cfilter *cf,
 }
 
 /* key to use at `multi->proto_hash` */
-#define MPROTO_OSSL_X509_KEY   "tls:ossl:x509:share"
+#define MPROTO_OSSL_X509_KEY  "tls:ossl:x509:share"
 
 struct ossl_x509_share {
   char *CAfile;         /* CAfile path used to generate X509 store */
@@ -3222,7 +3202,7 @@ struct ossl_x509_share {
 static void oss_x509_share_free(void *key, size_t key_len, void *p)
 {
   struct ossl_x509_share *share = p;
-  DEBUGASSERT(key_len == (sizeof(MPROTO_OSSL_X509_KEY)-1));
+  DEBUGASSERT(key_len == (sizeof(MPROTO_OSSL_X509_KEY) - 1));
   DEBUGASSERT(!memcmp(MPROTO_OSSL_X509_KEY, key, key_len));
   (void)key;
   (void)key_len;
@@ -3233,9 +3213,8 @@ static void oss_x509_share_free(void *key, size_t key_len, void *p)
   curlx_free(share);
 }
 
-static bool
-ossl_cached_x509_store_expired(const struct Curl_easy *data,
-                               const struct ossl_x509_share *mb)
+static bool ossl_cached_x509_store_expired(const struct Curl_easy *data,
+                                           const struct ossl_x509_share *mb)
 {
   const struct ssl_general_config *cfg = &data->set.general_ssl;
   if(cfg->ca_cache_timeout < 0)
@@ -3249,9 +3228,8 @@ ossl_cached_x509_store_expired(const struct Curl_easy *data,
   }
 }
 
-static bool
-ossl_cached_x509_store_different(struct Curl_cfilter *cf,
-                                 const struct ossl_x509_share *mb)
+static bool ossl_cached_x509_store_different(struct Curl_cfilter *cf,
+                                             const struct ossl_x509_share *mb)
 {
   struct ssl_primary_config *conn_config = Curl_ssl_cf_get_primary_config(cf);
   if(!mb->CAfile || !conn_config->CAfile)
@@ -3272,7 +3250,7 @@ static X509_STORE *ossl_get_cached_x509_store(struct Curl_cfilter *cf,
   *pempty = TRUE;
   share = multi ? Curl_hash_pick(&multi->proto_hash,
                                  CURL_UNCONST(MPROTO_OSSL_X509_KEY),
-                                 sizeof(MPROTO_OSSL_X509_KEY)-1) : NULL;
+                                 sizeof(MPROTO_OSSL_X509_KEY) - 1) : NULL;
   if(share && share->store &&
      !ossl_cached_x509_store_expired(data, share) &&
      !ossl_cached_x509_store_different(cf, share)) {
@@ -3297,7 +3275,7 @@ static void ossl_set_cached_x509_store(struct Curl_cfilter *cf,
     return;
   share = Curl_hash_pick(&multi->proto_hash,
                          CURL_UNCONST(MPROTO_OSSL_X509_KEY),
-                         sizeof(MPROTO_OSSL_X509_KEY)-1);
+                         sizeof(MPROTO_OSSL_X509_KEY) - 1);
 
   if(!share) {
     share = curlx_calloc(1, sizeof(*share));
@@ -3305,7 +3283,7 @@ static void ossl_set_cached_x509_store(struct Curl_cfilter *cf,
       return;
     if(!Curl_hash_add2(&multi->proto_hash,
                        CURL_UNCONST(MPROTO_OSSL_X509_KEY),
-                       sizeof(MPROTO_OSSL_X509_KEY)-1,
+                       sizeof(MPROTO_OSSL_X509_KEY) - 1,
                        share, oss_x509_share_free)) {
       curlx_free(share);
       return;
@@ -3508,8 +3486,7 @@ static CURLcode ossl_init_ech(struct ossl_ctx *octx,
       if(data->set.tls_ech & CURLECH_HARD)
         return result;
     }
-    if(SSL_set1_ech_config_list(octx->ssl, ech_config,
-                                ech_config_len) != 1) {
+    if(SSL_set1_ech_config_list(octx->ssl, ech_config, ech_config_len) != 1) {
       infof(data, "ECH: SSL_ECH_set1_ech_config_list failed");
       if(data->set.tls_ech & CURLECH_HARD) {
         curlx_free(ech_config);
@@ -3519,14 +3496,13 @@ static CURLcode ossl_init_ech(struct ossl_ctx *octx,
     curlx_free(ech_config);
     trying_ech_now = 1;
 # else
-    ech_config = (unsigned char *) data->set.str[STRING_ECH_CONFIG];
+    ech_config = (unsigned char *)data->set.str[STRING_ECH_CONFIG];
     if(!ech_config) {
       infof(data, "ECH: ECHConfig from command line empty");
       return CURLE_SSL_CONNECT_ERROR;
     }
     ech_config_len = strlen(data->set.str[STRING_ECH_CONFIG]);
-    if(SSL_set1_ech_config_list(octx->ssl, ech_config,
-                                ech_config_len) != 1) {
+    if(SSL_set1_ech_config_list(octx->ssl, ech_config, ech_config_len) != 1) {
       infof(data, "ECH: SSL_ECH_set1_ech_config_list failed");
       if(data->set.tls_ech & CURLECH_HARD)
         return CURLE_SSL_CONNECT_ERROR;
@@ -3584,16 +3560,16 @@ static CURLcode ossl_init_ech(struct ossl_ctx *octx,
     infof(data, "ECH: inner: '%s', outer: '%s'",
           peer->hostname ? peer->hostname : "NULL", outername);
     result = SSL_ech_set1_server_names(octx->ssl,
-                                      peer->hostname, outername,
-                                      0 /* do send outer */);
+                                       peer->hostname, outername,
+                                       0 /* do send outer */);
     if(result != 1) {
       infof(data, "ECH: rv failed to set server name(s) %d [ERROR]", result);
       return CURLE_SSL_CONNECT_ERROR;
     }
   }
 # endif /* HAVE_BORINGSSL_LIKE */
-  if(trying_ech_now
-     && SSL_set_min_proto_version(octx->ssl, TLS1_3_VERSION) != 1) {
+  if(trying_ech_now &&
+     SSL_set_min_proto_version(octx->ssl, TLS1_3_VERSION) != 1) {
     infof(data, "ECH: cannot force TLSv1.3 [ERROR]");
     return CURLE_SSL_CONNECT_ERROR;
   }
@@ -3602,7 +3578,6 @@ static CURLcode ossl_init_ech(struct ossl_ctx *octx,
 }
 #endif /* USE_ECH_OPENSSL */
 
-
 static CURLcode ossl_init_ssl(struct ossl_ctx *octx,
                               struct Curl_cfilter *cf,
                               struct Curl_easy *data,
@@ -3706,7 +3681,6 @@ static CURLcode ossl_init_method(struct Curl_cfilter *cf,
   return *pmethod ? CURLE_OK : CURLE_SSL_CONNECT_ERROR;
 }
 
-
 CURLcode Curl_ossl_ctx_init(struct ossl_ctx *octx,
                             struct Curl_cfilter *cf,
                             struct Curl_easy *data,
@@ -3821,7 +3795,7 @@ CURLcode Curl_ossl_ctx_init(struct ossl_ctx *octx,
 
     /* "--tlsv" options mean TLS >= version  */
   case CURL_SSLVERSION_DEFAULT:
-  case CURL_SSLVERSION_TLSv1: /* TLS >= version 1.0 */
+  case CURL_SSLVERSION_TLSv1:   /* TLS >= version 1.0 */
   case CURL_SSLVERSION_TLSv1_0: /* TLS >= version 1.0 */
   case CURL_SSLVERSION_TLSv1_1: /* TLS >= version 1.1 */
   case CURL_SSLVERSION_TLSv1_2: /* TLS >= version 1.2 */
@@ -4036,8 +4010,7 @@ static CURLcode ossl_on_session_reuse(struct Curl_cfilter *cf,
   return result;
 }
 
-void Curl_ossl_report_handshake(struct Curl_easy *data,
-                                struct ossl_ctx *octx)
+void Curl_ossl_report_handshake(struct Curl_easy *data, struct ossl_ctx *octx)
 {
 #ifndef CURL_DISABLE_VERBOSE_STRINGS
   if(Curl_trc_is_verbose(data)) {
@@ -4065,7 +4038,6 @@ void Curl_ossl_report_handshake(struct Curl_easy *data,
   (void)data;
   (void)octx;
 #endif /* CURL_DISABLE_VERBOSE_STRINGS */
-
 }
 
 static CURLcode ossl_connect_step1(struct Curl_cfilter *cf,
@@ -4121,7 +4093,7 @@ static CURLcode ossl_connect_step1(struct Curl_cfilter *cf,
 
 #ifdef USE_ECH_OPENSSL
 /* If we have retry configs, then trace those out */
-static void ossl_trace_ech_retry_configs(struct Curl_easy *data, SSL* ssl,
+static void ossl_trace_ech_retry_configs(struct Curl_easy *data, SSL *ssl,
                                          int reason)
 {
   CURLcode result = CURLE_OK;
@@ -4247,7 +4219,7 @@ static CURLcode ossl_connect_step2(struct Curl_cfilter *cf,
     else {
       /* untreated error */
       sslerr_t errdetail;
-      char error_buffer[256]="";
+      char error_buffer[256] = "";
       CURLcode result;
       long lerr;
       int lib;
@@ -4319,7 +4291,7 @@ static CURLcode ossl_connect_step2(struct Curl_cfilter *cf,
        * the SO_ERROR is also lost.
        */
       if(CURLE_SSL_CONNECT_ERROR == result && errdetail == 0) {
-        char extramsg[80]="";
+        char extramsg[80] = "";
         int sockerr = SOCKERRNO;
 
         if(sockerr && detail == SSL_ERROR_SYSCALL)
@@ -4374,7 +4346,7 @@ static CURLcode ossl_connect_step2(struct Curl_cfilter *cf,
         break;
       default:
         status = "unexpected status";
-        infof(data, "ECH: unexpected status %d",rv);
+        infof(data, "ECH: unexpected status %d", rv);
       }
       infof(data, "ECH: result: status is %s, inner is %s, outer is %s",
             (status ? status : "NULL"),
@@ -4418,7 +4390,7 @@ static CURLcode ossl_connect_step2(struct Curl_cfilter *cf,
  * Heavily modified from:
  * https://www.owasp.org/index.php/Certificate_and_Public_Key_Pinning#OpenSSL
  */
-static CURLcode ossl_pkp_pin_peer_pubkey(struct Curl_easy *data, X509* cert,
+static CURLcode ossl_pkp_pin_peer_pubkey(struct Curl_easy *data, X509 *cert,
                                          const char *pinnedpubkey)
 {
   /* Scratch */
@@ -4534,8 +4506,7 @@ static void infof_certstack(struct Curl_easy *data, const SSL *ssl)
     type_name = NULL;
 #endif
 
-    infof(data,
-          "  Certificate level %d: "
+    infof(data, "  Certificate level %d: "
           "Public key type %s%s (%d/%d Bits/secBits), signed using %s",
           cert_level, type_name ? type_name : "?",
           get_group_name == 0 ? "" : group_name_final,
@@ -4553,7 +4524,7 @@ static CURLcode ossl_check_issuer(struct Curl_cfilter *cf,
   struct ssl_primary_config *conn_config = Curl_ssl_cf_get_primary_config(cf);
   X509 *issuer = NULL;
   BIO *fp = NULL;
-  char err_buf[256]="";
+  char err_buf[256] = "";
   bool verify_enabled = (conn_config->verifypeer || conn_config->verifyhost);
   CURLcode result = CURLE_OK;
 
@@ -4671,12 +4642,12 @@ static CURLcode ossl_infof_cert(struct Curl_cfilter *cf,
   infof(data, "  subject: %s", result ? "[NONE]" : curlx_dyn_ptr(&dname));
 
   ASN1_TIME_print(mem, X509_get0_notBefore(server_cert));
-  len = BIO_get_mem_data(mem, (char **) &buf);
+  len = BIO_get_mem_data(mem, (char **)&buf);
   infof(data, "  start date: %.*s", (int)len, buf);
   (void)BIO_reset(mem);
 
   ASN1_TIME_print(mem, X509_get0_notAfter(server_cert));
-  len = BIO_get_mem_data(mem, (char **) &buf);
+  len = BIO_get_mem_data(mem, (char **)&buf);
   infof(data, "  expire date: %.*s", (int)len, buf);
   (void)BIO_reset(mem);
 
@@ -5118,8 +5089,7 @@ static CURLcode ossl_send(struct Curl_cfilter *cf,
       result = CURLE_AGAIN;
       octx->blocked_ssl_write_len = memlen;
       goto out;
-    case SSL_ERROR_SYSCALL:
-    {
+    case SSL_ERROR_SYSCALL: {
       int sockerr = SOCKERRNO;
 
       if(octx->io_result == CURLE_AGAIN) {
diff --git a/lib/vtls/openssl.h b/lib/vtls/openssl.h
index 5b6f35396d..ff8246b4fa 100644
--- a/lib/vtls/openssl.h
+++ b/lib/vtls/openssl.h
@@ -150,8 +150,7 @@ CURLcode Curl_ossl_check_peer_cert(struct Curl_cfilter *cf,
                                    struct ssl_peer *peer);
 
 /* Report properties of a successful handshake */
-void Curl_ossl_report_handshake(struct Curl_easy *data,
-                                struct ossl_ctx *octx);
+void Curl_ossl_report_handshake(struct Curl_easy *data, struct ossl_ctx *octx);
 
 #endif /* USE_OPENSSL */
 #endif /* HEADER_CURL_SSLUSE_H */
diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c
index 360a2454ac..951b339b43 100644
--- a/lib/vtls/rustls.c
+++ b/lib/vtls/rustls.c
@@ -42,8 +42,7 @@
 #include "cipher_suite.h"
 #include "x509asn1.h"
 
-struct rustls_ssl_backend_data
-{
+struct rustls_ssl_backend_data {
   const struct rustls_client_config *config;
   struct rustls_connection *conn;
   size_t plain_out_buffered;
@@ -58,17 +57,17 @@ static CURLcode map_error(const rustls_result r)
     return CURLE_PEER_FAILED_VERIFICATION;
   }
   switch(r) {
-    case RUSTLS_RESULT_OK:
-      return CURLE_OK;
-    case RUSTLS_RESULT_NULL_PARAMETER:
-      return CURLE_BAD_FUNCTION_ARGUMENT;
-    default:
-      return CURLE_RECV_ERROR;
+  case RUSTLS_RESULT_OK:
+    return CURLE_OK;
+  case RUSTLS_RESULT_NULL_PARAMETER:
+    return CURLE_BAD_FUNCTION_ARGUMENT;
+  default:
+    return CURLE_RECV_ERROR;
   }
 }
 
-static void
-rustls_failf(struct Curl_easy *data, const rustls_result rr, const char *msg)
+static void rustls_failf(struct Curl_easy *data, const rustls_result rr,
+                         const char *msg)
 {
   char errorbuf[STRERROR_LEN];
   size_t errorlen;
@@ -76,8 +75,8 @@ rustls_failf(struct Curl_easy *data, const rustls_result rr, const char *msg)
   failf(data, "%s: %.*s", msg, (int)errorlen, errorbuf);
 }
 
-static bool
-cr_data_pending(struct Curl_cfilter *cf, const struct Curl_easy *data)
+static bool cr_data_pending(struct Curl_cfilter *cf,
+                            const struct Curl_easy *data)
 {
   const struct ssl_connect_data *ctx = cf->ctx;
   struct rustls_ssl_backend_data *backend;
@@ -93,11 +92,11 @@ struct io_ctx {
   struct Curl_easy *data;
 };
 
-static int
-read_cb(void *userdata, uint8_t *buf, uintptr_t len, uintptr_t *out_n)
+static int read_cb(void *userdata, uint8_t *buf, uintptr_t len,
+                   uintptr_t *out_n)
 {
   const struct io_ctx *io_ctx = userdata;
-  struct ssl_connect_data *const connssl = io_ctx->cf->ctx;
+  struct ssl_connect_data * const connssl = io_ctx->cf->ctx;
   CURLcode result;
   int ret = 0;
   size_t nread;
@@ -120,8 +119,8 @@ read_cb(void *userdata, uint8_t *buf, uintptr_t len, uintptr_t *out_n)
   return ret;
 }
 
-static int
-write_cb(void *userdata, const uint8_t *buf, uintptr_t len, uintptr_t *out_n)
+static int write_cb(void *userdata, const uint8_t *buf, uintptr_t len,
+                    uintptr_t *out_n)
 {
   const struct io_ctx *io_ctx = userdata;
   CURLcode result;
@@ -146,8 +145,8 @@ write_cb(void *userdata, const uint8_t *buf, uintptr_t len, uintptr_t *out_n)
 static ssize_t tls_recv_more(struct Curl_cfilter *cf,
                              struct Curl_easy *data, CURLcode *err)
 {
-  const struct ssl_connect_data *const connssl = cf->ctx;
-  struct rustls_ssl_backend_data *const backend =
+  const struct ssl_connect_data * const connssl = cf->ctx;
+  struct rustls_ssl_backend_data * const backend =
     (struct rustls_ssl_backend_data *)connssl->backend;
   struct io_ctx io_ctx;
   size_t tls_bytes_read = 0;
@@ -186,12 +185,11 @@ static ssize_t tls_recv_more(struct Curl_cfilter *cf,
  * Filter receive method implementation. `plainbuf` and `plainlen`
  * are always not NULL/0.
  */
-static CURLcode
-cr_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
-        char *plainbuf, size_t plainlen, size_t *pnread)
+static CURLcode cr_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
+                        char *plainbuf, size_t plainlen, size_t *pnread)
 {
-  const struct ssl_connect_data *const connssl = cf->ctx;
-  struct rustls_ssl_backend_data *const backend =
+  const struct ssl_connect_data * const connssl = cf->ctx;
+  struct rustls_ssl_backend_data * const backend =
     (struct rustls_ssl_backend_data *)connssl->backend;
   struct rustls_connection *rconn = NULL;
   CURLcode result = CURLE_OK;
@@ -300,12 +298,12 @@ static CURLcode cr_flush_out(struct Curl_cfilter *cf, struct Curl_easy *data,
  * In that case, it will not read anything into Rustls' plaintext input buffer.
  * It will only drain Rustls' plaintext output buffer into the socket.
  */
-static CURLcode
-cr_send(struct Curl_cfilter *cf, struct Curl_easy *data,
-        const void *plainbuf, size_t plainlen, size_t *pnwritten)
+static CURLcode cr_send(struct Curl_cfilter *cf, struct Curl_easy *data,
+                        const void *plainbuf, size_t plainlen,
+                        size_t *pnwritten)
 {
-  const struct ssl_connect_data *const connssl = cf->ctx;
-  struct rustls_ssl_backend_data *const backend =
+  const struct ssl_connect_data * const connssl = cf->ctx;
+  struct rustls_ssl_backend_data * const backend =
     (struct rustls_ssl_backend_data *)connssl->backend;
   struct rustls_connection *rconn = NULL;
   size_t plainwritten = 0;
@@ -379,18 +377,15 @@ out:
 
 /* A server certificate verify callback for Rustls that always returns
    RUSTLS_RESULT_OK, or in other words disable certificate verification. */
-static uint32_t
-cr_verify_none(void *userdata,
-               const rustls_verify_server_cert_params *params)
+static uint32_t cr_verify_none(void *userdata,
+                               const rustls_verify_server_cert_params *params)
 {
   (void)userdata;
   (void)params;
   return RUSTLS_RESULT_OK;
 }
 
-static int
-read_file_into(const char *filename,
-               struct dynbuf *out)
+static int read_file_into(const char *filename, struct dynbuf *out)
 {
   FILE *f = curlx_fopen(filename, FOPEN_READTEXT);
   if(!f) {
@@ -464,16 +459,17 @@ add_ciphers:
     if(!id) {
       if(ptr[0] != '\0')
         infof(data, "rustls: unknown cipher in list: \"%.*s\"",
-              (int) (end - ptr), ptr);
+              (int)(end - ptr), ptr);
       continue;
     }
 
     /* No duplicates allowed (so selected cannot overflow) */
-    for(i = 0; i < count && selected[i] != entry; i++);
+    for(i = 0; i < count && selected[i] != entry; i++)
+      ;
     if(i < count) {
       if(i >= default13_count)
         infof(data, "rustls: duplicate cipher in list: \"%.*s\"",
-              (int) (end - ptr), ptr);
+              (int)(end - ptr), ptr);
       continue;
     }
 
@@ -494,7 +490,8 @@ add_ciphers:
         continue;
 
       /* No duplicates allowed (so selected cannot overflow) */
-      for(i = 0; i < count && selected[i] != entry; i++);
+      for(i = 0; i < count && selected[i] != entry; i++)
+        ;
       if(i < count)
         continue;
 
@@ -505,10 +502,10 @@ add_ciphers:
   *selected_size = count;
 }
 
-static void
-cr_keylog_log_cb(struct rustls_str label,
-                 const uint8_t *client_random, size_t client_random_len,
-                 const uint8_t *secret, size_t secret_len)
+static void cr_keylog_log_cb(struct rustls_str label,
+                             const uint8_t *client_random,
+                             size_t client_random_len, const uint8_t *secret,
+                             size_t secret_len)
 {
   char clabel[KEYLOG_LABEL_MAXLEN];
   (void)client_random_len;
@@ -528,12 +525,11 @@ init_config_builder(struct Curl_easy *data,
   const struct rustls_crypto_provider *custom_provider = NULL;
 
   uint16_t tls_versions[2] = {
-      RUSTLS_TLS_VERSION_TLSV1_2,
-      RUSTLS_TLS_VERSION_TLSV1_3,
+    RUSTLS_TLS_VERSION_TLSV1_2,
+    RUSTLS_TLS_VERSION_TLSV1_3,
   };
   size_t tls_versions_len = 2;
-  size_t cipher_suites_len =
-    rustls_default_crypto_provider_ciphersuites_len();
+  size_t cipher_suites_len = rustls_default_crypto_provider_ciphersuites_len();
 
   CURLcode result = CURLE_OK;
   rustls_result rr;
@@ -602,7 +598,7 @@ init_config_builder(struct Curl_easy *data,
     &custom_provider_builder);
   if(rr != RUSTLS_RESULT_OK) {
     rustls_failf(data, rr,
-      "failed to create crypto provider builder from default");
+                 "failed to create crypto provider builder from default");
     result = CURLE_SSL_CIPHER;
     goto cleanup;
   }
@@ -614,13 +610,13 @@ init_config_builder(struct Curl_easy *data,
       cipher_suites_len);
   if(rr != RUSTLS_RESULT_OK) {
     rustls_failf(data, rr,
-      "failed to set ciphersuites for crypto provider builder");
+                 "failed to set ciphersuites for crypto provider builder");
     result = CURLE_SSL_CIPHER;
     goto cleanup;
   }
 
-  rr = rustls_crypto_provider_builder_build(
-    custom_provider_builder, &custom_provider);
+  rr = rustls_crypto_provider_builder_build(custom_provider_builder,
+                                            &custom_provider);
   if(rr != RUSTLS_RESULT_OK) {
     rustls_failf(data, rr, "failed to build custom crypto provider");
     result = CURLE_SSL_CIPHER;
@@ -628,9 +624,9 @@ init_config_builder(struct Curl_easy *data,
   }
 
   rr = rustls_client_config_builder_new_custom(custom_provider,
-                                                     tls_versions,
-                                                     tls_versions_len,
-                                                     config_builder);
+                                               tls_versions,
+                                               tls_versions_len,
+                                               config_builder);
   if(rr != RUSTLS_RESULT_OK) {
     rustls_failf(data, rr, "failed to create client config builder");
     result = CURLE_SSL_CIPHER;
@@ -669,8 +665,7 @@ init_config_builder_alpn(struct Curl_easy *data,
   infof(data, VTLS_INFOF_ALPN_OFFER_1STR, proto.data);
 }
 
-static CURLcode
-init_config_builder_verifier_crl(
+static CURLcode init_config_builder_verifier_crl(
   struct Curl_easy *data,
   const struct ssl_primary_config *conn_config,
   struct rustls_web_pki_server_cert_verifier_builder *builder)
@@ -723,7 +718,6 @@ init_config_builder_verifier(struct Curl_easy *data,
                                                 1);
     if(rr != RUSTLS_RESULT_OK) {
       rustls_failf(data, rr, "failed to parse trusted certificates from blob");
-
       result = CURLE_SSL_CACERT_BADFILE;
       goto cleanup;
     }
@@ -734,7 +728,6 @@ init_config_builder_verifier(struct Curl_easy *data,
                                                              1);
     if(rr != RUSTLS_RESULT_OK) {
       rustls_failf(data, rr, "failed to load trusted certificates");
-
       result = CURLE_SSL_CACERT_BADFILE;
       goto cleanup;
     }
@@ -755,8 +748,8 @@ init_config_builder_verifier(struct Curl_easy *data,
 
   if(conn_config->CRLfile) {
     result = init_config_builder_verifier_crl(data,
-                                             conn_config,
-                                             verifier_builder);
+                                              conn_config,
+                                              verifier_builder);
     if(result) {
       goto cleanup;
     }
@@ -789,8 +782,7 @@ cleanup:
   return result;
 }
 
-static CURLcode
-init_config_builder_platform_verifier(
+static CURLcode init_config_builder_platform_verifier(
   struct Curl_easy *data,
   struct rustls_client_config_builder *builder)
 {
@@ -890,10 +882,8 @@ init_config_builder_client_auth(struct Curl_easy *data,
 
   rr = rustls_certified_key_keys_match(certified_key);
   if(rr != RUSTLS_RESULT_OK) {
-    rustls_failf(data,
-                 rr,
+    rustls_failf(data, rr,
                  "rustls: client certificate and keypair files do not match:");
-
     result = CURLE_SSL_CERTPROBLEM;
     goto cleanup;
   }
@@ -1011,9 +1001,9 @@ cleanup:
 }
 #endif /* USE_ECH */
 
-static CURLcode
-cr_init_backend(struct Curl_cfilter *cf, struct Curl_easy *data,
-                struct rustls_ssl_backend_data *const backend)
+static CURLcode cr_init_backend(struct Curl_cfilter *cf,
+                                struct Curl_easy *data,
+                                struct rustls_ssl_backend_data * const backend)
 {
   const struct ssl_connect_data *connssl = cf->ctx;
   const struct ssl_primary_config *conn_config =
@@ -1091,9 +1081,7 @@ cr_init_backend(struct Curl_cfilter *cf, struct Curl_easy *data,
     return result;
   }
 
-  rr = rustls_client_config_builder_build(
-    config_builder,
-    &backend->config);
+  rr = rustls_client_config_builder_build(config_builder, &backend->config);
   if(rr != RUSTLS_RESULT_OK) {
     rustls_failf(data, rr, "failed to build client config");
     return CURLE_SSL_CONNECT_ERROR;
@@ -1116,11 +1104,11 @@ cr_init_backend(struct Curl_cfilter *cf, struct Curl_easy *data,
   return result;
 }
 
-static void
-cr_set_negotiated_alpn(struct Curl_cfilter *cf, struct Curl_easy *data,
-  const struct rustls_connection *rconn)
+static void cr_set_negotiated_alpn(struct Curl_cfilter *cf,
+                                   struct Curl_easy *data,
+                                   const struct rustls_connection *rconn)
 {
-  struct ssl_connect_data *const connssl = cf->ctx;
+  struct ssl_connect_data * const connssl = cf->ctx;
   const uint8_t *protocol = NULL;
   size_t len = 0;
 
@@ -1133,12 +1121,11 @@ cr_set_negotiated_alpn(struct Curl_cfilter *cf, struct Curl_easy *data,
  * This function will set `*done` to true once the handshake is complete.
  * This function never reads the value of `*done*`.
  */
-static CURLcode
-cr_connect(struct Curl_cfilter *cf,
-           struct Curl_easy *data, bool *done)
+static CURLcode cr_connect(struct Curl_cfilter *cf, struct Curl_easy *data,
+                           bool *done)
 {
-  struct ssl_connect_data *const connssl = cf->ctx;
-  const struct rustls_ssl_backend_data *const backend =
+  struct ssl_connect_data * const connssl = cf->ctx;
+  const struct rustls_ssl_backend_data * const backend =
     (struct rustls_ssl_backend_data *)connssl->backend;
   const struct rustls_connection *rconn = NULL;
   CURLcode tmperr = CURLE_OK;
@@ -1165,9 +1152,9 @@ cr_connect(struct Curl_cfilter *cf,
   /* Read/write data until the handshake is done or the socket would block. */
   for(;;) {
     /*
-    * Connection has been established according to Rustls. Set send/recv
-    * handlers, and update the state machine.
-    */
+     * Connection has been established according to Rustls. Set send/recv
+     * handlers, and update the state machine.
+     */
     connssl->io_need = CURL_SSL_IO_NEED_NONE;
     if(!rustls_connection_is_handshaking(rconn)) {
       /* Rustls claims it is no longer handshaking *before* it has
@@ -1186,8 +1173,7 @@ cr_connect(struct Curl_cfilter *cf,
       }
       /* REALLY Done with the handshake. */
       {
-        const uint16_t proto =
-          rustls_connection_get_protocol_version(rconn);
+        const uint16_t proto = rustls_connection_get_protocol_version(rconn);
         const rustls_str ciphersuite_name =
           rustls_connection_get_negotiated_ciphersuite_name(rconn);
         const rustls_str kex_group_name =
@@ -1297,9 +1283,7 @@ cr_connect(struct Curl_cfilter *cf,
   DEBUGASSERT(FALSE);
 }
 
-static void *
-cr_get_internals(struct ssl_connect_data *connssl,
-                 CURLINFO info)
+static void *cr_get_internals(struct ssl_connect_data *connssl, CURLINFO info)
 {
   struct rustls_ssl_backend_data *backend =
     (struct rustls_ssl_backend_data *)connssl->backend;
@@ -1308,10 +1292,8 @@ cr_get_internals(struct ssl_connect_data *connssl,
   return backend->conn;
 }
 
-static CURLcode
-cr_shutdown(struct Curl_cfilter *cf,
-            struct Curl_easy *data,
-            const bool send_shutdown, bool *done)
+static CURLcode cr_shutdown(struct Curl_cfilter *cf, struct Curl_easy *data,
+                            const bool send_shutdown, bool *done)
 {
   struct ssl_connect_data *connssl = cf->ctx;
   struct rustls_ssl_backend_data *backend =
@@ -1373,8 +1355,7 @@ out:
   return result;
 }
 
-static void
-cr_close(struct Curl_cfilter *cf, struct Curl_easy *data)
+static void cr_close(struct Curl_cfilter *cf, struct Curl_easy *data)
 {
   const struct ssl_connect_data *connssl = cf->ctx;
   struct rustls_ssl_backend_data *backend =
@@ -1398,13 +1379,12 @@ static size_t cr_version(char *buffer, size_t size)
   return curl_msnprintf(buffer, size, "%.*s", (int)ver.len, ver.data);
 }
 
-static CURLcode
-cr_random(struct Curl_easy *data, unsigned char *entropy, size_t length)
+static CURLcode cr_random(struct Curl_easy *data, unsigned char *entropy,
+                          size_t length)
 {
   rustls_result rresult = 0;
   (void)data;
-  rresult =
-    rustls_default_crypto_provider_random(entropy, length);
+  rresult = rustls_default_crypto_provider_random(entropy, length);
   return map_error(rresult);
 }
 
diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c
index 49a4516cdf..21314d16ec 100644
--- a/lib/vtls/schannel.c
+++ b/lib/vtls/schannel.c
@@ -34,7 +34,7 @@
 #ifdef USE_SCHANNEL
 
 #ifndef USE_WINDOWS_SSPI
-#  error "cannot compile SCHANNEL support without SSPI."
+#error "cannot compile SCHANNEL support without SSPI."
 #endif
 
 #include "schannel.h"
@@ -67,7 +67,7 @@
  */
 #ifdef CURL_SCHANNEL_DEV_DEBUG
 #define SCH_DEV(x) x
-#define SCH_DEV_SHOWBOOL(x) \
+#define SCH_DEV_SHOWBOOL(x)                                   \
   infof(data, "schannel: " #x " %s", (x) ? "TRUE" : "FALSE");
 #else
 #define SCH_DEV(x) do { } while(0)
@@ -159,10 +159,9 @@ static void InitSecBufferDesc(SecBufferDesc *desc, SecBuffer *BufArr,
   desc->cBuffers = NumArrElem;
 }
 
-static CURLcode
-schannel_set_ssl_version_min_max(DWORD *enabled_protocols,
-                                 struct Curl_cfilter *cf,
-                                 struct Curl_easy *data)
+static CURLcode schannel_set_ssl_version_min_max(DWORD *enabled_protocols,
+                                                 struct Curl_cfilter *cf,
+                                                 struct Curl_easy *data)
 {
   struct ssl_primary_config *conn_config = Curl_ssl_cf_get_primary_config(cf);
   long ssl_version = conn_config->version;
@@ -222,7 +221,7 @@ struct algo {
   int id;
 };
 
-static const struct algo algs[]= {
+static const struct algo algs[] = {
   CIPHEROPTION(CALG_MD2),
   CIPHEROPTION(CALG_MD4),
   CIPHEROPTION(CALG_MD5),
@@ -330,8 +329,7 @@ static const struct algo algs[]= {
   {NULL, 0},
 };
 
-static int
-get_alg_id_by_name(const char *name)
+static int get_alg_id_by_name(const char *name)
 {
   const char *nameEnd = strchr(name, ':');
   size_t n = nameEnd ? (size_t)(nameEnd - name) : strlen(name);
@@ -346,9 +344,8 @@ get_alg_id_by_name(const char *name)
 
 #define NUM_CIPHERS 47 /* There are 47 options listed above */
 
-static CURLcode
-set_ssl_ciphers(SCHANNEL_CRED *schannel_cred, char *ciphers,
-                ALG_ID *algIds)
+static CURLcode set_ssl_ciphers(SCHANNEL_CRED *schannel_cred, char *ciphers,
+                                ALG_ID *algIds)
 {
   const char *startCur = ciphers;
   int algCount = 0;
@@ -376,9 +373,8 @@ set_ssl_ciphers(SCHANNEL_CRED *schannel_cred, char *ciphers,
 }
 
 /* Function allocates memory for store_path only if CURLE_OK is returned */
-static CURLcode
-get_cert_location(TCHAR *path, DWORD *store_name, TCHAR **store_path,
-                  TCHAR **thumbprint)
+static CURLcode get_cert_location(TCHAR *path, DWORD *store_name,
+                                  TCHAR **store_path, TCHAR **thumbprint)
 {
   TCHAR *sep;
   TCHAR *store_path_start;
@@ -400,14 +396,11 @@ get_cert_location(TCHAR *path, DWORD *store_name, TCHAR **store_path,
     *store_name = CERT_SYSTEM_STORE_SERVICES;
   else if(_tcsncmp(path, TEXT("Users"), store_name_len) == 0)
     *store_name = CERT_SYSTEM_STORE_USERS;
-  else if(_tcsncmp(path, TEXT("CurrentUserGroupPolicy"),
-                   store_name_len) == 0)
+  else if(_tcsncmp(path, TEXT("CurrentUserGroupPolicy"), store_name_len) == 0)
     *store_name = CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY;
-  else if(_tcsncmp(path, TEXT("LocalMachineGroupPolicy"),
-                   store_name_len) == 0)
+  else if(_tcsncmp(path, TEXT("LocalMachineGroupPolicy"), store_name_len) == 0)
     *store_name = CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY;
-  else if(_tcsncmp(path, TEXT("LocalMachineEnterprise"),
-                   store_name_len) == 0)
+  else if(_tcsncmp(path, TEXT("LocalMachineEnterprise"), store_name_len) == 0)
     *store_name = CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE;
   else
     return CURLE_SSL_CERTPROBLEM;
@@ -431,9 +424,8 @@ get_cert_location(TCHAR *path, DWORD *store_name, TCHAR **store_path,
   return CURLE_OK;
 }
 
-static CURLcode
-schannel_acquire_credential_handle(struct Curl_cfilter *cf,
-                                   struct Curl_easy *data)
+static CURLcode schannel_acquire_credential_handle(struct Curl_cfilter *cf,
+                                                   struct Curl_easy *data)
 {
   struct ssl_connect_data *connssl = cf->ctx;
   struct ssl_primary_config *conn_config = Curl_ssl_cf_get_primary_config(cf);
@@ -461,37 +453,36 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf,
 
     if(ssl_config->no_revoke) {
       flags |= SCH_CRED_IGNORE_NO_REVOCATION_CHECK |
-        SCH_CRED_IGNORE_REVOCATION_OFFLINE;
+               SCH_CRED_IGNORE_REVOCATION_OFFLINE;
 
       DEBUGF(infof(data, "schannel: disabled server certificate revocation "
-                   "checks"));
+                         "checks"));
     }
     else if(ssl_config->revoke_best_effort) {
       flags |= SCH_CRED_IGNORE_NO_REVOCATION_CHECK |
-        SCH_CRED_IGNORE_REVOCATION_OFFLINE | SCH_CRED_REVOCATION_CHECK_CHAIN;
+               SCH_CRED_IGNORE_REVOCATION_OFFLINE |
+               SCH_CRED_REVOCATION_CHECK_CHAIN;
 
       DEBUGF(infof(data, "schannel: ignore revocation offline errors"));
     }
     else {
       flags |= SCH_CRED_REVOCATION_CHECK_CHAIN;
 
-      DEBUGF(infof(data,
-                   "schannel: checking server certificate revocation"));
+      DEBUGF(infof(data, "schannel: checking server certificate revocation"));
     }
   }
   else {
     flags = SCH_CRED_MANUAL_CRED_VALIDATION |
-      SCH_CRED_IGNORE_NO_REVOCATION_CHECK |
-      SCH_CRED_IGNORE_REVOCATION_OFFLINE;
-    DEBUGF(infof(data,
-                 "schannel: disabled server cert revocation checks"));
+            SCH_CRED_IGNORE_NO_REVOCATION_CHECK |
+            SCH_CRED_IGNORE_REVOCATION_OFFLINE;
+    DEBUGF(infof(data, "schannel: disabled server cert revocation checks"));
   }
 
   if(!conn_config->verifyhost) {
     flags |= SCH_CRED_NO_SERVERNAME_CHECK;
     DEBUGF(infof(data, "schannel: verifyhost setting prevents Schannel from "
-                 "comparing the supplied target name with the subject "
-                 "names in server certificates."));
+                       "comparing the supplied target name with the subject "
+                       "names in server certificates."));
   }
 
   if(!ssl_config->auto_client_cert) {
@@ -508,8 +499,7 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf,
   case CURL_SSLVERSION_TLSv1_0:
   case CURL_SSLVERSION_TLSv1_1:
   case CURL_SSLVERSION_TLSv1_2:
-  case CURL_SSLVERSION_TLSv1_3:
-  {
+  case CURL_SSLVERSION_TLSv1_3: {
     result = schannel_set_ssl_version_min_max(&enabled_protocols, cf, data);
     if(result)
       return result;
@@ -550,7 +540,7 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf,
       result = get_cert_location(cert_path, &cert_store_name,
                                  &cert_store_path, &cert_thumbprint_str);
 
-      if(result && (data->set.ssl.primary.clientcert[0]!='\0'))
+      if(result && (data->set.ssl.primary.clientcert[0] != '\0'))
         fInCert = curlx_fopen(data->set.ssl.primary.clientcert, "rb");
 
       if(result && !fInCert) {
@@ -579,7 +569,7 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf,
          https://learn.microsoft.com/archive/msdn-technet-forums/3e7bc95f-b21a-4bcd-bd2c-7f996718cae5
       */
       CRYPT_DATA_BLOB datablob;
-      WCHAR* pszPassword;
+      WCHAR *pszPassword;
       size_t pwd_len = 0;
       int str_w_len = 0;
       int cert_find_flags;
@@ -613,12 +603,12 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf,
       }
 
       /* Convert key-pair data to the in-memory certificate store */
-      datablob.pbData = (BYTE*)certdata;
+      datablob.pbData = (BYTE *)certdata;
       datablob.cbData = (DWORD)certsize;
 
       if(data->set.ssl.key_passwd)
         pwd_len = strlen(data->set.ssl.key_passwd);
-      pszPassword = (WCHAR*)curlx_malloc(sizeof(WCHAR)*(pwd_len + 1));
+      pszPassword = (WCHAR *)curlx_malloc(sizeof(WCHAR) * (pwd_len + 1));
       if(pszPassword) {
         if(pwd_len > 0)
           str_w_len = MultiByteToWideChar(CP_UTF8,
@@ -854,8 +844,8 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf,
   return CURLE_OK;
 }
 
-static CURLcode
-schannel_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data)
+static CURLcode schannel_connect_step1(struct Curl_cfilter *cf,
+                                       struct Curl_easy *data)
 {
   size_t written = 0;
   struct ssl_connect_data *connssl = cf->ctx;
@@ -874,8 +864,7 @@ schannel_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data)
   CURLcode result;
 
   DEBUGASSERT(backend);
-  DEBUGF(infof(data,
-               "schannel: SSL/TLS connection with %s port %d (step 1/3)",
+  DEBUGF(infof(data, "schannel: SSL/TLS connection with %s port %d (step 1/3)",
                connssl->peer.hostname, connssl->peer.port));
 
   if(curlx_verify_windows_version(5, 1, 0, PLATFORM_WINNT,
@@ -899,7 +888,7 @@ schannel_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data)
     }
     else {
       failf(data, "schannel: this version of Windows is too old to support "
-            "certificate verification via CA bundle file.");
+                  "certificate verification via CA bundle file.");
       return CURLE_SSL_CACERT_BADFILE;
     }
   }
@@ -952,7 +941,7 @@ schannel_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data)
     int cur = 0;
     int list_start_index = 0;
     unsigned int *extension_len = NULL;
-    unsigned short* list_len = NULL;
+    unsigned short *list_len = NULL;
     struct alpn_proto_buf proto;
 
     /* The first four bytes will be an unsigned int indicating number
@@ -968,7 +957,7 @@ schannel_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data)
 
     /* The next two bytes will be an unsigned short indicating the number
        of bytes used to list the preferred protocols. */
-    list_len = (unsigned short*)(void *)(&alpn_buffer[cur]);
+    list_len = (unsigned short *)(void *)(&alpn_buffer[cur]);
     cur += (int)sizeof(unsigned short);
 
     list_start_index = cur;
@@ -1006,8 +995,8 @@ schannel_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data)
 
   /* security request flags */
   backend->req_flags = ISC_REQ_SEQUENCE_DETECT | ISC_REQ_REPLAY_DETECT |
-    ISC_REQ_CONFIDENTIALITY | ISC_REQ_ALLOCATE_MEMORY |
-    ISC_REQ_STREAM;
+                       ISC_REQ_CONFIDENTIALITY | ISC_REQ_ALLOCATE_MEMORY |
+                       ISC_REQ_STREAM;
 
   if(!ssl_config->auto_client_cert) {
     backend->req_flags |= ISC_REQ_USE_SUPPLIED_CREDS;
@@ -1131,8 +1120,8 @@ static CURLcode schannel_error(struct Curl_easy *data,
   }
 }
 
-static CURLcode
-schannel_connect_step2(struct Curl_cfilter *cf, struct Curl_easy *data)
+static CURLcode schannel_connect_step2(struct Curl_cfilter *cf,
+                                       struct Curl_easy *data)
 {
   struct ssl_connect_data *connssl = cf->ctx;
   struct schannel_ssl_backend_data *backend =
@@ -1155,8 +1144,7 @@ schannel_connect_step2(struct Curl_cfilter *cf, struct Curl_easy *data)
   doread = (connssl->io_need & CURL_SSL_IO_NEED_SEND) ? FALSE : TRUE;
   connssl->io_need = CURL_SSL_IO_NEED_NONE;
 
-  DEBUGF(infof(data,
-               "schannel: SSL/TLS connection with %s port %d (step 2/3)",
+  DEBUGF(infof(data, "schannel: SSL/TLS connection with %s port %d (step 2/3)",
                connssl->peer.hostname, connssl->peer.port));
 
   if(!backend->cred || !backend->ctxt)
@@ -1361,7 +1349,8 @@ schannel_connect_step2(struct Curl_cfilter *cf, struct Curl_easy *data)
       if(backend->encdata_offset > inbuf[1].cbBuffer) {
         memmove(backend->encdata_buffer,
                 (backend->encdata_buffer + backend->encdata_offset) -
-                inbuf[1].cbBuffer, inbuf[1].cbBuffer);
+                  inbuf[1].cbBuffer,
+                inbuf[1].cbBuffer);
         backend->encdata_offset = inbuf[1].cbBuffer;
         if(sspi_status == SEC_I_CONTINUE_NEEDED) {
           doread = FALSE;
@@ -1415,8 +1404,7 @@ schannel_connect_step2(struct Curl_cfilter *cf, struct Curl_easy *data)
   return CURLE_OK;
 }
 
-static bool
-valid_cert_encoding(const CERT_CONTEXT *cert_context)
+static bool valid_cert_encoding(const CERT_CONTEXT *cert_context)
 {
   return (cert_context != NULL) &&
     ((cert_context->dwCertEncodingType & X509_ASN_ENCODING) != 0) &&
@@ -1424,12 +1412,11 @@ valid_cert_encoding(const CERT_CONTEXT *cert_context)
     (cert_context->cbCertEncoded > 0);
 }
 
-typedef bool(*Read_crt_func)(const CERT_CONTEXT *ccert_context,
-                             bool reverse_order, void *arg);
+typedef bool (*Read_crt_func)(const CERT_CONTEXT *ccert_context,
+                              bool reverse_order, void *arg);
 
-static void
-traverse_cert_store(const CERT_CONTEXT *context, Read_crt_func func,
-                    void *arg)
+static void traverse_cert_store(const CERT_CONTEXT *context,
+                                Read_crt_func func, void *arg)
 {
   const CERT_CONTEXT *current_context = NULL;
   bool should_continue = TRUE;
@@ -1454,9 +1441,8 @@ traverse_cert_store(const CERT_CONTEXT *context, Read_crt_func func,
     CertFreeCertificateContext(current_context);
 }
 
-static bool
-cert_counter_callback(const CERT_CONTEXT *ccert_context, bool reverse_order,
-                      void *certs_count)
+static bool cert_counter_callback(const CERT_CONTEXT *ccert_context,
+                                  bool reverse_order, void *certs_count)
 {
   (void)reverse_order;
   if(valid_cert_encoding(ccert_context))
@@ -1466,22 +1452,20 @@ cert_counter_callback(const CERT_CONTEXT *ccert_context, bool reverse_order,
   return TRUE;
 }
 
-struct Adder_args
-{
+struct Adder_args {
   struct Curl_easy *data;
   CURLcode result;
   int idx;
   int certs_count;
 };
 
-static bool
-add_cert_to_certinfo(const CERT_CONTEXT *ccert_context, bool reverse_order,
-                     void *raw_arg)
+static bool add_cert_to_certinfo(const CERT_CONTEXT *ccert_context,
+                                 bool reverse_order, void *raw_arg)
 {
-  struct Adder_args *args = (struct Adder_args*)raw_arg;
+  struct Adder_args *args = (struct Adder_args *)raw_arg;
   args->result = CURLE_OK;
   if(valid_cert_encoding(ccert_context)) {
-    const char *beg = (const char *) ccert_context->pbCertEncoded;
+    const char *beg = (const char *)ccert_context->pbCertEncoded;
     const char *end = beg + ccert_context->cbCertEncoded;
     int insert_index = reverse_order ? (args->certs_count - 1) - args->idx :
                        args->idx;
@@ -1511,8 +1495,8 @@ static void schannel_session_free(void *sessionid)
   }
 }
 
-static CURLcode
-schannel_connect_step3(struct Curl_cfilter *cf, struct Curl_easy *data)
+static CURLcode schannel_connect_step3(struct Curl_cfilter *cf,
+                                       struct Curl_easy *data)
 {
   struct ssl_connect_data *connssl = cf->ctx;
   struct schannel_ssl_backend_data *backend =
@@ -1527,8 +1511,7 @@ schannel_connect_step3(struct Curl_cfilter *cf, struct Curl_easy *data)
   DEBUGASSERT(ssl_connect_3 == connssl->connecting_state);
   DEBUGASSERT(backend);
 
-  DEBUGF(infof(data,
-               "schannel: SSL/TLS connection with %s port %d (step 3/3)",
+  DEBUGF(infof(data, "schannel: SSL/TLS connection with %s port %d (step 3/3)",
                connssl->peer.hostname, connssl->peer.port));
 
   if(!backend->cred)
@@ -1886,9 +1869,8 @@ schannel_recv_renegotiate(struct Curl_cfilter *cf, struct Curl_easy *data,
   return result;
 }
 
-static CURLcode
-schannel_send(struct Curl_cfilter *cf, struct Curl_easy *data,
-              const void *buf, size_t len, size_t *pnwritten)
+static CURLcode schannel_send(struct Curl_cfilter *cf, struct Curl_easy *data,
+                              const void *buf, size_t len, size_t *pnwritten)
 {
   size_t data_len = 0;
   unsigned char *ptr = NULL;
@@ -2018,7 +2000,7 @@ schannel_send(struct Curl_cfilter *cf, struct Curl_easy *data,
   else if(sspi_status == SEC_E_INSUFFICIENT_MEMORY) {
     result = CURLE_OUT_OF_MEMORY;
   }
-  else{
+  else {
     result = CURLE_SEND_ERROR;
   }
 
@@ -2032,9 +2014,8 @@ schannel_send(struct Curl_cfilter *cf, struct Curl_easy *data,
   return result;
 }
 
-static CURLcode
-schannel_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
-              char *buf, size_t len, size_t *pnread)
+static CURLcode schannel_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
+                              char *buf, size_t len, size_t *pnread)
 {
   size_t size = 0;
   size_t nread = 0;
@@ -2170,7 +2151,7 @@ schannel_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
     /* https://learn.microsoft.com/windows/win32/api/sspi/nf-sspi-decryptmessage
      */
     sspi_status = Curl_pSecFn->DecryptMessage(&backend->ctxt->ctxt_handle,
-                                           &inbuf_desc, 0, NULL);
+                                              &inbuf_desc, 0, NULL);
 
     /* check if everything went fine (server may want to renegotiate
        or shutdown the connection context) */
@@ -2231,7 +2212,8 @@ schannel_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
              buffer */
           memmove(backend->encdata_buffer,
                   (backend->encdata_buffer + backend->encdata_offset) -
-                  inbuf[3].cbBuffer, inbuf[3].cbBuffer);
+                    inbuf[3].cbBuffer,
+                  inbuf[3].cbBuffer);
           backend->encdata_offset = inbuf[3].cbBuffer;
         }
 
@@ -2761,7 +2743,7 @@ HCERTSTORE Curl_schannel_get_cached_cert_store(struct Curl_cfilter *cf,
 
   share = Curl_hash_pick(&multi->proto_hash,
                          CURL_UNCONST(MPROTO_SCHANNEL_CERT_SHARE_KEY),
-                         sizeof(MPROTO_SCHANNEL_CERT_SHARE_KEY)-1);
+                         sizeof(MPROTO_SCHANNEL_CERT_SHARE_KEY) - 1);
   if(!share || !share->cert_store) {
     return NULL;
   }
@@ -2809,7 +2791,7 @@ HCERTSTORE Curl_schannel_get_cached_cert_store(struct Curl_cfilter *cf,
 static void schannel_cert_share_free(void *key, size_t key_len, void *p)
 {
   struct schannel_cert_share *share = p;
-  DEBUGASSERT(key_len == (sizeof(MPROTO_SCHANNEL_CERT_SHARE_KEY)-1));
+  DEBUGASSERT(key_len == (sizeof(MPROTO_SCHANNEL_CERT_SHARE_KEY) - 1));
   DEBUGASSERT(!memcmp(MPROTO_SCHANNEL_CERT_SHARE_KEY, key, key_len));
   (void)key;
   (void)key_len;
@@ -2839,7 +2821,7 @@ bool Curl_schannel_set_cached_cert_store(struct Curl_cfilter *cf,
 
   share = Curl_hash_pick(&multi->proto_hash,
                          CURL_UNCONST(MPROTO_SCHANNEL_CERT_SHARE_KEY),
-                         sizeof(MPROTO_SCHANNEL_CERT_SHARE_KEY)-1);
+                         sizeof(MPROTO_SCHANNEL_CERT_SHARE_KEY) - 1);
   if(!share) {
     share = curlx_calloc(1, sizeof(*share));
     if(!share) {
@@ -2847,7 +2829,7 @@ bool Curl_schannel_set_cached_cert_store(struct Curl_cfilter *cf,
     }
     if(!Curl_hash_add2(&multi->proto_hash,
                        CURL_UNCONST(MPROTO_SCHANNEL_CERT_SHARE_KEY),
-                       sizeof(MPROTO_SCHANNEL_CERT_SHARE_KEY)-1,
+                       sizeof(MPROTO_SCHANNEL_CERT_SHARE_KEY) - 1,
                        share, schannel_cert_share_free)) {
       curlx_free(share);
       return FALSE;
diff --git a/lib/vtls/schannel.h b/lib/vtls/schannel.h
index 9d0bea221a..47017c5f56 100644
--- a/lib/vtls/schannel.h
+++ b/lib/vtls/schannel.h
@@ -69,15 +69,14 @@
  * (and only here).
  */
 #if defined(OPENSSL_IS_BORINGSSL) || defined(OPENSSL_IS_AWSLC)
-# undef X509_NAME
-# undef X509_CERT_PAIR
-# undef X509_EXTENSIONS
+#undef X509_NAME
+#undef X509_CERT_PAIR
+#undef X509_EXTENSIONS
 #endif
 
 extern const struct Curl_ssl Curl_ssl_schannel;
 
-CURLcode Curl_verify_host(struct Curl_cfilter *cf,
-                          struct Curl_easy *data);
+CURLcode Curl_verify_host(struct Curl_cfilter *cf, struct Curl_easy *data);
 
 CURLcode Curl_verify_certificate(struct Curl_cfilter *cf,
                                  struct Curl_easy *data);
diff --git a/lib/vtls/schannel_verify.c b/lib/vtls/schannel_verify.c
index 4ff7b5d536..e1a3731457 100644
--- a/lib/vtls/schannel_verify.c
+++ b/lib/vtls/schannel_verify.c
@@ -33,7 +33,7 @@
 
 #ifdef USE_SCHANNEL
 #ifndef USE_WINDOWS_SSPI
-#  error "cannot compile SCHANNEL support without SSPI."
+#error "cannot compile SCHANNEL support without SSPI."
 #endif
 
 #include "schannel.h"
@@ -157,8 +157,8 @@ static CURLcode add_certs_data_to_store(HCERTSTORE trust_store,
         const CERT_CONTEXT *cert_context = NULL;
         BOOL add_cert_result = FALSE;
         DWORD actual_content_type = 0;
-        DWORD cert_size = (DWORD)
-          ((end_cert_ptr + end_cert_len) - begin_cert_ptr);
+        DWORD cert_size =
+          (DWORD)((end_cert_ptr + end_cert_len) - begin_cert_ptr);
 
         cert_blob.pbData = (BYTE *)CURL_UNCONST(begin_cert_ptr);
         cert_blob.cbData = cert_size;
@@ -238,13 +238,11 @@ static CURLcode add_certs_data_to_store(HCERTSTORE trust_store,
 
   if(result == CURLE_OK) {
     if(!num_certs) {
-      infof(data,
-            "schannel: did not add any certificates from CA file '%s'",
+      infof(data, "schannel: did not add any certificates from CA file '%s'",
             ca_file_text);
     }
     else {
-      infof(data,
-            "schannel: added %d certificate(s) from CA file '%s'",
+      infof(data, "schannel: added %d certificate(s) from CA file '%s'",
             num_certs, ca_file_text);
     }
   }
@@ -266,9 +264,7 @@ static CURLcode add_certs_file_to_store(HCERTSTORE trust_store,
   ca_file_tstr = curlx_convert_UTF8_to_tchar(ca_file);
   if(!ca_file_tstr) {
     char buffer[WINAPI_ERROR_LEN];
-    failf(data,
-          "schannel: invalid path name for CA file '%s': %s",
-          ca_file,
+    failf(data, "schannel: invalid path name for CA file '%s': %s", ca_file,
           curlx_winapi_strerror(GetLastError(), buffer, sizeof(buffer)));
     result = CURLE_SSL_CACERT_BADFILE;
     goto cleanup;
@@ -288,9 +284,7 @@ static CURLcode add_certs_file_to_store(HCERTSTORE trust_store,
                               NULL);
   if(ca_file_handle == INVALID_HANDLE_VALUE) {
     char buffer[WINAPI_ERROR_LEN];
-    failf(data,
-          "schannel: failed to open CA file '%s': %s",
-          ca_file,
+    failf(data, "schannel: failed to open CA file '%s': %s", ca_file,
           curlx_winapi_strerror(GetLastError(), buffer, sizeof(buffer)));
     result = CURLE_SSL_CACERT_BADFILE;
     goto cleanup;
@@ -298,8 +292,7 @@ static CURLcode add_certs_file_to_store(HCERTSTORE trust_store,
 
   if(!GetFileSizeEx(ca_file_handle, &file_size)) {
     char buffer[WINAPI_ERROR_LEN];
-    failf(data,
-          "schannel: failed to determine size of CA file '%s': %s",
+    failf(data, "schannel: failed to determine size of CA file '%s': %s",
           ca_file,
           curlx_winapi_strerror(GetLastError(), buffer, sizeof(buffer)));
     result = CURLE_SSL_CACERT_BADFILE;
@@ -307,8 +300,7 @@ static CURLcode add_certs_file_to_store(HCERTSTORE trust_store,
   }
 
   if(file_size.QuadPart > MAX_CAFILE_SIZE) {
-    failf(data,
-          "schannel: CA file exceeds max size of %u bytes",
+    failf(data, "schannel: CA file exceeds max size of %u bytes",
           MAX_CAFILE_SIZE);
     result = CURLE_SSL_CACERT_BADFILE;
     goto cleanup;
@@ -328,9 +320,7 @@ static CURLcode add_certs_file_to_store(HCERTSTORE trust_store,
     if(!ReadFile(ca_file_handle, ca_file_buffer + total_bytes_read,
                  bytes_to_read, &bytes_read, NULL)) {
       char buffer[WINAPI_ERROR_LEN];
-      failf(data,
-            "schannel: failed to read from CA file '%s': %s",
-            ca_file,
+      failf(data, "schannel: failed to read from CA file '%s': %s", ca_file,
             curlx_winapi_strerror(GetLastError(), buffer, sizeof(buffer)));
       result = CURLE_SSL_CACERT_BADFILE;
       goto cleanup;
@@ -455,12 +445,11 @@ static DWORD cert_get_name_string(struct Curl_easy *data,
 }
 
 /*
-* Returns TRUE if the hostname is a numeric IPv4/IPv6 Address,
-* and populates the buffer with IPv4/IPv6 info.
-*/
+ * Returns TRUE if the hostname is a numeric IPv4/IPv6 Address,
+ * and populates the buffer with IPv4/IPv6 info.
+ */
 
-static bool get_num_host_info(struct num_ip_data *ip_blob,
-                              LPCSTR hostname)
+static bool get_num_host_info(struct num_ip_data *ip_blob, LPCSTR hostname)
 {
   struct in_addr ia;
   struct in6_addr ia6;
@@ -520,9 +509,8 @@ static bool get_alt_name_info(struct Curl_easy *data,
                           &decode_para,
                           alt_name_info,
                           alt_name_info_size)) {
-    failf(data,
-          "schannel: CryptDecodeObjectEx() returned no alternate name "
-          "information.");
+    failf(data, "schannel: CryptDecodeObjectEx() returned no alternate name "
+                "information.");
     return result;
   }
   result = TRUE;
@@ -530,8 +518,7 @@ static bool get_alt_name_info(struct Curl_easy *data,
 }
 
 /* Verify the server's hostname */
-CURLcode Curl_verify_host(struct Curl_cfilter *cf,
-                          struct Curl_easy *data)
+CURLcode Curl_verify_host(struct Curl_cfilter *cf, struct Curl_easy *data)
 {
   CURLcode result = CURLE_PEER_FAILED_VERIFICATION;
   struct ssl_connect_data *connssl = cf->ctx;
@@ -545,7 +532,7 @@ CURLcode Curl_verify_host(struct Curl_cfilter *cf,
   DWORD actual_len = 0;
   PCERT_ALT_NAME_INFO alt_name_info = NULL;
   DWORD alt_name_info_size = 0;
-  struct num_ip_data ip_blob = { 0 };
+  struct num_ip_data ip_blob = {0};
   bool Win8_compat;
   struct num_ip_data *p = &ip_blob;
   DWORD i;
@@ -840,7 +827,7 @@ CURLcode Curl_verify_certificate(struct Curl_cfilter *cf,
          * list URL, or when the list could not be downloaded because the
          * server is currently unreachable. */
         dwTrustErrorMask &= ~(DWORD)(CERT_TRUST_REVOCATION_STATUS_UNKNOWN |
-          CERT_TRUST_IS_OFFLINE_REVOCATION);
+                                     CERT_TRUST_IS_OFFLINE_REVOCATION);
       }
 
       if(dwTrustErrorMask) {
diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
index 6eb60e41cf..e342953778 100644
--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
@@ -93,14 +93,13 @@
       dest->var = NULL;                      \
   } while(0)
 
-#define CLONE_BLOB(var)                        \
-  do {                                         \
-    if(blobdup(&dest->var, source->var))       \
-      return FALSE;                            \
+#define CLONE_BLOB(var)                  \
+  do {                                   \
+    if(blobdup(&dest->var, source->var)) \
+      return FALSE;                      \
   } while(0)
 
-static CURLcode blobdup(struct curl_blob **dest,
-                        struct curl_blob *src)
+static CURLcode blobdup(struct curl_blob **dest, struct curl_blob *src)
 {
   DEBUGASSERT(dest);
   DEBUGASSERT(!*dest);
@@ -149,8 +148,8 @@ static const struct alpn_spec ALPN_SPEC_H2_H11 = {
 #endif
 
 #if !defined(CURL_DISABLE_HTTP) || !defined(CURL_DISABLE_PROXY)
-static const struct alpn_spec *
-alpn_get_spec(http_majors allowed, bool use_alpn)
+static const struct alpn_spec *alpn_get_spec(http_majors allowed,
+                                             bool use_alpn)
 {
   if(!use_alpn)
     return NULL;
@@ -170,7 +169,6 @@ alpn_get_spec(http_majors allowed, bool use_alpn)
 #endif /* !CURL_DISABLE_HTTP || !CURL_DISABLE_PROXY */
 #endif /* USE_SSL */
 
-
 void Curl_ssl_easy_config_init(struct Curl_easy *data)
 {
   /*
@@ -185,10 +183,9 @@ void Curl_ssl_easy_config_init(struct Curl_easy *data)
 #endif
 }
 
-static bool
-match_ssl_primary_config(struct Curl_easy *data,
-                         struct ssl_primary_config *c1,
-                         struct ssl_primary_config *c2)
+static bool match_ssl_primary_config(struct Curl_easy *data,
+                                     struct ssl_primary_config *c1,
+                                     struct ssl_primary_config *c2)
 {
   (void)data;
   if((c1->version == c2->version) &&
@@ -324,8 +321,7 @@ CURLcode Curl_ssl_easy_config_complete(struct Curl_easy *data)
   sslc->primary.cipher_list13 = data->set.str[STRING_SSL_CIPHER13_LIST];
   sslc->primary.signature_algorithms =
     data->set.str[STRING_SSL_SIGNATURE_ALGORITHMS];
-  sslc->primary.pinned_key =
-    data->set.str[STRING_SSL_PINNEDPUBLICKEY];
+  sslc->primary.pinned_key = data->set.str[STRING_SSL_PINNEDPUBLICKEY];
   sslc->primary.cert_blob = data->set.blobs[BLOB_CERT];
   sslc->primary.ca_info_blob = data->set.blobs[BLOB_CAINFO];
   sslc->primary.curves = data->set.str[STRING_SSL_EC_CURVES];
@@ -538,9 +534,9 @@ void Curl_ssl_close_all(struct Curl_easy *data)
     Curl_ssl->close_all(data);
 }
 
-CURLcode  Curl_ssl_adjust_pollset(struct Curl_cfilter *cf,
-                                  struct Curl_easy *data,
-                                  struct easy_pollset *ps)
+CURLcode Curl_ssl_adjust_pollset(struct Curl_cfilter *cf,
+                                 struct Curl_easy *data,
+                                 struct easy_pollset *ps)
 {
   struct ssl_connect_data *connssl = cf->ctx;
 
@@ -628,7 +624,7 @@ CURLcode Curl_ssl_init_certinfo(struct Curl_easy *data, int num)
   Curl_ssl_free_certinfo(data);
 
   /* Allocate the required certificate information structures */
-  table = curlx_calloc((size_t) num, sizeof(struct curl_slist *));
+  table = curlx_calloc((size_t)num, sizeof(struct curl_slist *));
   if(!table)
     return CURLE_OUT_OF_MEMORY;
 
@@ -661,8 +657,7 @@ CURLcode Curl_ssl_push_certinfo_len(struct Curl_easy *data,
      curlx_dyn_addn(&build, value, valuelen))
     return CURLE_OUT_OF_MEMORY;
 
-  nl = Curl_slist_append_nodup(ci->certinfo[certnum],
-                               curlx_dyn_ptr(&build));
+  nl = Curl_slist_append_nodup(ci->certinfo[certnum], curlx_dyn_ptr(&build));
   if(!nl) {
     curlx_dyn_free(&build);
     curl_slist_free_all(ci->certinfo[certnum]);
@@ -798,8 +793,8 @@ CURLcode Curl_pin_peer_pubkey(struct Curl_easy *data,
 
     pinned_hash = pinnedpubkey;
     while(pinned_hash &&
-          !strncmp(pinned_hash, "sha256//", (sizeof("sha256//")-1))) {
-      pinned_hash = pinned_hash + (sizeof("sha256//")-1);
+          !strncmp(pinned_hash, "sha256//", (sizeof("sha256//") - 1))) {
+      pinned_hash = pinned_hash + (sizeof("sha256//") - 1);
       end_pos = strchr(pinned_hash, ';');
       pinned_hash_len = end_pos ?
                         (size_t)(end_pos - pinned_hash) : strlen(pinned_hash);
@@ -845,7 +840,7 @@ CURLcode Curl_pin_peer_pubkey(struct Curl_easy *data,
      * if the size of our certificate is bigger than the file
      * size then it cannot match
      */
-    size = curlx_sotouz((curl_off_t) filesize);
+    size = curlx_sotouz((curl_off_t)filesize);
     if(pubkeylen > size)
       goto end;
 
@@ -1277,7 +1272,7 @@ CURLcode Curl_ssl_peer_init(struct ssl_peer *peer,
     /* not an IP address, normalize according to RCC 6066 ch. 3,
      * max len of SNI is 2^16-1, no trailing dot */
     size_t len = strlen(peer->hostname);
-    if(len && (peer->hostname[len-1] == '.'))
+    if(len && (peer->hostname[len - 1] == '.'))
       len--;
     if(len < USHRT_MAX) {
       peer->sni = curlx_calloc(1, len + 1);
@@ -1563,7 +1558,7 @@ static CURLcode ssl_cf_shutdown(struct Curl_cfilter *cf,
   *done = TRUE;
   /* If we have done the SSL handshake, shut down the connection cleanly */
   if(cf->connected && (connssl->state == ssl_connection_complete) &&
-    !cf->shutdown && Curl_ssl->shut_down) {
+     !cf->shutdown && Curl_ssl->shut_down) {
     struct cf_call_data save;
 
     CF_DATA_SAVE(save, cf, data);
@@ -1781,7 +1776,7 @@ static CURLcode cf_ssl_proxy_create(struct Curl_cfilter **pcf,
 #ifdef USE_HTTP2
   if(conn->http_proxy.proxytype == CURLPROXY_HTTPS2) {
     use_alpn = TRUE;
-    allowed = (CURL_HTTP_V1x|CURL_HTTP_V2x);
+    allowed = (CURL_HTTP_V1x | CURL_HTTP_V2x);
   }
 #endif
 
@@ -1847,7 +1842,7 @@ static CURLcode vtls_shutdown_blocking(struct Curl_cfilter *cf,
     }
 
     result = connssl->ssl_impl->shut_down(cf, data, send_shutdown, done);
-    if(result ||*done)
+    if(result || *done)
       goto out;
 
     if(connssl->io_need) {
@@ -2042,7 +2037,7 @@ CURLcode Curl_alpn_set_negotiated(struct Curl_cfilter *cf,
   if(proto && proto_len) {
     if(memchr(proto, '\0', proto_len)) {
       failf(data, "ALPN: server selected protocol contains NUL. "
-            "Refusing to continue.");
+                  "Refusing to continue.");
       result = CURLE_SSL_CONNECT_ERROR;
       goto out;
     }
diff --git a/lib/vtls/vtls.h b/lib/vtls/vtls.h
index dbe13c5903..b5b517f0b6 100644
--- a/lib/vtls/vtls.h
+++ b/lib/vtls/vtls.h
@@ -253,16 +253,16 @@ extern struct Curl_cftype Curl_cft_ssl_proxy;
 #define Curl_ssl_init() 1
 #define Curl_ssl_cleanup() Curl_nop_stmt
 #define Curl_ssl_close_all(x) Curl_nop_stmt
-#define Curl_ssl_set_engine(x,y) CURLE_NOT_BUILT_IN
+#define Curl_ssl_set_engine(x, y) CURLE_NOT_BUILT_IN
 #define Curl_ssl_set_engine_default(x) CURLE_NOT_BUILT_IN
 #define Curl_ssl_engines_list(x) NULL
 #define Curl_ssl_free_certinfo(x) Curl_nop_stmt
-#define Curl_ssl_random(x,y,z) ((void)x, CURLE_NOT_BUILT_IN)
+#define Curl_ssl_random(x, y, z) ((void)x, CURLE_NOT_BUILT_IN)
 #define Curl_ssl_cert_status_request() FALSE
-#define Curl_ssl_supports(a,b) FALSE
-#define Curl_ssl_cfilter_add(a,b,c) CURLE_NOT_BUILT_IN
-#define Curl_ssl_cfilter_remove(a,b,c) CURLE_OK
-#define Curl_ssl_cf_get_config(a,b) NULL
+#define Curl_ssl_supports(a, b) FALSE
+#define Curl_ssl_cfilter_add(a, b, c) CURLE_NOT_BUILT_IN
+#define Curl_ssl_cfilter_remove(a, b, c) CURLE_OK
+#define Curl_ssl_cf_get_config(a, b) NULL
 #define Curl_ssl_cf_get_primary_config(a) NULL
 #endif
 
diff --git a/lib/vtls/vtls_int.h b/lib/vtls/vtls_int.h
index 8bf6c6c64b..0a184f88c1 100644
--- a/lib/vtls/vtls_int.h
+++ b/lib/vtls/vtls_int.h
@@ -71,8 +71,7 @@ CURLcode Curl_alpn_set_negotiated(struct Curl_cfilter *cf,
                                   const unsigned char *proto,
                                   size_t proto_len);
 
-bool Curl_alpn_contains_proto(const struct alpn_spec *spec,
-                              const char *proto);
+bool Curl_alpn_contains_proto(const struct alpn_spec *spec, const char *proto);
 
 /* enum for the nonblocking SSL connection state machine */
 typedef enum {
@@ -99,11 +98,11 @@ typedef enum {
 } ssl_earlydata_state;
 
 #define CURL_SSL_IO_NEED_NONE   (0)
-#define CURL_SSL_IO_NEED_RECV   (1<<0)
-#define CURL_SSL_IO_NEED_SEND   (1<<1)
+#define CURL_SSL_IO_NEED_RECV   (1 << 0)
+#define CURL_SSL_IO_NEED_SEND   (1 << 1)
 
 /* Max earlydata payload we want to send */
-#define CURL_SSL_EARLY_MAX       (64*1024)
+#define CURL_SSL_EARLY_MAX       (64 * 1024)
 
 /* Information in each SSL cfilter context: cf->ctx */
 struct ssl_connect_data {
@@ -130,11 +129,8 @@ struct ssl_connect_data {
   BIT(input_pending);               /* data for SSL_read() may be available */
 };
 
-
 #undef CF_CTX_CALL_DATA
-#define CF_CTX_CALL_DATA(cf)  \
-  ((struct ssl_connect_data *)(cf)->ctx)->call_data
-
+#define CF_CTX_CALL_DATA(cf) ((struct ssl_connect_data *)(cf)->ctx)->call_data
 
 /* Definitions for SSL Implementations */
 
@@ -157,8 +153,7 @@ struct Curl_ssl {
   /* data_pending() shall return TRUE when it wants to get called again to
      drain internal buffers and deliver data instead of waiting for the socket
      to get readable */
-  bool (*data_pending)(struct Curl_cfilter *cf,
-                       const struct Curl_easy *data);
+  bool (*data_pending)(struct Curl_cfilter *cf, const struct Curl_easy *data);
 
   /* return 0 if a find random is filled in */
   CURLcode (*random)(struct Curl_easy *data, unsigned char *entropy,
@@ -181,7 +176,7 @@ struct Curl_ssl {
   struct curl_slist *(*engines_list)(struct Curl_easy *data);
 
   CURLcode (*sha256sum)(const unsigned char *input, size_t inputlen,
-                    unsigned char *sha256sum, size_t sha256sumlen);
+                        unsigned char *sha256sum, size_t sha256sumlen);
   CURLcode (*recv_plain)(struct Curl_cfilter *cf, struct Curl_easy *data,
                          char *buf, size_t len, size_t *pnread);
   CURLcode (*send_plain)(struct Curl_cfilter *cf, struct Curl_easy *data,
@@ -189,7 +184,6 @@ struct Curl_ssl {
 
   CURLcode (*get_channel_binding)(struct Curl_easy *data, int sockindex,
                                   struct dynbuf *binding);
-
 };
 
 extern const struct Curl_ssl *Curl_ssl;
diff --git a/lib/vtls/vtls_scache.c b/lib/vtls/vtls_scache.c
index 21dfe2eaa0..b968d8b8f3 100644
--- a/lib/vtls/vtls_scache.c
+++ b/lib/vtls/vtls_scache.c
@@ -106,23 +106,21 @@ static void cf_ssl_scache_session_ldestroy(void *udata, void *obj)
   curlx_free(s);
 }
 
-CURLcode
-Curl_ssl_session_create(void *sdata, size_t sdata_len,
-                        int ietf_tls_id, const char *alpn,
-                        curl_off_t valid_until, size_t earlydata_max,
-                        struct Curl_ssl_session **psession)
+CURLcode Curl_ssl_session_create(void *sdata, size_t sdata_len,
+                                 int ietf_tls_id, const char *alpn,
+                                 curl_off_t valid_until, size_t earlydata_max,
+                                 struct Curl_ssl_session **psession)
 {
   return Curl_ssl_session_create2(sdata, sdata_len, ietf_tls_id, alpn,
                                   valid_until, earlydata_max,
                                   NULL, 0, psession);
 }
 
-CURLcode
-Curl_ssl_session_create2(void *sdata, size_t sdata_len,
-                         int ietf_tls_id, const char *alpn,
-                         curl_off_t valid_until, size_t earlydata_max,
-                         unsigned char *quic_tp, size_t quic_tp_len,
-                         struct Curl_ssl_session **psession)
+CURLcode Curl_ssl_session_create2(void *sdata, size_t sdata_len,
+                                  int ietf_tls_id, const char *alpn,
+                                  curl_off_t valid_until, size_t earlydata_max,
+                                  unsigned char *quic_tp, size_t quic_tp_len,
+                                  struct Curl_ssl_session **psession)
 {
   struct Curl_ssl_session *s;
 
@@ -322,7 +320,7 @@ CURLcode Curl_ssl_scache_create(size_t max_peers,
   }
 
   scache->magic = CURL_SCACHE_MAGIC;
-  scache->default_lifetime_secs = (24*60*60); /* 1 day */
+  scache->default_lifetime_secs = (24 * 60 * 60); /* 1 day */
   scache->peer_count = max_peers;
   scache->peers = peers;
   scache->age = 1;
@@ -507,7 +505,7 @@ CURLcode Curl_ssl_peer_key_make(struct Curl_cfilter *cf,
 
   if(ssl->version || ssl->version_max) {
     r = curlx_dyn_addf(&buf, ":TLSVER-%d-%d", ssl->version,
-                      (ssl->version_max >> 16));
+                       (ssl->version_max >> 16));
     if(r)
       goto out;
   }
@@ -616,19 +614,18 @@ static bool cf_ssl_scache_match_auth(struct Curl_ssl_scache_peer *peer,
   else if(!Curl_safecmp(peer->clientcert, conn_config->clientcert))
     return FALSE;
 #ifdef USE_TLS_SRP
-   if(Curl_timestrcmp(peer->srp_username, conn_config->username) ||
-      Curl_timestrcmp(peer->srp_password, conn_config->password))
-     return FALSE;
+  if(Curl_timestrcmp(peer->srp_username, conn_config->username) ||
+     Curl_timestrcmp(peer->srp_password, conn_config->password))
+    return FALSE;
 #endif
   return TRUE;
 }
 
-static CURLcode
-cf_ssl_find_peer_by_key(struct Curl_easy *data,
-                        struct Curl_ssl_scache *scache,
-                        const char *ssl_peer_key,
-                        struct ssl_primary_config *conn_config,
-                        struct Curl_ssl_scache_peer **ppeer)
+static CURLcode cf_ssl_find_peer_by_key(struct Curl_easy *data,
+                                        struct Curl_ssl_scache *scache,
+                                        const char *ssl_peer_key,
+                                        struct ssl_primary_config *conn_config,
+                                        struct Curl_ssl_scache_peer **ppeer)
 {
   size_t i, peer_key_len = 0;
   CURLcode result = CURLE_OK;
@@ -718,12 +715,11 @@ cf_ssl_get_free_peer(struct Curl_ssl_scache *scache)
   return peer;
 }
 
-static CURLcode
-cf_ssl_add_peer(struct Curl_easy *data,
-                struct Curl_ssl_scache *scache,
-                const char *ssl_peer_key,
-                struct ssl_primary_config *conn_config,
-                struct Curl_ssl_scache_peer **ppeer)
+static CURLcode cf_ssl_add_peer(struct Curl_easy *data,
+                                struct Curl_ssl_scache *scache,
+                                const char *ssl_peer_key,
+                                struct ssl_primary_config *conn_config,
+                                struct Curl_ssl_scache_peer **ppeer)
 {
   struct Curl_ssl_scache_peer *peer = NULL;
   CURLcode result = CURLE_OK;
@@ -1000,7 +996,7 @@ void Curl_ssl_scache_remove_all(struct Curl_cfilter *cf,
 
 #ifdef USE_SSLS_EXPORT
 
-#define CURL_SSL_TICKET_MAX   (16*1024)
+#define CURL_SSL_TICKET_MAX   (16 * 1024)
 
 static CURLcode cf_ssl_scache_peer_set_hmac(struct Curl_ssl_scache_peer *peer)
 {
diff --git a/lib/vtls/vtls_scache.h b/lib/vtls/vtls_scache.h
index 445f210549..67049462a8 100644
--- a/lib/vtls/vtls_scache.h
+++ b/lib/vtls/vtls_scache.h
@@ -37,8 +37,8 @@ struct ssl_peer;
 
 /* RFC 8446 (TLSv1.3) restrict lifetime to one week max, for
  * other, less secure versions, we restrict it to a day */
-#define CURL_SCACHE_MAX_13_LIFETIME_SEC    (60*60*24*7)
-#define CURL_SCACHE_MAX_12_LIFETIME_SEC    (60*60*24)
+#define CURL_SCACHE_MAX_13_LIFETIME_SEC    (60 * 60 * 24 * 7)
+#define CURL_SCACHE_MAX_12_LIFETIME_SEC    (60 * 60 * 24)
 
 /* Create a session cache for up to max_peers endpoints with a total
  * of up to max_sessions SSL sessions per peer */
@@ -142,22 +142,18 @@ struct Curl_ssl_session {
  *                  in case this is not known.
  * @param psession on return the scached session instance created
  */
-CURLcode
-Curl_ssl_session_create(void *sdata, size_t sdata_len,
-                        int ietf_tls_id, const char *alpn,
-                        curl_off_t valid_until,
-                        size_t earlydata_max,
-                        struct Curl_ssl_session **psession);
+CURLcode Curl_ssl_session_create(void *sdata, size_t sdata_len,
+                                 int ietf_tls_id, const char *alpn,
+                                 curl_off_t valid_until, size_t earlydata_max,
+                                 struct Curl_ssl_session **psession);
 
 /* Variation of session creation with quic transport parameter bytes,
  * Takes ownership of `quic_tp` regardless of return code. */
-CURLcode
-Curl_ssl_session_create2(void *sdata, size_t sdata_len,
-                         int ietf_tls_id, const char *alpn,
-                         curl_off_t valid_until,
-                         size_t earlydata_max,
-                         unsigned char *quic_tp, size_t quic_tp_len,
-                         struct Curl_ssl_session **psession);
+CURLcode Curl_ssl_session_create2(void *sdata, size_t sdata_len,
+                                  int ietf_tls_id, const char *alpn,
+                                  curl_off_t valid_until, size_t earlydata_max,
+                                  unsigned char *quic_tp, size_t quic_tp_len,
+                                  struct Curl_ssl_session **psession);
 
 /* Destroy a `session` instance. Can be called with NULL.
  * Does NOT need locking. */
diff --git a/lib/vtls/vtls_spack.c b/lib/vtls/vtls_spack.c
index 070bb485a3..ac289f1b2f 100644
--- a/lib/vtls/vtls_spack.c
+++ b/lib/vtls/vtls_spack.c
@@ -52,8 +52,8 @@ static CURLcode spack_enc8(struct dynbuf *buf, uint8_t b)
   return curlx_dyn_addn(buf, &b, 1);
 }
 
-static CURLcode
-spack_dec8(uint8_t *val, const uint8_t **src, const uint8_t *end)
+static CURLcode spack_dec8(uint8_t *val, const uint8_t **src,
+                           const uint8_t *end)
 {
   if(end - *src < 1)
     return CURLE_READ_ERROR;
@@ -70,8 +70,8 @@ static CURLcode spack_enc16(struct dynbuf *buf, uint16_t val)
   return curlx_dyn_addn(buf, nval, sizeof(nval));
 }
 
-static CURLcode
-spack_dec16(uint16_t *val, const uint8_t **src, const uint8_t *end)
+static CURLcode spack_dec16(uint16_t *val, const uint8_t **src,
+                            const uint8_t *end)
 {
   if(end - *src < 2)
     return CURLE_READ_ERROR;
@@ -90,8 +90,8 @@ static CURLcode spack_enc32(struct dynbuf *buf, uint32_t val)
   return curlx_dyn_addn(buf, nval, sizeof(nval));
 }
 
-static CURLcode
-spack_dec32(uint32_t *val, const uint8_t **src, const uint8_t *end)
+static CURLcode spack_dec32(uint32_t *val, const uint8_t **src,
+                            const uint8_t *end)
 {
   if(end - *src < 4)
     return CURLE_READ_ERROR;
@@ -107,7 +107,7 @@ static CURLcode spack_enc64(struct dynbuf *buf, uint64_t val)
   nval[0] = (uint8_t)(val >> 56);
   nval[1] = (uint8_t)(val >> 48);
   nval[2] = (uint8_t)(val >> 40);
-  nval[3] = (uint8_t)(val >> 32);                  \
+  nval[3] = (uint8_t)(val >> 32);
   nval[4] = (uint8_t)(val >> 24);
   nval[5] = (uint8_t)(val >> 16);
   nval[6] = (uint8_t)(val >> 8);
@@ -115,8 +115,8 @@ static CURLcode spack_enc64(struct dynbuf *buf, uint64_t val)
   return curlx_dyn_addn(buf, nval, sizeof(nval));
 }
 
-static CURLcode
-spack_dec64(uint64_t *val, const uint8_t **src, const uint8_t *end)
+static CURLcode spack_dec64(uint64_t *val, const uint8_t **src,
+                            const uint8_t *end)
 {
   if(end - *src < 8)
     return CURLE_READ_ERROR;
@@ -141,8 +141,8 @@ static CURLcode spack_encstr16(struct dynbuf *buf, const char *s)
   return r;
 }
 
-static CURLcode
-spack_decstr16(char **val, const uint8_t **src, const uint8_t *end)
+static CURLcode spack_decstr16(char **val, const uint8_t **src,
+                               const uint8_t *end)
 {
   uint16_t slen;
   CURLcode r;
@@ -158,8 +158,8 @@ spack_decstr16(char **val, const uint8_t **src, const uint8_t *end)
   return *val ? CURLE_OK : CURLE_OUT_OF_MEMORY;
 }
 
-static CURLcode spack_encdata16(struct dynbuf *buf,
-                                const uint8_t *data, size_t data_len)
+static CURLcode spack_encdata16(struct dynbuf *buf, const uint8_t *data,
+                                size_t data_len)
 {
   CURLcode r;
   if(data_len > UINT16_MAX)
@@ -171,9 +171,8 @@ static CURLcode spack_encdata16(struct dynbuf *buf,
   return r;
 }
 
-static CURLcode
-spack_decdata16(uint8_t **val, size_t *val_len,
-                const uint8_t **src, const uint8_t *end)
+static CURLcode spack_decdata16(uint8_t **val, size_t *val_len,
+                                const uint8_t **src, const uint8_t *end)
 {
   uint16_t data_len;
   CURLcode r;
diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c
index eae17078fd..62bf723efd 100644
--- a/lib/vtls/wolfssl.c
+++ b/lib/vtls/wolfssl.c
@@ -127,9 +127,9 @@ static CURLcode wssl_connect(struct Curl_cfilter *cf,
  * (--enable-opensslextra or --enable-all).
  */
 #if defined(HAVE_SECRET_CALLBACK) && defined(WOLFSSL_TLS13)
-static int
-wssl_tls13_secret_callback(SSL *ssl, int id, const unsigned char *secret,
-                           int secretSz, void *ctx)
+static int wssl_tls13_secret_callback(SSL *ssl, int id,
+                                      const unsigned char *secret,
+                                      int secretSz, void *ctx)
 {
   const char *label;
   unsigned char client_random[SSL3_RANDOM_SIZE];
@@ -309,8 +309,7 @@ static long wssl_bio_cf_ctrl(WOLFSSL_BIO *bio, int cmd, long num, void *ptr)
   return ret;
 }
 
-static int wssl_bio_cf_out_write(WOLFSSL_BIO *bio,
-                                 const char *buf, int blen)
+static int wssl_bio_cf_out_write(WOLFSSL_BIO *bio, const char *buf, int blen)
 {
   struct Curl_cfilter *cf = wolfSSL_BIO_get_data(bio);
   struct ssl_connect_data *connssl = cf->ctx;
@@ -487,7 +486,7 @@ static int wssl_vtls_new_session_cb(WOLFSSL *ssl, WOLFSSL_SESSION *session)
 {
   struct Curl_cfilter *cf;
 
-  cf = (struct Curl_cfilter*)wolfSSL_get_app_data(ssl);
+  cf = (struct Curl_cfilter *)wolfSSL_get_app_data(ssl);
   DEBUGASSERT(cf != NULL);
   if(cf && session) {
     struct ssl_connect_data *connssl = cf->ctx;
@@ -535,8 +534,8 @@ static CURLcode wssl_on_session_reuse(struct Curl_cfilter *cf,
     connssl->earlydata_state = ssl_earlydata_await;
     connssl->state = ssl_connection_deferred;
     result = Curl_alpn_set_negotiated(cf, data, connssl,
-                    (const unsigned char *)scs->alpn,
-                    scs->alpn ? strlen(scs->alpn) : 0);
+                                      (const unsigned char *)scs->alpn,
+                                      scs->alpn ? strlen(scs->alpn) : 0);
     *do_early_data = !result;
   }
   return result;
@@ -640,7 +639,7 @@ static CURLcode wssl_populate_x509_store(struct Curl_cfilter *cf,
     }
 #else
     infof(data, "ignoring native CA option because wolfSSL was built without "
-          "native CA support");
+                "native CA support");
 #endif
   }
 #endif /* !NO_FILESYSTEM */
@@ -688,7 +687,7 @@ static CURLcode wssl_populate_x509_store(struct Curl_cfilter *cf,
         /* Just continue with a warning if no strict certificate
            verification is required. */
         infof(data, "error setting certificate verify locations,"
-              " continuing anyway:");
+                    " continuing anyway:");
       }
     }
     else {
@@ -707,15 +706,15 @@ static CURLcode wssl_populate_x509_store(struct Curl_cfilter *cf,
 #define MPROTO_WSSL_X509_KEY   "tls:wssl:x509:share"
 
 struct wssl_x509_share {
-  char *CAfile;         /* CAfile path used to generate X509 store */
+  char *CAfile;              /* CAfile path used to generate X509 store */
   WOLFSSL_X509_STORE *store; /* cached X509 store or NULL if none */
-  struct curltime time; /* when the cached store was created */
+  struct curltime time;      /* when the cached store was created */
 };
 
 static void wssl_x509_share_free(void *key, size_t key_len, void *p)
 {
   struct wssl_x509_share *share = p;
-  DEBUGASSERT(key_len == (sizeof(MPROTO_WSSL_X509_KEY)-1));
+  DEBUGASSERT(key_len == (sizeof(MPROTO_WSSL_X509_KEY) - 1));
   DEBUGASSERT(!memcmp(MPROTO_WSSL_X509_KEY, key, key_len));
   (void)key;
   (void)key_len;
@@ -726,9 +725,8 @@ static void wssl_x509_share_free(void *key, size_t key_len, void *p)
   curlx_free(share);
 }
 
-static bool
-wssl_cached_x509_store_expired(const struct Curl_easy *data,
-                               const struct wssl_x509_share *mb)
+static bool wssl_cached_x509_store_expired(const struct Curl_easy *data,
+                                           const struct wssl_x509_share *mb)
 {
   const struct ssl_general_config *cfg = &data->set.general_ssl;
   struct curltime now = curlx_now();
@@ -741,9 +739,8 @@ wssl_cached_x509_store_expired(const struct Curl_easy *data,
   return elapsed_ms >= timeout_ms;
 }
 
-static bool
-wssl_cached_x509_store_different(struct Curl_cfilter *cf,
-                                 const struct wssl_x509_share *mb)
+static bool wssl_cached_x509_store_different(struct Curl_cfilter *cf,
+                                             const struct wssl_x509_share *mb)
 {
   struct ssl_primary_config *conn_config = Curl_ssl_cf_get_primary_config(cf);
   if(!mb->CAfile || !conn_config->CAfile)
@@ -762,7 +759,7 @@ static WOLFSSL_X509_STORE *wssl_get_cached_x509_store(struct Curl_cfilter *cf,
   DEBUGASSERT(multi);
   share = multi ? Curl_hash_pick(&multi->proto_hash,
                                  CURL_UNCONST(MPROTO_WSSL_X509_KEY),
-                                 sizeof(MPROTO_WSSL_X509_KEY)-1) : NULL;
+                                 sizeof(MPROTO_WSSL_X509_KEY) - 1) : NULL;
   if(share && share->store &&
      !wssl_cached_x509_store_expired(data, share) &&
      !wssl_cached_x509_store_different(cf, share)) {
@@ -785,7 +782,7 @@ static void wssl_set_cached_x509_store(struct Curl_cfilter *cf,
     return;
   share = Curl_hash_pick(&multi->proto_hash,
                          CURL_UNCONST(MPROTO_WSSL_X509_KEY),
-                         sizeof(MPROTO_WSSL_X509_KEY)-1);
+                         sizeof(MPROTO_WSSL_X509_KEY) - 1);
 
   if(!share) {
     share = curlx_calloc(1, sizeof(*share));
@@ -793,7 +790,7 @@ static void wssl_set_cached_x509_store(struct Curl_cfilter *cf,
       return;
     if(!Curl_hash_add2(&multi->proto_hash,
                        CURL_UNCONST(MPROTO_WSSL_X509_KEY),
-                       sizeof(MPROTO_WSSL_X509_KEY)-1,
+                       sizeof(MPROTO_WSSL_X509_KEY) - 1,
                        share, wssl_x509_share_free)) {
       curlx_free(share);
       return;
@@ -876,8 +873,7 @@ CURLcode Curl_wssl_setup_x509_store(struct Curl_cfilter *cf,
 }
 
 #ifdef WOLFSSL_TLS13
-static CURLcode
-wssl_add_default_ciphers(bool tls13, struct dynbuf *buf)
+static CURLcode wssl_add_default_ciphers(bool tls13, struct dynbuf *buf)
 {
   int i;
   char *str;
@@ -905,8 +901,7 @@ wssl_add_default_ciphers(bool tls13, struct dynbuf *buf)
 
 /* 4.2.0 (2019) */
 #if LIBWOLFSSL_VERSION_HEX < 0x04002000 || !defined(OPENSSL_EXTRA)
-static int
-wssl_legacy_CTX_set_min_proto_version(WOLFSSL_CTX* ctx, int version)
+static int wssl_legacy_CTX_set_min_proto_version(WOLFSSL_CTX *ctx, int version)
 {
   int res;
   switch(version) {
@@ -933,8 +928,8 @@ wssl_legacy_CTX_set_min_proto_version(WOLFSSL_CTX* ctx, int version)
   }
   return res;
 }
-static int
-wssl_legacy_CTX_set_max_proto_version(WOLFSSL_CTX* ctx, int version)
+
+static int wssl_legacy_CTX_set_max_proto_version(WOLFSSL_CTX *ctx, int version)
 {
   (void)ctx, (void)version;
   return WOLFSSL_NOT_IMPLEMENTED;
@@ -1106,7 +1101,6 @@ static CURLcode ssl_version(struct Curl_easy *data,
   return CURLE_OK;
 }
 
-
 #define QUIC_GROUPS "P-256:P-384:P-521"
 
 CURLcode Curl_wssl_ctx_init(struct wssl_ctx *wctx,
@@ -1121,7 +1115,7 @@ CURLcode Curl_wssl_ctx_init(struct wssl_ctx *wctx,
 {
   struct ssl_config_data *ssl_config = Curl_ssl_cf_get_config(cf, data);
   struct ssl_primary_config *conn_config;
-  WOLFSSL_METHOD* req_method = NULL;
+  WOLFSSL_METHOD *req_method = NULL;
   struct alpn_spec alpns;
   char *curves;
 #ifdef WOLFSSL_HAVE_KYBER
@@ -1357,8 +1351,7 @@ CURLcode Curl_wssl_ctx_init(struct wssl_ctx *wctx,
     /* Ensure the Client Random is preserved. */
     wolfSSL_KeepArrays(wctx->ssl);
 #if defined(HAVE_SECRET_CALLBACK) && defined(WOLFSSL_TLS13)
-    wolfSSL_set_tls13_secret_cb(wctx->ssl,
-                                wssl_tls13_secret_callback, NULL);
+    wolfSSL_set_tls13_secret_cb(wctx->ssl, wssl_tls13_secret_callback, NULL);
 #endif
   }
 #endif /* OPENSSL_EXTRA */
@@ -1383,15 +1376,15 @@ CURLcode Curl_wssl_ctx_init(struct wssl_ctx *wctx,
     if(data->set.tls_ech == CURLECH_GREASE) {
       infof(data, "ECH: GREASE is done by default by wolfSSL: no need to ask");
     }
-    if(data->set.tls_ech & CURLECH_CLA_CFG
-       && data->set.str[STRING_ECH_CONFIG]) {
+    if(data->set.tls_ech & CURLECH_CLA_CFG &&
+       data->set.str[STRING_ECH_CONFIG]) {
       char *b64val = data->set.str[STRING_ECH_CONFIG];
       word32 b64len = 0;
 
-      b64len = (word32) strlen(b64val);
-      if(b64len
-         && wolfSSL_SetEchConfigsBase64(wctx->ssl, b64val, b64len)
-              != WOLFSSL_SUCCESS) {
+      b64len = (word32)strlen(b64val);
+      if(b64len &&
+         wolfSSL_SetEchConfigsBase64(wctx->ssl,
+                                     b64val, b64len) != WOLFSSL_SUCCESS) {
         if(data->set.tls_ech & CURLECH_HARD) {
           result = CURLE_SSL_CONNECT_ERROR;
           goto out;
@@ -1424,8 +1417,8 @@ CURLcode Curl_wssl_ctx_init(struct wssl_ctx *wctx,
           size_t elen = rinfo->echconfiglist_len;
 
           infof(data, "ECH: ECHConfig from DoH HTTPS RR");
-          if(wolfSSL_SetEchConfigs(wctx->ssl, ecl, (word32) elen) !=
-                WOLFSSL_SUCCESS) {
+          if(wolfSSL_SetEchConfigs(wctx->ssl, ecl, (word32)elen) !=
+             WOLFSSL_SUCCESS) {
             infof(data, "ECH: wolfSSL_SetEchConfigs failed");
             if(data->set.tls_ech & CURLECH_HARD) {
               result = CURLE_SSL_CONNECT_ERROR;
@@ -1476,8 +1469,8 @@ out:
  * This function loads all the client/CA certificates and CRLs. Setup the TLS
  * layer and do all necessary magic.
  */
-static CURLcode
-wssl_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data)
+static CURLcode wssl_connect_step1(struct Curl_cfilter *cf,
+                                   struct Curl_easy *data)
 {
   struct ssl_connect_data *connssl = cf->ctx;
   struct wssl_ctx *wssl = (struct wssl_ctx *)connssl->backend;
@@ -1542,9 +1535,7 @@ wssl_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data)
   return CURLE_OK;
 }
 
-
-static char *wssl_strerror(unsigned long error, char *buf,
-                           unsigned long size)
+static char *wssl_strerror(unsigned long error, char *buf, unsigned long size)
 {
   DEBUGASSERT(size > 40);
   *buf = '\0';
@@ -1665,8 +1656,7 @@ static CURLcode wssl_send_earlydata(struct Curl_cfilter *cf,
 }
 #endif /* WOLFSSL_EARLY_DATA */
 
-static CURLcode wssl_handshake(struct Curl_cfilter *cf,
-                               struct Curl_easy *data)
+static CURLcode wssl_handshake(struct Curl_cfilter *cf, struct Curl_easy *data)
 {
   struct ssl_connect_data *connssl = cf->ctx;
   struct wssl_ctx *wssl = (struct wssl_ctx *)connssl->backend;
@@ -1735,7 +1725,7 @@ static CURLcode wssl_handshake(struct Curl_cfilter *cf,
      conn_config->verifyhost &&
      !connssl->peer.sni) {
     /* we have an IP address as hostname. */
-    WOLFSSL_X509* cert = wolfSSL_get_peer_certificate(wssl->ssl);
+    WOLFSSL_X509 *cert = wolfSSL_get_peer_certificate(wssl->ssl);
     if(!cert) {
       failf(data, "unable to get peer certificate");
       return CURLE_PEER_FAILED_VERIFICATION;
@@ -1789,11 +1779,11 @@ static CURLcode wssl_handshake(struct Curl_cfilter *cf,
     }
     else if(wssl->io_result) {
       switch(wssl->io_result) {
-        case CURLE_SEND_ERROR:
-        case CURLE_RECV_ERROR:
-      return CURLE_SSL_CONNECT_ERROR;
-        default:
-          return wssl->io_result;
+      case CURLE_SEND_ERROR:
+      case CURLE_RECV_ERROR:
+        return CURLE_SSL_CONNECT_ERROR;
+      default:
+        return wssl->io_result;
       }
     }
 #ifdef USE_ECH_WOLFSSL
@@ -1804,8 +1794,7 @@ static CURLcode wssl_handshake(struct Curl_cfilter *cf,
       int rv = 0;
 
       /* this currently does not produce the retry_configs */
-      rv = wolfSSL_GetEchConfigs(wssl->ssl, echConfigs,
-                                 &echConfigsLen);
+      rv = wolfSSL_GetEchConfigs(wssl->ssl, echConfigs, &echConfigsLen);
       if(rv != WOLFSSL_SUCCESS) {
         infof(data, "Failed to get ECHConfigs");
       }
@@ -2087,7 +2076,6 @@ size_t Curl_wssl_version(char *buffer, size_t size)
 #endif
 }
 
-
 static int wssl_init(void)
 {
   int ret;
@@ -2101,7 +2089,6 @@ static int wssl_init(void)
   return ret;
 }
 
-
 static void wssl_cleanup(void)
 {
   wssl_bio_cf_free_methods();
@@ -2111,7 +2098,6 @@ static void wssl_cleanup(void)
 #endif
 }
 
-
 static bool wssl_data_pending(struct Curl_cfilter *cf,
                               const struct Curl_easy *data)
 {
@@ -2128,15 +2114,14 @@ static bool wssl_data_pending(struct Curl_cfilter *cf,
     return FALSE;
 }
 
-void Curl_wssl_report_handshake(struct Curl_easy *data,
-                                struct wssl_ctx *wssl)
+void Curl_wssl_report_handshake(struct Curl_easy *data, struct wssl_ctx *wssl)
 {
 #if (LIBWOLFSSL_VERSION_HEX >= 0x03009010)
-    infof(data, "SSL connection using %s / %s",
-          wolfSSL_get_version(wssl->ssl),
-          wolfSSL_get_cipher_name(wssl->ssl));
+  infof(data, "SSL connection using %s / %s",
+        wolfSSL_get_version(wssl->ssl),
+        wolfSSL_get_cipher_name(wssl->ssl));
 #else
-    infof(data, "SSL connected");
+  infof(data, "SSL connected");
 #endif
 }
 
diff --git a/lib/vtls/wolfssl.h b/lib/vtls/wolfssl.h
index 7ff4cfb881..5e3c9e2c5d 100644
--- a/lib/vtls/wolfssl.h
+++ b/lib/vtls/wolfssl.h
@@ -41,9 +41,9 @@ extern const struct Curl_ssl Curl_ssl_wolfssl;
 
 struct wssl_ctx {
   struct WOLFSSL_CTX *ssl_ctx;
-  struct WOLFSSL     *ssl;
-  CURLcode    io_result;   /* result of last BIO cfilter operation */
-  CURLcode    hs_result;   /* result of handshake */
+  struct WOLFSSL *ssl;
+  CURLcode io_result;      /* result of last BIO cfilter operation */
+  CURLcode hs_result;      /* result of handshake */
   int io_send_blocked_len; /* length of last BIO write that EAGAIN-ed */
   BIT(x509_store_setup);   /* x509 store has been set up */
   BIT(shutting_down);      /* TLS is being shut down */
@@ -88,8 +88,7 @@ CURLcode Curl_wssl_verify_pinned(struct Curl_cfilter *cf,
                                  struct Curl_easy *data,
                                  struct wssl_ctx *wssl);
 
-void Curl_wssl_report_handshake(struct Curl_easy *data,
-                                struct wssl_ctx *wssl);
+void Curl_wssl_report_handshake(struct Curl_easy *data, struct wssl_ctx *wssl);
 
 #endif /* USE_WOLFSSL */
 #endif /* HEADER_CURL_WOLFSSL_H */
diff --git a/lib/vtls/x509asn1.c b/lib/vtls/x509asn1.c
index fcc0d0e1da..f63a9fcb99 100644
--- a/lib/vtls/x509asn1.c
+++ b/lib/vtls/x509asn1.c
@@ -192,7 +192,7 @@ static const char *getASN1Element_(struct Curl_asn1Element *elem,
 
   /* Process header byte. */
   elem->header = beg;
-  b = (unsigned char) *beg++;
+  b = (unsigned char)*beg++;
   elem->constructed = (b & 0x20) != 0;
   elem->eclass = (b >> 6) & 3;
   b &= 0x1F;
@@ -203,7 +203,7 @@ static const char *getASN1Element_(struct Curl_asn1Element *elem,
   /* Process length. */
   if(beg >= end)
     return NULL;
-  b = (unsigned char) *beg++;
+  b = (unsigned char)*beg++;
   if(!(b & 0x80))
     len = b;
   else if(!(b &= 0x7F)) {
@@ -284,7 +284,7 @@ static CURLcode bool2str(struct dynbuf *store,
 {
   if(end - beg != 1)
     return CURLE_BAD_FUNCTION_ARGUMENT;
-  return curlx_dyn_add(store, *beg ? "TRUE": "FALSE");
+  return curlx_dyn_add(store, *beg ? "TRUE" : "FALSE");
 }
 
 /*
@@ -298,13 +298,12 @@ static CURLcode octet2str(struct dynbuf *store,
   CURLcode result = CURLE_OK;
 
   while(!result && beg < end)
-    result = curlx_dyn_addf(store, "%02x:", (unsigned char) *beg++);
+    result = curlx_dyn_addf(store, "%02x:", (unsigned char)*beg++);
 
   return result;
 }
 
-static CURLcode bit2str(struct dynbuf *store,
-                        const char *beg, const char *end)
+static CURLcode bit2str(struct dynbuf *store, const char *beg, const char *end)
 {
   /* Convert an ASN.1 bit string to a printable string. */
 
@@ -318,8 +317,7 @@ static CURLcode bit2str(struct dynbuf *store,
  *
  * Returns error.
  */
-static CURLcode int2str(struct dynbuf *store,
-                        const char *beg, const char *end)
+static CURLcode int2str(struct dynbuf *store, const char *beg, const char *end)
 {
   unsigned int val = 0;
   size_t n = end - beg;
@@ -335,7 +333,7 @@ static CURLcode int2str(struct dynbuf *store,
     val = ~val;
 
   do
-    val = (val << 8) | *(const unsigned char *) beg++;
+    val = (val << 8) | *(const unsigned char *)beg++;
   while(beg < end);
   return curlx_dyn_addf(store, "%s%x", val >= 10 ? "0x" : "", val);
 }
@@ -348,8 +346,8 @@ static CURLcode int2str(struct dynbuf *store,
  *
  * Returns error.
  */
-static CURLcode
-utf8asn1str(struct dynbuf *to, int type, const char *from, const char *end)
+static CURLcode utf8asn1str(struct dynbuf *to, int type, const char *from,
+                            const char *end)
 {
   size_t inlength = end - from;
   int size = 1;
@@ -390,14 +388,14 @@ utf8asn1str(struct dynbuf *to, int type, const char *from, const char *end)
 
       switch(size) {
       case 4:
-        wc = (wc << 8) | *(const unsigned char *) from++;
-        wc = (wc << 8) | *(const unsigned char *) from++;
+        wc = (wc << 8) | *(const unsigned char *)from++;
+        wc = (wc << 8) | *(const unsigned char *)from++;
         FALLTHROUGH();
       case 2:
-        wc = (wc << 8) | *(const unsigned char *) from++;
+        wc = (wc << 8) | *(const unsigned char *)from++;
         FALLTHROUGH();
       default: /* case 1: */
-        wc = (wc << 8) | *(const unsigned char *) from++;
+        wc = (wc << 8) | *(const unsigned char *)from++;
       }
       if(wc >= 0x00000080) {
         if(wc >= 0x00000800) {
@@ -406,19 +404,19 @@ utf8asn1str(struct dynbuf *to, int type, const char *from, const char *end)
               /* Invalid char. size for target encoding. */
               return CURLE_WEIRD_SERVER_REPLY;
             }
-            buf[3] = (char) (0x80 | (wc & 0x3F));
+            buf[3] = (char)(0x80 | (wc & 0x3F));
             wc = (wc >> 6) | 0x00010000;
             charsize++;
           }
-          buf[2] = (char) (0x80 | (wc & 0x3F));
+          buf[2] = (char)(0x80 | (wc & 0x3F));
           wc = (wc >> 6) | 0x00000800;
           charsize++;
         }
-        buf[1] = (char) (0x80 | (wc & 0x3F));
+        buf[1] = (char)(0x80 | (wc & 0x3F));
         wc = (wc >> 6) | 0x000000C0;
         charsize++;
       }
-      buf[0] = (char) wc;
+      buf[0] = (char)wc;
       result = curlx_dyn_addn(to, buf, charsize);
     }
   }
@@ -438,7 +436,7 @@ static CURLcode encodeOID(struct dynbuf *store,
   CURLcode result = CURLE_OK;
 
   /* Process the first two numbers. */
-  y = *(const unsigned char *) beg++;
+  y = *(const unsigned char *)beg++;
   x = y / 40;
   y -= x * 40;
 
@@ -452,7 +450,7 @@ static CURLcode encodeOID(struct dynbuf *store,
     do {
       if(x & 0xFF000000)
         return CURLE_OK;
-      y = *(const unsigned char *) beg++;
+      y = *(const unsigned char *)beg++;
       x = (x << 7) | (y & 0x7F);
     } while(y & 0x80);
     result = curlx_dyn_addf(store, ".%u", x);
@@ -973,8 +971,8 @@ static CURLcode do_pubkey_field(struct Curl_easy *data, int certnum,
 }
 
 /* return 0 on success, 1 on error */
-static int do_pubkey(struct Curl_easy *data, int certnum,
-                     const char *algo, struct Curl_asn1Element *param,
+static int do_pubkey(struct Curl_easy *data, int certnum, const char *algo,
+                     struct Curl_asn1Element *param,
                      struct Curl_asn1Element *pubkey)
 {
   struct Curl_asn1Element elem;
@@ -1019,7 +1017,7 @@ static int do_pubkey(struct Curl_easy *data, int certnum,
     len = ((elem.end - q) * 8);
     if(len) {
       unsigned int i;
-      for(i = *(const unsigned char *) q; !(i & 0x80); i <<= 1)
+      for(i = *(const unsigned char *)q; !(i & 0x80); i <<= 1)
         len--;
     }
     if(len > 32)
@@ -1078,8 +1076,7 @@ static int do_pubkey(struct Curl_easy *data, int certnum,
  * Convert an ASN.1 distinguished name into a printable string.
  * Return error.
  */
-static CURLcode DNtostr(struct dynbuf *store,
-                        struct Curl_asn1Element *dn)
+static CURLcode DNtostr(struct dynbuf *store, struct Curl_asn1Element *dn)
 {
   return encodeDN(store, dn);
 }
@@ -1135,7 +1132,7 @@ CURLcode Curl_extract_certinfo(struct Curl_easy *data,
   /* Version (always fits in less than 32 bits). */
   version = 0;
   for(ptr = cert.version.beg; ptr < cert.version.end; ptr++)
-    version = (version << 8) | *(const unsigned char *) ptr;
+    version = (version << 8) | *(const unsigned char *)ptr;
   if(data->set.ssl.certinfo) {
     result = curlx_dyn_addf(&out, "%x", version);
     if(result)
@@ -1163,8 +1160,7 @@ CURLcode Curl_extract_certinfo(struct Curl_easy *data,
   if(result)
     goto done;
   if(data->set.ssl.certinfo) {
-    result = ssl_push_certinfo_dyn(data, certnum, "Signature Algorithm",
-                                   &out);
+    result = ssl_push_certinfo_dyn(data, certnum, "Signature Algorithm", &out);
     if(result)
       goto done;
   }

From 47a1ab2ebecb21485c0e955316d90511e80a3c43 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sat, 29 Nov 2025 22:37:26 +0100
Subject: [PATCH 1064/2408] lib: fix formatting nits (part 1)

From `lib/a*` to `lib/cs*`.

Closes #19764
---
 lib/altsvc.c      |   1 -
 lib/altsvc.h      |   2 +-
 lib/amigaos.c     |  12 ++--
 lib/arpa_telnet.h |  12 ++--
 lib/asyn-ares.c   |  22 +++----
 lib/asyn-base.c   |   8 +--
 lib/asyn-thrdd.c  |  15 ++---
 lib/asyn.h        |  20 +++---
 lib/bufq.c        |   3 +-
 lib/bufq.h        |   2 +-
 lib/bufref.c      |   2 +-
 lib/bufref.h      |   1 -
 lib/cf-h1-proxy.c |  40 ++++++------
 lib/cf-h1-proxy.h |   1 -
 lib/cf-h2-proxy.c | 159 +++++++++++++++++++++++-----------------------
 lib/cf-haproxy.c  |   8 +--
 lib/cf-ip-happy.c |  88 +++++++++++++------------
 lib/cf-socket.c   | 117 +++++++++++++++++-----------------
 lib/cf-socket.h   |   2 +-
 lib/cfilters.c    |  19 +++---
 lib/cfilters.h    |  55 ++++++++--------
 lib/conncache.c   |  18 ++----
 lib/conncache.h   |   3 +-
 lib/connect.c     |  64 +++++++++----------
 lib/connect.h     |  12 ++--
 lib/cookie.c      |  61 ++++++++----------
 lib/cookie.h      |  40 ++++++------
 lib/cshutdn.c     |  20 ++----
 28 files changed, 376 insertions(+), 431 deletions(-)

diff --git a/lib/altsvc.c b/lib/altsvc.c
index 84f6c1b445..cbaf4b4d85 100644
--- a/lib/altsvc.c
+++ b/lib/altsvc.c
@@ -64,7 +64,6 @@ const char *Curl_alpnid2str(enum alpnid id)
   }
 }
 
-
 static void altsvc_free(struct altsvc *as)
 {
   curlx_free(as->src.host);
diff --git a/lib/altsvc.h b/lib/altsvc.h
index 831cd09743..d370b4e4b1 100644
--- a/lib/altsvc.h
+++ b/lib/altsvc.h
@@ -68,7 +68,7 @@ bool Curl_altsvc_lookup(struct altsvcinfo *asi,
                         const int versions); /* CURLALTSVC_H* bits */
 #else
 /* disabled */
-#define Curl_altsvc_save(a,b,c)
+#define Curl_altsvc_save(a, b, c)
 #define Curl_altsvc_cleanup(x)
 #endif /* !CURL_DISABLE_HTTP && !CURL_DISABLE_ALTSVC */
 #endif /* HEADER_CURL_ALTSVC_H */
diff --git a/lib/amigaos.c b/lib/amigaos.c
index e4b678d541..d32ee5e790 100644
--- a/lib/amigaos.c
+++ b/lib/amigaos.c
@@ -120,8 +120,7 @@ void Curl_amiga_cleanup(void)
  * allocates memory also.
  */
 
-struct Curl_addrinfo *Curl_ipv4_resolve_r(const char *hostname,
-                                          int port)
+struct Curl_addrinfo *Curl_ipv4_resolve_r(const char *hostname, int port)
 {
   struct Curl_addrinfo *ai = NULL;
   struct hostent *h;
@@ -144,7 +143,7 @@ struct Curl_addrinfo *Curl_ipv4_resolve_r(const char *hostname,
     }
   }
   else {
-    #ifdef CURLRES_THREADED
+#ifdef CURLRES_THREADED
     /* gethostbyname() is not thread safe, so we need to reopen bsdsocket
      * on the thread's context
      */
@@ -160,13 +159,13 @@ struct Curl_addrinfo *Curl_ipv4_resolve_r(const char *hostname,
       }
       CloseLibrary(base);
     }
-    #else
+#else
     /* not using threaded resolver - safe to use this as-is */
     h = gethostbyname(hostname);
     if(h) {
       ai = Curl_he2ai(h, port);
     }
-    #endif
+#endif
   }
 
   return ai;
@@ -219,8 +218,7 @@ CURLcode Curl_amiga_init(void)
   }
 
   if(SocketBaseTags(SBTM_SETVAL(SBTC_ERRNOPTR(sizeof(errno))), (ULONG)&errno,
-                    SBTM_SETVAL(SBTC_LOGTAGPTR), (ULONG)"curl",
-                    TAG_DONE)) {
+                    SBTM_SETVAL(SBTC_LOGTAGPTR), (ULONG)"curl", TAG_DONE)) {
     CURL_AMIGA_REQUEST("SocketBaseTags ERROR");
     return CURLE_FAILED_INIT;
   }
diff --git a/lib/arpa_telnet.h b/lib/arpa_telnet.h
index 055aa98b10..daf2487fc6 100644
--- a/lib/arpa_telnet.h
+++ b/lib/arpa_telnet.h
@@ -43,8 +43,7 @@
 /*
  * The telnet options represented as strings
  */
-static const char * const telnetoptions[]=
-{
+static const char * const telnetoptions[] = {
   "BINARY",      "ECHO",           "RCP",           "SUPPRESS GO AHEAD",
   "NAME",        "STATUS",         "TIMING MARK",   "RCTE",
   "NAOL",        "NAOP",           "NAOCRD",        "NAOHTS",
@@ -86,8 +85,7 @@ static const char * const telnetoptions[]=
 /*
  * Then those numbers represented as strings:
  */
-static const char * const telnetcmds[]=
-{
+static const char * const telnetcmds[] = {
   "EOF",  "SUSP",  "ABORT", "EOR",  "SE",
   "NOP",  "DMARK", "BRK",   "IP",   "AO",
   "AYT",  "EC",    "EL",    "GA",   "SB",
@@ -103,11 +101,11 @@ static const char * const telnetcmds[]=
 #define CURL_TELQUAL_INFO 2
 #define CURL_TELQUAL_NAME 3
 
-#define CURL_TELCMD_OK(x) ( ((unsigned int)(x) >= CURL_TELCMD_MINIMUM) && \
-                       ((unsigned int)(x) <= CURL_TELCMD_MAXIMUM) )
+#define CURL_TELCMD_OK(x)  (((unsigned int)(x) >= CURL_TELCMD_MINIMUM) && \
+                            ((unsigned int)(x) <= CURL_TELCMD_MAXIMUM))
 
 #ifndef CURL_DISABLE_VERBOSE_STRINGS
-#define CURL_TELCMD(x)    telnetcmds[(x)-CURL_TELCMD_MINIMUM]
+#define CURL_TELCMD(x)    telnetcmds[(x) - CURL_TELCMD_MINIMUM]
 #else
 #define CURL_TELCMD(x)    ""
 #endif
diff --git a/lib/asyn-ares.c b/lib/asyn-ares.c
index e3ba512b77..ce4f866be6 100644
--- a/lib/asyn-ares.c
+++ b/lib/asyn-ares.c
@@ -140,7 +140,6 @@ void Curl_async_global_cleanup(void)
 #endif
 }
 
-
 static void sock_state_cb(void *data, ares_socket_t socket_fd,
                           int readable, int writable)
 {
@@ -309,12 +308,12 @@ CURLcode Curl_async_is_resolved(struct Curl_easy *data,
   /* Now that we have checked for any last minute results above, see if there
      are any responses still pending when the EXPIRE_HAPPY_EYEBALLS_DNS timer
      expires. */
-  if(ares->num_pending
+  if(ares->num_pending &&
      /* This is only set to non-zero if the timer was started. */
-     && (ares->happy_eyeballs_dns_time.tv_sec
-         || ares->happy_eyeballs_dns_time.tv_usec)
-     && (curlx_timediff_ms(curlx_now(), ares->happy_eyeballs_dns_time)
-         >= HAPPY_EYEBALLS_DNS_TIMEOUT)) {
+     (ares->happy_eyeballs_dns_time.tv_sec ||
+      ares->happy_eyeballs_dns_time.tv_usec) &&
+     (curlx_timediff_ms(curlx_now(), ares->happy_eyeballs_dns_time) >=
+      HAPPY_EYEBALLS_DNS_TIMEOUT)) {
     /* Remember that the EXPIRE_HAPPY_EYEBALLS_DNS timer is no longer
        running. */
     memset(&ares->happy_eyeballs_dns_time, 0,
@@ -418,8 +417,8 @@ CURLcode Curl_async_await(struct Curl_easy *data,
     itimeout_ms = (int)timeout_ms;
 #endif
 
-    max_timeout.tv_sec = itimeout_ms/1000;
-    max_timeout.tv_usec = (itimeout_ms%1000)*1000;
+    max_timeout.tv_sec = itimeout_ms / 1000;
+    max_timeout.tv_usec = (itimeout_ms % 1000) * 1000;
 
     real_timeout = ares_timeout(ares->channel, &max_timeout, &time_buf);
 
@@ -427,7 +426,7 @@ CURLcode Curl_async_await(struct Curl_easy *data,
        second is left, otherwise just use 1000ms to make sure the progress
        callback gets called frequent enough */
     if(!real_timeout->tv_sec)
-      call_timeout_ms = (timediff_t)(real_timeout->tv_usec/1000);
+      call_timeout_ms = (timediff_t)(real_timeout->tv_usec / 1000);
     else
       call_timeout_ms = 1000;
 
@@ -518,7 +517,7 @@ static void async_ares_hostbyname_cb(void *user_data,
   if(ARES_SUCCESS == status) {
     ares->ares_status = status; /* one success overrules any error */
     async_addr_concat(&ares->temp_ai,
-      Curl_he2ai(hostent, data->state.async.port));
+                      Curl_he2ai(hostent, data->state.async.port));
   }
   else if(ares->ares_status != ARES_SUCCESS) {
     /* no success so far, remember last error */
@@ -586,8 +585,7 @@ static void async_ares_hostbyname_cb(void *user_data,
        c-ares retry cycle each request is.
     */
     ares->happy_eyeballs_dns_time = curlx_now();
-    Curl_expire(data, HAPPY_EYEBALLS_DNS_TIMEOUT,
-                EXPIRE_HAPPY_EYEBALLS_DNS);
+    Curl_expire(data, HAPPY_EYEBALLS_DNS_TIMEOUT, EXPIRE_HAPPY_EYEBALLS_DNS);
   }
 }
 
diff --git a/lib/asyn-base.c b/lib/asyn-base.c
index 6338a3fc6e..5358fcb8fa 100644
--- a/lib/asyn-base.c
+++ b/lib/asyn-base.c
@@ -59,7 +59,6 @@
  **********************************************************************/
 #ifdef CURLRES_ASYNCH
 
-
 #ifdef USE_ARES
 
 #if ARES_VERSION < 0x010600
@@ -122,8 +121,7 @@ CURLcode Curl_ares_pollset(struct Curl_easy *data,
  *
  * return number of sockets it worked on, or -1 on error
  */
-int Curl_ares_perform(ares_channel channel,
-                      timediff_t timeout_ms)
+int Curl_ares_perform(ares_channel channel, timediff_t timeout_ms)
 {
   int nfds;
   int bitmask;
@@ -142,11 +140,11 @@ int Curl_ares_perform(ares_channel channel,
     pfd[i].revents = 0;
     if(ARES_GETSOCK_READABLE(bitmask, i)) {
       pfd[i].fd = socks[i];
-      pfd[i].events |= POLLRDNORM|POLLIN;
+      pfd[i].events |= POLLRDNORM | POLLIN;
     }
     if(ARES_GETSOCK_WRITABLE(bitmask, i)) {
       pfd[i].fd = socks[i];
-      pfd[i].events |= POLLWRNORM|POLLOUT;
+      pfd[i].events |= POLLWRNORM | POLLOUT;
     }
     if(pfd[i].events)
       num++;
diff --git a/lib/asyn-thrdd.c b/lib/asyn-thrdd.c
index 6c2e02fd18..e5bf0629d3 100644
--- a/lib/asyn-thrdd.c
+++ b/lib/asyn-thrdd.c
@@ -45,13 +45,13 @@
 #endif
 
 #if defined(USE_THREADS_POSIX) && defined(HAVE_PTHREAD_H)
-#  include 
+#include 
 #endif
 
 #ifdef HAVE_GETADDRINFO
-#  define RESOLVER_ENOMEM  EAI_MEMORY  /* = WSA_NOT_ENOUGH_MEMORY on Windows */
+#define RESOLVER_ENOMEM  EAI_MEMORY  /* = WSA_NOT_ENOUGH_MEMORY on Windows */
 #else
-#  define RESOLVER_ENOMEM  SOCKENOMEM
+#define RESOLVER_ENOMEM  SOCKENOMEM
 #endif
 
 #include "urldata.h"
@@ -245,7 +245,6 @@ static CURL_THREAD_RETURN_T CURL_STDCALL getaddrinfo_thread(void *arg)
       }
     }
 #endif
-
   }
 
   addr_ctx_unlink(&addr_ctx, NULL);
@@ -486,8 +485,8 @@ static void async_thrdd_shutdown(struct Curl_easy *data)
 
   Curl_mutex_acquire(&addr_ctx->mutx);
 #ifndef CURL_DISABLE_SOCKETPAIR
-    if(!addr_ctx->do_abort)
-      Curl_multi_will_close(data, addr_ctx->sock_pair[0]);
+  if(!addr_ctx->do_abort)
+    Curl_multi_will_close(data, addr_ctx->sock_pair[0]);
 #endif
   addr_ctx->do_abort = TRUE;
   done = addr_ctx->thrd_done;
@@ -703,7 +702,7 @@ CURLcode Curl_async_pollset(struct Curl_easy *data, struct easy_pollset *ps)
 
   if(!thrd_done) {
 #ifndef CURL_DISABLE_SOCKETPAIR
-  /* return read fd to client for polling the DNS resolution status */
+    /* return read fd to client for polling the DNS resolution status */
     result = Curl_pollset_add_in(data, ps, thrdd->addr->sock_pair[0]);
 #else
     timediff_t milli;
@@ -711,7 +710,7 @@ CURLcode Curl_async_pollset(struct Curl_easy *data, struct easy_pollset *ps)
     if(ms < 3)
       milli = 0;
     else if(ms <= 50)
-      milli = ms/3;
+      milli = ms / 3;
     else if(ms <= 250)
       milli = 50;
     else
diff --git a/lib/asyn.h b/lib/asyn.h
index 8da7dd9720..e5e472e247 100644
--- a/lib/asyn.h
+++ b/lib/asyn.h
@@ -129,19 +129,18 @@ CURLcode Curl_ares_pollset(struct Curl_easy *data,
                            ares_channel channel,
                            struct easy_pollset *ps);
 
-int Curl_ares_perform(ares_channel channel,
-                      timediff_t timeout_ms);
+int Curl_ares_perform(ares_channel channel, timediff_t timeout_ms);
 #endif
 
 #ifdef CURLRES_ARES
 /* async resolving implementation using c-ares alone */
 struct async_ares_ctx {
   ares_channel channel;
-  int num_pending; /* number of outstanding c-ares requests */
+  int num_pending;               /* number of outstanding c-ares requests */
   struct Curl_addrinfo *temp_ai; /* intermediary result while fetching c-ares
                                     parts */
-  int ares_status; /* ARES_SUCCESS, ARES_ENOTFOUND, etc. */
-  CURLcode result; /* CURLE_OK or error handling response */
+  int ares_status;               /* ARES_SUCCESS, ARES_ENOTFOUND, etc. */
+  CURLcode result;               /* CURLE_OK or error handling response */
 #ifndef HAVE_CARES_GETADDRINFO
   struct curltime happy_eyeballs_dns_time; /* when this timer started, or 0 */
 #endif
@@ -223,11 +222,11 @@ struct doh_probes;
 #else /* CURLRES_ASYNCH */
 
 /* convert these functions if an asynch resolver is not used */
-#define Curl_async_get_impl(x,y)    (*(y) = NULL, CURLE_OK)
-#define Curl_async_is_resolved(x,y) CURLE_COULDNT_RESOLVE_HOST
-#define Curl_async_await(x,y) CURLE_COULDNT_RESOLVE_HOST
-#define Curl_async_global_init() CURLE_OK
-#define Curl_async_global_cleanup() Curl_nop_stmt
+#define Curl_async_get_impl(x, y)    (*(y) = NULL, CURLE_OK)
+#define Curl_async_is_resolved(x,y)  CURLE_COULDNT_RESOLVE_HOST
+#define Curl_async_await(x, y)       CURLE_COULDNT_RESOLVE_HOST
+#define Curl_async_global_init()     CURLE_OK
+#define Curl_async_global_cleanup()  Curl_nop_stmt
 
 #endif /* !CURLRES_ASYNCH */
 
@@ -270,6 +269,5 @@ void Curl_async_destroy(struct Curl_easy *data);
 #define Curl_async_destroy(x) Curl_nop_stmt
 #endif /* USE_CURL_ASYNC */
 
-
 /********** end of generic resolver interface functions *****************/
 #endif /* HEADER_CURL_ASYN_H */
diff --git a/lib/bufq.c b/lib/bufq.c
index 5a77fc52d4..6eeeeb35d4 100644
--- a/lib/bufq.c
+++ b/lib/bufq.c
@@ -143,7 +143,6 @@ static void chunk_list_free(struct buf_chunk **anchor)
   }
 }
 
-
 void Curl_bufcp_init(struct bufc_pool *pool,
                      size_t chunk_size, size_t spare_max)
 {
@@ -330,7 +329,7 @@ static void prune_head(struct bufq *q)
       --q->chunk_count;
     }
     else if((q->chunk_count > q->max_chunks) ||
-       (q->opts & BUFQ_OPT_NO_SPARES)) {
+            (q->opts & BUFQ_OPT_NO_SPARES)) {
       /* SOFT_LIMIT allowed us more than max. free spares until
        * we are at max again. Or free them if we are configured
        * to not use spares. */
diff --git a/lib/bufq.h b/lib/bufq.h
index 9557e5d33b..112388a6bf 100644
--- a/lib/bufq.h
+++ b/lib/bufq.h
@@ -38,7 +38,7 @@ struct buf_chunk {
   size_t r_offset;         /* first unread bytes */
   size_t w_offset;         /* one after last written byte */
   union {
-    uint8_t data[1]; /* the buffer for `dlen` bytes */
+    uint8_t data[1];       /* the buffer for `dlen` bytes */
     void *dummy;           /* alignment */
   } x;
 };
diff --git a/lib/bufref.c b/lib/bufref.c
index d5181a5da6..643fe5d2e0 100644
--- a/lib/bufref.c
+++ b/lib/bufref.c
@@ -76,7 +76,7 @@ void Curl_bufref_set(struct bufref *br, const void *ptr, size_t len,
   DEBUGASSERT(len <= CURL_MAX_INPUT_LENGTH);
 
   Curl_bufref_free(br);
-  br->ptr = (const unsigned char *) ptr;
+  br->ptr = (const unsigned char *)ptr;
   br->len = len;
   br->dtor = dtor;
 }
diff --git a/lib/bufref.h b/lib/bufref.h
index dd424f18f5..f80011fde5 100644
--- a/lib/bufref.h
+++ b/lib/bufref.h
@@ -36,7 +36,6 @@ struct bufref {
 #endif
 };
 
-
 void Curl_bufref_init(struct bufref *br);
 void Curl_bufref_set(struct bufref *br, const void *ptr, size_t len,
                      void (*dtor)(void *));
diff --git a/lib/cf-h1-proxy.c b/lib/cf-h1-proxy.c
index 84ba3d6193..19c63a12b0 100644
--- a/lib/cf-h1-proxy.c
+++ b/lib/cf-h1-proxy.c
@@ -48,12 +48,12 @@
 
 
 typedef enum {
-    H1_TUNNEL_INIT,     /* init/default/no tunnel state */
-    H1_TUNNEL_CONNECT,  /* CONNECT request is being send */
-    H1_TUNNEL_RECEIVE,  /* CONNECT answer is being received */
-    H1_TUNNEL_RESPONSE, /* CONNECT response received completely */
-    H1_TUNNEL_ESTABLISHED,
-    H1_TUNNEL_FAILED
+  H1_TUNNEL_INIT,     /* init/default/no tunnel state */
+  H1_TUNNEL_CONNECT,  /* CONNECT request is being send */
+  H1_TUNNEL_RECEIVE,  /* CONNECT answer is being received */
+  H1_TUNNEL_RESPONSE, /* CONNECT response received completely */
+  H1_TUNNEL_ESTABLISHED,
+  H1_TUNNEL_FAILED
 } h1_tunnel_state;
 
 /* struct for HTTP CONNECT tunneling */
@@ -74,7 +74,6 @@ struct h1_tunnel_state {
   BIT(close_connection);
 };
 
-
 static bool tunnel_is_established(struct h1_tunnel_state *ts)
 {
   return ts && (ts->tunnel_state == H1_TUNNEL_ESTABLISHED);
@@ -209,9 +208,9 @@ static CURLcode start_CONNECT(struct Curl_cfilter *cf,
   int http_minor;
   CURLcode result;
 
-    /* This only happens if we have looped here due to authentication
-       reasons, and we do not really use the newly cloned URL here
-       then. Just free it. */
+  /* This only happens if we have looped here due to authentication
+     reasons, and we do not really use the newly cloned URL here
+     then. Just free it. */
   Curl_safefree(data->req.newurl);
 
   result = Curl_http_proxy_create_CONNECT(&req, cf, data, 1);
@@ -281,10 +280,8 @@ static CURLcode on_resp_header(struct Curl_cfilter *cf,
   struct SingleRequest *k = &data->req;
   (void)cf;
 
-  if((checkprefix("WWW-Authenticate:", header) &&
-      (401 == k->httpcode)) ||
-     (checkprefix("Proxy-authenticate:", header) &&
-      (407 == k->httpcode))) {
+  if((checkprefix("WWW-Authenticate:", header) && (401 == k->httpcode)) ||
+     (checkprefix("Proxy-authenticate:", header) && (407 == k->httpcode))) {
 
     bool proxy = (k->httpcode == 407);
     char *auth = Curl_copy_header_value(header);
@@ -300,7 +297,7 @@ static CURLcode on_resp_header(struct Curl_cfilter *cf,
       return result;
   }
   else if(checkprefix("Content-Length:", header)) {
-    if(k->httpcode/100 == 2) {
+    if(k->httpcode / 100 == 2) {
       /* A client MUST ignore any Content-Length or Transfer-Encoding
          header fields received in a successful response to CONNECT.
          "Successful" described as: 2xx (Successful). RFC 7231 4.3.6 */
@@ -319,7 +316,7 @@ static CURLcode on_resp_header(struct Curl_cfilter *cf,
                              STRCONST("Connection:"), STRCONST("close")))
     ts->close_connection = TRUE;
   else if(checkprefix("Transfer-Encoding:", header)) {
-    if(k->httpcode/100 == 2) {
+    if(k->httpcode / 100 == 2) {
       /* A client MUST ignore any Content-Length or Transfer-Encoding
          header fields received in a successful response to CONNECT.
          "Successful" described as: 2xx (Successful). RFC 7231 4.3.6 */
@@ -493,8 +490,8 @@ static CURLcode recv_CONNECT_resp(struct Curl_cfilter *cf,
         ts->keepon = KEEPON_DONE;
       }
 
-      DEBUGASSERT(ts->keepon == KEEPON_IGNORE
-                  || ts->keepon == KEEPON_DONE);
+      DEBUGASSERT(ts->keepon == KEEPON_IGNORE ||
+                  ts->keepon == KEEPON_DONE);
       continue;
     }
 
@@ -508,7 +505,7 @@ static CURLcode recv_CONNECT_resp(struct Curl_cfilter *cf,
   if(error)
     result = CURLE_RECV_ERROR;
   *done = (ts->keepon == KEEPON_DONE);
-  if(!result && *done && data->info.httpproxycode/100 != 2) {
+  if(!result && *done && data->info.httpproxycode / 100 != 2) {
     /* Deal with the possibly already received authenticate
        headers. 'newurl' is set to a new URL if we must loop. */
     result = Curl_http_auth_act(data);
@@ -603,7 +600,7 @@ static CURLcode H1_CONNECT(struct Curl_cfilter *cf,
   } while(data->req.newurl);
 
   DEBUGASSERT(ts->tunnel_state == H1_TUNNEL_RESPONSE);
-  if(data->info.httpproxycode/100 != 2) {
+  if(data->info.httpproxycode / 100 != 2) {
     /* a non-2xx response and we have no next URL to try. */
     Curl_safefree(data->req.newurl);
     h1_tunnel_go_state(cf, ts, H1_TUNNEL_FAILED, data);
@@ -716,10 +713,9 @@ static void cf_h1_proxy_close(struct Curl_cfilter *cf,
   }
 }
 
-
 struct Curl_cftype Curl_cft_h1_proxy = {
   "H1-PROXY",
-  CF_TYPE_IP_CONNECT|CF_TYPE_PROXY,
+  CF_TYPE_IP_CONNECT | CF_TYPE_PROXY,
   0,
   cf_h1_proxy_destroy,
   cf_h1_proxy_connect,
diff --git a/lib/cf-h1-proxy.h b/lib/cf-h1-proxy.h
index ac5bed0b2b..ded55db9df 100644
--- a/lib/cf-h1-proxy.h
+++ b/lib/cf-h1-proxy.h
@@ -33,7 +33,6 @@ CURLcode Curl_cf_h1_proxy_insert_after(struct Curl_cfilter *cf,
 
 extern struct Curl_cftype Curl_cft_h1_proxy;
 
-
 #endif /* !CURL_DISABLE_PROXY && !CURL_DISABLE_HTTP */
 
 #endif /* HEADER_CURL_H1_PROXY_H */
diff --git a/lib/cf-h2-proxy.c b/lib/cf-h2-proxy.c
index 7066db3b4c..fb2586d1d0 100644
--- a/lib/cf-h2-proxy.c
+++ b/lib/cf-h2-proxy.c
@@ -45,12 +45,12 @@
 #include "curlx/warnless.h"
 #include "cf-h2-proxy.h"
 
-#define PROXY_H2_CHUNK_SIZE  (16*1024)
+#define PROXY_H2_CHUNK_SIZE  (16 * 1024)
 
 #define PROXY_HTTP2_HUGE_WINDOW_SIZE (100 * 1024 * 1024)
 #define H2_TUNNEL_WINDOW_SIZE        (10 * 1024 * 1024)
 
-#define PROXY_H2_NW_RECV_CHUNKS  (H2_TUNNEL_WINDOW_SIZE / PROXY_H2_CHUNK_SIZE)
+#define PROXY_H2_NW_RECV_CHUNKS   (H2_TUNNEL_WINDOW_SIZE / PROXY_H2_CHUNK_SIZE)
 #define PROXY_H2_NW_SEND_CHUNKS   1
 
 #define H2_TUNNEL_RECV_CHUNKS   (H2_TUNNEL_WINDOW_SIZE / PROXY_H2_CHUNK_SIZE)
@@ -58,11 +58,11 @@
 
 
 typedef enum {
-    H2_TUNNEL_INIT,     /* init/default/no tunnel state */
-    H2_TUNNEL_CONNECT,  /* CONNECT request is being send */
-    H2_TUNNEL_RESPONSE, /* CONNECT response received completely */
-    H2_TUNNEL_ESTABLISHED,
-    H2_TUNNEL_FAILED
+  H2_TUNNEL_INIT,     /* init/default/no tunnel state */
+  H2_TUNNEL_CONNECT,  /* CONNECT request is being send */
+  H2_TUNNEL_RESPONSE, /* CONNECT response received completely */
+  H2_TUNNEL_ESTABLISHED,
+  H2_TUNNEL_FAILED
 } h2_tunnel_state;
 
 struct tunnel_stream {
@@ -94,7 +94,7 @@ static CURLcode tunnel_stream_init(struct Curl_cfilter *cf,
   Curl_http_proxy_get_destination(cf, &hostname, &port, &ipv6_ip);
 
   /* host:port with IPv6 support */
-  ts->authority = curl_maprintf("%s%s%s:%d", ipv6_ip ? "[":"", hostname,
+  ts->authority = curl_maprintf("%s%s%s:%d", ipv6_ip ? "[" : "", hostname,
                                 ipv6_ip ? "]" : "", port);
   if(!ts->authority)
     return CURLE_OUT_OF_MEMORY;
@@ -184,8 +184,7 @@ struct cf_h2_proxy_ctx {
 
 /* How to access `call_data` from a cf_h2 filter */
 #undef CF_CTX_CALL_DATA
-#define CF_CTX_CALL_DATA(cf)  \
-  ((struct cf_h2_proxy_ctx *)(cf)->ctx)->call_data
+#define CF_CTX_CALL_DATA(cf) ((struct cf_h2_proxy_ctx *)(cf)->ctx)->call_data
 
 static void cf_h2_proxy_ctx_clear(struct cf_h2_proxy_ctx *ctx)
 {
@@ -542,70 +541,70 @@ static int proxy_h2_fr_print(const nghttp2_frame *frame,
                              char *buffer, size_t blen)
 {
   switch(frame->hd.type) {
-    case NGHTTP2_DATA: {
-      return curl_msnprintf(buffer, blen,
-                            "FRAME[DATA, len=%d, eos=%d, padlen=%d]",
-                            (int)frame->hd.length,
-                            !!(frame->hd.flags & NGHTTP2_FLAG_END_STREAM),
-                            (int)frame->data.padlen);
+  case NGHTTP2_DATA: {
+    return curl_msnprintf(buffer, blen,
+                          "FRAME[DATA, len=%d, eos=%d, padlen=%d]",
+                          (int)frame->hd.length,
+                          !!(frame->hd.flags & NGHTTP2_FLAG_END_STREAM),
+                          (int)frame->data.padlen);
+  }
+  case NGHTTP2_HEADERS: {
+    return curl_msnprintf(buffer, blen,
+                          "FRAME[HEADERS, len=%d, hend=%d, eos=%d]",
+                          (int)frame->hd.length,
+                          !!(frame->hd.flags & NGHTTP2_FLAG_END_HEADERS),
+                          !!(frame->hd.flags & NGHTTP2_FLAG_END_STREAM));
+  }
+  case NGHTTP2_PRIORITY: {
+    return curl_msnprintf(buffer, blen,
+                          "FRAME[PRIORITY, len=%d, flags=%d]",
+                          (int)frame->hd.length, frame->hd.flags);
+  }
+  case NGHTTP2_RST_STREAM: {
+    return curl_msnprintf(buffer, blen,
+                          "FRAME[RST_STREAM, len=%d, flags=%d, error=%u]",
+                          (int)frame->hd.length, frame->hd.flags,
+                          frame->rst_stream.error_code);
+  }
+  case NGHTTP2_SETTINGS: {
+    if(frame->hd.flags & NGHTTP2_FLAG_ACK) {
+      return curl_msnprintf(buffer, blen, "FRAME[SETTINGS, ack=1]");
     }
-    case NGHTTP2_HEADERS: {
-      return curl_msnprintf(buffer, blen,
-                            "FRAME[HEADERS, len=%d, hend=%d, eos=%d]",
-                            (int)frame->hd.length,
-                            !!(frame->hd.flags & NGHTTP2_FLAG_END_HEADERS),
-                            !!(frame->hd.flags & NGHTTP2_FLAG_END_STREAM));
-    }
-    case NGHTTP2_PRIORITY: {
-      return curl_msnprintf(buffer, blen,
-                            "FRAME[PRIORITY, len=%d, flags=%d]",
-                            (int)frame->hd.length, frame->hd.flags);
-    }
-    case NGHTTP2_RST_STREAM: {
-      return curl_msnprintf(buffer, blen,
-                            "FRAME[RST_STREAM, len=%d, flags=%d, error=%u]",
-                            (int)frame->hd.length, frame->hd.flags,
-                            frame->rst_stream.error_code);
-    }
-    case NGHTTP2_SETTINGS: {
-      if(frame->hd.flags & NGHTTP2_FLAG_ACK) {
-        return curl_msnprintf(buffer, blen, "FRAME[SETTINGS, ack=1]");
-      }
-      return curl_msnprintf(buffer, blen,
-                            "FRAME[SETTINGS, len=%d]", (int)frame->hd.length);
-    }
-    case NGHTTP2_PUSH_PROMISE:
-      return curl_msnprintf(buffer, blen,
-                            "FRAME[PUSH_PROMISE, len=%d, hend=%d]",
-                            (int)frame->hd.length,
-                            !!(frame->hd.flags & NGHTTP2_FLAG_END_HEADERS));
-    case NGHTTP2_PING:
-      return curl_msnprintf(buffer, blen,
-                            "FRAME[PING, len=%d, ack=%d]",
-                            (int)frame->hd.length,
-                            frame->hd.flags & NGHTTP2_FLAG_ACK);
-    case NGHTTP2_GOAWAY: {
-      char scratch[128];
-      size_t s_len = CURL_ARRAYSIZE(scratch);
-      size_t len = (frame->goaway.opaque_data_len < s_len) ?
-        frame->goaway.opaque_data_len : s_len-1;
-      if(len)
-        memcpy(scratch, frame->goaway.opaque_data, len);
-      scratch[len] = '\0';
-      return curl_msnprintf(buffer, blen,
-                            "FRAME[GOAWAY, error=%d, reason='%s', "
-                            "last_stream=%d]", frame->goaway.error_code,
-                            scratch, frame->goaway.last_stream_id);
-    }
-    case NGHTTP2_WINDOW_UPDATE: {
-      return curl_msnprintf(buffer, blen,
-                            "FRAME[WINDOW_UPDATE, incr=%d]",
-                            frame->window_update.window_size_increment);
-    }
-    default:
-      return curl_msnprintf(buffer, blen, "FRAME[%d, len=%d, flags=%d]",
-                            frame->hd.type, (int)frame->hd.length,
-                            frame->hd.flags);
+    return curl_msnprintf(buffer, blen,
+                          "FRAME[SETTINGS, len=%d]", (int)frame->hd.length);
+  }
+  case NGHTTP2_PUSH_PROMISE:
+    return curl_msnprintf(buffer, blen,
+                          "FRAME[PUSH_PROMISE, len=%d, hend=%d]",
+                          (int)frame->hd.length,
+                          !!(frame->hd.flags & NGHTTP2_FLAG_END_HEADERS));
+  case NGHTTP2_PING:
+    return curl_msnprintf(buffer, blen,
+                          "FRAME[PING, len=%d, ack=%d]",
+                          (int)frame->hd.length,
+                          frame->hd.flags & NGHTTP2_FLAG_ACK);
+  case NGHTTP2_GOAWAY: {
+    char scratch[128];
+    size_t s_len = CURL_ARRAYSIZE(scratch);
+    size_t len = (frame->goaway.opaque_data_len < s_len) ?
+      frame->goaway.opaque_data_len : s_len-1;
+    if(len)
+      memcpy(scratch, frame->goaway.opaque_data, len);
+    scratch[len] = '\0';
+    return curl_msnprintf(buffer, blen,
+                          "FRAME[GOAWAY, error=%d, reason='%s', "
+                          "last_stream=%d]", frame->goaway.error_code,
+                          scratch, frame->goaway.last_stream_id);
+  }
+  case NGHTTP2_WINDOW_UPDATE: {
+    return curl_msnprintf(buffer, blen,
+                          "FRAME[WINDOW_UPDATE, incr=%d]",
+                          frame->window_update.window_size_increment);
+  }
+  default:
+    return curl_msnprintf(buffer, blen, "FRAME[%d, len=%d, flags=%d]",
+                          frame->hd.type, (int)frame->hd.length,
+                          frame->hd.flags);
   }
 }
 
@@ -621,7 +620,7 @@ static int proxy_h2_on_frame_send(nghttp2_session *session,
   if(data && Curl_trc_cf_is_verbose(cf, data)) {
     char buffer[256];
     int len;
-    len = proxy_h2_fr_print(frame, buffer, sizeof(buffer)-1);
+    len = proxy_h2_fr_print(frame, buffer, sizeof(buffer) - 1);
     buffer[len] = 0;
     CURL_TRC_CF(data, cf, "[%d] -> %s", frame->hd.stream_id, buffer);
   }
@@ -644,9 +643,9 @@ static int proxy_h2_on_frame_recv(nghttp2_session *session,
   if(Curl_trc_cf_is_verbose(cf, data)) {
     char buffer[256];
     int len;
-    len = proxy_h2_fr_print(frame, buffer, sizeof(buffer)-1);
+    len = proxy_h2_fr_print(frame, buffer, sizeof(buffer) - 1);
     buffer[len] = 0;
-    CURL_TRC_CF(data, cf, "[%d] <- %s",frame->hd.stream_id, buffer);
+    CURL_TRC_CF(data, cf, "[%d] <- %s", frame->hd.stream_id, buffer);
   }
 #endif /* !CURL_DISABLE_VERBOSE_STRINGS */
 
@@ -962,7 +961,7 @@ static CURLcode inspect_response(struct Curl_cfilter *cf,
   (void)cf;
 
   DEBUGASSERT(ts->resp);
-  if(ts->resp->status/100 == 2) {
+  if(ts->resp->status / 100 == 2) {
     infof(data, "CONNECT tunnel established, response %d", ts->resp->status);
     h2_tunnel_go_state(cf, ts, H2_TUNNEL_ESTABLISHED, data);
     return CURLE_OK;
@@ -1220,7 +1219,7 @@ static CURLcode cf_h2_proxy_adjust_pollset(struct Curl_cfilter *cf,
     c_exhaust = !nghttp2_session_get_remote_window_size(ctx->h2);
     s_exhaust = ctx->tunnel.stream_id >= 0 &&
                 !nghttp2_session_get_stream_remote_window_size(
-                   ctx->h2, ctx->tunnel.stream_id);
+                  ctx->h2, ctx->tunnel.stream_id);
     want_recv = (want_recv || c_exhaust || s_exhaust);
     want_send = (!s_exhaust && want_send) ||
                 (!c_exhaust && nghttp2_session_want_write(ctx->h2)) ||
@@ -1414,7 +1413,7 @@ out:
               "h2 windows %d-%d (stream-conn), buffers %zu-%zu (stream-conn)",
               ctx->tunnel.stream_id, len, result, *pnwritten,
               nghttp2_session_get_stream_remote_window_size(
-                  ctx->h2, ctx->tunnel.stream_id),
+                ctx->h2, ctx->tunnel.stream_id),
               nghttp2_session_get_remote_window_size(ctx->h2),
               Curl_bufq_len(&ctx->tunnel.sendbuf),
               Curl_bufq_len(&ctx->outbufq));
@@ -1566,7 +1565,7 @@ static CURLcode cf_h2_proxy_cntrl(struct Curl_cfilter *cf,
 
 struct Curl_cftype Curl_cft_h2_proxy = {
   "H2-PROXY",
-  CF_TYPE_IP_CONNECT|CF_TYPE_PROXY,
+  CF_TYPE_IP_CONNECT | CF_TYPE_PROXY,
   CURL_LOG_LVL_NONE,
   cf_h2_proxy_destroy,
   cf_h2_proxy_connect,
diff --git a/lib/cf-haproxy.c b/lib/cf-haproxy.c
index a1793c0071..5ceef5190a 100644
--- a/lib/cf-haproxy.c
+++ b/lib/cf-haproxy.c
@@ -36,9 +36,9 @@
 
 
 typedef enum {
-    HAPROXY_INIT,     /* init/default/no tunnel state */
-    HAPROXY_SEND,     /* data_out being sent */
-    HAPROXY_DONE      /* all work done */
+  HAPROXY_INIT,     /* init/default/no tunnel state */
+  HAPROXY_SEND,     /* data_out being sent */
+  HAPROXY_DONE      /* all work done */
 } haproxy_state;
 
 struct cf_haproxy_ctx {
@@ -61,7 +61,7 @@ static void cf_haproxy_ctx_free(struct cf_haproxy_ctx *ctx)
   }
 }
 
-static CURLcode cf_haproxy_date_out_set(struct Curl_cfilter*cf,
+static CURLcode cf_haproxy_date_out_set(struct Curl_cfilter *cf,
                                         struct Curl_easy *data)
 {
   struct cf_haproxy_ctx *ctx = cf->ctx;
diff --git a/lib/cf-ip-happy.c b/lib/cf-ip-happy.c
index 8901db02c2..72ac59b7d9 100644
--- a/lib/cf-ip-happy.c
+++ b/lib/cf-ip-happy.c
@@ -108,7 +108,6 @@ void Curl_debug_set_transport_provider(uint8_t transport,
 }
 #endif /* UNITTESTS */
 
-
 struct cf_ai_iter {
   const struct Curl_addrinfo *head;
   const struct Curl_addrinfo *last;
@@ -423,9 +422,9 @@ evaluate:
     int ai_family = 0;
 #ifdef USE_IPV6
     if((bs->last_attempt_ai_family == AF_INET) ||
-        !cf_ai_iter_has_more(&bs->addr_iter)) {
-       addr = cf_ai_iter_next(&bs->ipv6_iter);
-       ai_family = bs->ipv6_iter.ai_family;
+       !cf_ai_iter_has_more(&bs->addr_iter)) {
+      addr = cf_ai_iter_next(&bs->ipv6_iter);
+      ai_family = bs->ipv6_iter.ai_family;
     }
 #endif
     if(!addr) {
@@ -629,7 +628,6 @@ struct cf_ip_happy_ctx {
   struct curltime started;
 };
 
-
 static CURLcode is_connected(struct Curl_cfilter *cf,
                              struct Curl_easy *data,
                              bool *connected)
@@ -774,50 +772,50 @@ static CURLcode cf_ip_happy_connect(struct Curl_cfilter *cf,
   *done = FALSE;
 
   switch(ctx->state) {
-    case SCFST_INIT:
-      DEBUGASSERT(CURL_SOCKET_BAD == Curl_conn_cf_get_socket(cf, data));
-      DEBUGASSERT(!cf->connected);
-      result = start_connect(cf, data);
-      if(result)
-        return result;
-      ctx->state = SCFST_WAITING;
-      FALLTHROUGH();
-    case SCFST_WAITING:
-      result = is_connected(cf, data, done);
-      if(!result && *done) {
-        DEBUGASSERT(ctx->ballers.winner);
-        DEBUGASSERT(ctx->ballers.winner->cf);
-        DEBUGASSERT(ctx->ballers.winner->cf->connected);
-        /* we have a winner. Install and activate it.
-         * close/free all others. */
-        ctx->state = SCFST_DONE;
-        cf->connected = TRUE;
-        cf->next = ctx->ballers.winner->cf;
-        ctx->ballers.winner->cf = NULL;
-        cf_ip_happy_ctx_clear(cf, data);
-        Curl_expire_done(data, EXPIRE_HAPPY_EYEBALLS);
+  case SCFST_INIT:
+    DEBUGASSERT(CURL_SOCKET_BAD == Curl_conn_cf_get_socket(cf, data));
+    DEBUGASSERT(!cf->connected);
+    result = start_connect(cf, data);
+    if(result)
+      return result;
+    ctx->state = SCFST_WAITING;
+    FALLTHROUGH();
+  case SCFST_WAITING:
+    result = is_connected(cf, data, done);
+    if(!result && *done) {
+      DEBUGASSERT(ctx->ballers.winner);
+      DEBUGASSERT(ctx->ballers.winner->cf);
+      DEBUGASSERT(ctx->ballers.winner->cf->connected);
+      /* we have a winner. Install and activate it.
+       * close/free all others. */
+      ctx->state = SCFST_DONE;
+      cf->connected = TRUE;
+      cf->next = ctx->ballers.winner->cf;
+      ctx->ballers.winner->cf = NULL;
+      cf_ip_happy_ctx_clear(cf, data);
+      Curl_expire_done(data, EXPIRE_HAPPY_EYEBALLS);
 
-        if(cf->conn->handler->protocol & PROTO_FAMILY_SSH)
-          Curl_pgrsTime(data, TIMER_APPCONNECT); /* we are connected already */
+      if(cf->conn->handler->protocol & PROTO_FAMILY_SSH)
+        Curl_pgrsTime(data, TIMER_APPCONNECT); /* we are connected already */
 #ifndef CURL_DISABLE_VERBOSE_STRINGS
-        if(Curl_trc_cf_is_verbose(cf, data)) {
-          struct ip_quadruple ipquad;
-          bool is_ipv6;
-          if(!Curl_conn_cf_get_ip_info(cf->next, data, &is_ipv6, &ipquad)) {
-            const char *host;
-            int port;
-            Curl_conn_get_current_host(data, cf->sockindex, &host, &port);
-            CURL_TRC_CF(data, cf, "Connected to %s (%s) port %u",
-                        host, ipquad.remote_ip, ipquad.remote_port);
-          }
+      if(Curl_trc_cf_is_verbose(cf, data)) {
+        struct ip_quadruple ipquad;
+        bool is_ipv6;
+        if(!Curl_conn_cf_get_ip_info(cf->next, data, &is_ipv6, &ipquad)) {
+          const char *host;
+          int port;
+          Curl_conn_get_current_host(data, cf->sockindex, &host, &port);
+          CURL_TRC_CF(data, cf, "Connected to %s (%s) port %u",
+                      host, ipquad.remote_ip, ipquad.remote_port);
         }
-#endif
-        data->info.numconnects++; /* to track the # of connections made */
       }
-      break;
-    case SCFST_DONE:
-      *done = TRUE;
-      break;
+#endif
+      data->info.numconnects++; /* to track the # of connections made */
+    }
+    break;
+  case SCFST_DONE:
+    *done = TRUE;
+    break;
   }
   return result;
 }
diff --git a/lib/cf-socket.c b/lib/cf-socket.c
index 3172aee5b9..a129959416 100644
--- a/lib/cf-socket.c
+++ b/lib/cf-socket.c
@@ -96,7 +96,7 @@ static void set_ipv6_v6only(curl_socket_t sockfd, int on)
   (void)setsockopt(sockfd, IPPROTO_IPV6, IPV6_V6ONLY, (void *)&on, sizeof(on));
 }
 #else
-#define set_ipv6_v6only(x,y)
+#define set_ipv6_v6only(x, y)
 #endif
 
 static void tcpnodelay(struct Curl_cfilter *cf,
@@ -104,7 +104,7 @@ static void tcpnodelay(struct Curl_cfilter *cf,
                        curl_socket_t sockfd)
 {
 #if defined(TCP_NODELAY) && defined(CURL_TCP_NODELAY_SUPPORTED)
-  curl_socklen_t onoff = (curl_socklen_t) 1;
+  curl_socklen_t onoff = (curl_socklen_t)1;
   int level = IPPROTO_TCP;
   char buffer[STRERROR_LEN];
 
@@ -142,7 +142,7 @@ static void nosigpipe(struct Curl_cfilter *cf,
   }
 }
 #else
-#define nosigpipe(x,y,z) Curl_nop_stmt
+#define nosigpipe(x, y, z) Curl_nop_stmt
 #endif
 
 #if defined(USE_WINSOCK) || \
@@ -156,10 +156,9 @@ static void nosigpipe(struct Curl_cfilter *cf,
 #define KEEPALIVE_FACTOR(x)
 #endif
 
-static void
-tcpkeepalive(struct Curl_cfilter *cf,
-             struct Curl_easy *data,
-             curl_socket_t sockfd)
+static void tcpkeepalive(struct Curl_cfilter *cf,
+                         struct Curl_easy *data,
+                         curl_socket_t sockfd)
 {
   int optval = data->set.tcp_keepalive ? 1 : 0;
 
@@ -202,7 +201,7 @@ tcpkeepalive(struct Curl_cfilter *cf,
     {
 /* Offered by mingw-w64 and MS SDK. Latter only when targeting Win7+. */
 #ifndef SIO_KEEPALIVE_VALS
-#define SIO_KEEPALIVE_VALS  _WSAIOW(IOC_VENDOR,4)
+#define SIO_KEEPALIVE_VALS  _WSAIOW(IOC_VENDOR, 4)
       struct tcp_keepalive {
         u_long onoff;
         u_long keepalivetime;
@@ -342,15 +341,15 @@ static CURLcode socket_open(struct Curl_easy *data,
   DEBUGASSERT(data);
   DEBUGASSERT(data->conn);
   if(data->set.fopensocket) {
-   /*
-    * If the opensocket callback is set, all the destination address
-    * information is passed to the callback. Depending on this information the
-    * callback may opt to abort the connection, this is indicated returning
-    * CURL_SOCKET_BAD; otherwise it will return a not-connected socket. When
-    * the callback returns a valid socket the destination address information
-    * might have been changed and this 'new' address will actually be used
-    * here to connect.
-    */
+    /*
+     * If the opensocket callback is set, all the destination address
+     * information is passed to the callback. Depending on this information the
+     * callback may opt to abort the connection, this is indicated returning
+     * CURL_SOCKET_BAD; otherwise it will return a not-connected socket. When
+     * the callback returns a valid socket the destination address information
+     * might have been changed and this 'new' address will actually be used
+     * here to connect.
+     */
     Curl_set_in_callback(data, TRUE);
     *sockfd = data->set.fopensocket(data->set.opensocket_client,
                                     CURLSOCKTYPE_IPCXN,
@@ -600,7 +599,7 @@ static CURLcode bindlocal(struct Curl_easy *data, struct connectdata *conn,
   if(!iface && !host && !port)
     /* no local kind of binding was requested */
     return CURLE_OK;
-  else if(iface && (strlen(iface) >= 255) )
+  else if(iface && (strlen(iface) >= 255))
     return CURLE_BAD_FUNCTION_ARGUMENT;
 
   memset(&sa, 0, sizeof(struct Curl_sockaddr_storage));
@@ -640,33 +639,33 @@ static CURLcode bindlocal(struct Curl_easy *data, struct connectdata *conn,
       /* Discover IP from input device, then bind to it */
       if2ip_result = Curl_if2ip(af,
 #ifdef USE_IPV6
-                      scope, conn->scope_id,
+                                scope, conn->scope_id,
 #endif
-                      iface, myhost, sizeof(myhost));
+                                iface, myhost, sizeof(myhost));
     }
     switch(if2ip_result) {
-      case IF2IP_NOT_FOUND:
-        if(iface_input && !host_input) {
-          /* Do not fall back to treating it as a hostname */
-          char buffer[STRERROR_LEN];
-          data->state.os_errno = error = SOCKERRNO;
-          failf(data, "Could not bind to interface '%s' with errno %d: %s",
-                iface, error, curlx_strerror(error, buffer, sizeof(buffer)));
-          return CURLE_INTERFACE_FAILED;
-        }
-        break;
-      case IF2IP_AF_NOT_SUPPORTED:
-        /* Signal the caller to try another address family if available */
-        return CURLE_UNSUPPORTED_PROTOCOL;
-      case IF2IP_FOUND:
-        /*
-          * We now have the numerical IP address in the 'myhost' buffer
-          */
-        host = myhost;
-        infof(data, "Local Interface %s is ip %s using address family %i",
-              iface, host, af);
-        done = 1;
-        break;
+    case IF2IP_NOT_FOUND:
+      if(iface_input && !host_input) {
+        /* Do not fall back to treating it as a hostname */
+        char buffer[STRERROR_LEN];
+        data->state.os_errno = error = SOCKERRNO;
+        failf(data, "Could not bind to interface '%s' with errno %d: %s",
+              iface, error, curlx_strerror(error, buffer, sizeof(buffer)));
+        return CURLE_INTERFACE_FAILED;
+      }
+      break;
+    case IF2IP_AF_NOT_SUPPORTED:
+      /* Signal the caller to try another address family if available */
+      return CURLE_UNSUPPORTED_PROTOCOL;
+    case IF2IP_FOUND:
+      /*
+        * We now have the numerical IP address in the 'myhost' buffer
+        */
+      host = myhost;
+      infof(data, "Local Interface %s is ip %s using address family %i",
+            iface, host, af);
+      done = 1;
+      break;
     }
     if(!iface_input || host_input) {
       /*
@@ -728,7 +727,7 @@ static CURLcode bindlocal(struct Curl_easy *data, struct connectdata *conn,
                present, is known to be numeric */
             curl_off_t scope_id;
             if(curlx_str_number((const char **)CURL_UNCONST(&scope_ptr),
-                               &scope_id, UINT_MAX))
+                                &scope_id, UINT_MAX))
               return CURLE_UNSUPPORTED_PROTOCOL;
             si6->sin6_scope_id = (unsigned int)scope_id;
           }
@@ -921,7 +920,7 @@ struct cf_socket_ctx {
   int wblock_percent;                /* percent of writes doing EAGAIN */
   int wpartial_percent;              /* percent of bytes written in send */
   int rblock_percent;                /* percent of reads doing EAGAIN */
-  size_t recv_max;                  /* max enforced read size */
+  size_t recv_max;                   /* max enforced read size */
 #endif
   BIT(got_first_byte);               /* if first byte was received */
   BIT(listening);                    /* socket is listening */
@@ -1043,12 +1042,12 @@ static void set_local_ip(struct Curl_cfilter *cf,
     curl_socklen_t slen = sizeof(struct Curl_sockaddr_storage);
 
     memset(&ssloc, 0, sizeof(ssloc));
-    if(getsockname(ctx->sock, (struct sockaddr*) &ssloc, &slen)) {
+    if(getsockname(ctx->sock, (struct sockaddr *)&ssloc, &slen)) {
       int error = SOCKERRNO;
       infof(data, "getsockname() failed with errno %d: %s",
             error, curlx_strerror(error, buffer, sizeof(buffer)));
     }
-    else if(!Curl_addr2string((struct sockaddr*)&ssloc, slen,
+    else if(!Curl_addr2string((struct sockaddr *)&ssloc, slen,
                               ctx->ip.local_ip, &ctx->ip.local_port)) {
       infof(data, "ssloc inet_ntop() failed with errno %d: %s",
             errno, curlx_strerror(errno, buffer, sizeof(buffer)));
@@ -1123,8 +1122,8 @@ static CURLcode cf_socket_open(struct Curl_cfilter *cf,
     infof(data, "  Trying %s:%d...", ctx->ip.remote_ip, ctx->ip.remote_port);
 
 #ifdef USE_IPV6
-  is_tcp = (ctx->addr.family == AF_INET
-            || ctx->addr.family == AF_INET6) &&
+  is_tcp = (ctx->addr.family == AF_INET ||
+            ctx->addr.family == AF_INET6) &&
            ctx->addr.socktype == SOCK_STREAM;
 #else
   is_tcp = (ctx->addr.family == AF_INET) &&
@@ -1320,8 +1319,7 @@ static CURLcode cf_tcp_connect(struct Curl_cfilter *cf,
   rc = SOCKET_WRITABLE(ctx->sock, 0);
 
   if(rc == 0) { /* no connection yet */
-    CURL_TRC_CF(data, cf, "not connected yet on fd=%" FMT_SOCKET_T,
-                ctx->sock);
+    CURL_TRC_CF(data, cf, "not connected yet on fd=%" FMT_SOCKET_T, ctx->sock);
     return CURLE_OK;
   }
   else if(rc == CURL_CSELECT_OUT || cf->conn->bits.tcp_fastopen) {
@@ -1411,7 +1409,7 @@ static void win_update_sndbuf_size(struct cf_socket_ctx *ctx)
 
   if(curlx_timediff_ms(n, ctx->last_sndbuf_query_at) > 1000) {
     if(!WSAIoctl(ctx->sock, SIO_IDEAL_SEND_BACKLOG_QUERY, 0, 0,
-                  &ideal, sizeof(ideal), &ideallen, 0, 0) &&
+                 &ideal, sizeof(ideal), &ideallen, 0, 0) &&
        ideal != ctx->sndbuf_size &&
        !setsockopt(ctx->sock, SOL_SOCKET, SO_SNDBUF,
                    (const char *)&ideal, sizeof(ideal))) {
@@ -1443,7 +1441,7 @@ static CURLcode cf_socket_send(struct Curl_cfilter *cf, struct Curl_easy *data,
   if(ctx->wblock_percent > 0) {
     unsigned char c = 0;
     Curl_rand_bytes(data, FALSE, &c, 1);
-    if(c >= ((100-ctx->wblock_percent)*256/100)) {
+    if(c >= ((100 - ctx->wblock_percent) * 256 / 100)) {
       CURL_TRC_CF(data, cf, "send(len=%zu) SIMULATE EWOULDBLOCK", orig_len);
       cf->conn->sock[cf->sockindex] = fdsave;
       return CURLE_AGAIN;
@@ -1520,7 +1518,7 @@ static CURLcode cf_socket_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
   if(cf->cft != &Curl_cft_udp && ctx->rblock_percent > 0) {
     unsigned char c = 0;
     Curl_rand(data, &c, 1);
-    if(c >= ((100-ctx->rblock_percent)*256/100)) {
+    if(c >= ((100 - ctx->rblock_percent) * 256 / 100)) {
       CURL_TRC_CF(data, cf, "recv(len=%zu) SIMULATE EWOULDBLOCK", len);
       return CURLE_AGAIN;
     }
@@ -1634,7 +1632,7 @@ static bool cf_socket_conn_is_alive(struct Curl_cfilter *cf,
 
   /* Check with 0 timeout if there are any events pending on the socket */
   pfd[0].fd = ctx->sock;
-  pfd[0].events = POLLRDNORM|POLLIN|POLLRDBAND|POLLPRI;
+  pfd[0].events = POLLRDNORM | POLLIN | POLLRDBAND | POLLPRI;
   pfd[0].revents = 0;
 
   r = Curl_poll(pfd, 1, 0);
@@ -1646,7 +1644,7 @@ static bool cf_socket_conn_is_alive(struct Curl_cfilter *cf,
     CURL_TRC_CF(data, cf, "is_alive: poll timeout, assume alive");
     return TRUE;
   }
-  else if(pfd[0].revents & (POLLERR|POLLHUP|POLLPRI|POLLNVAL)) {
+  else if(pfd[0].revents & (POLLERR | POLLHUP | POLLPRI | POLLNVAL)) {
     CURL_TRC_CF(data, cf, "is_alive: err/hup/etc events, assume dead");
     return FALSE;
   }
@@ -1814,7 +1812,6 @@ static void linux_quic_gro(struct cf_socket_ctx *ctx)
 #define linux_quic_gro(x)
 #endif
 
-
 static CURLcode cf_udp_setup_quic(struct Curl_cfilter *cf,
                                   struct Curl_easy *data)
 {
@@ -2035,13 +2032,13 @@ static void cf_tcp_set_accepted_remote_ip(struct Curl_cfilter *cf,
   ctx->ip.remote_port = 0;
   plen = sizeof(ssrem);
   memset(&ssrem, 0, plen);
-  if(getpeername(ctx->sock, (struct sockaddr*) &ssrem, &plen)) {
+  if(getpeername(ctx->sock, (struct sockaddr *)&ssrem, &plen)) {
     int error = SOCKERRNO;
     failf(data, "getpeername() failed with errno %d: %s",
           error, curlx_strerror(error, buffer, sizeof(buffer)));
     return;
   }
-  if(!Curl_addr2string((struct sockaddr*)&ssrem, plen,
+  if(!Curl_addr2string((struct sockaddr *)&ssrem, plen,
                        ctx->ip.remote_ip, &ctx->ip.remote_port)) {
     failf(data, "ssrem inet_ntop() failed with errno %d: %s",
           errno, curlx_strerror(errno, buffer, sizeof(buffer)));
@@ -2111,10 +2108,10 @@ static CURLcode cf_tcp_accept_connect(struct Curl_cfilter *cf,
 
   size = sizeof(add);
 #ifdef HAVE_ACCEPT4
-  s_accepted = CURL_ACCEPT4(ctx->sock, (struct sockaddr *) &add, &size,
+  s_accepted = CURL_ACCEPT4(ctx->sock, (struct sockaddr *)&add, &size,
                             SOCK_NONBLOCK | SOCK_CLOEXEC);
 #else
-  s_accepted = CURL_ACCEPT(ctx->sock, (struct sockaddr *) &add, &size);
+  s_accepted = CURL_ACCEPT(ctx->sock, (struct sockaddr *)&add, &size);
 #endif
 
   if(CURL_SOCKET_BAD == s_accepted) {
diff --git a/lib/cf-socket.h b/lib/cf-socket.h
index 432b087045..e5f69c60f4 100644
--- a/lib/cf-socket.h
+++ b/lib/cf-socket.h
@@ -57,7 +57,7 @@ struct Curl_sockaddr_ex {
 
 /*
  * Parse interface option, and return the interface name and the host part.
-*/
+ */
 CURLcode Curl_parse_interface(const char *input,
                               char **dev, char **iface, char **host);
 
diff --git a/lib/cfilters.c b/lib/cfilters.c
index dd4cb5210a..f51da8521a 100644
--- a/lib/cfilters.c
+++ b/lib/cfilters.c
@@ -511,8 +511,7 @@ CURLcode Curl_conn_connect(struct Curl_easy *data,
       goto out;
     }
     else if(result) {
-      CURL_TRC_CF(data, cf, "Curl_conn_connect(), filter returned %d",
-                  result);
+      CURL_TRC_CF(data, cf, "Curl_conn_connect(), filter returned %d", result);
       conn_report_connect_stats(cf, data);
       goto out;
     }
@@ -653,7 +652,7 @@ bool Curl_conn_is_multiplex(struct connectdata *conn, int sockindex)
   for(; cf; cf = cf->next) {
     if(cf->cft->flags & CF_TYPE_MULTIPLEX)
       return TRUE;
-    if(cf->cft->flags & (CF_TYPE_IP_CONNECT|CF_TYPE_SSL))
+    if(cf->cft->flags & (CF_TYPE_IP_CONNECT | CF_TYPE_SSL))
       return FALSE;
   }
   return FALSE;
@@ -691,7 +690,7 @@ unsigned char Curl_conn_http_version(struct Curl_easy *data,
         v = (unsigned char)value;
       break;
     }
-    if(cf->cft->flags & (CF_TYPE_IP_CONNECT|CF_TYPE_SSL))
+    if(cf->cft->flags & (CF_TYPE_IP_CONNECT | CF_TYPE_SSL))
       break;
   }
   return (unsigned char)(result ? 0 : v);
@@ -803,9 +802,9 @@ void Curl_conn_get_current_host(struct Curl_easy *data, int sockindex,
   cf = CONN_SOCK_IDX_VALID(sockindex) ? data->conn->cfilter[sockindex] : NULL;
   /* Find the "lowest" tunneling proxy filter that has not connected yet. */
   while(cf && !cf->connected) {
-    if((cf->cft->flags & (CF_TYPE_IP_CONNECT|CF_TYPE_PROXY)) ==
-       (CF_TYPE_IP_CONNECT|CF_TYPE_PROXY))
-       cf_proxy = cf;
+    if((cf->cft->flags & (CF_TYPE_IP_CONNECT | CF_TYPE_PROXY)) ==
+       (CF_TYPE_IP_CONNECT | CF_TYPE_PROXY))
+      cf_proxy = cf;
     cf = cf->next;
   }
   /* cf_proxy (!= NULL) is not connected yet. It is talking
@@ -945,8 +944,7 @@ static CURLcode cf_cntrl_all(struct connectdata *conn,
 
 CURLcode Curl_conn_ev_data_setup(struct Curl_easy *data)
 {
-  return cf_cntrl_all(data->conn, data, FALSE,
-                      CF_CTRL_DATA_SETUP, 0, NULL);
+  return cf_cntrl_all(data->conn, data, FALSE, CF_CTRL_DATA_SETUP, 0, NULL);
 }
 
 CURLcode Curl_conn_flush(struct Curl_easy *data, int sockindex)
@@ -1100,8 +1098,7 @@ CURLcode Curl_conn_send(struct Curl_easy *data, int sockindex,
     return CURLE_BAD_FUNCTION_ARGUMENT;
 #ifdef DEBUGBUILD
   if(write_len) {
-    /* Allow debug builds to override this logic to force short sends
-    */
+    /* Allow debug builds to override this logic to force short sends */
     const char *p = getenv("CURL_SMALLSENDS");
     if(p) {
       curl_off_t altsize;
diff --git a/lib/cfilters.h b/lib/cfilters.h
index a3bd97a9f1..73b9cb03e0 100644
--- a/lib/cfilters.h
+++ b/lib/cfilters.h
@@ -116,16 +116,16 @@ typedef CURLcode Curl_cft_conn_keep_alive(struct Curl_cfilter *cf,
  * "ignored" meaning return values are ignored and the event is distributed
  *           to all filters in the chain. Overall result is always CURLE_OK.
  */
-/*      data event                          arg1       arg2     return */
-#define CF_CTRL_DATA_SETUP            4  /* 0          NULL     first fail */
-/* unused now                         5  */
-#define CF_CTRL_DATA_PAUSE            6  /* on/off     NULL     first fail */
-#define CF_CTRL_DATA_DONE             7  /* premature  NULL     ignored */
-#define CF_CTRL_DATA_DONE_SEND        8  /* 0          NULL     ignored */
+/*      data event                            arg1       arg2     return */
+#define CF_CTRL_DATA_SETUP              4  /* 0          NULL     first fail */
+/* unused now                           5  */
+#define CF_CTRL_DATA_PAUSE              6  /* on/off     NULL     first fail */
+#define CF_CTRL_DATA_DONE               7  /* premature  NULL     ignored */
+#define CF_CTRL_DATA_DONE_SEND          8  /* 0          NULL     ignored */
 /* update conn info at connection and data */
-#define CF_CTRL_CONN_INFO_UPDATE (256+0) /* 0          NULL     ignored */
-#define CF_CTRL_FORGET_SOCKET    (256+1) /* 0          NULL     ignored */
-#define CF_CTRL_FLUSH            (256+2) /* 0          NULL     first fail */
+#define CF_CTRL_CONN_INFO_UPDATE (256 + 0) /* 0          NULL     ignored */
+#define CF_CTRL_FORGET_SOCKET    (256 + 1) /* 0          NULL     ignored */
+#define CF_CTRL_FLUSH            (256 + 2) /* 0          NULL     first fail */
 
 /**
  * Handle event/control for the filter.
@@ -135,7 +135,6 @@ typedef CURLcode Curl_cft_cntrl(struct Curl_cfilter *cf,
                                 struct Curl_easy *data,
                                 int event, int arg1, void *arg2);
 
-
 /**
  * Queries to ask via a `Curl_cft_query *query` method on a cfilter chain.
  * - MAX_CONCURRENT: the maximum number of parallel transfers the filter
@@ -210,21 +209,21 @@ typedef CURLcode Curl_cft_query(struct Curl_cfilter *cf,
 
 /* A connection filter type, e.g. specific implementation. */
 struct Curl_cftype {
-  const char *name;                       /* name of the filter type */
-  int flags;                              /* flags of filter type */
-  int log_level;                          /* log level for such filters */
-  Curl_cft_destroy_this *destroy;         /* destroy resources of this cf */
-  Curl_cft_connect *do_connect;           /* establish connection */
-  Curl_cft_close *do_close;               /* close conn */
-  Curl_cft_shutdown *do_shutdown;         /* shutdown conn */
+  const char *name;                        /* name of the filter type */
+  int flags;                               /* flags of filter type */
+  int log_level;                           /* log level for such filters */
+  Curl_cft_destroy_this *destroy;          /* destroy resources of this cf */
+  Curl_cft_connect *do_connect;            /* establish connection */
+  Curl_cft_close *do_close;                /* close conn */
+  Curl_cft_shutdown *do_shutdown;          /* shutdown conn */
   Curl_cft_adjust_pollset *adjust_pollset; /* adjust transfer poll set */
-  Curl_cft_data_pending *has_data_pending;/* conn has data pending */
-  Curl_cft_send *do_send;                 /* send data */
-  Curl_cft_recv *do_recv;                 /* receive data */
-  Curl_cft_cntrl *cntrl;                  /* events/control */
-  Curl_cft_conn_is_alive *is_alive;       /* FALSE if conn is dead, Jim! */
-  Curl_cft_conn_keep_alive *keep_alive;   /* try to keep it alive */
-  Curl_cft_query *query;                  /* query filter chain */
+  Curl_cft_data_pending *has_data_pending; /* conn has data pending */
+  Curl_cft_send *do_send;                  /* send data */
+  Curl_cft_recv *do_recv;                  /* receive data */
+  Curl_cft_cntrl *cntrl;                   /* events/control */
+  Curl_cft_conn_is_alive *is_alive;        /* FALSE if conn is dead, Jim! */
+  Curl_cft_conn_keep_alive *keep_alive;    /* try to keep it alive */
+  Curl_cft_query *query;                   /* query filter chain */
 };
 
 /* A connection filter instance, e.g. registered at a connection */
@@ -426,7 +425,7 @@ const char *Curl_conn_get_alpn_negotiated(struct Curl_easy *data,
 
 /**
  * Close the filter chain at `sockindex` for connection `data->conn`.
-  * Filters remain in place and may be connected again afterwards.
+ * Filters remain in place and may be connected again afterwards.
  */
 void Curl_conn_close(struct Curl_easy *data, int sockindex);
 
@@ -622,7 +621,6 @@ CURLcode Curl_conn_send(struct Curl_easy *data, int sockindex,
                         const void *buf, size_t blen, bool eos,
                         size_t *pnwritten);
 
-
 /**
  * Types and macros used to keep the current easy handle in filter calls,
  * allowing for nested invocations. See #10336.
@@ -654,7 +652,7 @@ struct cf_call_data {
  * a member in the cfilter's `ctx`.
  *
  * #define CF_CTX_CALL_DATA(cf)   -> struct cf_call_data instance
-*/
+ */
 
 #ifdef DEBUGBUILD
 
@@ -688,7 +686,6 @@ struct cf_call_data {
 
 #endif /* !DEBUGBUILD */
 
-#define CF_DATA_CURRENT(cf) \
-  ((cf)? (CF_CTX_CALL_DATA(cf).data) : NULL)
+#define CF_DATA_CURRENT(cf) ((cf) ? (CF_CTX_CALL_DATA(cf).data) : NULL)
 
 #endif /* HEADER_CURL_CFILTERS_H */
diff --git a/lib/conncache.c b/lib/conncache.c
index 7f38a18757..c7a52b69f6 100644
--- a/lib/conncache.c
+++ b/lib/conncache.c
@@ -59,7 +59,7 @@
     }                                                                   \
   } while(0)
 
-#define CPOOL_UNLOCK(c,d)                                                 \
+#define CPOOL_UNLOCK(c,d)                                               \
   do {                                                                  \
     if((c)) {                                                           \
       DEBUGASSERT((c)->locked);                                         \
@@ -161,7 +161,6 @@ static struct connectdata *cpool_get_first(struct cpool *cpool)
   return NULL;
 }
 
-
 static struct cpool_bundle *cpool_find_bundle(struct cpool *cpool,
                                               struct connectdata *conn)
 {
@@ -178,7 +177,6 @@ static void cpool_remove_bundle(struct cpool *cpool,
   Curl_hash_delete(&cpool->dest2bundle, bundle->dest, bundle->dest_len);
 }
 
-
 static void cpool_remove_conn(struct cpool *cpool,
                               struct connectdata *conn)
 {
@@ -260,8 +258,8 @@ void Curl_cpool_xfer_init(struct Curl_easy *data)
   }
 }
 
-static struct cpool_bundle *
-cpool_add_bundle(struct cpool *cpool, struct connectdata *conn)
+static struct cpool_bundle *cpool_add_bundle(struct cpool *cpool,
+                                             struct connectdata *conn)
 {
   struct cpool_bundle *bundle;
 
@@ -341,7 +339,6 @@ static struct connectdata *cpool_get_oldest_idle(struct cpool *cpool)
   return oldest_idle;
 }
 
-
 int Curl_cpool_check_limits(struct Curl_easy *data,
                             struct connectdata *conn)
 {
@@ -386,10 +383,10 @@ int Curl_cpool_check_limits(struct Curl_easy *data,
         if(!oldest_idle)
           break;
         /* disconnect the old conn and continue */
-        CURL_TRC_M(data, "Discarding connection #%"
-                     FMT_OFF_T " from %zu to reach destination "
-                     "limit of %zu", oldest_idle->connection_id,
-                     Curl_llist_count(&bundle->conns), dest_limit);
+        CURL_TRC_M(data, "Discarding connection #%" FMT_OFF_T
+                   " from %zu to reach destination limit of %zu",
+                   oldest_idle->connection_id,
+                   Curl_llist_count(&bundle->conns), dest_limit);
         Curl_conn_terminate(cpool->idata, oldest_idle, FALSE);
 
         /* in case the bundle was destroyed in disconnect, look it up again */
@@ -704,7 +701,6 @@ void Curl_conn_terminate(struct Curl_easy *data,
     CPOOL_UNLOCK(cpool, data);
 }
 
-
 struct cpool_reaper_ctx {
   struct curltime now;
 };
diff --git a/lib/conncache.h b/lib/conncache.h
index a5f133344f..5761ee9b44 100644
--- a/lib/conncache.h
+++ b/lib/conncache.h
@@ -49,7 +49,7 @@ void Curl_conn_terminate(struct Curl_easy *data,
                          bool aborted);
 
 struct cpool {
-   /* the pooled connections, bundled per destination */
+  /* the pooled connections, bundled per destination */
   struct Curl_hash dest2bundle;
   size_t num_conn;
   curl_off_t next_connection_id;
@@ -166,5 +166,4 @@ void Curl_cpool_do_locked(struct Curl_easy *data,
 /* Close all unused connections, prevent reuse of existing ones. */
 void Curl_cpool_nw_changed(struct Curl_easy *data);
 
-
 #endif /* HEADER_CURL_CONNCACHE_H */
diff --git a/lib/connect.c b/lib/connect.c
index 72a27fae1c..748cf53a29 100644
--- a/lib/connect.c
+++ b/lib/connect.c
@@ -247,36 +247,35 @@ bool Curl_addr2string(struct sockaddr *sa, curl_socklen_t salen,
 #endif
 
   switch(sa->sa_family) {
-    case AF_INET:
-      si = (struct sockaddr_in *)(void *) sa;
-      if(curlx_inet_ntop(sa->sa_family, &si->sin_addr, addr, MAX_IPADR_LEN)) {
-        *port = ntohs(si->sin_port);
-        return TRUE;
-      }
-      break;
+  case AF_INET:
+    si = (struct sockaddr_in *)(void *)sa;
+    if(curlx_inet_ntop(sa->sa_family, &si->sin_addr, addr, MAX_IPADR_LEN)) {
+      *port = ntohs(si->sin_port);
+      return TRUE;
+    }
+    break;
 #ifdef USE_IPV6
-    case AF_INET6:
-      si6 = (struct sockaddr_in6 *)(void *) sa;
-      if(curlx_inet_ntop(sa->sa_family, &si6->sin6_addr, addr,
-                         MAX_IPADR_LEN)) {
-        *port = ntohs(si6->sin6_port);
-        return TRUE;
-      }
-      break;
+  case AF_INET6:
+    si6 = (struct sockaddr_in6 *)(void *)sa;
+    if(curlx_inet_ntop(sa->sa_family, &si6->sin6_addr, addr, MAX_IPADR_LEN)) {
+      *port = ntohs(si6->sin6_port);
+      return TRUE;
+    }
+    break;
 #endif
 #if (defined(HAVE_SYS_UN_H) || defined(WIN32_SOCKADDR_UN)) && defined(AF_UNIX)
-    case AF_UNIX:
-      if(salen > (curl_socklen_t)sizeof(CURL_SA_FAMILY_T)) {
-        su = (struct sockaddr_un*)sa;
-        curl_msnprintf(addr, MAX_IPADR_LEN, "%s", su->sun_path);
-      }
-      else
-        addr[0] = 0; /* socket with no name */
-      *port = 0;
-      return TRUE;
+  case AF_UNIX:
+    if(salen > (curl_socklen_t)sizeof(CURL_SA_FAMILY_T)) {
+      su = (struct sockaddr_un *)sa;
+      curl_msnprintf(addr, MAX_IPADR_LEN, "%s", su->sun_path);
+    }
+    else
+      addr[0] = 0; /* socket with no name */
+    *port = 0;
+    return TRUE;
 #endif
-    default:
-      break;
+  default:
+    break;
   }
 
   addr[0] = '\0';
@@ -338,7 +337,7 @@ void Curl_conncontrol(struct connectdata *conn,
 #endif
   is_multiplex = Curl_conn_is_multiplex(conn, FIRSTSOCKET);
   closeit = (ctrl == CONNCTRL_CONNECTION) ||
-    ((ctrl == CONNCTRL_STREAM) && !is_multiplex);
+            ((ctrl == CONNCTRL_STREAM) && !is_multiplex);
   if((ctrl == CONNCTRL_STREAM) && is_multiplex)
     ;  /* stream signal on multiplex conn never affects close state */
   else if((bit)closeit != conn->bits.close) {
@@ -409,8 +408,8 @@ connect_sub_chain:
 
   if(ctx->state < CF_SETUP_CNNCT_HTTP_PROXY && cf->conn->bits.httpproxy) {
 #ifdef USE_SSL
-    if(IS_HTTPS_PROXY(cf->conn->http_proxy.proxytype)
-       && !Curl_conn_is_ssl(cf->conn, cf->sockindex)) {
+    if(IS_HTTPS_PROXY(cf->conn->http_proxy.proxytype) &&
+       !Curl_conn_is_ssl(cf->conn, cf->sockindex)) {
       result = Curl_cf_ssl_proxy_insert_after(cf, data);
       if(result)
         return result;
@@ -450,9 +449,9 @@ connect_sub_chain:
 
   if(ctx->state < CF_SETUP_CNNCT_SSL) {
 #ifdef USE_SSL
-    if((ctx->ssl_mode == CURL_CF_SSL_ENABLE
-        || (ctx->ssl_mode != CURL_CF_SSL_DISABLE
-           && cf->conn->handler->flags & PROTOPT_SSL)) /* we want SSL */
+    if((ctx->ssl_mode == CURL_CF_SSL_ENABLE ||
+        (ctx->ssl_mode != CURL_CF_SSL_DISABLE &&
+         cf->conn->handler->flags & PROTOPT_SSL))       /* we want SSL */
        && !Curl_conn_is_ssl(cf->conn, cf->sockindex)) { /* it is missing */
       result = Curl_cf_ssl_insert_after(cf, data);
       if(result)
@@ -494,7 +493,6 @@ static void cf_setup_destroy(struct Curl_cfilter *cf, struct Curl_easy *data)
   Curl_safefree(ctx);
 }
 
-
 struct Curl_cftype Curl_cft_setup = {
   "SETUP",
   0,
diff --git a/lib/connect.h b/lib/connect.h
index 9060591dce..7d1c9c9089 100644
--- a/lib/connect.h
+++ b/lib/connect.h
@@ -100,13 +100,13 @@ void Curl_conncontrol(struct connectdata *conn,
   );
 
 #if defined(DEBUGBUILD) && !defined(CURL_DISABLE_VERBOSE_STRINGS)
-#define streamclose(x,y) Curl_conncontrol(x, CONNCTRL_STREAM, y)
-#define connclose(x,y) Curl_conncontrol(x, CONNCTRL_CONNECTION, y)
-#define connkeep(x,y) Curl_conncontrol(x, CONNCTRL_KEEP, y)
+#define streamclose(x, y) Curl_conncontrol(x, CONNCTRL_STREAM, y)
+#define connclose(x, y) Curl_conncontrol(x, CONNCTRL_CONNECTION, y)
+#define connkeep(x, y) Curl_conncontrol(x, CONNCTRL_KEEP, y)
 #else /* if !DEBUGBUILD || CURL_DISABLE_VERBOSE_STRINGS */
-#define streamclose(x,y) Curl_conncontrol(x, CONNCTRL_STREAM)
-#define connclose(x,y) Curl_conncontrol(x, CONNCTRL_CONNECTION)
-#define connkeep(x,y) Curl_conncontrol(x, CONNCTRL_KEEP)
+#define streamclose(x, y) Curl_conncontrol(x, CONNCTRL_STREAM)
+#define connclose(x, y) Curl_conncontrol(x, CONNCTRL_CONNECTION)
+#define connkeep(x, y) Curl_conncontrol(x, CONNCTRL_KEEP)
 #endif
 
 CURLcode Curl_cf_setup_insert_after(struct Curl_cfilter *cf_at,
diff --git a/lib/cookie.c b/lib/cookie.c
index 250c7390ce..81a57942b2 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -45,7 +45,7 @@
 static void strstore(char **str, const char *newstr, size_t len);
 
 /* number of seconds in 400 days */
-#define COOKIES_MAXAGE (400*24*3600)
+#define COOKIES_MAXAGE (400 * 24 * 3600)
 
 /* Make sure cookies never expire further away in time than 400 days into the
    future. (from RFC6265bis draft-19)
@@ -59,7 +59,7 @@ static void cap_expires(time_t now, struct Cookie *co)
     timediff_t cap = now + COOKIES_MAXAGE;
     if(co->expires > cap) {
       cap += 30;
-      co->expires = (cap/60)*60;
+      co->expires = (cap / 60) * 60;
     }
   }
 }
@@ -84,7 +84,7 @@ static bool cookie_tailmatch(const char *cookie_domain,
     return FALSE;
 
   if(!curl_strnequal(cookie_domain,
-                     hostname + hostname_len-cookie_domain_len,
+                     hostname + hostname_len - cookie_domain_len,
                      cookie_domain_len))
     return FALSE;
 
@@ -428,8 +428,8 @@ parse_cookie_header(struct Curl_easy *data,
        * combination of name + contents. Chrome and Firefox support 4095 or
        * 4096 bytes combo
        */
-      if(curlx_strlen(&name) >= (MAX_NAME-1) ||
-         curlx_strlen(&val) >= (MAX_NAME-1) ||
+      if(curlx_strlen(&name) >= (MAX_NAME - 1) ||
+         curlx_strlen(&val) >= (MAX_NAME - 1) ||
          ((curlx_strlen(&name) + curlx_strlen(&val)) > MAX_NAME)) {
         infof(data, "oversized cookie dropped, name/val %zu + %zu bytes",
               curlx_strlen(&name), curlx_strlen(&val));
@@ -530,11 +530,11 @@ parse_cookie_header(struct Curl_easy *data,
 
         is_ip = Curl_host_is_ipnum(domain ? domain : curlx_str(&val));
 
-        if(!domain
-           || (is_ip && !strncmp(curlx_str(&val), domain,
-                                 curlx_strlen(&val)) &&
-               (curlx_strlen(&val) == strlen(domain)))
-           || (!is_ip && cookie_tailmatch(curlx_str(&val),
+        if(!domain ||
+           (is_ip &&
+            !strncmp(curlx_str(&val), domain, curlx_strlen(&val)) &&
+            (curlx_strlen(&val) == strlen(domain))) ||
+           (!is_ip && cookie_tailmatch(curlx_str(&val),
                                           curlx_strlen(&val), domain))) {
           strstore(&co->domain, curlx_str(&val), curlx_strlen(&val));
           if(!co->domain)
@@ -689,7 +689,7 @@ parse_netscape(struct Cookie *co,
     co->httponly = TRUE;
   }
 
-  if(lineptr[0]=='#')
+  if(lineptr[0] == '#')
     /* do not even try the comments */
     return CURLE_OK;
 
@@ -704,7 +704,7 @@ parse_netscape(struct Cookie *co,
     next = (ptr[len] == '\t' ? &ptr[len + 1] : NULL);
     switch(fields) {
     case 0:
-      if(ptr[0]=='.') { /* skip preceding dots */
+      if(ptr[0] == '.') { /* skip preceding dots */
         ptr++;
         len--;
       }
@@ -792,10 +792,9 @@ parse_netscape(struct Cookie *co,
   return CURLE_OK;
 }
 
-static bool
-is_public_suffix(struct Curl_easy *data,
-                 struct Cookie *co,
-                 const char *domain)
+static bool is_public_suffix(struct Curl_easy *data,
+                             struct Cookie *co,
+                             const char *domain)
 {
 #ifdef USE_LIBPSL
   /*
@@ -899,7 +898,7 @@ static bool replace_existing(struct Curl_easy *data,
 
       if(clist->domain && co->domain) {
         if(curl_strequal(clist->domain, co->domain) &&
-          (clist->tailmatch == co->tailmatch))
+           (clist->tailmatch == co->tailmatch))
           /* The domains are identical */
           replace_old = TRUE;
       }
@@ -1059,7 +1058,6 @@ fail:
   return result;
 }
 
-
 /*
  * Curl_cookie_init()
  *
@@ -1195,7 +1193,6 @@ CURLcode Curl_cookie_loadfiles(struct Curl_easy *data)
   return result;
 }
 
-
 /*
  * cookie_sort
  *
@@ -1291,8 +1288,7 @@ CURLcode Curl_cookie_getlist(struct Curl_easy *data,
   /* at first, remove expired cookies */
   remove_expired(ci);
 
-  for(n = Curl_llist_head(&ci->cookielist[myhash]);
-      n; n = Curl_node_next(n)) {
+  for(n = Curl_llist_head(&ci->cookielist[myhash]); n; n = Curl_node_next(n)) {
     struct Cookie *co = Curl_node_elem(n);
 
     /* if the cookie requires we are secure we must only continue if we are! */
@@ -1302,7 +1298,7 @@ CURLcode Curl_cookie_getlist(struct Curl_easy *data,
       if(!co->domain ||
          (co->tailmatch && !is_ip &&
           cookie_tailmatch(co->domain, strlen(co->domain), host)) ||
-         ((!co->tailmatch || is_ip) && curl_strequal(host, co->domain)) ) {
+         ((!co->tailmatch || is_ip) && curl_strequal(host, co->domain))) {
         /*
          * the right part of the host matches the domain stuff in the
          * cookie data
@@ -1312,7 +1308,7 @@ CURLcode Curl_cookie_getlist(struct Curl_easy *data,
          * now check the left part of the path with the cookies path
          * requirement
          */
-        if(!co->spath || pathmatch(co->spath, path) ) {
+        if(!co->spath || pathmatch(co->spath, path)) {
 
           /*
            * This is a match and we add it to the return-linked-list
@@ -1445,14 +1441,14 @@ void Curl_cookie_cleanup(struct CookieInfo *ci)
 static char *get_netscape_format(const struct Cookie *co)
 {
   return curl_maprintf(
-    "%s"     /* httponly preamble */
-    "%s%s\t" /* domain */
-    "%s\t"   /* tailmatch */
-    "%s\t"   /* path */
-    "%s\t"   /* secure */
-    "%" FMT_OFF_T "\t"   /* expires */
-    "%s\t"   /* name */
-    "%s",    /* value */
+    "%s"               /* httponly preamble */
+    "%s%s\t"           /* domain */
+    "%s\t"             /* tailmatch */
+    "%s\t"             /* path */
+    "%s\t"             /* secure */
+    "%" FMT_OFF_T "\t" /* expires */
+    "%s\t"             /* name */
+    "%s",              /* value */
     co->httponly ? "#HttpOnly_" : "",
     /*
      * Make sure all domains are prefixed with a dot if they allow
@@ -1522,8 +1518,7 @@ static CURLcode cookie_output(struct Curl_easy *data,
 
     /* only sort the cookies with a domain property */
     for(i = 0; i < COOKIE_HASH_SIZE; i++) {
-      for(n = Curl_llist_head(&ci->cookielist[i]); n;
-          n = Curl_node_next(n)) {
+      for(n = Curl_llist_head(&ci->cookielist[i]); n; n = Curl_node_next(n)) {
         struct Cookie *co = Curl_node_elem(n);
         if(!co->domain)
           continue;
diff --git a/lib/cookie.h b/lib/cookie.h
index e1be698cf4..5e9f5f7823 100644
--- a/lib/cookie.h
+++ b/lib/cookie.h
@@ -30,29 +30,29 @@
 #include "llist.h"
 
 struct Cookie {
-  struct Curl_llist_node node; /* for the main cookie list */
+  struct Curl_llist_node node;    /* for the main cookie list */
   struct Curl_llist_node getnode; /* for getlist */
-  char *name;         /*  = value */
-  char *value;        /* name =  */
-  char *path;         /* path =  which is in Set-Cookie: */
-  char *spath;        /* sanitized cookie path */
-  char *domain;       /* domain =  */
-  curl_off_t expires; /* expires =  */
-  unsigned int creationtime; /* time when the cookie was written */
-  BIT(tailmatch);     /* tail-match the domain name */
-  BIT(secure);        /* the 'secure' keyword was used */
-  BIT(livecookie);    /* updated from a server, not a stored file */
-  BIT(httponly);      /* the httponly directive is present */
-  BIT(prefix_secure); /* secure prefix is set */
-  BIT(prefix_host);   /* host prefix is set */
+  char *name;                     /*  = value */
+  char *value;                    /* name =  */
+  char *path;                     /* path =  which is in Set-Cookie: */
+  char *spath;                    /* sanitized cookie path */
+  char *domain;                   /* domain =  */
+  curl_off_t expires;             /* expires =  */
+  unsigned int creationtime;      /* time when the cookie was written */
+  BIT(tailmatch);                 /* tail-match the domain name */
+  BIT(secure);                    /* the 'secure' keyword was used */
+  BIT(livecookie);                /* updated from server, not a stored file */
+  BIT(httponly);                  /* the httponly directive is present */
+  BIT(prefix_secure);             /* secure prefix is set */
+  BIT(prefix_host);               /* host prefix is set */
 };
 
 /*
  * Available cookie prefixes, as defined in
  * draft-ietf-httpbis-rfc6265bis-02
  */
-#define COOKIE_PREFIX__SECURE (1<<0)
-#define COOKIE_PREFIX__HOST (1<<1)
+#define COOKIE_PREFIX__SECURE (1 << 0)
+#define COOKIE_PREFIX__HOST (1 << 1)
 
 #define COOKIE_HASH_SIZE 63
 
@@ -60,9 +60,9 @@ struct CookieInfo {
   /* linked lists of cookies we know of */
   struct Curl_llist cookielist[COOKIE_HASH_SIZE];
   curl_off_t next_expiration; /* the next time at which expiration happens */
-  unsigned int numcookies;  /* number of cookies in the "jar" */
-  unsigned int lastct;      /* last creation-time used in the jar */
-  BIT(running);    /* state info, for cookie adding information */
+  unsigned int numcookies;    /* number of cookies in the "jar" */
+  unsigned int lastct;        /* last creation-time used in the jar */
+  BIT(running);               /* state info, for cookie adding information */
   BIT(newsession); /* new session, discard session cookies on load */
 };
 
@@ -130,7 +130,7 @@ void Curl_cookie_clearsess(struct CookieInfo *cookies);
 #define Curl_cookie_init() NULL
 #define Curl_cookie_run(x) Curl_nop_stmt
 #define Curl_cookie_cleanup(x) Curl_nop_stmt
-#define Curl_flush_cookies(x,y) Curl_nop_stmt
+#define Curl_flush_cookies(x, y) Curl_nop_stmt
 #else
 void Curl_flush_cookies(struct Curl_easy *data, bool cleanup);
 void Curl_cookie_cleanup(struct CookieInfo *c);
diff --git a/lib/cshutdn.c b/lib/cshutdn.c
index 0a4ab41647..26c8f9c0dd 100644
--- a/lib/cshutdn.c
+++ b/lib/cshutdn.c
@@ -119,7 +119,6 @@ void Curl_cshutdn_run_once(struct Curl_easy *data,
   Curl_detach_connection(data);
 }
 
-
 void Curl_cshutdn_terminate(struct Curl_easy *data,
                             struct connectdata *conn,
                             bool do_shutdown)
@@ -227,7 +226,6 @@ out:
   return result;
 }
 
-
 static void cshutdn_perform(struct cshutdn *cshutdn,
                             struct Curl_easy *data)
 {
@@ -270,7 +268,6 @@ static void cshutdn_perform(struct cshutdn *cshutdn,
     Curl_expire_ex(data, nowp, next_expire_ms, EXPIRE_SHUTDOWN);
 }
 
-
 static void cshutdn_terminate_all(struct cshutdn *cshutdn,
                                   struct Curl_easy *data,
                                   int timeout_ms)
@@ -301,7 +298,7 @@ static void cshutdn_terminate_all(struct cshutdn *cshutdn,
     spent_ms = curlx_timediff_ms(curlx_now(), started);
     if(spent_ms >= (timediff_t)timeout_ms) {
       CURL_TRC_M(data, "[SHUTDOWN] shutdown finished, %s",
-                (timeout_ms > 0) ? "timeout" : "best effort done");
+                 (timeout_ms > 0) ? "timeout" : "best effort done");
       break;
     }
 
@@ -325,7 +322,6 @@ static void cshutdn_terminate_all(struct cshutdn *cshutdn,
   sigpipe_restore(&pipe_st);
 }
 
-
 int Curl_cshutdn_init(struct cshutdn *cshutdn,
                       struct Curl_multi *multi)
 {
@@ -336,7 +332,6 @@ int Curl_cshutdn_init(struct cshutdn *cshutdn,
   return 0; /* good */
 }
 
-
 void Curl_cshutdn_destroy(struct cshutdn *cshutdn,
                           struct Curl_easy *data)
 {
@@ -388,7 +383,6 @@ size_t Curl_cshutdn_dest_count(struct Curl_easy *data,
   return 0;
 }
 
-
 static CURLMcode cshutdn_update_ev(struct cshutdn *cshutdn,
                                    struct Curl_easy *data,
                                    struct connectdata *conn)
@@ -404,7 +398,6 @@ static CURLMcode cshutdn_update_ev(struct cshutdn *cshutdn,
   return mresult;
 }
 
-
 void Curl_cshutdn_add(struct cshutdn *cshutdn,
                       struct connectdata *conn,
                       size_t conns_in_pool)
@@ -436,7 +429,6 @@ void Curl_cshutdn_add(struct cshutdn *cshutdn,
              conn->connection_id, Curl_llist_count(&cshutdn->list));
 }
 
-
 static void cshutdn_multi_socket(struct cshutdn *cshutdn,
                                  struct Curl_easy *data,
                                  curl_socket_t s)
@@ -461,7 +453,6 @@ static void cshutdn_multi_socket(struct cshutdn *cshutdn,
   }
 }
 
-
 void Curl_cshutdn_perform(struct cshutdn *cshutdn,
                           struct Curl_easy *data,
                           curl_socket_t s)
@@ -483,8 +474,7 @@ void Curl_cshutdn_setfds(struct cshutdn *cshutdn,
     struct easy_pollset ps;
 
     Curl_pollset_init(&ps);
-    for(e = Curl_llist_head(&cshutdn->list); e;
-        e = Curl_node_next(e)) {
+    for(e = Curl_llist_head(&cshutdn->list); e; e = Curl_node_next(e)) {
       unsigned int i;
       struct connectdata *conn = Curl_node_elem(e);
       CURLcode result;
@@ -535,8 +525,7 @@ unsigned int Curl_cshutdn_add_waitfds(struct cshutdn *cshutdn,
     CURLcode result;
 
     Curl_pollset_init(&ps);
-    for(e = Curl_llist_head(&cshutdn->list); e;
-        e = Curl_node_next(e)) {
+    for(e = Curl_llist_head(&cshutdn->list); e; e = Curl_node_next(e)) {
       conn = Curl_node_elem(e);
       Curl_pollset_reset(&ps);
       Curl_attach_connection(data, conn);
@@ -563,8 +552,7 @@ CURLcode Curl_cshutdn_add_pollfds(struct cshutdn *cshutdn,
     struct connectdata *conn;
 
     Curl_pollset_init(&ps);
-    for(e = Curl_llist_head(&cshutdn->list); e;
-        e = Curl_node_next(e)) {
+    for(e = Curl_llist_head(&cshutdn->list); e; e = Curl_node_next(e)) {
       conn = Curl_node_elem(e);
       Curl_pollset_reset(&ps);
       Curl_attach_connection(data, conn);

From 6d156bc05f6d96a84a5c6a464dee638870e92094 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sun, 30 Nov 2025 01:26:56 +0100
Subject: [PATCH 1065/2408] tests/data: replace Perl `&&` with `and` for
 XML-compliance

Bringing down non-XML-compliant files to 50 (from 58).

Follow-up to 7f3731ce142c1d74023abad183cc8ce0fd527fab #19595

Closes #19765
---
 tests/data/test1506 | 3 +--
 tests/data/test1510 | 3 +--
 tests/data/test1512 | 3 +--
 tests/data/test1542 | 3 +--
 tests/data/test2402 | 3 +--
 tests/data/test2404 | 3 +--
 tests/data/test2502 | 3 +--
 tests/data/test96   | 3 +--
 8 files changed, 8 insertions(+), 16 deletions(-)

diff --git a/tests/data/test1506 b/tests/data/test1506
index cd7654a0d8..677d16773c 100644
--- a/tests/data/test1506
+++ b/tests/data/test1506
@@ -4,7 +4,6 @@
 HTTP
 multi
 verbose logs
-notxml
 
 
 
@@ -93,7 +92,7 @@ Accept: */*
 * Connection #3 to host server4.example.com:%HTTPPORT left intact
 
 
-$_ = '' if(($_ !~ /left intact/) && ($_ !~ /Closing connection/))
+$_ = '' if(($_ !~ /left intact/) and ($_ !~ /Closing connection/))
 
 
 
diff --git a/tests/data/test1510 b/tests/data/test1510
index febe7d76ea..7a688c81a2 100644
--- a/tests/data/test1510
+++ b/tests/data/test1510
@@ -4,7 +4,6 @@
 HTTP
 verbose logs
 flaky
-notxml
 
 
 
@@ -90,7 +89,7 @@ Accept: */*
 * Connection #3 to host server4.example.com:%HTTPPORT left intact
 
 
-$_ = '' if(($_ !~ /left intact/) && ($_ !~ /Closing connection/))
+$_ = '' if(($_ !~ /left intact/) and ($_ !~ /Closing connection/))
 
 
 
diff --git a/tests/data/test1512 b/tests/data/test1512
index 3798d7325b..74547cdd28 100644
--- a/tests/data/test1512
+++ b/tests/data/test1512
@@ -3,7 +3,6 @@
 
 HTTP
 GLOBAL DNS CACHE
-notxml
 
 
 
@@ -75,7 +74,7 @@ Accept: */*
 ^Host:.*
 
 
-$_ = '' if(($_ !~ /left intact/) && ($_ !~ /Closing connection/))
+$_ = '' if(($_ !~ /left intact/) and ($_ !~ /Closing connection/))
 
 
 
diff --git a/tests/data/test1542 b/tests/data/test1542
index 044fe518a4..41cf014324 100644
--- a/tests/data/test1542
+++ b/tests/data/test1542
@@ -6,7 +6,6 @@ connection reuse
 persistent connection
 CURLOPT_MAXLIFETIME_CONN
 verbose logs
-notxml
 
 
 
@@ -66,7 +65,7 @@ Accept: */*
 == Info: Connection #1 to host %HOSTIP:%HTTPPORT left intact
 
 
-$_ = '' if(($_ !~ /left intact/) && ($_ !~ /(closing|shutting down) connection #\d+/))
+$_ = '' if(($_ !~ /left intact/) and ($_ !~ /(closing|shutting down) connection #\d+/))
 
 
 
diff --git a/tests/data/test2402 b/tests/data/test2402
index ba3fcc85b4..5dc357f58f 100644
--- a/tests/data/test2402
+++ b/tests/data/test2402
@@ -5,7 +5,6 @@ HTTP
 HTTP/2
 multi
 verbose logs
-notxml
 
 
 
@@ -104,7 +103,7 @@ Via: 2 nghttpx
 * Connection #0 to host localhost:%HTTP2TLSPORT left intact
 
 
-$_ = '' if(($_ !~ /left intact/) && ($_ !~ /Closing connection/))
+$_ = '' if(($_ !~ /left intact/) and ($_ !~ /Closing connection/))
 
 
 
diff --git a/tests/data/test2404 b/tests/data/test2404
index 5034a15c3c..3dbb726be9 100644
--- a/tests/data/test2404
+++ b/tests/data/test2404
@@ -5,7 +5,6 @@ HTTP
 HTTP/2
 multi
 verbose logs
-notxml
 
 
 
@@ -104,7 +103,7 @@ Via: 2 nghttpx
 * Connection #0 to host localhost:%HTTP2TLSPORT left intact
 
 
-$_ = '' if(($_ !~ /left intact/) && ($_ !~ /Closing connection/))
+$_ = '' if(($_ !~ /left intact/) and ($_ !~ /Closing connection/))
 
 
 
diff --git a/tests/data/test2502 b/tests/data/test2502
index ac6cd3cf58..c76b041874 100644
--- a/tests/data/test2502
+++ b/tests/data/test2502
@@ -5,7 +5,6 @@ HTTP
 HTTP/3
 multi
 verbose logs
-notxml
 
 
 
@@ -99,7 +98,7 @@ Via: 3 nghttpx
 == Info: Connection #0 to host localhost:%HTTP3PORT left intact
 
 
-$_ = '' if(($_ !~ /left intact/) && ($_ !~ /Closing connection/))
+$_ = '' if(($_ !~ /left intact/) and ($_ !~ /Closing connection/))
 
 
 Maximum allocated: 1800000
diff --git a/tests/data/test96 b/tests/data/test96
index de4b7c18ad..a99114a3b3 100644
--- a/tests/data/test96
+++ b/tests/data/test96
@@ -2,7 +2,6 @@
 
 
 TrackMemory
-notxml
 
 
 
@@ -37,7 +36,7 @@ MEM tool_cfgable.c
 MEM tool_cfgable.c
 
 
-$_ = '' if((($_ !~ /tool_paramhlp/) && ($_ !~ /tool_cfgable/)) || ($_ =~ /free\(\(nil\)\)/))
+$_ = '' if((($_ !~ /tool_paramhlp/) and ($_ !~ /tool_cfgable/)) || ($_ =~ /free\(\(nil\)\)/))
 s/:\d+.*//
 s:^(MEM )(.*/)(.*):$1$3:
 

From 2d2d70b6e568f229d140264361a219851de1fd56 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sun, 30 Nov 2025 01:45:57 +0100
Subject: [PATCH 1066/2408] test613.pl: integrate mtime check for test 1445,
 1446

Move check logic from postchecks to `test613.pl`.

To make these test data files XML-compliant.
Also to avoid POSIX/bash-shellisms in postcheck.

Closes #19766
---
 tests/data/test1445      | 4 +---
 tests/data/test1446      | 7 +------
 tests/libtest/test613.pl | 9 ++++++++-
 3 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/tests/data/test1445 b/tests/data/test1445
index 705162be2d..08c12c9647 100644
--- a/tests/data/test1445
+++ b/tests/data/test1445
@@ -3,7 +3,6 @@
 
 FILE
 --remote-time
-notxml
 
 
 
@@ -29,8 +28,7 @@ file://localhost%FILE_PWD/%LOGDIR/test%TESTNUMBER.dir/plainfile.txt --remote-tim
 # Verify data after the test has been "shot"
 
 
-%PERL %SRCDIR/libtest/test613.pl postprocess %PWD/%LOGDIR/test%TESTNUMBER.dir && \
-%PERL -e 'exit((stat("%LOGDIR/curl%TESTNUMBER.out"))[9] != 946728000)'
+%PERL %SRCDIR/libtest/test613.pl postprocess %PWD/%LOGDIR/test%TESTNUMBER.dir %LOGDIR/curl%TESTNUMBER.out 946728000
 
 
 
diff --git a/tests/data/test1446 b/tests/data/test1446
index 448eefbc1f..aa87ce11e1 100644
--- a/tests/data/test1446
+++ b/tests/data/test1446
@@ -3,16 +3,13 @@
 
 SFTP
 --remote-time
-notxml
 
 
 
-#
 # Server-side
 
 
 
-#
 # Client-side
 
 
@@ -29,12 +26,10 @@ SFTP with --remote-time
 
 
 
-#
 # Verify data after the test has been "shot"
 
 
-%PERL %SRCDIR/libtest/test613.pl postprocess %PWD/%LOGDIR/test%TESTNUMBER.dir && \
-%PERL -e 'exit((stat("%LOGDIR/curl%TESTNUMBER.out"))[9] != 978264000)'
+%PERL %SRCDIR/libtest/test613.pl postprocess %PWD/%LOGDIR/test%TESTNUMBER.dir %LOGDIR/curl%TESTNUMBER.out 978264000
 
 
 
diff --git a/tests/libtest/test613.pl b/tests/libtest/test613.pl
index 88c0e49682..3cccb6ed7f 100755
--- a/tests/libtest/test613.pl
+++ b/tests/libtest/test613.pl
@@ -83,7 +83,6 @@ if($ARGV[0] eq "prepare") {
 }
 elsif($ARGV[0] eq "postprocess") {
     my $dirname = $ARGV[1];
-    my $logfile = $ARGV[2];
 
     # Clean up the test directory
     if($^O eq 'cygwin') {
@@ -97,6 +96,14 @@ elsif($ARGV[0] eq "postprocess") {
 
     rmdir $dirname || die "$!";
 
+    if($#ARGV >= 3) {  # Verify mtime if requested
+        my $checkfile = $ARGV[2];
+        my $expected_mtime = int($ARGV[3]);
+        my $mtime = (stat($checkfile))[9];
+        exit ($mtime != $expected_mtime);
+    }
+
+    my $logfile = $ARGV[2];
     if($logfile && -s $logfile) {
         # Process the directory file to remove all information that
         # could be inconsistent from one test run to the next (e.g.

From 0180af248119d373b74b6906c5adac71d4b6cdfe Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sun, 30 Nov 2025 02:57:39 +0100
Subject: [PATCH 1067/2408] tests/data: add `%PERL` to postcheck commands where
 missing

To avoid potentially executing a different Perl than used by the rest
of the build and tests.

Also to be more portable by not relying on shebang support, though these
particular tests require POSIX shell anyway.

Closes #19767
---
 tests/data/test1013 | 2 +-
 tests/data/test1014 | 2 +-
 tests/data/test1022 | 2 +-
 tests/data/test1023 | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/tests/data/test1013 b/tests/data/test1013
index aee2bfbefb..ef7cd958aa 100644
--- a/tests/data/test1013
+++ b/tests/data/test1013
@@ -25,7 +25,7 @@ Compare curl --version with curl-config --protocols
 # Verify data after the test has been "shot"
 
 
-%SRCDIR/libtest/test%TESTNUMBER.pl ../curl-config %LOGDIR/stdout%TESTNUMBER protocols
+%PERL %SRCDIR/libtest/test%TESTNUMBER.pl ../curl-config %LOGDIR/stdout%TESTNUMBER protocols
 
 
 0
diff --git a/tests/data/test1014 b/tests/data/test1014
index 7dce0d8e15..72289bc4ad 100644
--- a/tests/data/test1014
+++ b/tests/data/test1014
@@ -25,7 +25,7 @@ Compare curl --version with curl-config --features
 # Verify data after the test has been "shot"
 
 
-%SRCDIR/libtest/test1013.pl ../curl-config %LOGDIR/stdout%TESTNUMBER features > %LOGDIR/result%TESTNUMBER
+%PERL %SRCDIR/libtest/test1013.pl ../curl-config %LOGDIR/stdout%TESTNUMBER features > %LOGDIR/result%TESTNUMBER
 
 
 0
diff --git a/tests/data/test1022 b/tests/data/test1022
index 888c9ea102..b3b6bc04a2 100644
--- a/tests/data/test1022
+++ b/tests/data/test1022
@@ -25,7 +25,7 @@ Compare curl --version with curl-config --version
 # Verify data after the test has been "shot"
 
 
-%SRCDIR/libtest/test%TESTNUMBER.pl ../curl-config %LOGDIR/stdout%TESTNUMBER version
+%PERL %SRCDIR/libtest/test%TESTNUMBER.pl ../curl-config %LOGDIR/stdout%TESTNUMBER version
 
 
 0
diff --git a/tests/data/test1023 b/tests/data/test1023
index 40fb11f81e..6e55d235e8 100644
--- a/tests/data/test1023
+++ b/tests/data/test1023
@@ -25,7 +25,7 @@ Compare curl --version with curl-config --vernum
 # Verify data after the test has been "shot"
 
 
-%SRCDIR/libtest/test1022.pl ../curl-config %LOGDIR/stdout%TESTNUMBER vernum
+%PERL %SRCDIR/libtest/test1022.pl ../curl-config %LOGDIR/stdout%TESTNUMBER vernum
 
 
 0

From fdf9937cef62755f67e7d622d6fdd296eb542009 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sun, 30 Nov 2025 12:34:02 +0100
Subject: [PATCH 1068/2408] rtmp: stop redefining `setsockopt` system symbol on
 Windows

Before this patch it added Windows-specific casts. In unity builds this
also affected other source files.

`setsockopt()` is called without special casts in other places in
the code, and passing a non-const char ptr to a const char ptr arg also
should work.

Basic compile test with mingw-w64 confirms. In case of issues, a cast to
`curl_socklen_t` can be used, or do the special case in an `#if` branch.

Also: merge Windows-specific guards for `SET_RCVTIMEO()`.

Follow-up to 639d052e4499c663a578d940713e40cd466268fa #3155
Follow-up to 04cb15ae9dc0e863487ee55de2226cf5033311c0

Closes #19768
---
 lib/curl_rtmp.c | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/lib/curl_rtmp.c b/lib/curl_rtmp.c
index b2dd937008..6f9e7c37b4 100644
--- a/lib/curl_rtmp.c
+++ b/lib/curl_rtmp.c
@@ -37,10 +37,7 @@
 #include 
 #include 
 
-#if defined(_WIN32) && !defined(USE_LWIPSOCK)
-#define setsockopt(a,b,c,d,e) (setsockopt)(a,b,c,(const char *)d,(int)e)
-#define SET_RCVTIMEO(tv,s)   int tv = s*1000
-#elif defined(LWIP_SO_SNDRCVTIMEO_NONSTANDARD)
+#if defined(USE_WINSOCK) || defined(LWIP_SO_SNDRCVTIMEO_NONSTANDARD)
 #define SET_RCVTIMEO(tv,s)   int tv = s*1000
 #else
 #define SET_RCVTIMEO(tv,s)   struct timeval tv = {s,0}

From 003689c3d37510f7073d203ed94c882c19653fac Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sun, 30 Nov 2025 12:52:46 +0100
Subject: [PATCH 1069/2408] cf-socket: drop feature check for `IPV6_V6ONLY` on
 Windows

The macro is present in all supported Windows toolchains.

It's present in mingw-w64 v3+, and in MS SDK 6.0A+ (maybe earlier).

Also:
- restrict this logic to `USE_WINSOCK` (was: `_WIN32`), to exclude
  alternate socket libraries (i.e. lwIP). lwIP supports `IPV6_V6ONLY`
  since its 2.0.0 (2016-11-10) release and it's disabled by default,
  unlike in Winsock.
  Ref: https://github.com/lwip-tcpip/lwip/commit/e65202f8257e55b09e6309b1aa405b5e6a017f0d
- delete interim setter function/dummy macro `set_ipv6_v6only()`.

Follow-up to a28f5f68b965119d9dd1ab6c2a2ccc66c6ed5d1f #18010
Follow-up to ca3f6decb927a4c3eb4c10fba09848b626a526d6 #10975

Closes #19769
---
 lib/cf-socket.c | 29 ++++++++++++-----------------
 1 file changed, 12 insertions(+), 17 deletions(-)

diff --git a/lib/cf-socket.c b/lib/cf-socket.c
index a129959416..0e431976c9 100644
--- a/lib/cf-socket.c
+++ b/lib/cf-socket.c
@@ -83,22 +83,6 @@
 #include "curlx/strparse.h"
 
 
-#if defined(USE_IPV6) && defined(IPV6_V6ONLY) && defined(_WIN32)
-/* It makes support for IPv4-mapped IPv6 addresses.
- * Linux kernel, NetBSD, FreeBSD and Darwin: default is off;
- * Windows Vista and later: default is on;
- * DragonFly BSD: acts like off, and dummy setting;
- * OpenBSD and earlier Windows: unsupported.
- * Linux: controlled by /proc/sys/net/ipv6/bindv6only.
- */
-static void set_ipv6_v6only(curl_socket_t sockfd, int on)
-{
-  (void)setsockopt(sockfd, IPPROTO_IPV6, IPV6_V6ONLY, (void *)&on, sizeof(on));
-}
-#else
-#define set_ipv6_v6only(x, y)
-#endif
-
 static void tcpnodelay(struct Curl_cfilter *cf,
                        struct Curl_easy *data,
                        curl_socket_t sockfd)
@@ -1114,7 +1098,18 @@ static CURLcode cf_socket_open(struct Curl_cfilter *cf,
 
 #ifdef USE_IPV6
   if(ctx->addr.family == AF_INET6) {
-    set_ipv6_v6only(ctx->sock, 0);
+#ifdef USE_WINSOCK
+    /* Turn on support for IPv4-mapped IPv6 addresses.
+     * Linux kernel, NetBSD, FreeBSD, Darwin, lwIP: default is off;
+     * Windows Vista and later: default is on;
+     * DragonFly BSD: acts like off, and dummy setting;
+     * OpenBSD and earlier Windows: unsupported.
+     * Linux: controlled by /proc/sys/net/ipv6/bindv6only.
+     */
+    int on = 0;
+    (void)setsockopt(ctx->sock, IPPROTO_IPV6, IPV6_V6ONLY,
+                     (void *)&on, sizeof(on));
+#endif
     infof(data, "  Trying [%s]:%d...", ctx->ip.remote_ip, ctx->ip.remote_port);
   }
   else

From 815bf7664999cb733438c9dd54bbbd8f1737679e Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sun, 30 Nov 2025 17:16:03 +0100
Subject: [PATCH 1070/2408] autotools: delete idle `AM_CFLAGS`, `AM_LDFLAGS`
 variables

Closes #19771
---
 lib/Makefile.am | 9 +++------
 src/Makefile.am | 3 +--
 2 files changed, 4 insertions(+), 8 deletions(-)

diff --git a/lib/Makefile.am b/lib/Makefile.am
index 784b7f35d6..2645872ebf 100644
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -63,8 +63,6 @@ AM_CPPFLAGS = -I$(top_srcdir)/include   \
 # Prevent LIBS from being used for all link targets
 LIBS = $(BLANK_AT_MAKETIME)
 
-AM_LDFLAGS =
-AM_CFLAGS =
 if DEBUGBUILD
 AM_CPPFLAGS += -DDEBUGBUILD
 endif
@@ -136,12 +134,11 @@ libcurl_la_CFLAGS_EXTRA += $(CFLAG_CURL_SYMBOL_HIDING)
 endif
 
 libcurl_la_CPPFLAGS = $(AM_CPPFLAGS) $(libcurl_la_CPPFLAGS_EXTRA)
-libcurl_la_LDFLAGS = $(AM_LDFLAGS) $(libcurl_la_LDFLAGS_EXTRA) $(CURL_LDFLAGS_LIB) $(LIBCURL_PC_LIBS_PRIVATE)
-libcurl_la_CFLAGS = $(AM_CFLAGS) $(libcurl_la_CFLAGS_EXTRA)
+libcurl_la_LDFLAGS = $(libcurl_la_LDFLAGS_EXTRA) $(CURL_LDFLAGS_LIB) $(LIBCURL_PC_LIBS_PRIVATE)
+libcurl_la_CFLAGS = $(libcurl_la_CFLAGS_EXTRA)
 
 libcurlu_la_CPPFLAGS = $(AM_CPPFLAGS) -DCURL_STATICLIB -DUNITTESTS
-libcurlu_la_LDFLAGS = $(AM_LDFLAGS) -static $(LIBCURL_PC_LIBS_PRIVATE)
-libcurlu_la_CFLAGS = $(AM_CFLAGS)
+libcurlu_la_LDFLAGS = -static $(LIBCURL_PC_LIBS_PRIVATE)
 
 CHECKSRC = $(CS_$(V))
 CS_0 = @echo "  RUN     " $@;
diff --git a/src/Makefile.am b/src/Makefile.am
index c1bcf27359..169a64f713 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -61,7 +61,6 @@ if CURLDEBUG
 AM_CPPFLAGS += -DCURLDEBUG
 endif
 
-AM_LDFLAGS =
 if USE_UNICODE
 UNICODEFLAG = -municode
 endif
@@ -94,7 +93,7 @@ curl_SOURCES += $(CURL_RCFILES)
 $(CURL_RCFILES): tool_version.h
 endif
 
-curl_LDFLAGS = $(AM_LDFLAGS) $(CURL_LDFLAGS_BIN) $(UNICODEFLAG)
+curl_LDFLAGS = $(CURL_LDFLAGS_BIN) $(UNICODEFLAG)
 
 # This might hold -Werror
 CFLAGS += @CURL_CFLAG_EXTRAS@

From 4e8d5da7eeaa83c9d2e5cc62fb92231cf75d3c94 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sun, 30 Nov 2025 17:31:24 +0100
Subject: [PATCH 1071/2408] vtls: drop interim ECH feature macros (OpenSSL,
 wolfSSL)

Use the macros set by autotools and cmake, to simplify.

Closes #19772
---
 lib/vtls/openssl.c | 24 ++++++++++--------------
 lib/vtls/wolfssl.c | 12 ++++--------
 2 files changed, 14 insertions(+), 22 deletions(-)

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index a958698b58..67466e6e41 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -86,11 +86,7 @@
 #include 
 #include 
 
-#ifdef HAVE_SSL_SET1_ECH_CONFIG_LIST
-#define USE_ECH_OPENSSL
-#endif
-
-#if defined(USE_ECH_OPENSSL) && !defined(HAVE_BORINGSSL_LIKE)
+#if defined(HAVE_SSL_SET1_ECH_CONFIG_LIST) && !defined(HAVE_BORINGSSL_LIKE)
 #include 
 #endif
 
@@ -3447,7 +3443,7 @@ ossl_init_session_and_alpns(struct ossl_ctx *octx,
   return CURLE_OK;
 }
 
-#ifdef USE_ECH_OPENSSL
+#ifdef HAVE_SSL_SET1_ECH_CONFIG_LIST
 static CURLcode ossl_init_ech(struct ossl_ctx *octx,
                               struct Curl_cfilter *cf,
                               struct Curl_easy *data,
@@ -3576,7 +3572,7 @@ static CURLcode ossl_init_ech(struct ossl_ctx *octx,
 
   return CURLE_OK;
 }
-#endif /* USE_ECH_OPENSSL */
+#endif /* HAVE_SSL_SET1_ECH_CONFIG_LIST */
 
 static CURLcode ossl_init_ssl(struct ossl_ctx *octx,
                               struct Curl_cfilter *cf,
@@ -3611,13 +3607,13 @@ static CURLcode ossl_init_ssl(struct ossl_ctx *octx,
     }
   }
 
-#ifdef USE_ECH_OPENSSL
+#ifdef HAVE_SSL_SET1_ECH_CONFIG_LIST
   {
     CURLcode result = ossl_init_ech(octx, cf, data, peer);
     if(result)
       return result;
   }
-#endif /* USE_ECH_OPENSSL */
+#endif /* HAVE_SSL_SET1_ECH_CONFIG_LIST */
 
   return ossl_init_session_and_alpns(octx, cf, data, peer,
                                      alpns_requested, sess_reuse_cb);
@@ -4091,7 +4087,7 @@ static CURLcode ossl_connect_step1(struct Curl_cfilter *cf,
   return CURLE_OK;
 }
 
-#ifdef USE_ECH_OPENSSL
+#ifdef HAVE_SSL_SET1_ECH_CONFIG_LIST
 /* If we have retry configs, then trace those out */
 static void ossl_trace_ech_retry_configs(struct Curl_easy *data, SSL *ssl,
                                          int reason)
@@ -4262,7 +4258,7 @@ static CURLcode ossl_connect_step2(struct Curl_cfilter *cf,
               ossl_strerror(errdetail, error_buffer, sizeof(error_buffer)));
       }
 #endif
-#ifdef USE_ECH_OPENSSL
+#ifdef HAVE_SSL_SET1_ECH_CONFIG_LIST
       else if((lib == ERR_LIB_SSL) &&
 # ifndef HAVE_BORINGSSL_LIKE
               (reason == SSL_R_ECH_REQUIRED)) {
@@ -4309,7 +4305,7 @@ static CURLcode ossl_connect_step2(struct Curl_cfilter *cf,
     connssl->connecting_state = ssl_connect_3;
     Curl_ossl_report_handshake(data, octx);
 
-#if defined(USE_ECH_OPENSSL) && !defined(HAVE_BORINGSSL_LIKE)
+#if defined(HAVE_SSL_SET1_ECH_CONFIG_LIST) && !defined(HAVE_BORINGSSL_LIKE)
     if(ECH_ENABLED(data)) {
       char *inner = NULL, *outer = NULL;
       const char *status = NULL;
@@ -4367,7 +4363,7 @@ static CURLcode ossl_connect_step2(struct Curl_cfilter *cf,
     else {
       infof(data, "ECH: result: status is not attempted");
     }
-#endif /* USE_ECH_OPENSSL && !HAVE_BORINGSSL_LIKE */
+#endif /* HAVE_SSL_SET1_ECH_CONFIG_LIST && !HAVE_BORINGSSL_LIKE */
 
 #ifdef HAS_ALPN_OPENSSL
     /* Sets data and len to negotiated protocol, len is 0 if no protocol was
@@ -5435,7 +5431,7 @@ const struct Curl_ssl Curl_ssl_openssl = {
 #ifdef HAVE_SSL_CTX_SET1_SIGALGS
   SSLSUPP_SIGNATURE_ALGORITHMS |
 #endif
-#ifdef USE_ECH_OPENSSL
+#ifdef HAVE_SSL_SET1_ECH_CONFIG_LIST
   SSLSUPP_ECH |
 #endif
   SSLSUPP_CA_CACHE |
diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c
index 62bf723efd..cfefeb9320 100644
--- a/lib/vtls/wolfssl.c
+++ b/lib/vtls/wolfssl.c
@@ -75,10 +75,6 @@
 #include 
 #include "wolfssl.h"
 
-#ifdef HAVE_WOLFSSL_CTX_GENERATEECHCONFIG
-#define USE_ECH_WOLFSSL
-#endif
-
 /* KEEP_PEER_CERT is a product of the presence of build time symbol
    OPENSSL_EXTRA without NO_CERTS, depending on the version. KEEP_PEER_CERT is
    in wolfSSL's settings.h, and the latter two are build time symbols in
@@ -1364,7 +1360,7 @@ CURLcode Curl_wssl_ctx_init(struct wssl_ctx *wctx,
   }
 #endif /* HAVE_SECURE_RENEGOTIATION */
 
-#ifdef USE_ECH_WOLFSSL
+#ifdef HAVE_WOLFSSL_CTX_GENERATEECHCONFIG
   if(ECH_ENABLED(data)) {
     int trying_ech_now = 0;
 
@@ -1449,7 +1445,7 @@ CURLcode Curl_wssl_ctx_init(struct wssl_ctx *wctx,
     }
 
   }
-#endif  /* USE_ECH_WOLFSSL */
+#endif /* HAVE_WOLFSSL_CTX_GENERATEECHCONFIG */
 
   result = CURLE_OK;
 
@@ -1786,7 +1782,7 @@ static CURLcode wssl_handshake(struct Curl_cfilter *cf, struct Curl_easy *data)
         return wssl->io_result;
       }
     }
-#ifdef USE_ECH_WOLFSSL
+#ifdef HAVE_WOLFSSL_CTX_GENERATEECHCONFIG
     else if(detail == -1) {
       /* try access a retry_config ECHConfigList for tracing */
       byte echConfigs[1000];
@@ -2282,7 +2278,7 @@ const struct Curl_ssl Curl_ssl_wolfssl = {
 #endif
   SSLSUPP_CA_PATH |
   SSLSUPP_CAINFO_BLOB |
-#ifdef USE_ECH_WOLFSSL
+#ifdef HAVE_WOLFSSL_CTX_GENERATEECHCONFIG
   SSLSUPP_ECH |
 #endif
   SSLSUPP_SSL_CTX |

From f553bff6ee719cf04402b28305e911458b5b6d36 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sun, 30 Nov 2025 23:27:06 +0100
Subject: [PATCH 1072/2408] cmakelint: also lint CMake `.in` files, fix a long
 line

```
CMakeConfigurableFile.in
cmake_uninstall.cmake.in
curl-config.cmake.in
```

Follow-up to 16f073ef49f94412000218c9f6ad04e3fd7e4d01 #16973
Closes #19773
---
 CMake/curl-config.cmake.in | 3 ++-
 scripts/cmakelint.sh       | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/CMake/curl-config.cmake.in b/CMake/curl-config.cmake.in
index c4e9f59e86..33d540da27 100644
--- a/CMake/curl-config.cmake.in
+++ b/CMake/curl-config.cmake.in
@@ -23,7 +23,8 @@
 ###########################################################################
 @PACKAGE_INIT@
 
-option(CURL_USE_PKGCONFIG "Enable pkg-config to detect @PROJECT_NAME@ dependencies. Default: @CURL_USE_PKGCONFIG@" "@CURL_USE_PKGCONFIG@")
+option(CURL_USE_PKGCONFIG "Enable pkg-config to detect @PROJECT_NAME@ dependencies. Default: @CURL_USE_PKGCONFIG@"
+  "@CURL_USE_PKGCONFIG@")
 
 include(CMakeFindDependencyMacro)
 
diff --git a/scripts/cmakelint.sh b/scripts/cmakelint.sh
index 325a07b5e6..1e1cc592ed 100755
--- a/scripts/cmakelint.sh
+++ b/scripts/cmakelint.sh
@@ -52,7 +52,7 @@ cd "$(dirname "$0")"/..
     # strip off the leading ./ to make the grep regexes work properly
     find . -type f | sed 's@^\./@@'
   fi
-} | grep -E '(^CMake|/CMake|\.cmake$)' | grep -v -E '(\.h\.cmake|\.in|\.c)$' \
+} | grep -E '(^CMake|/CMake|\.cmake$)' | grep -v -E '(\.h\.cmake|\.c)$' \
   | xargs \
   cmake-lint \
     --suppress-decorations \

From 7799d15eef302cdc3fdbbe1dec5c43df2048ec9e Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 1 Dec 2025 00:34:33 +0100
Subject: [PATCH 1073/2408] cmake: fix `ws2_32` reference in
 `curl-config.cmake`

Follow-up to 16f073ef49f94412000218c9f6ad04e3fd7e4d01 #16973
Follow-up to 554dfa556886c3d7425f6690f3fc408128bf4744 #17927

Closes #19775
---
 CMake/curl-config.cmake.in | 2 +-
 CMakeLists.txt             | 1 -
 2 files changed, 1 insertion(+), 2 deletions(-)

diff --git a/CMake/curl-config.cmake.in b/CMake/curl-config.cmake.in
index 33d540da27..525f2d3dbe 100644
--- a/CMake/curl-config.cmake.in
+++ b/CMake/curl-config.cmake.in
@@ -133,7 +133,7 @@ set(CMAKE_MODULE_PATH ${_curl_cmake_module_path_save})
 
 if(CMAKE_C_COMPILER_ID STREQUAL "GNU" AND WIN32 AND NOT TARGET CURL::win32_winsock)
   add_library(CURL::win32_winsock INTERFACE IMPORTED)
-  set_target_properties(CURL::win32_winsock PROPERTIES INTERFACE_LINK_LIBRARIES "@_win32_winsock@")
+  set_target_properties(CURL::win32_winsock PROPERTIES INTERFACE_LINK_LIBRARIES "ws2_32")
 endif()
 
 include("${CMAKE_CURRENT_LIST_DIR}/@TARGETS_EXPORT_NAME@.cmake")
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 2af1679c99..5bcf0b6a63 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -2340,7 +2340,6 @@ if(NOT CURL_DISABLE_INSTALL)
   #   USE_RUSTLS
   #   USE_WIN32_LDAP CURL_DISABLE_LDAP
   #   USE_WOLFSSL
-  #   _win32_winsock
   configure_package_config_file("CMake/curl-config.cmake.in"
     "${_project_config}"
     INSTALL_DESTINATION ${_install_cmake_dir}

From bf58ca6e8f5f518c1f4b4acab03acb1b60e25c00 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 1 Dec 2025 01:17:41 +0100
Subject: [PATCH 1074/2408] cmake: narrow scope of custom `CMAKE_MODULE_PATH`
 in `curl-config.cmake`

Set it only while using local Find modules, leave it as-is while using
system ones.

Follow-up to 16f073ef49f94412000218c9f6ad04e3fd7e4d01 #16973
Cherry-picked from #19776
---
 CMake/curl-config.cmake.in | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/CMake/curl-config.cmake.in b/CMake/curl-config.cmake.in
index 525f2d3dbe..97c60d3a8d 100644
--- a/CMake/curl-config.cmake.in
+++ b/CMake/curl-config.cmake.in
@@ -28,10 +28,6 @@ option(CURL_USE_PKGCONFIG "Enable pkg-config to detect @PROJECT_NAME@ dependenci
 
 include(CMakeFindDependencyMacro)
 
-set(_curl_cmake_module_path_save ${CMAKE_MODULE_PATH})
-set(CMAKE_MODULE_PATH ${CMAKE_CURRENT_LIST_DIR} ${CMAKE_MODULE_PATH})
-
-set(_libs "")
 if("@USE_OPENSSL@")
   if("@OPENSSL_VERSION_MAJOR@")
     find_dependency(OpenSSL "@OPENSSL_VERSION_MAJOR@")
@@ -42,6 +38,12 @@ endif()
 if("@HAVE_LIBZ@")
   find_dependency(ZLIB "@ZLIB_VERSION_MAJOR@")
 endif()
+
+set(_curl_cmake_module_path_save ${CMAKE_MODULE_PATH})
+set(CMAKE_MODULE_PATH ${CMAKE_CURRENT_LIST_DIR} ${CMAKE_MODULE_PATH})
+
+set(_libs "")
+
 if("@HAVE_BROTLI@")
   find_dependency(Brotli)
   list(APPEND _libs CURL::brotli)

From 41931f1659f485ba60cfb4da0b4479bfb0fd8a8e Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Sun, 30 Nov 2025 23:35:25 +0100
Subject: [PATCH 1075/2408] imap: make sure Curl_pgrsSetDownloadSize() does not
 overflow

Follow-up to c1e3a760b. The previous update missed an addition that also
can wrap and cause confusion. Fixing this by calling
Curl_pgrsSetDownloadSize() after the overflow check.

Reported-by: Deniz Parlak
Closes #19774
---
 lib/imap.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/lib/imap.c b/lib/imap.c
index d093e46d33..9d58bec4ec 100644
--- a/lib/imap.c
+++ b/lib/imap.c
@@ -1214,8 +1214,6 @@ static CURLcode imap_state_listsearch_resp(struct Curl_easy *data,
 
         /* This is a literal response, setup to receive the body data */
         infof(data, "Found %" FMT_OFF_T " bytes to download", size);
-        /* Progress size includes both header line and literal body */
-        Curl_pgrsSetDownloadSize(data, size + len);
 
         /* First write the header line */
         result = Curl_client_write(data, CLIENTWRITE_BODY, line, len);
@@ -1268,6 +1266,9 @@ static CURLcode imap_state_listsearch_resp(struct Curl_easy *data,
         else
           size += len;
 
+        /* Progress size includes both header line and literal body */
+        Curl_pgrsSetDownloadSize(data, size);
+
         if(data->req.bytecount == size)
           /* All data already transferred (header + literal body) */
           Curl_xfer_setup_nop(data);

From cffc91284475e78a7d9b0538b9db329fe3249f63 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 1 Dec 2025 09:26:28 +0100
Subject: [PATCH 1076/2408] url: fix return code for OOM in parse_proxy()

Closes #19779
---
 lib/url.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/lib/url.c b/lib/url.c
index b4c33236cd..84909f0372 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -2250,11 +2250,15 @@ static CURLcode parse_proxy(struct Curl_easy *data,
 
   /* Is there a username and password given in this proxy url? */
   uc = curl_url_get(uhp, CURLUPART_USER, &proxyuser, CURLU_URLDECODE);
-  if(uc && (uc != CURLUE_NO_USER))
+  if(uc && (uc != CURLUE_NO_USER)) {
+    result = Curl_uc_to_curlcode(uc);
     goto error;
+  }
   uc = curl_url_get(uhp, CURLUPART_PASSWORD, &proxypasswd, CURLU_URLDECODE);
-  if(uc && (uc != CURLUE_NO_PASSWORD))
+  if(uc && (uc != CURLUE_NO_PASSWORD)) {
+    result = Curl_uc_to_curlcode(uc);
     goto error;
+  }
 
   if(proxyuser || proxypasswd) {
     curlx_free(proxyinfo->user);

From 729316a9e4aed66c3ca90435e2c7f4052dac32f9 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 1 Dec 2025 10:24:32 +0100
Subject: [PATCH 1077/2408] http: handle oom error from Curl_input_digest()

Closes #19780
---
 lib/http.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lib/http.c b/lib/http.c
index f09d96ee06..5e2b8f9ac0 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -976,6 +976,8 @@ static CURLcode auth_digest(struct Curl_easy *data,
      * Digest */
     result = Curl_input_digest(data, proxy, auth);
     if(result) {
+      if(result == CURLE_OUT_OF_MEMORY)
+        return result;
       infof(data, "Digest authentication problem, ignoring.");
       data->state.authproblem = TRUE;
     }

From dabfae84f0f2626974c109c979a21bcaad357450 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 1 Dec 2025 01:53:25 +0100
Subject: [PATCH 1078/2408] cmake: namespace all local variables in
 `curl-config.cmake`

Also:
- apply it to the local copy of this code in `lib/CMakeLists.txt`.
- replace 'CURL' with `@PROJECT_NAME@` in a message.

Closes #19777
---
 CMake/curl-config.cmake.in | 86 +++++++++++++++++++-------------------
 lib/CMakeLists.txt         | 16 +++----
 2 files changed, 51 insertions(+), 51 deletions(-)

diff --git a/CMake/curl-config.cmake.in b/CMake/curl-config.cmake.in
index 97c60d3a8d..7ae026d8f8 100644
--- a/CMake/curl-config.cmake.in
+++ b/CMake/curl-config.cmake.in
@@ -42,93 +42,93 @@ endif()
 set(_curl_cmake_module_path_save ${CMAKE_MODULE_PATH})
 set(CMAKE_MODULE_PATH ${CMAKE_CURRENT_LIST_DIR} ${CMAKE_MODULE_PATH})
 
-set(_libs "")
+set(_curl_libs "")
 
 if("@HAVE_BROTLI@")
   find_dependency(Brotli)
-  list(APPEND _libs CURL::brotli)
+  list(APPEND _curl_libs CURL::brotli)
 endif()
 if("@USE_ARES@")
   find_dependency(Cares)
-  list(APPEND _libs CURL::cares)
+  list(APPEND _curl_libs CURL::cares)
 endif()
 if("@HAVE_GSSAPI@")
   find_dependency(GSS)
-  list(APPEND _libs CURL::gss)
+  list(APPEND _curl_libs CURL::gss)
 endif()
 if("@USE_BACKTRACE@")
   find_dependency(Libbacktrace)
-  list(APPEND _libs CURL::libbacktrace)
+  list(APPEND _curl_libs CURL::libbacktrace)
 endif()
 if("@USE_GSASL@")
   find_dependency(Libgsasl)
-  list(APPEND _libs CURL::libgsasl)
+  list(APPEND _curl_libs CURL::libgsasl)
 endif()
 if(NOT "@USE_WIN32_LDAP@" AND NOT "@CURL_DISABLE_LDAP@")
   find_dependency(LDAP)
-  list(APPEND _libs CURL::ldap)
+  list(APPEND _curl_libs CURL::ldap)
 endif()
 if("@HAVE_LIBIDN2@")
   find_dependency(Libidn2)
-  list(APPEND _libs CURL::libidn2)
+  list(APPEND _curl_libs CURL::libidn2)
 endif()
 if("@USE_LIBPSL@")
   find_dependency(Libpsl)
-  list(APPEND _libs CURL::libpsl)
+  list(APPEND _curl_libs CURL::libpsl)
 endif()
 if("@USE_LIBRTMP@")
   find_dependency(Librtmp)
-  list(APPEND _libs CURL::librtmp)
+  list(APPEND _curl_libs CURL::librtmp)
 endif()
 if("@USE_LIBSSH@")
   find_dependency(Libssh)
-  list(APPEND _libs CURL::libssh)
+  list(APPEND _curl_libs CURL::libssh)
 endif()
 if("@USE_LIBSSH2@")
   find_dependency(Libssh2)
-  list(APPEND _libs CURL::libssh2)
+  list(APPEND _curl_libs CURL::libssh2)
 endif()
 if("@USE_LIBUV@")
   find_dependency(Libuv)
-  list(APPEND _libs CURL::libuv)
+  list(APPEND _curl_libs CURL::libuv)
 endif()
 if("@USE_MBEDTLS@")
   find_dependency(MbedTLS)
-  list(APPEND _libs CURL::mbedtls)
+  list(APPEND _curl_libs CURL::mbedtls)
 endif()
 if("@USE_NGHTTP2@")
   find_dependency(NGHTTP2)
-  list(APPEND _libs CURL::nghttp2)
+  list(APPEND _curl_libs CURL::nghttp2)
 endif()
 if("@USE_NGHTTP3@")
   find_dependency(NGHTTP3)
-  list(APPEND _libs CURL::nghttp3)
+  list(APPEND _curl_libs CURL::nghttp3)
 endif()
 if("@USE_NGTCP2@")
   find_dependency(NGTCP2)
-  list(APPEND _libs CURL::ngtcp2)
+  list(APPEND _curl_libs CURL::ngtcp2)
 endif()
 if("@USE_GNUTLS@")
   find_dependency(GnuTLS)
-  list(APPEND _libs CURL::gnutls)
+  list(APPEND _curl_libs CURL::gnutls)
   find_dependency(Nettle)
-  list(APPEND _libs CURL::nettle)
+  list(APPEND _curl_libs CURL::nettle)
 endif()
 if("@USE_QUICHE@")
   find_dependency(Quiche)
-  list(APPEND _libs CURL::quiche)
+  list(APPEND _curl_libs CURL::quiche)
 endif()
 if("@USE_RUSTLS@")
   find_dependency(Rustls)
-  list(APPEND _libs CURL::rustls)
+  list(APPEND _curl_libs CURL::rustls)
 endif()
 if("@USE_WOLFSSL@")
   find_dependency(WolfSSL)
-  list(APPEND _libs CURL::wolfssl)
+  list(APPEND _curl_libs CURL::wolfssl)
 endif()
 if("@HAVE_ZSTD@")
   find_dependency(Zstd)
-  list(APPEND _libs CURL::zstd)
+  list(APPEND _curl_libs CURL::zstd)
 endif()
 
 set(CMAKE_MODULE_PATH ${_curl_cmake_module_path_save})
@@ -155,16 +155,16 @@ if(TARGET @PROJECT_NAME@::@LIB_STATIC@)
   if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.17)
     cmake_policy(GET CMP0099 _has_CMP0099)  # https://cmake.org/cmake/help/latest/policy/CMP0099.html
   endif()
-  if(NOT _has_CMP0099 AND CMAKE_VERSION VERSION_GREATER_EQUAL 3.13 AND _libs)
-    set(_libdirs "")
-    foreach(_lib IN LISTS _libs)
-      get_target_property(_libdir "${_lib}" INTERFACE_LINK_DIRECTORIES)
-      if(_libdir)
-        list(APPEND _libdirs "${_libdir}")
+  if(NOT _has_CMP0099 AND CMAKE_VERSION VERSION_GREATER_EQUAL 3.13 AND _curl_libs)
+    set(_curl_libdirs "")
+    foreach(_curl_lib IN LISTS _curl_libs)
+      get_target_property(_curl_libdir "${_curl_lib}" INTERFACE_LINK_DIRECTORIES)
+      if(_curl_libdir)
+        list(APPEND _curl_libdirs "${_curl_libdir}")
       endif()
     endforeach()
-    if(_libdirs)
-      target_link_directories(@PROJECT_NAME@::@LIB_STATIC@ INTERFACE ${_libdirs})
+    if(_curl_libdirs)
+      target_link_directories(@PROJECT_NAME@::@LIB_STATIC@ INTERFACE ${_curl_libdirs})
     endif()
   endif()
 endif()
@@ -178,25 +178,25 @@ set_and_check(CURL_INCLUDE_DIRS "@PACKAGE_CMAKE_INSTALL_INCLUDEDIR@")
 set(CURL_SUPPORTED_PROTOCOLS "@CURL_SUPPORTED_PROTOCOLS_LIST@")
 set(CURL_SUPPORTED_FEATURES "@CURL_SUPPORTED_FEATURES_LIST@")
 
-foreach(_item IN LISTS CURL_SUPPORTED_PROTOCOLS CURL_SUPPORTED_FEATURES)
-  set(CURL_SUPPORTS_${_item} TRUE)
+foreach(_curl_item IN LISTS CURL_SUPPORTED_PROTOCOLS CURL_SUPPORTED_FEATURES)
+  set(CURL_SUPPORTS_${_curl_item} TRUE)
 endforeach()
 
-set(_missing_req "")
-foreach(_item IN LISTS CURL_FIND_COMPONENTS)
-  if(CURL_SUPPORTS_${_item})
-    set(CURL_${_item}_FOUND TRUE)
-  elseif(CURL_FIND_REQUIRED_${_item})
-    list(APPEND _missing_req ${_item})
+set(_curl_missing_req "")
+foreach(_curl_item IN LISTS CURL_FIND_COMPONENTS)
+  if(CURL_SUPPORTS_${_curl_item})
+    set(CURL_${_curl_item}_FOUND TRUE)
+  elseif(CURL_FIND_REQUIRED_${_curl_item})
+    list(APPEND _curl_missing_req ${_curl_item})
   endif()
 endforeach()
 
-if(_missing_req)
-  string(REPLACE ";" " " _missing_req "${_missing_req}")
+if(_curl_missing_req)
+  string(REPLACE ";" " " _curl_missing_req "${_curl_missing_req}")
   if(CURL_FIND_REQUIRED)
-    message(FATAL_ERROR "CURL: missing required components: ${_missing_req}")
+    message(FATAL_ERROR "@PROJECT_NAME@: missing required components: ${_curl_missing_req}")
   endif()
-  unset(_missing_req)
+  unset(_curl_missing_req)
 endif()
 
 check_required_components("@PROJECT_NAME@")
diff --git a/lib/CMakeLists.txt b/lib/CMakeLists.txt
index 5ce288a0a8..b9b175a24d 100644
--- a/lib/CMakeLists.txt
+++ b/lib/CMakeLists.txt
@@ -181,17 +181,17 @@ if(BUILD_STATIC_LIBS)
     cmake_policy(GET CMP0099 _has_CMP0099)  # https://cmake.org/cmake/help/latest/policy/CMP0099.html
   endif()
   if(NOT _has_CMP0099 AND CMAKE_VERSION VERSION_GREATER_EQUAL 3.13 AND CURL_LIBS)
-    set(_libdirs "")
-    foreach(_lib IN LISTS CURL_LIBS)
-      if(TARGET "${_lib}")
-        get_target_property(_libdir "${_lib}" INTERFACE_LINK_DIRECTORIES)
-        if(_libdir)
-          list(APPEND _libdirs "${_libdir}")
+    set(_curl_libdirs "")
+    foreach(_curl_lib IN LISTS CURL_LIBS)
+      if(TARGET "${_curl_lib}")
+        get_target_property(_curl_libdir "${_curl_lib}" INTERFACE_LINK_DIRECTORIES)
+        if(_curl_libdir)
+          list(APPEND _curl_libdirs "${_curl_libdir}")
         endif()
       endif()
     endforeach()
-    if(_libdirs)
-      target_link_directories(${LIB_STATIC} INTERFACE ${_libdirs})
+    if(_curl_libdirs)
+      target_link_directories(${LIB_STATIC} INTERFACE ${_curl_libdirs})
     endif()
   endif()
 endif()

From 4aed2dcc897b383b8bb9ae3bf2d7a2246ebccfcd Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sat, 29 Nov 2025 15:23:58 +0100
Subject: [PATCH 1079/2408] krb5: fix detecting channel binding feature
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Use the already detected `gssapi/gssapi_krb5.h` MIT Kerberos header
to pull in `gssapi_ext.h`, which in turn sets `GSS_C_CHANNEL_BOUND_FLAG`
if supported. Channel binding is present in MIT Kerberos 1.19+.

Also:
- lib: de-duplicate GSS-API header includes.
- vauth: de-duplicate `urldata.h` includes.
- drop interim feature macro in favor of the native GSS one.

Assisted-by: Max Faxälv
Reported-by: Max Faxälv
Bug: https://github.com/curl/curl/pull/19164#issuecomment-3551687025
Follow-up to 8616e5aada9c78fb611c60d913c999c8e78c14ba #19164
Closes #19603
Closes #19760
---
 lib/curl_gssapi.h         |  5 -----
 lib/http_negotiate.c      |  6 +++---
 lib/urldata.h             | 11 +++++------
 lib/vauth/cleartext.c     |  1 -
 lib/vauth/cram.c          |  1 -
 lib/vauth/digest.c        |  1 -
 lib/vauth/digest_sspi.c   |  1 -
 lib/vauth/gsasl.c         |  1 -
 lib/vauth/krb5_gssapi.c   |  1 -
 lib/vauth/krb5_sspi.c     |  1 -
 lib/vauth/ntlm.c          |  4 +---
 lib/vauth/ntlm_sspi.c     |  1 -
 lib/vauth/oauth2.c        |  1 -
 lib/vauth/spnego_gssapi.c |  5 ++---
 lib/vauth/spnego_sspi.c   |  1 -
 lib/vauth/vauth.c         |  1 -
 lib/vauth/vauth.h         | 15 ++-------------
 lib/version.c             | 12 ------------
 18 files changed, 13 insertions(+), 56 deletions(-)

diff --git a/lib/curl_gssapi.h b/lib/curl_gssapi.h
index 1a2bbabdf5..6df7e059d3 100644
--- a/lib/curl_gssapi.h
+++ b/lib/curl_gssapi.h
@@ -28,11 +28,6 @@
 #include "urldata.h"
 
 #ifdef HAVE_GSSAPI
-
-#ifdef GSS_C_CHANNEL_BOUND_FLAG  /* MIT Kerberos 1.19+, missing from GNU GSS */
-#define CURL_GSSAPI_HAS_CHANNEL_BINDING
-#endif
-
 extern gss_OID_desc Curl_spnego_mech_oid;
 extern gss_OID_desc Curl_krb5_mech_oid;
 
diff --git a/lib/http_negotiate.c b/lib/http_negotiate.c
index fc80f80fa3..f31e59c2ca 100644
--- a/lib/http_negotiate.c
+++ b/lib/http_negotiate.c
@@ -120,7 +120,7 @@ CURLcode Curl_input_negotiate(struct Curl_easy *data, struct connectdata *conn,
   neg_ctx->sslContext = conn->sslContext;
 #endif
   /* Check if the connection is using SSL and get the channel binding data */
-#ifdef CURL_GSSAPI_HAS_CHANNEL_BINDING
+#ifdef GSS_C_CHANNEL_BOUND_FLAG
 #ifdef USE_SSL
   curlx_dyn_init(&neg_ctx->channel_binding_data, SSL_CB_MAX_SIZE + 1);
   if(Curl_conn_is_ssl(conn, FIRSTSOCKET)) {
@@ -134,13 +134,13 @@ CURLcode Curl_input_negotiate(struct Curl_easy *data, struct connectdata *conn,
 #else
   curlx_dyn_init(&neg_ctx->channel_binding_data, 1);
 #endif /* USE_SSL */
-#endif /* CURL_GSSAPI_HAS_CHANNEL_BINDING */
+#endif /* GSS_C_CHANNEL_BOUND_FLAG */
 
   /* Initialize the security context and decode our challenge */
   result = Curl_auth_decode_spnego_message(data, userp, passwdp, service,
                                            host, header, neg_ctx);
 
-#ifdef CURL_GSSAPI_HAS_CHANNEL_BINDING
+#ifdef GSS_C_CHANNEL_BOUND_FLAG
   curlx_dyn_free(&neg_ctx->channel_binding_data);
 #endif
 
diff --git a/lib/urldata.h b/lib/urldata.h
index 561db56ecd..1c91099d15 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -191,12 +191,11 @@ typedef CURLcode (Curl_recv)(struct Curl_easy *data,   /* transfer */
 #ifdef HAVE_GSSAPI
 # ifdef HAVE_GSSGNU
 #  include 
-# else
-#  ifdef HAVE_GSSAPI_H
-#   include 
-#  else
-#   include 
-#  endif
+# elif defined(HAVE_GSSAPI_H)
+#  include 
+# else /* MIT Kerberos */
+#  include 
+#  include  /* for GSS_C_CHANNEL_BOUND_FLAG, in 1.19+ */
 # endif
 #endif
 
diff --git a/lib/vauth/cleartext.c b/lib/vauth/cleartext.c
index 862310111e..c0e59fd273 100644
--- a/lib/vauth/cleartext.c
+++ b/lib/vauth/cleartext.c
@@ -32,7 +32,6 @@
   (!defined(CURL_DISABLE_LDAP) && defined(USE_OPENLDAP))
 
 #include 
-#include "../urldata.h"
 
 #include "vauth.h"
 #include "../curlx/warnless.h"
diff --git a/lib/vauth/cram.c b/lib/vauth/cram.c
index 9bc5544a64..6a39a400ee 100644
--- a/lib/vauth/cram.c
+++ b/lib/vauth/cram.c
@@ -29,7 +29,6 @@
 #ifndef CURL_DISABLE_DIGEST_AUTH
 
 #include 
-#include "../urldata.h"
 
 #include "vauth.h"
 #include "../curl_hmac.h"
diff --git a/lib/vauth/digest.c b/lib/vauth/digest.c
index c5fea67394..8bcfc7ed6c 100644
--- a/lib/vauth/digest.c
+++ b/lib/vauth/digest.c
@@ -33,7 +33,6 @@
 
 #include "vauth.h"
 #include "digest.h"
-#include "../urldata.h"
 #include "../curlx/base64.h"
 #include "../curl_hmac.h"
 #include "../curl_md5.h"
diff --git a/lib/vauth/digest_sspi.c b/lib/vauth/digest_sspi.c
index 550810acda..fc2c139375 100644
--- a/lib/vauth/digest_sspi.c
+++ b/lib/vauth/digest_sspi.c
@@ -33,7 +33,6 @@
 
 #include "vauth.h"
 #include "digest.h"
-#include "../urldata.h"
 #include "../curlx/warnless.h"
 #include "../curlx/multibyte.h"
 #include "../sendf.h"
diff --git a/lib/vauth/gsasl.c b/lib/vauth/gsasl.c
index 8330a4bd71..3888622dbf 100644
--- a/lib/vauth/gsasl.c
+++ b/lib/vauth/gsasl.c
@@ -31,7 +31,6 @@
 #include 
 
 #include "vauth.h"
-#include "../urldata.h"
 #include "../sendf.h"
 
 #include 
diff --git a/lib/vauth/krb5_gssapi.c b/lib/vauth/krb5_gssapi.c
index 1590949d68..7ba21a3941 100644
--- a/lib/vauth/krb5_gssapi.c
+++ b/lib/vauth/krb5_gssapi.c
@@ -33,7 +33,6 @@
 
 #include "vauth.h"
 #include "../curl_sasl.h"
-#include "../urldata.h"
 #include "../curl_gssapi.h"
 #include "../sendf.h"
 
diff --git a/lib/vauth/krb5_sspi.c b/lib/vauth/krb5_sspi.c
index 2f82345b98..7317af809a 100644
--- a/lib/vauth/krb5_sspi.c
+++ b/lib/vauth/krb5_sspi.c
@@ -31,7 +31,6 @@
 #include 
 
 #include "vauth.h"
-#include "../urldata.h"
 #include "../curlx/warnless.h"
 #include "../curlx/multibyte.h"
 #include "../sendf.h"
diff --git a/lib/vauth/ntlm.c b/lib/vauth/ntlm.c
index e5eb1de5ef..e47135337a 100644
--- a/lib/vauth/ntlm.c
+++ b/lib/vauth/ntlm.c
@@ -35,7 +35,7 @@
 
 #define DEBUG_ME 0
 
-#include "../urldata.h"
+#include "vauth.h"
 #include "../sendf.h"
 #include "../curl_ntlm_core.h"
 #include "../curl_gethostname.h"
@@ -44,8 +44,6 @@
 #include "../rand.h"
 #include "../vtls/vtls.h"
 #include "../strdup.h"
-
-#include "vauth.h"
 #include "../curl_endian.h"
 
 /* NTLM buffer fixed size, large enough for long user + host + domain */
diff --git a/lib/vauth/ntlm_sspi.c b/lib/vauth/ntlm_sspi.c
index bab319671c..561de27dc3 100644
--- a/lib/vauth/ntlm_sspi.c
+++ b/lib/vauth/ntlm_sspi.c
@@ -29,7 +29,6 @@
 #include 
 
 #include "vauth.h"
-#include "../urldata.h"
 #include "../curl_ntlm_core.h"
 #include "../curlx/warnless.h"
 #include "../curlx/multibyte.h"
diff --git a/lib/vauth/oauth2.c b/lib/vauth/oauth2.c
index 3b4d4164f0..c9122debff 100644
--- a/lib/vauth/oauth2.c
+++ b/lib/vauth/oauth2.c
@@ -31,7 +31,6 @@
   (!defined(CURL_DISABLE_LDAP) && defined(USE_OPENLDAP))
 
 #include 
-#include "../urldata.h"
 
 #include "vauth.h"
 #include "../curlx/warnless.h"
diff --git a/lib/vauth/spnego_gssapi.c b/lib/vauth/spnego_gssapi.c
index f956f2c03e..3a24e8860a 100644
--- a/lib/vauth/spnego_gssapi.c
+++ b/lib/vauth/spnego_gssapi.c
@@ -31,7 +31,6 @@
 #include 
 
 #include "vauth.h"
-#include "../urldata.h"
 #include "../curlx/base64.h"
 #include "../curl_gssapi.h"
 #include "../curlx/warnless.h"
@@ -92,7 +91,7 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
   gss_buffer_desc input_token = GSS_C_EMPTY_BUFFER;
   gss_buffer_desc output_token = GSS_C_EMPTY_BUFFER;
   gss_channel_bindings_t chan_bindings = GSS_C_NO_CHANNEL_BINDINGS;
-#ifdef CURL_GSSAPI_HAS_CHANNEL_BINDING
+#ifdef GSS_C_CHANNEL_BOUND_FLAG
   struct gss_channel_bindings_struct chan;
 #endif
 
@@ -155,7 +154,7 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
   }
 
   /* Set channel binding data if available */
-#ifdef CURL_GSSAPI_HAS_CHANNEL_BINDING
+#ifdef GSS_C_CHANNEL_BOUND_FLAG
   if(curlx_dyn_len(&nego->channel_binding_data)) {
     memset(&chan, 0, sizeof(struct gss_channel_bindings_struct));
     chan.application_data.length = curlx_dyn_len(&nego->channel_binding_data);
diff --git a/lib/vauth/spnego_sspi.c b/lib/vauth/spnego_sspi.c
index 2b0504f630..2a6548b6d4 100644
--- a/lib/vauth/spnego_sspi.c
+++ b/lib/vauth/spnego_sspi.c
@@ -31,7 +31,6 @@
 #include 
 
 #include "vauth.h"
-#include "../urldata.h"
 #include "../curlx/base64.h"
 #include "../curlx/warnless.h"
 #include "../curlx/multibyte.h"
diff --git a/lib/vauth/vauth.c b/lib/vauth/vauth.c
index 4ca6cef7c8..9b87bd2c67 100644
--- a/lib/vauth/vauth.c
+++ b/lib/vauth/vauth.c
@@ -28,7 +28,6 @@
 
 #include "vauth.h"
 #include "../strdup.h"
-#include "../urldata.h"
 #include "../curlx/multibyte.h"
 #include "../url.h"
 
diff --git a/lib/vauth/vauth.h b/lib/vauth/vauth.h
index 51b9f41c1b..4c98d9b1c1 100644
--- a/lib/vauth/vauth.h
+++ b/lib/vauth/vauth.h
@@ -28,6 +28,7 @@
 
 #include "../bufref.h"
 #include "../curlx/dynbuf.h"
+#include "../urldata.h"
 
 struct Curl_easy;
 struct connectdata;
@@ -233,18 +234,6 @@ CURLcode Curl_auth_create_xoauth_bearer_message(const char *user,
 
 #ifdef USE_KERBEROS5
 
-#ifdef HAVE_GSSAPI
-# ifdef HAVE_GSSGNU
-#  include 
-# else
-#  ifdef HAVE_GSSAPI_H
-#   include 
-#  else
-#   include 
-#  endif
-# endif
-#endif
-
 /* meta key for storing KRB5 meta at connection */
 #define CURL_META_KRB5_CONN   "meta:auth:krb5:conn"
 
@@ -310,7 +299,7 @@ struct negotiatedata {
   gss_ctx_id_t context;
   gss_name_t spn;
   gss_buffer_desc output_token;
-#ifdef CURL_GSSAPI_HAS_CHANNEL_BINDING
+#ifdef GSS_C_CHANNEL_BOUND_FLAG
   struct dynbuf channel_binding_data;
 #endif
 #else
diff --git a/lib/version.c b/lib/version.c
index f02b92fedf..49c15ffcde 100644
--- a/lib/version.c
+++ b/lib/version.c
@@ -77,18 +77,6 @@
 #include 
 #endif
 
-#ifdef HAVE_GSSAPI
-# ifdef HAVE_GSSGNU
-#  include 
-# else
-#  ifdef HAVE_GSSAPI_H
-#   include 
-#  else
-#   include 
-#  endif
-# endif
-#endif
-
 #ifdef USE_OPENLDAP
 #include 
 #endif

From 012fa2b91b6c1129695600bfdafc5f01f7fce76f Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 1 Dec 2025 11:04:36 +0100
Subject: [PATCH 1080/2408] auth: always treat Curl_auth_ntlm_get() returning
 NULL as OOM

Closes #19782
---
 lib/curl_sasl.c | 2 +-
 lib/http_ntlm.c | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c
index aef47dc016..f0b6e9471e 100644
--- a/lib/curl_sasl.c
+++ b/lib/curl_sasl.c
@@ -705,7 +705,7 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct Curl_easy *data,
   case SASL_NTLM_TYPE2MSG: {
     /* Decode the type-2 message */
     struct ntlmdata *ntlm = Curl_auth_ntlm_get(conn, FALSE);
-    result = !ntlm ? CURLE_FAILED_INIT :
+    result = !ntlm ? CURLE_OUT_OF_MEMORY :
       get_server_message(sasl, data, &serverdata);
     if(!result)
       result = Curl_auth_decode_ntlm_type2_message(data, &serverdata, ntlm);
diff --git a/lib/http_ntlm.c b/lib/http_ntlm.c
index 2856745c34..6c79bcac1b 100644
--- a/lib/http_ntlm.c
+++ b/lib/http_ntlm.c
@@ -64,7 +64,7 @@ CURLcode Curl_input_ntlm(struct Curl_easy *data,
   if(checkprefix("NTLM", header)) {
     struct ntlmdata *ntlm = Curl_auth_ntlm_get(conn, proxy);
     if(!ntlm)
-      return CURLE_FAILED_INIT;
+      return CURLE_OUT_OF_MEMORY;
 
     header += strlen("NTLM");
     curlx_str_passblanks(&header);

From c6c4a99300bebdd3fd5a6af9ebca0053e3cbc8f7 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 1 Dec 2025 11:00:47 +0100
Subject: [PATCH 1081/2408] http: acknowledge OOM errors from Curl_input_ntlm

Closes #19781
---
 lib/http.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lib/http.c b/lib/http.c
index 5e2b8f9ac0..fcae0a57c2 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -946,6 +946,8 @@ static CURLcode auth_ntlm(struct Curl_easy *data,
       if(!result)
         data->state.authproblem = FALSE;
       else {
+        if(result == CURLE_OUT_OF_MEMORY)
+          return result;
         infof(data, "NTLM authentication problem, ignoring.");
         data->state.authproblem = TRUE;
       }

From a7bebd8502914f1652f423eddfd7005f8413a781 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Mon, 1 Dec 2025 13:22:25 +0100
Subject: [PATCH 1082/2408] memdebug: add mutex for thread safety

Protect modification to the `membuf` by different threads
via a mutex. This ensure that index updates are correct and
that data gets written in order.

Closes #19785
---
 lib/memdebug.c | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/lib/memdebug.c b/lib/memdebug.c
index 329b11ea79..1dda6d785c 100644
--- a/lib/memdebug.c
+++ b/lib/memdebug.c
@@ -29,6 +29,7 @@
 #include 
 
 #include "urldata.h"
+#include "curl_threads.h"
 #include "curlx/fopen.h"  /* for CURLX_FOPEN_LOW(), CURLX_FREOPEN_LOW() */
 
 #ifdef USE_BACKTRACE
@@ -66,6 +67,11 @@ static struct backtrace_state *btstate;
 static char membuf[KEEPSIZE];
 static size_t memwidx = 0; /* write index */
 
+#if defined(USE_THREADS_POSIX) || defined(USE_THREADS_WIN32)
+static bool dbg_mutex_init = 0;
+static curl_mutex_t dbg_mutex;
+#endif
+
 /* LeakSantizier (LSAN) calls _exit() instead of exit() when a leak is detected
    on exit so the logfile must be closed explicitly or data could be lost.
    Though _exit() does not call atexit handlers such as this, LSAN's call to
@@ -81,6 +87,12 @@ static void curl_dbg_cleanup(void)
     fclose(curl_dbg_logfile);
   }
   curl_dbg_logfile = NULL;
+#if defined(USE_THREADS_POSIX) || defined(USE_THREADS_WIN32)
+  if(dbg_mutex_init) {
+    Curl_mutex_destroy(&dbg_mutex);
+    dbg_mutex_init = FALSE;
+  }
+#endif
 }
 #ifdef USE_BACKTRACE
 static void error_bt_callback(void *data, const char *message,
@@ -123,6 +135,12 @@ void curl_dbg_memdebug(const char *logname)
       setbuf(curl_dbg_logfile, (char *)NULL);
 #endif
   }
+#if defined(USE_THREADS_POSIX) || defined(USE_THREADS_WIN32)
+  if(!dbg_mutex_init) {
+    dbg_mutex_init = TRUE;
+    Curl_mutex_init(&dbg_mutex);
+  }
+#endif
 #ifdef USE_BACKTRACE
   btstate = backtrace_create_state(NULL, 0, error_bt_callback, NULL);
 #endif
@@ -526,6 +544,11 @@ void curl_dbg_log(const char *format, ...)
     nchars = (int)sizeof(buf) - 1;
 
   if(nchars > 0) {
+#if defined(USE_THREADS_POSIX) || defined(USE_THREADS_WIN32)
+    bool lock_mutex = dbg_mutex_init;
+    if(lock_mutex)
+      Curl_mutex_acquire(&dbg_mutex);
+#endif
     if(KEEPSIZE - nchars < memwidx) {
       /* flush */
       fwrite(membuf, 1, memwidx, curl_dbg_logfile);
@@ -538,6 +561,10 @@ void curl_dbg_log(const char *format, ...)
     }
     memcpy(&membuf[memwidx], buf, nchars);
     memwidx += nchars;
+#if defined(USE_THREADS_POSIX) || defined(USE_THREADS_WIN32)
+    if(lock_mutex)
+      Curl_mutex_release(&dbg_mutex);
+#endif
   }
 }
 

From d1b85bc49c5dd0e2c2eaf06027b5520152317f62 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Mon, 1 Dec 2025 14:05:39 +0100
Subject: [PATCH 1083/2408] memdebug: log before free

add the debug log before freeing the memory, otherwise another thread
might allocate and log it before the free is logged.

Follow-up to a7bebd8502914f1652f423
Closes #19787
---
 lib/memdebug.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib/memdebug.c b/lib/memdebug.c
index 1dda6d785c..b6c2d854c3 100644
--- a/lib/memdebug.c
+++ b/lib/memdebug.c
@@ -337,6 +337,9 @@ void curl_dbg_free(void *ptr, int line, const char *source)
   if(ptr) {
     struct memdebug *mem;
 
+  if(source)
+    curl_dbg_log("MEM %s:%d free(%p)\n", source, line, (void *)ptr);
+
 #ifdef __INTEL_COMPILER
 #  pragma warning(push)
 #  pragma warning(disable:1684)
@@ -352,9 +355,6 @@ void curl_dbg_free(void *ptr, int line, const char *source)
     /* free for real */
     (Curl_cfree)(mem);
   }
-
-  if(source && ptr)
-    curl_dbg_log("MEM %s:%d free(%p)\n", source, line, (void *)ptr);
 }
 
 curl_socket_t curl_dbg_socket(int domain, int type, int protocol,

From fb7033d7600dfb59de06e7af8a0d6ab2a4163578 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 1 Dec 2025 13:48:12 +0100
Subject: [PATCH 1084/2408] runtests: enable torture testing with threaded
 resolver

Since a7bebd850291 made it possible.
Closes #19786
---
 tests/runtests.pl | 19 +++----------------
 1 file changed, 3 insertions(+), 16 deletions(-)

diff --git a/tests/runtests.pl b/tests/runtests.pl
index 648666fd30..1bde3f3afc 100755
--- a/tests/runtests.pl
+++ b/tests/runtests.pl
@@ -846,15 +846,9 @@ sub checksystemfeatures {
     }
     # 'socks' was once here but is now removed
 
-    if($torture) {
-        if(!$feature{"TrackMemory"}) {
-            die "cannot run torture tests since curl was built without ".
-                "TrackMemory feature (--enable-curldebug)";
-        }
-        if($feature{"threaded-resolver"} && !$valgrind) {
-            die "cannot run torture tests since curl was built with the ".
-                "threaded resolver, and we are not running with valgrind";
-        }
+    if($torture && !$feature{"TrackMemory"}) {
+        die "cannot run torture tests since curl was built without ".
+            "TrackMemory feature (--enable-curldebug)";
     }
 
     my $hostname=join(' ', runclientoutput("hostname"));
@@ -879,13 +873,6 @@ sub checksystemfeatures {
         # Only show if not the default for now
         logmsg "* Jobs: $jobs\n";
     }
-    # Disable memory tracking when using threaded resolver
-    if($feature{"TrackMemory"} && $feature{"threaded-resolver"}) {
-        logmsg("*\n",
-               "*** DISABLES TrackMemory (memory tracking) when using threaded resolver\n",
-               "*\n");
-        $feature{"TrackMemory"} = 0;
-    }
 
     my $env = sprintf("%s%s%s%s%s",
                       $valgrind?"Valgrind ":"",

From a2ebae61ca365a358c6d11b2ab1f0b062efa49c6 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 1 Dec 2025 13:14:17 +0100
Subject: [PATCH 1085/2408] tool_urlglob: acknowledge OOM in peek_ipv6

Previously, an OOM error would just imply not an IPv6 address.

Closes #19784
---
 src/tool_urlglob.c | 26 ++++++++++++++++++--------
 1 file changed, 18 insertions(+), 8 deletions(-)

diff --git a/src/tool_urlglob.c b/src/tool_urlglob.c
index 9ea8a274fa..bfa54ab827 100644
--- a/src/tool_urlglob.c
+++ b/src/tool_urlglob.c
@@ -343,7 +343,7 @@ static CURLcode glob_range(struct URLGlob *glob, const char **patternp,
 
 #define MAX_IP6LEN 128
 
-static bool peek_ipv6(const char *str, size_t *skip)
+static CURLcode peek_ipv6(const char *str, size_t *skip, bool *ipv6p)
 {
   /*
    * Scan for a potential IPv6 literal.
@@ -355,27 +355,33 @@ static bool peek_ipv6(const char *str, size_t *skip)
   char *endbr = strchr(str, ']');
   size_t hlen;
   CURLUcode rc;
+  CURLcode result = CURLE_OK;
+  *ipv6p = FALSE; /* default to nope */
+  *skip = 0;
   if(!endbr)
-    return FALSE;
+    return CURLE_OK;
 
   hlen = endbr - str + 1;
   if(hlen >= MAX_IP6LEN)
-    return FALSE;
+    return CURLE_OK;
 
   u = curl_url();
   if(!u)
-    return FALSE;
+    return CURLE_OUT_OF_MEMORY;
 
   memcpy(hostname, str, hlen);
   hostname[hlen] = 0;
 
   /* ask to "guess scheme" as then it works without an https:// prefix */
   rc = curl_url_set(u, CURLUPART_URL, hostname, CURLU_GUESS_SCHEME);
-
   curl_url_cleanup(u);
-  if(!rc)
+  if(rc == CURLUE_OUT_OF_MEMORY)
+    return CURLE_OUT_OF_MEMORY;
+  if(!rc) {
     *skip = hlen;
-  return rc ? FALSE : TRUE;
+    *ipv6p = TRUE;
+  }
+  return result;
 }
 
 static CURLcode add_glob(struct URLGlob *glob, size_t pos)
@@ -414,7 +420,11 @@ static CURLcode glob_parse(struct URLGlob *glob, const char *pattern,
       if(*pattern == '[') {
         /* skip over IPv6 literals and [] */
         size_t skip = 0;
-        if(!peek_ipv6(pattern, &skip) && (pattern[1] == ']'))
+        bool ipv6;
+        res = peek_ipv6(pattern, &skip, &ipv6);
+        if(res)
+          return res;
+        if(!ipv6 && (pattern[1] == ']'))
           skip = 2;
         if(skip) {
           if(curlx_dyn_addn(&glob->buf, pattern, skip))

From c421c3e3251b33e78b1c98030d92e6ad23a82d03 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sun, 30 Nov 2025 23:22:59 +0100
Subject: [PATCH 1086/2408] cmake: verify minimum CMake version in
 `curl-config.cmake`

Show a message if the CMake version is lower than that when consuming
libcurl via the CMake config.

The minimum CMake version on consumption is for now the same as
the minimum required (v3.7) to build curl itself.

Ref: https://cmake.org/cmake/help/v3.7/variable/CMAKE_MINIMUM_REQUIRED_VERSION.html
Ref: #18704 (discussion)
Follow-up to 16f073ef49f94412000218c9f6ad04e3fd7e4d01 #16973
Closes #19776
---
 CMake/curl-config.cmake.in | 5 +++++
 CMakeLists.txt             | 1 +
 2 files changed, 6 insertions(+)

diff --git a/CMake/curl-config.cmake.in b/CMake/curl-config.cmake.in
index 7ae026d8f8..7f346c832c 100644
--- a/CMake/curl-config.cmake.in
+++ b/CMake/curl-config.cmake.in
@@ -26,6 +26,11 @@
 option(CURL_USE_PKGCONFIG "Enable pkg-config to detect @PROJECT_NAME@ dependencies. Default: @CURL_USE_PKGCONFIG@"
   "@CURL_USE_PKGCONFIG@")
 
+if(CMAKE_VERSION VERSION_LESS @CMAKE_MINIMUM_REQUIRED_VERSION@)
+  message(STATUS "@PROJECT_NAME@: @PROJECT_NAME@-specific Find modules require "
+    "CMake @CMAKE_MINIMUM_REQUIRED_VERSION@ or upper, found: ${CMAKE_VERSION}.")
+endif()
+
 include(CMakeFindDependencyMacro)
 
 if("@USE_OPENSSL@")
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 5bcf0b6a63..b45e7859e0 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -2309,6 +2309,7 @@ if(NOT CURL_DISABLE_INSTALL)
     ${_generated_version_config}")
 
   # Consumed custom variables:
+  #   CMAKE_MINIMUM_REQUIRED_VERSION
   #   CURLVERSION
   #   LIBCURL_PC_LIBS_PRIVATE_LIST
   #   LIB_NAME

From ca1919caee6a82e400acdc491179b748f38c5ede Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 1 Dec 2025 15:52:10 +0100
Subject: [PATCH 1087/2408] idn: fix memory leak in `win32_ascii_to_idn()`

Closes #19789
---
 lib/idn.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lib/idn.c b/lib/idn.c
index 1c404f6543..38f2845f26 100644
--- a/lib/idn.c
+++ b/lib/idn.c
@@ -201,6 +201,7 @@ static CURLcode win32_ascii_to_idn(const char *in, char **output)
     WCHAR idn[IDN_MAX_LENGTH]; /* stores a UTF-16 string */
     int chars = IdnToUnicode(0, in_w, (int)(wcslen(in_w) + 1), idn,
                              IDN_MAX_LENGTH);
+    curlx_unicodefree(in_w);
     if(chars) {
       /* 'chars' is "the number of characters retrieved" */
       char *mstr = curlx_convert_wchar_to_UTF8(idn);

From 338713345046e164ddd3b2dca75d862124d34a3a Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 1 Dec 2025 16:36:25 +0100
Subject: [PATCH 1088/2408] lib: delete unused `curlx/multibyte.h` includes

Closes #19792
---
 lib/vauth/krb5_sspi.c     | 1 -
 lib/vauth/ntlm.c          | 1 -
 lib/vauth/ntlm_sspi.c     | 1 -
 lib/vauth/spnego_gssapi.c | 1 -
 lib/vauth/spnego_sspi.c   | 1 -
 5 files changed, 5 deletions(-)

diff --git a/lib/vauth/krb5_sspi.c b/lib/vauth/krb5_sspi.c
index 7317af809a..21636d59ee 100644
--- a/lib/vauth/krb5_sspi.c
+++ b/lib/vauth/krb5_sspi.c
@@ -32,7 +32,6 @@
 
 #include "vauth.h"
 #include "../curlx/warnless.h"
-#include "../curlx/multibyte.h"
 #include "../sendf.h"
 
 /*
diff --git a/lib/vauth/ntlm.c b/lib/vauth/ntlm.c
index e47135337a..22d028e8c2 100644
--- a/lib/vauth/ntlm.c
+++ b/lib/vauth/ntlm.c
@@ -39,7 +39,6 @@
 #include "../sendf.h"
 #include "../curl_ntlm_core.h"
 #include "../curl_gethostname.h"
-#include "../curlx/multibyte.h"
 #include "../curlx/warnless.h"
 #include "../rand.h"
 #include "../vtls/vtls.h"
diff --git a/lib/vauth/ntlm_sspi.c b/lib/vauth/ntlm_sspi.c
index 561de27dc3..d724907db6 100644
--- a/lib/vauth/ntlm_sspi.c
+++ b/lib/vauth/ntlm_sspi.c
@@ -31,7 +31,6 @@
 #include "vauth.h"
 #include "../curl_ntlm_core.h"
 #include "../curlx/warnless.h"
-#include "../curlx/multibyte.h"
 #include "../sendf.h"
 #include "../strdup.h"
 
diff --git a/lib/vauth/spnego_gssapi.c b/lib/vauth/spnego_gssapi.c
index 3a24e8860a..2feafdda4b 100644
--- a/lib/vauth/spnego_gssapi.c
+++ b/lib/vauth/spnego_gssapi.c
@@ -34,7 +34,6 @@
 #include "../curlx/base64.h"
 #include "../curl_gssapi.h"
 #include "../curlx/warnless.h"
-#include "../curlx/multibyte.h"
 #include "../sendf.h"
 
 #if defined(__GNUC__) && defined(__APPLE__)
diff --git a/lib/vauth/spnego_sspi.c b/lib/vauth/spnego_sspi.c
index 2a6548b6d4..31747c0a0e 100644
--- a/lib/vauth/spnego_sspi.c
+++ b/lib/vauth/spnego_sspi.c
@@ -33,7 +33,6 @@
 #include "vauth.h"
 #include "../curlx/base64.h"
 #include "../curlx/warnless.h"
-#include "../curlx/multibyte.h"
 #include "../sendf.h"
 #include "../strerror.h"
 

From ccb68d2e3b602b24a8cb52f473b96938ac998db6 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 1 Dec 2025 15:49:01 +0100
Subject: [PATCH 1089/2408] idn: use curlx allocators on Windows

Replace `curlx_convert*()` functions with local copies that always use
the curlx allocator.

Closes #19790
---
 lib/idn.c | 81 +++++++++++++++++++++++++++++++++++++------------------
 1 file changed, 55 insertions(+), 26 deletions(-)

diff --git a/lib/idn.c b/lib/idn.c
index 38f2845f26..0b1a4a36cc 100644
--- a/lib/idn.c
+++ b/lib/idn.c
@@ -30,7 +30,6 @@
 #include "urldata.h"
 #include "idn.h"
 #include "sendf.h"
-#include "curlx/multibyte.h"
 #include "curlx/warnless.h"
 
 #ifdef USE_LIBIDN2
@@ -163,24 +162,60 @@ WINBASEAPI int WINAPI IdnToUnicode(DWORD dwFlags,
 
 #define IDN_MAX_LENGTH 255
 
+static wchar_t *idn_curlx_convert_UTF8_to_wchar(const char *str_utf8)
+{
+  wchar_t *str_w = NULL;
+
+  if(str_utf8) {
+    int str_w_len = MultiByteToWideChar(CP_UTF8, MB_ERR_INVALID_CHARS,
+                                        str_utf8, -1, NULL, 0);
+    if(str_w_len > 0) {
+      str_w = curlx_malloc(str_w_len * sizeof(wchar_t));
+      if(str_w) {
+        if(MultiByteToWideChar(CP_UTF8, 0, str_utf8, -1, str_w,
+                               str_w_len) == 0) {
+          curlx_free(str_w);
+          return NULL;
+        }
+      }
+    }
+  }
+  return str_w;
+}
+
+static char *idn_curlx_convert_wchar_to_UTF8(const wchar_t *str_w)
+{
+  char *str_utf8 = NULL;
+
+  if(str_w) {
+    int bytes = WideCharToMultiByte(CP_UTF8, 0, str_w, -1,
+                                    NULL, 0, NULL, NULL);
+    if(bytes > 0) {
+      str_utf8 = curlx_malloc(bytes);
+      if(str_utf8) {
+        if(WideCharToMultiByte(CP_UTF8, 0, str_w, -1, str_utf8, bytes,
+                               NULL, NULL) == 0) {
+          curlx_free(str_utf8);
+          return NULL;
+        }
+      }
+    }
+  }
+  return str_utf8;
+}
+
 static CURLcode win32_idn_to_ascii(const char *in, char **out)
 {
-  wchar_t *in_w = curlx_convert_UTF8_to_wchar(in);
+  wchar_t *in_w = idn_curlx_convert_UTF8_to_wchar(in);
   *out = NULL;
   if(in_w) {
     wchar_t punycode[IDN_MAX_LENGTH];
     int chars = IdnToAscii(0, in_w, (int)(wcslen(in_w) + 1), punycode,
                            IDN_MAX_LENGTH);
-    curlx_unicodefree(in_w);
+    curlx_free(in_w);
     if(chars) {
-      char *mstr = curlx_convert_wchar_to_UTF8(punycode);
-      if(mstr) {
-        *out = curlx_strdup(mstr);
-        curlx_unicodefree(mstr);
-        if(!*out)
-          return CURLE_OUT_OF_MEMORY;
-      }
-      else
+      *out = idn_curlx_convert_wchar_to_UTF8(punycode);
+      if(!*out)
         return CURLE_OUT_OF_MEMORY;
     }
     else
@@ -192,32 +227,26 @@ static CURLcode win32_idn_to_ascii(const char *in, char **out)
   return CURLE_OK;
 }
 
-static CURLcode win32_ascii_to_idn(const char *in, char **output)
+static CURLcode win32_ascii_to_idn(const char *in, char **out)
 {
-  char *out = NULL;
-
-  wchar_t *in_w = curlx_convert_UTF8_to_wchar(in);
+  wchar_t *in_w = idn_curlx_convert_UTF8_to_wchar(in);
+  *out = NULL;
   if(in_w) {
     WCHAR idn[IDN_MAX_LENGTH]; /* stores a UTF-16 string */
     int chars = IdnToUnicode(0, in_w, (int)(wcslen(in_w) + 1), idn,
                              IDN_MAX_LENGTH);
-    curlx_unicodefree(in_w);
-    if(chars) {
-      /* 'chars' is "the number of characters retrieved" */
-      char *mstr = curlx_convert_wchar_to_UTF8(idn);
-      if(mstr) {
-        out = curlx_strdup(mstr);
-        curlx_unicodefree(mstr);
-        if(!out)
-          return CURLE_OUT_OF_MEMORY;
-      }
+    curlx_free(in_w);
+    if(chars) {  /* 'chars' is "the number of characters retrieved" */
+      *out = idn_curlx_convert_wchar_to_UTF8(idn);
+      if(!*out)
+        return CURLE_OUT_OF_MEMORY;
     }
     else
       return CURLE_URL_MALFORMAT;
   }
   else
     return CURLE_URL_MALFORMAT;
-  *output = out;
+
   return CURLE_OK;
 }
 

From a3fcd80de4b1fe00c8832713afadfc6ad8f391b3 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 1 Dec 2025 15:25:26 +0100
Subject: [PATCH 1090/2408] curlx: use curlx allocators in non-memdebug builds
 (Windows)

To limit raw allocators to `CURLDEBUG` (memdebug/TrackMemory) Windows
UNICODE builds.

Closes #19788
---
 lib/curlx/fopen.c     | 50 +++++++++++++++----------------------------
 lib/curlx/multibyte.c | 12 ++++-------
 lib/curlx/multibyte.h | 15 ++++++++++++-
 3 files changed, 35 insertions(+), 42 deletions(-)

diff --git a/lib/curlx/fopen.c b/lib/curlx/fopen.c
index caf4978af1..1838b7de8b 100644
--- a/lib/curlx/fopen.c
+++ b/lib/curlx/fopen.c
@@ -100,8 +100,7 @@ static bool fix_excessive_path(const TCHAR *in, TCHAR **out)
     goto cleanup;
   if(!needed || needed >= max_path_len)
     goto cleanup;
-  /* !checksrc! disable BANNEDFUNC 1 */
-  ibuf = malloc(needed * sizeof(wchar_t));
+  ibuf = CURLX_MALLOC(needed * sizeof(wchar_t));
   if(!ibuf)
     goto cleanup;
   if(mbstowcs_s(&count, ibuf, needed, in, needed - 1))
@@ -122,8 +121,7 @@ static bool fix_excessive_path(const TCHAR *in, TCHAR **out)
   /* skip paths that are not excessive and do not need modification */
   if(needed <= MAX_PATH)
     goto cleanup;
-  /* !checksrc! disable BANNEDFUNC 1 */
-  fbuf = malloc(needed * sizeof(wchar_t));
+  fbuf = CURLX_MALLOC(needed * sizeof(wchar_t));
   if(!fbuf)
     goto cleanup;
   count = (size_t)GetFullPathNameW(in_w, (DWORD)needed, fbuf, NULL);
@@ -156,19 +154,16 @@ static bool fix_excessive_path(const TCHAR *in, TCHAR **out)
       if(needed > max_path_len)
         goto cleanup;
 
-      /* !checksrc! disable BANNEDFUNC 1 */
-      temp = malloc(needed * sizeof(wchar_t));
+      temp = CURLX_MALLOC(needed * sizeof(wchar_t));
       if(!temp)
         goto cleanup;
 
       if(wcsncpy_s(temp, needed, L"\\\\?\\UNC\\", 8)) {
-        /* !checksrc! disable BANNEDFUNC 1 */
-        free(temp);
+        CURLX_FREE(temp);
         goto cleanup;
       }
       if(wcscpy_s(temp + 8, needed, fbuf + 2)) {
-        /* !checksrc! disable BANNEDFUNC 1 */
-        free(temp);
+        CURLX_FREE(temp);
         goto cleanup;
       }
     }
@@ -178,25 +173,21 @@ static bool fix_excessive_path(const TCHAR *in, TCHAR **out)
       if(needed > max_path_len)
         goto cleanup;
 
-      /* !checksrc! disable BANNEDFUNC 1 */
-      temp = malloc(needed * sizeof(wchar_t));
+      temp = CURLX_MALLOC(needed * sizeof(wchar_t));
       if(!temp)
         goto cleanup;
 
       if(wcsncpy_s(temp, needed, L"\\\\?\\", 4)) {
-        /* !checksrc! disable BANNEDFUNC 1 */
-        free(temp);
+        CURLX_FREE(temp);
         goto cleanup;
       }
       if(wcscpy_s(temp + 4, needed, fbuf)) {
-        /* !checksrc! disable BANNEDFUNC 1 */
-        free(temp);
+        CURLX_FREE(temp);
         goto cleanup;
       }
     }
 
-    /* !checksrc! disable BANNEDFUNC 1 */
-    free(fbuf);
+    CURLX_FREE(fbuf);
     fbuf = temp;
   }
 
@@ -206,8 +197,7 @@ static bool fix_excessive_path(const TCHAR *in, TCHAR **out)
     goto cleanup;
   if(!needed || needed >= max_path_len)
     goto cleanup;
-  /* !checksrc! disable BANNEDFUNC 1 */
-  obuf = malloc(needed);
+  obuf = CURLX_MALLOC(needed);
   if(!obuf)
     goto cleanup;
   if(wcstombs_s(&count, obuf, needed, fbuf, needed - 1))
@@ -222,12 +212,10 @@ static bool fix_excessive_path(const TCHAR *in, TCHAR **out)
 #endif
 
 cleanup:
-  /* !checksrc! disable BANNEDFUNC 1 */
-  free(fbuf);
+  CURLX_FREE(fbuf);
 #ifndef _UNICODE
-  /* !checksrc! disable BANNEDFUNC 2 */
-  free(ibuf);
-  free(obuf);
+  CURLX_FREE(ibuf);
+  CURLX_FREE(obuf);
 #endif
   return *out ? true : false;
 }
@@ -269,8 +257,7 @@ int curlx_win32_open(const char *filename, int oflag, ...)
   errno = _sopen_s(&result, target, oflag, _SH_DENYNO, pmode);
 #endif
 
-  /* !checksrc! disable BANNEDFUNC 1 */
-  free(fixed);
+  CURLX_FREE(fixed);
   return result;
 }
 
@@ -303,8 +290,7 @@ FILE *curlx_win32_fopen(const char *filename, const char *mode)
   errno = fopen_s(&result, target, mode);
 #endif
 
-  /* !checksrc! disable BANNEDFUNC 1 */
-  free(fixed);
+  CURLX_FREE(fixed);
   return result;
 }
 
@@ -342,8 +328,7 @@ FILE *curlx_win32_freopen(const char *filename, const char *mode, FILE *fp)
   errno = freopen_s(&result, target, mode, fp);
 #endif
 
-  /* !checksrc! disable BANNEDFUNC 1 */
-  free(fixed);
+  CURLX_FREE(fixed);
   return result;
 }
 
@@ -382,8 +367,7 @@ int curlx_win32_stat(const char *path, struct_stat *buffer)
 #endif
 #endif
 
-  /* !checksrc! disable BANNEDFUNC 1 */
-  free(fixed);
+  CURLX_FREE(fixed);
   return result;
 }
 
diff --git a/lib/curlx/multibyte.c b/lib/curlx/multibyte.c
index 2583f30870..fb3b7be3e1 100644
--- a/lib/curlx/multibyte.c
+++ b/lib/curlx/multibyte.c
@@ -45,13 +45,11 @@ wchar_t *curlx_convert_UTF8_to_wchar(const char *str_utf8)
     int str_w_len = MultiByteToWideChar(CP_UTF8, MB_ERR_INVALID_CHARS,
                                         str_utf8, -1, NULL, 0);
     if(str_w_len > 0) {
-      /* !checksrc! disable BANNEDFUNC 1 */
-      str_w = malloc(str_w_len * sizeof(wchar_t));
+      str_w = CURLX_MALLOC(str_w_len * sizeof(wchar_t));
       if(str_w) {
         if(MultiByteToWideChar(CP_UTF8, 0, str_utf8, -1, str_w,
                                str_w_len) == 0) {
-          /* !checksrc! disable BANNEDFUNC 1 */
-          free(str_w);
+          CURLX_FREE(str_w);
           return NULL;
         }
       }
@@ -69,13 +67,11 @@ char *curlx_convert_wchar_to_UTF8(const wchar_t *str_w)
     int bytes = WideCharToMultiByte(CP_UTF8, 0, str_w, -1,
                                     NULL, 0, NULL, NULL);
     if(bytes > 0) {
-      /* !checksrc! disable BANNEDFUNC 1 */
-      str_utf8 = malloc(bytes);
+      str_utf8 = CURLX_MALLOC(bytes);
       if(str_utf8) {
         if(WideCharToMultiByte(CP_UTF8, 0, str_w, -1, str_utf8, bytes,
                                NULL, NULL) == 0) {
-          /* !checksrc! disable BANNEDFUNC 1 */
-          free(str_utf8);
+          CURLX_FREE(str_utf8);
           return NULL;
         }
       }
diff --git a/lib/curlx/multibyte.h b/lib/curlx/multibyte.h
index fac07c2eeb..3eae4e75bd 100644
--- a/lib/curlx/multibyte.h
+++ b/lib/curlx/multibyte.h
@@ -44,12 +44,20 @@
  * memory tracker memdebug functions.
  */
 
+#ifdef CURLDEBUG
+#define CURLX_MALLOC(x) malloc(x)
+#define CURLX_FREE(x)   free(x)
+#else
+#define CURLX_MALLOC(x) curlx_malloc(x)
+#define CURLX_FREE(x)   curlx_free(x)
+#endif
+
 /* MultiByte conversions using Windows kernel32 library. */
 wchar_t *curlx_convert_UTF8_to_wchar(const char *str_utf8);
 char *curlx_convert_wchar_to_UTF8(const wchar_t *str_w);
 
 /* the purpose of this macro is to free() without being traced by memdebug */
-#define curlx_unicodefree(ptr) free(ptr)
+#define curlx_unicodefree(ptr) CURLX_FREE(ptr)
 
 #ifdef UNICODE
 
@@ -65,8 +73,13 @@ typedef union {
 
 #else /* !UNICODE */
 
+#ifdef CURLDEBUG
 #define curlx_convert_UTF8_to_tchar(ptr) _strdup(ptr)
 #define curlx_convert_tchar_to_UTF8(ptr) _strdup(ptr)
+#else
+#define curlx_convert_UTF8_to_tchar(ptr) curlx_strdup(ptr)
+#define curlx_convert_tchar_to_UTF8(ptr) curlx_strdup(ptr)
+#endif
 
 typedef union {
   char                *tchar_ptr;

From 5356bce6abab7e8e28a3d412b2fa2c55bfa62416 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 1 Dec 2025 19:49:50 +0100
Subject: [PATCH 1091/2408] windows: use `_strdup()` instead of `strdup()`
 where missing

To replace deprecated `strdup()` CRT calls with the recommended
`_strdup()`.

Refs:
https://learn.microsoft.com/cpp/c-runtime-library/reference/strdup-wcsdup
https://learn.microsoft.com/cpp/c-runtime-library/reference/strdup-wcsdup-mbsdup

Closes #19794
---
 docs/examples/block_ip.c | 7 +------
 lib/curl_setup.h         | 3 +--
 lib/easy.c               | 4 ++++
 tests/libtest/memptr.c   | 4 ++++
 tests/server/first.h     | 4 ++++
 5 files changed, 14 insertions(+), 8 deletions(-)

diff --git a/docs/examples/block_ip.c b/docs/examples/block_ip.c
index bf2193a263..5cd77cad0e 100644
--- a/docs/examples/block_ip.c
+++ b/docs/examples/block_ip.c
@@ -38,12 +38,6 @@ int main(void)
 }
 #else
 
-#ifdef _MSC_VER
-#ifndef _CRT_NONSTDC_NO_DEPRECATE
-#define _CRT_NONSTDC_NO_DEPRECATE  /* for strdup() */
-#endif
-#endif
-
 #ifdef _WIN32
 #if !defined(_WIN32_WINNT) || _WIN32_WINNT < 0x0600
 #undef _WIN32_WINNT
@@ -52,6 +46,7 @@ int main(void)
 #include 
 #include 
 #include 
+#define strdup _strdup
 #else
 #include 
 #include 
diff --git a/lib/curl_setup.h b/lib/curl_setup.h
index 6acac0d17a..2cc18cf414 100644
--- a/lib/curl_setup.h
+++ b/lib/curl_setup.h
@@ -91,8 +91,7 @@
 #pragma warning(disable:4127)
 /* Avoid VS2005 and upper complaining about portable C functions. */
 #ifndef _CRT_NONSTDC_NO_DEPRECATE  /* mingw-w64 v2+. MS SDK ~10+/~VS2017+. */
-#define _CRT_NONSTDC_NO_DEPRECATE  /* for close(), fileno(), strdup(),
-                                      unlink(), etc. */
+#define _CRT_NONSTDC_NO_DEPRECATE  /* for close(), fileno(), unlink(), etc. */
 #endif
 #ifndef _CRT_SECURE_NO_WARNINGS
 #define _CRT_SECURE_NO_WARNINGS  /* for getenv(), gmtime(), strcpy(),
diff --git a/lib/easy.c b/lib/easy.c
index 476f63c74d..c60819fcdc 100644
--- a/lib/easy.c
+++ b/lib/easy.c
@@ -103,7 +103,11 @@ static curl_simple_lock s_lock = CURL_SIMPLE_LOCK_INIT;
  * so the callback pointer is initialized correctly.
  */
 #ifdef HAVE_STRDUP
+#ifdef _WIN32
+#define system_strdup _strdup
+#else
 #define system_strdup strdup
+#endif
 #else
 #define system_strdup Curl_strdup
 #endif
diff --git a/tests/libtest/memptr.c b/tests/libtest/memptr.c
index 400e72c41a..fe90b01a6c 100644
--- a/tests/libtest/memptr.c
+++ b/tests/libtest/memptr.c
@@ -36,7 +36,11 @@
 curl_malloc_callback Curl_cmalloc = (curl_malloc_callback)malloc;
 curl_free_callback Curl_cfree = (curl_free_callback)free;
 curl_realloc_callback Curl_crealloc = (curl_realloc_callback)realloc;
+#ifdef _WIN32
+curl_strdup_callback Curl_cstrdup = (curl_strdup_callback)_strdup;
+#else
 curl_strdup_callback Curl_cstrdup = (curl_strdup_callback)strdup;
+#endif
 curl_calloc_callback Curl_ccalloc = (curl_calloc_callback)calloc;
 
 #if defined(_MSC_VER) && defined(_DLL)
diff --git a/tests/server/first.h b/tests/server/first.h
index 2979239ad3..316a7a622e 100644
--- a/tests/server/first.h
+++ b/tests/server/first.h
@@ -69,6 +69,10 @@ extern const struct entry_s s_entries[];
 #  define snprintf _snprintf
 #endif
 
+#ifdef _WIN32
+#  define strdup _strdup
+#endif
+
 #ifdef _WIN32
 #  define CURL_STRNICMP(p1, p2, n) _strnicmp(p1, p2, n)
 #elif defined(HAVE_STRCASECMP)

From 189fda00260b75bb2776a8ae36e3d7d36f01173e Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sat, 29 Nov 2025 23:12:47 +0100
Subject: [PATCH 1092/2408] memdebug: replace macro constant with `sizeof()`

Closes #19795
---
 lib/memdebug.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/lib/memdebug.c b/lib/memdebug.c
index b6c2d854c3..bbd7407c3c 100644
--- a/lib/memdebug.c
+++ b/lib/memdebug.c
@@ -63,8 +63,7 @@ static long memsize = 0;  /* set number of mallocs allowed */
 static struct backtrace_state *btstate;
 #endif
 
-#define KEEPSIZE 10000
-static char membuf[KEEPSIZE];
+static char membuf[10000];
 static size_t memwidx = 0; /* write index */
 
 #if defined(USE_THREADS_POSIX) || defined(USE_THREADS_WIN32)
@@ -549,7 +548,7 @@ void curl_dbg_log(const char *format, ...)
     if(lock_mutex)
       Curl_mutex_acquire(&dbg_mutex);
 #endif
-    if(KEEPSIZE - nchars < memwidx) {
+    if(sizeof(membuf) - nchars < memwidx) {
       /* flush */
       fwrite(membuf, 1, memwidx, curl_dbg_logfile);
       fflush(curl_dbg_logfile);

From 9517b41b509f1098ed0b3b7ff20b53a566fa3f5e Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 1 Dec 2025 20:08:09 +0100
Subject: [PATCH 1093/2408] multibyte: limit `curlx_convert_*wchar*()`
 functions to Unicode builds

Follow-up to ccb68d2e3b602b24a8cb52f473b96938ac998db6 #19790

Closes #19796
---
 lib/curlx/multibyte.c | 4 ++--
 lib/curlx/multibyte.h | 8 ++++----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/lib/curlx/multibyte.c b/lib/curlx/multibyte.c
index fb3b7be3e1..3a33fcedfc 100644
--- a/lib/curlx/multibyte.c
+++ b/lib/curlx/multibyte.c
@@ -29,7 +29,7 @@
 
 #include "../curl_setup.h"
 
-#ifdef _WIN32
+#if defined(_WIN32) && defined(UNICODE)
 
 #include "multibyte.h"
 
@@ -81,4 +81,4 @@ char *curlx_convert_wchar_to_UTF8(const wchar_t *str_w)
   return str_utf8;
 }
 
-#endif /* _WIN32 */
+#endif /* _WIN32 && UNICODE */
diff --git a/lib/curlx/multibyte.h b/lib/curlx/multibyte.h
index 3eae4e75bd..fd264e180e 100644
--- a/lib/curlx/multibyte.h
+++ b/lib/curlx/multibyte.h
@@ -52,15 +52,15 @@
 #define CURLX_FREE(x)   curlx_free(x)
 #endif
 
-/* MultiByte conversions using Windows kernel32 library. */
-wchar_t *curlx_convert_UTF8_to_wchar(const char *str_utf8);
-char *curlx_convert_wchar_to_UTF8(const wchar_t *str_w);
-
 /* the purpose of this macro is to free() without being traced by memdebug */
 #define curlx_unicodefree(ptr) CURLX_FREE(ptr)
 
 #ifdef UNICODE
 
+/* MultiByte conversions using Windows kernel32 library. */
+wchar_t *curlx_convert_UTF8_to_wchar(const char *str_utf8);
+char *curlx_convert_wchar_to_UTF8(const wchar_t *str_w);
+
 #define curlx_convert_UTF8_to_tchar(ptr) curlx_convert_UTF8_to_wchar((ptr))
 #define curlx_convert_tchar_to_UTF8(ptr) curlx_convert_wchar_to_UTF8((ptr))
 

From 58673ac8373c0d3baa0e5a3530e36a1095321a2b Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 1 Dec 2025 21:07:56 +0100
Subject: [PATCH 1094/2408] runtests: fix Perl warning

```
Use of uninitialized value $cmdhash{"option"} in pattern match (m//) at tests/runtests.pl line 1753.
```
Ref: https://github.com/curl/curl/actions/runs/19833947198/job/56831923295?pr=19794#step:13:3694

Follow-up to 02aa75a8c240af1a8912145497806e8925859a87 #19752
Closes #19797
---
 tests/runtests.pl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/runtests.pl b/tests/runtests.pl
index 1bde3f3afc..d0455d2243 100755
--- a/tests/runtests.pl
+++ b/tests/runtests.pl
@@ -1750,7 +1750,7 @@ sub singletest_check {
         if(! -f "$logdir/$MEMDUMP") {
             my %cmdhash = getpartattr("client", "command");
             my $cmdtype = $cmdhash{'type'} || "default";
-            if($cmdhash{'option'} !~ /no-memdebug/) {
+            if($cmdhash{'option'} && $cmdhash{'option'} !~ /no-memdebug/) {
                 logmsg "\n** ALERT! memory tracking with no output file?\n"
                     if($cmdtype ne "perl");
             }

From 85a6936d7669748983ec340519df325eea9c9333 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 1 Dec 2025 16:32:39 +0100
Subject: [PATCH 1095/2408] libssh2: consider strdup() failures OOM and return
 correctly

In the ssh_state_pkey_init function.

Closes #19791
---
 lib/vssh/libssh2.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c
index 8701775d7d..4437724fcf 100644
--- a/lib/vssh/libssh2.c
+++ b/lib/vssh/libssh2.c
@@ -1205,8 +1205,11 @@ static CURLcode ssh_state_pkey_init(struct Curl_easy *data,
 
     sshc->rsa_pub = sshc->rsa = NULL;
 
-    if(data->set.str[STRING_SSH_PRIVATE_KEY])
+    if(data->set.str[STRING_SSH_PRIVATE_KEY]) {
       sshc->rsa = curlx_strdup(data->set.str[STRING_SSH_PRIVATE_KEY]);
+      if(!sshc->rsa)
+        out_of_memory = TRUE;
+    }
     else {
       /* To ponder about: should really the lib be messing about with the
          HOME environment variable etc? */
@@ -1251,7 +1254,7 @@ static CURLcode ssh_state_pkey_init(struct Curl_easy *data,
      * libssh2 extract the public key from the private key file.
      * This is done by simply passing sshc->rsa_pub = NULL.
      */
-    if(data->set.str[STRING_SSH_PUBLIC_KEY]
+    if(!out_of_memory && data->set.str[STRING_SSH_PUBLIC_KEY]
        /* treat empty string the same way as NULL */
        && data->set.str[STRING_SSH_PUBLIC_KEY][0]) {
       sshc->rsa_pub = curlx_strdup(data->set.str[STRING_SSH_PUBLIC_KEY]);

From dc29590d6061931d054132cb701512a8b7305e7c Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Mon, 1 Dec 2025 18:08:25 +0100
Subject: [PATCH 1096/2408] memdebug: log socket close before closing

To not get a mixup in the memdebug log order.

Closes #19793
---
 lib/memdebug.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/lib/memdebug.c b/lib/memdebug.c
index bbd7407c3c..7eae1708b7 100644
--- a/lib/memdebug.c
+++ b/lib/memdebug.c
@@ -468,9 +468,8 @@ void curl_dbg_mark_sclose(curl_socket_t sockfd, int line, const char *source)
 /* this is our own defined way to close sockets on *ALL* platforms */
 int curl_dbg_sclose(curl_socket_t sockfd, int line, const char *source)
 {
-  int res = CURL_SCLOSE(sockfd);
   curl_dbg_mark_sclose(sockfd, line, source);
-  return res;
+  return CURL_SCLOSE(sockfd);
 }
 
 ALLOC_FUNC

From 055f1a3d02f656feb31a1246392473f6ac0e186f Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 2 Dec 2025 09:16:20 +0100
Subject: [PATCH 1097/2408] RELEASE-NOTES: synced

---
 RELEASE-NOTES | 84 +++++++++++++++++++++++++++++++++++++++++++++------
 1 file changed, 75 insertions(+), 9 deletions(-)

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 2dbac34d0f..136176ce79 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -4,7 +4,7 @@ curl and libcurl 8.18.0
  Command line options:         273
  curl_easy_setopt() options:   308
  Public functions in libcurl:  100
- Contributors:                 3553
+ Contributors:                 3554
 
 This release includes the following changes:
 
@@ -22,6 +22,7 @@ This release includes the following bugfixes:
  o asyn-ares: handle Curl_dnscache_mk_entry() OOM error [199]
  o asyn-ares: remove hostname free on OOM [122]
  o asyn-thrdd: release rrname if ares_init_options fails [41]
+ o auth: always treat Curl_auth_ntlm_get() returning NULL as OOM [186]
  o autotools: add nettle library detection via pkg-config (for GnuTLS) [178]
  o autotools: drop autoconf <2.59 compatibility code (zz60-xc-ovr) [70]
  o badwords: fix issues found in scripts and other files [142]
@@ -31,14 +32,19 @@ This release includes the following bugfixes:
  o build: tidy-up MSVC CRT warning suppression macros [140]
  o ccsidcurl: make curl_mime_data_ccsid() use the converted size [74]
  o cf-https-connect: allocate ctx at first in cf_hc_create() [79]
+ o cf-socket: drop feature check for `IPV6_V6ONLY` on Windows [210]
  o cf-socket: limit use of `TCP_KEEP*` to Windows 10.0.16299+ at runtime [157]
  o cf-socket: trace ignored errors [97]
  o cfilters: make conn_forget_socket a private libssh function [109]
  o checksrc.pl: detect assign followed by more than one space [26]
  o cmake: adjust defaults for target platforms not supporting shared libs [35]
+ o cmake: define dependencies as `IMPORTED` interface targets [223]
  o cmake: disable `CURL_CA_PATH` auto-detection if `USE_APPLE_SECTRUST=ON` [16]
+ o cmake: fix `ws2_32` reference in `curl-config.cmake` [201]
  o cmake: honor `CURL_DISABLE_INSTALL` and `CURL_ENABLE_EXPORT_TARGET` [106]
+ o cmake: save and restore `CMAKE_MODULE_PATH` in `curl-config.cmake` [222]
  o code: minor indent fixes before closing braces [107]
+ o CODE_STYLE.md: sync banned function list with checksrc.pl [243]
  o config2setopts: bail out if curl_url_get() returns OOM [102]
  o config2setopts: exit if curl_url_set() fails on OOM [105]
  o conncache: silence `-Wnull-dereference` on gcc 14 RISC-V 64 [17]
@@ -52,15 +58,18 @@ This release includes the following bugfixes:
  o curl_sasl: make Curl_sasl_decode_mech compare case insensitively [160]
  o curl_setup.h: document more funcs flagged by `_CRT_SECURE_NO_WARNINGS` [124]
  o curl_setup.h: drop stray `#undef stat` (Windows) [103]
+ o curl_setup.h: drop superfluous parenthesis from `Curl_safefree` macro [242]
  o CURLINFO: remove 'get' and 'get the' from each short desc [50]
  o CURLINFO_SCHEME/PROTOCOL: they return the "scheme" for a "transfer" [48]
  o CURLINFO_TLS_SSL_PTR.md: remove CURLINFO_TLS_SESSION text [49]
  o CURLOPT_READFUNCTION.md: clarify the size of the buffer [47]
  o CURLOPT_SSH_KEYFUNCTION.md: fix minor indent mistake in example
  o curlx/fopen: replace open CRT functions their with `_s` counterparts (Windows) [204]
+ o curlx/multibyte: stop setting macros for non-Windows [226]
  o curlx/strerr: use `strerror_s()` on Windows [75]
  o curlx: replace `mbstowcs`/`wcstombs` with `_s` counterparts (Windows) [143]
  o curlx: replace `sprintf` with `snprintf` [194]
+ o curlx: use curlx allocators in non-memdebug builds (Windows) [155]
  o digest_sspi: fix a memory leak on error path [149]
  o digest_sspi: properly free sspi identity [12]
  o DISTROS.md: add OpenBSD [126]
@@ -68,6 +77,7 @@ This release includes the following bugfixes:
  o docs: fix checksrc `EQUALSPACE` warnings [21]
  o docs: mention umask need when curl creates files [56]
  o docs: spell it Rustls with a capital R [181]
+ o example: fix formatting nits [232]
  o examples/crawler: fix variable [92]
  o examples/multi-uv: fix invalid req->data access [177]
  o examples/multithread: fix race condition [101]
@@ -86,34 +96,47 @@ This release includes the following bugfixes:
  o hostip: make more functions return CURLcode [202]
  o hostip: only store negative response for CURLE_COULDNT_RESOLVE_HOST [183]
  o hsts: propagate and error out correctly on OOM [130]
+ o http: acknowledge OOM errors from Curl_input_ntlm [185]
  o http: avoid two strdup()s and do minor simplifications [144]
  o http: error on OOM when creating range header [59]
  o http: fix OOM exit in Curl_http_follow [179]
+ o http: handle oom error from Curl_input_digest() [192]
  o http: replace atoi use in Curl_http_follow with curlx_str_number [65]
  o http: the :authority header should never contain user+password [147]
+ o idn: fix memory leak in `win32_ascii_to_idn()` [173]
+ o idn: use curlx allocators on Windows [165]
+ o imap: make sure Curl_pgrsSetDownloadSize() does not overflow [200]
  o INSTALL-CMAKE.md: document static option defaults more [37]
+ o krb5: fix detecting channel binding feature [187]
  o krb5_sspi: unify a part of error handling [80]
+ o lib/sendf.h: forward declare two structs [221]
  o lib: cleanup for some typos about spaces and code style [3]
  o lib: eliminate size_t casts [112]
  o lib: error for OOM when extracting URL query [127]
+ o lib: fix formatting nits [215]
  o lib: fix gssapi.h include on IBMi [55]
  o lib: refactor the type of funcs which have useless return and checks [1]
  o lib: replace `_tcsncpy`/`wcsncpy`/`wcscpy` with `_s` counterparts (Windows) [164]
  o lib: timer stats improvements [190]
  o libssh2: add paths to error messages for quote commands [114]
  o libssh2: cleanup ssh_force_knownhost_key_type [64]
+ o libssh2: consider strdup() failures OOM and return correctly [72]
  o libssh2: replace atoi() in ssh_force_knownhost_key_type [63]
+ o libssh: fix state machine loop to progress as it should
  o libssh: properly free sftp_attributes [153]
  o libtests: replace `atoi()` with `curlx_str_number()` [120]
  o limit-rate: add example using --limit-rate and --max-time together [89]
  o m4/sectrust: fix test(1) operator [4]
  o manage: expand the 'libcurl support required' message [208]
  o mbedtls: fix potential use of uninitialized `nread` [8]
+ o mbedtls_threadlock: avoid calloc, use array [244]
+ o memdebug: add mutex for thread safety [184]
  o mk-ca-bundle.pl: default to SHA256 fingerprints with `-t` option [73]
  o mk-ca-bundle.pl: use `open()` with argument list to replace backticks [71]
  o mqtt: reject overly big messages [39]
  o multi: make max_total_* members size_t [158]
  o multi: simplify admin handle processing [189]
+ o multibyte: limit `curlx_convert_*wchar*()` functions to Unicode builds [135]
  o ngtcp2+openssl: fix leak of session [172]
  o ngtcp2: remove the unused Curl_conn_is_ngtcp2 function [85]
  o noproxy: replace atoi with curlx_str_number [67]
@@ -134,10 +157,14 @@ This release includes the following bugfixes:
  o ratelimit: redesign [209]
  o rtmp: fix double-free on URL parse errors [27]
  o rtmp: precaution for a potential integer truncation [54]
+ o rtmp: stop redefining `setsockopt` system symbol on Windows [211]
  o runtests: detect bad libssh differently for test 1459 [11]
  o runtests: drop Python 2 support remains [45]
+ o runtests: enable torture testing with threaded resolver [176]
  o rustls: fix a potential memory issue [81]
  o rustls: minor adjustment of sizeof() [38]
+ o rustls: simplify init err path [219]
+ o rustls: verify that verifier_builder is not NULL [220]
  o schannel: fix memory leak of cert_store_path on four error paths [23]
  o schannel: replace atoi() with curlx_str_number() [119]
  o schannel_verify: fix a memory leak of cert_context [152]
@@ -151,6 +178,7 @@ This release includes the following bugfixes:
  o socks_sspi: use free() not FreeContextBuffer() [93]
  o speedcheck: do not trigger low speed cancel on transfers with CURL_READFUNC_PAUSE [113]
  o speedlimit: also reset on send unpausing [197]
+ o ssh: tracing and better pollset handling [230]
  o telnet: replace atoi for BINARY handling with curlx_str_number [66]
  o TEST-SUITE.md: correct the man page's path [136]
  o test07_22: fix flakiness [95]
@@ -161,6 +189,7 @@ This release includes the following bugfixes:
  o tests/server: do not fall back to original data file in `test2fopen()` [32]
  o tests/server: replace `atoi()` and `atol()` with `curlx_str_number()` [110]
  o tests: allow 2500-2503 to use ~2MB malloc [31]
+ o tests: fix formatting nits [225]
  o tftp: release filename if conn_get_remote_addr fails [42]
  o tftpd: fix/tidy up `open()` mode flags [57]
  o tidy-up: move `CURL_UNCONST()` out from macro `curl_unicodefree()` [121]
@@ -172,14 +201,17 @@ This release includes the following bugfixes:
  o tool_help: add checks to avoid unsigned wrap around [14]
  o tool_ipfs: check return codes better [20]
  o tool_msgs: make voutf() use stack instead of heap [125]
+ o tool_operatate: return error for OOM in append2query [217]
  o tool_operate: exit on curl_share_setopt errors [108]
  o tool_operate: fix a case of ignoring return code in operate() [128]
  o tool_operate: fix case of ignoring return code in single_transfer [129]
  o tool_operate: remove redundant condition [19]
  o tool_operate: use curlx_str_number instead of atoi [68]
  o tool_paramhlp: refuse --proto remove all protocols [10]
+ o tool_urlglob: acknowledge OOM in peek_ipv6 [175]
  o tool_urlglob: clean up used memory on errors better [44]
  o tool_writeout: bail out proper on OOM [104]
+ o url: fix return code for OOM in parse_proxy() [193]
  o url: if OOM in parse_proxy() return error [132]
  o urlapi: fix mem-leaks in curl_url_get error paths [22]
  o urlapi: handle OOM properly when setting URL [180]
@@ -191,6 +223,7 @@ This release includes the following bugfixes:
  o vtls: handle possible malicious certs_num from peer [53]
  o vtls: pinned key check [98]
  o wcurl: import v2025.11.09 [29]
+ o windows: use `_strdup()` instead of `strdup()` where missing [145]
  o wolfSSL: able to differentiate between IP and DNS in alt names [13]
  o wolfssl: avoid NULL dereference in OOM situation [77]
  o wolfssl: fix a potential memory leak of session [6]
@@ -219,14 +252,15 @@ advice from friends like these:
 
   Aleksandr Sergeev, Aleksei Bavshin, Andrew Kirillov, BANADDA, boingball,
   Brad King, bttrfl on github, Christian Schmitz, Dan Fandrich,
-  Daniel McCarney, Daniel Stenberg, Fd929c2CE5fA on github, ffath-vo on github,
-  Gisle Vanem, Jiyong Yang, Juliusz Sosinowicz, Leonardo Taccari,
-  letshack9707 on hackerone, Marc Aldorasi, Marcel Raad, nait-furry,
-  ncaklovic on github, Nick Korepanov, Omdahake on github, Patrick Monnerat,
-  pelioro on hackerone, Ray Satiro, renovate[bot], Samuel Henrique,
-  st751228051 on github, Stanislav Fort, Stefan Eissing, Sunny,
-  Thomas Klausner, Viktor Szakats, Wesley Moore, Xiaoke Wang, Yedaya Katsman
-  (38 contributors)
+  Daniel McCarney, Daniel Stenberg, Deniz Parlak, Fd929c2CE5fA on github,
+  ffath-vo on github, Gisle Vanem, Jiyong Yang, Juliusz Sosinowicz, Kai Pastor,
+  Leonardo Taccari, letshack9707 on hackerone, Marc Aldorasi, Marcel Raad,
+  Max Faxälv, nait-furry, ncaklovic on github, Nick Korepanov,
+  Omdahake on github, Patrick Monnerat, pelioro on hackerone, Ray Satiro,
+  renovate[bot], Samuel Henrique, st751228051 on github, Stanislav Fort,
+  Stefan Eissing, Sunny, Thomas Klausner, Viktor Szakats, Wesley Moore,
+  Xiaoke Wang, Yedaya Katsman
+  (41 contributors)
 
 References to bug reports and discussions on issues:
 
@@ -300,6 +334,7 @@ References to bug reports and discussions on issues:
  [69] = https://curl.se/bug/?i=17927
  [70] = https://curl.se/bug/?i=19464
  [71] = https://curl.se/bug/?i=19461
+ [72] = https://curl.se/bug/?i=19791
  [73] = https://curl.se/bug/?i=19359
  [74] = https://curl.se/bug/?i=19465
  [75] = https://curl.se/bug/?i=19646
@@ -361,6 +396,7 @@ References to bug reports and discussions on issues:
  [132] = https://curl.se/bug/?i=19590
  [133] = https://curl.se/bug/?i=19471
  [134] = https://curl.se/bug/?i=19583
+ [135] = https://curl.se/bug/?i=19796
  [136] = https://curl.se/bug/?i=19586
  [137] = https://curl.se/bug/?i=19578
  [138] = https://curl.se/bug/?i=19580
@@ -369,6 +405,7 @@ References to bug reports and discussions on issues:
  [142] = https://curl.se/bug/?i=19572
  [143] = https://curl.se/bug/?i=19581
  [144] = https://curl.se/bug/?i=19571
+ [145] = https://curl.se/bug/?i=19794
  [146] = https://curl.se/bug/?i=19543
  [147] = https://curl.se/bug/?i=19568
  [148] = https://curl.se/bug/?i=19569
@@ -378,6 +415,7 @@ References to bug reports and discussions on issues:
  [152] = https://curl.se/bug/?i=19556
  [153] = https://curl.se/bug/?i=19564
  [154] = https://curl.se/bug/?i=19566
+ [155] = https://curl.se/bug/?i=19788
  [156] = https://curl.se/bug/?i=19541
  [157] = https://curl.se/bug/?i=19520
  [158] = https://curl.se/bug/?i=19618
@@ -387,29 +425,57 @@ References to bug reports and discussions on issues:
  [162] = https://curl.se/bug/?i=19636
  [163] = https://curl.se/bug/?i=19637
  [164] = https://curl.se/bug/?i=19589
+ [165] = https://curl.se/bug/?i=19790
  [166] = https://curl.se/bug/?i=19615
  [167] = https://curl.se/bug/?i=19609
  [168] = https://curl.se/bug/?i=19612
  [170] = https://curl.se/bug/?i=19333
  [171] = https://curl.se/bug/?i=19714
  [172] = https://curl.se/bug/?i=19717
+ [173] = https://curl.se/bug/?i=19789
+ [175] = https://curl.se/bug/?i=19784
+ [176] = https://curl.se/bug/?i=19786
  [177] = https://curl.se/bug/?i=19462
  [178] = https://curl.se/bug/?i=19703
  [179] = https://curl.se/bug/?i=19705
  [180] = https://curl.se/bug/?i=19704
  [181] = https://curl.se/bug/?i=19702
  [183] = https://curl.se/bug/?i=19701
+ [184] = https://curl.se/bug/?i=19785
+ [185] = https://curl.se/bug/?i=19781
+ [186] = https://curl.se/bug/?i=19782
+ [187] = https://curl.se/bug/?i=19164
  [189] = https://curl.se/bug/?i=19604
  [190] = https://curl.se/bug/?i=19269
  [191] = https://curl.se/bug/?i=19663
+ [192] = https://curl.se/bug/?i=19780
+ [193] = https://curl.se/bug/?i=19779
  [194] = https://curl.se/bug/?i=19681
  [195] = https://curl.se/bug/?i=19692
  [196] = https://curl.se/bug/?i=19692
  [197] = https://curl.se/bug/?i=19687
  [198] = https://curl.se/bug/?i=19689
  [199] = https://curl.se/bug/?i=19688
+ [200] = https://curl.se/bug/?i=19774
+ [201] = https://curl.se/bug/?i=19775
  [202] = https://curl.se/bug/?i=19669
  [203] = https://curl.se/bug/?i=19683
  [204] = https://curl.se/bug/?i=19643
  [208] = https://curl.se/bug/?i=19665
  [209] = https://curl.se/bug/?i=19384
+ [210] = https://curl.se/bug/?i=19769
+ [211] = https://curl.se/bug/?i=19768
+ [215] = https://curl.se/bug/?i=19764
+ [217] = https://curl.se/bug/?i=19763
+ [219] = https://curl.se/bug/?i=19759
+ [220] = https://curl.se/bug/?i=19756
+ [221] = https://curl.se/bug/?i=19761
+ [222] = https://curl.se/bug/?i=16973
+ [223] = https://curl.se/bug/?i=16973
+ [225] = https://curl.se/bug/?i=19754
+ [226] = https://curl.se/bug/?i=19751
+ [230] = https://curl.se/bug/?i=19745
+ [232] = https://curl.se/bug/?i=19746
+ [242] = https://curl.se/bug/?i=19734
+ [243] = https://curl.se/bug/?i=19733
+ [244] = https://curl.se/bug/?i=19732

From 8dedcce7a3b8f32633ba7b546ae55bb7f5017fd1 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 2 Dec 2025 10:13:32 +0100
Subject: [PATCH 1098/2408] RELEASE-NOTES: fix typo

---
 RELEASE-NOTES | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 136176ce79..512bc5425d 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -201,11 +201,11 @@ This release includes the following bugfixes:
  o tool_help: add checks to avoid unsigned wrap around [14]
  o tool_ipfs: check return codes better [20]
  o tool_msgs: make voutf() use stack instead of heap [125]
- o tool_operatate: return error for OOM in append2query [217]
  o tool_operate: exit on curl_share_setopt errors [108]
  o tool_operate: fix a case of ignoring return code in operate() [128]
  o tool_operate: fix case of ignoring return code in single_transfer [129]
  o tool_operate: remove redundant condition [19]
+ o tool_operate: return error for OOM in append2query [217]
  o tool_operate: use curlx_str_number instead of atoi [68]
  o tool_paramhlp: refuse --proto remove all protocols [10]
  o tool_urlglob: acknowledge OOM in peek_ipv6 [175]

From c1c3487d7902799412823cb71df7af6af0df36a1 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 2 Dec 2025 09:53:00 +0100
Subject: [PATCH 1099/2408] curl_gssapi: make sure Curl_gss_log_error() has an
 initialized buffer

Reported-by: Stanislav Fort (Aisle Research)

Closes #19802
---
 lib/curl_gssapi.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/curl_gssapi.c b/lib/curl_gssapi.c
index edd555db79..7f5bd72954 100644
--- a/lib/curl_gssapi.c
+++ b/lib/curl_gssapi.c
@@ -428,7 +428,7 @@ static size_t display_gss_error(OM_uint32 status, int type,
 void Curl_gss_log_error(struct Curl_easy *data, const char *prefix,
                         OM_uint32 major, OM_uint32 minor)
 {
-  char buf[GSS_LOG_BUFFER_LEN];
+  char buf[GSS_LOG_BUFFER_LEN] = "";
   size_t len = 0;
 
   if(major != GSS_S_FAILURE)

From 4f2374810ab50802c94400dad26c60771b3fa0ff Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 2 Dec 2025 11:13:49 +0100
Subject: [PATCH 1100/2408] DEPRECATE.md: remove OpenSSL-QUIC in January 2026
 instead

Move it up two months. It was only ever experimental so this cannot
interfere with any production code so shorten the "quarantine".

Closes #19805
---
 docs/DEPRECATE.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/DEPRECATE.md b/docs/DEPRECATE.md
index 1629af1fff..2a3cbfc78d 100644
--- a/docs/DEPRECATE.md
+++ b/docs/DEPRECATE.md
@@ -36,7 +36,7 @@ stack.
  - curl users building with vanilla OpenSSL can still use QUIC through the
    means of ngtcp2
 
-We remove the OpenSSL-QUIC backend in March 2026.
+We remove the OpenSSL-QUIC backend in January 2026.
 
 ## RTMP
 

From b30c1b97b97cdbe7cc6f638c90f8b60e2036ad27 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Tue, 2 Dec 2025 13:42:29 +0100
Subject: [PATCH 1101/2408] quiche: use client writer

Instead of buffering response body data until it is received by the
transfer loop, write the response data directly to the client.

Use a connection wide scratch buffer to get the response body from
quiche. Eliminates need for maintaining individual buffers for each
stream.

Fixes #19803
Reported-by: Stanislav Fort
Closes #19806
---
 lib/vquic/curl_quiche.c | 385 +++++++++++++++++++---------------------
 1 file changed, 185 insertions(+), 200 deletions(-)

diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c
index 45f606ec61..9133110852 100644
--- a/lib/vquic/curl_quiche.c
+++ b/lib/vquic/curl_quiche.c
@@ -89,8 +89,9 @@ struct cf_quiche_ctx {
   uint8_t scid[QUICHE_MAX_CONN_ID_LEN];
   struct curltime started_at;        /* time the current attempt started */
   struct curltime handshake_at;      /* time connect handshake finished */
-  struct bufc_pool stream_bufcp;     /* chunk pool for streams */
   struct uint_hash streams;          /* hash `data->mid` to `stream_ctx` */
+  struct dynbuf scratch;             /* temp buffer for header construction */
+  struct bufq writebuf;              /* temp buffer for writing bodies */
   curl_off_t data_recvd;
   BIT(initialized);
   BIT(goaway);                       /* got GOAWAY from server */
@@ -119,9 +120,10 @@ static void cf_quiche_ctx_init(struct cf_quiche_ctx *ctx)
     debug_log_init = 1;
   }
 #endif
-  Curl_bufcp_init(&ctx->stream_bufcp, H3_STREAM_CHUNK_SIZE,
-                  H3_STREAM_POOL_SPARES);
+  curlx_dyn_init(&ctx->scratch, CURL_MAX_HTTP_HEADER);
   Curl_uint32_hash_init(&ctx->streams, 63, h3_stream_hash_free);
+  Curl_bufq_init2(&ctx->writebuf, H3_STREAM_CHUNK_SIZE, H3_STREAM_RECV_CHUNKS,
+                  BUFQ_OPT_SOFT_LIMIT);
   ctx->data_recvd = 0;
   ctx->initialized = TRUE;
 }
@@ -134,8 +136,9 @@ static void cf_quiche_ctx_free(struct cf_quiche_ctx *ctx)
     Curl_vquic_tls_cleanup(&ctx->tls);
     Curl_ssl_peer_cleanup(&ctx->peer);
     vquic_ctx_free(&ctx->q);
-    Curl_bufcp_free(&ctx->stream_bufcp);
     Curl_uint32_hash_destroy(&ctx->streams);
+    curlx_dyn_free(&ctx->scratch);
+    Curl_bufq_free(&ctx->writebuf);
   }
   curlx_free(ctx);
 }
@@ -168,9 +171,10 @@ static CURLcode cf_flush_egress(struct Curl_cfilter *cf,
  */
 struct h3_stream_ctx {
   uint64_t id;             /* HTTP/3 protocol stream identifier */
-  struct bufq recvbuf;     /* h3 response */
   struct h1_req_parser h1; /* h1 request parsing */
   uint64_t error3;         /* HTTP/3 stream error code */
+  int status_code;         /* HTTP status code */
+  CURLcode xfer_result;    /* result from cf_quiche_write_(hd/body) */
   BIT(opened);             /* TRUE after stream has been opened */
   BIT(closed);             /* TRUE on stream close */
   BIT(reset);              /* TRUE on stream reset */
@@ -182,7 +186,6 @@ struct h3_stream_ctx {
 
 static void h3_stream_ctx_free(struct h3_stream_ctx *stream)
 {
-  Curl_bufq_free(&stream->recvbuf);
   Curl_h1_req_parse_free(&stream->h1);
   curlx_free(stream);
 }
@@ -252,6 +255,7 @@ static bool cf_quiche_do_expire(struct Curl_cfilter *cf,
   (void)stream;
   (void)user_data;
   CURL_TRC_CF(sdata, cf, "conn closed, mark as dirty");
+  stream->xfer_result = CURLE_SEND_ERROR;
   Curl_multi_mark_dirty(sdata);
   return TRUE;
 }
@@ -270,8 +274,6 @@ static CURLcode h3_data_setup(struct Curl_cfilter *cf,
     return CURLE_OUT_OF_MEMORY;
 
   stream->id = -1;
-  Curl_bufq_initp(&stream->recvbuf, &ctx->stream_bufcp,
-                  H3_STREAM_RECV_CHUNKS, BUFQ_OPT_SOFT_LIMIT);
   Curl_h1_req_parse_init(&stream->h1, H1_PARSE_DEFAULT_MAX_LINE_LEN);
 
   if(!Curl_uint32_hash_set(&ctx->streams, data->mid, stream)) {
@@ -282,28 +284,38 @@ static CURLcode h3_data_setup(struct Curl_cfilter *cf,
   return CURLE_OK;
 }
 
+static void cf_quiche_stream_close(struct Curl_cfilter *cf,
+                                   struct Curl_easy *data,
+                                   struct h3_stream_ctx *stream)
+{
+  struct cf_quiche_ctx *ctx = cf->ctx;
+  CURLcode result;
+
+  if(ctx->qconn && !stream->closed) {
+    quiche_conn_stream_shutdown(ctx->qconn, stream->id,
+                                QUICHE_SHUTDOWN_READ, CURL_H3_NO_ERROR);
+    if(!stream->send_closed) {
+      quiche_conn_stream_shutdown(ctx->qconn, stream->id,
+                                  QUICHE_SHUTDOWN_WRITE, CURL_H3_NO_ERROR);
+      stream->send_closed = TRUE;
+    }
+    stream->closed = TRUE;
+    result = cf_flush_egress(cf, data);
+    if(result)
+      CURL_TRC_CF(data, cf, "[%" PRIu64 "] stream close, flush egress -> %d",
+                  stream->id, result);
+  }
+}
+
 static void h3_data_done(struct Curl_cfilter *cf, struct Curl_easy *data)
 {
   struct cf_quiche_ctx *ctx = cf->ctx;
   struct h3_stream_ctx *stream = H3_STREAM_CTX(ctx, data);
-  CURLcode result;
 
   (void)cf;
   if(stream) {
     CURL_TRC_CF(data, cf, "[%" PRIu64 "] easy handle is done", stream->id);
-    if(ctx->qconn && !stream->closed) {
-      quiche_conn_stream_shutdown(ctx->qconn, stream->id,
-                                  QUICHE_SHUTDOWN_READ, CURL_H3_NO_ERROR);
-      if(!stream->send_closed) {
-        quiche_conn_stream_shutdown(ctx->qconn, stream->id,
-                                    QUICHE_SHUTDOWN_WRITE, CURL_H3_NO_ERROR);
-        stream->send_closed = TRUE;
-      }
-      stream->closed = TRUE;
-      result = cf_flush_egress(cf, data);
-      if(result)
-        CURL_TRC_CF(data, cf, "data_done, flush egress -> %d", result);
-    }
+    cf_quiche_stream_close(cf, data, stream);
     Curl_uint32_hash_remove(&ctx->streams, data->mid);
   }
 }
@@ -316,39 +328,29 @@ static void cf_quiche_expire_conn_closed(struct Curl_cfilter *cf,
   cf_quiche_for_all_streams(cf, data->multi, cf_quiche_do_expire, NULL);
 }
 
-/*
- * write_resp_raw() copies response data in raw format to the `data`'s
- * receive buffer. If not enough space is available, it appends to the
- * `data`'s overflow buffer.
- */
-static CURLcode write_resp_raw(struct Curl_cfilter *cf,
+static void cf_quiche_write_hd(struct Curl_cfilter *cf,
                                struct Curl_easy *data,
-                               const void *mem, size_t memlen)
+                               struct h3_stream_ctx *stream,
+                               const char *buf, size_t blen, bool eos)
 {
-  struct cf_quiche_ctx *ctx = cf->ctx;
-  struct h3_stream_ctx *stream = H3_STREAM_CTX(ctx, data);
-  CURLcode result = CURLE_OK;
-  size_t nwritten;
-
-  (void)cf;
-  if(!stream)
-    return CURLE_RECV_ERROR;
-  result = Curl_bufq_write(&stream->recvbuf, mem, memlen, &nwritten);
-  if(result)
-    return result;
-
-  if(nwritten < memlen) {
-    /* This MUST not happen. Our recbuf is dimensioned to hold the
-     * full max_stream_window and then some for this reason. */
-    DEBUGASSERT(0);
-    return CURLE_RECV_ERROR;
+  /* This function returns no error intentionally, but records
+   * the result at the stream, skipping further writes once the
+   * `result` of the transfer is known.
+   * The stream is subsequently cancelled "higher up" in the filter's
+   * send/recv callbacks. Closing the stream here leads to SEND/RECV
+   * errors in other places that then overwrite the transfer's result. */
+  if(!stream->xfer_result) {
+    stream->xfer_result = Curl_xfer_write_resp_hd(data, buf, blen, eos);
+    if(stream->xfer_result)
+      CURL_TRC_CF(data, cf, "[%" PRId64 "] error %d writing %zu "
+                  "bytes of headers", stream->id, stream->xfer_result, blen);
   }
-  return result;
 }
 
 struct cb_ctx {
   struct Curl_cfilter *cf;
   struct Curl_easy *data;
+  struct h3_stream_ctx *stream;
 };
 
 static int cb_each_header(uint8_t *name, size_t name_len,
@@ -356,39 +358,59 @@ static int cb_each_header(uint8_t *name, size_t name_len,
                           void *argp)
 {
   struct cb_ctx *x = argp;
-  struct cf_quiche_ctx *ctx = x->cf->ctx;
-  struct h3_stream_ctx *stream = H3_STREAM_CTX(ctx, x->data);
+  struct Curl_cfilter *cf = x->cf;
+  struct Curl_easy *data = x->data;
+  struct h3_stream_ctx *stream = x->stream;
+  struct cf_quiche_ctx *ctx = cf->ctx;
   CURLcode result;
 
-  if(!stream)
-    return CURLE_OK;
+  if(!stream || stream->xfer_result)
+    return 1; /* abort iteration */
 
   if((name_len == 7) && !strncmp(HTTP_PSEUDO_STATUS, (char *)name, 7)) {
-    CURL_TRC_CF(x->data, x->cf, "[%" PRIu64 "] status: %.*s",
-                stream->id, (int)value_len, value);
-    result = write_resp_raw(x->cf, x->data, "HTTP/3 ", sizeof("HTTP/3 ") - 1);
+    curlx_dyn_reset(&ctx->scratch);
+    result = Curl_http_decode_status(&stream->status_code,
+                                     (const char *)value, value_len);
     if(!result)
-      result = write_resp_raw(x->cf, x->data, value, value_len);
+      result = curlx_dyn_addn(&ctx->scratch, STRCONST("HTTP/3 "));
     if(!result)
-      result = write_resp_raw(x->cf, x->data, " \r\n", 3);
+      result = curlx_dyn_addn(&ctx->scratch,
+                              (const char *)value, value_len);
+    if(!result)
+      result = curlx_dyn_addn(&ctx->scratch, STRCONST(" \r\n"));
+    if(!result)
+      cf_quiche_write_hd(cf, data, stream, curlx_dyn_ptr(&ctx->scratch),
+                         curlx_dyn_len(&ctx->scratch), FALSE);
+    CURL_TRC_CF(data, cf, "[%" PRId64 "] status: %s",
+                stream->id, curlx_dyn_ptr(&ctx->scratch));
   }
   else {
-    CURL_TRC_CF(x->data, x->cf, "[%" PRIu64 "] header: %.*s: %.*s",
+    /* store as an HTTP1-style header */
+    CURL_TRC_CF(data, cf, "[%" PRId64 "] header: %.*s: %.*s",
                 stream->id, (int)name_len, name,
                 (int)value_len, value);
-    result = write_resp_raw(x->cf, x->data, name, name_len);
+    curlx_dyn_reset(&ctx->scratch);
+    result = curlx_dyn_addn(&ctx->scratch,
+                            (const char *)name, name_len);
     if(!result)
-      result = write_resp_raw(x->cf, x->data, ": ", 2);
+      result = curlx_dyn_addn(&ctx->scratch, STRCONST(": "));
     if(!result)
-      result = write_resp_raw(x->cf, x->data, value, value_len);
+      result = curlx_dyn_addn(&ctx->scratch,
+                              (const char *)value, value_len);
     if(!result)
-      result = write_resp_raw(x->cf, x->data, "\r\n", 2);
+      result = curlx_dyn_addn(&ctx->scratch, STRCONST("\r\n"));
+    if(!result)
+      cf_quiche_write_hd(cf, data, stream, curlx_dyn_ptr(&ctx->scratch),
+                         curlx_dyn_len(&ctx->scratch), FALSE);
   }
+
   if(result) {
     CURL_TRC_CF(x->data, x->cf, "[%" PRIu64 "] on header error %d",
                 stream->id, result);
+    if(!stream->xfer_result)
+      stream->xfer_result = result;
   }
-  return result;
+  return stream->xfer_result ? 1 : 0;
 }
 
 static CURLcode stream_resp_read(void *reader_ctx,
@@ -410,94 +432,99 @@ static CURLcode stream_resp_read(void *reader_ctx,
   return CURLE_OK;
 }
 
-static CURLcode cf_recv_body(struct Curl_cfilter *cf,
-                             struct Curl_easy *data)
+static void cf_quiche_flush_body(struct Curl_cfilter *cf,
+                                 struct Curl_easy *data,
+                                 struct h3_stream_ctx *stream)
+{
+  struct cf_quiche_ctx *ctx = cf->ctx;
+  const uint8_t *buf;
+  size_t blen;
+
+  while(stream && !stream->xfer_result) {
+    if(Curl_bufq_peek(&ctx->writebuf, &buf, &blen)) {
+      stream->xfer_result = Curl_xfer_write_resp(
+        data, (const char *)buf, blen, FALSE);
+      Curl_bufq_skip(&ctx->writebuf, blen);
+      if(stream->xfer_result) {
+        CURL_TRC_CF(data, cf, "[%" PRId64 "] error %d writing %zu bytes"
+                    " of data", stream->id, stream->xfer_result, blen);
+      }
+    }
+    else
+      break;
+  }
+  Curl_bufq_reset(&ctx->writebuf);
+}
+
+static void cf_quiche_recv_body(struct Curl_cfilter *cf,
+                                struct Curl_easy *data,
+                                struct h3_stream_ctx *stream)
 {
   struct cf_quiche_ctx *ctx = cf->ctx;
-  struct h3_stream_ctx *stream = H3_STREAM_CTX(ctx, data);
   size_t nread;
   struct cb_ctx cb_ctx;
   CURLcode result = CURLE_OK;
 
   if(!stream)
-    return CURLE_RECV_ERROR;
-
-  if(!stream->resp_hds_complete) {
-    result = write_resp_raw(cf, data, "\r\n", 2);
-    if(result)
-      return result;
-    stream->resp_hds_complete = TRUE;
-  }
+    return;
 
+  /* Even when the transfer has already errored, we need to receive
+   * the data from quiche, as quiche will otherwise get stuck and
+   * raise events to receive over and over again. */
   cb_ctx.cf = cf;
   cb_ctx.data = data;
-  result = Curl_bufq_slurp(&stream->recvbuf,
-                           stream_resp_read, &cb_ctx, &nread);
-
-  if(result && result != CURLE_AGAIN) {
-    CURL_TRC_CF(data, cf, "[%" PRIu64 "] recv_body error %zu",
-                stream->id, nread);
-    failf(data, "Error %d in HTTP/3 response body for stream[%" PRIu64 "]",
-          result, stream->id);
-    stream->closed = TRUE;
-    stream->reset = TRUE;
-    stream->send_closed = TRUE;
-    return result;
+  cb_ctx.stream = stream;
+  Curl_bufq_reset(&ctx->writebuf);
+  while(!result) {
+    result = Curl_bufq_slurp(&ctx->writebuf,
+                             stream_resp_read, &cb_ctx, &nread);
+    if(!result)
+      cf_quiche_flush_body(cf, data, stream);
+    else if(result == CURLE_AGAIN)
+      break;
+    else if(result) {
+      CURL_TRC_CF(data, cf, "[%" PRIu64 "] recv_body error %d",
+                  stream->id, result);
+      failf(data, "[%" PRIu64 "] Error %d in HTTP/3 response body for stream",
+            stream->id, result);
+      stream->closed = TRUE;
+      stream->reset = TRUE;
+      stream->send_closed = TRUE;
+      if(!stream->xfer_result)
+        stream->xfer_result = result;
+    }
   }
-  return CURLE_OK;
+  cf_quiche_flush_body(cf, data, stream);
 }
 
-#ifdef DEBUGBUILD
-static const char *cf_ev_name(quiche_h3_event *ev)
-{
-  switch(quiche_h3_event_type(ev)) {
-  case QUICHE_H3_EVENT_HEADERS:
-    return "HEADERS";
-  case QUICHE_H3_EVENT_DATA:
-    return "DATA";
-  case QUICHE_H3_EVENT_RESET:
-    return "RESET";
-  case QUICHE_H3_EVENT_FINISHED:
-    return "FINISHED";
-  case QUICHE_H3_EVENT_GOAWAY:
-    return "GOAWAY";
-  default:
-    return "Unknown";
-  }
-}
-#else
-#define cf_ev_name(x)   ""
-#endif
-
-static CURLcode h3_process_event(struct Curl_cfilter *cf,
+static void cf_quiche_process_ev(struct Curl_cfilter *cf,
                                  struct Curl_easy *data,
                                  struct h3_stream_ctx *stream,
                                  quiche_h3_event *ev)
 {
-  struct cb_ctx cb_ctx;
-  CURLcode result = CURLE_OK;
-  int rc;
-
   if(!stream)
-    return CURLE_OK;
+    return;
+
   switch(quiche_h3_event_type(ev)) {
-  case QUICHE_H3_EVENT_HEADERS:
+  case QUICHE_H3_EVENT_HEADERS: {
+    struct cb_ctx cb_ctx;
     stream->resp_got_header = TRUE;
     cb_ctx.cf = cf;
     cb_ctx.data = data;
-    rc = quiche_h3_event_for_each_header(ev, cb_each_header, &cb_ctx);
-    if(rc) {
-      failf(data, "Error %d in HTTP/3 response header for stream[%" PRIu64 "]",
-            rc, stream->id);
-      return CURLE_RECV_ERROR;
-    }
+    cb_ctx.stream = stream;
+    quiche_h3_event_for_each_header(ev, cb_each_header, &cb_ctx);
     CURL_TRC_CF(data, cf, "[%" PRIu64 "] <- [HEADERS]", stream->id);
+    Curl_multi_mark_dirty(data);
     break;
-
+  }
   case QUICHE_H3_EVENT_DATA:
-    if(!stream->closed) {
-      result = cf_recv_body(cf, data);
+    if(!stream->resp_hds_complete) {
+      stream->resp_hds_complete = TRUE;
+      cf_quiche_write_hd(cf, data, stream, "\r\n", 2, FALSE);
     }
+    cf_quiche_recv_body(cf, data, stream);
+    CURL_TRC_CF(data, cf, "[%" PRIu64 "] <- [DATA]", stream->id);
+    Curl_multi_mark_dirty(data);
     break;
 
   case QUICHE_H3_EVENT_RESET:
@@ -505,17 +532,17 @@ static CURLcode h3_process_event(struct Curl_cfilter *cf,
     stream->closed = TRUE;
     stream->reset = TRUE;
     stream->send_closed = TRUE;
+    Curl_multi_mark_dirty(data);
     break;
 
   case QUICHE_H3_EVENT_FINISHED:
     CURL_TRC_CF(data, cf, "[%" PRIu64 "] CLOSED", stream->id);
     if(!stream->resp_hds_complete) {
-      result = write_resp_raw(cf, data, "\r\n", 2);
-      if(result)
-        return result;
       stream->resp_hds_complete = TRUE;
+      cf_quiche_write_hd(cf, data, stream, "\r\n", 2, TRUE);
     }
     stream->closed = TRUE;
+    Curl_multi_mark_dirty(data);
     break;
 
   case QUICHE_H3_EVENT_GOAWAY:
@@ -527,20 +554,6 @@ static CURLcode h3_process_event(struct Curl_cfilter *cf,
                 stream->id, quiche_h3_event_type(ev));
     break;
   }
-  return result;
-}
-
-static CURLcode cf_quiche_ev_process(struct Curl_cfilter *cf,
-                                     struct Curl_easy *data,
-                                     struct h3_stream_ctx *stream,
-                                     quiche_h3_event *ev)
-{
-  CURLcode result = h3_process_event(cf, data, stream, ev);
-  Curl_multi_mark_dirty(data);
-  if(result)
-    CURL_TRC_CF(data, cf, "error processing event %s for [%" PRIu64 "] -> %d",
-                cf_ev_name(ev), stream->id, result);
-  return result;
 }
 
 struct cf_quich_disp_ctx {
@@ -548,7 +561,6 @@ struct cf_quich_disp_ctx {
   struct Curl_cfilter *cf;
   struct Curl_multi *multi;
   quiche_h3_event *ev;
-  CURLcode result;
 };
 
 static bool cf_quiche_disp_event(uint32_t mid, void *val, void *user_data)
@@ -559,7 +571,7 @@ static bool cf_quiche_disp_event(uint32_t mid, void *val, void *user_data)
   if(stream->id == dctx->stream_id) {
     struct Curl_easy *sdata = Curl_multi_get_easy(dctx->multi, mid);
     if(sdata)
-      dctx->result = cf_quiche_ev_process(dctx->cf, sdata, stream, dctx->ev);
+      cf_quiche_process_ev(dctx->cf, sdata, stream, dctx->ev);
     return FALSE; /* stop iterating */
   }
   return TRUE;
@@ -583,23 +595,22 @@ static CURLcode cf_poll_events(struct Curl_cfilter *cf,
       return CURLE_HTTP3;
     }
     else {
-      struct cf_quich_disp_ctx dctx;
-      dctx.stream_id = (uint64_t)rv;
-      dctx.cf = cf;
-      dctx.multi = data->multi;
-      dctx.ev = ev;
-      dctx.result = CURLE_OK;
       stream = H3_STREAM_CTX(ctx, data);
-      if(stream && stream->id == dctx.stream_id) {
+      if(stream && stream->id == (uint64_t)rv) {
         /* event for calling transfer */
-        CURLcode result = cf_quiche_ev_process(cf, data, stream, ev);
+        cf_quiche_process_ev(cf, data, stream, ev);
         quiche_h3_event_free(ev);
-        if(result)
-          return result;
+        if(stream->xfer_result)
+          return stream->xfer_result;
       }
       else {
         /* another transfer, do not return errors, as they are not for
          * the calling transfer */
+        struct cf_quich_disp_ctx dctx;
+        dctx.stream_id = (uint64_t)rv;
+        dctx.cf = cf;
+        dctx.multi = data->multi;
+        dctx.ev = ev;
         Curl_uint32_hash_visit(&ctx->streams, cf_quiche_disp_event, &dctx);
         quiche_h3_event_free(ev);
       }
@@ -844,63 +855,46 @@ static CURLcode recv_closed_stream(struct Curl_cfilter *cf,
 }
 
 static CURLcode cf_quiche_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
-                               char *buf, size_t len, size_t *pnread)
+                               char *buf, size_t blen, size_t *pnread)
 {
   struct cf_quiche_ctx *ctx = cf->ctx;
   struct h3_stream_ctx *stream = H3_STREAM_CTX(ctx, data);
   CURLcode result = CURLE_OK;
 
   *pnread = 0;
+  (void)buf;
+  (void)blen;
   vquic_ctx_update_time(&ctx->q);
 
   if(!stream)
     return CURLE_RECV_ERROR;
 
-  if(!Curl_bufq_is_empty(&stream->recvbuf)) {
-    result = Curl_bufq_cread(&stream->recvbuf, buf, len, pnread);
-    CURL_TRC_CF(data, cf, "[%" PRIu64 "] read recvbuf(len=%zu) "
-                "-> %d, %zu", stream->id, len, result, *pnread);
-    if(result)
-      goto out;
-  }
-
   result = cf_process_ingress(cf, data);
   if(result) {
     CURL_TRC_CF(data, cf, "cf_recv, error on ingress");
     goto out;
   }
 
-  /* recvbuf had nothing before, maybe after progressing ingress? */
-  if(!*pnread && !Curl_bufq_is_empty(&stream->recvbuf)) {
-    result = Curl_bufq_cread(&stream->recvbuf, buf, len, pnread);
-    CURL_TRC_CF(data, cf, "[%" PRIu64 "] read recvbuf(len=%zu) "
-                "-> %d, %zu", stream->id, len, result, *pnread);
-    if(result)
-      goto out;
+  if(stream->xfer_result) {
+    cf_quiche_stream_close(cf, data, stream);
+    result = stream->xfer_result;
+    goto out;
   }
-
-  if(*pnread) {
-    if(stream->closed)
-      Curl_multi_mark_dirty(data);
-  }
-  else {
-    if(stream->closed)
-      result = recv_closed_stream(cf, data, pnread);
-    else if(quiche_conn_is_draining(ctx->qconn)) {
-      failf(data, "QUIC connection is draining");
-      result = CURLE_HTTP3;
-    }
-    else
-      result = CURLE_AGAIN;
+  else if(stream->closed)
+    result = recv_closed_stream(cf, data, pnread);
+  else if(quiche_conn_is_draining(ctx->qconn)) {
+    failf(data, "QUIC connection is draining");
+    result = CURLE_HTTP3;
   }
+  else
+    result = CURLE_AGAIN;
 
 out:
   result = Curl_1st_err(result, cf_flush_egress(cf, data));
   if(*pnread > 0)
     ctx->data_recvd += *pnread;
-  CURL_TRC_CF(data, cf, "[%" PRIu64 "] cf_recv(total=%"
-              FMT_OFF_T ") -> %d, %zu",
-              stream->id, ctx->data_recvd, result, *pnread);
+  CURL_TRC_CF(data, cf, "[%" PRIu64 "] cf_recv(len=%zu) -> %d, %zu, total=%"
+              FMT_OFF_T, stream->id, blen, result, *pnread, ctx->data_recvd);
   return result;
 }
 
@@ -1092,6 +1086,10 @@ static CURLcode cf_quiche_send(struct Curl_cfilter *cf, struct Curl_easy *data,
       goto out;
     stream = H3_STREAM_CTX(ctx, data);
   }
+  else if(stream->xfer_result) {
+    cf_quiche_stream_close(cf, data, stream);
+    result = stream->xfer_result;
+  }
   else if(stream->closed) {
     if(stream->resp_hds_complete) {
       /* sending request body on a stream that has been closed by the
@@ -1165,19 +1163,6 @@ static CURLcode cf_quiche_adjust_pollset(struct Curl_cfilter *cf,
   return result;
 }
 
-/*
- * Called from transfer.c:data_pending to know if we should keep looping
- * to receive more data from the connection.
- */
-static bool cf_quiche_data_pending(struct Curl_cfilter *cf,
-                                   const struct Curl_easy *data)
-{
-  struct cf_quiche_ctx *ctx = cf->ctx;
-  const struct h3_stream_ctx *stream = H3_STREAM_CTX(ctx, data);
-  (void)cf;
-  return stream && !Curl_bufq_is_empty(&stream->recvbuf);
-}
-
 static CURLcode h3_data_pause(struct Curl_cfilter *cf,
                               struct Curl_easy *data,
                               bool pause)
@@ -1608,7 +1593,7 @@ struct Curl_cftype Curl_cft_http3 = {
   cf_quiche_close,
   cf_quiche_shutdown,
   cf_quiche_adjust_pollset,
-  cf_quiche_data_pending,
+  Curl_cf_def_data_pending,
   cf_quiche_send,
   cf_quiche_recv,
   cf_quiche_cntrl,

From 3e2a946926853608d67805bd9f4a58345fff364a Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 2 Dec 2025 14:13:55 +0100
Subject: [PATCH 1102/2408] ldap: provide version for "legacy" ldap as well

It displays in version output as WinLDAP and LDAP/1, compared to
OpenLDAP/[version] for the OpenLDAP backend code.

Closes #19808
---
 lib/curl_ldap.h |  1 +
 lib/ldap.c      |  9 +++++++++
 lib/openldap.c  | 20 ++++++++++++++++++++
 lib/version.c   | 32 +++++---------------------------
 4 files changed, 35 insertions(+), 27 deletions(-)

diff --git a/lib/curl_ldap.h b/lib/curl_ldap.h
index 8a1d807ed9..9da9b717d5 100644
--- a/lib/curl_ldap.h
+++ b/lib/curl_ldap.h
@@ -32,5 +32,6 @@ extern const struct Curl_handler Curl_handler_ldap;
 extern const struct Curl_handler Curl_handler_ldaps;
 #endif
 
+void Curl_ldap_version(char *buf, size_t bufsz);
 #endif
 #endif /* HEADER_CURL_LDAP_H */
diff --git a/lib/ldap.c b/lib/ldap.c
index 6c62070385..522bf3ad58 100644
--- a/lib/ldap.c
+++ b/lib/ldap.c
@@ -1037,6 +1037,15 @@ static void ldap_free_urldesc_low(LDAPURLDesc *ludp)
 }
 #endif /* !HAVE_LDAP_URL_PARSE */
 
+void Curl_ldap_version(char *buf, size_t bufsz)
+{
+#ifdef USE_WIN32_LDAP
+  curl_msnprintf(buf, bufsz, "WinLDAP");
+#else
+  curl_msnprintf(buf, bufsz, "LDAP/1");
+#endif
+}
+
 #if defined(__GNUC__) && defined(__APPLE__)
 #pragma GCC diagnostic pop
 #endif
diff --git a/lib/openldap.c b/lib/openldap.c
index 107f6da832..bb48edd32f 100644
--- a/lib/openldap.c
+++ b/lib/openldap.c
@@ -1331,4 +1331,24 @@ ldapsb_tls_write(Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len)
 }
 #endif /* USE_SSL */
 
+void Curl_ldap_version(char *buf, size_t bufsz)
+{
+  LDAPAPIInfo api;
+  api.ldapai_info_version = LDAP_API_INFO_VERSION;
+
+  if(ldap_get_option(NULL, LDAP_OPT_API_INFO, &api) == LDAP_OPT_SUCCESS) {
+    unsigned int patch = (unsigned int)(api.ldapai_vendor_version % 100);
+    unsigned int major = (unsigned int)(api.ldapai_vendor_version / 10000);
+    unsigned int minor =
+      (((unsigned int)api.ldapai_vendor_version - major * 10000)
+       - patch) / 100;
+    curl_msnprintf(buf, bufsz, "%s/%u.%u.%u",
+                   api.ldapai_vendor_name, major, minor, patch);
+    ldap_memfree(api.ldapai_vendor_name);
+    ber_memvfree((void **)api.ldapai_extensions);
+  }
+  else
+    curl_msnprintf(buf, bufsz, "OpenLDAP");
+}
+
 #endif /* !CURL_DISABLE_LDAP && USE_OPENLDAP */
diff --git a/lib/version.c b/lib/version.c
index 49c15ffcde..487dc74ffa 100644
--- a/lib/version.c
+++ b/lib/version.c
@@ -77,8 +77,8 @@
 #include 
 #endif
 
-#ifdef USE_OPENLDAP
-#include 
+#ifndef CURL_DISABLE_LDAP
+#include "curl_ldap.h"
 #endif
 
 #ifdef HAVE_BROTLI
@@ -103,28 +103,6 @@ static void zstd_version(char *buf, size_t bufsz)
 }
 #endif
 
-#ifdef USE_OPENLDAP
-static void oldap_version(char *buf, size_t bufsz)
-{
-  LDAPAPIInfo api;
-  api.ldapai_info_version = LDAP_API_INFO_VERSION;
-
-  if(ldap_get_option(NULL, LDAP_OPT_API_INFO, &api) == LDAP_OPT_SUCCESS) {
-    unsigned int patch = (unsigned int)(api.ldapai_vendor_version % 100);
-    unsigned int major = (unsigned int)(api.ldapai_vendor_version / 10000);
-    unsigned int minor =
-      (((unsigned int)api.ldapai_vendor_version - major * 10000)
-       - patch) / 100;
-    curl_msnprintf(buf, bufsz, "%s/%u.%u.%u",
-                   api.ldapai_vendor_name, major, minor, patch);
-    ldap_memfree(api.ldapai_vendor_name);
-    ber_memvfree((void **)api.ldapai_extensions);
-  }
-  else
-    curl_msnprintf(buf, bufsz, "OpenLDAP");
-}
-#endif
-
 #ifdef USE_LIBPSL
 static void psl_version(char *buf, size_t bufsz)
 {
@@ -211,7 +189,7 @@ char *curl_version(void)
 #ifdef HAVE_GSSAPI
   char gss_buf[40];
 #endif
-#ifdef USE_OPENLDAP
+#ifndef CURL_DISABLE_LDAP
   char ldap_buf[30];
 #endif
   int i = 0;
@@ -289,8 +267,8 @@ char *curl_version(void)
 #endif
   src[i++] = gss_buf;
 #endif /* HAVE_GSSAPI */
-#ifdef USE_OPENLDAP
-  oldap_version(ldap_buf, sizeof(ldap_buf));
+#ifndef CURL_DISABLE_LDAP
+  Curl_ldap_version(ldap_buf, sizeof(ldap_buf));
   src[i++] = ldap_buf;
 #endif
 

From 86b346443b68cde7ef33e1ab770e6c8ab641d2b1 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 27 Nov 2025 04:27:26 +0100
Subject: [PATCH 1103/2408] lib: fix formatting nits (part 2)

From `lib/curl*` to `lib/g*`. With fixes to part 1.

part 1: 47a1ab2ebecb21485c0e955316d90511e80a3c43 #19764

Closes #19800
---
 lib/altsvc.c           |   2 +-
 lib/amigaos.h          |   2 +-
 lib/asyn-ares.c        |   3 +-
 lib/asyn-base.c        |   4 +-
 lib/asyn.h             |   4 +-
 lib/cf-h2-proxy.c      |   4 +-
 lib/cf-https-connect.c |   1 -
 lib/cf-ip-happy.c      |   1 -
 lib/cf-socket.c        |   6 +-
 lib/cf-socket.h        |   2 +-
 lib/conncache.c        |   1 -
 lib/content_encoding.c |  61 ++--
 lib/cookie.c           |  15 +-
 lib/cookie.h           |   2 +-
 lib/curl_addrinfo.c    |  54 ++--
 lib/curl_addrinfo.h    |  31 +-
 lib/curl_ctype.h       |   8 +-
 lib/curl_fopen.c       |   4 +-
 lib/curl_get_line.c    |   5 +-
 lib/curl_gethostname.c |   1 -
 lib/curl_gssapi.c      |   4 +-
 lib/curl_hmac.h        |   1 -
 lib/curl_ldap.h        |   6 +-
 lib/curl_memrchr.c     |   4 +-
 lib/curl_memrchr.h     |   2 +-
 lib/curl_ntlm_core.c   |  99 +++---
 lib/curl_ntlm_core.h   |  18 +-
 lib/curl_range.c       |   8 +-
 lib/curl_rtmp.c        |   6 +-
 lib/curl_sasl.c        |  16 +-
 lib/curl_setup.h       |  46 +--
 lib/curl_setup_once.h  |  48 +--
 lib/curl_sha512_256.c  | 158 +++++-----
 lib/curl_sha512_256.h  |   5 +-
 lib/curl_share.c       |  20 +-
 lib/curl_share.h       |   6 +-
 lib/curl_trc.c         |  44 ++-
 lib/curl_trc.h         |  12 +-
 lib/cw-out.c           |   2 +-
 lib/cw-pause.c         |   2 +-
 lib/dict.c             |  20 +-
 lib/doh.c              |  62 ++--
 lib/doh.h              |   6 +-
 lib/dynhds.c           |  11 +-
 lib/easy.c             |  22 +-
 lib/easy_lock.h        |  14 +-
 lib/easyoptions.c      | 688 +++++++++++++++++++++--------------------
 lib/escape.c           |  10 +-
 lib/fake_addrinfo.c    |   3 +-
 lib/file.c             |  17 +-
 lib/formdata.c         |  99 +++---
 lib/formdata.h         |   1 -
 lib/ftp.c              | 338 ++++++++++----------
 lib/ftplistparser.c    |  20 +-
 lib/getinfo.c          |  27 +-
 lib/optiontable.pl     |   8 +-
 56 files changed, 976 insertions(+), 1088 deletions(-)

diff --git a/lib/altsvc.c b/lib/altsvc.c
index cbaf4b4d85..f2906ad4e3 100644
--- a/lib/altsvc.c
+++ b/lib/altsvc.c
@@ -42,7 +42,7 @@
 #include "curlx/strparse.h"
 #include "connect.h"
 
-#define MAX_ALTSVC_LINE 4095
+#define MAX_ALTSVC_LINE    4095
 #define MAX_ALTSVC_DATELEN 256
 #define MAX_ALTSVC_HOSTLEN 2048
 #define MAX_ALTSVC_ALPNLEN 10
diff --git a/lib/amigaos.h b/lib/amigaos.h
index c99d963ece..58278f0935 100644
--- a/lib/amigaos.h
+++ b/lib/amigaos.h
@@ -33,7 +33,7 @@ void Curl_amiga_cleanup(void);
 
 #else
 
-#define Curl_amiga_init() CURLE_OK
+#define Curl_amiga_init()    CURLE_OK
 #define Curl_amiga_cleanup() Curl_nop_stmt
 
 #endif
diff --git a/lib/asyn-ares.c b/lib/asyn-ares.c
index ce4f866be6..40ce00db22 100644
--- a/lib/asyn-ares.c
+++ b/lib/asyn-ares.c
@@ -180,8 +180,7 @@ static CURLcode async_ares_init(struct Curl_easy *data)
   status = ares_init_options(&ares->channel, &options, optmask);
   if(status != ARES_SUCCESS) {
     ares->channel = NULL;
-    rc = (status == ARES_ENOMEM) ?
-         CURLE_OUT_OF_MEMORY : CURLE_FAILED_INIT;
+    rc = (status == ARES_ENOMEM) ? CURLE_OUT_OF_MEMORY : CURLE_FAILED_INIT;
     goto out;
   }
 
diff --git a/lib/asyn-base.c b/lib/asyn-base.c
index 5358fcb8fa..1db132c1e4 100644
--- a/lib/asyn-base.c
+++ b/lib/asyn-base.c
@@ -168,9 +168,9 @@ int Curl_ares_perform(ares_channel channel, timediff_t timeout_ms)
     /* move through the descriptors and ask for processing on them */
     for(i = 0; i < num; i++)
       ares_process_fd(channel,
-                      (pfd[i].revents & (POLLRDNORM|POLLIN)) ?
+                      (pfd[i].revents & (POLLRDNORM | POLLIN)) ?
                       pfd[i].fd : ARES_SOCKET_BAD,
-                      (pfd[i].revents & (POLLWRNORM|POLLOUT)) ?
+                      (pfd[i].revents & (POLLWRNORM | POLLOUT)) ?
                       pfd[i].fd : ARES_SOCKET_BAD);
   }
   return nfds;
diff --git a/lib/asyn.h b/lib/asyn.h
index e5e472e247..87c6532a3d 100644
--- a/lib/asyn.h
+++ b/lib/asyn.h
@@ -223,7 +223,7 @@ struct doh_probes;
 
 /* convert these functions if an asynch resolver is not used */
 #define Curl_async_get_impl(x, y)    (*(y) = NULL, CURLE_OK)
-#define Curl_async_is_resolved(x,y)  CURLE_COULDNT_RESOLVE_HOST
+#define Curl_async_is_resolved(x, y) CURLE_COULDNT_RESOLVE_HOST
 #define Curl_async_await(x, y)       CURLE_COULDNT_RESOLVE_HOST
 #define Curl_async_global_init()     CURLE_OK
 #define Curl_async_global_cleanup()  Curl_nop_stmt
@@ -266,7 +266,7 @@ void Curl_async_shutdown(struct Curl_easy *data);
 void Curl_async_destroy(struct Curl_easy *data);
 #else /* !USE_CURL_ASYNC */
 #define Curl_async_shutdown(x) Curl_nop_stmt
-#define Curl_async_destroy(x) Curl_nop_stmt
+#define Curl_async_destroy(x)  Curl_nop_stmt
 #endif /* USE_CURL_ASYNC */
 
 /********** end of generic resolver interface functions *****************/
diff --git a/lib/cf-h2-proxy.c b/lib/cf-h2-proxy.c
index fb2586d1d0..5a58c280e9 100644
--- a/lib/cf-h2-proxy.c
+++ b/lib/cf-h2-proxy.c
@@ -242,8 +242,8 @@ static int proxy_h2_client_new(struct Curl_cfilter *cf,
 {
   struct cf_h2_proxy_ctx *ctx = cf->ctx;
   nghttp2_option *o;
-  nghttp2_mem mem = {NULL, Curl_nghttp2_malloc, Curl_nghttp2_free,
-                     Curl_nghttp2_calloc, Curl_nghttp2_realloc};
+  nghttp2_mem mem = { NULL, Curl_nghttp2_malloc, Curl_nghttp2_free,
+                      Curl_nghttp2_calloc, Curl_nghttp2_realloc };
 
   int rc = nghttp2_option_new(&o);
   if(rc)
diff --git a/lib/cf-https-connect.c b/lib/cf-https-connect.c
index ad815a0fe7..acb3bcdd3a 100644
--- a/lib/cf-https-connect.c
+++ b/lib/cf-https-connect.c
@@ -244,7 +244,6 @@ static CURLcode baller_connected(struct Curl_cfilter *cf,
   return result;
 }
 
-
 static bool time_to_start_next(struct Curl_cfilter *cf,
                                struct Curl_easy *data,
                                size_t idx, struct curltime now)
diff --git a/lib/cf-ip-happy.c b/lib/cf-ip-happy.c
index 72ac59b7d9..d31c6b6caa 100644
--- a/lib/cf-ip-happy.c
+++ b/lib/cf-ip-happy.c
@@ -613,7 +613,6 @@ static int cf_ip_ballers_min_reply_ms(struct cf_ip_ballers *bs,
   return reply_ms;
 }
 
-
 typedef enum {
   SCFST_INIT,
   SCFST_WAITING,
diff --git a/lib/cf-socket.c b/lib/cf-socket.c
index 0e431976c9..1881683cc8 100644
--- a/lib/cf-socket.c
+++ b/lib/cf-socket.c
@@ -643,8 +643,8 @@ static CURLcode bindlocal(struct Curl_easy *data, struct connectdata *conn,
       return CURLE_UNSUPPORTED_PROTOCOL;
     case IF2IP_FOUND:
       /*
-        * We now have the numerical IP address in the 'myhost' buffer
-        */
+       * We now have the numerical IP address in the 'myhost' buffer
+       */
       host = myhost;
       infof(data, "Local Interface %s is ip %s using address family %i",
             iface, host, af);
@@ -2057,7 +2057,7 @@ static CURLcode cf_tcp_accept_connect(struct Curl_cfilter *cf,
 #else
   struct sockaddr_in add;
 #endif
-  curl_socklen_t size = (curl_socklen_t) sizeof(add);
+  curl_socklen_t size = (curl_socklen_t)sizeof(add);
   curl_socket_t s_accepted = CURL_SOCKET_BAD;
   timediff_t timeout_ms;
   int socketstate = 0;
diff --git a/lib/cf-socket.h b/lib/cf-socket.h
index e5f69c60f4..fe5ff2fa47 100644
--- a/lib/cf-socket.h
+++ b/lib/cf-socket.h
@@ -52,7 +52,7 @@ struct Curl_sockaddr_ex {
     struct Curl_sockaddr_storage buf;
   } addr;
 };
-#define curl_sa_addr addr.sa
+#define curl_sa_addr    addr.sa
 #define curl_sa_addrbuf addr.buf
 
 /*
diff --git a/lib/conncache.c b/lib/conncache.c
index c7a52b69f6..c50697f177 100644
--- a/lib/conncache.c
+++ b/lib/conncache.c
@@ -77,7 +77,6 @@ struct cpool_bundle {
   char dest[1]; /* destination of bundle, allocated to keep dest_len bytes */
 };
 
-
 static void cpool_discard_conn(struct cpool *cpool,
                                struct Curl_easy *data,
                                struct connectdata *conn,
diff --git a/lib/content_encoding.c b/lib/content_encoding.c
index 84ed86c1df..47adac0f43 100644
--- a/lib/content_encoding.c
+++ b/lib/content_encoding.c
@@ -86,24 +86,20 @@ struct zlib_writer {
   z_stream z;                /* State structure for zlib. */
 };
 
-
-static voidpf
-zalloc_cb(voidpf opaque, unsigned int items, unsigned int size)
+static voidpf zalloc_cb(voidpf opaque, unsigned int items, unsigned int size)
 {
   (void)opaque;
   /* not a typo, keep it curlx_calloc() */
   return (voidpf)curlx_calloc(items, size);
 }
 
-static void
-zfree_cb(voidpf opaque, voidpf ptr)
+static void zfree_cb(voidpf opaque, voidpf ptr)
 {
   (void)opaque;
   curlx_free(ptr);
 }
 
-static CURLcode
-process_zlib_error(struct Curl_easy *data, z_stream *z)
+static CURLcode process_zlib_error(struct Curl_easy *data, z_stream *z)
 {
   if(z->msg)
     failf(data, "Error while processing content unencoding: %s",
@@ -115,9 +111,8 @@ process_zlib_error(struct Curl_easy *data, z_stream *z)
   return CURLE_BAD_CONTENT_ENCODING;
 }
 
-static CURLcode
-exit_zlib(struct Curl_easy *data,
-          z_stream *z, zlibInitState *zlib_init, CURLcode result)
+static CURLcode exit_zlib(struct Curl_easy *data, z_stream *z,
+                          zlibInitState *zlib_init, CURLcode result)
 {
   if(*zlib_init != ZLIB_UNINIT) {
     if(inflateEnd(z) != Z_OK && result == CURLE_OK)
@@ -128,8 +123,7 @@ exit_zlib(struct Curl_easy *data,
   return result;
 }
 
-static CURLcode process_trailer(struct Curl_easy *data,
-                                struct zlib_writer *zp)
+static CURLcode process_trailer(struct Curl_easy *data, struct zlib_writer *zp)
 {
   z_stream *z = &zp->z;
   CURLcode result = CURLE_OK;
@@ -156,7 +150,7 @@ static CURLcode inflate_stream(struct Curl_easy *data,
                                struct Curl_cwriter *writer, int type,
                                zlibInitState started)
 {
-  struct zlib_writer *zp = (struct zlib_writer *) writer;
+  struct zlib_writer *zp = (struct zlib_writer *)writer;
   z_stream *z = &zp->z;         /* zlib state structure */
   uInt nread = z->avail_in;
   z_const Bytef *orig_in = z->next_in;
@@ -176,7 +170,7 @@ static CURLcode inflate_stream(struct Curl_easy *data,
     done = TRUE;
 
     /* (re)set buffer for decompressed output for every iteration */
-    z->next_out = (Bytef *) zp->buffer;
+    z->next_out = (Bytef *)zp->buffer;
     z->avail_out = DECOMPRESS_BUFFER_SIZE;
 
     status = inflate(z, Z_BLOCK);
@@ -237,17 +231,16 @@ static CURLcode inflate_stream(struct Curl_easy *data,
   return result;
 }
 
-
 /* Deflate handler. */
 static CURLcode deflate_do_init(struct Curl_easy *data,
                                 struct Curl_cwriter *writer)
 {
-  struct zlib_writer *zp = (struct zlib_writer *) writer;
+  struct zlib_writer *zp = (struct zlib_writer *)writer;
   z_stream *z = &zp->z;     /* zlib state structure */
 
   /* Initialize zlib */
-  z->zalloc = (alloc_func) zalloc_cb;
-  z->zfree = (free_func) zfree_cb;
+  z->zalloc = (alloc_func)zalloc_cb;
+  z->zfree = (free_func)zfree_cb;
 
   if(inflateInit(z) != Z_OK)
     return process_zlib_error(data, z);
@@ -259,7 +252,7 @@ static CURLcode deflate_do_write(struct Curl_easy *data,
                                  struct Curl_cwriter *writer, int type,
                                  const char *buf, size_t nbytes)
 {
-  struct zlib_writer *zp = (struct zlib_writer *) writer;
+  struct zlib_writer *zp = (struct zlib_writer *)writer;
   z_stream *z = &zp->z;     /* zlib state structure */
 
   if(!(type & CLIENTWRITE_BODY) || !nbytes)
@@ -279,7 +272,7 @@ static CURLcode deflate_do_write(struct Curl_easy *data,
 static void deflate_do_close(struct Curl_easy *data,
                              struct Curl_cwriter *writer)
 {
-  struct zlib_writer *zp = (struct zlib_writer *) writer;
+  struct zlib_writer *zp = (struct zlib_writer *)writer;
   z_stream *z = &zp->z;     /* zlib state structure */
 
   exit_zlib(data, z, &zp->zlib_init, CURLE_OK);
@@ -299,12 +292,12 @@ static const struct Curl_cwtype deflate_encoding = {
 static CURLcode gzip_do_init(struct Curl_easy *data,
                              struct Curl_cwriter *writer)
 {
-  struct zlib_writer *zp = (struct zlib_writer *) writer;
+  struct zlib_writer *zp = (struct zlib_writer *)writer;
   z_stream *z = &zp->z;     /* zlib state structure */
 
   /* Initialize zlib */
-  z->zalloc = (alloc_func) zalloc_cb;
-  z->zfree = (free_func) zfree_cb;
+  z->zalloc = (alloc_func)zalloc_cb;
+  z->zfree = (free_func)zfree_cb;
 
   if(inflateInit2(z, MAX_WBITS + 32) != Z_OK)
     return process_zlib_error(data, z);
@@ -317,7 +310,7 @@ static CURLcode gzip_do_write(struct Curl_easy *data,
                               struct Curl_cwriter *writer, int type,
                               const char *buf, size_t nbytes)
 {
-  struct zlib_writer *zp = (struct zlib_writer *) writer;
+  struct zlib_writer *zp = (struct zlib_writer *)writer;
   z_stream *z = &zp->z;     /* zlib state structure */
 
   if(!(type & CLIENTWRITE_BODY) || !nbytes)
@@ -338,7 +331,7 @@ static CURLcode gzip_do_write(struct Curl_easy *data,
 static void gzip_do_close(struct Curl_easy *data,
                           struct Curl_cwriter *writer)
 {
-  struct zlib_writer *zp = (struct zlib_writer *) writer;
+  struct zlib_writer *zp = (struct zlib_writer *)writer;
   z_stream *z = &zp->z;     /* zlib state structure */
 
   exit_zlib(data, z, &zp->zlib_init, CURLE_OK);
@@ -402,7 +395,7 @@ static CURLcode brotli_map_error(BrotliDecoderErrorCode be)
 static CURLcode brotli_do_init(struct Curl_easy *data,
                                struct Curl_cwriter *writer)
 {
-  struct brotli_writer *bp = (struct brotli_writer *) writer;
+  struct brotli_writer *bp = (struct brotli_writer *)writer;
   (void)data;
 
   bp->br = BrotliDecoderCreateInstance(NULL, NULL, NULL);
@@ -413,8 +406,8 @@ static CURLcode brotli_do_write(struct Curl_easy *data,
                                 struct Curl_cwriter *writer, int type,
                                 const char *buf, size_t nbytes)
 {
-  struct brotli_writer *bp = (struct brotli_writer *) writer;
-  const uint8_t *src = (const uint8_t *) buf;
+  struct brotli_writer *bp = (struct brotli_writer *)writer;
+  const uint8_t *src = (const uint8_t *)buf;
   uint8_t *dst;
   size_t dstleft;
   CURLcode result = CURLE_OK;
@@ -428,7 +421,7 @@ static CURLcode brotli_do_write(struct Curl_easy *data,
 
   while((nbytes || r == BROTLI_DECODER_RESULT_NEEDS_MORE_OUTPUT) &&
         result == CURLE_OK) {
-    dst = (uint8_t *) bp->buffer;
+    dst = (uint8_t *)bp->buffer;
     dstleft = DECOMPRESS_BUFFER_SIZE;
     r = BrotliDecoderDecompressStream(bp->br,
                                       &nbytes, &src, &dstleft, &dst, NULL);
@@ -457,7 +450,7 @@ static CURLcode brotli_do_write(struct Curl_easy *data,
 static void brotli_do_close(struct Curl_easy *data,
                             struct Curl_cwriter *writer)
 {
-  struct brotli_writer *bp = (struct brotli_writer *) writer;
+  struct brotli_writer *bp = (struct brotli_writer *)writer;
   (void)data;
 
   if(bp->br) {
@@ -501,7 +494,7 @@ static void Curl_zstd_free(void *opaque, void *address)
 static CURLcode zstd_do_init(struct Curl_easy *data,
                              struct Curl_cwriter *writer)
 {
-  struct zstd_writer *zp = (struct zstd_writer *) writer;
+  struct zstd_writer *zp = (struct zstd_writer *)writer;
 
   (void)data;
 
@@ -523,7 +516,7 @@ static CURLcode zstd_do_write(struct Curl_easy *data,
                               const char *buf, size_t nbytes)
 {
   CURLcode result = CURLE_OK;
-  struct zstd_writer *zp = (struct zstd_writer *) writer;
+  struct zstd_writer *zp = (struct zstd_writer *)writer;
   ZSTD_inBuffer in;
   ZSTD_outBuffer out;
   size_t errorCode;
@@ -560,7 +553,7 @@ static CURLcode zstd_do_write(struct Curl_easy *data,
 static void zstd_do_close(struct Curl_easy *data,
                           struct Curl_cwriter *writer)
 {
-  struct zstd_writer *zp = (struct zstd_writer *) writer;
+  struct zstd_writer *zp = (struct zstd_writer *)writer;
   (void)data;
 
   if(zp->zds) {
@@ -614,7 +607,7 @@ static const struct Curl_cwtype * const transfer_unencoders[] = {
 };
 
 /* Provide a list of comma-separated names of supported encodings.
-*/
+ */
 void Curl_all_content_encodings(char *buf, size_t blen)
 {
   size_t len = 0;
diff --git a/lib/cookie.c b/lib/cookie.c
index 81a57942b2..e3cf8e4e0c 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -661,13 +661,12 @@ parse_cookie_header(struct Curl_easy *data,
   return CURLE_OK;
 }
 
-static CURLcode
-parse_netscape(struct Cookie *co,
-               struct CookieInfo *ci,
-               bool *okay,
-               const char *lineptr,
-               bool secure)  /* TRUE if connection is over secure
-                                origin */
+static CURLcode parse_netscape(struct Cookie *co,
+                               struct CookieInfo *ci,
+                               bool *okay,
+                               const char *lineptr,
+                               bool secure) /* TRUE if connection is over
+                                               secure origin */
 {
   /*
    * This line is NOT an HTTP header style line, we do offer support for
@@ -1247,7 +1246,7 @@ static int cookie_sort_ct(const void *p1, const void *p2)
 
 bool Curl_secure_context(struct connectdata *conn, const char *host)
 {
-  return conn->handler->protocol&(CURLPROTO_HTTPS|CURLPROTO_WSS) ||
+  return conn->handler->protocol & (CURLPROTO_HTTPS | CURLPROTO_WSS) ||
     curl_strequal("localhost", host) ||
     !strcmp(host, "127.0.0.1") ||
     !strcmp(host, "::1");
diff --git a/lib/cookie.h b/lib/cookie.h
index 5e9f5f7823..c1fb23ee4c 100644
--- a/lib/cookie.h
+++ b/lib/cookie.h
@@ -52,7 +52,7 @@ struct Cookie {
  * draft-ietf-httpbis-rfc6265bis-02
  */
 #define COOKIE_PREFIX__SECURE (1 << 0)
-#define COOKIE_PREFIX__HOST (1 << 1)
+#define COOKIE_PREFIX__HOST   (1 << 1)
 
 #define COOKIE_HASH_SIZE 63
 
diff --git a/lib/curl_addrinfo.c b/lib/curl_addrinfo.c
index 67c2f4177d..7993631bf1 100644
--- a/lib/curl_addrinfo.c
+++ b/lib/curl_addrinfo.c
@@ -71,8 +71,7 @@
 # define vqualifier
 #endif
 
-void
-Curl_freeaddrinfo(struct Curl_addrinfo *cahead)
+void Curl_freeaddrinfo(struct Curl_addrinfo *cahead)
 {
   struct Curl_addrinfo *vqualifier canext;
   struct Curl_addrinfo *ca;
@@ -83,7 +82,6 @@ Curl_freeaddrinfo(struct Curl_addrinfo *cahead)
   }
 }
 
-
 #ifdef HAVE_GETADDRINFO
 /*
  * Curl_getaddrinfo_ex()
@@ -98,12 +96,10 @@ Curl_freeaddrinfo(struct Curl_addrinfo *cahead)
  * There should be no single call to system's getaddrinfo() in the
  * whole library, any such call should be 'routed' through this one.
  */
-
-int
-Curl_getaddrinfo_ex(const char *nodename,
-                    const char *servname,
-                    const struct addrinfo *hints,
-                    struct Curl_addrinfo **result)
+int Curl_getaddrinfo_ex(const char *nodename,
+                        const char *servname,
+                        const struct addrinfo *hints,
+                        struct Curl_addrinfo **result)
 {
   const struct addrinfo *ai;
   struct addrinfo *aihead;
@@ -176,7 +172,6 @@ Curl_getaddrinfo_ex(const char *nodename,
     if(calast)
       calast->ai_next = ca;
     calast = ca;
-
   }
 
   /* destroy the addrinfo list */
@@ -208,7 +203,6 @@ Curl_getaddrinfo_ex(const char *nodename,
 }
 #endif /* HAVE_GETADDRINFO */
 
-
 /*
  * Curl_he2ai()
  *
@@ -248,10 +242,8 @@ Curl_getaddrinfo_ex(const char *nodename,
  *
  *     #define h_addr  h_addr_list[0]
  */
-
 #if !(defined(HAVE_GETADDRINFO) && defined(HAVE_GETADDRINFO_THREADSAFE))
-struct Curl_addrinfo *
-Curl_he2ai(const struct hostent *he, int port)
+struct Curl_addrinfo *Curl_he2ai(const struct hostent *he, int port)
 {
   struct Curl_addrinfo *ai;
   struct Curl_addrinfo *prevai = NULL;
@@ -350,10 +342,8 @@ Curl_he2ai(const struct hostent *he, int port)
  * returns a Curl_addrinfo chain filled in correctly with information for the
  * given address/host
  */
-
-static CURLcode
-ip2addr(struct Curl_addrinfo **addrp,
-        int af, const void *inaddr, const char *hostname, int port)
+static CURLcode ip2addr(struct Curl_addrinfo **addrp, int af,
+                        const void *inaddr, const char *hostname, int port)
 {
   struct Curl_addrinfo *ai;
   size_t addrsize;
@@ -473,7 +463,7 @@ struct Curl_addrinfo *Curl_unix2addr(const char *path, bool *longpath,
     return NULL;
   ai->ai_addr = (void *)((char *)ai + sizeof(struct Curl_addrinfo));
 
-  sa_un = (void *) ai->ai_addr;
+  sa_un = (void *)ai->ai_addr;
   sa_un->sun_family = AF_UNIX;
 
   /* sun_path must be able to store the null-terminated path */
@@ -508,10 +498,8 @@ struct Curl_addrinfo *Curl_unix2addr(const char *path, bool *longpath,
  * family otherwise present in memdebug.c. I put these ones here since they
  * require a bunch of structs I did not want to include in memdebug.c
  */
-
-void
-curl_dbg_freeaddrinfo(struct addrinfo *freethis,
-                      int line, const char *source)
+void curl_dbg_freeaddrinfo(struct addrinfo *freethis,
+                           int line, const char *source)
 {
   curl_dbg_log("ADDR %s:%d freeaddrinfo(%p)\n",
                source, line, (void *)freethis);
@@ -533,7 +521,6 @@ curl_dbg_freeaddrinfo(struct addrinfo *freethis,
 }
 #endif /* CURLDEBUG && HAVE_FREEADDRINFO */
 
-
 #if defined(CURLDEBUG) && defined(HAVE_GETADDRINFO)
 /*
  * curl_dbg_getaddrinfo()
@@ -542,13 +529,11 @@ curl_dbg_freeaddrinfo(struct addrinfo *freethis,
  * family otherwise present in memdebug.c. I put these ones here since they
  * require a bunch of structs I did not want to include in memdebug.c
  */
-
-int
-curl_dbg_getaddrinfo(const char *hostname,
-                     const char *service,
-                     const struct addrinfo *hints,
-                     struct addrinfo **result,
-                     int line, const char *source)
+int curl_dbg_getaddrinfo(const char *hostname,
+                         const char *service,
+                         const struct addrinfo *hints,
+                         struct addrinfo **result,
+                         int line, const char *source)
 {
 #ifdef USE_LWIPSOCK
   int res = lwip_getaddrinfo(hostname, service, hints, result);
@@ -566,11 +551,10 @@ curl_dbg_getaddrinfo(const char *hostname,
 #endif
   if(res == 0)
     /* success */
-    curl_dbg_log("ADDR %s:%d getaddrinfo() = %p\n",
-                 source, line, (void *)*result);
+    curl_dbg_log("ADDR %s:%d getaddrinfo() = %p\n", source, line,
+                 (void *)*result);
   else
-    curl_dbg_log("ADDR %s:%d getaddrinfo() failed\n",
-                 source, line);
+    curl_dbg_log("ADDR %s:%d getaddrinfo() failed\n", source, line);
   return res;
 }
 #endif /* CURLDEBUG && HAVE_GETADDRINFO */
diff --git a/lib/curl_addrinfo.h b/lib/curl_addrinfo.h
index 9a26c67849..378b31ed05 100644
--- a/lib/curl_addrinfo.h
+++ b/lib/curl_addrinfo.h
@@ -60,20 +60,17 @@ struct Curl_addrinfo {
   struct Curl_addrinfo *ai_next;
 };
 
-void
-Curl_freeaddrinfo(struct Curl_addrinfo *cahead);
+void Curl_freeaddrinfo(struct Curl_addrinfo *cahead);
 
 #ifdef HAVE_GETADDRINFO
-int
-Curl_getaddrinfo_ex(const char *nodename,
-                    const char *servname,
-                    const struct addrinfo *hints,
-                    struct Curl_addrinfo **result);
+int Curl_getaddrinfo_ex(const char *nodename,
+                        const char *servname,
+                        const struct addrinfo *hints,
+                        struct Curl_addrinfo **result);
 #endif
 
 #if !(defined(HAVE_GETADDRINFO) && defined(HAVE_GETADDRINFO_THREADSAFE))
-struct Curl_addrinfo *
-Curl_he2ai(const struct hostent *he, int port);
+struct Curl_addrinfo *Curl_he2ai(const struct hostent *he, int port);
 #endif
 
 bool Curl_is_ipaddr(const char *address);
@@ -85,23 +82,23 @@ struct Curl_addrinfo *Curl_unix2addr(const char *path, bool *longpath,
 #endif
 
 #if defined(CURLDEBUG) && defined(HAVE_GETADDRINFO) && \
-    defined(HAVE_FREEADDRINFO)
-void
-curl_dbg_freeaddrinfo(struct addrinfo *freethis, int line, const char *source);
+  defined(HAVE_FREEADDRINFO)
+void curl_dbg_freeaddrinfo(struct addrinfo *freethis, int line,
+                           const char *source);
 #endif
 
 #if defined(CURLDEBUG) && defined(HAVE_GETADDRINFO)
-int
-curl_dbg_getaddrinfo(const char *hostname, const char *service,
-                     const struct addrinfo *hints, struct addrinfo **result,
-                     int line, const char *source);
+int curl_dbg_getaddrinfo(const char *hostname, const char *service,
+                         const struct addrinfo *hints,
+                         struct addrinfo **result, int line,
+                         const char *source);
 #endif
 
 #ifdef HAVE_GETADDRINFO
 #ifdef USE_RESOLVE_ON_IPS
 void Curl_addrinfo_set_port(struct Curl_addrinfo *addrinfo, int port);
 #else
-#define Curl_addrinfo_set_port(x,y)
+#define Curl_addrinfo_set_port(x, y)
 #endif
 #endif
 
diff --git a/lib/curl_ctype.h b/lib/curl_ctype.h
index 48c3c37c35..153a8f9c6c 100644
--- a/lib/curl_ctype.h
+++ b/lib/curl_ctype.h
@@ -25,17 +25,17 @@
  ***************************************************************************/
 
 #define ISLOWHEXALHA(x) (((x) >= 'a') && ((x) <= 'f'))
-#define ISUPHEXALHA(x) (((x) >= 'A') && ((x) <= 'F'))
+#define ISUPHEXALHA(x)  (((x) >= 'A') && ((x) <= 'F'))
 
 #define ISLOWCNTRL(x) ((unsigned char)(x) <= 0x1f)
-#define IS7F(x) ((x) == 0x7f)
+#define IS7F(x)       ((x) == 0x7f)
 
 #define ISLOWPRINT(x) (((x) >= 9) && ((x) <= 0x0d))
 
 #define ISPRINT(x)  (ISLOWPRINT(x) || (((x) >= ' ') && ((x) <= 0x7e)))
 #define ISGRAPH(x)  (ISLOWPRINT(x) || (((x) > ' ') && ((x) <= 0x7e)))
-#define ISCNTRL(x) (ISLOWCNTRL(x) || IS7F(x))
-#define ISALPHA(x) (ISLOWER(x) || ISUPPER(x))
+#define ISCNTRL(x)  (ISLOWCNTRL(x) || IS7F(x))
+#define ISALPHA(x)  (ISLOWER(x) || ISUPPER(x))
 #define ISXDIGIT(x) (ISDIGIT(x) || ISLOWHEXALHA(x) || ISUPHEXALHA(x))
 #define ISODIGIT(x) (((x) >= '0') && ((x) <= '7'))
 #define ISALNUM(x)  (ISDIGIT(x) || ISLOWER(x) || ISUPPER(x))
diff --git a/lib/curl_fopen.c b/lib/curl_fopen.c
index cccf849acb..383b307e21 100644
--- a/lib/curl_fopen.c
+++ b/lib/curl_fopen.c
@@ -62,10 +62,10 @@ static char *dirslash(const char *path)
   n = strlen(path);
   if(n) {
     /* find the rightmost path separator, if any */
-    while(n && !IS_SEP(path[n-1]))
+    while(n && !IS_SEP(path[n - 1]))
       --n;
     /* skip over all the path separators, if any */
-    while(n && IS_SEP(path[n-1]))
+    while(n && IS_SEP(path[n - 1]))
       --n;
   }
   if(curlx_dyn_addn(&out, path, n))
diff --git a/lib/curl_get_line.c b/lib/curl_get_line.c
index ea31eb182f..5e553f4d31 100644
--- a/lib/curl_get_line.c
+++ b/lib/curl_get_line.c
@@ -29,8 +29,7 @@
 
 #include "curl_get_line.h"
 
-#define appendnl(b)                             \
-  curlx_dyn_addn(buf, "\n", 1)
+#define appendnl(b)  curlx_dyn_addn(buf, "\n", 1)
 
 /*
  * Curl_get_line() returns only complete whole lines that end with newline.
@@ -57,7 +56,7 @@ CURLcode Curl_get_line(struct dynbuf *buf, FILE *input, bool *eof)
     /* now check the full line */
     rlen = curlx_dyn_len(buf);
     b = curlx_dyn_ptr(buf);
-    if(rlen && (b[rlen-1] == '\n'))
+    if(rlen && (b[rlen - 1] == '\n'))
       /* LF at end of the line */
       return CURLE_OK; /* all good */
     if(*eof)
diff --git a/lib/curl_gethostname.c b/lib/curl_gethostname.c
index 9f2624ff05..e339e60798 100644
--- a/lib/curl_gethostname.c
+++ b/lib/curl_gethostname.c
@@ -93,5 +93,4 @@ int Curl_gethostname(char * const name, GETHOSTNAME_TYPE_ARG2 namelen)
 
   return 0;
 #endif
-
 }
diff --git a/lib/curl_gssapi.c b/lib/curl_gssapi.c
index 7f5bd72954..31addb8fbc 100644
--- a/lib/curl_gssapi.c
+++ b/lib/curl_gssapi.c
@@ -154,7 +154,7 @@ stub_gss_init_sec_context(OM_uint32 *min,
     }
 
     /* Server response, either D (RA==) or C (Qw==) */
-    if(((char *) input_token->value)[0] == 'D') {
+    if(((char *)input_token->value)[0] == 'D') {
       /* Done */
       switch(ctx->sent) {
       case STUB_GSS_KRB5:
@@ -170,7 +170,7 @@ stub_gss_init_sec_context(OM_uint32 *min,
       }
     }
 
-    if(((char *) input_token->value)[0] != 'C') {
+    if(((char *)input_token->value)[0] != 'C') {
       /* We only support Done or Continue */
       *min = STUB_GSS_SERVER_ERR;
       return GSS_S_FAILURE;
diff --git a/lib/curl_hmac.h b/lib/curl_hmac.h
index 9675c6c542..285846afe7 100644
--- a/lib/curl_hmac.h
+++ b/lib/curl_hmac.h
@@ -56,7 +56,6 @@ struct HMAC_context {
   void *hashctxt2;         /* Hash function context 2. */
 };
 
-
 /* Prototypes. */
 struct HMAC_context *Curl_HMAC_init(const struct HMAC_params *hashparams,
                                     const unsigned char *key,
diff --git a/lib/curl_ldap.h b/lib/curl_ldap.h
index 9da9b717d5..5ef32a5a30 100644
--- a/lib/curl_ldap.h
+++ b/lib/curl_ldap.h
@@ -26,9 +26,9 @@
 #ifndef CURL_DISABLE_LDAP
 extern const struct Curl_handler Curl_handler_ldap;
 
-#if !defined(CURL_DISABLE_LDAPS) && \
-    ((defined(USE_OPENLDAP) && defined(USE_SSL)) || \
-     (!defined(USE_OPENLDAP) && defined(HAVE_LDAP_SSL)))
+#if !defined(CURL_DISABLE_LDAPS) &&                    \
+  ((defined(USE_OPENLDAP) && defined(USE_SSL)) ||      \
+   (!defined(USE_OPENLDAP) && defined(HAVE_LDAP_SSL)))
 extern const struct Curl_handler Curl_handler_ldaps;
 #endif
 
diff --git a/lib/curl_memrchr.c b/lib/curl_memrchr.c
index 8146458407..d8b4eef9f4 100644
--- a/lib/curl_memrchr.c
+++ b/lib/curl_memrchr.c
@@ -37,9 +37,7 @@
  * backwards from the end of the n bytes pointed to by s instead of forward
  * from the beginning.
  */
-
-void *
-Curl_memrchr(const void *s, int c, size_t n)
+void *Curl_memrchr(const void *s, int c, size_t n)
 {
   if(n > 0) {
     const unsigned char *p = s;
diff --git a/lib/curl_memrchr.h b/lib/curl_memrchr.h
index 3c7dda96ac..73bd346cde 100644
--- a/lib/curl_memrchr.h
+++ b/lib/curl_memrchr.h
@@ -35,7 +35,7 @@
 
 #else /* HAVE_MEMRCHR */
 void *Curl_memrchr(const void *s, int c, size_t n);
-#define memrchr(x,y,z) Curl_memrchr((x),(y),(z))
+#define memrchr(x, y, z)  Curl_memrchr((x), (y), (z))
 
 #endif /* HAVE_MEMRCHR */
 
diff --git a/lib/curl_ntlm_core.c b/lib/curl_ntlm_core.c
index f2c8c2d2a6..8bb273693d 100644
--- a/lib/curl_ntlm_core.c
+++ b/lib/curl_ntlm_core.c
@@ -53,7 +53,7 @@
 #ifdef USE_MBEDTLS
 #include 
 #if MBEDTLS_VERSION_NUMBER < 0x03020000
-  #error "mbedTLS 3.2.0 or later required"
+#error "mbedTLS 3.2.0 or later required"
 #endif
 #endif
 
@@ -81,13 +81,13 @@
 #  include 
 #  include 
 #  ifdef OPENSSL_COEXIST
-#    define DES_key_schedule WOLFSSL_DES_key_schedule
-#    define DES_cblock WOLFSSL_DES_cblock
-#    define DES_set_odd_parity wolfSSL_DES_set_odd_parity
-#    define DES_set_key wolfSSL_DES_set_key
+#    define DES_key_schedule      WOLFSSL_DES_key_schedule
+#    define DES_cblock            WOLFSSL_DES_cblock
+#    define DES_set_odd_parity    wolfSSL_DES_set_odd_parity
+#    define DES_set_key           wolfSSL_DES_set_key
 #    define DES_set_key_unchecked wolfSSL_DES_set_key_unchecked
-#    define DES_ecb_encrypt wolfSSL_DES_ecb_encrypt
-#    define DESKEY(x) ((WOLFSSL_DES_key_schedule *)(x))
+#    define DES_ecb_encrypt       wolfSSL_DES_ecb_encrypt
+#    define DESKEY(x)             ((WOLFSSL_DES_key_schedule *)(x))
 #  else
 #    define DESKEY(x) &x
 #  endif
@@ -161,8 +161,8 @@ static void curl_des_set_odd_parity(unsigned char *bytes, size_t len)
 #endif /* USE_CURL_DES_SET_ODD_PARITY */
 
 /*
-* Turns a 56-bit key into being 64-bit wide.
-*/
+ * Turns a 56-bit key into being 64-bit wide.
+ */
 static void extend_key_56_to_64(const unsigned char *key_56, char *key)
 {
   key[0] = (char)key_56[0];
@@ -186,7 +186,7 @@ static void setup_des_key(const unsigned char *key_56,
   DES_cblock key;
 
   /* Expand the 56-bit key to 64 bits */
-  extend_key_56_to_64(key_56, (char *) &key);
+  extend_key_56_to_64(key_56, (char *)&key);
 
   /* Set the key parity to odd */
   DES_set_odd_parity(&key);
@@ -197,8 +197,7 @@ static void setup_des_key(const unsigned char *key_56,
 
 #elif defined(USE_GNUTLS)
 
-static void setup_des_key(const unsigned char *key_56,
-                          struct des_ctx *des)
+static void setup_des_key(const unsigned char *key_56, struct des_ctx *des)
 {
   char key[8];
 
@@ -206,10 +205,10 @@ static void setup_des_key(const unsigned char *key_56,
   extend_key_56_to_64(key_56, key);
 
   /* Set the key parity to odd */
-  curl_des_set_odd_parity((unsigned char *) key, sizeof(key));
+  curl_des_set_odd_parity((unsigned char *)key, sizeof(key));
 
   /* Set the key */
-  des_set_key(des, (const uint8_t *) key);
+  des_set_key(des, (const uint8_t *)key);
 }
 
 #elif defined(USE_MBEDTLS_DES)
@@ -224,11 +223,11 @@ static bool encrypt_des(const unsigned char *in, unsigned char *out,
   extend_key_56_to_64(key_56, key);
 
   /* Set the key parity to odd */
-  mbedtls_des_key_set_parity((unsigned char *) key);
+  mbedtls_des_key_set_parity((unsigned char *)key);
 
   /* Perform the encryption */
   mbedtls_des_init(&ctx);
-  mbedtls_des_setkey_enc(&ctx, (unsigned char *) key);
+  mbedtls_des_setkey_enc(&ctx, (unsigned char *)key);
   return mbedtls_des_crypt_ecb(&ctx, in, out) == 0;
 }
 
@@ -248,10 +247,10 @@ static bool encrypt_des(const unsigned char *in, unsigned char *out,
   extend_key_56_to_64(key_56, ctl.Crypto_Key);
 
   /* Set the key parity to odd */
-  curl_des_set_odd_parity((unsigned char *) ctl.Crypto_Key, ctl.Data_Len);
+  curl_des_set_odd_parity((unsigned char *)ctl.Crypto_Key, ctl.Data_Len);
 
   /* Perform the encryption */
-  _CIPHER((_SPCPTR *) &out, &ctl, (_SPCPTR *) &in);
+  _CIPHER((_SPCPTR *)&out, &ctl, (_SPCPTR *)&in);
 
   return TRUE;
 }
@@ -286,10 +285,10 @@ static bool encrypt_des(const unsigned char *in, unsigned char *out,
   extend_key_56_to_64(key_56, blob.key);
 
   /* Set the key parity to odd */
-  curl_des_set_odd_parity((unsigned char *) blob.key, sizeof(blob.key));
+  curl_des_set_odd_parity((unsigned char *)blob.key, sizeof(blob.key));
 
   /* Import the key */
-  if(!CryptImportKey(hprov, (BYTE *) &blob, sizeof(blob), 0, 0, &hkey)) {
+  if(!CryptImportKey(hprov, (BYTE *)&blob, sizeof(blob), 0, 0, &hkey)) {
     CryptReleaseContext(hprov, 0);
 
     return FALSE;
@@ -308,11 +307,11 @@ static bool encrypt_des(const unsigned char *in, unsigned char *out,
 
 #endif /* USE_WIN32_CRYPTO */
 
- /*
-  * takes a 21 byte array and treats it as 3 56-bit DES keys. The
-  * 8 byte plaintext is encrypted with each key and the resulting 24
-  * bytes are stored in the results array.
-  */
+/*
+ * takes a 21 byte array and treats it as 3 56-bit DES keys. The
+ * 8 byte plaintext is encrypted with each key and the resulting 24
+ * bytes are stored in the results array.
+ */
 void Curl_ntlm_core_lm_resp(const unsigned char *keys,
                             const unsigned char *plaintext,
                             unsigned char *results)
@@ -321,16 +320,16 @@ void Curl_ntlm_core_lm_resp(const unsigned char *keys,
   DES_key_schedule ks;
 
   setup_des_key(keys, DESKEY(ks));
-  DES_ecb_encrypt((DES_cblock*)CURL_UNCONST(plaintext),
-                  (DES_cblock*)results, DESKEY(ks), DES_ENCRYPT);
+  DES_ecb_encrypt((DES_cblock *)CURL_UNCONST(plaintext),
+                  (DES_cblock *)results, DESKEY(ks), DES_ENCRYPT);
 
   setup_des_key(keys + 7, DESKEY(ks));
-  DES_ecb_encrypt((DES_cblock*)CURL_UNCONST(plaintext),
-                  (DES_cblock*)(results + 8), DESKEY(ks), DES_ENCRYPT);
+  DES_ecb_encrypt((DES_cblock *)CURL_UNCONST(plaintext),
+                  (DES_cblock *)(results + 8), DESKEY(ks), DES_ENCRYPT);
 
   setup_des_key(keys + 14, DESKEY(ks));
-  DES_ecb_encrypt((DES_cblock*)CURL_UNCONST(plaintext),
-                  (DES_cblock*)(results + 16), DESKEY(ks), DES_ENCRYPT);
+  DES_ecb_encrypt((DES_cblock *)CURL_UNCONST(plaintext),
+                  (DES_cblock *)(results + 16), DESKEY(ks), DES_ENCRYPT);
 #elif defined(USE_GNUTLS)
   struct des_ctx des;
   setup_des_key(keys, &des);
@@ -431,7 +430,7 @@ CURLcode Curl_ntlm_core_mk_nt_hash(const char *password,
   size_t len = strlen(password);
   unsigned char *pw;
   CURLcode result;
-  if(len > SIZE_MAX/2) /* avoid integer overflow */
+  if(len > SIZE_MAX / 2) /* avoid integer overflow */
     return CURLE_OUT_OF_MEMORY;
   pw = len ? curlx_malloc(len * 2) : (unsigned char *)curlx_strdup("");
   if(!pw)
@@ -452,7 +451,7 @@ CURLcode Curl_ntlm_core_mk_nt_hash(const char *password,
 #ifndef USE_WINDOWS_SSPI
 
 #define NTLMv2_BLOB_SIGNATURE "\x01\x01\x00\x00"
-#define NTLMv2_BLOB_LEN       (44 -16 + ntlm->target_info_len + 4)
+#define NTLMv2_BLOB_LEN       (44 - 16 + ntlm->target_info_len + 4)
 
 /* Timestamp in tenths of a microsecond since January 1, 1601 00:00:00 UTC. */
 struct ms_filetime {
@@ -474,11 +473,11 @@ static void time2filetime(struct ms_filetime *ft, time_t t)
   ft->dwLowDateTime = (unsigned int)(t & 0xFFFFFFFF);
   ft->dwHighDateTime = 0;
 
-# ifndef HAVE_TIME_T_UNSIGNED
+#ifndef HAVE_TIME_T_UNSIGNED
   /* Extend sign if needed. */
   if(ft->dwLowDateTime & 0x80000000)
     ft->dwHighDateTime = ~(unsigned int)0;
-# endif
+#endif
 
   /* Bias seconds to Jan 1, 1601.
      134774 days = 11644473600 seconds = 0x2B6109100 */
@@ -559,20 +558,20 @@ CURLcode Curl_ntlm_core_mk_ntlmv2_resp(unsigned char *ntlmv2hash,
                                        unsigned char **ntresp,
                                        unsigned int *ntresp_len)
 {
-/* NTLMv2 response structure :
-------------------------------------------------------------------------------
-0     HMAC MD5         16 bytes
-------BLOB--------------------------------------------------------------------
-16    Signature        0x01010000
-20    Reserved         long (0x00000000)
-24    Timestamp        LE, 64-bit signed value representing the number of
-                       tenths of a microsecond since January 1, 1601.
-32    Client Nonce     8 bytes
-40    Unknown          4 bytes
-44    Target Info      N bytes (from the type-2 message)
-44+N  Unknown          4 bytes
-------------------------------------------------------------------------------
-*/
+  /* NTLMv2 response structure :
+  -----------------------------------------------------------------------------
+  0     HMAC MD5         16 bytes
+  ------BLOB-------------------------------------------------------------------
+  16    Signature        0x01010000
+  20    Reserved         long (0x00000000)
+  24    Timestamp        LE, 64-bit signed value representing the number of
+                         tenths of a microsecond since January 1, 1601.
+  32    Client Nonce     8 bytes
+  40    Unknown          4 bytes
+  44    Target Info      N bytes (from the type-2 message)
+  44+N  Unknown          4 bytes
+  -----------------------------------------------------------------------------
+  */
 
   unsigned int len = 0;
   unsigned char *ptr = NULL;
@@ -585,7 +584,7 @@ CURLcode Curl_ntlm_core_mk_ntlmv2_resp(unsigned char *ntlmv2hash,
 #ifdef DEBUGBUILD
   char *force_timestamp = getenv("CURL_FORCETIME");
   if(force_timestamp)
-    time2filetime(&tw, (time_t) 0);
+    time2filetime(&tw, (time_t)0);
   else
 #endif
     time2filetime(&tw, time(NULL));
diff --git a/lib/curl_ntlm_core.h b/lib/curl_ntlm_core.h
index 584f4a17d5..2e23d44bf5 100644
--- a/lib/curl_ntlm_core.h
+++ b/lib/curl_ntlm_core.h
@@ -58,16 +58,16 @@ CURLcode Curl_ntlm_core_mk_ntlmv2_hash(const char *user, size_t userlen,
                                        unsigned char *ntlmhash,
                                        unsigned char *ntlmv2hash);
 
-CURLcode  Curl_ntlm_core_mk_ntlmv2_resp(unsigned char *ntlmv2hash,
-                                        unsigned char *challenge_client,
-                                        struct ntlmdata *ntlm,
-                                        unsigned char **ntresp,
-                                        unsigned int *ntresp_len);
+CURLcode Curl_ntlm_core_mk_ntlmv2_resp(unsigned char *ntlmv2hash,
+                                       unsigned char *challenge_client,
+                                       struct ntlmdata *ntlm,
+                                       unsigned char **ntresp,
+                                       unsigned int *ntresp_len);
 
-CURLcode  Curl_ntlm_core_mk_lmv2_resp(unsigned char *ntlmv2hash,
-                                      unsigned char *challenge_client,
-                                      unsigned char *challenge_server,
-                                      unsigned char *lmresp);
+CURLcode Curl_ntlm_core_mk_lmv2_resp(unsigned char *ntlmv2hash,
+                                     unsigned char *challenge_client,
+                                     unsigned char *challenge_server,
+                                     unsigned char *lmresp);
 
 #endif /* !USE_WINDOWS_SSPI */
 
diff --git a/lib/curl_range.c b/lib/curl_range.c
index e9620a29b5..4f78868813 100644
--- a/lib/curl_range.c
+++ b/lib/curl_range.c
@@ -31,10 +31,10 @@
 /* Only include this function if one or more of FTP, FILE are enabled. */
 #if !defined(CURL_DISABLE_FTP) || !defined(CURL_DISABLE_FILE)
 
- /*
-  Check if this is a range download, and if so, set the internal variables
-  properly.
- */
+/*
+ Check if this is a range download, and if so, set the internal variables
+ properly.
+*/
 CURLcode Curl_range(struct Curl_easy *data)
 {
   if(data->state.use_range && data->state.range) {
diff --git a/lib/curl_rtmp.c b/lib/curl_rtmp.c
index 6f9e7c37b4..1eebbb5b3f 100644
--- a/lib/curl_rtmp.c
+++ b/lib/curl_rtmp.c
@@ -38,12 +38,12 @@
 #include 
 
 #if defined(USE_WINSOCK) || defined(LWIP_SO_SNDRCVTIMEO_NONSTANDARD)
-#define SET_RCVTIMEO(tv,s)   int tv = s*1000
+#define SET_RCVTIMEO(tv, s)  int tv = s * 1000
 #else
-#define SET_RCVTIMEO(tv,s)   struct timeval tv = {s,0}
+#define SET_RCVTIMEO(tv, s)  struct timeval tv = { s, 0 }
 #endif
 
-#define DEF_BUFTIME    (2*60*60*1000)    /* 2 hours */
+#define DEF_BUFTIME    (2 * 60 * 60 * 1000)    /* 2 hours */
 
 /* meta key for storing RTMP* at connection */
 #define CURL_META_RTMP_CONN   "meta:proto:rtmp:conn"
diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c
index f0b6e9471e..a4cd5a207b 100644
--- a/lib/curl_sasl.c
+++ b/lib/curl_sasl.c
@@ -235,7 +235,7 @@ static CURLcode get_server_message(struct SASL *sasl, struct Curl_easy *data,
   if(!result && (sasl->params->flags & SASL_FLAG_BASE64)) {
     unsigned char *msg;
     size_t msglen;
-    const char *serverdata = (const char *) Curl_bufref_ptr(out);
+    const char *serverdata = (const char *)Curl_bufref_ptr(out);
 
     if(!*serverdata || *serverdata == '=')
       Curl_bufref_set(out, NULL, 0, NULL);
@@ -355,8 +355,8 @@ static bool sasl_choose_gsasl(struct Curl_easy *data, struct sasl_ctx *sctx)
   struct gsasldata *gsasl;
   struct bufref nullmsg;
 
-  if(sctx->user &&
-     (sctx->enabledmechs & (SASL_MECH_SCRAM_SHA_256|SASL_MECH_SCRAM_SHA_1))) {
+  if(sctx->user && (sctx->enabledmechs &
+                    (SASL_MECH_SCRAM_SHA_256 | SASL_MECH_SCRAM_SHA_1))) {
     gsasl = Curl_auth_gsasl_get(sctx->conn);
     if(!gsasl) {
       sctx->result = CURLE_OUT_OF_MEMORY;
@@ -364,14 +364,14 @@ static bool sasl_choose_gsasl(struct Curl_easy *data, struct sasl_ctx *sctx)
     }
 
     if((sctx->enabledmechs & SASL_MECH_SCRAM_SHA_256) &&
-      Curl_auth_gsasl_is_supported(data, SASL_MECH_STRING_SCRAM_SHA_256,
-                                   gsasl)) {
+       Curl_auth_gsasl_is_supported(data, SASL_MECH_STRING_SCRAM_SHA_256,
+                                    gsasl)) {
       sctx->mech = SASL_MECH_STRING_SCRAM_SHA_256;
       sctx->sasl->authused = SASL_MECH_SCRAM_SHA_256;
     }
     else if((sctx->enabledmechs & SASL_MECH_SCRAM_SHA_1) &&
-      Curl_auth_gsasl_is_supported(data, SASL_MECH_STRING_SCRAM_SHA_1,
-                                   gsasl)) {
+            Curl_auth_gsasl_is_supported(data, SASL_MECH_STRING_SCRAM_SHA_1,
+                                         gsasl)) {
       sctx->mech = SASL_MECH_STRING_SCRAM_SHA_1;
       sctx->sasl->authused = SASL_MECH_SCRAM_SHA_1;
     }
@@ -399,7 +399,7 @@ static bool sasl_choose_digest(struct Curl_easy *data, struct sasl_ctx *sctx)
   if(!sctx->user)
     return FALSE;
   else if((sctx->enabledmechs & SASL_MECH_DIGEST_MD5) &&
-     Curl_auth_is_digest_supported()) {
+          Curl_auth_is_digest_supported()) {
     sctx->mech = SASL_MECH_STRING_DIGEST_MD5;
     sctx->state1 = SASL_DIGESTMD5;
     sctx->sasl->authused = SASL_MECH_DIGEST_MD5;
diff --git a/lib/curl_setup.h b/lib/curl_setup.h
index 2cc18cf414..ca275df0ad 100644
--- a/lib/curl_setup.h
+++ b/lib/curl_setup.h
@@ -325,8 +325,8 @@
  * Direct macros concatenation does not work because macros
  * are not expanded before direct concatenation.
  */
-#define CURL_CONC_MACROS_(A,B) A ## B
-#define CURL_CONC_MACROS(A,B) CURL_CONC_MACROS_(A,B)
+#define CURL_CONC_MACROS_(A, B) A ## B
+#define CURL_CONC_MACROS(A, B) CURL_CONC_MACROS_(A, B)
 
 /* curl uses its own printf() function internally. It understands the GNU
  * format. Use this format, so that it matches the GNU format attribute we
@@ -431,9 +431,9 @@
 #    ifdef __amigaos4__
        int Curl_amiga_select(int nfds, fd_set *readfds, fd_set *writefds,
                              fd_set *errorfds, struct timeval *timeout);
-#      define select(a,b,c,d,e) Curl_amiga_select(a,b,c,d,e)
+#      define select(a, b, c, d, e) Curl_amiga_select(a, b, c, d, e)
 #    else
-#      define select(a,b,c,d,e) WaitSelect(a,b,c,d,e,0)
+#      define select(a, b, c, d, e) WaitSelect(a, b, c, d, e, 0)
 #    endif
      /* must not use libc's fcntl() on bsdsocket.library sockfds! */
 #    undef HAVE_FCNTL
@@ -485,7 +485,7 @@
 #    undef  lseek
 #    define lseek(fdes, offset, whence)  _lseeki64(fdes, offset, whence)
 #    undef  fstat
-#    define fstat(fdes,stp)              _fstati64(fdes, stp)
+#    define fstat(fdes, stp)             _fstati64(fdes, stp)
 #    define struct_stat                  struct _stati64
 #    define LSEEK_ERROR                  (__int64)-1
 #  else
@@ -500,8 +500,8 @@
    /* Requires DJGPP 2.04 */
 #  include 
 #  undef  lseek
-#  define lseek(fdes,offset,whence)  llseek(fdes, offset, whence)
-#  define LSEEK_ERROR                (offset_t)-1
+#  define lseek(fdes, offset, whence)  llseek(fdes, offset, whence)
+#  define LSEEK_ERROR                  (offset_t)-1
 #endif
 
 #ifndef struct_stat
@@ -570,7 +570,7 @@
 #endif
 #define CURL_OFF_T_MIN (-CURL_OFF_T_MAX - 1)
 
-#define FMT_OFF_T CURL_FORMAT_CURL_OFF_T
+#define FMT_OFF_T  CURL_FORMAT_CURL_OFF_T
 #define FMT_OFF_TU CURL_FORMAT_CURL_OFF_TU
 
 #if (SIZEOF_TIME_T == 4)
@@ -639,8 +639,8 @@
 #  ifdef MSDOS  /* Watt-32 */
 
 #    include 
-#    define select(n,r,w,x,t) select_s(n,r,w,x,t)
-#    define ioctl(x,y,z) ioctlsocket(x,y,(char *)(z))
+#    define select(n, r, w, x, t)  select_s(n, r, w, x, t)
+#    define ioctl(x, y, z)         ioctlsocket(x, y, (char *)(z))
 #    include 
 #    undef word
 #    undef byte
@@ -899,15 +899,15 @@ endings either CRLF or LF so 't' is appropriate.
 
 /* Some convenience macros to get the larger/smaller value out of two given.
    We prefix with CURL to prevent name collisions. */
-#define CURLMAX(x,y) ((x)>(y)?(x):(y))
-#define CURLMIN(x,y) ((x)<(y)?(x):(y))
+#define CURLMAX(x, y) ((x) > (y) ? (x) : (y))
+#define CURLMIN(x, y) ((x) < (y) ? (x) : (y))
 
 /* A convenience macro to provide both the string literal and the length of
    the string literal in one go, useful for functions that take "string,len"
    as their argument */
-#define STRCONST(x) x,sizeof(x)-1
+#define STRCONST(x) x, sizeof(x) - 1
 
-#define CURL_ARRAYSIZE(A) (sizeof(A)/sizeof((A)[0]))
+#define CURL_ARRAYSIZE(A) (sizeof(A) / sizeof((A)[0]))
 
 /* Buffer size for error messages retrieved via
    curlx_strerror() and Curl_sspi_strerror() */
@@ -1033,28 +1033,28 @@ CURL_EXTERN ALLOC_FUNC
   FILE *curl_dbg_fdopen(int filedes, const char *mode,
                         int line, const char *source);
 
-#define sclose(sockfd) curl_dbg_sclose(sockfd,__LINE__,__FILE__)
-#define fake_sclose(sockfd) curl_dbg_mark_sclose(sockfd,__LINE__,__FILE__)
+#define sclose(sockfd) curl_dbg_sclose(sockfd, __LINE__, __FILE__)
+#define fake_sclose(sockfd) curl_dbg_mark_sclose(sockfd, __LINE__, __FILE__)
 
-#define CURL_GETADDRINFO(host,serv,hint,res) \
+#define CURL_GETADDRINFO(host, serv, hint, res) \
   curl_dbg_getaddrinfo(host, serv, hint, res, __LINE__, __FILE__)
 #define CURL_FREEADDRINFO(data) \
   curl_dbg_freeaddrinfo(data, __LINE__, __FILE__)
-#define CURL_SOCKET(domain,type,protocol) \
+#define CURL_SOCKET(domain, type, protocol) \
   curl_dbg_socket((int)domain, type, protocol, __LINE__, __FILE__)
 #ifdef HAVE_SOCKETPAIR
-#define CURL_SOCKETPAIR(domain,type,protocol,socket_vector) \
+#define CURL_SOCKETPAIR(domain, type, protocol, socket_vector) \
   curl_dbg_socketpair((int)domain, type, protocol, socket_vector, \
                       __LINE__, __FILE__)
 #endif
-#define CURL_ACCEPT(sock,addr,len) \
+#define CURL_ACCEPT(sock, addr, len) \
   curl_dbg_accept(sock, addr, len, __LINE__, __FILE__)
 #ifdef HAVE_ACCEPT4
-#define CURL_ACCEPT4(sock,addr,len,flags) \
+#define CURL_ACCEPT4(sock, addr, len, flags) \
   curl_dbg_accept4(sock, addr, len, flags, __LINE__, __FILE__)
 #endif
-#define CURL_SEND(a,b,c,d) curl_dbg_send(a,b,c,d, __LINE__, __FILE__)
-#define CURL_RECV(a,b,c,d) curl_dbg_recv(a,b,c,d, __LINE__, __FILE__)
+#define CURL_SEND(a, b, c, d) curl_dbg_send(a, b, c, d, __LINE__, __FILE__)
+#define CURL_RECV(a, b, c, d) curl_dbg_recv(a, b, c, d, __LINE__, __FILE__)
 
 #else /* !CURLDEBUG */
 
diff --git a/lib/curl_setup_once.h b/lib/curl_setup_once.h
index 7caf6c9bc5..cf494b2ba8 100644
--- a/lib/curl_setup_once.h
+++ b/lib/curl_setup_once.h
@@ -104,7 +104,6 @@
 /*
  * Definition of timeval struct for platforms that do not have it.
  */
-
 #ifndef HAVE_STRUCT_TIMEVAL
 struct timeval {
   long tv_sec;
@@ -112,24 +111,21 @@ struct timeval {
 };
 #endif
 
-
 /*
  * If we have the MSG_NOSIGNAL define, make sure we use
  * it as the fourth argument of function send()
  */
-
 #ifdef HAVE_MSG_NOSIGNAL
 #define SEND_4TH_ARG MSG_NOSIGNAL
 #else
 #define SEND_4TH_ARG 0
 #endif
 
-
 #ifdef __minix
 /* Minix does not support recv on TCP sockets */
-#define sread(x,y,z) (ssize_t)read((RECV_TYPE_ARG1)(x), \
-                                   (RECV_TYPE_ARG2)(y), \
-                                   (RECV_TYPE_ARG3)(z))
+#define sread(x, y, z) (ssize_t)read((RECV_TYPE_ARG1)(x), \
+                                     (RECV_TYPE_ARG2)(y), \
+                                     (RECV_TYPE_ARG3)(z))
 
 #elif defined(HAVE_RECV)
 /*
@@ -154,10 +150,10 @@ struct timeval {
  * SEND_TYPE_RETV must also be defined.
  */
 
-#define sread(x,y,z) (ssize_t)recv((RECV_TYPE_ARG1)(x), \
-                                   (RECV_TYPE_ARG2)(y), \
-                                   (RECV_TYPE_ARG3)(z), \
-                                   (RECV_TYPE_ARG4)(0))
+#define sread(x, y, z) (ssize_t)recv((RECV_TYPE_ARG1)(x), \
+                                     (RECV_TYPE_ARG2)(y), \
+                                     (RECV_TYPE_ARG3)(z), \
+                                     (RECV_TYPE_ARG4)(0))
 #else /* HAVE_RECV */
 #ifndef sread
 #error "Missing definition of macro sread!"
@@ -167,25 +163,23 @@ struct timeval {
 
 #ifdef __minix
 /* Minix does not support send on TCP sockets */
-#define swrite(x,y,z) (ssize_t)write((SEND_TYPE_ARG1)(x), \
-                                     (SEND_TYPE_ARG2)CURL_UNCONST(y), \
-                                     (SEND_TYPE_ARG3)(z))
+#define swrite(x, y, z) (ssize_t)write((SEND_TYPE_ARG1)(x), \
+                                       (SEND_TYPE_ARG2)CURL_UNCONST(y), \
+                                       (SEND_TYPE_ARG3)(z))
 #elif defined(HAVE_SEND)
-#define swrite(x,y,z) (ssize_t)send((SEND_TYPE_ARG1)(x), \
+#define swrite(x, y, z) (ssize_t)send((SEND_TYPE_ARG1)(x), \
                               (SEND_QUAL_ARG2 SEND_TYPE_ARG2)CURL_UNCONST(y), \
-                                    (SEND_TYPE_ARG3)(z), \
-                                    (SEND_TYPE_ARG4)(SEND_4TH_ARG))
+                                      (SEND_TYPE_ARG3)(z), \
+                                      (SEND_TYPE_ARG4)(SEND_4TH_ARG))
 #else /* HAVE_SEND */
 #ifndef swrite
 #error "Missing definition of macro swrite!"
 #endif
 #endif /* HAVE_SEND */
 
-
 /*
  * Function-like macro definition used to close a socket.
  */
-
 #ifdef HAVE_CLOSESOCKET
 #  define CURL_SCLOSE(x)  closesocket((x))
 #elif defined(HAVE_CLOSESOCKET_CAMEL)
@@ -210,7 +204,6 @@ struct timeval {
 /*
  * 'bool' stuff compatible with HP-UX headers.
  */
-
 #if defined(__hpux) && !defined(HAVE_BOOL_T)
    typedef int bool;
 #  define false 0
@@ -218,14 +211,12 @@ struct timeval {
 #  define HAVE_BOOL_T
 #endif
 
-
 /*
  * 'bool' exists on platforms with , i.e. C99 platforms.
  * On non-C99 platforms there is no bool, so define an enum for that.
  * On C99 platforms 'false' and 'true' also exist. Enum uses a
  * global namespace though, so use bool_false and bool_true.
  */
-
 #ifndef HAVE_BOOL_T
   typedef enum {
     bool_false = 0,
@@ -258,7 +249,6 @@ typedef unsigned int bit;
  * 'bool found = TRUE' will not. Change tested on IRIX/MIPSPro,
  * AIX 5.1/Xlc, Tru64 5.1/cc, w/make test too.
  */
-
 #ifndef TRUE
 #define TRUE true
 #endif
@@ -268,22 +258,18 @@ typedef unsigned int bit;
 
 #include "curl_ctype.h"
 
-
 /*
  * Macro used to include code only in debug builds.
  */
-
 #ifdef DEBUGBUILD
 #define DEBUGF(x) x
 #else
 #define DEBUGF(x) do { } while(0)
 #endif
 
-
 /*
  * Macro used to include assertion code only in debug builds.
  */
-
 #undef DEBUGASSERT
 #ifdef DEBUGBUILD
 #define DEBUGASSERT(x) assert(x)
@@ -291,12 +277,10 @@ typedef unsigned int bit;
 #define DEBUGASSERT(x) do { } while(0)
 #endif
 
-
 /*
  * Macro SOCKERRNO / SET_SOCKERRNO() returns / sets the *socket-related* errno
  * (or equivalent) on this platform to hide platform details to code using it.
  */
-
 #ifdef USE_WINSOCK
 #define SOCKERRNO         ((int)WSAGetLastError())
 #define SET_SOCKERRNO(x)  (WSASetLastError((int)(x)))
@@ -305,11 +289,9 @@ typedef unsigned int bit;
 #define SET_SOCKERRNO(x)  (errno = (x))
 #endif
 
-
 /*
  * Portable error number symbolic names defined to Winsock error codes.
  */
-
 #ifdef USE_WINSOCK
 #define SOCKEACCES        WSAEACCES
 #define SOCKEADDRINUSE    WSAEADDRINUSE
@@ -349,7 +331,6 @@ typedef unsigned int bit;
 /*
  * Macro argv_item_t hides platform details to code using it.
  */
-
 #ifdef __VMS
 #define argv_item_t  __char_ptr32
 #elif defined(_UNICODE)
@@ -358,13 +339,10 @@ typedef unsigned int bit;
 #define argv_item_t  char *
 #endif
 
-
 /*
  * We use this ZERO_NULL to avoid picky compiler warnings,
  * when assigning a NULL pointer to a function pointer var.
  */
-
 #define ZERO_NULL 0
 
-
 #endif /* HEADER_CURL_SETUP_ONCE_H */
diff --git a/lib/curl_sha512_256.c b/lib/curl_sha512_256.c
index af768fd2aa..cc49aa4c77 100644
--- a/lib/curl_sha512_256.c
+++ b/lib/curl_sha512_256.c
@@ -30,12 +30,12 @@
 #include "curlx/warnless.h"
 
 /* The recommended order of the TLS backends:
- * * OpenSSL
- * * GnuTLS
- * * wolfSSL
- * * Schannel SSPI
- * * mbedTLS
- * * Rustls
+ * 1. OpenSSL
+ * 2. GnuTLS
+ * 3. wolfSSL
+ * 4. Schannel SSPI
+ * 5. mbedTLS
+ * 6. Rustls
  * Skip the backend if it does not support the required algorithm */
 
 #ifdef USE_OPENSSL
@@ -72,7 +72,6 @@
 #  endif
 #endif /* USE_OPENSSL */
 
-
 #if !defined(HAS_SHA512_256_IMPLEMENTATION) && defined(USE_GNUTLS)
 #  include 
 #  ifdef SHA512_256_DIGEST_SIZE
@@ -109,7 +108,7 @@ typedef EVP_MD_CTX *Curl_sha512_256_ctx;
  */
 static CURLcode Curl_sha512_256_init(void *context)
 {
-  Curl_sha512_256_ctx *const ctx = (Curl_sha512_256_ctx *)context;
+  Curl_sha512_256_ctx * const ctx = (Curl_sha512_256_ctx *)context;
 
   *ctx = EVP_MD_CTX_create();
   if(!*ctx)
@@ -129,7 +128,6 @@ static CURLcode Curl_sha512_256_init(void *context)
   return CURLE_FAILED_INIT;
 }
 
-
 /**
  * Process portion of bytes.
  *
@@ -142,7 +140,7 @@ static CURLcode Curl_sha512_256_update(void *context,
                                        const unsigned char *data,
                                        size_t length)
 {
-  Curl_sha512_256_ctx *const ctx = (Curl_sha512_256_ctx *)context;
+  Curl_sha512_256_ctx * const ctx = (Curl_sha512_256_ctx *)context;
 
   if(!EVP_DigestUpdate(*ctx, data, length))
     return CURLE_SSL_CIPHER;
@@ -150,7 +148,6 @@ static CURLcode Curl_sha512_256_update(void *context,
   return CURLE_OK;
 }
 
-
 /**
  * Finalise SHA-512/256 calculation, return digest.
  *
@@ -163,7 +160,7 @@ static CURLcode Curl_sha512_256_update(void *context,
 static CURLcode Curl_sha512_256_finish(unsigned char *digest, void *context)
 {
   CURLcode ret;
-  Curl_sha512_256_ctx *const ctx = (Curl_sha512_256_ctx *)context;
+  Curl_sha512_256_ctx * const ctx = (Curl_sha512_256_ctx *)context;
 
 #ifdef NEED_NETBSD_SHA512_256_WORKAROUND
   /* Use a larger buffer to work around a bug in NetBSD:
@@ -202,7 +199,7 @@ typedef struct sha512_256_ctx Curl_sha512_256_ctx;
  */
 static CURLcode Curl_sha512_256_init(void *context)
 {
-  Curl_sha512_256_ctx *const ctx = (Curl_sha512_256_ctx *)context;
+  Curl_sha512_256_ctx * const ctx = (Curl_sha512_256_ctx *)context;
 
   /* Check whether the header and this file use the same numbers */
   DEBUGASSERT(CURL_SHA512_256_DIGEST_LENGTH == CURL_SHA512_256_DIGEST_SIZE);
@@ -212,7 +209,6 @@ static CURLcode Curl_sha512_256_init(void *context)
   return CURLE_OK;
 }
 
-
 /**
  * Process portion of bytes.
  *
@@ -225,7 +221,7 @@ static CURLcode Curl_sha512_256_update(void *context,
                                        const unsigned char *data,
                                        size_t length)
 {
-  Curl_sha512_256_ctx *const ctx = (Curl_sha512_256_ctx *)context;
+  Curl_sha512_256_ctx * const ctx = (Curl_sha512_256_ctx *)context;
 
   DEBUGASSERT((data != NULL) || (length == 0));
 
@@ -234,7 +230,6 @@ static CURLcode Curl_sha512_256_update(void *context,
   return CURLE_OK;
 }
 
-
 /**
  * Finalise SHA-512/256 calculation, return digest.
  *
@@ -246,7 +241,7 @@ static CURLcode Curl_sha512_256_update(void *context,
 static CURLcode Curl_sha512_256_finish(unsigned char *digest,
                                        void *context)
 {
-  Curl_sha512_256_ctx *const ctx = (Curl_sha512_256_ctx *)context;
+  Curl_sha512_256_ctx * const ctx = (Curl_sha512_256_ctx *)context;
 
   sha512_256_digest(ctx,
                     (size_t)CURL_SHA512_256_DIGEST_SIZE, (uint8_t *)digest);
@@ -286,32 +281,31 @@ static CURLcode Curl_sha512_256_finish(unsigned char *digest,
 /* Bits manipulation macros and functions.
    Can be moved to other headers to reuse. */
 
-#define CURL_GET_64BIT_BE(ptr)                                  \
-  ( ((uint64_t)(((const uint8_t*)(ptr))[0]) << 56) | \
-    ((uint64_t)(((const uint8_t*)(ptr))[1]) << 48) | \
-    ((uint64_t)(((const uint8_t*)(ptr))[2]) << 40) | \
-    ((uint64_t)(((const uint8_t*)(ptr))[3]) << 32) | \
-    ((uint64_t)(((const uint8_t*)(ptr))[4]) << 24) | \
-    ((uint64_t)(((const uint8_t*)(ptr))[5]) << 16) | \
-    ((uint64_t)(((const uint8_t*)(ptr))[6]) << 8)  | \
-    (uint64_t)(((const uint8_t*)(ptr))[7]) )
+#define CURL_GET_64BIT_BE(ptr)                       \
+  (((uint64_t)(((const uint8_t *)(ptr))[0]) << 56) | \
+   ((uint64_t)(((const uint8_t *)(ptr))[1]) << 48) | \
+   ((uint64_t)(((const uint8_t *)(ptr))[2]) << 40) | \
+   ((uint64_t)(((const uint8_t *)(ptr))[3]) << 32) | \
+   ((uint64_t)(((const uint8_t *)(ptr))[4]) << 24) | \
+   ((uint64_t)(((const uint8_t *)(ptr))[5]) << 16) | \
+   ((uint64_t)(((const uint8_t *)(ptr))[6]) << 8)  | \
+    (uint64_t)(((const uint8_t *)(ptr))[7]))
 
-#define CURL_PUT_64BIT_BE(ptr,val) do {                                 \
-    ((uint8_t*)(ptr))[7]=(uint8_t)((uint64_t)(val));   \
-    ((uint8_t*)(ptr))[6]=(uint8_t)(((uint64_t)(val)) >> 8); \
-    ((uint8_t*)(ptr))[5]=(uint8_t)(((uint64_t)(val)) >> 16); \
-    ((uint8_t*)(ptr))[4]=(uint8_t)(((uint64_t)(val)) >> 24); \
-    ((uint8_t*)(ptr))[3]=(uint8_t)(((uint64_t)(val)) >> 32); \
-    ((uint8_t*)(ptr))[2]=(uint8_t)(((uint64_t)(val)) >> 40); \
-    ((uint8_t*)(ptr))[1]=(uint8_t)(((uint64_t)(val)) >> 48); \
-    ((uint8_t*)(ptr))[0]=(uint8_t)(((uint64_t)(val)) >> 56); \
+#define CURL_PUT_64BIT_BE(ptr,val) do {                        \
+    ((uint8_t*)(ptr))[7] = (uint8_t) ((uint64_t)(val));        \
+    ((uint8_t*)(ptr))[6] = (uint8_t)(((uint64_t)(val)) >> 8);  \
+    ((uint8_t*)(ptr))[5] = (uint8_t)(((uint64_t)(val)) >> 16); \
+    ((uint8_t*)(ptr))[4] = (uint8_t)(((uint64_t)(val)) >> 24); \
+    ((uint8_t*)(ptr))[3] = (uint8_t)(((uint64_t)(val)) >> 32); \
+    ((uint8_t*)(ptr))[2] = (uint8_t)(((uint64_t)(val)) >> 40); \
+    ((uint8_t*)(ptr))[1] = (uint8_t)(((uint64_t)(val)) >> 48); \
+    ((uint8_t*)(ptr))[0] = (uint8_t)(((uint64_t)(val)) >> 56); \
   } while(0)
 
 /* Defined as a function. The macro version may duplicate the binary code
  * size as each argument is used twice, so if any calculation is used
  * as an argument, the calculation could be done twice. */
-static CURL_FORCEINLINE uint64_t Curl_rotr64(uint64_t value,
-                                                  unsigned int bits)
+static CURL_FORCEINLINE uint64_t Curl_rotr64(uint64_t value, unsigned int bits)
 {
   bits %= 64;
   if(bits == 0)
@@ -399,7 +393,6 @@ struct Curl_sha512_256ctx {
  */
 typedef struct Curl_sha512_256ctx Curl_sha512_256_ctx;
 
-
 /**
  * Initialise structure for SHA-512/256 calculation.
  *
@@ -408,7 +401,7 @@ typedef struct Curl_sha512_256ctx Curl_sha512_256_ctx;
  */
 static CURLcode Curl_sha512_256_init(void *context)
 {
-  struct Curl_sha512_256ctx *const ctx = (struct Curl_sha512_256ctx *)context;
+  struct Curl_sha512_256ctx * const ctx = (struct Curl_sha512_256ctx *)context;
 
   /* Check whether the header and this file use the same numbers */
   DEBUGASSERT(CURL_SHA512_256_DIGEST_LENGTH == CURL_SHA512_256_DIGEST_SIZE);
@@ -434,16 +427,14 @@ static CURLcode Curl_sha512_256_init(void *context)
   return CURLE_OK;
 }
 
-
 /**
  * Base of the SHA-512/256 transformation.
  * Gets a full 128 bytes block of data and updates hash values;
  * @param H     hash values
  * @param data  the data buffer with #CURL_SHA512_256_BLOCK_SIZE bytes block
  */
-static
-void Curl_sha512_256_transform(uint64_t H[SHA512_256_HASH_SIZE_WORDS],
-                               const void *data)
+static void Curl_sha512_256_transform(uint64_t H[SHA512_256_HASH_SIZE_WORDS],
+                                      const void *data)
 {
   /* Working variables,
      see FIPS PUB 180-4 section 6.7, 6.4. */
@@ -462,8 +453,8 @@ void Curl_sha512_256_transform(uint64_t H[SHA512_256_HASH_SIZE_WORDS],
 
   /* 'Ch' and 'Maj' macro functions are defined with widely-used optimization.
      See FIPS PUB 180-4 formulae 4.8, 4.9. */
-#define Sha512_Ch(x,y,z)     ( (z) ^ ((x) & ((y) ^ (z))) )
-#define Sha512_Maj(x,y,z)    ( ((x) & (y)) ^ ((z) & ((x) ^ (y))) )
+#define Sha512_Ch(x, y, z)    ( (z) ^ ((x) & ((y) ^ (z))) )
+#define Sha512_Maj(x, y, z)   ( ((x) & (y)) ^ ((z) & ((x) ^ (y))) )
 
   /* Four 'Sigma' macro functions.
      See FIPS PUB 180-4 formulae 4.10, 4.11, 4.12, 4.13. */
@@ -533,38 +524,41 @@ void Curl_sha512_256_transform(uint64_t H[SHA512_256_HASH_SIZE_WORDS],
        * Note: 'wt' must be used exactly one time in this macro as macro for
        'wt' calculation may change other data as well every time when
        used. */
-#define SHA2STEP64(vA,vB,vC,vD,vE,vF,vG,vH,kt,wt) do {                       \
-     (vD) += ((vH) += SIG1((vE)) + Sha512_Ch((vE),(vF),(vG)) + (kt) + (wt)); \
-     (vH) += SIG0((vA)) + Sha512_Maj((vA),(vB),(vC)); } while (0)
+#define SHA2STEP64(vA, vB, vC, vD, vE, vF, vG, vH, kt, wt)                    \
+  do {                                                                        \
+    (vD) += ((vH) += SIG1((vE)) + Sha512_Ch((vE), (vF), (vG)) + (kt) + (wt)); \
+    (vH) += SIG0((vA)) + Sha512_Maj((vA), (vB), (vC));                        \
+  } while(0)
 
     /* One step of SHA-512/256 computation with working variables rotation,
        see FIPS PUB 180-4 section 6.4.2 step 3. This macro version reassigns
        all working variables on each step. */
-#define SHA2STEP64RV(vA,vB,vC,vD,vE,vF,vG,vH,kt,wt) do {                \
-      uint64_t tmp_h_ = (vH);                                           \
-      SHA2STEP64((vA),(vB),(vC),(vD),(vE),(vF),(vG),tmp_h_,(kt),(wt));  \
-      (vH) = (vG);                                                      \
-      (vG) = (vF);                                                      \
-      (vF) = (vE);                                                      \
-      (vE) = (vD);                                                      \
-      (vD) = (vC);                                                      \
-      (vC) = (vB);                                                      \
-      (vB) = (vA);                                                      \
-      (vA) = tmp_h_;  } while(0)
+#define SHA2STEP64RV(vA, vB, vC, vD, vE, vF, vG, vH, kt, wt)                  \
+  do {                                                                        \
+    uint64_t tmp_h_ = (vH);                                                   \
+    SHA2STEP64((vA), (vB), (vC), (vD), (vE), (vF), (vG), tmp_h_, (kt), (wt)); \
+    (vH) = (vG);                                                              \
+    (vG) = (vF);                                                              \
+    (vF) = (vE);                                                              \
+    (vE) = (vD);                                                              \
+    (vD) = (vC);                                                              \
+    (vC) = (vB);                                                              \
+    (vB) = (vA);                                                              \
+    (vA) = tmp_h_;                                                            \
+  } while(0)
 
     /* Get value of W(t) from input data buffer for 0 <= t <= 15,
        See FIPS PUB 180-4 section 6.2.
        Input data must be read in big-endian bytes order,
        see FIPS PUB 180-4 section 3.1.2. */
-#define SHA512_GET_W_FROM_DATA(buf,t)                                   \
-    CURL_GET_64BIT_BE(                                                  \
-      ((const uint8_t*) (buf)) + (t) * SHA512_256_BYTES_IN_WORD)
+#define SHA512_GET_W_FROM_DATA(buf, t) \
+  CURL_GET_64BIT_BE(((const uint8_t *)(buf)) + (t) * SHA512_256_BYTES_IN_WORD)
 
     /* During first 16 steps, before making any calculation on each step, the
        W element is read from the input data buffer as a big-endian value and
        stored in the array of W elements. */
     for(t = 0; t < 16; ++t) {
-      SHA2STEP64RV(a, b, c, d, e, f, g, h, K[t], \
+      SHA2STEP64RV(a, b, c, d, e, f, g, h, K[t],
                    W[t] = SHA512_GET_W_FROM_DATA(data, t));
     }
 
@@ -573,15 +567,15 @@ void Curl_sha512_256_transform(uint64_t H[SHA512_256_HASH_SIZE_WORDS],
        As only the last 16 'W' are used in calculations, it is possible to
        use 16 elements array of W as a cyclic buffer.
        Note: ((t-16) & 15) have same value as (t & 15) */
-#define Wgen(w,t)                                                  \
-    (uint64_t)( (w)[(t - 16) & 15] + sig1((w)[((t) - 2) & 15])     \
-                + (w)[((t) - 7) & 15] + sig0((w)[((t) - 15) & 15]) )
+#define Wgen(w, t)                                               \
+  (uint64_t)((w)[((t) - 16) & 15] + sig1((w)[((t) -  2) & 15]) + \
+             (w)[((t) -  7) & 15] + sig0((w)[((t) - 15) & 15]))
 
     /* During the last 64 steps, before making any calculation on each step,
        current W element is generated from other W elements of the cyclic
        buffer and the generated value is stored back in the cyclic buffer. */
     for(t = 16; t < 80; ++t) {
-      SHA2STEP64RV(a, b, c, d, e, f, g, h, K[t], \
+      SHA2STEP64RV(a, b, c, d, e, f, g, h, K[t],
                    W[t & 15] = Wgen(W, t));
     }
   }
@@ -598,7 +592,6 @@ void Curl_sha512_256_transform(uint64_t H[SHA512_256_HASH_SIZE_WORDS],
   H[7] += h;
 }
 
-
 /**
  * Process portion of bytes.
  *
@@ -612,9 +605,9 @@ static CURLcode Curl_sha512_256_update(void *context,
                                        size_t length)
 {
   unsigned int bytes_have; /**< Number of bytes in the context buffer */
-  struct Curl_sha512_256ctx *const ctx = (struct Curl_sha512_256ctx *)context;
+  struct Curl_sha512_256ctx * const ctx = (struct Curl_sha512_256ctx *)context;
   /* the void pointer here is required to mute Intel compiler warning */
-  void *const ctx_buf = ctx->buffer;
+  void * const ctx_buf = ctx->buffer;
 
   DEBUGASSERT((data != NULL) || (length == 0));
 
@@ -623,7 +616,7 @@ static CURLcode Curl_sha512_256_update(void *context,
 
   /* Note: (count & (CURL_SHA512_256_BLOCK_SIZE-1))
      equals (count % CURL_SHA512_256_BLOCK_SIZE) for this block size. */
-  bytes_have = (unsigned int) (ctx->count & (CURL_SHA512_256_BLOCK_SIZE - 1));
+  bytes_have = (unsigned int)(ctx->count & (CURL_SHA512_256_BLOCK_SIZE - 1));
   ctx->count += length;
   if(length > ctx->count)
     ctx->count_bits_hi += 1U << 3; /* Value wrap */
@@ -635,7 +628,7 @@ static CURLcode Curl_sha512_256_update(void *context,
     if(length >= bytes_left) {
       /* Combine new data with data in the buffer and process the full
          block. */
-      memcpy(((unsigned char *) ctx_buf) + bytes_have,
+      memcpy(((unsigned char *)ctx_buf) + bytes_have,
              data,
              bytes_left);
       data += bytes_left;
@@ -656,13 +649,12 @@ static CURLcode Curl_sha512_256_update(void *context,
   if(length) {
     /* Copy incomplete block of new data (if any)
        to the buffer. */
-    memcpy(((unsigned char *) ctx_buf) + bytes_have, data, length);
+    memcpy(((unsigned char *)ctx_buf) + bytes_have, data, length);
   }
 
   return CURLE_OK;
 }
 
-
 /**
  * Size of "length" insertion in bits.
  * See FIPS PUB 180-4 section 5.1.2.
@@ -684,11 +676,11 @@ static CURLcode Curl_sha512_256_update(void *context,
  */
 static CURLcode Curl_sha512_256_finish(unsigned char *digest, void *context)
 {
-  struct Curl_sha512_256ctx *const ctx = (struct Curl_sha512_256ctx *)context;
+  struct Curl_sha512_256ctx * const ctx = (struct Curl_sha512_256ctx *)context;
   uint64_t num_bits;   /**< Number of processed bits */
   unsigned int bytes_have; /**< Number of bytes in the context buffer */
   /* the void pointer here is required to mute Intel compiler warning */
-  void *const ctx_buf = ctx->buffer;
+  void * const ctx_buf = ctx->buffer;
 
   /* Memorise the number of processed bits.
      The padding and other data added here during the postprocessing must
@@ -697,7 +689,7 @@ static CURLcode Curl_sha512_256_finish(unsigned char *digest, void *context)
 
   /* Note: (count & (CURL_SHA512_256_BLOCK_SIZE-1))
            equals (count % CURL_SHA512_256_BLOCK_SIZE) for this block size. */
-  bytes_have = (unsigned int) (ctx->count & (CURL_SHA512_256_BLOCK_SIZE - 1));
+  bytes_have = (unsigned int)(ctx->count & (CURL_SHA512_256_BLOCK_SIZE - 1));
 
   /* Input data must be padded with a single bit "1", then with zeros and
      the finally the length of data in bits must be added as the final bytes
@@ -709,13 +701,13 @@ static CURLcode Curl_sha512_256_finish(unsigned char *digest, void *context)
      predefined (0x80). */
   /* Buffer always have space at least for one byte (as full buffers are
      processed when formed). */
-  ((unsigned char *) ctx_buf)[bytes_have++] = 0x80U;
+  ((unsigned char *)ctx_buf)[bytes_have++] = 0x80U;
 
   if(CURL_SHA512_256_BLOCK_SIZE - bytes_have < SHA512_256_SIZE_OF_LEN_ADD) {
     /* No space in the current block to put the total length of message.
        Pad the current block with zeros and process it. */
     if(bytes_have < CURL_SHA512_256_BLOCK_SIZE)
-      memset(((unsigned char *) ctx_buf) + bytes_have, 0,
+      memset(((unsigned char *)ctx_buf) + bytes_have, 0,
              CURL_SHA512_256_BLOCK_SIZE - bytes_have);
     /* Process the full block. */
     Curl_sha512_256_transform(ctx->H, ctx->buffer);
@@ -724,17 +716,17 @@ static CURLcode Curl_sha512_256_finish(unsigned char *digest, void *context)
   }
 
   /* Pad the rest of the buffer with zeros. */
-  memset(((unsigned char *) ctx_buf) + bytes_have, 0,
+  memset(((unsigned char *)ctx_buf) + bytes_have, 0,
          CURL_SHA512_256_BLOCK_SIZE - SHA512_256_SIZE_OF_LEN_ADD - bytes_have);
   /* Put high part of number of bits in processed message and then lower
      part of number of bits as big-endian values.
      See FIPS PUB 180-4 section 5.1.2. */
   /* Note: the target location is predefined and buffer is always aligned */
-  CURL_PUT_64BIT_BE(((unsigned char *) ctx_buf)       \
+  CURL_PUT_64BIT_BE(((unsigned char *)ctx_buf)        \
                       + CURL_SHA512_256_BLOCK_SIZE    \
                       - SHA512_256_SIZE_OF_LEN_ADD,   \
                       ctx->count_bits_hi);
-  CURL_PUT_64BIT_BE(((unsigned char *) ctx_buf)       \
+  CURL_PUT_64BIT_BE(((unsigned char *)ctx_buf)        \
                       + CURL_SHA512_256_BLOCK_SIZE    \
                       - SHA512_256_SIZE_OF_LEN_ADD    \
                       + SHA512_256_BYTES_IN_WORD,     \
@@ -775,7 +767,7 @@ CURLcode Curl_sha512_256it(unsigned char *output, const unsigned char *input,
   if(res != CURLE_OK)
     return res;
 
-  res = Curl_sha512_256_update(&ctx, (const void *) input, input_size);
+  res = Curl_sha512_256_update(&ctx, (const void *)input, input_size);
 
   if(res != CURLE_OK) {
     (void)Curl_sha512_256_finish(output, &ctx);
diff --git a/lib/curl_sha512_256.h b/lib/curl_sha512_256.h
index a84e77bc30..c22491ddc0 100644
--- a/lib/curl_sha512_256.h
+++ b/lib/curl_sha512_256.h
@@ -35,9 +35,8 @@ extern const struct HMAC_params Curl_HMAC_SHA512_256[1];
 
 #define CURL_SHA512_256_DIGEST_LENGTH 32
 
-CURLcode
-Curl_sha512_256it(unsigned char *output, const unsigned char *input,
-                  size_t input_size);
+CURLcode Curl_sha512_256it(unsigned char *output, const unsigned char *input,
+                           size_t input_size);
 
 #endif /* !CURL_DISABLE_DIGEST_AUTH && !CURL_DISABLE_SHA512_256 */
 
diff --git a/lib/curl_share.c b/lib/curl_share.c
index c6b5126704..109fe76b66 100644
--- a/lib/curl_share.c
+++ b/lib/curl_share.c
@@ -34,8 +34,7 @@
 #include "hsts.h"
 #include "url.h"
 
-CURLSH *
-curl_share_init(void)
+CURLSH *curl_share_init(void)
 {
   struct Curl_share *share = curlx_calloc(1, sizeof(struct Curl_share));
   if(share) {
@@ -60,8 +59,7 @@ curl_share_init(void)
 }
 
 #undef curl_share_setopt
-CURLSHcode
-curl_share_setopt(CURLSH *sh, CURLSHoption option, ...)
+CURLSHcode curl_share_setopt(CURLSH *sh, CURLSHoption option, ...)
 {
   va_list param;
   int type;
@@ -224,8 +222,7 @@ curl_share_setopt(CURLSH *sh, CURLSHoption option, ...)
   return res;
 }
 
-CURLSHcode
-curl_share_cleanup(CURLSH *sh)
+CURLSHcode curl_share_cleanup(CURLSH *sh)
 {
   struct Curl_share *share = sh;
   if(!GOOD_SHARE_HANDLE(share))
@@ -273,10 +270,8 @@ curl_share_cleanup(CURLSH *sh)
   return CURLSHE_OK;
 }
 
-
-CURLSHcode
-Curl_share_lock(struct Curl_easy *data, curl_lock_data type,
-                curl_lock_access accesstype)
+CURLSHcode Curl_share_lock(struct Curl_easy *data, curl_lock_data type,
+                           curl_lock_access accesstype)
 {
   struct Curl_share *share = data->share;
 
@@ -292,8 +287,7 @@ Curl_share_lock(struct Curl_easy *data, curl_lock_data type,
   return CURLSHE_OK;
 }
 
-CURLSHcode
-Curl_share_unlock(struct Curl_easy *data, curl_lock_data type)
+CURLSHcode Curl_share_unlock(struct Curl_easy *data, curl_lock_data type)
 {
   struct Curl_share *share = data->share;
 
@@ -302,7 +296,7 @@ Curl_share_unlock(struct Curl_easy *data, curl_lock_data type)
 
   if(share->specifier & (unsigned int)(1 << type)) {
     if(share->unlockfunc) /* only call this if set! */
-      share->unlockfunc (data, type, share->clientdata);
+      share->unlockfunc(data, type, share->clientdata);
   }
 
   return CURLSHE_OK;
diff --git a/lib/curl_share.h b/lib/curl_share.h
index 974c99dc20..0699356dd4 100644
--- a/lib/curl_share.h
+++ b/lib/curl_share.h
@@ -38,7 +38,7 @@ struct Curl_ssl_scache;
 #define GOOD_SHARE_HANDLE(x) ((x) && (x)->magic == CURL_GOOD_SHARE)
 
 #define CURL_SHARE_KEEP_CONNECT(s)    \
-        ((s) && ((s)->specifier & (1<< CURL_LOCK_DATA_CONNECT)))
+        ((s) && ((s)->specifier & (1 << CURL_LOCK_DATA_CONNECT)))
 
 /* this struct is libcurl-private, do not export details */
 struct Curl_share {
@@ -71,8 +71,8 @@ CURLSHcode Curl_share_lock(struct Curl_easy *, curl_lock_data,
 CURLSHcode Curl_share_unlock(struct Curl_easy *, curl_lock_data);
 
 /* convenience macro to check if this handle is using a shared SSL spool */
-#define CURL_SHARE_ssl_scache(data) (data->share &&                      \
+#define CURL_SHARE_ssl_scache(data) (data->share &&                     \
                                     (data->share->specifier &           \
-                                     (1<type = type;
     if(type & CLIENTWRITE_BODY)
       Curl_bufq_init2(&cwbuf->b, CW_PAUSE_BUF_CHUNK, 1,
-                      (BUFQ_OPT_SOFT_LIMIT|BUFQ_OPT_NO_SPARES));
+                      (BUFQ_OPT_SOFT_LIMIT | BUFQ_OPT_NO_SPARES));
     else
       Curl_bufq_init(&cwbuf->b, buflen, 1);
   }
diff --git a/lib/dict.c b/lib/dict.c
index f208892f73..a5facf4310 100644
--- a/lib/dict.c
+++ b/lib/dict.c
@@ -60,10 +60,10 @@
 #include "progress.h"
 #include "dict.h"
 
-#define DICT_MATCH "/MATCH:"
-#define DICT_MATCH2 "/M:"
-#define DICT_MATCH3 "/FIND:"
-#define DICT_DEFINE "/DEFINE:"
+#define DICT_MATCH   "/MATCH:"
+#define DICT_MATCH2  "/M:"
+#define DICT_MATCH3  "/FIND:"
+#define DICT_DEFINE  "/DEFINE:"
 #define DICT_DEFINE2 "/D:"
 #define DICT_DEFINE3 "/LOOKUP:"
 
@@ -192,9 +192,9 @@ static CURLcode dict_do(struct Curl_easy *data, bool *done)
   if(result)
     return result;
 
-  if(curl_strnequal(path, DICT_MATCH, sizeof(DICT_MATCH)-1) ||
-     curl_strnequal(path, DICT_MATCH2, sizeof(DICT_MATCH2)-1) ||
-     curl_strnequal(path, DICT_MATCH3, sizeof(DICT_MATCH3)-1)) {
+  if(curl_strnequal(path, DICT_MATCH, sizeof(DICT_MATCH) - 1) ||
+     curl_strnequal(path, DICT_MATCH2, sizeof(DICT_MATCH2) - 1) ||
+     curl_strnequal(path, DICT_MATCH3, sizeof(DICT_MATCH3) - 1)) {
 
     word = strchr(path, ':');
     if(word) {
@@ -239,9 +239,9 @@ static CURLcode dict_do(struct Curl_easy *data, bool *done)
     }
     Curl_xfer_setup_recv(data, FIRSTSOCKET, -1);
   }
-  else if(curl_strnequal(path, DICT_DEFINE, sizeof(DICT_DEFINE)-1) ||
-          curl_strnequal(path, DICT_DEFINE2, sizeof(DICT_DEFINE2)-1) ||
-          curl_strnequal(path, DICT_DEFINE3, sizeof(DICT_DEFINE3)-1)) {
+  else if(curl_strnequal(path, DICT_DEFINE, sizeof(DICT_DEFINE) - 1) ||
+          curl_strnequal(path, DICT_DEFINE2, sizeof(DICT_DEFINE2) - 1) ||
+          curl_strnequal(path, DICT_DEFINE3, sizeof(DICT_DEFINE3) - 1)) {
 
     word = strchr(path, ':');
     if(word) {
diff --git a/lib/doh.c b/lib/doh.c
index d7b1d54c25..b0f19be73a 100644
--- a/lib/doh.c
+++ b/lib/doh.c
@@ -44,7 +44,7 @@
 #define DNS_CLASS_IN 0x01
 
 #ifndef CURL_DISABLE_VERBOSE_STRINGS
-static const char * const errors[]={
+static const char * const errors[] = {
   "",
   "Bad label",
   "Out of range",
@@ -107,7 +107,7 @@ UNITTEST DOHcode doh_req_encode(const char *host,
   size_t expected_len;
   DEBUGASSERT(hostlen);
   expected_len = 12 + 1 + hostlen + 4;
-  if(host[hostlen-1]!='.')
+  if(host[hostlen - 1] != '.')
     expected_len++;
 
   if(expected_len > DOH_MAX_DNSREQ_SIZE)
@@ -169,8 +169,8 @@ UNITTEST DOHcode doh_req_encode(const char *host,
   return DOH_OK;
 }
 
-static size_t
-doh_probe_write_cb(char *contents, size_t size, size_t nmemb, void *userp)
+static size_t doh_probe_write_cb(char *contents, size_t size, size_t nmemb,
+                                 void *userp)
 {
   size_t realsize = size * nmemb;
   struct Curl_easy *data = userp;
@@ -269,7 +269,7 @@ static void doh_probe_dtor(void *key, size_t klen, void *e)
   }
 }
 
-#define ERROR_CHECK_SETOPT(x,y)                         \
+#define ERROR_CHECK_SETOPT(x, y)                        \
   do {                                                  \
     result = curl_easy_setopt((CURL *)doh, x, y);       \
     if(result &&                                        \
@@ -346,7 +346,7 @@ static CURLcode doh_probe_run(struct Curl_easy *data,
   ERROR_CHECK_SETOPT(CURLOPT_PROTOCOLS, CURLPROTO_HTTPS);
 #else
   /* in debug mode, also allow http */
-  ERROR_CHECK_SETOPT(CURLOPT_PROTOCOLS, CURLPROTO_HTTP|CURLPROTO_HTTPS);
+  ERROR_CHECK_SETOPT(CURLOPT_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS);
 #endif
   ERROR_CHECK_SETOPT(CURLOPT_TIMEOUT_MS, (long)timeout_ms);
   ERROR_CHECK_SETOPT(CURLOPT_SHARE, (CURLSH *)data->share);
@@ -358,11 +358,11 @@ static CURLcode doh_probe_run(struct Curl_easy *data,
     ERROR_CHECK_SETOPT(CURLOPT_NOSIGNAL, 1L);
 
   ERROR_CHECK_SETOPT(CURLOPT_SSL_VERIFYHOST,
-    data->set.doh_verifyhost ? 2L : 0L);
+                     data->set.doh_verifyhost ? 2L : 0L);
   ERROR_CHECK_SETOPT(CURLOPT_SSL_VERIFYPEER,
-    data->set.doh_verifypeer ? 1L : 0L);
+                     data->set.doh_verifypeer ? 1L : 0L);
   ERROR_CHECK_SETOPT(CURLOPT_SSL_VERIFYSTATUS,
-    data->set.doh_verifystatus ? 1L : 0L);
+                     data->set.doh_verifystatus ? 1L : 0L);
 
   /* Inherit *some* SSL options from the user's transfer. This is a
      best-guess as to which options are needed for compatibility. #3661
@@ -376,20 +376,16 @@ static CURLcode doh_probe_run(struct Curl_easy *data,
   doh->set.ssl.custom_capath = data->set.ssl.custom_capath;
   doh->set.ssl.custom_cablob = data->set.ssl.custom_cablob;
   if(data->set.str[STRING_SSL_CAFILE]) {
-    ERROR_CHECK_SETOPT(CURLOPT_CAINFO,
-                       data->set.str[STRING_SSL_CAFILE]);
+    ERROR_CHECK_SETOPT(CURLOPT_CAINFO, data->set.str[STRING_SSL_CAFILE]);
   }
   if(data->set.blobs[BLOB_CAINFO]) {
-    ERROR_CHECK_SETOPT(CURLOPT_CAINFO_BLOB,
-                       data->set.blobs[BLOB_CAINFO]);
+    ERROR_CHECK_SETOPT(CURLOPT_CAINFO_BLOB, data->set.blobs[BLOB_CAINFO]);
   }
   if(data->set.str[STRING_SSL_CAPATH]) {
-    ERROR_CHECK_SETOPT(CURLOPT_CAPATH,
-                       data->set.str[STRING_SSL_CAPATH]);
+    ERROR_CHECK_SETOPT(CURLOPT_CAPATH, data->set.str[STRING_SSL_CAPATH]);
   }
   if(data->set.str[STRING_SSL_CRLFILE]) {
-    ERROR_CHECK_SETOPT(CURLOPT_CRLFILE,
-                       data->set.str[STRING_SSL_CRLFILE]);
+    ERROR_CHECK_SETOPT(CURLOPT_CRLFILE, data->set.str[STRING_SSL_CRLFILE]);
   }
   if(data->set.ssl.certinfo)
     ERROR_CHECK_SETOPT(CURLOPT_CERTINFO, 1L);
@@ -717,7 +713,6 @@ UNITTEST void de_init(struct dohentry *de)
     curlx_dyn_init(&de->cname[i], DYN_DOH_CNAME);
 }
 
-
 UNITTEST DOHcode doh_resp_decode(const unsigned char *doh,
                                  size_t dohlen,
                                  DNStype dnstype,
@@ -851,7 +846,7 @@ UNITTEST DOHcode doh_resp_decode(const unsigned char *doh,
 
 #ifdef USE_HTTTPS
   if((type != CURL_DNS_TYPE_NS) && !d->numcname && !d->numaddr &&
-      !d->numhttps_rrs)
+     !d->numhttps_rrs)
 #else
   if((type != CURL_DNS_TYPE_NS) && !d->numcname && !d->numaddr)
 #endif
@@ -895,8 +890,7 @@ static void doh_show(struct Curl_easy *data,
 #ifdef USE_HTTPSRR
   for(i = 0; i < d->numhttps_rrs; i++) {
 # ifdef DEBUGBUILD
-    doh_print_buf(data, "DoH HTTPS",
-                  d->https_rrs[i].val, d->https_rrs[i].len);
+    doh_print_buf(data, "DoH HTTPS", d->https_rrs[i].val, d->https_rrs[i].len);
 # else
     infof(data, "DoH HTTPS RR: length %d", d->https_rrs[i].len);
 # endif
@@ -907,7 +901,7 @@ static void doh_show(struct Curl_easy *data,
   }
 }
 #else
-#define doh_show(x,y)
+#define doh_show(x, y)
 #endif
 
 /*
@@ -1022,16 +1016,16 @@ static CURLcode doh2ai(const struct dohentry *de, const char *hostname,
 static const char *doh_type2name(DNStype dnstype)
 {
   switch(dnstype) {
-    case CURL_DNS_TYPE_A:
-      return "A";
-    case CURL_DNS_TYPE_AAAA:
-      return "AAAA";
+  case CURL_DNS_TYPE_A:
+    return "A";
+  case CURL_DNS_TYPE_AAAA:
+    return "AAAA";
 #ifdef USE_HTTPSRR
-    case CURL_DNS_TYPE_HTTPS:
-      return "HTTPS";
+  case CURL_DNS_TYPE_HTTPS:
+    return "HTTPS";
 #endif
-    default:
-       return "unknown";
+  default:
+    return "unknown";
   }
 }
 #endif
@@ -1174,8 +1168,7 @@ UNITTEST void doh_print_httpsrr(struct Curl_easy *data,
                                 struct Curl_https_rrinfo *hrr)
 {
   DEBUGASSERT(hrr);
-  infof(data, "HTTPS RR: priority %d, target: %s",
-        hrr->priority, hrr->target);
+  infof(data, "HTTPS RR: priority %d, target: %s", hrr->priority, hrr->target);
   if(hrr->alpns[0] != ALPN_none)
     infof(data, "HTTPS RR: alpns %u %u %u %u",
           hrr->alpns[0], hrr->alpns[1], hrr->alpns[2], hrr->alpns[3]);
@@ -1285,7 +1278,7 @@ CURLcode Curl_doh_is_resolved(struct Curl_easy *data,
           doh_print_httpsrr(data, hrr);
 # endif
           dns->hinfo = hrr;
-       }
+        }
 #endif
         /* and add the entry to the cache */
         data->state.async.dns = dns;
@@ -1323,8 +1316,7 @@ void Curl_doh_close(struct Curl_easy *data)
       doh->probe_resp[slot].probe_mid = UINT32_MAX;
       /* should have been called before data is removed from multi handle */
       DEBUGASSERT(data->multi);
-      probe_data = data->multi ? Curl_multi_get_easy(data->multi, mid) :
-        NULL;
+      probe_data = data->multi ? Curl_multi_get_easy(data->multi, mid) : NULL;
       if(!probe_data) {
         DEBUGF(infof(data, "Curl_doh_close: xfer for mid=%u not found!",
                      doh->probe_resp[slot].probe_mid));
diff --git a/lib/doh.h b/lib/doh.h
index ffd0cb0879..16732173ab 100644
--- a/lib/doh.h
+++ b/lib/doh.h
@@ -122,7 +122,7 @@ CURLcode Curl_doh(struct Curl_easy *data, const char *hostname,
 CURLcode Curl_doh_is_resolved(struct Curl_easy *data,
                               struct Curl_dns_entry **dns);
 
-#define DOH_MAX_ADDR 24
+#define DOH_MAX_ADDR  24
 #define DOH_MAX_CNAME 4
 #define DOH_MAX_HTTPS 4
 
@@ -180,8 +180,8 @@ UNITTEST void de_cleanup(struct dohentry *d);
 #endif
 
 #else /* if DoH is disabled */
-#define Curl_doh(a,b,c,d,e) NULL
-#define Curl_doh_is_resolved(x,y) CURLE_COULDNT_RESOLVE_HOST
+#define Curl_doh(a, b, c, d, e)    NULL
+#define Curl_doh_is_resolved(x, y) CURLE_COULDNT_RESOLVE_HOST
 #endif
 
 #endif /* HEADER_CURL_DOH_H */
diff --git a/lib/dynhds.c b/lib/dynhds.c
index ebe1beae58..b6654114d6 100644
--- a/lib/dynhds.c
+++ b/lib/dynhds.c
@@ -55,9 +55,8 @@ entry_new(const char *name, size_t namelen,
   return e;
 }
 
-static struct dynhds_entry *
-entry_append(struct dynhds_entry *e,
-             const char *value, size_t valuelen)
+static struct dynhds_entry *entry_append(struct dynhds_entry *e,
+                                         const char *value, size_t valuelen)
 {
   struct dynhds_entry *e2;
   size_t valuelen2 = e->valuelen + 1 + valuelen;
@@ -171,7 +170,7 @@ CURLcode Curl_dynhds_add(struct dynhds *dynhds,
   if(dynhds->strs_len + namelen + valuelen > dynhds->max_strs_size)
     return CURLE_OUT_OF_MEMORY;
 
-entry = entry_new(name, namelen, value, valuelen, dynhds->opts);
+  entry = entry_new(name, namelen, value, valuelen, dynhds->opts);
   if(!entry)
     goto out;
 
@@ -234,11 +233,11 @@ CURLcode Curl_dynhds_h1_add_line(struct dynhds *dynhds,
     }
     if(!line_len)
       return CURLE_BAD_FUNCTION_ARGUMENT;
-    e = dynhds->hds[dynhds->hds_len-1];
+    e = dynhds->hds[dynhds->hds_len - 1];
     e2 = entry_append(e, line, line_len);
     if(!e2)
       return CURLE_OUT_OF_MEMORY;
-    dynhds->hds[dynhds->hds_len-1] = e2;
+    dynhds->hds[dynhds->hds_len - 1] = e2;
     entry_free(e);
     return CURLE_OK;
   }
diff --git a/lib/easy.c b/lib/easy.c
index c60819fcdc..d2f6c36c0d 100644
--- a/lib/easy.c
+++ b/lib/easy.c
@@ -87,7 +87,7 @@ static long          easy_init_flags;
 #ifdef GLOBAL_INIT_IS_THREADSAFE
 
 static curl_simple_lock s_lock = CURL_SIMPLE_LOCK_INIT;
-#define global_init_lock() curl_simple_lock_lock(&s_lock)
+#define global_init_lock()   curl_simple_lock_lock(&s_lock)
 #define global_init_unlock() curl_simple_lock_unlock(&s_lock)
 
 #else
@@ -208,7 +208,6 @@ fail:
   return CURLE_FAILED_INIT;
 }
 
-
 /**
  * curl_global_init() globally initializes curl given a bitwise set of the
  * different features of what to initialize.
@@ -411,7 +410,6 @@ static int events_timer(CURLM *multi,    /* multi handle */
   return 0;
 }
 
-
 /* poll2cselect
  *
  * convert from poll() bit definitions to libcurl's CURL_CSELECT_* ones
@@ -428,7 +426,6 @@ static int poll2cselect(int pollmask)
   return omask;
 }
 
-
 /* socketcb2poll
  *
  * convert from libcurl' CURL_POLL_* bit definitions to poll()'s
@@ -485,10 +482,9 @@ static int events_socket(CURL *easy,      /* easy handle */
         /* The socket 's' is already being monitored, update the activity
            mask. Convert from libcurl bitmask to the poll one. */
         m->socket.events = socketcb2poll(what);
-        infof(data, "socket cb: socket %" FMT_SOCKET_T
-              " UPDATED as %s%s", s,
-              (what&CURL_POLL_IN) ? "IN" : "",
-              (what&CURL_POLL_OUT) ? "OUT" : "");
+        infof(data, "socket cb: socket %" FMT_SOCKET_T " UPDATED as %s%s", s,
+              (what & CURL_POLL_IN) ? "IN" : "",
+              (what & CURL_POLL_OUT) ? "OUT" : "");
       }
       break;
     }
@@ -512,8 +508,8 @@ static int events_socket(CURL *easy,      /* easy handle */
         m->socket.revents = 0;
         ev->list = m;
         infof(data, "socket cb: socket %" FMT_SOCKET_T " ADDED as %s%s", s,
-              (what&CURL_POLL_IN) ? "IN" : "",
-              (what&CURL_POLL_OUT) ? "OUT" : "");
+              (what & CURL_POLL_IN) ? "IN" : "",
+              (what & CURL_POLL_OUT) ? "OUT" : "");
       }
       else
         return CURLE_OUT_OF_MEMORY;
@@ -523,7 +519,6 @@ static int events_socket(CURL *easy,      /* easy handle */
   return 0;
 }
 
-
 /*
  * events_setup()
  *
@@ -681,7 +676,6 @@ static CURLcode wait_or_timeout(struct Curl_multi *multi, struct events *ev)
   return result;
 }
 
-
 /* easy_events()
  *
  * Runs a transfer in a blocking manner using the events-based API
@@ -690,7 +684,7 @@ static CURLcode easy_events(struct Curl_multi *multi)
 {
   /* this struct is made static to allow it to be used after this function
      returns and curl_multi_remove_handle() is called */
-  static struct events evs = {-1, FALSE, 0, NULL, 0};
+  static struct events evs = { -1, FALSE, 0, NULL, 0 };
 
   /* if running event-based, do some further multi inits */
   events_setup(multi, &evs);
@@ -738,7 +732,6 @@ static CURLcode easy_transfer(struct Curl_multi *multi)
   return result;
 }
 
-
 /*
  * easy_perform() is the internal interface that performs a blocking
  * transfer as previously setup.
@@ -1201,7 +1194,6 @@ CURLcode curl_easy_pause(CURL *d, int action)
   return result;
 }
 
-
 static CURLcode easy_connection(struct Curl_easy *data,
                                 struct connectdata **connp)
 {
diff --git a/lib/easy_lock.h b/lib/easy_lock.h
index f8998cc547..a10fe3103a 100644
--- a/lib/easy_lock.h
+++ b/lib/easy_lock.h
@@ -30,10 +30,10 @@
 
 #if defined(_WIN32_WINNT) && _WIN32_WINNT >= 0x600
 
-#define curl_simple_lock SRWLOCK
+#define curl_simple_lock      SRWLOCK
 #define CURL_SIMPLE_LOCK_INIT SRWLOCK_INIT
 
-#define curl_simple_lock_lock(m) AcquireSRWLockExclusive(m)
+#define curl_simple_lock_lock(m)   AcquireSRWLockExclusive(m)
 #define curl_simple_lock_unlock(m) ReleaseSRWLockExclusive(m)
 
 #elif defined(HAVE_ATOMIC) && defined(HAVE_STDATOMIC_H)
@@ -42,7 +42,7 @@
 #include 
 #endif
 
-#define curl_simple_lock atomic_int
+#define curl_simple_lock      atomic_int
 #define CURL_SIMPLE_LOCK_INIT 0
 
 #ifndef __INTEL_COMPILER
@@ -91,14 +91,14 @@ static CURL_INLINE void curl_simple_lock_unlock(curl_simple_lock *lock)
 
 #include 
 
-#define curl_simple_lock pthread_mutex_t
-#define CURL_SIMPLE_LOCK_INIT PTHREAD_MUTEX_INITIALIZER
-#define curl_simple_lock_lock(m) pthread_mutex_lock(m)
+#define curl_simple_lock           pthread_mutex_t
+#define CURL_SIMPLE_LOCK_INIT      PTHREAD_MUTEX_INITIALIZER
+#define curl_simple_lock_lock(m)   pthread_mutex_lock(m)
 #define curl_simple_lock_unlock(m) pthread_mutex_unlock(m)
 
 #else
 
-#undef  GLOBAL_INIT_IS_THREADSAFE
+#undef GLOBAL_INIT_IS_THREADSAFE
 
 #endif
 
diff --git a/lib/easyoptions.c b/lib/easyoptions.c
index 03d676df0e..4bd8457f75 100644
--- a/lib/easyoptions.c
+++ b/lib/easyoptions.c
@@ -29,348 +29,352 @@
 
 /* all easy setopt options listed in alphabetical order */
 const struct curl_easyoption Curl_easyopts[] = {
-  {"ABSTRACT_UNIX_SOCKET", CURLOPT_ABSTRACT_UNIX_SOCKET, CURLOT_STRING, 0},
-  {"ACCEPTTIMEOUT_MS", CURLOPT_ACCEPTTIMEOUT_MS, CURLOT_LONG, 0},
-  {"ACCEPT_ENCODING", CURLOPT_ACCEPT_ENCODING, CURLOT_STRING, 0},
-  {"ADDRESS_SCOPE", CURLOPT_ADDRESS_SCOPE, CURLOT_LONG, 0},
-  {"ALTSVC", CURLOPT_ALTSVC, CURLOT_STRING, 0},
-  {"ALTSVC_CTRL", CURLOPT_ALTSVC_CTRL, CURLOT_LONG, 0},
-  {"APPEND", CURLOPT_APPEND, CURLOT_LONG, 0},
-  {"AUTOREFERER", CURLOPT_AUTOREFERER, CURLOT_LONG, 0},
-  {"AWS_SIGV4", CURLOPT_AWS_SIGV4, CURLOT_STRING, 0},
-  {"BUFFERSIZE", CURLOPT_BUFFERSIZE, CURLOT_LONG, 0},
-  {"CAINFO", CURLOPT_CAINFO, CURLOT_STRING, 0},
-  {"CAINFO_BLOB", CURLOPT_CAINFO_BLOB, CURLOT_BLOB, 0},
-  {"CAPATH", CURLOPT_CAPATH, CURLOT_STRING, 0},
-  {"CA_CACHE_TIMEOUT", CURLOPT_CA_CACHE_TIMEOUT, CURLOT_LONG, 0},
-  {"CERTINFO", CURLOPT_CERTINFO, CURLOT_LONG, 0},
-  {"CHUNK_BGN_FUNCTION", CURLOPT_CHUNK_BGN_FUNCTION, CURLOT_FUNCTION, 0},
-  {"CHUNK_DATA", CURLOPT_CHUNK_DATA, CURLOT_CBPTR, 0},
-  {"CHUNK_END_FUNCTION", CURLOPT_CHUNK_END_FUNCTION, CURLOT_FUNCTION, 0},
-  {"CLOSESOCKETDATA", CURLOPT_CLOSESOCKETDATA, CURLOT_CBPTR, 0},
-  {"CLOSESOCKETFUNCTION", CURLOPT_CLOSESOCKETFUNCTION, CURLOT_FUNCTION, 0},
-  {"CONNECTTIMEOUT", CURLOPT_CONNECTTIMEOUT, CURLOT_LONG, 0},
-  {"CONNECTTIMEOUT_MS", CURLOPT_CONNECTTIMEOUT_MS, CURLOT_LONG, 0},
-  {"CONNECT_ONLY", CURLOPT_CONNECT_ONLY, CURLOT_LONG, 0},
-  {"CONNECT_TO", CURLOPT_CONNECT_TO, CURLOT_SLIST, 0},
-  {"CONV_FROM_NETWORK_FUNCTION", CURLOPT_CONV_FROM_NETWORK_FUNCTION,
-   CURLOT_FUNCTION, 0},
-  {"CONV_FROM_UTF8_FUNCTION", CURLOPT_CONV_FROM_UTF8_FUNCTION,
-   CURLOT_FUNCTION, 0},
-  {"CONV_TO_NETWORK_FUNCTION", CURLOPT_CONV_TO_NETWORK_FUNCTION,
-   CURLOT_FUNCTION, 0},
-  {"COOKIE", CURLOPT_COOKIE, CURLOT_STRING, 0},
-  {"COOKIEFILE", CURLOPT_COOKIEFILE, CURLOT_STRING, 0},
-  {"COOKIEJAR", CURLOPT_COOKIEJAR, CURLOT_STRING, 0},
-  {"COOKIELIST", CURLOPT_COOKIELIST, CURLOT_STRING, 0},
-  {"COOKIESESSION", CURLOPT_COOKIESESSION, CURLOT_LONG, 0},
-  {"COPYPOSTFIELDS", CURLOPT_COPYPOSTFIELDS, CURLOT_OBJECT, 0},
-  {"CRLF", CURLOPT_CRLF, CURLOT_LONG, 0},
-  {"CRLFILE", CURLOPT_CRLFILE, CURLOT_STRING, 0},
-  {"CURLU", CURLOPT_CURLU, CURLOT_OBJECT, 0},
-  {"CUSTOMREQUEST", CURLOPT_CUSTOMREQUEST, CURLOT_STRING, 0},
-  {"DEBUGDATA", CURLOPT_DEBUGDATA, CURLOT_CBPTR, 0},
-  {"DEBUGFUNCTION", CURLOPT_DEBUGFUNCTION, CURLOT_FUNCTION, 0},
-  {"DEFAULT_PROTOCOL", CURLOPT_DEFAULT_PROTOCOL, CURLOT_STRING, 0},
-  {"DIRLISTONLY", CURLOPT_DIRLISTONLY, CURLOT_LONG, 0},
-  {"DISALLOW_USERNAME_IN_URL", CURLOPT_DISALLOW_USERNAME_IN_URL,
-   CURLOT_LONG, 0},
-  {"DNS_CACHE_TIMEOUT", CURLOPT_DNS_CACHE_TIMEOUT, CURLOT_LONG, 0},
-  {"DNS_INTERFACE", CURLOPT_DNS_INTERFACE, CURLOT_STRING, 0},
-  {"DNS_LOCAL_IP4", CURLOPT_DNS_LOCAL_IP4, CURLOT_STRING, 0},
-  {"DNS_LOCAL_IP6", CURLOPT_DNS_LOCAL_IP6, CURLOT_STRING, 0},
-  {"DNS_SERVERS", CURLOPT_DNS_SERVERS, CURLOT_STRING, 0},
-  {"DNS_SHUFFLE_ADDRESSES", CURLOPT_DNS_SHUFFLE_ADDRESSES, CURLOT_LONG, 0},
-  {"DNS_USE_GLOBAL_CACHE", CURLOPT_DNS_USE_GLOBAL_CACHE, CURLOT_LONG, 0},
-  {"DOH_SSL_VERIFYHOST", CURLOPT_DOH_SSL_VERIFYHOST, CURLOT_LONG, 0},
-  {"DOH_SSL_VERIFYPEER", CURLOPT_DOH_SSL_VERIFYPEER, CURLOT_LONG, 0},
-  {"DOH_SSL_VERIFYSTATUS", CURLOPT_DOH_SSL_VERIFYSTATUS, CURLOT_LONG, 0},
-  {"DOH_URL", CURLOPT_DOH_URL, CURLOT_STRING, 0},
-  {"ECH", CURLOPT_ECH, CURLOT_STRING, 0},
-  {"EGDSOCKET", CURLOPT_EGDSOCKET, CURLOT_STRING, 0},
-  {"ENCODING", CURLOPT_ACCEPT_ENCODING, CURLOT_STRING, CURLOT_FLAG_ALIAS},
-  {"ERRORBUFFER", CURLOPT_ERRORBUFFER, CURLOT_OBJECT, 0},
-  {"EXPECT_100_TIMEOUT_MS", CURLOPT_EXPECT_100_TIMEOUT_MS, CURLOT_LONG, 0},
-  {"FAILONERROR", CURLOPT_FAILONERROR, CURLOT_LONG, 0},
-  {"FILE", CURLOPT_WRITEDATA, CURLOT_CBPTR, CURLOT_FLAG_ALIAS},
-  {"FILETIME", CURLOPT_FILETIME, CURLOT_LONG, 0},
-  {"FNMATCH_DATA", CURLOPT_FNMATCH_DATA, CURLOT_CBPTR, 0},
-  {"FNMATCH_FUNCTION", CURLOPT_FNMATCH_FUNCTION, CURLOT_FUNCTION, 0},
-  {"FOLLOWLOCATION", CURLOPT_FOLLOWLOCATION, CURLOT_LONG, 0},
-  {"FORBID_REUSE", CURLOPT_FORBID_REUSE, CURLOT_LONG, 0},
-  {"FRESH_CONNECT", CURLOPT_FRESH_CONNECT, CURLOT_LONG, 0},
-  {"FTPAPPEND", CURLOPT_APPEND, CURLOT_LONG, CURLOT_FLAG_ALIAS},
-  {"FTPLISTONLY", CURLOPT_DIRLISTONLY, CURLOT_LONG, CURLOT_FLAG_ALIAS},
-  {"FTPPORT", CURLOPT_FTPPORT, CURLOT_STRING, 0},
-  {"FTPSSLAUTH", CURLOPT_FTPSSLAUTH, CURLOT_VALUES, 0},
-  {"FTP_ACCOUNT", CURLOPT_FTP_ACCOUNT, CURLOT_STRING, 0},
-  {"FTP_ALTERNATIVE_TO_USER", CURLOPT_FTP_ALTERNATIVE_TO_USER,
-   CURLOT_STRING, 0},
-  {"FTP_CREATE_MISSING_DIRS", CURLOPT_FTP_CREATE_MISSING_DIRS,
-   CURLOT_LONG, 0},
-  {"FTP_FILEMETHOD", CURLOPT_FTP_FILEMETHOD, CURLOT_VALUES, 0},
-  {"FTP_RESPONSE_TIMEOUT", CURLOPT_SERVER_RESPONSE_TIMEOUT,
-   CURLOT_LONG, CURLOT_FLAG_ALIAS},
-  {"FTP_SKIP_PASV_IP", CURLOPT_FTP_SKIP_PASV_IP, CURLOT_LONG, 0},
-  {"FTP_SSL", CURLOPT_USE_SSL, CURLOT_VALUES, CURLOT_FLAG_ALIAS},
-  {"FTP_SSL_CCC", CURLOPT_FTP_SSL_CCC, CURLOT_LONG, 0},
-  {"FTP_USE_EPRT", CURLOPT_FTP_USE_EPRT, CURLOT_LONG, 0},
-  {"FTP_USE_EPSV", CURLOPT_FTP_USE_EPSV, CURLOT_LONG, 0},
-  {"FTP_USE_PRET", CURLOPT_FTP_USE_PRET, CURLOT_LONG, 0},
-  {"GSSAPI_DELEGATION", CURLOPT_GSSAPI_DELEGATION, CURLOT_VALUES, 0},
-  {"HAPPY_EYEBALLS_TIMEOUT_MS", CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS,
-   CURLOT_LONG, 0},
-  {"HAPROXYPROTOCOL", CURLOPT_HAPROXYPROTOCOL, CURLOT_LONG, 0},
-  {"HAPROXY_CLIENT_IP", CURLOPT_HAPROXY_CLIENT_IP, CURLOT_STRING, 0},
-  {"HEADER", CURLOPT_HEADER, CURLOT_LONG, 0},
-  {"HEADERDATA", CURLOPT_HEADERDATA, CURLOT_CBPTR, 0},
-  {"HEADERFUNCTION", CURLOPT_HEADERFUNCTION, CURLOT_FUNCTION, 0},
-  {"HEADEROPT", CURLOPT_HEADEROPT, CURLOT_VALUES, 0},
-  {"HSTS", CURLOPT_HSTS, CURLOT_STRING, 0},
-  {"HSTSREADDATA", CURLOPT_HSTSREADDATA, CURLOT_CBPTR, 0},
-  {"HSTSREADFUNCTION", CURLOPT_HSTSREADFUNCTION, CURLOT_FUNCTION, 0},
-  {"HSTSWRITEDATA", CURLOPT_HSTSWRITEDATA, CURLOT_CBPTR, 0},
-  {"HSTSWRITEFUNCTION", CURLOPT_HSTSWRITEFUNCTION, CURLOT_FUNCTION, 0},
-  {"HSTS_CTRL", CURLOPT_HSTS_CTRL, CURLOT_LONG, 0},
-  {"HTTP09_ALLOWED", CURLOPT_HTTP09_ALLOWED, CURLOT_LONG, 0},
-  {"HTTP200ALIASES", CURLOPT_HTTP200ALIASES, CURLOT_SLIST, 0},
-  {"HTTPAUTH", CURLOPT_HTTPAUTH, CURLOT_VALUES, 0},
-  {"HTTPGET", CURLOPT_HTTPGET, CURLOT_LONG, 0},
-  {"HTTPHEADER", CURLOPT_HTTPHEADER, CURLOT_SLIST, 0},
-  {"HTTPPOST", CURLOPT_HTTPPOST, CURLOT_OBJECT, 0},
-  {"HTTPPROXYTUNNEL", CURLOPT_HTTPPROXYTUNNEL, CURLOT_LONG, 0},
-  {"HTTP_CONTENT_DECODING", CURLOPT_HTTP_CONTENT_DECODING, CURLOT_LONG, 0},
-  {"HTTP_TRANSFER_DECODING", CURLOPT_HTTP_TRANSFER_DECODING, CURLOT_LONG, 0},
-  {"HTTP_VERSION", CURLOPT_HTTP_VERSION, CURLOT_VALUES, 0},
-  {"IGNORE_CONTENT_LENGTH", CURLOPT_IGNORE_CONTENT_LENGTH, CURLOT_LONG, 0},
-  {"INFILE", CURLOPT_READDATA, CURLOT_CBPTR, CURLOT_FLAG_ALIAS},
-  {"INFILESIZE", CURLOPT_INFILESIZE, CURLOT_LONG, 0},
-  {"INFILESIZE_LARGE", CURLOPT_INFILESIZE_LARGE, CURLOT_OFF_T, 0},
-  {"INTERFACE", CURLOPT_INTERFACE, CURLOT_STRING, 0},
-  {"INTERLEAVEDATA", CURLOPT_INTERLEAVEDATA, CURLOT_CBPTR, 0},
-  {"INTERLEAVEFUNCTION", CURLOPT_INTERLEAVEFUNCTION, CURLOT_FUNCTION, 0},
-  {"IOCTLDATA", CURLOPT_IOCTLDATA, CURLOT_CBPTR, 0},
-  {"IOCTLFUNCTION", CURLOPT_IOCTLFUNCTION, CURLOT_FUNCTION, 0},
-  {"IPRESOLVE", CURLOPT_IPRESOLVE, CURLOT_VALUES, 0},
-  {"ISSUERCERT", CURLOPT_ISSUERCERT, CURLOT_STRING, 0},
-  {"ISSUERCERT_BLOB", CURLOPT_ISSUERCERT_BLOB, CURLOT_BLOB, 0},
-  {"KEEP_SENDING_ON_ERROR", CURLOPT_KEEP_SENDING_ON_ERROR, CURLOT_LONG, 0},
-  {"KEYPASSWD", CURLOPT_KEYPASSWD, CURLOT_STRING, 0},
-  {"KRB4LEVEL", CURLOPT_KRBLEVEL, CURLOT_STRING, CURLOT_FLAG_ALIAS},
-  {"KRBLEVEL", CURLOPT_KRBLEVEL, CURLOT_STRING, 0},
-  {"LOCALPORT", CURLOPT_LOCALPORT, CURLOT_LONG, 0},
-  {"LOCALPORTRANGE", CURLOPT_LOCALPORTRANGE, CURLOT_LONG, 0},
-  {"LOGIN_OPTIONS", CURLOPT_LOGIN_OPTIONS, CURLOT_STRING, 0},
-  {"LOW_SPEED_LIMIT", CURLOPT_LOW_SPEED_LIMIT, CURLOT_LONG, 0},
-  {"LOW_SPEED_TIME", CURLOPT_LOW_SPEED_TIME, CURLOT_LONG, 0},
-  {"MAIL_AUTH", CURLOPT_MAIL_AUTH, CURLOT_STRING, 0},
-  {"MAIL_FROM", CURLOPT_MAIL_FROM, CURLOT_STRING, 0},
-  {"MAIL_RCPT", CURLOPT_MAIL_RCPT, CURLOT_SLIST, 0},
-  {"MAIL_RCPT_ALLLOWFAILS", CURLOPT_MAIL_RCPT_ALLOWFAILS,
-   CURLOT_LONG, CURLOT_FLAG_ALIAS},
-  {"MAIL_RCPT_ALLOWFAILS", CURLOPT_MAIL_RCPT_ALLOWFAILS, CURLOT_LONG, 0},
-  {"MAXAGE_CONN", CURLOPT_MAXAGE_CONN, CURLOT_LONG, 0},
-  {"MAXCONNECTS", CURLOPT_MAXCONNECTS, CURLOT_LONG, 0},
-  {"MAXFILESIZE", CURLOPT_MAXFILESIZE, CURLOT_LONG, 0},
-  {"MAXFILESIZE_LARGE", CURLOPT_MAXFILESIZE_LARGE, CURLOT_OFF_T, 0},
-  {"MAXLIFETIME_CONN", CURLOPT_MAXLIFETIME_CONN, CURLOT_LONG, 0},
-  {"MAXREDIRS", CURLOPT_MAXREDIRS, CURLOT_LONG, 0},
-  {"MAX_RECV_SPEED_LARGE", CURLOPT_MAX_RECV_SPEED_LARGE, CURLOT_OFF_T, 0},
-  {"MAX_SEND_SPEED_LARGE", CURLOPT_MAX_SEND_SPEED_LARGE, CURLOT_OFF_T, 0},
-  {"MIMEPOST", CURLOPT_MIMEPOST, CURLOT_OBJECT, 0},
-  {"MIME_OPTIONS", CURLOPT_MIME_OPTIONS, CURLOT_LONG, 0},
-  {"NETRC", CURLOPT_NETRC, CURLOT_VALUES, 0},
-  {"NETRC_FILE", CURLOPT_NETRC_FILE, CURLOT_STRING, 0},
-  {"NEW_DIRECTORY_PERMS", CURLOPT_NEW_DIRECTORY_PERMS, CURLOT_LONG, 0},
-  {"NEW_FILE_PERMS", CURLOPT_NEW_FILE_PERMS, CURLOT_LONG, 0},
-  {"NOBODY", CURLOPT_NOBODY, CURLOT_LONG, 0},
-  {"NOPROGRESS", CURLOPT_NOPROGRESS, CURLOT_LONG, 0},
-  {"NOPROXY", CURLOPT_NOPROXY, CURLOT_STRING, 0},
-  {"NOSIGNAL", CURLOPT_NOSIGNAL, CURLOT_LONG, 0},
-  {"OPENSOCKETDATA", CURLOPT_OPENSOCKETDATA, CURLOT_CBPTR, 0},
-  {"OPENSOCKETFUNCTION", CURLOPT_OPENSOCKETFUNCTION, CURLOT_FUNCTION, 0},
-  {"PASSWORD", CURLOPT_PASSWORD, CURLOT_STRING, 0},
-  {"PATH_AS_IS", CURLOPT_PATH_AS_IS, CURLOT_LONG, 0},
-  {"PINNEDPUBLICKEY", CURLOPT_PINNEDPUBLICKEY, CURLOT_STRING, 0},
-  {"PIPEWAIT", CURLOPT_PIPEWAIT, CURLOT_LONG, 0},
-  {"PORT", CURLOPT_PORT, CURLOT_LONG, 0},
-  {"POST", CURLOPT_POST, CURLOT_LONG, 0},
-  {"POST301", CURLOPT_POSTREDIR, CURLOT_VALUES, CURLOT_FLAG_ALIAS},
-  {"POSTFIELDS", CURLOPT_POSTFIELDS, CURLOT_OBJECT, 0},
-  {"POSTFIELDSIZE", CURLOPT_POSTFIELDSIZE, CURLOT_LONG, 0},
-  {"POSTFIELDSIZE_LARGE", CURLOPT_POSTFIELDSIZE_LARGE, CURLOT_OFF_T, 0},
-  {"POSTQUOTE", CURLOPT_POSTQUOTE, CURLOT_SLIST, 0},
-  {"POSTREDIR", CURLOPT_POSTREDIR, CURLOT_VALUES, 0},
-  {"PREQUOTE", CURLOPT_PREQUOTE, CURLOT_SLIST, 0},
-  {"PREREQDATA", CURLOPT_PREREQDATA, CURLOT_CBPTR, 0},
-  {"PREREQFUNCTION", CURLOPT_PREREQFUNCTION, CURLOT_FUNCTION, 0},
-  {"PRE_PROXY", CURLOPT_PRE_PROXY, CURLOT_STRING, 0},
-  {"PRIVATE", CURLOPT_PRIVATE, CURLOT_OBJECT, 0},
-  {"PROGRESSDATA", CURLOPT_XFERINFODATA, CURLOT_CBPTR, CURLOT_FLAG_ALIAS},
-  {"PROGRESSFUNCTION", CURLOPT_PROGRESSFUNCTION, CURLOT_FUNCTION, 0},
-  {"PROTOCOLS", CURLOPT_PROTOCOLS, CURLOT_LONG, 0},
-  {"PROTOCOLS_STR", CURLOPT_PROTOCOLS_STR, CURLOT_STRING, 0},
-  {"PROXY", CURLOPT_PROXY, CURLOT_STRING, 0},
-  {"PROXYAUTH", CURLOPT_PROXYAUTH, CURLOT_VALUES, 0},
-  {"PROXYHEADER", CURLOPT_PROXYHEADER, CURLOT_SLIST, 0},
-  {"PROXYPASSWORD", CURLOPT_PROXYPASSWORD, CURLOT_STRING, 0},
-  {"PROXYPORT", CURLOPT_PROXYPORT, CURLOT_LONG, 0},
-  {"PROXYTYPE", CURLOPT_PROXYTYPE, CURLOT_VALUES, 0},
-  {"PROXYUSERNAME", CURLOPT_PROXYUSERNAME, CURLOT_STRING, 0},
-  {"PROXYUSERPWD", CURLOPT_PROXYUSERPWD, CURLOT_STRING, 0},
-  {"PROXY_CAINFO", CURLOPT_PROXY_CAINFO, CURLOT_STRING, 0},
-  {"PROXY_CAINFO_BLOB", CURLOPT_PROXY_CAINFO_BLOB, CURLOT_BLOB, 0},
-  {"PROXY_CAPATH", CURLOPT_PROXY_CAPATH, CURLOT_STRING, 0},
-  {"PROXY_CRLFILE", CURLOPT_PROXY_CRLFILE, CURLOT_STRING, 0},
-  {"PROXY_ISSUERCERT", CURLOPT_PROXY_ISSUERCERT, CURLOT_STRING, 0},
-  {"PROXY_ISSUERCERT_BLOB", CURLOPT_PROXY_ISSUERCERT_BLOB, CURLOT_BLOB, 0},
-  {"PROXY_KEYPASSWD", CURLOPT_PROXY_KEYPASSWD, CURLOT_STRING, 0},
-  {"PROXY_PINNEDPUBLICKEY", CURLOPT_PROXY_PINNEDPUBLICKEY, CURLOT_STRING, 0},
-  {"PROXY_SERVICE_NAME", CURLOPT_PROXY_SERVICE_NAME, CURLOT_STRING, 0},
-  {"PROXY_SSLCERT", CURLOPT_PROXY_SSLCERT, CURLOT_STRING, 0},
-  {"PROXY_SSLCERTTYPE", CURLOPT_PROXY_SSLCERTTYPE, CURLOT_STRING, 0},
-  {"PROXY_SSLCERT_BLOB", CURLOPT_PROXY_SSLCERT_BLOB, CURLOT_BLOB, 0},
-  {"PROXY_SSLKEY", CURLOPT_PROXY_SSLKEY, CURLOT_STRING, 0},
-  {"PROXY_SSLKEYTYPE", CURLOPT_PROXY_SSLKEYTYPE, CURLOT_STRING, 0},
-  {"PROXY_SSLKEY_BLOB", CURLOPT_PROXY_SSLKEY_BLOB, CURLOT_BLOB, 0},
-  {"PROXY_SSLVERSION", CURLOPT_PROXY_SSLVERSION, CURLOT_VALUES, 0},
-  {"PROXY_SSL_CIPHER_LIST", CURLOPT_PROXY_SSL_CIPHER_LIST, CURLOT_STRING, 0},
-  {"PROXY_SSL_OPTIONS", CURLOPT_PROXY_SSL_OPTIONS, CURLOT_LONG, 0},
-  {"PROXY_SSL_VERIFYHOST", CURLOPT_PROXY_SSL_VERIFYHOST, CURLOT_LONG, 0},
-  {"PROXY_SSL_VERIFYPEER", CURLOPT_PROXY_SSL_VERIFYPEER, CURLOT_LONG, 0},
-  {"PROXY_TLS13_CIPHERS", CURLOPT_PROXY_TLS13_CIPHERS, CURLOT_STRING, 0},
-  {"PROXY_TLSAUTH_PASSWORD", CURLOPT_PROXY_TLSAUTH_PASSWORD,
-   CURLOT_STRING, 0},
-  {"PROXY_TLSAUTH_TYPE", CURLOPT_PROXY_TLSAUTH_TYPE, CURLOT_STRING, 0},
-  {"PROXY_TLSAUTH_USERNAME", CURLOPT_PROXY_TLSAUTH_USERNAME,
-   CURLOT_STRING, 0},
-  {"PROXY_TRANSFER_MODE", CURLOPT_PROXY_TRANSFER_MODE, CURLOT_LONG, 0},
-  {"PUT", CURLOPT_PUT, CURLOT_LONG, 0},
-  {"QUICK_EXIT", CURLOPT_QUICK_EXIT, CURLOT_LONG, 0},
-  {"QUOTE", CURLOPT_QUOTE, CURLOT_SLIST, 0},
-  {"RANDOM_FILE", CURLOPT_RANDOM_FILE, CURLOT_STRING, 0},
-  {"RANGE", CURLOPT_RANGE, CURLOT_STRING, 0},
-  {"READDATA", CURLOPT_READDATA, CURLOT_CBPTR, 0},
-  {"READFUNCTION", CURLOPT_READFUNCTION, CURLOT_FUNCTION, 0},
-  {"REDIR_PROTOCOLS", CURLOPT_REDIR_PROTOCOLS, CURLOT_LONG, 0},
-  {"REDIR_PROTOCOLS_STR", CURLOPT_REDIR_PROTOCOLS_STR, CURLOT_STRING, 0},
-  {"REFERER", CURLOPT_REFERER, CURLOT_STRING, 0},
-  {"REQUEST_TARGET", CURLOPT_REQUEST_TARGET, CURLOT_STRING, 0},
-  {"RESOLVE", CURLOPT_RESOLVE, CURLOT_SLIST, 0},
-  {"RESOLVER_START_DATA", CURLOPT_RESOLVER_START_DATA, CURLOT_CBPTR, 0},
-  {"RESOLVER_START_FUNCTION", CURLOPT_RESOLVER_START_FUNCTION,
-   CURLOT_FUNCTION, 0},
-  {"RESUME_FROM", CURLOPT_RESUME_FROM, CURLOT_LONG, 0},
-  {"RESUME_FROM_LARGE", CURLOPT_RESUME_FROM_LARGE, CURLOT_OFF_T, 0},
-  {"RTSPHEADER", CURLOPT_HTTPHEADER, CURLOT_SLIST, CURLOT_FLAG_ALIAS},
-  {"RTSP_CLIENT_CSEQ", CURLOPT_RTSP_CLIENT_CSEQ, CURLOT_LONG, 0},
-  {"RTSP_REQUEST", CURLOPT_RTSP_REQUEST, CURLOT_VALUES, 0},
-  {"RTSP_SERVER_CSEQ", CURLOPT_RTSP_SERVER_CSEQ, CURLOT_LONG, 0},
-  {"RTSP_SESSION_ID", CURLOPT_RTSP_SESSION_ID, CURLOT_STRING, 0},
-  {"RTSP_STREAM_URI", CURLOPT_RTSP_STREAM_URI, CURLOT_STRING, 0},
-  {"RTSP_TRANSPORT", CURLOPT_RTSP_TRANSPORT, CURLOT_STRING, 0},
-  {"SASL_AUTHZID", CURLOPT_SASL_AUTHZID, CURLOT_STRING, 0},
-  {"SASL_IR", CURLOPT_SASL_IR, CURLOT_LONG, 0},
-  {"SEEKDATA", CURLOPT_SEEKDATA, CURLOT_CBPTR, 0},
-  {"SEEKFUNCTION", CURLOPT_SEEKFUNCTION, CURLOT_FUNCTION, 0},
-  {"SERVER_RESPONSE_TIMEOUT", CURLOPT_SERVER_RESPONSE_TIMEOUT,
-   CURLOT_LONG, 0},
-  {"SERVER_RESPONSE_TIMEOUT_MS", CURLOPT_SERVER_RESPONSE_TIMEOUT_MS,
-   CURLOT_LONG, 0},
-  {"SERVICE_NAME", CURLOPT_SERVICE_NAME, CURLOT_STRING, 0},
-  {"SHARE", CURLOPT_SHARE, CURLOT_OBJECT, 0},
-  {"SOCKOPTDATA", CURLOPT_SOCKOPTDATA, CURLOT_CBPTR, 0},
-  {"SOCKOPTFUNCTION", CURLOPT_SOCKOPTFUNCTION, CURLOT_FUNCTION, 0},
-  {"SOCKS5_AUTH", CURLOPT_SOCKS5_AUTH, CURLOT_LONG, 0},
-  {"SOCKS5_GSSAPI_NEC", CURLOPT_SOCKS5_GSSAPI_NEC, CURLOT_LONG, 0},
-  {"SOCKS5_GSSAPI_SERVICE", CURLOPT_SOCKS5_GSSAPI_SERVICE, CURLOT_STRING, 0},
-  {"SSH_AUTH_TYPES", CURLOPT_SSH_AUTH_TYPES, CURLOT_VALUES, 0},
-  {"SSH_COMPRESSION", CURLOPT_SSH_COMPRESSION, CURLOT_LONG, 0},
-  {"SSH_HOSTKEYDATA", CURLOPT_SSH_HOSTKEYDATA, CURLOT_CBPTR, 0},
-  {"SSH_HOSTKEYFUNCTION", CURLOPT_SSH_HOSTKEYFUNCTION, CURLOT_FUNCTION, 0},
-  {"SSH_HOST_PUBLIC_KEY_MD5", CURLOPT_SSH_HOST_PUBLIC_KEY_MD5,
-   CURLOT_STRING, 0},
-  {"SSH_HOST_PUBLIC_KEY_SHA256", CURLOPT_SSH_HOST_PUBLIC_KEY_SHA256,
-   CURLOT_STRING, 0},
-  {"SSH_KEYDATA", CURLOPT_SSH_KEYDATA, CURLOT_CBPTR, 0},
-  {"SSH_KEYFUNCTION", CURLOPT_SSH_KEYFUNCTION, CURLOT_FUNCTION, 0},
-  {"SSH_KNOWNHOSTS", CURLOPT_SSH_KNOWNHOSTS, CURLOT_STRING, 0},
-  {"SSH_PRIVATE_KEYFILE", CURLOPT_SSH_PRIVATE_KEYFILE, CURLOT_STRING, 0},
-  {"SSH_PUBLIC_KEYFILE", CURLOPT_SSH_PUBLIC_KEYFILE, CURLOT_STRING, 0},
-  {"SSLCERT", CURLOPT_SSLCERT, CURLOT_STRING, 0},
-  {"SSLCERTPASSWD", CURLOPT_KEYPASSWD, CURLOT_STRING, CURLOT_FLAG_ALIAS},
-  {"SSLCERTTYPE", CURLOPT_SSLCERTTYPE, CURLOT_STRING, 0},
-  {"SSLCERT_BLOB", CURLOPT_SSLCERT_BLOB, CURLOT_BLOB, 0},
-  {"SSLENGINE", CURLOPT_SSLENGINE, CURLOT_STRING, 0},
-  {"SSLENGINE_DEFAULT", CURLOPT_SSLENGINE_DEFAULT, CURLOT_LONG, 0},
-  {"SSLKEY", CURLOPT_SSLKEY, CURLOT_STRING, 0},
-  {"SSLKEYPASSWD", CURLOPT_KEYPASSWD, CURLOT_STRING, CURLOT_FLAG_ALIAS},
-  {"SSLKEYTYPE", CURLOPT_SSLKEYTYPE, CURLOT_STRING, 0},
-  {"SSLKEY_BLOB", CURLOPT_SSLKEY_BLOB, CURLOT_BLOB, 0},
-  {"SSLVERSION", CURLOPT_SSLVERSION, CURLOT_VALUES, 0},
-  {"SSL_CIPHER_LIST", CURLOPT_SSL_CIPHER_LIST, CURLOT_STRING, 0},
-  {"SSL_CTX_DATA", CURLOPT_SSL_CTX_DATA, CURLOT_CBPTR, 0},
-  {"SSL_CTX_FUNCTION", CURLOPT_SSL_CTX_FUNCTION, CURLOT_FUNCTION, 0},
-  {"SSL_EC_CURVES", CURLOPT_SSL_EC_CURVES, CURLOT_STRING, 0},
-  {"SSL_ENABLE_ALPN", CURLOPT_SSL_ENABLE_ALPN, CURLOT_LONG, 0},
-  {"SSL_ENABLE_NPN", CURLOPT_SSL_ENABLE_NPN, CURLOT_LONG, 0},
-  {"SSL_FALSESTART", CURLOPT_SSL_FALSESTART, CURLOT_LONG, 0},
-  {"SSL_OPTIONS", CURLOPT_SSL_OPTIONS, CURLOT_VALUES, 0},
-  {"SSL_SESSIONID_CACHE", CURLOPT_SSL_SESSIONID_CACHE, CURLOT_LONG, 0},
-  {"SSL_SIGNATURE_ALGORITHMS", CURLOPT_SSL_SIGNATURE_ALGORITHMS,
-   CURLOT_STRING, 0},
-  {"SSL_VERIFYHOST", CURLOPT_SSL_VERIFYHOST, CURLOT_LONG, 0},
-  {"SSL_VERIFYPEER", CURLOPT_SSL_VERIFYPEER, CURLOT_LONG, 0},
-  {"SSL_VERIFYSTATUS", CURLOPT_SSL_VERIFYSTATUS, CURLOT_LONG, 0},
-  {"STDERR", CURLOPT_STDERR, CURLOT_OBJECT, 0},
-  {"STREAM_DEPENDS", CURLOPT_STREAM_DEPENDS, CURLOT_OBJECT, 0},
-  {"STREAM_DEPENDS_E", CURLOPT_STREAM_DEPENDS_E, CURLOT_OBJECT, 0},
-  {"STREAM_WEIGHT", CURLOPT_STREAM_WEIGHT, CURLOT_LONG, 0},
-  {"SUPPRESS_CONNECT_HEADERS", CURLOPT_SUPPRESS_CONNECT_HEADERS,
-   CURLOT_LONG, 0},
-  {"TCP_FASTOPEN", CURLOPT_TCP_FASTOPEN, CURLOT_LONG, 0},
-  {"TCP_KEEPALIVE", CURLOPT_TCP_KEEPALIVE, CURLOT_LONG, 0},
-  {"TCP_KEEPCNT", CURLOPT_TCP_KEEPCNT, CURLOT_LONG, 0},
-  {"TCP_KEEPIDLE", CURLOPT_TCP_KEEPIDLE, CURLOT_LONG, 0},
-  {"TCP_KEEPINTVL", CURLOPT_TCP_KEEPINTVL, CURLOT_LONG, 0},
-  {"TCP_NODELAY", CURLOPT_TCP_NODELAY, CURLOT_LONG, 0},
-  {"TELNETOPTIONS", CURLOPT_TELNETOPTIONS, CURLOT_SLIST, 0},
-  {"TFTP_BLKSIZE", CURLOPT_TFTP_BLKSIZE, CURLOT_LONG, 0},
-  {"TFTP_NO_OPTIONS", CURLOPT_TFTP_NO_OPTIONS, CURLOT_LONG, 0},
-  {"TIMECONDITION", CURLOPT_TIMECONDITION, CURLOT_VALUES, 0},
-  {"TIMEOUT", CURLOPT_TIMEOUT, CURLOT_LONG, 0},
-  {"TIMEOUT_MS", CURLOPT_TIMEOUT_MS, CURLOT_LONG, 0},
-  {"TIMEVALUE", CURLOPT_TIMEVALUE, CURLOT_LONG, 0},
-  {"TIMEVALUE_LARGE", CURLOPT_TIMEVALUE_LARGE, CURLOT_OFF_T, 0},
-  {"TLS13_CIPHERS", CURLOPT_TLS13_CIPHERS, CURLOT_STRING, 0},
-  {"TLSAUTH_PASSWORD", CURLOPT_TLSAUTH_PASSWORD, CURLOT_STRING, 0},
-  {"TLSAUTH_TYPE", CURLOPT_TLSAUTH_TYPE, CURLOT_STRING, 0},
-  {"TLSAUTH_USERNAME", CURLOPT_TLSAUTH_USERNAME, CURLOT_STRING, 0},
-  {"TRAILERDATA", CURLOPT_TRAILERDATA, CURLOT_CBPTR, 0},
-  {"TRAILERFUNCTION", CURLOPT_TRAILERFUNCTION, CURLOT_FUNCTION, 0},
-  {"TRANSFERTEXT", CURLOPT_TRANSFERTEXT, CURLOT_LONG, 0},
-  {"TRANSFER_ENCODING", CURLOPT_TRANSFER_ENCODING, CURLOT_LONG, 0},
-  {"UNIX_SOCKET_PATH", CURLOPT_UNIX_SOCKET_PATH, CURLOT_STRING, 0},
-  {"UNRESTRICTED_AUTH", CURLOPT_UNRESTRICTED_AUTH, CURLOT_LONG, 0},
-  {"UPKEEP_INTERVAL_MS", CURLOPT_UPKEEP_INTERVAL_MS, CURLOT_LONG, 0},
-  {"UPLOAD", CURLOPT_UPLOAD, CURLOT_LONG, 0},
-  {"UPLOAD_BUFFERSIZE", CURLOPT_UPLOAD_BUFFERSIZE, CURLOT_LONG, 0},
-  {"UPLOAD_FLAGS", CURLOPT_UPLOAD_FLAGS, CURLOT_LONG, 0},
-  {"URL", CURLOPT_URL, CURLOT_STRING, 0},
-  {"USERAGENT", CURLOPT_USERAGENT, CURLOT_STRING, 0},
-  {"USERNAME", CURLOPT_USERNAME, CURLOT_STRING, 0},
-  {"USERPWD", CURLOPT_USERPWD, CURLOT_STRING, 0},
-  {"USE_SSL", CURLOPT_USE_SSL, CURLOT_VALUES, 0},
-  {"VERBOSE", CURLOPT_VERBOSE, CURLOT_LONG, 0},
-  {"WILDCARDMATCH", CURLOPT_WILDCARDMATCH, CURLOT_LONG, 0},
-  {"WRITEDATA", CURLOPT_WRITEDATA, CURLOT_CBPTR, 0},
-  {"WRITEFUNCTION", CURLOPT_WRITEFUNCTION, CURLOT_FUNCTION, 0},
-  {"WRITEHEADER", CURLOPT_HEADERDATA, CURLOT_CBPTR, CURLOT_FLAG_ALIAS},
-  {"WS_OPTIONS", CURLOPT_WS_OPTIONS, CURLOT_LONG, 0},
-  {"XFERINFODATA", CURLOPT_XFERINFODATA, CURLOT_CBPTR, 0},
-  {"XFERINFOFUNCTION", CURLOPT_XFERINFOFUNCTION, CURLOT_FUNCTION, 0},
-  {"XOAUTH2_BEARER", CURLOPT_XOAUTH2_BEARER, CURLOT_STRING, 0},
-  {NULL, CURLOPT_LASTENTRY, CURLOT_LONG, 0} /* end of table */
+  { "ABSTRACT_UNIX_SOCKET", CURLOPT_ABSTRACT_UNIX_SOCKET, CURLOT_STRING, 0 },
+  { "ACCEPTTIMEOUT_MS", CURLOPT_ACCEPTTIMEOUT_MS, CURLOT_LONG, 0 },
+  { "ACCEPT_ENCODING", CURLOPT_ACCEPT_ENCODING, CURLOT_STRING, 0 },
+  { "ADDRESS_SCOPE", CURLOPT_ADDRESS_SCOPE, CURLOT_LONG, 0 },
+  { "ALTSVC", CURLOPT_ALTSVC, CURLOT_STRING, 0 },
+  { "ALTSVC_CTRL", CURLOPT_ALTSVC_CTRL, CURLOT_LONG, 0 },
+  { "APPEND", CURLOPT_APPEND, CURLOT_LONG, 0 },
+  { "AUTOREFERER", CURLOPT_AUTOREFERER, CURLOT_LONG, 0 },
+  { "AWS_SIGV4", CURLOPT_AWS_SIGV4, CURLOT_STRING, 0 },
+  { "BUFFERSIZE", CURLOPT_BUFFERSIZE, CURLOT_LONG, 0 },
+  { "CAINFO", CURLOPT_CAINFO, CURLOT_STRING, 0 },
+  { "CAINFO_BLOB", CURLOPT_CAINFO_BLOB, CURLOT_BLOB, 0 },
+  { "CAPATH", CURLOPT_CAPATH, CURLOT_STRING, 0 },
+  { "CA_CACHE_TIMEOUT", CURLOPT_CA_CACHE_TIMEOUT, CURLOT_LONG, 0 },
+  { "CERTINFO", CURLOPT_CERTINFO, CURLOT_LONG, 0 },
+  { "CHUNK_BGN_FUNCTION", CURLOPT_CHUNK_BGN_FUNCTION, CURLOT_FUNCTION, 0 },
+  { "CHUNK_DATA", CURLOPT_CHUNK_DATA, CURLOT_CBPTR, 0 },
+  { "CHUNK_END_FUNCTION", CURLOPT_CHUNK_END_FUNCTION, CURLOT_FUNCTION, 0 },
+  { "CLOSESOCKETDATA", CURLOPT_CLOSESOCKETDATA, CURLOT_CBPTR, 0 },
+  { "CLOSESOCKETFUNCTION", CURLOPT_CLOSESOCKETFUNCTION, CURLOT_FUNCTION, 0 },
+  { "CONNECTTIMEOUT", CURLOPT_CONNECTTIMEOUT, CURLOT_LONG, 0 },
+  { "CONNECTTIMEOUT_MS", CURLOPT_CONNECTTIMEOUT_MS, CURLOT_LONG, 0 },
+  { "CONNECT_ONLY", CURLOPT_CONNECT_ONLY, CURLOT_LONG, 0 },
+  { "CONNECT_TO", CURLOPT_CONNECT_TO, CURLOT_SLIST, 0 },
+  { "CONV_FROM_NETWORK_FUNCTION", CURLOPT_CONV_FROM_NETWORK_FUNCTION,
+    CURLOT_FUNCTION, 0 },
+  { "CONV_FROM_UTF8_FUNCTION", CURLOPT_CONV_FROM_UTF8_FUNCTION,
+    CURLOT_FUNCTION, 0 },
+  { "CONV_TO_NETWORK_FUNCTION", CURLOPT_CONV_TO_NETWORK_FUNCTION,
+    CURLOT_FUNCTION, 0 },
+  { "COOKIE", CURLOPT_COOKIE, CURLOT_STRING, 0 },
+  { "COOKIEFILE", CURLOPT_COOKIEFILE, CURLOT_STRING, 0 },
+  { "COOKIEJAR", CURLOPT_COOKIEJAR, CURLOT_STRING, 0 },
+  { "COOKIELIST", CURLOPT_COOKIELIST, CURLOT_STRING, 0 },
+  { "COOKIESESSION", CURLOPT_COOKIESESSION, CURLOT_LONG, 0 },
+  { "COPYPOSTFIELDS", CURLOPT_COPYPOSTFIELDS, CURLOT_OBJECT, 0 },
+  { "CRLF", CURLOPT_CRLF, CURLOT_LONG, 0 },
+  { "CRLFILE", CURLOPT_CRLFILE, CURLOT_STRING, 0 },
+  { "CURLU", CURLOPT_CURLU, CURLOT_OBJECT, 0 },
+  { "CUSTOMREQUEST", CURLOPT_CUSTOMREQUEST, CURLOT_STRING, 0 },
+  { "DEBUGDATA", CURLOPT_DEBUGDATA, CURLOT_CBPTR, 0 },
+  { "DEBUGFUNCTION", CURLOPT_DEBUGFUNCTION, CURLOT_FUNCTION, 0 },
+  { "DEFAULT_PROTOCOL", CURLOPT_DEFAULT_PROTOCOL, CURLOT_STRING, 0 },
+  { "DIRLISTONLY", CURLOPT_DIRLISTONLY, CURLOT_LONG, 0 },
+  { "DISALLOW_USERNAME_IN_URL", CURLOPT_DISALLOW_USERNAME_IN_URL,
+    CURLOT_LONG, 0 },
+  { "DNS_CACHE_TIMEOUT", CURLOPT_DNS_CACHE_TIMEOUT, CURLOT_LONG, 0 },
+  { "DNS_INTERFACE", CURLOPT_DNS_INTERFACE, CURLOT_STRING, 0 },
+  { "DNS_LOCAL_IP4", CURLOPT_DNS_LOCAL_IP4, CURLOT_STRING, 0 },
+  { "DNS_LOCAL_IP6", CURLOPT_DNS_LOCAL_IP6, CURLOT_STRING, 0 },
+  { "DNS_SERVERS", CURLOPT_DNS_SERVERS, CURLOT_STRING, 0 },
+  { "DNS_SHUFFLE_ADDRESSES", CURLOPT_DNS_SHUFFLE_ADDRESSES, CURLOT_LONG, 0 },
+  { "DNS_USE_GLOBAL_CACHE", CURLOPT_DNS_USE_GLOBAL_CACHE, CURLOT_LONG, 0 },
+  { "DOH_SSL_VERIFYHOST", CURLOPT_DOH_SSL_VERIFYHOST, CURLOT_LONG, 0 },
+  { "DOH_SSL_VERIFYPEER", CURLOPT_DOH_SSL_VERIFYPEER, CURLOT_LONG, 0 },
+  { "DOH_SSL_VERIFYSTATUS", CURLOPT_DOH_SSL_VERIFYSTATUS, CURLOT_LONG, 0 },
+  { "DOH_URL", CURLOPT_DOH_URL, CURLOT_STRING, 0 },
+  { "ECH", CURLOPT_ECH, CURLOT_STRING, 0 },
+  { "EGDSOCKET", CURLOPT_EGDSOCKET, CURLOT_STRING, 0 },
+  { "ENCODING", CURLOPT_ACCEPT_ENCODING, CURLOT_STRING, CURLOT_FLAG_ALIAS },
+  { "ERRORBUFFER", CURLOPT_ERRORBUFFER, CURLOT_OBJECT, 0 },
+  { "EXPECT_100_TIMEOUT_MS", CURLOPT_EXPECT_100_TIMEOUT_MS, CURLOT_LONG, 0 },
+  { "FAILONERROR", CURLOPT_FAILONERROR, CURLOT_LONG, 0 },
+  { "FILE", CURLOPT_WRITEDATA, CURLOT_CBPTR, CURLOT_FLAG_ALIAS },
+  { "FILETIME", CURLOPT_FILETIME, CURLOT_LONG, 0 },
+  { "FNMATCH_DATA", CURLOPT_FNMATCH_DATA, CURLOT_CBPTR, 0 },
+  { "FNMATCH_FUNCTION", CURLOPT_FNMATCH_FUNCTION, CURLOT_FUNCTION, 0 },
+  { "FOLLOWLOCATION", CURLOPT_FOLLOWLOCATION, CURLOT_LONG, 0 },
+  { "FORBID_REUSE", CURLOPT_FORBID_REUSE, CURLOT_LONG, 0 },
+  { "FRESH_CONNECT", CURLOPT_FRESH_CONNECT, CURLOT_LONG, 0 },
+  { "FTPAPPEND", CURLOPT_APPEND, CURLOT_LONG, CURLOT_FLAG_ALIAS },
+  { "FTPLISTONLY", CURLOPT_DIRLISTONLY, CURLOT_LONG, CURLOT_FLAG_ALIAS },
+  { "FTPPORT", CURLOPT_FTPPORT, CURLOT_STRING, 0 },
+  { "FTPSSLAUTH", CURLOPT_FTPSSLAUTH, CURLOT_VALUES, 0 },
+  { "FTP_ACCOUNT", CURLOPT_FTP_ACCOUNT, CURLOT_STRING, 0 },
+  { "FTP_ALTERNATIVE_TO_USER", CURLOPT_FTP_ALTERNATIVE_TO_USER,
+    CURLOT_STRING, 0 },
+  { "FTP_CREATE_MISSING_DIRS", CURLOPT_FTP_CREATE_MISSING_DIRS,
+    CURLOT_LONG, 0 },
+  { "FTP_FILEMETHOD", CURLOPT_FTP_FILEMETHOD, CURLOT_VALUES, 0 },
+  { "FTP_RESPONSE_TIMEOUT", CURLOPT_SERVER_RESPONSE_TIMEOUT,
+    CURLOT_LONG, CURLOT_FLAG_ALIAS },
+  { "FTP_SKIP_PASV_IP", CURLOPT_FTP_SKIP_PASV_IP, CURLOT_LONG, 0 },
+  { "FTP_SSL", CURLOPT_USE_SSL, CURLOT_VALUES, CURLOT_FLAG_ALIAS },
+  { "FTP_SSL_CCC", CURLOPT_FTP_SSL_CCC, CURLOT_LONG, 0 },
+  { "FTP_USE_EPRT", CURLOPT_FTP_USE_EPRT, CURLOT_LONG, 0 },
+  { "FTP_USE_EPSV", CURLOPT_FTP_USE_EPSV, CURLOT_LONG, 0 },
+  { "FTP_USE_PRET", CURLOPT_FTP_USE_PRET, CURLOT_LONG, 0 },
+  { "GSSAPI_DELEGATION", CURLOPT_GSSAPI_DELEGATION, CURLOT_VALUES, 0 },
+  { "HAPPY_EYEBALLS_TIMEOUT_MS", CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS,
+    CURLOT_LONG, 0 },
+  { "HAPROXYPROTOCOL", CURLOPT_HAPROXYPROTOCOL, CURLOT_LONG, 0 },
+  { "HAPROXY_CLIENT_IP", CURLOPT_HAPROXY_CLIENT_IP, CURLOT_STRING, 0 },
+  { "HEADER", CURLOPT_HEADER, CURLOT_LONG, 0 },
+  { "HEADERDATA", CURLOPT_HEADERDATA, CURLOT_CBPTR, 0 },
+  { "HEADERFUNCTION", CURLOPT_HEADERFUNCTION, CURLOT_FUNCTION, 0 },
+  { "HEADEROPT", CURLOPT_HEADEROPT, CURLOT_VALUES, 0 },
+  { "HSTS", CURLOPT_HSTS, CURLOT_STRING, 0 },
+  { "HSTSREADDATA", CURLOPT_HSTSREADDATA, CURLOT_CBPTR, 0 },
+  { "HSTSREADFUNCTION", CURLOPT_HSTSREADFUNCTION, CURLOT_FUNCTION, 0 },
+  { "HSTSWRITEDATA", CURLOPT_HSTSWRITEDATA, CURLOT_CBPTR, 0 },
+  { "HSTSWRITEFUNCTION", CURLOPT_HSTSWRITEFUNCTION, CURLOT_FUNCTION, 0 },
+  { "HSTS_CTRL", CURLOPT_HSTS_CTRL, CURLOT_LONG, 0 },
+  { "HTTP09_ALLOWED", CURLOPT_HTTP09_ALLOWED, CURLOT_LONG, 0 },
+  { "HTTP200ALIASES", CURLOPT_HTTP200ALIASES, CURLOT_SLIST, 0 },
+  { "HTTPAUTH", CURLOPT_HTTPAUTH, CURLOT_VALUES, 0 },
+  { "HTTPGET", CURLOPT_HTTPGET, CURLOT_LONG, 0 },
+  { "HTTPHEADER", CURLOPT_HTTPHEADER, CURLOT_SLIST, 0 },
+  { "HTTPPOST", CURLOPT_HTTPPOST, CURLOT_OBJECT, 0 },
+  { "HTTPPROXYTUNNEL", CURLOPT_HTTPPROXYTUNNEL, CURLOT_LONG, 0 },
+  { "HTTP_CONTENT_DECODING", CURLOPT_HTTP_CONTENT_DECODING, CURLOT_LONG, 0 },
+  { "HTTP_TRANSFER_DECODING", CURLOPT_HTTP_TRANSFER_DECODING,
+    CURLOT_LONG, 0 },
+  { "HTTP_VERSION", CURLOPT_HTTP_VERSION, CURLOT_VALUES, 0 },
+  { "IGNORE_CONTENT_LENGTH", CURLOPT_IGNORE_CONTENT_LENGTH, CURLOT_LONG, 0 },
+  { "INFILE", CURLOPT_READDATA, CURLOT_CBPTR, CURLOT_FLAG_ALIAS },
+  { "INFILESIZE", CURLOPT_INFILESIZE, CURLOT_LONG, 0 },
+  { "INFILESIZE_LARGE", CURLOPT_INFILESIZE_LARGE, CURLOT_OFF_T, 0 },
+  { "INTERFACE", CURLOPT_INTERFACE, CURLOT_STRING, 0 },
+  { "INTERLEAVEDATA", CURLOPT_INTERLEAVEDATA, CURLOT_CBPTR, 0 },
+  { "INTERLEAVEFUNCTION", CURLOPT_INTERLEAVEFUNCTION, CURLOT_FUNCTION, 0 },
+  { "IOCTLDATA", CURLOPT_IOCTLDATA, CURLOT_CBPTR, 0 },
+  { "IOCTLFUNCTION", CURLOPT_IOCTLFUNCTION, CURLOT_FUNCTION, 0 },
+  { "IPRESOLVE", CURLOPT_IPRESOLVE, CURLOT_VALUES, 0 },
+  { "ISSUERCERT", CURLOPT_ISSUERCERT, CURLOT_STRING, 0 },
+  { "ISSUERCERT_BLOB", CURLOPT_ISSUERCERT_BLOB, CURLOT_BLOB, 0 },
+  { "KEEP_SENDING_ON_ERROR", CURLOPT_KEEP_SENDING_ON_ERROR, CURLOT_LONG, 0 },
+  { "KEYPASSWD", CURLOPT_KEYPASSWD, CURLOT_STRING, 0 },
+  { "KRB4LEVEL", CURLOPT_KRBLEVEL, CURLOT_STRING, CURLOT_FLAG_ALIAS },
+  { "KRBLEVEL", CURLOPT_KRBLEVEL, CURLOT_STRING, 0 },
+  { "LOCALPORT", CURLOPT_LOCALPORT, CURLOT_LONG, 0 },
+  { "LOCALPORTRANGE", CURLOPT_LOCALPORTRANGE, CURLOT_LONG, 0 },
+  { "LOGIN_OPTIONS", CURLOPT_LOGIN_OPTIONS, CURLOT_STRING, 0 },
+  { "LOW_SPEED_LIMIT", CURLOPT_LOW_SPEED_LIMIT, CURLOT_LONG, 0 },
+  { "LOW_SPEED_TIME", CURLOPT_LOW_SPEED_TIME, CURLOT_LONG, 0 },
+  { "MAIL_AUTH", CURLOPT_MAIL_AUTH, CURLOT_STRING, 0 },
+  { "MAIL_FROM", CURLOPT_MAIL_FROM, CURLOT_STRING, 0 },
+  { "MAIL_RCPT", CURLOPT_MAIL_RCPT, CURLOT_SLIST, 0 },
+  { "MAIL_RCPT_ALLLOWFAILS", CURLOPT_MAIL_RCPT_ALLOWFAILS,
+    CURLOT_LONG, CURLOT_FLAG_ALIAS },
+  { "MAIL_RCPT_ALLOWFAILS", CURLOPT_MAIL_RCPT_ALLOWFAILS, CURLOT_LONG, 0 },
+  { "MAXAGE_CONN", CURLOPT_MAXAGE_CONN, CURLOT_LONG, 0 },
+  { "MAXCONNECTS", CURLOPT_MAXCONNECTS, CURLOT_LONG, 0 },
+  { "MAXFILESIZE", CURLOPT_MAXFILESIZE, CURLOT_LONG, 0 },
+  { "MAXFILESIZE_LARGE", CURLOPT_MAXFILESIZE_LARGE, CURLOT_OFF_T, 0 },
+  { "MAXLIFETIME_CONN", CURLOPT_MAXLIFETIME_CONN, CURLOT_LONG, 0 },
+  { "MAXREDIRS", CURLOPT_MAXREDIRS, CURLOT_LONG, 0 },
+  { "MAX_RECV_SPEED_LARGE", CURLOPT_MAX_RECV_SPEED_LARGE, CURLOT_OFF_T, 0 },
+  { "MAX_SEND_SPEED_LARGE", CURLOPT_MAX_SEND_SPEED_LARGE, CURLOT_OFF_T, 0 },
+  { "MIMEPOST", CURLOPT_MIMEPOST, CURLOT_OBJECT, 0 },
+  { "MIME_OPTIONS", CURLOPT_MIME_OPTIONS, CURLOT_LONG, 0 },
+  { "NETRC", CURLOPT_NETRC, CURLOT_VALUES, 0 },
+  { "NETRC_FILE", CURLOPT_NETRC_FILE, CURLOT_STRING, 0 },
+  { "NEW_DIRECTORY_PERMS", CURLOPT_NEW_DIRECTORY_PERMS, CURLOT_LONG, 0 },
+  { "NEW_FILE_PERMS", CURLOPT_NEW_FILE_PERMS, CURLOT_LONG, 0 },
+  { "NOBODY", CURLOPT_NOBODY, CURLOT_LONG, 0 },
+  { "NOPROGRESS", CURLOPT_NOPROGRESS, CURLOT_LONG, 0 },
+  { "NOPROXY", CURLOPT_NOPROXY, CURLOT_STRING, 0 },
+  { "NOSIGNAL", CURLOPT_NOSIGNAL, CURLOT_LONG, 0 },
+  { "OPENSOCKETDATA", CURLOPT_OPENSOCKETDATA, CURLOT_CBPTR, 0 },
+  { "OPENSOCKETFUNCTION", CURLOPT_OPENSOCKETFUNCTION, CURLOT_FUNCTION, 0 },
+  { "PASSWORD", CURLOPT_PASSWORD, CURLOT_STRING, 0 },
+  { "PATH_AS_IS", CURLOPT_PATH_AS_IS, CURLOT_LONG, 0 },
+  { "PINNEDPUBLICKEY", CURLOPT_PINNEDPUBLICKEY, CURLOT_STRING, 0 },
+  { "PIPEWAIT", CURLOPT_PIPEWAIT, CURLOT_LONG, 0 },
+  { "PORT", CURLOPT_PORT, CURLOT_LONG, 0 },
+  { "POST", CURLOPT_POST, CURLOT_LONG, 0 },
+  { "POST301", CURLOPT_POSTREDIR, CURLOT_VALUES, CURLOT_FLAG_ALIAS },
+  { "POSTFIELDS", CURLOPT_POSTFIELDS, CURLOT_OBJECT, 0 },
+  { "POSTFIELDSIZE", CURLOPT_POSTFIELDSIZE, CURLOT_LONG, 0 },
+  { "POSTFIELDSIZE_LARGE", CURLOPT_POSTFIELDSIZE_LARGE, CURLOT_OFF_T, 0 },
+  { "POSTQUOTE", CURLOPT_POSTQUOTE, CURLOT_SLIST, 0 },
+  { "POSTREDIR", CURLOPT_POSTREDIR, CURLOT_VALUES, 0 },
+  { "PREQUOTE", CURLOPT_PREQUOTE, CURLOT_SLIST, 0 },
+  { "PREREQDATA", CURLOPT_PREREQDATA, CURLOT_CBPTR, 0 },
+  { "PREREQFUNCTION", CURLOPT_PREREQFUNCTION, CURLOT_FUNCTION, 0 },
+  { "PRE_PROXY", CURLOPT_PRE_PROXY, CURLOT_STRING, 0 },
+  { "PRIVATE", CURLOPT_PRIVATE, CURLOT_OBJECT, 0 },
+  { "PROGRESSDATA", CURLOPT_XFERINFODATA, CURLOT_CBPTR, CURLOT_FLAG_ALIAS },
+  { "PROGRESSFUNCTION", CURLOPT_PROGRESSFUNCTION, CURLOT_FUNCTION, 0 },
+  { "PROTOCOLS", CURLOPT_PROTOCOLS, CURLOT_LONG, 0 },
+  { "PROTOCOLS_STR", CURLOPT_PROTOCOLS_STR, CURLOT_STRING, 0 },
+  { "PROXY", CURLOPT_PROXY, CURLOT_STRING, 0 },
+  { "PROXYAUTH", CURLOPT_PROXYAUTH, CURLOT_VALUES, 0 },
+  { "PROXYHEADER", CURLOPT_PROXYHEADER, CURLOT_SLIST, 0 },
+  { "PROXYPASSWORD", CURLOPT_PROXYPASSWORD, CURLOT_STRING, 0 },
+  { "PROXYPORT", CURLOPT_PROXYPORT, CURLOT_LONG, 0 },
+  { "PROXYTYPE", CURLOPT_PROXYTYPE, CURLOT_VALUES, 0 },
+  { "PROXYUSERNAME", CURLOPT_PROXYUSERNAME, CURLOT_STRING, 0 },
+  { "PROXYUSERPWD", CURLOPT_PROXYUSERPWD, CURLOT_STRING, 0 },
+  { "PROXY_CAINFO", CURLOPT_PROXY_CAINFO, CURLOT_STRING, 0 },
+  { "PROXY_CAINFO_BLOB", CURLOPT_PROXY_CAINFO_BLOB, CURLOT_BLOB, 0 },
+  { "PROXY_CAPATH", CURLOPT_PROXY_CAPATH, CURLOT_STRING, 0 },
+  { "PROXY_CRLFILE", CURLOPT_PROXY_CRLFILE, CURLOT_STRING, 0 },
+  { "PROXY_ISSUERCERT", CURLOPT_PROXY_ISSUERCERT, CURLOT_STRING, 0 },
+  { "PROXY_ISSUERCERT_BLOB", CURLOPT_PROXY_ISSUERCERT_BLOB, CURLOT_BLOB, 0 },
+  { "PROXY_KEYPASSWD", CURLOPT_PROXY_KEYPASSWD, CURLOT_STRING, 0 },
+  { "PROXY_PINNEDPUBLICKEY", CURLOPT_PROXY_PINNEDPUBLICKEY,
+    CURLOT_STRING, 0 },
+  { "PROXY_SERVICE_NAME", CURLOPT_PROXY_SERVICE_NAME, CURLOT_STRING, 0 },
+  { "PROXY_SSLCERT", CURLOPT_PROXY_SSLCERT, CURLOT_STRING, 0 },
+  { "PROXY_SSLCERTTYPE", CURLOPT_PROXY_SSLCERTTYPE, CURLOT_STRING, 0 },
+  { "PROXY_SSLCERT_BLOB", CURLOPT_PROXY_SSLCERT_BLOB, CURLOT_BLOB, 0 },
+  { "PROXY_SSLKEY", CURLOPT_PROXY_SSLKEY, CURLOT_STRING, 0 },
+  { "PROXY_SSLKEYTYPE", CURLOPT_PROXY_SSLKEYTYPE, CURLOT_STRING, 0 },
+  { "PROXY_SSLKEY_BLOB", CURLOPT_PROXY_SSLKEY_BLOB, CURLOT_BLOB, 0 },
+  { "PROXY_SSLVERSION", CURLOPT_PROXY_SSLVERSION, CURLOT_VALUES, 0 },
+  { "PROXY_SSL_CIPHER_LIST", CURLOPT_PROXY_SSL_CIPHER_LIST,
+    CURLOT_STRING, 0 },
+  { "PROXY_SSL_OPTIONS", CURLOPT_PROXY_SSL_OPTIONS, CURLOT_LONG, 0 },
+  { "PROXY_SSL_VERIFYHOST", CURLOPT_PROXY_SSL_VERIFYHOST, CURLOT_LONG, 0 },
+  { "PROXY_SSL_VERIFYPEER", CURLOPT_PROXY_SSL_VERIFYPEER, CURLOT_LONG, 0 },
+  { "PROXY_TLS13_CIPHERS", CURLOPT_PROXY_TLS13_CIPHERS, CURLOT_STRING, 0 },
+  { "PROXY_TLSAUTH_PASSWORD", CURLOPT_PROXY_TLSAUTH_PASSWORD,
+    CURLOT_STRING, 0 },
+  { "PROXY_TLSAUTH_TYPE", CURLOPT_PROXY_TLSAUTH_TYPE, CURLOT_STRING, 0 },
+  { "PROXY_TLSAUTH_USERNAME", CURLOPT_PROXY_TLSAUTH_USERNAME,
+    CURLOT_STRING, 0 },
+  { "PROXY_TRANSFER_MODE", CURLOPT_PROXY_TRANSFER_MODE, CURLOT_LONG, 0 },
+  { "PUT", CURLOPT_PUT, CURLOT_LONG, 0 },
+  { "QUICK_EXIT", CURLOPT_QUICK_EXIT, CURLOT_LONG, 0 },
+  { "QUOTE", CURLOPT_QUOTE, CURLOT_SLIST, 0 },
+  { "RANDOM_FILE", CURLOPT_RANDOM_FILE, CURLOT_STRING, 0 },
+  { "RANGE", CURLOPT_RANGE, CURLOT_STRING, 0 },
+  { "READDATA", CURLOPT_READDATA, CURLOT_CBPTR, 0 },
+  { "READFUNCTION", CURLOPT_READFUNCTION, CURLOT_FUNCTION, 0 },
+  { "REDIR_PROTOCOLS", CURLOPT_REDIR_PROTOCOLS, CURLOT_LONG, 0 },
+  { "REDIR_PROTOCOLS_STR", CURLOPT_REDIR_PROTOCOLS_STR, CURLOT_STRING, 0 },
+  { "REFERER", CURLOPT_REFERER, CURLOT_STRING, 0 },
+  { "REQUEST_TARGET", CURLOPT_REQUEST_TARGET, CURLOT_STRING, 0 },
+  { "RESOLVE", CURLOPT_RESOLVE, CURLOT_SLIST, 0 },
+  { "RESOLVER_START_DATA", CURLOPT_RESOLVER_START_DATA, CURLOT_CBPTR, 0 },
+  { "RESOLVER_START_FUNCTION", CURLOPT_RESOLVER_START_FUNCTION,
+    CURLOT_FUNCTION, 0 },
+  { "RESUME_FROM", CURLOPT_RESUME_FROM, CURLOT_LONG, 0 },
+  { "RESUME_FROM_LARGE", CURLOPT_RESUME_FROM_LARGE, CURLOT_OFF_T, 0 },
+  { "RTSPHEADER", CURLOPT_HTTPHEADER, CURLOT_SLIST, CURLOT_FLAG_ALIAS },
+  { "RTSP_CLIENT_CSEQ", CURLOPT_RTSP_CLIENT_CSEQ, CURLOT_LONG, 0 },
+  { "RTSP_REQUEST", CURLOPT_RTSP_REQUEST, CURLOT_VALUES, 0 },
+  { "RTSP_SERVER_CSEQ", CURLOPT_RTSP_SERVER_CSEQ, CURLOT_LONG, 0 },
+  { "RTSP_SESSION_ID", CURLOPT_RTSP_SESSION_ID, CURLOT_STRING, 0 },
+  { "RTSP_STREAM_URI", CURLOPT_RTSP_STREAM_URI, CURLOT_STRING, 0 },
+  { "RTSP_TRANSPORT", CURLOPT_RTSP_TRANSPORT, CURLOT_STRING, 0 },
+  { "SASL_AUTHZID", CURLOPT_SASL_AUTHZID, CURLOT_STRING, 0 },
+  { "SASL_IR", CURLOPT_SASL_IR, CURLOT_LONG, 0 },
+  { "SEEKDATA", CURLOPT_SEEKDATA, CURLOT_CBPTR, 0 },
+  { "SEEKFUNCTION", CURLOPT_SEEKFUNCTION, CURLOT_FUNCTION, 0 },
+  { "SERVER_RESPONSE_TIMEOUT", CURLOPT_SERVER_RESPONSE_TIMEOUT,
+    CURLOT_LONG, 0 },
+  { "SERVER_RESPONSE_TIMEOUT_MS", CURLOPT_SERVER_RESPONSE_TIMEOUT_MS,
+    CURLOT_LONG, 0 },
+  { "SERVICE_NAME", CURLOPT_SERVICE_NAME, CURLOT_STRING, 0 },
+  { "SHARE", CURLOPT_SHARE, CURLOT_OBJECT, 0 },
+  { "SOCKOPTDATA", CURLOPT_SOCKOPTDATA, CURLOT_CBPTR, 0 },
+  { "SOCKOPTFUNCTION", CURLOPT_SOCKOPTFUNCTION, CURLOT_FUNCTION, 0 },
+  { "SOCKS5_AUTH", CURLOPT_SOCKS5_AUTH, CURLOT_LONG, 0 },
+  { "SOCKS5_GSSAPI_NEC", CURLOPT_SOCKS5_GSSAPI_NEC, CURLOT_LONG, 0 },
+  { "SOCKS5_GSSAPI_SERVICE", CURLOPT_SOCKS5_GSSAPI_SERVICE,
+    CURLOT_STRING, 0 },
+  { "SSH_AUTH_TYPES", CURLOPT_SSH_AUTH_TYPES, CURLOT_VALUES, 0 },
+  { "SSH_COMPRESSION", CURLOPT_SSH_COMPRESSION, CURLOT_LONG, 0 },
+  { "SSH_HOSTKEYDATA", CURLOPT_SSH_HOSTKEYDATA, CURLOT_CBPTR, 0 },
+  { "SSH_HOSTKEYFUNCTION", CURLOPT_SSH_HOSTKEYFUNCTION, CURLOT_FUNCTION, 0 },
+  { "SSH_HOST_PUBLIC_KEY_MD5", CURLOPT_SSH_HOST_PUBLIC_KEY_MD5,
+    CURLOT_STRING, 0 },
+  { "SSH_HOST_PUBLIC_KEY_SHA256", CURLOPT_SSH_HOST_PUBLIC_KEY_SHA256,
+    CURLOT_STRING, 0 },
+  { "SSH_KEYDATA", CURLOPT_SSH_KEYDATA, CURLOT_CBPTR, 0 },
+  { "SSH_KEYFUNCTION", CURLOPT_SSH_KEYFUNCTION, CURLOT_FUNCTION, 0 },
+  { "SSH_KNOWNHOSTS", CURLOPT_SSH_KNOWNHOSTS, CURLOT_STRING, 0 },
+  { "SSH_PRIVATE_KEYFILE", CURLOPT_SSH_PRIVATE_KEYFILE, CURLOT_STRING, 0 },
+  { "SSH_PUBLIC_KEYFILE", CURLOPT_SSH_PUBLIC_KEYFILE, CURLOT_STRING, 0 },
+  { "SSLCERT", CURLOPT_SSLCERT, CURLOT_STRING, 0 },
+  { "SSLCERTPASSWD", CURLOPT_KEYPASSWD, CURLOT_STRING, CURLOT_FLAG_ALIAS },
+  { "SSLCERTTYPE", CURLOPT_SSLCERTTYPE, CURLOT_STRING, 0 },
+  { "SSLCERT_BLOB", CURLOPT_SSLCERT_BLOB, CURLOT_BLOB, 0 },
+  { "SSLENGINE", CURLOPT_SSLENGINE, CURLOT_STRING, 0 },
+  { "SSLENGINE_DEFAULT", CURLOPT_SSLENGINE_DEFAULT, CURLOT_LONG, 0 },
+  { "SSLKEY", CURLOPT_SSLKEY, CURLOT_STRING, 0 },
+  { "SSLKEYPASSWD", CURLOPT_KEYPASSWD, CURLOT_STRING, CURLOT_FLAG_ALIAS },
+  { "SSLKEYTYPE", CURLOPT_SSLKEYTYPE, CURLOT_STRING, 0 },
+  { "SSLKEY_BLOB", CURLOPT_SSLKEY_BLOB, CURLOT_BLOB, 0 },
+  { "SSLVERSION", CURLOPT_SSLVERSION, CURLOT_VALUES, 0 },
+  { "SSL_CIPHER_LIST", CURLOPT_SSL_CIPHER_LIST, CURLOT_STRING, 0 },
+  { "SSL_CTX_DATA", CURLOPT_SSL_CTX_DATA, CURLOT_CBPTR, 0 },
+  { "SSL_CTX_FUNCTION", CURLOPT_SSL_CTX_FUNCTION, CURLOT_FUNCTION, 0 },
+  { "SSL_EC_CURVES", CURLOPT_SSL_EC_CURVES, CURLOT_STRING, 0 },
+  { "SSL_ENABLE_ALPN", CURLOPT_SSL_ENABLE_ALPN, CURLOT_LONG, 0 },
+  { "SSL_ENABLE_NPN", CURLOPT_SSL_ENABLE_NPN, CURLOT_LONG, 0 },
+  { "SSL_FALSESTART", CURLOPT_SSL_FALSESTART, CURLOT_LONG, 0 },
+  { "SSL_OPTIONS", CURLOPT_SSL_OPTIONS, CURLOT_VALUES, 0 },
+  { "SSL_SESSIONID_CACHE", CURLOPT_SSL_SESSIONID_CACHE, CURLOT_LONG, 0 },
+  { "SSL_SIGNATURE_ALGORITHMS", CURLOPT_SSL_SIGNATURE_ALGORITHMS,
+    CURLOT_STRING, 0 },
+  { "SSL_VERIFYHOST", CURLOPT_SSL_VERIFYHOST, CURLOT_LONG, 0 },
+  { "SSL_VERIFYPEER", CURLOPT_SSL_VERIFYPEER, CURLOT_LONG, 0 },
+  { "SSL_VERIFYSTATUS", CURLOPT_SSL_VERIFYSTATUS, CURLOT_LONG, 0 },
+  { "STDERR", CURLOPT_STDERR, CURLOT_OBJECT, 0 },
+  { "STREAM_DEPENDS", CURLOPT_STREAM_DEPENDS, CURLOT_OBJECT, 0 },
+  { "STREAM_DEPENDS_E", CURLOPT_STREAM_DEPENDS_E, CURLOT_OBJECT, 0 },
+  { "STREAM_WEIGHT", CURLOPT_STREAM_WEIGHT, CURLOT_LONG, 0 },
+  { "SUPPRESS_CONNECT_HEADERS", CURLOPT_SUPPRESS_CONNECT_HEADERS,
+    CURLOT_LONG, 0 },
+  { "TCP_FASTOPEN", CURLOPT_TCP_FASTOPEN, CURLOT_LONG, 0 },
+  { "TCP_KEEPALIVE", CURLOPT_TCP_KEEPALIVE, CURLOT_LONG, 0 },
+  { "TCP_KEEPCNT", CURLOPT_TCP_KEEPCNT, CURLOT_LONG, 0 },
+  { "TCP_KEEPIDLE", CURLOPT_TCP_KEEPIDLE, CURLOT_LONG, 0 },
+  { "TCP_KEEPINTVL", CURLOPT_TCP_KEEPINTVL, CURLOT_LONG, 0 },
+  { "TCP_NODELAY", CURLOPT_TCP_NODELAY, CURLOT_LONG, 0 },
+  { "TELNETOPTIONS", CURLOPT_TELNETOPTIONS, CURLOT_SLIST, 0 },
+  { "TFTP_BLKSIZE", CURLOPT_TFTP_BLKSIZE, CURLOT_LONG, 0 },
+  { "TFTP_NO_OPTIONS", CURLOPT_TFTP_NO_OPTIONS, CURLOT_LONG, 0 },
+  { "TIMECONDITION", CURLOPT_TIMECONDITION, CURLOT_VALUES, 0 },
+  { "TIMEOUT", CURLOPT_TIMEOUT, CURLOT_LONG, 0 },
+  { "TIMEOUT_MS", CURLOPT_TIMEOUT_MS, CURLOT_LONG, 0 },
+  { "TIMEVALUE", CURLOPT_TIMEVALUE, CURLOT_LONG, 0 },
+  { "TIMEVALUE_LARGE", CURLOPT_TIMEVALUE_LARGE, CURLOT_OFF_T, 0 },
+  { "TLS13_CIPHERS", CURLOPT_TLS13_CIPHERS, CURLOT_STRING, 0 },
+  { "TLSAUTH_PASSWORD", CURLOPT_TLSAUTH_PASSWORD, CURLOT_STRING, 0 },
+  { "TLSAUTH_TYPE", CURLOPT_TLSAUTH_TYPE, CURLOT_STRING, 0 },
+  { "TLSAUTH_USERNAME", CURLOPT_TLSAUTH_USERNAME, CURLOT_STRING, 0 },
+  { "TRAILERDATA", CURLOPT_TRAILERDATA, CURLOT_CBPTR, 0 },
+  { "TRAILERFUNCTION", CURLOPT_TRAILERFUNCTION, CURLOT_FUNCTION, 0 },
+  { "TRANSFERTEXT", CURLOPT_TRANSFERTEXT, CURLOT_LONG, 0 },
+  { "TRANSFER_ENCODING", CURLOPT_TRANSFER_ENCODING, CURLOT_LONG, 0 },
+  { "UNIX_SOCKET_PATH", CURLOPT_UNIX_SOCKET_PATH, CURLOT_STRING, 0 },
+  { "UNRESTRICTED_AUTH", CURLOPT_UNRESTRICTED_AUTH, CURLOT_LONG, 0 },
+  { "UPKEEP_INTERVAL_MS", CURLOPT_UPKEEP_INTERVAL_MS, CURLOT_LONG, 0 },
+  { "UPLOAD", CURLOPT_UPLOAD, CURLOT_LONG, 0 },
+  { "UPLOAD_BUFFERSIZE", CURLOPT_UPLOAD_BUFFERSIZE, CURLOT_LONG, 0 },
+  { "UPLOAD_FLAGS", CURLOPT_UPLOAD_FLAGS, CURLOT_LONG, 0 },
+  { "URL", CURLOPT_URL, CURLOT_STRING, 0 },
+  { "USERAGENT", CURLOPT_USERAGENT, CURLOT_STRING, 0 },
+  { "USERNAME", CURLOPT_USERNAME, CURLOT_STRING, 0 },
+  { "USERPWD", CURLOPT_USERPWD, CURLOT_STRING, 0 },
+  { "USE_SSL", CURLOPT_USE_SSL, CURLOT_VALUES, 0 },
+  { "VERBOSE", CURLOPT_VERBOSE, CURLOT_LONG, 0 },
+  { "WILDCARDMATCH", CURLOPT_WILDCARDMATCH, CURLOT_LONG, 0 },
+  { "WRITEDATA", CURLOPT_WRITEDATA, CURLOT_CBPTR, 0 },
+  { "WRITEFUNCTION", CURLOPT_WRITEFUNCTION, CURLOT_FUNCTION, 0 },
+  { "WRITEHEADER", CURLOPT_HEADERDATA, CURLOT_CBPTR, CURLOT_FLAG_ALIAS },
+  { "WS_OPTIONS", CURLOPT_WS_OPTIONS, CURLOT_LONG, 0 },
+  { "XFERINFODATA", CURLOPT_XFERINFODATA, CURLOT_CBPTR, 0 },
+  { "XFERINFOFUNCTION", CURLOPT_XFERINFOFUNCTION, CURLOT_FUNCTION, 0 },
+  { "XOAUTH2_BEARER", CURLOPT_XOAUTH2_BEARER, CURLOT_STRING, 0 },
+  { NULL, CURLOPT_LASTENTRY, CURLOT_LONG, 0 } /* end of table */
 };
 
 #ifdef DEBUGBUILD
diff --git a/lib/escape.c b/lib/escape.c
index 04b46f7a9e..3e49701bcb 100644
--- a/lib/escape.c
+++ b/lib/escape.c
@@ -52,8 +52,7 @@ char *curl_unescape(const char *string, int length)
 /* Escapes for URL the given unescaped string of given length.
  * 'data' is ignored since 7.82.0.
  */
-char *curl_easy_escape(CURL *data, const char *string,
-                       int inlength)
+char *curl_easy_escape(CURL *data, const char *string, int inlength)
 {
   size_t length;
   struct dynbuf d;
@@ -79,7 +78,7 @@ char *curl_easy_escape(CURL *data, const char *string,
     }
     else {
       /* encode it */
-      unsigned char out[3]={'%'};
+      unsigned char out[3] = { '%' };
       Curl_hexbyte(&out[1], in);
       if(curlx_dyn_addn(&d, out, 3))
         return NULL;
@@ -163,8 +162,7 @@ CURLcode Curl_urldecode(const char *string, size_t length,
  * If olen == NULL, no output length is stored.
  * 'data' is ignored since 7.82.0.
  */
-char *curl_easy_unescape(CURL *data, const char *string,
-                         int length, int *olen)
+char *curl_easy_unescape(CURL *data, const char *string, int length, int *olen)
 {
   char *str = NULL;
   (void)data;
@@ -177,7 +175,7 @@ char *curl_easy_unescape(CURL *data, const char *string,
       return NULL;
 
     if(olen) {
-      if(outputlen <= (size_t) INT_MAX)
+      if(outputlen <= (size_t)INT_MAX)
         *olen = curlx_uztosi(outputlen);
       else
         /* too large to return in an int, fail! */
diff --git a/lib/fake_addrinfo.c b/lib/fake_addrinfo.c
index 7d5da09ead..f771c29009 100644
--- a/lib/fake_addrinfo.c
+++ b/lib/fake_addrinfo.c
@@ -181,8 +181,7 @@ int r_getaddrinfo(const char *node,
     }
   }
 
-  ares_getaddrinfo(channel, node, service, &ahints,
-                   async_addrinfo_cb, &ctx);
+  ares_getaddrinfo(channel, node, service, &ahints, async_addrinfo_cb, &ctx);
 
   /* Wait until no more requests are left to be processed */
   ares_queue_wait_empty(channel, -1);
diff --git a/lib/file.c b/lib/file.c
index 2f30a0297c..0f96957126 100644
--- a/lib/file.c
+++ b/lib/file.c
@@ -127,7 +127,6 @@ const struct Curl_handler Curl_handler_file = {
   PROTOPT_NONETWORK | PROTOPT_NOURLQUERY /* flags */
 };
 
-
 static void file_cleanup(struct FILEPROTO *file)
 {
   Curl_safefree(file->freepath);
@@ -332,7 +331,7 @@ static CURLcode file_upload(struct Curl_easy *data,
   if(!dir[1])
     return CURLE_FILE_COULDNT_READ_FILE; /* fix: better error code */
 
-  mode = O_WRONLY|O_CREAT|CURL_O_BINARY;
+  mode = O_WRONLY | O_CREAT | CURL_O_BINARY;
   if(data->state.resume_from)
     mode |= O_APPEND;
   else
@@ -478,7 +477,7 @@ static CURLcode file_do(struct Curl_easy *data, bool *done)
     const struct tm *tm = &buffer;
     char header[80];
     int headerlen;
-    static const char accept_ranges[]= { "Accept-ranges: bytes\r\n" };
+    static const char accept_ranges[] = { "Accept-ranges: bytes\r\n" };
     if(expected_size >= 0) {
       headerlen =
         curl_msnprintf(header, sizeof(header),
@@ -502,7 +501,7 @@ static CURLcode file_do(struct Curl_easy *data, bool *done)
     headerlen =
       curl_msnprintf(header, sizeof(header),
                      "Last-Modified: %s, %02d %s %4d %02d:%02d:%02d GMT\r\n",
-                     Curl_wkday[tm->tm_wday ? tm->tm_wday-1 : 6],
+                     Curl_wkday[tm->tm_wday ? tm->tm_wday - 1 : 6],
                      tm->tm_mday,
                      Curl_month[tm->tm_mon],
                      tm->tm_year + 1900,
@@ -568,10 +567,10 @@ static CURLcode file_do(struct Curl_easy *data, bool *done)
     if(!S_ISDIR(statbuf.st_mode)) {
 #ifdef __AMIGA__
       if(data->state.resume_from !=
-          lseek(fd, (off_t)data->state.resume_from, SEEK_SET))
+         lseek(fd, (off_t)data->state.resume_from, SEEK_SET))
 #else
       if(data->state.resume_from !=
-          lseek(fd, data->state.resume_from, SEEK_SET))
+         lseek(fd, data->state.resume_from, SEEK_SET))
 #endif
         return CURLE_BAD_DOWNLOAD_RESUME;
     }
@@ -591,11 +590,11 @@ static CURLcode file_do(struct Curl_easy *data, bool *done)
       size_t bytestoread;
 
       if(size_known) {
-        bytestoread = (expected_size < (curl_off_t)(xfer_blen-1)) ?
-          curlx_sotouz(expected_size) : (xfer_blen-1);
+        bytestoread = (expected_size < (curl_off_t)(xfer_blen - 1)) ?
+          curlx_sotouz(expected_size) : (xfer_blen - 1);
       }
       else
-        bytestoread = xfer_blen-1;
+        bytestoread = xfer_blen - 1;
 
       nread = read(fd, xfer_buf, bytestoread);
 
diff --git a/lib/formdata.c b/lib/formdata.c
index d4bfed89be..e51bf14b63 100644
--- a/lib/formdata.c
+++ b/lib/formdata.c
@@ -41,13 +41,13 @@ struct Curl_easy;
 #include "curlx/warnless.h"
 
 
-#define HTTPPOST_PTRNAME CURL_HTTPPOST_PTRNAME
-#define HTTPPOST_FILENAME CURL_HTTPPOST_FILENAME
+#define HTTPPOST_PTRNAME     CURL_HTTPPOST_PTRNAME
+#define HTTPPOST_FILENAME    CURL_HTTPPOST_FILENAME
 #define HTTPPOST_PTRCONTENTS CURL_HTTPPOST_PTRCONTENTS
-#define HTTPPOST_READFILE CURL_HTTPPOST_READFILE
-#define HTTPPOST_PTRBUFFER CURL_HTTPPOST_PTRBUFFER
-#define HTTPPOST_CALLBACK CURL_HTTPPOST_CALLBACK
-#define HTTPPOST_BUFFER CURL_HTTPPOST_BUFFER
+#define HTTPPOST_READFILE    CURL_HTTPPOST_READFILE
+#define HTTPPOST_PTRBUFFER   CURL_HTTPPOST_PTRBUFFER
+#define HTTPPOST_CALLBACK    CURL_HTTPPOST_CALLBACK
+#define HTTPPOST_BUFFER      CURL_HTTPPOST_BUFFER
 
 /***************************************************************************
  *
@@ -59,11 +59,10 @@ struct Curl_easy;
  * Returns newly allocated HttpPost on success and NULL if malloc failed.
  *
  ***************************************************************************/
-static struct curl_httppost *
-AddHttpPost(struct FormInfo *src,
-            struct curl_httppost *parent_post,
-            struct curl_httppost **httppost,
-            struct curl_httppost **last_post)
+static struct curl_httppost *AddHttpPost(struct FormInfo *src,
+                                         struct curl_httppost *parent_post,
+                                         struct curl_httppost **httppost,
+                                         struct curl_httppost **last_post)
 {
   struct curl_httppost *post;
   size_t namelength = src->namelength;
@@ -227,21 +226,19 @@ static CURLFORMcode FormAddCheck(struct FormInfo *first_form,
   /* go through the list, check for completeness and if everything is
    * alright add the HttpPost item otherwise set retval accordingly */
 
-  for(form = first_form;
-      form != NULL;
-      form = form->more) {
+  for(form = first_form; form != NULL; form = form->more) {
     if(((!form->name || !form->value) && !post) ||
-       ( (form->contentslength) &&
-         (form->flags & HTTPPOST_FILENAME) ) ||
-       ( (form->flags & HTTPPOST_FILENAME) &&
-         (form->flags & HTTPPOST_PTRCONTENTS) ) ||
+       (form->contentslength &&
+        (form->flags & HTTPPOST_FILENAME)) ||
+       ((form->flags & HTTPPOST_FILENAME) &&
+        (form->flags & HTTPPOST_PTRCONTENTS)) ||
 
-       ( (!form->buffer) &&
-         (form->flags & HTTPPOST_BUFFER) &&
-         (form->flags & HTTPPOST_PTRBUFFER) ) ||
+       (!form->buffer &&
+        (form->flags & HTTPPOST_BUFFER) &&
+        (form->flags & HTTPPOST_PTRBUFFER)) ||
 
-       ( (form->flags & HTTPPOST_READFILE) &&
-         (form->flags & HTTPPOST_PTRCONTENTS) )
+       ((form->flags & HTTPPOST_READFILE) &&
+        (form->flags & HTTPPOST_PTRCONTENTS))
       ) {
       return CURL_FORMADD_INCOMPLETE;
     }
@@ -285,7 +282,7 @@ static CURLFORMcode FormAddCheck(struct FormInfo *first_form,
                         HTTPPOST_PTRCONTENTS | HTTPPOST_PTRBUFFER |
                         HTTPPOST_CALLBACK)) && form->value) {
       /* copy value (without strdup; possibly contains null characters) */
-      size_t clen = (size_t) form->contentslength;
+      size_t clen = (size_t)form->contentslength;
       if(!clen)
         clen = strlen(form->value) + 1;
 
@@ -321,10 +318,8 @@ static void free_chain(struct curl_httppost *c)
   }
 }
 
-static
-CURLFORMcode FormAdd(struct curl_httppost **httppost,
-                     struct curl_httppost **last_post,
-                     va_list params)
+static CURLFORMcode FormAdd(struct curl_httppost **httppost,
+                            struct curl_httppost **last_post, va_list params)
 {
   struct FormInfo *first_form, *curr, *form = NULL;
   CURLFORMcode retval = CURL_FORMADD_OK;
@@ -442,13 +437,12 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
     case CURLFORM_CONTENTLEN:
       curr->flags |= CURL_HTTPPOST_LARGE;
       curr->contentslength =
-        array_state ? (curl_off_t)(size_t)avalue :
-        va_arg(params, curl_off_t);
+        array_state ? (curl_off_t)(size_t)avalue : va_arg(params, curl_off_t);
       break;
 
       /* Get contents from a given filename */
     case CURLFORM_FILECONTENT:
-      if(curr->flags & (HTTPPOST_PTRCONTENTS|HTTPPOST_READFILE))
+      if(curr->flags & (HTTPPOST_PTRCONTENTS | HTTPPOST_READFILE))
         retval = CURL_FORMADD_OPTION_TWICE;
       else {
         if(!array_state)
@@ -513,7 +507,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
       break;
 
     case CURLFORM_BUFFERPTR:
-      curr->flags |= HTTPPOST_PTRBUFFER|HTTPPOST_BUFFER;
+      curr->flags |= HTTPPOST_PTRBUFFER | HTTPPOST_BUFFER;
       if(curr->buffer)
         retval = CURL_FORMADD_OPTION_TWICE;
       else {
@@ -597,21 +591,20 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
       }
       break;
 
-    case CURLFORM_CONTENTHEADER:
-      {
-        /* this "cast increases required alignment of target type" but
-           we consider it OK anyway */
-        struct curl_slist *list = array_state ?
-          (struct curl_slist *)(void *)avalue :
-          va_arg(params, struct curl_slist *);
+    case CURLFORM_CONTENTHEADER: {
+      /* this "cast increases required alignment of target type" but
+         we consider it OK anyway */
+      struct curl_slist *list = array_state ?
+        (struct curl_slist *)(void *)avalue :
+        va_arg(params, struct curl_slist *);
 
-        if(curr->contentheader)
-          retval = CURL_FORMADD_OPTION_TWICE;
-        else
-          curr->contentheader = list;
+      if(curr->contentheader)
+        retval = CURL_FORMADD_OPTION_TWICE;
+      else
+        curr->contentheader = list;
 
-        break;
-      }
+      break;
+    }
     case CURLFORM_FILENAME:
     case CURLFORM_BUFFER:
       if(!array_state)
@@ -672,8 +665,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
  */
 
 CURLFORMcode curl_formadd(struct curl_httppost **httppost,
-                          struct curl_httppost **last_post,
-                          ...)
+                          struct curl_httppost **last_post, ...)
 {
   va_list arg;
   CURLFORMcode result;
@@ -717,7 +709,7 @@ int curl_formget(struct curl_httppost *form, void *arg,
   }
 
   Curl_mime_cleanpart(&toppart);
-  return (int) result;
+  return (int)result;
 }
 
 /*
@@ -741,8 +733,7 @@ void curl_formfree(struct curl_httppost *form)
     if(!(form->flags & HTTPPOST_PTRNAME))
       curlx_free(form->name); /* free the name */
     if(!(form->flags &
-         (HTTPPOST_PTRCONTENTS|HTTPPOST_BUFFER|HTTPPOST_CALLBACK))
-      )
+         (HTTPPOST_PTRCONTENTS | HTTPPOST_BUFFER | HTTPPOST_CALLBACK)))
       curlx_free(form->contents); /* free the contents */
     curlx_free(form->contenttype); /* free the content type */
     curlx_free(form->showfilename); /* free the faked filename */
@@ -751,7 +742,6 @@ void curl_formfree(struct curl_httppost *form)
   } while(form); /* continue */
 }
 
-
 /* Set mime part name, taking care of non null-terminated name string. */
 static CURLcode setname(curl_mimepart *part, const char *name, size_t len)
 {
@@ -893,7 +883,7 @@ CURLcode Curl_getformdata(CURL *data,
       /* Set fake filename. */
       if(!result && post->showfilename)
         if(post->more || (post->flags & (HTTPPOST_FILENAME | HTTPPOST_BUFFER |
-                                        HTTPPOST_CALLBACK)))
+                                         HTTPPOST_CALLBACK)))
           result = curl_mime_filename(part, post->showfilename);
     }
   }
@@ -907,8 +897,7 @@ CURLcode Curl_getformdata(CURL *data,
 #else
 /* if disabled */
 CURLFORMcode curl_formadd(struct curl_httppost **httppost,
-                          struct curl_httppost **last_post,
-                          ...)
+                          struct curl_httppost **last_post, ...)
 {
   (void)httppost;
   (void)last_post;
@@ -930,4 +919,4 @@ void curl_formfree(struct curl_httppost *form)
   /* Nothing to do. */
 }
 
-#endif  /* if disabled */
+#endif /* if disabled */
diff --git a/lib/formdata.h b/lib/formdata.h
index 74f00bf4fc..e80b83bbf4 100644
--- a/lib/formdata.h
+++ b/lib/formdata.h
@@ -55,5 +55,4 @@ CURLcode Curl_getformdata(CURL *data,
                           curl_read_callback fread_func);
 #endif /* CURL_DISABLE_FORM_API */
 
-
 #endif /* HEADER_CURL_FORMDATA_H */
diff --git a/lib/ftp.c b/lib/ftp.c
index b2b15a89dc..49f042c7c4 100644
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -88,11 +88,11 @@
 #define LASTLINE(line) (STATUSCODE(line) && (' ' == line[3]))
 
 #ifdef CURL_DISABLE_VERBOSE_STRINGS
-#define ftp_pasv_verbose(a,b,c,d)  Curl_nop_stmt
-#define FTP_CSTATE(c)   ((void)(c), "")
+#define ftp_pasv_verbose(a, b, c, d)  Curl_nop_stmt
+#define FTP_CSTATE(c)  ((void)(c), "")
 #else /* CURL_DISABLE_VERBOSE_STRINGS */
   /* for tracing purposes */
-static const char * const ftp_state_names[]={
+static const char * const ftp_state_names[] = {
   "STOP",
   "WAIT220",
   "AUTH",
@@ -131,7 +131,7 @@ static const char * const ftp_state_names[]={
   "STOR",
   "QUIT"
 };
-#define FTP_CSTATE(ftpc)   ((ftpc)? ftp_state_names[(ftpc)->state] : "???")
+#define FTP_CSTATE(ftpc)   ((ftpc) ? ftp_state_names[(ftpc)->state] : "???")
 
 #endif /* !CURL_DISABLE_VERBOSE_STRINGS */
 
@@ -163,12 +163,11 @@ static void ftp_state_low(struct Curl_easy *data,
   ftpc->state = newstate;
 }
 
-
 /* Local API functions */
 #ifndef DEBUGBUILD
-#define ftp_state(x,y,z) ftp_state_low(x,y,z)
+#define ftp_state(x, y, z) ftp_state_low(x, y, z)
 #else /* !DEBUGBUILD */
-#define ftp_state(x,y,z) ftp_state_low(x,y,z,__LINE__)
+#define ftp_state(x, y, z) ftp_state_low(x, y, z, __LINE__)
 #endif /* DEBUGBUILD */
 
 static CURLcode ftp_sendquote(struct Curl_easy *data,
@@ -270,7 +269,6 @@ const struct Curl_handler Curl_handler_ftp = {
   PROTOPT_CONN_REUSE /* flags */
 };
 
-
 #ifdef USE_SSL
 /*
  * FTPS protocol handler.
@@ -490,7 +488,7 @@ static CURLcode ftp_check_ctrl_on_data_wait(struct Curl_easy *data,
 
     infof(data, "FTP code: %03d", ftpcode);
 
-    if(ftpcode/100 > 3)
+    if(ftpcode / 100 > 3)
       return CURLE_FTP_ACCEPT_FAILED;
 
     return CURLE_WEIRD_SERVER_REPLY;
@@ -762,8 +760,8 @@ static CURLcode ftp_domore_pollset(struct Curl_easy *data,
     /* if stopped and still in this state, then we are also waiting for a
        connect on the secondary connection */
     DEBUGASSERT(data->conn->sock[SECONDARYSOCKET] != CURL_SOCKET_BAD ||
-               (data->conn->cfilter[SECONDARYSOCKET] &&
-                !Curl_conn_is_connected(data->conn, SECONDARYSOCKET)));
+                (data->conn->cfilter[SECONDARYSOCKET] &&
+                 !Curl_conn_is_connected(data->conn, SECONDARYSOCKET)));
     /* An unconnected SECONDARY will add its socket by itself
      * via its adjust_pollset() */
     return Curl_pollset_add_in(data, ps, data->conn->sock[FIRSTSOCKET]);
@@ -782,7 +780,7 @@ static const char *pathpiece(struct ftp_conn *ftpc, int num)
 {
   DEBUGASSERT(ftpc->dirs);
   DEBUGASSERT(ftpc->dirdepth > num);
-  return &ftpc->rawpath[ ftpc->dirs[num].start ];
+  return &ftpc->rawpath[ftpc->dirs[num].start];
 }
 
 /* This is called after the FTP_QUOTE state is passed.
@@ -953,7 +951,7 @@ static CURLcode ftp_state_use_port(struct Curl_easy *data,
 
     if(addrlen) {
       const struct Curl_sockaddr_ex *remote_addr =
-       Curl_conn_get_remote_addr(data, FIRSTSOCKET);
+        Curl_conn_get_remote_addr(data, FIRSTSOCKET);
 
       DEBUGASSERT(remote_addr);
       if(!remote_addr)
@@ -971,15 +969,15 @@ static CURLcode ftp_state_use_port(struct Curl_easy *data,
                         conn->scope_id,
 #endif
                         ipstr, hbuf, sizeof(hbuf))) {
-        case IF2IP_NOT_FOUND:
-          /* not an interface, use the given string as hostname instead */
-          host = ipstr;
-          break;
-        case IF2IP_AF_NOT_SUPPORTED:
-          goto out;
-        case IF2IP_FOUND:
-          host = hbuf; /* use the hbuf for hostname */
-          break;
+      case IF2IP_NOT_FOUND:
+        /* not an interface, use the given string as hostname instead */
+        host = ipstr;
+        break;
+      case IF2IP_AF_NOT_SUPPORTED:
+        goto out;
+      case IF2IP_FOUND:
+        host = hbuf; /* use the hbuf for hostname */
+        break;
       }
     }
     else
@@ -1060,7 +1058,7 @@ static CURLcode ftp_state_use_port(struct Curl_easy *data,
       sa6->sin6_port = htons(port);
 #endif
     /* Try binding the given address. */
-    if(bind(portsock, sa, sslen) ) {
+    if(bind(portsock, sa, sslen)) {
       /* It failed. */
       error = SOCKERRNO;
       if(possibly_non_local && (error == SOCKEADDRNOTAVAIL)) {
@@ -1501,7 +1499,6 @@ static CURLcode ftp_state_mdtm(struct Curl_easy *data,
   return result;
 }
 
-
 /* This is called after the TYPE and possible quote commands have been sent */
 static CURLcode ftp_state_ul_setup(struct Curl_easy *data,
                                    struct ftp_conn *ftpc,
@@ -1554,7 +1551,7 @@ static CURLcode ftp_state_ul_setup(struct Curl_easy *data,
       }
       /* seekerr == CURL_SEEKFUNC_CANTSEEK (cannot seek to offset) */
       do {
-        char scratch[4*1024];
+        char scratch[4 * 1024];
         size_t readthisamountnow =
           (data->state.resume_from - passed > (curl_off_t)sizeof(scratch)) ?
           sizeof(scratch) :
@@ -1752,7 +1749,6 @@ static CURLcode ftp_epsv_disable(struct Curl_easy *data,
   return result;
 }
 
-
 static CURLcode ftp_control_addr_dup(struct Curl_easy *data,
                                      char **newhostp)
 {
@@ -1810,8 +1806,7 @@ static CURLcode ftp_state_pasv_resp(struct Curl_easy *data,
   struct pingpong *pp = &ftpc->pp;
   char *newhost = NULL;
   unsigned short newport = 0;
-  char *str =
-    curlx_dyn_ptr(&pp->recvbuf) + 4; /* start on the first letter */
+  char *str = curlx_dyn_ptr(&pp->recvbuf) + 4; /* start on the first letter */
 
   if((ftpc->count1 == 0) &&
      (ftpcode == 229)) {
@@ -1872,8 +1867,7 @@ static CURLcode ftp_state_pasv_resp(struct Curl_easy *data,
       /* told to ignore the remotely given IP but instead use the host we used
          for the control connection */
       infof(data, "Skip %u.%u.%u.%u for data connection, reuse %s instead",
-            ip[0], ip[1], ip[2], ip[3],
-            conn->host.name);
+            ip[0], ip[1], ip[2], ip[3], conn->host.name);
       result = ftp_control_addr_dup(data, &newhost);
       if(result)
         return result;
@@ -2024,7 +2018,7 @@ static CURLcode ftp_state_port_resp(struct Curl_easy *data,
 
 static int twodigit(const char *p)
 {
-  return (p[0]-'0') * 10 + (p[1]-'0');
+  return (p[0] - '0') * 10 + (p[1] - '0');
 }
 
 static bool ftp_213_date(const char *p, int *year, int *month, int *day,
@@ -2079,27 +2073,26 @@ static CURLcode ftp_state_mdtm_resp(struct Curl_easy *data,
   CURLcode result = CURLE_OK;
 
   switch(ftpcode) {
-  case 213:
-    {
-      /* we got a time. Format should be: "YYYYMMDDHHMMSS[.sss]" where the
-         last .sss part is optional and means fractions of a second */
-      int year, month, day, hour, minute, second;
-      struct pingpong *pp = &ftpc->pp;
-      char *resp = curlx_dyn_ptr(&pp->recvbuf) + 4;
-      bool showtime = FALSE;
-      if(ftp_213_date(resp, &year, &month, &day, &hour, &minute, &second)) {
-        /* we have a time, reformat it */
-        char timebuf[24];
-        curl_msnprintf(timebuf, sizeof(timebuf),
-                       "%04d%02d%02d %02d:%02d:%02d GMT",
-                       year, month, day, hour, minute, second);
-        /* now, convert this into a time() value: */
-        if(!Curl_getdate_capped(timebuf, &data->info.filetime))
-          showtime = TRUE;
-      }
+  case 213: {
+    /* we got a time. Format should be: "YYYYMMDDHHMMSS[.sss]" where the
+       last .sss part is optional and means fractions of a second */
+    int year, month, day, hour, minute, second;
+    struct pingpong *pp = &ftpc->pp;
+    char *resp = curlx_dyn_ptr(&pp->recvbuf) + 4;
+    bool showtime = FALSE;
+    if(ftp_213_date(resp, &year, &month, &day, &hour, &minute, &second)) {
+      /* we have a time, reformat it */
+      char timebuf[24];
+      curl_msnprintf(timebuf, sizeof(timebuf),
+                     "%04d%02d%02d %02d:%02d:%02d GMT",
+                     year, month, day, hour, minute, second);
+      /* now, convert this into a time() value: */
+      if(!Curl_getdate_capped(timebuf, &data->info.filetime))
+        showtime = TRUE;
+    }
 
-      /* If we asked for a time of the file and we actually got one as well,
-         we "emulate" an HTTP-style header in our output. */
+    /* If we asked for a time of the file and we actually got one as well,
+       we "emulate" an HTTP-style header in our output. */
 
 #if defined(__GNUC__) && (defined(__DJGPP__) || defined(__AMIGA__))
 #pragma GCC diagnostic push
@@ -2107,38 +2100,38 @@ static CURLcode ftp_state_mdtm_resp(struct Curl_easy *data,
    warning: comparison of unsigned expression in '>= 0' is always true */
 #pragma GCC diagnostic ignored "-Wtype-limits"
 #endif
-      if(data->req.no_body && ftpc->file &&
-         data->set.get_filetime && showtime) {
+    if(data->req.no_body && ftpc->file &&
+       data->set.get_filetime && showtime) {
 #if defined(__GNUC__) && (defined(__DJGPP__) || defined(__AMIGA__))
 #pragma GCC diagnostic pop
 #endif
-        char headerbuf[128];
-        int headerbuflen;
-        time_t filetime = data->info.filetime;
-        struct tm buffer;
-        const struct tm *tm = &buffer;
+      char headerbuf[128];
+      int headerbuflen;
+      time_t filetime = data->info.filetime;
+      struct tm buffer;
+      const struct tm *tm = &buffer;
 
-        result = Curl_gmtime(filetime, &buffer);
-        if(result)
-          return result;
+      result = Curl_gmtime(filetime, &buffer);
+      if(result)
+        return result;
 
-        /* format: "Tue, 15 Nov 1994 12:45:26" */
-        headerbuflen =
-          curl_msnprintf(headerbuf, sizeof(headerbuf),
-                         "Last-Modified: %s, %02d %s %4d %02d:%02d:%02d "
-                         "GMT\r\n",
-                         Curl_wkday[tm->tm_wday ? tm->tm_wday-1 : 6],
-                         tm->tm_mday,
-                         Curl_month[tm->tm_mon],
-                         tm->tm_year + 1900,
-                         tm->tm_hour,
-                         tm->tm_min,
-                         tm->tm_sec);
-        result = client_write_header(data, headerbuf, headerbuflen);
-        if(result)
-          return result;
-      } /* end of a ridiculous amount of conditionals */
-    }
+      /* format: "Tue, 15 Nov 1994 12:45:26" */
+      headerbuflen =
+        curl_msnprintf(headerbuf, sizeof(headerbuf),
+                       "Last-Modified: %s, %02d %s %4d %02d:%02d:%02d "
+                       "GMT\r\n",
+                       Curl_wkday[tm->tm_wday ? tm->tm_wday-1 : 6],
+                       tm->tm_mday,
+                       Curl_month[tm->tm_mon],
+                       tm->tm_year + 1900,
+                       tm->tm_hour,
+                       tm->tm_min,
+                       tm->tm_sec);
+      result = client_write_header(data, headerbuf, headerbuflen);
+      if(result)
+        return result;
+    } /* end of a ridiculous amount of conditionals */
+  }
     break;
   default:
     infof(data, "unsupported MDTM reply format");
@@ -2194,7 +2187,7 @@ static CURLcode ftp_state_type_resp(struct Curl_easy *data,
 {
   CURLcode result = CURLE_OK;
 
-  if(ftpcode/100 != 2) {
+  if(ftpcode / 100 != 2) {
     /* "sasserftpd" and "(u)r(x)bot ftpd" both responds with 226 after a
        successful 'TYPE I'. While that is not as RFC959 says, it is still a
        positive response code and we allow that. */
@@ -2267,7 +2260,7 @@ static CURLcode ftp_state_retr(struct Curl_easy *data,
           return CURLE_BAD_DOWNLOAD_RESUME;
         }
         /* Now store the number of bytes we are expected to download */
-        ftp->downloadsize = filesize-data->state.resume_from;
+        ftp->downloadsize = filesize - data->state.resume_from;
       }
     }
 
@@ -2378,7 +2371,7 @@ static CURLcode ftp_state_rest_resp(struct Curl_easy *data,
   case FTP_REST:
   default:
     if(ftpcode == 350) {
-      char buffer[24]= { "Accept-ranges: bytes\r\n" };
+      char buffer[24] = { "Accept-ranges: bytes\r\n" };
       result = client_write_header(data, buffer, strlen(buffer));
       if(result)
         return result;
@@ -2590,12 +2583,11 @@ static CURLcode ftp_state_user_resp(struct Curl_easy *data,
   if((ftpcode == 331) && (ftpc->state == FTP_USER)) {
     /* 331 Password required for ...
        (the server requires to send the user's password too) */
-    result = Curl_pp_sendf(data, &ftpc->pp, "PASS %s",
-                           data->conn->passwd);
+    result = Curl_pp_sendf(data, &ftpc->pp, "PASS %s", data->conn->passwd);
     if(!result)
       ftp_state(data, ftpc, FTP_PASS);
   }
-  else if(ftpcode/100 == 2) {
+  else if(ftpcode / 100 == 2) {
     /* 230 User ... logged in.
        (the user logged in with or without password) */
     result = ftp_state_loggedin(data, ftpc);
@@ -2621,9 +2613,8 @@ static CURLcode ftp_state_user_resp(struct Curl_easy *data,
     if(data->set.str[STRING_FTP_ALTERNATIVE_TO_USER] &&
        !ftpc->ftp_trying_alternative) {
       /* Ok, USER failed. Let's try the supplied command. */
-      result =
-        Curl_pp_sendf(data, &ftpc->pp, "%s",
-                      data->set.str[STRING_FTP_ALTERNATIVE_TO_USER]);
+      result = Curl_pp_sendf(data, &ftpc->pp, "%s",
+                             data->set.str[STRING_FTP_ALTERNATIVE_TO_USER]);
       if(!result) {
         ftpc->ftp_trying_alternative = TRUE;
         ftp_state(data, ftpc, FTP_USER);
@@ -2789,8 +2780,7 @@ static CURLcode ftp_wait_resp(struct Curl_easy *data,
             (int)data->set.ftpsslauth);
       return CURLE_UNKNOWN_OPTION; /* we do not know what to do */
     }
-    result = Curl_pp_sendf(data, &ftpc->pp, "AUTH %s",
-                           ftpauth[ftpc->count1]);
+    result = Curl_pp_sendf(data, &ftpc->pp, "AUTH %s", ftpauth[ftpc->count1]);
     if(!result)
       ftp_state(data, ftpc, FTP_AUTH);
   }
@@ -2890,10 +2880,9 @@ static CURLcode ftp_pp_statemachine(struct Curl_easy *data,
     break;
 
   case FTP_PROT:
-    if(ftpcode/100 == 2)
+    if(ftpcode / 100 == 2)
       /* We have enabled SSL for the data connection! */
-      conn->bits.ftp_use_data_ssl =
-        (data->set.use_ssl != CURLUSESSL_CONTROL);
+      conn->bits.ftp_use_data_ssl = (data->set.use_ssl != CURLUSESSL_CONTROL);
     /* FTP servers typically responds with 500 if they decide to reject
        our 'P' request */
     else if(data->set.use_ssl > CURLUSESSL_CONTROL)
@@ -3005,7 +2994,7 @@ static CURLcode ftp_pp_statemachine(struct Curl_easy *data,
     break;
 
   case FTP_CWD:
-    if(ftpcode/100 != 2) {
+    if(ftpcode / 100 != 2) {
       /* failure to CWD there */
       if(data->set.ftp_create_missing_dirs &&
          ftpc->cwdcount && !ftpc->count2) {
@@ -3047,7 +3036,7 @@ static CURLcode ftp_pp_statemachine(struct Curl_easy *data,
     break;
 
   case FTP_MKD:
-    if((ftpcode/100 != 2) && !ftpc->count3--) {
+    if((ftpcode / 100 != 2) && !ftpc->count3--) {
       /* failure to MKD the directory */
       failf(data, "Failed to MKD dir: %03d", ftpcode);
       result = CURLE_REMOTE_ACCESS_DENIED;
@@ -3120,7 +3109,6 @@ static CURLcode ftp_pp_statemachine(struct Curl_easy *data,
   return result;
 }
 
-
 /* called repeatedly until done from multi.c */
 static CURLcode ftp_statemach(struct Curl_easy *data,
                               struct ftp_conn *ftpc,
@@ -3419,10 +3407,9 @@ static CURLcode ftp_done(struct Curl_easy *data, CURLcode status,
  *
  * BLOCKING
  */
-static
-CURLcode ftp_sendquote(struct Curl_easy *data,
-                       struct ftp_conn *ftpc,
-                       struct curl_slist *quote)
+static CURLcode ftp_sendquote(struct Curl_easy *data,
+                              struct ftp_conn *ftpc,
+                              struct curl_slist *quote)
 {
   struct curl_slist *item;
   struct pingpong *pp = &ftpc->pp;
@@ -3913,8 +3900,7 @@ static CURLcode wc_statemach(struct Curl_easy *data,
         Curl_set_in_callback(data, FALSE);
         switch(userresponse) {
         case CURL_CHUNK_BGN_FUNC_SKIP:
-          infof(data, "Wildcard - \"%s\" skipped by user",
-                finfo->filename);
+          infof(data, "Wildcard - \"%s\" skipped by user", finfo->filename);
           wildcard->state = CURLWC_SKIP;
           continue;
         case CURL_CHUNK_BGN_FUNC_FAIL:
@@ -4130,10 +4116,9 @@ static size_t numof_slashes(const char *str)
  * Parse the URL path into separate path components.
  *
  */
-static
-CURLcode ftp_parse_url_path(struct Curl_easy *data,
-                            struct ftp_conn *ftpc,
-                            struct FTP *ftp)
+static CURLcode ftp_parse_url_path(struct Curl_easy *data,
+                                   struct ftp_conn *ftpc,
+                                   struct FTP *ftp)
 {
   const char *slashPos = NULL;
   const char *fileName = NULL;
@@ -4155,78 +4140,78 @@ CURLcode ftp_parse_url_path(struct Curl_easy *data,
   rawPath = ftpc->rawpath;
 
   switch(data->set.ftp_filemethod) {
-    case FTPFILE_NOCWD: /* fastest, but less standard-compliant */
+  case FTPFILE_NOCWD: /* fastest, but less standard-compliant */
 
-      if((pathLen > 0) && (rawPath[pathLen - 1] != '/'))
-        fileName = rawPath;  /* this is a full file path */
-      /*
-        else: ftpc->file is not used anywhere other than for operations on
-              a file. In other words, never for directory operations.
-              So we can safely leave filename as NULL here and use it as a
-              argument in dir/file decisions.
-      */
-      break;
+    if((pathLen > 0) && (rawPath[pathLen - 1] != '/'))
+      fileName = rawPath;  /* this is a full file path */
+    /*
+      else: ftpc->file is not used anywhere other than for operations on
+            a file. In other words, never for directory operations.
+            So we can safely leave filename as NULL here and use it as a
+            argument in dir/file decisions.
+    */
+    break;
 
-    case FTPFILE_SINGLECWD:
-      slashPos = strrchr(rawPath, '/');
-      if(slashPos) {
-        /* get path before last slash, except for / */
-        size_t dirlen = slashPos - rawPath;
-        if(dirlen == 0)
-          dirlen = 1;
+  case FTPFILE_SINGLECWD:
+    slashPos = strrchr(rawPath, '/');
+    if(slashPos) {
+      /* get path before last slash, except for / */
+      size_t dirlen = slashPos - rawPath;
+      if(dirlen == 0)
+        dirlen = 1;
 
-        ftpc->dirs = curlx_calloc(1, sizeof(ftpc->dirs[0]));
-        if(!ftpc->dirs)
-          return CURLE_OUT_OF_MEMORY;
+      ftpc->dirs = curlx_calloc(1, sizeof(ftpc->dirs[0]));
+      if(!ftpc->dirs)
+        return CURLE_OUT_OF_MEMORY;
 
-        ftpc->dirs[0].start = 0;
-        ftpc->dirs[0].len = (int)dirlen;
-        ftpc->dirdepth = 1; /* we consider it to be a single directory */
-        fileName = slashPos + 1; /* rest is filename */
-      }
-      else
-        fileName = rawPath; /* filename only (or empty) */
-      break;
-
-    default: /* allow pretty much anything */
-    case FTPFILE_MULTICWD: {
-      /* current position: begin of next path component */
-      const char *curPos = rawPath;
-
-      /* number of entries to allocate for the 'dirs' array */
-      size_t dirAlloc = numof_slashes(rawPath);
-
-      if(dirAlloc >= FTP_MAX_DIR_DEPTH)
-        /* suspiciously deep directory hierarchy */
-        return CURLE_URL_MALFORMAT;
-
-      if(dirAlloc) {
-        ftpc->dirs = curlx_calloc(dirAlloc, sizeof(ftpc->dirs[0]));
-        if(!ftpc->dirs)
-          return CURLE_OUT_OF_MEMORY;
-
-        /* parse the URL path into separate path components */
-        while(dirAlloc--) {
-          const char *spos = strchr(curPos, '/');
-          size_t clen = spos - curPos;
-
-          /* path starts with a slash: add that as a directory */
-          if(!clen && (ftpc->dirdepth == 0))
-            ++clen;
-
-          /* we skip empty path components, like "x//y" since the FTP command
-             CWD requires a parameter and a non-existent parameter a) does not
-             work on many servers and b) has no effect on the others. */
-          if(clen) {
-            ftpc->dirs[ftpc->dirdepth].start = (int)(curPos - rawPath);
-            ftpc->dirs[ftpc->dirdepth].len = (int)clen;
-            ftpc->dirdepth++;
-          }
-          curPos = spos + 1;
-        }
-      }
-      fileName = curPos; /* the rest is the filename (or empty) */
+      ftpc->dirs[0].start = 0;
+      ftpc->dirs[0].len = (int)dirlen;
+      ftpc->dirdepth = 1; /* we consider it to be a single directory */
+      fileName = slashPos + 1; /* rest is filename */
     }
+    else
+      fileName = rawPath; /* filename only (or empty) */
+    break;
+
+  default: /* allow pretty much anything */
+  case FTPFILE_MULTICWD: {
+    /* current position: begin of next path component */
+    const char *curPos = rawPath;
+
+    /* number of entries to allocate for the 'dirs' array */
+    size_t dirAlloc = numof_slashes(rawPath);
+
+    if(dirAlloc >= FTP_MAX_DIR_DEPTH)
+      /* suspiciously deep directory hierarchy */
+      return CURLE_URL_MALFORMAT;
+
+    if(dirAlloc) {
+      ftpc->dirs = curlx_calloc(dirAlloc, sizeof(ftpc->dirs[0]));
+      if(!ftpc->dirs)
+        return CURLE_OUT_OF_MEMORY;
+
+      /* parse the URL path into separate path components */
+      while(dirAlloc--) {
+        const char *spos = strchr(curPos, '/');
+        size_t clen = spos - curPos;
+
+        /* path starts with a slash: add that as a directory */
+        if(!clen && (ftpc->dirdepth == 0))
+          ++clen;
+
+        /* we skip empty path components, like "x//y" since the FTP command
+           CWD requires a parameter and a non-existent parameter a) does not
+           work on many servers and b) has no effect on the others. */
+        if(clen) {
+          ftpc->dirs[ftpc->dirdepth].start = (int)(curPos - rawPath);
+          ftpc->dirs[ftpc->dirdepth].len = (int)clen;
+          ftpc->dirdepth++;
+        }
+        curPos = spos + 1;
+      }
+    }
+    fileName = curPos; /* the rest is the filename (or empty) */
+  }
     break;
   } /* switch */
 
@@ -4327,11 +4312,10 @@ static CURLcode ftp_doing(struct Curl_easy *data,
  * ftp->ctl_valid starts out as FALSE, and gets set to TRUE if we reach the
  * ftp_done() function without finding any major problem.
  */
-static
-CURLcode ftp_regular_transfer(struct Curl_easy *data,
-                              struct ftp_conn *ftpc,
-                              struct FTP *ftp,
-                              bool *dophase_done)
+static CURLcode ftp_regular_transfer(struct Curl_easy *data,
+                                     struct ftp_conn *ftpc,
+                                     struct FTP *ftp,
+                                     bool *dophase_done)
 {
   CURLcode result = CURLE_OK;
   bool connected = FALSE;
diff --git a/lib/ftplistparser.c b/lib/ftplistparser.c
index b62fa47f65..5a11946137 100644
--- a/lib/ftplistparser.c
+++ b/lib/ftplistparser.c
@@ -215,7 +215,6 @@ struct ftp_parselist_data *Curl_ftp_parselist_data_alloc(void)
   return curlx_calloc(1, sizeof(struct ftp_parselist_data));
 }
 
-
 void Curl_ftp_parselist_data_free(struct ftp_parselist_data **parserp)
 {
   struct ftp_parselist_data *parser = *parserp;
@@ -225,13 +224,11 @@ void Curl_ftp_parselist_data_free(struct ftp_parselist_data **parserp)
   *parserp = NULL;
 }
 
-
 CURLcode Curl_ftp_parselist_geterror(struct ftp_parselist_data *pl_data)
 {
   return pl_data->error;
 }
 
-
 #define FTP_LP_MALFORMATED_PERM 0x01000000
 
 static unsigned int ftp_pl_get_permission(const char *str)
@@ -284,7 +281,7 @@ static unsigned int ftp_pl_get_permission(const char *str)
   if(str[7] == 'w')
     permissions |= 1 << 1;
   else if(str[7] != '-')
-      permissions |= FTP_LP_MALFORMATED_PERM;
+    permissions |= FTP_LP_MALFORMATED_PERM;
   if(str[8] == 'x')
     permissions |= 1;
   else if(str[8] == 't') {
@@ -430,7 +427,6 @@ static CURLcode parse_unix_totalsize(struct ftp_parselist_data *parser,
       }
       else
         return CURLE_FTP_BAD_FILE_LIST;
-
     }
     break;
   }
@@ -487,7 +483,7 @@ static CURLcode parse_unix_hlinks(struct ftp_parselist_data *parser,
     }
     break;
   case PL_UNIX_HLINKS_NUMBER:
-    parser->item_length ++;
+    parser->item_length++;
     if(c == ' ') {
       const char *p = &mem[parser->item_offset];
       curl_off_t hlinks;
@@ -623,7 +619,7 @@ static CURLcode parse_unix_time(struct ftp_parselist_data *parser,
   case PL_UNIX_TIME_PREPART1:
     if(c != ' ') {
       if(ISALNUM(c) && len) {
-        parser->item_offset = len -1;
+        parser->item_offset = len - 1;
         parser->item_length = 1;
         parser->state.UNIX.sub.time = PL_UNIX_TIME_PART1;
       }
@@ -668,7 +664,7 @@ static CURLcode parse_unix_time(struct ftp_parselist_data *parser,
   case PL_UNIX_TIME_PART3:
     parser->item_length++;
     if(c == ' ') {
-      mem[parser->item_offset + parser->item_length -1] = 0;
+      mem[parser->item_offset + parser->item_length - 1] = 0;
       parser->offsets.time = parser->item_offset;
       if(finfo->filetype == CURLFILETYPE_SYMLINK) {
         parser->state.UNIX.main = PL_UNIX_SYMLINK;
@@ -924,7 +920,7 @@ static CURLcode parse_winnt(struct Curl_easy *data,
     case PL_WINNT_TIME_TIME:
       if(c == ' ') {
         parser->offsets.time = parser->item_offset;
-        mem[parser->item_offset + parser->item_length -1] = 0;
+        mem[parser->item_offset + parser->item_length - 1] = 0;
         parser->state.NT.main = PL_WINNT_DIRORSIZE;
         parser->state.NT.sub.dirorsize = PL_WINNT_DIRORSIZE_PRESPACE;
         parser->item_length = 0;
@@ -944,7 +940,7 @@ static CURLcode parse_winnt(struct Curl_easy *data,
       }
       break;
     case PL_WINNT_DIRORSIZE_CONTENT:
-      parser->item_length ++;
+      parser->item_length++;
       if(c == ' ') {
         mem[parser->item_offset + parser->item_length - 1] = 0;
         if(strcmp("", mem + parser->item_offset) == 0) {
@@ -972,7 +968,7 @@ static CURLcode parse_winnt(struct Curl_easy *data,
     switch(parser->state.NT.sub.filename) {
     case PL_WINNT_FILENAME_PRESPACE:
       if(c != ' ' && len) {
-        parser->item_offset = len -1;
+        parser->item_offset = len - 1;
         parser->item_length = 1;
         parser->state.NT.sub.filename = PL_WINNT_FILENAME_CONTENT;
       }
@@ -1020,7 +1016,7 @@ static CURLcode parse_winnt(struct Curl_easy *data,
 size_t Curl_ftp_parselist(char *buffer, size_t size, size_t nmemb,
                           void *connptr)
 {
-  size_t bufflen = size*nmemb;
+  size_t bufflen = size * nmemb;
   struct Curl_easy *data = (struct Curl_easy *)connptr;
   struct ftp_wc *ftpwc = data->wildcard->ftpwc;
   struct ftp_parselist_data *parser = ftpwc->parser;
diff --git a/lib/getinfo.c b/lib/getinfo.c
index 14244d087b..13e9622d33 100644
--- a/lib/getinfo.c
+++ b/lib/getinfo.c
@@ -128,7 +128,7 @@ static CURLcode getinfo_char(struct Curl_easy *data, CURLINFO info,
     *param_charp = data->info.contenttype;
     break;
   case CURLINFO_PRIVATE:
-    *param_charp = (char *) data->set.private_data;
+    *param_charp = (char *)data->set.private_data;
     break;
   case CURLINFO_FTP_ENTRY_PATH:
     /* Return the entrypath string from the most recent connection.
@@ -375,7 +375,7 @@ static CURLcode getinfo_long(struct Curl_easy *data, CURLINFO info,
   return CURLE_OK;
 }
 
-#define DOUBLE_SECS(x) (double)(x)/1000000
+#define DOUBLE_SECS(x) (double)(x) / 1000000
 
 static CURLcode getinfo_offt(struct Curl_easy *data, CURLINFO info,
                              curl_off_t *param_offt)
@@ -577,20 +577,19 @@ static CURLcode getinfo_slist(struct Curl_easy *data, CURLINFO info,
     *param_slistp = ptr.to_slist;
     break;
   case CURLINFO_TLS_SESSION:
-  case CURLINFO_TLS_SSL_PTR:
-    {
-      struct curl_tlssessioninfo **tsip = (struct curl_tlssessioninfo **)
-                                          param_slistp;
-      struct curl_tlssessioninfo *tsi = &data->tsi;
+  case CURLINFO_TLS_SSL_PTR: {
+    struct curl_tlssessioninfo **tsip = (struct curl_tlssessioninfo **)
+                                        param_slistp;
+    struct curl_tlssessioninfo *tsi = &data->tsi;
 
-      /* we are exposing a pointer to internal memory with unknown
-       * lifetime here. */
-      *tsip = tsi;
-      if(!Curl_conn_get_ssl_info(data, data->conn, FIRSTSOCKET, tsi)) {
-        tsi->backend = Curl_ssl_backend();
-        tsi->internals = NULL;
-      }
+    /* we are exposing a pointer to internal memory with unknown
+     * lifetime here. */
+    *tsip = tsi;
+    if(!Curl_conn_get_ssl_info(data, data->conn, FIRSTSOCKET, tsi)) {
+      tsi->backend = Curl_ssl_backend();
+      tsi->internals = NULL;
     }
+  }
     break;
   default:
     return CURLE_UNKNOWN_OPTION;
diff --git a/lib/optiontable.pl b/lib/optiontable.pl
index 43fbd39d3b..54b86d72e1 100755
--- a/lib/optiontable.pl
+++ b/lib/optiontable.pl
@@ -131,19 +131,19 @@ for my $name (sort @names) {
         $name = $alias{$name};
         $flag = "CURLOT_FLAG_ALIAS";
     }
-    my $o = sprintf("  {\"%s\", %s, %s, %s},\n",
+    my $o = sprintf("  { \"%s\", %s, %s, %s },\n",
                     $oname, $opt{$name}, $type{$name}, $flag);
     if(length($o) < 80) {
         print $o;
     }
     else {
-        printf("  {\"%s\", %s,\n   %s, %s},\n",
-                 $oname, $opt{$name}, $type{$name}, $flag);
+        printf("  { \"%s\", %s,\n    %s, %s },\n",
+               $oname, $opt{$name}, $type{$name}, $flag);
     }
 }
 
 print <
Date: Tue, 2 Dec 2025 14:26:31 +0100
Subject: [PATCH 1104/2408] pytest: improve stragglers

A fix for the tests that took the longest:
- test_05: make the server close the HTTP/1.1 connection when
  simulating an error during a download. This eliminates waiting
  for a keepalive timeout
- test_02: pause tests with slightly smaller documents, eliminate
  special setup for HTTP/2. We test stream window handling now
  elsewhere already
- cli_hx_download: run look in 500ms steps instead of 1sec, resuming
  paused tranfers earlier.

Closes #19809
---
 docs/libcurl/libcurl-env-dbg.md               |  5 ----
 lib/http2.c                                   | 23 --------------
 tests/http/test_02_download.py                | 30 ++-----------------
 .../http/testenv/mod_curltest/mod_curltest.c  |  4 +++
 tests/libtest/cli_hx_download.c               |  2 +-
 5 files changed, 7 insertions(+), 57 deletions(-)

diff --git a/docs/libcurl/libcurl-env-dbg.md b/docs/libcurl/libcurl-env-dbg.md
index 3fcc1935d5..ce6b480ae3 100644
--- a/docs/libcurl/libcurl-env-dbg.md
+++ b/docs/libcurl/libcurl-env-dbg.md
@@ -164,8 +164,3 @@ Make a blocking, graceful shutdown of all remaining connections when
 a multi handle is destroyed. This implicitly triggers for easy handles
 that are run via easy_perform. The value of the environment variable
 gives the shutdown timeout in milliseconds.
-
-## `CURL_H2_STREAM_WIN_MAX`
-
-Set to a positive 32-bit number to override the HTTP/2 stream window's
-default of 10MB. Used in testing to verify correct window update handling.
diff --git a/lib/http2.c b/lib/http2.c
index e75d7431e7..38c7d82785 100644
--- a/lib/http2.c
+++ b/lib/http2.c
@@ -111,9 +111,6 @@ struct cf_h2_ctx {
   uint32_t goaway_error;        /* goaway error code from server */
   int32_t remote_max_sid;       /* max id processed by server */
   int32_t local_max_sid;        /* max id processed by us */
-#ifdef DEBUGBUILD
-  int32_t stream_win_max;       /* max h2 stream window size */
-#endif
   BIT(initialized);
   BIT(via_h1_upgrade);
   BIT(conn_closed);
@@ -139,18 +136,6 @@ static void cf_h2_ctx_init(struct cf_h2_ctx *ctx, bool via_h1_upgrade)
   Curl_uint32_hash_init(&ctx->streams, 63, h2_stream_hash_free);
   ctx->remote_max_sid = 2147483647;
   ctx->via_h1_upgrade = via_h1_upgrade;
-#ifdef DEBUGBUILD
-  {
-    const char *p = getenv("CURL_H2_STREAM_WIN_MAX");
-
-    ctx->stream_win_max = H2_STREAM_WINDOW_SIZE_MAX;
-    if(p) {
-      curl_off_t l;
-      if(!curlx_str_number(&p, &l, INT_MAX))
-        ctx->stream_win_max = (int32_t)l;
-    }
-  }
-#endif
   ctx->initialized = TRUE;
 }
 
@@ -330,15 +315,7 @@ static int32_t cf_h2_get_desired_local_win(struct Curl_cfilter *cf,
     else if(avail < INT32_MAX)
       return (int32_t)avail;
   }
-#ifdef DEBUGBUILD
-  {
-    struct cf_h2_ctx *ctx = cf->ctx;
-    CURL_TRC_CF(data, cf, "stream_win_max=%d", ctx->stream_win_max);
-    return ctx->stream_win_max;
-  }
-#else
   return H2_STREAM_WINDOW_SIZE_MAX;
-#endif
 }
 
 static CURLcode cf_h2_update_local_win(struct Curl_cfilter *cf,
diff --git a/tests/http/test_02_download.py b/tests/http/test_02_download.py
index 9fbc116caf..269ff6cf26 100644
--- a/tests/http/test_02_download.py
+++ b/tests/http/test_02_download.py
@@ -277,12 +277,10 @@ class TestDownload:
 
     # download serial via lib client, pause/resume at different offsets
     @pytest.mark.parametrize("pause_offset", [0, 10*1024, 100*1023, 640000])
-    @pytest.mark.parametrize("proto", ['http/1.1', 'h3'])
+    @pytest.mark.parametrize("proto", Env.http_protos())
     def test_02_21_lib_serial(self, env: Env, httpd, nghttpx, proto, pause_offset):
-        if proto == 'h3' and not env.have_h3():
-            pytest.skip("h3 not supported")
         count = 2
-        docname = 'data-10m'
+        docname = 'data-1m'
         url = f'https://localhost:{env.https_port}/{docname}'
         client = LocalClient(name='cli_hx_download', env=env)
         if not client.exists():
@@ -294,30 +292,6 @@ class TestDownload:
         srcfile = os.path.join(httpd.docs_dir, docname)
         self.check_downloads(client, srcfile, count)
 
-    # h2 download parallel via lib client, pause/resume at different offsets
-    # debug-override stream window size to reproduce #16955
-    @pytest.mark.parametrize("pause_offset", [0, 10*1024, 100*1023, 640000])
-    @pytest.mark.parametrize("swin_max", [0, 10*1024])
-    @pytest.mark.skipif(condition=not Env.have_h2_curl(), reason="curl without h2")
-    def test_02_21_h2_lib_serial(self, env: Env, httpd, pause_offset, swin_max):
-        proto = 'h2'
-        count = 2
-        docname = 'data-10m'
-        url = f'https://localhost:{env.https_port}/{docname}'
-        run_env = os.environ.copy()
-        run_env['CURL_DEBUG'] = 'multi,http/2'
-        if swin_max > 0:
-            run_env['CURL_H2_STREAM_WIN_MAX'] = f'{swin_max}'
-        client = LocalClient(name='cli_hx_download', env=env, run_env=run_env)
-        if not client.exists():
-            pytest.skip(f'example client not built: {client.name}')
-        r = client.run(args=[
-             '-n', f'{count}', '-P', f'{pause_offset}', '-V', proto, url
-        ])
-        r.check_exit_code(0)
-        srcfile = os.path.join(httpd.docs_dir, docname)
-        self.check_downloads(client, srcfile, count)
-
     # download via lib client, several at a time, pause/resume
     @pytest.mark.parametrize("pause_offset", [100*1023])
     @pytest.mark.parametrize("proto", Env.http_protos())
diff --git a/tests/http/testenv/mod_curltest/mod_curltest.c b/tests/http/testenv/mod_curltest/mod_curltest.c
index b45fd95286..76ce5f4597 100644
--- a/tests/http/testenv/mod_curltest/mod_curltest.c
+++ b/tests/http/testenv/mod_curltest/mod_curltest.c
@@ -570,6 +570,10 @@ cleanup:
     APR_BRIGADE_INSERT_TAIL(bb, b);
     ap_pass_brigade(r->output_filters, bb);
   }
+  if(rv == APR_ECONNRESET) {
+    r->connection->aborted = 1;
+    return rv;
+  }
   return AP_FILTER_ERROR;
 }
 
diff --git a/tests/libtest/cli_hx_download.c b/tests/libtest/cli_hx_download.c
index 2a36144123..d139ea28f7 100644
--- a/tests/libtest/cli_hx_download.c
+++ b/tests/libtest/cli_hx_download.c
@@ -449,7 +449,7 @@ static CURLcode test_cli_hx_download(const char *URL)
 
     if(still_running) {
       /* wait for activity, timeout or "nothing" */
-      mc = curl_multi_poll(multi, NULL, 0, 1000, NULL);
+      mc = curl_multi_poll(multi, NULL, 0, 500, NULL);
     }
 
     if(mc)

From aba3c63ae8323e68149417d1a56ea7b43b842814 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Mon, 1 Dec 2025 12:48:55 +0100
Subject: [PATCH 1105/2408] pytest: fix and improve reliability

Address issues listed in #19770:
- allow for ngttpx to successfully shut down on last attempt that might
  extend beyond the finish timestamp
- timeline checks: allos `time_starttransfer` to appear anywhere in
  the timeline as a slow client might seen response data before setting
  the other counters
- dump logs on test_05_02 as it was not reproduced locally

Fixes #19970
Closes #19783
---
 tests/http/test_01_basic.py   |  5 +++--
 tests/http/test_05_errors.py  |  4 ++--
 tests/http/testenv/curl.py    | 11 +++++++++--
 tests/http/testenv/nghttpx.py |  2 +-
 4 files changed, 15 insertions(+), 7 deletions(-)

diff --git a/tests/http/test_01_basic.py b/tests/http/test_01_basic.py
index 14a8dec957..eb328ea733 100644
--- a/tests/http/test_01_basic.py
+++ b/tests/http/test_01_basic.py
@@ -308,13 +308,14 @@ class TestBasic:
         url = f'https://{env.authority_for(env.domain1, proto)}/curltest/echo'
         r = curl.http_download(urls=[url], alpn_proto=proto, with_stats=True,
                                extra_args=['-X', method])
-        assert len(r.stats) == 1
         if proto == 'h2' or proto == 'h3':
-            r.check_response(http_status=0)
+            # h2+3 may close the connection for such invalid requests
             re_m = re.compile(r'.*\[:method: ([^\]]+)\].*')
             lines = [line for line in r.trace_lines if re_m.match(line)]
             assert len(lines) == 1, f'{r.dump_logs()}'
             m = re_m.match(lines[0])
             assert m.group(1) == method, f'{r.dump_logs()}'
         else:
+            # h1 should give us a real response
+            assert len(r.stats) == 1
             r.check_response(http_status=400)
diff --git a/tests/http/test_05_errors.py b/tests/http/test_05_errors.py
index 258b7f11d5..102b92e202 100644
--- a/tests/http/test_05_errors.py
+++ b/tests/http/test_05_errors.py
@@ -73,8 +73,8 @@ class TestErrors:
         invalid_stats = []
         for idx, s in enumerate(r.stats):
             if 'exitcode' not in s or s['exitcode'] not in [18, 55, 56, 92, 95]:
-                invalid_stats.append(f'request {idx} exit with {s["exitcode"]}\n{s}')
-        assert len(invalid_stats) == 0, f'failed: {invalid_stats}'
+                invalid_stats.append(f'request {idx} exit with {s["exitcode"]}\n{r.dump_logs()}')
+        assert len(invalid_stats) == 0, f'failed: {invalid_stats}\n{r.dump_logs()}'
 
     # access a resource that, on h2, RST the stream with HTTP_1_1_REQUIRED
     @pytest.mark.skipif(condition=not Env.have_h2_curl(), reason="curl without h2")
diff --git a/tests/http/testenv/curl.py b/tests/http/testenv/curl.py
index e486715fa7..f54170baba 100644
--- a/tests/http/testenv/curl.py
+++ b/tests/http/testenv/curl.py
@@ -525,6 +525,7 @@ class ExecResult:
         }
         # stat keys where we expect a positive value
         ref_tl = []
+        somewhere_keys = []
         exact_match = True
         # redirects mess up the queue time, only count without
         if s['time_redirect'] == 0:
@@ -542,10 +543,13 @@ class ExecResult:
         # what kind of transfer was it?
         if s['size_upload'] == 0 and s['size_download'] > 0:
             # this is a download
-            dl_tl = ['time_pretransfer', 'time_starttransfer']
+            dl_tl = ['time_pretransfer']
             if s['size_request'] > 0:
                 dl_tl = ['time_posttransfer'] + dl_tl
             ref_tl += dl_tl
+            # the first byte of the response may arrive before we
+            # track the other times when the client is slow (CI).
+            somewhere_keys = ['time_starttransfer']
         elif s['size_upload'] > 0 and s['size_download'] == 0:
             # this is an upload
             ul_tl = ['time_pretransfer', 'time_posttransfer']
@@ -561,11 +565,14 @@ class ExecResult:
             self.check_stat_positive(s, idx, key)
         if exact_match:
             # assert all events not in reference timeline are 0
-            for key in [key for key in all_keys if key not in ref_tl]:
+            for key in [key for key in all_keys if key not in ref_tl and key not in somewhere_keys]:
                 self.check_stat_zero(s, key)
         # calculate the timeline that did happen
         seen_tl = sorted(ref_tl, key=lambda ts: s[ts])
         assert seen_tl == ref_tl, f'{[f"{ts}: {s[ts]}" for ts in seen_tl]}'
+        for key in somewhere_keys:
+            self.check_stat_positive(s, idx, key)
+            assert s[key] <= s['time_total']
 
     def dump_logs(self):
         lines = ['>>--stdout ----------------------------------------------\n']
diff --git a/tests/http/testenv/nghttpx.py b/tests/http/testenv/nghttpx.py
index 6db888b901..106766fc0f 100644
--- a/tests/http/testenv/nghttpx.py
+++ b/tests/http/testenv/nghttpx.py
@@ -138,7 +138,7 @@ class Nghttpx:
                 except subprocess.TimeoutExpired:
                     log.warning(f'nghttpx({running.pid}), not shut down yet.')
                     os.kill(running.pid, signal.SIGQUIT)
-            if datetime.now() >= end_wait:
+            if running and datetime.now() >= end_wait:
                 log.error(f'nghttpx({running.pid}), terminate forcefully.')
                 os.kill(running.pid, signal.SIGKILL)
                 running.terminate()

From d993d46eb14234e36a15288d25dccc6107a6733f Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 3 Dec 2025 03:06:39 +0100
Subject: [PATCH 1106/2408] GHA/windows: install MSYS2 c-ares only when used

Closes #19820
---
 .github/workflows/windows.yml | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml
index d4019ed176..d2e97851fc 100644
--- a/.github/workflows/windows.yml
+++ b/.github/workflows/windows.yml
@@ -204,8 +204,8 @@ jobs:
           - { build: 'autotools', sys: 'msys'      , env: 'x86_64'       , tflags: ''       , config: '--with-openssl', install: 'openssl-devel libssh2-devel', name: 'default R' }
           # MinGW
           - { build: 'autotools', sys: 'mingw64'   , env: 'x86_64'       , tflags: 'skiprun', config: '--enable-debug --with-openssl --disable-threaded-resolver --disable-curldebug --enable-static=no --without-zlib CPPFLAGS=-D_WIN32_WINNT=0x0501', install: 'mingw-w64-x86_64-openssl mingw-w64-x86_64-libssh2', name: 'default XP' }
-          - { build: 'autotools', sys: 'mingw64'   , env: 'x86_64'       , tflags: ''       , config: '--enable-debug --with-openssl --enable-windows-unicode --enable-ares --with-openssl-quic --enable-shared=no', install: 'mingw-w64-x86_64-openssl mingw-w64-x86_64-nghttp3 mingw-w64-x86_64-libssh2', name: 'c-ares U' }
-          - { build: 'cmake'    , sys: 'mingw64'   , env: 'x86_64'       , tflags: ''       , config: '-DENABLE_DEBUG=ON  -DBUILD_SHARED_LIBS=OFF -DCURL_USE_SCHANNEL=ON -DENABLE_UNICODE=ON -DENABLE_ARES=ON', install: 'mingw-w64-x86_64-libssh2', type: 'Debug', name: 'schannel c-ares U' }
+          - { build: 'autotools', sys: 'mingw64'   , env: 'x86_64'       , tflags: ''       , config: '--enable-debug --with-openssl --enable-windows-unicode --enable-ares --with-openssl-quic --enable-shared=no', install: 'mingw-w64-x86_64-c-ares mingw-w64-x86_64-openssl mingw-w64-x86_64-nghttp3 mingw-w64-x86_64-libssh2', name: 'c-ares U' }
+          - { build: 'cmake'    , sys: 'mingw64'   , env: 'x86_64'       , tflags: ''       , config: '-DENABLE_DEBUG=ON  -DBUILD_SHARED_LIBS=OFF -DCURL_USE_SCHANNEL=ON -DENABLE_UNICODE=ON -DENABLE_ARES=ON', install: 'mingw-w64-x86_64-c-ares mingw-w64-x86_64-libssh2', type: 'Debug', name: 'schannel c-ares U' }
           # WARNING: libssh uses hard-coded world-writable paths (/etc/..., ~/.ssh/) to
           #          read its configuration from, making it vulnerable to attacks on
           #          Windows. Do not use this component till there is a fix for these.
@@ -244,7 +244,6 @@ jobs:
             mingw-w64-${{ matrix.env }}-${{ matrix.build }} ${{ matrix.build == 'autotools' && 'make' || '' }}
             mingw-w64-${{ matrix.env }}-diffutils
             mingw-w64-${{ matrix.env }}-libpsl
-            mingw-w64-${{ matrix.env }}-c-ares
             ${{ matrix.install }}
 
       - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0

From dc8c0d54a51961bbdea25fafa4c381d10f27cf9c Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 2 Dec 2025 17:46:52 +0100
Subject: [PATCH 1107/2408] test3207: enable memdebug for this test again

Closes #19813
---
 tests/data/test3207 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/data/test3207 b/tests/data/test3207
index 9aa3ee5a36..4806ef5474 100644
--- a/tests/data/test3207
+++ b/tests/data/test3207
@@ -37,7 +37,7 @@ concurrent HTTPS GET using shared ssl session cache
 lib%TESTNUMBER
 
 # provide URL and ca-cert
-
+
 https://localhost:%HTTPSPORT/%TESTNUMBER %CERTDIR/certs/test-ca.crt
 
 

From c3b030b860a2c1b2a74e032bb82b981d2f806249 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 2 Dec 2025 07:25:18 +0100
Subject: [PATCH 1108/2408] lib: fix formatting nits (part 3)

From `lib/h` to `lib/w`.

part 1: 47a1ab2ebecb21485c0e955316d90511e80a3c43 #19764
part 2: 86b346443b68cde7ef33e1ab770e6c8ab641d2b1 #19800

Closes #19811
---
 lib/hash.c           |  41 ++---
 lib/hash.h           |  23 ++-
 lib/headers.c        |   3 +-
 lib/headers.h        |   6 +-
 lib/hmac.c           |  16 +-
 lib/hostip.c         |  61 +++----
 lib/hostip.h         |   9 +-
 lib/hostip4.c        |  10 +-
 lib/hsts.c           |  16 +-
 lib/hsts.h           |   4 +-
 lib/http.c           | 148 +++++++---------
 lib/http.h           |  18 +-
 lib/http1.c          |   6 +-
 lib/http2.c          | 172 +++++++++---------
 lib/http2.h          |   8 +-
 lib/http_aws_sigv4.c |  59 +++----
 lib/http_aws_sigv4.h |   3 +-
 lib/http_chunks.c    |   4 +-
 lib/http_digest.c    |   2 +-
 lib/http_negotiate.c |   5 +-
 lib/http_ntlm.c      |  12 +-
 lib/http_proxy.c     |  27 +--
 lib/http_proxy.h     |   2 +-
 lib/httpsrr.c        |   1 -
 lib/httpsrr.h        |   2 +-
 lib/idn.c            |  20 +--
 lib/if2ip.c          |  25 ++-
 lib/if2ip.h          |  16 +-
 lib/imap.c           | 153 ++++++++--------
 lib/imap.h           |   3 +-
 lib/ldap.c           |  22 ++-
 lib/llist.c          |  25 ++-
 lib/llist.h          |   4 +-
 lib/md4.c            |  71 ++++----
 lib/md5.c            |  62 ++++---
 lib/memdebug.c       |  14 +-
 lib/mime.c           | 138 +++++++--------
 lib/mime.h           |  11 +-
 lib/mprintf.c        |  62 ++++---
 lib/mqtt.c           |  22 +--
 lib/multi.c          | 178 ++++++++-----------
 lib/multi_ev.c       |  40 ++---
 lib/multi_ntfy.c     |   4 +-
 lib/multi_ntfy.h     |   9 +-
 lib/multiif.h        |   1 -
 lib/netrc.c          |  10 +-
 lib/netrc.h          |  12 +-
 lib/noproxy.c        |  10 +-
 lib/openldap.c       |  39 ++---
 lib/parsedate.c      | 182 +++++++++----------
 lib/pingpong.c       |   1 -
 lib/pingpong.h       |  10 +-
 lib/pop3.c           |  20 +--
 lib/progress.c       |  25 ++-
 lib/psl.c            |   2 +-
 lib/rand.c           |   9 +-
 lib/rand.h           |   7 +-
 lib/ratelimit.c      |   2 +-
 lib/request.c        |   4 +-
 lib/request.h        |   1 -
 lib/rtsp.c           |  33 ++--
 lib/rtsp.h           |   2 +-
 lib/select.c         |  36 ++--
 lib/select.h         |  61 ++++---
 lib/sendf.c          |  15 +-
 lib/sendf.h          |  20 +--
 lib/setopt.c         |  76 ++++----
 lib/setopt.h         |   2 +-
 lib/setup-os400.h    |   9 +-
 lib/setup-vms.h      | 385 +++++++++++++++++++++--------------------
 lib/sha256.c         | 103 +++++------
 lib/sigpipe.h        |  12 +-
 lib/slist.c          |  13 +-
 lib/smb.c            |  42 ++---
 lib/smtp.c           |  61 ++++---
 lib/socketpair.h     |  18 +-
 lib/socks.c          |  51 +++---
 lib/socks.h          |   6 +-
 lib/socks_gssapi.c   |  12 +-
 lib/socks_sspi.c     |  12 +-
 lib/splay.c          |   6 +-
 lib/strcase.c        |  76 ++++----
 lib/strcase.h        |   2 +-
 lib/strdup.h         |   2 +-
 lib/strerror.c       | 192 ++++++++++-----------
 lib/system_win32.c   |   2 +-
 lib/telnet.c         | 403 +++++++++++++++++++++----------------------
 lib/tftp.c           |  22 +--
 lib/transfer.c       |  18 +-
 lib/transfer.h       |   3 +-
 lib/uint-bset.c      |  10 +-
 lib/uint-bset.h      |   3 +-
 lib/uint-hash.c      |   7 +-
 lib/uint-hash.h      |   2 -
 lib/uint-spbset.c    |   6 -
 lib/uint-table.c     |  11 --
 lib/url.c            | 112 ++++++------
 lib/urlapi.c         |  68 +++++---
 lib/urldata.h        | 130 +++++++-------
 lib/version.c        |   6 +-
 lib/ws.c             | 300 ++++++++++++++++----------------
 lib/ws.h             |   5 +-
 102 files changed, 2001 insertions(+), 2226 deletions(-)

diff --git a/lib/hash.c b/lib/hash.c
index 2d91c855e6..b9e9d702e3 100644
--- a/lib/hash.c
+++ b/lib/hash.c
@@ -37,8 +37,7 @@
 
 
 #if 0 /* useful function for debugging hashes and their contents */
-void Curl_hash_print(struct Curl_hash *h,
-                     void (*func)(void *))
+void Curl_hash_print(struct Curl_hash *h, void (*func)(void *))
 {
   struct Curl_hash_iterator iter;
   struct Curl_hash_element *he;
@@ -80,12 +79,11 @@ void Curl_hash_print(struct Curl_hash *h,
  * @unittest: 1602
  * @unittest: 1603
  */
-void
-Curl_hash_init(struct Curl_hash *h,
-               size_t slots,
-               hash_function hfunc,
-               comp_function comparator,
-               Curl_hash_dtor dtor)
+void Curl_hash_init(struct Curl_hash *h,
+                    size_t slots,
+                    hash_function hfunc,
+                    comp_function comparator,
+                    Curl_hash_dtor dtor)
 {
   DEBUGASSERT(h);
   DEBUGASSERT(slots);
@@ -104,9 +102,10 @@ Curl_hash_init(struct Curl_hash *h,
 #endif
 }
 
-static struct Curl_hash_element *
-hash_elem_create(const void *key, size_t key_len, const void *p,
-                 Curl_hash_elem_dtor dtor)
+static struct Curl_hash_element *hash_elem_create(const void *key,
+                                                  size_t key_len,
+                                                  const void *p,
+                                                  Curl_hash_elem_dtor dtor)
 {
   struct Curl_hash_element *he;
 
@@ -161,8 +160,8 @@ static void hash_elem_link(struct Curl_hash *h,
   ++h->size;
 }
 
-#define CURL_HASH_SLOT(x,y,z)      x->table[x->hash_func(y, z, x->slots)]
-#define CURL_HASH_SLOT_ADDR(x,y,z) &CURL_HASH_SLOT(x,y,z)
+#define CURL_HASH_SLOT(x, y, z)      x->table[x->hash_func(y, z, x->slots)]
+#define CURL_HASH_SLOT_ADDR(x, y, z) &CURL_HASH_SLOT(x, y, z)
 
 void *Curl_hash_add2(struct Curl_hash *h, void *key, size_t key_len, void *p,
                      Curl_hash_elem_dtor dtor)
@@ -205,8 +204,7 @@ void *Curl_hash_add2(struct Curl_hash *h, void *key, size_t key_len, void *p,
  * @unittest: 1602
  * @unittest: 1603
  */
-void *
-Curl_hash_add(struct Curl_hash *h, void *key, size_t key_len, void *p)
+void *Curl_hash_add(struct Curl_hash *h, void *key, size_t key_len, void *p)
 {
   return Curl_hash_add2(h, key, key_len, p, NULL);
 }
@@ -242,8 +240,7 @@ int Curl_hash_delete(struct Curl_hash *h, void *key, size_t key_len)
  *
  * @unittest: 1603
  */
-void *
-Curl_hash_pick(struct Curl_hash *h, void *key, size_t key_len)
+void *Curl_hash_pick(struct Curl_hash *h, void *key, size_t key_len)
 {
   DEBUGASSERT(h);
   DEBUGASSERT(h->init == HASHINIT);
@@ -268,8 +265,7 @@ Curl_hash_pick(struct Curl_hash *h, void *key, size_t key_len)
  * @unittest: 1602
  * @unittest: 1603
  */
-void
-Curl_hash_destroy(struct Curl_hash *h)
+void Curl_hash_destroy(struct Curl_hash *h)
 {
   DEBUGASSERT(h->init == HASHINIT);
   if(h->table) {
@@ -308,9 +304,8 @@ size_t Curl_hash_count(struct Curl_hash *h)
 }
 
 /* Cleans all entries that pass the comp function criteria. */
-void
-Curl_hash_clean_with_criterium(struct Curl_hash *h, void *user,
-                               int (*comp)(void *, void *))
+void Curl_hash_clean_with_criterium(struct Curl_hash *h, void *user,
+                                    int (*comp)(void *, void *))
 {
   size_t i;
 
@@ -335,7 +330,7 @@ Curl_hash_clean_with_criterium(struct Curl_hash *h, void *user,
 
 size_t Curl_hash_str(void *key, size_t key_length, size_t slots_num)
 {
-  const char *key_str = (const char *) key;
+  const char *key_str = (const char *)key;
   const char *end = key_str + key_length;
   size_t h = 5381;
 
diff --git a/lib/hash.h b/lib/hash.h
index fcd92db664..b9974826b0 100644
--- a/lib/hash.h
+++ b/lib/hash.h
@@ -31,17 +31,17 @@
 #include "llist.h"
 
 /* Hash function prototype */
-typedef size_t (*hash_function) (void *key,
-                                 size_t key_length,
-                                 size_t slots_num);
+typedef size_t (*hash_function)(void *key,
+                                size_t key_length,
+                                size_t slots_num);
 
 /*
    Comparator function prototype. Compares two keys.
 */
-typedef size_t (*comp_function) (void *key1,
-                                 size_t key1_len,
-                                 void *key2,
-                                 size_t key2_len);
+typedef size_t (*comp_function)(void *key1,
+                                size_t key1_len,
+                                void *key2,
+                                size_t key2_len);
 
 typedef void (*Curl_hash_dtor)(void *);
 
@@ -49,10 +49,10 @@ typedef void (*Curl_hash_elem_dtor)(void *key, size_t key_len, void *p);
 
 struct Curl_hash_element {
   struct Curl_hash_element *next;
-  void   *ptr;
+  void *ptr;
   Curl_hash_elem_dtor dtor;
   size_t key_len;
-  char   key[1]; /* allocated memory following the struct */
+  char key[1]; /* allocated memory following the struct */
 };
 
 struct Curl_hash {
@@ -63,7 +63,7 @@ struct Curl_hash {
   /* Comparator function to compare keys */
   comp_function comp_func;
   /* General element construct, unless element itself carries one */
-  Curl_hash_dtor   dtor;
+  Curl_hash_dtor dtor;
   size_t slots;
   size_t size;
 #ifdef DEBUGBUILD
@@ -105,7 +105,6 @@ void Curl_hash_start_iterate(struct Curl_hash *hash,
 struct Curl_hash_element *
 Curl_hash_next_element(struct Curl_hash_iterator *iter);
 
-void Curl_hash_print(struct Curl_hash *h,
-                     void (*func)(void *));
+void Curl_hash_print(struct Curl_hash *h, void (*func)(void *));
 
 #endif /* HEADER_CURL_HASH_H */
diff --git a/lib/headers.c b/lib/headers.c
index 91715fd51d..7cf215c080 100644
--- a/lib/headers.c
+++ b/lib/headers.c
@@ -69,7 +69,7 @@ CURLHcode curl_easy_header(CURL *easy,
   struct Curl_header_store *hs = NULL;
   struct Curl_header_store *pick = NULL;
   if(!name || !hout || !data ||
-     (type > (CURLH_HEADER|CURLH_TRAILER|CURLH_CONNECT|CURLH_1XX|
+     (type > (CURLH_HEADER | CURLH_TRAILER | CURLH_CONNECT | CURLH_1XX |
               CURLH_PSEUDO)) || !type || (request < -1))
     return CURLHE_BAD_ARGUMENT;
   if(!Curl_llist_count(&data->state.httphdrs))
@@ -264,7 +264,6 @@ static CURLcode unfold_value(struct Curl_easy *data, const char *value,
   return CURLE_OK;
 }
 
-
 /*
  * Curl_headers_push() gets passed a full HTTP header to store. It gets called
  * immediately before the header callback. The header is CRLF terminated.
diff --git a/lib/headers.h b/lib/headers.h
index e11fe9804e..7249355f0c 100644
--- a/lib/headers.h
+++ b/lib/headers.h
@@ -54,9 +54,9 @@ CURLcode Curl_headers_push(struct Curl_easy *data, const char *header,
 CURLcode Curl_headers_cleanup(struct Curl_easy *data);
 
 #else
-#define Curl_headers_init(x) CURLE_OK
-#define Curl_headers_push(x,y,z) CURLE_OK
-#define Curl_headers_cleanup(x) Curl_nop_stmt
+#define Curl_headers_init(x)       CURLE_OK
+#define Curl_headers_push(x, y, z) CURLE_OK
+#define Curl_headers_cleanup(x)    Curl_nop_stmt
 #endif
 
 #endif /* HEADER_CURL_HEADER_H */
diff --git a/lib/hmac.c b/lib/hmac.c
index 4f226e6434..fdde197175 100644
--- a/lib/hmac.c
+++ b/lib/hmac.c
@@ -46,10 +46,9 @@
 static const unsigned char hmac_ipad = 0x36;
 static const unsigned char hmac_opad = 0x5C;
 
-struct HMAC_context *
-Curl_HMAC_init(const struct HMAC_params *hashparams,
-               const unsigned char *key,
-               unsigned int keylen)
+struct HMAC_context *Curl_HMAC_init(const struct HMAC_params *hashparams,
+                                    const unsigned char *key,
+                                    unsigned int keylen)
 {
   size_t i;
   struct HMAC_context *ctxt;
@@ -64,15 +63,15 @@ Curl_HMAC_init(const struct HMAC_params *hashparams,
     return ctxt;
 
   ctxt->hash = hashparams;
-  ctxt->hashctxt1 = (void *) (ctxt + 1);
-  ctxt->hashctxt2 = (void *) ((char *) ctxt->hashctxt1 + hashparams->ctxtsize);
+  ctxt->hashctxt1 = (void *)(ctxt + 1);
+  ctxt->hashctxt2 = (void *)((char *)ctxt->hashctxt1 + hashparams->ctxtsize);
 
   /* If the key is too long, replace it by its hash digest. */
   if(keylen > hashparams->maxkeylen) {
     if(hashparams->hinit(ctxt->hashctxt1))
       goto fail;
     hashparams->hupdate(ctxt->hashctxt1, key, keylen);
-    hkey = (unsigned char *) ctxt->hashctxt2 + hashparams->ctxtsize;
+    hkey = (unsigned char *)ctxt->hashctxt2 + hashparams->ctxtsize;
     hashparams->hfinal(hkey, ctxt->hashctxt1);
     key = hkey;
     keylen = hashparams->resultlen;
@@ -112,7 +111,6 @@ int Curl_HMAC_update(struct HMAC_context *ctxt,
   return 0;
 }
 
-
 int Curl_HMAC_final(struct HMAC_context *ctxt, unsigned char *output)
 {
   const struct HMAC_params *hashparams = ctxt->hash;
@@ -121,7 +119,7 @@ int Curl_HMAC_final(struct HMAC_context *ctxt, unsigned char *output)
      storage. */
 
   if(!output)
-    output = (unsigned char *) ctxt->hashctxt2 + ctxt->hash->ctxtsize;
+    output = (unsigned char *)ctxt->hashctxt2 + ctxt->hash->ctxtsize;
 
   hashparams->hfinal(output, ctxt->hashctxt1);
   hashparams->hupdate(ctxt->hashctxt2, output, hashparams->resultlen);
diff --git a/lib/hostip.c b/lib/hostip.c
index e81886995e..ba9e3ddd7a 100644
--- a/lib/hostip.c
+++ b/lib/hostip.c
@@ -118,7 +118,7 @@ static void dnscache_entry_free(struct Curl_dns_entry *dns);
 static void show_resolve_info(struct Curl_easy *data,
                               struct Curl_dns_entry *dns);
 #else
-#define show_resolve_info(x,y) Curl_nop_stmt
+#define show_resolve_info(x, y) Curl_nop_stmt
 #endif
 
 /*
@@ -158,10 +158,9 @@ void Curl_printable_address(const struct Curl_addrinfo *ai, char *buf,
  * Create a hostcache id string for the provided host + port, to be used by
  * the DNS caching. Without alloc. Return length of the id string.
  */
-static size_t
-create_dnscache_id(const char *name,
-                   size_t nlen, /* 0 or actual name length */
-                   int port, char *ptr, size_t buflen)
+static size_t create_dnscache_id(const char *name,
+                                 size_t nlen, /* 0 or actual name length */
+                                 int port, char *ptr, size_t buflen)
 {
   size_t len = nlen ? nlen : strlen(name);
   DEBUGASSERT(buflen >= MAX_HOSTCACHE_LEN);
@@ -185,12 +184,10 @@ struct dnscache_prune_data {
  * Returning non-zero means remove the entry, return 0 to keep it in the
  * cache.
  */
-static int
-dnscache_entry_is_stale(void *datap, void *hc)
+static int dnscache_entry_is_stale(void *datap, void *hc)
 {
-  struct dnscache_prune_data *prune =
-    (struct dnscache_prune_data *) datap;
-  struct Curl_dns_entry *dns = (struct Curl_dns_entry *) hc;
+  struct dnscache_prune_data *prune = (struct dnscache_prune_data *)datap;
+  struct Curl_dns_entry *dns = (struct Curl_dns_entry *)hc;
 
   if(dns->timestamp.tv_sec || dns->timestamp.tv_usec) {
     /* get age in milliseconds */
@@ -209,9 +206,9 @@ dnscache_entry_is_stale(void *datap, void *hc)
  * Prune the DNS cache. This assumes that a lock has already been taken.
  * Returns the 'age' of the oldest still kept entry - in milliseconds.
  */
-static timediff_t
-dnscache_prune(struct Curl_hash *hostcache, timediff_t cache_timeout_ms,
-               struct curltime now)
+static timediff_t dnscache_prune(struct Curl_hash *hostcache,
+                                 timediff_t cache_timeout_ms,
+                                 struct curltime now)
 {
   struct dnscache_prune_data user;
 
@@ -389,11 +386,10 @@ static struct Curl_dns_entry *fetch_addr(struct Curl_easy *data,
  * The returned data *MUST* be "released" with Curl_resolv_unlink() after
  * use, or we will leak memory!
  */
-struct Curl_dns_entry *
-Curl_dnscache_get(struct Curl_easy *data,
-                  const char *hostname,
-                  int port,
-                  int ip_version)
+struct Curl_dns_entry *Curl_dnscache_get(struct Curl_easy *data,
+                                         const char *hostname,
+                                         int port,
+                                         int ip_version)
 {
   struct Curl_dnscache *dnscache = dnscache_get(data);
   struct Curl_dns_entry *dns = NULL;
@@ -447,7 +443,7 @@ UNITTEST CURLcode Curl_shuffle_addr(struct Curl_easy *data,
     struct Curl_addrinfo **nodes;
     infof(data, "Shuffling %i addresses", num_addrs);
 
-    nodes = curlx_malloc(num_addrs*sizeof(*nodes));
+    nodes = curlx_malloc(num_addrs * sizeof(*nodes));
     if(nodes) {
       int i;
       unsigned int *rnd;
@@ -456,7 +452,7 @@ UNITTEST CURLcode Curl_shuffle_addr(struct Curl_easy *data,
       /* build a plain array of Curl_addrinfo pointers */
       nodes[0] = *addr;
       for(i = 1; i < num_addrs; i++) {
-        nodes[i] = nodes[i-1]->ai_next;
+        nodes[i] = nodes[i - 1]->ai_next;
       }
 
       rnd = curlx_malloc(rnd_size);
@@ -472,10 +468,10 @@ UNITTEST CURLcode Curl_shuffle_addr(struct Curl_easy *data,
 
           /* relink list in the new order */
           for(i = 1; i < num_addrs; i++) {
-            nodes[i-1]->ai_next = nodes[i];
+            nodes[i - 1]->ai_next = nodes[i];
           }
 
-          nodes[num_addrs-1]->ai_next = NULL;
+          nodes[num_addrs - 1]->ai_next = NULL;
           *addr = nodes[0];
         }
         curlx_free(rnd);
@@ -632,7 +628,7 @@ static struct Curl_addrinfo *get_localhost6(int port, const char *name)
   return ca;
 }
 #else
-#define get_localhost6(x,y) NULL
+#define get_localhost6(x, y) NULL
 #endif
 
 /* return a static IPv4 127.0.0.1 for the given name */
@@ -727,7 +723,6 @@ bool Curl_host_is_ipnum(const char *hostname)
   return FALSE;
 }
 
-
 /* return TRUE if 'part' is a case insensitive tail of 'full' */
 static bool tailmatch(const char *full, size_t flen,
                       const char *part, size_t plen)
@@ -980,8 +975,7 @@ CURLcode Curl_resolv_blocking(struct Curl_easy *data,
  * execution. This effectively causes the remainder of the application to run
  * within a signal handler which is nonportable and could lead to problems.
  */
-CURL_NORETURN static
-void alarmfunc(int sig)
+CURL_NORETURN static void alarmfunc(int sig)
 {
   (void)sig;
   siglongjmp(curl_jmpenv, 1);
@@ -1018,7 +1012,7 @@ CURLcode Curl_resolv_timeout(struct Curl_easy *data,
 {
 #ifdef USE_ALARM_TIMEOUT
 #ifdef HAVE_SIGACTION
-  struct sigaction keep_sigact;   /* store the old struct here */
+  struct sigaction keep_sigact; /* store the old struct here */
   volatile bool keep_copysig = FALSE; /* whether old sigact has been saved */
   struct sigaction sigact;
 #else
@@ -1058,8 +1052,8 @@ CURLcode Curl_resolv_timeout(struct Curl_easy *data,
     /* The alarm() function only provides integer second resolution, so if
        we want to wait less than one second we must bail out already now. */
     failf(data,
-        "remaining timeout of %ld too small to resolve via SIGALRM method",
-        timeout);
+          "remaining timeout of %ld too small to resolve via SIGALRM method",
+          timeout);
     return CURLE_OPERATION_TIMEDOUT;
   }
   /* This allows us to time-out from the name resolver, as the timeout
@@ -1101,7 +1095,7 @@ CURLcode Curl_resolv_timeout(struct Curl_easy *data,
 
     /* alarm() makes a signal get sent when the timeout fires off, and that
        will abort system calls */
-    prev_alarm = alarm(curlx_sltoui(timeout/1000L));
+    prev_alarm = alarm(curlx_sltoui(timeout / 1000L));
   }
 
 #else /* !USE_ALARM_TIMEOUT */
@@ -1151,7 +1145,7 @@ clean_up:
     unsigned long alarm_set = (unsigned long)(prev_alarm - elapsed_secs);
 
     if(!alarm_set ||
-       ((alarm_set >= 0x80000000) && (prev_alarm < 0x80000000)) ) {
+       ((alarm_set >= 0x80000000) && (prev_alarm < 0x80000000))) {
       /* if the alarm time-left reached zero or turned "negative" (counted
          with unsigned values), we should fire off a SIGALRM here, but we
          will not, and zero would be to switch it off so we never set it to
@@ -1203,7 +1197,7 @@ void Curl_resolv_unlink(struct Curl_easy *data, struct Curl_dns_entry **pdns)
 
 static void dnscache_entry_dtor(void *entry)
 {
-  struct Curl_dns_entry *dns = (struct Curl_dns_entry *) entry;
+  struct Curl_dns_entry *dns = (struct Curl_dns_entry *)entry;
   DEBUGASSERT(dns && (dns->refcount > 0));
   dns->refcount--;
   if(dns->refcount == 0)
@@ -1361,8 +1355,7 @@ CURLcode Curl_loadhostpairs(struct Curl_easy *data)
       error = FALSE;
 err:
       if(error) {
-        failf(data, "Could not parse CURLOPT_RESOLVE entry '%s'",
-              hostp->data);
+        failf(data, "Could not parse CURLOPT_RESOLVE entry '%s'", hostp->data);
         Curl_freeaddrinfo(head);
         return CURLE_SETOPT_OPTION_SYNTAX;
       }
diff --git a/lib/hostip.h b/lib/hostip.h
index 3eb82cd149..780d93038f 100644
--- a/lib/hostip.h
+++ b/lib/hostip.h
@@ -175,10 +175,9 @@ Curl_dnscache_mk_entry(struct Curl_easy *data,
  * The returned data *MUST* be "released" with Curl_resolv_unlink() after
  * use, or we will leak memory!
  */
-struct Curl_dns_entry *
-Curl_dnscache_get(struct Curl_easy *data,
-                  const char *hostname,
-                  int port, int ip_version);
+struct Curl_dns_entry *Curl_dnscache_get(struct Curl_easy *data,
+                                         const char *hostname, int port,
+                                         int ip_version);
 
 /*
  * Curl_dnscache_addr() adds `entry` to the cache, increasing its
@@ -196,7 +195,7 @@ CURLcode Curl_loadhostpairs(struct Curl_easy *data);
 CURLcode Curl_resolv_check(struct Curl_easy *data,
                            struct Curl_dns_entry **dns);
 #else
-#define Curl_resolv_check(x,y) CURLE_NOT_BUILT_IN
+#define Curl_resolv_check(x, y) CURLE_NOT_BUILT_IN
 #endif
 CURLcode Curl_resolv_pollset(struct Curl_easy *data,
                              struct easy_pollset *ps);
diff --git a/lib/hostip4.c b/lib/hostip4.c
index f01e902fd6..ada0211769 100644
--- a/lib/hostip4.c
+++ b/lib/hostip4.c
@@ -166,11 +166,11 @@ struct Curl_addrinfo *Curl_ipv4_resolve_r(const char *hostname,
   /* Linux */
 
   (void)gethostbyname_r(hostname,
-                      (struct hostent *)buf,
-                      (char *)buf + sizeof(struct hostent),
-                      CURL_HOSTENT_SIZE - sizeof(struct hostent),
-                      &h, /* DIFFERENCE */
-                      &h_errnop);
+                        (struct hostent *)buf,
+                        (char *)buf + sizeof(struct hostent),
+                        CURL_HOSTENT_SIZE - sizeof(struct hostent),
+                        &h, /* DIFFERENCE */
+                        &h_errnop);
   /* Redhat 8, using glibc 2.2.93 changed the behavior. Now all of a
    * sudden this function returns EAGAIN if the given buffer size is too
    * small. Previous versions are known to return ERANGE for the same
diff --git a/lib/hsts.c b/lib/hsts.c
index 22add03957..66f983e493 100644
--- a/lib/hsts.c
+++ b/lib/hsts.c
@@ -41,10 +41,10 @@
 #include "strdup.h"
 #include "curlx/strparse.h"
 
-#define MAX_HSTS_LINE 4095
+#define MAX_HSTS_LINE    4095
 #define MAX_HSTS_HOSTLEN 2048
 #define MAX_HSTS_DATELEN 256
-#define UNLIMITED "unlimited"
+#define UNLIMITED        "unlimited"
 
 #if defined(DEBUGBUILD) || defined(UNITTESTS)
 /* to play well with debug builds, we can *set* a fixed time this will
@@ -248,7 +248,7 @@ struct stsentry *Curl_hsts(struct hsts *h, const char *hostname,
 
     if((hlen > MAX_HSTS_HOSTLEN) || !hlen)
       return NULL;
-    if(hostname[hlen-1] == '.')
+    if(hostname[hlen - 1] == '.')
       /* remove the trailing dot */
       --hlen;
 
@@ -265,7 +265,7 @@ struct stsentry *Curl_hsts(struct hsts *h, const char *hostname,
       ntail = strlen(sts->host);
       if((subdomain && sts->includeSubDomains) && (ntail < hlen)) {
         size_t offs = hlen - ntail;
-        if((hostname[offs-1] == '.') &&
+        if((hostname[offs - 1] == '.') &&
            curl_strnequal(&hostname[offs], sts->host, ntail) &&
            (ntail > blen)) {
           /* save the tail match with the longest tail */
@@ -310,8 +310,7 @@ static CURLcode hsts_push(struct Curl_easy *data,
   else
     strcpy(e.expire, UNLIMITED);
 
-  sc = data->set.hsts_write(data, &e, i,
-                            data->set.hsts_write_userp);
+  sc = data->set.hsts_write(data, &e, i, data->set.hsts_write_userp);
   *stop = (sc != CURLSTS_OK);
   return sc == CURLSTS_FAIL ? CURLE_BAD_FUNCTION_ARGUMENT : CURLE_OK;
 }
@@ -327,7 +326,7 @@ static CURLcode hsts_out(struct stsentry *sts, FILE *fp)
     if(result)
       return result;
     curl_mfprintf(fp, "%s%s \"%d%02d%02d %02d:%02d:%02d\"\n",
-                  sts->includeSubDomains ? ".": "", sts->host,
+                  sts->includeSubDomains ? "." : "", sts->host,
                   stamp.tm_year + 1900, stamp.tm_mon + 1, stamp.tm_mday,
                   stamp.tm_hour, stamp.tm_min, stamp.tm_sec);
   }
@@ -337,7 +336,6 @@ static CURLcode hsts_out(struct stsentry *sts, FILE *fp)
   return CURLE_OK;
 }
 
-
 /*
  * Curl_https_save() writes the HSTS cache to file and callback.
  */
@@ -469,7 +467,7 @@ static CURLcode hsts_pull(struct Curl_easy *data, struct hsts *h)
       char buffer[MAX_HSTS_HOSTLEN + 1];
       struct curl_hstsentry e;
       e.name = buffer;
-      e.namelen = sizeof(buffer)-1;
+      e.namelen = sizeof(buffer) - 1;
       e.includeSubDomains = FALSE; /* default */
       e.expire[0] = 0;
       e.name[0] = 0; /* just to make it clean */
diff --git a/lib/hsts.h b/lib/hsts.h
index cb83ada790..91fe778788 100644
--- a/lib/hsts.h
+++ b/lib/hsts.h
@@ -62,8 +62,8 @@ CURLcode Curl_hsts_loadcb(struct Curl_easy *data,
 CURLcode Curl_hsts_loadfiles(struct Curl_easy *data);
 #else
 #define Curl_hsts_cleanup(x)
-#define Curl_hsts_loadcb(x,y) CURLE_OK
-#define Curl_hsts_save(x,y,z)
+#define Curl_hsts_loadcb(x, y) CURLE_OK
+#define Curl_hsts_save(x, y, z)
 #define Curl_hsts_loadfiles(x) CURLE_OK
 #endif /* CURL_DISABLE_HTTP || CURL_DISABLE_HSTS */
 #endif /* HEADER_CURL_HSTS_H */
diff --git a/lib/http.c b/lib/http.c
index fcae0a57c2..3178ca59e9 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -111,7 +111,6 @@ static CURLcode http_statusline(struct Curl_easy *data,
 static CURLcode http_target(struct Curl_easy *data, struct dynbuf *req);
 static CURLcode http_useragent(struct Curl_easy *data);
 
-
 /*
  * HTTP handler interface.
  */
@@ -138,7 +137,7 @@ const struct Curl_handler Curl_handler_http = {
   CURLPROTO_HTTP,                       /* protocol */
   CURLPROTO_HTTP,                       /* family */
   PROTOPT_CREDSPERREQUEST |             /* flags */
-  PROTOPT_USERPWDCTRL | PROTOPT_CONN_REUSE
+    PROTOPT_USERPWDCTRL | PROTOPT_CONN_REUSE
 
 };
 
@@ -169,7 +168,7 @@ const struct Curl_handler Curl_handler_https = {
   CURLPROTO_HTTPS,                      /* protocol */
   CURLPROTO_HTTP,                       /* family */
   PROTOPT_SSL | PROTOPT_CREDSPERREQUEST | PROTOPT_ALPN | /* flags */
-  PROTOPT_USERPWDCTRL | PROTOPT_CONN_REUSE
+    PROTOPT_USERPWDCTRL | PROTOPT_CONN_REUSE
 };
 
 #endif
@@ -255,7 +254,7 @@ char *Curl_checkProxyheaders(struct Curl_easy *data,
 }
 #else
 /* disabled */
-#define Curl_checkProxyheaders(x,y,z,a) NULL
+#define Curl_checkProxyheaders(x, y, z, a) NULL
 #endif
 
 static bool http_header_is_empty(const char *header)
@@ -599,7 +598,6 @@ CURLcode Curl_http_auth_act(struct Curl_easy *data)
       data->state.authproblem = TRUE;
     else
       data->info.proxyauthpicked = data->state.authproxy.picked;
-
   }
 #endif
 
@@ -617,7 +615,7 @@ CURLcode Curl_http_auth_act(struct Curl_easy *data)
       return CURLE_OUT_OF_MEMORY;
   }
   else if((data->req.httpcode < 300) &&
-          (!data->state.authhost.done) &&
+          !data->state.authhost.done &&
           data->req.authneg) {
     /* no (known) authentication available,
        authentication is not "done" yet and
@@ -645,13 +643,12 @@ CURLcode Curl_http_auth_act(struct Curl_easy *data)
  * Output the correct authentication header depending on the auth type
  * and whether or not it is to a proxy.
  */
-static CURLcode
-output_auth_headers(struct Curl_easy *data,
-                    struct connectdata *conn,
-                    struct auth *authstatus,
-                    const char *request,
-                    const char *path,
-                    bool proxy)
+static CURLcode output_auth_headers(struct Curl_easy *data,
+                                    struct connectdata *conn,
+                                    struct auth *authstatus,
+                                    const char *request,
+                                    const char *path,
+                                    bool proxy)
 {
   const char *auth = NULL;
   CURLcode result = CURLE_OK;
@@ -865,13 +862,12 @@ Curl_http_output_auth(struct Curl_easy *data,
 
 #else
 /* when disabled */
-CURLcode
-Curl_http_output_auth(struct Curl_easy *data,
-                      struct connectdata *conn,
-                      const char *request,
-                      Curl_HttpReq httpreq,
-                      const char *path,
-                      bool proxytunnel)
+CURLcode Curl_http_output_auth(struct Curl_easy *data,
+                               struct connectdata *conn,
+                               const char *request,
+                               Curl_HttpReq httpreq,
+                               const char *path,
+                               bool proxytunnel)
 {
   (void)data;
   (void)conn;
@@ -1398,7 +1394,7 @@ CURLcode Curl_http_follow(struct Curl_easy *data, const char *newurl,
     /* 300 - Multiple Choices */
     /* 306 - Not used */
     /* 307 - Temporary Redirect */
-  default:  /* for all above (and the unknown ones) */
+  default: /* for all above (and the unknown ones) */
     /* Some codes are explicitly mentioned since I have checked RFC2616 and
      * they seem to be OK to POST to.
      */
@@ -1420,10 +1416,10 @@ CURLcode Curl_http_follow(struct Curl_easy *data, const char *newurl,
      * This behavior is forbidden by RFC1945 and the obsolete RFC2616, and
      * can be overridden with CURLOPT_POSTREDIR.
      */
-    if((data->state.httpreq == HTTPREQ_POST
-        || data->state.httpreq == HTTPREQ_POST_FORM
-        || data->state.httpreq == HTTPREQ_POST_MIME)
-       && !(data->set.keep_post & CURL_REDIR_POST_301)) {
+    if((data->state.httpreq == HTTPREQ_POST ||
+        data->state.httpreq == HTTPREQ_POST_FORM ||
+        data->state.httpreq == HTTPREQ_POST_MIME) &&
+       !(data->set.keep_post & CURL_REDIR_POST_301)) {
       http_switch_to_get(data, 301);
       switch_to_get = TRUE;
     }
@@ -1445,10 +1441,10 @@ CURLcode Curl_http_follow(struct Curl_easy *data, const char *newurl,
      * This behavior is forbidden by RFC1945 and the obsolete RFC2616, and
      * can be overridden with CURLOPT_POSTREDIR.
      */
-    if((data->state.httpreq == HTTPREQ_POST
-        || data->state.httpreq == HTTPREQ_POST_FORM
-        || data->state.httpreq == HTTPREQ_POST_MIME)
-       && !(data->set.keep_post & CURL_REDIR_POST_302)) {
+    if((data->state.httpreq == HTTPREQ_POST ||
+        data->state.httpreq == HTTPREQ_POST_FORM ||
+        data->state.httpreq == HTTPREQ_POST_MIME) &&
+       !(data->set.keep_post & CURL_REDIR_POST_302)) {
       http_switch_to_get(data, 302);
       switch_to_get = TRUE;
     }
@@ -1502,12 +1498,11 @@ CURLcode Curl_http_follow(struct Curl_easy *data, const char *newurl,
  * Returns TRUE if 'headerline' contains the 'header' with given 'content'.
  * Pass headers WITH the colon.
  */
-bool
-Curl_compareheader(const char *headerline, /* line to check */
-                   const char *header,  /* header keyword _with_ colon */
-                   const size_t hlen,   /* len of the keyword in bytes */
-                   const char *content, /* content string to find */
-                   const size_t clen)   /* len of the content in bytes */
+bool Curl_compareheader(const char *headerline, /* line to check */
+                        const char *header, /* header keyword _with_ colon */
+                        const size_t hlen, /* len of the keyword in bytes */
+                        const char *content, /* content string to find */
+                        const size_t clen) /* len of the content in bytes */
 {
   /* RFC2616, section 4.2 says: "Each header field consists of a name followed
    * by a colon (":") and the field value. Field names are case-insensitive.
@@ -1651,14 +1646,14 @@ static unsigned char http_request_version(struct Curl_easy *data)
 static const char *get_http_string(int httpversion)
 {
   switch(httpversion) {
-    case 30:
-      return "3";
-    case 20:
-      return "2";
-    case 11:
-      return "1.1";
-    default:
-      return "1.0";
+  case 30:
+    return "3";
+  case 20:
+    return "2";
+  case 11:
+    return "1.1";
+  default:
+    return "1.0";
   }
 }
 
@@ -1841,7 +1836,7 @@ CURLcode Curl_add_timecondition(struct Curl_easy *data,
   curl_msnprintf(datestr, sizeof(datestr),
                  "%s: %s, %02d %s %4d %02d:%02d:%02d GMT\r\n",
                  condp,
-                 Curl_wkday[tm->tm_wday ? tm->tm_wday-1 : 6],
+                 Curl_wkday[tm->tm_wday ? tm->tm_wday - 1 : 6],
                  tm->tm_mday,
                  Curl_month[tm->tm_mon],
                  tm->tm_year + 1900,
@@ -1869,11 +1864,11 @@ void Curl_http_method(struct Curl_easy *data,
   Curl_HttpReq httpreq = (Curl_HttpReq)data->state.httpreq;
   const char *request;
 #ifndef CURL_DISABLE_WEBSOCKETS
-  if(data->conn->handler->protocol&(CURLPROTO_WS|CURLPROTO_WSS))
+  if(data->conn->handler->protocol & (CURLPROTO_WS | CURLPROTO_WSS))
     httpreq = HTTPREQ_GET;
   else
 #endif
-  if((data->conn->handler->protocol&(PROTO_FAMILY_HTTP|CURLPROTO_FTP)) &&
+  if((data->conn->handler->protocol & (PROTO_FAMILY_HTTP | CURLPROTO_FTP)) &&
      data->state.upload)
     httpreq = HTTPREQ_PUT;
 
@@ -1923,7 +1918,6 @@ static CURLcode http_useragent(struct Curl_easy *data)
   return CURLE_OK;
 }
 
-
 static CURLcode http_set_aptr_host(struct Curl_easy *data)
 {
   struct connectdata *conn = data->conn;
@@ -1993,10 +1987,10 @@ static CURLcode http_set_aptr_host(struct Curl_easy *data)
        [brackets] if the hostname is a plain IPv6-address. RFC2732-style. */
     const char *host = conn->host.name;
 
-    if(((conn->given->protocol&(CURLPROTO_HTTPS|CURLPROTO_WSS)) &&
+    if(((conn->given->protocol & (CURLPROTO_HTTPS | CURLPROTO_WSS)) &&
         (conn->remote_port == PORT_HTTPS)) ||
-       ((conn->given->protocol&(CURLPROTO_HTTP|CURLPROTO_WS)) &&
-        (conn->remote_port == PORT_HTTP)) )
+       ((conn->given->protocol & (CURLPROTO_HTTP | CURLPROTO_WS)) &&
+        (conn->remote_port == PORT_HTTP)))
       /* if(HTTPS on port 443) OR (HTTP on port 80) then do not include
          the port number in the host string */
       aptr->host = curl_maprintf("Host: %s%s%s\r\n",
@@ -2532,7 +2526,7 @@ static CURLcode http_cookies(struct Curl_easy *data,
   return result;
 }
 #else
-#define http_cookies(a,b) CURLE_OK
+#define http_cookies(a, b) CURLE_OK
 #endif
 
 static CURLcode http_range(struct Curl_easy *data,
@@ -2579,7 +2573,7 @@ static CURLcode http_range(struct Curl_easy *data,
         data->state.aptr.rangeline =
           curl_maprintf("Content-Range: bytes %s%" FMT_OFF_T "/"
                         "%" FMT_OFF_T "\r\n",
-                        data->state.range, total_len-1, total_len);
+                        data->state.range, total_len - 1, total_len);
       }
       else {
         /* Range was selected and then we just pass the incoming range and
@@ -2909,7 +2903,7 @@ static CURLcode http_add_hd(struct Curl_easy *data,
       result = Curl_http2_request_upgrade(req, data);
     }
 #ifndef CURL_DISABLE_WEBSOCKETS
-    if(!result && conn->handler->protocol&(CURLPROTO_WS|CURLPROTO_WSS))
+    if(!result && conn->handler->protocol & (CURLPROTO_WS | CURLPROTO_WSS))
       result = Curl_ws_request(data, req);
 #endif
     break;
@@ -3057,7 +3051,6 @@ typedef enum {
   STATUS_BAD /* not a status line */
 } statusline;
 
-
 /* Check a string for a prefix. Check no more than 'len' bytes */
 static bool checkprefixmax(const char *prefix, const char *buffer, size_t len)
 {
@@ -3070,9 +3063,8 @@ static bool checkprefixmax(const char *prefix, const char *buffer, size_t len)
  *
  * Returns TRUE if member of the list matches prefix of string
  */
-static statusline
-checkhttpprefix(struct Curl_easy *data,
-                const char *s, size_t len)
+static statusline checkhttpprefix(struct Curl_easy *data,
+                                  const char *s, size_t len)
 {
   struct curl_slist *head = data->set.http200aliases;
   statusline rc = STATUS_BAD;
@@ -3093,9 +3085,8 @@ checkhttpprefix(struct Curl_easy *data,
 }
 
 #ifndef CURL_DISABLE_RTSP
-static statusline
-checkrtspprefix(struct Curl_easy *data,
-                const char *s, size_t len)
+static statusline checkrtspprefix(struct Curl_easy *data,
+                                  const char *s, size_t len)
 {
   statusline result = STATUS_BAD;
   statusline onmatch = len >= 5 ? STATUS_DONE : STATUS_UNKNOWN;
@@ -3107,9 +3098,9 @@ checkrtspprefix(struct Curl_easy *data,
 }
 #endif /* CURL_DISABLE_RTSP */
 
-static statusline
-checkprotoprefix(struct Curl_easy *data, struct connectdata *conn,
-                 const char *s, size_t len)
+static statusline checkprotoprefix(struct Curl_easy *data,
+                                   struct connectdata *conn,
+                                   const char *s, size_t len)
 {
 #ifndef CURL_DISABLE_RTSP
   if(conn->handler->protocol & CURLPROTO_RTSP)
@@ -3123,17 +3114,17 @@ checkprotoprefix(struct Curl_easy *data, struct connectdata *conn,
 
 /* HTTP header has field name `n` (a string constant) */
 #define HD_IS(hd, hdlen, n) \
-  (((hdlen) >= (sizeof(n)-1)) && curl_strnequal((n), (hd), (sizeof(n)-1)))
+  (((hdlen) >= (sizeof(n) - 1)) && curl_strnequal((n), (hd), (sizeof(n) - 1)))
 
 #define HD_VAL(hd, hdlen, n) \
-  ((((hdlen) >= (sizeof(n)-1)) && \
-    curl_strnequal((n), (hd), (sizeof(n)-1)))? (hd + (sizeof(n)-1)) : NULL)
+  ((((hdlen) >= (sizeof(n) - 1)) && \
+    curl_strnequal((n), (hd), (sizeof(n) - 1)))? (hd + (sizeof(n) - 1)) : NULL)
 
 /* HTTP header has field name `n` (a string constant) and contains `v`
  * (a string constant) in its value(s) */
 #define HD_IS_AND_SAYS(hd, hdlen, n, v) \
   (HD_IS(hd, hdlen, n) && \
-   ((hdlen) > ((sizeof(n)-1) + (sizeof(v)-1))) && \
+   ((hdlen) > ((sizeof(n) - 1) + (sizeof(v) - 1))) && \
    Curl_compareheader(hd, STRCONST(n), STRCONST(v)))
 
 /*
@@ -3664,15 +3655,15 @@ static CURLcode http_statusline(struct Curl_easy *data,
 #endif
     /* no major version switch mid-connection */
     if(k->httpversion_sent &&
-       (k->httpversion/10 != k->httpversion_sent/10)) {
+       (k->httpversion / 10 != k->httpversion_sent / 10)) {
       failf(data, "Version mismatch (from HTTP/%u to HTTP/%u)",
-            k->httpversion_sent/10, k->httpversion/10);
+            k->httpversion_sent / 10, k->httpversion / 10);
       return CURLE_WEIRD_SERVER_REPLY;
     }
     break;
   default:
     failf(data, "Unsupported HTTP version (%u.%d) in response",
-          k->httpversion/10, k->httpversion%10);
+          k->httpversion / 10, k->httpversion % 10);
     return CURLE_UNSUPPORTED_PROTOCOL;
   }
 
@@ -3825,7 +3816,7 @@ static CURLcode http_write_header(struct Curl_easy *data,
   Curl_debug(data, CURLINFO_HEADER_IN, hd, hdlen);
 
   writetype = CLIENTWRITE_HEADER |
-    ((data->req.httpcode/100 == 1) ? CLIENTWRITE_1XX : 0);
+    ((data->req.httpcode / 100 == 1) ? CLIENTWRITE_1XX : 0);
 
   result = Curl_client_write(data, writetype, hd, hdlen);
   if(result)
@@ -4011,8 +4002,7 @@ static CURLcode http_on_response(struct Curl_easy *data,
 
   /* Check if this response means the transfer errored. */
   if(http_should_fail(data, data->req.httpcode)) {
-    failf(data, "The requested URL returned error: %d",
-          k->httpcode);
+    failf(data, "The requested URL returned error: %d", k->httpcode);
     result = CURLE_HTTP_RETURNED_ERROR;
     goto out;
   }
@@ -4056,8 +4046,7 @@ static CURLcode http_on_response(struct Curl_easy *data,
             }
             else {
               infof(data, "Got HTTP failure 417 while sending data");
-              streamclose(conn,
-                          "Stop sending data before everything sent");
+              streamclose(conn, "Stop sending data before everything sent");
               result = http_perhapsrewind(data, conn);
               if(result)
                 goto out;
@@ -4095,7 +4084,6 @@ static CURLcode http_on_response(struct Curl_easy *data,
       infof(data, "Keep sending data to get tossed away");
       k->keepon |= KEEP_SEND;
     }
-
   }
 
   /* If we requested a "no body", this is a good time to get
@@ -4291,7 +4279,7 @@ static CURLcode http_rw_hd(struct Curl_easy *data,
    */
   Curl_debug(data, CURLINFO_HEADER_IN, hd, hdlen);
 
-  if(k->httpcode/100 == 1)
+  if(k->httpcode / 100 == 1)
     writetype |= CLIENTWRITE_1XX;
   result = Curl_client_write(data, writetype, hd, hdlen);
   if(result)
@@ -4785,8 +4773,7 @@ CURLcode Curl_http_req_to_h2(struct dynhds *h2_headers,
       infof(data, "set pseudo header %s to %s", HTTP_PSEUDO_SCHEME, scheme);
     }
     else {
-      scheme = Curl_conn_is_ssl(data->conn, FIRSTSOCKET) ?
-        "https" : "http";
+      scheme = Curl_conn_is_ssl(data->conn, FIRSTSOCKET) ? "https" : "http";
     }
   }
 
@@ -4969,8 +4956,7 @@ static CURLcode http_exp100_add_reader(struct Curl_easy *data)
   struct Curl_creader *reader = NULL;
   CURLcode result;
 
-  result = Curl_creader_create(&reader, data, &cr_exp100,
-                               CURL_CR_PROTOCOL);
+  result = Curl_creader_create(&reader, data, &cr_exp100, CURL_CR_PROTOCOL);
   if(!result)
     result = Curl_creader_add(data, reader);
   if(!result) {
diff --git a/lib/http.h b/lib/http.h
index ef41d7bb22..1c7ebdf8d7 100644
--- a/lib/http.h
+++ b/lib/http.h
@@ -38,7 +38,6 @@ typedef enum {
   HTTPREQ_HEAD
 } Curl_HttpReq;
 
-
 /* When redirecting transfers. */
 typedef enum {
   FOLLOW_NONE,  /* not used within the function, just a placeholder to
@@ -55,7 +54,6 @@ typedef enum {
 /* bitmask of CURL_HTTP_V* values */
 typedef unsigned char http_majors;
 
-
 #ifndef CURL_DISABLE_HTTP
 
 #ifdef USE_HTTP3
@@ -140,7 +138,7 @@ CURLcode Curl_http_follow(struct Curl_easy *data, const char *newurl,
    selected to use no auth at all. Ie, we actively select no auth, as opposed
    to not having one selected. The other CURLAUTH_* defines are present in the
    public curl/curl.h header. */
-#define CURLAUTH_PICKNONE (1<<30) /* do not use auth */
+#define CURLAUTH_PICKNONE (1 << 30) /* do not use auth */
 
 /* MAX_INITIAL_POST_SIZE indicates the number of bytes that will make the POST
    data get included in the initial data chunk sent to the server. If the
@@ -155,7 +153,7 @@ CURLcode Curl_http_follow(struct Curl_easy *data, const char *newurl,
    It must not be greater than 64K to work on VMS.
 */
 #ifndef MAX_INITIAL_POST_SIZE
-#define MAX_INITIAL_POST_SIZE (64*1024)
+#define MAX_INITIAL_POST_SIZE (64 * 1024)
 #endif
 
 /* EXPECT_100_THRESHOLD is the request body size limit for when libcurl will
@@ -164,13 +162,13 @@ CURLcode Curl_http_follow(struct Curl_easy *data, const char *newurl,
  *
  */
 #ifndef EXPECT_100_THRESHOLD
-#define EXPECT_100_THRESHOLD (1024*1024)
+#define EXPECT_100_THRESHOLD (1024 * 1024)
 #endif
 
 /* MAX_HTTP_RESP_HEADER_SIZE is the maximum size of all response headers
    combined that libcurl allows for a single HTTP response, any HTTP
    version. This count includes CONNECT response headers. */
-#define MAX_HTTP_RESP_HEADER_SIZE (300*1024)
+#define MAX_HTTP_RESP_HEADER_SIZE (300 * 1024)
 
 /* MAX_HTTP_RESP_HEADER_COUNT is the maximum number of response headers that
    libcurl allows for a single HTTP response, including CONNECT and
@@ -243,11 +241,11 @@ CURLcode Curl_http_req_make2(struct httpreq **preq,
 
 void Curl_http_req_free(struct httpreq *req);
 
-#define HTTP_PSEUDO_METHOD ":method"
-#define HTTP_PSEUDO_SCHEME ":scheme"
+#define HTTP_PSEUDO_METHOD    ":method"
+#define HTTP_PSEUDO_SCHEME    ":scheme"
 #define HTTP_PSEUDO_AUTHORITY ":authority"
-#define HTTP_PSEUDO_PATH ":path"
-#define HTTP_PSEUDO_STATUS ":status"
+#define HTTP_PSEUDO_PATH      ":path"
+#define HTTP_PSEUDO_STATUS    ":status"
 
 /**
  * Create the list of HTTP/2 headers which represent the request,
diff --git a/lib/http1.c b/lib/http1.c
index 657a674105..693a0dd7ef 100644
--- a/lib/http1.c
+++ b/lib/http1.c
@@ -33,7 +33,7 @@
 #include "urlapi-int.h"
 
 
-#define H1_MAX_URL_LEN   (8*1024)
+#define H1_MAX_URL_LEN (8 * 1024)
 
 void Curl_h1_req_parse_init(struct h1_req_parser *parser, size_t max_line_len)
 {
@@ -227,8 +227,8 @@ static CURLcode start_req(struct h1_req_parser *parser,
         result = CURLE_OUT_OF_MEMORY;
         goto out;
       }
-      url_options = (CURLU_NON_SUPPORT_SCHEME|
-                     CURLU_PATH_AS_IS|
+      url_options = (CURLU_NON_SUPPORT_SCHEME |
+                     CURLU_PATH_AS_IS |
                      CURLU_NO_DEFAULT_PORT);
       if(!(options & H1_PARSE_OPT_STRICT))
         url_options |= CURLU_ALLOW_SPACE;
diff --git a/lib/http2.c b/lib/http2.c
index 38c7d82785..a3ff8c8529 100644
--- a/lib/http2.c
+++ b/lib/http2.c
@@ -53,7 +53,7 @@
 #endif
 
 #ifdef CURL_DISABLE_VERBOSE_STRINGS
-#define nghttp2_session_callbacks_set_error_callback(x,y)
+#define nghttp2_session_callbacks_set_error_callback(x, y)
 #endif
 
 #if (NGHTTP2_VERSION_NUM >= 0x010c00)
@@ -91,7 +91,7 @@
  * is blocked from sending us any data. See #10988 for an issue with this. */
 #define HTTP2_HUGE_WINDOW_SIZE (100 * H2_STREAM_WINDOW_SIZE_MAX)
 
-#define H2_SETTINGS_IV_LEN  3
+#define H2_SETTINGS_IV_LEN 3
 #define H2_BINSETTINGS_LEN 80
 
 struct cf_h2_ctx {
@@ -122,8 +122,7 @@ struct cf_h2_ctx {
 
 /* How to access `call_data` from a cf_h2 filter */
 #undef CF_CTX_CALL_DATA
-#define CF_CTX_CALL_DATA(cf)  \
-  ((struct cf_h2_ctx *)(cf)->ctx)->call_data
+#define CF_CTX_CALL_DATA(cf) ((struct cf_h2_ctx *)(cf)->ctx)->call_data
 
 static void h2_stream_hash_free(unsigned int id, void *stream);
 
@@ -248,7 +247,7 @@ struct h2_stream_ctx {
   BIT(write_paused);  /* stream write is paused */
 };
 
-#define H2_STREAM_CTX(ctx,data)                                         \
+#define H2_STREAM_CTX(ctx, data)                                        \
   ((struct h2_stream_ctx *)(                                            \
     data? Curl_uint32_hash_get(&(ctx)->streams, (data)->mid) : NULL))
 
@@ -305,8 +304,7 @@ static void h2_stream_hash_free(unsigned int id, void *stream)
 static int32_t cf_h2_get_desired_local_win(struct Curl_cfilter *cf,
                                            struct Curl_easy *data)
 {
-  curl_off_t avail = Curl_rlimit_avail(&data->progress.dl.rlimit,
-                                       curlx_now());
+  curl_off_t avail = Curl_rlimit_avail(&data->progress.dl.rlimit, curlx_now());
 
   (void)cf;
   if(avail < CURL_OFF_T_MAX) { /* limit in place */
@@ -379,7 +377,6 @@ static CURLcode cf_h2_update_local_win(struct Curl_cfilter *cf,
 }
 #endif /* !NGHTTP2_HAS_SET_LOCAL_WINDOW_SIZE */
 
-
 static CURLcode http2_data_setup(struct Curl_cfilter *cf,
                                  struct Curl_easy *data,
                                  struct h2_stream_ctx **pstream)
@@ -447,8 +444,8 @@ static int h2_client_new(struct Curl_cfilter *cf,
 {
   struct cf_h2_ctx *ctx = cf->ctx;
   nghttp2_option *o;
-  nghttp2_mem mem = {NULL, Curl_nghttp2_malloc, Curl_nghttp2_free,
-    Curl_nghttp2_calloc, Curl_nghttp2_realloc};
+  nghttp2_mem mem = { NULL, Curl_nghttp2_malloc, Curl_nghttp2_free,
+                      Curl_nghttp2_calloc, Curl_nghttp2_realloc };
 
   int rc = nghttp2_option_new(&o);
   if(rc)
@@ -806,7 +803,6 @@ static ssize_t send_callback(nghttp2_session *h2,
     NGHTTP2_ERR_CALLBACK_FAILURE : (ssize_t)nwritten;
 }
 
-
 /* We pass a pointer to this struct in the push callback, but the contents of
    the struct are hidden from the user. */
 struct curl_pushheaders {
@@ -1217,72 +1213,72 @@ static CURLcode on_stream_frame(struct Curl_cfilter *cf,
 static int fr_print(const nghttp2_frame *frame, char *buffer, size_t blen)
 {
   switch(frame->hd.type) {
-    case NGHTTP2_DATA: {
-      return curl_msnprintf(buffer, blen,
-                            "FRAME[DATA, len=%d, eos=%d, padlen=%d]",
-                            (int)frame->hd.length,
-                            !!(frame->hd.flags & NGHTTP2_FLAG_END_STREAM),
-                            (int)frame->data.padlen);
+  case NGHTTP2_DATA: {
+    return curl_msnprintf(buffer, blen,
+                          "FRAME[DATA, len=%d, eos=%d, padlen=%d]",
+                          (int)frame->hd.length,
+                          !!(frame->hd.flags & NGHTTP2_FLAG_END_STREAM),
+                          (int)frame->data.padlen);
+  }
+  case NGHTTP2_HEADERS: {
+    return curl_msnprintf(buffer, blen,
+                          "FRAME[HEADERS, len=%d, hend=%d, eos=%d]",
+                          (int)frame->hd.length,
+                          !!(frame->hd.flags & NGHTTP2_FLAG_END_HEADERS),
+                          !!(frame->hd.flags & NGHTTP2_FLAG_END_STREAM));
+  }
+  case NGHTTP2_PRIORITY: {
+    return curl_msnprintf(buffer, blen,
+                          "FRAME[PRIORITY, len=%d, flags=%d]",
+                          (int)frame->hd.length, frame->hd.flags);
+  }
+  case NGHTTP2_RST_STREAM: {
+    return curl_msnprintf(buffer, blen,
+                          "FRAME[RST_STREAM, len=%d, flags=%d, error=%u]",
+                          (int)frame->hd.length, frame->hd.flags,
+                          frame->rst_stream.error_code);
+  }
+  case NGHTTP2_SETTINGS: {
+    if(frame->hd.flags & NGHTTP2_FLAG_ACK) {
+      return curl_msnprintf(buffer, blen, "FRAME[SETTINGS, ack=1]");
     }
-    case NGHTTP2_HEADERS: {
-      return curl_msnprintf(buffer, blen,
-                            "FRAME[HEADERS, len=%d, hend=%d, eos=%d]",
-                            (int)frame->hd.length,
-                            !!(frame->hd.flags & NGHTTP2_FLAG_END_HEADERS),
-                            !!(frame->hd.flags & NGHTTP2_FLAG_END_STREAM));
-    }
-    case NGHTTP2_PRIORITY: {
-      return curl_msnprintf(buffer, blen,
-                            "FRAME[PRIORITY, len=%d, flags=%d]",
-                            (int)frame->hd.length, frame->hd.flags);
-    }
-    case NGHTTP2_RST_STREAM: {
-      return curl_msnprintf(buffer, blen,
-                            "FRAME[RST_STREAM, len=%d, flags=%d, error=%u]",
-                            (int)frame->hd.length, frame->hd.flags,
-                            frame->rst_stream.error_code);
-    }
-    case NGHTTP2_SETTINGS: {
-      if(frame->hd.flags & NGHTTP2_FLAG_ACK) {
-        return curl_msnprintf(buffer, blen, "FRAME[SETTINGS, ack=1]");
-      }
-      return curl_msnprintf(buffer, blen,
-                            "FRAME[SETTINGS, len=%d]", (int)frame->hd.length);
-    }
-    case NGHTTP2_PUSH_PROMISE: {
-      return curl_msnprintf(buffer, blen,
-                            "FRAME[PUSH_PROMISE, len=%d, hend=%d]",
-                            (int)frame->hd.length,
-                            !!(frame->hd.flags & NGHTTP2_FLAG_END_HEADERS));
-    }
-    case NGHTTP2_PING: {
-      return curl_msnprintf(buffer, blen,
-                            "FRAME[PING, len=%d, ack=%d]",
-                            (int)frame->hd.length,
-                            frame->hd.flags&NGHTTP2_FLAG_ACK);
-    }
-    case NGHTTP2_GOAWAY: {
-      char scratch[128];
-      size_t s_len = CURL_ARRAYSIZE(scratch);
-      size_t len = (frame->goaway.opaque_data_len < s_len) ?
-        frame->goaway.opaque_data_len : s_len-1;
-      if(len)
-        memcpy(scratch, frame->goaway.opaque_data, len);
-      scratch[len] = '\0';
-      return curl_msnprintf(buffer, blen,
-                            "FRAME[GOAWAY, error=%d, reason='%s', "
-                            "last_stream=%d]", frame->goaway.error_code,
-                            scratch, frame->goaway.last_stream_id);
-    }
-    case NGHTTP2_WINDOW_UPDATE: {
-      return curl_msnprintf(buffer, blen,
-                            "FRAME[WINDOW_UPDATE, incr=%d]",
-                            frame->window_update.window_size_increment);
-    }
-    default:
-      return curl_msnprintf(buffer, blen, "FRAME[%d, len=%d, flags=%d]",
-                            frame->hd.type, (int)frame->hd.length,
-                            frame->hd.flags);
+    return curl_msnprintf(buffer, blen,
+                          "FRAME[SETTINGS, len=%d]", (int)frame->hd.length);
+  }
+  case NGHTTP2_PUSH_PROMISE: {
+    return curl_msnprintf(buffer, blen,
+                          "FRAME[PUSH_PROMISE, len=%d, hend=%d]",
+                          (int)frame->hd.length,
+                          !!(frame->hd.flags & NGHTTP2_FLAG_END_HEADERS));
+  }
+  case NGHTTP2_PING: {
+    return curl_msnprintf(buffer, blen,
+                          "FRAME[PING, len=%d, ack=%d]",
+                          (int)frame->hd.length,
+                          frame->hd.flags & NGHTTP2_FLAG_ACK);
+  }
+  case NGHTTP2_GOAWAY: {
+    char scratch[128];
+    size_t s_len = CURL_ARRAYSIZE(scratch);
+    size_t len = (frame->goaway.opaque_data_len < s_len) ?
+      frame->goaway.opaque_data_len : s_len - 1;
+    if(len)
+      memcpy(scratch, frame->goaway.opaque_data, len);
+    scratch[len] = '\0';
+    return curl_msnprintf(buffer, blen,
+                          "FRAME[GOAWAY, error=%d, reason='%s', "
+                          "last_stream=%d]", frame->goaway.error_code,
+                          scratch, frame->goaway.last_stream_id);
+  }
+  case NGHTTP2_WINDOW_UPDATE: {
+    return curl_msnprintf(buffer, blen,
+                          "FRAME[WINDOW_UPDATE, incr=%d]",
+                          frame->window_update.window_size_increment);
+  }
+  default:
+    return curl_msnprintf(buffer, blen, "FRAME[%d, len=%d, flags=%d]",
+                          frame->hd.type, (int)frame->hd.length,
+                          frame->hd.flags);
   }
 }
 
@@ -1298,7 +1294,7 @@ static int on_frame_send(nghttp2_session *session, const nghttp2_frame *frame,
   if(data && Curl_trc_cf_is_verbose(cf, data)) {
     char buffer[256];
     int len;
-    len = fr_print(frame, buffer, sizeof(buffer)-1);
+    len = fr_print(frame, buffer, sizeof(buffer) - 1);
     buffer[len] = 0;
     CURL_TRC_CF(data, cf, "[%d] -> %s", frame->hd.stream_id, buffer);
   }
@@ -1326,9 +1322,9 @@ static int on_frame_recv(nghttp2_session *session, const nghttp2_frame *frame,
   if(Curl_trc_cf_is_verbose(cf, data)) {
     char buffer[256];
     int len;
-    len = fr_print(frame, buffer, sizeof(buffer)-1);
+    len = fr_print(frame, buffer, sizeof(buffer) - 1);
     buffer[len] = 0;
-    CURL_TRC_CF(data, cf, "[%d] <- %s",frame->hd.stream_id, buffer);
+    CURL_TRC_CF(data, cf, "[%d] <- %s", frame->hd.stream_id, buffer);
   }
 #endif /* !CURL_DISABLE_VERBOSE_STRINGS */
 
@@ -1340,9 +1336,9 @@ static int on_frame_recv(nghttp2_session *session, const nghttp2_frame *frame,
       if(!(frame->hd.flags & NGHTTP2_FLAG_ACK)) {
         uint32_t max_conn = ctx->max_concurrent_streams;
         ctx->max_concurrent_streams = nghttp2_session_get_remote_settings(
-            session, NGHTTP2_SETTINGS_MAX_CONCURRENT_STREAMS);
+          session, NGHTTP2_SETTINGS_MAX_CONCURRENT_STREAMS);
         ctx->enable_push = nghttp2_session_get_remote_settings(
-            session, NGHTTP2_SETTINGS_ENABLE_PUSH) != 0;
+          session, NGHTTP2_SETTINGS_ENABLE_PUSH) != 0;
         CURL_TRC_CF(data, cf, "[0] MAX_CONCURRENT_STREAMS: %d",
                     ctx->max_concurrent_streams);
         CURL_TRC_CF(data, cf, "[0] ENABLE_PUSH: %s",
@@ -1369,7 +1365,7 @@ static int on_frame_recv(nghttp2_session *session, const nghttp2_frame *frame,
       ctx->remote_max_sid = frame->goaway.last_stream_id;
       if(data) {
         infof(data, "received GOAWAY, error=%u, last_stream=%u",
-                    ctx->goaway_error, ctx->remote_max_sid);
+              ctx->goaway_error, ctx->remote_max_sid);
         Curl_multi_connchanged(data->multi);
       }
       break;
@@ -1403,7 +1399,7 @@ static int cf_h2_on_invalid_frame_recv(nghttp2_session *session,
 #ifndef CURL_DISABLE_VERBOSE_STRINGS
     char buffer[256];
     int len;
-    len = fr_print(frame, buffer, sizeof(buffer)-1);
+    len = fr_print(frame, buffer, sizeof(buffer) - 1);
     buffer[len] = 0;
     failf(data, "[HTTP2] [%d] received invalid frame: %s, error %d: %s",
           stream_id, buffer, ngerr, nghttp2_strerror(ngerr));
@@ -1440,8 +1436,7 @@ static int on_data_chunk_recv(nghttp2_session *session, uint8_t flags,
     /* Receiving a Stream ID not in the hash should not happen - unless
        we have aborted a transfer artificially and there were more data
        in the pipeline. Silently ignore. */
-    CURL_TRC_CF(CF_DATA_CURRENT(cf), cf, "[%d] Data for unknown",
-                stream_id);
+    CURL_TRC_CF(CF_DATA_CURRENT(cf), cf, "[%d] Data for unknown", stream_id);
     /* consumed explicitly as no one will read it */
     nghttp2_session_consume(session, stream_id, len);
     return 0;
@@ -1594,7 +1589,7 @@ static int on_header(nghttp2_session *session, const nghttp2_frame *frame,
   if(frame->hd.type == NGHTTP2_PUSH_PROMISE) {
     char *h;
 
-    if((namelen == (sizeof(HTTP_PSEUDO_AUTHORITY)-1)) &&
+    if((namelen == (sizeof(HTTP_PSEUDO_AUTHORITY) - 1)) &&
        !strncmp(HTTP_PSEUDO_AUTHORITY, (const char *)name, namelen)) {
       /* pseudo headers are lower case */
       int rc = 0;
@@ -1900,7 +1895,8 @@ static CURLcode http2_handle_stream_close(struct Curl_cfilter *cf,
         break;
       Curl_debug(data, CURLINFO_HEADER_IN, curlx_dyn_ptr(&dbuf),
                  curlx_dyn_len(&dbuf));
-      result = Curl_client_write(data, CLIENTWRITE_HEADER|CLIENTWRITE_TRAILER,
+      result = Curl_client_write(data,
+                                 CLIENTWRITE_HEADER | CLIENTWRITE_TRAILER,
                                  curlx_dyn_ptr(&dbuf), curlx_dyn_len(&dbuf));
       if(result)
         break;
@@ -1967,7 +1963,7 @@ static CURLcode h2_progress_egress(struct Curl_cfilter *cf,
   if(stream && stream->id > 0 &&
      ((sweight_wanted(data) != sweight_in_effect(data)) ||
       (data->set.priority.exclusive != data->state.priority.exclusive) ||
-      (data->set.priority.parent != data->state.priority.parent)) ) {
+      (data->set.priority.parent != data->state.priority.parent))) {
     /* send new weight and/or dependency */
     nghttp2_priority_spec pri_spec;
 
diff --git a/lib/http2.h b/lib/http2.h
index 93cc2d44f2..147d7f76d5 100644
--- a/lib/http2.h
+++ b/lib/http2.h
@@ -65,10 +65,10 @@ extern struct Curl_cftype Curl_cft_nghttp2;
 
 #define Curl_http2_may_switch(a) FALSE
 
-#define Curl_http2_request_upgrade(x,y) CURLE_UNSUPPORTED_PROTOCOL
-#define Curl_http2_switch(a)            CURLE_UNSUPPORTED_PROTOCOL
-#define Curl_http2_upgrade(a,b,c,d,e)   CURLE_UNSUPPORTED_PROTOCOL
-#define Curl_h2_http_1_1_error(x) 0
+#define Curl_http2_request_upgrade(x, y)  CURLE_UNSUPPORTED_PROTOCOL
+#define Curl_http2_switch(a)              CURLE_UNSUPPORTED_PROTOCOL
+#define Curl_http2_upgrade(a, b, c, d, e) CURLE_UNSUPPORTED_PROTOCOL
+#define Curl_h2_http_1_1_error(x)         0
 #endif
 
 #endif /* HEADER_CURL_HTTP2_H */
diff --git a/lib/http_aws_sigv4.c b/lib/http_aws_sigv4.c
index 0ef18b6fea..da80f19658 100644
--- a/lib/http_aws_sigv4.c
+++ b/lib/http_aws_sigv4.c
@@ -133,7 +133,7 @@ static void trim_headers(struct curl_slist *head)
 }
 
 /* maximum length for the aws sivg4 parts */
-#define MAX_SIGV4_LEN 64
+#define MAX_SIGV4_LEN    64
 #define DATE_HDR_KEY_LEN (MAX_SIGV4_LEN + sizeof("X--Date"))
 
 /* string been x-PROVIDER-date:TIMESTAMP, I need +1 for ':' */
@@ -400,8 +400,7 @@ fail:
 
 #define CONTENT_SHA256_KEY_LEN (MAX_SIGV4_LEN + sizeof("X--Content-Sha256"))
 /* add 2 for ": " between header name and value */
-#define CONTENT_SHA256_HDR_LEN (CONTENT_SHA256_KEY_LEN + 2 + \
-                                SHA256_HEX_LENGTH)
+#define CONTENT_SHA256_HDR_LEN (CONTENT_SHA256_KEY_LEN + 2 + SHA256_HEX_LENGTH)
 
 /* try to parse a payload hash from the content-sha256 header */
 static const char *parse_content_sha_hdr(struct Curl_easy *data,
@@ -429,7 +428,7 @@ static const char *parse_content_sha_hdr(struct Curl_easy *data,
   curlx_str_passblanks(&value);
 
   len = strlen(value);
-  while(len > 0 && ISBLANK(value[len-1]))
+  while(len > 0 && ISBLANK(value[len - 1]))
     --len;
 
   *value_len = len;
@@ -530,7 +529,6 @@ static int compare_func(const void *a, const void *b)
   compare = strcmp(curlx_dyn_ptr(&aa->value), curlx_dyn_ptr(&bb->value));
 
   return compare;
-
 }
 
 UNITTEST CURLcode canon_path(const char *q, size_t len,
@@ -572,14 +570,13 @@ UNITTEST CURLcode canon_query(const char *query, struct dynbuf *dq)
   if(!query)
     return result;
 
-  result = split_to_dyn_array(query, &query_array[0],
-                              &num_query_components);
+  result = split_to_dyn_array(query, &query_array[0], &num_query_components);
   if(result) {
     goto fail;
   }
 
   /* Create list of pairs, each pair containing an encoded query
-    * component */
+   * component */
 
   for(index = 0; index < num_query_components; index++) {
     const char *in_key;
@@ -599,8 +596,8 @@ UNITTEST CURLcode canon_query(const char *query, struct dynbuf *dq)
       in_key_len = offset - in_key;
     }
 
-    curlx_dyn_init(&encoded_query_array[index].key, query_part_len*3 + 1);
-    curlx_dyn_init(&encoded_query_array[index].value, query_part_len*3 + 1);
+    curlx_dyn_init(&encoded_query_array[index].key, query_part_len * 3 + 1);
+    curlx_dyn_init(&encoded_query_array[index].value, query_part_len * 3 + 1);
     counted_query_components++;
 
     /* Decode/encode the key */
@@ -672,8 +669,8 @@ CURLcode Curl_output_aws_sigv4(struct Curl_easy *data)
   const char *line;
   struct Curl_str provider0;
   struct Curl_str provider1;
-  struct Curl_str region = { NULL, 0};
-  struct Curl_str service = { NULL, 0};
+  struct Curl_str region = { NULL, 0 };
+  struct Curl_str service = { NULL, 0 };
   const char *hostname = conn->host.name;
   time_t clock;
   struct tm tm;
@@ -697,8 +694,8 @@ CURLcode Curl_output_aws_sigv4(struct Curl_easy *data)
   char *str_to_sign = NULL;
   const char *user = data->state.aptr.user ? data->state.aptr.user : "";
   char *secret = NULL;
-  unsigned char sign0[CURL_SHA256_DIGEST_LENGTH] = {0};
-  unsigned char sign1[CURL_SHA256_DIGEST_LENGTH] = {0};
+  unsigned char sign0[CURL_SHA256_DIGEST_LENGTH] = { 0 };
+  unsigned char sign1[CURL_SHA256_DIGEST_LENGTH] = { 0 };
   char *auth_headers = NULL;
 
   if(data->set.path_as_is) {
@@ -782,7 +779,7 @@ CURLcode Curl_output_aws_sigv4(struct Curl_easy *data)
     /* AWS S3 requires a x-amz-content-sha256 header, and supports special
      * values like UNSIGNED-PAYLOAD */
     bool sign_as_s3 = curlx_str_casecompare(&provider0, "aws") &&
-      curlx_str_casecompare(&service, "s3");
+                      curlx_str_casecompare(&service, "s3");
 
     if(sign_as_s3)
       result = calc_s3_payload_hash(data, httpreq, curlx_str(&provider1),
@@ -864,7 +861,7 @@ CURLcode Curl_output_aws_sigv4(struct Curl_easy *data)
     goto fail;
 
   infof(data, "aws_sigv4: Canonical request (enclosed in []) - [%s]",
-    canonical_request);
+        canonical_request);
 
   request_type = curl_maprintf("%.*s4_request",
                                (int)curlx_strlen(&provider0),
@@ -885,7 +882,7 @@ CURLcode Curl_output_aws_sigv4(struct Curl_easy *data)
   if(!credential_scope)
     goto fail;
 
-  if(Curl_sha256it(sha_hash, (unsigned char *) canonical_request,
+  if(Curl_sha256it(sha_hash, (unsigned char *)canonical_request,
                    strlen(canonical_request)))
     goto fail;
 
@@ -912,7 +909,7 @@ CURLcode Curl_output_aws_sigv4(struct Curl_easy *data)
                    curlx_strlen(&provider0));
 
   infof(data, "aws_sigv4: String to sign (enclosed in []) - [%s]",
-    str_to_sign);
+        str_to_sign);
 
   secret = curl_maprintf("%.*s4%s", (int)curlx_strlen(&provider0),
                          curlx_str(&provider0), data->state.aptr.passwd ?
@@ -980,8 +977,8 @@ fail:
 }
 
 /*
-* Frees all allocated strings in a dynbuf pair array, and the dynbuf itself
-*/
+ * Frees all allocated strings in a dynbuf pair array, and the dynbuf itself
+ */
 
 static void pair_array_free(struct pair *pair_array, size_t num_elements)
 {
@@ -991,12 +988,11 @@ static void pair_array_free(struct pair *pair_array, size_t num_elements)
     curlx_dyn_free(&pair_array[index].key);
     curlx_dyn_free(&pair_array[index].value);
   }
-
 }
 
 /*
-* Frees all allocated strings in a split dynbuf, and the dynbuf itself
-*/
+ * Frees all allocated strings in a split dynbuf, and the dynbuf itself
+ */
 
 static void dyn_array_free(struct dynbuf *db, size_t num_elements)
 {
@@ -1007,10 +1003,10 @@ static void dyn_array_free(struct dynbuf *db, size_t num_elements)
 }
 
 /*
-* Splits source string by SPLIT_BY, and creates an array of dynbuf in db.
-* db is initialized by this function.
-* Caller is responsible for freeing the array elements with dyn_array_free
-*/
+ * Splits source string by SPLIT_BY, and creates an array of dynbuf in db.
+ * db is initialized by this function.
+ * Caller is responsible for freeing the array elements with dyn_array_free
+ */
 
 #define SPLIT_BY '&'
 
@@ -1032,8 +1028,7 @@ static CURLcode split_to_dyn_array(const char *source,
     if(source[pos] == SPLIT_BY) {
       if(segment_length) {
         curlx_dyn_init(&db[index], segment_length + 1);
-        result = curlx_dyn_addn(&db[index], &source[start],
-                                segment_length);
+        result = curlx_dyn_addn(&db[index], &source[start], segment_length);
         if(result)
           goto fail;
 
@@ -1064,7 +1059,6 @@ fail:
   return result;
 }
 
-
 static bool is_reserved_char(const char c)
 {
   return (ISALNUM(c) || ISURLPUNTCS(c));
@@ -1091,7 +1085,6 @@ static CURLcode uri_encode_path(struct Curl_str *original_path,
   return CURLE_OK;
 }
 
-
 static CURLcode encode_query_component(char *component, size_t len,
                                        struct dynbuf *db)
 {
@@ -1116,8 +1109,8 @@ static CURLcode encode_query_component(char *component, size_t len,
 }
 
 /*
-* Populates a dynbuf containing url_encode(url_decode(in))
-*/
+ * Populates a dynbuf containing url_encode(url_decode(in))
+ */
 
 static CURLcode http_aws_decode_encode(const char *in, size_t in_len,
                                        struct dynbuf *out)
diff --git a/lib/http_aws_sigv4.h b/lib/http_aws_sigv4.h
index 9747c948a6..ea7651896e 100644
--- a/lib/http_aws_sigv4.h
+++ b/lib/http_aws_sigv4.h
@@ -33,8 +33,7 @@ CURLcode Curl_output_aws_sigv4(struct Curl_easy *data);
 
 #ifdef UNITTESTS
 UNITTEST CURLcode canon_path(const char *q, size_t len,
-    struct dynbuf *new_path,
-    bool normalize);
+                             struct dynbuf *new_path, bool normalize);
 UNITTEST CURLcode canon_query(const char *query, struct dynbuf *dq);
 #endif
 
diff --git a/lib/http_chunks.c b/lib/http_chunks.c
index 9d0a0b324c..76aab85ce2 100644
--- a/lib/http_chunks.c
+++ b/lib/http_chunks.c
@@ -357,7 +357,6 @@ static CURLcode httpchunk_readwrite(struct Curl_easy *data,
     case CHUNK_FAILED:
       return CURLE_RECV_ERROR;
     }
-
   }
   return CURLE_OK;
 }
@@ -528,8 +527,7 @@ static CURLcode add_last_chunk(struct Curl_easy *data,
       continue;
     }
 
-    result = Curl_bufq_cwrite(&ctx->chunkbuf, tr->data,
-                              strlen(tr->data), &n);
+    result = Curl_bufq_cwrite(&ctx->chunkbuf, tr->data, strlen(tr->data), &n);
     if(!result)
       result = Curl_bufq_cwrite(&ctx->chunkbuf, STRCONST("\r\n"), &n);
     if(result)
diff --git a/lib/http_digest.c b/lib/http_digest.c
index 2ca1a12d5d..34aba0e3ba 100644
--- a/lib/http_digest.c
+++ b/lib/http_digest.c
@@ -148,7 +148,7 @@ CURLcode Curl_output_digest(struct Curl_easy *data,
     }
   }
   if(!tmp)
-    path = (unsigned char *)curlx_strdup((const char *) uripath);
+    path = (unsigned char *)curlx_strdup((const char *)uripath);
 
   if(!path)
     return CURLE_OUT_OF_MEMORY;
diff --git a/lib/http_negotiate.c b/lib/http_negotiate.c
index f31e59c2ca..2929f7980a 100644
--- a/lib/http_negotiate.c
+++ b/lib/http_negotiate.c
@@ -47,7 +47,6 @@ static void http_auth_nego_reset(struct connectdata *conn,
     Curl_auth_cleanup_spnego(neg_ctx);
 }
 
-
 CURLcode Curl_input_negotiate(struct Curl_easy *data, struct connectdata *conn,
                               bool proxy, const char *header)
 {
@@ -124,8 +123,8 @@ CURLcode Curl_input_negotiate(struct Curl_easy *data, struct connectdata *conn,
 #ifdef USE_SSL
   curlx_dyn_init(&neg_ctx->channel_binding_data, SSL_CB_MAX_SIZE + 1);
   if(Curl_conn_is_ssl(conn, FIRSTSOCKET)) {
-    result = Curl_ssl_get_channel_binding(
-      data, FIRSTSOCKET, &neg_ctx->channel_binding_data);
+    result = Curl_ssl_get_channel_binding(data, FIRSTSOCKET,
+                                          &neg_ctx->channel_binding_data);
     if(result) {
       http_auth_nego_reset(conn, neg_ctx, proxy);
       return result;
diff --git a/lib/http_ntlm.c b/lib/http_ntlm.c
index 6c79bcac1b..e1b48d7675 100644
--- a/lib/http_ntlm.c
+++ b/lib/http_ntlm.c
@@ -144,7 +144,7 @@ CURLcode Curl_output_ntlm(struct Curl_easy *data, bool proxy)
     userp = data->state.aptr.proxyuser;
     passwdp = data->state.aptr.proxypasswd;
     service = data->set.str[STRING_PROXY_SERVICE_NAME] ?
-      data->set.str[STRING_PROXY_SERVICE_NAME] : "HTTP";
+              data->set.str[STRING_PROXY_SERVICE_NAME] : "HTTP";
     hostname = conn->http_proxy.host.name;
     state = &conn->proxy_ntlm_state;
     authp = &data->state.authproxy;
@@ -157,7 +157,7 @@ CURLcode Curl_output_ntlm(struct Curl_easy *data, bool proxy)
     userp = data->state.aptr.user;
     passwdp = data->state.aptr.passwd;
     service = data->set.str[STRING_SERVICE_NAME] ?
-      data->set.str[STRING_SERVICE_NAME] : "HTTP";
+              data->set.str[STRING_SERVICE_NAME] : "HTTP";
     hostname = conn->host.name;
     state = &conn->http_ntlm_state;
     authp = &data->state.authhost;
@@ -202,12 +202,11 @@ CURLcode Curl_output_ntlm(struct Curl_easy *data, bool proxy)
     if(!result) {
       DEBUGASSERT(Curl_bufref_len(&ntlmmsg) != 0);
       result = curlx_base64_encode(Curl_bufref_ptr(&ntlmmsg),
-                                  Curl_bufref_len(&ntlmmsg), &base64, &len);
+                                   Curl_bufref_len(&ntlmmsg), &base64, &len);
       if(!result) {
         curlx_free(*allocuserpwd);
         *allocuserpwd = curl_maprintf("%sAuthorization: NTLM %s\r\n",
-                                      proxy ? "Proxy-" : "",
-                                      base64);
+                                      proxy ? "Proxy-" : "", base64);
         curlx_free(base64);
         if(!*allocuserpwd)
           result = CURLE_OUT_OF_MEMORY;
@@ -225,8 +224,7 @@ CURLcode Curl_output_ntlm(struct Curl_easy *data, bool proxy)
       if(!result) {
         curlx_free(*allocuserpwd);
         *allocuserpwd = curl_maprintf("%sAuthorization: NTLM %s\r\n",
-                                      proxy ? "Proxy-" : "",
-                                      base64);
+                                      proxy ? "Proxy-" : "", base64);
         curlx_free(base64);
         if(!*allocuserpwd)
           result = CURLE_OUT_OF_MEMORY;
diff --git a/lib/http_proxy.c b/lib/http_proxy.c
index 21f0cc6211..d1d043bfb2 100644
--- a/lib/http_proxy.c
+++ b/lib/http_proxy.c
@@ -131,25 +131,31 @@ static CURLcode dynhds_add_custom(struct Curl_easy *data,
       if(data->state.aptr.host &&
          /* a Host: header was sent already, do not pass on any custom Host:
             header as that will produce *two* in the same request! */
-         curlx_str_casecompare(&name, "Host"));
+         curlx_str_casecompare(&name, "Host"))
+        ;
       else if(data->state.httpreq == HTTPREQ_POST_FORM &&
               /* this header (extended by formdata.c) is sent later */
-              curlx_str_casecompare(&name, "Content-Type"));
+              curlx_str_casecompare(&name, "Content-Type"))
+        ;
       else if(data->state.httpreq == HTTPREQ_POST_MIME &&
               /* this header is sent later */
-              curlx_str_casecompare(&name, "Content-Type"));
+              curlx_str_casecompare(&name, "Content-Type"))
+        ;
       else if(data->req.authneg &&
               /* while doing auth neg, do not allow the custom length since
                  we will force length zero then */
-              curlx_str_casecompare(&name, "Content-Length"));
+              curlx_str_casecompare(&name, "Content-Length"))
+        ;
       else if((httpversion >= 20) &&
-              curlx_str_casecompare(&name, "Transfer-Encoding"));
+              curlx_str_casecompare(&name, "Transfer-Encoding"))
+        ;
       /* HTTP/2 and HTTP/3 do not support chunked requests */
       else if((curlx_str_casecompare(&name, "Authorization") ||
                curlx_str_casecompare(&name, "Cookie")) &&
               /* be careful of sending this potentially sensitive header to
                  other hosts */
-              !Curl_auth_allowed_to_host(data));
+              !Curl_auth_allowed_to_host(data))
+        ;
       else {
         CURLcode result =
           Curl_dynhds_add(hds, curlx_str(&name), curlx_strlen(&name),
@@ -211,13 +217,13 @@ CURLcode Curl_http_proxy_create_CONNECT(struct httpreq **preq,
   Curl_http_proxy_get_destination(cf, &hostname, &port, &ipv6_ip);
 
   authority = curl_maprintf("%s%s%s:%d", ipv6_ip ? "[" : "", hostname,
-                            ipv6_ip ?"]" : "", port);
+                            ipv6_ip ? "]" : "", port);
   if(!authority) {
     result = CURLE_OUT_OF_MEMORY;
     goto out;
   }
 
-  result = Curl_http_req_make(&req, "CONNECT", sizeof("CONNECT")-1,
+  result = Curl_http_req_make(&req, "CONNECT", sizeof("CONNECT") - 1,
                               NULL, 0, authority, strlen(authority),
                               NULL, 0);
   if(result)
@@ -253,7 +259,7 @@ CURLcode Curl_http_proxy_create_CONNECT(struct httpreq **preq,
   }
 
   if(http_version_major == 1 &&
-    !Curl_checkProxyheaders(data, cf->conn, STRCONST("Proxy-Connection"))) {
+     !Curl_checkProxyheaders(data, cf->conn, STRCONST("Proxy-Connection"))) {
     result = Curl_dynhds_cadd(&req->headers, "Proxy-Connection", "Keep-Alive");
     if(result)
       goto out;
@@ -394,10 +400,9 @@ static void http_proxy_cf_close(struct Curl_cfilter *cf,
     cf->next->cft->do_close(cf->next, data);
 }
 
-
 struct Curl_cftype Curl_cft_http_proxy = {
   "HTTP-PROXY",
-  CF_TYPE_IP_CONNECT|CF_TYPE_PROXY,
+  CF_TYPE_IP_CONNECT | CF_TYPE_PROXY,
   0,
   http_proxy_cf_destroy,
   http_proxy_cf_connect,
diff --git a/lib/http_proxy.h b/lib/http_proxy.h
index 17f7e10488..7af2ebb284 100644
--- a/lib/http_proxy.h
+++ b/lib/http_proxy.h
@@ -46,7 +46,7 @@ CURLcode Curl_http_proxy_create_CONNECT(struct httpreq **preq,
                                         int http_version_major);
 
 /* Default proxy timeout in milliseconds */
-#define PROXY_TIMEOUT (3600*1000)
+#define PROXY_TIMEOUT (3600 * 1000)
 
 CURLcode Curl_cf_http_proxy_query(struct Curl_cfilter *cf,
                                   struct Curl_easy *data,
diff --git a/lib/httpsrr.c b/lib/httpsrr.c
index 34d081b502..3acb16ac3a 100644
--- a/lib/httpsrr.c
+++ b/lib/httpsrr.c
@@ -151,7 +151,6 @@ void Curl_httpsrr_cleanup(struct Curl_https_rrinfo *rrinfo)
   Curl_safefree(rrinfo->rrname);
 }
 
-
 #ifdef USE_ARES
 
 static CURLcode httpsrr_opt(struct Curl_easy *data,
diff --git a/lib/httpsrr.h b/lib/httpsrr.h
index 9b7831f75c..4259a03262 100644
--- a/lib/httpsrr.h
+++ b/lib/httpsrr.h
@@ -33,7 +33,7 @@
 #ifdef USE_HTTPSRR
 
 #define CURL_MAXLEN_host_name 253
-#define MAX_HTTPSRR_ALPNS 4
+#define MAX_HTTPSRR_ALPNS     4
 
 struct Curl_easy;
 
diff --git a/lib/idn.c b/lib/idn.c
index 0b1a4a36cc..8f4c3e03f7 100644
--- a/lib/idn.c
+++ b/lib/idn.c
@@ -22,9 +22,9 @@
  *
  ***************************************************************************/
 
- /*
-  * IDN conversions
-  */
+/*
+ * IDN conversions
+ */
 
 #include "curl_setup.h"
 #include "urldata.h"
@@ -87,18 +87,18 @@ static CURLcode mac_idn_to_ascii(const char *in, char **out)
 {
   size_t inlen = strlen(in);
   if(inlen < MAX_HOST_LENGTH) {
-    char iconv_buffer[MAX_HOST_LENGTH] = {0};
+    char iconv_buffer[MAX_HOST_LENGTH] = { 0 };
     char *iconv_outptr = iconv_buffer;
     size_t iconv_outlen = sizeof(iconv_buffer);
     CURLcode iconv_result = iconv_to_utf8(in, inlen,
                                           &iconv_outptr, &iconv_outlen);
     if(!iconv_result) {
       UErrorCode err = U_ZERO_ERROR;
-      UIDNA* idna = uidna_openUTS46(
-        UIDNA_CHECK_BIDI|UIDNA_NONTRANSITIONAL_TO_ASCII, &err);
+      UIDNA *idna = uidna_openUTS46(
+        UIDNA_CHECK_BIDI | UIDNA_NONTRANSITIONAL_TO_ASCII, &err);
       if(!U_FAILURE(err)) {
         UIDNAInfo info = UIDNA_INFO_INITIALIZER;
-        char buffer[MAX_HOST_LENGTH] = {0};
+        char buffer[MAX_HOST_LENGTH] = { 0 };
         (void)uidna_nameToASCII_UTF8(idna, iconv_buffer, (int)iconv_outlen,
                                      buffer, sizeof(buffer) - 1, &info, &err);
         uidna_close(idna);
@@ -122,11 +122,11 @@ static CURLcode mac_ascii_to_idn(const char *in, char **out)
   size_t inlen = strlen(in);
   if(inlen < MAX_HOST_LENGTH) {
     UErrorCode err = U_ZERO_ERROR;
-    UIDNA* idna = uidna_openUTS46(
-      UIDNA_CHECK_BIDI|UIDNA_NONTRANSITIONAL_TO_UNICODE, &err);
+    UIDNA *idna = uidna_openUTS46(
+      UIDNA_CHECK_BIDI | UIDNA_NONTRANSITIONAL_TO_UNICODE, &err);
     if(!U_FAILURE(err)) {
       UIDNAInfo info = UIDNA_INFO_INITIALIZER;
-      char buffer[MAX_HOST_LENGTH] = {0};
+      char buffer[MAX_HOST_LENGTH] = { 0 };
       (void)uidna_nameToUnicodeUTF8(idna, in, -1, buffer,
                                     sizeof(buffer) - 1, &info, &err);
       uidna_close(idna);
diff --git a/lib/if2ip.c b/lib/if2ip.c
index c2b8aafc4d..ef2bfe2b0a 100644
--- a/lib/if2ip.c
+++ b/lib/if2ip.c
@@ -62,10 +62,10 @@
 unsigned int Curl_ipv6_scope(const struct sockaddr *sa)
 {
   if(sa->sa_family == AF_INET6) {
-    const struct sockaddr_in6 * sa6 =
-      (const struct sockaddr_in6 *)(const void *) sa;
+    const struct sockaddr_in6 *sa6 =
+      (const struct sockaddr_in6 *)(const void *)sa;
     const unsigned char *b = sa6->sin6_addr.s6_addr;
-    unsigned short w = (unsigned short) ((b[0] << 8) | b[1]);
+    unsigned short w = (unsigned short)((b[0] << 8) | b[1]);
 
     if((b[0] & 0xFE) == 0xFC) /* Handle ULAs */
       return IPV6_SCOPE_UNIQUELOCAL;
@@ -103,8 +103,7 @@ if2ip_result_t Curl_if2ip(int af,
   struct ifaddrs *iface, *head;
   if2ip_result_t res = IF2IP_NOT_FOUND;
 
-#if defined(USE_IPV6) && \
-    !defined(HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID)
+#if defined(USE_IPV6) && !defined(HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID)
   (void)local_scope_id;
 #endif
 
@@ -138,7 +137,7 @@ if2ip_result_t Curl_if2ip(int af,
 #ifdef HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID
               /* Include the scope of this interface as part of the address */
               scopeid = ((struct sockaddr_in6 *)(void *)iface->ifa_addr)
-                            ->sin6_scope_id;
+                          ->sin6_scope_id;
 
               /* If given, scope id should match. */
               if(local_scope_id && scopeid != local_scope_id) {
@@ -248,15 +247,15 @@ if2ip_result_t Curl_if2ip(int af,
                           const char *interf,
                           char *buf, size_t buf_size)
 {
-    (void)af;
+  (void)af;
 #ifdef USE_IPV6
-    (void)remote_scope;
-    (void)local_scope_id;
+  (void)remote_scope;
+  (void)local_scope_id;
 #endif
-    (void)interf;
-    (void)buf;
-    (void)buf_size;
-    return IF2IP_NOT_FOUND;
+  (void)interf;
+  (void)buf;
+  (void)buf_size;
+  return IF2IP_NOT_FOUND;
 }
 
 #endif
diff --git a/lib/if2ip.h b/lib/if2ip.h
index 42ec7b033a..12fdaabd73 100644
--- a/lib/if2ip.h
+++ b/lib/if2ip.h
@@ -56,7 +56,7 @@ if2ip_result_t Curl_if2ip(int af,
 
 /* Nedelcho Stanev's work-around for SFU 3.0 */
 struct ifreq {
-#define IFNAMSIZ 16
+#define IFNAMSIZ    16
 #define IFHWADDRLEN 6
   union {
     char ifrn_name[IFNAMSIZ]; /* if name, e.g. "en0" */
@@ -75,14 +75,14 @@ struct ifreq {
 
 /* This define exists to avoid an extra #ifdef INTERIX in the C code. */
 
-#define ifr_name ifr_ifrn.ifrn_name /* interface name */
-#define ifr_addr ifr_ifru.ifru_addr /* address */
+#define ifr_name      ifr_ifrn.ifrn_name /* interface name */
+#define ifr_addr      ifr_ifru.ifru_addr /* address */
 #define ifr_broadaddr ifr_ifru.ifru_broadaddr /* broadcast address */
-#define ifr_netmask ifr_ifru.ifru_netmask /* interface net mask */
-#define ifr_flags ifr_ifru.ifru_flags /* flags */
-#define ifr_hwaddr ifr_ifru.ifru_hwaddr /* MAC address */
-#define ifr_metric ifr_ifru.ifru_metric /* metric */
-#define ifr_mtu ifr_ifru.ifru_mtu /* mtu */
+#define ifr_netmask   ifr_ifru.ifru_netmask /* interface net mask */
+#define ifr_flags     ifr_ifru.ifru_flags /* flags */
+#define ifr_hwaddr    ifr_ifru.ifru_hwaddr /* MAC address */
+#define ifr_metric    ifr_ifru.ifru_metric /* metric */
+#define ifr_mtu       ifr_ifru.ifru_mtu /* mtu */
 
 #define SIOCGIFADDR _IOW('s', 102, struct ifreq) /* Get if addr */
 
diff --git a/lib/imap.c b/lib/imap.c
index 9d58bec4ec..ec5e654cfa 100644
--- a/lib/imap.c
+++ b/lib/imap.c
@@ -347,46 +347,46 @@ static bool imap_endofresp(struct Curl_easy *data, struct connectdata *conn,
   /* Do we have an untagged command response? */
   if(len >= 2 && !memcmp("* ", line, 2)) {
     switch(imapc->state) {
-      /* States which are interested in untagged responses */
-      case IMAP_CAPABILITY:
-        if(!imap_matchresp(line, len, "CAPABILITY"))
-          return FALSE;
-        break;
-
-      case IMAP_LIST:
-        if((!imap->custom && !imap_matchresp(line, len, "LIST")) ||
-           (imap->custom && !imap_matchresp(line, len, imap->custom) &&
-            (!curl_strequal(imap->custom, "STORE") ||
-             !imap_matchresp(line, len, "FETCH")) &&
-            !curl_strequal(imap->custom, "SELECT") &&
-            !curl_strequal(imap->custom, "EXAMINE") &&
-            !curl_strequal(imap->custom, "SEARCH") &&
-            !curl_strequal(imap->custom, "EXPUNGE") &&
-            !curl_strequal(imap->custom, "LSUB") &&
-            !curl_strequal(imap->custom, "UID") &&
-            !curl_strequal(imap->custom, "GETQUOTAROOT") &&
-            !curl_strequal(imap->custom, "NOOP")))
-          return FALSE;
-        break;
-
-      case IMAP_SELECT:
-        /* SELECT is special in that its untagged responses do not have a
-           common prefix so accept anything! */
-        break;
-
-      case IMAP_FETCH:
-        if(!imap_matchresp(line, len, "FETCH"))
-          return FALSE;
-        break;
-
-      case IMAP_SEARCH:
-        if(!imap_matchresp(line, len, "SEARCH"))
-          return FALSE;
-        break;
-
-      /* Ignore other untagged responses */
-      default:
+    /* States which are interested in untagged responses */
+    case IMAP_CAPABILITY:
+      if(!imap_matchresp(line, len, "CAPABILITY"))
         return FALSE;
+      break;
+
+    case IMAP_LIST:
+      if((!imap->custom && !imap_matchresp(line, len, "LIST")) ||
+         (imap->custom && !imap_matchresp(line, len, imap->custom) &&
+          (!curl_strequal(imap->custom, "STORE") ||
+           !imap_matchresp(line, len, "FETCH")) &&
+          !curl_strequal(imap->custom, "SELECT") &&
+          !curl_strequal(imap->custom, "EXAMINE") &&
+          !curl_strequal(imap->custom, "SEARCH") &&
+          !curl_strequal(imap->custom, "EXPUNGE") &&
+          !curl_strequal(imap->custom, "LSUB") &&
+          !curl_strequal(imap->custom, "UID") &&
+          !curl_strequal(imap->custom, "GETQUOTAROOT") &&
+          !curl_strequal(imap->custom, "NOOP")))
+        return FALSE;
+      break;
+
+    case IMAP_SELECT:
+      /* SELECT is special in that its untagged responses do not have a
+         common prefix so accept anything! */
+      break;
+
+    case IMAP_FETCH:
+      if(!imap_matchresp(line, len, "FETCH"))
+        return FALSE;
+      break;
+
+    case IMAP_SEARCH:
+      if(!imap_matchresp(line, len, "SEARCH"))
+        return FALSE;
+      break;
+
+    /* Ignore other untagged responses */
+    default:
+      return FALSE;
     }
 
     *resp = '*';
@@ -400,16 +400,16 @@ static bool imap_endofresp(struct Curl_easy *data, struct connectdata *conn,
   if(!imap->custom && ((len == 3 && line[0] == '+') ||
                        (len >= 2 && !memcmp("+ ", line, 2)))) {
     switch(imapc->state) {
-      /* States which are interested in continuation responses */
-      case IMAP_AUTHENTICATE:
-      case IMAP_APPEND:
-        *resp = '+';
-        break;
+    /* States which are interested in continuation responses */
+    case IMAP_AUTHENTICATE:
+    case IMAP_APPEND:
+      *resp = '+';
+      break;
 
-      default:
-        failf(data, "Unexpected continuation response");
-        *resp = -1;
-        break;
+    default:
+      failf(data, "Unexpected continuation response");
+      *resp = -1;
+      break;
     }
 
     return TRUE;
@@ -471,7 +471,7 @@ static void imap_state(struct Curl_easy *data,
 {
 #if defined(DEBUGBUILD) && !defined(CURL_DISABLE_VERBOSE_STRINGS)
   /* for debug purposes */
-  static const char * const names[]={
+  static const char * const names[] = {
     "STOP",
     "SERVERGREET",
     "CAPABILITY",
@@ -570,8 +570,8 @@ static CURLcode imap_perform_upgrade_tls(struct Curl_easy *data,
          result, ssldone));
   if(!result && ssldone) {
     imapc->ssldone = ssldone;
-     /* perform CAPA now, changes imapc->state out of IMAP_UPGRADETLS */
-     result = imap_perform_capability(data, imapc);
+    /* perform CAPA now, changes imapc->state out of IMAP_UPGRADETLS */
+    result = imap_perform_capability(data, imapc);
   }
 out:
   return result;
@@ -636,7 +636,7 @@ static CURLcode imap_perform_authenticate(struct Curl_easy *data,
   struct imap_conn *imapc =
     Curl_conn_meta_get(data->conn, CURL_META_IMAP_CONN);
   CURLcode result = CURLE_OK;
-  const char *ir = (const char *) Curl_bufref_ptr(initresp);
+  const char *ir = (const char *)Curl_bufref_ptr(initresp);
 
   if(!imapc)
     return CURLE_FAILED_INIT;
@@ -669,7 +669,7 @@ static CURLcode imap_continue_authenticate(struct Curl_easy *data,
   if(!imapc)
     return CURLE_FAILED_INIT;
   return Curl_pp_sendf(data, &imapc->pp,
-                       "%s", (const char *) Curl_bufref_ptr(resp));
+                       "%s", (const char *)Curl_bufref_ptr(resp));
 }
 
 /***********************************************************************
@@ -1048,8 +1048,8 @@ static CURLcode imap_state_capability_resp(struct Curl_easy *data,
 
       /* Extract the word */
       for(wordlen = 0; line[wordlen] && line[wordlen] != ' ' &&
-            line[wordlen] != '\t' && line[wordlen] != '\r' &&
-            line[wordlen] != '\n';)
+                       line[wordlen] != '\t' && line[wordlen] != '\r' &&
+                       line[wordlen] != '\n';)
         wordlen++;
 
       /* Does the server support the STARTTLS capability? */
@@ -1322,7 +1322,6 @@ static CURLcode imap_state_select_resp(struct Curl_easy *data,
         imapc->mb_uidvalidity = (unsigned int)value;
         imapc->mb_uidvalidity_set = TRUE;
       }
-
     }
   }
   else if(imapcode == IMAP_RESP_OK) {
@@ -1797,7 +1796,7 @@ static CURLcode imap_perform(struct Curl_easy *data, bool *connected,
     /* SEARCH the current mailbox */
     result = imap_perform_search(data, imapc, imap);
   else if(imap->mailbox && !selected &&
-         (imap->custom || imap->uid || imap->mindex || imap->query))
+          (imap->custom || imap->uid || imap->mindex || imap->query))
     /* SELECT the mailbox */
     result = imap_perform_select(data, imapc, imap);
   else
@@ -2112,21 +2111,33 @@ static bool imap_is_bchar(char ch)
     return TRUE;
 
   switch(ch) {
-    /* bchar */
-    case ':': case '@': case '/':
-    /* bchar -> achar */
-    case '&': case '=':
-    /* bchar -> achar -> uchar -> unreserved (without alphanumeric) */
-    case '-': case '.': case '_': case '~':
-    /* bchar -> achar -> uchar -> sub-delims-sh */
-    case '!': case '$': case '\'': case '(': case ')': case '*':
-    case '+': case ',':
-    /* bchar -> achar -> uchar -> pct-encoded */
-    case '%': /* HEXDIG chars are already included above */
-      return TRUE;
+  /* bchar */
+  case ':':
+  case '@':
+  case '/':
+  /* bchar -> achar */
+  case '&':
+  case '=':
+  /* bchar -> achar -> uchar -> unreserved (without alphanumeric) */
+  case '-':
+  case '.':
+  case '_':
+  case '~':
+  /* bchar -> achar -> uchar -> sub-delims-sh */
+  case '!':
+  case '$':
+  case '\'':
+  case '(':
+  case ')':
+  case '*':
+  case '+':
+  case ',':
+  /* bchar -> achar -> uchar -> pct-encoded */
+  case '%': /* HEXDIG chars are already included above */
+    return TRUE;
 
-    default:
-      return FALSE;
+  default:
+    return FALSE;
   }
 }
 
diff --git a/lib/imap.h b/lib/imap.h
index f802ed5c0c..2bab0b4dde 100644
--- a/lib/imap.h
+++ b/lib/imap.h
@@ -27,7 +27,6 @@
 #include "pingpong.h"
 #include "curl_sasl.h"
 
-
 extern const struct Curl_handler Curl_handler_imap;
 extern const struct Curl_handler Curl_handler_imaps;
 
@@ -37,6 +36,6 @@ extern const struct Curl_handler Curl_handler_imaps;
 
 /* Authentication type values */
 #define IMAP_TYPE_NONE      0
-#define IMAP_TYPE_ANY       (IMAP_TYPE_CLEARTEXT|IMAP_TYPE_SASL)
+#define IMAP_TYPE_ANY       (IMAP_TYPE_CLEARTEXT | IMAP_TYPE_SASL)
 
 #endif /* HEADER_CURL_IMAP_H */
diff --git a/lib/ldap.c b/lib/ldap.c
index 522bf3ad58..63b2cbc414 100644
--- a/lib/ldap.c
+++ b/lib/ldap.c
@@ -96,7 +96,7 @@
 
 #ifdef USE_WIN32_LDAP
 #define FREE_ON_WINLDAP(x) curlx_unicodefree(x)
-#define curl_ldap_num_t ULONG
+#define curl_ldap_num_t    ULONG
 #else
 #define FREE_ON_WINLDAP(x)
 #define curl_ldap_num_t int
@@ -142,14 +142,15 @@ static void ldap_free_urldesc_low(LDAPURLDesc *ludp);
 #endif /* !HAVE_LDAP_URL_PARSE */
 
 #ifdef DEBUG_LDAP
-  #define LDAP_TRACE(x)   do { \
-                            ldap_trace_low("%u: ", __LINE__); \
-                            ldap_trace_low x; \
-                          } while(0)
+#define LDAP_TRACE(x)               \
+do {                                \
+  ldap_trace_low("%u: ", __LINE__); \
+  ldap_trace_low x;                 \
+} while(0)
 
-  static void ldap_trace_low(const char *fmt, ...) CURL_PRINTF(1, 2);
+static void ldap_trace_low(const char *fmt, ...) CURL_PRINTF(1, 2);
 #else
-  #define LDAP_TRACE(x)   Curl_nop_stmt
+#define LDAP_TRACE(x) Curl_nop_stmt
 #endif
 
 #if defined(USE_WIN32_LDAP) && defined(ldap_err2string)
@@ -172,7 +173,6 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done);
 /*
  * LDAP protocol handler.
  */
-
 const struct Curl_handler Curl_handler_ldap = {
   "ldap",                               /* scheme */
   ZERO_NULL,                            /* setup_connection */
@@ -202,7 +202,6 @@ const struct Curl_handler Curl_handler_ldap = {
 /*
  * LDAPS protocol handler.
  */
-
 const struct Curl_handler Curl_handler_ldaps = {
   "ldaps",                              /* scheme */
   ZERO_NULL,                            /* setup_connection */
@@ -619,7 +618,7 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done)
           }
 
           if((attr_len > 7) &&
-             curl_strequal(";binary", attr + (attr_len - 7)) ) {
+             curl_strequal(";binary", attr + (attr_len - 7))) {
             /* Binary attribute, encode to base64. */
             if(vals[i]->bv_len) {
               result = curlx_base64_encode((uint8_t *)vals[i]->bv_val,
@@ -886,8 +885,7 @@ static curl_ldap_num_t ldap_url_parse2_low(struct Curl_easy *data,
       LDAP_TRACE(("attr[%zu] '%.*s'\n", i, (int)out.len, out.str));
 
       /* Unescape the attribute */
-      result = Curl_urldecode(out.str, out.len, &unescaped, NULL,
-                              REJECT_ZERO);
+      result = Curl_urldecode(out.str, out.len, &unescaped, NULL, REJECT_ZERO);
       if(result) {
         rc = LDAP_NO_MEMORY;
         goto quit;
diff --git a/lib/llist.c b/lib/llist.c
index ebcda82a04..3c70905df2 100644
--- a/lib/llist.c
+++ b/lib/llist.c
@@ -45,8 +45,7 @@ static struct Curl_llist_node *verifynode(struct Curl_llist_node *n)
 /*
  * @unittest: 1300
  */
-void
-Curl_llist_init(struct Curl_llist *l, Curl_llist_dtor dtor)
+void Curl_llist_init(struct Curl_llist *l, Curl_llist_dtor dtor)
 {
   l->_size = 0;
   l->_dtor = dtor;
@@ -68,11 +67,10 @@ Curl_llist_init(struct Curl_llist *l, Curl_llist_dtor dtor)
  *
  * @unittest: 1300
  */
-void
-Curl_llist_insert_next(struct Curl_llist *list,
-                       struct Curl_llist_node *e, /* may be NULL */
-                       const void *p,
-                       struct Curl_llist_node *ne)
+void Curl_llist_insert_next(struct Curl_llist *list,
+                            struct Curl_llist_node *e, /* may be NULL */
+                            const void *p,
+                            struct Curl_llist_node *ne)
 {
   DEBUGASSERT(list);
   DEBUGASSERT(list->_init == LLISTINIT);
@@ -119,9 +117,8 @@ Curl_llist_insert_next(struct Curl_llist *list,
  *
  * @unittest: 1300
  */
-void
-Curl_llist_append(struct Curl_llist *list, const void *p,
-                  struct Curl_llist_node *ne)
+void Curl_llist_append(struct Curl_llist *list, const void *p,
+                       struct Curl_llist_node *ne)
 {
   DEBUGASSERT(list);
   DEBUGASSERT(list->_init == LLISTINIT);
@@ -177,9 +174,8 @@ void *Curl_node_take_elem(struct Curl_llist_node *e)
 /*
  * @unittest: 1300
  */
-UNITTEST void Curl_node_uremove(struct Curl_llist_node *, void *);
-UNITTEST void
-Curl_node_uremove(struct Curl_llist_node *e, void *user)
+UNITTEST void Curl_node_uremove(struct Curl_llist_node *e, void *user);
+UNITTEST void Curl_node_uremove(struct Curl_llist_node *e, void *user)
 {
   struct Curl_llist *list;
   void *ptr;
@@ -200,8 +196,7 @@ void Curl_node_remove(struct Curl_llist_node *e)
   Curl_node_uremove(e, NULL);
 }
 
-void
-Curl_llist_destroy(struct Curl_llist *list, void *user)
+void Curl_llist_destroy(struct Curl_llist *list, void *user)
 {
   if(list) {
     DEBUGASSERT(list->_init == LLISTINIT);
diff --git a/lib/llist.h b/lib/llist.h
index 0a2bc9a62f..0a4a685163 100644
--- a/lib/llist.h
+++ b/lib/llist.h
@@ -55,8 +55,8 @@ struct Curl_llist_node {
 void Curl_llist_init(struct Curl_llist *, Curl_llist_dtor);
 void Curl_llist_insert_next(struct Curl_llist *, struct Curl_llist_node *,
                             const void *, struct Curl_llist_node *node);
-void Curl_llist_append(struct Curl_llist *,
-                       const void *, struct Curl_llist_node *node);
+void Curl_llist_append(struct Curl_llist *, const void *,
+                       struct Curl_llist_node *node);
 void Curl_node_remove(struct Curl_llist_node *);
 void Curl_llist_destroy(struct Curl_llist *, void *);
 
diff --git a/lib/md4.c b/lib/md4.c
index 7929e57f65..befaeab68b 100644
--- a/lib/md4.c
+++ b/lib/md4.c
@@ -71,14 +71,13 @@
 #include 
 #endif
 
-
 #if defined(USE_WOLFSSL) && !defined(WOLFSSL_NO_MD4)
 
 #ifdef OPENSSL_COEXIST
-  #define MD4_CTX WOLFSSL_MD4_CTX
-  #define MD4_Init wolfSSL_MD4_Init
+  #define MD4_CTX    WOLFSSL_MD4_CTX
+  #define MD4_Init   wolfSSL_MD4_Init
   #define MD4_Update wolfSSL_MD4_Update
-  #define MD4_Final wolfSSL_MD4_Final
+  #define MD4_Final  wolfSSL_MD4_Final
 #endif
 
 #elif defined(USE_OPENSSL) && !defined(OPENSSL_NO_MD4)
@@ -129,7 +128,7 @@ static int MD4_Init(MD4_CTX *ctx)
 
 static void MD4_Update(MD4_CTX *ctx, const void *data, unsigned long size)
 {
-  CryptHashData(ctx->hHash, (const BYTE *)data, (unsigned int) size, 0);
+  CryptHashData(ctx->hHash, (const BYTE *)data, (unsigned int)size, 0);
 }
 
 static void MD4_Final(unsigned char *result, MD4_CTX *ctx)
@@ -224,8 +223,8 @@ static void MD4_Final(unsigned char *result, MD4_CTX *ctx);
  * The MD4 transformation for all three rounds.
  */
 #define MD4_STEP(f, a, b, c, d, x, s) \
-        (a) += f((b), (c), (d)) + (x); \
-        (a) = (((a) << (s)) | (((a) & 0xffffffff) >> (32 - (s))));
+  (a) += f((b), (c), (d)) + (x); \
+  (a) = (((a) << (s)) | (((a) & 0xffffffff) >> (32 - (s))));
 
 /*
  * SET reads 4 input bytes in little-endian byte order and stores them
@@ -236,19 +235,15 @@ static void MD4_Final(unsigned char *result, MD4_CTX *ctx);
  * does not work.
  */
 #if defined(__i386__) || defined(__x86_64__) || defined(__vax__)
-#define MD4_SET(n) \
-        (*(const MD4_u32plus *)(const void *)&ptr[(n) * 4])
-#define MD4_GET(n) \
-        MD4_SET(n)
+#define MD4_SET(n) (*(const MD4_u32plus *)(const void *)&ptr[(n) * 4])
+#define MD4_GET(n) MD4_SET(n)
 #else
-#define MD4_SET(n) \
-        (ctx->block[(n)] = \
-          (MD4_u32plus)ptr[(n) * 4] | \
-          ((MD4_u32plus)ptr[(n) * 4 + 1] << 8) | \
-          ((MD4_u32plus)ptr[(n) * 4 + 2] << 16) | \
-          ((MD4_u32plus)ptr[(n) * 4 + 3] << 24))
-#define MD4_GET(n) \
-        (ctx->block[(n)])
+#define MD4_SET(n) (ctx->block[(n)] = \
+   (MD4_u32plus)ptr[(n) * 4] | \
+  ((MD4_u32plus)ptr[(n) * 4 + 1] <<  8) | \
+  ((MD4_u32plus)ptr[(n) * 4 + 2] << 16) | \
+  ((MD4_u32plus)ptr[(n) * 4 + 3] << 24))
+#define MD4_GET(n) (ctx->block[(n)])
 #endif
 
 /*
@@ -413,32 +408,32 @@ static void MD4_Final(unsigned char *result, MD4_CTX *ctx)
   memset(&ctx->buffer[used], 0, available - 8);
 
   ctx->lo <<= 3;
-  ctx->buffer[56] = curlx_ultouc((ctx->lo)&0xff);
-  ctx->buffer[57] = curlx_ultouc((ctx->lo >> 8)&0xff);
-  ctx->buffer[58] = curlx_ultouc((ctx->lo >> 16)&0xff);
-  ctx->buffer[59] = curlx_ultouc((ctx->lo >> 24)&0xff);
-  ctx->buffer[60] = curlx_ultouc((ctx->hi)&0xff);
-  ctx->buffer[61] = curlx_ultouc((ctx->hi >> 8)&0xff);
-  ctx->buffer[62] = curlx_ultouc((ctx->hi >> 16)&0xff);
+  ctx->buffer[56] = curlx_ultouc((ctx->lo) & 0xff);
+  ctx->buffer[57] = curlx_ultouc((ctx->lo >> 8) & 0xff);
+  ctx->buffer[58] = curlx_ultouc((ctx->lo >> 16) & 0xff);
+  ctx->buffer[59] = curlx_ultouc((ctx->lo >> 24) & 0xff);
+  ctx->buffer[60] = curlx_ultouc((ctx->hi) & 0xff);
+  ctx->buffer[61] = curlx_ultouc((ctx->hi >> 8) & 0xff);
+  ctx->buffer[62] = curlx_ultouc((ctx->hi >> 16) & 0xff);
   ctx->buffer[63] = curlx_ultouc(ctx->hi >> 24);
 
   my_md4_body(ctx, ctx->buffer, 64);
 
-  result[0] = curlx_ultouc((ctx->a)&0xff);
-  result[1] = curlx_ultouc((ctx->a >> 8)&0xff);
-  result[2] = curlx_ultouc((ctx->a >> 16)&0xff);
+  result[0] = curlx_ultouc((ctx->a) & 0xff);
+  result[1] = curlx_ultouc((ctx->a >> 8) & 0xff);
+  result[2] = curlx_ultouc((ctx->a >> 16) & 0xff);
   result[3] = curlx_ultouc(ctx->a >> 24);
-  result[4] = curlx_ultouc((ctx->b)&0xff);
-  result[5] = curlx_ultouc((ctx->b >> 8)&0xff);
-  result[6] = curlx_ultouc((ctx->b >> 16)&0xff);
+  result[4] = curlx_ultouc((ctx->b) & 0xff);
+  result[5] = curlx_ultouc((ctx->b >> 8) & 0xff);
+  result[6] = curlx_ultouc((ctx->b >> 16) & 0xff);
   result[7] = curlx_ultouc(ctx->b >> 24);
-  result[8] = curlx_ultouc((ctx->c)&0xff);
-  result[9] = curlx_ultouc((ctx->c >> 8)&0xff);
-  result[10] = curlx_ultouc((ctx->c >> 16)&0xff);
+  result[8] = curlx_ultouc((ctx->c) & 0xff);
+  result[9] = curlx_ultouc((ctx->c >> 8) & 0xff);
+  result[10] = curlx_ultouc((ctx->c >> 16) & 0xff);
   result[11] = curlx_ultouc(ctx->c >> 24);
-  result[12] = curlx_ultouc((ctx->d)&0xff);
-  result[13] = curlx_ultouc((ctx->d >> 8)&0xff);
-  result[14] = curlx_ultouc((ctx->d >> 16)&0xff);
+  result[12] = curlx_ultouc((ctx->d) & 0xff);
+  result[13] = curlx_ultouc((ctx->d >> 8) & 0xff);
+  result[14] = curlx_ultouc((ctx->d >> 16) & 0xff);
   result[15] = curlx_ultouc(ctx->d >> 24);
 
   memset(ctx, 0, sizeof(*ctx));
diff --git a/lib/md5.c b/lib/md5.c
index a579b02c63..e1a443c923 100644
--- a/lib/md5.c
+++ b/lib/md5.c
@@ -314,9 +314,9 @@ static void my_md5_final(unsigned char *result, void *ctx);
  * The MD5 transformation for all four rounds.
  */
 #define MD5_STEP(f, a, b, c, d, x, t, s) \
-        (a) += f((b), (c), (d)) + (x) + (t); \
-        (a) = (((a) << (s)) | (((a) & 0xffffffff) >> (32 - (s)))); \
-        (a) += (b);
+  (a) += f((b), (c), (d)) + (x) + (t); \
+  (a) = (((a) << (s)) | (((a) & 0xffffffff) >> (32 - (s)))); \
+  (a) += (b);
 
 /*
  * SET reads 4 input bytes in little-endian byte order and stores them
@@ -327,19 +327,15 @@ static void my_md5_final(unsigned char *result, void *ctx);
  * does not work.
  */
 #if defined(__i386__) || defined(__x86_64__) || defined(__vax__)
-#define MD5_SET(n) \
-        (*(const MD5_u32plus *)(const void *)&ptr[(n) * 4])
-#define MD5_GET(n) \
-        MD5_SET(n)
+#define MD5_SET(n) (*(const MD5_u32plus *)(const void *)&ptr[(n) * 4])
+#define MD5_GET(n) MD5_SET(n)
 #else
-#define MD5_SET(n) \
-        (ctx->block[(n)] = \
-        (MD5_u32plus)ptr[(n) * 4] | \
-        ((MD5_u32plus)ptr[(n) * 4 + 1] << 8) | \
-        ((MD5_u32plus)ptr[(n) * 4 + 2] << 16) | \
-        ((MD5_u32plus)ptr[(n) * 4 + 3] << 24))
-#define MD5_GET(n) \
-        (ctx->block[(n)])
+#define MD5_SET(n) (ctx->block[(n)] = \
+   (MD5_u32plus)ptr[(n) * 4] | \
+  ((MD5_u32plus)ptr[(n) * 4 + 1] <<  8) | \
+  ((MD5_u32plus)ptr[(n) * 4 + 2] << 16) | \
+  ((MD5_u32plus)ptr[(n) * 4 + 3] << 24))
+#define MD5_GET(n) (ctx->block[(n)])
 #endif
 
 /*
@@ -527,32 +523,32 @@ static void my_md5_final(unsigned char *result, void *in)
   memset(&ctx->buffer[used], 0, available - 8);
 
   ctx->lo <<= 3;
-  ctx->buffer[56] = curlx_ultouc((ctx->lo)&0xff);
-  ctx->buffer[57] = curlx_ultouc((ctx->lo >> 8)&0xff);
-  ctx->buffer[58] = curlx_ultouc((ctx->lo >> 16)&0xff);
+  ctx->buffer[56] = curlx_ultouc((ctx->lo) & 0xff);
+  ctx->buffer[57] = curlx_ultouc((ctx->lo >> 8) & 0xff);
+  ctx->buffer[58] = curlx_ultouc((ctx->lo >> 16) & 0xff);
   ctx->buffer[59] = curlx_ultouc(ctx->lo >> 24);
-  ctx->buffer[60] = curlx_ultouc((ctx->hi)&0xff);
-  ctx->buffer[61] = curlx_ultouc((ctx->hi >> 8)&0xff);
-  ctx->buffer[62] = curlx_ultouc((ctx->hi >> 16)&0xff);
+  ctx->buffer[60] = curlx_ultouc((ctx->hi) & 0xff);
+  ctx->buffer[61] = curlx_ultouc((ctx->hi >> 8) & 0xff);
+  ctx->buffer[62] = curlx_ultouc((ctx->hi >> 16) & 0xff);
   ctx->buffer[63] = curlx_ultouc(ctx->hi >> 24);
 
   my_md5_body(ctx, ctx->buffer, 64);
 
-  result[0] = curlx_ultouc((ctx->a)&0xff);
-  result[1] = curlx_ultouc((ctx->a >> 8)&0xff);
-  result[2] = curlx_ultouc((ctx->a >> 16)&0xff);
+  result[0] = curlx_ultouc((ctx->a) & 0xff);
+  result[1] = curlx_ultouc((ctx->a >> 8) & 0xff);
+  result[2] = curlx_ultouc((ctx->a >> 16) & 0xff);
   result[3] = curlx_ultouc(ctx->a >> 24);
-  result[4] = curlx_ultouc((ctx->b)&0xff);
-  result[5] = curlx_ultouc((ctx->b >> 8)&0xff);
-  result[6] = curlx_ultouc((ctx->b >> 16)&0xff);
+  result[4] = curlx_ultouc((ctx->b) & 0xff);
+  result[5] = curlx_ultouc((ctx->b >> 8) & 0xff);
+  result[6] = curlx_ultouc((ctx->b >> 16) & 0xff);
   result[7] = curlx_ultouc(ctx->b >> 24);
-  result[8] = curlx_ultouc((ctx->c)&0xff);
-  result[9] = curlx_ultouc((ctx->c >> 8)&0xff);
-  result[10] = curlx_ultouc((ctx->c >> 16)&0xff);
+  result[8] = curlx_ultouc((ctx->c) & 0xff);
+  result[9] = curlx_ultouc((ctx->c >> 8) & 0xff);
+  result[10] = curlx_ultouc((ctx->c >> 16) & 0xff);
   result[11] = curlx_ultouc(ctx->c >> 24);
-  result[12] = curlx_ultouc((ctx->d)&0xff);
-  result[13] = curlx_ultouc((ctx->d >> 8)&0xff);
-  result[14] = curlx_ultouc((ctx->d >> 16)&0xff);
+  result[12] = curlx_ultouc((ctx->d) & 0xff);
+  result[13] = curlx_ultouc((ctx->d >> 8) & 0xff);
+  result[14] = curlx_ultouc((ctx->d >> 16) & 0xff);
   result[15] = curlx_ultouc(ctx->d >> 24);
 
   memset(ctx, 0, sizeof(*ctx));
diff --git a/lib/memdebug.c b/lib/memdebug.c
index 7eae1708b7..991c9eb921 100644
--- a/lib/memdebug.c
+++ b/lib/memdebug.c
@@ -165,8 +165,7 @@ static bool countcheck(const char *func, int line, const char *source)
   if(memlimit && source) {
     if(!memsize) {
       /* log to file */
-      curl_dbg_log("LIMIT %s:%d %s reached memlimit\n",
-                   source, line, func);
+      curl_dbg_log("LIMIT %s:%d %s reached memlimit\n", source, line, func);
       /* log to stderr also */
       curl_mfprintf(stderr, "LIMIT %s:%d %s reached memlimit\n",
                     source, line, func);
@@ -336,8 +335,8 @@ void curl_dbg_free(void *ptr, int line, const char *source)
   if(ptr) {
     struct memdebug *mem;
 
-  if(source)
-    curl_dbg_log("MEM %s:%d free(%p)\n", source, line, (void *)ptr);
+    if(source)
+      curl_dbg_log("MEM %s:%d free(%p)\n", source, line, (void *)ptr);
 
 #ifdef __INTEL_COMPILER
 #  pragma warning(push)
@@ -386,7 +385,7 @@ SEND_TYPE_RETV curl_dbg_send(SEND_TYPE_ARG1 sockfd,
   rc = send(sockfd, buf, len, flags);
   if(source)
     curl_dbg_log("SEND %s:%d send(%lu) = %ld\n",
-                source, line, (unsigned long)len, (long)rc);
+                 source, line, (unsigned long)len, (long)rc);
   return rc;
 }
 
@@ -401,7 +400,7 @@ RECV_TYPE_RETV curl_dbg_recv(RECV_TYPE_ARG1 sockfd, RECV_TYPE_ARG2 buf,
   rc = recv(sockfd, buf, len, flags);
   if(source)
     curl_dbg_log("RECV %s:%d recv(%lu) = %ld\n",
-                source, line, (unsigned long)len, (long)rc);
+                 source, line, (unsigned long)len, (long)rc);
   return rc;
 }
 
@@ -515,8 +514,7 @@ int curl_dbg_fclose(FILE *file, int line, const char *source)
   DEBUGASSERT(file != NULL);
 
   if(source)
-    curl_dbg_log("FILE %s:%d fclose(%p)\n",
-                 source, line, (void *)file);
+    curl_dbg_log("FILE %s:%d fclose(%p)\n", source, line, (void *)file);
 
   /* !checksrc! disable BANNEDFUNC 1 */
   res = fclose(file);
diff --git a/lib/mime.c b/lib/mime.c
index 7ebe47315d..92edd78878 100644
--- a/lib/mime.c
+++ b/lib/mime.c
@@ -56,8 +56,8 @@ struct Curl_easy;
 #  endif
 #endif
 
-#define READ_ERROR    ((size_t) -1)
-#define STOP_FILLING  ((size_t) -2)
+#define READ_ERROR   ((size_t)-1)
+#define STOP_FILLING ((size_t)-2)
 
 static size_t mime_subparts_read(char *buffer, size_t size, size_t nitems,
                                  void *instream, bool *hasread);
@@ -77,12 +77,12 @@ static curl_off_t encoder_qp_size(curl_mimepart *part);
 static curl_off_t mime_size(curl_mimepart *part);
 
 static const struct mime_encoder encoders[] = {
-  {"binary", encoder_nop_read, encoder_nop_size},
-  {"8bit", encoder_nop_read, encoder_nop_size},
-  {"7bit", encoder_7bit_read, encoder_nop_size},
-  {"base64", encoder_base64_read, encoder_base64_size},
-  {"quoted-printable", encoder_qp_read, encoder_qp_size},
-  {ZERO_NULL, ZERO_NULL, ZERO_NULL}
+  { "binary", encoder_nop_read, encoder_nop_size },
+  { "8bit", encoder_nop_read, encoder_nop_size },
+  { "7bit", encoder_7bit_read, encoder_nop_size },
+  { "base64", encoder_base64_read, encoder_base64_size },
+  { "quoted-printable", encoder_qp_read, encoder_qp_size },
+  { ZERO_NULL, ZERO_NULL, ZERO_NULL }
 };
 
 /* Quoted-printable character class table.
@@ -120,15 +120,13 @@ static const unsigned char qp_class[] = {
   0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0                 /* F0 - FF */
 };
 
-
 /* Binary --> hexadecimal ASCII table. */
 static const char aschex[] =
   "\x30\x31\x32\x33\x34\x35\x36\x37\x38\x39\x41\x42\x43\x44\x45\x46";
 
-
 #ifndef __VMS
 #define filesize(name, stat_data) (stat_data.st_size)
-#define fopen_read curlx_fopen
+#define fopen_read                curlx_fopen
 
 #else
 
@@ -143,13 +141,12 @@ static const char aschex[] =
  * and CD/DVD images should be either a STREAM_LF format or a fixed format.
  *
  */
-curl_off_t VmsRealFileSize(const char *name,
-                           const struct_stat *stat_buf)
+curl_off_t VmsRealFileSize(const char *name, const struct_stat *stat_buf)
 {
   char buffer[8192];
   curl_off_t count;
   int ret_stat;
-  FILE * file;
+  FILE *file;
 
   file = curlx_fopen(name, FOPEN_READTEXT); /* VMS */
   if(!file)
@@ -173,8 +170,7 @@ curl_off_t VmsRealFileSize(const char *name,
  *  if not to call a routine to get the correct size.
  *
  */
-static curl_off_t VmsSpecialSize(const char *name,
-                                 const struct_stat *stat_buf)
+static curl_off_t VmsSpecialSize(const char *name, const struct_stat *stat_buf)
 {
   switch(stat_buf->st_fab_rfm) {
   case FAB$C_VAR:
@@ -196,7 +192,7 @@ static curl_off_t VmsSpecialSize(const char *name,
  * record format of the file.
  *
  */
-static FILE * vmsfopenread(const char *file, const char *mode)
+static FILE *vmsfopenread(const char *file, const char *mode)
 {
   struct_stat statbuf;
   int result;
@@ -217,7 +213,6 @@ static FILE * vmsfopenread(const char *file, const char *mode)
 #define fopen_read vmsfopenread
 #endif
 
-
 #ifndef HAVE_BASENAME
 /*
   (Quote from The Open Group Base Specifications Issue 6 IEEE Std 1003.1, 2004
@@ -264,7 +259,7 @@ static char *Curl_basename(char *path)
   return path;
 }
 
-#define basename(x)  Curl_basename((x))
+#define basename(x)  Curl_basename(x)
 #endif
 
 
@@ -372,7 +367,6 @@ static void cleanup_encoder_state(struct mime_encoder_state *p)
   p->bufend = 0;
 }
 
-
 /* Dummy encoder. This is used for 8bit and binary content encodings. */
 static size_t encoder_nop_read(char *buffer, size_t size, bool ateof,
                                struct curl_mimepart *part)
@@ -400,7 +394,6 @@ static curl_off_t encoder_nop_size(curl_mimepart *part)
   return part->datasize;
 }
 
-
 /* 7bit encoder: the encoder is just a data validity check. */
 static size_t encoder_7bit_read(char *buffer, size_t size, bool ateof,
                                 curl_mimepart *part)
@@ -426,7 +419,6 @@ static size_t encoder_7bit_read(char *buffer, size_t size, bool ateof,
   return cursize;
 }
 
-
 /* Base64 content encoder. */
 static size_t encoder_base64_read(char *buffer, size_t size, bool ateof,
                                   curl_mimepart *part)
@@ -521,7 +513,6 @@ static curl_off_t encoder_base64_size(curl_mimepart *part)
   return size + 2 * ((size - 1) / MAX_ENCODED_LINE_LENGTH);
 }
 
-
 /* Quoted-printable lookahead.
  *
  * Check if a CRLF or end of data is in input buffer at current position + n.
@@ -558,7 +549,7 @@ static size_t encoder_qp_read(char *buffer, size_t size, bool ateof,
     size_t len = 1;
     size_t consumed = 1;
     int i = st->buf[st->bufbeg];
-    buf[0] = (char) i;
+    buf[0] = (char)i;
     buf[1] = aschex[(i >> 4) & 0xF];
     buf[2] = aschex[i & 0xF];
 
@@ -649,13 +640,12 @@ static curl_off_t encoder_qp_size(curl_mimepart *part)
   return part->datasize ? -1 : 0;
 }
 
-
 /* In-memory data callbacks. */
 /* Argument is a pointer to the mime part. */
 static size_t mime_mem_read(char *buffer, size_t size, size_t nitems,
                             void *instream)
 {
-  curl_mimepart *part = (curl_mimepart *) instream;
+  curl_mimepart *part = (curl_mimepart *)instream;
   size_t sz = curlx_sotouz(part->datasize - part->state.offset);
   (void)size;  /* Always 1 */
 
@@ -673,7 +663,7 @@ static size_t mime_mem_read(char *buffer, size_t size, size_t nitems,
 
 static int mime_mem_seek(void *instream, curl_off_t offset, int whence)
 {
-  curl_mimepart *part = (curl_mimepart *) instream;
+  curl_mimepart *part = (curl_mimepart *)instream;
 
   switch(whence) {
   case SEEK_CUR:
@@ -693,10 +683,9 @@ static int mime_mem_seek(void *instream, curl_off_t offset, int whence)
 
 static void mime_mem_free(void *ptr)
 {
-  Curl_safefree(((curl_mimepart *) ptr)->data);
+  Curl_safefree(((curl_mimepart *)ptr)->data);
 }
 
-
 /* Named file callbacks. */
 /* Argument is a pointer to the mime part. */
 static bool mime_open_file(curl_mimepart *part)
@@ -712,7 +701,7 @@ static bool mime_open_file(curl_mimepart *part)
 static size_t mime_file_read(char *buffer, size_t size, size_t nitems,
                              void *instream)
 {
-  curl_mimepart *part = (curl_mimepart *) instream;
+  curl_mimepart *part = (curl_mimepart *)instream;
 
   if(!nitems)
     return STOP_FILLING;
@@ -725,7 +714,7 @@ static size_t mime_file_read(char *buffer, size_t size, size_t nitems,
 
 static int mime_file_seek(void *instream, curl_off_t offset, int whence)
 {
-  curl_mimepart *part = (curl_mimepart *) instream;
+  curl_mimepart *part = (curl_mimepart *)instream;
 
   if(whence == SEEK_SET && !offset && !part->fp)
     return CURL_SEEKFUNC_OK;   /* Not open: implicitly already at BOF. */
@@ -739,7 +728,7 @@ static int mime_file_seek(void *instream, curl_off_t offset, int whence)
 
 static void mime_file_free(void *ptr)
 {
-  curl_mimepart *part = (curl_mimepart *) ptr;
+  curl_mimepart *part = (curl_mimepart *)ptr;
 
   if(part->fp) {
     curlx_fclose(part->fp);
@@ -748,7 +737,6 @@ static void mime_file_free(void *ptr)
   Curl_safefree(part->data);
 }
 
-
 /* Subparts callbacks. */
 /* Argument is a pointer to the mime structure. */
 
@@ -798,7 +786,7 @@ static size_t read_part_content(curl_mimepart *part,
   }
 
   /* If we can determine we are at end of part data, spare a read. */
-  if(part->datasize != (curl_off_t) -1 &&
+  if(part->datasize != (curl_off_t)-1 &&
      part->state.offset >= part->datasize) {
     /* sz is already zero. */
   }
@@ -809,8 +797,8 @@ static size_t read_part_content(curl_mimepart *part,
        * Cannot be processed as other kinds since read function requires
        * an additional parameter and is highly recursive.
        */
-       sz = mime_subparts_read(buffer, 1, bufsize, part->arg, hasread);
-       break;
+      sz = mime_subparts_read(buffer, 1, bufsize, part->arg, hasread);
+      break;
     case MIMEKIND_FILE:
       if(part->fp && feof(part->fp))
         break;  /* At EOF. */
@@ -916,7 +904,7 @@ static size_t readback_part(curl_mimepart *part,
 
   while(bufsize) {
     size_t sz = 0;
-    struct curl_slist *hdr = (struct curl_slist *) part->state.ptr;
+    struct curl_slist *hdr = (struct curl_slist *)part->state.ptr;
     switch(part->state.state) {
     case MIMESTATE_BEGIN:
       mimesetstate(&part->state,
@@ -994,7 +982,7 @@ static size_t readback_part(curl_mimepart *part,
 static size_t mime_subparts_read(char *buffer, size_t size, size_t nitems,
                                  void *instream, bool *hasread)
 {
-  curl_mime *mime = (curl_mime *) instream;
+  curl_mime *mime = (curl_mime *)instream;
   size_t cursize = 0;
   (void)size;  /* Always 1 */
 
@@ -1070,7 +1058,7 @@ static int mime_part_rewind(curl_mimepart *part)
   if(part->state.state > targetstate) {
     res = CURL_SEEKFUNC_CANTSEEK;
     if(part->seekfunc) {
-      res = part->seekfunc(part->arg, (curl_off_t) 0, SEEK_SET);
+      res = part->seekfunc(part->arg, (curl_off_t)0, SEEK_SET);
       switch(res) {
       case CURL_SEEKFUNC_OK:
       case CURL_SEEKFUNC_FAIL:
@@ -1095,7 +1083,7 @@ static int mime_part_rewind(curl_mimepart *part)
 
 static int mime_subparts_seek(void *instream, curl_off_t offset, int whence)
 {
-  curl_mime *mime = (curl_mime *) instream;
+  curl_mime *mime = (curl_mime *)instream;
   curl_mimepart *part;
   int result = CURL_SEEKFUNC_OK;
 
@@ -1126,10 +1114,10 @@ static void cleanup_part_content(curl_mimepart *part)
   part->readfunc = NULL;
   part->seekfunc = NULL;
   part->freefunc = NULL;
-  part->arg = (void *) part;          /* Defaults to part itself. */
+  part->arg = (void *)part;           /* Defaults to part itself. */
   part->data = NULL;
   part->fp = NULL;
-  part->datasize = (curl_off_t) 0;    /* No size yet. */
+  part->datasize = (curl_off_t)0;     /* No size yet. */
   cleanup_encoder_state(&part->encstate);
   part->kind = MIMEKIND_NONE;
   part->flags &= ~(unsigned int)MIME_FAST_READ;
@@ -1139,7 +1127,7 @@ static void cleanup_part_content(curl_mimepart *part)
 
 static void mime_subparts_free(void *ptr)
 {
-  curl_mime *mime = (curl_mime *) ptr;
+  curl_mime *mime = (curl_mime *)ptr;
 
   if(mime && mime->parent) {
     mime->parent->freefunc = NULL;  /* Be sure we will not be called again. */
@@ -1151,7 +1139,7 @@ static void mime_subparts_free(void *ptr)
 /* Do not free subparts: unbind them. This is used for the top level only. */
 static void mime_subparts_unbind(void *ptr)
 {
-  curl_mime *mime = (curl_mime *) ptr;
+  curl_mime *mime = (curl_mime *)ptr;
 
   if(mime && mime->parent) {
     mime->parent->freefunc = NULL;  /* Be sure we will not be called again. */
@@ -1160,7 +1148,6 @@ static void mime_subparts_unbind(void *ptr)
   }
 }
 
-
 void Curl_mime_cleanpart(curl_mimepart *part)
 {
   if(part) {
@@ -1207,7 +1194,7 @@ CURLcode Curl_mime_duppart(struct Curl_easy *data,
   case MIMEKIND_NONE:
     break;
   case MIMEKIND_DATA:
-    res = curl_mime_data(dst, src->data, (size_t) src->datasize);
+    res = curl_mime_data(dst, src->data, (size_t)src->datasize);
     break;
   case MIMEKIND_FILE:
     res = curl_mime_filedata(dst, src->data);
@@ -1226,7 +1213,7 @@ CURLcode Curl_mime_duppart(struct Curl_easy *data,
     res = mime ? curl_mime_subparts(dst, mime) : CURLE_OUT_OF_MEMORY;
 
     /* Duplicate subparts. */
-    for(s = ((curl_mime *) src->arg)->firstpart; !res && s; s = s->nextpart) {
+    for(s = ((curl_mime *)src->arg)->firstpart; !res && s; s = s->nextpart) {
       d = curl_mime_addpart(mime);
       res = d ? Curl_mime_duppart(data, d, s) : CURLE_OUT_OF_MEMORY;
     }
@@ -1287,7 +1274,7 @@ curl_mime *curl_mime_init(void *easy)
 
     memset(mime->boundary, '-', MIME_BOUNDARY_DASHES);
     if(Curl_rand_alnum(easy,
-                       (unsigned char *) &mime->boundary[MIME_BOUNDARY_DASHES],
+                       (unsigned char *)&mime->boundary[MIME_BOUNDARY_DASHES],
                        MIME_RAND_BOUNDARY_CHARS + 1)) {
       /* failed to get random separator, bail out */
       curlx_free(mime);
@@ -1302,7 +1289,7 @@ curl_mime *curl_mime_init(void *easy)
 /* Initialize a mime part. */
 void Curl_mime_initpart(curl_mimepart *part)
 {
-  memset((char *) part, 0, sizeof(*part));
+  memset((char *)part, 0, sizeof(*part));
   part->lastreadstatus = 1; /* Successful read status. */
   mimesetstate(&part->state, MIMESTATE_BEGIN, NULL);
 }
@@ -1367,8 +1354,7 @@ CURLcode curl_mime_filename(curl_mimepart *part, const char *filename)
 }
 
 /* Set mime part content from memory data. */
-CURLcode curl_mime_data(curl_mimepart *part,
-                        const char *ptr, size_t datasize)
+CURLcode curl_mime_data(curl_mimepart *part, const char *ptr, size_t datasize)
 {
   if(!part)
     return CURLE_BAD_FUNCTION_ARGUMENT;
@@ -1558,7 +1544,7 @@ CURLcode Curl_mime_set_subparts(curl_mimepart *part,
        they might not be positioned at start. Rewind them now, as
        a future check while rewinding the parent may cause this
        content to be skipped. */
-    if(mime_subparts_seek(subparts, (curl_off_t) 0, SEEK_SET) !=
+    if(mime_subparts_seek(subparts, (curl_off_t)0, SEEK_SET) !=
        CURL_SEEKFUNC_OK)
       return CURLE_SEND_FAIL_REWIND;
 
@@ -1580,12 +1566,11 @@ CURLcode curl_mime_subparts(curl_mimepart *part, curl_mime *subparts)
   return Curl_mime_set_subparts(part, subparts, TRUE);
 }
 
-
 /* Readback from top mime. */
 /* Argument is the dummy top part. */
 size_t Curl_mime_read(char *buffer, size_t size, size_t nitems, void *instream)
 {
-  curl_mimepart *part = (curl_mimepart *) instream;
+  curl_mimepart *part = (curl_mimepart *)instream;
   size_t ret;
   bool hasread;
 
@@ -1668,8 +1653,7 @@ static curl_off_t mime_size(curl_mimepart *part)
   if(size >= 0 && !(part->flags & MIME_BODY_ONLY)) {
     /* Compute total part size. */
     size += slist_size(part->curlheaders, 2, NULL, 0);
-    size += slist_size(part->userheaders, 2,
-                       STRCONST("Content-Type"));
+    size += slist_size(part->userheaders, 2, STRCONST("Content-Type"));
     size += 2;    /* CRLF after headers. */
   }
   return size;
@@ -1718,16 +1702,16 @@ const char *Curl_mime_contenttype(const char *filename)
     const char *type;
   };
   static const struct ContentType ctts[] = {
-    {".gif",  "image/gif"},
-    {".jpg",  "image/jpeg"},
-    {".jpeg", "image/jpeg"},
-    {".png",  "image/png"},
-    {".svg",  "image/svg+xml"},
-    {".txt",  "text/plain"},
-    {".htm",  "text/html"},
-    {".html", "text/html"},
-    {".pdf",  "application/pdf"},
-    {".xml",  "application/xml"}
+    { ".gif",  "image/gif" },
+    { ".jpg",  "image/jpeg" },
+    { ".jpeg", "image/jpeg" },
+    { ".png",  "image/png" },
+    { ".svg",  "image/svg+xml" },
+    { ".txt",  "text/plain" },
+    { ".htm",  "text/html" },
+    { ".html", "text/html" },
+    { ".pdf",  "application/pdf" },
+    { ".xml",  "application/xml" }
   };
 
   if(filename) {
@@ -1808,7 +1792,7 @@ CURLcode Curl_mime_prepare_headers(struct Curl_easy *data,
   }
 
   if(part->kind == MIMEKIND_MULTIPART) {
-    mime = (curl_mime *) part->arg;
+    mime = (curl_mime *)part->arg;
     if(mime)
       boundary = mime->boundary;
   }
@@ -1821,10 +1805,10 @@ CURLcode Curl_mime_prepare_headers(struct Curl_easy *data,
   if(!search_header(part->userheaders, STRCONST("Content-Disposition"))) {
     if(!disposition)
       if(part->filename || part->name ||
-        (contenttype && !curl_strnequal(contenttype, "multipart/", 10)))
-          disposition = DISPOSITION_DEFAULT;
+         (contenttype && !curl_strnequal(contenttype, "multipart/", 10)))
+        disposition = DISPOSITION_DEFAULT;
     if(disposition && curl_strequal(disposition, "attachment") &&
-     !part->name && !part->filename)
+       !part->name && !part->filename)
       disposition = NULL;
     if(disposition) {
       char *name = NULL;
@@ -1854,8 +1838,8 @@ CURLcode Curl_mime_prepare_headers(struct Curl_easy *data,
       Curl_safefree(filename);
       if(ret)
         return ret;
-      }
     }
+  }
 
   /* Issue Content-Type header. */
   if(contenttype) {
@@ -1870,7 +1854,7 @@ CURLcode Curl_mime_prepare_headers(struct Curl_easy *data,
     if(part->encoder)
       cte = part->encoder->name;
     else if(contenttype && strategy == MIMESTRATEGY_MAIL &&
-     part->kind != MIMEKIND_MULTIPART)
+            part->kind != MIMEKIND_MULTIPART)
       cte = "8bit";
     if(cte) {
       ret = Curl_mime_add_header(&part->curlheaders,
@@ -1909,7 +1893,7 @@ static void mime_unpause(curl_mimepart *part)
     if(part->lastreadstatus == CURL_READFUNC_PAUSE)
       part->lastreadstatus = 1; /* Successful read status. */
     if(part->kind == MIMEKIND_MULTIPART) {
-      curl_mime *mime = (curl_mime *) part->arg;
+      curl_mime *mime = (curl_mime *)part->arg;
 
       if(mime) {
         curl_mimepart *subpart;
@@ -2113,7 +2097,7 @@ static CURLcode cr_mime_resume_from(struct Curl_easy *data,
     curl_off_t passed = 0;
 
     do {
-      char scratch[4*1024];
+      char scratch[4 * 1024];
       size_t readthisamountnow =
         (offset - passed > (curl_off_t)sizeof(scratch)) ?
         sizeof(scratch) :
@@ -2262,8 +2246,7 @@ CURLcode curl_mime_encoder(curl_mimepart *part, const char *encoding)
   return CURLE_NOT_BUILT_IN;
 }
 
-CURLcode curl_mime_data(curl_mimepart *part,
-                        const char *data, size_t datasize)
+CURLcode curl_mime_data(curl_mimepart *part, const char *data, size_t datasize)
 {
   (void)part;
   (void)data;
@@ -2278,8 +2261,7 @@ CURLcode curl_mime_filedata(curl_mimepart *part, const char *filename)
   return CURLE_NOT_BUILT_IN;
 }
 
-CURLcode curl_mime_data_cb(curl_mimepart *part,
-                           curl_off_t datasize,
+CURLcode curl_mime_data_cb(curl_mimepart *part, curl_off_t datasize,
                            curl_read_callback readfunc,
                            curl_seek_callback seekfunc,
                            curl_free_callback freefunc,
diff --git a/lib/mime.h b/lib/mime.h
index 5073a38f70..3ac196180b 100644
--- a/lib/mime.h
+++ b/lib/mime.h
@@ -165,12 +165,11 @@ CURLcode Curl_creader_set_mime(struct Curl_easy *data, curl_mimepart *part);
 /* if disabled */
 #define Curl_mime_initpart(x)
 #define Curl_mime_cleanpart(x)
-#define Curl_mime_duppart(x,y,z) CURLE_OK /* Nothing to duplicate. Succeed */
-#define Curl_mime_set_subparts(a,b,c) CURLE_NOT_BUILT_IN
-#define Curl_mime_prepare_headers(a,b,c,d,e) CURLE_NOT_BUILT_IN
-#define Curl_mime_read NULL
-#define Curl_creader_set_mime(x,y) ((void)x, CURLE_NOT_BUILT_IN)
+#define Curl_mime_duppart(x, y, z) CURLE_OK /* Nothing to duplicate. Succeed */
+#define Curl_mime_set_subparts(a, b, c)          CURLE_NOT_BUILT_IN
+#define Curl_mime_prepare_headers(a, b, c, d, e) CURLE_NOT_BUILT_IN
+#define Curl_mime_read                           NULL
+#define Curl_creader_set_mime(x, y)              ((void)x, CURLE_NOT_BUILT_IN)
 #endif
 
-
 #endif /* HEADER_CURL_MIME_H */
diff --git a/lib/mprintf.c b/lib/mprintf.c
index 046917aeb5..5c58e907b4 100644
--- a/lib/mprintf.c
+++ b/lib/mprintf.c
@@ -171,8 +171,8 @@ static int dollarstring(const char *p, const char **end)
   return (int)num - 1;
 }
 
-#define is_arg_used(x,y) ((x)[(y)/8] & (1 << ((y)&7)))
-#define mark_arg_used(x,y) ((x)[y/8] |= (unsigned char)(1 << ((y)&7)))
+#define is_arg_used(x, y)   ((x)[(y) / 8] & (1 << ((y) & 7)))
+#define mark_arg_used(x, y) ((x)[y / 8] |= (unsigned char)(1 << ((y) & 7)))
 
 /*
  * Parse the format string.
@@ -206,7 +206,7 @@ static int parsefmt(const char *format,
   int max_param = -1;
   int i;
   int ocount = 0;
-  unsigned char usedinput[MAX_PARAMETERS/8];
+  unsigned char usedinput[MAX_PARAMETERS / 8];
   size_t outlen = 0;
   struct outsegment *optr;
   int use_dollar = DOLLAR_UNKNOWN;
@@ -364,8 +364,15 @@ static int parsefmt(const char *format,
           if(!(flags & FLAGS_LEFT))
             flags |= FLAGS_PAD_NIL;
           FALLTHROUGH();
-        case '1': case '2': case '3': case '4':
-        case '5': case '6': case '7': case '8': case '9': {
+        case '1':
+        case '2':
+        case '3':
+        case '4':
+        case '5':
+        case '6':
+        case '7':
+        case '8':
+        case '9': {
           curl_off_t num;
           flags |= FLAGS_WIDTH;
           fmt--;
@@ -431,7 +438,7 @@ static int parsefmt(const char *format,
           type = FORMAT_LONGU;
         else
           type = FORMAT_INTU;
-        flags |= FLAGS_OCTAL|FLAGS_UNSIGNED;
+        flags |= FLAGS_OCTAL | FLAGS_UNSIGNED;
         break;
       case 'x':
         if(flags & FLAGS_LONGLONG)
@@ -440,7 +447,7 @@ static int parsefmt(const char *format,
           type = FORMAT_LONGU;
         else
           type = FORMAT_INTU;
-        flags |= FLAGS_HEX|FLAGS_UNSIGNED;
+        flags |= FLAGS_HEX | FLAGS_UNSIGNED;
         break;
       case 'X':
         if(flags & FLAGS_LONGLONG)
@@ -449,7 +456,7 @@ static int parsefmt(const char *format,
           type = FORMAT_LONGU;
         else
           type = FORMAT_INTU;
-        flags |= FLAGS_HEX|FLAGS_UPPER|FLAGS_UNSIGNED;
+        flags |= FLAGS_HEX | FLAGS_UPPER | FLAGS_UNSIGNED;
         break;
       case 'c':
         type = FORMAT_INT;
@@ -464,7 +471,7 @@ static int parsefmt(const char *format,
         break;
       case 'E':
         type = FORMAT_DOUBLE;
-        flags |= FLAGS_FLOATE|FLAGS_UPPER;
+        flags |= FLAGS_FLOATE | FLAGS_UPPER;
         break;
       case 'g':
         type = FORMAT_DOUBLE;
@@ -472,7 +479,7 @@ static int parsefmt(const char *format,
         break;
       case 'G':
         type = FORMAT_DOUBLE;
-        flags |= FLAGS_FLOATG|FLAGS_UPPER;
+        flags |= FLAGS_FLOATG | FLAGS_UPPER;
         break;
       default:
         /* invalid instruction, disregard and continue */
@@ -627,9 +634,9 @@ static bool out_double(void *userp,
                        double dnum,
                        char *work, int *donep)
 {
-  char formatbuf[32]="%";
+  char formatbuf[32] = "%";
   char *fptr = &formatbuf[1];
-  size_t left = sizeof(formatbuf)-strlen(formatbuf);
+  size_t left = sizeof(formatbuf) - strlen(formatbuf);
   int flags = p->flags;
   int width = p->width;
   int prec = p->prec;
@@ -745,7 +752,7 @@ static bool out_number(void *userp,
     if(!(flags & FLAGS_LEFT))
       while(--width > 0)
         OUTCHAR(' ');
-    OUTCHAR((char) num);
+    OUTCHAR((char)num);
     if(flags & FLAGS_LEFT)
       while(--width > 0)
         OUTCHAR(' ');
@@ -868,7 +875,7 @@ static bool out_string(void *userp,
 
   if(!str) {
     /* Write null string if there is space.  */
-    if(prec == -1 || prec >= (int) sizeof(nilstr) - 1) {
+    if(prec == -1 || prec >= (int)sizeof(nilstr) - 1) {
       str = nilstr;
       len = sizeof(nilstr) - 1;
       /* Disable quotes around (nil) */
@@ -916,10 +923,10 @@ static bool out_pointer(void *userp,
 {
   /* Generic pointer.  */
   if(ptr) {
-    size_t num = (size_t) ptr;
+    size_t num = (size_t)ptr;
 
     /* If the pointer is not NULL, write it as a %#x spec.  */
-    p->flags |= FLAGS_HEX|FLAGS_ALT;
+    p->flags |= FLAGS_HEX | FLAGS_ALT;
     if(out_number(userp, stream, p, num, 0, work, donep))
       return TRUE;
   }
@@ -958,13 +965,12 @@ static bool out_pointer(void *userp,
  * All output is sent to the 'stream()' callback, one byte at a time.
  */
 
-static int formatf(
-  void *userp, /* untouched by format(), just sent to the stream() function in
-                  the second argument */
-  /* function pointer called for each output character */
-  int (*stream)(unsigned char, void *),
-  const char *format,    /* %-formatted string */
-  va_list ap_save) /* list of parameters */
+static int formatf(void *userp, /* untouched by format(), just sent to the
+                                   stream() function in the second argument */
+                   /* function pointer called for each output character */
+                   int (*stream)(unsigned char, void *),
+                   const char *format, /* %-formatted string */
+                   va_list ap_save) /* list of parameters */
 {
   int done = 0;   /* number of characters written  */
   int i;
@@ -1065,15 +1071,15 @@ static int formatf(
       /* Answer the count of characters written.  */
 #ifdef HAVE_LONG_LONG_TYPE
       if(p.flags & FLAGS_LONGLONG)
-        *(LONG_LONG_TYPE *) iptr->val.ptr = (LONG_LONG_TYPE)done;
+        *(LONG_LONG_TYPE *)iptr->val.ptr = (LONG_LONG_TYPE)done;
       else
 #endif
         if(p.flags & FLAGS_LONG)
-          *(long *) iptr->val.ptr = (long)done;
+          *(long *)iptr->val.ptr = (long)done;
       else if(!(p.flags & FLAGS_SHORT))
-        *(int *) iptr->val.ptr = (int)done;
+        *(int *)iptr->val.ptr = (int)done;
       else
-        *(short *) iptr->val.ptr = (short)done;
+        *(short *)iptr->val.ptr = (short)done;
       break;
 
     default:
@@ -1138,7 +1144,7 @@ static int alloc_addbyter(unsigned char outc, void *f)
   CURLcode result = curlx_dyn_addn(infop->b, &outc, 1);
   if(result) {
     infop->merr = result == CURLE_TOO_LARGE ? MERR_TOO_LARGE : MERR_MEM;
-    return 1 ; /* fail */
+    return 1; /* fail */
   }
   return 0;
 }
diff --git a/lib/mqtt.c b/lib/mqtt.c
index a8975d5391..df5f37775f 100644
--- a/lib/mqtt.c
+++ b/lib/mqtt.c
@@ -51,8 +51,8 @@
 /* #define MQTT_MSG_PINGREQ    0xC0 */
 #define MQTT_MSG_PINGRESP   0xD0
 
-#define MQTT_CONNACK_LEN 2
-#define MQTT_SUBACK_LEN 3
+#define MQTT_CONNACK_LEN  2
+#define MQTT_SUBACK_LEN   3
 #define MQTT_CLIENTID_LEN 12 /* "curl0123abcd" */
 
 /* meta key for storing protocol meta at easy handle */
@@ -92,7 +92,6 @@ struct MQTT {
   BIT(pingsent); /* 1 while we wait for ping response */
 };
 
-
 /*
  * Forward declarations.
  */
@@ -315,7 +314,7 @@ static CURLcode mqtt_connect(struct Curl_easy *data)
   int rc = 0;
   /* remain length */
   int remain_pos = 0;
-  char remain[4] = {0};
+  char remain[4] = { 0 };
   size_t packetlen = 0;
   size_t start_user = 0;
   size_t start_pwd = 0;
@@ -324,12 +323,10 @@ static CURLcode mqtt_connect(struct Curl_easy *data)
   char *packet = NULL;
 
   /* extracting username from request */
-  const char *username = data->state.aptr.user ?
-    data->state.aptr.user : "";
+  const char *username = data->state.aptr.user ? data->state.aptr.user : "";
   const size_t ulen = strlen(username);
   /* extracting password from request */
-  const char *passwd = data->state.aptr.passwd ?
-    data->state.aptr.passwd : "";
+  const char *passwd = data->state.aptr.passwd ? data->state.aptr.passwd : "";
   const size_t plen = strlen(passwd);
   const size_t payloadlen = ulen + plen + MQTT_CLIENTID_LEN + 2 +
   /* The plus 2s below are for the MSB and LSB describing the length of the
@@ -531,7 +528,7 @@ static CURLcode mqtt_subscribe(struct Curl_easy *data)
   packet[1 + n] = (mqtt->packetid >> 8) & 0xff;
   packet[2 + n] = mqtt->packetid & 0xff;
   packet[3 + n] = (topiclen >> 8) & 0xff;
-  packet[4 + n ] = topiclen & 0xff;
+  packet[4 + n] = topiclen & 0xff;
   memcpy(&packet[5 + n], topic, topiclen);
   packet[5 + n + topiclen] = 0; /* QoS zero */
 
@@ -661,7 +658,7 @@ static size_t mqtt_decode_len(unsigned char *buf,
 }
 
 #ifdef DEBUGBUILD
-static const char *statenames[]={
+static const char *statenames[] = {
   "MQTT_FIRST",
   "MQTT_REMAINING_LENGTH",
   "MQTT_CONNACK",
@@ -695,7 +692,6 @@ static void mqstate(struct Curl_easy *data,
     mqtt->nextstate = nextstate;
 }
 
-
 static CURLcode mqtt_read_publish(struct Curl_easy *data, bool *done)
 {
   CURLcode result = CURLE_OK;
@@ -756,7 +752,7 @@ MQTT_SUBACK_COMING:
     FALLTHROUGH();
   case MQTT_PUB_REMAIN: {
     /* read rest of packet, but no more. Cap to buffer size */
-    char buffer[4*1024];
+    char buffer[4 * 1024];
     size_t rest = mq->npacket;
     if(rest > sizeof(buffer))
       rest = sizeof(buffer);
@@ -886,7 +882,7 @@ static CURLcode mqtt_doing(struct Curl_easy *data, bool *done)
   if(result)
     return result;
 
-  infof(data, "mqtt_doing: state [%d]", (int) mqtt->state);
+  infof(data, "mqtt_doing: state [%d]", (int)mqtt->state);
   switch(mqtt->state) {
   case MQTT_FIRST:
     /* Read the initial byte only */
diff --git a/lib/multi.c b/lib/multi.c
index c5b78f53e4..b912f7a212 100644
--- a/lib/multi.c
+++ b/lib/multi.c
@@ -55,7 +55,7 @@
 #include "urlapi-int.h"
 
 /* initial multi->xfers table size for a full multi */
-#define CURL_XFER_TABLE_SIZE    512
+#define CURL_XFER_TABLE_SIZE 512
 
 /*
   CURL_SOCKET_HASH_TABLE_SIZE should be a prime number. Increasing it from 97
@@ -195,12 +195,11 @@ static void mstate(struct Curl_easy *data, CURLMstate state
 }
 
 #ifndef DEBUGBUILD
-#define multistate(x,y) mstate(x,y)
+#define multistate(x, y) mstate(x, y)
 #else
-#define multistate(x,y) mstate(x,y, __LINE__)
+#define multistate(x, y) mstate(x, y, __LINE__)
 #endif
 
-
 /* multi->proto_hash destructor. Should never be called as elements
  * MUST be added with their own destructor */
 static void ph_freeentry(void *p)
@@ -343,15 +342,14 @@ static void multi_warn_debug(struct Curl_multi *multi, struct Curl_easy *data)
   if(!multi->warned) {
     infof(data, "!!! WARNING !!!");
     infof(data, "This is a debug build of libcurl, "
-          "do not use in production.");
+                "do not use in production.");
     multi->warned = TRUE;
   }
 }
 #else
-#define multi_warn_debug(x,y) Curl_nop_stmt
+#define multi_warn_debug(x, y) Curl_nop_stmt
 #endif
 
-
 static CURLMcode multi_xfers_add(struct Curl_multi *multi,
                                  struct Curl_easy *data)
 {
@@ -380,8 +378,8 @@ static CURLMcode multi_xfers_add(struct Curl_multi *multi,
         new_size = max_capacity; /* can not be larger than this */
       }
       else {
-         /* make it a 64 multiple, since our bitsets frow by that and
-          * small (easy_multi) grows to at least 64 on first resize. */
+        /* make it a 64 multiple, since our bitsets frow by that and
+         * small (easy_multi) grows to at least 64 on first resize. */
         new_size = (((used + min_unused) + 63) / 64) * 64;
       }
     }
@@ -564,7 +562,7 @@ static bool multi_conn_should_close(struct connectdata *conn,
      && !(conn->http_negotiate_state == GSS_AUTHRECV ||
           conn->proxy_negotiate_state == GSS_AUTHRECV)
 #endif
-     )
+    )
     return TRUE;
 
   /* Unless this connection is for a "connect-only" transfer, it
@@ -842,7 +840,7 @@ CURLMcode curl_multi_remove_handle(CURLM *m, CURL *d)
   if(data->state.lastconnect_id != -1) {
     /* Mark any connect-only connection for closure */
     Curl_cpool_do_by_id(data, data->state.lastconnect_id,
-                            close_connect_only, NULL);
+                        close_connect_only, NULL);
   }
 
 #ifdef USE_LIBPSL
@@ -1076,14 +1074,12 @@ static CURLcode mstate_perform_pollset(struct Curl_easy *data,
   else {
     /* Default is to obey the data->req.keepon flags for send/recv */
     if(CURL_WANT_RECV(data) && CONN_SOCK_IDX_VALID(conn->recv_idx)) {
-      result = Curl_pollset_add_in(
-        data, ps, conn->sock[conn->recv_idx]);
+      result = Curl_pollset_add_in(data, ps, conn->sock[conn->recv_idx]);
     }
 
     if(!result && Curl_req_want_send(data) &&
        CONN_SOCK_IDX_VALID(conn->send_idx)) {
-      result = Curl_pollset_add_out(
-        data, ps, conn->sock[conn->send_idx]);
+      result = Curl_pollset_add_out(data, ps, conn->sock[conn->send_idx]);
     }
   }
   if(!result)
@@ -1174,34 +1170,33 @@ CURLMcode Curl_multi_pollset(struct Curl_easy *data,
   if(CURL_TRC_M_is_verbose(data)) {
     size_t timeout_count = Curl_llist_count(&data->state.timeoutlist);
     switch(ps->n) {
-      case 0:
-        CURL_TRC_M(data, "pollset[], timeouts=%zu, paused %d/%d (r/w)",
-                   timeout_count,
-                   Curl_xfer_send_is_paused(data),
-                   Curl_xfer_recv_is_paused(data));
-        break;
-      case 1:
-        CURL_TRC_M(data, "pollset[fd=%" FMT_SOCKET_T " %s%s], timeouts=%zu",
-                   ps->sockets[0],
-                   (ps->actions[0] & CURL_POLL_IN) ? "IN" : "",
-                   (ps->actions[0] & CURL_POLL_OUT) ? "OUT" : "",
-                   timeout_count);
-        break;
-      case 2:
-        CURL_TRC_M(data, "pollset[fd=%" FMT_SOCKET_T " %s%s, "
-                   "fd=%" FMT_SOCKET_T " %s%s], timeouts=%zu",
-                   ps->sockets[0],
-                   (ps->actions[0] & CURL_POLL_IN) ? "IN" : "",
-                   (ps->actions[0] & CURL_POLL_OUT) ? "OUT" : "",
-                   ps->sockets[1],
-                   (ps->actions[1] & CURL_POLL_IN) ? "IN" : "",
-                   (ps->actions[1] & CURL_POLL_OUT) ? "OUT" : "",
-                   timeout_count);
-        break;
-      default:
-        CURL_TRC_M(data, "pollset[fds=%u], timeouts=%zu",
-                   ps->n, timeout_count);
-        break;
+    case 0:
+      CURL_TRC_M(data, "pollset[], timeouts=%zu, paused %d/%d (r/w)",
+                 timeout_count,
+                 Curl_xfer_send_is_paused(data),
+                 Curl_xfer_recv_is_paused(data));
+      break;
+    case 1:
+      CURL_TRC_M(data, "pollset[fd=%" FMT_SOCKET_T " %s%s], timeouts=%zu",
+                 ps->sockets[0],
+                 (ps->actions[0] & CURL_POLL_IN) ? "IN" : "",
+                 (ps->actions[0] & CURL_POLL_OUT) ? "OUT" : "",
+                 timeout_count);
+      break;
+    case 2:
+      CURL_TRC_M(data, "pollset[fd=%" FMT_SOCKET_T " %s%s, "
+                 "fd=%" FMT_SOCKET_T " %s%s], timeouts=%zu",
+                 ps->sockets[0],
+                 (ps->actions[0] & CURL_POLL_IN) ? "IN" : "",
+                 (ps->actions[0] & CURL_POLL_OUT) ? "OUT" : "",
+                 ps->sockets[1],
+                 (ps->actions[1] & CURL_POLL_IN) ? "IN" : "",
+                 (ps->actions[1] & CURL_POLL_OUT) ? "OUT" : "",
+                 timeout_count);
+      break;
+    default:
+      CURL_TRC_M(data, "pollset[fds=%u], timeouts=%zu", ps->n, timeout_count);
+      break;
     }
     CURL_TRC_EASY_TIMERS(data);
   }
@@ -1259,8 +1254,7 @@ CURLMcode curl_multi_fdset(CURLM *m,
         if((int)ps.sockets[i] > this_max_fd)
           this_max_fd = (int)ps.sockets[i];
       }
-    }
-    while(Curl_uint32_bset_next(&multi->process, mid, &mid));
+    } while(Curl_uint32_bset_next(&multi->process, mid, &mid));
   }
 
   Curl_cshutdn_setfds(&multi->cshutdn, multi->admin,
@@ -1305,8 +1299,7 @@ CURLMcode curl_multi_waitfds(CURLM *m,
       }
       Curl_multi_pollset(data, &ps);
       need += Curl_waitfds_add_ps(&cwfds, &ps);
-    }
-    while(Curl_uint32_bset_next(&multi->process, mid, &mid));
+    } while(Curl_uint32_bset_next(&multi->process, mid, &mid));
   }
 
   need += Curl_cshutdn_add_waitfds(&multi->cshutdn, multi->admin, &cwfds);
@@ -1394,8 +1387,7 @@ static CURLMcode multi_wait(struct Curl_multi *multi,
         result = CURLM_OUT_OF_MEMORY;
         goto out;
       }
-    }
-    while(Curl_uint32_bset_next(&multi->process, mid, &mid));
+    } while(Curl_uint32_bset_next(&multi->process, mid, &mid));
   }
 
   if(Curl_cshutdn_add_pollfds(&multi->cshutdn, multi->admin, &cpfds)) {
@@ -1424,11 +1416,11 @@ static CURLMcode multi_wait(struct Curl_multi *multi,
   for(i = 0; i < cpfds.n; i++) {
     long mask = 0;
     if(cpfds.pfds[i].events & POLLIN)
-      mask |= FD_READ|FD_ACCEPT|FD_CLOSE;
+      mask |= FD_READ | FD_ACCEPT | FD_CLOSE;
     if(cpfds.pfds[i].events & POLLPRI)
       mask |= FD_OOB;
     if(cpfds.pfds[i].events & POLLOUT) {
-      mask |= FD_WRITE|FD_CONNECT|FD_CLOSE;
+      mask |= FD_WRITE | FD_CONNECT | FD_CLOSE;
       reset_socket_fdwrite(cpfds.pfds[i].fd);
     }
     if(mask) {
@@ -1503,9 +1495,9 @@ static CURLMcode multi_wait(struct Curl_multi *multi,
         curl_socket_t s = extra_fds[i].fd;
         wsa_events.lNetworkEvents = 0;
         if(WSAEnumNetworkEvents(s, NULL, &wsa_events) == 0) {
-          if(wsa_events.lNetworkEvents & (FD_READ|FD_ACCEPT|FD_CLOSE))
+          if(wsa_events.lNetworkEvents & (FD_READ | FD_ACCEPT | FD_CLOSE))
             mask |= CURL_WAIT_POLLIN;
-          if(wsa_events.lNetworkEvents & (FD_WRITE|FD_CONNECT|FD_CLOSE))
+          if(wsa_events.lNetworkEvents & (FD_WRITE | FD_CONNECT | FD_CLOSE))
             mask |= CURL_WAIT_POLLOUT;
           if(wsa_events.lNetworkEvents & FD_OOB)
             mask |= CURL_WAIT_POLLPRI;
@@ -1610,8 +1602,7 @@ CURLMcode curl_multi_poll(CURLM *multi,
                           int timeout_ms,
                           int *ret)
 {
-  return multi_wait(multi, extra_fds, extra_nfds, timeout_ms, ret, TRUE,
-                    TRUE);
+  return multi_wait(multi, extra_fds, extra_nfds, timeout_ms, ret, TRUE, TRUE);
 }
 
 CURLMcode curl_multi_wakeup(CURLM *m)
@@ -1864,8 +1855,7 @@ static CURLcode protocol_doing(struct Curl_easy *data, bool *done)
  * proceed with some action.
  *
  */
-static CURLcode protocol_connect(struct Curl_easy *data,
-                                 bool *protocol_done)
+static CURLcode protocol_connect(struct Curl_easy *data, bool *protocol_done)
 {
   CURLcode result = CURLE_OK;
   struct connectdata *conn = data->conn;
@@ -1874,8 +1864,7 @@ static CURLcode protocol_connect(struct Curl_easy *data,
 
   *protocol_done = FALSE;
 
-  if(Curl_conn_is_connected(conn, FIRSTSOCKET)
-     && conn->bits.protoconnstart) {
+  if(Curl_conn_is_connected(conn, FIRSTSOCKET) && conn->bits.protoconnstart) {
     /* We already are connected, get back. This may happen when the connect
        worked fine in the first call, like when we connect to a local server
        or proxy. Note that we do not know if the protocol is actually done.
@@ -1942,8 +1931,7 @@ static CURLcode multi_follow(struct Curl_easy *data,
   return CURLE_TOO_MANY_REDIRECTS;
 }
 
-static CURLcode mspeed_check(struct Curl_easy *data,
-                             struct curltime now)
+static CURLcode mspeed_check(struct Curl_easy *data, struct curltime now)
 {
   timediff_t recv_wait_ms = 0;
   timediff_t send_wait_ms = 0;
@@ -2160,8 +2148,7 @@ static CURLMcode state_do(struct Curl_easy *data,
             multi_done(data, CURLE_OK, FALSE);
 
             /* if there is no connection left, skip the DONE state */
-            multistate(data, data->conn ?
-                       MSTATE_DONE : MSTATE_COMPLETED);
+            multistate(data, data->conn ? MSTATE_DONE : MSTATE_COMPLETED);
             rc = CURLM_CALL_MULTI_PERFORM;
             goto end;
           }
@@ -2597,8 +2584,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi,
         if(control) {
           /* if positive, advance to DO_DONE
              if negative, go back to DOING */
-          multistate(data, control == 1 ?
-                     MSTATE_DID : MSTATE_DOING);
+          multistate(data, control == 1 ? MSTATE_DID : MSTATE_DOING);
           rc = CURLM_CALL_MULTI_PERFORM;
         }
         /* else
@@ -2796,7 +2782,6 @@ statemachine_end:
   return rc;
 }
 
-
 CURLMcode curl_multi_perform(CURLM *m, int *running_handles)
 {
   CURLMcode returncode = CURLM_OK;
@@ -2832,8 +2817,7 @@ CURLMcode curl_multi_perform(CURLM *m, int *running_handles)
       result = multi_runsingle(multi, &now, data);
       if(result)
         returncode = result;
-    }
-    while(Curl_uint32_bset_next(&multi->process, mid, &mid));
+    } while(Curl_uint32_bset_next(&multi->process, mid, &mid));
   }
   sigpipe_restore(&pipe_st);
 
@@ -2925,8 +2909,7 @@ CURLMcode curl_multi_cleanup(CURLM *m)
 #endif
         if(data->state.internal)
           Curl_close(&data);
-      }
-      while(Curl_uint32_tbl_next(&multi->xfers, mid, &mid, &entry));
+      } while(Curl_uint32_tbl_next(&multi->xfers, mid, &mid, &entry));
     }
 
     Curl_cpool_destroy(&multi->cpool);
@@ -3017,7 +3000,6 @@ CURLMsg *curl_multi_info_read(CURLM *m, int *msgs_in_queue)
   return NULL;
 }
 
-
 void Curl_multi_will_close(struct Curl_easy *data, curl_socket_t s)
 {
   if(data) {
@@ -3160,8 +3142,7 @@ static CURLMcode multi_run_dirty(struct multi_run_ctx *mrc)
         CURL_TRC_M(multi->admin, "multi_run_dirty, %u no longer found", mid);
         Curl_uint32_bset_remove(&multi->dirty, mid);
       }
-    }
-    while(Curl_uint32_bset_next(&multi->dirty, mid, &mid));
+    } while(Curl_uint32_bset_next(&multi->dirty, mid, &mid));
   }
 
 out:
@@ -3243,8 +3224,7 @@ out:
 }
 
 #undef curl_multi_setopt
-CURLMcode curl_multi_setopt(CURLM *m,
-                            CURLMoption option, ...)
+CURLMcode curl_multi_setopt(CURLM *m, CURLMoption option, ...)
 {
   CURLMcode res = CURLM_OK;
   va_list param;
@@ -3305,14 +3285,13 @@ CURLMcode curl_multi_setopt(CURLM *m,
     break;
   case CURLMOPT_PIPELINING_SERVER_BL:
     break;
-  case CURLMOPT_MAX_CONCURRENT_STREAMS:
-    {
-      long streams = va_arg(param, long);
-      if((streams < 1) || (streams > INT_MAX))
-        streams = 100;
-      multi->max_concurrent_streams = (unsigned int)streams;
-    }
+  case CURLMOPT_MAX_CONCURRENT_STREAMS: {
+    long streams = va_arg(param, long);
+    if((streams < 1) || (streams > INT_MAX))
+      streams = 100;
+    multi->max_concurrent_streams = (unsigned int)streams;
     break;
+  }
   case CURLMOPT_NETWORK_CHANGED: {
     long val = va_arg(param, long);
     if(val & CURLMNWC_CLEAR_DNS) {
@@ -3371,7 +3350,6 @@ CURLMcode curl_multi_socket_all(CURLM *m, int *running_handles)
   return multi_socket(multi, TRUE, CURL_SOCKET_BAD, 0, running_handles);
 }
 
-
 static bool multi_has_dirties(struct Curl_multi *multi)
 {
   uint32_t mid;
@@ -3388,8 +3366,7 @@ static bool multi_has_dirties(struct Curl_multi *multi)
         CURL_TRC_M(multi->admin, "dirty transfer %u no longer found", mid);
         Curl_uint32_bset_remove(&multi->dirty, mid);
       }
-    }
-    while(Curl_uint32_bset_next(&multi->dirty, mid, &mid));
+    } while(Curl_uint32_bset_next(&multi->dirty, mid, &mid));
   }
   return FALSE;
 }
@@ -3398,7 +3375,7 @@ static void multi_timeout(struct Curl_multi *multi,
                           struct curltime *expire_time,
                           long *timeout_ms)
 {
-  static const struct curltime tv_zero = {0, 0};
+  static const struct curltime tv_zero = { 0, 0 };
 #ifndef CURL_DISABLE_VERBOSE_STRINGS
   struct Curl_easy *data = NULL;
 #endif
@@ -3453,8 +3430,7 @@ static void multi_timeout(struct Curl_multi *multi,
 
 #ifndef CURL_DISABLE_VERBOSE_STRINGS
   if(data && CURL_TRC_TIMER_is_verbose(data)) {
-    struct Curl_llist_node *e =
-      Curl_llist_head(&data->state.timeoutlist);
+    struct Curl_llist_node *e = Curl_llist_head(&data->state.timeoutlist);
     if(e) {
       struct time_node *n = Curl_node_elem(e);
       CURL_TRC_TIMER(data, n->eid, "gives multi timeout in %ldms",
@@ -3506,8 +3482,7 @@ CURLMcode Curl_update_timer(struct Curl_multi *multi)
     set_value = TRUE;
   }
   else if(multi->last_timeout_ms < 0) {
-    CURL_TRC_M(multi->admin, "[TIMER] set %ldms, none before",
-               timeout_ms);
+    CURL_TRC_M(multi->admin, "[TIMER] set %ldms, none before", timeout_ms);
     set_value = TRUE;
   }
   else if(curlx_timediff_us(multi->last_expire_ts, expire_ts)) {
@@ -3543,8 +3518,7 @@ CURLMcode Curl_update_timer(struct Curl_multi *multi)
  *
  * Remove a given timestamp from the list of timeouts.
  */
-static void
-multi_deltimeout(struct Curl_easy *data, expire_id eid)
+static void multi_deltimeout(struct Curl_easy *data, expire_id eid)
 {
   struct Curl_llist_node *e;
   struct Curl_llist *timeoutlist = &data->state.timeoutlist;
@@ -3565,11 +3539,10 @@ multi_deltimeout(struct Curl_easy *data, expire_id eid)
  * of list is always the timeout nearest in time.
  *
  */
-static CURLMcode
-multi_addtimeout(struct Curl_easy *data,
-                 struct curltime *stamp,
-                 expire_id eid,
-                 const struct curltime *nowp)
+static CURLMcode multi_addtimeout(struct Curl_easy *data,
+                                  struct curltime *stamp,
+                                  expire_id eid,
+                                  const struct curltime *nowp)
 {
   struct Curl_llist_node *e;
   struct time_node *node;
@@ -3594,7 +3567,6 @@ multi_addtimeout(struct Curl_easy *data,
         break;
       prev = e;
     }
-
   }
   /* else
      this is the first timeout on the list */
@@ -3621,8 +3593,8 @@ void Curl_expire_ex(struct Curl_easy *data,
   DEBUGASSERT(id < EXPIRE_LAST);
 
   set = *nowp;
-  set.tv_sec += (time_t)(milli/1000); /* might be a 64 to 32 bits conversion */
-  set.tv_usec += (int)(milli%1000)*1000;
+  set.tv_sec += (time_t)(milli / 1000); /* may be a 64 to 32-bit conversion */
+  set.tv_usec += (int)(milli % 1000) * 1000;
 
   if(set.tv_usec >= 1000000) {
     set.tv_sec++;
@@ -3783,8 +3755,7 @@ static void process_pending_handles(struct Curl_multi *multi)
       /* transfer no longer known, should not happen */
       Curl_uint32_bset_remove(&multi->pending, mid);
       DEBUGASSERT(0);
-    }
-    while(Curl_uint32_bset_next(&multi->pending, mid, &mid));
+    } while(Curl_uint32_bset_next(&multi->pending, mid, &mid));
   }
 }
 
@@ -3820,8 +3791,7 @@ CURL **curl_multi_get_handles(CURLM *m)
         DEBUGASSERT(i < count);
         if(!data->state.internal)
           a[i++] = data;
-      }
-      while(Curl_uint32_tbl_next(&multi->xfers, mid, &mid, &entry));
+      } while(Curl_uint32_tbl_next(&multi->xfers, mid, &mid, &entry));
     }
     a[i] = NULL; /* last entry is a NULL */
   }
diff --git a/lib/multi_ev.c b/lib/multi_ev.c
index 026cbd2996..40b49da85d 100644
--- a/lib/multi_ev.c
+++ b/lib/multi_ev.c
@@ -64,7 +64,7 @@ struct mev_sh_entry {
 
 static size_t mev_sh_entry_hash(void *key, size_t key_length, size_t slots_num)
 {
-  curl_socket_t fd = *((curl_socket_t *) key);
+  curl_socket_t fd = *((curl_socket_t *)key);
   (void)key_length;
   return (fd % (curl_socket_t)slots_num);
 }
@@ -72,8 +72,9 @@ static size_t mev_sh_entry_hash(void *key, size_t key_length, size_t slots_num)
 static size_t mev_sh_entry_compare(void *k1, size_t k1_len,
                                    void *k2, size_t k2_len)
 {
-  (void)k1_len; (void)k2_len;
-  return (*((curl_socket_t *) k1)) == (*((curl_socket_t *) k2));
+  (void)k1_len;
+  (void)k2_len;
+  return (*((curl_socket_t *)k1)) == (*((curl_socket_t *)k2));
 }
 
 /* sockhash entry destructor callback */
@@ -85,8 +86,8 @@ static void mev_sh_entry_dtor(void *freethis)
 }
 
 /* look up a given socket in the socket hash, skip invalid sockets */
-static struct mev_sh_entry *
-mev_sh_entry_get(struct Curl_hash *sh, curl_socket_t s)
+static struct mev_sh_entry *mev_sh_entry_get(struct Curl_hash *sh,
+                                             curl_socket_t s)
 {
   if(s != CURL_SOCKET_BAD) {
     /* only look for proper sockets */
@@ -96,8 +97,8 @@ mev_sh_entry_get(struct Curl_hash *sh, curl_socket_t s)
 }
 
 /* make sure this socket is present in the hash for this handle */
-static struct mev_sh_entry *
-mev_sh_entry_add(struct Curl_hash *sh, curl_socket_t s)
+static struct mev_sh_entry *mev_sh_entry_add(struct Curl_hash *sh,
+                                             curl_socket_t s)
 {
   struct mev_sh_entry *there = mev_sh_entry_get(sh, s);
   struct mev_sh_entry *check;
@@ -166,7 +167,6 @@ static bool mev_sh_entry_conn_add(struct mev_sh_entry *e,
   return TRUE;
 }
 
-
 static bool mev_sh_entry_xfer_remove(struct mev_sh_entry *e,
                                      struct Curl_easy *data)
 {
@@ -202,8 +202,7 @@ static CURLMcode mev_forget_socket(struct Curl_multi *multi,
 
   /* We managed this socket before, tell the socket callback to forget it. */
   if(entry->announced && multi->socket_cb) {
-    CURL_TRC_M(data, "ev %s, call(fd=%" FMT_SOCKET_T ", ev=REMOVE)",
-               cause, s);
+    CURL_TRC_M(data, "ev %s, call(fd=%" FMT_SOCKET_T ", ev=REMOVE)", cause, s);
     mev_in_callback(multi, TRUE);
     rc = multi->socket_cb(data, s, CURL_POLL_REMOVE,
                           multi->socket_userp, entry->user_data);
@@ -446,8 +445,7 @@ static void mev_pollset_dtor(void *key, size_t klen, void *entry)
   }
 }
 
-static struct easy_pollset*
-mev_add_new_conn_pollset(struct connectdata *conn)
+static struct easy_pollset *mev_add_new_conn_pollset(struct connectdata *conn)
 {
   struct easy_pollset *ps;
 
@@ -459,8 +457,7 @@ mev_add_new_conn_pollset(struct connectdata *conn)
   return ps;
 }
 
-static struct easy_pollset*
-mev_add_new_xfer_pollset(struct Curl_easy *data)
+static struct easy_pollset *mev_add_new_xfer_pollset(struct Curl_easy *data)
 {
   struct easy_pollset *ps;
 
@@ -472,9 +469,8 @@ mev_add_new_xfer_pollset(struct Curl_easy *data)
   return ps;
 }
 
-static struct easy_pollset *
-mev_get_last_pollset(struct Curl_easy *data,
-                     struct connectdata *conn)
+static struct easy_pollset *mev_get_last_pollset(struct Curl_easy *data,
+                                                 struct connectdata *conn)
 {
   if(data) {
     if(conn)
@@ -484,8 +480,7 @@ mev_get_last_pollset(struct Curl_easy *data,
   return NULL;
 }
 
-static CURLMcode mev_assess(struct Curl_multi *multi,
-                            struct Curl_easy *data,
+static CURLMcode mev_assess(struct Curl_multi *multi, struct Curl_easy *data,
                             struct connectdata *conn)
 {
   struct easy_pollset ps, *last_ps;
@@ -551,13 +546,11 @@ CURLMcode Curl_multi_ev_assess_xfer_bset(struct Curl_multi *multi,
       struct Curl_easy *data = Curl_multi_get_easy(multi, mid);
       if(data)
         result = Curl_multi_ev_assess_xfer(multi, data);
-    }
-    while(!result && Curl_uint32_bset_next(set, mid, &mid));
+    } while(!result && Curl_uint32_bset_next(set, mid, &mid));
   }
   return result;
 }
 
-
 CURLMcode Curl_multi_ev_assign(struct Curl_multi *multi,
                                curl_socket_t s,
                                void *user_data)
@@ -596,8 +589,7 @@ void Curl_multi_ev_dirty_xfers(struct Curl_multi *multi,
           CURL_TRC_M(multi->admin, "socket transfer %u no longer found", mid);
           Curl_uint32_spbset_remove(&entry->xfers, mid);
         }
-      }
-      while(Curl_uint32_spbset_next(&entry->xfers, mid, &mid));
+      } while(Curl_uint32_spbset_next(&entry->xfers, mid, &mid));
     }
 
     if(entry->conn)
diff --git a/lib/multi_ntfy.c b/lib/multi_ntfy.c
index 43e4db9e82..4fdbe7400a 100644
--- a/lib/multi_ntfy.c
+++ b/lib/multi_ntfy.c
@@ -38,7 +38,7 @@ struct mntfy_entry {
   uint32_t type;
 };
 
-#define CURL_MNTFY_CHUNK_SIZE   128
+#define CURL_MNTFY_CHUNK_SIZE 128
 
 struct mntfy_chunk {
   struct mntfy_chunk *next;
@@ -171,7 +171,7 @@ void Curl_mntfy_add(struct Curl_easy *data, unsigned int type)
      Curl_uint32_bset_contains(&multi->ntfy.enabled, (uint32_t)type)) {
     /* append to list of outstanding notifications */
     struct mntfy_chunk *tail = mntfy_non_full_tail(&multi->ntfy);
-  CURL_TRC_M(data, "[NTFY] add %d for xfer %u", type, data->mid);
+    CURL_TRC_M(data, "[NTFY] add %d for xfer %u", type, data->mid);
     if(tail)
       mntfy_chunk_append(tail, data, (uint32_t)type);
     else
diff --git a/lib/multi_ntfy.h b/lib/multi_ntfy.h
index c3094a9ebe..144d0319d0 100644
--- a/lib/multi_ntfy.h
+++ b/lib/multi_ntfy.h
@@ -47,11 +47,12 @@ CURLMcode Curl_mntfy_disable(struct Curl_multi *multi, unsigned int type);
 
 void Curl_mntfy_add(struct Curl_easy *data, unsigned int type);
 
-#define CURLM_NTFY(d,t) \
-  do { if((d) && (d)->multi && (d)->multi->ntfy.ntfy_cb) \
-       Curl_mntfy_add((d), (t)); } while(0)
+#define CURLM_NTFY(d, t)                              \
+  do {                                                \
+    if((d) && (d)->multi && (d)->multi->ntfy.ntfy_cb) \
+      Curl_mntfy_add((d), (t));                       \
+  } while(0)
 
 CURLMcode Curl_mntfy_dispatch_all(struct Curl_multi *multi);
 
-
 #endif /* HEADER_CURL_MULTI_NTFY_H */
diff --git a/lib/multiif.h b/lib/multiif.h
index 62c68c9ced..9db5b01000 100644
--- a/lib/multiif.h
+++ b/lib/multiif.h
@@ -68,7 +68,6 @@ CURLMcode Curl_multi_add_perform(struct Curl_multi *multi,
                                  struct Curl_easy *data,
                                  struct connectdata *conn);
 
-
 /* Return the value of the CURLMOPT_MAX_CONCURRENT_STREAMS option */
 unsigned int Curl_multi_max_concurrent_streams(struct Curl_multi *multi);
 
diff --git a/lib/netrc.c b/lib/netrc.c
index f8de408297..d26d194fe2 100644
--- a/lib/netrc.c
+++ b/lib/netrc.c
@@ -60,8 +60,8 @@ enum found_state {
 #define FOUND_LOGIN    1
 #define FOUND_PASSWORD 2
 
-#define MAX_NETRC_LINE 16384
-#define MAX_NETRC_FILE (128*1024)
+#define MAX_NETRC_LINE  16384
+#define MAX_NETRC_FILE  (128 * 1024)
 #define MAX_NETRC_TOKEN 4096
 
 /* convert a dynbuf call CURLcode error to a NETRCcode error */
@@ -318,7 +318,7 @@ static NETRCcode parsenetrc(struct store_netrc *store,
           if(!specific_login)
             Curl_safefree(login);
         }
-        if((found == (FOUND_PASSWORD|FOUND_LOGIN)) && our_login) {
+        if((found == (FOUND_PASSWORD | FOUND_LOGIN)) && our_login) {
           done = TRUE;
           break;
         }
@@ -412,8 +412,8 @@ NETRCcode Curl_parsenetrc(struct store_netrc *store, const char *host,
       }
       else {
         struct passwd pw, *pw_res;
-        if(!getpwuid_r(geteuid(), &pw, pwbuf, sizeof(pwbuf), &pw_res)
-           && pw_res) {
+        if(!getpwuid_r(geteuid(), &pw, pwbuf, sizeof(pwbuf), &pw_res) &&
+           pw_res) {
           home = pw.pw_dir;
         }
 #elif defined(HAVE_GETPWUID) && defined(HAVE_GETEUID)
diff --git a/lib/netrc.h b/lib/netrc.h
index 0d6d081bfb..81012d0d97 100644
--- a/lib/netrc.h
+++ b/lib/netrc.h
@@ -50,14 +50,14 @@ void Curl_netrc_cleanup(struct store_netrc *s);
 NETRCcode Curl_parsenetrc(struct store_netrc *s, const char *host,
                           char **loginp, char **passwordp,
                           const char *filename);
-  /* Assume: (*passwordp)[0]=0, host[0] != 0.
-   * If (*loginp)[0] = 0, search for login and password within a machine
-   * section in the netrc.
-   * If (*loginp)[0] != 0, search for password within machine and login.
-   */
+/* Assume: (*passwordp)[0]=0, host[0] != 0.
+ * If (*loginp)[0] = 0, search for login and password within a machine
+ * section in the netrc.
+ * If (*loginp)[0] != 0, search for password within machine and login.
+ */
 #else
 /* disabled */
-#define Curl_parsenetrc(a,b,c,d,e,f) 1
+#define Curl_parsenetrc(a, b, c, d, e, f) 1
 #define Curl_netrc_init(x)
 #define Curl_netrc_cleanup(x)
 #endif
diff --git a/lib/noproxy.c b/lib/noproxy.c
index 1e19c369c0..569466fb62 100644
--- a/lib/noproxy.c
+++ b/lib/noproxy.c
@@ -141,8 +141,7 @@ static bool match_host(const char *token, size_t tokenlen,
   else if(tokenlen < namelen) {
     /* case B, tailmatch domain */
     match = (name[namelen - tokenlen - 1] == '.') &&
-      curl_strnequal(token, name + (namelen - tokenlen),
-                     tokenlen);
+            curl_strnequal(token, name + (namelen - tokenlen), tokenlen);
   }
   /* case C passes through, not a match */
   return match;
@@ -180,11 +179,10 @@ static bool match_ip(int type, const char *token, size_t tokenlen,
     return Curl_cidr4_match(name, check, bits);
 }
 
-
 /****************************************************************
-* Checks if the host is in the noproxy list. returns TRUE if it matches and
-* therefore the proxy should NOT be used.
-****************************************************************/
+ * Checks if the host is in the noproxy list. returns TRUE if it matches and
+ * therefore the proxy should NOT be used.
+ ****************************************************************/
 bool Curl_check_noproxy(const char *name, const char *no_proxy)
 {
   char hostip[128];
diff --git a/lib/openldap.c b/lib/openldap.c
index bb48edd32f..ba1a39181f 100644
--- a/lib/openldap.c
+++ b/lib/openldap.c
@@ -112,7 +112,6 @@ static Curl_recv oldap_recv;
 /*
  * LDAP protocol handler.
  */
-
 const struct Curl_handler Curl_handler_ldap = {
   "ldap",                               /* scheme */
   oldap_setup_connection,               /* setup_connection */
@@ -136,14 +135,13 @@ const struct Curl_handler Curl_handler_ldap = {
   CURLPROTO_LDAP,                       /* protocol */
   CURLPROTO_LDAP,                       /* family */
   PROTOPT_SSL_REUSE |                   /* flags */
-  PROTOPT_CONN_REUSE
+    PROTOPT_CONN_REUSE
 };
 
 #ifdef USE_SSL
 /*
  * LDAPS protocol handler.
  */
-
 const struct Curl_handler Curl_handler_ldaps = {
   "ldaps",                              /* scheme */
   oldap_setup_connection,               /* setup_connection */
@@ -167,7 +165,7 @@ const struct Curl_handler Curl_handler_ldaps = {
   CURLPROTO_LDAPS,                      /* protocol */
   CURLPROTO_LDAP,                       /* family */
   PROTOPT_SSL |                         /* flags */
-  PROTOPT_CONN_REUSE
+    PROTOPT_CONN_REUSE
 };
 #endif
 
@@ -281,7 +279,7 @@ static CURLcode oldap_url_parse(struct Curl_easy *data, LDAPURLDesc **ludp)
     result = rc == LDAP_URL_ERR_MEM ? CURLE_OUT_OF_MEMORY :
       CURLE_URL_MALFORMAT;
     rc -= LDAP_URL_SUCCESS;
-    if((size_t) rc < CURL_ARRAYSIZE(url_errs))
+    if((size_t)rc < CURL_ARRAYSIZE(url_errs))
       msg = url_errs[rc];
     failf(data, "LDAP local: %s", msg);
   }
@@ -507,8 +505,7 @@ static ber_slen_t ldapsb_tls_write(Sockbuf_IO_Desc *sbiod, void *buf,
                                    ber_len_t len);
 static int ldapsb_tls_close(Sockbuf_IO_Desc *sbiod);
 
-static Sockbuf_IO ldapsb_tls =
-{
+static Sockbuf_IO ldapsb_tls = {
   ldapsb_tls_setup,
   ldapsb_tls_remove,
   ldapsb_tls_ctrl,
@@ -658,7 +655,7 @@ static CURLcode oldap_connect(struct Curl_easy *data, bool *done)
   ldap_set_option(li->ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF);
 
   {
-    ber_len_t max = 256*1024;
+    ber_len_t max = 256 * 1024;
     Sockbuf *sb;
     if((ldap_get_option(li->ld, LDAP_OPT_SOCKBUF, &sb) != LDAP_OPT_SUCCESS) ||
        /* Set the maximum allowed size of an incoming message, which to
@@ -730,7 +727,7 @@ static CURLcode oldap_state_mechs_resp(struct Curl_easy *data,
       if(bvals) {
         for(i = 0; bvals[i].bv_val; i++) {
           size_t llen;
-          unsigned short mech = Curl_sasl_decode_mech((char *) bvals[i].bv_val,
+          unsigned short mech = Curl_sasl_decode_mech((char *)bvals[i].bv_val,
                                                       bvals[i].bv_len, &llen);
           if(bvals[i].bv_len == llen)
             li->sasl.authmechs |= mech;
@@ -829,7 +826,7 @@ static CURLcode oldap_connecting(struct Curl_easy *data, bool *done)
   struct connectdata *conn = data->conn;
   struct ldapconninfo *li = Curl_conn_meta_get(conn, CURL_META_LDAP_CONN);
   LDAPMessage *msg = NULL;
-  struct timeval tv = {0, 0};
+  struct timeval tv = { 0, 0 };
   int code = LDAP_SUCCESS;
   int rc;
 
@@ -1091,7 +1088,7 @@ static CURLcode oldap_recv(struct Curl_easy *data, int sockindex, char *buf,
   int rc;
   LDAPMessage *msg = NULL;
   BerElement *ber = NULL;
-  struct timeval tv = {0, 0};
+  struct timeval tv = { 0, 0 };
   struct berval bv, *bvals;
   CURLcode result = CURLE_AGAIN;
   int code;
@@ -1246,30 +1243,26 @@ static CURLcode oldap_recv(struct Curl_easy *data, int sockindex, char *buf,
 }
 
 #ifdef USE_SSL
-static int
-ldapsb_tls_setup(Sockbuf_IO_Desc *sbiod, void *arg)
+static int ldapsb_tls_setup(Sockbuf_IO_Desc *sbiod, void *arg)
 {
   sbiod->sbiod_pvt = arg;
   return 0;
 }
 
-static int
-ldapsb_tls_remove(Sockbuf_IO_Desc *sbiod)
+static int ldapsb_tls_remove(Sockbuf_IO_Desc *sbiod)
 {
   sbiod->sbiod_pvt = NULL;
   return 0;
 }
 
 /* We do not need to do anything because libcurl does it already */
-static int
-ldapsb_tls_close(Sockbuf_IO_Desc *sbiod)
+static int ldapsb_tls_close(Sockbuf_IO_Desc *sbiod)
 {
   (void)sbiod;
   return 0;
 }
 
-static int
-ldapsb_tls_ctrl(Sockbuf_IO_Desc *sbiod, int opt, void *arg)
+static int ldapsb_tls_ctrl(Sockbuf_IO_Desc *sbiod, int opt, void *arg)
 {
   (void)arg;
   if(opt == LBER_SB_OPT_DATA_READY) {
@@ -1279,8 +1272,8 @@ ldapsb_tls_ctrl(Sockbuf_IO_Desc *sbiod, int opt, void *arg)
   return 0;
 }
 
-static ber_slen_t
-ldapsb_tls_read(Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len)
+static ber_slen_t ldapsb_tls_read(Sockbuf_IO_Desc *sbiod, void *buf,
+                                  ber_len_t len)
 {
   struct Curl_easy *data = sbiod->sbiod_pvt;
   ber_slen_t ret = 0;
@@ -1304,8 +1297,8 @@ ldapsb_tls_read(Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len)
   }
   return ret;
 }
-static ber_slen_t
-ldapsb_tls_write(Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len)
+static ber_slen_t ldapsb_tls_write(Sockbuf_IO_Desc *sbiod, void *buf,
+                                   ber_len_t len)
 {
   struct Curl_easy *data = sbiod->sbiod_pvt;
   ber_slen_t ret = 0;
diff --git a/lib/parsedate.c b/lib/parsedate.c
index 2c3eb67fd2..0649de454b 100644
--- a/lib/parsedate.c
+++ b/lib/parsedate.c
@@ -107,17 +107,19 @@ static int parsedate(const char *date, time_t *output);
 #if !defined(CURL_DISABLE_PARSEDATE) || !defined(CURL_DISABLE_FTP) || \
   !defined(CURL_DISABLE_FILE) || defined(USE_GNUTLS)
 /* These names are also used by FTP and FILE code */
-const char * const Curl_wkday[] =
-{"Mon", "Tue", "Wed", "Thu", "Fri", "Sat", "Sun"};
-const char * const Curl_month[]=
-{ "Jan", "Feb", "Mar", "Apr", "May", "Jun",
-  "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" };
+const char * const Curl_wkday[] = {
+  "Mon", "Tue", "Wed", "Thu", "Fri", "Sat", "Sun"
+};
+const char * const Curl_month[] = {
+  "Jan", "Feb", "Mar", "Apr", "May", "Jun",
+  "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"
+};
 #endif
 
 #ifndef CURL_DISABLE_PARSEDATE
-static const char * const weekday[] =
-{ "Monday", "Tuesday", "Wednesday", "Thursday",
-  "Friday", "Saturday", "Sunday" };
+static const char * const weekday[] = {
+  "Monday", "Tuesday", "Wednesday", "Thursday", "Friday", "Saturday", "Sunday"
+};
 
 struct tzinfo {
   char name[5];
@@ -127,83 +129,83 @@ struct tzinfo {
 /* Here's a bunch of frequently used time zone names. These were supported
    by the old getdate parser. */
 #define tDAYZONE -60       /* offset for daylight savings time */
-static const struct tzinfo tz[]= {
-  {"GMT", 0},              /* Greenwich Mean */
-  {"UT",  0},              /* Universal Time */
-  {"UTC", 0},              /* Universal (Coordinated) */
-  {"WET", 0},              /* Western European */
-  {"BST", 0 tDAYZONE},     /* British Summer */
-  {"WAT", 60},             /* West Africa */
-  {"AST", 240},            /* Atlantic Standard */
-  {"ADT", 240 tDAYZONE},   /* Atlantic Daylight */
-  {"EST", 300},            /* Eastern Standard */
-  {"EDT", 300 tDAYZONE},   /* Eastern Daylight */
-  {"CST", 360},            /* Central Standard */
-  {"CDT", 360 tDAYZONE},   /* Central Daylight */
-  {"MST", 420},            /* Mountain Standard */
-  {"MDT", 420 tDAYZONE},   /* Mountain Daylight */
-  {"PST", 480},            /* Pacific Standard */
-  {"PDT", 480 tDAYZONE},   /* Pacific Daylight */
-  {"YST", 540},            /* Yukon Standard */
-  {"YDT", 540 tDAYZONE},   /* Yukon Daylight */
-  {"HST", 600},            /* Hawaii Standard */
-  {"HDT", 600 tDAYZONE},   /* Hawaii Daylight */
-  {"CAT", 600},            /* Central Alaska */
-  {"AHST", 600},           /* Alaska-Hawaii Standard */
-  {"NT",  660},            /* Nome */ /* spellchecker:disable-line */
-  {"IDLW", 720},           /* International Date Line West */
-  {"CET", -60},            /* Central European */
-  {"MET", -60},            /* Middle European */
-  {"MEWT", -60},           /* Middle European Winter */
-  {"MEST", -60 tDAYZONE},  /* Middle European Summer */
-  {"CEST", -60 tDAYZONE},  /* Central European Summer */
-  {"MESZ", -60 tDAYZONE},  /* Middle European Summer */
-  {"FWT", -60},            /* French Winter */
-  {"FST", -60 tDAYZONE},   /* French Summer */
-  {"EET", -120},           /* Eastern Europe, USSR Zone 1 */
-  {"WAST", -420}, /* spellchecker:disable-line */
-                           /* West Australian Standard */
-  {"WADT", -420 tDAYZONE}, /* West Australian Daylight */
-  {"CCT", -480},           /* China Coast, USSR Zone 7 */
-  {"JST", -540},           /* Japan Standard, USSR Zone 8 */
-  {"EAST", -600},          /* Eastern Australian Standard */
-  {"EADT", -600 tDAYZONE}, /* Eastern Australian Daylight */
-  {"GST", -600},           /* Guam Standard, USSR Zone 9 */
-  {"NZT", -720},           /* New Zealand */
-  {"NZST", -720},          /* New Zealand Standard */
-  {"NZDT", -720 tDAYZONE}, /* New Zealand Daylight */
-  {"IDLE", -720},          /* International Date Line East */
+static const struct tzinfo tz[] = {
+  { "GMT",     0 },          /* Greenwich Mean */
+  { "UT",      0 },          /* Universal Time */
+  { "UTC",     0 },          /* Universal (Coordinated) */
+  { "WET",     0 },          /* Western European */
+  { "BST",     0 tDAYZONE }, /* British Summer */
+  { "WAT",    60 },          /* West Africa */
+  { "AST",   240 },          /* Atlantic Standard */
+  { "ADT",   240 tDAYZONE }, /* Atlantic Daylight */
+  { "EST",   300 },          /* Eastern Standard */
+  { "EDT",   300 tDAYZONE }, /* Eastern Daylight */
+  { "CST",   360 },          /* Central Standard */
+  { "CDT",   360 tDAYZONE }, /* Central Daylight */
+  { "MST",   420 },          /* Mountain Standard */
+  { "MDT",   420 tDAYZONE }, /* Mountain Daylight */
+  { "PST",   480 },          /* Pacific Standard */
+  { "PDT",   480 tDAYZONE }, /* Pacific Daylight */
+  { "YST",   540 },          /* Yukon Standard */
+  { "YDT",   540 tDAYZONE }, /* Yukon Daylight */
+  { "HST",   600 },          /* Hawaii Standard */
+  { "HDT",   600 tDAYZONE }, /* Hawaii Daylight */
+  { "CAT",   600 },          /* Central Alaska */
+  { "AHST",  600 },          /* Alaska-Hawaii Standard */
+  { "NT",    660 },          /* Nome */ /* spellchecker:disable-line */
+  { "IDLW",  720 },          /* International Date Line West */
+  { "CET",   -60 },          /* Central European */
+  { "MET",   -60 },          /* Middle European */
+  { "MEWT",  -60 },          /* Middle European Winter */
+  { "MEST",  -60 tDAYZONE }, /* Middle European Summer */
+  { "CEST",  -60 tDAYZONE }, /* Central European Summer */
+  { "MESZ",  -60 tDAYZONE }, /* Middle European Summer */
+  { "FWT",   -60 },          /* French Winter */
+  { "FST",   -60 tDAYZONE }, /* French Summer */
+  { "EET",  -120 },          /* Eastern Europe, USSR Zone 1 */
+  { "WAST", -420 }, /* spellchecker:disable-line */
+                             /* West Australian Standard */
+  { "WADT", -420 tDAYZONE }, /* West Australian Daylight */
+  { "CCT",  -480 },          /* China Coast, USSR Zone 7 */
+  { "JST",  -540 },          /* Japan Standard, USSR Zone 8 */
+  { "EAST", -600 },          /* Eastern Australian Standard */
+  { "EADT", -600 tDAYZONE }, /* Eastern Australian Daylight */
+  { "GST",  -600 },          /* Guam Standard, USSR Zone 9 */
+  { "NZT",  -720 },          /* New Zealand */
+  { "NZST", -720 },          /* New Zealand Standard */
+  { "NZDT", -720 tDAYZONE }, /* New Zealand Daylight */
+  { "IDLE", -720 },          /* International Date Line East */
   /* Next up: Military timezone names. RFC822 allowed these, but (as noted in
      RFC 1123) had their signs wrong. Here we use the correct signs to match
      actual military usage.
    */
-  {"A",  1 * 60},         /* Alpha */
-  {"B",  2 * 60},         /* Bravo */
-  {"C",  3 * 60},         /* Charlie */
-  {"D",  4 * 60},         /* Delta */
-  {"E",  5 * 60},         /* Echo */
-  {"F",  6 * 60},         /* Foxtrot */
-  {"G",  7 * 60},         /* Golf */
-  {"H",  8 * 60},         /* Hotel */
-  {"I",  9 * 60},         /* India */
+  { "A",   1 * 60 },         /* Alpha */
+  { "B",   2 * 60 },         /* Bravo */
+  { "C",   3 * 60 },         /* Charlie */
+  { "D",   4 * 60 },         /* Delta */
+  { "E",   5 * 60 },         /* Echo */
+  { "F",   6 * 60 },         /* Foxtrot */
+  { "G",   7 * 60 },         /* Golf */
+  { "H",   8 * 60 },         /* Hotel */
+  { "I",   9 * 60 },         /* India */
   /* "J", Juliet is not used as a timezone, to indicate the observer's local
      time */
-  {"K", 10 * 60},         /* Kilo */
-  {"L", 11 * 60},         /* Lima */
-  {"M", 12 * 60},         /* Mike */
-  {"N",  -1 * 60},         /* November */
-  {"O",  -2 * 60},         /* Oscar */
-  {"P",  -3 * 60},         /* Papa */
-  {"Q",  -4 * 60},         /* Quebec */
-  {"R",  -5 * 60},         /* Romeo */
-  {"S",  -6 * 60},         /* Sierra */
-  {"T",  -7 * 60},         /* Tango */
-  {"U",  -8 * 60},         /* Uniform */
-  {"V",  -9 * 60},         /* Victor */
-  {"W", -10 * 60},         /* Whiskey */
-  {"X", -11 * 60},         /* X-ray */
-  {"Y", -12 * 60},         /* Yankee */
-  {"Z", 0},                /* Zulu, zero meridian, a.k.a. UTC */
+  { "K",  10 * 60 },         /* Kilo */
+  { "L",  11 * 60 },         /* Lima */
+  { "M",  12 * 60 },         /* Mike */
+  { "N",  -1 * 60 },         /* November */
+  { "O",  -2 * 60 },         /* Oscar */
+  { "P",  -3 * 60 },         /* Papa */
+  { "Q",  -4 * 60 },         /* Quebec */
+  { "R",  -5 * 60 },         /* Romeo */
+  { "S",  -6 * 60 },         /* Sierra */
+  { "T",  -7 * 60 },         /* Tango */
+  { "U",  -8 * 60 },         /* Uniform */
+  { "V",  -9 * 60 },         /* Victor */
+  { "W", -10 * 60 },         /* Whiskey */
+  { "X", -11 * 60 },         /* X-ray */
+  { "Y", -12 * 60 },         /* Yankee */
+  { "Z", 0 },                /* Zulu, zero meridian, a.k.a. UTC */
 };
 
 /* returns:
@@ -260,7 +262,7 @@ static int checktz(const char *check, size_t len)
     size_t ilen = strlen(what->name);
     if((ilen == len) &&
        curl_strnequal(check, what->name, len))
-      return what->offset*60;
+      return what->offset * 60;
     what++;
   }
   return -1;
@@ -286,12 +288,13 @@ enum assume {
 static time_t time2epoch(int sec, int min, int hour,
                          int mday, int mon, int year)
 {
-  static const int month_days_cumulative[12] =
-    { 0, 31, 59, 90, 120, 151, 181, 212, 243, 273, 304, 334 };
+  static const int month_days_cumulative[12] = {
+    0, 31, 59, 90, 120, 151, 181, 212, 243, 273, 304, 334
+  };
   int leap_days = year - (mon <= 1);
   leap_days = ((leap_days / 4) - (leap_days / 100) + (leap_days / 400)
                - (1969 / 4) + (1969 / 100) - (1969 / 400));
-  return ((((time_t) (year - 1970) * 365
+  return ((((time_t)(year - 1970) * 365
             + leap_days + month_days_cumulative[mon] + mday - 1) * 24
            + hour) * 60 + min) * 60 + sec;
 }
@@ -304,13 +307,12 @@ static int oneortwodigit(const char *date, const char **endp)
   int num = date[0] - '0';
   if(ISDIGIT(date[1])) {
     *endp = &date[2];
-    return num*10 + (date[1] - '0');
+    return num * 10 + (date[1] - '0');
   }
   *endp = &date[1];
   return num;
 }
 
-
 /* HH:MM:SS or HH:MM and accept single-digits too */
 static bool match_time(const char *date,
                        int *h, int *m, int *s, char **endp)
@@ -444,11 +446,11 @@ static int parsedate(const char *date, time_t *output)
              anyone has a more authoritative source for the exact maximum time
              zone offsets, please speak up! */
           found = TRUE;
-          tzoff = (val/100 * 60 + val%100)*60;
+          tzoff = (val / 100 * 60 + val % 100) * 60;
 
           /* the + and - prefix indicates the local time compared to GMT,
              this we need their reversed math to get what we want */
-          tzoff = date[-1]=='+' ? -tzoff : tzoff;
+          tzoff = date[-1] == '+' ? -tzoff : tzoff;
         }
 
         else if((num_digits == 8) &&
@@ -457,9 +459,9 @@ static int parsedate(const char *date, time_t *output)
                 (mdaynum == -1)) {
           /* 8 digits, no year, month or day yet. This is YYYYMMDD */
           found = TRUE;
-          yearnum = val/10000;
-          monnum = (val%10000)/100-1; /* month is 0 - 11 */
-          mdaynum = val%100;
+          yearnum = val / 10000;
+          monnum = (val % 10000) / 100 - 1; /* month is 0 - 11 */
+          mdaynum = val % 100;
         }
 
         if(!found && (dignext == DATE_MDAY) && (mdaynum == -1)) {
diff --git a/lib/pingpong.c b/lib/pingpong.c
index 7ac321af72..36acc34a36 100644
--- a/lib/pingpong.c
+++ b/lib/pingpong.c
@@ -214,7 +214,6 @@ CURLcode Curl_pp_vsendf(struct Curl_easy *data,
   return CURLE_OK;
 }
 
-
 /***********************************************************************
  *
  * Curl_pp_sendf()
diff --git a/lib/pingpong.h b/lib/pingpong.h
index bd723b1c9b..5492453d84 100644
--- a/lib/pingpong.h
+++ b/lib/pingpong.h
@@ -71,10 +71,10 @@ struct pingpong {
                          read */
 };
 
-#define PINGPONG_SETUP(pp,s,e)                   \
-  do {                                           \
-    (pp)->statemachine = s;                      \
-    (pp)->endofresp = e;                         \
+#define PINGPONG_SETUP(pp, s, e) \
+  do {                           \
+    (pp)->statemachine = s;      \
+    (pp)->endofresp = e;         \
   } while(0)
 
 /*
@@ -94,7 +94,6 @@ void Curl_pp_init(struct pingpong *pp);
 timediff_t Curl_pp_state_timeout(struct Curl_easy *data,
                                  struct pingpong *pp, bool disconnecting);
 
-
 /***********************************************************************
  *
  * Curl_pp_sendf()
@@ -148,7 +147,6 @@ CURLcode Curl_pp_pollset(struct Curl_easy *data,
                          struct pingpong *pp,
                          struct easy_pollset *ps);
 
-
 /***********************************************************************
  *
  * Curl_pp_moredata()
diff --git a/lib/pop3.c b/lib/pop3.c
index f10108229b..771069b3d4 100644
--- a/lib/pop3.c
+++ b/lib/pop3.c
@@ -84,11 +84,11 @@
 #define POP3_TYPE_SASL      (1 << 2)
 
 /* Authentication type values */
-#define POP3_TYPE_NONE      0
-#define POP3_TYPE_ANY       (POP3_TYPE_CLEARTEXT|POP3_TYPE_APOP|POP3_TYPE_SASL)
+#define POP3_TYPE_NONE 0
+#define POP3_TYPE_ANY  (POP3_TYPE_CLEARTEXT | POP3_TYPE_APOP | POP3_TYPE_SASL)
 
 /* This is the 5-bytes End-Of-Body marker for POP3 */
-#define POP3_EOB "\x0d\x0a\x2e\x0d\x0a"
+#define POP3_EOB     "\x0d\x0a\x2e\x0d\x0a"
 #define POP3_EOB_LEN 5
 
 /* meta key for storing protocol meta at easy handle */
@@ -196,8 +196,7 @@ const struct Curl_handler Curl_handler_pop3 = {
   CURLPROTO_POP3,                   /* protocol */
   CURLPROTO_POP3,                   /* family */
   PROTOPT_CLOSEACTION | PROTOPT_NOURLQUERY | /* flags */
-  PROTOPT_URLOPTIONS | PROTOPT_SSL_REUSE |
-  PROTOPT_CONN_REUSE
+    PROTOPT_URLOPTIONS | PROTOPT_SSL_REUSE | PROTOPT_CONN_REUSE
 };
 
 #ifdef USE_SSL
@@ -228,8 +227,7 @@ const struct Curl_handler Curl_handler_pop3s = {
   CURLPROTO_POP3S,                  /* protocol */
   CURLPROTO_POP3,                   /* family */
   PROTOPT_CLOSEACTION | PROTOPT_SSL | /* flags */
-  PROTOPT_NOURLQUERY | PROTOPT_URLOPTIONS |
-  PROTOPT_CONN_REUSE
+    PROTOPT_NOURLQUERY | PROTOPT_URLOPTIONS | PROTOPT_CONN_REUSE
 };
 #endif
 
@@ -512,7 +510,7 @@ static CURLcode pop3_perform_upgrade_tls(struct Curl_easy *data,
          result, ssldone));
   if(!result && ssldone) {
     pop3c->ssldone = ssldone;
-     /* perform CAPA now, changes pop3c->state out of POP3_UPGRADETLS */
+    /* perform CAPA now, changes pop3c->state out of POP3_UPGRADETLS */
     result = pop3_perform_capa(data, conn);
   }
 out:
@@ -589,10 +587,10 @@ static CURLcode pop3_perform_apop(struct Curl_easy *data,
   if(!ctxt)
     return CURLE_OUT_OF_MEMORY;
 
-  Curl_MD5_update(ctxt, (const unsigned char *) pop3c->apoptimestamp,
+  Curl_MD5_update(ctxt, (const unsigned char *)pop3c->apoptimestamp,
                   curlx_uztoui(strlen(pop3c->apoptimestamp)));
 
-  Curl_MD5_update(ctxt, (const unsigned char *) conn->passwd,
+  Curl_MD5_update(ctxt, (const unsigned char *)conn->passwd,
                   curlx_uztoui(strlen(conn->passwd)));
 
   /* Finalise the digest */
@@ -625,7 +623,7 @@ static CURLcode pop3_perform_auth(struct Curl_easy *data,
   struct pop3_conn *pop3c =
     Curl_conn_meta_get(data->conn, CURL_META_POP3_CONN);
   CURLcode result = CURLE_OK;
-  const char *ir = (const char *) Curl_bufref_ptr(initresp);
+  const char *ir = (const char *)Curl_bufref_ptr(initresp);
 
   if(!pop3c)
     return CURLE_FAILED_INIT;
diff --git a/lib/progress.c b/lib/progress.c
index 7124a307d1..1ae8b5801d 100644
--- a/lib/progress.c
+++ b/lib/progress.c
@@ -87,7 +87,7 @@ static char *max6data(curl_off_t bytes, char *max6)
     /* xxx.yU */
     curl_msnprintf(max6, 7, "%3" CURL_FORMAT_CURL_OFF_T
                    ".%" CURL_FORMAT_CURL_OFF_T "%c", nbytes,
-                   (bytes%1024) / (1024/10), unit[k]);
+                   (bytes % 1024) / (1024 / 10), unit[k]);
   }
   return max6;
 }
@@ -351,7 +351,7 @@ void Curl_pgrsSetUploadSize(struct Curl_easy *data, curl_off_t size)
 
 void Curl_pgrsEarlyData(struct Curl_easy *data, curl_off_t sent)
 {
-    data->progress.earlydata_sent = sent;
+  data->progress.earlydata_sent = sent;
 }
 
 /* returns the average speed in bytes / second */
@@ -360,7 +360,7 @@ static curl_off_t trspeed(curl_off_t size, /* number of bytes */
 {
   if(us < 1)
     return size * 1000000;
-  else if(size < CURL_OFF_T_MAX/1000000)
+  else if(size < CURL_OFF_T_MAX / 1000000)
     return (size * 1000000) / us;
   else if(us >= 1000000)
     return size / (us / 1000000);
@@ -422,18 +422,18 @@ static bool progress_calc(struct Curl_easy *data, struct curltime *pnow)
              ((i_latest + 1) % CURL_SPEED_RECORDS);
 
   /* How much we transferred between oldest and current records */
-  amount = p->speed_amount[i_latest]- p->speed_amount[i_oldest];
+  amount = p->speed_amount[i_latest] - p->speed_amount[i_oldest];
   /* How long this took */
   duration_ms = curlx_timediff_ms(p->speed_time[i_latest],
                                   p->speed_time[i_oldest]);
   if(duration_ms <= 0)
     duration_ms = 1;
 
-  if(amount > (CURL_OFF_T_MAX/1000)) {
+  if(amount > (CURL_OFF_T_MAX / 1000)) {
     /* the 'amount' value is bigger than would fit in 64 bits if
        multiplied with 1000, so we use the double math for this */
-    p->current_speed = (curl_off_t)
-      (((double)amount * 1000.0)/(double)duration_ms);
+    p->current_speed =
+      (curl_off_t)(((double)amount * 1000.0) / (double)duration_ms);
   }
   else {
     /* the 'amount' value is small enough to fit within 32 bits even
@@ -459,7 +459,7 @@ static curl_off_t pgrs_est_percent(curl_off_t total, curl_off_t cur)
   if(total > 10000)
     return cur / (total / 100);
   else if(total > 0)
-    return (cur*100) / total;
+    return (cur * 100) / total;
   return 0;
 }
 
@@ -488,7 +488,7 @@ static void progress_meter(struct Curl_easy *data)
   char time_left[10];
   char time_total[10];
   char time_spent[10];
-  curl_off_t cur_secs = (curl_off_t)p->timespent/1000000; /* seconds */
+  curl_off_t cur_secs = (curl_off_t)p->timespent / 1000000; /* seconds */
 
   if(!p->headers_out) {
     if(data->state.resume_from) {
@@ -516,11 +516,9 @@ static void progress_meter(struct Curl_easy *data)
   time2str(time_spent, cur_secs);
 
   /* Get the total amount of data expected to get transferred */
-  total_expected_size =
-    p->ul_size_known ? p->ul.total_size : p->ul.cur_size;
+  total_expected_size = p->ul_size_known ? p->ul.total_size : p->ul.cur_size;
 
-  dl_size =
-    p->dl_size_known ? p->dl.total_size : p->dl.cur_size;
+  dl_size = p->dl_size_known ? p->dl.total_size : p->dl.cur_size;
 
   /* integer overflow check */
   if((CURL_OFF_T_MAX - total_expected_size) < dl_size)
@@ -561,7 +559,6 @@ static void progress_meter(struct Curl_easy *data)
 #define progress_meter(x) Curl_nop_stmt
 #endif
 
-
 /*
  * Curl_pgrsUpdate() returns 0 for success or the value returned by the
  * progress callback!
diff --git a/lib/psl.c b/lib/psl.c
index 5bf96d09bd..0be51e4402 100644
--- a/lib/psl.c
+++ b/lib/psl.c
@@ -91,7 +91,7 @@ const psl_ctx_t *Curl_psl_use(struct Curl_easy *easy)
         pslcache->expires = expires;
       }
     }
-    Curl_share_unlock(easy, CURL_LOCK_DATA_PSL);  /* Release exclusive lock. */
+    Curl_share_unlock(easy, CURL_LOCK_DATA_PSL); /* Release exclusive lock. */
     Curl_share_lock(easy, CURL_LOCK_DATA_PSL, CURL_LOCK_ACCESS_SHARED);
   }
   psl = pslcache->psl;
diff --git a/lib/rand.c b/lib/rand.c
index 8c5a2cf71e..88324e918a 100644
--- a/lib/rand.c
+++ b/lib/rand.c
@@ -227,8 +227,7 @@ CURLcode Curl_rand_bytes(struct Curl_easy *data,
  * size.
  */
 
-CURLcode Curl_rand_hex(struct Curl_easy *data, unsigned char *rnd,
-                       size_t num)
+CURLcode Curl_rand_hex(struct Curl_easy *data, unsigned char *rnd, size_t num)
 {
   CURLcode result = CURLE_BAD_FUNCTION_ARGUMENT;
   unsigned char buffer[128];
@@ -240,7 +239,7 @@ CURLcode Curl_rand_hex(struct Curl_easy *data, unsigned char *rnd,
   memset(buffer, 0, sizeof(buffer));
 #endif
 
-  if((num/2 >= sizeof(buffer)) || !(num&1)) {
+  if((num / 2 >= sizeof(buffer)) || !(num & 1)) {
     /* make sure it fits in the local buffer and that it is an odd number! */
     DEBUGF(infof(data, "invalid buffer size with Curl_rand_hex"));
     return CURLE_BAD_FUNCTION_ARGUMENT;
@@ -248,11 +247,11 @@ CURLcode Curl_rand_hex(struct Curl_easy *data, unsigned char *rnd,
 
   num--; /* save one for null-termination */
 
-  result = Curl_rand(data, buffer, num/2);
+  result = Curl_rand(data, buffer, num / 2);
   if(result)
     return result;
 
-  Curl_hexencode(buffer, num/2, rnd, num + 1);
+  Curl_hexencode(buffer, num / 2, rnd, num + 1);
   return result;
 }
 
diff --git a/lib/rand.h b/lib/rand.h
index 2ba60e7297..674cb6ee20 100644
--- a/lib/rand.h
+++ b/lib/rand.h
@@ -31,9 +31,9 @@ CURLcode Curl_rand_bytes(struct Curl_easy *data,
                          unsigned char *rnd, size_t num);
 
 #ifdef DEBUGBUILD
-#define Curl_rand(a,b,c)   Curl_rand_bytes((a), TRUE, (b), (c))
+#define Curl_rand(a, b, c) Curl_rand_bytes((a), TRUE, (b), (c))
 #else
-#define Curl_rand(a,b,c)   Curl_rand_bytes((a), (b), (c))
+#define Curl_rand(a, b, c) Curl_rand_bytes((a), (b), (c))
 #endif
 
 /*
@@ -41,8 +41,7 @@ CURLcode Curl_rand_bytes(struct Curl_easy *data,
  * hexadecimal digits PLUS a null-terminating byte. It must be an odd number
  * size.
  */
-CURLcode Curl_rand_hex(struct Curl_easy *data, unsigned char *rnd,
-                       size_t num);
+CURLcode Curl_rand_hex(struct Curl_easy *data, unsigned char *rnd, size_t num);
 
 /*
  * Curl_rand_alnum() fills the 'rnd' buffer with a given 'num' size with random
diff --git a/lib/ratelimit.c b/lib/ratelimit.c
index c3593d5937..7e3592506a 100644
--- a/lib/ratelimit.c
+++ b/lib/ratelimit.c
@@ -28,7 +28,7 @@
 #include "ratelimit.h"
 
 
-#define CURL_US_PER_SEC      1000000
+#define CURL_US_PER_SEC       1000000
 #define CURL_RLIMIT_MIN_CHUNK (16 * 1024)
 #define CURL_RLIMIT_MAX_STEPS 2   /* 500ms interval */
 
diff --git a/lib/request.c b/lib/request.c
index 581d7d1453..fa83380878 100644
--- a/lib/request.c
+++ b/lib/request.c
@@ -111,7 +111,7 @@ CURLcode Curl_req_done(struct SingleRequest *req,
 
 void Curl_req_hard_reset(struct SingleRequest *req, struct Curl_easy *data)
 {
-  struct curltime t0 = {0, 0};
+  struct curltime t0 = { 0, 0 };
 
   Curl_safefree(req->newurl);
   Curl_client_reset(data);
@@ -473,6 +473,6 @@ CURLcode Curl_req_stop_send_recv(struct Curl_easy *data)
   CURLcode result = CURLE_OK;
   if(data->req.keepon & KEEP_SEND)
     result = Curl_req_abort_sending(data);
-  data->req.keepon &= ~(KEEP_RECV|KEEP_SEND);
+  data->req.keepon &= ~(KEEP_RECV | KEEP_SEND);
   return result;
 }
diff --git a/lib/request.h b/lib/request.h
index 0f9e0a6ff4..5b0d146028 100644
--- a/lib/request.h
+++ b/lib/request.h
@@ -48,7 +48,6 @@ enum upgrade101 {
   UPGR101_RECEIVED            /* 101 response received */
 };
 
-
 /*
  * Request specific data in the easy handle (Curl_easy). Previously,
  * these members were on the connectdata struct but since a conn struct may
diff --git a/lib/rtsp.c b/lib/rtsp.c
index 5a46dc62c4..ee5d822a54 100644
--- a/lib/rtsp.c
+++ b/lib/rtsp.c
@@ -117,11 +117,10 @@ static CURLcode rtsp_do_pollset(struct Curl_easy *data,
   return Curl_pollset_add_out(data, ps, data->conn->sock[FIRSTSOCKET]);
 }
 
-static
-CURLcode rtp_client_write(struct Curl_easy *data, const char *ptr, size_t len);
-static
-CURLcode rtsp_parse_transport(struct Curl_easy *data, const char *transport);
-
+static CURLcode rtp_client_write(struct Curl_easy *data, const char *ptr,
+                                 size_t len);
+static CURLcode rtsp_parse_transport(struct Curl_easy *data,
+                                     const char *transport);
 
 /*
  * RTSP handler interface.
@@ -191,7 +190,6 @@ static CURLcode rtsp_setup_connection(struct Curl_easy *data,
   return CURLE_OK;
 }
 
-
 /*
  * Function to check on various aspects of a connection.
  */
@@ -211,7 +209,6 @@ static unsigned int rtsp_conncheck(struct Curl_easy *data,
   return ret_val;
 }
 
-
 static CURLcode rtsp_connect(struct Curl_easy *data, bool *done)
 {
   struct rtsp_conn *rtspc =
@@ -274,7 +271,6 @@ static CURLcode rtsp_done(struct Curl_easy *data,
   return httpStatus;
 }
 
-
 static CURLcode rtsp_setup_body(struct Curl_easy *data,
                                 Curl_RtspReq rtspreq,
                                 struct dynbuf *reqp)
@@ -324,9 +320,8 @@ static CURLcode rtsp_setup_body(struct Curl_easy *data,
       if(rtspreq == RTSPREQ_SET_PARAMETER ||
          rtspreq == RTSPREQ_GET_PARAMETER) {
         if(!Curl_checkheaders(data, STRCONST("Content-Type"))) {
-          result = curlx_dyn_addn(reqp,
-                                  STRCONST("Content-Type: "
-                                           "text/parameters\r\n"));
+          result = curlx_dyn_addn(reqp, STRCONST("Content-Type: "
+                                                 "text/parameters\r\n"));
           if(result)
             return result;
         }
@@ -334,9 +329,8 @@ static CURLcode rtsp_setup_body(struct Curl_easy *data,
 
       if(rtspreq == RTSPREQ_ANNOUNCE) {
         if(!Curl_checkheaders(data, STRCONST("Content-Type"))) {
-          result = curlx_dyn_addn(reqp,
-                                  STRCONST("Content-Type: "
-                                           "application/sdp\r\n"));
+          result = curlx_dyn_addn(reqp, STRCONST("Content-Type: "
+                                                 "application/sdp\r\n"));
           if(result)
             return result;
         }
@@ -931,7 +925,7 @@ static CURLcode rtsp_rtp_write_resp(struct Curl_easy *data,
                blen, rtspc->in_header, data->req.done, rtspc->state,
                data->req.size));
   if(!result && (is_eos || blen)) {
-    result = Curl_client_write(data, CLIENTWRITE_BODY|
+    result = Curl_client_write(data, CLIENTWRITE_BODY |
                                (is_eos ? CLIENTWRITE_EOS : 0), buf, blen);
   }
 
@@ -954,8 +948,8 @@ static CURLcode rtsp_rtp_write_resp_hd(struct Curl_easy *data,
   return rtsp_rtp_write_resp(data, buf, blen, is_eos);
 }
 
-static
-CURLcode rtp_client_write(struct Curl_easy *data, const char *ptr, size_t len)
+static CURLcode rtp_client_write(struct Curl_easy *data, const char *ptr,
+                                 size_t len)
 {
   size_t wrote;
   curl_write_callback writeit;
@@ -1066,8 +1060,8 @@ CURLcode Curl_rtsp_parseheader(struct Curl_easy *data, const char *header)
   return CURLE_OK;
 }
 
-static
-CURLcode rtsp_parse_transport(struct Curl_easy *data, const char *transport)
+static CURLcode rtsp_parse_transport(struct Curl_easy *data,
+                                     const char *transport)
 {
   /* If we receive multiple Transport response-headers, the linterleaved
      channels of each response header is recorded and used together for
@@ -1109,5 +1103,4 @@ CURLcode rtsp_parse_transport(struct Curl_easy *data, const char *transport)
   return CURLE_OK;
 }
 
-
 #endif /* CURL_DISABLE_RTSP */
diff --git a/lib/rtsp.h b/lib/rtsp.h
index 59f20a9f16..7b42efde28 100644
--- a/lib/rtsp.h
+++ b/lib/rtsp.h
@@ -32,7 +32,7 @@ CURLcode Curl_rtsp_parseheader(struct Curl_easy *data, const char *header);
 
 #else
 /* disabled */
-#define Curl_rtsp_parseheader(x,y) CURLE_NOT_BUILT_IN
+#define Curl_rtsp_parseheader(x, y) CURLE_NOT_BUILT_IN
 
 #endif /* CURL_DISABLE_RTSP */
 
diff --git a/lib/select.c b/lib/select.c
index 5692fc020d..52dfa7376d 100644
--- a/lib/select.c
+++ b/lib/select.c
@@ -146,19 +146,19 @@ int Curl_socket_check(curl_socket_t readfd0, /* two sockets to read from */
   num = 0;
   if(readfd0 != CURL_SOCKET_BAD) {
     pfd[num].fd = readfd0;
-    pfd[num].events = POLLRDNORM|POLLIN|POLLRDBAND|POLLPRI;
+    pfd[num].events = POLLRDNORM | POLLIN | POLLRDBAND | POLLPRI;
     pfd[num].revents = 0;
     num++;
   }
   if(readfd1 != CURL_SOCKET_BAD) {
     pfd[num].fd = readfd1;
-    pfd[num].events = POLLRDNORM|POLLIN|POLLRDBAND|POLLPRI;
+    pfd[num].events = POLLRDNORM | POLLIN | POLLRDBAND | POLLPRI;
     pfd[num].revents = 0;
     num++;
   }
   if(writefd != CURL_SOCKET_BAD) {
     pfd[num].fd = writefd;
-    pfd[num].events = POLLWRNORM|POLLOUT|POLLPRI;
+    pfd[num].events = POLLWRNORM | POLLOUT | POLLPRI;
     pfd[num].revents = 0;
     num++;
   }
@@ -170,23 +170,23 @@ int Curl_socket_check(curl_socket_t readfd0, /* two sockets to read from */
   r = 0;
   num = 0;
   if(readfd0 != CURL_SOCKET_BAD) {
-    if(pfd[num].revents & (POLLRDNORM|POLLIN|POLLERR|POLLHUP))
+    if(pfd[num].revents & (POLLRDNORM | POLLIN | POLLERR | POLLHUP))
       r |= CURL_CSELECT_IN;
-    if(pfd[num].revents & (POLLPRI|POLLNVAL))
+    if(pfd[num].revents & (POLLPRI | POLLNVAL))
       r |= CURL_CSELECT_ERR;
     num++;
   }
   if(readfd1 != CURL_SOCKET_BAD) {
-    if(pfd[num].revents & (POLLRDNORM|POLLIN|POLLERR|POLLHUP))
+    if(pfd[num].revents & (POLLRDNORM | POLLIN | POLLERR | POLLHUP))
       r |= CURL_CSELECT_IN2;
-    if(pfd[num].revents & (POLLPRI|POLLNVAL))
+    if(pfd[num].revents & (POLLPRI | POLLNVAL))
       r |= CURL_CSELECT_ERR;
     num++;
   }
   if(writefd != CURL_SOCKET_BAD) {
-    if(pfd[num].revents & (POLLWRNORM|POLLOUT))
+    if(pfd[num].revents & (POLLWRNORM | POLLOUT))
       r |= CURL_CSELECT_OUT;
-    if(pfd[num].revents & (POLLERR|POLLHUP|POLLPRI|POLLNVAL))
+    if(pfd[num].revents & (POLLERR | POLLHUP | POLLPRI | POLLNVAL))
       r |= CURL_CSELECT_ERR;
   }
 
@@ -265,7 +265,7 @@ int Curl_poll(struct pollfd ufds[], unsigned int nfds, timediff_t timeout_ms)
     if(ufds[i].revents & POLLHUP)
       ufds[i].revents |= POLLIN;
     if(ufds[i].revents & POLLERR)
-      ufds[i].revents |= POLLIN|POLLOUT;
+      ufds[i].revents |= POLLIN | POLLOUT;
   }
 
 #else  /* HAVE_POLL */
@@ -280,15 +280,15 @@ int Curl_poll(struct pollfd ufds[], unsigned int nfds, timediff_t timeout_ms)
     if(ufds[i].fd == CURL_SOCKET_BAD)
       continue;
     VERIFY_SOCK(ufds[i].fd);
-    if(ufds[i].events & (POLLIN|POLLOUT|POLLPRI|
-                         POLLRDNORM|POLLWRNORM|POLLRDBAND)) {
+    if(ufds[i].events & (POLLIN |POLLOUT |POLLPRI |
+                         POLLRDNORM | POLLWRNORM | POLLRDBAND)) {
       if(ufds[i].fd > maxfd)
         maxfd = ufds[i].fd;
-      if(ufds[i].events & (POLLRDNORM|POLLIN))
+      if(ufds[i].events & (POLLRDNORM | POLLIN))
         FD_SET(ufds[i].fd, &fds_read);
-      if(ufds[i].events & (POLLWRNORM|POLLOUT))
+      if(ufds[i].events & (POLLWRNORM | POLLOUT))
         FD_SET(ufds[i].fd, &fds_write);
-      if(ufds[i].events & (POLLRDBAND|POLLPRI))
+      if(ufds[i].events & (POLLRDBAND | POLLPRI))
         FD_SET(ufds[i].fd, &fds_err);
     }
   }
@@ -579,9 +579,9 @@ CURLcode Curl_pollset_change(struct Curl_easy *data,
   if(!VALID_SOCK(sock))
     return CURLE_BAD_FUNCTION_ARGUMENT;
 
-  DEBUGASSERT(add_flags <= (CURL_POLL_IN|CURL_POLL_OUT));
-  DEBUGASSERT(remove_flags <= (CURL_POLL_IN|CURL_POLL_OUT));
-  DEBUGASSERT((add_flags&remove_flags) == 0); /* no overlap */
+  DEBUGASSERT(add_flags <= (CURL_POLL_IN | CURL_POLL_OUT));
+  DEBUGASSERT(remove_flags <= (CURL_POLL_IN | CURL_POLL_OUT));
+  DEBUGASSERT((add_flags & remove_flags) == 0); /* no overlap */
   for(i = 0; i < ps->n; ++i) {
     if(ps->sockets[i] == sock) {
       ps->actions[i] &= (unsigned char)(~remove_flags);
diff --git a/lib/select.h b/lib/select.h
index fb54686af3..c5f1c59be0 100644
--- a/lib/select.h
+++ b/lib/select.h
@@ -47,11 +47,10 @@
 #define POLLHUP     0x10
 #define POLLNVAL    0x20
 
-struct pollfd
-{
-    curl_socket_t fd;
-    short   events;
-    short   revents;
+struct pollfd {
+  curl_socket_t fd;
+  short events;
+  short revents;
 };
 
 #endif
@@ -76,9 +75,9 @@ struct pollfd
 int Curl_socket_check(curl_socket_t readfd, curl_socket_t readfd2,
                       curl_socket_t writefd,
                       timediff_t timeout_ms);
-#define SOCKET_READABLE(x,z) \
+#define SOCKET_READABLE(x, z)                               \
   Curl_socket_check(x, CURL_SOCKET_BAD, CURL_SOCKET_BAD, z)
-#define SOCKET_WRITABLE(x,z) \
+#define SOCKET_WRITABLE(x, z)                               \
   Curl_socket_check(CURL_SOCKET_BAD, CURL_SOCKET_BAD, x, z)
 
 int Curl_poll(struct pollfd ufds[], unsigned int nfds, timediff_t timeout_ms);
@@ -90,32 +89,33 @@ int Curl_poll(struct pollfd ufds[], unsigned int nfds, timediff_t timeout_ms);
 #ifdef USE_WINSOCK
 #define VALID_SOCK(s) ((s) < INVALID_SOCKET)
 #define FDSET_SOCK(x) 1
-#define VERIFY_SOCK(x) do { \
-  if(!VALID_SOCK(x)) { \
-    SET_SOCKERRNO(SOCKEINVAL); \
-    return -1; \
-  } \
-} while(0)
+#define VERIFY_SOCK(x)           \
+  do {                           \
+    if(!VALID_SOCK(x)) {         \
+      SET_SOCKERRNO(SOCKEINVAL); \
+      return -1;                 \
+    }                            \
+  } while(0)
 #else
 #define VALID_SOCK(s) ((s) >= 0)
 
 /* If the socket is small enough to get set or read from an fdset */
 #define FDSET_SOCK(s) ((s) < FD_SETSIZE)
 
-#define VERIFY_SOCK(x) do {                     \
-    if(!VALID_SOCK(x) || !FDSET_SOCK(x)) {      \
-      SET_SOCKERRNO(SOCKEINVAL);                \
-      return -1;                                \
-    }                                           \
+#define VERIFY_SOCK(x)                     \
+  do {                                     \
+    if(!VALID_SOCK(x) || !FDSET_SOCK(x)) { \
+      SET_SOCKERRNO(SOCKEINVAL);           \
+      return -1;                           \
+    }                                      \
   } while(0)
 #endif
 
-
 /* Keep the sockets to poll for an easy handle.
  * `actions` are bitmaps of CURL_POLL_IN and CURL_POLL_OUT.
  * Starts with small capacity, grows on demand.
  */
-#define EZ_POLLSET_DEF_COUNT    2
+#define EZ_POLLSET_DEF_COUNT 2
 
 struct easy_pollset {
   curl_socket_t *sockets;
@@ -133,7 +133,6 @@ struct easy_pollset {
 #define CURL_EASY_POLLSET_MAGIC  0x7a657370
 #endif
 
-
 /* allocate and initialise */
 struct easy_pollset *Curl_pollset_create(void);
 
@@ -162,22 +161,22 @@ CURLcode Curl_pollset_set(struct Curl_easy *data,
                           bool do_in, bool do_out) WARN_UNUSED_RESULT;
 
 #define Curl_pollset_add_in(data, ps, sock) \
-          Curl_pollset_change((data), (ps), (sock), CURL_POLL_IN, 0)
+  Curl_pollset_change((data), (ps), (sock), CURL_POLL_IN, 0)
 #define Curl_pollset_remove_in(data, ps, sock) \
-          Curl_pollset_change((data), (ps), (sock), 0, CURL_POLL_IN)
+  Curl_pollset_change((data), (ps), (sock), 0, CURL_POLL_IN)
 #define Curl_pollset_add_out(data, ps, sock) \
-          Curl_pollset_change((data), (ps), (sock), CURL_POLL_OUT, 0)
+  Curl_pollset_change((data), (ps), (sock), CURL_POLL_OUT, 0)
 #define Curl_pollset_remove_out(data, ps, sock) \
-          Curl_pollset_change((data), (ps), (sock), 0, CURL_POLL_OUT)
+  Curl_pollset_change((data), (ps), (sock), 0, CURL_POLL_OUT)
 #define Curl_pollset_add_inout(data, ps, sock) \
-          Curl_pollset_change((data), (ps), (sock), \
-                               CURL_POLL_IN|CURL_POLL_OUT, 0)
+  Curl_pollset_change((data), (ps), (sock), \
+                       CURL_POLL_IN | CURL_POLL_OUT, 0)
 #define Curl_pollset_set_in_only(data, ps, sock) \
-          Curl_pollset_change((data), (ps), (sock), \
-                               CURL_POLL_IN, CURL_POLL_OUT)
+  Curl_pollset_change((data), (ps), (sock), \
+                       CURL_POLL_IN, CURL_POLL_OUT)
 #define Curl_pollset_set_out_only(data, ps, sock) \
-          Curl_pollset_change((data), (ps), (sock), \
-                               CURL_POLL_OUT, CURL_POLL_IN)
+  Curl_pollset_change((data), (ps), (sock), \
+                       CURL_POLL_OUT, CURL_POLL_IN)
 
 /* return < = on error, 0 on timeout or how many sockets are ready */
 int Curl_pollset_poll(struct Curl_easy *data,
diff --git a/lib/sendf.c b/lib/sendf.c
index 1d73291c92..f4a816e231 100644
--- a/lib/sendf.c
+++ b/lib/sendf.c
@@ -69,13 +69,14 @@ CURLcode Curl_client_write(struct Curl_easy *data,
   CURLcode result;
 
   /* it is one of those, at least */
-  DEBUGASSERT(type & (CLIENTWRITE_BODY|CLIENTWRITE_HEADER|CLIENTWRITE_INFO));
+  DEBUGASSERT(type &
+              (CLIENTWRITE_BODY | CLIENTWRITE_HEADER | CLIENTWRITE_INFO));
   /* BODY is only BODY (with optional EOS) */
   DEBUGASSERT(!(type & CLIENTWRITE_BODY) ||
-              ((type & ~(CLIENTWRITE_BODY|CLIENTWRITE_EOS)) == 0));
+              ((type & ~(CLIENTWRITE_BODY | CLIENTWRITE_EOS)) == 0));
   /* INFO is only INFO (with optional EOS) */
   DEBUGASSERT(!(type & CLIENTWRITE_INFO) ||
-              ((type & ~(CLIENTWRITE_INFO|CLIENTWRITE_EOS)) == 0));
+              ((type & ~(CLIENTWRITE_INFO | CLIENTWRITE_EOS)) == 0));
 
   if(!data->req.writer_stack) {
     result = do_init_writer_stack(data);
@@ -227,7 +228,7 @@ static CURLcode cw_download_write(struct Curl_easy *data,
   bool is_connect = !!(type & CLIENTWRITE_CONNECT);
 
   if(!ctx->started_response &&
-     !(type & (CLIENTWRITE_INFO|CLIENTWRITE_CONNECT))) {
+     !(type & (CLIENTWRITE_INFO | CLIENTWRITE_CONNECT))) {
     Curl_pgrsTime(data, TIMER_STARTTRANSFER);
     Curl_rlimit_start(&data->progress.dl.rlimit, curlx_now());
     ctx->started_response = TRUE;
@@ -784,7 +785,7 @@ static CURLcode cr_in_resume_from(struct Curl_easy *data,
     }
     /* when seekerr == CURL_SEEKFUNC_CANTSEEK (cannot seek to offset) */
     do {
-      char scratch[4*1024];
+      char scratch[4 * 1024];
       size_t readthisamountnow =
         (offset - passed > (curl_off_t)sizeof(scratch)) ?
         sizeof(scratch) :
@@ -1089,8 +1090,7 @@ static CURLcode cr_lc_add(struct Curl_easy *data)
   struct Curl_creader *reader = NULL;
   CURLcode result;
 
-  result = Curl_creader_create(&reader, data, &cr_lc,
-                               CURL_CR_CONTENT_ENCODE);
+  result = Curl_creader_create(&reader, data, &cr_lc, CURL_CR_CONTENT_ENCODE);
   if(!result)
     result = Curl_creader_add(data, reader);
 
@@ -1481,5 +1481,4 @@ struct Curl_creader *Curl_creader_get_by_type(struct Curl_easy *data,
       return r;
   }
   return NULL;
-
 }
diff --git a/lib/sendf.h b/lib/sendf.h
index 3a6dccba6a..7b983c5271 100644
--- a/lib/sendf.h
+++ b/lib/sendf.h
@@ -42,15 +42,15 @@
  * BODY, INFO and HEADER should not be mixed, as this would lead to
  * confusion on how to interpret/format/convert the data.
  */
-#define CLIENTWRITE_BODY    (1<<0) /* non-meta information, BODY */
-#define CLIENTWRITE_INFO    (1<<1) /* meta information, not a HEADER */
-#define CLIENTWRITE_HEADER  (1<<2) /* meta information, HEADER */
-#define CLIENTWRITE_STATUS  (1<<3) /* a special status HEADER */
-#define CLIENTWRITE_CONNECT (1<<4) /* a CONNECT related HEADER */
-#define CLIENTWRITE_1XX     (1<<5) /* a 1xx response related HEADER */
-#define CLIENTWRITE_TRAILER (1<<6) /* a trailer HEADER */
-#define CLIENTWRITE_EOS     (1<<7) /* End Of transfer download Stream */
-#define CLIENTWRITE_0LEN    (1<<8) /* write even 0-length buffers */
+#define CLIENTWRITE_BODY    (1 << 0) /* non-meta information, BODY */
+#define CLIENTWRITE_INFO    (1 << 1) /* meta information, not a HEADER */
+#define CLIENTWRITE_HEADER  (1 << 2) /* meta information, HEADER */
+#define CLIENTWRITE_STATUS  (1 << 3) /* a special status HEADER */
+#define CLIENTWRITE_CONNECT (1 << 4) /* a CONNECT related HEADER */
+#define CLIENTWRITE_1XX     (1 << 5) /* a 1xx response related HEADER */
+#define CLIENTWRITE_TRAILER (1 << 6) /* a trailer HEADER */
+#define CLIENTWRITE_EOS     (1 << 7) /* End Of transfer download Stream */
+#define CLIENTWRITE_0LEN    (1 << 8) /* write even 0-length buffers */
 
 /* Forward declarations */
 struct Curl_creader;
@@ -206,7 +206,6 @@ CURLcode Curl_cwriter_def_write(struct Curl_easy *data,
 void Curl_cwriter_def_close(struct Curl_easy *data,
                             struct Curl_cwriter *writer);
 
-
 typedef enum {
   CURL_CRCNTRL_REWIND,
   CURL_CRCNTRL_UNPAUSE,
@@ -407,7 +406,6 @@ void Curl_creader_done(struct Curl_easy *data, int premature);
 struct Curl_creader *Curl_creader_get_by_type(struct Curl_easy *data,
                                               const struct Curl_crtype *crt);
 
-
 /**
  * Set the client reader to provide 0 bytes, immediate EOS.
  */
diff --git a/lib/setopt.c b/lib/setopt.c
index b4ca361ce3..0a377be1f1 100644
--- a/lib/setopt.c
+++ b/lib/setopt.c
@@ -59,8 +59,8 @@ static CURLcode setopt_set_timeout_sec(timediff_t *ptimeout_ms, long secs)
 {
   if(secs < 0)
     return CURLE_BAD_FUNCTION_ARGUMENT;
-#if LONG_MAX > (TIMEDIFF_T_MAX/1000)
-  if(secs > (TIMEDIFF_T_MAX/1000)) {
+#if LONG_MAX > (TIMEDIFF_T_MAX / 1000)
+  if(secs > (TIMEDIFF_T_MAX / 1000)) {
     *ptimeout_ms = TIMEDIFF_T_MAX;
     return CURLE_OK;
   }
@@ -193,7 +193,7 @@ static CURLcode setstropt_interface(char *option, char **devp,
   return CURLE_OK;
 }
 
-#define C_SSLVERSION_VALUE(x) (x & 0xffff)
+#define C_SSLVERSION_VALUE(x)     (x & 0xffff)
 #define C_SSLVERSION_MAX_VALUE(x) ((unsigned long)x & 0xffff0000)
 
 static CURLcode protocol2num(const char *str, curl_prot_t *val)
@@ -208,7 +208,7 @@ static CURLcode protocol2num(const char *str, curl_prot_t *val)
     return CURLE_BAD_FUNCTION_ARGUMENT;
 
   if(curl_strequal(str, "all")) {
-    *val = ~(curl_prot_t) 0;
+    *val = ~(curl_prot_t)0;
     return CURLE_OK;
   }
 
@@ -217,7 +217,7 @@ static CURLcode protocol2num(const char *str, curl_prot_t *val)
     size_t tlen;
 
     str = strchr(str, ',');
-    tlen = str ? (size_t) (str - token) : strlen(token);
+    tlen = str ? (size_t)(str - token) : strlen(token);
     if(tlen) {
       const struct Curl_handler *h = Curl_getn_scheme_handler(token, tlen);
 
@@ -256,7 +256,7 @@ static CURLcode httpauth(struct Curl_easy *data, bool proxy,
 
     /* switch off bits we cannot support */
 #ifndef USE_NTLM
-    auth &= ~CURLAUTH_NTLM;    /* no NTLM support */
+    auth &= ~CURLAUTH_NTLM; /* no NTLM support */
 #endif
 #ifndef USE_SPNEGO
     auth &= ~CURLAUTH_NEGOTIATE; /* no Negotiate (SPNEGO) auth without GSS-API
@@ -787,8 +787,7 @@ static CURLcode setopt_bool(struct Curl_easy *data, CURLoption option,
   case CURLOPT_SSL_SESSIONID_CACHE:
     s->ssl.primary.cache_session = enabled;
 #ifndef CURL_DISABLE_PROXY
-    s->proxy_ssl.primary.cache_session =
-      s->ssl.primary.cache_session;
+    s->proxy_ssl.primary.cache_session = s->ssl.primary.cache_session;
 #endif
     break;
 #ifdef USE_SSH
@@ -810,7 +809,7 @@ static CURLcode setopt_bool(struct Curl_easy *data, CURLoption option,
     s->tcp_keepalive = enabled;
     break;
   case CURLOPT_TCP_FASTOPEN:
-#if defined(CONNECT_DATA_IDEMPOTENT) || defined(MSG_FASTOPEN) ||        \
+#if defined(CONNECT_DATA_IDEMPOTENT) || defined(MSG_FASTOPEN) || \
   defined(TCP_FASTOPEN_CONNECT)
     s->tcp_fastopen = enabled;
     break;
@@ -1099,7 +1098,7 @@ static CURLcode setopt_long(struct Curl_easy *data, CURLoption option,
 #ifdef HAVE_GSSAPI
   case CURLOPT_GSSAPI_DELEGATION:
     s->gssapi_delegation = (unsigned char)uarg &
-      (CURLGSSAPI_DELEGATION_POLICY_FLAG|CURLGSSAPI_DELEGATION_FLAG);
+      (CURLGSSAPI_DELEGATION_POLICY_FLAG | CURLGSSAPI_DELEGATION_FLAG);
     break;
 #endif
 
@@ -1145,7 +1144,7 @@ static CURLcode setopt_long(struct Curl_easy *data, CURLoption option,
   case CURLOPT_IPRESOLVE:
     if((arg < CURL_IPRESOLVE_WHATEVER) || (arg > CURL_IPRESOLVE_V6))
       return CURLE_BAD_FUNCTION_ARGUMENT;
-    s->ipver = (unsigned char) arg;
+    s->ipver = (unsigned char)arg;
     break;
 
   case CURLOPT_CONNECT_ONLY:
@@ -1413,8 +1412,8 @@ static CURLcode setopt_pointers(struct Curl_easy *data, CURLoption option,
     break;
 #endif /* ! CURL_DISABLE_FORM_API */
 #endif /* ! CURL_DISABLE_HTTP */
-#if !defined(CURL_DISABLE_HTTP) || !defined(CURL_DISABLE_SMTP) ||       \
-    !defined(CURL_DISABLE_IMAP)
+#if !defined(CURL_DISABLE_HTTP) || !defined(CURL_DISABLE_SMTP) || \
+  !defined(CURL_DISABLE_IMAP)
 # ifndef CURL_DISABLE_MIME
   case CURLOPT_MIMEPOST:
     /*
@@ -1444,8 +1443,7 @@ static CURLcode setopt_pointers(struct Curl_easy *data, CURLoption option,
     if(!s->err)
       s->err = stderr;
     break;
-  case CURLOPT_SHARE:
-  {
+  case CURLOPT_SHARE: {
     struct Curl_share *set = va_arg(param, struct Curl_share *);
 
     /* disconnect from old share, if any */
@@ -1492,7 +1490,7 @@ static CURLcode setopt_pointers(struct Curl_easy *data, CURLoption option,
         /* enable cookies since we now use a share that uses cookies! */
         data->cookies = data->share->cookies;
       }
-#endif   /* CURL_DISABLE_HTTP */
+#endif /* CURL_DISABLE_HTTP */
 #ifndef CURL_DISABLE_HSTS
       if(data->share->hsts) {
         /* first free the private one if any */
@@ -1509,8 +1507,8 @@ static CURLcode setopt_pointers(struct Curl_easy *data, CURLoption option,
     }
     /* check for host cache not needed,
      * it will be done by curl_easy_perform */
+    break;
   }
-  break;
 
 #ifdef USE_HTTP2
   case CURLOPT_STREAM_DEPENDS:
@@ -1530,8 +1528,7 @@ static CURLcode setopt_pointers(struct Curl_easy *data, CURLoption option,
 }
 
 #ifndef CURL_DISABLE_COOKIES
-static CURLcode cookielist(struct Curl_easy *data,
-                           const char *ptr)
+static CURLcode cookielist(struct Curl_easy *data, const char *ptr)
 {
   CURLcode result = CURLE_OK;
   if(!ptr)
@@ -1584,8 +1581,7 @@ static CURLcode cookielist(struct Curl_easy *data,
   return result;
 }
 
-static CURLcode cookiefile(struct Curl_easy *data,
-                           const char *ptr)
+static CURLcode cookiefile(struct Curl_easy *data, const char *ptr)
 {
   /*
    * Set cookie file to read and parse. Can be used multiple times.
@@ -1639,8 +1635,7 @@ static CURLcode setopt_cptr(struct Curl_easy *data, CURLoption option,
   case CURLOPT_PROXY_SSL_CIPHER_LIST:
     if(Curl_ssl_supports(data, SSLSUPP_CIPHER_LIST)) {
       /* set a list of cipher we want to use in the SSL connection for proxy */
-      return Curl_setstropt(&s->str[STRING_SSL_CIPHER_LIST_PROXY],
-                            ptr);
+      return Curl_setstropt(&s->str[STRING_SSL_CIPHER_LIST_PROXY], ptr);
     }
     else
       return CURLE_NOT_BUILT_IN;
@@ -1656,8 +1651,7 @@ static CURLcode setopt_cptr(struct Curl_easy *data, CURLoption option,
   case CURLOPT_PROXY_TLS13_CIPHERS:
     if(Curl_ssl_supports(data, SSLSUPP_TLS13_CIPHERSUITES))
       /* set preferred list of TLS 1.3 cipher suites for proxy */
-      return Curl_setstropt(&s->str[STRING_SSL_CIPHER13_LIST_PROXY],
-                            ptr);
+      return Curl_setstropt(&s->str[STRING_SSL_CIPHER13_LIST_PROXY], ptr);
     else
       return CURLE_NOT_BUILT_IN;
 #endif
@@ -1841,7 +1835,7 @@ static CURLcode setopt_cptr(struct Curl_easy *data, CURLoption option,
      * to use the socks proxy.
      */
     return Curl_setstropt(&s->str[STRING_PRE_PROXY], ptr);
-#endif   /* CURL_DISABLE_PROXY */
+#endif /* CURL_DISABLE_PROXY */
 
 #ifndef CURL_DISABLE_PROXY
   case CURLOPT_SOCKS5_GSSAPI_SERVICE:
@@ -2038,8 +2032,8 @@ static CURLcode setopt_cptr(struct Curl_easy *data, CURLoption option,
     }
     curlx_free(u);
     curlx_free(p);
-  }
     break;
+  }
   case CURLOPT_PROXYUSERNAME:
     /*
      * authentication username to use in the operation
@@ -2201,8 +2195,7 @@ static CURLcode setopt_cptr(struct Curl_easy *data, CURLoption option,
      */
 #ifdef USE_SSL
     if(Curl_ssl_supports(data, SSLSUPP_PINNEDPUBKEY))
-      return Curl_setstropt(&s->str[STRING_SSL_PINNEDPUBLICKEY_PROXY],
-                            ptr);
+      return Curl_setstropt(&s->str[STRING_SSL_PINNEDPUBLICKEY_PROXY], ptr);
 #endif
     return CURLE_NOT_BUILT_IN;
 #endif
@@ -2304,8 +2297,7 @@ static CURLcode setopt_cptr(struct Curl_easy *data, CURLoption option,
      * Specify colon-delimited list of signature scheme names.
      */
     if(Curl_ssl_supports(data, SSLSUPP_SIGNATURE_ALGORITHMS))
-      return Curl_setstropt(&s->str[STRING_SSL_SIGNATURE_ALGORITHMS],
-                            ptr);
+      return Curl_setstropt(&s->str[STRING_SSL_SIGNATURE_ALGORITHMS], ptr);
     return CURLE_NOT_BUILT_IN;
 #endif
 #ifdef USE_SSH
@@ -2347,8 +2339,7 @@ static CURLcode setopt_cptr(struct Curl_easy *data, CURLoption option,
      * Option to allow for the SHA256 of the host public key to be checked
      * for validation purposes.
      */
-    return Curl_setstropt(&s->str[STRING_SSH_HOST_PUBLIC_KEY_SHA256],
-                          ptr);
+    return Curl_setstropt(&s->str[STRING_SSH_HOST_PUBLIC_KEY_SHA256], ptr);
 
   case CURLOPT_SSH_HOSTKEYDATA:
     /*
@@ -2367,7 +2358,7 @@ static CURLcode setopt_cptr(struct Curl_easy *data, CURLoption option,
     }
     else
       /* make a NULL argument reset to default */
-      s->allowed_protocols = (curl_prot_t) CURLPROTO_ALL;
+      s->allowed_protocols = (curl_prot_t)CURLPROTO_ALL;
     break;
 
   case CURLOPT_REDIR_PROTOCOLS_STR:
@@ -2379,7 +2370,7 @@ static CURLcode setopt_cptr(struct Curl_easy *data, CURLoption option,
     }
     else
       /* make a NULL argument reset to default */
-      s->redir_protocols = (curl_prot_t) CURLPROTO_REDIR;
+      s->redir_protocols = (curl_prot_t)CURLPROTO_REDIR;
     break;
 
   case CURLOPT_DEFAULT_PROTOCOL:
@@ -2571,17 +2562,13 @@ static CURLcode setopt_cptr(struct Curl_easy *data, CURLoption option,
     }
     /* set tls_ech flag value, preserving CLA_CFG bit */
     if(!strcmp(ptr, "false"))
-      s->tls_ech = CURLECH_DISABLE |
-        (s->tls_ech & CURLECH_CLA_CFG);
+      s->tls_ech = (s->tls_ech & CURLECH_CLA_CFG) | CURLECH_DISABLE;
     else if(!strcmp(ptr, "grease"))
-      s->tls_ech = CURLECH_GREASE |
-        (s->tls_ech & CURLECH_CLA_CFG);
+      s->tls_ech = (s->tls_ech & CURLECH_CLA_CFG) | CURLECH_GREASE;
     else if(!strcmp(ptr, "true"))
-      s->tls_ech = CURLECH_ENABLE |
-        (s->tls_ech & CURLECH_CLA_CFG);
+      s->tls_ech = (s->tls_ech & CURLECH_CLA_CFG) | CURLECH_ENABLE;
     else if(!strcmp(ptr, "hard"))
-      s->tls_ech = CURLECH_HARD |
-        (s->tls_ech & CURLECH_CLA_CFG);
+      s->tls_ech = (s->tls_ech & CURLECH_CLA_CFG) | CURLECH_HARD;
     else if(plen > 5 && !strncmp(ptr, "ecl:", 4)) {
       result = Curl_setstropt(&s->str[STRING_ECH_CONFIG], ptr + 4);
       if(result)
@@ -2908,8 +2895,7 @@ static CURLcode setopt_blob(struct Curl_easy *data, CURLoption option,
     /*
      * Blob that holds Issuer certificate to check certificates issuer
      */
-    return Curl_setblobopt(&s->blobs[BLOB_SSL_ISSUERCERT_PROXY],
-                           blob);
+    return Curl_setblobopt(&s->blobs[BLOB_SSL_ISSUERCERT_PROXY], blob);
 #endif
   case CURLOPT_SSLKEY_BLOB:
     /*
diff --git a/lib/setopt.h b/lib/setopt.h
index c323dd74a3..0dd60c785f 100644
--- a/lib/setopt.h
+++ b/lib/setopt.h
@@ -28,7 +28,7 @@
 CURLcode Curl_setopt_SSLVERSION(struct Curl_easy *data, CURLoption option,
                                 long arg);
 #else
-#define Curl_setopt_SSLVERSION(a,b,c) CURLE_NOT_BUILT_IN
+#define Curl_setopt_SSLVERSION(a, b, c) CURLE_NOT_BUILT_IN
 #endif
 
 CURLcode Curl_setstropt(char **charp, const char *s) WARN_UNUSED_RESULT;
diff --git a/lib/setup-os400.h b/lib/setup-os400.h
index ef7baca67e..01f9399510 100644
--- a/lib/setup-os400.h
+++ b/lib/setup-os400.h
@@ -24,7 +24,6 @@
  *
  ***************************************************************************/
 
-
 /* OS/400 netdb.h does not define NI_MAXHOST. */
 #define NI_MAXHOST      1025
 
@@ -37,15 +36,13 @@ typedef unsigned long   u_int32_t;
 /* OS/400 has no idea of a tty! */
 #define isatty(fd)      0
 
-
 /* Workaround bug in IBM QADRT runtime library:
  * function puts() does not output the implicit trailing newline.
  */
 
 #include       /* Be sure it is loaded. */
 #undef puts
-#define puts(s) (fputs((s), stdout) == EOF? EOF: putchar('\n'))
-
+#define puts(s) (fputs((s), stdout) == EOF ? EOF : putchar('\n'))
 
 /* System API wrapper prototypes & definitions to support ASCII parameters. */
 
@@ -105,8 +102,8 @@ extern OM_uint32 Curl_gss_init_sec_context_a(OM_uint32 * minor_status,
 #define gss_init_sec_context    Curl_gss_init_sec_context_a
 
 
-extern OM_uint32 Curl_gss_delete_sec_context_a(OM_uint32 * minor_status,
-                                               gss_ctx_id_t * context_handle,
+extern OM_uint32 Curl_gss_delete_sec_context_a(OM_uint32 *minor_status,
+                                               gss_ctx_id_t *context_handle,
                                                gss_buffer_t output_token);
 #define gss_delete_sec_context  Curl_gss_delete_sec_context_a
 
diff --git a/lib/setup-vms.h b/lib/setup-vms.h
index e3777ded6e..17bf5a07a2 100644
--- a/lib/setup-vms.h
+++ b/lib/setup-vms.h
@@ -38,9 +38,9 @@
 /* Hide the stuff we are overriding */
 #define getenv decc_getenv
 #ifdef __DECC
-#   if __INITIAL_POINTER_SIZE != 64
-#       define getpwuid decc_getpwuid
-#   endif
+#  if __INITIAL_POINTER_SIZE != 64
+#    define getpwuid decc_getpwuid
+#  endif
 #endif
 #include 
 char *decc$getenv(const char *__name);
@@ -51,34 +51,34 @@ char *decc$getenv(const char *__name);
 
 #undef getenv
 #undef getpwuid
-#define getenv vms_getenv
+#define getenv   vms_getenv
 #define getpwuid vms_getpwuid
 
 /* VAX needs these in upper case when compiling exact case */
 #define sys$assign SYS$ASSIGN
 #define sys$dassgn SYS$DASSGN
-#define sys$qiow SYS$QIOW
+#define sys$qiow   SYS$QIOW
 
 #ifdef __DECC
-#   if __INITIAL_POINTER_SIZE
-#       pragma __pointer_size __save
-#   endif
+#  if __INITIAL_POINTER_SIZE
+#    pragma __pointer_size __save
+#  endif
 #endif
 
 #if __USE_LONG_GID_T
-#   define decc_getpwuid DECC$__LONG_GID_GETPWUID
+#  define decc_getpwuid DECC$__LONG_GID_GETPWUID
 #else
-#   if __INITIAL_POINTER_SIZE
-#       define decc_getpwuid decc$__32_getpwuid
-#   else
-#       define decc_getpwuid decc$getpwuid
-#   endif
+#  if __INITIAL_POINTER_SIZE
+#    define decc_getpwuid decc$__32_getpwuid
+#  else
+#    define decc_getpwuid decc$getpwuid
+#  endif
 #endif
 
-    struct passwd *decc_getpwuid(uid_t uid);
+struct passwd *decc_getpwuid(uid_t uid);
 
 #ifdef __DECC
-#   if __INITIAL_POINTER_SIZE == 32
+#  if __INITIAL_POINTER_SIZE == 32
 /* Translate the path, but only if the path is a VMS file specification */
 /* The translation is usually only needed for older versions of VMS */
 static char *vms_translate_path(const char *path)
@@ -100,18 +100,18 @@ static char *vms_translate_path(const char *path)
     return (char *)path;
   }
 }
-#   else
-    /* VMS translate path is actually not needed on the current 64-bit */
-    /* VMS platforms, so instead of figuring out the pointer settings */
-    /* Change it to a noop */
-#   define vms_translate_path(__path) __path
-#   endif
+#  else
+   /* VMS translate path is actually not needed on the current 64-bit */
+   /* VMS platforms, so instead of figuring out the pointer settings */
+   /* Change it to a noop */
+#  define vms_translate_path(__path) __path
+#  endif
 #endif
 
 #ifdef __DECC
-#   if __INITIAL_POINTER_SIZE
-#       pragma __pointer_size __restore
-#   endif
+#  if __INITIAL_POINTER_SIZE
+#    pragma __pointer_size __restore
+#  endif
 #endif
 
 static char *vms_getenv(const char *envvar)
@@ -137,7 +137,6 @@ static char *vms_getenv(const char *envvar)
   return result;
 }
 
-
 static struct passwd vms_passwd_cache;
 
 static struct passwd *vms_getpwuid(uid_t uid)
@@ -146,11 +145,11 @@ static struct passwd *vms_getpwuid(uid_t uid)
 
 /* Hack needed to support 64-bit builds, decc_getpwnam is 32-bit only */
 #ifdef __DECC
-#   if __INITIAL_POINTER_SIZE
+#  if __INITIAL_POINTER_SIZE
   __char_ptr32 unix_path;
-#   else
+#  else
   char *unix_path;
-#   endif
+#  endif
 #else
   char *unix_path;
 #endif
@@ -191,181 +190,181 @@ static struct passwd *vms_getpwuid(uid_t uid)
 /* Bug - VMS OpenSSL and Kerberos universal symbols are in uppercase only */
 /* VMS libraries should have universal symbols in exact and uppercase */
 
-#define ASN1_INTEGER_get ASN1_INTEGER_GET
-#define ASN1_STRING_data ASN1_STRING_DATA
-#define ASN1_STRING_length ASN1_STRING_LENGTH
-#define ASN1_STRING_print ASN1_STRING_PRINT
-#define ASN1_STRING_to_UTF8 ASN1_STRING_TO_UTF8
-#define ASN1_STRING_type ASN1_STRING_TYPE
-#define BIO_ctrl BIO_CTRL
-#define BIO_free BIO_FREE
-#define BIO_new BIO_NEW
-#define BIO_s_mem BIO_S_MEM
-#define BN_bn2bin BN_BN2BIN
-#define BN_num_bits BN_NUM_BITS
+#define ASN1_INTEGER_get           ASN1_INTEGER_GET
+#define ASN1_STRING_data           ASN1_STRING_DATA
+#define ASN1_STRING_length         ASN1_STRING_LENGTH
+#define ASN1_STRING_print          ASN1_STRING_PRINT
+#define ASN1_STRING_to_UTF8        ASN1_STRING_TO_UTF8
+#define ASN1_STRING_type           ASN1_STRING_TYPE
+#define BIO_ctrl                   BIO_CTRL
+#define BIO_free                   BIO_FREE
+#define BIO_new                    BIO_NEW
+#define BIO_s_mem                  BIO_S_MEM
+#define BN_bn2bin                  BN_BN2BIN
+#define BN_num_bits                BN_NUM_BITS
 #define CRYPTO_cleanup_all_ex_data CRYPTO_CLEANUP_ALL_EX_DATA
-#define CRYPTO_free CRYPTO_FREE
-#define CRYPTO_malloc CRYPTO_MALLOC
-#define CONF_modules_load_file CONF_MODULES_LOAD_FILE
+#define CRYPTO_free                CRYPTO_FREE
+#define CRYPTO_malloc              CRYPTO_MALLOC
+#define CONF_modules_load_file     CONF_MODULES_LOAD_FILE
 #ifdef __VAX
 #  ifdef VMS_OLD_SSL
   /* Ancient OpenSSL on VAX/VMS missing this constant */
 #    define CONF_MFLAGS_IGNORE_MISSING_FILE 0x10
 #    undef CONF_modules_load_file
-     static int CONF_modules_load_file(const char *filename,
-                                       const char *appname,
-                                       unsigned long flags) {
-             return 1;
-     }
+static int CONF_modules_load_file(const char *filename,
+                                  const char *appname,
+                                  unsigned long flags) {
+  return 1;
+}
 #  endif
 #endif
-#define DES_ecb_encrypt DES_ECB_ENCRYPT
-#define DES_set_key DES_SET_KEY
-#define DES_set_odd_parity DES_SET_ODD_PARITY
-#define ENGINE_ctrl ENGINE_CTRL
-#define ENGINE_ctrl_cmd ENGINE_CTRL_CMD
-#define ENGINE_finish ENGINE_FINISH
-#define ENGINE_free ENGINE_FREE
-#define ENGINE_get_first ENGINE_GET_FIRST
-#define ENGINE_get_id ENGINE_GET_ID
-#define ENGINE_get_next ENGINE_GET_NEXT
-#define ENGINE_init ENGINE_INIT
+#define DES_ecb_encrypt             DES_ECB_ENCRYPT
+#define DES_set_key                 DES_SET_KEY
+#define DES_set_odd_parity          DES_SET_ODD_PARITY
+#define ENGINE_ctrl                 ENGINE_CTRL
+#define ENGINE_ctrl_cmd             ENGINE_CTRL_CMD
+#define ENGINE_finish               ENGINE_FINISH
+#define ENGINE_free                 ENGINE_FREE
+#define ENGINE_get_first            ENGINE_GET_FIRST
+#define ENGINE_get_id               ENGINE_GET_ID
+#define ENGINE_get_next             ENGINE_GET_NEXT
+#define ENGINE_init                 ENGINE_INIT
 #define ENGINE_load_builtin_engines ENGINE_LOAD_BUILTIN_ENGINES
-#define ENGINE_load_private_key ENGINE_LOAD_PRIVATE_KEY
-#define ENGINE_set_default ENGINE_SET_DEFAULT
-#define ERR_clear_error ERR_CLEAR_ERROR
-#define ERR_error_string ERR_ERROR_STRING
-#define ERR_error_string_n ERR_ERROR_STRING_N
-#define ERR_free_strings ERR_FREE_STRINGS
-#define ERR_get_error ERR_GET_ERROR
-#define ERR_peek_error ERR_PEEK_ERROR
-#define ERR_remove_state ERR_REMOVE_STATE
-#define EVP_PKEY_copy_parameters EVP_PKEY_COPY_PARAMETERS
-#define EVP_PKEY_free EVP_PKEY_FREE
-#define EVP_cleanup EVP_CLEANUP
-#define GENERAL_NAMES_free GENERAL_NAMES_FREE
-#define i2d_X509_PUBKEY I2D_X509_PUBKEY
-#define MD4_Final MD4_FINAL
-#define MD4_Init MD4_INIT
-#define MD4_Update MD4_UPDATE
-#define MD5_Final MD5_FINAL
-#define MD5_Init MD5_INIT
-#define MD5_Update MD5_UPDATE
+#define ENGINE_load_private_key     ENGINE_LOAD_PRIVATE_KEY
+#define ENGINE_set_default          ENGINE_SET_DEFAULT
+#define ERR_clear_error             ERR_CLEAR_ERROR
+#define ERR_error_string            ERR_ERROR_STRING
+#define ERR_error_string_n          ERR_ERROR_STRING_N
+#define ERR_free_strings            ERR_FREE_STRINGS
+#define ERR_get_error               ERR_GET_ERROR
+#define ERR_peek_error              ERR_PEEK_ERROR
+#define ERR_remove_state            ERR_REMOVE_STATE
+#define EVP_PKEY_copy_parameters    EVP_PKEY_COPY_PARAMETERS
+#define EVP_PKEY_free               EVP_PKEY_FREE
+#define EVP_cleanup                 EVP_CLEANUP
+#define GENERAL_NAMES_free          GENERAL_NAMES_FREE
+#define i2d_X509_PUBKEY             I2D_X509_PUBKEY
+#define MD4_Final                   MD4_FINAL
+#define MD4_Init                    MD4_INIT
+#define MD4_Update                  MD4_UPDATE
+#define MD5_Final                   MD5_FINAL
+#define MD5_Init                    MD5_INIT
+#define MD5_Update                  MD5_UPDATE
 #define OPENSSL_add_all_algo_noconf OPENSSL_ADD_ALL_ALGO_NOCONF
 #ifndef __VAX
 #define OPENSSL_load_builtin_modules OPENSSL_LOAD_BUILTIN_MODULES
 #endif
-#define PEM_read_X509 PEM_READ_X509
-#define PEM_write_bio_X509 PEM_WRITE_BIO_X509
-#define PKCS12_free PKCS12_FREE
-#define PKCS12_parse PKCS12_PARSE
-#define RAND_add RAND_ADD
-#define RAND_bytes RAND_BYTES
-#define RAND_file_name RAND_FILE_NAME
-#define RAND_load_file RAND_LOAD_FILE
-#define RAND_status RAND_STATUS
-#define SSL_CIPHER_get_name SSL_CIPHER_GET_NAME
-#define SSL_CTX_add_client_CA SSL_CTX_ADD_CLIENT_CA
-#define SSL_CTX_callback_ctrl SSL_CTX_CALLBACK_CTRL
-#define SSL_CTX_check_private_key SSL_CTX_CHECK_PRIVATE_KEY
-#define SSL_CTX_ctrl SSL_CTX_CTRL
-#define SSL_CTX_free SSL_CTX_FREE
-#define SSL_CTX_get_cert_store SSL_CTX_GET_CERT_STORE
-#define SSL_CTX_load_verify_locations SSL_CTX_LOAD_VERIFY_LOCATIONS
-#define SSL_CTX_new SSL_CTX_NEW
-#define SSL_CTX_set_cipher_list SSL_CTX_SET_CIPHER_LIST
-#define SSL_CTX_set_def_passwd_cb_ud SSL_CTX_SET_DEF_PASSWD_CB_UD
-#define SSL_CTX_set_default_passwd_cb SSL_CTX_SET_DEFAULT_PASSWD_CB
-#define SSL_CTX_set_msg_callback SSL_CTX_SET_MSG_CALLBACK
-#define SSL_CTX_set_verify SSL_CTX_SET_VERIFY
-#define SSL_CTX_use_PrivateKey SSL_CTX_USE_PRIVATEKEY
-#define SSL_CTX_use_PrivateKey_file SSL_CTX_USE_PRIVATEKEY_FILE
-#define SSL_CTX_use_cert_chain_file SSL_CTX_USE_CERT_CHAIN_FILE
-#define SSL_CTX_use_certificate SSL_CTX_USE_CERTIFICATE
-#define SSL_CTX_use_certificate_file SSL_CTX_USE_CERTIFICATE_FILE
-#define SSL_SESSION_free SSL_SESSION_FREE
-#define SSL_connect SSL_CONNECT
-#define SSL_free SSL_FREE
-#define SSL_get1_session SSL_GET1_SESSION
-#define SSL_get_certificate SSL_GET_CERTIFICATE
-#define SSL_get_current_cipher SSL_GET_CURRENT_CIPHER
-#define SSL_get_error SSL_GET_ERROR
-#define SSL_get_peer_cert_chain SSL_GET_PEER_CERT_CHAIN
-#define SSL_get_peer_certificate SSL_GET_PEER_CERTIFICATE
-#define SSL_get_privatekey SSL_GET_PRIVATEKEY
-#define SSL_get_session SSL_GET_SESSION
-#define SSL_get_shutdown SSL_GET_SHUTDOWN
-#define SSL_get_verify_result SSL_GET_VERIFY_RESULT
-#define SSL_library_init SSL_LIBRARY_INIT
-#define SSL_load_error_strings SSL_LOAD_ERROR_STRINGS
-#define SSL_new SSL_NEW
-#define SSL_peek SSL_PEEK
-#define SSL_pending SSL_PENDING
-#define SSL_read SSL_READ
-#define SSL_set_connect_state SSL_SET_CONNECT_STATE
-#define SSL_set_fd SSL_SET_FD
-#define SSL_set_session SSL_SET_SESSION
-#define SSL_shutdown SSL_SHUTDOWN
-#define SSL_version SSL_VERSION
-#define SSL_write SSL_WRITE
-#define SSLeay SSLEAY
-#define SSLv23_client_method SSLV23_CLIENT_METHOD
-#define SSLv3_client_method SSLV3_CLIENT_METHOD
-#define TLSv1_client_method TLSV1_CLIENT_METHOD
-#define UI_create_method UI_CREATE_METHOD
-#define UI_destroy_method UI_DESTROY_METHOD
-#define UI_get0_user_data UI_GET0_USER_DATA
-#define UI_get_input_flags UI_GET_INPUT_FLAGS
-#define UI_get_string_type UI_GET_STRING_TYPE
-#define UI_create_method UI_CREATE_METHOD
-#define UI_destroy_method UI_DESTROY_METHOD
-#define UI_method_get_closer UI_METHOD_GET_CLOSER
-#define UI_method_get_opener UI_METHOD_GET_OPENER
-#define UI_method_get_reader UI_METHOD_GET_READER
-#define UI_method_get_writer UI_METHOD_GET_WRITER
-#define UI_method_set_closer UI_METHOD_SET_CLOSER
-#define UI_method_set_opener UI_METHOD_SET_OPENER
-#define UI_method_set_reader UI_METHOD_SET_READER
-#define UI_method_set_writer UI_METHOD_SET_WRITER
-#define UI_OpenSSL UI_OPENSSL
-#define UI_set_result UI_SET_RESULT
-#define X509V3_EXT_print X509V3_EXT_PRINT
-#define X509_EXTENSION_get_critical X509_EXTENSION_GET_CRITICAL
-#define X509_EXTENSION_get_data X509_EXTENSION_GET_DATA
-#define X509_EXTENSION_get_object X509_EXTENSION_GET_OBJECT
-#define X509_LOOKUP_file X509_LOOKUP_FILE
-#define X509_NAME_ENTRY_get_data X509_NAME_ENTRY_GET_DATA
-#define X509_NAME_get_entry X509_NAME_GET_ENTRY
-#define X509_NAME_get_index_by_NID X509_NAME_GET_INDEX_BY_NID
-#define X509_NAME_print_ex X509_NAME_PRINT_EX
+#define PEM_read_X509                   PEM_READ_X509
+#define PEM_write_bio_X509              PEM_WRITE_BIO_X509
+#define PKCS12_free                     PKCS12_FREE
+#define PKCS12_parse                    PKCS12_PARSE
+#define RAND_add                        RAND_ADD
+#define RAND_bytes                      RAND_BYTES
+#define RAND_file_name                  RAND_FILE_NAME
+#define RAND_load_file                  RAND_LOAD_FILE
+#define RAND_status                     RAND_STATUS
+#define SSL_CIPHER_get_name             SSL_CIPHER_GET_NAME
+#define SSL_CTX_add_client_CA           SSL_CTX_ADD_CLIENT_CA
+#define SSL_CTX_callback_ctrl           SSL_CTX_CALLBACK_CTRL
+#define SSL_CTX_check_private_key       SSL_CTX_CHECK_PRIVATE_KEY
+#define SSL_CTX_ctrl                    SSL_CTX_CTRL
+#define SSL_CTX_free                    SSL_CTX_FREE
+#define SSL_CTX_get_cert_store          SSL_CTX_GET_CERT_STORE
+#define SSL_CTX_load_verify_locations   SSL_CTX_LOAD_VERIFY_LOCATIONS
+#define SSL_CTX_new                     SSL_CTX_NEW
+#define SSL_CTX_set_cipher_list         SSL_CTX_SET_CIPHER_LIST
+#define SSL_CTX_set_def_passwd_cb_ud    SSL_CTX_SET_DEF_PASSWD_CB_UD
+#define SSL_CTX_set_default_passwd_cb   SSL_CTX_SET_DEFAULT_PASSWD_CB
+#define SSL_CTX_set_msg_callback        SSL_CTX_SET_MSG_CALLBACK
+#define SSL_CTX_set_verify              SSL_CTX_SET_VERIFY
+#define SSL_CTX_use_PrivateKey          SSL_CTX_USE_PRIVATEKEY
+#define SSL_CTX_use_PrivateKey_file     SSL_CTX_USE_PRIVATEKEY_FILE
+#define SSL_CTX_use_cert_chain_file     SSL_CTX_USE_CERT_CHAIN_FILE
+#define SSL_CTX_use_certificate         SSL_CTX_USE_CERTIFICATE
+#define SSL_CTX_use_certificate_file    SSL_CTX_USE_CERTIFICATE_FILE
+#define SSL_SESSION_free                SSL_SESSION_FREE
+#define SSL_connect                     SSL_CONNECT
+#define SSL_free                        SSL_FREE
+#define SSL_get1_session                SSL_GET1_SESSION
+#define SSL_get_certificate             SSL_GET_CERTIFICATE
+#define SSL_get_current_cipher          SSL_GET_CURRENT_CIPHER
+#define SSL_get_error                   SSL_GET_ERROR
+#define SSL_get_peer_cert_chain         SSL_GET_PEER_CERT_CHAIN
+#define SSL_get_peer_certificate        SSL_GET_PEER_CERTIFICATE
+#define SSL_get_privatekey              SSL_GET_PRIVATEKEY
+#define SSL_get_session                 SSL_GET_SESSION
+#define SSL_get_shutdown                SSL_GET_SHUTDOWN
+#define SSL_get_verify_result           SSL_GET_VERIFY_RESULT
+#define SSL_library_init                SSL_LIBRARY_INIT
+#define SSL_load_error_strings          SSL_LOAD_ERROR_STRINGS
+#define SSL_new                         SSL_NEW
+#define SSL_peek                        SSL_PEEK
+#define SSL_pending                     SSL_PENDING
+#define SSL_read                        SSL_READ
+#define SSL_set_connect_state           SSL_SET_CONNECT_STATE
+#define SSL_set_fd                      SSL_SET_FD
+#define SSL_set_session                 SSL_SET_SESSION
+#define SSL_shutdown                    SSL_SHUTDOWN
+#define SSL_version                     SSL_VERSION
+#define SSL_write                       SSL_WRITE
+#define SSLeay                          SSLEAY
+#define SSLv23_client_method            SSLV23_CLIENT_METHOD
+#define SSLv3_client_method             SSLV3_CLIENT_METHOD
+#define TLSv1_client_method             TLSV1_CLIENT_METHOD
+#define UI_create_method                UI_CREATE_METHOD
+#define UI_destroy_method               UI_DESTROY_METHOD
+#define UI_get0_user_data               UI_GET0_USER_DATA
+#define UI_get_input_flags              UI_GET_INPUT_FLAGS
+#define UI_get_string_type              UI_GET_STRING_TYPE
+#define UI_create_method                UI_CREATE_METHOD
+#define UI_destroy_method               UI_DESTROY_METHOD
+#define UI_method_get_closer            UI_METHOD_GET_CLOSER
+#define UI_method_get_opener            UI_METHOD_GET_OPENER
+#define UI_method_get_reader            UI_METHOD_GET_READER
+#define UI_method_get_writer            UI_METHOD_GET_WRITER
+#define UI_method_set_closer            UI_METHOD_SET_CLOSER
+#define UI_method_set_opener            UI_METHOD_SET_OPENER
+#define UI_method_set_reader            UI_METHOD_SET_READER
+#define UI_method_set_writer            UI_METHOD_SET_WRITER
+#define UI_OpenSSL                      UI_OPENSSL
+#define UI_set_result                   UI_SET_RESULT
+#define X509V3_EXT_print                X509V3_EXT_PRINT
+#define X509_EXTENSION_get_critical     X509_EXTENSION_GET_CRITICAL
+#define X509_EXTENSION_get_data         X509_EXTENSION_GET_DATA
+#define X509_EXTENSION_get_object       X509_EXTENSION_GET_OBJECT
+#define X509_LOOKUP_file                X509_LOOKUP_FILE
+#define X509_NAME_ENTRY_get_data        X509_NAME_ENTRY_GET_DATA
+#define X509_NAME_get_entry             X509_NAME_GET_ENTRY
+#define X509_NAME_get_index_by_NID      X509_NAME_GET_INDEX_BY_NID
+#define X509_NAME_print_ex              X509_NAME_PRINT_EX
 #define X509_STORE_CTX_get_current_cert X509_STORE_CTX_GET_CURRENT_CERT
-#define X509_STORE_add_lookup X509_STORE_ADD_LOOKUP
-#define X509_STORE_set_flags X509_STORE_SET_FLAGS
-#define X509_check_issued X509_CHECK_ISSUED
-#define X509_free X509_FREE
-#define X509_get_ext_d2i X509_GET_EXT_D2I
-#define X509_get_issuer_name X509_GET_ISSUER_NAME
-#define X509_get_pubkey X509_GET_PUBKEY
-#define X509_get_serialNumber X509_GET_SERIALNUMBER
-#define X509_get_subject_name X509_GET_SUBJECT_NAME
-#define X509_load_crl_file X509_LOAD_CRL_FILE
-#define X509_verify_cert_error_string X509_VERIFY_CERT_ERROR_STRING
-#define d2i_PKCS12_fp D2I_PKCS12_FP
-#define i2t_ASN1_OBJECT I2T_ASN1_OBJECT
-#define sk_num SK_NUM
-#define sk_pop SK_POP
-#define sk_pop_free SK_POP_FREE
-#define sk_value SK_VALUE
+#define X509_STORE_add_lookup           X509_STORE_ADD_LOOKUP
+#define X509_STORE_set_flags            X509_STORE_SET_FLAGS
+#define X509_check_issued               X509_CHECK_ISSUED
+#define X509_free                       X509_FREE
+#define X509_get_ext_d2i                X509_GET_EXT_D2I
+#define X509_get_issuer_name            X509_GET_ISSUER_NAME
+#define X509_get_pubkey                 X509_GET_PUBKEY
+#define X509_get_serialNumber           X509_GET_SERIALNUMBER
+#define X509_get_subject_name           X509_GET_SUBJECT_NAME
+#define X509_load_crl_file              X509_LOAD_CRL_FILE
+#define X509_verify_cert_error_string   X509_VERIFY_CERT_ERROR_STRING
+#define d2i_PKCS12_fp                   D2I_PKCS12_FP
+#define i2t_ASN1_OBJECT                 I2T_ASN1_OBJECT
+#define sk_num                          SK_NUM
+#define sk_pop                          SK_POP
+#define sk_pop_free                     SK_POP_FREE
+#define sk_value                        SK_VALUE
 #ifdef __VAX
 #define OPENSSL_NO_SHA256
 #endif
-#define SHA256_Final SHA256_FINAL
-#define SHA256_Init SHA256_INIT
+#define SHA256_Final  SHA256_FINAL
+#define SHA256_Init   SHA256_INIT
 #define SHA256_Update SHA256_UPDATE
 
 #define USE_UPPERCASE_GSSAPI 1
-#define gss_seal GSS_SEAL
-#define gss_unseal GSS_UNSEAL
+#define gss_seal             GSS_SEAL
+#define gss_unseal           GSS_UNSEAL
 
 #define USE_UPPERCASE_KRBAPI 1
 
@@ -379,11 +378,11 @@ static struct passwd *vms_getpwuid(uid_t uid)
 
 /* VAX symbols are always in uppercase */
 #ifdef __VAX
-#define inflate INFLATE
-#define inflateEnd INFLATEEND
+#define inflate       INFLATE
+#define inflateEnd    INFLATEEND
 #define inflateInit2_ INFLATEINIT2_
-#define inflateInit_ INFLATEINIT_
-#define zlibVersion ZLIBVERSION
+#define inflateInit_  INFLATEINIT_
+#define zlibVersion   ZLIBVERSION
 #endif
 
 /* Older VAX OpenSSL port defines these as Macros */
@@ -391,11 +390,11 @@ static struct passwd *vms_getpwuid(uid_t uid)
 /* that way a newer port will also work if some one has one */
 #ifdef __VAX
 
-#   include 
-#   ifndef OpenSSL_add_all_algorithms
-#       define OpenSSL_add_all_algorithms OPENSSL_ADD_ALL_ALGORITHMS
-        void OPENSSL_ADD_ALL_ALGORITHMS(void);
-#   endif
+#  include 
+#  ifndef OpenSSL_add_all_algorithms
+#    define OpenSSL_add_all_algorithms OPENSSL_ADD_ALL_ALGORITHMS
+     void OPENSSL_ADD_ALL_ALGORITHMS(void);
+#  endif
 #endif
 
 #endif /* HEADER_CURL_SETUP_VMS_H */
diff --git a/lib/sha256.c b/lib/sha256.c
index 977ad3edc4..9c3b60ec18 100644
--- a/lib/sha256.c
+++ b/lib/sha256.c
@@ -193,7 +193,7 @@ static CURLcode my_sha256_init(void *in)
 {
   my_sha256_ctx *ctx = (my_sha256_ctx *)in;
   if(!CryptAcquireContext(&ctx->hCryptProv, NULL, NULL, PROV_RSA_AES,
-                         CRYPT_VERIFYCONTEXT | CRYPT_SILENT))
+                          CRYPT_VERIFYCONTEXT | CRYPT_SILENT))
     return CURLE_OUT_OF_MEMORY;
 
   if(!CryptCreateHash(ctx->hCryptProv, CALG_SHA_256, 0, 0, &ctx->hHash)) {
@@ -236,42 +236,43 @@ static void my_sha256_final(unsigned char *digest, void *in)
 /* This is based on the SHA256 implementation in LibTomCrypt that was released
  * into public domain. */
 
-#define WPA_GET_BE32(a) ((((unsigned long)(a)[0]) << 24) | \
-                         (((unsigned long)(a)[1]) << 16) | \
-                         (((unsigned long)(a)[2]) <<  8) | \
-                          ((unsigned long)(a)[3]))
-#define WPA_PUT_BE32(a, val)                                        \
-do {                                                                \
-  (a)[0] = (unsigned char)((((unsigned long) (val)) >> 24) & 0xff); \
-  (a)[1] = (unsigned char)((((unsigned long) (val)) >> 16) & 0xff); \
-  (a)[2] = (unsigned char)((((unsigned long) (val)) >> 8) & 0xff);  \
-  (a)[3] = (unsigned char)(((unsigned long) (val)) & 0xff);         \
-} while(0)
+#define WPA_GET_BE32(a)              \
+  ((((unsigned long)(a)[0]) << 24) | \
+   (((unsigned long)(a)[1]) << 16) | \
+   (((unsigned long)(a)[2]) <<  8) | \
+    ((unsigned long)(a)[3]))
+#define WPA_PUT_BE32(a, val)                                         \
+  do {                                                               \
+    (a)[0] = (unsigned char)((((unsigned long)(val)) >> 24) & 0xff); \
+    (a)[1] = (unsigned char)((((unsigned long)(val)) >> 16) & 0xff); \
+    (a)[2] = (unsigned char)((((unsigned long)(val)) >>  8) & 0xff); \
+    (a)[3] = (unsigned char) (((unsigned long)(val)) & 0xff);        \
+  } while(0)
 
 #ifdef HAVE_LONGLONG
-#define WPA_PUT_BE64(a, val)                                    \
-do {                                                            \
-  (a)[0] = (unsigned char)(((unsigned long long)(val)) >> 56);  \
-  (a)[1] = (unsigned char)(((unsigned long long)(val)) >> 48);  \
-  (a)[2] = (unsigned char)(((unsigned long long)(val)) >> 40);  \
-  (a)[3] = (unsigned char)(((unsigned long long)(val)) >> 32);  \
-  (a)[4] = (unsigned char)(((unsigned long long)(val)) >> 24);  \
-  (a)[5] = (unsigned char)(((unsigned long long)(val)) >> 16);  \
-  (a)[6] = (unsigned char)(((unsigned long long)(val)) >> 8);   \
-  (a)[7] = (unsigned char)(((unsigned long long)(val)) & 0xff); \
-} while(0)
+#define WPA_PUT_BE64(a, val)                                      \
+  do {                                                            \
+    (a)[0] = (unsigned char)(((unsigned long long)(val)) >> 56);  \
+    (a)[1] = (unsigned char)(((unsigned long long)(val)) >> 48);  \
+    (a)[2] = (unsigned char)(((unsigned long long)(val)) >> 40);  \
+    (a)[3] = (unsigned char)(((unsigned long long)(val)) >> 32);  \
+    (a)[4] = (unsigned char)(((unsigned long long)(val)) >> 24);  \
+    (a)[5] = (unsigned char)(((unsigned long long)(val)) >> 16);  \
+    (a)[6] = (unsigned char)(((unsigned long long)(val)) >>  8);  \
+    (a)[7] = (unsigned char)(((unsigned long long)(val)) & 0xff); \
+  } while(0)
 #else
-#define WPA_PUT_BE64(a, val)                                  \
-do {                                                          \
-  (a)[0] = (unsigned char)(((unsigned __int64)(val)) >> 56);  \
-  (a)[1] = (unsigned char)(((unsigned __int64)(val)) >> 48);  \
-  (a)[2] = (unsigned char)(((unsigned __int64)(val)) >> 40);  \
-  (a)[3] = (unsigned char)(((unsigned __int64)(val)) >> 32);  \
-  (a)[4] = (unsigned char)(((unsigned __int64)(val)) >> 24);  \
-  (a)[5] = (unsigned char)(((unsigned __int64)(val)) >> 16);  \
-  (a)[6] = (unsigned char)(((unsigned __int64)(val)) >> 8);   \
-  (a)[7] = (unsigned char)(((unsigned __int64)(val)) & 0xff); \
-} while(0)
+#define WPA_PUT_BE64(a, val)                                    \
+  do {                                                          \
+    (a)[0] = (unsigned char)(((unsigned __int64)(val)) >> 56);  \
+    (a)[1] = (unsigned char)(((unsigned __int64)(val)) >> 48);  \
+    (a)[2] = (unsigned char)(((unsigned __int64)(val)) >> 40);  \
+    (a)[3] = (unsigned char)(((unsigned __int64)(val)) >> 32);  \
+    (a)[4] = (unsigned char)(((unsigned __int64)(val)) >> 24);  \
+    (a)[5] = (unsigned char)(((unsigned __int64)(val)) >> 16);  \
+    (a)[6] = (unsigned char)(((unsigned __int64)(val)) >>  8);  \
+    (a)[7] = (unsigned char)(((unsigned __int64)(val)) & 0xff); \
+  } while(0)
 #endif
 
 struct sha256_state {
@@ -304,20 +305,21 @@ static const unsigned long K[64] = {
 
 /* Various logical functions */
 #define RORc(x, y) \
-(((((unsigned long)(x) & 0xFFFFFFFFUL) >> (unsigned long)((y) & 31)) | \
-   ((unsigned long)(x) << (unsigned long)(32 - ((y) & 31)))) & 0xFFFFFFFFUL)
-#define Sha256_Ch(x,y,z)  (z ^ (x & (y ^ z)))
-#define Sha256_Maj(x,y,z) (((x | y) & z) | (x & y))
-#define Sha256_S(x, n)    RORc((x), (n))
-#define Sha256_R(x, n)    (((x)&0xFFFFFFFFUL)>>(n))
+  (((((unsigned long)(x) & 0xFFFFFFFFUL) >> (unsigned long)((y) & 31)) | \
+     ((unsigned long)(x) << (unsigned long)(32 - ((y) & 31)))) & 0xFFFFFFFFUL)
+
+#define Sha256_Ch(x, y, z)  (z ^ (x & (y ^ z)))
+#define Sha256_Maj(x, y, z) (((x | y) & z) | (x & y))
+#define Sha256_S(x, n)      RORc((x), (n))
+#define Sha256_R(x, n)      (((x) & 0xFFFFFFFFUL) >> (n))
+
 #define Sigma0(x)         (Sha256_S(x, 2) ^ Sha256_S(x, 13) ^ Sha256_S(x, 22))
 #define Sigma1(x)         (Sha256_S(x, 6) ^ Sha256_S(x, 11) ^ Sha256_S(x, 25))
 #define Gamma0(x)         (Sha256_S(x, 7) ^ Sha256_S(x, 18) ^ Sha256_R(x, 3))
 #define Gamma1(x)         (Sha256_S(x, 17) ^ Sha256_S(x, 19) ^ Sha256_R(x, 10))
 
 /* Compress 512-bits */
-static int sha256_compress(struct sha256_state *md,
-                           const unsigned char *buf)
+static int sha256_compress(struct sha256_state *md, const unsigned char *buf)
 {
   unsigned long S[8], W[64];
   int i;
@@ -331,12 +333,11 @@ static int sha256_compress(struct sha256_state *md,
     W[i] = WPA_GET_BE32(buf + (4 * i));
   /* fill W[16..63] */
   for(i = 16; i < 64; i++) {
-    W[i] = Gamma1(W[i - 2]) + W[i - 7] + Gamma0(W[i - 15]) +
-      W[i - 16];
+    W[i] = Gamma1(W[i - 2]) + W[i - 7] + Gamma0(W[i - 15]) + W[i - 16];
   }
 
   /* Compress */
-#define RND(a,b,c,d,e,f,g,h,i)                                           \
+#define RND(a, b, c, d, e, f, g, h, i)                                   \
   do {                                                                   \
     unsigned long t0 = h + Sigma1(e) + Sha256_Ch(e, f, g) + K[i] + W[i]; \
     unsigned long t1 = Sigma0(a) + Sha256_Maj(a, b, c);                  \
@@ -347,8 +348,15 @@ static int sha256_compress(struct sha256_state *md,
   for(i = 0; i < 64; ++i) {
     unsigned long t;
     RND(S[0], S[1], S[2], S[3], S[4], S[5], S[6], S[7], i);
-    t = S[7]; S[7] = S[6]; S[6] = S[5]; S[5] = S[4];
-    S[4] = S[3]; S[3] = S[2]; S[2] = S[1]; S[1] = S[0]; S[0] = t;
+    t = S[7];
+    S[7] = S[6];
+    S[6] = S[5];
+    S[5] = S[4];
+    S[4] = S[3];
+    S[3] = S[2];
+    S[2] = S[1];
+    S[1] = S[0];
+    S[0] = t;
   }
 
   /* Feedback */
@@ -492,7 +500,6 @@ CURLcode Curl_sha256it(unsigned char *output, const unsigned char *input,
   return result;
 }
 
-
 const struct HMAC_params Curl_HMAC_SHA256 = {
   my_sha256_init,        /* Hash initialization function. */
   my_sha256_update,      /* Hash update function. */
diff --git a/lib/sigpipe.h b/lib/sigpipe.h
index 1be3a111e9..5d2c78a271 100644
--- a/lib/sigpipe.h
+++ b/lib/sigpipe.h
@@ -25,7 +25,7 @@
  ***************************************************************************/
 #include "curl_setup.h"
 
-#if defined(HAVE_SIGACTION) &&        \
+#if defined(HAVE_SIGACTION) && \
   (defined(USE_OPENSSL) || defined(USE_MBEDTLS) || defined(USE_WOLFSSL))
 #include 
 
@@ -88,12 +88,12 @@ static void sigpipe_apply(struct Curl_easy *data,
 
 #else
 /* for systems without sigaction */
-#define sigpipe_ignore(x,y) Curl_nop_stmt
-#define sigpipe_apply(x,y) Curl_nop_stmt
-#define sigpipe_init(x)  Curl_nop_stmt
-#define sigpipe_restore(x)  Curl_nop_stmt
+#define sigpipe_ignore(x, y) Curl_nop_stmt
+#define sigpipe_apply(x, y)  Curl_nop_stmt
+#define sigpipe_init(x)      Curl_nop_stmt
+#define sigpipe_restore(x)   Curl_nop_stmt
 #define SIGPIPE_VARIABLE(x)
-#define SIGPIPE_MEMBER(x)   bool x
+#define SIGPIPE_MEMBER(x)    bool x
 #endif
 
 #endif /* HEADER_CURL_SIGPIPE_H */
diff --git a/lib/slist.c b/lib/slist.c
index 469ee0ef3b..9b7f11d426 100644
--- a/lib/slist.c
+++ b/lib/slist.c
@@ -31,7 +31,7 @@
 /* returns last node in linked list */
 static struct curl_slist *slist_get_last(struct curl_slist *list)
 {
-  struct curl_slist     *item;
+  struct curl_slist *item;
 
   /* if caller passed us a NULL, return now */
   if(!list)
@@ -57,8 +57,8 @@ static struct curl_slist *slist_get_last(struct curl_slist *list)
 struct curl_slist *Curl_slist_append_nodup(struct curl_slist *list,
                                            const char *data)
 {
-  struct curl_slist     *last;
-  struct curl_slist     *new_item;
+  struct curl_slist *last;
+  struct curl_slist *new_item;
 
   DEBUGASSERT(data);
 
@@ -85,8 +85,7 @@ struct curl_slist *Curl_slist_append_nodup(struct curl_slist *list,
  * bothersome, then simply create a separate _init function and call it
  * appropriately from within the program.
  */
-struct curl_slist *curl_slist_append(struct curl_slist *list,
-                                     const char *data)
+struct curl_slist *curl_slist_append(struct curl_slist *list, const char *data)
 {
   char *dupdata = curlx_strdup(data);
 
@@ -127,8 +126,8 @@ struct curl_slist *Curl_slist_duplicate(struct curl_slist *inlist)
 /* be nice and clean up resources */
 void curl_slist_free_all(struct curl_slist *list)
 {
-  struct curl_slist     *next;
-  struct curl_slist     *item;
+  struct curl_slist *next;
+  struct curl_slist *item;
 
   if(!list)
     return;
diff --git a/lib/smb.c b/lib/smb.c
index 338464961b..c52d4eca57 100644
--- a/lib/smb.c
+++ b/lib/smb.c
@@ -368,7 +368,7 @@ const struct Curl_handler Curl_handler_smbs = {
   defined(__OS400__)
 static unsigned short smb_swap16(unsigned short x)
 {
-  return (unsigned short) ((x << 8) | ((x >> 8) & 0xff));
+  return (unsigned short)((x << 8) | ((x >> 8) & 0xff));
 }
 
 static unsigned int smb_swap32(unsigned int x)
@@ -379,8 +379,8 @@ static unsigned int smb_swap32(unsigned int x)
 
 static curl_off_t smb_swap64(curl_off_t x)
 {
-  return ((curl_off_t) smb_swap32((unsigned int) x) << 32) |
-    smb_swap32((unsigned int) (x >> 32));
+  return ((curl_off_t)smb_swap32((unsigned int)x) << 32) |
+    smb_swap32((unsigned int)(x >> 32));
 }
 
 #else
@@ -573,7 +573,7 @@ static CURLcode smb_recv_message(struct Curl_easy *data,
 
   if(nbt_size >= msg_size + 1) {
     /* Add the word count */
-    msg_size += 1 + ((unsigned char) buf[msg_size]) * sizeof(unsigned short);
+    msg_size += 1 + ((unsigned char)buf[msg_size]) * sizeof(unsigned short);
     if(nbt_size >= msg_size + sizeof(unsigned short)) {
       /* Add the byte count */
       msg_size += sizeof(unsigned short) +
@@ -601,8 +601,8 @@ static void smb_format_message(struct smb_conn *smbc,
   const unsigned int pid = 0xbad71d; /* made up */
 
   memset(h, 0, sizeof(*h));
-  h->nbt_length = htons((unsigned short) (sizeof(*h) - sizeof(unsigned int) +
-                                          len));
+  h->nbt_length = htons((unsigned short)(sizeof(*h) - sizeof(unsigned int) +
+                                         len));
   memcpy((char *)h->magic, "\xffSMB", 4);
   h->command = cmd;
   h->flags = SMB_FLAGS_CANONICAL_PATHNAMES | SMB_FLAGS_CASELESS_PATHNAMES;
@@ -610,7 +610,7 @@ static void smb_format_message(struct smb_conn *smbc,
   h->uid = smb_swap16(smbc->uid);
   h->tid = smb_swap16(req->tid);
   h->pid_high = smb_swap16((unsigned short)(pid >> 16));
-  h->pid = smb_swap16((unsigned short) pid);
+  h->pid = smb_swap16((unsigned short)pid);
 }
 
 static CURLcode smb_send(struct Curl_easy *data, struct smb_conn *smbc,
@@ -790,7 +790,7 @@ static CURLcode smb_send_open(struct Curl_easy *data,
     msg.access = smb_swap32(SMB_GENERIC_READ);
     msg.create_disposition = smb_swap32(SMB_FILE_OPEN);
   }
-  msg.byte_count = smb_swap16((unsigned short) byte_count);
+  msg.byte_count = smb_swap16((unsigned short)byte_count);
   strcpy(msg.bytes, req->path);
 
   return smb_send_message(data, smbc, req, SMB_COM_NT_CREATE_ANDX, &msg,
@@ -831,8 +831,8 @@ static CURLcode smb_send_read(struct Curl_easy *data,
   msg.word_count = SMB_WC_READ_ANDX;
   msg.andx.command = SMB_COM_NO_ANDX_COMMAND;
   msg.fid = smb_swap16(req->fid);
-  msg.offset = smb_swap32((unsigned int) offset);
-  msg.offset_high = smb_swap32((unsigned int) (offset >> 32));
+  msg.offset = smb_swap32((unsigned int)offset);
+  msg.offset_high = smb_swap32((unsigned int)(offset >> 32));
   msg.min_bytes = smb_swap16(MAX_PAYLOAD_SIZE);
   msg.max_bytes = smb_swap16(MAX_PAYLOAD_SIZE);
 
@@ -856,16 +856,16 @@ static CURLcode smb_send_write(struct Curl_easy *data,
   msg->word_count = SMB_WC_WRITE_ANDX;
   msg->andx.command = SMB_COM_NO_ANDX_COMMAND;
   msg->fid = smb_swap16(req->fid);
-  msg->offset = smb_swap32((unsigned int) offset);
-  msg->offset_high = smb_swap32((unsigned int) (offset >> 32));
-  msg->data_length = smb_swap16((unsigned short) upload_size);
+  msg->offset = smb_swap32((unsigned int)offset);
+  msg->offset_high = smb_swap32((unsigned int)(offset >> 32));
+  msg->data_length = smb_swap16((unsigned short)upload_size);
   msg->data_offset = smb_swap16(sizeof(*msg) - sizeof(unsigned int));
-  msg->byte_count = smb_swap16((unsigned short) (upload_size + 1));
+  msg->byte_count = smb_swap16((unsigned short)(upload_size + 1));
 
   smb_format_message(smbc, req, &msg->h, SMB_COM_WRITE_ANDX,
-                     sizeof(*msg) - sizeof(msg->h) + (size_t) upload_size);
+                     sizeof(*msg) - sizeof(msg->h) + (size_t)upload_size);
 
-  return smb_send(data, smbc, sizeof(*msg), (size_t) upload_size);
+  return smb_send(data, smbc, sizeof(*msg), (size_t)upload_size);
 }
 
 static CURLcode smb_send_and_recv(struct Curl_easy *data,
@@ -1014,7 +1014,7 @@ static void get_posix_time(time_t *out, curl_off_t timestamp)
       *out = TIME_T_MIN;
     else
 #endif
-      *out = (time_t) timestamp;
+      *out = (time_t)timestamp;
   }
   else
     *out = 0;
@@ -1084,7 +1084,7 @@ static CURLcode smb_request_state(struct Curl_easy *data, bool *done)
       next_state = SMB_TREE_DISCONNECT;
       break;
     }
-    smb_m = (const struct smb_nt_create_response*) msg;
+    smb_m = (const struct smb_nt_create_response *)msg;
     req->fid = smb_swap16(smb_m->fid);
     data->req.offset = 0;
     if(data->state.upload) {
@@ -1113,9 +1113,9 @@ static CURLcode smb_request_state(struct Curl_easy *data, bool *done)
       next_state = SMB_CLOSE;
       break;
     }
-    len = Curl_read16_le(((const unsigned char *) msg) +
+    len = Curl_read16_le(((const unsigned char *)msg) +
                          sizeof(struct smb_header) + 11);
-    off = Curl_read16_le(((const unsigned char *) msg) +
+    off = Curl_read16_le(((const unsigned char *)msg) +
                          sizeof(struct smb_header) + 13);
     if(len > 0) {
       if(off + sizeof(unsigned int) + len > smbc->got) {
@@ -1142,7 +1142,7 @@ static CURLcode smb_request_state(struct Curl_easy *data, bool *done)
       next_state = SMB_CLOSE;
       break;
     }
-    len = Curl_read16_le(((const unsigned char *) msg) +
+    len = Curl_read16_le(((const unsigned char *)msg) +
                          sizeof(struct smb_header) + 5);
     data->req.bytecount += len;
     data->req.offset += len;
diff --git a/lib/smtp.c b/lib/smtp.c
index 55a15b36c0..5aab391e37 100644
--- a/lib/smtp.c
+++ b/lib/smtp.c
@@ -201,8 +201,7 @@ const struct Curl_handler Curl_handler_smtp = {
   CURLPROTO_SMTP,                   /* protocol */
   CURLPROTO_SMTP,                   /* family */
   PROTOPT_CLOSEACTION | PROTOPT_NOURLQUERY | /* flags */
-  PROTOPT_URLOPTIONS | PROTOPT_SSL_REUSE |
-  PROTOPT_CONN_REUSE
+    PROTOPT_URLOPTIONS | PROTOPT_SSL_REUSE | PROTOPT_CONN_REUSE
 };
 
 #ifdef USE_SSL
@@ -233,8 +232,7 @@ const struct Curl_handler Curl_handler_smtps = {
   CURLPROTO_SMTPS,                  /* protocol */
   CURLPROTO_SMTP,                   /* family */
   PROTOPT_CLOSEACTION | PROTOPT_SSL | /* flags */
-  PROTOPT_NOURLQUERY | PROTOPT_URLOPTIONS |
-  PROTOPT_CONN_REUSE
+    PROTOPT_NOURLQUERY | PROTOPT_URLOPTIONS | PROTOPT_CONN_REUSE
 };
 #endif
 
@@ -285,10 +283,10 @@ static bool smtp_endofresp(struct Curl_easy *data, struct connectdata *conn,
     const char *p = tmpline;
     result = TRUE;
     memcpy(tmpline, line, (len == 5 ? 5 : 3));
-    tmpline[len == 5 ? 5 : 3 ] = 0;
+    tmpline[len == 5 ? 5 : 3] = 0;
     if(curlx_str_number(&p, &code, len == 5 ? 99999 : 999))
       return FALSE;
-    *resp = (int) code;
+    *resp = (int)code;
 
     /* Make sure real server never sends internal value */
     if(*resp == 1)
@@ -508,7 +506,7 @@ static CURLcode smtp_perform_auth(struct Curl_easy *data,
   CURLcode result = CURLE_OK;
   struct smtp_conn *smtpc =
     Curl_conn_meta_get(data->conn, CURL_META_SMTP_CONN);
-  const char *ir = (const char *) Curl_bufref_ptr(initresp);
+  const char *ir = (const char *)Curl_bufref_ptr(initresp);
 
   if(!smtpc)
     return CURLE_FAILED_INIT;
@@ -542,7 +540,7 @@ static CURLcode smtp_continue_auth(struct Curl_easy *data,
   if(!smtpc)
     return CURLE_FAILED_INIT;
   return Curl_pp_sendf(data, &smtpc->pp,
-                       "%s", (const char *) Curl_bufref_ptr(resp));
+                       "%s", (const char *)Curl_bufref_ptr(resp));
 }
 
 /***********************************************************************
@@ -923,7 +921,7 @@ static CURLcode smtp_state_servergreet_resp(struct Curl_easy *data,
   CURLcode result = CURLE_OK;
   (void)instate;
 
-  if(smtpcode/100 != 2) {
+  if(smtpcode / 100 != 2) {
     failf(data, "Got unexpected smtp-server response: %d", smtpcode);
     result = CURLE_WEIRD_SERVER_REPLY;
   }
@@ -972,9 +970,9 @@ static CURLcode smtp_state_ehlo_resp(struct Curl_easy *data,
 
   (void)instate;
 
-  if(smtpcode/100 != 2 && smtpcode != 1) {
-    if(data->set.use_ssl <= CURLUSESSL_TRY
-       || Curl_conn_is_ssl(data->conn, FIRSTSOCKET))
+  if(smtpcode / 100 != 2 && smtpcode != 1) {
+    if(data->set.use_ssl <= CURLUSESSL_TRY ||
+       Curl_conn_is_ssl(data->conn, FIRSTSOCKET))
       result = smtp_perform_helo(data, smtpc);
     else {
       failf(data, "Remote access denied: %d", smtpcode);
@@ -1073,7 +1071,7 @@ static CURLcode smtp_state_helo_resp(struct Curl_easy *data,
   CURLcode result = CURLE_OK;
   (void)instate;
 
-  if(smtpcode/100 != 2) {
+  if(smtpcode / 100 != 2) {
     failf(data, "Remote access denied: %d", smtpcode);
     result = CURLE_REMOTE_ACCESS_DENIED;
   }
@@ -1125,8 +1123,8 @@ static CURLcode smtp_state_command_resp(struct Curl_easy *data,
 
   (void)instate;
 
-  if((smtp->rcpt && smtpcode/100 != 2 && smtpcode != 553 && smtpcode != 1) ||
-     (!smtp->rcpt && smtpcode/100 != 2 && smtpcode != 1)) {
+  if((smtp->rcpt && smtpcode / 100 != 2 && smtpcode != 553 && smtpcode != 1) ||
+     (!smtp->rcpt && smtpcode / 100 != 2 && smtpcode != 1)) {
     failf(data, "Command failed: %d", smtpcode);
     result = CURLE_WEIRD_SERVER_REPLY;
   }
@@ -1165,7 +1163,7 @@ static CURLcode smtp_state_mail_resp(struct Curl_easy *data,
   CURLcode result = CURLE_OK;
   (void)instate;
 
-  if(smtpcode/100 != 2) {
+  if(smtpcode / 100 != 2) {
     failf(data, "MAIL failed: %d", smtpcode);
     result = CURLE_SEND_ERROR;
   }
@@ -1189,7 +1187,7 @@ static CURLcode smtp_state_rcpt_resp(struct Curl_easy *data,
 
   (void)instate;
 
-  is_smtp_err = (smtpcode/100 != 2);
+  is_smtp_err = (smtpcode / 100 != 2);
 
   /* If there is multiple RCPT TO to be issued, it is possible to ignore errors
      and proceed with only the valid addresses. */
@@ -1735,8 +1733,8 @@ static CURLcode smtp_setup_connection(struct Curl_easy *data,
   smtpc = curlx_calloc(1, sizeof(*smtpc));
   if(!smtpc ||
      Curl_conn_meta_set(conn, CURL_META_SMTP_CONN, smtpc, smtp_conn_dtor)) {
-     result = CURLE_OUT_OF_MEMORY;
-     goto out;
+    result = CURLE_OUT_OF_MEMORY;
+    goto out;
   }
 
   smtp = curlx_calloc(1, sizeof(*smtp));
@@ -1943,7 +1941,7 @@ static void cr_eob_close(struct Curl_easy *data, struct Curl_creader *reader)
 }
 
 /* this is the 5-bytes End-Of-Body marker for SMTP */
-#define SMTP_EOB "\r\n.\r\n"
+#define SMTP_EOB          "\r\n.\r\n"
 #define SMTP_EOB_FIND_LEN 3
 
 /* client reader doing SMTP End-Of-Body escaping. */
@@ -2016,16 +2014,16 @@ static CURLcode cr_eob_read(struct Curl_easy *data,
     const char *eob = SMTP_EOB;
     CURL_TRC_SMTP(data, "auto-ending mail body with '\\r\\n.\\r\\n'");
     switch(ctx->n_eob) {
-      case 2:
-        /* seen a CRLF at the end, just add the remainder */
-        eob = &SMTP_EOB[2];
-        break;
-      case 3:
-        /* ended with '\r\n.', we should escape the last '.' */
-        eob = "." SMTP_EOB;
-        break;
-      default:
-        break;
+    case 2:
+      /* seen a CRLF at the end, just add the remainder */
+      eob = &SMTP_EOB[2];
+      break;
+    case 3:
+      /* ended with '\r\n.', we should escape the last '.' */
+      eob = "." SMTP_EOB;
+      break;
+    default:
+      break;
     }
     result = Curl_bufq_cwrite(&ctx->buf, eob, strlen(eob), &n);
     if(result)
@@ -2078,8 +2076,7 @@ static CURLcode cr_eob_add(struct Curl_easy *data)
   struct Curl_creader *reader = NULL;
   CURLcode result;
 
-  result = Curl_creader_create(&reader, data, &cr_eob,
-                               CURL_CR_CONTENT_ENCODE);
+  result = Curl_creader_create(&reader, data, &cr_eob, CURL_CR_CONTENT_ENCODE);
   if(!result)
     result = Curl_creader_add(data, reader);
 
diff --git a/lib/socketpair.h b/lib/socketpair.h
index e601f5f71b..5387c09340 100644
--- a/lib/socketpair.h
+++ b/lib/socketpair.h
@@ -28,20 +28,20 @@
 
 #ifdef USE_EVENTFD
 
-#define wakeup_write  write
-#define wakeup_read   read
-#define wakeup_close  close
-#define wakeup_create(p,nb) Curl_eventfd(p,nb)
+#define wakeup_write         write
+#define wakeup_read          read
+#define wakeup_close         close
+#define wakeup_create(p, nb) Curl_eventfd(p, nb)
 
 #include 
 int Curl_eventfd(curl_socket_t socks[2], bool nonblocking);
 
 #elif defined(HAVE_PIPE)
 
-#define wakeup_write  write
-#define wakeup_read   read
-#define wakeup_close  close
-#define wakeup_create(p,nb) Curl_pipe(p,nb)
+#define wakeup_write         write
+#define wakeup_read          read
+#define wakeup_close         close
+#define wakeup_create(p, nb) Curl_pipe(p, nb)
 
 #include 
 int Curl_pipe(curl_socket_t socks[2], bool nonblocking);
@@ -67,7 +67,7 @@ int Curl_pipe(curl_socket_t socks[2], bool nonblocking);
 #endif
 
 #define USE_SOCKETPAIR
-#define wakeup_create(p,nb)                                     \
+#define wakeup_create(p, nb)                                    \
   Curl_socketpair(SOCKETPAIR_FAMILY, SOCKETPAIR_TYPE, 0, p, nb)
 
 #endif /* USE_EVENTFD */
diff --git a/lib/socks.c b/lib/socks.c
index 7160dd1506..4620850652 100644
--- a/lib/socks.c
+++ b/lib/socks.c
@@ -164,9 +164,9 @@ CURLcode Curl_blockread_all(struct Curl_cfilter *cf,
 
 #if defined(DEBUGBUILD) && !defined(CURL_DISABLE_VERBOSE_STRINGS)
 #define DEBUG_AND_VERBOSE
-#define sxstate(x,c,d,y) socksstate(x,c,d,y, __LINE__)
+#define sxstate(x, c, d, y) socksstate(x, c, d, y, __LINE__)
 #else
-#define sxstate(x,c,d,y) socksstate(x,c,d,y)
+#define sxstate(x, c, d, y) socksstate(x, c, d, y)
 #endif
 
 /* always use this function to change state, to make debugging easier */
@@ -206,9 +206,9 @@ static CURLproxycode socks_failed(struct socks_state *sx,
 }
 
 static CURLproxycode socks_flush(struct socks_state *sx,
-                                  struct Curl_cfilter *cf,
-                                  struct Curl_easy *data,
-                                  bool *done)
+                                 struct Curl_cfilter *cf,
+                                 struct Curl_easy *data,
+                                 bool *done)
 {
   CURLcode result;
   size_t nwritten;
@@ -332,8 +332,7 @@ static CURLproxycode socks4_resolving(struct socks_state *sx,
     result = Curl_resolv(data, sx->hostname, sx->remote_port,
                          cf->conn->ip_version, TRUE, &dns);
     if(result == CURLE_AGAIN) {
-      CURL_TRC_CF(data, cf, "SOCKS4 non-blocking resolve of %s",
-                  sx->hostname);
+      CURL_TRC_CF(data, cf, "SOCKS4 non-blocking resolve of %s", sx->hostname);
       return CURLPX_OK;
     }
     else if(result)
@@ -347,8 +346,7 @@ static CURLproxycode socks4_resolving(struct socks_state *sx,
   }
 
   if(result || !dns) {
-    failf(data, "Failed to resolve \"%s\" for SOCKS4 connect.",
-          sx->hostname);
+    failf(data, "Failed to resolve \"%s\" for SOCKS4 connect.", sx->hostname);
     return CURLPX_RESOLVE_HOST;
   }
 
@@ -465,16 +463,16 @@ static CURLproxycode socks4_check_resp(struct socks_state *sx,
 }
 
 /*
-* This function logs in to a SOCKS4 proxy and sends the specifics to the final
-* destination server.
-*
-* Reference :
-*   https://www.openssh.com/txt/socks4.protocol
-*
-* Note :
-*   Set protocol4a=true for  "SOCKS 4A (Simple Extension to SOCKS 4 Protocol)"
-*   Nonsupport "Identification Protocol (RFC1413)"
-*/
+ * This function logs in to a SOCKS4 proxy and sends the specifics to the final
+ * destination server.
+ *
+ * Reference :
+ *   https://www.openssh.com/txt/socks4.protocol
+ *
+ * Note :
+ *   Set protocol4a=true for  "SOCKS 4A (Simple Extension to SOCKS 4 Protocol)"
+ *   Nonsupport "Identification Protocol (RFC1413)"
+ */
 static CURLproxycode socks4_connect(struct Curl_cfilter *cf,
                                     struct socks_state *sx,
                                     struct Curl_easy *data)
@@ -733,7 +731,7 @@ static CURLproxycode socks5_auth_init(struct Curl_cfilter *cf,
     if(result || (nwritten != ulen))
       return CURLPX_SEND_REQUEST;
   }
-  buf[0] = (unsigned char) plen;
+  buf[0] = (unsigned char)plen;
   result = Curl_bufq_write(&sx->iobuf, buf, 1, &nwritten);
   if(result || (nwritten != 1))
     return CURLPX_SEND_REQUEST;
@@ -813,7 +811,7 @@ static CURLproxycode socks5_req1_init(struct socks_state *sx,
     const size_t hostname_len = strlen(sx->hostname);
     desttype = 3;
     destination = (const unsigned char *)sx->hostname;
-    destlen = (unsigned char) hostname_len; /* one byte length */
+    destlen = (unsigned char)hostname_len; /* one byte length */
   }
 
   req[3] = desttype;
@@ -860,8 +858,7 @@ static CURLproxycode socks5_resolving(struct socks_state *sx,
     result = Curl_resolv(data, sx->hostname, sx->remote_port,
                          cf->conn->ip_version, TRUE, &dns);
     if(result == CURLE_AGAIN) {
-      CURL_TRC_CF(data, cf, "SOCKS5 non-blocking resolve of %s",
-                  sx->hostname);
+      CURL_TRC_CF(data, cf, "SOCKS5 non-blocking resolve of %s", sx->hostname);
       return CURLPX_OK;
     }
     else if(result)
@@ -875,8 +872,7 @@ static CURLproxycode socks5_resolving(struct socks_state *sx,
   }
 
   if(result || !dns) {
-    failf(data, "Failed to resolve \"%s\" for SOCKS5 connect.",
-          sx->hostname);
+    failf(data, "Failed to resolve \"%s\" for SOCKS5 connect.", sx->hostname);
     presult = CURLPX_RESOLVE_HOST;
     goto out;
   }
@@ -893,8 +889,7 @@ static CURLproxycode socks5_resolving(struct socks_state *sx,
   }
 #endif
   if(!hp) {
-    failf(data, "Failed to resolve \"%s\" for SOCKS5 connect.",
-          sx->hostname);
+    failf(data, "Failed to resolve \"%s\" for SOCKS5 connect.", sx->hostname);
     presult = CURLPX_RESOLVE_HOST;
     goto out;
   }
@@ -1394,7 +1389,7 @@ static CURLcode socks_cf_query(struct Curl_cfilter *cf,
 
 struct Curl_cftype Curl_cft_socks_proxy = {
   "SOCKS",
-  CF_TYPE_IP_CONNECT|CF_TYPE_PROXY,
+  CF_TYPE_IP_CONNECT | CF_TYPE_PROXY,
   0,
   socks_proxy_cf_destroy,
   socks_proxy_cf_connect,
diff --git a/lib/socks.h b/lib/socks.h
index f76bddc5f4..eb9088f530 100644
--- a/lib/socks.h
+++ b/lib/socks.h
@@ -27,9 +27,9 @@
 #include "curl_setup.h"
 
 #ifdef CURL_DISABLE_PROXY
-#define Curl_SOCKS4(a,b,c,d,e) CURLE_NOT_BUILT_IN
-#define Curl_SOCKS5(a,b,c,d,e,f) CURLE_NOT_BUILT_IN
-#define Curl_SOCKS_getsock(x,y,z) 0
+#define Curl_SOCKS4(a, b, c, d, e)    CURLE_NOT_BUILT_IN
+#define Curl_SOCKS5(a, b, c, d, e, f) CURLE_NOT_BUILT_IN
+#define Curl_SOCKS_getsock(x, y, z)   0
 #else
 /*
  * Helper read-from-socket functions. Does the same as Curl_read() but it
diff --git a/lib/socks_gssapi.c b/lib/socks_gssapi.c
index 6f8a90139d..3bee643e41 100644
--- a/lib/socks_gssapi.c
+++ b/lib/socks_gssapi.c
@@ -67,8 +67,7 @@ static int check_gss_err(struct Curl_easy *data,
                                     GSS_C_NULL_OID,
                                     &msg_ctx, &status_string);
       if(maj_stat == GSS_S_COMPLETE) {
-        if(curlx_dyn_addn(&dbuf, status_string.value,
-                         status_string.length))
+        if(curlx_dyn_addn(&dbuf, status_string.value, status_string.length))
           return 1; /* error */
         gss_release_buffer(&min_stat, &status_string);
         break;
@@ -85,8 +84,7 @@ static int check_gss_err(struct Curl_easy *data,
                                     GSS_C_NULL_OID,
                                     &msg_ctx, &status_string);
       if(maj_stat == GSS_S_COMPLETE) {
-        if(curlx_dyn_addn(&dbuf, status_string.value,
-                         status_string.length))
+        if(curlx_dyn_addn(&dbuf, status_string.value, status_string.length))
           return 1; /* error */
         gss_release_buffer(&min_stat, &status_string);
         break;
@@ -144,7 +142,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
       return CURLE_OUT_OF_MEMORY;
 
     gss_major_status = gss_import_name(&gss_minor_status, &service,
-                                       (gss_OID) GSS_C_NULL_OID, &server);
+                                       (gss_OID)GSS_C_NULL_OID, &server);
   }
   else {
     service.value = curlx_malloc(serviceptr_length +
@@ -207,8 +205,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
       us_length = htons((unsigned short)gss_send_token.length);
       memcpy(socksreq + 2, &us_length, sizeof(short));
 
-      code = Curl_conn_cf_send(cf->next, data, socksreq, 4,
-                               FALSE, &nwritten);
+      code = Curl_conn_cf_send(cf->next, data, socksreq, 4, FALSE, &nwritten);
       if(code || (nwritten != 4)) {
         failf(data, "Failed to send GSS-API authentication request.");
         gss_release_name(&gss_status, &server);
@@ -227,7 +224,6 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
         Curl_gss_delete_sec_context(&gss_status, &gss_context, NULL);
         return CURLE_COULDNT_CONNECT;
       }
-
     }
 
     gss_release_buffer(&gss_status, &gss_send_token);
diff --git a/lib/socks_sspi.c b/lib/socks_sspi.c
index 92592c5ce0..17e875557e 100644
--- a/lib/socks_sspi.c
+++ b/lib/socks_sspi.c
@@ -187,8 +187,8 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
     }
 
     if(sspi_send_token.cbBuffer) {
-      socksreq[0] = 1;    /* GSS-API subnegotiation version */
-      socksreq[1] = 1;    /* authentication message type */
+      socksreq[0] = 1; /* GSS-API subnegotiation version */
+      socksreq[1] = 1; /* authentication message type */
       if(sspi_send_token.cbBuffer > 0xffff) {
         /* needs to fit in an unsigned 16 bit field */
         result = CURLE_COULDNT_CONNECT;
@@ -305,8 +305,8 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
   }
 
   /* Do encryption */
-  socksreq[0] = 1;    /* GSS-API subnegotiation version */
-  socksreq[1] = 2;    /* encryption message type */
+  socksreq[0] = 1; /* GSS-API subnegotiation version */
+  socksreq[1] = 2; /* encryption message type */
 
   gss_enc = 0; /* no data protection */
   /* do confidentiality protection if supported */
@@ -318,7 +318,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
 
   infof(data, "SOCKS5 server supports GSS-API %s data protection.",
         (gss_enc == 0) ? "no" :
-        ((gss_enc == 1) ? "integrity":"confidentiality") );
+        ((gss_enc == 1) ? "integrity" : "confidentiality") );
 
   /*
    * Sending the encryption type in clear seems wrong. It should be
@@ -399,7 +399,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
     }
 
     etbuf_size = sspi_w_token[0].cbBuffer + sspi_w_token[1].cbBuffer +
-      sspi_w_token[2].cbBuffer;
+                 sspi_w_token[2].cbBuffer;
     if(etbuf_size > 0xffff) {
       /* needs to fit in an unsigned 16 bit field */
       result = CURLE_COULDNT_CONNECT;
diff --git a/lib/splay.c b/lib/splay.c
index 3ca8678b2b..d036d27f54 100644
--- a/lib/splay.c
+++ b/lib/splay.c
@@ -34,7 +34,7 @@
  *  zero          : when i is equal   to   j
  *  positive when : when i is larger  than j
  */
-#define compare(i,j) curlx_timediff_us(i,j)
+#define compare(i, j) curlx_timediff_us(i, j)
 
 /*
  * Splay using the key i (which may or may not be in the tree.) The starting
@@ -134,7 +134,6 @@ struct Curl_tree *Curl_splayinsert(struct curltime i,
     node->smaller = t->smaller;
     node->larger = t;
     t->smaller = NULL;
-
   }
   else {
     node->larger = t->larger;
@@ -156,7 +155,7 @@ struct Curl_tree *Curl_splaygetbest(struct curltime i,
                                     struct Curl_tree *t,
                                     struct Curl_tree **removed)
 {
-  static const struct curltime tv_zero = {0, 0};
+  static const struct curltime tv_zero = { 0, 0 };
   struct Curl_tree *x;
 
   if(!t) {
@@ -197,7 +196,6 @@ struct Curl_tree *Curl_splaygetbest(struct curltime i,
   return x;
 }
 
-
 /* Deletes the node we point out from the tree if it is there. Stores a
  * pointer to the new resulting tree in 'newroot'.
  *
diff --git a/lib/strcase.c b/lib/strcase.c
index 78d4dc5b3d..e8424fa617 100644
--- a/lib/strcase.c
+++ b/lib/strcase.c
@@ -30,58 +30,60 @@
 
 /* Mapping table to go from lowercase to uppercase for plain ASCII.*/
 static const unsigned char touppermap[256] = {
-  0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21,
-  22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40,
-  41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59,
-  60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78,
-  79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 65,
-  66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84,
-  85, 86, 87, 88, 89, 90, 123, 124, 125, 126, 127, 128, 129, 130, 131, 132,
-  133, 134, 135, 136, 137, 138, 139, 140, 141, 142, 143, 144, 145, 146, 147,
-  148, 149, 150, 151, 152, 153, 154, 155, 156, 157, 158, 159, 160, 161, 162,
-  163, 164, 165, 166, 167, 168, 169, 170, 171, 172, 173, 174, 175, 176, 177,
-  178, 179, 180, 181, 182, 183, 184, 185, 186, 187, 188, 189, 190, 191, 192,
-  193, 194, 195, 196, 197, 198, 199, 200, 201, 202, 203, 204, 205, 206, 207,
-  208, 209, 210, 211, 212, 213, 214, 215, 216, 217, 218, 219, 220, 221, 222,
-  223, 224, 225, 226, 227, 228, 229, 230, 231, 232, 233, 234, 235, 236, 237,
-  238, 239, 240, 241, 242, 243, 244, 245, 246, 247, 248, 249, 250, 251, 252,
-  253, 254, 255
+  0,   1,   2,   3,   4,   5,   6,   7,   8,   9,   10,  11,  12,  13,  14,
+  15,  16,  17,  18,  19,  20,  21,  22,  23,  24,  25,  26,  27,  28,  29,
+  30,  31,  32,  33,  34,  35,  36,  37,  38,  39,  40,  41,  42,  43,  44,
+  45,  46,  47,  48,  49,  50,  51,  52,  53,  54,  55,  56,  57,  58,  59,
+  60,  61,  62,  63,  64,  65,  66,  67,  68,  69,  70,  71,  72,  73,  74,
+  75,  76,  77,  78,  79,  80,  81,  82,  83,  84,  85,  86,  87,  88,  89,
+  90,  91,  92,  93,  94,  95,  96,  65,  66,  67,  68,  69,  70,  71,  72,
+  73,  74,  75,  76,  77,  78,  79,  80,  81,  82,  83,  84,  85,  86,  87,
+  88,  89,  90,  123, 124, 125, 126, 127, 128, 129, 130, 131, 132, 133, 134,
+  135, 136, 137, 138, 139, 140, 141, 142, 143, 144, 145, 146, 147, 148, 149,
+  150, 151, 152, 153, 154, 155, 156, 157, 158, 159, 160, 161, 162, 163, 164,
+  165, 166, 167, 168, 169, 170, 171, 172, 173, 174, 175, 176, 177, 178, 179,
+  180, 181, 182, 183, 184, 185, 186, 187, 188, 189, 190, 191, 192, 193, 194,
+  195, 196, 197, 198, 199, 200, 201, 202, 203, 204, 205, 206, 207, 208, 209,
+  210, 211, 212, 213, 214, 215, 216, 217, 218, 219, 220, 221, 222, 223, 224,
+  225, 226, 227, 228, 229, 230, 231, 232, 233, 234, 235, 236, 237, 238, 239,
+  240, 241, 242, 243, 244, 245, 246, 247, 248, 249, 250, 251, 252, 253, 254,
+  255
 };
 
 /* Mapping table to go from uppercase to lowercase for plain ASCII.*/
 static const unsigned char tolowermap[256] = {
-  0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21,
-  22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40,
-  41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59,
-  60, 61, 62, 63, 64, 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 107, 108,
-  109, 110, 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122, 91, 92,
-  93, 94, 95, 96, 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 107, 108, 109,
-  110, 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122, 123, 124,
-  125, 126, 127, 128, 129, 130, 131, 132, 133, 134, 135, 136, 137, 138, 139,
-  140, 141, 142, 143, 144, 145, 146, 147, 148, 149, 150, 151, 152, 153, 154,
-  155, 156, 157, 158, 159, 160, 161, 162, 163, 164, 165, 166, 167, 168, 169,
-  170, 171, 172, 173, 174, 175, 176, 177, 178, 179, 180, 181, 182, 183, 184,
-  185, 186, 187, 188, 189, 190, 191, 192, 193, 194, 195, 196, 197, 198, 199,
-  200, 201, 202, 203, 204, 205, 206, 207, 208, 209, 210, 211, 212, 213, 214,
-  215, 216, 217, 218, 219, 220, 221, 222, 223, 224, 225, 226, 227, 228, 229,
-  230, 231, 232, 233, 234, 235, 236, 237, 238, 239, 240, 241, 242, 243, 244,
-  245, 246, 247, 248, 249, 250, 251, 252, 253, 254, 255
+  0,   1,   2,   3,   4,   5,   6,   7,   8,   9,   10,  11,  12,  13,  14,
+  15,  16,  17,  18,  19,  20,  21,  22,  23,  24,  25,  26,  27,  28,  29,
+  30,  31,  32,  33,  34,  35,  36,  37,  38,  39,  40,  41,  42,  43,  44,
+  45,  46,  47,  48,  49,  50,  51,  52,  53,  54,  55,  56,  57,  58,  59,
+  60,  61,  62,  63,  64,  97,  98,  99,  100, 101, 102, 103, 104, 105, 106,
+  107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121,
+  122, 91,  92,  93,  94,  95,  96,  97,  98,  99,  100, 101, 102, 103, 104,
+  105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, 118, 119,
+  120, 121, 122, 123, 124, 125, 126, 127, 128, 129, 130, 131, 132, 133, 134,
+  135, 136, 137, 138, 139, 140, 141, 142, 143, 144, 145, 146, 147, 148, 149,
+  150, 151, 152, 153, 154, 155, 156, 157, 158, 159, 160, 161, 162, 163, 164,
+  165, 166, 167, 168, 169, 170, 171, 172, 173, 174, 175, 176, 177, 178, 179,
+  180, 181, 182, 183, 184, 185, 186, 187, 188, 189, 190, 191, 192, 193, 194,
+  195, 196, 197, 198, 199, 200, 201, 202, 203, 204, 205, 206, 207, 208, 209,
+  210, 211, 212, 213, 214, 215, 216, 217, 218, 219, 220, 221, 222, 223, 224,
+  225, 226, 227, 228, 229, 230, 231, 232, 233, 234, 235, 236, 237, 238, 239,
+  240, 241, 242, 243, 244, 245, 246, 247, 248, 249, 250, 251, 252, 253, 254,
+  255
 };
 
-
 /* Portable, consistent toupper. Do not use toupper() because its behavior is
    altered by the current locale. */
 char Curl_raw_toupper(char in)
 {
-  return (char)touppermap[(unsigned char) in];
+  return (char)touppermap[(unsigned char)in];
 }
 
-
 /* Portable, consistent tolower. Do not use tolower() because its behavior is
    altered by the current locale. */
 char Curl_raw_tolower(char in)
 {
-  return (char)tolowermap[(unsigned char) in];
+  return (char)tolowermap[(unsigned char)in];
 }
 
 /* Copy an upper case version of the string from src to dest. The
@@ -135,7 +137,7 @@ int Curl_timestrcmp(const char *a, const char *b)
 
   if(a && b) {
     while(1) {
-      match |= a[i]^b[i];
+      match |= a[i] ^ b[i];
       if(!a[i] || !b[i])
         break;
       i++;
diff --git a/lib/strcase.h b/lib/strcase.h
index 915c996926..56839c2f3e 100644
--- a/lib/strcase.h
+++ b/lib/strcase.h
@@ -31,7 +31,7 @@ char Curl_raw_tolower(char in);
 
 /* checkprefix() is a shorter version of the above, used when the first
    argument is the string literal */
-#define checkprefix(a,b)    curl_strnequal(b, STRCONST(a))
+#define checkprefix(a, b) curl_strnequal(b, STRCONST(a))
 
 void Curl_strntoupper(char *dest, const char *src, size_t n);
 void Curl_strntolower(char *dest, const char *src, size_t n);
diff --git a/lib/strdup.h b/lib/strdup.h
index 238a2611f6..22ade4d7ff 100644
--- a/lib/strdup.h
+++ b/lib/strdup.h
@@ -29,7 +29,7 @@
 char *Curl_strdup(const char *str);
 #endif
 #ifdef _WIN32
-wchar_t* Curl_wcsdup(const wchar_t* src);
+wchar_t *Curl_wcsdup(const wchar_t *src);
 #endif
 void *Curl_memdup(const void *src, size_t buffer_length);
 void *Curl_saferealloc(void *ptr, size_t size);
diff --git a/lib/strerror.c b/lib/strerror.c
index 4b957bef23..899db8c61d 100644
--- a/lib/strerror.c
+++ b/lib/strerror.c
@@ -34,8 +34,7 @@
 #include "curlx/winapi.h"
 #include "strerror.h"
 
-const char *
-curl_easy_strerror(CURLcode error)
+const char *curl_easy_strerror(CURLcode error)
 {
 #ifndef CURL_DISABLE_VERBOSE_STRINGS
   switch(error) {
@@ -53,7 +52,7 @@ curl_easy_strerror(CURLcode error)
 
   case CURLE_NOT_BUILT_IN:
     return "A requested feature, protocol or option was not found built-in in"
-      " this libcurl due to a build-time decision.";
+           " this libcurl due to a build-time decision.";
 
   case CURLE_COULDNT_RESOLVE_PROXY:
     return "Could not resolve proxy name";
@@ -327,8 +326,7 @@ curl_easy_strerror(CURLcode error)
 #endif
 }
 
-const char *
-curl_multi_strerror(CURLMcode error)
+const char *curl_multi_strerror(CURLMcode error)
 {
 #ifndef CURL_DISABLE_VERBOSE_STRINGS
   switch(error) {
@@ -387,8 +385,7 @@ curl_multi_strerror(CURLMcode error)
 #endif
 }
 
-const char *
-curl_share_strerror(CURLSHcode error)
+const char *curl_share_strerror(CURLSHcode error)
 {
 #ifndef CURL_DISABLE_VERBOSE_STRINGS
   switch(error) {
@@ -423,8 +420,7 @@ curl_share_strerror(CURLSHcode error)
 #endif
 }
 
-const char *
-curl_url_strerror(CURLUcode error)
+const char *curl_url_strerror(CURLUcode error)
 {
 #ifndef CURL_DISABLE_VERBOSE_STRINGS
   switch(error) {
@@ -558,96 +554,96 @@ const char *Curl_sspi_strerror(SECURITY_STATUS err, char *buf, size_t buflen)
 #ifndef CURL_DISABLE_VERBOSE_STRINGS
 
   switch(err) {
-    case SEC_E_OK:
-      txt = "No error";
-      break;
+  case SEC_E_OK:
+    txt = "No error";
+    break;
 #define SEC2TXT(sec) case sec: txt = #sec; break
-    SEC2TXT(CRYPT_E_REVOKED);
-    SEC2TXT(CRYPT_E_NO_REVOCATION_DLL);
-    SEC2TXT(CRYPT_E_NO_REVOCATION_CHECK);
-    SEC2TXT(CRYPT_E_REVOCATION_OFFLINE);
-    SEC2TXT(CRYPT_E_NOT_IN_REVOCATION_DATABASE);
-    SEC2TXT(SEC_E_ALGORITHM_MISMATCH);
-    SEC2TXT(SEC_E_BAD_BINDINGS);
-    SEC2TXT(SEC_E_BAD_PKGID);
-    SEC2TXT(SEC_E_BUFFER_TOO_SMALL);
-    SEC2TXT(SEC_E_CANNOT_INSTALL);
-    SEC2TXT(SEC_E_CANNOT_PACK);
-    SEC2TXT(SEC_E_CERT_EXPIRED);
-    SEC2TXT(SEC_E_CERT_UNKNOWN);
-    SEC2TXT(SEC_E_CERT_WRONG_USAGE);
-    SEC2TXT(SEC_E_CONTEXT_EXPIRED);
-    SEC2TXT(SEC_E_CROSSREALM_DELEGATION_FAILURE);
-    SEC2TXT(SEC_E_CRYPTO_SYSTEM_INVALID);
-    SEC2TXT(SEC_E_DECRYPT_FAILURE);
-    SEC2TXT(SEC_E_DELEGATION_POLICY);
-    SEC2TXT(SEC_E_DELEGATION_REQUIRED);
-    SEC2TXT(SEC_E_DOWNGRADE_DETECTED);
-    SEC2TXT(SEC_E_ENCRYPT_FAILURE);
-    SEC2TXT(SEC_E_ILLEGAL_MESSAGE);
-    SEC2TXT(SEC_E_INCOMPLETE_CREDENTIALS);
-    SEC2TXT(SEC_E_INCOMPLETE_MESSAGE);
-    SEC2TXT(SEC_E_INSUFFICIENT_MEMORY);
-    SEC2TXT(SEC_E_INTERNAL_ERROR);
-    SEC2TXT(SEC_E_INVALID_HANDLE);
-    SEC2TXT(SEC_E_INVALID_PARAMETER);
-    SEC2TXT(SEC_E_INVALID_TOKEN);
-    SEC2TXT(SEC_E_ISSUING_CA_UNTRUSTED);
-    SEC2TXT(SEC_E_ISSUING_CA_UNTRUSTED_KDC);
-    SEC2TXT(SEC_E_KDC_CERT_EXPIRED);
-    SEC2TXT(SEC_E_KDC_CERT_REVOKED);
-    SEC2TXT(SEC_E_KDC_INVALID_REQUEST);
-    SEC2TXT(SEC_E_KDC_UNABLE_TO_REFER);
-    SEC2TXT(SEC_E_KDC_UNKNOWN_ETYPE);
-    SEC2TXT(SEC_E_LOGON_DENIED);
-    SEC2TXT(SEC_E_MAX_REFERRALS_EXCEEDED);
-    SEC2TXT(SEC_E_MESSAGE_ALTERED);
-    SEC2TXT(SEC_E_MULTIPLE_ACCOUNTS);
-    SEC2TXT(SEC_E_MUST_BE_KDC);
-    SEC2TXT(SEC_E_NOT_OWNER);
-    SEC2TXT(SEC_E_NO_AUTHENTICATING_AUTHORITY);
-    SEC2TXT(SEC_E_NO_CREDENTIALS);
-    SEC2TXT(SEC_E_NO_IMPERSONATION);
-    SEC2TXT(SEC_E_NO_IP_ADDRESSES);
-    SEC2TXT(SEC_E_NO_KERB_KEY);
-    SEC2TXT(SEC_E_NO_PA_DATA);
-    SEC2TXT(SEC_E_NO_S4U_PROT_SUPPORT);
-    SEC2TXT(SEC_E_NO_TGT_REPLY);
-    SEC2TXT(SEC_E_OUT_OF_SEQUENCE);
-    SEC2TXT(SEC_E_PKINIT_CLIENT_FAILURE);
-    SEC2TXT(SEC_E_PKINIT_NAME_MISMATCH);
-    SEC2TXT(SEC_E_POLICY_NLTM_ONLY);
-    SEC2TXT(SEC_E_QOP_NOT_SUPPORTED);
-    SEC2TXT(SEC_E_REVOCATION_OFFLINE_C);
-    SEC2TXT(SEC_E_REVOCATION_OFFLINE_KDC);
-    SEC2TXT(SEC_E_SECPKG_NOT_FOUND);
-    SEC2TXT(SEC_E_SECURITY_QOS_FAILED);
-    SEC2TXT(SEC_E_SHUTDOWN_IN_PROGRESS);
-    SEC2TXT(SEC_E_SMARTCARD_CERT_EXPIRED);
-    SEC2TXT(SEC_E_SMARTCARD_CERT_REVOKED);
-    SEC2TXT(SEC_E_SMARTCARD_LOGON_REQUIRED);
-    SEC2TXT(SEC_E_STRONG_CRYPTO_NOT_SUPPORTED);
-    SEC2TXT(SEC_E_TARGET_UNKNOWN);
-    SEC2TXT(SEC_E_TIME_SKEW);
-    SEC2TXT(SEC_E_TOO_MANY_PRINCIPALS);
-    SEC2TXT(SEC_E_UNFINISHED_CONTEXT_DELETED);
-    SEC2TXT(SEC_E_UNKNOWN_CREDENTIALS);
-    SEC2TXT(SEC_E_UNSUPPORTED_FUNCTION);
-    SEC2TXT(SEC_E_UNSUPPORTED_PREAUTH);
-    SEC2TXT(SEC_E_UNTRUSTED_ROOT);
-    SEC2TXT(SEC_E_WRONG_CREDENTIAL_HANDLE);
-    SEC2TXT(SEC_E_WRONG_PRINCIPAL);
-    SEC2TXT(SEC_I_COMPLETE_AND_CONTINUE);
-    SEC2TXT(SEC_I_COMPLETE_NEEDED);
-    SEC2TXT(SEC_I_CONTEXT_EXPIRED);
-    SEC2TXT(SEC_I_CONTINUE_NEEDED);
-    SEC2TXT(SEC_I_INCOMPLETE_CREDENTIALS);
-    SEC2TXT(SEC_I_LOCAL_LOGON);
-    SEC2TXT(SEC_I_NO_LSA_CONTEXT);
-    SEC2TXT(SEC_I_RENEGOTIATE);
-    SEC2TXT(SEC_I_SIGNATURE_NEEDED);
-    default:
-      txt = "Unknown error";
+  SEC2TXT(CRYPT_E_REVOKED);
+  SEC2TXT(CRYPT_E_NO_REVOCATION_DLL);
+  SEC2TXT(CRYPT_E_NO_REVOCATION_CHECK);
+  SEC2TXT(CRYPT_E_REVOCATION_OFFLINE);
+  SEC2TXT(CRYPT_E_NOT_IN_REVOCATION_DATABASE);
+  SEC2TXT(SEC_E_ALGORITHM_MISMATCH);
+  SEC2TXT(SEC_E_BAD_BINDINGS);
+  SEC2TXT(SEC_E_BAD_PKGID);
+  SEC2TXT(SEC_E_BUFFER_TOO_SMALL);
+  SEC2TXT(SEC_E_CANNOT_INSTALL);
+  SEC2TXT(SEC_E_CANNOT_PACK);
+  SEC2TXT(SEC_E_CERT_EXPIRED);
+  SEC2TXT(SEC_E_CERT_UNKNOWN);
+  SEC2TXT(SEC_E_CERT_WRONG_USAGE);
+  SEC2TXT(SEC_E_CONTEXT_EXPIRED);
+  SEC2TXT(SEC_E_CROSSREALM_DELEGATION_FAILURE);
+  SEC2TXT(SEC_E_CRYPTO_SYSTEM_INVALID);
+  SEC2TXT(SEC_E_DECRYPT_FAILURE);
+  SEC2TXT(SEC_E_DELEGATION_POLICY);
+  SEC2TXT(SEC_E_DELEGATION_REQUIRED);
+  SEC2TXT(SEC_E_DOWNGRADE_DETECTED);
+  SEC2TXT(SEC_E_ENCRYPT_FAILURE);
+  SEC2TXT(SEC_E_ILLEGAL_MESSAGE);
+  SEC2TXT(SEC_E_INCOMPLETE_CREDENTIALS);
+  SEC2TXT(SEC_E_INCOMPLETE_MESSAGE);
+  SEC2TXT(SEC_E_INSUFFICIENT_MEMORY);
+  SEC2TXT(SEC_E_INTERNAL_ERROR);
+  SEC2TXT(SEC_E_INVALID_HANDLE);
+  SEC2TXT(SEC_E_INVALID_PARAMETER);
+  SEC2TXT(SEC_E_INVALID_TOKEN);
+  SEC2TXT(SEC_E_ISSUING_CA_UNTRUSTED);
+  SEC2TXT(SEC_E_ISSUING_CA_UNTRUSTED_KDC);
+  SEC2TXT(SEC_E_KDC_CERT_EXPIRED);
+  SEC2TXT(SEC_E_KDC_CERT_REVOKED);
+  SEC2TXT(SEC_E_KDC_INVALID_REQUEST);
+  SEC2TXT(SEC_E_KDC_UNABLE_TO_REFER);
+  SEC2TXT(SEC_E_KDC_UNKNOWN_ETYPE);
+  SEC2TXT(SEC_E_LOGON_DENIED);
+  SEC2TXT(SEC_E_MAX_REFERRALS_EXCEEDED);
+  SEC2TXT(SEC_E_MESSAGE_ALTERED);
+  SEC2TXT(SEC_E_MULTIPLE_ACCOUNTS);
+  SEC2TXT(SEC_E_MUST_BE_KDC);
+  SEC2TXT(SEC_E_NOT_OWNER);
+  SEC2TXT(SEC_E_NO_AUTHENTICATING_AUTHORITY);
+  SEC2TXT(SEC_E_NO_CREDENTIALS);
+  SEC2TXT(SEC_E_NO_IMPERSONATION);
+  SEC2TXT(SEC_E_NO_IP_ADDRESSES);
+  SEC2TXT(SEC_E_NO_KERB_KEY);
+  SEC2TXT(SEC_E_NO_PA_DATA);
+  SEC2TXT(SEC_E_NO_S4U_PROT_SUPPORT);
+  SEC2TXT(SEC_E_NO_TGT_REPLY);
+  SEC2TXT(SEC_E_OUT_OF_SEQUENCE);
+  SEC2TXT(SEC_E_PKINIT_CLIENT_FAILURE);
+  SEC2TXT(SEC_E_PKINIT_NAME_MISMATCH);
+  SEC2TXT(SEC_E_POLICY_NLTM_ONLY);
+  SEC2TXT(SEC_E_QOP_NOT_SUPPORTED);
+  SEC2TXT(SEC_E_REVOCATION_OFFLINE_C);
+  SEC2TXT(SEC_E_REVOCATION_OFFLINE_KDC);
+  SEC2TXT(SEC_E_SECPKG_NOT_FOUND);
+  SEC2TXT(SEC_E_SECURITY_QOS_FAILED);
+  SEC2TXT(SEC_E_SHUTDOWN_IN_PROGRESS);
+  SEC2TXT(SEC_E_SMARTCARD_CERT_EXPIRED);
+  SEC2TXT(SEC_E_SMARTCARD_CERT_REVOKED);
+  SEC2TXT(SEC_E_SMARTCARD_LOGON_REQUIRED);
+  SEC2TXT(SEC_E_STRONG_CRYPTO_NOT_SUPPORTED);
+  SEC2TXT(SEC_E_TARGET_UNKNOWN);
+  SEC2TXT(SEC_E_TIME_SKEW);
+  SEC2TXT(SEC_E_TOO_MANY_PRINCIPALS);
+  SEC2TXT(SEC_E_UNFINISHED_CONTEXT_DELETED);
+  SEC2TXT(SEC_E_UNKNOWN_CREDENTIALS);
+  SEC2TXT(SEC_E_UNSUPPORTED_FUNCTION);
+  SEC2TXT(SEC_E_UNSUPPORTED_PREAUTH);
+  SEC2TXT(SEC_E_UNTRUSTED_ROOT);
+  SEC2TXT(SEC_E_WRONG_CREDENTIAL_HANDLE);
+  SEC2TXT(SEC_E_WRONG_PRINCIPAL);
+  SEC2TXT(SEC_I_COMPLETE_AND_CONTINUE);
+  SEC2TXT(SEC_I_COMPLETE_NEEDED);
+  SEC2TXT(SEC_I_CONTEXT_EXPIRED);
+  SEC2TXT(SEC_I_CONTINUE_NEEDED);
+  SEC2TXT(SEC_I_INCOMPLETE_CREDENTIALS);
+  SEC2TXT(SEC_I_LOCAL_LOGON);
+  SEC2TXT(SEC_I_NO_LSA_CONTEXT);
+  SEC2TXT(SEC_I_RENEGOTIATE);
+  SEC2TXT(SEC_I_SIGNATURE_NEEDED);
+  default:
+    txt = "Unknown error";
   }
 
   if(err == SEC_E_ILLEGAL_MESSAGE) {
diff --git a/lib/system_win32.c b/lib/system_win32.c
index f8a6cbfccc..42db33a3ed 100644
--- a/lib/system_win32.c
+++ b/lib/system_win32.c
@@ -70,7 +70,7 @@ CURLcode Curl_win32_init(long flags)
     /* highest supported version. */
 
     if(LOBYTE(wsaData.wVersion) != LOBYTE(wVersionRequested) ||
-       HIBYTE(wsaData.wVersion) != HIBYTE(wVersionRequested) ) {
+       HIBYTE(wsaData.wVersion) != HIBYTE(wVersionRequested)) {
       /* Tell the user that we could not find a usable */
 
       /* winsock.dll. */
diff --git a/lib/telnet.c b/lib/telnet.c
index 5319130b90..3153a392f6 100644
--- a/lib/telnet.c
+++ b/lib/telnet.c
@@ -62,27 +62,27 @@
 
 #define SUBBUFSIZE 512
 
-#define CURL_SB_CLEAR(x)  x->subpointer = x->subbuffer
-#define CURL_SB_TERM(x)                                 \
-  do {                                                  \
-    x->subend = x->subpointer;                          \
-    CURL_SB_CLEAR(x);                                   \
+#define CURL_SB_CLEAR(x) x->subpointer = x->subbuffer
+#define CURL_SB_TERM(x)        \
+  do {                         \
+    x->subend = x->subpointer; \
+    CURL_SB_CLEAR(x);          \
   } while(0)
-#define CURL_SB_ACCUM(x,c)                                      \
-  do {                                                          \
-    if(x->subpointer < (x->subbuffer + sizeof(x->subbuffer)))   \
-      *x->subpointer++ = (c);                                   \
+#define CURL_SB_ACCUM(x, c)                                   \
+  do {                                                        \
+    if(x->subpointer < (x->subbuffer + sizeof(x->subbuffer))) \
+      *x->subpointer++ = (c);                                 \
   } while(0)
 
-#define  CURL_SB_GET(x) ((*x->subpointer++)&0xff)
-#define  CURL_SB_LEN(x) (x->subend - x->subpointer)
+#define CURL_SB_GET(x) ((*x->subpointer++) & 0xff)
+#define CURL_SB_LEN(x) (x->subend - x->subpointer)
 
 /* For posterity:
 #define  CURL_SB_PEEK(x) ((*x->subpointer)&0xff)
 #define  CURL_SB_EOF(x) (x->subpointer >= x->subend) */
 
 #ifdef CURL_DISABLE_VERBOSE_STRINGS
-#define printoption(a,b,c,d)  Curl_nop_stmt
+#define printoption(a, b, c, d) Curl_nop_stmt
 #endif
 
 /* For negotiation compliant to RFC 1143 */
@@ -101,8 +101,7 @@
 /*
  * Telnet receiver states for fsm
  */
-typedef enum
-{
+typedef enum {
   CURL_TS_DATA = 0,
   CURL_TS_IAC,
   CURL_TS_WILL,
@@ -137,12 +136,12 @@ struct TELNET {
   unsigned char *subpointer, *subend;      /* buffer for sub-options */
 };
 
-
-static
-CURLcode telrcv(struct Curl_easy *data,
-                struct TELNET *tn,
-                const unsigned char *inbuf, /* Data received from socket */
-                ssize_t count);             /* Number of bytes received */
+static CURLcode telrcv(struct Curl_easy *data,
+                       struct TELNET *tn,
+                       const unsigned char *inbuf, /* Data received from
+                                                      socket */
+                       ssize_t count);             /* Number of bytes
+                                                      received */
 
 #ifndef CURL_DISABLE_VERBOSE_STRINGS
 static void printoption(struct Curl_easy *data,
@@ -199,7 +198,6 @@ const struct Curl_handler Curl_handler_telnet = {
   PROTOPT_NONE | PROTOPT_NOURLQUERY     /* flags */
 };
 
-
 static void telnet_easy_dtor(void *key, size_t klen, void *entry)
 {
   struct TELNET *tn = entry;
@@ -210,8 +208,7 @@ static void telnet_easy_dtor(void *key, size_t klen, void *entry)
   curlx_free(tn);
 }
 
-static
-CURLcode init_telnet(struct Curl_easy *data)
+static CURLcode init_telnet(struct Curl_easy *data)
 {
   struct TELNET *tn;
 
@@ -328,15 +325,14 @@ static void send_negotiation(struct Curl_easy *data, int cmd, int option)
   bytes_written = swrite(conn->sock[FIRSTSOCKET], buf, 3);
   if(bytes_written < 0) {
     int err = SOCKERRNO;
-    failf(data,"Sending data failed (%d)",err);
+    failf(data, "Sending data failed (%d)", err);
   }
 
   printoption(data, "SENT", cmd, option);
 }
 
-static
-void set_remote_option(struct Curl_easy *data, struct TELNET *tn,
-                       int option, int newstate)
+static void set_remote_option(struct Curl_easy *data, struct TELNET *tn,
+                              int option, int newstate)
 {
   if(newstate == CURL_YES) {
     switch(tn->him[option]) {
@@ -408,8 +404,7 @@ void set_remote_option(struct Curl_easy *data, struct TELNET *tn,
   }
 }
 
-static
-void rec_will(struct Curl_easy *data, struct TELNET *tn, int option)
+static void rec_will(struct Curl_easy *data, struct TELNET *tn, int option)
 {
   switch(tn->him[option]) {
   case CURL_NO:
@@ -455,8 +450,7 @@ void rec_will(struct Curl_easy *data, struct TELNET *tn, int option)
   }
 }
 
-static
-void rec_wont(struct Curl_easy *data, struct TELNET *tn, int option)
+static void rec_wont(struct Curl_easy *data, struct TELNET *tn, int option)
 {
   switch(tn->him[option]) {
   case CURL_NO:
@@ -496,9 +490,8 @@ void rec_wont(struct Curl_easy *data, struct TELNET *tn, int option)
   }
 }
 
-static void
-set_local_option(struct Curl_easy *data, struct TELNET *tn,
-                 int option, int newstate)
+static void set_local_option(struct Curl_easy *data, struct TELNET *tn,
+                             int option, int newstate)
 {
   if(newstate == CURL_YES) {
     switch(tn->us[option]) {
@@ -570,8 +563,7 @@ set_local_option(struct Curl_easy *data, struct TELNET *tn,
   }
 }
 
-static
-void rec_do(struct Curl_easy *data, struct TELNET *tn, int option)
+static void rec_do(struct Curl_easy *data, struct TELNET *tn, int option)
 {
   switch(tn->us[option]) {
   case CURL_NO:
@@ -629,8 +621,7 @@ void rec_do(struct Curl_easy *data, struct TELNET *tn, int option)
   }
 }
 
-static
-void rec_dont(struct Curl_easy *data, struct TELNET *tn, int option)
+static void rec_dont(struct Curl_easy *data, struct TELNET *tn, int option)
 {
   switch(tn->us[option]) {
   case CURL_NO:
@@ -670,7 +661,6 @@ void rec_dont(struct Curl_easy *data, struct TELNET *tn, int option)
   }
 }
 
-
 static void printsub(struct Curl_easy *data,
                      int direction,             /* '<' or '>' */
                      unsigned char *pointer,    /* where suboption data is */
@@ -683,8 +673,8 @@ static void printsub(struct Curl_easy *data,
       if(length >= 3) {
         int j;
 
-        i = pointer[length-2];
-        j = pointer[length-1];
+        i = pointer[length - 2];
+        j = pointer[length - 1];
 
         if(i != CURL_IAC || j != CURL_SE) {
           infof(data, "(terminated by ");
@@ -950,77 +940,77 @@ static CURLcode suboption(struct Curl_easy *data, struct TELNET *tn)
 
   printsub(data, '<', (unsigned char *)tn->subbuffer, CURL_SB_LEN(tn) + 2);
   switch(CURL_SB_GET(tn)) {
-    case CURL_TELOPT_TTYPE:
-      if(bad_option(tn->subopt_ttype))
-        return CURLE_BAD_FUNCTION_ARGUMENT;
-      if(strlen(tn->subopt_ttype) > 1000) {
-        failf(data, "Tool long telnet TTYPE");
-        return CURLE_SEND_ERROR;
-      }
-      len = curl_msnprintf((char *)temp, sizeof(temp), "%c%c%c%c%s%c%c",
-                           CURL_IAC, CURL_SB, CURL_TELOPT_TTYPE,
-                           CURL_TELQUAL_IS, tn->subopt_ttype, CURL_IAC,
-                           CURL_SE);
-      bytes_written = swrite(conn->sock[FIRSTSOCKET], temp, len);
+  case CURL_TELOPT_TTYPE:
+    if(bad_option(tn->subopt_ttype))
+      return CURLE_BAD_FUNCTION_ARGUMENT;
+    if(strlen(tn->subopt_ttype) > 1000) {
+      failf(data, "Tool long telnet TTYPE");
+      return CURLE_SEND_ERROR;
+    }
+    len = curl_msnprintf((char *)temp, sizeof(temp), "%c%c%c%c%s%c%c",
+                         CURL_IAC, CURL_SB, CURL_TELOPT_TTYPE,
+                         CURL_TELQUAL_IS, tn->subopt_ttype, CURL_IAC,
+                         CURL_SE);
+    bytes_written = swrite(conn->sock[FIRSTSOCKET], temp, len);
 
-      if(bytes_written < 0) {
-        err = SOCKERRNO;
-        failf(data, "Sending data failed (%d)", err);
-        return CURLE_SEND_ERROR;
-      }
-      printsub(data, '>', &temp[2], len-2);
-      break;
-    case CURL_TELOPT_XDISPLOC:
-      if(bad_option(tn->subopt_xdisploc))
+    if(bytes_written < 0) {
+      err = SOCKERRNO;
+      failf(data, "Sending data failed (%d)", err);
+      return CURLE_SEND_ERROR;
+    }
+    printsub(data, '>', &temp[2], len-2);
+    break;
+  case CURL_TELOPT_XDISPLOC:
+    if(bad_option(tn->subopt_xdisploc))
+      return CURLE_BAD_FUNCTION_ARGUMENT;
+    if(strlen(tn->subopt_xdisploc) > 1000) {
+      failf(data, "Tool long telnet XDISPLOC");
+      return CURLE_SEND_ERROR;
+    }
+    len = curl_msnprintf((char *)temp, sizeof(temp), "%c%c%c%c%s%c%c",
+                         CURL_IAC, CURL_SB, CURL_TELOPT_XDISPLOC,
+                         CURL_TELQUAL_IS, tn->subopt_xdisploc, CURL_IAC,
+                         CURL_SE);
+    bytes_written = swrite(conn->sock[FIRSTSOCKET], temp, len);
+    if(bytes_written < 0) {
+      err = SOCKERRNO;
+      failf(data, "Sending data failed (%d)", err);
+      return CURLE_SEND_ERROR;
+    }
+    printsub(data, '>', &temp[2], len - 2);
+    break;
+  case CURL_TELOPT_NEW_ENVIRON:
+    len = curl_msnprintf((char *)temp, sizeof(temp), "%c%c%c%c",
+                         CURL_IAC, CURL_SB, CURL_TELOPT_NEW_ENVIRON,
+                         CURL_TELQUAL_IS);
+    for(v = tn->telnet_vars; v; v = v->next) {
+      size_t tmplen = (strlen(v->data) + 1);
+      if(bad_option(v->data))
         return CURLE_BAD_FUNCTION_ARGUMENT;
-      if(strlen(tn->subopt_xdisploc) > 1000) {
-        failf(data, "Tool long telnet XDISPLOC");
-        return CURLE_SEND_ERROR;
-      }
-      len = curl_msnprintf((char *)temp, sizeof(temp), "%c%c%c%c%s%c%c",
-                           CURL_IAC, CURL_SB, CURL_TELOPT_XDISPLOC,
-                           CURL_TELQUAL_IS, tn->subopt_xdisploc, CURL_IAC,
-                           CURL_SE);
-      bytes_written = swrite(conn->sock[FIRSTSOCKET], temp, len);
-      if(bytes_written < 0) {
-        err = SOCKERRNO;
-        failf(data,"Sending data failed (%d)",err);
-        return CURLE_SEND_ERROR;
-      }
-      printsub(data, '>', &temp[2], len-2);
-      break;
-    case CURL_TELOPT_NEW_ENVIRON:
-      len = curl_msnprintf((char *)temp, sizeof(temp), "%c%c%c%c",
-                           CURL_IAC, CURL_SB, CURL_TELOPT_NEW_ENVIRON,
-                           CURL_TELQUAL_IS);
-      for(v = tn->telnet_vars; v; v = v->next) {
-        size_t tmplen = (strlen(v->data) + 1);
-        if(bad_option(v->data))
-          return CURLE_BAD_FUNCTION_ARGUMENT;
-        /* Add the variable if it fits */
-        if(len + tmplen < (int)sizeof(temp)-6) {
-          char *s = strchr(v->data, ',');
-          if(!s)
-            len += curl_msnprintf((char *)&temp[len], sizeof(temp) - len,
-                                  "%c%s", CURL_NEW_ENV_VAR, v->data);
-          else {
-            size_t vlen = s - v->data;
-            len += curl_msnprintf((char *)&temp[len], sizeof(temp) - len,
-                                  "%c%.*s%c%s", CURL_NEW_ENV_VAR,
-                                  (int)vlen, v->data, CURL_NEW_ENV_VALUE, ++s);
-          }
+      /* Add the variable if it fits */
+      if(len + tmplen < (int)sizeof(temp) - 6) {
+        char *s = strchr(v->data, ',');
+        if(!s)
+          len += curl_msnprintf((char *)&temp[len], sizeof(temp) - len,
+                                "%c%s", CURL_NEW_ENV_VAR, v->data);
+        else {
+          size_t vlen = s - v->data;
+          len += curl_msnprintf((char *)&temp[len], sizeof(temp) - len,
+                                "%c%.*s%c%s", CURL_NEW_ENV_VAR,
+                                (int)vlen, v->data, CURL_NEW_ENV_VALUE, ++s);
         }
       }
-      curl_msnprintf((char *)&temp[len], sizeof(temp) - len,
-                     "%c%c", CURL_IAC, CURL_SE);
-      len += 2;
-      bytes_written = swrite(conn->sock[FIRSTSOCKET], temp, len);
-      if(bytes_written < 0) {
-        err = SOCKERRNO;
-        failf(data,"Sending data failed (%d)",err);
-      }
-      printsub(data, '>', &temp[2], len-2);
-      break;
+    }
+    curl_msnprintf((char *)&temp[len], sizeof(temp) - len,
+                   "%c%c", CURL_IAC, CURL_SE);
+    len += 2;
+    bytes_written = swrite(conn->sock[FIRSTSOCKET], temp, len);
+    if(bytes_written < 0) {
+      err = SOCKERRNO;
+      failf(data, "Sending data failed (%d)", err);
+    }
+    printsub(data, '>', &temp[2], len - 2);
+    break;
   }
   return CURLE_OK;
 }
@@ -1063,7 +1053,7 @@ static void sendsuboption(struct Curl_easy *data,
     /* data suboption is now ready */
 
     printsub(data, '>', (unsigned char *)tn->subbuffer + 2,
-             CURL_SB_LEN(tn)-2);
+             CURL_SB_LEN(tn) - 2);
 
     /* we send the header of the suboption... */
     bytes_written = swrite(conn->sock[FIRSTSOCKET], tn->subbuffer, 3);
@@ -1084,11 +1074,12 @@ static void sendsuboption(struct Curl_easy *data,
   }
 }
 
-static
-CURLcode telrcv(struct Curl_easy *data,
-                struct TELNET *tn,
-                const unsigned char *inbuf, /* Data received from socket */
-                ssize_t count)              /* Number of bytes received */
+static CURLcode telrcv(struct Curl_easy *data,
+                       struct TELNET *tn,
+                       const unsigned char *inbuf, /* Data received from
+                                                      socket */
+                       ssize_t count)              /* Number of bytes
+                                                      received */
 {
   unsigned char c;
   CURLcode result;
@@ -1106,9 +1097,9 @@ CURLcode telrcv(struct Curl_easy *data,
   }                                                              \
   startwrite = -1
 
-#define writebyte() \
-    if(startwrite < 0) \
-      startwrite = in
+#define writebyte()  \
+  if(startwrite < 0) \
+    startwrite = in
 
 #define bufferflush() startskipping()
 
@@ -1170,79 +1161,79 @@ process_iac:
       }
       break;
 
-      case CURL_TS_WILL:
-        printoption(data, "RCVD", CURL_WILL, c);
-        tn->please_negotiate = 1;
-        rec_will(data, tn, c);
-        tn->telrcv_state = CURL_TS_DATA;
-        break;
+    case CURL_TS_WILL:
+      printoption(data, "RCVD", CURL_WILL, c);
+      tn->please_negotiate = 1;
+      rec_will(data, tn, c);
+      tn->telrcv_state = CURL_TS_DATA;
+      break;
 
-      case CURL_TS_WONT:
-        printoption(data, "RCVD", CURL_WONT, c);
-        tn->please_negotiate = 1;
-        rec_wont(data, tn, c);
-        tn->telrcv_state = CURL_TS_DATA;
-        break;
+    case CURL_TS_WONT:
+      printoption(data, "RCVD", CURL_WONT, c);
+      tn->please_negotiate = 1;
+      rec_wont(data, tn, c);
+      tn->telrcv_state = CURL_TS_DATA;
+      break;
 
-      case CURL_TS_DO:
-        printoption(data, "RCVD", CURL_DO, c);
-        tn->please_negotiate = 1;
-        rec_do(data, tn, c);
-        tn->telrcv_state = CURL_TS_DATA;
-        break;
+    case CURL_TS_DO:
+      printoption(data, "RCVD", CURL_DO, c);
+      tn->please_negotiate = 1;
+      rec_do(data, tn, c);
+      tn->telrcv_state = CURL_TS_DATA;
+      break;
 
-      case CURL_TS_DONT:
-        printoption(data, "RCVD", CURL_DONT, c);
-        tn->please_negotiate = 1;
-        rec_dont(data, tn, c);
-        tn->telrcv_state = CURL_TS_DATA;
-        break;
+    case CURL_TS_DONT:
+      printoption(data, "RCVD", CURL_DONT, c);
+      tn->please_negotiate = 1;
+      rec_dont(data, tn, c);
+      tn->telrcv_state = CURL_TS_DATA;
+      break;
 
-      case CURL_TS_SB:
-        if(c == CURL_IAC)
-          tn->telrcv_state = CURL_TS_SE;
-        else
-          CURL_SB_ACCUM(tn, c);
-        break;
+    case CURL_TS_SB:
+      if(c == CURL_IAC)
+        tn->telrcv_state = CURL_TS_SE;
+      else
+        CURL_SB_ACCUM(tn, c);
+      break;
 
-      case CURL_TS_SE:
-        if(c != CURL_SE) {
-          if(c != CURL_IAC) {
-            /*
-             * This is an error. We only expect to get "IAC IAC" or "IAC SE".
-             * Several things may have happened. An IAC was not doubled, the
-             * IAC SE was left off, or another option got inserted into the
-             * suboption are all possibilities. If we assume that the IAC was
-             * not doubled, and really the IAC SE was left off, we could get
-             * into an infinite loop here. So, instead, we terminate the
-             * suboption, and process the partial suboption if we can.
-             */
-            CURL_SB_ACCUM(tn, CURL_IAC);
-            CURL_SB_ACCUM(tn, c);
-            tn->subpointer -= 2;
-            CURL_SB_TERM(tn);
-
-            printoption(data, "In SUBOPTION processing, RCVD", CURL_IAC, c);
-            result = suboption(data, tn);   /* handle sub-option */
-            if(result)
-              return result;
-            tn->telrcv_state = CURL_TS_IAC;
-            goto process_iac;
-          }
-          CURL_SB_ACCUM(tn, c);
-          tn->telrcv_state = CURL_TS_SB;
-        }
-        else {
+    case CURL_TS_SE:
+      if(c != CURL_SE) {
+        if(c != CURL_IAC) {
+          /*
+           * This is an error. We only expect to get "IAC IAC" or "IAC SE".
+           * Several things may have happened. An IAC was not doubled, the
+           * IAC SE was left off, or another option got inserted into the
+           * suboption are all possibilities. If we assume that the IAC was
+           * not doubled, and really the IAC SE was left off, we could get
+           * into an infinite loop here. So, instead, we terminate the
+           * suboption, and process the partial suboption if we can.
+           */
           CURL_SB_ACCUM(tn, CURL_IAC);
-          CURL_SB_ACCUM(tn, CURL_SE);
+          CURL_SB_ACCUM(tn, c);
           tn->subpointer -= 2;
           CURL_SB_TERM(tn);
+
+          printoption(data, "In SUBOPTION processing, RCVD", CURL_IAC, c);
           result = suboption(data, tn);   /* handle sub-option */
           if(result)
             return result;
-          tn->telrcv_state = CURL_TS_DATA;
+          tn->telrcv_state = CURL_TS_IAC;
+          goto process_iac;
         }
-        break;
+        CURL_SB_ACCUM(tn, c);
+        tn->telrcv_state = CURL_TS_SB;
+      }
+      else {
+        CURL_SB_ACCUM(tn, CURL_IAC);
+        CURL_SB_ACCUM(tn, CURL_SE);
+        tn->subpointer -= 2;
+        CURL_SB_TERM(tn);
+        result = suboption(data, tn);   /* handle sub-option */
+        if(result)
+          return result;
+        tn->telrcv_state = CURL_TS_DATA;
+      }
+      break;
     }
     ++in;
   }
@@ -1291,16 +1282,16 @@ static CURLcode send_telnet_data(struct Curl_easy *data,
     pfd[0].fd = conn->sock[FIRSTSOCKET];
     pfd[0].events = POLLOUT;
     switch(Curl_poll(pfd, 1, -1)) {
-      case -1:                    /* error, abort writing */
-      case 0:                     /* timeout (will never happen) */
-        result = CURLE_SEND_ERROR;
-        break;
-      default:                    /* write! */
-        bytes_written = 0;
-        result = Curl_xfer_send(data, outbuf + total_written,
-                                outlen - total_written, FALSE, &bytes_written);
-        total_written += bytes_written;
-        break;
+    case -1:                    /* error, abort writing */
+    case 0:                     /* timeout (will never happen) */
+      result = CURLE_SEND_ERROR;
+      break;
+    default:                    /* write! */
+      bytes_written = 0;
+      result = Curl_xfer_send(data, outbuf + total_written,
+                              outlen - total_written, FALSE, &bytes_written);
+      total_written += bytes_written;
+      break;
     }
   }
 
@@ -1326,8 +1317,8 @@ static CURLcode telnet_do(struct Curl_easy *data, bool *done)
   WSANETWORKEVENTS events;
   HANDLE stdin_handle;
   HANDLE objs[2];
-  DWORD  obj_count;
-  DWORD  wait_timeout;
+  DWORD obj_count;
+  DWORD wait_timeout;
   DWORD readfile_read;
   int err;
 #else
@@ -1340,7 +1331,7 @@ static CURLcode telnet_do(struct Curl_easy *data, bool *done)
 #endif
   struct curltime now;
   bool keepon = TRUE;
-  char buffer[4*1024];
+  char buffer[4 * 1024];
   struct TELNET *tn;
 
   *done = TRUE; /* unconditionally */
@@ -1371,7 +1362,8 @@ static CURLcode telnet_do(struct Curl_easy *data, bool *done)
   }
 
   /* Tell Winsock what events we want to listen to */
-  if(WSAEventSelect(sockfd, event_handle, FD_READ|FD_CLOSE) == SOCKET_ERROR) {
+  if(WSAEventSelect(sockfd, event_handle, FD_READ | FD_CLOSE) ==
+     SOCKET_ERROR) {
     WSACloseEvent(event_handle);
     return CURLE_RECV_ERROR;
   }
@@ -1385,8 +1377,7 @@ static CURLcode telnet_do(struct Curl_easy *data, bool *done)
 
   /* If stdin_handle is a pipe, use PeekNamedPipe() method to check it,
      else use the old WaitForMultipleObjects() way */
-  if(GetFileType(stdin_handle) == FILE_TYPE_PIPE ||
-     data->set.is_fread_set) {
+  if(GetFileType(stdin_handle) == FILE_TYPE_PIPE || data->set.is_fread_set) {
     /* Do not wait for stdin_handle, just wait for event_handle */
     obj_count = 1;
     /* Check stdin_handle per 100 milliseconds */
@@ -1404,8 +1395,7 @@ static CURLcode telnet_do(struct Curl_easy *data, bool *done)
                                            FALSE, wait_timeout);
     switch(waitret) {
 
-    case WAIT_TIMEOUT:
-    {
+    case WAIT_TIMEOUT: {
       for(;;) {
         if(data->set.is_fread_set) {
           size_t n;
@@ -1438,8 +1428,7 @@ static CURLcode telnet_do(struct Curl_easy *data, bool *done)
           if(!readfile_read)
             break;
 
-          if(!ReadFile(stdin_handle, buffer, buf_size,
-                       &readfile_read, NULL)) {
+          if(!ReadFile(stdin_handle, buffer, buf_size, &readfile_read, NULL)) {
             keepon = FALSE;
             result = CURLE_READ_ERROR;
             break;
@@ -1455,10 +1444,8 @@ static CURLcode telnet_do(struct Curl_easy *data, bool *done)
     }
     break;
 
-    case WAIT_OBJECT_0 + 1:
-    {
-      if(!ReadFile(stdin_handle, buffer, buf_size,
-                   &readfile_read, NULL)) {
+    case WAIT_OBJECT_0 + 1: {
+      if(!ReadFile(stdin_handle, buffer, buf_size, &readfile_read, NULL)) {
         keepon = FALSE;
         result = CURLE_READ_ERROR;
         break;
@@ -1472,8 +1459,7 @@ static CURLcode telnet_do(struct Curl_easy *data, bool *done)
     }
     break;
 
-    case WAIT_OBJECT_0:
-    {
+    case WAIT_OBJECT_0: {
       events.lNetworkEvents = 0;
       if(WSAEnumNetworkEvents(sockfd, event_handle, &events) == SOCKET_ERROR) {
         err = SOCKERRNO;
@@ -1503,7 +1489,7 @@ static CURLcode telnet_do(struct Curl_easy *data, bool *done)
           break;
         }
 
-        result = telrcv(data, tn, (unsigned char *) buffer, nread);
+        result = telrcv(data, tn, (unsigned char *)buffer, nread);
         if(result) {
           keepon = FALSE;
           break;
@@ -1520,10 +1506,9 @@ static CURLcode telnet_do(struct Curl_easy *data, bool *done)
       if(events.lNetworkEvents & FD_CLOSE) {
         keepon = FALSE;
       }
+      break;
     }
-    break;
-
-    }
+    } /* switch */
 
     if(data->set.timeout) {
       now = curlx_now();
@@ -1622,7 +1607,7 @@ static CURLcode telnet_do(struct Curl_easy *data, bool *done)
       else {
         /* read from user-supplied method */
         snread = (int)data->state.fread_func(buffer, 1, sizeof(buffer),
-                                            data->state.in);
+                                             data->state.in);
         if(snread == CURL_READFUNC_ABORT) {
           keepon = FALSE;
           break;
diff --git a/lib/tftp.c b/lib/tftp.c
index 5311a4c683..58e9696fb2 100644
--- a/lib/tftp.c
+++ b/lib/tftp.c
@@ -66,7 +66,7 @@
 
 /* RFC2348 allows the block size to be negotiated */
 #define TFTP_BLKSIZE_DEFAULT 512
-#define TFTP_OPTION_BLKSIZE "blksize"
+#define TFTP_OPTION_BLKSIZE  "blksize"
 
 /* from RFC2349: */
 #define TFTP_OPTION_TSIZE    "tsize"
@@ -159,7 +159,6 @@ static CURLcode tftp_pollset(struct Curl_easy *data,
                              struct easy_pollset *ps);
 static CURLcode tftp_translate_code(tftp_error_t error);
 
-
 /*
  * TFTP protocol handler.
  */
@@ -221,7 +220,7 @@ static CURLcode tftp_set_timeouts(struct tftp_conn *state)
     timeout = 15;
 
   /* Average reposting an ACK after 5 seconds */
-  state->retry_max = (int)timeout/5;
+  state->retry_max = (int)timeout / 5;
 
   /* But bound the total number */
   if(state->retry_max < 3)
@@ -231,7 +230,7 @@ static CURLcode tftp_set_timeouts(struct tftp_conn *state)
     state->retry_max = 50;
 
   /* Compute the re-ACK interval to suit the timeout */
-  state->retry_time = (int)(timeout/state->retry_max);
+  state->retry_time = (int)(timeout / state->retry_max);
   if(state->retry_time < 1)
     state->retry_time = 1;
 
@@ -259,7 +258,6 @@ static void setpacketevent(struct tftp_packet *packet, unsigned short num)
   packet->data[1] = (unsigned char)(num & 0xff);
 }
 
-
 static void setpacketblock(struct tftp_packet *packet, unsigned short num)
 {
   packet->data[2] = (unsigned char)(num >> 8);
@@ -279,7 +277,7 @@ static unsigned short getrpacketblock(const struct tftp_packet *packet)
 static size_t tftp_strnlen(const char *string, size_t maxlen)
 {
   const char *end = memchr(string, '\0', maxlen);
-  return end ? (size_t) (end - string) : maxlen;
+  return end ? (size_t)(end - string) : maxlen;
 }
 
 static const char *tftp_option_get(const char *buf, size_t len,
@@ -294,7 +292,7 @@ static const char *tftp_option_get(const char *buf, size_t len,
     return NULL;
   *option = buf;
 
-  loc += tftp_strnlen(buf + loc, len-loc);
+  loc += tftp_strnlen(buf + loc, len - loc);
   loc++; /* NULL term */
 
   if(loc > len)
@@ -570,7 +568,7 @@ static CURLcode tftp_send_first(struct tftp_conn *state,
 
 /* the next blocknum is x + 1 but it needs to wrap at an unsigned 16bit
    boundary */
-#define NEXT_BLOCKNUM(x) (((x) + 1)&0xffff)
+#define NEXT_BLOCKNUM(x) (((x) + 1) & 0xffff)
 
 /**********************************************************
  *
@@ -784,7 +782,7 @@ static CURLcode tftp_tx(struct tftp_conn *state, tftp_event_t event)
       bufptr += cb;
     } while(state->sbytes < state->blksize && cb);
 
-    sbytes = sendto(state->sockfd, (void *) state->spacket.data,
+    sbytes = sendto(state->sockfd, (void *)state->spacket.data,
                     4 + (SEND_TYPE_ARG3)state->sbytes, SEND_4TH_ARG,
                     (struct sockaddr *)&state->remote_addr,
                     state->remote_addrlen);
@@ -1136,15 +1134,14 @@ static CURLcode tftp_receive_packet(struct Curl_easy *data,
          (NEXT_BLOCKNUM(state->block) == getrpacketblock(&state->rpacket))) {
         result = Curl_client_write(data, CLIENTWRITE_BODY,
                                    (char *)state->rpacket.data + 4,
-                                   state->rbytes-4);
+                                   state->rbytes - 4);
         if(result) {
           tftp_state_machine(state, TFTP_EVENT_ERROR);
           return result;
         }
       }
       break;
-    case TFTP_EVENT_ERROR:
-    {
+    case TFTP_EVENT_ERROR: {
       unsigned short error = getrpacketblock(&state->rpacket);
       char *str = (char *)state->rpacket.data + 4;
       size_t strn = state->rbytes - 4;
@@ -1328,7 +1325,6 @@ static CURLcode tftp_perform(struct Curl_easy *data, bool *dophase_done)
   return result;
 }
 
-
 /**********************************************************
  *
  * tftp_do
diff --git a/lib/transfer.c b/lib/transfer.c
index d8a0d6c0ba..a8a66f86c7 100644
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -82,7 +82,7 @@
 #include "curlx/warnless.h"
 
 #if !defined(CURL_DISABLE_HTTP) || !defined(CURL_DISABLE_SMTP) || \
-    !defined(CURL_DISABLE_IMAP)
+  !defined(CURL_DISABLE_IMAP)
 /*
  * checkheaders() checks the linked list of custom headers for a
  * particular header (prefix). Provide the prefix without colon!
@@ -95,11 +95,11 @@ char *Curl_checkheaders(const struct Curl_easy *data,
 {
   struct curl_slist *head;
   DEBUGASSERT(thislen);
-  DEBUGASSERT(thisheader[thislen-1] != ':');
+  DEBUGASSERT(thisheader[thislen - 1] != ':');
 
   for(head = data->set.headers; head; head = head->next) {
     if(curl_strnequal(head->data, thisheader, thislen) &&
-       Curl_headersep(head->data[thislen]) )
+       Curl_headersep(head->data[thislen]))
       return head->data;
   }
 
@@ -111,13 +111,13 @@ static int data_pending(struct Curl_easy *data, bool rcvd_eagain)
 {
   struct connectdata *conn = data->conn;
 
-  if(conn->handler->protocol&PROTO_FAMILY_FTP)
+  if(conn->handler->protocol & PROTO_FAMILY_FTP)
     return Curl_conn_data_pending(data, SECONDARYSOCKET);
 
   /* in the case of libssh2, we can never be really sure that we have emptied
      its internal buffers so we MUST always try until we get EAGAIN back */
   return (!rcvd_eagain &&
-          conn->handler->protocol&(CURLPROTO_SCP|CURLPROTO_SFTP)) ||
+          conn->handler->protocol & (CURLPROTO_SCP | CURLPROTO_SFTP)) ||
          Curl_conn_data_pending(data, FIRSTSOCKET);
 }
 
@@ -329,7 +329,7 @@ static CURLcode sendrecv_dl(struct Curl_easy *data,
     CURL_TRC_M(data, "sendrecv_dl() no EAGAIN/pending data, mark as dirty");
   }
 
-  if(((k->keepon & (KEEP_RECV|KEEP_SEND)) == KEEP_SEND) &&
+  if(((k->keepon & (KEEP_RECV | KEEP_SEND)) == KEEP_SEND) &&
      (conn->bits.close || is_multiplex)) {
     /* When we have read the entire thing and the close bit is set, the server
        may now close the connection. If there is now any kind of sending going
@@ -428,7 +428,7 @@ CURLcode Curl_sendrecv(struct Curl_easy *data, struct curltime *nowp)
   }
 
   /* If there is nothing more to send/recv, the request is done */
-  if((k->keepon & (KEEP_RECV|KEEP_SEND)) == 0)
+  if((k->keepon & (KEEP_RECV | KEEP_SEND)) == 0)
     data->req.done = TRUE;
 
   result = Curl_pgrsUpdate(data);
@@ -636,7 +636,7 @@ CURLcode Curl_retry_request(struct Curl_easy *data, char **url)
      protocol is HTTP as when uploading over HTTP we will still get a
      response */
   if(data->state.upload &&
-     !(conn->handler->protocol&(PROTO_FAMILY_HTTP|CURLPROTO_RTSP)))
+     !(conn->handler->protocol & (PROTO_FAMILY_HTTP | CURLPROTO_RTSP)))
     return CURLE_OK;
 
   if(conn->bits.reuse &&
@@ -656,7 +656,7 @@ CURLcode Curl_retry_request(struct Curl_easy *data, char **url)
        it again. Bad luck. Retry the same request on a fresh connect! */
     retry = TRUE;
   else if(data->state.refused_stream &&
-          (data->req.bytecount + data->req.headerbytecount == 0) ) {
+          (data->req.bytecount + data->req.headerbytecount == 0)) {
     /* This was sent on a refused stream, safe to rerun. A refused stream
        error can typically only happen on HTTP/2 level if the stream is safe
        to issue again, but the nghttp2 API can deliver the message to other
diff --git a/lib/transfer.h b/lib/transfer.h
index b96629d979..3da5e24451 100644
--- a/lib/transfer.h
+++ b/lib/transfer.h
@@ -24,7 +24,8 @@
  *
  ***************************************************************************/
 
-#define Curl_headersep(x) ((((x)==':') || ((x)==';')))
+#define Curl_headersep(x) ((((x) == ':') || ((x) == ';')))
+
 char *Curl_checkheaders(const struct Curl_easy *data,
                         const char *thisheader,
                         const size_t thislen);
diff --git a/lib/uint-bset.c b/lib/uint-bset.c
index dcad94e42a..d41d982b3a 100644
--- a/lib/uint-bset.c
+++ b/lib/uint-bset.c
@@ -37,10 +37,9 @@ void Curl_uint32_bset_init(struct uint32_bset *bset)
 #endif
 }
 
-
 CURLcode Curl_uint32_bset_resize(struct uint32_bset *bset, uint32_t nmax)
 {
-  uint32_t nslots = (nmax < (UINT32_MAX-63)) ?
+  uint32_t nslots = (nmax < (UINT32_MAX - 63)) ?
                     ((nmax + 63) / 64) : (UINT32_MAX / 64);
 
   DEBUGASSERT(bset->init == CURL_UINT32_BSET_MAGIC);
@@ -61,7 +60,6 @@ CURLcode Curl_uint32_bset_resize(struct uint32_bset *bset, uint32_t nmax)
   return CURLE_OK;
 }
 
-
 void Curl_uint32_bset_destroy(struct uint32_bset *bset)
 {
   DEBUGASSERT(bset->init == CURL_UINT32_BSET_MAGIC);
@@ -97,7 +95,6 @@ bool Curl_uint32_bset_empty(struct uint32_bset *bset)
   return TRUE;
 }
 
-
 void Curl_uint32_bset_clear(struct uint32_bset *bset)
 {
   if(bset->nslots) {
@@ -106,7 +103,6 @@ void Curl_uint32_bset_clear(struct uint32_bset *bset)
   }
 }
 
-
 bool Curl_uint32_bset_add(struct uint32_bset *bset, uint32_t i)
 {
   uint32_t islot = i / 64;
@@ -118,7 +114,6 @@ bool Curl_uint32_bset_add(struct uint32_bset *bset, uint32_t i)
   return TRUE;
 }
 
-
 void Curl_uint32_bset_remove(struct uint32_bset *bset, uint32_t i)
 {
   size_t islot = i / 64;
@@ -126,7 +121,6 @@ void Curl_uint32_bset_remove(struct uint32_bset *bset, uint32_t i)
     bset->slots[islot] &= ~((uint64_t)1 << (i % 64));
 }
 
-
 bool Curl_uint32_bset_contains(struct uint32_bset *bset, uint32_t i)
 {
   uint32_t islot = i / 64;
@@ -135,7 +129,6 @@ bool Curl_uint32_bset_contains(struct uint32_bset *bset, uint32_t i)
   return (bset->slots[islot] & ((uint64_t)1 << (i % 64))) != 0;
 }
 
-
 bool Curl_uint32_bset_first(struct uint32_bset *bset, uint32_t *pfirst)
 {
   uint32_t i;
@@ -198,7 +191,6 @@ uint32_t Curl_popcount64(uint64_t x)
 }
 #endif /* CURL_POPCOUNT64_IMPLEMENT */
 
-
 #ifdef CURL_CTZ64_IMPLEMENT
 uint32_t Curl_ctz64(uint64_t x)
 {
diff --git a/lib/uint-bset.h b/lib/uint-bset.h
index 5e5bbdb8fc..ff814bb5e6 100644
--- a/lib/uint-bset.h
+++ b/lib/uint-bset.h
@@ -99,9 +99,8 @@ bool Curl_uint32_bset_first(struct uint32_bset *bset, uint32_t *pfirst);
 bool Curl_uint32_bset_next(struct uint32_bset *bset, uint32_t last,
                            uint32_t *pnext);
 
-
 #ifndef CURL_POPCOUNT64
-#define CURL_POPCOUNT64(x)   Curl_popcount64(x)
+#define CURL_POPCOUNT64(x)  Curl_popcount64(x)
 #define CURL_POPCOUNT64_IMPLEMENT
 uint32_t Curl_popcount64(uint64_t x);
 #endif /* !CURL_POPCOUNT64 */
diff --git a/lib/uint-hash.c b/lib/uint-hash.c
index 166a9ab99b..43de42a19c 100644
--- a/lib/uint-hash.c
+++ b/lib/uint-hash.c
@@ -38,10 +38,9 @@ static uint32_t uint32_hash_hash(uint32_t id, uint32_t slots)
   return (id % slots);
 }
 
-
 struct uint_hash_entry {
   struct uint_hash_entry *next;
-  void   *value;
+  void *value;
   uint32_t id;
 };
 
@@ -111,8 +110,8 @@ static void uint32_hash_elem_link(struct uint_hash *h,
   ++h->size;
 }
 
-#define CURL_UINT32_HASH_SLOT(h,id) h->table[uint32_hash_hash(id, h->slots)]
-#define CURL_UINT32_HASH_SLOT_ADDR(h,id) &CURL_UINT32_HASH_SLOT(h,id)
+#define CURL_UINT32_HASH_SLOT(h, id) h->table[uint32_hash_hash(id, h->slots)]
+#define CURL_UINT32_HASH_SLOT_ADDR(h, id) &CURL_UINT32_HASH_SLOT(h, id)
 
 bool Curl_uint32_hash_set(struct uint_hash *h, uint32_t id, void *value)
 {
diff --git a/lib/uint-hash.h b/lib/uint-hash.h
index 330f61208b..3e09a62348 100644
--- a/lib/uint-hash.h
+++ b/lib/uint-hash.h
@@ -45,7 +45,6 @@ struct uint_hash {
 #endif
 };
 
-
 void Curl_uint32_hash_init(struct uint_hash *h,
                            uint32_t slots,
                            Curl_uint32_hash_dtor *dtor);
@@ -57,7 +56,6 @@ bool Curl_uint32_hash_remove(struct uint_hash *h, uint32_t id);
 void *Curl_uint32_hash_get(struct uint_hash *h, uint32_t id);
 uint32_t Curl_uint32_hash_count(struct uint_hash *h);
 
-
 typedef bool Curl_uint32_hash_visit_cb(uint32_t id, void *value,
                                        void *user_data);
 
diff --git a/lib/uint-spbset.c b/lib/uint-spbset.c
index c726bfb900..84a893e85f 100644
--- a/lib/uint-spbset.c
+++ b/lib/uint-spbset.c
@@ -86,7 +86,6 @@ UNITTEST void Curl_uint32_spbset_clear(struct uint32_spbset *bset)
   memset(&bset->head, 0, sizeof(bset->head));
 }
 
-
 static struct uint32_spbset_chunk *
 uint32_spbset_get_chunk(struct uint32_spbset *bset, uint32_t i, bool grow)
 {
@@ -129,7 +128,6 @@ uint32_spbset_get_chunk(struct uint32_spbset *bset, uint32_t i, bool grow)
   return chunk;
 }
 
-
 bool Curl_uint32_spbset_add(struct uint32_spbset *bset, uint32_t i)
 {
   struct uint32_spbset_chunk *chunk;
@@ -146,7 +144,6 @@ bool Curl_uint32_spbset_add(struct uint32_spbset *bset, uint32_t i)
   return TRUE;
 }
 
-
 void Curl_uint32_spbset_remove(struct uint32_spbset *bset, uint32_t i)
 {
   struct uint32_spbset_chunk *chunk;
@@ -161,7 +158,6 @@ void Curl_uint32_spbset_remove(struct uint32_spbset *bset, uint32_t i)
   }
 }
 
-
 bool Curl_uint32_spbset_contains(struct uint32_spbset *bset, uint32_t i)
 {
   struct uint32_spbset_chunk *chunk;
@@ -195,7 +191,6 @@ bool Curl_uint32_spbset_first(struct uint32_spbset *bset, uint32_t *pfirst)
   return FALSE;
 }
 
-
 static bool uint32_spbset_chunk_first(struct uint32_spbset_chunk *chunk,
                                       uint32_t *pfirst)
 {
@@ -210,7 +205,6 @@ static bool uint32_spbset_chunk_first(struct uint32_spbset_chunk *chunk,
   return FALSE;
 }
 
-
 static bool uint32_spbset_chunk_next(struct uint32_spbset_chunk *chunk,
                                      uint32_t last,
                                      uint32_t *pnext)
diff --git a/lib/uint-table.c b/lib/uint-table.c
index 05b53766f3..b4d5d94a3a 100644
--- a/lib/uint-table.c
+++ b/lib/uint-table.c
@@ -43,7 +43,6 @@ void Curl_uint32_tbl_init(struct uint32_tbl *tbl,
 #endif
 }
 
-
 static void uint32_tbl_clear_rows(struct uint32_tbl *tbl,
                                   uint32_t from,
                                   uint32_t upto_excluding)
@@ -61,7 +60,6 @@ static void uint32_tbl_clear_rows(struct uint32_tbl *tbl,
   }
 }
 
-
 CURLcode Curl_uint32_tbl_resize(struct uint32_tbl *tbl, uint32_t nrows)
 {
   /* we use `tbl->nrows + 1` during iteration, want that to work */
@@ -84,7 +82,6 @@ CURLcode Curl_uint32_tbl_resize(struct uint32_tbl *tbl, uint32_t nrows)
   return CURLE_OK;
 }
 
-
 void Curl_uint32_tbl_destroy(struct uint32_tbl *tbl)
 {
   DEBUGASSERT(tbl->init == CURL_UINT32_TBL_MAGIC);
@@ -101,25 +98,21 @@ UNITTEST void Curl_uint32_tbl_clear(struct uint32_tbl *tbl)
   tbl->last_key_added = UINT32_MAX;
 }
 
-
 uint32_t Curl_uint32_tbl_capacity(struct uint32_tbl *tbl)
 {
   return tbl->nrows;
 }
 
-
 uint32_t Curl_uint32_tbl_count(struct uint32_tbl *tbl)
 {
   return tbl->nentries;
 }
 
-
 void *Curl_uint32_tbl_get(struct uint32_tbl *tbl, uint32_t key)
 {
   return (key < tbl->nrows) ? tbl->rows[key] : NULL;
 }
 
-
 bool Curl_uint32_tbl_add(struct uint32_tbl *tbl, void *entry, uint32_t *pkey)
 {
   uint32_t key, start_pos;
@@ -156,19 +149,16 @@ bool Curl_uint32_tbl_add(struct uint32_tbl *tbl, void *entry, uint32_t *pkey)
   return FALSE;
 }
 
-
 void Curl_uint32_tbl_remove(struct uint32_tbl *tbl, uint32_t key)
 {
   uint32_tbl_clear_rows(tbl, key, key + 1);
 }
 
-
 bool Curl_uint32_tbl_contains(struct uint32_tbl *tbl, uint32_t key)
 {
   return (key < tbl->nrows) ? !!tbl->rows[key] : FALSE;
 }
 
-
 static bool uint32_tbl_next_at(struct uint32_tbl *tbl, uint32_t key,
                                uint32_t *pkey, void **pentry)
 {
@@ -197,7 +187,6 @@ bool Curl_uint32_tbl_first(struct uint32_tbl *tbl,
   return FALSE;
 }
 
-
 bool Curl_uint32_tbl_next(struct uint32_tbl *tbl, uint32_t last_key,
                           uint32_t *pkey, void **pentry)
 {
diff --git a/lib/url.c b/lib/url.c
index 84909f0372..f646b74ed4 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -148,16 +148,16 @@ static void data_priority_cleanup(struct Curl_easy *data);
 #define MAX_URL_LEN 0xffff
 
 /*
-* get_protocol_family()
-*
-* This is used to return the protocol family for a given protocol.
-*
-* Parameters:
-*
-* 'h'  [in]  - struct Curl_handler pointer.
-*
-* Returns the family as a single bit protocol identifier.
-*/
+ * get_protocol_family()
+ *
+ * This is used to return the protocol family for a given protocol.
+ *
+ * Parameters:
+ *
+ * 'h'  [in]  - struct Curl_handler pointer.
+ *
+ * Returns the family as a single bit protocol identifier.
+ */
 static curl_prot_t get_protocol_family(const struct Curl_handler *h)
 {
   DEBUGASSERT(h);
@@ -460,8 +460,7 @@ void Curl_init_userdefined(struct Curl_easy *data)
   set->conn_max_idle_ms = 118 * 1000;
   set->conn_max_age_ms = 24 * 3600 * 1000;
   set->http09_allowed = FALSE;
-  set->httpwant = CURL_HTTP_VERSION_NONE
-    ;
+  set->httpwant = CURL_HTTP_VERSION_NONE;
 #if defined(USE_HTTP2) || defined(USE_HTTP3)
   memset(&set->priority, 0, sizeof(set->priority));
 #endif
@@ -592,7 +591,7 @@ static bool xfer_may_multiplex(const struct Curl_easy *data,
      (!conn->bits.protoconnstart || !conn->bits.close)) {
 
     if(Curl_multiplex_wanted(data->multi) &&
-       (data->state.http_neg.allowed & (CURL_HTTP_V2x|CURL_HTTP_V3x)))
+       (data->state.http_neg.allowed & (CURL_HTTP_V2x | CURL_HTTP_V3x)))
       /* allows HTTP/2 or newer */
       return TRUE;
   }
@@ -604,9 +603,8 @@ static bool xfer_may_multiplex(const struct Curl_easy *data,
 }
 
 #ifndef CURL_DISABLE_PROXY
-static bool
-proxy_info_matches(const struct proxy_info *data,
-                   const struct proxy_info *needle)
+static bool proxy_info_matches(const struct proxy_info *data,
+                               const struct proxy_info *needle)
 {
   if((data->proxytype == needle->proxytype) &&
      (data->port == needle->port) &&
@@ -616,9 +614,8 @@ proxy_info_matches(const struct proxy_info *data,
   return FALSE;
 }
 
-static bool
-socks_proxy_info_matches(const struct proxy_info *data,
-                         const struct proxy_info *needle)
+static bool socks_proxy_info_matches(const struct proxy_info *data,
+                                     const struct proxy_info *needle)
 {
   if(!proxy_info_matches(data, needle))
     return FALSE;
@@ -636,8 +633,8 @@ socks_proxy_info_matches(const struct proxy_info *data,
 }
 #else
 /* disabled, will not get called */
-#define proxy_info_matches(x,y) FALSE
-#define socks_proxy_info_matches(x,y) FALSE
+#define proxy_info_matches(x, y)       FALSE
+#define socks_proxy_info_matches(x, y) FALSE
 #endif
 
 /* A connection has to have been idle for less than 'conn_max_idle_ms'
@@ -708,7 +705,6 @@ bool Curl_conn_seems_dead(struct connectdata *conn,
       dead = (state & CONNRESULT_DEAD);
       /* detach the connection again */
       Curl_detach_connection(data);
-
     }
     else {
       bool input_pending = FALSE;
@@ -803,8 +799,8 @@ static bool url_match_connect_config(struct connectdata *conn,
     return FALSE;
 
   /* ip_version must match */
-  if(m->data->set.ipver != CURL_IPRESOLVE_WHATEVER
-     && m->data->set.ipver != conn->ip_version)
+  if(m->data->set.ipver != CURL_IPRESOLVE_WHATEVER &&
+     m->data->set.ipver != conn->ip_version)
     return FALSE;
 
   if(m->needle->localdev || m->needle->localport) {
@@ -913,7 +909,7 @@ static bool url_match_multiplex_limits(struct connectdata *conn,
       return FALSE;
     }
     if(CONN_ATTACHED(conn) >=
-            Curl_conn_get_max_concurrent(m->data, conn, FIRSTSOCKET)) {
+       Curl_conn_get_max_concurrent(m->data, conn, FIRSTSOCKET)) {
       infof(m->data, "MAX_CONCURRENT_STREAMS reached, skip (%u)",
             CONN_ATTACHED(conn));
       return FALSE;
@@ -951,8 +947,7 @@ static bool url_match_proxy_use(struct connectdata *conn,
     return FALSE;
 
   if(m->needle->bits.socksproxy &&
-    !socks_proxy_info_matches(&m->needle->socks_proxy,
-                              &conn->socks_proxy))
+     !socks_proxy_info_matches(&m->needle->socks_proxy, &conn->socks_proxy))
     return FALSE;
 
   if(m->needle->bits.httpproxy) {
@@ -969,9 +964,9 @@ static bool url_match_proxy_use(struct connectdata *conn,
       /* match SSL config to proxy */
       if(!Curl_ssl_conn_config_match(m->data, conn, TRUE)) {
         DEBUGF(infof(m->data,
-          "Connection #%" FMT_OFF_T
-          " has different SSL proxy parameters, cannot reuse",
-          conn->connection_id));
+                     "Connection #%" FMT_OFF_T
+                     " has different SSL proxy parameters, cannot reuse",
+                     conn->connection_id));
         return FALSE;
       }
       /* the SSL config to the server, which may apply here is checked
@@ -981,7 +976,7 @@ static bool url_match_proxy_use(struct connectdata *conn,
   return TRUE;
 }
 #else
-#define url_match_proxy_use(c,m)    ((void)c, (void)m, TRUE)
+#define url_match_proxy_use(c, m) ((void)c, (void)m, TRUE)
 #endif
 
 #ifndef CURL_DISABLE_HTTP
@@ -989,7 +984,7 @@ static bool url_match_http_multiplex(struct connectdata *conn,
                                      struct url_conn_match *m)
 {
   if(m->may_multiplex &&
-     (m->data->state.http_neg.allowed & (CURL_HTTP_V2x|CURL_HTTP_V3x)) &&
+     (m->data->state.http_neg.allowed & (CURL_HTTP_V2x | CURL_HTTP_V3x)) &&
      (m->needle->handler->protocol & CURLPROTO_HTTP) &&
      !conn->httpversion_seen) {
     if(m->data->set.pipewait) {
@@ -1037,8 +1032,8 @@ static bool url_match_http_version(struct connectdata *conn,
   return TRUE;
 }
 #else
-#define url_match_http_multiplex(c,m)    ((void)c, (void)m, TRUE)
-#define url_match_http_version(c,m)      ((void)c, (void)m, TRUE)
+#define url_match_http_multiplex(c, m) ((void)c, (void)m, TRUE)
+#define url_match_http_version(c, m)   ((void)c, (void)m, TRUE)
 #endif
 
 static bool url_match_proto_config(struct connectdata *conn,
@@ -1091,7 +1086,7 @@ static bool url_match_destination(struct connectdata *conn,
 {
   /* Additional match requirements if talking TLS OR
    * not talking to an HTTP proxy OR using a tunnel through a proxy */
-  if((m->needle->handler->flags&PROTOPT_SSL)
+  if((m->needle->handler->flags & PROTOPT_SSL)
 #ifndef CURL_DISABLE_PROXY
      || !m->needle->bits.httpproxy || m->needle->bits.tunnel_proxy
 #endif
@@ -1116,7 +1111,7 @@ static bool url_match_destination(struct connectdata *conn,
     if((m->needle->bits.conn_to_host && !curl_strequal(
         m->needle->conn_to_host.name, conn->conn_to_host.name)) ||
        (m->needle->bits.conn_to_port &&
-         m->needle->conn_to_port != conn->conn_to_port))
+        m->needle->conn_to_port != conn->conn_to_port))
       return FALSE;
 
     /* hostname and port must match */
@@ -1207,7 +1202,7 @@ static bool url_match_auth_ntlm(struct connectdata *conn,
   return TRUE;
 }
 #else
-#define url_match_auth_ntlm(c,m)    ((void)c, (void)m, TRUE)
+#define url_match_auth_ntlm(c, m) ((void)c, (void)m, TRUE)
 #endif
 
 static bool url_match_conn(struct connectdata *conn, void *userdata)
@@ -1303,12 +1298,11 @@ static bool url_match_result(bool result, void *userdata)
  *
  * The force_reuse flag is set if the connection must be used.
  */
-static bool
-ConnectionExists(struct Curl_easy *data,
-                 struct connectdata *needle,
-                 struct connectdata **usethis,
-                 bool *force_reuse,
-                 bool *waitpipe)
+static bool ConnectionExists(struct Curl_easy *data,
+                             struct connectdata *needle,
+                             struct connectdata **usethis,
+                             bool *force_reuse,
+                             bool *waitpipe)
 {
   struct url_conn_match match;
   bool result;
@@ -1676,12 +1670,11 @@ static CURLcode findprotocol(struct Curl_easy *data,
      create_conn() function when the connectdata struct is allocated. */
   failf(data, "Protocol \"%s\" %s%s", protostr,
         p ? "disabled" : "not supported",
-        data->state.this_is_a_follow ? " (in redirect)":"");
+        data->state.this_is_a_follow ? " (in redirect)" : "");
 
   return CURLE_UNSUPPORTED_PROTOCOL;
 }
 
-
 CURLcode Curl_uc_to_curlcode(CURLUcode uc)
 {
   switch(uc) {
@@ -1747,7 +1740,7 @@ static void zonefrom_url(CURLU *uh, struct Curl_easy *data,
   }
 }
 #else
-#define zonefrom_url(a,b,c) Curl_nop_stmt
+#define zonefrom_url(a, b, c) Curl_nop_stmt
 #endif
 
 /*
@@ -1940,8 +1933,7 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data,
   else if(uc != CURLUE_NO_OPTIONS)
     return Curl_uc_to_curlcode(uc);
 
-  uc = curl_url_get(uh, CURLUPART_PATH, &data->state.up.path,
-                    CURLU_URLENCODE);
+  uc = curl_url_get(uh, CURLUPART_PATH, &data->state.up.path, CURLU_URLENCODE);
   if(uc)
     return Curl_uc_to_curlcode(uc);
 
@@ -1978,7 +1970,6 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data,
   return CURLE_OK;
 }
 
-
 /*
  * If we are doing a resumed transfer, we need to setup our stuff
  * properly.
@@ -2010,7 +2001,6 @@ static CURLcode setup_range(struct Curl_easy *data)
   return CURLE_OK;
 }
 
-
 /*
  * setup_connection_internals() -
  *
@@ -2066,15 +2056,14 @@ static CURLcode setup_connection_internals(struct Curl_easy *data,
   return CURLE_OK;
 }
 
-
 #ifndef CURL_DISABLE_PROXY
 
 #ifndef CURL_DISABLE_HTTP
 /****************************************************************
-* Detect what (if any) proxy to use. Remember that this selects a host
-* name and is not limited to HTTP proxies only.
-* The returned pointer must be freed by the caller (unless NULL)
-****************************************************************/
+ * Detect what (if any) proxy to use. Remember that this selects a host
+ * name and is not limited to HTTP proxies only.
+ * The returned pointer must be freed by the caller (unless NULL)
+ ****************************************************************/
 static char *detect_proxy(struct Curl_easy *data,
                           struct connectdata *conn)
 {
@@ -2189,7 +2178,7 @@ static CURLcode parse_proxy(struct Curl_easy *data,
   /* When parsing the proxy, allowing non-supported schemes since we have
      these made up ones for proxies. Guess scheme for URLs without it. */
   uc = curl_url_set(uhp, CURLUPART_URL, proxy,
-                    CURLU_NON_SUPPORT_SCHEME|CURLU_GUESS_SCHEME);
+                    CURLU_NON_SUPPORT_SCHEME | CURLU_GUESS_SCHEME);
   if(!uc) {
     /* parsed okay as a URL */
     uc = curl_url_get(uhp, CURLUPART_SCHEME, &scheme, 0);
@@ -2327,7 +2316,7 @@ static CURLcode parse_proxy(struct Curl_easy *data,
     if(strcmp("/", path)) {
       is_unix_proxy = TRUE;
       curlx_free(host);
-      host = curl_maprintf(UNIX_SOCKET_PREFIX"%s", path);
+      host = curl_maprintf(UNIX_SOCKET_PREFIX "%s", path);
       if(!host) {
         result = CURLE_OUT_OF_MEMORY;
         goto error;
@@ -2346,7 +2335,7 @@ static CURLcode parse_proxy(struct Curl_easy *data,
     if(host[0] == '[') {
       /* this is a numerical IPv6, strip off the brackets */
       size_t len = strlen(host);
-      host[len-1] = 0; /* clear the trailing bracket */
+      host[len - 1] = 0; /* clear the trailing bracket */
       host++;
       zonefrom_url(uhp, data, conn);
     }
@@ -2753,7 +2742,7 @@ static CURLcode override_login(struct Curl_easy *data,
         return CURLE_READ_ERROR;
       }
       else {
-        if(!(conn->handler->flags&PROTOPT_USERPWDCTRL)) {
+        if(!(conn->handler->flags & PROTOPT_USERPWDCTRL)) {
           /* if the protocol cannot handle control codes in credentials, make
              sure there are none */
           if(str_has_ctrl(*userp) || str_has_ctrl(*passwdp)) {
@@ -3475,7 +3464,7 @@ static CURLcode create_conn(struct Curl_easy *data,
    * If the protocol is using SSL and HTTP proxy is used, we set
    * the tunnel_proxy bit.
    *************************************************************/
-  if((conn->given->flags&PROTOPT_SSL) && conn->bits.httpproxy)
+  if((conn->given->flags & PROTOPT_SSL) && conn->bits.httpproxy)
     conn->bits.tunnel_proxy = TRUE;
 #endif
 
@@ -3548,7 +3537,7 @@ static CURLcode create_conn(struct Curl_easy *data,
    * we set the tunnel_proxy bit.
    *************************************************************/
   if((conn->bits.conn_to_host || conn->bits.conn_to_port) &&
-      conn->bits.httpproxy)
+     conn->bits.httpproxy)
     conn->bits.tunnel_proxy = TRUE;
 #endif
 
@@ -4006,7 +3995,6 @@ void Curl_data_priority_clear_state(struct Curl_easy *data)
 
 #endif /* USE_HTTP2 || USE_HTTP3 */
 
-
 CURLcode Curl_conn_meta_set(struct connectdata *conn, const char *key,
                             void *meta_data, Curl_meta_dtor *meta_dtor)
 {
diff --git a/lib/urlapi.c b/lib/urlapi.c
index ad4d367dc3..b8814cf852 100644
--- a/lib/urlapi.c
+++ b/lib/urlapi.c
@@ -38,19 +38,19 @@
 #include "curl_memrchr.h"
 
 #ifdef _WIN32
-  /* MS-DOS/Windows style drive prefix, eg c: in c:foo */
-#define STARTS_WITH_DRIVE_PREFIX(str) \
-  ((('a' <= str[0] && str[0] <= 'z') || \
+/* MS-DOS/Windows style drive prefix, eg c: in c:foo */
+#define STARTS_WITH_DRIVE_PREFIX(str)    \
+  ((('a' <= str[0] && str[0] <= 'z') ||  \
     ('A' <= str[0] && str[0] <= 'Z')) && \
    (str[1] == ':'))
 #endif
 
-  /* MS-DOS/Windows style drive prefix, optionally with
-   * a '|' instead of ':', followed by a slash or NUL */
-#define STARTS_WITH_URL_DRIVE_PREFIX(str) \
-  ((('a' <= (str)[0] && (str)[0] <= 'z') || \
-    ('A' <= (str)[0] && (str)[0] <= 'Z')) && \
-   ((str)[1] == ':' || (str)[1] == '|') && \
+/* MS-DOS/Windows style drive prefix, optionally with
+ * a '|' instead of ':', followed by a slash or NUL */
+#define STARTS_WITH_URL_DRIVE_PREFIX(str)                  \
+  ((('a' <= (str)[0] && (str)[0] <= 'z') ||                \
+    ('A' <= (str)[0] && (str)[0] <= 'Z')) &&               \
+   ((str)[1] == ':' || (str)[1] == '|') &&                 \
    ((str)[2] == '/' || (str)[2] == '\\' || (str)[2] == 0))
 
 /* scheme is not URL encoded, the longest libcurl supported ones are... */
@@ -139,12 +139,12 @@ static CURLUcode urlencode_str(struct dynbuf *o, const char *url,
   /* we must add this with whitespace-replacing */
   bool left = !query;
   const unsigned char *iptr;
-  const unsigned char *host_sep = (const unsigned char *) url;
+  const unsigned char *host_sep = (const unsigned char *)url;
   CURLcode result = CURLE_OK;
 
   if(!relative) {
     size_t n;
-    host_sep = (const unsigned char *) find_host_sep(url);
+    host_sep = (const unsigned char *)find_host_sep(url);
 
     /* output the first piece as-is */
     n = (const char *)host_sep - url;
@@ -160,7 +160,7 @@ static CURLUcode urlencode_str(struct dynbuf *o, const char *url,
         result = curlx_dyn_addn(o, "+", 1);
     }
     else if((*iptr < ' ') || (*iptr >= 0x7f)) {
-      unsigned char out[3]={'%'};
+      unsigned char out[3] = { '%' };
       Curl_hexbyte(&out[1], *iptr);
       result = curlx_dyn_addn(o, out, 3);
     }
@@ -199,7 +199,7 @@ size_t Curl_is_absolute_url(const char *url, char *buf, size_t buflen,
   if(ISALPHA(url[0]))
     for(i = 1; i < MAX_SCHEME_LEN; ++i) {
       char s = url[i];
-      if(s && (ISALNUM(s) || (s == '+') || (s == '-') || (s == '.') )) {
+      if(s && (ISALNUM(s) || (s == '+') || (s == '-') || (s == '.'))) {
         /* RFC 3986 3.1 explains:
            scheme      = ALPHA *( ALPHA / DIGIT / "+" / "-" / "." )
         */
@@ -453,7 +453,7 @@ UNITTEST CURLUcode Curl_parse_port(struct Curl_URL *u, struct dynbuf *host,
     if(curlx_str_number(&portptr, &port, 0xffff) || *portptr)
       return CURLUE_BAD_PORT_NUMBER;
 
-    u->portnum = (unsigned short) port;
+    u->portnum = (unsigned short)port;
     /* generate a new port number string to get rid of leading zeroes etc */
     curlx_free(u->port);
     u->port = curl_maprintf("%" CURL_FORMAT_CURL_OFF_T, port);
@@ -563,7 +563,7 @@ static int ipv4_normalize(struct dynbuf *host)
   bool done = FALSE;
   int n = 0;
   const char *c = curlx_dyn_ptr(host);
-  unsigned int parts[4] = {0, 0, 0, 0};
+  unsigned int parts[4] = { 0, 0, 0, 0 };
   CURLcode result = CURLE_OK;
 
   if(*c == '[')
@@ -920,7 +920,7 @@ static CURLUcode parseurl(const char *url, CURLU *u, unsigned int flags)
     goto fail;
 
   schemelen = Curl_is_absolute_url(url, schemebuf, sizeof(schemebuf),
-                                   flags & (CURLU_GUESS_SCHEME|
+                                   flags & (CURLU_GUESS_SCHEME |
                                             CURLU_DEFAULT_SCHEME));
 
   /* handle the file: scheme */
@@ -1036,7 +1036,6 @@ static CURLUcode parseurl(const char *url, CURLU *u, unsigned int flags)
       pathlen--;
     }
 #endif
-
   }
   else {
     /* clear path */
@@ -1069,7 +1068,7 @@ static CURLUcode parseurl(const char *url, CURLU *u, unsigned int flags)
     else {
       /* no scheme! */
 
-      if(!(flags & (CURLU_DEFAULT_SCHEME|CURLU_GUESS_SCHEME))) {
+      if(!(flags & (CURLU_DEFAULT_SCHEME | CURLU_GUESS_SCHEME))) {
         result = CURLUE_BAD_SCHEME;
         goto fail;
       }
@@ -1318,8 +1317,8 @@ fail:
 }
 
 #ifndef USE_IDN
-#define host_decode(x,y) CURLUE_LACKS_IDN
-#define host_encode(x,y) CURLUE_LACKS_IDN
+#define host_decode(x, y) CURLUE_LACKS_IDN
+#define host_encode(x, y) CURLUE_LACKS_IDN
 #else
 static CURLUcode host_decode(const char *host, char **allochost)
 {
@@ -1697,7 +1696,7 @@ static CURLUcode set_url(CURLU *u, const char *url, size_t part_size,
 
   /* if the new URL is absolute replace the existing with the new. */
   if(Curl_is_absolute_url(url, NULL, 0,
-                          flags & (CURLU_GUESS_SCHEME|CURLU_DEFAULT_SCHEME)))
+                          flags & (CURLU_GUESS_SCHEME | CURLU_DEFAULT_SCHEME)))
     return parseurl_and_replace(url, u, flags);
 
   /* if the old URL is incomplete (we cannot get an absolute URL in
@@ -1765,11 +1764,24 @@ static CURLUcode urlset_clear(CURLU *u, CURLUPart what)
 static bool allowed_in_path(unsigned char x)
 {
   switch(x) {
-  case '!': case '$': case '&': case '\'':
-  case '(': case ')': case '{': case '}':
-  case '[': case ']': case '*': case '+':
-  case ',': case ';': case '=': case ':':
-  case '@': case '/':
+  case '!':
+  case '$':
+  case '&':
+  case '\'':
+  case '(':
+  case ')':
+  case '{':
+  case '}':
+  case '[':
+  case ']':
+  case '*':
+  case '+':
+  case ',':
+  case ';':
+  case '=':
+  case ':':
+  case '@':
+  case '/':
     return TRUE;
   }
   return FALSE;
@@ -1878,7 +1890,7 @@ CURLUcode curl_url_set(CURLU *u, CURLUPart what,
             return cc2cu(result);
         }
         else {
-          unsigned char out[3]={'%'};
+          unsigned char out[3] = { '%' };
           Curl_hexbyte(&out[1], *i);
           result = curlx_dyn_addn(&enc, out, 3);
           if(result)
@@ -1911,7 +1923,7 @@ CURLUcode curl_url_set(CURLU *u, CURLUPart what,
          none is present at the end of the existing query already */
 
       size_t querylen = u->query ? strlen(u->query) : 0;
-      bool addamperand = querylen && (u->query[querylen -1] != '&');
+      bool addamperand = querylen && (u->query[querylen - 1] != '&');
       if(querylen) {
         struct dynbuf qbuf;
         curlx_dyn_init(&qbuf, CURL_MAX_INPUT_LENGTH);
diff --git a/lib/urldata.h b/lib/urldata.h
index 1c91099d15..aa1326d2a6 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -28,40 +28,40 @@
 
 #include "curl_setup.h"
 
-#define PORT_FTP 21
-#define PORT_FTPS 990
+#define PORT_FTP    21
+#define PORT_FTPS   990
 #define PORT_TELNET 23
-#define PORT_HTTP 80
-#define PORT_HTTPS 443
-#define PORT_DICT 2628
-#define PORT_LDAP 389
-#define PORT_LDAPS 636
-#define PORT_TFTP 69
-#define PORT_SSH 22
-#define PORT_IMAP 143
-#define PORT_IMAPS 993
-#define PORT_POP3 110
-#define PORT_POP3S 995
-#define PORT_SMB 445
-#define PORT_SMBS 445
-#define PORT_SMTP 25
-#define PORT_SMTPS 465 /* sometimes called SSMTP */
-#define PORT_RTSP 554
-#define PORT_RTMP 1935
-#define PORT_RTMPT PORT_HTTP
-#define PORT_RTMPS PORT_HTTPS
+#define PORT_HTTP   80
+#define PORT_HTTPS  443
+#define PORT_DICT   2628
+#define PORT_LDAP   389
+#define PORT_LDAPS  636
+#define PORT_TFTP   69
+#define PORT_SSH    22
+#define PORT_IMAP   143
+#define PORT_IMAPS  993
+#define PORT_POP3   110
+#define PORT_POP3S  995
+#define PORT_SMB    445
+#define PORT_SMBS   445
+#define PORT_SMTP   25
+#define PORT_SMTPS  465 /* sometimes called SSMTP */
+#define PORT_RTSP   554
+#define PORT_RTMP   1935
+#define PORT_RTMPT  PORT_HTTP
+#define PORT_RTMPS  PORT_HTTPS
 #define PORT_GOPHER 70
-#define PORT_MQTT 1883
+#define PORT_MQTT   1883
 
 struct curl_trc_featt;
 
 #ifdef USE_ECH
 /* CURLECH_ bits for the tls_ech option */
-# define CURLECH_DISABLE    (1<<0)
-# define CURLECH_GREASE     (1<<1)
-# define CURLECH_ENABLE     (1<<2)
-# define CURLECH_HARD       (1<<3)
-# define CURLECH_CLA_CFG    (1<<4)
+# define CURLECH_DISABLE    (1 << 0)
+# define CURLECH_GREASE     (1 << 1)
+# define CURLECH_ENABLE     (1 << 2)
+# define CURLECH_HARD       (1 << 3)
+# define CURLECH_CLA_CFG    (1 << 4)
 #endif
 
 #ifndef CURL_DISABLE_WEBSOCKETS
@@ -70,8 +70,8 @@ struct curl_trc_featt;
  * platforms that have a >= 64-bit type and then we use such a type for the
  * protocol fields in the protocol handler.
  */
-#define CURLPROTO_WS     (1L<<30)
-#define CURLPROTO_WSS    ((curl_prot_t)1<<31)
+#define CURLPROTO_WS     (1L << 30)
+#define CURLPROTO_WSS    ((curl_prot_t)1 << 31)
 #else
 #define CURLPROTO_WS     0L
 #define CURLPROTO_WSS    0L
@@ -107,15 +107,15 @@ typedef unsigned int curl_prot_t;
 /* Convenience defines for checking protocols or their SSL based version. Each
    protocol handler should only ever have a single CURLPROTO_ in its protocol
    field. */
-#define PROTO_FAMILY_HTTP (CURLPROTO_HTTP|CURLPROTO_HTTPS|CURLPROTO_WS| \
+#define PROTO_FAMILY_HTTP (CURLPROTO_HTTP | CURLPROTO_HTTPS | CURLPROTO_WS | \
                            CURLPROTO_WSS)
-#define PROTO_FAMILY_FTP  (CURLPROTO_FTP|CURLPROTO_FTPS)
-#define PROTO_FAMILY_POP3 (CURLPROTO_POP3|CURLPROTO_POP3S)
-#define PROTO_FAMILY_SMB  (CURLPROTO_SMB|CURLPROTO_SMBS)
-#define PROTO_FAMILY_SMTP (CURLPROTO_SMTP|CURLPROTO_SMTPS)
-#define PROTO_FAMILY_SSH  (CURLPROTO_SCP|CURLPROTO_SFTP)
+#define PROTO_FAMILY_FTP  (CURLPROTO_FTP | CURLPROTO_FTPS)
+#define PROTO_FAMILY_POP3 (CURLPROTO_POP3 | CURLPROTO_POP3S)
+#define PROTO_FAMILY_SMB  (CURLPROTO_SMB | CURLPROTO_SMBS)
+#define PROTO_FAMILY_SMTP (CURLPROTO_SMTP | CURLPROTO_SMTPS)
+#define PROTO_FAMILY_SSH  (CURLPROTO_SCP | CURLPROTO_SFTP)
 
-#if !defined(CURL_DISABLE_FTP) || defined(USE_SSH) ||   \
+#if !defined(CURL_DISABLE_FTP) || defined(USE_SSH) || \
   !defined(CURL_DISABLE_POP3)
 /* these protocols support CURLOPT_DIRLISTONLY */
 #define CURL_LIST_ONLY_PROTOCOL 1
@@ -127,7 +127,7 @@ typedef unsigned int curl_prot_t;
 #define MAX_IPADR_LEN sizeof("ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255")
 
 /* Default FTP/IMAP etc response timeout in milliseconds */
-#define RESP_TIMEOUT (60*1000)
+#define RESP_TIMEOUT (60 * 1000)
 
 /* Max string input length is a precaution against abuse and to detect junk
    input easier and better. */
@@ -217,8 +217,8 @@ typedef CURLcode (Curl_recv)(struct Curl_easy *data,   /* transfer */
    larger buffers can help further, but this is deemed a fair memory/speed
    compromise. */
 #define UPLOADBUFFER_DEFAULT 65536
-#define UPLOADBUFFER_MAX (2*1024*1024)
-#define UPLOADBUFFER_MIN CURL_MAX_WRITE_SIZE
+#define UPLOADBUFFER_MAX     (2 * 1024 * 1024)
+#define UPLOADBUFFER_MIN     CURL_MAX_WRITE_SIZE
 
 #define CURLEASY_MAGIC_NUMBER 0xc0dedbadU
 #ifdef DEBUGBUILD
@@ -226,7 +226,7 @@ typedef CURLcode (Curl_recv)(struct Curl_easy *data,   /* transfer */
  * are not NULL, but no longer have the MAGIC touch. This gives
  * us early warning on things only discovered by valgrind otherwise. */
 #define GOOD_EASY_HANDLE(x) \
-  (((x) && ((x)->magic == CURLEASY_MAGIC_NUMBER))? TRUE: \
+  (((x) && ((x)->magic == CURLEASY_MAGIC_NUMBER)) ? TRUE : \
   (DEBUGASSERT(!(x)), FALSE))
 #else
 #define GOOD_EASY_HANDLE(x) \
@@ -269,7 +269,7 @@ struct ssl_config_data {
   long certverifyresult; /* result from the certificate verification */
   curl_ssl_ctx_callback fsslctx; /* function to initialize ssl ctx */
   void *fsslctxp;        /* parameter for call back */
-  char *cert_type; /* format for certificate (default: PEM)*/
+  char *cert_type; /* format for certificate (default: PEM) */
   char *key; /* private key filename */
   struct curl_blob *key_blob;
   char *key_type; /* format for private key (default: PEM) */
@@ -424,8 +424,8 @@ struct hostname {
  */
 
 #define KEEP_NONE       0
-#define KEEP_RECV       (1<<0) /* there is or may be data to read */
-#define KEEP_SEND       (1<<1) /* there is or may be data to write */
+#define KEEP_RECV       (1 << 0) /* there is or may be data to read */
+#define KEEP_SEND       (1 << 1) /* there is or may be data to write */
 
 /* transfer wants to send */
 #define CURL_WANT_SEND(data) ((data)->req.keepon & KEEP_SEND)
@@ -576,8 +576,8 @@ struct Curl_handler {
 #define CONNRESULT_DEAD (1<<0)           /* The connection is dead. */
 
 #define TRNSPRT_NONE 0
-#define TRNSPRT_TCP 3
-#define TRNSPRT_UDP 4
+#define TRNSPRT_TCP  3
+#define TRNSPRT_UDP  4
 #define TRNSPRT_QUIC 5
 #define TRNSPRT_UNIX 6
 
@@ -589,9 +589,10 @@ struct ip_quadruple {
   uint8_t transport;
 };
 
-#define CUR_IP_QUAD_HAS_PORTS(x)  (((x)->transport == TRNSPRT_TCP) || \
-                                   ((x)->transport == TRNSPRT_UDP) || \
-                                   ((x)->transport == TRNSPRT_QUIC))
+#define CUR_IP_QUAD_HAS_PORTS(x)      \
+  (((x)->transport == TRNSPRT_TCP) || \
+   ((x)->transport == TRNSPRT_UDP) || \
+   ((x)->transport == TRNSPRT_QUIC))
 
 struct proxy_info {
   struct hostname host;
@@ -827,8 +828,8 @@ struct Progress {
 
 #define CURL_SPEED_RECORDS (5 + 1) /* 6 entries for 5 seconds */
 
-  curl_off_t speed_amount[ CURL_SPEED_RECORDS ];
-  struct curltime speed_time[ CURL_SPEED_RECORDS ];
+  curl_off_t speed_amount[CURL_SPEED_RECORDS];
+  struct curltime speed_time[CURL_SPEED_RECORDS];
   unsigned char speeder_c;
   BIT(hide);
   BIT(ul_size_known);
@@ -839,19 +840,19 @@ struct Progress {
 };
 
 typedef enum {
-    RTSPREQ_NONE, /* first in list */
-    RTSPREQ_OPTIONS,
-    RTSPREQ_DESCRIBE,
-    RTSPREQ_ANNOUNCE,
-    RTSPREQ_SETUP,
-    RTSPREQ_PLAY,
-    RTSPREQ_PAUSE,
-    RTSPREQ_TEARDOWN,
-    RTSPREQ_GET_PARAMETER,
-    RTSPREQ_SET_PARAMETER,
-    RTSPREQ_RECORD,
-    RTSPREQ_RECEIVE,
-    RTSPREQ_LAST /* last in list */
+  RTSPREQ_NONE, /* first in list */
+  RTSPREQ_OPTIONS,
+  RTSPREQ_DESCRIBE,
+  RTSPREQ_ANNOUNCE,
+  RTSPREQ_SETUP,
+  RTSPREQ_PLAY,
+  RTSPREQ_PAUSE,
+  RTSPREQ_TEARDOWN,
+  RTSPREQ_GET_PARAMETER,
+  RTSPREQ_SET_PARAMETER,
+  RTSPREQ_RECORD,
+  RTSPREQ_RECEIVE,
+  RTSPREQ_LAST /* last in list */
 } Curl_RtspReq;
 
 struct auth {
@@ -911,7 +912,6 @@ typedef enum {
   EXPIRE_LAST /* not an actual timer, used as a marker only */
 } expire_id;
 
-
 typedef enum {
   TRAILERS_NONE,
   TRAILERS_INITIALIZED,
@@ -919,7 +919,6 @@ typedef enum {
   TRAILERS_DONE
 } trailers_state;
 
-
 /*
  * One instance for each timeout an easy handle can set.
  */
@@ -1296,7 +1295,6 @@ enum dupblob {
   BLOB_LAST
 };
 
-
 struct UserDefined {
   FILE *err;         /* the stderr user data goes here */
   void *debugdata;   /* the data that will be passed to fdebug */
diff --git a/lib/version.c b/lib/version.c
index 487dc74ffa..79654fa975 100644
--- a/lib/version.c
+++ b/lib/version.c
@@ -335,8 +335,8 @@ static const char * const supported_protocols[] = {
 #ifndef CURL_DISABLE_LDAP
   "ldap",
 #if !defined(CURL_DISABLE_LDAPS) && \
-    ((defined(USE_OPENLDAP) && defined(USE_SSL)) || \
-     (!defined(USE_OPENLDAP) && defined(HAVE_LDAP_SSL)))
+  ((defined(USE_OPENLDAP) && defined(USE_SSL)) || \
+   (!defined(USE_OPENLDAP) && defined(HAVE_LDAP_SSL)))
   "ldaps",
 #endif
 #endif
@@ -438,7 +438,7 @@ static int ech_present(curl_version_info_data *info)
  * Use FEATURE() macro to define an entry: this allows documentation check.
  */
 
-#define FEATURE(name, present, bitmask) {(name), (present), (bitmask)}
+#define FEATURE(name, present, bitmask) { (name), (present), (bitmask) }
 
 struct feat {
   const char *name;
diff --git a/lib/ws.c b/lib/ws.c
index 93e13e1ac1..eab06f4f11 100644
--- a/lib/ws.c
+++ b/lib/ws.c
@@ -54,11 +54,11 @@
      |N|V|V|V|       |
      | |1|2|3|       |
 */
-#define WSBIT_FIN  (0x80)
-#define WSBIT_RSV1 (0x40)
-#define WSBIT_RSV2 (0x20)
-#define WSBIT_RSV3 (0x10)
-#define WSBIT_RSV_MASK (WSBIT_RSV1 | WSBIT_RSV2 | WSBIT_RSV3)
+#define WSBIT_FIN          (0x80)
+#define WSBIT_RSV1         (0x40)
+#define WSBIT_RSV2         (0x20)
+#define WSBIT_RSV3         (0x10)
+#define WSBIT_RSV_MASK     (WSBIT_RSV1 | WSBIT_RSV2 | WSBIT_RSV3)
 #define WSBIT_OPCODE_CONT  (0x0)
 #define WSBIT_OPCODE_TEXT  (0x1)
 #define WSBIT_OPCODE_BIN   (0x2)
@@ -70,10 +70,9 @@
 #define WSBIT_MASK 0x80
 
 /* buffer dimensioning */
-#define WS_CHUNK_SIZE 65535
+#define WS_CHUNK_SIZE  65535
 #define WS_CHUNK_COUNT 2
 
-
 /* a client-side WS frame decoder, parsing frame headers and
  * payload, keeping track of current position and stats */
 enum ws_dec_state {
@@ -126,24 +125,23 @@ struct websocket {
   size_t sendbuf_payload; /* number of payload bytes in sendbuf */
 };
 
-
 static const char *ws_frame_name_of_op(uint8_t firstbyte)
 {
   switch(firstbyte & WSBIT_OPCODE_MASK) {
-    case WSBIT_OPCODE_CONT:
-      return "CONT";
-    case WSBIT_OPCODE_TEXT:
-      return "TEXT";
-    case WSBIT_OPCODE_BIN:
-      return "BIN";
-    case WSBIT_OPCODE_CLOSE:
-      return "CLOSE";
-    case WSBIT_OPCODE_PING:
-      return "PING";
-    case WSBIT_OPCODE_PONG:
-      return "PONG";
-    default:
-      return "???";
+  case WSBIT_OPCODE_CONT:
+    return "CONT";
+  case WSBIT_OPCODE_TEXT:
+    return "TEXT";
+  case WSBIT_OPCODE_BIN:
+    return "BIN";
+  case WSBIT_OPCODE_CLOSE:
+    return "CLOSE";
+  case WSBIT_OPCODE_PING:
+    return "PING";
+  case WSBIT_OPCODE_PONG:
+    return "PONG";
+  default:
+    return "???";
   }
 }
 
@@ -151,78 +149,78 @@ static int ws_frame_firstbyte2flags(struct Curl_easy *data,
                                     uint8_t firstbyte, int cont_flags)
 {
   switch(firstbyte) {
-    /* 0x00 - intermediate TEXT/BINARY fragment */
-    case WSBIT_OPCODE_CONT:
-      if(!(cont_flags & CURLWS_CONT)) {
-        failf(data, "[WS] no ongoing fragmented message to resume");
-        return 0;
-      }
-      return cont_flags | CURLWS_CONT;
-    /* 0x80 - final TEXT/BIN fragment */
-    case (WSBIT_OPCODE_CONT | WSBIT_FIN):
-      if(!(cont_flags & CURLWS_CONT)) {
-        failf(data, "[WS] no ongoing fragmented message to resume");
-        return 0;
-      }
-      return cont_flags & ~CURLWS_CONT;
-    /* 0x01 - first TEXT fragment */
-    case WSBIT_OPCODE_TEXT:
-      if(cont_flags & CURLWS_CONT) {
-        failf(data, "[WS] fragmented message interrupted by new TEXT msg");
-        return 0;
-      }
-      return CURLWS_TEXT | CURLWS_CONT;
-    /* 0x81 - unfragmented TEXT msg */
-    case (WSBIT_OPCODE_TEXT | WSBIT_FIN):
-      if(cont_flags & CURLWS_CONT) {
-        failf(data, "[WS] fragmented message interrupted by new TEXT msg");
-        return 0;
-      }
-      return CURLWS_TEXT;
-    /* 0x02 - first BINARY fragment */
-    case WSBIT_OPCODE_BIN:
-      if(cont_flags & CURLWS_CONT) {
-        failf(data, "[WS] fragmented message interrupted by new BINARY msg");
-        return 0;
-      }
-      return CURLWS_BINARY | CURLWS_CONT;
-    /* 0x82 - unfragmented BINARY msg */
-    case (WSBIT_OPCODE_BIN | WSBIT_FIN):
-      if(cont_flags & CURLWS_CONT) {
-        failf(data, "[WS] fragmented message interrupted by new BINARY msg");
-        return 0;
-      }
-      return CURLWS_BINARY;
-    /* 0x08 - first CLOSE fragment */
-    case WSBIT_OPCODE_CLOSE:
-      failf(data, "[WS] invalid fragmented CLOSE frame");
+  /* 0x00 - intermediate TEXT/BINARY fragment */
+  case WSBIT_OPCODE_CONT:
+    if(!(cont_flags & CURLWS_CONT)) {
+      failf(data, "[WS] no ongoing fragmented message to resume");
       return 0;
-    /* 0x88 - unfragmented CLOSE */
-    case (WSBIT_OPCODE_CLOSE | WSBIT_FIN):
-      return CURLWS_CLOSE;
-    /* 0x09 - first PING fragment */
-    case WSBIT_OPCODE_PING:
-      failf(data, "[WS] invalid fragmented PING frame");
+    }
+    return cont_flags | CURLWS_CONT;
+  /* 0x80 - final TEXT/BIN fragment */
+  case (WSBIT_OPCODE_CONT | WSBIT_FIN):
+    if(!(cont_flags & CURLWS_CONT)) {
+      failf(data, "[WS] no ongoing fragmented message to resume");
       return 0;
-    /* 0x89 - unfragmented PING */
-    case (WSBIT_OPCODE_PING | WSBIT_FIN):
-      return CURLWS_PING;
-    /* 0x0a - first PONG fragment */
-    case WSBIT_OPCODE_PONG:
-      failf(data, "[WS] invalid fragmented PONG frame");
+    }
+    return cont_flags & ~CURLWS_CONT;
+  /* 0x01 - first TEXT fragment */
+  case WSBIT_OPCODE_TEXT:
+    if(cont_flags & CURLWS_CONT) {
+      failf(data, "[WS] fragmented message interrupted by new TEXT msg");
       return 0;
-    /* 0x8a - unfragmented PONG */
-    case (WSBIT_OPCODE_PONG | WSBIT_FIN):
-      return CURLWS_PONG;
-    /* invalid first byte */
-    default:
-      if(firstbyte & WSBIT_RSV_MASK)
-        /* any of the reserved bits 0x40/0x20/0x10 are set */
-        failf(data, "[WS] invalid reserved bits: %02x", firstbyte);
-      else
-        /* any of the reserved opcodes 0x3-0x7 or 0xb-0xf is used */
-        failf(data, "[WS] invalid opcode: %02x", firstbyte);
+    }
+    return CURLWS_TEXT | CURLWS_CONT;
+  /* 0x81 - unfragmented TEXT msg */
+  case (WSBIT_OPCODE_TEXT | WSBIT_FIN):
+    if(cont_flags & CURLWS_CONT) {
+      failf(data, "[WS] fragmented message interrupted by new TEXT msg");
       return 0;
+    }
+    return CURLWS_TEXT;
+  /* 0x02 - first BINARY fragment */
+  case WSBIT_OPCODE_BIN:
+    if(cont_flags & CURLWS_CONT) {
+      failf(data, "[WS] fragmented message interrupted by new BINARY msg");
+      return 0;
+    }
+    return CURLWS_BINARY | CURLWS_CONT;
+  /* 0x82 - unfragmented BINARY msg */
+  case (WSBIT_OPCODE_BIN | WSBIT_FIN):
+    if(cont_flags & CURLWS_CONT) {
+      failf(data, "[WS] fragmented message interrupted by new BINARY msg");
+      return 0;
+    }
+    return CURLWS_BINARY;
+  /* 0x08 - first CLOSE fragment */
+  case WSBIT_OPCODE_CLOSE:
+    failf(data, "[WS] invalid fragmented CLOSE frame");
+    return 0;
+  /* 0x88 - unfragmented CLOSE */
+  case (WSBIT_OPCODE_CLOSE | WSBIT_FIN):
+    return CURLWS_CLOSE;
+  /* 0x09 - first PING fragment */
+  case WSBIT_OPCODE_PING:
+    failf(data, "[WS] invalid fragmented PING frame");
+    return 0;
+  /* 0x89 - unfragmented PING */
+  case (WSBIT_OPCODE_PING | WSBIT_FIN):
+    return CURLWS_PING;
+  /* 0x0a - first PONG fragment */
+  case WSBIT_OPCODE_PONG:
+    failf(data, "[WS] invalid fragmented PONG frame");
+    return 0;
+  /* 0x8a - unfragmented PONG */
+  case (WSBIT_OPCODE_PONG | WSBIT_FIN):
+    return CURLWS_PONG;
+  /* invalid first byte */
+  default:
+    if(firstbyte & WSBIT_RSV_MASK)
+      /* any of the reserved bits 0x40/0x20/0x10 are set */
+      failf(data, "[WS] invalid reserved bits: %02x", firstbyte);
+    else
+      /* any of the reserved opcodes 0x3-0x7 or 0xb-0xf is used */
+      failf(data, "[WS] invalid opcode: %02x", firstbyte);
+    return 0;
   }
 }
 
@@ -233,59 +231,59 @@ static CURLcode ws_frame_flags2firstbyte(struct Curl_easy *data,
 {
   *pfirstbyte = 0;
   switch(flags & ~CURLWS_OFFSET) {
-    case 0:
-      if(contfragment) {
-        CURL_TRC_WS(data, "no flags given; interpreting as continuation "
-                    "fragment for compatibility");
-        *pfirstbyte = (WSBIT_OPCODE_CONT | WSBIT_FIN);
-        return CURLE_OK;
-      }
-      failf(data, "[WS] no flags given");
-      return CURLE_BAD_FUNCTION_ARGUMENT;
-    case CURLWS_CONT:
-      if(contfragment) {
-        infof(data, "[WS] setting CURLWS_CONT flag without message type is "
-                    "supported for compatibility but highly discouraged");
-        *pfirstbyte = WSBIT_OPCODE_CONT;
-        return CURLE_OK;
-      }
-      failf(data, "[WS] No ongoing fragmented message to continue");
-      return CURLE_BAD_FUNCTION_ARGUMENT;
-    case CURLWS_TEXT:
-      *pfirstbyte = contfragment ? (WSBIT_OPCODE_CONT | WSBIT_FIN)
-                                 : (WSBIT_OPCODE_TEXT | WSBIT_FIN);
+  case 0:
+    if(contfragment) {
+      CURL_TRC_WS(data, "no flags given; interpreting as continuation "
+                  "fragment for compatibility");
+      *pfirstbyte = (WSBIT_OPCODE_CONT | WSBIT_FIN);
       return CURLE_OK;
-    case (CURLWS_TEXT | CURLWS_CONT):
-      *pfirstbyte = contfragment ? WSBIT_OPCODE_CONT : WSBIT_OPCODE_TEXT;
+    }
+    failf(data, "[WS] no flags given");
+    return CURLE_BAD_FUNCTION_ARGUMENT;
+  case CURLWS_CONT:
+    if(contfragment) {
+      infof(data, "[WS] setting CURLWS_CONT flag without message type is "
+                  "supported for compatibility but highly discouraged");
+      *pfirstbyte = WSBIT_OPCODE_CONT;
       return CURLE_OK;
-    case CURLWS_BINARY:
-      *pfirstbyte = contfragment ? (WSBIT_OPCODE_CONT | WSBIT_FIN)
-                                 : (WSBIT_OPCODE_BIN | WSBIT_FIN);
-      return CURLE_OK;
-    case (CURLWS_BINARY | CURLWS_CONT):
-      *pfirstbyte = contfragment ? WSBIT_OPCODE_CONT : WSBIT_OPCODE_BIN;
-      return CURLE_OK;
-    case CURLWS_CLOSE:
-      *pfirstbyte = WSBIT_OPCODE_CLOSE | WSBIT_FIN;
-      return CURLE_OK;
-    case (CURLWS_CLOSE | CURLWS_CONT):
-      failf(data, "[WS] CLOSE frame must not be fragmented");
-      return CURLE_BAD_FUNCTION_ARGUMENT;
-    case CURLWS_PING:
-      *pfirstbyte = WSBIT_OPCODE_PING | WSBIT_FIN;
-      return CURLE_OK;
-    case (CURLWS_PING | CURLWS_CONT):
-      failf(data, "[WS] PING frame must not be fragmented");
-      return CURLE_BAD_FUNCTION_ARGUMENT;
-    case CURLWS_PONG:
-      *pfirstbyte = WSBIT_OPCODE_PONG | WSBIT_FIN;
-      return CURLE_OK;
-    case (CURLWS_PONG | CURLWS_CONT):
-      failf(data, "[WS] PONG frame must not be fragmented");
-      return CURLE_BAD_FUNCTION_ARGUMENT;
-    default:
-      failf(data, "[WS] unknown flags: %x", flags);
-      return CURLE_BAD_FUNCTION_ARGUMENT;
+    }
+    failf(data, "[WS] No ongoing fragmented message to continue");
+    return CURLE_BAD_FUNCTION_ARGUMENT;
+  case CURLWS_TEXT:
+    *pfirstbyte = contfragment ? (WSBIT_OPCODE_CONT | WSBIT_FIN)
+                               : (WSBIT_OPCODE_TEXT | WSBIT_FIN);
+    return CURLE_OK;
+  case (CURLWS_TEXT | CURLWS_CONT):
+    *pfirstbyte = contfragment ? WSBIT_OPCODE_CONT : WSBIT_OPCODE_TEXT;
+    return CURLE_OK;
+  case CURLWS_BINARY:
+    *pfirstbyte = contfragment ? (WSBIT_OPCODE_CONT | WSBIT_FIN)
+                               : (WSBIT_OPCODE_BIN | WSBIT_FIN);
+    return CURLE_OK;
+  case (CURLWS_BINARY | CURLWS_CONT):
+    *pfirstbyte = contfragment ? WSBIT_OPCODE_CONT : WSBIT_OPCODE_BIN;
+    return CURLE_OK;
+  case CURLWS_CLOSE:
+    *pfirstbyte = WSBIT_OPCODE_CLOSE | WSBIT_FIN;
+    return CURLE_OK;
+  case (CURLWS_CLOSE | CURLWS_CONT):
+    failf(data, "[WS] CLOSE frame must not be fragmented");
+    return CURLE_BAD_FUNCTION_ARGUMENT;
+  case CURLWS_PING:
+    *pfirstbyte = WSBIT_OPCODE_PING | WSBIT_FIN;
+    return CURLE_OK;
+  case (CURLWS_PING | CURLWS_CONT):
+    failf(data, "[WS] PING frame must not be fragmented");
+    return CURLE_BAD_FUNCTION_ARGUMENT;
+  case CURLWS_PONG:
+    *pfirstbyte = WSBIT_OPCODE_PONG | WSBIT_FIN;
+    return CURLE_OK;
+  case (CURLWS_PONG | CURLWS_CONT):
+    failf(data, "[WS] PONG frame must not be fragmented");
+    return CURLE_BAD_FUNCTION_ARGUMENT;
+  default:
+    failf(data, "[WS] unknown flags: %x", flags);
+    return CURLE_BAD_FUNCTION_ARGUMENT;
   }
 }
 
@@ -452,13 +450,14 @@ static CURLcode ws_dec_read_head(struct ws_decoder *dec,
         failf(data, "[WS] frame length longer than 63 bit not supported");
         return CURLE_RECV_ERROR;
       }
-      dec->payload_len = ((curl_off_t)dec->head[2] << 56) |
+      dec->payload_len =
+        (curl_off_t)dec->head[2] << 56 |
         (curl_off_t)dec->head[3] << 48 |
         (curl_off_t)dec->head[4] << 40 |
         (curl_off_t)dec->head[5] << 32 |
         (curl_off_t)dec->head[6] << 24 |
         (curl_off_t)dec->head[7] << 16 |
-        (curl_off_t)dec->head[8] << 8 |
+        (curl_off_t)dec->head[8] <<  8 |
         dec->head[9];
       break;
     default:
@@ -1230,7 +1229,6 @@ static const struct Curl_crtype ws_cr_encode = {
   sizeof(struct cr_ws_ctx)
 };
 
-
 struct wsfield {
   const char *name;
   const char *val;
@@ -1245,7 +1243,7 @@ CURLcode Curl_ws_request(struct Curl_easy *data, struct dynbuf *req)
   size_t randlen;
   char keyval[40];
   struct SingleRequest *k = &data->req;
-  struct wsfield heads[]= {
+  struct wsfield heads[] = {
     {
       /* The request MUST contain an |Upgrade| header field whose value
          MUST include the "websocket" keyword. */
@@ -1284,8 +1282,7 @@ CURLcode Curl_ws_request(struct Curl_easy *data, struct dynbuf *req)
   curlx_free(randstr);
   for(i = 0; !result && (i < CURL_ARRAYSIZE(heads)); i++) {
     if(!Curl_checkheaders(data, heads[i].name, strlen(heads[i].name))) {
-      result = curlx_dyn_addf(req, "%s: %s\r\n", heads[i].name,
-                              heads[i].val);
+      result = curlx_dyn_addf(req, "%s: %s\r\n", heads[i].name, heads[i].val);
     }
   }
   data->state.http_hd_upgrade = TRUE;
@@ -1329,7 +1326,7 @@ CURLcode Curl_ws_accept(struct Curl_easy *data,
       const char *p = getenv("CURL_WS_CHUNK_SIZE");
       if(p) {
         curl_off_t l;
-        if(!curlx_str_number(&p, &l, 1*1024*1024))
+        if(!curlx_str_number(&p, &l, 1 * 1024 * 1024))
           chunk_size = (size_t)l;
       }
     }
@@ -1633,7 +1630,7 @@ static CURLcode ws_flush(struct Curl_easy *data, struct websocket *ws,
     const char *p = getenv("CURL_WS_CHUNK_EAGAIN");
     if(p) {
       curl_off_t l;
-      if(!curlx_str_number(&p, &l, 1*1024*1024))
+      if(!curlx_str_number(&p, &l, 1 * 1024 * 1024))
         chunk_egain = (size_t)l;
     }
 #endif
@@ -1844,7 +1841,6 @@ static CURLcode ws_setup_conn(struct Curl_easy *data,
   return Curl_http_setup_conn(data, conn);
 }
 
-
 const struct curl_ws_frame *curl_ws_meta(CURL *d)
 {
   /* we only return something for websocket, called from within the callback
@@ -1856,7 +1852,6 @@ const struct curl_ws_frame *curl_ws_meta(CURL *d)
     ws = Curl_conn_meta_get(data->conn, CURL_META_PROTO_WS_CONN);
     if(ws)
       return &ws->recvframe;
-
   }
   return NULL;
 }
@@ -1963,11 +1958,10 @@ const struct Curl_handler Curl_handler_wss = {
   CURLPROTO_WSS,                        /* protocol */
   CURLPROTO_HTTP,                       /* family */
   PROTOPT_SSL | PROTOPT_CREDSPERREQUEST | /* flags */
-  PROTOPT_USERPWDCTRL
+    PROTOPT_USERPWDCTRL
 };
 #endif
 
-
 #else
 
 CURLcode curl_ws_recv(CURL *curl, void *buffer, size_t buflen,
diff --git a/lib/ws.h b/lib/ws.h
index b7655abbce..a6e770694d 100644
--- a/lib/ws.h
+++ b/lib/ws.h
@@ -38,10 +38,9 @@ extern const struct Curl_handler Curl_handler_ws;
 extern const struct Curl_handler Curl_handler_wss;
 #endif
 
-
 #else
-#define Curl_ws_request(x,y) CURLE_OK
-#define Curl_ws_free(x) Curl_nop_stmt
+#define Curl_ws_request(x, y) CURLE_OK
+#define Curl_ws_free(x)       Curl_nop_stmt
 #endif
 
 #endif /* HEADER_CURL_WS_H */

From 6694a42aa0e820a6fe1e59d85ff8597b6d768d8d Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 1 Dec 2025 22:18:41 +0100
Subject: [PATCH 1109/2408] idn: avoid allocations and wcslen on Windows

Eliminate a heap buffer in both `win32_idn_to_ascii()` and
`win32_ascii_to_idn()`, by replacing it with stack buffer. The maximum
size is fixed in these cases, and small enough to fit there.

Also reuse length returned by the UTF-8 to wchar conversion, allowing
to drop `wcslen()` call in both functions, and allowing to call
the wchar to UTF-8 conversion API `WideCharToMultiByte()` with the known
length, saving length calculations within that API too.

Ref: https://github.com/curl/curl/pull/19748#issuecomment-3592015200

Closes #19798
---
 lib/idn.c | 72 +++++++++++++++++++------------------------------------
 1 file changed, 24 insertions(+), 48 deletions(-)

diff --git a/lib/idn.c b/lib/idn.c
index 8f4c3e03f7..083be1d53f 100644
--- a/lib/idn.c
+++ b/lib/idn.c
@@ -162,42 +162,18 @@ WINBASEAPI int WINAPI IdnToUnicode(DWORD dwFlags,
 
 #define IDN_MAX_LENGTH 255
 
-static wchar_t *idn_curlx_convert_UTF8_to_wchar(const char *str_utf8)
-{
-  wchar_t *str_w = NULL;
-
-  if(str_utf8) {
-    int str_w_len = MultiByteToWideChar(CP_UTF8, MB_ERR_INVALID_CHARS,
-                                        str_utf8, -1, NULL, 0);
-    if(str_w_len > 0) {
-      str_w = curlx_malloc(str_w_len * sizeof(wchar_t));
-      if(str_w) {
-        if(MultiByteToWideChar(CP_UTF8, 0, str_utf8, -1, str_w,
-                               str_w_len) == 0) {
-          curlx_free(str_w);
-          return NULL;
-        }
-      }
-    }
-  }
-  return str_w;
-}
-
-static char *idn_curlx_convert_wchar_to_UTF8(const wchar_t *str_w)
+static char *idn_curlx_convert_wchar_to_UTF8(const wchar_t *str_w, int chars)
 {
   char *str_utf8 = NULL;
-
-  if(str_w) {
-    int bytes = WideCharToMultiByte(CP_UTF8, 0, str_w, -1,
-                                    NULL, 0, NULL, NULL);
-    if(bytes > 0) {
-      str_utf8 = curlx_malloc(bytes);
-      if(str_utf8) {
-        if(WideCharToMultiByte(CP_UTF8, 0, str_w, -1, str_utf8, bytes,
-                               NULL, NULL) == 0) {
-          curlx_free(str_utf8);
-          return NULL;
-        }
+  int bytes = WideCharToMultiByte(CP_UTF8, 0, str_w, chars, NULL, 0,
+                                  NULL, NULL);
+  if(bytes > 0) {
+    str_utf8 = curlx_malloc(bytes);
+    if(str_utf8) {
+      if(WideCharToMultiByte(CP_UTF8, 0, str_w, chars, str_utf8, bytes,
+                             NULL, NULL) == 0) {
+        curlx_free(str_utf8);
+        return NULL;
       }
     }
   }
@@ -206,15 +182,15 @@ static char *idn_curlx_convert_wchar_to_UTF8(const wchar_t *str_w)
 
 static CURLcode win32_idn_to_ascii(const char *in, char **out)
 {
-  wchar_t *in_w = idn_curlx_convert_UTF8_to_wchar(in);
+  wchar_t in_w[IDN_MAX_LENGTH];
+  int in_w_len;
   *out = NULL;
-  if(in_w) {
+  in_w_len = MultiByteToWideChar(CP_UTF8, 0, in, -1, in_w, IDN_MAX_LENGTH);
+  if(in_w_len) {
     wchar_t punycode[IDN_MAX_LENGTH];
-    int chars = IdnToAscii(0, in_w, (int)(wcslen(in_w) + 1), punycode,
-                           IDN_MAX_LENGTH);
-    curlx_free(in_w);
-    if(chars) {
-      *out = idn_curlx_convert_wchar_to_UTF8(punycode);
+    int chars = IdnToAscii(0, in_w, in_w_len, punycode, IDN_MAX_LENGTH);
+    if(chars > 0) {
+      *out = idn_curlx_convert_wchar_to_UTF8(punycode, chars);
       if(!*out)
         return CURLE_OUT_OF_MEMORY;
     }
@@ -229,15 +205,15 @@ static CURLcode win32_idn_to_ascii(const char *in, char **out)
 
 static CURLcode win32_ascii_to_idn(const char *in, char **out)
 {
-  wchar_t *in_w = idn_curlx_convert_UTF8_to_wchar(in);
+  wchar_t in_w[IDN_MAX_LENGTH];
+  int in_w_len;
   *out = NULL;
-  if(in_w) {
+  in_w_len = MultiByteToWideChar(CP_UTF8, 0, in, -1, in_w, IDN_MAX_LENGTH);
+  if(in_w_len) {
     WCHAR idn[IDN_MAX_LENGTH]; /* stores a UTF-16 string */
-    int chars = IdnToUnicode(0, in_w, (int)(wcslen(in_w) + 1), idn,
-                             IDN_MAX_LENGTH);
-    curlx_free(in_w);
-    if(chars) {  /* 'chars' is "the number of characters retrieved" */
-      *out = idn_curlx_convert_wchar_to_UTF8(idn);
+    int chars = IdnToUnicode(0, in_w, in_w_len, idn, IDN_MAX_LENGTH);
+    if(chars > 0) {  /* 'chars' is "the number of characters retrieved" */
+      *out = idn_curlx_convert_wchar_to_UTF8(idn, chars);
       if(!*out)
         return CURLE_OUT_OF_MEMORY;
     }

From 1753de9d7a7a4e8d98869f1e01023db2861adf4f Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 3 Dec 2025 16:32:07 +0100
Subject: [PATCH 1110/2408] GHA/checksrc: give more time for slow Azure servers
 [ci skip]

Sometimes 1 minutes is too short to install 39.4 kB of archives.

Ref: https://github.com/curl/curl/actions/runs/19898949860/job/57036965452
---
 .github/workflows/checksrc.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/checksrc.yml b/.github/workflows/checksrc.yml
index d3ef758b48..1b471e50cf 100644
--- a/.github/workflows/checksrc.yml
+++ b/.github/workflows/checksrc.yml
@@ -122,7 +122,7 @@ jobs:
   xmllint:
     name: 'xmllint'
     runs-on: ubuntu-latest
-    timeout-minutes: 1
+    timeout-minutes: 3
     steps:
       - name: 'install prereqs'
         run: |

From 0417d323c96db547e5ed9da733c51aed02be723e Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 3 Dec 2025 15:53:46 +0100
Subject: [PATCH 1111/2408] src: fix formatting nits

Closes #19823
---
 src/config2setopts.c     |  21 ++---
 src/curlinfo.c           |   2 +-
 src/slist_wc.c           |   3 +-
 src/terminal.c           |   3 +-
 src/tool_cb_dbg.c        |   4 +-
 src/tool_cb_hdr.c        |  17 ++--
 src/tool_cb_prg.c        |  27 +++---
 src/tool_cb_prg.h        |  10 +--
 src/tool_cb_rea.c        |   2 +-
 src/tool_cb_wrt.c        |   6 +-
 src/tool_cfgable.h       |   9 +-
 src/tool_dirhie.c        |   4 +-
 src/tool_doswin.c        |  50 ++++++-----
 src/tool_doswin.h        |   6 +-
 src/tool_easysrc.c       |   4 +-
 src/tool_filetime.c      |   4 +-
 src/tool_filetime.h      |   2 +-
 src/tool_findfile.c      |   2 +-
 src/tool_formparse.c     |  43 ++++-----
 src/tool_getparam.c      | 178 ++++++++++++++++++-------------------
 src/tool_getparam.h      |  10 +--
 src/tool_getpass.c       |   9 +-
 src/tool_help.c          |  57 ++++++------
 src/tool_helpers.c       |   4 +-
 src/tool_ipfs.c          |   4 +-
 src/tool_libinfo.c       |   2 +-
 src/tool_main.c          |   2 +-
 src/tool_main.h          |   4 +-
 src/tool_msgs.c          |  12 +--
 src/tool_msgs.h          |  12 +--
 src/tool_operate.c       |  59 +++++--------
 src/tool_operhlp.c       |   2 +-
 src/tool_paramhlp.c      |  27 +++---
 src/tool_paramhlp.h      |   2 +-
 src/tool_parsecfg.c      |   2 +-
 src/tool_progress.c      |  28 +++---
 src/tool_sdecls.h        |   2 -
 src/tool_setopt.c        |  19 ++--
 src/tool_setopt.h        | 102 +++++++++------------
 src/tool_setup.h         |   4 +-
 src/tool_ssls.c          |   4 +-
 src/tool_urlglob.c       |  12 +--
 src/tool_util.c          |   2 +-
 src/tool_version.h       |   8 +-
 src/tool_vms.c           |   7 +-
 src/tool_vms.h           |   5 +-
 src/tool_writeout.c      | 186 ++++++++++++++++++++-------------------
 src/tool_writeout_json.c |   3 +-
 src/tool_xattr.h         |   4 +-
 src/var.c                |  37 ++++----
 src/var.h                |   3 +-
 tests/test1486.pl        |   2 +-
 52 files changed, 490 insertions(+), 543 deletions(-)

diff --git a/src/config2setopts.c b/src/config2setopts.c
index d3bd39c864..89a003cc96 100644
--- a/src/config2setopts.c
+++ b/src/config2setopts.c
@@ -142,8 +142,7 @@ static CURLcode url_proto_and_rewrite(char **url,
       curl_url_set(uh, CURLUPART_URL, *url,
                    CURLU_GUESS_SCHEME | CURLU_NON_SUPPORT_SCHEME);
     if(!uc) {
-      uc = curl_url_get(uh, CURLUPART_SCHEME, &schemep,
-                        CURLU_DEFAULT_SCHEME);
+      uc = curl_url_get(uh, CURLUPART_SCHEME, &schemep, CURLU_DEFAULT_SCHEME);
       if(!uc) {
 #ifdef CURL_DISABLE_IPFS
         (void)config;
@@ -339,8 +338,7 @@ static CURLcode ssl_setopts(struct OperationConfig *config, CURL *curl)
     MY_SETOPT_STR(curl, CURLOPT_PROXY_CRLFILE, config->crlfile);
 
   if(config->pinnedpubkey) {
-    MY_SETOPT_STR(curl, CURLOPT_PINNEDPUBLICKEY,
-                  config->pinnedpubkey);
+    MY_SETOPT_STR(curl, CURLOPT_PINNEDPUBLICKEY, config->pinnedpubkey);
     if(result)
       warnf("ignoring %s, not supported by libcurl with %s",
             "--pinnedpubkey", ssl_backend());
@@ -417,8 +415,7 @@ static CURLcode ssl_setopts(struct OperationConfig *config, CURL *curl)
   {
     long mask =
       (config->proxy_ssl_allow_beast ? CURLSSLOPT_ALLOW_BEAST : 0) |
-      (config->proxy_ssl_auto_client_cert ?
-       CURLSSLOPT_AUTO_CLIENT_CERT : 0) |
+      (config->proxy_ssl_auto_client_cert ? CURLSSLOPT_AUTO_CLIENT_CERT : 0) |
       (config->proxy_native_ca_store ? CURLSSLOPT_NATIVE_CA : 0);
 
     if(mask)
@@ -486,15 +483,13 @@ static CURLcode ssl_setopts(struct OperationConfig *config, CURL *curl)
 }
 
 /* only called for HTTP transfers */
-static CURLcode http_setopts(struct OperationConfig *config,
-                             CURL *curl)
+static CURLcode http_setopts(struct OperationConfig *config, CURL *curl)
 {
   CURLcode result;
   long postRedir = 0;
 
   my_setopt_long(curl, CURLOPT_FOLLOWLOCATION, config->followlocation);
-  my_setopt_long(curl, CURLOPT_UNRESTRICTED_AUTH,
-                 config->unrestricted_auth);
+  my_setopt_long(curl, CURLOPT_UNRESTRICTED_AUTH, config->unrestricted_auth);
   MY_SETOPT_STR(curl, CURLOPT_AWS_SIGV4, config->aws_sigv4);
   my_setopt_long(curl, CURLOPT_AUTOREFERER, config->autoreferer);
 
@@ -590,8 +585,7 @@ static void tcp_setopts(struct OperationConfig *config, CURL *curl)
     my_setopt_long(curl, CURLOPT_TCP_FASTOPEN, 1);
 
   if(config->mptcp)
-    my_setopt_ptr(curl, CURLOPT_OPENSOCKETFUNCTION,
-                  tool_socket_open_mptcp_cb);
+    my_setopt_ptr(curl, CURLOPT_OPENSOCKETFUNCTION, tool_socket_open_mptcp_cb);
 
   /* curl 7.17.1 */
   if(!config->nokeepalive) {
@@ -946,8 +940,7 @@ CURLcode config2setopts(struct OperationConfig *config,
   my_setopt_long(curl, CURLOPT_FTP_CREATE_MISSING_DIRS,
                  (config->ftp_create_dirs ?
                   CURLFTP_CREATE_DIR_RETRY : CURLFTP_CREATE_DIR_NONE));
-  my_setopt_offt(curl, CURLOPT_MAXFILESIZE_LARGE,
-                 config->max_filesize);
+  my_setopt_offt(curl, CURLOPT_MAXFILESIZE_LARGE, config->max_filesize);
   my_setopt_long(curl, CURLOPT_IPRESOLVE, config->ip_version);
   if(config->socks5_gssapi_nec)
     my_setopt_long(curl, CURLOPT_SOCKS5_GSSAPI_NEC, 1);
diff --git a/src/curlinfo.c b/src/curlinfo.c
index 852aee8201..35b8ff56a6 100644
--- a/src/curlinfo.c
+++ b/src/curlinfo.c
@@ -39,7 +39,7 @@
 #include "fake_addrinfo.h" /* for USE_FAKE_GETADDRINFO */
 #include 
 
-static const char *disabled[]={
+static const char *disabled[] = {
   "bindlocal: "
 #ifdef CURL_DISABLE_BINDLOCAL
   "OFF"
diff --git a/src/slist_wc.c b/src/slist_wc.c
index 26a91362b8..8a3ff254cc 100644
--- a/src/slist_wc.c
+++ b/src/slist_wc.c
@@ -32,8 +32,7 @@
  * slist_wc_append() appends a string to the linked list. This function can be
  * used as an initialization function as well as an append function.
  */
-struct slist_wc *slist_wc_append(struct slist_wc *list,
-                                 const char *data)
+struct slist_wc *slist_wc_append(struct slist_wc *list, const char *data)
 {
   struct curl_slist *new_item = curl_slist_append(NULL, data);
 
diff --git a/src/terminal.c b/src/terminal.c
index bb3e2ac611..fe945cfa9c 100644
--- a/src/terminal.c
+++ b/src/terminal.c
@@ -74,8 +74,7 @@ unsigned int get_terminal_columns(void)
          * Do not use +1 to get the true screen-width since writing a
          * character at the right edge will cause a line wrap.
          */
-        cols = (int)
-          (console_info.srWindow.Right - console_info.srWindow.Left);
+        cols = (int)(console_info.srWindow.Right - console_info.srWindow.Left);
       }
     }
 #endif /* TIOCGSIZE */
diff --git a/src/tool_cb_dbg.c b/src/tool_cb_dbg.c
index b858b6688e..2301bd67f5 100644
--- a/src/tool_cb_dbg.c
+++ b/src/tool_cb_dbg.c
@@ -103,7 +103,7 @@ int tool_debug_cb(CURL *handle, curl_infotype type,
   if(handle && global->traceids &&
      !curl_easy_getinfo(handle, CURLINFO_XFER_ID, &xfer_id) && xfer_id >= 0) {
     if(!curl_easy_getinfo(handle, CURLINFO_CONN_ID, &conn_id) &&
-        conn_id >= 0) {
+       conn_id >= 0) {
       curl_msnprintf(idsbuf, sizeof(idsbuf), TRC_IDS_FORMAT_IDS_2,
                      xfer_id, conn_id);
     }
@@ -224,7 +224,7 @@ int tool_debug_cb(CURL *handle, curl_infotype type,
     break;
   }
 
-  dump(timebuf, idsbuf, text, output, (unsigned char *) data, size,
+  dump(timebuf, idsbuf, text, output, (unsigned char *)data, size,
        global->tracetype, type);
   return 0;
 }
diff --git a/src/tool_cb_hdr.c b/src/tool_cb_hdr.c
index 7a5a475981..8027ea5421 100644
--- a/src/tool_cb_hdr.c
+++ b/src/tool_cb_hdr.c
@@ -39,17 +39,17 @@
 static char *parse_filename(const char *ptr, size_t len);
 
 #ifdef _WIN32
-#define BOLD "\x1b[1m"
+#define BOLD    "\x1b[1m"
 #define BOLDOFF "\x1b[22m"
 #else
-#define BOLD "\x1b[1m"
+#define BOLD    "\x1b[1m"
 /* Switch off bold by setting "all attributes off" since the explicit
    bold-off code (21) is not supported everywhere - like in the mac
    Terminal. */
 #define BOLDOFF "\x1b[0m"
 /* OSC 8 hyperlink escape sequence */
-#define LINK "\x1b]8;;"
-#define LINKST "\x1b\\"
+#define LINK    "\x1b]8;;"
+#define LINKST  "\x1b\\"
 #define LINKOFF LINK LINKST
 #endif
 
@@ -76,7 +76,6 @@ fail:
   return rc;
 }
 
-
 /*
 ** callback for CURLOPT_HEADERFUNCTION
 *
@@ -131,7 +130,7 @@ size_t tool_header_cb(char *ptr, size_t size, size_t nmemb, void *userdata)
     long response = 0;
     curl_easy_getinfo(per->curl, CURLINFO_RESPONSE_CODE, &response);
 
-    if((response/100 != 2) && (response/100 != 3))
+    if((response / 100 != 2) && (response / 100 != 3))
       /* only care about etag and content-disposition headers in 2xx and 3xx
          responses */
       ;
@@ -299,7 +298,7 @@ size_t tool_header_cb(char *ptr, size_t size, size_t nmemb, void *userdata)
 #else
       if(curl_strnequal("Location", ptr, namelen)) {
         write_linked_location(per->curl, &value[1], cb - namelen - 1,
-            outs->stream);
+                              outs->stream);
       }
       else
         fwrite(&value[1], cb - namelen - 1, 1, outs->stream);
@@ -320,7 +319,7 @@ static char *parse_filename(const char *ptr, size_t len)
   char *copy;
   char *p;
   char *q;
-  char  stop = '\0';
+  char stop = '\0';
 
   copy = memdup0(ptr, len);
   if(!copy)
@@ -426,7 +425,7 @@ static void write_linked_location(CURL *curl, const char *location,
   }
 
   /* Strip the trailing end-of-line characters, normally "\r\n" */
-  while(llen && (loc[llen-1] == '\n' || loc[llen-1] == '\r'))
+  while(llen && (loc[llen - 1] == '\n' || loc[llen - 1] == '\r'))
     --llen;
 
   /* CURLU makes it easy to handle the relative URL case */
diff --git a/src/tool_cb_prg.c b/src/tool_cb_prg.c
index 6ae53b3ba2..ca437de501 100644
--- a/src/tool_cb_prg.c
+++ b/src/tool_cb_prg.c
@@ -54,14 +54,15 @@ static const int sinus[] = {
   500046, 484341, 468651, 452993, 437381, 421830, 406357, 390976, 375703,
   360552, 345539, 330679, 315985, 301474, 287158, 273052, 259170, 245525,
   232132, 219003, 206152, 193590, 181331, 169386, 157768, 146487, 135555,
-  124983, 114781, 104959, 95526, 86493, 77868, 69660, 61876, 54525, 47613,
-  41147, 35135, 29581, 24491, 19871, 15724, 12056, 8868, 6166, 3951, 2225,
-  990, 248, 0, 244, 982, 2212, 3933, 6144, 8842, 12025, 15690, 19832, 24448,
-  29534, 35084, 41092, 47554, 54462, 61809, 69589, 77794, 86415, 95445,
-  104873, 114692, 124891, 135460, 146389, 157667, 169282, 181224, 193480,
-  206039, 218888, 232015, 245406, 259048, 272928, 287032, 301346, 315856,
-  330548, 345407, 360419, 375568, 390841, 406221, 421693, 437243, 452854,
-  468513, 484202, 499907
+  124983, 114781, 104959, 95526,  86493,  77868,  69660,  61876,  54525,
+  47613,  41147,  35135,  29581,  24491,  19871,  15724,  12056,  8868,
+  6166,   3951,   2225,   990,    248,    0,      244,    982,    2212,
+  3933,   6144,   8842,   12025,  15690,  19832,  24448,  29534,  35084,
+  41092,  47554,  54462,  61809,  69589,  77794,  86415,  95445,  104873,
+  114692, 124891, 135460, 146389, 157667, 169282, 181224, 193480, 206039,
+  218888, 232015, 245406, 259048, 272928, 287032, 301346, 315856, 330548,
+  345407, 360419, 375568, 390841, 406221, 421693, 437243, 452854, 468513,
+  484202, 499907
 };
 
 static void fly(struct ProgressData *bar, bool moved)
@@ -78,13 +79,13 @@ static void fly(struct ProgressData *bar, bool moved)
 
   memcpy(&buf[bar->bar + 1], "-=O=-", 5);
 
-  pos = sinus[bar->tick%200] / (1000000 / check) + 1;
+  pos = sinus[bar->tick % 200] / (1000000 / check) + 1;
   buf[pos] = '#';
-  pos = sinus[(bar->tick + 5)%200] / (1000000 / check) + 1;
+  pos = sinus[(bar->tick + 5) % 200] / (1000000 / check) + 1;
   buf[pos] = '#';
-  pos = sinus[(bar->tick + 10)%200] / (1000000 / check) + 1;
+  pos = sinus[(bar->tick + 10) % 200] / (1000000 / check) + 1;
   buf[pos] = '#';
-  pos = sinus[(bar->tick + 15)%200] / (1000000 / check) + 1;
+  pos = sinus[(bar->tick + 15) % 200] / (1000000 / check) + 1;
   buf[pos] = '#';
 
   fputs(buf, bar->out);
@@ -201,7 +202,7 @@ int tool_progress_cb(void *clientp,
     frac = (double)point / (double)total;
     percent = frac * 100.0;
     barwidth = bar->width - 7;
-    num = (size_t) (((double)barwidth) * frac);
+    num = (size_t)(((double)barwidth) * frac);
     if(num > MAX_BARLENGTH)
       num = MAX_BARLENGTH;
     memset(line, '#', num);
diff --git a/src/tool_cb_prg.h b/src/tool_cb_prg.h
index 1f005dbfc4..a8b8930616 100644
--- a/src/tool_cb_prg.h
+++ b/src/tool_cb_prg.h
@@ -29,12 +29,12 @@
 #define CURL_PROGRESS_BAR   1
 
 struct ProgressData {
-  int         calls;
-  curl_off_t  prev;
+  int calls;
+  curl_off_t prev;
   struct curltime prevtime;
-  int         width;
-  FILE       *out;  /* where to write everything to */
-  curl_off_t  initial_size;
+  int width;
+  FILE *out;  /* where to write everything to */
+  curl_off_t initial_size;
   unsigned int tick;
   int bar;
   int barmove;
diff --git a/src/tool_cb_rea.c b/src/tool_cb_rea.c
index 0f2bf81771..1de2277cd0 100644
--- a/src/tool_cb_rea.c
+++ b/src/tool_cb_rea.c
@@ -137,7 +137,7 @@ size_t tool_read_cb(char *buffer, size_t sz, size_t nmemb, void *userdata)
 #endif
   }
   else {
-    rc = read(per->infd, buffer, sz*nmemb);
+    rc = read(per->infd, buffer, sz * nmemb);
     if(rc < 0) {
       if(errno == EAGAIN) {
         errno = 0;
diff --git a/src/tool_cb_wrt.c b/src/tool_cb_wrt.c
index 5696df2a59..1b76565399 100644
--- a/src/tool_cb_wrt.c
+++ b/src/tool_cb_wrt.c
@@ -66,7 +66,7 @@ bool tool_create_output_file(struct OutStruct *outs,
       while(fd == -1 && /* have not successfully opened a file */
             (errno == EEXIST || errno == EISDIR) &&
             /* because we keep having files that already exist */
-            next_num < 100 /* and we have not reached the retry limit */ ) {
+            next_num < 100 /* and we have not reached the retry limit */) {
         curlx_dyn_reset(&fbuffer);
         if(curlx_dyn_addf(&fbuffer, "%s.%d", fname, next_num))
           return FALSE;
@@ -158,12 +158,12 @@ static size_t win_console(intptr_t fhnd, struct OutStruct *outs,
     }
 
     if(complete) {
-      WCHAR prefix[3] = {0};  /* UTF-16 (1-2 WCHARs) + NUL */
+      WCHAR prefix[3] = { 0 }; /* UTF-16 (1-2 WCHARs) + NUL */
 
       if(MultiByteToWideChar(CP_UTF8, 0, (LPCSTR)outs->utf8seq, -1,
                              prefix, CURL_ARRAYSIZE(prefix))) {
         DEBUGASSERT(prefix[2] == L'\0');
-        if(!WriteConsoleW((HANDLE) fhnd, prefix, prefix[1] ? 2 : 1,
+        if(!WriteConsoleW((HANDLE)fhnd, prefix, prefix[1] ? 2 : 1,
                           &chars_written, NULL)) {
           return CURL_WRITEFUNC_ERROR;
         }
diff --git a/src/tool_cfgable.h b/src/tool_cfgable.h
index 0eac0185f2..5652229d4b 100644
--- a/src/tool_cfgable.h
+++ b/src/tool_cfgable.h
@@ -39,10 +39,13 @@
 #endif
 #endif
 
-#define checkprefix(a,b)    curl_strnequal(b, STRCONST(a))
+#define checkprefix(a, b) curl_strnequal(b, STRCONST(a))
 
-#define tool_safefree(ptr)                      \
-  do { curlx_free((ptr)); (ptr) = NULL;} while(0)
+#define tool_safefree(ptr) \
+  do {                     \
+    curlx_free(ptr);       \
+    (ptr) = NULL;          \
+  } while(0)
 
 extern struct GlobalConfig *global;
 
diff --git a/src/tool_dirhie.c b/src/tool_dirhie.c
index 31962bd1c5..058403d666 100644
--- a/src/tool_dirhie.c
+++ b/src/tool_dirhie.c
@@ -31,7 +31,7 @@
 #include "tool_msgs.h"
 
 #if defined(_WIN32) || (defined(MSDOS) && !defined(__DJGPP__))
-#  define mkdir(x,y) (mkdir)((x))
+#  define mkdir(x, y) (mkdir)((x))
 #  ifndef F_OK
 #  define F_OK 0
 #  endif
@@ -112,7 +112,7 @@ CURLcode create_dir_hierarchy(const char *outfile)
          exist, since we would be creating it erroneously. eg if outfile is
          X:\foo\bar\filename then do not mkdir X: This logic takes into
          account unsupported drives !:, 1:, etc. */
-      if(len > 1 && (outfile[1]==':'))
+      if(len > 1 && (outfile[1] == ':'))
         skip = TRUE;
     }
 #endif
diff --git a/src/tool_doswin.c b/src/tool_doswin.c
index ee236178c2..040792f465 100644
--- a/src/tool_doswin.c
+++ b/src/tool_doswin.c
@@ -63,14 +63,13 @@
 /* only used by msdosify() */
 static SANITIZEcode truncate_dryrun(const char *path,
                                     const size_t truncate_pos);
-static SANITIZEcode msdosify(char **const sanitized, const char *file_name,
+static SANITIZEcode msdosify(char ** const sanitized, const char *file_name,
                              int flags);
 #endif
-static SANITIZEcode rename_if_reserved_dos(char **const sanitized,
+static SANITIZEcode rename_if_reserved_dos(char ** const sanitized,
                                            const char *file_name,
                                            int flags);
 
-
 /*
 Sanitize a file or path name.
 
@@ -96,7 +95,7 @@ is in a UNC prefixed path.
 Success: (SANITIZE_ERR_OK) *sanitized points to a sanitized copy of file_name.
 Failure: (!= SANITIZE_ERR_OK) *sanitized is NULL.
 */
-SANITIZEcode sanitize_file_name(char **const sanitized, const char *file_name,
+SANITIZEcode sanitize_file_name(char ** const sanitized, const char *file_name,
                                 int flags)
 {
   char *p, *target;
@@ -116,16 +115,16 @@ SANITIZEcode sanitize_file_name(char **const sanitized, const char *file_name,
 #ifndef MSDOS
     if(file_name[0] == '\\' && file_name[1] == '\\')
       /* UNC prefixed path \\ (eg \\?\C:\foo) */
-      max_sanitized_len = 32767-1;
+      max_sanitized_len = 32767 - 1;
     else
 #endif
-      max_sanitized_len = PATH_MAX-1;
+      max_sanitized_len = PATH_MAX - 1;
   }
   else
     /* The maximum length of a filename. FILENAME_MAX is often the same as
        PATH_MAX, in other words it is 260 and does not discount the path
        information therefore we should not use it. */
-    max_sanitized_len = (PATH_MAX-1 > 255) ? 255 : PATH_MAX-1;
+    max_sanitized_len = (PATH_MAX - 1 > 255) ? 255 : PATH_MAX - 1;
 
   len = strlen(file_name);
   if(len > max_sanitized_len)
@@ -287,17 +286,18 @@ sanitize_file_name.
 Success: (SANITIZE_ERR_OK) *sanitized points to a sanitized copy of file_name.
 Failure: (!= SANITIZE_ERR_OK) *sanitized is NULL.
 */
-static SANITIZEcode msdosify(char **const sanitized, const char *file_name,
+static SANITIZEcode msdosify(char ** const sanitized, const char *file_name,
                              int flags)
 {
   char dos_name[PATH_MAX];
-  static const char illegal_chars_dos[] = ".+, ;=[]" /* illegal in DOS */
+  static const char illegal_chars_dos[] =
+    ".+, ;=[]"     /* illegal in DOS */
     "|<>/\\\":?*"; /* illegal in DOS & W95 */
   static const char *illegal_chars_w95 = &illegal_chars_dos[8];
   int idx, dot_idx;
   const char *s = file_name;
   char *d = dos_name;
-  const char *const dlimit = dos_name + sizeof(dos_name) - 1;
+  const char * const dlimit = dos_name + sizeof(dos_name) - 1;
   const char *illegal_aliens = illegal_chars_dos;
   size_t len = sizeof(illegal_chars_dos) - 1;
 
@@ -309,7 +309,7 @@ static SANITIZEcode msdosify(char **const sanitized, const char *file_name,
   if(!file_name)
     return SANITIZE_ERR_BAD_ARGUMENT;
 
-  if(strlen(file_name) > PATH_MAX-1)
+  if(strlen(file_name) > PATH_MAX - 1)
     return SANITIZE_ERR_INVALID_PATH;
 
   /* Support for Windows 9X VFAT systems, when available. */
@@ -322,7 +322,8 @@ static SANITIZEcode msdosify(char **const sanitized, const char *file_name,
   if(s[0] >= 'A' && s[0] <= 'z' && s[1] == ':') {
     *d++ = *s++;
     *d = ((flags & SANITIZE_ALLOW_PATH)) ? ':' : '_';
-    ++d; ++s;
+    ++d;
+    ++s;
   }
 
   for(idx = 0, dot_idx = -1; *s && d < dlimit; s++, d++) {
@@ -373,7 +374,7 @@ static SANITIZEcode msdosify(char **const sanitized, const char *file_name,
           *d++ = 'x';
           if(d == dlimit)
             break;
-          *d   = 'x';
+          *d = 'x';
         }
         else {
           /* libg++ etc.  */
@@ -381,7 +382,7 @@ static SANITIZEcode msdosify(char **const sanitized, const char *file_name,
             *d++ = 'x';
             if(d == dlimit)
               break;
-            *d   = 'x';
+            *d = 'x';
           }
           else {
             memcpy(d, "plus", 4);
@@ -431,7 +432,7 @@ sanitize_file_name.
 Success: (SANITIZE_ERR_OK) *sanitized points to a sanitized copy of file_name.
 Failure: (!= SANITIZE_ERR_OK) *sanitized is NULL.
 */
-static SANITIZEcode rename_if_reserved_dos(char **const sanitized,
+static SANITIZEcode rename_if_reserved_dos(char ** const sanitized,
                                            const char *file_name,
                                            int flags)
 {
@@ -462,7 +463,7 @@ static SANITIZEcode rename_if_reserved_dos(char **const sanitized,
   }
 #endif
 
-  if(len > PATH_MAX-1)
+  if(len > PATH_MAX - 1)
     return SANITIZE_ERR_INVALID_PATH;
 
   memcpy(fname, file_name, len);
@@ -511,7 +512,7 @@ static SANITIZEcode rename_if_reserved_dos(char **const sanitized,
     p_len = strlen(p);
 
     /* Prepend a '_' */
-    if(strlen(fname) == PATH_MAX-1)
+    if(strlen(fname) == PATH_MAX - 1)
       return SANITIZE_ERR_INVALID_PATH;
     memmove(p + 1, p, p_len + 1);
     p[0] = '_';
@@ -534,7 +535,7 @@ static SANITIZEcode rename_if_reserved_dos(char **const sanitized,
     /* Prepend a '_' */
     size_t blen = strlen(base);
     if(blen) {
-      if(strlen(fname) >= PATH_MAX-1)
+      if(strlen(fname) >= PATH_MAX - 1)
         return SANITIZE_ERR_INVALID_PATH;
       memmove(base + 1, base, blen + 1);
       base[0] = '_';
@@ -613,7 +614,7 @@ struct curl_slist *GetLoadedModulePaths(void)
   struct curl_slist *slist = NULL;
 #ifndef CURL_WINDOWS_UWP
   HANDLE hnd = INVALID_HANDLE_VALUE;
-  MODULEENTRY32 mod = {0};
+  MODULEENTRY32 mod = { 0 };
 
   mod.dwSize = sizeof(MODULEENTRY32);
 
@@ -763,7 +764,8 @@ static DWORD WINAPI win_stdin_thread_func(void *thread_data)
   SOCKADDR_IN clientAddr;
   int clientAddrLen = sizeof(clientAddr);
 
-  curl_socket_t socket_w = CURL_ACCEPT(tdata->socket_l, (SOCKADDR*)&clientAddr,
+  curl_socket_t socket_w = CURL_ACCEPT(tdata->socket_l,
+                                       (SOCKADDR *)&clientAddr,
                                        &clientAddrLen);
 
   if(socket_w == CURL_SOCKET_BAD) {
@@ -822,7 +824,7 @@ curl_socket_t win32_stdin_read_thread(void)
 
   do {
     /* Prepare handles for thread */
-    tdata = (struct win_thread_data*)
+    tdata = (struct win_thread_data *)
       curlx_calloc(1, sizeof(struct win_thread_data));
     if(!tdata) {
       errorf("curlx_calloc() error");
@@ -841,14 +843,14 @@ curl_socket_t win32_stdin_read_thread(void)
     selfaddr.sin_family = AF_INET;
     selfaddr.sin_addr.S_un.S_addr = htonl(INADDR_LOOPBACK);
     /* Bind to any available loopback port */
-    result = bind(tdata->socket_l, (SOCKADDR*)&selfaddr, socksize);
+    result = bind(tdata->socket_l, (SOCKADDR *)&selfaddr, socksize);
     if(result == SOCKET_ERROR) {
       errorf("bind error: %d", SOCKERRNO);
       break;
     }
 
     /* Bind to any available loopback port */
-    result = getsockname(tdata->socket_l, (SOCKADDR*)&selfaddr, &socksize);
+    result = getsockname(tdata->socket_l, (SOCKADDR *)&selfaddr, &socksize);
     if(result == SOCKET_ERROR) {
       errorf("getsockname error: %d", SOCKERRNO);
       break;
@@ -892,7 +894,7 @@ curl_socket_t win32_stdin_read_thread(void)
     /* Hard close the socket on closesocket() */
     setsockopt(socket_r, SOL_SOCKET, SO_DONTLINGER, 0, 0);
 
-    if(connect(socket_r, (SOCKADDR*)&selfaddr, socksize) == SOCKET_ERROR) {
+    if(connect(socket_r, (SOCKADDR *)&selfaddr, socksize) == SOCKET_ERROR) {
       errorf("connect error: %d", SOCKERRNO);
       break;
     }
diff --git a/src/tool_doswin.h b/src/tool_doswin.h
index 01500bdbf7..75f4bacdb8 100644
--- a/src/tool_doswin.h
+++ b/src/tool_doswin.h
@@ -27,8 +27,8 @@
 
 #if defined(_WIN32) || defined(MSDOS)
 
-#define SANITIZE_ALLOW_PATH      (1<<1)  /* Allow path separators and colons */
-#define SANITIZE_ALLOW_RESERVED  (1<<2)  /* Allow reserved device names */
+#define SANITIZE_ALLOW_PATH     (1 << 1) /* Allow path separators and colons */
+#define SANITIZE_ALLOW_RESERVED (1 << 2) /* Allow reserved device names */
 
 typedef enum {
   SANITIZE_ERR_OK = 0,           /* 0 - OK */
@@ -38,7 +38,7 @@ typedef enum {
   SANITIZE_ERR_LAST /* never use! */
 } SANITIZEcode;
 
-SANITIZEcode sanitize_file_name(char **const sanitized, const char *file_name,
+SANITIZEcode sanitize_file_name(char ** const sanitized, const char *file_name,
                                 int flags);
 
 #ifdef __DJGPP__
diff --git a/src/tool_easysrc.c b/src/tool_easysrc.c
index 4747f6dfe6..ba9d345645 100644
--- a/src/tool_easysrc.c
+++ b/src/tool_easysrc.c
@@ -41,7 +41,7 @@ struct slist_wc *easysrc_clean;  /* Clean up allocated data */
 int easysrc_mime_count;
 int easysrc_slist_count;
 
-static const char *const srchead[]={
+static const char * const srchead[] = {
   "/********* Sample code generated by the curl command line tool **********",
   " * All curl_easy_setopt() options are documented at:",
   " * https://curl.se/libcurl/c/curl_easy_setopt.html",
@@ -57,7 +57,7 @@ static const char *const srchead[]={
 /* easysrc_decl declarations come here */
 /* easysrc_data initialization come here */
 /* easysrc_code statements come here */
-static const char *const srchard[]={
+static const char * const srchard[] = {
   "/* Here is a list of options the curl code used that cannot get generated",
   "   as source easily. You may choose to either not use them or implement",
   "   them yourself.",
diff --git a/src/tool_filetime.c b/src/tool_filetime.c
index 041cc4dbd6..2d362b4bb7 100644
--- a/src/tool_filetime.c
+++ b/src/tool_filetime.c
@@ -51,8 +51,8 @@ int getfiletime(const char *filename, curl_off_t *stamp)
   if(hfile != INVALID_HANDLE_VALUE) {
     FILETIME ft;
     if(GetFileTime(hfile, NULL, NULL, &ft)) {
-      curl_off_t converted = (curl_off_t)ft.dwLowDateTime
-        | ((curl_off_t)ft.dwHighDateTime) << 32;
+      curl_off_t converted = (curl_off_t)ft.dwLowDateTime |
+        ((curl_off_t)ft.dwHighDateTime) << 32;
 
       if(converted < 116444736000000000)
         warnf("Failed to get filetime: underflow");
diff --git a/src/tool_filetime.h b/src/tool_filetime.h
index c3663617b5..fedb7a1957 100644
--- a/src/tool_filetime.h
+++ b/src/tool_filetime.h
@@ -31,7 +31,7 @@ int getfiletime(const char *filename, curl_off_t *stamp);
   (defined(_WIN32) && (SIZEOF_CURL_OFF_T >= 8))
 void setfiletime(curl_off_t filetime, const char *filename);
 #else
-#define setfiletime(a,b,c) tool_nop_stmt
+#define setfiletime(a, b, c) tool_nop_stmt
 #endif
 
 #endif /* HEADER_CURL_TOOL_FILETIME_H */
diff --git a/src/tool_findfile.c b/src/tool_findfile.c
index 4dbd7bccb4..c962eb86b8 100644
--- a/src/tool_findfile.c
+++ b/src/tool_findfile.c
@@ -51,7 +51,7 @@ static const struct finder conf_list[] = {
 #ifdef _WIN32
   { "USERPROFILE", NULL, FALSE },
   { "APPDATA", NULL, FALSE },
-  { "USERPROFILE", "\\Application Data", FALSE},
+  { "USERPROFILE", "\\Application Data", FALSE },
 #endif
   /* these are for .curlrc if XDG_CONFIG_HOME is not defined */
   { "CURL_HOME", "/.config", TRUE },
diff --git a/src/tool_formparse.c b/src/tool_formparse.c
index 181abf7b86..543f817cc3 100644
--- a/src/tool_formparse.c
+++ b/src/tool_formparse.c
@@ -86,8 +86,8 @@ static curl_off_t uztoso(size_t uznum)
 #  pragma warning(disable:4310) /* cast truncates constant value */
 #endif
 
-  DEBUGASSERT(uznum <= (size_t) CURL_MASK_SCOFFT);
-  return (curl_off_t)(uznum & (size_t) CURL_MASK_SCOFFT);
+  DEBUGASSERT(uznum <= (size_t)CURL_MASK_SCOFFT);
+  return (curl_off_t)(uznum & (size_t)CURL_MASK_SCOFFT);
 
 #if defined(__INTEL_COMPILER) || defined(_MSC_VER)
 #  pragma warning(pop)
@@ -192,12 +192,11 @@ void tool_mime_free(struct tool_mime *mime)
   }
 }
 
-
 /* Mime part callbacks for stdin. */
 size_t tool_mime_stdin_read(char *buffer,
                             size_t size, size_t nitems, void *arg)
 {
-  struct tool_mime *sip = (struct tool_mime *) arg;
+  struct tool_mime *sip = (struct tool_mime *)arg;
   curl_off_t bytesleft;
   (void)size;  /* Always 1: ignored. */
 
@@ -230,7 +229,7 @@ size_t tool_mime_stdin_read(char *buffer,
 
 int tool_mime_stdin_seek(void *instream, curl_off_t offset, int whence)
 {
-  struct tool_mime *sip = (struct tool_mime *) instream;
+  struct tool_mime *sip = (struct tool_mime *)instream;
 
   switch(whence) {
   case SEEK_CUR:
@@ -296,8 +295,8 @@ static CURLcode tool2curlparts(CURL *curl, struct tool_mime *m,
         FALLTHROUGH();
       case TOOLMIME_STDINDATA:
         ret = curl_mime_data_cb(part, m->size,
-                                (curl_read_callback) tool_mime_stdin_read,
-                                (curl_seek_callback) tool_mime_stdin_seek,
+                                (curl_read_callback)tool_mime_stdin_read,
+                                (curl_seek_callback)tool_mime_stdin_seek,
                                 NULL, m);
         break;
 
@@ -372,8 +371,7 @@ static char *get_param_word(char **str, char **end_pos, char endchar)
             if(*ptr == '\\' && (ptr[1] == '\\' || ptr[1] == '"'))
               ++ptr;
             *ptr2++ = *ptr++;
-          }
-          while(ptr < *end_pos);
+          } while(ptr < *end_pos);
           *end_pos = ptr2;
         }
         ++ptr;
@@ -428,7 +426,7 @@ static int read_field_headers(FILE *fp, struct curl_slist **pheaders)
     else if(ptr[0] == ' ') /* a continuation from the line before */
       folded = TRUE;
     /* trim off trailing CRLFs and whitespaces */
-    while(len && (ISNEWLINE(ptr[len -1]) || ISBLANK(ptr[len - 1])))
+    while(len && (ISNEWLINE(ptr[len - 1]) || ISBLANK(ptr[len - 1])))
       len--;
 
     if(!len)
@@ -658,7 +656,6 @@ static int get_param_part(char endchar,
   return sep & 0xFF;
 }
 
-
 /***************************************************************************
  *
  * formparse()
@@ -706,13 +703,13 @@ static int get_param_part(char endchar,
  *
  ***************************************************************************/
 
-#define SET_TOOL_MIME_PTR(m, field)                                     \
-  do {                                                                  \
-    if(field) {                                                         \
-      (m)->field = curlx_strdup(field);                                 \
-      if(!(m)->field)                                                   \
-        goto fail;                                                      \
-    }                                                                   \
+#define SET_TOOL_MIME_PTR(m, field)     \
+  do {                                  \
+    if(field) {                         \
+      (m)->field = curlx_strdup(field); \
+      if(!(m)->field)                   \
+        goto fail;                      \
+    }                                   \
   } while(0)
 
 int formparse(const char *input,
@@ -811,9 +808,8 @@ int formparse(const char *input,
         part->headers = headers;
         headers = NULL;
         if(res == CURLE_READ_ERROR) {
-            /* An error occurred while reading stdin: if read has started,
-               issue the error now. Else, delay it until processed by
-               libcurl. */
+          /* An error occurred while reading stdin: if read has started,
+             issue the error now. Else, delay it until processed by libcurl. */
           if(part->size > 0) {
             warnf("error while reading standard input");
             goto fail;
@@ -838,8 +834,7 @@ int formparse(const char *input,
         if(sep < 0)
           goto fail;
 
-        part = tool_mime_new_filedata(*mimecurrent, data, FALSE,
-                                      &res);
+        part = tool_mime_new_filedata(*mimecurrent, data, FALSE, &res);
         if(!part)
           goto fail;
         part->headers = headers;
@@ -879,7 +874,7 @@ int formparse(const char *input,
       SET_TOOL_MIME_PTR(part, encoder);
 
       if(sep) {
-        *contp = (char) sep;
+        *contp = (char)sep;
         warnf("garbage at end of field specification: %s", contp);
       }
     }
diff --git a/src/tool_getparam.c b/src/tool_getparam.c
index 7afb0c5fc0..89385af844 100644
--- a/src/tool_getparam.c
+++ b/src/tool_getparam.c
@@ -39,7 +39,7 @@
 #include "var.h"
 
 #define ALLOW_BLANK TRUE
-#define DENY_BLANK FALSE
+#define DENY_BLANK  FALSE
 
 static ParameterError getstr(char **str, const char *val, bool allowblank)
 {
@@ -432,22 +432,22 @@ ParameterError parse_cert_parameter(const char *cert_parameter,
     case '\\':
       param_place++;
       switch(*param_place) {
-        case '\0':
-          *certname_place++ = '\\';
-          break;
-        case '\\':
-          *certname_place++ = '\\';
-          param_place++;
-          break;
-        case ':':
-          *certname_place++ = ':';
-          param_place++;
-          break;
-        default:
-          *certname_place++ = '\\';
-          *certname_place++ = *param_place;
-          param_place++;
-          break;
+      case '\0':
+        *certname_place++ = '\\';
+        break;
+      case '\\':
+        *certname_place++ = '\\';
+        param_place++;
+        break;
+      case ':':
+        *certname_place++ = ':';
+        param_place++;
+        break;
+      default:
+        *certname_place++ = '\\';
+        *certname_place++ = *param_place;
+        param_place++;
+        break;
       }
       break;
     case ':':
@@ -459,7 +459,7 @@ ParameterError parse_cert_parameter(const char *cert_parameter,
 #ifdef _WIN32
       if((param_place == &cert_parameter[1]) &&
          (cert_parameter[2] == '\\' || cert_parameter[2] == '/') &&
-         (ISALPHA(cert_parameter[0])) ) {
+         (ISALPHA(cert_parameter[0]))) {
         /* colon in the second column, followed by a backslash, and the
            first character is an alphabetic letter:
 
@@ -503,7 +503,7 @@ static size_t replace_url_encoded_space_by_plus(char *url)
       url[new_index] = '+';
       orig_index += 3;
     }
-    else{
+    else {
       if(new_index != orig_index) {
         url[new_index] = url[orig_index];
       }
@@ -517,8 +517,8 @@ static size_t replace_url_encoded_space_by_plus(char *url)
   return new_index; /* new size */
 }
 
-static ParameterError
-GetFileAndPassword(const char *nextarg, char **file, char **password)
+static ParameterError GetFileAndPassword(const char *nextarg, char **file,
+                                         char **password)
 {
   char *certname, *passphrase;
   ParameterError err;
@@ -558,15 +558,15 @@ static ParameterError GetSizeParameter(const char *arg,
   switch(*unit) {
   case 'G':
   case 'g':
-    if(value > (CURL_OFF_T_MAX / (1024*1024*1024)))
+    if(value > (CURL_OFF_T_MAX / (1024 * 1024 * 1024)))
       return PARAM_NUMBER_TOO_LARGE;
-    value *= 1024*1024*1024;
+    value *= 1024 * 1024 * 1024;
     break;
   case 'M':
   case 'm':
-    if(value > (CURL_OFF_T_MAX / (1024*1024)))
+    if(value > (CURL_OFF_T_MAX / (1024 * 1024)))
       return PARAM_NUMBER_TOO_LARGE;
-    value *= 1024*1024;
+    value *= 1024 * 1024;
     break;
   case 'K':
   case 'k':
@@ -602,7 +602,7 @@ static void cleanarg(char *str)
 #endif
 
 /* the maximum size we allow the dynbuf generated string */
-#define MAX_DATAURLENCODE (500*1024*1024)
+#define MAX_DATAURLENCODE (500 * 1024 * 1024)
 
 /* --data-urlencode */
 static ParameterError data_urlencode(const char *nextarg,
@@ -706,8 +706,7 @@ error:
   return err;
 }
 
-static void sethttpver(struct OperationConfig *config,
-                       long httpversion)
+static void sethttpver(struct OperationConfig *config, long httpversion)
 {
   if(config->httpversion &&
      (config->httpversion != httpversion))
@@ -732,20 +731,20 @@ static CURLcode set_trace_config(const char *token)
       len = strlen(token);
 
     switch(*token) {
-      case '-':
-        toggle = FALSE;
-        name = token + 1;
-        len--;
-        break;
-      case '+':
-        toggle = TRUE;
-        name = token + 1;
-        len--;
-        break;
-      default:
-        toggle = TRUE;
-        name = token;
-        break;
+    case '-':
+      toggle = FALSE;
+      name = token + 1;
+      len--;
+      break;
+    case '+':
+      toggle = TRUE;
+      name = token + 1;
+      len--;
+      break;
+    default:
+      toggle = TRUE;
+      name = token;
+      break;
     }
 
     if((len == 3) && curl_strnequal(name, "all", 3)) {
@@ -816,37 +815,37 @@ struct TOSEntry {
 };
 
 static const struct TOSEntry tos_entries[] = {
-  {"AF11", 0x28},
-  {"AF12", 0x30},
-  {"AF13", 0x38},
-  {"AF21", 0x48},
-  {"AF22", 0x50},
-  {"AF23", 0x58},
-  {"AF31", 0x68},
-  {"AF32", 0x70},
-  {"AF33", 0x78},
-  {"AF41", 0x88},
-  {"AF42", 0x90},
-  {"AF43", 0x98},
-  {"CE",   0x03},
-  {"CS0",  0x00},
-  {"CS1",  0x20},
-  {"CS2",  0x40},
-  {"CS3",  0x60},
-  {"CS4",  0x80},
-  {"CS5",  0xa0},
-  {"CS6",  0xc0},
-  {"CS7",  0xe0},
-  {"ECT0", 0x02},
-  {"ECT1", 0x01},
-  {"EF",   0xb8},
-  {"LE",   0x04},
-  {"LOWCOST",     0x02},
-  {"LOWDELAY",    0x10},
-  {"MINCOST",     0x02},
-  {"RELIABILITY", 0x04},
-  {"THROUGHPUT",  0x08},
-  {"VOICE-ADMIT", 0xb0}
+  { "AF11", 0x28 },
+  { "AF12", 0x30 },
+  { "AF13", 0x38 },
+  { "AF21", 0x48 },
+  { "AF22", 0x50 },
+  { "AF23", 0x58 },
+  { "AF31", 0x68 },
+  { "AF32", 0x70 },
+  { "AF33", 0x78 },
+  { "AF41", 0x88 },
+  { "AF42", 0x90 },
+  { "AF43", 0x98 },
+  { "CE",   0x03 },
+  { "CS0",  0x00 },
+  { "CS1",  0x20 },
+  { "CS2",  0x40 },
+  { "CS3",  0x60 },
+  { "CS4",  0x80 },
+  { "CS5",  0xa0 },
+  { "CS6",  0xc0 },
+  { "CS7",  0xe0 },
+  { "ECT0", 0x02 },
+  { "ECT1", 0x01 },
+  { "EF",   0xb8 },
+  { "LE",   0x04 },
+  { "LOWCOST",     0x02 },
+  { "LOWDELAY",    0x10 },
+  { "MINCOST",     0x02 },
+  { "RELIABILITY", 0x04 },
+  { "THROUGHPUT",  0x08 },
+  { "VOICE-ADMIT", 0xb0 }
 };
 
 static int find_tos(const void *a, const void *b)
@@ -986,9 +985,9 @@ static ParameterError set_rate(const char *nextarg)
   const char *div = strchr(nextarg, '/');
   char number[26];
   long denominator;
-  long numerator = 60*60*1000; /* default per hour */
+  long numerator = 60 * 60 * 1000; /* default per hour */
   size_t numlen = div ? (size_t)(div - nextarg) : strlen(nextarg);
-  if(numlen > sizeof(number) -1)
+  if(numlen > sizeof(number) - 1)
     return PARAM_NUMBER_TOO_LARGE;
 
   memcpy(number, nextarg, numlen);
@@ -1012,12 +1011,12 @@ static ParameterError set_rate(const char *nextarg)
       numerator = 1000;
       break;
     case 'm': /* per minute */
-      numerator = 60*1000;
+      numerator = 60 * 1000;
       break;
     case 'h': /* per hour */
       break;
     case 'd': /* per day */
-      numerator = 24*60*60*1000;
+      numerator = 24 * 60 * 60 * 1000;
       break;
     default:
       errorf("unsupported --rate unit");
@@ -1040,7 +1039,7 @@ static ParameterError set_rate(const char *nextarg)
   else if(denominator > numerator)
     err = PARAM_NUMBER_TOO_LARGE;
   else
-    global->ms_per_transfer = numerator/denominator;
+    global->ms_per_transfer = numerator / denominator;
 
   return err;
 }
@@ -1133,7 +1132,6 @@ static ParameterError parse_url(struct OperationConfig *config,
   return add_url(config, nextarg, FALSE);
 }
 
-
 static ParameterError parse_localport(struct OperationConfig *config,
                                       const char *nextarg)
 {
@@ -1163,7 +1161,7 @@ static ParameterError parse_localport(struct OperationConfig *config,
   else {
     if(str2unummax(&config->localportrange, pp, 65535))
       return PARAM_BAD_USE;
-    config->localportrange -= (config->localport-1);
+    config->localportrange -= (config->localport - 1);
     if(config->localportrange < 1)
       return PARAM_BAD_USE;
   }
@@ -1237,7 +1235,7 @@ static ParameterError parse_ech(struct OperationConfig *config,
         curlx_fclose(file);
       if(err)
         return err;
-      config->ech_config = curl_maprintf("ecl:%s",tmpcfg);
+      config->ech_config = curl_maprintf("ecl:%s", tmpcfg);
       curlx_free(tmpcfg);
       if(!config->ech_config)
         return PARAM_NO_MEM;
@@ -1268,7 +1266,7 @@ static ParameterError parse_header(struct OperationConfig *config,
     else {
       struct dynbuf line;
       bool error = FALSE;
-      curlx_dyn_init(&line, 1024*100);
+      curlx_dyn_init(&line, 1024 * 100);
       while(my_get_line(file, &line, &error)) {
         const char *ptr = curlx_dyn_ptr(&line);
         err = add2list(cmd == C_PROXY_HEADER ? /* --proxy-header? */
@@ -1287,7 +1285,7 @@ static ParameterError parse_header(struct OperationConfig *config,
   else {
     if(!strchr(nextarg, ':') && !strchr(nextarg, ';')) {
       warnf("The provided %s header '%s' does not look like a header?",
-            (cmd == C_PROXY_HEADER) ? "proxy": "HTTP", nextarg);
+            (cmd == C_PROXY_HEADER) ? "proxy" : "HTTP", nextarg);
     }
     if(cmd == C_PROXY_HEADER) /* --proxy-header */
       err = add2list(&config->proxyheaders, nextarg);
@@ -1629,12 +1627,12 @@ struct flagmap {
 };
 
 static const struct flagmap flag_table[] = {
-  {"answered", 8, CURLULFLAG_ANSWERED},
-  {"deleted",  7, CURLULFLAG_DELETED},
-  {"draft",    5, CURLULFLAG_DRAFT},
-  {"flagged",  7, CURLULFLAG_FLAGGED},
-  {"seen",     4, CURLULFLAG_SEEN},
-  {NULL,       0, 0}
+  { "answered", 8, CURLULFLAG_ANSWERED },
+  { "deleted",  7, CURLULFLAG_DELETED },
+  { "draft",    5, CURLULFLAG_DRAFT },
+  { "flagged",  7, CURLULFLAG_FLAGGED },
+  { "seen",     4, CURLULFLAG_SEEN },
+  { NULL,       0, 0 }
 };
 
 static ParameterError parse_upload_flags(struct OperationConfig *config,
@@ -2902,7 +2900,7 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */
     p = word;
     /* is there an '=' ? */
     if(!curlx_str_until(&p, &out, MAX_OPTION_LEN, '=') &&
-       !curlx_str_single(&p, '=') ) {
+       !curlx_str_single(&p, '=')) {
       /* there is an equal sign */
       char tempword[MAX_OPTION_LEN + 1];
       memcpy(tempword, curlx_str(&out), curlx_strlen(&out));
diff --git a/src/tool_getparam.h b/src/tool_getparam.h
index d4812f6ceb..10b2351874 100644
--- a/src/tool_getparam.h
+++ b/src/tool_getparam.h
@@ -319,12 +319,12 @@ typedef enum {
 #define ARG_FILE 3 /* requires an argument, usually a filename */
 
 #define ARG_TYPEMASK 0x03
-#define ARGTYPE(x) ((x) & ARG_TYPEMASK)
+#define ARGTYPE(x)   ((x) & ARG_TYPEMASK)
 
-#define ARG_DEPR 0x10 /* deprecated option */
+#define ARG_DEPR  0x10 /* deprecated option */
 #define ARG_CLEAR 0x20 /* clear cmdline argument */
-#define ARG_TLS 0x40 /* requires TLS support */
-#define ARG_NO 0x80 /* set if the option is documented as --no-* */
+#define ARG_TLS   0x40 /* requires TLS support */
+#define ARG_NO    0x80 /* set if the option is documented as --no-* */
 
 struct LongShort {
   const char *lname;  /* long name option */
@@ -383,7 +383,7 @@ ParameterError parse_args(int argc, argv_item_t argv[]);
 
 #define convert_UTF8_to_tchar(ptr) curlx_convert_UTF8_to_wchar((ptr))
 #define convert_tchar_to_UTF8(ptr) curlx_convert_wchar_to_UTF8((ptr))
-#define unicodefree(ptr) curlx_unicodefree(ptr)
+#define unicodefree(ptr)           curlx_unicodefree(ptr)
 
 #else
 
diff --git a/src/tool_getpass.c b/src/tool_getpass.c
index b0316510bc..f2423790fe 100644
--- a/src/tool_getpass.c
+++ b/src/tool_getpass.c
@@ -98,17 +98,16 @@ char *getpass_r(const char *prompt, char *buffer, size_t buflen)
       buffer[i] = '\0';
       break;
     }
-    else
-      if(buffer[i] == '\b')
-        /* remove this letter and if this is not the first key, remove the
+    else if(buffer[i] == '\b')
+      /* remove this letter and if this is not the first key, remove the
            previous one as well */
-        i = i - (i >= 1 ? 2 : 1);
+      i = i - (i >= 1 ? 2 : 1);
   }
   /* since echo is disabled, print a newline */
   fputs("\n", tool_stderr);
   /* if user did not hit ENTER, terminate buffer */
   if(i == buflen)
-    buffer[buflen-1] = '\0';
+    buffer[buflen - 1] = '\0';
 
   return buffer; /* we always return success */
 }
diff --git a/src/tool_help.c b/src/tool_help.c
index bbe8dc68a4..7355d2a782 100644
--- a/src/tool_help.c
+++ b/src/tool_help.c
@@ -41,31 +41,31 @@ struct category_descriptors {
 
 static const struct category_descriptors categories[] = {
   /* important is left out because it is the default help page */
-  {"auth", "Authentication methods", CURLHELP_AUTH},
-  {"connection", "Manage connections", CURLHELP_CONNECTION},
-  {"curl", "The command line tool itself", CURLHELP_CURL},
-  {"deprecated", "Legacy", CURLHELP_DEPRECATED},
-  {"dns", "Names and resolving", CURLHELP_DNS},
-  {"file", "FILE protocol", CURLHELP_FILE},
-  {"ftp", "FTP protocol", CURLHELP_FTP},
-  {"global", "Global options", CURLHELP_GLOBAL},
-  {"http", "HTTP and HTTPS protocol", CURLHELP_HTTP},
-  {"imap", "IMAP protocol", CURLHELP_IMAP},
-  {"ldap", "LDAP protocol", CURLHELP_LDAP},
-  {"output", "File system output", CURLHELP_OUTPUT},
-  {"pop3", "POP3 protocol", CURLHELP_POP3},
-  {"post", "HTTP POST specific", CURLHELP_POST},
-  {"proxy", "Options for proxies", CURLHELP_PROXY},
-  {"scp", "SCP protocol", CURLHELP_SCP},
-  {"sftp", "SFTP protocol", CURLHELP_SFTP},
-  {"smtp", "SMTP protocol", CURLHELP_SMTP},
-  {"ssh", "SSH protocol", CURLHELP_SSH},
-  {"telnet", "TELNET protocol", CURLHELP_TELNET},
-  {"tftp", "TFTP protocol", CURLHELP_TFTP},
-  {"timeout", "Timeouts and delays", CURLHELP_TIMEOUT},
-  {"tls", "TLS/SSL related", CURLHELP_TLS},
-  {"upload", "Upload, sending data", CURLHELP_UPLOAD},
-  {"verbose", "Tracing, logging etc", CURLHELP_VERBOSE}
+  { "auth", "Authentication methods", CURLHELP_AUTH },
+  { "connection", "Manage connections", CURLHELP_CONNECTION },
+  { "curl", "The command line tool itself", CURLHELP_CURL },
+  { "deprecated", "Legacy", CURLHELP_DEPRECATED },
+  { "dns", "Names and resolving", CURLHELP_DNS },
+  { "file", "FILE protocol", CURLHELP_FILE },
+  { "ftp", "FTP protocol", CURLHELP_FTP },
+  { "global", "Global options", CURLHELP_GLOBAL },
+  { "http", "HTTP and HTTPS protocol", CURLHELP_HTTP },
+  { "imap", "IMAP protocol", CURLHELP_IMAP },
+  { "ldap", "LDAP protocol", CURLHELP_LDAP },
+  { "output", "File system output", CURLHELP_OUTPUT },
+  { "pop3", "POP3 protocol", CURLHELP_POP3 },
+  { "post", "HTTP POST specific", CURLHELP_POST },
+  { "proxy", "Options for proxies", CURLHELP_PROXY },
+  { "scp", "SCP protocol", CURLHELP_SCP },
+  { "sftp", "SFTP protocol", CURLHELP_SFTP },
+  { "smtp", "SMTP protocol", CURLHELP_SMTP },
+  { "ssh", "SSH protocol", CURLHELP_SSH },
+  { "telnet", "TELNET protocol", CURLHELP_TELNET },
+  { "tftp", "TFTP protocol", CURLHELP_TFTP },
+  { "timeout", "Timeouts and delays", CURLHELP_TIMEOUT },
+  { "tls", "TLS/SSL related", CURLHELP_TLS },
+  { "upload", "Upload, sending data", CURLHELP_UPLOAD },
+  { "verbose", "Tracing, logging etc", CURLHELP_VERBOSE }
 };
 
 static void print_category(unsigned int category, unsigned int cols)
@@ -228,7 +228,8 @@ void tool_help(const char *category)
   unsigned int cols = get_terminal_columns();
   /* If no category was provided */
   if(!category) {
-    const char *category_note = "\nThis is not the full help; this "
+    const char *category_note =
+      "\nThis is not the full help; this "
       "menu is split into categories.\nUse \"--help category\" to get "
       "an overview of all categories, which are:";
     const char *category_note2 =
@@ -303,7 +304,7 @@ void tool_help(const char *category)
 
 static bool is_debug(void)
 {
-  const char *const *builtin;
+  const char * const *builtin;
   for(builtin = feature_names; *builtin; ++builtin)
     if(curl_strequal("debug", *builtin))
       return TRUE;
@@ -312,7 +313,7 @@ static bool is_debug(void)
 
 void tool_version_info(void)
 {
-  const char *const *builtin;
+  const char * const *builtin;
   if(is_debug())
     curl_mfprintf(tool_stderr, "WARNING: this libcurl is Debug-enabled, "
                   "do not use in production\n\n");
diff --git a/src/tool_helpers.c b/src/tool_helpers.c
index 2e308a248f..c32e1bbaab 100644
--- a/src/tool_helpers.c
+++ b/src/tool_helpers.c
@@ -75,7 +75,7 @@ const char *param2text(ParameterError error)
 int SetHTTPrequest(HttpReq req, HttpReq *store)
 {
   /* this mirrors the HttpReq enum in tool_sdecls.h */
-  const char *reqname[]= {
+  const char *reqname[] = {
     "", /* unspec */
     "GET (-G, --get)",
     "HEAD (-I, --head)",
@@ -99,7 +99,7 @@ int SetHTTPrequest(HttpReq req, HttpReq *store)
 void customrequest_helper(HttpReq req, char *method)
 {
   /* this mirrors the HttpReq enum in tool_sdecls.h */
-  const char *dflt[]= {
+  const char *dflt[] = {
     "GET",
     "GET",
     "HEAD",
diff --git a/src/tool_ipfs.c b/src/tool_ipfs.c
index c1d27fc99b..25bff3152f 100644
--- a/src/tool_ipfs.c
+++ b/src/tool_ipfs.c
@@ -157,8 +157,8 @@ CURLcode ipfs_url_rewrite(CURLU *uh, const char *protocol, char **url,
   }
 
   /* check for unsupported gateway parts */
-  if(curl_url_get(gatewayurl, CURLUPART_QUERY, &gwquery, 0)
-                  != CURLUE_NO_QUERY) {
+  if(curl_url_get(gatewayurl, CURLUPART_QUERY, &gwquery, 0) !=
+     CURLUE_NO_QUERY) {
     result = CURLE_URL_MALFORMAT;
     goto clean;
   }
diff --git a/src/tool_libinfo.c b/src/tool_libinfo.c
index 1687005481..18e0d6964e 100644
--- a/src/tool_libinfo.c
+++ b/src/tool_libinfo.c
@@ -137,7 +137,7 @@ size_t feature_count;
 CURLcode get_libcurl_info(void)
 {
   CURLcode result = CURLE_OK;
-  const char *const *builtin;
+  const char * const *builtin;
 
   /* Pointer to libcurl's runtime version information */
   curlinfo = curl_version_info(CURLVERSION_NOW);
diff --git a/src/tool_main.c b/src/tool_main.c
index eb15ae740d..3784f280f6 100644
--- a/src/tool_main.c
+++ b/src/tool_main.c
@@ -109,7 +109,7 @@ static void memory_tracking_init(void)
     /* use the value as filename */
     char fname[512];
     if(strlen(env) >= sizeof(fname))
-      env[sizeof(fname)-1] = '\0';
+      env[sizeof(fname) - 1] = '\0';
     strcpy(fname, env);
     curl_free(env);
     curl_dbg_memdebug(fname);
diff --git a/src/tool_main.h b/src/tool_main.h
index 53ee9a3702..7578616320 100644
--- a/src/tool_main.h
+++ b/src/tool_main.h
@@ -30,10 +30,10 @@
 #define RETRY_SLEEP_DEFAULT 1000L   /* ms */
 #define RETRY_SLEEP_MAX     600000L /* ms == 10 minutes */
 
-#define MAX_PARALLEL 65535
+#define MAX_PARALLEL     65535
 #define PARALLEL_DEFAULT 50
 
-#define MAX_PARALLEL_HOST 65535
+#define MAX_PARALLEL_HOST     65535
 #define PARALLEL_HOST_DEFAULT 0 /* means not used */
 
 #endif /* HEADER_CURL_TOOL_MAIN_H */
diff --git a/src/tool_msgs.c b/src/tool_msgs.c
index b385f75cf8..b4fc1fb6fd 100644
--- a/src/tool_msgs.c
+++ b/src/tool_msgs.c
@@ -28,8 +28,8 @@
 #include "tool_cb_prg.h"
 #include "terminal.h"
 
-#define WARN_PREFIX "Warning: "
-#define NOTE_PREFIX "Note: "
+#define WARN_PREFIX  "Warning: "
+#define NOTE_PREFIX  "Note: "
 #define ERROR_PREFIX "curl: "
 
 static void voutf(const char *prefix,
@@ -53,7 +53,7 @@ static void voutf(const char *prefix,
     fputs(prefix, tool_stderr);
 
     if(len > width) {
-      size_t cut = width-1;
+      size_t cut = width - 1;
 
       while(!ISBLANK(ptr[cut]) && cut) {
         cut--;
@@ -61,7 +61,7 @@ static void voutf(const char *prefix,
       if(cut == 0)
         /* not a single cutting position was found, just cut it at the
            max text width then! */
-        cut = width-1;
+        cut = width - 1;
 
       (void)fwrite(ptr, cut + 1, 1, tool_stderr);
       fputs("\n", tool_stderr);
@@ -121,9 +121,9 @@ void helpf(const char *fmt, ...)
   }
   curl_mfprintf(tool_stderr, "curl: try 'curl --help' "
 #ifdef USE_MANUAL
-                "or 'curl --manual' "
+                             "or 'curl --manual' "
 #endif
-                "for more information\n");
+                             "for more information\n");
 }
 
 /*
diff --git a/src/tool_msgs.h b/src/tool_msgs.h
index 99a980234a..be75d95593 100644
--- a/src/tool_msgs.h
+++ b/src/tool_msgs.h
@@ -26,13 +26,9 @@
 #include "tool_setup.h"
 #include "tool_cfgable.h"
 
-void warnf(const char *fmt, ...)
-  CURL_PRINTF(1, 2);
-void notef(const char *fmt, ...)
-  CURL_PRINTF(1, 2);
-void helpf(const char *fmt, ...)
-  CURL_PRINTF(1, 2);
-void errorf(const char *fmt, ...)
-  CURL_PRINTF(1, 2);
+void warnf(const char *fmt, ...) CURL_PRINTF(1, 2);
+void notef(const char *fmt, ...) CURL_PRINTF(1, 2);
+void helpf(const char *fmt, ...) CURL_PRINTF(1, 2);
+void errorf(const char *fmt, ...) CURL_PRINTF(1, 2);
 
 #endif /* HEADER_CURL_TOOL_MSGS_H */
diff --git a/src/tool_operate.c b/src/tool_operate.c
index 71d29af8d8..25c1473b96 100644
--- a/src/tool_operate.c
+++ b/src/tool_operate.c
@@ -155,7 +155,7 @@ static curl_off_t vms_realfilesize(const char *name,
   char buffer[8192];
   curl_off_t count;
   int ret_stat;
-  FILE * file;
+  FILE *file;
 
   /* !checksrc! disable FOPENMODE 1 */
   file = curlx_fopen(name, "r"); /* VMS */
@@ -180,8 +180,7 @@ static curl_off_t vms_realfilesize(const char *name,
  *  if not to call a routine to get the correct size.
  *
  */
-static curl_off_t VmsSpecialSize(const char *name,
-                                 const struct_stat *stat_buf)
+static curl_off_t VmsSpecialSize(const char *name, const struct_stat *stat_buf)
 {
   switch(stat_buf->st_fab_rfm) {
   case FAB$C_VAR:
@@ -451,7 +450,7 @@ static CURLcode retrycheck(struct OperationConfig *config,
   if(retry) {
     long sleeptime = 0;
     curl_off_t retry_after = 0;
-    static const char * const m[]={
+    static const char * const m[] = {
       NULL,
       "(retrying all errors)",
       ": timeout",
@@ -465,7 +464,7 @@ static CURLcode retrycheck(struct OperationConfig *config,
       curl_easy_getinfo(curl, CURLINFO_RETRY_AFTER, &retry_after);
       if(retry_after) {
         /* store in a 'long', make sure it does not overflow */
-        if(retry_after > LONG_MAX/1000)
+        if(retry_after > LONG_MAX / 1000)
           sleeptime = LONG_MAX;
         else if((retry_after * 1000) > sleeptime)
           sleeptime = (long)retry_after * 1000; /* milliseconds */
@@ -500,10 +499,10 @@ static CURLcode retrycheck(struct OperationConfig *config,
     warnf("Problem %s. "
           "Will retry in %ld%s%.*ld second%s. "
           "%ld retr%s left.",
-          m[retry], sleeptime/1000L,
-          (sleeptime%1000L ? "." : ""),
-          (sleeptime%1000L ? 3 : 0),
-          sleeptime%1000L,
+          m[retry], sleeptime / 1000L,
+          (sleeptime % 1000L ? "." : ""),
+          (sleeptime % 1000L ? 3 : 0),
+          sleeptime % 1000L,
           (sleeptime == 1000L ? "" : "s"),
           per->retry_remaining,
           (per->retry_remaining > 1 ? "ies" : "y"));
@@ -547,8 +546,7 @@ static CURLcode retrycheck(struct OperationConfig *config,
         outs->init += outs->bytes;
         outs->bytes = 0;
         config->resume_from = outs->init;
-        curl_easy_setopt(curl, CURLOPT_RESUME_FROM_LARGE,
-                         config->resume_from);
+        curl_easy_setopt(curl, CURLOPT_RESUME_FROM_LARGE, config->resume_from);
       }
     }
 
@@ -562,8 +560,7 @@ static CURLcode retrycheck(struct OperationConfig *config,
         int rc;
         /* We have written data to an output file, we truncate file */
         fflush(outs->stream);
-        notef("Throwing away %"  CURL_FORMAT_CURL_OFF_T " bytes",
-              outs->bytes);
+        notef("Throwing away %" CURL_FORMAT_CURL_OFF_T " bytes", outs->bytes);
         /* truncate file at the position where we started appending */
 #if defined(HAVE_FTRUNCATE) && !defined(__DJGPP__) && !defined(__AMIGA__)
         if(ftruncate(fileno(outs->stream), outs->init)) {
@@ -595,7 +592,6 @@ static CURLcode retrycheck(struct OperationConfig *config,
   return result;
 }
 
-
 /*
  * Call this after a transfer has completed.
  */
@@ -706,7 +702,7 @@ static CURLcode post_per_transfer(struct per_transfer *per,
   if(per->retry_remaining &&
      (!config->retry_maxtime_ms ||
       (curlx_timediff_ms(curlx_now(), per->retrystart) <
-       config->retry_maxtime_ms)) ) {
+       config->retry_maxtime_ms))) {
     result = retrycheck(config, per, result, retryp, delay);
     if(!result && *retryp)
       return CURLE_OK; /* retry! */
@@ -735,8 +731,7 @@ static CURLcode post_per_transfer(struct per_transfer *per,
           warnf("Failed removing: %s", outs->filename);
       }
       else
-        warnf("Skipping removal; not a regular file: %s",
-              outs->filename);
+        warnf("Skipping removal; not a regular file: %s", outs->filename);
     }
   }
 
@@ -825,8 +820,7 @@ static CURLcode append2query(struct OperationConfig *config,
   CURLU *uh = curl_url();
   if(uh) {
     CURLUcode uerr;
-    uerr = curl_url_set(uh, CURLUPART_URL, per->url,
-                        CURLU_GUESS_SCHEME);
+    uerr = curl_url_set(uh, CURLUPART_URL, per->url, CURLU_GUESS_SCHEME);
     if(uerr) {
       result = urlerr_cvt(uerr);
       errorf("(%d) Could not parse the URL, "
@@ -837,8 +831,7 @@ static CURLcode append2query(struct OperationConfig *config,
       char *updated = NULL;
       uerr = curl_url_set(uh, CURLUPART_QUERY, q, CURLU_APPENDQUERY);
       if(!uerr)
-        uerr = curl_url_get(uh, CURLUPART_URL, &updated,
-                            CURLU_GUESS_SCHEME);
+        uerr = curl_url_get(uh, CURLUPART_URL, &updated, CURLU_GUESS_SCHEME);
       if(uerr)
         result = urlerr_cvt(uerr);
       else {
@@ -1333,8 +1326,7 @@ static CURLcode single_transfer(struct OperationConfig *config,
         /*
          * We have specified a file to upload and it is not "-".
          */
-        result = add_file_name_to_url(per->curl, &per->url,
-                                      per->uploadfile);
+        result = add_file_name_to_url(per->curl, &per->url, per->uploadfile);
         if(result)
           return result;
       }
@@ -1370,8 +1362,7 @@ static CURLcode single_transfer(struct OperationConfig *config,
     }
 
     /* explicitly passed to stdout means okaying binary gunk */
-    config->terminal_binary_ok =
-      (per->outfile && !strcmp(per->outfile, "-"));
+    config->terminal_binary_ok = (per->outfile && !strcmp(per->outfile, "-"));
 
     hdrcbdata->honor_cd_filename =
       (config->content_disposition && u->useremote);
@@ -1428,7 +1419,7 @@ static CURLcode add_parallel_transfers(CURLM *multi, CURLSH *share,
     return CURLE_UNKNOWN_OPTION;
   }
 
-  if(nxfers < (curl_off_t)(global->parallel_max*2)) {
+  if(nxfers < (curl_off_t)(global->parallel_max * 2)) {
     bool skipped = FALSE;
     do {
       result = create_transfer(share, addedp, &skipped);
@@ -1513,7 +1504,7 @@ struct parastate {
 
 #if defined(DEBUGBUILD) && defined(USE_LIBUV)
 
-#define DEBUG_UV    0
+#define DEBUG_UV 0
 
 /* object to pass to the callbacks */
 struct datauv {
@@ -1535,7 +1526,7 @@ static void mnotify(CURLM *multi, unsigned int notification,
 static void on_uv_socket(uv_poll_t *req, int status, int events)
 {
   int flags = 0;
-  struct contextuv *c = (struct contextuv *) req->data;
+  struct contextuv *c = (struct contextuv *)req->data;
   (void)status;
   if(events & UV_READABLE)
     flags |= CURL_CSELECT_IN;
@@ -1550,7 +1541,7 @@ static void on_uv_socket(uv_poll_t *req, int status, int events)
 /* callback from libuv when timeout expires */
 static void on_uv_timeout(uv_timer_t *req)
 {
-  struct datauv *uv = (struct datauv *) req->data;
+  struct datauv *uv = (struct datauv *)req->data;
 #if DEBUG_UV
   curl_mfprintf(tool_stderr, "parallel_event: on_uv_timeout\n");
 #endif
@@ -1599,13 +1590,13 @@ static struct contextuv *create_context(curl_socket_t sockfd,
 
 static void close_cb(uv_handle_t *handle)
 {
-  struct contextuv *c = (struct contextuv *) handle->data;
+  struct contextuv *c = (struct contextuv *)handle->data;
   curlx_free(c);
 }
 
 static void destroy_context(struct contextuv *c)
 {
-  uv_close((uv_handle_t *) &c->poll_handle, close_cb);
+  uv_close((uv_handle_t *)&c->poll_handle, close_cb);
 }
 
 /* callback from libcurl to update socket activity to wait for */
@@ -1625,8 +1616,7 @@ static int cb_socket(CURL *easy, curl_socket_t s, int action,
   case CURL_POLL_IN:
   case CURL_POLL_OUT:
   case CURL_POLL_INOUT:
-    c = socketp ?
-      (struct contextuv *) socketp : create_context(s, uv);
+    c = socketp ? (struct contextuv *)socketp : create_context(s, uv);
 
     curl_multi_assign(uv->s->multi, s, c);
 
@@ -1753,7 +1743,7 @@ static CURLcode check_finished(struct parastate *s)
       if(retry) {
         ended->added = FALSE; /* add it again */
         /* we delay retries in full integer seconds only */
-        ended->startat = delay ? time(NULL) + delay/1000 : 0;
+        ended->startat = delay ? time(NULL) + delay / 1000 : 0;
       }
       else {
         /* result receives this transfer's error unless the transfer was
@@ -2222,7 +2212,6 @@ static CURLcode share_setup(CURLSH *share)
   return result;
 }
 
-
 CURLcode operate(int argc, argv_item_t argv[])
 {
   CURLcode result = CURLE_OK;
diff --git a/src/tool_operhlp.c b/src/tool_operhlp.c
index a8b5e94975..c46f3e3eef 100644
--- a/src/tool_operhlp.c
+++ b/src/tool_operhlp.c
@@ -91,7 +91,7 @@ CURLcode add_file_name_to_url(CURL *curl, char **inurlp, const char *filename)
   if(uh) {
     char *ptr;
     uerr = curl_url_set(uh, CURLUPART_URL, *inurlp,
-                        CURLU_GUESS_SCHEME|CURLU_NON_SUPPORT_SCHEME);
+                        CURLU_GUESS_SCHEME | CURLU_NON_SUPPORT_SCHEME);
     if(uerr) {
       result = urlerr_cvt(uerr);
       goto fail;
diff --git a/src/tool_paramhlp.c b/src/tool_paramhlp.c
index b16fc42906..9faf2e4dde 100644
--- a/src/tool_paramhlp.c
+++ b/src/tool_paramhlp.c
@@ -224,7 +224,7 @@ static ParameterError getnum(long *val, const char *str, int base)
       *val = (long)num;
       if(is_neg)
         *val = -*val;
-      return PARAM_OK;  /* Ok */
+      return PARAM_OK; /* Ok */
     }
   }
   return PARAM_BAD_NUMERIC; /* badness */
@@ -309,7 +309,7 @@ ParameterError secs2ms(long *valp, const char *str)
   const unsigned int digs[] = { 1, 10, 100, 1000, 10000, 100000,
     1000000, 10000000, 100000000 };
   if(!str ||
-     curlx_str_number(&str, &secs, LONG_MAX/1000 - 1))
+     curlx_str_number(&str, &secs, LONG_MAX / 1000 - 1))
     return PARAM_BAD_NUMERIC;
   if(!curlx_str_single(&str, '.')) {
     curl_off_t fracs;
@@ -319,7 +319,7 @@ ParameterError secs2ms(long *valp, const char *str)
       return PARAM_NUMBER_TOO_LARGE;
     /* how many milliseconds are in fracs ? */
     len = (str - s);
-    while((len > CURL_ARRAYSIZE(digs) || (fracs > LONG_MAX/100))) {
+    while((len > CURL_ARRAYSIZE(digs) || (fracs > LONG_MAX / 100))) {
       fracs /= 10;
       len--;
     }
@@ -340,7 +340,7 @@ static size_t protoset_index(const char * const *protoset, const char *proto)
 {
   const char * const *p = protoset;
 
-  DEBUGASSERT(proto == proto_token(proto));     /* Ensure it is tokenized. */
+  DEBUGASSERT(proto == proto_token(proto)); /* Ensure it is tokenized. */
 
   for(; *p; p++)
     if(proto == *p)
@@ -388,7 +388,7 @@ static void protoset_clear(const char **protoset, const char *proto)
  * data.
  */
 
-#define MAX_PROTOSTRING (64*11) /* Enough room for 64 10-chars proto names. */
+#define MAX_PROTOSTRING (64 * 11)  /* Room for 64 10-chars proto names. */
 
 ParameterError proto2num(const char * const *val, char **ostr, const char *str)
 {
@@ -452,8 +452,8 @@ ParameterError proto2num(const char * const *val, char **ostr, const char *str)
         break;
       case allow:
       case set:
-        memcpy((char *) protoset,
-               built_in_protos, (proto_count + 1) * sizeof(*protoset));
+        memcpy((char *)protoset, built_in_protos,
+               (proto_count + 1) * sizeof(*protoset));
         break;
       }
     }
@@ -491,7 +491,7 @@ ParameterError proto2num(const char * const *val, char **ostr, const char *str)
   }
 
   /* We need the protocols in alphabetic order for CI tests requirements. */
-  qsort((char *) protoset, protoset_index(protoset, NULL), sizeof(*protoset),
+  qsort((char *)protoset, protoset_index(protoset, NULL), sizeof(*protoset),
         struplocompare4sort);
 
   for(proto = 0; protoset[proto] && !result; proto++)
@@ -543,7 +543,7 @@ ParameterError str2offset(curl_off_t *val, const char *str)
   return PARAM_OK;
 }
 
-#define MAX_USERPWDLENGTH (100*1024)
+#define MAX_USERPWDLENGTH (100 * 1024)
 static CURLcode checkpasswd(const char *kind, /* for what purpose */
                             const size_t i,   /* operation index */
                             const bool last,  /* TRUE if last operation */
@@ -648,22 +648,21 @@ long delegation(const char *str)
   return CURLGSSAPI_DELEGATION_NONE;
 }
 
-#define isheadersep(x) ((((x)==':') || ((x)==';')))
+#define isheadersep(x) ((((x) == ':') || ((x) == ';')))
 
 /*
  * inlist() returns true if the given 'checkfor' header is present in the
  * header list.
  */
-static bool inlist(const struct curl_slist *head,
-                   const char *checkfor)
+static bool inlist(const struct curl_slist *head, const char *checkfor)
 {
   size_t thislen = strlen(checkfor);
   DEBUGASSERT(thislen);
-  DEBUGASSERT(checkfor[thislen-1] != ':');
+  DEBUGASSERT(checkfor[thislen - 1] != ':');
 
   for(; head; head = head->next) {
     if(curl_strnequal(head->data, checkfor, thislen) &&
-       isheadersep(head->data[thislen]) )
+       isheadersep(head->data[thislen]))
       return TRUE;
   }
 
diff --git a/src/tool_paramhlp.h b/src/tool_paramhlp.h
index a9e8539cf5..f7c743b7e2 100644
--- a/src/tool_paramhlp.h
+++ b/src/tool_paramhlp.h
@@ -31,7 +31,7 @@ struct getout *new_getout(struct OperationConfig *config);
 ParameterError file2string(char **bufp, FILE *file);
 
 #if SIZEOF_SIZE_T > 4
-#define MAX_FILE2MEMORY (16LL*1024*1024*1024)
+#define MAX_FILE2MEMORY (16LL * 1024 * 1024 * 1024)
 #else
 #define MAX_FILE2MEMORY (INT_MAX)
 #endif
diff --git a/src/tool_parsecfg.c b/src/tool_parsecfg.c
index f901e69e78..0466c547c3 100644
--- a/src/tool_parsecfg.c
+++ b/src/tool_parsecfg.c
@@ -33,7 +33,7 @@
 
 /* only acknowledge colon or equals as separators if the option was not
    specified with an initial dash! */
-#define ISSEP(x,dash) (!dash && (((x) == '=') || ((x) == ':')))
+#define ISSEP(x, dash) (!dash && (((x) == '=') || ((x) == ':')))
 
 /*
  * Copies the string from line to the param dynbuf, unquoting backslash-quoted
diff --git a/src/tool_progress.c b/src/tool_progress.c
index f9fbd83574..53ed9bcb3c 100644
--- a/src/tool_progress.c
+++ b/src/tool_progress.c
@@ -44,8 +44,8 @@ static char *max5data(curl_off_t bytes, char *max5)
     if(nbytes < 100) {
       /* display with a decimal */
       curl_msnprintf(max5, 6, "%2" CURL_FORMAT_CURL_OFF_T ".%0"
-                     CURL_FORMAT_CURL_OFF_T "%c", bytes/1024,
-                     (bytes%1024) / (1024/10), unit[k]);
+                     CURL_FORMAT_CURL_OFF_T "%c", bytes / 1024,
+                     (bytes % 1024) / (1024 / 10), unit[k]);
       break;
     }
     else if(nbytes < 10000) {
@@ -143,9 +143,7 @@ static void add_offt(curl_off_t *val, curl_off_t add)
   |DL% UL%  Dled  Uled  Xfers  Live Total     Current  Left    Speed
   |  6 --   9.9G     0     2     2   0:00:40  0:00:02  0:00:37 4087M
 */
-bool progress_meter(CURLM *multi,
-                    struct curltime *start,
-                    bool final)
+bool progress_meter(CURLM *multi, struct curltime *start, bool final)
 {
   static struct curltime stamp;
   static bool header = FALSE;
@@ -169,9 +167,9 @@ bool progress_meter(CURLM *multi,
     char time_total[10];
     char time_spent[10];
     char buffer[3][6];
-    curl_off_t spent = curlx_timediff_ms(now, *start)/1000;
-    char dlpercen[4]="--";
-    char ulpercen[4]="--";
+    curl_off_t spent = curlx_timediff_ms(now, *start) / 1000;
+    char dlpercen[4] = "--";
+    char ulpercen[4] = "--";
     struct per_transfer *per;
     curl_off_t all_dlnow = 0;
     curl_off_t all_ulnow = 0;
@@ -207,15 +205,15 @@ bool progress_meter(CURLM *multi,
     }
     if(dlknown && all_dltotal)
       curl_msnprintf(dlpercen, sizeof(dlpercen), "%3" CURL_FORMAT_CURL_OFF_T,
-                     all_dlnow < (CURL_OFF_T_MAX/100) ?
+                     all_dlnow < (CURL_OFF_T_MAX / 100) ?
                      (all_dlnow * 100 / all_dltotal) :
-                     (all_dlnow / (all_dltotal/100)));
+                     (all_dlnow / (all_dltotal / 100)));
 
     if(ulknown && all_ultotal)
       curl_msnprintf(ulpercen, sizeof(ulpercen), "%3" CURL_FORMAT_CURL_OFF_T,
-                     all_ulnow < (CURL_OFF_T_MAX/100) ?
+                     all_ulnow < (CURL_OFF_T_MAX / 100) ?
                      (all_ulnow * 100 / all_ultotal) :
-                     (all_ulnow / (all_ultotal/100)));
+                     (all_ulnow / (all_ultotal / 100)));
 
     /* get the transfer speed, the higher of the two */
 
@@ -248,8 +246,8 @@ bool progress_meter(CURLM *multi,
       }
       if(!deltams) /* no division by zero please */
         deltams++;
-      dls = (curl_off_t)((double)dl / ((double)deltams/1000.0));
-      uls = (curl_off_t)((double)ul / ((double)deltams/1000.0));
+      dls = (curl_off_t)((double)dl / ((double)deltams / 1000.0));
+      uls = (curl_off_t)((double)ul / ((double)deltams / 1000.0));
       speed = dls > uls ? dls : uls;
     }
 
@@ -291,7 +289,7 @@ bool progress_meter(CURLM *multi,
                   time_spent,
                   time_left,
                   max5data(speed, buffer[2]), /* speed */
-                  final ? "\n" :"");
+                  final ? "\n" : "");
     return TRUE;
   }
   return FALSE;
diff --git a/src/tool_sdecls.h b/src/tool_sdecls.h
index 45b7bd0c20..9a6f3cc882 100644
--- a/src/tool_sdecls.h
+++ b/src/tool_sdecls.h
@@ -109,7 +109,6 @@ typedef enum {
   TRACE_PLAIN  /* -v/--verbose type */
 } trace;
 
-
 /*
  * 'HttpReq' enumeration represents HTTP request types.
  */
@@ -123,7 +122,6 @@ typedef enum {
   TOOL_HTTPREQ_PUT
 } HttpReq;
 
-
 /*
  * Complete struct declarations which have OperationConfig struct members,
  * just in case this header is directly included in some source file.
diff --git a/src/tool_setopt.c b/src/tool_setopt.c
index 97d469d76d..837f66c9c3 100644
--- a/src/tool_setopt.c
+++ b/src/tool_setopt.c
@@ -36,9 +36,9 @@
 /* For bit masks, put combinations first, then single bits, */
 /* and finally any "NONE" value. */
 
-#define NV(e) {#e, e}
-#define NV1(e, v) {#e, (v)}
-#define NVEND {NULL, 0}         /* sentinel to mark end of list */
+#define NV(e)     { #e, e }
+#define NV1(e, v) { #e, (v) }
+#define NVEND     { NULL, 0 }         /* sentinel to mark end of list */
 
 const struct NameValue setopt_nv_CURLPROXY[] = {
   NV(CURLPROXY_HTTP),
@@ -101,7 +101,7 @@ const struct NameValue setopt_nv_CURL_SSLVERSION[] = {
 };
 
 const struct NameValue setopt_nv_CURL_SSLVERSION_MAX[] = {
-  {"", CURL_SSLVERSION_MAX_NONE},
+  { "", CURL_SSLVERSION_MAX_NONE },
   NV(CURL_SSLVERSION_MAX_DEFAULT),
   NV(CURL_SSLVERSION_MAX_TLSv1_0),
   NV(CURL_SSLVERSION_MAX_TLSv1_1),
@@ -174,7 +174,7 @@ static const struct NameValue setopt_nv_CURLNONZERODEFAULTS[] = {
 
 /* Escape string to C string syntax. Return NULL if out of memory. */
 #define MAX_STRING_LENGTH_OUTPUT 2000
-#define ZERO_TERMINATED -1
+#define ZERO_TERMINATED          -1
 
 static char *c_escape(const char *str, curl_off_t len)
 {
@@ -216,7 +216,7 @@ static char *c_escape(const char *str, curl_off_t len)
                                 /* Octal escape to avoid >2 digit hex. */
                                 (len > 1 && ISXDIGIT(s[1])) ?
                                   "\\%03o" : "\\x%02x",
-                                (unsigned int) *(const unsigned char *) s);
+                                (unsigned int)*(const unsigned char *)s);
       }
     }
   }
@@ -337,9 +337,9 @@ CURLcode tool_setopt_bitmask(CURL *curl, const char *name, CURLoption tag,
     curl_msnprintf(preamble, sizeof(preamble),
                    "curl_easy_setopt(hnd, %s, ", name);
     for(nv = nvlist; nv->name; nv++) {
-      if((nv->value & ~ rest) == 0) {
+      if((nv->value & ~rest) == 0) {
         /* all value flags contained in rest */
-        rest &= ~ nv->value;    /* remove bits handled here */
+        rest &= ~nv->value;    /* remove bits handled here */
         ret = easysrc_addf(&easysrc_code, "%s(long)%s%s",
                            preamble, nv->name, rest ? " |" : ");");
         if(!rest || ret)
@@ -425,8 +425,7 @@ static CURLcode libcurl_generate_mime_part(CURL *curl,
                          mimeno, submimeno);
       if(!ret)
         /* Avoid freeing in CLEAN. */
-        ret = easysrc_addf(&easysrc_code,
-                           "mime%d = NULL;", submimeno);
+        ret = easysrc_addf(&easysrc_code, "mime%d = NULL;", submimeno);
     }
     break;
 
diff --git a/src/tool_setopt.h b/src/tool_setopt.h
index 5ca7188841..fcd56382a7 100644
--- a/src/tool_setopt.h
+++ b/src/tool_setopt.h
@@ -62,20 +62,20 @@ extern const struct NameValueUnsigned setopt_nv_CURLAUTH[];
 extern const struct NameValueUnsigned setopt_nv_CURLHSTS[];
 
 /* Map options to NameValue sets */
-#define setopt_nv_CURLOPT_HSTS_CTRL setopt_nv_CURLHSTS
-#define setopt_nv_CURLOPT_HTTP_VERSION setopt_nv_CURL_HTTP_VERSION
-#define setopt_nv_CURLOPT_HTTPAUTH setopt_nv_CURLAUTH
-#define setopt_nv_CURLOPT_SSLVERSION setopt_nv_CURL_SSLVERSION
-#define setopt_nv_CURLOPT_PROXY_SSLVERSION setopt_nv_CURL_SSLVERSION
-#define setopt_nv_CURLOPT_TIMECONDITION setopt_nv_CURL_TIMECOND
-#define setopt_nv_CURLOPT_FTP_SSL_CCC setopt_nv_CURLFTPSSL_CCC
-#define setopt_nv_CURLOPT_USE_SSL setopt_nv_CURLUSESSL
-#define setopt_nv_CURLOPT_SSL_OPTIONS setopt_nv_CURLSSLOPT
+#define setopt_nv_CURLOPT_HSTS_CTRL         setopt_nv_CURLHSTS
+#define setopt_nv_CURLOPT_HTTP_VERSION      setopt_nv_CURL_HTTP_VERSION
+#define setopt_nv_CURLOPT_HTTPAUTH          setopt_nv_CURLAUTH
+#define setopt_nv_CURLOPT_SSLVERSION        setopt_nv_CURL_SSLVERSION
+#define setopt_nv_CURLOPT_PROXY_SSLVERSION  setopt_nv_CURL_SSLVERSION
+#define setopt_nv_CURLOPT_TIMECONDITION     setopt_nv_CURL_TIMECOND
+#define setopt_nv_CURLOPT_FTP_SSL_CCC       setopt_nv_CURLFTPSSL_CCC
+#define setopt_nv_CURLOPT_USE_SSL           setopt_nv_CURLUSESSL
+#define setopt_nv_CURLOPT_SSL_OPTIONS       setopt_nv_CURLSSLOPT
 #define setopt_nv_CURLOPT_PROXY_SSL_OPTIONS setopt_nv_CURLSSLOPT
-#define setopt_nv_CURLOPT_NETRC setopt_nv_CURL_NETRC
-#define setopt_nv_CURLOPT_PROXYTYPE setopt_nv_CURLPROXY
-#define setopt_nv_CURLOPT_PROXYAUTH setopt_nv_CURLAUTH
-#define setopt_nv_CURLOPT_SOCKS5_AUTH setopt_nv_CURLAUTH
+#define setopt_nv_CURLOPT_NETRC             setopt_nv_CURL_NETRC
+#define setopt_nv_CURLOPT_PROXYTYPE         setopt_nv_CURLPROXY
+#define setopt_nv_CURLOPT_PROXYAUTH         setopt_nv_CURLAUTH
+#define setopt_nv_CURLOPT_SOCKS5_AUTH       setopt_nv_CURLAUTH
 
 /* Intercept setopt calls for --libcurl */
 
@@ -103,64 +103,48 @@ CURLcode tool_setopt_str(CURL *curl, struct OperationConfig *config,
                          ...) WARN_UNUSED_RESULT;
 CURLcode tool_setopt_ptr(CURL *curl, const char *name, CURLoption tag, ...);
 
-#define my_setopt_ptr(x,y,z)                    \
-  tool_setopt_ptr(x, #y, y, z)
-
-#define my_setopt_long(x,y,z)                   \
-  tool_setopt_long(x, #y, y, z)
-
-#define my_setopt_offt(x,y,z)                   \
-  tool_setopt_offt(x, #y, y, z)
-
-#define my_setopt_str(x,y,z)                    \
-  tool_setopt_str(x, config, #y, y, z)
+#define my_setopt_long(x, y, z)       tool_setopt_long(x, #y, y, z)
+#define my_setopt_offt(x, y, z)       tool_setopt_offt(x, #y, y, z)
+#define my_setopt_ptr(x, y, z)        tool_setopt_ptr(x, #y, y, z)
+#define my_setopt_str(x, y, z)        tool_setopt_str(x, config, #y, y, z)
+#define my_setopt_mimepost(x, y, z)   tool_setopt_mimepost(x, config, #y, y, z)
+#define my_setopt_slist(x, y, z)      tool_setopt_slist(x, #y, y, z)
+#define my_setopt_SSLVERSION(x, y, z) tool_setopt_SSLVERSION(x, #y, y, z)
+#define my_setopt_enum(x, y, z)       \
+  tool_setopt_enum(x, #y, y, setopt_nv_ ## y, z)
+#define my_setopt_bitmask(x, y, z)    \
+  tool_setopt_bitmask(x, #y, y, setopt_nv_ ## y, z)
 
 /* assumes a 'result' variable to use. If the return code is benign it is left
    in 'result' after this call, otherwise the function returns the error */
-#define MY_SETOPT_STR(x,y,z)                                     \
-  do {                                                           \
-    result = tool_setopt_str(x, config, #y, y, z);               \
-    if(setopt_bad(result))                                       \
-      return result;                                             \
+#define MY_SETOPT_STR(x, y, z)                     \
+  do {                                             \
+    result = tool_setopt_str(x, config, #y, y, z); \
+    if(setopt_bad(result))                         \
+      return result;                               \
   } while(0)
 
-#define my_setopt_enum(x,y,z)                           \
-  tool_setopt_enum(x, #y, y, setopt_nv_ ## y, z)
-
-#define my_setopt_SSLVERSION(x,y,z)             \
-  tool_setopt_SSLVERSION(x, #y, y, z)
-
-#define my_setopt_bitmask(x,y,z)                        \
-  tool_setopt_bitmask(x, #y, y, setopt_nv_ ## y, z)
-
-#define my_setopt_mimepost(x,y,z)               \
-  tool_setopt_mimepost(x, config, #y, y, z)
-
-#define my_setopt_slist(x,y,z)                  \
-  tool_setopt_slist(x, #y, y, z)
-
 #else /* CURL_DISABLE_LIBCURL_OPTION */
 
 /* No --libcurl, so pass options directly to library */
 
-#define my_setopt_long(x,y,z) curl_easy_setopt(x, y, (long)(z))
-#define my_setopt_offt(x,y,z) curl_easy_setopt(x, y, (curl_off_t)(z))
-#define my_setopt_ptr(x,y,z) curl_easy_setopt(x, y, z)
-#define my_setopt_str(x,y,z) curl_easy_setopt(x, y, z)
-#define my_setopt_enum(x,y,z) curl_easy_setopt(x, y, z)
-#define my_setopt_SSLVERSION(x,y,z) curl_easy_setopt(x, y, z)
-#define my_setopt_bitmask(x,y,z) curl_easy_setopt(x, y, (long)z)
-#define my_setopt_mimepost(x,y,z) curl_easy_setopt(x, y, z)
-#define my_setopt_slist(x,y,z) curl_easy_setopt(x, y, z)
+#define my_setopt_long(x, y, z)       curl_easy_setopt(x, y, (long)(z))
+#define my_setopt_offt(x, y, z)       curl_easy_setopt(x, y, (curl_off_t)(z))
+#define my_setopt_ptr(x, y, z)        curl_easy_setopt(x, y, z)
+#define my_setopt_str(x, y, z)        curl_easy_setopt(x, y, z)
+#define my_setopt_mimepost(x, y, z)   curl_easy_setopt(x, y, z)
+#define my_setopt_slist(x, y, z)      curl_easy_setopt(x, y, z)
+#define my_setopt_SSLVERSION(x, y, z) curl_easy_setopt(x, y, z)
+#define my_setopt_enum(x, y, z)       curl_easy_setopt(x, y, z)
+#define my_setopt_bitmask(x, y, z)    curl_easy_setopt(x, y, (long)z)
 
-#define MY_SETOPT_STR(x,y,z)                            \
-  do {                                                  \
-    result = curl_easy_setopt(x, y, z);                 \
-    if(setopt_bad(result))                              \
-      return result;                                    \
+#define MY_SETOPT_STR(x, y, z)          \
+  do {                                  \
+    result = curl_easy_setopt(x, y, z); \
+    if(setopt_bad(result))              \
+      return result;                    \
   } while(0)
 
-
 #endif /* CURL_DISABLE_LIBCURL_OPTION */
 
 #endif /* HEADER_CURL_TOOL_SETOPT_H */
diff --git a/src/tool_setup.h b/src/tool_setup.h
index f693fc1dae..1524e36103 100644
--- a/src/tool_setup.h
+++ b/src/tool_setup.h
@@ -54,7 +54,7 @@ extern FILE *tool_stderr;
  */
 
 #ifdef macintosh
-#  define main(x,y) curl_main(x,y)
+#  define main(x, y) curl_main(x, y)
 #endif
 
 #ifndef CURL_OS
@@ -100,7 +100,7 @@ extern bool tool_term_has_bold;
 int tool_ftruncate64(int fd, curl_off_t where);
 
 #undef  ftruncate
-#define ftruncate(fd,where) tool_ftruncate64(fd,where)
+#define ftruncate(fd, where) tool_ftruncate64(fd, where)
 
 #define HAVE_FTRUNCATE 1
 #define USE_TOOL_FTRUNCATE 1
diff --git a/src/tool_ssls.c b/src/tool_ssls.c
index 7ffd6f7074..6ad5c2475d 100644
--- a/src/tool_ssls.c
+++ b/src/tool_ssls.c
@@ -33,7 +33,6 @@
 /* The maximum line length for an ecoded session ticket */
 #define MAX_SSLS_LINE (64 * 1024)
 
-
 static CURLcode tool_ssls_easy(struct OperationConfig *config,
                                CURLSH *share, CURL **peasy)
 {
@@ -193,8 +192,7 @@ CURLcode tool_ssls_save(struct OperationConfig *config,
   ctx.exported = 0;
   ctx.fp = curlx_fopen(filename, FOPEN_WRITETEXT);
   if(!ctx.fp) {
-    warnf("Warning: Failed to create SSL session file %s",
-          filename);
+    warnf("Warning: Failed to create SSL session file %s", filename);
     goto out;
   }
 
diff --git a/src/tool_urlglob.c b/src/tool_urlglob.c
index bfa54ab827..ad2e2de9d6 100644
--- a/src/tool_urlglob.c
+++ b/src/tool_urlglob.c
@@ -80,7 +80,7 @@ static int multiply(curl_off_t *amount, curl_off_t with)
       return 1;
 #else
     sum = *amount * with;
-    if(sum/with != *amount)
+    if(sum / with != *amount)
       return 1; /* did not fit, bail out */
 #endif
   }
@@ -99,7 +99,7 @@ static CURLcode glob_set(struct URLGlob *glob, const char **patternp,
   bool done = FALSE;
   const char *pattern = *patternp;
   const char *opattern = pattern;
-  size_t opos = *posp-1;
+  size_t opos = *posp - 1;
   CURLcode result = CURLE_OK;
   size_t size = 0;
   char **elem = NULL;
@@ -441,7 +441,7 @@ static CURLcode glob_parse(struct URLGlob *glob, const char *pattern,
       /* only allow \ to escape known "special letters" */
       if(*pattern == '\\' &&
          (pattern[1] == '{' || pattern[1] == '[' ||
-          pattern[1] == '}' || pattern[1] == ']') ) {
+          pattern[1] == '}' || pattern[1] == ']')) {
 
         /* escape character, skip '\' */
         ++pattern;
@@ -463,7 +463,7 @@ static CURLcode glob_parse(struct URLGlob *glob, const char *pattern,
     else {
       if(!*pattern) /* done  */
         break;
-      else if(*pattern =='{') {
+      else if(*pattern == '{') {
         /* process set pattern */
         pattern++;
         pos++;
@@ -500,7 +500,7 @@ CURLcode glob_url(struct URLGlob *glob, char *url, curl_off_t *urlnum,
   CURLcode res;
 
   memset(glob, 0, sizeof(struct URLGlob));
-  curlx_dyn_init(&glob->buf, 1024*1024);
+  curlx_dyn_init(&glob->buf, 1024 * 1024);
   glob->pattern = curlx_malloc(2 * sizeof(struct URLPattern));
   if(!glob->pattern)
     return CURLE_OUT_OF_MEMORY;
@@ -634,7 +634,7 @@ CURLcode glob_next_url(char **globbed, struct URLGlob *glob)
   return CURLE_OK;
 }
 
-#define MAX_OUTPUT_GLOB_LENGTH (1024*1024)
+#define MAX_OUTPUT_GLOB_LENGTH (1024 * 1024)
 
 CURLcode glob_match_url(char **output, const char *filename,
                         struct URLGlob *glob)
diff --git a/src/tool_util.c b/src/tool_util.c
index 43dd096783..96b0715b0a 100644
--- a/src/tool_util.c
+++ b/src/tool_util.c
@@ -75,7 +75,7 @@ int struplocompare(const char *p1, const char *p2)
 /* Indirect version to use as qsort callback. */
 int struplocompare4sort(const void *p1, const void *p2)
 {
-  return struplocompare(* (char * const *) p1, * (char * const *) p2);
+  return struplocompare(*(char * const *)p1, *(char * const *)p2);
 }
 
 #ifdef USE_TOOL_FTRUNCATE
diff --git a/src/tool_version.h b/src/tool_version.h
index 00be7799ea..5db625c317 100644
--- a/src/tool_version.h
+++ b/src/tool_version.h
@@ -25,12 +25,12 @@
  ***************************************************************************/
 #include 
 
-#define CURL_NAME "curl"
-#define CURL_COPYRIGHT LIBCURL_COPYRIGHT
-#define CURL_VERSION LIBCURL_VERSION
+#define CURL_NAME          "curl"
+#define CURL_COPYRIGHT     LIBCURL_COPYRIGHT
+#define CURL_VERSION       LIBCURL_VERSION
 #define CURL_VERSION_MAJOR LIBCURL_VERSION_MAJOR
 #define CURL_VERSION_MINOR LIBCURL_VERSION_MINOR
 #define CURL_VERSION_PATCH LIBCURL_VERSION_PATCH
-#define CURL_ID CURL_NAME " " CURL_VERSION " (" CURL_OS ") "
+#define CURL_ID            CURL_NAME " " CURL_VERSION " (" CURL_OS ") "
 
 #endif /* HEADER_CURL_TOOL_VERSION_H */
diff --git a/src/tool_vms.c b/src/tool_vms.c
index 75aa7d5370..71606f3d66 100644
--- a/src/tool_vms.c
+++ b/src/tool_vms.c
@@ -184,7 +184,6 @@ static void decc_init(void)
       /* Invalid DECC feature name. */
       curl_mprintf(" UNKNOWN DECC FEATURE: %s.\n", decc_feat_array[i].name);
     }
-
   }
 }
 
@@ -196,16 +195,16 @@ static void decc_init(void)
    other attributes. Note that "nopic" is significant only on VAX. */
 #pragma extern_model save
 #pragma extern_model strict_refdef "LIB$INITIALIZ" 2, nopic, nowrt
-const int spare[8] = {0};
+const int spare[8] = { 0 };
 #pragma extern_model strict_refdef "LIB$INITIALIZE" 2, nopic, nowrt
-void (*const x_decc_init)() = decc_init;
+void (* const x_decc_init)() = decc_init;
 #pragma extern_model restore
 
 /* Fake reference to ensure loading the LIB$INITIALIZE PSECT. */
 #pragma extern_model save
 int LIB$INITIALIZE(void);
 #pragma extern_model strict_refdef
-int dmy_lib$initialize = (int) LIB$INITIALIZE;
+int dmy_lib$initialize = (int)LIB$INITIALIZE;
 #pragma extern_model restore
 
 #pragma standard
diff --git a/src/tool_vms.h b/src/tool_vms.h
index 3da816cf67..3519628fc1 100644
--- a/src/tool_vms.h
+++ b/src/tool_vms.h
@@ -40,8 +40,9 @@ void vms_special_exit(int code, int vms_show);
 #undef exit
 #define exit(__code) vms_special_exit((__code), (0))
 
-#define VMS_STS(c,f,e,s) (((c&0xF)<<28)|((f&0xFFF)<<16)|((e&0x1FFF)<3)|(s&7))
-#define VMSSTS_HIDE VMS_STS(1,0,0,0)
+#define VMS_STS(c, f, e, s)                                                \
+  (((c & 0xF) << 28) | ((f & 0xFFF) << 16) | ((e & 0x1FFF) < 3) | (s & 7))
+#define VMSSTS_HIDE VMS_STS(1, 0, 0, 0)
 
 #endif /* __VMS */
 
diff --git a/src/tool_writeout.c b/src/tool_writeout.c
index f846add4e3..358c7b39b3 100644
--- a/src/tool_writeout.c
+++ b/src/tool_writeout.c
@@ -49,12 +49,12 @@ struct httpmap {
 };
 
 static const struct httpmap http_version[] = {
-  { "0",   CURL_HTTP_VERSION_NONE},
-  { "1",   CURL_HTTP_VERSION_1_0},
-  { "1.1", CURL_HTTP_VERSION_1_1},
-  { "2",   CURL_HTTP_VERSION_2},
-  { "3",   CURL_HTTP_VERSION_3},
-  { NULL, 0} /* end of list */
+  { "0",   CURL_HTTP_VERSION_NONE },
+  { "1",   CURL_HTTP_VERSION_1_0 },
+  { "1.1", CURL_HTTP_VERSION_1_1 },
+  { "2",   CURL_HTTP_VERSION_2 },
+  { "3",   CURL_HTTP_VERSION_3 },
+  { NULL, 0 } /* end of list */
 };
 
 /* The designated write function should be the same as the CURLINFO return type
@@ -68,87 +68,90 @@ static const struct httpmap http_version[] = {
    Variable names MUST be in alphabetical order.
    */
 static const struct writeoutvar variables[] = {
-  {"certs", VAR_CERT, CURLINFO_NONE, writeString},
-  {"conn_id", VAR_CONN_ID, CURLINFO_CONN_ID, writeOffset},
-  {"content_type", VAR_CONTENT_TYPE, CURLINFO_CONTENT_TYPE, writeString},
-  {"errormsg", VAR_ERRORMSG, CURLINFO_NONE, writeString},
-  {"exitcode", VAR_EXITCODE, CURLINFO_NONE, writeLong},
-  {"filename_effective", VAR_EFFECTIVE_FILENAME, CURLINFO_NONE, writeString},
-  {"ftp_entry_path", VAR_FTP_ENTRY_PATH, CURLINFO_FTP_ENTRY_PATH, writeString},
-  {"header_json", VAR_HEADER_JSON, CURLINFO_NONE, NULL},
-  {"http_code", VAR_HTTP_CODE, CURLINFO_RESPONSE_CODE, writeLong},
-  {"http_connect", VAR_HTTP_CODE_PROXY, CURLINFO_HTTP_CONNECTCODE, writeLong},
-  {"http_version", VAR_HTTP_VERSION, CURLINFO_HTTP_VERSION, writeString},
-  {"json", VAR_JSON, CURLINFO_NONE, NULL},
-  {"local_ip", VAR_LOCAL_IP, CURLINFO_LOCAL_IP, writeString},
-  {"local_port", VAR_LOCAL_PORT, CURLINFO_LOCAL_PORT, writeLong},
-  {"method", VAR_EFFECTIVE_METHOD, CURLINFO_EFFECTIVE_METHOD, writeString},
-  {"num_certs", VAR_NUM_CERTS, CURLINFO_NONE, writeLong},
-  {"num_connects", VAR_NUM_CONNECTS, CURLINFO_NUM_CONNECTS, writeLong},
-  {"num_headers", VAR_NUM_HEADERS, CURLINFO_NONE, writeLong},
-  {"num_redirects", VAR_REDIRECT_COUNT, CURLINFO_REDIRECT_COUNT, writeLong},
-  {"num_retries", VAR_NUM_RETRY, CURLINFO_NONE, writeLong},
-  {"onerror", VAR_ONERROR, CURLINFO_NONE, NULL},
-  {"proxy_ssl_verify_result", VAR_PROXY_SSL_VERIFY_RESULT,
-   CURLINFO_PROXY_SSL_VERIFYRESULT, writeLong},
-  {"proxy_used", VAR_PROXY_USED, CURLINFO_USED_PROXY, writeLong},
-  {"redirect_url", VAR_REDIRECT_URL, CURLINFO_REDIRECT_URL, writeString},
-  {"referer", VAR_REFERER, CURLINFO_REFERER, writeString},
-  {"remote_ip", VAR_PRIMARY_IP, CURLINFO_PRIMARY_IP, writeString},
-  {"remote_port", VAR_PRIMARY_PORT, CURLINFO_PRIMARY_PORT, writeLong},
-  {"response_code", VAR_HTTP_CODE, CURLINFO_RESPONSE_CODE, writeLong},
-  {"scheme", VAR_SCHEME, CURLINFO_SCHEME, writeString},
-  {"size_download", VAR_SIZE_DOWNLOAD, CURLINFO_SIZE_DOWNLOAD_T, writeOffset},
-  {"size_header", VAR_HEADER_SIZE, CURLINFO_HEADER_SIZE, writeLong},
-  {"size_request", VAR_REQUEST_SIZE, CURLINFO_REQUEST_SIZE, writeLong},
-  {"size_upload", VAR_SIZE_UPLOAD, CURLINFO_SIZE_UPLOAD_T, writeOffset},
-  {"speed_download", VAR_SPEED_DOWNLOAD, CURLINFO_SPEED_DOWNLOAD_T,
-   writeOffset},
-  {"speed_upload", VAR_SPEED_UPLOAD, CURLINFO_SPEED_UPLOAD_T, writeOffset},
-  {"ssl_verify_result", VAR_SSL_VERIFY_RESULT, CURLINFO_SSL_VERIFYRESULT,
-   writeLong},
-  {"stderr", VAR_STDERR, CURLINFO_NONE, NULL},
-  {"stdout", VAR_STDOUT, CURLINFO_NONE, NULL},
-  {"time_appconnect", VAR_APPCONNECT_TIME, CURLINFO_APPCONNECT_TIME_T,
-   writeTime},
-  {"time_connect", VAR_CONNECT_TIME, CURLINFO_CONNECT_TIME_T, writeTime},
-  {"time_namelookup", VAR_NAMELOOKUP_TIME, CURLINFO_NAMELOOKUP_TIME_T,
-   writeTime},
-  {"time_posttransfer", VAR_POSTTRANSFER_TIME, CURLINFO_POSTTRANSFER_TIME_T,
-   writeTime},
-  {"time_pretransfer", VAR_PRETRANSFER_TIME, CURLINFO_PRETRANSFER_TIME_T,
-   writeTime},
-  {"time_queue", VAR_QUEUE_TIME, CURLINFO_QUEUE_TIME_T, writeTime},
-  {"time_redirect", VAR_REDIRECT_TIME, CURLINFO_REDIRECT_TIME_T, writeTime},
-  {"time_starttransfer", VAR_STARTTRANSFER_TIME, CURLINFO_STARTTRANSFER_TIME_T,
-   writeTime},
-  {"time_total", VAR_TOTAL_TIME, CURLINFO_TOTAL_TIME_T, writeTime},
-  {"tls_earlydata", VAR_TLS_EARLYDATA_SENT, CURLINFO_EARLYDATA_SENT_T,
-   writeOffset},
-  {"url", VAR_INPUT_URL, CURLINFO_NONE, writeString},
-  {"url.fragment", VAR_INPUT_URLFRAGMENT, CURLINFO_NONE, writeString},
-  {"url.host", VAR_INPUT_URLHOST, CURLINFO_NONE, writeString},
-  {"url.options", VAR_INPUT_URLOPTIONS, CURLINFO_NONE, writeString},
-  {"url.password", VAR_INPUT_URLPASSWORD, CURLINFO_NONE, writeString},
-  {"url.path", VAR_INPUT_URLPATH, CURLINFO_NONE, writeString},
-  {"url.port", VAR_INPUT_URLPORT, CURLINFO_NONE, writeString},
-  {"url.query", VAR_INPUT_URLQUERY, CURLINFO_NONE, writeString},
-  {"url.scheme", VAR_INPUT_URLSCHEME, CURLINFO_NONE, writeString},
-  {"url.user", VAR_INPUT_URLUSER, CURLINFO_NONE, writeString},
-  {"url.zoneid", VAR_INPUT_URLZONEID, CURLINFO_NONE, writeString},
-  {"url_effective", VAR_EFFECTIVE_URL, CURLINFO_EFFECTIVE_URL, writeString},
-  {"urle.fragment", VAR_INPUT_URLEFRAGMENT, CURLINFO_NONE, writeString},
-  {"urle.host", VAR_INPUT_URLEHOST, CURLINFO_NONE, writeString},
-  {"urle.options", VAR_INPUT_URLEOPTIONS, CURLINFO_NONE, writeString},
-  {"urle.password", VAR_INPUT_URLEPASSWORD, CURLINFO_NONE, writeString},
-  {"urle.path", VAR_INPUT_URLEPATH, CURLINFO_NONE, writeString},
-  {"urle.port", VAR_INPUT_URLEPORT, CURLINFO_NONE, writeString},
-  {"urle.query", VAR_INPUT_URLEQUERY, CURLINFO_NONE, writeString},
-  {"urle.scheme", VAR_INPUT_URLESCHEME, CURLINFO_NONE, writeString},
-  {"urle.user", VAR_INPUT_URLEUSER, CURLINFO_NONE, writeString},
-  {"urle.zoneid", VAR_INPUT_URLEZONEID, CURLINFO_NONE, writeString},
-  {"urlnum", VAR_URLNUM, CURLINFO_NONE, writeOffset},
-  {"xfer_id", VAR_EASY_ID, CURLINFO_XFER_ID, writeOffset}
+  { "certs", VAR_CERT, CURLINFO_NONE, writeString },
+  { "conn_id", VAR_CONN_ID, CURLINFO_CONN_ID, writeOffset },
+  { "content_type", VAR_CONTENT_TYPE, CURLINFO_CONTENT_TYPE, writeString },
+  { "errormsg", VAR_ERRORMSG, CURLINFO_NONE, writeString },
+  { "exitcode", VAR_EXITCODE, CURLINFO_NONE, writeLong },
+  { "filename_effective", VAR_EFFECTIVE_FILENAME, CURLINFO_NONE, writeString },
+  { "ftp_entry_path", VAR_FTP_ENTRY_PATH, CURLINFO_FTP_ENTRY_PATH,
+    writeString },
+  { "header_json", VAR_HEADER_JSON, CURLINFO_NONE, NULL },
+  { "http_code", VAR_HTTP_CODE, CURLINFO_RESPONSE_CODE, writeLong },
+  { "http_connect", VAR_HTTP_CODE_PROXY, CURLINFO_HTTP_CONNECTCODE,
+    writeLong },
+  { "http_version", VAR_HTTP_VERSION, CURLINFO_HTTP_VERSION, writeString },
+  { "json", VAR_JSON, CURLINFO_NONE, NULL },
+  { "local_ip", VAR_LOCAL_IP, CURLINFO_LOCAL_IP, writeString },
+  { "local_port", VAR_LOCAL_PORT, CURLINFO_LOCAL_PORT, writeLong },
+  { "method", VAR_EFFECTIVE_METHOD, CURLINFO_EFFECTIVE_METHOD, writeString },
+  { "num_certs", VAR_NUM_CERTS, CURLINFO_NONE, writeLong },
+  { "num_connects", VAR_NUM_CONNECTS, CURLINFO_NUM_CONNECTS, writeLong },
+  { "num_headers", VAR_NUM_HEADERS, CURLINFO_NONE, writeLong },
+  { "num_redirects", VAR_REDIRECT_COUNT, CURLINFO_REDIRECT_COUNT, writeLong },
+  { "num_retries", VAR_NUM_RETRY, CURLINFO_NONE, writeLong },
+  { "onerror", VAR_ONERROR, CURLINFO_NONE, NULL },
+  { "proxy_ssl_verify_result", VAR_PROXY_SSL_VERIFY_RESULT,
+    CURLINFO_PROXY_SSL_VERIFYRESULT, writeLong },
+  { "proxy_used", VAR_PROXY_USED, CURLINFO_USED_PROXY, writeLong },
+  { "redirect_url", VAR_REDIRECT_URL, CURLINFO_REDIRECT_URL, writeString },
+  { "referer", VAR_REFERER, CURLINFO_REFERER, writeString },
+  { "remote_ip", VAR_PRIMARY_IP, CURLINFO_PRIMARY_IP, writeString },
+  { "remote_port", VAR_PRIMARY_PORT, CURLINFO_PRIMARY_PORT, writeLong },
+  { "response_code", VAR_HTTP_CODE, CURLINFO_RESPONSE_CODE, writeLong },
+  { "scheme", VAR_SCHEME, CURLINFO_SCHEME, writeString },
+  { "size_download", VAR_SIZE_DOWNLOAD, CURLINFO_SIZE_DOWNLOAD_T,
+    writeOffset },
+  { "size_header", VAR_HEADER_SIZE, CURLINFO_HEADER_SIZE, writeLong },
+  { "size_request", VAR_REQUEST_SIZE, CURLINFO_REQUEST_SIZE, writeLong },
+  { "size_upload", VAR_SIZE_UPLOAD, CURLINFO_SIZE_UPLOAD_T, writeOffset },
+  { "speed_download", VAR_SPEED_DOWNLOAD, CURLINFO_SPEED_DOWNLOAD_T,
+    writeOffset },
+  { "speed_upload", VAR_SPEED_UPLOAD, CURLINFO_SPEED_UPLOAD_T, writeOffset },
+  { "ssl_verify_result", VAR_SSL_VERIFY_RESULT, CURLINFO_SSL_VERIFYRESULT,
+    writeLong },
+  { "stderr", VAR_STDERR, CURLINFO_NONE, NULL },
+  { "stdout", VAR_STDOUT, CURLINFO_NONE, NULL },
+  { "time_appconnect", VAR_APPCONNECT_TIME, CURLINFO_APPCONNECT_TIME_T,
+    writeTime },
+  { "time_connect", VAR_CONNECT_TIME, CURLINFO_CONNECT_TIME_T, writeTime },
+  { "time_namelookup", VAR_NAMELOOKUP_TIME, CURLINFO_NAMELOOKUP_TIME_T,
+    writeTime },
+  { "time_posttransfer", VAR_POSTTRANSFER_TIME, CURLINFO_POSTTRANSFER_TIME_T,
+    writeTime },
+  { "time_pretransfer", VAR_PRETRANSFER_TIME, CURLINFO_PRETRANSFER_TIME_T,
+    writeTime },
+  { "time_queue", VAR_QUEUE_TIME, CURLINFO_QUEUE_TIME_T, writeTime },
+  { "time_redirect", VAR_REDIRECT_TIME, CURLINFO_REDIRECT_TIME_T, writeTime },
+  { "time_starttransfer", VAR_STARTTRANSFER_TIME,
+    CURLINFO_STARTTRANSFER_TIME_T, writeTime },
+  { "time_total", VAR_TOTAL_TIME, CURLINFO_TOTAL_TIME_T, writeTime },
+  { "tls_earlydata", VAR_TLS_EARLYDATA_SENT, CURLINFO_EARLYDATA_SENT_T,
+    writeOffset },
+  { "url", VAR_INPUT_URL, CURLINFO_NONE, writeString },
+  { "url.fragment", VAR_INPUT_URLFRAGMENT, CURLINFO_NONE, writeString },
+  { "url.host", VAR_INPUT_URLHOST, CURLINFO_NONE, writeString },
+  { "url.options", VAR_INPUT_URLOPTIONS, CURLINFO_NONE, writeString },
+  { "url.password", VAR_INPUT_URLPASSWORD, CURLINFO_NONE, writeString },
+  { "url.path", VAR_INPUT_URLPATH, CURLINFO_NONE, writeString },
+  { "url.port", VAR_INPUT_URLPORT, CURLINFO_NONE, writeString },
+  { "url.query", VAR_INPUT_URLQUERY, CURLINFO_NONE, writeString },
+  { "url.scheme", VAR_INPUT_URLSCHEME, CURLINFO_NONE, writeString },
+  { "url.user", VAR_INPUT_URLUSER, CURLINFO_NONE, writeString },
+  { "url.zoneid", VAR_INPUT_URLZONEID, CURLINFO_NONE, writeString },
+  { "url_effective", VAR_EFFECTIVE_URL, CURLINFO_EFFECTIVE_URL, writeString },
+  { "urle.fragment", VAR_INPUT_URLEFRAGMENT, CURLINFO_NONE, writeString },
+  { "urle.host", VAR_INPUT_URLEHOST, CURLINFO_NONE, writeString },
+  { "urle.options", VAR_INPUT_URLEOPTIONS, CURLINFO_NONE, writeString },
+  { "urle.password", VAR_INPUT_URLEPASSWORD, CURLINFO_NONE, writeString },
+  { "urle.path", VAR_INPUT_URLEPATH, CURLINFO_NONE, writeString },
+  { "urle.port", VAR_INPUT_URLEPORT, CURLINFO_NONE, writeString },
+  { "urle.query", VAR_INPUT_URLEQUERY, CURLINFO_NONE, writeString },
+  { "urle.scheme", VAR_INPUT_URLESCHEME, CURLINFO_NONE, writeString },
+  { "urle.user", VAR_INPUT_URLEUSER, CURLINFO_NONE, writeString },
+  { "urle.zoneid", VAR_INPUT_URLEZONEID, CURLINFO_NONE, writeString },
+  { "urlnum", VAR_URLNUM, CURLINFO_NONE, writeOffset },
+  { "xfer_id", VAR_EASY_ID, CURLINFO_XFER_ID, writeOffset }
 };
 
 static int writeTime(FILE *stream, const struct writeoutvar *wovar,
@@ -254,7 +257,7 @@ static int urlpart(struct per_transfer *per, writeoutid vid,
       }
     }
     if(!rc && curl_url_set(uh, CURLUPART_URL, url,
-                           CURLU_GUESS_SCHEME|CURLU_NON_SUPPORT_SCHEME))
+                           CURLU_GUESS_SCHEME | CURLU_NON_SUPPORT_SCHEME))
       rc = 2;
 
     if(!rc && curl_url_get(uh, cpart, &part, CURLU_DEFAULT_PORT))
@@ -286,7 +289,7 @@ static int writeString(FILE *stream, const struct writeoutvar *wovar,
   const char *strinfo = NULL;
   const char *freestr = NULL;
   struct dynbuf buf;
-  curlx_dyn_init(&buf, 256*1024);
+  curlx_dyn_init(&buf, 256 * 1024);
 
   DEBUGASSERT(wovar->writefunc == writeString);
 
@@ -337,7 +340,7 @@ static int writeString(FILE *stream, const struct writeoutvar *wovar,
             len = curlx_dyn_len(&buf);
             if(len) {
               char *ptr = curlx_dyn_ptr(&buf);
-              if(ptr[len -1] != '\n') {
+              if(ptr[len - 1] != '\n') {
                 /* add a newline to make things look better */
                 if(curlx_dyn_addn(&buf, "\n", 1)) {
                   error = TRUE;
@@ -527,8 +530,7 @@ static int writeOffset(FILE *stream, const struct writeoutvar *wovar,
   return 1; /* return 1 if anything was written */
 }
 
-static int
-matchvar(const void *m1, const void *m2)
+static int matchvar(const void *m1, const void *m2)
 {
   const struct writeoutvar *v1 = m1;
   const struct writeoutvar *v2 = m2;
diff --git a/src/tool_writeout_json.c b/src/tool_writeout_json.c
index f3175edf95..ee7dda2e9c 100644
--- a/src/tool_writeout_json.c
+++ b/src/tool_writeout_json.c
@@ -143,8 +143,7 @@ void headerJSON(FILE *stream, struct per_transfer *per)
           if(++i >= a)
             break;
           fputc(',', stream);
-          if(curl_easy_header(per->curl, name, i, CURLH_HEADER,
-                              -1, &header))
+          if(curl_easy_header(per->curl, name, i, CURLH_HEADER, -1, &header))
             break;
         } while(1);
         fputc(']', stream);
diff --git a/src/tool_xattr.h b/src/tool_xattr.h
index 31301b3b06..6720ccb2bd 100644
--- a/src/tool_xattr.h
+++ b/src/tool_xattr.h
@@ -29,7 +29,7 @@
 #  include  /* header from libc, not from libattr */
 #  define USE_XATTR
 #elif (defined(__FreeBSD_version) && (__FreeBSD_version > 500000)) || \
-      defined(__MidnightBSD_version)
+  defined(__MidnightBSD_version)
 #  include 
 #  include 
 #  define USE_XATTR
@@ -43,7 +43,7 @@ UNITTEST char *stripcredentials(const char *url);
 #endif
 
 #else
-#define fwrite_xattr(a,b,c) 0
+#define fwrite_xattr(a, b, c) 0
 #endif
 
 #endif /* HEADER_CURL_TOOL_XATTR_H */
diff --git a/src/var.c b/src/var.c
index 08269e1db7..e224bf01d5 100644
--- a/src/var.c
+++ b/src/var.c
@@ -35,7 +35,7 @@
 #include "var.h"
 
 #define MAX_EXPAND_CONTENT 10000000
-#define MAX_VAR_LEN 128 /* max length of a name */
+#define MAX_VAR_LEN        128 /* max length of a name */
 
 /* free everything */
 void varcleanup(void)
@@ -53,8 +53,7 @@ static const struct tool_var *varcontent(const char *name, size_t nlen)
 {
   struct tool_var *list = global->variables;
   while(list) {
-    if((strlen(list->name) == nlen) &&
-       !strncmp(name, list->name, nlen)) {
+    if((strlen(list->name) == nlen) && !strncmp(name, list->name, nlen)) {
       return list;
     }
     list = list->next;
@@ -63,18 +62,18 @@ static const struct tool_var *varcontent(const char *name, size_t nlen)
 }
 
 #define ENDOFFUNC(x) (((x) == '}') || ((x) == ':'))
-#define FUNCMATCH(ptr,name,len)                         \
+#define FUNCMATCH(ptr, name, len)                   \
   (!strncmp(ptr, name, len) && ENDOFFUNC(ptr[len]))
 
-#define FUNC_TRIM "trim"
-#define FUNC_TRIM_LEN (sizeof(FUNC_TRIM) - 1)
-#define FUNC_JSON "json"
-#define FUNC_JSON_LEN (sizeof(FUNC_JSON) - 1)
-#define FUNC_URL "url"
-#define FUNC_URL_LEN (sizeof(FUNC_URL) - 1)
-#define FUNC_B64 "b64"
-#define FUNC_B64_LEN (sizeof(FUNC_B64) - 1)
-#define FUNC_64DEC "64dec" /* base64 decode */
+#define FUNC_TRIM      "trim"
+#define FUNC_TRIM_LEN  (sizeof(FUNC_TRIM) - 1)
+#define FUNC_JSON      "json"
+#define FUNC_JSON_LEN  (sizeof(FUNC_JSON) - 1)
+#define FUNC_URL       "url"
+#define FUNC_URL_LEN   (sizeof(FUNC_URL) - 1)
+#define FUNC_B64       "b64"
+#define FUNC_B64_LEN   (sizeof(FUNC_B64) - 1)
+#define FUNC_64DEC     "64dec" /* base64 decode */
 #define FUNC_64DEC_LEN (sizeof(FUNC_64DEC) - 1)
 
 static ParameterError varfunc(char *c, /* content */
@@ -105,7 +104,7 @@ static ParameterError varfunc(char *c, /* content */
           c++;
           len--;
         }
-        while(len && ISSPACE(c[len-1]))
+        while(len && ISSPACE(c[len - 1]))
           len--;
       }
       /* put it in the output */
@@ -208,8 +207,7 @@ static ParameterError varfunc(char *c, /* content */
   return err;
 }
 
-ParameterError varexpand(const char *line, struct dynbuf *out,
-                         bool *replaced)
+ParameterError varexpand(const char *line, struct dynbuf *out, bool *replaced)
 {
   CURLcode result;
   char *envp;
@@ -274,13 +272,12 @@ ParameterError varexpand(const char *line, struct dynbuf *out,
         name[nlen] = 0;
 
         /* verify that the name looks sensible */
-        for(i = 0; (i < nlen) &&
-              (ISALNUM(name[i]) || (name[i] == '_')); i++);
+        for(i = 0; (i < nlen) && (ISALNUM(name[i]) || (name[i] == '_')); i++)
+          ;
         if(i != nlen) {
           warnf("bad variable name: %s", name);
           /* insert the text as-is since this is not an env variable */
-          result = curlx_dyn_addn(out, envp - prefix,
-                                  clp - envp + prefix + 2);
+          result = curlx_dyn_addn(out, envp - prefix, clp - envp + prefix + 2);
           if(result)
             return PARAM_NO_MEM;
         }
diff --git a/src/var.h b/src/var.h
index 4f1361cf1e..40defea8ac 100644
--- a/src/var.h
+++ b/src/var.h
@@ -34,8 +34,7 @@ struct tool_var {
 };
 
 ParameterError setvariable(const char *input);
-ParameterError varexpand(const char *line, struct dynbuf *out,
-                         bool *replaced);
+ParameterError varexpand(const char *line, struct dynbuf *out, bool *replaced);
 
 /* free everything */
 void varcleanup(void);
diff --git a/tests/test1486.pl b/tests/test1486.pl
index 05006ebc63..79f6a856be 100755
--- a/tests/test1486.pl
+++ b/tests/test1486.pl
@@ -45,7 +45,7 @@ sub getsrcvars {
             if($_ =~ /^}/) {
                 last;
             }
-            if($_ =~ /^  \{\"([^\"]*)/) {
+            if($_ =~ /^  \{ \"([^\"]*)/) {
                 my $var = $1;
                 $insrc{$var} = $srccount++;
             }

From 004f41c186becfd0bae1e5e456ba1842f0db7d9e Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 2 Dec 2025 05:05:36 +0100
Subject: [PATCH 1112/2408] tests: add `%AMP` macro, use it in two tests

To allow replacing `&` characters in `tests/data/test*` files for
XML-compliance.

Also:
- document `%GT`, `%LT`
  Follow-up to de49cc89abc917cb4f273ebea8c6fb584d097de2 #19470

Closes #19824
---
 docs/tests/FILEFORMAT.md | 8 ++++++++
 tests/data/test1524      | 7 +++----
 tests/data/test45        | 7 +++----
 tests/testutil.pm        | 1 +
 4 files changed, 15 insertions(+), 8 deletions(-)

diff --git a/docs/tests/FILEFORMAT.md b/docs/tests/FILEFORMAT.md
index 1f3aa78991..90a249fac2 100644
--- a/docs/tests/FILEFORMAT.md
+++ b/docs/tests/FILEFORMAT.md
@@ -88,6 +88,14 @@ lines:
     %SP  - space
     %TAB - horizontal tab
 
+## Special characters
+
+Macros to help keep data files XML-compliant:
+
+    %AMP - Ampersand: `&`
+    %GT  - Greater-than sign: `>`
+    %LT  - Less-than sign: `<`
+
 ## Insert capped epoch days
 
 Mostly to test capped cookie expire dates: `%days[NUM]` inserts the number of
diff --git a/tests/data/test1524 b/tests/data/test1524
index fcfd9f4c00..8674e7660b 100644
--- a/tests/data/test1524
+++ b/tests/data/test1524
@@ -4,7 +4,6 @@
 HTTP
 HTTP PUT
 followlocation
-notxml
 
 
 #
@@ -12,7 +11,7 @@ notxml
 
 
 HTTP/1.1 303 OK swsclose
-Location: moo.html&testcase=/%TESTNUMBER0002
+Location: moo.html%AMPtestcase=/%TESTNUMBER0002
 Connection: close
 
 
@@ -25,7 +24,7 @@ body
 
 
 HTTP/1.1 303 OK swsclose
-Location: moo.html&testcase=/%TESTNUMBER0002
+Location: moo.html%AMPtestcase=/%TESTNUMBER0002
 Connection: close
 
 HTTP/1.1 200 OK swsclose
@@ -64,7 +63,7 @@ Accept: */*
 Content-Length: 4
 
 moo
-GET /blah/moo.html&testcase=/%TESTNUMBER0002 HTTP/1.1
+GET /blah/moo.html%AMPtestcase=/%TESTNUMBER0002 HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 User-Agent: curl/%VERSION
 Accept: */*
diff --git a/tests/data/test45 b/tests/data/test45
index 3d4df02f13..f9b6dcc6db 100644
--- a/tests/data/test45
+++ b/tests/data/test45
@@ -4,7 +4,6 @@
 HTTP
 HTTP GET
 followlocation
-notxml
 
 
 # Server-side
@@ -13,7 +12,7 @@ notxml
 HTTP/1.1 301 This is a weirdo text message swsclose
 Date: Tue, 09 Nov 2010 14:49:00 GMT
 Server: test-server/fake
-Location: data.cgi?moo=http://&/%TESTNUMBER0002
+Location: data.cgi?moo=http://%AMP/%TESTNUMBER0002
 Connection: close
 
 This server reply is for testing a simple Location: following
@@ -32,7 +31,7 @@ If this is received, the location following worked
 HTTP/1.1 301 This is a weirdo text message swsclose
 Date: Tue, 09 Nov 2010 14:49:00 GMT
 Server: test-server/fake
-Location: data.cgi?moo=http://&/%TESTNUMBER0002
+Location: data.cgi?moo=http://%AMP/%TESTNUMBER0002
 Connection: close
 
 HTTP/1.1 200 Followed here fine swsclose
@@ -66,7 +65,7 @@ Host: %HOSTIP:%HTTPPORT
 User-Agent: curl/%VERSION
 Accept: */*
 
-GET /want/data.cgi?moo=http://&/%TESTNUMBER0002 HTTP/1.1
+GET /want/data.cgi?moo=http://%AMP/%TESTNUMBER0002 HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 User-Agent: curl/%VERSION
 Accept: */*
diff --git a/tests/testutil.pm b/tests/testutil.pm
index 7e2b279f07..4666770f07 100644
--- a/tests/testutil.pm
+++ b/tests/testutil.pm
@@ -158,6 +158,7 @@ sub subbase64 {
     $$thing =~ s/%CR/\r/g;   # carriage return aka \r aka 0x0d
     $$thing =~ s/%LT//g;
+    $$thing =~ s/%AMP/&/g;
 
     # include a file
     $$thing =~ s/%include ([^%]*)%[\n\r]+/includefile($1, 0)/ge;

From 276a4af4741c7ac5f4e24b22458146ebab049dcd Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 3 Dec 2025 17:22:37 +0100
Subject: [PATCH 1113/2408] test787: fix possible typo `&` -> `%` in curl
 option

They are close on the keyboard and don't affect test results.

To make this test XML-compliant.

Ref: #14479
Follow-up to 40c264db617d025ca5053bc0964a185d11101301 #15739
Closes #19826
---
 tests/data/test787 | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/tests/data/test787 b/tests/data/test787
index e95a18d17b..47b2effbde 100644
--- a/tests/data/test787
+++ b/tests/data/test787
@@ -3,7 +3,6 @@
 
 HTTP
 --variable
-notxml
 
 
 
@@ -22,7 +21,7 @@ http
 --variable with a file byte range, bad range
 
 
-http://%HOSTIP:%HTTPPORT/%TESTNUMBER --variable "name[15-14]@&LOGDIR/fooo" --expand-data '{{name}}'
+http://%HOSTIP:%HTTPPORT/%TESTNUMBER --variable "name[15-14]@%LOGDIR/fooo" --expand-data '{{name}}'
 
 
 

From e8a4068e6868424d83a3394da4810c93a43c070a Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Thu, 4 Dec 2025 08:45:55 +0100
Subject: [PATCH 1114/2408] docs: clarify how to do unix domain sockets with
 SOCKS proxy

Ref: #19825
Closes #19829
---
 docs/cmdline-opts/socks4.md          | 6 ++++--
 docs/cmdline-opts/socks4a.md         | 6 ++++--
 docs/cmdline-opts/socks5-hostname.md | 6 ++++--
 docs/cmdline-opts/socks5.md          | 7 +++++--
 docs/libcurl/opts/CURLOPT_PROXY.md   | 5 +++--
 5 files changed, 20 insertions(+), 10 deletions(-)

diff --git a/docs/cmdline-opts/socks4.md b/docs/cmdline-opts/socks4.md
index 8e92d5930c..59ec172b8d 100644
--- a/docs/cmdline-opts/socks4.md
+++ b/docs/cmdline-opts/socks4.md
@@ -7,6 +7,7 @@ Help: SOCKS4 proxy on given host + port
 Added: 7.15.2
 Category: proxy
 Multi: single
+Mutexed: proxy socks4a socks5 socks5-hostname
 See-also:
   - socks4a
   - socks5
@@ -21,8 +22,9 @@ Use the specified SOCKS4 proxy. If the port number is not specified, it is
 assumed at port 1080. Using this socket type makes curl resolve the hostname
 and pass the address on to the proxy.
 
-To specify proxy on a Unix domain socket, use localhost for host, e.g.
-`socks4://localhost/path/to/socket.sock`
+To specify the proxy on a Unix domain socket, use localhost for host and
+append the absolute path to the domain socket. For example:
+`socks4://localhost/path/to/socket.sock` (the scheme may be omitted).
 
 This option overrides any previous use of --proxy, as they are mutually
 exclusive.
diff --git a/docs/cmdline-opts/socks4a.md b/docs/cmdline-opts/socks4a.md
index 04d60b81b6..9e451cf7b0 100644
--- a/docs/cmdline-opts/socks4a.md
+++ b/docs/cmdline-opts/socks4a.md
@@ -7,6 +7,7 @@ Help: SOCKS4a proxy on given host + port
 Added: 7.18.0
 Category: proxy
 Multi: single
+Mutexed: proxy socks4 socks5 socks5-hostname
 See-also:
   - socks4
   - socks5
@@ -20,8 +21,9 @@ Example:
 Use the specified SOCKS4a proxy. If the port number is not specified, it is
 assumed at port 1080. This asks the proxy to resolve the hostname.
 
-To specify proxy on a Unix domain socket, use localhost for host, e.g.
-`socks4a://localhost/path/to/socket.sock`
+To specify the proxy on a Unix domain socket, use localhost for host and
+append the absolute path to the domain socket. For example:
+`socks4a://localhost/path/to/socket.sock` (the scheme may be omitted).
 
 This option overrides any previous use of --proxy, as they are mutually
 exclusive.
diff --git a/docs/cmdline-opts/socks5-hostname.md b/docs/cmdline-opts/socks5-hostname.md
index 0ea2ed739f..b558248a78 100644
--- a/docs/cmdline-opts/socks5-hostname.md
+++ b/docs/cmdline-opts/socks5-hostname.md
@@ -7,6 +7,7 @@ Help: SOCKS5 proxy, pass hostname to proxy
 Added: 7.18.0
 Category: proxy
 Multi: single
+Mutexed: proxy socks4 socks4a socks5
 See-also:
   - socks5
   - socks4a
@@ -19,8 +20,9 @@ Example:
 Use the specified SOCKS5 proxy (and let the proxy resolve the hostname). If
 the port number is not specified, it is assumed at port 1080.
 
-To specify proxy on a Unix domain socket, use localhost for host, e.g.
-`socks5h://localhost/path/to/socket.sock`
+To specify the proxy on a Unix domain socket, use localhost for host and
+append the absolute path to the domain socket. For example:
+`socks5h://localhost/path/to/socket.sock` (the scheme may be omitted).
 
 This option overrides any previous use of --proxy, as they are mutually
 exclusive.
diff --git a/docs/cmdline-opts/socks5.md b/docs/cmdline-opts/socks5.md
index 4ea660d62d..3aa65b33ad 100644
--- a/docs/cmdline-opts/socks5.md
+++ b/docs/cmdline-opts/socks5.md
@@ -10,8 +10,10 @@ Multi: single
 See-also:
   - socks5-hostname
   - socks4a
+Mutexed: proxy socks4 socks4a socks5-hostname
 Example:
   - --socks5 proxy.example:7000 $URL
+  - --socks5 localhost/path/unix-domain $URL
 ---
 
 # `--socks5`
@@ -19,8 +21,9 @@ Example:
 Use the specified SOCKS5 proxy - but resolve the hostname locally. If the
 port number is not specified, it is assumed at port 1080.
 
-To specify proxy on a Unix domain socket, use localhost for host, e.g.
-`socks5://localhost/path/to/socket.sock`
+To specify the proxy on a Unix domain socket, use localhost for host and
+append the absolute path to the domain socket. For example:
+`socks5://localhost/path/to/socket.sock` (the scheme may be omitted).
 
 This option overrides any previous use of --proxy, as they are mutually
 exclusive.
diff --git a/docs/libcurl/opts/CURLOPT_PROXY.md b/docs/libcurl/opts/CURLOPT_PROXY.md
index 310e123e3d..fca07f23f6 100644
--- a/docs/libcurl/opts/CURLOPT_PROXY.md
+++ b/docs/libcurl/opts/CURLOPT_PROXY.md
@@ -89,8 +89,9 @@ proxy. Such tunneling is activated with CURLOPT_HTTPPROXYTUNNEL(3).
 Setting the proxy string to "" (an empty string) explicitly disables the use
 of a proxy, even if there is an environment variable set for it.
 
-Unix domain sockets are supported for socks proxies since 7.84.0. Set
-localhost for the host part. e.g. socks5h://localhost/path/to/socket.sock
+Unix domain sockets are supported for SOCKS proxies. Set `localhost` for the
+host part and append the absolute path to the domain socket. For example:
+`socks5h://localhost/path/to/socket.sock`
 
 When you set a hostname to use, do not assume that there is any particular
 single port number used widely for proxies. Specify it.

From ff2aaed9ba6f186feb57f89fc68546759fdb6dad Mon Sep 17 00:00:00 2001
From: Georg Schulz-Allgaier 
Date: Wed, 3 Dec 2025 22:49:05 +0100
Subject: [PATCH 1115/2408] noproxy: fix ipv6 handling

Closes #19828
---
 lib/noproxy.c         | 34 ++++++----------------
 tests/unit/unit1614.c | 66 +++++++++++++++++++++----------------------
 2 files changed, 42 insertions(+), 58 deletions(-)

diff --git a/lib/noproxy.c b/lib/noproxy.c
index 569466fb62..e0d0877fdc 100644
--- a/lib/noproxy.c
+++ b/lib/noproxy.c
@@ -185,8 +185,6 @@ static bool match_ip(int type, const char *token, size_t tokenlen,
  ****************************************************************/
 bool Curl_check_noproxy(const char *name, const char *no_proxy)
 {
-  char hostip[128];
-
   /*
    * If we do not have a hostname at all, like for example with a FILE
    * transfer, we have nothing to interrogate the noproxy list with.
@@ -202,37 +200,23 @@ bool Curl_check_noproxy(const char *name, const char *no_proxy)
   if(no_proxy && no_proxy[0]) {
     const char *p = no_proxy;
     size_t namelen;
+    char address[16];
     enum nametype type = TYPE_HOST;
     if(!strcmp("*", no_proxy))
       return TRUE;
 
     /* NO_PROXY was specified and it was not just an asterisk */
 
-    if(name[0] == '[') {
-      char *endptr;
-      /* IPv6 numerical address */
-      endptr = strchr(name, ']');
-      if(!endptr)
-        return FALSE;
-      name++;
-      namelen = endptr - name;
-      if(namelen >= sizeof(hostip))
-        return FALSE;
-      memcpy(hostip, name, namelen);
-      hostip[namelen] = 0;
-      name = hostip;
+    /* Check if name is an IP address; if not, assume it being a hostname. */
+    namelen = strlen(name);
+    if(curlx_inet_pton(AF_INET, name, &address) == 1)
+      type = TYPE_IPV4;
+    else if(curlx_inet_pton(AF_INET6, name, &address) == 1)
       type = TYPE_IPV6;
-    }
     else {
-      unsigned int address;
-      namelen = strlen(name);
-      if(curlx_inet_pton(AF_INET, name, &address) == 1)
-        type = TYPE_IPV4;
-      else {
-        /* ignore trailing dots in the hostname */
-        if(name[namelen - 1] == '.')
-          namelen--;
-      }
+      /* ignore trailing dots in the hostname */
+      if(name[namelen - 1] == '.')
+        namelen--;
     }
 
     while(*p) {
diff --git a/tests/unit/unit1614.c b/tests/unit/unit1614.c
index 675133e5ad..7b66af8431 100644
--- a/tests/unit/unit1614.c
+++ b/tests/unit/unit1614.c
@@ -113,39 +113,39 @@ static CURLcode test_unit1614(const char *arg)
     { "192.168.1.1", "foo, bar, 192.168.0.0/24", FALSE},
     { "192.168.1.1", "foo, bar, 192.168.0.0/16", TRUE},
 #ifdef USE_IPV6
-    { "[::1]", "foo, bar, 192.168.0.0/16", FALSE},
-    { "[::1]", "foo, bar, ::1/64", TRUE},
-    { "[::1]", "::1/64", TRUE},
-    { "[::1]", "::1/96", TRUE},
-    { "[::1]", "::1/129", FALSE},
-    { "[::1]", "::1/128", TRUE},
-    { "[::1]", "::1/127", TRUE},
-    { "[::1]", "::1/a127", FALSE},
-    { "[::1]", "::1/127a", FALSE},
-    { "[::1]", "::1/ 127", FALSE},
-    { "[::1]", "::1/127 ", TRUE},
-    { "[::1]", "::1/126", TRUE},
-    { "[::1]", "::1/125", TRUE},
-    { "[::1]", "::1/124", TRUE},
-    { "[::1]", "::1/123", TRUE},
-    { "[::1]", "::1/122", TRUE},
-    { "[2001:db8:8000::1]", "2001:db8::/65", FALSE},
-    { "[2001:db8:8000::1]", "2001:db8::/66", FALSE},
-    { "[2001:db8:8000::1]", "2001:db8::/67", FALSE},
-    { "[2001:db8:8000::1]", "2001:db8::/68", FALSE},
-    { "[2001:db8:8000::1]", "2001:db8::/69", FALSE},
-    { "[2001:db8:8000::1]", "2001:db8::/70", FALSE},
-    { "[2001:db8:8000::1]", "2001:db8::/71", FALSE},
-    { "[2001:db8:8000::1]", "2001:db8::/72", FALSE},
-    { "[2001:db8::1]", "2001:db8::/65", TRUE},
-    { "[2001:db8::1]", "2001:db8::/66", TRUE},
-    { "[2001:db8::1]", "2001:db8::/67", TRUE},
-    { "[2001:db8::1]", "2001:db8::/68", TRUE},
-    { "[2001:db8::1]", "2001:db8::/69", TRUE},
-    { "[2001:db8::1]", "2001:db8::/70", TRUE},
-    { "[2001:db8::1]", "2001:db8::/71", TRUE},
-    { "[2001:db8::1]", "2001:db8::/72", TRUE},
-    { "[::1]", "::1/129", FALSE},
+    { "::1", "foo, bar, 192.168.0.0/16", FALSE},
+    { "::1", "foo, bar, ::1/64", TRUE},
+    { "::1", "::1/64", TRUE},
+    { "::1", "::1/96", TRUE},
+    { "::1", "::1/129", FALSE},
+    { "::1", "::1/128", TRUE},
+    { "::1", "::1/127", TRUE},
+    { "::1", "::1/a127", FALSE},
+    { "::1", "::1/127a", FALSE},
+    { "::1", "::1/ 127", FALSE},
+    { "::1", "::1/127 ", TRUE},
+    { "::1", "::1/126", TRUE},
+    { "::1", "::1/125", TRUE},
+    { "::1", "::1/124", TRUE},
+    { "::1", "::1/123", TRUE},
+    { "::1", "::1/122", TRUE},
+    { "2001:db8:8000::1", "2001:db8::/65", FALSE},
+    { "2001:db8:8000::1", "2001:db8::/66", FALSE},
+    { "2001:db8:8000::1", "2001:db8::/67", FALSE},
+    { "2001:db8:8000::1", "2001:db8::/68", FALSE},
+    { "2001:db8:8000::1", "2001:db8::/69", FALSE},
+    { "2001:db8:8000::1", "2001:db8::/70", FALSE},
+    { "2001:db8:8000::1", "2001:db8::/71", FALSE},
+    { "2001:db8:8000::1", "2001:db8::/72", FALSE},
+    { "2001:db8::1", "2001:db8::/65", TRUE},
+    { "2001:db8::1", "2001:db8::/66", TRUE},
+    { "2001:db8::1", "2001:db8::/67", TRUE},
+    { "2001:db8::1", "2001:db8::/68", TRUE},
+    { "2001:db8::1", "2001:db8::/69", TRUE},
+    { "2001:db8::1", "2001:db8::/70", TRUE},
+    { "2001:db8::1", "2001:db8::/71", TRUE},
+    { "2001:db8::1", "2001:db8::/72", TRUE},
+    { "::1", "::1/129", FALSE},
     { "bar", "foo, bar, ::1/64", TRUE},
     { "BAr", "foo, bar, ::1/64", TRUE},
     { "BAr", "foo,,,,,              bar, ::1/64", TRUE},

From 472bc9032374f98f48f7a2df6c644cff91fe142c Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 3 Dec 2025 04:42:02 +0100
Subject: [PATCH 1116/2408] runtests: make memanalyzer a Perl module (for
 1.1-2x speed-up per test run)

Patch #19786 removed an exception, which caused many more CI jobs to run
`memanalyze.pl`. It resulted in a 10-30% (Linux), 15% (macOS), 100% (2x,
on Windows) slowdown of runtest steps. It also made some jobs exceed
their time limits and fail (seen with the Windows ARM64 job.)

Turns out the overhead was caused by calling `memanalyze.pl` as
an external process (twice per test), which in turn had to load a full
Perl stack from scratch each time.

Fix by converting memanalyze to a Perl modul, loaded as part of
`runtests.pl`, which eliminated the overhead completely.

It also sped up existing jobs where memanalyze was run for a long time,
e.g. two c-ares Windows jobs, saving 4.5m per CI run.

Supersedes #19819
Bug: https://github.com/curl/curl/pull/19786#issuecomment-3598679397
Follow-up to fb7033d7600dfb59de06e7af8a0d6ab2a4163578 #19786
Closes #19821
---
 tests/Makefile.am    |   1 +
 tests/memanalyze.pl  | 431 +---------------------------------------
 tests/memanalyzer.pm | 459 +++++++++++++++++++++++++++++++++++++++++++
 tests/runtests.pl    |   5 +-
 4 files changed, 472 insertions(+), 424 deletions(-)
 create mode 100644 tests/memanalyzer.pm

diff --git a/tests/Makefile.am b/tests/Makefile.am
index 0371159d68..6c48328ae1 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -61,6 +61,7 @@ EXTRA_DIST =        \
  http2-server.pl    \
  http3-server.pl    \
  memanalyze.pl      \
+ memanalyzer.pm     \
  negtelnetserver.py \
  nghttpx.conf       \
  pathhelp.pm        \
diff --git a/tests/memanalyze.pl b/tests/memanalyze.pl
index 2b38e5e8a4..e30b263c41 100755
--- a/tests/memanalyze.pl
+++ b/tests/memanalyze.pl
@@ -22,27 +22,15 @@
 # SPDX-License-Identifier: curl
 #
 ###########################################################################
-#
-# Example input:
-#
-# MEM mprintf.c:1094 malloc(32) = e5718
-# MEM mprintf.c:1103 realloc(e5718, 64) = e6118
-# MEM sendf.c:232 free(f6520)
 
 use strict;
 use warnings;
 
-my $mallocs=0;
-my $callocs=0;
-my $reallocs=0;
-my $strdups=0;
-my $wcsdups=0;
-my $showlimit=0;
-my $sends=0;
-my $recvs=0;
-my $sockets=0;
-my $verbose=0;
-my $trace=0;
+use memanalyzer;
+
+my $showlimit = 0;
+my $verbose = 0;
+my $trace = 0;
 
 while(@ARGV) {
     if($ARGV[0] eq "-v") {
@@ -63,411 +51,10 @@ while(@ARGV) {
     }
 }
 
-my $memsum = 0; # the total number of memory allocated over the lifetime
-my $maxmem = 0; # the high water mark
-
-sub newtotal {
-    my ($newtot)=@_;
-    # count a max here
-
-    if($newtot > $maxmem) {
-        $maxmem = $newtot;
-    }
-}
-
 my $file = $ARGV[0] || '';
 
-if(! -f $file) {
-    print "Usage: memanalyze.pl [options] \n",
-    "Options:\n",
-    " -l  memlimit failure displayed\n",
-    " -v  Verbose\n",
-    " -t  Trace\n";
-    exit;
-}
-
-open(my $fileh, "<", "$file");
-
-if($showlimit) {
-    while(<$fileh>) {
-        if(/^LIMIT.*memlimit$/) {
-            print $_;
-            last;
-        }
-    }
-    close($fileh);
-    exit;
-}
-
-my %sizeataddr;
-my %getmem;
-
-my $totalmem = 0;
-my $frees = 0;
-
-my $dup;
-my $size;
-my $addr;
-
-my %filedes;
-my %getfile;
-
-my %fopen;
-my %fopenfile;
-my $openfile = 0;
-my $fopens = 0;
-
-my %addrinfo;
-my %addrinfofile;
-my $addrinfos = 0;
-
-my $source;
-my $linenum;
-my $function;
-
-my $lnum = 0;
-while(<$fileh>) {
-    chomp $_;
-    my $line = $_;
-    $lnum++;
-    if($line =~ /^BT/) {
-        # back-trace, ignore
-    }
-    elsif($line =~ /^LIMIT ([^ ]*):(\d*) (.*)/) {
-        # new memory limit test prefix
-        my $i = $3;
-        my ($source, $linenum) = ($1, $2);
-        if($trace && ($i =~ /([^ ]*) reached memlimit/)) {
-            print "LIMIT: $1 returned error at $source:$linenum\n";
-        }
-    }
-    elsif($line =~ /^MEM ([^ ]*):(\d*) (.*)/) {
-        # generic match for the filename+linenumber
-        $source = $1;
-        $linenum = $2;
-        $function = $3;
-
-        if($function =~ /free\((\(nil\)|0x([0-9a-f]*))/) {
-            $addr = $2;
-            if($1 eq "(nil)") {
-                ; # do nothing when free(NULL)
-            }
-            elsif(!exists $sizeataddr{$addr}) {
-                print "FREE ERROR: No memory allocated: $line\n";
-            }
-            elsif(-1 == $sizeataddr{$addr}) {
-                print "FREE ERROR: Memory freed twice: $line\n";
-                print "FREE ERROR: Previously freed at: ".$getmem{$addr}."\n";
-            }
-            else {
-                $totalmem -= $sizeataddr{$addr};
-                if($trace) {
-                    print "FREE: malloc at ".$getmem{$addr}." is freed again at $source:$linenum\n";
-                    printf("FREE: %d bytes freed, left allocated: $totalmem bytes\n", $sizeataddr{$addr});
-                }
-
-                newtotal($totalmem);
-                $frees++;
-
-                $sizeataddr{$addr}=-1; # set -1 to mark as freed
-                $getmem{$addr}="$source:$linenum";
-
-            }
-        }
-        elsif($function =~ /malloc\((\d*)\) = 0x([0-9a-f]*)/) {
-            $size = $1;
-            $addr = $2;
-
-            if($sizeataddr{$addr} && $sizeataddr{$addr}>0) {
-                # this means weeeeeirdo
-                print "Mixed debug compile ($source:$linenum at line $lnum), rebuild curl now\n";
-                print "We think $sizeataddr{$addr} bytes are already allocated at that memory address: $addr!\n";
-            }
-
-            $sizeataddr{$addr} = $size;
-            $totalmem += $size;
-            $memsum += $size;
-
-            if($trace) {
-                print "MALLOC: malloc($size) at $source:$linenum",
-                " makes totally $totalmem bytes\n";
-            }
-
-            newtotal($totalmem);
-            $mallocs++;
-
-            $getmem{$addr}="$source:$linenum";
-        }
-        elsif($function =~ /calloc\((\d*),(\d*)\) = 0x([0-9a-f]*)/) {
-            $size = $1*$2;
-            $addr = $3;
-
-            my $arg1 = $1;
-            my $arg2 = $2;
-
-            if($sizeataddr{$addr} && $sizeataddr{$addr}>0) {
-                # this means weeeeeirdo
-                print "Mixed debug compile, rebuild curl now\n";
-            }
-
-            $sizeataddr{$addr}=$size;
-            $totalmem += $size;
-            $memsum += $size;
-
-            if($trace) {
-                print "CALLOC: calloc($arg1,$arg2) at $source:$linenum",
-                " makes totally $totalmem bytes\n";
-            }
-
-            newtotal($totalmem);
-            $callocs++;
-
-            $getmem{$addr}="$source:$linenum";
-        }
-        elsif($function =~ /realloc\((\(nil\)|0x([0-9a-f]*)), (\d*)\) = 0x([0-9a-f]*)/) {
-            my ($oldaddr, $newsize, $newaddr) = ($2, $3, $4);
-
-            if($oldaddr) {
-                my $oldsize = $sizeataddr{$oldaddr} ? $sizeataddr{$oldaddr} : 0;
-
-                $totalmem -= $oldsize;
-                if($trace) {
-                    printf("REALLOC: %d less bytes and ", $oldsize);
-                }
-                $sizeataddr{$oldaddr}=0;
-
-                $getmem{$oldaddr}="";
-            }
-
-            $totalmem += $newsize;
-            $memsum += $newsize;
-            $sizeataddr{$newaddr}=$newsize;
-
-            if($trace) {
-                printf("%d more bytes ($source:$linenum)\n", $newsize);
-            }
-
-            newtotal($totalmem);
-            $reallocs++;
-
-            $getmem{$newaddr}="$source:$linenum";
-        }
-        elsif($function =~ /strdup\(0x([0-9a-f]*)\) \((\d*)\) = 0x([0-9a-f]*)/) {
-            # strdup(a5b50) (8) = df7c0
-
-            $dup = $1;
-            $size = $2;
-            $addr = $3;
-            $getmem{$addr}="$source:$linenum";
-            $sizeataddr{$addr}=$size;
-
-            $totalmem += $size;
-            $memsum += $size;
-
-            if($trace) {
-                printf("STRDUP: $size bytes at %s, makes totally: %d bytes\n",
-                       $getmem{$addr}, $totalmem);
-            }
-
-            newtotal($totalmem);
-            $strdups++;
-        }
-        elsif($function =~ /wcsdup\(0x([0-9a-f]*)\) \((\d*)\) = 0x([0-9a-f]*)/) {
-            # wcsdup(a5b50) (8) = df7c0
-
-            $dup = $1;
-            $size = $2;
-            $addr = $3;
-            $getmem{$addr}="$source:$linenum";
-            $sizeataddr{$addr}=$size;
-
-            $totalmem += $size;
-            $memsum += $size;
-
-            if($trace) {
-                printf("WCSDUP: $size bytes at %s, makes totally: %d bytes\n",
-                       $getmem{$addr}, $totalmem);
-            }
-
-            newtotal($totalmem);
-            $wcsdups++;
-        }
-        else {
-            print "Not recognized input line: $function\n";
-        }
-    }
-    # FD url.c:1282 socket() = 5
-    elsif($_ =~ /^FD ([^ ]*):(\d*) (.*)/) {
-        # generic match for the filename+linenumber
-        $source = $1;
-        $linenum = $2;
-        $function = $3;
-
-        if($function =~ /socket\(\) = (\d*)/) {
-            $filedes{$1}=1;
-            $getfile{$1}="$source:$linenum";
-            $openfile++;
-            $sockets++; # number of socket() calls
-        }
-        elsif($function =~ /socketpair\(\) = (\d*) (\d*)/) {
-            $filedes{$1}=1;
-            $getfile{$1}="$source:$linenum";
-            $openfile++;
-            $filedes{$2}=1;
-            $getfile{$2}="$source:$linenum";
-            $openfile++;
-        }
-        elsif($function =~ /accept\(\) = (\d*)/) {
-            $filedes{$1}=1;
-            $getfile{$1}="$source:$linenum";
-            $openfile++;
-        }
-        elsif($function =~ /sclose\((\d*)\)/) {
-            if($filedes{$1} != 1) {
-                print "Close without open: $line\n";
-            }
-            else {
-                $filedes{$1}=0; # closed now
-                $openfile--;
-            }
-        }
-    }
-    # FILE url.c:1282 fopen("blabla") = 0x5ddd
-    elsif($_ =~ /^FILE ([^ ]*):(\d*) (.*)/) {
-        # generic match for the filename+linenumber
-        $source = $1;
-        $linenum = $2;
-        $function = $3;
-
-        if($function =~ /f[d]*open\(\"(.*)\",\"([^\"]*)\"\) = (\(nil\)|0x([0-9a-f]*))/) {
-            if($3 eq "(nil)") {
-                ;
-            }
-            else {
-                $fopen{$4}=1;
-                $fopenfile{$4}="$source:$linenum";
-                $fopens++;
-            }
-        }
-        # fclose(0x1026c8)
-        elsif($function =~ /fclose\(0x([0-9a-f]*)\)/) {
-            if(!$fopen{$1}) {
-                print "fclose() without fopen(): $line\n";
-            }
-            else {
-                $fopen{$1}=0;
-                $fopens--;
-            }
-        }
-    }
-    # GETNAME url.c:1901 getnameinfo()
-    elsif($_ =~ /^GETNAME ([^ ]*):(\d*) (.*)/) {
-        # not much to do
-    }
-    # SEND url.c:1901 send(83) = 83
-    elsif($_ =~ /^SEND ([^ ]*):(\d*) (.*)/) {
-        $sends++;
-    }
-    # RECV url.c:1901 recv(102400) = 256
-    elsif($_ =~ /^RECV ([^ ]*):(\d*) (.*)/) {
-        $recvs++;
-    }
-
-    # ADDR url.c:1282 getaddrinfo() = 0x5ddd
-    elsif($_ =~ /^ADDR ([^ ]*):(\d*) (.*)/) {
-        # generic match for the filename+linenumber
-        $source = $1;
-        $linenum = $2;
-        $function = $3;
-
-        if($function =~ /getaddrinfo\(\) = (\(nil\)|0x([0-9a-f]*))/) {
-            my $add = $1;
-            if($add eq "(nil)") {
-                ;
-            }
-            else {
-                $addrinfo{$add}=1;
-                $addrinfofile{$add}="$source:$linenum";
-                $addrinfos++;
-            }
-            if($trace) {
-                printf("GETADDRINFO ($source:$linenum)\n");
-            }
-        }
-        # fclose(0x1026c8)
-        elsif($function =~ /freeaddrinfo\((0x[0-9a-f]*)\)/) {
-            my $addr = $1;
-            if(!$addrinfo{$addr}) {
-                print "freeaddrinfo() without getaddrinfo(): $line\n";
-            }
-            else {
-                $addrinfo{$addr}=0;
-                $addrinfos--;
-            }
-            if($trace) {
-                printf("FREEADDRINFO ($source:$linenum)\n");
-            }
-        }
-
-    }
-    else {
-        print "Not recognized prefix line: $line\n";
-    }
-}
-close($fileh);
-
-if($totalmem) {
-    print "Leak detected: memory still allocated: $totalmem bytes\n";
-
-    for(keys %sizeataddr) {
-        $addr = $_;
-        $size = $sizeataddr{$addr};
-        if($size > 0) {
-            print "At $addr, there is $size bytes.\n";
-            print " allocated by ".$getmem{$addr}."\n";
-        }
-    }
-}
-
-if($openfile) {
-    for(keys %filedes) {
-        if($filedes{$_} == 1) {
-            print "Open file descriptor created at ".$getfile{$_}."\n";
-        }
-    }
-}
-
-if($fopens) {
-    print "Open FILE handles left at:\n";
-    for(keys %fopen) {
-        if($fopen{$_} == 1) {
-            print "fopen() called at ".$fopenfile{$_}."\n";
-        }
-    }
-}
-
-if($addrinfos) {
-    print "IPv6-style name resolve data left at:\n";
-    for(keys %addrinfofile) {
-        if($addrinfo{$_} == 1) {
-            print "getaddrinfo() called at ".$addrinfofile{$_}."\n";
-        }
-    }
-}
-
-if($verbose) {
-    print "Mallocs: $mallocs\n",
-        "Reallocs: $reallocs\n",
-        "Callocs: $callocs\n",
-        "Strdups:  $strdups\n",
-        "Wcsdups:  $wcsdups\n",
-        "Frees: $frees\n",
-        "Sends: $sends\n",
-        "Recvs: $recvs\n",
-        "Sockets: $sockets\n",
-        "Allocations: ".($mallocs + $callocs + $reallocs + $strdups + $wcsdups)."\n",
-        "Operations: ".($mallocs + $callocs + $reallocs + $strdups + $wcsdups + $sends + $recvs + $sockets)."\n";
-
-    print "Maximum allocated: $maxmem\n";
-    print "Total allocated: $memsum\n";
+my @res = memanalyze($file, $verbose, $trace, $showlimit);
+
+for (@res) {
+    print $_;
 }
diff --git a/tests/memanalyzer.pm b/tests/memanalyzer.pm
new file mode 100644
index 0000000000..7dbdf7b94a
--- /dev/null
+++ b/tests/memanalyzer.pm
@@ -0,0 +1,459 @@
+#!/usr/bin/env perl
+#***************************************************************************
+#                                  _   _ ____  _
+#  Project                     ___| | | |  _ \| |
+#                             / __| | | | |_) | |
+#                            | (__| |_| |  _ <| |___
+#                             \___|\___/|_| \_\_____|
+#
+# Copyright (C) Daniel Stenberg, , et al.
+#
+# This software is licensed as described in the file COPYING, which
+# you should have received as part of this distribution. The terms
+# are also available at https://curl.se/docs/copyright.html.
+#
+# You may opt to use, copy, modify, merge, publish, distribute and/or sell
+# copies of the Software, and permit persons to whom the Software is
+# furnished to do so, under the terms of the COPYING file.
+#
+# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+# KIND, either express or implied.
+#
+# SPDX-License-Identifier: curl
+#
+###########################################################################
+#
+# Example input:
+#
+# MEM mprintf.c:1094 malloc(32) = e5718
+# MEM mprintf.c:1103 realloc(e5718, 64) = e6118
+# MEM sendf.c:232 free(f6520)
+
+package memanalyzer;
+
+use strict;
+use warnings;
+
+BEGIN {
+    use base qw(Exporter);
+
+    our @EXPORT = qw(
+        memanalyze
+    );
+}
+
+my $memsum;
+my $maxmem;
+
+sub newtotal {
+    my ($newtot)=@_;
+    # count a max here
+
+    if($newtot > $maxmem) {
+        $maxmem = $newtot;
+    }
+}
+
+sub memanalyze {
+    my ($file, $verbose, $trace, $showlimit) = @_;
+    my @res;
+
+    my $mallocs = 0;
+    my $callocs = 0;
+    my $reallocs = 0;
+    my $strdups = 0;
+    my $wcsdups = 0;
+    my $sends = 0;
+    my $recvs = 0;
+    my $sockets = 0;
+
+    $memsum = 0; # the total number of memory allocated over the lifetime
+    $maxmem = 0; # the high water mark
+
+    open(my $fileh, "<", "$file") or return ();
+
+    if($showlimit) {
+        while(<$fileh>) {
+            if(/^LIMIT.*memlimit$/) {
+                push @res, $_;
+                last;
+            }
+        }
+        close($fileh);
+        return @res;
+    }
+
+    my %sizeataddr;
+    my %getmem;
+
+    my $totalmem = 0;
+    my $frees = 0;
+
+    my $dup;
+    my $size;
+    my $addr;
+
+    my %filedes;
+    my %getfile;
+
+    my %fopen;
+    my %fopenfile;
+    my $openfile = 0;
+    my $fopens = 0;
+
+    my %addrinfo;
+    my %addrinfofile;
+    my $addrinfos = 0;
+
+    my $source;
+    my $linenum;
+    my $function;
+
+    my $lnum = 0;
+
+    while(<$fileh>) {
+        chomp $_;
+        my $line = $_;
+        $lnum++;
+        if($line =~ /^BT/) {
+            # back-trace, ignore
+        }
+        elsif($line =~ /^LIMIT ([^ ]*):(\d*) (.*)/) {
+            # new memory limit test prefix
+            my $i = $3;
+            my ($source, $linenum) = ($1, $2);
+            if($trace && ($i =~ /([^ ]*) reached memlimit/)) {
+                push @res, "LIMIT: $1 returned error at $source:$linenum\n";
+            }
+        }
+        elsif($line =~ /^MEM ([^ ]*):(\d*) (.*)/) {
+            # generic match for the filename+linenumber
+            $source = $1;
+            $linenum = $2;
+            $function = $3;
+
+            if($function =~ /free\((\(nil\)|0x([0-9a-f]*))/) {
+                $addr = $2;
+                if($1 eq "(nil)") {
+                    ; # do nothing when free(NULL)
+                }
+                elsif(!exists $sizeataddr{$addr}) {
+                    push @res, "FREE ERROR: No memory allocated: $line\n";
+                }
+                elsif(-1 == $sizeataddr{$addr}) {
+                    push @res, "FREE ERROR: Memory freed twice: $line\n";
+                    push @res, "FREE ERROR: Previously freed at: $getmem{$addr}\n";
+                }
+                else {
+                    $totalmem -= $sizeataddr{$addr};
+                    if($trace) {
+                        push @res, "FREE: malloc at $getmem{$addr} is freed again at $source:$linenum\n";
+                        push @res, "FREE: $sizeataddr{$addr} bytes freed, left allocated: $totalmem bytes\n";
+                    }
+
+                    newtotal($totalmem);
+                    $frees++;
+
+                    $sizeataddr{$addr}=-1; # set -1 to mark as freed
+                    $getmem{$addr}="$source:$linenum";
+
+                }
+            }
+            elsif($function =~ /malloc\((\d*)\) = 0x([0-9a-f]*)/) {
+                $size = $1;
+                $addr = $2;
+
+                if($sizeataddr{$addr} && $sizeataddr{$addr}>0) {
+                    # this means weeeeeirdo
+                    push @res, "Mixed debug compile ($source:$linenum at line $lnum), rebuild curl now\n";
+                    push @res, "We think $sizeataddr{$addr} bytes are already allocated at that memory address: $addr!\n";
+                }
+
+                $sizeataddr{$addr} = $size;
+                $totalmem += $size;
+                $memsum += $size;
+
+                if($trace) {
+                    push @res, "MALLOC: malloc($size) at $source:$linenum makes totally $totalmem bytes\n";
+                }
+
+                newtotal($totalmem);
+                $mallocs++;
+
+                $getmem{$addr}="$source:$linenum";
+            }
+            elsif($function =~ /calloc\((\d*),(\d*)\) = 0x([0-9a-f]*)/) {
+                $size = $1 * $2;
+                $addr = $3;
+
+                my $arg1 = $1;
+                my $arg2 = $2;
+
+                if($sizeataddr{$addr} && $sizeataddr{$addr}>0) {
+                    # this means weeeeeirdo
+                    push @res, "Mixed debug compile, rebuild curl now\n";
+                }
+
+                $sizeataddr{$addr} = $size;
+                $totalmem += $size;
+                $memsum += $size;
+
+                if($trace) {
+                    push @res, "CALLOC: calloc($arg1,$arg2) at $source:$linenum makes totally $totalmem bytes\n";
+                }
+
+                newtotal($totalmem);
+                $callocs++;
+
+                $getmem{$addr}="$source:$linenum";
+            }
+            elsif($function =~ /realloc\((\(nil\)|0x([0-9a-f]*)), (\d*)\) = 0x([0-9a-f]*)/) {
+                my ($oldaddr, $newsize, $newaddr) = ($2, $3, $4);
+                my $oldsize = '-';
+
+                if($oldaddr) {
+                    $oldsize = $sizeataddr{$oldaddr} ? $sizeataddr{$oldaddr} : 0;
+
+                    $totalmem -= $oldsize;
+                    if($trace) {
+                    }
+                    $sizeataddr{$oldaddr} = 0;
+
+                    $getmem{$oldaddr} = "";
+                }
+
+                $totalmem += $newsize;
+                $memsum += $newsize;
+                $sizeataddr{$newaddr} = $newsize;
+
+                if($trace) {
+                    push @res, "REALLOC: $oldsize less bytes and $newsize more bytes ($source:$linenum)\n";
+                }
+
+                newtotal($totalmem);
+                $reallocs++;
+
+                $getmem{$newaddr}="$source:$linenum";
+            }
+            elsif($function =~ /strdup\(0x([0-9a-f]*)\) \((\d*)\) = 0x([0-9a-f]*)/) {
+                # strdup(a5b50) (8) = df7c0
+
+                $dup = $1;
+                $size = $2;
+                $addr = $3;
+                $getmem{$addr} = "$source:$linenum";
+                $sizeataddr{$addr} = $size;
+
+                $totalmem += $size;
+                $memsum += $size;
+
+                if($trace) {
+                    push @res, "STRDUP: $size bytes at $getmem{$addr}, makes totally: $totalmem bytes\n";
+                }
+
+                newtotal($totalmem);
+                $strdups++;
+            }
+            elsif($function =~ /wcsdup\(0x([0-9a-f]*)\) \((\d*)\) = 0x([0-9a-f]*)/) {
+                # wcsdup(a5b50) (8) = df7c0
+
+                $dup = $1;
+                $size = $2;
+                $addr = $3;
+                $getmem{$addr}="$source:$linenum";
+                $sizeataddr{$addr}=$size;
+
+                $totalmem += $size;
+                $memsum += $size;
+
+                if($trace) {
+                    push @res, "WCSDUP: $size bytes at $getmem{$addr}, makes totally: $totalmem bytes\n";
+                }
+
+                newtotal($totalmem);
+                $wcsdups++;
+            }
+            else {
+                push @res, "Not recognized input line: $function\n";
+            }
+        }
+        # FD url.c:1282 socket() = 5
+        elsif($_ =~ /^FD ([^ ]*):(\d*) (.*)/) {
+            # generic match for the filename+linenumber
+            $source = $1;
+            $linenum = $2;
+            $function = $3;
+
+            if($function =~ /socket\(\) = (\d*)/) {
+                $filedes{$1} = 1;
+                $getfile{$1} = "$source:$linenum";
+                $openfile++;
+                $sockets++; # number of socket() calls
+            }
+            elsif($function =~ /socketpair\(\) = (\d*) (\d*)/) {
+                $filedes{$1} = 1;
+                $getfile{$1} = "$source:$linenum";
+                $openfile++;
+                $filedes{$2} = 1;
+                $getfile{$2} = "$source:$linenum";
+                $openfile++;
+            }
+            elsif($function =~ /accept\(\) = (\d*)/) {
+                $filedes{$1} = 1;
+                $getfile{$1} = "$source:$linenum";
+                $openfile++;
+            }
+            elsif($function =~ /sclose\((\d*)\)/) {
+                if($filedes{$1} != 1) {
+                    push @res, "Close without open: $line\n";
+                }
+                else {
+                    $filedes{$1}=0; # closed now
+                    $openfile--;
+                }
+            }
+        }
+        # FILE url.c:1282 fopen("blabla") = 0x5ddd
+        elsif($_ =~ /^FILE ([^ ]*):(\d*) (.*)/) {
+            # generic match for the filename+linenumber
+            $source = $1;
+            $linenum = $2;
+            $function = $3;
+
+            if($function =~ /f[d]*open\(\"(.*)\",\"([^\"]*)\"\) = (\(nil\)|0x([0-9a-f]*))/) {
+                if($3 eq "(nil)") {
+                    ;
+                }
+                else {
+                    $fopen{$4} = 1;
+                    $fopenfile{$4} = "$source:$linenum";
+                    $fopens++;
+                }
+            }
+            # fclose(0x1026c8)
+            elsif($function =~ /fclose\(0x([0-9a-f]*)\)/) {
+                if(!$fopen{$1}) {
+                    push @res, "fclose() without fopen(): $line\n";
+                }
+                else {
+                    $fopen{$1} = 0;
+                    $fopens--;
+                }
+            }
+        }
+        # GETNAME url.c:1901 getnameinfo()
+        elsif($_ =~ /^GETNAME ([^ ]*):(\d*) (.*)/) {
+            # not much to do
+        }
+        # SEND url.c:1901 send(83) = 83
+        elsif($_ =~ /^SEND ([^ ]*):(\d*) (.*)/) {
+            $sends++;
+        }
+        # RECV url.c:1901 recv(102400) = 256
+        elsif($_ =~ /^RECV ([^ ]*):(\d*) (.*)/) {
+            $recvs++;
+        }
+
+        # ADDR url.c:1282 getaddrinfo() = 0x5ddd
+        elsif($_ =~ /^ADDR ([^ ]*):(\d*) (.*)/) {
+            # generic match for the filename+linenumber
+            $source = $1;
+            $linenum = $2;
+            $function = $3;
+
+            if($function =~ /getaddrinfo\(\) = (\(nil\)|0x([0-9a-f]*))/) {
+                my $add = $1;
+                if($add eq "(nil)") {
+                    ;
+                }
+                else {
+                    $addrinfo{$add} = 1;
+                    $addrinfofile{$add} = "$source:$linenum";
+                    $addrinfos++;
+                }
+                if($trace) {
+                    push @res, "GETADDRINFO ($source:$linenum)\n";
+                }
+            }
+            # fclose(0x1026c8)
+            elsif($function =~ /freeaddrinfo\((0x[0-9a-f]*)\)/) {
+                my $addr = $1;
+                if(!$addrinfo{$addr}) {
+                    push @res, "freeaddrinfo() without getaddrinfo(): $line\n";
+                }
+                else {
+                    $addrinfo{$addr} = 0;
+                    $addrinfos--;
+                }
+                if($trace) {
+                    push @res, "FREEADDRINFO ($source:$linenum)\n";
+                }
+            }
+
+        }
+        else {
+            push @res, "Not recognized prefix line: $line\n";
+        }
+    }
+    close($fileh);
+
+    if($totalmem) {
+        push @res, "Leak detected: memory still allocated: $totalmem bytes\n";
+
+        for(keys %sizeataddr) {
+            $addr = $_;
+            $size = $sizeataddr{$addr};
+            if($size > 0) {
+                push @res, "At $addr, there is $size bytes.\n";
+                push @res, " allocated by $getmem{$addr}\n";
+            }
+        }
+    }
+
+    if($openfile) {
+        for(keys %filedes) {
+            if($filedes{$_} == 1) {
+                push @res, "Open file descriptor created at $getfile{$_}.\n";
+            }
+        }
+    }
+
+    if($fopens) {
+        push @res, "Open FILE handles left at:\n";
+        for(keys %fopen) {
+            if($fopen{$_} == 1) {
+                push @res, "fopen() called at $fopenfile{$_}.\n";
+            }
+        }
+    }
+
+    if($addrinfos) {
+        push @res, "IPv6-style name resolve data left at:\n";
+        for(keys %addrinfofile) {
+            if($addrinfo{$_} == 1) {
+                push @res, "getaddrinfo() called at $addrinfofile{$_}.\n";
+            }
+        }
+    }
+
+    if($verbose) {
+        push @res,
+            "Mallocs: $mallocs\n",
+            "Reallocs: $reallocs\n",
+            "Callocs: $callocs\n",
+            "Strdups: $strdups\n",
+            "Wcsdups: $wcsdups\n",
+            "Frees: $frees\n",
+            "Sends: $sends\n",
+            "Recvs: $recvs\n",
+            "Sockets: $sockets\n",
+            "Allocations: ".($mallocs + $callocs + $reallocs + $strdups + $wcsdups)."\n",
+            "Operations: ".($mallocs + $callocs + $reallocs + $strdups + $wcsdups + $sends + $recvs + $sockets)."\n",
+            "Maximum allocated: $maxmem\n",
+            "Total allocated: $memsum\n";
+    }
+
+    return @res;
+}
+
+1;
diff --git a/tests/runtests.pl b/tests/runtests.pl
index d0455d2243..32a03446d1 100755
--- a/tests/runtests.pl
+++ b/tests/runtests.pl
@@ -102,6 +102,7 @@ use valgrind;  # valgrind report parser
 use globalconfig;
 use runner;
 use testutil;
+use memanalyzer;
 
 my %custom_skip_reasons;
 
@@ -1757,7 +1758,7 @@ sub singletest_check {
             $ok .= "-"; # problem with memory checking
         }
         else {
-            my @memdata=`$memanalyze "$logdir/$MEMDUMP"`;
+            my @memdata = memanalyze("$logdir/$MEMDUMP", 0, 0, 0);
             my $leak=0;
             for(@memdata) {
                 if($_ ne "") {
@@ -1776,7 +1777,7 @@ sub singletest_check {
             else {
                 $ok .= "m";
             }
-            my @more=`$memanalyze -v "$logdir/$MEMDUMP"`;
+            my @more = memanalyze("$logdir/$MEMDUMP", 1, 0, 0);
             my $allocs = 0;
             my $max = 0;
             for(@more) {

From 608f5dd4557b449d9ece5aa193a4b89ac3760422 Mon Sep 17 00:00:00 2001
From: Theo Buehler 
Date: Thu, 4 Dec 2025 14:43:18 +0100
Subject: [PATCH 1117/2408] vtls: do not reach into ASN1_STRING

OpenSSL 4 has plans to make ASN1_STRING opaque, which will break the
build, so convert the code to use accessors. ASN1_STRING_length() and
ASN1_STRING_type() go way back to SSLeay and ASN1_STRING_get0_data() is
OpenSSL 1.1 API present in BoringSSL since foreer and also available
since LibreSSL 2.7, so this should not cause compat issues with any
libcrypto in a supported version of the fork family.

https://github.com/openssl/openssl/issues/29117

Closes #19831
---
 lib/vtls/openssl.c | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 67466e6e41..444fbc4e04 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -412,6 +412,7 @@ static CURLcode ossl_certchain(struct Curl_easy *data, SSL *ssl)
 
   for(i = 0; !result && (i < (int)numcerts); i++) {
     ASN1_INTEGER *num;
+    const unsigned char *numdata;
     X509 *x = sk_X509_value(sk, (ossl_valsize_t)i);
     EVP_PKEY *pubkey = NULL;
     int j;
@@ -433,10 +434,11 @@ static CURLcode ossl_certchain(struct Curl_easy *data, SSL *ssl)
       break;
 
     num = X509_get_serialNumber(x);
-    if(num->type == V_ASN1_NEG_INTEGER)
+    if(ASN1_STRING_type(num) == V_ASN1_NEG_INTEGER)
       BIO_puts(mem, "-");
-    for(j = 0; j < num->length; j++)
-      BIO_printf(mem, "%02x", num->data[j]);
+    numdata = ASN1_STRING_get0_data(num);
+    for(j = 0; j < ASN1_STRING_length(num); j++)
+      BIO_printf(mem, "%02x", numdata[j]);
     result = push_certinfo(data, mem, "Serial Number", i);
     if(result)
       break;
@@ -503,8 +505,9 @@ static CURLcode ossl_certchain(struct Curl_easy *data, SSL *ssl)
     }
 
     if(!result && psig) {
-      for(j = 0; j < psig->length; j++)
-        BIO_printf(mem, "%02x:", psig->data[j]);
+      const unsigned char *psigdata = ASN1_STRING_get0_data(psig);
+      for(j = 0; j < ASN1_STRING_length(psig); j++)
+        BIO_printf(mem, "%02x:", psigdata[j]);
       result = push_certinfo(data, mem, "Signature", i);
     }
 

From 39d1976b7f709a516e3243338ebc0443bdd8d56d Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Thu, 4 Dec 2025 00:14:20 +0100
Subject: [PATCH 1118/2408] ldap: call ldap_init() before setting the options

Closes #19830
---
 lib/ldap.c | 52 ++++++++++++++++++++--------------------------------
 1 file changed, 20 insertions(+), 32 deletions(-)

diff --git a/lib/ldap.c b/lib/ldap.c
index 63b2cbc414..0911a9239a 100644
--- a/lib/ldap.c
+++ b/lib/ldap.c
@@ -377,16 +377,29 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done)
     passwd = conn->passwd;
   }
 
-#ifdef LDAP_OPT_NETWORK_TIMEOUT
-  ldap_set_option(NULL, LDAP_OPT_NETWORK_TIMEOUT, &ldap_timeout);
+#ifdef USE_WIN32_LDAP
+  if(ldap_ssl)
+    server = ldap_sslinit(host, (curl_ldap_num_t)ipquad.remote_port, 1);
+  else
+#else
+    server = ldap_init(host, (curl_ldap_num_t)ipquad.remote_port);
 #endif
-  ldap_set_option(NULL, LDAP_OPT_PROTOCOL_VERSION, &ldap_proto);
+  if(!server) {
+    failf(data, "LDAP: cannot setup connect to %s:%u",
+          conn->host.dispname, ipquad.remote_port);
+    result = CURLE_COULDNT_CONNECT;
+    goto quit;
+  }
+
+#ifdef LDAP_OPT_NETWORK_TIMEOUT
+  ldap_set_option(server, LDAP_OPT_NETWORK_TIMEOUT, &ldap_timeout);
+#endif
+  ldap_set_option(server, LDAP_OPT_PROTOCOL_VERSION, &ldap_proto);
 
   if(ldap_ssl) {
 #ifdef HAVE_LDAP_SSL
 #ifdef USE_WIN32_LDAP
     /* Win32 LDAP SDK does not support insecure mode without CA! */
-    server = ldap_sslinit(host, (curl_ldap_num_t)ipquad.remote_port, 1);
     ldap_set_option(server, LDAP_OPT_SSL, LDAP_OPT_ON);
 #else /* !USE_WIN32_LDAP */
     int ldap_option;
@@ -406,7 +419,7 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done)
         goto quit;
       }
       infof(data, "LDAP local: using PEM CA cert: %s", ldap_ca);
-      rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_CACERTFILE, ldap_ca);
+      rc = ldap_set_option(server, LDAP_OPT_X_TLS_CACERTFILE, ldap_ca);
       if(rc != LDAP_SUCCESS) {
         failf(data, "LDAP local: ERROR setting PEM CA cert: %s",
               ldap_err2string(rc));
@@ -418,20 +431,13 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done)
     else
       ldap_option = LDAP_OPT_X_TLS_NEVER;
 
-    rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, &ldap_option);
+    rc = ldap_set_option(server, LDAP_OPT_X_TLS_REQUIRE_CERT, &ldap_option);
     if(rc != LDAP_SUCCESS) {
       failf(data, "LDAP local: ERROR setting cert verify mode: %s",
             ldap_err2string(rc));
       result = CURLE_SSL_CERTPROBLEM;
       goto quit;
     }
-    server = ldap_init(host, ipquad.remote_port);
-    if(!server) {
-      failf(data, "LDAP local: Cannot connect to %s:%u",
-            conn->host.dispname, ipquad.remote_port);
-      result = CURLE_COULDNT_CONNECT;
-      goto quit;
-    }
     ldap_option = LDAP_OPT_X_TLS_HARD;
     rc = ldap_set_option(server, LDAP_OPT_X_TLS, &ldap_option);
     if(rc != LDAP_SUCCESS) {
@@ -440,16 +446,6 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done)
       result = CURLE_SSL_CERTPROBLEM;
       goto quit;
     }
-#if 0
-    rc = ldap_start_tls_s(server, NULL, NULL);
-    if(rc != LDAP_SUCCESS) {
-      failf(data, "LDAP local: ERROR starting SSL/TLS mode: %s",
-            ldap_err2string(rc));
-      result = CURLE_SSL_CERTPROBLEM;
-      goto quit;
-    }
-#endif
-
 #else /* !LDAP_OPT_X_TLS */
     (void)ldap_option;
     (void)ldap_ca;
@@ -468,15 +464,7 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done)
     result = CURLE_NOT_BUILT_IN;
     goto quit;
   }
-  else {
-    server = ldap_init(host, (curl_ldap_num_t)ipquad.remote_port);
-    if(!server) {
-      failf(data, "LDAP local: Cannot connect to %s:%u",
-            conn->host.dispname, ipquad.remote_port);
-      result = CURLE_COULDNT_CONNECT;
-      goto quit;
-    }
-  }
+
 #ifdef USE_WIN32_LDAP
   ldap_set_option(server, LDAP_OPT_PROTOCOL_VERSION, &ldap_proto);
   rc = ldap_win_bind(data, server, user, passwd);

From f39b8a11749dba677848ea1e7d2ed20f23f87f03 Mon Sep 17 00:00:00 2001
From: Patrick Monnerat 
Date: Wed, 3 Dec 2025 18:36:03 +0100
Subject: [PATCH 1119/2408] lib: add a Curl_bufref_uptr() function and use it

Function Curl_bufref_ptr() now returns a const char *.
New function Curl_bufref_uptr() returns a const unsigned char *.

Usage and doc updated.

Closes #19827
---
 docs/internals/BUFREF.md | 10 +++++++++-
 lib/bufref.c             | 14 +++++++++++++-
 lib/bufref.h             |  3 ++-
 lib/curl_sasl.c          |  4 ++--
 lib/http_ntlm.c          |  4 ++--
 lib/imap.c               |  5 ++---
 lib/pop3.c               |  5 ++---
 lib/smtp.c               |  5 ++---
 lib/vauth/cram.c         |  2 +-
 lib/vauth/digest.c       |  2 +-
 lib/vauth/gsasl.c        |  3 +--
 lib/vauth/ntlm.c         |  4 ++--
 lib/vauth/ntlm_sspi.c    |  2 +-
 13 files changed, 40 insertions(+), 23 deletions(-)

diff --git a/docs/internals/BUFREF.md b/docs/internals/BUFREF.md
index 9a8b506b56..686a092aec 100644
--- a/docs/internals/BUFREF.md
+++ b/docs/internals/BUFREF.md
@@ -72,7 +72,15 @@ Returns `CURLE_OK` if successful, else `CURLE_OUT_OF_MEMORY`.
 ## `ptr`
 
 ```c
-const unsigned char *Curl_bufref_ptr(const struct bufref *br);
+const char *Curl_bufref_ptr(const struct bufref *br);
+```
+
+Returns a `const char *` to the referenced buffer.
+
+## `uptr`
+
+```c
+const unsigned char *Curl_bufref_uptr(const struct bufref *br);
 ```
 
 Returns a `const unsigned char *` to the referenced buffer.
diff --git a/lib/bufref.c b/lib/bufref.c
index 643fe5d2e0..8dcd3592db 100644
--- a/lib/bufref.c
+++ b/lib/bufref.c
@@ -84,7 +84,7 @@ void Curl_bufref_set(struct bufref *br, const void *ptr, size_t len,
 /*
  * Get a pointer to the referenced buffer.
  */
-const unsigned char *Curl_bufref_ptr(const struct bufref *br)
+const unsigned char *Curl_bufref_uptr(const struct bufref *br)
 {
   DEBUGASSERT(br);
   DEBUGASSERT(br->signature == SIGNATURE);
@@ -93,6 +93,18 @@ const unsigned char *Curl_bufref_ptr(const struct bufref *br)
   return br->ptr;
 }
 
+/*
+ * Get a pointer to the referenced string.
+ */
+const char *Curl_bufref_ptr(const struct bufref *br)
+{
+  DEBUGASSERT(br);
+  DEBUGASSERT(br->signature == SIGNATURE);
+  DEBUGASSERT(br->ptr || !br->len);
+
+  return (const char *) br->ptr;
+}
+
 /*
  * Get the length of the referenced buffer data.
  */
diff --git a/lib/bufref.h b/lib/bufref.h
index f80011fde5..b8ffe38347 100644
--- a/lib/bufref.h
+++ b/lib/bufref.h
@@ -39,7 +39,8 @@ struct bufref {
 void Curl_bufref_init(struct bufref *br);
 void Curl_bufref_set(struct bufref *br, const void *ptr, size_t len,
                      void (*dtor)(void *));
-const unsigned char *Curl_bufref_ptr(const struct bufref *br);
+const char *Curl_bufref_ptr(const struct bufref *br);
+const unsigned char *Curl_bufref_uptr(const struct bufref *br);
 size_t Curl_bufref_len(const struct bufref *br);
 CURLcode Curl_bufref_memdup(struct bufref *br, const void *ptr, size_t len);
 void Curl_bufref_free(struct bufref *br);
diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c
index a4cd5a207b..3e4bafc19a 100644
--- a/lib/curl_sasl.c
+++ b/lib/curl_sasl.c
@@ -235,7 +235,7 @@ static CURLcode get_server_message(struct SASL *sasl, struct Curl_easy *data,
   if(!result && (sasl->params->flags & SASL_FLAG_BASE64)) {
     unsigned char *msg;
     size_t msglen;
-    const char *serverdata = (const char *)Curl_bufref_ptr(out);
+    const char *serverdata = Curl_bufref_ptr(out);
 
     if(!*serverdata || *serverdata == '=')
       Curl_bufref_set(out, NULL, 0, NULL);
@@ -263,7 +263,7 @@ static CURLcode build_message(struct SASL *sasl, struct bufref *msg)
       char *base64;
       size_t base64len;
 
-      result = curlx_base64_encode(Curl_bufref_ptr(msg),
+      result = curlx_base64_encode(Curl_bufref_uptr(msg),
                                    Curl_bufref_len(msg), &base64, &base64len);
       if(!result)
         Curl_bufref_set(msg, base64, base64len, curl_free);
diff --git a/lib/http_ntlm.c b/lib/http_ntlm.c
index e1b48d7675..8d15a8a162 100644
--- a/lib/http_ntlm.c
+++ b/lib/http_ntlm.c
@@ -201,7 +201,7 @@ CURLcode Curl_output_ntlm(struct Curl_easy *data, bool proxy)
                                                  hostname, ntlm, &ntlmmsg);
     if(!result) {
       DEBUGASSERT(Curl_bufref_len(&ntlmmsg) != 0);
-      result = curlx_base64_encode(Curl_bufref_ptr(&ntlmmsg),
+      result = curlx_base64_encode(Curl_bufref_uptr(&ntlmmsg),
                                    Curl_bufref_len(&ntlmmsg), &base64, &len);
       if(!result) {
         curlx_free(*allocuserpwd);
@@ -219,7 +219,7 @@ CURLcode Curl_output_ntlm(struct Curl_easy *data, bool proxy)
     result = Curl_auth_create_ntlm_type3_message(data, userp, passwdp,
                                                  ntlm, &ntlmmsg);
     if(!result && Curl_bufref_len(&ntlmmsg)) {
-      result = curlx_base64_encode(Curl_bufref_ptr(&ntlmmsg),
+      result = curlx_base64_encode(Curl_bufref_uptr(&ntlmmsg),
                                    Curl_bufref_len(&ntlmmsg), &base64, &len);
       if(!result) {
         curlx_free(*allocuserpwd);
diff --git a/lib/imap.c b/lib/imap.c
index ec5e654cfa..cbc4506a9d 100644
--- a/lib/imap.c
+++ b/lib/imap.c
@@ -636,7 +636,7 @@ static CURLcode imap_perform_authenticate(struct Curl_easy *data,
   struct imap_conn *imapc =
     Curl_conn_meta_get(data->conn, CURL_META_IMAP_CONN);
   CURLcode result = CURLE_OK;
-  const char *ir = (const char *)Curl_bufref_ptr(initresp);
+  const char *ir = Curl_bufref_ptr(initresp);
 
   if(!imapc)
     return CURLE_FAILED_INIT;
@@ -668,8 +668,7 @@ static CURLcode imap_continue_authenticate(struct Curl_easy *data,
   (void)mech;
   if(!imapc)
     return CURLE_FAILED_INIT;
-  return Curl_pp_sendf(data, &imapc->pp,
-                       "%s", (const char *)Curl_bufref_ptr(resp));
+  return Curl_pp_sendf(data, &imapc->pp, "%s", Curl_bufref_ptr(resp));
 }
 
 /***********************************************************************
diff --git a/lib/pop3.c b/lib/pop3.c
index 771069b3d4..0ddff3e45e 100644
--- a/lib/pop3.c
+++ b/lib/pop3.c
@@ -623,7 +623,7 @@ static CURLcode pop3_perform_auth(struct Curl_easy *data,
   struct pop3_conn *pop3c =
     Curl_conn_meta_get(data->conn, CURL_META_POP3_CONN);
   CURLcode result = CURLE_OK;
-  const char *ir = (const char *)Curl_bufref_ptr(initresp);
+  const char *ir = Curl_bufref_ptr(initresp);
 
   if(!pop3c)
     return CURLE_FAILED_INIT;
@@ -657,8 +657,7 @@ static CURLcode pop3_continue_auth(struct Curl_easy *data,
   if(!pop3c)
     return CURLE_FAILED_INIT;
 
-  return Curl_pp_sendf(data, &pop3c->pp,
-                       "%s", (const char *) Curl_bufref_ptr(resp));
+  return Curl_pp_sendf(data, &pop3c->pp, "%s", Curl_bufref_ptr(resp));
 }
 
 /***********************************************************************
diff --git a/lib/smtp.c b/lib/smtp.c
index 5aab391e37..fa821fe45d 100644
--- a/lib/smtp.c
+++ b/lib/smtp.c
@@ -506,7 +506,7 @@ static CURLcode smtp_perform_auth(struct Curl_easy *data,
   CURLcode result = CURLE_OK;
   struct smtp_conn *smtpc =
     Curl_conn_meta_get(data->conn, CURL_META_SMTP_CONN);
-  const char *ir = (const char *)Curl_bufref_ptr(initresp);
+  const char *ir = Curl_bufref_ptr(initresp);
 
   if(!smtpc)
     return CURLE_FAILED_INIT;
@@ -539,8 +539,7 @@ static CURLcode smtp_continue_auth(struct Curl_easy *data,
   (void)mech;
   if(!smtpc)
     return CURLE_FAILED_INIT;
-  return Curl_pp_sendf(data, &smtpc->pp,
-                       "%s", (const char *)Curl_bufref_ptr(resp));
+  return Curl_pp_sendf(data, &smtpc->pp, "%s", Curl_bufref_ptr(resp));
 }
 
 /***********************************************************************
diff --git a/lib/vauth/cram.c b/lib/vauth/cram.c
index 6a39a400ee..7cce86fd62 100644
--- a/lib/vauth/cram.c
+++ b/lib/vauth/cram.c
@@ -69,7 +69,7 @@ CURLcode Curl_auth_create_cram_md5_message(const struct bufref *chlg,
 
   /* Update the digest with the given challenge */
   if(Curl_bufref_len(chlg))
-    Curl_HMAC_update(ctxt, Curl_bufref_ptr(chlg),
+    Curl_HMAC_update(ctxt, Curl_bufref_uptr(chlg),
                      curlx_uztoui(Curl_bufref_len(chlg)));
 
   /* Finalise the digest */
diff --git a/lib/vauth/digest.c b/lib/vauth/digest.c
index 8bcfc7ed6c..ce3a7b3687 100644
--- a/lib/vauth/digest.c
+++ b/lib/vauth/digest.c
@@ -271,7 +271,7 @@ static CURLcode auth_decode_digest_md5_message(const struct bufref *chlgref,
                                                char *alg, size_t alen,
                                                char *qop, size_t qlen)
 {
-  const char *chlg = (const char *)Curl_bufref_ptr(chlgref);
+  const char *chlg = Curl_bufref_ptr(chlgref);
 
   /* Ensure we have a valid challenge message */
   if(!Curl_bufref_len(chlgref))
diff --git a/lib/vauth/gsasl.c b/lib/vauth/gsasl.c
index 3888622dbf..4c83793d78 100644
--- a/lib/vauth/gsasl.c
+++ b/lib/vauth/gsasl.c
@@ -98,8 +98,7 @@ CURLcode Curl_auth_gsasl_token(struct Curl_easy *data,
   char *response;
   size_t outlen;
 
-  res = gsasl_step(gsasl->client,
-                   (const char *)Curl_bufref_ptr(chlg), Curl_bufref_len(chlg),
+  res = gsasl_step(gsasl->client, Curl_bufref_ptr(chlg), Curl_bufref_len(chlg),
                    &response, &outlen);
   if(res != GSASL_OK && res != GSASL_NEEDS_MORE) {
     failf(data, "GSASL step: %s", gsasl_strerror(res));
diff --git a/lib/vauth/ntlm.c b/lib/vauth/ntlm.c
index 22d028e8c2..7fd13d8745 100644
--- a/lib/vauth/ntlm.c
+++ b/lib/vauth/ntlm.c
@@ -255,7 +255,7 @@ static CURLcode ntlm_decode_type2_target(struct Curl_easy *data,
 {
   unsigned short target_info_len = 0;
   unsigned int target_info_offset = 0;
-  const unsigned char *type2 = Curl_bufref_ptr(type2ref);
+  const unsigned char *type2 = Curl_bufref_uptr(type2ref);
   size_t type2len = Curl_bufref_len(type2ref);
 
 #ifdef CURL_DISABLE_VERBOSE_STRINGS
@@ -355,7 +355,7 @@ CURLcode Curl_auth_decode_ntlm_type2_message(struct Curl_easy *data,
   */
 
   CURLcode result = CURLE_OK;
-  const unsigned char *type2 = Curl_bufref_ptr(type2ref);
+  const unsigned char *type2 = Curl_bufref_uptr(type2ref);
   size_t type2len = Curl_bufref_len(type2ref);
 
 #ifdef CURL_DISABLE_VERBOSE_STRINGS
diff --git a/lib/vauth/ntlm_sspi.c b/lib/vauth/ntlm_sspi.c
index d724907db6..e4aad6e24f 100644
--- a/lib/vauth/ntlm_sspi.c
+++ b/lib/vauth/ntlm_sspi.c
@@ -209,7 +209,7 @@ CURLcode Curl_auth_decode_ntlm_type2_message(struct Curl_easy *data,
   }
 
   /* Store the challenge for later use */
-  ntlm->input_token = Curl_memdup0((const char *)Curl_bufref_ptr(type2),
+  ntlm->input_token = Curl_memdup0(Curl_bufref_ptr(type2),
                                    Curl_bufref_len(type2));
   if(!ntlm->input_token)
     return CURLE_OUT_OF_MEMORY;

From 36542b734966fce2ce5689d689a0e4922a103e50 Mon Sep 17 00:00:00 2001
From: Patrick Monnerat 
Date: Wed, 3 Dec 2025 23:15:18 +0100
Subject: [PATCH 1120/2408] lib: turn state.url into a struct bufref

Closes #19827
---
 lib/cookie.c            |  3 ++-
 lib/curl_rtmp.c         |  3 ++-
 lib/easy.c              | 12 ++++++------
 lib/getinfo.c           |  7 +++++--
 lib/http.c              | 22 +++++++++++-----------
 lib/http2.c             |  8 +++-----
 lib/ldap.c              |  5 +++--
 lib/multi.c             |  5 +++--
 lib/openldap.c          |  5 +++--
 lib/setopt.c            | 14 +++-----------
 lib/transfer.c          | 11 +++--------
 lib/url.c               | 37 +++++++++++++------------------------
 lib/urldata.h           |  4 ++--
 lib/vquic/curl_ngtcp2.c |  3 ++-
 lib/vquic/curl_osslq.c  |  3 ++-
 lib/vquic/curl_quiche.c |  7 ++++---
 16 files changed, 67 insertions(+), 82 deletions(-)

diff --git a/lib/cookie.c b/lib/cookie.c
index e3cf8e4e0c..dff5198c11 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -40,6 +40,7 @@
 #include "rename.h"
 #include "strdup.h"
 #include "llist.h"
+#include "bufref.h"
 #include "curlx/strparse.h"
 
 static void strstore(char **str, const char *newstr, size_t len);
@@ -1622,7 +1623,7 @@ void Curl_flush_cookies(struct Curl_easy *data, bool cleanup)
      set), as otherwise the cookies were not completely initialized and there
      might be cookie files that were not loaded so saving the file is the wrong
      thing. */
-  if(data->set.str[STRING_COOKIEJAR] && data->state.url) {
+  if(data->set.str[STRING_COOKIEJAR] && Curl_bufref_ptr(&data->state.url)) {
     /* if we have a destination file for all the cookies to get dumped to */
     CURLcode result = cookie_output(data, data->cookies,
                                     data->set.str[STRING_COOKIEJAR]);
diff --git a/lib/curl_rtmp.c b/lib/curl_rtmp.c
index 1eebbb5b3f..e0597cdcca 100644
--- a/lib/curl_rtmp.c
+++ b/lib/curl_rtmp.c
@@ -33,6 +33,7 @@
 #include "curlx/nonblock.h" /* for curlx_nonblock */
 #include "progress.h" /* for Curl_pgrsSetUploadSize */
 #include "transfer.h"
+#include "bufref.h"
 #include "curlx/warnless.h"
 #include 
 #include 
@@ -233,7 +234,7 @@ static CURLcode rtmp_setup_connection(struct Curl_easy *data,
 
   RTMP_Init(r);
   RTMP_SetBufferMS(r, DEF_BUFTIME);
-  if(!RTMP_SetupURL(r, data->state.url))
+  if(!RTMP_SetupURL(r, CURL_UNCONST(Curl_bufref_ptr(&data->state.url))))
     /* rtmp_conn_dtor() performs the cleanup */
     return CURLE_URL_MALFORMAT;
   return CURLE_OK;
diff --git a/lib/easy.c b/lib/easy.c
index d2f6c36c0d..c18fdd09bf 100644
--- a/lib/easy.c
+++ b/lib/easy.c
@@ -75,6 +75,7 @@
 #include "system_win32.h"
 #include "http2.h"
 #include "curlx/dynbuf.h"
+#include "bufref.h"
 #include "altsvc.h"
 #include "hsts.h"
 
@@ -975,6 +976,7 @@ CURL *curl_easy_duphandle(CURL *d)
   Curl_hash_init(&outcurl->meta_hash, 23,
                  Curl_hash_str, curlx_str_key_compare, dupeasy_meta_freeentry);
   curlx_dyn_init(&outcurl->state.headerb, CURL_MAX_HTTP_HEADER);
+  Curl_bufref_init(&outcurl->state.url);
   Curl_netrc_init(&outcurl->state.netrc);
 
   /* the connection pool is setup on demand */
@@ -1014,12 +1016,10 @@ CURL *curl_easy_duphandle(CURL *d)
   }
 #endif
 
-  if(data->state.url) {
-    outcurl->state.url = curlx_strdup(data->state.url);
-    if(!outcurl->state.url)
-      goto fail;
-    outcurl->state.url_alloc = TRUE;
-  }
+  if(Curl_bufref_ptr(&data->state.url))
+    Curl_bufref_set(&outcurl->state.url,
+                    curlx_strdup(Curl_bufref_ptr(&data->state.url)), 0,
+                    curl_free);
 
   if(data->state.referer) {
     outcurl->state.referer = curlx_strdup(data->state.referer);
diff --git a/lib/getinfo.c b/lib/getinfo.c
index 13e9622d33..59dc198777 100644
--- a/lib/getinfo.c
+++ b/lib/getinfo.c
@@ -32,6 +32,7 @@
 #include "vtls/vtls.h"
 #include "connect.h" /* Curl_getconnectinfo() */
 #include "progress.h"
+#include "bufref.h"
 #include "curlx/strparse.h"
 
 /*
@@ -91,8 +92,10 @@ static CURLcode getinfo_char(struct Curl_easy *data, CURLINFO info,
                              const char **param_charp)
 {
   switch(info) {
-  case CURLINFO_EFFECTIVE_URL:
-    *param_charp = data->state.url ? data->state.url : "";
+  case CURLINFO_EFFECTIVE_URL: {
+    const char *s = Curl_bufref_ptr(&data->state.url);
+    *param_charp = s ? s : "";
+  }
     break;
   case CURLINFO_EFFECTIVE_METHOD: {
     const char *m = data->set.str[STRING_CUSTOMREQUEST];
diff --git a/lib/http.c b/lib/http.c
index 3178ca59e9..ae7458572b 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -84,6 +84,7 @@
 #include "altsvc.h"
 #include "hsts.h"
 #include "ws.h"
+#include "bufref.h"
 #include "curl_ctype.h"
 #include "curlx/strparse.h"
 
@@ -610,7 +611,8 @@ CURLcode Curl_http_auth_act(struct Curl_easy *data)
        we must make sure to free it before allocating a new one. As figured
        out in bug #2284386 */
     curlx_free(data->req.newurl);
-    data->req.newurl = curlx_strdup(data->state.url); /* clone URL */
+    /* clone URL */
+    data->req.newurl = curlx_strdup(Curl_bufref_ptr(&data->state.url));
     if(!data->req.newurl)
       return CURLE_OUT_OF_MEMORY;
   }
@@ -623,7 +625,8 @@ CURLcode Curl_http_auth_act(struct Curl_easy *data)
        we did not try HEAD or GET */
     if((data->state.httpreq != HTTPREQ_GET) &&
        (data->state.httpreq != HTTPREQ_HEAD)) {
-      data->req.newurl = curlx_strdup(data->state.url); /* clone URL */
+      /* clone URL */
+      data->req.newurl = curlx_strdup(Curl_bufref_ptr(&data->state.url));
       if(!data->req.newurl)
         return CURLE_OUT_OF_MEMORY;
       data->state.authhost.done = TRUE;
@@ -909,7 +912,7 @@ static CURLcode auth_spnego(struct Curl_easy *data,
         &conn->http_negotiate_state;
       if(!result) {
         curlx_free(data->req.newurl);
-        data->req.newurl = curlx_strdup(data->state.url);
+        data->req.newurl = curlx_strdup(Curl_bufref_ptr(&data->state.url));
         if(!data->req.newurl)
           return CURLE_OUT_OF_MEMORY;
         data->state.authproblem = FALSE;
@@ -1243,7 +1246,8 @@ CURLcode Curl_http_follow(struct Curl_easy *data, const char *newurl,
         if(!u)
           return CURLE_OUT_OF_MEMORY;
 
-        uc = curl_url_set(u, CURLUPART_URL, data->state.url, 0);
+        uc = curl_url_set(u, CURLUPART_URL,
+                          Curl_bufref_ptr(&data->state.url), 0);
         if(!uc)
           uc = curl_url_set(u, CURLUPART_FRAGMENT, NULL, 0);
         if(!uc)
@@ -1365,13 +1369,9 @@ CURLcode Curl_http_follow(struct Curl_easy *data, const char *newurl,
   if(disallowport)
     data->state.allow_port = FALSE;
 
-  if(data->state.url_alloc)
-    Curl_safefree(data->state.url);
-
-  data->state.url = follow_url;
-  data->state.url_alloc = TRUE;
+  Curl_bufref_set(&data->state.url, follow_url, 0, curl_free);
   rewind_result = Curl_req_soft_reset(&data->req, data);
-  infof(data, "Issue another request to this URL: '%s'", data->state.url);
+  infof(data, "Issue another request to this URL: '%s'", follow_url);
   if((data->set.http_follow_mode == CURLFOLLOW_FIRSTONLY) &&
      data->set.str[STRING_CUSTOMREQUEST] &&
      !data->state.http_ignorecustom) {
@@ -4054,7 +4054,7 @@ static CURLcode http_on_response(struct Curl_easy *data,
             data->state.disableexpect = TRUE;
             Curl_req_abort_sending(data);
             DEBUGASSERT(!data->req.newurl);
-            data->req.newurl = curlx_strdup(data->state.url);
+            data->req.newurl = curlx_strdup(Curl_bufref_ptr(&data->state.url));
             if(!data->req.newurl) {
               result = CURLE_OUT_OF_MEMORY;
               goto out;
diff --git a/lib/http2.c b/lib/http2.c
index a3ff8c8529..df38f82caf 100644
--- a/lib/http2.c
+++ b/lib/http2.c
@@ -44,6 +44,7 @@
 #include "rand.h"
 #include "curlx/strparse.h"
 #include "transfer.h"
+#include "bufref.h"
 #include "curlx/dynbuf.h"
 #include "curlx/warnless.h"
 #include "headers.h"
@@ -920,10 +921,7 @@ fail:
   if(rc)
     return rc;
 
-  if(data->state.url_alloc)
-    curlx_free(data->state.url);
-  data->state.url_alloc = TRUE;
-  data->state.url = url;
+  Curl_bufref_set(&data->state.url, url, 0, curl_free);
   return 0;
 }
 
@@ -2316,7 +2314,7 @@ static CURLcode h2_submit(struct h2_stream_ctx **pstream,
     size_t acc = 0, i;
 
     infof(data, "[HTTP/2] [%d] OPENED stream for %s",
-          stream_id, data->state.url);
+          stream_id, Curl_bufref_ptr(&data->state.url));
     for(i = 0; i < nheader; ++i) {
       acc += nva[i].namelen + nva[i].valuelen;
 
diff --git a/lib/ldap.c b/lib/ldap.c
index 0911a9239a..b6ed43d904 100644
--- a/lib/ldap.c
+++ b/lib/ldap.c
@@ -89,6 +89,7 @@
 #include "progress.h"
 #include "transfer.h"
 #include "curlx/strparse.h"
+#include "bufref.h"
 #include "curl_ldap.h"
 #include "curlx/multibyte.h"
 #include "curlx/base64.h"
@@ -338,10 +339,10 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done)
   *done = TRUE; /* unconditionally */
   infof(data, "LDAP local: LDAP Vendor = %s ; LDAP Version = %d",
         LDAP_VENDOR_NAME, LDAP_VENDOR_VERSION);
-  infof(data, "LDAP local: %s", data->state.url);
+  infof(data, "LDAP local: %s", Curl_bufref_ptr(&data->state.url));
 
 #ifdef HAVE_LDAP_URL_PARSE
-  rc = ldap_url_parse(data->state.url, &ludp);
+  rc = ldap_url_parse(Curl_bufref_ptr(&data->state.url), &ludp);
 #else
   rc = ldap_url_parse_low(data, conn, &ludp);
 #endif
diff --git a/lib/multi.c b/lib/multi.c
index b912f7a212..3086d61c74 100644
--- a/lib/multi.c
+++ b/lib/multi.c
@@ -53,6 +53,7 @@
 #include "socketpair.h"
 #include "socks.h"
 #include "urlapi-int.h"
+#include "bufref.h"
 
 /* initial multi->xfers table size for a full multi */
 #define CURL_XFER_TABLE_SIZE 512
@@ -2006,7 +2007,7 @@ static CURLMcode state_performing(struct Curl_easy *data,
       data->state.errorbuf = FALSE;
       if(!newurl)
         /* typically for HTTP_1_1_REQUIRED error on first flight */
-        newurl = curlx_strdup(data->state.url);
+        newurl = curlx_strdup(Curl_bufref_ptr(&data->state.url));
       if(!newurl) {
         result = CURLE_OUT_OF_MEMORY;
       }
@@ -4066,7 +4067,7 @@ static void multi_xfer_dump(struct Curl_multi *multi, uint32_t mid,
                   ", url=%s\n",
                   mid,
                   (data->magic == CURLEASY_MAGIC_NUMBER) ? "GOOD" : "BAD!",
-                  (void *)data, data->id, data->state.url);
+                  (void *)data, data->id, Curl_bufref_ptr(&data->state.url));
   }
 }
 
diff --git a/lib/openldap.c b/lib/openldap.c
index ba1a39181f..a1756e4279 100644
--- a/lib/openldap.c
+++ b/lib/openldap.c
@@ -52,6 +52,7 @@
 #include "connect.h"
 #include "curl_sasl.h"
 #include "strcase.h"
+#include "bufref.h"
 
 /*
  * Uncommenting this will enable the built-in debug logging of the openldap
@@ -272,7 +273,7 @@ static CURLcode oldap_url_parse(struct Curl_easy *data, LDAPURLDesc **ludp)
   *ludp = NULL;
   if(!data->state.up.user && !data->state.up.password &&
      !data->state.up.options)
-    rc = ldap_url_parse(data->state.url, ludp);
+    rc = ldap_url_parse(Curl_bufref_ptr(&data->state.url), ludp);
   if(rc != LDAP_URL_SUCCESS) {
     const char *msg = "url parsing problem";
 
@@ -988,7 +989,7 @@ static CURLcode oldap_do(struct Curl_easy *data, bool *done)
   if(!li)
     return CURLE_FAILED_INIT;
 
-  infof(data, "LDAP local: %s", data->state.url);
+  infof(data, "LDAP local: %s", Curl_bufref_ptr(&data->state.url));
 
   result = oldap_url_parse(data, &lud);
   if(result)
diff --git a/lib/setopt.c b/lib/setopt.c
index 0a377be1f1..bcaf3fc2ae 100644
--- a/lib/setopt.c
+++ b/lib/setopt.c
@@ -54,6 +54,7 @@
 #include "tftp.h"
 #include "strdup.h"
 #include "escape.h"
+#include "bufref.h"
 
 static CURLcode setopt_set_timeout_sec(timediff_t *ptimeout_ms, long secs)
 {
@@ -1971,12 +1972,8 @@ static CURLcode setopt_cptr(struct Curl_easy *data, CURLoption option,
     /*
      * The URL to fetch.
      */
-    if(data->state.url_alloc) {
-      Curl_safefree(data->state.url);
-      data->state.url_alloc = FALSE;
-    }
     result = Curl_setstropt(&s->str[STRING_SET_URL], ptr);
-    data->state.url = s->str[STRING_SET_URL];
+    Curl_bufref_set(&data->state.url, s->str[STRING_SET_URL], 0, NULL);
     break;
 
   case CURLOPT_USERPWD:
@@ -2063,12 +2060,7 @@ static CURLcode setopt_cptr(struct Curl_easy *data, CURLoption option,
     /*
      * pass CURLU to set URL
      */
-    if(data->state.url_alloc) {
-      Curl_safefree(data->state.url);
-      data->state.url_alloc = FALSE;
-    }
-    else
-      data->state.url = NULL;
+    Curl_bufref_free(&data->state.url);
     Curl_safefree(s->str[STRING_SET_URL]);
     s->uh = (CURLU *)ptr;
     break;
diff --git a/lib/transfer.c b/lib/transfer.c
index a8a66f86c7..34f0698ebd 100644
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -79,6 +79,7 @@
 #include "hsts.h"
 #include "setopt.h"
 #include "headers.h"
+#include "bufref.h"
 #include "curlx/warnless.h"
 
 #if !defined(CURL_DISABLE_HTTP) || !defined(CURL_DISABLE_SMTP) || \
@@ -484,13 +485,7 @@ CURLcode Curl_pretransfer(struct Curl_easy *data)
     }
   }
 
-  /* since the URL may have been redirected in a previous use of this handle */
-  if(data->state.url_alloc) {
-    Curl_safefree(data->state.url);
-    data->state.url_alloc = FALSE;
-  }
-
-  data->state.url = data->set.str[STRING_SET_URL];
+  Curl_bufref_set(&data->state.url, data->set.str[STRING_SET_URL], 0, NULL);
 
   if(data->set.postfields && data->set.set_resume_from) {
     /* we cannot */
@@ -676,7 +671,7 @@ CURLcode Curl_retry_request(struct Curl_easy *data, char **url)
     }
     infof(data, "Connection died, retrying a fresh connect (retry count: %d)",
           data->state.retrycount);
-    *url = curlx_strdup(data->state.url);
+    *url = curlx_strdup(Curl_bufref_ptr(&data->state.url));
     if(!*url)
       return CURLE_OUT_OF_MEMORY;
 
diff --git a/lib/url.c b/lib/url.c
index f646b74ed4..65161d7e24 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -73,6 +73,7 @@
 #include "netrc.h"
 #include "formdata.h"
 #include "mime.h"
+#include "bufref.h"
 #include "vtls/vtls.h"
 #include "hostip.h"
 #include "transfer.h"
@@ -184,11 +185,7 @@ void Curl_freeset(struct Curl_easy *data)
     data->state.referer_alloc = FALSE;
   }
   data->state.referer = NULL;
-  if(data->state.url_alloc) {
-    Curl_safefree(data->state.url);
-    data->state.url_alloc = FALSE;
-  }
-  data->state.url = NULL;
+  Curl_bufref_free(&data->state.url);
 
   Curl_mime_cleanpart(&data->set.mimepost);
 
@@ -516,6 +513,7 @@ CURLcode Curl_open(struct Curl_easy **curl)
   Curl_hash_init(&data->meta_hash, 23,
                  Curl_hash_str, curlx_str_key_compare, easy_meta_freeentry);
   curlx_dyn_init(&data->state.headerb, CURL_MAX_HTTP_HEADER);
+  Curl_bufref_init(&data->state.url);
   Curl_req_init(&data->req);
   Curl_initinfo(data);
 #ifndef CURL_DISABLE_HTTP
@@ -1769,22 +1767,19 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data,
     return CURLE_OUT_OF_MEMORY;
 
   if(data->set.str[STRING_DEFAULT_PROTOCOL] &&
-     !Curl_is_absolute_url(data->state.url, NULL, 0, TRUE)) {
+     !Curl_is_absolute_url(Curl_bufref_ptr(&data->state.url), NULL, 0, TRUE)) {
     char *url = curl_maprintf("%s://%s",
                               data->set.str[STRING_DEFAULT_PROTOCOL],
-                              data->state.url);
+                              Curl_bufref_ptr(&data->state.url));
     if(!url)
       return CURLE_OUT_OF_MEMORY;
-    if(data->state.url_alloc)
-      curlx_free(data->state.url);
-    data->state.url = url;
-    data->state.url_alloc = TRUE;
+    Curl_bufref_set(&data->state.url, url, 0, curl_free);
   }
 
   if(!use_set_uh) {
     char *newurl;
-    uc = curl_url_set(uh, CURLUPART_URL, data->state.url, (unsigned int)
-                      (CURLU_GUESS_SCHEME |
+    uc = curl_url_set(uh, CURLUPART_URL, Curl_bufref_ptr(&data->state.url),
+                      (unsigned int) (CURLU_GUESS_SCHEME |
                        CURLU_NON_SUPPORT_SCHEME |
                        (data->set.disallow_username_in_url ?
                         CURLU_DISALLOW_USER : 0) |
@@ -1798,10 +1793,7 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data,
     uc = curl_url_get(uh, CURLUPART_URL, &newurl, 0);
     if(uc)
       return Curl_uc_to_curlcode(uc);
-    if(data->state.url_alloc)
-      curlx_free(data->state.url);
-    data->state.url = newurl;
-    data->state.url_alloc = TRUE;
+    Curl_bufref_set(&data->state.url, newurl, 0, curl_free);
   }
 
   uc = curl_url_get(uh, CURLUPART_SCHEME, &data->state.up.scheme, 0);
@@ -1855,8 +1847,7 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data,
       uc = curl_url_set(uh, CURLUPART_SCHEME, "https", 0);
       if(uc)
         return Curl_uc_to_curlcode(uc);
-      if(data->state.url_alloc)
-        Curl_safefree(data->state.url);
+      Curl_bufref_free(&data->state.url);
       /* after update, get the updated version */
       uc = curl_url_get(uh, CURLUPART_URL, &url, 0);
       if(uc)
@@ -1866,10 +1857,8 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data,
         curlx_free(url);
         return Curl_uc_to_curlcode(uc);
       }
-      data->state.url = url;
-      data->state.url_alloc = TRUE;
-      infof(data, "Switched from HTTP to HTTPS due to HSTS => %s",
-            data->state.url);
+      Curl_bufref_set(&data->state.url, url, 0, curl_free);
+      infof(data, "Switched from HTTP to HTTPS due to HSTS => %s", url);
     }
   }
 #endif
@@ -3396,7 +3385,7 @@ static CURLcode create_conn(struct Curl_easy *data,
   /*************************************************************
    * Check input data
    *************************************************************/
-  if(!data->state.url) {
+  if(!Curl_bufref_ptr(&data->state.url)) {
     result = CURLE_URL_MALFORMAT;
     goto out;
   }
diff --git a/lib/urldata.h b/lib/urldata.h
index aa1326d2a6..554e002020 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -154,6 +154,7 @@ typedef unsigned int curl_prot_t;
 #include "hash.h"
 #include "splay.h"
 #include "curlx/dynbuf.h"
+#include "bufref.h"
 #include "dynhds.h"
 #include "request.h"
 #include "ratelimit.h"
@@ -1025,7 +1026,7 @@ struct UrlState {
   void *in;                      /* CURLOPT_READDATA */
   CURLU *uh; /* URL handle for the current parsed URL */
   struct urlpieces up;
-  char *url;        /* work URL, copied from UserDefined */
+  struct bufref url;        /* work URL, initially copied from UserDefined */
   char *referer;    /* referer string */
   struct curl_slist *resolve; /* set to point to the set.resolve list when
                                  this should be dealt with in pretransfer */
@@ -1122,7 +1123,6 @@ struct UrlState {
 #ifdef CURL_LIST_ONLY_PROTOCOL
   BIT(list_only);      /* list directory contents */
 #endif
-  BIT(url_alloc);   /* URL string is malloc()'ed */
   BIT(referer_alloc); /* referer string is malloc()ed */
   BIT(wildcard_resolve); /* Set to true if any resolve change is a wildcard */
   BIT(upload);         /* upload request */
diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c
index 09b30229f0..cf7b95bf6f 100644
--- a/lib/vquic/curl_ngtcp2.c
+++ b/lib/vquic/curl_ngtcp2.c
@@ -61,6 +61,7 @@
 #include "../select.h"
 #include "../curlx/inet_pton.h"
 #include "../transfer.h"
+#include "../bufref.h"
 #include "vquic.h"
 #include "vquic_int.h"
 #include "vquic-tls.h"
@@ -1631,7 +1632,7 @@ static CURLcode h3_stream_open(struct Curl_cfilter *cf,
 
   if(Curl_trc_is_verbose(data)) {
     infof(data, "[HTTP/3] [%" PRId64 "] OPENED stream for %s",
-          stream->id, data->state.url);
+          stream->id, Curl_bufref_ptr(&data->state.url));
     for(i = 0; i < nheader; ++i) {
       infof(data, "[HTTP/3] [%" PRId64 "] [%.*s: %.*s]", stream->id,
             (int)nva[i].namelen, nva[i].name,
diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c
index ece4ce6ad5..79bd1180dc 100644
--- a/lib/vquic/curl_osslq.c
+++ b/lib/vquic/curl_osslq.c
@@ -54,6 +54,7 @@
 #include "../vtls/openssl.h"
 #include "curl_osslq.h"
 #include "../url.h"
+#include "../bufref.h"
 #include "../curlx/warnless.h"
 #include "../curlx/strerr.h"
 
@@ -1985,7 +1986,7 @@ static CURLcode h3_stream_open(struct Curl_cfilter *cf,
 
   if(Curl_trc_is_verbose(data)) {
     infof(data, "[HTTP/3] [%" PRId64 "] OPENED stream for %s",
-          stream->s.id, data->state.url);
+          stream->s.id, Curl_bufref_ptr(&data->state.url));
     for(i = 0; i < nheader; ++i) {
       infof(data, "[HTTP/3] [%" PRId64 "] [%.*s: %.*s]",
             stream->s.id,
diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c
index 9133110852..a35ffbec65 100644
--- a/lib/vquic/curl_quiche.c
+++ b/lib/vquic/curl_quiche.c
@@ -46,6 +46,7 @@
 #include "curl_quiche.h"
 #include "../transfer.h"
 #include "../url.h"
+#include "../bufref.h"
 #include "../curlx/inet_pton.h"
 #include "../curlx/warnless.h"
 #include "../vtls/openssl.h"
@@ -1023,8 +1024,8 @@ static CURLcode h3_open_stream(struct Curl_cfilter *cf,
       goto out;
     }
     else {
-      CURL_TRC_CF(data, cf, "send_request(%s) -> %" PRId64,
-                  data->state.url, rv);
+      CURL_TRC_CF(data, cf, "send_request(%s) -> %" PRIu64,
+                  Curl_bufref_ptr(&data->state.url), rv);
     }
     result = CURLE_SEND_ERROR;
     goto out;
@@ -1038,7 +1039,7 @@ static CURLcode h3_open_stream(struct Curl_cfilter *cf,
 
   if(Curl_trc_is_verbose(data)) {
     infof(data, "[HTTP/3] [%" PRIu64 "] OPENED stream for %s",
-          stream->id, data->state.url);
+          stream->id, Curl_bufref_ptr(&data->state.url));
     for(i = 0; i < nheader; ++i) {
       infof(data, "[HTTP/3] [%" PRIu64 "] [%.*s: %.*s]", stream->id,
             (int)nva[i].name_len, nva[i].name,

From 2cb868242dc2ac9cd52ee64987ef51d5964a56f9 Mon Sep 17 00:00:00 2001
From: Patrick Monnerat 
Date: Wed, 3 Dec 2025 21:13:52 +0100
Subject: [PATCH 1121/2408] lib: turn state.referer into a struct bufref

Closes #19827
---
 lib/easy.c    | 16 ++++++++++------
 lib/getinfo.c |  2 +-
 lib/http.c    | 15 ++++++---------
 lib/rtsp.c    |  8 +++++---
 lib/setopt.c  |  6 +-----
 lib/url.c     | 13 +++----------
 lib/urldata.h |  3 +--
 7 files changed, 27 insertions(+), 36 deletions(-)

diff --git a/lib/easy.c b/lib/easy.c
index c18fdd09bf..68ec3000f8 100644
--- a/lib/easy.c
+++ b/lib/easy.c
@@ -977,6 +977,7 @@ CURL *curl_easy_duphandle(CURL *d)
                  Curl_hash_str, curlx_str_key_compare, dupeasy_meta_freeentry);
   curlx_dyn_init(&outcurl->state.headerb, CURL_MAX_HTTP_HEADER);
   Curl_bufref_init(&outcurl->state.url);
+  Curl_bufref_init(&outcurl->state.referer);
   Curl_netrc_init(&outcurl->state.netrc);
 
   /* the connection pool is setup on demand */
@@ -1016,16 +1017,19 @@ CURL *curl_easy_duphandle(CURL *d)
   }
 #endif
 
-  if(Curl_bufref_ptr(&data->state.url))
+  if(Curl_bufref_ptr(&data->state.url)) {
     Curl_bufref_set(&outcurl->state.url,
                     curlx_strdup(Curl_bufref_ptr(&data->state.url)), 0,
                     curl_free);
-
-  if(data->state.referer) {
-    outcurl->state.referer = curlx_strdup(data->state.referer);
-    if(!outcurl->state.referer)
+    if(!Curl_bufref_ptr(&outcurl->state.url))
+      goto fail;
+  }
+  if(Curl_bufref_ptr(&data->state.referer)) {
+    Curl_bufref_set(&outcurl->state.referer,
+                    curlx_strdup(Curl_bufref_ptr(&data->state.referer)), 0,
+                    curl_free);
+    if(!Curl_bufref_ptr(&outcurl->state.referer))
       goto fail;
-    outcurl->state.referer_alloc = TRUE;
   }
 
   /* Reinitialize an SSL engine for the new handle
diff --git a/lib/getinfo.c b/lib/getinfo.c
index 59dc198777..82c701e07c 100644
--- a/lib/getinfo.c
+++ b/lib/getinfo.c
@@ -148,7 +148,7 @@ static CURLcode getinfo_char(struct Curl_easy *data, CURLINFO info,
     break;
   case CURLINFO_REFERER:
     /* Return the referrer header for this request, or NULL if unset */
-    *param_charp = data->state.referer;
+    *param_charp = Curl_bufref_ptr(&data->state.referer);
     break;
   case CURLINFO_PRIMARY_IP:
     /* Return the ip address of the most recent (primary) connection */
diff --git a/lib/http.c b/lib/http.c
index ae7458572b..afe37da5b6 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -1235,11 +1235,7 @@ CURLcode Curl_http_follow(struct Curl_easy *data, const char *newurl,
         /* We are asked to automatically set the previous URL as the referer
            when we get the next URL. We pick the ->url field, which may or may
            not be 100% correct */
-
-        if(data->state.referer_alloc) {
-          Curl_safefree(data->state.referer);
-          data->state.referer_alloc = FALSE;
-        }
+        Curl_bufref_free(&data->state.referer);
 
         /* Make a copy of the URL without credentials and fragment */
         u = curl_url();
@@ -1262,8 +1258,7 @@ CURLcode Curl_http_follow(struct Curl_easy *data, const char *newurl,
         if(uc || !referer)
           return CURLE_OUT_OF_MEMORY;
 
-        data->state.referer = referer;
-        data->state.referer_alloc = TRUE; /* yes, free this later */
+        Curl_bufref_set(&data->state.referer, referer, 0, curl_free);
       }
     }
   }
@@ -2867,8 +2862,10 @@ static CURLcode http_add_hd(struct Curl_easy *data,
 
   case H1_HD_REFERER:
     Curl_safefree(data->state.aptr.ref);
-    if(data->state.referer && !Curl_checkheaders(data, STRCONST("Referer")))
-      result = curlx_dyn_addf(req, "Referer: %s\r\n", data->state.referer);
+    if(Curl_bufref_ptr(&data->state.referer) &&
+       !Curl_checkheaders(data, STRCONST("Referer")))
+      result = curlx_dyn_addf(req, "Referer: %s\r\n",
+                              Curl_bufref_ptr(&data->state.referer));
     break;
 
 #ifndef CURL_DISABLE_PROXY
diff --git a/lib/rtsp.c b/lib/rtsp.c
index ee5d822a54..0a807899f9 100644
--- a/lib/rtsp.c
+++ b/lib/rtsp.c
@@ -40,6 +40,7 @@
 #include "connect.h"
 #include "cfilters.h"
 #include "strdup.h"
+#include "bufref.h"
 #include "curlx/strparse.h"
 
 
@@ -536,9 +537,10 @@ static CURLcode rtsp_do(struct Curl_easy *data, bool *done)
 
   /* Referrer */
   Curl_safefree(data->state.aptr.ref);
-  if(data->state.referer && !Curl_checkheaders(data, STRCONST("Referer")))
-    data->state.aptr.ref = curl_maprintf("Referer: %s\r\n",
-                                         data->state.referer);
+  if(Curl_bufref_ptr(&data->state.referer) &&
+     !Curl_checkheaders(data, STRCONST("Referer")))
+    data->state.aptr.ref =
+      curl_maprintf("Referer: %s\r\n", Curl_bufref_ptr(&data->state.referer));
 
   p_referrer = data->state.aptr.ref;
 
diff --git a/lib/setopt.c b/lib/setopt.c
index bcaf3fc2ae..476506dad4 100644
--- a/lib/setopt.c
+++ b/lib/setopt.c
@@ -1754,12 +1754,8 @@ static CURLcode setopt_cptr(struct Curl_easy *data, CURLoption option,
     /*
      * String to set in the HTTP Referer: field.
      */
-    if(data->state.referer_alloc) {
-      Curl_safefree(data->state.referer);
-      data->state.referer_alloc = FALSE;
-    }
     result = Curl_setstropt(&s->str[STRING_SET_REFERER], ptr);
-    data->state.referer = s->str[STRING_SET_REFERER];
+    Curl_bufref_set(&data->state.referer, s->str[STRING_SET_REFERER], 0, NULL);
     break;
 
   case CURLOPT_USERAGENT:
diff --git a/lib/url.c b/lib/url.c
index 65161d7e24..64ad16a1ae 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -180,11 +180,7 @@ void Curl_freeset(struct Curl_easy *data)
     Curl_safefree(data->set.blobs[j]);
   }
 
-  if(data->state.referer_alloc) {
-    Curl_safefree(data->state.referer);
-    data->state.referer_alloc = FALSE;
-  }
-  data->state.referer = NULL;
+  Curl_bufref_free(&data->state.referer);
   Curl_bufref_free(&data->state.url);
 
   Curl_mime_cleanpart(&data->set.mimepost);
@@ -271,11 +267,7 @@ CURLcode Curl_close(struct Curl_easy **datap)
   Curl_safefree(data->state.first_host);
   Curl_ssl_free_certinfo(data);
 
-  if(data->state.referer_alloc) {
-    Curl_safefree(data->state.referer);
-    data->state.referer_alloc = FALSE;
-  }
-  data->state.referer = NULL;
+  Curl_bufref_free(&data->state.referer);
 
   up_free(data);
   curlx_dyn_free(&data->state.headerb);
@@ -514,6 +506,7 @@ CURLcode Curl_open(struct Curl_easy **curl)
                  Curl_hash_str, curlx_str_key_compare, easy_meta_freeentry);
   curlx_dyn_init(&data->state.headerb, CURL_MAX_HTTP_HEADER);
   Curl_bufref_init(&data->state.url);
+  Curl_bufref_init(&data->state.referer);
   Curl_req_init(&data->req);
   Curl_initinfo(data);
 #ifndef CURL_DISABLE_HTTP
diff --git a/lib/urldata.h b/lib/urldata.h
index 554e002020..76aefec01e 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -1027,7 +1027,7 @@ struct UrlState {
   CURLU *uh; /* URL handle for the current parsed URL */
   struct urlpieces up;
   struct bufref url;        /* work URL, initially copied from UserDefined */
-  char *referer;    /* referer string */
+  struct bufref referer;    /* referer string */
   struct curl_slist *resolve; /* set to point to the set.resolve list when
                                  this should be dealt with in pretransfer */
 #ifndef CURL_DISABLE_HTTP
@@ -1123,7 +1123,6 @@ struct UrlState {
 #ifdef CURL_LIST_ONLY_PROTOCOL
   BIT(list_only);      /* list directory contents */
 #endif
-  BIT(referer_alloc); /* referer string is malloc()ed */
   BIT(wildcard_resolve); /* Set to true if any resolve change is a wildcard */
   BIT(upload);         /* upload request */
   BIT(internal); /* internal: true if this easy handle was created for

From fe7703a0b398458eea2023ae802320eb1c5e401e Mon Sep 17 00:00:00 2001
From: Patrick Monnerat 
Date: Wed, 3 Dec 2025 21:52:33 +0100
Subject: [PATCH 1122/2408] formdata: use struct bufref for maybe-dynamic
 fields.

Lengths are not stored in the structures, as they may be given before
the data locations.

Closes #19827
---
 lib/formdata.c | 326 +++++++++++++++++++++----------------------------
 lib/formdata.h |  24 ++--
 2 files changed, 148 insertions(+), 202 deletions(-)

diff --git a/lib/formdata.c b/lib/formdata.c
index e51bf14b63..880f804dc6 100644
--- a/lib/formdata.c
+++ b/lib/formdata.c
@@ -37,6 +37,7 @@ struct Curl_easy;
 #include "sendf.h"
 #include "strdup.h"
 #include "rand.h"
+#include "bufref.h"
 #include "curlx/fopen.h"
 #include "curlx/warnless.h"
 
@@ -66,23 +67,23 @@ static struct curl_httppost *AddHttpPost(struct FormInfo *src,
 {
   struct curl_httppost *post;
   size_t namelength = src->namelength;
-  if(!namelength && src->name)
-    namelength = strlen(src->name);
+  if(!namelength && Curl_bufref_ptr(&src->name))
+    namelength = strlen(Curl_bufref_ptr(&src->name));
   if((src->bufferlength > LONG_MAX) || (namelength > LONG_MAX))
     /* avoid overflow in typecasts below */
     return NULL;
   post = curlx_calloc(1, sizeof(struct curl_httppost));
   if(post) {
-    post->name = src->name;
+    post->name = CURL_UNCONST(Curl_bufref_ptr(&src->name));
     post->namelength = (long)namelength;
-    post->contents = src->value;
+    post->contents = CURL_UNCONST(Curl_bufref_ptr(&src->value));
     post->contentlen = src->contentslength;
     post->buffer = src->buffer;
     post->bufferlength = (long)src->bufferlength;
-    post->contenttype = src->contenttype;
+    post->contenttype = CURL_UNCONST(Curl_bufref_ptr(&src->contenttype));
     post->flags = src->flags | CURL_HTTPPOST_LARGE;
     post->contentheader = src->contentheader;
-    post->showfilename = src->showfilename;
+    post->showfilename = CURL_UNCONST(Curl_bufref_ptr(&src->showfilename));
     post->userp = src->userp;
   }
   else
@@ -107,60 +108,63 @@ static struct curl_httppost *AddHttpPost(struct FormInfo *src,
   return post;
 }
 
-/***************************************************************************
- *
- * AddFormInfo()
- *
- * Adds a FormInfo structure to the list presented by parent_form_info.
- *
- * Returns newly allocated FormInfo on success and NULL if malloc failed/
- * parent_form_info is NULL.
- *
- ***************************************************************************/
-static struct FormInfo *AddFormInfo(char *value,
-                                    char *contenttype,
-                                    struct FormInfo *parent_form_info)
+/* Allocate and initialize a new FormInfo structure. */
+static struct FormInfo *NewFormInfo(void)
 {
-  struct FormInfo *form_info;
-  form_info = curlx_calloc(1, sizeof(struct FormInfo));
-  if(!form_info)
-    return NULL;
-  if(value)
-    form_info->value = value;
-  if(contenttype)
-    form_info->contenttype = contenttype;
-  form_info->flags = HTTPPOST_FILENAME;
+  struct FormInfo *form_info = curlx_calloc(1, sizeof(struct FormInfo));
 
-  if(parent_form_info) {
-    /* now, point our 'more' to the original 'more' */
-    form_info->more = parent_form_info->more;
-
-    /* then move the original 'more' to point to ourselves */
-    parent_form_info->more = form_info;
+  if(form_info) {
+    Curl_bufref_init(&form_info->name);
+    Curl_bufref_init(&form_info->value);
+    Curl_bufref_init(&form_info->contenttype);
+    Curl_bufref_init(&form_info->showfilename);
   }
 
   return form_info;
 }
 
+/* Replace the target field data by a dynamic copy of it. */
+static CURLcode FormInfoCopyField(struct bufref *field, size_t len)
+{
+  const char *value = Curl_bufref_ptr(field);
+  CURLcode result = CURLE_OK;
+
+  if(value) {
+    if(!len)
+      len = strlen(value);
+    result = Curl_bufref_memdup(field, value, len);
+  }
+
+  return result;
+}
+
+/***************************************************************************
+ *
+ * AddFormInfo()
+ *
+ * Adds a FormInfo structure to the list presented by parent.
+ *
+ ***************************************************************************/
+static void AddFormInfo(struct FormInfo *form_info, struct FormInfo *parent)
+{
+  form_info->flags |= HTTPPOST_FILENAME;
+
+  if(parent) {
+    /* now, point our 'more' to the original 'more' */
+    form_info->more = parent->more;
+
+    /* then move the original 'more' to point to ourselves */
+    parent->more = form_info;
+  }
+}
+
 static void free_formlist(struct FormInfo *ptr)
 {
   for(; ptr != NULL; ptr = ptr->more) {
-    if(ptr->name_alloc) {
-      Curl_safefree(ptr->name);
-      ptr->name_alloc = FALSE;
-    }
-    if(ptr->value_alloc) {
-      Curl_safefree(ptr->value);
-      ptr->value_alloc = FALSE;
-    }
-    if(ptr->contenttype_alloc) {
-      Curl_safefree(ptr->contenttype);
-      ptr->contenttype_alloc = FALSE;
-    }
-    if(ptr->showfilename_alloc) {
-      Curl_safefree(ptr->showfilename);
-      ptr->showfilename_alloc = FALSE;
-    }
+    Curl_bufref_free(&ptr->name);
+    Curl_bufref_free(&ptr->value);
+    Curl_bufref_free(&ptr->contenttype);
+    Curl_bufref_free(&ptr->showfilename);
   }
 }
 
@@ -227,7 +231,9 @@ static CURLFORMcode FormAddCheck(struct FormInfo *first_form,
    * alright add the HttpPost item otherwise set retval accordingly */
 
   for(form = first_form; form != NULL; form = form->more) {
-    if(((!form->name || !form->value) && !post) ||
+    const char *name = Curl_bufref_ptr(&form->name);
+
+    if(((!name || !Curl_bufref_ptr(&form->value)) && !post) ||
        (form->contentslength &&
         (form->flags & HTTPPOST_FILENAME)) ||
        ((form->flags & HTTPPOST_FILENAME) &&
@@ -244,62 +250,42 @@ static CURLFORMcode FormAddCheck(struct FormInfo *first_form,
     }
     if(((form->flags & HTTPPOST_FILENAME) ||
         (form->flags & HTTPPOST_BUFFER)) &&
-       !form->contenttype) {
-      char *f = (form->flags & HTTPPOST_BUFFER) ?
-        form->showfilename : form->value;
-      char const *type;
-      type = Curl_mime_contenttype(f);
+       !Curl_bufref_ptr(&form->contenttype)) {
+      const char *f = Curl_bufref_ptr((form->flags & HTTPPOST_BUFFER) ?
+                                       &form->showfilename : &form->value);
+      const char *type = Curl_mime_contenttype(f);
       if(!type)
         type = prevtype;
       if(!type)
         type = FILE_CONTENTTYPE_DEFAULT;
 
       /* our contenttype is missing */
-      form->contenttype = curlx_strdup(type);
-      if(!form->contenttype)
+      if(Curl_bufref_memdup(&form->contenttype, type, strlen(type)))
         return CURL_FORMADD_MEMORY;
-
-      form->contenttype_alloc = TRUE;
     }
-    if(form->name && form->namelength) {
-      if(memchr(form->name, 0, form->namelength))
+    if(name && form->namelength) {
+      if(memchr(name, 0, form->namelength))
         return CURL_FORMADD_NULL;
     }
-    if(!(form->flags & HTTPPOST_PTRNAME) && form->name) {
+    if(!(form->flags & HTTPPOST_PTRNAME)) {
       /* Note that there is small risk that form->name is NULL here if the app
          passed in a bad combo, so we check for that. */
-
-      /* copy name (without strdup; possibly not null-terminated) */
-      char *dupname = Curl_memdup0(form->name, form->namelength ?
-                                   form->namelength : strlen(form->name));
-      if(!dupname)
+      if(FormInfoCopyField(&form->name, form->namelength))
         return CURL_FORMADD_MEMORY;
-
-      form->name = dupname;
-      form->name_alloc = TRUE;
     }
     if(!(form->flags & (HTTPPOST_FILENAME | HTTPPOST_READFILE |
                         HTTPPOST_PTRCONTENTS | HTTPPOST_PTRBUFFER |
-                        HTTPPOST_CALLBACK)) && form->value) {
-      /* copy value (without strdup; possibly contains null characters) */
-      size_t clen = (size_t)form->contentslength;
-      if(!clen)
-        clen = strlen(form->value) + 1;
-
-      form->value = Curl_memdup(form->value, clen);
-
-      if(!form->value)
+                        HTTPPOST_CALLBACK))) {
+      if(FormInfoCopyField(&form->value, (size_t) form->contentslength))
         return CURL_FORMADD_MEMORY;
-
-      form->value_alloc = TRUE;
     }
     post = AddHttpPost(form, post, httppost, last_post);
 
     if(!post)
       return CURL_FORMADD_MEMORY;
 
-    if(form->contenttype)
-      prevtype = form->contenttype;
+    if(Curl_bufref_ptr(&form->contenttype))
+      prevtype = Curl_bufref_ptr(&form->contenttype);
   }
 
   return CURL_FORMADD_OK;
@@ -329,15 +315,17 @@ static CURLFORMcode FormAdd(struct curl_httppost **httppost,
   struct curl_httppost *newchain = NULL;
   struct curl_httppost *lastnode = NULL;
 
-  /* This is a state variable, that if TRUE means that we are parsing an
-     array that we got passed to us. If FALSE we are parsing the input
-     va_list arguments. */
-  bool array_state = FALSE;
+#define form_ptr_arg(t) (forms ? (t) (void *) avalue : va_arg(params, t))
+#ifdef HAVE_STDINT_H
+#define form_int_arg(t) (forms ? (t) (uintptr_t) avalue : va_arg(params, t))
+#else
+#define form_int_arg(t) (forms ? (t) (void *) avalue : va_arg(params, t))
+#endif
 
   /*
    * We need to allocate the first struct to fill in.
    */
-  first_form = curlx_calloc(1, sizeof(struct FormInfo));
+  first_form = NewFormInfo();
   if(!first_form)
     return CURL_FORMADD_MEMORY;
 
@@ -349,7 +337,7 @@ static CURLFORMcode FormAdd(struct curl_httppost **httppost,
   while(retval == CURL_FORMADD_OK) {
 
     /* first see if we have more parts of the array param */
-    if(array_state && forms) {
+    if(forms) {
       /* get the upcoming option from the given array */
       option = forms->option;
       avalue = (char *)CURL_UNCONST(forms->value);
@@ -357,7 +345,7 @@ static CURLFORMcode FormAdd(struct curl_httppost **httppost,
       forms++; /* advance this to next entry */
       if(CURLFORM_END == option) {
         /* end of array state */
-        array_state = FALSE;
+        forms = NULL;
         continue;
       }
     }
@@ -372,14 +360,12 @@ static CURLFORMcode FormAdd(struct curl_httppost **httppost,
 
     switch(option) {
     case CURLFORM_ARRAY:
-      if(array_state)
+      if(forms)
         /* we do not support an array from within an array */
         retval = CURL_FORMADD_ILLEGAL_ARRAY;
       else {
         forms = va_arg(params, struct curl_forms *);
-        if(forms)
-          array_state = TRUE;
-        else
+        if(!forms)
           retval = CURL_FORMADD_NULL;
       }
       break;
@@ -388,17 +374,15 @@ static CURLFORMcode FormAdd(struct curl_httppost **httppost,
        * Set the Name property.
        */
     case CURLFORM_PTRNAME:
-      curr->flags |= HTTPPOST_PTRNAME; /* fall through */
-
+      curr->flags |= HTTPPOST_PTRNAME;
       FALLTHROUGH();
     case CURLFORM_COPYNAME:
-      if(curr->name)
+      if(Curl_bufref_ptr(&curr->name))
         retval = CURL_FORMADD_OPTION_TWICE;
       else {
-        if(!array_state)
-          avalue = va_arg(params, char *);
+        avalue = form_ptr_arg(char *);
         if(avalue)
-          curr->name = avalue; /* store for the moment */
+          Curl_bufref_set(&curr->name, avalue, 0, NULL); /* No copy yet. */
         else
           retval = CURL_FORMADD_NULL;
       }
@@ -407,8 +391,7 @@ static CURLFORMcode FormAdd(struct curl_httppost **httppost,
       if(curr->namelength)
         retval = CURL_FORMADD_OPTION_TWICE;
       else
-        curr->namelength =
-          array_state ? (size_t)avalue : (size_t)va_arg(params, long);
+        curr->namelength = (size_t) form_int_arg(long);
       break;
 
       /*
@@ -418,26 +401,23 @@ static CURLFORMcode FormAdd(struct curl_httppost **httppost,
       curr->flags |= HTTPPOST_PTRCONTENTS;
       FALLTHROUGH();
     case CURLFORM_COPYCONTENTS:
-      if(curr->value)
+      if(Curl_bufref_ptr(&curr->value))
         retval = CURL_FORMADD_OPTION_TWICE;
       else {
-        if(!array_state)
-          avalue = va_arg(params, char *);
+        avalue = form_ptr_arg(char *);
         if(avalue)
-          curr->value = avalue; /* store for the moment */
+          Curl_bufref_set(&curr->value, avalue, 0, NULL); /* No copy yet. */
         else
           retval = CURL_FORMADD_NULL;
       }
       break;
     case CURLFORM_CONTENTSLENGTH:
-      curr->contentslength =
-        array_state ? (size_t)avalue : (size_t)va_arg(params, long);
+      curr->contentslength = (curl_off_t)(size_t) form_int_arg(long);
       break;
 
     case CURLFORM_CONTENTLEN:
       curr->flags |= CURL_HTTPPOST_LARGE;
-      curr->contentslength =
-        array_state ? (curl_off_t)(size_t)avalue : va_arg(params, curl_off_t);
+      curr->contentslength = form_int_arg(curl_off_t);
       break;
 
       /* Get contents from a given filename */
@@ -445,16 +425,12 @@ static CURLFORMcode FormAdd(struct curl_httppost **httppost,
       if(curr->flags & (HTTPPOST_PTRCONTENTS | HTTPPOST_READFILE))
         retval = CURL_FORMADD_OPTION_TWICE;
       else {
-        if(!array_state)
-          avalue = va_arg(params, char *);
+        avalue = form_ptr_arg(char *);
         if(avalue) {
-          curr->value = curlx_strdup(avalue);
-          if(!curr->value)
+          if(Curl_bufref_memdup(&curr->value, avalue, strlen(avalue)))
             retval = CURL_FORMADD_MEMORY;
-          else {
+          else
             curr->flags |= HTTPPOST_READFILE;
-            curr->value_alloc = TRUE;
-          }
         }
         else
           retval = CURL_FORMADD_NULL;
@@ -463,26 +439,20 @@ static CURLFORMcode FormAdd(struct curl_httppost **httppost,
 
       /* We upload a file */
     case CURLFORM_FILE:
-      if(!array_state)
-        avalue = va_arg(params, char *);
-
-      if(curr->value) {
+      avalue = form_ptr_arg(char *);
+      if(Curl_bufref_ptr(&curr->value)) {
         if(curr->flags & HTTPPOST_FILENAME) {
           if(avalue) {
-            char *fname = curlx_strdup(avalue);
-            if(!fname)
+            form = NewFormInfo();
+            if(!form ||
+               Curl_bufref_memdup(&form->value, avalue, strlen(avalue))) {
+              curlx_free(form);
               retval = CURL_FORMADD_MEMORY;
+            }
             else {
-              form = AddFormInfo(fname, NULL, curr);
-              if(!form) {
-                curlx_free(fname);
-                retval = CURL_FORMADD_MEMORY;
-              }
-              else {
-                form->value_alloc = TRUE;
-                curr = form;
-                form = NULL;
-              }
+              AddFormInfo(form, curr);
+              curr = form;
+              form = NULL;
             }
           }
           else
@@ -493,13 +463,10 @@ static CURLFORMcode FormAdd(struct curl_httppost **httppost,
       }
       else {
         if(avalue) {
-          curr->value = curlx_strdup(avalue);
-          if(!curr->value)
+          if(Curl_bufref_memdup(&curr->value, avalue, strlen(avalue)))
             retval = CURL_FORMADD_MEMORY;
-          else {
+          else
             curr->flags |= HTTPPOST_FILENAME;
-            curr->value_alloc = TRUE;
-          }
         }
         else
           retval = CURL_FORMADD_NULL;
@@ -511,12 +478,11 @@ static CURLFORMcode FormAdd(struct curl_httppost **httppost,
       if(curr->buffer)
         retval = CURL_FORMADD_OPTION_TWICE;
       else {
-        if(!array_state)
-          avalue = va_arg(params, char *);
+        avalue = form_ptr_arg(char *);
         if(avalue) {
           curr->buffer = avalue; /* store for the moment */
-          curr->value = avalue; /* make it non-NULL to be accepted
-                                           as fine */
+          /* Make value non-NULL to be accepted as fine */
+          Curl_bufref_set(&curr->value, avalue, 0, NULL);
         }
         else
           retval = CURL_FORMADD_NULL;
@@ -527,8 +493,7 @@ static CURLFORMcode FormAdd(struct curl_httppost **httppost,
       if(curr->bufferlength)
         retval = CURL_FORMADD_OPTION_TWICE;
       else
-        curr->bufferlength =
-          array_state ? (size_t)avalue : (size_t)va_arg(params, long);
+        curr->bufferlength = (size_t) form_int_arg(long);
       break;
 
     case CURLFORM_STREAM:
@@ -536,14 +501,13 @@ static CURLFORMcode FormAdd(struct curl_httppost **httppost,
       if(curr->userp)
         retval = CURL_FORMADD_OPTION_TWICE;
       else {
-        if(!array_state)
-          avalue = va_arg(params, char *);
+        avalue = form_ptr_arg(char *);
         if(avalue) {
           curr->userp = avalue;
-          curr->value = avalue; /* this is not strictly true but we derive a
-                                   value from this later on and we need this
-                                   non-NULL to be accepted as a fine form
-                                   part */
+          /* The following line is not strictly true but we derive a value
+             from this later on and we need this non-NULL to be accepted as
+             a fine form part */
+          Curl_bufref_set(&curr->value, avalue, 0, NULL);
         }
         else
           retval = CURL_FORMADD_NULL;
@@ -551,25 +515,20 @@ static CURLFORMcode FormAdd(struct curl_httppost **httppost,
       break;
 
     case CURLFORM_CONTENTTYPE:
-      if(!array_state)
-        avalue = va_arg(params, char *);
-      if(curr->contenttype) {
+      avalue = form_ptr_arg(char *);
+      if(Curl_bufref_ptr(&curr->contenttype)) {
         if(curr->flags & HTTPPOST_FILENAME) {
           if(avalue) {
-            char *type = curlx_strdup(avalue);
-            if(!type)
+            form = NewFormInfo();
+            if(!form || Curl_bufref_memdup(&form->contenttype, avalue,
+                                           strlen(avalue))) {
+              curlx_free(form);
               retval = CURL_FORMADD_MEMORY;
+            }
             else {
-              form = AddFormInfo(NULL, type, curr);
-              if(!form) {
-                curlx_free(type);
-                retval = CURL_FORMADD_MEMORY;
-              }
-              else {
-                form->contenttype_alloc = TRUE;
-                curr = form;
-                form = NULL;
-              }
+              AddFormInfo(form, curr);
+              curr = form;
+              form = NULL;
             }
           }
           else
@@ -578,25 +537,18 @@ static CURLFORMcode FormAdd(struct curl_httppost **httppost,
         else
           retval = CURL_FORMADD_OPTION_TWICE;
       }
-      else {
-        if(avalue) {
-          curr->contenttype = curlx_strdup(avalue);
-          if(!curr->contenttype)
-            retval = CURL_FORMADD_MEMORY;
-          else
-            curr->contenttype_alloc = TRUE;
-        }
-        else
-          retval = CURL_FORMADD_NULL;
+      else if(avalue) {
+        if(Curl_bufref_memdup(&curr->contenttype, avalue, strlen(avalue)))
+          retval = CURL_FORMADD_MEMORY;
       }
+      else
+        retval = CURL_FORMADD_NULL;
       break;
 
     case CURLFORM_CONTENTHEADER: {
       /* this "cast increases required alignment of target type" but
          we consider it OK anyway */
-      struct curl_slist *list = array_state ?
-        (struct curl_slist *)(void *)avalue :
-        va_arg(params, struct curl_slist *);
+      struct curl_slist *list = form_ptr_arg(struct curl_slist *);
 
       if(curr->contentheader)
         retval = CURL_FORMADD_OPTION_TWICE;
@@ -607,17 +559,11 @@ static CURLFORMcode FormAdd(struct curl_httppost **httppost,
     }
     case CURLFORM_FILENAME:
     case CURLFORM_BUFFER:
-      if(!array_state)
-        avalue = va_arg(params, char *);
-      if(curr->showfilename)
+      avalue = form_ptr_arg(char *);
+      if(Curl_bufref_ptr(&curr->showfilename))
         retval = CURL_FORMADD_OPTION_TWICE;
-      else {
-        curr->showfilename = curlx_strdup(avalue);
-        if(!curr->showfilename)
-          retval = CURL_FORMADD_MEMORY;
-        else
-          curr->showfilename_alloc = TRUE;
-      }
+      else if(Curl_bufref_memdup(&curr->showfilename, avalue, strlen(avalue)))
+        retval = CURL_FORMADD_MEMORY;
       break;
 
     default:
@@ -656,6 +602,8 @@ static CURLFORMcode FormAdd(struct curl_httppost **httppost,
     free_chain(newchain);
 
   return retval;
+#undef form_ptr_arg
+#undef form_int_arg
 }
 
 /*
diff --git a/lib/formdata.h b/lib/formdata.h
index e80b83bbf4..4ece7d06e7 100644
--- a/lib/formdata.h
+++ b/lib/formdata.h
@@ -28,25 +28,23 @@
 
 #ifndef CURL_DISABLE_FORM_API
 
+#include "bufref.h"
+
 /* used by FormAdd for temporary storage */
 struct FormInfo {
-  char *name;
-  size_t namelength;
-  char *value;
-  curl_off_t contentslength;
-  char *contenttype;
+  struct bufref name;
+  struct bufref value;
+  struct bufref contenttype;
+  struct bufref showfilename; /* The filename to show. If not set, the actual
+                                 filename will be used */
   char *buffer;      /* pointer to existing buffer used for file upload */
-  size_t bufferlength;
-  char *showfilename; /* The filename to show. If not set, the actual
-                         filename will be used */
   char *userp;        /* pointer for the read callback */
-  struct curl_slist *contentheader;
   struct FormInfo *more;
+  struct curl_slist *contentheader;
+  curl_off_t contentslength;
+  size_t namelength;
+  size_t bufferlength;
   unsigned char flags;
-  BIT(name_alloc);
-  BIT(value_alloc);
-  BIT(contenttype_alloc);
-  BIT(showfilename_alloc);
 };
 
 CURLcode Curl_getformdata(CURL *data,

From 1def38003299bf0fbbaf8b5ed34422205166d085 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Thu, 4 Dec 2025 16:20:25 +0100
Subject: [PATCH 1123/2408] bufref: rename *memdup() to *memdup0()

To make it clearer to readers of the code that the resulting dup also
has a null terminator. Something a "normal" memdup() does not provide.

Closes #19833
---
 docs/internals/BUFREF.md |  5 +++--
 lib/bufref.c             |  2 +-
 lib/bufref.h             |  2 +-
 lib/formdata.c           | 16 ++++++++--------
 lib/vauth/krb5_gssapi.c  |  4 ++--
 lib/vauth/krb5_sspi.c    |  2 +-
 lib/vauth/ntlm.c         |  2 +-
 lib/vauth/ntlm_sspi.c    |  2 +-
 tests/unit/unit1661.c    |  4 ++--
 9 files changed, 20 insertions(+), 19 deletions(-)

diff --git a/docs/internals/BUFREF.md b/docs/internals/BUFREF.md
index 686a092aec..cd101f08a9 100644
--- a/docs/internals/BUFREF.md
+++ b/docs/internals/BUFREF.md
@@ -54,10 +54,11 @@ specified as `NULL`: this is the case when the referenced buffer is static.
 
 if `buffer` is NULL, `length` must be zero.
 
-## `memdup`
+## `memdup0`
 
 ```c
-CURLcode Curl_bufref_memdup(struct bufref *br, const void *data, size_t length);
+CURLcode Curl_bufref_memdup0(struct bufref *br, const void *data,
+                             size_t length);
 ```
 
 Releases the previously referenced buffer, then duplicates the `length`-byte
diff --git a/lib/bufref.c b/lib/bufref.c
index 8dcd3592db..8f52d48d20 100644
--- a/lib/bufref.c
+++ b/lib/bufref.c
@@ -117,7 +117,7 @@ size_t Curl_bufref_len(const struct bufref *br)
   return br->len;
 }
 
-CURLcode Curl_bufref_memdup(struct bufref *br, const void *ptr, size_t len)
+CURLcode Curl_bufref_memdup0(struct bufref *br, const void *ptr, size_t len)
 {
   unsigned char *cpy = NULL;
 
diff --git a/lib/bufref.h b/lib/bufref.h
index b8ffe38347..abf1d617df 100644
--- a/lib/bufref.h
+++ b/lib/bufref.h
@@ -42,7 +42,7 @@ void Curl_bufref_set(struct bufref *br, const void *ptr, size_t len,
 const char *Curl_bufref_ptr(const struct bufref *br);
 const unsigned char *Curl_bufref_uptr(const struct bufref *br);
 size_t Curl_bufref_len(const struct bufref *br);
-CURLcode Curl_bufref_memdup(struct bufref *br, const void *ptr, size_t len);
+CURLcode Curl_bufref_memdup0(struct bufref *br, const void *ptr, size_t len);
 void Curl_bufref_free(struct bufref *br);
 
 #endif
diff --git a/lib/formdata.c b/lib/formdata.c
index 880f804dc6..d5f6776a3d 100644
--- a/lib/formdata.c
+++ b/lib/formdata.c
@@ -132,7 +132,7 @@ static CURLcode FormInfoCopyField(struct bufref *field, size_t len)
   if(value) {
     if(!len)
       len = strlen(value);
-    result = Curl_bufref_memdup(field, value, len);
+    result = Curl_bufref_memdup0(field, value, len);
   }
 
   return result;
@@ -260,7 +260,7 @@ static CURLFORMcode FormAddCheck(struct FormInfo *first_form,
         type = FILE_CONTENTTYPE_DEFAULT;
 
       /* our contenttype is missing */
-      if(Curl_bufref_memdup(&form->contenttype, type, strlen(type)))
+      if(Curl_bufref_memdup0(&form->contenttype, type, strlen(type)))
         return CURL_FORMADD_MEMORY;
     }
     if(name && form->namelength) {
@@ -427,7 +427,7 @@ static CURLFORMcode FormAdd(struct curl_httppost **httppost,
       else {
         avalue = form_ptr_arg(char *);
         if(avalue) {
-          if(Curl_bufref_memdup(&curr->value, avalue, strlen(avalue)))
+          if(Curl_bufref_memdup0(&curr->value, avalue, strlen(avalue)))
             retval = CURL_FORMADD_MEMORY;
           else
             curr->flags |= HTTPPOST_READFILE;
@@ -445,7 +445,7 @@ static CURLFORMcode FormAdd(struct curl_httppost **httppost,
           if(avalue) {
             form = NewFormInfo();
             if(!form ||
-               Curl_bufref_memdup(&form->value, avalue, strlen(avalue))) {
+               Curl_bufref_memdup0(&form->value, avalue, strlen(avalue))) {
               curlx_free(form);
               retval = CURL_FORMADD_MEMORY;
             }
@@ -463,7 +463,7 @@ static CURLFORMcode FormAdd(struct curl_httppost **httppost,
       }
       else {
         if(avalue) {
-          if(Curl_bufref_memdup(&curr->value, avalue, strlen(avalue)))
+          if(Curl_bufref_memdup0(&curr->value, avalue, strlen(avalue)))
             retval = CURL_FORMADD_MEMORY;
           else
             curr->flags |= HTTPPOST_FILENAME;
@@ -520,7 +520,7 @@ static CURLFORMcode FormAdd(struct curl_httppost **httppost,
         if(curr->flags & HTTPPOST_FILENAME) {
           if(avalue) {
             form = NewFormInfo();
-            if(!form || Curl_bufref_memdup(&form->contenttype, avalue,
+            if(!form || Curl_bufref_memdup0(&form->contenttype, avalue,
                                            strlen(avalue))) {
               curlx_free(form);
               retval = CURL_FORMADD_MEMORY;
@@ -538,7 +538,7 @@ static CURLFORMcode FormAdd(struct curl_httppost **httppost,
           retval = CURL_FORMADD_OPTION_TWICE;
       }
       else if(avalue) {
-        if(Curl_bufref_memdup(&curr->contenttype, avalue, strlen(avalue)))
+        if(Curl_bufref_memdup0(&curr->contenttype, avalue, strlen(avalue)))
           retval = CURL_FORMADD_MEMORY;
       }
       else
@@ -562,7 +562,7 @@ static CURLFORMcode FormAdd(struct curl_httppost **httppost,
       avalue = form_ptr_arg(char *);
       if(Curl_bufref_ptr(&curr->showfilename))
         retval = CURL_FORMADD_OPTION_TWICE;
-      else if(Curl_bufref_memdup(&curr->showfilename, avalue, strlen(avalue)))
+      else if(Curl_bufref_memdup0(&curr->showfilename, avalue, strlen(avalue)))
         retval = CURL_FORMADD_MEMORY;
       break;
 
diff --git a/lib/vauth/krb5_gssapi.c b/lib/vauth/krb5_gssapi.c
index 7ba21a3941..0c069c70d6 100644
--- a/lib/vauth/krb5_gssapi.c
+++ b/lib/vauth/krb5_gssapi.c
@@ -154,7 +154,7 @@ CURLcode Curl_auth_create_gssapi_user_message(struct Curl_easy *data,
   }
 
   if(output_token.value && output_token.length) {
-    result = Curl_bufref_memdup(out, output_token.value, output_token.length);
+    result = Curl_bufref_memdup0(out, output_token.value, output_token.length);
     gss_release_buffer(&unused_status, &output_token);
   }
   else
@@ -285,7 +285,7 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data,
   }
 
   /* Return the response. */
-  result = Curl_bufref_memdup(out, output_token.value, output_token.length);
+  result = Curl_bufref_memdup0(out, output_token.value, output_token.length);
   /* Free the output buffer */
   gss_release_buffer(&unused_status, &output_token);
 
diff --git a/lib/vauth/krb5_sspi.c b/lib/vauth/krb5_sspi.c
index 21636d59ee..32fa44cfcb 100644
--- a/lib/vauth/krb5_sspi.c
+++ b/lib/vauth/krb5_sspi.c
@@ -212,7 +212,7 @@ CURLcode Curl_auth_create_gssapi_user_message(struct Curl_easy *data,
   }
 
   if(resp_buf.cbBuffer) {
-    result = Curl_bufref_memdup(out, resp_buf.pvBuffer, resp_buf.cbBuffer);
+    result = Curl_bufref_memdup0(out, resp_buf.pvBuffer, resp_buf.cbBuffer);
   }
   else if(mutual_auth)
     Curl_bufref_set(out, "", 0, NULL);
diff --git a/lib/vauth/ntlm.c b/lib/vauth/ntlm.c
index 7fd13d8745..70d080f5a4 100644
--- a/lib/vauth/ntlm.c
+++ b/lib/vauth/ntlm.c
@@ -831,7 +831,7 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data,
   size += hostlen;
 
   /* Return the binary blob. */
-  result = Curl_bufref_memdup(out, ntlmbuf, size);
+  result = Curl_bufref_memdup0(out, ntlmbuf, size);
 
 error:
   curlx_free(ntlmv2resp);  /* Free the dynamic buffer allocated for NTLMv2 */
diff --git a/lib/vauth/ntlm_sspi.c b/lib/vauth/ntlm_sspi.c
index e4aad6e24f..dae7248f73 100644
--- a/lib/vauth/ntlm_sspi.c
+++ b/lib/vauth/ntlm_sspi.c
@@ -316,7 +316,7 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data,
   }
 
   /* Return the response. */
-  result = Curl_bufref_memdup(out, ntlm->output_token, type_3_buf.cbBuffer);
+  result = Curl_bufref_memdup0(out, ntlm->output_token, type_3_buf.cbBuffer);
   Curl_auth_cleanup_ntlm(ntlm);
   return result;
 }
diff --git a/tests/unit/unit1661.c b/tests/unit/unit1661.c
index 569b06760b..7f8d1aa76a 100644
--- a/tests/unit/unit1661.c
+++ b/tests/unit/unit1661.c
@@ -87,9 +87,9 @@ static CURLcode test_unit1661(const char *arg)
   fail_unless(Curl_bufref_len(&bufref) == 13, "Wrong data size returned");
 
   /**
-   * testing Curl_bufref_memdup
+   * testing Curl_bufref_memdup0
    */
-  res = Curl_bufref_memdup(&bufref, "1661", 3);
+  res = Curl_bufref_memdup0(&bufref, "1661", 3);
   abort_unless(res == CURLE_OK, curl_easy_strerror(res));
   fail_unless(freecount == 1, "Destructor not called");
   fail_unless((const char *)bufref.ptr != buffer, "Returned pointer not set");

From d7928029fc0a31df03473d5ca9e13b732357febc Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Thu, 4 Dec 2025 17:15:33 +0100
Subject: [PATCH 1124/2408] connection: attached transfer count

Since we no longer traverse the transfers attached to a connection,
change the sparse bitset to just a `uint32_t` counter.

This makes multi_ev the single user of sparse bitsets for transfers
using a socket and allocation failures are handled there correctly.

Refs #19818
Closes #19836
---
 lib/conncache.c         |  4 ++--
 lib/http2.c             |  2 +-
 lib/multi.c             | 18 +++++++++++-------
 lib/uint-spbset.c       | 14 --------------
 lib/uint-spbset.h       |  3 ---
 lib/url.c               | 15 ++++++---------
 lib/urldata.h           |  7 ++++---
 lib/vquic/curl_ngtcp2.c |  4 ++--
 lib/vquic/curl_osslq.c  |  2 +-
 lib/vquic/curl_quiche.c |  4 ++--
 10 files changed, 29 insertions(+), 44 deletions(-)

diff --git a/lib/conncache.c b/lib/conncache.c
index c50697f177..18b760afe0 100644
--- a/lib/conncache.c
+++ b/lib/conncache.c
@@ -620,7 +620,7 @@ static void cpool_discard_conn(struct cpool *cpool,
   if(CONN_INUSE(conn) && !aborted) {
     CURL_TRC_M(data, "[CPOOL] not discarding #%" FMT_OFF_T
                " still in use by %u transfers", conn->connection_id,
-               CONN_ATTACHED(conn));
+               conn->attached_xfers);
     return;
   }
 
@@ -664,7 +664,7 @@ void Curl_conn_terminate(struct Curl_easy *data,
    * are other users of it */
   if(CONN_INUSE(conn) && !aborted) {
     DEBUGASSERT(0); /* does this ever happen? */
-    DEBUGF(infof(data, "Curl_disconnect when inuse: %u", CONN_ATTACHED(conn)));
+    DEBUGF(infof(data, "conn terminate when inuse: %u", conn->attached_xfers));
     return;
   }
 
diff --git a/lib/http2.c b/lib/http2.c
index df38f82caf..deed6ece7e 100644
--- a/lib/http2.c
+++ b/lib/http2.c
@@ -2786,7 +2786,7 @@ static CURLcode cf_h2_query(struct Curl_cfilter *cf,
     CF_DATA_SAVE(save, cf, data);
     if(!ctx->h2 || !nghttp2_session_check_request_allowed(ctx->h2)) {
       /* the limit is what we have in use right now */
-      effective_max = CONN_ATTACHED(cf->conn);
+      effective_max = cf->conn->attached_xfers;
     }
     else {
       effective_max = ctx->max_concurrent_streams;
diff --git a/lib/multi.c b/lib/multi.c
index 3086d61c74..f87ee012d8 100644
--- a/lib/multi.c
+++ b/lib/multi.c
@@ -607,12 +607,11 @@ static void multi_done_locked(struct connectdata *conn,
 
   Curl_detach_connection(data);
 
-  CURL_TRC_M(data, "multi_done_locked, in use=%u",
-             Curl_uint32_spbset_count(&conn->xfers_attached));
+  CURL_TRC_M(data, "multi_done_locked, in use=%u", conn->attached_xfers);
   if(CONN_INUSE(conn)) {
     /* Stop if still used. */
     CURL_TRC_M(data, "Connection still in use %u, no more multi_done now!",
-               Curl_uint32_spbset_count(&conn->xfers_attached));
+               conn->attached_xfers);
     return;
   }
 
@@ -906,9 +905,13 @@ void Curl_detach_connection(struct Curl_easy *data)
 {
   struct connectdata *conn = data->conn;
   if(conn) {
-    Curl_uint32_spbset_remove(&conn->xfers_attached, data->mid);
-    if(Curl_uint32_spbset_empty(&conn->xfers_attached))
-      conn->attached_multi = NULL;
+    /* this should never happen, prevent underflow */
+    DEBUGASSERT(conn->attached_xfers);
+    if(conn->attached_xfers) {
+      conn->attached_xfers--;
+      if(!conn->attached_xfers)
+        conn->attached_multi = NULL;
+    }
   }
   data->conn = NULL;
 }
@@ -924,8 +927,9 @@ void Curl_attach_connection(struct Curl_easy *data,
   DEBUGASSERT(data);
   DEBUGASSERT(!data->conn);
   DEBUGASSERT(conn);
+  DEBUGASSERT(conn->attached_xfers < UINT32_MAX);
   data->conn = conn;
-  Curl_uint32_spbset_add(&conn->xfers_attached, data->mid);
+  conn->attached_xfers++;
   /* all attached transfers must be from the same multi */
   if(!conn->attached_multi)
     conn->attached_multi = data->multi;
diff --git a/lib/uint-spbset.c b/lib/uint-spbset.c
index 84a893e85f..e27f66fc7b 100644
--- a/lib/uint-spbset.c
+++ b/lib/uint-spbset.c
@@ -61,20 +61,6 @@ uint32_t Curl_uint32_spbset_count(struct uint32_spbset *bset)
   return n;
 }
 
-bool Curl_uint32_spbset_empty(struct uint32_spbset *bset)
-{
-  struct uint32_spbset_chunk *chunk;
-  uint32_t i;
-
-  for(chunk = &bset->head; chunk; chunk = chunk->next) {
-    for(i = 0; i < CURL_UINT32_SPBSET_CH_SLOTS; ++i) {
-      if(chunk->slots[i])
-        return FALSE;
-    }
-  }
-  return TRUE;
-}
-
 UNITTEST void Curl_uint32_spbset_clear(struct uint32_spbset *bset)
 {
   struct uint32_spbset_chunk *next, *chunk;
diff --git a/lib/uint-spbset.h b/lib/uint-spbset.h
index 8c46ce4aa8..0220d05443 100644
--- a/lib/uint-spbset.h
+++ b/lib/uint-spbset.h
@@ -61,9 +61,6 @@ void Curl_uint32_spbset_destroy(struct uint32_spbset *bset);
 /* Get the cardinality of the bitset, e.g. numbers present in the set. */
 uint32_t Curl_uint32_spbset_count(struct uint32_spbset *bset);
 
-/* TRUE of bitset is empty */
-bool Curl_uint32_spbset_empty(struct uint32_spbset *bset);
-
 /* Add the number `i` to the bitset.
  * Numbers can be added more than once, without making a difference.
  * Returns FALSE if allocations failed. */
diff --git a/lib/url.c b/lib/url.c
index 64ad16a1ae..194810553e 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -561,7 +561,6 @@ void Curl_conn_free(struct Curl_easy *data, struct connectdata *conn)
   Curl_safefree(conn->unix_domain_socket);
 #endif
   Curl_safefree(conn->destination);
-  Curl_uint32_spbset_destroy(&conn->xfers_attached);
   Curl_hash_destroy(&conn->meta_hash);
 
   curlx_free(conn); /* free all the connection oriented data */
@@ -893,16 +892,16 @@ static bool url_match_multiplex_limits(struct connectdata *conn,
   if(CONN_INUSE(conn) && m->may_multiplex) {
     DEBUGASSERT(conn->bits.multiplex);
     /* If multiplexed, make sure we do not go over concurrency limit */
-    if(CONN_ATTACHED(conn) >=
+    if(conn->attached_xfers >=
             Curl_multi_max_concurrent_streams(m->data->multi)) {
       infof(m->data, "client side MAX_CONCURRENT_STREAMS reached"
-            ", skip (%u)", CONN_ATTACHED(conn));
+            ", skip (%u)", conn->attached_xfers);
       return FALSE;
     }
-    if(CONN_ATTACHED(conn) >=
+    if(conn->attached_xfers >=
        Curl_conn_get_max_concurrent(m->data, conn, FIRSTSOCKET)) {
       infof(m->data, "MAX_CONCURRENT_STREAMS reached, skip (%u)",
-            CONN_ATTACHED(conn));
+            conn->attached_xfers);
       return FALSE;
     }
     /* When not multiplexed, we have a match here! */
@@ -1343,6 +1342,7 @@ static struct connectdata *allocate_conn(struct Curl_easy *data)
   conn->recv_idx = 0; /* default for receiving transfer data */
   conn->send_idx = 0; /* default for sending transfer data */
   conn->connection_id = -1;    /* no ID */
+  conn->attached_xfers = 0;
   conn->remote_port = -1; /* unknown at this point */
 
   /* Store creation time to help future close decision making */
@@ -1382,9 +1382,6 @@ static struct connectdata *allocate_conn(struct Curl_easy *data)
   conn->connect_only = data->set.connect_only;
   conn->transport_wanted = TRNSPRT_TCP; /* most of them are TCP streams */
 
-  /* Initialize the attached xfers bitset */
-  Curl_uint32_spbset_init(&conn->xfers_attached);
-
   /* Store the local bind parameters that will be used for this connection */
   if(data->set.str[STRING_DEVICE]) {
     conn->localdev = curlx_strdup(data->set.str[STRING_DEVICE]);
@@ -3806,7 +3803,7 @@ CURLcode Curl_connect(struct Curl_easy *data,
     DEBUGASSERT(conn);
     Curl_pgrsTime(data, TIMER_POSTQUEUE);
     if(reused) {
-      if(CONN_ATTACHED(conn) > 1)
+      if(conn->attached_xfers > 1)
         /* multiplexed */
         *protocol_done = TRUE;
     }
diff --git a/lib/urldata.h b/lib/urldata.h
index 76aefec01e..899dfff0f1 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -618,8 +618,7 @@ struct connectdata {
      handle is still used by one or more easy handles and can only used by any
      other easy handle without careful consideration (== only for
      multiplexing) and it cannot be used by another multi handle! */
-#define CONN_INUSE(c) (!Curl_uint32_spbset_empty(&(c)->xfers_attached))
-#define CONN_ATTACHED(c) Curl_uint32_spbset_count(&(c)->xfers_attached)
+#define CONN_INUSE(c) (!!(c)->attached_xfers)
 
   /**** Fields set when inited and not modified again */
   curl_off_t connection_id; /* Contains a unique number to make it easier to
@@ -679,7 +678,6 @@ struct connectdata {
      was used on this connection. */
   struct curltime keepalive;
 
-  struct uint32_spbset xfers_attached; /* mids of attached transfers */
   /* A connection cache from a SHARE might be used in several multi handles.
    * We MUST not reuse connections that are running in another multi,
    * for concurrency reasons. That multi might run in another thread.
@@ -721,6 +719,9 @@ struct connectdata {
   int remote_port; /* the remote port, not the proxy port! */
   int conn_to_port; /* the remote port to connect to. valid only if
                        bits.conn_to_port is set */
+
+  uint32_t attached_xfers; /* # of attached easy handles */
+
 #ifdef USE_IPV6
   unsigned int scope_id;  /* Scope id for IPv6 */
 #endif
diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c
index cf7b95bf6f..690ef252a0 100644
--- a/lib/vquic/curl_ngtcp2.c
+++ b/lib/vquic/curl_ngtcp2.c
@@ -2718,7 +2718,7 @@ static CURLcode cf_ngtcp2_query(struct Curl_cfilter *cf,
     }
     else if(ctx->max_bidi_streams) {
       uint64_t avail_bidi_streams = 0;
-      uint64_t max_streams = CONN_ATTACHED(cf->conn);
+      uint64_t max_streams = cf->conn->attached_xfers;
       if(ctx->max_bidi_streams > ctx->used_bidi_streams)
         avail_bidi_streams = ctx->max_bidi_streams - ctx->used_bidi_streams;
       max_streams += avail_bidi_streams;
@@ -2728,7 +2728,7 @@ static CURLcode cf_ngtcp2_query(struct Curl_cfilter *cf,
       *pres1 = (int)Curl_multi_max_concurrent_streams(data->multi);
     CURL_TRC_CF(data, cf, "query conn[%" FMT_OFF_T "]: "
                 "MAX_CONCURRENT -> %d (%u in use)",
-                cf->conn->connection_id, *pres1, CONN_ATTACHED(cf->conn));
+                cf->conn->connection_id, *pres1, cf->conn->attached_xfers);
     CF_DATA_RESTORE(cf, save);
     return CURLE_OK;
   }
diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c
index 79bd1180dc..73cea21a15 100644
--- a/lib/vquic/curl_osslq.c
+++ b/lib/vquic/curl_osslq.c
@@ -2323,7 +2323,7 @@ static CURLcode cf_osslq_query(struct Curl_cfilter *cf,
       return CURLE_HTTP3;
     }
     /* we report avail + in_use */
-    v += CONN_ATTACHED(cf->conn);
+    v += cf->conn->attached_xfers;
     *pres1 = (v > INT_MAX) ? INT_MAX : (int)v;
 #else
     *pres1 = 100;
diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c
index a35ffbec65..7082d55916 100644
--- a/lib/vquic/curl_quiche.c
+++ b/lib/vquic/curl_quiche.c
@@ -1493,14 +1493,14 @@ static CURLcode cf_quiche_query(struct Curl_cfilter *cf,
 
   switch(query) {
   case CF_QUERY_MAX_CONCURRENT: {
-    uint64_t max_streams = CONN_ATTACHED(cf->conn);
+    uint64_t max_streams = cf->conn->attached_xfers;
     if(!ctx->goaway && ctx->qconn) {
       max_streams += quiche_conn_peer_streams_left_bidi(ctx->qconn);
     }
     *pres1 = (max_streams > INT_MAX) ? INT_MAX : (int)max_streams;
     CURL_TRC_CF(data, cf, "query conn[%" FMT_OFF_T "]: "
                 "MAX_CONCURRENT -> %d (%u in use)",
-                cf->conn->connection_id, *pres1, CONN_ATTACHED(cf->conn));
+                cf->conn->connection_id, *pres1, cf->conn->attached_xfers);
     return CURLE_OK;
   }
   case CF_QUERY_CONNECT_REPLY_MS:

From d517efe5bd1dbcc6faafe6b0c123521f96d955b0 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Thu, 4 Dec 2025 16:39:22 +0100
Subject: [PATCH 1125/2408] bufref: add Curl_bufref_dup that returns a
 strdup()ed version

Cleans up a common pattern somewhat. Implemented as a macro.

Closes #19834
---
 docs/internals/BUFREF.md | 9 +++++++++
 lib/bufref.h             | 3 +++
 lib/easy.c               | 4 ++--
 lib/http.c               | 8 ++++----
 lib/multi.c              | 2 +-
 lib/transfer.c           | 2 +-
 6 files changed, 20 insertions(+), 8 deletions(-)

diff --git a/docs/internals/BUFREF.md b/docs/internals/BUFREF.md
index cd101f08a9..46f7ee6b3e 100644
--- a/docs/internals/BUFREF.md
+++ b/docs/internals/BUFREF.md
@@ -93,3 +93,12 @@ size_t Curl_bufref_len(const struct bufref *br);
 ```
 
 Returns the stored length of the referenced buffer.
+
+## `dup`
+
+```c
+char *Curl_bufref_dup(const struct bufref *br);
+```
+
+Returns a strdup() version of the buffer. Note that this assumes that the
+bufref is null terminated.
diff --git a/lib/bufref.h b/lib/bufref.h
index abf1d617df..5d331adbdf 100644
--- a/lib/bufref.h
+++ b/lib/bufref.h
@@ -45,4 +45,7 @@ size_t Curl_bufref_len(const struct bufref *br);
 CURLcode Curl_bufref_memdup0(struct bufref *br, const void *ptr, size_t len);
 void Curl_bufref_free(struct bufref *br);
 
+/* return a strdup() version of the buffer */
+#define Curl_bufref_dup(x) curlx_strdup(Curl_bufref_ptr(x))
+
 #endif
diff --git a/lib/easy.c b/lib/easy.c
index 68ec3000f8..bdda114850 100644
--- a/lib/easy.c
+++ b/lib/easy.c
@@ -1019,14 +1019,14 @@ CURL *curl_easy_duphandle(CURL *d)
 
   if(Curl_bufref_ptr(&data->state.url)) {
     Curl_bufref_set(&outcurl->state.url,
-                    curlx_strdup(Curl_bufref_ptr(&data->state.url)), 0,
+                    Curl_bufref_dup(&data->state.url), 0,
                     curl_free);
     if(!Curl_bufref_ptr(&outcurl->state.url))
       goto fail;
   }
   if(Curl_bufref_ptr(&data->state.referer)) {
     Curl_bufref_set(&outcurl->state.referer,
-                    curlx_strdup(Curl_bufref_ptr(&data->state.referer)), 0,
+                    Curl_bufref_dup(&data->state.referer), 0,
                     curl_free);
     if(!Curl_bufref_ptr(&outcurl->state.referer))
       goto fail;
diff --git a/lib/http.c b/lib/http.c
index afe37da5b6..ba42f19ff0 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -612,7 +612,7 @@ CURLcode Curl_http_auth_act(struct Curl_easy *data)
        out in bug #2284386 */
     curlx_free(data->req.newurl);
     /* clone URL */
-    data->req.newurl = curlx_strdup(Curl_bufref_ptr(&data->state.url));
+    data->req.newurl = Curl_bufref_dup(&data->state.url);
     if(!data->req.newurl)
       return CURLE_OUT_OF_MEMORY;
   }
@@ -626,7 +626,7 @@ CURLcode Curl_http_auth_act(struct Curl_easy *data)
     if((data->state.httpreq != HTTPREQ_GET) &&
        (data->state.httpreq != HTTPREQ_HEAD)) {
       /* clone URL */
-      data->req.newurl = curlx_strdup(Curl_bufref_ptr(&data->state.url));
+      data->req.newurl = Curl_bufref_dup(&data->state.url);
       if(!data->req.newurl)
         return CURLE_OUT_OF_MEMORY;
       data->state.authhost.done = TRUE;
@@ -912,7 +912,7 @@ static CURLcode auth_spnego(struct Curl_easy *data,
         &conn->http_negotiate_state;
       if(!result) {
         curlx_free(data->req.newurl);
-        data->req.newurl = curlx_strdup(Curl_bufref_ptr(&data->state.url));
+        data->req.newurl = Curl_bufref_dup(&data->state.url);
         if(!data->req.newurl)
           return CURLE_OUT_OF_MEMORY;
         data->state.authproblem = FALSE;
@@ -4051,7 +4051,7 @@ static CURLcode http_on_response(struct Curl_easy *data,
             data->state.disableexpect = TRUE;
             Curl_req_abort_sending(data);
             DEBUGASSERT(!data->req.newurl);
-            data->req.newurl = curlx_strdup(Curl_bufref_ptr(&data->state.url));
+            data->req.newurl = Curl_bufref_dup(&data->state.url);
             if(!data->req.newurl) {
               result = CURLE_OUT_OF_MEMORY;
               goto out;
diff --git a/lib/multi.c b/lib/multi.c
index f87ee012d8..531ec6605e 100644
--- a/lib/multi.c
+++ b/lib/multi.c
@@ -2011,7 +2011,7 @@ static CURLMcode state_performing(struct Curl_easy *data,
       data->state.errorbuf = FALSE;
       if(!newurl)
         /* typically for HTTP_1_1_REQUIRED error on first flight */
-        newurl = curlx_strdup(Curl_bufref_ptr(&data->state.url));
+        newurl = Curl_bufref_dup(&data->state.url);
       if(!newurl) {
         result = CURLE_OUT_OF_MEMORY;
       }
diff --git a/lib/transfer.c b/lib/transfer.c
index 34f0698ebd..11e7e6e793 100644
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -671,7 +671,7 @@ CURLcode Curl_retry_request(struct Curl_easy *data, char **url)
     }
     infof(data, "Connection died, retrying a fresh connect (retry count: %d)",
           data->state.retrycount);
-    *url = curlx_strdup(Curl_bufref_ptr(&data->state.url));
+    *url = Curl_bufref_dup(&data->state.url);
     if(!*url)
       return CURLE_OUT_OF_MEMORY;
 

From 7a1e99eefa20b2a5dc694ef6078051703521fd1e Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 4 Dec 2025 17:44:46 +0100
Subject: [PATCH 1126/2408] badwords: check FAQ with allowlisted 'will', fix a
 typo

Also:
- badwords.pl: add support for filename:word exceptions.
- badwords.pl: handle `-w` file open errors.

Ref: https://github.com/curl/curl/pull/19817#issuecomment-3612386568
Closes #19837
---
 .github/scripts/badwords.ok     |  7 +++++++
 .github/scripts/badwords.pl     | 12 +++++++++---
 .github/workflows/checkdocs.yml |  2 +-
 docs/FAQ                        |  2 +-
 4 files changed, 18 insertions(+), 5 deletions(-)
 create mode 100644 .github/scripts/badwords.ok

diff --git a/.github/scripts/badwords.ok b/.github/scripts/badwords.ok
new file mode 100644
index 0000000000..d5401a8228
--- /dev/null
+++ b/.github/scripts/badwords.ok
@@ -0,0 +1,7 @@
+# Copyright (C) Daniel Stenberg, , et al.
+#
+# SPDX-License-Identifier: curl
+#
+# whitelisted uses of bad words
+# file:[line]:rule
+docs/FAQ::\bwill\b
diff --git a/.github/scripts/badwords.pl b/.github/scripts/badwords.pl
index 014468c6f9..1fde5ec473 100755
--- a/.github/scripts/badwords.pl
+++ b/.github/scripts/badwords.pl
@@ -30,13 +30,13 @@ my %wl;
 if($ARGV[0] eq "-w") {
     shift @ARGV;
     my $file = shift @ARGV;
-    open(W, "<$file");
+    open(W, "<$file") or die "Cannot open '$file': $!";
     while() {
         if(/^#/) {
             # allow #-comments
             next;
         }
-        if(/^([^:]*):(\d+):(.*)/) {
+        if(/^([^:]*):(\d*):(.*)/) {
             $wl{"$1:$2:$3"}=1;
             #print STDERR "whitelisted $1:$2:$3\n";
         }
@@ -93,7 +93,13 @@ sub file {
 
                 my $ch = "$f:$l:$w";
                 if($wl{$ch}) {
-                    # whitelisted
+                    # whitelisted filename + line + word
+                    print STDERR "$ch found but whitelisted\n";
+                    next;
+                }
+                $ch = $f . "::" . $w;
+                if($wl{$ch}) {
+                    # whitelisted filename + word
                     print STDERR "$ch found but whitelisted\n";
                     next;
                 }
diff --git a/.github/workflows/checkdocs.yml b/.github/workflows/checkdocs.yml
index 6f67b44fca..60d4230194 100644
--- a/.github/workflows/checkdocs.yml
+++ b/.github/workflows/checkdocs.yml
@@ -140,7 +140,7 @@ jobs:
           persist-credentials: false
 
       - name: 'badwords'
-        run: .github/scripts/badwords.pl '**.md' docs/TODO docs/KNOWN_BUGS packages/OS400/README.OS400 < .github/scripts/badwords.txt
+        run: .github/scripts/badwords.pl -w .github/scripts/badwords.ok '**.md' docs/FAQ docs/KNOWN_BUGS docs/TODO packages/OS400/README.OS400 < .github/scripts/badwords.txt
 
       - name: 'verify synopsis'
         run: .github/scripts/verify-synopsis.pl docs/libcurl/curl*.md
diff --git a/docs/FAQ b/docs/FAQ
index 6ba339c7d5..15cfee848c 100644
--- a/docs/FAQ
+++ b/docs/FAQ
@@ -666,7 +666,7 @@ FAQ
   does not require this, you do not need a client certificate.
 
   A client certificate is always used together with a private key, and the
-  private key has a pass phrase that protects it.
+  private key has a passphrase that protects it.
 
   SERVER CERTIFICATE
 

From 0476e4fc65a67c5d7e6d0229c4073ce2b8fd9325 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sat, 29 Nov 2025 23:11:52 +0100
Subject: [PATCH 1127/2408] tidy-up: one more round of formatting nits

Closes #19835
---
 .github/scripts/typos.toml       |   2 +-
 docs/examples/10-at-a-time.c     |   2 +-
 docs/examples/block_ip.c         |   4 +-
 docs/examples/cacertinmem.c      |   2 +-
 docs/examples/crawler.c          |   4 +-
 docs/examples/ephiperfifo.c      |   4 +-
 docs/examples/evhiperfifo.c      |   2 +-
 docs/examples/externalsocket.c   |  10 +-
 docs/examples/ftp-wildcard.c     |   2 +-
 docs/examples/ftpgetresp.c       |   2 +-
 docs/examples/ftpsget.c          |   4 +-
 docs/examples/ftpupload.c        |   8 +-
 docs/examples/ftpuploadresume.c  |   1 -
 docs/examples/ghiper.c           |   8 +-
 docs/examples/hiperfifo.c        |   2 +-
 docs/examples/hsts-preload.c     |   2 +-
 docs/examples/htmltidy.c         |   4 +-
 docs/examples/htmltitle.cpp      |  13 +-
 docs/examples/http2-download.c   |   4 +-
 docs/examples/http2-serverpush.c |   2 +-
 docs/examples/http2-upload.c     |   4 +-
 docs/examples/imap-append.c      |   8 +-
 docs/examples/maxconnects.c      |   3 +-
 docs/examples/multi-app.c        |   2 +-
 docs/examples/multi-event.c      |   6 +-
 docs/examples/multi-legacy.c     |  10 +-
 docs/examples/multi-uv.c         |   6 +-
 docs/examples/multithread.c      |   2 +-
 docs/examples/post-callback.c    |   7 +-
 docs/examples/postinmemory.c     |   2 +-
 docs/examples/progressfunc.c     |   4 +-
 docs/examples/protofeats.c       |   4 +-
 docs/examples/sendrecv.c         |   2 +-
 docs/examples/sessioninfo.c      |   4 +-
 docs/examples/smtp-authzid.c     |  14 +-
 docs/examples/smtp-mail.c        |   8 +-
 docs/examples/smtp-mime.c        |   9 +-
 docs/examples/smtp-multi.c       |   8 +-
 docs/examples/smtp-ssl.c         |   8 +-
 docs/examples/smtp-tls.c         |   8 +-
 docs/examples/synctime.c         |  37 +-
 docs/examples/websocket-cb.c     |   4 +-
 docs/examples/websocket-updown.c |   5 +-
 docs/examples/websocket.c        |  15 +-
 lib/bufref.c                     |   2 +-
 lib/cookie.c                     |   2 +-
 lib/curl_sha512_256.c            |  19 +-
 lib/formdata.c                   |  24 +-
 lib/ftp.c                        |   7 +-
 lib/hostip.c                     |   2 +-
 lib/http_aws_sigv4.c             |   2 +-
 lib/ldap.c                       |  10 +-
 lib/url.c                        |   4 +-
 lib/vauth/digest_sspi.c          |  10 +-
 lib/vquic/curl_ngtcp2.c          |  11 +-
 lib/vquic/curl_osslq.c           |  11 +-
 lib/vquic/curl_quiche.c          |   6 +-
 lib/vquic/vquic-tls.c            |   8 +-
 lib/vquic/vquic.c                |   9 +-
 lib/vquic/vquic_int.h            |   2 +-
 lib/vtls/apple.c                 |  32 +-
 lib/vtls/cipher_suite.c          |   6 +-
 lib/vtls/schannel_verify.c       |   6 +-
 lib/vtls/x509asn1.c              |   2 +-
 tests/libtest/cli_h2_pausing.c   |  32 +-
 tests/libtest/cli_hx_download.c  |  10 +-
 tests/libtest/first.c            |   4 +-
 tests/libtest/first.h            |  76 ++--
 tests/libtest/lib1156.c          |  10 +-
 tests/libtest/lib1506.c          |   2 +-
 tests/libtest/lib1512.c          |   2 +-
 tests/libtest/lib1514.c          |   2 +-
 tests/libtest/lib1520.c          |   2 +-
 tests/libtest/lib1537.c          |   4 +-
 tests/libtest/lib1541.c          |   2 +-
 tests/libtest/lib1550.c          |   4 +-
 tests/libtest/lib1556.c          |   2 +-
 tests/libtest/lib1560.c          |  26 +-
 tests/libtest/lib1565.c          |   2 +-
 tests/libtest/lib1597.c          |  34 +-
 tests/libtest/lib1911.c          |   4 +-
 tests/libtest/lib1912.c          |   4 +-
 tests/libtest/lib1915.c          |   2 +-
 tests/libtest/lib1918.c          |   4 +-
 tests/libtest/lib1938.c          |   2 +-
 tests/libtest/lib2032.c          |   9 +-
 tests/libtest/lib2301.c          |   4 +-
 tests/libtest/lib2402.c          |   2 +-
 tests/libtest/lib2404.c          |   2 +-
 tests/libtest/lib2405.c          |  27 +-
 tests/libtest/lib2502.c          |   2 +-
 tests/libtest/lib3207.c          |   2 +-
 tests/libtest/lib509.c           |   6 +-
 tests/libtest/lib517.c           | 232 +++++------
 tests/libtest/lib518.c           |   4 +-
 tests/libtest/lib530.c           |   7 +-
 tests/libtest/lib537.c           |   2 +-
 tests/libtest/lib543.c           |   7 +-
 tests/libtest/lib544.c           |   3 +-
 tests/libtest/lib553.c           |   2 +-
 tests/libtest/lib557.c           |   6 +-
 tests/libtest/lib558.c           |   4 +-
 tests/libtest/lib576.c           |   2 +-
 tests/libtest/lib582.c           |   6 +-
 tests/libtest/lib654.c           |   2 +-
 tests/libtest/lib670.c           |   2 +-
 tests/libtest/lib678.c           |   2 +-
 tests/libtest/lib758.c           |  17 +-
 tests/libtest/memptr.c           |   6 +-
 tests/server/dnsd.c              |   7 +-
 tests/server/getpart.c           |   2 +-
 tests/server/mqttd.c             |  11 +-
 tests/server/rtspd.c             |  17 +-
 tests/server/sockfilt.c          |  45 ++-
 tests/server/socksd.c            |  30 +-
 tests/server/sws.c               |  38 +-
 tests/server/tftpd.c             |  38 +-
 tests/unit/unit1300.c            |  10 +-
 tests/unit/unit1302.c            | 148 ++++----
 tests/unit/unit1307.c            |  18 +-
 tests/unit/unit1309.c            |   4 +-
 tests/unit/unit1323.c            |   8 +-
 tests/unit/unit1395.c            |   6 +-
 tests/unit/unit1396.c            |  52 ++-
 tests/unit/unit1397.c            | 100 ++---
 tests/unit/unit1398.c            |   2 +-
 tests/unit/unit1600.c            |  27 +-
 tests/unit/unit1601.c            |   2 +-
 tests/unit/unit1606.c            |   2 +-
 tests/unit/unit1607.c            |   2 +-
 tests/unit/unit1609.c            |   2 +-
 tests/unit/unit1610.c            |   6 +-
 tests/unit/unit1611.c            |   6 +-
 tests/unit/unit1612.c            |   6 +-
 tests/unit/unit1614.c            | 196 +++++-----
 tests/unit/unit1615.c            | 103 ++---
 tests/unit/unit1620.c            |  19 +-
 tests/unit/unit1650.c            |  14 +-
 tests/unit/unit1651.c            | 634 ++++++++++++++++---------------
 tests/unit/unit1660.c            |  17 +-
 tests/unit/unit1979.c            |   2 +-
 tests/unit/unit1980.c            |   2 +-
 tests/unit/unit2604.c            |  42 +-
 tests/unit/unit2605.c            |  59 ++-
 tests/unit/unit3200.c            |   2 +-
 tests/unit/unit3205.c            |  30 +-
 tests/unit/unit3211.c            |   9 +-
 tests/unit/unit3212.c            |   2 +-
 tests/unit/unit3213.c            |  12 +-
 149 files changed, 1381 insertions(+), 1376 deletions(-)

diff --git a/.github/scripts/typos.toml b/.github/scripts/typos.toml
index 3495823c1b..ec6b9bb050 100644
--- a/.github/scripts/typos.toml
+++ b/.github/scripts/typos.toml
@@ -9,7 +9,7 @@ extend-ignore-identifiers-re = [
   "^(ECT0|ECT1|HELO|htpt|PASE)$",
   "^[A-Za-z0-9_-]*(EDE|GOST)[A-Z0-9_-]*$",  # ciphers
   "^0x[0-9a-fA-F]+FUL$",  # unsigned long hex literals ending with 'F'
-  "^(eyeballers|HELO_smtp|optin|passin|perfec|SMTP_HELO)$",
+  "^(eyeballers|HELO_smtp|Januar|optin|passin|perfec|SMTP_HELO)$",
   "^(clen|req_clen|smtp_perform_helo|smtp_state_helo_resp|Tru64|_stati64)$",
   "secur32",
   "proxys",  # this should be limited to tests/http/*. Short for secure proxy.
diff --git a/docs/examples/10-at-a-time.c b/docs/examples/10-at-a-time.c
index 22db7c5fc4..08f1f25f7f 100644
--- a/docs/examples/10-at-a-time.c
+++ b/docs/examples/10-at-a-time.c
@@ -81,7 +81,7 @@ static const char *urls[] = {
 };
 
 #define MAX_PARALLEL 10  /* number of simultaneous transfers */
-#define NUM_URLS (sizeof(urls) / sizeof(char *))
+#define NUM_URLS     (sizeof(urls) / sizeof(char *))
 
 static size_t write_cb(char *data, size_t n, size_t l, void *userp)
 {
diff --git a/docs/examples/block_ip.c b/docs/examples/block_ip.c
index 5cd77cad0e..04223ddd03 100644
--- a/docs/examples/block_ip.c
+++ b/docs/examples/block_ip.c
@@ -268,7 +268,7 @@ static curl_socket_t opensocket(void *clientp,
 
       if(ip && filter->type == CONNECTION_FILTER_BLACKLIST) {
         if(filter->verbose) {
-          char buf[128] = {0};
+          char buf[128] = { 0 };
           inet_ntop(address->family, cinaddr, buf, sizeof(buf));
           fprintf(stderr, "* Rejecting IP %s due to blacklist entry %s.\n",
                   buf, ip->str);
@@ -277,7 +277,7 @@ static curl_socket_t opensocket(void *clientp,
       }
       else if(!ip && filter->type == CONNECTION_FILTER_WHITELIST) {
         if(filter->verbose) {
-          char buf[128] = {0};
+          char buf[128] = { 0 };
           inet_ntop(address->family, cinaddr, buf, sizeof(buf));
           fprintf(stderr,
                   "* Rejecting IP %s due to missing whitelist entry.\n", buf);
diff --git a/docs/examples/cacertinmem.c b/docs/examples/cacertinmem.c
index ed8f40aef4..b37cd6f414 100644
--- a/docs/examples/cacertinmem.c
+++ b/docs/examples/cacertinmem.c
@@ -83,7 +83,7 @@ static CURLcode sslctx_function(CURL *curl, void *sslctx, void *pointer)
   BIO *cbio = BIO_new_mem_buf(mypem, sizeof(mypem));
   X509_STORE *cts = SSL_CTX_get_cert_store((SSL_CTX *)sslctx);
   ossl_valsize_t i;
-  STACK_OF(X509_INFO) *inf;
+  STACK_OF(X509_INFO) * inf;
 
   (void)curl;
   (void)pointer;
diff --git a/docs/examples/crawler.c b/docs/examples/crawler.c
index 9207199cdf..09c0c7d692 100644
--- a/docs/examples/crawler.c
+++ b/docs/examples/crawler.c
@@ -123,8 +123,8 @@ static CURL *make_handle(const char *url)
 /* HREF finder implemented in libxml2 but could be any HTML parser */
 static size_t follow_links(CURLM *multi, struct memory *mem, const char *url)
 {
-  int opts = HTML_PARSE_NOBLANKS | HTML_PARSE_NOERROR | \
-             HTML_PARSE_NOWARNING | HTML_PARSE_NONET;
+  int opts = HTML_PARSE_NOBLANKS | HTML_PARSE_NOERROR | HTML_PARSE_NOWARNING |
+             HTML_PARSE_NONET;
   htmlDocPtr doc = htmlReadMemory(mem->buf, (int)mem->size, url, NULL, opts);
   size_t count;
   int i;
diff --git a/docs/examples/ephiperfifo.c b/docs/examples/ephiperfifo.c
index e572fffad8..cafea9693f 100644
--- a/docs/examples/ephiperfifo.c
+++ b/docs/examples/ephiperfifo.c
@@ -244,7 +244,7 @@ static void timer_cb(struct GlobalInfo *g, int revents)
   }
 
   rc = curl_multi_socket_action(g->multi,
-                                  CURL_SOCKET_TIMEOUT, 0, &g->still_running);
+                                CURL_SOCKET_TIMEOUT, 0, &g->still_running);
   mcode_or_die("timer_cb: curl_multi_socket_action", rc);
   check_multi_info(g);
 }
@@ -303,7 +303,7 @@ static int sock_cb(CURL *e, curl_socket_t s, int what, void *cbp, void *sockp)
 {
   struct GlobalInfo *g = (struct GlobalInfo *)cbp;
   struct SockInfo *fdp = (struct SockInfo *)sockp;
-  const char *whatstr[] = {"none", "IN", "OUT", "INOUT", "REMOVE"};
+  const char *whatstr[] = { "none", "IN", "OUT", "INOUT", "REMOVE" };
 
   fprintf(MSG_OUT, "socket callback: s=%d e=%p what=%s ", s, e, whatstr[what]);
   if(what == CURL_POLL_REMOVE) {
diff --git a/docs/examples/evhiperfifo.c b/docs/examples/evhiperfifo.c
index 178be018a3..922197c3cb 100644
--- a/docs/examples/evhiperfifo.c
+++ b/docs/examples/evhiperfifo.c
@@ -270,7 +270,7 @@ static int sock_cb(CURL *e, curl_socket_t s, int what, void *cbp, void *sockp)
 {
   struct GlobalInfo *g = (struct GlobalInfo *)cbp;
   struct SockInfo *fdp = (struct SockInfo *)sockp;
-  const char *whatstr[] = {"none", "IN", "OUT", "INOUT", "REMOVE"};
+  const char *whatstr[] = { "none", "IN", "OUT", "INOUT", "REMOVE" };
 
   printf("%s e %p s %i what %i cbp %p sockp %p\n",
          __PRETTY_FUNCTION__, e, s, what, cbp, sockp);
diff --git a/docs/examples/externalsocket.c b/docs/examples/externalsocket.c
index 632d5f2981..4f1b2e9091 100644
--- a/docs/examples/externalsocket.c
+++ b/docs/examples/externalsocket.c
@@ -43,17 +43,17 @@
 #ifdef _WIN32
 #define close closesocket
 #else
-#include         /*  socket types              */
-#include        /*  socket definitions        */
+#include    /* socket types */
+#include   /* socket definitions */
 #include 
-#include         /*  inet (3) functions        */
-#include            /*  misc. Unix functions      */
+#include    /* inet (3) functions */
+#include       /* misc. Unix functions */
 #endif
 
 #include 
 
 /* The IP address and port number to connect to */
-#define IPADDR "127.0.0.1"
+#define IPADDR  "127.0.0.1"
 #define PORTNUM 80
 
 #ifndef INADDR_NONE
diff --git a/docs/examples/ftp-wildcard.c b/docs/examples/ftp-wildcard.c
index fa66628f16..9159d3857f 100644
--- a/docs/examples/ftp-wildcard.c
+++ b/docs/examples/ftp-wildcard.c
@@ -103,7 +103,7 @@ int main(int argc, char **argv)
   CURL *curl;
 
   /* help data */
-  struct callback_data data = {0};
+  struct callback_data data = { 0 };
 
   /* global initialization */
   CURLcode res = curl_global_init(CURL_GLOBAL_ALL);
diff --git a/docs/examples/ftpgetresp.c b/docs/examples/ftpgetresp.c
index 53ada7ccae..c46fa057eb 100644
--- a/docs/examples/ftpgetresp.c
+++ b/docs/examples/ftpgetresp.c
@@ -42,7 +42,7 @@ static size_t write_response(void *ptr, size_t size, size_t nmemb, void *data)
   return fwrite(ptr, size, nmemb, writehere);
 }
 
-#define FTPBODY "ftp-list"
+#define FTPBODY    "ftp-list"
 #define FTPHEADERS "ftp-responses"
 
 int main(void)
diff --git a/docs/examples/ftpsget.c b/docs/examples/ftpsget.c
index 22c94b8e93..38844bb219 100644
--- a/docs/examples/ftpsget.c
+++ b/docs/examples/ftpsget.c
@@ -40,8 +40,7 @@ struct FtpFile {
   FILE *stream;
 };
 
-static size_t write_cb(void *buffer, size_t size, size_t nmemb,
-                        void *stream)
+static size_t write_cb(void *buffer, size_t size, size_t nmemb, void *stream)
 {
   struct FtpFile *out = (struct FtpFile *)stream;
   if(!out->stream) {
@@ -53,7 +52,6 @@ static size_t write_cb(void *buffer, size_t size, size_t nmemb,
   return fwrite(buffer, size, nmemb, out->stream);
 }
 
-
 int main(void)
 {
   CURL *curl;
diff --git a/docs/examples/ftpupload.c b/docs/examples/ftpupload.c
index 0a241db21c..48c76a4898 100644
--- a/docs/examples/ftpupload.c
+++ b/docs/examples/ftpupload.c
@@ -52,10 +52,10 @@
 #include 
 #endif
 
-#define LOCAL_FILE      "/tmp/uploadthis.txt"
-#define UPLOAD_FILE_AS  "while-uploading.txt"
-#define REMOTE_URL      "ftp://example.com/"  UPLOAD_FILE_AS
-#define RENAME_FILE_TO  "renamed-and-fine.txt"
+#define LOCAL_FILE     "/tmp/uploadthis.txt"
+#define UPLOAD_FILE_AS "while-uploading.txt"
+#define REMOTE_URL     "ftp://example.com/" UPLOAD_FILE_AS
+#define RENAME_FILE_TO "renamed-and-fine.txt"
 
 /* NOTE: if you want this example to work on Windows with libcurl as a DLL,
    you MUST also provide a read callback with CURLOPT_READFUNCTION. Failing to
diff --git a/docs/examples/ftpuploadresume.c b/docs/examples/ftpuploadresume.c
index a9af3f12cd..30305f62fe 100644
--- a/docs/examples/ftpuploadresume.c
+++ b/docs/examples/ftpuploadresume.c
@@ -72,7 +72,6 @@ static size_t read_cb(char *ptr, size_t size, size_t nmemb, void *stream)
   return n;
 }
 
-
 static int upload(CURL *curl, const char *remotepath,
                   const char *localpath, long timeout, long tries)
 {
diff --git a/docs/examples/ghiper.c b/docs/examples/ghiper.c
index d7b19abb9b..8f320a6e5f 100644
--- a/docs/examples/ghiper.c
+++ b/docs/examples/ghiper.c
@@ -66,9 +66,9 @@
 
 #include 
 
-#define MSG_OUT g_print   /* Change to "g_error" to write to stderr */
-#define SHOW_VERBOSE 0L   /* Set to non-zero for libcurl messages */
-#define SHOW_PROGRESS 0   /* Set to non-zero to enable progress callback */
+#define MSG_OUT       g_print /* Change to "g_error" to write to stderr */
+#define SHOW_VERBOSE  0L      /* Set to non-zero for libcurl messages */
+#define SHOW_PROGRESS 0       /* Set to non-zero to enable progress callback */
 
 /* Global information, common to all connections */
 struct GlobalInfo {
@@ -261,7 +261,7 @@ static int sock_cb(CURL *e, curl_socket_t s, int what, void *cbp, void *sockp)
 {
   struct GlobalInfo *g = (struct GlobalInfo *)cbp;
   struct SockInfo *fdp = (struct SockInfo *)sockp;
-  static const char *whatstr[] = {"none", "IN", "OUT", "INOUT", "REMOVE"};
+  static const char *whatstr[] = { "none", "IN", "OUT", "INOUT", "REMOVE" };
 
   MSG_OUT("socket callback: s=%d e=%p what=%s ", s, e, whatstr[what]);
   if(what == CURL_POLL_REMOVE) {
diff --git a/docs/examples/hiperfifo.c b/docs/examples/hiperfifo.c
index 576bbb8d2c..7b17731ebf 100644
--- a/docs/examples/hiperfifo.c
+++ b/docs/examples/hiperfifo.c
@@ -274,7 +274,7 @@ static int sock_cb(CURL *e, curl_socket_t s, int what, void *cbp, void *sockp)
 {
   struct GlobalInfo *g = (struct GlobalInfo *)cbp;
   struct SockInfo *fdp = (struct SockInfo *)sockp;
-  const char *whatstr[] = {"none", "IN", "OUT", "INOUT", "REMOVE"};
+  const char *whatstr[] = { "none", "IN", "OUT", "INOUT", "REMOVE" };
 
   fprintf(MSG_OUT, "socket callback: s=%d e=%p what=%s ", s, e, whatstr[what]);
   if(what == CURL_POLL_REMOVE) {
diff --git a/docs/examples/hsts-preload.c b/docs/examples/hsts-preload.c
index b029df2a0a..cd6c30f9c6 100644
--- a/docs/examples/hsts-preload.c
+++ b/docs/examples/hsts-preload.c
@@ -93,7 +93,7 @@ int main(void)
 
   curl = curl_easy_init();
   if(curl) {
-    struct state st = {0};
+    struct state st = { 0 };
 
     /* enable HSTS for this handle */
     curl_easy_setopt(curl, CURLOPT_HSTS_CTRL, CURLHSTS_ENABLE);
diff --git a/docs/examples/htmltidy.c b/docs/examples/htmltidy.c
index 9865a633ef..a3ecc01df1 100644
--- a/docs/examples/htmltidy.c
+++ b/docs/examples/htmltidy.c
@@ -79,8 +79,8 @@ int main(int argc, char **argv)
   CURL *curl;
   char curl_errbuf[CURL_ERROR_SIZE];
   TidyDoc tdoc;
-  TidyBuffer docbuf = {0};
-  TidyBuffer tidy_errbuf = {0};
+  TidyBuffer docbuf = { 0 };
+  TidyBuffer tidy_errbuf = { 0 };
   CURLcode res;
 
   if(argc != 2) {
diff --git a/docs/examples/htmltitle.cpp b/docs/examples/htmltitle.cpp
index a6f944ff0e..ac351a8bf5 100644
--- a/docs/examples/htmltitle.cpp
+++ b/docs/examples/htmltitle.cpp
@@ -54,7 +54,6 @@
 //
 //  libxml callback context structure
 //
-
 struct Context {
   Context() : addTitle(false) {}
 
@@ -71,7 +70,6 @@ static std::string buffer;
 //
 //  libcurl write callback function
 //
-
 static size_t writer(char *data, size_t size, size_t nmemb,
                      std::string *writerData)
 {
@@ -86,7 +84,6 @@ static size_t writer(char *data, size_t size, size_t nmemb,
 //
 //  libcurl connection initialization
 //
-
 static bool init(CURL *&curl, const char *url)
 {
   CURLcode res;
@@ -134,7 +131,6 @@ static bool init(CURL *&curl, const char *url)
 //
 //  libxml start element callback function
 //
-
 static void StartElement(void *voidContext,
                          const xmlChar *name,
                          const xmlChar **attributes)
@@ -151,7 +147,6 @@ static void StartElement(void *voidContext,
 //
 //  libxml end element callback function
 //
-
 static void EndElement(void *voidContext,
                        const xmlChar *name)
 {
@@ -164,7 +159,6 @@ static void EndElement(void *voidContext,
 //
 //  Text handling helper function
 //
-
 static void handleCharacters(Context *context,
                              const xmlChar *chars,
                              int length)
@@ -177,7 +171,6 @@ static void handleCharacters(Context *context,
 //
 //  libxml PCDATA callback function
 //
-
 static void Characters(void *voidContext,
                        const xmlChar *chars,
                        int length)
@@ -190,7 +183,6 @@ static void Characters(void *voidContext,
 //
 //  libxml CDATA callback function
 //
-
 static void cdata(void *voidContext,
                   const xmlChar *chars,
                   int length)
@@ -203,9 +195,7 @@ static void cdata(void *voidContext,
 //
 //  libxml SAX callback structure
 //
-
-static htmlSAXHandler saxHandler =
-{
+static htmlSAXHandler saxHandler = {
   NULL,
   NULL,
   NULL,
@@ -243,7 +233,6 @@ static htmlSAXHandler saxHandler =
 //
 //  Parse given (assumed to be) HTML text and return the title
 //
-
 static void parseHtml(const std::string &html,
                       std::string &title)
 {
diff --git a/docs/examples/http2-download.c b/docs/examples/http2-download.c
index e6fdbd6b9c..054f697b3e 100644
--- a/docs/examples/http2-download.c
+++ b/docs/examples/http2-download.c
@@ -200,10 +200,10 @@ int main(int argc, char **argv)
     /* if given a number, do that many transfers */
     num_transfers = atoi(argv[1]);
     if((num_transfers < 1) || (num_transfers > 1000))
-      num_transfers = 3;  /* a suitable low default */
+      num_transfers = 3; /* a suitable low default */
   }
   else
-    num_transfers = 3;  /* a suitable low default */
+    num_transfers = 3; /* a suitable low default */
 
   res = curl_global_init(CURL_GLOBAL_ALL);
   if(res)
diff --git a/docs/examples/http2-serverpush.c b/docs/examples/http2-serverpush.c
index 5c817ead58..eb67bfe671 100644
--- a/docs/examples/http2-serverpush.c
+++ b/docs/examples/http2-serverpush.c
@@ -136,7 +136,7 @@ static int setup(CURL *curl, const char *url)
 {
   out_download = fopen(OUTPUTFILE, "wb");
   if(!out_download)
-    return 1;  /* failed */
+    return 1; /* failed */
 
   /* set the same URL */
   curl_easy_setopt(curl, CURLOPT_URL, url);
diff --git a/docs/examples/http2-upload.c b/docs/examples/http2-upload.c
index 9ec8cbf5bc..e360127a44 100644
--- a/docs/examples/http2-upload.c
+++ b/docs/examples/http2-upload.c
@@ -72,8 +72,8 @@ static int my_gettimeofday(struct timeval *tp, void *tzp)
 {
   (void)tzp;
   if(tp) {
-    /* Offset between 1601-01-01 and 1970-01-01 in 100 nanosec units */
-    #define WIN32_FT_OFFSET (116444736000000000)
+/* Offset between 1601-01-01 and 1970-01-01 in 100 nanosec units */
+#define WIN32_FT_OFFSET (116444736000000000)
     union {
       CURL_TYPEOF_CURL_OFF_T ns100; /* time since 1 Jan 1601 in 100ns units */
       FILETIME ft;
diff --git a/docs/examples/imap-append.c b/docs/examples/imap-append.c
index 91cbac6915..e3665d0128 100644
--- a/docs/examples/imap-append.c
+++ b/docs/examples/imap-append.c
@@ -36,9 +36,9 @@
  * Note that this example requires libcurl 7.30.0 or above.
  */
 
-#define FROM    ""
-#define TO      ""
-#define CC      ""
+#define FROM ""
+#define TO   ""
+#define CC   ""
 
 static const char *payload_text =
   "Date: Mon, 29 Nov 2010 21:54:29 +1100\r\n"
@@ -95,7 +95,7 @@ int main(void)
   if(curl) {
     size_t filesize;
     long infilesize = LONG_MAX;
-    struct upload_status upload_ctx = {0};
+    struct upload_status upload_ctx = { 0 };
 
     /* Set username and password */
     curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
diff --git a/docs/examples/maxconnects.c b/docs/examples/maxconnects.c
index 658b38d711..2ee1d305a9 100644
--- a/docs/examples/maxconnects.c
+++ b/docs/examples/maxconnects.c
@@ -39,7 +39,8 @@ int main(void)
 
   curl = curl_easy_init();
   if(curl) {
-    const char *urls[] = { "https://example.com",
+    const char *urls[] = {
+      "https://example.com",
       "https://curl.se",
       "https://www.example/",
       NULL /* end of list */
diff --git a/docs/examples/multi-app.c b/docs/examples/multi-app.c
index d58181e027..51492e8ade 100644
--- a/docs/examples/multi-app.c
+++ b/docs/examples/multi-app.c
@@ -36,7 +36,7 @@
  */
 
 #define HTTP_HANDLE 0   /* Index for the HTTP transfer */
-#define FTP_HANDLE 1    /* Index for the FTP transfer */
+#define FTP_HANDLE  1   /* Index for the FTP transfer */
 #define HANDLECOUNT 2   /* Number of simultaneous transfers */
 
 int main(void)
diff --git a/docs/examples/multi-event.c b/docs/examples/multi-event.c
index 901d7dd6e7..2eb3977200 100644
--- a/docs/examples/multi-event.c
+++ b/docs/examples/multi-event.c
@@ -183,8 +183,8 @@ static int handle_socket(CURL *curl, curl_socket_t s, int action, void *userp,
   case CURL_POLL_IN:
   case CURL_POLL_OUT:
   case CURL_POLL_INOUT:
-    curl_context = socketp ?
-      (struct curl_context *)socketp : create_curl_context(s);
+    curl_context =
+      socketp ? (struct curl_context *)socketp : create_curl_context(s);
 
     curl_multi_assign(multi, s, (void *)curl_context);
 
@@ -197,7 +197,7 @@ static int handle_socket(CURL *curl, curl_socket_t s, int action, void *userp,
 
     event_del(curl_context->event);
     event_assign(curl_context->event, base, curl_context->sockfd,
-      (short)events, curl_perform, curl_context);
+                 (short)events, curl_perform, curl_context);
     event_add(curl_context->event, NULL);
 
     break;
diff --git a/docs/examples/multi-legacy.c b/docs/examples/multi-legacy.c
index e34d1cd710..42670129f9 100644
--- a/docs/examples/multi-legacy.c
+++ b/docs/examples/multi-legacy.c
@@ -41,9 +41,9 @@
  * Download an HTTP file and upload an FTP file simultaneously.
  */
 
-#define HTTP_HANDLE 0   /* Index for the HTTP transfer */
-#define FTP_HANDLE 1    /* Index for the FTP transfer */
-#define HANDLECOUNT 2   /* Number of simultaneous transfers */
+#define HTTP_HANDLE 0  /* Index for the HTTP transfer */
+#define FTP_HANDLE  1  /* Index for the FTP transfer */
+#define HANDLECOUNT 2  /* Number of simultaneous transfers */
 
 int main(void)
 {
@@ -140,7 +140,7 @@ int main(void)
         rc = 0;
 #else
         /* Portable sleep for platforms other than Windows. */
-        struct timeval wait = {0};
+        struct timeval wait = { 0 };
         wait.tv_usec = 100 * 1000; /* 100ms */
         rc = select(0, NULL, NULL, NULL, &wait);
 #endif
@@ -155,7 +155,7 @@ int main(void)
       case -1:
         /* select error */
         break;
-      case 0:  /* timeout */
+      case 0: /* timeout */
       default: /* action */
         curl_multi_perform(multi, &still_running);
         break;
diff --git a/docs/examples/multi-uv.c b/docs/examples/multi-uv.c
index 4053cb9061..13689ad3f8 100644
--- a/docs/examples/multi-uv.c
+++ b/docs/examples/multi-uv.c
@@ -201,8 +201,8 @@ static int cb_socket(CURL *curl, curl_socket_t s, int action,
   case CURL_POLL_IN:
   case CURL_POLL_OUT:
   case CURL_POLL_INOUT:
-    curl_context = socketp ?
-      (struct curl_context *)socketp : create_curl_context(s, uv);
+    curl_context =
+      socketp ? (struct curl_context *)socketp : create_curl_context(s, uv);
 
     curl_multi_assign(uv->multi, s, (void *)curl_context);
 
@@ -230,7 +230,7 @@ static int cb_socket(CURL *curl, curl_socket_t s, int action,
 int main(int argc, char **argv)
 {
   CURLcode res;
-  struct datauv uv = {0};
+  struct datauv uv = { 0 };
   int running_handles;
 
   if(argc <= 1)
diff --git a/docs/examples/multithread.c b/docs/examples/multithread.c
index 308c1168e2..3d2f1df7de 100644
--- a/docs/examples/multithread.c
+++ b/docs/examples/multithread.c
@@ -45,7 +45,7 @@
   https://curl.se/libcurl/c/threadsafe.html
 
 */
-static const char * const urls[NUMT]= {
+static const char * const urls[NUMT] = {
   "https://curl.se/",
   "ftp://example.com/",
   "https://example.net/",
diff --git a/docs/examples/post-callback.c b/docs/examples/post-callback.c
index c463e3785c..0df09a34bf 100644
--- a/docs/examples/post-callback.c
+++ b/docs/examples/post-callback.c
@@ -31,8 +31,9 @@
 #include 
 
 /* silly test data to POST */
-static const char data[]="Lorem ipsum dolor sit amet, consectetur adipiscing "
-  "elit. Sed vel urna neque. Ut quis leo metus. Quisque eleifend, ex at "
+static const char data[] =
+  "Lorem ipsum dolor sit amet, consectetur adipiscing elit. "
+  "Sed vel urna neque. Ut quis leo metus. Quisque eleifend, ex at "
   "laoreet rhoncus, odio ipsum semper metus, at tempus ante urna in mauris. "
   "Suspendisse ornare tempor venenatis. Ut dui neque, pellentesque a ______ "
   "eget, mattis vitae ligula. Fusce ut pharetra est. Ut ullamcorper mi ac "
@@ -61,7 +62,7 @@ static size_t read_cb(char *dest, size_t size, size_t nmemb, void *userp)
     return copy_this_much; /* we copied this many bytes */
   }
 
-  return 0; /* no more data left to deliver */
+  return 0;  /* no more data left to deliver */
 }
 
 int main(void)
diff --git a/docs/examples/postinmemory.c b/docs/examples/postinmemory.c
index 089d9a9c74..0a2964f1c6 100644
--- a/docs/examples/postinmemory.c
+++ b/docs/examples/postinmemory.c
@@ -68,7 +68,7 @@ int main(void)
     return (int)res;
 
   chunk.memory = malloc(1);  /* grown as needed by realloc above */
-  chunk.size = 0;    /* no data at this point */
+  chunk.size = 0;            /* no data at this point */
 
   curl = curl_easy_init();
   if(curl) {
diff --git a/docs/examples/progressfunc.c b/docs/examples/progressfunc.c
index 59477951f9..41a87f2bf9 100644
--- a/docs/examples/progressfunc.c
+++ b/docs/examples/progressfunc.c
@@ -30,8 +30,8 @@
 
 #include 
 
-#define MINIMAL_PROGRESS_FUNCTIONALITY_INTERVAL     3000000
-#define STOP_DOWNLOAD_AFTER_THIS_MANY_BYTES         6000
+#define MINIMAL_PROGRESS_FUNCTIONALITY_INTERVAL 3000000
+#define STOP_DOWNLOAD_AFTER_THIS_MANY_BYTES     6000
 
 struct myprogress {
   curl_off_t lastruntime; /* type depends on version, see above */
diff --git a/docs/examples/protofeats.c b/docs/examples/protofeats.c
index f93dccef00..50b31cb9ea 100644
--- a/docs/examples/protofeats.c
+++ b/docs/examples/protofeats.c
@@ -29,14 +29,14 @@
 
 #include 
 
-#if !CURL_AT_LEAST_VERSION(7,87,0)
+#if !CURL_AT_LEAST_VERSION(7, 87, 0)
 #error "too old libcurl"
 #endif
 
 int main(void)
 {
   curl_version_info_data *ver;
-  const char *const *ptr;
+  const char * const *ptr;
 
   CURLcode res = curl_global_init(CURL_GLOBAL_ALL);
   if(res)
diff --git a/docs/examples/sendrecv.c b/docs/examples/sendrecv.c
index 6f7cbb1b51..e0bf417e48 100644
--- a/docs/examples/sendrecv.c
+++ b/docs/examples/sendrecv.c
@@ -128,7 +128,7 @@ int main(void)
       do {
         nsent = 0;
         res = curl_easy_send(curl, request + nsent_total,
-            request_len - nsent_total, &nsent);
+                             request_len - nsent_total, &nsent);
         nsent_total += nsent;
 
         if(res == CURLE_AGAIN && !wait_on_socket(sockfd, 0, 60000L)) {
diff --git a/docs/examples/sessioninfo.c b/docs/examples/sessioninfo.c
index e90b387da0..dec9fa988d 100644
--- a/docs/examples/sessioninfo.c
+++ b/docs/examples/sessioninfo.c
@@ -73,8 +73,8 @@ static size_t write_cb(void *ptr, size_t size, size_t nmemb, void *stream)
                gnutls_x509_crt_import(cert, &chainp[i], GNUTLS_X509_FMT_DER)) {
               if(GNUTLS_E_SUCCESS ==
                  gnutls_x509_crt_print(cert, GNUTLS_CRT_PRINT_FULL, &dn)) {
-                fprintf(stderr, "Certificate #%u: %.*s", i,
-                                (int)dn.size, dn.data);
+                fprintf(stderr, "Certificate #%u: %.*s", i, (int)dn.size,
+                        dn.data);
 
                 gnutls_free(dn.data);
               }
diff --git a/docs/examples/smtp-authzid.c b/docs/examples/smtp-authzid.c
index e7dd20f590..f8e66069f8 100644
--- a/docs/examples/smtp-authzid.c
+++ b/docs/examples/smtp-authzid.c
@@ -40,13 +40,13 @@
 /* The libcurl options want plain addresses, the viewable headers in the mail
  * can get a full name as well.
  */
-#define FROM_ADDR    ""
-#define SENDER_ADDR  ""
-#define TO_ADDR      ""
+#define FROM_ADDR   ""
+#define SENDER_ADDR ""
+#define TO_ADDR     ""
 
-#define FROM_MAIL    "Ursel " FROM_ADDR
-#define SENDER_MAIL  "Kurt " SENDER_ADDR
-#define TO_MAIL      "A Receiver " TO_ADDR
+#define FROM_MAIL   "Ursel " FROM_ADDR
+#define SENDER_MAIL "Kurt " SENDER_ADDR
+#define TO_MAIL     "A Receiver " TO_ADDR
 
 static const char *payload_text =
   "Date: Mon, 29 Nov 2010 21:54:29 +1100\r\n"
@@ -99,7 +99,7 @@ int main(void)
   curl = curl_easy_init();
   if(curl) {
     struct curl_slist *recipients = NULL;
-    struct upload_status upload_ctx = {0};
+    struct upload_status upload_ctx = { 0 };
 
     /* This is the URL for your mailserver. In this example we connect to the
        smtp-submission port as we require an authenticated connection. */
diff --git a/docs/examples/smtp-mail.c b/docs/examples/smtp-mail.c
index d5074abbf2..8ed91f55b7 100644
--- a/docs/examples/smtp-mail.c
+++ b/docs/examples/smtp-mail.c
@@ -37,9 +37,9 @@
 /* The libcurl options want plain addresses, the viewable headers in the mail
  * can get a full name as well.
  */
-#define FROM_ADDR    ""
-#define TO_ADDR      ""
-#define CC_ADDR      ""
+#define FROM_ADDR ""
+#define TO_ADDR   ""
+#define CC_ADDR   ""
 
 #define FROM_MAIL "Sender Person " FROM_ADDR
 #define TO_MAIL   "A Receiver " TO_ADDR
@@ -96,7 +96,7 @@ int main(void)
   curl = curl_easy_init();
   if(curl) {
     struct curl_slist *recipients = NULL;
-    struct upload_status upload_ctx = {0};
+    struct upload_status upload_ctx = { 0 };
 
     /* This is the URL for your mailserver */
     curl_easy_setopt(curl, CURLOPT_URL, "smtp://mail.example.com");
diff --git a/docs/examples/smtp-mime.c b/docs/examples/smtp-mime.c
index 553947b097..89bfebd39d 100644
--- a/docs/examples/smtp-mime.c
+++ b/docs/examples/smtp-mime.c
@@ -37,9 +37,9 @@
  * Note that this example requires libcurl 7.56.0 or above.
  */
 
-#define FROM    ""
-#define TO      ""
-#define CC      ""
+#define FROM ""
+#define TO   ""
+#define CC   ""
 
 static const char *headers_text[] = {
   "Date: Tue, 22 Aug 2017 14:08:43 +0100",
@@ -47,7 +47,7 @@ static const char *headers_text[] = {
   "From: " FROM " (Example User)",
   "Cc: " CC " (Another example User)",
   "Message-ID: ",
+  "rfcpedant.example.org>",
   "Subject: example sending a MIME-formatted message",
   NULL
 };
@@ -66,7 +66,6 @@ static const char inline_html[] =
   "email viewers able to handle HTML.
"
   "\r\n";
 
-
 int main(void)
 {
   CURL *curl;
diff --git a/docs/examples/smtp-multi.c b/docs/examples/smtp-multi.c
index 8cb5e65a26..acc54bacdf 100644
--- a/docs/examples/smtp-multi.c
+++ b/docs/examples/smtp-multi.c
@@ -34,9 +34,9 @@
  * libcurl's multi interface.
  */
 
-#define FROM_MAIL     ""
-#define TO_MAIL       ""
-#define CC_MAIL       ""
+#define FROM_MAIL ""
+#define TO_MAIL   ""
+#define CC_MAIL   ""
 
 static const char *payload_text =
   "Date: Mon, 29 Nov 2010 21:54:29 +1100\r\n"
@@ -94,7 +94,7 @@ int main(void)
     if(multi) {
       int still_running = 1;
       struct curl_slist *recipients = NULL;
-      struct upload_status upload_ctx = {0};
+      struct upload_status upload_ctx = { 0 };
 
       /* This is the URL for your mailserver */
       curl_easy_setopt(curl, CURLOPT_URL, "smtp://mail.example.com");
diff --git a/docs/examples/smtp-ssl.c b/docs/examples/smtp-ssl.c
index 3b140c904c..3a5e330439 100644
--- a/docs/examples/smtp-ssl.c
+++ b/docs/examples/smtp-ssl.c
@@ -38,9 +38,9 @@
  * Note that this example requires libcurl 7.20.0 or above.
  */
 
-#define FROM_MAIL     ""
-#define TO_MAIL       ""
-#define CC_MAIL       ""
+#define FROM_MAIL ""
+#define TO_MAIL   ""
+#define CC_MAIL   ""
 
 static const char *payload_text =
   "Date: Mon, 29 Nov 2010 21:54:29 +1100\r\n"
@@ -93,7 +93,7 @@ int main(void)
   curl = curl_easy_init();
   if(curl) {
     struct curl_slist *recipients = NULL;
-    struct upload_status upload_ctx = {0};
+    struct upload_status upload_ctx = { 0 };
 
     /* Set username and password */
     curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
diff --git a/docs/examples/smtp-tls.c b/docs/examples/smtp-tls.c
index 3bf3b0cddf..e9221b36c9 100644
--- a/docs/examples/smtp-tls.c
+++ b/docs/examples/smtp-tls.c
@@ -38,9 +38,9 @@
  * Note that this example requires libcurl 7.20.0 or above.
  */
 
-#define FROM_MAIL     ""
-#define TO_MAIL       ""
-#define CC_MAIL       ""
+#define FROM_MAIL ""
+#define TO_MAIL   ""
+#define CC_MAIL   ""
 
 static const char *payload_text =
   "Date: Mon, 29 Nov 2010 21:54:29 +1100\r\n"
@@ -93,7 +93,7 @@ int main(void)
   curl = curl_easy_init();
   if(curl) {
     struct curl_slist *recipients = NULL;
-    struct upload_status upload_ctx = {0};
+    struct upload_status upload_ctx = { 0 };
 
     /* Set username and password */
     curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
diff --git a/docs/examples/synctime.c b/docs/examples/synctime.c
index b2a3b92607..a81f40e3ac 100644
--- a/docs/examples/synctime.c
+++ b/docs/examples/synctime.c
@@ -58,8 +58,8 @@
  */
 #ifdef _MSC_VER
 #ifndef _CRT_SECURE_NO_WARNINGS
-#define _CRT_SECURE_NO_WARNINGS  /* for _snprintf(), fopen(), gmtime(),
-                                    localtime(), sscanf() */
+#define _CRT_SECURE_NO_WARNINGS /* for _snprintf(), fopen(), gmtime(),
+                                   localtime(), sscanf() */
 #endif
 #endif
 
@@ -74,9 +74,9 @@ int main(void)
 #else
 
 #if (defined(_WIN32_WINNT) && (_WIN32_WINNT >= 0x0602)) || \
-   defined(WINAPI_FAMILY)
+  defined(WINAPI_FAMILY)
 #  include 
-#  if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP) &&  \
+#  if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP) && \
      !WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP)
 #    define CURL_WINDOWS_UWP
 #  endif
@@ -100,8 +100,8 @@ int main(void)
 #define snprintf _snprintf
 #endif
 
-#define MAX_STRING              256
-#define MAX_STRING1             MAX_STRING + 1
+#define MAX_STRING  256
+#define MAX_STRING1 MAX_STRING + 1
 
 #define SYNCTIME_UA "synctime/1.0"
 
@@ -111,8 +111,7 @@ struct conf {
   char timeserver[MAX_STRING1];
 };
 
-static const char DefaultTimeServer[3][MAX_STRING1] =
-{
+static const char DefaultTimeServer[3][MAX_STRING1] = {
   "https://nist.time.gov/",
   "https://www.google.com/"
 };
@@ -128,8 +127,8 @@ static int AutoSyncTime;
 static SYSTEMTIME SYSTime;
 static SYSTEMTIME LOCALTime;
 
-#define HTTP_COMMAND_HEAD       0
-#define HTTP_COMMAND_GET        1
+#define HTTP_COMMAND_HEAD 0
+#define HTTP_COMMAND_GET  1
 
 static size_t write_cb(void *ptr, size_t size, size_t nmemb, void *stream)
 {
@@ -167,17 +166,17 @@ static size_t SyncTime_CURL_WriteHeader(void *ptr, size_t size, size_t nmemb,
 
       if(RetVal == 7) {
         int i;
-        SYSTime.wMilliseconds = 500;    /* adjust to midpoint, 0.5 sec */
+        SYSTime.wMilliseconds = 500;  /* adjust to midpoint, 0.5 sec */
         for(i = 0; i < 12; i++) {
           if(strcmp(MthStr[i], TmpStr2) == 0) {
             SYSTime.wMonth = (WORD)(i + 1);
             break;
           }
         }
-        AutoSyncTime = 3;       /* Computer clock is adjusted */
+        AutoSyncTime = 3;  /* Computer clock is adjusted */
       }
       else {
-        AutoSyncTime = 0;       /* Error in sscanf() fields conversion */
+        AutoSyncTime = 0;  /* Error in sscanf() fields conversion */
       }
     }
   }
@@ -222,7 +221,7 @@ static CURLcode SyncTime_CURL_Fetch(CURL *curl, const char *URL_Str,
   res = curl_easy_perform(curl);
   if(outfile)
     fclose(outfile);
-  return res;  /* (CURLE_OK) */
+  return res; /* (CURLE_OK) */
 }
 
 static void showUsage(void)
@@ -251,7 +250,7 @@ static int conf_init(struct conf *conf)
 
   *conf->http_proxy = 0;
   for(i = 0; i < MAX_STRING1; i++)
-    conf->proxy_user[i] = 0;    /* Clean up password from memory */
+    conf->proxy_user[i] = 0;  /* Clean up password from memory */
   *conf->timeserver = 0;
   return 1;
 }
@@ -263,9 +262,9 @@ int main(int argc, char *argv[])
   struct conf conf[1];
   int RetValue;
 
-  ShowAllHeader   = 0;    /* Do not show HTTP Header */
-  AutoSyncTime    = 0;    /* Do not synchronise computer clock */
-  RetValue        = 0;    /* Successful Exit */
+  ShowAllHeader = 0;  /* Do not show HTTP Header */
+  AutoSyncTime = 0;   /* Do not synchronise computer clock */
+  RetValue = 0;       /* Successful Exit */
   conf_init(conf);
 
   if(argc > 1) {
@@ -295,7 +294,7 @@ int main(int argc, char *argv[])
     }
   }
 
-  if(*conf->timeserver == 0)     /* Use default server for time information */
+  if(*conf->timeserver == 0)  /* Use default server for time information */
     snprintf(conf->timeserver, MAX_STRING, "%s", DefaultTimeServer[0]);
 
   /* Init CURL before usage */
diff --git a/docs/examples/websocket-cb.c b/docs/examples/websocket-cb.c
index 78899826fb..63d07c7841 100644
--- a/docs/examples/websocket-cb.c
+++ b/docs/examples/websocket-cb.c
@@ -33,8 +33,8 @@ static size_t write_cb(char *b, size_t size, size_t nitems, void *p)
   CURL *curl = p;
   size_t i;
   const struct curl_ws_frame *frame = curl_ws_meta(curl);
-  fprintf(stderr, "Type: %s\n", frame->flags & CURLWS_BINARY ?
-          "binary" : "text");
+  fprintf(stderr, "Type: %s\n",
+          frame->flags & CURLWS_BINARY ? "binary" : "text");
   fprintf(stderr, "Bytes: %u", (unsigned int)(nitems * size));
   for(i = 0; i < nitems; i++)
     fprintf(stderr, "%02x ", (unsigned char)b[i]);
diff --git a/docs/examples/websocket-updown.c b/docs/examples/websocket-updown.c
index 87f7aea287..a40bddf9cf 100644
--- a/docs/examples/websocket-updown.c
+++ b/docs/examples/websocket-updown.c
@@ -35,8 +35,8 @@ static size_t write_cb(char *b, size_t size, size_t nitems, void *p)
   size_t i;
   unsigned int blen = (unsigned int)(nitems * size);
   const struct curl_ws_frame *frame = curl_ws_meta(curl);
-  fprintf(stderr, "Type: %s\n", frame->flags & CURLWS_BINARY ?
-          "binary" : "text");
+  fprintf(stderr, "Type: %s\n",
+          frame->flags & CURLWS_BINARY ? "binary" : "text");
   if(frame->flags & CURLWS_BINARY) {
     fprintf(stderr, "Bytes: %u", blen);
     for(i = 0; i < nitems; i++)
@@ -111,7 +111,6 @@ int main(int argc, const char *argv[])
     curl_easy_setopt(curl, CURLOPT_READDATA, &rctx);
     curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L);
 
-
     /* Perform the request, res gets the return code */
     res = curl_easy_perform(curl);
     /* Check for errors */
diff --git a/docs/examples/websocket.c b/docs/examples/websocket.c
index 0063f1b59c..0075f68e60 100644
--- a/docs/examples/websocket.c
+++ b/docs/examples/websocket.c
@@ -49,10 +49,10 @@ static CURLcode ping(CURL *curl, const char *send_payload)
       buf += sent; /* deduct what was sent */
       blen -= sent;
     }
-    else if(res == CURLE_AGAIN) {  /* blocked on sending */
+    else if(res == CURLE_AGAIN) { /* blocked on sending */
       fprintf(stderr, "ws: sent PING blocked, waiting a second\n");
-      sleep(1);  /* either select() on socket or max timeout would
-                    be good here. */
+      sleep(1); /* either select() on socket or max timeout would
+                   be good here. */
     }
     else /* real error sending */
       break;
@@ -85,8 +85,7 @@ retry:
               same ? "same" : "different");
     }
     else if(meta->flags & CURLWS_TEXT) {
-      fprintf(stderr, "ws: received TEXT frame '%.*s'\n", (int)rlen,
-              buffer);
+      fprintf(stderr, "ws: received TEXT frame '%.*s'\n", (int)rlen, buffer);
     }
     else if(meta->flags & CURLWS_BINARY) {
       fprintf(stderr, "ws: received BINARY frame of %u bytes\n",
@@ -99,10 +98,10 @@ retry:
       goto retry;
     }
   }
-  else if(res == CURLE_AGAIN) {  /* blocked on receiving */
+  else if(res == CURLE_AGAIN) { /* blocked on receiving */
     fprintf(stderr, "ws: PONG not there yet, waiting a second\n");
-    sleep(1);  /* either select() on socket or max timeout would
-                  be good here. */
+    sleep(1); /* either select() on socket or max timeout would
+                 be good here. */
     goto retry;
   }
   if(res)
diff --git a/lib/bufref.c b/lib/bufref.c
index 8f52d48d20..e5b5a4d985 100644
--- a/lib/bufref.c
+++ b/lib/bufref.c
@@ -102,7 +102,7 @@ const char *Curl_bufref_ptr(const struct bufref *br)
   DEBUGASSERT(br->signature == SIGNATURE);
   DEBUGASSERT(br->ptr || !br->len);
 
-  return (const char *) br->ptr;
+  return (const char *)br->ptr;
 }
 
 /*
diff --git a/lib/cookie.c b/lib/cookie.c
index dff5198c11..5c29768bbd 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -1036,7 +1036,7 @@ Curl_cookie_add(struct Curl_easy *data,
     /* Only show this when NOT reading the cookies from a file */
     infof(data, "%s cookie %s=\"%s\" for domain %s, path %s, "
           "expire %" FMT_OFF_T,
-          replaces ? "Replaced":"Added", co->name, co->value,
+          replaces ? "Replaced" : "Added", co->name, co->value,
           co->domain, co->path, co->expires);
 
   if(!replaces)
diff --git a/lib/curl_sha512_256.c b/lib/curl_sha512_256.c
index cc49aa4c77..78f60dfc26 100644
--- a/lib/curl_sha512_256.c
+++ b/lib/curl_sha512_256.c
@@ -238,8 +238,7 @@ static CURLcode Curl_sha512_256_update(void *context,
  #             bytes
  * @return always CURLE_OK
  */
-static CURLcode Curl_sha512_256_finish(unsigned char *digest,
-                                       void *context)
+static CURLcode Curl_sha512_256_finish(unsigned char *digest, void *context)
 {
   Curl_sha512_256_ctx * const ctx = (Curl_sha512_256_ctx *)context;
 
@@ -453,19 +452,19 @@ static void Curl_sha512_256_transform(uint64_t H[SHA512_256_HASH_SIZE_WORDS],
 
   /* 'Ch' and 'Maj' macro functions are defined with widely-used optimization.
      See FIPS PUB 180-4 formulae 4.8, 4.9. */
-#define Sha512_Ch(x, y, z)    ( (z) ^ ((x) & ((y) ^ (z))) )
-#define Sha512_Maj(x, y, z)   ( ((x) & (y)) ^ ((z) & ((x) ^ (y))) )
+#define Sha512_Ch(x, y, z)    ((z) ^ ((x) & ((y) ^ (z))))
+#define Sha512_Maj(x, y, z)   (((x) & (y)) ^ ((z) & ((x) ^ (y))))
 
   /* Four 'Sigma' macro functions.
      See FIPS PUB 180-4 formulae 4.10, 4.11, 4.12, 4.13. */
 #define SIG0(x)                                                         \
-  ( Curl_rotr64((x), 28) ^ Curl_rotr64((x), 34) ^ Curl_rotr64((x), 39) )
+  (Curl_rotr64((x), 28) ^ Curl_rotr64((x), 34) ^ Curl_rotr64((x), 39))
 #define SIG1(x)                                                         \
-  ( Curl_rotr64((x), 14) ^ Curl_rotr64((x), 18) ^ Curl_rotr64((x), 41) )
+  (Curl_rotr64((x), 14) ^ Curl_rotr64((x), 18) ^ Curl_rotr64((x), 41))
 #define sig0(x)                                                 \
-  ( Curl_rotr64((x), 1) ^ Curl_rotr64((x), 8) ^ ((x) >> 7) )
+  (Curl_rotr64((x), 1) ^ Curl_rotr64((x), 8) ^ ((x) >> 7))
 #define sig1(x)                                                 \
-  ( Curl_rotr64((x), 19) ^ Curl_rotr64((x), 61) ^ ((x) >> 6) )
+  (Curl_rotr64((x), 19) ^ Curl_rotr64((x), 61) ^ ((x) >> 6))
 
   if(1) {
     unsigned int t;
@@ -628,9 +627,7 @@ static CURLcode Curl_sha512_256_update(void *context,
     if(length >= bytes_left) {
       /* Combine new data with data in the buffer and process the full
          block. */
-      memcpy(((unsigned char *)ctx_buf) + bytes_have,
-             data,
-             bytes_left);
+      memcpy(((unsigned char *)ctx_buf) + bytes_have, data, bytes_left);
       data += bytes_left;
       length -= bytes_left;
       Curl_sha512_256_transform(ctx->H, ctx->buffer);
diff --git a/lib/formdata.c b/lib/formdata.c
index d5f6776a3d..b0c57b8d6f 100644
--- a/lib/formdata.c
+++ b/lib/formdata.c
@@ -252,7 +252,7 @@ static CURLFORMcode FormAddCheck(struct FormInfo *first_form,
         (form->flags & HTTPPOST_BUFFER)) &&
        !Curl_bufref_ptr(&form->contenttype)) {
       const char *f = Curl_bufref_ptr((form->flags & HTTPPOST_BUFFER) ?
-                                       &form->showfilename : &form->value);
+                                      &form->showfilename : &form->value);
       const char *type = Curl_mime_contenttype(f);
       if(!type)
         type = prevtype;
@@ -276,7 +276,7 @@ static CURLFORMcode FormAddCheck(struct FormInfo *first_form,
     if(!(form->flags & (HTTPPOST_FILENAME | HTTPPOST_READFILE |
                         HTTPPOST_PTRCONTENTS | HTTPPOST_PTRBUFFER |
                         HTTPPOST_CALLBACK))) {
-      if(FormInfoCopyField(&form->value, (size_t) form->contentslength))
+      if(FormInfoCopyField(&form->value, (size_t)form->contentslength))
         return CURL_FORMADD_MEMORY;
     }
     post = AddHttpPost(form, post, httppost, last_post);
@@ -315,11 +315,11 @@ static CURLFORMcode FormAdd(struct curl_httppost **httppost,
   struct curl_httppost *newchain = NULL;
   struct curl_httppost *lastnode = NULL;
 
-#define form_ptr_arg(t) (forms ? (t) (void *) avalue : va_arg(params, t))
+#define form_ptr_arg(t) (forms ? (t)(void *)avalue : va_arg(params, t))
 #ifdef HAVE_STDINT_H
-#define form_int_arg(t) (forms ? (t) (uintptr_t) avalue : va_arg(params, t))
+#define form_int_arg(t) (forms ? (t)(uintptr_t)avalue : va_arg(params, t))
 #else
-#define form_int_arg(t) (forms ? (t) (void *) avalue : va_arg(params, t))
+#define form_int_arg(t) (forms ? (t)(void *)avalue : va_arg(params, t))
 #endif
 
   /*
@@ -391,7 +391,7 @@ static CURLFORMcode FormAdd(struct curl_httppost **httppost,
       if(curr->namelength)
         retval = CURL_FORMADD_OPTION_TWICE;
       else
-        curr->namelength = (size_t) form_int_arg(long);
+        curr->namelength = (size_t)form_int_arg(long);
       break;
 
       /*
@@ -412,7 +412,7 @@ static CURLFORMcode FormAdd(struct curl_httppost **httppost,
       }
       break;
     case CURLFORM_CONTENTSLENGTH:
-      curr->contentslength = (curl_off_t)(size_t) form_int_arg(long);
+      curr->contentslength = (curl_off_t)(size_t)form_int_arg(long);
       break;
 
     case CURLFORM_CONTENTLEN:
@@ -493,7 +493,7 @@ static CURLFORMcode FormAdd(struct curl_httppost **httppost,
       if(curr->bufferlength)
         retval = CURL_FORMADD_OPTION_TWICE;
       else
-        curr->bufferlength = (size_t) form_int_arg(long);
+        curr->bufferlength = (size_t)form_int_arg(long);
       break;
 
     case CURLFORM_STREAM:
@@ -521,7 +521,7 @@ static CURLFORMcode FormAdd(struct curl_httppost **httppost,
           if(avalue) {
             form = NewFormInfo();
             if(!form || Curl_bufref_memdup0(&form->contenttype, avalue,
-                                           strlen(avalue))) {
+                                            strlen(avalue))) {
               curlx_free(form);
               retval = CURL_FORMADD_MEMORY;
             }
@@ -793,10 +793,10 @@ CURLcode Curl_getformdata(CURL *data,
 #pragma clang diagnostic push
 #pragma clang diagnostic ignored "-Wcast-function-type-strict"
 #endif
-            result = curl_mime_data_cb(part, (curl_off_t) -1,
-                                       (curl_read_callback) fread,
+            result = curl_mime_data_cb(part, (curl_off_t)-1,
+                                       (curl_read_callback)fread,
                                        curlx_fseek,
-                                       NULL, (void *) stdin);
+                                       NULL, (void *)stdin);
 #if defined(__clang__) && __clang_major__ >= 16
 #pragma clang diagnostic pop
 #endif
diff --git a/lib/ftp.c b/lib/ftp.c
index 49f042c7c4..4e528259c9 100644
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -81,8 +81,8 @@
 
 /* macro to check for a three-digit ftp status code at the start of the
    given string */
-#define STATUSCODE(line) (ISDIGIT(line[0]) && ISDIGIT(line[1]) &&       \
-                          ISDIGIT(line[2]))
+#define STATUSCODE(line) \
+  (ISDIGIT(line[0]) && ISDIGIT(line[1]) && ISDIGIT(line[2]))
 
 /* macro to check for the last line in an FTP server response */
 #define LASTLINE(line) (STATUSCODE(line) && (' ' == line[3]))
@@ -1749,8 +1749,7 @@ static CURLcode ftp_epsv_disable(struct Curl_easy *data,
   return result;
 }
 
-static CURLcode ftp_control_addr_dup(struct Curl_easy *data,
-                                     char **newhostp)
+static CURLcode ftp_control_addr_dup(struct Curl_easy *data, char **newhostp)
 {
   struct connectdata *conn = data->conn;
   struct ip_quadruple ipquad;
diff --git a/lib/hostip.c b/lib/hostip.c
index ba9e3ddd7a..4f4122d6ae 100644
--- a/lib/hostip.c
+++ b/lib/hostip.c
@@ -217,7 +217,7 @@ static timediff_t dnscache_prune(struct Curl_hash *hostcache,
   user.oldest_ms = 0;
 
   Curl_hash_clean_with_criterium(hostcache,
-                                 (void *) &user,
+                                 (void *)&user,
                                  dnscache_entry_is_stale);
 
   return user.oldest_ms;
diff --git a/lib/http_aws_sigv4.c b/lib/http_aws_sigv4.c
index da80f19658..850daf4139 100644
--- a/lib/http_aws_sigv4.c
+++ b/lib/http_aws_sigv4.c
@@ -448,7 +448,7 @@ static CURLcode calc_payload_hash(struct Curl_easy *data,
     else
       post_data_len = (size_t)data->set.postfieldsize;
   }
-  result = Curl_sha256it(sha_hash, (const unsigned char *) post_data,
+  result = Curl_sha256it(sha_hash, (const unsigned char *)post_data,
                          post_data_len);
   if(!result)
     sha256_to_hex(sha_hex, sha_hash);
diff --git a/lib/ldap.c b/lib/ldap.c
index b6ed43d904..6104ff2073 100644
--- a/lib/ldap.c
+++ b/lib/ldap.c
@@ -143,11 +143,11 @@ static void ldap_free_urldesc_low(LDAPURLDesc *ludp);
 #endif /* !HAVE_LDAP_URL_PARSE */
 
 #ifdef DEBUG_LDAP
-#define LDAP_TRACE(x)               \
-do {                                \
-  ldap_trace_low("%u: ", __LINE__); \
-  ldap_trace_low x;                 \
-} while(0)
+#define LDAP_TRACE(x)                 \
+  do {                                \
+    ldap_trace_low("%u: ", __LINE__); \
+    ldap_trace_low x;                 \
+  } while(0)
 
 static void ldap_trace_low(const char *fmt, ...) CURL_PRINTF(1, 2);
 #else
diff --git a/lib/url.c b/lib/url.c
index 194810553e..043d7ca72c 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -1769,7 +1769,7 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data,
   if(!use_set_uh) {
     char *newurl;
     uc = curl_url_set(uh, CURLUPART_URL, Curl_bufref_ptr(&data->state.url),
-                      (unsigned int) (CURLU_GUESS_SCHEME |
+                      (unsigned int)(CURLU_GUESS_SCHEME |
                        CURLU_NON_SUPPORT_SCHEME |
                        (data->set.disallow_username_in_url ?
                         CURLU_DISALLOW_USER : 0) |
@@ -3199,7 +3199,7 @@ static CURLcode resolve_server(struct Curl_easy *data,
 
 #ifndef CURL_DISABLE_PROXY
     if(!unix_path && CONN_IS_PROXIED(conn) && conn->socks_proxy.host.name &&
-       !strncmp(UNIX_SOCKET_PREFIX"/",
+       !strncmp(UNIX_SOCKET_PREFIX "/",
                 conn->socks_proxy.host.name, sizeof(UNIX_SOCKET_PREFIX)))
       unix_path = conn->socks_proxy.host.name + sizeof(UNIX_SOCKET_PREFIX) - 1;
 #endif
diff --git a/lib/vauth/digest_sspi.c b/lib/vauth/digest_sspi.c
index fc2c139375..c92b53dcfc 100644
--- a/lib/vauth/digest_sspi.c
+++ b/lib/vauth/digest_sspi.c
@@ -452,10 +452,10 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
     chlg_buf[0].cbBuffer   = 0;
     chlg_buf[1].BufferType = SECBUFFER_PKG_PARAMS;
     chlg_buf[1].pvBuffer   = CURL_UNCONST(request);
-    chlg_buf[1].cbBuffer   = curlx_uztoul(strlen((const char *) request));
+    chlg_buf[1].cbBuffer   = curlx_uztoul(strlen((const char *)request));
     chlg_buf[2].BufferType = SECBUFFER_PKG_PARAMS;
     chlg_buf[2].pvBuffer   = CURL_UNCONST(uripath);
-    chlg_buf[2].cbBuffer   = curlx_uztoul(strlen((const char *) uripath));
+    chlg_buf[2].cbBuffer   = curlx_uztoul(strlen((const char *)uripath));
     chlg_buf[3].BufferType = SECBUFFER_PKG_PARAMS;
     chlg_buf[3].pvBuffer   = NULL;
     chlg_buf[3].cbBuffer   = 0;
@@ -495,7 +495,7 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
       }
 
       /* Populate our identity domain */
-      if(Curl_override_sspi_http_realm((const char *) digest->input_token,
+      if(Curl_override_sspi_http_realm((const char *)digest->input_token,
                                        &identity)) {
         Curl_sspi_free_identity(&identity);
         curlx_free(output_token);
@@ -552,7 +552,7 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
     chlg_buf[0].cbBuffer   = curlx_uztoul(digest->input_token_len);
     chlg_buf[1].BufferType = SECBUFFER_PKG_PARAMS;
     chlg_buf[1].pvBuffer   = CURL_UNCONST(request);
-    chlg_buf[1].cbBuffer   = curlx_uztoul(strlen((const char *) request));
+    chlg_buf[1].cbBuffer   = curlx_uztoul(strlen((const char *)request));
     chlg_buf[2].BufferType = SECBUFFER_PKG_PARAMS;
     chlg_buf[2].pvBuffer   = NULL;
     chlg_buf[2].cbBuffer   = 0;
@@ -565,7 +565,7 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
     resp_buf.pvBuffer   = output_token;
     resp_buf.cbBuffer   = curlx_uztoul(token_max);
 
-    spn = curlx_convert_UTF8_to_tchar((const char *) uripath);
+    spn = curlx_convert_UTF8_to_tchar((const char *)uripath);
     if(!spn) {
       Curl_pSecFn->FreeCredentialsHandle(&credentials);
 
diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c
index 690ef252a0..b9eaa1e98e 100644
--- a/lib/vquic/curl_ngtcp2.c
+++ b/lib/vquic/curl_ngtcp2.c
@@ -73,7 +73,7 @@
 #include "../curlx/warnless.h"
 
 
-#define QUIC_MAX_STREAMS (256 * 1024)
+#define QUIC_MAX_STREAMS       (256 * 1024)
 #define QUIC_HANDSHAKE_TIMEOUT (10 * NGTCP2_SECONDS)
 
 /* A stream window is the maximum amount we need to buffer for
@@ -91,12 +91,11 @@
  * spares. Memory consumption goes down when streams run empty,
  * have a large upload done, etc. */
 #define H3_STREAM_POOL_SPARES \
-          (H3_STREAM_WINDOW_SIZE / H3_STREAM_CHUNK_SIZE ) / 2
+  (H3_STREAM_WINDOW_SIZE / H3_STREAM_CHUNK_SIZE) / 2
 /* Receive and Send max number of chunks just follows from the
  * chunk size and window size */
 #define H3_STREAM_SEND_CHUNKS \
-          (H3_STREAM_WINDOW_SIZE / H3_STREAM_CHUNK_SIZE)
-
+  (H3_STREAM_WINDOW_SIZE / H3_STREAM_CHUNK_SIZE)
 
 /*
  * Store ngtcp2 version info in this buffer.
@@ -959,7 +958,7 @@ static CURLcode cf_ngtcp2_adjust_pollset(struct Curl_cfilter *cf,
 
     CF_DATA_SAVE(save, cf, data);
     c_exhaust = want_send && (!ngtcp2_conn_get_cwnd_left(ctx->qconn) ||
-                !ngtcp2_conn_get_max_data_left(ctx->qconn));
+                              !ngtcp2_conn_get_max_data_left(ctx->qconn));
     s_exhaust = want_send && stream && stream->id >= 0 &&
                 stream->quic_flow_blocked;
     want_recv = (want_recv || c_exhaust || s_exhaust);
@@ -2513,7 +2512,7 @@ static CURLcode cf_connect_start(struct Curl_cfilter *cf,
   CURLcode result;
   const struct Curl_sockaddr_ex *sockaddr = NULL;
   int qfd;
-  static const struct alpn_spec ALPN_SPEC_H3 = {{ "h3", "h3-29" }, 2};
+  static const struct alpn_spec ALPN_SPEC_H3 = { { "h3", "h3-29" }, 2 };
 
   DEBUGASSERT(ctx->initialized);
   ctx->dcid.datalen = NGTCP2_MAX_CIDLEN;
diff --git a/lib/vquic/curl_osslq.c b/lib/vquic/curl_osslq.c
index 73cea21a15..4e6e325295 100644
--- a/lib/vquic/curl_osslq.c
+++ b/lib/vquic/curl_osslq.c
@@ -70,13 +70,13 @@
  * spares. Memory consumption goes down when streams run empty,
  * have a large upload done, etc. */
 #define H3_STREAM_POOL_SPARES \
-          (H3_STREAM_WINDOW_SIZE / H3_STREAM_CHUNK_SIZE ) / 2
+  (H3_STREAM_WINDOW_SIZE / H3_STREAM_CHUNK_SIZE) / 2
 /* Receive and Send max number of chunks just follows from the
  * chunk size and window size */
 #define H3_STREAM_RECV_CHUNKS \
-          (H3_STREAM_WINDOW_SIZE / H3_STREAM_CHUNK_SIZE)
+  (H3_STREAM_WINDOW_SIZE / H3_STREAM_CHUNK_SIZE)
 #define H3_STREAM_SEND_CHUNKS \
-          (H3_STREAM_WINDOW_SIZE / H3_STREAM_CHUNK_SIZE)
+  (H3_STREAM_WINDOW_SIZE / H3_STREAM_CHUNK_SIZE)
 
 #if defined(OPENSSL_IS_BORINGSSL) || defined(OPENSSL_IS_AWSLC)
 typedef uint32_t sslerr_t;
@@ -87,8 +87,7 @@ typedef unsigned long sslerr_t;
 
 /* How to access `call_data` from a cf_osslq filter */
 #undef CF_CTX_CALL_DATA
-#define CF_CTX_CALL_DATA(cf)  \
-  ((struct cf_osslq_ctx *)(cf)->ctx)->call_data
+#define CF_CTX_CALL_DATA(cf) ((struct cf_osslq_ctx *)(cf)->ctx)->call_data
 
 static CURLcode cf_progress_ingress(struct Curl_cfilter *cf,
                                     struct Curl_easy *data);
@@ -954,7 +953,7 @@ static int cb_h3_reset_stream(nghttp3_conn *conn, int64_t stream_id,
   (void)conn;
 
   if(stream && stream->s.ssl) {
-    SSL_STREAM_RESET_ARGS args = {0};
+    SSL_STREAM_RESET_ARGS args = { 0 };
     args.quic_error_code = app_error_code;
     rv = !SSL_stream_reset(stream->s.ssl, &args, sizeof(args));
     CURL_TRC_CF(data, cf, "[%" PRId64 "] reset -> %d", stream_id, rv);
diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c
index 7082d55916..feceaf6369 100644
--- a/lib/vquic/curl_quiche.c
+++ b/lib/vquic/curl_quiche.c
@@ -65,11 +65,11 @@
  * stream buffer to not keep spares. Memory consumption goes down when streams
  * run empty, have a large upload done, etc. */
 #define H3_STREAM_POOL_SPARES \
-          (H3_STREAM_WINDOW_SIZE / H3_STREAM_CHUNK_SIZE ) / 2
+  (H3_STREAM_WINDOW_SIZE / H3_STREAM_CHUNK_SIZE) / 2
 /* Receive and Send max number of chunks just follows from the
  * chunk size and window size */
 #define H3_STREAM_RECV_CHUNKS \
-          (H3_STREAM_WINDOW_SIZE / H3_STREAM_CHUNK_SIZE)
+  (H3_STREAM_WINDOW_SIZE / H3_STREAM_CHUNK_SIZE)
 
 /*
  * Store quiche version info in this buffer.
@@ -1228,7 +1228,7 @@ static CURLcode cf_quiche_ctx_open(struct Curl_cfilter *cf,
   int rv;
   CURLcode result;
   const struct Curl_sockaddr_ex *sockaddr;
-  static const struct alpn_spec ALPN_SPEC_H3 = {{ "h3" }, 1};
+  static const struct alpn_spec ALPN_SPEC_H3 = { { "h3" }, 1 };
 
   DEBUGASSERT(ctx->q.sockfd != CURL_SOCKET_BAD);
   DEBUGASSERT(ctx->initialized);
diff --git a/lib/vquic/vquic-tls.c b/lib/vquic/vquic-tls.c
index 99b19b3691..d121b99379 100644
--- a/lib/vquic/vquic-tls.c
+++ b/lib/vquic/vquic-tls.c
@@ -178,12 +178,12 @@ CURLcode Curl_vquic_tls_verify_peer(struct curl_tls_ctx *ctx,
     if(!cert)
       result = CURLE_OUT_OF_MEMORY;
     else if(peer->sni &&
-      (wolfSSL_X509_check_host(cert, peer->sni, strlen(peer->sni), 0, NULL)
-       == WOLFSSL_FAILURE))
+            (wolfSSL_X509_check_host(cert, peer->sni, strlen(peer->sni), 0,
+                                     NULL) == WOLFSSL_FAILURE))
       result = CURLE_PEER_FAILED_VERIFICATION;
     else if(!peer->sni &&
-      (wolfSSL_X509_check_ip_asc(cert, peer->hostname, 0)
-       == WOLFSSL_FAILURE))
+            (wolfSSL_X509_check_ip_asc(cert, peer->hostname,
+                                       0) == WOLFSSL_FAILURE))
       result = CURLE_PEER_FAILED_VERIFICATION;
     wolfSSL_X509_free(cert);
   }
diff --git a/lib/vquic/vquic.c b/lib/vquic/vquic.c
index a4dea8a77c..125c31135e 100644
--- a/lib/vquic/vquic.c
+++ b/lib/vquic/vquic.c
@@ -124,7 +124,7 @@ static CURLcode do_sendmsg(struct Curl_cfilter *cf,
   CURLcode result = CURLE_OK;
 #ifdef HAVE_SENDMSG
   struct iovec msg_iov;
-  struct msghdr msg = {0};
+  struct msghdr msg = { 0 };
   ssize_t rv;
 #if defined(__linux__) && defined(UDP_SEGMENT)
   uint8_t msg_ctrl[32];
@@ -153,8 +153,7 @@ static CURLcode do_sendmsg(struct Curl_cfilter *cf,
   }
 #endif
 
-  while((rv = sendmsg(qctx->sockfd, &msg, 0)) == -1 &&
-        SOCKERRNO == SOCKEINTR)
+  while((rv = sendmsg(qctx->sockfd, &msg, 0)) == -1 && SOCKERRNO == SOCKEINTR)
     ;
 
   if(!curlx_sztouz(rv, psent)) {
@@ -516,7 +515,7 @@ static CURLcode recvmsg_packets(struct Curl_cfilter *cf,
       }
       curlx_strerror(SOCKERRNO, errstr, sizeof(errstr));
       failf(data, "QUIC: recvmsg() unexpectedly returned %zd (errno=%d; %s)",
-                  rc, SOCKERRNO, errstr);
+            rc, SOCKERRNO, errstr);
       result = CURLE_RECV_ERROR;
       goto out;
     }
@@ -581,7 +580,7 @@ static CURLcode recvfrom_packets(struct Curl_cfilter *cf,
       }
       curlx_strerror(SOCKERRNO, errstr, sizeof(errstr));
       failf(data, "QUIC: recvfrom() unexpectedly returned %zd (errno=%d; %s)",
-                  rv, SOCKERRNO, errstr);
+            rv, SOCKERRNO, errstr);
       result = CURLE_RECV_ERROR;
       goto out;
     }
diff --git a/lib/vquic/vquic_int.h b/lib/vquic/vquic_int.h
index b4f2fd8116..cd8e8989d2 100644
--- a/lib/vquic/vquic_int.h
+++ b/lib/vquic/vquic_int.h
@@ -29,7 +29,7 @@
 
 #ifdef USE_HTTP3
 
-#define MAX_PKT_BURST 10
+#define MAX_PKT_BURST         10
 #define MAX_UDP_PAYLOAD_SIZE  1452
 
 struct cf_quic_ctx {
diff --git a/lib/vtls/apple.c b/lib/vtls/apple.c
index 31108763a0..f076caf5ff 100644
--- a/lib/vtls/apple.c
+++ b/lib/vtls/apple.c
@@ -54,31 +54,31 @@
 #ifdef USE_APPLE_SECTRUST
 #define SSL_SYSTEM_VERIFIER
 
-#if (defined(MAC_OS_X_VERSION_MAX_ALLOWED)      \
-  && MAC_OS_X_VERSION_MAX_ALLOWED >= 101400)    \
-  || (defined(__IPHONE_OS_VERSION_MAX_ALLOWED)  \
-  && __IPHONE_OS_VERSION_MAX_ALLOWED >= 120000)
+#if (defined(MAC_OS_X_VERSION_MAX_ALLOWED) &&   \
+     MAC_OS_X_VERSION_MAX_ALLOWED >= 101400) || \
+  (defined(__IPHONE_OS_VERSION_MAX_ALLOWED) &&  \
+   __IPHONE_OS_VERSION_MAX_ALLOWED >= 120000)
 #define SUPPORTS_SecTrustEvaluateWithError 1
 #endif
 
-#if defined(SUPPORTS_SecTrustEvaluateWithError)   \
-  && ((defined(MAC_OS_X_VERSION_MIN_REQUIRED)     \
-  && MAC_OS_X_VERSION_MIN_REQUIRED >= 101400)     \
-  || (defined(__IPHONE_OS_VERSION_MIN_REQUIRED)   \
-  && __IPHONE_OS_VERSION_MIN_REQUIRED >= 120000))
+#if defined(SUPPORTS_SecTrustEvaluateWithError) && \
+  ((defined(MAC_OS_X_VERSION_MIN_REQUIRED) &&      \
+    MAC_OS_X_VERSION_MIN_REQUIRED >= 101400) ||    \
+   (defined(__IPHONE_OS_VERSION_MIN_REQUIRED) &&   \
+    __IPHONE_OS_VERSION_MIN_REQUIRED >= 120000))
 #define REQUIRES_SecTrustEvaluateWithError 1
 #endif
 
-#if defined(SUPPORTS_SecTrustEvaluateWithError)   \
-  && !defined(HAVE_BUILTIN_AVAILABLE)             \
-  && !defined(REQUIRES_SecTrustEvaluateWithError)
+#if defined(SUPPORTS_SecTrustEvaluateWithError) && \
+  !defined(HAVE_BUILTIN_AVAILABLE) &&              \
+  !defined(REQUIRES_SecTrustEvaluateWithError)
 #undef SUPPORTS_SecTrustEvaluateWithError
 #endif
 
-#if (defined(MAC_OS_X_VERSION_MAX_ALLOWED)      \
-  && MAC_OS_X_VERSION_MAX_ALLOWED >= 100900)    \
-  || (defined(__IPHONE_OS_VERSION_MAX_ALLOWED)  \
-  && __IPHONE_OS_VERSION_MAX_ALLOWED >= 70000)
+#if (defined(MAC_OS_X_VERSION_MAX_ALLOWED) &&   \
+     MAC_OS_X_VERSION_MAX_ALLOWED >= 100900) || \
+  (defined(__IPHONE_OS_VERSION_MAX_ALLOWED) &&  \
+   __IPHONE_OS_VERSION_MAX_ALLOWED >= 70000)
 #define SUPPORTS_SecOCSP 1
 #endif
 
diff --git a/lib/vtls/cipher_suite.c b/lib/vtls/cipher_suite.c
index 3726187d7f..58d7556220 100644
--- a/lib/vtls/cipher_suite.c
+++ b/lib/vtls/cipher_suite.c
@@ -157,7 +157,7 @@ struct cs_entry {
 };
 
 /* !checksrc! disable COMMANOSPACE all */
-static const struct cs_entry cs_list [] = {
+static const struct cs_entry cs_list[] = {
   /* TLS 1.3 ciphers */
 #if defined(USE_MBEDTLS) || defined(USE_RUSTLS)
   CS_ENTRY(0x1301, TLS,AES,128,GCM,SHA256,,,),
@@ -549,7 +549,7 @@ static const struct cs_entry cs_list [] = {
 
 static int cs_str_to_zip(const char *cs_str, size_t cs_len, uint8_t zip[6])
 {
-  uint8_t indexes[8] = {0};
+  uint8_t indexes[8] = { 0 };
   const char *entry, *cur;
   const char *nxt = cs_str;
   const char *end = cs_str + cs_len;
@@ -597,7 +597,7 @@ static int cs_str_to_zip(const char *cs_str, size_t cs_len, uint8_t zip[6])
 
 static int cs_zip_to_str(const uint8_t zip[6], char *buf, size_t buf_size)
 {
-  uint8_t indexes[8] = {0};
+  uint8_t indexes[8] = { 0 };
   const char *entry;
   char separator = '-';
   int idx, i, r;
diff --git a/lib/vtls/schannel_verify.c b/lib/vtls/schannel_verify.c
index e1a3731457..77f9177349 100644
--- a/lib/vtls/schannel_verify.c
+++ b/lib/vtls/schannel_verify.c
@@ -52,8 +52,8 @@
 #define BACKEND ((struct schannel_ssl_backend_data *)connssl->backend)
 
 #define MAX_CAFILE_SIZE 1048576 /* 1 MiB */
-#define BEGIN_CERT "-----BEGIN CERTIFICATE-----"
-#define END_CERT "\n-----END CERTIFICATE-----"
+#define BEGIN_CERT      "-----BEGIN CERTIFICATE-----"
+#define END_CERT        "\n-----END CERTIFICATE-----"
 
 struct cert_chain_engine_config_win8 {
   DWORD cbSize;
@@ -532,7 +532,7 @@ CURLcode Curl_verify_host(struct Curl_cfilter *cf, struct Curl_easy *data)
   DWORD actual_len = 0;
   PCERT_ALT_NAME_INFO alt_name_info = NULL;
   DWORD alt_name_info_size = 0;
-  struct num_ip_data ip_blob = {0};
+  struct num_ip_data ip_blob = { 0 };
   bool Win8_compat;
   struct num_ip_data *p = &ip_blob;
   DWORD i;
diff --git a/lib/vtls/x509asn1.c b/lib/vtls/x509asn1.c
index f63a9fcb99..d1329410bf 100644
--- a/lib/vtls/x509asn1.c
+++ b/lib/vtls/x509asn1.c
@@ -153,7 +153,7 @@ static const struct Curl_OID OIDtable[] = {
   { "2.16.840.1.101.3.4.2.2",   "sha384" },
   { "2.16.840.1.101.3.4.2.3",   "sha512" },
   { "1.2.840.113549.1.9.2",     "unstructuredName" },
-  { (const char *) NULL,        (const char *) NULL }
+  { (const char *)NULL,         (const char *)NULL }
 };
 
 #endif /* WANT_EXTRACT_CERTINFO */
diff --git a/tests/libtest/cli_h2_pausing.c b/tests/libtest/cli_h2_pausing.c
index 30bcfcf043..740c9c2226 100644
--- a/tests/libtest/cli_h2_pausing.c
+++ b/tests/libtest/cli_h2_pausing.c
@@ -174,22 +174,22 @@ static CURLcode test_cli_h2_pausing(const char *URL)
     handles[i].fail_write = 1;
     handles[i].curl = curl_easy_init();
     if(!handles[i].curl ||
-      curl_easy_setopt(handles[i].curl, CURLOPT_WRITEFUNCTION, cb)
-        != CURLE_OK ||
-      curl_easy_setopt(handles[i].curl, CURLOPT_WRITEDATA, &handles[i])
-        != CURLE_OK ||
-      curl_easy_setopt(handles[i].curl, CURLOPT_FOLLOWLOCATION, 1L)
-        != CURLE_OK ||
-      curl_easy_setopt(handles[i].curl, CURLOPT_VERBOSE, 1L) != CURLE_OK ||
-      curl_easy_setopt(handles[i].curl, CURLOPT_DEBUGFUNCTION, cli_debug_cb)
-        != CURLE_OK ||
-      curl_easy_setopt(handles[i].curl, CURLOPT_SSL_VERIFYPEER, 0L)
-        != CURLE_OK ||
-      curl_easy_setopt(handles[i].curl, CURLOPT_RESOLVE, resolve)
-        != CURLE_OK ||
-      curl_easy_setopt(handles[i].curl, CURLOPT_PIPEWAIT, 1L) != CURLE_OK ||
-      curl_easy_setopt(handles[i].curl, CURLOPT_URL, url) != CURLE_OK) {
-      curl_mfprintf(stderr, "failed configuring easy handle - bailing out\n");
+       curl_easy_setopt(handles[i].curl, CURLOPT_WRITEFUNCTION, cb)
+         != CURLE_OK ||
+       curl_easy_setopt(handles[i].curl, CURLOPT_WRITEDATA, &handles[i])
+         != CURLE_OK ||
+       curl_easy_setopt(handles[i].curl, CURLOPT_FOLLOWLOCATION, 1L)
+         != CURLE_OK ||
+       curl_easy_setopt(handles[i].curl, CURLOPT_VERBOSE, 1L) != CURLE_OK ||
+       curl_easy_setopt(handles[i].curl, CURLOPT_DEBUGFUNCTION, cli_debug_cb)
+         != CURLE_OK ||
+       curl_easy_setopt(handles[i].curl, CURLOPT_SSL_VERIFYPEER, 0L)
+         != CURLE_OK ||
+       curl_easy_setopt(handles[i].curl, CURLOPT_RESOLVE, resolve)
+         != CURLE_OK ||
+       curl_easy_setopt(handles[i].curl, CURLOPT_PIPEWAIT, 1L) != CURLE_OK ||
+       curl_easy_setopt(handles[i].curl, CURLOPT_URL, url) != CURLE_OK) {
+       curl_mfprintf(stderr, "failed configuring easy handle - bailing out\n");
       res = (CURLcode)2;
       goto cleanup;
     }
diff --git a/tests/libtest/cli_hx_download.c b/tests/libtest/cli_hx_download.c
index d139ea28f7..ca1e343a8d 100644
--- a/tests/libtest/cli_hx_download.c
+++ b/tests/libtest/cli_hx_download.c
@@ -178,8 +178,8 @@ static int my_progress_d_cb(void *userdata,
 #endif
 #ifdef USE_MBEDTLS
       case CURLSSLBACKEND_MBEDTLS: {
-        const char *version = mbedtls_ssl_get_version(
-          (mbedtls_ssl_context*)tls->internals);
+        const char *version =
+          mbedtls_ssl_get_version((mbedtls_ssl_context *)tls->internals);
         assert(version);
         assert(strcmp(version, "unknown"));
         curl_mfprintf(stderr, "[t-%zu] info mbedTLS using %s\n",
@@ -190,7 +190,7 @@ static int my_progress_d_cb(void *userdata,
 #ifdef USE_RUSTLS
       case CURLSSLBACKEND_RUSTLS: {
         int v = rustls_connection_get_protocol_version(
-          (struct rustls_connection*)tls->internals);
+          (struct rustls_connection *)tls->internals);
         assert(v);
         curl_mfprintf(stderr, "[t-%zu] info rustls TLS version 0x%x\n",
                       t->idx, v);
@@ -514,8 +514,8 @@ static CURLcode test_cli_hx_download(const char *URL)
           if(!t->started) {
             t->curl = curl_easy_init();
             if(!t->curl ||
-              setup_hx_download(t->curl, url, t, http_version, host, share,
-                                use_earlydata, fresh_connect)) {
+               setup_hx_download(t->curl, url, t, http_version, host, share,
+                                 use_earlydata, fresh_connect)) {
               curl_mfprintf(stderr, "[t-%zu] FAILED setup\n", i);
               res = (CURLcode)1;
               goto cleanup;
diff --git a/tests/libtest/first.c b/tests/libtest/first.c
index e384971c7e..f060560371 100644
--- a/tests/libtest/first.c
+++ b/tests/libtest/first.c
@@ -62,7 +62,7 @@ int unitfail; /* for unittests */
 int coptind;
 const char *coptarg;
 
-int cgetopt(int argc, const char *const argv[], const char *optstring)
+int cgetopt(int argc, const char * const argv[], const char *optstring)
 {
   static int optpos = 1;
   int coptopt;
@@ -141,7 +141,7 @@ static void memory_tracking_init(void)
   }
 }
 #else
-#  define memory_tracking_init() Curl_nop_stmt
+#define memory_tracking_init() Curl_nop_stmt
 #endif
 
 /* returns a hexdump in a static memory area */
diff --git a/tests/libtest/first.h b/tests/libtest/first.h
index 5fa587686b..2ad600ef60 100644
--- a/tests/libtest/first.h
+++ b/tests/libtest/first.h
@@ -59,11 +59,11 @@ extern int unitfail; /* for unittests */
 #define CURL_GNUC_DIAG
 #endif
 
-#define test_setopt(A,B,C)                                      \
+#define test_setopt(A, B, C)                                    \
   if((res = curl_easy_setopt((A), (B), (C))) != CURLE_OK)       \
     goto test_cleanup
 
-#define test_multi_setopt(A,B,C)                                \
+#define test_multi_setopt(A, B, C)                              \
   if((res = curl_multi_setopt((A), (B), (C))) != CURLE_OK)      \
     goto test_cleanup
 
@@ -79,7 +79,7 @@ extern struct curltime tv_test_start; /* for test timing */
 
 extern int coptind;
 extern const char *coptarg;
-int cgetopt(int argc, const char *const argv[], const char *optstring);
+int cgetopt(int argc, const char * const argv[], const char *optstring);
 
 extern int select_wrapper(int nfds, fd_set *rd, fd_set *wr, fd_set *exc,
                           struct timeval *tv);
@@ -100,18 +100,18 @@ void ws_close(CURL *curl);
 ** For portability reasons TEST_ERR_* values should be less than 127.
 */
 
-#define TEST_ERR_MAJOR_BAD     CURLE_OBSOLETE20
-#define TEST_ERR_RUNS_FOREVER  CURLE_OBSOLETE24
-#define TEST_ERR_EASY_INIT     CURLE_OBSOLETE29
-#define TEST_ERR_MULTI         CURLE_OBSOLETE32
-#define TEST_ERR_NUM_HANDLES   CURLE_OBSOLETE34
-#define TEST_ERR_SELECT        CURLE_OBSOLETE40
-#define TEST_ERR_SUCCESS       CURLE_OBSOLETE41
-#define TEST_ERR_FAILURE       CURLE_OBSOLETE44
-#define TEST_ERR_USAGE         CURLE_OBSOLETE46
-#define TEST_ERR_FOPEN         CURLE_OBSOLETE50
-#define TEST_ERR_FSTAT         CURLE_OBSOLETE51
-#define TEST_ERR_BAD_TIMEOUT   CURLE_OBSOLETE57
+#define TEST_ERR_MAJOR_BAD    CURLE_OBSOLETE20
+#define TEST_ERR_RUNS_FOREVER CURLE_OBSOLETE24
+#define TEST_ERR_EASY_INIT    CURLE_OBSOLETE29
+#define TEST_ERR_MULTI        CURLE_OBSOLETE32
+#define TEST_ERR_NUM_HANDLES  CURLE_OBSOLETE34
+#define TEST_ERR_SELECT       CURLE_OBSOLETE40
+#define TEST_ERR_SUCCESS      CURLE_OBSOLETE41
+#define TEST_ERR_FAILURE      CURLE_OBSOLETE44
+#define TEST_ERR_USAGE        CURLE_OBSOLETE46
+#define TEST_ERR_FOPEN        CURLE_OBSOLETE50
+#define TEST_ERR_FSTAT        CURLE_OBSOLETE51
+#define TEST_ERR_BAD_TIMEOUT  CURLE_OBSOLETE57
 
 /*
 ** Macros for test source code readability/maintainability.
@@ -144,7 +144,7 @@ void ws_close(CURL *curl);
 
 /* ---------------------------------------------------------------- */
 
-#define exe_easy_init(A,Y,Z) do {                                       \
+#define exe_easy_init(A, Y, Z) do {                                     \
   if(((A) = curl_easy_init()) == NULL) {                                \
     curl_mfprintf(stderr, "%s:%d curl_easy_init() failed\n", (Y), (Z)); \
     res = TEST_ERR_EASY_INIT;                                           \
@@ -154,10 +154,10 @@ void ws_close(CURL *curl);
 #define res_easy_init(A) \
   exe_easy_init((A), (__FILE__), (__LINE__))
 
-#define chk_easy_init(A,Y,Z) do { \
-  exe_easy_init((A), (Y), (Z));   \
-  if(res)                         \
-    goto test_cleanup;            \
+#define chk_easy_init(A, Y, Z) do { \
+  exe_easy_init((A), (Y), (Z));     \
+  if(res)                           \
+    goto test_cleanup;              \
 } while(0)
 
 #define easy_init(A) \
@@ -165,7 +165,7 @@ void ws_close(CURL *curl);
 
 /* ---------------------------------------------------------------- */
 
-#define exe_multi_init(A,Y,Z) do {                                       \
+#define exe_multi_init(A, Y, Z) do {                                     \
   if(((A) = curl_multi_init()) == NULL) {                                \
     curl_mfprintf(stderr, "%s:%d curl_multi_init() failed\n", (Y), (Z)); \
     res = TEST_ERR_MULTI;                                                \
@@ -175,10 +175,10 @@ void ws_close(CURL *curl);
 #define res_multi_init(A) \
   exe_multi_init((A), (__FILE__), (__LINE__))
 
-#define chk_multi_init(A,Y,Z) do { \
-  exe_multi_init((A), (Y), (Z));   \
-  if(res)                          \
-    goto test_cleanup;             \
+#define chk_multi_init(A, Y, Z) do { \
+  exe_multi_init((A), (Y), (Z));     \
+  if(res)                            \
+    goto test_cleanup;               \
 } while(0)
 
 #define multi_init(A) \
@@ -186,7 +186,7 @@ void ws_close(CURL *curl);
 
 /* ---------------------------------------------------------------- */
 
-#define exe_easy_setopt(A,B,C,Y,Z) do {                       \
+#define exe_easy_setopt(A, B, C, Y, Z) do {                   \
   CURLcode ec;                                                \
   if((ec = curl_easy_setopt((A), (B), (C))) != CURLE_OK) {    \
     curl_mfprintf(stderr, "%s:%d curl_easy_setopt() failed, " \
@@ -220,21 +220,21 @@ void ws_close(CURL *curl);
   }                                                            \
 } while(0)
 
-#define res_multi_setopt(A,B,C) \
+#define res_multi_setopt(A, B, C) \
   exe_multi_setopt((A), (B), (C), (__FILE__), (__LINE__))
 
-#define chk_multi_setopt(A,B,C,Y,Z) do {     \
+#define chk_multi_setopt(A, B, C, Y, Z) do { \
   exe_multi_setopt((A), (B), (C), (Y), (Z)); \
   if(res)                                    \
     goto test_cleanup;                       \
 } while(0)
 
-#define multi_setopt(A,B,C) \
+#define multi_setopt(A, B, C) \
   chk_multi_setopt((A), (B), (C), (__FILE__), (__LINE__))
 
 /* ---------------------------------------------------------------- */
 
-#define exe_multi_add_handle(A,B,Y,Z) do {                         \
+#define exe_multi_add_handle(A, B, Y, Z) do {                      \
   CURLMcode ec;                                                    \
   if((ec = curl_multi_add_handle((A), (B))) != CURLM_OK) {         \
     curl_mfprintf(stderr, "%s:%d curl_multi_add_handle() failed, " \
@@ -258,7 +258,7 @@ void ws_close(CURL *curl);
 
 /* ---------------------------------------------------------------- */
 
-#define exe_multi_remove_handle(A,B,Y,Z) do {                         \
+#define exe_multi_remove_handle(A, B, Y, Z) do {                      \
   CURLMcode ec;                                                       \
   if((ec = curl_multi_remove_handle((A), (B))) != CURLM_OK) {         \
     curl_mfprintf(stderr, "%s:%d curl_multi_remove_handle() failed, " \
@@ -283,7 +283,7 @@ void ws_close(CURL *curl);
 
 /* ---------------------------------------------------------------- */
 
-#define exe_multi_perform(A,B,Y,Z) do {                                \
+#define exe_multi_perform(A, B, Y, Z) do {                             \
   CURLMcode ec;                                                        \
   if((ec = curl_multi_perform((A), (B))) != CURLM_OK) {                \
     curl_mfprintf(stderr, "%s:%d curl_multi_perform() failed, "        \
@@ -308,7 +308,7 @@ void ws_close(CURL *curl);
     goto test_cleanup;                     \
 } while(0)
 
-#define multi_perform(A,B) \
+#define multi_perform(A, B) \
   chk_multi_perform((A), (B), (__FILE__), (__LINE__))
 
 /* ---------------------------------------------------------------- */
@@ -343,7 +343,7 @@ void ws_close(CURL *curl);
 
 /* ---------------------------------------------------------------- */
 
-#define exe_multi_timeout(A,B,Y,Z) do {                            \
+#define exe_multi_timeout(A, B, Y, Z) do {                         \
   CURLMcode ec;                                                    \
   if((ec = curl_multi_timeout((A), (B))) != CURLM_OK) {            \
     curl_mfprintf(stderr, "%s:%d curl_multi_timeout() failed, "    \
@@ -373,7 +373,7 @@ void ws_close(CURL *curl);
 
 /* ---------------------------------------------------------------- */
 
-#define exe_multi_poll(A,B,C,D,E,Y,Z) do {                          \
+#define exe_multi_poll(A, B, C, D, E, Y, Z) do {                    \
   CURLMcode ec;                                                     \
   if((ec = curl_multi_poll((A), (B), (C), (D), (E))) != CURLM_OK) { \
     curl_mfprintf(stderr, "%s:%d curl_multi_poll() failed, "        \
@@ -403,7 +403,7 @@ void ws_close(CURL *curl);
 
 /* ---------------------------------------------------------------- */
 
-#define exe_multi_wakeup(A,Y,Z) do {                           \
+#define exe_multi_wakeup(A, Y, Z) do {                         \
   CURLMcode ec;                                                \
   if((ec = curl_multi_wakeup((A))) != CURLM_OK) {              \
     curl_mfprintf(stderr, "%s:%d curl_multi_wakeup() failed, " \
@@ -460,7 +460,7 @@ void ws_close(CURL *curl);
 
 #define TEST_HANG_TIMEOUT 60 * 1000  /* global default */
 
-#define exe_test_timedout(T,Y,Z) do {                                   \
+#define exe_test_timedout(T, Y, Z) do {                                 \
   timediff_t timediff = curlx_timediff_ms(curlx_now(), tv_test_start);  \
   if(timediff > (T)) {                                                  \
     curl_mfprintf(stderr, "%s:%d ABORTING TEST, since it seems "        \
@@ -490,7 +490,7 @@ void ws_close(CURL *curl);
 
 /* ---------------------------------------------------------------- */
 
-#define exe_global_init(A,Y,Z) do {                           \
+#define exe_global_init(A, Y, Z) do {                         \
   CURLcode ec;                                                \
   if((ec = curl_global_init((A))) != CURLE_OK) {              \
     curl_mfprintf(stderr, "%s:%d curl_global_init() failed, " \
diff --git a/tests/libtest/lib1156.c b/tests/libtest/lib1156.c
index 1468b35e1c..bfabd4b412 100644
--- a/tests/libtest/lib1156.c
+++ b/tests/libtest/lib1156.c
@@ -34,11 +34,11 @@
 
 */
 
-#define F_RESUME        (1 << 0)        /* resume/range. */
-#define F_HTTP416       (1 << 1)        /* Server returns http code 416. */
-#define F_FAIL          (1 << 2)        /* Fail on error. */
-#define F_CONTENTRANGE  (1 << 3)        /* Server sends content-range hdr. */
-#define F_IGNOREBODY    (1 << 4)        /* Body should be ignored. */
+#define F_RESUME       (1 << 0)        /* resume/range. */
+#define F_HTTP416      (1 << 1)        /* Server returns http code 416. */
+#define F_FAIL         (1 << 2)        /* Fail on error. */
+#define F_CONTENTRANGE (1 << 3)        /* Server sends content-range hdr. */
+#define F_IGNOREBODY   (1 << 4)        /* Body should be ignored. */
 
 struct testparams {
   unsigned int flags; /* ORed flags as above. */
diff --git a/tests/libtest/lib1506.c b/tests/libtest/lib1506.c
index 8b986c59a0..a2d60e1757 100644
--- a/tests/libtest/lib1506.c
+++ b/tests/libtest/lib1506.c
@@ -26,7 +26,7 @@
 static CURLcode test_lib1506(const char *URL)
 {
   CURLcode res = CURLE_OK;
-  CURL *curl[NUM_HANDLES] = {0};
+  CURL *curl[NUM_HANDLES] = { 0 };
   int running;
   CURLM *multi = NULL;
   size_t i;
diff --git a/tests/libtest/lib1512.c b/tests/libtest/lib1512.c
index 16648d7e56..e5c78d3e63 100644
--- a/tests/libtest/lib1512.c
+++ b/tests/libtest/lib1512.c
@@ -33,7 +33,7 @@
 static CURLcode test_lib1512(const char *URL)
 {
   CURLcode res = CURLE_OK;
-  CURL *curl[2] = {NULL, NULL};
+  CURL *curl[2] = { NULL, NULL };
   const char *port = libtest_arg3;
   const char *address = libtest_arg2;
   char dnsentry[256];
diff --git a/tests/libtest/lib1514.c b/tests/libtest/lib1514.c
index 0ae61d41e8..be81c0e556 100644
--- a/tests/libtest/lib1514.c
+++ b/tests/libtest/lib1514.c
@@ -57,7 +57,7 @@ static CURLcode test_lib1514(const char *URL)
 
   static char testdata[] = "dummy";
 
-  struct t1514_WriteThis pooh = { testdata, sizeof(testdata)-1 };
+  struct t1514_WriteThis pooh = { testdata, sizeof(testdata) - 1 };
 
   global_init(CURL_GLOBAL_ALL);
 
diff --git a/tests/libtest/lib1520.c b/tests/libtest/lib1520.c
index 076ab564d0..f6e41f16b1 100644
--- a/tests/libtest/lib1520.c
+++ b/tests/libtest/lib1520.c
@@ -68,7 +68,7 @@ static CURLcode test_lib1520(const char *URL)
   CURLcode res;
   CURL *curl;
   struct curl_slist *rcpt_list = NULL;
-  struct upload_status upload_ctx = {0};
+  struct upload_status upload_ctx = { 0 };
 
   if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) {
     curl_mfprintf(stderr, "curl_global_init() failed\n");
diff --git a/tests/libtest/lib1537.c b/tests/libtest/lib1537.c
index f521986ebc..9d59725fcf 100644
--- a/tests/libtest/lib1537.c
+++ b/tests/libtest/lib1537.c
@@ -25,8 +25,8 @@
 
 static CURLcode test_lib1537(const char *URL)
 {
-  const unsigned char a[] = {0x2f, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
-                             0x91, 0xa2, 0xb3, 0xc4, 0xd5, 0xe6, 0xf7};
+  const unsigned char a[] = { 0x2f, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
+                              0x91, 0xa2, 0xb3, 0xc4, 0xd5, 0xe6, 0xf7 };
   CURLcode res = CURLE_OK;
   char *ptr = NULL;
   int asize;
diff --git a/tests/libtest/lib1541.c b/tests/libtest/lib1541.c
index c39bee989c..f1c8c6791a 100644
--- a/tests/libtest/lib1541.c
+++ b/tests/libtest/lib1541.c
@@ -29,7 +29,7 @@ struct t1541_transfer_status {
   int bd_count;
 };
 
-#define KN(a)   a, #a
+#define KN(a) a, #a
 
 static void t1541_geterr(const char *name, CURLcode val, int lineno)
 {
diff --git a/tests/libtest/lib1550.c b/tests/libtest/lib1550.c
index b328dd27bc..bd9fead1ea 100644
--- a/tests/libtest/lib1550.c
+++ b/tests/libtest/lib1550.c
@@ -30,9 +30,9 @@ static CURLcode test_lib1550(const char *URL)
   CURLM *multi;
   CURLcode res = CURLE_OK;
   static const char * const bl_servers[] =
-     {"Microsoft-IIS/6.0", "nginx/0.8.54", NULL};
+     { "Microsoft-IIS/6.0", "nginx/0.8.54", NULL };
   static const char * const bl_sites[] =
-     {"curl.se:443", "example.com:80", NULL};
+     { "curl.se:443", "example.com:80", NULL };
 
   global_init(CURL_GLOBAL_ALL);
   multi = curl_multi_init();
diff --git a/tests/libtest/lib1556.c b/tests/libtest/lib1556.c
index e852bb3224..94d409295b 100644
--- a/tests/libtest/lib1556.c
+++ b/tests/libtest/lib1556.c
@@ -45,7 +45,7 @@ static CURLcode test_lib1556(const char *URL)
   CURLcode code;
   CURL *curl = NULL;
   CURLcode res = CURLE_OK;
-  struct headerinfo info = {0};
+  struct headerinfo info = { 0 };
 
   global_init(CURL_GLOBAL_ALL);
 
diff --git a/tests/libtest/lib1560.c b/tests/libtest/lib1560.c
index d080d38aa8..deb24be9dc 100644
--- a/tests/libtest/lib1560.c
+++ b/tests/libtest/lib1560.c
@@ -1859,18 +1859,18 @@ static int get_nothing(void)
   return 0;
 }
 
-static const struct clearurlcase clear_url_list[] ={
-  {CURLUPART_SCHEME, "http", NULL, CURLUE_NO_SCHEME},
-  {CURLUPART_USER, "user", NULL, CURLUE_NO_USER},
-  {CURLUPART_PASSWORD, "password", NULL, CURLUE_NO_PASSWORD},
-  {CURLUPART_OPTIONS, "options", NULL, CURLUE_NO_OPTIONS},
-  {CURLUPART_HOST, "host", NULL, CURLUE_NO_HOST},
-  {CURLUPART_ZONEID, "eth0", NULL, CURLUE_NO_ZONEID},
-  {CURLUPART_PORT, "1234", NULL, CURLUE_NO_PORT},
-  {CURLUPART_PATH, "/hello", "/", CURLUE_OK},
-  {CURLUPART_QUERY, "a=b", NULL, CURLUE_NO_QUERY},
-  {CURLUPART_FRAGMENT, "anchor", NULL, CURLUE_NO_FRAGMENT},
-  {CURLUPART_URL, NULL, NULL, CURLUE_OK},
+static const struct clearurlcase clear_url_list[] = {
+  { CURLUPART_SCHEME, "http", NULL, CURLUE_NO_SCHEME },
+  { CURLUPART_USER, "user", NULL, CURLUE_NO_USER },
+  { CURLUPART_PASSWORD, "password", NULL, CURLUE_NO_PASSWORD },
+  { CURLUPART_OPTIONS, "options", NULL, CURLUE_NO_OPTIONS },
+  { CURLUPART_HOST, "host", NULL, CURLUE_NO_HOST },
+  { CURLUPART_ZONEID, "eth0", NULL, CURLUE_NO_ZONEID },
+  { CURLUPART_PORT, "1234", NULL, CURLUE_NO_PORT },
+  { CURLUPART_PATH, "/hello", "/", CURLUE_OK },
+  { CURLUPART_QUERY, "a=b", NULL, CURLUE_NO_QUERY },
+  { CURLUPART_FRAGMENT, "anchor", NULL, CURLUE_NO_FRAGMENT },
+  { CURLUPART_URL, NULL, NULL, CURLUE_OK },
 };
 
 static int clear_url(void)
@@ -1935,7 +1935,7 @@ static int huge(void)
   memset(&bigpart[1], 'a', sizeof(bigpart) - 2);
   bigpart[sizeof(bigpart) - 1] = 0;
 
-  for(i = 0; i <  7; i++) {
+  for(i = 0; i < 7; i++) {
     char *partp;
     curl_msnprintf(total, sizeof(total),
                    "%s://%s:%s@%s/%s?%s#%s",
diff --git a/tests/libtest/lib1565.c b/tests/libtest/lib1565.c
index 506959dd90..5bc0e3465d 100644
--- a/tests/libtest/lib1565.c
+++ b/tests/libtest/lib1565.c
@@ -26,7 +26,7 @@
 #ifdef HAVE_PTHREAD_H
 #include 
 
-#define CONN_NUM 3
+#define CONN_NUM                3
 #define TIME_BETWEEN_START_SECS 2
 
 static pthread_mutex_t lock = PTHREAD_MUTEX_INITIALIZER;
diff --git a/tests/libtest/lib1597.c b/tests/libtest/lib1597.c
index 0e86517ead..d5124a5141 100644
--- a/tests/libtest/lib1597.c
+++ b/tests/libtest/lib1597.c
@@ -36,7 +36,7 @@ static CURLcode test_lib1597(const char *URL)
   CURL *curl = NULL;
   CURLcode res = CURLE_OK;
   curl_version_info_data *curlinfo;
-  const char *const *proto;
+  const char * const *proto;
   int n;
   int i;
   static CURLcode ok = CURLE_OK;
@@ -47,22 +47,22 @@ static CURLcode test_lib1597(const char *URL)
   static char protolist[1024];
 
   static const struct pair prots[] = {
-    {"goobar", &unsup},
-    {"http ", &unsup},
-    {" http", &unsup},
-    {"http", &httpcode},
-    {"http,", &httpcode},
-    {"https,", &httpscode},
-    {"https,http", &httpscode},
-    {"http,http", &httpcode},
-    {"HTTP,HTTP", &httpcode},
-    {",HTTP,HTTP", &httpcode},
-    {"http,http,ft", &unsup},
-    {"", &bad},
-    {",,", &bad},
-    {protolist, &ok},
-    {"all", &ok},
-    {NULL, NULL},
+    { "goobar", &unsup },
+    { "http ", &unsup },
+    { " http", &unsup },
+    { "http", &httpcode },
+    { "http,", &httpcode },
+    { "https,", &httpscode },
+    { "https,http", &httpscode },
+    { "http,http", &httpcode },
+    { "HTTP,HTTP", &httpcode },
+    { ",HTTP,HTTP", &httpcode },
+    { "http,http,ft", &unsup },
+    { "", &bad },
+    { ",,", &bad },
+    { protolist, &ok },
+    { "all", &ok },
+    { NULL, NULL },
   };
   (void)URL;
 
diff --git a/tests/libtest/lib1911.c b/tests/libtest/lib1911.c
index 0f88752b6f..9ec6874918 100644
--- a/tests/libtest/lib1911.c
+++ b/tests/libtest/lib1911.c
@@ -49,9 +49,7 @@ static CURLcode test_lib1911(const char *URL)
 
   curl_mprintf("string length: %zu\n", strlen(testbuf));
 
-  for(o = curl_easy_option_next(NULL);
-      o;
-      o = curl_easy_option_next(o)) {
+  for(o = curl_easy_option_next(NULL); o; o = curl_easy_option_next(o)) {
     if(o->type == CURLOT_STRING) {
       CURLcode res;
       /*
diff --git a/tests/libtest/lib1912.c b/tests/libtest/lib1912.c
index 76ba51c447..98623bd339 100644
--- a/tests/libtest/lib1912.c
+++ b/tests/libtest/lib1912.c
@@ -33,9 +33,7 @@ static CURLcode test_lib1912(const char *URL)
   int error = 0;
 #ifdef CURLINC_TYPECHECK_GCC_H
   const struct curl_easyoption *o;
-  for(o = curl_easy_option_next(NULL);
-      o;
-      o = curl_easy_option_next(o)) {
+  for(o = curl_easy_option_next(NULL); o; o = curl_easy_option_next(o)) {
     /* Test for mismatch OR missing typecheck macros */
     if(curlcheck_long_option(o->id) !=
        (o->type == CURLOT_LONG || o->type == CURLOT_VALUES)) {
diff --git a/tests/libtest/lib1915.c b/tests/libtest/lib1915.c
index adb589a8c0..406cea0205 100644
--- a/tests/libtest/lib1915.c
+++ b/tests/libtest/lib1915.c
@@ -97,7 +97,7 @@ static CURLcode test_lib1915(const char *URL)
 {
   CURLcode res = CURLE_OK;
   CURL *curl;
-  struct state st = {0};
+  struct state st = { 0 };
 
   global_init(CURL_GLOBAL_ALL);
 
diff --git a/tests/libtest/lib1918.c b/tests/libtest/lib1918.c
index d995639164..1c8ccb78f9 100644
--- a/tests/libtest/lib1918.c
+++ b/tests/libtest/lib1918.c
@@ -30,9 +30,7 @@ static CURLcode test_lib1918(const char *URL)
 
   curl_global_init(CURL_GLOBAL_ALL);
 
-  for(o = curl_easy_option_next(NULL);
-      o;
-      o = curl_easy_option_next(o)) {
+  for(o = curl_easy_option_next(NULL); o; o = curl_easy_option_next(o)) {
     const struct curl_easyoption *ename =
       curl_easy_option_by_name(o->name);
     const struct curl_easyoption *eid =
diff --git a/tests/libtest/lib1938.c b/tests/libtest/lib1938.c
index b585c53c01..b93f993a45 100644
--- a/tests/libtest/lib1938.c
+++ b/tests/libtest/lib1938.c
@@ -29,7 +29,7 @@ static CURLcode test_lib1938(const char *URL)
   CURLcode res = TEST_ERR_MAJOR_BAD;
   struct curl_slist *connect_to = NULL;
   struct curl_slist *list = NULL;
-  unsigned char data[] = {0x70, 0x6f, 0x73, 0x74, 0, 0x44, 0x61, 0x74, 0x61};
+  unsigned char data[] = { 0x70, 0x6f, 0x73, 0x74, 0, 0x44, 0x61, 0x74, 0x61 };
 
   if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) {
     curl_mfprintf(stderr, "curl_global_init() failed\n");
diff --git a/tests/libtest/lib2032.c b/tests/libtest/lib2032.c
index a9cb298571..7dc549f84e 100644
--- a/tests/libtest/lib2032.c
+++ b/tests/libtest/lib2032.c
@@ -75,7 +75,7 @@ static size_t callback(char *ptr, size_t size, size_t nmemb, void *data)
   return size * nmemb;
 }
 
-static CURLcode test_lib2032(const char *URL)  /* libntlmconnect */
+static CURLcode test_lib2032(const char *URL) /* libntlmconnect */
 {
   enum HandleState {
     ReadyForNewHandle,
@@ -175,10 +175,9 @@ static CURLcode test_lib2032(const char *URL)  /* libntlmconnect */
                       "handle (trying again)\n");
         continue;
       }
-      state = num_handles < MAX_EASY_HANDLES ? ReadyForNewHandle
-                                             : NoMoreHandles;
-      curl_mfprintf(stderr, "%s:%d new state %d\n",
-                    __FILE__, __LINE__, state);
+      state =
+        num_handles < MAX_EASY_HANDLES ? ReadyForNewHandle : NoMoreHandles;
+      curl_mfprintf(stderr, "%s:%d new state %d\n", __FILE__, __LINE__, state);
     }
 
     multi_timeout(multi, &timeout);
diff --git a/tests/libtest/lib2301.c b/tests/libtest/lib2301.c
index 6fb9e48618..70c40fa4c7 100644
--- a/tests/libtest/lib2301.c
+++ b/tests/libtest/lib2301.c
@@ -46,9 +46,7 @@ static size_t t2301_write_cb(char *b, size_t size, size_t nitems, void *p)
   unsigned char *buffer = (unsigned char *)b;
   size_t i;
   size_t sent;
-  unsigned char pong[] = {
-    0x8a, 0x0
-  };
+  unsigned char pong[] = { 0x8a, 0x0 };
   size_t incoming = nitems;
   curl_mfprintf(stderr, "Called CURLOPT_WRITEFUNCTION with %zu bytes: ",
                 nitems);
diff --git a/tests/libtest/lib2402.c b/tests/libtest/lib2402.c
index 49d87d1cd4..5f727f98e6 100644
--- a/tests/libtest/lib2402.c
+++ b/tests/libtest/lib2402.c
@@ -26,7 +26,7 @@
 static CURLcode test_lib2402(const char *URL)
 {
   CURLcode res = CURLE_OK;
-  CURL *curl[NUM_HANDLES] = {0};
+  CURL *curl[NUM_HANDLES] = { 0 };
   int running;
   CURLM *multi = NULL;
   size_t i;
diff --git a/tests/libtest/lib2404.c b/tests/libtest/lib2404.c
index c202597447..ef83a2509e 100644
--- a/tests/libtest/lib2404.c
+++ b/tests/libtest/lib2404.c
@@ -26,7 +26,7 @@
 static CURLcode test_lib2404(const char *URL)
 {
   CURLcode res = CURLE_OK;
-  CURL *curl[NUM_HANDLES] = {0};
+  CURL *curl[NUM_HANDLES] = { 0 };
   int running;
   CURLM *multi = NULL;
   size_t i;
diff --git a/tests/libtest/lib2405.c b/tests/libtest/lib2405.c
index 89ab659bdd..7979d122e4 100644
--- a/tests/libtest/lib2405.c
+++ b/tests/libtest/lib2405.c
@@ -41,22 +41,23 @@
 
 /* ---------------------------------------------------------------- */
 
-#define test_check(expected_fds) \
-  if(res != CURLE_OK) { \
-    curl_mfprintf(stderr, "test failed with code: %d\n", res); \
-    goto test_cleanup; \
-  } \
-  else if(fd_count != expected_fds) { \
+#define test_check(expected_fds)                                             \
+  if(res != CURLE_OK) {                                                      \
+    curl_mfprintf(stderr, "test failed with code: %d\n", res);               \
+    goto test_cleanup;                                                       \
+  }                                                                          \
+  else if(fd_count != expected_fds) {                                        \
     curl_mfprintf(stderr, "Max number of waitfds: %u not as expected: %u\n", \
-      fd_count, expected_fds); \
-    res = TEST_ERR_FAILURE; \
-    goto test_cleanup; \
+                  fd_count, expected_fds);                                   \
+    res = TEST_ERR_FAILURE;                                                  \
+    goto test_cleanup;                                                       \
   }
 
-#define test_run_check(option, expected_fds) do { \
-  res = test_run(URL, option, &fd_count); \
-  test_check(expected_fds); \
-} while(0)
+#define test_run_check(option, expected_fds) \
+  do {                                       \
+    res = test_run(URL, option, &fd_count);  \
+    test_check(expected_fds);                \
+  } while(0)
 
 /* ---------------------------------------------------------------- */
 
diff --git a/tests/libtest/lib2502.c b/tests/libtest/lib2502.c
index 48a8a93f0f..d7ab413f25 100644
--- a/tests/libtest/lib2502.c
+++ b/tests/libtest/lib2502.c
@@ -28,7 +28,7 @@
 static CURLcode test_lib2502(const char *URL)
 {
   CURLcode res = CURLE_OK;
-  CURL *curl[NUM_HANDLES] = {0};
+  CURL *curl[NUM_HANDLES] = { 0 };
   int running;
   CURLM *multi = NULL;
   size_t i;
diff --git a/tests/libtest/lib3207.c b/tests/libtest/lib3207.c
index 8b20b311eb..76dcf4bac9 100644
--- a/tests/libtest/lib3207.c
+++ b/tests/libtest/lib3207.c
@@ -29,7 +29,7 @@
 
 #include "curl_threads.h"
 
-#define THREAD_SIZE 16
+#define THREAD_SIZE     16
 #define PER_THREAD_SIZE 8
 
 struct Ctx {
diff --git a/tests/libtest/lib509.c b/tests/libtest/lib509.c
index c065eb87c8..4f074da8ab 100644
--- a/tests/libtest/lib509.c
+++ b/tests/libtest/lib509.c
@@ -76,8 +76,10 @@ static void custom_free(void *ptr)
 
 static CURLcode test_lib509(const char *URL)
 {
-  static const unsigned char a[] = {0x2f, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
-                                    0x91, 0xa2, 0xb3, 0xc4, 0xd5, 0xe6, 0xf7};
+  static const unsigned char a[] = {
+    0x2f, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
+    0x91, 0xa2, 0xb3, 0xc4, 0xd5, 0xe6, 0xf7
+  };
   CURLcode res;
   CURL *curl;
   int asize;
diff --git a/tests/libtest/lib517.c b/tests/libtest/lib517.c
index 843c5c03f0..379e2e70d0 100644
--- a/tests/libtest/lib517.c
+++ b/tests/libtest/lib517.c
@@ -31,130 +31,130 @@ static CURLcode test_lib517(const char *URL)
   };
 
   static const struct dcheck dates[] = {
-    {"Sun, 06 Nov 1994 08:49:37 GMT", 784111777 },
-    {"Sunday, 06-Nov-94 08:49:37 GMT", 784111777 },
-    {"Sun Nov  6 08:49:37 1994", 784111777 },
-    {"Sun Nov  6 8:49:37 1994", 784111777 },
-    {"Sun Nov  6 8:9:37 1994", 784109377 },
-    {"Sun Nov  6 008:09:37 1994", -1 },
-    {"Nov      Sun      6 8:9:7 1994", 784109347 },
-    {"06 Nov 1994 08:49:37 GMT", 784111777 },
-    {"06-Nov-94 08:49:37 GMT", 784111777 },
-    {"Nov  6 08:49:37 1994", 784111777 },
-    {"06 Nov 1994 08:49:37", 784111777 },
-    {"06-Nov-94 08:49:37", 784111777 },
-    {"1994 Nov 6 08:49:37", 784111777 },
-    {"GMT 08:49:37 06-Nov-94 Sunday", 784111777 },
-    {"94 6 Nov 08:49:37", 784111777 },
-    {"1994 Nov 6", 784080000 },
-    {"06-Nov-94", 784080000 },
-    {"Sun Nov 6 94", 784080000 },
-    {"1994.Nov.6", 784080000 },
-    {"Sun/Nov/6/94/GMT", 784080000 },
-    {"Sun, 06 Nov 1994 08:49:37 CET", 784108177 },
-    {"06 Nov 1994 08:49:37 EST", 784129777 },
-    {"Sun, 06 Nov 1994 08:49:37 UT", 784111777 },
-    {"Sun, 12 Sep 2004 15:05:58 -0700", 1095026758 },
-    {"Sat, 11 Sep 2004 21:32:11 +0200", 1094931131 },
-    {"20040912 15:05:58 -0700", 1095026758 },
-    {"20040911 +0200", 1094853600 },
-    {"Thu, 01-Jan-1970 00:59:59 GMT", 3599 },
-    {"Thu, 01-Jan-1970 01:00:00 GMT", 3600 },
-    {"Sat, 15-Apr-17 21:01:22 GMT", 1492290082 },
-    {"Thu, 19-Apr-2007 16:00:00 GMT", 1176998400 },
-    {"Wed, 25 Apr 2007 21:02:13 GMT", 1177534933 },
-    {"Thu, 19/Apr\\2007 16:00:00 GMT", 1176998400 },
-    {"Fri, 1 Jan 2010 01:01:50 GMT", 1262307710 },
-    {"Wednesday, 1-Jan-2003 00:00:00 GMT", 1041379200 },
-    {", 1-Jan-2003 00:00:00 GMT", 1041379200 },
-    {"1-Jan-2003 00:00:00 GMT", 1041379200 },
-    {"1-Jan-2003 00:00:00 GMT", 1041379200 },
-    {"Wed,18-Apr-07 22:50:12 GMT", 1176936612 },
-    {"WillyWonka  , 18-Apr-07 22:50:12 GMT", -1 },
-    {"WillyWonka  , 18-Apr-07 22:50:12", -1 },
-    {"WillyWonka  ,  18-apr-07   22:50:12", -1 },
-    {"Mon, 18-Apr-1977 22:50:13 GMT", 230251813 },
-    {"Mon, 18-Apr-77 22:50:13 GMT", 230251813 },
-    {"Sat, 15-Apr-17\"21:01:22\"GMT", 1492290082 },
-    {"Partyday, 18- April-07 22:50:12", -1 },
-    {"Partyday, 18 - Apri-07 22:50:12", -1 },
-    {"Wednes, 1-Januar-2003 00:00:00 GMT", -1 },/* spellchecker:disable-line */
-    {"Sat, 15-Apr-17 21:01:22", 1492290082 },
-    {"Sat, 15-Apr-17 21:01:22 GMT-2", 1492290082 },
-    {"Sat, 15-Apr-17 21:01:22 GMT BLAH", 1492290082 },
-    {"Sat, 15-Apr-17 21:01:22 GMT-0400", 1492290082 },
-    {"Sat, 15-Apr-17 21:01:22 GMT-0400 (EDT)", 1492290082 },
-    {"Sat, 15-Apr-17 21:01:22 DST", -1 },
-    {"Sat, 15-Apr-17 21:01:22 -0400", 1492304482 },
-    {"Sat, 15-Apr-17 21:01:22 (hello there)", -1 },
-    {"Sat, 15-Apr-17 21:01:22 11:22:33", -1 },
-    {"Sat, 15-Apr-17 ::00 21:01:22", -1 },
-    {"Sat, 15-Apr-17 boink:z 21:01:22", -1 },
-    {"Sat, 15-Apr-17 91:22:33 21:01:22", -1 },
-    {"Thu Apr 18 22:50:12 2007 GMT", 1176936612 },
-    {"22:50:12 Thu Apr 18 2007 GMT", 1176936612 },
-    {"Thu 22:50:12 Apr 18 2007 GMT", 1176936612 },
-    {"Thu Apr 22:50:12 18 2007 GMT", 1176936612 },
-    {"Thu Apr 18 22:50:12 2007 GMT", 1176936612 },
-    {"Thu Apr 18 2007 22:50:12 GMT", 1176936612 },
-    {"Thu Apr 18 2007 GMT 22:50:12", 1176936612 },
+    { "Sun, 06 Nov 1994 08:49:37 GMT", 784111777 },
+    { "Sunday, 06-Nov-94 08:49:37 GMT", 784111777 },
+    { "Sun Nov  6 08:49:37 1994", 784111777 },
+    { "Sun Nov  6 8:49:37 1994", 784111777 },
+    { "Sun Nov  6 8:9:37 1994", 784109377 },
+    { "Sun Nov  6 008:09:37 1994", -1 },
+    { "Nov      Sun      6 8:9:7 1994", 784109347 },
+    { "06 Nov 1994 08:49:37 GMT", 784111777 },
+    { "06-Nov-94 08:49:37 GMT", 784111777 },
+    { "Nov  6 08:49:37 1994", 784111777 },
+    { "06 Nov 1994 08:49:37", 784111777 },
+    { "06-Nov-94 08:49:37", 784111777 },
+    { "1994 Nov 6 08:49:37", 784111777 },
+    { "GMT 08:49:37 06-Nov-94 Sunday", 784111777 },
+    { "94 6 Nov 08:49:37", 784111777 },
+    { "1994 Nov 6", 784080000 },
+    { "06-Nov-94", 784080000 },
+    { "Sun Nov 6 94", 784080000 },
+    { "1994.Nov.6", 784080000 },
+    { "Sun/Nov/6/94/GMT", 784080000 },
+    { "Sun, 06 Nov 1994 08:49:37 CET", 784108177 },
+    { "06 Nov 1994 08:49:37 EST", 784129777 },
+    { "Sun, 06 Nov 1994 08:49:37 UT", 784111777 },
+    { "Sun, 12 Sep 2004 15:05:58 -0700", 1095026758 },
+    { "Sat, 11 Sep 2004 21:32:11 +0200", 1094931131 },
+    { "20040912 15:05:58 -0700", 1095026758 },
+    { "20040911 +0200", 1094853600 },
+    { "Thu, 01-Jan-1970 00:59:59 GMT", 3599 },
+    { "Thu, 01-Jan-1970 01:00:00 GMT", 3600 },
+    { "Sat, 15-Apr-17 21:01:22 GMT", 1492290082 },
+    { "Thu, 19-Apr-2007 16:00:00 GMT", 1176998400 },
+    { "Wed, 25 Apr 2007 21:02:13 GMT", 1177534933 },
+    { "Thu, 19/Apr\\2007 16:00:00 GMT", 1176998400 },
+    { "Fri, 1 Jan 2010 01:01:50 GMT", 1262307710 },
+    { "Wednesday, 1-Jan-2003 00:00:00 GMT", 1041379200 },
+    { ", 1-Jan-2003 00:00:00 GMT", 1041379200 },
+    { "1-Jan-2003 00:00:00 GMT", 1041379200 },
+    { "1-Jan-2003 00:00:00 GMT", 1041379200 },
+    { "Wed,18-Apr-07 22:50:12 GMT", 1176936612 },
+    { "WillyWonka  , 18-Apr-07 22:50:12 GMT", -1 },
+    { "WillyWonka  , 18-Apr-07 22:50:12", -1 },
+    { "WillyWonka  ,  18-apr-07   22:50:12", -1 },
+    { "Mon, 18-Apr-1977 22:50:13 GMT", 230251813 },
+    { "Mon, 18-Apr-77 22:50:13 GMT", 230251813 },
+    { "Sat, 15-Apr-17\"21:01:22\"GMT", 1492290082 },
+    { "Partyday, 18- April-07 22:50:12", -1 },
+    { "Partyday, 18 - Apri-07 22:50:12", -1 },
+    { "Wednes, 1-Januar-2003 00:00:00 GMT", -1 },
+    { "Sat, 15-Apr-17 21:01:22", 1492290082 },
+    { "Sat, 15-Apr-17 21:01:22 GMT-2", 1492290082 },
+    { "Sat, 15-Apr-17 21:01:22 GMT BLAH", 1492290082 },
+    { "Sat, 15-Apr-17 21:01:22 GMT-0400", 1492290082 },
+    { "Sat, 15-Apr-17 21:01:22 GMT-0400 (EDT)", 1492290082 },
+    { "Sat, 15-Apr-17 21:01:22 DST", -1 },
+    { "Sat, 15-Apr-17 21:01:22 -0400", 1492304482 },
+    { "Sat, 15-Apr-17 21:01:22 (hello there)", -1 },
+    { "Sat, 15-Apr-17 21:01:22 11:22:33", -1 },
+    { "Sat, 15-Apr-17 ::00 21:01:22", -1 },
+    { "Sat, 15-Apr-17 boink:z 21:01:22", -1 },
+    { "Sat, 15-Apr-17 91:22:33 21:01:22", -1 },
+    { "Thu Apr 18 22:50:12 2007 GMT", 1176936612 },
+    { "22:50:12 Thu Apr 18 2007 GMT", 1176936612 },
+    { "Thu 22:50:12 Apr 18 2007 GMT", 1176936612 },
+    { "Thu Apr 22:50:12 18 2007 GMT", 1176936612 },
+    { "Thu Apr 18 22:50:12 2007 GMT", 1176936612 },
+    { "Thu Apr 18 2007 22:50:12 GMT", 1176936612 },
+    { "Thu Apr 18 2007 GMT 22:50:12", 1176936612 },
 
-    {"\"Thu Apr 18 22:50:12 2007 GMT\"", 1176936612 },
-    {"-\"22:50:12 Thu Apr 18 2007 GMT\"", 1176936612 },
-    {"*\"Thu 22:50:12 Apr 18 2007 GMT\"", 1176936612 },
-    {";\"Thu Apr 22:50:12 18 2007 GMT\"", 1176936612 },
-    {".\"Thu Apr 18 22:50:12 2007 GMT\"", 1176936612 },
-    {"\"Thu Apr 18 2007 22:50:12 GMT\"", 1176936612 },
-    {"\"Thu Apr 18 2007 GMT 22:50:12\"", 1176936612 },
+    { "\"Thu Apr 18 22:50:12 2007 GMT\"", 1176936612 },
+    { "-\"22:50:12 Thu Apr 18 2007 GMT\"", 1176936612 },
+    { "*\"Thu 22:50:12 Apr 18 2007 GMT\"", 1176936612 },
+    { ";\"Thu Apr 22:50:12 18 2007 GMT\"", 1176936612 },
+    { ".\"Thu Apr 18 22:50:12 2007 GMT\"", 1176936612 },
+    { "\"Thu Apr 18 2007 22:50:12 GMT\"", 1176936612 },
+    { "\"Thu Apr 18 2007 GMT 22:50:12\"", 1176936612 },
 
-    {"Sat, 15-Apr-17 21:01:22 GMT", 1492290082 },
-    {"15-Sat, Apr-17 21:01:22 GMT", 1492290082 },
-    {"15-Sat, Apr 21:01:22 GMT 17", 1492290082 },
-    {"15-Sat, Apr 21:01:22 GMT 2017", 1492290082 },
-    {"15 Apr 21:01:22 2017", 1492290082 },
-    {"15 17 Apr 21:01:22", 1492290082 },
-    {"Apr 15 17 21:01:22", 1492290082 },
-    {"Apr 15 21:01:22 17", 1492290082 },
-    {"2017 April 15 21:01:22", -1 },
-    {"15 April 2017 21:01:22", -1 },
-    {"98 April 17 21:01:22", -1 },
-    {"Thu, 012-Aug-2008 20:49:07 GMT", 1218574147 },
-    {"Thu, 999999999999-Aug-2007 20:49:07 GMT", -1 },
-    {"Thu, 12-Aug-2007 20:61:99999999999 GMT", -1 },
-    {"IAintNoDateFool", -1 },
-    {"Thu Apr 18 22:50 2007 GMT", 1176936600 },
-    {"20110623 12:34:56", 1308832496 },
-    {"20110632 12:34:56", -1 },
-    {"20110623 56:34:56", -1 },
-    {"20111323 12:34:56", -1 },
-    {"20110623 12:34:79", -1 },
-    {"Wed, 31 Dec 2008 23:59:60 GMT", 1230768000 },
-    {"Wed, 31 Dec 2008 23:59:61 GMT", -1 },
-    {"Wed, 31 Dec 2008 24:00:00 GMT", -1 },
-    {"Wed, 31 Dec 2008 23:60:59 GMT", -1 },
-    {"20110623 12:3", 1308830580 },
-    {"20110623 1:3", 1308790980 },
-    {"20110623 1:30", 1308792600 },
-    {"20110623 12:12:3", 1308831123 },
-    {"20110623 01:12:3", 1308791523 },
-    {"20110623 01:99:30", -1 },
-    {"Thu, 01-Jan-1970 00:00:00 GMT", 0 },
-    {"Thu, 31-Dec-1969 23:59:58 GMT", -2 },
-    {"Thu, 31-Dec-1969 23:59:59 GMT", 0 }, /* avoids -1 ! */
+    { "Sat, 15-Apr-17 21:01:22 GMT", 1492290082 },
+    { "15-Sat, Apr-17 21:01:22 GMT", 1492290082 },
+    { "15-Sat, Apr 21:01:22 GMT 17", 1492290082 },
+    { "15-Sat, Apr 21:01:22 GMT 2017", 1492290082 },
+    { "15 Apr 21:01:22 2017", 1492290082 },
+    { "15 17 Apr 21:01:22", 1492290082 },
+    { "Apr 15 17 21:01:22", 1492290082 },
+    { "Apr 15 21:01:22 17", 1492290082 },
+    { "2017 April 15 21:01:22", -1 },
+    { "15 April 2017 21:01:22", -1 },
+    { "98 April 17 21:01:22", -1 },
+    { "Thu, 012-Aug-2008 20:49:07 GMT", 1218574147 },
+    { "Thu, 999999999999-Aug-2007 20:49:07 GMT", -1 },
+    { "Thu, 12-Aug-2007 20:61:99999999999 GMT", -1 },
+    { "IAintNoDateFool", -1 },
+    { "Thu Apr 18 22:50 2007 GMT", 1176936600 },
+    { "20110623 12:34:56", 1308832496 },
+    { "20110632 12:34:56", -1 },
+    { "20110623 56:34:56", -1 },
+    { "20111323 12:34:56", -1 },
+    { "20110623 12:34:79", -1 },
+    { "Wed, 31 Dec 2008 23:59:60 GMT", 1230768000 },
+    { "Wed, 31 Dec 2008 23:59:61 GMT", -1 },
+    { "Wed, 31 Dec 2008 24:00:00 GMT", -1 },
+    { "Wed, 31 Dec 2008 23:60:59 GMT", -1 },
+    { "20110623 12:3", 1308830580 },
+    { "20110623 1:3", 1308790980 },
+    { "20110623 1:30", 1308792600 },
+    { "20110623 12:12:3", 1308831123 },
+    { "20110623 01:12:3", 1308791523 },
+    { "20110623 01:99:30", -1 },
+    { "Thu, 01-Jan-1970 00:00:00 GMT", 0 },
+    { "Thu, 31-Dec-1969 23:59:58 GMT", -2 },
+    { "Thu, 31-Dec-1969 23:59:59 GMT", 0 }, /* avoids -1 ! */
 #if SIZEOF_TIME_T > 4
-    {"Sun, 06 Nov 2044 08:49:37 GMT", (time_t)2362034977LL },
-    {"Sun, 06 Nov 3144 08:49:37 GMT", 37074617377 },
+    { "Sun, 06 Nov 2044 08:49:37 GMT", (time_t)2362034977LL },
+    { "Sun, 06 Nov 3144 08:49:37 GMT", 37074617377 },
 #ifndef HAVE_TIME_T_UNSIGNED
-    {"Sun, 06 Nov 1900 08:49:37 GMT", (time_t)-2182259423LL },
-    {"Sun, 06 Nov 1800 08:49:37 GMT", -5337933023 },
-    {"Thu, 01-Jan-1583 00:00:00 GMT", -12212553600 },
+    { "Sun, 06 Nov 1900 08:49:37 GMT", (time_t)-2182259423LL },
+    { "Sun, 06 Nov 1800 08:49:37 GMT", -5337933023 },
+    { "Thu, 01-Jan-1583 00:00:00 GMT", -12212553600 },
 #endif /* HAVE_TIME_T_UNSIGNED */
-    {"Thu, 01-Jan-1499 00:00:00 GMT", -1 },
+    { "Thu, 01-Jan-1499 00:00:00 GMT", -1 },
 #else
-    {"Sun, 06 Nov 2044 08:49:37 GMT", -1 },
+    { "Sun, 06 Nov 2044 08:49:37 GMT", -1 },
 #endif /* SIZEOF_TIME_T > 4 */
 #ifndef HAVE_TIME_T_UNSIGNED
-    {"Sun, 06 Nov 1968 08:49:37 GMT", -36342623 },
+    { "Sun, 06 Nov 1968 08:49:37 GMT", -36342623 },
 #endif /* !HAVE_TIME_T_UNSIGNED */
     { NULL, 0 }
   };
diff --git a/tests/libtest/lib518.c b/tests/libtest/lib518.c
index d785857bb1..5488d4db04 100644
--- a/tests/libtest/lib518.c
+++ b/tests/libtest/lib518.c
@@ -31,8 +31,8 @@
 
 #define T518_SAFETY_MARGIN (16)
 
-#define NUM_OPEN      (FD_SETSIZE + 10)
-#define NUM_NEEDED    (NUM_OPEN + T518_SAFETY_MARGIN)
+#define NUM_OPEN   (FD_SETSIZE + 10)
+#define NUM_NEEDED (NUM_OPEN + T518_SAFETY_MARGIN)
 
 #if defined(_WIN32) || defined(MSDOS)
 #define DEV_NULL "NUL"
diff --git a/tests/libtest/lib530.c b/tests/libtest/lib530.c
index f32d64b303..4e18436136 100644
--- a/tests/libtest/lib530.c
+++ b/tests/libtest/lib530.c
@@ -52,7 +52,6 @@ static void t530_msg(const char *msg)
   curl_mfprintf(stderr, "%s %s\n", t530_tag(), msg);
 }
 
-
 struct t530_Sockets {
   curl_socket_t *sockets;
   int count;      /* number of sockets actually stored in array */
@@ -285,9 +284,9 @@ static CURLcode testone(const char *URL, int timer_fail_at, int socket_fail_at)
   CURLcode res = CURLE_OK;
   CURL *curl = NULL;
   CURLM *multi = NULL;
-  struct t530_ReadWriteSockets sockets = {{NULL, 0, 0}, {NULL, 0, 0}};
+  struct t530_ReadWriteSockets sockets = { { NULL, 0, 0 }, { NULL, 0, 0 } };
   int success = 0;
-  struct curltime timeout = {0};
+  struct curltime timeout = { 0 };
   timeout.tv_sec = (time_t)-1;
 
   /* set the limits */
@@ -328,7 +327,7 @@ static CURLcode testone(const char *URL, int timer_fail_at, int socket_fail_at)
   while(!t530_checkForCompletion(multi, &success)) {
     fd_set readSet, writeSet;
     curl_socket_t maxFd = 0;
-    struct timeval tv = {0};
+    struct timeval tv = { 0 };
     tv.tv_sec = 10;
 
     FD_ZERO(&readSet);
diff --git a/tests/libtest/lib537.c b/tests/libtest/lib537.c
index 31c5e30612..24d166b5cc 100644
--- a/tests/libtest/lib537.c
+++ b/tests/libtest/lib537.c
@@ -118,7 +118,7 @@ static int t537_test_rlimit(int keep_open)
   /* If the OS allows a HUGE number of open files, we do not run.
    * Modern debian sid reports a limit of 134217724 and this tests
    * takes minutes. */
-#define LIMIT_CAP     (256 * 1024)
+#define LIMIT_CAP (256 * 1024)
   if(rl.rlim_cur > LIMIT_CAP) {
     curl_mfprintf(stderr, "soft limit above %ld, not running\n",
                   (long)LIMIT_CAP);
diff --git a/tests/libtest/lib543.c b/tests/libtest/lib543.c
index 9938d269ad..670f45e540 100644
--- a/tests/libtest/lib543.c
+++ b/tests/libtest/lib543.c
@@ -28,9 +28,10 @@
 static CURLcode test_lib543(const char *URL)
 {
   static const unsigned char a[] = {
-      0x9c, 0x26, 0x4b, 0x3d, 0x49, 0x4, 0xa1, 0x1,
-      0xe0, 0xd8, 0x7c,  0x20, 0xb7, 0xef, 0x53, 0x29, 0xfa,
-      0x1d, 0x57, 0xe1};
+    0x9c, 0x26, 0x4b, 0x3d, 0x49, 0x4, 0xa1, 0x1,
+    0xe0, 0xd8, 0x7c, 0x20, 0xb7, 0xef, 0x53, 0x29, 0xfa,
+    0x1d, 0x57, 0xe1
+  };
 
   CURL *curl;
   CURLcode res = CURLE_OK;
diff --git a/tests/libtest/lib544.c b/tests/libtest/lib544.c
index 0d72af3042..77daeb5da8 100644
--- a/tests/libtest/lib544.c
+++ b/tests/libtest/lib544.c
@@ -32,7 +32,8 @@ static CURLcode test_lib544(const char *URL)
     'T', 'h', 'i', 's', '\0', ' ', 'i', 's', ' ', 't', 'e', 's', 't', ' ',
     'b', 'i', 'n', 'a', 'r', 'y', ' ', 'd', 'a', 't', 'a', ' ',
     'w', 'i', 't', 'h', ' ', 'a', 'n', ' ',
-    'e', 'm', 'b', 'e', 'd', 'd', 'e', 'd', ' ', 'N', 'U', 'L'};
+    'e', 'm', 'b', 'e', 'd', 'd', 'e', 'd', ' ', 'N', 'U', 'L'
+  };
 
   char teststring[sizeof(teststring_init)];
 
diff --git a/tests/libtest/lib553.c b/tests/libtest/lib553.c
index 4bc2568a46..cbf4b3013c 100644
--- a/tests/libtest/lib553.c
+++ b/tests/libtest/lib553.c
@@ -50,7 +50,7 @@ static size_t myreadfunc(char *ptr, size_t size, size_t nmemb, void *stream)
   return size;
 }
 
-#define NUM_HEADERS 8
+#define NUM_HEADERS  8
 #define SIZE_HEADERS 5000
 
 static CURLcode test_lib553(const char *URL)
diff --git a/tests/libtest/lib557.c b/tests/libtest/lib557.c
index 9c4f7f9b9f..edf7590732 100644
--- a/tests/libtest/lib557.c
+++ b/tests/libtest/lib557.c
@@ -46,7 +46,7 @@
 #endif
 #endif
 
-#define BUFSZ    256
+#define BUFSZ 256
 
 struct unsshort_st {
   unsigned short num;   /* unsigned short  */
@@ -1166,9 +1166,9 @@ static int test_width_precision(void)
 {
   /* 325 is max precision (and width) for a double */
   char larger[1024];
-#define SPACE60 "                                                            "
+#define SPACE60  "                                                            "
 #define SPACE300 SPACE60 SPACE60 SPACE60 SPACE60 SPACE60
-#define OK325 SPACE300 "                        0"
+#define OK325    SPACE300 "                        0"
 
   int rc;
   int errors = 0;
diff --git a/tests/libtest/lib558.c b/tests/libtest/lib558.c
index 94dd7f57b8..27afa3c9d3 100644
--- a/tests/libtest/lib558.c
+++ b/tests/libtest/lib558.c
@@ -25,8 +25,8 @@
 
 static CURLcode test_lib558(const char *URL)
 {
-  unsigned char a[] = {0x2f, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
-                       0x91, 0xa2, 0xb3, 0xc4, 0xd5, 0xe6, 0xf7};
+  unsigned char a[] = { 0x2f, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
+                        0x91, 0xa2, 0xb3, 0xc4, 0xd5, 0xe6, 0xf7 };
   CURLcode res = CURLE_OK;
   char *ptr = NULL;
   int asize;
diff --git a/tests/libtest/lib576.c b/tests/libtest/lib576.c
index 7ee7bc9525..ae5f5d40b3 100644
--- a/tests/libtest/lib576.c
+++ b/tests/libtest/lib576.c
@@ -98,7 +98,7 @@ static CURLcode test_lib576(const char *URL)
 {
   CURL *curl = NULL;
   CURLcode res = CURLE_OK;
-  struct chunk_data chunk_data = {0, 0};
+  struct chunk_data chunk_data = { 0, 0 };
   curl_global_init(CURL_GLOBAL_ALL);
   curl = curl_easy_init();
   if(!curl) {
diff --git a/tests/libtest/lib582.c b/tests/libtest/lib582.c
index dabebed6ce..3940d9c470 100644
--- a/tests/libtest/lib582.c
+++ b/tests/libtest/lib582.c
@@ -229,9 +229,9 @@ static CURLcode test_lib582(const char *URL)
   int hd;
   struct_stat file_info;
   CURLM *multi = NULL;
-  struct t582_ReadWriteSockets sockets = {{NULL, 0, 0}, {NULL, 0, 0}};
+  struct t582_ReadWriteSockets sockets = { { NULL, 0, 0 }, { NULL, 0, 0 } };
   int success = 0;
-  struct curltime timeout = {0};
+  struct curltime timeout = { 0 };
   timeout.tv_sec = (time_t)-1;
 
   assert(test_argc >= 5);
@@ -304,7 +304,7 @@ static CURLcode test_lib582(const char *URL)
   while(!t582_checkForCompletion(multi, &success)) {
     fd_set readSet, writeSet;
     curl_socket_t maxFd = 0;
-    struct timeval tv = {0};
+    struct timeval tv = { 0 };
     tv.tv_sec = 10;
 
     FD_ZERO(&readSet);
diff --git a/tests/libtest/lib654.c b/tests/libtest/lib654.c
index 7d519d6453..37afec4f5a 100644
--- a/tests/libtest/lib654.c
+++ b/tests/libtest/lib654.c
@@ -107,7 +107,7 @@ static CURLcode test_lib654(const char *URL)
   part = curl_mime_addpart(mime);
   curl_mime_filedata(part, libtest_arg2);
   part = curl_mime_addpart(mime);
-  curl_mime_data_cb(part, (curl_off_t) -1, t654_read_cb, NULL,
+  curl_mime_data_cb(part, (curl_off_t)-1, t654_read_cb, NULL,
                     free_callback, &pooh);
 
   /* Bind mime data to its easy handle. */
diff --git a/tests/libtest/lib670.c b/tests/libtest/lib670.c
index 886bf39a72..08dd7cfa08 100644
--- a/tests/libtest/lib670.c
+++ b/tests/libtest/lib670.c
@@ -23,7 +23,7 @@
  ***************************************************************************/
 #include "first.h"
 
-#define PAUSE_TIME      5
+#define PAUSE_TIME 5
 
 struct t670_ReadThis {
   CURL *curl;
diff --git a/tests/libtest/lib678.c b/tests/libtest/lib678.c
index 525407fddc..3214694c7d 100644
--- a/tests/libtest/lib678.c
+++ b/tests/libtest/lib678.c
@@ -97,7 +97,7 @@ static CURLcode test_lib678(const char *URL)
   curl_global_init(CURL_GLOBAL_DEFAULT);
   if(!strcmp("check", URL)) {
     CURLcode w = CURLE_OK;
-    struct curl_blob blob = {0};
+    struct curl_blob blob = { 0 };
     CURL *curl = curl_easy_init();
     if(curl) {
       w = curl_easy_setopt(curl, CURLOPT_CAINFO_BLOB, &blob);
diff --git a/tests/libtest/lib758.c b/tests/libtest/lib758.c
index fadb1db6fd..37bc3b0e62 100644
--- a/tests/libtest/lib758.c
+++ b/tests/libtest/lib758.c
@@ -57,8 +57,7 @@ static struct t758_ctx {
 
 static const char *t758_tag(void)
 {
-  curl_msnprintf(t758_ctx.buf, sizeof(t758_ctx.buf),
-                 "[T758-%d-%d] [%d/%d]",
+  curl_msnprintf(t758_ctx.buf, sizeof(t758_ctx.buf), "[T758-%d-%d] [%d/%d]",
                  t758_ctx.max_socket_calls, t758_ctx.max_timer_calls,
                  t758_ctx.socket_calls, t758_ctx.timer_calls);
   return t758_ctx.buf;
@@ -204,8 +203,8 @@ static int t758_cert_verify_callback(X509_STORE_CTX *ctx, void *arg)
 {
   SSL *ssl;
   (void)arg;
-  ssl = (SSL *)X509_STORE_CTX_get_ex_data(ctx,
-        SSL_get_ex_data_X509_STORE_CTX_idx());
+  ssl = (SSL *)X509_STORE_CTX_get_ex_data(
+    ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
   t758_ctx.number_of_cert_verify_callbacks++;
   if(!t758_ctx.fake_async_cert_verification_pending) {
     t758_ctx.fake_async_cert_verification_pending = 1;
@@ -222,8 +221,8 @@ static int t758_cert_verify_callback(X509_STORE_CTX *ctx, void *arg)
   }
 }
 
-static CURLcode
-t758_set_ssl_ctx_callback(CURL *curl, void *ssl_ctx, void *clientp)
+static CURLcode t758_set_ssl_ctx_callback(CURL *curl, void *ssl_ctx,
+                                          void *clientp)
 {
   SSL_CTX *ctx = (SSL_CTX *)ssl_ctx;
   (void)curl;
@@ -333,9 +332,9 @@ static CURLcode t758_one(const char *URL, int timer_fail_at,
   CURLcode res = CURLE_OK;
   CURL *curl = NULL;
   CURLM *multi = NULL;
-  struct t758_ReadWriteSockets sockets = {{NULL, 0, 0}, {NULL, 0, 0}};
+  struct t758_ReadWriteSockets sockets = { { NULL, 0, 0 }, { NULL, 0, 0 } };
   int success = 0;
-  struct curltime timeout = {0};
+  struct curltime timeout = { 0 };
   timeout.tv_sec = (time_t)-1;
 
   /* set the limits */
@@ -390,7 +389,7 @@ static CURLcode t758_one(const char *URL, int timer_fail_at,
   while(!t758_checkForCompletion(multi, &success)) {
     fd_set readSet, writeSet;
     curl_socket_t maxFd = 0;
-    struct timeval tv = {0};
+    struct timeval tv = { 0 };
     tv.tv_sec = 10;
 
     if(t758_ctx.fake_async_cert_verification_pending &&
diff --git a/tests/libtest/memptr.c b/tests/libtest/memptr.c
index fe90b01a6c..3c383d9003 100644
--- a/tests/libtest/memptr.c
+++ b/tests/libtest/memptr.c
@@ -26,8 +26,8 @@
 #ifndef CURL_STATICLIB
 
 #if defined(_MSC_VER) && defined(_DLL)
-#  pragma warning(push)
-#  pragma warning(disable:4232) /* MSVC extension, dllimport identity */
+#pragma warning(push)
+#pragma warning(disable:4232) /* MSVC extension, dllimport identity */
 #endif
 
 /* when libcurl is *not* static and we build libtests, the global pointers in
@@ -44,7 +44,7 @@ curl_strdup_callback Curl_cstrdup = (curl_strdup_callback)strdup;
 curl_calloc_callback Curl_ccalloc = (curl_calloc_callback)calloc;
 
 #if defined(_MSC_VER) && defined(_DLL)
-#  pragma warning(pop)
+#pragma warning(pop)
 #endif
 
 #endif /* !CURL_STATICLIB */
diff --git a/tests/server/dnsd.c b/tests/server/dnsd.c
index 58bbd2f3f8..eaf56b03fb 100644
--- a/tests/server/dnsd.c
+++ b/tests/server/dnsd.c
@@ -59,8 +59,8 @@ static int qname(const unsigned char **pkt, size_t *size)
   return 0;
 }
 
-#define QTYPE_A 1
-#define QTYPE_AAAA 28
+#define QTYPE_A     1
+#define QTYPE_AAAA  28
 #define QTYPE_HTTPS 0x41
 
 static const char *type2string(unsigned short qtype)
@@ -497,8 +497,7 @@ static int test_dnsd(int argc, char **argv)
   }
 
   flag = 1;
-  if(setsockopt(sock, SOL_SOCKET, SO_REUSEADDR,
-                (void *)&flag, sizeof(flag))) {
+  if(setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *)&flag, sizeof(flag))) {
     error = SOCKERRNO;
     logmsg("setsockopt(SO_REUSEADDR) failed with error (%d) %s",
            error, curlx_strerror(error, errbuf, sizeof(errbuf)));
diff --git a/tests/server/getpart.c b/tests/server/getpart.c
index becde4a9bb..d76368e016 100644
--- a/tests/server/getpart.c
+++ b/tests/server/getpart.c
@@ -243,7 +243,7 @@ static int decodedata(char  **buf, /* dest buffer */
 int getpart(char **outbuf, size_t *outlen,
             const char *main, const char *sub, FILE *stream)
 {
-# define MAX_TAG_LEN 200
+#define MAX_TAG_LEN 200
   char curouter[MAX_TAG_LEN + 1]; /* current outermost section */
   char curmain[MAX_TAG_LEN + 1];  /* current main section */
   char cursub[MAX_TAG_LEN + 1];   /* current sub section */
diff --git a/tests/server/mqttd.c b/tests/server/mqttd.c
index 081b038d07..64ba64dc69 100644
--- a/tests/server/mqttd.c
+++ b/tests/server/mqttd.c
@@ -55,7 +55,7 @@ struct mqttd_configurable {
   int testnum;
 };
 
-#define REQUEST_DUMP  "server.input"
+#define REQUEST_DUMP   "server.input"
 #define CONFIG_VERSION 5
 
 static struct mqttd_configurable m_config;
@@ -152,7 +152,6 @@ static void logprotocol(mqttdir dir,
           prefix, (int)remlen, data);
 }
 
-
 /* return 0 on success */
 static int connack(FILE *dump, curl_socket_t fd)
 {
@@ -179,7 +178,7 @@ static int connack(FILE *dump, curl_socket_t fd)
 /* return 0 on success */
 static int suback(FILE *dump, curl_socket_t fd, unsigned short packetid)
 {
-  unsigned char packet[]={
+  unsigned char packet[] = {
     MQTT_MSG_SUBACK, 0x03,
     0, 0, /* filled in below */
     0x00
@@ -202,7 +201,7 @@ static int suback(FILE *dump, curl_socket_t fd, unsigned short packetid)
 /* return 0 on success */
 static int puback(FILE *dump, curl_socket_t fd, unsigned short packetid)
 {
-  unsigned char packet[]={
+  unsigned char packet[] = {
     MQTT_MSG_PUBACK, 0x00,
     0, 0 /* filled in below */
   };
@@ -225,7 +224,7 @@ static int puback(FILE *dump, curl_socket_t fd, unsigned short packetid)
 /* return 0 on success */
 static int disconnect(FILE *dump, curl_socket_t fd)
 {
-  unsigned char packet[]={
+  unsigned char packet[] = {
     MQTT_MSG_DISCONNECT, 0x00,
   };
   ssize_t rc = swrite(fd, (char *)packet, sizeof(packet));
@@ -364,7 +363,7 @@ static int publish(FILE *dump,
   return 1;
 }
 
-#define MAX_TOPIC_LENGTH 65535
+#define MAX_TOPIC_LENGTH     65535
 #define MAX_CLIENT_ID_LENGTH 32
 
 static char topic[MAX_TOPIC_LENGTH + 1];
diff --git a/tests/server/rtspd.c b/tests/server/rtspd.c
index 8425623940..6c7aa1e9d0 100644
--- a/tests/server/rtspd.c
+++ b/tests/server/rtspd.c
@@ -88,10 +88,10 @@ struct rtspd_httprequest {
 #define RESPONSE_DUMP "server.response"
 
 /* very-big-path support */
-#define MAXDOCNAMELEN 140000
+#define MAXDOCNAMELEN     140000
 #define MAXDOCNAMELEN_TXT "139999"
 
-#define REQUEST_KEYWORD_SIZE 256
+#define REQUEST_KEYWORD_SIZE     256
 #define REQUEST_KEYWORD_SIZE_TXT "255"
 
 #define CMD_AUTH_REQUIRED "auth_required"
@@ -110,14 +110,15 @@ static const char *docquit_rtsp = "HTTP/1.1 200 Goodbye" END_OF_HEADERS;
 
 /* sent as reply to a CONNECT */
 static const char *docconnect =
-"HTTP/1.1 200 Mighty fine indeed" END_OF_HEADERS;
+  "HTTP/1.1 200 Mighty fine indeed" END_OF_HEADERS;
 
 /* sent as reply to a "bad" CONNECT */
 static const char *docbadconnect =
-"HTTP/1.1 501 Forbidden you fool" END_OF_HEADERS;
+  "HTTP/1.1 501 Forbidden you fool" END_OF_HEADERS;
 
 /* send back this on HTTP 404 file not found */
-static const char *doc404_HTTP = "HTTP/1.1 404 Not Found\r\n"
+static const char *doc404_HTTP =
+  "HTTP/1.1 404 Not Found\r\n"
   "Server: " RTSPDVERSION "\r\n"
   "Connection: close\r\n"
   "Content-Type: text/html"
@@ -128,7 +129,8 @@ static const char *doc404_HTTP = "HTTP/1.1 404 Not Found\r\n"
   "\n"
   "
Not Found
\n"
   "The requested URL was not found on this server.\n"
-  "
" RTSPDVERSION "
\n" "\n";
+  "
" RTSPDVERSION "
\n"
+  "\n";
 
 /* send back this on RTSP 404 file not found */
 static const char *doc404_RTSP = "RTSP/1.0 404 Not Found\r\n"
@@ -1021,8 +1023,7 @@ static int test_rtspd(int argc, char *argv[])
     curl_off_t num;
     if(!strcmp("--version", argv[arg])) {
       printf("rtspd IPv4%s"
-             "\n"
-             ,
+             "\n",
 #ifdef USE_IPV6
              "/IPv6"
 #else
diff --git a/tests/server/sockfilt.c b/tests/server/sockfilt.c
index 9560a39676..db0261bf14 100644
--- a/tests/server/sockfilt.c
+++ b/tests/server/sockfilt.c
@@ -173,7 +173,7 @@ static ssize_t write_wincon(int fd, const void *buf, size_t count)
 
 /* On Windows, we sometimes get this for a broken pipe, seemingly
  * when the client just closed stdin? */
-#define CURL_WIN32_EPIPE      109
+#define CURL_WIN32_EPIPE 109
 
 /*
  * fullread is a wrapper around the read() function. This will repeat the call
@@ -888,7 +888,6 @@ static bool disc_handshake(void)
       logmsg("Throwing away data bytes");
       if(!read_data_block(buffer, sizeof(buffer), &buffer_len))
         return FALSE;
-
     }
     else if(!memcmp("QUIT", buffer, 4)) {
       /* just die */
@@ -1339,31 +1338,31 @@ static int test_sockfilt(int argc, char *argv[])
     /* Active mode, we should connect to the given port number */
     mode = ACTIVE;
     switch(socket_domain) {
-      case AF_INET:
-        memset(&me.sa4, 0, sizeof(me.sa4));
-        me.sa4.sin_family = AF_INET;
-        me.sa4.sin_port = htons(server_connectport);
-        me.sa4.sin_addr.s_addr = INADDR_ANY;
-        if(!addr)
-          addr = "127.0.0.1";
-        curlx_inet_pton(AF_INET, addr, &me.sa4.sin_addr);
+    case AF_INET:
+      memset(&me.sa4, 0, sizeof(me.sa4));
+      me.sa4.sin_family = AF_INET;
+      me.sa4.sin_port = htons(server_connectport);
+      me.sa4.sin_addr.s_addr = INADDR_ANY;
+      if(!addr)
+        addr = "127.0.0.1";
+      curlx_inet_pton(AF_INET, addr, &me.sa4.sin_addr);
 
-        rc = connect(sock, &me.sa, sizeof(me.sa4));
-        break;
+      rc = connect(sock, &me.sa, sizeof(me.sa4));
+      break;
 #ifdef USE_IPV6
-      case AF_INET6:
-        memset(&me.sa6, 0, sizeof(me.sa6));
-        me.sa6.sin6_family = AF_INET6;
-        me.sa6.sin6_port = htons(server_connectport);
-        if(!addr)
-          addr = "::1";
-        curlx_inet_pton(AF_INET6, addr, &me.sa6.sin6_addr);
+    case AF_INET6:
+      memset(&me.sa6, 0, sizeof(me.sa6));
+      me.sa6.sin6_family = AF_INET6;
+      me.sa6.sin6_port = htons(server_connectport);
+      if(!addr)
+        addr = "::1";
+      curlx_inet_pton(AF_INET6, addr, &me.sa6.sin6_addr);
 
-        rc = connect(sock, &me.sa, sizeof(me.sa6));
-        break;
+      rc = connect(sock, &me.sa, sizeof(me.sa6));
+      break;
 #endif /* USE_IPV6 */
-      default:
-        rc = 1;
+    default:
+      rc = 1;
     }
     if(rc) {
       error = SOCKERRNO;
diff --git a/tests/server/socksd.c b/tests/server/socksd.c
index f9fadd2113..99adb727fb 100644
--- a/tests/server/socksd.c
+++ b/tests/server/socksd.c
@@ -76,15 +76,15 @@ struct socksd_configurable {
   char password[256];
 };
 
-#define CONFIG_VERSION 5
-#define CONFIG_NMETHODS_MIN 1 /* unauth, gssapi, auth */
-#define CONFIG_NMETHODS_MAX 3
+#define CONFIG_VERSION         5
+#define CONFIG_NMETHODS_MIN    1 /* unauth, gssapi, auth */
+#define CONFIG_NMETHODS_MAX    3
 #define CONFIG_RESPONSEVERSION CONFIG_VERSION
-#define CONFIG_RESPONSEMETHOD 0 /* no auth */
-#define CONFIG_REQCMD 1 /* CONNECT */
-#define CONFIG_PORT backendport
-#define CONFIG_ADDR backendaddr
-#define CONFIG_CONNECTREP 0
+#define CONFIG_RESPONSEMETHOD  0 /* no auth */
+#define CONFIG_REQCMD          1 /* CONNECT */
+#define CONFIG_PORT            backendport
+#define CONFIG_ADDR            backendaddr
+#define CONFIG_CONNECTREP      0
 
 static struct socksd_configurable s_config;
 
@@ -185,24 +185,24 @@ static void socksd_getconfig(void)
 }
 
 /* RFC 1928, SOCKS5 byte index */
-#define SOCKS5_VERSION 0
+#define SOCKS5_VERSION  0
 #define SOCKS5_NMETHODS 1 /* number of methods that is listed */
 
 /* in the request: */
-#define SOCKS5_REQCMD 1
+#define SOCKS5_REQCMD   1
 #define SOCKS5_RESERVED 2
-#define SOCKS5_ATYP 3
-#define SOCKS5_DSTADDR 4
+#define SOCKS5_ATYP     3
+#define SOCKS5_DSTADDR  4
 
 /* connect response */
-#define SOCKS5_REP 1
+#define SOCKS5_REP     1
 #define SOCKS5_BNDADDR 4
 
 /* auth request */
-#define SOCKS5_ULEN 1
+#define SOCKS5_ULEN  1
 #define SOCKS5_UNAME 2
 
-#define SOCKS4_CD 1
+#define SOCKS4_CD      1
 #define SOCKS4_DSTPORT 2
 
 /* connect to a given IPv4 address, not the one asked for */
diff --git a/tests/server/sws.c b/tests/server/sws.c
index 13f7455469..56135a8326 100644
--- a/tests/server/sws.c
+++ b/tests/server/sws.c
@@ -104,10 +104,10 @@ static size_t num_sockets = 0;
 static const char *cmdfile = "log/server.cmd";
 
 /* very-big-path support */
-#define MAXDOCNAMELEN 140000
+#define MAXDOCNAMELEN     140000
 #define MAXDOCNAMELEN_TXT "139999"
 
-#define REQUEST_KEYWORD_SIZE 256
+#define REQUEST_KEYWORD_SIZE     256
 #define REQUEST_KEYWORD_SIZE_TXT "255"
 
 #define CMD_AUTH_REQUIRED "auth_required"
@@ -141,7 +141,8 @@ static const char *end_of_headers = END_OF_HEADERS;
 static const char *docquit_sws = "HTTP/1.1 200 Goodbye" END_OF_HEADERS;
 
 /* send back this on 404 file not found */
-static const char *doc404 = "HTTP/1.1 404 Not Found\r\n"
+static const char *doc404 =
+  "HTTP/1.1 404 Not Found\r\n"
   "Server: " SWSVERSION "\r\n"
   "Connection: close\r\n"
   "Content-Type: text/html"
@@ -152,7 +153,8 @@ static const char *doc404 = "HTTP/1.1 404 Not Found\r\n"
   "\n"
   "
Not Found
\n"
   "The requested URL was not found on this server.\n"
-  "
" SWSVERSION "
\n" "\n";
+  "
" SWSVERSION "
\n"
+  "\n";
 
 /* work around for handling trailing headers */
 static int already_recv_zeroed_chunk = FALSE;
@@ -332,8 +334,7 @@ static int sws_ProcessRequest(struct sws_httprequest *req)
     char *httppath = NULL;
     size_t npath = 0; /* httppath length */
 
-    if(sscanf(line,
-              "%" REQUEST_KEYWORD_SIZE_TXT "s ", request) == 1) {
+    if(sscanf(line, "%" REQUEST_KEYWORD_SIZE_TXT "s ", request) == 1) {
       http = strstr(line + strlen(request), "HTTP/");
 
       if(http && sscanf(http, "HTTP/%d.%d", &prot_major, &prot_minor) == 2) {
@@ -833,7 +834,7 @@ static int sws_get_request(curl_socket_t sock, struct sws_httprequest *req)
           int rc;
           fd_set input;
           fd_set output;
-          struct timeval timeout = {0};
+          struct timeval timeout = { 0 };
           timeout.tv_sec = 1; /* 1000 ms */
 
           logmsg("Got EAGAIN from sread");
@@ -1318,7 +1319,7 @@ static curl_socket_t connect_to(const char *ipaddr, unsigned short port)
     error = SOCKERRNO;
     if((error == SOCKEINPROGRESS) || (error == SOCKEWOULDBLOCK)) {
       fd_set output;
-      struct timeval timeout = {0};
+      struct timeval timeout = { 0 };
       timeout.tv_sec = 1; /* 1000 ms */
 
       FD_ZERO(&output);
@@ -1386,8 +1387,8 @@ success:
 
 #define data_or_ctrl(x) ((x) ? "DATA" : "CTRL")
 
-#define SWS_CTRL  0
-#define SWS_DATA  1
+#define SWS_CTRL 0
+#define SWS_DATA 1
 
 static void http_connect(curl_socket_t *infdp,
                          curl_socket_t rootfd,
@@ -1395,10 +1396,10 @@ static void http_connect(curl_socket_t *infdp,
                          unsigned short ipport,
                          int keepalive_secs)
 {
-  curl_socket_t serverfd[2] = {CURL_SOCKET_BAD, CURL_SOCKET_BAD};
-  curl_socket_t clientfd[2] = {CURL_SOCKET_BAD, CURL_SOCKET_BAD};
-  ssize_t toc[2] = {0, 0}; /* number of bytes to client */
-  ssize_t tos[2] = {0, 0}; /* number of bytes to server */
+  curl_socket_t serverfd[2] = { CURL_SOCKET_BAD, CURL_SOCKET_BAD };
+  curl_socket_t clientfd[2] = { CURL_SOCKET_BAD, CURL_SOCKET_BAD };
+  ssize_t toc[2] = { 0, 0 }; /* number of bytes to client */
+  ssize_t tos[2] = { 0, 0 }; /* number of bytes to server */
   char readclient[2][256];
   char readserver[2][256];
   bool poll_client_rd[2] = { TRUE, TRUE };
@@ -1441,7 +1442,7 @@ static void http_connect(curl_socket_t *infdp,
     fd_set output;
     ssize_t rc;
     curl_socket_t maxfd = (curl_socket_t)-1;
-    struct timeval timeout = {0};
+    struct timeval timeout = { 0 };
     timeout.tv_sec = 1; /* 1000 ms */
 
     FD_ZERO(&input);
@@ -2176,8 +2177,7 @@ static int test_sws(int argc, char *argv[])
   }
 
   flag = 1;
-  if(setsockopt(sock, SOL_SOCKET, SO_REUSEADDR,
-                (void *)&flag, sizeof(flag))) {
+  if(setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *)&flag, sizeof(flag))) {
     error = SOCKERRNO;
     logmsg("setsockopt(SO_REUSEADDR) failed with error (%d) %s",
            error, curlx_strerror(error, errbuf, sizeof(errbuf)));
@@ -2314,7 +2314,7 @@ static int test_sws(int argc, char *argv[])
     fd_set output;
     curl_socket_t maxfd = (curl_socket_t)-1;
     int active;
-    struct timeval timeout = {0};
+    struct timeval timeout = { 0 };
     timeout.tv_usec = 250000L; /* 250 ms */
 
     /* Clear out closed sockets */
@@ -2458,7 +2458,7 @@ sws_cleanup:
 
   for(socket_idx = 1; socket_idx < num_sockets; ++socket_idx)
     if((all_sockets[socket_idx] != sock) &&
-     (all_sockets[socket_idx] != CURL_SOCKET_BAD))
+       (all_sockets[socket_idx] != CURL_SOCKET_BAD))
       sclose(all_sockets[socket_idx]);
 
   if(sock != CURL_SOCKET_BAD)
diff --git a/tests/server/tftpd.c b/tests/server/tftpd.c
index 99c008031e..d1867e7c87 100644
--- a/tests/server/tftpd.c
+++ b/tests/server/tftpd.c
@@ -70,8 +70,8 @@
 #include 
 
 /*****************************************************************************
-*  This is a rewrite/clone of the arpa/tftp.h file for systems without it.   *
-*****************************************************************************/
+ *  This is a rewrite/clone of the arpa/tftp.h file for systems without it.  *
+ *****************************************************************************/
 #define SEGSIZE 512 /* data segment size */
 
 #if defined(__GNUC__) && ((__GNUC__ >= 3) || \
@@ -105,8 +105,8 @@ struct tftphdr {
 #define TFTP_ENOUSER   7
 
 /*****************************************************************************
-*                      STRUCT DECLARATIONS AND DEFINES                       *
-*****************************************************************************/
+ *                      STRUCT DECLARATIONS AND DEFINES                      *
+ *****************************************************************************/
 
 #ifndef PKTSIZE
 #define PKTSIZE (SEGSIZE + 4)  /* SEGSIZE defined in arpa/tftp.h */
@@ -157,13 +157,13 @@ struct bf {
 #define opcode_ACK   4
 #define opcode_ERROR 5
 
-#define TIMEOUT      5
+#define TIMEOUT 5
 
-#define REQUEST_DUMP  "server.input"
+#define REQUEST_DUMP "server.input"
 
 /*****************************************************************************
-*                              GLOBAL VARIABLES                              *
-*****************************************************************************/
+ *                              GLOBAL VARIABLES                             *
+ *****************************************************************************/
 
 static struct errmsg errmsgs[] = {
   { TFTP_EUNDEF,       "Undefined error code" },
@@ -212,8 +212,8 @@ static const unsigned int rexmtval = TIMEOUT;
 #endif
 
 /*****************************************************************************
-*                            FUNCTION PROTOTYPES                             *
-*****************************************************************************/
+ *                            FUNCTION PROTOTYPES                            *
+ *****************************************************************************/
 
 static struct tftphdr *rw_init(int);
 
@@ -249,8 +249,8 @@ static void justtimeout(int signum);
 #endif /* HAVE_ALARM && SIGALRM */
 
 /*****************************************************************************
-*                          FUNCTION IMPLEMENTATIONS                          *
-*****************************************************************************/
+ *                          FUNCTION IMPLEMENTATIONS                         *
+ *****************************************************************************/
 
 #if defined(HAVE_ALARM) && defined(SIGALRM)
 
@@ -482,9 +482,8 @@ static ssize_t write_behind(struct testcase *test, int convert)
     if(prevchar == '\r') {        /* if prev char was cr */
       if(c == '\n')               /* if have cr,lf then just */
         lseek(test->ofile, -1, SEEK_CUR); /* smash lf on top of the cr */
-      else
-        if(c == '\0')             /* if have cr,nul then */
-          goto skipit;            /* just skip over the putc */
+      else if(c == '\0')          /* if have cr,nul then */
+        goto skipit;              /* just skip over the putc */
       /* else just fall through and allow it */
     }
     /* formerly
@@ -1204,8 +1203,7 @@ static void sendtftp(struct testcase *test, const struct formats *pf)
     (void)sigsetjmp(timeoutbuf, 1);
 #endif
     if(test->writedelay) {
-      logmsg("Pausing %d seconds before %d bytes", test->writedelay,
-             size);
+      logmsg("Pausing %d seconds before %d bytes", test->writedelay, size);
       curlx_wait_ms(1000 * test->writedelay);
     }
 
@@ -1299,7 +1297,7 @@ send_ack:
 #endif
       if(got_exit_signal)
         goto abort;
-      if(n < 0) {                       /* really? */
+      if(n < 0) {                        /* really? */
         logmsg("read: fail");
         goto abort;
       }
@@ -1313,13 +1311,13 @@ send_ack:
         }
         /* Re-synchronize with the other side */
         (void)synchnet(peer);
-        if(rdp->th_block == (recvblock-1))
+        if(rdp->th_block == (recvblock - 1))
           goto send_ack;                 /* rexmit */
       }
     }
 
     size = writeit(test, &rdp, (int)(n - 4), pf->f_convert);
-    if(size != (n-4)) {                 /* ahem */
+    if(size != (n - 4)) {                /* ahem */
       if(size < 0)
         nak(errno + 100);
       else
diff --git a/tests/unit/unit1300.c b/tests/unit/unit1300.c
index 53da9dd4f6..5fae379dce 100644
--- a/tests/unit/unit1300.c
+++ b/tests/unit/unit1300.c
@@ -108,7 +108,7 @@ static CURLcode test_unit1300(const char *arg)
   Curl_llist_insert_next(&llist, Curl_llist_head(&llist),
                          &unusedData_case3, &case3_list);
   fail_unless(Curl_node_elem(Curl_node_next(Curl_llist_head(&llist))) ==
-              &unusedData_case3,
+                &unusedData_case3,
               "the node next to head is not getting set correctly");
   fail_unless(Curl_node_elem(Curl_llist_tail(&llist)) == &unusedData_case3,
               "the list tail is not getting set correctly");
@@ -125,7 +125,7 @@ static CURLcode test_unit1300(const char *arg)
   Curl_llist_insert_next(&llist, Curl_llist_head(&llist),
                          &unusedData_case2, &case2_list);
   fail_unless(Curl_node_elem(Curl_node_next(Curl_llist_head(&llist))) ==
-              &unusedData_case2,
+                &unusedData_case2,
               "the node next to head is not getting set correctly");
   /* better safe than sorry, check that the tail is not corrupted */
   fail_unless(Curl_node_elem(Curl_llist_tail(&llist)) != &unusedData_case2,
@@ -149,7 +149,7 @@ static CURLcode test_unit1300(const char *arg)
 
   Curl_node_remove(Curl_llist_head(&llist));
 
-  fail_unless(Curl_llist_count(&llist) ==  (llist_size-1),
+  fail_unless(Curl_llist_count(&llist) == (llist_size - 1),
               "llist size not decremented as expected");
   fail_unless(Curl_llist_head(&llist) == element_next,
               "llist new head not modified properly");
@@ -243,7 +243,7 @@ static CURLcode test_unit1300(const char *arg)
    */
   Curl_llist_append(&llist, &unusedData_case2, &case2_list);
   fail_unless(Curl_node_elem(Curl_node_next(Curl_llist_head(&llist))) ==
-              &unusedData_case2,
+                &unusedData_case2,
               "the node next to head is not getting set correctly");
   fail_unless(Curl_node_elem(Curl_llist_tail(&llist)) == &unusedData_case2,
               "the list tail is not getting set correctly");
@@ -258,7 +258,7 @@ static CURLcode test_unit1300(const char *arg)
    */
   Curl_llist_append(&llist, &unusedData_case3, &case3_list);
   fail_unless(Curl_node_elem(Curl_node_next(Curl_llist_head(&llist))) ==
-              &unusedData_case2,
+                &unusedData_case2,
               "the node next to head did not stay the same");
   fail_unless(Curl_node_elem(Curl_llist_tail(&llist)) == &unusedData_case3,
               "the list tail is not getting set correctly");
diff --git a/tests/unit/unit1302.c b/tests/unit/unit1302.c
index 157f1f61ed..5fb3d5c636 100644
--- a/tests/unit/unit1302.c
+++ b/tests/unit/unit1302.c
@@ -41,87 +41,87 @@ static CURLcode test_unit1302(const char *arg)
 
   /* common base64 encoding */
   struct etest encode[] = {
-    {"iiiiii", 1, "aQ==", 4 },
-    {"iiiiii", 2, "aWk=", 4 },
-    {"iiiiii", 3, "aWlp", 4 },
-    {"iiiiii", 4, "aWlpaQ==", 8 },
-    {"iiiiii", 5, "aWlpaWk=", 8 },
-    {"iiiiii", 6, "aWlpaWlp", 8 },
-    {"iiiiiii", 7, "aWlpaWlpaQ==", 12 },
-    {"iiiiiiii", 8, "aWlpaWlpaWk=", 12 },
-    {"iiiiiiiii", 9, "aWlpaWlpaWlp", 12 },
-    {"iiiiiiiiii", 10, "aWlpaWlpaWlpaQ==", 16 },
-    {"iiiiiiiiiii", 11, "aWlpaWlpaWlpaWk=", 16 },
-    {"iiiiiiiiiiii", 12, "aWlpaWlpaWlpaWlp", 16 },
-    {"\xff\x01\xfe\x02", 4, "/wH+Ag==", 8 },
-    {"\xff\xff\xff\xff", 4, "/////w==", 8 },
-    {"\x00\x00\x00\x00", 4, "AAAAAA==", 8 },
-    {"\x00\x00\x00\x00", 1, "AA==", 4 },
+    { "iiiiii", 1, "aQ==", 4 },
+    { "iiiiii", 2, "aWk=", 4 },
+    { "iiiiii", 3, "aWlp", 4 },
+    { "iiiiii", 4, "aWlpaQ==", 8 },
+    { "iiiiii", 5, "aWlpaWk=", 8 },
+    { "iiiiii", 6, "aWlpaWlp", 8 },
+    { "iiiiiii", 7, "aWlpaWlpaQ==", 12 },
+    { "iiiiiiii", 8, "aWlpaWlpaWk=", 12 },
+    { "iiiiiiiii", 9, "aWlpaWlpaWlp", 12 },
+    { "iiiiiiiiii", 10, "aWlpaWlpaWlpaQ==", 16 },
+    { "iiiiiiiiiii", 11, "aWlpaWlpaWlpaWk=", 16 },
+    { "iiiiiiiiiiii", 12, "aWlpaWlpaWlpaWlp", 16 },
+    { "\xff\x01\xfe\x02", 4, "/wH+Ag==", 8 },
+    { "\xff\xff\xff\xff", 4, "/////w==", 8 },
+    { "\x00\x00\x00\x00", 4, "AAAAAA==", 8 },
+    { "\x00\x00\x00\x00", 1, "AA==", 4 },
   };
 
   /* base64 URL encoding */
   struct etest url[] = {
-    {"", 0, "", 0 },
-    {"iiiiiiiiiii", 1, "aQ", 2 },
-    {"iiiiiiiiiii", 2, "aWk", 3 },
-    {"iiiiiiiiiii", 3, "aWlp", 4 },
-    {"iiiiiiiiiii", 4, "aWlpaQ", 6 },
-    {"iiiiiiiiiii", 5, "aWlpaWk", 7 },
-    {"iiiiiiiiiii", 6, "aWlpaWlp", 8 },
-    {"iiiiiiiiiii", 7, "aWlpaWlpaQ", 10 },
-    {"iiiiiiiiiii", 8, "aWlpaWlpaWk", 11 },
-    {"iiiiiiiiiii", 9, "aWlpaWlpaWlp", 12 },
-    {"iiiiiiiiiii", 10, "aWlpaWlpaWlpaQ", 14 },
-    {"iiiiiiiiiii", 11, "aWlpaWlpaWlpaWk", 15 },
-    {"iiiiiiiiiiii", 12, "aWlpaWlpaWlpaWlp", 16 },
-    {"\xff\x01\xfe\x02", 4, "_wH-Ag", 6 },
-    {"\xff\xff\xff\xff", 4, "_____w", 6 },
-    {"\xff\x00\xff\x00", 4, "_wD_AA", 6 },
-    {"\x00\xff\x00\xff", 4, "AP8A_w", 6 },
-    {"\x00\x00\x00\x00", 4, "AAAAAA", 6 },
-    {"\x00", 1, "AA", 2 },
-    {"\x01", 1, "AQ", 2 },
-    {"\x02", 1, "Ag", 2 },
-    {"\x03", 1, "Aw", 2 },
-    {"\x04", 1, "BA", 2 }, /* spellchecker:disable-line */
-    {"\x05", 1, "BQ", 2 },
-    {"\x06", 1, "Bg", 2 },
-    {"\x07", 1, "Bw", 2 },
-    {"\x08", 1, "CA", 2 },
-    {"\x09", 1, "CQ", 2 },
-    {"\x0a", 1, "Cg", 2 },
-    {"\x0b", 1, "Cw", 2 },
-    {"\x0c", 1, "DA", 2 },
-    {"\x0d", 1, "DQ", 2 },
-    {"\x0e", 1, "Dg", 2 },
-    {"\x0f", 1, "Dw", 2 },
-    {"\x10", 1, "EA", 2 },
+    { "", 0, "", 0 },
+    { "iiiiiiiiiii", 1, "aQ", 2 },
+    { "iiiiiiiiiii", 2, "aWk", 3 },
+    { "iiiiiiiiiii", 3, "aWlp", 4 },
+    { "iiiiiiiiiii", 4, "aWlpaQ", 6 },
+    { "iiiiiiiiiii", 5, "aWlpaWk", 7 },
+    { "iiiiiiiiiii", 6, "aWlpaWlp", 8 },
+    { "iiiiiiiiiii", 7, "aWlpaWlpaQ", 10 },
+    { "iiiiiiiiiii", 8, "aWlpaWlpaWk", 11 },
+    { "iiiiiiiiiii", 9, "aWlpaWlpaWlp", 12 },
+    { "iiiiiiiiiii", 10, "aWlpaWlpaWlpaQ", 14 },
+    { "iiiiiiiiiii", 11, "aWlpaWlpaWlpaWk", 15 },
+    { "iiiiiiiiiiii", 12, "aWlpaWlpaWlpaWlp", 16 },
+    { "\xff\x01\xfe\x02", 4, "_wH-Ag", 6 },
+    { "\xff\xff\xff\xff", 4, "_____w", 6 },
+    { "\xff\x00\xff\x00", 4, "_wD_AA", 6 },
+    { "\x00\xff\x00\xff", 4, "AP8A_w", 6 },
+    { "\x00\x00\x00\x00", 4, "AAAAAA", 6 },
+    { "\x00", 1, "AA", 2 },
+    { "\x01", 1, "AQ", 2 },
+    { "\x02", 1, "Ag", 2 },
+    { "\x03", 1, "Aw", 2 },
+    { "\x04", 1, "BA", 2 }, /* spellchecker:disable-line */
+    { "\x05", 1, "BQ", 2 },
+    { "\x06", 1, "Bg", 2 },
+    { "\x07", 1, "Bw", 2 },
+    { "\x08", 1, "CA", 2 },
+    { "\x09", 1, "CQ", 2 },
+    { "\x0a", 1, "Cg", 2 },
+    { "\x0b", 1, "Cw", 2 },
+    { "\x0c", 1, "DA", 2 },
+    { "\x0d", 1, "DQ", 2 },
+    { "\x0e", 1, "Dg", 2 },
+    { "\x0f", 1, "Dw", 2 },
+    { "\x10", 1, "EA", 2 },
   };
 
   /* bad decode inputs */
   struct etest badecode[] = {
-    {"", 0, "", 0 }, /* no dats means error */
-    {"", 0, "a", 1 }, /* data is too short */
-    {"", 0, "aQ", 2 }, /* data is too short */
-    {"", 0, "aQ=", 3 }, /* data is too short */
-    {"", 0, "====", 1 }, /* data is only padding characters */
-    {"", 0, "====", 2 }, /* data is only padding characters */
-    {"", 0, "====", 3 }, /* data is only padding characters */
-    {"", 0, "====", 4 }, /* data is only padding characters */
-    {"", 0, "a===", 4 }, /* contains three padding characters */
-    {"", 0, "a=Q=", 4 }, /* contains a padding character mid input */
-    {"", 0, "aWlpa=Q=", 8 }, /* contains a padding character mid input */
-    {"", 0, "a\x1f==", 4 }, /* contains illegal base64 character */
-    {"", 0, "abcd ", 5 }, /* contains illegal base64 character */
-    {"", 0, "abcd  ", 6 }, /* contains illegal base64 character */
-    {"", 0, " abcd", 5 }, /* contains illegal base64 character */
-    {"", 0, "_abcd", 5 }, /* contains illegal base64 character */
-    {"", 0, "abcd-", 5 }, /* contains illegal base64 character */
-    {"", 0, "abcd_", 5 }, /* contains illegal base64 character */
-    {"", 0, "aWlpaWlpaQ==-", 17}, /* bad character after padding */
-    {"", 0, "aWlpaWlpaQ==_", 17}, /* bad character after padding */
-    {"", 0, "aWlpaWlpaQ== ", 17}, /* bad character after padding */
-    {"", 0, "aWlpaWlpaQ=", 15} /* unaligned size, missing a padding char */
+    { "", 0, "", 0 },         /* no dats means error */
+    { "", 0, "a", 1 },        /* data is too short */
+    { "", 0, "aQ", 2 },       /* data is too short */
+    { "", 0, "aQ=", 3 },      /* data is too short */
+    { "", 0, "====", 1 },     /* data is only padding characters */
+    { "", 0, "====", 2 },     /* data is only padding characters */
+    { "", 0, "====", 3 },     /* data is only padding characters */
+    { "", 0, "====", 4 },     /* data is only padding characters */
+    { "", 0, "a===", 4 },     /* contains three padding characters */
+    { "", 0, "a=Q=", 4 },     /* contains a padding character mid input */
+    { "", 0, "aWlpa=Q=", 8 }, /* contains a padding character mid input */
+    { "", 0, "a\x1f==", 4 },  /* contains illegal base64 character */
+    { "", 0, "abcd ", 5 },    /* contains illegal base64 character */
+    { "", 0, "abcd  ", 6 },   /* contains illegal base64 character */
+    { "", 0, " abcd", 5 },    /* contains illegal base64 character */
+    { "", 0, "_abcd", 5 },    /* contains illegal base64 character */
+    { "", 0, "abcd-", 5 },    /* contains illegal base64 character */
+    { "", 0, "abcd_", 5 },    /* contains illegal base64 character */
+    { "", 0, "aWlpaWlpaQ==-", 17 }, /* bad character after padding */
+    { "", 0, "aWlpaWlpaQ==_", 17 }, /* bad character after padding */
+    { "", 0, "aWlpaWlpaQ== ", 17 }, /* bad character after padding */
+    { "", 0, "aWlpaWlpaQ=", 15 } /* unaligned size, missing a padding char */
   };
 
   for(i = 0; i < CURL_ARRAYSIZE(encode); i++) {
@@ -161,7 +161,7 @@ static CURLcode test_unit1302(const char *arg)
     Curl_safefree(decoded);
   }
 
-  for(i = 0 ; i < CURL_ARRAYSIZE(url); i++) {
+  for(i = 0; i < CURL_ARRAYSIZE(url); i++) {
     struct etest *e = &url[i];
     char *out;
     size_t olen;
diff --git a/tests/unit/unit1307.c b/tests/unit/unit1307.c
index 3651b341ed..5c147c6eda 100644
--- a/tests/unit/unit1307.c
+++ b/tests/unit/unit1307.c
@@ -36,17 +36,17 @@
 #define MATCH   CURL_FNMATCH_MATCH
 #define NOMATCH CURL_FNMATCH_NOMATCH
 
-#define LINUX_DIFFER 0x80
-#define LINUX_SHIFT 8
-#define LINUX_MATCH ((CURL_FNMATCH_MATCH << LINUX_SHIFT) | LINUX_DIFFER)
+#define LINUX_DIFFER  0x80
+#define LINUX_SHIFT   8
+#define LINUX_MATCH   ((CURL_FNMATCH_MATCH   << LINUX_SHIFT) | LINUX_DIFFER)
 #define LINUX_NOMATCH ((CURL_FNMATCH_NOMATCH << LINUX_SHIFT) | LINUX_DIFFER)
-#define LINUX_FAIL ((CURL_FNMATCH_FAIL << LINUX_SHIFT) | LINUX_DIFFER)
+#define LINUX_FAIL    ((CURL_FNMATCH_FAIL    << LINUX_SHIFT) | LINUX_DIFFER)
 
-#define MAC_DIFFER 0x40
-#define MAC_SHIFT 16
-#define MAC_MATCH ((CURL_FNMATCH_MATCH << MAC_SHIFT) | MAC_DIFFER)
-#define MAC_NOMATCH ((CURL_FNMATCH_NOMATCH << MAC_SHIFT) | MAC_DIFFER)
-#define MAC_FAIL ((CURL_FNMATCH_FAIL << MAC_SHIFT) | MAC_DIFFER)
+#define MAC_DIFFER    0x40
+#define MAC_SHIFT     16
+#define MAC_MATCH     ((CURL_FNMATCH_MATCH   << MAC_SHIFT) | MAC_DIFFER)
+#define MAC_NOMATCH   ((CURL_FNMATCH_NOMATCH << MAC_SHIFT) | MAC_DIFFER)
+#define MAC_FAIL      ((CURL_FNMATCH_FAIL    << MAC_SHIFT) | MAC_DIFFER)
 
 static const char *ret2name(int i)
 {
diff --git a/tests/unit/unit1309.c b/tests/unit/unit1309.c
index af9a29e110..46596544c6 100644
--- a/tests/unit/unit1309.c
+++ b/tests/unit/unit1309.c
@@ -67,8 +67,8 @@ static CURLcode test_unit1309(const char *arg)
   size_t storage[NUM_NODES * 3];
   int rc;
   int i, j;
-  struct curltime tv_now = {0, 0};
-  root = NULL;              /* the empty tree */
+  struct curltime tv_now = { 0, 0 };
+  root = NULL; /* the empty tree */
 
   /* add nodes */
   for(i = 0; i < NUM_NODES; i++) {
diff --git a/tests/unit/unit1323.c b/tests/unit/unit1323.c
index 15d140e10a..c705dc96eb 100644
--- a/tests/unit/unit1323.c
+++ b/tests/unit/unit1323.c
@@ -34,10 +34,10 @@ static CURLcode test_unit1323(const char *arg)
   };
 
   struct a tests[] = {
-    { {36762, 8345}, {36761, 995926}, 13 },
-    { {36761, 995926}, {36762, 8345}, -13 },
-    { {36761, 995926}, {0, 0}, 36761995 },
-    { {0, 0}, {36761, 995926}, -36761995 },
+    { { 36762, 8345 }, { 36761, 995926 }, 13 },
+    { { 36761, 995926 }, { 36762, 8345 }, -13 },
+    { { 36761, 995926 }, { 0, 0 }, 36761995 },
+    { { 0, 0 }, { 36761, 995926 }, -36761995 },
   };
 
   size_t i;
diff --git a/tests/unit/unit1395.c b/tests/unit/unit1395.c
index 395f3e7707..7ca7f22c10 100644
--- a/tests/unit/unit1395.c
+++ b/tests/unit/unit1395.c
@@ -96,9 +96,9 @@ static CURLcode test_unit1395(const char *arg)
     { "/hello/1/./../2", "/hello/2" },
     { "test/this", "test/this" },
     { "test/this/../now", "test/now" },
-    { "/1../moo../foo", "/1../moo../foo"},
-    { "/../../moo", "/moo"},
-    { "/../../moo?", "/moo?"},
+    { "/1../moo../foo", "/1../moo../foo" },
+    { "/../../moo", "/moo" },
+    { "/../../moo?", "/moo?" },
     { "/123?", "/123?" },
     { "/", NULL },
     { "", NULL },
diff --git a/tests/unit/unit1396.c b/tests/unit/unit1396.c
index 0b74afa84f..fd58c03b80 100644
--- a/tests/unit/unit1396.c
+++ b/tests/unit/unit1396.c
@@ -52,33 +52,33 @@ static CURLcode test_unit1396(const char *arg)
 
   /* unescape, this => that */
   const struct test list1[] = {
-    {"%61", 3, "a", 1},
-    {"%61a", 4, "aa", 2},
-    {"%61b", 4, "ab", 2},
-    {"%6 1", 4, "%6 1", 4},
-    {"%61", 1, "%", 1},
-    {"%61", 2, "%6", 2},
-    {"%6%a", 4, "%6%a", 4},
-    {"%6a", 0, "j", 1},
-    {"%FF", 0, "\xff", 1},
-    {"%FF%00%ff", 9, "\xff\x00\xff", 3},
-    {"%-2", 0, "%-2", 3},
-    {"%FG", 0, "%FG", 3},
-    {NULL, 0, NULL, 0} /* end of list marker */
+    { "%61", 3, "a", 1 },
+    { "%61a", 4, "aa", 2 },
+    { "%61b", 4, "ab", 2 },
+    { "%6 1", 4, "%6 1", 4 },
+    { "%61", 1, "%", 1 },
+    { "%61", 2, "%6", 2 },
+    { "%6%a", 4, "%6%a", 4 },
+    { "%6a", 0, "j", 1 },
+    { "%FF", 0, "\xff", 1 },
+    { "%FF%00%ff", 9, "\xff\x00\xff", 3 },
+    { "%-2", 0, "%-2", 3 },
+    { "%FG", 0, "%FG", 3 },
+    { NULL, 0, NULL, 0 } /* end of list marker */
   };
   /* escape, this => that */
   const struct test list2[] = {
-    {"a", 1, "a", 1},
-    {"/", 1, "%2F", 3},
-    {"a=b", 3, "a%3Db", 5},
-    {"a=b", 0, "a%3Db", 5},
-    {"a=b", 1, "a", 1},
-    {"a=b", 2, "a%3D", 4},
-    {"1/./0", 5, "1%2F.%2F0", 9},
-    {"-._~!#%&", 0, "-._~%21%23%25%26", 16},
-    {"a", 2, "a%00", 4},
-    {"a\xff\x01g", 4, "a%FF%01g", 8},
-    {NULL, 0, NULL, 0} /* end of list marker */
+    { "a", 1, "a", 1 },
+    { "/", 1, "%2F", 3 },
+    { "a=b", 3, "a%3Db", 5 },
+    { "a=b", 0, "a%3Db", 5 },
+    { "a=b", 1, "a", 1 },
+    { "a=b", 2, "a%3D", 4 },
+    { "1/./0", 5, "1%2F.%2F0", 9 },
+    { "-._~!#%&", 0, "-._~%21%23%25%26", 16 },
+    { "a", 2, "a%00", 4 },
+    { "a\xff\x01g", 4, "a%FF%01g", 8 },
+    { NULL, 0, NULL, 0 } /* end of list marker */
   };
   int i;
 
@@ -86,9 +86,7 @@ static CURLcode test_unit1396(const char *arg)
   abort_unless(easy != NULL, "returned NULL!");
   for(i = 0; list1[i].in; i++) {
     int outlen;
-    char *out = curl_easy_unescape(easy,
-                                   list1[i].in, list1[i].inlen,
-                                   &outlen);
+    char *out = curl_easy_unescape(easy, list1[i].in, list1[i].inlen, &outlen);
 
     abort_unless(out != NULL, "returned NULL!");
     fail_unless(outlen == list1[i].outlen, "wrong output length returned");
diff --git a/tests/unit/unit1397.c b/tests/unit/unit1397.c
index e56b894e36..6726c50530 100644
--- a/tests/unit/unit1397.c
+++ b/tests/unit/unit1397.c
@@ -39,56 +39,56 @@ static CURLcode test_unit1397(const char *arg)
   };
 
   static const struct testcase tests[] = {
-    {"", "", FALSE},
-    {"a", "", FALSE},
-    {"", "b", FALSE},
-    {"a", "b", FALSE},
-    {"aa", "bb", FALSE},
-    {"\xff", "\xff", TRUE},
-    {"aa.aa.aa", "aa.aa.bb", FALSE},
-    {"aa.aa.aa", "aa.aa.aa", TRUE},
-    {"aa.aa.aa", "*.aa.bb", FALSE},
-    {"aa.aa.aa", "*.aa.aa", TRUE},
-    {"192.168.0.1", "192.168.0.1", TRUE},
-    {"192.168.0.1", "*.168.0.1", FALSE},
-    {"192.168.0.1", "*.0.1", FALSE},
-    {"h.ello", "*.ello", FALSE},
-    {"h.ello.", "*.ello", FALSE},
-    {"h.ello", "*.ello.", FALSE},
-    {"h.e.llo", "*.e.llo", TRUE},
-    {"h.e.llo", " *.e.llo", FALSE},
-    {" h.e.llo", "*.e.llo", TRUE},
-    {"h.e.llo.", "*.e.llo", TRUE},
-    {"*.e.llo.", "*.e.llo", TRUE},
-    {"************.e.llo.", "*.e.llo", TRUE},
-    {"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
-     "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB"
-     "CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC"
-     "DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD"
-     "EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE"
-     ".e.llo.", "*.e.llo", TRUE},
-    {"\xfe\xfe.e.llo.", "*.e.llo", TRUE},
-    {"h.e.llo.", "*.e.llo.", TRUE},
-    {"h.e.llo", "*.e.llo.", TRUE},
-    {".h.e.llo", "*.e.llo.", FALSE},
-    {"h.e.llo", "*.*.llo.", FALSE},
-    {"h.e.llo", "h.*.llo", FALSE},
-    {"h.e.llo", "h.e.*", FALSE},
-    {"hello", "*.ello", FALSE},
-    {"hello", "**llo", FALSE},
-    {"bar.foo.example.com", "*.example.com", FALSE},
-    {"foo.example.com", "*.example.com", TRUE},
-    {"baz.example.net", "b*z.example.net", FALSE},
-    {"foobaz.example.net", "*baz.example.net", FALSE},
-    {"xn--l8j.example.local", "x*.example.local", FALSE},
-    {"xn--l8j.example.net", "*.example.net", TRUE},
-    {"xn--l8j.example.net", "*j.example.net", FALSE},
-    {"xn--l8j.example.net", "xn--l8j.example.net", TRUE},
-    {"xn--l8j.example.net", "xn--l8j.*.net", FALSE},
-    {"xl8j.example.net", "*.example.net", TRUE},
-    {"fe80::3285:a9ff:fe46:b619", "*::3285:a9ff:fe46:b619", FALSE},
-    {"fe80::3285:a9ff:fe46:b619", "fe80::3285:a9ff:fe46:b619", TRUE},
-    {NULL, NULL, FALSE}
+    { "", "", FALSE },
+    { "a", "", FALSE },
+    { "", "b", FALSE },
+    { "a", "b", FALSE },
+    { "aa", "bb", FALSE },
+    { "\xff", "\xff", TRUE },
+    { "aa.aa.aa", "aa.aa.bb", FALSE },
+    { "aa.aa.aa", "aa.aa.aa", TRUE },
+    { "aa.aa.aa", "*.aa.bb", FALSE },
+    { "aa.aa.aa", "*.aa.aa", TRUE },
+    { "192.168.0.1", "192.168.0.1", TRUE },
+    { "192.168.0.1", "*.168.0.1", FALSE },
+    { "192.168.0.1", "*.0.1", FALSE },
+    { "h.ello", "*.ello", FALSE },
+    { "h.ello.", "*.ello", FALSE },
+    { "h.ello", "*.ello.", FALSE },
+    { "h.e.llo", "*.e.llo", TRUE },
+    { "h.e.llo", " *.e.llo", FALSE },
+    { " h.e.llo", "*.e.llo", TRUE },
+    { "h.e.llo.", "*.e.llo", TRUE },
+    { "*.e.llo.", "*.e.llo", TRUE },
+    { "************.e.llo.", "*.e.llo", TRUE },
+    { "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
+      "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB"
+      "CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC"
+      "DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD"
+      "EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE"
+      ".e.llo.", "*.e.llo", TRUE },
+    { "\xfe\xfe.e.llo.", "*.e.llo", TRUE },
+    { "h.e.llo.", "*.e.llo.", TRUE },
+    { "h.e.llo", "*.e.llo.", TRUE },
+    { ".h.e.llo", "*.e.llo.", FALSE },
+    { "h.e.llo", "*.*.llo.", FALSE },
+    { "h.e.llo", "h.*.llo", FALSE },
+    { "h.e.llo", "h.e.*", FALSE },
+    { "hello", "*.ello", FALSE },
+    { "hello", "**llo", FALSE },
+    { "bar.foo.example.com", "*.example.com", FALSE },
+    { "foo.example.com", "*.example.com", TRUE },
+    { "baz.example.net", "b*z.example.net", FALSE },
+    { "foobaz.example.net", "*baz.example.net", FALSE },
+    { "xn--l8j.example.local", "x*.example.local", FALSE },
+    { "xn--l8j.example.net", "*.example.net", TRUE },
+    { "xn--l8j.example.net", "*j.example.net", FALSE },
+    { "xn--l8j.example.net", "xn--l8j.example.net", TRUE },
+    { "xn--l8j.example.net", "xn--l8j.*.net", FALSE },
+    { "xl8j.example.net", "*.example.net", TRUE },
+    { "fe80::3285:a9ff:fe46:b619", "*::3285:a9ff:fe46:b619", FALSE },
+    { "fe80::3285:a9ff:fe46:b619", "fe80::3285:a9ff:fe46:b619", TRUE },
+    { NULL, NULL, FALSE }
   };
 
   int i;
diff --git a/tests/unit/unit1398.c b/tests/unit/unit1398.c
index abd4447ca4..951a74589f 100644
--- a/tests/unit/unit1398.c
+++ b/tests/unit/unit1398.c
@@ -33,7 +33,7 @@ static CURLcode test_unit1398(const char *arg)
   UNITTEST_BEGIN_SIMPLE
 
   int rc;
-  char buf[3] = {'b', 'u', 'g'};
+  char buf[3] = { 'b', 'u', 'g' };
   static const char *str = "bug";
   int width = 3;
   char output[130];
diff --git a/tests/unit/unit1600.c b/tests/unit/unit1600.c
index a347203255..20a299af73 100644
--- a/tests/unit/unit1600.c
+++ b/tests/unit/unit1600.c
@@ -51,27 +51,36 @@ static CURLcode test_unit1600(const char *arg)
 
   UNITTEST_BEGIN(t1600_setup(&easy))
 
-#if defined(USE_NTLM) && (!defined(USE_WINDOWS_SSPI) || \
-                          defined(USE_WIN32_CRYPTO))
+#if defined(USE_NTLM) &&                                    \
+  (!defined(USE_WINDOWS_SSPI) || defined(USE_WIN32_CRYPTO))
   unsigned char output[21];
   unsigned char *testp = output;
   Curl_ntlm_core_mk_nt_hash("1", output);
 
   verify_memory(testp,
-              "\x69\x94\x3c\x5e\x63\xb4\xd2\xc1\x04\xdb"
-              "\xbc\xc1\x51\x38\xb7\x2b\x00\x00\x00\x00\x00", 21);
+                "\x69\x94\x3c\x5e\x63\xb4\xd2\xc1\x04\xdb"
+                "\xbc\xc1\x51\x38\xb7\x2b\x00\x00\x00\x00\x00",
+                21);
 
   Curl_ntlm_core_mk_nt_hash("hello-you-fool", output);
 
   verify_memory(testp,
-              "\x39\xaf\x87\xa6\x75\x0a\x7a\x00\xba\xa0"
-              "\xd3\x4f\x04\x9e\xc1\xd0\x00\x00\x00\x00\x00", 21);
+                "\x39\xaf\x87\xa6\x75\x0a\x7a\x00\xba\xa0"
+                "\xd3\x4f\x04\x9e\xc1\xd0\x00\x00\x00\x00\x00",
+                21);
 
-  /* !checksrc! disable LONGLINE 2 */
-  Curl_ntlm_core_mk_nt_hash("AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA", output);
+  Curl_ntlm_core_mk_nt_hash(
+    "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
+    "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
+    "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
+    "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
+    "AAAAAAAA",
+    output);
 
   verify_memory(testp,
-                "\x36\x9d\xae\x06\x84\x7e\xe1\xc1\x4a\x94\x39\xea\x6f\x44\x8c\x65\x00\x00\x00\x00\x00", 21);
+                "\x36\x9d\xae\x06\x84\x7e\xe1\xc1\x4a\x94\x39\xea\x6f\x44\x8c"
+                "\x65\x00\x00\x00\x00\x00",
+                21);
 #endif
 
   UNITTEST_END(t1600_stop(easy))
diff --git a/tests/unit/unit1601.c b/tests/unit/unit1601.c
index fa7743785d..9b0b38486f 100644
--- a/tests/unit/unit1601.c
+++ b/tests/unit/unit1601.c
@@ -42,7 +42,7 @@ static CURLcode test_unit1601(const char *arg)
   verify_memory(testp, "\xc4\xca\x42\x38\xa0\xb9\x23\x82\x0d\xcc\x50\x9a\x6f"
                 "\x75\x84\x9b", MD5_DIGEST_LEN);
 
-  Curl_md5it(output, (const unsigned char *) string2, strlen(string2));
+  Curl_md5it(output, (const unsigned char *)string2, strlen(string2));
 
   verify_memory(testp, "\x88\x67\x0b\x6d\x5d\x74\x2f\xad\xa5\xcd\xf9\xb6\x82"
                 "\x87\x5f\x22", MD5_DIGEST_LEN);
diff --git a/tests/unit/unit1606.c b/tests/unit/unit1606.c
index c7f3d718c7..03126a7478 100644
--- a/tests/unit/unit1606.c
+++ b/tests/unit/unit1606.c
@@ -52,7 +52,7 @@ static int runawhile(struct Curl_easy *easy,
                      int dec)
 {
   int counter = 1;
-  struct curltime now = {1, 0};
+  struct curltime now = { 1, 0 };
   CURLcode res;
   int finaltime;
 
diff --git a/tests/unit/unit1607.c b/tests/unit/unit1607.c
index 233866da18..c23a59fa54 100644
--- a/tests/unit/unit1607.c
+++ b/tests/unit/unit1607.c
@@ -140,7 +140,7 @@ static CURLcode test_unit1607(const char *arg)
 
     for(j = 0; j < addressnum; ++j) {
       uint16_t port = 0;
-      char ipaddress[MAX_IPADR_LEN] = {0};
+      char ipaddress[MAX_IPADR_LEN] = { 0 };
 
       if(!addr && !tests[i].address[j])
         break;
diff --git a/tests/unit/unit1609.c b/tests/unit/unit1609.c
index bf912b99cd..b1eac34923 100644
--- a/tests/unit/unit1609.c
+++ b/tests/unit/unit1609.c
@@ -142,7 +142,7 @@ static CURLcode test_unit1609(const char *arg)
 
     for(j = 0; j < addressnum; ++j) {
       uint16_t port = 0;
-      char ipaddress[MAX_IPADR_LEN] = {0};
+      char ipaddress[MAX_IPADR_LEN] = { 0 };
 
       if(!addr && !tests[i].address[j])
         break;
diff --git a/tests/unit/unit1610.c b/tests/unit/unit1610.c
index 5c47fe28e2..ba64a15a96 100644
--- a/tests/unit/unit1610.c
+++ b/tests/unit/unit1610.c
@@ -49,14 +49,16 @@ static CURLcode test_unit1610(const char *arg)
   verify_memory(testp,
                 "\x6b\x86\xb2\x73\xff\x34\xfc\xe1\x9d\x6b\x80\x4e\xff\x5a\x3f"
                 "\x57\x47\xad\xa4\xea\xa2\x2f\x1d\x49\xc0\x1e\x52\xdd\xb7\x87"
-                "\x5b\x4b", CURL_SHA256_DIGEST_LENGTH);
+                "\x5b\x4b",
+                CURL_SHA256_DIGEST_LENGTH);
 
   Curl_sha256it(output, (const unsigned char *)string2, strlen(string2));
 
   verify_memory(testp,
                 "\xcb\xb1\x6a\x8a\xb9\xcb\xb9\x35\xa8\xcb\xa0\x2e\x28\xc0\x26"
                 "\x30\xd1\x19\x9c\x1f\x02\x17\xf4\x7c\x96\x20\xf3\xef\xe8\x27"
-                "\x15\xae", CURL_SHA256_DIGEST_LENGTH);
+                "\x15\xae",
+                CURL_SHA256_DIGEST_LENGTH);
 #endif
 
   UNITTEST_END(curl_global_cleanup())
diff --git a/tests/unit/unit1611.c b/tests/unit/unit1611.c
index 88c79eb3d9..fbff7f9211 100644
--- a/tests/unit/unit1611.c
+++ b/tests/unit/unit1611.c
@@ -39,13 +39,15 @@ static CURLcode test_unit1611(const char *arg)
 
   verify_memory(testp,
                 "\x8b\xe1\xec\x69\x7b\x14\xad\x3a\x53\xb3\x71\x43\x61\x20\x64"
-                "\x1d", MD4_DIGEST_LENGTH);
+                "\x1d",
+                MD4_DIGEST_LENGTH);
 
   Curl_md4it(output, (const unsigned char *)string2, strlen(string2));
 
   verify_memory(testp,
                 "\xa7\x16\x1c\xad\x7e\xbe\xdb\xbc\xf8\xc7\x23\x10\x2d\x2c\xe2"
-                "\x0b", MD4_DIGEST_LENGTH);
+                "\x0b",
+                MD4_DIGEST_LENGTH);
 #endif
 
   UNITTEST_END_SIMPLE
diff --git a/tests/unit/unit1612.c b/tests/unit/unit1612.c
index 7d8c9acf96..313ca0f329 100644
--- a/tests/unit/unit1612.c
+++ b/tests/unit/unit1612.c
@@ -46,7 +46,8 @@ static CURLcode test_unit1612(const char *arg)
 
   verify_memory(testp,
                 "\xd1\x29\x75\x43\x58\xdc\xab\x78\xdf\xcd\x7f\x2b\x29\x31\x13"
-                "\x37", HMAC_MD5_LENGTH);
+                "\x37",
+                HMAC_MD5_LENGTH);
 
   Curl_hmacit(&Curl_HMAC_MD5,
               (const unsigned char *)password, strlen(password),
@@ -55,7 +56,8 @@ static CURLcode test_unit1612(const char *arg)
 
   verify_memory(testp,
                 "\x75\xf1\xa7\xb9\xf5\x40\xe5\xa4\x98\x83\x9f\x64\x5a\x27\x6d"
-                "\xd0", HMAC_MD5_LENGTH);
+                "\xd0",
+                HMAC_MD5_LENGTH);
 #endif
 
   UNITTEST_END_SIMPLE
diff --git a/tests/unit/unit1614.c b/tests/unit/unit1614.c
index 7b66af8431..ed0e3aba98 100644
--- a/tests/unit/unit1614.c
+++ b/tests/unit/unit1614.c
@@ -40,28 +40,28 @@ static CURLcode test_unit1614(const char *arg)
     bool match;
   };
   struct check list4[] = {
-    { "192.160.0.1", "192.160.0.1", 33, FALSE},
-    { "192.160.0.1", "192.160.0.1", 32, TRUE},
-    { "192.160.0.1", "192.160.0.1", 0, TRUE},
-    { "192.160.0.1", "192.160.0.1", 24, TRUE},
-    { "192.160.0.1", "192.160.0.1", 26, TRUE},
-    { "192.160.0.1", "192.160.0.1", 20, TRUE},
-    { "192.160.0.1", "192.160.0.1", 18, TRUE},
-    { "192.160.0.1", "192.160.0.1", 12, TRUE},
-    { "192.160.0.1", "192.160.0.1", 8, TRUE},
-    { "192.160.0.1", "10.0.0.1", 8, FALSE},
-    { "192.160.0.1", "10.0.0.1", 32, FALSE},
-    { "192.160.0.1", "10.0.0.1", 0, FALSE},
-    { NULL, NULL, 0, FALSE} /* end marker */
+    { "192.160.0.1", "192.160.0.1", 33, FALSE },
+    { "192.160.0.1", "192.160.0.1", 32, TRUE },
+    { "192.160.0.1", "192.160.0.1", 0, TRUE },
+    { "192.160.0.1", "192.160.0.1", 24, TRUE },
+    { "192.160.0.1", "192.160.0.1", 26, TRUE },
+    { "192.160.0.1", "192.160.0.1", 20, TRUE },
+    { "192.160.0.1", "192.160.0.1", 18, TRUE },
+    { "192.160.0.1", "192.160.0.1", 12, TRUE },
+    { "192.160.0.1", "192.160.0.1", 8, TRUE },
+    { "192.160.0.1", "10.0.0.1", 8, FALSE },
+    { "192.160.0.1", "10.0.0.1", 32, FALSE },
+    { "192.160.0.1", "10.0.0.1", 0, FALSE },
+    { NULL, NULL, 0, FALSE } /* end marker */
   };
 #ifdef USE_IPV6
   struct check list6[] = {
-    { "::1", "::1", 0, TRUE},
-    { "::1", "::1", 128, TRUE},
-    { "::1", "0:0::1", 128, TRUE},
-    { "::1", "0:0::1", 129, FALSE},
-    { "fe80::ab47:4396:55c9:8474", "fe80::ab47:4396:55c9:8474", 64, TRUE},
-    { NULL, NULL, 0, FALSE} /* end marker */
+    { "::1", "::1", 0, TRUE },
+    { "::1", "::1", 128, TRUE },
+    { "::1", "0:0::1", 128, TRUE },
+    { "::1", "0:0::1", 129, FALSE },
+    { "fe80::ab47:4396:55c9:8474", "fe80::ab47:4396:55c9:8474", 64, TRUE },
+    { NULL, NULL, 0, FALSE } /* end marker */
   };
 #endif
   struct noproxy {
@@ -70,91 +70,91 @@ static CURLcode test_unit1614(const char *arg)
     bool match;
   };
   struct noproxy list[] = {
-    { "www.example.com", "localhost .example.com .example.de", FALSE},
-    { "www.example.com", "localhost,.example.com,.example.de", TRUE},
-    { "www.example.com.", "localhost,.example.com,.example.de", TRUE},
-    { "example.com", "localhost,.example.com,.example.de", TRUE},
-    { "example.com.", "localhost,.example.com,.example.de", TRUE},
-    { "www.example.com", "localhost,.example.com.,.example.de", TRUE},
-    { "www.example.com", "localhost,www.example.com.,.example.de", TRUE},
-    { "example.com", "localhost,example.com,.example.de", TRUE},
-    { "example.com.", "localhost,example.com,.example.de", TRUE},
-    { "nexample.com", "localhost,example.com,.example.de", FALSE},
-    { "www.example.com", "localhost,example.com,.example.de", TRUE},
-    { "127.0.0.1", "127.0.0.1,localhost", TRUE},
-    { "127.0.0.1", "127.0.0.1,localhost,", TRUE},
-    { "127.0.0.1", "127.0.0.1/8,localhost,", TRUE},
-    { "127.0.0.1", "127.0.0.1/28,localhost,", TRUE},
-    { "127.0.0.1", "127.0.0.1/31,localhost,", TRUE},
-    { "127.0.0.1", "localhost,127.0.0.1", TRUE},
+    { "www.example.com", "localhost .example.com .example.de", FALSE },
+    { "www.example.com", "localhost,.example.com,.example.de", TRUE },
+    { "www.example.com.", "localhost,.example.com,.example.de", TRUE },
+    { "example.com", "localhost,.example.com,.example.de", TRUE },
+    { "example.com.", "localhost,.example.com,.example.de", TRUE },
+    { "www.example.com", "localhost,.example.com.,.example.de", TRUE },
+    { "www.example.com", "localhost,www.example.com.,.example.de", TRUE },
+    { "example.com", "localhost,example.com,.example.de", TRUE },
+    { "example.com.", "localhost,example.com,.example.de", TRUE },
+    { "nexample.com", "localhost,example.com,.example.de", FALSE },
+    { "www.example.com", "localhost,example.com,.example.de", TRUE },
+    { "127.0.0.1", "127.0.0.1,localhost", TRUE },
+    { "127.0.0.1", "127.0.0.1,localhost,", TRUE },
+    { "127.0.0.1", "127.0.0.1/8,localhost,", TRUE },
+    { "127.0.0.1", "127.0.0.1/28,localhost,", TRUE },
+    { "127.0.0.1", "127.0.0.1/31,localhost,", TRUE },
+    { "127.0.0.1", "localhost,127.0.0.1", TRUE },
     { "127.0.0.1", "localhost,127.0.0.1.127.0.0.1.127.0.0.1.127.0.0.1."
       "127.0.0.1.127.0.0.1.127.0.0.1.127.0.0.1.127.0.0.1.127.0.0.1.127."
-      "0.0.1.127.0.0.1.127.0.0." /* 128 bytes "address" */, FALSE},
+      "0.0.1.127.0.0.1.127.0.0." /* 128 bytes "address" */, FALSE },
     { "127.0.0.1", "localhost,127.0.0.1.127.0.0.1.127.0.0.1.127.0.0.1."
       "127.0.0.1.127.0.0.1.127.0.0.1.127.0.0.1.127.0.0.1.127.0.0.1.127."
-      "0.0.1.127.0.0.1.127.0.0" /* 127 bytes "address" */, FALSE},
-    { "localhost", "localhost,127.0.0.1", TRUE},
-    { "localhost", "127.0.0.1,localhost", TRUE},
-    { "foobar", "barfoo", FALSE},
-    { "foobar", "foobar", TRUE},
-    { "192.168.0.1", "foobar", FALSE},
-    { "192.168.0.1", "192.168.0.0/16", TRUE},
-    { "192.168.0.1", "192.168.0.0/16a", FALSE},
-    { "192.168.0.1", "192.168.0.0/16 ", TRUE},
-    { "192.168.0.1", "192.168.0.0/a16", FALSE},
-    { "192.168.0.1", "192.168.0.0/ 16", FALSE},
-    { "192.168.0.1", "192.168.0.0/24", TRUE},
-    { "192.168.0.1", "192.168.0.0/32", FALSE},
-    { "192.168.0.1", "192.168.0.1/32", TRUE},
-    { "192.168.0.1", "192.168.0.1/33", FALSE},
-    { "192.168.0.1", "192.168.0.0", FALSE},
-    { "192.168.1.1", "192.168.0.0/24", FALSE},
-    { "192.168.1.1", "192.168.0.0/33", FALSE},
-    { "192.168.1.1", "foo, bar, 192.168.0.0/24", FALSE},
-    { "192.168.1.1", "foo, bar, 192.168.0.0/16", TRUE},
+      "0.0.1.127.0.0.1.127.0.0" /* 127 bytes "address" */, FALSE },
+    { "localhost", "localhost,127.0.0.1", TRUE },
+    { "localhost", "127.0.0.1,localhost", TRUE },
+    { "foobar", "barfoo", FALSE },
+    { "foobar", "foobar", TRUE },
+    { "192.168.0.1", "foobar", FALSE },
+    { "192.168.0.1", "192.168.0.0/16", TRUE },
+    { "192.168.0.1", "192.168.0.0/16a", FALSE },
+    { "192.168.0.1", "192.168.0.0/16 ", TRUE },
+    { "192.168.0.1", "192.168.0.0/a16", FALSE },
+    { "192.168.0.1", "192.168.0.0/ 16", FALSE },
+    { "192.168.0.1", "192.168.0.0/24", TRUE },
+    { "192.168.0.1", "192.168.0.0/32", FALSE },
+    { "192.168.0.1", "192.168.0.1/32", TRUE },
+    { "192.168.0.1", "192.168.0.1/33", FALSE },
+    { "192.168.0.1", "192.168.0.0", FALSE },
+    { "192.168.1.1", "192.168.0.0/24", FALSE },
+    { "192.168.1.1", "192.168.0.0/33", FALSE },
+    { "192.168.1.1", "foo, bar, 192.168.0.0/24", FALSE },
+    { "192.168.1.1", "foo, bar, 192.168.0.0/16", TRUE },
 #ifdef USE_IPV6
-    { "::1", "foo, bar, 192.168.0.0/16", FALSE},
-    { "::1", "foo, bar, ::1/64", TRUE},
-    { "::1", "::1/64", TRUE},
-    { "::1", "::1/96", TRUE},
-    { "::1", "::1/129", FALSE},
-    { "::1", "::1/128", TRUE},
-    { "::1", "::1/127", TRUE},
-    { "::1", "::1/a127", FALSE},
-    { "::1", "::1/127a", FALSE},
-    { "::1", "::1/ 127", FALSE},
-    { "::1", "::1/127 ", TRUE},
-    { "::1", "::1/126", TRUE},
-    { "::1", "::1/125", TRUE},
-    { "::1", "::1/124", TRUE},
-    { "::1", "::1/123", TRUE},
-    { "::1", "::1/122", TRUE},
-    { "2001:db8:8000::1", "2001:db8::/65", FALSE},
-    { "2001:db8:8000::1", "2001:db8::/66", FALSE},
-    { "2001:db8:8000::1", "2001:db8::/67", FALSE},
-    { "2001:db8:8000::1", "2001:db8::/68", FALSE},
-    { "2001:db8:8000::1", "2001:db8::/69", FALSE},
-    { "2001:db8:8000::1", "2001:db8::/70", FALSE},
-    { "2001:db8:8000::1", "2001:db8::/71", FALSE},
-    { "2001:db8:8000::1", "2001:db8::/72", FALSE},
-    { "2001:db8::1", "2001:db8::/65", TRUE},
-    { "2001:db8::1", "2001:db8::/66", TRUE},
-    { "2001:db8::1", "2001:db8::/67", TRUE},
-    { "2001:db8::1", "2001:db8::/68", TRUE},
-    { "2001:db8::1", "2001:db8::/69", TRUE},
-    { "2001:db8::1", "2001:db8::/70", TRUE},
-    { "2001:db8::1", "2001:db8::/71", TRUE},
-    { "2001:db8::1", "2001:db8::/72", TRUE},
-    { "::1", "::1/129", FALSE},
-    { "bar", "foo, bar, ::1/64", TRUE},
-    { "BAr", "foo, bar, ::1/64", TRUE},
-    { "BAr", "foo,,,,,              bar, ::1/64", TRUE},
+    { "::1", "foo, bar, 192.168.0.0/16", FALSE },
+    { "::1", "foo, bar, ::1/64", TRUE },
+    { "::1", "::1/64", TRUE },
+    { "::1", "::1/96", TRUE },
+    { "::1", "::1/129", FALSE },
+    { "::1", "::1/128", TRUE },
+    { "::1", "::1/127", TRUE },
+    { "::1", "::1/a127", FALSE },
+    { "::1", "::1/127a", FALSE },
+    { "::1", "::1/ 127", FALSE },
+    { "::1", "::1/127 ", TRUE },
+    { "::1", "::1/126", TRUE },
+    { "::1", "::1/125", TRUE },
+    { "::1", "::1/124", TRUE },
+    { "::1", "::1/123", TRUE },
+    { "::1", "::1/122", TRUE },
+    { "2001:db8:8000::1", "2001:db8::/65", FALSE },
+    { "2001:db8:8000::1", "2001:db8::/66", FALSE },
+    { "2001:db8:8000::1", "2001:db8::/67", FALSE },
+    { "2001:db8:8000::1", "2001:db8::/68", FALSE },
+    { "2001:db8:8000::1", "2001:db8::/69", FALSE },
+    { "2001:db8:8000::1", "2001:db8::/70", FALSE },
+    { "2001:db8:8000::1", "2001:db8::/71", FALSE },
+    { "2001:db8:8000::1", "2001:db8::/72", FALSE },
+    { "2001:db8::1", "2001:db8::/65", TRUE },
+    { "2001:db8::1", "2001:db8::/66", TRUE },
+    { "2001:db8::1", "2001:db8::/67", TRUE },
+    { "2001:db8::1", "2001:db8::/68", TRUE },
+    { "2001:db8::1", "2001:db8::/69", TRUE },
+    { "2001:db8::1", "2001:db8::/70", TRUE },
+    { "2001:db8::1", "2001:db8::/71", TRUE },
+    { "2001:db8::1", "2001:db8::/72", TRUE },
+    { "::1", "::1/129", FALSE },
+    { "bar", "foo, bar, ::1/64", TRUE },
+    { "BAr", "foo, bar, ::1/64", TRUE },
+    { "BAr", "foo,,,,,              bar, ::1/64", TRUE },
 #endif
-    { "www.example.com", "foo, .example.com", TRUE},
-    { "www.example.com", "www2.example.com, .example.net", FALSE},
-    { "example.com", ".example.com, .example.net", TRUE},
-    { "nonexample.com", ".example.com, .example.net", FALSE},
-    { NULL, NULL, FALSE}
+    { "www.example.com", "foo, .example.com", TRUE },
+    { "www.example.com", "www2.example.com, .example.net", FALSE },
+    { "example.com", ".example.com, .example.net", TRUE },
+    { "nonexample.com", ".example.com, .example.net", FALSE },
+    { NULL, NULL, FALSE }
   };
   for(i = 0; list4[i].a; i++) {
     bool match = Curl_cidr4_match(list4[i].a, list4[i].n, list4[i].bits);
diff --git a/tests/unit/unit1615.c b/tests/unit/unit1615.c
index fadb1aaa59..93237db274 100644
--- a/tests/unit/unit1615.c
+++ b/tests/unit/unit1615.c
@@ -34,77 +34,78 @@ static CURLcode test_unit1615(const char *arg)
 
   static const char test_str1[] = "1";
   static const unsigned char precomp_hash1[CURL_SHA512_256_DIGEST_LENGTH] = {
-     0x18, 0xd2, 0x75, 0x66, 0xbd, 0x1a, 0xc6, 0x6b, 0x23, 0x32, 0xd8,
-     0xc5, 0x4a, 0xd4, 0x3f, 0x7b, 0xb2, 0x20, 0x79, 0xc9, 0x06, 0xd0,
-     0x5f, 0x49, 0x1f, 0x3f, 0x07, 0xa2, 0x8d, 0x5c, 0x69, 0x90
+    0x18, 0xd2, 0x75, 0x66, 0xbd, 0x1a, 0xc6, 0x6b, 0x23, 0x32, 0xd8,
+    0xc5, 0x4a, 0xd4, 0x3f, 0x7b, 0xb2, 0x20, 0x79, 0xc9, 0x06, 0xd0,
+    0x5f, 0x49, 0x1f, 0x3f, 0x07, 0xa2, 0x8d, 0x5c, 0x69, 0x90
   };
   static const char test_str2[] = "hello-you-fool";
   static const unsigned char precomp_hash2[CURL_SHA512_256_DIGEST_LENGTH] = {
-      0xaf, 0x6f, 0xb4, 0xb0, 0x13, 0x9b, 0xee, 0x13, 0xd1, 0x95, 0x3c,
-      0xb8, 0xc7, 0xcd, 0x5b, 0x19, 0xf9, 0xcd, 0xcd, 0x21, 0xef, 0xdf,
-      0xa7, 0x42, 0x5c, 0x07, 0x13, 0xea, 0xcc, 0x1a, 0x39, 0x76
+    0xaf, 0x6f, 0xb4, 0xb0, 0x13, 0x9b, 0xee, 0x13, 0xd1, 0x95, 0x3c,
+    0xb8, 0xc7, 0xcd, 0x5b, 0x19, 0xf9, 0xcd, 0xcd, 0x21, 0xef, 0xdf,
+    0xa7, 0x42, 0x5c, 0x07, 0x13, 0xea, 0xcc, 0x1a, 0x39, 0x76
   };
   static const char test_str3[] = "abc";
   static const unsigned char precomp_hash3[CURL_SHA512_256_DIGEST_LENGTH] = {
-      0x53, 0x04, 0x8E, 0x26, 0x81, 0x94, 0x1E, 0xF9, 0x9B, 0x2E, 0x29,
-      0xB7, 0x6B, 0x4C, 0x7D, 0xAB, 0xE4, 0xC2, 0xD0, 0xC6, 0x34, 0xFC,
-      0x6D, 0x46, 0xE0, 0xE2, 0xF1, 0x31, 0x07, 0xE7, 0xAF, 0x23
+    0x53, 0x04, 0x8E, 0x26, 0x81, 0x94, 0x1E, 0xF9, 0x9B, 0x2E, 0x29,
+    0xB7, 0x6B, 0x4C, 0x7D, 0xAB, 0xE4, 0xC2, 0xD0, 0xC6, 0x34, 0xFC,
+    0x6D, 0x46, 0xE0, 0xE2, 0xF1, 0x31, 0x07, 0xE7, 0xAF, 0x23
   };
   static const char test_str4[] = ""; /* empty, zero size input */
   static const unsigned char precomp_hash4[CURL_SHA512_256_DIGEST_LENGTH] = {
-      0xc6, 0x72, 0xb8, 0xd1, 0xef, 0x56, 0xed, 0x28, 0xab, 0x87, 0xc3,
-      0x62, 0x2c, 0x51, 0x14, 0x06, 0x9b, 0xdd, 0x3a, 0xd7, 0xb8, 0xf9,
-      0x73, 0x74, 0x98, 0xd0, 0xc0, 0x1e, 0xce, 0xf0, 0x96, 0x7a
+    0xc6, 0x72, 0xb8, 0xd1, 0xef, 0x56, 0xed, 0x28, 0xab, 0x87, 0xc3,
+    0x62, 0x2c, 0x51, 0x14, 0x06, 0x9b, 0xdd, 0x3a, 0xd7, 0xb8, 0xf9,
+    0x73, 0x74, 0x98, 0xd0, 0xc0, 0x1e, 0xce, 0xf0, 0x96, 0x7a
   };
   static const char test_str5[] =
-      "abcdefghijklmnopqrstuvwxyzzyxwvutsrqponMLKJIHGFEDCBA" \
-      "abcdefghijklmnopqrstuvwxyzzyxwvutsrqponMLKJIHGFEDCBA";
+    "abcdefghijklmnopqrstuvwxyzzyxwvutsrqponMLKJIHGFEDCBA"
+    "abcdefghijklmnopqrstuvwxyzzyxwvutsrqponMLKJIHGFEDCBA";
   static const unsigned char precomp_hash5[CURL_SHA512_256_DIGEST_LENGTH] = {
-      0xad, 0xe9, 0x5d, 0x55, 0x3b, 0x9e, 0x45, 0x69, 0xdb, 0x53, 0xa4,
-      0x04, 0x92, 0xe7, 0x87, 0x94, 0xff, 0xc9, 0x98, 0x5f, 0x93, 0x03,
-      0x86, 0x45, 0xe1, 0x97, 0x17, 0x72, 0x7c, 0xbc, 0x31, 0x15
+    0xad, 0xe9, 0x5d, 0x55, 0x3b, 0x9e, 0x45, 0x69, 0xdb, 0x53, 0xa4,
+    0x04, 0x92, 0xe7, 0x87, 0x94, 0xff, 0xc9, 0x98, 0x5f, 0x93, 0x03,
+    0x86, 0x45, 0xe1, 0x97, 0x17, 0x72, 0x7c, 0xbc, 0x31, 0x15
   };
   static const char test_str6[] =
-      "/long/long/long/long/long/long/long/long/long/long/long" \
-      "/long/long/long/long/long/long/long/long/long/long/long" \
-      "/long/long/long/long/long/long/long/long/long/long/long" \
-      "/long/long/long/long/long/long/long/long/long/long/long" \
-      "/long/long/long/long/long/long/long/long/long/long/long" \
-      "/long/long/long/long/long/long/long/long/long/long/long" \
-      "/long/long/long/long/path?with%20some=parameters";
+    "/long/long/long/long/long/long/long/long/long/long/long"
+    "/long/long/long/long/long/long/long/long/long/long/long"
+    "/long/long/long/long/long/long/long/long/long/long/long"
+    "/long/long/long/long/long/long/long/long/long/long/long"
+    "/long/long/long/long/long/long/long/long/long/long/long"
+    "/long/long/long/long/long/long/long/long/long/long/long"
+    "/long/long/long/long/path?with%20some=parameters";
   static const unsigned char precomp_hash6[CURL_SHA512_256_DIGEST_LENGTH] = {
-      0xbc, 0xab, 0xc6, 0x2c, 0x0a, 0x22, 0xd5, 0xcb, 0xac, 0xac, 0xe9,
-      0x25, 0xcf, 0xce, 0xaa, 0xaf, 0x0e, 0xa1, 0xed, 0x42, 0x46, 0x8a,
-      0xe2, 0x01, 0xee, 0x2f, 0xdb, 0x39, 0x75, 0x47, 0x73, 0xf1
+    0xbc, 0xab, 0xc6, 0x2c, 0x0a, 0x22, 0xd5, 0xcb, 0xac, 0xac, 0xe9,
+    0x25, 0xcf, 0xce, 0xaa, 0xaf, 0x0e, 0xa1, 0xed, 0x42, 0x46, 0x8a,
+    0xe2, 0x01, 0xee, 0x2f, 0xdb, 0x39, 0x75, 0x47, 0x73, 0xf1
   };
   static const char test_str7[] = "Simple string.";
   static const unsigned char precomp_hash7[CURL_SHA512_256_DIGEST_LENGTH] = {
-      0xde, 0xcb, 0x3c, 0x81, 0x65, 0x4b, 0xa0, 0xf5, 0xf0, 0x45, 0x6b,
-      0x7e, 0x61, 0xf5, 0x0d, 0xf5, 0x38, 0xa4, 0xfc, 0xb1, 0x8a, 0x95,
-      0xff, 0x59, 0xbc, 0x04, 0x82, 0xcf, 0x23, 0xb2, 0x32, 0x56
+    0xde, 0xcb, 0x3c, 0x81, 0x65, 0x4b, 0xa0, 0xf5, 0xf0, 0x45, 0x6b,
+    0x7e, 0x61, 0xf5, 0x0d, 0xf5, 0x38, 0xa4, 0xfc, 0xb1, 0x8a, 0x95,
+    0xff, 0x59, 0xbc, 0x04, 0x82, 0xcf, 0x23, 0xb2, 0x32, 0x56
   };
-  static const unsigned char test_seq8[]= {
-      255, 254, 253, 252, 251, 250, 249, 248, 247, 246, 245, 244, 243, 242,
-      241, 240, 239, 238, 237, 236, 235, 234, 233, 232, 231, 230, 229, 228,
-      227, 226, 225, 224, 223, 222, 221, 220, 219, 218, 217, 216, 215, 214,
-      213, 212, 211, 210, 209, 208, 207, 206, 205, 204, 203, 202, 201, 200,
-      199, 198, 197, 196, 195, 194, 193, 192, 191, 190, 189, 188, 187, 186,
-      185, 184, 183, 182, 181, 180, 179, 178, 177, 176, 175, 174, 173, 172,
-      171, 170, 169, 168, 167, 166, 165, 164, 163, 162, 161, 160, 159, 158,
-      157, 156, 155, 154, 153, 152, 151, 150, 149, 148, 147, 146, 145, 144,
-      143, 142, 141, 140, 139, 138, 137, 136, 135, 134, 133, 132, 131, 130,
-      129, 128, 127, 126, 125, 124, 123, 122, 121, 120, 119, 118, 117, 116,
-      115, 114, 113, 112, 111, 110, 109, 108, 107, 106, 105, 104, 103, 102,
-      101, 100, 99, 98, 97, 96, 95, 94, 93, 92, 91, 90, 89, 88, 87, 86, 85,
-      84, 83, 82, 81, 80, 79, 78, 77, 76, 75, 74, 73, 72, 71, 70, 69, 68, 67,
-      66, 65, 64, 63, 62, 61, 60, 59, 58, 57, 56, 55, 54, 53, 52, 51, 50, 49,
-      48, 47, 46, 45, 44, 43, 42, 41, 40, 39, 38, 37, 36, 35, 34, 33, 32, 31,
-      30, 29, 28, 27, 26, 25, 24, 23, 22, 21, 20, 19, 18, 17, 16, 15, 14, 13,
-      12, 11, 10, 9, 8, 7, 6, 5, 4, 3, 2, 1}; /* 255..1 sequence */
+  static const unsigned char test_seq8[] = {
+    255, 254, 253, 252, 251, 250, 249, 248, 247, 246, 245, 244, 243, 242, 241,
+    240, 239, 238, 237, 236, 235, 234, 233, 232, 231, 230, 229, 228, 227, 226,
+    225, 224, 223, 222, 221, 220, 219, 218, 217, 216, 215, 214, 213, 212, 211,
+    210, 209, 208, 207, 206, 205, 204, 203, 202, 201, 200, 199, 198, 197, 196,
+    195, 194, 193, 192, 191, 190, 189, 188, 187, 186, 185, 184, 183, 182, 181,
+    180, 179, 178, 177, 176, 175, 174, 173, 172, 171, 170, 169, 168, 167, 166,
+    165, 164, 163, 162, 161, 160, 159, 158, 157, 156, 155, 154, 153, 152, 151,
+    150, 149, 148, 147, 146, 145, 144, 143, 142, 141, 140, 139, 138, 137, 136,
+    135, 134, 133, 132, 131, 130, 129, 128, 127, 126, 125, 124, 123, 122, 121,
+    120, 119, 118, 117, 116, 115, 114, 113, 112, 111, 110, 109, 108, 107, 106,
+    105, 104, 103, 102, 101, 100, 99,  98,  97,  96,  95,  94,  93,  92,  91,
+    90,  89,  88,  87,  86,  85,  84,  83,  82,  81,  80,  79,  78,  77,  76,
+    75,  74,  73,  72,  71,  70,  69,  68,  67,  66,  65,  64,  63,  62,  61,
+    60,  59,  58,  57,  56,  55,  54,  53,  52,  51,  50,  49,  48,  47,  46,
+    45,  44,  43,  42,  41,  40,  39,  38,  37,  36,  35,  34,  33,  32,  31,
+    30,  29,  28,  27,  26,  25,  24,  23,  22,  21,  20,  19,  18,  17,  16,
+    15,  14,  13,  12,  11,  10,  9,   8,   7,   6,   5,   4,   3,   2,   1
+  }; /* 255..1 sequence */
   static const unsigned char precomp_hash8[CURL_SHA512_256_DIGEST_LENGTH] = {
-      0x22, 0x31, 0xf2, 0xa1, 0xb4, 0x89, 0xb2, 0x44, 0xf7, 0x66, 0xa0,
-      0xb8, 0x31, 0xed, 0xb7, 0x73, 0x8a, 0x34, 0xdc, 0x11, 0xc8, 0x2c,
-      0xf2, 0xb5, 0x88, 0x60, 0x39, 0x6b, 0x5c, 0x06, 0x70, 0x37
+    0x22, 0x31, 0xf2, 0xa1, 0xb4, 0x89, 0xb2, 0x44, 0xf7, 0x66, 0xa0,
+    0xb8, 0x31, 0xed, 0xb7, 0x73, 0x8a, 0x34, 0xdc, 0x11, 0xc8, 0x2c,
+    0xf2, 0xb5, 0x88, 0x60, 0x39, 0x6b, 0x5c, 0x06, 0x70, 0x37
   };
 
   unsigned char output_buf[CURL_SHA512_256_DIGEST_LENGTH];
diff --git a/tests/unit/unit1620.c b/tests/unit/unit1620.c
index b04424ae3b..e6070ad157 100644
--- a/tests/unit/unit1620.c
+++ b/tests/unit/unit1620.c
@@ -33,17 +33,16 @@ static CURLcode t1620_setup(void)
   return res;
 }
 
-static void t1620_parse(
-  const char *input,
-  const char *exp_username,
-  const char *exp_password,
-  const char *exp_options)
+static void t1620_parse(const char *input,
+                        const char *exp_username,
+                        const char *exp_password,
+                        const char *exp_options)
 {
   char *userstr = NULL;
   char *passwdstr = NULL;
   char *options = NULL;
-  CURLcode rc = Curl_parse_login_details(input, strlen(input),
-                                &userstr, &passwdstr, &options);
+  CURLcode rc = Curl_parse_login_details(input, strlen(input), &userstr,
+                                         &passwdstr, &options);
   fail_unless(rc == CURLE_OK, "Curl_parse_login_details() failed");
 
   fail_unless(!!exp_username == !!userstr, "username expectation failed");
@@ -52,13 +51,13 @@ static void t1620_parse(
 
   if(!unitfail) {
     fail_unless(!userstr || !exp_username ||
-                strcmp(userstr, exp_username) == 0,
+                  strcmp(userstr, exp_username) == 0,
                 "userstr should be equal to exp_username");
     fail_unless(!passwdstr || !exp_password ||
-                strcmp(passwdstr, exp_password) == 0,
+                  strcmp(passwdstr, exp_password) == 0,
                 "passwdstr should be equal to exp_password");
     fail_unless(!options || !exp_options ||
-                strcmp(options, exp_options) == 0,
+                  strcmp(options, exp_options) == 0,
                 "options should be equal to exp_options");
   }
 
diff --git a/tests/unit/unit1650.c b/tests/unit/unit1650.c
index 309515d9b1..c9bb5745c7 100644
--- a/tests/unit/unit1650.c
+++ b/tests/unit/unit1650.c
@@ -31,13 +31,13 @@ static CURLcode test_unit1650(const char *arg)
 
 #ifndef CURL_DISABLE_DOH
 
-#define DNS_PREAMBLE "\x00\x00\x01\x00\x00\x01\x00\x00\x00\x00\x00\x00"
-#define LABEL_TEST "\x04\x74\x65\x73\x74"
-#define LABEL_HOST "\x04\x68\x6f\x73\x74"
-#define LABEL_NAME "\x04\x6e\x61\x6d\x65"
-#define DNSA_TYPE "\x01"
-#define DNSAAAA_TYPE "\x1c"
-#define DNSA_EPILOGUE "\x00\x00" DNSA_TYPE "\x00\x01"
+#define DNS_PREAMBLE     "\x00\x00\x01\x00\x00\x01\x00\x00\x00\x00\x00\x00"
+#define LABEL_TEST       "\x04\x74\x65\x73\x74"
+#define LABEL_HOST       "\x04\x68\x6f\x73\x74"
+#define LABEL_NAME       "\x04\x6e\x61\x6d\x65"
+#define DNSA_TYPE        "\x01"
+#define DNSAAAA_TYPE     "\x1c"
+#define DNSA_EPILOGUE    "\x00\x00" DNSA_TYPE "\x00\x01"
 #define DNSAAAA_EPILOGUE "\x00\x00" DNSAAAA_TYPE "\x00\x01"
 
 #define DNS_Q1 DNS_PREAMBLE LABEL_TEST LABEL_HOST LABEL_NAME DNSA_EPILOGUE
diff --git a/tests/unit/unit1651.c b/tests/unit/unit1651.c
index ffaea47b20..251f2c1c80 100644
--- a/tests/unit/unit1651.c
+++ b/tests/unit/unit1651.c
@@ -32,312 +32,336 @@ static CURLcode test_unit1651(const char *arg)
 #if defined(USE_GNUTLS) || defined(USE_SCHANNEL)
 
   /* cert captured from gdb when connecting to curl.se on October 26
-     2018.
-     !checksrc! disable CLOSEBRACE 1 */
+     2018. */
   static unsigned char cert[] = {
-  0x30, 0x82, 0x0F, 0x5B, 0x30, 0x82, 0x0E, 0x43, 0xA0, 0x03, 0x02, 0x01, 0x02,
-  0x02, 0x0C, 0x08, 0x77, 0x99, 0x2C, 0x6B, 0x67, 0xE1, 0x18, 0xD6, 0x66, 0x66,
-  0x9E, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01,
-  0x0B, 0x05, 0x00, 0x30, 0x57, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
-  0x06, 0x13, 0x02, 0x42, 0x45, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04,
-  0x0A, 0x13, 0x10, 0x47, 0x6C, 0x6F, 0x62, 0x61, 0x6C, 0x53, 0x69, 0x67, 0x6E,
-  0x20, 0x6E, 0x76, 0x2D, 0x73, 0x61, 0x31, 0x2D, 0x30, 0x2B, 0x06, 0x03, 0x55,
-  0x04, 0x03, 0x13, 0x24, 0x47, 0x6C, 0x6F, 0x62, 0x61, 0x6C, 0x53, 0x69, 0x67,
-  0x6E, 0x20, 0x43, 0x6C, 0x6F, 0x75, 0x64, 0x53, 0x53, 0x4C, 0x20, 0x43, 0x41,
-  0x20, 0x2D, 0x20, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x20, 0x2D, 0x20, 0x47,
-  0x33, 0x30, 0x1E, 0x17, 0x0D, 0x31, 0x38, 0x31, 0x30, 0x32, 0x32, 0x31, 0x37,
-  0x31, 0x38, 0x32, 0x31, 0x5A, 0x17, 0x0D, 0x31, 0x39, 0x30, 0x33, 0x32, 0x31,
-  0x31, 0x33, 0x34, 0x33, 0x34, 0x34, 0x5A, 0x30, 0x77, 0x31, 0x0B, 0x30, 0x09,
-  0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11,
-  0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, 0x43, 0x61, 0x6C, 0x69, 0x66, 0x6F,
-  0x72, 0x6E, 0x69, 0x61, 0x31, 0x16, 0x30, 0x14, 0x06, 0x03, 0x55, 0x04, 0x07,
-  0x0C, 0x0D, 0x53, 0x61, 0x6E, 0x20, 0x46, 0x72, 0x61, 0x6E, 0x63, 0x69, 0x73,
-  0x63, 0x6F, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C,
-  0x46, 0x61, 0x73, 0x74, 0x6C, 0x79, 0x2C, 0x20, 0x49, 0x6E, 0x63, 0x2E, 0x31,
-  0x24, 0x30, 0x22, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x1B, 0x6A, 0x32, 0x2E,
-  0x73, 0x68, 0x61, 0x72, 0x65, 0x64, 0x2E, 0x67, 0x6C, 0x6F, 0x62, 0x61, 0x6C,
-  0x2E, 0x66, 0x61, 0x73, 0x74, 0x6C, 0x79, 0x2E, 0x6E, 0x65, 0x74, 0x30, 0x82,
-  0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
-  0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A,
-  0x02, 0x82, 0x01, 0x01, 0x00, 0xC2, 0x72, 0xA2, 0x4A, 0xEF, 0x26, 0x42, 0xD7,
-  0x85, 0x74, 0xC9, 0xB4, 0x9F, 0xE3, 0x31, 0xD1, 0x40, 0x77, 0xC9, 0x4B, 0x4D,
-  0xFE, 0xC8, 0x75, 0xF3, 0x32, 0x76, 0xAD, 0xF9, 0x08, 0x22, 0x9E, 0xFA, 0x2F,
-  0xFE, 0xEC, 0x6C, 0xC4, 0xF5, 0x1F, 0x70, 0xC9, 0x8F, 0x07, 0x48, 0x31, 0xAD,
-  0x75, 0x18, 0xFC, 0x06, 0x5A, 0x4F, 0xDD, 0xFD, 0x05, 0x39, 0x6F, 0x22, 0xF9,
-  0xAD, 0x62, 0x1A, 0x9E, 0xA6, 0x16, 0x48, 0x75, 0x8F, 0xB8, 0x07, 0x18, 0x25,
-  0x1A, 0x87, 0x30, 0xB0, 0x3C, 0x6F, 0xE0, 0x9D, 0x90, 0x63, 0x2A, 0x16, 0x1F,
-  0x0D, 0x10, 0xFC, 0x06, 0x7E, 0xEA, 0x51, 0xE2, 0xB0, 0x6D, 0x42, 0x4C, 0x2C,
-  0x59, 0xF4, 0x6B, 0x99, 0x3E, 0x82, 0x1D, 0x08, 0x04, 0x2F, 0xA0, 0x63, 0x3C,
-  0xAA, 0x0E, 0xE1, 0x5D, 0x67, 0x2D, 0xB3, 0xF4, 0x15, 0xD6, 0x16, 0x4E, 0xAA,
-  0x91, 0x45, 0x6B, 0xC5, 0xA6, 0xED, 0x83, 0xAF, 0xF1, 0xD7, 0x42, 0x5E, 0x9B,
-  0xC8, 0x39, 0x0C, 0x06, 0x76, 0x7A, 0xB8, 0x3E, 0x16, 0x70, 0xF5, 0xEB, 0x8B,
-  0x33, 0x5A, 0xA9, 0x03, 0xED, 0x79, 0x0E, 0xAD, 0xBB, 0xC4, 0xF8, 0xDA, 0x93,
-  0x53, 0x2A, 0xC4, 0xC9, 0x1A, 0xD1, 0xC3, 0x44, 0xD7, 0xC6, 0xD0, 0xC6, 0xAC,
-  0x13, 0xE3, 0xB5, 0x73, 0x3A, 0xDF, 0x54, 0x15, 0xFB, 0xB4, 0x6B, 0x36, 0x39,
-  0x18, 0xB5, 0x61, 0x12, 0xF0, 0x37, 0xAB, 0x81, 0x5F, 0x0C, 0xE7, 0xDF, 0xC1,
-  0xC5, 0x5E, 0x99, 0x67, 0x85, 0xFF, 0xAD, 0xD6, 0x82, 0x09, 0x1F, 0x27, 0xE5,
-  0x32, 0x52, 0x18, 0xEC, 0x35, 0x2F, 0x6C, 0xC9, 0xE6, 0x87, 0xCE, 0x30, 0xF6,
-  0xDA, 0x04, 0x3F, 0xA5, 0x8A, 0x0C, 0xAE, 0x5B, 0xB0, 0xEC, 0x29, 0x9B, 0xEE,
-  0x8F, 0x52, 0x1E, 0xE2, 0x56, 0x19, 0x45, 0x80, 0x3C, 0x02, 0x57, 0x5C, 0x52,
-  0xD9, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x0C, 0x05, 0x30, 0x82, 0x0C,
-  0x01, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04,
-  0x03, 0x02, 0x05, 0xA0, 0x30, 0x81, 0x8A, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05,
-  0x05, 0x07, 0x01, 0x01, 0x04, 0x7E, 0x30, 0x7C, 0x30, 0x42, 0x06, 0x08, 0x2B,
-  0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x02, 0x86, 0x36, 0x68, 0x74, 0x74, 0x70,
-  0x3A, 0x2F, 0x2F, 0x73, 0x65, 0x63, 0x75, 0x72, 0x65, 0x2E, 0x67, 0x6C, 0x6F,
-  0x62, 0x61, 0x6C, 0x73, 0x69, 0x67, 0x6E, 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x63,
-  0x61, 0x63, 0x65, 0x72, 0x74, 0x2F, 0x63, 0x6C, 0x6F, 0x75, 0x64, 0x73, 0x73,
-  0x6C, 0x73, 0x68, 0x61, 0x32, 0x67, 0x33, 0x2E, 0x63, 0x72, 0x74, 0x30, 0x36,
-  0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x86, 0x2A, 0x68,
-  0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x6F, 0x63, 0x73, 0x70, 0x32, 0x2E, 0x67,
-  0x6C, 0x6F, 0x62, 0x61, 0x6C, 0x73, 0x69, 0x67, 0x6E, 0x2E, 0x63, 0x6F, 0x6D,
-  0x2F, 0x63, 0x6C, 0x6F, 0x75, 0x64, 0x73, 0x73, 0x6C, 0x73, 0x68, 0x61, 0x32,
-  0x67, 0x33, 0x30, 0x56, 0x06, 0x03, 0x55, 0x1D, 0x20, 0x04, 0x4F, 0x30, 0x4D,
-  0x30, 0x41, 0x06, 0x09, 0x2B, 0x06, 0x01, 0x04, 0x01, 0xA0, 0x32, 0x01, 0x14,
-  0x30, 0x34, 0x30, 0x32, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x02,
-  0x01, 0x16, 0x26, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3A, 0x2F, 0x2F, 0x77, 0x77,
-  0x77, 0x2E, 0x67, 0x6C, 0x6F, 0x62, 0x61, 0x6C, 0x73, 0x69, 0x67, 0x6E, 0x2E,
-  0x63, 0x6F, 0x6D, 0x2F, 0x72, 0x65, 0x70, 0x6F, 0x73, 0x69, 0x74, 0x6F, 0x72,
-  0x79, 0x2F, 0x30, 0x08, 0x06, 0x06, 0x67, 0x81, 0x0C, 0x01, 0x02, 0x02, 0x30,
-  0x09, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x82, 0x09,
-  0x96, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, 0x82, 0x09, 0x8D, 0x30, 0x82, 0x09,
-  0x89, 0x82, 0x1B, 0x6A, 0x32, 0x2E, 0x73, 0x68, 0x61, 0x72, 0x65, 0x64, 0x2E,
-  0x67, 0x6C, 0x6F, 0x62, 0x61, 0x6C, 0x2E, 0x66, 0x61, 0x73, 0x74, 0x6C, 0x79,
-  0x2E, 0x6E, 0x65, 0x74, 0x82, 0x0D, 0x2A, 0x2E, 0x61, 0x32, 0x70, 0x72, 0x65,
-  0x73, 0x73, 0x65, 0x2E, 0x66, 0x72, 0x82, 0x19, 0x2A, 0x2E, 0x61, 0x64, 0x76,
-  0x65, 0x6E, 0x74, 0x69, 0x73, 0x74, 0x62, 0x6F, 0x6F, 0x6B, 0x63, 0x65, 0x6E,
-  0x74, 0x65, 0x72, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x2A, 0x2E, 0x61, 0x70,
-  0x69, 0x2E, 0x6C, 0x6F, 0x6C, 0x65, 0x73, 0x70, 0x6F, 0x72, 0x74, 0x73, 0x2E,
-  0x63, 0x6F, 0x6D, 0x82, 0x0C, 0x2A, 0x2E, 0x62, 0x61, 0x61, 0x74, 0x63, 0x68,
-  0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x17, 0x2A, 0x2E, 0x62, 0x69, 0x6F, 0x74, 0x65,
-  0x63, 0x68, 0x77, 0x65, 0x65, 0x6B, 0x62, 0x6F, 0x73, 0x74, 0x6F, 0x6E, 0x2E,
-  0x63, 0x6F, 0x6D, 0x82, 0x10, 0x2A, 0x2E, 0x62, 0x6F, 0x78, 0x6F, 0x66, 0x73,
-  0x74, 0x79, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0C, 0x2A, 0x2E, 0x63,
-  0x61, 0x73, 0x70, 0x65, 0x72, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x11, 0x2A, 0x2E,
-  0x63, 0x68, 0x61, 0x6B, 0x72, 0x61, 0x6C, 0x69, 0x6E, 0x75, 0x78, 0x2E, 0x6F,
-  0x72, 0x67, 0x82, 0x18, 0x2A, 0x2E, 0x63, 0x6F, 0x6E, 0x76, 0x65, 0x72, 0x74,
-  0x2E, 0x64, 0x73, 0x2E, 0x76, 0x65, 0x72, 0x69, 0x7A, 0x6F, 0x6E, 0x2E, 0x63,
-  0x6F, 0x6D, 0x82, 0x15, 0x2A, 0x2E, 0x64, 0x65, 0x76, 0x73, 0x70, 0x61, 0x63,
-  0x65, 0x73, 0x68, 0x69, 0x70, 0x2E, 0x63, 0x6F, 0x6D, 0x2E, 0x61, 0x75, 0x82,
-  0x1B, 0x2A, 0x2E, 0x64, 0x65, 0x76, 0x73, 0x70, 0x61, 0x63, 0x65, 0x73, 0x68,
-  0x69, 0x70, 0x69, 0x6E, 0x76, 0x65, 0x73, 0x74, 0x2E, 0x63, 0x6F, 0x6D, 0x2E,
-  0x61, 0x75, 0x82, 0x0A, 0x2A, 0x2E, 0x65, 0x63, 0x68, 0x6C, 0x2E, 0x63, 0x6F,
-  0x6D, 0x82, 0x0F, 0x2A, 0x2E, 0x66, 0x69, 0x6C, 0x65, 0x73, 0x74, 0x61, 0x63,
-  0x6B, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x16, 0x2A, 0x2E, 0x66, 0x69, 0x6C, 0x65,
-  0x73, 0x74, 0x61, 0x63, 0x6B, 0x2E, 0x6F, 0x6E, 0x65, 0x6D, 0x6F, 0x62, 0x2E,
-  0x63, 0x6F, 0x6D, 0x82, 0x0D, 0x2A, 0x2E, 0x66, 0x69, 0x73, 0x2D, 0x73, 0x6B,
-  0x69, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0C, 0x2A, 0x2E, 0x66, 0x69, 0x73, 0x73,
-  0x6B, 0x69, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x2A, 0x2E, 0x66, 0x70, 0x2E,
-  0x62, 0x72, 0x61, 0x6E, 0x64, 0x66, 0x6F, 0x6C, 0x64, 0x65, 0x72, 0x2E, 0x63,
-  0x6F, 0x6D, 0x82, 0x0F, 0x2A, 0x2E, 0x66, 0x73, 0x2E, 0x65, 0x6E, 0x70, 0x6C,
-  0x75, 0x67, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0E, 0x2A, 0x2E, 0x66, 0x73, 0x2E,
-  0x65, 0x6E, 0x70, 0x6C, 0x75, 0x67, 0x2E, 0x69, 0x6E, 0x82, 0x10, 0x2A, 0x2E,
-  0x66, 0x73, 0x2E, 0x68, 0x65, 0x72, 0x6F, 0x69, 0x6E, 0x65, 0x2E, 0x63, 0x6F,
-  0x6D, 0x82, 0x18, 0x2A, 0x2E, 0x66, 0x73, 0x2E, 0x6C, 0x65, 0x61, 0x72, 0x6E,
-  0x7A, 0x69, 0x6C, 0x6C, 0x69, 0x6F, 0x6E, 0x63, 0x64, 0x6E, 0x2E, 0x63, 0x6F,
-  0x6D, 0x82, 0x18, 0x2A, 0x2E, 0x66, 0x73, 0x2E, 0x6C, 0x6F, 0x63, 0x61, 0x6C,
-  0x7A, 0x69, 0x6C, 0x6C, 0x69, 0x6F, 0x6E, 0x63, 0x64, 0x6E, 0x2E, 0x63, 0x6F,
-  0x6D, 0x82, 0x12, 0x2A, 0x2E, 0x66, 0x73, 0x2E, 0x6D, 0x69, 0x6E, 0x64, 0x66,
-  0x6C, 0x61, 0x73, 0x68, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x16, 0x2A, 0x2E, 0x66,
-  0x73, 0x2E, 0x6F, 0x70, 0x73, 0x7A, 0x69, 0x6C, 0x6C, 0x69, 0x6F, 0x6E, 0x63,
-  0x64, 0x6E, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x10, 0x2A, 0x2E, 0x66, 0x73, 0x2E,
-  0x70, 0x69, 0x78, 0x76, 0x61, 0x6E, 0x61, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x15,
-  0x2A, 0x2E, 0x66, 0x73, 0x2E, 0x71, 0x61, 0x7A, 0x69, 0x6C, 0x6C, 0x69, 0x6F,
-  0x6E, 0x63, 0x64, 0x6E, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x17, 0x2A, 0x2E, 0x66,
-  0x73, 0x2E, 0x74, 0x65, 0x73, 0x74, 0x7A, 0x69, 0x6C, 0x6C, 0x69, 0x6F, 0x6E,
-  0x63, 0x64, 0x6E, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x2A, 0x2E, 0x68, 0x61,
-  0x78, 0x78, 0x2E, 0x73, 0x65, 0x82, 0x0D, 0x2A, 0x2E, 0x68, 0x6F, 0x6D, 0x65,
-  0x61, 0x77, 0x61, 0x79, 0x2E, 0x6C, 0x6B, 0x82, 0x0F, 0x2A, 0x2E, 0x69, 0x64,
-  0x61, 0x74, 0x61, 0x6C, 0x69, 0x6E, 0x6B, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x16,
-  0x2A, 0x2E, 0x69, 0x64, 0x61, 0x74, 0x61, 0x6C, 0x69, 0x6E, 0x6B, 0x6D, 0x61,
-  0x65, 0x73, 0x74, 0x72, 0x6F, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x11, 0x2A, 0x2E,
-  0x69, 0x6D, 0x67, 0x2D, 0x74, 0x61, 0x62, 0x6F, 0x6F, 0x6C, 0x61, 0x2E, 0x63,
-  0x6F, 0x6D, 0x82, 0x0F, 0x2A, 0x2E, 0x6A, 0x75, 0x6C, 0x69, 0x61, 0x6C, 0x61,
-  0x6E, 0x67, 0x2E, 0x6F, 0x72, 0x67, 0x82, 0x10, 0x2A, 0x2E, 0x6B, 0x69, 0x6E,
-  0x64, 0x73, 0x6E, 0x61, 0x63, 0x6B, 0x73, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x10,
-  0x2A, 0x2E, 0x6B, 0x73, 0x73, 0x76, 0x61, 0x6E, 0x69, 0x6C, 0x6C, 0x61, 0x2E,
-  0x63, 0x6F, 0x6D, 0x82, 0x0E, 0x2A, 0x2E, 0x6B, 0x73, 0x74, 0x63, 0x6F, 0x72,
-  0x72, 0x61, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x10, 0x2A, 0x2E, 0x6B, 0x73, 0x74,
-  0x76, 0x61, 0x6E, 0x69, 0x6C, 0x6C, 0x61, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0C,
-  0x2A, 0x2E, 0x6E, 0x65, 0x77, 0x73, 0x31, 0x32, 0x2E, 0x63, 0x6F, 0x6D, 0x82,
-  0x1B, 0x2A, 0x2E, 0x70, 0x61, 0x72, 0x74, 0x69, 0x64, 0x65, 0x6E, 0x74, 0x69,
-  0x66, 0x69, 0x65, 0x72, 0x2E, 0x73, 0x77, 0x69, 0x73, 0x63, 0x6F, 0x2E, 0x63,
-  0x6F, 0x6D, 0x82, 0x13, 0x2A, 0x2E, 0x73, 0x68, 0x6F, 0x70, 0x72, 0x61, 0x63,
-  0x68, 0x65, 0x6C, 0x7A, 0x6F, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0A, 0x2A,
-  0x2E, 0x74, 0x61, 0x73, 0x74, 0x79, 0x2E, 0x63, 0x6F, 0x82, 0x0C, 0x2A, 0x2E,
-  0x74, 0x65, 0x64, 0x63, 0x64, 0x6E, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x15, 0x2A,
-  0x2E, 0x75, 0x70, 0x6C, 0x6F, 0x61, 0x64, 0x73, 0x2E, 0x66, 0x6F, 0x6C, 0x69,
-  0x6F, 0x68, 0x64, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x2A, 0x2E, 0x76, 0x6F,
-  0x75, 0x63, 0x68, 0x65, 0x72, 0x63, 0x6F, 0x64, 0x65, 0x73, 0x2E, 0x63, 0x6F,
-  0x2E, 0x75, 0x6B, 0x82, 0x0D, 0x2A, 0x2E, 0x77, 0x65, 0x61, 0x74, 0x68, 0x65,
-  0x72, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0D, 0x61, 0x2E, 0x69, 0x63, 0x61, 0x6E,
-  0x76, 0x61, 0x73, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0B, 0x61, 0x32, 0x70, 0x72,
-  0x65, 0x73, 0x73, 0x65, 0x2E, 0x66, 0x72, 0x82, 0x17, 0x61, 0x64, 0x76, 0x65,
-  0x6E, 0x74, 0x69, 0x73, 0x74, 0x62, 0x6F, 0x6F, 0x6B, 0x63, 0x65, 0x6E, 0x74,
-  0x65, 0x72, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x11, 0x61, 0x70, 0x69, 0x2D, 0x6D,
-  0x65, 0x72, 0x72, 0x79, 0x6A, 0x61, 0x6E, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x82,
-  0x12, 0x61, 0x70, 0x69, 0x73, 0x2E, 0x69, 0x64, 0x61, 0x74, 0x61, 0x6C, 0x69,
-  0x76, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0F, 0x61, 0x70, 0x70, 0x2D, 0x61,
-  0x70, 0x69, 0x2E, 0x74, 0x65, 0x64, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x12, 0x61,
-  0x70, 0x70, 0x2E, 0x62, 0x69, 0x72, 0x63, 0x68, 0x62, 0x6F, 0x78, 0x2E, 0x63,
-  0x6F, 0x2E, 0x75, 0x6B, 0x82, 0x0F, 0x61, 0x70, 0x70, 0x2E, 0x62, 0x69, 0x72,
-  0x63, 0x68, 0x62, 0x6F, 0x78, 0x2E, 0x65, 0x73, 0x82, 0x1A, 0x61, 0x70, 0x70,
-  0x2E, 0x73, 0x74, 0x61, 0x67, 0x69, 0x6E, 0x67, 0x2E, 0x62, 0x69, 0x72, 0x63,
-  0x68, 0x62, 0x6F, 0x78, 0x2E, 0x63, 0x6F, 0x2E, 0x75, 0x6B, 0x82, 0x17, 0x61,
-  0x70, 0x70, 0x2E, 0x73, 0x74, 0x61, 0x67, 0x69, 0x6E, 0x67, 0x2E, 0x62, 0x69,
-  0x72, 0x63, 0x68, 0x62, 0x6F, 0x78, 0x2E, 0x65, 0x73, 0x82, 0x0A, 0x62, 0x61,
-  0x61, 0x74, 0x63, 0x68, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x13, 0x62, 0x65, 0x72,
-  0x6E, 0x61, 0x72, 0x64, 0x63, 0x6F, 0x6E, 0x74, 0x72, 0x6F, 0x6C, 0x73, 0x2E,
-  0x63, 0x6F, 0x6D, 0x82, 0x15, 0x62, 0x69, 0x6F, 0x74, 0x65, 0x63, 0x68, 0x77,
-  0x65, 0x65, 0x6B, 0x62, 0x6F, 0x73, 0x74, 0x6F, 0x6E, 0x2E, 0x63, 0x6F, 0x6D,
-  0x82, 0x0E, 0x62, 0x6F, 0x78, 0x6F, 0x66, 0x73, 0x74, 0x79, 0x6C, 0x65, 0x2E,
-  0x63, 0x6F, 0x6D, 0x82, 0x0A, 0x63, 0x61, 0x73, 0x70, 0x65, 0x72, 0x2E, 0x63,
-  0x6F, 0x6D, 0x82, 0x0D, 0x63, 0x64, 0x6E, 0x2E, 0x69, 0x72, 0x73, 0x64, 0x6E,
-  0x2E, 0x6E, 0x65, 0x74, 0x82, 0x0F, 0x63, 0x68, 0x61, 0x6B, 0x72, 0x61, 0x6C,
-  0x69, 0x6E, 0x75, 0x78, 0x2E, 0x6F, 0x72, 0x67, 0x82, 0x13, 0x64, 0x65, 0x76,
-  0x73, 0x70, 0x61, 0x63, 0x65, 0x73, 0x68, 0x69, 0x70, 0x2E, 0x63, 0x6F, 0x6D,
-  0x2E, 0x61, 0x75, 0x82, 0x0B, 0x64, 0x69, 0x67, 0x69, 0x64, 0x61, 0x79, 0x2E,
-  0x63, 0x6F, 0x6D, 0x82, 0x22, 0x64, 0x69, 0x67, 0x69, 0x74, 0x61, 0x6C, 0x4C,
-  0x69, 0x62, 0x72, 0x61, 0x72, 0x79, 0x2E, 0x62, 0x65, 0x72, 0x6E, 0x61, 0x72,
-  0x64, 0x63, 0x6F, 0x6E, 0x74, 0x72, 0x6F, 0x6C, 0x73, 0x2E, 0x63, 0x6F, 0x6D,
-  0x82, 0x14, 0x64, 0x72, 0x77, 0x70, 0x2E, 0x73, 0x74, 0x61, 0x67, 0x69, 0x6E,
-  0x67, 0x2E, 0x6D, 0x6F, 0x6F, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x08, 0x65, 0x63,
-  0x68, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x66, 0x69, 0x6C, 0x65, 0x73,
-  0x74, 0x61, 0x63, 0x6B, 0x2E, 0x6F, 0x6E, 0x65, 0x6D, 0x6F, 0x62, 0x2E, 0x63,
-  0x6F, 0x6D, 0x82, 0x0D, 0x66, 0x73, 0x2E, 0x65, 0x6E, 0x70, 0x6C, 0x75, 0x67,
-  0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x16, 0x66, 0x73, 0x2E, 0x6C, 0x65, 0x61, 0x72,
-  0x6E, 0x7A, 0x69, 0x6C, 0x6C, 0x69, 0x6F, 0x6E, 0x63, 0x64, 0x6E, 0x2E, 0x63,
-  0x6F, 0x6D, 0x82, 0x16, 0x66, 0x73, 0x2E, 0x6C, 0x6F, 0x63, 0x61, 0x6C, 0x7A,
-  0x69, 0x6C, 0x6C, 0x69, 0x6F, 0x6E, 0x63, 0x64, 0x6E, 0x2E, 0x63, 0x6F, 0x6D,
-  0x82, 0x14, 0x66, 0x73, 0x2E, 0x6F, 0x70, 0x73, 0x7A, 0x69, 0x6C, 0x6C, 0x69,
-  0x6F, 0x6E, 0x63, 0x64, 0x6E, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x13, 0x66, 0x73,
-  0x2E, 0x71, 0x61, 0x7A, 0x69, 0x6C, 0x6C, 0x69, 0x6F, 0x6E, 0x63, 0x64, 0x6E,
-  0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x15, 0x66, 0x73, 0x2E, 0x74, 0x65, 0x73, 0x74,
-  0x7A, 0x69, 0x6C, 0x6C, 0x69, 0x6F, 0x6E, 0x63, 0x64, 0x6E, 0x2E, 0x63, 0x6F,
-  0x6D, 0x82, 0x0B, 0x68, 0x6F, 0x6D, 0x65, 0x61, 0x77, 0x61, 0x79, 0x2E, 0x6C,
-  0x6B, 0x82, 0x12, 0x69, 0x6D, 0x67, 0x2E, 0x74, 0x72, 0x69, 0x67, 0x67, 0x65,
-  0x72, 0x6D, 0x61, 0x69, 0x6C, 0x2E, 0x69, 0x6F, 0x82, 0x0E, 0x6B, 0x69, 0x6E,
-  0x64, 0x73, 0x6E, 0x61, 0x63, 0x6B, 0x73, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0E,
-  0x6B, 0x73, 0x73, 0x76, 0x61, 0x6E, 0x69, 0x6C, 0x6C, 0x61, 0x2E, 0x63, 0x6F,
-  0x6D, 0x82, 0x0C, 0x6B, 0x73, 0x74, 0x63, 0x6F, 0x72, 0x72, 0x61, 0x2E, 0x63,
-  0x6F, 0x6D, 0x82, 0x0D, 0x6D, 0x65, 0x6E, 0x75, 0x2E, 0x74, 0x72, 0x65, 0x65,
-  0x7A, 0x2E, 0x69, 0x6F, 0x82, 0x17, 0x6D, 0x6F, 0x62, 0x69, 0x6C, 0x65, 0x61,
-  0x70, 0x69, 0x2E, 0x69, 0x64, 0x61, 0x74, 0x61, 0x6C, 0x69, 0x6E, 0x6B, 0x2E,
-  0x63, 0x6F, 0x6D, 0x82, 0x0A, 0x6E, 0x65, 0x77, 0x73, 0x31, 0x32, 0x2E, 0x63,
-  0x6F, 0x6D, 0x82, 0x0B, 0x6F, 0x6D, 0x6E, 0x69, 0x67, 0x6F, 0x6E, 0x2E, 0x63,
-  0x6F, 0x6D, 0x82, 0x0E, 0x6F, 0x72, 0x65, 0x69, 0x6C, 0x6C, 0x79, 0x2E, 0x72,
-  0x65, 0x76, 0x69, 0x65, 0x77, 0x82, 0x11, 0x70, 0x6F, 0x70, 0x79, 0x6F, 0x75,
-  0x72, 0x62, 0x75, 0x62, 0x62, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x18,
-  0x70, 0x72, 0x6F, 0x64, 0x2E, 0x62, 0x65, 0x72, 0x6E, 0x61, 0x72, 0x64, 0x63,
-  0x6F, 0x6E, 0x74, 0x72, 0x6F, 0x6C, 0x73, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x18,
-  0x72, 0x65, 0x6C, 0x65, 0x61, 0x73, 0x65, 0x2D, 0x70, 0x72, 0x69, 0x6D, 0x65,
-  0x2E, 0x73, 0x70, 0x6F, 0x6B, 0x65, 0x6F, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x19,
-  0x72, 0x65, 0x70, 0x6F, 0x73, 0x69, 0x74, 0x6F, 0x72, 0x69, 0x65, 0x73, 0x2E,
-  0x73, 0x65, 0x6E, 0x73, 0x75, 0x61, 0x70, 0x70, 0x2E, 0x6F, 0x72, 0x67, 0x82,
-  0x0C, 0x72, 0x6C, 0x2E, 0x74, 0x61, 0x6C, 0x69, 0x73, 0x2E, 0x63, 0x6F, 0x6D,
-  0x82, 0x11, 0x73, 0x68, 0x6F, 0x70, 0x72, 0x61, 0x63, 0x68, 0x65, 0x6C, 0x7A,
-  0x6F, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0F, 0x73, 0x74, 0x61, 0x67, 0x69,
-  0x6E, 0x67, 0x2E, 0x6D, 0x6F, 0x6F, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x73,
-  0x74, 0x61, 0x74, 0x69, 0x63, 0x2E, 0x70, 0x6C, 0x75, 0x6D, 0x63, 0x61, 0x63,
-  0x68, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x73, 0x74, 0x61, 0x79, 0x69,
-  0x6E, 0x67, 0x61, 0x6C, 0x69, 0x76, 0x65, 0x2E, 0x6D, 0x73, 0x66, 0x2E, 0x6F,
-  0x72, 0x67, 0x82, 0x08, 0x74, 0x61, 0x73, 0x74, 0x79, 0x2E, 0x63, 0x6F, 0x82,
-  0x0C, 0x74, 0x6F, 0x70, 0x73, 0x70, 0x65, 0x65, 0x64, 0x2E, 0x63, 0x6F, 0x6D,
-  0x82, 0x13, 0x75, 0x70, 0x6C, 0x6F, 0x61, 0x64, 0x73, 0x2E, 0x66, 0x6F, 0x6C,
-  0x69, 0x6F, 0x68, 0x64, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x1A, 0x75, 0x73, 0x2D,
-  0x65, 0x75, 0x2E, 0x66, 0x69, 0x6C, 0x65, 0x73, 0x74, 0x61, 0x63, 0x6B, 0x63,
-  0x6F, 0x6E, 0x74, 0x65, 0x6E, 0x74, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x12, 0x76,
-  0x6F, 0x75, 0x63, 0x68, 0x65, 0x72, 0x63, 0x6F, 0x64, 0x65, 0x73, 0x2E, 0x63,
-  0x6F, 0x2E, 0x75, 0x6B, 0x82, 0x0B, 0x77, 0x65, 0x61, 0x74, 0x68, 0x65, 0x72,
-  0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x13, 0x77, 0x6F, 0x6D, 0x65, 0x6E, 0x73, 0x68,
-  0x65, 0x61, 0x6C, 0x74, 0x68, 0x2D, 0x6A, 0x70, 0x2E, 0x63, 0x6F, 0x6D, 0x82,
-  0x19, 0x77, 0x6F, 0x72, 0x6B, 0x65, 0x72, 0x62, 0x65, 0x65, 0x2E, 0x73, 0x74,
-  0x61, 0x67, 0x69, 0x6E, 0x67, 0x2E, 0x6D, 0x6F, 0x6F, 0x2E, 0x63, 0x6F, 0x6D,
-  0x82, 0x0A, 0x77, 0x77, 0x77, 0x2E, 0x61, 0x67, 0x66, 0x2E, 0x64, 0x6B, 0x82,
-  0x14, 0x77, 0x77, 0x77, 0x2E, 0x61, 0x76, 0x65, 0x6E, 0x69, 0x72, 0x2D, 0x73,
-  0x75, 0x69, 0x73, 0x73, 0x65, 0x2E, 0x63, 0x68, 0x82, 0x11, 0x77, 0x77, 0x77,
-  0x2E, 0x63, 0x61, 0x6E, 0x73, 0x74, 0x61, 0x72, 0x2E, 0x63, 0x6F, 0x2E, 0x6E,
-  0x7A, 0x82, 0x15, 0x77, 0x77, 0x77, 0x2E, 0x63, 0x61, 0x6E, 0x73, 0x74, 0x61,
-  0x72, 0x62, 0x6C, 0x75, 0x65, 0x2E, 0x63, 0x6F, 0x2E, 0x6E, 0x7A, 0x82, 0x16,
-  0x77, 0x77, 0x77, 0x2E, 0x63, 0x61, 0x6E, 0x73, 0x74, 0x61, 0x72, 0x62, 0x6C,
-  0x75, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x2E, 0x61, 0x75, 0x82, 0x1D, 0x77, 0x77,
-  0x77, 0x2E, 0x63, 0x68, 0x61, 0x6D, 0x70, 0x69, 0x6F, 0x6E, 0x73, 0x68, 0x6F,
-  0x63, 0x6B, 0x65, 0x79, 0x6C, 0x65, 0x61, 0x67, 0x75, 0x65, 0x2E, 0x6E, 0x65,
-  0x74, 0x82, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x65, 0x78, 0x74, 0x65, 0x72, 0x72,
-  0x6F, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0C, 0x77, 0x77, 0x77, 0x2E, 0x65, 0x7A,
-  0x75, 0x70, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0B, 0x77, 0x77, 0x77, 0x2E, 0x65,
-  0x7A, 0x75, 0x70, 0x2E, 0x64, 0x65, 0x82, 0x0B, 0x77, 0x77, 0x77, 0x2E, 0x65,
-  0x7A, 0x75, 0x70, 0x2E, 0x65, 0x75, 0x82, 0x0B, 0x77, 0x77, 0x77, 0x2E, 0x65,
-  0x7A, 0x75, 0x70, 0x2E, 0x6E, 0x6C, 0x82, 0x11, 0x77, 0x77, 0x77, 0x2E, 0x66,
-  0x72, 0x61, 0x6E, 0x6B, 0x62, 0x6F, 0x64, 0x79, 0x2E, 0x63, 0x6F, 0x6D, 0x82,
-  0x0D, 0x77, 0x77, 0x77, 0x2E, 0x67, 0x6C, 0x6F, 0x73, 0x73, 0x79, 0x2E, 0x63,
-  0x6F, 0x82, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x67, 0x6F, 0x6C, 0x64, 0x63, 0x75,
-  0x70, 0x2E, 0x6F, 0x72, 0x67, 0x82, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x69, 0x63,
-  0x61, 0x6E, 0x76, 0x61, 0x73, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0D, 0x77, 0x77,
-  0x77, 0x2E, 0x6D, 0x6F, 0x6E, 0x69, 0x6E, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x16,
-  0x77, 0x77, 0x77, 0x2E, 0x6F, 0x64, 0x65, 0x6E, 0x73, 0x65, 0x2D, 0x6D, 0x61,
-  0x72, 0x63, 0x69, 0x70, 0x61, 0x6E, 0x2E, 0x64, 0x6B, 0x82, 0x15, 0x77, 0x77,
-  0x77, 0x2E, 0x6F, 0x6E, 0x65, 0x63, 0x6C, 0x69, 0x63, 0x6B, 0x64, 0x72, 0x69,
-  0x76, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x12, 0x77, 0x77, 0x77, 0x2E, 0x6F,
-  0x72, 0x65, 0x69, 0x6C, 0x6C, 0x79, 0x2E, 0x72, 0x65, 0x76, 0x69, 0x65, 0x77,
-  0x82, 0x15, 0x77, 0x77, 0x77, 0x2E, 0x70, 0x6F, 0x70, 0x79, 0x6F, 0x75, 0x72,
-  0x62, 0x75, 0x62, 0x62, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0E, 0x77,
-  0x77, 0x77, 0x2E, 0x72, 0x61, 0x77, 0x6E, 0x65, 0x74, 0x2E, 0x63, 0x6F, 0x6D,
-  0x82, 0x0E, 0x77, 0x77, 0x77, 0x2E, 0x73, 0x70, 0x6F, 0x6B, 0x65, 0x6F, 0x2E,
-  0x63, 0x6F, 0x6D, 0x82, 0x10, 0x77, 0x77, 0x77, 0x2E, 0x74, 0x65, 0x61, 0x72,
-  0x73, 0x68, 0x65, 0x65, 0x74, 0x2E, 0x63, 0x6F, 0x82, 0x10, 0x77, 0x77, 0x77,
-  0x2E, 0x74, 0x6F, 0x70, 0x73, 0x70, 0x65, 0x65, 0x64, 0x2E, 0x63, 0x6F, 0x6D,
-  0x82, 0x16, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x68, 0x69, 0x74, 0x65, 0x6B, 0x65,
-  0x79, 0x76, 0x69, 0x6C, 0x6C, 0x61, 0x73, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1D,
-  0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06,
-  0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05,
-  0x07, 0x03, 0x02, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04,
-  0x14, 0xA8, 0x29, 0xFD, 0xA9, 0xA5, 0x1A, 0x1C, 0x37, 0x0B, 0x20, 0x3B, 0x98,
-  0xB7, 0x25, 0x39, 0xCC, 0xE5, 0x2F, 0xF4, 0x94, 0x30, 0x1F, 0x06, 0x03, 0x55,
-  0x1D, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0xA9, 0x2B, 0x87, 0xE1, 0xCE,
-  0x24, 0x47, 0x3B, 0x1B, 0xBF, 0xCF, 0x85, 0x37, 0x02, 0x55, 0x9D, 0x0D, 0x94,
-  0x58, 0xE6, 0x30, 0x82, 0x01, 0x04, 0x06, 0x0A, 0x2B, 0x06, 0x01, 0x04, 0x01,
-  0xD6, 0x79, 0x02, 0x04, 0x02, 0x04, 0x81, 0xF5, 0x04, 0x81, 0xF2, 0x00, 0xF0,
-  0x00, 0x77, 0x00, 0xA4, 0xB9, 0x09, 0x90, 0xB4, 0x18, 0x58, 0x14, 0x87, 0xBB,
-  0x13, 0xA2, 0xCC, 0x67, 0x70, 0x0A, 0x3C, 0x35, 0x98, 0x04, 0xF9, 0x1B, 0xDF,
-  0xB8, 0xE3, 0x77, 0xCD, 0x0E, 0xC8, 0x0D, 0xDC, 0x10, 0x00, 0x00, 0x01, 0x66,
-  0x9C, 0xC8, 0xE7, 0x38, 0x00, 0x00, 0x04, 0x03, 0x00, 0x48, 0x30, 0x46, 0x02,
-  0x21, 0x00, 0xD9, 0x58, 0x6E, 0xFC, 0x4C, 0x3C, 0xAF, 0xF9, 0x5B, 0x7F, 0xDA,
-  0x54, 0x95, 0xAF, 0xCF, 0xB3, 0x57, 0xB9, 0x56, 0x2C, 0xE8, 0xE0, 0xB1, 0x20,
-  0x9B, 0xCB, 0x75, 0xAC, 0x4E, 0x54, 0xE9, 0x9D, 0x02, 0x21, 0x00, 0xE8, 0xF0,
-  0xC0, 0x49, 0x23, 0x8E, 0x3D, 0x9B, 0xA5, 0x87, 0xA3, 0xBE, 0x6C, 0x21, 0x62,
-  0xBB, 0xD2, 0x44, 0x5C, 0xE4, 0x7A, 0xCC, 0x46, 0x26, 0x04, 0x19, 0xA4, 0x2D,
-  0x9B, 0x1C, 0x5D, 0x3A, 0x00, 0x75, 0x00, 0x6F, 0x53, 0x76, 0xAC, 0x31, 0xF0,
-  0x31, 0x19, 0xD8, 0x99, 0x00, 0xA4, 0x51, 0x15, 0xFF, 0x77, 0x15, 0x1C, 0x11,
-  0xD9, 0x02, 0xC1, 0x00, 0x29, 0x06, 0x8D, 0xB2, 0x08, 0x9A, 0x37, 0xD9, 0x13,
-  0x00, 0x00, 0x01, 0x66, 0x9C, 0xC8, 0xE6, 0x20, 0x00, 0x00, 0x04, 0x03, 0x00,
-  0x46, 0x30, 0x44, 0x02, 0x20, 0x14, 0xC8, 0x9F, 0xAC, 0x27, 0x48, 0xBE, 0x4D,
-  0x0E, 0xC3, 0x26, 0x2E, 0x34, 0xCA, 0x38, 0xBA, 0x11, 0x3A, 0x68, 0x71, 0x88,
-  0xEB, 0x24, 0x26, 0x59, 0x3E, 0xAC, 0xA8, 0x63, 0xCC, 0x8A, 0x0A, 0x02, 0x20,
-  0x0F, 0x22, 0xBF, 0x0D, 0x1F, 0x8A, 0x8D, 0x1D, 0x91, 0x33, 0x3A, 0x40, 0xE4,
-  0x23, 0x78, 0xFA, 0x22, 0xF5, 0x9B, 0xCB, 0x04, 0x4F, 0x53, 0x2D, 0x20, 0x75,
-  0x2F, 0x76, 0x8A, 0xB1, 0xCD, 0x9D, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48,
-  0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00,
-  0x03, 0x41, 0x0F, 0xF3, 0xA6, 0x62, 0xA2, 0xE5, 0xB4, 0x8D, 0xA8, 0x08, 0x71,
-  0x7B, 0xB3, 0xE3, 0x51, 0x61, 0x0D, 0xC0, 0x67, 0x6C, 0x3C, 0x9C, 0x00, 0x0B,
-  0x63, 0x77, 0xB6, 0xB6, 0x11, 0x67, 0x77, 0xA5, 0xE1, 0x49, 0xE0, 0x7F, 0xB7,
-  0x1D, 0x61, 0xFB, 0x83, 0x9C, 0x83, 0x42, 0xE9, 0x31, 0xCA, 0x51, 0xE3, 0xC1,
-  0xBD, 0x9B, 0x2F, 0xB5, 0x35, 0x05, 0x72, 0x7F, 0x40, 0xA6, 0x7C, 0xC9, 0xF1,
-  0x59, 0xA7, 0x15, 0xB8, 0x12, 0xDA, 0xF8, 0xCE, 0x83, 0x61, 0xFC, 0x47, 0x96,
-  0x9E, 0x74, 0xFE, 0xCD, 0xE4, 0x61, 0x92, 0xF2, 0x2E, 0x0C, 0x08, 0x4B, 0x60,
-  0x2D, 0xF6, 0x50, 0x07, 0x83, 0xCA, 0xAF, 0xB9, 0x41, 0x33, 0x4A, 0x3E, 0x84,
-  0xC7, 0x73, 0xC6, 0x1F, 0xFF, 0x7A, 0xDF, 0xAE, 0x47, 0x25, 0x32, 0xEB, 0xC0,
-  0x43, 0x0C, 0xA6, 0x23, 0x13, 0x46, 0xC3, 0xFA, 0x44, 0xEA, 0x20, 0xEA, 0xCB,
-  0x18, 0x17, 0x00, 0xB6, 0xE7, 0x6D, 0x8A, 0x14, 0x8C, 0x6A, 0xCA, 0x88, 0x4C,
-  0xDA, 0xA8, 0xB9, 0x08, 0xAF, 0x39, 0xEE, 0xCF, 0xD7, 0xF7, 0x32, 0xC0, 0xF4,
-  0xCF, 0x4E, 0x22, 0x38, 0xF7, 0xAF, 0xAE, 0x7D, 0x58, 0x5F, 0xA5, 0x2D, 0x4D,
-  0xBB, 0x86, 0x10, 0xB3, 0x93, 0x62, 0x64, 0x27, 0xBF, 0xB1, 0xBB, 0x8F, 0x9F,
-  0xFC, 0x07, 0x3C, 0x4B, 0x16, 0x7A, 0x84, 0x5E, 0xAF, 0xAD, 0x57, 0x9C, 0xFF,
-  0x7A, 0xA7, 0xE0, 0x90, 0x89, 0x1C, 0xE8, 0xE5, 0x11, 0xF7, 0xB6, 0xDC, 0xCD,
-  0x5E, 0xF7, 0x30, 0xA2, 0x2E, 0x67, 0x6D, 0x4A, 0x70, 0x26, 0xEA, 0xCD, 0x27,
-  0x70, 0x77, 0x54, 0x57, 0x09, 0x03, 0x56, 0x4A, 0x33, 0x60, 0x00, 0x27, 0xFE,
-  0xA7, 0xD7, 0xA9, 0xC4, 0xEC, 0x17, 0x17, 0x8D, 0x87, 0x70, 0x6B, 0x48, 0x88,
-  0x61, 0x54, 0x4A, 0x2B, 0xB7, 0x6A, 0x12, 0x08, 0xFB,
+    0x30, 0x82, 0x0F, 0x5B, 0x30, 0x82, 0x0E, 0x43, 0xA0, 0x03, 0x02, 0x01,
+    0x02, 0x02, 0x0C, 0x08, 0x77, 0x99, 0x2C, 0x6B, 0x67, 0xE1, 0x18, 0xD6,
+    0x66, 0x66, 0x9E, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
+    0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, 0x57, 0x31, 0x0B, 0x30, 0x09,
+    0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x42, 0x45, 0x31, 0x19, 0x30,
+    0x17, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x10, 0x47, 0x6C, 0x6F, 0x62,
+    0x61, 0x6C, 0x53, 0x69, 0x67, 0x6E, 0x20, 0x6E, 0x76, 0x2D, 0x73, 0x61,
+    0x31, 0x2D, 0x30, 0x2B, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x24, 0x47,
+    0x6C, 0x6F, 0x62, 0x61, 0x6C, 0x53, 0x69, 0x67, 0x6E, 0x20, 0x43, 0x6C,
+    0x6F, 0x75, 0x64, 0x53, 0x53, 0x4C, 0x20, 0x43, 0x41, 0x20, 0x2D, 0x20,
+    0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x20, 0x2D, 0x20, 0x47, 0x33, 0x30,
+    0x1E, 0x17, 0x0D, 0x31, 0x38, 0x31, 0x30, 0x32, 0x32, 0x31, 0x37, 0x31,
+    0x38, 0x32, 0x31, 0x5A, 0x17, 0x0D, 0x31, 0x39, 0x30, 0x33, 0x32, 0x31,
+    0x31, 0x33, 0x34, 0x33, 0x34, 0x34, 0x5A, 0x30, 0x77, 0x31, 0x0B, 0x30,
+    0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13,
+    0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, 0x43, 0x61, 0x6C,
+    0x69, 0x66, 0x6F, 0x72, 0x6E, 0x69, 0x61, 0x31, 0x16, 0x30, 0x14, 0x06,
+    0x03, 0x55, 0x04, 0x07, 0x0C, 0x0D, 0x53, 0x61, 0x6E, 0x20, 0x46, 0x72,
+    0x61, 0x6E, 0x63, 0x69, 0x73, 0x63, 0x6F, 0x31, 0x15, 0x30, 0x13, 0x06,
+    0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x46, 0x61, 0x73, 0x74, 0x6C, 0x79,
+    0x2C, 0x20, 0x49, 0x6E, 0x63, 0x2E, 0x31, 0x24, 0x30, 0x22, 0x06, 0x03,
+    0x55, 0x04, 0x03, 0x0C, 0x1B, 0x6A, 0x32, 0x2E, 0x73, 0x68, 0x61, 0x72,
+    0x65, 0x64, 0x2E, 0x67, 0x6C, 0x6F, 0x62, 0x61, 0x6C, 0x2E, 0x66, 0x61,
+    0x73, 0x74, 0x6C, 0x79, 0x2E, 0x6E, 0x65, 0x74, 0x30, 0x82, 0x01, 0x22,
+    0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01,
+    0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A,
+    0x02, 0x82, 0x01, 0x01, 0x00, 0xC2, 0x72, 0xA2, 0x4A, 0xEF, 0x26, 0x42,
+    0xD7, 0x85, 0x74, 0xC9, 0xB4, 0x9F, 0xE3, 0x31, 0xD1, 0x40, 0x77, 0xC9,
+    0x4B, 0x4D, 0xFE, 0xC8, 0x75, 0xF3, 0x32, 0x76, 0xAD, 0xF9, 0x08, 0x22,
+    0x9E, 0xFA, 0x2F, 0xFE, 0xEC, 0x6C, 0xC4, 0xF5, 0x1F, 0x70, 0xC9, 0x8F,
+    0x07, 0x48, 0x31, 0xAD, 0x75, 0x18, 0xFC, 0x06, 0x5A, 0x4F, 0xDD, 0xFD,
+    0x05, 0x39, 0x6F, 0x22, 0xF9, 0xAD, 0x62, 0x1A, 0x9E, 0xA6, 0x16, 0x48,
+    0x75, 0x8F, 0xB8, 0x07, 0x18, 0x25, 0x1A, 0x87, 0x30, 0xB0, 0x3C, 0x6F,
+    0xE0, 0x9D, 0x90, 0x63, 0x2A, 0x16, 0x1F, 0x0D, 0x10, 0xFC, 0x06, 0x7E,
+    0xEA, 0x51, 0xE2, 0xB0, 0x6D, 0x42, 0x4C, 0x2C, 0x59, 0xF4, 0x6B, 0x99,
+    0x3E, 0x82, 0x1D, 0x08, 0x04, 0x2F, 0xA0, 0x63, 0x3C, 0xAA, 0x0E, 0xE1,
+    0x5D, 0x67, 0x2D, 0xB3, 0xF4, 0x15, 0xD6, 0x16, 0x4E, 0xAA, 0x91, 0x45,
+    0x6B, 0xC5, 0xA6, 0xED, 0x83, 0xAF, 0xF1, 0xD7, 0x42, 0x5E, 0x9B, 0xC8,
+    0x39, 0x0C, 0x06, 0x76, 0x7A, 0xB8, 0x3E, 0x16, 0x70, 0xF5, 0xEB, 0x8B,
+    0x33, 0x5A, 0xA9, 0x03, 0xED, 0x79, 0x0E, 0xAD, 0xBB, 0xC4, 0xF8, 0xDA,
+    0x93, 0x53, 0x2A, 0xC4, 0xC9, 0x1A, 0xD1, 0xC3, 0x44, 0xD7, 0xC6, 0xD0,
+    0xC6, 0xAC, 0x13, 0xE3, 0xB5, 0x73, 0x3A, 0xDF, 0x54, 0x15, 0xFB, 0xB4,
+    0x6B, 0x36, 0x39, 0x18, 0xB5, 0x61, 0x12, 0xF0, 0x37, 0xAB, 0x81, 0x5F,
+    0x0C, 0xE7, 0xDF, 0xC1, 0xC5, 0x5E, 0x99, 0x67, 0x85, 0xFF, 0xAD, 0xD6,
+    0x82, 0x09, 0x1F, 0x27, 0xE5, 0x32, 0x52, 0x18, 0xEC, 0x35, 0x2F, 0x6C,
+    0xC9, 0xE6, 0x87, 0xCE, 0x30, 0xF6, 0xDA, 0x04, 0x3F, 0xA5, 0x8A, 0x0C,
+    0xAE, 0x5B, 0xB0, 0xEC, 0x29, 0x9B, 0xEE, 0x8F, 0x52, 0x1E, 0xE2, 0x56,
+    0x19, 0x45, 0x80, 0x3C, 0x02, 0x57, 0x5C, 0x52, 0xD9, 0x02, 0x03, 0x01,
+    0x00, 0x01, 0xA3, 0x82, 0x0C, 0x05, 0x30, 0x82, 0x0C, 0x01, 0x30, 0x0E,
+    0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02,
+    0x05, 0xA0, 0x30, 0x81, 0x8A, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05,
+    0x07, 0x01, 0x01, 0x04, 0x7E, 0x30, 0x7C, 0x30, 0x42, 0x06, 0x08, 0x2B,
+    0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x02, 0x86, 0x36, 0x68, 0x74, 0x74,
+    0x70, 0x3A, 0x2F, 0x2F, 0x73, 0x65, 0x63, 0x75, 0x72, 0x65, 0x2E, 0x67,
+    0x6C, 0x6F, 0x62, 0x61, 0x6C, 0x73, 0x69, 0x67, 0x6E, 0x2E, 0x63, 0x6F,
+    0x6D, 0x2F, 0x63, 0x61, 0x63, 0x65, 0x72, 0x74, 0x2F, 0x63, 0x6C, 0x6F,
+    0x75, 0x64, 0x73, 0x73, 0x6C, 0x73, 0x68, 0x61, 0x32, 0x67, 0x33, 0x2E,
+    0x63, 0x72, 0x74, 0x30, 0x36, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05,
+    0x07, 0x30, 0x01, 0x86, 0x2A, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F,
+    0x6F, 0x63, 0x73, 0x70, 0x32, 0x2E, 0x67, 0x6C, 0x6F, 0x62, 0x61, 0x6C,
+    0x73, 0x69, 0x67, 0x6E, 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x63, 0x6C, 0x6F,
+    0x75, 0x64, 0x73, 0x73, 0x6C, 0x73, 0x68, 0x61, 0x32, 0x67, 0x33, 0x30,
+    0x56, 0x06, 0x03, 0x55, 0x1D, 0x20, 0x04, 0x4F, 0x30, 0x4D, 0x30, 0x41,
+    0x06, 0x09, 0x2B, 0x06, 0x01, 0x04, 0x01, 0xA0, 0x32, 0x01, 0x14, 0x30,
+    0x34, 0x30, 0x32, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x02,
+    0x01, 0x16, 0x26, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3A, 0x2F, 0x2F, 0x77,
+    0x77, 0x77, 0x2E, 0x67, 0x6C, 0x6F, 0x62, 0x61, 0x6C, 0x73, 0x69, 0x67,
+    0x6E, 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x72, 0x65, 0x70, 0x6F, 0x73, 0x69,
+    0x74, 0x6F, 0x72, 0x79, 0x2F, 0x30, 0x08, 0x06, 0x06, 0x67, 0x81, 0x0C,
+    0x01, 0x02, 0x02, 0x30, 0x09, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x02,
+    0x30, 0x00, 0x30, 0x82, 0x09, 0x96, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04,
+    0x82, 0x09, 0x8D, 0x30, 0x82, 0x09, 0x89, 0x82, 0x1B, 0x6A, 0x32, 0x2E,
+    0x73, 0x68, 0x61, 0x72, 0x65, 0x64, 0x2E, 0x67, 0x6C, 0x6F, 0x62, 0x61,
+    0x6C, 0x2E, 0x66, 0x61, 0x73, 0x74, 0x6C, 0x79, 0x2E, 0x6E, 0x65, 0x74,
+    0x82, 0x0D, 0x2A, 0x2E, 0x61, 0x32, 0x70, 0x72, 0x65, 0x73, 0x73, 0x65,
+    0x2E, 0x66, 0x72, 0x82, 0x19, 0x2A, 0x2E, 0x61, 0x64, 0x76, 0x65, 0x6E,
+    0x74, 0x69, 0x73, 0x74, 0x62, 0x6F, 0x6F, 0x6B, 0x63, 0x65, 0x6E, 0x74,
+    0x65, 0x72, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x2A, 0x2E, 0x61, 0x70,
+    0x69, 0x2E, 0x6C, 0x6F, 0x6C, 0x65, 0x73, 0x70, 0x6F, 0x72, 0x74, 0x73,
+    0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0C, 0x2A, 0x2E, 0x62, 0x61, 0x61, 0x74,
+    0x63, 0x68, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x17, 0x2A, 0x2E, 0x62, 0x69,
+    0x6F, 0x74, 0x65, 0x63, 0x68, 0x77, 0x65, 0x65, 0x6B, 0x62, 0x6F, 0x73,
+    0x74, 0x6F, 0x6E, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x10, 0x2A, 0x2E, 0x62,
+    0x6F, 0x78, 0x6F, 0x66, 0x73, 0x74, 0x79, 0x6C, 0x65, 0x2E, 0x63, 0x6F,
+    0x6D, 0x82, 0x0C, 0x2A, 0x2E, 0x63, 0x61, 0x73, 0x70, 0x65, 0x72, 0x2E,
+    0x63, 0x6F, 0x6D, 0x82, 0x11, 0x2A, 0x2E, 0x63, 0x68, 0x61, 0x6B, 0x72,
+    0x61, 0x6C, 0x69, 0x6E, 0x75, 0x78, 0x2E, 0x6F, 0x72, 0x67, 0x82, 0x18,
+    0x2A, 0x2E, 0x63, 0x6F, 0x6E, 0x76, 0x65, 0x72, 0x74, 0x2E, 0x64, 0x73,
+    0x2E, 0x76, 0x65, 0x72, 0x69, 0x7A, 0x6F, 0x6E, 0x2E, 0x63, 0x6F, 0x6D,
+    0x82, 0x15, 0x2A, 0x2E, 0x64, 0x65, 0x76, 0x73, 0x70, 0x61, 0x63, 0x65,
+    0x73, 0x68, 0x69, 0x70, 0x2E, 0x63, 0x6F, 0x6D, 0x2E, 0x61, 0x75, 0x82,
+    0x1B, 0x2A, 0x2E, 0x64, 0x65, 0x76, 0x73, 0x70, 0x61, 0x63, 0x65, 0x73,
+    0x68, 0x69, 0x70, 0x69, 0x6E, 0x76, 0x65, 0x73, 0x74, 0x2E, 0x63, 0x6F,
+    0x6D, 0x2E, 0x61, 0x75, 0x82, 0x0A, 0x2A, 0x2E, 0x65, 0x63, 0x68, 0x6C,
+    0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0F, 0x2A, 0x2E, 0x66, 0x69, 0x6C, 0x65,
+    0x73, 0x74, 0x61, 0x63, 0x6B, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x16, 0x2A,
+    0x2E, 0x66, 0x69, 0x6C, 0x65, 0x73, 0x74, 0x61, 0x63, 0x6B, 0x2E, 0x6F,
+    0x6E, 0x65, 0x6D, 0x6F, 0x62, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0D, 0x2A,
+    0x2E, 0x66, 0x69, 0x73, 0x2D, 0x73, 0x6B, 0x69, 0x2E, 0x63, 0x6F, 0x6D,
+    0x82, 0x0C, 0x2A, 0x2E, 0x66, 0x69, 0x73, 0x73, 0x6B, 0x69, 0x2E, 0x63,
+    0x6F, 0x6D, 0x82, 0x14, 0x2A, 0x2E, 0x66, 0x70, 0x2E, 0x62, 0x72, 0x61,
+    0x6E, 0x64, 0x66, 0x6F, 0x6C, 0x64, 0x65, 0x72, 0x2E, 0x63, 0x6F, 0x6D,
+    0x82, 0x0F, 0x2A, 0x2E, 0x66, 0x73, 0x2E, 0x65, 0x6E, 0x70, 0x6C, 0x75,
+    0x67, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0E, 0x2A, 0x2E, 0x66, 0x73, 0x2E,
+    0x65, 0x6E, 0x70, 0x6C, 0x75, 0x67, 0x2E, 0x69, 0x6E, 0x82, 0x10, 0x2A,
+    0x2E, 0x66, 0x73, 0x2E, 0x68, 0x65, 0x72, 0x6F, 0x69, 0x6E, 0x65, 0x2E,
+    0x63, 0x6F, 0x6D, 0x82, 0x18, 0x2A, 0x2E, 0x66, 0x73, 0x2E, 0x6C, 0x65,
+    0x61, 0x72, 0x6E, 0x7A, 0x69, 0x6C, 0x6C, 0x69, 0x6F, 0x6E, 0x63, 0x64,
+    0x6E, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x18, 0x2A, 0x2E, 0x66, 0x73, 0x2E,
+    0x6C, 0x6F, 0x63, 0x61, 0x6C, 0x7A, 0x69, 0x6C, 0x6C, 0x69, 0x6F, 0x6E,
+    0x63, 0x64, 0x6E, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x12, 0x2A, 0x2E, 0x66,
+    0x73, 0x2E, 0x6D, 0x69, 0x6E, 0x64, 0x66, 0x6C, 0x61, 0x73, 0x68, 0x2E,
+    0x63, 0x6F, 0x6D, 0x82, 0x16, 0x2A, 0x2E, 0x66, 0x73, 0x2E, 0x6F, 0x70,
+    0x73, 0x7A, 0x69, 0x6C, 0x6C, 0x69, 0x6F, 0x6E, 0x63, 0x64, 0x6E, 0x2E,
+    0x63, 0x6F, 0x6D, 0x82, 0x10, 0x2A, 0x2E, 0x66, 0x73, 0x2E, 0x70, 0x69,
+    0x78, 0x76, 0x61, 0x6E, 0x61, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x15, 0x2A,
+    0x2E, 0x66, 0x73, 0x2E, 0x71, 0x61, 0x7A, 0x69, 0x6C, 0x6C, 0x69, 0x6F,
+    0x6E, 0x63, 0x64, 0x6E, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x17, 0x2A, 0x2E,
+    0x66, 0x73, 0x2E, 0x74, 0x65, 0x73, 0x74, 0x7A, 0x69, 0x6C, 0x6C, 0x69,
+    0x6F, 0x6E, 0x63, 0x64, 0x6E, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x2A,
+    0x2E, 0x68, 0x61, 0x78, 0x78, 0x2E, 0x73, 0x65, 0x82, 0x0D, 0x2A, 0x2E,
+    0x68, 0x6F, 0x6D, 0x65, 0x61, 0x77, 0x61, 0x79, 0x2E, 0x6C, 0x6B, 0x82,
+    0x0F, 0x2A, 0x2E, 0x69, 0x64, 0x61, 0x74, 0x61, 0x6C, 0x69, 0x6E, 0x6B,
+    0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x16, 0x2A, 0x2E, 0x69, 0x64, 0x61, 0x74,
+    0x61, 0x6C, 0x69, 0x6E, 0x6B, 0x6D, 0x61, 0x65, 0x73, 0x74, 0x72, 0x6F,
+    0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x11, 0x2A, 0x2E, 0x69, 0x6D, 0x67, 0x2D,
+    0x74, 0x61, 0x62, 0x6F, 0x6F, 0x6C, 0x61, 0x2E, 0x63, 0x6F, 0x6D, 0x82,
+    0x0F, 0x2A, 0x2E, 0x6A, 0x75, 0x6C, 0x69, 0x61, 0x6C, 0x61, 0x6E, 0x67,
+    0x2E, 0x6F, 0x72, 0x67, 0x82, 0x10, 0x2A, 0x2E, 0x6B, 0x69, 0x6E, 0x64,
+    0x73, 0x6E, 0x61, 0x63, 0x6B, 0x73, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x10,
+    0x2A, 0x2E, 0x6B, 0x73, 0x73, 0x76, 0x61, 0x6E, 0x69, 0x6C, 0x6C, 0x61,
+    0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0E, 0x2A, 0x2E, 0x6B, 0x73, 0x74, 0x63,
+    0x6F, 0x72, 0x72, 0x61, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x10, 0x2A, 0x2E,
+    0x6B, 0x73, 0x74, 0x76, 0x61, 0x6E, 0x69, 0x6C, 0x6C, 0x61, 0x2E, 0x63,
+    0x6F, 0x6D, 0x82, 0x0C, 0x2A, 0x2E, 0x6E, 0x65, 0x77, 0x73, 0x31, 0x32,
+    0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x1B, 0x2A, 0x2E, 0x70, 0x61, 0x72, 0x74,
+    0x69, 0x64, 0x65, 0x6E, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x2E, 0x73,
+    0x77, 0x69, 0x73, 0x63, 0x6F, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x13, 0x2A,
+    0x2E, 0x73, 0x68, 0x6F, 0x70, 0x72, 0x61, 0x63, 0x68, 0x65, 0x6C, 0x7A,
+    0x6F, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0A, 0x2A, 0x2E, 0x74, 0x61,
+    0x73, 0x74, 0x79, 0x2E, 0x63, 0x6F, 0x82, 0x0C, 0x2A, 0x2E, 0x74, 0x65,
+    0x64, 0x63, 0x64, 0x6E, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x15, 0x2A, 0x2E,
+    0x75, 0x70, 0x6C, 0x6F, 0x61, 0x64, 0x73, 0x2E, 0x66, 0x6F, 0x6C, 0x69,
+    0x6F, 0x68, 0x64, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x2A, 0x2E, 0x76,
+    0x6F, 0x75, 0x63, 0x68, 0x65, 0x72, 0x63, 0x6F, 0x64, 0x65, 0x73, 0x2E,
+    0x63, 0x6F, 0x2E, 0x75, 0x6B, 0x82, 0x0D, 0x2A, 0x2E, 0x77, 0x65, 0x61,
+    0x74, 0x68, 0x65, 0x72, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0D, 0x61, 0x2E,
+    0x69, 0x63, 0x61, 0x6E, 0x76, 0x61, 0x73, 0x2E, 0x63, 0x6F, 0x6D, 0x82,
+    0x0B, 0x61, 0x32, 0x70, 0x72, 0x65, 0x73, 0x73, 0x65, 0x2E, 0x66, 0x72,
+    0x82, 0x17, 0x61, 0x64, 0x76, 0x65, 0x6E, 0x74, 0x69, 0x73, 0x74, 0x62,
+    0x6F, 0x6F, 0x6B, 0x63, 0x65, 0x6E, 0x74, 0x65, 0x72, 0x2E, 0x63, 0x6F,
+    0x6D, 0x82, 0x11, 0x61, 0x70, 0x69, 0x2D, 0x6D, 0x65, 0x72, 0x72, 0x79,
+    0x6A, 0x61, 0x6E, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x12, 0x61, 0x70,
+    0x69, 0x73, 0x2E, 0x69, 0x64, 0x61, 0x74, 0x61, 0x6C, 0x69, 0x76, 0x65,
+    0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0F, 0x61, 0x70, 0x70, 0x2D, 0x61, 0x70,
+    0x69, 0x2E, 0x74, 0x65, 0x64, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x12, 0x61,
+    0x70, 0x70, 0x2E, 0x62, 0x69, 0x72, 0x63, 0x68, 0x62, 0x6F, 0x78, 0x2E,
+    0x63, 0x6F, 0x2E, 0x75, 0x6B, 0x82, 0x0F, 0x61, 0x70, 0x70, 0x2E, 0x62,
+    0x69, 0x72, 0x63, 0x68, 0x62, 0x6F, 0x78, 0x2E, 0x65, 0x73, 0x82, 0x1A,
+    0x61, 0x70, 0x70, 0x2E, 0x73, 0x74, 0x61, 0x67, 0x69, 0x6E, 0x67, 0x2E,
+    0x62, 0x69, 0x72, 0x63, 0x68, 0x62, 0x6F, 0x78, 0x2E, 0x63, 0x6F, 0x2E,
+    0x75, 0x6B, 0x82, 0x17, 0x61, 0x70, 0x70, 0x2E, 0x73, 0x74, 0x61, 0x67,
+    0x69, 0x6E, 0x67, 0x2E, 0x62, 0x69, 0x72, 0x63, 0x68, 0x62, 0x6F, 0x78,
+    0x2E, 0x65, 0x73, 0x82, 0x0A, 0x62, 0x61, 0x61, 0x74, 0x63, 0x68, 0x2E,
+    0x63, 0x6F, 0x6D, 0x82, 0x13, 0x62, 0x65, 0x72, 0x6E, 0x61, 0x72, 0x64,
+    0x63, 0x6F, 0x6E, 0x74, 0x72, 0x6F, 0x6C, 0x73, 0x2E, 0x63, 0x6F, 0x6D,
+    0x82, 0x15, 0x62, 0x69, 0x6F, 0x74, 0x65, 0x63, 0x68, 0x77, 0x65, 0x65,
+    0x6B, 0x62, 0x6F, 0x73, 0x74, 0x6F, 0x6E, 0x2E, 0x63, 0x6F, 0x6D, 0x82,
+    0x0E, 0x62, 0x6F, 0x78, 0x6F, 0x66, 0x73, 0x74, 0x79, 0x6C, 0x65, 0x2E,
+    0x63, 0x6F, 0x6D, 0x82, 0x0A, 0x63, 0x61, 0x73, 0x70, 0x65, 0x72, 0x2E,
+    0x63, 0x6F, 0x6D, 0x82, 0x0D, 0x63, 0x64, 0x6E, 0x2E, 0x69, 0x72, 0x73,
+    0x64, 0x6E, 0x2E, 0x6E, 0x65, 0x74, 0x82, 0x0F, 0x63, 0x68, 0x61, 0x6B,
+    0x72, 0x61, 0x6C, 0x69, 0x6E, 0x75, 0x78, 0x2E, 0x6F, 0x72, 0x67, 0x82,
+    0x13, 0x64, 0x65, 0x76, 0x73, 0x70, 0x61, 0x63, 0x65, 0x73, 0x68, 0x69,
+    0x70, 0x2E, 0x63, 0x6F, 0x6D, 0x2E, 0x61, 0x75, 0x82, 0x0B, 0x64, 0x69,
+    0x67, 0x69, 0x64, 0x61, 0x79, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x22, 0x64,
+    0x69, 0x67, 0x69, 0x74, 0x61, 0x6C, 0x4C, 0x69, 0x62, 0x72, 0x61, 0x72,
+    0x79, 0x2E, 0x62, 0x65, 0x72, 0x6E, 0x61, 0x72, 0x64, 0x63, 0x6F, 0x6E,
+    0x74, 0x72, 0x6F, 0x6C, 0x73, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x64,
+    0x72, 0x77, 0x70, 0x2E, 0x73, 0x74, 0x61, 0x67, 0x69, 0x6E, 0x67, 0x2E,
+    0x6D, 0x6F, 0x6F, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x08, 0x65, 0x63, 0x68,
+    0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x66, 0x69, 0x6C, 0x65, 0x73,
+    0x74, 0x61, 0x63, 0x6B, 0x2E, 0x6F, 0x6E, 0x65, 0x6D, 0x6F, 0x62, 0x2E,
+    0x63, 0x6F, 0x6D, 0x82, 0x0D, 0x66, 0x73, 0x2E, 0x65, 0x6E, 0x70, 0x6C,
+    0x75, 0x67, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x16, 0x66, 0x73, 0x2E, 0x6C,
+    0x65, 0x61, 0x72, 0x6E, 0x7A, 0x69, 0x6C, 0x6C, 0x69, 0x6F, 0x6E, 0x63,
+    0x64, 0x6E, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x16, 0x66, 0x73, 0x2E, 0x6C,
+    0x6F, 0x63, 0x61, 0x6C, 0x7A, 0x69, 0x6C, 0x6C, 0x69, 0x6F, 0x6E, 0x63,
+    0x64, 0x6E, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x66, 0x73, 0x2E, 0x6F,
+    0x70, 0x73, 0x7A, 0x69, 0x6C, 0x6C, 0x69, 0x6F, 0x6E, 0x63, 0x64, 0x6E,
+    0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x13, 0x66, 0x73, 0x2E, 0x71, 0x61, 0x7A,
+    0x69, 0x6C, 0x6C, 0x69, 0x6F, 0x6E, 0x63, 0x64, 0x6E, 0x2E, 0x63, 0x6F,
+    0x6D, 0x82, 0x15, 0x66, 0x73, 0x2E, 0x74, 0x65, 0x73, 0x74, 0x7A, 0x69,
+    0x6C, 0x6C, 0x69, 0x6F, 0x6E, 0x63, 0x64, 0x6E, 0x2E, 0x63, 0x6F, 0x6D,
+    0x82, 0x0B, 0x68, 0x6F, 0x6D, 0x65, 0x61, 0x77, 0x61, 0x79, 0x2E, 0x6C,
+    0x6B, 0x82, 0x12, 0x69, 0x6D, 0x67, 0x2E, 0x74, 0x72, 0x69, 0x67, 0x67,
+    0x65, 0x72, 0x6D, 0x61, 0x69, 0x6C, 0x2E, 0x69, 0x6F, 0x82, 0x0E, 0x6B,
+    0x69, 0x6E, 0x64, 0x73, 0x6E, 0x61, 0x63, 0x6B, 0x73, 0x2E, 0x63, 0x6F,
+    0x6D, 0x82, 0x0E, 0x6B, 0x73, 0x73, 0x76, 0x61, 0x6E, 0x69, 0x6C, 0x6C,
+    0x61, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0C, 0x6B, 0x73, 0x74, 0x63, 0x6F,
+    0x72, 0x72, 0x61, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0D, 0x6D, 0x65, 0x6E,
+    0x75, 0x2E, 0x74, 0x72, 0x65, 0x65, 0x7A, 0x2E, 0x69, 0x6F, 0x82, 0x17,
+    0x6D, 0x6F, 0x62, 0x69, 0x6C, 0x65, 0x61, 0x70, 0x69, 0x2E, 0x69, 0x64,
+    0x61, 0x74, 0x61, 0x6C, 0x69, 0x6E, 0x6B, 0x2E, 0x63, 0x6F, 0x6D, 0x82,
+    0x0A, 0x6E, 0x65, 0x77, 0x73, 0x31, 0x32, 0x2E, 0x63, 0x6F, 0x6D, 0x82,
+    0x0B, 0x6F, 0x6D, 0x6E, 0x69, 0x67, 0x6F, 0x6E, 0x2E, 0x63, 0x6F, 0x6D,
+    0x82, 0x0E, 0x6F, 0x72, 0x65, 0x69, 0x6C, 0x6C, 0x79, 0x2E, 0x72, 0x65,
+    0x76, 0x69, 0x65, 0x77, 0x82, 0x11, 0x70, 0x6F, 0x70, 0x79, 0x6F, 0x75,
+    0x72, 0x62, 0x75, 0x62, 0x62, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x82,
+    0x18, 0x70, 0x72, 0x6F, 0x64, 0x2E, 0x62, 0x65, 0x72, 0x6E, 0x61, 0x72,
+    0x64, 0x63, 0x6F, 0x6E, 0x74, 0x72, 0x6F, 0x6C, 0x73, 0x2E, 0x63, 0x6F,
+    0x6D, 0x82, 0x18, 0x72, 0x65, 0x6C, 0x65, 0x61, 0x73, 0x65, 0x2D, 0x70,
+    0x72, 0x69, 0x6D, 0x65, 0x2E, 0x73, 0x70, 0x6F, 0x6B, 0x65, 0x6F, 0x2E,
+    0x63, 0x6F, 0x6D, 0x82, 0x19, 0x72, 0x65, 0x70, 0x6F, 0x73, 0x69, 0x74,
+    0x6F, 0x72, 0x69, 0x65, 0x73, 0x2E, 0x73, 0x65, 0x6E, 0x73, 0x75, 0x61,
+    0x70, 0x70, 0x2E, 0x6F, 0x72, 0x67, 0x82, 0x0C, 0x72, 0x6C, 0x2E, 0x74,
+    0x61, 0x6C, 0x69, 0x73, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x11, 0x73, 0x68,
+    0x6F, 0x70, 0x72, 0x61, 0x63, 0x68, 0x65, 0x6C, 0x7A, 0x6F, 0x65, 0x2E,
+    0x63, 0x6F, 0x6D, 0x82, 0x0F, 0x73, 0x74, 0x61, 0x67, 0x69, 0x6E, 0x67,
+    0x2E, 0x6D, 0x6F, 0x6F, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x73, 0x74,
+    0x61, 0x74, 0x69, 0x63, 0x2E, 0x70, 0x6C, 0x75, 0x6D, 0x63, 0x61, 0x63,
+    0x68, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x73, 0x74, 0x61, 0x79,
+    0x69, 0x6E, 0x67, 0x61, 0x6C, 0x69, 0x76, 0x65, 0x2E, 0x6D, 0x73, 0x66,
+    0x2E, 0x6F, 0x72, 0x67, 0x82, 0x08, 0x74, 0x61, 0x73, 0x74, 0x79, 0x2E,
+    0x63, 0x6F, 0x82, 0x0C, 0x74, 0x6F, 0x70, 0x73, 0x70, 0x65, 0x65, 0x64,
+    0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x13, 0x75, 0x70, 0x6C, 0x6F, 0x61, 0x64,
+    0x73, 0x2E, 0x66, 0x6F, 0x6C, 0x69, 0x6F, 0x68, 0x64, 0x2E, 0x63, 0x6F,
+    0x6D, 0x82, 0x1A, 0x75, 0x73, 0x2D, 0x65, 0x75, 0x2E, 0x66, 0x69, 0x6C,
+    0x65, 0x73, 0x74, 0x61, 0x63, 0x6B, 0x63, 0x6F, 0x6E, 0x74, 0x65, 0x6E,
+    0x74, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x12, 0x76, 0x6F, 0x75, 0x63, 0x68,
+    0x65, 0x72, 0x63, 0x6F, 0x64, 0x65, 0x73, 0x2E, 0x63, 0x6F, 0x2E, 0x75,
+    0x6B, 0x82, 0x0B, 0x77, 0x65, 0x61, 0x74, 0x68, 0x65, 0x72, 0x2E, 0x63,
+    0x6F, 0x6D, 0x82, 0x13, 0x77, 0x6F, 0x6D, 0x65, 0x6E, 0x73, 0x68, 0x65,
+    0x61, 0x6C, 0x74, 0x68, 0x2D, 0x6A, 0x70, 0x2E, 0x63, 0x6F, 0x6D, 0x82,
+    0x19, 0x77, 0x6F, 0x72, 0x6B, 0x65, 0x72, 0x62, 0x65, 0x65, 0x2E, 0x73,
+    0x74, 0x61, 0x67, 0x69, 0x6E, 0x67, 0x2E, 0x6D, 0x6F, 0x6F, 0x2E, 0x63,
+    0x6F, 0x6D, 0x82, 0x0A, 0x77, 0x77, 0x77, 0x2E, 0x61, 0x67, 0x66, 0x2E,
+    0x64, 0x6B, 0x82, 0x14, 0x77, 0x77, 0x77, 0x2E, 0x61, 0x76, 0x65, 0x6E,
+    0x69, 0x72, 0x2D, 0x73, 0x75, 0x69, 0x73, 0x73, 0x65, 0x2E, 0x63, 0x68,
+    0x82, 0x11, 0x77, 0x77, 0x77, 0x2E, 0x63, 0x61, 0x6E, 0x73, 0x74, 0x61,
+    0x72, 0x2E, 0x63, 0x6F, 0x2E, 0x6E, 0x7A, 0x82, 0x15, 0x77, 0x77, 0x77,
+    0x2E, 0x63, 0x61, 0x6E, 0x73, 0x74, 0x61, 0x72, 0x62, 0x6C, 0x75, 0x65,
+    0x2E, 0x63, 0x6F, 0x2E, 0x6E, 0x7A, 0x82, 0x16, 0x77, 0x77, 0x77, 0x2E,
+    0x63, 0x61, 0x6E, 0x73, 0x74, 0x61, 0x72, 0x62, 0x6C, 0x75, 0x65, 0x2E,
+    0x63, 0x6F, 0x6D, 0x2E, 0x61, 0x75, 0x82, 0x1D, 0x77, 0x77, 0x77, 0x2E,
+    0x63, 0x68, 0x61, 0x6D, 0x70, 0x69, 0x6F, 0x6E, 0x73, 0x68, 0x6F, 0x63,
+    0x6B, 0x65, 0x79, 0x6C, 0x65, 0x61, 0x67, 0x75, 0x65, 0x2E, 0x6E, 0x65,
+    0x74, 0x82, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x65, 0x78, 0x74, 0x65, 0x72,
+    0x72, 0x6F, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0C, 0x77, 0x77, 0x77, 0x2E,
+    0x65, 0x7A, 0x75, 0x70, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0B, 0x77, 0x77,
+    0x77, 0x2E, 0x65, 0x7A, 0x75, 0x70, 0x2E, 0x64, 0x65, 0x82, 0x0B, 0x77,
+    0x77, 0x77, 0x2E, 0x65, 0x7A, 0x75, 0x70, 0x2E, 0x65, 0x75, 0x82, 0x0B,
+    0x77, 0x77, 0x77, 0x2E, 0x65, 0x7A, 0x75, 0x70, 0x2E, 0x6E, 0x6C, 0x82,
+    0x11, 0x77, 0x77, 0x77, 0x2E, 0x66, 0x72, 0x61, 0x6E, 0x6B, 0x62, 0x6F,
+    0x64, 0x79, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0D, 0x77, 0x77, 0x77, 0x2E,
+    0x67, 0x6C, 0x6F, 0x73, 0x73, 0x79, 0x2E, 0x63, 0x6F, 0x82, 0x0F, 0x77,
+    0x77, 0x77, 0x2E, 0x67, 0x6F, 0x6C, 0x64, 0x63, 0x75, 0x70, 0x2E, 0x6F,
+    0x72, 0x67, 0x82, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x69, 0x63, 0x61, 0x6E,
+    0x76, 0x61, 0x73, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0D, 0x77, 0x77, 0x77,
+    0x2E, 0x6D, 0x6F, 0x6E, 0x69, 0x6E, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x16,
+    0x77, 0x77, 0x77, 0x2E, 0x6F, 0x64, 0x65, 0x6E, 0x73, 0x65, 0x2D, 0x6D,
+    0x61, 0x72, 0x63, 0x69, 0x70, 0x61, 0x6E, 0x2E, 0x64, 0x6B, 0x82, 0x15,
+    0x77, 0x77, 0x77, 0x2E, 0x6F, 0x6E, 0x65, 0x63, 0x6C, 0x69, 0x63, 0x6B,
+    0x64, 0x72, 0x69, 0x76, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x12, 0x77,
+    0x77, 0x77, 0x2E, 0x6F, 0x72, 0x65, 0x69, 0x6C, 0x6C, 0x79, 0x2E, 0x72,
+    0x65, 0x76, 0x69, 0x65, 0x77, 0x82, 0x15, 0x77, 0x77, 0x77, 0x2E, 0x70,
+    0x6F, 0x70, 0x79, 0x6F, 0x75, 0x72, 0x62, 0x75, 0x62, 0x62, 0x6C, 0x65,
+    0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0E, 0x77, 0x77, 0x77, 0x2E, 0x72, 0x61,
+    0x77, 0x6E, 0x65, 0x74, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x0E, 0x77, 0x77,
+    0x77, 0x2E, 0x73, 0x70, 0x6F, 0x6B, 0x65, 0x6F, 0x2E, 0x63, 0x6F, 0x6D,
+    0x82, 0x10, 0x77, 0x77, 0x77, 0x2E, 0x74, 0x65, 0x61, 0x72, 0x73, 0x68,
+    0x65, 0x65, 0x74, 0x2E, 0x63, 0x6F, 0x82, 0x10, 0x77, 0x77, 0x77, 0x2E,
+    0x74, 0x6F, 0x70, 0x73, 0x70, 0x65, 0x65, 0x64, 0x2E, 0x63, 0x6F, 0x6D,
+    0x82, 0x16, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x68, 0x69, 0x74, 0x65, 0x6B,
+    0x65, 0x79, 0x76, 0x69, 0x6C, 0x6C, 0x61, 0x73, 0x2E, 0x63, 0x6F, 0x6D,
+    0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06,
+    0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B,
+    0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x1D, 0x06, 0x03, 0x55,
+    0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xA8, 0x29, 0xFD, 0xA9, 0xA5, 0x1A,
+    0x1C, 0x37, 0x0B, 0x20, 0x3B, 0x98, 0xB7, 0x25, 0x39, 0xCC, 0xE5, 0x2F,
+    0xF4, 0x94, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x18, 0x30,
+    0x16, 0x80, 0x14, 0xA9, 0x2B, 0x87, 0xE1, 0xCE, 0x24, 0x47, 0x3B, 0x1B,
+    0xBF, 0xCF, 0x85, 0x37, 0x02, 0x55, 0x9D, 0x0D, 0x94, 0x58, 0xE6, 0x30,
+    0x82, 0x01, 0x04, 0x06, 0x0A, 0x2B, 0x06, 0x01, 0x04, 0x01, 0xD6, 0x79,
+    0x02, 0x04, 0x02, 0x04, 0x81, 0xF5, 0x04, 0x81, 0xF2, 0x00, 0xF0, 0x00,
+    0x77, 0x00, 0xA4, 0xB9, 0x09, 0x90, 0xB4, 0x18, 0x58, 0x14, 0x87, 0xBB,
+    0x13, 0xA2, 0xCC, 0x67, 0x70, 0x0A, 0x3C, 0x35, 0x98, 0x04, 0xF9, 0x1B,
+    0xDF, 0xB8, 0xE3, 0x77, 0xCD, 0x0E, 0xC8, 0x0D, 0xDC, 0x10, 0x00, 0x00,
+    0x01, 0x66, 0x9C, 0xC8, 0xE7, 0x38, 0x00, 0x00, 0x04, 0x03, 0x00, 0x48,
+    0x30, 0x46, 0x02, 0x21, 0x00, 0xD9, 0x58, 0x6E, 0xFC, 0x4C, 0x3C, 0xAF,
+    0xF9, 0x5B, 0x7F, 0xDA, 0x54, 0x95, 0xAF, 0xCF, 0xB3, 0x57, 0xB9, 0x56,
+    0x2C, 0xE8, 0xE0, 0xB1, 0x20, 0x9B, 0xCB, 0x75, 0xAC, 0x4E, 0x54, 0xE9,
+    0x9D, 0x02, 0x21, 0x00, 0xE8, 0xF0, 0xC0, 0x49, 0x23, 0x8E, 0x3D, 0x9B,
+    0xA5, 0x87, 0xA3, 0xBE, 0x6C, 0x21, 0x62, 0xBB, 0xD2, 0x44, 0x5C, 0xE4,
+    0x7A, 0xCC, 0x46, 0x26, 0x04, 0x19, 0xA4, 0x2D, 0x9B, 0x1C, 0x5D, 0x3A,
+    0x00, 0x75, 0x00, 0x6F, 0x53, 0x76, 0xAC, 0x31, 0xF0, 0x31, 0x19, 0xD8,
+    0x99, 0x00, 0xA4, 0x51, 0x15, 0xFF, 0x77, 0x15, 0x1C, 0x11, 0xD9, 0x02,
+    0xC1, 0x00, 0x29, 0x06, 0x8D, 0xB2, 0x08, 0x9A, 0x37, 0xD9, 0x13, 0x00,
+    0x00, 0x01, 0x66, 0x9C, 0xC8, 0xE6, 0x20, 0x00, 0x00, 0x04, 0x03, 0x00,
+    0x46, 0x30, 0x44, 0x02, 0x20, 0x14, 0xC8, 0x9F, 0xAC, 0x27, 0x48, 0xBE,
+    0x4D, 0x0E, 0xC3, 0x26, 0x2E, 0x34, 0xCA, 0x38, 0xBA, 0x11, 0x3A, 0x68,
+    0x71, 0x88, 0xEB, 0x24, 0x26, 0x59, 0x3E, 0xAC, 0xA8, 0x63, 0xCC, 0x8A,
+    0x0A, 0x02, 0x20, 0x0F, 0x22, 0xBF, 0x0D, 0x1F, 0x8A, 0x8D, 0x1D, 0x91,
+    0x33, 0x3A, 0x40, 0xE4, 0x23, 0x78, 0xFA, 0x22, 0xF5, 0x9B, 0xCB, 0x04,
+    0x4F, 0x53, 0x2D, 0x20, 0x75, 0x2F, 0x76, 0x8A, 0xB1, 0xCD, 0x9D, 0x30,
+    0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B,
+    0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x03, 0x41, 0x0F, 0xF3, 0xA6,
+    0x62, 0xA2, 0xE5, 0xB4, 0x8D, 0xA8, 0x08, 0x71, 0x7B, 0xB3, 0xE3, 0x51,
+    0x61, 0x0D, 0xC0, 0x67, 0x6C, 0x3C, 0x9C, 0x00, 0x0B, 0x63, 0x77, 0xB6,
+    0xB6, 0x11, 0x67, 0x77, 0xA5, 0xE1, 0x49, 0xE0, 0x7F, 0xB7, 0x1D, 0x61,
+    0xFB, 0x83, 0x9C, 0x83, 0x42, 0xE9, 0x31, 0xCA, 0x51, 0xE3, 0xC1, 0xBD,
+    0x9B, 0x2F, 0xB5, 0x35, 0x05, 0x72, 0x7F, 0x40, 0xA6, 0x7C, 0xC9, 0xF1,
+    0x59, 0xA7, 0x15, 0xB8, 0x12, 0xDA, 0xF8, 0xCE, 0x83, 0x61, 0xFC, 0x47,
+    0x96, 0x9E, 0x74, 0xFE, 0xCD, 0xE4, 0x61, 0x92, 0xF2, 0x2E, 0x0C, 0x08,
+    0x4B, 0x60, 0x2D, 0xF6, 0x50, 0x07, 0x83, 0xCA, 0xAF, 0xB9, 0x41, 0x33,
+    0x4A, 0x3E, 0x84, 0xC7, 0x73, 0xC6, 0x1F, 0xFF, 0x7A, 0xDF, 0xAE, 0x47,
+    0x25, 0x32, 0xEB, 0xC0, 0x43, 0x0C, 0xA6, 0x23, 0x13, 0x46, 0xC3, 0xFA,
+    0x44, 0xEA, 0x20, 0xEA, 0xCB, 0x18, 0x17, 0x00, 0xB6, 0xE7, 0x6D, 0x8A,
+    0x14, 0x8C, 0x6A, 0xCA, 0x88, 0x4C, 0xDA, 0xA8, 0xB9, 0x08, 0xAF, 0x39,
+    0xEE, 0xCF, 0xD7, 0xF7, 0x32, 0xC0, 0xF4, 0xCF, 0x4E, 0x22, 0x38, 0xF7,
+    0xAF, 0xAE, 0x7D, 0x58, 0x5F, 0xA5, 0x2D, 0x4D, 0xBB, 0x86, 0x10, 0xB3,
+    0x93, 0x62, 0x64, 0x27, 0xBF, 0xB1, 0xBB, 0x8F, 0x9F, 0xFC, 0x07, 0x3C,
+    0x4B, 0x16, 0x7A, 0x84, 0x5E, 0xAF, 0xAD, 0x57, 0x9C, 0xFF, 0x7A, 0xA7,
+    0xE0, 0x90, 0x89, 0x1C, 0xE8, 0xE5, 0x11, 0xF7, 0xB6, 0xDC, 0xCD, 0x5E,
+    0xF7, 0x30, 0xA2, 0x2E, 0x67, 0x6D, 0x4A, 0x70, 0x26, 0xEA, 0xCD, 0x27,
+    0x70, 0x77, 0x54, 0x57, 0x09, 0x03, 0x56, 0x4A, 0x33, 0x60, 0x00, 0x27,
+    0xFE, 0xA7, 0xD7, 0xA9, 0xC4, 0xEC, 0x17, 0x17, 0x8D, 0x87, 0x70, 0x6B,
+    0x48, 0x88, 0x61, 0x54, 0x4A, 0x2B, 0xB7, 0x6A, 0x12, 0x08, 0xFB,
   };
 
   CURLcode res;
diff --git a/tests/unit/unit1660.c b/tests/unit/unit1660.c
index 6b1dcce9fc..77d72a0631 100644
--- a/tests/unit/unit1660.c
+++ b/tests/unit/unit1660.c
@@ -52,17 +52,17 @@ static CURLcode test_unit1660(const char *arg)
 
   struct testit {
     const char *host;
-    const char *chost; /* if non-NULL, use to lookup with */
-    const char *hdr; /* if NULL, just do the lookup */
+    const char *chost;  /* if non-NULL, use to lookup with */
+    const char *hdr;    /* if NULL, just do the lookup */
     const CURLcode res; /* parse result */
   };
 
   static const struct testit headers[] = {
     /* two entries read from disk cache, verify first */
-    { "-", "readfrom.example", NULL, CURLE_OK},
-    { "-", "old.example", NULL, CURLE_OK},
+    { "-", "readfrom.example", NULL, CURLE_OK },
+    { "-", "old.example", NULL, CURLE_OK },
     /* delete the remaining one read from disk */
-    { "readfrom.example", NULL, "max-age=\"0\"", CURLE_OK},
+    { "readfrom.example", NULL, "max-age=\"0\"", CURLE_OK },
 
     { "example.com", NULL, "max-age=\"31536000\"\r\n", CURLE_OK },
     { "example.com", NULL, "max-age=\"21536000\"\r\n", CURLE_OK },
@@ -90,10 +90,9 @@ static CURLcode test_unit1660(const char *arg)
     { "3.example.com", NULL,
       "max-age=\"21536000\"; include; includeSubDomains;", CURLE_OK },
     /* remove the "3.example.com" one, should still match the example.com */
-    { "3.example.com", NULL, "max-age=\"0\"; includeSubDomains;",
-      CURLE_OK },
-    { "-", "foo.example.com", NULL, CURLE_OK},
-    { "-", "foo.xample.com", NULL, CURLE_OK},
+    { "3.example.com", NULL, "max-age=\"0\"; includeSubDomains;", CURLE_OK },
+    { "-", "foo.example.com", NULL, CURLE_OK },
+    { "-", "foo.xample.com", NULL, CURLE_OK },
 
     /* should not match */
     { "example.net", "forexample.net", "max-age=\"31536000\"\r\n", CURLE_OK },
diff --git a/tests/unit/unit1979.c b/tests/unit/unit1979.c
index c3925d1bc0..796099d592 100644
--- a/tests/unit/unit1979.c
+++ b/tests/unit/unit1979.c
@@ -127,7 +127,7 @@ static CURLcode test_unit1979(const char *arg)
                                       testcases[i].normalize);
     fail_unless(msnprintf_result >= 0, "curl_msnprintf fails");
     fail_unless(!result && canonical_path_string &&
-                !strcmp(canonical_path_string, testcases[i].canonical_url),
+                  !strcmp(canonical_path_string, testcases[i].canonical_url),
                 buffer);
     curlx_dyn_free(&canonical_path);
   }
diff --git a/tests/unit/unit1980.c b/tests/unit/unit1980.c
index 9e38d8a678..82bea8415a 100644
--- a/tests/unit/unit1980.c
+++ b/tests/unit/unit1980.c
@@ -98,7 +98,7 @@ static CURLcode test_unit1980(const char *arg)
                                       testcases[i].canonical_query);
     fail_unless(msnprintf_result >= 0, "curl_msnprintf fails");
     fail_unless(!result && canonical_query_ptr &&
-                !strcmp(canonical_query_ptr, testcases[i].canonical_query),
+                  !strcmp(canonical_query_ptr, testcases[i].canonical_query),
                 buffer);
     curlx_dyn_free(&canonical_query);
   }
diff --git a/tests/unit/unit2604.c b/tests/unit/unit2604.c
index fb05189714..2e61efc0a5 100644
--- a/tests/unit/unit2604.c
+++ b/tests/unit/unit2604.c
@@ -50,27 +50,27 @@ static CURLcode test_unit2604(const char *arg)
   int i;
   const size_t too_long = 90720;
   struct set list[] = {
-    { "-too-long-", "", "", "", CURLE_TOO_LARGE},
-    { SA540 " c", SA540, "c", "/", CURLE_OK},
-    { "\" " SA540 "\" c", " " SA540, "c", "/", CURLE_OK},
-    { "a a", "a", "a", "/home/", CURLE_OK},
-    { "b a", "b", "a", "/", CURLE_OK},
-    { "a", "a", "", "/home/", CURLE_OK},
-    { "b", "b", "", "/", CURLE_OK},
-    { "\"foo bar\"\tb", "foo bar", "b", "/", CURLE_OK},
-    { "/~/hej", "/home/user/hej", "", "/home/user", CURLE_OK},
-    { "\"foo bar", "", "", "/", CURLE_QUOTE_ERROR},
-    { "\"foo\\\"bar\" a", "foo\"bar", "a", "/", CURLE_OK},
-    { "\"foo\\\'bar\" b", "foo\'bar", "b", "/", CURLE_OK},
-    { "\"foo\\\\bar\" c", "foo\\bar", "c", "/", CURLE_OK},
-    { "\"foo\\pbar\" c", "foo\\bar", "", "/", CURLE_QUOTE_ERROR},
-    { "\"\" c", "", "", "", CURLE_QUOTE_ERROR},
-    { "foo\"", "foo\"", "", "/", CURLE_OK},
-    { "foo \"", "foo", "\"", "/", CURLE_OK},
-    { "   \t\t   \t  ", "", "", "/", CURLE_QUOTE_ERROR},
-    { "              ", "", "", "/", CURLE_QUOTE_ERROR},
-    { "", "", "", "/", CURLE_QUOTE_ERROR},
-    { "       \r \n  ", "\r", "\n  ", "/", CURLE_OK},
+    { "-too-long-", "", "", "", CURLE_TOO_LARGE },
+    { SA540 " c", SA540, "c", "/", CURLE_OK },
+    { "\" " SA540 "\" c", " " SA540, "c", "/", CURLE_OK },
+    { "a a", "a", "a", "/home/", CURLE_OK },
+    { "b a", "b", "a", "/", CURLE_OK },
+    { "a", "a", "", "/home/", CURLE_OK },
+    { "b", "b", "", "/", CURLE_OK },
+    { "\"foo bar\"\tb", "foo bar", "b", "/", CURLE_OK },
+    { "/~/hej", "/home/user/hej", "", "/home/user", CURLE_OK },
+    { "\"foo bar", "", "", "/", CURLE_QUOTE_ERROR },
+    { "\"foo\\\"bar\" a", "foo\"bar", "a", "/", CURLE_OK },
+    { "\"foo\\\'bar\" b", "foo\'bar", "b", "/", CURLE_OK },
+    { "\"foo\\\\bar\" c", "foo\\bar", "c", "/", CURLE_OK },
+    { "\"foo\\pbar\" c", "foo\\bar", "", "/", CURLE_QUOTE_ERROR },
+    { "\"\" c", "", "", "", CURLE_QUOTE_ERROR },
+    { "foo\"", "foo\"", "", "/", CURLE_OK },
+    { "foo \"", "foo", "\"", "/", CURLE_OK },
+    { "   \t\t   \t  ", "", "", "/", CURLE_QUOTE_ERROR },
+    { "              ", "", "", "/", CURLE_QUOTE_ERROR },
+    { "", "", "", "/", CURLE_QUOTE_ERROR },
+    { "       \r \n  ", "\r", "\n  ", "/", CURLE_OK },
     { NULL, NULL, NULL, NULL, CURLE_OK }
   };
 
diff --git a/tests/unit/unit2605.c b/tests/unit/unit2605.c
index 49d0b0b000..e8fce40334 100644
--- a/tests/unit/unit2605.c
+++ b/tests/unit/unit2605.c
@@ -40,32 +40,32 @@ static CURLcode test_unit2605(const char *arg)
 
   int i;
   struct range list[] = {
-    { "0-9", 100, 0, 10, CURLE_OK},
-    { "1-10", 100, 1, 10, CURLE_OK},
-    { "222222-222222", 300000, 222222, 1, CURLE_OK},
-    { "4294967296 - 4294967297", 4294967298, 4294967296, 2, CURLE_OK},
-    { "-10", 100, 90, 10, CURLE_OK},
-    { "-20", 100, 80, 20, CURLE_OK},
-    { "-1", 100, 99, 1, CURLE_OK},
-    { "-0", 100, 0, 0, CURLE_RANGE_ERROR},
-    { "--2", 100, 0, 0, CURLE_RANGE_ERROR},
-    { "-100", 100, 0, 100, CURLE_OK},
-    { "-101", 100, 0, 100, CURLE_OK},
-    { "-1000", 100, 0, 100, CURLE_OK},
-    { "2-1000", 100, 2, 98, CURLE_OK},
-    { ".2-3", 100, 0, 0, CURLE_RANGE_ERROR},
-    { "+2-3", 100, 0, 0, CURLE_RANGE_ERROR},
-    { "2 - 3", 100, 2, 2, CURLE_OK},
-    { " 2 - 3", 100, 2, 2, CURLE_RANGE_ERROR}, /* no leading space */
-    { "2 - 3 ", 100, 2, 2, CURLE_RANGE_ERROR}, /* no trailing space */
-    { "3-2", 100, 0, 0, CURLE_RANGE_ERROR},
-    { "2.-3", 100, 0, 0, CURLE_RANGE_ERROR},
-    { "-3-2", 100, 0, 0, CURLE_RANGE_ERROR},
-    { "101-102", 100, 0, 0, CURLE_RANGE_ERROR},
-    { "0-", 100, 0, 100, CURLE_OK},
-    { "1-", 100, 1, 99, CURLE_OK},
-    { "99-", 100, 99, 1, CURLE_OK},
-    { "100-", 100, 0, 0, CURLE_RANGE_ERROR},
+    { "0-9", 100, 0, 10, CURLE_OK },
+    { "1-10", 100, 1, 10, CURLE_OK },
+    { "222222-222222", 300000, 222222, 1, CURLE_OK },
+    { "4294967296 - 4294967297", 4294967298, 4294967296, 2, CURLE_OK },
+    { "-10", 100, 90, 10, CURLE_OK },
+    { "-20", 100, 80, 20, CURLE_OK },
+    { "-1", 100, 99, 1, CURLE_OK },
+    { "-0", 100, 0, 0, CURLE_RANGE_ERROR },
+    { "--2", 100, 0, 0, CURLE_RANGE_ERROR },
+    { "-100", 100, 0, 100, CURLE_OK },
+    { "-101", 100, 0, 100, CURLE_OK },
+    { "-1000", 100, 0, 100, CURLE_OK },
+    { "2-1000", 100, 2, 98, CURLE_OK },
+    { ".2-3", 100, 0, 0, CURLE_RANGE_ERROR },
+    { "+2-3", 100, 0, 0, CURLE_RANGE_ERROR },
+    { "2 - 3", 100, 2, 2, CURLE_OK },
+    { " 2 - 3", 100, 2, 2, CURLE_RANGE_ERROR }, /* no leading space */
+    { "2 - 3 ", 100, 2, 2, CURLE_RANGE_ERROR }, /* no trailing space */
+    { "3-2", 100, 0, 0, CURLE_RANGE_ERROR },
+    { "2.-3", 100, 0, 0, CURLE_RANGE_ERROR },
+    { "-3-2", 100, 0, 0, CURLE_RANGE_ERROR },
+    { "101-102", 100, 0, 0, CURLE_RANGE_ERROR },
+    { "0-", 100, 0, 100, CURLE_OK },
+    { "1-", 100, 1, 99, CURLE_OK },
+    { "99-", 100, 99, 1, CURLE_OK },
+    { "100-", 100, 0, 0, CURLE_RANGE_ERROR },
     { NULL, 0, 0, 0, CURLE_OK }
   };
 
@@ -78,10 +78,9 @@ static CURLcode test_unit2605(const char *arg)
       curl_off_t start;
       curl_off_t size;
       CURLcode res;
-      curl_mprintf("%u: '%s' (file size: %" FMT_OFF_T ")\n",
-                   i, list[i].r, list[i].filesize);
-      res = Curl_ssh_range(curl, list[i].r, list[i].filesize,
-                           &start, &size);
+      curl_mprintf("%u: '%s' (file size: %" FMT_OFF_T ")\n", i, list[i].r,
+                   list[i].filesize);
+      res = Curl_ssh_range(curl, list[i].r, list[i].filesize, &start, &size);
       if(res != list[i].res) {
         curl_mprintf("... returned %d\n", res);
         unitfail++;
diff --git a/tests/unit/unit3200.c b/tests/unit/unit3200.c
index bfd4d1181b..f7c82cee37 100644
--- a/tests/unit/unit3200.c
+++ b/tests/unit/unit3200.c
@@ -28,7 +28,7 @@ static CURLcode test_unit3200(const char *arg)
 {
   UNITTEST_BEGIN_SIMPLE
 
-#if !defined(CURL_DISABLE_COOKIES) || !defined(CURL_DISABLE_ALTSVC) ||  \
+#if !defined(CURL_DISABLE_COOKIES) || !defined(CURL_DISABLE_ALTSVC) || \
   !defined(CURL_DISABLE_HSTS) || !defined(CURL_DISABLE_NETRC)
 
 #if defined(CURL_GNUC_DIAG) || defined(__clang__)
diff --git a/tests/unit/unit3205.c b/tests/unit/unit3205.c
index bb35fb2f8e..df0ea7f8dd 100644
--- a/tests/unit/unit3205.c
+++ b/tests/unit/unit3205.c
@@ -442,26 +442,26 @@ static CURLcode test_unit3205(const char *arg)
     const char *str;
   };
   static const struct test_str_entry test_str_list[] = {
-    { 0x1301, "TLS_AES_128_GCM_SHA256"},
-    { 0x1302, "TLS_AES_256_GCM_SHA384"},
-    { 0x1303, "TLS_CHACHA20_POLY1305_SHA256"},
-    { 0xC02B, "ECDHE-ECDSA-AES128-GCM-SHA256"},
-    { 0xC02F, "ECDHE-RSA-AES128-GCM-SHA256"},
-    { 0xC02C, "ECDHE-ECDSA-AES256-GCM-SHA384"},
-    { 0xC030, "ECDHE-RSA-AES256-GCM-SHA384"},
-    { 0xCCA9, "ECDHE-ECDSA-CHACHA20-POLY1305"},
-    { 0xCCA8, "ECDHE-RSA-CHACHA20-POLY1305"},
+    { 0x1301, "TLS_AES_128_GCM_SHA256" },
+    { 0x1302, "TLS_AES_256_GCM_SHA384" },
+    { 0x1303, "TLS_CHACHA20_POLY1305_SHA256" },
+    { 0xC02B, "ECDHE-ECDSA-AES128-GCM-SHA256" },
+    { 0xC02F, "ECDHE-RSA-AES128-GCM-SHA256" },
+    { 0xC02C, "ECDHE-ECDSA-AES256-GCM-SHA384" },
+    { 0xC030, "ECDHE-RSA-AES256-GCM-SHA384" },
+    { 0xCCA9, "ECDHE-ECDSA-CHACHA20-POLY1305" },
+    { 0xCCA8, "ECDHE-RSA-CHACHA20-POLY1305" },
 #ifdef USE_MBEDTLS
-    { 0x009E, "DHE-RSA-AES128-GCM-SHA256"},
-    { 0x009F, "DHE-RSA-AES256-GCM-SHA384"},
+    { 0x009E, "DHE-RSA-AES128-GCM-SHA256" },
+    { 0x009F, "DHE-RSA-AES256-GCM-SHA384" },
 #else
-    { 0x0000, "DHE-RSA-AES128-GCM-SHA256"},
-    { 0x0000, "DHE-RSA-AES256-GCM-SHA384"},
+    { 0x0000, "DHE-RSA-AES128-GCM-SHA256" },
+    { 0x0000, "DHE-RSA-AES256-GCM-SHA384" },
 #endif
 #ifdef USE_MBEDTLS
-    { 0xCCAA, "DHE-RSA-CHACHA20-POLY1305"},
+    { 0xCCAA, "DHE-RSA-CHACHA20-POLY1305" },
 #else
-    { 0x0000, "DHE-RSA-CHACHA20-POLY1305"},
+    { 0x0000, "DHE-RSA-CHACHA20-POLY1305" },
 #endif
 #ifdef USE_MBEDTLS
     { 0xC023, "ECDHE-ECDSA-AES128-SHA256" },
diff --git a/tests/unit/unit3211.c b/tests/unit/unit3211.c
index 7f6c616909..689edb7b2b 100644
--- a/tests/unit/unit3211.c
+++ b/tests/unit/unit3211.c
@@ -127,11 +127,12 @@ static CURLcode test_unit3211(const char *arg)
 {
   UNITTEST_BEGIN_SIMPLE
 
-  static const unsigned int s1[] = {  /* spread numbers, some at slot edges */
-    0, 1, 4, 17, 63, 64, 65, 66,
-    90, 99,
+  static const unsigned int s1[] = {
+    /* spread numbers, some at slot edges */
+    0, 1, 4, 17, 63, 64, 65, 66, 90, 99,
   };
-  static const unsigned int s2[] = { /* set with all bits in slot1 set */
+  static const unsigned int s2[] = {
+    /* set with all bits in slot1 set */
     64, 65, 66, 67, 68, 69, 70, 71,
     72, 73, 74, 75, 76, 77, 78, 79,
     80, 81, 82, 83, 84, 85, 86, 87,
diff --git a/tests/unit/unit3212.c b/tests/unit/unit3212.c
index 0bffd1f79c..3af35f0c57 100644
--- a/tests/unit/unit3212.c
+++ b/tests/unit/unit3212.c
@@ -28,7 +28,7 @@
 #include "curl_trc.h"
 #include "unitprotos.h"
 
-#define TBL_SIZE    100
+#define TBL_SIZE 100
 
 static CURLcode t3212_setup(struct uint32_tbl *tbl)
 {
diff --git a/tests/unit/unit3213.c b/tests/unit/unit3213.c
index dbd26f4aa4..c3ec3958e8 100644
--- a/tests/unit/unit3213.c
+++ b/tests/unit/unit3213.c
@@ -96,11 +96,12 @@ static CURLcode test_unit3213(const char *arg)
 {
   UNITTEST_BEGIN_SIMPLE
 
-  static const unsigned int s1[] = { /* spread numbers, some at slot edges */
-    0, 1, 4, 17, 63, 64, 65, 66,
-    90, 99,
+  static const unsigned int s1[] = {
+    /* spread numbers, some at slot edges */
+    0, 1, 4, 17, 63, 64, 65, 66, 90, 99,
   };
-  static const unsigned int s2[] = { /* set with all bits in slot1 set */
+  static const unsigned int s2[] = {
+    /* set with all bits in slot1 set */
     64, 65, 66, 67, 68, 69, 70, 71,
     72, 73, 74, 75, 76, 77, 78, 79,
     80, 81, 82, 83, 84, 85, 86, 87,
@@ -110,7 +111,8 @@ static CURLcode test_unit3213(const char *arg)
     112, 113, 114, 115, 116, 117, 118, 119,
     120, 121, 122, 123, 124, 125, 126, 127,
   };
-  static const unsigned int s3[] = {  /* very spread numbers */
+  static const unsigned int s3[] = {
+    /* very spread numbers */
     2232, 5167, 8204, 8526, 8641, 10056, 10140, 10611,
     10998, 11626, 13735, 15539, 17947, 24295, 27833, 30318,
   };

From dfd781ff627991c7b660fe6534c347b1a97bcc17 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Fri, 21 Nov 2025 12:34:02 +0100
Subject: [PATCH 1128/2408] tidy-up: miscellaneous

- gnutls, mbedtls: fix casing in log messages.
- src/tool_cfgable.h: drop unused header.
- appveyor.sh: variable style.
- cmakelint.sh: sync with libssh2, catch `.cmake.in` explicitly.
- examples: drop obsolete comments, exclamation marks.
- fix comment typos, casing.

Closes #19839
---
 CMakeLists.txt               |  4 ++--
 appveyor.sh                  |  4 ++--
 docs/examples/anyauthput.c   |  2 +-
 docs/examples/http2-upload.c |  2 +-
 docs/examples/simplessl.c    |  5 -----
 lib/urldata.h                |  8 ++++----
 lib/vtls/gtls.c              | 12 ++++++------
 lib/vtls/mbedtls.c           | 20 ++++++++++----------
 packages/OS400/.checksrc     |  2 +-
 scripts/cmakelint.sh         |  2 +-
 src/tool_cfgable.h           |  1 -
 11 files changed, 28 insertions(+), 34 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index b45e7859e0..685335667b 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -66,9 +66,9 @@ project(CURL
   LANGUAGES C)
 
 # CMake does not recognize some targets accurately. Touch up configuration manually as a workaround.
-if(WINDOWS_STORE AND MINGW)  # mingw UWP build
+if(WINDOWS_STORE AND MINGW)  # MinGW UWP build
   # CMake (as of v3.31.2) gets confused and applies the MSVC rc.exe command-line
-  # template to windres. Reset it to the windres template via 'Modules/Platform/Windows-windres.cmake':
+  # template to windres. Reset it to the windres template as in 'Modules/Platform/Windows-windres.cmake':
   set(CMAKE_RC_COMPILE_OBJECT " -O coff     ")
 elseif(DOS AND CMAKE_C_COMPILER_ID STREQUAL "GNU")  # DJGPP
   set(CMAKE_STATIC_LIBRARY_PREFIX "lib")
diff --git a/appveyor.sh b/appveyor.sh
index 56f8cc3527..bfcc2b9e5a 100644
--- a/appveyor.sh
+++ b/appveyor.sh
@@ -45,8 +45,8 @@ if [ "${BUILD_SYSTEM}" = 'CMake' ]; then
   # Install custom cmake version
   if [ -n "${CMAKE_VERSION:-}" ]; then
     cmake_ver=$(printf '%02d%02d' \
-      "$(echo "$CMAKE_VERSION" | cut -f1 -d.)" \
-      "$(echo "$CMAKE_VERSION" | cut -f2 -d.)")
+      "$(echo "${CMAKE_VERSION}" | cut -f1 -d.)" \
+      "$(echo "${CMAKE_VERSION}" | cut -f2 -d.)")
     if [ "${cmake_ver}" -ge '0320' ]; then
       fn="cmake-${CMAKE_VERSION}-windows-x86_64"
     else
diff --git a/docs/examples/anyauthput.c b/docs/examples/anyauthput.c
index 247d4d0d3b..5a650b64c7 100644
--- a/docs/examples/anyauthput.c
+++ b/docs/examples/anyauthput.c
@@ -150,7 +150,7 @@ int main(int argc, char **argv)
 
     /* tell libcurl we can use "any" auth, which lets the lib pick one, but it
        also costs one extra round-trip and possibly sending of all the PUT
-       data twice!!! */
+       data twice */
     curl_easy_setopt(curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
 
     /* set username and password for the authentication */
diff --git a/docs/examples/http2-upload.c b/docs/examples/http2-upload.c
index e360127a44..0f1ed748ca 100644
--- a/docs/examples/http2-upload.c
+++ b/docs/examples/http2-upload.c
@@ -27,7 +27,7 @@
  */
 #ifdef _MSC_VER
 #ifndef _CRT_SECURE_NO_WARNINGS
-#define _CRT_SECURE_NO_WARNINGS  /* for '_snprintf(), fopen(), localtime(),
+#define _CRT_SECURE_NO_WARNINGS  /* for _snprintf(), fopen(), localtime(),
                                     strerror() */
 #endif
 #endif
diff --git a/docs/examples/simplessl.c b/docs/examples/simplessl.c
index 3cf4b462bd..d08da207bf 100644
--- a/docs/examples/simplessl.c
+++ b/docs/examples/simplessl.c
@@ -46,11 +46,6 @@
    4.   if you do not use a crypto engine:
    4.1. set pKeyName to the filename of your client key
    4.2. if the format of the key file is DER, set pKeyType to "DER"
-
-   !! verify of the server certificate is not implemented here !!
-
-   **** This example only works with libcurl 7.9.3 and later! ****
-
 */
 
 int main(void)
diff --git a/lib/urldata.h b/lib/urldata.h
index 899dfff0f1..bbab0130d3 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -276,13 +276,13 @@ struct ssl_config_data {
   char *key_type; /* format for private key (default: PEM) */
   char *key_passwd; /* plain text private key password */
   BIT(certinfo);     /* gather lots of certificate info */
-  BIT(earlydata);    /* use tls1.3 early data */
+  BIT(earlydata);    /* use TLS 1.3 early data */
   BIT(enable_beast); /* allow this flaw for interoperability's sake */
   BIT(no_revoke);    /* disable SSL certificate revocation checks */
   BIT(no_partialchain); /* do not accept partial certificate chains */
   BIT(revoke_best_effort); /* ignore SSL revocation offline/missing revocation
                               list errors */
-  BIT(native_ca_store); /* use the native ca store of operating system */
+  BIT(native_ca_store); /* use the native CA store of operating system */
   BIT(auto_client_cert);   /* automatically locate and use a client
                               certificate for authentication (Schannel) */
   BIT(custom_cafile); /* application has set custom CA file */
@@ -1159,7 +1159,7 @@ enum dupstring {
   STRING_SSL_PINNEDPUBLICKEY, /* public key file to verify peer against */
   STRING_SSL_CIPHER_LIST, /* list of ciphers to use */
   STRING_SSL_CIPHER13_LIST, /* list of TLS 1.3 ciphers to use */
-  STRING_SSL_CRLFILE,     /* crl file to check certificate */
+  STRING_SSL_CRLFILE,     /* CRL file to check certificate */
   STRING_SSL_ISSUERCERT, /* issuer cert file to check certificate */
   STRING_SERVICE_NAME,    /* Service name */
 #ifndef CURL_DISABLE_PROXY
@@ -1173,7 +1173,7 @@ enum dupstring {
   STRING_SSL_PINNEDPUBLICKEY_PROXY, /* public key file to verify proxy */
   STRING_SSL_CIPHER_LIST_PROXY, /* list of ciphers to use */
   STRING_SSL_CIPHER13_LIST_PROXY, /* list of TLS 1.3 ciphers to use */
-  STRING_SSL_CRLFILE_PROXY, /* crl file to check certificate */
+  STRING_SSL_CRLFILE_PROXY, /* CRL file to check certificate */
   STRING_SSL_ISSUERCERT_PROXY, /* issuer cert file to check certificate */
   STRING_PROXY_SERVICE_NAME, /* Proxy service name */
 #endif
diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index e0ba48422b..667b09c119 100644
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -386,7 +386,7 @@ gnutls_set_ssl_version_min_max(struct Curl_easy *data,
     return CURLE_OK;
   }
 
-  failf(data, "GnuTLS: cannot set ssl protocol");
+  failf(data, "GnuTLS: cannot set TLS protocol");
   return CURLE_SSL_CONNECT_ERROR;
 }
 
@@ -460,7 +460,7 @@ static CURLcode gtls_populate_creds(struct Curl_cfilter *cf,
 #else
     rc = gnutls_certificate_set_x509_system_trust(creds);
     if(rc < 0)
-      infof(data, "error reading native ca store (%s), continuing anyway",
+      infof(data, "error reading native CA store (%s), continuing anyway",
             gnutls_strerror(rc));
     else {
       infof(data, "  Native: %d certificates from system trust", rc);
@@ -483,7 +483,7 @@ static CURLcode gtls_populate_creds(struct Curl_cfilter *cf,
                                                GNUTLS_X509_FMT_PEM);
     creds_are_empty = creds_are_empty && (rc <= 0);
     if(rc < 0) {
-      infof(data, "error reading ca cert blob (%s)%s", gnutls_strerror(rc),
+      infof(data, "error reading CA cert blob (%s)%s", gnutls_strerror(rc),
             (creds_are_empty ? "" : ", continuing anyway"));
       if(creds_are_empty) {
         ssl_config->certverifyresult = rc;
@@ -504,7 +504,7 @@ static CURLcode gtls_populate_creds(struct Curl_cfilter *cf,
                                                 GNUTLS_X509_FMT_PEM);
     creds_are_empty = creds_are_empty && (rc <= 0);
     if(rc < 0) {
-      infof(data, "error reading ca cert file %s (%s)%s",
+      infof(data, "error reading CA cert file %s (%s)%s",
             config->CAfile, gnutls_strerror(rc),
             (creds_are_empty ? "" : ", continuing anyway"));
       if(creds_are_empty) {
@@ -522,7 +522,7 @@ static CURLcode gtls_populate_creds(struct Curl_cfilter *cf,
                                                GNUTLS_X509_FMT_PEM);
     creds_are_empty = creds_are_empty && (rc <= 0);
     if(rc < 0) {
-      infof(data, "error reading ca cert file %s (%s)%s",
+      infof(data, "error reading CA cert file %s (%s)%s",
             config->CApath, gnutls_strerror(rc),
             (creds_are_empty ? "" : ", continuing anyway"));
       if(creds_are_empty) {
@@ -542,7 +542,7 @@ static CURLcode gtls_populate_creds(struct Curl_cfilter *cf,
     rc = gnutls_certificate_set_x509_crl_file(creds, config->CRLfile,
                                               GNUTLS_X509_FMT_PEM);
     if(rc < 0) {
-      failf(data, "error reading crl file %s (%s)",
+      failf(data, "error reading CRL file %s (%s)",
             config->CRLfile, gnutls_strerror(rc));
       return CURLE_SSL_CRL_BADFILE;
     }
diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c
index d331670371..4eb10d690e 100644
--- a/lib/vtls/mbedtls.c
+++ b/lib/vtls/mbedtls.c
@@ -597,7 +597,7 @@ static CURLcode mbed_connect_step1(struct Curl_cfilter *cf,
     curlx_free(newblob);
     if(ret < 0) {
       mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
-      failf(data, "Error importing ca cert blob - mbedTLS: (-0x%04X) %s",
+      failf(data, "Error importing CA cert blob - mbedTLS: (-0x%04X) %s",
             -ret, errorbuf);
       return CURLE_SSL_CERTPROBLEM;
     }
@@ -609,12 +609,12 @@ static CURLcode mbed_connect_step1(struct Curl_cfilter *cf,
 
     if(ret < 0) {
       mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
-      failf(data, "Error reading ca cert file %s - mbedTLS: (-0x%04X) %s",
+      failf(data, "Error reading CA cert file %s - mbedTLS: (-0x%04X) %s",
             ssl_cafile, -ret, errorbuf);
       return CURLE_SSL_CACERT_BADFILE;
     }
 #else
-    failf(data, "mbedtls: functions that use the file system not built in");
+    failf(data, "mbedTLS: functions that use the file system not built in");
     return CURLE_NOT_BUILT_IN;
 #endif
   }
@@ -625,14 +625,14 @@ static CURLcode mbed_connect_step1(struct Curl_cfilter *cf,
 
     if(ret < 0) {
       mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
-      failf(data, "Error reading ca cert path %s - mbedTLS: (-0x%04X) %s",
+      failf(data, "Error reading CA cert path %s - mbedTLS: (-0x%04X) %s",
             ssl_capath, -ret, errorbuf);
 
       if(verifypeer)
         return CURLE_SSL_CACERT_BADFILE;
     }
 #else
-    failf(data, "mbedtls: functions that use the file system not built in");
+    failf(data, "mbedTLS: functions that use the file system not built in");
     return CURLE_NOT_BUILT_IN;
 #endif
   }
@@ -652,7 +652,7 @@ static CURLcode mbed_connect_step1(struct Curl_cfilter *cf,
       return CURLE_SSL_CERTPROBLEM;
     }
 #else
-    failf(data, "mbedtls: functions that use the file system not built in");
+    failf(data, "mbedTLS: functions that use the file system not built in");
     return CURLE_NOT_BUILT_IN;
 #endif
   }
@@ -710,7 +710,7 @@ static CURLcode mbed_connect_step1(struct Curl_cfilter *cf,
         return CURLE_SSL_CERTPROBLEM;
       }
 #else
-      failf(data, "mbedtls: functions that use the file system not built in");
+      failf(data, "mbedTLS: functions that use the file system not built in");
       return CURLE_NOT_BUILT_IN;
 #endif
     }
@@ -766,13 +766,13 @@ static CURLcode mbed_connect_step1(struct Curl_cfilter *cf,
       return CURLE_SSL_CRL_BADFILE;
     }
 #else
-    failf(data, "mbedtls: functions that use the file system not built in");
+    failf(data, "mbedTLS: functions that use the file system not built in");
     return CURLE_NOT_BUILT_IN;
 #endif
   }
 #else
   if(ssl_crlfile) {
-    failf(data, "mbedtls: crl support not built in");
+    failf(data, "mbedTLS: CRL support not built in");
     return CURLE_NOT_BUILT_IN;
   }
 #endif
@@ -1161,7 +1161,7 @@ static CURLcode mbed_send(struct Curl_cfilter *cf, struct Curl_easy *data,
   DEBUGASSERT(backend);
   *pnwritten = 0;
   connssl->io_need = CURL_SSL_IO_NEED_NONE;
-  /* mbedtls is picky when a mbedtls_ssl_write) was previously blocked.
+  /* mbedTLS is picky when a mbedtls_ssl_write() was previously blocked.
    * It requires to be called with the same amount of bytes again, or it
    * will lose bytes, e.g. reporting all was sent but they were not.
    * Remember the blocked length and use that when set. */
diff --git a/packages/OS400/.checksrc b/packages/OS400/.checksrc
index aae405506b..3bd88ff1e7 100644
--- a/packages/OS400/.checksrc
+++ b/packages/OS400/.checksrc
@@ -2,7 +2,7 @@
 #
 # SPDX-License-Identifier: curl
 
-# Possible not what we want, but cannot test, just silence the warnings
+# Possibly not what we want, but cannot test, just silence the warnings
 allowfunc calloc
 allowfunc free
 allowfunc malloc
diff --git a/scripts/cmakelint.sh b/scripts/cmakelint.sh
index 1e1cc592ed..a9bd7472d4 100755
--- a/scripts/cmakelint.sh
+++ b/scripts/cmakelint.sh
@@ -52,7 +52,7 @@ cd "$(dirname "$0")"/..
     # strip off the leading ./ to make the grep regexes work properly
     find . -type f | sed 's@^\./@@'
   fi
-} | grep -E '(^CMake|/CMake|\.cmake$)' | grep -v -E '(\.h\.cmake|\.c)$' \
+} | grep -E '(^CMake|/CMake|\.cmake$|\.cmake\.in$)' | grep -v -E '(\.h\.cmake|\.c)$' \
   | xargs \
   cmake-lint \
     --suppress-decorations \
diff --git a/src/tool_cfgable.h b/src/tool_cfgable.h
index 5652229d4b..d02635ce24 100644
--- a/src/tool_cfgable.h
+++ b/src/tool_cfgable.h
@@ -24,7 +24,6 @@
  *
  ***************************************************************************/
 
-#include 
 #include "tool_setup.h"
 #include "tool_sdecls.h"
 #include "tool_urlglob.h"

From f97e62ff147feff09e1a29a2db6b4a7f928d75a0 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 2 Dec 2025 17:45:18 +0100
Subject: [PATCH 1129/2408] sws: fix binding to unix socket on Windows

Windows 10.17063+ (having unix socket support) fails to set for unix
sockets the `SO_REUSEADDR` option, with error 10045 (`WSAEOPNOTSUPP`),
and also fails to set `SO_KEEPALIVE` with error 10042 (`WSAENOPROTOOPT`).

Fix by not enabling these socket options on Windows for unix sockets.

Also:
- fixing test 1435, 1436 to run in CI.
- fixing the `socksd` test server for test 1467, 1468, 1470. But, also
  disable these for now due to another Windows issue: #19825

Ref: https://stackoverflow.com/questions/68791319/unix-domain-socket-bind-failed-in-windows/68794755#68794755
Ref: #19810
Closes #19812
---
 tests/data/test1467 |  2 ++
 tests/data/test1468 |  2 ++
 tests/data/test1470 |  2 ++
 tests/server/sws.c  | 39 ++++++++++++++++---------
 tests/server/util.c | 70 ++++++++++++++++++++++++---------------------
 5 files changed, 70 insertions(+), 45 deletions(-)

diff --git a/tests/data/test1467 b/tests/data/test1467
index 69b04d8bf4..46cb69059b 100644
--- a/tests/data/test1467
+++ b/tests/data/test1467
@@ -30,9 +30,11 @@ Funny-head: yesyes
 #
 # Client-side
 
+# --socks5 cannot accept Windows absolute paths
 
 proxy
 UnixSockets
+!win32
 
 
 http
diff --git a/tests/data/test1468 b/tests/data/test1468
index 7cb9b13456..1ed654adcc 100644
--- a/tests/data/test1468
+++ b/tests/data/test1468
@@ -31,9 +31,11 @@ Funny-head: yesyes
 #
 # Client-side
 
+# --socks5h cannot accept Windows absolute paths
 
 proxy
 UnixSockets
+!win32
 
 
 http
diff --git a/tests/data/test1470 b/tests/data/test1470
index c93af27f7d..691fcc9a44 100644
--- a/tests/data/test1470
+++ b/tests/data/test1470
@@ -32,9 +32,11 @@ Funny-head: yesyes
 #
 # Client-side
 
+# --proxy cannot accept Windows absolute paths
 
 proxy
 UnixSockets
+!win32
 
 
 https
diff --git a/tests/server/sws.c b/tests/server/sws.c
index 56135a8326..c7ce249224 100644
--- a/tests/server/sws.c
+++ b/tests/server/sws.c
@@ -1863,14 +1863,20 @@ static curl_socket_t accept_connection(curl_socket_t sock)
     return CURL_SOCKET_BAD;
   }
 
-  if(setsockopt(msgsock, SOL_SOCKET, SO_KEEPALIVE,
-                (void *)&flag, sizeof(flag))) {
-    error = SOCKERRNO;
-    logmsg("setsockopt(SO_KEEPALIVE) failed with error (%d) %s",
-           error, curlx_strerror(error, errbuf, sizeof(errbuf)));
-    sclose(msgsock);
-    return CURL_SOCKET_BAD;
+#if defined(_WIN32) && defined(USE_UNIX_SOCKETS)
+  if(socket_domain != AF_UNIX) {
+#endif
+    if(setsockopt(msgsock, SOL_SOCKET, SO_KEEPALIVE,
+                  (void *)&flag, sizeof(flag))) {
+      error = SOCKERRNO;
+      logmsg("setsockopt(SO_KEEPALIVE) failed with error (%d) %s",
+             error, curlx_strerror(error, errbuf, sizeof(errbuf)));
+      sclose(msgsock);
+      return CURL_SOCKET_BAD;
+    }
+#if defined(_WIN32) && defined(USE_UNIX_SOCKETS)
   }
+#endif
 
   /*
   ** As soon as this server accepts a connection from the test harness it
@@ -2176,13 +2182,20 @@ static int test_sws(int argc, char *argv[])
     goto sws_cleanup;
   }
 
-  flag = 1;
-  if(setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *)&flag, sizeof(flag))) {
-    error = SOCKERRNO;
-    logmsg("setsockopt(SO_REUSEADDR) failed with error (%d) %s",
-           error, curlx_strerror(error, errbuf, sizeof(errbuf)));
-    goto sws_cleanup;
+#if defined(_WIN32) && defined(USE_UNIX_SOCKETS)
+  if(socket_domain != AF_UNIX) {
+#endif
+    flag = 1;
+    if(setsockopt(sock, SOL_SOCKET, SO_REUSEADDR,
+                  (void *)&flag, sizeof(flag))) {
+      error = SOCKERRNO;
+      logmsg("setsockopt(SO_REUSEADDR) failed with error (%d) %s",
+             error, curlx_strerror(error, errbuf, sizeof(errbuf)));
+      goto sws_cleanup;
+    }
+#if defined(_WIN32) && defined(USE_UNIX_SOCKETS)
   }
+#endif
   if(curlx_nonblock(sock, TRUE)) {
     error = SOCKERRNO;
     logmsg("curlx_nonblock failed with error (%d) %s",
diff --git a/tests/server/util.c b/tests/server/util.c
index 624826571a..b021aa43dc 100644
--- a/tests/server/util.c
+++ b/tests/server/util.c
@@ -763,42 +763,48 @@ curl_socket_t sockdaemon(curl_socket_t sock,
   (void)unix_socket;
 #endif
 
-  do {
-    attempt++;
-    flag = 1;
-    rc = setsockopt(sock, SOL_SOCKET, SO_REUSEADDR,
-                    (void *)&flag, sizeof(flag));
-    if(rc) {
-      error = SOCKERRNO;
-      logmsg("setsockopt(SO_REUSEADDR) failed with error (%d) %s",
-             error, curlx_strerror(error, errbuf, sizeof(errbuf)));
-      if(maxretr) {
-        rc = curlx_wait_ms(delay);
-        if(rc) {
-          /* should not happen */
-          error = SOCKERRNO;
-          logmsg("curlx_wait_ms() failed with error (%d) %s",
-                 error, curlx_strerror(error, errbuf, sizeof(errbuf)));
-          sclose(sock);
-          return CURL_SOCKET_BAD;
+#if defined(_WIN32) && defined(USE_UNIX_SOCKETS)
+  if(socket_domain != AF_UNIX) {
+#endif
+    do {
+      attempt++;
+      flag = 1;
+      rc = setsockopt(sock, SOL_SOCKET, SO_REUSEADDR,
+                      (void *)&flag, sizeof(flag));
+      if(rc) {
+        error = SOCKERRNO;
+        logmsg("setsockopt(SO_REUSEADDR) failed with error (%d) %s",
+               error, curlx_strerror(error, errbuf, sizeof(errbuf)));
+        if(maxretr) {
+          rc = curlx_wait_ms(delay);
+          if(rc) {
+            /* should not happen */
+            error = SOCKERRNO;
+            logmsg("curlx_wait_ms() failed with error (%d) %s",
+                   error, curlx_strerror(error, errbuf, sizeof(errbuf)));
+            sclose(sock);
+            return CURL_SOCKET_BAD;
+          }
+          if(got_exit_signal) {
+            logmsg("signalled to die, exiting...");
+            sclose(sock);
+            return CURL_SOCKET_BAD;
+          }
+          totdelay += delay;
+          delay *= 2; /* double the sleep for next attempt */
         }
-        if(got_exit_signal) {
-          logmsg("signalled to die, exiting...");
-          sclose(sock);
-          return CURL_SOCKET_BAD;
-        }
-        totdelay += delay;
-        delay *= 2; /* double the sleep for next attempt */
       }
-    }
-  } while(rc && maxretr--);
+    } while(rc && maxretr--);
 
-  if(rc) {
-    logmsg("setsockopt(SO_REUSEADDR) failed %d times in %d ms. Error (%d) %s",
-           attempt, totdelay,
-           error, curlx_strerror(error, errbuf, sizeof(errbuf)));
-    logmsg("Continuing anyway...");
+    if(rc) {
+      logmsg("setsockopt(SO_REUSEADDR) failed %d times in %d ms. "
+             "Error (%d) %s", attempt, totdelay,
+             error, curlx_strerror(error, errbuf, sizeof(errbuf)));
+      logmsg("Continuing anyway...");
+    }
+#if defined(_WIN32) && defined(USE_UNIX_SOCKETS)
   }
+#endif
 
   /* When the specified listener port is zero, it is actually a
      request to let the system choose a non-zero available port. */

From df07f431e2077881b13e655083a3929242615056 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sat, 29 Nov 2025 10:54:28 +0100
Subject: [PATCH 1130/2408] mbedtls: sync format across log messages

Closes #19842
---
 lib/vtls/mbedtls.c | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c
index 4eb10d690e..49c557de03 100644
--- a/lib/vtls/mbedtls.c
+++ b/lib/vtls/mbedtls.c
@@ -597,7 +597,7 @@ static CURLcode mbed_connect_step1(struct Curl_cfilter *cf,
     curlx_free(newblob);
     if(ret < 0) {
       mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
-      failf(data, "Error importing CA cert blob - mbedTLS: (-0x%04X) %s",
+      failf(data, "mbedTLS: error importing CA cert blob: (-0x%04X) %s",
             -ret, errorbuf);
       return CURLE_SSL_CERTPROBLEM;
     }
@@ -609,7 +609,7 @@ static CURLcode mbed_connect_step1(struct Curl_cfilter *cf,
 
     if(ret < 0) {
       mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
-      failf(data, "Error reading CA cert file %s - mbedTLS: (-0x%04X) %s",
+      failf(data, "mbedTLS: error reading CA cert file %s: (-0x%04X) %s",
             ssl_cafile, -ret, errorbuf);
       return CURLE_SSL_CACERT_BADFILE;
     }
@@ -625,7 +625,7 @@ static CURLcode mbed_connect_step1(struct Curl_cfilter *cf,
 
     if(ret < 0) {
       mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
-      failf(data, "Error reading CA cert path %s - mbedTLS: (-0x%04X) %s",
+      failf(data, "mbedTLS: error reading CA cert path %s: (-0x%04X) %s",
             ssl_capath, -ret, errorbuf);
 
       if(verifypeer)
@@ -646,7 +646,7 @@ static CURLcode mbed_connect_step1(struct Curl_cfilter *cf,
 
     if(ret) {
       mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
-      failf(data, "Error reading client cert file %s - mbedTLS: (-0x%04X) %s",
+      failf(data, "mbedTLS: error reading client cert file %s: (-0x%04X) %s",
             ssl_cert, -ret, errorbuf);
 
       return CURLE_SSL_CERTPROBLEM;
@@ -671,7 +671,7 @@ static CURLcode mbed_connect_step1(struct Curl_cfilter *cf,
 
     if(ret) {
       mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
-      failf(data, "Error reading client cert data %s - mbedTLS: (-0x%04X) %s",
+      failf(data, "mbedTLS: error reading client cert data %s: (-0x%04X) %s",
             ssl_config->key, -ret, errorbuf);
       return CURLE_SSL_CERTPROBLEM;
     }
@@ -705,7 +705,7 @@ static CURLcode mbed_connect_step1(struct Curl_cfilter *cf,
 
       if(ret) {
         mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
-        failf(data, "Error reading private key %s - mbedTLS: (-0x%04X) %s",
+        failf(data, "mbedTLS: error reading private key %s: (-0x%04X) %s",
               ssl_config->key, -ret, errorbuf);
         return CURLE_SSL_CERTPROBLEM;
       }
@@ -743,7 +743,7 @@ static CURLcode mbed_connect_step1(struct Curl_cfilter *cf,
 
       if(ret) {
         mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
-        failf(data, "Error parsing private key - mbedTLS: (-0x%04X) %s",
+        failf(data, "mbedTLS: error parsing private key: (-0x%04X) %s",
               -ret, errorbuf);
         return CURLE_SSL_CERTPROBLEM;
       }
@@ -760,7 +760,7 @@ static CURLcode mbed_connect_step1(struct Curl_cfilter *cf,
 
     if(ret) {
       mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
-      failf(data, "Error reading CRL file %s - mbedTLS: (-0x%04X) %s",
+      failf(data, "mbedTLS: error reading CRL file %s: (-0x%04X) %s",
             ssl_crlfile, -ret, errorbuf);
 
       return CURLE_SSL_CRL_BADFILE;
@@ -822,7 +822,7 @@ static CURLcode mbed_connect_step1(struct Curl_cfilter *cf,
   ret = mbedtls_ssl_setup(&backend->ssl, &backend->config);
   if(ret) {
     mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
-    failf(data, "ssl_setup failed - mbedTLS: (-0x%04X) %s",
+    failf(data, "mbedTLS: ssl_setup failed: (-0x%04X) %s",
           -ret, errorbuf);
     return CURLE_SSL_CONNECT_ERROR;
   }

From 6d042273cde6e4f0fd3ea0af25b37c96356ac9c6 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 4 Dec 2025 20:28:34 +0100
Subject: [PATCH 1131/2408] openssl: simplify `HAVE_KEYLOG_CALLBACK` guard

non-LibreSSL always includes BoringSSL and AWS-LC, no need to check for
them explicitly.

Follow-up to 69c89bf3d3137fcbb2b8bc57233182adcf1e2817 #18330
Closes #19843
---
 lib/vtls/openssl.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/vtls/openssl.h b/lib/vtls/openssl.h
index ff8246b4fa..c3ba67a8ff 100644
--- a/lib/vtls/openssl.h
+++ b/lib/vtls/openssl.h
@@ -51,7 +51,7 @@
  * BoringSSL: supported since d28f59c27bac (committed 2015-11-19)
  * LibreSSL: not supported. 3.5.0+ has a stub function that does nothing.
  */
-#if !defined(LIBRESSL_VERSION_NUMBER) || defined(HAVE_BORINGSSL_LIKE)
+#ifndef LIBRESSL_VERSION_NUMBER
 #define HAVE_KEYLOG_CALLBACK
 #endif
 

From ebe6fa08c9df12aa1c66cacf49a6e503a6e45d02 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 4 Dec 2025 20:11:45 +0100
Subject: [PATCH 1132/2408] docs/libcurl: fix C formatting nits

Closes #19844
---
 docs/libcurl/curl_easy_nextheader.md       |  2 +-
 docs/libcurl/curl_easy_pause.md            |  1 -
 docs/libcurl/curl_formadd.md               |  2 +-
 docs/libcurl/curl_formget.md               |  4 +--
 docs/libcurl/curl_mime_data_cb.md          |  2 +-
 docs/libcurl/curl_mprintf.md               |  2 +-
 docs/libcurl/curl_multi_fdset.md           |  2 +-
 docs/libcurl/curl_ws_meta.md               |  4 +--
 docs/libcurl/libcurl-tutorial.md           | 32 +++++++++++-----------
 docs/libcurl/opts/CURLINFO_USED_PROXY.md   |  2 +-
 docs/libcurl/opts/CURLOPT_COOKIELIST.md    |  2 +-
 docs/libcurl/opts/CURLOPT_SOCKS5_AUTH.md   |  2 +-
 docs/libcurl/opts/CURLOPT_WRITEFUNCTION.md |  2 +-
 13 files changed, 28 insertions(+), 31 deletions(-)

diff --git a/docs/libcurl/curl_easy_nextheader.md b/docs/libcurl/curl_easy_nextheader.md
index 2dbdf61ccd..c3dd223b8c 100644
--- a/docs/libcurl/curl_easy_nextheader.md
+++ b/docs/libcurl/curl_easy_nextheader.md
@@ -83,7 +83,7 @@ int main(void)
     }
 
     /* extract the normal headers + 1xx + trailers from the last request */
-    unsigned int origin = CURLH_HEADER| CURLH_1XX | CURLH_TRAILER;
+    unsigned int origin = CURLH_HEADER | CURLH_1XX | CURLH_TRAILER;
     while((h = curl_easy_nextheader(curl, origin, -1, prev))) {
       printf("%s: %s\n", h->name, h->value);
       prev = h;
diff --git a/docs/libcurl/curl_easy_pause.md b/docs/libcurl/curl_easy_pause.md
index 2f47c4ef3f..b6390058e8 100644
--- a/docs/libcurl/curl_easy_pause.md
+++ b/docs/libcurl/curl_easy_pause.md
@@ -109,7 +109,6 @@ int main(void)
   if(curl) {
     /* pause a transfer in both directions */
     curl_easy_pause(curl, CURLPAUSE_RECV | CURLPAUSE_SEND);
-
   }
 }
 ~~~
diff --git a/docs/libcurl/curl_formadd.md b/docs/libcurl/curl_formadd.md
index f35e50eab7..ca05f4310a 100644
--- a/docs/libcurl/curl_formadd.md
+++ b/docs/libcurl/curl_formadd.md
@@ -225,7 +225,7 @@ int main(void)
     char file2[] = "your-face.jpg";
     /* add null character into htmlbuffer, to demonstrate that
        transfers of buffers containing null characters actually work
-    */
+     */
     htmlbuffer[8] = '\0';
 
     /* Add simple name/content section */
diff --git a/docs/libcurl/curl_formget.md b/docs/libcurl/curl_formget.md
index 264eb5cbcb..316609e93a 100644
--- a/docs/libcurl/curl_formget.md
+++ b/docs/libcurl/curl_formget.md
@@ -54,7 +54,7 @@ This, because first then does libcurl known which actual read callback to use.
 size_t print_httppost_callback(void *arg, const char *buf, size_t len)
 {
   fwrite(buf, len, 1, stdout);
-  (*(size_t *) arg) += len;
+  (*(size_t *)arg) += len;
   return len;
 }
 
@@ -62,7 +62,7 @@ size_t print_httppost(struct curl_httppost *post)
 {
   size_t total_size = 0;
   if(curl_formget(post, &total_size, print_httppost_callback)) {
-    return (size_t) -1;
+    return (size_t)-1;
   }
   return total_size;
 }
diff --git a/docs/libcurl/curl_mime_data_cb.md b/docs/libcurl/curl_mime_data_cb.md
index 9b3fdd5593..bed7c5d78f 100644
--- a/docs/libcurl/curl_mime_data_cb.md
+++ b/docs/libcurl/curl_mime_data_cb.md
@@ -120,7 +120,7 @@ struct ctl {
 
 size_t read_callback(char *buffer, size_t size, size_t nitems, void *arg)
 {
-  struct ctl *p = (struct ctl *) arg;
+  struct ctl *p = (struct ctl *)arg;
   curl_off_t sz = p->size - p->position;
 
   nitems *= size;
diff --git a/docs/libcurl/curl_mprintf.md b/docs/libcurl/curl_mprintf.md
index a592cfb3e6..508dece919 100644
--- a/docs/libcurl/curl_mprintf.md
+++ b/docs/libcurl/curl_mprintf.md
@@ -274,7 +274,7 @@ const char *name = "John";
 int main(void)
 {
   curl_mprintf("My name is %s\n", name);
-  curl_mprintf("Pi is almost %f\n", (double)25.0/8);
+  curl_mprintf("Pi is almost %f\n", (double)25.0 / 8);
 }
 ~~~
 
diff --git a/docs/libcurl/curl_multi_fdset.md b/docs/libcurl/curl_multi_fdset.md
index 1396738014..24d6664f49 100644
--- a/docs/libcurl/curl_multi_fdset.md
+++ b/docs/libcurl/curl_multi_fdset.md
@@ -92,7 +92,7 @@ int main(void)
   int maxfd;
   int rc;
   CURLMcode mc;
-  struct timeval timeout = {1, 0};
+  struct timeval timeout = { 1, 0 };
 
   CURLM *multi = curl_multi_init();
 
diff --git a/docs/libcurl/curl_ws_meta.md b/docs/libcurl/curl_ws_meta.md
index e34e547676..978520afd8 100644
--- a/docs/libcurl/curl_ws_meta.md
+++ b/docs/libcurl/curl_ws_meta.md
@@ -137,8 +137,7 @@ struct customdata {
   void *ptr;
 };
 
-static size_t writecb(char *buffer,
-                      size_t size, size_t nitems, void *p)
+static size_t writecb(char *buffer, size_t size, size_t nitems, void *p)
 {
   struct customdata *c = (struct customdata *)p;
   const struct curl_ws_frame *m = curl_ws_meta(c->easy);
@@ -158,7 +157,6 @@ int main(void)
     curl_easy_setopt(curl, CURLOPT_WRITEDATA, &custom);
 
     curl_easy_perform(curl);
-
   }
   return 0;
 }
diff --git a/docs/libcurl/libcurl-tutorial.md b/docs/libcurl/libcurl-tutorial.md
index e515b3b7b0..7b01d234c4 100644
--- a/docs/libcurl/libcurl-tutorial.md
+++ b/docs/libcurl/libcurl-tutorial.md
@@ -448,7 +448,7 @@ claims to support. This method does however add a round-trip since libcurl
 must first ask the server what it supports:
 
 ~~~c
- curl_easy_setopt(handle, CURLOPT_HTTPAUTH, CURLAUTH_DIGEST|CURLAUTH_BASIC);
+ curl_easy_setopt(handle, CURLOPT_HTTPAUTH, CURLAUTH_DIGEST | CURLAUTH_BASIC);
 ~~~
 
 For convenience, you can use the *CURLAUTH_ANY* define (instead of a list with
@@ -468,7 +468,7 @@ pages using the \ tag uses. We provide a pointer to the data and tell
 libcurl to post it all to the remote site:
 
 ~~~c
-    char *data="name=daniel&project=curl";
+    char *data = "name=daniel&project=curl";
     curl_easy_setopt(handle, CURLOPT_POSTFIELDS, data);
     curl_easy_setopt(handle, CURLOPT_URL, "http://posthere.com/");
 
@@ -487,7 +487,7 @@ done in a generic way, by building a list of our own headers and then passing
 that list to libcurl.
 
 ~~~c
- struct curl_slist *headers=NULL;
+ struct curl_slist *headers = NULL;
  headers = curl_slist_append(headers, "Content-Type: text/xml");
 
  /* post binary data */
@@ -574,8 +574,8 @@ parts, you post the whole form.
 The MIME API example above is expressed as follows using this function:
 
 ~~~c
- struct curl_httppost *post=NULL;
- struct curl_httppost *last=NULL;
+ struct curl_httppost *post = NULL;
+ struct curl_httppost *last = NULL;
  curl_formadd(&post, &last,
               CURLFORM_COPYNAME, "name",
               CURLFORM_COPYCONTENTS, "daniel", CURLFORM_END);
@@ -605,7 +605,7 @@ shows how you set headers to one specific part when you add that to the post
 handle:
 
 ~~~c
- struct curl_slist *headers=NULL;
+ struct curl_slist *headers = NULL;
  headers = curl_slist_append(headers, "Content-Type: text/xml");
 
  curl_formadd(&post, &last,
@@ -675,7 +675,7 @@ becomes:
 ~~~c
  part = curl_mime_addpart(multipart);
  curl_mime_name(part, "logotype-image");
- curl_mime_data_cb(part, (curl_off_t) -1, fread, fseek, NULL, stdin);
+ curl_mime_data_cb(part, (curl_off_t)-1, fread, fseek, NULL, stdin);
 ~~~
 
 curl_mime_name(3) always copies the field name. The special filename "-" is
@@ -717,7 +717,7 @@ becomes:
 ~~~c
  part = curl_mime_addpart(multipart);
  curl_mime_name(part, "stream");
- curl_mime_data_cb(part, (curl_off_t) datasize,
+ curl_mime_data_cb(part, (curl_off_t)datasize,
                    myreadfunc, NULL, NULL, arg);
  curl_mime_filename(part, "archive.zip");
  curl_mime_type(part, "application/zip");
@@ -738,7 +738,7 @@ becomes:
 ~~~c
  part = curl_mime_addpart(multipart);
  curl_mime_name(part, "memfile");
- curl_mime_data(part, databuffer, (curl_off_t) sizeof databuffer);
+ curl_mime_data(part, databuffer, (curl_off_t)sizeof(databuffer));
  curl_mime_filename(part, "memfile.bin");
 ~~~
 
@@ -802,12 +802,12 @@ Example C++ code:
 
 ~~~c
 class AClass {
-    static size_t write_data(void *ptr, size_t size, size_t nmemb,
-                             void *ourpointer)
-    {
-      /* do what you want with the data */
-    }
- }
+  static size_t write_data(void *ptr, size_t size, size_t nmemb,
+                           void *ourpointer)
+  {
+    /* do what you want with the data */
+  }
+}
 ~~~
 
 # Proxies
@@ -1046,7 +1046,7 @@ request, and you are free to pass any amount of extra headers that you
 think fit. Adding headers is this easy:
 
 ~~~c
-struct curl_slist *headers=NULL; /* init to NULL is important */
+struct curl_slist *headers = NULL; /* init to NULL is important */
 
 headers = curl_slist_append(headers, "Hey-server-hey: how are you?");
 headers = curl_slist_append(headers, "X-silly-content: yes");
diff --git a/docs/libcurl/opts/CURLINFO_USED_PROXY.md b/docs/libcurl/opts/CURLINFO_USED_PROXY.md
index 01ef3610db..3d652c73b0 100644
--- a/docs/libcurl/opts/CURLINFO_USED_PROXY.md
+++ b/docs/libcurl/opts/CURLINFO_USED_PROXY.md
@@ -53,7 +53,7 @@ int main(int argc, char *argv[])
       long used;
       res = curl_easy_getinfo(curl, CURLINFO_USED_PROXY, &used);
       if(!res) {
-        printf("The proxy was %sused\n", used ? "": "NOT ");
+        printf("The proxy was %sused\n", used ? "" : "NOT ");
       }
     }
     curl_easy_cleanup(curl);
diff --git a/docs/libcurl/opts/CURLOPT_COOKIELIST.md b/docs/libcurl/opts/CURLOPT_COOKIELIST.md
index a2c43d8dfe..5124a53e64 100644
--- a/docs/libcurl/opts/CURLOPT_COOKIELIST.md
+++ b/docs/libcurl/opts/CURLOPT_COOKIELIST.md
@@ -77,7 +77,7 @@ NULL
 ~~~c
 /* an inline import of a cookie in Netscape format. */
 
-#define SEP  "\t"  /* Tab separates the fields */
+#define SEP "\t"  /* Tab separates the fields */
 
 int main(void)
 {
diff --git a/docs/libcurl/opts/CURLOPT_SOCKS5_AUTH.md b/docs/libcurl/opts/CURLOPT_SOCKS5_AUTH.md
index a9adf6b77d..826fc4c1f2 100644
--- a/docs/libcurl/opts/CURLOPT_SOCKS5_AUTH.md
+++ b/docs/libcurl/opts/CURLOPT_SOCKS5_AUTH.md
@@ -35,7 +35,7 @@ password with the CURLOPT_PROXYUSERPWD(3) option.
 
 # DEFAULT
 
-CURLAUTH_BASIC|CURLAUTH_GSSAPI
+CURLAUTH_BASIC | CURLAUTH_GSSAPI
 
 # %PROTOCOLS%
 
diff --git a/docs/libcurl/opts/CURLOPT_WRITEFUNCTION.md b/docs/libcurl/opts/CURLOPT_WRITEFUNCTION.md
index 973a0aea75..ad4b4e0360 100644
--- a/docs/libcurl/opts/CURLOPT_WRITEFUNCTION.md
+++ b/docs/libcurl/opts/CURLOPT_WRITEFUNCTION.md
@@ -106,7 +106,7 @@ static size_t cb(char *data, size_t size, size_t nmemb, void *clientp)
 
 int main(void)
 {
-  struct memory chunk = {0};
+  struct memory chunk = { 0 };
   CURLcode res;
   CURL *curl = curl_easy_init();
   if(curl) {

From a1531261b1ed6d0936646794cc169eb6f55bf3ff Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Thu, 4 Dec 2025 19:57:44 +0100
Subject: [PATCH 1133/2408] CURLMOPT_SOCKETFUNCTION.md: fix the callback
 argument use

The example code does not use curl_multi_assign(), but its callback
function used socketp (called sockp in the function) to get the struct
priv pointer instead of the correct clientp (cbp).

Reported-by: Greg Hudson
Fixes #19840
Closes #19841
---
 docs/libcurl/opts/CURLMOPT_SOCKETFUNCTION.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/libcurl/opts/CURLMOPT_SOCKETFUNCTION.md b/docs/libcurl/opts/CURLMOPT_SOCKETFUNCTION.md
index fae15d58a2..411b856e93 100644
--- a/docs/libcurl/opts/CURLMOPT_SOCKETFUNCTION.md
+++ b/docs/libcurl/opts/CURLMOPT_SOCKETFUNCTION.md
@@ -109,7 +109,7 @@ struct priv {
 
 static int sock_cb(CURL *e, curl_socket_t s, int what, void *cbp, void *sockp)
 {
-  struct priv *p = sockp;
+  struct priv *p = cbp;
   printf("our ptr: %p\n", p->ours);
 
   if(what == CURL_POLL_REMOVE) {

From f1f76e0ea83921000f228ce49748047e33e1e46d Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Thu, 4 Dec 2025 19:01:02 +0100
Subject: [PATCH 1134/2408] url: if curl_url_get() fails due to OOM, error out
 properly

Even if the scheme is "file"!

Closes #19838
---
 lib/url.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/url.c b/lib/url.c
index 043d7ca72c..0643ceea7f 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -1919,7 +1919,8 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data,
   uc = curl_url_get(uh, CURLUPART_PORT, &data->state.up.port,
                     CURLU_DEFAULT_PORT);
   if(uc) {
-    if(!curl_strequal("file", data->state.up.scheme))
+    if((uc == CURLUE_OUT_OF_MEMORY) ||
+       !curl_strequal("file", data->state.up.scheme))
       return CURLE_OUT_OF_MEMORY;
   }
   else {

From 859ce48de12986f5bf846c2800dacab893ff12c1 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 4 Dec 2025 15:32:44 +0100
Subject: [PATCH 1135/2408] ldap: detect version of "legacy" LDAP

Legacy LDAP means an OpenLDAP-compatible implementation
without the private API `ldap_init_fd()` introduced in OpenLDAP
2.4.6+ (2007-10-31), and not WinLDAP.

One known example is Apple's LDAP build, which is based on
OpenLDAP 2.4.28 (2011-11-25), without providing this private API.

The version query API was introduced around 1998-1999, before
the minimum (2.0 2000-08-01) required by curl.

Follow-up to 3e2a946926853608d67805bd9f4a58345fff364a #19808
Closes #19832
---
 lib/ldap.c | 22 +++++++++++++++++++++-
 1 file changed, 21 insertions(+), 1 deletion(-)

diff --git a/lib/ldap.c b/lib/ldap.c
index 6104ff2073..92cfa3967f 100644
--- a/lib/ldap.c
+++ b/lib/ldap.c
@@ -1029,7 +1029,27 @@ void Curl_ldap_version(char *buf, size_t bufsz)
 #ifdef USE_WIN32_LDAP
   curl_msnprintf(buf, bufsz, "WinLDAP");
 #else
-  curl_msnprintf(buf, bufsz, "LDAP/1");
+#ifdef __APPLE__
+  static const char *flavor = "/Apple";
+#else
+  static const char *flavor = "";
+#endif
+  LDAPAPIInfo api;
+  api.ldapai_info_version = LDAP_API_INFO_VERSION;
+
+  if(ldap_get_option(NULL, LDAP_OPT_API_INFO, &api) == LDAP_OPT_SUCCESS) {
+    unsigned int patch = (unsigned int)(api.ldapai_vendor_version % 100);
+    unsigned int major = (unsigned int)(api.ldapai_vendor_version / 10000);
+    unsigned int minor =
+      (((unsigned int)api.ldapai_vendor_version - major * 10000)
+       - patch) / 100;
+    curl_msnprintf(buf, bufsz, "%s/%u.%u.%u%s",
+                   api.ldapai_vendor_name, major, minor, patch, flavor);
+    ldap_memfree(api.ldapai_vendor_name);
+    ber_memvfree((void **)api.ldapai_extensions);
+  }
+  else
+    curl_msnprintf(buf, bufsz, "LDAP/1");
 #endif
 }
 

From 68a44edd500ac36754eea4f80beb5dcbe8534723 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Fri, 5 Dec 2025 08:51:11 +0100
Subject: [PATCH 1136/2408] TODO: remove a mandriva.com reference

It's a casino now
---
 docs/TODO | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/docs/TODO b/docs/TODO
index 99e8d1dd60..817591dfb7 100644
--- a/docs/TODO
+++ b/docs/TODO
@@ -1177,9 +1177,7 @@
  -y/-Y) the next attempt does not resume the transfer properly from what was
  downloaded in the previous attempt but truncates and restarts at the original
  position where it was at before the previous failed attempt. See
- https://curl.se/mail/lib-2008-01/0080.html and Mandriva bug report
- https://qa.mandriva.com/show_bug.cgi?id=22565
-
+ https://curl.se/mail/lib-2008-01/0080.html
 
 19. Build
 

From 8d9aa6d6e12cb35b074dd66da454795c8808a41b Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Tue, 2 Dec 2025 15:53:29 +0100
Subject: [PATCH 1137/2408] tests/servers: put unix-domain-path inside LOGDIR

Change Unix domain socket paths from `/tmp/curl-socksd-` to
`/drive/path/to/LOGDIR/PIDDIR/*-uds` to avoid having to create and
delete them before use. Also to use a path which remains an absolute one
while passed from MSYS2 Perl to native Windows curl tool and test server
via the command-line, and keep pointing to the same location, fixing:
```
=== Start of file commands.log
../src/curl.exe -q --output log/3/curl1468.out --include --trace-ascii log/3/trace1468
  --trace-time http://this.is.a.host.name:64405/1468
  --proxy socks5h://localhost/tmp/curl-socksd-YnbvRo98 [...]
=== End of file commands.log
=== Start of file socks2_server.log
[...]
14:11:54.597968 Listening on Unix socket D:/a/_temp/msys64/tmp/curl-socksd-YnbvRo98
```
Ref: https://github.com/curl/curl/actions/runs/19896583933/job/57028545111?pr=19812

The curl tool is pending #19825 to fix accepting an absolute unix domain
socket path on Windows.

Assisted-by: Viktor Szakats
Closes #19810
---
 tests/servers.pm | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

diff --git a/tests/servers.pm b/tests/servers.pm
index db4b3757b5..f23d897fdd 100644
--- a/tests/servers.pm
+++ b/tests/servers.pm
@@ -195,14 +195,8 @@ use File::Temp qw/ tempfile/;
 #######################################################################
 # Initialize configuration variables
 sub initserverconfig {
-    my ($fh, $socks) = tempfile("curl-socksd-XXXXXXXX", TMPDIR => 1);
-    close($fh);
-    unlink($socks);
-    my ($f2, $http) = tempfile("curl-http-XXXXXXXX", TMPDIR => 1);
-    close($f2);
-    unlink($http);
-    $SOCKSUNIXPATH = $socks; # SOCKS Unix domain socket
-    $HTTPUNIXPATH = $http;   # HTTP Unix domain socket
+    $SOCKSUNIXPATH = "$pwd/$LOGDIR/$PIDDIR/socks-uds"; # SOCKS Unix domain socket
+    $HTTPUNIXPATH = "$pwd/$LOGDIR/$PIDDIR/http-uds";   # HTTP Unix domain socket
     $stunnel = checkcmd("stunnel4") || checkcmd("tstunnel") || checkcmd("stunnel");
 
     # get the name of the current user

From 2d6ade19fc4261e22e9d32a00bf60eabb8694bcb Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Fri, 5 Dec 2025 12:43:37 +0100
Subject: [PATCH 1138/2408] ldap: improve detection of Apple LDAP

When detecting the Apple fork of "legacy" LDAP, replace the `__APPLE__`
macro (which can be present also when using an old mainline OpenLDAP
while building for an Apple platform) with `LDAP_OPT_X_TLS_PASSPHRASE`
which is an Apple-specific macro, merged by Apple in 2007, later adding
the comment 'Apple Specific code'. This macro hasn't been retrofitted
to OpenLDAP since then, and unlikely to happen in the future.

Refs:
https://github.com/apple-oss-distributions/OpenLDAP/commit/c4d990a6cfa0cb71d6dffe6f6aeeb722fd7c627b#diff-0f7a5f85bae4de860b70aabf34aa12b0ecc37e748cd96e203e2d8ddb30a207c3R145
https://github.com/apple-oss-distributions/OpenLDAP/commit/49ac28a486d72f36cd9713b41180b41d34f18ef6#diff-0f7a5f85bae4de860b70aabf34aa12b0ecc37e748cd96e203e2d8ddb30a207c3R166

Follow-up to 859ce48de12986f5bf846c2800dacab893ff12c1 #19832
Closes #19849
---
 lib/ldap.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/ldap.c b/lib/ldap.c
index 92cfa3967f..3dfbb330dc 100644
--- a/lib/ldap.c
+++ b/lib/ldap.c
@@ -1029,7 +1029,7 @@ void Curl_ldap_version(char *buf, size_t bufsz)
 #ifdef USE_WIN32_LDAP
   curl_msnprintf(buf, bufsz, "WinLDAP");
 #else
-#ifdef __APPLE__
+#ifdef LDAP_OPT_X_TLS_PASSPHRASE
   static const char *flavor = "/Apple";
 #else
   static const char *flavor = "";

From 4e051ff5506319ee87e3656be8f76b01de217103 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 4 Dec 2025 23:54:25 +0100
Subject: [PATCH 1139/2408] curlx: limit use of system allocators to the
 minimum possible

Clone a multibye conversion function into curlx/fopen, and use that
local copy from curlx/fopen functions. Adjust allocators in curlx/fopen
to use curl's in normal builds, and system allocators in TrackMemory
builds to avoid recursion.

This allows to switch curlx/multibyte functions to curl allocators in
all configurations, as they are no longer called by curlx/fopen, and
a recursive call can no longer happen.

After this patch the system allocator is only used in TrackMemory
Windows builds, within curlx `fopen`, `freopen`, `stat` and `open`
functions.

Also:
- test 1, 440, 767: raise allocation limitsto fit the extra allocations
  in Windows Unicode builds.
- replace all uses of `curlx_unicodefree()` macro with `curlx_free()`
  across the codebase.
- curlx/multibyte: delete `curlx_unicodefree()`.
- ldap: join Windows and non-Windows codepaths that became
  identical after moving from `curlx_unicodefree()` to `curlx_free()`.
- vauth: drop a strdup from standard to curl allocator since
  the original allocation is now already done by curl's.
- tool_doswin: drop now superfluous strdup from `FindWin32CACert()`.
- memanalyzer.pm: sync weirdo `calloc` log message with `malloc`'s.

Fixes #19748
Closes #19845
---
 lib/curl_sspi.c            | 14 ++++----
 lib/curlx/curlx.h          |  1 -
 lib/curlx/fopen.c          | 69 +++++++++++++++++++++++++++-----------
 lib/curlx/multibyte.c      | 13 +++----
 lib/curlx/multibyte.h      | 27 ++-------------
 lib/ldap.c                 | 15 ++-------
 lib/rename.c               |  8 ++---
 lib/socks_sspi.c           |  4 +--
 lib/vauth/digest_sspi.c    |  8 ++---
 lib/vauth/vauth.c          | 12 ++-----
 lib/vtls/schannel.c        | 16 ++++-----
 lib/vtls/schannel_verify.c |  4 +--
 src/tool_doswin.c          |  7 ++--
 src/tool_filetime.c        |  4 +--
 src/tool_getparam.h        |  2 +-
 tests/data/test1           |  2 +-
 tests/data/test440         |  2 +-
 tests/data/test767         |  2 +-
 tests/memanalyzer.pm       |  3 +-
 19 files changed, 100 insertions(+), 113 deletions(-)

diff --git a/lib/curl_sspi.c b/lib/curl_sspi.c
index 264703d8cd..712fab2e9e 100644
--- a/lib/curl_sspi.c
+++ b/lib/curl_sspi.c
@@ -132,7 +132,7 @@ CURLcode Curl_create_sspi_identity(const char *userp, const char *passwdp,
   /* Setup the identity's user and length */
   dup_user.tchar_ptr = curlx_tcsdup(user.tchar_ptr);
   if(!dup_user.tchar_ptr) {
-    curlx_unicodefree(useranddomain.tchar_ptr);
+    curlx_free(useranddomain.tchar_ptr);
     return CURLE_OUT_OF_MEMORY;
   }
   identity->User = dup_user.tbyte_ptr;
@@ -142,19 +142,19 @@ CURLcode Curl_create_sspi_identity(const char *userp, const char *passwdp,
   /* Setup the identity's domain and length */
   dup_domain.tchar_ptr = curlx_malloc(sizeof(TCHAR) * (domlen + 1));
   if(!dup_domain.tchar_ptr) {
-    curlx_unicodefree(useranddomain.tchar_ptr);
+    curlx_free(useranddomain.tchar_ptr);
     return CURLE_OUT_OF_MEMORY;
   }
   if(_tcsncpy_s(dup_domain.tchar_ptr, domlen + 1, domain.tchar_ptr, domlen)) {
-    curlx_unicodefree(dup_domain.tchar_ptr);
-    curlx_unicodefree(useranddomain.tchar_ptr);
+    curlx_free(dup_domain.tchar_ptr);
+    curlx_free(useranddomain.tchar_ptr);
     return CURLE_OUT_OF_MEMORY;
   }
   identity->Domain = dup_domain.tbyte_ptr;
   identity->DomainLength = curlx_uztoul(domlen);
   dup_domain.tchar_ptr = NULL;
 
-  curlx_unicodefree(useranddomain.tchar_ptr);
+  curlx_free(useranddomain.tchar_ptr);
 
   /* Setup the identity's password and length */
   passwd.tchar_ptr = curlx_convert_UTF8_to_tchar(passwdp);
@@ -162,14 +162,14 @@ CURLcode Curl_create_sspi_identity(const char *userp, const char *passwdp,
     return CURLE_OUT_OF_MEMORY;
   dup_passwd.tchar_ptr = curlx_tcsdup(passwd.tchar_ptr);
   if(!dup_passwd.tchar_ptr) {
-    curlx_unicodefree(passwd.tchar_ptr);
+    curlx_free(passwd.tchar_ptr);
     return CURLE_OUT_OF_MEMORY;
   }
   identity->Password = dup_passwd.tbyte_ptr;
   identity->PasswordLength = curlx_uztoul(_tcslen(dup_passwd.tchar_ptr));
   dup_passwd.tchar_ptr = NULL;
 
-  curlx_unicodefree(passwd.tchar_ptr);
+  curlx_free(passwd.tchar_ptr);
 
   /* Setup the identity's flags */
   identity->Flags = (unsigned long)
diff --git a/lib/curlx/curlx.h b/lib/curlx/curlx.h
index 480e91950d..af46fae671 100644
--- a/lib/curlx/curlx.h
+++ b/lib/curlx/curlx.h
@@ -52,7 +52,6 @@
   curlx_convert_wchar_to_UTF8()
   curlx_convert_UTF8_to_tchar()
   curlx_convert_tchar_to_UTF8()
-  curlx_unicodefree()
 */
 
 #include "version_win32.h"
diff --git a/lib/curlx/fopen.c b/lib/curlx/fopen.c
index 1838b7de8b..c9b7a9c0b5 100644
--- a/lib/curlx/fopen.c
+++ b/lib/curlx/fopen.c
@@ -22,11 +22,6 @@
  *
  ***************************************************************************/
 
-/*
- * Use system allocators to avoid infinite recursion when called by curl's
- * memory tracker memdebug functions.
- */
-
 #include "../curl_setup.h"
 
 #include "fopen.h"
@@ -46,10 +41,43 @@ int curlx_fseek(void *stream, curl_off_t offset, int whence)
 
 #ifdef _WIN32
 
-#include "multibyte.h"
-
 #include   /* for _SH_DENYNO */
 
+#ifdef CURLDEBUG
+/*
+ * Use system allocators to avoid infinite recursion when called by curl's
+ * memory tracker memdebug functions.
+ */
+#define CURLX_MALLOC(x) malloc(x)
+#define CURLX_FREE(x)   free(x)
+#else
+#define CURLX_MALLOC(x) curlx_malloc(x)
+#define CURLX_FREE(x)   curlx_free(x)
+#endif
+
+#ifdef _UNICODE
+static wchar_t *fn_convert_UTF8_to_wchar(const char *str_utf8)
+{
+  wchar_t *str_w = NULL;
+
+  if(str_utf8) {
+    int str_w_len = MultiByteToWideChar(CP_UTF8, MB_ERR_INVALID_CHARS,
+                                        str_utf8, -1, NULL, 0);
+    if(str_w_len > 0) {
+      str_w = CURLX_MALLOC(str_w_len * sizeof(wchar_t));
+      if(str_w) {
+        if(MultiByteToWideChar(CP_UTF8, 0,
+                               str_utf8, -1, str_w, str_w_len) == 0) {
+          CURLX_FREE(str_w);
+          return NULL;
+        }
+      }
+    }
+  }
+  return str_w;
+}
+#endif
+
 /* declare GetFullPathNameW for mingw-w64 UWP builds targeting old windows */
 #if defined(CURL_WINDOWS_UWP) && defined(__MINGW32__) && \
   (_WIN32_WINNT < _WIN32_WINNT_WIN10)
@@ -228,7 +256,7 @@ int curlx_win32_open(const char *filename, int oflag, ...)
   const TCHAR *target = NULL;
 
 #ifdef _UNICODE
-  wchar_t *filename_w = curlx_convert_UTF8_to_wchar(filename);
+  wchar_t *filename_w = fn_convert_UTF8_to_wchar(filename);
 #endif
 
   va_list param;
@@ -244,7 +272,7 @@ int curlx_win32_open(const char *filename, int oflag, ...)
     else
       target = filename_w;
     errno = _wsopen_s(&result, target, oflag, _SH_DENYNO, pmode);
-    curlx_unicodefree(filename_w);
+    CURLX_FREE(filename_w);
   }
   else
     /* !checksrc! disable ERRNOVAR 1 */
@@ -268,8 +296,8 @@ FILE *curlx_win32_fopen(const char *filename, const char *mode)
   const TCHAR *target = NULL;
 
 #ifdef _UNICODE
-  wchar_t *filename_w = curlx_convert_UTF8_to_wchar(filename);
-  wchar_t *mode_w = curlx_convert_UTF8_to_wchar(mode);
+  wchar_t *filename_w = fn_convert_UTF8_to_wchar(filename);
+  wchar_t *mode_w = fn_convert_UTF8_to_wchar(mode);
   if(filename_w && mode_w) {
     if(fix_excessive_path(filename_w, &fixed))
       target = fixed;
@@ -280,8 +308,8 @@ FILE *curlx_win32_fopen(const char *filename, const char *mode)
   else
     /* !checksrc! disable ERRNOVAR 1 */
     errno = EINVAL;
-  curlx_unicodefree(filename_w);
-  curlx_unicodefree(mode_w);
+  CURLX_FREE(filename_w);
+  CURLX_FREE(mode_w);
 #else
   if(fix_excessive_path(filename, &fixed))
     target = fixed;
@@ -306,8 +334,8 @@ FILE *curlx_win32_freopen(const char *filename, const char *mode, FILE *fp)
   const TCHAR *target = NULL;
 
 #ifdef _UNICODE
-  wchar_t *filename_w = curlx_convert_UTF8_to_wchar(filename);
-  wchar_t *mode_w = curlx_convert_UTF8_to_wchar(mode);
+  wchar_t *filename_w = fn_convert_UTF8_to_wchar(filename);
+  wchar_t *mode_w = fn_convert_UTF8_to_wchar(mode);
   if(filename_w && mode_w) {
     if(fix_excessive_path(filename_w, &fixed))
       target = fixed;
@@ -318,8 +346,8 @@ FILE *curlx_win32_freopen(const char *filename, const char *mode, FILE *fp)
   else
     /* !checksrc! disable ERRNOVAR 1 */
     errno = EINVAL;
-  curlx_unicodefree(filename_w);
-  curlx_unicodefree(mode_w);
+  CURLX_FREE(filename_w);
+  CURLX_FREE(mode_w);
 #else
   if(fix_excessive_path(filename, &fixed))
     target = fixed;
@@ -339,7 +367,7 @@ int curlx_win32_stat(const char *path, struct_stat *buffer)
   const TCHAR *target = NULL;
 
 #ifdef _UNICODE
-  wchar_t *path_w = curlx_convert_UTF8_to_wchar(path);
+  wchar_t *path_w = fn_convert_UTF8_to_wchar(path);
   if(path_w) {
     if(fix_excessive_path(path_w, &fixed))
       target = fixed;
@@ -350,7 +378,7 @@ int curlx_win32_stat(const char *path, struct_stat *buffer)
 #else
     result = _wstati64(target, buffer);
 #endif
-    curlx_unicodefree(path_w);
+    CURLX_FREE(path_w);
   }
   else
     /* !checksrc! disable ERRNOVAR 1 */
@@ -371,4 +399,7 @@ int curlx_win32_stat(const char *path, struct_stat *buffer)
   return result;
 }
 
+#undef CURLX_MALLOC
+#undef CURLX_FREE
+
 #endif /* _WIN32 */
diff --git a/lib/curlx/multibyte.c b/lib/curlx/multibyte.c
index 3a33fcedfc..71170df2c5 100644
--- a/lib/curlx/multibyte.c
+++ b/lib/curlx/multibyte.c
@@ -22,11 +22,6 @@
  *
  ***************************************************************************/
 
-/*
- * Use system allocators to avoid infinite recursion when called by curl's
- * memory tracker memdebug functions.
- */
-
 #include "../curl_setup.h"
 
 #if defined(_WIN32) && defined(UNICODE)
@@ -45,11 +40,11 @@ wchar_t *curlx_convert_UTF8_to_wchar(const char *str_utf8)
     int str_w_len = MultiByteToWideChar(CP_UTF8, MB_ERR_INVALID_CHARS,
                                         str_utf8, -1, NULL, 0);
     if(str_w_len > 0) {
-      str_w = CURLX_MALLOC(str_w_len * sizeof(wchar_t));
+      str_w = curlx_malloc(str_w_len * sizeof(wchar_t));
       if(str_w) {
         if(MultiByteToWideChar(CP_UTF8, 0, str_utf8, -1, str_w,
                                str_w_len) == 0) {
-          CURLX_FREE(str_w);
+          curlx_free(str_w);
           return NULL;
         }
       }
@@ -67,11 +62,11 @@ char *curlx_convert_wchar_to_UTF8(const wchar_t *str_w)
     int bytes = WideCharToMultiByte(CP_UTF8, 0, str_w, -1,
                                     NULL, 0, NULL, NULL);
     if(bytes > 0) {
-      str_utf8 = CURLX_MALLOC(bytes);
+      str_utf8 = curlx_malloc(bytes);
       if(str_utf8) {
         if(WideCharToMultiByte(CP_UTF8, 0, str_w, -1, str_utf8, bytes,
                                NULL, NULL) == 0) {
-          CURLX_FREE(str_utf8);
+          curlx_free(str_utf8);
           return NULL;
         }
       }
diff --git a/lib/curlx/multibyte.h b/lib/curlx/multibyte.h
index fd264e180e..8b19257222 100644
--- a/lib/curlx/multibyte.h
+++ b/lib/curlx/multibyte.h
@@ -29,32 +29,16 @@
 
 /*
  * Macros curlx_convert_UTF8_to_tchar(), curlx_convert_tchar_to_UTF8()
- * and curlx_unicodefree() main purpose is to minimize the number of
- * preprocessor conditional directives needed by code using these
- * to differentiate Unicode from non-Unicode builds.
+ * main purpose is to minimize the number of preprocessor conditional
+ * directives needed by code using these to differentiate Unicode from
+ * non-Unicode builds.
  *
  * In the case of a non-Unicode build the tchar strings are char strings that
  * are duplicated via strdup and remain in whatever the passed in encoding is,
  * which is assumed to be UTF-8 but may be other encoding. Therefore the
  * significance of the conversion functions is primarily for Unicode builds.
- *
- * Allocated memory should be free'd with curlx_unicodefree().
- *
- * Use system allocators to avoid infinite recursion when called by curl's
- * memory tracker memdebug functions.
  */
 
-#ifdef CURLDEBUG
-#define CURLX_MALLOC(x) malloc(x)
-#define CURLX_FREE(x)   free(x)
-#else
-#define CURLX_MALLOC(x) curlx_malloc(x)
-#define CURLX_FREE(x)   curlx_free(x)
-#endif
-
-/* the purpose of this macro is to free() without being traced by memdebug */
-#define curlx_unicodefree(ptr) CURLX_FREE(ptr)
-
 #ifdef UNICODE
 
 /* MultiByte conversions using Windows kernel32 library. */
@@ -73,13 +57,8 @@ typedef union {
 
 #else /* !UNICODE */
 
-#ifdef CURLDEBUG
-#define curlx_convert_UTF8_to_tchar(ptr) _strdup(ptr)
-#define curlx_convert_tchar_to_UTF8(ptr) _strdup(ptr)
-#else
 #define curlx_convert_UTF8_to_tchar(ptr) curlx_strdup(ptr)
 #define curlx_convert_tchar_to_UTF8(ptr) curlx_strdup(ptr)
-#endif
 
 typedef union {
   char                *tchar_ptr;
diff --git a/lib/ldap.c b/lib/ldap.c
index 3dfbb330dc..ba9620b4b1 100644
--- a/lib/ldap.c
+++ b/lib/ldap.c
@@ -96,7 +96,7 @@
 #include "connect.h"
 
 #ifdef USE_WIN32_LDAP
-#define FREE_ON_WINLDAP(x) curlx_unicodefree(x)
+#define FREE_ON_WINLDAP(x) curlx_free(x)
 #define curl_ldap_num_t    ULONG
 #else
 #define FREE_ON_WINLDAP(x)
@@ -296,8 +296,8 @@ static ULONG ldap_win_bind(struct Curl_easy *data, LDAP *server,
 
     rc = ldap_simple_bind_s(server, inuser, inpass);
 
-    curlx_unicodefree(inuser);
-    curlx_unicodefree(inpass);
+    curlx_free(inuser);
+    curlx_free(inpass);
   }
 #ifdef USE_WINDOWS_SSPI
   else {
@@ -1000,22 +1000,13 @@ static void ldap_free_urldesc_low(LDAPURLDesc *ludp)
   if(!ludp)
     return;
 
-#ifdef USE_WIN32_LDAP
-  curlx_unicodefree(ludp->lud_dn);
-  curlx_unicodefree(ludp->lud_filter);
-#else
   curlx_free(ludp->lud_dn);
   curlx_free(ludp->lud_filter);
-#endif
 
   if(ludp->lud_attrs) {
     size_t i;
     for(i = 0; i < ludp->lud_attrs_dups; i++) {
-#ifdef USE_WIN32_LDAP
-      curlx_unicodefree(ludp->lud_attrs[i]);
-#else
       curlx_free(ludp->lud_attrs[i]);
-#endif
     }
     curlx_free(ludp->lud_attrs);
   }
diff --git a/lib/rename.c b/lib/rename.c
index d3f80422e6..11cd680aa6 100644
--- a/lib/rename.c
+++ b/lib/rename.c
@@ -46,14 +46,14 @@ int Curl_rename(const char *oldpath, const char *newpath)
   for(;;) {
     timediff_t diff;
     if(MoveFileEx(tchar_oldpath, tchar_newpath, MOVEFILE_REPLACE_EXISTING)) {
-      curlx_unicodefree(tchar_oldpath);
-      curlx_unicodefree(tchar_newpath);
+      curlx_free(tchar_oldpath);
+      curlx_free(tchar_newpath);
       break;
     }
     diff = curlx_timediff_ms(curlx_now(), start);
     if(diff < 0 || diff > max_wait_ms) {
-      curlx_unicodefree(tchar_oldpath);
-      curlx_unicodefree(tchar_newpath);
+      curlx_free(tchar_oldpath);
+      curlx_free(tchar_newpath);
       return 1;
     }
     Sleep(1);
diff --git a/lib/socks_sspi.c b/lib/socks_sspi.c
index 17e875557e..84d530151c 100644
--- a/lib/socks_sspi.c
+++ b/lib/socks_sspi.c
@@ -175,7 +175,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
                                              &output_desc,
                                              &sspi_ret_flags, NULL);
 
-    curlx_unicodefree(sname);
+    curlx_free(sname);
 
     Curl_safefree(sspi_recv_token.pvBuffer);
     sspi_recv_token.cbBuffer = 0;
@@ -298,7 +298,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
     char *user_utf8 = curlx_convert_tchar_to_UTF8(names.sUserName);
     infof(data, "SOCKS5 server authenticated user %s with GSS-API.",
           (user_utf8 ? user_utf8 : "(unknown)"));
-    curlx_unicodefree(user_utf8);
+    curlx_free(user_utf8);
 #endif
     Curl_pSecFn->FreeContextBuffer(names.sUserName);
     names.sUserName = NULL;
diff --git a/lib/vauth/digest_sspi.c b/lib/vauth/digest_sspi.c
index c92b53dcfc..dc3afcc883 100644
--- a/lib/vauth/digest_sspi.c
+++ b/lib/vauth/digest_sspi.c
@@ -273,7 +273,7 @@ CURLcode Curl_override_sspi_http_realm(const char *chlg,
 
           dup_domain.tchar_ptr = curlx_tcsdup(domain.tchar_ptr);
           if(!dup_domain.tchar_ptr) {
-            curlx_unicodefree(domain.tchar_ptr);
+            curlx_free(domain.tchar_ptr);
             return CURLE_OUT_OF_MEMORY;
           }
 
@@ -282,7 +282,7 @@ CURLcode Curl_override_sspi_http_realm(const char *chlg,
           identity->DomainLength = curlx_uztoul(_tcslen(dup_domain.tchar_ptr));
           dup_domain.tchar_ptr = NULL;
 
-          curlx_unicodefree(domain.tchar_ptr);
+          curlx_free(domain.tchar_ptr);
         }
         else {
           /* Unknown specifier, ignore it! */
@@ -579,7 +579,7 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
     digest->http_context = curlx_calloc(1, sizeof(CtxtHandle));
     if(!digest->http_context) {
       Curl_pSecFn->FreeCredentialsHandle(&credentials);
-      curlx_unicodefree(spn);
+      curlx_free(spn);
       Curl_sspi_free_identity(p_identity);
       curlx_free(output_token);
       return CURLE_OUT_OF_MEMORY;
@@ -592,7 +592,7 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
                                                   &chlg_desc, 0,
                                                   digest->http_context,
                                                   &resp_desc, &attrs, NULL);
-    curlx_unicodefree(spn);
+    curlx_free(spn);
 
     if(status == SEC_I_COMPLETE_NEEDED ||
        status == SEC_I_COMPLETE_AND_CONTINUE)
diff --git a/lib/vauth/vauth.c b/lib/vauth/vauth.c
index 9b87bd2c67..25924806f2 100644
--- a/lib/vauth/vauth.c
+++ b/lib/vauth/vauth.c
@@ -71,7 +71,6 @@ TCHAR *Curl_auth_build_spn(const char *service, const char *host,
 {
   char *utf8_spn = NULL;
   TCHAR *tchar_spn = NULL;
-  TCHAR *dupe_tchar_spn = NULL;
 
   (void)realm;
 
@@ -87,16 +86,11 @@ TCHAR *Curl_auth_build_spn(const char *service, const char *host,
   if(!utf8_spn)
     return NULL;
 
-  /* Allocate and return a TCHAR based SPN. Since curlx_convert_UTF8_to_tchar
-     must be freed by curlx_unicodefree we will dupe the result so that the
-     pointer this function returns can be normally free'd. */
+  /* Allocate and return a TCHAR based SPN. */
   tchar_spn = curlx_convert_UTF8_to_tchar(utf8_spn);
   curlx_free(utf8_spn);
-  if(!tchar_spn)
-    return NULL;
-  dupe_tchar_spn = curlx_tcsdup(tchar_spn);
-  curlx_unicodefree(tchar_spn);
-  return dupe_tchar_spn;
+
+  return tchar_spn;
 }
 #endif /* USE_WINDOWS_SSPI */
 
diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c
index 21314d16ec..f1b47cb47f 100644
--- a/lib/vtls/schannel.c
+++ b/lib/vtls/schannel.c
@@ -547,7 +547,7 @@ static CURLcode schannel_acquire_credential_handle(struct Curl_cfilter *cf,
         failf(data, "schannel: Failed to get certificate location"
               " or file for %s",
               data->set.ssl.primary.clientcert);
-        curlx_unicodefree(cert_path);
+        curlx_free(cert_path);
         return result;
       }
     }
@@ -558,7 +558,7 @@ static CURLcode schannel_acquire_credential_handle(struct Curl_cfilter *cf,
             " for %s",
             blob ? "(memory blob)" : data->set.ssl.primary.clientcert);
       curlx_free(cert_store_path);
-      curlx_unicodefree(cert_path);
+      curlx_free(cert_path);
       if(fInCert)
         curlx_fclose(fInCert);
       return CURLE_SSL_CERTPROBLEM;
@@ -576,7 +576,7 @@ static CURLcode schannel_acquire_credential_handle(struct Curl_cfilter *cf,
       const char *cert_showfilename_error = blob ?
         "(memory blob)" : data->set.ssl.primary.clientcert;
       curlx_free(cert_store_path);
-      curlx_unicodefree(cert_path);
+      curlx_free(cert_path);
       if(fInCert) {
         long cert_tell = 0;
         bool continue_reading = fseek(fInCert, 0, SEEK_END) == 0;
@@ -686,8 +686,8 @@ static CURLcode schannel_acquire_credential_handle(struct Curl_cfilter *cf,
               (path_utf8 ? path_utf8 : "(unknown)"),
               GetLastError());
         curlx_free(cert_store_path);
-        curlx_unicodefree(path_utf8);
-        curlx_unicodefree(cert_path);
+        curlx_free(path_utf8);
+        curlx_free(cert_path);
         return CURLE_SSL_CERTPROBLEM;
       }
       curlx_free(cert_store_path);
@@ -701,7 +701,7 @@ static CURLcode schannel_acquire_credential_handle(struct Curl_cfilter *cf,
                               cert_thumbprint_data,
                               &cert_thumbprint.cbData,
                               NULL, NULL)) {
-        curlx_unicodefree(cert_path);
+        curlx_free(cert_path);
         CertCloseStore(cert_store, 0);
         return CURLE_SSL_CERTPROBLEM;
       }
@@ -710,7 +710,7 @@ static CURLcode schannel_acquire_credential_handle(struct Curl_cfilter *cf,
         cert_store, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, 0,
         CERT_FIND_HASH, &cert_thumbprint, NULL);
 
-      curlx_unicodefree(cert_path);
+      curlx_free(cert_path);
 
       if(!client_certs[0]) {
         /* CRYPT_E_NOT_FOUND / E_INVALIDARG */
@@ -1485,7 +1485,7 @@ static void schannel_session_free(void *sessionid)
     cred->refcount--;
     if(cred->refcount == 0) {
       Curl_pSecFn->FreeCredentialsHandle(&cred->cred_handle);
-      curlx_unicodefree(cred->sni_hostname);
+      curlx_free(cred->sni_hostname);
       if(cred->client_cert_store) {
         CertCloseStore(cred->client_cert_store, 0);
         cred->client_cert_store = NULL;
diff --git a/lib/vtls/schannel_verify.c b/lib/vtls/schannel_verify.c
index 77f9177349..f45977bcb6 100644
--- a/lib/vtls/schannel_verify.c
+++ b/lib/vtls/schannel_verify.c
@@ -347,7 +347,7 @@ cleanup:
     CloseHandle(ca_file_handle);
   }
   Curl_safefree(ca_file_buffer);
-  curlx_unicodefree(ca_file_tstr);
+  curlx_free(ca_file_tstr);
 
   return result;
 }
@@ -648,7 +648,7 @@ CURLcode Curl_verify_host(struct Curl_cfilter *cf, struct Curl_easy *data)
 
           result = CURLE_PEER_FAILED_VERIFICATION;
         }
-        curlx_unicodefree(cert_hostname);
+        curlx_free(cert_hostname);
       }
     }
 
diff --git a/src/tool_doswin.c b/src/tool_doswin.c
index 040792f465..855ce0897c 100644
--- a/src/tool_doswin.c
+++ b/src/tool_doswin.c
@@ -593,11 +593,8 @@ CURLcode FindWin32CACert(struct OperationConfig *config,
 
   res_len = SearchPath(NULL, bundle_file, NULL, PATH_MAX, buf, &ptr);
   if(res_len > 0) {
-    char *mstr = curlx_convert_tchar_to_UTF8(buf);
-    tool_safefree(config->cacert);
-    if(mstr)
-      config->cacert = curlx_strdup(mstr);
-    curlx_unicodefree(mstr);
+    curlx_free(config->cacert);
+    config->cacert = curlx_convert_tchar_to_UTF8(buf);
     if(!config->cacert)
       result = CURLE_OUT_OF_MEMORY;
   }
diff --git a/src/tool_filetime.c b/src/tool_filetime.c
index 2d362b4bb7..9e548cd50e 100644
--- a/src/tool_filetime.c
+++ b/src/tool_filetime.c
@@ -47,7 +47,7 @@ int getfiletime(const char *filename, curl_off_t *stamp)
                      (FILE_SHARE_READ | FILE_SHARE_WRITE |
                       FILE_SHARE_DELETE),
                      NULL, OPEN_EXISTING, 0, NULL);
-  curlx_unicodefree(tchar_filename);
+  curlx_free(tchar_filename);
   if(hfile != INVALID_HANDLE_VALUE) {
     FILETIME ft;
     if(GetFileTime(hfile, NULL, NULL, &ft)) {
@@ -113,7 +113,7 @@ void setfiletime(curl_off_t filetime, const char *filename)
                      (FILE_SHARE_READ | FILE_SHARE_WRITE |
                       FILE_SHARE_DELETE),
                      NULL, OPEN_EXISTING, 0, NULL);
-  curlx_unicodefree(tchar_filename);
+  curlx_free(tchar_filename);
   if(hfile != INVALID_HANDLE_VALUE) {
     curl_off_t converted = ((curl_off_t)filetime * 10000000) +
       116444736000000000;
diff --git a/src/tool_getparam.h b/src/tool_getparam.h
index 10b2351874..1b0d8017d5 100644
--- a/src/tool_getparam.h
+++ b/src/tool_getparam.h
@@ -383,7 +383,7 @@ ParameterError parse_args(int argc, argv_item_t argv[]);
 
 #define convert_UTF8_to_tchar(ptr) curlx_convert_UTF8_to_wchar((ptr))
 #define convert_tchar_to_UTF8(ptr) curlx_convert_wchar_to_UTF8((ptr))
-#define unicodefree(ptr)           curlx_unicodefree(ptr)
+#define unicodefree(ptr)           curlx_free(ptr)
 
 #else
 
diff --git a/tests/data/test1 b/tests/data/test1
index ee0b634048..cee68e6943 100644
--- a/tests/data/test1
+++ b/tests/data/test1
@@ -50,7 +50,7 @@ Accept: */*
 
 
 
-Allocations: 120
+Allocations: 135
 Maximum allocated: 136000
 
 
diff --git a/tests/data/test440 b/tests/data/test440
index 127fb16270..39246e4978 100644
--- a/tests/data/test440
+++ b/tests/data/test440
@@ -74,7 +74,7 @@ https://this.hsts.example./%TESTNUMBER
 56
 
 
-Allocations: 145
+Allocations: 160
 
 
 
diff --git a/tests/data/test767 b/tests/data/test767
index 83d68841b0..7561c8adba 100644
--- a/tests/data/test767
+++ b/tests/data/test767
@@ -51,7 +51,7 @@ Accept: */*
 
 
 
-Allocations: 120
+Allocations: 135
 Maximum allocated: 136000
 
 
diff --git a/tests/memanalyzer.pm b/tests/memanalyzer.pm
index 7dbdf7b94a..8c7515e4ff 100644
--- a/tests/memanalyzer.pm
+++ b/tests/memanalyzer.pm
@@ -191,7 +191,8 @@ sub memanalyze {
 
                 if($sizeataddr{$addr} && $sizeataddr{$addr}>0) {
                     # this means weeeeeirdo
-                    push @res, "Mixed debug compile, rebuild curl now\n";
+                    push @res, "Mixed debug compile ($source:$linenum at line $lnum), rebuild curl now\n";
+                    push @res, "We think $sizeataddr{$addr} bytes are already allocated at that memory address: $addr!\n";
                 }
 
                 $sizeataddr{$addr} = $size;

From af5def0738dd53db84a23221be9bf352d8708917 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 4 Dec 2025 22:48:20 +0100
Subject: [PATCH 1140/2408] tidy-up: avoid `(())`, clang-format fixes and more

- drop redundant parentheses from macro definitions.
- apply clang-format in some places missed earlier.
- wolfssl: fix a macro guard comment.
- curl_setup.h: drop empty lines
- FAQ: fix C formatting.

Closes #19854
---
 docs/FAQ                  |   2 +-
 lib/conncache.c           |   6 +-
 lib/curl_setup.h          |  19 +-
 lib/curl_setup_once.h     |  10 +-
 lib/curlx/base64.c        |  13 +-
 lib/curlx/multibyte.h     |   4 +-
 lib/curlx/strparse.h      |   2 +-
 lib/vtls/wolfssl.c        |   4 +-
 src/tool_bname.h          |   2 +-
 src/tool_dirhie.c         |   2 +-
 src/tool_getparam.h       |   6 +-
 tests/libtest/first.h     | 705 ++++++++++++++++++++------------------
 tests/libtest/unitcheck.h |   3 +-
 13 files changed, 404 insertions(+), 374 deletions(-)

diff --git a/docs/FAQ b/docs/FAQ
index 15cfee848c..2e5e5901be 100644
--- a/docs/FAQ
+++ b/docs/FAQ
@@ -1157,7 +1157,7 @@ FAQ
           struct MemoryStruct *mem = (struct MemoryStruct *)data;
 
           mem->memory = (char *)realloc(mem->memory, mem->size + realsize + 1);
-          if (mem->memory) {
+          if(mem->memory) {
             memcpy(&(mem->memory[mem->size]), ptr, realsize);
             mem->size += realsize;
             mem->memory[mem->size] = 0;
diff --git a/lib/conncache.c b/lib/conncache.c
index 18b760afe0..54248d14ad 100644
--- a/lib/conncache.c
+++ b/lib/conncache.c
@@ -48,9 +48,9 @@
 
 #define CPOOL_IS_LOCKED(c)    ((c) && (c)->locked)
 
-#define CPOOL_LOCK(c,d)                                                 \
+#define CPOOL_LOCK(c, d)                                                \
   do {                                                                  \
-    if((c)) {                                                           \
+    if(c) {                                                             \
       if(CURL_SHARE_KEEP_CONNECT((c)->share))                           \
         Curl_share_lock((d), CURL_LOCK_DATA_CONNECT,                    \
                         CURL_LOCK_ACCESS_SINGLE);                       \
@@ -61,7 +61,7 @@
 
 #define CPOOL_UNLOCK(c,d)                                               \
   do {                                                                  \
-    if((c)) {                                                           \
+    if(c) {                                                             \
       DEBUGASSERT((c)->locked);                                         \
       (c)->locked = FALSE;                                              \
       if(CURL_SHARE_KEEP_CONNECT((c)->share))                           \
diff --git a/lib/curl_setup.h b/lib/curl_setup.h
index ca275df0ad..c4be90b655 100644
--- a/lib/curl_setup.h
+++ b/lib/curl_setup.h
@@ -180,7 +180,6 @@
  * AIX 4.3 and newer needs _THREAD_SAFE defined to build
  * proper reentrant code. Others may also need it.
  */
-
 #ifdef NEED_THREAD_SAFE
 #  ifndef _THREAD_SAFE
 #  define _THREAD_SAFE
@@ -192,7 +191,6 @@
  * things to appear in the system header files. Unixware needs it
  * to build proper reentrant code. Others may also need it.
  */
-
 #ifdef NEED_REENTRANT
 #  ifndef _REENTRANT
 #  define _REENTRANT
@@ -219,7 +217,6 @@
 /*
  * Disable other protocols when http is the only one desired.
  */
-
 #ifdef HTTP_ONLY
 #  ifndef CURL_DISABLE_DICT
 #  define CURL_DISABLE_DICT
@@ -268,7 +265,6 @@
 /*
  * When http is disabled rtsp is not supported.
  */
-
 #if defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_RTSP)
 #  define CURL_DISABLE_RTSP
 #endif
@@ -276,7 +272,6 @@
 /*
  * When HTTP is disabled, disable HTTP-only features
  */
-
 #ifdef CURL_DISABLE_HTTP
 #  define CURL_DISABLE_ALTSVC 1
 #  define CURL_DISABLE_COOKIES 1
@@ -298,7 +293,6 @@
 /*
  * OS/400 setup file includes some system headers.
  */
-
 #ifdef __OS400__
 #  include "setup-os400.h"
 #endif
@@ -306,7 +300,6 @@
 /*
  * VMS setup file includes some system headers.
  */
-
 #ifdef __VMS
 #  include "setup-vms.h"
 #endif
@@ -314,7 +307,6 @@
 /*
  * Windows setup file includes some system headers.
  */
-
 #ifdef _WIN32
 #  include "setup-win32.h"
 #endif
@@ -340,7 +332,6 @@
 #endif
 
 /* based on logic in "curl/mprintf.h" */
-
 #if (defined(__GNUC__) || defined(__clang__) ||                         \
   defined(__IAR_SYSTEMS_ICC__)) &&                                      \
   defined(__STDC_VERSION__) && (__STDC_VERSION__ >= 199901L) &&         \
@@ -612,10 +603,10 @@
 #if SIZEOF_LONG > SIZEOF_SIZE_T
 #error "unexpected: 'long' is larger than 'size_t'"
 #endif
+
 /*
  * Arg 2 type for gethostname in case it has not been defined in config file.
  */
-
 #ifndef GETHOSTNAME_TYPE_ARG2
 #  ifdef USE_WINSOCK
 #    define GETHOSTNAME_TYPE_ARG2 int
@@ -625,10 +616,9 @@
 #endif
 
 /* Below we define some functions. They should
-
    4. set the SIGALRM signal timeout
    5. set dir/file naming defines
-   */
+ */
 
 #ifdef _WIN32
 
@@ -664,7 +654,6 @@
 /*
  * Mutually exclusive CURLRES_* definitions.
  */
-
 #if defined(USE_IPV6) && defined(HAVE_GETADDRINFO)
 #  define CURLRES_IPV6
 #elif defined(USE_IPV6) && (defined(_WIN32) || defined(__CYGWIN__))
@@ -792,7 +781,6 @@
 /*
  * Include macros and defines that should only be processed once.
  */
-
 #ifndef HEADER_CURL_SETUP_ONCE_H
 #include "curl_setup_once.h"
 #endif
@@ -800,7 +788,6 @@
 /*
  * Definition of our NOP statement Object-like macro
  */
-
 #ifndef Curl_nop_stmt
 #define Curl_nop_stmt do { } while(0)
 #endif
@@ -808,7 +795,6 @@
 /*
  * Ensure that Winsock and lwIP TCP/IP stacks are not mixed.
  */
-
 #if defined(__LWIP_OPT_H__) || defined(LWIP_HDR_OPT_H)
 #  if defined(SOCKET) || defined(USE_WINSOCK)
 #    error "Winsock and lwIP TCP/IP stack definitions shall not coexist!"
@@ -818,7 +804,6 @@
 /*
  * shutdown() flags for systems that do not define them
  */
-
 #ifndef SHUT_RD
 #define SHUT_RD 0x00
 #endif
diff --git a/lib/curl_setup_once.h b/lib/curl_setup_once.h
index cf494b2ba8..f9395aa7b5 100644
--- a/lib/curl_setup_once.h
+++ b/lib/curl_setup_once.h
@@ -181,15 +181,15 @@ struct timeval {
  * Function-like macro definition used to close a socket.
  */
 #ifdef HAVE_CLOSESOCKET
-#  define CURL_SCLOSE(x)  closesocket((x))
+#  define CURL_SCLOSE(x)  closesocket(x)
 #elif defined(HAVE_CLOSESOCKET_CAMEL)
-#  define CURL_SCLOSE(x)  CloseSocket((x))
+#  define CURL_SCLOSE(x)  CloseSocket(x)
 #elif defined(MSDOS)  /* Watt-32 */
-#  define CURL_SCLOSE(x)  close_s((x))
+#  define CURL_SCLOSE(x)  close_s(x)
 #elif defined(USE_LWIPSOCK)
-#  define CURL_SCLOSE(x)  lwip_close((x))
+#  define CURL_SCLOSE(x)  lwip_close(x)
 #else
-#  define CURL_SCLOSE(x)  close((x))
+#  define CURL_SCLOSE(x)  close(x)
 #endif
 
 /*
diff --git a/lib/curlx/base64.c b/lib/curlx/base64.c
index 4fc525387e..6ea1e425b4 100644
--- a/lib/curlx/base64.c
+++ b/lib/curlx/base64.c
@@ -39,12 +39,13 @@ const char Curl_base64encdec[] =
 static const char base64url[] =
   "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_";
 
-static const unsigned char decodetable[] =
-{ 62, 255, 255, 255, 63, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 255, 255, 255,
-  255, 255, 255, 255, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16,
-  17, 18, 19, 20, 21, 22, 23, 24, 25, 255, 255, 255, 255, 255, 255, 26, 27, 28,
-  29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47,
-  48, 49, 50, 51 };
+static const unsigned char decodetable[] = {
+  62,  255, 255, 255, 63,  52,  53, 54, 55, 56, 57, 58, 59, 60, 61, 255,
+  255, 255, 255, 255, 255, 255, 0,  1,  2,  3,  4,  5,  6,  7,  8,  9,
+  10,  11,  12,  13,  14,  15,  16, 17, 18, 19, 20, 21, 22, 23, 24, 25,
+  255, 255, 255, 255, 255, 255, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35,
+  36,  37,  38,  39,  40,  41,  42, 43, 44, 45, 46, 47, 48, 49, 50, 51
+};
 /*
  * curlx_base64_decode()
  *
diff --git a/lib/curlx/multibyte.h b/lib/curlx/multibyte.h
index 8b19257222..26da0f0843 100644
--- a/lib/curlx/multibyte.h
+++ b/lib/curlx/multibyte.h
@@ -45,8 +45,8 @@
 wchar_t *curlx_convert_UTF8_to_wchar(const char *str_utf8);
 char *curlx_convert_wchar_to_UTF8(const wchar_t *str_w);
 
-#define curlx_convert_UTF8_to_tchar(ptr) curlx_convert_UTF8_to_wchar((ptr))
-#define curlx_convert_tchar_to_UTF8(ptr) curlx_convert_wchar_to_UTF8((ptr))
+#define curlx_convert_UTF8_to_tchar(ptr) curlx_convert_UTF8_to_wchar(ptr)
+#define curlx_convert_tchar_to_UTF8(ptr) curlx_convert_wchar_to_UTF8(ptr)
 
 typedef union {
   unsigned short       *tchar_ptr;
diff --git a/lib/curlx/strparse.h b/lib/curlx/strparse.h
index 6a0bf28d6c..7fb90ac40f 100644
--- a/lib/curlx/strparse.h
+++ b/lib/curlx/strparse.h
@@ -45,7 +45,7 @@ struct Curl_str {
 void curlx_str_init(struct Curl_str *out);
 void curlx_str_assign(struct Curl_str *out, const char *str, size_t len);
 
-#define curlx_str(x) ((x)->str)
+#define curlx_str(x)    ((x)->str)
 #define curlx_strlen(x) ((x)->len)
 
 /* Get a word until the first space
diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c
index cfefeb9320..d4d586b0ea 100644
--- a/lib/vtls/wolfssl.c
+++ b/lib/vtls/wolfssl.c
@@ -1515,7 +1515,7 @@ static CURLcode wssl_connect_step1(struct Curl_cfilter *cf,
     wolfSSL_BIO_set_data(bio, cf);
     wolfSSL_set_bio(wssl->ssl, bio, bio);
   }
-#else /* USE_BIO_CHAIN */
+#else /* !USE_BIO_CHAIN */
   curl_socket_t sockfd = Curl_conn_cf_get_socket(cf, data);
   if(sockfd > INT_MAX) {
     failf(data, "SSL: socket value too large");
@@ -1526,7 +1526,7 @@ static CURLcode wssl_connect_step1(struct Curl_cfilter *cf,
     failf(data, "SSL: wolfSSL_set_fd failed");
     return CURLE_SSL_CONNECT_ERROR;
   }
-#endif /* !USE_BIO_CHAIN */
+#endif /* USE_BIO_CHAIN */
 
   return CURLE_OK;
 }
diff --git a/src/tool_bname.h b/src/tool_bname.h
index d091c2231a..4047c5cc78 100644
--- a/src/tool_bname.h
+++ b/src/tool_bname.h
@@ -29,7 +29,7 @@
 
 char *tool_basename(char *path);
 
-#define basename(x) tool_basename((x))
+#define basename(x) tool_basename(x)
 
 #endif /* HAVE_BASENAME */
 
diff --git a/src/tool_dirhie.c b/src/tool_dirhie.c
index 058403d666..e0eef03a11 100644
--- a/src/tool_dirhie.c
+++ b/src/tool_dirhie.c
@@ -31,7 +31,7 @@
 #include "tool_msgs.h"
 
 #if defined(_WIN32) || (defined(MSDOS) && !defined(__DJGPP__))
-#  define mkdir(x, y) (mkdir)((x))
+#  define mkdir(x, y) (mkdir)(x)
 #  ifndef F_OK
 #  define F_OK 0
 #  endif
diff --git a/src/tool_getparam.h b/src/tool_getparam.h
index 1b0d8017d5..44eb361edc 100644
--- a/src/tool_getparam.h
+++ b/src/tool_getparam.h
@@ -381,15 +381,15 @@ ParameterError parse_args(int argc, argv_item_t argv[]);
 
 #if defined(UNICODE) && defined(_WIN32)
 
-#define convert_UTF8_to_tchar(ptr) curlx_convert_UTF8_to_wchar((ptr))
-#define convert_tchar_to_UTF8(ptr) curlx_convert_wchar_to_UTF8((ptr))
+#define convert_UTF8_to_tchar(ptr) curlx_convert_UTF8_to_wchar(ptr)
+#define convert_tchar_to_UTF8(ptr) curlx_convert_wchar_to_UTF8(ptr)
 #define unicodefree(ptr)           curlx_free(ptr)
 
 #else
 
 #define convert_UTF8_to_tchar(ptr) (const char *)(ptr)
 #define convert_tchar_to_UTF8(ptr) (const char *)(ptr)
-#define unicodefree(ptr) do {} while(0)
+#define unicodefree(ptr)           do {} while(0)
 
 #endif
 
diff --git a/tests/libtest/first.h b/tests/libtest/first.h
index 2ad600ef60..c536adc2ca 100644
--- a/tests/libtest/first.h
+++ b/tests/libtest/first.h
@@ -59,12 +59,12 @@ extern int unitfail; /* for unittests */
 #define CURL_GNUC_DIAG
 #endif
 
-#define test_setopt(A, B, C)                                    \
-  if((res = curl_easy_setopt((A), (B), (C))) != CURLE_OK)       \
+#define test_setopt(A, B, C)                        \
+  if((res = curl_easy_setopt(A, B, C)) != CURLE_OK) \
     goto test_cleanup
 
-#define test_multi_setopt(A, B, C)                              \
-  if((res = curl_multi_setopt((A), (B), (C))) != CURLE_OK)      \
+#define test_multi_setopt(A, B, C)                   \
+  if((res = curl_multi_setopt(A, B, C)) != CURLE_OK) \
     goto test_cleanup
 
 extern const char *libtest_arg2; /* set by first.c to the argv[2] or NULL */
@@ -144,376 +144,419 @@ void ws_close(CURL *curl);
 
 /* ---------------------------------------------------------------- */
 
-#define exe_easy_init(A, Y, Z) do {                                     \
-  if(((A) = curl_easy_init()) == NULL) {                                \
-    curl_mfprintf(stderr, "%s:%d curl_easy_init() failed\n", (Y), (Z)); \
-    res = TEST_ERR_EASY_INIT;                                           \
-  }                                                                     \
-} while(0)
+#define exe_easy_init(A, Y, Z)                                        \
+  do {                                                                \
+    if(((A) = curl_easy_init()) == NULL) {                            \
+      curl_mfprintf(stderr, "%s:%d curl_easy_init() failed\n", Y, Z); \
+      res = TEST_ERR_EASY_INIT;                                       \
+    }                                                                 \
+  } while(0)
 
 #define res_easy_init(A) \
-  exe_easy_init((A), (__FILE__), (__LINE__))
+  exe_easy_init(A, __FILE__, __LINE__)
 
-#define chk_easy_init(A, Y, Z) do { \
-  exe_easy_init((A), (Y), (Z));     \
-  if(res)                           \
-    goto test_cleanup;              \
-} while(0)
+#define chk_easy_init(A, Y, Z) \
+  do {                         \
+    exe_easy_init(A, Y, Z);    \
+    if(res)                    \
+      goto test_cleanup;       \
+  } while(0)
 
 #define easy_init(A) \
-  chk_easy_init((A), (__FILE__), (__LINE__))
+  chk_easy_init(A, __FILE__, __LINE__)
 
 /* ---------------------------------------------------------------- */
 
-#define exe_multi_init(A, Y, Z) do {                                     \
-  if(((A) = curl_multi_init()) == NULL) {                                \
-    curl_mfprintf(stderr, "%s:%d curl_multi_init() failed\n", (Y), (Z)); \
-    res = TEST_ERR_MULTI;                                                \
-  }                                                                      \
-} while(0)
+#define exe_multi_init(A, Y, Z)                                        \
+  do {                                                                 \
+    if(((A) = curl_multi_init()) == NULL) {                            \
+      curl_mfprintf(stderr, "%s:%d curl_multi_init() failed\n", Y, Z); \
+      res = TEST_ERR_MULTI;                                            \
+    }                                                                  \
+  } while(0)
 
 #define res_multi_init(A) \
-  exe_multi_init((A), (__FILE__), (__LINE__))
+  exe_multi_init(A, __FILE__, __LINE__)
 
-#define chk_multi_init(A, Y, Z) do { \
-  exe_multi_init((A), (Y), (Z));     \
-  if(res)                            \
-    goto test_cleanup;               \
-} while(0)
+#define chk_multi_init(A, Y, Z) \
+  do {                          \
+    exe_multi_init(A, Y, Z);    \
+    if(res)                     \
+      goto test_cleanup;        \
+  } while(0)
 
 #define multi_init(A) \
-  chk_multi_init((A), (__FILE__), (__LINE__))
+  chk_multi_init(A, __FILE__, __LINE__)
 
 /* ---------------------------------------------------------------- */
 
-#define exe_easy_setopt(A, B, C, Y, Z) do {                   \
-  CURLcode ec;                                                \
-  if((ec = curl_easy_setopt((A), (B), (C))) != CURLE_OK) {    \
-    curl_mfprintf(stderr, "%s:%d curl_easy_setopt() failed, " \
-                  "with code %d (%s)\n",                      \
-                  (Y), (Z), ec, curl_easy_strerror(ec));      \
-    res = ec;                                                 \
-  }                                                           \
-} while(0)
+#define exe_easy_setopt(A, B, C, Y, Z)                  \
+  do {                                                  \
+    CURLcode ec;                                        \
+    if((ec = curl_easy_setopt(A, B, C)) != CURLE_OK) {  \
+      curl_mfprintf(stderr,                             \
+                    "%s:%d curl_easy_setopt() failed, " \
+                    "with code %d (%s)\n",              \
+                    Y, Z, ec, curl_easy_strerror(ec));  \
+      res = ec;                                         \
+    }                                                   \
+  } while(0)
 
 #define res_easy_setopt(A, B, C) \
-  exe_easy_setopt((A), (B), (C), (__FILE__), (__LINE__))
+  exe_easy_setopt(A, B, C, __FILE__, __LINE__)
 
-#define chk_easy_setopt(A, B, C, Y, Z) do { \
-  exe_easy_setopt((A), (B), (C), (Y), (Z)); \
-  if(res)                                   \
-    goto test_cleanup;                      \
-} while(0)
+#define chk_easy_setopt(A, B, C, Y, Z) \
+  do {                                 \
+    exe_easy_setopt(A, B, C, Y, Z);    \
+    if(res)                            \
+      goto test_cleanup;               \
+  } while(0)
 
 #define easy_setopt(A, B, C) \
-  chk_easy_setopt((A), (B), (C), (__FILE__), (__LINE__))
+  chk_easy_setopt(A, B, C, __FILE__, __LINE__)
 
 /* ---------------------------------------------------------------- */
 
-#define exe_multi_setopt(A, B, C, Y, Z) do {                   \
-  CURLMcode ec;                                                \
-  if((ec = curl_multi_setopt((A), (B), (C))) != CURLM_OK) {    \
-    curl_mfprintf(stderr, "%s:%d curl_multi_setopt() failed, " \
-                  "with code %d (%s)\n",                       \
-                  (Y), (Z), ec, curl_multi_strerror(ec));      \
-    res = TEST_ERR_MULTI;                                      \
-  }                                                            \
-} while(0)
+#define exe_multi_setopt(A, B, C, Y, Z)                  \
+  do {                                                   \
+    CURLMcode ec;                                        \
+    if((ec = curl_multi_setopt(A, B, C)) != CURLM_OK) {  \
+      curl_mfprintf(stderr,                              \
+                    "%s:%d curl_multi_setopt() failed, " \
+                    "with code %d (%s)\n",               \
+                    Y, Z, ec, curl_multi_strerror(ec));  \
+      res = TEST_ERR_MULTI;                              \
+    }                                                    \
+  } while(0)
 
 #define res_multi_setopt(A, B, C) \
-  exe_multi_setopt((A), (B), (C), (__FILE__), (__LINE__))
+  exe_multi_setopt(A, B, C, __FILE__, __LINE__)
 
-#define chk_multi_setopt(A, B, C, Y, Z) do { \
-  exe_multi_setopt((A), (B), (C), (Y), (Z)); \
-  if(res)                                    \
-    goto test_cleanup;                       \
-} while(0)
-
-#define multi_setopt(A, B, C) \
-  chk_multi_setopt((A), (B), (C), (__FILE__), (__LINE__))
-
-/* ---------------------------------------------------------------- */
-
-#define exe_multi_add_handle(A, B, Y, Z) do {                      \
-  CURLMcode ec;                                                    \
-  if((ec = curl_multi_add_handle((A), (B))) != CURLM_OK) {         \
-    curl_mfprintf(stderr, "%s:%d curl_multi_add_handle() failed, " \
-                  "with code %d (%s)\n",                           \
-                  (Y), (Z), ec, curl_multi_strerror(ec));          \
-    res = TEST_ERR_MULTI;                                          \
-  }                                                                \
-} while(0)
-
-#define res_multi_add_handle(A, B) \
-  exe_multi_add_handle((A), (B), (__FILE__), (__LINE__))
-
-#define chk_multi_add_handle(A, B, Y, Z) do { \
-  exe_multi_add_handle((A), (B), (Y), (Z));   \
-  if(res)                                     \
-    goto test_cleanup;                        \
-} while(0)
-
-#define multi_add_handle(A, B) \
-  chk_multi_add_handle((A), (B), (__FILE__), (__LINE__))
-
-/* ---------------------------------------------------------------- */
-
-#define exe_multi_remove_handle(A, B, Y, Z) do {                      \
-  CURLMcode ec;                                                       \
-  if((ec = curl_multi_remove_handle((A), (B))) != CURLM_OK) {         \
-    curl_mfprintf(stderr, "%s:%d curl_multi_remove_handle() failed, " \
-                  "with code %d (%s)\n",                              \
-                  (Y), (Z), ec, curl_multi_strerror(ec));             \
-    res = TEST_ERR_MULTI;                                             \
-  }                                                                   \
-} while(0)
-
-#define res_multi_remove_handle(A, B) \
-  exe_multi_remove_handle((A), (B), (__FILE__), (__LINE__))
-
-#define chk_multi_remove_handle(A, B, Y, Z) do { \
-  exe_multi_remove_handle((A), (B), (Y), (Z));   \
-  if(res)                                        \
-    goto test_cleanup;                           \
-} while(0)
-
-
-#define multi_remove_handle(A, B) \
-  chk_multi_remove_handle((A), (B), (__FILE__), (__LINE__))
-
-/* ---------------------------------------------------------------- */
-
-#define exe_multi_perform(A, B, Y, Z) do {                             \
-  CURLMcode ec;                                                        \
-  if((ec = curl_multi_perform((A), (B))) != CURLM_OK) {                \
-    curl_mfprintf(stderr, "%s:%d curl_multi_perform() failed, "        \
-                  "with code %d (%s)\n",                               \
-                  (Y), (Z), ec, curl_multi_strerror(ec));              \
-    res = TEST_ERR_MULTI;                                              \
-  }                                                                    \
-  else if(*((B)) < 0) {                                                \
-    curl_mfprintf(stderr, "%s:%d curl_multi_perform() succeeded, "     \
-                  "but returned invalid running_handles value (%d)\n", \
-                  (Y), (Z), (int)*((B)));                              \
-    res = TEST_ERR_NUM_HANDLES;                                        \
-  }                                                                    \
-} while(0)
-
-#define res_multi_perform(A, B) \
-  exe_multi_perform((A), (B), (__FILE__), (__LINE__))
-
-#define chk_multi_perform(A, B, Y, Z) do { \
-  exe_multi_perform((A), (B), (Y), (Z));   \
-  if(res)                                  \
-    goto test_cleanup;                     \
-} while(0)
-
-#define multi_perform(A, B) \
-  chk_multi_perform((A), (B), (__FILE__), (__LINE__))
-
-/* ---------------------------------------------------------------- */
-
-#define exe_multi_fdset(A, B, C, D, E, Y, Z) do {                    \
-  CURLMcode ec;                                                      \
-  if((ec = curl_multi_fdset((A), (B), (C), (D), (E))) != CURLM_OK) { \
-    curl_mfprintf(stderr, "%s:%d curl_multi_fdset() failed, "        \
-                  "with code %d (%s)\n",                             \
-                  (Y), (Z), ec, curl_multi_strerror(ec));            \
-    res = TEST_ERR_MULTI;                                            \
-  }                                                                  \
-  else if(*((E)) < -1) {                                             \
-    curl_mfprintf(stderr, "%s:%d curl_multi_fdset() succeeded, "     \
-                  "but returned invalid max_fd value (%d)\n",        \
-                  (Y), (Z), (int)*((E)));                            \
-    res = TEST_ERR_NUM_HANDLES;                                      \
-  }                                                                  \
-} while(0)
-
-#define res_multi_fdset(A, B, C, D, E) \
-  exe_multi_fdset((A), (B), (C), (D), (E), (__FILE__), (__LINE__))
-
-#define chk_multi_fdset(A, B, C, D, E, Y, Z) do {       \
-    exe_multi_fdset((A), (B), (C), (D), (E), (Y), (Z)); \
-    if(res)                                             \
-      goto test_cleanup;                                \
-  } while(0)
-
-#define multi_fdset(A, B, C, D, E) \
-  chk_multi_fdset((A), (B), (C), (D), (E), (__FILE__), (__LINE__))
-
-/* ---------------------------------------------------------------- */
-
-#define exe_multi_timeout(A, B, Y, Z) do {                         \
-  CURLMcode ec;                                                    \
-  if((ec = curl_multi_timeout((A), (B))) != CURLM_OK) {            \
-    curl_mfprintf(stderr, "%s:%d curl_multi_timeout() failed, "    \
-                  "with code %d (%s)\n",                           \
-                  (Y), (Z), ec, curl_multi_strerror(ec));          \
-    res = TEST_ERR_BAD_TIMEOUT;                                    \
-  }                                                                \
-  else if(*((B)) < -1L) {                                          \
-    curl_mfprintf(stderr, "%s:%d curl_multi_timeout() succeeded, " \
-                  "but returned invalid timeout value (%ld)\n",    \
-                  (Y), (Z), (long)*((B)));                         \
-    res = TEST_ERR_BAD_TIMEOUT;                                    \
-  }                                                                \
-} while(0)
-
-#define res_multi_timeout(A, B) \
-  exe_multi_timeout((A), (B), (__FILE__), (__LINE__))
-
-#define chk_multi_timeout(A, B, Y, Z) do { \
-    exe_multi_timeout((A), (B), (Y), (Z)); \
-    if(res)                                \
-      goto test_cleanup;                   \
-  } while(0)
-
-#define multi_timeout(A, B) \
-  chk_multi_timeout((A), (B), (__FILE__), (__LINE__))
-
-/* ---------------------------------------------------------------- */
-
-#define exe_multi_poll(A, B, C, D, E, Y, Z) do {                    \
-  CURLMcode ec;                                                     \
-  if((ec = curl_multi_poll((A), (B), (C), (D), (E))) != CURLM_OK) { \
-    curl_mfprintf(stderr, "%s:%d curl_multi_poll() failed, "        \
-                  "with code %d (%s)\n",                            \
-                  (Y), (Z), ec, curl_multi_strerror(ec));           \
-    res = TEST_ERR_MULTI;                                           \
-  }                                                                 \
-  else if(*((E)) < 0) {                                             \
-    curl_mfprintf(stderr, "%s:%d curl_multi_poll() succeeded, "     \
-                  "but returned invalid numfds value (%d)\n",       \
-                  (Y), (Z), (int)*((E)));                           \
-    res = TEST_ERR_NUM_HANDLES;                                     \
-  }                                                                 \
-} while(0)
-
-#define res_multi_poll(A, B, C, D, E) \
-  exe_multi_poll((A), (B), (C), (D), (E), (__FILE__), (__LINE__))
-
-#define chk_multi_poll(A, B, C, D, E, Y, Z) do {     \
-  exe_multi_poll((A), (B), (C), (D), (E), (Y), (Z)); \
-  if(res)                                            \
-    goto test_cleanup;                               \
-} while(0)
-
-#define multi_poll(A, B, C, D, E) \
-  chk_multi_poll((A), (B), (C), (D), (E), (__FILE__), (__LINE__))
-
-/* ---------------------------------------------------------------- */
-
-#define exe_multi_wakeup(A, Y, Z) do {                         \
-  CURLMcode ec;                                                \
-  if((ec = curl_multi_wakeup((A))) != CURLM_OK) {              \
-    curl_mfprintf(stderr, "%s:%d curl_multi_wakeup() failed, " \
-                  "with code %d (%s)\n",                       \
-                  (Y), (Z), ec, curl_multi_strerror(ec));      \
-    res = TEST_ERR_MULTI;                                      \
-  }                                                            \
-} while(0)
-
-#define res_multi_wakeup(A) \
-  exe_multi_wakeup((A), (__FILE__), (__LINE__))
-
-#define chk_multi_wakeup(A, Y, Z) do { \
-  exe_multi_wakeup((A), (Y), (Z));     \
-  if(res)                              \
-    goto test_cleanup;                 \
-} while(0)
-
-#define multi_wakeup(A) \
-  chk_multi_wakeup((A), (__FILE__), (__LINE__))
-
-/* ---------------------------------------------------------------- */
-
-#define exe_select_test(A, B, C, D, E, Y, Z) do {                  \
-    int ec;                                                        \
-    if(select_wrapper((A), (B), (C), (D), (E)) == -1) {            \
-      char ecbuf[STRERROR_LEN];                                    \
-      ec = SOCKERRNO;                                              \
-      curl_mfprintf(stderr, "%s:%d select() failed, with "         \
-                    "errno %d (%s)\n",                             \
-                    (Y), (Z),                                      \
-                    ec, curlx_strerror(ec, ecbuf, sizeof(ecbuf))); \
-      res = TEST_ERR_SELECT;                                       \
-    }                                                              \
-  } while(0)
-
-#define res_select_test(A, B, C, D, E) \
-  exe_select_test((A), (B), (C), (D), (E), (__FILE__), (__LINE__))
-
-#define chk_select_test(A, B, C, D, E, Y, Z) do {       \
-    exe_select_test((A), (B), (C), (D), (E), (Y), (Z)); \
-    if(res)                                             \
-      goto test_cleanup;                                \
-  } while(0)
-
-#define select_test(A, B, C, D, E) \
-  chk_select_test((A), (B), (C), (D), (E), (__FILE__), (__LINE__))
-
-/* ---------------------------------------------------------------- */
-
-#define start_test_timing() do { \
-  tv_test_start = curlx_now(); \
-} while(0)
-
-#define TEST_HANG_TIMEOUT 60 * 1000  /* global default */
-
-#define exe_test_timedout(T, Y, Z) do {                                 \
-  timediff_t timediff = curlx_timediff_ms(curlx_now(), tv_test_start);  \
-  if(timediff > (T)) {                                                  \
-    curl_mfprintf(stderr, "%s:%d ABORTING TEST, since it seems "        \
-                  "that it would have run forever (%ld ms > %ld ms)\n", \
-                  (Y), (Z), (long)timediff, (long)(TEST_HANG_TIMEOUT)); \
-    res = TEST_ERR_RUNS_FOREVER;                                        \
-  }                                                                     \
-} while(0)
-
-#define res_test_timedout() \
-  exe_test_timedout(TEST_HANG_TIMEOUT, (__FILE__), (__LINE__))
-
-#define res_test_timedout_custom(T) \
-  exe_test_timedout((T), (__FILE__), (__LINE__))
-
-#define chk_test_timedout(T, Y, Z) do { \
-    exe_test_timedout(T, Y, Z);         \
+#define chk_multi_setopt(A, B, C, Y, Z) \
+  do {                                  \
+    exe_multi_setopt(A, B, C, Y, Z);    \
     if(res)                             \
       goto test_cleanup;                \
   } while(0)
 
-#define abort_on_test_timeout() \
-  chk_test_timedout(TEST_HANG_TIMEOUT, (__FILE__), (__LINE__))
-
-#define abort_on_test_timeout_custom(T) \
-  chk_test_timedout((T), (__FILE__), (__LINE__))
+#define multi_setopt(A, B, C) \
+  chk_multi_setopt(A, B, C, __FILE__, __LINE__)
 
 /* ---------------------------------------------------------------- */
 
-#define exe_global_init(A, Y, Z) do {                         \
-  CURLcode ec;                                                \
-  if((ec = curl_global_init((A))) != CURLE_OK) {              \
-    curl_mfprintf(stderr, "%s:%d curl_global_init() failed, " \
-                  "with code %d (%s)\n",                      \
-                  (Y), (Z), ec, curl_easy_strerror(ec));      \
-    res = ec;                                                 \
-  }                                                           \
-} while(0)
+#define exe_multi_add_handle(A, B, Y, Z)                     \
+  do {                                                       \
+    CURLMcode ec;                                            \
+    if((ec = curl_multi_add_handle(A, B)) != CURLM_OK) {     \
+      curl_mfprintf(stderr,                                  \
+                    "%s:%d curl_multi_add_handle() failed, " \
+                    "with code %d (%s)\n",                   \
+                    Y, Z, ec, curl_multi_strerror(ec));      \
+      res = TEST_ERR_MULTI;                                  \
+    }                                                        \
+  } while(0)
+
+#define res_multi_add_handle(A, B) \
+  exe_multi_add_handle(A, B, __FILE__, __LINE__)
+
+#define chk_multi_add_handle(A, B, Y, Z) \
+  do {                                   \
+    exe_multi_add_handle(A, B, Y, Z);    \
+    if(res)                              \
+      goto test_cleanup;                 \
+  } while(0)
+
+#define multi_add_handle(A, B) \
+  chk_multi_add_handle(A, B, __FILE__, __LINE__)
+
+/* ---------------------------------------------------------------- */
+
+#define exe_multi_remove_handle(A, B, Y, Z)                     \
+  do {                                                          \
+    CURLMcode ec;                                               \
+    if((ec = curl_multi_remove_handle(A, B)) != CURLM_OK) {     \
+      curl_mfprintf(stderr,                                     \
+                    "%s:%d curl_multi_remove_handle() failed, " \
+                    "with code %d (%s)\n",                      \
+                    Y, Z, ec, curl_multi_strerror(ec));         \
+      res = TEST_ERR_MULTI;                                     \
+    }                                                           \
+  } while(0)
+
+#define res_multi_remove_handle(A, B) \
+  exe_multi_remove_handle(A, B, __FILE__, __LINE__)
+
+#define chk_multi_remove_handle(A, B, Y, Z) \
+  do {                                      \
+    exe_multi_remove_handle(A, B, Y, Z);    \
+    if(res)                                 \
+      goto test_cleanup;                    \
+  } while(0)
+
+#define multi_remove_handle(A, B) \
+  chk_multi_remove_handle(A, B, __FILE__, __LINE__)
+
+/* ---------------------------------------------------------------- */
+
+#define exe_multi_perform(A, B, Y, Z)                                    \
+  do {                                                                   \
+    CURLMcode ec;                                                        \
+    if((ec = curl_multi_perform(A, B)) != CURLM_OK) {                    \
+      curl_mfprintf(stderr,                                              \
+                    "%s:%d curl_multi_perform() failed, "                \
+                    "with code %d (%s)\n",                               \
+                    Y, Z, ec, curl_multi_strerror(ec));                  \
+      res = TEST_ERR_MULTI;                                              \
+    }                                                                    \
+    else if(*(B) < 0) {                                                  \
+      curl_mfprintf(stderr,                                              \
+                    "%s:%d curl_multi_perform() succeeded, "             \
+                    "but returned invalid running_handles value (%d)\n", \
+                    Y, Z, (int)*(B));                                    \
+      res = TEST_ERR_NUM_HANDLES;                                        \
+    }                                                                    \
+  } while(0)
+
+#define res_multi_perform(A, B) \
+  exe_multi_perform(A, B, __FILE__, __LINE__)
+
+#define chk_multi_perform(A, B, Y, Z) \
+  do {                                \
+    exe_multi_perform(A, B, Y, Z);    \
+    if(res)                           \
+      goto test_cleanup;              \
+  } while(0)
+
+#define multi_perform(A, B) \
+  chk_multi_perform(A, B, __FILE__, __LINE__)
+
+/* ---------------------------------------------------------------- */
+
+#define exe_multi_fdset(A, B, C, D, E, Y, Z)                    \
+  do {                                                          \
+    CURLMcode ec;                                               \
+    if((ec = curl_multi_fdset(A, B, C, D, E)) != CURLM_OK) {    \
+      curl_mfprintf(stderr,                                     \
+                    "%s:%d curl_multi_fdset() failed, "         \
+                    "with code %d (%s)\n",                      \
+                    Y, Z, ec, curl_multi_strerror(ec));         \
+      res = TEST_ERR_MULTI;                                     \
+    }                                                           \
+    else if(*(E) < -1) {                                        \
+      curl_mfprintf(stderr,                                     \
+                    "%s:%d curl_multi_fdset() succeeded, "      \
+                    "but returned invalid max_fd value (%d)\n", \
+                    Y, Z, (int)*(E));                           \
+      res = TEST_ERR_NUM_HANDLES;                               \
+    }                                                           \
+  } while(0)
+
+#define res_multi_fdset(A, B, C, D, E) \
+  exe_multi_fdset(A, B, C, D, E, __FILE__, __LINE__)
+
+#define chk_multi_fdset(A, B, C, D, E, Y, Z) \
+  do {                                       \
+    exe_multi_fdset(A, B, C, D, E, Y, Z);    \
+    if(res)                                  \
+      goto test_cleanup;                     \
+  } while(0)
+
+#define multi_fdset(A, B, C, D, E) \
+  chk_multi_fdset(A, B, C, D, E, __FILE__, __LINE__)
+
+/* ---------------------------------------------------------------- */
+
+#define exe_multi_timeout(A, B, Y, Z)                             \
+  do {                                                            \
+    CURLMcode ec;                                                 \
+    if((ec = curl_multi_timeout(A, B)) != CURLM_OK) {             \
+      curl_mfprintf(stderr,                                       \
+                    "%s:%d curl_multi_timeout() failed, "         \
+                    "with code %d (%s)\n",                        \
+                    Y, Z, ec, curl_multi_strerror(ec));           \
+      res = TEST_ERR_BAD_TIMEOUT;                                 \
+    }                                                             \
+    else if(*(B) < -1L) {                                         \
+      curl_mfprintf(stderr,                                       \
+                    "%s:%d curl_multi_timeout() succeeded, "      \
+                    "but returned invalid timeout value (%ld)\n", \
+                    Y, Z, (long)*(B));                            \
+      res = TEST_ERR_BAD_TIMEOUT;                                 \
+    }                                                             \
+  } while(0)
+
+#define res_multi_timeout(A, B) \
+  exe_multi_timeout(A, B, __FILE__, __LINE__)
+
+#define chk_multi_timeout(A, B, Y, Z) \
+  do {                                \
+    exe_multi_timeout(A, B, Y, Z);    \
+    if(res)                           \
+      goto test_cleanup;              \
+  } while(0)
+
+#define multi_timeout(A, B) \
+  chk_multi_timeout(A, B, __FILE__, __LINE__)
+
+/* ---------------------------------------------------------------- */
+
+#define exe_multi_poll(A, B, C, D, E, Y, Z)                     \
+  do {                                                          \
+    CURLMcode ec;                                               \
+    if((ec = curl_multi_poll(A, B, C, D, E)) != CURLM_OK) {     \
+      curl_mfprintf(stderr,                                     \
+                    "%s:%d curl_multi_poll() failed, "          \
+                    "with code %d (%s)\n",                      \
+                    Y, Z, ec, curl_multi_strerror(ec));         \
+      res = TEST_ERR_MULTI;                                     \
+    }                                                           \
+    else if(*(E) < 0) {                                         \
+      curl_mfprintf(stderr,                                     \
+                    "%s:%d curl_multi_poll() succeeded, "       \
+                    "but returned invalid numfds value (%d)\n", \
+                    Y, Z, (int)*(E));                           \
+      res = TEST_ERR_NUM_HANDLES;                               \
+    }                                                           \
+  } while(0)
+
+#define res_multi_poll(A, B, C, D, E) \
+  exe_multi_poll(A, B, C, D, E, __FILE__, __LINE__)
+
+#define chk_multi_poll(A, B, C, D, E, Y, Z) \
+  do {                                      \
+    exe_multi_poll(A, B, C, D, E, Y, Z);    \
+    if(res)                                 \
+      goto test_cleanup;                    \
+  } while(0)
+
+#define multi_poll(A, B, C, D, E) \
+  chk_multi_poll(A, B, C, D, E, __FILE__, __LINE__)
+
+/* ---------------------------------------------------------------- */
+
+#define exe_multi_wakeup(A, Y, Z)                        \
+  do {                                                   \
+    CURLMcode ec;                                        \
+    if((ec = curl_multi_wakeup(A)) != CURLM_OK) {        \
+      curl_mfprintf(stderr,                              \
+                    "%s:%d curl_multi_wakeup() failed, " \
+                    "with code %d (%s)\n",               \
+                    Y, Z, ec, curl_multi_strerror(ec));  \
+      res = TEST_ERR_MULTI;                              \
+    }                                                    \
+  } while(0)
+
+#define res_multi_wakeup(A) \
+  exe_multi_wakeup(A, __FILE__, __LINE__)
+
+#define chk_multi_wakeup(A, Y, Z) \
+  do {                            \
+    exe_multi_wakeup(A, Y, Z);    \
+    if(res)                       \
+      goto test_cleanup;          \
+  } while(0)
+
+#define multi_wakeup(A) \
+  chk_multi_wakeup(A, __FILE__, __LINE__)
+
+/* ---------------------------------------------------------------- */
+
+#define exe_select_test(A, B, C, D, E, Y, Z)                             \
+  do {                                                                   \
+    int ec;                                                              \
+    if(select_wrapper(A, B, C, D, E) == -1) {                            \
+      char ecbuf[STRERROR_LEN];                                          \
+      ec = SOCKERRNO;                                                    \
+      curl_mfprintf(stderr,                                              \
+                    "%s:%d select() failed, with "                       \
+                    "errno %d (%s)\n",                                   \
+                    Y, Z, ec, curlx_strerror(ec, ecbuf, sizeof(ecbuf))); \
+      res = TEST_ERR_SELECT;                                             \
+    }                                                                    \
+  } while(0)
+
+#define res_select_test(A, B, C, D, E) \
+  exe_select_test(A, B, C, D, E, __FILE__, __LINE__)
+
+#define chk_select_test(A, B, C, D, E, Y, Z) \
+  do {                                       \
+    exe_select_test(A, B, C, D, E, Y, Z);    \
+    if(res)                                  \
+      goto test_cleanup;                     \
+  } while(0)
+
+#define select_test(A, B, C, D, E) \
+  chk_select_test(A, B, C, D, E, __FILE__, __LINE__)
+
+/* ---------------------------------------------------------------- */
+
+#define start_test_timing()      \
+  do {                           \
+    tv_test_start = curlx_now(); \
+  } while(0)
+
+#define TEST_HANG_TIMEOUT 60 * 1000  /* global default */
+
+#define exe_test_timedout(T, Y, Z)                                        \
+  do {                                                                    \
+    timediff_t timediff = curlx_timediff_ms(curlx_now(), tv_test_start);  \
+    if(timediff > (T)) {                                                  \
+      curl_mfprintf(stderr,                                               \
+                    "%s:%d ABORTING TEST, since it seems "                \
+                    "that it would have run forever (%ld ms > %ld ms)\n", \
+                    Y, Z, (long)timediff, (long)(TEST_HANG_TIMEOUT));     \
+      res = TEST_ERR_RUNS_FOREVER;                                        \
+    }                                                                     \
+  } while(0)
+
+#define res_test_timedout() \
+  exe_test_timedout(TEST_HANG_TIMEOUT, __FILE__, __LINE__)
+
+#define res_test_timedout_custom(T) \
+  exe_test_timedout(T, __FILE__, __LINE__)
+
+#define chk_test_timedout(T, Y, Z) \
+  do {                             \
+    exe_test_timedout(T, Y, Z);    \
+    if(res)                        \
+      goto test_cleanup;           \
+  } while(0)
+
+#define abort_on_test_timeout() \
+  chk_test_timedout(TEST_HANG_TIMEOUT, __FILE__, __LINE__)
+
+#define abort_on_test_timeout_custom(T) \
+  chk_test_timedout(T, __FILE__, __LINE__)
+
+/* ---------------------------------------------------------------- */
+
+#define exe_global_init(A, Y, Z)                        \
+  do {                                                  \
+    CURLcode ec;                                        \
+    if((ec = curl_global_init(A)) != CURLE_OK) {        \
+      curl_mfprintf(stderr,                             \
+                    "%s:%d curl_global_init() failed, " \
+                    "with code %d (%s)\n",              \
+                    Y, Z, ec, curl_easy_strerror(ec));  \
+      res = ec;                                         \
+    }                                                   \
+  } while(0)
 
 #define res_global_init(A) \
-  exe_global_init((A), (__FILE__), (__LINE__))
+  exe_global_init(A, __FILE__, __LINE__)
 
-#define chk_global_init(A, Y, Z) do { \
-    exe_global_init((A), (Y), (Z));   \
-    if(res)                           \
-      return res;                     \
+#define chk_global_init(A, Y, Z) \
+  do {                           \
+    exe_global_init(A, Y, Z);    \
+    if(res)                      \
+      return res;                \
   } while(0)
 
 /* global_init() is different than other macros. In case of
    failure it 'return's instead of going to 'test_cleanup'. */
 
 #define global_init(A) \
-  chk_global_init((A), (__FILE__), (__LINE__))
+  chk_global_init(A, __FILE__, __LINE__)
 
 #define NO_SUPPORT_BUILT_IN                     \
   {                                             \
diff --git a/tests/libtest/unitcheck.h b/tests/libtest/unitcheck.h
index 8007f9f8b5..231aacff83 100644
--- a/tests/libtest/unitcheck.h
+++ b/tests/libtest/unitcheck.h
@@ -56,7 +56,8 @@
 
 /* fail() is for when the test case figured out by itself that a check
    proved a failure */
-#define fail(msg) do {                                                  \
+#define fail(msg)                                                       \
+  do {                                                                  \
     curl_mfprintf(stderr, "%s:%d test FAILED: '%s'\n",                  \
                   __FILE__, __LINE__, msg);                             \
     unitfail++;                                                         \

From cca815ccfd98279f704f3bc75ed0cef8976e150f Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Fri, 5 Dec 2025 16:14:19 +0100
Subject: [PATCH 1141/2408] test1498: disable 'HTTP PUT from stdin' test on
 Windows

Test became flaky with memanalyze errors after merging #19845,
in a TrackMemory Windows Unicode c-ares openssl-quic build:
GHA/windows: mingw, AM x86_64 c-ares U.

Disable it until further investigation.

This test uses the Windows-specific multi-threaded stdin code
that caused issues in the past. It's also using `TerminateThread()`,
that apps aren't supposed to.

Examples:
https://github.com/curl/curl/pull/19845#issuecomment-3614921298
https://github.com/curl/curl/actions/runs/19948992659/job/57205061260?pr=19845#step:13:3028
https://github.com/curl/curl/actions/runs/19966429786/job/57259325027?pr=19852#step:13:3030

Also seen to fail earlier while testing torture tests on Windows:
https://github.com/curl/curl/pull/19675#issuecomment-3573154110

Ref: 4e051ff5506319ee87e3656be8f76b01de217103 #19845

Closes #19855
---
 tests/data/test1498 | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/tests/data/test1498 b/tests/data/test1498
index 467730d3a5..b9ba70fbc0 100644
--- a/tests/data/test1498
+++ b/tests/data/test1498
@@ -25,6 +25,9 @@ blablabla
 
 http
 
+
+!win32
+
 
 HTTP PUT from stdin using period
 

From 0b69c4713147cd7c13d1e006abd95df688d687e2 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Fri, 5 Dec 2025 13:17:11 +0100
Subject: [PATCH 1142/2408] docs: remove dead URLs

- KNOWN_BUGS: remove dead URL
- ECH: remove two dead URLs
- MAIL-ETIQUETTE: remove dead URL
---
 docs/ECH.md            | 2 --
 docs/KNOWN_BUGS        | 2 +-
 docs/MAIL-ETIQUETTE.md | 3 +--
 3 files changed, 2 insertions(+), 5 deletions(-)

diff --git a/docs/ECH.md b/docs/ECH.md
index b40cd17e78..6f236a106b 100644
--- a/docs/ECH.md
+++ b/docs/ECH.md
@@ -76,8 +76,6 @@ The above works for these test sites:
 
 ```sh
 https://defo.ie/ech-check.php
-https://draft-13.esni.defo.ie:8413/stats
-https://draft-13.esni.defo.ie:8414/stats
 https://crypto.cloudflare.com/cdn-cgi/trace
 https://tls-ech.dev
 ```
diff --git a/docs/KNOWN_BUGS b/docs/KNOWN_BUGS
index 15ca40102a..278cc2a097 100644
--- a/docs/KNOWN_BUGS
+++ b/docs/KNOWN_BUGS
@@ -311,7 +311,7 @@ problems may have been fixed or changed somewhat since this was written.
 
  libcurl fails to build with MIT Kerberos for Windows (KfW) due to KfW's
  library header files exporting symbols/macros that should be kept private to
- the KfW library. See ticket #5601 at https://krbdev.mit.edu/rt/
+ the KfW library.
 
 6.3 NTLM in system context uses wrong name
 
diff --git a/docs/MAIL-ETIQUETTE.md b/docs/MAIL-ETIQUETTE.md
index 3de77b17bf..4c2f95f38b 100644
--- a/docs/MAIL-ETIQUETTE.md
+++ b/docs/MAIL-ETIQUETTE.md
@@ -223,8 +223,7 @@ mails to your friends. We speak plain text mails.
 ### Quoting
 
 Quote as little as possible. Just enough to provide the context you cannot
-eave out. A lengthy description can be found
-[here](https://www.netmeister.org/news/learn2quote.html).
+leave out.
 
 ### Digest
 

From 58394b1c8c3bad2b4c0a96b3da194c81afedaf7f Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Fri, 5 Dec 2025 13:33:02 +0100
Subject: [PATCH 1143/2408] docs: use .example URLs for proxies

---
 docs/cmdline-opts/proxy-cacert.md                    | 2 +-
 docs/cmdline-opts/proxy-capath.md                    | 2 +-
 docs/cmdline-opts/proxy-cert-type.md                 | 2 +-
 docs/cmdline-opts/proxy-cert.md                      | 2 +-
 docs/cmdline-opts/proxy-ciphers.md                   | 2 +-
 docs/cmdline-opts/proxy-crlfile.md                   | 2 +-
 docs/cmdline-opts/proxy-insecure.md                  | 2 +-
 docs/cmdline-opts/proxy-key-type.md                  | 2 +-
 docs/cmdline-opts/proxy-key.md                       | 2 +-
 docs/cmdline-opts/proxy-pass.md                      | 2 +-
 docs/cmdline-opts/proxy-ssl-allow-beast.md           | 2 +-
 docs/cmdline-opts/proxy-ssl-auto-client-cert.md      | 2 +-
 docs/cmdline-opts/proxy-tlsauthtype.md               | 2 +-
 docs/cmdline-opts/proxy-tlspassword.md               | 2 +-
 docs/cmdline-opts/proxy-tlsuser.md                   | 2 +-
 docs/cmdline-opts/proxy-tlsv1.md                     | 2 +-
 docs/libcurl/opts/CURLINFO_PROXY_SSL_VERIFYRESULT.md | 2 +-
 docs/libcurl/opts/CURLOPT_PROXY_CAINFO.md            | 2 +-
 docs/libcurl/opts/CURLOPT_PROXY_CAINFO_BLOB.md       | 2 +-
 docs/libcurl/opts/CURLOPT_PROXY_CAPATH.md            | 2 +-
 docs/libcurl/opts/CURLOPT_PROXY_ISSUERCERT.md        | 2 +-
 docs/libcurl/opts/CURLOPT_PROXY_ISSUERCERT_BLOB.md   | 2 +-
 docs/libcurl/opts/CURLOPT_PROXY_KEYPASSWD.md         | 2 +-
 docs/libcurl/opts/CURLOPT_PROXY_PINNEDPUBLICKEY.md   | 2 +-
 docs/libcurl/opts/CURLOPT_PROXY_SSLCERT.md           | 2 +-
 docs/libcurl/opts/CURLOPT_PROXY_SSLCERTTYPE.md       | 2 +-
 docs/libcurl/opts/CURLOPT_PROXY_SSLCERT_BLOB.md      | 2 +-
 docs/libcurl/opts/CURLOPT_PROXY_SSLKEY.md            | 2 +-
 docs/libcurl/opts/CURLOPT_PROXY_SSLKEYTYPE.md        | 2 +-
 docs/libcurl/opts/CURLOPT_PROXY_SSLKEY_BLOB.md       | 2 +-
 docs/libcurl/opts/CURLOPT_PROXY_SSL_OPTIONS.md       | 2 +-
 docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_PASSWORD.md  | 2 +-
 docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_TYPE.md      | 2 +-
 docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_USERNAME.md  | 2 +-
 34 files changed, 34 insertions(+), 34 deletions(-)

diff --git a/docs/cmdline-opts/proxy-cacert.md b/docs/cmdline-opts/proxy-cacert.md
index 682349a7e2..0b2405d1c9 100644
--- a/docs/cmdline-opts/proxy-cacert.md
+++ b/docs/cmdline-opts/proxy-cacert.md
@@ -14,7 +14,7 @@ See-also:
   - dump-ca-embed
   - proxy
 Example:
-  - --proxy-cacert CA-file.txt -x https://proxy $URL
+  - --proxy-cacert CA-file.txt -x https://proxy.example $URL
 ---
 
 # `--proxy-cacert`
diff --git a/docs/cmdline-opts/proxy-capath.md b/docs/cmdline-opts/proxy-capath.md
index 91575ae4d8..344756a43e 100644
--- a/docs/cmdline-opts/proxy-capath.md
+++ b/docs/cmdline-opts/proxy-capath.md
@@ -13,7 +13,7 @@ See-also:
   - capath
   - dump-ca-embed
 Example:
-  - --proxy-capath /local/directory -x https://proxy $URL
+  - --proxy-capath /local/directory -x https://proxy.example $URL
 ---
 
 # `--proxy-capath`
diff --git a/docs/cmdline-opts/proxy-cert-type.md b/docs/cmdline-opts/proxy-cert-type.md
index 8a1121bb36..3dcd2017c4 100644
--- a/docs/cmdline-opts/proxy-cert-type.md
+++ b/docs/cmdline-opts/proxy-cert-type.md
@@ -11,7 +11,7 @@ See-also:
   - proxy-cert
   - proxy-key
 Example:
-  - --proxy-cert-type PEM --proxy-cert file -x https://proxy $URL
+  - --proxy-cert-type PEM --proxy-cert file -x https://proxy.example $URL
 ---
 
 # `--proxy-cert-type`
diff --git a/docs/cmdline-opts/proxy-cert.md b/docs/cmdline-opts/proxy-cert.md
index 734766730c..929791e3a1 100644
--- a/docs/cmdline-opts/proxy-cert.md
+++ b/docs/cmdline-opts/proxy-cert.md
@@ -12,7 +12,7 @@ See-also:
   - proxy-key
   - proxy-cert-type
 Example:
-  - --proxy-cert file -x https://proxy $URL
+  - --proxy-cert file -x https://proxy.example $URL
 ---
 
 # `--proxy-cert`
diff --git a/docs/cmdline-opts/proxy-ciphers.md b/docs/cmdline-opts/proxy-ciphers.md
index 420e7563bd..4cb85e1e67 100644
--- a/docs/cmdline-opts/proxy-ciphers.md
+++ b/docs/cmdline-opts/proxy-ciphers.md
@@ -13,7 +13,7 @@ See-also:
   - ciphers
   - proxy
 Example:
-  - --proxy-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256 -x https://proxy $URL
+  - --proxy-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256 -x https://proxy.example $URL
 ---
 
 # `--proxy-ciphers`
diff --git a/docs/cmdline-opts/proxy-crlfile.md b/docs/cmdline-opts/proxy-crlfile.md
index 726e449557..9f7d3304fa 100644
--- a/docs/cmdline-opts/proxy-crlfile.md
+++ b/docs/cmdline-opts/proxy-crlfile.md
@@ -11,7 +11,7 @@ See-also:
   - crlfile
   - proxy
 Example:
-  - --proxy-crlfile rejects.txt -x https://proxy $URL
+  - --proxy-crlfile rejects.txt -x https://proxy.example $URL
 ---
 
 # `--proxy-crlfile`
diff --git a/docs/cmdline-opts/proxy-insecure.md b/docs/cmdline-opts/proxy-insecure.md
index 5796c36237..0c2d8b99bc 100644
--- a/docs/cmdline-opts/proxy-insecure.md
+++ b/docs/cmdline-opts/proxy-insecure.md
@@ -10,7 +10,7 @@ See-also:
   - proxy
   - insecure
 Example:
-  - --proxy-insecure -x https://proxy $URL
+  - --proxy-insecure -x https://proxy.example $URL
 ---
 
 # `--proxy-insecure`
diff --git a/docs/cmdline-opts/proxy-key-type.md b/docs/cmdline-opts/proxy-key-type.md
index 587c13c592..e455140016 100644
--- a/docs/cmdline-opts/proxy-key-type.md
+++ b/docs/cmdline-opts/proxy-key-type.md
@@ -11,7 +11,7 @@ See-also:
   - proxy-key
   - proxy
 Example:
-  - --proxy-key-type DER --proxy-key here -x https://proxy $URL
+  - --proxy-key-type DER --proxy-key here -x https://proxy.example $URL
 ---
 
 # `--proxy-key-type`
diff --git a/docs/cmdline-opts/proxy-key.md b/docs/cmdline-opts/proxy-key.md
index 7caa636e36..8ee78c46ea 100644
--- a/docs/cmdline-opts/proxy-key.md
+++ b/docs/cmdline-opts/proxy-key.md
@@ -11,7 +11,7 @@ See-also:
   - proxy-key-type
   - proxy
 Example:
-  - --proxy-key here -x https://proxy $URL
+  - --proxy-key here -x https://proxy.example $URL
 ---
 
 # `--proxy-key`
diff --git a/docs/cmdline-opts/proxy-pass.md b/docs/cmdline-opts/proxy-pass.md
index 88cefd54c8..1005d95d2f 100644
--- a/docs/cmdline-opts/proxy-pass.md
+++ b/docs/cmdline-opts/proxy-pass.md
@@ -11,7 +11,7 @@ See-also:
   - proxy
   - proxy-key
 Example:
-  - --proxy-pass secret --proxy-key here -x https://proxy $URL
+  - --proxy-pass secret --proxy-key here -x https://proxy.example $URL
 ---
 
 # `--proxy-pass`
diff --git a/docs/cmdline-opts/proxy-ssl-allow-beast.md b/docs/cmdline-opts/proxy-ssl-allow-beast.md
index 089038dec4..909a7f026e 100644
--- a/docs/cmdline-opts/proxy-ssl-allow-beast.md
+++ b/docs/cmdline-opts/proxy-ssl-allow-beast.md
@@ -10,7 +10,7 @@ See-also:
   - ssl-allow-beast
   - proxy
 Example:
-  - --proxy-ssl-allow-beast -x https://proxy $URL
+  - --proxy-ssl-allow-beast -x https://proxy.example $URL
 ---
 
 # `--proxy-ssl-allow-beast`
diff --git a/docs/cmdline-opts/proxy-ssl-auto-client-cert.md b/docs/cmdline-opts/proxy-ssl-auto-client-cert.md
index 578a7a6417..e041b81523 100644
--- a/docs/cmdline-opts/proxy-ssl-auto-client-cert.md
+++ b/docs/cmdline-opts/proxy-ssl-auto-client-cert.md
@@ -10,7 +10,7 @@ See-also:
   - ssl-auto-client-cert
   - proxy
 Example:
-  - --proxy-ssl-auto-client-cert -x https://proxy $URL
+  - --proxy-ssl-auto-client-cert -x https://proxy.example $URL
 ---
 
 # `--proxy-ssl-auto-client-cert`
diff --git a/docs/cmdline-opts/proxy-tlsauthtype.md b/docs/cmdline-opts/proxy-tlsauthtype.md
index 684a7d55ef..84becc149e 100644
--- a/docs/cmdline-opts/proxy-tlsauthtype.md
+++ b/docs/cmdline-opts/proxy-tlsauthtype.md
@@ -12,7 +12,7 @@ See-also:
   - proxy-tlsuser
   - proxy-tlspassword
 Example:
-  - --proxy-tlsauthtype SRP -x https://proxy $URL
+  - --proxy-tlsauthtype SRP -x https://proxy.example $URL
 ---
 
 # `--proxy-tlsauthtype`
diff --git a/docs/cmdline-opts/proxy-tlspassword.md b/docs/cmdline-opts/proxy-tlspassword.md
index fe9ae7d2e2..63c2521566 100644
--- a/docs/cmdline-opts/proxy-tlspassword.md
+++ b/docs/cmdline-opts/proxy-tlspassword.md
@@ -11,7 +11,7 @@ See-also:
   - proxy
   - proxy-tlsuser
 Example:
-  - --proxy-tlspassword passwd -x https://proxy $URL
+  - --proxy-tlspassword passwd -x https://proxy.example $URL
 ---
 
 # `--proxy-tlspassword`
diff --git a/docs/cmdline-opts/proxy-tlsuser.md b/docs/cmdline-opts/proxy-tlsuser.md
index 3517701119..610a2169b8 100644
--- a/docs/cmdline-opts/proxy-tlsuser.md
+++ b/docs/cmdline-opts/proxy-tlsuser.md
@@ -11,7 +11,7 @@ See-also:
   - proxy
   - proxy-tlspassword
 Example:
-  - --proxy-tlsuser smith -x https://proxy $URL
+  - --proxy-tlsuser smith -x https://proxy.example $URL
 ---
 
 # `--proxy-tlsuser`
diff --git a/docs/cmdline-opts/proxy-tlsv1.md b/docs/cmdline-opts/proxy-tlsv1.md
index 7b322e3a32..20643fd82b 100644
--- a/docs/cmdline-opts/proxy-tlsv1.md
+++ b/docs/cmdline-opts/proxy-tlsv1.md
@@ -9,7 +9,7 @@ Multi: mutex
 See-also:
   - proxy
 Example:
-  - --proxy-tlsv1 -x https://proxy $URL
+  - --proxy-tlsv1 -x https://proxy.example $URL
 ---
 
 # `--proxy-tlsv1`
diff --git a/docs/libcurl/opts/CURLINFO_PROXY_SSL_VERIFYRESULT.md b/docs/libcurl/opts/CURLINFO_PROXY_SSL_VERIFYRESULT.md
index 17dab0e324..39fe1c70d2 100644
--- a/docs/libcurl/opts/CURLINFO_PROXY_SSL_VERIFYRESULT.md
+++ b/docs/libcurl/opts/CURLINFO_PROXY_SSL_VERIFYRESULT.md
@@ -50,7 +50,7 @@ int main(void)
     long verifyresult;
 
     curl_easy_setopt(curl, CURLOPT_URL, "https://example.com");
-    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy:443");
+    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy.example:443");
 
     res = curl_easy_perform(curl);
     if(res) {
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_CAINFO.md b/docs/libcurl/opts/CURLOPT_PROXY_CAINFO.md
index 6be10774db..55c97b769f 100644
--- a/docs/libcurl/opts/CURLOPT_PROXY_CAINFO.md
+++ b/docs/libcurl/opts/CURLOPT_PROXY_CAINFO.md
@@ -72,7 +72,7 @@ int main(void)
     CURLcode res;
     curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
     /* using an HTTPS proxy */
-    curl_easy_setopt(curl, CURLOPT_PROXY, "https://localhost:443");
+    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy.example:443");
     curl_easy_setopt(curl, CURLOPT_PROXY_CAINFO, "/etc/certs/cabundle.pem");
     res = curl_easy_perform(curl);
     curl_easy_cleanup(curl);
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_CAINFO_BLOB.md b/docs/libcurl/opts/CURLOPT_PROXY_CAINFO_BLOB.md
index 16af56e5cd..5efc5e5f08 100644
--- a/docs/libcurl/opts/CURLOPT_PROXY_CAINFO_BLOB.md
+++ b/docs/libcurl/opts/CURLOPT_PROXY_CAINFO_BLOB.md
@@ -73,7 +73,7 @@ int main(void)
     struct curl_blob blob;
     curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
     /* using an HTTPS proxy */
-    curl_easy_setopt(curl, CURLOPT_PROXY, "https://localhost:443");
+    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy.example:443");
     blob.data = strpem;
     blob.len = strlen(strpem);
     blob.flags = CURL_BLOB_COPY;
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_CAPATH.md b/docs/libcurl/opts/CURLOPT_PROXY_CAPATH.md
index d0fce53cae..0cb17c31bf 100644
--- a/docs/libcurl/opts/CURLOPT_PROXY_CAPATH.md
+++ b/docs/libcurl/opts/CURLOPT_PROXY_CAPATH.md
@@ -64,7 +64,7 @@ int main(void)
     CURLcode res;
     curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
     /* using an HTTPS proxy */
-    curl_easy_setopt(curl, CURLOPT_PROXY, "https://localhost:443");
+    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy.example:443");
     curl_easy_setopt(curl, CURLOPT_PROXY_CAPATH, "/etc/cert-dir");
     res = curl_easy_perform(curl);
     curl_easy_cleanup(curl);
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_ISSUERCERT.md b/docs/libcurl/opts/CURLOPT_PROXY_ISSUERCERT.md
index 88af6f8ed9..54e900d2fd 100644
--- a/docs/libcurl/opts/CURLOPT_PROXY_ISSUERCERT.md
+++ b/docs/libcurl/opts/CURLOPT_PROXY_ISSUERCERT.md
@@ -70,7 +70,7 @@ int main(void)
     CURLcode res;
     curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
     /* using an HTTPS proxy */
-    curl_easy_setopt(curl, CURLOPT_PROXY, "https://localhost:443");
+    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy.example:443");
     curl_easy_setopt(curl, CURLOPT_PROXY_ISSUERCERT, "/etc/certs/cacert.pem");
     res = curl_easy_perform(curl);
     curl_easy_cleanup(curl);
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_ISSUERCERT_BLOB.md b/docs/libcurl/opts/CURLOPT_PROXY_ISSUERCERT_BLOB.md
index a697751397..dd8e81b8d4 100644
--- a/docs/libcurl/opts/CURLOPT_PROXY_ISSUERCERT_BLOB.md
+++ b/docs/libcurl/opts/CURLOPT_PROXY_ISSUERCERT_BLOB.md
@@ -77,7 +77,7 @@ int main(void)
     struct curl_blob blob;
     curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
     /* using an HTTPS proxy */
-    curl_easy_setopt(curl, CURLOPT_PROXY, "https://localhost:443");
+    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy.example:443");
     blob.data = certificateData;
     blob.len = filesize;
     blob.flags = CURL_BLOB_COPY;
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_KEYPASSWD.md b/docs/libcurl/opts/CURLOPT_PROXY_KEYPASSWD.md
index 4d82870953..9b59ec1fd1 100644
--- a/docs/libcurl/opts/CURLOPT_PROXY_KEYPASSWD.md
+++ b/docs/libcurl/opts/CURLOPT_PROXY_KEYPASSWD.md
@@ -61,7 +61,7 @@ int main(void)
   if(curl) {
     CURLcode res;
     curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/foo.bin");
-    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy:443");
+    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy.example:443");
     curl_easy_setopt(curl, CURLOPT_PROXY_KEYPASSWD, "superman");
     res = curl_easy_perform(curl);
     curl_easy_cleanup(curl);
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_PINNEDPUBLICKEY.md b/docs/libcurl/opts/CURLOPT_PROXY_PINNEDPUBLICKEY.md
index 49c28a7b6e..70c294c5ac 100644
--- a/docs/libcurl/opts/CURLOPT_PROXY_PINNEDPUBLICKEY.md
+++ b/docs/libcurl/opts/CURLOPT_PROXY_PINNEDPUBLICKEY.md
@@ -67,7 +67,7 @@ int main(void)
   CURL *curl = curl_easy_init();
   if(curl) {
     curl_easy_setopt(curl, CURLOPT_URL, "https://example.com");
-    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy:443");
+    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy.example:443");
     curl_easy_setopt(curl, CURLOPT_PROXY_PINNEDPUBLICKEY,
                      "sha256//YhKJKSzoTt2b5FP18fvpHo7fJYqQCjA"
                      "a3HWY3tvRMwE=;sha256//t62CeU2tQiqkexU74"
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SSLCERT.md b/docs/libcurl/opts/CURLOPT_PROXY_SSLCERT.md
index f54832839f..efea446a25 100644
--- a/docs/libcurl/opts/CURLOPT_PROXY_SSLCERT.md
+++ b/docs/libcurl/opts/CURLOPT_PROXY_SSLCERT.md
@@ -64,7 +64,7 @@ int main(void)
   if(curl) {
     CURLcode res;
     curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
-    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy");
+    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy.example");
     curl_easy_setopt(curl, CURLOPT_PROXY_SSLCERT, "client.pem");
     curl_easy_setopt(curl, CURLOPT_PROXY_SSLKEY, "key.pem");
     curl_easy_setopt(curl, CURLOPT_PROXY_KEYPASSWD, "s3cret");
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SSLCERTTYPE.md b/docs/libcurl/opts/CURLOPT_PROXY_SSLCERTTYPE.md
index f616c75e40..e0c07e325d 100644
--- a/docs/libcurl/opts/CURLOPT_PROXY_SSLCERTTYPE.md
+++ b/docs/libcurl/opts/CURLOPT_PROXY_SSLCERTTYPE.md
@@ -60,7 +60,7 @@ int main(void)
   if(curl) {
     CURLcode res;
     curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
-    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy");
+    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy.example");
     curl_easy_setopt(curl, CURLOPT_PROXY_SSLCERT, "client.pem");
     curl_easy_setopt(curl, CURLOPT_PROXY_SSLCERTTYPE, "PEM");
     curl_easy_setopt(curl, CURLOPT_PROXY_SSLKEY, "key.pem");
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SSLCERT_BLOB.md b/docs/libcurl/opts/CURLOPT_PROXY_SSLCERT_BLOB.md
index e3b947b146..83bd4d6ea8 100644
--- a/docs/libcurl/opts/CURLOPT_PROXY_SSLCERT_BLOB.md
+++ b/docs/libcurl/opts/CURLOPT_PROXY_SSLCERT_BLOB.md
@@ -68,7 +68,7 @@ int main(void)
     blob.len = filesize;
     blob.flags = CURL_BLOB_COPY;
     curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
-    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy");
+    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy.example");
     curl_easy_setopt(curl, CURLOPT_PROXY_SSLKEY, "key.pem");
     curl_easy_setopt(curl, CURLOPT_PROXY_KEYPASSWD, "s3cret");
     curl_easy_setopt(curl, CURLOPT_PROXY_SSLCERT_BLOB, &blob);
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SSLKEY.md b/docs/libcurl/opts/CURLOPT_PROXY_SSLKEY.md
index 74b431a6b0..443097dfb4 100644
--- a/docs/libcurl/opts/CURLOPT_PROXY_SSLKEY.md
+++ b/docs/libcurl/opts/CURLOPT_PROXY_SSLKEY.md
@@ -64,7 +64,7 @@ int main(void)
   if(curl) {
     CURLcode res;
     curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
-    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy");
+    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy.example");
     curl_easy_setopt(curl, CURLOPT_PROXY_SSLCERT, "client.pem");
     curl_easy_setopt(curl, CURLOPT_PROXY_SSLKEY, "key.pem");
     curl_easy_setopt(curl, CURLOPT_PROXY_KEYPASSWD, "s3cret");
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SSLKEYTYPE.md b/docs/libcurl/opts/CURLOPT_PROXY_SSLKEYTYPE.md
index df14f081f5..cf44f3718a 100644
--- a/docs/libcurl/opts/CURLOPT_PROXY_SSLKEYTYPE.md
+++ b/docs/libcurl/opts/CURLOPT_PROXY_SSLKEYTYPE.md
@@ -53,7 +53,7 @@ int main(void)
   if(curl) {
     CURLcode res;
     curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
-    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy");
+    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy.example");
     curl_easy_setopt(curl, CURLOPT_PROXY_SSLCERT, "client.pem");
     curl_easy_setopt(curl, CURLOPT_PROXY_SSLKEY, "key.pem");
     curl_easy_setopt(curl, CURLOPT_PROXY_SSLKEYTYPE, "PEM");
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SSLKEY_BLOB.md b/docs/libcurl/opts/CURLOPT_PROXY_SSLKEY_BLOB.md
index 91e9146849..da997695d0 100644
--- a/docs/libcurl/opts/CURLOPT_PROXY_SSLKEY_BLOB.md
+++ b/docs/libcurl/opts/CURLOPT_PROXY_SSLKEY_BLOB.md
@@ -62,7 +62,7 @@ int main(void)
     CURLcode res;
     struct curl_blob blob;
     curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
-    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy");
+    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy.example");
     blob.data = certificateData;
     blob.len = filesize;
     blob.flags = CURL_BLOB_COPY;
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SSL_OPTIONS.md b/docs/libcurl/opts/CURLOPT_PROXY_SSL_OPTIONS.md
index 18b7ce6b36..ec9ccc16c8 100644
--- a/docs/libcurl/opts/CURLOPT_PROXY_SSL_OPTIONS.md
+++ b/docs/libcurl/opts/CURLOPT_PROXY_SSL_OPTIONS.md
@@ -106,7 +106,7 @@ int main(void)
   if(curl) {
     CURLcode res;
     curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
-    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy");
+    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy.example");
     /* weaken TLS only for use with silly proxies */
     curl_easy_setopt(curl, CURLOPT_PROXY_SSL_OPTIONS,
                      CURLSSLOPT_ALLOW_BEAST | CURLSSLOPT_NO_REVOKE);
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_PASSWORD.md b/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_PASSWORD.md
index 91f2110716..540d96149f 100644
--- a/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_PASSWORD.md
+++ b/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_PASSWORD.md
@@ -58,7 +58,7 @@ int main(void)
   if(curl) {
     CURLcode res;
     curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
-    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy");
+    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy.example");
     curl_easy_setopt(curl, CURLOPT_PROXY_TLSAUTH_TYPE, "SRP");
     curl_easy_setopt(curl, CURLOPT_PROXY_TLSAUTH_USERNAME, "user");
     curl_easy_setopt(curl, CURLOPT_PROXY_TLSAUTH_PASSWORD, "secret");
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_TYPE.md b/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_TYPE.md
index 4c7cfd700f..ceb1c1c091 100644
--- a/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_TYPE.md
+++ b/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_TYPE.md
@@ -65,7 +65,7 @@ int main(void)
   if(curl) {
     CURLcode res;
     curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
-    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy");
+    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy.example");
     curl_easy_setopt(curl, CURLOPT_PROXY_TLSAUTH_TYPE, "SRP");
     curl_easy_setopt(curl, CURLOPT_PROXY_TLSAUTH_USERNAME, "user");
     curl_easy_setopt(curl, CURLOPT_PROXY_TLSAUTH_PASSWORD, "secret");
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_USERNAME.md b/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_USERNAME.md
index 44e32299ee..cbc8952753 100644
--- a/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_USERNAME.md
+++ b/docs/libcurl/opts/CURLOPT_PROXY_TLSAUTH_USERNAME.md
@@ -58,7 +58,7 @@ int main(void)
   if(curl) {
     CURLcode res;
     curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
-    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy");
+    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy.example");
     curl_easy_setopt(curl, CURLOPT_PROXY_TLSAUTH_TYPE, "SRP");
     curl_easy_setopt(curl, CURLOPT_PROXY_TLSAUTH_USERNAME, "user");
     curl_easy_setopt(curl, CURLOPT_PROXY_TLSAUTH_PASSWORD, "secret");

From e80682d4296087972ea8e02fc7bf026b982f007e Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Fri, 5 Dec 2025 14:04:25 +0100
Subject: [PATCH 1144/2408] FAQ: fix hackerone URL

---
 docs/FAQ | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/FAQ b/docs/FAQ
index 2e5e5901be..b8a3947459 100644
--- a/docs/FAQ
+++ b/docs/FAQ
@@ -292,7 +292,7 @@ FAQ
   from having to repeat ourselves even more. Thanks for respecting this.
 
   If you have found or simply suspect a security problem in curl or libcurl,
-  submit all the details at https://hackerone.one/curl. On there we keep the
+  submit all the details at https://hackerone.com/curl. On there we keep the
   issue private while we investigate, confirm it, work and validate a fix and
   agree on a time schedule for publication etc. That way we produce a fix in a
   timely manner before the flaw is announced to the world, reducing the impact

From ca24b6a061cf1ab99ccf7c79e8b79193534cf70d Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Fri, 5 Dec 2025 14:11:39 +0100
Subject: [PATCH 1145/2408] DISTROS: remove broken URLs for buildroot

---
 docs/DISTROS.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/DISTROS.md b/docs/DISTROS.md
index 132ad86a0c..451de7fc1a 100644
--- a/docs/DISTROS.md
+++ b/docs/DISTROS.md
@@ -49,8 +49,8 @@ archives](https://curl.se/mail/list.cgi?list=curl-distros)).
 
 *Rolling Release*
 
-- curl package source and patches: https://git.buildroot.net/buildroot/tree/package/libcurl
-- curl issues: https://bugs.buildroot.org/buglist.cgi?quicksearch=curl
+- curl package source and patches: **missing URL**
+- curl issues: **missing URL**
 
 ## Chimera
 

From 51587f6f14af22e932d2448ed3a7b0052e880ea1 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Fri, 5 Dec 2025 11:45:35 +0100
Subject: [PATCH 1146/2408] mdlinkcheck: detect and check "raw" links

- URLs specified outside of the markdown []() are now extracted and
  checked

- also check TODO, FAQ and KNOWN_BUGS

- more aggressive avoiding to check github.com/curl/curl, all uses of
  example domains and some more established URLs on the curl.se site

- list all errors in the end to make them easier to spot in CI logs

Closes #19848
---
 .github/workflows/checkdocs.yml |  6 +--
 scripts/mdlinkcheck             | 80 +++++++++++++++++++++++++++------
 2 files changed, 68 insertions(+), 18 deletions(-)

diff --git a/.github/workflows/checkdocs.yml b/.github/workflows/checkdocs.yml
index 60d4230194..ba3858f66c 100644
--- a/.github/workflows/checkdocs.yml
+++ b/.github/workflows/checkdocs.yml
@@ -15,8 +15,7 @@ name: 'Docs'
     paths:
       - '.github/workflows/checkdocs.yml'
       - '.github/scripts/**'
-      - '.github/scripts/mdlinkcheck'
-      - '/scripts/**'
+      - 'scripts/**'
       - '**.md'
       - 'docs/*'
   pull_request:
@@ -25,8 +24,7 @@ name: 'Docs'
     paths:
       - '.github/workflows/checkdocs.yml'
       - '.github/scripts/**'
-      - '.github/scripts/mdlinkcheck'
-      - '/scripts/**'
+      - 'scripts/**'
       - '**.md'
       - 'docs/*'
 
diff --git a/scripts/mdlinkcheck b/scripts/mdlinkcheck
index 6b648786f3..734617949d 100755
--- a/scripts/mdlinkcheck
+++ b/scripts/mdlinkcheck
@@ -27,7 +27,10 @@ use strict;
 use warnings;
 
 my %whitelist = (
+    'https://curl.se' => 1,
     'https://curl.se/' => 1,
+    'https://curl.se/bug/' => 1,
+    'https://curl.se/bug/view.cgi' => 1,
     'https://curl.se/changes.html' => 1,
     'https://curl.se/dev/advisory.html' => 1,
     'https://curl.se/dev/builds.html' => 1,
@@ -40,19 +43,25 @@ my %whitelist = (
     'https://curl.se/docs/bugbounty.html' => 1,
     'https://curl.se/docs/caextract.html' => 1,
     'https://curl.se/docs/copyright.html' => 1,
+    'https://curl.se/docs/http-cookies.html' => 1,
     'https://curl.se/docs/install.html' => 1,
     'https://curl.se/docs/knownbugs.html' => 1,
     'https://curl.se/docs/manpage.html' => 1,
+    'https://curl.se/docs/releases.html' => 1,
     'https://curl.se/docs/security.html' => 1,
+    'https://curl.se/docs/ssl-ciphers.html' => 1,
+    'https://curl.se/docs/ssl-compared.html' => 1,
     'https://curl.se/docs/sslcerts.html' => 1,
     'https://curl.se/docs/thanks.html' => 1,
     'https://curl.se/docs/todo.html' => 1,
     'https://curl.se/docs/vulnerabilities.html' => 1,
+    'https://curl.se/download.html' => 1,
     'https://curl.se/libcurl/' => 1,
-    'https://curl.se/libcurl/c/CURLOPT_SSLVERSION.html' => 1,
     'https://curl.se/libcurl/c/CURLOPT_SSL_CIPHER_LIST.html' => 1,
+    'https://curl.se/libcurl/c/CURLOPT_SSLVERSION.html' => 1,
     'https://curl.se/libcurl/c/CURLOPT_TLS13_CIPHERS.html' => 1,
     'https://curl.se/libcurl/c/libcurl.html' => 1,
+    'https://curl.se/libcurl/c/threadsafe.html' => 1,
     'https://curl.se/logo/curl-logo.svg' => 1,
     'https://curl.se/mail/' => 1,
     'https://curl.se/mail/etiquette.html' => 1,
@@ -62,14 +71,15 @@ my %whitelist = (
     'https://curl.se/rfc/rfc2255.txt' => 1,
     'https://curl.se/sponsors.html' => 1,
     'https://curl.se/support.html' => 1,
+    'https://curl.se/windows' => 1,
+    'https://curl.se/windows/' => 1,
+
+    'https://testclutch.curl.se/' => 1,
 
-    'https://github.com/curl/curl' => 1,
     'https://github.com/curl/curl-fuzzer' => 1,
     'https://github.com/curl/curl-www' => 1,
-    'https://github.com/curl/curl/discussions' => 1,
-    'https://github.com/curl/curl/issues' => 1,
-    'https://github.com/curl/curl/labels/help%20wanted' => 1,
-    'https://github.com/curl/curl/pulls' => 1,
+    'https://github.com/curl/curl.git' => 1,
+    'https://github.com/curl/curl/wcurl' => 1,
 
     );
 
@@ -77,7 +87,7 @@ my %url;
 my %flink;
 
 # list all .md files in the repo
-my @files=`git ls-files '**.md'`;
+my @files=`git ls-files '**.md' docs/TODO docs/KNOWN_BUGS docs/FAQ`;
 
 sub storelink {
     my ($f, $line, $link) = @_;
@@ -91,7 +101,29 @@ sub storelink {
     $link =~ s:\#.*\z::;
 
     if($link =~ /^(https|http):/) {
-        $url{$link} .= "$f:$line ";
+        if($whitelist{$link}) {
+            #print "-- whitelisted: $link\n";
+        }
+        # example.com is just example
+        elsif($link =~ /^https:\/\/(.*)example.(com|org|net)/) {
+            #print "-- example: $link\n";
+        }
+        # so is using the .example TLD
+        elsif($link =~ /^https:\/\/(.*)\.example(\/|$|:)/) {
+            #print "-- .example: $link\n";
+        }
+        # so is using anything on localhost
+        elsif($link =~ /^http(s|):\/\/localhost/) {
+            #print "-- localhost: $link\n";
+        }
+        # ignore all links to curl's github repo
+        elsif($link =~ /^https:\/\/github.com\/curl\/curl(\/|$)/) {
+            #print "-- curl github repo: $link\n";
+        }
+        else {
+            #print "ADD '$link'\n";
+            $url{$link} .= "$f:$line ";
+        }
         return;
     }
 
@@ -119,11 +151,19 @@ sub findlinks {
         return;
 
     while() {
+        chomp;
         if(/\]\(([^)]*)/) {
             my $link = $1;
             #print "$f:$line $link\n";
             storelink($f, $line, $link);
         }
+        # ignore trailing: dot, quote, asterisk, hash, comma, question mark,
+        # colon, closing parenthesis, closing angle bracket, whitespace, pipe,
+        # backtick, semicolon
+        elsif(/(https:\/\/[a-z0-9.\/:%_-]+[^."*\#,?:\)> \t|`;])/i) {
+            #print "RAW ";
+            storelink($f, $line, $1);
+        }
         $line++;
     }
     close(F);
@@ -133,11 +173,10 @@ sub checkurl {
     my ($url) = @_;
 
     if($whitelist{$url}) {
-        #print "$url is whitelisted\n";
+        #print STDERR "$url is whitelisted\n";
         return 0;
     }
 
-    print "check $url\n";
     $url =~ s/\+/%2B/g;
     my @content;
     if(open(my $fh, '-|', 'curl', '-ILfsm10', '--retry', '2', '--retry-delay', '5',
@@ -146,9 +185,10 @@ sub checkurl {
         close $fh;
     }
     if(!$content[0]) {
-        print STDERR "FAIL\n";
+        print "FAIL: $url\n";
         return 1; # fail
     }
+    print "OK: $url\n";
     return 0; # ok
 }
 
@@ -157,14 +197,19 @@ for my $f (@files) {
     findlinks($f);
 }
 
-my $error;
+#for my $u (sort keys %url) {
+#    print "$u\n";
+#}
+#exit;
 
+my $error;
+my @errlist;
 for my $u (sort keys %url) {
     my $r = checkurl($u);
 
     if($r) {
         for my $f (split(/ /, $url{$u})) {
-            printf "%s ERROR links to missing URL %s\n", $f, $u;
+            push @errlist, sprintf "%s ERROR links to missing URL %s\n", $f, $u;
             $error++;
         }
     }
@@ -173,10 +218,17 @@ for my $u (sort keys %url) {
 for my $l (sort keys %flink) {
     if(! -r $l) {
         for my $f (split(/ /, $flink{$l})) {
-            printf "%s ERROR links to missing file %s\n", $f, $l;
+            push @errlist, sprintf "%s ERROR links to missing file %s\n", $f, $l;
             $error++;
         }
     }
 }
 
+printf "Checked %d URLs\n", scalar(keys %url);
+if($error) {
+    print "$error URLs had problems:\n";
+    for(@errlist) {
+        print $_;
+    }
+}
 exit 1 if($error);

From 15e5ac6da8d4827e04c5a32d4672f58492615729 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Fri, 5 Dec 2025 23:51:47 +0100
Subject: [PATCH 1147/2408] RELEASE-NOTES: synced

---
 RELEASE-NOTES | 76 +++++++++++++++++++++++++++++++++++++++++++++------
 1 file changed, 68 insertions(+), 8 deletions(-)

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 512bc5425d..af81fffb90 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -4,7 +4,7 @@ curl and libcurl 8.18.0
  Command line options:         273
  curl_easy_setopt() options:   308
  Public functions in libcurl:  100
- Contributors:                 3554
+ Contributors:                 3556
 
 This release includes the following changes:
 
@@ -50,11 +50,13 @@ This release includes the following bugfixes:
  o conncache: silence `-Wnull-dereference` on gcc 14 RISC-V 64 [17]
  o conncontrol: reuse handling [170]
  o connect: reshuffle Curl_timeleft_ms to avoid 'redundant condition' [100]
+ o connection: attached transfer count [228]
  o cookie: propagate errors better, cleanup the internal API [118]
  o cookie: return error on OOM [131]
  o cshutdn: acknowledge FD_SETSIZE for shutdown descriptors [25]
  o curl: fix progress meter in parallel mode [15]
  o curl_fopen: do not pass invalid mode flags to `open()` on Windows [84]
+ o curl_gssapi: make sure Curl_gss_log_error() has an initialized buffer [257]
  o curl_sasl: make Curl_sasl_decode_mech compare case insensitively [160]
  o curl_setup.h: document more funcs flagged by `_CRT_SECURE_NO_WARNINGS` [124]
  o curl_setup.h: drop stray `#undef stat` (Windows) [103]
@@ -62,21 +64,28 @@ This release includes the following bugfixes:
  o CURLINFO: remove 'get' and 'get the' from each short desc [50]
  o CURLINFO_SCHEME/PROTOCOL: they return the "scheme" for a "transfer" [48]
  o CURLINFO_TLS_SSL_PTR.md: remove CURLINFO_TLS_SESSION text [49]
+ o CURLMOPT_SOCKETFUNCTION.md: fix the callback argument use [206]
  o CURLOPT_READFUNCTION.md: clarify the size of the buffer [47]
  o CURLOPT_SSH_KEYFUNCTION.md: fix minor indent mistake in example
  o curlx/fopen: replace open CRT functions their with `_s` counterparts (Windows) [204]
  o curlx/multibyte: stop setting macros for non-Windows [226]
  o curlx/strerr: use `strerror_s()` on Windows [75]
+ o curlx: limit use of system allocators to the minimum possible [169]
  o curlx: replace `mbstowcs`/`wcstombs` with `_s` counterparts (Windows) [143]
  o curlx: replace `sprintf` with `snprintf` [194]
  o curlx: use curlx allocators in non-memdebug builds (Windows) [155]
  o digest_sspi: fix a memory leak on error path [149]
  o digest_sspi: properly free sspi identity [12]
  o DISTROS.md: add OpenBSD [126]
+ o DISTROS: remove broken URLs for buildroot
  o doc: some returned in-memory data may not be altered [196]
+ o docs/libcurl: fix C formatting nits [207]
+ o docs: clarify how to do unix domain sockets with SOCKS proxy [240]
  o docs: fix checksrc `EQUALSPACE` warnings [21]
  o docs: mention umask need when curl creates files [56]
+ o docs: remove dead URLs
  o docs: spell it Rustls with a capital R [181]
+ o docs: use .example URLs for proxies
  o example: fix formatting nits [232]
  o examples/crawler: fix variable [92]
  o examples/multi-uv: fix invalid req->data access [177]
@@ -84,6 +93,7 @@ This release includes the following bugfixes:
  o examples: fix minor typo [203]
  o examples: make functions/data static where missing [139]
  o examples: tidy-up headers and includes [138]
+ o FAQ: fix hackerone URL
  o file: do not pass invalid mode flags to `open()` on upload (Windows) [83]
  o ftp: refactor a piece of code by merging the repeated part [40]
  o ftp: remove #ifdef for define that is always defined [76]
@@ -103,16 +113,22 @@ This release includes the following bugfixes:
  o http: handle oom error from Curl_input_digest() [192]
  o http: replace atoi use in Curl_http_follow with curlx_str_number [65]
  o http: the :authority header should never contain user+password [147]
+ o idn: avoid allocations and wcslen on Windows [247]
  o idn: fix memory leak in `win32_ascii_to_idn()` [173]
  o idn: use curlx allocators on Windows [165]
  o imap: make sure Curl_pgrsSetDownloadSize() does not overflow [200]
  o INSTALL-CMAKE.md: document static option defaults more [37]
  o krb5: fix detecting channel binding feature [187]
  o krb5_sspi: unify a part of error handling [80]
+ o ldap: call ldap_init() before setting the options [236]
+ o ldap: improve detection of Apple LDAP [174]
+ o ldap: provide version for "legacy" ldap as well [254]
  o lib/sendf.h: forward declare two structs [221]
  o lib: cleanup for some typos about spaces and code style [3]
  o lib: eliminate size_t casts [112]
  o lib: error for OOM when extracting URL query [127]
+ o lib: fix formatting nits (part 2) [253]
+ o lib: fix formatting nits (part 3) [248]
  o lib: fix formatting nits [215]
  o lib: fix gssapi.h include on IBMi [55]
  o lib: refactor the type of funcs which have useless return and checks [1]
@@ -129,6 +145,7 @@ This release includes the following bugfixes:
  o m4/sectrust: fix test(1) operator [4]
  o manage: expand the 'libcurl support required' message [208]
  o mbedtls: fix potential use of uninitialized `nread` [8]
+ o mbedtls: sync format across log messages [213]
  o mbedtls_threadlock: avoid calloc, use array [244]
  o memdebug: add mutex for thread safety [184]
  o mk-ca-bundle.pl: default to SHA256 fingerprints with `-t` option [73]
@@ -139,6 +156,7 @@ This release includes the following bugfixes:
  o multibyte: limit `curlx_convert_*wchar*()` functions to Unicode builds [135]
  o ngtcp2+openssl: fix leak of session [172]
  o ngtcp2: remove the unused Curl_conn_is_ngtcp2 function [85]
+ o noproxy: fix ipv6 handling [239]
  o noproxy: replace atoi with curlx_str_number [67]
  o openssl: exit properly on OOM when getting certchain [133]
  o openssl: fix a potential memory leak of bio_out [150]
@@ -146,6 +164,7 @@ This release includes the following bugfixes:
  o openssl: no verify failf message unless strict [166]
  o openssl: release ssl_session if sess_reuse_cb fails [43]
  o openssl: remove code handling default version [28]
+ o openssl: simplify `HAVE_KEYLOG_CALLBACK` guard [212]
  o OS400/ccsidcurl: fix curl_easy_setopt_ccsid for non-converted blobs [94]
  o OS400/makefile.sh: fix shellcheck warning SC2038 [86]
  o osslq: code readability [5]
@@ -153,7 +172,10 @@ This release includes the following bugfixes:
  o projects/README.md: Markdown fixes [148]
  o pytest fixes and improvements [159]
  o pytest: disable two H3 earlydata tests for all platforms (was: macOS) [116]
+ o pytest: fix and improve reliability [251]
+ o pytest: improve stragglers [252]
  o pytest: skip H2 tests if feature missing from curl [46]
+ o quiche: use client writer [255]
  o ratelimit: redesign [209]
  o rtmp: fix double-free on URL parse errors [27]
  o rtmp: precaution for a potential integer truncation [54]
@@ -161,6 +183,7 @@ This release includes the following bugfixes:
  o runtests: detect bad libssh differently for test 1459 [11]
  o runtests: drop Python 2 support remains [45]
  o runtests: enable torture testing with threaded resolver [176]
+ o runtests: make memanalyzer a Perl module (for 1.1-2x speed-up per test run) [238]
  o rustls: fix a potential memory issue [81]
  o rustls: minor adjustment of sizeof() [38]
  o rustls: simplify init err path [219]
@@ -178,21 +201,29 @@ This release includes the following bugfixes:
  o socks_sspi: use free() not FreeContextBuffer() [93]
  o speedcheck: do not trigger low speed cancel on transfers with CURL_READFUNC_PAUSE [113]
  o speedlimit: also reset on send unpausing [197]
+ o src: fix formatting nits [246]
  o ssh: tracing and better pollset handling [230]
+ o sws: fix binding to unix socket on Windows [214]
  o telnet: replace atoi for BINARY handling with curlx_str_number [66]
  o TEST-SUITE.md: correct the man page's path [136]
  o test07_22: fix flakiness [95]
+ o test1498: disable 'HTTP PUT from stdin' test on Windows [115]
  o test2045: replace HTML multi-line comment markup with `#` comments [36]
+ o test3207: enable memdebug for this test again [249]
  o test363: delete stray character (typo) from a section tag [52]
+ o test787: fix possible typo `&` -> `%` in curl option [241]
  o tests/data: replace hard-coded test numbers with `%TESTNUMBER` [33]
  o tests/data: support using native newlines on disk, drop `.gitattributes` [91]
  o tests/server: do not fall back to original data file in `test2fopen()` [32]
  o tests/server: replace `atoi()` and `atol()` with `curlx_str_number()` [110]
+ o tests: add `%AMP` macro, use it in two tests [245]
  o tests: allow 2500-2503 to use ~2MB malloc [31]
  o tests: fix formatting nits [225]
  o tftp: release filename if conn_get_remote_addr fails [42]
  o tftpd: fix/tidy up `open()` mode flags [57]
+ o tidy-up: avoid `(())`, clang-format fixes and more [141]
  o tidy-up: move `CURL_UNCONST()` out from macro `curl_unicodefree()` [121]
+ o TODO: remove a mandriva.com reference
  o tool: consider (some) curl_easy_setopt errors fatal [7]
  o tool: log when loading .curlrc in verbose mode [191]
  o tool_cfgable: free ssl-sessions at exit [123]
@@ -212,6 +243,7 @@ This release includes the following bugfixes:
  o tool_urlglob: clean up used memory on errors better [44]
  o tool_writeout: bail out proper on OOM [104]
  o url: fix return code for OOM in parse_proxy() [193]
+ o url: if curl_url_get() fails due to OOM, error out properly [205]
  o url: if OOM in parse_proxy() return error [132]
  o urlapi: fix mem-leaks in curl_url_get error paths [22]
  o urlapi: handle OOM properly when setting URL [180]
@@ -253,14 +285,15 @@ advice from friends like these:
   Aleksandr Sergeev, Aleksei Bavshin, Andrew Kirillov, BANADDA, boingball,
   Brad King, bttrfl on github, Christian Schmitz, Dan Fandrich,
   Daniel McCarney, Daniel Stenberg, Deniz Parlak, Fd929c2CE5fA on github,
-  ffath-vo on github, Gisle Vanem, Jiyong Yang, Juliusz Sosinowicz, Kai Pastor,
-  Leonardo Taccari, letshack9707 on hackerone, Marc Aldorasi, Marcel Raad,
-  Max Faxälv, nait-furry, ncaklovic on github, Nick Korepanov,
-  Omdahake on github, Patrick Monnerat, pelioro on hackerone, Ray Satiro,
-  renovate[bot], Samuel Henrique, st751228051 on github, Stanislav Fort,
-  Stefan Eissing, Sunny, Thomas Klausner, Viktor Szakats, Wesley Moore,
+  ffath-vo on github, Georg Schulz-Allgaier, Gisle Vanem, Greg Hudson,
+  Jiyong Yang, Juliusz Sosinowicz, Kai Pastor, Leonardo Taccari,
+  letshack9707 on hackerone, Marc Aldorasi, Marcel Raad, Max Faxälv,
+  nait-furry, ncaklovic on github, Nick Korepanov, Omdahake on github,
+  Patrick Monnerat, pelioro on hackerone, Ray Satiro, renovate[bot],
+  Samuel Henrique, st751228051 on github, Stanislav Fort, Stefan Eissing,
+  Sunny, Theo Buehler, Thomas Klausner, Viktor Szakats, Wesley Moore,
   Xiaoke Wang, Yedaya Katsman
-  (41 contributors)
+  (44 contributors)
 
 References to bug reports and discussions on issues:
 
@@ -377,6 +410,7 @@ References to bug reports and discussions on issues:
  [112] = https://curl.se/bug/?i=19495
  [113] = https://curl.se/bug/?i=19653
  [114] = https://curl.se/bug/?i=19605
+ [115] = https://curl.se/bug/?i=19855
  [116] = https://curl.se/bug/?i=19724
  [117] = https://curl.se/bug/?i=19644
  [118] = https://curl.se/bug/?i=19493
@@ -402,6 +436,7 @@ References to bug reports and discussions on issues:
  [138] = https://curl.se/bug/?i=19580
  [139] = https://curl.se/bug/?i=19579
  [140] = https://curl.se/bug/?i=19175
+ [141] = https://curl.se/bug/?i=19854
  [142] = https://curl.se/bug/?i=19572
  [143] = https://curl.se/bug/?i=19581
  [144] = https://curl.se/bug/?i=19571
@@ -429,10 +464,12 @@ References to bug reports and discussions on issues:
  [166] = https://curl.se/bug/?i=19615
  [167] = https://curl.se/bug/?i=19609
  [168] = https://curl.se/bug/?i=19612
+ [169] = https://curl.se/bug/?i=19748
  [170] = https://curl.se/bug/?i=19333
  [171] = https://curl.se/bug/?i=19714
  [172] = https://curl.se/bug/?i=19717
  [173] = https://curl.se/bug/?i=19789
+ [174] = https://curl.se/bug/?i=19849
  [175] = https://curl.se/bug/?i=19784
  [176] = https://curl.se/bug/?i=19786
  [177] = https://curl.se/bug/?i=19462
@@ -461,10 +498,16 @@ References to bug reports and discussions on issues:
  [202] = https://curl.se/bug/?i=19669
  [203] = https://curl.se/bug/?i=19683
  [204] = https://curl.se/bug/?i=19643
+ [205] = https://curl.se/bug/?i=19838
+ [206] = https://curl.se/bug/?i=19840
+ [207] = https://curl.se/bug/?i=19844
  [208] = https://curl.se/bug/?i=19665
  [209] = https://curl.se/bug/?i=19384
  [210] = https://curl.se/bug/?i=19769
  [211] = https://curl.se/bug/?i=19768
+ [212] = https://curl.se/bug/?i=19843
+ [213] = https://curl.se/bug/?i=19842
+ [214] = https://curl.se/bug/?i=19812
  [215] = https://curl.se/bug/?i=19764
  [217] = https://curl.se/bug/?i=19763
  [219] = https://curl.se/bug/?i=19759
@@ -474,8 +517,25 @@ References to bug reports and discussions on issues:
  [223] = https://curl.se/bug/?i=16973
  [225] = https://curl.se/bug/?i=19754
  [226] = https://curl.se/bug/?i=19751
+ [228] = https://curl.se/bug/?i=19836
  [230] = https://curl.se/bug/?i=19745
  [232] = https://curl.se/bug/?i=19746
+ [236] = https://curl.se/bug/?i=19830
+ [238] = https://curl.se/bug/?i=19786
+ [239] = https://curl.se/bug/?i=19828
+ [240] = https://curl.se/bug/?i=19829
+ [241] = https://curl.se/bug/?i=19826
  [242] = https://curl.se/bug/?i=19734
  [243] = https://curl.se/bug/?i=19733
  [244] = https://curl.se/bug/?i=19732
+ [245] = https://curl.se/bug/?i=19824
+ [246] = https://curl.se/bug/?i=19823
+ [247] = https://curl.se/bug/?i=19798
+ [248] = https://curl.se/bug/?i=19811
+ [249] = https://curl.se/bug/?i=19813
+ [251] = https://curl.se/bug/?i=19970
+ [252] = https://curl.se/bug/?i=19809
+ [253] = https://curl.se/bug/?i=19800
+ [254] = https://curl.se/bug/?i=19808
+ [255] = https://curl.se/bug/?i=19803
+ [257] = https://curl.se/bug/?i=19802

From 891566c72da47250c13047f7df0d8aa94a6ff842 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Fri, 5 Dec 2025 14:12:47 +0100
Subject: [PATCH 1148/2408] ftp: make EPRT connections non-blocking

On platforms where neither accept4 nor fcntl was available, an
EPRT connection did not send the accepted socket as non-blocking.

This became apparent when TLS was in use and the test receive
on shutdown did simply hang.

Reported-by: Denis Goleshchikhin
Fixes #19753
Closes #19851
---
 lib/cf-socket.c                   |  17 ++-
 tests/http/test_30_vsftpd.py      |  13 ++-
 tests/http/test_31_vsftpds.py     |  13 ++-
 tests/http/test_32_ftps_vsftpd.py |  13 ++-
 tests/libtest/Makefile.inc        |   1 +
 tests/libtest/cli_ftp_upload.c    | 182 ++++++++++++++++++++++++++++++
 6 files changed, 231 insertions(+), 8 deletions(-)
 create mode 100644 tests/libtest/cli_ftp_upload.c

diff --git a/lib/cf-socket.c b/lib/cf-socket.c
index 1881683cc8..469e9229fd 100644
--- a/lib/cf-socket.c
+++ b/lib/cf-socket.c
@@ -2114,15 +2114,22 @@ static CURLcode cf_tcp_accept_connect(struct Curl_cfilter *cf,
           curlx_strerror(SOCKERRNO, errbuf, sizeof(errbuf)));
     return CURLE_FTP_ACCEPT_FAILED;
   }
-#if !defined(HAVE_ACCEPT4) && defined(HAVE_FCNTL)
-  if((fcntl(s_accepted, F_SETFD, FD_CLOEXEC) < 0) ||
-     (curlx_nonblock(s_accepted, TRUE) < 0)) {
-    failf(data, "fcntl set CLOEXEC/NONBLOCK: %s",
+#ifndef HAVE_ACCEPT4
+#ifdef HAVE_FCNTL
+  if(fcntl(s_accepted, F_SETFD, FD_CLOEXEC) < 0) {
+    failf(data, "fcntl set CLOEXEC: %s",
           curlx_strerror(SOCKERRNO, errbuf, sizeof(errbuf)));
     Curl_socket_close(data, cf->conn, s_accepted);
     return CURLE_FTP_ACCEPT_FAILED;
   }
-#endif
+#endif /* HAVE_FCNTL */
+  if(curlx_nonblock(s_accepted, TRUE) < 0) {
+    failf(data, "set socket NONBLOCK: %s",
+          curlx_strerror(SOCKERRNO, errbuf, sizeof(errbuf)));
+    Curl_socket_close(data, cf->conn, s_accepted);
+    return CURLE_FTP_ACCEPT_FAILED;
+  }
+#endif /* !HAVE_ACCEPT4 */
   infof(data, "Connection accepted from server");
 
   /* Replace any filter on SECONDARY with one listening on this socket */
diff --git a/tests/http/test_30_vsftpd.py b/tests/http/test_30_vsftpd.py
index 7d113d5363..bcc8b76fdd 100644
--- a/tests/http/test_30_vsftpd.py
+++ b/tests/http/test_30_vsftpd.py
@@ -31,7 +31,7 @@ import os
 import shutil
 import pytest
 
-from testenv import Env, CurlClient, VsFTPD
+from testenv import Env, CurlClient, VsFTPD, LocalClient
 
 
 log = logging.getLogger(__name__)
@@ -235,6 +235,17 @@ class TestVsFTPD:
         r.check_stats(count=1, exitcode=78)
         r.check_stats_timelines()
 
+    def test_30_12_upload_eprt(self, env: Env, vsftpd: VsFTPD):
+        docname = 'test_30_12'
+        client = LocalClient(name='cli_ftp_upload', env=env)
+        if not client.exists():
+            pytest.skip(f'example client not built: {client.name}')
+        url = f'ftp://{env.ftp_domain}:{vsftpd.port}/{docname}'
+        r = client.run(args=['-r', f'{env.ftp_domain}:{vsftpd.port}:127.0.0.1', url])
+        r.check_exit_code(0)
+        dstfile = os.path.join(vsftpd.docs_dir, docname)
+        assert os.path.exists(dstfile), f'{r.dump_logs()}'
+
     def check_downloads(self, client, srcfile: str, count: int,
                         complete: bool = True):
         for i in range(count):
diff --git a/tests/http/test_31_vsftpds.py b/tests/http/test_31_vsftpds.py
index 93fef708cc..ba4696c0cb 100644
--- a/tests/http/test_31_vsftpds.py
+++ b/tests/http/test_31_vsftpds.py
@@ -31,7 +31,7 @@ import os
 import shutil
 import pytest
 
-from testenv import Env, CurlClient, VsFTPD
+from testenv import Env, CurlClient, VsFTPD, LocalClient
 
 
 log = logging.getLogger(__name__)
@@ -260,6 +260,17 @@ class TestVsFTPD:
         r.check_exit_code(78)
         r.check_stats(count=1, exitcode=78)
 
+    def test_31_12_upload_eprt(self, env: Env, vsftpds: VsFTPD):
+        docname = 'test_31_12'
+        client = LocalClient(name='cli_ftp_upload', env=env)
+        if not client.exists():
+            pytest.skip(f'example client not built: {client.name}')
+        url = f'ftp://{env.ftp_domain}:{vsftpds.port}/{docname}'
+        r = client.run(args=['-r', f'{env.ftp_domain}:{vsftpds.port}:127.0.0.1', url])
+        r.check_exit_code(0)
+        dstfile = os.path.join(vsftpds.docs_dir, docname)
+        assert os.path.exists(dstfile), f'{r.dump_logs()}'
+
     def check_downloads(self, client, srcfile: str, count: int,
                         complete: bool = True):
         for i in range(count):
diff --git a/tests/http/test_32_ftps_vsftpd.py b/tests/http/test_32_ftps_vsftpd.py
index 7a849d3740..bac40580ee 100644
--- a/tests/http/test_32_ftps_vsftpd.py
+++ b/tests/http/test_32_ftps_vsftpd.py
@@ -31,7 +31,7 @@ import os
 import shutil
 import pytest
 
-from testenv import Env, CurlClient, VsFTPD
+from testenv import Env, CurlClient, VsFTPD, LocalClient
 
 
 log = logging.getLogger(__name__)
@@ -273,6 +273,17 @@ class TestFtpsVsFTPD:
         r.check_exit_code(78)
         r.check_stats(count=1, exitcode=78)
 
+    def test_32_12_upload_eprt(self, env: Env, vsftpds: VsFTPD):
+        docname = 'test_32_12'
+        client = LocalClient(name='cli_ftp_upload', env=env)
+        if not client.exists():
+            pytest.skip(f'example client not built: {client.name}')
+        url = f'ftps://{env.ftp_domain}:{vsftpds.port}/{docname}'
+        r = client.run(args=['-r', f'{env.ftp_domain}:{vsftpds.port}:127.0.0.1', url])
+        r.check_exit_code(0)
+        dstfile = os.path.join(vsftpds.docs_dir, docname)
+        assert os.path.exists(dstfile), f'{r.dump_logs()}'
+
     def check_downloads(self, client, srcfile: str, count: int,
                         complete: bool = True):
         for i in range(count):
diff --git a/tests/libtest/Makefile.inc b/tests/libtest/Makefile.inc
index 8efeba914d..a0d78f96c3 100644
--- a/tests/libtest/Makefile.inc
+++ b/tests/libtest/Makefile.inc
@@ -48,6 +48,7 @@ CURLX_C = \
 
 # All libtest programs
 TESTS_C = \
+  cli_ftp_upload.c \
   cli_h2_pausing.c \
   cli_h2_serverpush.c \
   cli_h2_upgrade_extreme.c \
diff --git a/tests/libtest/cli_ftp_upload.c b/tests/libtest/cli_ftp_upload.c
new file mode 100644
index 0000000000..7493a210e6
--- /dev/null
+++ b/tests/libtest/cli_ftp_upload.c
@@ -0,0 +1,182 @@
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) Daniel Stenberg, , et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ * SPDX-License-Identifier: curl
+ *
+ ***************************************************************************/
+
+#include "first.h"
+
+#include "testtrace.h"
+
+
+#ifndef CURL_DISABLE_FTP
+
+struct test_cli_ftp_upload_data {
+  const char *data;
+  size_t data_len;
+  size_t offset;
+  int done;
+};
+
+static size_t test_cli_ftp_upload_read(char *buf,
+                                       size_t nitems, size_t blen,
+                                       void *userdata)
+{
+  struct test_cli_ftp_upload_data *d = userdata;
+  size_t nread = d->data_len - d->offset;
+
+  if(nread) {
+    if(nread > (nitems * blen))
+      nread = (nitems * blen);
+    memcpy(buf, d->data + d->offset, nread);
+    d->offset += nread;
+  }
+  else
+    d->done = 1;
+  return nread;
+}
+
+static void usage_ftp_upload(const char *msg)
+{
+  if(msg)
+    curl_mfprintf(stderr, "%s\n", msg);
+  curl_mfprintf(stderr,
+    "usage: [options] url\n"
+    "  -r ::  resolve information\n"
+  );
+}
+
+#endif
+
+static CURLcode test_cli_ftp_upload(const char *URL)
+{
+#ifndef CURL_DISABLE_FTP
+  CURLM *multi_handle;
+  CURL *curl_handle;
+  int running_handles = 0;
+  int max_fd = -1;
+  struct timeval timeout = { 1, 0 };
+  fd_set fdread;
+  fd_set fdwrite;
+  fd_set fdexcep;
+  struct test_cli_ftp_upload_data data;
+  struct curl_slist *host = NULL;
+  const char *resolve = NULL, *url;
+  int ch;
+  CURLcode result = CURLE_FAILED_INIT;
+  curl_off_t uploadsize = -1;
+
+  (void)URL;
+  while((ch = cgetopt(test_argc, test_argv, "r:"))
+        != -1) {
+    switch(ch) {
+    case 'r':
+      resolve = coptarg;
+      break;
+    default:
+      usage_ftp_upload("unknown option");
+      return (CURLcode)1;
+    }
+  }
+  test_argc -= coptind;
+  test_argv += coptind;
+  if(test_argc != 1) {
+    usage_ftp_upload("not enough arguments");
+    return (CURLcode)2;
+  }
+  url = test_argv[0];
+
+  if(resolve)
+    host = curl_slist_append(NULL, resolve);
+
+  memset(&data, 0, sizeof(data));
+  data.data = "abcdefghijklmnopqrstuvwxyz"
+              "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
+  data.data_len = strlen(data.data);
+
+  curl_global_init(CURL_GLOBAL_ALL);
+  multi_handle = curl_multi_init();
+  curl_handle = curl_easy_init();
+
+  curl_easy_setopt(curl_handle, CURLOPT_FTPPORT, "-");
+  curl_easy_setopt(curl_handle, CURLOPT_FTP_USE_EPRT, 1L);
+  curl_easy_setopt(curl_handle, CURLOPT_SSL_VERIFYPEER, 0L);
+  curl_easy_setopt(curl_handle, CURLOPT_SSL_VERIFYHOST, 0L);
+  curl_easy_setopt(curl_handle, CURLOPT_USE_SSL, CURLUSESSL_TRY);
+  curl_easy_setopt(curl_handle, CURLOPT_URL, url);
+  curl_easy_setopt(curl_handle, CURLOPT_USERPWD, NULL);
+  curl_easy_setopt(curl_handle, CURLOPT_FTP_CREATE_MISSING_DIRS,
+                   CURLFTP_CREATE_DIR);
+  curl_easy_setopt(curl_handle, CURLOPT_UPLOAD, 1L);
+  curl_easy_setopt(curl_handle, CURLOPT_READFUNCTION,
+                   test_cli_ftp_upload_read);
+  curl_easy_setopt(curl_handle, CURLOPT_READDATA, &data);
+  curl_easy_setopt(curl_handle, CURLOPT_INFILESIZE_LARGE, uploadsize);
+
+  curl_easy_setopt(curl_handle, CURLOPT_VERBOSE, 1L);
+  curl_easy_setopt(curl_handle, CURLOPT_DEBUGFUNCTION, cli_debug_cb);
+  if(host)
+    curl_easy_setopt(curl_handle, CURLOPT_RESOLVE, host);
+
+  curl_multi_add_handle(multi_handle, curl_handle);
+  curl_multi_perform(multi_handle, &running_handles);
+  while(running_handles && !data.done) {
+    FD_ZERO(&fdread);
+    FD_ZERO(&fdwrite);
+    FD_ZERO(&fdexcep);
+
+    curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &max_fd);
+    select(max_fd + 1, &fdread, &fdwrite, &fdexcep, &timeout);
+    curl_multi_perform(multi_handle, &running_handles);
+  }
+  while(running_handles) {
+    curl_mfprintf(stderr, "reports to hang herel\n");
+    curl_multi_perform(multi_handle, &running_handles);
+  }
+
+  while(1) {
+    int msgq = 0;
+    struct CURLMsg *msg = curl_multi_info_read(multi_handle, &msgq);
+    if(msg && (msg->msg == CURLMSG_DONE)) {
+      if(msg->easy_handle == curl_handle) {
+        result = msg->data.result;
+      }
+    }
+    else
+      break;
+  }
+
+  curl_multi_remove_handle(multi_handle, curl_handle);
+
+  curl_easy_reset(curl_handle);
+  curl_easy_cleanup(curl_handle);
+  curl_multi_cleanup(multi_handle);
+  curl_global_cleanup();
+  curl_slist_free_all(host);
+
+  curl_mfprintf(stderr, "transfer result: %d\n", result);
+  return result;
+#else /* !CURL_DISABLE_FTP */
+  (void)URL;
+  curl_mfprintf(stderr, "FTP not enabled in libcurl\n");
+  return (CURLcode)1;
+#endif /* CURL_DISABLE_FTP */
+}

From 1c0822e8cb4ba96e4bf555d4c46bcae1d85ca343 Mon Sep 17 00:00:00 2001
From: "Robert W. Van Kirk" 
Date: Sat, 6 Dec 2025 12:00:00 -0600
Subject: [PATCH 1149/2408] formdata: validate callback is non-NULL before use

curl_formget() accepts a user-provided callback function but does not
validate it is non-NULL before calling it. If a caller passes NULL,
the function will crash with SIGSEGV.

Add NULL check at the start of the function to return an appropriate
error code instead of crashing.

Signed-off-by: Robert W. Van Kirk 
Closes #19858
---
 lib/formdata.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/lib/formdata.c b/lib/formdata.c
index b0c57b8d6f..8f95fc3df0 100644
--- a/lib/formdata.c
+++ b/lib/formdata.c
@@ -636,6 +636,10 @@ int curl_formget(struct curl_httppost *form, void *arg,
   CURLcode result;
   curl_mimepart toppart;
 
+  /* Validate callback is provided */
+  if(!append)
+    return (int)CURLE_BAD_FUNCTION_ARGUMENT;
+
   Curl_mime_initpart(&toppart); /* default form is empty */
   result = Curl_getformdata(NULL, &toppart, form, NULL);
   if(!result)

From 0b5ece553cf97f16b36bb7a6bf1071d0ae3cb3aa Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Sat, 6 Dec 2025 18:01:09 +0100
Subject: [PATCH 1150/2408] altsvc: make it one malloc instead of three per
 entry

Also return OOM correctly.

Closes #19857
---
 lib/altsvc.c | 47 ++++++++++++++++++++---------------------------
 lib/setopt.c |  2 +-
 2 files changed, 21 insertions(+), 28 deletions(-)

diff --git a/lib/altsvc.c b/lib/altsvc.c
index f2906ad4e3..31f6b515be 100644
--- a/lib/altsvc.c
+++ b/lib/altsvc.c
@@ -64,12 +64,7 @@ const char *Curl_alpnid2str(enum alpnid id)
   }
 }
 
-static void altsvc_free(struct altsvc *as)
-{
-  curlx_free(as->src.host);
-  curlx_free(as->dst.host);
-  curlx_free(as);
-}
+#define altsvc_free(x) curlx_free(x)
 
 static struct altsvc *altsvc_createid(const char *srchost,
                                       size_t hlen,
@@ -80,38 +75,35 @@ static struct altsvc *altsvc_createid(const char *srchost,
                                       size_t srcport,
                                       size_t dstport)
 {
-  struct altsvc *as = curlx_calloc(1, sizeof(struct altsvc));
-  if(!as)
-    return NULL;
-  DEBUGASSERT(hlen);
-  DEBUGASSERT(dlen);
-  if(!hlen || !dlen)
-    /* bad input */
-    goto error;
+  struct altsvc *as;
   if((hlen > 2) && srchost[0] == '[') {
     /* IPv6 address, strip off brackets */
     srchost++;
     hlen -= 2;
   }
-  else if(srchost[hlen - 1] == '.') {
+  else if(hlen && (srchost[hlen - 1] == '.')) {
     /* strip off trailing dot */
     hlen--;
-    if(!hlen)
-      goto error;
   }
   if((dlen > 2) && dsthost[0] == '[') {
     /* IPv6 address, strip off brackets */
     dsthost++;
     dlen -= 2;
   }
+  if(!hlen || !dlen)
+    /* bad input */
+    return NULL;
+  /* struct size plus both strings */
+  as = curlx_calloc(1, sizeof(struct altsvc) + (hlen + 1) + (dlen + 1));
+  if(!as)
+    return NULL;
+  as->src.host = (char *)as + sizeof(struct altsvc);
+  memcpy(as->src.host, srchost, hlen);
+  /* the null terminator is already there */
 
-  as->src.host = Curl_memdup0(srchost, hlen);
-  if(!as->src.host)
-    goto error;
-
-  as->dst.host = Curl_memdup0(dsthost, dlen);
-  if(!as->dst.host)
-    goto error;
+  as->dst.host = (char *)as + sizeof(struct altsvc) + hlen + 1;
+  memcpy(as->dst.host, dsthost, dlen);
+  /* the null terminator is already there */
 
   as->src.alpnid = srcalpnid;
   as->dst.alpnid = dstalpnid;
@@ -119,9 +111,6 @@ static struct altsvc *altsvc_createid(const char *srchost,
   as->dst.port = (unsigned short)dstport;
 
   return as;
-error:
-  altsvc_free(as);
-  return NULL;
 }
 
 static struct altsvc *altsvc_create(struct Curl_str *srchost,
@@ -194,6 +183,8 @@ static CURLcode altsvc_add(struct altsvcinfo *asi, const char *line)
       as->persist = persist ? 1 : 0;
       Curl_llist_append(&asi->list, as, &as->node);
     }
+    else
+      return CURLE_OUT_OF_MEMORY;
   }
 
   return CURLE_OK;
@@ -600,6 +591,8 @@ CURLcode Curl_altsvc_parse(struct Curl_easy *data,
                   (int)curlx_strlen(&dsthost), curlx_str(&dsthost),
                   dstport, Curl_alpnid2str(dstalpnid));
           }
+          else
+            return CURLE_OUT_OF_MEMORY;
         }
       }
       else
diff --git a/lib/setopt.c b/lib/setopt.c
index 476506dad4..24d8fe8de0 100644
--- a/lib/setopt.c
+++ b/lib/setopt.c
@@ -2532,7 +2532,7 @@ static CURLcode setopt_cptr(struct Curl_easy *data, CURLoption option,
     if(result)
       return result;
     if(ptr)
-      (void)Curl_altsvc_load(data->asi, ptr);
+      return Curl_altsvc_load(data->asi, ptr);
     break;
 #endif /* ! CURL_DISABLE_ALTSVC */
 #ifdef USE_ECH

From f4b56f34ba881efad011ce1361c52340e3de3a2e Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Sat, 6 Dec 2025 23:45:06 +0100
Subject: [PATCH 1151/2408] asyn-thrdd: fix Curl_async_getaddrinfo() on systems
 without getaddrinfo

Follow-up to ce06fe77710525
Bug: https://github.com/curl/curl/commit/ce06fe7771052549ff430c86173b2eaca91f8a9c#r172215567
Reported-by: Harry Sintonen
Closes #19859
---
 lib/asyn-thrdd.c | 14 ++++----------
 1 file changed, 4 insertions(+), 10 deletions(-)

diff --git a/lib/asyn-thrdd.c b/lib/asyn-thrdd.c
index e5bf0629d3..aa686271a0 100644
--- a/lib/asyn-thrdd.c
+++ b/lib/asyn-thrdd.c
@@ -725,24 +725,18 @@ CURLcode Curl_async_pollset(struct Curl_easy *data, struct easy_pollset *ps)
 /*
  * Curl_async_getaddrinfo() - for platforms without getaddrinfo
  */
-struct Curl_addrinfo *Curl_async_getaddrinfo(struct Curl_easy *data,
-                                             const char *hostname,
-                                             int port,
-                                             int ip_version,
-                                             int *waitp)
+CURLcode Curl_async_getaddrinfo(struct Curl_easy *data, const char *hostname,
+                                int port, int ip_version)
 {
   (void)ip_version;
-  *waitp = 0; /* default to synchronous response */
 
   /* fire up a new resolver thread! */
   if(async_thrdd_init(data, hostname, port, ip_version, NULL)) {
-    *waitp = 1; /* expect asynchronous response */
-    return NULL;
+    return CURLE_OK;
   }
 
   failf(data, "getaddrinfo() thread failed");
-
-  return NULL;
+  return CURLE_FAILED_INIT;
 }
 
 #else /* !HAVE_GETADDRINFO */

From 65597f8fc92671400ddd3572749e58b07c3c8477 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Sun, 7 Dec 2025 00:03:56 +0100
Subject: [PATCH 1152/2408] noproxy: fix build on systems without IPv6

Follow-up to ff2aaed9ba6f186feb57f89fc6854
Reported-by: Harry Sintonen
Closes #19860
---
 lib/noproxy.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lib/noproxy.c b/lib/noproxy.c
index e0d0877fdc..86acf8ba2b 100644
--- a/lib/noproxy.c
+++ b/lib/noproxy.c
@@ -211,8 +211,10 @@ bool Curl_check_noproxy(const char *name, const char *no_proxy)
     namelen = strlen(name);
     if(curlx_inet_pton(AF_INET, name, &address) == 1)
       type = TYPE_IPV4;
+#ifdef USE_IPV6
     else if(curlx_inet_pton(AF_INET6, name, &address) == 1)
       type = TYPE_IPV6;
+#endif
     else {
       /* ignore trailing dots in the hostname */
       if(name[namelen - 1] == '.')

From 9ec63d8565c9d3194c70e2ad3433b623308ee467 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Sun, 7 Dec 2025 12:24:33 +0100
Subject: [PATCH 1153/2408] hsts: use one malloc instead of two per entry

Closes #19861
---
 lib/hsts.c | 21 +++++----------------
 lib/hsts.h |  2 +-
 2 files changed, 6 insertions(+), 17 deletions(-)

diff --git a/lib/hsts.c b/lib/hsts.c
index 66f983e493..62c4c587df 100644
--- a/lib/hsts.c
+++ b/lib/hsts.c
@@ -75,11 +75,7 @@ struct hsts *Curl_hsts_init(void)
   return h;
 }
 
-static void hsts_free(struct stsentry *e)
-{
-  curlx_free(CURL_UNCONST(e->host));
-  curlx_free(e);
-}
+#define hsts_free(x) curlx_free(x)
 
 void Curl_hsts_cleanup(struct hsts **hp)
 {
@@ -111,18 +107,11 @@ static CURLcode hsts_create(struct hsts *h,
     /* strip off any trailing dot */
     --hlen;
   if(hlen) {
-    char *duphost;
-    struct stsentry *sts = curlx_calloc(1, sizeof(struct stsentry));
+    struct stsentry *sts = curlx_calloc(1, sizeof(struct stsentry) + hlen);
     if(!sts)
       return CURLE_OUT_OF_MEMORY;
-
-    duphost = Curl_memdup0(hostname, hlen);
-    if(!duphost) {
-      curlx_free(sts);
-      return CURLE_OUT_OF_MEMORY;
-    }
-
-    sts->host = duphost;
+    /* the null terminator is already there */
+    memcpy(sts->host, hostname, hlen);
     sts->expires = expires;
     sts->includeSubDomains = subdomains;
     Curl_llist_append(&h->list, sts, &sts->node);
@@ -294,7 +283,7 @@ static CURLcode hsts_push(struct Curl_easy *data,
   struct tm stamp;
   CURLcode result;
 
-  e.name = (char *)CURL_UNCONST(sts->host);
+  e.name = (char *)sts->host;
   e.namelen = strlen(sts->host);
   e.includeSubDomains = sts->includeSubDomains;
 
diff --git a/lib/hsts.h b/lib/hsts.h
index 91fe778788..bd6ebba4de 100644
--- a/lib/hsts.h
+++ b/lib/hsts.h
@@ -35,9 +35,9 @@ extern time_t deltatime;
 
 struct stsentry {
   struct Curl_llist_node node;
-  const char *host;
   curl_off_t expires; /* the timestamp of this entry's expiry */
   BIT(includeSubDomains);
+  char host[1];
 };
 
 /* The HSTS cache. Needs to be able to tailmatch hostnames. */

From a3f4fd25d3991fe955afa2f5e3994c04339cc842 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Sun, 7 Dec 2025 12:35:42 +0100
Subject: [PATCH 1154/2408] http: return OOM errors from hsts properly

When Curl_hsts_parse() fails with out of memory, return it to parent.

Closes #19862
---
 lib/http.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/lib/http.c b/lib/http.c
index ba42f19ff0..ce5f5becdf 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -3501,8 +3501,11 @@ static CURLcode http_header_s(struct Curl_easy *data,
   if(v) {
     CURLcode check =
       Curl_hsts_parse(data->hsts, conn->host.name, v);
-    if(check)
+    if(check) {
+      if(check == CURLE_OUT_OF_MEMORY)
+        return check;
       infof(data, "Illegal STS header skipped");
+    }
 #ifdef DEBUGBUILD
     else
       infof(data, "Parsed STS header fine (%zu entries)",

From cc5c1553fbdb8c1391d0cf81134583ee32da64d4 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Fri, 5 Dec 2025 14:53:35 +0100
Subject: [PATCH 1155/2408] wolfssl: fix possible assert with `!HAVE_NO_EX`
 wolfSSL builds

Without this option `wolfSSL_get_app_data()` always returns NULL.
Disable codepaths using it (and its `set` pair) when curl is built
against a wolfSSL library with this option missing.

Fixing:
```
curl: ../../lib/vtls/wolfssl.c:486: wssl_vtls_new_session_cb: Assertion `cf != ((void *)0)' failed.
```

wolfSSL can be built with the `--enable-context-extra-user-data` or
`-DWOLFSSL_EX_DATA` option to enable this feature. Some higher-level
features also enable it automatically like QUIC, ASIO.

Reported-by: Yedaya Katsman
Bug: https://github.com/curl/curl/pull/19816#issuecomment-3606447845
Ref: https://github.com/curl/curl/actions/runs/19871780796/job/56949160740

Closes #19852
---
 lib/vtls/wolfssl.c | 8 ++++++++
 lib/vtls/wolfssl.h | 2 ++
 2 files changed, 10 insertions(+)

diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c
index d4d586b0ea..0c47e9c2ee 100644
--- a/lib/vtls/wolfssl.c
+++ b/lib/vtls/wolfssl.c
@@ -414,6 +414,7 @@ static void wssl_bio_cf_free_methods(void)
 
 #endif /* !USE_BIO_CHAIN */
 
+#ifdef HAVE_EX_DATA
 CURLcode Curl_wssl_cache_session(struct Curl_cfilter *cf,
                                  struct Curl_easy *data,
                                  const char *ssl_peer_key,
@@ -497,6 +498,7 @@ static int wssl_vtls_new_session_cb(WOLFSSL *ssl, WOLFSSL_SESSION *session)
   }
   return 0;
 }
+#endif
 
 static CURLcode wssl_on_session_reuse(struct Curl_cfilter *cf,
                                       struct Curl_easy *data,
@@ -1260,10 +1262,12 @@ CURLcode Curl_wssl_ctx_init(struct wssl_ctx *wctx,
   }
 #endif
 
+#ifdef HAVE_EX_DATA
   if(Curl_ssl_scache_use(cf, data) && (transport != TRNSPRT_QUIC)) {
     /* Register to get notified when a new session is received */
     wolfSSL_CTX_sess_set_new_cb(wctx->ssl_ctx, wssl_vtls_new_session_cb);
   }
+#endif
 
   if(cb_setup) {
     result = cb_setup(cf, data, cb_user_data);
@@ -1304,7 +1308,11 @@ CURLcode Curl_wssl_ctx_init(struct wssl_ctx *wctx,
     goto out;
   }
 
+#ifdef HAVE_EX_DATA
   wolfSSL_set_app_data(wctx->ssl, ssl_user_data);
+#else
+  (void)ssl_user_data;
+#endif
 #ifdef WOLFSSL_QUIC
   if(transport == TRNSPRT_QUIC)
     wolfSSL_set_quic_use_legacy_codepoint(wctx->ssl, 0);
diff --git a/lib/vtls/wolfssl.h b/lib/vtls/wolfssl.h
index 5e3c9e2c5d..736da9a1a6 100644
--- a/lib/vtls/wolfssl.h
+++ b/lib/vtls/wolfssl.h
@@ -75,6 +75,7 @@ CURLcode Curl_wssl_setup_x509_store(struct Curl_cfilter *cf,
                                     struct Curl_easy *data,
                                     struct wssl_ctx *wssl);
 
+#ifdef HAVE_EX_DATA
 CURLcode Curl_wssl_cache_session(struct Curl_cfilter *cf,
                                  struct Curl_easy *data,
                                  const char *ssl_peer_key,
@@ -83,6 +84,7 @@ CURLcode Curl_wssl_cache_session(struct Curl_cfilter *cf,
                                  const char *alpn,
                                  unsigned char *quic_tp,
                                  size_t quic_tp_len);
+#endif
 
 CURLcode Curl_wssl_verify_pinned(struct Curl_cfilter *cf,
                                  struct Curl_easy *data,

From f08417c4259a3b9a2e4d72a48fa02ce6502cb587 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sun, 7 Dec 2025 16:58:34 +0100
Subject: [PATCH 1156/2408] runner.pm: run memanalyzer as a Perl module

To improve performance of torture tests.

Also on Windows, where this patch may make those viable for CI.

Linux   !FTP    4m47 ->  4m24 (-shallow=25)
Linux    FTP    2m30 ->  2m23 (-shallow=25)
macOS   !FTP   14m30 -> 13m07 (-shallow=25)
macOS    FTP    3m57 ->  3m59 (-shallow=25)
Windows !FTP  >25m   ->  4m47 to 14m45 (-shallow=5 to 25) (not in CI)

Linux
Before: https://github.com/curl/curl/actions/runs/20006771767/job/57370205514
After: https://github.com/curl/curl/actions/runs/20006783210/job/57370236911?pr=19863

macOS:
Before: https://github.com/curl/curl/actions/runs/20006771786/job/57370205769
After: https://github.com/curl/curl/actions/runs/20006783177/job/57370236995?pr=19863

Windows:
Before: https://github.com/curl/curl/actions/runs/19667198537/job/56326962912?pr=19675
After: https://github.com/curl/curl/actions/runs/20007175773/job/57371768734?pr=19863
After shallow=25: https://github.com/curl/curl/actions/runs/20008523913/job/57374427449?pr=19865

Ref: #19675
Follow-up to 472bc9032374f98f48f7a2df6c644cff91fe142c #19821
Closes #19863
---
 tests/runner.pm | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/tests/runner.pm b/tests/runner.pm
index b69bbf2420..10be04bd4b 100644
--- a/tests/runner.pm
+++ b/tests/runner.pm
@@ -107,6 +107,7 @@ use testutil qw(
     subnewlines
     );
 use valgrind;
+use memanalyzer;
 
 
 #######################################################################
@@ -449,7 +450,7 @@ sub torture {
 
     # memanalyze -v is our friend, get the number of allocations made
     my $count=0;
-    my @out = `$memanalyze -v "$LOGDIR/$MEMDUMP"`;
+    my @out = memanalyze("$LOGDIR/$MEMDUMP", 1, 0, 0);
     for(@out) {
         if(/^Operations: (\d+)/) {
             $count = $1;
@@ -549,7 +550,7 @@ sub torture {
             $fail=1;
         }
         else {
-            my @memdata=`$memanalyze "$LOGDIR/$MEMDUMP"`;
+            my @memdata = memanalyze("$LOGDIR/$MEMDUMP", 0, 0, 0);
             my $leak=0;
             for(@memdata) {
                 if($_ ne "") {
@@ -561,7 +562,7 @@ sub torture {
             if($leak) {
                 logmsg "** MEMORY FAILURE\n";
                 logmsg @memdata;
-                logmsg `$memanalyze -l "$LOGDIR/$MEMDUMP"`;
+                logmsg memanalyze("$LOGDIR/$MEMDUMP", 0, 0, 1);
                 $fail = 1;
             }
         }

From c6e5dfa2c67570f98225959148a6e78c1e2180f2 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Sun, 7 Dec 2025 13:17:24 +0100
Subject: [PATCH 1157/2408] cookie: allocate the main struct once cookie is
 fine

This delays the allocating of the cookie struct until after all the
checks have been done, as many cookies are received and discarded
instead of accepted and this then saves one allocation for every
discarded cookie.

Closes #19864
---
 lib/cookie.c | 29 ++++++++++++++++++-----------
 1 file changed, 18 insertions(+), 11 deletions(-)

diff --git a/lib/cookie.c b/lib/cookie.c
index 5c29768bbd..743ed56404 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -65,14 +65,15 @@ static void cap_expires(time_t now, struct Cookie *co)
   }
 }
 
-static void freecookie(struct Cookie *co)
+static void freecookie(struct Cookie *co, bool maintoo)
 {
   curlx_free(co->domain);
   curlx_free(co->path);
   curlx_free(co->spath);
   curlx_free(co->name);
   curlx_free(co->value);
-  curlx_free(co);
+  if(maintoo)
+    curlx_free(co);
 }
 
 static bool cookie_tailmatch(const char *cookie_domain,
@@ -312,7 +313,7 @@ static void remove_expired(struct CookieInfo *ci)
       if(co->expires) {
         if(co->expires < now) {
           Curl_node_remove(n);
-          freecookie(co);
+          freecookie(co, TRUE);
           ci->numcookies--;
         }
         else if(co->expires < ci->next_expiration)
@@ -938,7 +939,7 @@ static bool replace_existing(struct Curl_easy *data,
     Curl_node_remove(replace_n);
 
     /* free the old cookie */
-    freecookie(repl);
+    freecookie(repl, TRUE);
   }
   *replacep = replace_old;
   return TRUE;
@@ -964,6 +965,7 @@ Curl_cookie_add(struct Curl_easy *data,
                                        unless set */
                 bool secure)  /* TRUE if connection is over secure origin */
 {
+  struct Cookie comem;
   struct Cookie *co;
   size_t myhash;
   CURLcode result;
@@ -975,10 +977,8 @@ Curl_cookie_add(struct Curl_easy *data,
   if(data->req.setcookies >= MAX_SET_COOKIE_AMOUNT)
     return CURLE_OK; /* silently ignore */
 
-  /* First, alloc and init a new struct for it */
-  co = curlx_calloc(1, sizeof(struct Cookie));
-  if(!co)
-    return CURLE_OUT_OF_MEMORY; /* bail out if we are this low on memory */
+  co = &comem;
+  memset(co, 0, sizeof(comem));
 
   if(httpheader)
     result = parse_cookie_header(data, co, ci, &okay,
@@ -1028,6 +1028,13 @@ Curl_cookie_add(struct Curl_easy *data,
   if(!replace_existing(data, co, ci, secure, &replaces))
     goto fail;
 
+  /* clone the stack struct into heap */
+  co = Curl_memdup(&comem, sizeof(comem));
+  if(!co) {
+    co = &comem;
+    goto fail; /* bail out if we are this low on memory */
+  }
+
   /* add this cookie to the list */
   myhash = cookiehash(co->domain);
   Curl_llist_append(&ci->cookielist[myhash], co, &co->node);
@@ -1054,7 +1061,7 @@ Curl_cookie_add(struct Curl_easy *data,
 
   return result;
 fail:
-  freecookie(co);
+  freecookie(co, FALSE);
   return result;
 }
 
@@ -1382,7 +1389,7 @@ void Curl_cookie_clearall(struct CookieInfo *ci)
         struct Cookie *c = Curl_node_elem(n);
         struct Curl_llist_node *e = Curl_node_next(n);
         Curl_node_remove(n);
-        freecookie(c);
+        freecookie(c, TRUE);
         n = e;
       }
     }
@@ -1411,7 +1418,7 @@ void Curl_cookie_clearsess(struct CookieInfo *ci)
       e = Curl_node_next(n); /* in case the node is removed, get it early */
       if(!curr->expires) {
         Curl_node_remove(n);
-        freecookie(curr);
+        freecookie(curr, TRUE);
         ci->numcookies--;
       }
     }

From 524936fbebf2a37f5d02c97da2842fa6655a25bd Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Sun, 7 Dec 2025 13:49:33 +0100
Subject: [PATCH 1158/2408] cookie: when parsing a cookie header, delay all
 allocations until okay

To avoid wasting time allocating data for incoming cookies that are
discarded for one reason or another, delay allocations until after
verifications are done.

Closes #19864
---
 lib/cookie.c | 145 +++++++++++++++++++++++++++------------------------
 1 file changed, 77 insertions(+), 68 deletions(-)

diff --git a/lib/cookie.c b/lib/cookie.c
index 743ed56404..743a7a8328 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -43,8 +43,6 @@
 #include "bufref.h"
 #include "curlx/strparse.h"
 
-static void strstore(char **str, const char *newstr, size_t len);
-
 /* number of seconds in 400 days */
 #define COOKIES_MAXAGE (400 * 24 * 3600)
 
@@ -263,15 +261,17 @@ static char *sanitize_cookie_path(const char *cookie_path)
  * parsing in a last-wins scenario. The caller is responsible for checking
  * for OOM errors.
  */
-static void strstore(char **str, const char *newstr, size_t len)
+static CURLcode strstore(char **str, const char *newstr, size_t len)
 {
   DEBUGASSERT(str);
-  curlx_free(*str);
   if(!len) {
     len++;
     newstr = "";
   }
   *str = Curl_memdup0(newstr, len);
+  if(!*str)
+    return CURLE_OUT_OF_MEMORY;
+  return CURLE_OK;
 }
 
 /*
@@ -356,14 +356,15 @@ static bool bad_domain(const char *domain, size_t len)
   fine. The prime reason for filtering out control bytes is that some HTTP
   servers return 400 for requests that contain such.
 */
-static bool invalid_octets(const char *ptr)
+static bool invalid_octets(const char *ptr, size_t len)
 {
   const unsigned char *p = (const unsigned char *)ptr;
   /* Reject all bytes \x01 - \x1f (*except* \x09, TAB) + \x7f */
-  while(*p) {
+  while(len && *p) {
     if(((*p != 9) && (*p < 0x20)) || (*p == 0x7f))
       return TRUE;
     p++;
+    len--;
   }
   return FALSE;
 }
@@ -375,6 +376,57 @@ static bool invalid_octets(const char *ptr)
 */
 #define MAX_DATE_LENGTH 80
 
+#define COOKIE_NAME 0
+#define COOKIE_VALUE 1
+#define COOKIE_DOMAIN 2
+#define COOKIE_PATH 3
+
+#define COOKIE_PIECES 4 /* the list above */
+
+static CURLcode storecookie(struct Cookie *co, struct Curl_str *cp,
+                            const char *path, const char *domain)
+{
+  CURLcode result;
+  result = strstore(&co->name, curlx_str(&cp[COOKIE_NAME]),
+                    curlx_strlen(&cp[COOKIE_NAME]));
+  if(!result)
+    result = strstore(&co->value, curlx_str(&cp[COOKIE_VALUE]),
+                      curlx_strlen(&cp[COOKIE_VALUE]));
+  if(!result) {
+    if(curlx_strlen(&cp[COOKIE_PATH]))
+      result = strstore(&co->path, curlx_str(&cp[COOKIE_PATH]),
+                        curlx_strlen(&cp[COOKIE_PATH]));
+    else if(path) {
+      /* No path was given in the header line, set the default */
+      const char *endslash = strrchr(path, '/');
+      if(endslash) {
+        size_t pathlen = (endslash - path + 1); /* include end slash */
+        co->path = Curl_memdup0(path, pathlen);
+        if(!co->path)
+          result = CURLE_OUT_OF_MEMORY;
+      }
+    }
+
+    if(!result && co->path) {
+      co->spath = sanitize_cookie_path(co->path);
+      if(!co->spath)
+        result = CURLE_OUT_OF_MEMORY;
+    }
+  }
+  if(!result) {
+    if(curlx_strlen(&cp[COOKIE_DOMAIN]))
+      result = strstore(&co->domain, curlx_str(&cp[COOKIE_DOMAIN]),
+                        curlx_strlen(&cp[COOKIE_DOMAIN]));
+    else if(domain) {
+      /* no domain was given in the header line, set the default */
+      co->domain = curlx_strdup(domain);
+      if(!co->domain)
+        result = CURLE_OUT_OF_MEMORY;
+    }
+  }
+  return result;
+}
+
 /* this function return errors on OOM etc, not on plain cookie format
    problems */
 static CURLcode
@@ -393,6 +445,8 @@ parse_cookie_header(struct Curl_easy *data,
   /* This line was read off an HTTP-header */
   time_t now;
   size_t linelength = strlen(ptr);
+  CURLcode result;
+  struct Curl_str cookie[COOKIE_PIECES] = { 0 };
   *okay = FALSE;
   if(linelength > MAX_COOKIE_LINE)
     /* discard overly long lines at once */
@@ -449,29 +503,18 @@ parse_cookie_header(struct Curl_easy *data,
       else if(!strncmp("__Host-", curlx_str(&name), 7))
         co->prefix_host = TRUE;
 
-      /*
-       * Use strstore() below to properly deal with received cookie
-       * headers that have the same string property set more than once,
-       * and then we use the last one.
-       */
-
-      if(!co->name) {
+      if(!curlx_strlen(&cookie[COOKIE_NAME])) {
         /* The first name/value pair is the actual cookie name */
-        if(!sep)
-          /* Bad name/value pair. */
-          return CURLE_OK;
-
-        strstore(&co->name, curlx_str(&name), curlx_strlen(&name));
-        if(co->name)
-          strstore(&co->value, curlx_str(&val), curlx_strlen(&val));
-        if(!co->name || !co->value)
-          return CURLE_OUT_OF_MEMORY;
-        done = TRUE;
-
-        if(invalid_octets(co->value) || invalid_octets(co->name)) {
+        if(!sep ||
+           /* Bad name/value pair. */
+           invalid_octets(curlx_str(&name), curlx_strlen(&name)) ||
+           invalid_octets(curlx_str(&val), curlx_strlen(&val))) {
           infof(data, "invalid octets in name/value, cookie dropped");
           return CURLE_OK;
         }
+        cookie[COOKIE_NAME] = name;
+        cookie[COOKIE_VALUE] = val;
+        done = TRUE;
       }
       else if(!curlx_strlen(&val)) {
         /*
@@ -501,13 +544,7 @@ parse_cookie_header(struct Curl_easy *data,
       if(done)
         ;
       else if(curlx_str_casecompare(&name, "path")) {
-        strstore(&co->path, curlx_str(&val), curlx_strlen(&val));
-        if(!co->path)
-          return CURLE_OUT_OF_MEMORY;
-        curlx_free(co->spath); /* if this is set again */
-        co->spath = sanitize_cookie_path(co->path);
-        if(!co->spath)
-          return CURLE_OUT_OF_MEMORY;
+        cookie[COOKIE_PATH] = val;
       }
       else if(curlx_str_casecompare(&name, "domain") && curlx_strlen(&val)) {
         bool is_ip;
@@ -538,10 +575,7 @@ parse_cookie_header(struct Curl_easy *data,
             (curlx_strlen(&val) == strlen(domain))) ||
            (!is_ip && cookie_tailmatch(curlx_str(&val),
                                           curlx_strlen(&val), domain))) {
-          strstore(&co->domain, curlx_str(&val), curlx_strlen(&val));
-          if(!co->domain)
-            return CURLE_OUT_OF_MEMORY;
-
+          cookie[COOKIE_DOMAIN] = val;
           if(!is_ip)
             co->tailmatch = TRUE; /* we always do that if the domain name was
                                      given */
@@ -627,40 +661,15 @@ parse_cookie_header(struct Curl_easy *data,
       break;
   } while(1);
 
-  if(!co->domain && domain) {
-    /* no domain was given in the header line, set the default */
-    co->domain = curlx_strdup(domain);
-    if(!co->domain)
-      return CURLE_OUT_OF_MEMORY;
-  }
-
-  if(!co->path && path) {
-    /*
-     * No path was given in the header line, set the default.
-     */
-    const char *endslash = strrchr(path, '/');
-    if(endslash) {
-      size_t pathlen = (endslash - path + 1); /* include end slash */
-      co->path = Curl_memdup0(path, pathlen);
-      if(co->path) {
-        co->spath = sanitize_cookie_path(co->path);
-        if(!co->spath)
-          return CURLE_OUT_OF_MEMORY;
-      }
-      else
-        return CURLE_OUT_OF_MEMORY;
-    }
-  }
-
-  /*
-   * If we did not get a cookie name, or a bad one, the this is an illegal
-   * line so bail out.
-   */
-  if(!co->name)
+  if(!curlx_strlen(&cookie[COOKIE_NAME]))
+    /* If we did not get a cookie name, or a bad one, bail out. */
     return CURLE_OK;
 
-  *okay = TRUE;
-  return CURLE_OK;
+  /* the header was fine, now store the data */
+  result = storecookie(co, &cookie[0], path, domain);
+  if(!result)
+    *okay = TRUE;
+  return result;
 }
 
 static CURLcode parse_netscape(struct Cookie *co,

From a093c93994d2afed3beed94809844c961d3f4a64 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Sun, 7 Dec 2025 16:09:13 +0100
Subject: [PATCH 1159/2408] cookie: only keep and use the canonical cleaned up
 path

Instead of keeping both versions around.

Closes #19864
---
 lib/cookie.c        |  82 ++++++++++++++++--------------------
 lib/cookie.h        |   3 +-
 tests/data/test1105 |   4 +-
 tests/data/test1561 |   2 +-
 tests/data/test1903 |   4 +-
 tests/data/test1905 |   4 +-
 tests/data/test31   |  28 ++++++-------
 tests/data/test420  |   8 ++--
 tests/data/test444  | 100 ++++++++++++++++++++++----------------------
 tests/data/test46   |   2 +-
 tests/data/test61   |   4 +-
 11 files changed, 116 insertions(+), 125 deletions(-)

diff --git a/lib/cookie.c b/lib/cookie.c
index 743a7a8328..7efce5611f 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -67,7 +67,6 @@ static void freecookie(struct Cookie *co, bool maintoo)
 {
   curlx_free(co->domain);
   curlx_free(co->path);
-  curlx_free(co->spath);
   curlx_free(co->name);
   curlx_free(co->value);
   if(maintoo)
@@ -227,20 +226,19 @@ static size_t cookiehash(const char * const domain)
 /*
  * cookie path sanitize
  */
-static char *sanitize_cookie_path(const char *cookie_path)
+static char *sanitize_cookie_path(const char *cookie_path, size_t len)
 {
-  size_t len = strlen(cookie_path);
-
   /* some sites send path attribute within '"'. */
-  if(cookie_path[0] == '\"') {
+  if(len && (cookie_path[0] == '\"')) {
     cookie_path++;
     len--;
+
+    if(len && (cookie_path[len - 1] == '\"'))
+      len--;
   }
-  if(len && (cookie_path[len - 1] == '\"'))
-    len--;
 
   /* RFC6265 5.2.4 The Path Attribute */
-  if(cookie_path[0] != '/')
+  if(!len || (cookie_path[0] != '/'))
     /* Let cookie-path be the default-path. */
     return curlx_strdup("/");
 
@@ -393,23 +391,23 @@ static CURLcode storecookie(struct Cookie *co, struct Curl_str *cp,
     result = strstore(&co->value, curlx_str(&cp[COOKIE_VALUE]),
                       curlx_strlen(&cp[COOKIE_VALUE]));
   if(!result) {
-    if(curlx_strlen(&cp[COOKIE_PATH]))
-      result = strstore(&co->path, curlx_str(&cp[COOKIE_PATH]),
-                        curlx_strlen(&cp[COOKIE_PATH]));
+    size_t plen = 0;
+    if(curlx_strlen(&cp[COOKIE_PATH])) {
+      path = curlx_str(&cp[COOKIE_PATH]);
+      plen = curlx_strlen(&cp[COOKIE_PATH]);
+    }
     else if(path) {
       /* No path was given in the header line, set the default */
       const char *endslash = strrchr(path, '/');
-      if(endslash) {
-        size_t pathlen = (endslash - path + 1); /* include end slash */
-        co->path = Curl_memdup0(path, pathlen);
-        if(!co->path)
-          result = CURLE_OUT_OF_MEMORY;
-      }
+      if(endslash)
+        plen = (endslash - path + 1); /* include end slash */
+      else
+        plen = strlen(path);
     }
 
-    if(!result && co->path) {
-      co->spath = sanitize_cookie_path(co->path);
-      if(!co->spath)
+    if(path) {
+      co->path = sanitize_cookie_path(path, plen);
+      if(!co->path)
         result = CURLE_OUT_OF_MEMORY;
     }
   }
@@ -734,23 +732,17 @@ static CURLcode parse_netscape(struct Cookie *co,
       /* The file format allows the path field to remain not filled in */
       if(strncmp("TRUE", ptr, len) && strncmp("FALSE", ptr, len)) {
         /* only if the path does not look like a boolean option! */
-        co->path = Curl_memdup0(ptr, len);
+        co->path = sanitize_cookie_path(ptr, len);
         if(!co->path)
           return CURLE_OUT_OF_MEMORY;
-        else {
-          co->spath = sanitize_cookie_path(co->path);
-          if(!co->spath)
-            return CURLE_OUT_OF_MEMORY;
-        }
         break;
       }
-      /* this does not look like a path, make one up! */
-      co->path = curlx_strdup("/");
-      if(!co->path)
-        return CURLE_OUT_OF_MEMORY;
-      co->spath = curlx_strdup("/");
-      if(!co->spath)
-        return CURLE_OUT_OF_MEMORY;
+      else {
+        /* this does not look like a path, make one up! */
+        co->path = curlx_strdup("/");
+        if(!co->path)
+          return CURLE_OUT_OF_MEMORY;
+      }
       fields++; /* add a field and fall down to secure */
       FALLTHROUGH();
     case 3:
@@ -875,7 +867,7 @@ static bool replace_existing(struct Curl_easy *data,
         matching_domains = TRUE;
 
       if(matching_domains && /* the domains were identical */
-         clist->spath && co->spath && /* both have paths */
+         clist->path && co->path && /* both have paths */
          clist->secure && !co->secure && !secure) {
         size_t cllen;
         const char *sep = NULL;
@@ -887,15 +879,15 @@ static bool replace_existing(struct Curl_easy *data,
          * "/loginhelper" is ok.
          */
 
-        DEBUGASSERT(clist->spath[0]);
-        if(clist->spath[0])
-          sep = strchr(clist->spath + 1, '/');
+        DEBUGASSERT(clist->path[0]);
+        if(clist->path[0])
+          sep = strchr(clist->path + 1, '/');
         if(sep)
-          cllen = sep - clist->spath;
+          cllen = sep - clist->path;
         else
-          cllen = strlen(clist->spath);
+          cllen = strlen(clist->path);
 
-        if(curl_strnequal(clist->spath, co->spath, cllen)) {
+        if(curl_strnequal(clist->path, co->path, cllen)) {
           infof(data, "cookie '%s' for domain '%s' dropped, would "
                 "overlay an existing cookie", co->name, co->domain);
           return FALSE;
@@ -918,10 +910,10 @@ static bool replace_existing(struct Curl_easy *data,
       if(replace_old) {
         /* the domains were identical */
 
-        if(clist->spath && co->spath &&
-           !curl_strequal(clist->spath, co->spath))
+        if(clist->path && co->path &&
+           !curl_strequal(clist->path, co->path))
           replace_old = FALSE;
-        else if(!clist->spath != !co->spath)
+        else if(!clist->path != !co->path)
           replace_old = FALSE;
       }
 
@@ -1007,7 +999,7 @@ Curl_cookie_add(struct Curl_easy *data,
      * The __Host- prefix requires the cookie to be secure, have a "/" path
      * and not have a domain set.
      */
-    if(co->secure && co->path && strcmp(co->path, "/") == 0 && !co->tailmatch)
+    if(co->secure && co->path && !strcmp(co->path, "/") && !co->tailmatch)
       ;
     else
       goto fail;
@@ -1324,7 +1316,7 @@ CURLcode Curl_cookie_getlist(struct Curl_easy *data,
          * now check the left part of the path with the cookies path
          * requirement
          */
-        if(!co->spath || pathmatch(co->spath, path)) {
+        if(!co->path || pathmatch(co->path, path)) {
 
           /*
            * This is a match and we add it to the return-linked-list
diff --git a/lib/cookie.h b/lib/cookie.h
index c1fb23ee4c..03877e509f 100644
--- a/lib/cookie.h
+++ b/lib/cookie.h
@@ -34,8 +34,7 @@ struct Cookie {
   struct Curl_llist_node getnode; /* for getlist */
   char *name;                     /*  = value */
   char *value;                    /* name =  */
-  char *path;                     /* path =  which is in Set-Cookie: */
-  char *spath;                    /* sanitized cookie path */
+  char *path;                     /* canonical path */
   char *domain;                   /* domain =  */
   curl_off_t expires;             /* expires =  */
   unsigned int creationtime;      /* time when the cookie was written */
diff --git a/tests/data/test1105 b/tests/data/test1105
index ea42efb6a9..e076681729 100644
--- a/tests/data/test1105
+++ b/tests/data/test1105
@@ -61,8 +61,8 @@ userid=myname&password=mypassword
 # https://curl.se/docs/http-cookies.html
 # This file was generated by libcurl! Edit at your own risk.
 
-127.0.0.1	FALSE	"/silly/"	FALSE	0	mismatch	this
-127.0.0.1	FALSE	/we/want/	FALSE	0	foobar	name
+127.0.0.1	FALSE	/silly	FALSE	0	mismatch	this
+127.0.0.1	FALSE	/we/want	FALSE	0	foobar	name
 
 
 
diff --git a/tests/data/test1561 b/tests/data/test1561
index df9477dd47..84b291b12e 100644
--- a/tests/data/test1561
+++ b/tests/data/test1561
@@ -98,7 +98,7 @@ Accept: */*
 www.example.com	FALSE	/	TRUE	0	__Host-SID	12346
 .example.com	TRUE	/	TRUE	0	supersupersuper	secret
 .example.com	TRUE	/	TRUE	0	__SecURE-SID	12346
-.example.com	TRUE	/%TESTNUMBER/login/	TRUE	0	supersuper	secret
+.example.com	TRUE	/%TESTNUMBER/login	TRUE	0	supersuper	secret
 .example.com	TRUE	/1561	TRUE	0	super	secret
 
 
diff --git a/tests/data/test1903 b/tests/data/test1903
index 228b4d6ae4..9b90151c09 100644
--- a/tests/data/test1903
+++ b/tests/data/test1903
@@ -55,8 +55,8 @@ cookies
 # https://curl.se/docs/http-cookies.html
 # This file was generated by libcurl! Edit at your own risk.
 
-%HOSTIP	FALSE	/we/want/	FALSE	0	foobar	name
-%HOSTIP	FALSE	/we/want/	FALSE	0	secondcookie	present
+%HOSTIP	FALSE	/we/want	FALSE	0	foobar	name
+%HOSTIP	FALSE	/we/want	FALSE	0	secondcookie	present
 
 
 
diff --git a/tests/data/test1905 b/tests/data/test1905
index 690e8553ec..e09f8dc60e 100644
--- a/tests/data/test1905
+++ b/tests/data/test1905
@@ -53,8 +53,8 @@ Accept: */*
 # https://curl.se/docs/http-cookies.html
 # This file was generated by libcurl! Edit at your own risk.
 
-%HOSTIP	FALSE	/we/want/	FALSE	0	secondcookie	present
-%HOSTIP	FALSE	/we/want/	FALSE	0	foobar	name
+%HOSTIP	FALSE	/we/want	FALSE	0	secondcookie	present
+%HOSTIP	FALSE	/we/want	FALSE	0	foobar	name
 
 
 
diff --git a/tests/data/test31 b/tests/data/test31
index 8d99df6da8..8353b709fc 100644
--- a/tests/data/test31
+++ b/tests/data/test31
@@ -111,22 +111,22 @@ Accept: */*
 # https://curl.se/docs/http-cookies.html
 # This file was generated by libcurl! Edit at your own risk.
 
-test31.curl	FALSE	/we/want/	FALSE	0	%hex[%c3%82%c2%b3%c3%83%5c%78%39%32%c3%83%5c%78%39%61%c3%83%5c%78%38%64%c3%83%5c%78%39%37]hex%	%96%A6g%9Ay%B0%A5g%A7tm%7C%95%9A
-test31.curl	FALSE	/we/want/	FALSE	0	prespace	yes before
-test31.curl	FALSE	/we/want/	FALSE	0	withspaces2	before equals
-test31.curl	FALSE	/we/want/	FALSE	0	withspaces	yes  within and around
-.test31.curl	TRUE	/we/want/	FALSE	0	blexp	yesyes
-#HttpOnly_test31.curl	FALSE	/silly/	FALSE	0	magic	yessir
-test31.curl	FALSE	/we/want/	FALSE	%days[400]	nodomain	value
+test31.curl	FALSE	/we/want	FALSE	0	%hex[%c3%82%c2%b3%c3%83%5c%78%39%32%c3%83%5c%78%39%61%c3%83%5c%78%38%64%c3%83%5c%78%39%37]hex%	%96%A6g%9Ay%B0%A5g%A7tm%7C%95%9A
+test31.curl	FALSE	/we/want	FALSE	0	prespace	yes before
+test31.curl	FALSE	/we/want	FALSE	0	withspaces2	before equals
+test31.curl	FALSE	/we/want	FALSE	0	withspaces	yes  within and around
+.test31.curl	TRUE	/we/want	FALSE	0	blexp	yesyes
+#HttpOnly_test31.curl	FALSE	/silly	FALSE	0	magic	yessir
+test31.curl	FALSE	/we/want	FALSE	%days[400]	nodomain	value
 .test31.curl	TRUE	/	FALSE	0	partmatch	present
-#HttpOnly_.test31.curl	TRUE	/p4/	FALSE	0	httponly	myvalue1
-#HttpOnly_.test31.curl	TRUE	/p4/	FALSE	0	httpo4	value4
-#HttpOnly_.test31.curl	TRUE	/p3/	FALSE	0	httpo3	value3
-#HttpOnly_.test31.curl	TRUE	/p2/	FALSE	0	httpo2	value2
-#HttpOnly_.test31.curl	TRUE	/p1/	FALSE	0	httpo1	value1
+#HttpOnly_.test31.curl	TRUE	/p4	FALSE	0	httponly	myvalue1
+#HttpOnly_.test31.curl	TRUE	/p4	FALSE	0	httpo4	value4
+#HttpOnly_.test31.curl	TRUE	/p3	FALSE	0	httpo3	value3
+#HttpOnly_.test31.curl	TRUE	/p2	FALSE	0	httpo2	value2
+#HttpOnly_.test31.curl	TRUE	/p1	FALSE	0	httpo1	value1
 .test31.curl	TRUE	/overwrite	FALSE	0	overwrite	this2
-.test31.curl	TRUE	/silly/	FALSE	0	ISMATCH	this
-.test31.curl	TRUE	/silly/	FALSE	0	ismatch	this
+.test31.curl	TRUE	/silly	FALSE	0	ISMATCH	this
+.test31.curl	TRUE	/silly	FALSE	0	ismatch	this
 test31.curl	FALSE	/	FALSE	0	blankdomain	sure
 
 
diff --git a/tests/data/test420 b/tests/data/test420
index c1d6173f4f..7b8bd08fde 100644
--- a/tests/data/test420
+++ b/tests/data/test420
@@ -44,9 +44,9 @@ http://%HOSTIP:%HTTPPORT/func_test/del_cookie -b %LOGDIR/cookie%TESTNUMBER -c %L
 #HttpOnly_%HOSTIP	FALSE	/func_test	FALSE	21709598616	mycookie5	990
 #HttpOnly_%HOSTIP	FALSE	/func_test	FALSE	21709598616	mycookie4	950
 #HttpOnly_%HOSTIP	FALSE	/func_test	FALSE	21709598616	mycookie3	900
-#HttpOnly_%HOSTIP	FALSE	/func_test/	FALSE	21709598616	mycookie2	5900
+#HttpOnly_%HOSTIP	FALSE	/func_test	FALSE	21709598616	mycookie2	5900
 #HttpOnly_%HOSTIP	FALSE	/	FALSE	21709598616	mycookie1	4900
-#HttpOnly_%HOSTIP	FALSE	/func_test/	FALSE	0	mycookie	1200
+#HttpOnly_%HOSTIP	FALSE	/func_test	FALSE	0	mycookie	1200
 
 
 cookies
@@ -61,7 +61,7 @@ GET /func_test/del_cookie HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 User-Agent: curl/%VERSION
 Accept: */*
-Cookie: mycookie2=5900; mycookie=1200; mycookie3=900; mycookie4=950; mycookie5=990; mycookie6=991; mycookie1=4900
+Cookie: mycookie2=5900; mycookie3=900; mycookie4=950; mycookie5=990; mycookie6=991; mycookie=1200; mycookie1=4900
 
 
 
@@ -69,7 +69,7 @@ Cookie: mycookie2=5900; mycookie=1200; mycookie3=900; mycookie4=950; mycookie5=9
 # https://curl.se/docs/http-cookies.html
 # This file was generated by libcurl! Edit at your own risk.
 
-#HttpOnly_127.0.0.1	FALSE	/func_test/	FALSE	21709598616	mycookie2	5900
+#HttpOnly_127.0.0.1	FALSE	/func_test	FALSE	21709598616	mycookie2	5900
 
 
 
diff --git a/tests/data/test444 b/tests/data/test444
index 4c092bef1b..0b050e1146 100644
--- a/tests/data/test444
+++ b/tests/data/test444
@@ -138,56 +138,56 @@ Accept: */*
 # https://curl.se/docs/http-cookies.html
 # This file was generated by libcurl! Edit at your own risk.
 
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-50	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-49	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-48	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-47	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-46	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-45	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-44	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-43	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-42	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-41	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-40	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-39	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-38	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-37	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-36	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-35	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-34	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-33	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-32	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-31	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-30	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-29	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-28	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-27	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-26	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-25	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-24	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-23	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-22	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-21	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-20	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-19	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-18	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-17	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-16	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-15	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-14	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-13	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-12	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-11	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-10	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-9	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-8	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-7	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-6	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-5	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-4	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-3	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-2	yes
-attack.invalid	FALSE	/a/b/	FALSE	0	cookie-1	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-50	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-49	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-48	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-47	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-46	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-45	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-44	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-43	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-42	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-41	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-40	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-39	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-38	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-37	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-36	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-35	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-34	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-33	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-32	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-31	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-30	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-29	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-28	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-27	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-26	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-25	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-24	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-23	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-22	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-21	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-20	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-19	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-18	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-17	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-16	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-15	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-14	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-13	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-12	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-11	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-10	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-9	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-8	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-7	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-6	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-5	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-4	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-3	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-2	yes
+attack.invalid	FALSE	/a/b	FALSE	0	cookie-1	yes
 
 
 
diff --git a/tests/data/test46 b/tests/data/test46
index 715616e23c..9d872bab6d 100644
--- a/tests/data/test46
+++ b/tests/data/test46
@@ -87,7 +87,7 @@ Cookie: empty=; mooo2=indeed2; mooo=indeed
 # https://curl.se/docs/http-cookies.html
 # This file was generated by libcurl! Edit at your own risk.
 
-domain..tld	FALSE	/want/	FALSE	0	simplyhuge	%repeat[3998 x z]%
+domain..tld	FALSE	/want	FALSE	0	simplyhuge	%repeat[3998 x z]%
 domain..tld	FALSE	/	FALSE	0	justaname%TAB
 domain..tld	FALSE	/	FALSE	0	ASPSESSIONIDQGGQQSJJ	GKNBDIFAAOFDPDAIEAKDIBKE
 domain..tld	FALSE	/	FALSE	0	ckySession	temporary
diff --git a/tests/data/test61 b/tests/data/test61
index cd38c00005..050d0b393c 100644
--- a/tests/data/test61
+++ b/tests/data/test61
@@ -71,8 +71,8 @@ Accept: */*
 # https://curl.se/docs/http-cookies.html
 # This file was generated by libcurl! Edit at your own risk.
 
-.host.foo.com	TRUE	/we/want/	FALSE	%days[400]	test2	yes
-#HttpOnly_.foo.com	TRUE	/we/want/	FALSE	%days[400]	test	yes
+.host.foo.com	TRUE	/we/want	FALSE	%days[400]	test2	yes
+#HttpOnly_.foo.com	TRUE	/we/want	FALSE	%days[400]	test	yes
 
 
 

From a78a07d3a9dc808a51f464d0dd297939e544e2a4 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Sun, 7 Dec 2025 23:44:31 +0100
Subject: [PATCH 1160/2408] cookie: cleanups and improvements

- Stricter cookie validation with earlier rejection of empty/invalid
  cookie names

- secure and httponly attributes no longer accept = with empty values
  (only bare keywords)

- Validation checks (length, TAB, prefixes) moved into the first
  name/value pair block for better code organization

- Deferred time(NULL) calls for better performance when expires/max-age
  aren't used

- Simplified loop control flow by removing done flag

- The cookie size restriction now only applies to name + value, not other
  parts of the header line.

- Fixed a gcc 4.8.1 quirk

Closes #19868
---
 lib/cookie.c        | 160 +++++++++++++++++++-------------------------
 tests/data/test1160 |   2 +-
 tests/data/test31   |  30 +++++----
 3 files changed, 87 insertions(+), 105 deletions(-)

diff --git a/lib/cookie.c b/lib/cookie.c
index 7efce5611f..716a487750 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -441,85 +441,79 @@ parse_cookie_header(struct Curl_easy *data,
                                      origin */
 {
   /* This line was read off an HTTP-header */
-  time_t now;
+  time_t now = 0;
   size_t linelength = strlen(ptr);
-  CURLcode result;
-  struct Curl_str cookie[COOKIE_PIECES] = { 0 };
+  CURLcode result = CURLE_OK;
+  struct Curl_str cookie[COOKIE_PIECES];
   *okay = FALSE;
   if(linelength > MAX_COOKIE_LINE)
     /* discard overly long lines at once */
     return CURLE_OK;
 
-  now = time(NULL);
+  /* memset instead of initializer because gcc 4.8.1 is silly */
+  memset(cookie, 0, sizeof(cookie));
   do {
     struct Curl_str name;
     struct Curl_str val;
 
     /* we have a = pair or a stand-alone word here */
     if(!curlx_str_cspn(&ptr, &name, ";\t\r\n=")) {
-      bool done = FALSE;
       bool sep = FALSE;
       curlx_str_trimblanks(&name);
 
       if(!curlx_str_single(&ptr, '=')) {
         sep = TRUE; /* a '=' was used */
-        if(!curlx_str_cspn(&ptr, &val, ";\r\n")) {
+        if(!curlx_str_cspn(&ptr, &val, ";\r\n"))
           curlx_str_trimblanks(&val);
-
-          /* Reject cookies with a TAB inside the value */
-          if(memchr(curlx_str(&val), '\t', curlx_strlen(&val))) {
-            infof(data, "cookie contains TAB, dropping");
-            return CURLE_OK;
-          }
-        }
       }
-      else {
+      else
         curlx_str_init(&val);
-      }
-
-      /*
-       * Check for too long individual name or contents, or too long
-       * combination of name + contents. Chrome and Firefox support 4095 or
-       * 4096 bytes combo
-       */
-      if(curlx_strlen(&name) >= (MAX_NAME - 1) ||
-         curlx_strlen(&val) >= (MAX_NAME - 1) ||
-         ((curlx_strlen(&name) + curlx_strlen(&val)) > MAX_NAME)) {
-        infof(data, "oversized cookie dropped, name/val %zu + %zu bytes",
-              curlx_strlen(&name), curlx_strlen(&val));
-        return CURLE_OK;
-      }
-
-      /*
-       * Check if we have a reserved prefix set before anything else, as we
-       * otherwise have to test for the prefix in both the cookie name and
-       * "the rest". Prefixes must start with '__' and end with a '-', so
-       * only test for names where that can possibly be true.
-       */
-      if(!strncmp("__Secure-", curlx_str(&name), 9))
-        co->prefix_secure = TRUE;
-      else if(!strncmp("__Host-", curlx_str(&name), 7))
-        co->prefix_host = TRUE;
 
       if(!curlx_strlen(&cookie[COOKIE_NAME])) {
         /* The first name/value pair is the actual cookie name */
         if(!sep ||
            /* Bad name/value pair. */
            invalid_octets(curlx_str(&name), curlx_strlen(&name)) ||
-           invalid_octets(curlx_str(&val), curlx_strlen(&val))) {
+           invalid_octets(curlx_str(&val), curlx_strlen(&val)) ||
+           !curlx_strlen(&name)) {
           infof(data, "invalid octets in name/value, cookie dropped");
           return CURLE_OK;
         }
+
+        /*
+         * Check for too long individual name or contents, or too long
+         * combination of name + contents. Chrome and Firefox support 4095 or
+         * 4096 bytes combo
+         */
+        if(curlx_strlen(&name) >= (MAX_NAME - 1) ||
+           curlx_strlen(&val) >= (MAX_NAME - 1) ||
+           ((curlx_strlen(&name) + curlx_strlen(&val)) > MAX_NAME)) {
+          infof(data, "oversized cookie dropped, name/val %zu + %zu bytes",
+                curlx_strlen(&name), curlx_strlen(&val));
+          return CURLE_OK;
+        }
+
+        /* Reject cookies with a TAB inside the value */
+        if(curlx_strlen(&val) &&
+           memchr(curlx_str(&val), '\t', curlx_strlen(&val))) {
+          infof(data, "cookie contains TAB, dropping");
+          return CURLE_OK;
+        }
+
+        /* Check if we have a reserved prefix set. */
+        if(!strncmp("__Secure-", curlx_str(&name), 9))
+          co->prefix_secure = TRUE;
+        else if(!strncmp("__Host-", curlx_str(&name), 7))
+          co->prefix_host = TRUE;
+
         cookie[COOKIE_NAME] = name;
         cookie[COOKIE_VALUE] = val;
-        done = TRUE;
       }
-      else if(!curlx_strlen(&val)) {
+      else if(!sep) {
         /*
-         * this was a "=" with no content, and we must allow
-         * 'secure' and 'httponly' specified this weirdly
+         * this is a "" with no content
          */
-        done = TRUE;
+
         /*
          * secure cookies are only allowed to be set when the connection is
          * using a secure protocol, or when the cookie is being set by
@@ -529,18 +523,13 @@ parse_cookie_header(struct Curl_easy *data,
           if(secure || !ci->running)
             co->secure = TRUE;
           else {
-            infof(data, "skipped cookie %s because not 'secure'", co->name);
+            infof(data, "skipped cookie because not 'secure'");
             return CURLE_OK;
           }
         }
         else if(curlx_str_casecompare(&name, "httponly"))
           co->httponly = TRUE;
-        else if(sep)
-          /* there was a '=' so we are not done parsing this field */
-          done = FALSE;
       }
-      if(done)
-        ;
       else if(curlx_str_casecompare(&name, "path")) {
         cookie[COOKIE_PATH] = val;
       }
@@ -588,9 +577,6 @@ parse_cookie_header(struct Curl_easy *data,
           return CURLE_OK;
         }
       }
-      else if(curlx_str_casecompare(&name, "version")) {
-        /* just ignore */
-      }
       else if(curlx_str_casecompare(&name, "max-age") && curlx_strlen(&val)) {
         /*
          * Defined in RFC2109:
@@ -606,6 +592,8 @@ parse_cookie_header(struct Curl_easy *data,
         if(*maxage == '\"')
           maxage++;
         rc = curlx_str_number(&maxage, &co->expires, CURL_OFF_T_MAX);
+        if(!now)
+          now = time(NULL);
         switch(rc) {
         case STRE_OVERFLOW:
           /* overflow, used max value */
@@ -627,46 +615,38 @@ parse_cookie_header(struct Curl_easy *data,
         }
         cap_expires(now, co);
       }
-      else if(curlx_str_casecompare(&name, "expires") && curlx_strlen(&val)) {
-        if(!co->expires && (curlx_strlen(&val) < MAX_DATE_LENGTH)) {
-          /*
-           * Let max-age have priority.
-           *
-           * If the date cannot get parsed for whatever reason, the cookie
-           * will be treated as a session cookie
-           */
-          char dbuf[MAX_DATE_LENGTH + 1];
-          time_t date = 0;
-          memcpy(dbuf, curlx_str(&val), curlx_strlen(&val));
-          dbuf[curlx_strlen(&val)] = 0;
-          if(!Curl_getdate_capped(dbuf, &date)) {
-            if(!date)
-              date++;
-            co->expires = (curl_off_t)date;
-          }
-          else
-            co->expires = 0;
-          cap_expires(now, co);
+      else if(curlx_str_casecompare(&name, "expires") && curlx_strlen(&val) &&
+              !co->expires && (curlx_strlen(&val) < MAX_DATE_LENGTH)) {
+        /*
+         * Let max-age have priority.
+         *
+         * If the date cannot get parsed for whatever reason, the cookie
+         * will be treated as a session cookie
+         */
+        char dbuf[MAX_DATE_LENGTH + 1];
+        time_t date = 0;
+        memcpy(dbuf, curlx_str(&val), curlx_strlen(&val));
+        dbuf[curlx_strlen(&val)] = 0;
+        if(!Curl_getdate_capped(dbuf, &date)) {
+          if(!date)
+            date++;
+          co->expires = (curl_off_t)date;
         }
+        else
+          co->expires = 0;
+        if(!now)
+          now = time(NULL);
+        cap_expires(now, co);
       }
-
-      /*
-       * Else, this is the second (or more) name we do not know about!
-       */
     }
+  } while(!curlx_str_single(&ptr, ';'));
 
-    if(curlx_str_single(&ptr, ';'))
-      break;
-  } while(1);
-
-  if(!curlx_strlen(&cookie[COOKIE_NAME]))
-    /* If we did not get a cookie name, or a bad one, bail out. */
-    return CURLE_OK;
-
-  /* the header was fine, now store the data */
-  result = storecookie(co, &cookie[0], path, domain);
-  if(!result)
-    *okay = TRUE;
+  if(curlx_strlen(&cookie[COOKIE_NAME])) {
+    /* the header was fine, now store the data */
+    result = storecookie(co, &cookie[0], path, domain);
+    if(!result)
+      *okay = TRUE;
+  }
   return result;
 }
 
diff --git a/tests/data/test1160 b/tests/data/test1160
index 9eca524c65..d26ad4133f 100644
--- a/tests/data/test1160
+++ b/tests/data/test1160
@@ -14,7 +14,7 @@ cookies
 HTTP/1.1 200 OK
 Date: Tue, 09 Nov 2010 14:49:00 GMT
 Content-Length: 0
-Set-Cookie: ____________%hex[%ff]hex%=         ;%repeat[117 x %20]%%hex[%ff]hex%%repeat[2602 x %20]%%repeat[434 x z]%%hex[%86%85%85%80]hex%%repeat[49 x z]%%hex[%fa]hex%%repeat[540 x z]%%hex[%f3%a0%81%96]hex%zzzzzzzzzzzz~%repeat[82 x z]%%hex[%b6]hex%%repeat[364 x z]%
+Set-Cookie: %repeat[4000 x n]%=%repeat[4096 x v]%
 
 
 
diff --git a/tests/data/test31 b/tests/data/test31
index 8353b709fc..e13fed55c6 100644
--- a/tests/data/test31
+++ b/tests/data/test31
@@ -18,6 +18,8 @@ Server: test-server/fake%CR
 Content-Length: 4%CR
 Content-Type: text/html%CR
 Funny-head: yesyes%CR
+Set-Cookie:
+Set-Cookie: ;
 Set-Cookie: blankdomain=sure; domain=; path=/
 Set-Cookie: foobar=name; domain=anything.com; path=/ ; secure%CR
 Set-Cookie:ismatch=this  ; domain=test31.curl; path=/silly/%CR
@@ -25,27 +27,27 @@ Set-Cookie:ISMATCH=this  ; domain=test31.curl; path=/silly/%CR
 Set-Cookie: overwrite=this  ; domain=test31.curl; path=/overwrite/%CR
 Set-Cookie: overwrite=this2  ; domain=test31.curl; path=/overwrite%CR
 Set-Cookie: sec1value=secure1  ; domain=test31.curl; path=/secure1/ ; secure%CR
-Set-Cookie: sec2value=secure2  ; domain=test31.curl; path=/secure2/ ; secure=%CR
-Set-Cookie: sec3value=secure3  ; domain=test31.curl; path=/secure3/ ; secure=%CR
-Set-Cookie: sec4value=secure4  ; secure=; domain=test31.curl; path=/secure4/ ; %CR
+Set-Cookie: sec2value=secure2  ; domain=test31.curl; path=/secure2/ ; secure%CR
+Set-Cookie: sec3value=secure3  ; domain=test31.curl; path=/secure3/ ; secure%CR
+Set-Cookie: sec4value=secure4  ; secure; domain=test31.curl; path=/secure4/ ; %CR
 Set-Cookie: sec5value=secure5  ; secure; domain=test31.curl; path=/secure5/ ; %CR
 Set-Cookie: sec6value=secure6  ; secure ; domain=test31.curl; path=/secure6/ ; %CR
 Set-Cookie: sec7value=secure7  ; secure   ; domain=test31.curl; path=/secure7/ ; %CR
-Set-Cookie: sec8value=secure8  ; secure= ; domain=test31.curl; path=/secure8/ ; %CR
-Set-Cookie: secure=very1  ; secure=; domain=test31.curl; path=/secure9/; %CR
+Set-Cookie: sec8value=secure8  ; secure ; domain=test31.curl; path=/secure8/ ; %CR
+Set-Cookie: secure=very1  ; secure; domain=test31.curl; path=/secure9/; %CR
 Set-Cookie: httpo1=value1  ; domain=test31.curl; path=/p1/; httponly%CR
-Set-Cookie: httpo2=value2  ; domain=test31.curl; path=/p2/; httponly=%CR
+Set-Cookie: httpo2=value2  ; domain=test31.curl; path=/p2/; httponly%CR
 Set-Cookie: httpo3=value3  ; httponly; domain=test31.curl; path=/p3/;%CR
-Set-Cookie: httpo4=value4  ; httponly=; domain=test31.curl; path=/p4/; %CR
+Set-Cookie: httpo4=value4  ; httponly; domain=test31.curl; path=/p4/; %CR
 Set-Cookie: httponly=myvalue1  ; domain=test31.curl; path=/p4/; httponly%CR
 Set-Cookie: httpandsec=myvalue2  ; domain=test31.curl; path=/p4/; httponly; secure%CR
-Set-Cookie: httpandsec2=myvalue3; domain=test31.curl; path=/p4/; httponly=; secure%CR
-Set-Cookie: httpandsec3=myvalue4  ; domain=test31.curl; path=/p4/; httponly; secure=%CR
-Set-Cookie: httpandsec4=myvalue5  ; domain=test31.curl; path=/p4/; httponly=; secure=%CR
-Set-Cookie: httpandsec5=myvalue6  ; domain=test31.curl; path=/p4/; secure; httponly=%CR
-Set-Cookie: httpandsec6=myvalue7  ; domain=test31.curl; path=/p4/; secure=; httponly=%CR
+Set-Cookie: httpandsec2=myvalue3; domain=test31.curl; path=/p4/; httponly; secure%CR
+Set-Cookie: httpandsec3=myvalue4  ; domain=test31.curl; path=/p4/; httponly; secure%CR
+Set-Cookie: httpandsec4=myvalue5  ; domain=test31.curl; path=/p4/; httponly; secure%CR
+Set-Cookie: httpandsec5=myvalue6  ; domain=test31.curl; path=/p4/; secure; httponly%CR
+Set-Cookie: httpandsec6=myvalue7  ; domain=test31.curl; path=/p4/; secure; httponly%CR
 Set-Cookie: httpandsec7=myvalue8  ; domain=test31.curl; path=/p4/; secure; httponly%CR
-Set-Cookie: httpandsec8=myvalue9; domain=test31.curl; path=/p4/; secure=; httponly%CR
+Set-Cookie: httpandsec8=myvalue9; domain=test31.curl; path=/p4/; secure; httponly%CR
 Set-Cookie: partmatch=present; domain=test31.curl ; path=/;%CR
 Set-Cookie:eat=this; domain=moo.foo.moo;%CR
 Set-Cookie: eat=this-too; domain=.foo.moo;%CR
@@ -67,7 +69,7 @@ Set-Cookie: partialip=nono; domain=.0.0.1;%CR
 Set-Cookie: withspaces=  yes  within and around    ;%CR
 Set-Cookie: withspaces2 =before equals;%CR
 Set-Cookie: prespace=  yes before;%CR
-Set-Cookie: securewithspace=after    ; secure =%CR
+Set-Cookie: securewithspace=after    ; secure %CR
 Set-Cookie: %hex[%c3%82%c2%b3%c3%83%5c%78%39%32%c3%83%5c%78%39%61%c3%83%5c%78%38%64%c3%83%5c%78%39%37]hex%=%96%A6g%9Ay%B0%A5g%A7tm%7C%95%9A
 %CR
 boo

From 121c54016869622729131fe36d111f52cb1fac89 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sun, 7 Dec 2025 20:03:38 +0100
Subject: [PATCH 1161/2408] sspi: fix memory leaks on error paths in
 `Curl_create_sspi_identity()`

Detected by Windows torture test 1072 (with `-shallow=20/13`),
test 579 (with `-shallow=18/14/13`), and test 1286 (with `-shallow=15`).

```
** MEMORY FAILURE
Leak detected: memory still allocated: 20 bytes
At 1a1e8136328, there is 18 bytes.
 allocated by D:/a/curl/curl/lib/curl_sspi.c:133
At 1a1e8139368, there is 2 bytes.
 allocated by D:/a/curl/curl/lib/curl_sspi.c:143
 1072: torture FAILED: function number 207 in test.
 invoke with "-t207" to repeat this single case.
Warning: http2 server unexpectedly alive
```
Ref: https://github.com/curl/curl/actions/runs/20008523913/job/57374427439?pr=19865

Also simplify the code a little.

Cherry-picked from #19865
Closes #19866
---
 lib/curl_sspi.c | 22 +++++++++++++++-------
 1 file changed, 15 insertions(+), 7 deletions(-)

diff --git a/lib/curl_sspi.c b/lib/curl_sspi.c
index 712fab2e9e..35a9bc33e6 100644
--- a/lib/curl_sspi.c
+++ b/lib/curl_sspi.c
@@ -135,33 +135,34 @@ CURLcode Curl_create_sspi_identity(const char *userp, const char *passwdp,
     curlx_free(useranddomain.tchar_ptr);
     return CURLE_OUT_OF_MEMORY;
   }
-  identity->User = dup_user.tbyte_ptr;
-  identity->UserLength = curlx_uztoul(_tcslen(dup_user.tchar_ptr));
-  dup_user.tchar_ptr = NULL;
 
   /* Setup the identity's domain and length */
   dup_domain.tchar_ptr = curlx_malloc(sizeof(TCHAR) * (domlen + 1));
   if(!dup_domain.tchar_ptr) {
+    curlx_free(dup_user.tchar_ptr);
     curlx_free(useranddomain.tchar_ptr);
     return CURLE_OUT_OF_MEMORY;
   }
   if(_tcsncpy_s(dup_domain.tchar_ptr, domlen + 1, domain.tchar_ptr, domlen)) {
+    curlx_free(dup_user.tchar_ptr);
     curlx_free(dup_domain.tchar_ptr);
     curlx_free(useranddomain.tchar_ptr);
     return CURLE_OUT_OF_MEMORY;
   }
-  identity->Domain = dup_domain.tbyte_ptr;
-  identity->DomainLength = curlx_uztoul(domlen);
-  dup_domain.tchar_ptr = NULL;
 
   curlx_free(useranddomain.tchar_ptr);
 
   /* Setup the identity's password and length */
   passwd.tchar_ptr = curlx_convert_UTF8_to_tchar(passwdp);
-  if(!passwd.tchar_ptr)
+  if(!passwd.tchar_ptr) {
+    curlx_free(dup_user.tchar_ptr);
+    curlx_free(dup_domain.tchar_ptr);
     return CURLE_OUT_OF_MEMORY;
+  }
   dup_passwd.tchar_ptr = curlx_tcsdup(passwd.tchar_ptr);
   if(!dup_passwd.tchar_ptr) {
+    curlx_free(dup_user.tchar_ptr);
+    curlx_free(dup_domain.tchar_ptr);
     curlx_free(passwd.tchar_ptr);
     return CURLE_OUT_OF_MEMORY;
   }
@@ -171,6 +172,13 @@ CURLcode Curl_create_sspi_identity(const char *userp, const char *passwdp,
 
   curlx_free(passwd.tchar_ptr);
 
+  identity->User = dup_user.tbyte_ptr;
+  identity->UserLength = curlx_uztoul(_tcslen(dup_user.tchar_ptr));
+  dup_user.tchar_ptr = NULL;
+  identity->Domain = dup_domain.tbyte_ptr;
+  identity->DomainLength = curlx_uztoul(domlen);
+  dup_domain.tchar_ptr = NULL;
+
   /* Setup the identity's flags */
   identity->Flags = (unsigned long)
 #ifdef UNICODE

From 2535c4298fede065c80b9255328c18b68d739522 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 8 Dec 2025 10:20:04 +0100
Subject: [PATCH 1162/2408] hostcheck: fail wildcard match if host starts with
 a dot

A hostname cannot start with a dot when DNS is used, but there are other
ways.

Amend unit test 1397

Closes #19869
---
 lib/vtls/hostcheck.c  | 4 ++--
 tests/unit/unit1397.c | 2 ++
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/lib/vtls/hostcheck.c b/lib/vtls/hostcheck.c
index fbd460bc15..e56860a35b 100644
--- a/lib/vtls/hostcheck.c
+++ b/lib/vtls/hostcheck.c
@@ -92,8 +92,8 @@ static bool hostmatch(const char *hostname,
   if(strncmp(pattern, "*.", 2))
     return pmatch(hostname, hostlen, pattern, patternlen);
 
-  /* detect IP address as hostname and fail the match if so */
-  else if(Curl_host_is_ipnum(hostname))
+  /* detect host as IP address or starting with a dot and fail if so */
+  else if(Curl_host_is_ipnum(hostname) || (hostname[0] == '.'))
     return FALSE;
 
   /* We require at least 2 dots in the pattern to avoid too wide wildcard
diff --git a/tests/unit/unit1397.c b/tests/unit/unit1397.c
index 6726c50530..dc4f135837 100644
--- a/tests/unit/unit1397.c
+++ b/tests/unit/unit1397.c
@@ -39,6 +39,8 @@ static CURLcode test_unit1397(const char *arg)
   };
 
   static const struct testcase tests[] = {
+    {".hello.com", "*.hello.com", FALSE },
+    {"a.hello.com", "*.hello.com", TRUE },
     { "", "", FALSE },
     { "a", "", FALSE },
     { "", "b", FALSE },

From d360ddb1b2e5cc350307f7829ffccdcae062d319 Mon Sep 17 00:00:00 2001
From: Fabian Keil 
Date: Sun, 7 Dec 2025 15:23:00 +0100
Subject: [PATCH 1163/2408] test1475: consistently use %CR in headers

Gets the test working when using Privoxy as proxy.

Closes #19870
---
 tests/data/test1475 | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/data/test1475 b/tests/data/test1475
index 1f11829d72..b35009d9a8 100644
--- a/tests/data/test1475
+++ b/tests/data/test1475
@@ -15,7 +15,7 @@ Resume
 HTTP/1.1 416 Invalid range%CR
 Connection: close%CR
 Content-Length: 0%CR
-Content-Range: */100
+Content-Range: */100%CR
 %CR
 
 
@@ -35,7 +35,7 @@ Content-Range: */100
 HTTP/1.1 416 Invalid range%CR
 Connection: close%CR
 Content-Length: 0%CR
-Content-Range: */100
+Content-Range: */100%CR
 %CR
 
 

From 96ba7a79fc561ef8e7bedafacb70d9659224ee1f Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Fri, 5 Dec 2025 15:38:12 +0100
Subject: [PATCH 1164/2408] gnutls: add PROFILE_MEDIUM as default

Raise the default GnuTLS priority settings by adding PROFILE_MEDIUM for
more secure connection handling.

Reported-by: Harry Sintonen
Closes #19853
---
 lib/vtls/gtls.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index 667b09c119..c7f8f34673 100644
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -305,16 +305,17 @@ static gnutls_x509_crt_fmt_t gnutls_do_file_type(const char *type)
   return GNUTLS_X509_FMT_PEM; /* default to PEM */
 }
 
-#define GNUTLS_CIPHERS "NORMAL:-ARCFOUR-128:-CTYPE-ALL:+CTYPE-X509"
+#define GNUTLS_CIPHERS "NORMAL:%PROFILE_MEDIUM:-ARCFOUR-128:"\
+  "-CTYPE-ALL:+CTYPE-X509"
 /* If GnuTLS was compiled without support for SRP it will error out if SRP is
    requested in the priority string, so treat it specially
  */
 #define GNUTLS_SRP "+SRP"
 
 #define QUIC_PRIORITY \
-  "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+AES-256-GCM:" \
-  "+CHACHA20-POLY1305:+AES-128-CCM:-GROUP-ALL:+GROUP-SECP256R1:" \
-  "+GROUP-X25519:+GROUP-SECP384R1:+GROUP-SECP521R1:" \
+  "NORMAL:%PROFILE_MEDIUM:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:" \
+  "+AES-256-GCM:+CHACHA20-POLY1305:+AES-128-CCM:-GROUP-ALL:" \
+  "+GROUP-SECP256R1:+GROUP-X25519:+GROUP-SECP384R1:+GROUP-SECP521R1:" \
   "%DISABLE_TLS13_COMPAT_MODE"
 
 static CURLcode

From 4a92afce703541732489b67d9600ab1d78d2a0f7 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 8 Dec 2025 11:43:12 +0100
Subject: [PATCH 1165/2408] DISTROS: fix a Mageia URL

Since we check the provided URLs now, use the direct, working URL.
---
 docs/DISTROS.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/DISTROS.md b/docs/DISTROS.md
index 451de7fc1a..7f61e2aa3f 100644
--- a/docs/DISTROS.md
+++ b/docs/DISTROS.md
@@ -165,7 +165,7 @@ unless it is specific to Homebrew's way of packaging software.
 - curl: https://svnweb.mageia.org/packages/cauldron/curl/current/SPECS/curl.spec?view=markup
 - curl issues: https://bugs.mageia.org/buglist.cgi?bug_status=NEW&bug_status=UNCONFIRMED&bug_status=NEEDINFO&bug_status=UPSTREAM&bug_status=ASSIGNED&component=RPM%20Packages&f1=cf_rpmpkg&list_id=176576&o1=casesubstring&product=Mageia&query_format=advanced&v1=curl
 - curl patches: https://svnweb.mageia.org/packages/cauldron/curl/current/SOURCES/
-- curl patches in stable distro releases: https://svnweb.mageia.org/packages/updates//curl/current/SOURCES/
+- curl patches in stable distro releases: https://svnweb.mageia.org/packages/updates/9/curl/current/SOURCES/
 - curl security: https://advisories.mageia.org/src_curl.html
 
 ## MSYS2

From 81e5e2434e03cf32c843650a9e08f193419e2f3d Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 8 Dec 2025 11:06:49 +0100
Subject: [PATCH 1166/2408] GHA/linux: blind try to make Renovate detect Fil-C
 releases

0.675 has been out for 2 weeks, Renovate did not detect it with
`semver-partial`. Try with `semver-coerced`.

Refs:
https://docs.renovatebot.com/modules/versioning/semver-coerced/
https://docs.renovatebot.com/modules/versioning/semver-partial/

Follow-up to 16c6ea36cca6684aacbcb33578af61b28e3fee0d #19391
---
 .github/workflows/linux.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml
index 390cab7292..7eb54125ff 100644
--- a/.github/workflows/linux.yml
+++ b/.github/workflows/linux.yml
@@ -57,7 +57,7 @@ env:
   OPENLDAP_VERSION: 2.6.10
   # renovate: datasource=github-tags depName=nghttp2/nghttp2 versioning=semver registryUrl=https://github.com
   NGHTTP2_VERSION: 1.68.0
-  # renovate: datasource=github-tags depName=pizlonator/fil-c versioning=semver-partial registryUrl=https://github.com
+  # renovate: datasource=github-tags depName=pizlonator/fil-c versioning=semver-coerced registryUrl=https://github.com
   FIL_C_VERSION: 0.674
 
 jobs:

From c56ee2ab784d2031e125ba6dc7bcdef3aec9b3d6 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Mon, 8 Dec 2025 11:07:26 +0000
Subject: [PATCH 1167/2408] GHA/linux: update dependency pizlonator/fil-c to
 v0.675

Closes #19873
---
 .github/workflows/linux.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml
index 7eb54125ff..27ad6b7393 100644
--- a/.github/workflows/linux.yml
+++ b/.github/workflows/linux.yml
@@ -58,7 +58,7 @@ env:
   # renovate: datasource=github-tags depName=nghttp2/nghttp2 versioning=semver registryUrl=https://github.com
   NGHTTP2_VERSION: 1.68.0
   # renovate: datasource=github-tags depName=pizlonator/fil-c versioning=semver-coerced registryUrl=https://github.com
-  FIL_C_VERSION: 0.674
+  FIL_C_VERSION: 0.675
 
 jobs:
   linux:

From a1c01b2015cb0082ec9ad2235953e46690410309 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 8 Dec 2025 11:16:18 +0100
Subject: [PATCH 1168/2408] mdlinkcheck: ignore IP numbers, allow '@' in raw
 URLs

---
 scripts/mdlinkcheck | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/scripts/mdlinkcheck b/scripts/mdlinkcheck
index 734617949d..dfeeac0f60 100755
--- a/scripts/mdlinkcheck
+++ b/scripts/mdlinkcheck
@@ -120,6 +120,9 @@ sub storelink {
         elsif($link =~ /^https:\/\/github.com\/curl\/curl(\/|$)/) {
             #print "-- curl github repo: $link\n";
         }
+        elsif($link =~ /^(https|http):\/\/[0-9.]+(\/|$)/) {
+            #print "-- IPv4 number: $link\n";
+        }
         else {
             #print "ADD '$link'\n";
             $url{$link} .= "$f:$line ";
@@ -160,7 +163,7 @@ sub findlinks {
         # ignore trailing: dot, quote, asterisk, hash, comma, question mark,
         # colon, closing parenthesis, closing angle bracket, whitespace, pipe,
         # backtick, semicolon
-        elsif(/(https:\/\/[a-z0-9.\/:%_-]+[^."*\#,?:\)> \t|`;])/i) {
+        elsif(/(https:\/\/[a-z0-9.\/:%_+@-]+[^."*\#,?:\)> \t|`;])/i) {
             #print "RAW ";
             storelink($f, $line, $1);
         }

From ab9beda1b3e5fc9c163111ff93ff17b73217a74c Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 8 Dec 2025 11:11:02 +0100
Subject: [PATCH 1169/2408] docs: switch more URLs to https://

Normalize using https:// almost everywhere instead of http://

Closes #19872
---
 .github/scripts/codespell-ignore.words        |  2 +-
 .github/scripts/typos.toml                    |  2 +-
 docs/FAQ                                      | 16 ++---
 docs/MANUAL.md                                | 64 +++++++++----------
 docs/TheArtOfHttpScripting.md                 | 54 ++++++++--------
 docs/URL-SYNTAX.md                            | 10 +--
 docs/cmdline-opts/_ENVIRONMENT.md             |  4 +-
 docs/cmdline-opts/_GLOBBING.md                | 10 +--
 docs/libcurl/libcurl-security.md              | 22 +++----
 docs/libcurl/libcurl-tutorial.md              |  4 +-
 docs/libcurl/opts/CURLINFO_PROXYAUTH_USED.md  |  2 +-
 docs/libcurl/opts/CURLOPT_NOPROXY.md          |  2 +-
 docs/libcurl/opts/CURLOPT_PROXY.md            |  2 +-
 .../opts/CURLOPT_SUPPRESS_CONNECT_HEADERS.md  |  2 +-
 14 files changed, 99 insertions(+), 97 deletions(-)

diff --git a/.github/scripts/codespell-ignore.words b/.github/scripts/codespell-ignore.words
index fa8a432b95..1a5e106400 100644
--- a/.github/scripts/codespell-ignore.words
+++ b/.github/scripts/codespell-ignore.words
@@ -7,7 +7,7 @@ bu
 clen
 CNA
 hel
-htpt
+htpts
 inout
 PASE
 passwor
diff --git a/.github/scripts/typos.toml b/.github/scripts/typos.toml
index ec6b9bb050..2b12004f48 100644
--- a/.github/scripts/typos.toml
+++ b/.github/scripts/typos.toml
@@ -6,7 +6,7 @@
 extend-ignore-identifiers-re = [
   "^(ba|fo|pn|PN|UE)$",
   "^(CNA|ser)$",
-  "^(ECT0|ECT1|HELO|htpt|PASE)$",
+  "^(ECT0|ECT1|HELO|htpts|PASE)$",
   "^[A-Za-z0-9_-]*(EDE|GOST)[A-Z0-9_-]*$",  # ciphers
   "^0x[0-9a-fA-F]+FUL$",  # unsigned long hex literals ending with 'F'
   "^(eyeballers|HELO_smtp|Januar|optin|passin|perfec|SMTP_HELO)$",
diff --git a/docs/FAQ b/docs/FAQ
index b8a3947459..230b850bac 100644
--- a/docs/FAQ
+++ b/docs/FAQ
@@ -533,7 +533,7 @@ FAQ
   that informs the client about this is only interpreted if you are using the
   -L/--location option. As in:
 
-     curl -L http://example.com
+     curl -L https://example.com
 
   Not all redirects are HTTP ones, see 4.14
 
@@ -719,13 +719,13 @@ FAQ
   Set a custom Host: header that identifies the server name you want to reach
   but use the target IP address in the URL:
 
-    curl --header "Host: www.example.com" http://127.0.0.1/
+    curl --header "Host: www.example.com" https://somewhere.example/
 
   You can also opt to add faked hostname entries to curl with the --resolve
   option. That has the added benefit that things like redirects will also work
   properly. The above operation would instead be done as:
 
-    curl --resolve www.example.com:80:127.0.0.1 http://www.example.com/
+    curl --resolve www.example.com:80:127.0.0.1 https://www.example.com/
 
   3.20 How to SFTP from my user's home directory?
 
@@ -753,8 +753,8 @@ FAQ
   be disabled or not supported.
 
   Note that this error will also occur if you pass a wrongly spelled protocol
-  part as in "htpt://example.com" or as in the less evident case if you prefix
-  the protocol part with a space as in " http://example.com/".
+  part as in "htpts://example.com" or as in the less evident case if you
+  prefix the protocol part with a space as in " https://example.com/".
 
   3.22 curl -X gives me HTTP problems
 
@@ -762,7 +762,7 @@ FAQ
 
   By default you use curl without explicitly saying which request method to
   use when the URL identifies an HTTP transfer. If you just pass in a URL like
-  "curl http://example.com" it will use GET. If you use -d or -F curl will use
+  "curl https://example.com" it will use GET. If you use -d or -F curl will use
   POST, -I will cause a HEAD and -T will make it a PUT.
 
   If for whatever reason you are not happy with these default choices that curl
@@ -796,7 +796,7 @@ FAQ
 
   An example that would invoke a remote CGI that uses &-symbols could be:
 
-     curl 'http://www.example.com/cgi-bin/query?text=yes&q=curl'
+     curl 'https://www.example.com/cgi-bin/query?text=yes&q=curl'
 
   In Windows, the standard DOS shell treats the percent sign specially and you
   need to use TWO percent signs for each single one you want to use in the
@@ -865,7 +865,7 @@ FAQ
     If you get this return code and an HTML output similar to this:
 
        
Moved Permanently
 The document has moved here.
+       HREF="https://same_url_now_with_a_trailing_slash.example/">here.
 
     it might be because you requested a directory URL but without the trailing
     slash. Try the same operation again _with_ the trailing URL, or use the
diff --git a/docs/MANUAL.md b/docs/MANUAL.md
index 9ff5c097c7..1acb4d2244 100644
--- a/docs/MANUAL.md
+++ b/docs/MANUAL.md
@@ -34,7 +34,7 @@ Get the definition of curl from a dictionary:
 
 Fetch two documents at once:
 
-    curl ftp://ftp.example.com/ http://www.example.com:8000/
+    curl ftp://ftp.example.com/ https://www.example.com:8000/
 
 Get a file off an FTPS server:
 
@@ -71,12 +71,12 @@ Get a file from an SMB server:
 
 Get a webpage and store in a local file with a specific name:
 
-    curl -o thatpage.html http://www.example.com/
+    curl -o thatpage.html https://www.example.com/
 
 Get a webpage and store in a local file, make the local file get the name of
 the remote document (if no filename part is specified in the URL, this fails):
 
-    curl -O http://www.example.com/index.html
+    curl -O https://www.example.com/index.html
 
 Fetch two files and store them with their remote names:
 
@@ -115,14 +115,14 @@ matching public key file must be specified using the `--pubkey` option.
 
 ### HTTP
 
-curl also supports user and password in HTTP URLs, thus you can pick a file
+curl also supports user and password in HTTP(S) URLs. You can download a file
 like:
 
-    curl http://name:passwd@http.server.example/full/path/to/file
+    curl https://name:passwd@http.server.example/full/path/to/file
 
 or specify user and password separately like in
 
-    curl -u name:passwd http://http.server.example/full/path/to/file
+    curl -u name:passwd https://http.server.example/full/path/to/file
 
 HTTP offers many different methods of authentication and curl supports
 several: Basic, Digest, NTLM and Negotiate (SPNEGO). Without telling which
@@ -151,19 +151,19 @@ Get an ftp file using an HTTP proxy named my-proxy that uses port 888:
 
     curl -x my-proxy:888 ftp://ftp.example.com/README
 
-Get a file from an HTTP server that requires user and password, using the
+Get a file from an HTTPS server that requires user and password, using the
 same proxy as above:
 
-    curl -u user:passwd -x my-proxy:888 http://www.example.com/
+    curl -u user:passwd -x my-proxy:888 https://www.example.com/
 
 Some proxies require special authentication. Specify by using -U as above:
 
-    curl -U user:passwd -x my-proxy:888 http://www.example.com/
+    curl -U user:passwd -x my-proxy:888 https://www.example.com/
 
 A comma-separated list of hosts and domains which do not use the proxy can be
 specified as:
 
-    curl --noproxy example.com -x my-proxy:888 http://www.example.com/
+    curl --noproxy example.com -x my-proxy:888 https://www.example.com/
 
 If the proxy is specified with `--proxy1.0` instead of `--proxy` or `-x`, then
 curl uses HTTP/1.0 instead of HTTP/1.1 for any `CONNECT` attempts.
@@ -204,11 +204,11 @@ one or more sub-parts of a specified document. curl supports this with the
 
 Get the first 100 bytes of a document:
 
-    curl -r 0-99 http://www.example.com/
+    curl -r 0-99 https://www.example.com/
 
 Get the last 500 bytes of a document:
 
-    curl -r -500 http://www.example.com/
+    curl -r -500 https://www.example.com/
 
 curl also supports simple ranges for FTP files as well. Then you can only
 specify start and stop position.
@@ -251,9 +251,9 @@ fashion similar to:
 
 ### HTTP
 
-Upload all data on stdin to a specified HTTP site:
+Upload all data on stdin to a specified HTTPS site:
 
-    curl -T - http://www.example.com/myfile
+    curl -T - https://www.example.com/myfile
 
 Note that the HTTP server must have been configured to accept PUT before this
 can be done successfully.
@@ -305,12 +305,12 @@ The post data must be urlencoded.
 
 Post a simple `name` and `phone` guestbook.
 
-    curl -d "name=Rafael%20Sagula&phone=3320780" http://www.example.com/guest.cgi
+    curl -d "name=Rafael%20Sagula&phone=3320780" https://www.example.com/guest.cgi
 
 Or automatically [URL encode the data](https://everything.curl.dev/http/post/url-encode).
 
     curl --data-urlencode "name=Rafael Sagula&phone=3320780"
-      http://www.example.com/guest.cgi
+      https://www.example.com/guest.cgi
 
 How to post a form with curl, lesson #1:
 
@@ -329,7 +329,7 @@ of the letter's ASCII code.
 
 Example:
 
-(say if `http://example.com` had the following html)
+(say if `https://example.com` had the following html)
 
 ```html
 

@@ -345,7 +345,7 @@ We want to enter user `foobar` with password `12345`.
 To post to this, you would enter a curl command line like:
 
     curl -d "user=foobar&pass=12345&id=blablabla&ding=submit"
-      http://example.com/post.cgi
+      https://example.com/post.cgi
 
 While `-d` uses the application/x-www-form-urlencoded mime-type, generally
 understood by CGI's and similar, curl also supports the more capable
@@ -359,7 +359,7 @@ example, the field name `coolfiles` is used to send three files, with
 different content types using the following syntax:
 
     curl -F "coolfiles=@fil1.gif;type=image/gif,fil2.txt,fil3.html"
-      http://www.example.com/postit.cgi
+      https://www.example.com/postit.cgi
 
 If the content-type is not specified, curl tries to guess from the file
 extension (it only knows a few), or use the previously specified type (from an
@@ -376,7 +376,7 @@ the names of the input fields. In our example, the input field names are
 
     curl -F "file=@cooltext.txt" -F "yourname=Daniel"
       -F "filedescription=Cool text file with cool text inside"
-      http://www.example.com/postit.cgi
+      https://www.example.com/postit.cgi
 
 To send two files in one post you can do it in two ways:
 
@@ -402,7 +402,7 @@ used on the command line. It is especially useful to fool or trick stupid
 servers or CGI scripts that rely on that information being available or
 contain certain data.
 
-    curl -e www.example.org http://www.example.com/
+    curl -e www.example.org https://www.example.com/
 
 ## User Agent
 
@@ -413,7 +413,7 @@ accept certain browsers.
 
 Example:
 
-    curl -A 'Mozilla/3.0 (Win95; I)' http://www.bank.example.com/
+    curl -A 'Mozilla/3.0 (Win95; I)' https://www.bank.example.com/
 
 Other common strings:
 
@@ -596,14 +596,14 @@ Force curl to get and display a local help page in case it is invoked without
 URL by making a config file similar to:
 
     # default url to get
-    url = "http://help.with.curl.example.com/curlhelp.html"
+    url = "https://help.with.curl.example.com/curlhelp.html"
 
 You can specify another config file to be read by using the `-K`/`--config`
 flag. If you set config filename to `-` it reads the config from stdin, which
 can be handy if you want to hide options from being visible in process tables
 etc:
 
-    echo "user = user:passwd" | curl -K - http://that.secret.example.com
+    echo "user = user:passwd" | curl -K - https://that.secret.example.com
 
 ## Extra Headers
 
@@ -685,11 +685,11 @@ Download with `PORT` but use 192.168.0.10 as our IP address to use:
 
 Get a webpage from a server using a specified port for the interface:
 
-    curl --interface eth0:1 http://www.example.com/
+    curl --interface eth0:1 https://www.example.com/
 
 or
 
-    curl --interface 192.168.1.10 http://www.example.com/
+    curl --interface 192.168.1.10 https://www.example.com/
 
 ## HTTPS
 
@@ -740,7 +740,7 @@ Continue uploading a document:
 
 Continue downloading a document from a web server
 
-    curl -C - -o file http://www.example.com/
+    curl -C - -o file https://www.example.com/
 
 ## Time Conditions
 
@@ -751,17 +751,17 @@ them with the `-z`/`--time-cond` flag.
 For example, you can easily make a download that only gets performed if the
 remote file is newer than a local copy. It would be made like:
 
-    curl -z local.html http://remote.example.com/remote.html
+    curl -z local.html https://remote.example.com/remote.html
 
 Or you can download a file only if the local file is newer than the remote
 one. Do this by prepending the date string with a `-`, as in:
 
-    curl -z -local.html http://remote.example.com/remote.html
+    curl -z -local.html https://remote.example.com/remote.html
 
 You can specify a plain text date as condition. Tell curl to only download the
 file if it was updated since January 12, 2012:
 
-    curl -z "Jan 12 2012" http://remote.example.com/remote.html
+    curl -z "Jan 12 2012" https://remote.example.com/remote.html
 
 curl accepts a wide range of date formats. You always make the date check the
 other way around by prepending it with a dash (`-`).
@@ -944,7 +944,7 @@ URL you specify. Note that this also goes for the `-O` option (but not
 For example: get two files and use `-O` for the first and a custom file
 name for the second:
 
-    curl -O http://example.com/file.txt ftp://example.com/moo.exe -o moo.jpg
+    curl -O https://example.com/file.txt ftp://example.com/moo.exe -o moo.jpg
 
 You can also upload multiple files in a similar fashion:
 
@@ -957,7 +957,7 @@ and fall back to IPv4 if the connection fails. The `--ipv4` and `--ipv6`
 options can specify which address to use when both are available. IPv6
 addresses can also be specified directly in URLs using the syntax:
 
-    http://[2001:1890:1112:1::20]/overview.html
+    https://[2001:1890:1112:1::20]/overview.html
 
 When this style is used, the `-g` option must be given to stop curl from
 interpreting the square brackets as special globbing characters. Link local
diff --git a/docs/TheArtOfHttpScripting.md b/docs/TheArtOfHttpScripting.md
index 46369d6eaf..f7cf43602d 100644
--- a/docs/TheArtOfHttpScripting.md
+++ b/docs/TheArtOfHttpScripting.md
@@ -57,7 +57,7 @@ SPDX-License-Identifier: curl
  offer even more details as they show **everything** curl sends and
  receives. Use it like this:
 
-    curl --trace-ascii debugdump.txt http://www.example.com/
+    curl --trace-ascii debugdump.txt https://www.example.com/
 
 ## See the Timing
 
@@ -67,7 +67,7 @@ SPDX-License-Identifier: curl
  [`--trace-time`](https://curl.se/docs/manpage.html#--trace-time) option is
  what you need. It prepends the time to each trace output line:
 
-    curl --trace-ascii d.txt --trace-time http://example.com/
+    curl --trace-ascii d.txt --trace-time https://example.com/
 
 ## See which Transfer
 
@@ -78,7 +78,7 @@ SPDX-License-Identifier: curl
  you need. It prepends the transfer and connection identifier to each trace
  output line:
 
-    curl --trace-ascii d.txt --trace-ids http://example.com/
+    curl --trace-ascii d.txt --trace-ids https://example.com/
 
 ## See the Response
 
@@ -104,7 +104,7 @@ SPDX-License-Identifier: curl
  IP address for a hostname than what would otherwise be used, by using curl's
  [`--resolve`](https://curl.se/docs/manpage.html#--resolve) option:
 
-    curl --resolve www.example.org:80:127.0.0.1 http://www.example.org/
+    curl --resolve www.example.org:80:127.0.0.1 https://www.example.org/
 
 ## Port number
 
@@ -115,14 +115,14 @@ SPDX-License-Identifier: curl
  number immediately following the hostname. Like when doing HTTP to port
  1234:
 
-    curl http://www.example.org:1234/
+    curl https://www.example.org:1234/
 
  The port number you specify in the URL is the number that the server uses to
  offer its services. Sometimes you may use a proxy, and then you may
  need to specify that proxy's port number separately from what curl needs to
  connect to the server. Like when using an HTTP proxy on port 4321:
 
-    curl --proxy http://proxy.example.org:4321 http://remote.example.org/
+    curl --proxy http://proxy.example.org:4321 https://remote.example.org/
 
 ## Username and password
 
@@ -133,11 +133,11 @@ SPDX-License-Identifier: curl
  You can opt to either insert the user and password in the URL or you can
  provide them separately:
 
-    curl http://user:password@example.org/
+    curl https://user:password@example.org/
 
  or
 
-    curl -u user:password http://example.org/
+    curl -u user:password https://example.org/
 
  You need to pay attention that this kind of HTTP authentication is not what
  is usually done and requested by user-oriented websites these days. They tend
@@ -188,7 +188,7 @@ SPDX-License-Identifier: curl
 
  Example, send two GET requests:
 
-    curl http://url1.example.com http://url2.example.com
+    curl https://url1.example.com https://url2.example.com
 
  If you use [`--data`](https://curl.se/docs/manpage.html#-d) to POST to
  the URL, using multiple URLs means that you send that same POST to all the
@@ -196,7 +196,7 @@ SPDX-License-Identifier: curl
 
  Example, send two POSTs:
 
-    curl --data name=curl http://url1.example.com http://url2.example.com
+    curl --data name=curl https://url1.example.com https://url2.example.com
 
 
 ## Multiple HTTP methods in a single command line
@@ -214,11 +214,11 @@ SPDX-License-Identifier: curl
  Perhaps this is best shown with a few examples. To send first a HEAD and then
  a GET:
 
-    curl -I http://example.com --next http://example.com
+    curl -I https://example.com --next https://example.com
 
  To first send a POST and then a GET:
 
-    curl -d score=10 http://example.com/post.cgi --next http://example.com/results.html
+    curl -d score=10 https://example.com/post.cgi --next https://example.com/results.html
 
 # HTML forms
 
@@ -261,7 +261,7 @@ SPDX-License-Identifier: curl
  To make curl do the GET form post for you, just enter the expected created
  URL:
 
-    curl "http://www.example.com/when/junk.cgi?birthyear=1905&press=OK"
+    curl "https://www.example.com/when/junk.cgi?birthyear=1905&press=OK"
 
 ## POST
 
@@ -287,7 +287,7 @@ SPDX-License-Identifier: curl
  And to use curl to post this form with the same data filled in as before, we
  could do it like:
 
-    curl --data "birthyear=1905&press=%20OK%20" http://www.example.com/when/junk.cgi
+    curl --data "birthyear=1905&press=%20OK%20" https://www.example.com/when/junk.cgi
 
  This kind of POST uses the Content-Type `application/x-www-form-urlencoded`
  and is the most widely used POST kind.
@@ -299,7 +299,7 @@ SPDX-License-Identifier: curl
 
  Recent curl versions can in fact url-encode POST data for you, like this:
 
-    curl --data-urlencode "name=I am Daniel" http://www.example.com
+    curl --data-urlencode "name=I am Daniel" https://www.example.com
 
  If you repeat `--data` several times on the command line, curl concatenates
  all the given data pieces - and put a `&` symbol between each data segment.
@@ -371,7 +371,7 @@ SPDX-License-Identifier: curl
 
  Put a file to an HTTP server with curl:
 
-    curl --upload-file uploadfile http://www.example.com/receive.cgi
+    curl --upload-file uploadfile https://www.example.com/receive.cgi
 
 # HTTP Authentication
 
@@ -386,7 +386,7 @@ SPDX-License-Identifier: curl
 
  To tell curl to use a user and password for authentication:
 
-    curl --user name:password http://www.example.com
+    curl --user name:password https://www.example.com
 
 ## Other Authentication
 
@@ -440,7 +440,7 @@ SPDX-License-Identifier: curl
 
  Use curl to set the referer field with:
 
-    curl --referer http://www.example.come http://www.example.com
+    curl --referer https://www.example.come https://www.example.com
 
 ## User Agent
 
@@ -481,7 +481,7 @@ SPDX-License-Identifier: curl
 
  To tell curl to follow a Location:
 
-    curl --location http://www.example.com
+    curl --location https://www.example.com
 
  If you use curl to POST to a site that immediately redirects you to another
  page, you can safely use [`--location`](https://curl.se/docs/manpage.html#-L)
@@ -519,14 +519,14 @@ SPDX-License-Identifier: curl
  The simplest way to send a few cookies to the server when getting a page with
  curl is to add them on the command line like:
 
-    curl --cookie "name=Daniel" http://www.example.com
+    curl --cookie "name=Daniel" https://www.example.com
 
  Cookies are sent as common HTTP headers. This is practical as it allows curl
  to record cookies simply by recording headers. Record cookies with curl by
  using the [`--dump-header`](https://curl.se/docs/manpage.html#-D) (`-D`)
  option like:
 
-    curl --dump-header headers_and_cookies http://www.example.com
+    curl --dump-header headers_and_cookies https://www.example.com
 
  (Take note that the
  [`--cookie-jar`](https://curl.se/docs/manpage.html#-c) option described
@@ -538,7 +538,7 @@ SPDX-License-Identifier: curl
  believing you had a previous connection). To use previously stored cookies,
  you run curl like:
 
-    curl --cookie stored_cookies_in_file http://www.example.com
+    curl --cookie stored_cookies_in_file https://www.example.com
 
  curl's "cookie engine" gets enabled when you use the
  [`--cookie`](https://curl.se/docs/manpage.html#-b) option. If you only
@@ -547,7 +547,7 @@ SPDX-License-Identifier: curl
  page and follow a location (and thus possibly send back cookies it received),
  you can invoke it like:
 
-    curl --cookie nada --location http://www.example.com
+    curl --cookie nada --location https://www.example.com
 
  curl has the ability to read and write cookie files that use the same file
  format that Netscape and Mozilla once used. It is a convenient way to share
@@ -557,7 +557,7 @@ SPDX-License-Identifier: curl
  cookie file at the end of an operation:
 
     curl --cookie cookies.txt --cookie-jar newcookies.txt \
-      http://www.example.com
+      https://www.example.com
 
 # HTTPS
 
@@ -620,12 +620,12 @@ SPDX-License-Identifier: curl
  You can delete a default header by providing one without content. Like you
  can ruin the request by chopping off the `Host:` header:
 
-    curl --header "Host:" http://www.example.com
+    curl --header "Host:" https://www.example.com
 
  You can add headers the same way. Your server may want a `Destination:`
  header, and you can add it:
 
-    curl --header "Destination: http://nowhere" http://example.com
+    curl --header "Destination: nowhere" https://example.com
 
 ## More on changed methods
 
@@ -638,7 +638,7 @@ SPDX-License-Identifier: curl
  thinks it sends a POST. You can change the normal GET to a POST method by
  simply adding `-X POST` in a command line like:
 
-    curl -X POST http://example.org/
+    curl -X POST https://example.org/
 
  curl however still acts as if it sent a GET so it does not send any request
  body etc.
diff --git a/docs/URL-SYNTAX.md b/docs/URL-SYNTAX.md
index 6232e3f609..d69ab67479 100644
--- a/docs/URL-SYNTAX.md
+++ b/docs/URL-SYNTAX.md
@@ -130,7 +130,7 @@ character or string.
 
 For example, this could look like:
 
-    http://user:password@www.example.com:80/index.html?foo=bar#top
+    https://user:password@www.example.com:80/index.html?foo=bar#top
 
 ## Scheme
 
@@ -169,13 +169,13 @@ local network name of the machine on your network or the IP address of the
 server or machine represented by either an IPv4 or IPv6 address (within
 brackets). For example:
 
-    http://www.example.com/
+    https://www.example.com/
 
-    http://hostname/
+    https://hostname.example/
 
-    http://192.168.0.1/
+    https://192.168.0.1/
 
-    http://[2001:1890:1112:1::20]/
+    https://[2001:1890:1112:1::20]/
 
 ### "localhost"
 
diff --git a/docs/cmdline-opts/_ENVIRONMENT.md b/docs/cmdline-opts/_ENVIRONMENT.md
index 53fe5c3421..1ac85fb128 100644
--- a/docs/cmdline-opts/_ENVIRONMENT.md
+++ b/docs/cmdline-opts/_ENVIRONMENT.md
@@ -31,12 +31,12 @@ This environment variable disables use of the proxy even when specified with
 the --proxy option. That is
 
     NO_PROXY=direct.example.com curl -x http://proxy.example.com
-    http://direct.example.com
+    https://direct.example.com
 
 accesses the target URL directly, and
 
     NO_PROXY=direct.example.com curl -x http://proxy.example.com
-    http://somewhere.example.com
+    https://somewhere.example.com
 
 accesses the target URL through the proxy.
 
diff --git a/docs/cmdline-opts/_GLOBBING.md b/docs/cmdline-opts/_GLOBBING.md
index c3c7951acb..37c8d43069 100644
--- a/docs/cmdline-opts/_GLOBBING.md
+++ b/docs/cmdline-opts/_GLOBBING.md
@@ -6,7 +6,9 @@ or ranges within brackets. We call this "globbing".
 
 Provide a list with three different names like this:
 
-    http://site.{one,two,three}.com
+    https://fun.example/{one,two,three}.jpg
+
+    sftp://{one,two,three}.example/README
 
 Do sequences of alphanumeric series by using [] as in:
 
@@ -23,14 +25,14 @@ With letters through the alphabet:
 Nested sequences are not supported, but you can use several ones next to each
 other:
 
-    http://example.com/archive[1996-1999]/vol[1-4]/part{a,b,c}.html
+    https://example.com/archive[1996-1999]/vol[1-4]/part{a,b,c}.html
 
 You can specify a step counter for the ranges to get every Nth number or
 letter:
 
-    http://example.com/file[1-100:10].txt
+    https://example.com/file[1-100:10].txt
 
-    http://example.com/file[a-z:2].txt
+    https://example.com/file[a-z:2].txt
 
 When using [] or {} sequences when invoked from a command line prompt, you
 probably have to put the full URL within double quotes to avoid the shell from
diff --git a/docs/libcurl/libcurl-security.md b/docs/libcurl/libcurl-security.md
index 7fbd32974d..62dc12e97e 100644
--- a/docs/libcurl/libcurl-security.md
+++ b/docs/libcurl/libcurl-security.md
@@ -144,9 +144,10 @@ The CURLOPT_REDIR_PROTOCOLS_STR(3) and CURLOPT_NETRC(3) options can be
 used to mitigate against this kind of attack.
 
 A redirect can also specify a location available only on the machine running
-libcurl, including servers hidden behind a firewall from the attacker.
-E.g. **http://127.0.0.1/** or **http://intranet/delete-stuff.cgi?delete=all** or
-**tftp://bootp-server/pc-config-data**
+libcurl, including servers hidden behind a firewall from the attacker. E.g.
+**https://127.0.0.1/** or
+**https://intranet.example/delete-stuff.cgi?delete=all** or
+**tftp://bootp-server.example/pc-config-data**
 
 Applications can mitigate against this by disabling
 CURLOPT_FOLLOWLOCATION(3) and handling redirects itself, sanitizing URLs
@@ -172,11 +173,10 @@ way you did not intend such as injecting new headers.
 A user who can control the DNS server of a domain being passed in within a URL
 can change the address of the host to a local, private address which a
 server-side libcurl-using application could then use. E.g. the innocuous URL
-**http://fuzzybunnies.example.com/** could actually resolve to the IP
-address of a server behind a firewall, such as 127.0.0.1 or
-10.1.2.3. Applications can mitigate against this by setting a
-CURLOPT_OPENSOCKETFUNCTION(3) or CURLOPT_PREREQFUNCTION(3) and
-checking the address before a connection.
+**https://fuzzybunnies.example.com/** could actually resolve to the IP address
+of a server behind a firewall, such as 127.0.0.1 or 10.1.2.3. Applications can
+mitigate against this by setting a CURLOPT_OPENSOCKETFUNCTION(3) or
+CURLOPT_PREREQFUNCTION(3) and checking the address before a connection.
 
 All the malicious scenarios regarding redirected URLs apply just as well to
 non-redirected URLs, if the user is allowed to specify an arbitrary URL that
@@ -254,7 +254,7 @@ the request.
 If cookies are enabled and cached, then a user could craft a URL which
 performs some malicious action to a site whose authentication is already
 stored in a cookie. E.g.
-**http://mail.example.com/delete-stuff.cgi?delete=all** Applications can
+**https://mail.example.com/delete-stuff.cgi?delete=all** Applications can
 mitigate against this by disabling cookies or clearing them between requests.
 
 # Dangerous SCP URLs
@@ -315,8 +315,8 @@ if creative use of special characters are applied?
 
 If the user can set the URL, the user can also specify the scheme part to
 other protocols that you did not intend for users to use and perhaps did not
-consider. curl supports over 20 different URL schemes. "http://" might be what
-you thought, "ftp://" or "imap://" might be what the user gives your
+consider. curl supports over 27 different URL schemes. `https://` might be
+what you expect, `ftp://` or `imap://` might be what the user gives your
 application. Also, cross-protocol operations might be done by using a
 particular scheme in the URL but point to a server doing a different protocol
 on a non-standard port.
diff --git a/docs/libcurl/libcurl-tutorial.md b/docs/libcurl/libcurl-tutorial.md
index 7b01d234c4..a5bebc6655 100644
--- a/docs/libcurl/libcurl-tutorial.md
+++ b/docs/libcurl/libcurl-tutorial.md
@@ -194,7 +194,7 @@ One of the most basic properties to set in the handle is the URL. You set your
 preferred URL to transfer with CURLOPT_URL(3) in a manner similar to:
 
 ~~~c
- curl_easy_setopt(handle, CURLOPT_URL, "http://example.com/");
+ curl_easy_setopt(handle, CURLOPT_URL, "https://example.com/");
 ~~~
 
 Let's assume for a while that you want to receive data as the URL identifies a
@@ -470,7 +470,7 @@ libcurl to post it all to the remote site:
 ~~~c
     char *data = "name=daniel&project=curl";
     curl_easy_setopt(handle, CURLOPT_POSTFIELDS, data);
-    curl_easy_setopt(handle, CURLOPT_URL, "http://posthere.com/");
+    curl_easy_setopt(handle, CURLOPT_URL, "https://posthere.example/");
 
     curl_easy_perform(handle); /* post away! */
 ~~~
diff --git a/docs/libcurl/opts/CURLINFO_PROXYAUTH_USED.md b/docs/libcurl/opts/CURLINFO_PROXYAUTH_USED.md
index 92316f1a3e..eace7222d1 100644
--- a/docs/libcurl/opts/CURLINFO_PROXYAUTH_USED.md
+++ b/docs/libcurl/opts/CURLINFO_PROXYAUTH_USED.md
@@ -45,7 +45,7 @@ int main(void)
   if(curl) {
     CURLcode res;
     curl_easy_setopt(curl, CURLOPT_URL, "https://example.com");
-    curl_easy_setopt(curl, CURLOPT_PROXY, "http://proxy.example.com");
+    curl_easy_setopt(curl, CURLOPT_PROXY, "http://proxy.example");
     curl_easy_setopt(curl, CURLOPT_PROXYAUTH,
                      CURLAUTH_BASIC | CURLAUTH_DIGEST);
     curl_easy_setopt(curl, CURLOPT_PROXYUSERNAME, "shrek");
diff --git a/docs/libcurl/opts/CURLOPT_NOPROXY.md b/docs/libcurl/opts/CURLOPT_NOPROXY.md
index 117cf09be8..40f3d4cc65 100644
--- a/docs/libcurl/opts/CURLOPT_NOPROXY.md
+++ b/docs/libcurl/opts/CURLOPT_NOPROXY.md
@@ -76,7 +76,7 @@ int main(void)
     /* accept various URLs */
     curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
     /* use this proxy */
-    curl_easy_setopt(curl, CURLOPT_PROXY, "http://proxy:80");
+    curl_easy_setopt(curl, CURLOPT_PROXY, "http://proxy.example:80");
     /* ... but make sure this host name is not proxied */
     curl_easy_setopt(curl, CURLOPT_NOPROXY, "www.example.com");
     curl_easy_perform(curl);
diff --git a/docs/libcurl/opts/CURLOPT_PROXY.md b/docs/libcurl/opts/CURLOPT_PROXY.md
index fca07f23f6..2d9d456dba 100644
--- a/docs/libcurl/opts/CURLOPT_PROXY.md
+++ b/docs/libcurl/opts/CURLOPT_PROXY.md
@@ -138,7 +138,7 @@ int main(void)
   CURL *curl = curl_easy_init();
   if(curl) {
     curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/file.txt");
-    curl_easy_setopt(curl, CURLOPT_PROXY, "http://proxy:80");
+    curl_easy_setopt(curl, CURLOPT_PROXY, "http://proxy.example:80");
     curl_easy_perform(curl);
   }
 }
diff --git a/docs/libcurl/opts/CURLOPT_SUPPRESS_CONNECT_HEADERS.md b/docs/libcurl/opts/CURLOPT_SUPPRESS_CONNECT_HEADERS.md
index b05824630b..e86be358ed 100644
--- a/docs/libcurl/opts/CURLOPT_SUPPRESS_CONNECT_HEADERS.md
+++ b/docs/libcurl/opts/CURLOPT_SUPPRESS_CONNECT_HEADERS.md
@@ -83,7 +83,7 @@ int main(void)
     curl_easy_setopt(curl, CURLOPT_URL, "https://example.com");
 
     curl_easy_setopt(curl, CURLOPT_HEADER, 1L);
-    curl_easy_setopt(curl, CURLOPT_PROXY, "http://foo:3128");
+    curl_easy_setopt(curl, CURLOPT_PROXY, "http://proxy.example:3128");
     curl_easy_setopt(curl, CURLOPT_HTTPPROXYTUNNEL, 1L);
     curl_easy_setopt(curl, CURLOPT_SUPPRESS_CONNECT_HEADERS, 1L);
 

From 7dd5bb77c397e7b7a7f323224c34488f1130399a Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sun, 7 Dec 2025 17:36:54 +0100
Subject: [PATCH 1170/2408] CI/windows: add torture tests with Schannel

With Schannel and Unicode, `-shallow=13`. It finishes in 12 minutes,
making it the slowest Windows job. It's still on par with torture jobs
on other platforms (though they manage to fit `-shallow=25`).

Also `-shallow=13` still caught leaks in multiple tests.

Also:
- test2300: exclude from CI Windows torture tests.
- experimental.

The downside of going with deeper torture tests, is that it requires
increasing the job timeout. This in turns means that a hung job takes
more minutes to be killed (due to GitHub bugs where a hung step does not
honor the per-step timeout on Windows, another bug where a hung job gets
killed +5 minutes above the workflow timeout, and another bug (or
feature?) where other failed/hung jobs in the the workflow cannot be
restarted till the last job finishes or gets killed. And all this
probably related to a Perl bug which makes it hang on fork errors, which
is turn related to Cygwin/MSYS2 runtime bugs which breaks fork in case
of curl's mixed MSYS2-Perl/native-curl-binaries environment.)
The end result in longer forced waits before being able to restart flaky
jobs, which slows down iterations and annoying.

Also tried:
- non-c-ares job: detected known issues much less often.
- replaced libidn2 with WinIDN: detected known issues much less often.
- runtests -j9-j20 values: did not make a difference.
- other `-shallow` values: 20 is the max feasible, but comes with the
  downside described above.

Ref: #19675 (reboot of)
Follow-up to f08417c4259a3b9a2e4d72a48fa02ce6502cb587 #19863

Closes #19865
---
 .github/workflows/windows.yml | 34 +++++++++++++++++++---------------
 1 file changed, 19 insertions(+), 15 deletions(-)

diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml
index d2e97851fc..8dca6ce891 100644
--- a/.github/workflows/windows.yml
+++ b/.github/workflows/windows.yml
@@ -198,25 +198,26 @@ jobs:
       matrix:
         include:
           # MSYS
-          - { build: 'autotools', sys: 'msys'      , env: 'x86_64'       , tflags: ''       , config: '--enable-debug --with-openssl --disable-threaded-resolver --disable-proxy', install: 'openssl-devel libssh2-devel', name: '!proxy' }
-          - { build: 'autotools', sys: 'msys'      , env: 'x86_64'       , tflags: 'skiprun', config: '--enable-debug --with-openssl --disable-threaded-resolver', install: 'openssl-devel libssh2-devel', name: 'default' }
-          - { build: 'cmake'    , sys: 'msys'      , env: 'x86_64'       , tflags: ''       , config: '-DENABLE_DEBUG=ON -DENABLE_THREADED_RESOLVER=OFF', install: 'openssl-devel libssh2-devel', name: 'default' }
-          - { build: 'autotools', sys: 'msys'      , env: 'x86_64'       , tflags: ''       , config: '--with-openssl', install: 'openssl-devel libssh2-devel', name: 'default R' }
+          - { build: 'autotools', sys: 'msys'      , env: 'x86_64'       , tflags: ''                    , config: '--enable-debug --with-openssl --disable-threaded-resolver --disable-proxy', install: 'openssl-devel libssh2-devel', name: '!proxy' }
+          - { build: 'autotools', sys: 'msys'      , env: 'x86_64'       , tflags: 'skiprun'             , config: '--enable-debug --with-openssl --disable-threaded-resolver', install: 'openssl-devel libssh2-devel', name: 'default' }
+          - { build: 'cmake'    , sys: 'msys'      , env: 'x86_64'       , tflags: ''                    , config: '-DENABLE_DEBUG=ON -DENABLE_THREADED_RESOLVER=OFF', install: 'openssl-devel libssh2-devel', name: 'default' }
+          - { build: 'autotools', sys: 'msys'      , env: 'x86_64'       , tflags: ''                    , config: '--with-openssl', install: 'openssl-devel libssh2-devel', name: 'default R' }
           # MinGW
-          - { build: 'autotools', sys: 'mingw64'   , env: 'x86_64'       , tflags: 'skiprun', config: '--enable-debug --with-openssl --disable-threaded-resolver --disable-curldebug --enable-static=no --without-zlib CPPFLAGS=-D_WIN32_WINNT=0x0501', install: 'mingw-w64-x86_64-openssl mingw-w64-x86_64-libssh2', name: 'default XP' }
-          - { build: 'autotools', sys: 'mingw64'   , env: 'x86_64'       , tflags: ''       , config: '--enable-debug --with-openssl --enable-windows-unicode --enable-ares --with-openssl-quic --enable-shared=no', install: 'mingw-w64-x86_64-c-ares mingw-w64-x86_64-openssl mingw-w64-x86_64-nghttp3 mingw-w64-x86_64-libssh2', name: 'c-ares U' }
-          - { build: 'cmake'    , sys: 'mingw64'   , env: 'x86_64'       , tflags: ''       , config: '-DENABLE_DEBUG=ON  -DBUILD_SHARED_LIBS=OFF -DCURL_USE_SCHANNEL=ON -DENABLE_UNICODE=ON -DENABLE_ARES=ON', install: 'mingw-w64-x86_64-c-ares mingw-w64-x86_64-libssh2', type: 'Debug', name: 'schannel c-ares U' }
+          - { build: 'autotools', sys: 'mingw64'   , env: 'x86_64'       , tflags: 'skiprun'             , config: '--enable-debug --with-openssl --disable-threaded-resolver --disable-curldebug --enable-static=no --without-zlib CPPFLAGS=-D_WIN32_WINNT=0x0501', install: 'mingw-w64-x86_64-openssl mingw-w64-x86_64-libssh2', name: 'default XP' }
+          - { build: 'autotools', sys: 'mingw64'   , env: 'x86_64'       , tflags: ''                    , config: '--enable-debug --with-openssl --enable-windows-unicode --enable-ares --with-openssl-quic --enable-shared=no', install: 'mingw-w64-x86_64-c-ares mingw-w64-x86_64-openssl mingw-w64-x86_64-nghttp3 mingw-w64-x86_64-libssh2', name: 'c-ares U' }
+          - { build: 'cmake'    , sys: 'mingw64'   , env: 'x86_64'       , tflags: ''                    , config: '-DENABLE_DEBUG=ON  -DBUILD_SHARED_LIBS=OFF -DCURL_USE_SCHANNEL=ON -DENABLE_UNICODE=ON -DENABLE_ARES=ON', install: 'mingw-w64-x86_64-c-ares mingw-w64-x86_64-libssh2', type: 'Debug', name: 'schannel c-ares U' }
+          - { build: 'cmake'    , sys: 'mingw64'   , env: 'x86_64'       , tflags: '-t --shallow=13 !FTP', config: '-DENABLE_DEBUG=ON  -DBUILD_SHARED_LIBS=OFF -DCURL_USE_SCHANNEL=ON -DENABLE_UNICODE=ON -DENABLE_ARES=ON', install: 'mingw-w64-x86_64-c-ares mingw-w64-x86_64-libssh2', type: 'Debug', name: 'schannel U torture' }
           # WARNING: libssh uses hard-coded world-writable paths (/etc/..., ~/.ssh/) to
           #          read its configuration from, making it vulnerable to attacks on
           #          Windows. Do not use this component till there is a fix for these.
           # https://github.com/curl/curl-for-win/blob/3951808deb04df9489ee17430f236ed54436f81a/libssh.sh#L6-L8
-          - { build: 'cmake'    , sys: 'clang64'   , env: 'clang-x86_64' , tflags: ''       , config: '-DENABLE_DEBUG=ON  -DBUILD_SHARED_LIBS=OFF -DCURL_USE_GNUTLS=ON   -DENABLE_UNICODE=OFF -DUSE_NGTCP2=ON -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=ON', install: 'mingw-w64-clang-x86_64-gnutls mingw-w64-clang-x86_64-nghttp3 mingw-w64-clang-x86_64-ngtcp2 mingw-w64-clang-x86_64-libssh', type: 'Debug', name: 'gnutls libssh' }
-          - { build: 'cmake'    , sys: 'clangarm64', env: 'clang-aarch64', tflags: 'skiprun', config: '-DENABLE_DEBUG=OFF -DBUILD_SHARED_LIBS=ON  -DCURL_USE_SCHANNEL=ON -DENABLE_UNICODE=ON -DENABLE_CURLDEBUG=ON', install: 'mingw-w64-clang-aarch64-libssh2', type: 'Release', name: 'schannel R TrackMemory', image: 'windows-11-arm' }
-          - { build: 'cmake'    , sys: 'clang64'   , env: 'clang-x86_64' , tflags: 'skiprun', config: '-DENABLE_DEBUG=ON  -DBUILD_SHARED_LIBS=OFF -DCURL_USE_OPENSSL=ON  -DENABLE_UNICODE=OFF -DUSE_NGTCP2=ON', install: 'mingw-w64-clang-x86_64-openssl mingw-w64-clang-x86_64-nghttp3 mingw-w64-clang-x86_64-ngtcp2 mingw-w64-clang-x86_64-libssh2', type: 'Release', name: 'openssl', chkprefill: '_chkprefill' }
-          - { build: 'cmake'    , sys: 'ucrt64'    , env: 'ucrt-x86_64'  , tflags: 'skiprun', config: '-DENABLE_DEBUG=OFF -DBUILD_SHARED_LIBS=ON  -DCURL_USE_OPENSSL=ON', install: 'mingw-w64-ucrt-x86_64-openssl mingw-w64-ucrt-x86_64-libssh2', type: 'Release', test: 'uwp', name: 'schannel' }
-          # { build: 'autotools', sys: 'ucrt64'    , env: 'ucrt-x86_64'  , tflags: 'skiprun', config: '--without-debug --with-schannel --enable-shared', install: 'mingw-w64-ucrt-x86_64-libssh2', type: 'Release', test: 'uwp', name: 'schannel' }
-          - { build: 'cmake'    , sys: 'mingw64'   , env: 'x86_64'       , tflags: 'skiprun', config: '-DENABLE_DEBUG=ON  -DBUILD_SHARED_LIBS=ON  -DCURL_USE_SCHANNEL=ON -DENABLE_UNICODE=ON -DCMAKE_VERBOSE_MAKEFILE=ON', install: 'mingw-w64-x86_64-libssh2', type: 'Debug', cflags: '-DCURL_SCHANNEL_DEV_DEBUG', name: 'schannel dev debug', image: 'windows-2025' }
-          - { build: 'cmake'    , sys: 'mingw32'   , env: 'i686'         , tflags: 'skiprun', config: '-DENABLE_DEBUG=OFF -DBUILD_SHARED_LIBS=ON  -DCURL_USE_SCHANNEL=ON -DENABLE_UNICODE=ON', install: 'mingw-w64-i686-libssh2', type: 'Release', name: 'schannel R' }
+          - { build: 'cmake'    , sys: 'clang64'   , env: 'clang-x86_64' , tflags: ''                    , config: '-DENABLE_DEBUG=ON  -DBUILD_SHARED_LIBS=OFF -DCURL_USE_GNUTLS=ON   -DENABLE_UNICODE=OFF -DUSE_NGTCP2=ON -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=ON', install: 'mingw-w64-clang-x86_64-gnutls mingw-w64-clang-x86_64-nghttp3 mingw-w64-clang-x86_64-ngtcp2 mingw-w64-clang-x86_64-libssh', type: 'Debug', name: 'gnutls libssh' }
+          - { build: 'cmake'    , sys: 'clangarm64', env: 'clang-aarch64', tflags: 'skiprun'             , config: '-DENABLE_DEBUG=OFF -DBUILD_SHARED_LIBS=ON  -DCURL_USE_SCHANNEL=ON -DENABLE_UNICODE=ON -DENABLE_CURLDEBUG=ON', install: 'mingw-w64-clang-aarch64-libssh2', type: 'Release', name: 'schannel R TrackMemory', image: 'windows-11-arm' }
+          - { build: 'cmake'    , sys: 'clang64'   , env: 'clang-x86_64' , tflags: 'skiprun'             , config: '-DENABLE_DEBUG=ON  -DBUILD_SHARED_LIBS=OFF -DCURL_USE_OPENSSL=ON  -DENABLE_UNICODE=OFF -DUSE_NGTCP2=ON', install: 'mingw-w64-clang-x86_64-openssl mingw-w64-clang-x86_64-nghttp3 mingw-w64-clang-x86_64-ngtcp2 mingw-w64-clang-x86_64-libssh2', type: 'Release', name: 'openssl', chkprefill: '_chkprefill' }
+          - { build: 'cmake'    , sys: 'ucrt64'    , env: 'ucrt-x86_64'  , tflags: 'skiprun'             , config: '-DENABLE_DEBUG=OFF -DBUILD_SHARED_LIBS=ON  -DCURL_USE_OPENSSL=ON', install: 'mingw-w64-ucrt-x86_64-openssl mingw-w64-ucrt-x86_64-libssh2', type: 'Release', test: 'uwp', name: 'schannel' }
+          # { build: 'autotools', sys: 'ucrt64'    , env: 'ucrt-x86_64'  , tflags: 'skiprun'             , config: '--without-debug --with-schannel --enable-shared', install: 'mingw-w64-ucrt-x86_64-libssh2', type: 'Release', test: 'uwp', name: 'schannel' }
+          - { build: 'cmake'    , sys: 'mingw64'   , env: 'x86_64'       , tflags: 'skiprun'             , config: '-DENABLE_DEBUG=ON  -DBUILD_SHARED_LIBS=ON  -DCURL_USE_SCHANNEL=ON -DENABLE_UNICODE=ON -DCMAKE_VERBOSE_MAKEFILE=ON', install: 'mingw-w64-x86_64-libssh2', type: 'Debug', cflags: '-DCURL_SCHANNEL_DEV_DEBUG', name: 'schannel dev debug', image: 'windows-2025' }
+          - { build: 'cmake'    , sys: 'mingw32'   , env: 'i686'         , tflags: 'skiprun'             , config: '-DENABLE_DEBUG=OFF -DBUILD_SHARED_LIBS=ON  -DCURL_USE_SCHANNEL=ON -DENABLE_UNICODE=ON', install: 'mingw-w64-i686-libssh2', type: 'Release', name: 'schannel R' }
       fail-fast: false
     steps:
       - uses: msys2/setup-msys2@fb197b72ce45fb24f17bf3f807a388985654d1f2 # v2.29.0
@@ -367,7 +368,7 @@ jobs:
 
       - name: 'run tests'
         if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }}
-        timeout-minutes: 10
+        timeout-minutes: ${{ contains(matrix.tflags, '-t') && 15 || 10 }}
         env:
           MATRIX_INSTALL: '${{ matrix.install }}'
           TFLAGS: '${{ matrix.tflags }}'
@@ -378,6 +379,9 @@ jobs:
             if [[ "${MATRIX_INSTALL}" = *'libssh2-wincng'* ]]; then
               TFLAGS+=' ~SCP ~SFTP'  # Flaky: `-8, Unable to exchange encryption keys`. https://github.com/libssh2/libssh2/issues/804
             fi
+            if [[ "${TFLAGS}" = *'-t'* ]]; then
+              TFLAGS+=' !2300'  # Leaks memory and file handle via tool_doswin.c / win32_stdin_read_thread()
+            fi
           fi
           if [ -x "$(cygpath "${SYSTEMROOT}/System32/curl.exe")" ]; then
             TFLAGS+=" -ac $(cygpath "${SYSTEMROOT}/System32/curl.exe")"

From cc853ddc3dcf6478690a60c2cfd529e4c94e462c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 8 Dec 2025 14:20:54 +0000
Subject: [PATCH 1171/2408] GHA: bump pip-dependencies ruff, psutil, pytest

- update `ruff` from 0.14.5 to 0.14.8
- update `psutil` from 7.1.2 to 7.1.3
- update `pytest` from 8.4.2 to 9.0.1

Closes #19876
---
 .github/scripts/requirements.txt | 2 +-
 tests/http/requirements.txt      | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/scripts/requirements.txt b/.github/scripts/requirements.txt
index 874e710997..537f329aca 100644
--- a/.github/scripts/requirements.txt
+++ b/.github/scripts/requirements.txt
@@ -6,4 +6,4 @@ cmakelang==0.6.13
 codespell==2.4.1
 pytype==2024.10.11
 reuse==6.2.0
-ruff==0.14.5
+ruff==0.14.8
diff --git a/tests/http/requirements.txt b/tests/http/requirements.txt
index a27bf48ea1..fde20ec152 100644
--- a/tests/http/requirements.txt
+++ b/tests/http/requirements.txt
@@ -4,7 +4,7 @@
 
 cryptography==46.0.3
 filelock==3.20.0
-psutil==7.1.2
-pytest==8.4.2
+psutil==7.1.3
+pytest==9.0.1
 pytest-xdist==3.8.0
 websockets==15.0.1

From 64a1092a7953446299b1114a15e7e82e7b5fefd2 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 8 Dec 2025 17:02:26 +0100
Subject: [PATCH 1172/2408] IPFS.md: wrap long lines

Closes #19880
---
 docs/IPFS.md | 26 +++++++++++++++++++++-----
 1 file changed, 21 insertions(+), 5 deletions(-)

diff --git a/docs/IPFS.md b/docs/IPFS.md
index 8ce51325bf..c39f802dd9 100644
--- a/docs/IPFS.md
+++ b/docs/IPFS.md
@@ -7,22 +7,38 @@ SPDX-License-Identifier: curl
 # IPFS
 For an overview about IPFS, visit the [IPFS project site](https://ipfs.tech/).
 
-In IPFS there are two protocols. IPFS and IPNS (their workings are explained in detail [here](https://docs.ipfs.tech/concepts/)). The ideal way to access data on the IPFS network is through those protocols. For example to access the Big Buck Bunny video the ideal way to access it is like: `ipfs://bafybeigagd5nmnn2iys2f3doro7ydrevyr2mzarwidgadawmamiteydbzi`
+In IPFS there are two protocols. IPFS and IPNS (their workings are explained
+in detail [here](https://docs.ipfs.tech/concepts/)). The ideal way to access
+data on the IPFS network is through those protocols. For example to access
+the Big Buck Bunny video the ideal way to access it is like:
+`ipfs://bafybeigagd5nmnn2iys2f3doro7ydrevyr2mzarwidgadawmamiteydbzi`
 
 ## IPFS Gateways
 
 IPFS Gateway acts as a bridge between traditional HTTP clients and IPFS.
-IPFS Gateway specifications of HTTP semantics can be found [here](https://specs.ipfs.tech/http-gateways/).
+IPFS Gateway specifications of HTTP semantics can be found
+[here](https://specs.ipfs.tech/http-gateways/).
 
 ### Deserialized responses
 
-By default, a gateway acts as a bridge between traditional HTTP clients and IPFS and performs necessary hash verification and deserialization. Through such gateway, users can download files, directories, and other content-addressed data stored with IPFS or IPNS as if they were stored in a traditional web server.
+By default, a gateway acts as a bridge between traditional HTTP clients and
+IPFS and performs necessary hash verification and deserialization. Through such
+gateway, users can download files, directories, and other content-addressed
+data stored with IPFS or IPNS as if they were stored in a traditional web
+server.
 
 ### Verifiable responses
 
-By explicitly requesting [application/vnd.ipld.raw](https://www.iana.org/assignments/media-types/application/vnd.ipld.raw) or [application/vnd.ipld.car](https://www.iana.org/assignments/media-types/application/vnd.ipld.car) responses, by means defined in [Trustless Gateway Specification](https://specs.ipfs.tech/http-gateways/trustless-gateway/), the user is able to fetch raw content-addressed data and [perform hash verification themselves](https://docs.ipfs.tech/reference/http/gateway/#trustless-verifiable-retrieval).
+By explicitly requesting
+[application/vnd.ipld.raw](https://www.iana.org/assignments/media-types/application/vnd.ipld.raw) or
+[application/vnd.ipld.car](https://www.iana.org/assignments/media-types/application/vnd.ipld.car)
+responses, by means defined in
+[Trustless Gateway Specification](https://specs.ipfs.tech/http-gateways/trustless-gateway/),
+the user is able to fetch raw content-addressed data and
+[perform hash verification themselves](https://docs.ipfs.tech/reference/http/gateway/#trustless-verifiable-retrieval).
 
-This enables users to use untrusted, public gateways without worrying they might return invalid/malicious bytes.
+This enables users to use untrusted, public gateways without worrying they
+might return invalid/malicious bytes.
 
 ## IPFS and IPNS protocol handling
 

From 16f4b2038503aac2e32dca2abff8dd44e7591810 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 8 Dec 2025 15:54:38 +0100
Subject: [PATCH 1173/2408] KNOWN_BUGS: remove link to codepoints.net

The site is so slow it often triggers a failure for the link checker.

Closes #19878
---
 docs/KNOWN_BUGS | 1 -
 1 file changed, 1 deletion(-)

diff --git a/docs/KNOWN_BUGS b/docs/KNOWN_BUGS
index 278cc2a097..e28a90053d 100644
--- a/docs/KNOWN_BUGS
+++ b/docs/KNOWN_BUGS
@@ -322,7 +322,6 @@ problems may have been fixed or changed somewhat since this was written.
 6.5 NTLM does not support password with Unicode 'SECTION SIGN' character
 
  https://en.wikipedia.org/wiki/Section_sign
- https://codepoints.net/U+00A7 SECTION SIGN
  https://github.com/curl/curl/issues/2120
 
 6.6 libcurl can fail to try alternatives with --proxy-any

From 09e48d5a046fc9b97c15f9b1d2e21de38eda508d Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 8 Dec 2025 15:50:48 +0100
Subject: [PATCH 1174/2408] mk-ca-bundle.md: the file format docs URL is
 permaredirected

Closes #19877
---
 docs/mk-ca-bundle.md | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/docs/mk-ca-bundle.md b/docs/mk-ca-bundle.md
index fe68635263..bb5b7b1a48 100644
--- a/docs/mk-ca-bundle.md
+++ b/docs/mk-ca-bundle.md
@@ -122,6 +122,5 @@ Returns 0 on success. Returns 1 if it fails to download data.
 
 # FILE FORMAT
 
-The file format used by Mozilla for this trust information is documented here:
-
-https://p11-glue.freedesktop.org/doc/storing-trust-policy/storing-trust-existing.html
+The file format used by Mozilla for this trust information is [documented
+here](https://p11-glue.github.io/p11-glue/doc/storing-trust-policy/storing-trust-existing.html).

From 2ae983bf4ea5ef86f0e68ea0ff219a91b1aa3428 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 8 Dec 2025 16:44:29 +0100
Subject: [PATCH 1175/2408] tidy-up: URLs

- to avoid dupes.
- missing slashes.
- drop `.git` suffix from GitHub git repo URLs for a few outliers.
- use short YouTube URL like curl-www does.
- sync two RFC doc URLs with others.

Closes #19879
---
 README             | 2 +-
 README.md          | 2 +-
 docs/CONTRIBUTE.md | 2 +-
 docs/DISTROS.md    | 2 +-
 docs/ECH.md        | 2 +-
 docs/FAQ           | 2 +-
 docs/HTTP3.md      | 6 +++---
 docs/INSTALL.md    | 4 ++--
 docs/KNOWN_BUGS    | 2 ++
 docs/TODO          | 2 +-
 docs/testcurl.md   | 2 +-
 11 files changed, 15 insertions(+), 13 deletions(-)

diff --git a/README b/README
index df320f9481..2f68ef0c9f 100644
--- a/README
+++ b/README
@@ -38,7 +38,7 @@ GIT
 
   To download the latest source code off the GIT server, do this:
 
-    git clone https://github.com/curl/curl.git
+    git clone https://github.com/curl/curl
 
   (you will get a directory named curl created, filled with the source code)
 
diff --git a/README.md b/README.md
index 2fe5316281..69e8b937dc 100644
--- a/README.md
+++ b/README.md
@@ -50,7 +50,7 @@ Visit the [curl website](https://curl.se/) for the latest news and downloads.
 
 Download the latest source from the Git server:
 
-    git clone https://github.com/curl/curl.git
+    git clone https://github.com/curl/curl
 
 ## Security problems
 
diff --git a/docs/CONTRIBUTE.md b/docs/CONTRIBUTE.md
index 4a34a539bb..3abf729598 100644
--- a/docs/CONTRIBUTE.md
+++ b/docs/CONTRIBUTE.md
@@ -289,7 +289,7 @@ Just ask if this is what you would want. You are required to have posted
 several high quality patches first, before you can be granted push access.
 
 ## Useful resources
- - [Webinar on getting code into curl](https://www.youtube.com/watch?v=QmZ3W1d6LQI)
+ - [Webinar on getting code into curl](https://youtu.be/QmZ3W1d6LQI)
 
 # Update copyright and license information
 
diff --git a/docs/DISTROS.md b/docs/DISTROS.md
index 7f61e2aa3f..8810cc9991 100644
--- a/docs/DISTROS.md
+++ b/docs/DISTROS.md
@@ -256,7 +256,7 @@ can also be used on other distributions
 ## Rocky Linux
 
 - curl: https://git.rockylinux.org/staging/rpms/curl/-/blob/r9/SPECS/curl.spec
-- curl issues: https://bugs.rockylinux.org
+- curl issues: https://bugs.rockylinux.org/
 - curl patches: https://git.rockylinux.org/staging/rpms/curl/-/tree/r9/SOURCES
 
 ## SerenityOS
diff --git a/docs/ECH.md b/docs/ECH.md
index 6f236a106b..042719245c 100644
--- a/docs/ECH.md
+++ b/docs/ECH.md
@@ -77,7 +77,7 @@ The above works for these test sites:
 ```sh
 https://defo.ie/ech-check.php
 https://crypto.cloudflare.com/cdn-cgi/trace
-https://tls-ech.dev
+https://tls-ech.dev/
 ```
 
 The list above has 4 different server technologies, implemented by 3 different
diff --git a/docs/FAQ b/docs/FAQ
index 230b850bac..ef93c91c41 100644
--- a/docs/FAQ
+++ b/docs/FAQ
@@ -1043,7 +1043,7 @@ FAQ
   you will find that even if D:\blah.txt does exist, curl returns a 'file
   not found' error.
 
-  According to RFC 1738 (https://www.ietf.org/rfc/rfc1738.txt),
+  According to RFC 1738 (https://datatracker.ietf.org/doc/html/rfc1738),
   file:// URLs must contain a host component, but it is ignored by
   most implementations. In the above example, 'D:' is treated as the
   host component, and is taken away. Thus, curl tries to open '/blah.txt'.
diff --git a/docs/HTTP3.md b/docs/HTTP3.md
index def30798ec..2b0a4c72b8 100644
--- a/docs/HTTP3.md
+++ b/docs/HTTP3.md
@@ -140,7 +140,7 @@ Build curl:
 
 Build GnuTLS:
 
-     % git clone --depth 1 https://gitlab.com/gnutls/gnutls.git
+     % git clone --depth 1 https://gitlab.com/gnutls/gnutls
      % cd gnutls
      % ./bootstrap
      % ./configure --prefix=
@@ -182,7 +182,7 @@ Build curl:
 
 Build wolfSSL:
 
-     % git clone https://github.com/wolfSSL/wolfssl.git
+     % git clone https://github.com/wolfSSL/wolfssl
      % cd wolfssl
      % autoreconf -fi
      % ./configure --prefix= --enable-quic --enable-session-ticket --enable-earlydata --enable-psk --enable-harden --enable-altcertchains
@@ -386,7 +386,7 @@ above.
 
 Get, build and install nghttp2:
 
-     % git clone https://github.com/nghttp2/nghttp2.git
+     % git clone https://github.com/nghttp2/nghttp2
      % cd nghttp2
      % autoreconf -fi
      % PKG_CONFIG_PATH=$PKG_CONFIG_PATH:/home/daniel/build-quictls/lib/pkgconfig:/home/daniel/build-nghttp3/lib/pkgconfig:/home/daniel/build-ngtcp2/lib/pkgconfig LDFLAGS=-L/home/daniel/build-quictls/lib CFLAGS=-I/home/daniel/build-quictls/include ./configure --enable-maintainer-mode --prefix=/home/daniel/build-nghttp2 --disable-shared --enable-app --enable-http3 --without-jemalloc --without-libxml2 --without-systemd
diff --git a/docs/INSTALL.md b/docs/INSTALL.md
index 1859dc21ae..751b21e620 100644
--- a/docs/INSTALL.md
+++ b/docs/INSTALL.md
@@ -18,7 +18,7 @@ libcurl from [source code](https://curl.se/download.html).
 You can download and install curl and libcurl using
 the [vcpkg](https://github.com/Microsoft/vcpkg) dependency manager:
 
-    git clone https://github.com/Microsoft/vcpkg.git
+    git clone https://github.com/Microsoft/vcpkg
     cd vcpkg
     ./bootstrap-vcpkg.sh
     ./vcpkg integrate install
@@ -244,7 +244,7 @@ Either run setup-x86_64.exe, then search and select packages individually, or tr
     setup-x86_64.exe -P binutils -P gcc-core -P libpsl-devel -P libtool -P perl -P make
 
 If the latter, matching packages should appear in the install rows (*is fickle though*) after selecting
-the download site i.e. `https://mirrors.kernel.org`. In either case, follow the GUI prompts
+the download site i.e. `https://mirrors.kernel.org/`. In either case, follow the GUI prompts
 until you reach the "Select Packages" window; then select packages, click next, and finish
 the `cygwin` package installation.
 
diff --git a/docs/KNOWN_BUGS b/docs/KNOWN_BUGS
index e28a90053d..f65e9f1ae2 100644
--- a/docs/KNOWN_BUGS
+++ b/docs/KNOWN_BUGS
@@ -321,6 +321,8 @@ problems may have been fixed or changed somewhat since this was written.
 
 6.5 NTLM does not support password with Unicode 'SECTION SIGN' character
 
+ Code point: U+00A7
+
  https://en.wikipedia.org/wiki/Section_sign
  https://github.com/curl/curl/issues/2120
 
diff --git a/docs/TODO b/docs/TODO
index 817591dfb7..22ca27f88d 100644
--- a/docs/TODO
+++ b/docs/TODO
@@ -771,7 +771,7 @@
 
  DNS-Based Authentication of Named Entities (DANE) is a way to provide SSL
  keys and certs over DNS using DNSSEC as an alternative to the CA model.
- https://www.rfc-editor.org/rfc/rfc6698.txt
+ https://datatracker.ietf.org/doc/html/rfc6698
 
  An initial patch was posted by Suresh Krishnaswamy on March 7th 2013
  (https://curl.se/mail/lib-2013-03/0075.html) but it was a too simple
diff --git a/docs/testcurl.md b/docs/testcurl.md
index e4acab6db7..b5149e098b 100644
--- a/docs/testcurl.md
+++ b/docs/testcurl.md
@@ -102,7 +102,7 @@ snapshots automatically):
 
     $ mkdir curl-testing
     $ cd curl-testing
-    $ git clone https://github.com/curl/curl.git
+    $ git clone https://github.com/curl/curl
 
 With the curl sources checked out, or downloaded, you can start testing right
 away. If you want to use *testcurl* without command line arguments and to have

From d75716e4e55c7074566f48d8c03bfd721461e105 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Mon, 1 Dec 2025 13:31:42 +0100
Subject: [PATCH 1176/2408] tests/data: move `--libcurl` output to external
 data files

To make the test files XML-compliant, and the expected results
possibly easier to manage by keeping them in `.c` files.

Non-XML-compliant files are down to 36 after this patch.

Also:
- make all macro expansions apply to `%includetext` contents.

Closes #19799
---
 docs/tests/FILEFORMAT.md |  3 +-
 scripts/checksrc-all.pl  |  1 +
 tests/data/Makefile.am   |  4 +-
 tests/data/data1400.c    | 46 +++++++++++++++++++++
 tests/data/data1401.c    | 58 +++++++++++++++++++++++++++
 tests/data/data1402.c    | 48 ++++++++++++++++++++++
 tests/data/data1403.c    | 46 +++++++++++++++++++++
 tests/data/data1404.c    | 83 ++++++++++++++++++++++++++++++++++++++
 tests/data/data1405.c    | 66 ++++++++++++++++++++++++++++++
 tests/data/data1406.c    | 56 ++++++++++++++++++++++++++
 tests/data/data1407.c    | 46 +++++++++++++++++++++
 tests/data/data1420.c    | 46 +++++++++++++++++++++
 tests/data/data1465.c    | 48 ++++++++++++++++++++++
 tests/data/data1481.c    | 49 ++++++++++++++++++++++
 tests/data/test1400      | 49 +---------------------
 tests/data/test1401      | 60 +--------------------------
 tests/data/test1402      | 51 +----------------------
 tests/data/test1403      | 49 +---------------------
 tests/data/test1404      | 87 +---------------------------------------
 tests/data/test1405      | 72 ++-------------------------------
 tests/data/test1406      | 62 ++--------------------------
 tests/data/test1407      | 53 ++----------------------
 tests/data/test1420      | 52 ++----------------------
 tests/data/test1465      | 51 +----------------------
 tests/data/test1481      | 52 +-----------------------
 tests/runner.pm          |  6 +++
 tests/testutil.pm        | 31 +++++++++-----
 27 files changed, 645 insertions(+), 630 deletions(-)
 create mode 100644 tests/data/data1400.c
 create mode 100644 tests/data/data1401.c
 create mode 100644 tests/data/data1402.c
 create mode 100644 tests/data/data1403.c
 create mode 100644 tests/data/data1404.c
 create mode 100644 tests/data/data1405.c
 create mode 100644 tests/data/data1406.c
 create mode 100644 tests/data/data1407.c
 create mode 100644 tests/data/data1420.c
 create mode 100644 tests/data/data1465.c
 create mode 100644 tests/data/data1481.c

diff --git a/docs/tests/FILEFORMAT.md b/docs/tests/FILEFORMAT.md
index 90a249fac2..c655a4d863 100644
--- a/docs/tests/FILEFORMAT.md
+++ b/docs/tests/FILEFORMAT.md
@@ -115,7 +115,8 @@ the include instruction:
     %include filename%
 
 Or, a variant of the above where the file is loaded as a newline-agnostic
-text file, and `%CR`, `%SP`, `%TAB` macros are expanded after inclusion:
+text file, and whitespace, special character macros and variables expanded
+after inclusion:
 
     %includetext filename%
 
diff --git a/scripts/checksrc-all.pl b/scripts/checksrc-all.pl
index 08ff6cfbf5..764895148e 100755
--- a/scripts/checksrc-all.pl
+++ b/scripts/checksrc-all.pl
@@ -22,6 +22,7 @@ if(@ARGV) {
 }
 
 @files = grep !/\/CMakeFiles\//, @files;
+@files = grep !/tests\/data\/data.+\.c/, @files;
 @files = map { dirname($_) } @files;
 my @dirs = sort { $a cmp $b } keys %{{ map { $_ => 1 } @files }};
 
diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am
index 18c6969391..910dbd6991 100644
--- a/tests/data/Makefile.am
+++ b/tests/data/Makefile.am
@@ -283,4 +283,6 @@ test3200 test3201 test3202 test3203 test3204 test3205 test3206 test3207 test3208
 test3209 test3210 test3211 test3212 test3213 test3214 test3215 test3216 \
 test4000 test4001
 
-EXTRA_DIST = $(TESTCASES) DISABLED data-xml1
+EXTRA_DIST = $(TESTCASES) DISABLED data-xml1 \
+data1400.c data1401.c data1402.c data1403.c data1404.c data1405.c data1406.c \
+data1407.c data1420.c data1465.c data1481.c
diff --git a/tests/data/data1400.c b/tests/data/data1400.c
new file mode 100644
index 0000000000..8aeb3c8fc8
--- /dev/null
+++ b/tests/data/data1400.c
@@ -0,0 +1,46 @@
+/********* Sample code generated by the curl command line tool **********
+ * All curl_easy_setopt() options are documented at:
+ * https://curl.se/libcurl/c/curl_easy_setopt.html
+ ************************************************************************/
+#include 
+
+int main(int argc, char *argv[])
+{
+  CURLcode ret;
+  CURL *hnd;
+
+  hnd = curl_easy_init();
+  curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
+  curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
+  curl_easy_setopt(hnd, CURLOPT_URL, "http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER");
+  curl_easy_setopt(hnd, CURLOPT_USERAGENT, "curl/%VERSION");
+  curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L);
+  curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);
+
+  /* Here is a list of options the curl code used that cannot get generated
+     as source easily. You may choose to either not use them or implement
+     them yourself.
+
+  CURLOPT_DEBUGFUNCTION was set to a function pointer
+  CURLOPT_DEBUGDATA was set to an object pointer
+  CURLOPT_WRITEDATA was set to an object pointer
+  CURLOPT_WRITEFUNCTION was set to a function pointer
+  CURLOPT_READDATA was set to an object pointer
+  CURLOPT_READFUNCTION was set to a function pointer
+  CURLOPT_SEEKDATA was set to an object pointer
+  CURLOPT_SEEKFUNCTION was set to a function pointer
+  CURLOPT_HEADERFUNCTION was set to a function pointer
+  CURLOPT_HEADERDATA was set to an object pointer
+  CURLOPT_ERRORBUFFER was set to an object pointer
+  CURLOPT_STDERR was set to an object pointer
+
+  */
+
+  ret = curl_easy_perform(hnd);
+
+  curl_easy_cleanup(hnd);
+  hnd = NULL;
+
+  return (int)ret;
+}
+/**** End of sample code ****/
diff --git a/tests/data/data1401.c b/tests/data/data1401.c
new file mode 100644
index 0000000000..dfea0bb673
--- /dev/null
+++ b/tests/data/data1401.c
@@ -0,0 +1,58 @@
+/********* Sample code generated by the curl command line tool **********
+ * All curl_easy_setopt() options are documented at:
+ * https://curl.se/libcurl/c/curl_easy_setopt.html
+ ************************************************************************/
+#include 
+
+int main(int argc, char *argv[])
+{
+  CURLcode ret;
+  CURL *hnd;
+  struct curl_slist *slist1;
+
+  slist1 = NULL;
+  slist1 = curl_slist_append(slist1, "X-Files: Mulder");
+  slist1 = curl_slist_append(slist1, "X-Men: cyclops, iceman");
+
+  hnd = curl_easy_init();
+  curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
+  curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
+  curl_easy_setopt(hnd, CURLOPT_URL, "http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER");
+  curl_easy_setopt(hnd, CURLOPT_USERPWD, "fake:user");
+  curl_easy_setopt(hnd, CURLOPT_HTTPAUTH, (long)CURLAUTH_BASIC);
+  curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, slist1);
+  curl_easy_setopt(hnd, CURLOPT_USERAGENT, "MyUA");
+  curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L);
+  curl_easy_setopt(hnd, CURLOPT_COOKIE, "chocolate=chip");
+  curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);
+  curl_easy_setopt(hnd, CURLOPT_PROTOCOLS_STR, "file,ftp,http");
+
+  /* Here is a list of options the curl code used that cannot get generated
+     as source easily. You may choose to either not use them or implement
+     them yourself.
+
+  CURLOPT_DEBUGFUNCTION was set to a function pointer
+  CURLOPT_DEBUGDATA was set to an object pointer
+  CURLOPT_WRITEDATA was set to an object pointer
+  CURLOPT_WRITEFUNCTION was set to a function pointer
+  CURLOPT_READDATA was set to an object pointer
+  CURLOPT_READFUNCTION was set to a function pointer
+  CURLOPT_SEEKDATA was set to an object pointer
+  CURLOPT_SEEKFUNCTION was set to a function pointer
+  CURLOPT_HEADERFUNCTION was set to a function pointer
+  CURLOPT_HEADERDATA was set to an object pointer
+  CURLOPT_ERRORBUFFER was set to an object pointer
+  CURLOPT_STDERR was set to an object pointer
+
+  */
+
+  ret = curl_easy_perform(hnd);
+
+  curl_easy_cleanup(hnd);
+  hnd = NULL;
+  curl_slist_free_all(slist1);
+  slist1 = NULL;
+
+  return (int)ret;
+}
+/**** End of sample code ****/
diff --git a/tests/data/data1402.c b/tests/data/data1402.c
new file mode 100644
index 0000000000..917b4aa822
--- /dev/null
+++ b/tests/data/data1402.c
@@ -0,0 +1,48 @@
+/********* Sample code generated by the curl command line tool **********
+ * All curl_easy_setopt() options are documented at:
+ * https://curl.se/libcurl/c/curl_easy_setopt.html
+ ************************************************************************/
+#include 
+
+int main(int argc, char *argv[])
+{
+  CURLcode ret;
+  CURL *hnd;
+
+  hnd = curl_easy_init();
+  curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
+  curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
+  curl_easy_setopt(hnd, CURLOPT_URL, "http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER");
+  curl_easy_setopt(hnd, CURLOPT_POSTFIELDS, "foo=bar&baz=quux");
+  curl_easy_setopt(hnd, CURLOPT_POSTFIELDSIZE_LARGE, (curl_off_t)16);
+  curl_easy_setopt(hnd, CURLOPT_USERAGENT, "curl/%VERSION");
+  curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L);
+  curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);
+
+  /* Here is a list of options the curl code used that cannot get generated
+     as source easily. You may choose to either not use them or implement
+     them yourself.
+
+  CURLOPT_DEBUGFUNCTION was set to a function pointer
+  CURLOPT_DEBUGDATA was set to an object pointer
+  CURLOPT_WRITEDATA was set to an object pointer
+  CURLOPT_WRITEFUNCTION was set to a function pointer
+  CURLOPT_READDATA was set to an object pointer
+  CURLOPT_READFUNCTION was set to a function pointer
+  CURLOPT_SEEKDATA was set to an object pointer
+  CURLOPT_SEEKFUNCTION was set to a function pointer
+  CURLOPT_HEADERFUNCTION was set to a function pointer
+  CURLOPT_HEADERDATA was set to an object pointer
+  CURLOPT_ERRORBUFFER was set to an object pointer
+  CURLOPT_STDERR was set to an object pointer
+
+  */
+
+  ret = curl_easy_perform(hnd);
+
+  curl_easy_cleanup(hnd);
+  hnd = NULL;
+
+  return (int)ret;
+}
+/**** End of sample code ****/
diff --git a/tests/data/data1403.c b/tests/data/data1403.c
new file mode 100644
index 0000000000..38226573cd
--- /dev/null
+++ b/tests/data/data1403.c
@@ -0,0 +1,46 @@
+/********* Sample code generated by the curl command line tool **********
+ * All curl_easy_setopt() options are documented at:
+ * https://curl.se/libcurl/c/curl_easy_setopt.html
+ ************************************************************************/
+#include 
+
+int main(int argc, char *argv[])
+{
+  CURLcode ret;
+  CURL *hnd;
+
+  hnd = curl_easy_init();
+  curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
+  curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
+  curl_easy_setopt(hnd, CURLOPT_URL, "http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER\?foo=bar&baz=quux");
+  curl_easy_setopt(hnd, CURLOPT_USERAGENT, "curl/%VERSION");
+  curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L);
+  curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);
+
+  /* Here is a list of options the curl code used that cannot get generated
+     as source easily. You may choose to either not use them or implement
+     them yourself.
+
+  CURLOPT_DEBUGFUNCTION was set to a function pointer
+  CURLOPT_DEBUGDATA was set to an object pointer
+  CURLOPT_WRITEDATA was set to an object pointer
+  CURLOPT_WRITEFUNCTION was set to a function pointer
+  CURLOPT_READDATA was set to an object pointer
+  CURLOPT_READFUNCTION was set to a function pointer
+  CURLOPT_SEEKDATA was set to an object pointer
+  CURLOPT_SEEKFUNCTION was set to a function pointer
+  CURLOPT_HEADERFUNCTION was set to a function pointer
+  CURLOPT_HEADERDATA was set to an object pointer
+  CURLOPT_ERRORBUFFER was set to an object pointer
+  CURLOPT_STDERR was set to an object pointer
+
+  */
+
+  ret = curl_easy_perform(hnd);
+
+  curl_easy_cleanup(hnd);
+  hnd = NULL;
+
+  return (int)ret;
+}
+/**** End of sample code ****/
diff --git a/tests/data/data1404.c b/tests/data/data1404.c
new file mode 100644
index 0000000000..24b68adb06
--- /dev/null
+++ b/tests/data/data1404.c
@@ -0,0 +1,83 @@
+/********* Sample code generated by the curl command line tool **********
+ * All curl_easy_setopt() options are documented at:
+ * https://curl.se/libcurl/c/curl_easy_setopt.html
+ ************************************************************************/
+#include 
+
+int main(int argc, char *argv[])
+{
+  CURLcode ret;
+  CURL *hnd;
+  curl_mime *mime1;
+  curl_mimepart *part1;
+  curl_mime *mime2;
+  curl_mimepart *part2;
+  struct curl_slist *slist1;
+
+  mime1 = NULL;
+  mime2 = NULL;
+  slist1 = NULL;
+  slist1 = curl_slist_append(slist1, "X-testheader-1: header 1");
+  slist1 = curl_slist_append(slist1, "X-testheader-2: header 2");
+
+  hnd = curl_easy_init();
+  curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
+  curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
+  curl_easy_setopt(hnd, CURLOPT_URL, "http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER");
+  mime1 = curl_mime_init(hnd);
+  part1 = curl_mime_addpart(mime1);
+  curl_mime_data(part1, "value", CURL_ZERO_TERMINATED);
+  curl_mime_name(part1, "name");
+  part1 = curl_mime_addpart(mime1);
+  mime2 = curl_mime_init(hnd);
+  part2 = curl_mime_addpart(mime2);
+  curl_mime_filedata(part2, "%LOGDIR/test%TESTNUMBER.txt");
+  part2 = curl_mime_addpart(mime2);
+  curl_mime_filedata(part2, "%LOGDIR/test%TESTNUMBER.txt");
+  curl_mime_encoder(part2, "8bit");
+  curl_mime_type(part2, "magic/content");
+  part2 = curl_mime_addpart(mime2);
+  curl_mime_filedata(part2, "%LOGDIR/test%TESTNUMBER.txt");
+  curl_mime_headers(part2, slist1, 1);
+  slist1 = NULL;
+  curl_mime_subparts(part1, mime2);
+  mime2 = NULL;
+  curl_mime_name(part1, "file");
+  curl_easy_setopt(hnd, CURLOPT_MIMEPOST, mime1);
+  curl_easy_setopt(hnd, CURLOPT_USERAGENT, "curl/%VERSION");
+  curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L);
+  curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);
+
+  /* Here is a list of options the curl code used that cannot get generated
+     as source easily. You may choose to either not use them or implement
+     them yourself.
+
+  CURLOPT_DEBUGFUNCTION was set to a function pointer
+  CURLOPT_DEBUGDATA was set to an object pointer
+  CURLOPT_WRITEDATA was set to an object pointer
+  CURLOPT_WRITEFUNCTION was set to a function pointer
+  CURLOPT_READDATA was set to an object pointer
+  CURLOPT_READFUNCTION was set to a function pointer
+  CURLOPT_SEEKDATA was set to an object pointer
+  CURLOPT_SEEKFUNCTION was set to a function pointer
+  CURLOPT_HEADERFUNCTION was set to a function pointer
+  CURLOPT_HEADERDATA was set to an object pointer
+  CURLOPT_ERRORBUFFER was set to an object pointer
+  CURLOPT_STDERR was set to an object pointer
+
+  */
+
+  ret = curl_easy_perform(hnd);
+
+  curl_easy_cleanup(hnd);
+  hnd = NULL;
+  curl_mime_free(mime1);
+  mime1 = NULL;
+  curl_mime_free(mime2);
+  mime2 = NULL;
+  curl_slist_free_all(slist1);
+  slist1 = NULL;
+
+  return (int)ret;
+}
+/**** End of sample code ****/
diff --git a/tests/data/data1405.c b/tests/data/data1405.c
new file mode 100644
index 0000000000..e80b77edda
--- /dev/null
+++ b/tests/data/data1405.c
@@ -0,0 +1,66 @@
+/********* Sample code generated by the curl command line tool **********
+ * All curl_easy_setopt() options are documented at:
+ * https://curl.se/libcurl/c/curl_easy_setopt.html
+ ************************************************************************/
+#include 
+
+int main(int argc, char *argv[])
+{
+  CURLcode ret;
+  CURL *hnd;
+  struct curl_slist *slist1;
+  struct curl_slist *slist2;
+  struct curl_slist *slist3;
+
+  slist1 = NULL;
+  slist1 = curl_slist_append(slist1, "NOOP 1");
+  slist1 = curl_slist_append(slist1, "*FAIL");
+  slist2 = NULL;
+  slist2 = curl_slist_append(slist2, "NOOP 3");
+  slist3 = NULL;
+  slist3 = curl_slist_append(slist3, "NOOP 2");
+  slist3 = curl_slist_append(slist3, "*FAIL HARD");
+
+  hnd = curl_easy_init();
+  curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
+  curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
+  curl_easy_setopt(hnd, CURLOPT_URL, "ftp://%HOSTIP:%FTPPORT/%TESTNUMBER");
+  curl_easy_setopt(hnd, CURLOPT_FTP_SKIP_PASV_IP, 1L);
+  curl_easy_setopt(hnd, CURLOPT_QUOTE, slist1);
+  curl_easy_setopt(hnd, CURLOPT_POSTQUOTE, slist2);
+  curl_easy_setopt(hnd, CURLOPT_PREQUOTE, slist3);
+  curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);
+
+  /* Here is a list of options the curl code used that cannot get generated
+     as source easily. You may choose to either not use them or implement
+     them yourself.
+
+  CURLOPT_DEBUGFUNCTION was set to a function pointer
+  CURLOPT_DEBUGDATA was set to an object pointer
+  CURLOPT_WRITEDATA was set to an object pointer
+  CURLOPT_WRITEFUNCTION was set to a function pointer
+  CURLOPT_READDATA was set to an object pointer
+  CURLOPT_READFUNCTION was set to a function pointer
+  CURLOPT_SEEKDATA was set to an object pointer
+  CURLOPT_SEEKFUNCTION was set to a function pointer
+  CURLOPT_HEADERFUNCTION was set to a function pointer
+  CURLOPT_HEADERDATA was set to an object pointer
+  CURLOPT_ERRORBUFFER was set to an object pointer
+  CURLOPT_STDERR was set to an object pointer
+
+  */
+
+  ret = curl_easy_perform(hnd);
+
+  curl_easy_cleanup(hnd);
+  hnd = NULL;
+  curl_slist_free_all(slist1);
+  slist1 = NULL;
+  curl_slist_free_all(slist2);
+  slist2 = NULL;
+  curl_slist_free_all(slist3);
+  slist3 = NULL;
+
+  return (int)ret;
+}
+/**** End of sample code ****/
diff --git a/tests/data/data1406.c b/tests/data/data1406.c
new file mode 100644
index 0000000000..b71dffa88f
--- /dev/null
+++ b/tests/data/data1406.c
@@ -0,0 +1,56 @@
+/********* Sample code generated by the curl command line tool **********
+ * All curl_easy_setopt() options are documented at:
+ * https://curl.se/libcurl/c/curl_easy_setopt.html
+ ************************************************************************/
+#include 
+
+int main(int argc, char *argv[])
+{
+  CURLcode ret;
+  CURL *hnd;
+  struct curl_slist *slist1;
+
+  slist1 = NULL;
+  slist1 = curl_slist_append(slist1, "recipient.one@example.com");
+  slist1 = curl_slist_append(slist1, "recipient.two@example.com");
+
+  hnd = curl_easy_init();
+  curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
+  curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
+  curl_easy_setopt(hnd, CURLOPT_URL, "smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER");
+  curl_easy_setopt(hnd, CURLOPT_UPLOAD, 1L);
+  curl_easy_setopt(hnd, CURLOPT_USERAGENT, "curl/%VERSION");
+  curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);
+  curl_easy_setopt(hnd, CURLOPT_MAIL_FROM, "sender@example.com");
+  curl_easy_setopt(hnd, CURLOPT_MAIL_RCPT, slist1);
+  curl_easy_setopt(hnd, CURLOPT_INFILESIZE_LARGE, (curl_off_t)38);
+
+  /* Here is a list of options the curl code used that cannot get generated
+     as source easily. You may choose to either not use them or implement
+     them yourself.
+
+  CURLOPT_DEBUGFUNCTION was set to a function pointer
+  CURLOPT_DEBUGDATA was set to an object pointer
+  CURLOPT_WRITEDATA was set to an object pointer
+  CURLOPT_WRITEFUNCTION was set to a function pointer
+  CURLOPT_READDATA was set to an object pointer
+  CURLOPT_READFUNCTION was set to a function pointer
+  CURLOPT_SEEKDATA was set to an object pointer
+  CURLOPT_SEEKFUNCTION was set to a function pointer
+  CURLOPT_HEADERFUNCTION was set to a function pointer
+  CURLOPT_HEADERDATA was set to an object pointer
+  CURLOPT_ERRORBUFFER was set to an object pointer
+  CURLOPT_STDERR was set to an object pointer
+
+  */
+
+  ret = curl_easy_perform(hnd);
+
+  curl_easy_cleanup(hnd);
+  hnd = NULL;
+  curl_slist_free_all(slist1);
+  slist1 = NULL;
+
+  return (int)ret;
+}
+/**** End of sample code ****/
diff --git a/tests/data/data1407.c b/tests/data/data1407.c
new file mode 100644
index 0000000000..f1d2b30f0f
--- /dev/null
+++ b/tests/data/data1407.c
@@ -0,0 +1,46 @@
+/********* Sample code generated by the curl command line tool **********
+ * All curl_easy_setopt() options are documented at:
+ * https://curl.se/libcurl/c/curl_easy_setopt.html
+ ************************************************************************/
+#include 
+
+int main(int argc, char *argv[])
+{
+  CURLcode ret;
+  CURL *hnd;
+
+  hnd = curl_easy_init();
+  curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
+  curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
+  curl_easy_setopt(hnd, CURLOPT_URL, "pop3://%HOSTIP:%POP3PORT/%TESTNUMBER");
+  curl_easy_setopt(hnd, CURLOPT_DIRLISTONLY, 1L);
+  curl_easy_setopt(hnd, CURLOPT_USERPWD, "user:secret");
+  curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);
+
+  /* Here is a list of options the curl code used that cannot get generated
+     as source easily. You may choose to either not use them or implement
+     them yourself.
+
+  CURLOPT_DEBUGFUNCTION was set to a function pointer
+  CURLOPT_DEBUGDATA was set to an object pointer
+  CURLOPT_WRITEDATA was set to an object pointer
+  CURLOPT_WRITEFUNCTION was set to a function pointer
+  CURLOPT_READDATA was set to an object pointer
+  CURLOPT_READFUNCTION was set to a function pointer
+  CURLOPT_SEEKDATA was set to an object pointer
+  CURLOPT_SEEKFUNCTION was set to a function pointer
+  CURLOPT_HEADERFUNCTION was set to a function pointer
+  CURLOPT_HEADERDATA was set to an object pointer
+  CURLOPT_ERRORBUFFER was set to an object pointer
+  CURLOPT_STDERR was set to an object pointer
+
+  */
+
+  ret = curl_easy_perform(hnd);
+
+  curl_easy_cleanup(hnd);
+  hnd = NULL;
+
+  return (int)ret;
+}
+/**** End of sample code ****/
diff --git a/tests/data/data1420.c b/tests/data/data1420.c
new file mode 100644
index 0000000000..8405d8ba4c
--- /dev/null
+++ b/tests/data/data1420.c
@@ -0,0 +1,46 @@
+/********* Sample code generated by the curl command line tool **********
+ * All curl_easy_setopt() options are documented at:
+ * https://curl.se/libcurl/c/curl_easy_setopt.html
+ ************************************************************************/
+#include 
+
+int main(int argc, char *argv[])
+{
+  CURLcode ret;
+  CURL *hnd;
+
+  hnd = curl_easy_init();
+  curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
+  curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
+  curl_easy_setopt(hnd, CURLOPT_URL, "imap://%HOSTIP:%IMAPPORT/%TESTNUMBER/;MAILINDEX=1");
+  curl_easy_setopt(hnd, CURLOPT_USERPWD, "user:secret");
+  curl_easy_setopt(hnd, CURLOPT_USERAGENT, "curl/%VERSION");
+  curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);
+
+  /* Here is a list of options the curl code used that cannot get generated
+     as source easily. You may choose to either not use them or implement
+     them yourself.
+
+  CURLOPT_DEBUGFUNCTION was set to a function pointer
+  CURLOPT_DEBUGDATA was set to an object pointer
+  CURLOPT_WRITEDATA was set to an object pointer
+  CURLOPT_WRITEFUNCTION was set to a function pointer
+  CURLOPT_READDATA was set to an object pointer
+  CURLOPT_READFUNCTION was set to a function pointer
+  CURLOPT_SEEKDATA was set to an object pointer
+  CURLOPT_SEEKFUNCTION was set to a function pointer
+  CURLOPT_HEADERFUNCTION was set to a function pointer
+  CURLOPT_HEADERDATA was set to an object pointer
+  CURLOPT_ERRORBUFFER was set to an object pointer
+  CURLOPT_STDERR was set to an object pointer
+
+  */
+
+  ret = curl_easy_perform(hnd);
+
+  curl_easy_cleanup(hnd);
+  hnd = NULL;
+
+  return (int)ret;
+}
+/**** End of sample code ****/
diff --git a/tests/data/data1465.c b/tests/data/data1465.c
new file mode 100644
index 0000000000..09e13f28d5
--- /dev/null
+++ b/tests/data/data1465.c
@@ -0,0 +1,48 @@
+/********* Sample code generated by the curl command line tool **********
+ * All curl_easy_setopt() options are documented at:
+ * https://curl.se/libcurl/c/curl_easy_setopt.html
+ ************************************************************************/
+#include 
+
+int main(int argc, char *argv[])
+{
+  CURLcode ret;
+  CURL *hnd;
+
+  hnd = curl_easy_init();
+  curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
+  curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
+  curl_easy_setopt(hnd, CURLOPT_URL, "http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER");
+  curl_easy_setopt(hnd, CURLOPT_POSTFIELDS, "ab\201cd\000e\\\"\?\r\n\t\001fghi\x1ajklm\xfd");
+  curl_easy_setopt(hnd, CURLOPT_POSTFIELDSIZE_LARGE, (curl_off_t)24);
+  curl_easy_setopt(hnd, CURLOPT_USERAGENT, "curl/%VERSION");
+  curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L);
+  curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);
+
+  /* Here is a list of options the curl code used that cannot get generated
+     as source easily. You may choose to either not use them or implement
+     them yourself.
+
+  CURLOPT_DEBUGFUNCTION was set to a function pointer
+  CURLOPT_DEBUGDATA was set to an object pointer
+  CURLOPT_WRITEDATA was set to an object pointer
+  CURLOPT_WRITEFUNCTION was set to a function pointer
+  CURLOPT_READDATA was set to an object pointer
+  CURLOPT_READFUNCTION was set to a function pointer
+  CURLOPT_SEEKDATA was set to an object pointer
+  CURLOPT_SEEKFUNCTION was set to a function pointer
+  CURLOPT_HEADERFUNCTION was set to a function pointer
+  CURLOPT_HEADERDATA was set to an object pointer
+  CURLOPT_ERRORBUFFER was set to an object pointer
+  CURLOPT_STDERR was set to an object pointer
+
+  */
+
+  ret = curl_easy_perform(hnd);
+
+  curl_easy_cleanup(hnd);
+  hnd = NULL;
+
+  return (int)ret;
+}
+/**** End of sample code ****/
diff --git a/tests/data/data1481.c b/tests/data/data1481.c
new file mode 100644
index 0000000000..b8741c0d95
--- /dev/null
+++ b/tests/data/data1481.c
@@ -0,0 +1,49 @@
+/********* Sample code generated by the curl command line tool **********
+ * All curl_easy_setopt() options are documented at:
+ * https://curl.se/libcurl/c/curl_easy_setopt.html
+ ************************************************************************/
+#include 
+
+int main(int argc, char *argv[])
+{
+  CURLcode ret;
+  CURL *hnd;
+
+  hnd = curl_easy_init();
+  curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
+  curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
+  curl_easy_setopt(hnd, CURLOPT_URL, "http://moo/");
+  curl_easy_setopt(hnd, CURLOPT_PROXY, "http://%HOSTIP:%HTTPPORT");
+  curl_easy_setopt(hnd, CURLOPT_USERAGENT, "curl/%VERSION");
+  curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L);
+  curl_easy_setopt(hnd, CURLOPT_SSLVERSION, (long)(CURL_SSLVERSION_TLSv1_2 | CURL_SSLVERSION_MAX_TLSv1_3));
+  curl_easy_setopt(hnd, CURLOPT_PROXY_SSLVERSION, (long)CURL_SSLVERSION_TLSv1);
+  curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);
+
+  /* Here is a list of options the curl code used that cannot get generated
+     as source easily. You may choose to either not use them or implement
+     them yourself.
+
+  CURLOPT_DEBUGFUNCTION was set to a function pointer
+  CURLOPT_DEBUGDATA was set to an object pointer
+  CURLOPT_WRITEDATA was set to an object pointer
+  CURLOPT_WRITEFUNCTION was set to a function pointer
+  CURLOPT_READDATA was set to an object pointer
+  CURLOPT_READFUNCTION was set to a function pointer
+  CURLOPT_SEEKDATA was set to an object pointer
+  CURLOPT_SEEKFUNCTION was set to a function pointer
+  CURLOPT_HEADERFUNCTION was set to a function pointer
+  CURLOPT_HEADERDATA was set to an object pointer
+  CURLOPT_ERRORBUFFER was set to an object pointer
+  CURLOPT_STDERR was set to an object pointer
+
+  */
+
+  ret = curl_easy_perform(hnd);
+
+  curl_easy_cleanup(hnd);
+  hnd = NULL;
+
+  return (int)ret;
+}
+/**** End of sample code ****/
diff --git a/tests/data/test1400 b/tests/data/test1400
index 9c54240c2f..5b7758fae8 100644
--- a/tests/data/test1400
+++ b/tests/data/test1400
@@ -4,7 +4,6 @@
 HTTP
 HTTP GET
 --libcurl
-notxml
 
 
 
@@ -49,7 +48,6 @@ Accept: */*
 
 
 
-s/(USERAGENT, \")[^\"]+/${1}stripped/
 # CURLOPT_SSL_VERIFYPEER, SSH_KNOWNHOSTS and HTTP_VERSION vary with
 # CURLOPT_INTERLEAVEDATA requires RTSP protocol
 # configurations - just ignore them
@@ -62,52 +60,7 @@ $_ = '' if /CURLOPT_INTERLEAVEDATA/
 $_ = '' if /CURLOPT_TIMEOUT_MS/
 
 
-/********* Sample code generated by the curl command line tool **********
- * All curl_easy_setopt() options are documented at:
- * https://curl.se/libcurl/c/curl_easy_setopt.html
- ************************************************************************/
-#include 
-
-int main(int argc, char *argv[])
-{
-  CURLcode ret;
-  CURL *hnd;
-
-  hnd = curl_easy_init();
-  curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
-  curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
-  curl_easy_setopt(hnd, CURLOPT_URL, "http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER");
-  curl_easy_setopt(hnd, CURLOPT_USERAGENT, "stripped");
-  curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L);
-  curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);
-
-  /* Here is a list of options the curl code used that cannot get generated
-     as source easily. You may choose to either not use them or implement
-     them yourself.
-
-  CURLOPT_DEBUGFUNCTION was set to a function pointer
-  CURLOPT_DEBUGDATA was set to an object pointer
-  CURLOPT_WRITEDATA was set to an object pointer
-  CURLOPT_WRITEFUNCTION was set to a function pointer
-  CURLOPT_READDATA was set to an object pointer
-  CURLOPT_READFUNCTION was set to a function pointer
-  CURLOPT_SEEKDATA was set to an object pointer
-  CURLOPT_SEEKFUNCTION was set to a function pointer
-  CURLOPT_HEADERFUNCTION was set to a function pointer
-  CURLOPT_HEADERDATA was set to an object pointer
-  CURLOPT_ERRORBUFFER was set to an object pointer
-  CURLOPT_STDERR was set to an object pointer
-
-  */
-
-  ret = curl_easy_perform(hnd);
-
-  curl_easy_cleanup(hnd);
-  hnd = NULL;
-
-  return (int)ret;
-}
-/**** End of sample code ****/
+%includetext %SRCDIR/data/data1400.c%
 
 
 
diff --git a/tests/data/test1401 b/tests/data/test1401
index e2f51f3911..87ed2e4543 100644
--- a/tests/data/test1401
+++ b/tests/data/test1401
@@ -7,7 +7,6 @@ HTTP Basic auth
 HTTP set cookie
 cookies
 --libcurl
-notxml
 
 
 
@@ -71,64 +70,7 @@ $_ = '' if /CURLOPT_SSLVERSION/
 $_ = '' if /CURLOPT_TIMEOUT_MS/
 
 
-/********* Sample code generated by the curl command line tool **********
- * All curl_easy_setopt() options are documented at:
- * https://curl.se/libcurl/c/curl_easy_setopt.html
- ************************************************************************/
-#include 
-
-int main(int argc, char *argv[])
-{
-  CURLcode ret;
-  CURL *hnd;
-  struct curl_slist *slist1;
-
-  slist1 = NULL;
-  slist1 = curl_slist_append(slist1, "X-Files: Mulder");
-  slist1 = curl_slist_append(slist1, "X-Men: cyclops, iceman");
-
-  hnd = curl_easy_init();
-  curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
-  curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
-  curl_easy_setopt(hnd, CURLOPT_URL, "http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER");
-  curl_easy_setopt(hnd, CURLOPT_USERPWD, "fake:user");
-  curl_easy_setopt(hnd, CURLOPT_HTTPAUTH, (long)CURLAUTH_BASIC);
-  curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, slist1);
-  curl_easy_setopt(hnd, CURLOPT_USERAGENT, "MyUA");
-  curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L);
-  curl_easy_setopt(hnd, CURLOPT_COOKIE, "chocolate=chip");
-  curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);
-  curl_easy_setopt(hnd, CURLOPT_PROTOCOLS_STR, "file,ftp,http");
-
-  /* Here is a list of options the curl code used that cannot get generated
-     as source easily. You may choose to either not use them or implement
-     them yourself.
-
-  CURLOPT_DEBUGFUNCTION was set to a function pointer
-  CURLOPT_DEBUGDATA was set to an object pointer
-  CURLOPT_WRITEDATA was set to an object pointer
-  CURLOPT_WRITEFUNCTION was set to a function pointer
-  CURLOPT_READDATA was set to an object pointer
-  CURLOPT_READFUNCTION was set to a function pointer
-  CURLOPT_SEEKDATA was set to an object pointer
-  CURLOPT_SEEKFUNCTION was set to a function pointer
-  CURLOPT_HEADERFUNCTION was set to a function pointer
-  CURLOPT_HEADERDATA was set to an object pointer
-  CURLOPT_ERRORBUFFER was set to an object pointer
-  CURLOPT_STDERR was set to an object pointer
-
-  */
-
-  ret = curl_easy_perform(hnd);
-
-  curl_easy_cleanup(hnd);
-  hnd = NULL;
-  curl_slist_free_all(slist1);
-  slist1 = NULL;
-
-  return (int)ret;
-}
-/**** End of sample code ****/
+%includetext %SRCDIR/data/data1401.c%
 
 
 
diff --git a/tests/data/test1402 b/tests/data/test1402
index 77c0798da2..86eb102045 100644
--- a/tests/data/test1402
+++ b/tests/data/test1402
@@ -53,8 +53,6 @@ Content-Type: application/x-www-form-urlencoded
 foo=bar&baz=quux
 
 
-# curl's default user-agent varies with version, libraries etc.
-s/(USERAGENT, \")[^\"]+/${1}stripped/
 # CURLOPT_SSL_VERIFYPEER, SSH_KNOWNHOSTS and HTTP_VERSION vary with
 # configurations - just ignore them
 $_ = '' if /CURLOPT_SSL_VERIFYPEER/
@@ -65,54 +63,7 @@ $_ = '' if /CURLOPT_SSLVERSION/
 $_ = '' if /CURLOPT_TIMEOUT_MS/
 
 
-/********* Sample code generated by the curl command line tool **********
- * All curl_easy_setopt() options are documented at:
- * https://curl.se/libcurl/c/curl_easy_setopt.html
- ************************************************************************/
-#include 
-
-int main(int argc, char *argv[])
-{
-  CURLcode ret;
-  CURL *hnd;
-
-  hnd = curl_easy_init();
-  curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
-  curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
-  curl_easy_setopt(hnd, CURLOPT_URL, "http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER");
-  curl_easy_setopt(hnd, CURLOPT_POSTFIELDS, "foo=bar&baz=quux");
-  curl_easy_setopt(hnd, CURLOPT_POSTFIELDSIZE_LARGE, (curl_off_t)16);
-  curl_easy_setopt(hnd, CURLOPT_USERAGENT, "stripped");
-  curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L);
-  curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);
-
-  /* Here is a list of options the curl code used that cannot get generated
-     as source easily. You may choose to either not use them or implement
-     them yourself.
-
-  CURLOPT_DEBUGFUNCTION was set to a function pointer
-  CURLOPT_DEBUGDATA was set to an object pointer
-  CURLOPT_WRITEDATA was set to an object pointer
-  CURLOPT_WRITEFUNCTION was set to a function pointer
-  CURLOPT_READDATA was set to an object pointer
-  CURLOPT_READFUNCTION was set to a function pointer
-  CURLOPT_SEEKDATA was set to an object pointer
-  CURLOPT_SEEKFUNCTION was set to a function pointer
-  CURLOPT_HEADERFUNCTION was set to a function pointer
-  CURLOPT_HEADERDATA was set to an object pointer
-  CURLOPT_ERRORBUFFER was set to an object pointer
-  CURLOPT_STDERR was set to an object pointer
-
-  */
-
-  ret = curl_easy_perform(hnd);
-
-  curl_easy_cleanup(hnd);
-  hnd = NULL;
-
-  return (int)ret;
-}
-/**** End of sample code ****/
+%includetext %SRCDIR/data/data1402.c%
 
 
 
diff --git a/tests/data/test1403 b/tests/data/test1403
index 94ada0fdd9..6627b70aa1 100644
--- a/tests/data/test1403
+++ b/tests/data/test1403
@@ -50,8 +50,6 @@ Accept: */*
 
 
 
-# curl's default user-agent varies with version, libraries etc.
-s/(USERAGENT, \")[^\"]+/${1}stripped/
 # CURLOPT_SSL_VERIFYPEER, SSH_KNOWNHOSTS and HTTP_VERSION vary with
 # configurations - just ignore them
 $_ = '' if /CURLOPT_SSL_VERIFYPEER/
@@ -62,52 +60,7 @@ $_ = '' if /CURLOPT_SSLVERSION/
 $_ = '' if /CURLOPT_TIMEOUT_MS/
 
 
-/********* Sample code generated by the curl command line tool **********
- * All curl_easy_setopt() options are documented at:
- * https://curl.se/libcurl/c/curl_easy_setopt.html
- ************************************************************************/
-#include 
-
-int main(int argc, char *argv[])
-{
-  CURLcode ret;
-  CURL *hnd;
-
-  hnd = curl_easy_init();
-  curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
-  curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
-  curl_easy_setopt(hnd, CURLOPT_URL, "http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER\?foo=bar&baz=quux");
-  curl_easy_setopt(hnd, CURLOPT_USERAGENT, "stripped");
-  curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L);
-  curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);
-
-  /* Here is a list of options the curl code used that cannot get generated
-     as source easily. You may choose to either not use them or implement
-     them yourself.
-
-  CURLOPT_DEBUGFUNCTION was set to a function pointer
-  CURLOPT_DEBUGDATA was set to an object pointer
-  CURLOPT_WRITEDATA was set to an object pointer
-  CURLOPT_WRITEFUNCTION was set to a function pointer
-  CURLOPT_READDATA was set to an object pointer
-  CURLOPT_READFUNCTION was set to a function pointer
-  CURLOPT_SEEKDATA was set to an object pointer
-  CURLOPT_SEEKFUNCTION was set to a function pointer
-  CURLOPT_HEADERFUNCTION was set to a function pointer
-  CURLOPT_HEADERDATA was set to an object pointer
-  CURLOPT_ERRORBUFFER was set to an object pointer
-  CURLOPT_STDERR was set to an object pointer
-
-  */
-
-  ret = curl_easy_perform(hnd);
-
-  curl_easy_cleanup(hnd);
-  hnd = NULL;
-
-  return (int)ret;
-}
-/**** End of sample code ****/
+%includetext %SRCDIR/data/data1403.c%
 
 
 
diff --git a/tests/data/test1404 b/tests/data/test1404
index 3ffcde8939..4471101246 100644
--- a/tests/data/test1404
+++ b/tests/data/test1404
@@ -6,7 +6,6 @@ HTTP
 HTTP FORMPOST
 HTTP file upload
 --libcurl
-notxml
 
 
 
@@ -95,8 +94,6 @@ dummy data
 ------------------------------9ef8d6205763--%CR
 
 
-# curl's default user-agent varies with version, libraries etc.
-s/(USERAGENT, \")[^\"]+/${1}stripped/
 # CURLOPT_SSL_VERIFYPEER, SSH_KNOWNHOSTS and HTTP_VERSION vary with
 # configurations - just ignore them
 $_ = '' if /CURLOPT_SSL_VERIFYPEER/
@@ -109,89 +106,7 @@ $_ = '' if /CURLOPT_TIMEOUT_MS/
 $_ = '' if /\/\* "value" \*\//
 
 
-/********* Sample code generated by the curl command line tool **********
- * All curl_easy_setopt() options are documented at:
- * https://curl.se/libcurl/c/curl_easy_setopt.html
- ************************************************************************/
-#include 
-
-int main(int argc, char *argv[])
-{
-  CURLcode ret;
-  CURL *hnd;
-  curl_mime *mime1;
-  curl_mimepart *part1;
-  curl_mime *mime2;
-  curl_mimepart *part2;
-  struct curl_slist *slist1;
-
-  mime1 = NULL;
-  mime2 = NULL;
-  slist1 = NULL;
-  slist1 = curl_slist_append(slist1, "X-testheader-1: header 1");
-  slist1 = curl_slist_append(slist1, "X-testheader-2: header 2");
-
-  hnd = curl_easy_init();
-  curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
-  curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
-  curl_easy_setopt(hnd, CURLOPT_URL, "http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER");
-  mime1 = curl_mime_init(hnd);
-  part1 = curl_mime_addpart(mime1);
-  curl_mime_data(part1, "value", CURL_ZERO_TERMINATED);
-  curl_mime_name(part1, "name");
-  part1 = curl_mime_addpart(mime1);
-  mime2 = curl_mime_init(hnd);
-  part2 = curl_mime_addpart(mime2);
-  curl_mime_filedata(part2, "%LOGDIR/test%TESTNUMBER.txt");
-  part2 = curl_mime_addpart(mime2);
-  curl_mime_filedata(part2, "%LOGDIR/test%TESTNUMBER.txt");
-  curl_mime_encoder(part2, "8bit");
-  curl_mime_type(part2, "magic/content");
-  part2 = curl_mime_addpart(mime2);
-  curl_mime_filedata(part2, "%LOGDIR/test%TESTNUMBER.txt");
-  curl_mime_headers(part2, slist1, 1);
-  slist1 = NULL;
-  curl_mime_subparts(part1, mime2);
-  mime2 = NULL;
-  curl_mime_name(part1, "file");
-  curl_easy_setopt(hnd, CURLOPT_MIMEPOST, mime1);
-  curl_easy_setopt(hnd, CURLOPT_USERAGENT, "stripped");
-  curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L);
-  curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);
-
-  /* Here is a list of options the curl code used that cannot get generated
-     as source easily. You may choose to either not use them or implement
-     them yourself.
-
-  CURLOPT_DEBUGFUNCTION was set to a function pointer
-  CURLOPT_DEBUGDATA was set to an object pointer
-  CURLOPT_WRITEDATA was set to an object pointer
-  CURLOPT_WRITEFUNCTION was set to a function pointer
-  CURLOPT_READDATA was set to an object pointer
-  CURLOPT_READFUNCTION was set to a function pointer
-  CURLOPT_SEEKDATA was set to an object pointer
-  CURLOPT_SEEKFUNCTION was set to a function pointer
-  CURLOPT_HEADERFUNCTION was set to a function pointer
-  CURLOPT_HEADERDATA was set to an object pointer
-  CURLOPT_ERRORBUFFER was set to an object pointer
-  CURLOPT_STDERR was set to an object pointer
-
-  */
-
-  ret = curl_easy_perform(hnd);
-
-  curl_easy_cleanup(hnd);
-  hnd = NULL;
-  curl_mime_free(mime1);
-  mime1 = NULL;
-  curl_mime_free(mime2);
-  mime2 = NULL;
-  curl_slist_free_all(slist1);
-  slist1 = NULL;
-
-  return (int)ret;
-}
-/**** End of sample code ****/
+%includetext %SRCDIR/data/data1404.c%
 
 
 
diff --git a/tests/data/test1405 b/tests/data/test1405
index 84ccd6a0fb..880f345e72 100644
--- a/tests/data/test1405
+++ b/tests/data/test1405
@@ -6,7 +6,6 @@ FTP
 post-quote
 pre-quote
 --libcurl
-notxml
 
 
 # Server-side
@@ -62,74 +61,6 @@ RETR %TESTNUMBER
 NOOP 3
 QUIT
 
-
-/********* Sample code generated by the curl command line tool **********
- * All curl_easy_setopt() options are documented at:
- * https://curl.se/libcurl/c/curl_easy_setopt.html
- ************************************************************************/
-#include 
-
-int main(int argc, char *argv[])
-{
-  CURLcode ret;
-  CURL *hnd;
-  struct curl_slist *slist1;
-  struct curl_slist *slist2;
-  struct curl_slist *slist3;
-
-  slist1 = NULL;
-  slist1 = curl_slist_append(slist1, "NOOP 1");
-  slist1 = curl_slist_append(slist1, "*FAIL");
-  slist2 = NULL;
-  slist2 = curl_slist_append(slist2, "NOOP 3");
-  slist3 = NULL;
-  slist3 = curl_slist_append(slist3, "NOOP 2");
-  slist3 = curl_slist_append(slist3, "*FAIL HARD");
-
-  hnd = curl_easy_init();
-  curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
-  curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
-  curl_easy_setopt(hnd, CURLOPT_URL, "ftp://%HOSTIP:%FTPPORT/%TESTNUMBER");
-  curl_easy_setopt(hnd, CURLOPT_FTP_SKIP_PASV_IP, 1L);
-  curl_easy_setopt(hnd, CURLOPT_QUOTE, slist1);
-  curl_easy_setopt(hnd, CURLOPT_POSTQUOTE, slist2);
-  curl_easy_setopt(hnd, CURLOPT_PREQUOTE, slist3);
-  curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);
-
-  /* Here is a list of options the curl code used that cannot get generated
-     as source easily. You may choose to either not use them or implement
-     them yourself.
-
-  CURLOPT_DEBUGFUNCTION was set to a function pointer
-  CURLOPT_DEBUGDATA was set to an object pointer
-  CURLOPT_WRITEDATA was set to an object pointer
-  CURLOPT_WRITEFUNCTION was set to a function pointer
-  CURLOPT_READDATA was set to an object pointer
-  CURLOPT_READFUNCTION was set to a function pointer
-  CURLOPT_SEEKDATA was set to an object pointer
-  CURLOPT_SEEKFUNCTION was set to a function pointer
-  CURLOPT_HEADERFUNCTION was set to a function pointer
-  CURLOPT_HEADERDATA was set to an object pointer
-  CURLOPT_ERRORBUFFER was set to an object pointer
-  CURLOPT_STDERR was set to an object pointer
-
-  */
-
-  ret = curl_easy_perform(hnd);
-
-  curl_easy_cleanup(hnd);
-  hnd = NULL;
-  curl_slist_free_all(slist1);
-  slist1 = NULL;
-  curl_slist_free_all(slist2);
-  slist2 = NULL;
-  curl_slist_free_all(slist3);
-  slist3 = NULL;
-
-  return (int)ret;
-}
-/**** End of sample code ****/
-
 
 # CURLOPT_USERAGENT and CURLOPT_MAXREDIRS requires HTTP protocol
 # CURLOPT_INTERLEAVEDATA requires RTSP (HTTP) protocol
@@ -146,5 +77,8 @@ $_ = '' if /CURLOPT_INTERLEAVEDATA/
 $_ = '' if /CURLOPT_SSLVERSION/
 $_ = '' if /CURLOPT_TIMEOUT_MS/
 
+
+%includetext %SRCDIR/data/data1405.c%
+
 
 
diff --git a/tests/data/test1406 b/tests/data/test1406
index 776c880dad..0dfa41839b 100644
--- a/tests/data/test1406
+++ b/tests/data/test1406
@@ -5,7 +5,6 @@
 
 SMTP
 --libcurl
-notxml
 
 
 
@@ -63,67 +62,9 @@ To: another
 body
 .
 
-
-/********* Sample code generated by the curl command line tool **********
- * All curl_easy_setopt() options are documented at:
- * https://curl.se/libcurl/c/curl_easy_setopt.html
- ************************************************************************/
-#include 
-
-int main(int argc, char *argv[])
-{
-  CURLcode ret;
-  CURL *hnd;
-  struct curl_slist *slist1;
-
-  slist1 = NULL;
-  slist1 = curl_slist_append(slist1, "recipient.one@example.com");
-  slist1 = curl_slist_append(slist1, "recipient.two@example.com");
-
-  hnd = curl_easy_init();
-  curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
-  curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
-  curl_easy_setopt(hnd, CURLOPT_URL, "smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER");
-  curl_easy_setopt(hnd, CURLOPT_UPLOAD, 1L);
-  curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);
-  curl_easy_setopt(hnd, CURLOPT_MAIL_FROM, "sender@example.com");
-  curl_easy_setopt(hnd, CURLOPT_MAIL_RCPT, slist1);
-  curl_easy_setopt(hnd, CURLOPT_INFILESIZE_LARGE, (curl_off_t)38);
-
-  /* Here is a list of options the curl code used that cannot get generated
-     as source easily. You may choose to either not use them or implement
-     them yourself.
-
-  CURLOPT_DEBUGFUNCTION was set to a function pointer
-  CURLOPT_DEBUGDATA was set to an object pointer
-  CURLOPT_WRITEDATA was set to an object pointer
-  CURLOPT_WRITEFUNCTION was set to a function pointer
-  CURLOPT_READDATA was set to an object pointer
-  CURLOPT_READFUNCTION was set to a function pointer
-  CURLOPT_SEEKDATA was set to an object pointer
-  CURLOPT_SEEKFUNCTION was set to a function pointer
-  CURLOPT_HEADERFUNCTION was set to a function pointer
-  CURLOPT_HEADERDATA was set to an object pointer
-  CURLOPT_ERRORBUFFER was set to an object pointer
-  CURLOPT_STDERR was set to an object pointer
-
-  */
-
-  ret = curl_easy_perform(hnd);
-
-  curl_easy_cleanup(hnd);
-  hnd = NULL;
-  curl_slist_free_all(slist1);
-  slist1 = NULL;
-
-  return (int)ret;
-}
-/**** End of sample code ****/
-
 
 # These options vary with configurations - just ignore them
 # CURLOPT_INTERLEAVEDATA requires RTSP (HTTP) protocol
-$_ = '' if /CURLOPT_USERAGENT/
 $_ = '' if /CURLOPT_MAXREDIRS/
 $_ = '' if /CURLOPT_SSL_VERIFYPEER/
 $_ = '' if /CURLOPT_SSH_KNOWNHOSTS/
@@ -133,5 +74,8 @@ $_ = '' if /CURLOPT_INTERLEAVEDATA/
 $_ = '' if /CURLOPT_SSLVERSION/
 $_ = '' if /CURLOPT_TIMEOUT_MS/
 
+
+%includetext %SRCDIR/data/data1406.c%
+
 
 
diff --git a/tests/data/test1407 b/tests/data/test1407
index f767622b0b..300b5efdae 100644
--- a/tests/data/test1407
+++ b/tests/data/test1407
@@ -6,7 +6,6 @@ POP3
 Clear Text
 LIST
 --libcurl
-notxml
 
 
 
@@ -50,56 +49,9 @@ PASS secret
 LIST %TESTNUMBER
 QUIT
 
-
-/********* Sample code generated by the curl command line tool **********
- * All curl_easy_setopt() options are documented at:
- * https://curl.se/libcurl/c/curl_easy_setopt.html
- ************************************************************************/
-#include 
-
-int main(int argc, char *argv[])
-{
-  CURLcode ret;
-  CURL *hnd;
-
-  hnd = curl_easy_init();
-  curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
-  curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
-  curl_easy_setopt(hnd, CURLOPT_URL, "pop3://%HOSTIP:%POP3PORT/%TESTNUMBER");
-  curl_easy_setopt(hnd, CURLOPT_DIRLISTONLY, 1L);
-  curl_easy_setopt(hnd, CURLOPT_USERPWD, "user:secret");
-  curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);
-
-  /* Here is a list of options the curl code used that cannot get generated
-     as source easily. You may choose to either not use them or implement
-     them yourself.
-
-  CURLOPT_DEBUGFUNCTION was set to a function pointer
-  CURLOPT_DEBUGDATA was set to an object pointer
-  CURLOPT_WRITEDATA was set to an object pointer
-  CURLOPT_WRITEFUNCTION was set to a function pointer
-  CURLOPT_READDATA was set to an object pointer
-  CURLOPT_READFUNCTION was set to a function pointer
-  CURLOPT_SEEKDATA was set to an object pointer
-  CURLOPT_SEEKFUNCTION was set to a function pointer
-  CURLOPT_HEADERFUNCTION was set to a function pointer
-  CURLOPT_HEADERDATA was set to an object pointer
-  CURLOPT_ERRORBUFFER was set to an object pointer
-  CURLOPT_STDERR was set to an object pointer
-
-  */
-
-  ret = curl_easy_perform(hnd);
-
-  curl_easy_cleanup(hnd);
-  hnd = NULL;
-
-  return (int)ret;
-}
-/**** End of sample code ****/
-
 
 # These options vary with configurations - just ignore them
+# CURLOPT_USERAGENT and CURLOPT_MAXREDIRS requires HTTP protocol
 # CURLOPT_INTERLEAVEDATA requires RTSP (HTTP) protocol
 $_ = '' if /CURLOPT_USERAGENT/
 $_ = '' if /CURLOPT_MAXREDIRS/
@@ -111,5 +63,8 @@ $_ = '' if /CURLOPT_INTERLEAVEDATA/
 $_ = '' if /CURLOPT_SSLVERSION/
 $_ = '' if /CURLOPT_TIMEOUT_MS/
 
+
+%includetext %SRCDIR/data/data1407.c%
+
 
 
diff --git a/tests/data/test1420 b/tests/data/test1420
index 22d918acf5..530cf985bd 100644
--- a/tests/data/test1420
+++ b/tests/data/test1420
@@ -6,7 +6,6 @@ IMAP
 Clear Text
 FETCH
 --libcurl
-notxml
 
 
 
@@ -56,57 +55,9 @@ A003 SELECT %TESTNUMBER
 A004 FETCH 1 BODY[]
 A005 LOGOUT
 
-
-/********* Sample code generated by the curl command line tool **********
- * All curl_easy_setopt() options are documented at:
- * https://curl.se/libcurl/c/curl_easy_setopt.html
- ************************************************************************/
-#include 
-
-int main(int argc, char *argv[])
-{
-  CURLcode ret;
-  CURL *hnd;
-
-  hnd = curl_easy_init();
-  curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
-  curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
-  curl_easy_setopt(hnd, CURLOPT_URL, "imap://%HOSTIP:%IMAPPORT/%TESTNUMBER/;MAILINDEX=1");
-  curl_easy_setopt(hnd, CURLOPT_USERPWD, "user:secret");
-  curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);
-
-  /* Here is a list of options the curl code used that cannot get generated
-     as source easily. You may choose to either not use them or implement
-     them yourself.
-
-  CURLOPT_DEBUGFUNCTION was set to a function pointer
-  CURLOPT_DEBUGDATA was set to an object pointer
-  CURLOPT_WRITEDATA was set to an object pointer
-  CURLOPT_WRITEFUNCTION was set to a function pointer
-  CURLOPT_READDATA was set to an object pointer
-  CURLOPT_READFUNCTION was set to a function pointer
-  CURLOPT_SEEKDATA was set to an object pointer
-  CURLOPT_SEEKFUNCTION was set to a function pointer
-  CURLOPT_HEADERFUNCTION was set to a function pointer
-  CURLOPT_HEADERDATA was set to an object pointer
-  CURLOPT_ERRORBUFFER was set to an object pointer
-  CURLOPT_STDERR was set to an object pointer
-
-  */
-
-  ret = curl_easy_perform(hnd);
-
-  curl_easy_cleanup(hnd);
-  hnd = NULL;
-
-  return (int)ret;
-}
-/**** End of sample code ****/
-
 
 # These options vary with configurations - just ignore them
 # CURLOPT_INTERLEAVEDATA requires RTSP (HTTP) protocol
-$_ = '' if /CURLOPT_USERAGENT/
 $_ = '' if /CURLOPT_MAXREDIRS/
 $_ = '' if /CURLOPT_SSL_VERIFYPEER/
 $_ = '' if /CURLOPT_SSH_KNOWNHOSTS/
@@ -115,5 +66,8 @@ $_ = '' if /CURLOPT_INTERLEAVEDATA/
 $_ = '' if /CURLOPT_SSLVERSION/
 $_ = '' if /CURLOPT_TIMEOUT_MS/
 
+
+%includetext %SRCDIR/data/data1420.c%
+
 
 
diff --git a/tests/data/test1465 b/tests/data/test1465
index b9e85535ba..0026ae3831 100644
--- a/tests/data/test1465
+++ b/tests/data/test1465
@@ -4,7 +4,6 @@
 HTTP
 HTTP POST
 --libcurl
-notxml
 
 
 
@@ -57,7 +56,6 @@ Content-Type: application/x-www-form-urlencoded
 %hex[ab%81cd%00e\"?%0D%0A%09%01fghi%1Ajklm%FD]hex%
 
 
-
 # CURLOPT_SSL_VERIFYPEER, SSH_KNOWNHOSTS and HTTP_VERSION vary with
 # configurations - just ignore them
 $_ = '' if /CURLOPT_SSL_VERIFYPEER/
@@ -68,54 +66,7 @@ $_ = '' if /CURLOPT_SSLVERSION/
 $_ = '' if /CURLOPT_TIMEOUT_MS/
 
 
-/********* Sample code generated by the curl command line tool **********
- * All curl_easy_setopt() options are documented at:
- * https://curl.se/libcurl/c/curl_easy_setopt.html
- ************************************************************************/
-#include 
-
-int main(int argc, char *argv[])
-{
-  CURLcode ret;
-  CURL *hnd;
-
-  hnd = curl_easy_init();
-  curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
-  curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
-  curl_easy_setopt(hnd, CURLOPT_URL, "http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER");
-  curl_easy_setopt(hnd, CURLOPT_POSTFIELDS, "ab\201cd\000e\\\"\?\r\n\t\001fghi\x1ajklm\xfd");
-  curl_easy_setopt(hnd, CURLOPT_POSTFIELDSIZE_LARGE, (curl_off_t)24);
-  curl_easy_setopt(hnd, CURLOPT_USERAGENT, "curl/%VERSION");
-  curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L);
-  curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);
-
-  /* Here is a list of options the curl code used that cannot get generated
-     as source easily. You may choose to either not use them or implement
-     them yourself.
-
-  CURLOPT_DEBUGFUNCTION was set to a function pointer
-  CURLOPT_DEBUGDATA was set to an object pointer
-  CURLOPT_WRITEDATA was set to an object pointer
-  CURLOPT_WRITEFUNCTION was set to a function pointer
-  CURLOPT_READDATA was set to an object pointer
-  CURLOPT_READFUNCTION was set to a function pointer
-  CURLOPT_SEEKDATA was set to an object pointer
-  CURLOPT_SEEKFUNCTION was set to a function pointer
-  CURLOPT_HEADERFUNCTION was set to a function pointer
-  CURLOPT_HEADERDATA was set to an object pointer
-  CURLOPT_ERRORBUFFER was set to an object pointer
-  CURLOPT_STDERR was set to an object pointer
-
-  */
-
-  ret = curl_easy_perform(hnd);
-
-  curl_easy_cleanup(hnd);
-  hnd = NULL;
-
-  return (int)ret;
-}
-/**** End of sample code ****/
+%includetext %SRCDIR/data/data1465.c%
 
 
 
diff --git a/tests/data/test1481 b/tests/data/test1481
index 30b6d420e1..a3e2595450 100644
--- a/tests/data/test1481
+++ b/tests/data/test1481
@@ -4,7 +4,6 @@
 HTTP
 HTTP GET
 --libcurl
-notxml
 
 
 
@@ -52,7 +51,6 @@ Proxy-Connection: Keep-Alive
 
 
 
-s/(USERAGENT, \")[^\"]+/${1}stripped/
 # CURLOPT_SSL_VERIFYPEER, SSH_KNOWNHOSTS and HTTP_VERSION vary with
 # CURLOPT_INTERLEAVEDATA requires RTSP protocol
 # configurations - just ignore them
@@ -64,55 +62,7 @@ $_ = '' if /CURLOPT_INTERLEAVEDATA/
 $_ = '' if /CURLOPT_TIMEOUT_MS/
 
 
-/********* Sample code generated by the curl command line tool **********
- * All curl_easy_setopt() options are documented at:
- * https://curl.se/libcurl/c/curl_easy_setopt.html
- ************************************************************************/
-#include 
-
-int main(int argc, char *argv[])
-{
-  CURLcode ret;
-  CURL *hnd;
-
-  hnd = curl_easy_init();
-  curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L);
-  curl_easy_setopt(hnd, CURLOPT_BUFFERSIZE, 102400L);
-  curl_easy_setopt(hnd, CURLOPT_URL, "http://moo/");
-  curl_easy_setopt(hnd, CURLOPT_PROXY, "http://%HOSTIP:%HTTPPORT");
-  curl_easy_setopt(hnd, CURLOPT_USERAGENT, "stripped");
-  curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L);
-  curl_easy_setopt(hnd, CURLOPT_SSLVERSION, (long)(CURL_SSLVERSION_TLSv1_2 | CURL_SSLVERSION_MAX_TLSv1_3));
-  curl_easy_setopt(hnd, CURLOPT_PROXY_SSLVERSION, (long)CURL_SSLVERSION_TLSv1);
-  curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L);
-
-  /* Here is a list of options the curl code used that cannot get generated
-     as source easily. You may choose to either not use them or implement
-     them yourself.
-
-  CURLOPT_DEBUGFUNCTION was set to a function pointer
-  CURLOPT_DEBUGDATA was set to an object pointer
-  CURLOPT_WRITEDATA was set to an object pointer
-  CURLOPT_WRITEFUNCTION was set to a function pointer
-  CURLOPT_READDATA was set to an object pointer
-  CURLOPT_READFUNCTION was set to a function pointer
-  CURLOPT_SEEKDATA was set to an object pointer
-  CURLOPT_SEEKFUNCTION was set to a function pointer
-  CURLOPT_HEADERFUNCTION was set to a function pointer
-  CURLOPT_HEADERDATA was set to an object pointer
-  CURLOPT_ERRORBUFFER was set to an object pointer
-  CURLOPT_STDERR was set to an object pointer
-
-  */
-
-  ret = curl_easy_perform(hnd);
-
-  curl_easy_cleanup(hnd);
-  hnd = NULL;
-
-  return (int)ret;
-}
-/**** End of sample code ****/
+%includetext %SRCDIR/data/data1481.c%
 
 
 
diff --git a/tests/runner.pm b/tests/runner.pm
index 10be04bd4b..97c62023dd 100644
--- a/tests/runner.pm
+++ b/tests/runner.pm
@@ -101,6 +101,8 @@ use testutil qw(
     logmsg
     runclient
     exerunner
+    subtextfile
+    subchars
     subbase64
     subsha256base64file
     substrippemfile
@@ -367,6 +369,10 @@ sub prepro {
                 $data_crlf = "";
             }
             subvariables(\$s, $testnum, "%");
+            if(subtextfile(\$s)) {
+                subvariables(\$s, $testnum, "%");
+            }
+            subchars(\$s);
             subbase64(\$s);
             subsha256base64file(\$s);
             substrippemfile(\$s);
diff --git a/tests/testutil.pm b/tests/testutil.pm
index 4666770f07..80479a0c75 100644
--- a/tests/testutil.pm
+++ b/tests/testutil.pm
@@ -38,6 +38,8 @@ BEGIN {
         runclientoutput
         setlogfunc
         exerunner
+        subtextfile
+        subchars
         subbase64
         subnewlines
         subsha256base64file
@@ -110,6 +112,25 @@ sub includefile {
     return join("", @a);
 }
 
+sub subtextfile {
+    my ($thing) = @_;
+
+    my $count = ($$thing =~ s/%includetext ([^%]*)%[\n\r]+/includefile($1, 1)/ge);
+
+    return $count > 0;
+}
+
+sub subchars {
+    my ($thing) = @_;
+
+    $$thing =~ s/%SP/ /g;    # space
+    $$thing =~ s/%TAB/\t/g;  # horizontal tab
+    $$thing =~ s/%CR/\r/g;   # carriage return aka \r aka 0x0d
+    $$thing =~ s/%LT//g;
+    $$thing =~ s/%AMP/&/g;
+}
+
 sub subbase64 {
     my ($thing) = @_;
 
@@ -150,16 +171,6 @@ sub subbase64 {
         $$thing =~ s/%%DAYS%%/%alternatives[$d,$d2]/;
     }
 
-    # include a file, expand space macros
-    $$thing =~ s/%includetext ([^%]*)%[\n\r]+/includefile($1, 1)/ge;
-
-    $$thing =~ s/%SP/ /g;    # space
-    $$thing =~ s/%TAB/\t/g;  # horizontal tab
-    $$thing =~ s/%CR/\r/g;   # carriage return aka \r aka 0x0d
-    $$thing =~ s/%LT//g;
-    $$thing =~ s/%AMP/&/g;
-
     # include a file
     $$thing =~ s/%include ([^%]*)%[\n\r]+/includefile($1, 0)/ge;
 }

From cce660693ceddd6006b5775de8e97f1d5a6434d7 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 9 Dec 2025 01:46:06 +0100
Subject: [PATCH 1177/2408] tests/data: use more `%TESTNUMBER` macro for
 previous patch

Follow-up to d75716e4e55c7074566f48d8c03bfd721461e105 #19799
Cherry-picked from #19882
Closes #19885
---
 tests/data/test1400 | 2 +-
 tests/data/test1401 | 2 +-
 tests/data/test1402 | 2 +-
 tests/data/test1403 | 2 +-
 tests/data/test1404 | 2 +-
 tests/data/test1405 | 2 +-
 tests/data/test1406 | 2 +-
 tests/data/test1407 | 2 +-
 tests/data/test1420 | 2 +-
 tests/data/test1465 | 2 +-
 tests/data/test1481 | 2 +-
 11 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/tests/data/test1400 b/tests/data/test1400
index 5b7758fae8..289f357208 100644
--- a/tests/data/test1400
+++ b/tests/data/test1400
@@ -60,7 +60,7 @@ $_ = '' if /CURLOPT_INTERLEAVEDATA/
 $_ = '' if /CURLOPT_TIMEOUT_MS/
 
 
-%includetext %SRCDIR/data/data1400.c%
+%includetext %SRCDIR/data/data%TESTNUMBER.c%
 
 
 
diff --git a/tests/data/test1401 b/tests/data/test1401
index 87ed2e4543..c66517c414 100644
--- a/tests/data/test1401
+++ b/tests/data/test1401
@@ -70,7 +70,7 @@ $_ = '' if /CURLOPT_SSLVERSION/
 $_ = '' if /CURLOPT_TIMEOUT_MS/
 
 
-%includetext %SRCDIR/data/data1401.c%
+%includetext %SRCDIR/data/data%TESTNUMBER.c%
 
 
 
diff --git a/tests/data/test1402 b/tests/data/test1402
index 86eb102045..401daa3ba5 100644
--- a/tests/data/test1402
+++ b/tests/data/test1402
@@ -63,7 +63,7 @@ $_ = '' if /CURLOPT_SSLVERSION/
 $_ = '' if /CURLOPT_TIMEOUT_MS/
 
 
-%includetext %SRCDIR/data/data1402.c%
+%includetext %SRCDIR/data/data%TESTNUMBER.c%
 
 
 
diff --git a/tests/data/test1403 b/tests/data/test1403
index 6627b70aa1..2a9cba0bed 100644
--- a/tests/data/test1403
+++ b/tests/data/test1403
@@ -60,7 +60,7 @@ $_ = '' if /CURLOPT_SSLVERSION/
 $_ = '' if /CURLOPT_TIMEOUT_MS/
 
 
-%includetext %SRCDIR/data/data1403.c%
+%includetext %SRCDIR/data/data%TESTNUMBER.c%
 
 
 
diff --git a/tests/data/test1404 b/tests/data/test1404
index 4471101246..173214c8c1 100644
--- a/tests/data/test1404
+++ b/tests/data/test1404
@@ -106,7 +106,7 @@ $_ = '' if /CURLOPT_TIMEOUT_MS/
 $_ = '' if /\/\* "value" \*\//
 
 
-%includetext %SRCDIR/data/data1404.c%
+%includetext %SRCDIR/data/data%TESTNUMBER.c%
 
 
 
diff --git a/tests/data/test1405 b/tests/data/test1405
index 880f345e72..5464d6ad31 100644
--- a/tests/data/test1405
+++ b/tests/data/test1405
@@ -78,7 +78,7 @@ $_ = '' if /CURLOPT_SSLVERSION/
 $_ = '' if /CURLOPT_TIMEOUT_MS/
 
 
-%includetext %SRCDIR/data/data1405.c%
+%includetext %SRCDIR/data/data%TESTNUMBER.c%
 
 
 
diff --git a/tests/data/test1406 b/tests/data/test1406
index 0dfa41839b..83319c07d9 100644
--- a/tests/data/test1406
+++ b/tests/data/test1406
@@ -75,7 +75,7 @@ $_ = '' if /CURLOPT_SSLVERSION/
 $_ = '' if /CURLOPT_TIMEOUT_MS/
 
 
-%includetext %SRCDIR/data/data1406.c%
+%includetext %SRCDIR/data/data%TESTNUMBER.c%
 
 
 
diff --git a/tests/data/test1407 b/tests/data/test1407
index 300b5efdae..b2da0479ae 100644
--- a/tests/data/test1407
+++ b/tests/data/test1407
@@ -64,7 +64,7 @@ $_ = '' if /CURLOPT_SSLVERSION/
 $_ = '' if /CURLOPT_TIMEOUT_MS/
 
 
-%includetext %SRCDIR/data/data1407.c%
+%includetext %SRCDIR/data/data%TESTNUMBER.c%
 
 
 
diff --git a/tests/data/test1420 b/tests/data/test1420
index 530cf985bd..6194d81e81 100644
--- a/tests/data/test1420
+++ b/tests/data/test1420
@@ -67,7 +67,7 @@ $_ = '' if /CURLOPT_SSLVERSION/
 $_ = '' if /CURLOPT_TIMEOUT_MS/
 
 
-%includetext %SRCDIR/data/data1420.c%
+%includetext %SRCDIR/data/data%TESTNUMBER.c%
 
 
 
diff --git a/tests/data/test1465 b/tests/data/test1465
index 0026ae3831..58f202499f 100644
--- a/tests/data/test1465
+++ b/tests/data/test1465
@@ -66,7 +66,7 @@ $_ = '' if /CURLOPT_SSLVERSION/
 $_ = '' if /CURLOPT_TIMEOUT_MS/
 
 
-%includetext %SRCDIR/data/data1465.c%
+%includetext %SRCDIR/data/data%TESTNUMBER.c%
 
 
 
diff --git a/tests/data/test1481 b/tests/data/test1481
index a3e2595450..4902068955 100644
--- a/tests/data/test1481
+++ b/tests/data/test1481
@@ -62,7 +62,7 @@ $_ = '' if /CURLOPT_INTERLEAVEDATA/
 $_ = '' if /CURLOPT_TIMEOUT_MS/
 
 
-%includetext %SRCDIR/data/data1481.c%
+%includetext %SRCDIR/data/data%TESTNUMBER.c%
 
 
 

From 86f5bd3c6e67809e4feac4df42e422c54277df05 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 21 Aug 2025 13:59:46 +0200
Subject: [PATCH 1178/2408] curl_setup.h: fix `FMT_SOCKET_T` to be unsigned on
 Windows

To match the Windows socket type.

Ref: https://learn.microsoft.com/windows/win32/winsock/socket-data-type-2

Cherry-picked from #18343
Closes #19881
---
 lib/curl_setup.h | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/lib/curl_setup.h b/lib/curl_setup.h
index c4be90b655..829650aee4 100644
--- a/lib/curl_setup.h
+++ b/lib/curl_setup.h
@@ -519,9 +519,13 @@
 #endif
 
 #if SIZEOF_CURL_SOCKET_T < 8
+#ifdef _WIN32
+#  define FMT_SOCKET_T "u"
+#else
 #  define FMT_SOCKET_T "d"
-#elif defined(__MINGW32__)
-#  define FMT_SOCKET_T "zd"
+#endif
+#elif defined(_WIN32)
+#  define FMT_SOCKET_T "zu"
 #else
 #  define FMT_SOCKET_T "qd"
 #endif

From bf70031518ee1e0d222246edf308585fb692371b Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 9 Dec 2025 09:23:35 +0100
Subject: [PATCH 1179/2408] RELEASE-NOTES: synced

---
 RELEASE-NOTES | 64 ++++++++++++++++++++++++++++++++++++++++++---------
 1 file changed, 53 insertions(+), 11 deletions(-)

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index af81fffb90..d34291718a 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -4,7 +4,7 @@ curl and libcurl 8.18.0
  Command line options:         273
  curl_easy_setopt() options:   308
  Public functions in libcurl:  100
- Contributors:                 3556
+ Contributors:                 3557
 
 This release includes the following changes:
 
@@ -17,10 +17,12 @@ This release includes the following changes:
 This release includes the following bugfixes:
 
  o _PROGRESS.md: add the E unit, mention kibibyte [24]
+ o altsvc: make it one malloc instead of three per entry [266]
  o AmigaOS: increase minimum stack size for tool_main [137]
  o apple-sectrust: always ask when `native_ca_store` is in use [162]
  o asyn-ares: handle Curl_dnscache_mk_entry() OOM error [199]
  o asyn-ares: remove hostname free on OOM [122]
+ o asyn-thrdd: fix Curl_async_getaddrinfo() on systems without getaddrinfo [265]
  o asyn-thrdd: release rrname if ares_init_options fails [41]
  o auth: always treat Curl_auth_ntlm_get() returning NULL as OOM [186]
  o autotools: add nettle library detection via pkg-config (for GnuTLS) [178]
@@ -51,8 +53,11 @@ This release includes the following bugfixes:
  o conncontrol: reuse handling [170]
  o connect: reshuffle Curl_timeleft_ms to avoid 'redundant condition' [100]
  o connection: attached transfer count [228]
+ o cookie: allocate the main struct once cookie is fine [259]
+ o cookie: only keep and use the canonical cleaned up path [256]
  o cookie: propagate errors better, cleanup the internal API [118]
  o cookie: return error on OOM [131]
+ o cookie: when parsing a cookie header, delay all allocations until okay [258]
  o cshutdn: acknowledge FD_SETSIZE for shutdown descriptors [25]
  o curl: fix progress meter in parallel mode [15]
  o curl_fopen: do not pass invalid mode flags to `open()` on Windows [84]
@@ -77,6 +82,7 @@ This release includes the following bugfixes:
  o digest_sspi: fix a memory leak on error path [149]
  o digest_sspi: properly free sspi identity [12]
  o DISTROS.md: add OpenBSD [126]
+ o DISTROS: fix a Mageia URL
  o DISTROS: remove broken URLs for buildroot
  o doc: some returned in-memory data may not be altered [196]
  o docs/libcurl: fix C formatting nits [207]
@@ -85,6 +91,7 @@ This release includes the following bugfixes:
  o docs: mention umask need when curl creates files [56]
  o docs: remove dead URLs
  o docs: spell it Rustls with a capital R [181]
+ o docs: switch more URLs to https:// [229]
  o docs: use .example URLs for proxies
  o example: fix formatting nits [232]
  o examples/crawler: fix variable [92]
@@ -95,23 +102,29 @@ This release includes the following bugfixes:
  o examples: tidy-up headers and includes [138]
  o FAQ: fix hackerone URL
  o file: do not pass invalid mode flags to `open()` on upload (Windows) [83]
+ o formdata: validate callback is non-NULL before use [267]
+ o ftp: make EPRT connections non-blocking [268]
  o ftp: refactor a piece of code by merging the repeated part [40]
  o ftp: remove #ifdef for define that is always defined [76]
  o getinfo: improve perf in debug mode [99]
+ o gnutls: add PROFILE_MEDIUM as default [233]
  o gnutls: report accurate error when TLS-SRP is not built-in [18]
  o gtls: add return checks and optimize the code [2]
  o gtls: skip session resumption when verifystatus is set
  o h2/h3: handle methods with spaces [146]
+ o hostcheck: fail wildcard match if host starts with a dot [235]
  o hostip: don't store negative lookup on OOM [61]
  o hostip: make more functions return CURLcode [202]
  o hostip: only store negative response for CURLE_COULDNT_RESOLVE_HOST [183]
  o hsts: propagate and error out correctly on OOM [130]
+ o hsts: use one malloc instead of two per entry [263]
  o http: acknowledge OOM errors from Curl_input_ntlm [185]
  o http: avoid two strdup()s and do minor simplifications [144]
  o http: error on OOM when creating range header [59]
  o http: fix OOM exit in Curl_http_follow [179]
  o http: handle oom error from Curl_input_digest() [192]
  o http: replace atoi use in Curl_http_follow with curlx_str_number [65]
+ o http: return OOM errors from hsts properly [262]
  o http: the :authority header should never contain user+password [147]
  o idn: avoid allocations and wcslen on Windows [247]
  o idn: fix memory leak in `win32_ascii_to_idn()` [173]
@@ -147,7 +160,9 @@ This release includes the following bugfixes:
  o mbedtls: fix potential use of uninitialized `nread` [8]
  o mbedtls: sync format across log messages [213]
  o mbedtls_threadlock: avoid calloc, use array [244]
+ o mdlinkcheck: ignore IP numbers, allow '@' in raw URLs
  o memdebug: add mutex for thread safety [184]
+ o mk-ca-bundle.md: the file format docs URL is permaredirected [188]
  o mk-ca-bundle.pl: default to SHA256 fingerprints with `-t` option [73]
  o mk-ca-bundle.pl: use `open()` with argument list to replace backticks [71]
  o mqtt: reject overly big messages [39]
@@ -156,6 +171,7 @@ This release includes the following bugfixes:
  o multibyte: limit `curlx_convert_*wchar*()` functions to Unicode builds [135]
  o ngtcp2+openssl: fix leak of session [172]
  o ngtcp2: remove the unused Curl_conn_is_ngtcp2 function [85]
+ o noproxy: fix build on systems without IPv6 [264]
  o noproxy: fix ipv6 handling [239]
  o noproxy: replace atoi with curlx_str_number [67]
  o openssl: exit properly on OOM when getting certchain [133]
@@ -180,6 +196,7 @@ This release includes the following bugfixes:
  o rtmp: fix double-free on URL parse errors [27]
  o rtmp: precaution for a potential integer truncation [54]
  o rtmp: stop redefining `setsockopt` system symbol on Windows [211]
+ o runner.pm: run memanalyzer as a Perl module [260]
  o runtests: detect bad libssh differently for test 1459 [11]
  o runtests: drop Python 2 support remains [45]
  o runtests: enable torture testing with threaded resolver [176]
@@ -203,15 +220,18 @@ This release includes the following bugfixes:
  o speedlimit: also reset on send unpausing [197]
  o src: fix formatting nits [246]
  o ssh: tracing and better pollset handling [230]
+ o sspi: fix memory leaks on error paths in `Curl_create_sspi_identity()` [237]
  o sws: fix binding to unix socket on Windows [214]
  o telnet: replace atoi for BINARY handling with curlx_str_number [66]
  o TEST-SUITE.md: correct the man page's path [136]
  o test07_22: fix flakiness [95]
+ o test1475: consistently use %CR in headers [234]
  o test1498: disable 'HTTP PUT from stdin' test on Windows [115]
  o test2045: replace HTML multi-line comment markup with `#` comments [36]
  o test3207: enable memdebug for this test again [249]
  o test363: delete stray character (typo) from a section tag [52]
  o test787: fix possible typo `&` -> `%` in curl option [241]
+ o tests/data: move `--libcurl` output to external data files [34]
  o tests/data: replace hard-coded test numbers with `%TESTNUMBER` [33]
  o tests/data: support using native newlines on disk, drop `.gitattributes` [91]
  o tests/server: do not fall back to original data file in `test2fopen()` [32]
@@ -223,6 +243,7 @@ This release includes the following bugfixes:
  o tftpd: fix/tidy up `open()` mode flags [57]
  o tidy-up: avoid `(())`, clang-format fixes and more [141]
  o tidy-up: move `CURL_UNCONST()` out from macro `curl_unicodefree()` [121]
+ o tidy-up: URLs [182]
  o TODO: remove a mandriva.com reference
  o tool: consider (some) curl_easy_setopt errors fatal [7]
  o tool: log when loading .curlrc in verbose mode [191]
@@ -260,6 +281,7 @@ This release includes the following bugfixes:
  o wolfssl: avoid NULL dereference in OOM situation [77]
  o wolfssl: fix a potential memory leak of session [6]
  o wolfssl: fix cipher list, skip 5.8.4 regression [117]
+ o wolfssl: fix possible assert with `!HAVE_NO_EX` wolfSSL builds [261]
  o wolfssl: simplify wssl_send_earlydata [111]
 
 This release includes the following known bugs:
@@ -284,16 +306,16 @@ advice from friends like these:
 
   Aleksandr Sergeev, Aleksei Bavshin, Andrew Kirillov, BANADDA, boingball,
   Brad King, bttrfl on github, Christian Schmitz, Dan Fandrich,
-  Daniel McCarney, Daniel Stenberg, Deniz Parlak, Fd929c2CE5fA on github,
-  ffath-vo on github, Georg Schulz-Allgaier, Gisle Vanem, Greg Hudson,
-  Jiyong Yang, Juliusz Sosinowicz, Kai Pastor, Leonardo Taccari,
-  letshack9707 on hackerone, Marc Aldorasi, Marcel Raad, Max Faxälv,
-  nait-furry, ncaklovic on github, Nick Korepanov, Omdahake on github,
-  Patrick Monnerat, pelioro on hackerone, Ray Satiro, renovate[bot],
-  Samuel Henrique, st751228051 on github, Stanislav Fort, Stefan Eissing,
-  Sunny, Theo Buehler, Thomas Klausner, Viktor Szakats, Wesley Moore,
-  Xiaoke Wang, Yedaya Katsman
-  (44 contributors)
+  Daniel McCarney, Daniel Stenberg, Denis Goleshchikhin, Deniz Parlak,
+  dependabot[bot], Fabian Keil, Fd929c2CE5fA on github, ffath-vo on github,
+  Georg Schulz-Allgaier, Gisle Vanem, Greg Hudson, Harry Sintonen, Jiyong Yang,
+  Juliusz Sosinowicz, Kai Pastor, Leonardo Taccari, letshack9707 on hackerone,
+  Marc Aldorasi, Marcel Raad, Max Faxälv, nait-furry, ncaklovic on github,
+  Nick Korepanov, Omdahake on github, Patrick Monnerat, pelioro on hackerone,
+  Ray Satiro, renovate[bot], Robert W. Van Kirk, Samuel Henrique,
+  st751228051 on github, Stanislav Fort, Stefan Eissing, Sunny, Theo Buehler,
+  Thomas Klausner, Viktor Szakats, Wesley Moore, Xiaoke Wang, Yedaya Katsman
+  (49 contributors)
 
 References to bug reports and discussions on issues:
 
@@ -330,6 +352,7 @@ References to bug reports and discussions on issues:
  [31] = https://curl.se/bug/?i=19716
  [32] = https://curl.se/bug/?i=19429
  [33] = https://curl.se/bug/?i=19427
+ [34] = https://curl.se/bug/?i=19799
  [35] = https://curl.se/bug/?i=19420
  [36] = https://curl.se/bug/?i=19498
  [37] = https://curl.se/bug/?i=19419
@@ -477,11 +500,13 @@ References to bug reports and discussions on issues:
  [179] = https://curl.se/bug/?i=19705
  [180] = https://curl.se/bug/?i=19704
  [181] = https://curl.se/bug/?i=19702
+ [182] = https://curl.se/bug/?i=19879
  [183] = https://curl.se/bug/?i=19701
  [184] = https://curl.se/bug/?i=19785
  [185] = https://curl.se/bug/?i=19781
  [186] = https://curl.se/bug/?i=19782
  [187] = https://curl.se/bug/?i=19164
+ [188] = https://curl.se/bug/?i=19877
  [189] = https://curl.se/bug/?i=19604
  [190] = https://curl.se/bug/?i=19269
  [191] = https://curl.se/bug/?i=19663
@@ -518,9 +543,14 @@ References to bug reports and discussions on issues:
  [225] = https://curl.se/bug/?i=19754
  [226] = https://curl.se/bug/?i=19751
  [228] = https://curl.se/bug/?i=19836
+ [229] = https://curl.se/bug/?i=19872
  [230] = https://curl.se/bug/?i=19745
  [232] = https://curl.se/bug/?i=19746
+ [233] = https://curl.se/bug/?i=19853
+ [234] = https://curl.se/bug/?i=19870
+ [235] = https://curl.se/bug/?i=19869
  [236] = https://curl.se/bug/?i=19830
+ [237] = https://curl.se/bug/?i=19866
  [238] = https://curl.se/bug/?i=19786
  [239] = https://curl.se/bug/?i=19828
  [240] = https://curl.se/bug/?i=19829
@@ -538,4 +568,16 @@ References to bug reports and discussions on issues:
  [253] = https://curl.se/bug/?i=19800
  [254] = https://curl.se/bug/?i=19808
  [255] = https://curl.se/bug/?i=19803
+ [256] = https://curl.se/bug/?i=19864
  [257] = https://curl.se/bug/?i=19802
+ [258] = https://curl.se/bug/?i=19864
+ [259] = https://curl.se/bug/?i=19864
+ [260] = https://curl.se/bug/?i=19863
+ [261] = https://curl.se/bug/?i=19816
+ [262] = https://curl.se/bug/?i=19862
+ [263] = https://curl.se/bug/?i=19861
+ [264] = https://curl.se/bug/?i=19860
+ [265] = https://github.com/curl/curl/commit/ce06fe7771052549ff430c86173b2eaca91f8a9c#r172215567
+ [266] = https://curl.se/bug/?i=19857
+ [267] = https://curl.se/bug/?i=19858
+ [268] = https://curl.se/bug/?i=19753

From 70d71e8761843ac81e388f15b373bd025d77a4dc Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 9 Dec 2025 01:15:29 +0100
Subject: [PATCH 1180/2408] tests/data: move section data to external files

To make the test files XML-compliant, and the expected results
possibly easier to manage by keeping them in `.md`, `.html`, `.1`
and `.txt` files.

Non-XML-compliant files are down to 31 (1.6%) after this patch.

Closes #19882
---
 .github/scripts/pyspelling.yaml |   2 +-
 .github/scripts/spacecheck.pl   |   1 +
 tests/data/Makefile.am          |   7 +-
 tests/data/data1461.txt         |  21 +++
 tests/data/data1463.txt         |   5 +
 tests/data/data1705-1.md        |  11 ++
 tests/data/data1705-2.md        |  40 +++++
 tests/data/data1705-3.md        |  48 ++++++
 tests/data/data1705-4.md        |  22 +++
 tests/data/data1705-stdout.1    | 126 ++++++++++++++++
 tests/data/data1706-1.md        |  11 ++
 tests/data/data1706-2.md        |  36 +++++
 tests/data/data1706-3.md        |  48 ++++++
 tests/data/data1706-4.md        |  22 +++
 tests/data/data1706-stdout.txt  | 116 +++++++++++++++
 tests/data/data320.html         |  20 +++
 tests/data/test1461             |  23 +--
 tests/data/test1463             |   7 +-
 tests/data/test1464             |   6 +-
 tests/data/test1705             | 253 +-------------------------------
 tests/data/test1706             | 239 +-----------------------------
 tests/data/test320              |  26 +---
 22 files changed, 547 insertions(+), 543 deletions(-)
 create mode 100644 tests/data/data1461.txt
 create mode 100644 tests/data/data1463.txt
 create mode 100644 tests/data/data1705-1.md
 create mode 100644 tests/data/data1705-2.md
 create mode 100644 tests/data/data1705-3.md
 create mode 100644 tests/data/data1705-4.md
 create mode 100644 tests/data/data1705-stdout.1
 create mode 100644 tests/data/data1706-1.md
 create mode 100644 tests/data/data1706-2.md
 create mode 100644 tests/data/data1706-3.md
 create mode 100644 tests/data/data1706-4.md
 create mode 100644 tests/data/data1706-stdout.txt
 create mode 100644 tests/data/data320.html

diff --git a/.github/scripts/pyspelling.yaml b/.github/scripts/pyspelling.yaml
index 8e26b76189..bb0585ab7a 100644
--- a/.github/scripts/pyspelling.yaml
+++ b/.github/scripts/pyspelling.yaml
@@ -30,4 +30,4 @@ matrix:
             - 'strong'
             - 'em'
     sources:
-      - '**/*.md|!docs/BINDINGS.md|!docs/DISTROS.md|!docs/CIPHERS-TLS12.md|!docs/wcurl.md'
+      - '**/*.md|!docs/BINDINGS.md|!docs/DISTROS.md|!docs/CIPHERS-TLS12.md|!docs/wcurl.md|!tests/data/data*.md'
diff --git a/.github/scripts/spacecheck.pl b/.github/scripts/spacecheck.pl
index d0776a97d1..2c3a2e3b0a 100755
--- a/.github/scripts/spacecheck.pl
+++ b/.github/scripts/spacecheck.pl
@@ -31,6 +31,7 @@ my @tabs = (
     "Makefile\\.(am|example)\$",
     "/mkfile",
     "\\.sln\$",
+    "^tests/data/data1706-stdout.txt",
     "^tests/data/test",
 );
 
diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am
index 910dbd6991..140d507d77 100644
--- a/tests/data/Makefile.am
+++ b/tests/data/Makefile.am
@@ -283,6 +283,9 @@ test3200 test3201 test3202 test3203 test3204 test3205 test3206 test3207 test3208
 test3209 test3210 test3211 test3212 test3213 test3214 test3215 test3216 \
 test4000 test4001
 
-EXTRA_DIST = $(TESTCASES) DISABLED data-xml1 \
+EXTRA_DIST = $(TESTCASES) DISABLED data-xml1 data320.html \
+data1461.txt data1463.txt  \
 data1400.c data1401.c data1402.c data1403.c data1404.c data1405.c data1406.c \
-data1407.c data1420.c data1465.c data1481.c
+data1407.c data1420.c data1465.c data1481.c \
+data1705-1.md data1705-2.md data1705-3.md data1705-4.md data1705-stdout.1 \
+data1706-1.md data1706-2.md data1706-3.md data1706-4.md data1706-stdout.txt
diff --git a/tests/data/data1461.txt b/tests/data/data1461.txt
new file mode 100644
index 0000000000..62fe8de989
--- /dev/null
+++ b/tests/data/data1461.txt
@@ -0,0 +1,21 @@
+Usage: curl [options...] 
+ -d, --data            HTTP POST data
+ -f, --fail                  Fail fast with no output on HTTP errors
+ -h, --help         Get help for commands
+ -o, --output          Write to file instead of stdout
+ -O, --remote-name           Write output to file named as remote file
+ -i, --show-headers          Show response headers in output
+ -s, --silent                Silent mode
+ -T, --upload-file     Transfer local FILE to destination
+ -u, --user   Server user and password
+ -A, --user-agent      Send User-Agent  to server
+ -v, --verbose               Make the operation more talkative
+ -V, --version               Show version number and quit
+
+This is not the full help; this menu is split into categories.
+Use "--help category" to get an overview of all categories, which are:
+auth, connection, curl, deprecated, dns, file, ftp, global, http, imap, ldap,%SP
+output, pop3, post, proxy, scp, sftp, smtp, ssh, telnet, tftp, timeout, tls,%SP
+upload, verbose.
+Use "--help all" to list all options
+Use "--help [option]" to view documentation for a given option
diff --git a/tests/data/data1463.txt b/tests/data/data1463.txt
new file mode 100644
index 0000000000..830377fc0d
--- /dev/null
+++ b/tests/data/data1463.txt
@@ -0,0 +1,5 @@
+file: FILE protocol
+     --create-file-mode   File mode for created files
+ -I, --head                     Show document info only
+ -l, --list-only                List only mode
+ -r, --range             Retrieve only the bytes within RANGE
diff --git a/tests/data/data1705-1.md b/tests/data/data1705-1.md
new file mode 100644
index 0000000000..3e06c1b38f
--- /dev/null
+++ b/tests/data/data1705-1.md
@@ -0,0 +1,11 @@
+
+
+# DESCRIPTION
+
+**curl** is a tool for transferring data from or to a server using URLs. It
+supports these protocols: DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS,
+IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP,
+SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS.
+
+curl is powered by libcurl for all transfer-related features. See
+*libcurl(3)* for details.
diff --git a/tests/data/data1705-2.md b/tests/data/data1705-2.md
new file mode 100644
index 0000000000..812862a952
--- /dev/null
+++ b/tests/data/data1705-2.md
@@ -0,0 +1,40 @@
+---
+c: Copyright (C) Daniel Stenberg, , et al.
+SPDX-License-Identifier: curl
+Short: v
+Long: fakeitreal
+Mutexed: trace trace-ascii
+Help: Make the operation more talkative
+Category: important verbose global
+Added: 4.0
+Multi: boolean
+Scope: global
+See-also:
+  - include
+  - silent
+  - trace
+  - trace-ascii
+Example:
+  - --fakeitreal $URL
+---
+
+# `--verbose`
+
+Makes curl verbose during the operation. Useful for debugging and seeing
+what's going on under the hood. A line starting with \> means header data sent
+by curl, \< means header data received by curl that is hidden in normal cases,
+and a line starting with * means additional info provided by curl.
+
+If you only want HTTP headers in the output, --include or --dump-header might
+be more suitable options.
+
+If you think this option still does not give you enough details, consider using
+--trace or --trace-ascii instead.
+
+Note that verbose output of curl activities and network traffic might contain
+sensitive data, including usernames, credentials or secret data content. Be
+aware and be careful when sharing trace logs with others.
+
+End with a quote
+
+    hello
diff --git a/tests/data/data1705-3.md b/tests/data/data1705-3.md
new file mode 100644
index 0000000000..5041962d40
--- /dev/null
+++ b/tests/data/data1705-3.md
@@ -0,0 +1,48 @@
+---
+c: Copyright (C) Daniel Stenberg, , et al.
+SPDX-License-Identifier: curl
+Long: proto
+Arg: 
+Help: Enable/disable PROTOCOLS
+Added: 7.20.2
+Category: connection curl
+Multi: single
+See-also:
+  - fakeitreal
+  - proto-default
+Example:
+  - --proto =http,https,sftp $URL
+---
+
+# `--proto`
+
+Limit what protocols to allow for transfers. Protocols are evaluated left to
+right, are comma separated, and are each a protocol name or 'all', optionally
+prefixed by zero or more modifiers. Available modifiers are:
+
+## +
+Permit this protocol in addition to protocols already permitted (this is
+the default if no modifier is used).
+
+## -
+Deny this protocol, removing it from the list of protocols already permitted.
+
+## =
+Permit only this protocol (ignoring the list already permitted), though
+subject to later modification by subsequent entries in the comma separated
+list.
+
+##
+
+For example: --proto -ftps uses the default protocols, but disables ftps
+
+--proto -all,https,+http only enables http and https
+
+--proto =http,https also only enables http and https
+
+Unknown and disabled protocols produce a warning. This allows scripts to
+safely rely on being able to disable potentially dangerous protocols, without
+relying upon support for that protocol being built into curl to avoid an error.
+
+This option can be used multiple times, in which case the effect is the same
+as concatenating the protocols into one instance of the option.
diff --git a/tests/data/data1705-4.md b/tests/data/data1705-4.md
new file mode 100644
index 0000000000..297b56c4b6
--- /dev/null
+++ b/tests/data/data1705-4.md
@@ -0,0 +1,22 @@
+
+
+# PROXY PROTOCOL PREFIXES
+The proxy string may be specified with a protocol:// prefix to specify
+alternative proxy protocols. (Added in 7.21.7)
+
+If no protocol is specified in the proxy string or if the string does not
+match a supported one, the proxy is treated as an HTTP proxy.
+
+The supported proxy protocol prefixes are as follows:
+## http://
+Makes it use it as an HTTP proxy. The default if no scheme prefix is used.
+## https://
+Makes it treated as an **HTTPS** proxy.
+## socks4://
+Makes it the equivalent of --socks4
+## socks4a://
+Makes it the equivalent of --socks4a
+## socks5://
+Makes it the equivalent of --socks5
+## socks5h://
+Makes it the equivalent of --socks5-hostname
diff --git a/tests/data/data1705-stdout.1 b/tests/data/data1705-stdout.1
new file mode 100644
index 0000000000..f4439a21f1
--- /dev/null
+++ b/tests/data/data1705-stdout.1
@@ -0,0 +1,126 @@
+.\" **************************************************************************
+.\" *                                  _   _ ____  _
+.\" *  Project                     ___| | | |  _ \| |
+.\" *                             / __| | | | |_) | |
+.\" *                            | (__| |_| |  _ <| |___
+.\" *                             \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) Daniel Stenberg, , et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" * SPDX-License-Identifier: curl
+.\" *
+.\" **************************************************************************
+.\"
+.\" DO NOT EDIT. Generated by the curl project managen man page generator.
+.\"
+.TH curl 1 "%DATE" "curl %VERNUM" "curl Manual"
+.SH DESCRIPTION
+\fBcurl\fP is a tool for transferring data from or to a server using URLs. It
+supports these protocols: DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS,
+IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP,
+SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS.
+
+curl is powered by libcurl for all transfer\-related features. See
+\fIlibcurl(3)\fP for details.
+.IP "\-v, \-\-fakeitreal"
+Makes curl verbose during the operation. Useful for debugging and seeing
+what\(aqs going on under the hood. A line starting with > means header data sent
+by curl, < means header data received by curl that is hidden in normal cases,
+and a line starting with * means additional info provided by curl.
+
+If you only want HTTP headers in the output, \fI\-\-include\fP or \fI\-\-dump\-header\fP might
+be more suitable options.
+
+If you think this option still does not give you enough details, consider using
+\fI\-\-trace\fP or \fI\-\-trace\-ascii\fP instead.
+
+Note that verbose output of curl activities and network traffic might contain
+sensitive data, including usernames, credentials or secret data content. Be
+aware and be careful when sharing trace logs with others.
+
+End with a quote
+
+.nf
+hello
+.fi
+
+This option is global and does not need to be specified for each use of \fI\-\-next\fP.
+
+Providing \fI\-\-fakeitreal\fP multiple times has no extra effect.
+Disable it again with \-\-no-fakeitreal.
+
+Example:
+.nf
+curl --fakeitreal https://example.com
+.fi
+
+This option is mutually exclusive with \fI\-\-trace\fP and \fI\-\-trace\-ascii\fP.
+See also \fI\-\-include\fP, \fI\-\-silent\fP, \fI\-\-trace\fP and \fI\-\-trace\-ascii\fP.
+.IP "\-\-proto "
+Limit what protocols to allow for transfers. Protocols are evaluated left to
+right, are comma separated, and are each a protocol name or \(aqall\(aq, optionally
+prefixed by zero or more modifiers. Available modifiers are:
+.RS
+.IP +
+Permit this protocol in addition to protocols already permitted (this is
+the default if no modifier is used).
+.IP -
+Deny this protocol, removing it from the list of protocols already permitted.
+.IP =
+Permit only this protocol (ignoring the list already permitted), though
+subject to later modification by subsequent entries in the comma separated
+list.
+.RE
+.IP
+For example: \fI\-\-proto\fP \-ftps uses the default protocols, but disables ftps
+
+\fI\-\-proto\fP \-all,https,+http only enables http and https
+
+\fI\-\-proto\fP =http,https also only enables http and https
+
+Unknown and disabled protocols produce a warning. This allows scripts to
+safely rely on being able to disable potentially dangerous protocols, without
+relying upon support for that protocol being built into curl to avoid an error.
+
+This option can be used multiple times, in which case the effect is the same
+as concatenating the protocols into one instance of the option.
+
+If \fI\-\-proto\fP is provided several times, the last set value is used.
+
+Example:
+.nf
+curl --proto =http,https,sftp https://example.com
+.fi
+
+See also \fI\-\-fakeitreal\fP and \fI\-\-proto\-default\fP.
+.SH PROXY PROTOCOL PREFIXES
+The proxy string may be specified with a protocol:// prefix to specify
+alternative proxy protocols.
+
+If no protocol is specified in the proxy string or if the string does not
+match a supported one, the proxy is treated as an HTTP proxy.
+
+The supported proxy protocol prefixes are as follows:
+.IP http://
+Makes it use it as an HTTP proxy. The default if no scheme prefix is used.
+.IP https://
+Makes it treated as an \fBHTTPS\fP proxy.
+.IP socks4://
+Makes it the equivalent of \fI\-\-socks4\fP
+.IP socks4a://
+Makes it the equivalent of \fI\-\-socks4a\fP
+.IP socks5://
+Makes it the equivalent of \fI\-\-socks5\fP
+.IP socks5h://
+Makes it the equivalent of \fI\-\-socks5\-hostname\fP
diff --git a/tests/data/data1706-1.md b/tests/data/data1706-1.md
new file mode 100644
index 0000000000..3e06c1b38f
--- /dev/null
+++ b/tests/data/data1706-1.md
@@ -0,0 +1,11 @@
+
+
+# DESCRIPTION
+
+**curl** is a tool for transferring data from or to a server using URLs. It
+supports these protocols: DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS,
+IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP,
+SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS.
+
+curl is powered by libcurl for all transfer-related features. See
+*libcurl(3)* for details.
diff --git a/tests/data/data1706-2.md b/tests/data/data1706-2.md
new file mode 100644
index 0000000000..6665c5b21c
--- /dev/null
+++ b/tests/data/data1706-2.md
@@ -0,0 +1,36 @@
+---
+c: Copyright (C) Daniel Stenberg, , et al.
+SPDX-License-Identifier: curl
+Short: v
+Long: fakeitreal
+Mutexed: trace trace-ascii
+Help: Make the operation more talkative
+Category: important verbose global
+Added: 4.0
+Multi: boolean
+Scope: global
+See-also:
+  - include
+  - silent
+  - trace
+  - trace-ascii
+Example:
+  - --fakeitreal $URL
+---
+
+# `--verbose`
+
+Makes curl verbose during the operation. Useful for debugging and seeing
+what's going on under the hood. A line starting with \> means header data sent
+by curl, \< means header data received by curl that is hidden in normal cases,
+and a line starting with * means additional info provided by curl.
+
+If you only want HTTP headers in the output, --include or --dump-header might
+be more suitable options.
+
+If you think this option still does not give you enough details, consider using
+--trace or --trace-ascii instead.
+
+Note that verbose output of curl activities and network traffic might contain
+sensitive data, including usernames, credentials or secret data content. Be
+aware and be careful when sharing trace logs with others.
diff --git a/tests/data/data1706-3.md b/tests/data/data1706-3.md
new file mode 100644
index 0000000000..5041962d40
--- /dev/null
+++ b/tests/data/data1706-3.md
@@ -0,0 +1,48 @@
+---
+c: Copyright (C) Daniel Stenberg, , et al.
+SPDX-License-Identifier: curl
+Long: proto
+Arg: 
+Help: Enable/disable PROTOCOLS
+Added: 7.20.2
+Category: connection curl
+Multi: single
+See-also:
+  - fakeitreal
+  - proto-default
+Example:
+  - --proto =http,https,sftp $URL
+---
+
+# `--proto`
+
+Limit what protocols to allow for transfers. Protocols are evaluated left to
+right, are comma separated, and are each a protocol name or 'all', optionally
+prefixed by zero or more modifiers. Available modifiers are:
+
+## +
+Permit this protocol in addition to protocols already permitted (this is
+the default if no modifier is used).
+
+## -
+Deny this protocol, removing it from the list of protocols already permitted.
+
+## =
+Permit only this protocol (ignoring the list already permitted), though
+subject to later modification by subsequent entries in the comma separated
+list.
+
+##
+
+For example: --proto -ftps uses the default protocols, but disables ftps
+
+--proto -all,https,+http only enables http and https
+
+--proto =http,https also only enables http and https
+
+Unknown and disabled protocols produce a warning. This allows scripts to
+safely rely on being able to disable potentially dangerous protocols, without
+relying upon support for that protocol being built into curl to avoid an error.
+
+This option can be used multiple times, in which case the effect is the same
+as concatenating the protocols into one instance of the option.
diff --git a/tests/data/data1706-4.md b/tests/data/data1706-4.md
new file mode 100644
index 0000000000..297b56c4b6
--- /dev/null
+++ b/tests/data/data1706-4.md
@@ -0,0 +1,22 @@
+
+
+# PROXY PROTOCOL PREFIXES
+The proxy string may be specified with a protocol:// prefix to specify
+alternative proxy protocols. (Added in 7.21.7)
+
+If no protocol is specified in the proxy string or if the string does not
+match a supported one, the proxy is treated as an HTTP proxy.
+
+The supported proxy protocol prefixes are as follows:
+## http://
+Makes it use it as an HTTP proxy. The default if no scheme prefix is used.
+## https://
+Makes it treated as an **HTTPS** proxy.
+## socks4://
+Makes it the equivalent of --socks4
+## socks4a://
+Makes it the equivalent of --socks4a
+## socks5://
+Makes it the equivalent of --socks5
+## socks5h://
+Makes it the equivalent of --socks5-hostname
diff --git a/tests/data/data1706-stdout.txt b/tests/data/data1706-stdout.txt
new file mode 100644
index 0000000000..b352864a8d
--- /dev/null
+++ b/tests/data/data1706-stdout.txt
@@ -0,0 +1,116 @@
+DESCRIPTION
+
+    curl is a tool  for transferring data  from or to a  server using URLs.  It
+    supports these protocols:  DICT, FILE,  FTP, FTPS,  GOPHER, GOPHERS,  HTTP,
+    HTTPS, IMAP,  IMAPS, LDAP,  LDAPS, MQTT,  POP3, POP3S,  RTMP, RTMPS,  RTSP,
+    SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS.
+
+    curl  is  powered  by  libcurl  for  all  transfer-related  features.   See
+    libcurl(3) for details.
+
+    -v, --fakeitreal
+	    Makes curl verbose during the  operation. Useful for debugging  and
+	    seeing what's  going on  under the  hood. A  line  starting with  >
+	    means header data  sent by curl,  < means  header data received  by
+	    curl that is  hidden in normal  cases, and a  line starting with  *
+	    means additional info provided by curl.
+
+	    If  you  only  want  HTTP  headers  in  the  output,  --include  or
+	    --dump-header might be more suitable options.
+
+	    If you think this  option still does  not give you enough  details,
+	    consider using --trace or --trace-ascii instead.
+
+	    Note that verbose  output of  curl activities  and network  traffic
+	    might contain sensitive data,  including usernames, credentials  or
+	    secret data content.  Be aware  and be careful  when sharing  trace
+	    logs with others.
+
+	    This option is global  and does not need  to be specified for  each
+	    use of --next. Providing --fakeitreal  multiple times has no  extra
+	    effect. Disable it again with --no-fakeitreal.
+
+	    Example:
+	     curl --fakeitreal https://example.com
+
+	    This option is mutually  exclusive with --trace and  --trace-ascii.
+	    See also --include, --silent, --trace and --trace-ascii.
+
+    --proto 
+	    Limit  what  protocols  to  allow  for  transfers.  Protocols   are
+	    evaluated left  to  right, are  comma  separated, and  are  each  a
+	    protocol name  or  'all',  optionally  prefixed  by  zero  or  more
+	    modifiers. Available modifiers are:
+
+	    +
+
+		Permit  this  protocol   in  addition   to  protocols   already
+		permitted (this is the default if no modifier is used).
+
+	    -
+
+		Deny this  protocol, removing  it from  the list  of  protocols
+		already permitted.
+
+	    =
+
+		Permit  only   this  protocol   (ignoring  the   list   already
+		permitted), though subject to later modification by  subsequent
+		entries in the comma separated list.
+
+	    For  example:  --proto  -ftps  uses  the  default  protocols,   but
+	    disables ftps
+
+	    --proto -all,https,+http only enables http and https
+
+	    --proto =http,https also only enables http and https
+
+	    Unknown and  disabled  protocols  produce a  warning.  This  allows
+	    scripts to  safely  rely  on  being  able  to  disable  potentially
+	    dangerous  protocols,  without  relying   upon  support  for   that
+	    protocol being built into curl to avoid an error.
+
+	    This option can be  used multiple times,  in which case the  effect
+	    is the same  as concatenating  the protocols into  one instance  of
+	    the option.  If --proto  is provided  several times,  the last  set
+	    value is used.
+
+	    Example:
+	     curl --proto =http,https,sftp https://example.com
+
+	    See also --fakeitreal and --proto-default.
+
+PROXY PROTOCOL PREFIXES
+
+    The proxy  string may be  specified with  a protocol://  prefix to  specify
+    alternative proxy protocols.
+
+    If no protocol is specified in the  proxy string or if the string does  not
+    match a supported one, the proxy is treated as an HTTP proxy.
+
+    The supported proxy protocol prefixes are as follows:
+
+    http://
+
+	Makes it use it as  an HTTP proxy. The  default if no scheme prefix  is
+	used.
+
+    https://
+
+	Makes it treated as an HTTPS proxy.
+
+    socks4://
+
+	Makes it the equivalent of --socks4
+
+    socks4a://
+
+	Makes it the equivalent of --socks4a
+
+    socks5://
+
+	Makes it the equivalent of --socks5
+
+    socks5h://
+
+	Makes it the equivalent of --socks5-hostname
diff --git a/tests/data/data320.html b/tests/data/data320.html
new file mode 100644
index 0000000000..2756af5f3b
--- /dev/null
+++ b/tests/data/data320.html
@@ -0,0 +1,20 @@
+
+
This is GnuTLS

+
+
+
Session ID: 003030000100000001000000000000000030330001000000B062410001000000

+
If your browser supports session resuming, then you should see the same session ID, when you press the reload button.

+
Connected as user 'jsmith'.

+

+
+
+
+
+
+
Protocol version:TLS1.2
Key Exchange:SRP
CompressionNULL
CipherAES-NNN-CBC
MACSHA1
CiphersuiteSRP_SHA_AES_NNN_CBC_SHA1

+
Your HTTP header was:
Host: localhost:9011%CR
+User-Agent: curl-test-suite%CR
+Accept: */*%CR
+%CR
+

+
diff --git a/tests/data/test1461 b/tests/data/test1461
index f45d0dcd12..27c58bfeea 100644
--- a/tests/data/test1461
+++ b/tests/data/test1461
@@ -2,7 +2,6 @@
 
 
 --help
-notxml
 
 
 
@@ -32,27 +31,7 @@ curl important --help
 0
 
 
-Usage: curl [options...] 
- -d, --data            HTTP POST data
- -f, --fail                  Fail fast with no output on HTTP errors
- -h, --help         Get help for commands
- -o, --output          Write to file instead of stdout
- -O, --remote-name           Write output to file named as remote file
- -i, --show-headers          Show response headers in output
- -s, --silent                Silent mode
- -T, --upload-file     Transfer local FILE to destination
- -u, --user   Server user and password
- -A, --user-agent      Send User-Agent  to server
- -v, --verbose               Make the operation more talkative
- -V, --version               Show version number and quit
-
-This is not the full help; this menu is split into categories.
-Use "--help category" to get an overview of all categories, which are:
-auth, connection, curl, deprecated, dns, file, ftp, global, http, imap, ldap,%SP
-output, pop3, post, proxy, scp, sftp, smtp, ssh, telnet, tftp, timeout, tls,%SP
-upload, verbose.
-Use "--help all" to list all options
-Use "--help [option]" to view documentation for a given option
+%includetext %SRCDIR/data/data%TESTNUMBER.txt%
 
 
 
diff --git a/tests/data/test1463 b/tests/data/test1463
index e67bdfdae4..61168ad303 100644
--- a/tests/data/test1463
+++ b/tests/data/test1463
@@ -3,7 +3,6 @@
 
 FILE
 --help
-notxml
 
 
 
@@ -33,11 +32,7 @@ curl file category --help
 0
 
 
-file: FILE protocol
-     --create-file-mode   File mode for created files
- -I, --head                     Show document info only
- -l, --list-only                List only mode
- -r, --range             Retrieve only the bytes within RANGE
+%includetext %SRCDIR/data/data%TESTNUMBER.txt%
 
 
 
diff --git a/tests/data/test1464 b/tests/data/test1464
index 4a4f6b3633..be0b0c5f4d 100644
--- a/tests/data/test1464
+++ b/tests/data/test1464
@@ -33,11 +33,7 @@ curl file category --help with lower/upper mix
 0
 
 
-file: FILE protocol
-     --create-file-mode   File mode for created files
- -I, --head                     Show document info only
- -l, --list-only                List only mode
- -r, --range             Retrieve only the bytes within RANGE
+%includetext %SRCDIR/data/data1463.txt%
 
 
 
diff --git a/tests/data/test1705 b/tests/data/test1705
index dc21207860..5db0039d82 100644
--- a/tests/data/test1705
+++ b/tests/data/test1705
@@ -4,7 +4,6 @@
 script
 documentation
 managen
-notxml
 
 
 
@@ -23,133 +22,16 @@ _footer.md
 
 
 
-
-
-# DESCRIPTION
-
-**curl** is a tool for transferring data from or to a server using URLs. It
-supports these protocols: DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS,
-IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP,
-SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS.
-
-curl is powered by libcurl for all transfer-related features. See
-*libcurl(3)* for details.
+%includetext %SRCDIR/data/data%TESTNUMBER-1.md%
 
 
----
-c: Copyright (C) Daniel Stenberg, , et al.
-SPDX-License-Identifier: curl
-Short: v
-Long: fakeitreal
-Mutexed: trace trace-ascii
-Help: Make the operation more talkative
-Category: important verbose global
-Added: 4.0
-Multi: boolean
-Scope: global
-See-also:
-  - include
-  - silent
-  - trace
-  - trace-ascii
-Example:
-  - --fakeitreal $URL
----
-
-# `--verbose`
-
-Makes curl verbose during the operation. Useful for debugging and seeing
-what's going on under the hood. A line starting with \> means header data sent
-by curl, \< means header data received by curl that is hidden in normal cases,
-and a line starting with * means additional info provided by curl.
-
-If you only want HTTP headers in the output, --include or --dump-header might
-be more suitable options.
-
-If you think this option still does not give you enough details, consider using
---trace or --trace-ascii instead.
-
-Note that verbose output of curl activities and network traffic might contain
-sensitive data, including usernames, credentials or secret data content. Be
-aware and be careful when sharing trace logs with others.
-
-End with a quote
-
-    hello
+%includetext %SRCDIR/data/data%TESTNUMBER-2.md%
 
 
----
-c: Copyright (C) Daniel Stenberg, , et al.
-SPDX-License-Identifier: curl
-Long: proto
-Arg: 
-Help: Enable/disable PROTOCOLS
-Added: 7.20.2
-Category: connection curl
-Multi: single
-See-also:
-  - fakeitreal
-  - proto-default
-Example:
-  - --proto =http,https,sftp $URL
----
-
-# `--proto`
-
-Limit what protocols to allow for transfers. Protocols are evaluated left to
-right, are comma separated, and are each a protocol name or 'all', optionally
-prefixed by zero or more modifiers. Available modifiers are:
-
-## +
-Permit this protocol in addition to protocols already permitted (this is
-the default if no modifier is used).
-
-## -
-Deny this protocol, removing it from the list of protocols already permitted.
-
-## =
-Permit only this protocol (ignoring the list already permitted), though
-subject to later modification by subsequent entries in the comma separated
-list.
-
-##
-
-For example: --proto -ftps uses the default protocols, but disables ftps
-
---proto -all,https,+http only enables http and https
-
---proto =http,https also only enables http and https
-
-Unknown and disabled protocols produce a warning. This allows scripts to
-safely rely on being able to disable potentially dangerous protocols, without
-relying upon support for that protocol being built into curl to avoid an error.
-
-This option can be used multiple times, in which case the effect is the same
-as concatenating the protocols into one instance of the option.
+%includetext %SRCDIR/data/data%TESTNUMBER-3.md%
 
 
-
-
-# PROXY PROTOCOL PREFIXES
-The proxy string may be specified with a protocol:// prefix to specify
-alternative proxy protocols. (Added in 7.21.7)
-
-If no protocol is specified in the proxy string or if the string does not
-match a supported one, the proxy is treated as an HTTP proxy.
-
-The supported proxy protocol prefixes are as follows:
-## http://
-Makes it use it as an HTTP proxy. The default if no scheme prefix is used.
-## https://
-Makes it treated as an **HTTPS** proxy.
-## socks4://
-Makes it the equivalent of --socks4
-## socks4a://
-Makes it the equivalent of --socks4a
-## socks5://
-Makes it the equivalent of --socks5
-## socks5h://
-Makes it the equivalent of --socks5-hostname
+%includetext %SRCDIR/data/data%TESTNUMBER-4.md%
 
 
 
@@ -168,132 +50,7 @@ WARN: option1.md mutexes a non-existing option: trace-ascii
 option2.md:15:1:WARN: see-also a non-existing option: proto-default
 
 
-.\" **************************************************************************
-.\" *                                  _   _ ____  _
-.\" *  Project                     ___| | | |  _ \| |
-.\" *                             / __| | | | |_) | |
-.\" *                            | (__| |_| |  _ <| |___
-.\" *                             \___|\___/|_| \_\_____|
-.\" *
-.\" * Copyright (C) Daniel Stenberg, , et al.
-.\" *
-.\" * This software is licensed as described in the file COPYING, which
-.\" * you should have received as part of this distribution. The terms
-.\" * are also available at https://curl.se/docs/copyright.html.
-.\" *
-.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
-.\" * copies of the Software, and permit persons to whom the Software is
-.\" * furnished to do so, under the terms of the COPYING file.
-.\" *
-.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
-.\" * KIND, either express or implied.
-.\" *
-.\" * SPDX-License-Identifier: curl
-.\" *
-.\" **************************************************************************
-.\"
-.\" DO NOT EDIT. Generated by the curl project managen man page generator.
-.\"
-.TH curl 1 "%DATE" "curl %VERNUM" "curl Manual"
-.SH DESCRIPTION
-\fBcurl\fP is a tool for transferring data from or to a server using URLs. It
-supports these protocols: DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS,
-IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP,
-SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS.
-
-curl is powered by libcurl for all transfer\-related features. See
-\fIlibcurl(3)\fP for details.
-.IP "\-v, \-\-fakeitreal"
-Makes curl verbose during the operation. Useful for debugging and seeing
-what\(aqs going on under the hood. A line starting with > means header data sent
-by curl, < means header data received by curl that is hidden in normal cases,
-and a line starting with * means additional info provided by curl.
-
-If you only want HTTP headers in the output, \fI\-\-include\fP or \fI\-\-dump\-header\fP might
-be more suitable options.
-
-If you think this option still does not give you enough details, consider using
-\fI\-\-trace\fP or \fI\-\-trace\-ascii\fP instead.
-
-Note that verbose output of curl activities and network traffic might contain
-sensitive data, including usernames, credentials or secret data content. Be
-aware and be careful when sharing trace logs with others.
-
-End with a quote
-
-.nf
-hello
-.fi
-
-This option is global and does not need to be specified for each use of \fI\-\-next\fP.
-
-Providing \fI\-\-fakeitreal\fP multiple times has no extra effect.
-Disable it again with \-\-no-fakeitreal.
-
-Example:
-.nf
-curl --fakeitreal https://example.com
-.fi
-
-This option is mutually exclusive with \fI\-\-trace\fP and \fI\-\-trace\-ascii\fP.
-See also \fI\-\-include\fP, \fI\-\-silent\fP, \fI\-\-trace\fP and \fI\-\-trace\-ascii\fP.
-.IP "\-\-proto "
-Limit what protocols to allow for transfers. Protocols are evaluated left to
-right, are comma separated, and are each a protocol name or \(aqall\(aq, optionally
-prefixed by zero or more modifiers. Available modifiers are:
-.RS
-.IP +
-Permit this protocol in addition to protocols already permitted (this is
-the default if no modifier is used).
-.IP -
-Deny this protocol, removing it from the list of protocols already permitted.
-.IP =
-Permit only this protocol (ignoring the list already permitted), though
-subject to later modification by subsequent entries in the comma separated
-list.
-.RE
-.IP
-For example: \fI\-\-proto\fP \-ftps uses the default protocols, but disables ftps
-
-\fI\-\-proto\fP \-all,https,+http only enables http and https
-
-\fI\-\-proto\fP =http,https also only enables http and https
-
-Unknown and disabled protocols produce a warning. This allows scripts to
-safely rely on being able to disable potentially dangerous protocols, without
-relying upon support for that protocol being built into curl to avoid an error.
-
-This option can be used multiple times, in which case the effect is the same
-as concatenating the protocols into one instance of the option.
-
-If \fI\-\-proto\fP is provided several times, the last set value is used.
-
-Example:
-.nf
-curl --proto =http,https,sftp https://example.com
-.fi
-
-See also \fI\-\-fakeitreal\fP and \fI\-\-proto\-default\fP.
-.SH PROXY PROTOCOL PREFIXES
-The proxy string may be specified with a protocol:// prefix to specify
-alternative proxy protocols.
-
-If no protocol is specified in the proxy string or if the string does not
-match a supported one, the proxy is treated as an HTTP proxy.
-
-The supported proxy protocol prefixes are as follows:
-.IP http://
-Makes it use it as an HTTP proxy. The default if no scheme prefix is used.
-.IP https://
-Makes it treated as an \fBHTTPS\fP proxy.
-.IP socks4://
-Makes it the equivalent of \fI\-\-socks4\fP
-.IP socks4a://
-Makes it the equivalent of \fI\-\-socks4a\fP
-.IP socks5://
-Makes it the equivalent of \fI\-\-socks5\fP
-.IP socks5h://
-Makes it the equivalent of \fI\-\-socks5\-hostname\fP
+%includetext %SRCDIR/data/data%TESTNUMBER-stdout.1%
 
 
 
diff --git a/tests/data/test1706 b/tests/data/test1706
index dd24365d05..cfe6285308 100644
--- a/tests/data/test1706
+++ b/tests/data/test1706
@@ -4,7 +4,6 @@
 script
 documentation
 managen
-notxml
 
 
 
@@ -23,129 +22,16 @@ _footer.md
 
 
 
-
-
-# DESCRIPTION
-
-**curl** is a tool for transferring data from or to a server using URLs. It
-supports these protocols: DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS,
-IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP,
-SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS.
-
-curl is powered by libcurl for all transfer-related features. See
-*libcurl(3)* for details.
+%includetext %SRCDIR/data/data%TESTNUMBER-1.md%
 
 
----
-c: Copyright (C) Daniel Stenberg, , et al.
-SPDX-License-Identifier: curl
-Short: v
-Long: fakeitreal
-Mutexed: trace trace-ascii
-Help: Make the operation more talkative
-Category: important verbose global
-Added: 4.0
-Multi: boolean
-Scope: global
-See-also:
-  - include
-  - silent
-  - trace
-  - trace-ascii
-Example:
-  - --fakeitreal $URL
----
-
-# `--verbose`
-
-Makes curl verbose during the operation. Useful for debugging and seeing
-what's going on under the hood. A line starting with \> means header data sent
-by curl, \< means header data received by curl that is hidden in normal cases,
-and a line starting with * means additional info provided by curl.
-
-If you only want HTTP headers in the output, --include or --dump-header might
-be more suitable options.
-
-If you think this option still does not give you enough details, consider using
---trace or --trace-ascii instead.
-
-Note that verbose output of curl activities and network traffic might contain
-sensitive data, including usernames, credentials or secret data content. Be
-aware and be careful when sharing trace logs with others.
+%includetext %SRCDIR/data/data%TESTNUMBER-2.md%
 
 
----
-c: Copyright (C) Daniel Stenberg, , et al.
-SPDX-License-Identifier: curl
-Long: proto
-Arg: 
-Help: Enable/disable PROTOCOLS
-Added: 7.20.2
-Category: connection curl
-Multi: single
-See-also:
-  - fakeitreal
-  - proto-default
-Example:
-  - --proto =http,https,sftp $URL
----
-
-# `--proto`
-
-Limit what protocols to allow for transfers. Protocols are evaluated left to
-right, are comma separated, and are each a protocol name or 'all', optionally
-prefixed by zero or more modifiers. Available modifiers are:
-
-## +
-Permit this protocol in addition to protocols already permitted (this is
-the default if no modifier is used).
-
-## -
-Deny this protocol, removing it from the list of protocols already permitted.
-
-## =
-Permit only this protocol (ignoring the list already permitted), though
-subject to later modification by subsequent entries in the comma separated
-list.
-
-##
-
-For example: --proto -ftps uses the default protocols, but disables ftps
-
---proto -all,https,+http only enables http and https
-
---proto =http,https also only enables http and https
-
-Unknown and disabled protocols produce a warning. This allows scripts to
-safely rely on being able to disable potentially dangerous protocols, without
-relying upon support for that protocol being built into curl to avoid an error.
-
-This option can be used multiple times, in which case the effect is the same
-as concatenating the protocols into one instance of the option.
+%includetext %SRCDIR/data/data%TESTNUMBER-3.md%
 
 
-
-
-# PROXY PROTOCOL PREFIXES
-The proxy string may be specified with a protocol:// prefix to specify
-alternative proxy protocols. (Added in 7.21.7)
-
-If no protocol is specified in the proxy string or if the string does not
-match a supported one, the proxy is treated as an HTTP proxy.
-
-The supported proxy protocol prefixes are as follows:
-## http://
-Makes it use it as an HTTP proxy. The default if no scheme prefix is used.
-## https://
-Makes it treated as an **HTTPS** proxy.
-## socks4://
-Makes it the equivalent of --socks4
-## socks4a://
-Makes it the equivalent of --socks4a
-## socks5://
-Makes it the equivalent of --socks5
-## socks5h://
-Makes it the equivalent of --socks5-hostname
+%includetext %SRCDIR/data/data%TESTNUMBER-4.md%
 
 
 
@@ -164,122 +50,7 @@ WARN: option1.md mutexes a non-existing option: trace-ascii
 option2.md:15:1:WARN: see-also a non-existing option: proto-default
 
 
-DESCRIPTION
-
-    curl is a tool  for transferring data  from or to a  server using URLs.  It
-    supports these protocols:  DICT, FILE,  FTP, FTPS,  GOPHER, GOPHERS,  HTTP,
-    HTTPS, IMAP,  IMAPS, LDAP,  LDAPS, MQTT,  POP3, POP3S,  RTMP, RTMPS,  RTSP,
-    SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS.
-
-    curl  is  powered  by  libcurl  for  all  transfer-related  features.   See
-    libcurl(3) for details.
-
-    -v, --fakeitreal
-	    Makes curl verbose during the  operation. Useful for debugging  and
-	    seeing what's  going on  under the  hood. A  line  starting with  >
-	    means header data  sent by curl,  < means  header data received  by
-	    curl that is  hidden in normal  cases, and a  line starting with  *
-	    means additional info provided by curl.
-
-	    If  you  only  want  HTTP  headers  in  the  output,  --include  or
-	    --dump-header might be more suitable options.
-
-	    If you think this  option still does  not give you enough  details,
-	    consider using --trace or --trace-ascii instead.
-
-	    Note that verbose  output of  curl activities  and network  traffic
-	    might contain sensitive data,  including usernames, credentials  or
-	    secret data content.  Be aware  and be careful  when sharing  trace
-	    logs with others.
-
-	    This option is global  and does not need  to be specified for  each
-	    use of --next. Providing --fakeitreal  multiple times has no  extra
-	    effect. Disable it again with --no-fakeitreal.
-
-	    Example:
-	     curl --fakeitreal https://example.com
-
-	    This option is mutually  exclusive with --trace and  --trace-ascii.
-	    See also --include, --silent, --trace and --trace-ascii.
-
-    --proto 
-	    Limit  what  protocols  to  allow  for  transfers.  Protocols   are
-	    evaluated left  to  right, are  comma  separated, and  are  each  a
-	    protocol name  or  'all',  optionally  prefixed  by  zero  or  more
-	    modifiers. Available modifiers are:
-
-	    +
-
-		Permit  this  protocol   in  addition   to  protocols   already
-		permitted (this is the default if no modifier is used).
-
-	    -
-
-		Deny this  protocol, removing  it from  the list  of  protocols
-		already permitted.
-
-	    =
-
-		Permit  only   this  protocol   (ignoring  the   list   already
-		permitted), though subject to later modification by  subsequent
-		entries in the comma separated list.
-
-	    For  example:  --proto  -ftps  uses  the  default  protocols,   but
-	    disables ftps
-
-	    --proto -all,https,+http only enables http and https
-
-	    --proto =http,https also only enables http and https
-
-	    Unknown and  disabled  protocols  produce a  warning.  This  allows
-	    scripts to  safely  rely  on  being  able  to  disable  potentially
-	    dangerous  protocols,  without  relying   upon  support  for   that
-	    protocol being built into curl to avoid an error.
-
-	    This option can be  used multiple times,  in which case the  effect
-	    is the same  as concatenating  the protocols into  one instance  of
-	    the option.  If --proto  is provided  several times,  the last  set
-	    value is used.
-
-	    Example:
-	     curl --proto =http,https,sftp https://example.com
-
-	    See also --fakeitreal and --proto-default.
-
-PROXY PROTOCOL PREFIXES
-
-    The proxy  string may be  specified with  a protocol://  prefix to  specify
-    alternative proxy protocols.
-
-    If no protocol is specified in the  proxy string or if the string does  not
-    match a supported one, the proxy is treated as an HTTP proxy.
-
-    The supported proxy protocol prefixes are as follows:
-
-    http://
-
-	Makes it use it as  an HTTP proxy. The  default if no scheme prefix  is
-	used.
-
-    https://
-
-	Makes it treated as an HTTPS proxy.
-
-    socks4://
-
-	Makes it the equivalent of --socks4
-
-    socks4a://
-
-	Makes it the equivalent of --socks4a
-
-    socks5://
-
-	Makes it the equivalent of --socks5
-
-    socks5h://
-
-	Makes it the equivalent of --socks5-hostname
+%includetext %SRCDIR/data/data%TESTNUMBER-stdout.txt%
 
 
 
diff --git a/tests/data/test320 b/tests/data/test320
index 0967823d38..ca68674571 100644
--- a/tests/data/test320
+++ b/tests/data/test320
@@ -11,31 +11,7 @@ notxml
 # Server-side
 
 
-HTTP/1.0 200 OK%CR
-Content-type: text/html%CR
-%CR
-
-
-
This is GnuTLS

-
-
-
Session ID: 003030000100000001000000000000000030330001000000B062410001000000

-
If your browser supports session resuming, then you should see the same session ID, when you press the reload button.

-
Connected as user 'jsmith'.

-

-
-
-
-
-
-
Protocol version:TLS1.2
Key Exchange:SRP
CompressionNULL
CipherAES-NNN-CBC
MACSHA1
CiphersuiteSRP_SHA_AES_NNN_CBC_SHA1

-
Your HTTP header was:
Host: localhost:9011%CR
-User-Agent: curl-test-suite%CR
-Accept: */*%CR
-%CR
-

-
-
+%includetext %SRCDIR/data/data%TESTNUMBER.html%
 
 
 

From 4c3614304faf07a643ca060eeccde21c8896940b Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 9 Dec 2025 09:58:48 +0100
Subject: [PATCH 1181/2408] headers: add length argument to Curl_headers_push()

- the length is already known by parent functions
- avoids strlen() calls
- avoids strchr() calls for trimming off newline characters

Closes #19886
---
 lib/headers.c | 25 +++++++++++++------------
 lib/headers.h |  4 ++--
 lib/http2.c   |  7 ++++---
 3 files changed, 19 insertions(+), 17 deletions(-)

diff --git a/lib/headers.c b/lib/headers.c
index 7cf215c080..46de5d107b 100644
--- a/lib/headers.c
+++ b/lib/headers.c
@@ -266,30 +266,31 @@ static CURLcode unfold_value(struct Curl_easy *data, const char *value,
 
 /*
  * Curl_headers_push() gets passed a full HTTP header to store. It gets called
- * immediately before the header callback. The header is CRLF terminated.
+ * immediately before the header callback. The header is CRLF, CR or LF
+ * terminated.
  */
 CURLcode Curl_headers_push(struct Curl_easy *data, const char *header,
+                           size_t hlen, /* length of header */
                            unsigned char type)
 {
   char *value = NULL;
   char *name = NULL;
-  char *end;
-  size_t hlen; /* length of the incoming header */
   struct Curl_header_store *hs;
   CURLcode result = CURLE_OUT_OF_MEMORY;
+  const size_t ilen = hlen;
 
   if((header[0] == '\r') || (header[0] == '\n'))
     /* ignore the body separator */
     return CURLE_OK;
 
-  end = strchr(header, '\r');
-  if(!end) {
-    end = strchr(header, '\n');
-    if(!end)
-      /* neither CR nor LF as terminator is not a valid header */
-      return CURLE_WEIRD_SERVER_REPLY;
-  }
-  hlen = end - header;
+  /* trim off newline characters */
+  if(hlen && (header[hlen - 1] == '\n'))
+    hlen--;
+  if(hlen && (header[hlen - 1] == '\r'))
+    hlen--;
+  if(hlen == ilen)
+    /* neither CR nor LF as terminator is not a valid header */
+    return CURLE_WEIRD_SERVER_REPLY;
 
   if((header[0] == ' ') || (header[0] == '\t')) {
     if(data->state.prevhead)
@@ -359,7 +360,7 @@ static CURLcode hds_cw_collect_write(struct Curl_easy *data,
        (type & CLIENTWRITE_1XX ? CURLH_1XX :
         (type & CLIENTWRITE_TRAILER ? CURLH_TRAILER :
          CURLH_HEADER)));
-    CURLcode result = Curl_headers_push(data, buf, htype);
+    CURLcode result = Curl_headers_push(data, buf, blen, htype);
     CURL_TRC_WRITE(data, "header_collect pushed(type=%x, len=%zu) -> %d",
                    htype, blen, result);
     if(result)
diff --git a/lib/headers.h b/lib/headers.h
index 7249355f0c..adb03af75b 100644
--- a/lib/headers.h
+++ b/lib/headers.h
@@ -46,7 +46,7 @@ CURLcode Curl_headers_init(struct Curl_easy *data);
  * Curl_headers_push() gets passed a full header to store.
  */
 CURLcode Curl_headers_push(struct Curl_easy *data, const char *header,
-                           unsigned char type);
+                           size_t hlen, unsigned char type);
 
 /*
  * Curl_headers_cleanup(). Free all stored headers and associated memory.
@@ -55,7 +55,7 @@ CURLcode Curl_headers_cleanup(struct Curl_easy *data);
 
 #else
 #define Curl_headers_init(x)       CURLE_OK
-#define Curl_headers_push(x, y, z) CURLE_OK
+#define Curl_headers_push(x,y,z,a) CURLE_OK
 #define Curl_headers_cleanup(x)    Curl_nop_stmt
 #endif
 
diff --git a/lib/http2.c b/lib/http2.c
index deed6ece7e..83b9280b2a 100644
--- a/lib/http2.c
+++ b/lib/http2.c
@@ -1664,15 +1664,16 @@ static int on_header(nghttp2_session *session, const nghttp2_frame *frame,
      memcmp(HTTP_PSEUDO_STATUS, name, namelen) == 0) {
     /* nghttp2 guarantees :status is received first and only once. */
     char buffer[32];
+    size_t hlen;
     result = Curl_http_decode_status(&stream->status_code,
                                      (const char *)value, valuelen);
     if(result) {
       cf_h2_header_error(cf, data_s, stream, result);
       return NGHTTP2_ERR_CALLBACK_FAILURE;
     }
-    curl_msnprintf(buffer, sizeof(buffer), HTTP_PSEUDO_STATUS ":%u\r",
-                   stream->status_code);
-    result = Curl_headers_push(data_s, buffer, CURLH_PSEUDO);
+    hlen = curl_msnprintf(buffer, sizeof(buffer), HTTP_PSEUDO_STATUS ":%u\r",
+                          stream->status_code);
+    result = Curl_headers_push(data_s, buffer, hlen, CURLH_PSEUDO);
     if(result) {
       cf_h2_header_error(cf, data_s, stream, result);
       return NGHTTP2_ERR_CALLBACK_FAILURE;

From 43c781a1162f9be92b4a938660da62a02039b2b3 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 9 Dec 2025 10:04:34 +0100
Subject: [PATCH 1182/2408] imap: check buffer length before accessing it

Pointed out by ZeroPath

Closes #19887
---
 lib/imap.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib/imap.c b/lib/imap.c
index cbc4506a9d..05d195ec58 100644
--- a/lib/imap.c
+++ b/lib/imap.c
@@ -1308,13 +1308,13 @@ static CURLcode imap_state_select_resp(struct Curl_easy *data,
                                        imapstate instate)
 {
   CURLcode result = CURLE_OK;
-  const char *line = curlx_dyn_ptr(&imapc->pp.recvbuf);
-
   (void)instate;
 
   if(imapcode == '*') {
     /* See if this is an UIDVALIDITY response */
-    if(checkprefix("OK [UIDVALIDITY ", line + 2)) {
+    const char *line = curlx_dyn_ptr(&imapc->pp.recvbuf);
+    size_t len = curlx_dyn_len(&imapc->pp.recvbuf);
+    if((len >= 18) && checkprefix("OK [UIDVALIDITY ", &line[2])) {
       curl_off_t value;
       const char *p = &line[2] + strlen("OK [UIDVALIDITY ");
       if(!curlx_str_number(&p, &value, UINT_MAX)) {

From 3dd1ffdeb0efc1b222383102a2fc328ddb850fce Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Mon, 8 Dec 2025 13:07:49 +0100
Subject: [PATCH 1183/2408] FAQ/TODO/KNOWN_BUGS: convert to markdown

- convert to markdown
- auto-generate the TOCs on the website, remove them from the docs
- cleanups
- spellchecked
- updated links

Closes #19875
---
 .github/scripts/badwords.ok      |    2 +-
 .github/scripts/pyspelling.words |   15 +
 .github/workflows/checkdocs.yml  |    2 +-
 README                           |    3 +-
 REUSE.toml                       |    3 -
 docs/FAQ                         | 1559 ------------------------------
 docs/FAQ.md                      | 1432 +++++++++++++++++++++++++++
 docs/KNOWN_BUGS                  |  663 -------------
 docs/KNOWN_BUGS.md               |  546 +++++++++++
 docs/Makefile.am                 |    7 +-
 docs/TODO                        | 1301 -------------------------
 docs/TODO.md                     | 1111 +++++++++++++++++++++
 packages/OS400/makefile.sh       |    2 +-
 scripts/mdlinkcheck              |    2 +-
 14 files changed, 3114 insertions(+), 3534 deletions(-)
 delete mode 100644 docs/FAQ
 create mode 100644 docs/FAQ.md
 delete mode 100644 docs/KNOWN_BUGS
 create mode 100644 docs/KNOWN_BUGS.md
 delete mode 100644 docs/TODO
 create mode 100644 docs/TODO.md

diff --git a/.github/scripts/badwords.ok b/.github/scripts/badwords.ok
index d5401a8228..fe2d9cfaf1 100644
--- a/.github/scripts/badwords.ok
+++ b/.github/scripts/badwords.ok
@@ -4,4 +4,4 @@
 #
 # whitelisted uses of bad words
 # file:[line]:rule
-docs/FAQ::\bwill\b
+docs/FAQ.md::\bwill\b
diff --git a/.github/scripts/pyspelling.words b/.github/scripts/pyspelling.words
index 984424200b..6b755d2043 100644
--- a/.github/scripts/pyspelling.words
+++ b/.github/scripts/pyspelling.words
@@ -53,6 +53,7 @@ axTLS
 backend
 backends
 backoff
+backtick
 backticks
 balancers
 Baratov
@@ -171,8 +172,10 @@ dbg
 Debian
 DEBUGBUILD
 decrypt
+decrypted
 decrypting
 deepcode
+defacto
 DELE
 DER
 dereference
@@ -201,6 +204,7 @@ DLLs
 DNS
 dns
 dnsop
+DNSSEC
 DoH
 DoT
 doxygen
@@ -214,6 +218,7 @@ dynbuf
 EAGAIN
 EBCDIC
 ECC
+ECCN
 ECDHE
 ECH
 ECHConfig
@@ -258,6 +263,7 @@ Fedora
 Feltzing
 ffi
 filesize
+filesystem
 FindCURL
 FLOSS
 fnmatch
@@ -299,6 +305,7 @@ Ghedini
 giga
 Gisle
 Glesys
+glibc
 globbed
 globbing
 gmail
@@ -380,6 +387,7 @@ imap
 IMAPS
 imaps
 impacket
+implementers
 init
 initializer
 inlined
@@ -433,6 +441,7 @@ ldap
 LDAPS
 ldaps
 LF
+LGPL
 LGTM
 libbacktrace
 libbrotlidec
@@ -568,6 +577,7 @@ Necko
 NetBSD
 netrc
 netstat
+NetWare
 Netware
 NFS
 nghttp
@@ -711,6 +721,7 @@ ROADMAP
 Roadmap
 Rockbox
 roffit
+RPC
 RPG
 RR
 RRs
@@ -798,6 +809,7 @@ sprintf
 src
 SRP
 SRWLOCK
+SSI
 SSL
 ssl
 SSLeay
@@ -962,8 +974,10 @@ wcurl
 WebDAV
 WebOS
 webpage
+webpages
 WebSocket
 WEBSOCKET
+Wget
 WHATWG
 whitespace
 Whitespaces
@@ -982,6 +996,7 @@ www
 Xbox
 XDG
 xdigit
+XHTML
 Xilinx
 xmllint
 XP
diff --git a/.github/workflows/checkdocs.yml b/.github/workflows/checkdocs.yml
index ba3858f66c..a079aeaa70 100644
--- a/.github/workflows/checkdocs.yml
+++ b/.github/workflows/checkdocs.yml
@@ -138,7 +138,7 @@ jobs:
           persist-credentials: false
 
       - name: 'badwords'
-        run: .github/scripts/badwords.pl -w .github/scripts/badwords.ok '**.md' docs/FAQ docs/KNOWN_BUGS docs/TODO packages/OS400/README.OS400 < .github/scripts/badwords.txt
+        run: .github/scripts/badwords.pl -w .github/scripts/badwords.ok '**.md' packages/OS400/README.OS400 < .github/scripts/badwords.txt
 
       - name: 'verify synopsis'
         run: .github/scripts/verify-synopsis.pl docs/libcurl/curl*.md
diff --git a/README b/README
index 2f68ef0c9f..9401434b48 100644
--- a/README
+++ b/README
@@ -15,7 +15,8 @@ README
   available to be used by your software. Read the libcurl.3 man page to
   learn how.
 
-  You find answers to the most frequent questions we get in the FAQ document.
+  You find answers to the most frequent questions we get in the FAQ.md
+  document.
 
   Study the COPYING file for distribution terms.
 
diff --git a/REUSE.toml b/REUSE.toml
index e9e9ecf03d..e341973ad3 100644
--- a/REUSE.toml
+++ b/REUSE.toml
@@ -13,14 +13,11 @@ SPDX-PackageDownloadLocation = "https://curl.se/"
 
 [[annotations]]
 path = [
-  "docs/FAQ",
   "docs/INSTALL",
-  "docs/KNOWN_BUGS",
   "docs/libcurl/symbols-in-versions",
   "docs/MAIL-ETIQUETTE",
   "docs/options-in-versions",
   "docs/THANKS",
-  "docs/TODO",
   "lib/libcurl.vers.in",
   "lib/libcurl.def",
   "packages/OS400/README.OS400",
diff --git a/docs/FAQ b/docs/FAQ
deleted file mode 100644
index ef93c91c41..0000000000
--- a/docs/FAQ
+++ /dev/null
@@ -1,1559 +0,0 @@
-                                  _   _ ____  _
-                              ___| | | |  _ \| |
-                             / __| | | | |_) | |
-                            | (__| |_| |  _ <| |___
-                             \___|\___/|_| \_\_____|
-
-FAQ
-
- 1. Philosophy
-  1.1 What is curl?
-  1.2 What is libcurl?
-  1.3 What is curl not?
-  1.4 When will you make curl do XXXX ?
-  1.5 Who makes curl?
-  1.6 What do you get for making curl?
-  1.7 What about CURL from curl.com?
-  1.8 I have a problem, who do I mail?
-  1.9 Where do I buy commercial support for curl?
-  1.10 How many are using curl?
-  1.11 Why do you not update ca-bundle.crt
-  1.12 I have a problem, who can I chat with?
-  1.13 curl's ECCN number?
-  1.14 How do I submit my patch?
-  1.15 How do I port libcurl to my OS?
-
- 2. Install Related Problems
-  2.1 configure fails when using static libraries
-  2.2 Does curl work/build with other SSL libraries?
-  2.3 How do I upgrade curl.exe in Windows?
-  2.4 Does curl support SOCKS (RFC 1928) ?
-
- 3. Usage Problems
-  3.1 curl: (1) SSL is disabled, https: not supported
-  3.2 How do I tell curl to resume a transfer?
-  3.3 Why does my posting using -F not work?
-  3.4 How do I tell curl to run custom FTP commands?
-  3.5 How can I disable the Accept: */* header?
-  3.6 Does curl support ASP, XML, XHTML or HTML version Y?
-  3.7 Can I use curl to delete/rename a file through FTP?
-  3.8 How do I tell curl to follow HTTP redirects?
-  3.9 How do I use curl in my favorite programming language?
-  3.10 What about SOAP, WebDAV, XML-RPC or similar protocols over HTTP?
-  3.11 How do I POST with a different Content-Type?
-  3.12 Why do FTP-specific features over HTTP proxy fail?
-  3.13 Why do my single/double quotes fail?
-  3.14 Does curl support JavaScript or PAC (automated proxy config)?
-  3.15 Can I do recursive fetches with curl?
-  3.16 What certificates do I need when I use SSL?
-  3.17 How do I list the root directory of an FTP server?
-  3.18 Can I use curl to send a POST/PUT and not wait for a response?
-  3.19 How do I get HTTP from a host using a specific IP address?
-  3.20 How to SFTP from my user's home directory?
-  3.21 Protocol xxx not supported or disabled in libcurl
-  3.22 curl -X gives me HTTP problems
-
- 4. Running Problems
-  4.2 Why do I get problems when I use & or % in the URL?
-  4.3 How can I use {, }, [ or ] to specify multiple URLs?
-  4.4 Why do I get downloaded data even though the webpage does not exist?
-  4.5 Why do I get return code XXX from an HTTP server?
-   4.5.1 "400 Bad Request"
-   4.5.2 "401 Unauthorized"
-   4.5.3 "403 Forbidden"
-   4.5.4 "404 Not Found"
-   4.5.5 "405 Method Not Allowed"
-   4.5.6 "301 Moved Permanently"
-  4.6 Can you tell me what error code 142 means?
-  4.7 How do I keep usernames and passwords secret in curl command lines?
-  4.8 I found a bug
-  4.9 curl cannot authenticate to a server that requires NTLM?
-  4.10 My HTTP request using HEAD, PUT or DELETE does not work
-  4.11 Why do my HTTP range requests return the full document?
-  4.12 Why do I get "certificate verify failed" ?
-  4.13 Why is curl -R on Windows one hour off?
-  4.14 Redirects work in browser but not with curl
-  4.15 FTPS does not work
-  4.16 My HTTP POST or PUT requests are slow
-  4.17 Non-functional connect timeouts on Windows
-  4.18 file:// URLs containing drive letters (Windows, NetWare)
-  4.19 Why does not curl return an error when the network cable is unplugged?
-  4.20 curl does not return error for HTTP non-200 responses
-
- 5. libcurl Issues
-  5.1 Is libcurl thread-safe?
-  5.2 How can I receive all data into a large memory chunk?
-  5.3 How do I fetch multiple files with libcurl?
-  5.4 Does libcurl do Winsock initialization on Win32 systems?
-  5.5 Does CURLOPT_WRITEDATA and CURLOPT_READDATA work on Win32 ?
-  5.6 What about Keep-Alive or persistent connections?
-  5.7 Link errors when building libcurl on Windows
-  5.8 libcurl.so.X: open failed: No such file or directory
-  5.9 How does libcurl resolve hostnames?
-  5.10 How do I prevent libcurl from writing the response to stdout?
-  5.11 How do I make libcurl not receive the whole HTTP response?
-  5.12 Can I make libcurl fake or hide my real IP address?
-  5.13 How do I stop an ongoing transfer?
-  5.14 Using C++ non-static functions for callbacks?
-  5.15 How do I get an FTP directory listing?
-  5.16 I want a different time-out
-  5.17 Can I write a server with libcurl?
-  5.18 Does libcurl use threads?
-
- 6. License Issues
-  6.1 I have a GPL program, can I use the libcurl library?
-  6.2 I have a closed-source program, can I use the libcurl library?
-  6.3 I have a BSD licensed program, can I use the libcurl library?
-  6.4 I have a program that uses LGPL libraries, can I use libcurl?
-  6.5 Can I modify curl/libcurl for my program and keep the changes secret?
-  6.6 Can you please change the curl/libcurl license to XXXX?
-  6.7 What are my obligations when using libcurl in my commercial apps?
-
- 7. PHP/CURL Issues
-  7.1 What is PHP/CURL?
-  7.2 Who wrote PHP/CURL?
-  7.3 Can I perform multiple requests using the same handle?
-  7.4 Does PHP/CURL have dependencies?
-
- 8. Development
-  8.1 Why does curl use C89?
-  8.2 Will curl be rewritten?
-
-==============================================================================
-
-1. Philosophy
-
-  1.1 What is curl?
-
-  curl is the name of the project. The name is a play on 'Client for URLs',
-  originally with URL spelled in uppercase to make it obvious it deals with
-  URLs. The fact it can also be read as 'see URL' also helped, it works as
-  an abbreviation for "Client URL Request Library" or why not the recursive
-  version: "curl URL Request Library".
-
-  The curl project produces two products:
-
-  libcurl
-
-    A client-side URL transfer library, supporting DICT, FILE, FTP, FTPS,
-    GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S,
-    RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS
-    and WSS.
-
-    libcurl supports HTTPS certificates, HTTP POST, HTTP PUT, FTP uploading,
-    Kerberos, SPNEGO, HTTP form based upload, proxies, cookies, user+password
-    authentication, file transfer resume, http proxy tunneling and more.
-
-    libcurl is highly portable, it builds and works identically on numerous
-    platforms, including Solaris, NetBSD, FreeBSD, OpenBSD, Darwin, HP-UX,
-    IRIX, AIX, Tru64, Linux, UnixWare, HURD, Windows, Amiga, OS/2, macOS,
-    Ultrix, QNX, OpenVMS, RISC OS, Novell NetWare, DOS, Symbian, OSF, Android,
-    Minix, IBM TPF and more...
-
-    libcurl is free, thread-safe, IPv6 compatible, feature rich, well
-    supported and fast.
-
-  curl
-
-    A command line tool for getting or sending data using URL syntax.
-
-    Since curl uses libcurl, curl supports the same wide range of common
-    Internet protocols that libcurl does.
-
-  We pronounce curl with an initial k sound. It rhymes with words like girl
-  and earl. This is a short WAV file to help you:
-
-     https://media.merriam-webster.com/soundc11/c/curl0001.wav
-
-  There are numerous sub-projects and related projects that also use the word
-  curl in the project names in various combinations, but you should take
-  notice that this FAQ is directed at the command-line tool named curl (and
-  libcurl the library), and may therefore not be valid for other curl-related
-  projects. (There is however a small section for the PHP/CURL in this FAQ.)
-
-  1.2 What is libcurl?
-
-  libcurl is a reliable and portable library for doing Internet data transfers
-  using one or more of its supported Internet protocols.
-
-  You can use libcurl freely in your application, be it open source,
-  commercial or closed-source.
-
-  libcurl is most probably the most portable, most powerful and most often
-  used C-based multi-platform file transfer library on this planet - be it
-  open source or commercial.
-
-  1.3 What is curl not?
-
-  curl is not a wget clone. That is a common misconception. Never, during
-  curl's development, have we intended curl to replace wget or compete on its
-  market. curl is targeted at single-shot file transfers.
-
-  curl is not a website mirroring program. If you want to use curl to mirror
-  something: fine, go ahead and write a script that wraps around curl or use
-  libcurl to make it reality.
-
-  curl is not an FTP site mirroring program. Sure, get and send FTP with curl
-  but if you want systematic and sequential behavior you should write a
-  script (or write a new program that interfaces libcurl) and do it.
-
-  curl is not a PHP tool, even though it works perfectly well when used from
-  or with PHP (when using the PHP/CURL module).
-
-  curl is not a program for a single operating system. curl exists, compiles,
-  builds and runs under a wide range of operating systems, including all
-  modern Unixes (and a bunch of older ones too), Windows, Amiga, OS/2, macOS,
-  QNX etc.
-
-  1.4 When will you make curl do XXXX ?
-
-  We love suggestions of what to change in order to make curl and libcurl
-  better. We do however believe in a few rules when it comes to the future of
-  curl:
-
-  curl -- the command line tool -- is to remain a non-graphical command line
-  tool. If you want GUIs or fancy scripting capabilities, you should look for
-  another tool that uses libcurl.
-
-  We do not add things to curl that other small and available tools already do
-  well at the side. curl's output can be piped into another program or
-  redirected to another file for the next program to interpret.
-
-  We focus on protocol related issues and improvements. If you want to do more
-  magic with the supported protocols than curl currently does, chances are
-  good we will agree. If you want to add more protocols, we may agree.
-
-  If you want someone else to do all the work while you wait for us to
-  implement it for you, that is not a friendly attitude. We spend a
-  considerable time already on maintaining and developing curl. In order to
-  get more out of us, you should consider trading in some of your time and
-  effort in return. Simply go to the GitHub repository which resides at
-  https://github.com/curl/curl, fork the project, and create pull requests
-  with your proposed changes.
-
-  If you write the code, chances are better that it will get into curl faster.
-
-  1.5 Who makes curl?
-
-  curl and libcurl are not made by any single individual. Daniel Stenberg is
-  project leader and main developer, but other persons' submissions are
-  important and crucial. Anyone can contribute and post their changes and
-  improvements and have them inserted in the main sources (of course on the
-  condition that developers agree that the fixes are good).
-
-  The full list of all contributors is found in the docs/THANKS file.
-
-  curl is developed by a community, with Daniel at the wheel.
-
-  1.6 What do you get for making curl?
-
-  Project curl is entirely free and open. We do this voluntarily, mostly in
-  our spare time. Companies may pay individual developers to work on curl.
-  This is not controlled by nor supervised in any way by the curl project.
-
-  We get help from companies. Haxx provides website, bandwidth, mailing lists
-  etc, GitHub hosts the primary git repository and other services like the bug
-  tracker at https://github.com/curl/curl. Also again, some companies have
-  sponsored certain parts of the development in the past and I hope some will
-  continue to do so in the future.
-
-  If you want to support our project, consider a donation or a banner-program
-  or even better: by helping us with coding, documenting or testing etc.
-
-  See also: https://curl.se/sponsors.html
-
-  1.7 What about CURL from curl.com?
-
-  During the summer of 2001, curl.com was busy advertising their client-side
-  programming language for the web, named CURL.
-
-  We are in no way associated with curl.com or their CURL programming
-  language.
-
-  Our project name curl has been in effective use since 1998. We were not the
-  first computer related project to use the name "curl" and do not claim any
-  rights to the name.
-
-  We recognize that we will be living in parallel with curl.com and wish them
-  every success.
-
-  1.8 I have a problem, who do I mail?
-
-  Please do not mail any single individual unless you really need to. Keep
-  curl-related questions on a suitable mailing list. All available mailing
-  lists are listed in the MANUAL document and online at
-  https://curl.se/mail/
-
-  Keeping curl-related questions and discussions on mailing lists allows
-  others to join in and help, to share their ideas, to contribute their
-  suggestions and to spread their wisdom. Keeping discussions on public mailing
-  lists also allows for others to learn from this (both current and future
-  users thanks to the web based archives of the mailing lists), thus saving us
-  from having to repeat ourselves even more. Thanks for respecting this.
-
-  If you have found or simply suspect a security problem in curl or libcurl,
-  submit all the details at https://hackerone.com/curl. On there we keep the
-  issue private while we investigate, confirm it, work and validate a fix and
-  agree on a time schedule for publication etc. That way we produce a fix in a
-  timely manner before the flaw is announced to the world, reducing the impact
-  the problem risks having on existing users.
-
-  Security issues can also be taking to the curl security team by emailing
-  security at curl.se (closed list of receivers, mails are not disclosed).
-
-  1.9 Where do I buy commercial support for curl?
-
-  curl is fully open source. It means you can hire any skilled engineer to fix
-  your curl-related problems.
-
-  We list available alternatives on the curl website:
-  https://curl.se/support.html
-
-  1.10 How many are using curl?
-
-  It is impossible to tell.
-
-  We do not know how many users that knowingly have installed and use curl.
-
-  We do not know how many users that use curl without knowing that they are in
-  fact using it.
-
-  We do not know how many users that downloaded or installed curl and then
-  never use it.
-
-  In 2020, we estimate that curl runs in roughly ten billion installations
-  world wide.
-
-  1.11 Why do you not update ca-bundle.crt
-
-  In the curl project we have decided not to attempt to keep this file updated
-  (or even present) since deciding what to add to a ca cert bundle is an
-  undertaking we have not been ready to accept, and the one we can get from
-  Mozilla is perfectly fine so there is no need to duplicate that work.
-
-  Today, with many services performed over HTTPS, every operating system
-  should come with a default ca cert bundle that can be deemed somewhat
-  trustworthy and that collection (if reasonably updated) should be deemed to
-  be a lot better than a private curl version.
-
-  If you want the most recent collection of ca certs that Mozilla Firefox
-  uses, we recommend that you extract the collection yourself from Mozilla
-  Firefox (by running 'make ca-bundle), or by using our online service setup
-  for this purpose: https://curl.se/docs/caextract.html
-
-  1.12 I have a problem who, can I chat with?
-
-  There is a bunch of friendly people hanging out in the #curl channel on the
-  IRC network libera.chat. If you are polite and nice, chances are good that
-  you can get -- or provide -- help instantly.
-
-  1.13 curl's ECCN number?
-
-  The US government restricts exports of software that contains or uses
-  cryptography. When doing so, the Export Control Classification Number (ECCN)
-  is used to identify the level of export control etc.
-
-  Apache Software Foundation gives a good explanation of ECCNs at
-  https://www.apache.org/dev/crypto.html
-
-  We believe curl's number might be ECCN 5D002, another possibility is
-  5D992. It seems necessary to write them (the authority that administers ECCN
-  numbers), asking to confirm.
-
-  Comprehensible explanations of the meaning of such numbers and how to obtain
-  them (resp.) are here
-
-  https://www.bis.doc.gov/licensing/exportingbasics.htm
-  https://www.bis.doc.gov/licensing/do_i_needaneccn.html
-
-  An incomprehensible description of the two numbers above is here
-  https://www.bis.doc.gov/index.php/documents/new-encryption/1653-ccl5-pt2-3
-
-  1.14 How do I submit my patch?
-
-  We strongly encourage you to submit changes and improvements directly as
-  "pull requests" on GitHub: https://github.com/curl/curl/pulls
-
-  If you for any reason cannot or will not deal with GitHub, send your patch to
-  the curl-library mailing list. We are many subscribers there and there are
-  lots of people who can review patches, comment on them and "receive" them
-  properly.
-
-  Lots of more details are found in the CONTRIBUTE.md and INTERNALS.md
-  documents.
-
-  1.15 How do I port libcurl to my OS?
-
-  Here's a rough step-by-step:
-
-  1. copy a suitable lib/config-*.h file as a start to lib/config-[youros].h
-
-  2. edit lib/config-[youros].h to match your OS and setup
-
-  3. edit lib/curl_setup.h to include config-[youros].h when your OS is
-     detected by the preprocessor, in the style others already exist
-
-  4. compile lib/*.c and make them into a library
-
-
-2. Install Related Problems
-
-  2.1 configure fails when using static libraries
-
-  You may find that configure fails to properly detect the entire dependency
-  chain of libraries when you provide static versions of the libraries that
-  configure checks for.
-
-  The reason why static libraries is much harder to deal with is that for them
-  we do not get any help but the script itself must know or check what more
-  libraries that are needed (with shared libraries, that dependency "chain" is
-  handled automatically). This is an error-prone process and one that also
-  tends to vary over time depending on the release versions of the involved
-  components and may also differ between operating systems.
-
-  For that reason, configure does few attempts to actually figure this out and
-  you are instead encouraged to set LIBS and LDFLAGS accordingly when you
-  invoke configure, and point out the needed libraries and set the necessary
-  flags yourself.
-
-  2.2 Does curl work with other SSL libraries?
-
-  curl has been written to use a generic SSL function layer internally, and
-  that SSL functionality can then be provided by one out of many different SSL
-  backends.
-
-  curl can be built to use one of the following SSL alternatives: OpenSSL,
-  LibreSSL, BoringSSL, AWS-LC, GnuTLS, wolfSSL, mbedTLS, Schannel (native
-  Windows) or Rustls. They all have their pros and cons, and we try to
-  maintain a comparison of them here: https://curl.se/docs/ssl-compared.html
-
-  2.3 How do I upgrade curl.exe in Windows?
-
-  The curl tool that is shipped as an integrated component of Windows 10 and
-  Windows 11 is managed by Microsoft. If you were to delete the file or
-  replace it with a newer version downloaded from https://curl.se/windows,
-  then Windows Update will cease to work on your system.
-
-  There is no way to independently force an upgrade of the curl.exe that is
-  part of Windows other than through the regular Windows update process. There
-  is also nothing the curl project itself can do about this, since this is
-  managed and controlled entirely by Microsoft as owners of the operating
-  system.
-
-  You can always download and install the latest version of curl for Windows
-  from https://curl.se/windows into a separate location.
-
-  2.4 Does curl support SOCKS (RFC 1928) ?
-
-  Yes, SOCKS 4 and 5 are supported.
-
-3. Usage problems
-
-  3.1 curl: (1) SSL is disabled, https: not supported
-
-  If you get this output when trying to get anything from an HTTPS server, it
-  means that the instance of curl/libcurl that you are using was built without
-  support for this protocol.
-
-  This could have happened if the configure script that was run at build time
-  could not find all libs and include files curl requires for SSL to work. If
-  the configure script fails to find them, curl is simply built without SSL
-  support.
-
-  To get HTTPS support into a curl that was previously built but that reports
-  that HTTPS is not supported, you should dig through the document and logs
-  and check out why the configure script does not find the SSL libs and/or
-  include files.
-
-  Also, check out the other paragraph in this FAQ labeled "configure does not
-  find OpenSSL even when it is installed".
-
-  3.2 How do I tell curl to resume a transfer?
-
-  curl supports resumed transfers both ways on both FTP and HTTP.
-  Try the -C option.
-
-  3.3 Why does my posting using -F not work?
-
-  You cannot arbitrarily use -F or -d, the choice between -F or -d depends on
-  the HTTP operation you need curl to do and what the web server that will
-  receive your post expects.
-
-  If the form you are trying to submit uses the type 'multipart/form-data',
-  then and only then you must use the -F type. In all the most common cases,
-  you should use -d which then causes a posting with the type
-  'application/x-www-form-urlencoded'.
-
-  This is described in some detail in the MANUAL and TheArtOfHttpScripting
-  documents, and if you do not understand it the first time, read it again
-  before you post questions about this to the mailing list. Also, try reading
-  through the mailing list archives for old postings and questions regarding
-  this.
-
-  3.4 How do I tell curl to run custom FTP commands?
-
-  You can tell curl to perform optional commands both before and/or after a
-  file transfer. Study the -Q/--quote option.
-
-  Since curl is used for file transfers, you do not normally use curl to
-  perform FTP commands without transferring anything. Therefore you must
-  always specify a URL to transfer to/from even when doing custom FTP
-  commands, or use -I which implies the "no body" option sent to libcurl.
-
-  3.5 How can I disable the Accept: */* header?
-
-  You can change all internally generated headers by adding a replacement with
-  the -H/--header option. By adding a header with empty contents you safely
-  disable that one. Use -H "Accept:" to disable that specific header.
-
-  3.6 Does curl support ASP, XML, XHTML or HTML version Y?
-
-  To curl, all contents are alike. It does not matter how the page was
-  generated. It may be ASP, PHP, Perl, shell-script, SSI or plain HTML
-  files. There is no difference to curl and it does not even know what kind of
-  language that generated the page.
-
-  See also item 3.14 regarding JavaScript.
-
-  3.7 Can I use curl to delete/rename a file through FTP?
-
-  Yes. You specify custom FTP commands with -Q/--quote.
-
-  One example would be to delete a file after you have downloaded it:
-
-     curl -O ftp://example.com/coolfile -Q '-DELE coolfile'
-
-  or rename a file after upload:
-
-     curl -T infile ftp://example.com/dir/ -Q "-RNFR infile" -Q "-RNTO newname"
-
-  3.8 How do I tell curl to follow HTTP redirects?
-
-  curl does not follow so-called redirects by default. The Location: header
-  that informs the client about this is only interpreted if you are using the
-  -L/--location option. As in:
-
-     curl -L https://example.com
-
-  Not all redirects are HTTP ones, see 4.14
-
-  3.9 How do I use curl in my favorite programming language?
-
-  Many programming languages have interfaces/bindings that allow you to use
-  curl without having to use the command line tool. If you are fluent in such
-  a language, you may prefer to use one of these interfaces instead.
-
-  Find out more about which languages that support curl directly, and how to
-  install and use them, in the libcurl section of the curl website:
-  https://curl.se/libcurl/
-
-  All the various bindings to libcurl are made by other projects and people,
-  outside of the curl project. The curl project itself only produces libcurl
-  with its plain C API. If you do not find anywhere else to ask you can ask
-  about bindings on the curl-library list too, but be prepared that people on
-  that list may not know anything about bindings.
-
-  In December 2021, there were interfaces available for the following
-  languages: Ada95, Basic, C, C++, Ch, Cocoa, D, Delphi, Dylan, Eiffel,
-  Euphoria, Falcon, Ferite, Gambas, glib/GTK+, Go, Guile, Harbour, Haskell,
-  Java, Julia, Lisp, Lua, Mono, .NET, node.js, Object-Pascal, OCaml, Pascal,
-  Perl, PHP, PostgreSQL, Python, R, Rexx, Ring, RPG, Ruby, Rust, Scheme,
-  Scilab, S-Lang, Smalltalk, SP-Forth, SPL, Tcl, Visual Basic, Visual FoxPro,
-  Q, wxwidgets, XBLite and Xoho. By the time you read this, additional ones
-  may have appeared.
-
-  3.10 What about SOAP, WebDAV, XML-RPC or similar protocols over HTTP?
-
-  curl adheres to the HTTP spec, which basically means you can play with *any*
-  protocol that is built on top of HTTP. Protocols such as SOAP, WebDAV and
-  XML-RPC are all such ones. You can use -X to set custom requests and -H to
-  set custom headers (or replace internally generated ones).
-
-  Using libcurl is of course just as good and you would just use the proper
-  library options to do the same.
-
-  3.11 How do I POST with a different Content-Type?
-
-  You can always replace the internally generated headers with -H/--header.
-  To make a simple HTTP POST with text/xml as content-type, do something like:
-
-        curl -d "datatopost" -H "Content-Type: text/xml" [URL]
-
-  3.12 Why do FTP-specific features over HTTP proxy fail?
-
-  Because when you use an HTTP proxy, the protocol spoken on the network will
-  be HTTP, even if you specify an FTP URL. This effectively means that you
-  normally cannot use FTP-specific features such as FTP upload and FTP quote
-  etc.
-
-  There is one exception to this rule, and that is if you can "tunnel through"
-  the given HTTP proxy. Proxy tunneling is enabled with a special option (-p)
-  and is generally not available as proxy admins usually disable tunneling to
-  ports other than 443 (which is used for HTTPS access through proxies).
-
-  3.13 Why do my single/double quotes fail?
-
-  To specify a command line option that includes spaces, you might need to
-  put the entire option within quotes. Like in:
-
-   curl -d " with spaces " example.com
-
-  or perhaps
-
-   curl -d ' with spaces ' example.com
-
-  Exactly what kind of quotes and how to do this is entirely up to the shell
-  or command line interpreter that you are using. For most Unix shells, you
-  can more or less pick either single (') or double (") quotes. For
-  Windows/DOS command prompts you must use double (") quotes, and if the
-  option string contains inner double quotes you can escape them with a
-  backslash.
-
-  For Windows powershell the arguments are not always passed on as expected
-  because curl is not a powershell script. You may or may not be able to use
-  single quotes. To escape inner double quotes seems to require a
-  backslash-backtick escape sequence and the outer quotes as double quotes.
-
-  Please study the documentation for your particular environment. Examples in
-  the curl docs will use a mix of both of these as shown above. You must
-  adjust them to work in your environment.
-
-  Remember that curl works and runs on more operating systems than most single
-  individuals have ever tried.
-
-  3.14 Does curl support JavaScript or PAC (automated proxy config)?
-
-  Many webpages do magic stuff using embedded JavaScript. curl and libcurl
-  have no built-in support for that, so it will be treated just like any other
-  contents.
-
-  .pac files are a Netscape invention and are sometimes used by organizations
-  to allow them to differentiate which proxies to use. The .pac contents is
-  just a JavaScript program that gets invoked by the browser and that returns
-  the name of the proxy to connect to. Since curl does not support JavaScript,
-  it cannot support .pac proxy configuration either.
-
-  Some workarounds usually suggested to overcome this JavaScript dependency:
-
-  Depending on the JavaScript complexity, write up a script that translates it
-  to another language and execute that.
-
-  Read the JavaScript code and rewrite the same logic in another language.
-
-  Implement a JavaScript interpreter, people have successfully used the
-  Mozilla JavaScript engine in the past.
-
-  Ask your admins to stop this, for a static proxy setup or similar.
-
-  3.15 Can I do recursive fetches with curl?
-
-  No. curl itself has no code that performs recursive operations, such as
-  those performed by wget and similar tools.
-
-  There exists wrapper scripts with that functionality (for example the
-  curlmirror perl script), and you can write programs based on libcurl to do
-  it, but the command line tool curl itself cannot.
-
-  3.16 What certificates do I need when I use SSL?
-
-  There are three different kinds of "certificates" to keep track of when we
-  talk about using SSL-based protocols (HTTPS or FTPS) using curl or libcurl.
-
-  CLIENT CERTIFICATE
-
-  The server you communicate with may require that you can provide this in
-  order to prove that you actually are who you claim to be. If the server
-  does not require this, you do not need a client certificate.
-
-  A client certificate is always used together with a private key, and the
-  private key has a passphrase that protects it.
-
-  SERVER CERTIFICATE
-
-  The server you communicate with has a server certificate. You can and should
-  verify this certificate to make sure that you are truly talking to the real
-  server and not a server impersonating it.
-
-  CERTIFICATE AUTHORITY CERTIFICATE ("CA cert")
-
-  You often have several CA certs in a CA cert bundle that can be used to
-  verify a server certificate that was signed by one of the authorities in the
-  bundle. curl does not come with a CA cert bundle but most curl installs
-  provide one. You can also override the default.
-
-  The server certificate verification process is made by using a Certificate
-  Authority certificate ("CA cert") that was used to sign the server
-  certificate. Server certificate verification is enabled by default in curl
-  and libcurl and is often the reason for problems as explained in FAQ entry
-  4.12 and the SSLCERTS document
-  (https://curl.se/docs/sslcerts.html). Server certificates that are
-  "self-signed" or otherwise signed by a CA that you do not have a CA cert
-  for, cannot be verified. If the verification during a connect fails, you are
-  refused access. You then need to explicitly disable the verification to
-  connect to the server.
-
-  3.17 How do I list the root directory of an FTP server?
-
-  There are two ways. The way defined in the RFC is to use an encoded slash
-  in the first path part. List the "/tmp" directory like this:
-
-     curl ftp://ftp.example.com/%2ftmp/
-
-  or the not-quite-kosher-but-more-readable way, by simply starting the path
-  section of the URL with a slash:
-
-     curl ftp://ftp.example.com//tmp/
-
-  3.18 Can I use curl to send a POST/PUT and not wait for a response?
-
-  No.
-
-  You can easily write your own program using libcurl to do such stunts.
-
-  3.19 How do I get HTTP from a host using a specific IP address?
-
-  For example, you may be trying out a website installation that is not yet in
-  the DNS. Or you have a site using multiple IP addresses for a given host
-  name and you want to address a specific one out of the set.
-
-  Set a custom Host: header that identifies the server name you want to reach
-  but use the target IP address in the URL:
-
-    curl --header "Host: www.example.com" https://somewhere.example/
-
-  You can also opt to add faked hostname entries to curl with the --resolve
-  option. That has the added benefit that things like redirects will also work
-  properly. The above operation would instead be done as:
-
-    curl --resolve www.example.com:80:127.0.0.1 https://www.example.com/
-
-  3.20 How to SFTP from my user's home directory?
-
-  Contrary to how FTP works, SFTP and SCP URLs specify the exact directory to
-  work with. It means that if you do not specify that you want the user's home
-  directory, you get the actual root directory.
-
-  To specify a file in your user's home directory, you need to use the correct
-  URL syntax which for SFTP might look similar to:
-
-    curl -O -u user:password sftp://example.com/~/file.txt
-
-  and for SCP it is just a different protocol prefix:
-
-    curl -O -u user:password scp://example.com/~/file.txt
-
-  3.21 Protocol xxx not supported or disabled in libcurl
-
-  When passing on a URL to curl to use, it may respond that the particular
-  protocol is not supported or disabled. The particular way this error message
-  is phrased is because curl does not make a distinction internally of whether
-  a particular protocol is not supported (i.e. never got any code added that
-  knows how to speak that protocol) or if it was explicitly disabled. curl can
-  be built to only support a given set of protocols, and the rest would then
-  be disabled or not supported.
-
-  Note that this error will also occur if you pass a wrongly spelled protocol
-  part as in "htpts://example.com" or as in the less evident case if you
-  prefix the protocol part with a space as in " https://example.com/".
-
-  3.22 curl -X gives me HTTP problems
-
-  In normal circumstances, -X should hardly ever be used.
-
-  By default you use curl without explicitly saying which request method to
-  use when the URL identifies an HTTP transfer. If you just pass in a URL like
-  "curl https://example.com" it will use GET. If you use -d or -F curl will use
-  POST, -I will cause a HEAD and -T will make it a PUT.
-
-  If for whatever reason you are not happy with these default choices that curl
-  does for you, you can override those request methods by specifying -X
-  [WHATEVER]. This way you can for example send a DELETE by doing "curl -X
-  DELETE [URL]".
-
-  It is thus pointless to do "curl -XGET [URL]" as GET would be used anyway.
-  In the same vein it is pointless to do "curl -X POST -d data [URL]". You can
-  make a fun and somewhat rare request that sends a request-body in a GET
-  request with something like "curl -X GET -d data [URL]"
-
-  Note that -X does not actually change curl's behavior as it only modifies the
-  actual string sent in the request, but that may of course trigger a
-  different set of events.
-
-  Accordingly, by using -XPOST on a command line that for example would follow
-  a 303 redirect, you will effectively prevent curl from behaving
-  correctly. Be aware.
-
-
-4. Running Problems
-
-  4.2 Why do I get problems when I use & or % in the URL?
-
-  In general Unix shells, the & symbol is treated specially and when used, it
-  runs the specified command in the background. To safely send the & as a part
-  of a URL, you should quote the entire URL by using single (') or double (")
-  quotes around it. Similar problems can also occur on some shells with other
-  characters, including ?*!$~(){}<>\|;`. When in doubt, quote the URL.
-
-  An example that would invoke a remote CGI that uses &-symbols could be:
-
-     curl 'https://www.example.com/cgi-bin/query?text=yes&q=curl'
-
-  In Windows, the standard DOS shell treats the percent sign specially and you
-  need to use TWO percent signs for each single one you want to use in the
-  URL.
-
-  If you want a literal percent sign to be part of the data you pass in a POST
-  using -d/--data you must encode it as '%25' (which then also needs the
-  percent sign doubled on Windows machines).
-
-  4.3 How can I use {, }, [ or ] to specify multiple URLs?
-
-  Because those letters have a special meaning to the shell, to be used in
-  a URL specified to curl you must quote them.
-
-  An example that downloads two URLs (sequentially) would be:
-
-    curl '{curl,www}.haxx.se'
-
-  To be able to use those characters as actual parts of the URL (without using
-  them for the curl URL "globbing" system), use the -g/--globoff option:
-
-    curl -g 'www.example.com/weirdname[].html'
-
-  4.4 Why do I get downloaded data even though the webpage does not exist?
-
-  curl asks remote servers for the page you specify. If the page does not exist
-  at the server, the HTTP protocol defines how the server should respond and
-  that means that headers and a "page" will be returned. That is simply how
-  HTTP works.
-
-  By using the --fail option you can tell curl explicitly to not get any data
-  if the HTTP return code does not say success.
-
-  4.5 Why do I get return code XXX from an HTTP server?
-
-  RFC 2616 clearly explains the return codes. This is a short transcript. Go
-  read the RFC for exact details:
-
-    4.5.1 "400 Bad Request"
-
-    The request could not be understood by the server due to malformed
-    syntax. The client SHOULD NOT repeat the request without modifications.
-
-    4.5.2 "401 Unauthorized"
-
-    The request requires user authentication.
-
-    4.5.3 "403 Forbidden"
-
-    The server understood the request, but is refusing to fulfill it.
-    Authorization will not help and the request SHOULD NOT be repeated.
-
-    4.5.4 "404 Not Found"
-
-    The server has not found anything matching the Request-URI. No indication
-    is given as to whether the condition is temporary or permanent.
-
-    4.5.5 "405 Method Not Allowed"
-
-    The method specified in the Request-Line is not allowed for the resource
-    identified by the Request-URI. The response MUST include an Allow header
-    containing a list of valid methods for the requested resource.
-
-    4.5.6 "301 Moved Permanently"
-
-    If you get this return code and an HTML output similar to this:
-
-       
Moved Permanently
 The document has moved here.
-
-    it might be because you requested a directory URL but without the trailing
-    slash. Try the same operation again _with_ the trailing URL, or use the
-    -L/--location option to follow the redirection.
-
-  4.6 Can you tell me what error code 142 means?
-
-  All curl error codes are described at the end of the man page, in the
-  section called "EXIT CODES".
-
-  Error codes that are larger than the highest documented error code means
-  that curl has exited due to a crash. This is a serious error, and we
-  appreciate a detailed bug report from you that describes how we could go
-  ahead and repeat this.
-
-  4.7 How do I keep usernames and passwords secret in curl command lines?
-
-  This problem has two sides:
-
-  The first part is to avoid having clear-text passwords in the command line
-  so that they do not appear in 'ps' outputs and similar. That is easily
-  avoided by using the "-K" option to tell curl to read parameters from a file
-  or stdin to which you can pass the secret info. curl itself will also
-  attempt to "hide" the given password by blanking out the option - this
-  does not work on all platforms.
-
-  To keep the passwords in your account secret from the rest of the world is
-  not a task that curl addresses. You could of course encrypt them somehow to
-  at least hide them from being read by human eyes, but that is not what
-  anyone would call security.
-
-  Also note that regular HTTP (using Basic authentication) and FTP passwords
-  are sent as cleartext across the network. All it takes for anyone to fetch
-  them is to listen on the network. Eavesdropping is easy. Use more secure
-  authentication methods (like Digest, Negotiate or even NTLM) or consider the
-  SSL-based alternatives HTTPS and FTPS.
-
-  4.8 I found a bug
-
-  It is not a bug if the behavior is documented. Read the docs first.
-  Especially check out the KNOWN_BUGS file, it may be a documented bug.
-
-  If it is a problem with a binary you have downloaded or a package for your
-  particular platform, try contacting the person who built the package/archive
-  you have.
-
-  If there is a bug, read the BUGS document first. Then report it as described
-  in there.
-
-  4.9 curl cannot authenticate to a server that requires NTLM?
-
-  NTLM support requires OpenSSL, GnuTLS, mbedTLS or Microsoft Windows
-  libraries at build-time to provide this functionality.
-
-  4.10 My HTTP request using HEAD, PUT or DELETE does not work
-
-  Many web servers allow or demand that the administrator configures the
-  server properly for these requests to work on the web server.
-
-  Some servers seem to support HEAD only on certain kinds of URLs.
-
-  To fully grasp this, try the documentation for the particular server
-  software you are trying to interact with. This is not anything curl can do
-  anything about.
-
-  4.11 Why do my HTTP range requests return the full document?
-
-  Because the range may not be supported by the server, or the server may
-  choose to ignore it and return the full document anyway.
-
-  4.12 Why do I get "certificate verify failed" ?
-
-  When you invoke curl and get an error 60 error back it means that curl
-  could not verify that the server's certificate was good. curl verifies the
-  certificate using the CA cert bundle and verifying for which names the
-  certificate has been granted.
-
-  To completely disable the certificate verification, use -k. This does
-  however enable man-in-the-middle attacks and makes the transfer INSECURE.
-  We strongly advise against doing this for more than experiments.
-
-  If you get this failure with a CA cert bundle installed and used, the
-  server's certificate might not be signed by one of the CA's in your CA
-  store. It might for example be self-signed. You then correct this problem by
-  obtaining a valid CA cert for the server. Or again, decrease the security by
-  disabling this check.
-
-  At times, you find that the verification works in your favorite browser but
-  fails in curl. When this happens, the reason is usually that the server
-  sends an incomplete cert chain. The server is mandated to send all
-  "intermediate certificates" but does not. This typically works with browsers
-  anyway since they A) cache such certs and B) supports AIA which downloads
-  such missing certificates on demand. This is a server misconfiguration. A
-  good way to figure out if this is the case it to use the SSL Labs server
-  test and check the certificate chain: https://www.ssllabs.com/ssltest/
-
-  Details are also in the SSLCERTS.md document, found online here:
-  https://curl.se/docs/sslcerts.html
-
-  4.13 Why is curl -R on Windows one hour off?
-
-  Since curl 7.53.0 this issue should be fixed as long as curl was built with
-  any modern compiler that allows for a 64-bit curl_off_t type. For older
-  compilers or prior curl versions it may set a time that appears one hour off.
-  This happens due to a flaw in how Windows stores and uses file modification
-  times and it is not easily worked around. For more details read this:
-  https://www.codeproject.com/Articles/1144/Beating-the-Daylight-Savings-Time-bug-and-getting
-
-  4.14 Redirects work in browser but not with curl
-
-  curl supports HTTP redirects well (see item 3.8). Browsers generally support
-  at least two other ways to perform redirects that curl does not:
-
-  Meta tags. You can write an HTML tag that will cause the browser to redirect
-  to another given URL after a certain time.
-
-  JavaScript. You can write a JavaScript program embedded in an HTML page that
-  redirects the browser to another given URL.
-
-  There is no way to make curl follow these redirects. You must either
-  manually figure out what the page is set to do, or write a script that parses
-  the results and fetches the new URL.
-
-  4.15 FTPS does not work
-
-  curl supports FTPS (sometimes known as FTP-SSL) both implicit and explicit
-  mode.
-
-  When a URL is used that starts with FTPS://, curl assumes implicit SSL on
-  the control connection and will therefore immediately connect and try to
-  speak SSL. FTPS:// connections default to port 990.
-
-  To use explicit FTPS, you use an FTP:// URL and the --ssl-reqd option (or one
-  of its related flavors). This is the most common method, and the one
-  mandated by RFC 4217. This kind of connection will then of course use the
-  standard FTP port 21 by default.
-
-  4.16 My HTTP POST or PUT requests are slow
-
-  libcurl makes all POST and PUT requests (except for requests with a small
-  request body) use the "Expect: 100-continue" header. This header allows the
-  server to deny the operation early so that libcurl can bail out before having
-  to send any data. This is useful in authentication cases and others.
-
-  However, many servers do not implement the Expect: stuff properly and if the
-  server does not respond (positively) within 1 second libcurl will continue
-  and send off the data anyway.
-
-  You can disable libcurl's use of the Expect: header the same way you disable
-  any header, using -H / CURLOPT_HTTPHEADER, or by forcing it to use HTTP 1.0.
-
-  4.17 Non-functional connect timeouts
-
-  In most Windows setups having a timeout longer than 21 seconds make no
-  difference, as it will only send 3 TCP SYN packets and no more. The second
-  packet sent three seconds after the first and the third six seconds after
-  the second. No more than three packets are sent, no matter how long the
-  timeout is set.
-
-  See option TcpMaxConnectRetransmissions on this page:
-  https://web.archive.org/web/20160819015101/support.microsoft.com/en-us/kb/175523
-
-  Also, even on non-Windows systems there may run a firewall or anti-virus
-  software or similar that accepts the connection but does not actually do
-  anything else. This will make (lib)curl to consider the connection connected
-  and thus the connect timeout will not trigger.
-
-  4.18 file:// URLs containing drive letters (Windows, NetWare)
-
-  When using curl to try to download a local file, one might use a URL
-  in this format:
-
-  file://D:/blah.txt
-
-  you will find that even if D:\blah.txt does exist, curl returns a 'file
-  not found' error.
-
-  According to RFC 1738 (https://datatracker.ietf.org/doc/html/rfc1738),
-  file:// URLs must contain a host component, but it is ignored by
-  most implementations. In the above example, 'D:' is treated as the
-  host component, and is taken away. Thus, curl tries to open '/blah.txt'.
-  If your system is installed to drive C:, that will resolve to 'C:\blah.txt',
-  and if that does not exist you will get the not found error.
-
-  To fix this problem, use file:// URLs with *three* leading slashes:
-
-  file:///D:/blah.txt
-
-  Alternatively, if it makes more sense, specify 'localhost' as the host
-  component:
-
-  file://localhost/D:/blah.txt
-
-  In either case, curl should now be looking for the correct file.
-
-  4.19 Why does not curl return an error when the network cable is unplugged?
-
-  Unplugging a cable is not an error situation. The TCP/IP protocol stack
-  was designed to be fault tolerant, so even though there may be a physical
-  break somewhere the connection should not be affected, just possibly
-  delayed. Eventually, the physical break will be fixed or the data will be
-  re-routed around the physical problem through another path.
-
-  In such cases, the TCP/IP stack is responsible for detecting when the
-  network connection is irrevocably lost. Since with some protocols it is
-  perfectly legal for the client to wait indefinitely for data, the stack may
-  never report a problem, and even when it does, it can take up to 20 minutes
-  for it to detect an issue. The curl option --keepalive-time enables
-  keep-alive support in the TCP/IP stack which makes it periodically probe the
-  connection to make sure it is still available to send data. That should
-  reliably detect any TCP/IP network failure.
-
-  TCP keep alive will not detect the network going down before the TCP/IP
-  connection is established (e.g. during a DNS lookup) or using protocols that
-  do not use TCP. To handle those situations, curl offers a number of timeouts
-  on its own. --speed-limit/--speed-time will abort if the data transfer rate
-  falls too low, and --connect-timeout and --max-time can be used to put an
-  overall timeout on the connection phase or the entire transfer.
-
-  A libcurl-using application running in a known physical environment (e.g.
-  an embedded device with only a single network connection) may want to act
-  immediately if its lone network connection goes down. That can be achieved
-  by having the application monitor the network connection on its own using an
-  OS-specific mechanism, then signaling libcurl to abort (see also item 5.13).
-
-  4.20 curl does not return error for HTTP non-200 responses
-
-  Correct. Unless you use -f (--fail).
-
-  When doing HTTP transfers, curl will perform exactly what you are asking it
-  to do and if successful it will not return an error. You can use curl to
-  test your web server's "file not found" page (that gets 404 back), you can
-  use it to check your authentication protected webpages (that gets a 401
-  back) and so on.
-
-  The specific HTTP response code does not constitute a problem or error for
-  curl. It simply sends and delivers HTTP as you asked and if that worked,
-  everything is fine and dandy. The response code is generally providing more
-  higher level error information that curl does not care about. The error was
-  not in the HTTP transfer.
-
-  If you want your command line to treat error codes in the 400 and up range
-  as errors and thus return a non-zero value and possibly show an error
-  message, curl has a dedicated option for that: -f (CURLOPT_FAILONERROR in
-  libcurl speak).
-
-  You can also use the -w option and the variable %{response_code} to extract
-  the exact response code that was returned in the response.
-
-5. libcurl Issues
-
-  5.1 Is libcurl thread-safe?
-
-  Yes.
-
-  We have written the libcurl code specifically adjusted for multi-threaded
-  programs. libcurl will use thread-safe functions instead of non-safe ones if
-  your system has such. Note that you must never share the same handle in
-  multiple threads.
-
-  There may be some exceptions to thread safety depending on how libcurl was
-  built. Please review the guidelines for thread safety to learn more:
-  https://curl.se/libcurl/c/threadsafe.html
-
-  5.2 How can I receive all data into a large memory chunk?
-
-  [ See also the examples/getinmemory.c source ]
-
-  You are in full control of the callback function that gets called every time
-  there is data received from the remote server. You can make that callback do
-  whatever you want. You do not have to write the received data to a file.
-
-  One solution to this problem could be to have a pointer to a struct that you
-  pass to the callback function. You set the pointer using the
-  CURLOPT_WRITEDATA option. Then that pointer will be passed to the callback
-  instead of a FILE * to a file:
-
-        /* imaginary struct */
-        struct MemoryStruct {
-          char *memory;
-          size_t size;
-        };
-
-        /* imaginary callback function */
-        size_t
-        WriteMemoryCallback(void *ptr, size_t size, size_t nmemb, void *data)
-        {
-          size_t realsize = size * nmemb;
-          struct MemoryStruct *mem = (struct MemoryStruct *)data;
-
-          mem->memory = (char *)realloc(mem->memory, mem->size + realsize + 1);
-          if(mem->memory) {
-            memcpy(&(mem->memory[mem->size]), ptr, realsize);
-            mem->size += realsize;
-            mem->memory[mem->size] = 0;
-          }
-          return realsize;
-        }
-
-  5.3 How do I fetch multiple files with libcurl?
-
-  libcurl has excellent support for transferring multiple files. You should
-  just repeatedly set new URLs with curl_easy_setopt() and then transfer it
-  with curl_easy_perform(). The handle you get from curl_easy_init() is not
-  only reusable, but you are even encouraged to reuse it if you can, as that
-  will enable libcurl to use persistent connections.
-
-  5.4 Does libcurl do Winsock initialization on Win32 systems?
-
-  Yes, if told to in the curl_global_init() call.
-
-  5.5 Does CURLOPT_WRITEDATA and CURLOPT_READDATA work on Win32 ?
-
-  Yes, but you cannot open a FILE * and pass the pointer to a DLL and have
-  that DLL use the FILE * (as the DLL and the client application cannot access
-  each others' variable memory areas). If you set CURLOPT_WRITEDATA you must
-  also use CURLOPT_WRITEFUNCTION as well to set a function that writes the
-  file, even if that simply writes the data to the specified FILE *.
-  Similarly, if you use CURLOPT_READDATA you must also specify
-  CURLOPT_READFUNCTION.
-
-  5.6 What about Keep-Alive or persistent connections?
-
-  curl and libcurl have excellent support for persistent connections when
-  transferring several files from the same server. curl will attempt to reuse
-  connections for all URLs specified on the same command line/config file, and
-  libcurl will reuse connections for all transfers that are made using the
-  same libcurl handle.
-
-  When you use the easy interface the connection cache is kept within the easy
-  handle. If you instead use the multi interface, the connection cache will be
-  kept within the multi handle and will be shared among all the easy handles
-  that are used within the same multi handle.
-
-  5.7 Link errors when building libcurl on Windows
-
-  You need to make sure that your project, and all the libraries (both static
-  and dynamic) that it links against, are compiled/linked against the same run
-  time library.
-
-  This is determined by the /MD, /ML, /MT (and their corresponding /M?d)
-  options to the command line compiler. /MD (linking against MSVCRT dll) seems
-  to be the most commonly used option.
-
-  When building an application that uses the static libcurl library, you must
-  add -DCURL_STATICLIB to your CFLAGS. Otherwise the linker will look for
-  dynamic import symbols. If you are using Visual Studio, you need to instead
-  add CURL_STATICLIB in the "Preprocessor Definitions" section.
-
-  If you get a linker error like "unknown symbol __imp__curl_easy_init ..." you
-  have linked against the wrong (static) library. If you want to use the
-  libcurl.dll and import lib, you do not need any extra CFLAGS, but use one of
-  the import libraries below. These are the libraries produced by the various
-  lib/Makefile.* files:
-
-       Target:          static lib.   import lib for libcurl*.dll.
-       -----------------------------------------------------------
-       MinGW:           libcurl.a     libcurldll.a
-       MSVC (release):  libcurl.lib   libcurl_imp.lib
-       MSVC (debug):    libcurld.lib  libcurld_imp.lib
-       Borland:         libcurl.lib   libcurl_imp.lib
-
-  5.8 libcurl.so.X: open failed: No such file or directory
-
-  This is an error message you might get when you try to run a program linked
-  with a shared version of libcurl and your runtime linker (ld.so) could not
-  find the shared library named libcurl.so.X. (Where X is the number of the
-  current libcurl ABI, typically 3 or 4).
-
-  You need to make sure that ld.so finds libcurl.so.X. You can do that
-  multiple ways, and it differs somewhat between different operating systems.
-  They are usually:
-
-  * Add an option to the linker command line that specify the hard-coded path
-    the runtime linker should check for the lib (usually -R)
-
-  * Set an environment variable (LD_LIBRARY_PATH for example) where ld.so
-    should check for libs
-
-  * Adjust the system's config to check for libs in the directory where you have
-    put the library (like Linux's /etc/ld.so.conf)
-
-  'man ld.so' and 'man ld' will tell you more details
-
-  5.9 How does libcurl resolve hostnames?
-
-  libcurl supports a large number of name resolve functions. One of them is
-  picked at build-time and will be used unconditionally. Thus, if you want to
-  change name resolver function you must rebuild libcurl and tell it to use a
-  different function.
-
-  - The non-IPv6 resolver that can use one of four different hostname resolve
-  calls (depending on what your system supports):
-
-      A - gethostbyname()
-      B - gethostbyname_r() with 3 arguments
-      C - gethostbyname_r() with 5 arguments
-      D - gethostbyname_r() with 6 arguments
-
-  - The IPv6-resolver that uses getaddrinfo()
-
-  - The c-ares based name resolver that uses the c-ares library for resolves.
-    Using this offers asynchronous name resolves.
-
-  - The threaded resolver (default option on Windows). It uses:
-
-      A - gethostbyname() on plain IPv4 hosts
-      B - getaddrinfo() on IPv6 enabled hosts
-
-  Also note that libcurl never resolves or reverse-lookups addresses given as
-  pure numbers, such as 127.0.0.1 or ::1.
-
-  5.10 How do I prevent libcurl from writing the response to stdout?
-
-  libcurl provides a default built-in write function that writes received data
-  to stdout. Set the CURLOPT_WRITEFUNCTION to receive the data, or possibly
-  set CURLOPT_WRITEDATA to a different FILE * handle.
-
-  5.11 How do I make libcurl not receive the whole HTTP response?
-
-  You make the write callback (or progress callback) return an error and
-  libcurl will then abort the transfer.
-
-  5.12 Can I make libcurl fake or hide my real IP address?
-
-  No. libcurl operates on a higher level. Besides, faking IP address would
-  imply sending IP packets with a made-up source address, and then you normally
-  get a problem with receiving the packet sent back as they would then not be
-  routed to you.
-
-  If you use a proxy to access remote sites, the sites will not see your local
-  IP address but instead the address of the proxy.
-
-  Also note that on many networks NATs or other IP-munging techniques are used
-  that makes you see and use a different IP address locally than what the
-  remote server will see you coming from. You may also consider using
-  https://www.torproject.org/ .
-
-  5.13 How do I stop an ongoing transfer?
-
-  With the easy interface you make sure to return the correct error code from
-  one of the callbacks, but none of them are instant. There is no function you
-  can call from another thread or similar that will stop it immediately.
-  Instead, you need to make sure that one of the callbacks you use returns an
-  appropriate value that will stop the transfer. Suitable callbacks that you
-  can do this with include the progress callback, the read callback and the
-  write callback.
-
-  If you are using the multi interface, you can also stop a transfer by
-  removing the particular easy handle from the multi stack at any moment you
-  think the transfer is done or when you wish to abort the transfer.
-
-  5.14 Using C++ non-static functions for callbacks?
-
-  libcurl is a C library, it does not know anything about C++ member functions.
-
-  You can overcome this "limitation" with relative ease using a static
-  member function that is passed a pointer to the class:
-
-     // f is the pointer to your object.
-     static size_t YourClass::func(void *buffer, size_t sz, size_t n, void *f)
-     {
-       // Call non-static member function.
-       static_cast(f)->nonStaticFunction();
-     }
-
-     // This is how you pass pointer to the static function:
-     curl_easy_setopt(hcurl, CURLOPT_WRITEFUNCTION, YourClass::func);
-     curl_easy_setopt(hcurl, CURLOPT_WRITEDATA, this);
-
-  5.15 How do I get an FTP directory listing?
-
-  If you end the FTP URL you request with a slash, libcurl will provide you
-  with a directory listing of that given directory. You can also set
-  CURLOPT_CUSTOMREQUEST to alter what exact listing command libcurl would use
-  to list the files.
-
-  The follow-up question tends to be how is a program supposed to parse the
-  directory listing. How does it know what's a file and what's a directory and
-  what's a symlink etc. If the FTP server supports the MLSD command then it
-  will return data in a machine-readable format that can be parsed for type.
-  The types are specified by RFC 3659 section 7.5.1. If MLSD is not supported
-  then you have to work with what you are given. The LIST output format is
-  entirely at the server's own liking and the NLST output does not reveal any
-  types and in many cases does not even include all the directory entries.
-  Also, both LIST and NLST tend to hide Unix-style hidden files (those that
-  start with a dot) by default so you need to do "LIST -a" or similar to see
-  them.
-
-  Example - List only directories.
-  ftp.funet.fi supports MLSD and ftp.kernel.org does not:
-
-     curl -s ftp.funet.fi/pub/ -X MLSD | \
-       perl -lne 'print if s/(?:^|;)type=dir;[^ ]+ (.+)$/$1/'
-
-     curl -s ftp.kernel.org/pub/linux/kernel/ | \
-       perl -lne 'print if s/^d[-rwx]{9}(?: +[^ ]+){7} (.+)$/$1/'
-
-  If you need to parse LIST output in libcurl one such existing
-  list parser is available at https://cr.yp.to/ftpparse.html  Versions of
-  libcurl since 7.21.0 also provide the ability to specify a wildcard to
-  download multiple files from one FTP directory.
-
-  5.16 I want a different time-out
-
-  Sometimes users realize that CURLOPT_TIMEOUT and CURLOPT_CONNECTIMEOUT are
-  not sufficiently advanced or flexible to cover all the various use cases and
-  scenarios applications end up with.
-
-  libcurl offers many more ways to time-out operations. A common alternative
-  is to use the CURLOPT_LOW_SPEED_LIMIT and CURLOPT_LOW_SPEED_TIME options to
-  specify the lowest possible speed to accept before to consider the transfer
-  timed out.
-
-  The most flexible way is by writing your own time-out logic and using
-  CURLOPT_XFERINFOFUNCTION (perhaps in combination with other callbacks) and
-  use that to figure out exactly when the right condition is met when the
-  transfer should get stopped.
-
-  5.17 Can I write a server with libcurl?
-
-  No. libcurl offers no functions or building blocks to build any kind of
-  Internet protocol server. libcurl is only a client-side library. For server
-  libraries, you need to continue your search elsewhere but there exist many
-  good open source ones out there for most protocols you could want a server
-  for. There are also really good stand-alone servers that have been tested
-  and proven for many years. There is no need for you to reinvent them.
-
-  5.18 Does libcurl use threads?
-
-  Put simply: no, libcurl will execute in the same thread you call it in. All
-  callbacks will be called in the same thread as the one you call libcurl in.
-
-  If you want to avoid your thread to be blocked by the libcurl call, you make
-  sure you use the non-blocking multi API which will do transfers
-  asynchronously - still in the same single thread.
-
-  libcurl will potentially internally use threads for name resolving, if it
-  was built to work like that, but in those cases it will create the child
-  threads by itself and they will only be used and then killed internally by
-  libcurl and never exposed to the outside.
-
-6. License Issues
-
-  curl and libcurl are released under an MIT/X derivative license. The license
-  is liberal and should not impose a problem for your project. This section is
-  just a brief summary for the cases we get the most questions. (Parts of this
-  section was much enhanced by Bjorn Reese.)
-
-  We are not lawyers and this is not legal advice. You should probably consult
-  one if you want true and accurate legal insights without our prejudice. Note
-  especially that this section concerns the libcurl license only; compiling in
-  features of libcurl that depend on other libraries (e.g. OpenSSL) may affect
-  the licensing obligations of your application.
-
-  6.1 I have a GPL program, can I use the libcurl library?
-
-  Yes
-
-  Since libcurl may be distributed under the MIT/X derivative license, it can
-  be used together with GPL in any software.
-
-  6.2 I have a closed-source program, can I use the libcurl library?
-
-  Yes
-
-  libcurl does not put any restrictions on the program that uses the library.
-
-  6.3 I have a BSD licensed program, can I use the libcurl library?
-
-  Yes
-
-  libcurl does not put any restrictions on the program that uses the library.
-
-  6.4 I have a program that uses LGPL libraries, can I use libcurl?
-
-  Yes
-
-  The LGPL license does not clash with other licenses.
-
-  6.5 Can I modify curl/libcurl for my program and keep the changes secret?
-
-  Yes
-
-  The MIT/X derivative license practically allows you to do almost anything
-  with the sources, on the condition that the copyright texts in the sources
-  are left intact.
-
-  6.6 Can you please change the curl/libcurl license to XXXX?
-
-  No.
-
-  We have carefully picked this license after years of development and
-  discussions and a large amount of people have contributed with source code
-  knowing that this is the license we use. This license puts the restrictions
-  we want on curl/libcurl and it does not spread to other programs or
-  libraries that use it. It should be possible for everyone to use libcurl or
-  curl in their projects, no matter what license they already have in use.
-
-  6.7 What are my obligations when using libcurl in my commercial apps?
-
-  Next to none. All you need to adhere to is the MIT-style license (stated in
-  the COPYING file) which basically says you have to include the copyright
-  notice in "all copies" and that you may not use the copyright holder's name
-  when promoting your software.
-
-  You do not have to release any of your source code.
-
-  You do not have to reveal or make public any changes to the libcurl source
-  code.
-
-  You do not have to broadcast to the world that you are using libcurl within
-  your app.
-
-  All we ask is that you disclose "the copyright notice and this permission
-  notice" somewhere. Most probably like in the documentation or in the section
-  where other third party dependencies already are mentioned and acknowledged.
-
-  As can be seen here: https://curl.se/docs/companies.html and elsewhere,
-  more and more companies are discovering the power of libcurl and take
-  advantage of it even in commercial environments.
-
-
-7. PHP/CURL Issues
-
-  7.1 What is PHP/CURL?
-
-  The module for PHP that makes it possible for PHP programs to access curl-
-  functions from within PHP.
-
-  In the curl project we call this module PHP/CURL to differentiate it from
-  curl the command line tool and libcurl the library. The PHP team however
-  does not refer to it like this (for unknown reasons). They call it plain
-  CURL (often using all caps) or sometimes ext/curl, but both cause much
-  confusion to users which in turn gives us a higher question load.
-
-  7.2 Who wrote PHP/CURL?
-
-  PHP/CURL was initially written by Sterling Hughes.
-
-  7.3 Can I perform multiple requests using the same handle?
-
-  Yes - at least in PHP version 4.3.8 and later (this has been known to not
-  work in earlier versions, but the exact version when it started to work is
-  unknown to me).
-
-  After a transfer, you just set new options in the handle and make another
-  transfer. This will make libcurl reuse the same connection if it can.
-
-  7.4 Does PHP/CURL have dependencies?
-
-  PHP/CURL is a module that comes with the regular PHP package. It depends on
-  and uses libcurl, so you need to have libcurl installed properly before
-  PHP/CURL can be used.
-
-8. Development
-
- 8.1 Why does curl use C89?
-
- As with everything in curl, there is a history and we keep using what we have
- used before until someone brings up the subject and argues for and works on
- changing it.
-
- We started out using C89 in the 1990s because that was the only way to write
- a truly portable C program and have it run as widely as possible. C89 was for
- a long time even necessary to make things work on otherwise considered modern
- platforms such as Windows. Today, we do not really know how many users that
- still require the use of a C89 compiler.
-
- We will continue to use C89 for as long as nobody brings up a strong enough
- reason for us to change our minds. The core developers of the project do not
- feel restricted by this and we are not convinced that going C99 will offer us
- enough of a benefit to warrant the risk of cutting off a share of users.
-
- 8.2 Will curl be rewritten?
-
- In one go: no. Little by little over time? Maybe.
-
- Over the years, new languages and clever operating environments come and go.
- Every now and then the urge apparently arises to request that we rewrite curl
- in another language.
-
- Some the most important properties in curl are maintaining the API and ABI
- for libcurl and keeping the behavior for the command line tool. As long as we
- can do that, everything else is up for discussion. To maintain the ABI, we
- probably have to maintain a certain amount of code in C, and to remain rock
- stable, we will never risk anything by rewriting a lot of things in one go.
- That said, we can certainly offer more and more optional backends written in
- other languages, as long as those backends can be plugged in at build-time.
- Backends can be written in any language, but should probably provide APIs
- usable from C to ease integration and transition.
diff --git a/docs/FAQ.md b/docs/FAQ.md
new file mode 100644
index 0000000000..ffef644418
--- /dev/null
+++ b/docs/FAQ.md
@@ -0,0 +1,1432 @@
+
+
+# Frequently Asked Questions
+
+# Philosophy
+
+## What is curl?
+
+curl is the name of the project. The name is a play on *Client for URLs*,
+originally with URL spelled in uppercase to make it obvious it deals with
+URLs. The fact it can also be read as *see URL* also helped, it works as an
+abbreviation for *Client URL Request Library* or why not the recursive
+version: *curl URL Request Library*.
+
+The curl project produces two products:
+
+### libcurl
+
+A client-side URL transfer library, supporting DICT, FILE, FTP, FTPS, GOPHER,
+GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP,
+RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS.
+
+libcurl supports HTTPS certificates, HTTP POST, HTTP PUT, FTP uploading,
+Kerberos, SPNEGO, HTTP form based upload, proxies, cookies, user+password
+authentication, file transfer resume, http proxy tunneling and more.
+
+libcurl is highly portable, it builds and works identically on numerous
+platforms. The [internals document](https://curl.se/docs/install.html#Ports)
+lists more than 110 operating systems and 28 CPU architectures on which curl
+has been reported to run.
+
+libcurl is free, thread-safe, IPv6 compatible, feature rich, well supported
+and fast.
+
+### curl
+
+A command line tool for getting or sending data using URL syntax.
+
+Since curl uses libcurl, curl supports the same wide range of common Internet
+protocols that libcurl does.
+
+We pronounce curl with an initial k sound. It rhymes with words like girl and
+earl. [This is a short WAV
+file](https://media.merriam-webster.com/soundc11/c/curl0001.wav) to help you.
+
+There are numerous sub-projects and related projects that also use the word
+curl in the project names in various combinations, but you should take notice
+that this FAQ is directed at the command-line tool named curl (and libcurl the
+library), and may therefore not be valid for other curl-related projects.
+(There is however a small section for the PHP/CURL in this FAQ.)
+
+## What is libcurl?
+
+libcurl is a reliable and portable library for doing Internet data transfers
+using one or more of its supported Internet protocols.
+
+You can use libcurl freely in your application, be it open source, commercial
+or closed-source.
+
+libcurl is most probably the most portable, most powerful and most often used
+C-based multi-platform file transfer library on this planet - be it open
+source or commercial.
+
+## What is curl not?
+
+curl is not a Wget clone. That is a common misconception. Never, during curl's
+development, have we intended curl to replace Wget or compete on its market.
+curl is targeted at single-shot file transfers.
+
+curl is not a website mirroring program. If you want to use curl to mirror
+something: fine, go ahead and write a script that wraps around curl or use
+libcurl to make it reality.
+
+curl is not an FTP site mirroring program. Sure, get and send FTP with curl
+but if you want systematic and sequential behavior you should write a script
+(or write a new program that interfaces libcurl) and do it.
+
+curl is not a PHP tool, even though it works perfectly well when used from or
+with PHP (when using the PHP/CURL module).
+
+curl is not a program for a single operating system. curl exists, compiles,
+builds and runs under a wide range of operating systems, including all modern
+Unixes (and a bunch of older ones too), Windows, Amiga, OS/2, macOS, QNX etc.
+
+## When will you make curl do ... ?
+
+We love suggestions of what to change in order to make curl and libcurl
+better. We do however believe in a few rules when it comes to the future of
+curl:
+
+curl the command line tool is to remain a non-graphical command line tool. If
+you want GUIs or fancy scripting capabilities, you should look for another
+tool that uses libcurl.
+
+We do not add things to curl that other small and available tools already do
+well at the side. curl's output can be piped into another program or
+redirected to another file for the next program to interpret.
+
+We focus on protocol related issues and improvements. If you want to do more
+magic with the supported protocols than curl currently does, chances are good
+we will agree. If you want to add more protocols, we may agree.
+
+If you want someone else to do all the work while you wait for us to implement
+it for you, that is not a friendly attitude. We spend a considerable time
+already on maintaining and developing curl. In order to get more out of us,
+you should consider trading in some of your time and effort in return. Simply
+go to the [GitHub repository](https://github.com/curl/curl), fork the project,
+and create pull requests with your proposed changes.
+
+If you write the code, chances are better that it will get into curl faster.
+
+## Who makes curl?
+
+curl and libcurl are not made by any single individual. Daniel Stenberg is
+project leader and main developer, but other persons' submissions are
+important and crucial. Anyone can contribute and post their changes and
+improvements and have them inserted in the main sources (of course on the
+condition that developers agree that the fixes are good).
+
+The full list of all contributors is found in the docs/THANKS file.
+
+curl is developed by a community, with Daniel at the wheel.
+
+## What do you get for making curl?
+
+Project curl is entirely free and open. We do this voluntarily, mostly in our
+spare time. Companies may pay individual developers to work on curl. This is
+not controlled by nor supervised in any way by the curl project.
+
+We get help from companies. Haxx provides website, bandwidth, mailing lists
+etc, GitHub hosts [the primary git repository](https://github.com/curl/curl)
+and other services like the bug tracker. Also again, some companies have
+sponsored certain parts of the development in the past and I hope some will
+continue to do so in the future.
+
+If you want to [support our project](https://curl.se/sponsors.html), consider
+a donation or a banner-program or even better: by helping us with coding,
+documenting or testing etc.
+
+## What about CURL from curl.com?
+
+During the summer of 2001, curl.com was busy advertising their client-side
+programming language for the web, named CURL.
+
+We are in no way associated with curl.com or their CURL programming language.
+
+Our project name curl has been in effective use since 1998. We were not the
+first computer related project to use the name *curl* and do not claim any
+rights to the name.
+
+We recognize that we will be living in parallel with curl.com and wish them
+every success.
+
+## I have a problem, who do I mail?
+
+Please do not mail any single individual unless you really need to. Keep
+curl-related questions on a suitable mailing list. All available mailing lists
+are listed [online](https://curl.se/mail/).
+
+Keeping curl-related questions and discussions on mailing lists allows others
+to join in and help, to share their ideas, to contribute their suggestions and
+to spread their wisdom. Keeping discussions on public mailing lists also
+allows for others to learn from this (both current and future users thanks to
+the web based archives of the mailing lists), thus saving us from having to
+repeat ourselves even more. Thanks for respecting this.
+
+If you have found or simply suspect a security problem in curl or libcurl,
+submit all the details at [HackerOne](https://hackerone.com/curl). On there we
+keep the issue private while we investigate, confirm it, work and validate a
+fix and agree on a time schedule for publication etc. That way we produce a
+fix in a timely manner before the flaw is announced to the world, reducing the
+impact the problem risks having on existing users.
+
+Security issues can also be taking to the curl security team by emailing
+security at curl.se (closed list of receivers, mails are not disclosed).
+
+## Where do I buy commercial support for curl?
+
+curl is fully open source. It means you can hire any skilled engineer to fix
+your curl-related problems.
+
+We list [available alternatives](https://curl.se/support.html).
+
+## How many are using curl?
+
+It is impossible to tell.
+
+We do not know how many users that knowingly have installed and use curl.
+
+We do not know how many users that use curl without knowing that they are in
+fact using it.
+
+We do not know how many users that downloaded or installed curl and then never
+use it.
+
+In 2025, we estimate that curl runs in roughly thirty billion installations
+world wide.
+
+## Why do you not update ca-bundle.crt
+
+In the curl project we have decided not to attempt to keep this file updated
+(or even present) since deciding what to add to a ca cert bundle is an
+undertaking we have not been ready to accept, and the one we can get from
+Mozilla is perfectly fine so there is no need to duplicate that work.
+
+Today, with many services performed over HTTPS, every operating system should
+come with a default ca cert bundle that can be deemed somewhat trustworthy and
+that collection (if reasonably updated) should be deemed to be a lot better
+than a private curl version.
+
+If you want the most recent collection of ca certs that Mozilla Firefox uses,
+we recommend that using our online [CA certificate
+service](https://curl.se/docs/caextract.html) setup for this purpose.
+
+## I have a problem who, can I chat with?
+
+There is a bunch of friendly people hanging out in the #curl channel on the
+IRC network libera.chat. If you are polite and nice, chances are good that you
+can get -- or provide -- help instantly.
+
+## curl's ECCN number?
+
+The US government restricts exports of software that contains or uses
+cryptography. When doing so, the Export Control Classification Number (ECCN)
+is used to identify the level of export control etc.
+
+Apache Software Foundation has [a good explanation of
+ECCN](https://www.apache.org/dev/crypto.html).
+
+We believe curl's number might be ECCN 5D002, another possibility is 5D992. It
+seems necessary to write them (the authority that administers ECCN numbers),
+asking to confirm.
+
+Comprehensible explanations of the meaning of such numbers and how to obtain
+them (resp.) are [here](https://www.bis.gov/licensing/classify-your-item)
+and [here](https://www.bis.gov/licensing/classify-your-item/publicly-available-classification-information).
+
+An incomprehensible description of the two numbers above is available on
+[bis.doc.gov](https://www.bis.doc.gov/index.php/documents/new-encryption/1653-ccl5-pt2-3)
+
+## How do I submit my patch?
+
+We strongly encourage you to submit changes and improvements directly as [pull
+requests on GitHub](https://github.com/curl/curl/pulls).
+
+If you for any reason cannot or will not deal with GitHub, send your patch to
+the curl-library mailing list. We are many subscribers there and there are
+lots of people who can review patches, comment on them and receive them
+properly.
+
+Lots of more details are found in the
+[contribute](https://curl.se/dev/contribute.html) and
+[internals](https://curl.se/dev/internals.html)
+documents.
+
+## How do I port libcurl to my OS?
+
+Here's a rough step-by-step:
+
+1. copy a suitable lib/config-*.h file as a start to `lib/config-[youros].h`
+2. edit `lib/config-[youros].h` to match your OS and setup
+3. edit `lib/curl_setup.h` to include `config-[youros].h` when your OS is
+   detected by the preprocessor, in the style others already exist
+4. compile `lib/*.c` and make them into a library
+
+# Install
+
+## configure fails when using static libraries
+
+You may find that configure fails to properly detect the entire dependency
+chain of libraries when you provide static versions of the libraries that
+configure checks for.
+
+The reason why static libraries is much harder to deal with is that for them
+we do not get any help but the script itself must know or check what more
+libraries that are needed (with shared libraries, that dependency chain is
+handled automatically). This is an error-prone process and one that also tends
+to vary over time depending on the release versions of the involved components
+and may also differ between operating systems.
+
+For that reason, configure does few attempts to actually figure this out and
+you are instead encouraged to set `LIBS` and `LDFLAGS` accordingly when you invoke
+configure, and point out the needed libraries and set the necessary flags
+yourself.
+
+## Does curl work with other SSL libraries?
+
+curl has been written to use a generic SSL function layer internally, and
+that SSL functionality can then be provided by one out of many different SSL
+backends.
+
+curl can be built to use one of the following SSL alternatives: OpenSSL,
+LibreSSL, BoringSSL, AWS-LC, GnuTLS, wolfSSL, mbedTLS, Schannel (native
+Windows) or Rustls. They all have their pros and cons, and we maintain [a TLS
+library comparison](https://curl.se/docs/ssl-compared.html).
+
+## How do I upgrade curl.exe in Windows?
+
+The curl tool that is shipped as an integrated component of Windows 10 and
+Windows 11 is managed by Microsoft. If you were to delete the file or replace
+it with a newer version downloaded from [the curl
+website](https://curl.se/windows), then Windows Update will cease to work on
+your system.
+
+There is no way to independently force an upgrade of the curl.exe that is part
+of Windows other than through the regular Windows update process. There is
+also nothing the curl project itself can do about this, since this is managed
+and controlled entirely by Microsoft as owners of the operating system.
+
+You can always download and install [the latest version of curl for
+Windows](https://curl.se/windows) into a separate location.
+
+## Does curl support SOCKS (RFC 1928) ?
+
+Yes, SOCKS 4 and 5 are supported.
+
+# Usage
+
+## curl: (1) SSL is disabled, https: not supported
+
+If you get this output when trying to get anything from an HTTPS server, it
+means that the instance of curl/libcurl that you are using was built without
+support for this protocol.
+
+This could have happened if the configure script that was run at build time
+could not find all libs and include files curl requires for SSL to work. If
+the configure script fails to find them, curl is simply built without SSL
+support.
+
+To get HTTPS support into a curl that was previously built but that reports
+that HTTPS is not supported, you should dig through the document and logs and
+check out why the configure script does not find the SSL libs and/or include
+files.
+
+## How do I tell curl to resume a transfer?
+
+curl supports resumed transfers both ways on both FTP and HTTP. Try the `-C`
+option.
+
+## Why does my posting using -F not work?
+
+You cannot arbitrarily use `-F` or `-d`, the choice between `-F` or `-d`
+depends on the HTTP operation you need curl to do and what the web server that
+will receive your post expects.
+
+If the form you are trying to submit uses the type 'multipart/form-data',
+then and only then you must use the -F type. In all the most common cases,
+you should use `-d` which then causes a posting with the type
+`application/x-www-form-urlencoded`.
+
+This is described in some detail in the
+[Manual](https://curl.se/docs/tutorial.html) and [The Art Of HTTP
+Scripting](https://curl.se/docs/httpscripting.html) documents, and if you do
+not understand it the first time, read it again before you post questions
+about this to the mailing list. Also, try reading through the mailing list
+archives for old postings and questions regarding this.
+
+## How do I tell curl to run custom FTP commands?
+
+You can tell curl to perform optional commands both before and/or after a file
+transfer. Study the `-Q`/`--quote` option.
+
+Since curl is used for file transfers, you do not normally use curl to perform
+FTP commands without transferring anything. Therefore you must always specify
+a URL to transfer to/from even when doing custom FTP commands, or use `-I`
+which implies the *no body*" option sent to libcurl.
+
+## How can I disable the Accept: header?
+
+You can change this and all internally generated headers by adding a
+replacement with the `-H`/`--header` option. By adding a header with empty
+contents you safely disable that one. Use `-H Accept:` to disable that
+specific header.
+
+## Does curl support ASP, XML, XHTML or HTML version Y?
+
+To curl, all contents are alike. It does not matter how the page was
+generated. It may be ASP, PHP, Perl, shell-script, SSI or plain HTML
+files. There is no difference to curl and it does not even know what kind of
+language that generated the page.
+
+See also the separate question about JavaScript.
+
+## Can I use curl to delete/rename a file through FTP?
+
+Yes. You specify custom FTP commands with `-Q`/`--quote`.
+
+One example would be to delete a file after you have downloaded it:
+
+    curl -O ftp://example.com/coolfile -Q '-DELE coolfile'
+
+or rename a file after upload:
+
+    curl -T infile ftp://example.com/dir/ -Q "-RNFR infile" -Q "-RNTO newname"
+
+## How do I tell curl to follow HTTP redirects?
+
+curl does not follow so-called redirects by default. The `Location:` header that
+informs the client about this is only interpreted if you are using the
+`-L`/`--location` option. As in:
+
+    curl -L https://example.com
+
+Not all redirects are HTTP ones. See [Redirects work in browser but not with
+curl](#redirects-work-in-browser-but-not-with-curl)
+
+## How do I use curl in my favorite programming language?
+
+Many programming languages have interfaces and bindings that allow you to use
+curl without having to use the command line tool. If you are fluent in such a
+language, you may prefer to use one of these interfaces instead.
+
+Find out more about which languages that support curl directly, and how to
+install and use them, in the [libcurl section of the curl
+website](https://curl.se/libcurl/).
+
+All the various bindings to libcurl are made by other projects and people,
+outside of the curl project. The curl project itself only produces libcurl
+with its plain C API. If you do not find anywhere else to ask you can ask
+about bindings on the curl-library list too, but be prepared that people on
+that list may not know anything about bindings.
+
+In December 2025 there were around **60** different [interfaces
+available](https://curl.se/libcurl/bindings.html) for just about all the
+languages you can imagine.
+
+## What about SOAP, WebDAV, XML-RPC or similar protocols over HTTP?
+
+curl adheres to the HTTP spec, which basically means you can play with *any*
+protocol that is built on top of HTTP. Protocols such as SOAP, WebDAV and
+XML-RPC are all such ones. You can use `-X` to set custom requests and -H to
+set custom headers (or replace internally generated ones).
+
+Using libcurl is of course just as good and you would just use the proper
+library options to do the same.
+
+## How do I POST with a different Content-Type?
+
+You can always replace the internally generated headers with `-H`/`--header`.
+To make a simple HTTP POST with `text/xml` as content-type, do something like:
+
+    curl -d "datatopost" -H "Content-Type: text/xml" [URL]
+
+## Why do FTP-specific features over HTTP proxy fail?
+
+Because when you use an HTTP proxy, the protocol spoken on the network will be
+HTTP, even if you specify an FTP URL. This effectively means that you normally
+cannot use FTP-specific features such as FTP upload and FTP quote etc.
+
+There is one exception to this rule, and that is if you can *tunnel through*
+the given HTTP proxy. Proxy tunneling is enabled with a special option (`-p`)
+and is generally not available as proxy admins usually disable tunneling to
+ports other than 443 (which is used for HTTPS access through proxies).
+
+## Why do my single/double quotes fail?
+
+To specify a command line option that includes spaces, you might need to put
+the entire option within quotes. Like in:
+
+    curl -d " with spaces " example.com
+
+or perhaps
+
+    curl -d ' with spaces ' example.com
+
+Exactly what kind of quotes and how to do this is entirely up to the shell or
+command line interpreter that you are using. For most Unix shells, you can
+more or less pick either single (`'`) or double (`"`) quotes. For Windows/DOS
+command prompts you must use double (") quotes, and if the option string
+contains inner double quotes you can escape them with a backslash.
+
+For Windows PowerShell the arguments are not always passed on as expected
+because curl is not a PowerShell script. You may or may not be able to use
+single quotes. To escape inner double quotes seems to require a
+backslash-backtick escape sequence and the outer quotes as double quotes.
+
+Please study the documentation for your particular environment. Examples in
+the curl docs will use a mix of both of these as shown above. You must adjust
+them to work in your environment.
+
+Remember that curl works and runs on more operating systems than most single
+individuals have ever tried.
+
+## Does curl support JavaScript or PAC (automated proxy config)?
+
+Many webpages do magic stuff using embedded JavaScript. curl and libcurl have
+no built-in support for that, so it will be treated just like any other
+contents.
+
+`.pac` files are a Netscape invention and are sometimes used by organizations
+to allow them to differentiate which proxies to use. The `.pac` contents is
+just a JavaScript program that gets invoked by the browser and that returns
+the name of the proxy to connect to. Since curl does not support JavaScript,
+it cannot support .pac proxy configuration either.
+
+Some workarounds usually suggested to overcome this JavaScript dependency:
+
+Depending on the JavaScript complexity, write up a script that translates it
+to another language and execute that.
+
+Read the JavaScript code and rewrite the same logic in another language.
+
+Implement a JavaScript interpreter, people have successfully used the
+Mozilla JavaScript engine in the past.
+
+Ask your admins to stop this, for a static proxy setup or similar.
+
+## Can I do recursive fetches with curl?
+
+No. curl itself has no code that performs recursive operations, such as those
+performed by Wget and similar tools.
+
+There exists curl using scripts with that functionality, and you can write
+programs based on libcurl to do it, but the command line tool curl itself
+cannot.
+
+## What certificates do I need when I use SSL?
+
+There are three different kinds of certificates to keep track of when we talk
+about using SSL-based protocols (HTTPS or FTPS) using curl or libcurl.
+
+### Client certificate
+
+The server you communicate with may require that you can provide this in
+order to prove that you actually are who you claim to be. If the server
+does not require this, you do not need a client certificate.
+
+A client certificate is always used together with a private key, and the
+private key has a passphrase that protects it.
+
+### Server certificate
+
+The server you communicate with has a server certificate. You can and should
+verify this certificate to make sure that you are truly talking to the real
+server and not a server impersonating it.
+
+Servers often also provide an intermediate certificate. It acts as a bridge
+between a website's SSL certificate and a Certificate Authority's (CA) root
+certificate, creating a "chain of trust".
+
+### Certificate Authority Certificate ("CA cert")
+
+You often have several CA certs in a CA cert bundle that can be used to verify
+a server certificate that was signed by one of the authorities in the bundle.
+curl does not come with a CA cert bundle but most curl installs provide one.
+You can also override the default.
+
+Server certificate verification is enabled by default in curl and libcurl.
+Server certificates that are *self-signed* or otherwise signed by a CA that
+you do not have a CA cert for, cannot be verified. If the verification during
+a connect fails, you are refused access. You then might have to explicitly
+disable the verification to connect to the server.
+
+## How do I list the root directory of an FTP server?
+
+There are two ways. The way defined in the RFC is to use an encoded slash in
+the first path part. List the `/tmp` directory like this:
+
+    curl ftp://ftp.example.com/%2ftmp/
+
+or the not-quite-kosher-but-more-readable way, by simply starting the path
+section of the URL with a slash:
+
+    curl ftp://ftp.example.com//tmp/
+
+## Can I use curl to send a POST/PUT and not wait for a response?
+
+No.
+
+You can easily write your own program using libcurl to do such stunts.
+
+## How do I get HTTP from a host using a specific IP address?
+
+For example, you may be trying out a website installation that is not yet in
+the DNS. Or you have a site using multiple IP addresses for a given host
+name and you want to address a specific one out of the set.
+
+Set a custom `Host:` header that identifies the server name you want to reach
+but use the target IP address in the URL:
+
+    curl --header "Host: www.example.com" https://somewhere.example/
+
+You can also opt to add faked hostname entries to curl with the --resolve
+option. That has the added benefit that things like redirects will also work
+properly. The above operation would instead be done as:
+
+    curl --resolve www.example.com:80:127.0.0.1 https://www.example.com/
+
+## How to SFTP from my user's home directory?
+
+Contrary to how FTP works, SFTP and SCP URLs specify the exact directory to
+work with. It means that if you do not specify that you want the user's home
+directory, you get the actual root directory.
+
+To specify a file in your user's home directory, you need to use the correct
+URL syntax which for SFTP might look similar to:
+
+    curl -O -u user:password sftp://example.com/~/file.txt
+
+and for SCP it is just a different protocol prefix:
+
+    curl -O -u user:password scp://example.com/~/file.txt
+
+## Protocol xxx not supported or disabled in libcurl
+
+When passing on a URL to curl to use, it may respond that the particular
+protocol is not supported or disabled. The particular way this error message
+is phrased is because curl does not make a distinction internally of whether a
+particular protocol is not supported (i.e. never got any code added that knows
+how to speak that protocol) or if it was explicitly disabled. curl can be
+built to only support a given set of protocols, and the rest would then be
+disabled or not supported.
+
+Note that this error will also occur if you pass a wrongly spelled protocol
+part as in `htpts://example.com` or as in the less evident case if you prefix
+the protocol part with a space as in `" https://example.com/"`.
+
+## curl `-X` gives me HTTP problems
+
+In normal circumstances, `-X` should hardly ever be used.
+
+By default you use curl without explicitly saying which request method to use
+when the URL identifies an HTTP transfer. If you just pass in a URL like `curl
+https://example.com` it will use GET. If you use `-d` or `-F`, curl will use
+POST, `-I` will cause a HEAD and `-T` will make it a PUT.
+
+If for whatever reason you are not happy with these default choices that curl
+does for you, you can override those request methods by specifying `-X
+[WHATEVER]`. This way you can for example send a DELETE by doing
+`curl -X DELETE [URL]`.
+
+It is thus pointless to do `curl -XGET [URL]` as GET would be used anyway. In
+the same vein it is pointless to do `curl -X POST -d data [URL`. You can make
+a fun and somewhat rare request that sends a request-body in a GET request
+with something like `curl -X GET -d data [URL]`.
+
+Note that `-X` does not actually change curl's behavior as it only modifies
+the actual string sent in the request, but that may of course trigger a
+different set of events.
+
+Accordingly, by using `-XPOST` on a command line that for example would follow
+a 303 redirect, you will effectively prevent curl from behaving correctly. Be
+aware.
+
+# Running
+
+## Why do I get problems when I use & or % in the URL?
+
+In general Unix shells, the & symbol is treated specially and when used, it
+runs the specified command in the background. To safely send the & as a part
+of a URL, you should quote the entire URL by using single (`'`) or double
+(`"`) quotes around it. Similar problems can also occur on some shells with
+other characters, including ?*!$~(){}<>\|;`. When in doubt, quote the URL.
+
+An example that would invoke a remote CGI that uses &-symbols could be:
+
+    curl 'https://www.example.com/cgi-bin/query?text=yes&q=curl'
+
+In Windows, the standard DOS shell treats the percent sign specially and you
+need to use TWO percent signs for each single one you want to use in the URL.
+
+If you want a literal percent sign to be part of the data you pass in a POST
+using `-d`/`--data` you must encode it as `%25` (which then also needs the
+percent sign doubled on Windows machines).
+
+## How can I use {, }, [ or ] to specify multiple URLs?
+
+Because those letters have a special meaning to the shell, to be used in a URL
+specified to curl you must quote them.
+
+An example that downloads two URLs (sequentially) would be:
+
+    curl '{curl,www}.haxx.se'
+
+To be able to use those characters as actual parts of the URL (without using
+them for the curl URL *globbing* system), use the `-g`/`--globoff` option:
+
+    curl -g 'www.example.com/weirdname[].html'
+
+## Why do I get downloaded data even though the webpage does not exist?
+
+curl asks remote servers for the page you specify. If the page does not exist
+at the server, the HTTP protocol defines how the server should respond and
+that means that headers and a page will be returned. That is simply how HTTP
+works.
+
+By using the `--fail` option you can tell curl explicitly to not get any data
+if the HTTP return code does not say success.
+
+## Why do I get return code XXX from an HTTP server?
+
+RFC 2616 clearly explains the return codes. This is a short transcript. Go
+read the RFC for exact details:
+
+### 400 Bad Request
+
+The request could not be understood by the server due to malformed
+syntax. The client SHOULD NOT repeat the request without modifications.
+
+### 401 Unauthorized
+
+The request requires user authentication.
+
+### 403 Forbidden
+
+The server understood the request, but is refusing to fulfill it.
+Authorization will not help and the request SHOULD NOT be repeated.
+
+### 404 Not Found
+
+The server has not found anything matching the Request-URI. No indication is
+given as to whether the condition is temporary or permanent.
+
+### 405 Method Not Allowed
+
+The method specified in the Request-Line is not allowed for the resource
+identified by the Request-URI. The response MUST include an `Allow:` header
+containing a list of valid methods for the requested resource.
+
+### 301 Moved Permanently
+
+If you get this return code and an HTML output similar to this:
+
+    
Moved Permanently
 The document has moved here.
+
+it might be because you requested a directory URL but without the trailing
+slash. Try the same operation again _with_ the trailing URL, or use the
+`-L`/`--location` option to follow the redirection.
+
+## Can you tell me what error code 142 means?
+
+All curl error codes are described at the end of the man page, in the section
+called **EXIT CODES**.
+
+Error codes that are larger than the highest documented error code means that
+curl has exited due to a crash. This is a serious error, and we appreciate a
+detailed bug report from you that describes how we could go ahead and repeat
+this.
+
+## How do I keep usernames and passwords secret in curl command lines?
+
+This problem has two sides:
+
+The first part is to avoid having clear-text passwords in the command line so
+that they do not appear in *ps* outputs and similar. That is easily avoided by
+using the `-K` option to tell curl to read parameters from a file or stdin to
+which you can pass the secret info. curl itself will also attempt to hide the
+given password by blanking out the option - this does not work on all
+platforms.
+
+To keep the passwords in your account secret from the rest of the world is
+not a task that curl addresses. You could of course encrypt them somehow to
+at least hide them from being read by human eyes, but that is not what
+anyone would call security.
+
+Also note that regular HTTP (using Basic authentication) and FTP passwords are
+sent as cleartext across the network. All it takes for anyone to fetch them is
+to listen on the network. Eavesdropping is easy. Use more secure
+authentication methods (like Digest, Negotiate or even NTLM) or consider the
+SSL-based alternatives HTTPS and FTPS.
+
+## I found a bug
+
+It is not a bug if the behavior is documented. Read the docs first. Especially
+check out the KNOWN_BUGS file, it may be a documented bug.
+
+If it is a problem with a binary you have downloaded or a package for your
+particular platform, try contacting the person who built the package/archive
+you have.
+
+If there is a bug, read the BUGS document first. Then report it as described
+in there.
+
+## curl cannot authenticate to a server that requires NTLM?
+
+NTLM support requires OpenSSL, GnuTLS, mbedTLS or Microsoft Windows libraries
+at build-time to provide this functionality.
+
+## My HTTP request using HEAD, PUT or DELETE does not work
+
+Many web servers allow or demand that the administrator configures the server
+properly for these requests to work on the web server.
+
+Some servers seem to support HEAD only on certain kinds of URLs.
+
+To fully grasp this, try the documentation for the particular server software
+you are trying to interact with. This is not anything curl can do anything
+about.
+
+## Why do my HTTP range requests return the full document?
+
+Because the range may not be supported by the server, or the server may choose
+to ignore it and return the full document anyway.
+
+## Why do I get "certificate verify failed" ?
+
+When you invoke curl and get an error 60 error back it means that curl could
+not verify that the server's certificate was good. curl verifies the
+certificate using the CA cert bundle and verifying for which names the
+certificate has been granted.
+
+To completely disable the certificate verification, use `-k`. This does
+however enable man-in-the-middle attacks and makes the transfer **insecure**.
+We strongly advise against doing this for more than experiments.
+
+If you get this failure with a CA cert bundle installed and used, the server's
+certificate might not be signed by one of the certificate authorities in your
+CA store. It might for example be self-signed. You then correct this problem
+by obtaining a valid CA cert for the server. Or again, decrease the security
+by disabling this check.
+
+At times, you find that the verification works in your favorite browser but
+fails in curl. When this happens, the reason is usually that the server sends
+an incomplete cert chain. The server is mandated to send all *intermediate
+certificates* but does not. This typically works with browsers anyway since
+they A) cache such certs and B) supports AIA which downloads such missing
+certificates on demand. This is a bad server configuration. A good way to
+figure out if this is the case it to use [the SSL Labs
+server](https://www.ssllabs.com/ssltest/) test and check the certificate
+chain.
+
+Details are also in [the SSL certificates
+document](https://curl.se/docs/sslcerts.html).
+
+
+## Why is curl -R on Windows one hour off?
+
+Since curl 7.53.0 this issue should be fixed as long as curl was built with
+any modern compiler that allows for a 64-bit curl_off_t type. For older
+compilers or prior curl versions it may set a time that appears one hour off.
+This happens due to a flaw in how Windows stores and uses file modification
+times and it is not easily worked around. For more details [read
+this](https://www.codeproject.com/articles/Beating-the-Daylight-Savings-Time-Bug-and-Getting#comments-section).
+
+## Redirects work in browser but not with curl
+
+curl supports HTTP redirects well (see a previous question above). Browsers
+generally support at least two other ways to perform redirects that curl does
+not:
+
+Meta tags. You can write an HTML tag that will cause the browser to redirect
+to another given URL after a certain time.
+
+JavaScript. You can write a JavaScript program embedded in an HTML page that
+redirects the browser to another given URL.
+
+There is no way to make curl follow these redirects. You must either manually
+figure out what the page is set to do, or write a script that parses the
+results and fetches the new URL.
+
+## FTPS does not work
+
+curl supports FTPS (sometimes known as FTP-SSL) both implicit and explicit
+mode.
+
+When a URL is used that starts with `FTPS://`, curl assumes implicit SSL on
+the control connection and will therefore immediately connect and try to speak
+SSL. `FTPS://` connections default to port 990.
+
+To use explicit FTPS, you use an `FTP://` URL and the `--ssl-reqd` option (or
+one of its related flavors). This is the most common method, and the one
+mandated by RFC 4217. This kind of connection will then of course use the
+standard FTP port 21 by default.
+
+## My HTTP POST or PUT requests are slow
+
+libcurl makes all POST and PUT requests (except for requests with a small
+request body) use the `Expect: 100-continue` header. This header allows the
+server to deny the operation early so that libcurl can bail out before having
+to send any data. This is useful in authentication cases and others.
+
+However, many servers do not implement the `Expect:` stuff properly and if the
+server does not respond (positively) within 1 second libcurl will continue and
+send off the data anyway.
+
+You can disable libcurl's use of the `Expect:` header the same way you disable
+any header, using `-H` / `CURLOPT_HTTPHEADER`, or by forcing it to use HTTP
+1.0.
+
+## Non-functional connect timeouts
+
+In most Windows setups having a timeout longer than 21 seconds make no
+difference, as it will only send 3 TCP SYN packets and no more. The second
+packet sent three seconds after the first and the third six seconds after
+the second. No more than three packets are sent, no matter how long the
+timeout is set.
+
+See option `TcpMaxConnectRetransmissions` on [this
+page](https://support.microsoft.com/bg-bg/topic/hotfix-enables-the-configuration-of-the-tcp-maximum-syn-retransmission-amount-in-windows-7-or-windows-server-2008-r2-1b6f8352-2c5f-58bb-ead7-2cf021407c8e).
+
+Also, even on non-Windows systems there may run a firewall or anti-virus
+software or similar that accepts the connection but does not actually do
+anything else. This will make (lib)curl to consider the connection connected
+and thus the connect timeout will not trigger.
+
+## file:// URLs containing drive letters (Windows, NetWare)
+
+When using curl to try to download a local file, one might use a URL in this
+format:
+
+    file://D:/blah.txt
+
+you will find that even if `D:\blah.txt` does exist, curl returns a 'file not
+found' error.
+
+According to [RFC 1738](https://www.ietf.org/rfc/rfc1738.txt), `file://` URLs
+must contain a host component, but it is ignored by most implementations. In
+the above example, `D:` is treated as the host component, and is taken away.
+Thus, curl tries to open `/blah.txt`. If your system is installed to drive C:,
+that will resolve to `C:\blah.txt`, and if that does not exist you will get
+the not found error.
+
+To fix this problem, use `file://` URLs with *three* leading slashes:
+
+    file:///D:/blah.txt
+
+Alternatively, if it makes more sense, specify `localhost` as the host
+component:
+
+    file://localhost/D:/blah.txt
+
+In either case, curl should now be looking for the correct file.
+
+## Why does not curl return an error when the network cable is unplugged?
+
+Unplugging a cable is not an error situation. The TCP/IP protocol stack was
+designed to be fault tolerant, so even though there may be a physical break
+somewhere the connection should not be affected, just possibly delayed.
+Eventually, the physical break will be fixed or the data will be re-routed
+around the physical problem through another path.
+
+In such cases, the TCP/IP stack is responsible for detecting when the network
+connection is irrevocably lost. Since with some protocols it is perfectly
+legal for the client to wait indefinitely for data, the stack may never report
+a problem, and even when it does, it can take up to 20 minutes for it to
+detect an issue. The curl option `--keepalive-time` enables keep-alive support
+in the TCP/IP stack which makes it periodically probe the connection to make
+sure it is still available to send data. That should reliably detect any
+TCP/IP network failure.
+
+TCP keep alive will not detect the network going down before the TCP/IP
+connection is established (e.g. during a DNS lookup) or using protocols that
+do not use TCP. To handle those situations, curl offers a number of timeouts
+on its own. `--speed-limit`/`--speed-time` will abort if the data transfer
+rate falls too low, and `--connect-timeout` and `--max-time` can be used to
+put an overall timeout on the connection phase or the entire transfer.
+
+A libcurl-using application running in a known physical environment (e.g. an
+embedded device with only a single network connection) may want to act
+immediately if its lone network connection goes down. That can be achieved by
+having the application monitor the network connection on its own using an
+OS-specific mechanism, then signaling libcurl to abort.
+
+## curl does not return error for HTTP non-200 responses
+
+Correct. Unless you use `-f` (`--fail`) or `--fail-with-body`.
+
+When doing HTTP transfers, curl will perform exactly what you are asking it to
+do and if successful it will not return an error. You can use curl to test
+your web server's "file not found" page (that gets 404 back), you can use it
+to check your authentication protected webpages (that gets a 401 back) and so
+on.
+
+The specific HTTP response code does not constitute a problem or error for
+curl. It simply sends and delivers HTTP as you asked and if that worked,
+everything is fine and dandy. The response code is generally providing more
+higher level error information that curl does not care about. The error was
+not in the HTTP transfer.
+
+If you want your command line to treat error codes in the 400 and up range as
+errors and thus return a non-zero value and possibly show an error message,
+curl has a dedicated option for that: `-f` (`CURLOPT_FAILONERROR` in libcurl
+speak).
+
+You can also use the `-w` option and the variable `%{response_code}` to
+extract the exact response code that was returned in the response.
+
+# libcurl
+
+## Is libcurl thread-safe?
+
+Yes.
+
+We have written the libcurl code specifically adjusted for multi-threaded
+programs. libcurl will use thread-safe functions instead of non-safe ones if
+your system has such. Note that you must never share the same handle in
+multiple threads.
+
+There may be some exceptions to thread safety depending on how libcurl was
+built. Please review [the guidelines for thread
+safety](https://curl.se/libcurl/c/threadsafe.html) to learn more.
+
+## How can I receive all data into a large memory chunk?
+
+(See the [get in memory](https://curl.se/libcurl/c/getinmemory.html) example.)
+
+You are in full control of the callback function that gets called every time
+there is data received from the remote server. You can make that callback do
+whatever you want. You do not have to write the received data to a file.
+
+One solution to this problem could be to have a pointer to a struct that you
+pass to the callback function. You set the pointer using the CURLOPT_WRITEDATA
+option. Then that pointer will be passed to the callback instead of a FILE *
+to a file:
+
+~~~c
+/* store data this struct */
+struct MemoryStruct {
+  char *memory;
+  size_t size;
+};
+
+/* imaginary callback function */
+size_t
+WriteMemoryCallback(void *ptr, size_t size, size_t nmemb, void *data)
+{
+  size_t realsize = size * nmemb;
+  struct MemoryStruct *mem = (struct MemoryStruct *)data;
+
+  mem->memory = (char *)realloc(mem->memory, mem->size + realsize + 1);
+  if(mem->memory) {
+    memcpy(&(mem->memory[mem->size]), ptr, realsize);
+    mem->size += realsize;
+    mem->memory[mem->size] = 0;
+  }
+  return realsize;
+}
+~~~
+
+## How do I fetch multiple files with libcurl?
+
+libcurl has excellent support for transferring multiple files. You should just
+repeatedly set new URLs with `curl_easy_setopt()` and then transfer it with
+`curl_easy_perform()`. The handle you get from curl_easy_init() is not only
+reusable, but you are even encouraged to reuse it if you can, as that will
+enable libcurl to use persistent connections.
+
+## Does libcurl do Winsock initialization on Win32 systems?
+
+Yes, if told to in the `curl_global_init()` call.
+
+## Does CURLOPT_WRITEDATA and CURLOPT_READDATA work on Win32 ?
+
+Yes, but you cannot open a FILE * and pass the pointer to a DLL and have that
+DLL use the FILE * (as the DLL and the client application cannot access each
+others' variable memory areas). If you set `CURLOPT_WRITEDATA` you must also use
+`CURLOPT_WRITEFUNCTION` as well to set a function that writes the file, even if
+that simply writes the data to the specified FILE *. Similarly, if you use
+`CURLOPT_READDATA` you must also specify `CURLOPT_READFUNCTION`.
+
+## What about Keep-Alive or persistent connections?
+
+curl and libcurl have excellent support for persistent connections when
+transferring several files from the same server. curl will attempt to reuse
+connections for all URLs specified on the same command line/config file, and
+libcurl will reuse connections for all transfers that are made using the same
+libcurl handle.
+
+When you use the easy interface the connection cache is kept within the easy
+handle. If you instead use the multi interface, the connection cache will be
+kept within the multi handle and will be shared among all the easy handles
+that are used within the same multi handle.
+
+## Link errors when building libcurl on Windows
+
+You need to make sure that your project, and all the libraries (both static
+and dynamic) that it links against, are compiled/linked against the same run
+time library.
+
+This is determined by the `/MD`, `/ML`, `/MT` (and their corresponding `/M?d`)
+options to the command line compiler. `/MD` (linking against `MSVCRT.dll`)
+seems to be the most commonly used option.
+
+When building an application that uses the static libcurl library, you must
+add `-DCURL_STATICLIB` to your `CFLAGS`. Otherwise the linker will look for
+dynamic import symbols. If you are using Visual Studio, you need to instead
+add `CURL_STATICLIB` in the "Preprocessor Definitions" section.
+
+If you get a linker error like `unknown symbol __imp__curl_easy_init ...` you
+have linked against the wrong (static) library. If you want to use the
+libcurl.dll and import lib, you do not need any extra `CFLAGS`, but use one of
+the import libraries below. These are the libraries produced by the various
+lib/Makefile.* files:
+
+| Target         | static lib     | import lib for DLL |
+|----------------|----------------|--------------------|
+| MinGW          | `libcurl.a`    | `libcurldll.a`     |
+| MSVC (release) | `libcurl.lib`  | `libcurl_imp.lib`  |
+| MSVC (debug)   | `libcurld.lib` | `libcurld_imp.lib` |
+
+## libcurl.so.X: open failed: No such file or directory
+
+This is an error message you might get when you try to run a program linked
+with a shared version of libcurl and your runtime linker (`ld.so`) could not
+find the shared library named `libcurl.so.X`. (Where X is the number of the
+current libcurl ABI, typically 3 or 4).
+
+You need to make sure that `ld.so` finds `libcurl.so.X`. You can do that
+multiple ways, and it differs somewhat between different operating systems.
+They are usually:
+
+* Add an option to the linker command line that specify the hard-coded path
+  the runtime linker should check for the lib (usually `-R`)
+* Set an environment variable (`LD_LIBRARY_PATH` for example) where `ld.so`
+  should check for libs
+* Adjust the system's config to check for libs in the directory where you have
+  put the library (like Linux's `/etc/ld.so.conf`)
+
+`man ld.so` and`'man ld` will tell you more details
+
+## How does libcurl resolve hostnames?
+
+libcurl supports a large number of name resolve functions. One of them is
+picked at build-time and will be used unconditionally. Thus, if you want to
+change name resolver function you must rebuild libcurl and tell it to use a
+different function.
+
+### The non-IPv6 resolver
+
+The non-IPv6 resolver that can use one of four different hostname resolve
+calls depending on what your system supports:
+
+1. gethostbyname()
+2. gethostbyname_r() with 3 arguments
+3. gethostbyname_r() with 5 arguments
+4. gethostbyname_r() with 6 arguments
+
+### The IPv6 resolver
+
+Uses getaddrinfo()
+
+### The cares resolver
+
+The c-ares based name resolver that uses the c-ares library for resolves.
+Using this offers asynchronous name resolves.
+
+## The threaded resolver
+
+It uses the IPv6 or the non-IPv6 resolver solution in a temporary thread.
+
+## How do I prevent libcurl from writing the response to stdout?
+
+libcurl provides a default built-in write function that writes received data
+to stdout. Set the `CURLOPT_WRITEFUNCTION` to receive the data, or possibly
+set `CURLOPT_WRITEDATA` to a different FILE * handle.
+
+## How do I make libcurl not receive the whole HTTP response?
+
+You make the write callback (or progress callback) return an error and libcurl
+will then abort the transfer.
+
+## Can I make libcurl fake or hide my real IP address?
+
+No. libcurl operates on a higher level. Besides, faking IP address would
+imply sending IP packets with a made-up source address, and then you normally
+get a problem with receiving the packet sent back as they would then not be
+routed to you.
+
+If you use a proxy to access remote sites, the sites will not see your local
+IP address but instead the address of the proxy.
+
+Also note that on many networks NATs or other IP-munging techniques are used
+that makes you see and use a different IP address locally than what the remote
+server will see you coming from. You may also consider using
+[Tor]()https://www.torproject.org/).
+
+## How do I stop an ongoing transfer?
+
+With the easy interface you make sure to return the correct error code from
+one of the callbacks, but none of them are instant. There is no function you
+can call from another thread or similar that will stop it immediately.
+Instead, you need to make sure that one of the callbacks you use returns an
+appropriate value that will stop the transfer. Suitable callbacks that you can
+do this with include the progress callback, the read callback and the write
+callback.
+
+If you are using the multi interface, you can also stop a transfer by removing
+the particular easy handle from the multi stack at any moment you think the
+transfer is done or when you wish to abort the transfer.
+
+## Using C++ non-static functions for callbacks?
+
+libcurl is a C library, it does not know anything about C++ member functions.
+
+You can overcome this limitation with relative ease using a static member
+function that is passed a pointer to the class:
+
+~~~c++
+// f is the pointer to your object.
+static size_t YourClass::func(void *buffer, size_t sz, size_t n, void *f)
+{
+  // Call non-static member function.
+  static_cast(f)->nonStaticFunction();
+}
+
+// This is how you pass pointer to the static function:
+curl_easy_setopt(hcurl, CURLOPT_WRITEFUNCTION, YourClass::func);
+curl_easy_setopt(hcurl, CURLOPT_WRITEDATA, this);
+~~~
+
+## How do I get an FTP directory listing?
+
+If you end the FTP URL you request with a slash, libcurl will provide you with
+a directory listing of that given directory. You can also set
+`CURLOPT_CUSTOMREQUEST` to alter what exact listing command libcurl would use
+to list the files.
+
+The follow-up question tends to be how is a program supposed to parse the
+directory listing. How does it know what's a file and what's a directory and
+what's a symlink etc. If the FTP server supports the `MLSD` command then it
+will return data in a machine-readable format that can be parsed for type. The
+types are specified by RFC 3659 section 7.5.1. If `MLSD` is not supported then
+you have to work with what you are given. The `LIST` output format is entirely
+at the server's own liking and the `NLST` output does not reveal any types and
+in many cases does not even include all the directory entries. Also, both
+`LIST` and `NLST` tend to hide Unix-style hidden files (those that start with
+a dot) by default so you need to do `LIST -a` or similar to see them.
+
+Example - List only directories. `ftp.funet.fi` supports `MLSD` and
+`ftp.kernel.org` does not:
+
+    curl -s ftp.funet.fi/pub/ -X MLSD | \
+      perl -lne 'print if s/(?:^|;)type=dir;[^ ]+ (.+)$/$1/'
+
+    curl -s ftp.kernel.org/pub/linux/kernel/ | \
+      perl -lne 'print if s/^d[-rwx]{9}(?: +[^ ]+){7} (.+)$/$1/'
+
+If you need to parse LIST output, libcurl provides the ability to specify a
+wildcard to download multiple files from an FTP directory.
+
+## I want a different time-out
+
+Sometimes users realize that `CURLOPT_TIMEOUT` and `CURLOPT_CONNECTIMEOUT` are
+not sufficiently advanced or flexible to cover all the various use cases and
+scenarios applications end up with.
+
+libcurl offers many more ways to time-out operations. A common alternative is
+to use the `CURLOPT_LOW_SPEED_LIMIT` and `CURLOPT_LOW_SPEED_TIME` options to
+specify the lowest possible speed to accept before to consider the transfer
+timed out.
+
+The most flexible way is by writing your own time-out logic and using
+`CURLOPT_XFERINFOFUNCTION` (perhaps in combination with other callbacks) and
+use that to figure out exactly when the right condition is met when the
+transfer should get stopped.
+
+## Can I write a server with libcurl?
+
+No. libcurl offers no functions or building blocks to build any kind of
+Internet protocol server. libcurl is only a client-side library. For server
+libraries, you need to continue your search elsewhere but there exist many
+good open source ones out there for most protocols you could want a server
+for. There are also really good stand-alone servers that have been tested and
+proven for many years. There is no need for you to reinvent them.
+
+## Does libcurl use threads?
+
+Put simply: no, libcurl will execute in the same thread you call it in. All
+callbacks will be called in the same thread as the one you call libcurl in.
+
+If you want to avoid your thread to be blocked by the libcurl call, you make
+sure you use the non-blocking multi API which will do transfers
+asynchronously - still in the same single thread.
+
+libcurl will potentially internally use threads for name resolving, if it was
+built to work like that, but in those cases it will create the child threads
+by itself and they will only be used and then killed internally by libcurl and
+never exposed to the outside.
+
+# License
+
+curl and libcurl are released under an MIT/X derivative license. The license
+is liberal and should not impose a problem for your project. This section is
+just a brief summary for the cases we get the most questions.
+
+We are not lawyers and this is not legal advice. You should probably consult
+one if you want true and accurate legal insights without our prejudice. Note
+especially that this section concerns the libcurl license only; compiling in
+features of libcurl that depend on other libraries (e.g. OpenSSL) may affect
+the licensing obligations of your application.
+
+## I have a GPL program, can I use the libcurl library?
+
+Yes
+
+Since libcurl may be distributed under the MIT/X derivative license, it can be
+used together with GPL in any software.
+
+## I have a closed-source program, can I use the libcurl library?
+
+Yes
+
+libcurl does not put any restrictions on the program that uses the library.
+
+## I have a BSD licensed program, can I use the libcurl library?
+
+Yes
+
+libcurl does not put any restrictions on the program that uses the library.
+
+## I have a program that uses LGPL libraries, can I use libcurl?
+
+Yes
+
+The LGPL license does not clash with other licenses.
+
+## Can I modify curl/libcurl for my program and keep the changes secret?
+
+Yes
+
+The MIT/X derivative license practically allows you to do almost anything with
+the sources, on the condition that the copyright texts in the sources are left
+intact.
+
+## Can you please change the curl/libcurl license?
+
+No.
+
+We have carefully picked this license after years of development and
+discussions and a large amount of people have contributed with source code
+knowing that this is the license we use. This license puts the restrictions we
+want on curl/libcurl and it does not spread to other programs or libraries
+that use it. It should be possible for everyone to use libcurl or curl in
+their projects, no matter what license they already have in use.
+
+## What are my obligations when using libcurl in my commercial apps?
+
+Next to none. All you need to adhere to is the MIT-style license (stated in
+the COPYING file) which basically says you have to include the copyright
+notice in *all copies* and that you may not use the copyright holder's name
+when promoting your software.
+
+You do not have to release any of your source code.
+
+You do not have to reveal or make public any changes to the libcurl source
+code.
+
+You do not have to broadcast to the world that you are using libcurl within
+your app.
+
+All we ask is that you disclose *the copyright notice and this permission
+notice* somewhere. Most probably like in the documentation or in the section
+where other third party dependencies already are mentioned and acknowledged.
+
+As can be seen [here](https://curl.se/docs/companies.html) and elsewhere, more
+and more companies are discovering the power of libcurl and take advantage of
+it even in commercial environments.
+
+## What license does curl use exactly?
+
+curl is released under an [MIT derivative
+license](https://curl.se/docs/copyright.html). It is similar but not identical
+to the MIT license.
+
+The difference is considered big enough to make SPDX list it under its own
+identifier: [curl](https://spdx.org/licenses/curl.html).
+
+The changes done to the license that make it uniquely curl were tiny and
+well-intended, but the reasons for them have been forgotten and we strongly
+discourage others from doing the same thing.
+
+# PHP/CURL
+
+## What is PHP/CURL?
+
+The module for PHP that makes it possible for PHP programs to access curl
+functions from within PHP.
+
+In the curl project we call this module PHP/CURL to differentiate it from curl
+the command line tool and libcurl the library. The PHP team however does not
+refer to it like this (for unknown reasons). They call it plain CURL (often
+using all caps) or sometimes ext/curl, but both cause much confusion to users
+which in turn gives us a higher question load.
+
+## Who wrote PHP/CURL?
+
+PHP/CURL was initially written by Sterling Hughes.
+
+## Can I perform multiple requests using the same handle?
+
+Yes.
+
+After a transfer, you just set new options in the handle and make another
+transfer. This will make libcurl reuse the same connection if it can.
+
+## Does PHP/CURL have dependencies?
+
+PHP/CURL is a module that comes with the regular PHP package. It depends on
+and uses libcurl, so you need to have libcurl installed properly before
+PHP/CURL can be used.
+
+# Development
+
+## Why does curl use C89?
+
+As with everything in curl, there is a history and we keep using what we have
+used before until someone brings up the subject and argues for and works on
+changing it.
+
+We started out using C89 in the 1990s because that was the only way to write a
+truly portable C program and have it run as widely as possible. C89 was for a
+long time even necessary to make things work on otherwise considered modern
+platforms such as Windows. Today, we do not really know how many users that
+still require the use of a C89 compiler.
+
+We will continue to use C89 for as long as nobody brings up a strong enough
+reason for us to change our minds. The core developers of the project do not
+feel restricted by this and we are not convinced that going C99 will offer us
+enough of a benefit to warrant the risk of cutting off a share of users.
+
+## Will curl be rewritten?
+
+In one go: no. Little by little over time? Sure.
+
+Over the years, new languages and clever operating environments come and go.
+Every now and then the urge apparently arises to request that we rewrite curl
+in another language.
+
+Some the most important properties in curl are maintaining the API and ABI for
+libcurl and keeping the behavior for the command line tool. As long as we can
+do that, everything else is up for discussion. To maintain the ABI, we
+probably have to maintain a certain amount of code in C, and to remain rock
+stable, we will never risk anything by rewriting a lot of things in one go.
+That said, we can certainly offer more and more optional backends written in
+other languages, as long as those backends can be plugged in at build-time.
+Backends can be written in any language, but should probably provide APIs
+usable from C to ease integration and transition.
diff --git a/docs/KNOWN_BUGS b/docs/KNOWN_BUGS
deleted file mode 100644
index f65e9f1ae2..0000000000
--- a/docs/KNOWN_BUGS
+++ /dev/null
@@ -1,663 +0,0 @@
-                                  _   _ ____  _
-                              ___| | | |  _ \| |
-                             / __| | | | |_) | |
-                            | (__| |_| |  _ <| |___
-                             \___|\___/|_| \_\_____|
-
-                                  Known Bugs
-
-These are problems and bugs known to exist at the time of this release. Feel
-free to join in and help us correct one or more of these. Also be sure to
-check the changelog of the current development status, as one or more of these
-problems may have been fixed or changed somewhat since this was written.
-
- 1. HTTP
-
- 2. TLS
- 2.1 IMAPS connection fails with Rustls error
- 2.2 Access violation sending client cert with Schannel
- 2.5 Client cert handling with Issuer DN differs between backends
- 2.7 Client cert (MTLS) issues with Schannel
- 2.11 Schannel TLS 1.2 handshake bug in old Windows versions
- 2.13 CURLOPT_CERTINFO results in CURLE_OUT_OF_MEMORY with Schannel
- 2.14 mbedTLS and CURLE_AGAIN handling
-
- 3. Email protocols
- 3.1 IMAP SEARCH ALL truncated response
- 3.2 No disconnect command
- 3.4 AUTH PLAIN for SMTP is not working on all servers
- 3.5 APOP authentication fails on POP3
- 3.6 POP3 issue when reading small chunks
-
- 4. Command line
- 4.1 -T /dev/stdin may upload with an incorrect content length
- 4.2 -T - always uploads chunked
-
- 5. Build and portability issues
- 5.1 OS400 port requires deprecated IBM library
- 5.2 curl-config --libs contains private details
- 5.3 LDFLAGS passed too late making libs linked incorrectly
- 5.6 Cygwin: make install installs curl-config.1 twice
- 5.12 flaky CI builds
- 5.13 long paths are not fully supported on Windows
- 5.15 Unicode on Windows
-
- 6. Authentication
- 6.1 Digest auth-int for PUT/POST
- 6.2 MIT Kerberos for Windows build
- 6.3 NTLM in system context uses wrong name
- 6.5 NTLM does not support password with Unicode 'SECTION SIGN' character
- 6.6 libcurl can fail to try alternatives with --proxy-any
- 6.7 Do not clear digest for single realm
- 6.9 SHA-256 digest not supported in Windows SSPI builds
- 6.10 curl never completes Negotiate over HTTP
- 6.11 Negotiate on Windows fails
- 6.13 Negotiate against Hadoop HDFS
-
- 7. FTP
- 7.4 FTP with ACCT
- 7.12 FTPS directory listing hangs on Windows with Schannel
-
- 9. SFTP and SCP
- 9.1 SFTP does not do CURLOPT_POSTQUOTE correct
- 9.3 Remote recursive folder creation with SFTP
- 9.4 libssh blocking and infinite loop problem
- 9.5 Cygwin: "WARNING: UNPROTECTED PRIVATE KEY FILE!"
-
- 10. Connection
- 10.1 --interface with link-scoped IPv6 address
- 10.2 Does not acknowledge getaddrinfo sorting policy
- 10.3 SOCKS-SSPI discards the security context
-
- 11. Internals
- 11.1 gssapi library name + version is missing in curl_version_info()
- 11.2 error buffer not set if connection to multiple addresses fails
- 11.4 HTTP test server 'connection-monitor' problems
- 11.5 Connection information when using TCP Fast Open
- 11.6 test cases sometimes timeout
- 11.7 CURLOPT_CONNECT_TO does not work for HTTPS proxy
- 11.8 WinIDN test failures
- 11.9 setting a disabled option should return CURLE_NOT_BUILT_IN
-
- 12. LDAP
- 12.1 OpenLDAP hangs after returning results
- 12.2 LDAP on Windows does authentication wrong?
- 12.3 LDAP on Windows does not work
- 12.4 LDAPS requests to ActiveDirectory server hang
-
- 13. TCP/IP
- 13.1 telnet code does not handle partial writes properly
- 13.2 Trying local ports fails on Windows
-
- 15. CMake
- 15.1 cmake outputs: no version information available
- 15.6 uses -lpthread instead of Threads::Threads
- 15.7 generated .pc file contains strange entries
- 15.13 CMake build with MIT Kerberos does not work
-
- 16. aws-sigv4
- 16.2 aws-sigv4 does not handle multipart/form-data correctly
-
- 17. HTTP/2
- 17.1 HTTP/2 prior knowledge over proxy
- 17.2 HTTP/2 frames while in the connection pool kill reuse
- 17.3 ENHANCE_YOUR_CALM causes infinite retries
- 17.4 HTTP/2 + TLS spends a lot of time in recv
-
- 18. HTTP/3
- 18.1 connection migration does not work
- 18.2 quiche: QUIC connection is draining
- 18.3 OpenSSL-QUIC problems on google.com
-
- 19. RTSP
- 19.1 Some methods do not support response bodies
-
-==============================================================================
-
-1. HTTP
-
-2. TLS
-
-2.1 IMAPS connection fails with Rustls error
-
- https://github.com/curl/curl/issues/10457
-
-2.2 Access violation sending client cert with Schannel
-
- When using Schannel to do client certs, curl sets PKCS12_NO_PERSIST_KEY to
- avoid leaking the private key into the filesystem. Unfortunately that flag
- instead seems to trigger a crash.
-
- See https://github.com/curl/curl/issues/17626
-
-2.5 Client cert handling with Issuer DN differs between backends
-
- When the specified client certificate does not match any of the
- server-specified DNs, the OpenSSL and GnuTLS backends behave differently.
- The github discussion may contain a solution.
-
- See https://github.com/curl/curl/issues/1411
-
-2.7 Client cert (MTLS) issues with Schannel
-
- See https://github.com/curl/curl/issues/3145
-
-2.11 Schannel TLS 1.2 handshake bug in old Windows versions
-
- In old versions of Windows such as 7 and 8.1 the Schannel TLS 1.2 handshake
- implementation likely has a bug that can rarely cause the key exchange to
- fail, resulting in error SEC_E_BUFFER_TOO_SMALL or SEC_E_MESSAGE_ALTERED.
-
- https://github.com/curl/curl/issues/5488
-
-2.13 CURLOPT_CERTINFO results in CURLE_OUT_OF_MEMORY with Schannel
-
- https://github.com/curl/curl/issues/8741
-
-2.14 mbedTLS and CURLE_AGAIN handling
-
- https://github.com/curl/curl/issues/15801
-
-3. Email protocols
-
-3.1 IMAP SEARCH ALL truncated response
-
- IMAP "SEARCH ALL" truncates output on large boxes. "A quick search of the
- code reveals that pingpong.c contains some truncation code, at line 408, when
- it deems the server response to be too large truncating it to 40 characters"
- https://curl.se/bug/view.cgi?id=1366
-
-3.2 No disconnect command
-
- The disconnect commands (LOGOUT and QUIT) may not be sent by IMAP, POP3 and
- SMTP if a failure occurs during the authentication phase of a connection.
-
-3.4 AUTH PLAIN for SMTP is not working on all servers
-
- Specifying "--login-options AUTH=PLAIN" on the command line does not seem to
- work correctly.
-
- See https://github.com/curl/curl/issues/4080
-
-3.5 APOP authentication fails on POP3
-
- See https://github.com/curl/curl/issues/10073
-
-3.6 POP3 issue when reading small chunks
-
- CURL_DBG_SOCK_RMAX=4 ./runtests.pl -v 982
-
- See https://github.com/curl/curl/issues/12063
-
-4. Command line
-
-4.1 -T /dev/stdin may upload with an incorrect content length
-
- -T stats the path to figure out its size in bytes to use it as Content-Length
- if it is a regular file.
-
- The problem with that is that, on BSDs and some other UNIXes (not Linux),
- open(path) may not give you a file descriptor with a 0 offset from the start
- of the file.
-
- See https://github.com/curl/curl/issues/12177
-
-4.2 -T - always uploads chunked
-
- When the `<` shell operator is used. curl should realise that stdin is a
- regular file in this case, and that it can do a non-chunked upload, like it
- would do if you used -T file.
-
- See https://github.com/curl/curl/issues/12171
-
-5. Build and portability issues
-
-5.1 OS400 port requires deprecated IBM library
-
- curl for OS400 requires QADRT to build, which provides ASCII wrappers for
- libc/POSIX functions in the ILE, but IBM no longer supports or even offers
- this library to download.
-
- See https://github.com/curl/curl/issues/5176
-
-5.2 curl-config --libs contains private details
-
- "curl-config --libs" include details set in LDFLAGS when configure is run
- that might be needed only for building libcurl. Further, curl-config --cflags
- suffers from the same effects with CFLAGS/CPPFLAGS.
-
-5.3 LDFLAGS passed too late making libs linked incorrectly
-
- Compiling latest curl on HP-UX and linking against a custom OpenSSL (which is
- on the default loader/linker path), fails because the generated Makefile has
- LDFLAGS passed on after LIBS.
-
- See https://github.com/curl/curl/issues/14893
-
-5.6 Cygwin: make install installs curl-config.1 twice
-
- https://github.com/curl/curl/issues/8839
-
-5.12 flaky CI builds
-
- We run many CI builds for each commit and PR on github, and especially a
- number of the Windows builds are flaky. This means that we rarely get all CI
- builds go green and complete without errors. This is unfortunate as it makes
- us sometimes miss actual build problems and it is surprising to newcomers to
- the project who (rightfully) do not expect this.
-
- See https://github.com/curl/curl/issues/6972
-
-5.13 long paths are not fully supported on Windows
-
- curl on Windows cannot access long paths (paths longer than 260 characters).
- However, as a workaround, the Windows path prefix \\?\ which disables all
- path interpretation may work to allow curl to access the path. For example:
- \\?\c:\longpath.
-
- See https://github.com/curl/curl/issues/8361
-
-5.15 Unicode on Windows
-
- Passing in a Unicode filename with -o:
-
- https://github.com/curl/curl/issues/11461
-
- Passing in Unicode character with -d:
-
- https://github.com/curl/curl/issues/12231
-
- Windows Unicode builds use homedir in current locale
-
- The Windows Unicode builds of curl use the current locale, but expect Unicode
- UTF-8 encoded paths for internal use such as open, access and stat. The
- user's home directory is retrieved via curl_getenv in the current locale and
- not as UTF-8 encoded Unicode.
-
- See https://github.com/curl/curl/pull/7252 and
-     https://github.com/curl/curl/pull/7281
-
- Cannot handle Unicode arguments in non-Unicode builds on Windows
-
- If a URL or filename cannot be encoded using the user's current codepage then
- it can only be encoded properly in the Unicode character set. Windows uses
- UTF-16 encoding for Unicode and stores it in wide characters, however curl
- and libcurl are not equipped for that at the moment except when built with
- _UNICODE and UNICODE defined. Except for Cygwin, Windows cannot use UTF-8 as
- a locale.
-
-  https://curl.se/bug/?i=345
-  https://curl.se/bug/?i=731
-  https://curl.se/bug/?i=3747
-
- NTLM authentication and Unicode
-
- NTLM authentication involving Unicode username or password only works
- properly if built with UNICODE defined together with the Schannel backend.
- The original problem was mentioned in:
- https://curl.se/mail/lib-2009-10/0024.html
- https://curl.se/bug/view.cgi?id=896
-
- The Schannel version verified to work as mentioned in
- https://curl.se/mail/lib-2012-07/0073.html
-
-6. Authentication
-
-6.1 Digest auth-int for PUT/POST
-
- We do not support auth-int for Digest using PUT or POST
-
-6.2 MIT Kerberos for Windows build
-
- libcurl fails to build with MIT Kerberos for Windows (KfW) due to KfW's
- library header files exporting symbols/macros that should be kept private to
- the KfW library.
-
-6.3 NTLM in system context uses wrong name
-
- NTLM authentication using SSPI (on Windows) when (lib)curl is running in
- "system context" makes it use wrong(?) username - at least when compared to
- what winhttp does. See https://curl.se/bug/view.cgi?id=535
-
-6.5 NTLM does not support password with Unicode 'SECTION SIGN' character
-
- Code point: U+00A7
-
- https://en.wikipedia.org/wiki/Section_sign
- https://github.com/curl/curl/issues/2120
-
-6.6 libcurl can fail to try alternatives with --proxy-any
-
- When connecting via a proxy using --proxy-any, a failure to establish an
- authentication causes libcurl to abort trying other options if the failed
- method has a higher preference than the alternatives. As an example,
- --proxy-any against a proxy which advertise Negotiate and NTLM, but which
- fails to set up Kerberos authentication does not proceed to try
- authentication using NTLM.
-
- https://github.com/curl/curl/issues/876
-
-6.7 Do not clear digest for single realm
-
- https://github.com/curl/curl/issues/3267
-
-6.9 SHA-256 digest not supported in Windows SSPI builds
-
- Windows builds of curl that have SSPI enabled use the native Windows API calls
- to create authentication strings. The call to InitializeSecurityContext fails
- with SEC_E_QOP_NOT_SUPPORTED which causes curl to fail with CURLE_AUTH_ERROR.
-
- Microsoft does not document supported digest algorithms and that SEC_E error
- code is not a documented error for InitializeSecurityContext (digest).
-
- https://github.com/curl/curl/issues/6302
-
-6.10 curl never completes Negotiate over HTTP
-
- Apparently it is not working correctly...?
-
- See https://github.com/curl/curl/issues/5235
-
-6.11 Negotiate on Windows fails
-
- When using --negotiate (or NTLM) with curl on Windows, SSL/TLS handshake
- fails despite having a valid kerberos ticket cached. Works without any issue
- in Unix/Linux.
-
- https://github.com/curl/curl/issues/5881
-
-6.13 Negotiate authentication against Hadoop HDFS
-
- https://github.com/curl/curl/issues/8264
-
-7. FTP
-
-7.4 FTP with ACCT
-
- When doing an operation over FTP that requires the ACCT command (but not when
- logging in), the operation fails since libcurl does not detect this and thus
- fails to issue the correct command: https://curl.se/bug/view.cgi?id=635
-
-7.12 FTPS server compatibility on Windows with Schannel
-
- FTPS is not widely used with the Schannel TLS backend and so there may be
- more bugs compared to other TLS backends such as OpenSSL. In the past users
- have reported hanging and failed connections. It is likely some changes to
- curl since then fixed the issues. None of the reported issues can be
- reproduced any longer.
-
- If you encounter an issue connecting to your server via FTPS with the latest
- curl and Schannel then please search for open issues or file a new issue.
-
-9. SFTP and SCP
-
-9.1 SFTP does not do CURLOPT_POSTQUOTE correct
-
- When libcurl sends CURLOPT_POSTQUOTE commands when connected to an SFTP
- server using the multi interface, the commands are not being sent correctly
- and instead the connection is "cancelled" (the operation is considered done)
- prematurely. There is a half-baked (busy-looping) patch provided in the bug
- report but it cannot be accepted as-is. See
- https://curl.se/bug/view.cgi?id=748
-
-9.3 Remote recursive folder creation with SFTP
-
- On this servers, the curl fails to create directories on the remote server
- even when the CURLOPT_FTP_CREATE_MISSING_DIRS option is set.
-
- See https://github.com/curl/curl/issues/5204
-
-9.4 libssh blocking and infinite loop problem
-
- In the SSH_SFTP_INIT state for libssh, the ssh session working mode is set to
- blocking mode. If the network is suddenly disconnected during sftp
- transmission, curl is stuck, even if curl is configured with a timeout.
-
- https://github.com/curl/curl/issues/8632
-
-9.5 Cygwin: "WARNING: UNPROTECTED PRIVATE KEY FILE!"
-
- Running SCP and SFTP tests on Cygwin makes this warning message appear.
-
- https://github.com/curl/curl/issues/11244
-
-10. Connection
-
-10.1 --interface with link-scoped IPv6 address
-
- When you give the `--interface` option telling curl to use a specific
- interface for its outgoing traffic in combination with an IPv6 address in the
- URL that uses a link-local scope, curl might pick the wrong address from the
- named interface and the subsequent transfer fails.
-
- Example command line:
-
-    curl --interface eth0 'http://[fe80:928d:xxff:fexx:xxxx]/'
-
- The fact that the given IP address is link-scoped should probably be used as
- input to somehow make curl make a better choice for this.
-
- https://github.com/curl/curl/issues/14782
-
-10.2 Does not acknowledge getaddrinfo sorting policy
-
- Even if a user edits /etc/gai.conf to prefer IPv4, curl still prefers and
- tries IPv6 addresses first.
-
- https://github.com/curl/curl/issues/16718
-
-
-10.3 SOCKS-SSPI discards the security context
-
- After a successful SSPI/GSS-API exchange, the function queries and logs the
- authenticated username and reports the supported data-protection level, but
- then immediately deletes the negotiated SSPI security context and frees the
- credentials before returning. The negotiated context is not stored on the
- connection and is therefore never used to protect later SOCKS5 traffic.
-
-11. Internals
-
-11.1 gssapi library name + version is missing in curl_version_info()
-
- The struct needs to be expanded and code added to store this info.
-
- See https://github.com/curl/curl/issues/13492
-
-11.2 error buffer not set if connection to multiple addresses fails
-
- If you ask libcurl to resolve a hostname like example.com to IPv6 addresses
- when you only have IPv4 connectivity. libcurl fails with
- CURLE_COULDNT_CONNECT, but the error buffer set by CURLOPT_ERRORBUFFER
- remains empty. Issue: https://github.com/curl/curl/issues/544
-
-11.4 HTTP test server 'connection-monitor' problems
-
- The 'connection-monitor' feature of the sws HTTP test server does not work
- properly if some tests are run in unexpected order. Like 1509 and then 1525.
-
- See https://github.com/curl/curl/issues/868
-
-11.5 Connection information when using TCP Fast Open
-
- CURLINFO_LOCAL_PORT (and possibly a few other) fails when TCP Fast Open is
- enabled.
-
- See https://github.com/curl/curl/issues/1332 and
- https://github.com/curl/curl/issues/4296
-
-11.6 test cases sometimes timeout
-
- Occasionally, one of the tests timeouts. Inexplicably.
-
- See https://github.com/curl/curl/issues/13350
-
-11.7 CURLOPT_CONNECT_TO does not work for HTTPS proxy
-
- It is unclear if the same option should even cover the proxy connection or if
- if requires a separate option.
-
- See https://github.com/curl/curl/issues/14481
-
-11.8 WinIDN test failures
-
- Test 165 disabled when built with WinIDN.
-
-11.9 setting a disabled option should return CURLE_NOT_BUILT_IN
-
- When curl has been built with specific features or protocols disabled,
- setting such options with curl_easy_setopt() should rather return
- CURLE_NOT_BUILT_IN instead of CURLE_UNKNOWN_OPTION to signal the difference
- to the application
-
- See https://github.com/curl/curl/issues/15472
-
-12. LDAP
-
-12.1 OpenLDAP hangs after returning results
-
- By configuration defaults, OpenLDAP automatically chase referrals on
- secondary socket descriptors. The OpenLDAP backend is asynchronous and thus
- should monitor all socket descriptors involved. Currently, these secondary
- descriptors are not monitored, causing OpenLDAP library to never receive
- data from them.
-
- As a temporary workaround, disable referrals chasing by configuration.
-
- The fix is not easy: proper automatic referrals chasing requires a
- synchronous bind callback and monitoring an arbitrary number of socket
- descriptors for a single easy handle (currently limited to 5).
-
- Generic LDAP is synchronous: OK.
-
- See https://github.com/curl/curl/issues/622 and
-     https://curl.se/mail/lib-2016-01/0101.html
-
-12.2 LDAP on Windows does authentication wrong?
-
- https://github.com/curl/curl/issues/3116
-
-12.3 LDAP on Windows does not work
-
- A simple curl command line getting "ldap://ldap.forumsys.com" returns an
- error that says "no memory" !
-
- https://github.com/curl/curl/issues/4261
-
-12.4 LDAPS requests to ActiveDirectory server hang
-
- https://github.com/curl/curl/issues/9580
-
-13. TCP/IP
-
-13.1 telnet code does not handle partial writes properly
-
- It probably does not happen too easily because of how slow and infrequent
- sends are normally performed.
-
-13.2 Trying local ports fails on Windows
-
- This makes '--local-port [range]' to not work since curl cannot properly
- detect if a port is already in use, so it tries the first port, uses that and
- then subsequently fails anyway if that was actually in use.
-
- https://github.com/curl/curl/issues/8112
-
-15. CMake
-
-15.1 cmake outputs: no version information available
-
- Something in the SONAME generation seems to be wrong in the cmake build.
-
- https://github.com/curl/curl/issues/11158
-
-15.6 uses -lpthread instead of Threads::Threads
-
- See https://github.com/curl/curl/issues/6166
-
-15.7 generated .pc file contains strange entries
-
- The Libs.private field of the generated .pc file contains -lgcc -lgcc_s -lc
- -lgcc -lgcc_s
-
- See https://github.com/curl/curl/issues/6167
-
-15.13 CMake build with MIT Kerberos does not work
-
- Minimum CMake version was bumped in curl 7.71.0 (#5358) Since CMake 3.2
- try_compile started respecting the CMAKE_EXE_FLAGS. The code dealing with
- MIT Kerberos detection sets few variables to potentially weird mix of space,
- and ;-separated flags. It had to blow up at some point. All the CMake checks
- that involve compilation are doomed from that point, the configured tree
- cannot be built.
-
- https://github.com/curl/curl/issues/6904
-
-16. aws-sigv4
-
-16.2 aws-sigv4 does not handle multipart/form-data correctly
-
- https://github.com/curl/curl/issues/13351
-
-17. HTTP/2
-
-17.1 HTTP/2 prior knowledge over proxy
-
- https://github.com/curl/curl/issues/12641
-
-17.2 HTTP/2 frames while in the connection pool kill reuse
-
- If the server sends HTTP/2 frames (like for example an HTTP/2 PING frame) to
- curl while the connection is held in curl's connection pool, the socket is
- found readable when considered for reuse and that makes curl think it is dead
- and then it is closed and a new connection gets created instead.
-
- This is *best* fixed by adding monitoring to connections while they are kept
- in the pool so that pings can be responded to appropriately.
-
-17.3 ENHANCE_YOUR_CALM causes infinite retries
-
- Infinite retries with 2 parallel requests on one connection receiving GOAWAY
- with ENHANCE_YOUR_CALM error code.
-
- See https://github.com/curl/curl/issues/5119
-
-17.4 HTTP/2 + TLS spends a lot of time in recv
-
- It has been observed that by making the speed limit less accurate we could
- improve this performance. (by reverting
- https://github.com/curl/curl/commit/db5c9f4f9e0779b49624752b135281a0717b277b)
- Can we find a golden middle ground?
-
- See https://curl.se/mail/lib-2024-05/0026.html and
- https://github.com/curl/curl/issues/13416
-
-18. HTTP/3
-
-18.1 connection migration does not work
-
- https://github.com/curl/curl/issues/7695
-
-18.2 quiche: QUIC connection is draining
-
- The transfer ends with error "QUIC connection is draining".
-
- https://github.com/curl/curl/issues/12037
-
-18.3 OpenSSL-QUIC problems on google.com
-
- With some specific Google servers, and seemingly timing dependent, the
- OpenSSL-QUIC backend seems to not actually send off the HTTP/3 request which
- makes the QUIC connection just sit idle until killed by the server. curl or
- OpenSSL bug?
-
- https://github.com/curl/curl/issues/18336
-
-19. RTSP
-
-19.1 Some methods do not support response bodies
-
- The RTSP implementation is written to assume that a number of RTSP methods
- always get responses without bodies, even though there seems to be no
- indication in the RFC that this is always the case.
-
- https://github.com/curl/curl/issues/12414
diff --git a/docs/KNOWN_BUGS.md b/docs/KNOWN_BUGS.md
new file mode 100644
index 0000000000..1f5cebee27
--- /dev/null
+++ b/docs/KNOWN_BUGS.md
@@ -0,0 +1,546 @@
+
+
+# Known bugs intro
+
+These are problems and bugs known to exist at the time of this release. Feel
+free to join in and help us correct one or more of these. Also be sure to
+check the changelog of the current development status, as one or more of these
+problems may have been fixed or changed somewhat since this was written.
+
+# TLS
+
+## IMAPS connection fails with Rustls error
+
+[curl issue 10457](https://github.com/curl/curl/issues/10457)
+
+## Access violation sending client cert with Schannel
+
+When using Schannel to do client certs, curl sets `PKCS12_NO_PERSIST_KEY` to
+avoid leaking the private key into the filesystem. Unfortunately that flag
+instead seems to trigger a crash.
+
+See [curl issue 17626](https://github.com/curl/curl/issues/17626)
+
+## Client cert handling with Issuer `DN` differs between backends
+
+When the specified client certificate does not match any of the
+server-specified `DN` fields, the OpenSSL and GnuTLS backends behave
+differently. The GitHub discussion may contain a solution.
+
+See [curl issue 1411](https://github.com/curl/curl/issues/1411)
+
+## Client cert (MTLS) issues with Schannel
+
+See [curl issue 3145](https://github.com/curl/curl/issues/3145)
+
+## Schannel TLS 1.2 handshake bug in old Windows versions
+
+In old versions of Windows such as 7 and 8.1 the Schannel TLS 1.2 handshake
+implementation likely has a bug that can rarely cause the key exchange to
+fail, resulting in error SEC_E_BUFFER_TOO_SMALL or SEC_E_MESSAGE_ALTERED.
+
+[curl issue 5488](https://github.com/curl/curl/issues/5488)
+
+## `CURLOPT_CERTINFO` results in `CURLE_OUT_OF_MEMORY` with Schannel
+
+[curl issue 8741](https://github.com/curl/curl/issues/8741)
+
+## mbedTLS and CURLE_AGAIN handling
+
+[curl issue 15801](https://github.com/curl/curl/issues/15801)
+
+# Email protocols
+
+## IMAP `SEARCH ALL` truncated response
+
+IMAP `SEARCH ALL` truncates output on large boxes. "A quick search of the code
+reveals that `pingpong.c` contains some truncation code, at line 408, when it
+deems the server response to be too large truncating it to 40 characters"
+
+https://curl.se/bug/view.cgi?id=1366
+
+## No disconnect command
+
+The disconnect commands (`LOGOUT` and `QUIT`) may not be sent by IMAP, POP3
+and SMTP if a failure occurs during the authentication phase of a connection.
+
+## `AUTH PLAIN` for SMTP is not working on all servers
+
+Specifying `--login-options AUTH=PLAIN` on the command line does not seem to
+work correctly.
+
+See [curl issue 4080](https://github.com/curl/curl/issues/4080)
+
+## `APOP` authentication fails on POP3
+
+See [curl issue 10073](https://github.com/curl/curl/issues/10073)
+
+## POP3 issue when reading small chunks
+
+    CURL_DBG_SOCK_RMAX=4 ./runtests.pl -v 982
+
+See [curl issue 12063](https://github.com/curl/curl/issues/12063)
+
+# Command line
+
+## `-T /dev/stdin` may upload with an incorrect content length
+
+`-T` stats the path to figure out its size in bytes to use it as
+`Content-Length` if it is a regular file.
+
+The problem with that is that on BSD and some other UNIX systems (not Linux),
+open(path) may not give you a file descriptor with a 0 offset from the start
+of the file.
+
+See [curl issue 12177](https://github.com/curl/curl/issues/12177)
+
+## `-T -` always uploads chunked
+
+When the `<` shell operator is used. curl should realize that stdin is a
+regular file in this case, and that it can do a non-chunked upload, like it
+would do if you used `-T` file.
+
+See [curl issue 12171](https://github.com/curl/curl/issues/12171)
+
+# Build and portability issues
+
+## OS400 port requires deprecated IBM library
+
+curl for OS400 requires `QADRT` to build, which provides ASCII wrappers for
+libc/POSIX functions in the ILE, but IBM no longer supports or even offers
+this library to download.
+
+See [curl issue 5176](https://github.com/curl/curl/issues/5176)
+
+## `curl-config --libs` contains private details
+
+`curl-config --libs` include details set in `LDFLAGS` when configure is run
+that might be needed only for building libcurl. Further, `curl-config
+--cflags` suffers from the same effects with `CFLAGS`/`CPPFLAGS`.
+
+## `LDFLAGS` passed too late making libs linked incorrectly
+
+Compiling latest curl on HP-UX and linking against a custom OpenSSL (which is
+on the default loader/linker path), fails because the generated Makefile has
+`LDFLAGS` passed on after `LIBS`.
+
+See [curl issue 14893](https://github.com/curl/curl/issues/14893)
+
+## Cygwin: make install installs curl-config.1 twice
+
+[curl issue 8839](https://github.com/curl/curl/issues/8839)
+
+## flaky CI builds
+
+We run many CI builds for each commit and PR on GitHub, and especially a
+number of the Windows builds are flaky. This means that we rarely get all CI
+builds go green and complete without errors. This is unfortunate as it makes
+us sometimes miss actual build problems and it is surprising to newcomers to
+the project who (rightfully) do not expect this.
+
+See [curl issue 6972](https://github.com/curl/curl/issues/6972)
+
+## long paths are not fully supported on Windows
+
+curl on Windows cannot access long paths (paths longer than 260 characters).
+However, as a workaround, the Windows path prefix `\\?\` which disables all
+path interpretation may work to allow curl to access the path. For example:
+`\\?\c:\longpath`.
+
+See [curl issue 8361](https://github.com/curl/curl/issues/8361)
+
+## Unicode on Windows
+
+Passing in a Unicode filename with -o:
+
+[curl issue 11461](https://github.com/curl/curl/issues/11461)
+
+Passing in Unicode character with -d:
+
+ [curl issue 12231](https://github.com/curl/curl/issues/12231)
+
+Windows Unicode builds use the home directory in current locale.
+
+The Windows Unicode builds of curl use the current locale, but expect Unicode
+UTF-8 encoded paths for internal use such as open, access and stat. The user's
+home directory is retrieved via curl_getenv in the current locale and not as
+UTF-8 encoded Unicode.
+
+See [curl pull request 7252](https://github.com/curl/curl/pull/7252) and [curl pull request 7281](https://github.com/curl/curl/pull/7281)
+
+Cannot handle Unicode arguments in non-Unicode builds on Windows
+
+If a URL or filename cannot be encoded using the user's current code page then
+it can only be encoded properly in the Unicode character set. Windows uses
+UTF-16 encoding for Unicode and stores it in wide characters, however curl and
+libcurl are not equipped for that at the moment except when built with
+_UNICODE and UNICODE defined. Except for Cygwin, Windows cannot use UTF-8 as a
+locale.
+
+ https://curl.se/bug/?i=345
+ https://curl.se/bug/?i=731
+ https://curl.se/bug/?i=3747
+
+NTLM authentication and Unicode
+
+NTLM authentication involving Unicode username or password only works properly
+if built with UNICODE defined together with the Schannel backend. The original
+problem was mentioned in: https://curl.se/mail/lib-2009-10/0024.html and
+https://curl.se/bug/view.cgi?id=896
+
+The Schannel version verified to work as mentioned in
+https://curl.se/mail/lib-2012-07/0073.html
+
+# Authentication
+
+## Digest `auth-int` for PUT/POST
+
+We do not support auth-int for Digest using PUT or POST
+
+## MIT Kerberos for Windows build
+
+libcurl fails to build with MIT Kerberos for Windows (`KfW`) due to its
+library header files exporting symbols/macros that should be kept private to
+the library.
+
+## NTLM in system context uses wrong name
+
+NTLM authentication using SSPI (on Windows) when (lib)curl is running in
+"system context" makes it use wrong(?) username - at least when compared to
+what `winhttp` does. See https://curl.se/bug/view.cgi?id=535
+
+## NTLM does not support password with Unicode 'SECTION SIGN' character
+
+ https://en.wikipedia.org/wiki/Section_sign
+ [curl issue 2120](https://github.com/curl/curl/issues/2120)
+
+## libcurl can fail to try alternatives with `--proxy-any`
+
+When connecting via a proxy using `--proxy-any`, a failure to establish an
+authentication causes libcurl to abort trying other options if the failed
+method has a higher preference than the alternatives. As an example,
+`--proxy-any` against a proxy which advertise Negotiate and NTLM, but which
+fails to set up Kerberos authentication does not proceed to try authentication
+using NTLM.
+
+[curl issue 876](https://github.com/curl/curl/issues/876)
+
+## Do not clear digest for single realm
+
+ [curl issue 3267](https://github.com/curl/curl/issues/3267)
+
+## SHA-256 digest not supported in Windows SSPI builds
+
+Windows builds of curl that have SSPI enabled use the native Windows API calls
+to create authentication strings. The call to `InitializeSecurityContext` fails
+with `SEC_E_QOP_NOT_SUPPORTED` which causes curl to fail with
+`CURLE_AUTH_ERROR`.
+
+Microsoft does not document supported digest algorithms and that `SEC_E` error
+code is not a documented error for `InitializeSecurityContext` (digest).
+
+ [curl issue 6302](https://github.com/curl/curl/issues/6302)
+
+## curl never completes Negotiate over HTTP
+
+Apparently it is not working correctly...?
+
+See [curl issue 5235](https://github.com/curl/curl/issues/5235)
+
+## Negotiate on Windows fails
+
+When using `--negotiate` (or NTLM) with curl on Windows, SSL/TLS handshake
+fails despite having a valid kerberos ticket cached. Works without any issue
+in Unix/Linux.
+
+[curl issue 5881](https://github.com/curl/curl/issues/5881)
+
+## Negotiate authentication against Hadoop
+
+[curl issue 8264](https://github.com/curl/curl/issues/8264)
+
+# FTP
+
+## FTP with ACCT
+
+When doing an operation over FTP that requires the `ACCT` command (but not when
+logging in), the operation fails since libcurl does not detect this and thus
+fails to issue the correct command: https://curl.se/bug/view.cgi?id=635
+
+## FTPS server compatibility on Windows with Schannel
+
+FTPS is not widely used with the Schannel TLS backend and so there may be more
+bugs compared to other TLS backends such as OpenSSL. In the past users have
+reported hanging and failed connections. It is likely some changes to curl
+since then fixed the issues. None of the reported issues can be reproduced any
+longer.
+
+If you encounter an issue connecting to your server via FTPS with the latest
+curl and Schannel then please search for open issues or file a new issue.
+
+# SFTP and SCP
+
+## SFTP does not do `CURLOPT_POSTQUOTE` correct
+
+When libcurl sends `CURLOPT_POSTQUOTE` commands when connected to an SFTP
+server using the multi interface, the commands are not being sent correctly
+and instead the connection is canceled (the operation is considered done)
+prematurely. There is a half-baked (busy-looping) patch provided in the bug
+report but it cannot be accepted as-is. See
+https://curl.se/bug/view.cgi?id=748
+
+## Remote recursive folder creation with SFTP
+
+On this servers, the curl fails to create directories on the remote server
+even when the `CURLOPT_FTP_CREATE_MISSING_DIRS` option is set.
+
+See [curl issue 5204](https://github.com/curl/curl/issues/5204)
+
+## libssh blocking and infinite loop problem
+
+In the `SSH_SFTP_INIT` state for libssh, the ssh session working mode is set
+to blocking mode. If the network is suddenly disconnected during sftp
+transmission, curl is stuck, even if curl is configured with a timeout.
+
+ [curl issue 8632](https://github.com/curl/curl/issues/8632)
+
+## Cygwin: "WARNING: UNPROTECTED PRIVATE KEY FILE!"
+
+Running SCP and SFTP tests on Cygwin makes this warning message appear.
+
+[curl issue 11244](https://github.com/curl/curl/issues/11244)
+
+# Connection
+
+## `--interface` with link-scoped IPv6 address
+
+When you give the `--interface` option telling curl to use a specific
+interface for its outgoing traffic in combination with an IPv6 address in the
+URL that uses a link-local scope, curl might pick the wrong address from the
+named interface and the subsequent transfer fails.
+
+Example command line:
+
+    curl --interface eth0 'http://[fe80:928d:xxff:fexx:xxxx]/'
+
+The fact that the given IP address is link-scoped should probably be used as
+input to somehow make curl make a better choice for this.
+
+[curl issue 14782](https://github.com/curl/curl/issues/14782)
+
+## Does not acknowledge getaddrinfo sorting policy
+
+Even if a user edits `/etc/gai.conf` to prefer IPv4, curl still prefers and
+tries IPv6 addresses first.
+
+[curl issue 16718](https://github.com/curl/curl/issues/16718)
+
+## SOCKS-SSPI discards the security context
+
+After a successful SSPI/GSS-API exchange, the function queries and logs the
+authenticated username and reports the supported data-protection level, but
+then immediately deletes the negotiated SSPI security context and frees the
+credentials before returning. The negotiated context is not stored on the
+connection and is therefore never used to protect later SOCKS5 traffic.
+
+# Internals
+
+## GSSAPI library name + version is missing in `curl_version_info()`
+
+The struct needs to be expanded and code added to store this info.
+
+See [curl issue 13492](https://github.com/curl/curl/issues/13492)
+
+## error buffer not set if connection to multiple addresses fails
+
+If you ask libcurl to resolve a hostname like example.com to IPv6 addresses
+when you only have IPv4 connectivity. libcurl fails with
+`CURLE_COULDNT_CONNECT`, but the error buffer set by `CURLOPT_ERRORBUFFER`
+remains empty. Issue: [curl issue 544](https://github.com/curl/curl/issues/544)
+
+## HTTP test server 'connection-monitor' problems
+
+The `connection-monitor` feature of the HTTP test server does not work
+properly if some tests are run in unexpected order. Like 1509 and then 1525.
+
+See [curl issue 868](https://github.com/curl/curl/issues/868)
+
+## Connection information when using TCP Fast Open
+
+`CURLINFO_LOCAL_PORT` (and possibly a few other) fails when TCP Fast Open is
+enabled.
+
+See [curl issue 1332](https://github.com/curl/curl/issues/1332) and
+[curl issue 4296](https://github.com/curl/curl/issues/4296)
+
+## test cases sometimes timeout
+
+Occasionally, one of the tests timeouts. Inexplicably.
+
+See [curl issue 13350](https://github.com/curl/curl/issues/13350)
+
+## `CURLOPT_CONNECT_TO` does not work for HTTPS proxy
+
+It is unclear if the same option should even cover the proxy connection or if
+if requires a separate option.
+
+See [curl issue 14481](https://github.com/curl/curl/issues/14481)
+
+## WinIDN test failures
+
+Test 165 disabled when built with WinIDN.
+
+## setting a disabled option should return `CURLE_NOT_BUILT_IN`
+
+When curl has been built with specific features or protocols disabled, setting
+such options with `curl_easy_setopt()` should rather return
+`CURLE_NOT_BUILT_IN` instead of `CURLE_UNKNOWN_OPTION` to signal the
+difference to the application
+
+See [curl issue 15472](https://github.com/curl/curl/issues/15472)
+
+# LDAP
+
+## OpenLDAP hangs after returning results
+
+By configuration defaults, OpenLDAP automatically chase referrals on secondary
+socket descriptors. The OpenLDAP backend is asynchronous and thus should
+monitor all socket descriptors involved. Currently, these secondary
+descriptors are not monitored, causing OpenLDAP library to never receive data
+from them.
+
+As a temporary workaround, disable referrals chasing by configuration.
+
+The fix is not easy: proper automatic referrals chasing requires a synchronous
+bind callback and monitoring an arbitrary number of socket descriptors for a
+single easy handle (currently limited to 5).
+
+Generic LDAP is synchronous: OK.
+
+See [curl issue 622](https://github.com/curl/curl/issues/622) and
+https://curl.se/mail/lib-2016-01/0101.html
+
+## LDAP on Windows does authentication wrong?
+
+[curl issue 3116](https://github.com/curl/curl/issues/3116)
+
+## LDAP on Windows does not work
+
+A simple curl command line getting `ldap://ldap.forumsys.com` returns an error
+that says `no memory` !
+
+[curl issue 4261](https://github.com/curl/curl/issues/4261)
+
+## LDAPS requests to Active Directory server hang
+
+[curl issue 9580](https://github.com/curl/curl/issues/9580)
+
+# TCP/IP
+
+## telnet code does not handle partial writes properly
+
+It probably does not happen too easily because of how slow and infrequent
+sends are normally performed.
+
+## Trying local ports fails on Windows
+
+This makes `--local-port [range]` to not work since curl cannot properly
+detect if a port is already in use, so it tries the first port, uses that and
+then subsequently fails anyway if that was actually in use.
+
+[curl issue 8112](https://github.com/curl/curl/issues/8112)
+
+# CMake
+
+## cmake outputs: no version information available
+
+Something in the SONAME generation seems to be wrong in the cmake build.
+
+[curl issue 11158](https://github.com/curl/curl/issues/11158)
+
+## uses `-lpthread` instead of `Threads::Threads`
+
+See [curl issue 6166](https://github.com/curl/curl/issues/6166)
+
+## generated `.pc` file contains strange entries
+
+The `Libs.private` field of the generated `.pc` file contains `-lgcc -lgcc_s
+-lc -lgcc -lgcc_s`.
+
+See [curl issue 6167](https://github.com/curl/curl/issues/6167)
+
+## CMake build with MIT Kerberos does not work
+
+Minimum CMake version was bumped in curl 7.71.0 (#5358) Since CMake 3.2
+try_compile started respecting the `CMAKE_EXE_FLAGS`. The code dealing with
+MIT Kerberos detection sets few variables to potentially weird mix of space,
+and ;-separated flags. It had to blow up at some point. All the CMake checks
+that involve compilation are doomed from that point, the configured tree
+cannot be built.
+
+[curl issue 6904](https://github.com/curl/curl/issues/6904)
+
+# Authentication
+
+## `--aws-sigv4` does not handle multipart/form-data correctly
+
+[curl issue 13351](https://github.com/curl/curl/issues/13351)
+
+# HTTP/2
+
+## HTTP/2 prior knowledge over proxy
+
+ [curl issue 12641](https://github.com/curl/curl/issues/12641)
+
+## HTTP/2 frames while in the connection pool kill reuse
+
+If the server sends HTTP/2 frames (like for example an HTTP/2 PING frame) to
+curl while the connection is held in curl's connection pool, the socket is
+found readable when considered for reuse and that makes curl think it is dead
+and then it is closed and a new connection gets created instead.
+
+This is *best* fixed by adding monitoring to connections while they are kept
+in the pool so that pings can be responded to appropriately.
+
+## `ENHANCE_YOUR_CALM` causes infinite retries
+
+Infinite retries with 2 parallel requests on one connection receiving `GOAWAY`
+with `ENHANCE_YOUR_CALM` error code.
+
+See [curl issue 5119](https://github.com/curl/curl/issues/5119)
+
+## HTTP/2 + TLS spends a lot of time in recv
+
+It has been observed that by making the speed limit less accurate we could
+improve this performance. (by reverting
+[db5c9f4f9e0779](https://github.com/curl/curl/commit/db5c9f4f9e0779b49624752b135281a0717b277b))
+Can we find a golden middle ground?
+
+See https://curl.se/mail/lib-2024-05/0026.html and
+[curl issue 13416](https://github.com/curl/curl/issues/13416)
+
+# HTTP/3
+
+## connection migration does not work
+
+[curl issue 7695](https://github.com/curl/curl/issues/7695)
+
+## quiche: QUIC connection is draining
+
+The transfer ends with error "QUIC connection is draining".
+
+[curl issue 12037](https://github.com/curl/curl/issues/12037)
+
+# RTSP
+
+## Some methods do not support response bodies
+
+The RTSP implementation is written to assume that a number of RTSP methods
+always get responses without bodies, even though there seems to be no
+indication in the RFC that this is always the case.
+
+[curl issue 12414](https://github.com/curl/curl/issues/12414)
diff --git a/docs/Makefile.am b/docs/Makefile.am
index da5812a0eb..0b619b6008 100644
--- a/docs/Makefile.am
+++ b/docs/Makefile.am
@@ -93,7 +93,7 @@ EXTRA_DIST =                                    \
  EARLY-RELEASE.md                               \
  ECH.md                                         \
  EXPERIMENTAL.md                                \
- FAQ                                            \
+ FAQ.md                                         \
  FEATURES.md                                    \
  GOVERNANCE.md                                  \
  HELP-US.md                                     \
@@ -108,7 +108,7 @@ EXTRA_DIST =                                    \
  INSTALL.md                                     \
  INTERNALS.md                                   \
  IPFS.md                                        \
- KNOWN_BUGS                                     \
+ KNOWN_BUGS.md                                  \
  KNOWN_RISKS.md                                 \
  MAIL-ETIQUETTE.md                              \
  MANUAL.md                                      \
@@ -121,7 +121,8 @@ EXTRA_DIST =                                    \
  SPONSORS.md                                    \
  SSL-PROBLEMS.md                                \
  SSLCERTS.md                                    \
- THANKS TODO                                    \
+ THANKS                                         \
+ TODO.md                                        \
  TheArtOfHttpScripting.md                       \
  URL-SYNTAX.md                                  \
  VERSIONS.md                                    \
diff --git a/docs/TODO b/docs/TODO
deleted file mode 100644
index 22ca27f88d..0000000000
--- a/docs/TODO
+++ /dev/null
@@ -1,1301 +0,0 @@
-                                  _   _ ____  _
-                              ___| | | |  _ \| |
-                             / __| | | | |_) | |
-                            | (__| |_| |  _ <| |___
-                             \___|\___/|_| \_\_____|
-
-                Things that could be nice to do in the future
-
- Things to do in project curl. Please tell us what you think, contribute and
- send us patches that improve things.
-
- Be aware that these are things that we could do, or have once been considered
- things we could do. If you want to work on any of these areas, please
- consider bringing it up for discussions first on the mailing list so that we
- all agree it is still a good idea for the project.
-
- All bugs documented in the KNOWN_BUGS document are subject for fixing.
-
- 1. libcurl
- 1.1 TFO support on Windows
- 1.2 Consult %APPDATA% also for .netrc
- 1.3 struct lifreq
- 1.4 alt-svc sharing
- 1.5 get rid of PATH_MAX
- 1.6 thread-safe sharing
- 1.10 auto-detect proxy
- 1.12 updated DNS server while running
- 1.13 c-ares and CURLOPT_OPENSOCKETFUNCTION
- 1.15 Monitor connections in the connection pool
- 1.16 Try to URL encode given URL
- 1.17 Add support for IRIs
- 1.18 try next proxy if one does not work
- 1.19 provide timing info for each redirect
- 1.20 SRV and URI DNS records
- 1.22 CURLINFO_PAUSE_STATE
- 1.25 Expose tried IP addresses that failed
- 1.30 config file parsing
- 1.31 erase secrets from heap/stack after use
- 1.32 add asynch getaddrinfo support
- 1.33 make DoH inherit more transfer properties
-
- 2. libcurl - multi interface
- 2.1 More non-blocking
- 2.2 Better support for same name resolves
- 2.3 Non-blocking curl_multi_remove_handle()
- 2.4 Split connect and authentication process
- 2.5 Edge-triggered sockets should work
- 2.6 multi upkeep
- 2.7 Virtual external sockets
- 2.8 dynamically decide to use socketpair
-
- 3. Documentation
- 3.1 Improve documentation about fork safety
-
- 4. FTP
- 4.1 HOST
- 4.2 A fixed directory listing format
- 4.6 GSSAPI via Windows SSPI
- 4.7 STAT for LIST without data connection
- 4.8 Passive transfer could try other IP addresses
-
- 5. HTTP
- 5.1 Provide the error body from a CONNECT response
- 5.2 Obey Retry-After in redirects
- 5.3 Rearrange request header order
- 5.4 Allow SAN names in HTTP/2 server push
- 5.5 auth= in URLs
- 5.6 alt-svc should fallback if alt-svc does not work
- 5.7 Require HTTP version X or higher
-
- 6. TELNET
- 6.1 ditch stdin
- 6.2 ditch telnet-specific select
- 6.3 feature negotiation debug data
- 6.4 exit immediately upon connection if stdin is /dev/null
-
- 7. SMTP
- 7.1 Passing NOTIFY option to CURLOPT_MAIL_RCPT
- 7.2 Enhanced capability support
- 7.3 Add CURLOPT_MAIL_CLIENT option
-
- 8. POP3
- 8.2 Enhanced capability support
-
- 9. IMAP
- 9.1 Enhanced capability support
-
- 10. LDAP
- 10.1 SASL based authentication mechanisms
- 10.2 CURLOPT_SSL_CTX_FUNCTION for LDAPS
- 10.3 Paged searches on LDAP server
- 10.4 Certificate-Based Authentication
-
- 11. SMB
- 11.1 File listing support
- 11.2 Honor file timestamps
- 11.3 Use NTLMv2
- 11.4 Create remote directories
-
- 12. FILE
- 12.1 Directory listing on non-POSIX
-
- 13. TLS
- 13.1 TLS-PSK with OpenSSL
- 13.2 TLS channel binding
- 13.3 Defeat TLS fingerprinting
- 13.4 Consider OCSP stapling by default
- 13.6 Provide callback for cert verification
- 13.7 Less memory massaging with Schannel
- 13.8 Support DANE
- 13.9 TLS record padding
- 13.10 Support Authority Information Access certificate extension (AIA)
- 13.11 Some TLS options are not offered for HTTPS proxies
- 13.13 Make sure we forbid TLS 1.3 post-handshake authentication
- 13.14 Support the clienthello extension
- 13.16 Share the CA cache
- 13.17 Add missing features to TLS backends
-
- 14. Proxy
- 14.1 Retry SOCKS handshake on address type not supported
-
- 15. Schannel
- 15.1 Extend support for client certificate authentication
- 15.2 Extend support for the --ciphers option
- 15.4 Add option to allow abrupt server closure
-
- 16. SASL
- 16.1 Other authentication mechanisms
- 16.2 Add QOP support to GSSAPI authentication
-
- 17. SSH protocols
- 17.1 Multiplexing
- 17.2 Handle growing SFTP files
- 17.3 Read keys from ~/.ssh/id_ecdsa, id_ed25519
- 17.4 Support CURLOPT_PREQUOTE
- 17.5 SSH over HTTPS proxy with more backends
- 17.6 SFTP with SCP://
-
- 18. Command line tool
- 18.1 sync
- 18.2 glob posts
- 18.4 --proxycommand
- 18.5 UTF-8 filenames in Content-Disposition
- 18.6 Option to make -Z merge lined based outputs on stdout
- 18.7 specify which response codes that make -f/--fail return error
- 18.9 Choose the name of file in braces for complex URLs
- 18.10 improve how curl works in a Windows console window
- 18.11 Windows: set attribute 'archive' for completed downloads
- 18.12 keep running, read instructions from pipe/socket
- 18.13 Acknowledge Ratelimit headers
- 18.14 --dry-run
- 18.15 --retry should resume
- 18.17 consider filename from the redirected URL with -O ?
- 18.18 retry on network is unreachable
- 18.20 hostname sections in config files
- 18.21 retry on the redirected-to URL
- 18.23 Set the modification date on an uploaded file
- 18.24 Use multiple parallel transfers for a single download
- 18.25 Prevent terminal injection when writing to terminal
- 18.26 Custom progress meter update interval
- 18.27 -J and -O with %-encoded filenames
- 18.28 -J with -C -
- 18.29 --retry and transfer timeouts
-
- 19. Build
- 19.2 Enable PIE and RELRO by default
- 19.3 Do not use GNU libtool on OpenBSD
- 19.4 Package curl for Windows in a signed installer
- 19.5 make configure use --cache-file more and better
-
- 20. Test suite
- 20.1 SSL tunnel
- 20.2 more protocols supported
- 20.3 more platforms supported
- 20.4 write an SMB test server to replace impacket
- 20.5 Use the RFC 6265 test suite
- 20.6 Run web-platform-tests URL tests
-
- 21. MQTT
- 21.1 Support rate-limiting
- 21.2 Support MQTTS
- 21.3 Handle network blocks
- 21.4 large payloads
-
- 22. TFTP
- 22.1 TFTP does not convert LF to CRLF for mode=netascii
-
- 23. Gopher
- 23.1 Handle network blocks
-
-==============================================================================
-
-1. libcurl
-
-1.1 TFO support on Windows
-
- libcurl supports the CURLOPT_TCP_FASTOPEN option since 7.49.0 for Linux and
- macOS. Windows supports TCP Fast Open starting with Windows 10, version 1607
- and we should add support for it.
-
- TCP Fast Open is supported on several platforms but not on Windows. Work on
- this was once started but never finished.
-
- See https://github.com/curl/curl/pull/3378
-
-1.2 Consult %APPDATA% also for .netrc
-
- %APPDATA%\.netrc is not considered when running on Windows. should not it?
-
- See https://github.com/curl/curl/issues/4016
-
-1.3 struct lifreq
-
- Use 'struct lifreq' and SIOCGLIFADDR instead of 'struct ifreq' and
- SIOCGIFADDR on newer Solaris versions as they claim the latter is obsolete.
- To support IPv6 interface addresses for network interfaces properly.
-
-1.4 alt-svc sharing
-
- The share interface could benefit from allowing the alt-svc cache to be
- possible to share between easy handles.
-
- See https://github.com/curl/curl/issues/4476
-
- The share interface offers CURL_LOCK_DATA_CONNECT to have multiple easy
- handle share a connection cache, but due to how connections are used they are
- still not thread-safe when used shared.
-
- See https://github.com/curl/curl/issues/4915 and lib1541.c
-
- The share interface offers CURL_LOCK_DATA_HSTS to have multiple easy handle
- share an HSTS cache, but this is not thread-safe.
-
-1.5 get rid of PATH_MAX
-
- Having code use and rely on PATH_MAX is not nice:
- https://insanecoding.blogspot.com/2007/11/pathmax-simply-isnt.html
-
- Currently the libssh2 SSH based code uses it, but to remove PATH_MAX from
- there we need libssh2 to properly tell us when we pass in a too small buffer
- and its current API (as of libssh2 1.2.7) does not.
-
-1.6 thread-safe sharing
-
- Using the share interface users can share some data between easy handles but
- several of the sharing options are documented as not safe and supported to
- share between multiple concurrent threads. Fixing this would enable more
- users to share data in more powerful ways.
-
-1.10 auto-detect proxy
-
- libcurl could be made to detect the system proxy setup automatically and use
- that. On Windows, macOS and Linux desktops for example.
-
- The pull-request to use libproxy for this was deferred due to doubts on the
- reliability of the dependency and how to use it:
- https://github.com/curl/curl/pull/977
-
- libdetectproxy is a (C++) library for detecting the proxy on Windows
- https://github.com/paulharris/libdetectproxy
-
-1.12 updated DNS server while running
-
- If /etc/resolv.conf gets updated while a program using libcurl is running, it
- is may cause name resolves to fail unless res_init() is called. We should
- consider calling res_init() + retry once unconditionally on all name resolve
- failures to mitigate against this. Firefox works like that. Note that Windows
- does not have res_init() or an alternative.
-
- https://github.com/curl/curl/issues/2251
-
-1.13 c-ares and CURLOPT_OPENSOCKETFUNCTION
-
- curl creates most sockets via the CURLOPT_OPENSOCKETFUNCTION callback and
- close them with the CURLOPT_CLOSESOCKETFUNCTION callback. However, c-ares
- does not use those functions and instead opens and closes the sockets itself.
- This means that when curl passes the c-ares socket to the
- CURLMOPT_SOCKETFUNCTION it is not owned by the application like other
- sockets.
-
- See https://github.com/curl/curl/issues/2734
-
-1.15 Monitor connections in the connection pool
-
- libcurl's connection cache or pool holds a number of open connections for the
- purpose of possible subsequent connection reuse. It may contain a few up to a
- significant amount of connections. Currently, libcurl leaves all connections
- as they are and first when a connection is iterated over for matching or
- reuse purpose it is verified that it is still alive.
-
- Those connections may get closed by the server side for idleness or they may
- get an HTTP/2 ping from the peer to verify that they are still alive. By
- adding monitoring of the connections while in the pool, libcurl can detect
- dead connections (and close them) better and earlier, and it can handle
- HTTP/2 pings to keep such ones alive even when not actively doing transfers
- on them.
-
-1.16 Try to URL encode given URL
-
- Given a URL that for example contains spaces, libcurl could have an option
- that would try somewhat harder than it does now and convert spaces to %20 and
- perhaps URL encoded byte values over 128 etc (basically do what the redirect
- following code already does).
-
- https://github.com/curl/curl/issues/514
-
-1.17 Add support for IRIs
-
- IRIs (RFC 3987) allow localized, non-ASCII, names in the URL. To properly
- support this, curl/libcurl would need to translate/encode the given input
- from the input string encoding into percent encoded output "over the wire".
-
- To make that work smoothly for curl users even on Windows, curl would
- probably need to be able to convert from several input encodings.
-
-1.18 try next proxy if one does not work
-
- Allow an application to specify a list of proxies to try, and failing to
- connect to the first go on and try the next instead until the list is
- exhausted. Browsers support this feature at least when they specify proxies
- using PACs.
-
- https://github.com/curl/curl/issues/896
-
-1.19 provide timing info for each redirect
-
- curl and libcurl provide timing information via a set of different
- time-stamps (CURLINFO_*_TIME). When curl is following redirects, those
- returned time value are the accumulated sums. An improvement could be to
- offer separate timings for each redirect.
-
- https://github.com/curl/curl/issues/6743
-
-1.20 SRV and URI DNS records
-
- Offer support for resolving SRV and URI DNS records for libcurl to know which
- server to connect to for various protocols (including HTTP).
-
-1.22 CURLINFO_PAUSE_STATE
-
- Return information about the transfer's current pause state, in both
- directions. https://github.com/curl/curl/issues/2588
-
-1.25 Expose tried IP addresses that failed
-
- When libcurl fails to connect to a host, it could offer the application the
- addresses that were used in the attempt. Source + dest IP, source + dest port
- and protocol (UDP or TCP) for each failure. Possibly as a callback. Perhaps
- also provide "reason".
-
- https://github.com/curl/curl/issues/2126
-
-1.30 config file parsing
-
- Consider providing an API, possibly in a separate companion library, for
- parsing a config file like curl's -K/--config option to allow applications to
- get the same ability to read curl options from files.
-
- See https://github.com/curl/curl/issues/3698
-
-1.31 erase secrets from heap/stack after use
-
- Introducing a concept and system to erase secrets from memory after use, it
- could help mitigate and lessen the impact of (future) security problems etc.
- However: most secrets are passed to libcurl as clear text from the
- application and then clearing them within the library adds nothing...
-
- https://github.com/curl/curl/issues/7268
-
-1.32 add asynch getaddrinfo support
-
- Use getaddrinfo_a() to provide an asynch name resolver backend to libcurl
- that does not use threads and does not depend on c-ares. The getaddrinfo_a
- function is (probably?) glibc specific but that is a widely used libc among
- our users.
-
- https://github.com/curl/curl/pull/6746
-
-1.33 make DoH inherit more transfer properties
-
- Some options are not inherited because they are not relevant for the DoH SSL
- connections, or inheriting the option may result in unexpected behavior. For
- example the user's debug function callback is not inherited because it would
- be unexpected for internal handles (ie DoH handles) to be passed to that
- callback.
-
- If an option is not inherited then it is not possible to set it separately
- for DoH without a DoH-specific option. For example:
- CURLOPT_DOH_SSL_VERIFYHOST, CURLOPT_DOH_SSL_VERIFYPEER and
- CURLOPT_DOH_SSL_VERIFYSTATUS.
-
- See https://github.com/curl/curl/issues/6605
-
-2. libcurl - multi interface
-
-2.1 More non-blocking
-
- Make sure we do not ever loop because of non-blocking sockets returning
- EWOULDBLOCK or similar. Blocking cases include:
-
- - Name resolves on non-Windows unless c-ares or the threaded resolver is used.
-
- - The threaded resolver may block on cleanup:
- https://github.com/curl/curl/issues/4852
-
- - file:// transfers
-
- - TELNET transfers
-
- - GSSAPI authentication for FTP transfers
-
- - The "DONE" operation (post transfer protocol-specific actions) for the
- protocols SFTP, SMTP, FTP. Fixing multi_done() for this is a worthy task.
-
- - curl_multi_remove_handle for any of the above. See section 2.3.
-
- - Calling curl_ws_send() from a callback
-
-2.2 Better support for same name resolves
-
- If a name resolve has been initiated for name NN and a second easy handle
- wants to resolve that name as well, make it wait for the first resolve to end
- up in the cache instead of doing a second separate resolve. This is
- especially needed when adding many simultaneous handles using the same host
- name when the DNS resolver can get flooded.
-
-2.3 Non-blocking curl_multi_remove_handle()
-
- The multi interface has a few API calls that assume a blocking behavior, like
- add_handle() and remove_handle() which limits what we can do internally. The
- multi API need to be moved even more into a single function that "drives"
- everything in a non-blocking manner and signals when something is done. A
- remove or add would then only ask for the action to get started and then
- multi_perform() etc still be called until the add/remove is completed.
-
-2.4 Split connect and authentication process
-
- The multi interface treats the authentication process as part of the connect
- phase. As such any failures during authentication does not trigger the
- relevant QUIT or LOGOFF for protocols such as IMAP, POP3 and SMTP.
-
-2.5 Edge-triggered sockets should work
-
- The multi_socket API should work with edge-triggered socket events. One of
- the internal actions that need to be improved for this to work perfectly is
- the 'maxloops' handling in transfer.c:readwrite_data().
-
-2.6 multi upkeep
-
- In libcurl 7.62.0 we introduced curl_easy_upkeep. It unfortunately only works
- on easy handles. We should introduces a version of that for the multi handle,
- and also consider doing "upkeep" automatically on connections in the
- connection pool when the multi handle is in used.
-
- See https://github.com/curl/curl/issues/3199
-
-2.7 Virtual external sockets
-
- libcurl performs operations on the given file descriptor that presumes it is
- a socket and an application cannot replace them at the moment. Allowing an
- application to fully replace those would allow a larger degree of freedom and
- flexibility.
-
- See https://github.com/curl/curl/issues/5835
-
-2.8 dynamically decide to use socketpair
-
- For users who do not use curl_multi_wait() or do not care for
- curl_multi_wakeup(), we could introduce a way to make libcurl NOT
- create a socketpair in the multi handle.
-
- See https://github.com/curl/curl/issues/4829
-
-3. Documentation
-
-3.1 Improve documentation about fork safety
-
- See https://github.com/curl/curl/issues/6968
-
-4. FTP
-
-4.1 HOST
-
- HOST is a command for a client to tell which hostname to use, to offer FTP
- servers named-based virtual hosting:
-
- https://datatracker.ietf.org/doc/html/rfc7151
-
-4.2 A fixed directory listing format
-
- Since listing the contents of a remove directory with FTP is returning the
- list in a format and style the server likes without any estblished or even
- defactor standard existing, it would be a feature to users if curl could
- parse the directory listing and output a general curl format that is fixed
- and the same, independent of the server's choice. This would allow users to
- better and more reliably extract information about remote content via FTP
- directory listings.
-
-4.6 GSSAPI via Windows SSPI
-
- In addition to currently supporting the SASL GSSAPI mechanism (Kerberos V5)
- via third-party GSS-API libraries, such as MIT Kerberos, also add support
- for GSSAPI authentication via Windows SSPI.
-
-4.7 STAT for LIST without data connection
-
- Some FTP servers allow STAT for listing directories instead of using LIST,
- and the response is then sent over the control connection instead of as the
- otherwise usedw data connection: https://www.nsftools.com/tips/RawFTP.htm#STAT
-
- This is not detailed in any FTP specification.
-
-4.8 Passive transfer could try other IP addresses
-
- When doing FTP operations through a proxy at localhost, the reported spotted
- that curl only tried to connect once to the proxy, while it had multiple
- addresses and a failed connect on one address should make it try the next.
-
- After switching to passive mode (EPSV), curl could try all IP addresses for
- "localhost". Currently it tries ::1, but it should also try 127.0.0.1.
-
- See https://github.com/curl/curl/issues/1508
-
-5. HTTP
-
-5.1 Provide the error body from a CONNECT response
-
- When curl receives a body response from a CONNECT request to a proxy, it
- always just reads and ignores it. It would make some users happy if curl
- instead optionally would be able to make that responsible available. Via a
- new callback? Through some other means?
-
- See https://github.com/curl/curl/issues/9513
-
-5.2 Obey Retry-After in redirects
-
- The Retry-After is said to dictate "the minimum time that the user agent is
- asked to wait before issuing the redirected request" and libcurl does not
- obey this.
-
- See https://github.com/curl/curl/issues/11447
-
-5.3 Rearrange request header order
-
- Server implementers often make an effort to detect browser and to reject
- clients it can detect to not match. One of the last details we cannot yet
- control in libcurl's HTTP requests, which also can be exploited to detect
- that libcurl is in fact used even when it tries to impersonate a browser, is
- the order of the request headers. I propose that we introduce a new option in
- which you give headers a value, and then when the HTTP request is built it
- sorts the headers based on that number. We could then have internally created
- headers use a default value so only headers that need to be moved have to be
- specified.
-
-5.4 Allow SAN names in HTTP/2 server push
-
- curl only allows HTTP/2 push promise if the provided :authority header value
- exactly matches the hostname given in the URL. It could be extended to allow
- any name that would match the Subject Alternative Names in the server's TLS
- certificate.
-
- See https://github.com/curl/curl/pull/3581
-
-5.5 auth= in URLs
-
- Add the ability to specify the preferred authentication mechanism to use by
- using ;auth= in the login part of the URL.
-
- For example:
-
- http://test:pass;auth=NTLM@example.com would be equivalent to specifying
- --user test:pass;auth=NTLM or --user test:pass --ntlm from the command line.
-
- Additionally this should be implemented for proxy base URLs as well.
-
-5.6 alt-svc should fallback if alt-svc does not work
-
- The alt-svc: header provides a set of alternative services for curl to use
- instead of the original. If the first attempted one fails, it should try the
- next etc and if all alternatives fail go back to the original.
-
- See https://github.com/curl/curl/issues/4908
-
-5.7 Require HTTP version X or higher
-
- curl and libcurl provide options for trying higher HTTP versions (for example
- HTTP/2) but then still allows the server to pick version 1.1. We could
- consider adding a way to require a minimum version.
-
- See https://github.com/curl/curl/issues/7980
-
-6. TELNET
-
-6.1 ditch stdin
-
- Reading input (to send to the remote server) on stdin is a crappy solution
- for library purposes. We need to invent a good way for the application to be
- able to provide the data to send.
-
-6.2 ditch telnet-specific select
-
- Move the telnet support's network select() loop go away and merge the code
- into the main transfer loop. Until this is done, the multi interface does not
- work for telnet.
-
-6.3 feature negotiation debug data
-
- Add telnet feature negotiation data to the debug callback as header data.
-
-6.4 exit immediately upon connection if stdin is /dev/null
-
- If it did, curl could be used to probe if there is an server there listening
- on a specific port. That is, the following command would exit immediately
- after the connection is established with exit code 0:
-
-    curl -s --connect-timeout 2 telnet://example.com:80  NOTIFY=SUCCESS,FAILURE" );
-
- https://github.com/curl/curl/issues/8232
-
-7.2 Enhanced capability support
-
- Add the ability, for an application that uses libcurl, to obtain the list of
- capabilities returned from the EHLO command.
-
-7.3 Add CURLOPT_MAIL_CLIENT option
-
- Rather than use the URL to specify the mail client string to present in the
- HELO and EHLO commands, libcurl should support a new CURLOPT specifically for
- specifying this data as the URL is non-standard and to be honest a bit of a
- hack ;-)
-
- Please see the following thread for more information:
- https://curl.se/mail/lib-2012-05/0178.html
-
-
-8. POP3
-
-8.2 Enhanced capability support
-
- Add the ability, for an application that uses libcurl, to obtain the list of
- capabilities returned from the CAPA command.
-
-9. IMAP
-
-9.1 Enhanced capability support
-
- Add the ability, for an application that uses libcurl, to obtain the list of
- capabilities returned from the CAPABILITY command.
-
-10. LDAP
-
-10.1 SASL based authentication mechanisms
-
- Currently the LDAP module only supports ldap_simple_bind_s() in order to bind
- to an LDAP server. However, this function sends username and password details
- using the simple authentication mechanism (as clear text). However, it should
- be possible to use ldap_bind_s() instead specifying the security context
- information ourselves.
-
-10.2 CURLOPT_SSL_CTX_FUNCTION for LDAPS
-
- CURLOPT_SSL_CTX_FUNCTION works perfectly for HTTPS and email protocols, but
- it has no effect for LDAPS connections.
-
- https://github.com/curl/curl/issues/4108
-
-10.3 Paged searches on LDAP server
-
- https://github.com/curl/curl/issues/4452
-
-10.4 Certificate-Based Authentication
-
- LDAPS not possible with macOS and Windows with Certificate-Based Authentication
-
- https://github.com/curl/curl/issues/9641
-
-11. SMB
-
-11.1 File listing support
-
- Add support for listing the contents of an SMB share. The output should
- probably be the same as/similar to FTP.
-
-11.2 Honor file timestamps
-
- The timestamp of the transferred file should reflect that of the original
- file.
-
-11.3 Use NTLMv2
-
- Currently the SMB authentication uses NTLMv1.
-
-11.4 Create remote directories
-
- Support for creating remote directories when uploading a file to a directory
- that does not exist on the server, just like --ftp-create-dirs.
-
-
-12. FILE
-
-12.1 Directory listing on non-POSIX
-
- Listing the contents of a directory accessed with FILE only works on
- platforms with opendir. Support could be added for more systems, like
- Windows.
-
-13. TLS
-
-13.1 TLS-PSK with OpenSSL
-
- Transport Layer Security pre-shared key ciphersuites (TLS-PSK) is a set of
- cryptographic protocols that provide secure communication based on pre-shared
- keys (PSKs). These pre-shared keys are symmetric keys shared in advance among
- the communicating parties.
-
- https://github.com/curl/curl/issues/5081
-
-13.2 TLS channel binding
-
- TLS 1.2 and 1.3 provide the ability to extract some secret data from the TLS
- connection and use it in the client request (usually in some sort of
- authentication) to ensure that the data sent is bound to the specific TLS
- connection and cannot be successfully intercepted by a proxy. This
- functionality can be used in a standard authentication mechanism such as
- GSS-API or SCRAM, or in custom approaches like custom HTTP Authentication
- headers.
-
- For TLS 1.2, the binding type is usually tls-unique, and for TLS 1.3 it is
- tls-exporter.
-
- https://datatracker.ietf.org/doc/html/rfc5929
- https://datatracker.ietf.org/doc/html/rfc9266
- https://github.com/curl/curl/issues/9226
-
-13.3 Defeat TLS fingerprinting
-
- By changing the order of TLS extensions provided in the TLS handshake, it is
- sometimes possible to circumvent TLS fingerprinting by servers. The TLS
- extension order is of course not the only way to fingerprint a client.
-
-13.4 Consider OCSP stapling by default
-
- Treat a negative response a reason for aborting the connection. Since OCSP
- stapling is presumed to get used much less in the future when Let's Encrypt
- drops the OCSP support, the benefit of this might however be limited.
-
- https://github.com/curl/curl/issues/15483
-
-13.6 Provide callback for cert verification
-
- OpenSSL supports a callback for customised verification of the peer
- certificate, but this does not seem to be exposed in the libcurl APIs. Could
- it be? There is so much that could be done if it were.
-
-13.7 Less memory massaging with Schannel
-
- The Schannel backend does a lot of custom memory management we would rather
- avoid: the repeated alloc + free in sends and the custom memory + realloc
- system for encrypted and decrypted data. That should be avoided and reduced
- for 1) efficiency and 2) safety.
-
-13.8 Support DANE
-
- DNS-Based Authentication of Named Entities (DANE) is a way to provide SSL
- keys and certs over DNS using DNSSEC as an alternative to the CA model.
- https://datatracker.ietf.org/doc/html/rfc6698
-
- An initial patch was posted by Suresh Krishnaswamy on March 7th 2013
- (https://curl.se/mail/lib-2013-03/0075.html) but it was a too simple
- approach. See Daniel's comments:
- https://curl.se/mail/lib-2013-03/0103.html . libunbound may be the
- correct library to base this development on.
-
- Björn Stenberg wrote a separate initial take on DANE that was never
- completed.
-
-13.9 TLS record padding
-
- TLS (1.3) offers optional record padding and OpenSSL provides an API for it.
- I could make sense for libcurl to offer this ability to applications to make
- traffic patterns harder to figure out by network traffic observers.
-
- See https://github.com/curl/curl/issues/5398
-
-13.10 Support Authority Information Access certificate extension (AIA)
-
- AIA can provide various things like CRLs but more importantly information
- about intermediate CA certificates that can allow validation path to be
- fulfilled when the HTTPS server does not itself provide them.
-
- Since AIA is about downloading certs on demand to complete a TLS handshake,
- it is probably a bit tricky to get done right.
-
- See https://github.com/curl/curl/issues/2793
-
-13.11 Some TLS options are not offered for HTTPS proxies
-
- Some TLS related options to the command line tool and libcurl are only
- provided for the server and not for HTTPS proxies. --proxy-tls-max,
- --proxy-tlsv1.3, --proxy-curves and a few more.
- For more Documentation on this see:
- https://curl.se/libcurl/c/tls-options.html
-
- https://github.com/curl/curl/issues/12286
-
-13.13 Make sure we forbid TLS 1.3 post-handshake authentication
-
- RFC 8740 explains how using HTTP/2 must forbid the use of TLS 1.3
- post-handshake authentication. We should make sure to live up to that.
-
- See https://github.com/curl/curl/issues/5396
-
-13.14 Support the clienthello extension
-
- Certain stupid networks and middle boxes have a problem with SSL handshake
- packets that are within a certain size range because how that sets some bits
- that previously (in older TLS version) were not set. The clienthello
- extension adds padding to avoid that size range.
-
- https://datatracker.ietf.org/doc/html/rfc7685
- https://github.com/curl/curl/issues/2299
-
-13.16 Share the CA cache
-
- For TLS backends that supports CA caching, it makes sense to allow the share
- object to be used to store the CA cache as well via the share API. Would
- allow multiple easy handles to reuse the CA cache and save themselves from a
- lot of extra processing overhead.
-
-13.17 Add missing features to TLS backends
-
- The feature matrix at https://curl.se/libcurl/c/tls-options.html shows which
- features are supported by which TLS backends, and thus also where there are
- feature gaps.
-
-14. Proxy
-
-14.1 Retry SOCKS handshake on address type not supported
-
- When curl resolves a hostname, it might get a mix of IPv6 and IPv4 returned.
- curl might then use an IPv6 address with a SOCKS5 proxy, which - if it does
- not support IPv6 - returns "Address type not supported" and curl exits with
- that error.
-
- Perhaps it is preferred if curl would in this situation instead first retry
- the SOCKS handshake again for this case and then use one of the IPv4
- addresses for the target host.
-
- See https://github.com/curl/curl/issues/17222
-
-15. Schannel
-
-15.1 Extend support for client certificate authentication
-
- The existing support for the -E/--cert and --key options could be
- extended by supplying a custom certificate and key in PEM format, see:
- - Getting a Certificate for Schannel
-   https://learn.microsoft.com/windows/win32/secauthn/getting-a-certificate-for-schannel
-
-15.2 Extend support for the --ciphers option
-
- The existing support for the --ciphers option could be extended
- by mapping the OpenSSL/GnuTLS cipher suites to the Schannel APIs, see
- - Specifying Schannel Ciphers and Cipher Strengths
-   https://learn.microsoft.com/windows/win32/secauthn/specifying-schannel-ciphers-and-cipher-strengths
-
-15.4 Add option to allow abrupt server closure
-
- libcurl with Schannel errors without a known termination point from the server
- (such as length of transfer, or SSL "close notify" alert) to prevent against
- a truncation attack. Really old servers may neglect to send any termination
- point. An option could be added to ignore such abrupt closures.
-
- https://github.com/curl/curl/issues/4427
-
-16. SASL
-
-16.1 Other authentication mechanisms
-
- Add support for other authentication mechanisms such as OLP,
- GSS-SPNEGO and others.
-
-16.2 Add QOP support to GSSAPI authentication
-
- Currently the GSSAPI authentication only supports the default QOP of auth
- (Authentication), whilst Kerberos V5 supports both auth-int (Authentication
- with integrity protection) and auth-conf (Authentication with integrity and
- privacy protection).
-
-
-17. SSH protocols
-
-17.1 Multiplexing
-
- SSH is a perfectly fine multiplexed protocols which would allow libcurl to do
- multiple parallel transfers from the same host using the same connection,
- much in the same spirit as HTTP/2 does. libcurl however does not take
- advantage of that ability but does instead always create a new connection for
- new transfers even if an existing connection already exists to the host.
-
- To fix this, libcurl would have to detect an existing connection and "attach"
- the new transfer to the existing one.
-
-17.2 Handle growing SFTP files
-
- The SFTP code in libcurl checks the file size *before* a transfer starts and
- then proceeds to transfer exactly that amount of data. If the remote file
- grows while the transfer is in progress libcurl does not notice and does not
- adapt. The OpenSSH SFTP command line tool does and libcurl could also just
- attempt to download more to see if there is more to get...
-
- https://github.com/curl/curl/issues/4344
-
-17.3 Read keys from ~/.ssh/id_ecdsa, id_ed25519
-
- The libssh2 backend in curl is limited to only reading keys from id_rsa and
- id_dsa, which makes it fail connecting to servers that use more modern key
- types.
-
- https://github.com/curl/curl/issues/8586
-
-17.4 Support CURLOPT_PREQUOTE
-
- The two other QUOTE options are supported for SFTP, but this was left out for
- unknown reasons.
-
-17.5 SSH over HTTPS proxy with more backends
-
- The SSH based protocols SFTP and SCP did not work over HTTPS proxy at
- all until PR https://github.com/curl/curl/pull/6021 brought the
- functionality with the libssh2 backend. Presumably, this support
- can/could be added for the other backends as well.
-
-17.6 SFTP with SCP://
-
- OpenSSH 9 switched their 'scp' tool to speak SFTP under the hood. Going
- forward it might be worth having curl or libcurl attempt SFTP if SCP fails to
- follow suite.
-
-18. Command line tool
-
-18.1 sync
-
- "curl --sync http://example.com/feed[1-100].rss" or
- "curl --sync http://example.net/{index,calendar,history}.html"
-
- Downloads a range or set of URLs using the remote name, but only if the
- remote file is newer than the local file. A Last-Modified HTTP date header
- should also be used to set the mod date on the downloaded file.
-
-18.2 glob posts
-
- Globbing support for -d and -F, as in 'curl -d "name=foo[0-9]" URL'.
- This is easily scripted though.
-
-18.4 --proxycommand
-
- Allow the user to make curl run a command and use its stdio to make requests
- and not do any network connection by itself. Example:
-
-   curl --proxycommand 'ssh pi@raspberrypi.local -W 10.1.1.75 80' \
-        http://some/otherwise/unavailable/service.php
-
- See https://github.com/curl/curl/issues/4941
-
-18.5 UTF-8 filenames in Content-Disposition
-
- RFC 6266 documents how UTF-8 names can be passed to a client in the
- Content-Disposition header, and curl does not support this.
-
- https://github.com/curl/curl/issues/1888
-
-18.6 Option to make -Z merge lined based outputs on stdout
-
- When a user requests multiple lined based files using -Z and sends them to
- stdout, curl does not "merge" and send complete lines fine but may send
- partial lines from several sources.
-
- https://github.com/curl/curl/issues/5175
-
-18.7 specify which response codes that make -f/--fail return error
-
- Allows a user to better specify exactly which error code(s) that are fine
- and which are errors for their specific uses cases
-
-18.9 Choose the name of file in braces for complex URLs
-
- When using braces to download a list of URLs and you use complicated names
- in the list of alternatives, it could be handy to allow curl to use other
- names when saving.
-
- Consider a way to offer that. Possibly like
- {partURL1:name1,partURL2:name2,partURL3:name3} where the name following the
- colon is the output name.
-
- See https://github.com/curl/curl/issues/221
-
-18.10 improve how curl works in a Windows console window
-
- If you pull the scrollbar when transferring with curl in a Windows console
- window, the transfer is interrupted and can get disconnected. This can
- probably be improved. See https://github.com/curl/curl/issues/322
-
-18.11 Windows: set attribute 'archive' for completed downloads
-
- The archive bit (FILE_ATTRIBUTE_ARCHIVE, 0x20) separates files that shall be
- backed up from those that are either not ready or have not changed.
-
- Downloads in progress are neither ready to be backed up, nor should they be
- opened by a different process. Only after a download has been completed it is
- sensible to include it in any integer snapshot or backup of the system.
-
- See https://github.com/curl/curl/issues/3354
-
-18.12 keep running, read instructions from pipe/socket
-
- Provide an option that makes curl not exit after the last URL (or even work
- without a given URL), and then make it read instructions passed on a pipe or
- over a socket to make further instructions so that a second subsequent curl
- invoke can talk to the still running instance and ask for transfers to get
- done, and thus maintain its connection pool, DNS cache and more.
-
-18.13 Acknowledge Ratelimit headers
-
- Consider a command line option that can make curl do multiple serial requests
- while acknowledging server specified rate limits:
- https://datatracker.ietf.org/doc/draft-ietf-httpapi-ratelimit-headers/
-
- See https://github.com/curl/curl/issues/5406
-
-18.14 --dry-run
-
- A command line option that makes curl show exactly what it would do and send
- if it would run for real.
-
- See https://github.com/curl/curl/issues/5426
-
-18.15 --retry should resume
-
- When --retry is used and curl actually retries transfer, it should use the
- already transferred data and do a resumed transfer for the rest (when
- possible) so that it does not have to transfer the same data again that was
- already transferred before the retry.
-
- See https://github.com/curl/curl/issues/1084
-
-18.17 consider filename from the redirected URL with -O ?
-
- When a user gives a URL and uses -O, and curl follows a redirect to a new
- URL, the filename is not extracted and used from the newly redirected-to URL
- even if the new URL may have a much more sensible filename.
-
- This is clearly documented and helps for security since there is no surprise
- to users which filename that might get overwritten, but maybe a new option
- could allow for this or maybe -J should imply such a treatment as well as -J
- already allows for the server to decide what filename to use so it already
- provides the "may overwrite any file" risk.
-
- This is extra tricky if the original URL has no filename part at all since
- then the current code path does error out with an error message, and we
- cannot *know* already at that point if curl is redirected to a URL that has a
- filename...
-
- See https://github.com/curl/curl/issues/1241
-
-18.18 retry on network is unreachable
-
- The --retry option retries transfers on "transient failures". We later added
- --retry-connrefused to also retry for "connection refused" errors.
-
- Suggestions have been brought to also allow retry on "network is unreachable"
- errors and while totally reasonable, maybe we should consider a way to make
- this more configurable than to add a new option for every new error people
- want to retry for?
-
- https://github.com/curl/curl/issues/1603
-
-18.20 hostname sections in config files
-
- config files would be more powerful if they could set different
- configurations depending on used URLs, hostname or possibly origin. Then a
- default .curlrc could a specific user-agent only when doing requests against
- a certain site.
-
-18.21 retry on the redirected-to URL
-
- When curl is told to --retry a failed transfer and follows redirects, it
- might get an HTTP 429 response from the redirected-to URL and not the
- original one, which then could make curl decide to rather retry the transfer
- on that URL only instead of the original operation to the original URL.
-
- Perhaps extra emphasized if the original transfer is a large POST that
- redirects to a separate GET, and that GET is what gets the 529
-
- See https://github.com/curl/curl/issues/5462
-
-18.23 Set the modification date on an uploaded file
-
- For SFTP and possibly FTP, curl could offer an option to set the
- modification time for the uploaded file.
-
- See https://github.com/curl/curl/issues/5768
-
-18.24 Use multiple parallel transfers for a single download
-
- To enhance transfer speed, downloading a single URL can be split up into
- multiple separate range downloads that get combined into a single final
- result.
-
- An ideal implementation would not use a specified number of parallel
- transfers, but curl could:
- - First start getting the full file as transfer A
- - If after N seconds have passed and the transfer is expected to continue for
-   M seconds or more, add a new transfer (B) that asks for the second half of
-   A's content (and stop A at the middle).
- - If splitting up the work improves the transfer rate, it could then be done
-   again. Then again, etc up to a limit.
-
- This way, if transfer B fails (because Range: is not supported) it lets
- transfer A remain the single one. N and M could be set to some sensible
- defaults.
-
- See https://github.com/curl/curl/issues/5774
-
-18.25 Prevent terminal injection when writing to terminal
-
- curl could offer an option to make escape sequence either non-functional or
- avoid cursor moves or similar to reduce the risk of a user getting tricked by
- clever tricks.
-
- See https://github.com/curl/curl/issues/6150
-
-18.26 Custom progress meter update interval
-
- Users who are for example doing large downloads in CI or remote setups might
- want the occasional progress meter update to see that the transfer is
- progressing and has not stuck, but they may not appreciate the
- many-times-a-second frequency curl can end up doing it with now.
-
-18.27 -J and -O with %-encoded filenames
-
- -J/--remote-header-name does not decode %-encoded filenames. RFC 6266 details
- how it should be done. The can of worm is basically that we have no charset
- handling in curl and ASCII >=128 is a challenge for us. Not to mention that
- decoding also means that we need to check for nastiness that is attempted,
- like "../" sequences and the like. Probably everything to the left of any
- embedded slashes should be cut off.
- https://curl.se/bug/view.cgi?id=1294
-
- -O also does not decode %-encoded names, and while it has even less
- information about the charset involved the process is similar to the -J case.
-
- Note that we do not decode -O without the user asking for it with some other
- means, since -O has always been documented to use the name exactly as
- specified in the URL.
-
-18.28 -J with -C -
-
- When using -J (with -O), automatically resumed downloading together with "-C
- -" fails. Without -J the same command line works. This happens because the
- resume logic is worked out before the target filename (and thus its
- pre-transfer size) has been figured out. This can be improved.
-
- https://curl.se/bug/view.cgi?id=1169
-
-18.29 --retry and transfer timeouts
-
- If using --retry and the transfer timeouts (possibly due to using -m or
- -y/-Y) the next attempt does not resume the transfer properly from what was
- downloaded in the previous attempt but truncates and restarts at the original
- position where it was at before the previous failed attempt. See
- https://curl.se/mail/lib-2008-01/0080.html
-
-19. Build
-
-19.2 Enable PIE and RELRO by default
-
- Especially when having programs that execute curl via the command line, PIE
- renders the exploitation of memory corruption vulnerabilities a lot more
- difficult. This can be attributed to the additional information leaks being
- required to conduct a successful attack. RELRO, on the other hand, masks
- different binary sections like the GOT as read-only and thus kills a handful
- of techniques that come in handy when attackers are able to arbitrarily
- overwrite memory. A few tests showed that enabling these features had close
- to no impact, neither on the performance nor on the general functionality of
- curl.
-
-19.3 Do not use GNU libtool on OpenBSD
-
- When compiling curl on OpenBSD with "--enable-debug" it gives linking errors
- when you use GNU libtool. This can be fixed by using the libtool provided by
- OpenBSD itself. However for this the user always needs to invoke make with
- "LIBTOOL=/usr/bin/libtool". It would be nice if the script could have some
- magic to detect if this system is an OpenBSD host and then use the OpenBSD
- libtool instead.
-
- See https://github.com/curl/curl/issues/5862
-
-19.4 Package curl for Windows in a signed installer
-
- See https://github.com/curl/curl/issues/5424
-
-19.5 make configure use --cache-file more and better
-
- The configure script can be improved to cache more values so that repeated
- invokes run much faster.
-
- See https://github.com/curl/curl/issues/7753
-
-20. Test suite
-
-20.1 SSL tunnel
-
- Make our own version of stunnel for simple port forwarding to enable HTTPS
- and FTP-SSL tests without the stunnel dependency, and it could allow us to
- provide test tools built with either OpenSSL or GnuTLS
-
-20.2 more protocols supported
-
- Extend the test suite to include more protocols. The telnet could just do FTP
- or http operations (for which we have test servers).
-
-20.3 more platforms supported
-
- Make the test suite work on more platforms. OpenBSD and macOS. Remove
- fork()s and it should become even more portable.
-
-20.4 write an SMB test server to replace impacket
-
- This would allow us to run SMB tests on more platforms and do better and more
- covering tests.
-
- See https://github.com/curl/curl/issues/15697
-
-20.5 Use the RFC 6265 test suite
-
- A test suite made for HTTP cookies (RFC 6265) by Adam Barth is available at
- https://github.com/abarth/http-state/tree/master/tests
-
- It would be good if someone would write a script/setup that would run curl
- with that test suite and detect deviances. Ideally, that would even be
- incorporated into our regular test suite.
-
-20.6 Run web-platform-tests URL tests
-
- Run web-platform-tests URL tests and compare results with browsers on wpt.fyi
-
- It would help us find issues to fix and help us document where our parser
- differs from the WHATWG URL spec parsers.
-
- See https://github.com/curl/curl/issues/4477
-
-21. MQTT
-
-21.1 Support rate-limiting
-
- The rate-limiting logic is done in the PERFORMING state in multi.c but MQTT
- is not (yet) implemented to use that.
-
-21.2 Support MQTTS
-
-21.3 Handle network blocks
-
- Running test suite with `CURL_DBG_SOCK_WBLOCK=90 ./runtests.pl -a mqtt` makes
- several MQTT test cases fail where they should not.
-
-21.4 large payloads
-
- libcurl unnecessarily allocates heap memory to hold the entire payload to get
- sent, when the data is already perfectly accessible where it is when
- `CURLOPT_POSTFIELDS` is used. This is highly inefficient for larger payloads.
- Additionally, libcurl does not support using the read callback for sending
- MQTT which is yet another way to avoid having to hold large payload in
- memory.
-
-22. TFTP
-
-22.1 TFTP does not convert LF to CRLF for mode=netascii
-
- RFC 3617 defines that an TFTP transfer can be done using "netascii" mode.
- curl does not support extracting that mode from the URL nor does it treat
- such transfers specifically. It should probably do LF to CRLF translations
- for them.
-
- See https://github.com/curl/curl/issues/12655
-
-23. Gopher
-
-23.1 Handle network blocks
-
-  Running test suite with
-  `CURL_DBG_SOCK_WBLOCK=90 ./runtests.pl -a 1200 to 1300` makes several
-  Gopher test cases fail where they should not.
diff --git a/docs/TODO.md b/docs/TODO.md
new file mode 100644
index 0000000000..09b45443c7
--- /dev/null
+++ b/docs/TODO.md
@@ -0,0 +1,1111 @@
+
+
+# TODO intro
+
+Things to do in project curl. Please tell us what you think, contribute and
+send us patches that improve things.
+
+Be aware that these are things that we could do, or have once been considered
+things we could do. If you want to work on any of these areas, please consider
+bringing it up for discussions first on the mailing list so that we all agree
+it is still a good idea for the project.
+
+All bugs documented in the [known_bugs
+document](https://curl.se/docs/knownbugs.html) are subject for fixing.
+
+# libcurl
+
+## TCP Fast Open support on Windows
+
+libcurl supports the `CURLOPT_TCP_FASTOPEN` option since 7.49.0 for Linux and
+macOS. Windows supports TCP Fast Open starting with Windows 10, version 1607
+and we should add support for it.
+
+TCP Fast Open is supported on several platforms but not on Windows. Work on
+this was once started but never finished.
+
+See [curl pull request 3378](https://github.com/curl/curl/pull/3378)
+
+## Consult `%APPDATA%` also for `.netrc`
+
+`%APPDATA%\.netrc` is not considered when running on Windows. Should not it?
+
+See [curl issue 4016](https://github.com/curl/curl/issues/4016)
+
+## `struct lifreq`
+
+Use `struct lifreq` and `SIOCGLIFADDR` instead of `struct ifreq` and
+`SIOCGIFADDR` on newer Solaris versions as they claim the latter is obsolete.
+To support IPv6 interface addresses for network interfaces properly.
+
+## alt-svc sharing
+
+The share interface could benefit from allowing the alt-svc cache to be
+possible to share between easy handles.
+
+See [curl issue 4476](https://github.com/curl/curl/issues/4476)
+
+The share interface offers CURL_LOCK_DATA_CONNECT to have multiple easy
+handle share a connection cache, but due to how connections are used they are
+still not thread-safe when used shared.
+
+See [curl issue 4915](https://github.com/curl/curl/issues/4915) and lib1541.c
+
+The share interface offers CURL_LOCK_DATA_HSTS to have multiple easy handle
+share an HSTS cache, but this is not thread-safe.
+
+## get rid of PATH_MAX
+
+Having code use and rely on PATH_MAX is not nice:
+https://insanecoding.blogspot.com/2007/11/pathmax-simply-isnt.html
+
+Currently the libssh2 SSH based code uses it, but to remove PATH_MAX from
+there we need libssh2 to properly tell us when we pass in a too small buffer
+and its current API (as of libssh2 1.2.7) does not.
+
+## thread-safe sharing
+
+Using the share interface users can share some data between easy handles but
+several of the sharing options are documented as not safe and supported to
+share between multiple concurrent threads. Fixing this would enable more users
+to share data in more powerful ways.
+
+## auto-detect proxy
+
+libcurl could be made to detect the system proxy setup automatically and use
+that. On Windows, macOS and Linux desktops for example.
+
+The [pull-request to use *libproxy*](https://github.com/curl/curl/pull/977)
+for this was deferred due to doubts on the reliability of the dependency and
+how to use it.
+
+[*libdetectproxy*](https://github.com/paulharris/libdetectproxy) is a (C++)
+library for detecting the proxy on Windows.
+
+## updated DNS server while running
+
+If `/etc/resolv.conf` gets updated while a program using libcurl is running, it
+is may cause name resolves to fail unless `res_init()` is called. We should
+consider calling `res_init()` + retry once unconditionally on all name resolve
+failures to mitigate against this. Firefox works like that. Note that Windows
+does not have `res_init()` or an alternative.
+
+[curl issue 2251](https://github.com/curl/curl/issues/2251)
+
+## c-ares and CURLOPT_OPENSOCKETFUNCTION
+
+curl creates most sockets via the CURLOPT_OPENSOCKETFUNCTION callback and
+close them with the CURLOPT_CLOSESOCKETFUNCTION callback. However, c-ares does
+not use those functions and instead opens and closes the sockets itself. This
+means that when curl passes the c-ares socket to the CURLMOPT_SOCKETFUNCTION
+it is not owned by the application like other sockets.
+
+See [curl issue 2734](https://github.com/curl/curl/issues/2734)
+
+## Monitor connections in the connection pool
+
+libcurl's connection cache or pool holds a number of open connections for the
+purpose of possible subsequent connection reuse. It may contain a few up to a
+significant amount of connections. Currently, libcurl leaves all connections
+as they are and first when a connection is iterated over for matching or reuse
+purpose it is verified that it is still alive.
+
+Those connections may get closed by the server side for idleness or they may
+get an HTTP/2 ping from the peer to verify that they are still alive. By
+adding monitoring of the connections while in the pool, libcurl can detect
+dead connections (and close them) better and earlier, and it can handle HTTP/2
+pings to keep such ones alive even when not actively doing transfers on them.
+
+## Try to URL encode given URL
+
+Given a URL that for example contains spaces, libcurl could have an option
+that would try somewhat harder than it does now and convert spaces to %20 and
+perhaps URL encoded byte values over 128 etc (basically do what the redirect
+following code already does).
+
+[curl issue 514](https://github.com/curl/curl/issues/514)
+
+## Add support for IRIs
+
+IRIs (RFC 3987) allow localized, non-ASCII, names in the URL. To properly
+support this, curl/libcurl would need to translate/encode the given input
+from the input string encoding into percent encoded output "over the wire".
+
+To make that work smoothly for curl users even on Windows, curl would probably
+need to be able to convert from several input encodings.
+
+## try next proxy if one does not work
+
+Allow an application to specify a list of proxies to try, and failing to
+connect to the first go on and try the next instead until the list is
+exhausted. Browsers support this feature at least when they specify proxies
+using `PAC`.
+
+[curl issue 896](https://github.com/curl/curl/issues/896)
+
+## provide timing info for each redirect
+
+curl and libcurl provide timing information via a set of different time-stamps
+(CURLINFO_*_TIME). When curl is following redirects, those returned time value
+are the accumulated sums. An improvement could be to offer separate timings
+for each redirect.
+
+[curl issue 6743](https://github.com/curl/curl/issues/6743)
+
+## `SRV` and `URI` DNS records
+
+Offer support for resolving `SRV` and `URI` DNS records for libcurl to know which
+server to connect to for various protocols (including HTTP).
+
+## CURLINFO_PAUSE_STATE
+
+Return information about the transfer's current pause state, in both
+directions. See [curl issue 2588](https://github.com/curl/curl/issues/2588)
+
+## Expose tried IP addresses that failed
+
+When libcurl fails to connect to a host, it could offer the application the
+addresses that were used in the attempt. Source + destination IP, source +
+destination port and protocol (UDP or TCP) for each failure. Possibly as a
+callback. Perhaps also provide reason.
+
+[curl issue 2126](https://github.com/curl/curl/issues/2126)
+
+## config file parsing
+
+Consider providing an API, possibly in a separate companion library, for
+parsing a config file like curl's `-K`/`--config` option to allow applications
+to get the same ability to read curl options from files.
+
+See [curl issue 3698](https://github.com/curl/curl/issues/3698)
+
+## erase secrets from heap/stack after use
+
+Introducing a concept and system to erase secrets from memory after use, it
+could help mitigate and lessen the impact of (future) security problems etc.
+However: most secrets are passed to libcurl as clear text from the application
+and then clearing them within the library adds nothing...
+
+[curl issue 7268](https://github.com/curl/curl/issues/7268)
+
+## add asynch getaddrinfo support
+
+Use `getaddrinfo_a()` to provide an asynch name resolver backend to libcurl
+that does not use threads and does not depend on c-ares. The `getaddrinfo_a`
+function is (probably?) glibc specific but that is a widely used libc among
+our users.
+
+[curl pull request 6746](https://github.com/curl/curl/pull/6746)
+
+## make DoH inherit more transfer properties
+
+Some options are not inherited because they are not relevant for the DoH SSL
+connections, or inheriting the option may result in unexpected behavior. For
+example the user's debug function callback is not inherited because it would
+be unexpected for internal handles (i.e DoH handles) to be passed to that
+callback.
+
+If an option is not inherited then it is not possible to set it separately
+for DoH without a DoH-specific option. For example:
+`CURLOPT_DOH_SSL_VERIFYHOST`, `CURLOPT_DOH_SSL_VERIFYPEER` and
+`CURLOPT_DOH_SSL_VERIFYSTATUS`.
+
+See [curl issue 6605](https://github.com/curl/curl/issues/6605)
+
+# libcurl - multi interface
+
+## More non-blocking
+
+Make sure we do not ever loop because of non-blocking sockets returning
+`EWOULDBLOCK` or similar. Blocking cases include:
+
+- Name resolves on non-Windows unless c-ares or the threaded resolver is used.
+- The threaded resolver may block on cleanup:
+  [curl issue 4852](https://github.com/curl/curl/issues/4852)
+- `file://` transfers
+- TELNET transfers
+- GSSAPI authentication for FTP transfers
+- The "DONE" operation (post transfer protocol-specific actions) for the
+protocols SFTP, SMTP, FTP. Fixing `multi_done()` for this is a worthy task.
+- `curl_multi_remove_handle()` for any of the above.
+- Calling `curl_ws_send()` from a callback
+
+## Better support for same name resolves
+
+If a name resolve has been initiated for a given name and a second easy handle
+wants to resolve that same name as well, make it wait for the first resolve to
+end up in the cache instead of doing a second separate resolve. This is
+especially needed when adding many simultaneous handles using the same
+hostname when the DNS resolver can get flooded.
+
+## Non-blocking `curl_multi_remove_handle()`
+
+The multi interface has a few API calls that assume a blocking behavior, like
+`add_handle()` and `remove_handle()` which limits what we can do internally.
+The multi API need to be moved even more into a single function that "drives"
+everything in a non-blocking manner and signals when something is done. A
+remove or add would then only ask for the action to get started and then
+`multi_perform()` etc still be called until the add/remove is completed.
+
+## Split connect and authentication process
+
+The multi interface treats the authentication process as part of the connect
+phase. As such any failures during authentication does not trigger the
+relevant QUIT or LOGOFF for protocols such as IMAP, POP3 and SMTP.
+
+## Edge-triggered sockets should work
+
+The multi_socket API should work with edge-triggered socket events. One of the
+internal actions that need to be improved for this to work perfectly is the
+`maxloops` handling in `transfer.c:readwrite_data()`.
+
+## multi upkeep
+
+In libcurl 7.62.0 we introduced `curl_easy_upkeep`. It unfortunately only
+works on easy handles. We should introduces a version of that for the multi
+handle, and also consider doing `upkeep` automatically on connections in the
+connection pool when the multi handle is in used.
+
+See [curl issue 3199](https://github.com/curl/curl/issues/3199)
+
+## Virtual external sockets
+
+libcurl performs operations on the given file descriptor that presumes it is a
+socket and an application cannot replace them at the moment. Allowing an
+application to fully replace those would allow a larger degree of freedom and
+flexibility.
+
+See [curl issue 5835](https://github.com/curl/curl/issues/5835)
+
+## dynamically decide to use socketpair
+
+For users who do not use `curl_multi_wait()` or do not care for
+`curl_multi_wakeup()`, we could introduce a way to make libcurl NOT create a
+socketpair in the multi handle.
+
+See [curl issue 4829](https://github.com/curl/curl/issues/4829)
+
+# Documentation
+
+## Improve documentation about fork safety
+
+See [curl issue 6968](https://github.com/curl/curl/issues/6968)
+
+# FTP
+
+## HOST
+
+HOST is a command for a client to tell which hostname to use, to offer FTP
+servers named-based virtual hosting:
+
+https://datatracker.ietf.org/doc/html/rfc7151
+
+## A fixed directory listing format
+
+Since listing the contents of a remove directory with FTP is returning the
+list in a format and style the server likes without any established or even
+defacto standard existing, it would be a feature to users if curl could parse
+the directory listing and output a general curl format that is fixed and the
+same, independent of the server's choice. This would allow users to better and
+more reliably extract information about remote content via FTP directory
+listings.
+
+## GSSAPI via Windows SSPI
+
+In addition to currently supporting the SASL GSSAPI mechanism (Kerberos V5)
+via third-party GSS-API libraries, such as MIT Kerberos, also add support for
+GSSAPI authentication via Windows SSPI.
+
+## STAT for LIST without data connection
+
+Some FTP servers allow STAT for listing directories instead of using LIST, and
+the response is then sent over the control connection instead of as the
+otherwise used data connection.
+
+This is not detailed in any FTP specification.
+
+## Passive transfer could try other IP addresses
+
+When doing FTP operations through a proxy at localhost, the reported spotted
+that curl only tried to connect once to the proxy, while it had multiple
+addresses and a failed connect on one address should make it try the next.
+
+After switching to passive mode (EPSV), curl could try all IP addresses for
+`localhost`. Currently it tries `::1`, but it should also try `127.0.0.1`.
+
+See [curl issue 1508](https://github.com/curl/curl/issues/1508)
+
+# HTTP
+
+## Provide the error body from a CONNECT response
+
+When curl receives a body response from a CONNECT request to a proxy, it
+always just reads and ignores it. It would make some users happy if curl
+instead optionally would be able to make that responsible available. Via a new
+callback? Through some other means?
+
+See [curl issue 9513](https://github.com/curl/curl/issues/9513)
+
+## Obey `Retry-After` in redirects
+
+The `Retry-After` response header is said to dictate "the minimum time that
+the user agent is asked to wait before issuing the redirected request" and
+libcurl does not obey this.
+
+See [curl issue 11447](https://github.com/curl/curl/issues/11447)
+
+## Rearrange request header order
+
+Server implementers often make an effort to detect browser and to reject
+clients it can detect to not match. One of the last details we cannot yet
+control in libcurl's HTTP requests, which also can be exploited to detect that
+libcurl is in fact used even when it tries to impersonate a browser, is the
+order of the request headers. I propose that we introduce a new option in
+which you give headers a value, and then when the HTTP request is built it
+sorts the headers based on that number. We could then have internally created
+headers use a default value so only headers that need to be moved have to be
+specified.
+
+## Allow SAN names in HTTP/2 server push
+
+curl only allows HTTP/2 push promise if the provided :authority header value
+exactly matches the hostname given in the URL. It could be extended to allow
+any name that would match the Subject Alternative Names in the server's TLS
+certificate.
+
+See [curl pull request 3581](https://github.com/curl/curl/pull/3581)
+
+## `auth=` in URLs
+
+Add the ability to specify the preferred authentication mechanism to use by
+using `;auth=` in the login part of the URL.
+
+For example:
+
+`http://test:pass;auth=NTLM@example.com` would be equivalent to specifying
+`--user test:pass;auth=NTLM` or `--user test:pass --ntlm` from the command
+line.
+
+Additionally this should be implemented for proxy base URLs as well.
+
+## alt-svc should fallback if alt-svc does not work
+
+The `alt-svc:` header provides a set of alternative services for curl to use
+instead of the original. If the first attempted one fails, it should try the
+next etc and if all alternatives fail go back to the original.
+
+See [curl issue 4908](https://github.com/curl/curl/issues/4908)
+
+## Require HTTP version X or higher
+
+curl and libcurl provide options for trying higher HTTP versions (for example
+HTTP/2) but then still allows the server to pick version 1.1. We could
+consider adding a way to require a minimum version.
+
+See [curl issue 7980](https://github.com/curl/curl/issues/7980)
+
+# TELNET
+
+## ditch stdin
+
+Reading input (to send to the remote server) on stdin is a crappy solution for
+library purposes. We need to invent a good way for the application to be able
+to provide the data to send.
+
+## ditch telnet-specific select
+
+Move the telnet support's network `select()` loop go away and merge the code
+into the main transfer loop. Until this is done, the multi interface does not
+work for telnet.
+
+## feature negotiation debug data
+
+Add telnet feature negotiation data to the debug callback as header data.
+
+## exit immediately upon connection if stdin is /dev/null
+
+If it did, curl could be used to probe if there is an server there listening
+on a specific port. That is, the following command would exit immediately
+after the connection is established with exit code 0:
+
+    curl -s --connect-timeout 2 telnet://example.com:80  NOTIFY=SUCCESS,FAILURE");`.
+
+[curl issue 8232](https://github.com/curl/curl/issues/8232)
+
+## Enhanced capability support
+
+Add the ability, for an application that uses libcurl, to obtain the list of
+capabilities returned from the EHLO command.
+
+## Add `CURLOPT_MAIL_CLIENT` option
+
+Rather than use the URL to specify the mail client string to present in the
+`HELO` and `EHLO` commands, libcurl should support a new `CURLOPT`
+specifically for specifying this data as the URL is non-standard and to be
+honest a bit of a hack.
+
+Please see the following thread for more information:
+https://curl.se/mail/lib-2012-05/0178.html
+
+
+# POP3
+
+## Enhanced capability support
+
+Add the ability, for an application that uses libcurl, to obtain the list of
+capabilities returned from the CAPA command.
+
+# IMAP
+
+## Enhanced capability support
+
+ Add the ability, for an application that uses libcurl, to obtain the list of
+ capabilities returned from the CAPABILITY command.
+
+# LDAP
+
+## SASL based authentication mechanisms
+
+Currently the LDAP module only supports ldap_simple_bind_s() in order to bind
+to an LDAP server. However, this function sends username and password details
+using the simple authentication mechanism (as clear text). However, it should
+be possible to use ldap_bind_s() instead specifying the security context
+information ourselves.
+
+## `CURLOPT_SSL_CTX_FUNCTION` for LDAPS
+
+`CURLOPT_SSL_CTX_FUNCTION` works perfectly for HTTPS and email protocols, but
+it has no effect for LDAPS connections.
+
+ [curl issue 4108](https://github.com/curl/curl/issues/4108)
+
+## Paged searches on LDAP server
+
+[curl issue 4452](https://github.com/curl/curl/issues/4452)
+
+## Certificate-Based Authentication
+
+LDAPS not possible with macOS and Windows with Certificate-Based Authentication
+
+[curl issue 9641](https://github.com/curl/curl/issues/9641)
+
+# SMB
+
+## Support modern versions
+
+curl only supports version 1, which barely anyone is using anymore.
+
+## File listing support
+
+Add support for listing the contents of an SMB share. The output should
+probably be the same as/similar to FTP.
+
+## Honor file timestamps
+
+The timestamp of the transferred file should reflect that of the original
+file.
+
+## Use NTLMv2
+
+Currently the SMB authentication uses NTLMv1.
+
+## Create remote directories
+
+Support for creating remote directories when uploading a file to a directory
+that does not exist on the server, just like `--ftp-create-dirs`.
+
+# FILE
+
+## Directory listing on non-POSIX
+
+Listing the contents of a directory accessed with FILE only works on platforms
+with `opendir()`. Support could be added for more systems, like Windows.
+
+# TLS
+
+## `TLS-PSK` with OpenSSL
+
+Transport Layer Security pre-shared key cipher suites (`TLS-PSK`) is a set of
+cryptographic protocols that provide secure communication based on pre-shared
+keys (`PSK`). These pre-shared keys are symmetric keys shared in advance among
+the communicating parties.
+
+[curl issue 5081](https://github.com/curl/curl/issues/5081)
+
+## TLS channel binding
+
+TLS 1.2 and 1.3 provide the ability to extract some secret data from the TLS
+connection and use it in the client request (usually in some sort of
+authentication) to ensure that the data sent is bound to the specific TLS
+connection and cannot be successfully intercepted by a proxy. This
+functionality can be used in a standard authentication mechanism such as
+GSS-API or SCRAM, or in custom approaches like custom HTTP Authentication
+headers.
+
+For TLS 1.2, the binding type is usually `tls-unique`, and for TLS 1.3 it is
+`tls-exporter`.
+
+- https://datatracker.ietf.org/doc/html/rfc5929
+- https://datatracker.ietf.org/doc/html/rfc9266
+- [curl issue 9226](https://github.com/curl/curl/issues/9226)
+
+## Defeat TLS fingerprinting
+
+By changing the order of TLS extensions provided in the TLS handshake, it is
+sometimes possible to circumvent TLS fingerprinting by servers. The TLS
+extension order is of course not the only way to fingerprint a client.
+
+## Consider OCSP stapling by default
+
+Treat a negative response a reason for aborting the connection. Since OCSP
+stapling is presumed to get used much less in the future when Let's Encrypt
+drops the OCSP support, the benefit of this might however be limited.
+
+[curl issue 15483](https://github.com/curl/curl/issues/15483)
+
+## Provide callback for cert verification
+
+OpenSSL supports a callback for customized verification of the peer
+certificate, but this does not seem to be exposed in the libcurl APIs. Could
+it be? There is so much that could be done if it were.
+
+## Less memory massaging with Schannel
+
+The Schannel backend does a lot of custom memory management we would rather
+avoid: the repeated allocation + free in sends and the custom memory + realloc
+system for encrypted and decrypted data. That should be avoided and reduced
+for 1) efficiency and 2) safety.
+
+## Support DANE
+
+[DNS-Based Authentication of Named Entities
+(DANE)](https://www.rfc-editor.org/rfc/rfc6698.txt) is a way to provide SSL
+keys and certs over DNS using DNSSEC as an alternative to the CA model.
+
+A patch was posted on March 7 2013
+(https://curl.se/mail/lib-2013-03/0075.html) but it was a too simple approach.
+See Daniel's comments: https://curl.se/mail/lib-2013-03/0103.html
+
+Björn Stenberg once wrote a separate initial take on DANE that was never
+completed.
+
+## TLS record padding
+
+TLS (1.3) offers optional record padding and OpenSSL provides an API for it. I
+could make sense for libcurl to offer this ability to applications to make
+traffic patterns harder to figure out by network traffic observers.
+
+See [curl issue 5398](https://github.com/curl/curl/issues/5398)
+
+## Support Authority Information Access certificate extension (AIA)
+
+AIA can provide various things like certificate revocation lists but more
+importantly information about intermediate CA certificates that can allow
+validation path to be fulfilled when the HTTPS server does not itself provide
+them.
+
+Since AIA is about downloading certs on demand to complete a TLS handshake, it
+is probably a bit tricky to get done right and a serious privacy leak.
+
+See [curl issue 2793](https://github.com/curl/curl/issues/2793)
+
+## Some TLS options are not offered for HTTPS proxies
+
+Some TLS related options to the command line tool and libcurl are only
+provided for the server and not for HTTPS proxies. `--proxy-tls-max`,
+`--proxy-tlsv1.3`, `--proxy-curves` and a few more. For more Documentation on
+this see: https://curl.se/libcurl/c/tls-options.html
+
+[curl issue 12286](https://github.com/curl/curl/issues/12286)
+
+## Make sure we forbid TLS 1.3 post-handshake authentication
+
+RFC 8740 explains how using HTTP/2 must forbid the use of TLS 1.3
+post-handshake authentication. We should make sure to live up to that.
+
+See [curl issue 5396](https://github.com/curl/curl/issues/5396)
+
+## Support the `clienthello` extension
+
+Certain stupid networks and middle boxes have a problem with SSL handshake
+packets that are within a certain size range because how that sets some bits
+that previously (in older TLS version) were not set. The `clienthello`
+extension adds padding to avoid that size range.
+
+- https://datatracker.ietf.org/doc/html/rfc7685
+- [curl issue 2299](https://github.com/curl/curl/issues/2299)
+
+## Share the CA cache
+
+For TLS backends that supports CA caching, it makes sense to allow the share
+object to be used to store the CA cache as well via the share API. Would allow
+multiple easy handles to reuse the CA cache and save themselves from a lot of
+extra processing overhead.
+
+## Add missing features to TLS backends
+
+The feature matrix at https://curl.se/libcurl/c/tls-options.html shows which
+features are supported by which TLS backends, and thus also where there are
+feature gaps.
+
+# Proxy
+
+## Retry SOCKS handshake on address type not supported
+
+When curl resolves a hostname, it might get a mix of IPv6 and IPv4 returned.
+curl might then use an IPv6 address with a SOCKS5 proxy, which - if it does
+not support IPv6 - returns "Address type not supported" and curl exits with
+that error.
+
+Perhaps it is preferred if curl would in this situation instead first retry
+the SOCKS handshake again for this case and then use one of the IPv4 addresses
+for the target host.
+
+See [curl issue 17222](https://github.com/curl/curl/issues/17222)
+
+# Schannel
+
+## Extend support for client certificate authentication
+
+The existing support for the `-E`/`--cert` and `--key` options could be
+extended by supplying a custom certificate and key in PEM format, see:
+[Getting a Certificate for
+Schannel](https://learn.microsoft.com/windows/win32/secauthn/getting-a-certificate-for-schannel)
+
+## Extend support for the `--ciphers` option
+
+The existing support for the `--ciphers` option could be extended by mapping
+the OpenSSL/GnuTLS cipher suites to the Schannel APIs, see [Specifying
+Schannel Ciphers and Cipher
+Strengths](https://learn.microsoft.com/windows/win32/secauthn/specifying-schannel-ciphers-and-cipher-strengths).
+
+## Add option to allow abrupt server closure
+
+libcurl with Schannel errors without a known termination point from the server
+(such as length of transfer, or SSL "close notify" alert) to prevent against a
+truncation attack. Really old servers may neglect to send any termination
+point. An option could be added to ignore such abrupt closures.
+
+[curl issue 4427](https://github.com/curl/curl/issues/4427)
+
+# SASL
+
+## Other authentication mechanisms
+
+Add support for other authentication mechanisms such as `OLP`, `GSS-SPNEGO`
+and others.
+
+## Add `QOP` support to GSSAPI authentication
+
+Currently the GSSAPI authentication only supports the default `QOP` of auth
+(Authentication), whilst Kerberos V5 supports both `auth-int` (Authentication
+with integrity protection) and `auth-conf` (Authentication with integrity and
+privacy protection).
+
+# SSH protocols
+
+## Multiplexing
+
+SSH is a perfectly fine multiplexed protocols which would allow libcurl to do
+multiple parallel transfers from the same host using the same connection, much
+in the same spirit as HTTP/2 does. libcurl however does not take advantage of
+that ability but does instead always create a new connection for new transfers
+even if an existing connection already exists to the host.
+
+To fix this, libcurl would have to detect an existing connection and "attach"
+the new transfer to the existing one.
+
+## Handle growing SFTP files
+
+The SFTP code in libcurl checks the file size *before* a transfer starts and
+then proceeds to transfer exactly that amount of data. If the remote file
+grows while the transfer is in progress libcurl does not notice and does not
+adapt. The OpenSSH SFTP command line tool does and libcurl could also just
+attempt to download more to see if there is more to get...
+
+[curl issue 4344](https://github.com/curl/curl/issues/4344)
+
+## Read keys from `~/.ssh/id_ecdsa`, `id_ed25519`
+
+The libssh2 backend in curl is limited to only reading keys from `id_rsa` and
+`id_dsa`, which makes it fail connecting to servers that use more modern key
+types.
+
+[curl issue 8586](https://github.com/curl/curl/issues/8586)
+
+## Support `CURLOPT_PREQUOTE`
+
+The two other `QUOTE` options are supported for SFTP, but this was left out
+for unknown reasons.
+
+## SSH over HTTPS proxy for libssh
+
+The SSH based protocols SFTP and SCP did not work over HTTPS proxy at all
+until [curl pull request 6021](https://github.com/curl/curl/pull/6021) brought
+the functionality with the libssh2 backend. Presumably, this support can/could
+be added for the libssh backend as well.
+
+## SFTP with `SCP://`
+
+OpenSSH 9 switched their `scp` tool to speak SFTP under the hood. Going
+forward it might be worth having curl or libcurl attempt SFTP if SCP fails to
+follow suite.
+
+# Command line tool
+
+## sync
+
+`curl --sync http://example.com/feed[1-100].rss` or
+`curl --sync http://example.net/{index,calendar,history}.html`
+
+Downloads a range or set of URLs using the remote name, but only if the remote
+file is newer than the local file. A `Last-Modified` HTTP date header should
+also be used to set the mod date on the downloaded file.
+
+## glob posts
+
+Globbing support for `-d` and `-F`, as in `curl -d "name=foo[0-9]" URL`. This
+is easily scripted though.
+
+## `--proxycommand`
+
+Allow the user to make curl run a command and use its stdio to make requests
+and not do any network connection by itself. Example:
+
+    curl --proxycommand 'ssh pi@raspberrypi.local -W 10.1.1.75 80' \
+      http://some/otherwise/unavailable/service.php
+
+See [curl issue 4941](https://github.com/curl/curl/issues/4941)
+
+## UTF-8 filenames in Content-Disposition
+
+RFC 6266 documents how UTF-8 names can be passed to a client in the
+`Content-Disposition` header, and curl does not support this.
+
+[curl issue 1888](https://github.com/curl/curl/issues/1888)
+
+## Option to make `-Z` merge lined based outputs on stdout
+
+When a user requests multiple lined based files using `-Z` and sends them to
+stdout, curl does not *merge* and send complete lines fine but may send
+partial lines from several sources.
+
+[curl issue 5175](https://github.com/curl/curl/issues/5175)
+
+## specify which response codes that make `-f`/`--fail` return error
+
+Allows a user to better specify exactly which error code(s) that are fine and
+which are errors for their specific uses cases
+
+## Choose the name of file in braces for complex URLs
+
+When using braces to download a list of URLs and you use complicated names
+in the list of alternatives, it could be handy to allow curl to use other
+names when saving.
+
+Consider a way to offer that. Possibly like
+`{partURL1:name1,partURL2:name2,partURL3:name3}` where the name following the
+colon is the output name.
+
+See [curl issue 221](https://github.com/curl/curl/issues/221)
+
+## improve how curl works in a Windows console window
+
+If you pull the scroll bar when transferring with curl in a Windows console
+window, the transfer is interrupted and can get disconnected. This can
+probably be improved. See [curl issue 322](https://github.com/curl/curl/issues/322)
+
+## Windows: set attribute 'archive' for completed downloads
+
+The archive bit (`FILE_ATTRIBUTE_ARCHIVE, 0x20`) separates files that shall be
+backed up from those that are either not ready or have not changed.
+
+Downloads in progress are neither ready to be backed up, nor should they be
+opened by a different process. Only after a download has been completed it is
+sensible to include it in any integer snapshot or backup of the system.
+
+See [curl issue 3354](https://github.com/curl/curl/issues/3354)
+
+## keep running, read instructions from pipe/socket
+
+Provide an option that makes curl not exit after the last URL (or even work
+without a given URL), and then make it read instructions passed on a pipe or
+over a socket to make further instructions so that a second subsequent curl
+invoke can talk to the still running instance and ask for transfers to get
+done, and thus maintain its connection pool, DNS cache and more.
+
+## Acknowledge `Ratelimit` headers
+
+Consider a command line option that can make curl do multiple serial requests
+while acknowledging server specified [rate
+limits](https://datatracker.ietf.org/doc/draft-ietf-httpapi-ratelimit-headers/).
+
+See [curl issue 5406](https://github.com/curl/curl/issues/5406)
+
+## `--dry-run`
+
+A command line option that makes curl show exactly what it would do and send
+if it would run for real.
+
+See [curl issue 5426](https://github.com/curl/curl/issues/5426)
+
+## `--retry` should resume
+
+When `--retry` is used and curl actually retries transfer, it should use the
+already transferred data and do a resumed transfer for the rest (when
+possible) so that it does not have to transfer the same data again that was
+already transferred before the retry.
+
+See [curl issue 1084](https://github.com/curl/curl/issues/1084)
+
+## consider filename from the redirected URL with `-O` ?
+
+When a user gives a URL and uses `-O`, and curl follows a redirect to a new
+URL, the filename is not extracted and used from the newly redirected-to URL
+even if the new URL may have a much more sensible filename.
+
+This is clearly documented and helps for security since there is no surprise
+to users which filename that might get overwritten, but maybe a new option
+could allow for this or maybe `-J` should imply such a treatment as well as
+`-J` already allows for the server to decide what filename to use so it
+already provides the "may overwrite any file" risk.
+
+This is extra tricky if the original URL has no filename part at all since
+then the current code path does error out with an error message, and we cannot
+*know* already at that point if curl is redirected to a URL that has a
+filename...
+
+See [curl issue 1241](https://github.com/curl/curl/issues/1241)
+
+## retry on network is unreachable
+
+The `--retry` option retries transfers on *transient failures*. We later added
+`--retry-connrefused` to also retry for *connection refused* errors.
+
+Suggestions have been brought to also allow retry on *network is unreachable*
+errors and while totally reasonable, maybe we should consider a way to make
+this more configurable than to add a new option for every new error people
+want to retry for?
+
+[curl issue 1603](https://github.com/curl/curl/issues/1603)
+
+## hostname sections in config files
+
+config files would be more powerful if they could set different configurations
+depending on used URLs, hostname or possibly origin. Then a default `.curlrc`
+could a specific user-agent only when doing requests against a certain site.
+
+## retry on the redirected-to URL
+
+When curl is told to `--retry` a failed transfer and follows redirects, it
+might get an HTTP 429 response from the redirected-to URL and not the original
+one, which then could make curl decide to rather retry the transfer on that
+URL only instead of the original operation to the original URL.
+
+Perhaps extra emphasized if the original transfer is a large POST that
+redirects to a separate GET, and that GET is what gets the 529
+
+See [curl issue 5462](https://github.com/curl/curl/issues/5462)
+
+## Set the modification date on an uploaded file
+
+For SFTP and possibly FTP, curl could offer an option to set the modification
+time for the uploaded file.
+
+See [curl issue 5768](https://github.com/curl/curl/issues/5768)
+
+## Use multiple parallel transfers for a single download
+
+To enhance transfer speed, downloading a single URL can be split up into
+multiple separate range downloads that get combined into a single final
+result.
+
+An ideal implementation would not use a specified number of parallel
+transfers, but curl could:
+- First start getting the full file as transfer A
+- If after N seconds have passed and the transfer is expected to continue for
+  M seconds or more, add a new transfer (B) that asks for the second half of
+  A's content (and stop A at the middle).
+- If splitting up the work improves the transfer rate, it could then be done
+  again. Then again, etc up to a limit.
+
+This way, if transfer B fails (because Range: is not supported) it lets
+transfer A remain the single one. N and M could be set to some sensible
+defaults.
+
+See [curl issue 5774](https://github.com/curl/curl/issues/5774)
+
+## Prevent terminal injection when writing to terminal
+
+curl could offer an option to make escape sequence either non-functional or
+avoid cursor moves or similar to reduce the risk of a user getting tricked by
+clever tricks.
+
+See [curl issue 6150](https://github.com/curl/curl/issues/6150)
+
+## `-J` and `-O` with %-encoded filenames
+
+`-J`/`--remote-header-name` does not decode %-encoded filenames. RFC 6266
+details how it should be done. The can of worm is basically that we have no
+charset handling in curl and ASCII >=128 is a challenge for us. Not to mention
+that decoding also means that we need to check for nastiness that is
+attempted, like `../` sequences and the like. Probably everything to the left
+of any embedded slashes should be cut off. See
+https://curl.se/bug/view.cgi?id=1294
+
+`-O` also does not decode %-encoded names, and while it has even less
+information about the charset involved the process is similar to the `-J`
+case.
+
+Note that we do not decode `-O` without the user asking for it with some other
+means, since `-O` has always been documented to use the name exactly as
+specified in the URL.
+
+## `-J` with `-C -`
+
+When using `-J` (with `-O`), automatically resumed downloading together with
+`-C -` fails. Without `-J` the same command line works. This happens because
+the resume logic is worked out before the target filename (and thus its
+pre-transfer size) has been figured out. This can be improved.
+
+https://curl.se/bug/view.cgi?id=1169
+
+## `--retry` and transfer timeouts
+
+If using `--retry` and the transfer timeouts (possibly due to using -m or
+`-y`/`-Y`) the next attempt does not resume the transfer properly from what
+was downloaded in the previous attempt but truncates and restarts at the
+original position where it was at before the previous failed attempt. See
+https://curl.se/mail/lib-2008-01/0080.html
+
+# Build
+
+## Enable `PIE` and `RELRO` by default
+
+Especially when having programs that execute curl via the command line, `PIE`
+renders the exploitation of memory corruption vulnerabilities a lot more
+difficult. This can be attributed to the additional information leaks being
+required to conduct a successful attack. `RELRO`, on the other hand, masks
+different binary sections like the `GOT` as read-only and thus kills a handful
+of techniques that come in handy when attackers are able to arbitrarily
+overwrite memory. A few tests showed that enabling these features had close to
+no impact, neither on the performance nor on the general functionality of
+curl.
+
+## Do not use GNU libtool on OpenBSD
+
+When compiling curl on OpenBSD with `--enable-debug` it gives linking errors
+when you use GNU libtool. This can be fixed by using the libtool provided by
+OpenBSD itself. However for this the user always needs to invoke make with
+`LIBTOOL=/usr/bin/libtool`. It would be nice if the script could have some
+magic to detect if this system is an OpenBSD host and then use the OpenBSD
+libtool instead.
+
+See [curl issue 5862](https://github.com/curl/curl/issues/5862)
+
+## Package curl for Windows in a signed installer
+
+See [curl issue 5424](https://github.com/curl/curl/issues/5424)
+
+## make configure use `--cache-file` more and better
+
+The configure script can be improved to cache more values so that repeated
+invokes run much faster.
+
+See [curl issue 7753](https://github.com/curl/curl/issues/7753)
+
+# Test suite
+
+## SSL tunnel
+
+Make our own version of stunnel for simple port forwarding to enable HTTPS and
+FTP-SSL tests without the stunnel dependency, and it could allow us to provide
+test tools built with either OpenSSL or GnuTLS
+
+## more protocols supported
+
+Extend the test suite to include more protocols. The telnet could just do FTP
+or http operations (for which we have test servers).
+
+## more platforms supported
+
+Make the test suite work on more platforms. OpenBSD and macOS. Remove fork()s
+and it should become even more portable.
+
+## write an SMB test server to replace impacket
+
+This would allow us to run SMB tests on more platforms and do better and more
+covering tests.
+
+See [curl issue 15697](https://github.com/curl/curl/issues/15697)
+
+## Use the RFC 6265 test suite
+
+A test suite made for HTTP cookies (RFC 6265) by Adam Barth [is
+available](https://github.com/abarth/http-state/tree/master/tests).
+
+It would be good if someone would write a script/setup that would run curl
+with that test suite and detect deviance. Ideally, that would even be
+incorporated into our regular test suite.
+
+## Run web-platform-tests URL tests
+
+Run web-platform-tests URL tests and compare results with browsers on
+`wpt.fyi`.
+
+It would help us find issues to fix and help us document where our parser
+differs from the WHATWG URL spec parsers.
+
+See [curl issue 4477](https://github.com/curl/curl/issues/4477)
+
+# MQTT
+
+## Support rate-limiting
+
+The rate-limiting logic is done in the PERFORMING state in multi.c but MQTT is
+not (yet) implemented to use that.
+
+## Support MQTTS
+
+## Handle network blocks
+
+Running test suite with `CURL_DBG_SOCK_WBLOCK=90 ./runtests.pl -a mqtt` makes
+several MQTT test cases fail where they should not.
+
+## large payloads
+
+libcurl unnecessarily allocates heap memory to hold the entire payload to get
+sent, when the data is already perfectly accessible where it is when
+`CURLOPT_POSTFIELDS` is used. This is highly inefficient for larger payloads.
+Additionally, libcurl does not support using the read callback for sending
+MQTT which is yet another way to avoid having to hold large payload in memory.
+
+# TFTP
+
+## TFTP does not convert LF to CRLF for `mode=netascii`
+
+RFC 3617 defines that an TFTP transfer can be done using `netascii` mode. curl
+does not support extracting that mode from the URL nor does it treat such
+transfers specifically. It should probably do LF to CRLF translations for
+them.
+
+See [curl issue 12655](https://github.com/curl/curl/issues/12655)
+
+# Gopher
+
+## Handle network blocks
+
+Running test suite with `CURL_DBG_SOCK_WBLOCK=90 ./runtests.pl -a 1200 to
+1300` makes several Gopher test cases fail where they should not.
diff --git a/packages/OS400/makefile.sh b/packages/OS400/makefile.sh
index df47a7441e..2b688a4421 100755
--- a/packages/OS400/makefile.sh
+++ b/packages/OS400/makefile.sh
@@ -67,7 +67,7 @@ fi
 #       Copy some documentation files if needed.
 
 for TEXT in "${TOPDIR}/COPYING" "${SCRIPTDIR}/README.OS400"             \
-    "${TOPDIR}/CHANGES.md" "${TOPDIR}/docs/THANKS" "${TOPDIR}/docs/FAQ"    \
+    "${TOPDIR}/CHANGES.md" "${TOPDIR}/docs/THANKS" "${TOPDIR}/docs/FAQ.md"    \
     "${TOPDIR}/docs/FEATURES" "${TOPDIR}/docs/SSLCERTS.md"              \
     "${TOPDIR}/docs/RESOURCES" "${TOPDIR}/docs/VERSIONS.md"             \
     "${TOPDIR}/docs/HISTORY.md"
diff --git a/scripts/mdlinkcheck b/scripts/mdlinkcheck
index dfeeac0f60..bce3ca3fd5 100755
--- a/scripts/mdlinkcheck
+++ b/scripts/mdlinkcheck
@@ -87,7 +87,7 @@ my %url;
 my %flink;
 
 # list all .md files in the repo
-my @files=`git ls-files '**.md' docs/TODO docs/KNOWN_BUGS docs/FAQ`;
+my @files=`git ls-files '**.md'`;
 
 sub storelink {
     my ($f, $line, $link) = @_;

From 4fb609f9633d199f84ac255e8efd5ef2858e6185 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 9 Dec 2025 11:13:31 +0100
Subject: [PATCH 1184/2408] FAQ: fix minor link syntax mistake

---
 docs/FAQ.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/FAQ.md b/docs/FAQ.md
index ffef644418..f6911990d9 100644
--- a/docs/FAQ.md
+++ b/docs/FAQ.md
@@ -1167,7 +1167,7 @@ IP address but instead the address of the proxy.
 Also note that on many networks NATs or other IP-munging techniques are used
 that makes you see and use a different IP address locally than what the remote
 server will see you coming from. You may also consider using
-[Tor]()https://www.torproject.org/).
+[Tor](https://www.torproject.org/).
 
 ## How do I stop an ongoing transfer?
 

From 761750b9dea1873ec2dac3d2352062057feb3f8b Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Tue, 9 Dec 2025 04:48:05 +0000
Subject: [PATCH 1185/2408] Dockerfile: update debian:bookworm-slim digest to
 1371f81

Closes #19883
---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 3d2e942cdf..36daff397b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -24,7 +24,7 @@
 #   $ ./scripts/maketgz 8.7.1
 
 # To update, get the latest digest e.g. from https://hub.docker.com/_/debian/tags
-FROM debian:bookworm-slim@sha256:936abff852736f951dab72d91a1b6337cf04217b2a77a5eaadc7c0f2f1ec1758
+FROM debian:bookworm-slim@sha256:1371f816c47921a144436ca5a420122a30de85f95401752fd464d9d4e1e08271
 
 RUN apt-get update -qq && apt-get install -qq -y --no-install-recommends \
     build-essential make autoconf automake libtool git perl zip zlib1g-dev gawk && \

From 4fe629c12a446a2e7b9090e7cfbaaf3be47c68d3 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Tue, 9 Dec 2025 11:03:54 +0000
Subject: [PATCH 1186/2408] Dockerfile: update debian:bookworm-slim digest to
 e899040

Closes #19891
---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 36daff397b..e5f2b4073a 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -24,7 +24,7 @@
 #   $ ./scripts/maketgz 8.7.1
 
 # To update, get the latest digest e.g. from https://hub.docker.com/_/debian/tags
-FROM debian:bookworm-slim@sha256:1371f816c47921a144436ca5a420122a30de85f95401752fd464d9d4e1e08271
+FROM debian:bookworm-slim@sha256:e899040a73d36e2b36fa33216943539d9957cba8172b858097c2cabcdb20a3e2
 
 RUN apt-get update -qq && apt-get install -qq -y --no-install-recommends \
     build-essential make autoconf automake libtool git perl zip zlib1g-dev gawk && \

From 1dd758b36d281cbdc4f26cf223760b53b3333b7e Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 9 Dec 2025 12:14:21 +0100
Subject: [PATCH 1187/2408] test1464: mark XML-compliant

Closes #19892
---
 tests/data/test1464 | 1 -
 1 file changed, 1 deletion(-)

diff --git a/tests/data/test1464 b/tests/data/test1464
index be0b0c5f4d..a0562d2860 100644
--- a/tests/data/test1464
+++ b/tests/data/test1464
@@ -3,7 +3,6 @@
 
 FILE
 --help
-notxml
 
 
 

From d14bf19fdaec3734cb2ffd0d8685ac1cc5302814 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 9 Dec 2025 12:18:31 +0100
Subject: [PATCH 1188/2408] test1025, 1221: fold long command-lines

Closes #19893
---
 tests/data/test1015 | 6 +++++-
 tests/data/test1221 | 8 +++++++-
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/tests/data/test1015 b/tests/data/test1015
index 4fe79c7b99..2cd9378060 100644
--- a/tests/data/test1015
+++ b/tests/data/test1015
@@ -29,7 +29,11 @@ http
 --data-urlencode
 
 
-http://%HOSTIP:%HTTPPORT/%TESTNUMBER --data-urlencode "my name is moo[]" --data-urlencode "y e s=s_i_r" --data-urlencode "v_alue@%LOGDIR/%TESTNUMBER.txt" --data-urlencode @%LOGDIR/%TESTNUMBER.txt
+http://%HOSTIP:%HTTPPORT/%TESTNUMBER
+--data-urlencode "my name is moo[]"
+--data-urlencode "y e s=s_i_r"
+--data-urlencode "v_alue@%LOGDIR/%TESTNUMBER.txt"
+--data-urlencode @%LOGDIR/%TESTNUMBER.txt
 
 
 content to _?!#$'|%LT%GT
diff --git a/tests/data/test1221 b/tests/data/test1221
index 12a82be1ee..5f200c17ab 100644
--- a/tests/data/test1221
+++ b/tests/data/test1221
@@ -30,7 +30,13 @@ http
 --url-query with --data-urlencode
 
 
-http://%HOSTIP:%HTTPPORT/%TESTNUMBER --url-query "my name is moo[]" --url-query "yes=s i r" --url-query "v_alue@%LOGDIR/%TESTNUMBER.txt" --url-query @%LOGDIR/%TESTNUMBER.txt --url-query "+%3d%3d" --data-urlencode "start=once upon the time"
+http://%HOSTIP:%HTTPPORT/%TESTNUMBER
+--url-query "my name is moo[]"
+--url-query "yes=s i r"
+--url-query "v_alue@%LOGDIR/%TESTNUMBER.txt"
+--url-query @%LOGDIR/%TESTNUMBER.txt
+--url-query "+%3d%3d"
+--data-urlencode "start=once upon the time"
 
 
 content to _?!#$'|%LT%GT

From b739102ea6eee0a609da5d9547f18930b89a0a87 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 9 Dec 2025 11:53:45 +0100
Subject: [PATCH 1189/2408] TODO: remove ancient entries no longer considered

- TCP Fast Open support on Windows

TFO doesn't really work on the internet and isn't really used anywhere.
We use QUIC now.

- get rid of PATH_MAX

Not a priority and when using 3rd party libraries not really up to us.

- auto-detect proxy

A dream we can just stop having.

- config file parsing

Let's not do that in our library.

- add asynch getaddrinfo support

Let's not add a limited glibc specific backend with bad API

- FTP HOST

If we managed this far without name based vhost FTP, let's not.

Closes #19890
---
 docs/TODO.md | 75 +++++-----------------------------------------------
 1 file changed, 7 insertions(+), 68 deletions(-)

diff --git a/docs/TODO.md b/docs/TODO.md
index 09b45443c7..2b77b8ce0b 100644
--- a/docs/TODO.md
+++ b/docs/TODO.md
@@ -19,17 +19,6 @@ document](https://curl.se/docs/knownbugs.html) are subject for fixing.
 
 # libcurl
 
-## TCP Fast Open support on Windows
-
-libcurl supports the `CURLOPT_TCP_FASTOPEN` option since 7.49.0 for Linux and
-macOS. Windows supports TCP Fast Open starting with Windows 10, version 1607
-and we should add support for it.
-
-TCP Fast Open is supported on several platforms but not on Windows. Work on
-this was once started but never finished.
-
-See [curl pull request 3378](https://github.com/curl/curl/pull/3378)
-
 ## Consult `%APPDATA%` also for `.netrc`
 
 `%APPDATA%\.netrc` is not considered when running on Windows. Should not it?
@@ -58,15 +47,6 @@ See [curl issue 4915](https://github.com/curl/curl/issues/4915) and lib1541.c
 The share interface offers CURL_LOCK_DATA_HSTS to have multiple easy handle
 share an HSTS cache, but this is not thread-safe.
 
-## get rid of PATH_MAX
-
-Having code use and rely on PATH_MAX is not nice:
-https://insanecoding.blogspot.com/2007/11/pathmax-simply-isnt.html
-
-Currently the libssh2 SSH based code uses it, but to remove PATH_MAX from
-there we need libssh2 to properly tell us when we pass in a too small buffer
-and its current API (as of libssh2 1.2.7) does not.
-
 ## thread-safe sharing
 
 Using the share interface users can share some data between easy handles but
@@ -74,18 +54,6 @@ several of the sharing options are documented as not safe and supported to
 share between multiple concurrent threads. Fixing this would enable more users
 to share data in more powerful ways.
 
-## auto-detect proxy
-
-libcurl could be made to detect the system proxy setup automatically and use
-that. On Windows, macOS and Linux desktops for example.
-
-The [pull-request to use *libproxy*](https://github.com/curl/curl/pull/977)
-for this was deferred due to doubts on the reliability of the dependency and
-how to use it.
-
-[*libdetectproxy*](https://github.com/paulharris/libdetectproxy) is a (C++)
-library for detecting the proxy on Windows.
-
 ## updated DNS server while running
 
 If `/etc/resolv.conf` gets updated while a program using libcurl is running, it
@@ -156,11 +124,6 @@ for each redirect.
 
 [curl issue 6743](https://github.com/curl/curl/issues/6743)
 
-## `SRV` and `URI` DNS records
-
-Offer support for resolving `SRV` and `URI` DNS records for libcurl to know which
-server to connect to for various protocols (including HTTP).
-
 ## CURLINFO_PAUSE_STATE
 
 Return information about the transfer's current pause state, in both
@@ -175,14 +138,6 @@ callback. Perhaps also provide reason.
 
 [curl issue 2126](https://github.com/curl/curl/issues/2126)
 
-## config file parsing
-
-Consider providing an API, possibly in a separate companion library, for
-parsing a config file like curl's `-K`/`--config` option to allow applications
-to get the same ability to read curl options from files.
-
-See [curl issue 3698](https://github.com/curl/curl/issues/3698)
-
 ## erase secrets from heap/stack after use
 
 Introducing a concept and system to erase secrets from memory after use, it
@@ -192,15 +147,6 @@ and then clearing them within the library adds nothing...
 
 [curl issue 7268](https://github.com/curl/curl/issues/7268)
 
-## add asynch getaddrinfo support
-
-Use `getaddrinfo_a()` to provide an asynch name resolver backend to libcurl
-that does not use threads and does not depend on c-ares. The `getaddrinfo_a`
-function is (probably?) glibc specific but that is a widely used libc among
-our users.
-
-[curl pull request 6746](https://github.com/curl/curl/pull/6746)
-
 ## make DoH inherit more transfer properties
 
 Some options are not inherited because they are not relevant for the DoH SSL
@@ -297,13 +243,6 @@ See [curl issue 6968](https://github.com/curl/curl/issues/6968)
 
 # FTP
 
-## HOST
-
-HOST is a command for a client to tell which hostname to use, to offer FTP
-servers named-based virtual hosting:
-
-https://datatracker.ietf.org/doc/html/rfc7151
-
 ## A fixed directory listing format
 
 Since listing the contents of a remove directory with FTP is returning the
@@ -471,18 +410,18 @@ capabilities returned from the CAPA command.
 
 ## Enhanced capability support
 
- Add the ability, for an application that uses libcurl, to obtain the list of
- capabilities returned from the CAPABILITY command.
+Add the ability, for an application that uses libcurl, to obtain the list of
+capabilities returned from the CAPABILITY command.
 
 # LDAP
 
 ## SASL based authentication mechanisms
 
-Currently the LDAP module only supports ldap_simple_bind_s() in order to bind
-to an LDAP server. However, this function sends username and password details
-using the simple authentication mechanism (as clear text). However, it should
-be possible to use ldap_bind_s() instead specifying the security context
-information ourselves.
+Currently the LDAP module only supports `ldap_simple_bind_s()` in order to
+bind to an LDAP server. However, this function sends username and password
+details using the simple authentication mechanism (as clear text). However, it
+should be possible to use `ldap_bind_s()` instead specifying the security
+context information ourselves.
 
 ## `CURLOPT_SSL_CTX_FUNCTION` for LDAPS
 

From e28dc58b6525241fb8e90f7cc6bd91c13616f27c Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 9 Dec 2025 12:55:26 +0100
Subject: [PATCH 1190/2408] examples: use 64-bit `fstat` on Windows

Closes #19896
---
 docs/examples/anyauthput.c   | 4 ++--
 docs/examples/fileupload.c   | 4 ++--
 docs/examples/ftpupload.c    | 4 ++--
 docs/examples/http2-upload.c | 4 ++--
 docs/examples/httpput.c      | 4 ++--
 5 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/docs/examples/anyauthput.c b/docs/examples/anyauthput.c
index 5a650b64c7..a8f179e8e7 100644
--- a/docs/examples/anyauthput.c
+++ b/docs/examples/anyauthput.c
@@ -41,9 +41,9 @@
 
 #ifdef _WIN32
 #undef stat
-#define stat _stat
+#define stat _stati64
 #undef fstat
-#define fstat _fstat
+#define fstat _fstati64
 #define fileno _fileno
 #endif
 
diff --git a/docs/examples/fileupload.c b/docs/examples/fileupload.c
index da69e4a8ea..4639b6b12f 100644
--- a/docs/examples/fileupload.c
+++ b/docs/examples/fileupload.c
@@ -39,9 +39,9 @@
 
 #ifdef _WIN32
 #undef stat
-#define stat _stat
+#define stat _stati64
 #undef fstat
-#define fstat _fstat
+#define fstat _fstati64
 #define fileno _fileno
 #endif
 
diff --git a/docs/examples/ftpupload.c b/docs/examples/ftpupload.c
index 48c76a4898..36663d5afb 100644
--- a/docs/examples/ftpupload.c
+++ b/docs/examples/ftpupload.c
@@ -44,9 +44,9 @@
 #ifdef _WIN32
 #include 
 #undef stat
-#define stat _stat
+#define stat _stati64
 #undef fstat
-#define fstat _fstat
+#define fstat _fstati64
 #define fileno _fileno
 #else
 #include 
diff --git a/docs/examples/http2-upload.c b/docs/examples/http2-upload.c
index 0f1ed748ca..8ed6568542 100644
--- a/docs/examples/http2-upload.c
+++ b/docs/examples/http2-upload.c
@@ -56,9 +56,9 @@
 
 #ifdef _WIN32
 #undef stat
-#define stat _stat
+#define stat _stati64
 #undef fstat
-#define fstat _fstat
+#define fstat _fstati64
 #define fileno _fileno
 #endif
 
diff --git a/docs/examples/httpput.c b/docs/examples/httpput.c
index 026fde1210..8892d76f07 100644
--- a/docs/examples/httpput.c
+++ b/docs/examples/httpput.c
@@ -39,9 +39,9 @@
 
 #ifdef _WIN32
 #undef stat
-#define stat _stat
+#define stat _stati64
 #undef fstat
-#define fstat _fstat
+#define fstat _fstati64
 #define fileno _fileno
 #endif
 

From e76080fb73f3f73d415427678843b643462448cd Mon Sep 17 00:00:00 2001
From: Yedaya Katsman 
Date: Tue, 2 Dec 2025 19:40:07 +0200
Subject: [PATCH 1191/2408] test: add test 2090 for SSLKEYLOGFILE structure

Only the TLS 1.2 structure for now since it's simpler, and only has a
single label type. This has the bonus of also testing libressl that only
supports logging keys in TLS 1.2

Closes #19816
---
 tests/data/Makefile.am |  2 +-
 tests/data/test2090    | 61 ++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 62 insertions(+), 1 deletion(-)
 create mode 100644 tests/data/test2090

diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am
index 140d507d77..63cc4729f3 100644
--- a/tests/data/Makefile.am
+++ b/tests/data/Makefile.am
@@ -253,7 +253,7 @@ test2056 test2057 test2058 test2059 test2060 test2061 test2062 test2063 \
 test2064 test2065 test2066 test2067 test2068 test2069 test2070 test2071 \
 test2072 test2073 test2074 test2075 test2076 test2077 test2078 test2079 \
 test2080 test2081 test2082 test2083 test2084 test2085 test2086 test2087 \
-test2088 test2089 \
+test2088 test2089 test2090 \
 test2100 test2101 test2102 test2103 test2104 \
 \
 test2200 test2201 test2202 test2203 test2204 test2205 \
diff --git a/tests/data/test2090 b/tests/data/test2090
new file mode 100644
index 0000000000..8e1223b99e
--- /dev/null
+++ b/tests/data/test2090
@@ -0,0 +1,61 @@
+
+
+
+HTTPS
+TLS
+
+
+
+#
+# Server-side
+
+
+HTTP/1.1 200 OK
+Date: Tue, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Content-Length: 7
+
+MooMoo
+
+
+
+#
+# Client-side
+
+
+SSL
+!Schannel
+!mbedtls
+
+
+SSLKEYLOGFILE=%LOGDIR/%TESTNUMBER.log.ssl
+
+
+https
+
+
+HTTPS request with SSLKEYLOGFILE set
+
+
+--cacert %CERTDIR/certs/test-ca.crt --tls-max 1.2 https://localhost:%HTTPSPORT/%TESTNUMBER
+
+
+
+#
+# Verify data after the test has been "shot"
+
+
+GET /%TESTNUMBER HTTP/1.1
+Host: localhost:%HTTPSPORT
+User-Agent: curl/%VERSION
+Accept: */*
+
+
+
+CLIENT_RANDOM %repeat[32 x 9A]% %repeat[48 x BC]%
+
+
+s/^CLIENT_RANDOM [0-9a-fA-F]{64} [0-9a-fA-F]{96}/CLIENT_RANDOM %repeat[32 x 9A]% %repeat[48 x BC]%/g
+
+
+

From 8e847fa5364be06737cd6c08beeb866006817a8d Mon Sep 17 00:00:00 2001
From: Yedaya Katsman 
Date: Tue, 2 Dec 2025 21:59:53 +0200
Subject: [PATCH 1192/2408] gtls: Call keylog_close in cleanup

---
 lib/vtls/gtls.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index c7f8f34673..d1236aefba 100644
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -169,6 +169,7 @@ static int gtls_init(void)
 static void gtls_cleanup(void)
 {
   gnutls_global_deinit();
+  Curl_tls_keylog_close();
 }
 
 #ifndef CURL_DISABLE_VERBOSE_STRINGS

From f450f3801b6b9dff0ea280f5fb4bf28203f7b313 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 9 Dec 2025 14:27:44 +0100
Subject: [PATCH 1193/2408] GHA/windows: re-enable `taskkill`

Nothing conclusive for the last ~30 days when `taskkill` was made
a no-op. Jobs remained flaky with all known failure modes. Sometimes
they finish green on the first run, sometimes they fail. Hard to say
more without comparing detailed stats for this period and the
preceding (or upcoming) one.

In almost all runs, the PID to be killed did not exist at the time of
check.

Follow-up to 2701ac6a4d16a62130dad05be1c484903b8545c7 #19421
Closes #19897
---
 .github/workflows/windows.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml
index 8dca6ce891..9d7f0dc88d 100644
--- a/.github/workflows/windows.yml
+++ b/.github/workflows/windows.yml
@@ -37,7 +37,6 @@ permissions: {}
 
 env:
   CURL_CI: github
-  CURL_TEST_NO_TASKKILL: '1'
 
 jobs:
   cygwin:

From 5ed7b5b01bb1a5645a9937573fddbf34782b5c83 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Mon, 8 Dec 2025 13:36:19 +0100
Subject: [PATCH 1194/2408] alt-svc: more flexibility on same destination

When the Alt-Svc points to the same host and port, add the destination
ALPN to the `wanted` versions and set it also as the `preferred` version
in negotiations.

This allows Alt-Svc for h3 to point to h2 and have it tried first. Also,
this allows Alt-Svc to say http/1.1 is preferred and changes the ALPN
protocol ordering for the TLS handshake.

Add tests in various combination to verify this works.

Reported-by: yushicheng7788 on github
Fixes #19740
Closes #19874
---
 lib/altsvc.c                   |  6 ++-
 lib/altsvc.h                   |  3 +-
 lib/cf-https-connect.c         | 25 ++++++++++++
 lib/http.h                     |  1 +
 lib/url.c                      | 28 ++++++++++++--
 lib/vtls/vtls.c                | 23 +++++++----
 tests/http/test_06_eyeballs.py | 16 ++++++++
 tests/http/test_12_reuse.py    | 71 ++++++++++++++++++----------------
 tests/http/testenv/curl.py     | 11 +++++-
 9 files changed, 135 insertions(+), 49 deletions(-)

diff --git a/lib/altsvc.c b/lib/altsvc.c
index 31f6b515be..c422736fd2 100644
--- a/lib/altsvc.c
+++ b/lib/altsvc.c
@@ -622,7 +622,8 @@ bool Curl_altsvc_lookup(struct altsvcinfo *asi,
                         enum alpnid srcalpnid, const char *srchost,
                         int srcport,
                         struct altsvc **dstentry,
-                        const int versions) /* one or more bits */
+                        const int versions, /* one or more bits */
+                        bool *psame_destination)
 {
   struct Curl_llist_node *e;
   struct Curl_llist_node *n;
@@ -631,6 +632,7 @@ bool Curl_altsvc_lookup(struct altsvcinfo *asi,
   DEBUGASSERT(srchost);
   DEBUGASSERT(dstentry);
 
+  *psame_destination = FALSE;
   for(e = Curl_llist_head(&asi->list); e; e = n) {
     struct altsvc *as = Curl_node_elem(e);
     n = Curl_node_next(e);
@@ -646,6 +648,8 @@ bool Curl_altsvc_lookup(struct altsvcinfo *asi,
        (versions & (int)as->dst.alpnid)) {
       /* match */
       *dstentry = as;
+      *psame_destination = (srcport == as->dst.port) &&
+                           hostcompare(srchost, as->dst.host);
       return TRUE;
     }
   }
diff --git a/lib/altsvc.h b/lib/altsvc.h
index d370b4e4b1..c6f1b902c7 100644
--- a/lib/altsvc.h
+++ b/lib/altsvc.h
@@ -65,7 +65,8 @@ bool Curl_altsvc_lookup(struct altsvcinfo *asi,
                         enum alpnid srcalpnid, const char *srchost,
                         int srcport,
                         struct altsvc **dstentry,
-                        const int versions); /* CURLALTSVC_H* bits */
+                        const int versions, /* CURLALTSVC_H* bits */
+                        bool *psame_destination);
 #else
 /* disabled */
 #define Curl_altsvc_save(a, b, c)
diff --git a/lib/cf-https-connect.c b/lib/cf-https-connect.c
index acb3bcdd3a..47555fed94 100644
--- a/lib/cf-https-connect.c
+++ b/lib/cf-https-connect.c
@@ -710,6 +710,31 @@ CURLcode Curl_cf_https_setup(struct Curl_easy *data,
     }
 #endif
 
+    /* Add preferred HTTP version ALPN first */
+    if(data->state.http_neg.preferred &&
+       (alpn_count < CURL_ARRAYSIZE(alpn_ids)) &&
+       (data->state.http_neg.preferred & data->state.http_neg.allowed)) {
+      enum alpnid alpn_pref = ALPN_none;
+      switch(data->state.http_neg.preferred) {
+      case CURL_HTTP_V3x:
+        if(!Curl_conn_may_http3(data, conn, conn->transport_wanted))
+          alpn_pref = ALPN_h3;
+        break;
+      case CURL_HTTP_V2x:
+        alpn_pref = ALPN_h2;
+        break;
+      case CURL_HTTP_V1x:
+        alpn_pref = ALPN_h1;
+        break;
+      default:
+        break;
+      }
+      if(alpn_pref &&
+         !cf_https_alpns_contain(alpn_pref, alpn_ids, alpn_count)) {
+        alpn_ids[alpn_count++] = alpn_pref;
+      }
+    }
+
     if((alpn_count < CURL_ARRAYSIZE(alpn_ids)) &&
        (data->state.http_neg.wanted & CURL_HTTP_V3x) &&
        !cf_https_alpns_contain(ALPN_h3, alpn_ids, alpn_count)) {
diff --git a/lib/http.h b/lib/http.h
index 1c7ebdf8d7..c0f13ce1b0 100644
--- a/lib/http.h
+++ b/lib/http.h
@@ -72,6 +72,7 @@ struct http_negotiation {
   unsigned char rcvd_min; /* minimum version seen in responses, 09, 10, 11 */
   http_majors wanted;  /* wanted major versions when talking to server */
   http_majors allowed; /* allowed major versions when talking to server */
+  http_majors preferred; /* preferred major version when talking to server */
   BIT(h2_upgrade);  /* Do HTTP Upgrade from 1.1 to 2 */
   BIT(h2_prior_knowledge); /* Directly do HTTP/2 without ALPN/SSL */
   BIT(accept_09); /* Accept an HTTP/0.9 response */
diff --git a/lib/url.c b/lib/url.c
index 0643ceea7f..98fc8ce44f 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -3060,6 +3060,7 @@ static CURLcode parse_connect_to_slist(struct Curl_easy *data,
     struct altsvc *as = NULL;
     int allowed_alpns = ALPN_none;
     struct http_negotiation *neg = &data->state.http_neg;
+    bool same_dest = FALSE;
 
     DEBUGF(infof(data, "Alt-svc check wanted=%x, allowed=%x",
                  neg->wanted, neg->allowed));
@@ -3083,7 +3084,7 @@ static CURLcode parse_connect_to_slist(struct Curl_easy *data,
       hit = Curl_altsvc_lookup(data->asi,
                                ALPN_h3, host, conn->remote_port, /* from */
                                &as /* to */,
-                               allowed_alpns);
+                               allowed_alpns, &same_dest);
     }
 #endif
 #ifdef USE_HTTP2
@@ -3093,7 +3094,7 @@ static CURLcode parse_connect_to_slist(struct Curl_easy *data,
       hit = Curl_altsvc_lookup(data->asi,
                                ALPN_h2, host, conn->remote_port, /* from */
                                &as /* to */,
-                               allowed_alpns);
+                               allowed_alpns, &same_dest);
     }
 #endif
     if(!hit && (neg->wanted & CURL_HTTP_V1x) &&
@@ -3102,10 +3103,29 @@ static CURLcode parse_connect_to_slist(struct Curl_easy *data,
       hit = Curl_altsvc_lookup(data->asi,
                                ALPN_h1, host, conn->remote_port, /* from */
                                &as /* to */,
-                               allowed_alpns);
+                               allowed_alpns, &same_dest);
     }
 
-    if(hit) {
+    if(hit && same_dest) {
+      /* same destination, but more HTTPS version options */
+      switch(as->dst.alpnid) {
+      case ALPN_h1:
+        neg->wanted |= CURL_HTTP_V1x;
+        neg->preferred = CURL_HTTP_V1x;
+        break;
+      case ALPN_h2:
+        neg->wanted |= CURL_HTTP_V2x;
+        neg->preferred = CURL_HTTP_V2x;
+        break;
+      case ALPN_h3:
+        neg->wanted |= CURL_HTTP_V3x;
+        neg->preferred = CURL_HTTP_V3x;
+        break;
+      default: /* should not be possible */
+        break;
+      }
+    }
+    else if(hit) {
       char *hostd = curlx_strdup((char *)as->dst.host);
       if(!hostd)
         return CURLE_OUT_OF_MEMORY;
diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
index e342953778..696c7fbaf8 100644
--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
@@ -145,22 +145,28 @@ static const struct alpn_spec ALPN_SPEC_H2 = {
 static const struct alpn_spec ALPN_SPEC_H2_H11 = {
   { ALPN_H2, ALPN_HTTP_1_1 }, 2
 };
+static const struct alpn_spec ALPN_SPEC_H11_H2 = {
+  { ALPN_HTTP_1_1, ALPN_H2 }, 2
+};
 #endif
 
 #if !defined(CURL_DISABLE_HTTP) || !defined(CURL_DISABLE_PROXY)
-static const struct alpn_spec *alpn_get_spec(http_majors allowed,
+static const struct alpn_spec *alpn_get_spec(http_majors wanted,
+                                             http_majors preferred,
                                              bool use_alpn)
 {
   if(!use_alpn)
     return NULL;
 #ifdef USE_HTTP2
-  if(allowed & CURL_HTTP_V2x) {
-    if(allowed & CURL_HTTP_V1x)
-      return &ALPN_SPEC_H2_H11;
+  if(wanted & CURL_HTTP_V2x) {
+    if(wanted & CURL_HTTP_V1x)
+      return (preferred == CURL_HTTP_V1x) ?
+        &ALPN_SPEC_H11_H2 : &ALPN_SPEC_H2_H11;
     return &ALPN_SPEC_H2;
   }
 #else
-  (void)allowed;
+  (void)wanted;
+  (void)preferred;
 #endif
   /* Use the ALPN protocol "http/1.1" for HTTP/1.x.
      Avoid "http/1.0" because some servers do not support it. */
@@ -1718,6 +1724,7 @@ static CURLcode cf_ssl_create(struct Curl_cfilter **pcf,
   ctx = cf_ctx_new(data, NULL);
 #else
   ctx = cf_ctx_new(data, alpn_get_spec(data->state.http_neg.wanted,
+                                       data->state.http_neg.preferred,
                                        conn->bits.tls_enable_alpn));
 #endif
   if(!ctx) {
@@ -1770,17 +1777,17 @@ static CURLcode cf_ssl_proxy_create(struct Curl_cfilter **pcf,
   CURLcode result;
   /* ALPN is default, but if user explicitly disables it, obey */
   bool use_alpn = data->set.ssl_enable_alpn;
-  http_majors allowed = CURL_HTTP_V1x;
+  http_majors wanted = CURL_HTTP_V1x;
 
   (void)conn;
 #ifdef USE_HTTP2
   if(conn->http_proxy.proxytype == CURLPROXY_HTTPS2) {
     use_alpn = TRUE;
-    allowed = (CURL_HTTP_V1x | CURL_HTTP_V2x);
+    wanted = (CURL_HTTP_V1x | CURL_HTTP_V2x);
   }
 #endif
 
-  ctx = cf_ctx_new(data, alpn_get_spec(allowed, use_alpn));
+  ctx = cf_ctx_new(data, alpn_get_spec(wanted, 0, use_alpn));
   if(!ctx) {
     result = CURLE_OUT_OF_MEMORY;
     goto out;
diff --git a/tests/http/test_06_eyeballs.py b/tests/http/test_06_eyeballs.py
index 7d26774476..3b374e8158 100644
--- a/tests/http/test_06_eyeballs.py
+++ b/tests/http/test_06_eyeballs.py
@@ -133,3 +133,19 @@ class TestEyeballs:
             he_timers_set = [line for line in r.trace_lines
                              if re.match(r'.*\[TIMER] \[HAPPY_EYEBALLS] set for', line)]
             assert len(he_timers_set) == 2, f'found: {"".join(he_timers_set)}\n{r.dump_logs()}'
+
+    # download using HTTP/3 on missing server with alt-svc pointing there
+    @pytest.mark.skipif(condition=not Env.have_h3(), reason="missing HTTP/3 support")
+    def test_06_20_h2_altsvc_h3_fallback(self, env: Env, httpd, nghttpx):
+        curl = CurlClient(env=env)
+        urln = f'https://{env.domain1}:{env.https_only_tcp_port}/data.json'
+        altsvc_file = curl.mk_altsvc_file('test_06',
+                                          'h2', env.domain1, env.https_only_tcp_port,
+                                          'h3', env.domain1, env.https_only_tcp_port)
+        r = curl.http_download(urls=[urln], extra_args=[
+            '--alt-svc', altsvc_file
+        ])
+        # Should try a QUIC connection that fails and fallback to h2
+        r.check_exit_code(0)
+        r.check_response(count=1, http_status=200)
+        assert r.stats[0]['http_version'] == '2'
diff --git a/tests/http/test_12_reuse.py b/tests/http/test_12_reuse.py
index 1d4a4a0ae2..522df92708 100644
--- a/tests/http/test_12_reuse.py
+++ b/tests/http/test_12_reuse.py
@@ -26,6 +26,7 @@
 #
 import logging
 import os
+import re
 from datetime import datetime, timedelta
 import pytest
 
@@ -77,10 +78,11 @@ class TestReuse:
 
     @pytest.mark.skipif(condition=not Env.have_h3(), reason="h3 not supported")
     def test_12_03_as_follow_h2h3(self, env: Env, httpd, configures_httpd, nghttpx):
-        # write an alt-svc file that advises h3 instead of h2
-        asfile = os.path.join(env.gen_dir, 'alt-svc-12_03.txt')
-        self.create_asfile(asfile, f'h2 {env.domain1} {env.https_port} h3 {env.domain1} {env.h3_port}')
         curl = CurlClient(env=env)
+        # write an alt-svc file that advises h3 instead of h2
+        asfile = curl.mk_altsvc_file('test_12',
+                                     'h2', env.domain1, env.https_port,
+                                     'h3', env.domain1, env.h3_port)
         urln = f'https://{env.authority_for(env.domain1, "h2")}/data.json'
         r = curl.http_download(urls=[urln], with_stats=True, extra_args=[
             '--alt-svc', f'{asfile}',
@@ -112,54 +114,47 @@ class TestReuse:
     @pytest.mark.skipif(condition=not Env.have_h3(), reason="h3 not supported")
     def test_12_05_as_follow_h3h1(self, env: Env, httpd, configures_httpd, nghttpx):
         # With '--http3` an Alt-Svc redirection from h3 to h1 is allowed
-        count = 2
         # write an alt-svc file the advises h1 instead of h3
-        asfile = os.path.join(env.gen_dir, 'alt-svc-12_05.txt')
-        ts = datetime.now() + timedelta(hours=24)
-        expires = f'{ts.year:04}{ts.month:02}{ts.day:02} {ts.hour:02}:{ts.minute:02}:{ts.second:02}'
-        with open(asfile, 'w') as fd:
-            fd.write(f'h3 {env.domain1} {env.https_port} http/1.1 {env.domain1} {env.https_port} "{expires}" 0 0')
-        log.info(f'altscv: {open(asfile).readlines()}')
         curl = CurlClient(env=env)
-        urln = f'https://{env.authority_for(env.domain1, "h3")}/data.json?[0-{count-1}]'
+        asfile = curl.mk_altsvc_file('test_12',
+                                     'h3', env.domain1, env.https_port,
+                                     'http/1.1', env.domain1, env.https_port)
+        urln = f'https://{env.authority_for(env.domain1, "h3")}/data.json'
         r = curl.http_download(urls=[urln], with_stats=True, extra_args=[
             '--alt-svc', f'{asfile}', '--http3'
         ])
-        r.check_response(count=count, http_status=200)
-        # We expect the connection to be reused and use HTTP/1.1
+        r.check_response(count=1, http_status=200)
+        # We expect the connection to be preferring HTTP/1.1 in the ALPN
         assert r.total_connects == 1
-        for s in r.stats:
-            assert s['http_version'] == '1.1', f'{s}'
+        re_m = re.compile(r'.* ALPN: curl offers http/1.1,h2')
+        lines = [line for line in r.trace_lines if re_m.match(line)]
+        assert len(lines), f'{r.dump_logs()}'
 
     @pytest.mark.skipif(condition=not Env.have_h3(), reason="h3 not supported")
     def test_12_06_as_ignore_h3h1(self, env: Env, httpd, configures_httpd, nghttpx):
         # With '--http3-only` an Alt-Svc redirection from h3 to h1 is ignored
-        count = 2
         # write an alt-svc file the advises h1 instead of h3
-        asfile = os.path.join(env.gen_dir, 'alt-svc-12_05.txt')
-        ts = datetime.now() + timedelta(hours=24)
-        expires = f'{ts.year:04}{ts.month:02}{ts.day:02} {ts.hour:02}:{ts.minute:02}:{ts.second:02}'
-        with open(asfile, 'w') as fd:
-            fd.write(f'h3 {env.domain1} {env.https_port} http/1.1 {env.domain1} {env.https_port} "{expires}" 0 0')
-        log.info(f'altscv: {open(asfile).readlines()}')
         curl = CurlClient(env=env)
-        urln = f'https://{env.authority_for(env.domain1, "h3")}/data.json?[0-{count-1}]'
+        asfile = curl.mk_altsvc_file('test_12',
+                                     'h3', env.domain1, env.https_port,
+                                     'http/1.1', env.domain1, env.https_port)
+        urln = f'https://{env.authority_for(env.domain1, "h3")}/data.json'
         r = curl.http_download(urls=[urln], with_stats=True, extra_args=[
             '--alt-svc', f'{asfile}', '--http3-only'
         ])
-        r.check_response(count=count, http_status=200)
+        r.check_response(count=1, http_status=200)
         # We expect the connection to be stay on h3, since we used --http3-only
         assert r.total_connects == 1
-        for s in r.stats:
-            assert s['http_version'] == '3', f'{s}'
+        assert r.stats[0]['http_version'] == '3', f'{r.stats}'
 
     @pytest.mark.skipif(condition=not Env.have_h3(), reason="h3 not supported")
     def test_12_07_as_ignore_h2h3(self, env: Env, httpd, configures_httpd, nghttpx):
         # With '--http2` an Alt-Svc redirection from h2 to h3 is ignored
         # write an alt-svc file that advises h3 instead of h2
-        asfile = os.path.join(env.gen_dir, 'alt-svc-12_03.txt')
-        self.create_asfile(asfile, f'h2 {env.domain1} {env.https_port} h3 {env.domain1} {env.h3_port}')
         curl = CurlClient(env=env)
+        asfile = curl.mk_altsvc_file('test_12',
+                                     'h2', env.domain1, env.https_port,
+                                     'h3', env.domain1, env.h3_port)
         urln = f'https://{env.authority_for(env.domain1, "h2")}/data.json'
         r = curl.http_download(urls=[urln], with_stats=True, extra_args=[
             '--alt-svc', f'{asfile}', '--http2'
@@ -167,9 +162,17 @@ class TestReuse:
         r.check_response(count=1, http_status=200)
         assert r.stats[0]['http_version'] == '2', f'{r.stats}'
 
-    def create_asfile(self, fpath, line):
-        ts = datetime.now() + timedelta(hours=24)
-        expires = f'{ts.year:04}{ts.month:02}{ts.day:02} {ts.hour:02}:{ts.minute:02}:{ts.second:02}'
-        with open(fpath, 'w') as fd:
-            fd.write(f'{line} "{expires}" 0 0')
-        log.info(f'altscv: {open(fpath).readlines()}')
+    # download using HTTP/3 on available server with alt-svc to h2, use h2
+    @pytest.mark.skipif(condition=not Env.have_h3(), reason="missing HTTP/3 support")
+    def test_12_08_h3_altsvc_h2_used(self, env: Env, httpd, nghttpx):
+        curl = CurlClient(env=env)
+        urln = f'https://{env.domain1}:{env.https_port}/data.json'
+        altsvc_file = curl.mk_altsvc_file('test_12',
+                                          'h3', env.domain1, env.https_port,
+                                          'h2', env.domain1, env.https_port)
+        r = curl.http_download(urls=[urln], extra_args=[
+            '--http3', '--alt-svc', altsvc_file
+        ])
+        r.check_exit_code(0)
+        r.check_response(count=1, http_status=200)
+        assert r.stats[0]['http_version'] == '2'
diff --git a/tests/http/testenv/curl.py b/tests/http/testenv/curl.py
index f54170baba..d9fe0706ac 100644
--- a/tests/http/testenv/curl.py
+++ b/tests/http/testenv/curl.py
@@ -36,7 +36,7 @@ import re
 import shutil
 import subprocess
 from statistics import mean, fmean
-from datetime import timedelta, datetime
+from datetime import timedelta, datetime, timezone
 from typing import List, Optional, Dict, Union, Any
 from urllib.parse import urlparse
 
@@ -1211,3 +1211,12 @@ class CurlClient:
             rc = p.returncode
             if rc != 0:
                 raise Exception(f'{fg_gen_flame} returned error {rc}')
+
+    def mk_altsvc_file(self, name, src_alpn, src_host, src_port,
+                       dest_alpn, dest_host, dest_port):
+        fpath = os.path.join(self.run_dir, f'{name}.altsvc')
+        ts = datetime.now(timezone.utc) + timedelta(hours=1)
+        ts = ts.strftime('%Y%m%d %H:%M:%S')
+        with open(fpath, 'w') as fd:
+            fd.write(f'{src_alpn} {src_host} {src_port} {dest_alpn} {dest_host} {dest_port} "{ts}" 1 0\n')
+        return fpath

From 9711c986ba832507e8248bfff112623916cbc367 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Tue, 9 Dec 2025 12:51:17 +0100
Subject: [PATCH 1195/2408] multi: remove MSTATE_TUNNELING

MSTATE_TUNNELING is no longer in use now that we have proxy connection
filters. Remove the state.

Remove the http handler `connect_it` method as it was merely a NOP.

Closes #19894
---
 lib/cfilters.c    |  6 +++++-
 lib/curl_trc.c    |  1 -
 lib/http.c        | 13 ++----------
 lib/http.h        |  1 -
 lib/multi.c       | 53 ++++++++++-------------------------------------
 lib/multihandle.h | 37 +++++++++++++++------------------
 lib/rtsp.c        |  7 ++-----
 lib/ws.c          |  4 ++--
 8 files changed, 39 insertions(+), 83 deletions(-)

diff --git a/lib/cfilters.c b/lib/cfilters.c
index f51da8521a..acffae3f00 100644
--- a/lib/cfilters.c
+++ b/lib/cfilters.c
@@ -577,7 +577,11 @@ bool Curl_conn_is_connected(struct connectdata *conn, int sockindex)
   if(!CONN_SOCK_IDX_VALID(sockindex))
     return FALSE;
   cf = conn->cfilter[sockindex];
-  return cf && cf->connected;
+  if(cf)
+    return cf->connected;
+  else if(conn->handler->flags & PROTOPT_NONETWORK)
+    return TRUE;
+  return FALSE;
 }
 
 bool Curl_conn_is_ip_connected(struct Curl_easy *data, int sockindex)
diff --git a/lib/curl_trc.c b/lib/curl_trc.c
index 430d4c56a1..169f7a7d6d 100644
--- a/lib/curl_trc.c
+++ b/lib/curl_trc.c
@@ -332,7 +332,6 @@ static const char * const Curl_trc_mstate_names[] = {
   "CONNECT",
   "RESOLVING",
   "CONNECTING",
-  "TUNNELING",
   "PROTOCONNECT",
   "PROTOCONNECTING",
   "DO",
diff --git a/lib/http.c b/lib/http.c
index ce5f5becdf..d5aca0e800 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -121,7 +121,7 @@ const struct Curl_handler Curl_handler_http = {
   Curl_http,                            /* do_it */
   Curl_http_done,                       /* done */
   ZERO_NULL,                            /* do_more */
-  Curl_http_connect,                    /* connect_it */
+  ZERO_NULL,                            /* connect_it */
   ZERO_NULL,                            /* connecting */
   ZERO_NULL,                            /* doing */
   ZERO_NULL,                            /* proto_pollset */
@@ -152,7 +152,7 @@ const struct Curl_handler Curl_handler_https = {
   Curl_http,                            /* do_it */
   Curl_http_done,                       /* done */
   ZERO_NULL,                            /* do_more */
-  Curl_http_connect,                    /* connect_it */
+  ZERO_NULL,                            /* connect_it */
   NULL,                                 /* connecting */
   ZERO_NULL,                            /* doing */
   NULL,                                 /* proto_pollset */
@@ -1533,15 +1533,6 @@ bool Curl_compareheader(const char *headerline, /* line to check */
   return FALSE; /* no match */
 }
 
-/*
- * Curl_http_connect() performs HTTP stuff to do at connect-time, called from
- * the generic Curl_connect().
- */
-CURLcode Curl_http_connect(struct Curl_easy *data, bool *done)
-{
-  return Curl_conn_connect(data, FIRSTSOCKET, FALSE, done);
-}
-
 /* this returns the socket to wait for in the DO and DOING state for the multi
    interface and then we are always _sending_ a request and thus we wait for
    the single socket to become writable only */
diff --git a/lib/http.h b/lib/http.h
index c0f13ce1b0..26762b6205 100644
--- a/lib/http.h
+++ b/lib/http.h
@@ -113,7 +113,6 @@ CURLcode Curl_http_setup_conn(struct Curl_easy *data,
                               struct connectdata *conn);
 CURLcode Curl_http(struct Curl_easy *data, bool *done);
 CURLcode Curl_http_done(struct Curl_easy *data, CURLcode, bool premature);
-CURLcode Curl_http_connect(struct Curl_easy *data, bool *done);
 CURLcode Curl_http_doing_pollset(struct Curl_easy *data,
                                  struct easy_pollset *ps);
 CURLcode Curl_http_perform_pollset(struct Curl_easy *data,
diff --git a/lib/multi.c b/lib/multi.c
index 531ec6605e..760f03186d 100644
--- a/lib/multi.c
+++ b/lib/multi.c
@@ -142,7 +142,6 @@ static void mstate(struct Curl_easy *data, CURLMstate state
     Curl_init_CONNECT, /* CONNECT */
     NULL,              /* RESOLVING */
     NULL,              /* CONNECTING */
-    NULL,              /* TUNNELING */
     NULL,              /* PROTOCONNECT */
     NULL,              /* PROTOCONNECTING */
     NULL,              /* DO */
@@ -1122,7 +1121,6 @@ CURLMcode Curl_multi_pollset(struct Curl_easy *data,
     break;
 
   case MSTATE_CONNECTING:
-  case MSTATE_TUNNELING:
     result = mstate_connecting_pollset(data, ps);
     break;
 
@@ -1862,43 +1860,29 @@ static CURLcode protocol_doing(struct Curl_easy *data, bool *done)
  */
 static CURLcode protocol_connect(struct Curl_easy *data, bool *protocol_done)
 {
-  CURLcode result = CURLE_OK;
   struct connectdata *conn = data->conn;
+  CURLcode result = CURLE_OK;
+
   DEBUGASSERT(conn);
   DEBUGASSERT(protocol_done);
+  DEBUGASSERT(Curl_conn_is_connected(conn, FIRSTSOCKET));
 
   *protocol_done = FALSE;
-
-  if(Curl_conn_is_connected(conn, FIRSTSOCKET) && conn->bits.protoconnstart) {
-    /* We already are connected, get back. This may happen when the connect
-       worked fine in the first call, like when we connect to a local server
-       or proxy. Note that we do not know if the protocol is actually done.
-
-       Unless this protocol does not have any protocol-connect callback, as
-       then we know we are done. */
-    if(!conn->handler->connecting)
-      *protocol_done = TRUE;
-
-    return CURLE_OK;
-  }
-
   if(!conn->bits.protoconnstart) {
     if(conn->handler->connect_it) {
-      /* is there a protocol-specific connect() procedure? */
-
       /* Call the protocol-specific connect function */
       result = conn->handler->connect_it(data, protocol_done);
+      if(result)
+        return result;
     }
-    else
-      *protocol_done = TRUE;
-
-    /* it has started, possibly even completed but that knowledge is not stored
-       in this bit! */
-    if(!result)
-      conn->bits.protoconnstart = TRUE;
+    conn->bits.protoconnstart = TRUE;
   }
 
-  return result; /* pass back status */
+  /* Unless this protocol does not have any protocol-connect callback, as
+     then we know we are done. */
+  if(!conn->handler->connecting)
+    *protocol_done = TRUE;
+  return CURLE_OK;
 }
 
 static void set_in_callback(struct Curl_multi *multi, bool value)
@@ -2469,21 +2453,6 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi,
       rc = state_resolving(multi, data, &stream_error, &result);
       break;
 
-#ifndef CURL_DISABLE_HTTP
-    case MSTATE_TUNNELING:
-      /* this is HTTP-specific, but sending CONNECT to a proxy is HTTP... */
-      DEBUGASSERT(data->conn);
-      result = Curl_http_connect(data, &protocol_connected);
-      if(!result) {
-        rc = CURLM_CALL_MULTI_PERFORM;
-        /* initiate protocol connect phase */
-        multistate(data, MSTATE_PROTOCONNECT);
-      }
-      else
-        stream_error = TRUE;
-      break;
-#endif
-
     case MSTATE_CONNECTING:
       /* awaiting a completion of an asynch TCP connect */
       DEBUGASSERT(data->conn);
diff --git a/lib/multihandle.h b/lib/multihandle.h
index a267a209ee..d71958c414 100644
--- a/lib/multihandle.h
+++ b/lib/multihandle.h
@@ -51,26 +51,23 @@ struct Curl_message {
  */
 typedef enum {
   MSTATE_INIT,         /* 0 - start in this state */
-  MSTATE_PENDING,      /* 1 - no connections, waiting for one */
-  MSTATE_SETUP,        /* 2 - start a new transfer */
-  MSTATE_CONNECT,      /* 3 - resolve/connect has been sent off */
-  MSTATE_RESOLVING,    /* 4 - awaiting the resolve to finalize */
-  MSTATE_CONNECTING,   /* 5 - awaiting the TCP connect to finalize */
-  MSTATE_TUNNELING,    /* 6 - awaiting HTTPS proxy SSL initialization to
-                          complete and/or proxy CONNECT to finalize */
-  MSTATE_PROTOCONNECT, /* 7 - initiate protocol connect procedure */
-  MSTATE_PROTOCONNECTING, /* 8 - completing the protocol-specific connect
-                             phase */
-  MSTATE_DO,           /* 9 - start send off the request (part 1) */
-  MSTATE_DOING,        /* 10 - sending off the request (part 1) */
-  MSTATE_DOING_MORE,   /* 11 - send off the request (part 2) */
-  MSTATE_DID,          /* 12 - done sending off request */
-  MSTATE_PERFORMING,   /* 13 - transfer data */
-  MSTATE_RATELIMITING, /* 14 - wait because limit-rate exceeded */
-  MSTATE_DONE,         /* 15 - post data transfer operation */
-  MSTATE_COMPLETED,    /* 16 - operation complete */
-  MSTATE_MSGSENT,      /* 17 - the operation complete message is sent */
-  MSTATE_LAST          /* 18 - not a true state, never use this */
+  MSTATE_PENDING,      /* no connections, waiting for one */
+  MSTATE_SETUP,        /* start a new transfer */
+  MSTATE_CONNECT,      /* resolve/connect has been sent off */
+  MSTATE_RESOLVING,    /* awaiting the resolve to finalize */
+  MSTATE_CONNECTING,   /* awaiting the TCP connect to finalize */
+  MSTATE_PROTOCONNECT, /* initiate protocol connect procedure */
+  MSTATE_PROTOCONNECTING, /* completing the protocol-specific connect phase */
+  MSTATE_DO,           /* start send off the request (part 1) */
+  MSTATE_DOING,        /* sending off the request (part 1) */
+  MSTATE_DOING_MORE,   /* send off the request (part 2) */
+  MSTATE_DID,          /* done sending off request */
+  MSTATE_PERFORMING,   /* transfer data */
+  MSTATE_RATELIMITING, /* wait because limit-rate exceeded */
+  MSTATE_DONE,         /* post data transfer operation */
+  MSTATE_COMPLETED,    /* operation complete */
+  MSTATE_MSGSENT,      /* the operation complete message is sent */
+  MSTATE_LAST          /* not a true state, never use this */
 } CURLMstate;
 
 #define CURLPIPE_ANY (CURLPIPE_MULTIPLEX)
diff --git a/lib/rtsp.c b/lib/rtsp.c
index 0a807899f9..8cd756c4a7 100644
--- a/lib/rtsp.c
+++ b/lib/rtsp.c
@@ -214,13 +214,10 @@ static CURLcode rtsp_connect(struct Curl_easy *data, bool *done)
 {
   struct rtsp_conn *rtspc =
     Curl_conn_meta_get(data->conn, CURL_META_RTSP_CONN);
-  CURLcode httpStatus;
 
   if(!rtspc)
     return CURLE_FAILED_INIT;
 
-  httpStatus = Curl_http_connect(data, done);
-
   /* Initialize the CSeq if not already done */
   if(data->state.rtsp_next_client_CSeq == 0)
     data->state.rtsp_next_client_CSeq = 1;
@@ -228,8 +225,8 @@ static CURLcode rtsp_connect(struct Curl_easy *data, bool *done)
     data->state.rtsp_next_server_CSeq = 1;
 
   rtspc->rtp_channel = -1;
-
-  return httpStatus;
+  *done = TRUE;
+  return CURLE_OK;
 }
 
 static CURLcode rtsp_done(struct Curl_easy *data,
diff --git a/lib/ws.c b/lib/ws.c
index eab06f4f11..38d4195879 100644
--- a/lib/ws.c
+++ b/lib/ws.c
@@ -1914,7 +1914,7 @@ const struct Curl_handler Curl_handler_ws = {
   Curl_http,                            /* do_it */
   Curl_http_done,                       /* done */
   ZERO_NULL,                            /* do_more */
-  Curl_http_connect,                    /* connect_it */
+  ZERO_NULL,                            /* connect_it */
   ZERO_NULL,                            /* connecting */
   ZERO_NULL,                            /* doing */
   ZERO_NULL,                            /* proto_pollset */
@@ -1941,7 +1941,7 @@ const struct Curl_handler Curl_handler_wss = {
   Curl_http,                            /* do_it */
   Curl_http_done,                       /* done */
   ZERO_NULL,                            /* do_more */
-  Curl_http_connect,                    /* connect_it */
+  ZERO_NULL,                            /* connect_it */
   NULL,                                 /* connecting */
   ZERO_NULL,                            /* doing */
   NULL,                                 /* proto_pollset */

From 44e64919cf11c6027d02123c0a02371c0fbf1b48 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Tue, 9 Dec 2025 12:54:00 +0100
Subject: [PATCH 1196/2408] pytest: socksd startup delay

Add a small delay after the startup of the danted socks daemon to
give it more time to become responsive.

Closes #19895
---
 tests/http/test_40_socks.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/tests/http/test_40_socks.py b/tests/http/test_40_socks.py
index 8c6a81f4f6..1c844b82aa 100644
--- a/tests/http/test_40_socks.py
+++ b/tests/http/test_40_socks.py
@@ -26,6 +26,7 @@
 #
 import logging
 import os
+import time
 from typing import Generator
 import pytest
 
@@ -42,6 +43,7 @@ class TestSocks:
     def danted(self, env: Env) -> Generator[Dante, None, None]:
         danted = Dante(env=env)
         assert danted.initial_start()
+        time.sleep(1)
         yield danted
         danted.stop()
 

From 197904d4b1f816ff6a05f0123b9a31663e5a454c Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 9 Dec 2025 15:32:42 +0100
Subject: [PATCH 1197/2408] config-win32.h: delete obsolete, non-Windows
 comments

Closes #19899
---
 lib/config-win32.h | 36 ------------------------------------
 1 file changed, 36 deletions(-)

diff --git a/lib/config-win32.h b/lib/config-win32.h
index 4bf034bea3..4b9ba3e32c 100644
--- a/lib/config-win32.h
+++ b/lib/config-win32.h
@@ -79,9 +79,6 @@
 /*                          HEADER FILES                            */
 /* ---------------------------------------------------------------- */
 
-/* Define if you have the  header file. */
-/* #define HAVE_ARPA_INET_H 1 */
-
 /* Define if you have the  header file. */
 #define HAVE_FCNTL_H 1
 
@@ -91,12 +88,6 @@
 /* Define if you have the  header file. */
 #define HAVE_LOCALE_H 1
 
-/* Define if you have the  header file. */
-/* #define HAVE_NETDB_H 1 */
-
-/* Define if you have the  header file. */
-/* #define HAVE_NETINET_IN_H 1 */
-
 /* Define to 1 if you have the  header file. */
 #if (defined(_MSC_VER) && (_MSC_VER >= 1800)) || defined(__MINGW32__)
 #define HAVE_STDBOOL_H 1
@@ -112,24 +103,12 @@
 #define HAVE_SYS_PARAM_H 1
 #endif
 
-/* Define if you have the  header file. */
-/* #define HAVE_SYS_SELECT_H 1 */
-
-/* Define if you have the  header file. */
-/* #define HAVE_SYS_SOCKIO_H 1 */
-
 /* Define if you have the  header file. */
 #define HAVE_SYS_TYPES_H 1
 
 /* Define if you have the  header file. */
 #define HAVE_SYS_UTIME_H 1
 
-/* Define if you have the  header file. */
-/* #define HAVE_TERMIO_H 1 */
-
-/* Define if you have the  header file. */
-/* #define HAVE_TERMIOS_H 1 */
-
 /* Define if you have the  header file. */
 #ifdef __MINGW32__
 #define HAVE_UNISTD_H 1
@@ -286,9 +265,6 @@
 /* Define to the size of `int', as computed by sizeof. */
 #define SIZEOF_INT 4
 
-/* Define to the size of `long long', as computed by sizeof. */
-/* #define SIZEOF_LONG_LONG 8 */
-
 /* Define to the size of `long', as computed by sizeof. */
 #define SIZEOF_LONG 4
 
@@ -306,15 +282,6 @@
 /*                        COMPILER SPECIFIC                         */
 /* ---------------------------------------------------------------- */
 
-/* Define to nothing if compiler does not support 'const' qualifier. */
-/* #define const */
-
-/* Define to nothing if compiler does not support 'volatile' qualifier. */
-/* #define volatile */
-
-/* Windows should not have HAVE_GMTIME_R defined */
-/* #undef HAVE_GMTIME_R */
-
 /* Define if the compiler supports the 'long long' data type. */
 #if defined(_MSC_VER) || defined(__MINGW32__)
 #define HAVE_LONGLONG 1
@@ -377,9 +344,6 @@
  * Undefine both USE_ARES and USE_THREADS_WIN32 for synchronous DNS.
  */
 
-/* Define to enable c-ares asynchronous DNS lookups. */
-/* #define USE_ARES 1 */
-
 /* Default define to enable threaded asynchronous DNS lookups. */
 #if !defined(USE_SYNC_DNS) && !defined(USE_ARES) && \
     !defined(USE_THREADS_WIN32)

From 74bc0c80b31c98dc9e49f261d0f2a196ff6b145f Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 9 Dec 2025 15:55:25 +0100
Subject: [PATCH 1198/2408] configure: delete unused variable

Follow-up to 4d73854462f30948acab12984b611e9e33ee41e6 #9044

Closes #19901
---
 configure.ac | 1 -
 1 file changed, 1 deletion(-)

diff --git a/configure.ac b/configure.ac
index 1481a096b2..f0d05b1827 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4066,7 +4066,6 @@ CPPFLAGS=$o
 AC_CHECK_TYPE(long long,
   [AC_DEFINE(HAVE_LONGLONG, 1,
     [Define to 1 if the compiler supports the 'long long' data type.])]
-  longlong="yes"
 )
 
 if test ${ac_cv_sizeof_curl_off_t} -lt 8; then

From 073b85cefe30e27316c6bcbb382b746e9a412e73 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Tue, 9 Dec 2025 14:39:16 +0100
Subject: [PATCH 1199/2408] GHA: make links get checked daily

Assisted-by: Viktor Szakats
Closes #19898
---
 .github/workflows/checkdocs.yml | 11 -----------
 .github/workflows/checkurls.yml | 28 ++++++++++++++++++++++++++++
 scripts/mdlinkcheck             |  4 ++--
 3 files changed, 30 insertions(+), 13 deletions(-)
 create mode 100644 .github/workflows/checkurls.yml

diff --git a/.github/workflows/checkdocs.yml b/.github/workflows/checkdocs.yml
index a079aeaa70..7962034e96 100644
--- a/.github/workflows/checkdocs.yml
+++ b/.github/workflows/checkdocs.yml
@@ -89,17 +89,6 @@ jobs:
   #      - name: 'check special prose'
   #        run: proselint docs/internals/CHECKSRC.md docs/libcurl/curl_mprintf.md docs/libcurl/opts/CURLOPT_INTERFACE.md docs/cmdline-opts/interface.md
 
-  linkcheck:
-    name: 'linkcheck'
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
-        with:
-          persist-credentials: false
-
-      - name: 'mdlinkcheck'
-        run: ./scripts/mdlinkcheck
-
   pyspelling:
     name: 'pyspelling'
     runs-on: ubuntu-latest
diff --git a/.github/workflows/checkurls.yml b/.github/workflows/checkurls.yml
new file mode 100644
index 0000000000..f407859c75
--- /dev/null
+++ b/.github/workflows/checkurls.yml
@@ -0,0 +1,28 @@
+# Copyright (C) Daniel Stenberg, , et al.
+#
+# SPDX-License-Identifier: curl
+
+name: 'URLs'
+
+'on':
+  schedule:
+    - cron: '10 5 * * *'
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}
+  cancel-in-progress: true
+
+permissions: {}
+
+jobs:
+  linkcheck:
+    if: ${{ github.repository_owner == 'curl' }}
+    name: 'linkcheck'
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
+          persist-credentials: false
+
+      - name: 'mdlinkcheck'
+        run: ./scripts/mdlinkcheck
diff --git a/scripts/mdlinkcheck b/scripts/mdlinkcheck
index bce3ca3fd5..c28f7dd1ed 100755
--- a/scripts/mdlinkcheck
+++ b/scripts/mdlinkcheck
@@ -86,8 +86,8 @@ my %whitelist = (
 my %url;
 my %flink;
 
-# list all .md files in the repo
-my @files=`git ls-files '**.md'`;
+# list all files to scan for links
+my @files=`git ls-files docs src lib scripts`;
 
 sub storelink {
     my ($f, $line, $link) = @_;

From 163705db756557e6c07ac9386663f0576ebfd64e Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 9 Dec 2025 10:31:20 +0100
Subject: [PATCH 1200/2408] windows: assume `USE_WIN32_LARGE_FILES`

All Windows platforms support it. It was permanently enabled with most
build methods. The exception is autotools where it is enabled by
default, with an option to disable it. It changed the build in a few
places for rarely tested code paths, but not bringing other advantages
(and used some 64-bit APIs anyway). This patch makes autotools'
`--disable-largefile` option a no-op for Windows.

Closes #19888
---
 CMakeLists.txt          |  5 +----
 acinclude.m4            | 27 ---------------------------
 configure.ac            |  1 -
 lib/config-win32.h      | 13 ++++---------
 lib/curl_config.h.cmake |  3 ---
 lib/curl_setup.h        | 23 +++++++----------------
 lib/curlx/fopen.c       | 10 +---------
 lib/version.c           |  3 +--
 src/tool_cb_see.c       |  2 +-
 9 files changed, 15 insertions(+), 72 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 685335667b..8b3cbecc51 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1772,8 +1772,6 @@ if(WIN32)
   endif()
   list(APPEND CURL_LIBS "bcrypt")
 
-  set(USE_WIN32_LARGE_FILES ON)
-
   # We use crypto functions that are not available for UWP apps
   if(NOT WINDOWS_STORE)
     set(USE_WIN32_CRYPTO ON)
@@ -1972,8 +1970,7 @@ curl_add_if("asyn-rr"       USE_ARES AND ENABLE_THREADED_RESOLVER AND USE_HTTPSR
 curl_add_if("IDN"           (HAVE_LIBIDN2 AND HAVE_IDN2_H) OR
                             USE_WIN32_IDN OR
                             USE_APPLE_IDN)
-curl_add_if("Largefile"     (SIZEOF_CURL_OFF_T GREATER 4) AND
-                            ((SIZEOF_OFF_T GREATER 4) OR USE_WIN32_LARGE_FILES))
+curl_add_if("Largefile"     (SIZEOF_CURL_OFF_T GREATER 4) AND ((SIZEOF_OFF_T GREATER 4) OR WIN32))
 curl_add_if("SSPI"          USE_WINDOWS_SSPI)
 curl_add_if("GSS-API"       HAVE_GSSAPI)
 curl_add_if("alt-svc"       NOT CURL_DISABLE_ALTSVC)
diff --git a/acinclude.m4 b/acinclude.m4
index 60e05add11..0627ed1fd7 100644
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -1307,33 +1307,6 @@ AS_HELP_STRING([--without-ca-embed], [Do not embed a default CA bundle in the cu
   fi
 ])
 
-dnl CURL_CHECK_WIN32_LARGEFILE
-dnl -------------------------------------------------
-dnl Check if curl's Win32 large file will be used
-
-AC_DEFUN([CURL_CHECK_WIN32_LARGEFILE], [
-  AC_REQUIRE([CURL_CHECK_NATIVE_WINDOWS])dnl
-  if test "$curl_cv_native_windows" = 'yes'; then
-    AC_MSG_CHECKING([whether build target supports Win32 large files])
-    dnl All mingw-w64 versions support large files
-    curl_win32_has_largefile='yes'
-    case "$curl_win32_has_largefile" in
-      yes)
-        if test x"$enable_largefile" = 'xno'; then
-          AC_MSG_RESULT([yes (large file disabled)])
-        else
-          AC_MSG_RESULT([yes (large file enabled)])
-          AC_DEFINE_UNQUOTED(USE_WIN32_LARGE_FILES, 1,
-            [Define to 1 if you are building a Windows target with large file support.])
-        fi
-        ;;
-      *)
-        AC_MSG_RESULT([no])
-        ;;
-    esac
-  fi
-])
-
 dnl CURL_CHECK_WIN32_CRYPTO
 dnl -------------------------------------------------
 dnl Check if curl's Win32 crypto lib can be used
diff --git a/configure.ac b/configure.ac
index f0d05b1827..64fa6516ec 100644
--- a/configure.ac
+++ b/configure.ac
@@ -618,7 +618,6 @@ dnl **********************************************************************
 dnl Compilation based checks should not be done before this point.
 dnl **********************************************************************
 
-CURL_CHECK_WIN32_LARGEFILE
 CURL_CHECK_WIN32_CRYPTO
 
 curl_cv_apple='no'
diff --git a/lib/config-win32.h b/lib/config-win32.h
index 4b9ba3e32c..2bdb555084 100644
--- a/lib/config-win32.h
+++ b/lib/config-win32.h
@@ -318,19 +318,14 @@
 /*                        LARGE FILE SUPPORT                        */
 /* ---------------------------------------------------------------- */
 
-#if defined(_MSC_VER) || defined(__MINGW32__)
-#  define USE_WIN32_LARGE_FILES
 /* Number of bits in a file offset, on hosts where this is settable. */
-#  ifdef __MINGW32__
-#    ifndef _FILE_OFFSET_BITS
-#    define _FILE_OFFSET_BITS 64
-#    endif
-#  endif
+#ifdef __MINGW32__
+#  undef _FILE_OFFSET_BITS
+#  define _FILE_OFFSET_BITS 64
 #endif
 
 /* Define to the size of `off_t', as computed by sizeof. */
-#if defined(__MINGW32__) && \
-  defined(_FILE_OFFSET_BITS) && (_FILE_OFFSET_BITS == 64)
+#ifdef __MINGW32__
 #  define SIZEOF_OFF_T 8
 #else
 #  define SIZEOF_OFF_T 4
diff --git a/lib/curl_config.h.cmake b/lib/curl_config.h.cmake
index 37ec3d9a65..eaac11ec00 100644
--- a/lib/curl_config.h.cmake
+++ b/lib/curl_config.h.cmake
@@ -761,9 +761,6 @@ ${SIZEOF_TIME_T_CODE}
 /* if Unix domain sockets are enabled  */
 #cmakedefine USE_UNIX_SOCKETS 1
 
-/* Define to 1 if you are building a Windows target with large file support. */
-#cmakedefine USE_WIN32_LARGE_FILES 1
-
 /* to enable SSPI support */
 #cmakedefine USE_WINDOWS_SSPI 1
 
diff --git a/lib/curl_setup.h b/lib/curl_setup.h
index 829650aee4..a7dc41493c 100644
--- a/lib/curl_setup.h
+++ b/lib/curl_setup.h
@@ -471,22 +471,13 @@
 #  endif
 #  include 
 #  include 
-#  ifdef USE_WIN32_LARGE_FILES
-     /* Large file (>2Gb) support using Win32 functions. */
-#    undef  lseek
-#    define lseek(fdes, offset, whence)  _lseeki64(fdes, offset, whence)
-#    undef  fstat
-#    define fstat(fdes, stp)             _fstati64(fdes, stp)
-#    define struct_stat                  struct _stati64
-#    define LSEEK_ERROR                  (__int64)-1
-#  else
-     /* Small file (<2Gb) support using Win32 functions. */
-#    undef  lseek
-#    define lseek(fdes, offset, whence)  _lseek(fdes, (long)offset, whence)
-#    define fstat(fdes, stp)             _fstat(fdes, stp)
-#    define struct_stat                  struct _stat
-#    define LSEEK_ERROR                  (long)-1
-#  endif
+   /* Large file (>2Gb) support using Win32 functions. */
+#  undef  lseek
+#  define lseek(fdes, offset, whence)  _lseeki64(fdes, offset, whence)
+#  undef  fstat
+#  define fstat(fdes, stp)             _fstati64(fdes, stp)
+#  define struct_stat                  struct _stati64
+#  define LSEEK_ERROR                  (__int64)-1
 #elif defined(__DJGPP__)
    /* Requires DJGPP 2.04 */
 #  include 
diff --git a/lib/curlx/fopen.c b/lib/curlx/fopen.c
index c9b7a9c0b5..75ff63901e 100644
--- a/lib/curlx/fopen.c
+++ b/lib/curlx/fopen.c
@@ -28,7 +28,7 @@
 
 int curlx_fseek(void *stream, curl_off_t offset, int whence)
 {
-#if defined(_WIN32) && defined(USE_WIN32_LARGE_FILES)
+#ifdef _WIN32
   return _fseeki64(stream, (__int64)offset, whence);
 #elif defined(HAVE_FSEEKO) && defined(HAVE_DECL_FSEEKO)
   return fseeko(stream, (off_t)offset, whence);
@@ -373,11 +373,7 @@ int curlx_win32_stat(const char *path, struct_stat *buffer)
       target = fixed;
     else
       target = path_w;
-#ifndef USE_WIN32_LARGE_FILES
-    result = _wstat(target, buffer);
-#else
     result = _wstati64(target, buffer);
-#endif
     CURLX_FREE(path_w);
   }
   else
@@ -388,11 +384,7 @@ int curlx_win32_stat(const char *path, struct_stat *buffer)
     target = fixed;
   else
     target = path;
-#ifndef USE_WIN32_LARGE_FILES
-  result = _stat(target, buffer);
-#else
   result = _stati64(target, buffer);
-#endif
 #endif
 
   CURLX_FREE(fixed);
diff --git a/lib/version.c b/lib/version.c
index 79654fa975..fe4f637d67 100644
--- a/lib/version.c
+++ b/lib/version.c
@@ -500,8 +500,7 @@ static const struct feat features_table[] = {
 #ifdef USE_KERBEROS5
   FEATURE("Kerberos",    NULL,                CURL_VERSION_KERBEROS5),
 #endif
-#if (SIZEOF_CURL_OFF_T > 4) && \
-    ( (SIZEOF_OFF_T > 4) || defined(USE_WIN32_LARGE_FILES) )
+#if (SIZEOF_CURL_OFF_T > 4) && ((SIZEOF_OFF_T > 4) || defined(_WIN32))
   FEATURE("Largefile",   NULL,                CURL_VERSION_LARGEFILE),
 #endif
 #ifdef HAVE_LIBZ
diff --git a/src/tool_cb_see.c b/src/tool_cb_see.c
index ea5c8e313b..6c3cadc7f5 100644
--- a/src/tool_cb_see.c
+++ b/src/tool_cb_see.c
@@ -38,7 +38,7 @@ int tool_seek_cb(void *userdata, curl_off_t offset, int whence)
 {
   struct per_transfer *per = userdata;
 
-#if (SIZEOF_CURL_OFF_T > SIZEOF_OFF_T) && !defined(USE_WIN32_LARGE_FILES)
+#if (SIZEOF_CURL_OFF_T > SIZEOF_OFF_T) && !defined(_WIN32)
 
 /* OUR_MAX_SEEK_L has 'long' data type, OUR_MAX_SEEK_O has 'curl_off_t,
    both represent the same value. Maximum offset used here when we lseek

From a7c974e038572bd1d4a653afbd6de5fad5a10215 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 8 Oct 2025 16:20:54 +0200
Subject: [PATCH 1201/2408] DEPRECATE: add CMake <3.18 deprecation for April
 2026

CMake 3.18 was released on 2020-07-15.

It enables using (and/or dropping workarounds) for these features:
LTO support, better performance and pkg-config support, `OBJECT` target,
`-S`, `-B`, `--verbose`, `--install` on the command-line, lib directory
support in interface targets, target_link_options(), LINK_OPTIONS,
FetchContent, `list(PREPEND ...)`, unity, Ninja, fixed imported global
issues.

Ref: https://github.com/curl/curl/discussions/18704

Closes #19902
---
 docs/DEPRECATE.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/docs/DEPRECATE.md b/docs/DEPRECATE.md
index 2a3cbfc78d..2219bd3264 100644
--- a/docs/DEPRECATE.md
+++ b/docs/DEPRECATE.md
@@ -50,6 +50,12 @@ RTMP in curl is powered by the 3rd party library librtmp.
 
 Support for RTMP in libcurl gets removed in April 2026.
 
+## CMake 3.17 and earlier
+
+We remove support for CMake <3.18 in April 2026.
+
+CMake 3.18 was released on 2020-07-15.
+
 ## Past removals
 
  - axTLS (removed in 7.63.0)

From 920319855de090b0eacc27812baf71e82c178ea3 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 9 Dec 2025 22:26:41 +0100
Subject: [PATCH 1202/2408] mdlinkcheck: exclude self from URL search

To avoid picking up the whitelist.

Closes #19909
---
 scripts/mdlinkcheck | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/scripts/mdlinkcheck b/scripts/mdlinkcheck
index c28f7dd1ed..f83144108e 100755
--- a/scripts/mdlinkcheck
+++ b/scripts/mdlinkcheck
@@ -197,7 +197,9 @@ sub checkurl {
 
 for my $f (@files) {
     chomp $f;
-    findlinks($f);
+    if($f !~ /\/mdlinkcheck$/) {
+        findlinks($f);
+    }
 }
 
 #for my $u (sort keys %url) {

From 3fb932d49255d92141c27d3e9a040752622620b7 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 9 Dec 2025 23:27:34 +0100
Subject: [PATCH 1203/2408] mdlinkcheck: do not pick up single quote and
 backslash after URLs

Closes #19910
---
 scripts/mdlinkcheck | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/scripts/mdlinkcheck b/scripts/mdlinkcheck
index f83144108e..446cb9f1dd 100755
--- a/scripts/mdlinkcheck
+++ b/scripts/mdlinkcheck
@@ -160,10 +160,10 @@ sub findlinks {
             #print "$f:$line $link\n";
             storelink($f, $line, $link);
         }
-        # ignore trailing: dot, quote, asterisk, hash, comma, question mark,
-        # colon, closing parenthesis, closing angle bracket, whitespace, pipe,
-        # backtick, semicolon
-        elsif(/(https:\/\/[a-z0-9.\/:%_+@-]+[^."*\#,?:\)> \t|`;])/i) {
+        # ignore trailing: dot, double quote, single quote, asterisk, hash,
+        # comma, question mark, colon, closing parenthesis, backslash,
+        # closing angle bracket, whitespace, pipe, backtick, semicolon
+        elsif(/(https:\/\/[a-z0-9.\/:%_+@-]+[^."'*\#,?:\)> \t|`;\\])/i) {
             #print "RAW ";
             storelink($f, $line, $1);
         }

From bd19433b0ebbd719487577f8ffa25ba6bdb8f909 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 9 Dec 2025 20:06:33 +0100
Subject: [PATCH 1204/2408] build: set `-Wno-format-signedness`

Explicitly disable these warnings to allow using `-Weverything`.

There are around 600 of them across the codebase.

Silencing them has some drawbacks:
- enums (`CURLcode` mostly) would have to be cast to int to avoid
  different signedness depending on C compiler.
  (llvm/gcc: unsigned, MSVC/clang-cl: signed by default)
- hex masks need casts to unsigned to avoid the warning.
- fixing remaining warnings is annoying without fixing the above.
- without fixing all warnings the option cannot be enabled, to keep
  the codebase warning free.

Ref: #18343 (silenced all warnings, but without the enum cast)
Follow-up to 92f215fea1aa8bd5b1709d38f42aab77ab3fc662 #18477
Closes #19907
---
 CMake/PickyWarnings.cmake | 7 +++++++
 m4/curl-compilers.m4      | 5 +++++
 2 files changed, 12 insertions(+)

diff --git a/CMake/PickyWarnings.cmake b/CMake/PickyWarnings.cmake
index e9a0d61c0e..00451f7480 100644
--- a/CMake/PickyWarnings.cmake
+++ b/CMake/PickyWarnings.cmake
@@ -232,6 +232,12 @@ if(PICKY_COMPILER)
           -Wcast-function-type-strict      # clang 16.0            appleclang 16.0
         )
       endif()
+      if((CMAKE_C_COMPILER_ID STREQUAL "Clang"      AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 19.1) OR
+         (CMAKE_C_COMPILER_ID STREQUAL "AppleClang" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 17.0))
+        list(APPEND _picky_enable
+          -Wno-format-signedness           # clang 19.1  gcc  5.1  appleclang 17.0  # In clang-cl enums are signed ints by default
+        )
+      endif()
       if(CMAKE_C_COMPILER_ID STREQUAL "Clang"      AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 21.1)
         list(APPEND _picky_enable
           -Warray-compare                  # clang 20.1  gcc 12.0  appleclang ?
@@ -282,6 +288,7 @@ if(PICKY_COMPILER)
       if(CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 5.0)
         list(APPEND _picky_enable
           -Warray-bounds=2                 # clang  3.0  gcc  5.0 (clang default: -Warray-bounds)
+          -Wno-format-signedness           # clang 19.1  gcc  5.1  appleclang 17.0
         )
       endif()
       if(CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 6.0)
diff --git a/m4/curl-compilers.m4 b/m4/curl-compilers.m4
index dda5b7934e..343391d602 100644
--- a/m4/curl-compilers.m4
+++ b/m4/curl-compilers.m4
@@ -936,6 +936,10 @@ AC_DEFUN([CURL_SET_COMPILER_WARNING_OPTS], [
           if test "$compiler_num" -ge "1700"; then
             CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [cast-function-type-strict])  # with Apple clang it requires 16.0 or above
           fi
+          dnl clang 19 or later
+          if test "$compiler_num" -ge "1901"; then
+            tmp_CFLAGS="$tmp_CFLAGS -Wno-format-signedness"
+          fi
           dnl clang 20 or later
           if test "$compiler_num" -ge "2001"; then
             CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [array-compare])
@@ -1115,6 +1119,7 @@ AC_DEFUN([CURL_SET_COMPILER_WARNING_OPTS], [
           dnl Only gcc 5 or later
           if test "$compiler_num" -ge "500"; then
             tmp_CFLAGS="$tmp_CFLAGS -Warray-bounds=2"
+            tmp_CFLAGS="$tmp_CFLAGS -Wno-format-signedness"
           fi
           #
           dnl Only gcc 6 or later

From d371288de73465efb1b26958150d04f8adfe6fd2 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Tue, 9 Dec 2025 17:00:52 +0100
Subject: [PATCH 1205/2408] test: increase altsvc test reliability

Move new tests from test_12 to test_06 (eyeballing) where they better
fit. Increase reliability by check Alt-Svc redirects from h3 to a lower
version for a port where no h3 is available.

Closes #19903
---
 tests/http/test_06_eyeballs.py |  66 +++++++++++++++++++++
 tests/http/test_12_reuse.py    | 104 ---------------------------------
 2 files changed, 66 insertions(+), 104 deletions(-)

diff --git a/tests/http/test_06_eyeballs.py b/tests/http/test_06_eyeballs.py
index 3b374e8158..6129ab5f17 100644
--- a/tests/http/test_06_eyeballs.py
+++ b/tests/http/test_06_eyeballs.py
@@ -149,3 +149,69 @@ class TestEyeballs:
         r.check_exit_code(0)
         r.check_response(count=1, http_status=200)
         assert r.stats[0]['http_version'] == '2'
+
+    @pytest.mark.skipif(condition=not Env.have_h3(), reason="h3 not supported")
+    def test_06_21_as_follow_h3h1(self, env: Env, httpd, configures_httpd, nghttpx):
+        # With '--http3` an Alt-Svc redirection from h3 to h1 is allowed
+        # write an alt-svc file the advises h1 instead of h3
+        curl = CurlClient(env=env)
+        asfile = curl.mk_altsvc_file('test_12',
+                                     'h3', env.domain1, env.https_only_tcp_port,
+                                     'http/1.1', env.domain1, env.https_only_tcp_port)
+        urln = f'https://{env.domain1}:{env.https_only_tcp_port}/data.json'
+        r = curl.http_download(urls=[urln], with_stats=True, extra_args=[
+            '--alt-svc', f'{asfile}', '--http3'
+        ])
+        r.check_response(count=1, http_status=200)
+        # We expect the connection to be preferring HTTP/1.1 in the ALPN
+        assert r.total_connects == 1, f'{r.dump_logs()}'
+        re_m = re.compile(r'.* ALPN: curl offers http/1.1,h2')
+        lines = [line for line in r.trace_lines if re_m.match(line)]
+        assert len(lines), f'{r.dump_logs()}'
+
+    @pytest.mark.skipif(condition=not Env.have_h3(), reason="h3 not supported")
+    def test_06_22_as_ignore_h3h1(self, env: Env, httpd, configures_httpd, nghttpx):
+        # With '--http3-only` an Alt-Svc redirection from h3 to h1 is ignored
+        # write an alt-svc file the advises h1 instead of h3
+        curl = CurlClient(env=env)
+        asfile = curl.mk_altsvc_file('test_12',
+                                     'h3', env.domain1, env.https_port,
+                                     'http/1.1', env.domain1, env.https_port)
+        urln = f'https://{env.authority_for(env.domain1, "h3")}/data.json'
+        r = curl.http_download(urls=[urln], with_stats=True, extra_args=[
+            '--alt-svc', f'{asfile}', '--http3-only'
+        ])
+        r.check_response(count=1, http_status=200)
+        # We expect the connection to be stay on h3, since we used --http3-only
+        assert r.total_connects == 1
+        assert r.stats[0]['http_version'] == '3', f'{r.stats}'
+
+    @pytest.mark.skipif(condition=not Env.have_h3(), reason="h3 not supported")
+    def test_06_23_as_ignore_h2h3(self, env: Env, httpd, configures_httpd, nghttpx):
+        # With '--http2` an Alt-Svc redirection from h2 to h3 is ignored
+        # write an alt-svc file that advises h3 instead of h2
+        curl = CurlClient(env=env)
+        asfile = curl.mk_altsvc_file('test_12',
+                                     'h2', env.domain1, env.https_port,
+                                     'h3', env.domain1, env.h3_port)
+        urln = f'https://{env.authority_for(env.domain1, "h2")}/data.json'
+        r = curl.http_download(urls=[urln], with_stats=True, extra_args=[
+            '--alt-svc', f'{asfile}', '--http2'
+        ])
+        r.check_response(count=1, http_status=200)
+        assert r.stats[0]['http_version'] == '2', f'{r.stats}'
+
+    # download using HTTP/3 on available server with alt-svc to h2, use h2
+    @pytest.mark.skipif(condition=not Env.have_h3(), reason="missing HTTP/3 support")
+    def test_06_24_h3_altsvc_h2_used(self, env: Env, httpd, nghttpx):
+        curl = CurlClient(env=env)
+        urln = f'https://{env.domain1}:{env.https_only_tcp_port}/data.json'
+        altsvc_file = curl.mk_altsvc_file('test_12',
+                                          'h3', env.domain1, env.https_only_tcp_port,
+                                          'h2', env.domain1, env.https_only_tcp_port)
+        r = curl.http_download(urls=[urln], extra_args=[
+            '--http3', '--alt-svc', altsvc_file
+        ])
+        r.check_exit_code(0)
+        r.check_response(count=1, http_status=200)
+        assert r.stats[0]['http_version'] == '2'
diff --git a/tests/http/test_12_reuse.py b/tests/http/test_12_reuse.py
index 522df92708..6f267d9862 100644
--- a/tests/http/test_12_reuse.py
+++ b/tests/http/test_12_reuse.py
@@ -25,9 +25,6 @@
 ###########################################################################
 #
 import logging
-import os
-import re
-from datetime import datetime, timedelta
 import pytest
 
 from testenv import Env, CurlClient
@@ -75,104 +72,3 @@ class TestReuse:
         r.check_response(count=count, http_status=200)
         # Connections time out on server before we send another request,
         assert r.total_connects == count
-
-    @pytest.mark.skipif(condition=not Env.have_h3(), reason="h3 not supported")
-    def test_12_03_as_follow_h2h3(self, env: Env, httpd, configures_httpd, nghttpx):
-        curl = CurlClient(env=env)
-        # write an alt-svc file that advises h3 instead of h2
-        asfile = curl.mk_altsvc_file('test_12',
-                                     'h2', env.domain1, env.https_port,
-                                     'h3', env.domain1, env.h3_port)
-        urln = f'https://{env.authority_for(env.domain1, "h2")}/data.json'
-        r = curl.http_download(urls=[urln], with_stats=True, extra_args=[
-            '--alt-svc', f'{asfile}',
-        ])
-        r.check_response(count=1, http_status=200)
-        assert r.stats[0]['http_version'] == '3', f'{r.stats}'
-
-    @pytest.mark.skipif(condition=not Env.have_h3(), reason="h3 not supported")
-    def test_12_04_as_follow_h3h2(self, env: Env, httpd, configures_httpd, nghttpx):
-        count = 2
-        # write an alt-svc file the advises h2 instead of h3
-        asfile = os.path.join(env.gen_dir, 'alt-svc-12_04.txt')
-        ts = datetime.now() + timedelta(hours=24)
-        expires = f'{ts.year:04}{ts.month:02}{ts.day:02} {ts.hour:02}:{ts.minute:02}:{ts.second:02}'
-        with open(asfile, 'w') as fd:
-            fd.write(f'h3 {env.domain1} {env.https_port} h2 {env.domain1} {env.https_port} "{expires}" 0 0')
-        log.info(f'altscv: {open(asfile).readlines()}')
-        curl = CurlClient(env=env)
-        urln = f'https://{env.authority_for(env.domain1, "h3")}/data.json?[0-{count-1}]'
-        r = curl.http_download(urls=[urln], with_stats=True, extra_args=[
-            '--alt-svc', f'{asfile}', '--http3'
-        ])
-        r.check_response(count=count, http_status=200)
-        # We expect the connection to be reused and use HTTP/2
-        assert r.total_connects == 1
-        for s in r.stats:
-            assert s['http_version'] == '2', f'{s}'
-
-    @pytest.mark.skipif(condition=not Env.have_h3(), reason="h3 not supported")
-    def test_12_05_as_follow_h3h1(self, env: Env, httpd, configures_httpd, nghttpx):
-        # With '--http3` an Alt-Svc redirection from h3 to h1 is allowed
-        # write an alt-svc file the advises h1 instead of h3
-        curl = CurlClient(env=env)
-        asfile = curl.mk_altsvc_file('test_12',
-                                     'h3', env.domain1, env.https_port,
-                                     'http/1.1', env.domain1, env.https_port)
-        urln = f'https://{env.authority_for(env.domain1, "h3")}/data.json'
-        r = curl.http_download(urls=[urln], with_stats=True, extra_args=[
-            '--alt-svc', f'{asfile}', '--http3'
-        ])
-        r.check_response(count=1, http_status=200)
-        # We expect the connection to be preferring HTTP/1.1 in the ALPN
-        assert r.total_connects == 1
-        re_m = re.compile(r'.* ALPN: curl offers http/1.1,h2')
-        lines = [line for line in r.trace_lines if re_m.match(line)]
-        assert len(lines), f'{r.dump_logs()}'
-
-    @pytest.mark.skipif(condition=not Env.have_h3(), reason="h3 not supported")
-    def test_12_06_as_ignore_h3h1(self, env: Env, httpd, configures_httpd, nghttpx):
-        # With '--http3-only` an Alt-Svc redirection from h3 to h1 is ignored
-        # write an alt-svc file the advises h1 instead of h3
-        curl = CurlClient(env=env)
-        asfile = curl.mk_altsvc_file('test_12',
-                                     'h3', env.domain1, env.https_port,
-                                     'http/1.1', env.domain1, env.https_port)
-        urln = f'https://{env.authority_for(env.domain1, "h3")}/data.json'
-        r = curl.http_download(urls=[urln], with_stats=True, extra_args=[
-            '--alt-svc', f'{asfile}', '--http3-only'
-        ])
-        r.check_response(count=1, http_status=200)
-        # We expect the connection to be stay on h3, since we used --http3-only
-        assert r.total_connects == 1
-        assert r.stats[0]['http_version'] == '3', f'{r.stats}'
-
-    @pytest.mark.skipif(condition=not Env.have_h3(), reason="h3 not supported")
-    def test_12_07_as_ignore_h2h3(self, env: Env, httpd, configures_httpd, nghttpx):
-        # With '--http2` an Alt-Svc redirection from h2 to h3 is ignored
-        # write an alt-svc file that advises h3 instead of h2
-        curl = CurlClient(env=env)
-        asfile = curl.mk_altsvc_file('test_12',
-                                     'h2', env.domain1, env.https_port,
-                                     'h3', env.domain1, env.h3_port)
-        urln = f'https://{env.authority_for(env.domain1, "h2")}/data.json'
-        r = curl.http_download(urls=[urln], with_stats=True, extra_args=[
-            '--alt-svc', f'{asfile}', '--http2'
-        ])
-        r.check_response(count=1, http_status=200)
-        assert r.stats[0]['http_version'] == '2', f'{r.stats}'
-
-    # download using HTTP/3 on available server with alt-svc to h2, use h2
-    @pytest.mark.skipif(condition=not Env.have_h3(), reason="missing HTTP/3 support")
-    def test_12_08_h3_altsvc_h2_used(self, env: Env, httpd, nghttpx):
-        curl = CurlClient(env=env)
-        urln = f'https://{env.domain1}:{env.https_port}/data.json'
-        altsvc_file = curl.mk_altsvc_file('test_12',
-                                          'h3', env.domain1, env.https_port,
-                                          'h2', env.domain1, env.https_port)
-        r = curl.http_download(urls=[urln], extra_args=[
-            '--http3', '--alt-svc', altsvc_file
-        ])
-        r.check_exit_code(0)
-        r.check_response(count=1, http_status=200)
-        assert r.stats[0]['http_version'] == '2'

From 00f06127ce4e0d9115770a2896c816fde087ae71 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Tue, 9 Dec 2025 15:48:52 +0100
Subject: [PATCH 1206/2408] memdebug: fix realloc logging

Do the whole realloc and the subsequent logging under mutex lock. This
fixed log entries that state allocation a memory location before realloc
logs it as being freed.

Closes #19900
---
 lib/memdebug.c | 88 +++++++++++++++++++++++++++++++++++++-------------
 1 file changed, 65 insertions(+), 23 deletions(-)

diff --git a/lib/memdebug.c b/lib/memdebug.c
index 991c9eb921..05cd45a6f9 100644
--- a/lib/memdebug.c
+++ b/lib/memdebug.c
@@ -71,6 +71,29 @@ static bool dbg_mutex_init = 0;
 static curl_mutex_t dbg_mutex;
 #endif
 
+static bool curl_dbg_lock(void)
+{
+#if defined(USE_THREADS_POSIX) || defined(USE_THREADS_WIN32)
+  if(dbg_mutex_init) {
+    Curl_mutex_acquire(&dbg_mutex);
+    return TRUE;
+  }
+#endif
+  return FALSE;
+}
+
+static void curl_dbg_unlock(bool was_locked)
+{
+#if defined(USE_THREADS_POSIX) || defined(USE_THREADS_WIN32)
+  if(was_locked)
+    Curl_mutex_release(&dbg_mutex);
+#else
+  (void)was_locked;
+#endif
+}
+
+static void curl_dbg_log_locked(const char *format, ...) CURL_PRINTF(1, 2);
+
 /* LeakSantizier (LSAN) calls _exit() instead of exit() when a leak is detected
    on exit so the logfile must be closed explicitly or data could be lost.
    Though _exit() does not call atexit handlers such as this, LSAN's call to
@@ -295,6 +318,7 @@ void *curl_dbg_realloc(void *ptr, size_t wantedsize,
                        int line, const char *source)
 {
   struct memdebug *mem = NULL;
+  bool was_locked;
 
   size_t size = sizeof(struct memdebug) + wantedsize;
 
@@ -303,6 +327,10 @@ void *curl_dbg_realloc(void *ptr, size_t wantedsize,
   if(countcheck("realloc", line, source))
     return NULL;
 
+  /* need to realloc under lock, as we get out-of-order log
+   * entries otherwise, since another thread might alloc the
+   * memory released by realloc() before otherwise would log it. */
+  was_locked = curl_dbg_lock();
 #ifdef __INTEL_COMPILER
 #  pragma warning(push)
 #  pragma warning(disable:1684)
@@ -318,10 +346,11 @@ void *curl_dbg_realloc(void *ptr, size_t wantedsize,
 
   mem = (Curl_crealloc)(mem, size);
   if(source)
-    curl_dbg_log("MEM %s:%d realloc(%p, %zu) = %p\n",
-                source, line, (void *)ptr, wantedsize,
-                mem ? (void *)mem->mem : (void *)0);
+    curl_dbg_log_locked("MEM %s:%d realloc(%p, %zu) = %p\n",
+                        source, line, (void *)ptr, wantedsize,
+                        mem ? (void *)mem->mem : (void *)0);
 
+  curl_dbg_unlock(was_locked);
   if(mem) {
     mem->size = wantedsize;
     return mem->mem;
@@ -522,29 +551,18 @@ int curl_dbg_fclose(FILE *file, int line, const char *source)
   return res;
 }
 
-/* this does the writing to the memory tracking log file */
-void curl_dbg_log(const char *format, ...)
+static void curl_dbg_vlog(const char * const fmt,
+                          va_list ap) CURL_PRINTF(1, 0);
+
+static void curl_dbg_vlog(const char * const fmt, va_list ap)
 {
   char buf[1024];
-  size_t nchars;
-  va_list ap;
-
-  if(!curl_dbg_logfile)
-    return;
-
-  va_start(ap, format);
-  nchars = curl_mvsnprintf(buf, sizeof(buf), format, ap);
-  va_end(ap);
+  size_t nchars = curl_mvsnprintf(buf, sizeof(buf), fmt, ap);
 
   if(nchars > (int)sizeof(buf) - 1)
     nchars = (int)sizeof(buf) - 1;
 
   if(nchars > 0) {
-#if defined(USE_THREADS_POSIX) || defined(USE_THREADS_WIN32)
-    bool lock_mutex = dbg_mutex_init;
-    if(lock_mutex)
-      Curl_mutex_acquire(&dbg_mutex);
-#endif
     if(sizeof(membuf) - nchars < memwidx) {
       /* flush */
       fwrite(membuf, 1, memwidx, curl_dbg_logfile);
@@ -557,11 +575,35 @@ void curl_dbg_log(const char *format, ...)
     }
     memcpy(&membuf[memwidx], buf, nchars);
     memwidx += nchars;
-#if defined(USE_THREADS_POSIX) || defined(USE_THREADS_WIN32)
-    if(lock_mutex)
-      Curl_mutex_release(&dbg_mutex);
-#endif
   }
 }
 
+static void curl_dbg_log_locked(const char *format, ...)
+{
+  va_list ap;
+
+  if(!curl_dbg_logfile)
+    return;
+
+  va_start(ap, format);
+  curl_dbg_vlog(format, ap);
+  va_end(ap);
+}
+
+/* this does the writing to the memory tracking log file */
+void curl_dbg_log(const char *format, ...)
+{
+  bool was_locked;
+  va_list ap;
+
+  if(!curl_dbg_logfile)
+    return;
+
+  was_locked = curl_dbg_lock();
+  va_start(ap, format);
+  curl_dbg_vlog(format, ap);
+  va_end(ap);
+  curl_dbg_unlock(was_locked);
+}
+
 #endif /* CURLDEBUG */

From d9d2e339ced3fa02dd0e72e68b0a9b68069c0801 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 9 Dec 2025 21:24:28 +0100
Subject: [PATCH 1207/2408] tidy-up: URLs (cont.) and mdlinkcheck

- add missing ending slashes.
  To avoid duplicates and to use canonical URLs.
- reapply lost updates.
  Follow-up to 2ae983bf4ea5ef86f0e68ea0ff219a91b1aa3428 #19879
- mdlinkcheck: include the `include` directory.
- mdlinkcheck: show unused whitelist items.
- mdlinkcheck: improve debug output.
- mdlinkcheck: delete redundant whitelist items.
- examples/simplessl: lowercase the protocol part.
- BINDINGS: replace one remaining HTTP URL with HTTPS.
  Issue: https://github.com/pycurl/pycurl/issues/892
- BINDINGS: fix a broken link.
- BINDINGS: follow a refresh content redirect.
- KNOWN_BUGS: whitespace.

Closes #19911
---
 docs/BINDINGS.md                      |  6 +-
 docs/FAQ.md                           | 16 ++---
 docs/INFRASTRUCTURE.md                |  6 +-
 docs/KNOWN_BUGS.md                    | 16 ++---
 docs/TODO.md                          |  4 +-
 docs/TheArtOfHttpScripting.md         |  4 +-
 docs/cmdline-opts/_WWW.md             |  2 +-
 docs/examples/10-at-a-time.c          | 90 +++++++++++++--------------
 docs/examples/crawler.c               |  2 +-
 docs/examples/maxconnects.c           |  4 +-
 docs/examples/simplessl.c             |  2 +-
 docs/internals/CONNECTION-FILTERS.md  |  8 +--
 docs/tests/TEST-SUITE.md              |  4 +-
 lib/curl_rtmp.c                       |  2 +-
 packages/vms/curl_gnv_build_steps.txt |  2 +-
 scripts/mdlinkcheck                   | 21 ++++---
 16 files changed, 98 insertions(+), 91 deletions(-)

diff --git a/docs/BINDINGS.md b/docs/BINDINGS.md
index 065126efd7..56f0376b64 100644
--- a/docs/BINDINGS.md
+++ b/docs/BINDINGS.md
@@ -49,7 +49,7 @@ Clojure: [clj-curl](https://github.com/lsevero/clj-curl) by Lucas Severo
 
 [Fortran](https://github.com/interkosmos/fortran-curl) Written by Philipp Engel
 
-[Gambas](https://gambas.sourceforge.net/)
+[Gambas](https://gambaswiki.org/website/en/main.html)
 
 [glib/GTK+](https://web.archive.org/web/20100526203452/atterer.net/glibcurl) Written by Richard Atterer
 
@@ -102,7 +102,7 @@ Bailiff and Bálint Szilakszi,
 
 [PureBasic](https://web.archive.org/web/20250325015028/www.purebasic.com/documentation/http/index.html) uses libcurl in its "native" HTTP subsystem
 
-[Python](http://pycurl.io/) PycURL by Kjetil Jacobsen
+[Python](https://github.com/pycurl/pycurl) PycURL by Kjetil Jacobsen
 
 [Python](https://pypi.org/project/pymcurl/) mcurl by Ganesh Viswanathan
 
@@ -112,7 +112,7 @@ Bailiff and Bálint Szilakszi,
 
 [Rexx](https://rexxcurl.sourceforge.net/) Written Mark Hessling
 
-[Ring](https://ring-lang.sourceforge.io/doc1.3/libcurl.html) RingLibCurl by Mahmoud Fayed
+[Ring](https://ring-lang.github.io/doc1.24/libcurl.html) RingLibCurl by Mahmoud Fayed
 
 RPG, support for ILE/RPG on OS/400 is included in source distribution
 
diff --git a/docs/FAQ.md b/docs/FAQ.md
index f6911990d9..eba30f1fef 100644
--- a/docs/FAQ.md
+++ b/docs/FAQ.md
@@ -303,7 +303,7 @@ library comparison](https://curl.se/docs/ssl-compared.html).
 The curl tool that is shipped as an integrated component of Windows 10 and
 Windows 11 is managed by Microsoft. If you were to delete the file or replace
 it with a newer version downloaded from [the curl
-website](https://curl.se/windows), then Windows Update will cease to work on
+website](https://curl.se/windows/), then Windows Update will cease to work on
 your system.
 
 There is no way to independently force an upgrade of the curl.exe that is part
@@ -312,7 +312,7 @@ also nothing the curl project itself can do about this, since this is managed
 and controlled entirely by Microsoft as owners of the operating system.
 
 You can always download and install [the latest version of curl for
-Windows](https://curl.se/windows) into a separate location.
+Windows](https://curl.se/windows/) into a separate location.
 
 ## Does curl support SOCKS (RFC 1928) ?
 
@@ -908,12 +908,12 @@ format:
 you will find that even if `D:\blah.txt` does exist, curl returns a 'file not
 found' error.
 
-According to [RFC 1738](https://www.ietf.org/rfc/rfc1738.txt), `file://` URLs
-must contain a host component, but it is ignored by most implementations. In
-the above example, `D:` is treated as the host component, and is taken away.
-Thus, curl tries to open `/blah.txt`. If your system is installed to drive C:,
-that will resolve to `C:\blah.txt`, and if that does not exist you will get
-the not found error.
+According to [RFC 1738](https://datatracker.ietf.org/doc/html/rfc1738),
+`file://` URLs must contain a host component, but it is ignored by most
+implementations. In the above example, `D:` is treated as the host component,
+and is taken away. Thus, curl tries to open `/blah.txt`. If your system is
+installed to drive C:, that will resolve to `C:\blah.txt`, and if that does
+not exist you will get the not found error.
 
 To fix this problem, use `file://` URLs with *three* leading slashes:
 
diff --git a/docs/INFRASTRUCTURE.md b/docs/INFRASTRUCTURE.md
index 13240b31b5..7a6bafb9db 100644
--- a/docs/INFRASTRUCTURE.md
+++ b/docs/INFRASTRUCTURE.md
@@ -100,11 +100,11 @@ company). The machine is physically located in Sweden.
 curl release tarballs are hosted on https://curl.se/download.html. They are
 uploaded there at release-time by the release manager.
 
-curl-for-win downloads are hosted on https://curl.se/windows and are uploaded
+curl-for-win downloads are hosted on https://curl.se/windows/ and are uploaded
 to the server by Viktor Szakats.
 
-curl-for-QNX downloads are hosted on  and are uploaded to
-the server by Daniel Stenberg.
+curl-for-QNX downloads are hosted on  and are uploaded
+to the server by Daniel Stenberg.
 
 Daily release tarball-like snapshots are generated automatically and are
 provided for download at .
diff --git a/docs/KNOWN_BUGS.md b/docs/KNOWN_BUGS.md
index 1f5cebee27..83a30fd9e8 100644
--- a/docs/KNOWN_BUGS.md
+++ b/docs/KNOWN_BUGS.md
@@ -161,7 +161,7 @@ Passing in a Unicode filename with -o:
 
 Passing in Unicode character with -d:
 
- [curl issue 12231](https://github.com/curl/curl/issues/12231)
+[curl issue 12231](https://github.com/curl/curl/issues/12231)
 
 Windows Unicode builds use the home directory in current locale.
 
@@ -215,8 +215,10 @@ what `winhttp` does. See https://curl.se/bug/view.cgi?id=535
 
 ## NTLM does not support password with Unicode 'SECTION SIGN' character
 
- https://en.wikipedia.org/wiki/Section_sign
- [curl issue 2120](https://github.com/curl/curl/issues/2120)
+Code point: U+00A7
+
+https://en.wikipedia.org/wiki/Section_sign
+[curl issue 2120](https://github.com/curl/curl/issues/2120)
 
 ## libcurl can fail to try alternatives with `--proxy-any`
 
@@ -231,7 +233,7 @@ using NTLM.
 
 ## Do not clear digest for single realm
 
- [curl issue 3267](https://github.com/curl/curl/issues/3267)
+[curl issue 3267](https://github.com/curl/curl/issues/3267)
 
 ## SHA-256 digest not supported in Windows SSPI builds
 
@@ -243,7 +245,7 @@ with `SEC_E_QOP_NOT_SUPPORTED` which causes curl to fail with
 Microsoft does not document supported digest algorithms and that `SEC_E` error
 code is not a documented error for `InitializeSecurityContext` (digest).
 
- [curl issue 6302](https://github.com/curl/curl/issues/6302)
+[curl issue 6302](https://github.com/curl/curl/issues/6302)
 
 ## curl never completes Negotiate over HTTP
 
@@ -306,7 +308,7 @@ In the `SSH_SFTP_INIT` state for libssh, the ssh session working mode is set
 to blocking mode. If the network is suddenly disconnected during sftp
 transmission, curl is stuck, even if curl is configured with a timeout.
 
- [curl issue 8632](https://github.com/curl/curl/issues/8632)
+[curl issue 8632](https://github.com/curl/curl/issues/8632)
 
 ## Cygwin: "WARNING: UNPROTECTED PRIVATE KEY FILE!"
 
@@ -494,7 +496,7 @@ cannot be built.
 
 ## HTTP/2 prior knowledge over proxy
 
- [curl issue 12641](https://github.com/curl/curl/issues/12641)
+[curl issue 12641](https://github.com/curl/curl/issues/12641)
 
 ## HTTP/2 frames while in the connection pool kill reuse
 
diff --git a/docs/TODO.md b/docs/TODO.md
index 2b77b8ce0b..0224ae8733 100644
--- a/docs/TODO.md
+++ b/docs/TODO.md
@@ -530,8 +530,8 @@ for 1) efficiency and 2) safety.
 ## Support DANE
 
 [DNS-Based Authentication of Named Entities
-(DANE)](https://www.rfc-editor.org/rfc/rfc6698.txt) is a way to provide SSL
-keys and certs over DNS using DNSSEC as an alternative to the CA model.
+(DANE)](https://datatracker.ietf.org/doc/html/rfc6698) is a way to provide
+SSL keys and certs over DNS using DNSSEC as an alternative to the CA model.
 
 A patch was posted on March 7 2013
 (https://curl.se/mail/lib-2013-03/0075.html) but it was a too simple approach.
diff --git a/docs/TheArtOfHttpScripting.md b/docs/TheArtOfHttpScripting.md
index f7cf43602d..ab4961c578 100644
--- a/docs/TheArtOfHttpScripting.md
+++ b/docs/TheArtOfHttpScripting.md
@@ -91,7 +91,7 @@ SPDX-License-Identifier: curl
 
  The Uniform Resource Locator format is how you specify the address of a
  particular resource on the Internet. You know these, you have seen URLs like
- https://curl.se or https://example.com a million times. RFC 3986 is the
+ https://curl.se/ or https://example.com/ a million times. RFC 3986 is the
  canonical spec. The formal name is not URL, it is **URI**.
 
 ## Host
@@ -158,7 +158,7 @@ SPDX-License-Identifier: curl
  issues a GET request to the server and receives the document it asked for.
  If you issue the command line
 
-    curl https://curl.se
+    curl https://curl.se/
 
  you get a webpage returned in your terminal window. The entire HTML document
  this URL identifies.
diff --git a/docs/cmdline-opts/_WWW.md b/docs/cmdline-opts/_WWW.md
index 35d946697f..8656e9ee8c 100644
--- a/docs/cmdline-opts/_WWW.md
+++ b/docs/cmdline-opts/_WWW.md
@@ -1,4 +1,4 @@
 
 
 # WWW
-https://curl.se
+https://curl.se/
diff --git a/docs/examples/10-at-a-time.c b/docs/examples/10-at-a-time.c
index 08f1f25f7f..db420eebfb 100644
--- a/docs/examples/10-at-a-time.c
+++ b/docs/examples/10-at-a-time.c
@@ -31,53 +31,53 @@
 #include 
 
 static const char *urls[] = {
-  "https://www.microsoft.com",
-  "https://opensource.org",
-  "https://www.google.com",
-  "https://www.yahoo.com",
-  "https://www.ibm.com",
-  "https://www.mysql.com",
-  "https://www.oracle.com",
-  "https://www.ripe.net",
-  "https://www.iana.org",
-  "https://www.amazon.com",
-  "https://www.netcraft.com",
-  "https://www.heise.de",
-  "https://www.chip.de",
-  "https://www.ca.com",
-  "https://www.cnet.com",
-  "https://www.mozilla.org",
-  "https://www.cnn.com",
-  "https://www.wikipedia.org",
-  "https://www.dell.com",
-  "https://www.hp.com",
-  "https://www.cert.org",
-  "https://www.mit.edu",
-  "https://www.nist.gov",
-  "https://www.ebay.com",
-  "https://www.playstation.com",
-  "https://www.uefa.com",
-  "https://www.ieee.org",
-  "https://www.apple.com",
-  "https://www.symantec.com",
-  "https://www.zdnet.com",
+  "https://www.microsoft.com/",
+  "https://opensource.org/",
+  "https://www.google.com/",
+  "https://www.yahoo.com/",
+  "https://www.ibm.com/",
+  "https://www.mysql.com/",
+  "https://www.oracle.com/",
+  "https://www.ripe.net/",
+  "https://www.iana.org/",
+  "https://www.amazon.com/",
+  "https://www.netcraft.com/",
+  "https://www.heise.de/",
+  "https://www.chip.de/",
+  "https://www.ca.com/",
+  "https://www.cnet.com/",
+  "https://www.mozilla.org/",
+  "https://www.cnn.com/",
+  "https://www.wikipedia.org/",
+  "https://www.dell.com/",
+  "https://www.hp.com/",
+  "https://www.cert.org/",
+  "https://www.mit.edu/",
+  "https://www.nist.gov/",
+  "https://www.ebay.com/",
+  "https://www.playstation.com/",
+  "https://www.uefa.com/",
+  "https://www.ieee.org/",
+  "https://www.apple.com/",
+  "https://www.symantec.com/",
+  "https://www.zdnet.com/",
   "https://www.fujitsu.com/global/",
-  "https://www.supermicro.com",
-  "https://www.hotmail.com",
-  "https://www.ietf.org",
-  "https://www.bbc.co.uk",
-  "https://news.google.com",
-  "https://www.foxnews.com",
-  "https://www.msn.com",
-  "https://www.wired.com",
-  "https://www.sky.com",
-  "https://www.usatoday.com",
-  "https://www.cbs.com",
+  "https://www.supermicro.com/",
+  "https://www.hotmail.com/",
+  "https://www.ietf.org/",
+  "https://www.bbc.co.uk/",
+  "https://news.google.com/",
+  "https://www.foxnews.com/",
+  "https://www.msn.com/",
+  "https://www.wired.com/",
+  "https://www.sky.com/",
+  "https://www.usatoday.com/",
+  "https://www.cbs.com/",
   "https://www.nbc.com/",
-  "https://slashdot.org",
-  "https://www.informationweek.com",
-  "https://apache.org",
-  "https://www.un.org",
+  "https://slashdot.org/",
+  "https://www.informationweek.com/",
+  "https://apache.org/",
+  "https://www.un.org/",
 };
 
 #define MAX_PARALLEL 10  /* number of simultaneous transfers */
diff --git a/docs/examples/crawler.c b/docs/examples/crawler.c
index 09c0c7d692..d153cc21c5 100644
--- a/docs/examples/crawler.c
+++ b/docs/examples/crawler.c
@@ -47,7 +47,7 @@ static int max_total = 20000;
 static int max_requests = 500;
 static size_t max_link_per_page = 5;
 static int follow_relative_links = 0;
-static const char *start_page = "https://www.reuters.com";
+static const char *start_page = "https://www.reuters.com/";
 
 static int pending_interrupt = 0;
 static void sighandler(int dummy)
diff --git a/docs/examples/maxconnects.c b/docs/examples/maxconnects.c
index 2ee1d305a9..95231d6002 100644
--- a/docs/examples/maxconnects.c
+++ b/docs/examples/maxconnects.c
@@ -40,8 +40,8 @@ int main(void)
   curl = curl_easy_init();
   if(curl) {
     const char *urls[] = {
-      "https://example.com",
-      "https://curl.se",
+      "https://example.com/",
+      "https://curl.se/",
       "https://www.example/",
       NULL /* end of list */
     };
diff --git a/docs/examples/simplessl.c b/docs/examples/simplessl.c
index d08da207bf..c60b91057e 100644
--- a/docs/examples/simplessl.c
+++ b/docs/examples/simplessl.c
@@ -84,7 +84,7 @@ int main(void)
     goto error;
 
   /* what call to write: */
-  curl_easy_setopt(curl, CURLOPT_URL, "HTTPS://secure.site.example");
+  curl_easy_setopt(curl, CURLOPT_URL, "https://secure.site.example/");
   curl_easy_setopt(curl, CURLOPT_HEADERDATA, headerfile);
 
 #ifdef USE_ENGINE
diff --git a/docs/internals/CONNECTION-FILTERS.md b/docs/internals/CONNECTION-FILTERS.md
index 09acc7ad95..08fb367385 100644
--- a/docs/internals/CONNECTION-FILTERS.md
+++ b/docs/internals/CONNECTION-FILTERS.md
@@ -233,7 +233,7 @@ Users of `curl` may activate them by adding the name of the filter type to the
 of an HTTP/2 request, invoke curl with:
 
 ```
-> curl -v --trace-config ids,time,http/2  https://curl.se
+> curl -v --trace-config ids,time,http/2 https://curl.se/
 ```
 
 Which gives you trace output with time information, transfer+connection ids
@@ -260,7 +260,7 @@ into IPv4 and IPv6 and makes parallel attempts. The connection filter chain
 looks like this:
 
 ```
-* create connection for http://curl.se
+* create connection for http://curl.se/
 conn[curl.se] --> SETUP[TCP] --> HAPPY-EYEBALLS --> NULL
 * start connect
 conn[curl.se] --> SETUP[TCP] --> HAPPY-EYEBALLS --> NULL
@@ -276,7 +276,7 @@ The modular design of connection filters and that we can plug them into each oth
 The `HAPPY-EYEBALLS` on the other hand stays focused on its side of the problem. We can use it also to make other type of connection by just giving it another filter type to try to have happy eyeballing for QUIC:
 
 ```
-* create connection for --http3-only https://curl.se
+* create connection for --http3-only https://curl.se/
 conn[curl.se] --> SETUP[QUIC] --> HAPPY-EYEBALLS --> NULL
 * start connect
 conn[curl.se] --> SETUP[QUIC] --> HAPPY-EYEBALLS --> NULL
@@ -292,7 +292,7 @@ type that is used for `--http3` when **both** HTTP/3 and HTTP/2 or HTTP/1.1
 shall be attempted:
 
 ```
-* create connection for --http3 https://curl.se
+* create connection for --http3 https://curl.se/
 conn[curl.se] --> HTTPS-CONNECT --> NULL
 * start connect
 conn[curl.se] --> HTTPS-CONNECT --> NULL
diff --git a/docs/tests/TEST-SUITE.md b/docs/tests/TEST-SUITE.md
index 527a8599ea..6a2e60c817 100644
--- a/docs/tests/TEST-SUITE.md
+++ b/docs/tests/TEST-SUITE.md
@@ -214,13 +214,13 @@ SPDX-License-Identifier: curl
   to drown in output. The newly introduced *connection filters* allows one to
   dynamically increase log verbosity for a particular *filter type*. Example:
 
-    CURL_DEBUG=ssl curl -v https://curl.se
+    CURL_DEBUG=ssl curl -v https://curl.se/
 
   makes the `ssl` connection filter log more details. One may do that for
   every filter type and also use a combination of names, separated by `,` or
   space.
 
-    CURL_DEBUG=ssl,http/2 curl -v https://curl.se
+    CURL_DEBUG=ssl,http/2 curl -v https://curl.se/
 
    The order of filter type names is not relevant. Names used here are
    case insensitive. Note that these names are implementation internals and
diff --git a/lib/curl_rtmp.c b/lib/curl_rtmp.c
index e0597cdcca..45a50674f5 100644
--- a/lib/curl_rtmp.c
+++ b/lib/curl_rtmp.c
@@ -62,7 +62,7 @@ static Curl_recv rtmp_recv;
 static Curl_send rtmp_send;
 
 /*
- * RTMP protocol handler.h, based on https://rtmpdump.mplayerhq.hu
+ * RTMP protocol handler.h, based on https://rtmpdump.mplayerhq.hu/
  */
 
 const struct Curl_handler Curl_handler_rtmp = {
diff --git a/packages/vms/curl_gnv_build_steps.txt b/packages/vms/curl_gnv_build_steps.txt
index 0c30924998..c84431f7fa 100644
--- a/packages/vms/curl_gnv_build_steps.txt
+++ b/packages/vms/curl_gnv_build_steps.txt
@@ -38,7 +38,7 @@ time that this document was written.
 [gnv.common_src]curl_*_original_src.bck is the original source of the curl kit
 as provided by the curl project.  [gnv.vms_src]curl-*_vms_src.bck, if present,
 has the OpenVMS specific files that are used for building that are not yet in
-the curl source kits for that release distributed https://curl.se
+the curl source kits for that release distributed https://curl.se/
 
 These backup savesets should be restored to different directory trees on
 an ODS-5 volume(s) which are referenced by concealed rooted logical names.
diff --git a/scripts/mdlinkcheck b/scripts/mdlinkcheck
index 446cb9f1dd..f50d77527a 100755
--- a/scripts/mdlinkcheck
+++ b/scripts/mdlinkcheck
@@ -71,14 +71,12 @@ my %whitelist = (
     'https://curl.se/rfc/rfc2255.txt' => 1,
     'https://curl.se/sponsors.html' => 1,
     'https://curl.se/support.html' => 1,
-    'https://curl.se/windows' => 1,
     'https://curl.se/windows/' => 1,
 
     'https://testclutch.curl.se/' => 1,
 
     'https://github.com/curl/curl-fuzzer' => 1,
     'https://github.com/curl/curl-www' => 1,
-    'https://github.com/curl/curl.git' => 1,
     'https://github.com/curl/curl/wcurl' => 1,
 
     );
@@ -87,7 +85,7 @@ my %url;
 my %flink;
 
 # list all files to scan for links
-my @files=`git ls-files docs src lib scripts`;
+my @files=`git ls-files docs include lib scripts src`;
 
 sub storelink {
     my ($f, $line, $link) = @_;
@@ -103,6 +101,7 @@ sub storelink {
     if($link =~ /^(https|http):/) {
         if($whitelist{$link}) {
             #print "-- whitelisted: $link\n";
+            $whitelist{$link}++;
         }
         # example.com is just example
         elsif($link =~ /^https:\/\/(.*)example.(com|org|net)/) {
@@ -164,7 +163,7 @@ sub findlinks {
         # comma, question mark, colon, closing parenthesis, backslash,
         # closing angle bracket, whitespace, pipe, backtick, semicolon
         elsif(/(https:\/\/[a-z0-9.\/:%_+@-]+[^."'*\#,?:\)> \t|`;\\])/i) {
-            #print "RAW ";
+            #print "RAW '$_'\n";
             storelink($f, $line, $1);
         }
         $line++;
@@ -202,10 +201,16 @@ for my $f (@files) {
     }
 }
 
-#for my $u (sort keys %url) {
-#    print "$u\n";
-#}
-#exit;
+for my $u (sort keys %whitelist) {
+    if($whitelist{$u} == 1) {
+        printf "warning: unused whitelist entry: '$u'\n";
+    }
+}
+
+for my $u (sort keys %url) {
+    print "$u\n";
+}
+exit;
 
 my $error;
 my @errlist;

From 6532398af4b0bbde31d7b25a8896beaf143fa86a Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Wed, 10 Dec 2025 01:51:54 +0000
Subject: [PATCH 1208/2408] GHA: update dependencies and actions

- update dependency awslabs/aws-lc to v1.65.1
- update dependency pizlonator/fil-c to v0.676
- update github/codeql-action action to v4.31.7

Closes #19905
Closes #19912
Closes #19913
---
 .github/workflows/codeql.yml      | 8 ++++----
 .github/workflows/http3-linux.yml | 2 +-
 .github/workflows/linux.yml       | 4 ++--
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 9ee723cf73..3222029807 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -50,13 +50,13 @@ jobs:
           persist-credentials: false
 
       - name: 'initialize'
-        uses: github/codeql-action/init@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3
+        uses: github/codeql-action/init@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
         with:
           languages: actions, python
           queries: security-extended
 
       - name: 'perform analysis'
-        uses: github/codeql-action/analyze@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3
+        uses: github/codeql-action/analyze@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
 
   c:
     if: ${{ github.repository_owner == 'curl' || github.event_name != 'schedule' }}
@@ -87,7 +87,7 @@ jobs:
           persist-credentials: false
 
       - name: 'initialize'
-        uses: github/codeql-action/init@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3
+        uses: github/codeql-action/init@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
         with:
           languages: cpp
           build-mode: manual
@@ -131,4 +131,4 @@ jobs:
           fi
 
       - name: 'perform analysis'
-        uses: github/codeql-action/analyze@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3
+        uses: github/codeql-action/analyze@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml
index 77fd1edc09..86c9f3459d 100644
--- a/.github/workflows/http3-linux.yml
+++ b/.github/workflows/http3-linux.yml
@@ -43,7 +43,7 @@ env:
   # renovate: datasource=github-tags depName=libressl/portable versioning=semver registryUrl=https://github.com
   LIBRESSL_VERSION: 4.2.1
   # renovate: datasource=github-tags depName=awslabs/aws-lc versioning=semver registryUrl=https://github.com
-  AWSLC_VERSION: 1.63.0
+  AWSLC_VERSION: 1.65.1
   # renovate: datasource=github-tags depName=google/boringssl versioning=semver registryUrl=https://github.com
   BORINGSSL_VERSION: 0.20251124.0
   # renovate: datasource=github-tags depName=gnutls/nettle versioning=semver registryUrl=https://github.com
diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml
index 27ad6b7393..2bcdf4e223 100644
--- a/.github/workflows/linux.yml
+++ b/.github/workflows/linux.yml
@@ -46,7 +46,7 @@ env:
   # renovate: datasource=github-tags depName=Mbed-TLS/mbedtls versioning=semver:^3.0.0 registryUrl=https://github.com
   MBEDTLS_VERSION_PREV: 3.6.4
   # renovate: datasource=github-tags depName=awslabs/aws-lc versioning=semver registryUrl=https://github.com
-  AWSLC_VERSION: 1.63.0
+  AWSLC_VERSION: 1.65.1
   # renovate: datasource=github-tags depName=google/boringssl versioning=semver registryUrl=https://github.com
   BORINGSSL_VERSION: 0.20251124.0
   # handled in renovate.json
@@ -58,7 +58,7 @@ env:
   # renovate: datasource=github-tags depName=nghttp2/nghttp2 versioning=semver registryUrl=https://github.com
   NGHTTP2_VERSION: 1.68.0
   # renovate: datasource=github-tags depName=pizlonator/fil-c versioning=semver-coerced registryUrl=https://github.com
-  FIL_C_VERSION: 0.675
+  FIL_C_VERSION: 0.676
 
 jobs:
   linux:

From b11b67c96fe2b027c6985f7071b33b5a2d36b65e Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Wed, 10 Dec 2025 09:29:43 +0100
Subject: [PATCH 1209/2408] test318: tweak the name a little

to make it properly differ from test 317
---
 tests/data/test318 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/data/test318 b/tests/data/test318
index 990b6371a0..8d42d0c681 100644
--- a/tests/data/test318
+++ b/tests/data/test318
@@ -62,7 +62,7 @@ contents
 http
 
 
-HTTP with custom Authorization: and redirect to new host
+HTTP with custom Authorization: then trusted redirect to new host
 
 
 http://first.host.it.is/we/want/that/page/%TESTNUMBER -x %HOSTIP:%HTTPPORT -H "Authorization: s3cr3t" --proxy-user testing:this --location-trusted

From 2180d7b4bc126b1920eab139f9ca0b253e7c02f0 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Wed, 10 Dec 2025 09:19:32 +0100
Subject: [PATCH 1210/2408] CURLOPT_FOLLOWLOCATION.md:
 s/Authentication:/Authorization:/

Closes #19915
---
 docs/libcurl/opts/CURLOPT_FOLLOWLOCATION.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/libcurl/opts/CURLOPT_FOLLOWLOCATION.md b/docs/libcurl/opts/CURLOPT_FOLLOWLOCATION.md
index f3e3b99bd3..f67f85c6f2 100644
--- a/docs/libcurl/opts/CURLOPT_FOLLOWLOCATION.md
+++ b/docs/libcurl/opts/CURLOPT_FOLLOWLOCATION.md
@@ -63,7 +63,7 @@ or just lacks features, it is easy to instead implement your own redirect
 follow logic with the use of curl_easy_getinfo(3)'s CURLINFO_REDIRECT_URL(3)
 option instead of using CURLOPT_FOLLOWLOCATION(3).
 
-By default, libcurl only sends `Authentication:` or explicitly set `Cookie:`
+By default, libcurl only sends `Authorization:` or explicitly set `Cookie:`
 headers to the initial host given in the original URL, to avoid leaking
 username + password to other sites. CURLOPT_UNRESTRICTED_AUTH(3) is provided
 to change that behavior.

From 26d766596e12e0ca9b00422789a8b6afbc0c7fe8 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Wed, 10 Dec 2025 08:45:34 +0100
Subject: [PATCH 1211/2408] mdlinkcheck: add --dry-run to only show all found
 URLs

- remove the debug tracing leftovers from d9d2e339ced3fa02 that made exit
  unconditonally

Closes #19914
---
 scripts/mdlinkcheck | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/scripts/mdlinkcheck b/scripts/mdlinkcheck
index f50d77527a..bd54d96fe2 100755
--- a/scripts/mdlinkcheck
+++ b/scripts/mdlinkcheck
@@ -84,6 +84,12 @@ my %whitelist = (
 my %url;
 my %flink;
 
+my $dry;
+if(defined $ARGV[0] && $ARGV[0] eq "--dry-run") {
+    $dry = 1;
+    shift @ARGV;
+}
+
 # list all files to scan for links
 my @files=`git ls-files docs include lib scripts src`;
 
@@ -207,10 +213,12 @@ for my $u (sort keys %whitelist) {
     }
 }
 
-for my $u (sort keys %url) {
-    print "$u\n";
+if($dry) {
+    for my $u (sort keys %url) {
+        print "$u\n";
+    }
+    exit;
 }
-exit;
 
 my $error;
 my @errlist;

From 0b96f7573f18fd1fbc6317e0ef232d20a40cc874 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 10 Dec 2025 11:47:40 +0100
Subject: [PATCH 1212/2408] GHA/checkurls: add dry run on push

To verify if the basics work.

Downside is that the scheduled (live) runs are intermixed with the dry
runs and less obvious to find in the default list:
https://github.com/curl/curl/actions/workflows/checkurls.yml

This URL filters for scheduled runs only:
https://github.com/curl/curl/actions/workflows/checkurls.yml?query=event%3Aschedule

Seems fine, because we're only interested in red runs.

Closes #19917
---
 .github/workflows/checkurls.yml | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/checkurls.yml b/.github/workflows/checkurls.yml
index f407859c75..b9d5f185d4 100644
--- a/.github/workflows/checkurls.yml
+++ b/.github/workflows/checkurls.yml
@@ -5,6 +5,13 @@
 name: 'URLs'
 
 'on':
+  push:
+    branches:
+      - master
+      - '*/ci'
+  pull_request:
+    branches:
+      - master
   schedule:
     - cron: '10 5 * * *'
 
@@ -16,7 +23,7 @@ permissions: {}
 
 jobs:
   linkcheck:
-    if: ${{ github.repository_owner == 'curl' }}
+    if: ${{ github.repository_owner == 'curl' || github.event_name != 'schedule' }}
     name: 'linkcheck'
     runs-on: ubuntu-latest
     steps:
@@ -24,5 +31,10 @@ jobs:
         with:
           persist-credentials: false
 
+      - name: 'mdlinkcheck (dry run)'
+        if: ${{ github.event_name != 'schedule' }}
+        run: ./scripts/mdlinkcheck --dry-run
+
       - name: 'mdlinkcheck'
+        if: ${{ github.event_name == 'schedule' }}
         run: ./scripts/mdlinkcheck

From 14478429e71ef0eee6d12b73113e9ff8e3ae9e75 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Wed, 10 Dec 2025 11:17:49 +0100
Subject: [PATCH 1213/2408] pytest: quiche flakiness

Let nghttpx only use http/1.1 to backend. This reproduces the bug in
quiche with higher frequency. Allow test_14_05 to now return a 400 in
addition to the 431 we get from a h2 backend to nghttpx.

Skip test_05_02 in h3 on quiche not newer than version 0.24.4 in which
its bug is fixed: https://github.com/cloudflare/quiche/pull/2278

Ref: https://github.com/cloudflare/quiche/issues/2277
Closes #19770 (original Issue)
Closes #19916
---
 tests/http/test_05_errors.py  | 3 +++
 tests/http/test_14_auth.py    | 5 +++--
 tests/http/testenv/nghttpx.py | 1 -
 3 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/tests/http/test_05_errors.py b/tests/http/test_05_errors.py
index 102b92e202..5fada15005 100644
--- a/tests/http/test_05_errors.py
+++ b/tests/http/test_05_errors.py
@@ -60,6 +60,9 @@ class TestErrors:
     def test_05_02_partial_20(self, env: Env, httpd, nghttpx, proto):
         if proto == 'h3' and env.curl_uses_ossl_quic():
             pytest.skip("openssl-quic is flaky in yielding proper error codes")
+        if proto == 'h3' and env.curl_uses_lib('quiche') and \
+                not env.curl_lib_version_at_least('quiche', '0.24.5'):
+            pytest.skip("quiche issue #2277 not fixed")
         count = 20
         curl = CurlClient(env=env)
         urln = f'https://{env.authority_for(env.domain1, proto)}' \
diff --git a/tests/http/test_14_auth.py b/tests/http/test_14_auth.py
index 0187c76a6a..9f2ae7a27f 100644
--- a/tests/http/test_14_auth.py
+++ b/tests/http/test_14_auth.py
@@ -107,8 +107,9 @@ class TestAuth:
             '--basic', '--user', f'test:{password}',
             '--trace-config', 'http/2,http/3'
         ])
-        # but apache denies on length limit
-        r.check_response(http_status=431)
+        # but apache either denies on length limit or gives a 400
+        r.check_exit_code(0)
+        assert r.stats[0]['http_code'] in [400, 431]
 
     # PUT data, basic auth with very large pw
     @pytest.mark.parametrize("proto", Env.http_mplx_protos())
diff --git a/tests/http/testenv/nghttpx.py b/tests/http/testenv/nghttpx.py
index 106766fc0f..950d567f24 100644
--- a/tests/http/testenv/nghttpx.py
+++ b/tests/http/testenv/nghttpx.py
@@ -247,7 +247,6 @@ class NghttpxQuic(Nghttpx):
                 '--frontend-quic-early-data',
             ])
         args.extend([
-            f'--backend=127.0.0.1,{self.env.https_port};{self._domain};sni={self._domain};proto=h2;tls',
             f'--backend=127.0.0.1,{self.env.http_port}',
             '--log-level=ERROR',
             f'--pid-file={self._pid_file}',

From 0295c9401d5bfe8bd490c3f14fecda54c6032fce Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 10 Dec 2025 15:37:44 +0100
Subject: [PATCH 1214/2408] ldap: drop PP logic for old, unsupported, Windows
 SDKs

`LDAP_VENDOR_NAME` and `winber.h` are available in all supported
MS SDK and mingw-w64 versions. Stop checking for them.

Also drop redundant parenthesis in PP expression.

Closes #19918
---
 lib/ldap.c | 9 ++-------
 1 file changed, 2 insertions(+), 7 deletions(-)

diff --git a/lib/ldap.c b/lib/ldap.c
index ba9620b4b1..b51aab56fb 100644
--- a/lib/ldap.c
+++ b/lib/ldap.c
@@ -64,19 +64,14 @@
 #  pragma warning(pop)
 # endif
 # include 
-# ifndef LDAP_VENDOR_NAME
-#  error Your Platform SDK is NOT sufficient for LDAP support! \
-         Update your Platform SDK, or disable LDAP support!
-# else
-#  include 
-# endif
+# include 
 #else
 # define LDAP_DEPRECATED 1      /* Be sure ldap_init() is defined. */
 # ifdef HAVE_LBER_H
 #  include 
 # endif
 # include 
-# if (defined(HAVE_LDAP_SSL) && defined(HAVE_LDAP_SSL_H))
+# if defined(HAVE_LDAP_SSL) && defined(HAVE_LDAP_SSL_H)
 #  include 
 # endif /* HAVE_LDAP_SSL && HAVE_LDAP_SSL_H */
 #endif

From edbbcbb1273d513b0a484c7a28df000c41148ddd Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 10 Dec 2025 15:48:31 +0100
Subject: [PATCH 1215/2408] config-win32.h: drop unused/obsolete
 `CURL_HAS_OPENLDAP_LDAPSDK`

Meant for use from `Makefile.mk`. The suggested replacement is CMake or
autotools.

Follow-up to ba8752e5566076acc8bdec7ae4ec78901f7050f4 #12224

Closes #19920
---
 lib/config-win32.h | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/lib/config-win32.h b/lib/config-win32.h
index 2bdb555084..002782c6ea 100644
--- a/lib/config-win32.h
+++ b/lib/config-win32.h
@@ -353,10 +353,7 @@
 /*                           LDAP SUPPORT                           */
 /* ---------------------------------------------------------------- */
 
-#ifdef CURL_HAS_OPENLDAP_LDAPSDK
-#undef USE_WIN32_LDAP
-#define HAVE_LDAP_URL_PARSE 1
-#elif !defined(CURL_WINDOWS_UWP)
+#ifndef CURL_WINDOWS_UWP
 #undef HAVE_LDAP_URL_PARSE
 #define HAVE_LDAP_SSL 1
 #define USE_WIN32_LDAP 1

From a73040ac8abb979d50e5c13306dee8adcf8f33a8 Mon Sep 17 00:00:00 2001
From: Stefan Eissing 
Date: Wed, 10 Dec 2025 16:07:59 +0100
Subject: [PATCH 1216/2408] quiche: fix version for skip due to flakiness

0.24.6 is the quiche version without the fix for proper handling fo
RESET streams. Require a verion higher than that to run test_05_02.

Follow-up to 14478429e71ef0eee6d12b73113e9ff8e3ae9e75 #19916

Closes #19921
---
 tests/http/test_05_errors.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/http/test_05_errors.py b/tests/http/test_05_errors.py
index 5fada15005..89a8acdebe 100644
--- a/tests/http/test_05_errors.py
+++ b/tests/http/test_05_errors.py
@@ -61,7 +61,7 @@ class TestErrors:
         if proto == 'h3' and env.curl_uses_ossl_quic():
             pytest.skip("openssl-quic is flaky in yielding proper error codes")
         if proto == 'h3' and env.curl_uses_lib('quiche') and \
-                not env.curl_lib_version_at_least('quiche', '0.24.5'):
+                not env.curl_lib_version_at_least('quiche', '0.24.7'):
             pytest.skip("quiche issue #2277 not fixed")
         count = 20
         curl = CurlClient(env=env)

From cc285649dc95b73eef5d498d93d0cdcc75b1e5c7 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 10 Dec 2025 18:45:06 +0100
Subject: [PATCH 1217/2408] autotools: fix LargeFile feature display on Windows
 (after prev patch)

Always show it on Windows, regardless of the `--disable-largefile`
build option.

Follow-up to 163705db756557e6c07ac9386663f0576ebfd64e #19888
Closes #19922
---
 configure.ac | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/configure.ac b/configure.ac
index 64fa6516ec..40d4fc29fe 100644
--- a/configure.ac
+++ b/configure.ac
@@ -5317,7 +5317,7 @@ fi
 
 if test ${ac_cv_sizeof_curl_off_t} -gt 4; then
   if test ${ac_cv_sizeof_off_t} -gt 4 -o \
-     "$curl_win32_file_api" = "win32_large_files"; then
+     "$curl_cv_native_windows" = "yes"; then
     SUPPORT_FEATURES="$SUPPORT_FEATURES Largefile"
   fi
 fi

From 8db0e286b363ad788d6dc0779d605b83c7ed4caf Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Tue, 5 Aug 2025 16:07:21 +0200
Subject: [PATCH 1218/2408] autotools: tidy-up `if` expressions

- drop x-hacks for curl internal variables and certain autotools ones
  that do not hold custom values.
- make x-hacks consistently use `"x$var" = "xval"` style.
- add a few x-hacks for input/external variables that may hold custom
  values.
- prefer `-z` and `-n` to test empty/non-empty.
  This also makes some x-hacks unnecessary.
- optimized negated test `-z` and `-n` options.
- prefer `&&` and `||` over `-a` and `-o`.
  For better POSIX compatibility:
  https://pubs.opengroup.org/onlinepubs/9699919799/utilities/test.html
- quote variables passed to `test`, where missing.
- quote string literals in comparisons.
- fix some indentation, whitespace.

Note that a few `case` statements also use the x-hack, which looks
unnecessary. This patch does not change them.

Verified by comparing feature detection results with a reference CI run
from before this patch (PR #19922).

Refs:
https://www.shellcheck.net/wiki/SC2268
https://pubs.opengroup.org/onlinepubs/9699919799/utilities/test.html
https://www.vidarholen.net/contents/blog/?p=1035
https://mywiki.wooledge.org/BashPitfalls#A.5B_.24foo_.3D_.22bar.22_.5D

Closes #18189
---
 acinclude.m4              |  52 ++--
 configure.ac              | 618 +++++++++++++++++++-------------------
 curl-config.in            |   2 +-
 docs/libcurl/libcurl.m4   |  30 +-
 m4/curl-amissl.m4         |   4 +-
 m4/curl-apple-sectrust.m4 |   6 +-
 m4/curl-compilers.m4      |  35 +--
 m4/curl-confopts.m4       |  18 +-
 m4/curl-functions.m4      |  24 +-
 m4/curl-gnutls.m4         |  18 +-
 m4/curl-mbedtls.m4        |  18 +-
 m4/curl-openssl.m4        |  28 +-
 m4/curl-rustls.m4         |  18 +-
 m4/curl-schannel.m4       |   8 +-
 m4/curl-sysconfig.m4      |   2 +-
 m4/curl-wolfssl.m4        |  20 +-
 m4/xc-lt-iface.m4         |  26 +-
 m4/xc-val-flgs.m4         |  24 +-
 m4/zz40-xc-ovr.m4         |   4 +-
 19 files changed, 478 insertions(+), 477 deletions(-)

diff --git a/acinclude.m4 b/acinclude.m4
index 0627ed1fd7..d95cbd3f5b 100644
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -190,7 +190,7 @@ AC_DEFUN([CURL_CHECK_NATIVE_WINDOWS], [
       curl_cv_native_windows="no"
     ])
   ])
-  AM_CONDITIONAL(DOING_NATIVE_WINDOWS, test "x$curl_cv_native_windows" = xyes)
+  AM_CONDITIONAL(DOING_NATIVE_WINDOWS, test "$curl_cv_native_windows" = "yes")
 ])
 
 
@@ -910,7 +910,7 @@ AC_DEFUN([CURL_CHECK_LIBS_CLOCK_GETTIME_MONOTONIC], [
         curl_func_clock_gettime="yes"
         ;;
       *)
-        if test "x$dontwant_rt" = "xyes" ; then
+        if test "$dontwant_rt" = "yes"; then
           AC_MSG_WARN([needs -lrt but asked not to use it, HAVE_CLOCK_GETTIME_MONOTONIC will not be defined])
           curl_func_clock_gettime="no"
         else
@@ -926,7 +926,7 @@ AC_DEFUN([CURL_CHECK_LIBS_CLOCK_GETTIME_MONOTONIC], [
     esac
     #
     dnl only do runtime verification when not cross-compiling
-    if test "x$cross_compiling" != "xyes" &&
+    if test "$cross_compiling" != "yes" &&
       test "$curl_func_clock_gettime" = "yes"; then
       AC_MSG_CHECKING([if monotonic clock_gettime works])
       CURL_RUN_IFELSE([
@@ -1082,7 +1082,7 @@ dnl macro. It must also run AFTER all lib-checking macros are complete.
 AC_DEFUN([CURL_VERIFY_RUNTIMELIBS], [
 
   dnl this test is of course not sensible if we are cross-compiling!
-  if test "x$cross_compiling" != xyes; then
+  if test "$cross_compiling" != "yes"; then
 
     dnl just run a program to verify that the libs checked for previous to this
     dnl point also is available runtime!
@@ -1149,22 +1149,22 @@ AS_HELP_STRING([--without-ca-path], [Do not use a default CA path]),
   capath_warning="   (warning: certs not found)"
   check_capath=""
 
-  if test "x$APPLE_SECTRUST_ENABLED" = "x1"; then
+  if test "$APPLE_SECTRUST_ENABLED" = "1"; then
     ca_native="Apple SecTrust"
   else
     ca_native="no"
   fi
 
-  if test "x$want_ca" != "xno" -a "x$want_ca" != "xunset" -a \
-          "x$want_capath" != "xno" -a "x$want_capath" != "xunset"; then
+  if test "x$want_ca" != "xno" && test "x$want_ca" != "xunset" &&
+     test "x$want_capath" != "xno" && test "x$want_capath" != "xunset"; then
     dnl both given
     ca="$want_ca"
     capath="$want_capath"
-  elif test "x$want_ca" != "xno" -a "x$want_ca" != "xunset"; then
+  elif test "x$want_ca" != "xno" && test "x$want_ca" != "xunset"; then
     dnl --with-ca-bundle given
     ca="$want_ca"
     capath="no"
-  elif test "x$want_capath" != "xno" -a "x$want_capath" != "xunset"; then
+  elif test "x$want_capath" != "xno" && test "x$want_capath" != "xunset"; then
     dnl --with-ca-path given
     capath="$want_capath"
     ca="no"
@@ -1177,15 +1177,15 @@ AS_HELP_STRING([--without-ca-path], [Do not use a default CA path]),
     dnl Both auto-detections can be skipped by --without-ca-*
     ca="no"
     capath="no"
-    if test "x$cross_compiling" != "xyes" -a \
-            "x$curl_cv_native_windows" != "xyes"; then
+    if test "$cross_compiling" != "yes" &&
+       test "$curl_cv_native_windows" != "yes"; then
       dnl NOT cross-compiling and...
       dnl neither of the --with-ca-* options are provided
       if test "x$want_ca" = "xunset"; then
         dnl the path we previously would have installed the curl CA bundle
         dnl to, and thus we now check for an already existing cert in that
         dnl place in case we find no other
-        if test "x$prefix" != xNONE; then
+        if test "x$prefix" != "xNONE"; then
           cac="${prefix}/share/curl/curl-ca-bundle.crt"
         else
           cac="$ac_default_prefix/share/curl/curl-ca-bundle.crt"
@@ -1221,7 +1221,7 @@ AS_HELP_STRING([--without-ca-path], [Do not use a default CA path]),
     check_capath="$capath"
   fi
 
-  if test ! -z "$check_capath"; then
+  if test -n "$check_capath"; then
     for a in "$check_capath"; do
       if test -d "$a" && ls "$a"/[[0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f]].0 >/dev/null 2>/dev/null; then
         if test "x$capath" = "xno"; then
@@ -1257,14 +1257,14 @@ AS_HELP_STRING([--without-ca-path], [Do not use a default CA path]),
 AS_HELP_STRING([--with-ca-fallback], [Use OpenSSL's built-in CA store])
 AS_HELP_STRING([--without-ca-fallback], [Do not use OpenSSL's built-in CA store]),
   [
-    if test "x$with_ca_fallback" != "xyes" -a "x$with_ca_fallback" != "xno"; then
+    if test "x$with_ca_fallback" != "xyes" && test "x$with_ca_fallback" != "xno"; then
       AC_MSG_ERROR([--with-ca-fallback only allows yes or no as parameter])
     fi
   ],
   [ with_ca_fallback="no"])
   AC_MSG_RESULT([$with_ca_fallback])
   if test "x$with_ca_fallback" = "xyes"; then
-    if test "x$OPENSSL_ENABLED" != "x1"; then
+    if test "$OPENSSL_ENABLED" != "1"; then
       AC_MSG_ERROR([--with-ca-fallback only works with OpenSSL])
     fi
     AC_DEFINE_UNQUOTED(CURL_CA_FALLBACK, 1, [define "1" to use OpenSSL's built-in CA store])
@@ -1293,7 +1293,7 @@ AS_HELP_STRING([--without-ca-embed], [Do not embed a default CA bundle in the cu
   [ want_ca_embed="unset" ])
 
   CURL_CA_EMBED=''
-  if test "x$want_ca_embed" != "xno" -a "x$want_ca_embed" != "xunset" -a -f "$want_ca_embed"; then
+  if test "x$want_ca_embed" != "xno" && test "x$want_ca_embed" != "xunset" && test -f "$want_ca_embed"; then
     if test -n "$PERL"; then
       CURL_CA_EMBED="$want_ca_embed"
       AC_SUBST(CURL_CA_EMBED)
@@ -1315,7 +1315,7 @@ AC_DEFUN([CURL_CHECK_WIN32_CRYPTO], [
   AC_REQUIRE([CURL_CHECK_NATIVE_WINDOWS])dnl
   AC_MSG_CHECKING([whether build target supports Win32 crypto API])
   curl_win32_crypto_api="no"
-  if test "$curl_cv_native_windows" = "yes" -a "$curl_cv_winuwp" != "yes"; then
+  if test "$curl_cv_native_windows" = "yes" && test "$curl_cv_winuwp" != "yes"; then
     AC_COMPILE_IFELSE([
       AC_LANG_PROGRAM([[
         #undef inline
@@ -1382,7 +1382,7 @@ AC_DEFUN([CURL_CHECK_PKGCONFIG], [
       [$PATH:/usr/bin:/usr/local/bin])
   fi
 
-  if test "x$PKGCONFIG" != "xno"; then
+  if test "$PKGCONFIG" != "no"; then
     AC_MSG_CHECKING([for $1 options with pkg-config])
     dnl ask pkg-config about $1
     itexists=`CURL_EXPORT_PCDIR([$2]) dnl
@@ -1423,7 +1423,7 @@ dnl Save build info for test runner to pick up and log
 
 AC_DEFUN([CURL_PREPARE_BUILDINFO], [
   curl_pflags=""
-  if test "$curl_cv_apple" = 'yes'; then
+  if test "$curl_cv_apple" = "yes"; then
     curl_pflags="${curl_pflags} APPLE"
   fi
   case $host in
@@ -1443,20 +1443,20 @@ AC_DEFUN([CURL_PREPARE_BUILDINFO], [
       fi
       ;;
   esac
-  if test "$curl_cv_native_windows" = 'yes'; then
+  if test "$curl_cv_native_windows" = "yes"; then
     curl_pflags="${curl_pflags} WIN32"
   fi
-  if test "$curl_cv_winuwp" = 'yes'; then
+  if test "$curl_cv_winuwp" = "yes"; then
     curl_pflags="${curl_pflags} UWP"
   fi
-  if test "$curl_cv_cygwin" = 'yes'; then
+  if test "$curl_cv_cygwin" = "yes"; then
     curl_pflags="${curl_pflags} CYGWIN"
   fi
   case $host_os in
     msdos*) curl_pflags="${curl_pflags} DOS";;
     amiga*) curl_pflags="${curl_pflags} AMIGA";;
   esac
-  if test "x$compiler_id" = 'xGNU_C'; then
+  if test "$compiler_id" = "GNU_C"; then
     curl_pflags="${curl_pflags} GCC"
   fi
   if test "$compiler_id" = "APPLECLANG"; then
@@ -1467,7 +1467,7 @@ AC_DEFUN([CURL_PREPARE_BUILDINFO], [
   case $host_os in
     mingw*) curl_pflags="${curl_pflags} MINGW";;
   esac
-  if test "x$cross_compiling" = 'xyes'; then
+  if test "$cross_compiling" = "yes"; then
     curl_pflags="${curl_pflags} CROSS"
   fi
   squeeze curl_pflags
@@ -1509,7 +1509,7 @@ TEST EINVAL TEST
   AC_MSG_RESULT([$cpp])
 
   dnl we need cpp -P so check if it works then
-  if test "x$cpp" = "xyes"; then
+  if test "$cpp" = "yes"; then
     AC_MSG_CHECKING([if cpp -P works])
     OLDCPPFLAGS=$CPPFLAGS
     CPPFLAGS="$CPPFLAGS -P"
@@ -1519,7 +1519,7 @@ TEST EINVAL TEST
     ], [cpp_p=yes], [cpp_p=no])
     AC_MSG_RESULT([$cpp_p])
 
-    if test "x$cpp_p" = "xno"; then
+    if test "$cpp_p" = "no"; then
       AC_MSG_WARN([failed to figure out cpp -P alternative])
       # without -P
       CPPPFLAG=""
diff --git a/configure.ac b/configure.ac
index 40d4fc29fe..3c0bfaa353 100644
--- a/configure.ac
+++ b/configure.ac
@@ -44,12 +44,12 @@ AM_MAINTAINER_MODE
 m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
 
 CURL_CHECK_OPTION_DEBUG
-AM_CONDITIONAL(DEBUGBUILD, test x$want_debug = xyes)
+AM_CONDITIONAL(DEBUGBUILD, test "$want_debug" = "yes")
 CURL_CHECK_OPTION_OPTIMIZE
 CURL_CHECK_OPTION_WARNINGS
 CURL_CHECK_OPTION_WERROR
 CURL_CHECK_OPTION_CURLDEBUG
-AM_CONDITIONAL(CURLDEBUG, test x$want_curldebug = xyes)
+AM_CONDITIONAL(CURLDEBUG, test "$want_curldebug" = "yes")
 CURL_CHECK_OPTION_SYMBOL_HIDING
 CURL_CHECK_OPTION_ARES
 CURL_CHECK_OPTION_RT
@@ -225,7 +225,7 @@ AS_HELP_STRING([--with-ssl=PATH],[old version of --with-openssl])
 AS_HELP_STRING([--without-ssl], [build without any TLS library]),[
   OPT_SSL=$withval
   OPT_OPENSSL=$withval
-  if test X"$withval" != Xno; then
+  if test "x$withval" != "xno"; then
     TLSCHOICE="${TLSCHOICE:+$TLSCHOICE, }OpenSSL"
   else
     SSL_DISABLED="D"
@@ -235,7 +235,7 @@ AS_HELP_STRING([--without-ssl], [build without any TLS library]),[
 AC_ARG_WITH(openssl,dnl
 AS_HELP_STRING([--with-openssl=PATH],[Where to look for OpenSSL, PATH points to the SSL installation (default: /usr/local/ssl); when possible, set the PKG_CONFIG_PATH environment variable instead of using this option]),[
   OPT_OPENSSL=$withval
-  if test X"$withval" != Xno; then
+  if test "x$withval" != "xno"; then
     TLSCHOICE="${TLSCHOICE:+$TLSCHOICE, }OpenSSL"
   fi
 ])
@@ -244,7 +244,7 @@ OPT_GNUTLS=no
 AC_ARG_WITH(gnutls,dnl
 AS_HELP_STRING([--with-gnutls=PATH],[where to look for GnuTLS, PATH points to the installation root]),[
   OPT_GNUTLS=$withval
-  if test X"$withval" != Xno; then
+  if test "x$withval" != "xno"; then
     TLSCHOICE="${TLSCHOICE:+$TLSCHOICE, }GnuTLS"
   fi
 ])
@@ -253,7 +253,7 @@ OPT_MBEDTLS=no
 AC_ARG_WITH(mbedtls,dnl
 AS_HELP_STRING([--with-mbedtls=PATH],[where to look for mbedTLS, PATH points to the installation root]),[
   OPT_MBEDTLS=$withval
-  if test X"$withval" != Xno; then
+  if test "x$withval" != "xno"; then
     TLSCHOICE="${TLSCHOICE:+$TLSCHOICE, }mbedTLS"
   fi
 ])
@@ -262,7 +262,7 @@ OPT_WOLFSSL=no
 AC_ARG_WITH(wolfssl,dnl
 AS_HELP_STRING([--with-wolfssl=PATH],[where to look for wolfSSL, PATH points to the installation root (default: system lib default)]),[
   OPT_WOLFSSL=$withval
-  if test X"$withval" != Xno; then
+  if test "x$withval" != "xno"; then
     TLSCHOICE="${TLSCHOICE:+$TLSCHOICE, }wolfSSL"
   fi
 ])
@@ -271,7 +271,7 @@ OPT_RUSTLS=no
 AC_ARG_WITH(rustls,dnl
 AS_HELP_STRING([--with-rustls=PATH],[where to look for Rustls, PATH points to the installation root]),[
   OPT_RUSTLS=$withval
-  if test X"$withval" != Xno; then
+  if test "x$withval" != "xno"; then
     TLSCHOICE="${TLSCHOICE:+$TLSCHOICE, }Rustls"
     experimental="$experimental Rustls"
   fi
@@ -291,7 +291,7 @@ TEST_NGHTTPX=nghttpx
 AC_ARG_WITH(test-nghttpx,dnl
 AS_HELP_STRING([--with-test-nghttpx=PATH],[where to find nghttpx for testing]),
   TEST_NGHTTPX=$withval
-  if test X"$TEST_NGHTTPX" = "Xno"; then
+  if test "x$TEST_NGHTTPX" = "xno"; then
     TEST_NGHTTPX=""
   fi
 )
@@ -307,7 +307,7 @@ fi
 AC_ARG_WITH(test-caddy,dnl
 AS_HELP_STRING([--with-test-caddy=PATH],[where to find caddy for testing]),
   CADDY=$withval
-  if test X"$CADDY" = "Xno"; then
+  if test "x$CADDY" = "xno"; then
     CADDY=""
   fi
 )
@@ -323,7 +323,7 @@ fi
 AC_ARG_WITH(test-vsftpd,dnl
 AS_HELP_STRING([--with-test-vsftpd=PATH],[where to find vsftpd for testing]),
   VSFTPD=$withval
-  if test X"$VSFTPD" = "Xno"; then
+  if test "x$VSFTPD" = "xno"; then
     VSFTPD=""
   fi
 )
@@ -335,31 +335,31 @@ HTTPD_ENABLED="maybe"
 AC_ARG_WITH(test-httpd, [AS_HELP_STRING([--with-test-httpd=PATH],
                          [where to find httpd/apache2 for testing])],
   [request_httpd=$withval], [request_httpd=check])
-if test x"$request_httpd" = "xcheck" -o x"$request_httpd" = "xyes"; then
+if test "x$request_httpd" = "xcheck" || test "x$request_httpd" = "xyes"; then
   if test -x "/usr/sbin/apache2"; then
     # common location on distros (debian/ubuntu)
     HTTPD="/usr/sbin/apache2"
     AC_PATH_PROG([APXS], [apxs])
-    if test "x$APXS" = "x"; then
+    if test -z "$APXS"; then
       AC_MSG_NOTICE([apache2-dev not installed, httpd tests disabled])
       HTTPD_ENABLED="no"
     fi
   else
     AC_PATH_PROG([HTTPD], [httpd])
-    if test "x$HTTPD" = "x"; then
+    if test -z "$HTTPD"; then
       AC_PATH_PROG([HTTPD], [apache2])
     fi
     AC_PATH_PROG([APXS], [apxs])
-    if test "x$HTTPD" = "x"; then
+    if test -z "$HTTPD"; then
       AC_MSG_NOTICE([httpd/apache2 not in PATH, http tests disabled])
       HTTPD_ENABLED="no"
     fi
-    if test "x$APXS" = "x"; then
+    if test -z "$APXS"; then
       AC_MSG_NOTICE([apxs not in PATH, http tests disabled])
       HTTPD_ENABLED="no"
     fi
   fi
-elif test x"$request_httpd" != "xno"; then
+elif test "x$request_httpd" != "xno"; then
   HTTPD="${request_httpd}/bin/httpd"
   APXS="${request_httpd}/bin/apxs"
   if test ! -x "${HTTPD}"; then
@@ -372,7 +372,7 @@ elif test x"$request_httpd" != "xno"; then
     AC_MSG_NOTICE([using HTTPD=$HTTPD for tests])
   fi
 fi
-if test x"$HTTPD_ENABLED" = "xno"; then
+if test "$HTTPD_ENABLED" = "no"; then
   HTTPD=""
   APXS=""
 fi
@@ -385,17 +385,17 @@ DANTED_ENABLED="maybe"
 AC_ARG_WITH(test-danted, [AS_HELP_STRING([--with-test-danted=PATH],
                          [where to find danted socks daemon for testing])],
   [request_danted=$withval], [request_danted=check])
-if test x"$request_danted" = "xcheck" -o x"$request_danted" = "xyes"; then
+if test "x$request_danted" = "xcheck" || test "x$request_danted" = "xyes"; then
   if test -x "/usr/sbin/danted"; then
     # common location on distros (debian/ubuntu)
     DANTED="/usr/sbin/danted"
   else
     AC_PATH_PROG([DANTED], [danted])
-    if test "x$DANTED" = "x"; then
+    if test -z "$DANTED"; then
       AC_PATH_PROG([DANTED], [danted])
     fi
   fi
-elif test x"$request_danted" != "xno"; then
+elif test "x$request_danted" != "xno"; then
   DANTED="${request_danted}"
   if test ! -x "${DANTED}"; then
     AC_MSG_NOTICE([danted not found as ${DANTED}, danted tests disabled])
@@ -404,13 +404,13 @@ elif test x"$request_danted" != "xno"; then
     AC_MSG_NOTICE([using DANTED=$DANTED for tests])
   fi
 fi
-if test x"$DANTED_ENABLED" = "xno"; then
+if test "$DANTED_ENABLED" = "no"; then
   DANTED=""
 fi
 AC_SUBST(DANTED)
 
 dnl the nghttpx we might use in httpd testing
-if test "x$TEST_NGHTTPX" != "x" -a "x$TEST_NGHTTPX" != "xnghttpx"; then
+if test -n "$TEST_NGHTTPX" && test "x$TEST_NGHTTPX" != "xnghttpx"; then
   HTTPD_NGHTTPX="$TEST_NGHTTPX"
 else
   AC_PATH_PROG([HTTPD_NGHTTPX], [nghttpx], [],
@@ -419,7 +419,7 @@ fi
 AC_SUBST(HTTPD_NGHTTPX)
 
 dnl the Caddy server we might use in testing
-if test "x$TEST_CADDY" != "x"; then
+if test -n "$TEST_CADDY"; then
   CADDY="$TEST_CADDY"
 else
   AC_PATH_PROG([CADDY], [caddy])
@@ -480,11 +480,11 @@ AM_CONDITIONAL(NOT_CURL_CI, test -z "$CURL_CI")
 #
 
 AM_CONDITIONAL([CURL_LT_SHLIB_USE_VERSION_INFO],
-  [test "x$xc_lt_shlib_use_version_info" = 'xyes'])
+  [test "$xc_lt_shlib_use_version_info" = "yes"])
 AM_CONDITIONAL([CURL_LT_SHLIB_USE_NO_UNDEFINED],
-  [test "x$xc_lt_shlib_use_no_undefined" = 'xyes'])
+  [test "$xc_lt_shlib_use_no_undefined" = "yes"])
 AM_CONDITIONAL([CURL_LT_SHLIB_USE_MIMPURE_TEXT],
-  [test "x$xc_lt_shlib_use_mimpure_text" = 'xyes'])
+  [test "$xc_lt_shlib_use_mimpure_text" = "yes"])
 
 #
 # Due to libtool and automake machinery limitations of not allowing
@@ -503,7 +503,7 @@ AM_CONDITIONAL([CURL_LT_SHLIB_USE_MIMPURE_TEXT],
 #
 
 AM_CONDITIONAL([USE_CPPFLAG_CURL_STATICLIB],
-  [test "x$xc_lt_build_static_only" = 'xyes'])
+  [test "$xc_lt_build_static_only" = "yes"])
 
 #
 # Make staticlib CPPFLAG variable and its definition visible in output
@@ -515,7 +515,7 @@ LIBCURL_PC_CFLAGS_PRIVATE='-DCURL_STATICLIB'
 AC_SUBST(LIBCURL_PC_CFLAGS_PRIVATE)
 
 LIBCURL_PC_CFLAGS=
-if test "x$xc_lt_build_static_only" = 'xyes'; then
+if test "$xc_lt_build_static_only" = "yes"; then
   LIBCURL_PC_CFLAGS="${LIBCURL_PC_CFLAGS_PRIVATE}"
 fi
 AC_SUBST([LIBCURL_PC_CFLAGS])
@@ -555,7 +555,7 @@ if test "$compiler_id" = "INTEL_UNIX_C"; then
 fi
 
 CURL_CFLAG_EXTRAS=""
-if test X"$want_werror" = Xyes; then
+if test "$want_werror" = "yes"; then
   CURL_CFLAG_EXTRAS="-Werror"
   if test "$compiler_id" = "GNU_C"; then
     dnl enable -pedantic-errors for GCC 5 and later,
@@ -563,12 +563,12 @@ if test X"$want_werror" = Xyes; then
     if test "$compiler_num" -ge "500"; then
       CURL_CFLAG_EXTRAS="$CURL_CFLAG_EXTRAS -pedantic-errors"
     fi
-  elif test "$compiler_id" = "CLANG" -o "$compiler_id" = "APPLECLANG"; then
+  elif test "$compiler_id" = "CLANG" || test "$compiler_id" = "APPLECLANG"; then
     CURL_CFLAG_EXTRAS="$CURL_CFLAG_EXTRAS -pedantic-errors"
   fi
 fi
 AC_SUBST(CURL_CFLAG_EXTRAS)
-AM_CONDITIONAL(CURL_WERROR, test X"$want_werror" = Xyes)
+AM_CONDITIONAL(CURL_WERROR, test "$want_werror" = "yes")
 
 CURL_CHECK_COMPILER_HALT_ON_ERROR
 CURL_CHECK_COMPILER_ARRAY_SIZE_NEGATIVE
@@ -579,8 +579,8 @@ supports_unittests=yes
 # cross-compilation of unit tests static library/programs fails when
 # libcurl shared library is built. This might be due to a libtool or
 # automake issue. In this case we disable unit tests.
-if test "x$cross_compiling" != "xno" &&
-   test "x$enable_shared" != "xno"; then
+if test "$cross_compiling" != "no" &&
+   test "$enable_shared" != "no"; then
   supports_unittests=no
 fi
 
@@ -604,7 +604,7 @@ case $host_os in
     ;;
 esac
 
-AM_CONDITIONAL(BUILD_UNITTESTS, test x$supports_unittests = xyes)
+AM_CONDITIONAL(BUILD_UNITTESTS, test "$supports_unittests" = "yes")
 
 # In order to detect support of sendmmsg() and accept4(), we need to escape the POSIX
 # jail by defining _GNU_SOURCE or  will not expose it.
@@ -625,7 +625,7 @@ case $host in
   *-apple-*) curl_cv_apple='yes';;
 esac
 
-if test "$curl_cv_apple" = 'yes'; then
+if test "$curl_cv_apple" = "yes"; then
   CURL_DARWIN_CFLAGS
   CURL_SUPPORTS_BUILTIN_AVAILABLE
 fi
@@ -663,11 +663,11 @@ AS_HELP_STRING([--disable-unity],[Disable unity (default)]),
   esac ],
     AC_MSG_RESULT([no])
 )
-if test -z "$PERL" -a "$want_unity" = 'yes'; then
+if test -z "$PERL" && test "$want_unity" = "yes"; then
   AC_MSG_WARN([perl was not found. Will not enable unity.])
   want_unity='no'
 fi
-AM_CONDITIONAL([USE_UNITY], [test "$want_unity" = 'yes'])
+AM_CONDITIONAL([USE_UNITY], [test "$want_unity" = "yes"])
 
 dnl ************************************************************
 dnl switch off particular protocols
@@ -745,7 +745,7 @@ AS_HELP_STRING([--disable-ipfs],[Disable IPFS support]),
     CURL_DISABLE_IPFS=1
     ;;
   *)
-    if test x$CURL_DISABLE_HTTP = x1; then
+    if test "$CURL_DISABLE_HTTP" = "1"; then
       AC_MSG_ERROR(HTTP support needs to be enabled in order to enable IPFS support!)
     else
       AC_MSG_RESULT(yes)
@@ -753,7 +753,7 @@ AS_HELP_STRING([--disable-ipfs],[Disable IPFS support]),
     fi
     ;;
   esac ],
-    if test "x$CURL_DISABLE_HTTP" != "x1"; then
+    if test "$CURL_DISABLE_HTTP" != "1"; then
       AC_MSG_RESULT(yes)
       curl_ipfs_msg="enabled"
     else
@@ -791,7 +791,7 @@ AS_HELP_STRING([--disable-ldaps],[Disable LDAPS support]),
     CURL_DISABLE_LDAPS=1
     ;;
   *)
-    if test "x$CURL_DISABLE_LDAP" = "x1"; then
+    if test "$CURL_DISABLE_LDAP" = "1"; then
       AC_MSG_RESULT(LDAP needs to be enabled to support LDAPS)
       AC_DEFINE(CURL_DISABLE_LDAPS, 1, [to disable LDAPS])
       CURL_DISABLE_LDAPS=1
@@ -802,7 +802,7 @@ AS_HELP_STRING([--disable-ldaps],[Disable LDAPS support]),
     fi
     ;;
   esac ],[
-    if test "x$CURL_DISABLE_LDAP" = "x1"; then
+    if test "$CURL_DISABLE_LDAP" = "1"; then
       AC_MSG_RESULT(no)
       AC_DEFINE(CURL_DISABLE_LDAPS, 1, [to disable LDAPS])
       CURL_DISABLE_LDAPS=1
@@ -817,27 +817,27 @@ AC_MSG_CHECKING([whether to support rtsp])
 AC_ARG_ENABLE(rtsp,
 AS_HELP_STRING([--enable-rtsp],[Enable RTSP support])
 AS_HELP_STRING([--disable-rtsp],[Disable RTSP support]),
-  [ case "$enableval" in
-      no)
+[ case "$enableval" in
+    no)
+    AC_MSG_RESULT(no)
+    AC_DEFINE(CURL_DISABLE_RTSP, 1, [to disable RTSP])
+    CURL_DISABLE_RTSP=1
+    ;;
+  *)
+    if test "$CURL_DISABLE_HTTP" = "1"; then
+      AC_MSG_ERROR(HTTP support needs to be enabled in order to enable RTSP support!)
+    else
+      AC_MSG_RESULT(yes)
+      curl_rtsp_msg="enabled"
+    fi
+    ;;
+  esac ],
+    if test "$CURL_DISABLE_HTTP" != "1"; then
+      AC_MSG_RESULT(yes)
+      curl_rtsp_msg="enabled"
+    else
       AC_MSG_RESULT(no)
-      AC_DEFINE(CURL_DISABLE_RTSP, 1, [to disable RTSP])
-      CURL_DISABLE_RTSP=1
-      ;;
-    *)
-      if test x$CURL_DISABLE_HTTP = x1; then
-        AC_MSG_ERROR(HTTP support needs to be enabled in order to enable RTSP support!)
-      else
-        AC_MSG_RESULT(yes)
-        curl_rtsp_msg="enabled"
-      fi
-      ;;
-    esac ],
-      if test "x$CURL_DISABLE_HTTP" != "x1"; then
-        AC_MSG_RESULT(yes)
-        curl_rtsp_msg="enabled"
-      else
-        AC_MSG_RESULT(no)
-      fi
+    fi
 )
 
 AC_MSG_CHECKING([whether to support proxies])
@@ -892,7 +892,7 @@ AS_HELP_STRING([--disable-telnet],[Disable TELNET support]),
     AC_MSG_RESULT(yes)
 )
 
-if test "$curl_cv_winuwp" = 'yes'; then
+if test "$curl_cv_winuwp" = "yes"; then
   AC_DEFINE(CURL_DISABLE_TELNET, 1, [to disable TELNET])
   CURL_DISABLE_TELNET=1
 fi
@@ -1063,7 +1063,7 @@ AS_HELP_STRING([--disable-docs],[Disable documentation]),
     AC_MSG_RESULT(yes)
     BUILD_DOCS=1
 )
-if test -z "$PERL" -a "x$BUILD_DOCS" != "x0"; then
+if test -z "$PERL" && test "$BUILD_DOCS" != "0"; then
   AC_MSG_WARN([perl was not found. Will not build documentation.])
   BUILD_DOCS=0
 fi
@@ -1191,14 +1191,14 @@ fi
 
 # In UWP mode gethostbyname gets detected via the core libs, but some
 # code (in6addr_any) still need ws2_32, so let us detect and add it.
-if test "$HAVE_GETHOSTBYNAME" != "1" -o "$curl_cv_winuwp" = "yes"; then
+if test "$HAVE_GETHOSTBYNAME" != "1" || test "$curl_cv_winuwp" = "yes"; then
   if test "$curl_cv_native_windows" = "yes"; then
     dnl This is for Winsock systems
     winsock_LIB="-lws2_32"
     if test "$curl_cv_winuwp" != "yes"; then
       winsock_LIB="$winsock_LIB -liphlpapi"
     fi
-    if test ! -z "$winsock_LIB"; then
+    if test -n "$winsock_LIB"; then
       my_ac_save_LIBS=$LIBS
       LIBS="$winsock_LIB $LIBS"
       AC_MSG_CHECKING([for gethostbyname in $winsock_LIB])
@@ -1261,7 +1261,7 @@ if test "$HAVE_GETHOSTBYNAME" != "1"; then
   ])
 fi
 
-if test "$HAVE_GETHOSTBYNAME" != "1" -o "${with_amissl+set}" = set; then
+if test "$HAVE_GETHOSTBYNAME" != "1" || test "${with_amissl+set}" = "set"; then
   dnl This is for AmigaOS with bsdsocket.library - needs testing before -lnet
   AC_MSG_CHECKING([for gethostbyname for AmigaOS bsdsocket.library])
   AC_LINK_IFELSE([
@@ -1331,10 +1331,10 @@ AS_HELP_STRING([--with-zlib=PATH],[search for zlib in PATH])
 AS_HELP_STRING([--without-zlib],[disable use of zlib]),
   [OPT_ZLIB="$withval"])
 
-if test "$OPT_ZLIB" = "no"; then
+if test "x$OPT_ZLIB" = "xno"; then
   AC_MSG_WARN([zlib disabled])
 else
-  if test "$OPT_ZLIB" = "yes"; then
+  if test "x$OPT_ZLIB" = "xyes"; then
     OPT_ZLIB=""
   fi
 
@@ -1434,7 +1434,7 @@ else
 fi
 
 dnl set variable for use in automakefile(s)
-AM_CONDITIONAL(HAVE_LIBZ, test x"$AMFIXLIB" = x1)
+AM_CONDITIONAL(HAVE_LIBZ, test "$AMFIXLIB" = "1")
 AC_SUBST(ZLIB_LIBS)
 
 dnl **********************************************************************
@@ -1450,7 +1450,7 @@ AS_HELP_STRING([--with-brotli=PATH],[Where to look for brotli, PATH points to th
 AS_HELP_STRING([--without-brotli], [disable BROTLI]),
   OPT_BROTLI=$withval)
 
-if test X"$OPT_BROTLI" != Xno; then
+if test "x$OPT_BROTLI" != "xno"; then
   dnl backup the pre-brotli variables
   CLEANLDFLAGS="$LDFLAGS"
   CLEANLDFLAGSPC="$LDFLAGSPC"
@@ -1509,7 +1509,7 @@ if test X"$OPT_BROTLI" != Xno; then
     AC_DEFINE(HAVE_BROTLI, 1, [if BROTLI is in use])
   )
 
-  if test X"$OPT_BROTLI" != Xoff &&
+  if test "x$OPT_BROTLI" != "xoff" &&
      test "$HAVE_BROTLI" != "1"; then
     AC_MSG_ERROR([BROTLI libs and/or directories were not found where specified!])
   fi
@@ -1520,7 +1520,7 @@ if test X"$OPT_BROTLI" != Xno; then
       dnl linker does not search through, we need to add it to CURL_LIBRARY_PATH
       dnl to prevent further configure tests to fail due to this
 
-      if test "x$cross_compiling" != "xyes"; then
+      if test "$cross_compiling" != "yes"; then
         CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$DIR_BROTLI"
         export CURL_LIBRARY_PATH
         AC_MSG_NOTICE([Added $DIR_BROTLI to CURL_LIBRARY_PATH])
@@ -1547,7 +1547,7 @@ AS_HELP_STRING([--with-zstd=PATH],[Where to look for libzstd, PATH points to the
 AS_HELP_STRING([--without-zstd], [disable libzstd]),
   OPT_ZSTD=$withval)
 
-if test X"$OPT_ZSTD" != Xno; then
+if test "x$OPT_ZSTD" != "xno"; then
   dnl backup the pre-zstd variables
   CLEANLDFLAGS="$LDFLAGS"
   CLEANLDFLAGSPC="$LDFLAGSPC"
@@ -1598,7 +1598,7 @@ if test X"$OPT_ZSTD" != Xno; then
     AC_DEFINE(HAVE_ZSTD, 1, [if libzstd is in use])
   )
 
-  if test X"$OPT_ZSTD" != Xoff &&
+  if test "x$OPT_ZSTD" != "xoff" &&
      test "$HAVE_ZSTD" != "1"; then
     AC_MSG_ERROR([libzstd was not found where specified!])
   fi
@@ -1610,7 +1610,7 @@ if test X"$OPT_ZSTD" != Xno; then
       dnl CURL_LIBRARY_PATH to prevent further configure tests to fail due to
       dnl this
 
-      if test "x$cross_compiling" != "xyes"; then
+      if test "$cross_compiling" != "yes"; then
         CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$DIR_ZSTD"
         export CURL_LIBRARY_PATH
         AC_MSG_NOTICE([Added $DIR_ZSTD to CURL_LIBRARY_PATH])
@@ -1674,7 +1674,7 @@ AS_HELP_STRING([--disable-ipv6],[Disable IPv6 support]),
   )
 )
 
-if test "$ipv6" = yes; then
+if test "$ipv6" = "yes"; then
   curl_ipv6_msg="enabled"
   AC_DEFINE(USE_IPV6, 1, [Define if you want to enable IPv6 support])
   IPV6_ENABLED=1
@@ -1732,7 +1732,7 @@ int main(int argc, char **argv)
 ],[
   curl_cv_writable_argv=cross
 ])
-if test "$curl_cv_writable_argv" = 'cross' -a "$curl_cv_apple" = 'yes'; then
+if test "$curl_cv_writable_argv" = "cross" && test "$curl_cv_apple" = "yes"; then
   curl_cv_writable_argv=yes
 fi
 case $curl_cv_writable_argv in
@@ -1773,9 +1773,9 @@ AC_ARG_WITH(gssapi-libs,
 AC_ARG_WITH(gssapi,
   AS_HELP_STRING([--with-gssapi=DIR], [Where to look for GSS-API]), [
     GSSAPI_ROOT="$withval"
-    if test x"$GSSAPI_ROOT" != xno; then
+    if test "$GSSAPI_ROOT" != "no"; then
       want_gss="yes"
-      if test x"$GSSAPI_ROOT" = xyes; then
+      if test "$GSSAPI_ROOT" = "yes"; then
         dnl if yes, then use default root
         GSSAPI_ROOT="/usr"
       fi
@@ -1787,16 +1787,16 @@ AC_ARG_WITH(gssapi,
 
 save_CPPFLAGS="$CPPFLAGS"
 AC_MSG_CHECKING([if GSS-API support is requested])
-if test x"$want_gss" = xyes; then
+if test "$want_gss" = "yes"; then
   AC_MSG_RESULT(yes)
 
-  if test $GSSAPI_ROOT != "/usr"; then
+  if test "$GSSAPI_ROOT" != "/usr"; then
     CURL_CHECK_PKGCONFIG(mit-krb5-gssapi, $GSSAPI_ROOT/lib/pkgconfig)
   else
     CURL_CHECK_PKGCONFIG(mit-krb5-gssapi)
   fi
   if test -z "$GSSAPI_INCS"; then
-    if test -n "$host_alias" -a -f "$GSSAPI_ROOT/bin/$host_alias-krb5-config"; then
+    if test -n "$host_alias" && test -f "$GSSAPI_ROOT/bin/$host_alias-krb5-config"; then
       GSSAPI_INCS=`$GSSAPI_ROOT/bin/$host_alias-krb5-config --cflags gssapi`
     elif test "$PKGCONFIG" != "no"; then
       GSSAPI_INCS=`$PKGCONFIG --cflags mit-krb5-gssapi`
@@ -1821,7 +1821,7 @@ if test x"$want_gss" = xyes; then
         [gssapi/gssapi.h gssapi/gssapi_generic.h gssapi/gssapi_krb5.h],
         [],
         [not_mit=1])
-      if test "x$not_mit" = "x1"; then
+      if test "$not_mit" = "1"; then
         dnl MIT not found
         AC_MSG_ERROR([MIT or GNU GSS library required, but not found])
       fi
@@ -1830,7 +1830,7 @@ if test x"$want_gss" = xyes; then
 else
   AC_MSG_RESULT(no)
 fi
-if test x"$want_gss" = xyes; then
+if test "$want_gss" = "yes"; then
   AC_DEFINE(HAVE_GSSAPI, 1, [if you have GSS-API libraries])
   HAVE_GSSAPI=1
   curl_gss_msg="enabled (MIT Kerberos)"
@@ -1843,15 +1843,15 @@ if test x"$want_gss" = xyes; then
     LIBS="-lgss $LIBS"
     link_pkgconfig=1
   elif test -z "$GSSAPI_LIB_DIR"; then
-    if test "$curl_cv_apple" = 'yes'; then
+    if test "$curl_cv_apple" = "yes"; then
       LIBS="-lgssapi_krb5 -lresolv $LIBS"
     else
-      if test $GSSAPI_ROOT != "/usr"; then
+      if test "$GSSAPI_ROOT" != "/usr"; then
         CURL_CHECK_PKGCONFIG(mit-krb5-gssapi, $GSSAPI_ROOT/lib/pkgconfig)
       else
         CURL_CHECK_PKGCONFIG(mit-krb5-gssapi)
       fi
-      if test -n "$host_alias" -a -f "$GSSAPI_ROOT/bin/$host_alias-krb5-config"; then
+      if test -n "$host_alias" && test -f "$GSSAPI_ROOT/bin/$host_alias-krb5-config"; then
         dnl krb5-config does not have --libs-only-L or similar, put everything
         dnl into LIBS
         gss_libs=`$GSSAPI_ROOT/bin/$host_alias-krb5-config --libs gssapi`
@@ -1886,7 +1886,7 @@ if test x"$want_gss" = xyes; then
       fi
     fi
     gss_version=""
-    if test -n "$host_alias" -a -f "$GSSAPI_ROOT/bin/$host_alias-krb5-config"; then
+    if test -n "$host_alias" && test -f "$GSSAPI_ROOT/bin/$host_alias-krb5-config"; then
       gss_version=`$GSSAPI_ROOT/bin/$host_alias-krb5-config --version | $SED 's/Kerberos 5 release //'`
     elif test "$PKGCONFIG" != "no"; then
       gss_version=`$PKGCONFIG --modversion mit-krb5-gssapi`
@@ -1920,7 +1920,7 @@ else
   CPPFLAGS="$save_CPPFLAGS"
 fi
 
-if test x"$want_gss" = xyes; then
+if test "$want_gss" = "yes"; then
   AC_MSG_CHECKING([if we can link against GSS-API library])
   AC_LINK_IFELSE([
     AC_LANG_FUNC_LINK_TRY([gss_init_sec_context])
@@ -1933,11 +1933,11 @@ if test x"$want_gss" = xyes; then
 fi
 
 build_libstubgss=no
-if test x"$want_gss" = "xyes"; then
+if test "$want_gss" = "yes"; then
   build_libstubgss=yes
 fi
 
-AM_CONDITIONAL(BUILD_STUB_GSS, test "x$build_libstubgss" = "xyes")
+AM_CONDITIONAL(BUILD_STUB_GSS, test "$build_libstubgss" = "yes")
 
 dnl -------------------------------------------------------------
 dnl parse --with-default-ssl-backend so it can be validated below
@@ -1974,12 +1974,12 @@ CURL_WITH_RUSTLS
 CURL_WITH_APPLE_SECTRUST
 
 dnl link required libraries for USE_WIN32_CRYPTO or SCHANNEL_ENABLED
-if test "x$USE_WIN32_CRYPTO" = "x1" -o "x$SCHANNEL_ENABLED" = "x1"; then
+if test "$USE_WIN32_CRYPTO" = "1" || test "$SCHANNEL_ENABLED" = "1"; then
   LIBS="-ladvapi32 -lcrypt32 $LIBS"
 fi
 
 dnl link bcrypt for BCryptGenRandom() (used when building for Vista or newer)
-if test "x$curl_cv_native_windows" = "xyes"; then
+if test "$curl_cv_native_windows" = "yes"; then
   LIBS="-lbcrypt $LIBS"
 fi
 
@@ -2014,13 +2014,13 @@ if test -n "$ssl_backends"; then
   curl_ssl_msg="enabled ($ssl_backends)"
 fi
 
-if test no = "$VALID_DEFAULT_SSL_BACKEND"; then
+if test "$VALID_DEFAULT_SSL_BACKEND" = "no"; then
   if test -n "$SSL_ENABLED"; then
     AC_MSG_ERROR([Default SSL backend $DEFAULT_SSL_BACKEND not enabled!])
   else
     AC_MSG_ERROR([Default SSL backend requires SSL!])
   fi
-elif test yes = "$VALID_DEFAULT_SSL_BACKEND"; then
+elif test "$VALID_DEFAULT_SSL_BACKEND" = "yes"; then
   AC_DEFINE_UNQUOTED([CURL_DEFAULT_SSL_BACKEND], ["$DEFAULT_SSL_BACKEND"], [Default SSL backend])
 fi
 
@@ -2033,7 +2033,7 @@ if test -n "$check_for_ca_bundle"; then
   CURL_CHECK_CA_EMBED
 fi
 
-AM_CONDITIONAL(CURL_CA_EMBED_SET, test "x$CURL_CA_EMBED" != "x")
+AM_CONDITIONAL(CURL_CA_EMBED_SET, test -n "$CURL_CA_EMBED")
 
 dnl ----------------------
 dnl check unsafe CA search
@@ -2090,7 +2090,7 @@ AS_HELP_STRING([--with-libpsl=PATH],[Where to look for libpsl, PATH points to th
 AS_HELP_STRING([--without-libpsl], [disable LIBPSL]),
   OPT_LIBPSL=$withval)
 
-if test X"$OPT_LIBPSL" != Xno; then
+if test "x$OPT_LIBPSL" != "xno"; then
   dnl backup the pre-libpsl variables
   CLEANLDFLAGS="$LDFLAGS"
   CLEANLDFLAGSPC="$LDFLAGSPC"
@@ -2163,7 +2163,7 @@ AS_HELP_STRING([--with-libgsasl=PATH],[Where to look for libgsasl, PATH points t
 AS_HELP_STRING([--without-libgsasl], [disable libgsasl support for SCRAM]),
   OPT_LIBGSASL=$withval)
 
-if test "$OPT_LIBGSASL" != no; then
+if test "x$OPT_LIBGSASL" != "xno"; then
   dnl backup the pre-libgsasl variables
   CLEANLDFLAGS="$LDFLAGS"
   CLEANLDFLAGSPC="$LDFLAGSPC"
@@ -2243,7 +2243,7 @@ AS_HELP_STRING([--with-libssh=PATH],[Where to look for libssh, PATH points to th
 AS_HELP_STRING([--with-libssh], [enable libssh]),
   OPT_LIBSSH=$withval, OPT_LIBSSH=no)
 
-if test X"$OPT_LIBSSH2" != Xno; then
+if test "x$OPT_LIBSSH2" != "xno"; then
   dnl backup the pre-libssh2 variables
   CLEANLDFLAGS="$LDFLAGS"
   CLEANLDFLAGSPC="$LDFLAGSPC"
@@ -2295,7 +2295,7 @@ if test X"$OPT_LIBSSH2" != Xno; then
     USE_LIBSSH2=1
   )
 
-  if test X"$OPT_LIBSSH2" != Xoff &&
+  if test "x$OPT_LIBSSH2" != "xoff" &&
      test "$USE_LIBSSH2" != "1"; then
     AC_MSG_ERROR([libssh2 libs and/or directories were not found where specified!])
   fi
@@ -2306,7 +2306,7 @@ if test X"$OPT_LIBSSH2" != Xno; then
       dnl linker does not search through, we need to add it to CURL_LIBRARY_PATH
       dnl to prevent further configure tests to fail due to this
 
-      if test "x$cross_compiling" != "xyes"; then
+      if test "$cross_compiling" != "yes"; then
         CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$DIR_SSH2"
         export CURL_LIBRARY_PATH
         AC_MSG_NOTICE([Added $DIR_SSH2 to CURL_LIBRARY_PATH])
@@ -2320,7 +2320,7 @@ if test X"$OPT_LIBSSH2" != Xno; then
     CPPFLAGS=$CLEANCPPFLAGS
     LIBS=$CLEANLIBS
   fi
-elif test X"$OPT_LIBSSH" != Xno; then
+elif test "x$OPT_LIBSSH" != "xno"; then
   dnl backup the pre-libssh variables
   CLEANLDFLAGS="$LDFLAGS"
   CLEANLDFLAGSPC="$LDFLAGSPC"
@@ -2371,7 +2371,7 @@ elif test X"$OPT_LIBSSH" != Xno; then
     USE_LIBSSH=1
   )
 
-  if test X"$OPT_LIBSSH" != Xoff &&
+  if test "x$OPT_LIBSSH" != "xoff" &&
      test "$USE_LIBSSH" != "1"; then
     AC_MSG_ERROR([libssh libs and/or directories were not found where specified!])
   fi
@@ -2386,7 +2386,7 @@ elif test X"$OPT_LIBSSH" != Xno; then
       dnl linker does not search through, we need to add it to CURL_LIBRARY_PATH
       dnl to prevent further configure tests to fail due to this
 
-      if test "x$cross_compiling" != "xyes"; then
+      if test "$cross_compiling" != "yes"; then
         CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$DIR_SSH"
         export CURL_LIBRARY_PATH
         AC_MSG_NOTICE([Added $DIR_SSH to CURL_LIBRARY_PATH])
@@ -2456,14 +2456,14 @@ case "$OPT_LDAP" in
     ;;
 esac
 
-if test x$CURL_DISABLE_LDAP != x1 && test "$want_ldap" != "no"; then
+if test "$CURL_DISABLE_LDAP" != "1" && test "$want_ldap" != "no"; then
 
   CURL_CHECK_HEADER_LBER
   CURL_CHECK_HEADER_LDAP
   CURL_CHECK_HEADER_LDAP_SSL
 
   if test -z "$LDAPLIBNAME"; then
-    if test "$curl_cv_native_windows" = "yes" -a "$curl_cv_winuwp" != "yes"; then
+    if test "$curl_cv_native_windows" = "yes" && test "$curl_cv_winuwp" != "yes"; then
       dnl Windows uses a single and unique LDAP library name
       LDAPLIBNAME="wldap32"
       LBERLIBNAME="no"
@@ -2472,7 +2472,7 @@ if test x$CURL_DISABLE_LDAP != x1 && test "$want_ldap" != "no"; then
 
   if test "$LDAPLIBNAME"; then
     dnl If we have both LDAP and LBER library names, check if we need both
-    if test "$LBERLIBNAME" -a "$LBERLIBNAME" != "no"; then
+    if test "$LBERLIBNAME" && test "$LBERLIBNAME" != "no"; then
       dnl Try LDAP first, then with LBER if needed
       AC_CHECK_LIB("$LDAPLIBNAME", ldap_init, [ldap_lib_ok=yes], [ldap_lib_ok=no])
       if test "$ldap_lib_ok" = "no"; then
@@ -2527,7 +2527,7 @@ if test x$CURL_DISABLE_LDAP != x1 && test "$want_ldap" != "no"; then
   fi
 fi
 
-if test x$CURL_DISABLE_LDAP != x1; then
+if test "$CURL_DISABLE_LDAP" != "1"; then
   dnl Add to library path if needed
   if test -n "$DIR_LDAP"; then
     dnl when the ldap shared lib were found in a path that the runtime
@@ -2535,7 +2535,7 @@ if test x$CURL_DISABLE_LDAP != x1; then
     dnl CURL_LIBRARY_PATH to prevent further configure tests to fail due to
     dnl this
 
-    if test "x$cross_compiling" != "xyes"; then
+    if test "$cross_compiling" != "yes"; then
       CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$DIR_LDAP"
       export CURL_LIBRARY_PATH
       AC_MSG_NOTICE([Added $DIR_LDAP to CURL_LIBRARY_PATH])
@@ -2546,7 +2546,7 @@ if test x$CURL_DISABLE_LDAP != x1; then
     dnl If name is "no" then do not define this library at all
     dnl (it is only needed if libldap.so's dependencies are broken).
     dnl Skip this check if we already determined we need both libraries above
-    if test "$LBERLIBNAME" != "no" -a "$ldap_lib_ok" != "yes"; then
+    if test "$LBERLIBNAME" != "no" && test "$ldap_lib_ok" != "yes"; then
       AC_CHECK_LIB("$LBERLIBNAME", ber_free,, [
         AC_MSG_WARN(["$LBERLIBNAME" is not an LBER library: LDAP disabled])
         AC_DEFINE(CURL_DISABLE_LDAP, 1, [to disable LDAP])
@@ -2563,7 +2563,7 @@ if test x$CURL_DISABLE_LDAP != x1; then
   fi
 fi
 
-if test x$CURL_DISABLE_LDAP != x1; then
+if test "$CURL_DISABLE_LDAP" != "1"; then
   AC_CHECK_FUNCS([ldap_url_parse \
                   ldap_init_fd])
 
@@ -2571,7 +2571,7 @@ if test x$CURL_DISABLE_LDAP != x1; then
     curl_ldap_msg="enabled (winldap)"
     AC_DEFINE(USE_WIN32_LDAP, 1, [Use Windows LDAP implementation])
   else
-    if test "x$ac_cv_func_ldap_init_fd" = "xyes"; then
+    if test "$ac_cv_func_ldap_init_fd" = "yes"; then
       curl_ldap_msg="enabled (OpenLDAP)"
       AC_DEFINE(USE_OPENLDAP, 1, [Use OpenLDAP-specific code])
       USE_OPENLDAP=1
@@ -2581,7 +2581,7 @@ if test x$CURL_DISABLE_LDAP != x1; then
   fi
 fi
 
-if test x$CURL_DISABLE_LDAPS != x1; then
+if test "$CURL_DISABLE_LDAPS" != "1"; then
   curl_ldaps_msg="enabled"
 fi
 
@@ -2596,7 +2596,7 @@ AS_HELP_STRING([--with-librtmp=PATH],[Where to look for librtmp, PATH points to
 AS_HELP_STRING([--without-librtmp], [disable LIBRTMP]),
   OPT_LIBRTMP=$withval)
 
-if test X"$OPT_LIBRTMP" != Xno; then
+if test "x$OPT_LIBRTMP" != "xno"; then
   dnl backup the pre-librtmp variables
   CLEANLDFLAGS="$LDFLAGS"
   CLEANLDFLAGSPC="$LDFLAGSPC"
@@ -2660,7 +2660,7 @@ if test X"$OPT_LIBRTMP" != Xno; then
       LIBS=$CLEANLIBS
   )
 
-  if test X"$OPT_LIBRTMP" != Xoff &&
+  if test "x$OPT_LIBRTMP" != "xoff" &&
      test "$USE_LIBRTMP" != "1"; then
     AC_MSG_ERROR([librtmp libs and/or directories were not found where specified!])
   fi
@@ -2690,17 +2690,17 @@ AS_HELP_STRING([--disable-versioned-symbols], [Disable versioned symbols in shar
       AC_MSG_RESULT(yes)
       if test "x$enableval" != "xyes"; then
         versioned_symbols_flavour="$enableval"
-      elif test "x$CURL_WITH_MULTI_SSL" = "x1"; then
+      elif test "$CURL_WITH_MULTI_SSL" = "1"; then
         versioned_symbols_flavour="MULTISSL_"
-      elif test "x$OPENSSL_ENABLED" = "x1"; then
+      elif test "$OPENSSL_ENABLED" = "1"; then
         versioned_symbols_flavour="OPENSSL_"
-      elif test "x$MBEDTLS_ENABLED" = "x1"; then
+      elif test "$MBEDTLS_ENABLED" = "1"; then
         versioned_symbols_flavour="MBEDTLS_"
-      elif test "x$WOLFSSL_ENABLED" = "x1"; then
+      elif test "$WOLFSSL_ENABLED" = "1"; then
         versioned_symbols_flavour="WOLFSSL_"
-      elif test "x$GNUTLS_ENABLED" = "x1"; then
+      elif test "$GNUTLS_ENABLED" = "1"; then
         versioned_symbols_flavour="GNUTLS_"
-      elif test "x$RUSTLS_ENABLED" = "x1"; then
+      elif test "$RUSTLS_ENABLED" = "1"; then
         versioned_symbols_flavour="RUSTLS_"
       else
         versioned_symbols_flavour=""
@@ -2718,7 +2718,7 @@ AS_HELP_STRING([--disable-versioned-symbols], [Disable versioned symbols in shar
 AC_SUBST([CURL_LIBCURL_VERSIONED_SYMBOLS_PREFIX], ["$versioned_symbols_flavour"])
 AC_SUBST([CURL_LIBCURL_VERSIONED_SYMBOLS_SONAME], ["4"])  dnl Keep in sync with VERSIONCHANGE - VERSIONDEL in lib/Makefile.soname
 AM_CONDITIONAL([CURL_LT_SHLIB_USE_VERSIONED_SYMBOLS],
-  [test "x$versioned_symbols" = 'xyes'])
+  [test "$versioned_symbols" = "yes"])
 
 dnl ----------------------------
 dnl check Windows Unicode option
@@ -2726,7 +2726,7 @@ dnl ----------------------------
 
 want_winuni="no"
 if test "$curl_cv_native_windows" = "yes"; then
-  if test "$curl_cv_winuwp" = 'yes'; then
+  if test "$curl_cv_winuwp" = "yes"; then
     want_winuni="yes"
   else
     AC_MSG_CHECKING([whether to enable Windows Unicode (Windows native builds only)])
@@ -2758,7 +2758,7 @@ dnl check WinIDN option before other IDN libraries
 dnl -------------------------------------------------
 
 tst_links_winidn='no'
-if test "$curl_cv_native_windows" = 'yes'; then
+if test "$curl_cv_native_windows" = "yes"; then
   AC_MSG_CHECKING([whether to enable Windows native IDN (Windows native builds only)])
   OPT_WINIDN="default"
   AC_ARG_WITH(winidn,
@@ -2848,7 +2848,7 @@ dnl Check for the presence of AppleIDN
 dnl **********************************************************************
 
 tst_links_appleidn='no'
-if test "$curl_cv_apple" = 'yes'; then
+if test "$curl_cv_apple" = "yes"; then
   AC_MSG_CHECKING([whether to build with Apple IDN])
   OPT_IDN="default"
   AC_ARG_WITH(apple-idn,
@@ -2887,10 +2887,10 @@ AC_ARG_WITH(libidn2,
 AS_HELP_STRING([--with-libidn2=PATH],[Enable libidn2 usage])
 AS_HELP_STRING([--without-libidn2],[Disable libidn2 usage]),
   [OPT_IDN=$withval])
-if test "x$tst_links_winidn" = "xyes"; then
+if test "$tst_links_winidn" = "yes"; then
   want_idn="no"
   AC_MSG_RESULT([no (using WinIDN instead)])
-elif test "x$tst_links_appleidn" = "xyes"; then
+elif test "$tst_links_appleidn" = "yes"; then
   want_idn="no"
   AC_MSG_RESULT([no (using AppleIDN instead)])
 else
@@ -2998,7 +2998,7 @@ if test "$want_idn" = "yes"; then
 
     IDN_ENABLED=1
     curl_idn_msg="enabled (libidn2)"
-    if test -n "$IDN_DIR" -a "x$cross_compiling" != "xyes"; then
+    if test -n "$IDN_DIR" && test "$cross_compiling" != "yes"; then
       CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$IDN_DIR"
       export CURL_LIBRARY_PATH
       AC_MSG_NOTICE([Added $IDN_DIR to CURL_LIBRARY_PATH])
@@ -3020,7 +3020,7 @@ dnl **********************************************************************
 
 OPT_H2="yes"
 
-if test "x$disable_http" = "xyes"; then
+if test "$disable_http" = "yes"; then
   # without HTTP nghttp2 is no use
   OPT_H2="no"
 fi
@@ -3048,7 +3048,7 @@ case "$OPT_H2" in
     ;;
 esac
 
-if test X"$want_nghttp2" != Xno; then
+if test "$want_nghttp2" != "no"; then
   dnl backup the pre-nghttp2 variables
   CLEANLDFLAGS="$LDFLAGS"
   CLEANLDFLAGSPC="$LDFLAGSPC"
@@ -3071,12 +3071,12 @@ if test X"$want_nghttp2" != Xno; then
     AC_MSG_NOTICE([-L is $LD_H2])
 
     DIR_H2=`echo $LD_H2 | $SED -e 's/^-L//'`
-  elif test x"$want_nghttp2_path" != x; then
+  elif test -n "$want_nghttp2_path"; then
     LIB_H2="-lnghttp2"
     LD_H2=-L${want_nghttp2_path}/lib$libsuff
     CPP_H2=-I${want_nghttp2_path}/include
     DIR_H2=${want_nghttp2_path}/lib$libsuff
-  elif test X"$want_nghttp2" != Xdefault; then
+  elif test "$want_nghttp2" != "default"; then
     dnl no nghttp2 pkg-config found and no custom directory specified,
     dnl deal with it
     AC_MSG_ERROR([--with-nghttp2 was specified but could not find libnghttp2 pkg-config file.])
@@ -3118,7 +3118,7 @@ dnl **********************************************************************
 
 OPT_TCP2="no"
 
-if test "x$disable_http" = "xyes"; then
+if test "$disable_http" = "yes"; then
   # without HTTP, ngtcp2 is no use
   OPT_TCP2="no"
 fi
@@ -3145,7 +3145,7 @@ case "$OPT_TCP2" in
 esac
 
 curl_tcp2_msg="no      (--with-ngtcp2)"
-if test X"$want_tcp2" != Xno; then
+if test "$want_tcp2" != "no"; then
 
   if test "$QUIC_ENABLED" != "yes"; then
     AC_MSG_ERROR([the detected TLS library does not support QUIC, making --with-ngtcp2 a no-no])
@@ -3177,7 +3177,7 @@ if test X"$want_tcp2" != Xno; then
     CPPFLAGS="$CPPFLAGS $CPP_TCP2"
     LIBS="$LIB_TCP2 $LIBS"
 
-    if test "x$cross_compiling" != "xyes"; then
+    if test "$cross_compiling" != "yes"; then
       DIR_TCP2=`echo $LD_TCP2 | $SED -e 's/^-L//'`
     fi
     AC_CHECK_LIB(ngtcp2, ngtcp2_conn_client_new_versioned,
@@ -3200,7 +3200,7 @@ if test X"$want_tcp2" != Xno; then
 
   else
     dnl no ngtcp2 pkg-config found, deal with it
-    if test X"$want_tcp2" != Xdefault; then
+    if test "$want_tcp2" != "default"; then
       dnl To avoid link errors, we do not allow --with-ngtcp2 without
       dnl a pkgconfig file
       AC_MSG_ERROR([--with-ngtcp2 was specified but could not find ngtcp2 pkg-config file.])
@@ -3208,7 +3208,8 @@ if test X"$want_tcp2" != Xno; then
   fi
 fi
 
-if test "x$USE_NGTCP2" = "x1" -a "x$OPENSSL_ENABLED" = "x1" -a "$HAVE_LIBRESSL" = "1"; then
+if test "$USE_NGTCP2" = "1" && test "$OPENSSL_ENABLED" = "1" && test "$HAVE_LIBRESSL" = "1"; then
+
   dnl backup the pre-ngtcp2_crypto_libressl variables
   CLEANLDFLAGS="$LDFLAGS"
   CLEANLDFLAGSPC="$LDFLAGSPC"
@@ -3235,7 +3236,7 @@ if test "x$USE_NGTCP2" = "x1" -a "x$OPENSSL_ENABLED" = "x1" -a "$HAVE_LIBRESSL"
     CPPFLAGS="$CPPFLAGS $CPP_NGTCP2_CRYPTO_LIBRESSL"
     LIBS="$LIB_NGTCP2_CRYPTO_LIBRESSL $LIBS"
 
-    if test "x$cross_compiling" != "xyes"; then
+    if test "$cross_compiling" != "yes"; then
       DIR_NGTCP2_CRYPTO_LIBRESSL=`echo $LD_NGTCP2_CRYPTO_LIBRESSL | $SED -e 's/^-L//'`
     fi
     AC_CHECK_LIB(ngtcp2_crypto_libressl, ngtcp2_crypto_recv_client_initial_cb,
@@ -3257,7 +3258,7 @@ if test "x$USE_NGTCP2" = "x1" -a "x$OPENSSL_ENABLED" = "x1" -a "$HAVE_LIBRESSL"
 
   else
     dnl no ngtcp2_crypto_libressl pkg-config found, deal with it
-    if test X"$want_tcp2" != Xdefault; then
+    if test "$want_tcp2" != "default"; then
       dnl To avoid link errors, we do not allow --with-ngtcp2 without
       dnl a pkgconfig file
       AC_MSG_WARN([--with-ngtcp2 was specified but could not find ngtcp2_crypto_libressl pkg-config file.])
@@ -3267,8 +3268,9 @@ if test "x$USE_NGTCP2" = "x1" -a "x$OPENSSL_ENABLED" = "x1" -a "$HAVE_LIBRESSL"
   fi
 fi
 
-if test "x$USE_NGTCP2" = "x1" -a "x$OPENSSL_ENABLED" = "x1" -a "$HAVE_LIBRESSL" != "1" -a \
-   "x$OPENSSL_IS_BORINGSSL" != "x1" -a "x$OPENSSL_QUIC_API2" != "x1"; then
+if test "$USE_NGTCP2" = "1" && test "$OPENSSL_ENABLED" = "1" && test "$OPENSSL_IS_BORINGSSL" != "1" &&
+   test "$OPENSSL_QUIC_API2" != "1"; then
+
   dnl backup the pre-ngtcp2_crypto_quictls variables
   CLEANLDFLAGS="$LDFLAGS"
   CLEANLDFLAGSPC="$LDFLAGSPC"
@@ -3295,7 +3297,7 @@ if test "x$USE_NGTCP2" = "x1" -a "x$OPENSSL_ENABLED" = "x1" -a "$HAVE_LIBRESSL"
     CPPFLAGS="$CPPFLAGS $CPP_NGTCP2_CRYPTO_QUICTLS"
     LIBS="$LIB_NGTCP2_CRYPTO_QUICTLS $LIBS"
 
-    if test "x$cross_compiling" != "xyes"; then
+    if test "$cross_compiling" != "yes"; then
       DIR_NGTCP2_CRYPTO_QUICTLS=`echo $LD_NGTCP2_CRYPTO_QUICTLS | $SED -e 's/^-L//'`
     fi
     AC_CHECK_LIB(ngtcp2_crypto_quictls, ngtcp2_crypto_recv_client_initial_cb,
@@ -3317,7 +3319,7 @@ if test "x$USE_NGTCP2" = "x1" -a "x$OPENSSL_ENABLED" = "x1" -a "$HAVE_LIBRESSL"
 
   else
     dnl no ngtcp2_crypto_quictls pkg-config found, deal with it
-    if test X"$want_tcp2" != Xdefault; then
+    if test "$want_tcp2" != "default"; then
       dnl To avoid link errors, we do not allow --with-ngtcp2 without
       dnl a pkgconfig file
       AC_MSG_ERROR([--with-ngtcp2 was specified but could not find ngtcp2_crypto_quictls pkg-config file.])
@@ -3325,8 +3327,9 @@ if test "x$USE_NGTCP2" = "x1" -a "x$OPENSSL_ENABLED" = "x1" -a "$HAVE_LIBRESSL"
   fi
 fi
 
-if test "x$USE_NGTCP2" = "x1" -a "x$OPENSSL_ENABLED" = "x1" -a \
-   "x$OPENSSL_IS_BORINGSSL" != "x1" -a "x$OPENSSL_QUIC_API2" = "x1"; then
+if test "$USE_NGTCP2" = "1" && test "$OPENSSL_ENABLED" = "1" && test "$OPENSSL_IS_BORINGSSL" != "1" &&
+   test "$OPENSSL_QUIC_API2" = "1"; then
+
   dnl backup the pre-ngtcp2_crypto_ossl variables
   CLEANLDFLAGS="$LDFLAGS"
   CLEANLDFLAGSPC="$LDFLAGSPC"
@@ -3353,7 +3356,7 @@ if test "x$USE_NGTCP2" = "x1" -a "x$OPENSSL_ENABLED" = "x1" -a \
     CPPFLAGS="$CPPFLAGS $CPP_NGTCP2_CRYPTO_OSSL"
     LIBS="$LIB_NGTCP2_CRYPTO_OSSL $LIBS"
 
-    if test "x$cross_compiling" != "xyes"; then
+    if test "$cross_compiling" != "yes"; then
       DIR_NGTCP2_CRYPTO_OSSL=`echo $LD_NGTCP2_CRYPTO_OSSL | $SED -e 's/^-L//'`
     fi
     AC_CHECK_LIB(ngtcp2_crypto_ossl, ngtcp2_crypto_recv_client_initial_cb,
@@ -3376,7 +3379,7 @@ if test "x$USE_NGTCP2" = "x1" -a "x$OPENSSL_ENABLED" = "x1" -a \
 
   else
     dnl no ngtcp2_crypto_ossl pkg-config found, deal with it
-    if test X"$want_tcp2" != Xdefault; then
+    if test "$want_tcp2" != "default"; then
       dnl To avoid link errors, we do not allow --with-ngtcp2 without
       dnl a pkgconfig file
       AC_MSG_ERROR([--with-ngtcp2 was specified but could not find ngtcp2_crypto_ossl pkg-config file.])
@@ -3384,7 +3387,8 @@ if test "x$USE_NGTCP2" = "x1" -a "x$OPENSSL_ENABLED" = "x1" -a \
   fi
 fi
 
-if test "x$USE_NGTCP2" = "x1" -a "x$OPENSSL_ENABLED" = "x1" -a "x$OPENSSL_IS_BORINGSSL" = "x1"; then
+if test "$USE_NGTCP2" = "1" && test "$OPENSSL_ENABLED" = "1" && test "$OPENSSL_IS_BORINGSSL" = "1"; then
+
   dnl backup the pre-ngtcp2_crypto_boringssl variables
   CLEANLDFLAGS="$LDFLAGS"
   CLEANLDFLAGSPC="$LDFLAGSPC"
@@ -3411,7 +3415,7 @@ if test "x$USE_NGTCP2" = "x1" -a "x$OPENSSL_ENABLED" = "x1" -a "x$OPENSSL_IS_BOR
     CPPFLAGS="$CPPFLAGS $CPP_NGTCP2_CRYPTO_BORINGSSL"
     LIBS="$LIB_NGTCP2_CRYPTO_BORINGSSL $LIBS"
 
-    if test "x$cross_compiling" != "xyes"; then
+    if test "$cross_compiling" != "yes"; then
       DIR_NGTCP2_CRYPTO_BORINGSSL=`echo $LD_NGTCP2_CRYPTO_BORINGSSL | $SED -e 's/^-L//'`
     fi
     AC_CHECK_LIB(ngtcp2_crypto_boringssl, ngtcp2_crypto_recv_client_initial_cb,
@@ -3433,7 +3437,7 @@ if test "x$USE_NGTCP2" = "x1" -a "x$OPENSSL_ENABLED" = "x1" -a "x$OPENSSL_IS_BOR
 
   else
     dnl no ngtcp2_crypto_boringssl pkg-config found, deal with it
-    if test X"$want_tcp2" != Xdefault; then
+    if test "$want_tcp2" != "default"; then
       dnl To avoid link errors, we do not allow --with-ngtcp2 without
       dnl a pkgconfig file
       AC_MSG_ERROR([--with-ngtcp2 was specified but could not find ngtcp2_crypto_boringssl pkg-config file.])
@@ -3441,7 +3445,7 @@ if test "x$USE_NGTCP2" = "x1" -a "x$OPENSSL_ENABLED" = "x1" -a "x$OPENSSL_IS_BOR
   fi
 fi
 
-if test "x$USE_NGTCP2" = "x1" -a "x$GNUTLS_ENABLED" = "x1"; then
+if test "$USE_NGTCP2" = "1" && test "$GNUTLS_ENABLED" = "1"; then
   dnl backup the pre-ngtcp2_crypto_gnutls variables
   CLEANLDFLAGS="$LDFLAGS"
   CLEANLDFLAGSPC="$LDFLAGSPC"
@@ -3468,7 +3472,7 @@ if test "x$USE_NGTCP2" = "x1" -a "x$GNUTLS_ENABLED" = "x1"; then
     CPPFLAGS="$CPPFLAGS $CPP_NGTCP2_CRYPTO_GNUTLS"
     LIBS="$LIB_NGTCP2_CRYPTO_GNUTLS $LIBS"
 
-    if test "x$cross_compiling" != "xyes"; then
+    if test "$cross_compiling" != "yes"; then
       DIR_NGTCP2_CRYPTO_GNUTLS=`echo $LD_NGTCP2_CRYPTO_GNUTLS | $SED -e 's/^-L//'`
     fi
     AC_CHECK_LIB(ngtcp2_crypto_gnutls, ngtcp2_crypto_recv_client_initial_cb,
@@ -3490,7 +3494,7 @@ if test "x$USE_NGTCP2" = "x1" -a "x$GNUTLS_ENABLED" = "x1"; then
 
   else
     dnl no ngtcp2_crypto_gnutls pkg-config found, deal with it
-    if test X"$want_tcp2" != Xdefault; then
+    if test "$want_tcp2" != "default"; then
       dnl To avoid link errors, we do not allow --with-ngtcp2 without
       dnl a pkgconfig file
       AC_MSG_ERROR([--with-ngtcp2 was specified but could not find ngtcp2_crypto_gnutls pkg-config file.])
@@ -3498,7 +3502,7 @@ if test "x$USE_NGTCP2" = "x1" -a "x$GNUTLS_ENABLED" = "x1"; then
   fi
 fi
 
-if test "x$USE_NGTCP2" = "x1" -a "x$WOLFSSL_ENABLED" = "x1"; then
+if test "$USE_NGTCP2" = "1" && test "$WOLFSSL_ENABLED" = "1"; then
   dnl backup the pre-ngtcp2_crypto_wolfssl variables
   CLEANLDFLAGS="$LDFLAGS"
   CLEANLDFLAGSPC="$LDFLAGSPC"
@@ -3525,7 +3529,7 @@ if test "x$USE_NGTCP2" = "x1" -a "x$WOLFSSL_ENABLED" = "x1"; then
     CPPFLAGS="$CPPFLAGS $CPP_NGTCP2_CRYPTO_WOLFSSL"
     LIBS="$LIB_NGTCP2_CRYPTO_WOLFSSL $LIBS"
 
-    if test "x$cross_compiling" != "xyes"; then
+    if test "$cross_compiling" != "yes"; then
       DIR_NGTCP2_CRYPTO_WOLFSSL=`echo $LD_NGTCP2_CRYPTO_WOLFSSL | $SED -e 's/^-L//'`
     fi
     AC_CHECK_LIB(ngtcp2_crypto_wolfssl, ngtcp2_crypto_recv_client_initial_cb,
@@ -3547,7 +3551,7 @@ if test "x$USE_NGTCP2" = "x1" -a "x$WOLFSSL_ENABLED" = "x1"; then
 
   else
     dnl no ngtcp2_crypto_wolfssl pkg-config found, deal with it
-    if test X"$want_tcp2" != Xdefault; then
+    if test "$want_tcp2" != "default"; then
       dnl To avoid link errors, we do not allow --with-ngtcp2 without
       dnl a pkgconfig file
       AC_MSG_ERROR([--with-ngtcp2 was specified but could not find ngtcp2_crypto_wolfssl pkg-config file.])
@@ -3561,7 +3565,7 @@ dnl **********************************************************************
 
 OPT_OPENSSL_QUIC="no"
 
-if test "x$disable_http" = "xyes" -o "x$OPENSSL_ENABLED" != "x1"; then
+if test "$disable_http" = "yes" || test "$OPENSSL_ENABLED" != "1"; then
   # without HTTP or without openssl, no use
   OPT_OPENSSL_QUIC="no"
 fi
@@ -3582,12 +3586,12 @@ case "$OPT_OPENSSL_QUIC" in
 esac
 
 curl_openssl_quic_msg="no      (--with-openssl-quic)"
-if test "x$want_openssl_quic" = "xyes"; then
+if test "$want_openssl_quic" = "yes"; then
 
-  if test "$USE_NGTCP2" = 1; then
+  if test "$USE_NGTCP2" = "1"; then
     AC_MSG_ERROR([--with-openssl-quic and --with-ngtcp2 are mutually exclusive])
   fi
-  if test "$have_openssl_quic" != 1; then
+  if test "$have_openssl_quic" != "1"; then
     AC_MSG_ERROR([--with-openssl-quic requires quic support and OpenSSL >= 3.3.0])
   fi
   AC_DEFINE(USE_OPENSSL_QUIC, 1, [if openssl QUIC is in use])
@@ -3600,7 +3604,7 @@ dnl **********************************************************************
 
 OPT_NGHTTP3="yes"
 
-if test "x$USE_NGTCP2" != "x1" -a "x$USE_OPENSSL_QUIC" != "x1"; then
+if test "$USE_NGTCP2" != "1" && test "$USE_OPENSSL_QUIC" != "1"; then
   # without ngtcp2 or openssl quic, nghttp3 is of no use for us
   OPT_NGHTTP3="no"
   want_nghttp3="no"
@@ -3628,9 +3632,9 @@ case "$OPT_NGHTTP3" in
 esac
 
 curl_http3_msg="no      (--with-nghttp3)"
-if test X"$want_nghttp3" != Xno; then
+if test "$want_nghttp3" != "no"; then
 
-  if test "x$USE_NGTCP2" != "x1" -a "x$USE_OPENSSL_QUIC" != "x1"; then
+  if test "$USE_NGTCP2" != "1" && test "$USE_OPENSSL_QUIC" != "1"; then
     # without ngtcp2 or openssl quic, nghttp3 is of no use for us
     AC_MSG_ERROR([nghttp3 enabled without a QUIC library; enable ngtcp2 or OpenSSL-QUIC])
   fi
@@ -3661,7 +3665,7 @@ if test X"$want_nghttp3" != Xno; then
     CPPFLAGS="$CPPFLAGS $CPP_NGHTTP3"
     LIBS="$LIB_NGHTTP3 $LIBS"
 
-    if test "x$cross_compiling" != "xyes"; then
+    if test "$cross_compiling" != "yes"; then
       DIR_NGHTTP3=`echo $LD_NGHTTP3 | $SED -e 's/^-L//'`
     fi
     AC_CHECK_LIB(nghttp3, nghttp3_conn_client_new_versioned,
@@ -3684,7 +3688,7 @@ if test X"$want_nghttp3" != Xno; then
 
   else
     dnl no nghttp3 pkg-config found, deal with it
-    if test X"$want_nghttp3" != Xdefault; then
+    if test "$want_nghttp3" != "default"; then
       dnl To avoid link errors, we do not allow --with-nghttp3 without
       dnl a pkgconfig file
       AC_MSG_ERROR([--with-nghttp3 was specified but could not find nghttp3 pkg-config file.])
@@ -3696,7 +3700,7 @@ dnl **********************************************************************
 dnl Check for ngtcp2 and nghttp3 (HTTP/3 with ngtcp2 + nghttp3)
 dnl **********************************************************************
 
-if test "x$USE_NGTCP2" = "x1" -a "x$USE_NGHTTP3" = "x1"; then
+if test "$USE_NGTCP2" = "1" && test "$USE_NGHTTP3" = "1"; then
   USE_NGTCP2_H3=1
   AC_MSG_NOTICE([HTTP3 support is experimental])
   curl_h3_msg="enabled (ngtcp2 + nghttp3)"
@@ -3706,7 +3710,7 @@ dnl **********************************************************************
 dnl Check for OpenSSL and nghttp3 (HTTP/3 with nghttp3 using OpenSSL QUIC)
 dnl **********************************************************************
 
-if test "x$USE_OPENSSL_QUIC" = "x1" -a "x$USE_NGHTTP3" = "x1"; then
+if test "$USE_OPENSSL_QUIC" = "1" && test "$USE_NGHTTP3" = "1"; then
   experimental="$experimental HTTP3"
   USE_OPENSSL_H3=1
   AC_MSG_NOTICE([HTTP3 support is experimental])
@@ -3719,7 +3723,7 @@ dnl **********************************************************************
 
 OPT_QUICHE="no"
 
-if test "x$disable_http" = "xyes" -o "x$USE_NGTCP" = "x1"; then
+if test "$disable_http" = "yes" || test "$USE_NGTCP" = "1"; then
   # without HTTP or with ngtcp2, quiche is no use
   OPT_QUICHE="no"
 fi
@@ -3745,13 +3749,13 @@ case "$OPT_QUICHE" in
     ;;
 esac
 
-if test X"$want_quiche" != Xno; then
+if test "$want_quiche" != "no"; then
 
   if test "$QUIC_ENABLED" != "yes"; then
     AC_MSG_ERROR([the detected TLS library does not support QUIC, making --with-quiche a no-no])
   fi
 
-  if test "$NGHTTP3_ENABLED" = 1; then
+  if test "$NGHTTP3_ENABLED" = "1"; then
     AC_MSG_ERROR([--with-quiche and --with-ngtcp2 are mutually exclusive])
   fi
 
@@ -3781,7 +3785,7 @@ if test X"$want_quiche" != Xno; then
     CPPFLAGS="$CPPFLAGS $CPP_QUICHE"
     LIBS="$LIB_QUICHE $LIBS"
 
-    if test "x$cross_compiling" != "xyes"; then
+    if test "$cross_compiling" != "yes"; then
       DIR_QUICHE=`echo $LD_QUICHE | $SED -e 's/^-L//'`
     fi
     AC_CHECK_LIB(quiche, quiche_conn_send_ack_eliciting,
@@ -3809,7 +3813,7 @@ if test X"$want_quiche" != Xno; then
     )
   else
     dnl no quiche pkg-config found, deal with it
-    if test X"$want_quiche" != Xdefault; then
+    if test "$want_quiche" != "default"; then
       dnl To avoid link errors, we do not allow --with-quiche without
       dnl a pkgconfig file
       AC_MSG_ERROR([--with-quiche was specified but could not find quiche pkg-config file.])
@@ -3843,8 +3847,8 @@ case "$OPT_LIBUV" in
     ;;
 esac
 
-if test X"$want_libuv" != Xno; then
-  if test x$want_debug != xyes; then
+if test "$want_libuv" != "no"; then
+  if test "$want_debug" != "yes"; then
     AC_MSG_ERROR([Using libuv without debug support enabled is useless])
   fi
 
@@ -3874,7 +3878,7 @@ if test X"$want_libuv" != Xno; then
     CPPFLAGS="$CPPFLAGS $CPP_LIBUV"
     LIBS="$LIB_LIBUV $LIBS"
 
-    if test "x$cross_compiling" != "xyes"; then
+    if test "$cross_compiling" != "yes"; then
       DIR_LIBUV=`echo $LD_LIBUV | $SED -e 's/^-L//'`
     fi
     AC_CHECK_LIB(uv, uv_default_loop,
@@ -3897,7 +3901,7 @@ if test X"$want_libuv" != Xno; then
 
   else
     dnl no libuv pkg-config found, deal with it
-    if test X"$want_libuv" != Xdefault; then
+    if test "$want_libuv" != "default"; then
       dnl To avoid link errors, we do not allow --with-libuv without
       dnl a pkgconfig file
       AC_MSG_ERROR([--with-libuv was specified but could not find libuv pkg-config file.])
@@ -3930,11 +3934,11 @@ case "$OPT_ZSH_FPATH" in
     AC_SUBST(ZSH_FUNCTIONS_DIR)
     ;;
 esac
-if test -z "$PERL" -a x"$ZSH_FUNCTIONS_DIR" != x; then
+if test -z "$PERL" && test -n "$ZSH_FUNCTIONS_DIR"; then
   AC_MSG_WARN([perl was not found. Will not install zsh completions.])
   ZSH_FUNCTIONS_DIR=''
 fi
-AM_CONDITIONAL(USE_ZSH_COMPLETION, test x"$ZSH_FUNCTIONS_DIR" != x)
+AM_CONDITIONAL(USE_ZSH_COMPLETION, test -n "$ZSH_FUNCTIONS_DIR")
 
 dnl **********************************************************************
 dnl Check for fish completion path
@@ -3965,11 +3969,11 @@ case "$OPT_FISH_FPATH" in
     AC_SUBST(FISH_FUNCTIONS_DIR)
     ;;
 esac
-if test -z "$PERL" -a x"$FISH_FUNCTIONS_DIR" != x; then
+if test -z "$PERL" && test -n "$FISH_FUNCTIONS_DIR"; then
   AC_MSG_WARN([perl was not found. Will not install fish completions.])
   FISH_FUNCTIONS_DIR=''
 fi
-AM_CONDITIONAL(USE_FISH_COMPLETION, test x"$FISH_FUNCTIONS_DIR" != x)
+AM_CONDITIONAL(USE_FISH_COMPLETION, test -n "$FISH_FUNCTIONS_DIR")
 
 dnl Now check for the most basic headers. Then we can use these
 dnl ones as default-headers when checking for the rest!
@@ -4067,7 +4071,7 @@ AC_CHECK_TYPE(long long,
     [Define to 1 if the compiler supports the 'long long' data type.])]
 )
 
-if test ${ac_cv_sizeof_curl_off_t} -lt 8; then
+if test "$ac_cv_sizeof_curl_off_t" -lt 8; then
   AC_MSG_ERROR([64-bit curl_off_t is required])
 fi
 
@@ -4088,7 +4092,7 @@ AC_CHECK_TYPE([bool],[
 #endif
 ])
 
-if test "$curl_cv_native_windows" != 'yes'; then
+if test "$curl_cv_native_windows" != "yes"; then
   # check for sa_family_t
   AC_CHECK_TYPE(sa_family_t,
     AC_DEFINE(HAVE_SA_FAMILY_T, 1, [Define to 1 if symbol `sa_family_t' exists]),,
@@ -4203,7 +4207,7 @@ AC_CHECK_FUNCS([\
   utimes \
 ])
 
-if test "$curl_cv_native_windows" = 'yes'; then
+if test "$curl_cv_native_windows" = "yes"; then
   AC_MSG_CHECKING([for if_nametoindex on Windows])
   AC_LINK_IFELSE([
     AC_LANG_PROGRAM([[
@@ -4236,7 +4240,7 @@ else
 fi
 
 AC_CHECK_FUNCS([setmode])
-if test "$curl_cv_native_windows" = 'yes' -o "$curl_cv_cygwin" = 'yes'; then
+if test "$curl_cv_native_windows" = "yes" || test "$curl_cv_cygwin" = "yes"; then
   AC_CHECK_FUNCS([_setmode])
 fi
 
@@ -4244,7 +4248,7 @@ if test -z "$ssl_backends"; then
   AC_CHECK_FUNCS([arc4random])
 fi
 
-if test "$curl_cv_native_windows" != 'yes'; then
+if test "$curl_cv_native_windows" != "yes"; then
   AC_CHECK_FUNCS([fseeko])
 
   dnl On Android, the only way to know if fseeko can be used is to see if it is
@@ -4260,7 +4264,7 @@ fi
 CURL_CHECK_NONBLOCKING_SOCKET
 
 dnl set variable for use in automakefile(s)
-AM_CONDITIONAL(BUILD_DOCS, test x"$BUILD_DOCS" = x1)
+AM_CONDITIONAL(BUILD_DOCS, test "$BUILD_DOCS" = "1")
 
 dnl *************************************************************************
 dnl If the manual variable still is set, then we go with providing a built-in
@@ -4271,12 +4275,12 @@ if test "$USE_MANUAL" = "1"; then
 fi
 
 dnl set variable for use in automakefile(s)
-AM_CONDITIONAL(USE_MANUAL, test x"$USE_MANUAL" = x1)
+AM_CONDITIONAL(USE_MANUAL, test "$USE_MANUAL" = "1")
 
 CURL_CHECK_LIB_ARES
 CURL_CHECK_OPTION_THREADED_RESOLVER
 
-if test "$ipv6" = yes -a "$curl_cv_apple" = 'yes'; then
+if test "$ipv6" = "yes" && test "$curl_cv_apple" = "yes"; then
   CURL_DARWIN_SYSTEMCONFIGURATION
 fi
 
@@ -4321,7 +4325,7 @@ if test "$want_threaded_resolver" = "yes" && test "$USE_THREADS_WIN32" != "1"; t
           *-ibm-aix*)
             dnl Check if compiler is xlC
             COMPILER_VERSION=`"$CC" -qversion 2>/dev/null`
-            if test x"$COMPILER_VERSION" = "x"; then
+            if test -z "$COMPILER_VERSION"; then
               CFLAGS="$CFLAGS -pthread"
             else
               CFLAGS="$CFLAGS -qthreaded"
@@ -4340,7 +4344,7 @@ if test "$want_threaded_resolver" = "yes" && test "$USE_THREADS_WIN32" != "1"; t
                      [ CFLAGS="$save_CFLAGS"])
       fi
 
-      if test "x$USE_THREADS_POSIX" = "x1"; then
+      if test "$USE_THREADS_POSIX" = "1"; then
         AC_DEFINE(USE_THREADS_POSIX, 1, [if you want POSIX threaded DNS lookup])
         curl_res_msg="POSIX threaded"
       fi
@@ -4348,7 +4352,7 @@ if test "$want_threaded_resolver" = "yes" && test "$USE_THREADS_WIN32" != "1"; t
 fi
 
 dnl Did we find a threading option?
-if test "$want_threaded_resolver" != "no" -a "x$USE_THREADS_POSIX" != "x1" -a "x$USE_THREADS_WIN32" != "x1"; then
+if test "$want_threaded_resolver" != "no" && test "$USE_THREADS_POSIX" != "1" && test "$USE_THREADS_WIN32" != "1"; then
   AC_MSG_ERROR([Threaded resolver enabled but no thread library found])
 fi
 
@@ -4400,7 +4404,7 @@ AS_HELP_STRING([--disable-verbose],[Disable verbose strings]),
     AC_MSG_RESULT(yes)
 )
 
-if test "$curl_cv_winuwp" != 'yes'; then
+if test "$curl_cv_winuwp" != "yes"; then
   dnl ************************************************************
   dnl enable SSPI support
   dnl
@@ -4421,7 +4425,7 @@ if test "$curl_cv_winuwp" != 'yes'; then
       fi
       ;;
     *)
-      if test "x$SCHANNEL_ENABLED" = "x1"; then
+      if test "$SCHANNEL_ENABLED" = "1"; then
         # --with-schannel implies --enable-sspi
         AC_MSG_RESULT(yes)
       else
@@ -4429,7 +4433,7 @@ if test "$curl_cv_winuwp" != 'yes'; then
       fi
       ;;
     esac ],
-      if test "x$SCHANNEL_ENABLED" = "x1"; then
+      if test "$SCHANNEL_ENABLED" = "1"; then
         # --with-schannel implies --enable-sspi
         AC_MSG_RESULT(yes)
       else
@@ -4437,7 +4441,7 @@ if test "$curl_cv_winuwp" != 'yes'; then
       fi
   )
 
-  if test "x$USE_WINDOWS_SSPI" = "x1"; then
+  if test "$USE_WINDOWS_SSPI" = "1"; then
     LIBS="-lsecur32 $LIBS"
   fi
 fi
@@ -4599,7 +4603,7 @@ AS_HELP_STRING([--disable-tls-srp],[Disable TLS-SRP authentication]),
     want_tls_srp=yes
 )
 
-if test "$want_tls_srp" = "yes" && ( test "x$HAVE_GNUTLS_SRP" = "x1" || test "x$HAVE_OPENSSL_SRP" = "x1"); then
+if test "$want_tls_srp" = "yes" && (test "$HAVE_GNUTLS_SRP" = "1" || test "$HAVE_OPENSSL_SRP" = "1"); then
   AC_DEFINE(USE_TLS_SRP, 1, [Use TLS-SRP authentication])
   USE_TLS_SRP=1
   curl_tls_srp_msg="enabled"
@@ -4626,8 +4630,8 @@ AS_HELP_STRING([--disable-unix-sockets],[Disable Unix domain sockets]),
     want_unix_sockets=auto
     ]
 )
-if test "x$want_unix_sockets" != "xno"; then
-  if test "x$curl_cv_native_windows" = "xyes"; then
+if test "$want_unix_sockets" != "no"; then
+  if test "$curl_cv_native_windows" = "yes"; then
     USE_UNIX_SOCKETS=1
     AC_DEFINE(USE_UNIX_SOCKETS, 1, [Use Unix domain sockets])
     curl_unix_sockets_msg="enabled"
@@ -4637,7 +4641,7 @@ if test "x$want_unix_sockets" != "xno"; then
       USE_UNIX_SOCKETS=1
       curl_unix_sockets_msg="enabled"
     ], [
-      if test "x$want_unix_sockets" = "xyes"; then
+      if test "$want_unix_sockets" = "yes"; then
         AC_MSG_ERROR([--enable-unix-sockets is not available on this platform!])
       fi
     ], [
@@ -4774,12 +4778,12 @@ AS_HELP_STRING([--disable-form-api],[Disable form API support]),
     ;;
   *)
     AC_MSG_RESULT(yes)
-    test "$enable_mime" = no &&
+    test "x$enable_mime" = "xno" &&
       AC_MSG_ERROR(MIME support needs to be enabled in order to enable form API support)
     ;;
   esac ],
 [
-  if test "$enable_mime" = no; then
+  if test "x$enable_mime" = "xno"; then
     enable_form_api=no
     AC_MSG_RESULT(no)
     AC_DEFINE(CURL_DISABLE_FORM_API, 1, [disable form API])
@@ -4968,7 +4972,7 @@ else
   hsts="no"
 fi
 
-if test "x$hsts" != "xyes"; then
+if test "$hsts" != "yes"; then
   curl_hsts_msg="no      (--enable-hsts)";
   AC_DEFINE(CURL_DISABLE_HSTS, 1, [disable alt-svc])
 fi
@@ -4977,7 +4981,7 @@ fi
 dnl *************************************************************
 dnl check whether ECH support, if desired, is actually available
 dnl
-if test "x$want_ech" != "xno"; then
+if test "$want_ech" != "no"; then
   AC_MSG_CHECKING([whether ECH support is available])
 
   dnl assume NOT and look for sufficient condition
@@ -4988,25 +4992,25 @@ if test "x$want_ech" != "xno"; then
   ECH_SUPPORT=''
 
   dnl check for OpenSSL equivalent
-  if test "x$OPENSSL_ENABLED" = "x1"; then
+  if test "$OPENSSL_ENABLED" = "1"; then
     AC_CHECK_FUNCS(SSL_set1_ech_config_list,
       ECH_SUPPORT="$ECH_SUPPORT OpenSSL"
       ECH_ENABLED_OPENSSL=1)
   fi
-  if test "x$WOLFSSL_ENABLED" = "x1"; then
+  if test "$WOLFSSL_ENABLED" = "1"; then
     AC_CHECK_FUNCS(wolfSSL_CTX_GenerateEchConfig,
       ECH_SUPPORT="$ECH_SUPPORT wolfSSL"
       ECH_ENABLED_WOLFSSL=1)
   fi
-  if test "x$RUSTLS_ENABLED" = "x1"; then
+  if test "$RUSTLS_ENABLED" = "1"; then
     ECH_SUPPORT="$ECH_SUPPORT rustls-ffi"
     ECH_ENABLED_RUSTLS=1
   fi
 
   dnl now deal with whatever we found
-  if test "x$ECH_ENABLED_OPENSSL" = "x1" -o \
-          "x$ECH_ENABLED_WOLFSSL" = "x1" -o \
-          "x$ECH_ENABLED_RUSTLS" = "x1"; then
+  if test "$ECH_ENABLED_OPENSSL" = "1" ||
+     test "$ECH_ENABLED_WOLFSSL" = "1" ||
+     test "$ECH_ENABLED_RUSTLS" = "1"; then
     AC_DEFINE(USE_ECH, 1, [if ECH support is available])
     AC_MSG_RESULT(ECH support available via:$ECH_SUPPORT)
     experimental="$experimental ECH"
@@ -5022,7 +5026,7 @@ AC_MSG_CHECKING([whether to enable HTTPS-RR support])
 dnl *************************************************************
 dnl check whether HTTPSRR support if desired
 dnl
-if test "x$want_httpsrr" != "xno"; then
+if test "$want_httpsrr" != "no"; then
   AC_MSG_RESULT([yes])
   AC_DEFINE(USE_HTTPSRR, 1, [enable HTTPS RR support])
   experimental="$experimental HTTPSRR"
@@ -5032,7 +5036,7 @@ else
   # no HTTPSRR wanted
   if test "$want_threaded_resolver" = "yes"; then
     # and using the threaded resolver
-    if test "x$USE_ARES" = "x1"; then
+    if test "$USE_ARES" = "1"; then
       AC_MSG_ERROR([without HTTPS-RR support, asking for both threaded resolver and c-ares support is ambivalent. Please drop one of them.])
     fi
   fi
@@ -5042,11 +5046,11 @@ fi
 dnl *************************************************************
 dnl check whether OpenSSL (lookalikes) have SSL_set0_wbio
 dnl
-if test "x$OPENSSL_ENABLED" = "x1"; then
+if test "$OPENSSL_ENABLED" = "1"; then
   AC_CHECK_FUNCS([SSL_set0_wbio])
 fi
 
-if test "x$CURL_DISABLE_HTTP" != "x1"; then
+if test "$CURL_DISABLE_HTTP" != "1"; then
   dnl *************************************************************
   dnl WebSockets
   dnl
@@ -5061,7 +5065,7 @@ if test "x$CURL_DISABLE_HTTP" != "x1"; then
       CURL_DISABLE_WEBSOCKETS=1
       ;;
     *)
-      if test ${ac_cv_sizeof_curl_off_t} -gt 4; then
+      if test "$ac_cv_sizeof_curl_off_t" -gt 4; then
         AC_MSG_RESULT(yes)
       else
         dnl WebSockets requires >32-bit curl_off_t
@@ -5083,14 +5087,14 @@ fi
 dnl *************************************************************
 dnl check whether experimental SSL Session Im-/Export is enabled
 dnl
-if test "x$want_ssls_export" != "xno"; then
+if test "$want_ssls_export" != "no"; then
   AC_MSG_CHECKING([whether SSL session export support is available])
 
   dnl assume NOT and look for sufficient condition
   SSLS_EXPORT_ENABLED=0
   SSLS_EXPORT_SUPPORT=''
 
-  if test "x$SSL_ENABLED" != "x1"; then
+  if test "$SSL_ENABLED" != "1"; then
     AC_MSG_WARN([--enable-ssls-export ignored: No SSL support])
   else
     SSLS_EXPORT_ENABLED=1
@@ -5139,7 +5143,7 @@ dnl all link targets in given makefile.
 BLANK_AT_MAKETIME=
 AC_SUBST(BLANK_AT_MAKETIME)
 
-AM_CONDITIONAL(CROSSCOMPILING, test x$cross_compiling = xyes)
+AM_CONDITIONAL(CROSSCOMPILING, test "$cross_compiling" = "yes")
 
 dnl yes or no
 ENABLE_SHARED="$enable_shared"
@@ -5155,7 +5159,7 @@ LIBCURL_PC_REQUIRES_PRIVATE=`echo $LIBCURL_PC_REQUIRES_PRIVATE | tr ' ' ','`
 AC_SUBST(LIBCURL_PC_REQUIRES_PRIVATE)
 
 dnl Merge pkg-config private fields into public ones when static-only
-if test "x$enable_shared" = "xno"; then
+if test "$enable_shared" = "no"; then
   LIBCURL_PC_REQUIRES=$LIBCURL_PC_REQUIRES_PRIVATE
   LIBCURL_PC_LIBS=$LIBCURL_PC_LIBS_PRIVATE
 else
@@ -5172,119 +5176,117 @@ dnl For keeping supported features and protocols also in pkg-config file
 dnl since it is more cross-compile friendly than curl-config
 dnl
 
-if test "x$OPENSSL_ENABLED" = "x1"; then
+if test "$OPENSSL_ENABLED" = "1"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES SSL"
 elif test -n "$SSL_ENABLED"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES SSL"
 fi
-if test "x$IPV6_ENABLED" = "x1"; then
+if test "$IPV6_ENABLED" = "1"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES IPv6"
 fi
-if test "x$USE_UNIX_SOCKETS" = "x1"; then
+if test "$USE_UNIX_SOCKETS" = "1"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES UnixSockets"
 fi
-if test "x$HAVE_LIBZ" = "x1"; then
+if test "$HAVE_LIBZ" = "1"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES libz"
 fi
-if test "x$HAVE_BROTLI" = "x1"; then
+if test "$HAVE_BROTLI" = "1"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES brotli"
 fi
-if test "x$HAVE_ZSTD" = "x1"; then
+if test "$HAVE_ZSTD" = "1"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES zstd"
 fi
-if test "x$USE_ARES" = "x1" -o "x$USE_THREADS_POSIX" = "x1" \
-                            -o "x$USE_THREADS_WIN32" = "x1"; then
+if test "$USE_ARES" = "1" || test "$USE_THREADS_POSIX" = "1" || test "$USE_THREADS_WIN32" = "1"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES AsynchDNS"
 fi
-if test "x$USE_ARES" = "x1" -a "$want_threaded_resolver" = "yes" -a "x$want_httpsrr" != "xno"; then
+if test "$USE_ARES" = "1" && test "$want_threaded_resolver" = "yes" && test "$want_httpsrr" != "no"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES asyn-rr"
 fi
-if test "x$IDN_ENABLED" = "x1"; then
+if test "$IDN_ENABLED" = "1"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES IDN"
 fi
-if test "x$USE_WINDOWS_SSPI" = "x1"; then
+if test "$USE_WINDOWS_SSPI" = "1"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES SSPI"
 fi
 
-if test "x$HAVE_GSSAPI" = "x1"; then
+if test "$HAVE_GSSAPI" = "1"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES GSS-API"
 fi
 
-if test "x$curl_psl_msg" = "xenabled"; then
+if test "$curl_psl_msg" = "enabled"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES PSL"
 fi
 
-if test "x$curl_gsasl_msg" = "xenabled"; then
+if test "$curl_gsasl_msg" = "enabled"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES gsasl"
 fi
 
-if test "x$enable_altsvc" = "xyes"; then
+if test "$enable_altsvc" = "yes"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES alt-svc"
 fi
-if test "x$hsts" = "xyes"; then
+if test "$hsts" = "yes"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES HSTS"
 fi
 
-if test "x$CURL_DISABLE_NEGOTIATE_AUTH" != "x1" -a \
-    \( "x$HAVE_GSSAPI" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \); then
+if test "$CURL_DISABLE_NEGOTIATE_AUTH" != "1" && (test "$HAVE_GSSAPI" = "1" || test "$USE_WINDOWS_SSPI" = "1"); then
   SUPPORT_FEATURES="$SUPPORT_FEATURES SPNEGO"
 fi
 
-if test "x$CURL_DISABLE_KERBEROS_AUTH" != "x1" -a \
-    \( "x$HAVE_GSSAPI" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \); then
+if test "$CURL_DISABLE_KERBEROS_AUTH" != "1" && (test "$HAVE_GSSAPI" = "1" || test "$USE_WINDOWS_SSPI" = "1"); then
   SUPPORT_FEATURES="$SUPPORT_FEATURES Kerberos"
 fi
 
 use_curl_ntlm_core=no
 
-if test "x$CURL_DISABLE_NTLM" != "x1"; then
-  if test "x$HAVE_DES_ECB_ENCRYPT" = "x1" \
-      -o "x$GNUTLS_ENABLED" = "x1" \
-      -o "x$USE_WIN32_CRYPTO" = "x1" \
-      -o "x$HAVE_WOLFSSL_DES_ECB_ENCRYPT" = "x1" \
-      -o "x$HAVE_MBEDTLS_DES_CRYPT_ECB" = "x1"; then
+if test "$CURL_DISABLE_NTLM" != "1"; then
+  if test "$HAVE_DES_ECB_ENCRYPT" = "1" ||
+     test "$GNUTLS_ENABLED" = "1" ||
+     test "$USE_WIN32_CRYPTO" = "1" ||
+     test "$HAVE_WOLFSSL_DES_ECB_ENCRYPT" = "1" ||
+     test "$HAVE_MBEDTLS_DES_CRYPT_ECB" = "1"; then
     use_curl_ntlm_core=yes
   fi
 
-  if test "x$use_curl_ntlm_core" = "xyes" \
-      -o "x$USE_WINDOWS_SSPI" = "x1"; then
+  if test "$use_curl_ntlm_core" = "yes" ||
+     test "$USE_WINDOWS_SSPI" = "1"; then
     SUPPORT_FEATURES="$SUPPORT_FEATURES NTLM"
   fi
 fi
 
-if test "x$USE_TLS_SRP" = "x1"; then
+if test "$USE_TLS_SRP" = "1"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES TLS-SRP"
 fi
 
-if test "x$USE_NGHTTP2" = "x1"; then
+if test "$USE_NGHTTP2" = "1"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES HTTP2"
 fi
 
-if test "x$USE_NGTCP2_H3" = "x1" -o "x$USE_QUICHE" = "x1" \
-    -o "x$USE_OPENSSL_H3" = "x1"; then
-  if test "x$CURL_WITH_MULTI_SSL" = "x1"; then
+if test "$USE_NGTCP2_H3" = "1" ||
+   test "$USE_QUICHE" = "1" ||
+   test "$USE_OPENSSL_H3" = "1"; then
+  if test "$CURL_WITH_MULTI_SSL" = "1"; then
     AC_MSG_ERROR([MultiSSL cannot be enabled with HTTP/3 and vice versa])
   fi
   SUPPORT_FEATURES="$SUPPORT_FEATURES HTTP3"
 fi
 
-if test "x$CURL_WITH_MULTI_SSL" = "x1"; then
+if test "$CURL_WITH_MULTI_SSL" = "1"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES MultiSSL"
 fi
 
 AC_MSG_CHECKING([if this build supports HTTPS-proxy])
 dnl if not explicitly turned off, HTTPS-proxy comes with some TLS backends
-if test "x$CURL_DISABLE_HTTP" != "x1"; then
-  if test "x$https_proxy" != "xno"; then
-    if test "x$OPENSSL_ENABLED" = "x1" \
-        -o "x$GNUTLS_ENABLED" = "x1" \
-        -o "x$RUSTLS_ENABLED" = "x1" \
-        -o "x$SCHANNEL_ENABLED" = "x1" \
-        -o "x$GNUTLS_ENABLED" = "x1" \
-        -o "x$MBEDTLS_ENABLED" = "x1"; then
+if test "$CURL_DISABLE_HTTP" != "1"; then
+  if test "$https_proxy" != "no"; then
+    if test "$OPENSSL_ENABLED" = "1" ||
+       test "$GNUTLS_ENABLED" = "1" ||
+       test "$RUSTLS_ENABLED" = "1" ||
+       test "$SCHANNEL_ENABLED" = "1" ||
+       test "$GNUTLS_ENABLED" = "1" ||
+       test "$MBEDTLS_ENABLED" = "1"; then
       SUPPORT_FEATURES="$SUPPORT_FEATURES HTTPS-proxy"
       AC_MSG_RESULT([yes])
-    elif test "x$WOLFSSL_ENABLED" = "x1" -a "x$HAVE_WOLFSSL_BIO_NEW" = "x1"; then
+    elif test "$WOLFSSL_ENABLED" = "1" && test "$HAVE_WOLFSSL_BIO_NEW" = "1"; then
       SUPPORT_FEATURES="$SUPPORT_FEATURES HTTPS-proxy"
       AC_MSG_RESULT([yes])
     else
@@ -5297,35 +5299,34 @@ else
   AC_MSG_RESULT([no])
 fi
 
-if test "x$OPENSSL_ENABLED" = "x1" -o -n "$SSL_ENABLED"; then
-  if test "x$ECH_ENABLED" = "x1"; then
+if test "$OPENSSL_ENABLED" = "1" || test -n "$SSL_ENABLED"; then
+  if test "$ECH_ENABLED" = "1"; then
     SUPPORT_FEATURES="$SUPPORT_FEATURES ECH"
   fi
 fi
 
-if test "x$APPLE_SECTRUST_ENABLED" = "x1"; then
+if test "$APPLE_SECTRUST_ENABLED" = "1"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES AppleSecTrust"
 fi
 
-if test "x$want_httpsrr" != "xno"; then
+if test "$want_httpsrr" != "no"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES HTTPSRR"
 fi
 
-if test "x$SSLS_EXPORT_ENABLED" = "x1"; then
+if test "$SSLS_EXPORT_ENABLED" = "1"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES SSLS-EXPORT"
 fi
 
-if test ${ac_cv_sizeof_curl_off_t} -gt 4; then
-  if test ${ac_cv_sizeof_off_t} -gt 4 -o \
-     "$curl_cv_native_windows" = "yes"; then
+if test "$ac_cv_sizeof_curl_off_t" -gt 4; then
+  if test "$ac_cv_sizeof_off_t" -gt 4 ||
+     test "$curl_cv_native_windows" = "yes"; then
     SUPPORT_FEATURES="$SUPPORT_FEATURES Largefile"
   fi
 fi
 
 if test "$tst_atomic" = "yes"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES threadsafe"
-elif test "x$USE_THREADS_POSIX" = "x1" -a \
-     "x$ac_cv_header_pthread_h" = "xyes"; then
+elif test "$USE_THREADS_POSIX" = "1" && test "$ac_cv_header_pthread_h" = "yes"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES threadsafe"
 else
   AC_COMPILE_IFELSE([
@@ -5342,16 +5343,16 @@ else
   ])
 fi
 
-if test "x$want_winuni" = "xyes"; then
+if test "$want_winuni" = "yes"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES Unicode"
 fi
-if test "x$want_debug" = "xyes"; then
+if test "$want_debug" = "yes"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES Debug"
 fi
-if test "x$want_curldebug" = "xyes"; then
+if test "$want_curldebug" = "yes"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES TrackMemory"
 fi
-if test "x$CURL_CA_EMBED" != "x"; then
+if test -n "$CURL_CA_EMBED"; then
   SUPPORT_FEATURES="$SUPPORT_FEATURES CAcert"
   CURL_CA_EMBED_msg="$CURL_CA_EMBED"
 else
@@ -5369,93 +5370,92 @@ fi
 AC_SUBST(SUPPORT_FEATURES)
 
 dnl For supported protocols in pkg-config file
-if test "x$CURL_DISABLE_HTTP" != "x1"; then
+if test "$CURL_DISABLE_HTTP" != "1"; then
   SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS HTTP"
-  if test "x$SSL_ENABLED" = "x1"; then
+  if test "$SSL_ENABLED" = "1"; then
     SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS HTTPS"
   fi
 fi
-if test "x$CURL_DISABLE_FTP" != "x1"; then
+if test "$CURL_DISABLE_FTP" != "1"; then
   SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS FTP"
-  if test "x$SSL_ENABLED" = "x1"; then
+  if test "$SSL_ENABLED" = "1"; then
     SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS FTPS"
   fi
 fi
-if test "x$CURL_DISABLE_FILE" != "x1"; then
+if test "$CURL_DISABLE_FILE" != "1"; then
   SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS FILE"
 fi
-if test "x$CURL_DISABLE_TELNET" != "x1"; then
+if test "$CURL_DISABLE_TELNET" != "1"; then
   SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS TELNET"
 fi
-if test "x$CURL_DISABLE_LDAP" != "x1"; then
+if test "$CURL_DISABLE_LDAP" != "1"; then
   SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS LDAP"
-  if test "x$CURL_DISABLE_LDAPS" != "x1"; then
-    if (test "x$USE_OPENLDAP" = "x1" && test "x$SSL_ENABLED" = "x1") ||
-      (test "x$USE_OPENLDAP" != "x1" && test "x$HAVE_LDAP_SSL" = "x1"); then
+  if test "$CURL_DISABLE_LDAPS" != "1"; then
+    if (test "$USE_OPENLDAP" = "1" && test "$SSL_ENABLED" = "1") ||
+       (test "$USE_OPENLDAP" != "1" && test "$HAVE_LDAP_SSL" = "1"); then
       SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS LDAPS"
     fi
   fi
 fi
-if test "x$CURL_DISABLE_DICT" != "x1"; then
+if test "$CURL_DISABLE_DICT" != "1"; then
   SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS DICT"
 fi
-if test "x$CURL_DISABLE_TFTP" != "x1"; then
+if test "$CURL_DISABLE_TFTP" != "1"; then
   SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS TFTP"
 fi
-if test "x$CURL_DISABLE_GOPHER" != "x1"; then
+if test "$CURL_DISABLE_GOPHER" != "1"; then
   SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS GOPHER"
-  if test "x$SSL_ENABLED" = "x1"; then
+  if test "$SSL_ENABLED" = "1"; then
     SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS GOPHERS"
   fi
 fi
-if test "x$CURL_DISABLE_MQTT" != "x1"; then
+if test "$CURL_DISABLE_MQTT" != "1"; then
   SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS MQTT"
 fi
-if test "x$CURL_DISABLE_POP3" != "x1"; then
+if test "$CURL_DISABLE_POP3" != "1"; then
   SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS POP3"
-  if test "x$SSL_ENABLED" = "x1"; then
+  if test "$SSL_ENABLED" = "1"; then
     SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS POP3S"
   fi
 fi
-if test "x$CURL_DISABLE_IMAP" != "x1"; then
+if test "$CURL_DISABLE_IMAP" != "1"; then
   SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS IMAP"
-  if test "x$SSL_ENABLED" = "x1"; then
+  if test "$SSL_ENABLED" = "1"; then
     SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS IMAPS"
   fi
 fi
-if test "x$CURL_DISABLE_SMB" != "x1" \
-    -a "x$use_curl_ntlm_core" = "xyes"; then
+if test "$CURL_DISABLE_SMB" != "1" && test "$use_curl_ntlm_core" = "yes"; then
   SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS SMB"
-  if test "x$SSL_ENABLED" = "x1"; then
+  if test "$SSL_ENABLED" = "1"; then
     SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS SMBS"
   fi
 fi
-if test "x$CURL_DISABLE_SMTP" != "x1"; then
+if test "$CURL_DISABLE_SMTP" != "1"; then
   SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS SMTP"
-  if test "x$SSL_ENABLED" = "x1"; then
+  if test "$SSL_ENABLED" = "1"; then
     SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS SMTPS"
   fi
 fi
-if test "x$USE_LIBSSH2" = "x1"; then
+if test "$USE_LIBSSH2" = "1"; then
   SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS SCP"
   SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS SFTP"
 fi
-if test "x$USE_LIBSSH" = "x1"; then
+if test "$USE_LIBSSH" = "1"; then
   SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS SCP"
   SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS SFTP"
 fi
-if test "x$CURL_DISABLE_IPFS" != "x1"; then
+if test "$CURL_DISABLE_IPFS" != "1"; then
   SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS IPFS IPNS"
 fi
-if test "x$CURL_DISABLE_RTSP" != "x1"; then
+if test "$CURL_DISABLE_RTSP" != "1"; then
   SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS RTSP"
 fi
-if test "x$USE_LIBRTMP" = "x1"; then
+if test "$USE_LIBRTMP" = "1"; then
   SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS RTMP"
 fi
-if test "x$CURL_DISABLE_WEBSOCKETS" != "x1"; then
+if test "$CURL_DISABLE_WEBSOCKETS" != "1"; then
   SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS WS"
-  if test "x$SSL_ENABLED" = "x1"; then
+  if test "$SSL_ENABLED" = "1"; then
     SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS WSS"
   fi
 fi
@@ -5487,8 +5487,8 @@ XC_CHECK_BUILD_FLAGS
 SSL_BACKENDS=${ssl_backends}
 AC_SUBST(SSL_BACKENDS)
 
-if test "x$want_curldebug_assumed" = "xyes" &&
-  test "x$want_curldebug" = "xyes" && test "x$USE_ARES" = "x1"; then
+if test "$want_curldebug_assumed" = "yes" &&
+   test "$want_curldebug" = "yes" && test "$USE_ARES" = "1"; then
   ac_configure_args="$ac_configure_args --enable-curldebug"
 fi
 
diff --git a/curl-config.in b/curl-config.in
index ce23519c33..a1c8185875 100644
--- a/curl-config.in
+++ b/curl-config.in
@@ -149,7 +149,7 @@ while test "$#" -gt 0; do
     ;;
 
   --libs)
-    if test "@libdir@" != '/usr/lib' -a "@libdir@" != '/usr/lib64'; then
+    if test "@libdir@" != '/usr/lib' && test "@libdir@" != '/usr/lib64'; then
       curllibdir="-L@libdir@ "
     else
       curllibdir=''
diff --git a/docs/libcurl/libcurl.m4 b/docs/libcurl/libcurl.m4
index 973493f03a..96248ddc25 100644
--- a/docs/libcurl/libcurl.m4
+++ b/docs/libcurl/libcurl.m4
@@ -86,7 +86,7 @@ AC_DEFUN([LIBCURL_CHECK_CONFIG],
     AS_HELP_STRING([--with-libcurl=PREFIX],[look for the curl library in PREFIX/lib and headers in PREFIX/include]),
     [_libcurl_with=$withval],[_libcurl_with=ifelse([$1],,[yes],[$1])])
 
-  if test "$_libcurl_with" != "no"; then
+  if test "x$_libcurl_with" != "xno"; then
 
     AC_PROG_AWK
 
@@ -102,7 +102,7 @@ AC_DEFUN([LIBCURL_CHECK_CONFIG],
       AC_PATH_PROG([_libcurl_config],[curl-config],[],[$PATH])
     fi
 
-    if test x$_libcurl_config != "x"; then
+    if test -n "$_libcurl_config"; then
       AC_CACHE_CHECK([for the version of libcurl],
         [libcurl_cv_lib_curl_version],
         [libcurl_cv_lib_curl_version=`$_libcurl_config --version | $AWK '{print $[]2}'`])
@@ -110,11 +110,11 @@ AC_DEFUN([LIBCURL_CHECK_CONFIG],
       _libcurl_version=`echo $libcurl_cv_lib_curl_version | $_libcurl_version_parse`
       _libcurl_wanted=`echo ifelse([$2],,[0],[$2]) | $_libcurl_version_parse`
 
-      if test $_libcurl_wanted -gt 0; then
+      if test "$_libcurl_wanted" -gt 0; then
         AC_CACHE_CHECK([for libcurl >= version $2],
           [libcurl_cv_lib_version_ok],
           [
-          if test $_libcurl_version -ge $_libcurl_wanted; then
+          if test "$_libcurl_version" -ge "$_libcurl_wanted"; then
             libcurl_cv_lib_version_ok=yes
           else
             libcurl_cv_lib_version_ok=no
@@ -122,11 +122,11 @@ AC_DEFUN([LIBCURL_CHECK_CONFIG],
           ])
       fi
 
-      if test $_libcurl_wanted -eq 0 || test x$libcurl_cv_lib_version_ok = xyes; then
-        if test x"$LIBCURL_CPPFLAGS" = "x"; then
+      if test "$_libcurl_wanted" -eq 0 || test "$libcurl_cv_lib_version_ok" = "yes"; then
+        if test -z "$LIBCURL_CPPFLAGS"; then
           LIBCURL_CPPFLAGS=`$_libcurl_config --cflags`
         fi
-        if test x"$LIBCURL" = "x"; then
+        if test -z "$LIBCURL"; then
           LIBCURL=`$_libcurl_config --libs`
 
           # This is so silly, but Apple actually has a bug in their
@@ -143,7 +143,7 @@ AC_DEFUN([LIBCURL_CHECK_CONFIG],
         _libcurl_features=`$_libcurl_config --feature`
 
         # Is it modern enough to have --protocols? (7.12.4)
-        if test $_libcurl_version -ge 461828; then
+        if test "$_libcurl_version" -ge 461828; then
           _libcurl_protocols=`$_libcurl_config --protocols`
         fi
       else
@@ -153,7 +153,7 @@ AC_DEFUN([LIBCURL_CHECK_CONFIG],
       unset _libcurl_wanted
     fi
 
-    if test $_libcurl_try_link = yes; then
+    if test "$_libcurl_try_link" = "yes"; then
 
       # we did not find curl-config, so let's see if the user-supplied
       # link line (or failing that, "-lcurl") is enough.
@@ -187,7 +187,7 @@ AC_DEFUN([LIBCURL_CHECK_CONFIG],
         unset _libcurl_save_libs
         ])
 
-      if test $libcurl_cv_lib_curl_usable = yes; then
+      if test "$libcurl_cv_lib_curl_usable" = "yes"; then
 
         # Does curl_free() exist in this version of libcurl?
         # If not, fake it with free()
@@ -217,25 +217,25 @@ AC_DEFUN([LIBCURL_CHECK_CONFIG],
           eval AS_TR_SH(libcurl_feature_$_libcurl_feature)=yes
         done
 
-        if test "x$_libcurl_protocols" = "x"; then
+        if test -z "$_libcurl_protocols"; then
 
           # We do not have --protocols, so just assume that all
           # protocols are available
           _libcurl_protocols="HTTP FTP FILE TELNET LDAP DICT TFTP"
 
-          if test x$libcurl_feature_SSL = xyes; then
+          if test "$libcurl_feature_SSL" = "yes"; then
             _libcurl_protocols="$_libcurl_protocols HTTPS"
 
             # FTPS was not standards-compliant until version
             # 7.11.0 (0x070b00 == 461568)
-            if test $_libcurl_version -ge 461568; then
+            if test "$_libcurl_version" -ge 461568; then
               _libcurl_protocols="$_libcurl_protocols FTPS"
             fi
           fi
 
           # RTSP, IMAP, POP3 and SMTP were added in
           # 7.20.0 (0x071400 == 463872)
-          if test $_libcurl_version -ge 463872; then
+          if test "$_libcurl_version" -ge 463872; then
             _libcurl_protocols="$_libcurl_protocols RTSP IMAP POP3 SMTP"
           fi
         fi
@@ -261,7 +261,7 @@ AC_DEFUN([LIBCURL_CHECK_CONFIG],
     unset _libcurl_ldflags
   fi
 
-  if test x$_libcurl_with = xno || test x$libcurl_cv_lib_curl_usable != xyes; then
+  if test "x$_libcurl_with" = "xno" || test "$libcurl_cv_lib_curl_usable" != "yes"; then
     # This is the IF-NO path
     ifelse([$4],,:,[$4])
   else
diff --git a/m4/curl-amissl.m4 b/m4/curl-amissl.m4
index a70a536632..86468890e8 100644
--- a/m4/curl-amissl.m4
+++ b/m4/curl-amissl.m4
@@ -25,7 +25,7 @@
 AC_DEFUN([CURL_WITH_AMISSL], [
 AC_MSG_CHECKING([whether to enable Amiga native SSL/TLS (AmiSSL v5)])
 if test "$HAVE_PROTO_BSDSOCKET_H" = "1"; then
-  if test "x$OPT_AMISSL" != xno; then
+  if test "x$OPT_AMISSL" != "xno"; then
     ssl_msg=
     AC_COMPILE_IFELSE([
       AC_LANG_PROGRAM([[
@@ -43,7 +43,7 @@ if test "$HAVE_PROTO_BSDSOCKET_H" = "1"; then
     ],[
       AC_MSG_RESULT([yes])
       ssl_msg="AmiSSL"
-      test amissl != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
+      test "amissl" != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
       AMISSL_ENABLED=1
       OPENSSL_ENABLED=1
       # Use AmiSSL's built-in ca bundle
diff --git a/m4/curl-apple-sectrust.m4 b/m4/curl-apple-sectrust.m4
index d42fe860a5..c70b7ac8cd 100644
--- a/m4/curl-apple-sectrust.m4
+++ b/m4/curl-apple-sectrust.m4
@@ -24,7 +24,7 @@
 
 AC_DEFUN([CURL_WITH_APPLE_SECTRUST], [
 AC_MSG_CHECKING([whether to enable Apple OS native certificate validation])
-if test "x$OPT_APPLE_SECTRUST" = xyes; then
+if test "x$OPT_APPLE_SECTRUST" = "xyes"; then
   AC_COMPILE_IFELSE([
     AC_LANG_PROGRAM([[
       #include 
@@ -41,10 +41,10 @@ if test "x$OPT_APPLE_SECTRUST" = xyes; then
   ],[
     build_for_apple="no"
   ])
-  if test "x$build_for_apple" = "xno"; then
+  if test "$build_for_apple" = "no"; then
     AC_MSG_ERROR([Apple SecTrust can only be enabled for Apple OS targets])
   fi
-  if test "x$OPENSSL_ENABLED" = "x1" -o "x$GNUTLS_ENABLED" = "x1"; then
+  if test "$OPENSSL_ENABLED" = "1" || test "$GNUTLS_ENABLED" = "1"; then
     AC_MSG_RESULT(yes)
     AC_DEFINE(USE_APPLE_SECTRUST, 1, [enable Apple OS certificate validation])
     APPLE_SECTRUST_ENABLED=1
diff --git a/m4/curl-compilers.m4 b/m4/curl-compilers.m4
index 343391d602..7b4b5bed23 100644
--- a/m4/curl-compilers.m4
+++ b/m4/curl-compilers.m4
@@ -88,7 +88,7 @@ AC_DEFUN([CURL_CHECK_COMPILER_CLANG], [
     AC_MSG_RESULT([yes])
     AC_MSG_CHECKING([if compiler is xlclang])
     CURL_CHECK_DEF([__ibmxl__], [], [silent])
-    if test "$curl_cv_have_def___ibmxl__" = "yes" ; then
+    if test "$curl_cv_have_def___ibmxl__" = "yes"; then
       dnl IBM's almost-compatible clang version
       AC_MSG_RESULT([yes])
       compiler_id="XLCLANG"
@@ -118,7 +118,7 @@ AC_DEFUN([CURL_CHECK_COMPILER_CLANG], [
     clangvlo=`echo $clangver | cut -d . -f2`
     compiler_ver="$clangver"
     compiler_num=`(expr $clangvhi "*" 100 + $clangvlo) 2>/dev/null`
-    if test "$appleclang" = '1' && test "$oldapple" = '0'; then
+    if test "$appleclang" = "1" && test "$oldapple" = "0"; then
       dnl Starting with Xcode 7 / clang 3.7, Apple clang does not tell its upstream version
       if   test "$compiler_num" -ge '1700'; then compiler_num='1901'
       elif test "$compiler_num" -ge '1600'; then compiler_num='1700'
@@ -396,7 +396,8 @@ AC_DEFUN([CURL_CONVERT_INCLUDE_TO_ISYSTEM], [
   AC_REQUIRE([CURL_CHECK_COMPILER])dnl
   AC_MSG_CHECKING([convert -I options to -isystem])
   if test "$compiler_id" = "GNU_C" ||
-    test "$compiler_id" = "CLANG" -o "$compiler_id" = "APPLECLANG"; then
+     test "$compiler_id" = "CLANG" ||
+     test "$compiler_id" = "APPLECLANG"; then
     AC_MSG_RESULT([yes])
     tmp_has_include="no"
     tmp_chg_FLAGS="$CFLAGS"
@@ -475,7 +476,7 @@ AC_DEFUN([CURL_COMPILER_WORKS_IFELSE], [
     ])
   fi
   dnl only do runtime verification when not cross-compiling
-  if test "x$cross_compiling" != "xyes" &&
+  if test "$cross_compiling" != "yes" &&
     test "$tmp_compiler_works" = "yes"; then
     CURL_RUN_IFELSE([
       AC_LANG_PROGRAM([[
@@ -632,7 +633,7 @@ AC_DEFUN([CURL_SET_COMPILER_BASIC_OPTS], [
     squeeze tmp_CPPFLAGS
     squeeze tmp_CFLAGS
     #
-    if test ! -z "$tmp_CFLAGS" || test ! -z "$tmp_CPPFLAGS"; then
+    if test -n "$tmp_CFLAGS" || test -n "$tmp_CPPFLAGS"; then
       AC_MSG_CHECKING([if compiler accepts some basic options])
       CPPFLAGS="$tmp_save_CPPFLAGS $tmp_CPPFLAGS"
       CFLAGS="$tmp_save_CFLAGS $tmp_CFLAGS"
@@ -972,7 +973,7 @@ AC_DEFUN([CURL_SET_COMPILER_WARNING_OPTS], [
           #
           dnl Do not enable -pedantic when cross-compiling with a gcc older
           dnl than 3.0, to avoid warnings from third party system headers.
-          if test "x$cross_compiling" != "xyes" ||
+          if test "$cross_compiling" != "yes" ||
             test "$compiler_num" -ge "300"; then
             tmp_CFLAGS="$tmp_CFLAGS -pedantic"
           fi
@@ -985,7 +986,7 @@ AC_DEFUN([CURL_SET_COMPILER_WARNING_OPTS], [
           if test "$compiler_num" -ge "104"; then
             CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [pointer-arith write-strings])
             dnl If not cross-compiling with a gcc older than 3.0
-            if test "x$cross_compiling" != "xyes" ||
+            if test "$cross_compiling" != "yes" ||
               test "$compiler_num" -ge "300"; then
               CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [unused shadow])
             fi
@@ -995,7 +996,7 @@ AC_DEFUN([CURL_SET_COMPILER_WARNING_OPTS], [
           if test "$compiler_num" -ge "207"; then
             CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [nested-externs])
             dnl If not cross-compiling with a gcc older than 3.0
-            if test "x$cross_compiling" != "xyes" ||
+            if test "$cross_compiling" != "yes" ||
               test "$compiler_num" -ge "300"; then
               CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [missing-declarations])
               CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [missing-prototypes])
@@ -1173,7 +1174,7 @@ AC_DEFUN([CURL_SET_COMPILER_WARNING_OPTS], [
         else
           dnl When cross-compiling with a gcc older than 3.0, disable
           dnl some warnings triggered on third party system headers.
-          if test "x$cross_compiling" = "xyes"; then
+          if test "$cross_compiling" = "yes"; then
             if test "$compiler_num" -ge "104"; then
               dnl gcc 1.4 or later
               tmp_CFLAGS="$tmp_CFLAGS -Wno-unused -Wno-shadow"
@@ -1190,19 +1191,19 @@ AC_DEFUN([CURL_SET_COMPILER_WARNING_OPTS], [
           tmp_CFLAGS="$tmp_CFLAGS -Wno-shadow"
           tmp_CFLAGS="$tmp_CFLAGS -Wno-unreachable-code"
         fi
-        if test "$compiler_num" -ge "402" -a "$compiler_num" -lt "406"; then
+        if test "$compiler_num" -ge "402" && test "$compiler_num" -lt "406"; then
           dnl GCC <4.6 do not support #pragma to suppress warnings locally. Disable globally instead.
           tmp_CFLAGS="$tmp_CFLAGS -Wno-overlength-strings"
         fi
-        if test "$compiler_num" -ge "400" -a "$compiler_num" -lt "407"; then
+        if test "$compiler_num" -ge "400" && test "$compiler_num" -lt "407"; then
           dnl https://gcc.gnu.org/bugzilla/show_bug.cgi?id=84685
           tmp_CFLAGS="$tmp_CFLAGS -Wno-missing-field-initializers"
         fi
-        if test "$compiler_num" -ge "403" -a "$compiler_num" -lt "408"; then
+        if test "$compiler_num" -ge "403" && test "$compiler_num" -lt "408"; then
           dnl Avoid false positives
           tmp_CFLAGS="$tmp_CFLAGS -Wno-type-limits"
         fi
-        if test "$compiler_num" -ge "501" -a "$compiler_num" -lt "505"; then
+        if test "$compiler_num" -ge "501" && test "$compiler_num" -lt "505"; then
           dnl Avoid false positives
           tmp_CFLAGS="$tmp_CFLAGS -Wno-conversion"
         fi
@@ -1308,7 +1309,7 @@ AC_DEFUN([CURL_SET_COMPILER_WARNING_OPTS], [
     squeeze tmp_CPPFLAGS
     squeeze tmp_CFLAGS
     #
-    if test ! -z "$tmp_CFLAGS" || test ! -z "$tmp_CPPFLAGS"; then
+    if test -n "$tmp_CFLAGS" || test -n "$tmp_CPPFLAGS"; then
       AC_MSG_CHECKING([if compiler accepts strict warning options])
       CPPFLAGS="$tmp_save_CPPFLAGS $tmp_CPPFLAGS"
       CFLAGS="$tmp_save_CFLAGS $tmp_CFLAGS"
@@ -1491,7 +1492,7 @@ AC_DEFUN([CURL_CHECK_COMPILER_SYMBOL_HIDING], [
     GNU_C)
       dnl Only gcc 3.4 or later
       if test "$compiler_num" -ge "304"; then
-        if $CC --help --verbose 2>/dev/null | grep fvisibility= >/dev/null ; then
+        if $CC --help --verbose 2>/dev/null | grep fvisibility= >/dev/null; then
           tmp_EXTERN="__attribute__((__visibility__(\"default\")))"
           tmp_CFLAGS="-fvisibility=hidden"
           supports_symbol_hiding="yes"
@@ -1501,7 +1502,7 @@ AC_DEFUN([CURL_CHECK_COMPILER_SYMBOL_HIDING], [
     INTEL_UNIX_C)
       dnl Only icc 9.0 or later
       if test "$compiler_num" -ge "900"; then
-        if $CC --help --verbose 2>&1 | grep fvisibility= > /dev/null ; then
+        if $CC --help --verbose 2>&1 | grep fvisibility= > /dev/null; then
           tmp_save_CFLAGS="$CFLAGS"
           CFLAGS="$CFLAGS -fvisibility=hidden"
           AC_LINK_IFELSE([
@@ -1520,7 +1521,7 @@ AC_DEFUN([CURL_CHECK_COMPILER_SYMBOL_HIDING], [
       fi
       ;;
     SUNPRO_C)
-      if $CC 2>&1 | grep flags >/dev/null && $CC -flags | grep xldscope= >/dev/null ; then
+      if $CC 2>&1 | grep flags >/dev/null && $CC -flags | grep xldscope= >/dev/null; then
         tmp_EXTERN="__global"
         tmp_CFLAGS="-xldscope=hidden"
         supports_symbol_hiding="yes"
diff --git a/m4/curl-confopts.m4 b/m4/curl-confopts.m4
index 5149e8a34a..a540373692 100644
--- a/m4/curl-confopts.m4
+++ b/m4/curl-confopts.m4
@@ -93,7 +93,7 @@ AS_HELP_STRING([--disable-ares],[Disable c-ares for DNS lookups]),
     *)
       dnl --enable-ares option used
       want_ares="yes"
-      if test -n "$enableval" && test "$enableval" != "yes"; then
+      if test -n "$enableval" && test "x$enableval" != "xyes"; then
         want_ares_path="$enableval"
       fi
       ;;
@@ -392,15 +392,15 @@ AC_DEFUN([CURL_CHECK_NONBLOCKING_SOCKET], [
   tst_method="unknown"
 
   AC_MSG_CHECKING([how to set a socket into non-blocking mode])
-  if test "x$curl_cv_func_fcntl_o_nonblock" = "xyes"; then
+  if test "$curl_cv_func_fcntl_o_nonblock" = "yes"; then
     tst_method="fcntl O_NONBLOCK"
-  elif test "x$curl_cv_func_ioctl_fionbio" = "xyes"; then
+  elif test "$curl_cv_func_ioctl_fionbio" = "yes"; then
     tst_method="ioctl FIONBIO"
-  elif test "x$curl_cv_func_ioctlsocket_fionbio" = "xyes"; then
+  elif test "$curl_cv_func_ioctlsocket_fionbio" = "yes"; then
     tst_method="ioctlsocket FIONBIO"
-  elif test "x$curl_cv_func_ioctlsocket_camel_fionbio" = "xyes"; then
+  elif test "$curl_cv_func_ioctlsocket_camel_fionbio" = "yes"; then
     tst_method="IoctlSocket FIONBIO"
-  elif test "x$curl_cv_func_setsockopt_so_nonblock" = "xyes"; then
+  elif test "$curl_cv_func_setsockopt_so_nonblock" = "yes"; then
     tst_method="setsockopt SO_NONBLOCK"
   fi
   AC_MSG_RESULT([$tst_method])
@@ -433,7 +433,7 @@ AC_DEFUN([CURL_CONFIGURE_SYMBOL_HIDING], [
   else
     AC_MSG_RESULT([no])
   fi
-  AM_CONDITIONAL(DOING_CURL_SYMBOL_HIDING, test x$doing_symbol_hiding = xyes)
+  AM_CONDITIONAL(DOING_CURL_SYMBOL_HIDING, test "$doing_symbol_hiding" = "yes")
   AC_SUBST(CFLAG_CURL_SYMBOL_HIDING)
 ])
 
@@ -456,7 +456,7 @@ AC_DEFUN([CURL_CHECK_LIB_ARES], [
       dnl c-ares library path has been specified
       ARES_PCDIR="$want_ares_path/lib/pkgconfig"
       CURL_CHECK_PKGCONFIG(libcares, [$ARES_PCDIR])
-      if test "$PKGCONFIG" != "no" ; then
+      if test "$PKGCONFIG" != "no"; then
         ares_LIBS=`CURL_EXPORT_PCDIR([$ARES_PCDIR])
           $PKGCONFIG --libs-only-l libcares`
         ares_LDFLAGS=`CURL_EXPORT_PCDIR([$ARES_PCDIR])
@@ -475,7 +475,7 @@ AC_DEFUN([CURL_CHECK_LIB_ARES], [
     else
       dnl c-ares path not specified, use defaults
       CURL_CHECK_PKGCONFIG(libcares)
-      if test "$PKGCONFIG" != "no" ; then
+      if test "$PKGCONFIG" != "no"; then
         ares_LIBS=`$PKGCONFIG --libs-only-l libcares`
         ares_LDFLAGS=`$PKGCONFIG --libs-only-L libcares`
         ares_CPPFLAGS=`$PKGCONFIG --cflags-only-I libcares`
diff --git a/m4/curl-functions.m4 b/m4/curl-functions.m4
index a9b9ee5844..5512a5d28c 100644
--- a/m4/curl-functions.m4
+++ b/m4/curl-functions.m4
@@ -1339,7 +1339,7 @@ AC_DEFUN([CURL_CHECK_FUNC_GETADDRINFO], [
   fi
   #
   dnl only do runtime verification when not cross-compiling
-  if test "x$cross_compiling" != "xyes" &&
+  if test "$cross_compiling" != "yes" &&
     test "$tst_compi_getaddrinfo" = "yes"; then
     AC_MSG_CHECKING([if getaddrinfo seems to work])
     CURL_RUN_IFELSE([
@@ -1415,7 +1415,7 @@ AC_DEFUN([CURL_CHECK_FUNC_GETADDRINFO], [
   #
   if test "$curl_cv_func_getaddrinfo" = "yes"; then
     AC_MSG_CHECKING([if getaddrinfo is threadsafe])
-    if test "$curl_cv_apple" = 'yes'; then
+    if test "$curl_cv_apple" = "yes"; then
       dnl Darwin 6.0 and macOS 10.2.X and newer
       tst_tsafe_getaddrinfo="yes"
     fi
@@ -2027,7 +2027,7 @@ AC_DEFUN([CURL_CHECK_FUNC_GETIFADDRS], [
   fi
   #
   dnl only do runtime verification when not cross-compiling
-  if test "x$cross_compiling" != "xyes" &&
+  if test "$cross_compiling" != "yes" &&
     test "$tst_compi_getifaddrs" = "yes"; then
     AC_MSG_CHECKING([if getifaddrs seems to work])
     CURL_RUN_IFELSE([
@@ -2148,7 +2148,7 @@ AC_DEFUN([CURL_CHECK_FUNC_GMTIME_R], [
   fi
   #
   dnl only do runtime verification when not cross-compiling
-  if test "x$cross_compiling" != "xyes" &&
+  if test "$cross_compiling" != "yes" &&
     test "$tst_compi_gmtime_r" = "yes"; then
     AC_MSG_CHECKING([if gmtime_r seems to work])
     CURL_RUN_IFELSE([
@@ -2268,7 +2268,7 @@ AC_DEFUN([CURL_CHECK_FUNC_INET_NTOP], [
   fi
   #
   dnl only do runtime verification when not cross-compiling
-  if test "x$cross_compiling" != "xyes" &&
+  if test "$cross_compiling" != "yes" &&
     test "$tst_compi_inet_ntop" = "yes"; then
     AC_MSG_CHECKING([if inet_ntop seems to work])
     CURL_RUN_IFELSE([
@@ -2429,7 +2429,7 @@ AC_DEFUN([CURL_CHECK_FUNC_INET_PTON], [
   fi
   #
   dnl only do runtime verification when not cross-compiling
-  if test "x$cross_compiling" != "xyes" &&
+  if test "$cross_compiling" != "yes" &&
     test "$tst_compi_inet_pton" = "yes"; then
     AC_MSG_CHECKING([if inet_pton seems to work])
     CURL_RUN_IFELSE([
@@ -4016,7 +4016,7 @@ AC_DEFUN([CURL_CHECK_FUNC_STRERROR_R], [
   fi
   #
   dnl only do runtime verification when not cross-compiling
-  if test "x$cross_compiling" != "xyes" &&
+  if test "$cross_compiling" != "yes" &&
     test "$tst_glibc_strerror_r" = "yes"; then
     AC_MSG_CHECKING([if strerror_r seems to work])
     CURL_RUN_IFELSE([
@@ -4079,7 +4079,7 @@ AC_DEFUN([CURL_CHECK_FUNC_STRERROR_R], [
   fi
   #
   dnl only do runtime verification when not cross-compiling
-  if test "x$cross_compiling" != "xyes" &&
+  if test "$cross_compiling" != "yes" &&
     test "$tst_posix_strerror_r" = "yes"; then
     AC_MSG_CHECKING([if strerror_r seems to work])
     CURL_RUN_IFELSE([
@@ -4259,7 +4259,7 @@ dnl CURL_LIBRARY_PATH variable. It keeps the LD_LIBRARY_PATH
 dnl changes contained within this macro.
 
 AC_DEFUN([CURL_RUN_IFELSE], [
-  if test "$curl_cv_apple" = 'yes'; then
+  if test "$curl_cv_apple" = "yes"; then
     AC_RUN_IFELSE([AC_LANG_SOURCE([$1])], $2, $3, $4)
   else
     oldcc=$CC
@@ -4291,7 +4291,7 @@ AC_DEFUN([CURL_COVERAGE],[
     coverage="$enableval")
 
   dnl if not gcc or clang switch off again
-  AS_IF([test "$compiler_id" != "GNU_C" -a "$compiler_id" != "CLANG" -a "$compiler_id" != "APPLECLANG"], coverage="no" )
+  AS_IF([test "$compiler_id" != "GNU_C" && test "$compiler_id" != "CLANG" && test "$compiler_id" != "APPLECLANG"], coverage="no" )
   AC_MSG_RESULT($coverage)
 
   if test "x$coverage" = "xyes"; then
@@ -4390,11 +4390,11 @@ AC_DEFUN([CURL_SIZEOF], [
       r=0
     ])
     dnl get out of the loop once matched
-    if test $r -gt 0; then
+    if test "$r" -gt 0; then
       break;
     fi
   done
-  if test $r -eq 0; then
+  if test "$r" -eq 0; then
     AC_MSG_ERROR([Failed to find size of $1])
   fi
   AC_MSG_RESULT($r)
diff --git a/m4/curl-gnutls.m4 b/m4/curl-gnutls.m4
index f1aa04d3fa..533d72129e 100644
--- a/m4/curl-gnutls.m4
+++ b/m4/curl-gnutls.m4
@@ -27,10 +27,10 @@ dnl check for GnuTLS
 dnl ----------------------------------------------------
 
 AC_DEFUN([CURL_WITH_GNUTLS], [
-if test "x$OPT_GNUTLS" != xno; then
+if test "x$OPT_GNUTLS" != "xno"; then
   ssl_msg=
 
-  if test X"$OPT_GNUTLS" != Xno; then
+  if test "x$OPT_GNUTLS" != "xno"; then
 
     addld=""
     addlib=""
@@ -42,7 +42,7 @@ if test "x$OPT_GNUTLS" != xno; then
       dnl this is with no particular path given
       CURL_CHECK_PKGCONFIG(gnutls)
 
-      if test "$PKGCONFIG" != "no" ; then
+      if test "$PKGCONFIG" != "no"; then
         addlib=`$PKGCONFIG --libs-only-l gnutls`
         addld=`$PKGCONFIG --libs-only-L gnutls`
         addcflags=`$PKGCONFIG --cflags-only-I gnutls`
@@ -106,7 +106,7 @@ if test "x$OPT_GNUTLS" != xno; then
         USE_GNUTLS="yes"
         ssl_msg="GnuTLS"
         QUIC_ENABLED=yes
-        test gnutls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
+        test "gnutls" != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
       ],
       [
         LIBS="$CLEANLIBS"
@@ -115,7 +115,7 @@ if test "x$OPT_GNUTLS" != xno; then
         LDFLAGSPC="$CLEANLDFLAGSPC"
       ])
 
-      if test "x$USE_GNUTLS" = "xyes"; then
+      if test "$USE_GNUTLS" = "yes"; then
         AC_MSG_NOTICE([detected GnuTLS version $version])
         check_for_ca_bundle=1
         if test -n "$gtlslib"; then
@@ -123,7 +123,7 @@ if test "x$OPT_GNUTLS" != xno; then
           dnl linker does not search through, we need to add it to
           dnl CURL_LIBRARY_PATH to prevent further configure tests to fail
           dnl due to this
-          if test "x$cross_compiling" != "xyes"; then
+          if test "$cross_compiling" != "yes"; then
             CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$gtlslib"
             export CURL_LIBRARY_PATH
             AC_MSG_NOTICE([Added $gtlslib to CURL_LIBRARY_PATH])
@@ -147,12 +147,12 @@ if test "$GNUTLS_ENABLED" = "1"; then
   AC_CHECK_LIB(gnutls, nettle_MD5Init, [ USE_GNUTLS_NETTLE=1 ])
 
   # If not, try linking directly to both of them to see if they are available
-  if test "$USE_GNUTLS_NETTLE" = ""; then
+  if test -z "$USE_GNUTLS_NETTLE"; then
 
     dnl this is with no particular path given
     CURL_CHECK_PKGCONFIG(nettle)
 
-    if test "$PKGCONFIG" != "no" ; then
+    if test "$PKGCONFIG" != "no"; then
       addlib=`$PKGCONFIG --libs-only-l nettle`
       addld=`$PKGCONFIG --libs-only-L nettle`
       addcflags=`$PKGCONFIG --cflags-only-I nettle`
@@ -192,7 +192,7 @@ if test "$GNUTLS_ENABLED" = "1"; then
         fi
       fi
     fi
-    if test "$USE_GNUTLS_NETTLE" = ""; then
+    if test -z "$USE_GNUTLS_NETTLE"; then
       AC_MSG_ERROR([GnuTLS found, but nettle was not found])
     fi
   else
diff --git a/m4/curl-mbedtls.m4 b/m4/curl-mbedtls.m4
index 93da5b25e0..7c5bccd229 100644
--- a/m4/curl-mbedtls.m4
+++ b/m4/curl-mbedtls.m4
@@ -27,19 +27,19 @@ dnl check for mbedTLS
 dnl ----------------------------------------------------
 AC_DEFUN([CURL_WITH_MBEDTLS], [
 
-if test "x$OPT_MBEDTLS" != xno; then
+if test "x$OPT_MBEDTLS" != "xno"; then
   _cppflags=$CPPFLAGS
   _ldflags=$LDFLAGS
   _ldflagspc=$LDFLAGSPC
   ssl_msg=
 
-  if test X"$OPT_MBEDTLS" != Xno; then
+  if test "x$OPT_MBEDTLS" != "xno"; then
 
-    if test "$OPT_MBEDTLS" = "yes"; then
+    if test "x$OPT_MBEDTLS" = "xyes"; then
       OPT_MBEDTLS=""
     fi
 
-    if test -z "$OPT_MBEDTLS" ; then
+    if test -z "$OPT_MBEDTLS"; then
       dnl check for lib first without setting any new path
 
       AC_CHECK_LIB(mbedtls, mbedtls_havege_init,
@@ -49,7 +49,7 @@ if test "x$OPT_MBEDTLS" != xno; then
         MBEDTLS_ENABLED=1
         USE_MBEDTLS="yes"
         ssl_msg="mbedTLS"
-        test mbedtls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
+        test "mbedtls" != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
       ], [], -lmbedx509 -lmbedcrypto)
     fi
 
@@ -58,7 +58,7 @@ if test "x$OPT_MBEDTLS" != xno; then
     addcflags=""
     mbedtlslib=""
 
-    if test "x$USE_MBEDTLS" != "xyes"; then
+    if test "$USE_MBEDTLS" != "yes"; then
       dnl add the path and test again
       addld=-L$OPT_MBEDTLS/lib$libsuff
       addcflags=-I$OPT_MBEDTLS/include
@@ -76,7 +76,7 @@ if test "x$OPT_MBEDTLS" != xno; then
         MBEDTLS_ENABLED=1
         USE_MBEDTLS="yes"
         ssl_msg="mbedTLS"
-        test mbedtls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
+        test "mbedtls" != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
         ],
         [
           CPPFLAGS=$_cppflags
@@ -85,7 +85,7 @@ if test "x$OPT_MBEDTLS" != xno; then
         ], -lmbedx509 -lmbedcrypto)
     fi
 
-    if test "x$USE_MBEDTLS" = "xyes"; then
+    if test "$USE_MBEDTLS" = "yes"; then
       AC_MSG_NOTICE([detected mbedTLS])
       check_for_ca_bundle=1
 
@@ -96,7 +96,7 @@ if test "x$OPT_MBEDTLS" != xno; then
         dnl linker does not search through, we need to add it to
         dnl CURL_LIBRARY_PATH to prevent further configure tests to fail
         dnl due to this
-        if test "x$cross_compiling" != "xyes"; then
+        if test "$cross_compiling" != "yes"; then
           CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$mbedtlslib"
           export CURL_LIBRARY_PATH
           AC_MSG_NOTICE([Added $mbedtlslib to CURL_LIBRARY_PATH])
diff --git a/m4/curl-openssl.m4 b/m4/curl-openssl.m4
index b9b93e2ea0..3892e0e89f 100644
--- a/m4/curl-openssl.m4
+++ b/m4/curl-openssl.m4
@@ -30,7 +30,7 @@ dnl Check for OpenSSL libraries and headers
 dnl **********************************************************************
 
 AC_DEFUN([CURL_WITH_OPENSSL], [
-if test "x$OPT_OPENSSL" != xno; then
+if test "x$OPT_OPENSSL" != "xno"; then
   ssl_msg=
 
   dnl backup the pre-ssl variables
@@ -102,7 +102,7 @@ if test "x$OPT_OPENSSL" != xno; then
       dnl in case pkg-config comes up empty, use what we got
       dnl via --with-openssl
       LIB_OPENSSL="$PREFIX_OPENSSL/lib$libsuff"
-      if test "$PREFIX_OPENSSL" != "/usr" ; then
+      if test "$PREFIX_OPENSSL" != "/usr"; then
         SSL_LDFLAGS="-L$LIB_OPENSSL"
         SSL_CPPFLAGS="-I$PREFIX_OPENSSL/include"
       fi
@@ -113,7 +113,7 @@ if test "x$OPT_OPENSSL" != xno; then
 
     CURL_CHECK_PKGCONFIG(openssl, [$OPENSSL_PCDIR])
 
-    if test "$PKGCONFIG" != "no" ; then
+    if test "$PKGCONFIG" != "no"; then
       SSL_LIBS=`CURL_EXPORT_PCDIR([$OPENSSL_PCDIR]) dnl
         $PKGCONFIG --libs-only-l --libs-only-other openssl 2>/dev/null`
 
@@ -148,11 +148,11 @@ if test "x$OPT_OPENSSL" != xno; then
     HAVECRYPTO="yes"
     LIBS="-lcrypto $LIBS"
     ],[
-    if test -n "$LIB_OPENSSL" ; then
+    if test -n "$LIB_OPENSSL"; then
       LDFLAGS="$CLEANLDFLAGS -L$LIB_OPENSSL"
       LDFLAGSPC="$CLEANLDFLAGSPC -L$LIB_OPENSSL"
     fi
-    if test "$PKGCONFIG" = "no" -a -n "$PREFIX_OPENSSL" ; then
+    if test "$PKGCONFIG" = "no" && test -n "$PREFIX_OPENSSL"; then
       # only set this if pkg-config was not used
       CPPFLAGS="$CLEANCPPFLAGS -I$PREFIX_OPENSSL/include"
     fi
@@ -203,33 +203,33 @@ if test "x$OPT_OPENSSL" != xno; then
     ])
   ])
 
-  if test X"$HAVECRYPTO" = X"yes"; then
+  if test "$HAVECRYPTO" = "yes"; then
     dnl This is only reasonable to do if crypto actually is there: check for
     dnl SSL libs NOTE: it is important to do this AFTER the crypto lib
 
     AC_CHECK_LIB(ssl, SSL_connect)
 
-    if test "$ac_cv_lib_ssl_SSL_connect" = yes; then
+    if test "$ac_cv_lib_ssl_SSL_connect" = "yes"; then
       dnl Have the libraries--check for OpenSSL headers
       AC_CHECK_HEADERS(openssl/x509.h openssl/rsa.h openssl/crypto.h \
                        openssl/pem.h openssl/ssl.h openssl/err.h,
         ssl_msg="OpenSSL"
-        test openssl != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
+        test "openssl" != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
         OPENSSL_ENABLED=1
         AC_DEFINE(USE_OPENSSL, 1, [if OpenSSL is in use]))
     fi
 
-    if test X"$OPENSSL_ENABLED" != X"1"; then
+    if test "$OPENSSL_ENABLED" != "1"; then
       LIBS="$CLEANLIBS"
     fi
 
-    if test X"$OPT_OPENSSL" != Xoff &&
+    if test "x$OPT_OPENSSL" != "xoff" &&
        test "$OPENSSL_ENABLED" != "1"; then
       AC_MSG_ERROR([OpenSSL libs and/or directories were not found where specified!])
     fi
   fi
 
-  if test X"$OPENSSL_ENABLED" = X"1"; then
+  if test "$OPENSSL_ENABLED" = "1"; then
     dnl These can only exist if OpenSSL exists
 
     AC_MSG_CHECKING([for BoringSSL])
@@ -319,7 +319,7 @@ if test "x$OPT_OPENSSL" != xno; then
       dnl when the ssl shared libs were found in a path that the runtime
       dnl linker does not search through, we need to add it to CURL_LIBRARY_PATH
       dnl to prevent further configure tests to fail due to this
-      if test "x$cross_compiling" != "xyes"; then
+      if test "$cross_compiling" != "yes"; then
         CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$LIB_OPENSSL"
         export CURL_LIBRARY_PATH
         AC_MSG_NOTICE([Added $LIB_OPENSSL to CURL_LIBRARY_PATH])
@@ -332,7 +332,7 @@ if test "x$OPT_OPENSSL" != xno; then
   test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg"
 fi
 
-if test X"$OPT_OPENSSL" != Xno &&
+if test "x$OPT_OPENSSL" != "xno" &&
    test "$OPENSSL_ENABLED" != "1"; then
   AC_MSG_NOTICE([OPT_OPENSSL: $OPT_OPENSSL])
   AC_MSG_NOTICE([OPENSSL_ENABLED: $OPENSSL_ENABLED])
@@ -389,7 +389,7 @@ if test "$OPENSSL_ENABLED" = "1"; then
   AC_ARG_ENABLE(openssl-auto-load-config,
 AS_HELP_STRING([--enable-openssl-auto-load-config],[Enable automatic loading of OpenSSL configuration])
 AS_HELP_STRING([--disable-openssl-auto-load-config],[Disable automatic loading of OpenSSL configuration]),
-  [ if test X"$enableval" = X"no"; then
+  [ if test "x$enableval" = "xno"; then
       AC_MSG_NOTICE([automatic loading of OpenSSL configuration disabled])
       AC_DEFINE(CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG, 1, [if the OpenSSL configuration will not be loaded automatically])
     fi
diff --git a/m4/curl-rustls.m4 b/m4/curl-rustls.m4
index 7b7e997524..f1b5d6b1df 100644
--- a/m4/curl-rustls.m4
+++ b/m4/curl-rustls.m4
@@ -27,7 +27,7 @@ dnl ----------------------------------------------------
 dnl check for Rustls
 dnl ----------------------------------------------------
 
-if test "x$OPT_RUSTLS" != xno; then
+if test "x$OPT_RUSTLS" != "xno"; then
   ssl_msg=
 
   dnl backup the pre-ssl variables
@@ -83,14 +83,14 @@ if test "x$OPT_RUSTLS" != xno; then
           CPPFLAGS="$CPPFLAGS $addcflags"
         fi
 
-        if test "$curl_cv_apple" = 'yes'; then
+        if test "$curl_cv_apple" = "yes"; then
           RUSTLS_LDFLAGS="-framework Security -framework Foundation"
         else
           RUSTLS_LDFLAGS="-lpthread -ldl -lm"
         fi
 
         LIB_RUSTLS="$PREFIX_RUSTLS/lib$libsuff"
-        if test "$PREFIX_RUSTLS" != "/usr" ; then
+        if test "$PREFIX_RUSTLS" != "/usr"; then
           SSL_LDFLAGS="-L$LIB_RUSTLS $RUSTLS_LDFLAGS"
           SSL_CPPFLAGS="-I$PREFIX_RUSTLS/include"
         fi
@@ -108,7 +108,7 @@ if test "x$OPT_RUSTLS" != xno; then
 
     CURL_CHECK_PKGCONFIG(rustls, [$RUSTLS_PCDIR])
 
-    if test "$PKGCONFIG" != "no" ; then
+    if test "$PKGCONFIG" != "no"; then
       SSL_LIBS=`CURL_EXPORT_PCDIR([$RUSTLS_PCDIR]) dnl
         $PKGCONFIG --libs-only-l --libs-only-other rustls 2>/dev/null`
 
@@ -136,7 +136,7 @@ if test "x$OPT_RUSTLS" != xno; then
       AC_DEFINE(USE_RUSTLS, 1, [if Rustls is enabled])
       USE_RUSTLS="yes"
       RUSTLS_ENABLED=1
-      test rustls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
+      test "rustls" != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
     else
       AC_MSG_ERROR([pkg-config: Could not find Rustls])
     fi
@@ -152,7 +152,7 @@ if test "x$OPT_RUSTLS" != xno; then
   LDFLAGS="$CLEANLDFLAGS $SSL_LDFLAGS"
   LDFLAGSPC="$CLEANLDFLAGSPC $SSL_LDFLAGS"
 
-  if test "x$USE_RUSTLS" = "xyes"; then
+  if test "$USE_RUSTLS" = "yes"; then
     AC_MSG_NOTICE([detected Rustls])
     check_for_ca_bundle=1
 
@@ -161,7 +161,7 @@ if test "x$OPT_RUSTLS" != xno; then
       dnl linker does not search through, we need to add it to
       dnl CURL_LIBRARY_PATH so that further configure tests do not
       dnl fail due to this
-      if test "x$cross_compiling" != "xyes"; then
+      if test "$cross_compiling" != "yes"; then
         CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$LIB_RUSTLS"
         export CURL_LIBRARY_PATH
         AC_MSG_NOTICE([Added $LIB_RUSTLS to CURL_LIBRARY_PATH])
@@ -177,7 +177,7 @@ if test "x$OPT_RUSTLS" != xno; then
         RUSTLS_ENABLED=1
         USE_RUSTLS="yes"
         ssl_msg="Rustls"
-        test rustls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
+        test "rustls" != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
         ],
         AC_MSG_ERROR([--with-rustls was specified but could not find compatible Rustls.]),
         $RUSTLS_LDFLAGS)
@@ -185,7 +185,7 @@ if test "x$OPT_RUSTLS" != xno; then
 
   test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg"
 
-  if test X"$OPT_RUSTLS" != Xno &&
+  if test "x$OPT_RUSTLS" != "xno" &&
     test "$RUSTLS_ENABLED" != "1"; then
     AC_MSG_NOTICE([OPT_RUSTLS: $OPT_RUSTLS])
     AC_MSG_NOTICE([RUSTLS_ENABLED: $RUSTLS_ENABLED])
diff --git a/m4/curl-schannel.m4 b/m4/curl-schannel.m4
index 1aa66dc2c8..c67098fa11 100644
--- a/m4/curl-schannel.m4
+++ b/m4/curl-schannel.m4
@@ -24,17 +24,17 @@
 
 AC_DEFUN([CURL_WITH_SCHANNEL], [
 AC_MSG_CHECKING([whether to enable Windows native SSL/TLS])
-if test "x$OPT_SCHANNEL" != xno; then
+if test "x$OPT_SCHANNEL" != "xno"; then
   ssl_msg=
   if test "x$OPT_SCHANNEL" != "xno" &&
-     test "x$curl_cv_native_windows" = "xyes"; then
-    if test "$curl_cv_winuwp" = 'yes'; then
+     test "$curl_cv_native_windows" = "yes"; then
+    if test "$curl_cv_winuwp" = "yes"; then
       AC_MSG_ERROR([UWP does not support Schannel.])
     fi
     AC_MSG_RESULT(yes)
     AC_DEFINE(USE_SCHANNEL, 1, [to enable Windows native SSL/TLS support])
     ssl_msg="Schannel"
-    test schannel != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
+    test "schannel" != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
     SCHANNEL_ENABLED=1
     # --with-schannel implies --enable-sspi
     AC_DEFINE(USE_WINDOWS_SSPI, 1, [to enable SSPI support])
diff --git a/m4/curl-sysconfig.m4 b/m4/curl-sysconfig.m4
index f5ebe0391b..7ad1285ef2 100644
--- a/m4/curl-sysconfig.m4
+++ b/m4/curl-sysconfig.m4
@@ -40,7 +40,7 @@ AC_MSG_CHECKING([whether to link macOS CoreFoundation, CoreServices, and SystemC
   ],[
     build_for_macos="no"
   ])
-  if test "x$build_for_macos" != xno; then
+  if test "$build_for_macos" != "no"; then
     AC_MSG_RESULT(yes)
     SYSCONFIG_LDFLAGS='-framework CoreFoundation -framework CoreServices -framework SystemConfiguration'
     LDFLAGS="$LDFLAGS $SYSCONFIG_LDFLAGS"
diff --git a/m4/curl-wolfssl.m4 b/m4/curl-wolfssl.m4
index 0eba972b63..4cbc6f5c0c 100644
--- a/m4/curl-wolfssl.m4
+++ b/m4/curl-wolfssl.m4
@@ -36,14 +36,14 @@ case "$OPT_WOLFSSL" in
     ;;
 esac
 
-if test "x$OPT_WOLFSSL" != xno; then
+if test "$OPT_WOLFSSL" != "no"; then
   _cppflags=$CPPFLAGS
   _ldflags=$LDFLAGS
   _ldflagspc=$LDFLAGSPC
 
   ssl_msg=
 
-  if test X"$OPT_WOLFSSL" != Xno; then
+  if test "$OPT_WOLFSSL" != "no"; then
 
     if test "$OPT_WOLFSSL" = "yes"; then
       OPT_WOLFSSL=""
@@ -56,7 +56,7 @@ if test "x$OPT_WOLFSSL" != xno; then
     addld=""
     addlib=""
     addcflags=""
-    if test "$PKGCONFIG" != "no" ; then
+    if test "$PKGCONFIG" != "no"; then
       addlib=`CURL_EXPORT_PCDIR([$wolfpkg])
         $PKGCONFIG --libs-only-l wolfssl`
       addld=`CURL_EXPORT_PCDIR([$wolfpkg])
@@ -76,13 +76,13 @@ if test "x$OPT_WOLFSSL" != xno; then
       fi
     fi
 
-    if test "$curl_cv_apple" = 'yes'; then
+    if test "$curl_cv_apple" = "yes"; then
       addlib="$addlib -framework Security -framework CoreFoundation"
     else
       addlib="$addlib -lm"
     fi
 
-    if test "x$USE_WOLFSSL" != "xyes"; then
+    if test "$USE_WOLFSSL" != "yes"; then
 
       LDFLAGS="$LDFLAGS $addld"
       LDFLAGSPC="$LDFLAGSPC $addld"
@@ -114,7 +114,7 @@ if test "x$OPT_WOLFSSL" != xno; then
         WOLFSSL_ENABLED=1
         USE_WOLFSSL="yes"
         ssl_msg="wolfSSL"
-        test wolfssl != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
+        test "wolfssl" != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes
       ],
       [
         AC_MSG_RESULT(no)
@@ -126,7 +126,7 @@ if test "x$OPT_WOLFSSL" != xno; then
       LIBS="$my_ac_save_LIBS"
     fi
 
-    if test "x$USE_WOLFSSL" = "xyes"; then
+    if test "$USE_WOLFSSL" = "yes"; then
       AC_MSG_NOTICE([detected wolfSSL])
       check_for_ca_bundle=1
 
@@ -150,12 +150,12 @@ if test "x$OPT_WOLFSSL" != xno; then
 
       dnl if this symbol is present, we want the include path to include the
       dnl OpenSSL API root as well
-      if test "x$ac_cv_func_wolfSSL_DES_ecb_encrypt" = 'xyes'; then
+      if test "$ac_cv_func_wolfSSL_DES_ecb_encrypt" = "yes"; then
         HAVE_WOLFSSL_DES_ECB_ENCRYPT=1
       fi
 
       dnl if this symbol is present, we can make use of BIO filter chains
-      if test "x$ac_cv_func_wolfSSL_BIO_new" = 'xyes'; then
+      if test "$ac_cv_func_wolfSSL_BIO_new" = "yes"; then
         HAVE_WOLFSSL_BIO_NEW=1
       fi
 
@@ -164,7 +164,7 @@ if test "x$OPT_WOLFSSL" != xno; then
         dnl linker does not search through, we need to add it to
         dnl CURL_LIBRARY_PATH to prevent further configure tests to fail
         dnl due to this
-        if test "x$cross_compiling" != "xyes"; then
+        if test "$cross_compiling" != "yes"; then
           CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$wolfssllibpath"
           export CURL_LIBRARY_PATH
           AC_MSG_NOTICE([Added $wolfssllibpath to CURL_LIBRARY_PATH])
diff --git a/m4/xc-lt-iface.m4 b/m4/xc-lt-iface.m4
index 22eecd349f..83bf62ccf6 100644
--- a/m4/xc-lt-iface.m4
+++ b/m4/xc-lt-iface.m4
@@ -59,8 +59,8 @@ case "x$enable_static" in @%:@ (
     xc_lt_want_enable_static='no'
     ;;
 esac
-if test "x$xc_lt_want_enable_shared" = 'xno' &&
-  test "x$xc_lt_want_enable_static" = 'xno'; then
+if test "$xc_lt_want_enable_shared" = "no" &&
+   test "$xc_lt_want_enable_static" = "no"; then
   AC_MSG_ERROR([can not disable shared and static libraries simultaneously])
 fi
 
@@ -71,8 +71,8 @@ fi
 # must be used in order to build a proper static library.
 #
 
-if test "x$xc_lt_want_enable_shared" = 'xyes' &&
-  test "x$xc_lt_want_enable_static" = 'xyes'; then
+if test "$xc_lt_want_enable_shared" = "yes" &&
+   test "$xc_lt_want_enable_static" = "yes"; then
   case $host_os in @%:@ (
     os2* | aix*)
       xc_lt_want_enable_static='no'
@@ -117,7 +117,7 @@ esac
 # be overridden using 'configure --disable-shared --without-pic'.
 #
 
-if test "x$xc_lt_want_with_pic" = 'xdefault'; then
+if test "$xc_lt_want_with_pic" = "default"; then
   case $host_cpu in @%:@ (
     x86_64 | amd64 | ia64)
       case $host_os in @%:@ (
@@ -229,7 +229,7 @@ m4_define([_XC_CHECK_LT_SHLIB_USE_VERSION_INFO],
 
 AC_MSG_CHECKING([whether to build shared libraries with -version-info])
 xc_lt_shlib_use_version_info='yes'
-if test "x$version_type" = 'xnone'; then
+if test "$version_type" = "none"; then
   xc_lt_shlib_use_version_info='no'
 fi
 case $host_os in @%:@ (
@@ -259,9 +259,9 @@ m4_define([_XC_CHECK_LT_SHLIB_USE_NO_UNDEFINED],
 
 AC_MSG_CHECKING([whether to build shared libraries with -no-undefined])
 xc_lt_shlib_use_no_undefined='no'
-if test "x$allow_undefined" = 'xno'; then
+if test "x$allow_undefined" = "xno"; then
   xc_lt_shlib_use_no_undefined='yes'
-elif test "x$allow_undefined_flag" = 'xunsupported'; then
+elif test "x$allow_undefined_flag" = "xunsupported"; then
   xc_lt_shlib_use_no_undefined='yes'
 fi
 case $host_os in @%:@ (
@@ -293,7 +293,7 @@ AC_MSG_CHECKING([whether to build shared libraries with -mimpure-text])
 xc_lt_shlib_use_mimpure_text='no'
 case $host_os in @%:@ (
   solaris2*)
-    if test "x$GCC" = 'xyes'; then
+    if test "x$GCC" = "xyes"; then
       xc_lt_shlib_use_mimpure_text='yes'
     fi
     ;;
@@ -367,8 +367,8 @@ m4_define([_XC_CHECK_LT_BUILD_SINGLE_VERSION],
 #
 
 AC_MSG_CHECKING([whether to build shared libraries only])
-if test "$xc_lt_build_shared" = 'yes' &&
-  test "$xc_lt_build_static" = 'no'; then
+if test "$xc_lt_build_shared" = "yes" &&
+   test "$xc_lt_build_static" = "no"; then
   xc_lt_build_shared_only='yes'
 else
   xc_lt_build_shared_only='no'
@@ -380,8 +380,8 @@ AC_MSG_RESULT([$xc_lt_build_shared_only])
 #
 
 AC_MSG_CHECKING([whether to build static libraries only])
-if test "$xc_lt_build_static" = 'yes' &&
-  test "$xc_lt_build_shared" = 'no'; then
+if test "$xc_lt_build_static" = "yes" &&
+   test "$xc_lt_build_shared" = "no"; then
   xc_lt_build_static_only='yes'
 else
   xc_lt_build_static_only='no'
diff --git a/m4/xc-val-flgs.m4 b/m4/xc-val-flgs.m4
index 4715163c9e..fd90643496 100644
--- a/m4/xc-val-flgs.m4
+++ b/m4/xc-val-flgs.m4
@@ -39,7 +39,7 @@ AC_DEFUN([_XC_CHECK_VAR_LIBS], [
         ;;
     esac
   done
-  if test $xc_bad_var_libs = yes; then
+  if test "$xc_bad_var_libs" = "yes"; then
     AC_MSG_NOTICE([using LIBS: $LIBS])
     AC_MSG_NOTICE([LIBS note: LIBS should only be used to specify libraries (-lname).])
   fi
@@ -68,7 +68,7 @@ AC_DEFUN([_XC_CHECK_VAR_LDFLAGS], [
         ;;
     esac
   done
-  if test $xc_bad_var_ldflags = yes; then
+  if test "$xc_bad_var_ldflags" = "yes"; then
     AC_MSG_NOTICE([using LDFLAGS: $LDFLAGS])
     xc_bad_var_msg="LDFLAGS note: LDFLAGS should only be used to specify linker flags, not"
     for xc_word in $LDFLAGS; do
@@ -110,7 +110,7 @@ AC_DEFUN([_XC_CHECK_VAR_CPPFLAGS], [
         ;;
     esac
   done
-  if test $xc_bad_var_cppflags = yes; then
+  if test "$xc_bad_var_cppflags" = "yes"; then
     AC_MSG_NOTICE([using CPPFLAGS: $CPPFLAGS])
     xc_bad_var_msg="CPPFLAGS note: CPPFLAGS should only be used to specify C preprocessor flags, not"
     for xc_word in $CPPFLAGS; do
@@ -158,7 +158,7 @@ AC_DEFUN([_XC_CHECK_VAR_CFLAGS], [
         ;;
     esac
   done
-  if test $xc_bad_var_cflags = yes; then
+  if test "$xc_bad_var_cflags" = "yes"; then
     AC_MSG_NOTICE([using CFLAGS: $CFLAGS])
     xc_bad_var_msg="CFLAGS note: CFLAGS should only be used to specify C compiler flags, not"
     for xc_word in $CFLAGS; do
@@ -207,10 +207,10 @@ AC_DEFUN([XC_CHECK_USER_FLAGS], [
   _XC_CHECK_VAR_LDFLAGS
   _XC_CHECK_VAR_CPPFLAGS
   _XC_CHECK_VAR_CFLAGS
-  if test $xc_bad_var_libs = yes ||
-     test $xc_bad_var_cflags = yes ||
-     test $xc_bad_var_ldflags = yes ||
-     test $xc_bad_var_cppflags = yes; then
+  if test "$xc_bad_var_libs" = "yes" ||
+     test "$xc_bad_var_cflags" = "yes" ||
+     test "$xc_bad_var_ldflags" = "yes" ||
+     test "$xc_bad_var_cppflags" = "yes"; then
     AC_MSG_ERROR([Can not continue. Fix errors mentioned immediately above this line.])
   fi
 ])
@@ -235,10 +235,10 @@ AC_DEFUN([XC_CHECK_BUILD_FLAGS], [
   _XC_CHECK_VAR_LDFLAGS
   _XC_CHECK_VAR_CPPFLAGS
   _XC_CHECK_VAR_CFLAGS
-  if test $xc_bad_var_libs = yes ||
-     test $xc_bad_var_cflags = yes ||
-     test $xc_bad_var_ldflags = yes ||
-     test $xc_bad_var_cppflags = yes; then
+  if test "$xc_bad_var_libs" = "yes" ||
+     test "$xc_bad_var_cflags" = "yes" ||
+     test "$xc_bad_var_ldflags" = "yes" ||
+     test "$xc_bad_var_cppflags" = "yes"; then
     AC_MSG_WARN([Continuing even with errors mentioned immediately above this line.])
   fi
 ])
diff --git a/m4/zz40-xc-ovr.m4 b/m4/zz40-xc-ovr.m4
index 5389a45561..02c86c9eea 100644
--- a/m4/zz40-xc-ovr.m4
+++ b/m4/zz40-xc-ovr.m4
@@ -393,7 +393,7 @@ done
 IFS=$xc_tst_prev_IFS
 xc_tst_dirs_sem=`expr "$xc_tst_dirs_sem" : '.*'`
 
-if test $xc_tst_dirs_sem -eq $xc_tst_dirs_col; then
+if test "$xc_tst_dirs_sem" -eq "$xc_tst_dirs_col"; then
   # When both counting methods give the same result we do not want to
   # chose one over the other, and consider auto-detection not possible.
   if test -z "$PATH_SEPARATOR"; then
@@ -404,7 +404,7 @@ if test $xc_tst_dirs_sem -eq $xc_tst_dirs_col; then
   fi
 else
   # Separator with the greater directory count is the auto-detected one.
-  if test $xc_tst_dirs_sem -gt $xc_tst_dirs_col; then
+  if test "$xc_tst_dirs_sem" -gt "$xc_tst_dirs_col"; then
     xc_tst_auto_separator=';'
   else
     xc_tst_auto_separator=':'

From 73b732e3e8d3b23bc8b11ee8024448f9e61ced7d Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 10 Dec 2025 22:42:35 +0100
Subject: [PATCH 1219/2408] tests/data: replace `&` with `%AMP`

For XML-compliance.

Closes #19923
---
 tests/data/test1011 | 7 +++----
 tests/data/test1012 | 7 +++----
 tests/data/test1015 | 3 +--
 tests/data/test1076 | 7 +++----
 tests/data/test1105 | 7 +++----
 tests/data/test1138 | 7 +++----
 tests/data/test1221 | 3 +--
 tests/data/test1332 | 7 +++----
 tests/data/test1402 | 3 +--
 tests/data/test1403 | 3 +--
 tests/data/test1598 | 3 +--
 tests/data/test1977 | 5 ++---
 tests/data/test199  | 7 +++----
 tests/data/test3    | 5 ++---
 tests/data/test32   | 5 ++---
 tests/data/test40   | 7 +++----
 tests/data/test439  | 5 ++---
 tests/data/test48   | 7 +++----
 tests/data/test568  | 3 +--
 tests/data/test733  | 5 ++---
 tests/data/test734  | 5 ++---
 tests/data/test735  | 5 ++---
 tests/data/test739  | 3 +--
 23 files changed, 48 insertions(+), 71 deletions(-)

diff --git a/tests/data/test1011 b/tests/data/test1011
index 4f5111dea2..c15fab06dc 100644
--- a/tests/data/test1011
+++ b/tests/data/test1011
@@ -4,7 +4,6 @@
 HTTP
 HTTP POST
 followlocation
-notxml
 
 
 #
@@ -12,7 +11,7 @@ notxml
 
 
 HTTP/1.1 301 OK
-Location: moo.html&testcase=/%TESTNUMBER0002
+Location: moo.html%AMPtestcase=/%TESTNUMBER0002
 Date: Tue, 09 Nov 2010 14:49:00 GMT
 Content-Length: 0
 
@@ -27,7 +26,7 @@ body
 
 
 HTTP/1.1 301 OK
-Location: moo.html&testcase=/%TESTNUMBER0002
+Location: moo.html%AMPtestcase=/%TESTNUMBER0002
 Date: Tue, 09 Nov 2010 14:49:00 GMT
 Content-Length: 0
 
@@ -65,7 +64,7 @@ Accept: */*
 Content-Length: 3
 Content-Type: application/x-www-form-urlencoded
 
-mooGET /blah/moo.html&testcase=/%TESTNUMBER0002 HTTP/1.1
+mooGET /blah/moo.html%AMPtestcase=/%TESTNUMBER0002 HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 User-Agent: curl/%VERSION
 Accept: */*
diff --git a/tests/data/test1012 b/tests/data/test1012
index ef2d679bfc..fe678aa006 100644
--- a/tests/data/test1012
+++ b/tests/data/test1012
@@ -4,7 +4,6 @@
 HTTP
 HTTP POST
 followlocation
-notxml
 
 
 #
@@ -12,7 +11,7 @@ notxml
 
 
 HTTP/1.1 301 OK swsclose
-Location: moo.html&testcase=/%TESTNUMBER0002
+Location: moo.html%AMPtestcase=/%TESTNUMBER0002
 Date: Tue, 09 Nov 2010 14:49:00 GMT
 Connection: close
 
@@ -27,7 +26,7 @@ body
 
 
 HTTP/1.1 301 OK swsclose
-Location: moo.html&testcase=/%TESTNUMBER0002
+Location: moo.html%AMPtestcase=/%TESTNUMBER0002
 Date: Tue, 09 Nov 2010 14:49:00 GMT
 Connection: close
 
@@ -65,7 +64,7 @@ Accept: */*
 Content-Length: 3
 Content-Type: application/x-www-form-urlencoded
 
-mooPOST /blah/moo.html&testcase=/%TESTNUMBER0002 HTTP/1.1
+mooPOST /blah/moo.html%AMPtestcase=/%TESTNUMBER0002 HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 User-Agent: curl/%VERSION
 Accept: */*
diff --git a/tests/data/test1015 b/tests/data/test1015
index 2cd9378060..0f5ec3f632 100644
--- a/tests/data/test1015
+++ b/tests/data/test1015
@@ -4,7 +4,6 @@
 HTTP
 HTTP POST
 --data-urlencode
-notxml
 
 
 
@@ -51,7 +50,7 @@ Accept: */*
 Content-Length: 119
 Content-Type: application/x-www-form-urlencoded
 
-my+name+is+moo%5B%5D&y e s=s_i_r&v_alue=content+to+_%3F%21%23%24%27%7C%3C%3E%0A&content+to+_%3F%21%23%24%27%7C%3C%3E%0A
+my+name+is+moo%5B%5D%AMPy e s=s_i_r%AMPv_alue=content+to+_%3F%21%23%24%27%7C%3C%3E%0A%AMPcontent+to+_%3F%21%23%24%27%7C%3C%3E%0A
 
 
 
diff --git a/tests/data/test1076 b/tests/data/test1076
index 08eba396c5..8d9f0f1a32 100644
--- a/tests/data/test1076
+++ b/tests/data/test1076
@@ -4,7 +4,6 @@
 HTTP
 HTTP POST
 followlocation
-notxml
 
 
 #
@@ -12,7 +11,7 @@ notxml
 
 
 HTTP/1.1 302 OK swsclose
-Location: moo.html&testcase=/%TESTNUMBER0002
+Location: moo.html%AMPtestcase=/%TESTNUMBER0002
 Date: Tue, 09 Nov 2010 14:49:00 GMT
 Connection: close
 
@@ -27,7 +26,7 @@ body
 
 
 HTTP/1.1 302 OK swsclose
-Location: moo.html&testcase=/%TESTNUMBER0002
+Location: moo.html%AMPtestcase=/%TESTNUMBER0002
 Date: Tue, 09 Nov 2010 14:49:00 GMT
 Connection: close
 
@@ -65,7 +64,7 @@ Accept: */*
 Content-Length: 3
 Content-Type: application/x-www-form-urlencoded
 
-mooPOST /blah/moo.html&testcase=/%TESTNUMBER0002 HTTP/1.1
+mooPOST /blah/moo.html%AMPtestcase=/%TESTNUMBER0002 HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 User-Agent: curl/%VERSION
 Accept: */*
diff --git a/tests/data/test1105 b/tests/data/test1105
index e076681729..5c850cd6d4 100644
--- a/tests/data/test1105
+++ b/tests/data/test1105
@@ -5,7 +5,6 @@ HTTP
 HTTP POST
 cookies
 cookiejar
-notxml
 
 
 
@@ -36,7 +35,7 @@ http
 HTTP with cookie parser and header recording
 
 
-"http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER?parm1=this*that/other/thing&parm2=foobar/%TESTNUMBER" -c %LOGDIR/cookie%TESTNUMBER.txt -d "userid=myname&password=mypassword"
+"http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER?parm1=this*that/other/thing%AMPparm2=foobar/%TESTNUMBER" -c %LOGDIR/cookie%TESTNUMBER.txt -d "userid=myname%AMPpassword=mypassword"
 
 
 cookies
@@ -47,14 +46,14 @@ local-http
 # Verify data after the test has been "shot"
 
 
-POST /we/want/%TESTNUMBER?parm1=this*that/other/thing&parm2=foobar/%TESTNUMBER HTTP/1.1
+POST /we/want/%TESTNUMBER?parm1=this*that/other/thing%AMPparm2=foobar/%TESTNUMBER HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 User-Agent: curl/%VERSION
 Accept: */*
 Content-Length: 33
 Content-Type: application/x-www-form-urlencoded
 
-userid=myname&password=mypassword
+userid=myname%AMPpassword=mypassword
 
 
 # Netscape HTTP Cookie File
diff --git a/tests/data/test1138 b/tests/data/test1138
index a3e65d0e0f..71a44a5a42 100644
--- a/tests/data/test1138
+++ b/tests/data/test1138
@@ -4,7 +4,6 @@
 HTTP
 HTTP GET
 followlocation
-notxml
 
 
 #
@@ -12,7 +11,7 @@ notxml
 
 
 HTTP/1.1 302 OK swsclose
-Location: ../moo.html/?name=%hex[%d8%a2%d8%ba%d8%a7%d8%b2%2d%d8%b3%d9%85%2d%d8%b2%d8%af%d8%a7%db%8c%db%8c%2d%d8%a7%d8%b2%2d%d8%a8%d8%a7%d8%b2%d8%a7%d8%b1%2d%d9%be%d9%88%d9%84]hex%&testcase=/%TESTNUMBER0002
+Location: ../moo.html/?name=%hex[%d8%a2%d8%ba%d8%a7%d8%b2%2d%d8%b3%d9%85%2d%d8%b2%d8%af%d8%a7%db%8c%db%8c%2d%d8%a7%d8%b2%2d%d8%a8%d8%a7%d8%b2%d8%a7%d8%b1%2d%d9%be%d9%88%d9%84]hex%%AMPtestcase=/%TESTNUMBER0002
 Date: Tue, 09 Nov 2010 14:49:00 GMT
 Connection: close
 
@@ -27,7 +26,7 @@ body
 
 
 HTTP/1.1 302 OK swsclose
-Location: ../moo.html/?name=%hex[%d8%a2%d8%ba%d8%a7%d8%b2%2d%d8%b3%d9%85%2d%d8%b2%d8%af%d8%a7%db%8c%db%8c%2d%d8%a7%d8%b2%2d%d8%a8%d8%a7%d8%b2%d8%a7%d8%b1%2d%d9%be%d9%88%d9%84]hex%&testcase=/%TESTNUMBER0002
+Location: ../moo.html/?name=%hex[%d8%a2%d8%ba%d8%a7%d8%b2%2d%d8%b3%d9%85%2d%d8%b2%d8%af%d8%a7%db%8c%db%8c%2d%d8%a7%d8%b2%2d%d8%a8%d8%a7%d8%b2%d8%a7%d8%b1%2d%d9%be%d9%88%d9%84]hex%%AMPtestcase=/%TESTNUMBER0002
 Date: Tue, 09 Nov 2010 14:49:00 GMT
 Connection: close
 
@@ -63,7 +62,7 @@ Host: %HOSTIP:%HTTPPORT
 User-Agent: curl/%VERSION
 Accept: */*
 
-GET /we/are/all/moo.html/?name=%D8%A2%D8%BA%D8%A7%D8%B2-%D8%B3%D9%85-%D8%B2%D8%AF%D8%A7%DB%8C%DB%8C-%D8%A7%D8%B2-%D8%A8%D8%A7%D8%B2%D8%A7%D8%B1-%D9%BE%D9%88%D9%84&testcase=/%TESTNUMBER0002 HTTP/1.1
+GET /we/are/all/moo.html/?name=%D8%A2%D8%BA%D8%A7%D8%B2-%D8%B3%D9%85-%D8%B2%D8%AF%D8%A7%DB%8C%DB%8C-%D8%A7%D8%B2-%D8%A8%D8%A7%D8%B2%D8%A7%D8%B1-%D9%BE%D9%88%D9%84%AMPtestcase=/%TESTNUMBER0002 HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 User-Agent: curl/%VERSION
 Accept: */*
diff --git a/tests/data/test1221 b/tests/data/test1221
index 5f200c17ab..2f1df8d2aa 100644
--- a/tests/data/test1221
+++ b/tests/data/test1221
@@ -5,7 +5,6 @@ HTTP
 HTTP POST
 --data-urlencode
 --url-query
-notxml
 
 
 
@@ -47,7 +46,7 @@ content to _?!#$'|%LT%GT
 # Verify data after the test has been "shot"
 
 
-POST /%TESTNUMBER?my+name+is+moo%5b%5d&yes=s+i+r&v_alue=content+to+_%3f%21%23%24%27%7c%3c%3e%0a&content+to+_%3f%21%23%24%27%7c%3c%3e%0a&%3d%3d HTTP/1.1
+POST /%TESTNUMBER?my+name+is+moo%5b%5d%AMPyes=s+i+r%AMPv_alue=content+to+_%3f%21%23%24%27%7c%3c%3e%0a%AMPcontent+to+_%3f%21%23%24%27%7c%3c%3e%0a%AMP%3d%3d HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 User-Agent: curl/%VERSION
 Accept: */*
diff --git a/tests/data/test1332 b/tests/data/test1332
index f1b596e310..032cca7b53 100644
--- a/tests/data/test1332
+++ b/tests/data/test1332
@@ -5,7 +5,6 @@
 HTTP
 HTTP POST
 followlocation
-notxml
 
 
 #
@@ -13,7 +12,7 @@ notxml
 
 
 HTTP/1.1 303 OK swsclose
-Location: moo.html&testcase=/%TESTNUMBER0002
+Location: moo.html%AMPtestcase=/%TESTNUMBER0002
 Date: Tue, 09 Nov 2010 14:49:00 GMT
 Connection: close
 
@@ -28,7 +27,7 @@ body
 
 
 HTTP/1.1 303 OK swsclose
-Location: moo.html&testcase=/%TESTNUMBER0002
+Location: moo.html%AMPtestcase=/%TESTNUMBER0002
 Date: Tue, 09 Nov 2010 14:49:00 GMT
 Connection: close
 
@@ -66,7 +65,7 @@ Accept: */*
 Content-Length: 3
 Content-Type: application/x-www-form-urlencoded
 
-mooPOST /blah/moo.html&testcase=/%TESTNUMBER0002 HTTP/1.1
+mooPOST /blah/moo.html%AMPtestcase=/%TESTNUMBER0002 HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 User-Agent: curl/%VERSION
 Accept: */*
diff --git a/tests/data/test1402 b/tests/data/test1402
index 401daa3ba5..66d3c9dc3d 100644
--- a/tests/data/test1402
+++ b/tests/data/test1402
@@ -4,7 +4,6 @@
 HTTP
 HTTP POST
 --libcurl
-notxml
 
 
 
@@ -50,7 +49,7 @@ Accept: */*
 Content-Length: 16
 Content-Type: application/x-www-form-urlencoded
 
-foo=bar&baz=quux
+foo=bar%AMPbaz=quux
 
 
 # CURLOPT_SSL_VERIFYPEER, SSH_KNOWNHOSTS and HTTP_VERSION vary with
diff --git a/tests/data/test1403 b/tests/data/test1403
index 2a9cba0bed..1055d29a83 100644
--- a/tests/data/test1403
+++ b/tests/data/test1403
@@ -4,7 +4,6 @@
 HTTP
 HTTP GET
 --libcurl
-notxml
 
 
 
@@ -43,7 +42,7 @@ http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER --libcurl %LOGDIR/test%TESTNUMBER.c
 # Verify data after the test has been "shot"
 
 
-GET /we/want/%TESTNUMBER?foo=bar&baz=quux HTTP/1.1
+GET /we/want/%TESTNUMBER?foo=bar%AMPbaz=quux HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 User-Agent: curl/%VERSION
 Accept: */*
diff --git a/tests/data/test1598 b/tests/data/test1598
index f3143432ed..f7c935a190 100644
--- a/tests/data/test1598
+++ b/tests/data/test1598
@@ -5,7 +5,6 @@ HTTP
 HTTP POST
 CURLOPT_HTTPTRAILER_FUNCTION
 CURLOPT_HTTPTRAILER_DATA
-notxml
 
 
 
@@ -50,7 +49,7 @@ Transfer-Encoding: chunked
 Content-Type: application/x-www-form-urlencoded
 
 11
-xxx=yyy&aaa=bbbbb
+xxx=yyy%AMPaaa=bbbbb
 0
 my-super-awesome-trailer: trail1
 my-other-awesome-trailer: trail2
diff --git a/tests/data/test1977 b/tests/data/test1977
index d62ed337e6..dba5504e10 100644
--- a/tests/data/test1977
+++ b/tests/data/test1977
@@ -3,7 +3,6 @@
 
 CURLOPT_CURLU
 CURLINFO_EFFECTIVE_URL
-notxml
 
 
 
@@ -43,7 +42,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER
 
 effective URL: http://%HOSTIP:%HTTPPORT/%TESTNUMBER
 effective URL: http://%HOSTIP:%HTTPPORT/%TESTNUMBER?foo
-effective URL: http://%HOSTIP:%HTTPPORT/%TESTNUMBER?foo&bar
+effective URL: http://%HOSTIP:%HTTPPORT/%TESTNUMBER?foo%AMPbar
 
 
 GET /%TESTNUMBER HTTP/1.1
@@ -54,7 +53,7 @@ GET /%TESTNUMBER?foo HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 Accept: */*
 
-GET /%TESTNUMBER?foo&bar HTTP/1.1
+GET /%TESTNUMBER?foo%AMPbar HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 Accept: */*
 
diff --git a/tests/data/test199 b/tests/data/test199
index fc8a8e96a0..996abb089e 100644
--- a/tests/data/test199
+++ b/tests/data/test199
@@ -4,7 +4,6 @@
 HTTP
 HTTP GET
 globbing
-notxml
 
 
 #
@@ -36,7 +35,7 @@ http
 HTTP with -d, -G and {}
 
 
--d "foo=moo&moo=poo" "http://%HOSTIP:%HTTPPORT/{%TESTNUMBER,%TESTNUMBER}" -G
+-d "foo=moo%AMPmoo=poo" "http://%HOSTIP:%HTTPPORT/{%TESTNUMBER,%TESTNUMBER}" -G
 
 
 
@@ -44,12 +43,12 @@ HTTP with -d, -G and {}
 # Verify data after the test has been "shot"
 
 
-GET /%TESTNUMBER?foo=moo&moo=poo HTTP/1.1
+GET /%TESTNUMBER?foo=moo%AMPmoo=poo HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 User-Agent: curl/%VERSION
 Accept: */*
 
-GET /%TESTNUMBER?foo=moo&moo=poo HTTP/1.1
+GET /%TESTNUMBER?foo=moo%AMPmoo=poo HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 User-Agent: curl/%VERSION
 Accept: */*
diff --git a/tests/data/test3 b/tests/data/test3
index 50fdfeea48..c2f8e11a9c 100644
--- a/tests/data/test3
+++ b/tests/data/test3
@@ -4,7 +4,6 @@
 HTTP
 HTTP POST
 HTTP Basic auth
-notxml
 
 
 #
@@ -37,7 +36,7 @@ http
 HTTP POST with auth and contents but with content-length set to 0
 
 
- -d "fooo=mooo&pooo=clue&doo=%20%20%20++++" -u "fake:-user" http://%HOSTIP:%HTTPPORT/%TESTNUMBER
+ -d "fooo=mooo%AMPpooo=clue%AMPdoo=%20%20%20++++" -u "fake:-user" http://%HOSTIP:%HTTPPORT/%TESTNUMBER
 
 
 
@@ -53,7 +52,7 @@ Accept: */*
 Content-Length: 37
 Content-Type: application/x-www-form-urlencoded
 
-fooo=mooo&pooo=clue&doo=%20%20%20++++
+fooo=mooo%AMPpooo=clue%AMPdoo=%20%20%20++++
 
 
 
diff --git a/tests/data/test32 b/tests/data/test32
index 94b9531ca5..e96389f989 100644
--- a/tests/data/test32
+++ b/tests/data/test32
@@ -4,7 +4,6 @@
 HTTP
 HTTP GET
 -G
-notxml
 
 
 #
@@ -36,7 +35,7 @@ http
 HTTP with -d and -G
 
 
--d "foo=moo&moo=poo" http://%HOSTIP:%HTTPPORT/%TESTNUMBER -G
+-d "foo=moo%AMPmoo=poo" http://%HOSTIP:%HTTPPORT/%TESTNUMBER -G
 
 
 
@@ -44,7 +43,7 @@ HTTP with -d and -G
 # Verify data after the test has been "shot"
 
 
-GET /%TESTNUMBER?foo=moo&moo=poo HTTP/1.1
+GET /%TESTNUMBER?foo=moo%AMPmoo=poo HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 User-Agent: curl/%VERSION
 Accept: */*
diff --git a/tests/data/test40 b/tests/data/test40
index 04efdbbc70..4f728fe862 100644
--- a/tests/data/test40
+++ b/tests/data/test40
@@ -4,7 +4,6 @@
 HTTP
 HTTP GET
 followlocation
-notxml
 
 
 #
@@ -12,7 +11,7 @@ notxml
 
 
 HTTP/1.1 302 OK swsclose
-Location: ../moo.html/?name=d a niel&testcase=/%TESTNUMBER0002%repeat[4 x  ]%
+Location: ../moo.html/?name=d a niel%AMPtestcase=/%TESTNUMBER0002%repeat[4 x  ]%
 Date: Tue, 09 Nov 2010 14:49:00 GMT
 Connection: close
 
@@ -27,7 +26,7 @@ body
 
 
 HTTP/1.1 302 OK swsclose
-Location: ../moo.html/?name=d a niel&testcase=/%TESTNUMBER0002%repeat[4 x  ]%
+Location: ../moo.html/?name=d a niel%AMPtestcase=/%TESTNUMBER0002%repeat[4 x  ]%
 Date: Tue, 09 Nov 2010 14:49:00 GMT
 Connection: close
 
@@ -63,7 +62,7 @@ Host: %HOSTIP:%HTTPPORT
 User-Agent: curl/%VERSION
 Accept: */*
 
-GET /we/are/all/moo.html/?name=d+a+niel&testcase=/%TESTNUMBER0002 HTTP/1.1
+GET /we/are/all/moo.html/?name=d+a+niel%AMPtestcase=/%TESTNUMBER0002 HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 User-Agent: curl/%VERSION
 Accept: */*
diff --git a/tests/data/test439 b/tests/data/test439
index 8529797242..949f887ef9 100644
--- a/tests/data/test439
+++ b/tests/data/test439
@@ -3,7 +3,6 @@
 
 HTTP
 aws-sigv4
-notxml
 
 
 
@@ -40,7 +39,7 @@ aws
 aws-sigv4 with query
 
 
-"http://fake.fake.fake:8000/%TESTNUMBER/?name=me&noval&aim=b%aad&&&weirdo=*.//-" -u user:secret --aws-sigv4 "aws:amz:us-east-2:es" --connect-to fake.fake.fake:8000:%HOSTIP:%HTTPPORT
+"http://fake.fake.fake:8000/%TESTNUMBER/?name=me%AMPnoval%AMPaim=b%aad%AMP%AMP%AMPweirdo=*.//-" -u user:secret --aws-sigv4 "aws:amz:us-east-2:es" --connect-to fake.fake.fake:8000:%HOSTIP:%HTTPPORT
 
 
 
@@ -48,7 +47,7 @@ aws-sigv4 with query
 # Verify data after the test has been "shot"
 
 
-GET /%TESTNUMBER/?name=me&noval&aim=b%aad&&&weirdo=*.//- HTTP/1.1
+GET /%TESTNUMBER/?name=me%AMPnoval%AMPaim=b%aad%AMP%AMP%AMPweirdo=*.//- HTTP/1.1
 Host: fake.fake.fake:8000
 Authorization: AWS4-HMAC-SHA256 Credential=user/19700101/us-east-2/es/aws4_request, SignedHeaders=host;x-amz-date, Signature=9dd8592929306832a6673d10063491391e486e5f50de4647ea7c2c797277e0a6
 X-Amz-Date: 19700101T000000Z
diff --git a/tests/data/test48 b/tests/data/test48
index c161ba5dca..21cdbd368f 100644
--- a/tests/data/test48
+++ b/tests/data/test48
@@ -4,7 +4,6 @@
 HTTP
 HTTP HEAD
 -G
-notxml
 
 
 #
@@ -30,7 +29,7 @@ http
 HTTP with -d and -G and -I
 
 
--d "foo=moo&moo=poo" http://%HOSTIP:%HTTPPORT/%TESTNUMBER -G -I http://%HOSTIP:%HTTPPORT/%TESTNUMBER
+-d "foo=moo%AMPmoo=poo" http://%HOSTIP:%HTTPPORT/%TESTNUMBER -G -I http://%HOSTIP:%HTTPPORT/%TESTNUMBER
 
 
 
@@ -38,12 +37,12 @@ HTTP with -d and -G and -I
 # Verify data after the test has been "shot"
 
 
-HEAD /%TESTNUMBER?foo=moo&moo=poo HTTP/1.1
+HEAD /%TESTNUMBER?foo=moo%AMPmoo=poo HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 User-Agent: curl/%VERSION
 Accept: */*
 
-HEAD /%TESTNUMBER?foo=moo&moo=poo HTTP/1.1
+HEAD /%TESTNUMBER?foo=moo%AMPmoo=poo HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 User-Agent: curl/%VERSION
 Accept: */*
diff --git a/tests/data/test568 b/tests/data/test568
index a2438916d4..6c8eaade73 100644
--- a/tests/data/test568
+++ b/tests/data/test568
@@ -5,7 +5,6 @@
 
 RTSP
 ANNOUNCE
-notxml
 
 
 
@@ -107,7 +106,7 @@ CSeq: 3
 Content-Type: posty goodness
 Content-Length: 35
 
-postyfield=postystuff&project=curl
+postyfield=postystuff%AMPproject=curl
 OPTIONS rtsp://%HOSTIP:%RTSPPORT/%TESTNUMBER0004 RTSP/1.0
 CSeq: 4
 
diff --git a/tests/data/test733 b/tests/data/test733
index 0bf953cca2..8235e71999 100644
--- a/tests/data/test733
+++ b/tests/data/test733
@@ -2,7 +2,6 @@
 
 
 IPFS
-notxml
 
 
 
@@ -38,7 +37,7 @@ http
 IPFS with path and query args
 
 
---ipfs-gateway http://%HOSTIP:%HTTPPORT "ipfs://bafybeidecnvkrygux6uoukouzps5ofkeevoqland7kopseiod6pzqvjg7u/a/b?foo=bar&aaa=bbb"
+--ipfs-gateway http://%HOSTIP:%HTTPPORT "ipfs://bafybeidecnvkrygux6uoukouzps5ofkeevoqland7kopseiod6pzqvjg7u/a/b?foo=bar%AMPaaa=bbb"
 
 
 
@@ -46,7 +45,7 @@ IPFS with path and query args
 # Verify data after the test has been "shot"
 
 
-GET /ipfs/bafybeidecnvkrygux6uoukouzps5ofkeevoqland7kopseiod6pzqvjg7u/a/b?foo=bar&aaa=bbb HTTP/1.1
+GET /ipfs/bafybeidecnvkrygux6uoukouzps5ofkeevoqland7kopseiod6pzqvjg7u/a/b?foo=bar%AMPaaa=bbb HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 User-Agent: curl/%VERSION
 Accept: */*
diff --git a/tests/data/test734 b/tests/data/test734
index 01107fbf6b..6c87bd1eb4 100644
--- a/tests/data/test734
+++ b/tests/data/test734
@@ -2,7 +2,6 @@
 
 
 IPFS
-notxml
 
 
 
@@ -38,7 +37,7 @@ http
 IPFS with path, query args and gateway with path
 
 
---ipfs-gateway http://%HOSTIP:%HTTPPORT/some/path "ipfs://bafybeidecnvkrygux6uoukouzps5ofkeevoqland7kopseiod6pzqvjg7u/a/b?foo=bar&aaa=bbb"
+--ipfs-gateway http://%HOSTIP:%HTTPPORT/some/path "ipfs://bafybeidecnvkrygux6uoukouzps5ofkeevoqland7kopseiod6pzqvjg7u/a/b?foo=bar%AMPaaa=bbb"
 
 
 
@@ -46,7 +45,7 @@ IPFS with path, query args and gateway with path
 # Verify data after the test has been "shot"
 
 
-GET /some/path/ipfs/bafybeidecnvkrygux6uoukouzps5ofkeevoqland7kopseiod6pzqvjg7u/a/b?foo=bar&aaa=bbb HTTP/1.1
+GET /some/path/ipfs/bafybeidecnvkrygux6uoukouzps5ofkeevoqland7kopseiod6pzqvjg7u/a/b?foo=bar%AMPaaa=bbb HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 User-Agent: curl/%VERSION
 Accept: */*
diff --git a/tests/data/test735 b/tests/data/test735
index 574d8bd492..d23a0fe6d9 100644
--- a/tests/data/test735
+++ b/tests/data/test735
@@ -2,7 +2,6 @@
 
 
 IPFS
-notxml
 
 
 
@@ -38,7 +37,7 @@ http
 IPNS with path, query args and gateway with path
 
 
---ipfs-gateway http://%HOSTIP:%HTTPPORT/some/path "ipns://fancy.tld/a/b?foo=bar&aaa=bbb"
+--ipfs-gateway http://%HOSTIP:%HTTPPORT/some/path "ipns://fancy.tld/a/b?foo=bar%AMPaaa=bbb"
 
 
 
@@ -46,7 +45,7 @@ IPNS with path, query args and gateway with path
 # Verify data after the test has been "shot"
 
 
-GET /some/path/ipns/fancy.tld/a/b?foo=bar&aaa=bbb HTTP/1.1
+GET /some/path/ipns/fancy.tld/a/b?foo=bar%AMPaaa=bbb HTTP/1.1
 Host: %HOSTIP:%HTTPPORT
 User-Agent: curl/%VERSION
 Accept: */*
diff --git a/tests/data/test739 b/tests/data/test739
index 3e712f513e..b51afb5a41 100644
--- a/tests/data/test739
+++ b/tests/data/test739
@@ -2,7 +2,6 @@
 
 
 IPFS
-notxml
 
 
 
@@ -24,7 +23,7 @@ http
 IPNS path and query args for gateway and IPFS URL (malformed gateway URL)
 
 
---ipfs-gateway "http://%HOSTIP:%HTTPPORT/some/path?biz=baz" "ipns://fancy.tld/a/b?foo=bar&aaa=bbb"
+--ipfs-gateway "http://%HOSTIP:%HTTPPORT/some/path?biz=baz" "ipns://fancy.tld/a/b?foo=bar%AMPaaa=bbb"
 
 
 

From 7109b427fbf0711ba1a6e22f0ff565f93fbeb9ea Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 10 Dec 2025 22:57:58 +0100
Subject: [PATCH 1220/2408] tests/data: replace `<` with `%LT`

For XML-compliance.

Closes #19924
---
 tests/data/test1189 | 5 ++---
 tests/data/test163  | 3 +--
 tests/data/test39   | 5 ++---
 3 files changed, 5 insertions(+), 8 deletions(-)

diff --git a/tests/data/test1189 b/tests/data/test1189
index b5574cef50..8fdb3d9ac1 100644
--- a/tests/data/test1189
+++ b/tests/data/test1189
@@ -3,7 +3,6 @@
 
 HTTP
 HTTP FORMPOST
-notxml
 
 
 # Server-side
@@ -34,7 +33,7 @@ http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER --form-escape
 -F name=daniel
 -F tool=curl
 --form-string "str1=@literal"
---form-string "str2=
 HTTP
 HTTP POST
-notxml
 
 
 
@@ -31,7 +30,7 @@ http
 HTTP multipart formpost with contents from a file
 
 
-http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER -F "name=<%LOGDIR/field%TESTNUMBER" -F tool=curl
+http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER -F "name=%LT%LOGDIR/field%TESTNUMBER" -F tool=curl
 
 # We create this file before the command is invoked!
 
diff --git a/tests/data/test39 b/tests/data/test39
index b006254337..c1c8ab6aca 100644
--- a/tests/data/test39
+++ b/tests/data/test39
@@ -3,7 +3,6 @@
 
 HTTP
 HTTP FORMPOST
-notxml
 
 
 # Server-side
@@ -34,7 +33,7 @@ http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER
 -F name=daniel
 -F tool=curl
 --form-string "str1=@literal"
---form-string "str2=
Date: Wed, 10 Dec 2025 23:07:50 +0100
Subject: [PATCH 1221/2408] tests/data: replace `<`, `>` with `%LT`, `%GT`

For XML-compliance.

Closes #19925
---
 tests/data/test1683 | 5 ++---
 tests/data/test320  | 5 ++---
 tests/data/test646  | 7 +++----
 3 files changed, 7 insertions(+), 10 deletions(-)

diff --git a/tests/data/test1683 b/tests/data/test1683
index 47d280cd14..dd0c80528a 100644
--- a/tests/data/test1683
+++ b/tests/data/test1683
@@ -4,7 +4,6 @@
 HTTP
 HTTP GET
 --no-clobber
-notxml
 
 
 
@@ -40,7 +39,7 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER -o %LOGDIR/exist%TESTNUMBER --no-clobber
 to stay the same
 
 
-%PERL -e 'for my $i ((1..100)) { my $filename = "%LOGDIR/exist%TESTNUMBER.$i"; open(FH, ">", $filename) or die $!; print FH "to stay the same" ; close(FH) }'
+%PERL -e 'for my $i ((1..100)) { my $filename = "%LOGDIR/exist%TESTNUMBER.$i"; open(FH, "%GT", $filename) or die $!; print FH "to stay the same" ; close(FH) }'
 
 
 
@@ -54,7 +53,7 @@ to stay the same
 to stay the same
 
 
-%PERL -e 'for my $i ((1..100)) { my $filename = "%LOGDIR/exist%TESTNUMBER.$i"; open(FH, "<", $filename) or die $!; ( eq "to stay the same" and  eq "") or die "incorrect $filename" ; close(FH) }'
+%PERL -e 'for my $i ((1..100)) { my $filename = "%LOGDIR/exist%TESTNUMBER.$i"; open(FH, "%LT", $filename) or die $!; (%LTFH%GT eq "to stay the same" and %LTFH%GT eq "") or die "incorrect $filename" ; close(FH) }'
 
 
 
diff --git a/tests/data/test320 b/tests/data/test320
index ca68674571..e046b4db45 100644
--- a/tests/data/test320
+++ b/tests/data/test320
@@ -4,7 +4,6 @@
 HTTPS
 HTTP GET
 TLS-SRP
-notxml
 
 
 
@@ -43,11 +42,11 @@ Accept: */*
 
 
 
-s/^
Connected as user 'jsmith'.*/FINE/
+s/^%LTp%GTConnected as user 'jsmith'.*/FINE/
 s/Protocol version:.*[0-9]//
 s/GNUTLS/GnuTLS/
 s/(AES[-_])\d\d\d([-_]CBC)/$1NNN$2/
-s/^<.*\n//
+s/^%LT.*\n//
 s/^\n//
 
 
diff --git a/tests/data/test646 b/tests/data/test646
index 39fafa573c..0ded08bcac 100644
--- a/tests/data/test646
+++ b/tests/data/test646
@@ -3,7 +3,6 @@
 
 SMTP
 MULTIPART
-notxml
 
 
 
@@ -35,10 +34,10 @@ smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER
 --mail-rcpt recipient@example.com
 --mail-from sender@example.com
 -F "=(;type=multipart/alternative"
--F "= This is the html version;headers=X-test1: this is a header;type=text/html;headers=X-test2: this is another header "
+-F "= %LTbody%GTThis is the html version%LT/body%GT;headers=X-test1: this is a header;type=text/html;headers=X-test2: this is another header "
 -F "=This is the plain text version;headers=@%LOGDIR/headers%TESTNUMBER"
 -F "=)"
--F "=@%LOGDIR/test%TESTNUMBER.txt;headers=<%LOGDIR/headers%TESTNUMBER"
+-F "=@%LOGDIR/test%TESTNUMBER.txt;headers=%LT%LOGDIR/headers%TESTNUMBER"
 -H "From: different"
 -H "To: another"
 -H "Reply-To: %LTfollowup@example.com%GT"
@@ -88,7 +87,7 @@ Content-Transfer-Encoding: 8bit%CR
 X-test1: this is a header%CR
 X-test2: this is another header%CR
 %CR
-This is the html version%CR
+%LTbody%GTThis is the html version%LT/body%GT%CR
 ------------------------------%CR
 X-fileheader1: This is a header from a file%CR
 X-fileheader2: This is #a folded header%CR

From 319298484f212bfd6a673fbbab21c7afcf6259ad Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 10 Dec 2025 23:21:10 +0100
Subject: [PATCH 1222/2408] runtests: add support for single-quoted attributes,
 use it

With this, all test data files are XML-compliant.

Also:
- test1158, test1186: use single quotes for the test filename attribute
  containing a double quote. For XML-compliance.
- drop support for unquoted attributes. For XML-compliance.

Closes #19926
---
 tests/data/test1158 | 3 +--
 tests/data/test1186 | 3 +--
 tests/getpart.pm    | 6 ++++--
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/tests/data/test1158 b/tests/data/test1158
index a791c6fd4c..befecd763b 100644
--- a/tests/data/test1158
+++ b/tests/data/test1158
@@ -3,7 +3,6 @@
 
 HTTP
 HTTP FORMPOST
-notxml
 
 
 # Server-side
@@ -37,7 +36,7 @@ http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER
 -F 'file3=@"%LOGDIR/test%TESTNUMBER\".txt";type=m/f,"%LOGDIR/test%TESTNUMBER\".txt"'
 
 # We create this file before the command is invoked!
-
+
 foo bar
 This is a bar foo
 bar
diff --git a/tests/data/test1186 b/tests/data/test1186
index 7a8b69486b..439dbebcf5 100644
--- a/tests/data/test1186
+++ b/tests/data/test1186
@@ -3,7 +3,6 @@
 
 HTTP
 HTTP FORMPOST
-notxml
 
 
 # Server-side
@@ -37,7 +36,7 @@ http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER --form-escape
 -F 'file3=@"%LOGDIR/test%TESTNUMBER\".txt";type=m/f,"%LOGDIR/test%TESTNUMBER\".txt"'
 
 # We create this file before the command is invoked!
-
+
 foo bar
 This is a bar foo
 bar
diff --git a/tests/getpart.pm b/tests/getpart.pm
index 7fa703d0b1..69b810db5c 100644
--- a/tests/getpart.pm
+++ b/tests/getpart.pm
@@ -76,9 +76,10 @@ sub testcaseattr {
     for(@xml) {
         if(($_ =~ /^ *\]*)/)) {
             my $attr=$1;
-            while($attr =~ s/ *([^=]*)= *(\"([^\"]*)\"|([^\> ]*))//) {
+            while($attr =~ s/ *([^=]*)= *(\"([^\"]*)\"|\'([^\']*)\')//) {
                 my ($var, $cont)=($1, $2);
                 $cont =~ s/^\"(.*)\"$/$1/;
+                $cont =~ s/^\'(.*)\'$/$1/;
                 $hash{$var}=$cont;
             }
         }
@@ -108,9 +109,10 @@ sub getpartattr {
             $inside++;
             my $attr=$1;
 
-            while($attr =~ s/ *([^=]*)= *(\"([^\"]*)\"|([^\> ]*))//) {
+            while($attr =~ s/ *([^=]*)= *(\"([^\"]*)\"|\'([^\']*)\')//) {
                 my ($var, $cont)=($1, $2);
                 $cont =~ s/^\"(.*)\"$/$1/;
+                $cont =~ s/^\'(.*)\'$/$1/;
                 $hash{$var}=$cont;
             }
             last;

From bfe6eb1c06f295a45c4d2c9c7aa8f09895706313 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Wed, 10 Dec 2025 23:44:43 +0100
Subject: [PATCH 1223/2408] runtests: drop `notxml` keyword, verify all test
 data files as XML

Follow-up to 7f3731ce142c1d74023abad183cc8ce0fd527fab #19595

Closes #19927
---
 .github/workflows/checksrc.yml | 4 ++--
 docs/tests/FILEFORMAT.md       | 5 -----
 2 files changed, 2 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/checksrc.yml b/.github/workflows/checksrc.yml
index 1b471e50cf..8552ad4c79 100644
--- a/.github/workflows/checksrc.yml
+++ b/.github/workflows/checksrc.yml
@@ -139,8 +139,8 @@ jobs:
       - name: 'check'
         run: |
           {
-            git grep -z -i -l -E '^<\?xml' || true
-            git grep -z -L -F 'notxml' 'tests/data/test*' || true
+            git grep -i -l -E '^<\?xml' -z || true
+            git ls-files 'tests/data/test*' -z || true
           } | xargs -0 -r xmllint >/dev/null
 
   miscchecks:
diff --git a/docs/tests/FILEFORMAT.md b/docs/tests/FILEFORMAT.md
index c655a4d863..84188e9dd9 100644
--- a/docs/tests/FILEFORMAT.md
+++ b/docs/tests/FILEFORMAT.md
@@ -257,11 +257,6 @@ often run on overloaded machines with unpredictable timing.
 Tests using non-7-bit-ASCII characters must provide them with `%hex[]` or
 similar.
 
-In most cases test files comply with the XML format, and pass xmllint cleanly.
-If the data file uses the `&` character, or has other, non-compliant content,
-and making it XML-compliant is not possible or unpractical, use the `notxml`
-keyword to exclude it from linter checks.
-
 ## ``
 
 ### ``

From bb134bba293ffd2128a43d17137e1fb2a84bdd47 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Thu, 11 Dec 2025 09:11:45 +0100
Subject: [PATCH 1224/2408] test3214: allow a larger struct Curl_easy

In my local build it is now 5840 bytes. Add a 10 byte margin.

Closes #19932
---
 tests/unit/unit3214.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/unit/unit3214.c b/tests/unit/unit3214.c
index d992a35dc0..ae03d5410c 100644
--- a/tests/unit/unit3214.c
+++ b/tests/unit/unit3214.c
@@ -41,7 +41,7 @@ static void checksize(const char *name, size_t size, size_t allowed)
 }
 
 /* the maximum sizes we allow specific structs to grow to */
-#define MAX_CURL_EASY           5800
+#define MAX_CURL_EASY           5850
 #define MAX_CONNECTDATA         1300
 #define MAX_CURL_MULTI          850
 #define MAX_CURL_HTTPPOST       112

From 1a822275d333dc6da6043497160fd04c8fa48640 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Wed, 10 Dec 2025 11:40:47 +0100
Subject: [PATCH 1225/2408] curl_sasl: if redirected, require permission to use
 bearer

Closes #19933
---
 lib/curl_sasl.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c
index 3e4bafc19a..b93bafbefa 100644
--- a/lib/curl_sasl.c
+++ b/lib/curl_sasl.c
@@ -452,7 +452,9 @@ static bool sasl_choose_ntlm(struct Curl_easy *data, struct sasl_ctx *sctx)
 
 static bool sasl_choose_oauth(struct Curl_easy *data, struct sasl_ctx *sctx)
 {
-  const char *oauth_bearer = data->set.str[STRING_BEARER];
+  const char *oauth_bearer =
+    (!data->state.this_is_a_follow || data->set.allow_auth_to_other_hosts) ?
+    data->set.str[STRING_BEARER] : NULL;
 
   if(sctx->user && oauth_bearer &&
      (sctx->enabledmechs & SASL_MECH_OAUTHBEARER)) {
@@ -477,7 +479,9 @@ static bool sasl_choose_oauth(struct Curl_easy *data, struct sasl_ctx *sctx)
 
 static bool sasl_choose_oauth2(struct Curl_easy *data, struct sasl_ctx *sctx)
 {
-  const char *oauth_bearer = data->set.str[STRING_BEARER];
+  const char *oauth_bearer =
+    (!data->state.this_is_a_follow || data->set.allow_auth_to_other_hosts) ?
+    data->set.str[STRING_BEARER] : NULL;
 
   if(sctx->user && oauth_bearer &&
      (sctx->enabledmechs & SASL_MECH_XOAUTH2)) {

From f72c3779144955def08c493ed7aef3661b0bb43e Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Wed, 10 Dec 2025 10:49:54 +0100
Subject: [PATCH 1226/2408] tests: verify setting bearer and doing redirects

Test 778, 779 and 795
---
 tests/data/Makefile.am |  6 +--
 tests/data/test778     | 97 ++++++++++++++++++++++++++++++++++++++++++
 tests/data/test779     | 76 +++++++++++++++++++++++++++++++++
 tests/data/test795     | 74 ++++++++++++++++++++++++++++++++
 4 files changed, 250 insertions(+), 3 deletions(-)
 create mode 100644 tests/data/test778
 create mode 100644 tests/data/test779
 create mode 100644 tests/data/test795

diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am
index 63cc4729f3..7faa27da35 100644
--- a/tests/data/Makefile.am
+++ b/tests/data/Makefile.am
@@ -110,9 +110,9 @@ test736 test737 test738 test739 test740 test741 test742 test743 test744 \
 test745 test746 test747 test748 test749 test750 test751 test752 test753 \
 test754 test755 test756 test757 test758 test759 test760 test761 test762 \
 test763 test764 test765 test766 test767 test768 test769 test770 test771 \
-test772 test773 test774 test775 test776 test777 \
-test780 test781 test782 test783 test784 test785 test786 test787 test788 \
-test789 test790 test791 test792 test793 test794         test796 test797 \
+test772 test773 test774 test775 test776 test777 test778 test779 test780 \
+test781 test782 test783 test784 test785 test786 test787 test788 test789 \
+test790 test791 test792 test793 test794 test795 test796 test797 \
 \
 test799 test800 test801 test802 test803 test804 test805 test806 test807 \
 test808 test809 test810 test811 test812 test813 test814 test815 test816 \
diff --git a/tests/data/test778 b/tests/data/test778
new file mode 100644
index 0000000000..84e84b8cd3
--- /dev/null
+++ b/tests/data/test778
@@ -0,0 +1,97 @@
+
+
+
+HTTP
+HTTP proxy
+HTTP Basic auth
+HTTP proxy Basic auth
+followlocation
+oauth2-bearer
+
+
+#
+# Server-side
+
+
+HTTP/1.1 302 OK
+Date: Tue, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake swsclose
+Content-Type: text/html
+Funny-head: yesyes
+Location: http://goto.second.host.now/%TESTNUMBER0002
+Content-Length: 8
+Connection: close
+
+contents
+
+
+HTTP/1.1 200 OK
+Date: Tue, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake swsclose
+Content-Type: text/html
+Funny-head: yesyes
+Content-Length: 9
+
+contents
+
+
+
+HTTP/1.1 302 OK
+Date: Tue, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake swsclose
+Content-Type: text/html
+Funny-head: yesyes
+Location: http://goto.second.host.now/%TESTNUMBER0002
+Content-Length: 8
+Connection: close
+
+HTTP/1.1 200 OK
+Date: Tue, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake swsclose
+Content-Type: text/html
+Funny-head: yesyes
+Content-Length: 9
+
+contents
+
+
+
+#
+# Client-side
+
+
+http
+
+
+HTTP --oauth2-bearer redirect to new host (not passed on)
+
+
+http://first.host.it.is/we/want/that/page/%TESTNUMBER -x %HOSTIP:%HTTPPORT --oauth2-bearer s3cr3t --proxy-user testing:this --location
+
+
+proxy
+
+
+
+#
+# Verify data after the test has been "shot"
+
+
+GET http://first.host.it.is/we/want/that/page/%TESTNUMBER HTTP/1.1
+Host: first.host.it.is
+Proxy-Authorization: Basic %b64[testing:this]b64%
+Authorization: Bearer s3cr3t
+User-Agent: curl/%VERSION
+Accept: */*
+Proxy-Connection: Keep-Alive
+
+GET http://goto.second.host.now/%TESTNUMBER0002 HTTP/1.1
+Host: goto.second.host.now
+Proxy-Authorization: Basic %b64[testing:this]b64%
+User-Agent: curl/%VERSION
+Accept: */*
+Proxy-Connection: Keep-Alive
+
+
+
+
diff --git a/tests/data/test779 b/tests/data/test779
new file mode 100644
index 0000000000..f833c3782c
--- /dev/null
+++ b/tests/data/test779
@@ -0,0 +1,76 @@
+
+
+
+HTTP
+IMAP
+oauth2-bearer
+followlocation
+
+
+#
+# Server-side
+
+
+AUTH XOAUTH2
+REPLY AUTHENTICATE +
+REPLY dXNlcj12AWF1dGg9QmVhcmVyIHMzY3IzdAEB B002 OK AUTHENTICATE completed
+
+
+HTTP/1.1 302 OK
+Date: Tue, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake swsclose
+Content-Type: text/html
+Funny-head: yesyes
+Location: imap://v@host:%IMAPPORT/%TESTNUMBER0002/
+Content-Length: 8
+Connection: close
+
+contents
+
+
+
+HTTP/1.1 302 OK
+Date: Tue, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake swsclose
+Content-Type: text/html
+Funny-head: yesyes
+Location: imap://v@host:%IMAPPORT/%TESTNUMBER0002/
+Content-Length: 8
+Connection: close
+
+
+
+
+#
+# Client-side
+
+
+http
+imap
+
+
+HTTP --oauth2-bearer redirects to IMAP
+
+
+http://%HOSTIP:%HTTPPORT/page/%TESTNUMBER --oauth2-bearer s3cr3t --location --proto-redir imap --resolve host:%IMAPPORT:%HOSTIP
+
+
+
+#
+# Verify data after the test has been "shot"
+
+
+GET /page/%TESTNUMBER HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Bearer s3cr3t
+User-Agent: curl/%VERSION
+Accept: */*
+
+B001 CAPABILITY
+
+# curl: (67) Login denied
+
+67
+
+
+
diff --git a/tests/data/test795 b/tests/data/test795
new file mode 100644
index 0000000000..ab33ea5be6
--- /dev/null
+++ b/tests/data/test795
@@ -0,0 +1,74 @@
+
+
+
+HTTP
+IMAP
+followlocation
+
+
+#
+# Server-side
+
+
+AUTH PLAIN
+CAPA SASL-IR
+REPLY AUTHENTICATE B002 OK AUTHENTICATE completed
+
+
+HTTP/1.1 302 OK
+Date: Tue, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake swsclose
+Content-Type: text/html
+Funny-head: yesyes
+Location: imap://v@host:%IMAPPORT/%TESTNUMBER0002/
+Content-Length: 8
+Connection: close
+
+contents
+
+
+
+HTTP/1.1 302 OK
+Date: Tue, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake swsclose
+Content-Type: text/html
+Funny-head: yesyes
+Location: imap://v@host:%IMAPPORT/%TESTNUMBER0002/
+Content-Length: 8
+Connection: close
+
+
+
+
+#
+# Client-side
+
+
+http
+imap
+
+
+HTTP with credentials redirects to IMAP
+
+
+http://@%HOSTIP:%HTTPPORT/page/%TESTNUMBER -u user:secret --location --proto-redir imap --resolve host:%IMAPPORT:%HOSTIP
+
+
+
+#
+# Verify data after the test has been "shot"
+
+
+GET /page/%TESTNUMBER HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Basic %b64[user:secret]b64%
+User-Agent: curl/%VERSION
+Accept: */*
+
+B001 CAPABILITY
+B002 AUTHENTICATE PLAIN AHYA
+B003 LIST "%TESTNUMBER0002" *
+B004 LOGOUT
+
+
+

From 869248cc3e53f0f0e183e057e7c95ffa03ef84c7 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 11 Dec 2025 01:43:21 +0100
Subject: [PATCH 1227/2408] autotools: drop reference to deleted
 `CURL_CHECK_CURLDEBUG`

The referred function has been deleted earlier.

Also:
- drop commented reference to deleted `CURL_CHECK_OPTION_THREADS`.
  0d4fdbf15d8eec908b3e63b606f112b18a63015e #16054

Follow-up to 96a1a05f662677af64b16d862c4126ed52ea4b30 #14096

Closes #19928
---
 m4/curl-confopts.m4 | 2 --
 1 file changed, 2 deletions(-)

diff --git a/m4/curl-confopts.m4 b/m4/curl-confopts.m4
index a540373692..ff1b8b744e 100644
--- a/m4/curl-confopts.m4
+++ b/m4/curl-confopts.m4
@@ -73,7 +73,6 @@ dnl --enable-ares or --disable-ares, and
 dnl set shell variable want_ares as appropriate.
 
 AC_DEFUN([CURL_CHECK_OPTION_ARES], [
-dnl   AC_BEFORE([$0],[CURL_CHECK_OPTION_THREADS])dnl
   AC_BEFORE([$0],[CURL_CHECK_LIB_ARES])dnl
   AC_MSG_CHECKING([whether to enable c-ares for DNS lookups])
   OPT_ARES="default"
@@ -109,7 +108,6 @@ dnl --enable-curldebug or --disable-curldebug, and set
 dnl shell variable want_curldebug value as appropriate.
 
 AC_DEFUN([CURL_CHECK_OPTION_CURLDEBUG], [
-  AC_BEFORE([$0],[CURL_CHECK_CURLDEBUG])dnl
   AC_MSG_CHECKING([whether to enable curl debug memory tracking])
   OPT_CURLDEBUG_BUILD="default"
   AC_ARG_ENABLE(curldebug,

From 421f931e7aafb9b64c0b15555ec8d828c8e62948 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 11 Dec 2025 01:52:58 +0100
Subject: [PATCH 1228/2408] test1165: drop reference to deleted
 `CURL_DISABLE_TESTS`

Follow-up to bf823397bad09791277e983e44e8f0edc3c089b2 #16134

Closes #19929
---
 tests/test1165.pl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/test1165.pl b/tests/test1165.pl
index 049b764647..49806c66ca 100755
--- a/tests/test1165.pl
+++ b/tests/test1165.pl
@@ -70,7 +70,7 @@ sub scanconf_cmake {
     while() {
         if(/(CURL_DISABLE_[A-Z0-9_]+)/g) {
             my ($sym)=($1);
-            if(not $sym =~ /^(CURL_DISABLE_INSTALL|CURL_DISABLE_TESTS|CURL_DISABLE_SRP)$/) {
+            if(not $sym =~ /^(CURL_DISABLE_INSTALL|CURL_DISABLE_SRP)$/) {
                 $hashr->{$sym} = 1;
             }
         }

From 8ff5222b4e2b4c18c941fde483b53d1be2674604 Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 11 Dec 2025 02:13:46 +0100
Subject: [PATCH 1229/2408] docs: fold long lines

Also:
- replace a 'will' found by badwords.
- drop duplicate empty lines.

Closes #19930
---
 docs/ALTSVC.md                       |   3 +-
 docs/internals/BUFQ.md               |   2 -
 docs/internals/CLIENT-READERS.md     | 135 ++++++++++++++++++++-------
 docs/internals/CLIENT-WRITERS.md     |  87 ++++++++++++-----
 docs/internals/CONNECTION-FILTERS.md |   9 +-
 docs/internals/MQTT.md               |  12 +--
 docs/internals/SCORECARD.md          |  45 +++++----
 docs/internals/TLS-SESSIONS.md       |   1 -
 docs/internals/UINT_SETS.md          | 124 ++++++++++++------------
 docs/tests/HTTP.md                   |  90 +++++++++++++-----
 10 files changed, 346 insertions(+), 162 deletions(-)

diff --git a/docs/ALTSVC.md b/docs/ALTSVC.md
index bcdf565074..24b961a3fb 100644
--- a/docs/ALTSVC.md
+++ b/docs/ALTSVC.md
@@ -35,7 +35,8 @@ space separated fields.
 4. The ALPN id for the destination host
 5. The hostname for the destination host
 6. The port number for the destination host
-7. The expiration date and time of this entry within double quotes. The date format is "YYYYMMDD HH:MM:SS" and the time zone is GMT.
+7. The expiration date and time of this entry within double quotes.
+   The date format is "YYYYMMDD HH:MM:SS" and the time zone is GMT.
 8. Boolean (1 or 0) if "persist" was set for this entry
 9. Integer priority value (not currently used)
 
diff --git a/docs/internals/BUFQ.md b/docs/internals/BUFQ.md
index 6028711d2c..8136d588f6 100644
--- a/docs/internals/BUFQ.md
+++ b/docs/internals/BUFQ.md
@@ -14,7 +14,6 @@ to and read from. It manages read and write positions and has a maximum size.
 Its basic read/write functions have a similar signature and return code
 handling as many internal curl read and write ones.
 
-
 ```
 ssize_t Curl_bufq_write(struct bufq *q, const unsigned char *buf, size_t len, CURLcode *err);
 
@@ -150,7 +149,6 @@ reports **full**, but one can **still** write. This option is necessary, if
 partial writes need to be avoided. It means that you need other checks to keep
 the `bufq` from growing ever larger and larger.
 
-
 ## pools
 
 A `struct bufc_pool` may be used to create chunks for a `bufq` and keep spare
diff --git a/docs/internals/CLIENT-READERS.md b/docs/internals/CLIENT-READERS.md
index 35caaa6bfc..bb94bba95f 100644
--- a/docs/internals/CLIENT-READERS.md
+++ b/docs/internals/CLIENT-READERS.md
@@ -6,26 +6,41 @@ SPDX-License-Identifier: curl
 
 # curl client readers
 
-Client readers is a design in the internals of libcurl, not visible in its public API. They were started
-in curl v8.7.0. This document describes the concepts, its high level implementation and the motivations.
+Client readers is a design in the internals of libcurl, not visible in its
+public API. They were started in curl v8.7.0. This document describes
+the concepts, its high level implementation and the motivations.
 
 ## Naming
 
-`libcurl` operates between clients and servers. A *client* is the application using libcurl, like the command line tool `curl` itself. Data to be uploaded to a server is **read** from the client and **sent** to the server, the servers response is **received** by `libcurl` and then **written** to the client.
+`libcurl` operates between clients and servers. A *client* is the application
+using libcurl, like the command line tool `curl` itself. Data to be uploaded
+to a server is **read** from the client and **sent** to the server, the servers
+response is **received** by `libcurl` and then **written** to the client.
 
-With this naming established, client readers are concerned with providing data from the application to the server. Applications register callbacks via `CURLOPT_READFUNCTION`, data via `CURLOPT_POSTFIELDS` and other options to be used by `libcurl` when the request is send.
+With this naming established, client readers are concerned with providing data
+from the application to the server. Applications register callbacks via
+`CURLOPT_READFUNCTION`, data via `CURLOPT_POSTFIELDS` and other options to be
+used by `libcurl` when the request is send.
 
 ## Invoking
 
-The transfer loop that sends and receives, is using `Curl_client_read()` to get more data to send for a transfer. If no specific reader has been installed yet, the default one that uses `CURLOPT_READFUNCTION` is added. The prototype is
+The transfer loop that sends and receives, is using `Curl_client_read()` to get
+more data to send for a transfer. If no specific reader has been installed yet,
+the default one that uses `CURLOPT_READFUNCTION` is added. The prototype is
 
 ```
 CURLcode Curl_client_read(struct Curl_easy *data, char *buf, size_t blen,
                           size_t *nread, bool *eos);
 ```
-The arguments are the transfer to read for, a buffer to hold the read data, its length, the actual number of bytes placed into the buffer and the `eos` (*end of stream*) flag indicating that no more data is available. The `eos` flag may be set for a read amount, if that amount was the last. That way curl can avoid to read an additional time.
+The arguments are the transfer to read for, a buffer to hold the read data, its
+length, the actual number of bytes placed into the buffer and the `eos` (*end of
+stream*) flag indicating that no more data is available. The `eos` flag may be
+set for a read amount, if that amount was the last. That way curl can avoid to
+read an additional time.
 
-The implementation of `Curl_client_read()` uses a chain of *client reader* instances to get the data. This is similar to the design of *client writers*. The chain of readers allows processing of the data to send.
+The implementation of `Curl_client_read()` uses a chain of *client reader*
+instances to get the data. This is similar to the design of *client writers*.
+The chain of readers allows processing of the data to send.
 
 The definition of a reader is:
 
@@ -51,11 +66,17 @@ struct Curl_creader {
 };
 ```
 
-`Curl_creader` is a reader instance with a `next` pointer to form the chain. It as a type `crt` which provides the implementation. The main callback is `do_read()` which provides the data to the caller. The others are for setup and tear down. `needs_rewind()` is explained further below.
+`Curl_creader` is a reader instance with a `next` pointer to form the chain.
+It as a type `crt` which provides the implementation. The main callback is
+`do_read()` which provides the data to the caller. The others are for setup
+and tear down. `needs_rewind()` is explained further below.
 
 ## Phases and Ordering
 
-Since client readers may transform the data being read through the chain, the order in which they are called is relevant for the outcome. When a reader is created, it gets the `phase` property in which it operates. Reader phases are defined like:
+Since client readers may transform the data being read through the chain,
+the order in which they are called is relevant for the outcome. When a reader
+is created, it gets the `phase` property in which it operates. Reader phases
+are defined like:
 
 ```
 typedef enum {
@@ -67,65 +88,115 @@ typedef enum {
 } Curl_creader_phase;
 ```
 
-If a reader for phase `PROTOCOL` is added to the chain, it is always added *after* any `NET` or `TRANSFER_ENCODE` readers and *before* and `CONTENT_ENCODE` and `CLIENT` readers. If there is already a reader for the same phase, the new reader is added before the existing one(s).
+If a reader for phase `PROTOCOL` is added to the chain, it is always added
+*after* any `NET` or `TRANSFER_ENCODE` readers and *before* and
+`CONTENT_ENCODE` and `CLIENT` readers. If there is already a reader for the
+same phase, the new reader is added before the existing one(s).
 
 ### Example: `chunked` reader
 
-In `http_chunks.c` a client reader for chunked uploads is implemented. This one operates at phase `CURL_CR_TRANSFER_ENCODE`. Any data coming from the reader "below" has the HTTP/1.1 chunk handling applied and returned to the caller.
+In `http_chunks.c` a client reader for chunked uploads is implemented. This
+one operates at phase `CURL_CR_TRANSFER_ENCODE`. Any data coming from the
+reader "below" has the HTTP/1.1 chunk handling applied and returned to the
+caller.
 
-When this reader sees an `eos` from below, it generates the terminal chunk, adding trailers if provided by the application. When that last chunk is fully returned, it also sets `eos` to the caller.
+When this reader sees an `eos` from below, it generates the terminal chunk,
+adding trailers if provided by the application. When that last chunk is fully
+returned, it also sets `eos` to the caller.
 
 ### Example: `lineconv` reader
 
-In `sendf.c` a client reader that does line-end conversions is implemented. It operates at `CURL_CR_CONTENT_ENCODE` and converts any "\n" to "\r\n". This is used for FTP ASCII uploads or when the general `crlf` options has been set.
+In `sendf.c` a client reader that does line-end conversions is implemented. It
+operates at `CURL_CR_CONTENT_ENCODE` and converts any "\n" to "\r\n". This is
+used for FTP ASCII uploads or when the general `crlf` options has been set.
 
 ### Example: `null` reader
 
-Implemented in `sendf.c` for phase `CURL_CR_CLIENT`, this reader has the simple job of providing transfer bytes of length 0 to the caller, immediately indicating an `eos`. This reader is installed by HTTP for all GET/HEAD requests and when authentication is being negotiated.
+Implemented in `sendf.c` for phase `CURL_CR_CLIENT`, this reader has the
+simple job of providing transfer bytes of length 0 to the caller, immediately
+indicating an `eos`. This reader is installed by HTTP for all GET/HEAD
+requests and when authentication is being negotiated.
 
 ### Example: `buf` reader
 
-Implemented in `sendf.c` for phase `CURL_CR_CLIENT`, this reader get a buffer pointer and a length and provides exactly these bytes. This one is used in HTTP for sending `postfields` provided by the application.
+Implemented in `sendf.c` for phase `CURL_CR_CLIENT`, this reader get a buffer
+pointer and a length and provides exactly these bytes. This one is used in
+HTTP for sending `postfields` provided by the application.
 
 ## Request retries
 
-Sometimes it is necessary to send a request with client data again. Transfer handling can inquire via `Curl_client_read_needs_rewind()` if a rewind (e.g. a reset of the client data) is necessary. This asks all installed readers if they need it and give `FALSE` of none does.
+Sometimes it is necessary to send a request with client data again. Transfer
+handling can inquire via `Curl_client_read_needs_rewind()` if a rewind (e.g. a
+reset of the client data) is necessary. This asks all installed readers if
+they need it and give `FALSE` of none does.
 
 ## Upload Size
 
-Many protocols need to know the amount of bytes delivered by the client readers in advance. They may invoke `Curl_creader_total_length(data)` to retrieve that. However, not all reader chains know the exact value beforehand. In that case, the call returns `-1` for "unknown".
+Many protocols need to know the amount of bytes delivered by the client
+readers in advance. They may invoke `Curl_creader_total_length(data)` to
+retrieve that. However, not all reader chains know the exact value beforehand.
+In that case, the call returns `-1` for "unknown".
 
-Even if the length of the "raw" data is known, the length that is send may not. Example: with option `--crlf` the uploaded content undergoes line-end conversion. The line converting reader does not know in advance how many newlines it may encounter. Therefore it must return `-1` for any positive raw content length.
+Even if the length of the "raw" data is known, the length that is send may
+not. Example: with option `--crlf` the uploaded content undergoes line-end
+conversion. The line converting reader does not know in advance how many
+newlines it may encounter. Therefore it must return `-1` for any positive raw
+content length.
 
-In HTTP, once the correct client readers are installed, the protocol asks the readers for the total length. If that is known, it can set `Content-Length:` accordingly. If not, it may choose to add an HTTP "chunked" reader.
+In HTTP, once the correct client readers are installed, the protocol asks the
+readers for the total length. If that is known, it can set `Content-Length:`
+accordingly. If not, it may choose to add an HTTP "chunked" reader.
 
-In addition, there is `Curl_creader_client_length(data)` which gives the total length as reported by the reader in phase `CURL_CR_CLIENT` without asking other readers that may transform the raw data. This is useful in estimating the size of an upload. The HTTP protocol uses this to determine if `Expect: 100-continue` shall be done.
+In addition, there is `Curl_creader_client_length(data)` which gives the total
+length as reported by the reader in phase `CURL_CR_CLIENT` without asking
+other readers that may transform the raw data. This is useful in estimating
+the size of an upload. The HTTP protocol uses this to determine if `Expect:
+100-continue` shall be done.
 
 ## Resuming
 
-Uploads can start at a specific offset, if so requested. The "resume from" that offset. This applies to the reader in phase `CURL_CR_CLIENT` that delivers the "raw" content. Resumption can fail if the installed reader does not support it or if the offset is too large.
+Uploads can start at a specific offset, if so requested. The "resume from"
+that offset. This applies to the reader in phase `CURL_CR_CLIENT` that
+delivers the "raw" content. Resumption can fail if the installed reader does
+not support it or if the offset is too large.
 
-The total length reported by the reader changes when resuming. Example: resuming an upload of 100 bytes by 25 reports a total length of 75 afterwards.
+The total length reported by the reader changes when resuming. Example:
+resuming an upload of 100 bytes by 25 reports a total length of 75 afterwards.
 
-If `resume_from()` is invoked twice, it is additive. There is currently no way to undo a resume.
+If `resume_from()` is invoked twice, it is additive. There is currently no way
+to undo a resume.
 
 ## Rewinding
 
-When a request is retried, installed client readers are discarded and replaced by new ones. This works only if the new readers upload the same data. For many readers, this is not an issue. The "null" reader always does the same. Also the `buf` reader, initialized with the same buffer, does this.
+When a request is retried, installed client readers are discarded and replaced
+by new ones. This works only if the new readers upload the same data. For many
+readers, this is not an issue. The "null" reader always does the same. Also
+the `buf` reader, initialized with the same buffer, does this.
 
-Readers operating on callbacks to the application need to "rewind" the underlying content. For example, when reading from a `FILE*`, the reader needs to `fseek()` to the beginning. The following methods are used:
-
-1. `Curl_creader_needs_rewind(data)`: tells if a rewind is necessary, given the current state of the reader chain. If nothing really has been read so far, this returns `FALSE`.
-2. `Curl_creader_will_rewind(data)`: tells if the reader chain rewinds at the start of the next request.
-3. `Curl_creader_set_rewind(data, TRUE)`: marks the reader chain for rewinding at the start of the next request.
-4. `Curl_client_start(data)`: tells the readers that a new request starts and they need to rewind if requested.
+Readers operating on callbacks to the application need to "rewind" the
+underlying content. For example, when reading from a `FILE*`, the reader needs
+to `fseek()` to the beginning. The following methods are used:
 
+1. `Curl_creader_needs_rewind(data)`: tells if a rewind is necessary, given
+   the current state of the reader chain. If nothing really has been read so
+   far, this returns `FALSE`.
+2. `Curl_creader_will_rewind(data)`: tells if the reader chain rewinds at
+   the start of the next request.
+3. `Curl_creader_set_rewind(data, TRUE)`: marks the reader chain for rewinding
+   at the start of the next request.
+4. `Curl_client_start(data)`: tells the readers that a new request starts and
+   they need to rewind if requested.
 
 ## Summary and Outlook
 
-By adding the client reader interface, any protocol can control how/if it wants the curl transfer to send bytes for a request. The transfer loop becomes then blissfully ignorant of the specifics.
+By adding the client reader interface, any protocol can control how/if it wants
+the curl transfer to send bytes for a request. The transfer loop becomes then
+blissfully ignorant of the specifics.
 
-The protocols on the other hand no longer have to care to package data most efficiently. At any time, should more data be needed, it can be read from the client. This is used when sending HTTP requests headers to add as much request body data to the initial sending as there is room for.
+The protocols on the other hand no longer have to care to package data most
+efficiently. At any time, should more data be needed, it can be read from the
+client. This is used when sending HTTP requests headers to add as much request
+body data to the initial sending as there is room for.
 
 Future enhancements based on the client readers:
 * `expect-100` handling: place that into an HTTP specific reader at
diff --git a/docs/internals/CLIENT-WRITERS.md b/docs/internals/CLIENT-WRITERS.md
index 9f7197d228..b07a562afb 100644
--- a/docs/internals/CLIENT-WRITERS.md
+++ b/docs/internals/CLIENT-WRITERS.md
@@ -6,24 +6,35 @@ SPDX-License-Identifier: curl
 
 # curl client writers
 
-Client writers is a design in the internals of libcurl, not visible in its public API. They were started
-in curl v8.5.0. This document describes the concepts, its high level implementation and the motivations.
+Client writers is a design in the internals of libcurl, not visible in its
+public API. They were started in curl v8.5.0. This document describes the
+concepts, its high level implementation and the motivations.
 
 ## Naming
 
-`libcurl` operates between clients and servers. A *client* is the application using libcurl, like the command line tool `curl` itself. Data to be uploaded to a server is **read** from the client and **send** to the server, the servers response is **received** by `libcurl` and then **written** to the client.
+`libcurl` operates between clients and servers. A *client* is the application
+using libcurl, like the command line tool `curl` itself. Data to be uploaded
+to a server is **read** from the client and **send** to the server, the
+servers response is **received** by `libcurl` and then **written** to the
+client.
 
-With this naming established, client writers are concerned with writing responses from the server to the application. Applications register callbacks via `CURLOPT_WRITEFUNCTION` and `CURLOPT_HEADERFUNCTION` to be invoked by `libcurl` when the response is received.
+With this naming established, client writers are concerned with writing
+responses from the server to the application. Applications register callbacks
+via `CURLOPT_WRITEFUNCTION` and `CURLOPT_HEADERFUNCTION` to be invoked by
+`libcurl` when the response is received.
 
 ## Invoking
 
-All code in `libcurl` that handles response data is ultimately expected to forward this data via `Curl_client_write()` to the application. The exact prototype of this function is:
+All code in `libcurl` that handles response data is ultimately expected to
+forward this data via `Curl_client_write()` to the application. The exact
+prototype of this function is:
 
 ```
 CURLcode Curl_client_write(struct Curl_easy *data, int type, const char *buf, size_t blen);
 ```
-The `type` argument specifies what the bytes in `buf` actually are. The following bits are defined:
 
+The `type` argument specifies what the bytes in `buf` actually are.
+The following bits are defined:
 ```
 #define CLIENTWRITE_BODY    (1<<0) /* non-meta information, BODY */
 #define CLIENTWRITE_INFO    (1<<1) /* meta information, not a HEADER */
@@ -35,11 +46,15 @@ The `type` argument specifies what the bytes in `buf` actually are. The followin
 ```
 
 The main types here are `CLIENTWRITE_BODY` and `CLIENTWRITE_HEADER`. They are
-mutually exclusive. The other bits are enhancements to `CLIENTWRITE_HEADER` to
-specify what the header is about. They are only used in HTTP and related
+mutually exclusive. The other bits are enhancements to `CLIENTWRITE_HEADER`
+to specify what the header is about. They are only used in HTTP and related
 protocols (RTSP and WebSocket).
 
-The implementation of `Curl_client_write()` uses a chain of *client writer* instances to process the call and make sure that the bytes reach the proper application callbacks. This is similar to the design of connection filters: client writers can be chained to process the bytes written through them. The definition is:
+The implementation of `Curl_client_write()` uses a chain of *client writer*
+instances to process the call and make sure that the bytes reach the proper
+application callbacks. This is similar to the design of connection filters:
+client writers can be chained to process the bytes written through them. The
+definition is:
 
 ```
 struct Curl_cwtype {
@@ -60,11 +75,17 @@ struct Curl_cwriter {
 };
 ```
 
-`Curl_cwriter` is a writer instance with a `next` pointer to form the chain. It has a type `cwt` which provides the implementation. The main callback is `do_write()` that processes the data and calls then the `next` writer. The others are for setup and tear down.
+`Curl_cwriter` is a writer instance with a `next` pointer to form the chain.
+It has a type `cwt` which provides the implementation. The main callback is
+`do_write()` that processes the data and calls then the `next` writer. The
+others are for setup and tear down.
 
 ## Phases and Ordering
 
-Since client writers may transform the bytes written through them, the order in which the are called is relevant for the outcome. When a writer is created, one property it gets is the `phase` in which it operates. Writer phases are defined like:
+Since client writers may transform the bytes written through them, the order
+in which the are called is relevant for the outcome. When a writer is created,
+one property it gets is the `phase` in which it operates. Writer phases are
+defined like:
 
 ```
 typedef enum {
@@ -76,15 +97,28 @@ typedef enum {
 } Curl_cwriter_phase;
 ```
 
-If a writer for phase `PROTOCOL` is added to the chain, it is always added *after* any `RAW` or `TRANSFER_DECODE` and *before* any `CONTENT_DECODE` and `CLIENT` phase writer. If there is already a writer for the same phase present, the new writer is inserted just before that one.
+If a writer for phase `PROTOCOL` is added to the chain, it is always added
+*after* any `RAW` or `TRANSFER_DECODE` and *before* any `CONTENT_DECODE` and
+`CLIENT` phase writer. If there is already a writer for the same phase
+present, the new writer is inserted just before that one.
 
-All transfers have a chain of 3 writers by default. A specific protocol handler may alter that by adding additional writers. The 3 standard writers are (name, phase):
+All transfers have a chain of 3 writers by default. A specific protocol
+handler may alter that by adding additional writers. The 3 standard writers
+are (name, phase):
 
-1. `"raw", CURL_CW_RAW `: if the transfer is verbose, it forwards the body data to the debug function.
-1. `"download", CURL_CW_PROTOCOL`: checks that protocol limits are kept and updates progress counters. When a download has a known length, it checks that it is not exceeded and errors otherwise.
-1. `"client", CURL_CW_CLIENT`: the main work horse. It invokes the application callbacks or writes to the configured file handles. It chops large writes into smaller parts, as documented for `CURLOPT_WRITEFUNCTION`. If also handles *pausing* of transfers when the application callback returns `CURL_WRITEFUNC_PAUSE`.
+1. `"raw", CURL_CW_RAW `: if the transfer is verbose, it forwards the body data
+   to the debug function.
+1. `"download", CURL_CW_PROTOCOL`: checks that protocol limits are kept and
+   updates progress counters. When a download has a known length, it checks
+   that it is not exceeded and errors otherwise.
+1. `"client", CURL_CW_CLIENT`: the main work horse. It invokes the application
+   callbacks or writes to the configured file handles. It chops large writes
+   into smaller parts, as documented for `CURLOPT_WRITEFUNCTION`. If also
+   handles *pausing* of transfers when the application callback returns
+   `CURL_WRITEFUNC_PAUSE`.
 
-With these writers always in place, libcurl's protocol handlers automatically have these implemented.
+With these writers always in place, libcurl's protocol handlers automatically
+have these implemented.
 
 ## Enhanced Use
 
@@ -112,12 +146,23 @@ which always is ordered before writers in phase `CURL_CW_CONTENT_DECODE`.
 
 What else?
 
-Well, HTTP servers may also apply a `Transfer-Encoding` to the body of a response. The most well-known one is `chunked`, but algorithms like `gzip` and friends could also be applied. The difference to content encodings is that decoding needs to happen *before* protocol checks, for example on length, are done.
+Well, HTTP servers may also apply a `Transfer-Encoding` to the body of a
+response. The most well-known one is `chunked`, but algorithms like `gzip` and
+friends could also be applied. The difference to content encodings is that
+decoding needs to happen *before* protocol checks, for example on length, are
+done.
 
-That is why transfer decoding writers are added for phase `CURL_CW_TRANSFER_DECODE`. Which makes their operation happen *before* phase `CURL_CW_PROTOCOL` where length may be checked.
+That is why transfer decoding writers are added for phase
+`CURL_CW_TRANSFER_DECODE`. Which makes their operation happen *before* phase
+`CURL_CW_PROTOCOL` where length may be checked.
 
 ## Summary
 
-By adding the common behavior of all protocols into `Curl_client_write()` we make sure that they do apply everywhere. Protocol handler have less to worry about. Changes to default behavior can be done without affecting handler implementations.
+By adding the common behavior of all protocols into `Curl_client_write()` we
+make sure that they do apply everywhere. Protocol handler have less to worry
+about. Changes to default behavior can be done without affecting handler
+implementations.
 
-Having a writer chain as implementation allows protocol handlers with extra needs, like HTTP, to add to this for special behavior. The common way of writing the actual response data stays the same.
+Having a writer chain as implementation allows protocol handlers with extra
+needs, like HTTP, to add to this for special behavior. The common way of
+writing the actual response data stays the same.
diff --git a/docs/internals/CONNECTION-FILTERS.md b/docs/internals/CONNECTION-FILTERS.md
index 08fb367385..3fbb041a16 100644
--- a/docs/internals/CONNECTION-FILTERS.md
+++ b/docs/internals/CONNECTION-FILTERS.md
@@ -271,9 +271,14 @@ conn[curl.se] --> SETUP[TCP] --> HAPPY-EYEBALLS --> TCP[2a04:4e42:c00::347]:443
 * transfer
 ```
 
-The modular design of connection filters and that we can plug them into each other is used to control the parallel attempts. When a `TCP` filter does not connect (in time), it is torn down and another one is created for the next address. This keeps the `TCP` filter simple.
+The modular design of connection filters and that we can plug them into each
+other is used to control the parallel attempts. When a `TCP` filter does not
+connect (in time), it is torn down and another one is created for the next
+address. This keeps the `TCP` filter simple.
 
-The `HAPPY-EYEBALLS` on the other hand stays focused on its side of the problem. We can use it also to make other type of connection by just giving it another filter type to try to have happy eyeballing for QUIC:
+The `HAPPY-EYEBALLS` on the other hand stays focused on its side of the
+problem. We can use it also to make other type of connection by just giving it
+another filter type to try to have happy eyeballing for QUIC:
 
 ```
 * create connection for --http3-only https://curl.se/
diff --git a/docs/internals/MQTT.md b/docs/internals/MQTT.md
index 9b8d0efaae..acf7464be5 100644
--- a/docs/internals/MQTT.md
+++ b/docs/internals/MQTT.md
@@ -12,7 +12,6 @@ A plain "GET" subscribes to the topic and prints all published messages.
 
 Doing a "POST" publishes the post data to the topic and exits.
 
-
 ### Subscribing
 
 Command usage:
@@ -26,9 +25,10 @@ Example subscribe:
 This sends an MQTT SUBSCRIBE packet for the topic `bedroom/temp` and listen in
 for incoming PUBLISH packets.
 
-You can set the upkeep interval ms option to make curl send MQTT ping requests to the
-server at an internal, to prevent the connection to get closed because of idleness.
-You might then need to use the progress callback to cancel the operation.
+You can set the upkeep interval ms option to make curl send MQTT ping requests
+to the server at an internal, to prevent the connection to get closed because
+of idleness. You might then need to use the progress callback to cancel the
+operation.
 
 ### Publishing
 
@@ -45,8 +45,8 @@ payload `75`.
 
 ## What does curl deliver as a response to a subscribe
 
-Whenever a PUBLISH packet is received, curl outputs two bytes topic length (MSB | LSB), the topic followed by the
-payload.
+Whenever a PUBLISH packet is received, curl outputs two bytes topic length
+(MSB | LSB), the topic followed by the payload.
 
 ## Caveats
 
diff --git a/docs/internals/SCORECARD.md b/docs/internals/SCORECARD.md
index 5469597604..145267f8c3 100644
--- a/docs/internals/SCORECARD.md
+++ b/docs/internals/SCORECARD.md
@@ -12,14 +12,14 @@ curl/libcurl in a reproducible fashion to judge improvements or detect
 regressions. They are not intended to represent real world scenarios
 as such.
 
-This script is not part of any official interface and we may
-change it in the future according to the project's needs.
+This script is not part of any official interface and we may change it in
+the future according to the project's needs.
 
 ## setup
 
-When you are able to run curl's `pytest` suite, scorecard should work
-for you as well. They start a local Apache httpd or Caddy server and
-invoke the locally build `src/curl` (by default).
+When you are able to run curl's `pytest` suite, scorecard should work for you
+as well. They start a local Apache httpd or Caddy server and invoke the
+locally build `src/curl` (by default).
 
 ## invocation
 
@@ -29,8 +29,9 @@ A typical invocation for measuring performance of HTTP/2 downloads would be:
 curl> python3 tests/http/scorecard.py -d h2
 ```
 
-and this prints a table with the results. The last argument is the protocol to test and
-it can be `h1`, `h2` or `h3`. You can add `--json` to get results in JSON instead of text.
+and this prints a table with the results. The last argument is the protocol to
+test and it can be `h1`, `h2` or `h3`. You can add `--json` to get results in
+JSON instead of text.
 
 Help for all command line options are available via:
 
@@ -40,11 +41,12 @@ curl> python3 tests/http/scorecard.py -h
 
 ## scenarios
 
-Apart from `-d/--downloads` there is `-u/--uploads` and `-r/--requests`. These are run with
-a variation of resource sizes and parallelism by default. You can specify these in some way
-if you are just interested in a particular case.
+Apart from `-d/--downloads` there is `-u/--uploads` and `-r/--requests`. These
+are run with a variation of resource sizes and parallelism by default. You can
+specify these in some way if you are just interested in a particular case.
 
-For example, to run downloads of a 1 MB resource only, 100 times with at max 6 parallel transfers, use:
+For example, to run downloads of a 1 MB resource only, 100 times with at max 6
+parallel transfers, use:
 
 ```
 curl> python3 tests/http/scorecard.py -d --download-sizes=1mb --download-count=100 --download-parallel=6 h2
@@ -61,21 +63,28 @@ involved. (Note: this does not work for HTTP/3)
 
 ## flame graphs
 
-With the excellent [Flame Graph](https://github.com/brendangregg/FlameGraph) by Brendan Gregg, scorecard can turn `perf`/`dtrace` samples into an interactive SVG. Either clone the `Flamegraph` repository next to your `curl` project or set the environment variable `FLAMEGRAPH` to the location of your clone. Then run scorecard with the `--flame` option, like
+With the excellent [Flame Graph](https://github.com/brendangregg/FlameGraph)
+by Brendan Gregg, scorecard can turn `perf`/`dtrace` samples into an
+interactive SVG. Either clone the `Flamegraph` repository next to your `curl`
+project or set the environment variable `FLAMEGRAPH` to the location of your
+clone. Then run scorecard with the `--flame` option, like
 
 ```
 curl> FLAMEGRAPH=/Users/sei/projects/FlameGraph python3 tests/http/scorecard.py \
    -r --request-count=50000 --request-parallels=100 --samples=1 --flame h2
 ```
-and the SVG of the run is in `tests/http/gen/curl/curl.flamegraph.svg`. You can open that in Firefox and zoom in/out of stacks of interest.
 
-The flame graph is about the last run of `curl`. That is why you should add scorecard arguments
-that restrict measurements to a single run.
+and the SVG of the run is in `tests/http/gen/curl/curl.flamegraph.svg`. You
+can open that in Firefox and zoom in/out of stacks of interest.
+
+The flame graph is about the last run of `curl`. That is why you should add
+scorecard arguments that restrict measurements to a single run.
 
 ### Measures/Privileges
 
-The `--flame` option uses `perf` on linux and `dtrace` on macOS. Since both tools require special
-privileges, they are run via the `sudo` command by scorecard. This means you need to issue a
-`sudo` recently enough before running scorecard, so no new password check is needed.
+The `--flame` option uses `perf` on linux and `dtrace` on macOS. Since both
+tools require special privileges, they are run via the `sudo` command by
+scorecard. This means you need to issue a `sudo` recently enough before
+running scorecard, so no new password check is needed.
 
 There is no support right now for measurements on other platforms.
diff --git a/docs/internals/TLS-SESSIONS.md b/docs/internals/TLS-SESSIONS.md
index 8f887d2e07..add735bb03 100644
--- a/docs/internals/TLS-SESSIONS.md
+++ b/docs/internals/TLS-SESSIONS.md
@@ -68,7 +68,6 @@ peer keys for this reason.
 a previous ticket, curl might trust a server which no longer has a root
 certificate in the file.
 
-
 ## Session Cache Access
 
 #### Lookups
diff --git a/docs/internals/UINT_SETS.md b/docs/internals/UINT_SETS.md
index 85952c9803..5158d7e6bd 100644
--- a/docs/internals/UINT_SETS.md
+++ b/docs/internals/UINT_SETS.md
@@ -6,27 +6,26 @@ SPDX-License-Identifier: curl
 
 # `uint32_t` Sets
 
-The multi handle tracks added easy handles via an `uint32_t`
-it calls an `mid`. There are four data structures for `uint32_t`
-optimized for the multi use case.
+The multi handle tracks added easy handles via an `uint32_t` it calls an
+`mid`. There are four data structures for `uint32_t` optimized for the multi
+use case.
 
 ## `uint32_tbl`
 
-`uint32_table`, implemented in `uint-table.[ch]` manages an array
-of `void *`. The `uint32_t` is the index into this array. It is
-created with a *capacity* which can be *resized*. The table assigns
-the index when a `void *` is *added*. It keeps track of the last
-assigned index and uses the next available larger index for a
-subsequent add. Reaching *capacity* it wraps around.
+`uint32_table`, implemented in `uint-table.[ch]` manages an array of `void *`.
+The `uint32_t` is the index into this array. It is created with a *capacity*
+which can be *resized*. The table assigns the index when a `void *` is
+*added*. It keeps track of the last assigned index and uses the next available
+larger index for a subsequent add. Reaching *capacity* it wraps around.
 
 The table *can not* store `NULL` values. The largest possible index
 is `UINT32_MAX - 1`.
 
-The table is iterated over by asking for the *first* existing index,
-meaning the smallest number that has an entry, if the table is not
-empty. To get the *next* entry, one passes the index of the previous
-iteration step. It does not matter if the previous index is still
-in the table. Sample code for a table iteration would look like this:
+The table is iterated over by asking for the *first* existing index, meaning
+the smallest number that has an entry, if the table is not empty. To get
+the *next* entry, one passes the index of the previous iteration step. It does
+not matter if the previous index is still in the table. Sample code for a table
+iteration would look like this:
 
 ```c
 uint32_t int mid;
@@ -50,46 +49,50 @@ This iteration has the following properties:
 
 ### Memory
 
-For storing 1000 entries, the table would allocate one block of 8KB on a 64-bit system,
-plus the 2 pointers and 3 `uint32_t` in its base `struct uint32_tbl`. A resize
-allocates a completely new pointer array, copy the existing entries and free the previous one.
+For storing 1000 entries, the table would allocate one block of 8KB on
+a 64-bit system, plus the 2 pointers and 3 `uint32_t` in its base `struct
+uint32_tbl`. A resize allocates a completely new pointer array, copy
+the existing entries and free the previous one.
 
 ### Performance
 
-Lookups of entries are only an index into the array, O(1) with a tiny 1. Adding
-entries and iterations are more work:
+Lookups of entries are only an index into the array, O(1) with a tiny 1.
+Adding entries and iterations are more work:
 
-1. adding an entry means "find the first free index larger than the previous assigned
-  one". Worst case for this is a table with only a single free index where `capacity - 1`
-  checks on `NULL` values would be performed, O(N). If the single free index is randomly
-  distributed, this would be O(N/2).
-2. iterating a table scans for the first not `NULL` entry after the start index. This
-  makes a complete iteration O(N) work.
+1. adding an entry means "find the first free index larger than the previous
+   assigned one". Worst case for this is a table with only a single free index
+   where `capacity - 1` checks on `NULL` values would be performed, O(N). If
+   the single free index is randomly distributed, this would be O(N/2).
+2. iterating a table scans for the first not `NULL` entry after the start
+   index. This makes a complete iteration O(N) work.
 
-In the multi use case, point 1 is remedied by growing the table so that a good chunk
-of free entries always exists.
+In the multi use case, point 1 is remedied by growing the table so that a good
+chunk of free entries always exists.
 
-Point 2 is less of an issue for a multi, since it does not really matter when the
-number of transfer is relatively small. A multi managing a larger set needs to operate
-event based anyway and table iterations rarely are needed.
+Point 2 is less of an issue for a multi, since it does not really matter when
+the number of transfer is relatively small. A multi managing a larger set
+needs to operate event based anyway and table iterations rarely are needed.
 
 For these reasons, the simple implementation was preferred. Should this become
-a concern, there are options like "free index lists" or, alternatively, an internal
-bitset that scans better.
+a concern, there are options like "free index lists" or, alternatively, an
+internal bitset that scans better.
 
 ## `uint32_bset`
 
-A bitset for `uint32_t` values, allowing fast add/remove operations. It is initialized
-with a *capacity*, meaning it can store only the numbers in the range `[0, capacity-1]`.
-It can be *resized* and safely *iterated*. `uint32_bset` is designed to operate in combination with `uint_tbl`.
+A bitset for `uint32_t` values, allowing fast add/remove operations. It is
+initialized with a *capacity*, meaning it can store only the numbers in the
+range `[0, capacity-1]`. It can be *resized* and safely *iterated*.
+`uint32_bset` is designed to operate in combination with `uint_tbl`.
 
-The bitset keeps an array of `uint64_t`. The first array entry keeps the numbers 0 to 63, the
-second 64 to 127 and so on. A bitset with capacity 1024 would therefore allocate an array
-of 16 64-bit values (128 bytes). Operations for an unsigned int divide it by 64 for the array index and then check/set/clear the bit of the remainder.
+The bitset keeps an array of `uint64_t`. The first array entry keeps the
+numbers 0 to 63, the second 64 to 127 and so on. A bitset with capacity 1024
+would therefore allocate an array of 16 64-bit values (128 bytes). Operations
+for an unsigned int divide it by 64 for the array index and then
+check/set/clear the bit of the remainder.
 
-Iterator works the same as with `uint32_tbl`: ask the bitset for the *first* number present and
-then use that to get the *next* higher number present. Like the table, this safe for
-adds/removes and growing the set while iterating.
+Iterator works the same as with `uint32_tbl`: ask the bitset for the *first*
+number present and then use that to get the *next* higher number present. Like
+the table, this safe for adds/removes and growing the set while iterating.
 
 ### Memory
 
@@ -98,31 +101,36 @@ A bitset for 40000 transfers occupies 5KB of memory.
 
 ## Performance
 
-Operations for add/remove/check are O(1). Iteration needs to scan for the next bit set. The
-number of scans is small (see memory footprint) and, for checking bits, many compilers
-offer primitives for special CPU instructions.
+Operations for add/remove/check are O(1). Iteration needs to scan for the next
+bit set. The number of scans is small (see memory footprint) and, for checking
+bits, many compilers offer primitives for special CPU instructions.
 
 ## `uint32_spbset`
 
-While the memory footprint of `uint32_bset` is good, it still needs 5KB to store the single number 40000. This
-is not optimal when many are needed. For example, in event based processing, each socket needs to
-keep track of the transfers involved. There are many sockets potentially, but each one mostly tracks
-a single transfer or few (on HTTP/2 connection borderline up to 100).
+While the memory footprint of `uint32_bset` is good, it still needs 5KB to
+store the single number 40000. This is not optimal when many are needed. For
+example, in event based processing, each socket needs to keep track of the
+transfers involved. There are many sockets potentially, but each one mostly
+tracks a single transfer or few (on HTTP/2 connection borderline up to 100).
 
-For such uses cases, the `uint32_spbset` is intended: track a small number of unsigned int, potentially
-rather "close" together. It keeps "chunks" with an offset and has no capacity limit.
+For such uses cases, the `uint32_spbset` is intended: track a small number of
+unsigned int, potentially rather "close" together. It keeps "chunks" with an
+offset and has no capacity limit.
 
-Example: adding the number 40000 to an empty sparse bitset would have one chunk with offset 39936, keeping
-track of the numbers 39936 to 40192 (a chunk has 4 64-bit values). The numbers in that range can be handled
-without further allocations.
+Example: adding the number 40000 to an empty sparse bitset would have one
+chunk with offset 39936, keeping track of the numbers 39936 to 40192 (a chunk
+has 4 64-bit values). The numbers in that range can be handled without further
+allocations.
 
-The worst case is then storing 100 numbers that lie in separate intervals. Then 100 chunks
-would need to be allocated and linked, resulting in overall 4 KB of memory used.
+The worst case is then storing 100 numbers that lie in separate intervals.
+Then 100 chunks would need to be allocated and linked, resulting in overall 4
+KB of memory used.
 
 Iterating a sparse bitset works the same as for bitset and table.
 
 ## `uint32_hash`
 
-At last, there are places in libcurl such as the HTTP/2 and HTTP/3 protocol implementations that need
-to store their own data related to a transfer. `uint32_hash` allows then to associate an unsigned int,
-e.g. the transfer's `mid`, to their own data.
+At last, there are places in libcurl such as the HTTP/2 and HTTP/3 protocol
+implementations that need to store their own data related to a transfer.
+`uint32_hash` allows then to associate an unsigned int, e.g. the transfer's
+`mid`, to their own data.
diff --git a/docs/tests/HTTP.md b/docs/tests/HTTP.md
index afbfe9e5bd..658abac255 100644
--- a/docs/tests/HTTP.md
+++ b/docs/tests/HTTP.md
@@ -6,7 +6,9 @@ SPDX-License-Identifier: curl
 
 # The curl HTTP Test Suite
 
-This is an additional test suite using a combination of Apache httpd and nghttpx servers to perform various tests beyond the capabilities of the standard curl test suite.
+This is an additional test suite using a combination of Apache httpd and
+nghttpx servers to perform various tests beyond the capabilities of the
+standard curl test suite.
 
 # Usage
 
@@ -23,13 +25,17 @@ collected 5 items
 tests/http/test_01_basic.py .....
 ```
 
-Pytest takes arguments. `-v` increases its verbosity and can be used several times. `-k ` can be used to run only matching test cases. The `expr` can be something resembling a python test or just a string that needs to match test cases in their names.
+Pytest takes arguments. `-v` increases its verbosity and can be used several
+times. `-k ` can be used to run only matching test cases. The `expr` can
+be something resembling a python test or just a string that needs to match
+test cases in their names.
 
 ```
 curl/tests/http> pytest -vv -k test_01_02
 ```
 
-runs all test cases that have `test_01_02` in their name. This does not have to be the start of the name.
+runs all test cases that have `test_01_02` in their name. This does not have
+to be the start of the name.
 
 Depending on your setup, some test cases may be skipped and appear as `s` in
 the output. If you run pytest verbose, it also gives you the reason for
@@ -40,7 +46,8 @@ skipping.
 You need:
 
 1. a recent Python, the `cryptography` module and, of course, `pytest`
-2. an apache httpd development version. On Debian/Ubuntu, the package `apache2-dev` has this
+2. an apache httpd development version. On Debian/Ubuntu, the package
+   `apache2-dev` has this
 3. a local `curl` project build
 3. optionally, a `nghttpx` with HTTP/3 enabled or h3 test cases are skipped
 
@@ -48,33 +55,49 @@ You need:
 
 Via curl's `configure` script you may specify:
 
-  * `--with-test-nghttpx=` if you have nghttpx to use somewhere outside your `$PATH`.
-  * `--with-test-httpd=` if you have an Apache httpd installed somewhere else. On Debian/Ubuntu it will otherwise look into `/usr/bin` and `/usr/sbin` to find those.
-  * `--with-test-caddy=` if you have a Caddy web server installed somewhere else.
-  * `--with-test-vsftpd=` if you have a vsftpd ftp  server installed somewhere else.
+  * `--with-test-nghttpx=` if you have nghttpx to use
+   somewhere outside your `$PATH`.
+
+  * `--with-test-httpd=` if you have an Apache httpd
+   installed somewhere else. On Debian/Ubuntu it otherwise looks into
+   `/usr/bin` and `/usr/sbin` to find those.
+
+  * `--with-test-caddy=` if you have a Caddy web server
+   installed somewhere else.
+
+  * `--with-test-vsftpd=` if you have a vsftpd ftp
+   server installed somewhere else.
+
   * `--with-test-danted=` if you have `dante-server` installed
 
 ## Usage Tips
 
-Several test cases are parameterized, for example with the HTTP version to use. If you want to run a test with a particular protocol only, use a command line like:
+Several test cases are parameterized, for example with the HTTP version to
+use. If you want to run a test with a particular protocol only, use a command
+line like:
 
 ```
 curl/tests/http> pytest -k "test_02_06 and h2"
 ```
 
-Test cases can be repeated, with the `pytest-repeat` module (`pip install pytest-repeat`). Like in:
+Test cases can be repeated, with the `pytest-repeat` module (`pip install
+pytest-repeat`). Like in:
 
 ```
 curl/tests/http> pytest -k "test_02_06 and h2" --count=100
 ```
 
-which then runs this test case a hundred times. In case of flaky tests, you can make pytest stop on the first one with:
+which then runs this test case a hundred times. In case of flaky tests, you
+can make pytest stop on the first one with:
 
 ```
 curl/tests/http> pytest -k "test_02_06 and h2" --count=100 --maxfail=1
 ```
 
-which allow you to inspect output and log files for the failed run. Speaking of log files, the verbosity of pytest is also used to collect curl trace output. If you specify `-v` three times, the `curl` command is started with `--trace`:
+which allow you to inspect output and log files for the failed run. Speaking
+of log files, the verbosity of pytest is also used to collect curl trace
+output. If you specify `-v` three times, the `curl` command is started with
+`--trace`:
 
 ```
 curl/tests/http> pytest -vvv -k "test_02_06 and h2" --count=100 --maxfail=1
@@ -84,7 +107,10 @@ all of curl's output and trace file are found in `tests/http/gen/curl`.
 
 ## Writing Tests
 
-There is a lot of [`pytest` documentation](https://docs.pytest.org/) with examples. No use in repeating that here. Assuming you are somewhat familiar with it, it is useful how *this* general test suite is setup. Especially if you want to add test cases.
+There is a lot of [`pytest` documentation](https://docs.pytest.org/) with
+examples. No use in repeating that here. Assuming you are somewhat familiar
+with it, it is useful how *this* general test suite is setup. Especially if
+you want to add test cases.
 
 ### Servers
 
@@ -110,22 +136,44 @@ left behind.
 
 ### Test Cases
 
-Tests making use of these fixtures have them in their parameter list. This tells pytest that a particular test needs them, so it has to create them. Since one can invoke pytest for just a single test, it is important that a test references the ones it needs.
+Tests making use of these fixtures have them in their parameter list. This
+tells pytest that a particular test needs them, so it has to create them.
+Since one can invoke pytest for just a single test, it is important that a
+test references the ones it needs.
 
-All test cases start with `test_` in their name. We use a double number scheme to group them. This makes it ease to run only specific tests and also give a short mnemonic to communicate trouble with others in the project. Otherwise you are free to name test cases as you think fitting.
+All test cases start with `test_` in their name. We use a double number scheme
+to group them. This makes it ease to run only specific tests and also give a
+short mnemonic to communicate trouble with others in the project. Otherwise
+you are free to name test cases as you think fitting.
 
-Tests are grouped thematically in a file with a single Python test class. This is convenient if you need a special "fixture" for several tests. "fixtures" can have "class" scope.
+Tests are grouped thematically in a file with a single Python test class. This
+is convenient if you need a special "fixture" for several tests. "fixtures"
+can have "class" scope.
 
-There is a curl helper class that knows how to invoke curl and interpret its output. Among other things, it does add the local CA to the command line, so that SSL connections to the test servers are verified. Nothing prevents anyone from running curl directly, for specific uses not covered by the `CurlClient` class.
+There is a curl helper class that knows how to invoke curl and interpret its
+output. Among other things, it does add the local CA to the command line, so
+that SSL connections to the test servers are verified. Nothing prevents anyone
+from running curl directly, for specific uses not covered by the `CurlClient`
+class.
 
 ### mod_curltest
 
-The module source code is found in `testenv/mod_curltest`. It is compiled using the `apxs` command, commonly provided via the `apache2-dev` package. Compilation is quick and done once at the start of a test run.
+The module source code is found in `testenv/mod_curltest`. It is compiled
+using the `apxs` command, commonly provided via the `apache2-dev` package.
+Compilation is quick and done once at the start of a test run.
 
-The module adds 2 "handlers" to the Apache server (right now). Handler are pieces of code that receive HTTP requests and generate the response. Those handlers are:
+The module adds 2 "handlers" to the Apache server (right now). Handler are
+pieces of code that receive HTTP requests and generate the response. Those
+handlers are:
+
+* `curltest-echo`: hooked up on the path `/curltest/echo`. This one echoes
+  a request and copies all data from the request body to the response body.
+  Useful for simulating upload and checking that the data arrived as intended.
+
+* `curltest-tweak`: hooked up on the path `/curltest/tweak`. This handler is
+  more of a Swiss army knife. It interprets parameters from the URL query
+  string to drive its behavior.
 
-* `curltest-echo`: hooked up on the path `/curltest/echo`. This one echoes a request and copies all data from the request body to the response body. Useful for simulating upload and checking that the data arrived as intended.
-* `curltest-tweak`: hooked up on the path `/curltest/tweak`. This handler is more of a Swiss army knife. It interprets parameters from the URL query string to drive its behavior.
   * `status=nnn`: generate a response with HTTP status code `nnn`.
   * `chunks=n`: generate `n` chunks of data in the response body, defaults to 3.
   * `chunk_size=nnn`: each chunk should contain `nnn` bytes of data. Maximum is 16KB right now.

From 46429d6f44d89bf09ec5c802fbeb8b1e68da2b5e Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Thu, 11 Dec 2025 02:46:24 +0100
Subject: [PATCH 1230/2408] GHA/checkdocs: re-enable proselint, update setup,
 fix issues found

- update configuration and invocation.
- install via pip.
- drop a file exception.
- alpha sort proselint settings.
- FILEFORMAT: update text about XML compliance.
- CI job takes 22 seconds total.

Ref: https://github.com/amperser/proselint/releases/tag/v0.16.0

Follow-up to 38bfe1c2aa2a6c8af29d525eb231ad66861199b1 #15314

Closes #19931
---
 .github/scripts/requirements-proselint.txt |   5 +
 .github/workflows/checkdocs.yml            | 104 ++++++++++-----------
 docs/HTTP3.md                              |   2 +-
 docs/INFRASTRUCTURE.md                     |   4 +-
 docs/cmdline-opts/form.md                  |   2 +-
 docs/cmdline-opts/ssl.md                   |   3 +-
 docs/cmdline-opts/upload-flags.md          |   2 +-
 docs/internals/CODE_STYLE.md               |   4 +-
 docs/libcurl/opts/CURLOPT_USE_SSL.md       |   2 +-
 docs/tests/FILEFORMAT.md                   |   7 +-
 10 files changed, 68 insertions(+), 67 deletions(-)
 create mode 100644 .github/scripts/requirements-proselint.txt

diff --git a/.github/scripts/requirements-proselint.txt b/.github/scripts/requirements-proselint.txt
new file mode 100644
index 0000000000..1896109442
--- /dev/null
+++ b/.github/scripts/requirements-proselint.txt
@@ -0,0 +1,5 @@
+# Copyright (C) Daniel Stenberg, , et al.
+#
+# SPDX-License-Identifier: curl
+
+proselint==0.16.0
diff --git a/.github/workflows/checkdocs.yml b/.github/workflows/checkdocs.yml
index 7962034e96..9272969275 100644
--- a/.github/workflows/checkdocs.yml
+++ b/.github/workflows/checkdocs.yml
@@ -35,59 +35,57 @@ concurrency:
 permissions: {}
 
 jobs:
-  #  proselint:
-  #    name: 'proselint'
-  #    runs-on: ubuntu-latest
-  #    steps:
-  #      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
-  #        with:
-  #          persist-credentials: false
-  #
-  #      - name: 'install prereqs'
-  #        run: |
-  #          sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list
-  #          sudo apt-get -o Dpkg::Use-Pty=0 update
-  #          sudo rm -f /var/lib/man-db/auto-update
-  #          sudo apt-get -o Dpkg::Use-Pty=0 install python3-proselint
-  #
-  #      # config file help: https://github.com/amperser/proselint/
-  #      - name: 'create proselint config'
-  #        run: |
-  #          cat < ~/.proselintrc.json
-  #          {
-  #            "checks": {
-  #              "typography.diacritical_marks": false,
-  #              "typography.symbols": false,
-  #              "annotations.misc": false,
-  #              "security.password": false,
-  #              "misc.annotations": false
-  #            }
-  #          }
-  #          JSON
-  #
-  #      - name: 'trim headers off all *.md files'
-  #        run: git ls-files '*.md' -z | xargs -0 -n1 .github/scripts/trimmarkdownheader.pl
-  #
-  #      - name: 'check prose'
-  #        run: git ls-files '*.md' -z | grep -Evz 'CHECKSRC\.md|DISTROS\.md|curl_mprintf\.md|CURLOPT_INTERFACE\.md|interface\.md' | xargs -0 proselint -- README
-  #
-  #      # This is for CHECKSRC and files with aggressive exclamation mark needs
-  #      - name: 'create second proselint config'
-  #        run: |
-  #          cat < ~/.proselintrc.json
-  #          {
-  #            "checks": {
-  #              "typography.diacritical_marks": false,
-  #              "typography.symbols": false,
-  #              "typography.exclamation": false,
-  #              "lexical_illusions.misc": false,
-  #              "annotations.misc": false
-  #            }
-  #          }
-  #          JSON
-  #
-  #      - name: 'check special prose'
-  #        run: proselint docs/internals/CHECKSRC.md docs/libcurl/curl_mprintf.md docs/libcurl/opts/CURLOPT_INTERFACE.md docs/cmdline-opts/interface.md
+  # config file help: https://github.com/amperser/proselint/
+  proselint:
+    name: 'proselint'
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
+          persist-credentials: false
+
+      - name: 'install prereqs'
+        run: |
+          python3 -m venv ~/venv
+          ~/venv/bin/pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary -r .github/scripts/requirements-proselint.txt
+
+      - name: 'trim headers off all *.md files'
+        run: git ls-files '*.md' -z | xargs -0 -n1 .github/scripts/trimmarkdownheader.pl
+
+      - name: 'check prose'
+        run: |
+          cat < ~/.proselintrc.json
+          {
+            "checks": {
+              "annotations.misc": false,
+              "lexical_illusions": false,
+              "misc.annotations": false,
+              "redundancy.misc.garner": false,
+              "security.password": false,
+              "spelling.ve_of": false,
+              "typography.diacritical_marks": false,
+              "typography.symbols": false
+            }
+          }
+          JSON
+          source ~/venv/bin/activate
+          git ls-files README '*.md' -z | grep -Evz '(CHECKSRC|DISTROS|CURLOPT_INTERFACE|interface)\.md' | xargs -0 proselint check --
+
+      - name: 'check special prose'  # For CHECKSRC and files with aggressive exclamation mark needs
+        run: |
+          cat < ~/.proselintrc.json
+          {
+            "checks": {
+              "annotations.misc": false,
+              "lexical_illusions": false,
+              "typography.diacritical_marks": false,
+              "typography.punctuation.exclamation": false,
+              "typography.symbols": false
+            }
+          }
+          JSON
+          source ~/venv/bin/activate
+          proselint check docs/internals/CHECKSRC.md docs/libcurl/opts/CURLOPT_INTERFACE.md docs/cmdline-opts/interface.md
 
   pyspelling:
     name: 'pyspelling'
diff --git a/docs/HTTP3.md b/docs/HTTP3.md
index 2b0a4c72b8..e18277cb3c 100644
--- a/docs/HTTP3.md
+++ b/docs/HTTP3.md
@@ -317,7 +317,7 @@ See this [list of public HTTP/3 servers](https://bagder.github.io/HTTP3-test/)
 ### HTTPS eyeballing
 
 With option `--http3` curl attempts earlier HTTP versions as well should the
-connect attempt via HTTP/3 not succeed "fast enough". This strategy is similar
+connect attempt via HTTP/3 fail "fast enough". This strategy is similar
 to IPv4/6 happy eyeballing where the alternate address family is used in
 parallel after a short delay.
 
diff --git a/docs/INFRASTRUCTURE.md b/docs/INFRASTRUCTURE.md
index 7a6bafb9db..6acc8757f0 100644
--- a/docs/INFRASTRUCTURE.md
+++ b/docs/INFRASTRUCTURE.md
@@ -60,7 +60,7 @@ account.
 
 We regularly run our code through the [Coverity static code
 analyzer](https://scan.coverity.com/) thanks to them offering this service to
-us for free.
+us free of charge.
 
 ## CodeSonar
 
@@ -76,7 +76,7 @@ domain names, including `curl.se` and `curl.dev`. Daniel Stenberg owns these
 domain names.
 
 Until a few years ago, the curl website was present at `curl.haxx.se`. The
-`haxx.se` domain is owned by Haxx AB, administrated by Daniel Stenberg. The
+`haxx.se` domain is owned by Haxx AB, administered by Daniel Stenberg. The
 curl.haxx.se name is meant to keep working and be redirecting to curl.se for
 the foreseeable future.
 
diff --git a/docs/cmdline-opts/form.md b/docs/cmdline-opts/form.md
index 100e29e571..abe4fa998b 100644
--- a/docs/cmdline-opts/form.md
+++ b/docs/cmdline-opts/form.md
@@ -127,7 +127,7 @@ text file:
     curl -F '=(;type=multipart/alternative' \
          -F '=plain text message' \
          -F '= HTML message;type=text/html' \
-         -F '=)' -F '=@textfile.txt' ...  smtp://example.com
+         -F '=)' -F '=@textfile.txt' ... smtp://example.com
 
 Data can be encoded for transfer using encoder=. Available encodings are
 *binary* and *8bit* that do nothing else than adding the corresponding
diff --git a/docs/cmdline-opts/ssl.md b/docs/cmdline-opts/ssl.md
index 0c0f28172a..5951d01991 100644
--- a/docs/cmdline-opts/ssl.md
+++ b/docs/cmdline-opts/ssl.md
@@ -28,8 +28,7 @@ different levels of encryption required.
 This option is handled in LDAP (added in 7.81.0). It is fully supported by the
 OpenLDAP backend and ignored by the generic ldap backend.
 
-Please note that a server may close the connection if the negotiation does
-not succeed.
+Please note that a server may close the connection if the negotiation fails.
 
 This option was formerly known as --ftp-ssl (added in 7.11.0). That option
 name can still be used but might be removed in a future version.
diff --git a/docs/cmdline-opts/upload-flags.md b/docs/cmdline-opts/upload-flags.md
index d176148768..6c014d0895 100644
--- a/docs/cmdline-opts/upload-flags.md
+++ b/docs/cmdline-opts/upload-flags.md
@@ -21,5 +21,5 @@ specified as either a single flag value or a comma-separated list
 of flag values. These values are case-sensitive and may be negated
 by prepending them with a '-' character. Currently the following
 flag values are accepted: answered, deleted, draft, flagged, and
-seen. The currently-accepted flag values are used to set flags on
+seen. The currently accepted flag values are used to set flags on
 IMAP uploads.
diff --git a/docs/internals/CODE_STYLE.md b/docs/internals/CODE_STYLE.md
index 43b873be9b..d8f97594f5 100644
--- a/docs/internals/CODE_STYLE.md
+++ b/docs/internals/CODE_STYLE.md
@@ -24,8 +24,8 @@ need to copy the style already used in the source code and there are no
 particularly unusual rules in our set of rules.
 
 We also work hard on writing code that are warning-free on all the major
-platforms and in general on as many platforms as possible. Code that obviously
-causes warnings is not accepted as-is.
+platforms and in general on as many platforms as possible. Code that causes
+warnings is not accepted as-is.
 
 ## Readability
 
diff --git a/docs/libcurl/opts/CURLOPT_USE_SSL.md b/docs/libcurl/opts/CURLOPT_USE_SSL.md
index 9a2d2abe5e..0729f6e84e 100644
--- a/docs/libcurl/opts/CURLOPT_USE_SSL.md
+++ b/docs/libcurl/opts/CURLOPT_USE_SSL.md
@@ -45,7 +45,7 @@ do not attempt to use SSL.
 ## CURLUSESSL_TRY
 
 Try using SSL, proceed as normal otherwise. Note that server may close the
-connection if the negotiation does not succeed.
+connection if the negotiation fails.
 
 ## CURLUSESSL_CONTROL
 
diff --git a/docs/tests/FILEFORMAT.md b/docs/tests/FILEFORMAT.md
index 84188e9dd9..4749d809e0 100644
--- a/docs/tests/FILEFORMAT.md
+++ b/docs/tests/FILEFORMAT.md
@@ -11,10 +11,9 @@ XML. All data for a single test case resides in a single ASCII file. Labels
 mark the beginning and the end of all sections, and each label must be written
 in its own line. Comments are either XML-style (enclosed with ``) or shell script style (beginning with `#`) and must appear on their own
-lines and not alongside actual test data. Most test data files are
-syntactically-valid XML (a few files are not); lack of support for character
-entities is a big difference but macros like %CR fill that particular role
-here.
+lines and not alongside actual test data. Test data files are syntactically
+valid XML; lack of support for character entities is a big difference but macros
+like %CR fill that particular role here.
 
 Each test case source exists as a file matching the format
 `tests/data/testNUM`, where `NUM` is the unique test number, and must begin

From 624d98e79ccde1304f40967509b56c32feb2da48 Mon Sep 17 00:00:00 2001
From: Christian Schmitz 
Date: Thu, 11 Dec 2025 14:37:13 +0100
Subject: [PATCH 1231/2408] transfer: remove @param for err for xfer_recv_resp
 function.

The err parameter in xfer_recv_resp doesn't exist anymore. Removed in
cb2bcb681fc9044d2a7adaaa621.

Closes #19937
---
 lib/transfer.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/lib/transfer.c b/lib/transfer.c
index 11e7e6e793..bd6be821dc 100644
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -181,7 +181,6 @@ CURLcode Curl_xfer_send_shutdown(struct Curl_easy *data, bool *done)
  * @param buf          buffer to keep response data received
  * @param blen         length of `buf`
  * @param eos_reliable if EOS detection in underlying connection is reliable
- * @param err error    code in case of -1 return
  * @return number of bytes read or -1 for error
  */
 static CURLcode xfer_recv_resp(struct Curl_easy *data,

From 846eaf4e6b5518f95423b8e95b6a2f70cc144bd4 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Thu, 11 Dec 2025 15:38:00 +0100
Subject: [PATCH 1232/2408] RELEASE-NOTES: synced

---
 RELEASE-NOTES | 72 +++++++++++++++++++++++++++++++++++++++++----------
 1 file changed, 59 insertions(+), 13 deletions(-)

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index d34291718a..df1e2a1de1 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -4,7 +4,7 @@ curl and libcurl 8.18.0
  Command line options:         273
  curl_easy_setopt() options:   308
  Public functions in libcurl:  100
- Contributors:                 3557
+ Contributors:                 3559
 
 This release includes the following changes:
 
@@ -17,6 +17,7 @@ This release includes the following changes:
 This release includes the following bugfixes:
 
  o _PROGRESS.md: add the E unit, mention kibibyte [24]
+ o alt-svc: more flexibility on same destination [298]
  o altsvc: make it one malloc instead of three per entry [266]
  o AmigaOS: increase minimum stack size for tool_main [137]
  o apple-sectrust: always ask when `native_ca_store` is in use [162]
@@ -27,10 +28,13 @@ This release includes the following bugfixes:
  o auth: always treat Curl_auth_ntlm_get() returning NULL as OOM [186]
  o autotools: add nettle library detection via pkg-config (for GnuTLS) [178]
  o autotools: drop autoconf <2.59 compatibility code (zz60-xc-ovr) [70]
+ o autotools: fix LargeFile feature display on Windows (after prev patch) [276]
+ o autotools: tidy-up `if` expressions [275]
  o badwords: fix issues found in scripts and other files [142]
  o badwords: fix issues found in tests [156]
  o build: add build-level `CURL_DISABLE_TYPECHECK` options [163]
  o build: exclude clang prereleases from compiler warning options [154]
+ o build: set `-Wno-format-signedness` [288]
  o build: tidy-up MSVC CRT warning suppression macros [140]
  o ccsidcurl: make curl_mime_data_ccsid() use the converted size [74]
  o cf-https-connect: allocate ctx at first in cf_hc_create() [79]
@@ -47,8 +51,11 @@ This release includes the following bugfixes:
  o cmake: save and restore `CMAKE_MODULE_PATH` in `curl-config.cmake` [222]
  o code: minor indent fixes before closing braces [107]
  o CODE_STYLE.md: sync banned function list with checksrc.pl [243]
+ o config-win32.h: delete obsolete, non-Windows comments [295]
+ o config-win32.h: drop unused/obsolete `CURL_HAS_OPENLDAP_LDAPSDK` [278]
  o config2setopts: bail out if curl_url_get() returns OOM [102]
  o config2setopts: exit if curl_url_set() fails on OOM [105]
+ o configure: delete unused variable [294]
  o conncache: silence `-Wnull-dereference` on gcc 14 RISC-V 64 [17]
  o conncontrol: reuse handling [170]
  o connect: reshuffle Curl_timeleft_ms to avoid 'redundant condition' [100]
@@ -62,6 +69,7 @@ This release includes the following bugfixes:
  o curl: fix progress meter in parallel mode [15]
  o curl_fopen: do not pass invalid mode flags to `open()` on Windows [84]
  o curl_gssapi: make sure Curl_gss_log_error() has an initialized buffer [257]
+ o curl_sasl: if redirected, require permission to use bearer [250]
  o curl_sasl: make Curl_sasl_decode_mech compare case insensitively [160]
  o curl_setup.h: document more funcs flagged by `_CRT_SECURE_NO_WARNINGS` [124]
  o curl_setup.h: drop stray `#undef stat` (Windows) [103]
@@ -70,6 +78,7 @@ This release includes the following bugfixes:
  o CURLINFO_SCHEME/PROTOCOL: they return the "scheme" for a "transfer" [48]
  o CURLINFO_TLS_SSL_PTR.md: remove CURLINFO_TLS_SESSION text [49]
  o CURLMOPT_SOCKETFUNCTION.md: fix the callback argument use [206]
+ o CURLOPT_FOLLOWLOCATION.md: s/Authentication:/Authorization:/ [283]
  o CURLOPT_READFUNCTION.md: clarify the size of the buffer [47]
  o CURLOPT_SSH_KEYFUNCTION.md: fix minor indent mistake in example
  o curlx/fopen: replace open CRT functions their with `_s` counterparts (Windows) [204]
@@ -79,12 +88,14 @@ This release includes the following bugfixes:
  o curlx: replace `mbstowcs`/`wcstombs` with `_s` counterparts (Windows) [143]
  o curlx: replace `sprintf` with `snprintf` [194]
  o curlx: use curlx allocators in non-memdebug builds (Windows) [155]
+ o DEPRECATE: add CMake <3.18 deprecation for April 2026 [291]
  o digest_sspi: fix a memory leak on error path [149]
  o digest_sspi: properly free sspi identity [12]
  o DISTROS.md: add OpenBSD [126]
  o DISTROS: fix a Mageia URL
  o DISTROS: remove broken URLs for buildroot
  o doc: some returned in-memory data may not be altered [196]
+ o Dockerfile: update debian:bookworm-slim digest to e899040 [305]
  o docs/libcurl: fix C formatting nits [207]
  o docs: clarify how to do unix domain sockets with SOCKS proxy [240]
  o docs: fix checksrc `EQUALSPACE` warnings [21]
@@ -100,6 +111,8 @@ This release includes the following bugfixes:
  o examples: fix minor typo [203]
  o examples: make functions/data static where missing [139]
  o examples: tidy-up headers and includes [138]
+ o examples: use 64-bit `fstat` on Windows [301]
+ o FAQ/TODO/KNOWN_BUGS: convert to markdown [307]
  o FAQ: fix hackerone URL
  o file: do not pass invalid mode flags to `open()` on upload (Windows) [83]
  o formdata: validate callback is non-NULL before use [267]
@@ -110,8 +123,10 @@ This release includes the following bugfixes:
  o gnutls: add PROFILE_MEDIUM as default [233]
  o gnutls: report accurate error when TLS-SRP is not built-in [18]
  o gtls: add return checks and optimize the code [2]
+ o gtls: Call keylog_close in cleanup
  o gtls: skip session resumption when verifystatus is set
  o h2/h3: handle methods with spaces [146]
+ o headers: add length argument to Curl_headers_push() [309]
  o hostcheck: fail wildcard match if host starts with a dot [235]
  o hostip: don't store negative lookup on OOM [61]
  o hostip: make more functions return CURLcode [202]
@@ -129,11 +144,13 @@ This release includes the following bugfixes:
  o idn: avoid allocations and wcslen on Windows [247]
  o idn: fix memory leak in `win32_ascii_to_idn()` [173]
  o idn: use curlx allocators on Windows [165]
+ o imap: check buffer length before accessing it [308]
  o imap: make sure Curl_pgrsSetDownloadSize() does not overflow [200]
  o INSTALL-CMAKE.md: document static option defaults more [37]
  o krb5: fix detecting channel binding feature [187]
  o krb5_sspi: unify a part of error handling [80]
  o ldap: call ldap_init() before setting the options [236]
+ o ldap: drop PP logic for old, unsupported, Windows SDKs [279]
  o ldap: improve detection of Apple LDAP [174]
  o ldap: provide version for "legacy" ldap as well [254]
  o lib/sendf.h: forward declare two structs [221]
@@ -162,11 +179,13 @@ This release includes the following bugfixes:
  o mbedtls_threadlock: avoid calloc, use array [244]
  o mdlinkcheck: ignore IP numbers, allow '@' in raw URLs
  o memdebug: add mutex for thread safety [184]
+ o memdebug: fix realloc logging [286]
  o mk-ca-bundle.md: the file format docs URL is permaredirected [188]
  o mk-ca-bundle.pl: default to SHA256 fingerprints with `-t` option [73]
  o mk-ca-bundle.pl: use `open()` with argument list to replace backticks [71]
  o mqtt: reject overly big messages [39]
  o multi: make max_total_* members size_t [158]
+ o multi: remove MSTATE_TUNNELING [297]
  o multi: simplify admin handle processing [189]
  o multibyte: limit `curlx_convert_*wchar*()` functions to Unicode builds [135]
  o ngtcp2+openssl: fix leak of session [172]
@@ -190,6 +209,7 @@ This release includes the following bugfixes:
  o pytest: disable two H3 earlydata tests for all platforms (was: macOS) [116]
  o pytest: fix and improve reliability [251]
  o pytest: improve stragglers [252]
+ o pytest: quiche flakiness [280]
  o pytest: skip H2 tests if feature missing from curl [46]
  o quiche: use client writer [255]
  o ratelimit: redesign [209]
@@ -228,6 +248,7 @@ This release includes the following bugfixes:
  o test1475: consistently use %CR in headers [234]
  o test1498: disable 'HTTP PUT from stdin' test on Windows [115]
  o test2045: replace HTML multi-line comment markup with `#` comments [36]
+ o test318: tweak the name a little
  o test3207: enable memdebug for this test again [249]
  o test363: delete stray character (typo) from a section tag [52]
  o test787: fix possible typo `&` -> `%` in curl option [241]
@@ -243,6 +264,7 @@ This release includes the following bugfixes:
  o tftpd: fix/tidy up `open()` mode flags [57]
  o tidy-up: avoid `(())`, clang-format fixes and more [141]
  o tidy-up: move `CURL_UNCONST()` out from macro `curl_unicodefree()` [121]
+ o tidy-up: URLs (cont.) and mdlinkcheck [285]
  o tidy-up: URLs [182]
  o TODO: remove a mandriva.com reference
  o tool: consider (some) curl_easy_setopt errors fatal [7]
@@ -276,6 +298,7 @@ This release includes the following bugfixes:
  o vtls: handle possible malicious certs_num from peer [53]
  o vtls: pinned key check [98]
  o wcurl: import v2025.11.09 [29]
+ o windows: assume `USE_WIN32_LARGE_FILES` [292]
  o windows: use `_strdup()` instead of `strdup()` where missing [145]
  o wolfSSL: able to differentiate between IP and DNS in alt names [13]
  o wolfssl: avoid NULL dereference in OOM situation [77]
@@ -304,18 +327,20 @@ Planned upcoming removals include:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 
-  Aleksandr Sergeev, Aleksei Bavshin, Andrew Kirillov, BANADDA, boingball,
-  Brad King, bttrfl on github, Christian Schmitz, Dan Fandrich,
-  Daniel McCarney, Daniel Stenberg, Denis Goleshchikhin, Deniz Parlak,
-  dependabot[bot], Fabian Keil, Fd929c2CE5fA on github, ffath-vo on github,
-  Georg Schulz-Allgaier, Gisle Vanem, Greg Hudson, Harry Sintonen, Jiyong Yang,
-  Juliusz Sosinowicz, Kai Pastor, Leonardo Taccari, letshack9707 on hackerone,
-  Marc Aldorasi, Marcel Raad, Max Faxälv, nait-furry, ncaklovic on github,
-  Nick Korepanov, Omdahake on github, Patrick Monnerat, pelioro on hackerone,
-  Ray Satiro, renovate[bot], Robert W. Van Kirk, Samuel Henrique,
-  st751228051 on github, Stanislav Fort, Stefan Eissing, Sunny, Theo Buehler,
-  Thomas Klausner, Viktor Szakats, Wesley Moore, Xiaoke Wang, Yedaya Katsman
-  (49 contributors)
+  Aleksandr Sergeev, Aleksei Bavshin, Andrew Kirillov,
+  anonymous237 on hackerone, BANADDA, boingball, Brad King, bttrfl on github,
+  Christian Schmitz, Dan Fandrich, Daniel McCarney, Daniel Stenberg,
+  Denis Goleshchikhin, Deniz Parlak, dependabot[bot], Fabian Keil,
+  Fd929c2CE5fA on github, ffath-vo on github, Georg Schulz-Allgaier,
+  Gisle Vanem, Greg Hudson, Harry Sintonen, Jiyong Yang, Juliusz Sosinowicz,
+  Kai Pastor, Leonardo Taccari, letshack9707 on hackerone, Marc Aldorasi,
+  Marcel Raad, Max Faxälv, nait-furry, ncaklovic on github, Nick Korepanov,
+  Omdahake on github, Patrick Monnerat, pelioro on hackerone, Ray Satiro,
+  renovate[bot], Robert W. Van Kirk, Samuel Henrique, st751228051 on github,
+  Stanislav Fort, Stefan Eissing, Sunny, Theo Buehler, Thomas Klausner,
+  Viktor Szakats, Wesley Moore, Xiaoke Wang, Yedaya Katsman, Yuhao Jiang,
+  yushicheng7788 on github
+  (52 contributors)
 
 References to bug reports and discussions on issues:
 
@@ -563,6 +588,7 @@ References to bug reports and discussions on issues:
  [247] = https://curl.se/bug/?i=19798
  [248] = https://curl.se/bug/?i=19811
  [249] = https://curl.se/bug/?i=19813
+ [250] = https://curl.se/bug/?i=19933
  [251] = https://curl.se/bug/?i=19970
  [252] = https://curl.se/bug/?i=19809
  [253] = https://curl.se/bug/?i=19800
@@ -581,3 +607,23 @@ References to bug reports and discussions on issues:
  [266] = https://curl.se/bug/?i=19857
  [267] = https://curl.se/bug/?i=19858
  [268] = https://curl.se/bug/?i=19753
+ [275] = https://curl.se/bug/?i=18189
+ [276] = https://curl.se/bug/?i=19922
+ [278] = https://curl.se/bug/?i=19920
+ [279] = https://curl.se/bug/?i=19918
+ [280] = https://curl.se/bug/?i=19770
+ [283] = https://curl.se/bug/?i=19915
+ [285] = https://curl.se/bug/?i=19911
+ [286] = https://curl.se/bug/?i=19900
+ [288] = https://curl.se/bug/?i=19907
+ [291] = https://curl.se/bug/?i=19902
+ [292] = https://curl.se/bug/?i=19888
+ [294] = https://curl.se/bug/?i=19901
+ [295] = https://curl.se/bug/?i=19899
+ [297] = https://curl.se/bug/?i=19894
+ [298] = https://curl.se/bug/?i=19740
+ [301] = https://curl.se/bug/?i=19896
+ [305] = https://curl.se/bug/?i=19891
+ [307] = https://curl.se/bug/?i=19875
+ [308] = https://curl.se/bug/?i=19887
+ [309] = https://curl.se/bug/?i=19886

From 2e3687c60c5c9720992a7cebf9493ec2d28a1cf6 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg 
Date: Thu, 11 Dec 2025 17:16:37 +0100
Subject: [PATCH 1233/2408] mdlinkcheck: only look for markdown links in
 markdown files

It finds debug outputs in source code otherwise.

Output the whitelist "warnings" to stderr to better allow us to count
URLs with `./mdlinkcheck --dry-run | wc -l`.

Closes #19938
---
 scripts/mdlinkcheck | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/scripts/mdlinkcheck b/scripts/mdlinkcheck
index bd54d96fe2..4ee0b53752 100755
--- a/scripts/mdlinkcheck
+++ b/scripts/mdlinkcheck
@@ -158,9 +158,12 @@ sub findlinks {
     open(F, "<:crlf", "$f") ||
         return;
 
+    # is it a markdown extension?
+    my $md = ($f =~ /\.md$/i);
+
     while() {
         chomp;
-        if(/\]\(([^)]*)/) {
+        if($md && /\]\(([^)]*)/) {
             my $link = $1;
             #print "$f:$line $link\n";
             storelink($f, $line, $link);
@@ -209,7 +212,7 @@ for my $f (@files) {
 
 for my $u (sort keys %whitelist) {
     if($whitelist{$u} == 1) {
-        printf "warning: unused whitelist entry: '$u'\n";
+        printf STDERR "warning: unused whitelist entry: '$u'\n";
     }
 }
 

From 141ce4be64aaf79cfdd5f66f6d1e8466c3c7d2e4 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Thu, 11 Dec 2025 22:24:51 +0000
Subject: [PATCH 1234/2408] GHA: update actions/cache action to v5

Closes #19940
---
 .github/workflows/http3-linux.yml | 46 +++++++++++++++----------------
 .github/workflows/linux.yml       | 24 ++++++++--------
 .github/workflows/macos.yml       |  2 +-
 .github/workflows/windows.yml     |  2 +-
 4 files changed, 37 insertions(+), 37 deletions(-)

diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml
index 86c9f3459d..a9b8c44f00 100644
--- a/.github/workflows/http3-linux.yml
+++ b/.github/workflows/http3-linux.yml
@@ -68,7 +68,7 @@ jobs:
 
     steps:
       - name: 'cache openssl'
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-openssl-http3-no-deprecated
         env:
           cache-name: cache-openssl-http3-no-deprecated
@@ -77,7 +77,7 @@ jobs:
           key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.OPENSSL_VERSION }}
 
       - name: 'cache libressl'
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-libressl
         env:
           cache-name: cache-libressl
@@ -86,7 +86,7 @@ jobs:
           key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.LIBRESSL_VERSION }}
 
       - name: 'cache awslc'
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-awslc
         env:
           cache-name: cache-awslc
@@ -95,7 +95,7 @@ jobs:
           key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.AWSLC_VERSION }}
 
       - name: 'cache boringssl'
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-boringssl
         env:
           cache-name: cache-boringssl
@@ -104,7 +104,7 @@ jobs:
           key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.BORINGSSL_VERSION }}
 
       - name: 'cache nettle'
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-nettle
         env:
           cache-name: cache-nettle
@@ -113,7 +113,7 @@ jobs:
           key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NETTLE_VERSION }}
 
       - name: 'cache gnutls'
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-gnutls
         env:
           cache-name: cache-gnutls
@@ -122,7 +122,7 @@ jobs:
           key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.GNUTLS_VERSION }}-${{ env.NETTLE_VERSION }}
 
       - name: 'cache wolfssl'
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-wolfssl
         env:
           cache-name: cache-wolfssl
@@ -131,7 +131,7 @@ jobs:
           key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.WOLFSSL_VERSION }}
 
       - name: 'cache nghttp3'
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-nghttp3
         env:
           cache-name: cache-nghttp3
@@ -140,7 +140,7 @@ jobs:
           key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGHTTP3_VERSION }}
 
       - name: 'cache ngtcp2'
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-ngtcp2
         env:
           cache-name: cache-ngtcp2
@@ -149,7 +149,7 @@ jobs:
           key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.OPENSSL_VERSION }}-${{ env.LIBRESSL_VERSION }}-${{ env.AWSLC_VERSION }}-${{ env.NETTLE_VERSION }}-${{ env.GNUTLS_VERSION }}-${{ env.WOLFSSL_VERSION }}
 
       - name: 'cache ngtcp2 boringssl'
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-ngtcp2-boringssl
         env:
           cache-name: cache-ngtcp2-boringssl
@@ -158,7 +158,7 @@ jobs:
           key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.BORINGSSL_VERSION }}
 
       - name: 'cache nghttp2'
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-nghttp2
         env:
           cache-name: cache-nghttp2
@@ -486,7 +486,7 @@ jobs:
           echo 'CXX=g++-12' >> "$GITHUB_ENV"
 
       - name: 'cache openssl'
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-openssl-http3-no-deprecated
         env:
           cache-name: cache-openssl-http3-no-deprecated
@@ -496,7 +496,7 @@ jobs:
           fail-on-cache-miss: true
 
       - name: 'cache libressl'
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-libressl
         env:
           cache-name: cache-libressl
@@ -506,7 +506,7 @@ jobs:
           fail-on-cache-miss: true
 
       - name: 'cache awslc'
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-awslc
         env:
           cache-name: cache-awslc
@@ -516,7 +516,7 @@ jobs:
           fail-on-cache-miss: true
 
       - name: 'cache boringssl'
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-boringssl
         env:
           cache-name: cache-boringssl
@@ -527,7 +527,7 @@ jobs:
 
       - name: 'cache nettle'
         if: ${{ matrix.build.name == 'gnutls' }}
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-nettle
         env:
           cache-name: cache-nettle
@@ -538,7 +538,7 @@ jobs:
 
       - name: 'cache gnutls'
         if: ${{ matrix.build.name == 'gnutls' }}
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-gnutls
         env:
           cache-name: cache-gnutls
@@ -549,7 +549,7 @@ jobs:
 
       - name: 'cache wolfssl'
         if: ${{ matrix.build.name == 'wolfssl' }}
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-wolfssl
         env:
           cache-name: cache-wolfssl
@@ -559,7 +559,7 @@ jobs:
           fail-on-cache-miss: true
 
       - name: 'cache nghttp3'
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-nghttp3
         env:
           cache-name: cache-nghttp3
@@ -569,7 +569,7 @@ jobs:
           fail-on-cache-miss: true
 
       - name: 'cache ngtcp2'
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-ngtcp2
         env:
           cache-name: cache-ngtcp2
@@ -579,7 +579,7 @@ jobs:
           fail-on-cache-miss: true
 
       - name: 'cache ngtcp2 boringssl'
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-ngtcp2-boringssl
         env:
           cache-name: cache-ngtcp2-boringssl
@@ -589,7 +589,7 @@ jobs:
           fail-on-cache-miss: true
 
       - name: 'cache nghttp2'
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-nghttp2
         env:
           cache-name: cache-nghttp2
@@ -600,7 +600,7 @@ jobs:
 
       - name: 'cache quiche'
         if: ${{ matrix.build.name == 'quiche' }}
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-quiche
         env:
           cache-name: cache-quiche
diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml
index 2bcdf4e223..3a9c35fe38 100644
--- a/.github/workflows/linux.yml
+++ b/.github/workflows/linux.yml
@@ -399,7 +399,7 @@ jobs:
 
       - name: 'cache libressl'
         if: ${{ contains(matrix.build.install_steps, 'libressl') }}
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-libressl
         env:
           cache-name: cache-libressl
@@ -419,7 +419,7 @@ jobs:
 
       - name: 'cache libressl (filc)'
         if: ${{ contains(matrix.build.install_steps, 'libressl-filc') }}
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-libressl-filc
         env:
           cache-name: cache-libressl-filc
@@ -440,7 +440,7 @@ jobs:
 
       - name: 'cache nghttp2 (filc)'
         if: ${{ contains(matrix.build.install_steps, 'nghttp2-filc') }}
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-nghttp2-filc
         env:
           cache-name: cache-nghttp2-filc
@@ -462,7 +462,7 @@ jobs:
 
       - name: 'cache wolfssl (all)'
         if: ${{ contains(matrix.build.install_steps, 'wolfssl-all') }}
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-wolfssl-all
         env:
           cache-name: cache-wolfssl-all
@@ -483,7 +483,7 @@ jobs:
 
       - name: 'cache wolfssl (opensslextra)'  # does support `OPENSSL_COEXIST`
         if: ${{ contains(matrix.build.install_steps, 'wolfssl-opensslextra') }}
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-wolfssl-opensslextra
         env:
           cache-name: cache-wolfssl-opensslextra
@@ -504,7 +504,7 @@ jobs:
 
       - name: 'cache mbedtls'
         if: ${{ contains(matrix.build.install_steps, 'mbedtls') }}
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-mbedtls-threadsafe
         env:
           cache-name: cache-mbedtls-threadsafe
@@ -527,7 +527,7 @@ jobs:
 
       - name: 'cache mbedtls (prev)'
         if: ${{ contains(matrix.build.install_steps, 'mbedtls-prev') }}
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-mbedtls-threadsafe-prev
         env:
           cache-name: cache-mbedtls-threadsafe-prev
@@ -550,7 +550,7 @@ jobs:
 
       - name: 'cache openldap (static)'
         if: ${{ contains(matrix.build.install_steps, 'openldap-static') }}
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-openldap-static
         env:
           cache-name: cache-openldap-static
@@ -569,7 +569,7 @@ jobs:
 
       - name: 'cache openssl (thread sanitizer)'
         if: ${{ contains(matrix.build.install_steps, 'openssl-tsan') }}
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-openssl-tsan
         env:
           cache-name: cache-openssl-tsan
@@ -588,7 +588,7 @@ jobs:
 
       - name: 'cache awslc'
         if: ${{ contains(matrix.build.install_steps, 'awslc') }}
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-awslc
         env:
           cache-name: cache-awslc
@@ -608,7 +608,7 @@ jobs:
 
       - name: 'cache boringssl'
         if: ${{ contains(matrix.build.install_steps, 'boringssl') }}
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-boringssl
         env:
           cache-name: cache-boringssl
@@ -629,7 +629,7 @@ jobs:
 
       - name: 'cache rustls'
         if: ${{ contains(matrix.build.install_steps, 'rustls') }}
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-rustls
         env:
           cache-name: cache-rustls
diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml
index 25ac41c61e..8ed4ef14ea 100644
--- a/.github/workflows/macos.yml
+++ b/.github/workflows/macos.yml
@@ -112,7 +112,7 @@ jobs:
 
       - name: 'cache libressl'
         if: ${{ contains(matrix.build.install_steps, 'libressl') }}
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-libressl
         env:
           cache-name: cache-libressl
diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml
index 9d7f0dc88d..d3d3de8522 100644
--- a/.github/workflows/windows.yml
+++ b/.github/workflows/windows.yml
@@ -480,7 +480,7 @@ jobs:
             ${{ matrix.install }}
 
       - name: 'cache compiler (gcc ${{ matrix.ver }}-${{ matrix.env }})'
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@a7833574556fa59680c1b7cb190c1735db73ebf0 # v5.0.0
         id: cache-compiler
         with:
           path: D:\my-cache

From fe8393d7db8c9c708f7dc45e5ee3b2c1eb9d979a Mon Sep 17 00:00:00 2001
From: Viktor Szakats 
Date: Sun, 7 Dec 2025 16:49:55 +0100
Subject: [PATCH 1235/2408] tidy-up: miscellaneous

- drop stray duplicate empty lines in docs, scripts, test data, include,
  examples, tests.
- drop duplicate PP parenthesis.
- curl-functions.m4: move literals to the right side in if expressions,
  to match rest of the source code.
- FAQ.md: delete language designator from an URL.
- packages: apply clang-format (OS400, VMS).
- scripts/schemetable.c: apply clang-format.
- data320: delete duplicate empty line that doesn't change the outcome.
- spacecheck: extend to check for duplicate empty lines
  (with exceptions.)
- fix whitespace nits

Closes #19936
---
 .github/scripts/cmp-config.pl         |   1 -
 .github/scripts/randcurl.pl           |   1 -
 .github/scripts/spacecheck.pl         |  26 +-
 .github/scripts/verify-synopsis.pl    |   1 -
 .github/workflows/macos.yml           |   2 +-
 CMake/CurlTests.c                     |  19 +-
 CMakeLists.txt                        |   1 -
 acinclude.m4                          |   2 +-
 configure.ac                          |   9 -
 docs/FAQ.md                           |   3 +-
 docs/MANUAL.md                        |   1 -
 docs/SSLCERTS.md                      |   1 -
 docs/TODO.md                          |   1 -
 docs/TheArtOfHttpScripting.md         |   1 -
 docs/examples/ephiperfifo.c           |   1 -
 docs/examples/evhiperfifo.c           |   1 -
 docs/examples/ghiper.c                |   1 -
 docs/examples/hiperfifo.c             |   1 -
 docs/examples/htmltitle.cpp           |   4 +-
 docs/examples/http2-upload.c          |   2 +-
 docs/examples/postit2-formadd.c       |   1 -
 docs/libcurl/curl_easy_getinfo.md     |   1 -
 include/curl/curl.h                   |  38 +--
 include/curl/easy.h                   |   2 -
 include/curl/multi.h                  |  94 +++---
 include/curl/typecheck-gcc.h          |   7 +-
 lib/cf-https-connect.h                |   1 -
 lib/cfilters.h                        |   1 -
 lib/config-os400.h                    |   1 -
 lib/curl_hmac.h                       |   1 -
 lib/curl_memrchr.h                    |   2 +-
 lib/curl_setup_once.h                 |   1 -
 lib/curl_trc.h                        |   1 -
 lib/cw-pause.h                        |   1 -
 lib/dynhds.h                          |   1 -
 lib/functypes.h                       |   1 -
 lib/hostip.h                          |   1 -
 lib/http.h                            |   1 -
 lib/ldap.c                            |   2 +-
 lib/optiontable.pl                    |   2 -
 lib/setup-os400.h                     |   4 -
 lib/urldata.h                         |   1 -
 lib/vquic/vquic.h                     |   1 -
 lib/vtls/gtls.c                       |   2 +-
 lib/vtls/x509asn1.c                   |   2 +-
 m4/curl-amissl.m4                     |   3 +-
 m4/curl-functions.m4                  | 162 +++++-----
 packages/OS400/ccsidcurl.c            | 420 +++++++++++---------------
 packages/OS400/ccsidcurl.h            |   1 -
 packages/OS400/curlcl.c               |  25 +-
 packages/OS400/curlmain.c             |  14 +-
 packages/OS400/os400sys.c             | 255 +++++++---------
 packages/OS400/os400sys.h             |  33 +-
 packages/vms/curl_crtl_init.c         |  56 ++--
 packages/vms/curlmsg.h                | 170 +++++------
 packages/vms/report_openssl_version.c |  15 +-
 scripts/cd2cd                         |   1 -
 scripts/checksrc.pl                   |   1 -
 scripts/ciconfig.pl                   |   2 -
 scripts/delta                         |   2 +-
 scripts/firefox-db2pem.sh             |   1 -
 scripts/managen                       |   3 -
 scripts/mk-ca-bundle.pl               |   1 -
 scripts/schemetable.c                 |  85 +++---
 src/tool_parsecfg.c                   |   1 -
 tests/appveyor.pm                     |   1 -
 tests/data/data320.html               |   1 -
 tests/data/test1109                   |   1 -
 tests/data/test1110                   |   1 -
 tests/data/test1111                   |   1 -
 tests/data/test1331                   |   2 -
 tests/data/test1408                   |   2 -
 tests/data/test1409                   |   1 -
 tests/data/test1410                   |   1 -
 tests/data/test1411                   |   1 -
 tests/data/test161                    |   1 -
 tests/data/test2030                   |   1 -
 tests/data/test2045                   |   1 -
 tests/data/test206                    |   1 -
 tests/data/test2202                   |   1 -
 tests/data/test228                    |   1 -
 tests/data/test3105                   |   1 -
 tests/data/test399                    |   1 -
 tests/data/test698                    |   1 -
 tests/devtest.pl                      |   3 -
 tests/directories.pm                  |   1 -
 tests/getpart.pm                      |  11 +-
 tests/globalconfig.pm                 |   1 -
 tests/libtest/cli_ftp_upload.c        |   5 +-
 tests/libtest/lib651.c                |   1 -
 tests/libtest/mk-lib1521.pl           |   2 -
 tests/libtest/unitcheck.h             |   1 +
 tests/negtelnetserver.py              |  11 -
 tests/pathhelp.pm                     |   1 -
 tests/processhelp.pm                  |   3 -
 tests/runner.pm                       |  15 -
 tests/runtests.pl                     |  23 +-
 tests/serverhelp.pm                   |  16 -
 tests/servers.pm                      |  13 -
 tests/smbserver.py                    |   1 -
 tests/sshhelp.pm                      |  23 --
 tests/sshserver.pl                    |  34 ---
 tests/test1119.pl                     |   1 -
 tests/test1139.pl                     |   2 -
 tests/test1140.pl                     |   3 -
 tests/test1165.pl                     |   1 -
 tests/test1167.pl                     |   1 -
 tests/test1173.pl                     |   2 -
 tests/test1222.pl                     |   4 +-
 tests/test1275.pl                     |   1 -
 tests/test1477.pl                     |   1 -
 tests/testcurl.pl                     |   1 -
 tests/testutil.pm                     |   2 -
 tests/unit/unit1397.c                 |   4 +-
 tests/util.py                         |   3 -
 tests/valgrind.pm                     |   1 -
 116 files changed, 674 insertions(+), 1039 deletions(-)

diff --git a/.github/scripts/cmp-config.pl b/.github/scripts/cmp-config.pl
index 3ad0570e28..a74389637f 100755
--- a/.github/scripts/cmp-config.pl
+++ b/.github/scripts/cmp-config.pl
@@ -136,6 +136,5 @@ foreach my $v (keys %remove) {
     }
 }
 
-
 # return the exit code from diff
 exit system("diff -u /tmp/autotools /tmp/cmake") >> 8;
diff --git a/.github/scripts/randcurl.pl b/.github/scripts/randcurl.pl
index b085d2ef13..f9c24d90db 100755
--- a/.github/scripts/randcurl.pl
+++ b/.github/scripts/randcurl.pl
@@ -116,7 +116,6 @@ my %commonrc = (
     '26' => 1,
     );
 
-
 sub runone {
     my $a;
     my $nargs = getnum(60) + 1;
diff --git a/.github/scripts/spacecheck.pl b/.github/scripts/spacecheck.pl
index 2c3a2e3b0a..f06766570c 100755
--- a/.github/scripts/spacecheck.pl
+++ b/.github/scripts/spacecheck.pl
@@ -39,6 +39,13 @@ my @need_crlf = (
     "\\.(bat|sln)\$",
 );
 
+my @double_empty_lines = (
+    "^lib/.+\\.(c|h)\$",
+    "^packages/",
+    "^tests/data/test",
+    "\\.(m4|py)\$",
+);
+
 my @non_ascii_allowed = (
     '\xC3\xB6',  # UTF-8 for https://codepoints.net/U+00F6 LATIN SMALL LETTER O WITH DIAERESIS
 );
@@ -100,7 +107,7 @@ while(my $filename = <$git_ls_files>) {
     my @err = ();
 
     if(!fn_match($filename, @tabs) &&
-        $content =~ /\t/) {
+       $content =~ /\t/) {
         push @err, "content: has tab";
     }
 
@@ -111,12 +118,12 @@ while(my $filename = <$git_ls_files>) {
     }
 
     if($eol ne "crlf" &&
-        fn_match($filename, @need_crlf)) {
+       fn_match($filename, @need_crlf)) {
         push @err, "content: must use CRLF EOL for this file type";
     }
 
     if($eol ne "lf" && $content ne "" &&
-        !fn_match($filename, @need_crlf)) {
+       !fn_match($filename, @need_crlf)) {
         push @err, "content: must use LF EOL for this file type";
     }
 
@@ -131,20 +138,27 @@ while(my $filename = <$git_ls_files>) {
     }
 
     if($content ne "" &&
-        $content !~ /\n\z/) {
+       $content !~ /\n\z/) {
         push @err, "content: has no EOL at EOF";
     }
 
     if($content =~ /\n\n\z/ ||
-        $content =~ /\r\n\r\n\z/) {
+       $content =~ /\r\n\r\n\z/) {
         push @err, "content: has multiple EOL at EOF";
     }
 
     if($content =~ /\n\n\n\n/ ||
-        $content =~ /\r\n\r\n\r\n\r\n/) {
+       $content =~ /\r\n\r\n\r\n\r\n/) {
         push @err, "content: has 3 or more consecutive empty lines";
     }
 
+    if(!fn_match($filename, @double_empty_lines)) {
+        if($content =~ /\n\n\n/ ||
+           $content =~ /\r\n\r\n\r\n/) {
+            push @err, "content: has 2 consecutive empty lines";
+        }
+    }
+
     if($content =~ /([\x00-\x08\x0b\x0c\x0e-\x1f\x7f])/) {
         push @err, "content: has binary contents";
     }
diff --git a/.github/scripts/verify-synopsis.pl b/.github/scripts/verify-synopsis.pl
index 1c6b00b60b..19fbc31a7c 100755
--- a/.github/scripts/verify-synopsis.pl
+++ b/.github/scripts/verify-synopsis.pl
@@ -39,7 +39,6 @@ sub testcompile {
     return $rc;
 }
 
-
 sub extract {
     my($f) = @_;
     my $syn = 0;
diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml
index 8ed4ef14ea..cae51f5f7e 100644
--- a/.github/workflows/macos.yml
+++ b/.github/workflows/macos.yml
@@ -618,7 +618,7 @@ jobs:
 
       - name: 'configure / ${{ matrix.build }}'
         run: |
-          if [ "${MATRIX_COMPILER}" = 'gcc-13' ] && [ "${MATRIX_IMAGE}" = 'macos-15' ] ; then
+          if [ "${MATRIX_COMPILER}" = 'gcc-13' ] && [ "${MATRIX_IMAGE}" = 'macos-15' ]; then
             # Ref: https://github.com/Homebrew/homebrew-core/issues/194778#issuecomment-2793243409
             /opt/homebrew/opt/gcc@13/libexec/gcc/aarch64-apple-darwin24/13/install-tools/mkheaders
           fi
diff --git a/CMake/CurlTests.c b/CMake/CurlTests.c
index 40fa50fe83..a06c7701f5 100644
--- a/CMake/CurlTests.c
+++ b/CMake/CurlTests.c
@@ -29,7 +29,7 @@
 #include 
 /* */
 #if defined(sun) || defined(__sun__) || \
-    defined(__SUNPRO_C) || defined(__SUNPRO_CC)
+  defined(__SUNPRO_C) || defined(__SUNPRO_CC)
 #  if defined(__SVR4) || defined(__srv4__)
 #    define PLATFORM_SOLARIS
 #  else
@@ -119,7 +119,10 @@ int main(void)
 #include 
 #include 
 #include 
-int main(void) { return 0; }
+int main(void)
+{
+  return 0;
+}
 #endif
 
 #ifdef HAVE_FILE_OFFSET_BITS
@@ -128,7 +131,7 @@ int main(void) { return 0; }
    We cannot simply define LARGE_OFF_T to be 9223372036854775807,
    since some C++ compilers masquerading as C compilers
    incorrectly reject 9223372036854775807. */
-#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
+#define LARGE_OFF_T (((off_t)1 << 62) - 1 + ((off_t)1 << 62))
 static int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 &&
                            LARGE_OFF_T % 2147483647 == 1)
                           ? 1 : -1];
@@ -272,7 +275,10 @@ int main(void)
 #include 
 #include 
 
-static void check(char c) { (void)c; }
+static void check(char c)
+{
+  (void)c;
+}
 
 int main(void)
 {
@@ -289,7 +295,10 @@ int main(void)
 #include 
 
 /* Float, because a pointer cannot be implicitly cast to float */
-static void check(float f) { (void)f; }
+static void check(float f)
+{
+  (void)f;
+}
 
 int main(void)
 {
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 8b3cbecc51..af3d1f8846 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1833,7 +1833,6 @@ if(CURL_LTO)
   endif()
 endif()
 
-
 # Ugly (but functional) way to include "Makefile.inc" by transforming it
 # (= regenerate it).
 function(curl_transform_makefile_inc _input_file _output_file)
diff --git a/acinclude.m4 b/acinclude.m4
index d95cbd3f5b..f38eac8211 100644
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -769,7 +769,7 @@ AC_DEFUN([CURL_CHECK_STRUCT_TIMEVAL], [
         #include 
       ]],[[
         struct timeval ts;
-        ts.tv_sec  = 0;
+        ts.tv_sec = 0;
         ts.tv_usec = 0;
         (void)ts;
       ]])
diff --git a/configure.ac b/configure.ac
index 3c0bfaa353..e465ee6a8a 100644
--- a/configure.ac
+++ b/configure.ac
@@ -520,7 +520,6 @@ if test "$xc_lt_build_static_only" = "yes"; then
 fi
 AC_SUBST([LIBCURL_PC_CFLAGS])
 
-
 dnl **********************************************************************
 dnl platform/compiler/architecture specific checks/flags
 dnl **********************************************************************
@@ -2152,7 +2151,6 @@ if test "x$OPT_LIBPSL" != "xno"; then
 fi
 AM_CONDITIONAL([USE_LIBPSL], [test "$curl_psl_msg" = "enabled"])
 
-
 dnl **********************************************************************
 dnl Check for libgsasl
 dnl **********************************************************************
@@ -2236,7 +2234,6 @@ AS_HELP_STRING([--with-libssh2=PATH],[Where to look for libssh2, PATH points to
 AS_HELP_STRING([--with-libssh2], [enable libssh2]),
   OPT_LIBSSH2=$withval, OPT_LIBSSH2=no)
 
-
 OPT_LIBSSH=off
 AC_ARG_WITH(libssh,dnl
 AS_HELP_STRING([--with-libssh=PATH],[Where to look for libssh, PATH points to the libssh installation; when possible, set the PKG_CONFIG_PATH environment variable instead of using this option])
@@ -2619,7 +2616,6 @@ if test "x$OPT_LIBRTMP" != "xno"; then
         dnl a pkgconfig file
         AC_MSG_ERROR([--librtmp was specified but could not find librtmp pkgconfig file.])
       fi
-
       ;;
     off)
       dnl no --with-librtmp option given, just check default places
@@ -3685,7 +3681,6 @@ if test "$want_nghttp3" != "no"; then
         CPPFLAGS=$CLEANCPPFLAGS
         LIBS=$CLEANLIBS
     )
-
   else
     dnl no nghttp3 pkg-config found, deal with it
     if test "$want_nghttp3" != "default"; then
@@ -3898,7 +3893,6 @@ if test "$want_libuv" != "no"; then
         CPPFLAGS=$CLEANCPPFLAGS
         LIBS=$CLEANLIBS
     )
-
   else
     dnl no libuv pkg-config found, deal with it
     if test "$want_libuv" != "default"; then
@@ -4042,7 +4036,6 @@ dnl default includes
 ]
 )
 
-
 dnl Checks for typedefs, structures, and compiler characteristics.
 AC_C_CONST
 AC_TYPE_SIZE_T
@@ -4977,7 +4970,6 @@ if test "$hsts" != "yes"; then
   AC_DEFINE(CURL_DISABLE_HSTS, 1, [disable alt-svc])
 fi
 
-
 dnl *************************************************************
 dnl check whether ECH support, if desired, is actually available
 dnl
@@ -5042,7 +5034,6 @@ else
   fi
 fi
 
-
 dnl *************************************************************
 dnl check whether OpenSSL (lookalikes) have SSL_set0_wbio
 dnl
diff --git a/docs/FAQ.md b/docs/FAQ.md
index eba30f1fef..0febe1b73c 100644
--- a/docs/FAQ.md
+++ b/docs/FAQ.md
@@ -827,7 +827,6 @@ chain.
 Details are also in [the SSL certificates
 document](https://curl.se/docs/sslcerts.html).
 
-
 ## Why is curl -R on Windows one hour off?
 
 Since curl 7.53.0 this issue should be fixed as long as curl was built with
@@ -891,7 +890,7 @@ the second. No more than three packets are sent, no matter how long the
 timeout is set.
 
 See option `TcpMaxConnectRetransmissions` on [this
-page](https://support.microsoft.com/bg-bg/topic/hotfix-enables-the-configuration-of-the-tcp-maximum-syn-retransmission-amount-in-windows-7-or-windows-server-2008-r2-1b6f8352-2c5f-58bb-ead7-2cf021407c8e).
+page](https://support.microsoft.com/topic/hotfix-enables-the-configuration-of-the-tcp-maximum-syn-retransmission-amount-in-windows-7-or-windows-server-2008-r2-1b6f8352-2c5f-58bb-ead7-2cf021407c8e).
 
 Also, even on non-Windows systems there may run a firewall or anti-virus
 software or similar that accepts the connection but does not actually do
diff --git a/docs/MANUAL.md b/docs/MANUAL.md
index 1acb4d2244..c52e231bdc 100644
--- a/docs/MANUAL.md
+++ b/docs/MANUAL.md
@@ -276,7 +276,6 @@ this:
 
     curl --trace my-trace.txt www.haxx.se
 
-
 ## Detailed Information
 
 Different protocols provide different ways of getting detailed information
diff --git a/docs/SSLCERTS.md b/docs/SSLCERTS.md
index de39545534..3506fbd787 100644
--- a/docs/SSLCERTS.md
+++ b/docs/SSLCERTS.md
@@ -133,7 +133,6 @@ Apple SecTrust and your own file to be considered, use:
 
     curl --ca-native --cacert mycerts.pem https://example.com
 
-
 #### Other Combinations
 
 How well the use of native CA stores work in all other combinations depends
diff --git a/docs/TODO.md b/docs/TODO.md
index 0224ae8733..3d2eec5312 100644
--- a/docs/TODO.md
+++ b/docs/TODO.md
@@ -398,7 +398,6 @@ honest a bit of a hack.
 Please see the following thread for more information:
 https://curl.se/mail/lib-2012-05/0178.html
 
-
 # POP3
 
 ## Enhanced capability support
diff --git a/docs/TheArtOfHttpScripting.md b/docs/TheArtOfHttpScripting.md
index ab4961c578..bab52cca47 100644
--- a/docs/TheArtOfHttpScripting.md
+++ b/docs/TheArtOfHttpScripting.md
@@ -198,7 +198,6 @@ SPDX-License-Identifier: curl
 
     curl --data name=curl https://url1.example.com https://url2.example.com
 
-
 ## Multiple HTTP methods in a single command line
 
  Sometimes you need to operate on several URLs in a single command line and do
diff --git a/docs/examples/ephiperfifo.c b/docs/examples/ephiperfifo.c
index cafea9693f..14a3817538 100644
--- a/docs/examples/ephiperfifo.c
+++ b/docs/examples/ephiperfifo.c
@@ -41,7 +41,6 @@ Whenever there is input into the fifo, the program reads the input as a list
 of URL's and creates some new easy handles to fetch each URL via the
 curl_multi "hiper" API.
 
-
 Thus, you can try a single URL:
   % echo http://www.yahoo.com > hiper.fifo
 
diff --git a/docs/examples/evhiperfifo.c b/docs/examples/evhiperfifo.c
index 922197c3cb..46cfc0a859 100644
--- a/docs/examples/evhiperfifo.c
+++ b/docs/examples/evhiperfifo.c
@@ -44,7 +44,6 @@ Whenever there is input into the fifo, the program reads the input as a list
 of URL's and creates some new easy handles to fetch each URL via the
 curl_multi "hiper" API.
 
-
 Thus, you can try a single URL:
   % echo http://www.yahoo.com > hiper.fifo
 
diff --git a/docs/examples/ghiper.c b/docs/examples/ghiper.c
index 8f320a6e5f..b3e0803550 100644
--- a/docs/examples/ghiper.c
+++ b/docs/examples/ghiper.c
@@ -41,7 +41,6 @@
  of URL's and creates some new easy handles to fetch each URL via the
  curl_multi "hiper" API.
 
-
  Thus, you can try a single URL:
  % echo http://www.yahoo.com > hiper.fifo
 
diff --git a/docs/examples/hiperfifo.c b/docs/examples/hiperfifo.c
index 7b17731ebf..79af5268c8 100644
--- a/docs/examples/hiperfifo.c
+++ b/docs/examples/hiperfifo.c
@@ -41,7 +41,6 @@ Whenever there is input into the fifo, the program reads the input as a list
 of URL's and creates some new easy handles to fetch each URL via the
 curl_multi "hiper" API.
 
-
 Thus, you can try a single URL:
   % echo http://www.yahoo.com > hiper.fifo
 
diff --git a/docs/examples/htmltitle.cpp b/docs/examples/htmltitle.cpp
index ac351a8bf5..4d698f253c 100644
--- a/docs/examples/htmltitle.cpp
+++ b/docs/examples/htmltitle.cpp
@@ -46,9 +46,9 @@
 //
 
 #ifdef _WIN32
-#define COMPARE(a, b) (!_stricmp((a), (b)))
+#define COMPARE(a, b) (!_stricmp(a, b))
 #else
-#define COMPARE(a, b) (!strcasecmp((a), (b)))
+#define COMPARE(a, b) (!strcasecmp(a, b))
 #endif
 
 //
diff --git a/docs/examples/http2-upload.c b/docs/examples/http2-upload.c
index 8ed6568542..7becf51169 100644
--- a/docs/examples/http2-upload.c
+++ b/docs/examples/http2-upload.c
@@ -67,7 +67,7 @@
 #endif
 
 #ifdef _MSC_VER
-#define gettimeofday(a, b) my_gettimeofday((a), (b))
+#define gettimeofday(a, b) my_gettimeofday(a, b)
 static int my_gettimeofday(struct timeval *tp, void *tzp)
 {
   (void)tzp;
diff --git a/docs/examples/postit2-formadd.c b/docs/examples/postit2-formadd.c
index 086cae0e51..7e5f08ef66 100644
--- a/docs/examples/postit2-formadd.c
+++ b/docs/examples/postit2-formadd.c
@@ -74,7 +74,6 @@ int main(int argc, char *argv[])
                  CURLFORM_COPYCONTENTS, "postit2-formadd.c",
                  CURLFORM_END);
 
-
     /* Fill in the submit field too, even if this is rarely needed */
     curl_formadd(&formpost,
                  &lastptr,
diff --git a/docs/libcurl/curl_easy_getinfo.md b/docs/libcurl/curl_easy_getinfo.md
index 9515fadeed..e05beb614e 100644
--- a/docs/libcurl/curl_easy_getinfo.md
+++ b/docs/libcurl/curl_easy_getinfo.md
@@ -398,7 +398,6 @@ An overview of the time values available from curl_easy_getinfo(3)
         |--|--|--|--|--|--|--|--TOTAL
         |--|--|--|--|--|--|--|--REDIRECT
 
-
  CURLINFO_QUEUE_TIME_T(3), CURLINFO_NAMELOOKUP_TIME_T(3),
  CURLINFO_CONNECT_TIME_T(3), CURLINFO_APPCONNECT_TIME_T(3),
  CURLINFO_PRETRANSFER_TIME_T(3), CURLINFO_POSTTRANSFER_TIME_T(3),
diff --git a/include/curl/curl.h b/include/curl/curl.h
index 9e07527dc9..250f3f679a 100644
--- a/include/curl/curl.h
+++ b/include/curl/curl.h
@@ -229,7 +229,6 @@ struct curl_httppost {
                                        set. Added in 7.46.0 */
 };
 
-
 /* This is a return code for the progress callback that, when returned, will
    signal libcurl to continue executing the default progress function */
 #define CURL_PROGRESSFUNC_CONTINUE 0x10000001
@@ -844,7 +843,7 @@ typedef enum {
 #define CURLAUTH_AWS_SIGV4    (((unsigned long)1)<<7)
 #define CURLAUTH_ONLY         (((unsigned long)1)<<31)
 #define CURLAUTH_ANY          (~CURLAUTH_DIGEST_IE)
-#define CURLAUTH_ANYSAFE      (~(CURLAUTH_BASIC|CURLAUTH_DIGEST_IE))
+#define CURLAUTH_ANYSAFE      (~(CURLAUTH_BASIC | CURLAUTH_DIGEST_IE))
 
 #define CURLSSH_AUTH_ANY       ~0L     /* all types supported by the server */
 #define CURLSSH_AUTH_NONE      0L      /* none allowed, silly but complete */
@@ -916,7 +915,6 @@ typedef int
                           /* return CURLE_OK to accept */
                           /* or something else to refuse */
 
-
 /* parameter for the CURLOPT_USE_SSL option */
 #define CURLUSESSL_NONE    0L /* do not attempt to use SSL */
 #define CURLUSESSL_TRY     1L /* try using SSL, proceed anyway otherwise */
@@ -1115,7 +1113,6 @@ typedef CURLSTScode (*curl_hstswrite_callback)(CURL *easy,
 /* *STRINGPOINT is an alias for OBJECTPOINT to allow tools to extract the
    string options from the header file */
 
-
 #define CURLOPT(na,t,nu) na = t + nu
 #define CURLOPTDEPRECATED(na,t,nu,v,m) na CURL_DEPRECATED(v,m) = t + nu
 
@@ -1874,9 +1871,7 @@ typedef enum {
 
      libcurl will ask for the compressed methods it knows of, and if that
      is not any, it will not ask for transfer-encoding at all even if this
-     option is set to 1.
-
-  */
+     option is set to 1. */
   CURLOPT(CURLOPT_TRANSFER_ENCODING, CURLOPTTYPE_LONG, 207),
 
   /* Callback function for closing socket (instead of close(2)). The callback
@@ -2294,10 +2289,9 @@ typedef enum {
 #undef CURLOPT_DNS_USE_GLOBAL_CACHE /* soon obsolete */
 #endif
 
-
-  /* Below here follows defines for the CURLOPT_IPRESOLVE option. If a host
-     name resolves addresses using more than one IP protocol version, this
-     option might be handy to force libcurl to use a specific IP version. */
+/* Below here follows defines for the CURLOPT_IPRESOLVE option. If a host
+   name resolves addresses using more than one IP protocol version, this
+   option might be handy to force libcurl to use a specific IP version. */
 #define CURL_IPRESOLVE_WHATEVER 0L /* default, uses addresses to all IP
                                      versions that your system allows */
 #define CURL_IPRESOLVE_V4       1L /* uses only IPv4 addresses/connections */
@@ -2381,7 +2375,7 @@ enum CURL_NETRC_OPTION {
 #define CURL_SSLVERSION_MAX_TLSv1_2 (CURL_SSLVERSION_TLSv1_2 << 16)
 #define CURL_SSLVERSION_MAX_TLSv1_3 (CURL_SSLVERSION_TLSv1_3 << 16)
 
-  /* never use, keep last */
+/* never use, keep last */
 #define CURL_SSLVERSION_MAX_LAST    (CURL_SSLVERSION_LAST    << 16)
 
 #define CURL_TLSAUTH_NONE 0L
@@ -2403,7 +2397,7 @@ enum CURL_TLSAUTH {
 #define CURL_REDIR_POST_302 2L
 #define CURL_REDIR_POST_303 4L
 #define CURL_REDIR_POST_ALL \
-    (CURL_REDIR_POST_301|CURL_REDIR_POST_302|CURL_REDIR_POST_303)
+  (CURL_REDIR_POST_301 | CURL_REDIR_POST_302 | CURL_REDIR_POST_303)
 
 #define CURL_TIMECOND_NONE         0L
 #define CURL_TIMECOND_IFMODSINCE   1L
@@ -2418,7 +2412,7 @@ typedef enum {
 } curl_TimeCond;
 
 /* Special size_t value signaling a null-terminated string. */
-#define CURL_ZERO_TERMINATED ((size_t) -1)
+#define CURL_ZERO_TERMINATED ((size_t)-1)
 
 /* curl_strequal() and curl_strnequal() are subject for removal in a future
    release */
@@ -2705,7 +2699,6 @@ CURL_EXTERN char *curl_easy_escape(CURL *handle,
 CURL_EXTERN char *curl_escape(const char *string,
                               int length);
 
-
 /*
  * NAME curl_easy_unescape()
  *
@@ -2743,10 +2736,9 @@ CURL_EXTERN void curl_free(void *p);
  *
  * curl_global_init() should be invoked exactly once for each application that
  * uses libcurl and before any call of other libcurl functions.
-
+ *
  * This function is thread-safe if CURL_VERSION_THREADSAFE is set in the
  * curl_version_info_data.features flag (fetch by curl_version_info()).
-
  */
 CURL_EXTERN CURLcode curl_global_init(long flags);
 
@@ -2787,10 +2779,9 @@ CURL_EXTERN void curl_global_cleanup(void);
  *
  * curl_global_trace() can be invoked at application start to
  * configure which components in curl should participate in tracing.
-
+ *
  * This function is thread-safe if CURL_VERSION_THREADSAFE is set in the
  * curl_version_info_data.features flag (fetch by curl_version_info()).
-
  */
 CURL_EXTERN CURLcode curl_global_trace(const char *config);
 
@@ -3017,12 +3008,11 @@ typedef enum {
 
 #define CURL_GLOBAL_SSL (1<<0) /* no purpose since 7.57.0 */
 #define CURL_GLOBAL_WIN32 (1<<1)
-#define CURL_GLOBAL_ALL (CURL_GLOBAL_SSL|CURL_GLOBAL_WIN32)
+#define CURL_GLOBAL_ALL (CURL_GLOBAL_SSL | CURL_GLOBAL_WIN32)
 #define CURL_GLOBAL_NOTHING 0
 #define CURL_GLOBAL_DEFAULT CURL_GLOBAL_ALL
 #define CURL_GLOBAL_ACK_EINTR (1<<2)
 
-
 /*****************************************************************************
  * Setup defines, protos etc for the sharing stuff.
  */
@@ -3060,7 +3050,6 @@ typedef void (*curl_unlock_function)(CURL *handle,
                                      curl_lock_data data,
                                      void *userptr);
 
-
 typedef enum {
   CURLSHE_OK,  /* all is fine */
   CURLSHE_BAD_OPTION, /* 1 */
@@ -3264,8 +3253,8 @@ CURL_EXTERN CURLcode curl_easy_pause(CURL *handle, int bitmask);
 #define CURLPAUSE_SEND      (1<<2)
 #define CURLPAUSE_SEND_CONT (0)
 
-#define CURLPAUSE_ALL       (CURLPAUSE_RECV|CURLPAUSE_SEND)
-#define CURLPAUSE_CONT      (CURLPAUSE_RECV_CONT|CURLPAUSE_SEND_CONT)
+#define CURLPAUSE_ALL       (CURLPAUSE_RECV | CURLPAUSE_SEND)
+#define CURLPAUSE_CONT      (CURLPAUSE_RECV_CONT | CURLPAUSE_SEND_CONT)
 
 /*
  * NAME curl_easy_ssls_import()
@@ -3310,7 +3299,6 @@ CURL_EXTERN CURLcode curl_easy_ssls_export(CURL *handle,
                                            curl_ssls_export_cb *export_fn,
                                            void *userptr);
 
-
 #ifdef __cplusplus
 } /* end of extern "C" */
 #endif
diff --git a/include/curl/easy.h b/include/curl/easy.h
index 8a1d68dfd8..85cfd830f7 100644
--- a/include/curl/easy.h
+++ b/include/curl/easy.h
@@ -58,7 +58,6 @@ CURL_EXTERN void curl_easy_cleanup(CURL *curl);
  */
 CURL_EXTERN CURLcode curl_easy_getinfo(CURL *curl, CURLINFO info, ...);
 
-
 /*
  * NAME curl_easy_duphandle()
  *
@@ -108,7 +107,6 @@ CURL_EXTERN CURLcode curl_easy_recv(CURL *curl, void *buffer, size_t buflen,
 CURL_EXTERN CURLcode curl_easy_send(CURL *curl, const void *buffer,
                                     size_t buflen, size_t *n);
 
-
 /*
  * NAME curl_easy_upkeep()
  *
diff --git a/include/curl/multi.h b/include/curl/multi.h
index e307b98f4c..f3f66030ca 100644
--- a/include/curl/multi.h
+++ b/include/curl/multi.h
@@ -136,25 +136,25 @@ CURL_EXTERN CURLM *curl_multi_init(void);
 CURL_EXTERN CURLMcode curl_multi_add_handle(CURLM *multi_handle,
                                             CURL *curl_handle);
 
- /*
-  * Name:    curl_multi_remove_handle()
-  *
-  * Desc:    removes a curl handle from the multi stack again
-  *
-  * Returns: CURLMcode type, general multi error code.
-  */
+/*
+ * Name:    curl_multi_remove_handle()
+ *
+ * Desc:    removes a curl handle from the multi stack again
+ *
+ * Returns: CURLMcode type, general multi error code.
+ */
 CURL_EXTERN CURLMcode curl_multi_remove_handle(CURLM *multi_handle,
                                                CURL *curl_handle);
 
- /*
-  * Name:    curl_multi_fdset()
-  *
-  * Desc:    Ask curl for its fd_set sets. The app can use these to select() or
-  *          poll() on. We want curl_multi_perform() called as soon as one of
-  *          them are ready.
-  *
-  * Returns: CURLMcode type, general multi error code.
-  */
+/*
+ * Name:    curl_multi_fdset()
+ *
+ * Desc:    Ask curl for its fd_set sets. The app can use these to select() or
+ *          poll() on. We want curl_multi_perform() called as soon as one of
+ *          them are ready.
+ *
+ * Returns: CURLMcode type, general multi error code.
+ */
 CURL_EXTERN CURLMcode curl_multi_fdset(CURLM *multi_handle,
                                        fd_set *read_fd_set,
                                        fd_set *write_fd_set,
@@ -198,35 +198,35 @@ CURL_EXTERN CURLMcode curl_multi_poll(CURLM *multi_handle,
  */
 CURL_EXTERN CURLMcode curl_multi_wakeup(CURLM *multi_handle);
 
- /*
-  * Name:    curl_multi_perform()
-  *
-  * Desc:    When the app thinks there is data available for curl it calls this
-  *          function to read/write whatever there is right now. This returns
-  *          as soon as the reads and writes are done. This function does not
-  *          require that there actually is data available for reading or that
-  *          data can be written, it can be called just in case. It returns
-  *          the number of handles that still transfer data in the second
-  *          argument's integer-pointer.
-  *
-  * Returns: CURLMcode type, general multi error code. *NOTE* that this only
-  *          returns errors etc regarding the whole multi stack. There might
-  *          still have occurred problems on individual transfers even when
-  *          this returns OK.
-  */
+/*
+ * Name:    curl_multi_perform()
+ *
+ * Desc:    When the app thinks there is data available for curl it calls this
+ *          function to read/write whatever there is right now. This returns
+ *          as soon as the reads and writes are done. This function does not
+ *          require that there actually is data available for reading or that
+ *          data can be written, it can be called just in case. It returns
+ *          the number of handles that still transfer data in the second
+ *          argument's integer-pointer.
+ *
+ * Returns: CURLMcode type, general multi error code. *NOTE* that this only
+ *          returns errors etc regarding the whole multi stack. There might
+ *          still have occurred problems on individual transfers even when
+ *          this returns OK.
+ */
 CURL_EXTERN CURLMcode curl_multi_perform(CURLM *multi_handle,
                                          int *running_handles);
 
- /*
-  * Name:    curl_multi_cleanup()
-  *
-  * Desc:    Cleans up and removes a whole multi stack. It does not free or
-  *          touch any individual easy handles in any way. We need to define
-  *          in what state those handles will be if this function is called
-  *          in the middle of a transfer.
-  *
-  * Returns: CURLMcode type, general multi error code.
-  */
+/*
+ * Name:    curl_multi_cleanup()
+ *
+ * Desc:    Cleans up and removes a whole multi stack. It does not free or
+ *          touch any individual easy handles in any way. We need to define
+ *          in what state those handles will be if this function is called
+ *          in the middle of a transfer.
+ *
+ * Returns: CURLMcode type, general multi error code.
+ */
 CURL_EXTERN CURLMcode curl_multi_cleanup(CURLM *multi_handle);
 
 /*
@@ -327,8 +327,8 @@ curl_multi_socket_all(CURLM *multi_handle, int *running_handles);
 
 #ifndef CURL_ALLOW_OLD_MULTI_SOCKET
 /* This macro below was added in 7.16.3 to push users who recompile to use
-   the new curl_multi_socket_action() instead of the old curl_multi_socket()
-*/
+ * the new curl_multi_socket_action() instead of the old curl_multi_socket()
+ */
 #define curl_multi_socket(x,y,z) curl_multi_socket_action(x,y,0,z)
 #endif
 
@@ -351,10 +351,10 @@ typedef enum {
   /* This is the argument passed to the socket callback */
   CURLOPT(CURLMOPT_SOCKETDATA, CURLOPTTYPE_OBJECTPOINT, 2),
 
-    /* set to 1 to enable pipelining for this multi handle */
+  /* set to 1 to enable pipelining for this multi handle */
   CURLOPT(CURLMOPT_PIPELINING, CURLOPTTYPE_LONG, 3),
 
-   /* This is the timer callback function pointer */
+  /* This is the timer callback function pointer */
   CURLOPT(CURLMOPT_TIMERFUNCTION, CURLOPTTYPE_FUNCTIONPOINT, 4),
 
   /* This is the argument passed to the timer callback */
@@ -429,7 +429,6 @@ typedef enum {
 CURL_EXTERN CURLMcode curl_multi_setopt(CURLM *multi_handle,
                                         CURLMoption option, ...);
 
-
 /*
  * Name:    curl_multi_assign()
  *
@@ -454,7 +453,6 @@ CURL_EXTERN CURLMcode curl_multi_assign(CURLM *multi_handle,
  */
 CURL_EXTERN CURL **curl_multi_get_handles(CURLM *multi_handle);
 
-
 typedef enum {
   CURLMINFO_NONE, /* first, never use this */
   /* The number of easy handles currently managed by the multi handle,
diff --git a/include/curl/typecheck-gcc.h b/include/curl/typecheck-gcc.h
index bf03e0d935..0642afd91e 100644
--- a/include/curl/typecheck-gcc.h
+++ b/include/curl/typecheck-gcc.h
@@ -264,7 +264,6 @@
  */
 #define curl_share_setopt(share,opt,param) curl_share_setopt(share,opt,param)
 
-
 /* the actual warnings, triggered by calling the Wcurl_easy_setopt_err*
  * functions */
 
@@ -590,8 +589,9 @@ CURLWARNING(Wcurl_easy_getinfo_err_curl_off_t,
 #define curlcheck_off_t_info(info)              \
   (CURLINFO_OFF_T < (info))
 
-
-/* typecheck helpers -- check whether given expression has requested type */
+/*
+ * typecheck helpers -- check whether given expression has requested type
+ */
 
 /* For pointers, you can use the curlcheck_ptr/curlcheck_arr macros,
  * otherwise define a new macro. Search for __builtin_types_compatible_p
@@ -641,7 +641,6 @@ CURLWARNING(Wcurl_easy_getinfo_err_curl_off_t,
   (curlcheck_NULL(expr) ||                                              \
    __builtin_types_compatible_p(__typeof__(expr), CURL *))
 
-
 /* evaluates to true if expr is a long (no matter the signedness)
  * XXX: for now, int is also accepted (and therefore short and char, which
  * are promoted to int when passed to a variadic function) */
diff --git a/lib/cf-https-connect.h b/lib/cf-https-connect.h
index df51b62479..df29c8ddd7 100644
--- a/lib/cf-https-connect.h
+++ b/lib/cf-https-connect.h
@@ -44,6 +44,5 @@ CURLcode Curl_cf_https_setup(struct Curl_easy *data,
                              struct connectdata *conn,
                              int sockindex);
 
-
 #endif /* !CURL_DISABLE_HTTP */
 #endif /* HEADER_CURL_CF_HTTP_H */
diff --git a/lib/cfilters.h b/lib/cfilters.h
index 73b9cb03e0..6834c4133a 100644
--- a/lib/cfilters.h
+++ b/lib/cfilters.h
@@ -316,7 +316,6 @@ void Curl_conn_cf_discard_all(struct Curl_easy *data,
                               struct connectdata *conn,
                               int sockindex);
 
-
 CURLcode Curl_conn_cf_connect(struct Curl_cfilter *cf,
                               struct Curl_easy *data,
                               bool *done);
diff --git a/lib/config-os400.h b/lib/config-os400.h
index b08400fe97..3a48406b2a 100644
--- a/lib/config-os400.h
+++ b/lib/config-os400.h
@@ -132,7 +132,6 @@
 /* Define if you have the `socket' function. */
 #define HAVE_SOCKET
 
-
 /* The following define is needed on OS400 to enable strcmpi(), stricmp() and
    strdup(). */
 #define __cplusplus__strings__
diff --git a/lib/curl_hmac.h b/lib/curl_hmac.h
index 285846afe7..5444d62bd2 100644
--- a/lib/curl_hmac.h
+++ b/lib/curl_hmac.h
@@ -48,7 +48,6 @@ struct HMAC_params {
   unsigned int     resultlen; /* Result length (bytes). */
 };
 
-
 /* HMAC computation context. */
 struct HMAC_context {
   const struct HMAC_params *hash; /* Hash function definition. */
diff --git a/lib/curl_memrchr.h b/lib/curl_memrchr.h
index 73bd346cde..8e5d17708b 100644
--- a/lib/curl_memrchr.h
+++ b/lib/curl_memrchr.h
@@ -35,7 +35,7 @@
 
 #else /* HAVE_MEMRCHR */
 void *Curl_memrchr(const void *s, int c, size_t n);
-#define memrchr(x, y, z)  Curl_memrchr((x), (y), (z))
+#define memrchr(x, y, z)  Curl_memrchr(x, y, z)
 
 #endif /* HAVE_MEMRCHR */
 
diff --git a/lib/curl_setup_once.h b/lib/curl_setup_once.h
index f9395aa7b5..742d000b85 100644
--- a/lib/curl_setup_once.h
+++ b/lib/curl_setup_once.h
@@ -160,7 +160,6 @@ struct timeval {
 #endif
 #endif /* HAVE_RECV */
 
-
 #ifdef __minix
 /* Minix does not support send on TCP sockets */
 #define swrite(x, y, z) (ssize_t)write((SEND_TYPE_ARG1)(x), \
diff --git a/lib/curl_trc.h b/lib/curl_trc.h
index 0c47d58798..6d6a22ef99 100644
--- a/lib/curl_trc.h
+++ b/lib/curl_trc.h
@@ -65,7 +65,6 @@ void Curl_failf(struct Curl_easy *data,
 #define CURL_LOG_LVL_NONE  0
 #define CURL_LOG_LVL_INFO  1
 
-
 #if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L
 #define CURL_HAVE_C99
 #endif
diff --git a/lib/cw-pause.h b/lib/cw-pause.h
index 2aa1a499cd..5421bfd663 100644
--- a/lib/cw-pause.h
+++ b/lib/cw-pause.h
@@ -36,5 +36,4 @@ extern const struct Curl_cwtype Curl_cwt_pause;
 
 CURLcode Curl_cw_pause_flush(struct Curl_easy *data);
 
-
 #endif /* HEADER_CURL_CW_PAUSE_H */
diff --git a/lib/dynhds.h b/lib/dynhds.h
index e533dcc369..d405a60c21 100644
--- a/lib/dynhds.h
+++ b/lib/dynhds.h
@@ -126,7 +126,6 @@ size_t Curl_dynhds_remove(struct dynhds *dynhds,
                           const char *name, size_t namelen);
 size_t Curl_dynhds_cremove(struct dynhds *dynhds, const char *name);
 
-
 /**
  * Set the give header name and value, replacing any entries with
  * the same name. The header is added at the end of all (remaining)
diff --git a/lib/functypes.h b/lib/functypes.h
index b4dccc0ce4..92f6b45cd2 100644
--- a/lib/functypes.h
+++ b/lib/functypes.h
@@ -68,7 +68,6 @@
 #define SEND_TYPE_RETV int
 #endif
 
-
 #ifndef RECV_TYPE_ARG1
 #define RECV_TYPE_ARG1 int
 #endif
diff --git a/lib/hostip.h b/lib/hostip.h
index 780d93038f..3672a03506 100644
--- a/lib/hostip.h
+++ b/lib/hostip.h
@@ -116,7 +116,6 @@ bool Curl_ipv6works(struct Curl_easy *data);
 #define Curl_ipv6works(x) FALSE
 #endif
 
-
 /* unlink a dns entry, potentially shared with a cache */
 void Curl_resolv_unlink(struct Curl_easy *data,
                         struct Curl_dns_entry **pdns);
diff --git a/lib/http.h b/lib/http.h
index 26762b6205..b193a1dfc8 100644
--- a/lib/http.h
+++ b/lib/http.h
@@ -213,7 +213,6 @@ Curl_http_output_auth(struct Curl_easy *data,
 /* Decode HTTP status code string. */
 CURLcode Curl_http_decode_status(int *pstatus, const char *s, size_t len);
 
-
 /**
  * All about a core HTTP request, excluding body and trailers
  */
diff --git a/lib/ldap.c b/lib/ldap.c
index b51aab56fb..b94fff34d8 100644
--- a/lib/ldap.c
+++ b/lib/ldap.c
@@ -95,7 +95,7 @@
 #define curl_ldap_num_t    ULONG
 #else
 #define FREE_ON_WINLDAP(x)
-#define curl_ldap_num_t int
+#define curl_ldap_num_t    int
 #endif
 
 #ifndef HAVE_LDAP_URL_PARSE
diff --git a/lib/optiontable.pl b/lib/optiontable.pl
index 54b86d72e1..5e0c720f04 100755
--- a/lib/optiontable.pl
+++ b/lib/optiontable.pl
@@ -77,7 +77,6 @@ sub add {
     }
 }
 
-
 my $fl;
 while() {
     my $l = $_;
@@ -122,7 +121,6 @@ while() {
     }
 }
 
-
 for my $name (sort @names) {
     my $oname = $name;
     my $a = $alias{$name};
diff --git a/lib/setup-os400.h b/lib/setup-os400.h
index 01f9399510..4cb0d89c38 100644
--- a/lib/setup-os400.h
+++ b/lib/setup-os400.h
@@ -76,7 +76,6 @@ extern OM_uint32 Curl_gss_import_name_a(OM_uint32 * minor_status,
                                         gss_name_t * out_name);
 #define gss_import_name         Curl_gss_import_name_a
 
-
 extern OM_uint32 Curl_gss_display_status_a(OM_uint32 * minor_status,
                                            OM_uint32 status_value,
                                            int status_type, gss_OID mech_type,
@@ -84,7 +83,6 @@ extern OM_uint32 Curl_gss_display_status_a(OM_uint32 * minor_status,
                                            gss_buffer_t status_string);
 #define gss_display_status      Curl_gss_display_status_a
 
-
 extern OM_uint32 Curl_gss_init_sec_context_a(OM_uint32 * minor_status,
                                              gss_cred_id_t cred_handle,
                                              gss_ctx_id_t * context_handle,
@@ -101,13 +99,11 @@ extern OM_uint32 Curl_gss_init_sec_context_a(OM_uint32 * minor_status,
                                              OM_uint32 * time_rec);
 #define gss_init_sec_context    Curl_gss_init_sec_context_a
 
-
 extern OM_uint32 Curl_gss_delete_sec_context_a(OM_uint32 *minor_status,
                                                gss_ctx_id_t *context_handle,
                                                gss_buffer_t output_token);
 #define gss_delete_sec_context  Curl_gss_delete_sec_context_a
 
-
 /* LDAP wrappers. */
 
 #define BerValue                struct berval
diff --git a/lib/urldata.h b/lib/urldata.h
index bbab0130d3..7d5166e8e0 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -133,7 +133,6 @@ typedef unsigned int curl_prot_t;
    input easier and better. */
 #define CURL_MAX_INPUT_LENGTH 8000000
 
-
 #include "cookie.h"
 #include "psl.h"
 #include "formdata.h"
diff --git a/lib/vquic/vquic.h b/lib/vquic/vquic.h
index fd2dac7c22..fa2c0d4e81 100644
--- a/lib/vquic/vquic.h
+++ b/lib/vquic/vquic.h
@@ -40,7 +40,6 @@ CURLcode Curl_qlogdir(struct Curl_easy *data,
                       size_t scidlen,
                       int *qlogfdp);
 
-
 CURLcode Curl_cf_quic_create(struct Curl_cfilter **pcf,
                              struct Curl_easy *data,
                              struct connectdata *conn,
diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index d1236aefba..a98ff4a620 100644
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -306,7 +306,7 @@ static gnutls_x509_crt_fmt_t gnutls_do_file_type(const char *type)
   return GNUTLS_X509_FMT_PEM; /* default to PEM */
 }
 
-#define GNUTLS_CIPHERS "NORMAL:%PROFILE_MEDIUM:-ARCFOUR-128:"\
+#define GNUTLS_CIPHERS "NORMAL:%PROFILE_MEDIUM:-ARCFOUR-128:" \
   "-CTYPE-ALL:+CTYPE-X509"
 /* If GnuTLS was compiled without support for SRP it will error out if SRP is
    requested in the priority string, so treat it specially
diff --git a/lib/vtls/x509asn1.c b/lib/vtls/x509asn1.c
index d1329410bf..4f3c6ca170 100644
--- a/lib/vtls/x509asn1.c
+++ b/lib/vtls/x509asn1.c
@@ -54,7 +54,7 @@
  */
 
 /* Largest supported ASN.1 structure. */
-#define CURL_ASN1_MAX                   ((size_t) 0x40000)      /* 256K */
+#define CURL_ASN1_MAX                   ((size_t)0x40000)      /* 256K */
 
 /* ASN.1 classes. */
 /* #define CURL_ASN1_UNIVERSAL             0 */
diff --git a/m4/curl-amissl.m4 b/m4/curl-amissl.m4
index 86468890e8..a1c2d3979c 100644
--- a/m4/curl-amissl.m4
+++ b/m4/curl-amissl.m4
@@ -33,8 +33,7 @@ if test "$HAVE_PROTO_BSDSOCKET_H" = "1"; then
         #include 
       ]],[[
         #if defined(AMISSL_CURRENT_VERSION) && defined(AMISSL_V3xx) && \
-            (OPENSSL_VERSION_NUMBER >= 0x30000000L) && \
-            defined(PROTO_AMISSL_H)
+          (OPENSSL_VERSION_NUMBER >= 0x30000000L) && defined(PROTO_AMISSL_H)
         return 0;
         #else
         #error not AmiSSL v5 / OpenSSL 3
diff --git a/m4/curl-functions.m4 b/m4/curl-functions.m4
index 5512a5d28c..85ccd1ff6c 100644
--- a/m4/curl-functions.m4
+++ b/m4/curl-functions.m4
@@ -508,7 +508,7 @@ AC_DEFUN([CURL_CHECK_FUNC_ALARM], [
       AC_LANG_PROGRAM([[
         $curl_includes_unistd
       ]],[[
-        if(0 != alarm(0))
+        if(alarm(0) != 0)
           return 1;
       ]])
     ],[
@@ -599,7 +599,7 @@ AC_DEFUN([CURL_CHECK_FUNC_BASENAME], [
         $curl_includes_libgen
         $curl_includes_unistd
       ]],[[
-        if(0 != basename(0))
+        if(basename(0) != 0)
           return 1;
       ]])
     ],[
@@ -659,7 +659,7 @@ AC_DEFUN([CURL_CHECK_FUNC_CLOSESOCKET], [
     AC_LANG_PROGRAM([[
       $curl_includes_winsock2
     ]],[[
-      if(0 != closesocket(0))
+      if(closesocket(0) != 0)
         return 1;
     ]])
   ],[
@@ -689,7 +689,7 @@ AC_DEFUN([CURL_CHECK_FUNC_CLOSESOCKET], [
       AC_LANG_PROGRAM([[
         $curl_includes_winsock2
       ]],[[
-        if(0 != closesocket(0))
+        if(closesocket(0) != 0)
           return 1;
       ]])
     ],[
@@ -750,7 +750,7 @@ AC_DEFUN([CURL_CHECK_FUNC_CLOSESOCKET_CAMEL], [
       $curl_includes_bsdsocket
       $curl_includes_sys_socket
     ]],[[
-      if(0 != CloseSocket(0))
+      if(CloseSocket(0) != 0)
         return 1;
     ]])
   ],[
@@ -768,7 +768,7 @@ AC_DEFUN([CURL_CHECK_FUNC_CLOSESOCKET_CAMEL], [
         $curl_includes_bsdsocket
         $curl_includes_sys_socket
       ]],[[
-        if(0 != CloseSocket(0))
+        if(CloseSocket(0) != 0)
           return 1;
       ]])
     ],[
@@ -851,7 +851,7 @@ AC_DEFUN([CURL_CHECK_FUNC_FCNTL], [
       AC_LANG_PROGRAM([[
         $curl_includes_fcntl
       ]],[[
-        if(0 != fcntl(0, 0, 0))
+        if(fcntl(0, 0, 0) != 0)
           return 1;
       ]])
     ],[
@@ -917,7 +917,7 @@ AC_DEFUN([CURL_CHECK_FUNC_FCNTL_O_NONBLOCK], [
         $curl_includes_fcntl
       ]],[[
         int flags = 0;
-        if(0 != fcntl(0, F_SETFL, flags | O_NONBLOCK))
+        if(fcntl(0, F_SETFL, flags | O_NONBLOCK) != 0)
           return 1;
       ]])
     ],[
@@ -1098,7 +1098,7 @@ AC_DEFUN([CURL_CHECK_FUNC_FSETXATTR], [
         AC_LANG_PROGRAM([[
           $curl_includes_sys_xattr
         ]],[[
-          if(0 != fsetxattr(0, "", 0, 0, 0))
+          if(fsetxattr(0, "", 0, 0, 0) != 0)
             return 1;
         ]])
       ],[
@@ -1116,7 +1116,7 @@ AC_DEFUN([CURL_CHECK_FUNC_FSETXATTR], [
         AC_LANG_PROGRAM([[
           $curl_includes_sys_xattr
         ]],[[
-          if(0 != fsetxattr(0, 0, 0, 0, 0, 0))
+          if(fsetxattr(0, 0, 0, 0, 0, 0) != 0)
             return 1;
         ]])
       ],[
@@ -1218,7 +1218,7 @@ AC_DEFUN([CURL_CHECK_FUNC_FTRUNCATE], [
       AC_LANG_PROGRAM([[
         $curl_includes_unistd
       ]],[[
-        if(0 != ftruncate(0, 0))
+        if(ftruncate(0, 0) != 0)
           return 1;
       ]])
     ],[
@@ -1291,7 +1291,7 @@ AC_DEFUN([CURL_CHECK_FUNC_GETADDRINFO], [
       $curl_includes_netdb
     ]],[[
       struct addrinfo *ai = 0;
-      if(0 != getaddrinfo(0, 0, 0, &ai))
+      if(getaddrinfo(0, 0, 0, &ai) != 0)
         return 1;
     ]])
   ],[
@@ -1326,7 +1326,7 @@ AC_DEFUN([CURL_CHECK_FUNC_GETADDRINFO], [
         $curl_includes_netdb
       ]],[[
         struct addrinfo *ai = 0;
-        if(0 != getaddrinfo(0, 0, 0, &ai))
+        if(getaddrinfo(0, 0, 0, &ai) != 0)
           return 1;
       ]])
     ],[
@@ -1537,7 +1537,7 @@ AC_DEFUN([CURL_CHECK_FUNC_GETHOSTBYNAME_R], [
           $curl_includes_netdb
           $curl_includes_bsdsocket
         ]],[[
-          if(0 != gethostbyname_r(0, 0, 0))
+          if(gethostbyname_r(0, 0, 0) != 0)
             return 1;
         ]])
       ],[
@@ -1556,7 +1556,7 @@ AC_DEFUN([CURL_CHECK_FUNC_GETHOSTBYNAME_R], [
           $curl_includes_netdb
           $curl_includes_bsdsocket
         ]],[[
-          if(0 != gethostbyname_r(0, 0, 0, 0, 0))
+          if(gethostbyname_r(0, 0, 0, 0, 0) != 0)
             return 1;
         ]])
       ],[
@@ -1575,7 +1575,7 @@ AC_DEFUN([CURL_CHECK_FUNC_GETHOSTBYNAME_R], [
           $curl_includes_netdb
           $curl_includes_bsdsocket
         ]],[[
-          if(0 != gethostbyname_r(0, 0, 0, 0, 0, 0))
+          if(gethostbyname_r(0, 0, 0, 0, 0, 0) != 0)
             return 1;
         ]])
       ],[
@@ -1660,7 +1660,7 @@ AC_DEFUN([CURL_CHECK_FUNC_GETHOSTNAME], [
       $curl_includes_bsdsocket
     ]],[[
       char s[1];
-      if(0 != gethostname((void *)s, 0))
+      if(gethostname((void *)s, 0) != 0)
         return 1;
     ]])
   ],[
@@ -1695,7 +1695,7 @@ AC_DEFUN([CURL_CHECK_FUNC_GETHOSTNAME], [
         $curl_includes_bsdsocket
       ]],[[
         char s[1];
-        if(0 != gethostname((void *)s, 0))
+        if(gethostname((void *)s, 0) != 0)
           return 1;
       ]])
     ],[
@@ -1727,7 +1727,7 @@ AC_DEFUN([CURL_CHECK_FUNC_GETHOSTNAME], [
               int FUNCALLCONV gethostname($tst_arg1, $tst_arg2);
             ]],[[
               char s[1];
-              if(0 != gethostname(($tst_arg1)s, 0))
+              if(gethostname(($tst_arg1)s, 0) != 0)
                 return 1;
             ]])
           ],[
@@ -1795,7 +1795,7 @@ AC_DEFUN([CURL_CHECK_FUNC_GETPEERNAME], [
       $curl_includes_bsdsocket
       $curl_includes_sys_socket
     ]],[[
-      if(0 != getpeername(0, (void *)0, (void *)0))
+      if(getpeername(0, (void *)0, (void *)0) != 0)
         return 1;
     ]])
   ],[
@@ -1829,7 +1829,7 @@ AC_DEFUN([CURL_CHECK_FUNC_GETPEERNAME], [
         $curl_includes_bsdsocket
         $curl_includes_sys_socket
       ]],[[
-        if(0 != getpeername(0, (void *)0, (void *)0))
+        if(getpeername(0, (void *)0, (void *)0) != 0)
           return 1;
       ]])
     ],[
@@ -1893,7 +1893,7 @@ AC_DEFUN([CURL_CHECK_FUNC_GETSOCKNAME], [
       $curl_includes_bsdsocket
       $curl_includes_sys_socket
     ]],[[
-      if(0 != getsockname(0, (void *)0, (void *)0))
+      if(getsockname(0, (void *)0, (void *)0) != 0)
         return 1;
     ]])
   ],[
@@ -1927,7 +1927,7 @@ AC_DEFUN([CURL_CHECK_FUNC_GETSOCKNAME], [
         $curl_includes_bsdsocket
         $curl_includes_sys_socket
       ]],[[
-        if(0 != getsockname(0, (void *)0, (void *)0))
+        if(getsockname(0, (void *)0, (void *)0) != 0)
           return 1;
       ]])
     ],[
@@ -2014,7 +2014,7 @@ AC_DEFUN([CURL_CHECK_FUNC_GETIFADDRS], [
       AC_LANG_PROGRAM([[
         $curl_includes_ifaddrs
       ]],[[
-        if(0 != getifaddrs(0))
+        if(getifaddrs(0) != 0)
           return 1;
       ]])
     ],[
@@ -2134,7 +2134,7 @@ AC_DEFUN([CURL_CHECK_FUNC_GMTIME_R], [
       ]],[[
         time_t tm = 1170352587;
         struct tm result;
-        if(0 != gmtime_r(&tm, &result))
+        if(gmtime_r(&tm, &result) != 0)
           return 1;
         (void)result;
       ]])
@@ -2255,7 +2255,7 @@ AC_DEFUN([CURL_CHECK_FUNC_INET_NTOP], [
       ]],[[
         char ipv4res[sizeof("255.255.255.255")];
         unsigned char ipv4a[5] = "";
-        if(0 != inet_ntop(0, ipv4a, ipv4res, 0))
+        if(inet_ntop(0, ipv4a, ipv4res, 0) != 0)
           return 1;
       ]])
     ],[
@@ -2414,9 +2414,9 @@ AC_DEFUN([CURL_CHECK_FUNC_INET_PTON], [
       AC_LANG_PROGRAM([[
         $curl_includes_arpa_inet
       ]],[[
-        unsigned char ipv4a[4+1] = "";
+        unsigned char ipv4a[4 + 1] = "";
         const char *ipv4src = "192.168.100.1";
-        if(0 != inet_pton(0, ipv4src, ipv4a))
+        if(inet_pton(0, ipv4src, ipv4a) != 0)
           return 1;
       ]])
     ],[
@@ -2438,45 +2438,45 @@ AC_DEFUN([CURL_CHECK_FUNC_INET_PTON], [
         $curl_includes_arpa_inet
         $curl_includes_string
       ]],[[
-        unsigned char ipv6a[16+1];
-        unsigned char ipv4a[4+1];
+        unsigned char ipv6a[16 + 1];
+        unsigned char ipv4a[4 + 1];
         const char *ipv6src = "fe80::214:4fff:fe0b:76c8";
         const char *ipv4src = "192.168.100.1";
         /* - */
         memset(ipv4a, 1, sizeof(ipv4a));
-        if(1 != inet_pton(AF_INET, ipv4src, ipv4a))
+        if(inet_pton(AF_INET, ipv4src, ipv4a) != 1)
           return 1; /* fail */
         /* - */
-        if( (ipv4a[0] != 0xc0) ||
-            (ipv4a[1] != 0xa8) ||
-            (ipv4a[2] != 0x64) ||
-            (ipv4a[3] != 0x01) ||
-            (ipv4a[4] != 0x01) )
+        if((ipv4a[0] != 0xc0) ||
+           (ipv4a[1] != 0xa8) ||
+           (ipv4a[2] != 0x64) ||
+           (ipv4a[3] != 0x01) ||
+           (ipv4a[4] != 0x01))
           return 1; /* fail */
         /* - */
         memset(ipv6a, 1, sizeof(ipv6a));
-        if(1 != inet_pton(AF_INET6, ipv6src, ipv6a))
+        if(inet_pton(AF_INET6, ipv6src, ipv6a) != 1)
           return 1; /* fail */
         /* - */
-        if( (ipv6a[0]  != 0xfe) ||
-            (ipv6a[1]  != 0x80) ||
-            (ipv6a[8]  != 0x02) ||
-            (ipv6a[9]  != 0x14) ||
-            (ipv6a[10] != 0x4f) ||
-            (ipv6a[11] != 0xff) ||
-            (ipv6a[12] != 0xfe) ||
-            (ipv6a[13] != 0x0b) ||
-            (ipv6a[14] != 0x76) ||
-            (ipv6a[15] != 0xc8) ||
-            (ipv6a[16] != 0x01) )
+        if((ipv6a[0]  != 0xfe) ||
+           (ipv6a[1]  != 0x80) ||
+           (ipv6a[8]  != 0x02) ||
+           (ipv6a[9]  != 0x14) ||
+           (ipv6a[10] != 0x4f) ||
+           (ipv6a[11] != 0xff) ||
+           (ipv6a[12] != 0xfe) ||
+           (ipv6a[13] != 0x0b) ||
+           (ipv6a[14] != 0x76) ||
+           (ipv6a[15] != 0xc8) ||
+           (ipv6a[16] != 0x01))
           return 1; /* fail */
         /* - */
-        if( (ipv6a[2]  != 0x0) ||
-            (ipv6a[3]  != 0x0) ||
-            (ipv6a[4]  != 0x0) ||
-            (ipv6a[5]  != 0x0) ||
-            (ipv6a[6]  != 0x0) ||
-            (ipv6a[7]  != 0x0) )
+        if((ipv6a[2] != 0x0) ||
+           (ipv6a[3] != 0x0) ||
+           (ipv6a[4] != 0x0) ||
+           (ipv6a[5] != 0x0) ||
+           (ipv6a[6] != 0x0) ||
+           (ipv6a[7] != 0x0))
           return 1; /* fail */
         /* - */
         return 0;
@@ -2565,7 +2565,7 @@ AC_DEFUN([CURL_CHECK_FUNC_IOCTL], [
       AC_LANG_PROGRAM([[
         $curl_includes_stropts
       ]],[[
-        if(0 != ioctl(0, 0, 0))
+        if(ioctl(0, 0, 0) != 0)
           return 1;
       ]])
     ],[
@@ -2623,7 +2623,7 @@ AC_DEFUN([CURL_CHECK_FUNC_IOCTL_FIONBIO], [
         $curl_includes_stropts
       ]],[[
         int flags = 0;
-        if(0 != ioctl(0, FIONBIO, &flags))
+        if(ioctl(0, FIONBIO, &flags) != 0)
           return 1;
       ]])
     ],[
@@ -2680,7 +2680,7 @@ AC_DEFUN([CURL_CHECK_FUNC_IOCTL_SIOCGIFADDR], [
         #include 
       ]],[[
         struct ifreq ifr;
-        if(0 != ioctl(0, SIOCGIFADDR, &ifr))
+        if(ioctl(0, SIOCGIFADDR, &ifr) != 0)
           return 1;
       ]])
     ],[
@@ -2738,7 +2738,7 @@ AC_DEFUN([CURL_CHECK_FUNC_IOCTLSOCKET], [
     AC_LANG_PROGRAM([[
       $curl_includes_winsock2
     ]],[[
-      if(0 != ioctlsocket(0, 0, 0))
+      if(ioctlsocket(0, 0, 0) != 0)
         return 1;
     ]])
   ],[
@@ -2768,7 +2768,7 @@ AC_DEFUN([CURL_CHECK_FUNC_IOCTLSOCKET], [
       AC_LANG_PROGRAM([[
         $curl_includes_winsock2
       ]],[[
-        if(0 != ioctlsocket(0, 0, 0))
+        if(ioctlsocket(0, 0, 0) != 0)
           return 1;
       ]])
     ],[
@@ -2827,7 +2827,7 @@ AC_DEFUN([CURL_CHECK_FUNC_IOCTLSOCKET_FIONBIO], [
         $curl_includes_winsock2
       ]],[[
         unsigned long flags = 0;
-        if(0 != ioctlsocket(0, FIONBIO, &flags))
+        if(ioctlsocket(0, FIONBIO, &flags) != 0)
           return 1;
       ]])
     ],[
@@ -2884,7 +2884,7 @@ AC_DEFUN([CURL_CHECK_FUNC_IOCTLSOCKET_CAMEL], [
     AC_LANG_PROGRAM([[
       $curl_includes_bsdsocket
     ]],[[
-      if(0 != IoctlSocket(0, 0, 0))
+      if(IoctlSocket(0, 0, 0) != 0)
         return 1;
     ]])
   ],[
@@ -2901,7 +2901,7 @@ AC_DEFUN([CURL_CHECK_FUNC_IOCTLSOCKET_CAMEL], [
       AC_LANG_PROGRAM([[
         $curl_includes_bsdsocket
       ]],[[
-        if(0 != IoctlSocket(0, 0, 0))
+        if(IoctlSocket(0, 0, 0) != 0)
           return 1;
       ]])
     ],[
@@ -2959,7 +2959,7 @@ AC_DEFUN([CURL_CHECK_FUNC_IOCTLSOCKET_CAMEL_FIONBIO], [
         $curl_includes_bsdsocket
       ]],[[
         long flags = 0;
-        if(0 != IoctlSocket(0, FIONBIO, &flags))
+        if(IoctlSocket(0, FIONBIO, &flags) != 0)
           return 1;
       ]])
     ],[
@@ -3030,7 +3030,7 @@ AC_DEFUN([CURL_CHECK_FUNC_MEMRCHR], [
       AC_LANG_PROGRAM([[
         $curl_includes_string
       ]],[[
-        if(0 != memrchr("", 0, 0))
+        if(memrchr("", 0, 0) != 0)
           return 1;
       ]])
     ],[
@@ -3062,7 +3062,7 @@ AC_DEFUN([CURL_CHECK_FUNC_MEMRCHR], [
       AC_LANG_PROGRAM([[
         $curl_includes_string
       ]],[[
-        if(0 != memrchr("", 0, 0))
+        if(memrchr("", 0, 0) != 0)
           return 1;
       ]])
     ],[
@@ -3147,7 +3147,7 @@ AC_DEFUN([CURL_CHECK_FUNC_SIGACTION], [
       AC_LANG_PROGRAM([[
         $curl_includes_signal
       ]],[[
-        if(0 != sigaction(0, 0, 0))
+        if(sigaction(0, 0, 0) != 0)
           return 1;
       ]])
     ],[
@@ -3232,7 +3232,7 @@ AC_DEFUN([CURL_CHECK_FUNC_SIGINTERRUPT], [
       AC_LANG_PROGRAM([[
         $curl_includes_signal
       ]],[[
-        if(0 != siginterrupt(0, 0))
+        if(siginterrupt(0, 0) != 0)
           return 1;
       ]])
     ],[
@@ -3317,7 +3317,7 @@ AC_DEFUN([CURL_CHECK_FUNC_SIGNAL], [
       AC_LANG_PROGRAM([[
         $curl_includes_signal
       ]],[[
-        if(0 != signal(0, 0))
+        if(signal(0, 0) != 0)
           return 1;
       ]])
     ],[
@@ -3391,7 +3391,7 @@ AC_DEFUN([CURL_CHECK_FUNC_SIGSETJMP], [
         $curl_includes_setjmp
       ]],[[
         sigjmp_buf env;
-        if(0 != sigsetjmp(env, 0))
+        if(sigsetjmp(env, 0) != 0)
           return 1;
       ]])
     ],[
@@ -3424,7 +3424,7 @@ AC_DEFUN([CURL_CHECK_FUNC_SIGSETJMP], [
         $curl_includes_setjmp
       ]],[[
         sigjmp_buf env;
-        if(0 != sigsetjmp(env, 0))
+        if(sigsetjmp(env, 0) != 0)
           return 1;
       ]])
     ],[
@@ -3487,7 +3487,7 @@ AC_DEFUN([CURL_CHECK_FUNC_SOCKET], [
       $curl_includes_bsdsocket
       $curl_includes_sys_socket
     ]],[[
-      if(0 != socket(0, 0, 0))
+      if(socket(0, 0, 0) != 0)
         return 1;
     ]])
   ],[
@@ -3521,7 +3521,7 @@ AC_DEFUN([CURL_CHECK_FUNC_SOCKET], [
         $curl_includes_bsdsocket
         $curl_includes_sys_socket
       ]],[[
-        if(0 != socket(0, 0, 0))
+        if(socket(0, 0, 0) != 0)
           return 1;
       ]])
     ],[
@@ -3607,7 +3607,7 @@ AC_DEFUN([CURL_CHECK_FUNC_SOCKETPAIR], [
         $curl_includes_sys_socket
       ]],[[
         int sv[2];
-        if(0 != socketpair(0, 0, 0, sv))
+        if(socketpair(0, 0, 0, sv) != 0)
           return 1;
       ]])
     ],[
@@ -3692,7 +3692,7 @@ AC_DEFUN([CURL_CHECK_FUNC_STRCASECMP], [
       AC_LANG_PROGRAM([[
         $curl_includes_string
       ]],[[
-        if(0 != strcasecmp("", ""))
+        if(strcasecmp("", "") != 0)
           return 1;
       ]])
     ],[
@@ -3776,7 +3776,7 @@ AC_DEFUN([CURL_CHECK_FUNC_STRCMPI], [
       AC_LANG_PROGRAM([[
         $curl_includes_string
       ]],[[
-        if(0 != strcmpi(0, 0))
+        if(strcmpi(0, 0) != 0)
           return 1;
       ]])
     ],[
@@ -3971,7 +3971,7 @@ AC_DEFUN([CURL_CHECK_FUNC_STRERROR_R], [
         $curl_includes_string
       ]],[[
         char s[1];
-        if(0 != strerror_r(0, s, 0))
+        if(strerror_r(0, s, 0) != 0)
           return 1;
       ]])
     ],[
@@ -3994,7 +3994,7 @@ AC_DEFUN([CURL_CHECK_FUNC_STRERROR_R], [
             char *strerror_r(int errnum, char *workbuf, $arg3 bufsize);
           ]],[[
             char s[1];
-            if(0 != strerror_r(0, s, 0))
+            if(strerror_r(0, s, 0) != 0)
               return 1;
             (void)s;
           ]])
@@ -4057,7 +4057,7 @@ AC_DEFUN([CURL_CHECK_FUNC_STRERROR_R], [
             int strerror_r(int errnum, char *resultbuf, $arg3 bufsize);
           ]],[[
             char s[1];
-            if(0 != strerror_r(0, s, 0))
+            if(strerror_r(0, s, 0) != 0)
               return 1;
             (void)s;
           ]])
@@ -4213,7 +4213,7 @@ AC_DEFUN([CURL_CHECK_FUNC_STRICMP], [
       AC_LANG_PROGRAM([[
         $curl_includes_string
       ]],[[
-        if(0 != stricmp(0, 0))
+        if(stricmp(0, 0) != 0)
           return 1;
       ]])
     ],[
@@ -4380,8 +4380,8 @@ AC_DEFUN([CURL_SIZEOF], [
         $2
       ]],[
         switch(0) {
-          case 0:
-          case (sizeof($1) == $typesize):;
+        case 0:
+        case (sizeof($1) == $typesize):;
         }
       ])
     ],[
diff --git a/packages/OS400/ccsidcurl.c b/packages/OS400/ccsidcurl.c
index b176def67d..0982eed639 100644
--- a/packages/OS400/ccsidcurl.c
+++ b/packages/OS400/ccsidcurl.c
@@ -46,20 +46,17 @@
 #include "os400sys.h"
 
 #ifndef SIZE_MAX
-#define SIZE_MAX        ((size_t) ~0)   /* Is unsigned on OS/400. */
+#define SIZE_MAX ((size_t)~0)   /* Is unsigned on OS/400. */
 #endif
 
+#define ASCII_CCSID         819     /* Use ISO-8859-1 as ASCII. */
+#define NOCONV_CCSID        65535   /* No conversion. */
+#define ICONV_ID_SIZE       32 /* Size of iconv_open() code identifier. */
+#define ICONV_OPEN_ERROR(t) ((t).return_value == -1)
 
-#define ASCII_CCSID     819     /* Use ISO-8859-1 as ASCII. */
-#define NOCONV_CCSID    65535   /* No conversion. */
-#define ICONV_ID_SIZE   32      /* Size of iconv_open() code identifier. */
-#define ICONV_OPEN_ERROR(t)     ((t).return_value == -1)
+#define ALLOC_GRANULE 8 /* Alloc. granule for curl_formadd_ccsid(). */
 
-#define ALLOC_GRANULE   8       /* Alloc. granule for curl_formadd_ccsid(). */
-
-
-static void
-makeOS400IconvCode(char buf[ICONV_ID_SIZE], unsigned int ccsid)
+static void makeOS400IconvCode(char buf[ICONV_ID_SIZE], unsigned int ccsid)
 {
   /**
   *** Convert a CCSID to the corresponding IBM iconv_open() character
@@ -78,10 +75,8 @@ makeOS400IconvCode(char buf[ICONV_ID_SIZE], unsigned int ccsid)
   curl_msprintf(buf, "IBMCCSID%05u0000000", ccsid);
 }
 
-
-static iconv_t
-iconv_open_CCSID(unsigned int ccsidout, unsigned int ccsidin,
-                 unsigned int cstr)
+static iconv_t iconv_open_CCSID(unsigned int ccsidout, unsigned int ccsidin,
+                                unsigned int cstr)
 {
   char fromcode[ICONV_ID_SIZE];
   char tocode[ICONV_ID_SIZE];
@@ -95,18 +90,16 @@ iconv_open_CCSID(unsigned int ccsidout, unsigned int ccsidin,
 
   makeOS400IconvCode(fromcode, ccsidin);
   makeOS400IconvCode(tocode, ccsidout);
-  memset(tocode + 13, 0, sizeof(tocode) - 13);   /* Dest. code id format. */
+  memset(tocode + 13, 0, sizeof(tocode) - 13); /* Dest. code id format. */
 
   if(cstr)
-    fromcode[18] = '1';                         /* Set null-terminator flag. */
+    fromcode[18] = '1'; /* Set null-terminator flag. */
 
   return iconv_open(tocode, fromcode);
 }
 
-
-static int
-convert(char *d, size_t dlen, int dccsid,
-        const char *s, int slen, int sccsid)
+static int convert(char *d, size_t dlen, int dccsid, const char *s, int slen,
+                   int sccsid)
 {
   int i;
   iconv_t cd;
@@ -141,7 +134,7 @@ convert(char *d, size_t dlen, int dccsid,
     cd = iconv_open_CCSID(dccsid, sccsid, 1);
   }
   else {
-    lslen = (size_t) slen;
+    lslen = (size_t)slen;
     cd = iconv_open_CCSID(dccsid, sccsid, 0);
   }
 
@@ -150,7 +143,7 @@ convert(char *d, size_t dlen, int dccsid,
 
   i = dlen;
 
-  if((int) iconv(cd, (char * *) &s, &lslen, &d, &dlen) < 0)
+  if((int)iconv(cd, (char **)&s, &lslen, &d, &dlen) < 0)
     i = -1;
   else
     i -= dlen;
@@ -159,7 +152,6 @@ convert(char *d, size_t dlen, int dccsid,
   return i;
 }
 
-
 static char *dynconvert(int dccsid, const char *s, int slen, int sccsid,
                         int *olen)
 {
@@ -171,18 +163,18 @@ static char *dynconvert(int dccsid, const char *s, int slen, int sccsid,
 
   /* Like convert, but the destination is allocated and returned. */
 
-  dlen = (size_t) (slen < 0 ? strlen(s) : slen) + 1;
-  dlen *= MAX_CONV_EXPANSION;           /* Allow some expansion. */
+  dlen = (size_t)(slen < 0 ? strlen(s) : slen) + 1;
+  dlen *= MAX_CONV_EXPANSION; /* Allow some expansion. */
   d = malloc(dlen);
 
   if(!d)
-    return (char *) NULL;
+    return (char *)NULL;
 
   l = convert(d, dlen, dccsid, s, slen, sccsid);
 
   if(l < 0) {
     free(d);
-    return (char *) NULL;
+    return (char *)NULL;
   }
 
   if(slen < 0) {
@@ -194,14 +186,14 @@ static char *dynconvert(int dccsid, const char *s, int slen, int sccsid,
 
     if(l2 < 0) {
       free(d);
-      return (char *) NULL;
+      return (char *)NULL;
     }
 
     l += l2;
   }
 
-  if((size_t) l < dlen) {
-    cp = realloc(d, l);         /* Shorten to minimum needed. */
+  if((size_t)l < dlen) {
+    cp = realloc(d, l); /* Shorten to minimum needed. */
 
     if(cp)
       d = cp;
@@ -212,11 +204,10 @@ static char *dynconvert(int dccsid, const char *s, int slen, int sccsid,
   return d;
 }
 
-
-static struct curl_slist *
-slist_convert(int dccsid, struct curl_slist *from, int sccsid)
+static struct curl_slist *slist_convert(int dccsid, struct curl_slist *from,
+                                        int sccsid)
 {
-  struct curl_slist *to = (struct curl_slist *) NULL;
+  struct curl_slist *to = (struct curl_slist *)NULL;
 
   for(; from; from = from->next) {
     struct curl_slist *nl;
@@ -224,7 +215,7 @@ slist_convert(int dccsid, struct curl_slist *from, int sccsid)
 
     if(!cp) {
       curl_slist_free_all(to);
-      return (struct curl_slist *) NULL;
+      return (struct curl_slist *)NULL;
     }
     nl = Curl_slist_append_nodup(to, cp);
     if(!nl) {
@@ -237,15 +228,14 @@ slist_convert(int dccsid, struct curl_slist *from, int sccsid)
   return to;
 }
 
-
-static char *
-keyed_string(localkey_t key, const char *ascii, unsigned int ccsid)
+static char *keyed_string(localkey_t key, const char *ascii,
+                          unsigned int ccsid)
 {
   int i;
   char *ebcdic;
 
   if(!ascii)
-    return (char *) NULL;
+    return (char *)NULL;
 
   i = MAX_CONV_EXPANSION * (strlen(ascii) + 1);
 
@@ -254,40 +244,32 @@ keyed_string(localkey_t key, const char *ascii, unsigned int ccsid)
     return ebcdic;
 
   if(convert(ebcdic, i, ccsid, ascii, -1, ASCII_CCSID) < 0)
-    return (char *) NULL;
+    return (char *)NULL;
 
   return ebcdic;
 }
 
-
-const char *
-curl_to_ccsid(const char *s, unsigned int ccsid)
+const char *curl_to_ccsid(const char *s, unsigned int ccsid)
 {
   if(s)
     s = dynconvert(ccsid, s, -1, ASCII_CCSID, NULL);
   return s;
 }
 
-
-const char *
-curl_from_ccsid(const char *s, unsigned int ccsid)
+const char *curl_from_ccsid(const char *s, unsigned int ccsid)
 {
   if(s)
     s = dynconvert(ASCII_CCSID, s, -1, ccsid, NULL);
   return s;
 }
 
-
-char *
-curl_version_ccsid(unsigned int ccsid)
+char *curl_version_ccsid(unsigned int ccsid)
 {
   return keyed_string(LK_CURL_VERSION, curl_version(), ccsid);
 }
 
-
-char *
-curl_easy_escape_ccsid(CURL *handle, const char *string, int length,
-                       unsigned int sccsid, unsigned int dccsid)
+char *curl_easy_escape_ccsid(CURL *handle, const char *string, int length,
+                             unsigned int sccsid, unsigned int dccsid)
 {
   char *s;
   char *d;
@@ -295,30 +277,28 @@ curl_easy_escape_ccsid(CURL *handle, const char *string, int length,
   if(!string) {
     /* !checksrc! disable ERRNOVAR 1 */
     errno = EINVAL;
-    return (char *) NULL;
+    return (char *)NULL;
   }
 
   s = dynconvert(ASCII_CCSID, string, length ? length : -1, sccsid, NULL);
 
   if(!s)
-    return (char *) NULL;
+    return (char *)NULL;
 
   d = curl_easy_escape(handle, s, 0);
   free(s);
 
   if(!d)
-    return (char *) NULL;
+    return (char *)NULL;
 
   s = dynconvert(dccsid, d, -1, ASCII_CCSID, NULL);
   free(d);
   return s;
 }
 
-
-char *
-curl_easy_unescape_ccsid(CURL *handle, const char *string, int length,
-                         int *outlength,
-                         unsigned int sccsid, unsigned int dccsid)
+char *curl_easy_unescape_ccsid(CURL *handle, const char *string, int length,
+                               int *outlength, unsigned int sccsid,
+                               unsigned int dccsid)
 {
   char *s;
   char *d;
@@ -326,19 +306,19 @@ curl_easy_unescape_ccsid(CURL *handle, const char *string, int length,
   if(!string) {
     /* !checksrc! disable ERRNOVAR 1 */
     errno = EINVAL;
-    return (char *) NULL;
+    return (char *)NULL;
   }
 
   s = dynconvert(ASCII_CCSID, string, length ? length : -1, sccsid, NULL);
 
   if(!s)
-    return (char *) NULL;
+    return (char *)NULL;
 
   d = curl_easy_unescape(handle, s, 0, outlength);
   free(s);
 
   if(!d)
-    return (char *) NULL;
+    return (char *)NULL;
 
   s = dynconvert(dccsid, d, -1, ASCII_CCSID, NULL);
   free(d);
@@ -349,14 +329,13 @@ curl_easy_unescape_ccsid(CURL *handle, const char *string, int length,
   return s;
 }
 
-
-struct curl_slist *
-curl_slist_append_ccsid(struct curl_slist *list,
-                        const char *data, unsigned int ccsid)
+struct curl_slist *curl_slist_append_ccsid(struct curl_slist *list,
+                                           const char *data,
+                                           unsigned int ccsid)
 {
   char *s;
 
-  s = (char *) NULL;
+  s = (char *)NULL;
 
   if(!data)
     return curl_slist_append(list, data);
@@ -364,16 +343,15 @@ curl_slist_append_ccsid(struct curl_slist *list,
   s = dynconvert(ASCII_CCSID, data, -1, ccsid, NULL);
 
   if(!s)
-    return (struct curl_slist *) NULL;
+    return (struct curl_slist *)NULL;
 
   list = curl_slist_append(list, s);
   free(s);
   return list;
 }
 
-
-time_t
-curl_getdate_ccsid(const char *p, const time_t *unused, unsigned int ccsid)
+time_t curl_getdate_ccsid(const char *p, const time_t *unused,
+                          unsigned int ccsid)
 {
   char *s;
   time_t t;
@@ -384,17 +362,15 @@ curl_getdate_ccsid(const char *p, const time_t *unused, unsigned int ccsid)
   s = dynconvert(ASCII_CCSID, p, -1, ccsid, NULL);
 
   if(!s)
-    return (time_t) -1;
+    return (time_t)-1;
 
   t = curl_getdate(s, unused);
   free(s);
   return t;
 }
 
-
-static int
-convert_version_info_string(const char **stringp,
-                            char **bufp, int *left, unsigned int ccsid)
+static int convert_version_info_string(const char **stringp, char **bufp,
+                                       int *left, unsigned int ccsid)
 {
   /* Helper for curl_version_info_ccsid(): convert a string if defined.
      Result is stored in the `*left'-byte buffer at `*bufp'.
@@ -415,9 +391,8 @@ convert_version_info_string(const char **stringp,
   return 0;
 }
 
-
-curl_version_info_data *
-curl_version_info_ccsid(CURLversion stamp, unsigned int ccsid)
+curl_version_info_data *curl_version_info_ccsid(CURLversion stamp,
+                                                unsigned int ccsid)
 {
   curl_version_info_data *p;
   char *cp;
@@ -457,7 +432,7 @@ curl_version_info_ccsid(CURLversion stamp, unsigned int ccsid)
   /* If caller has been compiled with a newer version, error. */
 
   if(stamp > CURLVERSION_NOW)
-    return (curl_version_info_data *) NULL;
+    return (curl_version_info_data *)NULL;
 
   p = curl_version_info(stamp);
 
@@ -477,7 +452,7 @@ curl_version_info_ccsid(CURLversion stamp, unsigned int ccsid)
   }
 
   for(i = 0; i < sizeof(charfields) / sizeof(charfields[0]); i++) {
-    cpp = (const char **) ((char *) p + charfields[i]);
+    cpp = (const char **)((char *)p + charfields[i]);
     if(*cpp)
       n += strlen(*cpp) + 1;
   }
@@ -490,70 +465,60 @@ curl_version_info_ccsid(CURLversion stamp, unsigned int ccsid)
     n += nproto * sizeof(const char *);
 
   cp = Curl_thread_buffer(LK_VERSION_INFO_DATA, n);
-  id = (curl_version_info_data *) Curl_thread_buffer(LK_VERSION_INFO,
-                                                     sizeof(*id));
+  id = (curl_version_info_data *)Curl_thread_buffer(LK_VERSION_INFO,
+                                                    sizeof(*id));
 
   if(!id || !cp)
-    return (curl_version_info_data *) NULL;
+    return (curl_version_info_data *)NULL;
 
   /* Copy data and convert strings. */
 
-  memcpy((char *) id, (char *) p, sizeof(*p));
+  memcpy((char *)id, (char *)p, sizeof(*p));
 
   if(id->protocols) {
     i = nproto * sizeof(id->protocols[0]);
 
-    id->protocols = (const char * const *) cp;
-    memcpy(cp, (char *) p->protocols, i);
+    id->protocols = (const char * const *)cp;
+    memcpy(cp, (char *)p->protocols, i);
     cp += i;
     n -= i;
 
     for(i = 0; id->protocols[i]; i++)
-      if(convert_version_info_string(((const char * *) id->protocols) + i,
-                                      &cp, &n, ccsid))
-        return (curl_version_info_data *) NULL;
+      if(convert_version_info_string(((const char **)id->protocols) + i,
+                                     &cp, &n, ccsid))
+        return (curl_version_info_data *)NULL;
   }
 
   for(i = 0; i < sizeof(charfields) / sizeof(charfields[0]); i++) {
-    cpp = (const char **) ((char *) p + charfields[i]);
+    cpp = (const char **)((char *)p + charfields[i]);
     if(*cpp && convert_version_info_string(cpp, &cp, &n, ccsid))
-      return (curl_version_info_data *) NULL;
+      return (curl_version_info_data *)NULL;
   }
 
   return id;
 }
 
-
-const char *
-curl_easy_strerror_ccsid(CURLcode error, unsigned int ccsid)
+const char *curl_easy_strerror_ccsid(CURLcode error, unsigned int ccsid)
 {
   return keyed_string(LK_EASY_STRERROR, curl_easy_strerror(error), ccsid);
 }
 
-
-const char *
-curl_share_strerror_ccsid(CURLSHcode error, unsigned int ccsid)
+const char *curl_share_strerror_ccsid(CURLSHcode error, unsigned int ccsid)
 {
   return keyed_string(LK_SHARE_STRERROR, curl_share_strerror(error), ccsid);
 }
 
-
-const char *
-curl_multi_strerror_ccsid(CURLMcode error, unsigned int ccsid)
+const char *curl_multi_strerror_ccsid(CURLMcode error, unsigned int ccsid)
 {
   return keyed_string(LK_MULTI_STRERROR, curl_multi_strerror(error), ccsid);
 }
 
-
-const char *
-curl_url_strerror_ccsid(CURLUcode error, unsigned int ccsid)
+const char *curl_url_strerror_ccsid(CURLUcode error, unsigned int ccsid)
 {
   return keyed_string(LK_URL_STRERROR, curl_url_strerror(error), ccsid);
 }
 
-
-void
-curl_certinfo_free_all(struct curl_certinfo *info)
+void curl_certinfo_free_all(struct curl_certinfo *info)
 {
   /* Free all memory used by certificate info. */
   if(info) {
@@ -562,15 +527,13 @@ curl_certinfo_free_all(struct curl_certinfo *info)
 
       for(i = 0; i < info->num_of_certs; i++)
         curl_slist_free_all(info->certinfo[i]);
-      free((char *) info->certinfo);
+      free((char *)info->certinfo);
     }
-    free((char *) info);
+    free((char *)info);
   }
 }
 
-
-CURLcode
-curl_easy_getinfo_ccsid(CURL *curl, CURLINFO info, ...)
+CURLcode curl_easy_getinfo_ccsid(CURL *curl, CURLINFO info, ...)
 {
   va_list arg;
   void *paramp;
@@ -580,7 +543,7 @@ curl_easy_getinfo_ccsid(CURL *curl, CURLINFO info, ...)
   /* WARNING: unlike curl_easy_getinfo(), the strings returned by this
      procedure have to be free'ed. */
 
-  data = (struct Curl_easy *) curl;
+  data = (struct Curl_easy *)curl;
   va_start(arg, info);
   paramp = va_arg(arg, void *);
   ret = Curl_getinfo(data, info, paramp);
@@ -592,11 +555,11 @@ curl_easy_getinfo_ccsid(CURL *curl, CURLINFO info, ...)
     struct curl_certinfo *cipf;
     struct curl_certinfo *cipt;
 
-    switch((int) info & CURLINFO_TYPEMASK) {
+    switch((int)info & CURLINFO_TYPEMASK) {
 
     case CURLINFO_STRING:
       ccsid = va_arg(arg, unsigned int);
-      cpp = (char * *) paramp;
+      cpp = (char **)paramp;
 
       if(*cpp) {
         *cpp = dynconvert(ccsid, *cpp, -1, ASCII_CCSID, NULL);
@@ -611,15 +574,15 @@ curl_easy_getinfo_ccsid(CURL *curl, CURLINFO info, ...)
       ccsid = va_arg(arg, unsigned int);
       switch(info) {
       case CURLINFO_CERTINFO:
-        cipf = *(struct curl_certinfo * *) paramp;
+        cipf = *(struct curl_certinfo **)paramp;
         if(cipf) {
-          cipt = (struct curl_certinfo *) malloc(sizeof(*cipt));
+          cipt = (struct curl_certinfo *)malloc(sizeof(*cipt));
           if(!cipt)
             ret = CURLE_OUT_OF_MEMORY;
           else {
-            cipt->certinfo = (struct curl_slist **)
-              calloc(cipf->num_of_certs +
-                     1, sizeof(struct curl_slist *));
+            cipt->certinfo =
+              (struct curl_slist **)calloc(cipf->num_of_certs + 1,
+                                           sizeof(struct curl_slist *));
             if(!cipt->certinfo)
               ret = CURLE_OUT_OF_MEMORY;
             else {
@@ -629,20 +592,20 @@ curl_easy_getinfo_ccsid(CURL *curl, CURLINFO info, ...)
               for(i = 0; i < cipf->num_of_certs; i++)
                 if(cipf->certinfo[i])
                   if(!(cipt->certinfo[i] = slist_convert(ccsid,
-                                                          cipf->certinfo[i],
-                                                          ASCII_CCSID))) {
+                                                         cipf->certinfo[i],
+                                                         ASCII_CCSID))) {
                     ret = CURLE_OUT_OF_MEMORY;
                     break;
                   }
-              }
             }
+          }
 
           if(ret != CURLE_OK) {
             curl_certinfo_free_all(cipt);
-            cipt = (struct curl_certinfo *) NULL;
+            cipt = (struct curl_certinfo *)NULL;
           }
 
-          *(struct curl_certinfo * *) paramp = cipt;
+          *(struct curl_certinfo **)paramp = cipt;
         }
 
         break;
@@ -653,7 +616,7 @@ curl_easy_getinfo_ccsid(CURL *curl, CURLINFO info, ...)
         break;
 
       default:
-        slp = (struct curl_slist **) paramp;
+        slp = (struct curl_slist **)paramp;
         if(*slp) {
           *slp = slist_convert(ccsid, *slp, ASCII_CCSID);
           if(!*slp)
@@ -668,9 +631,7 @@ curl_easy_getinfo_ccsid(CURL *curl, CURLINFO info, ...)
   return ret;
 }
 
-
-static int
-Curl_is_formadd_string(CURLformoption option)
+static int Curl_is_formadd_string(CURLformoption option)
 {
   switch(option) {
 
@@ -687,23 +648,20 @@ Curl_is_formadd_string(CURLformoption option)
   return 0;
 }
 
-
-static void
-Curl_formadd_release_local(struct curl_forms *forms, int nargs, int skip)
+static void Curl_formadd_release_local(struct curl_forms *forms, int nargs,
+                                       int skip)
 {
   while(nargs--)
     if(nargs != skip)
       if(Curl_is_formadd_string(forms[nargs].option))
         if(forms[nargs].value)
-          free((char *) forms[nargs].value);
+          free((char *)forms[nargs].value);
 
-  free((char *) forms);
+  free((char *)forms);
 }
 
-
-static int
-Curl_formadd_convert(struct curl_forms *forms,
-                     int formx, int lengthx, unsigned int ccsid)
+static int Curl_formadd_convert(struct curl_forms *forms, int formx,
+                                int lengthx, unsigned int ccsid)
 {
   int l;
   char *cp;
@@ -713,7 +671,7 @@ Curl_formadd_convert(struct curl_forms *forms,
     return 0;
 
   if(lengthx >= 0)
-    l = (int) forms[lengthx].value;
+    l = (int)forms[lengthx].value;
   else
     l = strlen(forms[formx].value) + 1;
 
@@ -722,15 +680,15 @@ Curl_formadd_convert(struct curl_forms *forms,
   if(!cp)
     return -1;
 
-  l = convert(cp, MAX_CONV_EXPANSION * l, ASCII_CCSID,
-              forms[formx].value, l, ccsid);
+  l = convert(cp, MAX_CONV_EXPANSION * l, ASCII_CCSID, forms[formx].value, l,
+              ccsid);
 
   if(l < 0) {
     free(cp);
     return -1;
   }
 
-  cp2 = realloc(cp, l);         /* Shorten buffer to the string size. */
+  cp2 = realloc(cp, l); /* Shorten buffer to the string size. */
 
   if(cp2)
     cp = cp2;
@@ -738,15 +696,13 @@ Curl_formadd_convert(struct curl_forms *forms,
   forms[formx].value = cp;
 
   if(lengthx >= 0)
-    forms[lengthx].value = (char *) l;  /* Update length after conversion. */
+    forms[lengthx].value = (char *)l; /* Update length after conversion. */
 
   return l;
 }
 
-
-CURLFORMcode
-curl_formadd_ccsid(struct curl_httppost **httppost,
-                   struct curl_httppost **last_post, ...)
+CURLFORMcode curl_formadd_ccsid(struct curl_httppost **httppost,
+                                struct curl_httppost **last_post, ...)
 {
   va_list arg;
   CURLformoption option;
@@ -797,7 +753,7 @@ curl_formadd_ccsid(struct curl_httppost **httppost,
   lengthx = -1;
   namex = -1;
   namelengthx = -1;
-  forms = (struct curl_forms *) NULL;
+  forms = (struct curl_forms *)NULL;
   va_start(arg, last_post);
 
   for(;;) {
@@ -831,14 +787,14 @@ curl_formadd_ccsid(struct curl_httppost **httppost,
 
       if(option == CURLFORM_END)
         break;
-      }
+    }
 
     /* Dispatch by option. */
 
     switch(option) {
 
     case CURLFORM_END:
-      forms = (struct curl_forms *) NULL;       /* Leave array mode. */
+      forms = (struct curl_forms *)NULL; /* Leave array mode. */
       continue;
 
     case CURLFORM_ARRAY:
@@ -851,7 +807,7 @@ curl_formadd_ccsid(struct curl_httppost **httppost,
       break;
 
     case CURLFORM_COPYNAME:
-      option = CURLFORM_PTRNAME;                /* Static for now. */
+      option = CURLFORM_PTRNAME; /* Static for now. */
 
     case CURLFORM_PTRNAME:
       if(namex >= 0)
@@ -861,10 +817,10 @@ curl_formadd_ccsid(struct curl_httppost **httppost,
 
       if(!forms) {
         value = va_arg(arg, char *);
-        nameccsid = (unsigned int) va_arg(arg, long);
+        nameccsid = (unsigned int)va_arg(arg, long);
       }
       else {
-        nameccsid = (unsigned int) forms->value;
+        nameccsid = (unsigned int)forms->value;
         forms++;
       }
 
@@ -878,10 +834,10 @@ curl_formadd_ccsid(struct curl_httppost **httppost,
 
       if(!forms) {
         value = va_arg(arg, char *);
-        contentccsid = (unsigned int) va_arg(arg, long);
+        contentccsid = (unsigned int)va_arg(arg, long);
       }
       else {
-        contentccsid = (unsigned int) forms->value;
+        contentccsid = (unsigned int)forms->value;
         forms++;
       }
 
@@ -890,7 +846,7 @@ curl_formadd_ccsid(struct curl_httppost **httppost,
     case CURLFORM_PTRCONTENTS:
     case CURLFORM_BUFFERPTR:
       if(!forms)
-        value = va_arg(arg, char *);            /* No conversion. */
+        value = va_arg(arg, char *); /* No conversion. */
 
       break;
 
@@ -898,7 +854,7 @@ curl_formadd_ccsid(struct curl_httppost **httppost,
       lengthx = nargs;
 
       if(!forms)
-        value = (char *) va_arg(arg, long);
+        value = (char *)va_arg(arg, long);
 
       break;
 
@@ -906,7 +862,7 @@ curl_formadd_ccsid(struct curl_httppost **httppost,
       lengthx = nargs;
 
       if(!forms)
-        value = (char *) va_arg(arg, curl_off_t);
+        value = (char *)va_arg(arg, curl_off_t);
 
       break;
 
@@ -914,25 +870,25 @@ curl_formadd_ccsid(struct curl_httppost **httppost,
       namelengthx = nargs;
 
       if(!forms)
-        value = (char *) va_arg(arg, long);
+        value = (char *)va_arg(arg, long);
 
       break;
 
     case CURLFORM_BUFFERLENGTH:
       if(!forms)
-        value = (char *) va_arg(arg, long);
+        value = (char *)va_arg(arg, long);
 
       break;
 
     case CURLFORM_CONTENTHEADER:
       if(!forms)
-        value = (char *) va_arg(arg, struct curl_slist *);
+        value = (char *)va_arg(arg, struct curl_slist *);
 
       break;
 
     case CURLFORM_STREAM:
       if(!forms)
-        value = (char *) va_arg(arg, void *);
+        value = (char *)va_arg(arg, void *);
 
       break;
 
@@ -958,10 +914,10 @@ curl_formadd_ccsid(struct curl_httppost **httppost,
 
       if(!forms) {
         value = va_arg(arg, char *);
-        ccsid = (unsigned int) va_arg(arg, long);
+        ccsid = (unsigned int)va_arg(arg, long);
       }
       else {
-        ccsid = (unsigned int) forms->value;
+        ccsid = (unsigned int)forms->value;
         forms++;
       }
 
@@ -992,15 +948,15 @@ curl_formadd_ccsid(struct curl_httppost **httppost,
     if(Curl_formadd_convert(lforms, namex, namelengthx, nameccsid) < 0)
       result = CURL_FORMADD_MEMORY;
     else
-      lforms[namex].option = CURLFORM_COPYNAME;         /* Force copy. */
-    }
+      lforms[namex].option = CURLFORM_COPYNAME; /* Force copy. */
+  }
 
   if(result == CURL_FORMADD_OK) {
     if(Curl_formadd_convert(lforms, contentx, lengthx, contentccsid) < 0)
       result = CURL_FORMADD_MEMORY;
     else
       contentx = -1;
-    }
+  }
 
   /* Do the formadd with our converted parameters. */
 
@@ -1008,7 +964,7 @@ curl_formadd_ccsid(struct curl_httppost **httppost,
     lforms[nargs].option = CURLFORM_END;
     result = curl_formadd(httppost, last_post,
                           CURLFORM_ARRAY, lforms, CURLFORM_END);
-    }
+  }
 
   /* Terminate. */
 
@@ -1016,37 +972,35 @@ curl_formadd_ccsid(struct curl_httppost **httppost,
   return result;
 }
 
-
 struct cfcdata {
   curl_formget_callback append;
   void *                arg;
   unsigned int          ccsid;
 };
 
-
-static size_t
-Curl_formget_callback_ccsid(void *arg, const char *buf, size_t len)
+static size_t Curl_formget_callback_ccsid(void *arg, const char *buf,
+                                          size_t len)
 {
   struct cfcdata *p;
   char *b;
   int l;
   size_t ret;
 
-  p = (struct cfcdata *) arg;
+  p = (struct cfcdata *)arg;
 
-  if((long) len <= 0)
+  if((long)len <= 0)
     return (*p->append)(p->arg, buf, len);
 
   b = malloc(MAX_CONV_EXPANSION * len);
 
   if(!b)
-    return (size_t) -1;
+    return (size_t)-1;
 
   l = convert(b, MAX_CONV_EXPANSION * len, p->ccsid, buf, len, ASCII_CCSID);
 
   if(l < 0) {
     free(b);
-    return (size_t) -1;
+    return (size_t)-1;
   }
 
   ret = (*p->append)(p->arg, b, l);
@@ -1054,22 +1008,18 @@ Curl_formget_callback_ccsid(void *arg, const char *buf, size_t len)
   return ret == l ? len : -1;
 }
 
-
-int
-curl_formget_ccsid(struct curl_httppost *form, void *arg,
-                   curl_formget_callback append, unsigned int ccsid)
+int curl_formget_ccsid(struct curl_httppost *form, void *arg,
+                       curl_formget_callback append, unsigned int ccsid)
 {
   struct cfcdata lcfc;
 
   lcfc.append = append;
   lcfc.arg = arg;
   lcfc.ccsid = ccsid;
-  return curl_formget(form, (void *) &lcfc, Curl_formget_callback_ccsid);
+  return curl_formget(form, (void *)&lcfc, Curl_formget_callback_ccsid);
 }
 
-
-CURLcode
-curl_easy_setopt_ccsid(CURL *easy, CURLoption tag, ...)
+CURLcode curl_easy_setopt_ccsid(CURL *easy, CURLoption tag, ...)
 {
   CURLcode result;
   va_list arg;
@@ -1247,13 +1197,13 @@ curl_easy_setopt_ccsid(CURL *easy, CURLoption tag, ...)
         break;
       }
 
-      data->set.postfieldsize = pfsize;         /* Replace data size. */
+      data->set.postfieldsize = pfsize; /* Replace data size. */
       s = cp;
       cp = NULL;
     }
 
     result = curl_easy_setopt(easy, CURLOPT_POSTFIELDS, s);
-    data->set.str[STRING_COPYPOSTFIELDS] = s;   /* Give to library. */
+    data->set.str[STRING_COPYPOSTFIELDS] = s; /* Give to library. */
     break;
 
   default:
@@ -1265,7 +1215,7 @@ curl_easy_setopt_ccsid(CURL *easy, CURLoption tag, ...)
 
       if(bp && bp->data && bp->len &&
          ccsid != NOCONV_CCSID && ccsid != ASCII_CCSID) {
-        pfsize = (curl_off_t) bp->len * MAX_CONV_EXPANSION;
+        pfsize = (curl_off_t)bp->len * MAX_CONV_EXPANSION;
 
         if(pfsize > SIZE_MAX)
           pfsize = SIZE_MAX;
@@ -1293,7 +1243,7 @@ curl_easy_setopt_ccsid(CURL *easy, CURLoption tag, ...)
       break;
     }
     FALLTHROUGH();
-  case CURLOPT_ERRORBUFFER:                     /* This is an output buffer. */
+  case CURLOPT_ERRORBUFFER: /* This is an output buffer. */
     result = Curl_vsetopt(easy, tag, arg);
     break;
   }
@@ -1303,46 +1253,39 @@ curl_easy_setopt_ccsid(CURL *easy, CURLoption tag, ...)
   return result;
 }
 
-
 /* ILE/RPG helper functions. */
 
-char *
-curl_form_long_value(long value)
+char *curl_form_long_value(long value)
 {
   /* ILE/RPG cannot cast an integer to a pointer. This procedure does it. */
 
-  return (char *) value;
+  return (char *)value;
 }
 
-
-CURLcode
-curl_easy_setopt_RPGnum_(CURL *easy, CURLoption tag, curl_off_t arg)
+CURLcode curl_easy_setopt_RPGnum_(CURL *easy, CURLoption tag, curl_off_t arg)
 {
   /* ILE/RPG procedure overloading cannot discriminate between different
      size and/or signedness of format arguments. This provides a generic
      wrapper that adapts size to the given tag expectation.
      This procedure is not intended to be explicitly called from user code. */
   if(tag / 10000 != CURLOPTTYPE_OFF_T)
-    return curl_easy_setopt(easy, tag, (long) arg);
+    return curl_easy_setopt(easy, tag, (long)arg);
   return curl_easy_setopt(easy, tag, arg);
 }
 
-
-CURLcode
-curl_multi_setopt_RPGnum_(CURLM *multi, CURLMoption tag, curl_off_t arg)
+CURLcode curl_multi_setopt_RPGnum_(CURLM *multi, CURLMoption tag,
+                                   curl_off_t arg)
 {
   /* Likewise, for multi handle. */
   if(tag / 10000 != CURLOPTTYPE_OFF_T)
-    return curl_multi_setopt(multi, tag, (long) arg);
+    return curl_multi_setopt(multi, tag, (long)arg);
   return curl_multi_setopt(multi, tag, arg);
 }
 
-
-char *
-curl_pushheader_bynum_cssid(struct curl_pushheaders *h,
-                            size_t num, unsigned int ccsid)
+char *curl_pushheader_bynum_cssid(struct curl_pushheaders *h, size_t num,
+                                  unsigned int ccsid)
 {
-  char *d = (char *) NULL;
+  char *d = (char *)NULL;
   char *s = curl_pushheader_bynum(h, num);
 
   if(s)
@@ -1351,19 +1294,18 @@ curl_pushheader_bynum_cssid(struct curl_pushheaders *h,
   return d;
 }
 
-
-char *
-curl_pushheader_byname_ccsid(struct curl_pushheaders *h, const char *header,
-                             unsigned int ccsidin, unsigned int ccsidout)
+char *curl_pushheader_byname_ccsid(struct curl_pushheaders *h,
+                                   const char *header, unsigned int ccsidin,
+                                   unsigned int ccsidout)
 {
-  char *d = (char *) NULL;
+  char *d = (char *)NULL;
 
   if(header) {
     header = dynconvert(ASCII_CCSID, header, -1, ccsidin, NULL);
 
     if(header) {
       char *s = curl_pushheader_byname(h, header);
-      free((char *) header);
+      free((char *)header);
 
       if(s)
         d = dynconvert(ccsidout, s, -1, ASCII_CCSID, NULL);
@@ -1377,7 +1319,7 @@ static CURLcode
 mime_string_call(curl_mimepart *part, const char *string, unsigned int ccsid,
                  CURLcode (*mimefunc)(curl_mimepart *part, const char *string))
 {
-  char *s = (char *) NULL;
+  char *s = (char *)NULL;
   CURLcode result;
 
   if(!string)
@@ -1391,45 +1333,40 @@ mime_string_call(curl_mimepart *part, const char *string, unsigned int ccsid,
   return result;
 }
 
-CURLcode
-curl_mime_name_ccsid(curl_mimepart *part, const char *name, unsigned int ccsid)
+CURLcode curl_mime_name_ccsid(curl_mimepart *part, const char *name,
+                              unsigned int ccsid)
 {
   return mime_string_call(part, name, ccsid, curl_mime_name);
 }
 
-CURLcode
-curl_mime_filename_ccsid(curl_mimepart *part,
-                         const char *filename, unsigned int ccsid)
+CURLcode curl_mime_filename_ccsid(curl_mimepart *part, const char *filename,
+                                  unsigned int ccsid)
 {
   return mime_string_call(part, filename, ccsid, curl_mime_filename);
 }
 
-CURLcode
-curl_mime_type_ccsid(curl_mimepart *part,
-                     const char *mimetype, unsigned int ccsid)
+CURLcode curl_mime_type_ccsid(curl_mimepart *part, const char *mimetype,
+                              unsigned int ccsid)
 {
   return mime_string_call(part, mimetype, ccsid, curl_mime_type);
 }
 
-CURLcode
-curl_mime_encoder_ccsid(curl_mimepart *part,
-                       const char *encoding, unsigned int ccsid)
+CURLcode curl_mime_encoder_ccsid(curl_mimepart *part, const char *encoding,
+                                 unsigned int ccsid)
 {
   return mime_string_call(part, encoding, ccsid, curl_mime_encoder);
 }
 
-CURLcode
-curl_mime_filedata_ccsid(curl_mimepart *part,
-                         const char *filename, unsigned int ccsid)
+CURLcode curl_mime_filedata_ccsid(curl_mimepart *part, const char *filename,
+                                  unsigned int ccsid)
 {
   return mime_string_call(part, filename, ccsid, curl_mime_filedata);
 }
 
-CURLcode
-curl_mime_data_ccsid(curl_mimepart *part,
-                     const char *data, size_t datasize, unsigned int ccsid)
+CURLcode curl_mime_data_ccsid(curl_mimepart *part, const char *data,
+                              size_t datasize, unsigned int ccsid)
 {
-  char *s = (char *) NULL;
+  char *s = (char *)NULL;
   CURLcode result;
   int osize;
 
@@ -1444,9 +1381,8 @@ curl_mime_data_ccsid(curl_mimepart *part,
   return result;
 }
 
-CURLUcode
-curl_url_get_ccsid(CURLU *handle, CURLUPart what, char **part,
-                   unsigned int flags, unsigned int ccsid)
+CURLUcode curl_url_get_ccsid(CURLU *handle, CURLUPart what, char **part,
+                             unsigned int flags, unsigned int ccsid)
 {
   char *s = (char *)NULL;
   CURLUcode result;
@@ -1468,9 +1404,8 @@ curl_url_get_ccsid(CURLU *handle, CURLUPart what, char **part,
   return result;
 }
 
-CURLUcode
-curl_url_set_ccsid(CURLU *handle, CURLUPart what, const char *part,
-                   unsigned int flags, unsigned int ccsid)
+CURLUcode curl_url_set_ccsid(CURLU *handle, CURLUPart what, const char *part,
+                             unsigned int flags, unsigned int ccsid)
 {
   char *s = (char *)NULL;
   CURLUcode result;
@@ -1513,14 +1448,13 @@ curl_easy_option_get_name_ccsid(const struct curl_easyoption *option,
   if(option && option->name)
     name = dynconvert(ccsid, option->name, -1, ASCII_CCSID, NULL);
 
-  return (const char *) name;
+  return (const char *)name;
 }
 
 /* Header API CCSID support. */
-CURLHcode
-curl_easy_header_ccsid(CURL *easy, const char *name, size_t index,
-                       unsigned int origin, int request,
-                       struct curl_header **hout, unsigned int ccsid)
+CURLHcode curl_easy_header_ccsid(CURL *easy, const char *name, size_t index,
+                                 unsigned int origin, int request,
+                                 struct curl_header **hout, unsigned int ccsid)
 {
   CURLHcode result = CURLHE_BAD_ARGUMENT;
 
diff --git a/packages/OS400/ccsidcurl.h b/packages/OS400/ccsidcurl.h
index ab01d32b85..f9e667a9e4 100644
--- a/packages/OS400/ccsidcurl.h
+++ b/packages/OS400/ccsidcurl.h
@@ -28,7 +28,6 @@
 #include "easy.h"
 #include "multi.h"
 
-
 CURL_EXTERN char *curl_version_ccsid(unsigned int ccsid);
 CURL_EXTERN char *curl_easy_escape_ccsid(CURL *handle,
                                          const char *string, int length,
diff --git a/packages/OS400/curlcl.c b/packages/OS400/curlcl.c
index ca497b351d..7a7f3c6459 100644
--- a/packages/OS400/curlcl.c
+++ b/packages/OS400/curlcl.c
@@ -48,16 +48,13 @@ struct arguments {
   struct vary2 *cmdargs;        /* Command line arguments. */
 };
 
-static int
-is_ifs(char c)
+static int is_ifs(char c)
 {
   return c == ' ' || c == '\t' || c == '\r' || c == '\n';
 }
 
-static int
-parse_command_line(const char *cmdargs, size_t len,
-                   size_t *argc, char **argv,
-                   size_t *argsize, char *argbuf)
+static int parse_command_line(const char *cmdargs, size_t len, size_t *argc,
+                              char **argv, size_t *argsize, char *argbuf)
 {
   const char *endline = cmdargs + len;
   char quote = '\0';
@@ -126,9 +123,7 @@ parse_command_line(const char *cmdargs, size_t len,
   return 0;
 }
 
-
-int
-main(int argsc, struct arguments *args)
+int main(int argsc, struct arguments *args)
 {
   size_t argc;
   char **argv;
@@ -154,20 +149,20 @@ main(int argsc, struct arguments *args)
 
   if(!exitcode) {
     /* Allocate space for parsed arguments. */
-    argv = (char **) malloc((argc + 1) * sizeof(*argv) + argsize);
+    argv = (char **)malloc((argc + 1) * sizeof(*argv) + argsize);
     if(!argv) {
       fputs("Memory allocation error\n", stderr);
       exitcode = -2;
     }
     else {
-      _SYSPTR pgmptr = rslvsp(WLI_PGM, (char *) CURLPGM, library, _AUTH_NONE);
-      _LU_Work_Area_T *luwrka = (_LU_Work_Area_T *) _LUWRKA();
+      _SYSPTR pgmptr = rslvsp(WLI_PGM, (char *)CURLPGM, library, _AUTH_NONE);
+      _LU_Work_Area_T *luwrka = (_LU_Work_Area_T *)_LUWRKA();
 
-      parse_command_line(args->cmdargs->string, args->cmdargs->len,
-                         &argc, argv, &argsize, (char *) (argv + argc + 1));
+      parse_command_line(args->cmdargs->string, args->cmdargs->len, &argc,
+                         argv, &argsize, (char *)(argv + argc + 1));
 
       /* Call program. */
-      _CALLPGMV((void *) &pgmptr, argv, argc);
+      _CALLPGMV((void *)&pgmptr, argv, argc);
       exitcode = luwrka->LU_RC;
 
       free(argv);
diff --git a/packages/OS400/curlmain.c b/packages/OS400/curlmain.c
index 19328f7c84..54ca865264 100644
--- a/packages/OS400/curlmain.c
+++ b/packages/OS400/curlmain.c
@@ -41,15 +41,13 @@ extern int      QadrtFreeConversionTable(void);
 extern int      QadrtFreeEnviron(void);
 extern char *   setlocale_a(int, const char *);
 
-
 /* The ASCII main program. */
-extern int      main_a(int argc, char * * argv);
+extern int      main_a(int argc, char **argv);
 
 /* Global values of original EBCDIC arguments. */
 int             ebcdic_argc;
 char **         ebcdic_argv;
 
-
 int main(int argc, char **argv)
 {
   int i;
@@ -63,8 +61,8 @@ int main(int argc, char **argv)
   char dummybuf[128];
   /* To/From codes are 32 byte long strings with
      reserved fields initialized to ZEROs */
-  const char tocode[32]   = {"IBMCCSID01208"}; /* Use UTF-8. */
-  const char fromcode[32] = {"IBMCCSID000000000010"};
+  const char tocode[32]   = { "IBMCCSID01208" }; /* Use UTF-8. */
+  const char fromcode[32] = { "IBMCCSID000000000010" };
 
   ebcdic_argc = argc;
   ebcdic_argv = argv;
@@ -88,10 +86,10 @@ int main(int argc, char **argv)
   }
 
   /* Allocate memory for the ASCII arguments and vector. */
-  argv = (char **) malloc((argc + 1) * sizeof(*argv) + bytecount);
+  argv = (char **)malloc((argc + 1) * sizeof(*argv) + bytecount);
 
   /* Build the vector and convert argument encoding. */
-  outbuf = (char *) (argv + argc + 1);
+  outbuf = (char *)(argv + argc + 1);
   outbytesleft = bytecount;
 
   for(i = 0; i < argc; i++) {
@@ -112,7 +110,7 @@ int main(int argc, char **argv)
   i = main_a(argc, argv);
 
   /* Clean-up allocated items. */
-  free((char *) argv);
+  free((char *)argv);
   QadrtFreeConversionTable();
   QadrtFreeEnviron();
 
diff --git a/packages/OS400/os400sys.c b/packages/OS400/os400sys.c
index 4d31d3827c..04be163617 100644
--- a/packages/OS400/os400sys.c
+++ b/packages/OS400/os400sys.c
@@ -65,14 +65,13 @@
 
 #pragma convert(0)                              /* Restore EBCDIC. */
 
-#define MIN_BYTE_GAIN   1024    /* Minimum gain when shortening a buffer. */
+#define MIN_BYTE_GAIN 1024    /* Minimum gain when shortening a buffer. */
 
 struct buffer_t {
   unsigned long size;            /* Buffer size. */
   char *buf;                     /* Buffer address. */
 };
 
-
 static char *buffer_undef(localkey_t key, long size);
 static char *buffer_threaded(localkey_t key, long size);
 static char *buffer_unthreaded(localkey_t key, long size);
@@ -86,10 +85,10 @@ char *(*Curl_thread_buffer)(localkey_t key, long size) = buffer_undef;
 static void thdbufdestroy(void *private)
 {
   if(private) {
-    struct buffer_t *p = (struct buffer_t *) private;
+    struct buffer_t *p = (struct buffer_t *)private;
     localkey_t i;
 
-    for(i = (localkey_t) 0; i < LK_LAST; i++) {
+    for(i = (localkey_t)0; i < LK_LAST; i++) {
       free(p->buf);
       p++;
     }
@@ -98,27 +97,23 @@ static void thdbufdestroy(void *private)
   }
 }
 
-
-static void
-terminate(void)
+static void terminate(void)
 {
   if(Curl_thread_buffer == buffer_threaded) {
     locbufs = pthread_getspecific(thdkey);
-    pthread_setspecific(thdkey, (void *) NULL);
+    pthread_setspecific(thdkey, (void *)NULL);
     pthread_key_delete(thdkey);
   }
 
   if(Curl_thread_buffer != buffer_undef) {
-    thdbufdestroy((void *) locbufs);
-    locbufs = (struct buffer_t *) NULL;
+    thdbufdestroy((void *)locbufs);
+    locbufs = (struct buffer_t *)NULL;
   }
 
   Curl_thread_buffer = buffer_undef;
 }
 
-
-static char *
-get_buffer(struct buffer_t *buf, long size)
+static char *get_buffer(struct buffer_t *buf, long size)
 {
   char *cp;
 
@@ -136,7 +131,7 @@ get_buffer(struct buffer_t *buf, long size)
     return buf->buf;
   }
 
-  if((unsigned long) size <= buf->size) {
+  if((unsigned long)size <= buf->size) {
     /* Shorten the buffer only if it frees a significant byte count. This
        avoids some realloc() overhead. */
 
@@ -157,27 +152,23 @@ get_buffer(struct buffer_t *buf, long size)
   return cp;
 }
 
-
 /*
  * Get buffer address for the given local key.
  * This is always called though `Curl_thread_buffer' and when threads are
  * NOT made available by the os, so no mutex lock/unlock occurs.
  */
-static char *
-buffer_unthreaded(localkey_t key, long size)
+static char *buffer_unthreaded(localkey_t key, long size)
 {
   return get_buffer(locbufs + key, size);
 }
 
-
 /*
  * Get buffer address for the given local key, taking care of
  * concurrent threads.
  * This is always called though `Curl_thread_buffer' and when threads are
  * made available by the os.
  */
-static char *
-buffer_threaded(localkey_t key, long size)
+static char *buffer_threaded(localkey_t key, long size)
 {
   struct buffer_t *bufs;
 
@@ -185,30 +176,28 @@ buffer_threaded(localkey_t key, long size)
      make sure it is at least `size'-byte long. Set `size' to < 0 to get
      its address only. */
 
-  bufs = (struct buffer_t *) pthread_getspecific(thdkey);
+  bufs = (struct buffer_t *)pthread_getspecific(thdkey);
 
   if(!bufs) {
     if(size < 0)
-      return (char *) NULL;             /* No buffer yet. */
+      return (char *)NULL;             /* No buffer yet. */
 
     /* Allocate buffer descriptors for the current thread. */
 
-    bufs = calloc((size_t) LK_LAST, sizeof(*bufs));
+    bufs = calloc((size_t)LK_LAST, sizeof(*bufs));
     if(!bufs)
-      return (char *) NULL;
+      return (char *)NULL;
 
-    if(pthread_setspecific(thdkey, (void *) bufs)) {
+    if(pthread_setspecific(thdkey, (void *)bufs)) {
       free(bufs);
-      return (char *) NULL;
+      return (char *)NULL;
     }
   }
 
   return get_buffer(bufs + key, size);
 }
 
-
-static char *
-buffer_undef(localkey_t key, long size)
+static char *buffer_undef(localkey_t key, long size)
 {
   /* Define the buffer system, get the buffer for the given local key in
      the current thread, and make sure it is at least `size'-byte long.
@@ -218,7 +207,7 @@ buffer_undef(localkey_t key, long size)
 
   /* Determine if we can use pthread-specific data. */
 
-  if(Curl_thread_buffer == buffer_undef) {      /* If unchanged during lock. */
+  if(Curl_thread_buffer == buffer_undef) { /* If unchanged during lock. */
     /* OS400 interactive jobs do not support threads: check here. */
     if(!pthread_key_create(&thdkey, thdbufdestroy)) {
       /* Threads are supported: use the thread-aware buffer procedure. */
@@ -227,10 +216,10 @@ buffer_undef(localkey_t key, long size)
     else {
       /* No multi-threading available: allocate storage for single-thread
        * buffer headers. */
-      locbufs = calloc((size_t) LK_LAST, sizeof(*locbufs));
+      locbufs = calloc((size_t)LK_LAST, sizeof(*locbufs));
       if(!locbufs) {
-        pthread_mutex_unlock(&mutex);   /* For symetry: will probably fail. */
-        return (char *) NULL;
+        pthread_mutex_unlock(&mutex); /* For symetry: will probably fail. */
+        return (char *)NULL;
       }
       else
         Curl_thread_buffer = buffer_unthreaded; /* Use unthreaded version. */
@@ -243,15 +232,13 @@ buffer_undef(localkey_t key, long size)
   return Curl_thread_buffer(key, size);
 }
 
-
-static char *
-set_thread_string(localkey_t key, const char *s)
+static char *set_thread_string(localkey_t key, const char *s)
 {
   int i;
   char *cp;
 
   if(!s)
-    return (char *) NULL;
+    return (char *)NULL;
 
   i = strlen(s) + 1;
   cp = Curl_thread_buffer(key, MAX_CONV_EXPANSION * i + 1);
@@ -264,12 +251,10 @@ set_thread_string(localkey_t key, const char *s)
   return cp;
 }
 
-
-int
-Curl_getnameinfo_a(const struct sockaddr *sa, socklen_t salen,
-                   char *nodename, socklen_t nodenamelen,
-                   char *servname, socklen_t servnamelen,
-                   int flags)
+int Curl_getnameinfo_a(const struct sockaddr *sa, socklen_t salen,
+                       char *nodename, socklen_t nodenamelen,
+                       char *servname, socklen_t servnamelen,
+                       int flags)
 {
   char *enodename = NULL;
   char *eservname = NULL;
@@ -289,20 +274,20 @@ Curl_getnameinfo_a(const struct sockaddr *sa, socklen_t salen,
     }
   }
 
-  status = getnameinfo(sa, salen, enodename, nodenamelen,
-                       eservname, servnamelen, flags);
+  status = getnameinfo(sa, salen, enodename, nodenamelen, eservname,
+                       servnamelen, flags);
 
   if(!status) {
     int i;
     if(enodename) {
-      i = QadrtConvertE2A(nodename, enodename,
-                          nodenamelen - 1, strlen(enodename));
+      i = QadrtConvertE2A(nodename, enodename, nodenamelen - 1,
+                          strlen(enodename));
       nodename[i] = '\0';
     }
 
     if(eservname) {
-      i = QadrtConvertE2A(servname, eservname,
-                          servnamelen - 1, strlen(eservname));
+      i = QadrtConvertE2A(servname, eservname, servnamelen - 1,
+                          strlen(eservname));
       servname[i] = '\0';
     }
   }
@@ -312,18 +297,16 @@ Curl_getnameinfo_a(const struct sockaddr *sa, socklen_t salen,
   return status;
 }
 
-int
-Curl_getaddrinfo_a(const char *nodename, const char *servname,
-                   const struct addrinfo *hints,
-                   struct addrinfo **res)
+int Curl_getaddrinfo_a(const char *nodename, const char *servname,
+                       const struct addrinfo *hints, struct addrinfo **res)
 {
   char *enodename;
   char *eservname;
   int status;
   int i;
 
-  enodename = (char *) NULL;
-  eservname = (char *) NULL;
+  enodename = (char *)NULL;
+  eservname = (char *)NULL;
 
   if(nodename) {
     i = strlen(nodename);
@@ -360,8 +343,7 @@ Curl_getaddrinfo_a(const char *nodename, const char *servname,
 
 /* ASCII wrappers for the GSSAPI procedures. */
 
-static int
-Curl_gss_convert_in_place(OM_uint32 *minor_status, gss_buffer_t buf)
+static int Curl_gss_convert_in_place(OM_uint32 *minor_status, gss_buffer_t buf)
 {
   unsigned int i = buf->length;
 
@@ -388,10 +370,8 @@ Curl_gss_convert_in_place(OM_uint32 *minor_status, gss_buffer_t buf)
   return 0;
 }
 
-
-OM_uint32
-Curl_gss_import_name_a(OM_uint32 *minor_status, gss_buffer_t in_name,
-                       gss_OID in_name_type, gss_name_t *out_name)
+OM_uint32 Curl_gss_import_name_a(OM_uint32 *minor_status, gss_buffer_t in_name,
+                                 gss_OID in_name_type, gss_name_t *out_name)
 {
   OM_uint32 rc;
   unsigned int i;
@@ -400,7 +380,7 @@ Curl_gss_import_name_a(OM_uint32 *minor_status, gss_buffer_t in_name,
   if(!in_name || !in_name->value || !in_name->length)
     return gss_import_name(minor_status, in_name, in_name_type, out_name);
 
-  memcpy((char *) &in, (char *) in_name, sizeof(in));
+  memcpy((char *)&in, (char *)in_name, sizeof(in));
   i = in.length;
 
   in.value = malloc(i + 1);
@@ -413,17 +393,17 @@ Curl_gss_import_name_a(OM_uint32 *minor_status, gss_buffer_t in_name,
   }
 
   QadrtConvertA2E(in.value, in_name->value, i, i);
-  ((char *) in.value)[i] = '\0';
+  ((char *)in.value)[i] = '\0';
   rc = gss_import_name(minor_status, &in, in_name_type, out_name);
   free(in.value);
   return rc;
 }
 
-OM_uint32
-Curl_gss_display_status_a(OM_uint32 *minor_status, OM_uint32 status_value,
-                          int status_type, gss_OID mech_type,
-                          gss_msg_ctx_t *message_context,
-                          gss_buffer_t status_string)
+OM_uint32 Curl_gss_display_status_a(OM_uint32 *minor_status,
+                                    OM_uint32 status_value, int status_type,
+                                    gss_OID mech_type,
+                                    gss_msg_ctx_t *message_context,
+                                    gss_buffer_t status_string)
 {
   int rc;
 
@@ -477,7 +457,7 @@ Curl_gss_init_sec_context_a(OM_uint32 *minor_status,
       }
 
       QadrtConvertA2E(in.value, input_token->value, i, i);
-      ((char *) in.value)[i] = '\0';
+      ((char *)in.value)[i] = '\0';
       in.length = i;
       inp = ∈
     }
@@ -503,11 +483,9 @@ Curl_gss_init_sec_context_a(OM_uint32 *minor_status,
   return rc;
 }
 
-
-OM_uint32
-Curl_gss_delete_sec_context_a(OM_uint32 *minor_status,
-                              gss_ctx_id_t *context_handle,
-                              gss_buffer_t output_token)
+OM_uint32 Curl_gss_delete_sec_context_a(OM_uint32 *minor_status,
+                                        gss_ctx_id_t *context_handle,
+                                        gss_buffer_t output_token)
 {
   OM_uint32 rc;
 
@@ -533,38 +511,36 @@ Curl_gss_delete_sec_context_a(OM_uint32 *minor_status,
 
 /* ASCII wrappers for the LDAP procedures. */
 
-void *
-Curl_ldap_init_a(char *host, int port)
+void *Curl_ldap_init_a(char *host, int port)
 {
   size_t i;
   char *ehost;
   void *result;
 
   if(!host)
-    return (void *) ldap_init(host, port);
+    return (void *)ldap_init(host, port);
 
   i = strlen(host);
 
   ehost = malloc(i + 1);
   if(!ehost)
-    return (void *) NULL;
+    return (void *)NULL;
 
   QadrtConvertA2E(ehost, host, i, i);
   ehost[i] = '\0';
-  result = (void *) ldap_init(ehost, port);
+  result = (void *)ldap_init(ehost, port);
   free(ehost);
   return result;
 }
 
-int
-Curl_ldap_simple_bind_s_a(void *ld, char *dn, char *passwd)
+int Curl_ldap_simple_bind_s_a(void *ld, char *dn, char *passwd)
 {
   int i;
   char *edn;
   char *epasswd;
 
-  edn = (char *) NULL;
-  epasswd = (char *) NULL;
+  edn = (char *)NULL;
+  epasswd = (char *)NULL;
 
   if(dn) {
     i = strlen(dn);
@@ -596,9 +572,8 @@ Curl_ldap_simple_bind_s_a(void *ld, char *dn, char *passwd)
   return i;
 }
 
-int
-Curl_ldap_search_s_a(void *ld, char *base, int scope, char *filter,
-                     char **attrs, int attrsonly, LDAPMessage **res)
+int Curl_ldap_search_s_a(void *ld, char *base, int scope, char *filter,
+                         char **attrs, int attrsonly, LDAPMessage **res)
 {
   int i;
   int j;
@@ -607,9 +582,9 @@ Curl_ldap_search_s_a(void *ld, char *base, int scope, char *filter,
   char **eattrs;
   int status;
 
-  ebase = (char *) NULL;
-  efilter = (char *) NULL;
-  eattrs = (char **) NULL;
+  ebase = (char *)NULL;
+  efilter = (char *)NULL;
+  eattrs = (char **)NULL;
   status = LDAP_SUCCESS;
 
   if(base) {
@@ -676,14 +651,13 @@ Curl_ldap_search_s_a(void *ld, char *base, int scope, char *filter,
   return status;
 }
 
-
-struct berval **
-Curl_ldap_get_values_len_a(void *ld, LDAPMessage *entry, const char *attr)
+struct berval **Curl_ldap_get_values_len_a(void *ld, LDAPMessage *entry,
+                                           const char *attr)
 {
   char *cp;
   struct berval **result;
 
-  cp = (char *) NULL;
+  cp = (char *)NULL;
 
   if(attr) {
     int i = strlen(attr);
@@ -692,7 +666,7 @@ Curl_ldap_get_values_len_a(void *ld, LDAPMessage *entry, const char *attr)
     if(!cp) {
       ldap_set_lderrno(ld, LDAP_NO_MEMORY, NULL,
                        ldap_err2string(LDAP_NO_MEMORY));
-      return (struct berval **) NULL;
+      return (struct berval **)NULL;
     }
 
     QadrtConvertA2E(cp, attr, i, i);
@@ -708,14 +682,12 @@ Curl_ldap_get_values_len_a(void *ld, LDAPMessage *entry, const char *attr)
   return result;
 }
 
-char *
-Curl_ldap_err2string_a(int error)
+char *Curl_ldap_err2string_a(int error)
 {
   return set_thread_string(LK_LDAP_ERROR, ldap_err2string(error));
 }
 
-char *
-Curl_ldap_get_dn_a(void *ld, LDAPMessage *entry)
+char *Curl_ldap_get_dn_a(void *ld, LDAPMessage *entry)
 {
   int i;
   char *cp;
@@ -744,9 +716,8 @@ Curl_ldap_get_dn_a(void *ld, LDAPMessage *entry)
   return cp;
 }
 
-char *
-Curl_ldap_first_attribute_a(void *ld,
-                            LDAPMessage *entry, BerElement **berptr)
+char *Curl_ldap_first_attribute_a(void *ld, LDAPMessage *entry,
+                                  BerElement **berptr)
 {
   int i;
   char *cp;
@@ -775,9 +746,8 @@ Curl_ldap_first_attribute_a(void *ld,
   return cp;
 }
 
-char *
-Curl_ldap_next_attribute_a(void *ld,
-                           LDAPMessage *entry, BerElement *berptr)
+char *Curl_ldap_next_attribute_a(void *ld, LDAPMessage *entry,
+                                 BerElement *berptr)
 {
   int i;
   char *cp;
@@ -808,9 +778,8 @@ Curl_ldap_next_attribute_a(void *ld,
 
 #endif /* CURL_DISABLE_LDAP */
 
-static int
-sockaddr2ebcdic(struct sockaddr_storage *dstaddr,
-                const struct sockaddr *srcaddr, int srclen)
+static int sockaddr2ebcdic(struct sockaddr_storage *dstaddr,
+                           const struct sockaddr *srcaddr, int srclen)
 {
   const struct sockaddr_un *srcu;
   struct sockaddr_un *dstu;
@@ -826,13 +795,13 @@ sockaddr2ebcdic(struct sockaddr_storage *dstaddr,
     return -1;
   }
 
-  memcpy((char *) dstaddr, (char *) srcaddr, srclen);
+  memcpy((char *)dstaddr, (char *)srcaddr, srclen);
 
   switch(srcaddr->sa_family) {
 
   case AF_UNIX:
-    srcu = (const struct sockaddr_un *) srcaddr;
-    dstu = (struct sockaddr_un *) dstaddr;
+    srcu = (const struct sockaddr_un *)srcaddr;
+    dstu = (struct sockaddr_un *)dstaddr;
     dstsize = sizeof(*dstaddr) - offsetof(struct sockaddr_un, sun_path);
     srclen -= offsetof(struct sockaddr_un, sun_path);
     i = QadrtConvertA2E(dstu->sun_path, srcu->sun_path, dstsize - 1, srclen);
@@ -843,10 +812,8 @@ sockaddr2ebcdic(struct sockaddr_storage *dstaddr,
   return srclen;
 }
 
-
-static int
-sockaddr2ascii(struct sockaddr *dstaddr, int dstlen,
-               const struct sockaddr_storage *srcaddr, int srclen)
+static int sockaddr2ascii(struct sockaddr *dstaddr, int dstlen,
+                          const struct sockaddr_storage *srcaddr, int srclen)
 {
   const struct sockaddr_un *srcu;
   struct sockaddr_un *dstu;
@@ -864,15 +831,15 @@ sockaddr2ascii(struct sockaddr *dstaddr, int dstlen,
     return -1;
   }
 
-  memcpy((char *) dstaddr, (char *) srcaddr, srclen);
+  memcpy((char *)dstaddr, (char *)srcaddr, srclen);
 
   if(srclen >= offsetof(struct sockaddr_storage, ss_family) +
      sizeof(srcaddr->ss_family)) {
     switch(srcaddr->ss_family) {
 
     case AF_UNIX:
-      srcu = (const struct sockaddr_un *) srcaddr;
-      dstu = (struct sockaddr_un *) dstaddr;
+      srcu = (const struct sockaddr_un *)srcaddr;
+      dstu = (struct sockaddr_un *)dstaddr;
       dstsize = dstlen - offsetof(struct sockaddr_un, sun_path);
       srclen -= offsetof(struct sockaddr_un, sun_path);
       if(dstsize > 0 && srclen > 0) {
@@ -887,8 +854,7 @@ sockaddr2ascii(struct sockaddr *dstaddr, int dstlen,
   return srclen;
 }
 
-int
-Curl_os400_connect(int sd, struct sockaddr *destaddr, int addrlen)
+int Curl_os400_connect(int sd, struct sockaddr *destaddr, int addrlen)
 {
   int i;
   struct sockaddr_storage laddr;
@@ -898,11 +864,10 @@ Curl_os400_connect(int sd, struct sockaddr *destaddr, int addrlen)
   if(i < 0)
     return -1;
 
-  return connect(sd, (struct sockaddr *) &laddr, i);
+  return connect(sd, (struct sockaddr *)&laddr, i);
 }
 
-int
-Curl_os400_bind(int sd, struct sockaddr *localaddr, int addrlen)
+int Curl_os400_bind(int sd, struct sockaddr *localaddr, int addrlen)
 {
   int i;
   struct sockaddr_storage laddr;
@@ -912,12 +877,11 @@ Curl_os400_bind(int sd, struct sockaddr *localaddr, int addrlen)
   if(i < 0)
     return -1;
 
-  return bind(sd, (struct sockaddr *) &laddr, i);
+  return bind(sd, (struct sockaddr *)&laddr, i);
 }
 
-int
-Curl_os400_sendto(int sd, char *buffer, int buflen, int flags,
-                  const struct sockaddr *dstaddr, int addrlen)
+int Curl_os400_sendto(int sd, char *buffer, int buflen, int flags,
+                      const struct sockaddr *dstaddr, int addrlen)
 {
   int i;
   struct sockaddr_storage laddr;
@@ -927,12 +891,11 @@ Curl_os400_sendto(int sd, char *buffer, int buflen, int flags,
   if(i < 0)
     return -1;
 
-  return sendto(sd, buffer, buflen, flags, (struct sockaddr *) &laddr, i);
+  return sendto(sd, buffer, buflen, flags, (struct sockaddr *)&laddr, i);
 }
 
-int
-Curl_os400_recvfrom(int sd, char *buffer, int buflen, int flags,
-                    struct sockaddr *fromaddr, int *addrlen)
+int Curl_os400_recvfrom(int sd, char *buffer, int buflen, int flags,
+                        struct sockaddr *fromaddr, int *addrlen)
 {
   int rcvlen;
   struct sockaddr_storage laddr;
@@ -943,7 +906,7 @@ Curl_os400_recvfrom(int sd, char *buffer, int buflen, int flags,
 
   laddr.ss_family = AF_UNSPEC;          /* To detect if unused. */
   rcvlen = recvfrom(sd, buffer, buflen, flags,
-                    (struct sockaddr *) &laddr, &laddrlen);
+                    (struct sockaddr *)&laddr, &laddrlen);
 
   if(rcvlen < 0)
     return rcvlen;
@@ -959,12 +922,11 @@ Curl_os400_recvfrom(int sd, char *buffer, int buflen, int flags,
   return rcvlen;
 }
 
-int
-Curl_os400_getpeername(int sd, struct sockaddr *addr, int *addrlen)
+int Curl_os400_getpeername(int sd, struct sockaddr *addr, int *addrlen)
 {
   struct sockaddr_storage laddr;
   int laddrlen = sizeof(laddr);
-  int retcode = getpeername(sd, (struct sockaddr *) &laddr, &laddrlen);
+  int retcode = getpeername(sd, (struct sockaddr *)&laddr, &laddrlen);
 
   if(!retcode) {
     laddrlen = sockaddr2ascii(addr, *addrlen, &laddr, laddrlen);
@@ -976,12 +938,11 @@ Curl_os400_getpeername(int sd, struct sockaddr *addr, int *addrlen)
   return retcode;
 }
 
-int
-Curl_os400_getsockname(int sd, struct sockaddr *addr, int *addrlen)
+int Curl_os400_getsockname(int sd, struct sockaddr *addr, int *addrlen)
 {
   struct sockaddr_storage laddr;
   int laddrlen = sizeof(laddr);
-  int retcode = getsockname(sd, (struct sockaddr *) &laddr, &laddrlen);
+  int retcode = getsockname(sd, (struct sockaddr *)&laddr, &laddrlen);
 
   if(!retcode) {
     laddrlen = sockaddr2ascii(addr, *addrlen, &laddr, laddrlen);
@@ -993,17 +954,14 @@ Curl_os400_getsockname(int sd, struct sockaddr *addr, int *addrlen)
   return retcode;
 }
 
-
 #ifdef HAVE_LIBZ
-const char *
-Curl_os400_zlibVersion(void)
+const char *Curl_os400_zlibVersion(void)
 {
   return set_thread_string(LK_ZLIB_VERSION, zlibVersion());
 }
 
-
-int
-Curl_os400_inflateInit_(z_streamp strm, const char *version, int stream_size)
+int Curl_os400_inflateInit_(z_streamp strm, const char *version,
+                            int stream_size)
 {
   z_const char *msgb4 = strm->msg;
   int ret;
@@ -1016,9 +974,8 @@ Curl_os400_inflateInit_(z_streamp strm, const char *version, int stream_size)
   return ret;
 }
 
-int
-Curl_os400_inflateInit2_(z_streamp strm, int windowBits,
-                         const char *version, int stream_size)
+int Curl_os400_inflateInit2_(z_streamp strm, int windowBits,
+                             const char *version, int stream_size)
 {
   z_const char *msgb4 = strm->msg;
   int ret;
@@ -1031,8 +988,7 @@ Curl_os400_inflateInit2_(z_streamp strm, int windowBits,
   return ret;
 }
 
-int
-Curl_os400_inflate(z_streamp strm, int flush)
+int Curl_os400_inflate(z_streamp strm, int flush)
 {
   z_const char *msgb4 = strm->msg;
   int ret;
@@ -1045,8 +1001,7 @@ Curl_os400_inflate(z_streamp strm, int flush)
   return ret;
 }
 
-int
-Curl_os400_inflateEnd(z_streamp strm)
+int Curl_os400_inflateEnd(z_streamp strm)
 {
   z_const char *msgb4 = strm->msg;
   int ret;
diff --git a/packages/OS400/os400sys.h b/packages/OS400/os400sys.h
index d5ff412f28..eb2cdb828a 100644
--- a/packages/OS400/os400sys.h
+++ b/packages/OS400/os400sys.h
@@ -28,30 +28,27 @@
 #ifndef __OS400_SYS_
 #define __OS400_SYS_
 
-
 /* Per-thread item identifiers. */
 
 typedef enum {
-        LK_GSK_ERROR,
-        LK_LDAP_ERROR,
-        LK_CURL_VERSION,
-        LK_VERSION_INFO,
-        LK_VERSION_INFO_DATA,
-        LK_EASY_STRERROR,
-        LK_SHARE_STRERROR,
-        LK_MULTI_STRERROR,
-        LK_URL_STRERROR,
-        LK_ZLIB_VERSION,
-        LK_ZLIB_MSG,
-        LK_LAST
-}               localkey_t;
-
-
-extern char *   (* Curl_thread_buffer)(localkey_t key, long size);
+  LK_GSK_ERROR,
+  LK_LDAP_ERROR,
+  LK_CURL_VERSION,
+  LK_VERSION_INFO,
+  LK_VERSION_INFO_DATA,
+  LK_EASY_STRERROR,
+  LK_SHARE_STRERROR,
+  LK_MULTI_STRERROR,
+  LK_URL_STRERROR,
+  LK_ZLIB_VERSION,
+  LK_ZLIB_MSG,
+  LK_LAST
+} localkey_t;
 
+extern char *(*Curl_thread_buffer)(localkey_t key, long size);
 
 /* Maximum string expansion factor due to character code conversion. */
 
-#define MAX_CONV_EXPANSION      4       /* Can deal with UTF-8. */
+#define MAX_CONV_EXPANSION 4       /* Can deal with UTF-8. */
 
 #endif
diff --git a/packages/vms/curl_crtl_init.c b/packages/vms/curl_crtl_init.c
index d6500c08cd..7966a38f82 100644
--- a/packages/vms/curl_crtl_init.c
+++ b/packages/vms/curl_crtl_init.c
@@ -78,34 +78,29 @@ struct itmlst_3 {
 #pragma member_alignment restore
 
 #ifdef __VAX
-#define ENABLE "ENABLE"
+#define ENABLE  "ENABLE"
 #define DISABLE "DISABLE"
 #else
 
-#define ENABLE TRUE
+#define ENABLE  TRUE
 #define DISABLE 0
-int   decc$feature_get_index (const char *name);
-int   decc$feature_set_value (int index, int mode, int value);
+int decc$feature_get_index(const char *name);
+int decc$feature_set_value(int index, int mode, int value);
 #endif
 
-int   SYS$TRNLNM(
-    const unsigned long *attr,
-    const struct dsc$descriptor_s *table_dsc,
-    struct dsc$descriptor_s *name_dsc,
-    const unsigned char *acmode,
-    const struct itmlst_3 *item_list);
-int   SYS$CRELNM(
-    const unsigned long *attr,
-    const struct dsc$descriptor_s *table_dsc,
-    const struct dsc$descriptor_s *name_dsc,
-    const unsigned char *acmode,
-    const struct itmlst_3 *item_list);
-
+int SYS$TRNLNM(const unsigned long *attr,
+               const struct dsc$descriptor_s *table_dsc,
+               struct dsc$descriptor_s *name_dsc,
+               const unsigned char *acmode,
+               const struct itmlst_3 *item_list);
+int SYS$CRELNM(const unsigned long *attr,
+               const struct dsc$descriptor_s *table_dsc,
+               const struct dsc$descriptor_s *name_dsc,
+               const unsigned char *acmode,
+               const struct itmlst_3 *item_list);
 
 /* Take all the fun out of simply looking up a logical name */
-static int sys_trnlnm(const char *logname,
-                      char *value,
-                      int value_len)
+static int sys_trnlnm(const char *logname, char *value, int value_len)
 {
   const $DESCRIPTOR(table_dsc, "LNM$FILE_DEV");
   const unsigned long attr = LNM$M_CASE_BLIND;
@@ -140,8 +135,7 @@ static int sys_trnlnm(const char *logname,
 }
 
 /* How to simply create a logical name */
-static int sys_crelnm(const char *logname,
-                      const char *value)
+static int sys_crelnm(const char *logname, const char *value)
 {
   int ret_val;
   const char *proc_table = "LNM$PROCESS_TABLE";
@@ -149,12 +143,12 @@ static int sys_crelnm(const char *logname,
   struct dsc$descriptor_s logname_dsc;
   struct itmlst_3 item_list[2];
 
-  proc_table_dsc.dsc$a_pointer = (char *) proc_table;
+  proc_table_dsc.dsc$a_pointer = (char *)proc_table;
   proc_table_dsc.dsc$w_length = strlen(proc_table);
   proc_table_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
   proc_table_dsc.dsc$b_class = DSC$K_CLASS_S;
 
-  logname_dsc.dsc$a_pointer = (char *) logname;
+  logname_dsc.dsc$a_pointer = (char *)logname;
   logname_dsc.dsc$w_length = strlen(logname);
   logname_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
   logname_dsc.dsc$b_class = DSC$K_CLASS_S;
@@ -172,7 +166,6 @@ static int sys_crelnm(const char *logname,
   return ret_val;
 }
 
-
 /* Start of DECC RTL Feature handling */
 
 /*
@@ -191,7 +184,7 @@ static void set_feature_default(const char *name, int value)
   index = decc$feature_get_index(name);
 
   if(index > 0)
-    decc$feature_set_value (index, 0, value);
+    decc$feature_set_value(index, 0, value);
 }
 #endif
 
@@ -202,7 +195,7 @@ static void set_features(void)
   int use_unix_settings = 1;
 
   status = sys_trnlnm("GNV$UNIX_SHELL",
-                      unix_shell_name, sizeof(unix_shell_name) -1);
+                      unix_shell_name, sizeof(unix_shell_name) - 1);
   if(!$VMS_STATUS_SUCCESS(status)) {
     use_unix_settings = 0;
   }
@@ -262,7 +255,6 @@ static void set_features(void)
 
     set_feature_default("DECC$FILE_OWNER_UNIX", ENABLE);
     set_feature_default("DECC$POSIX_SEEK_STREAM_FILE", ENABLE);
-
   }
   else {
     set_feature_default("DECC$FILENAME_UNIX_REPORT", ENABLE);
@@ -285,10 +277,9 @@ static void set_features(void)
   /* Commented here to prevent future bugs: A program or user should */
   /* never ever enable DECC$POSIX_STYLE_UID. */
   /* It will probably break all code that accesses UIDs */
-  /*  do_not_set_default ("DECC$POSIX_STYLE_UID", TRUE); */
+  /*  do_not_set_default("DECC$POSIX_STYLE_UID", TRUE); */
 }
 
-
 /* Some boilerplate to force this to be a proper LIB$INITIALIZE section */
 
 #pragma nostandard
@@ -306,7 +297,7 @@ static void set_features(void)
 #    endif
 #endif
 /* Set our contribution to the LIB$INITIALIZE array */
-void (* const iniarray[])(void) = {set_features };
+void (* const iniarray[])(void) = { set_features };
 #ifndef __VAX
 #    if __INITIAL_POINTER_SIZE
 #        pragma __pointer_size __restore
@@ -315,7 +306,6 @@ void (* const iniarray[])(void) = {set_features };
 #    endif
 #endif
 
-
 /*
 ** Force a reference to LIB$INITIALIZE to ensure it
 ** exists in the image.
@@ -324,7 +314,7 @@ int LIB$INITIALIZE(void);
 #ifdef __DECC
 #pragma extern_model strict_refdef
 #endif
-    int lib_init_ref = (int) LIB$INITIALIZE;
+int lib_init_ref = (int)LIB$INITIALIZE;
 #ifdef __DECC
 #pragma extern_model restore
 #pragma standard
diff --git a/packages/vms/curlmsg.h b/packages/vms/curlmsg.h
index 9b5c4c76d1..f05c3a8f5a 100644
--- a/packages/vms/curlmsg.h
+++ b/packages/vms/curlmsg.h
@@ -50,93 +50,93 @@
 /* IF YOU UPDATE THIS FILE, UPDATE CURLMSG_VMS.H SO THAT THEY ARE IN SYNC   */
 /*                                                                          */
 
-#define CURL_FACILITY 3841
-#define CURL_OK 251756553
-#define CURL_UNSUPPORTED_PROTOCOL 251756562
-#define CURL_FAILED_INIT 251756570
-#define CURL_URL_MALFORMAT 251756578
-#define CURL_OBSOLETE4 251756586
-#define CURL_COULDNT_RESOLVE_PROXY 251756594
-#define CURL_COULDNT_RESOLVE_HOST 251756602
-#define CURL_COULDNT_CONNECT 251756610
-#define CURL_WEIRD_SERVER_REPLY 251756618
+#define CURL_FACILITY               3841
+#define CURL_OK                     251756553
+#define CURL_UNSUPPORTED_PROTOCOL   251756562
+#define CURL_FAILED_INIT            251756570
+#define CURL_URL_MALFORMAT          251756578
+#define CURL_OBSOLETE4              251756586
+#define CURL_COULDNT_RESOLVE_PROXY  251756594
+#define CURL_COULDNT_RESOLVE_HOST   251756602
+#define CURL_COULDNT_CONNECT        251756610
+#define CURL_WEIRD_SERVER_REPLY     251756618
 #define CURL_FTP_WEIRD_SERVER_REPLY CURL_WEIRD_SERVER_REPLY
-#define CURL_FTP_ACCESS_DENIED 251756626
-#define CURL_OBSOLETE10 251756634
-#define CURL_FTP_WEIRD_PASS_REPLY 251756642
-#define CURL_OBSOLETE12 251756650
-#define CURL_FTP_WEIRD_PASV_REPLY 251756658
-#define CURL_FTP_WEIRD_227_FORMAT 251756666
-#define CURL_FTP_CANT_GET_HOST 251756674
-#define CURL_OBSOLETE16 251756682
-#define CURL_FTP_COULDNT_SET_TYPE 251756690
-#define CURL_PARTIAL_FILE 251756698
-#define CURL_FTP_COULDNT_RETR_FILE 251756706
-#define CURL_OBSOLETE20 251756714
-#define CURL_QUOTE_ERROR 251756722
-#define CURL_HTTP_RETURNED_ERROR 251756730
-#define CURL_WRITE_ERROR 251756738
-#define CURL_OBSOLETE24 251756746
-#define CURL_UPLOAD_FAILED 251756754
-#define CURL_READ_ERROR 251756762
-#define CURL_OUT_OF_MEMORY 251756770
-#define CURL_OPERATION_TIMEOUTED 251756778
-#define CURL_OBSOLETE29 251756786
-#define CURL_FTP_PORT_FAILED 251756794
-#define CURL_FTP_COULDNT_USE_REST 251756802
-#define CURL_OBSOLETE32 251756810
-#define CURL_RANGE_ERROR 251756818
-#define CURL_HTTP_POST_ERROR 251756826
-#define CURL_SSL_CONNECT_ERROR 251756834
-#define CURL_BAD_DOWNLOAD_RESUME 251756842
+#define CURL_FTP_ACCESS_DENIED      251756626
+#define CURL_OBSOLETE10             251756634
+#define CURL_FTP_WEIRD_PASS_REPLY   251756642
+#define CURL_OBSOLETE12             251756650
+#define CURL_FTP_WEIRD_PASV_REPLY   251756658
+#define CURL_FTP_WEIRD_227_FORMAT   251756666
+#define CURL_FTP_CANT_GET_HOST      251756674
+#define CURL_OBSOLETE16             251756682
+#define CURL_FTP_COULDNT_SET_TYPE   251756690
+#define CURL_PARTIAL_FILE           251756698
+#define CURL_FTP_COULDNT_RETR_FILE  251756706
+#define CURL_OBSOLETE20             251756714
+#define CURL_QUOTE_ERROR            251756722
+#define CURL_HTTP_RETURNED_ERROR    251756730
+#define CURL_WRITE_ERROR            251756738
+#define CURL_OBSOLETE24             251756746
+#define CURL_UPLOAD_FAILED          251756754
+#define CURL_READ_ERROR             251756762
+#define CURL_OUT_OF_MEMORY          251756770
+#define CURL_OPERATION_TIMEOUTED    251756778
+#define CURL_OBSOLETE29             251756786
+#define CURL_FTP_PORT_FAILED        251756794
+#define CURL_FTP_COULDNT_USE_REST   251756802
+#define CURL_OBSOLETE32             251756810
+#define CURL_RANGE_ERROR            251756818
+#define CURL_HTTP_POST_ERROR        251756826
+#define CURL_SSL_CONNECT_ERROR      251756834
+#define CURL_BAD_DOWNLOAD_RESUME    251756842
 #define CURL_FILE_COULDNT_READ_FILE 251756850
-#define CURL_LDAP_CANNOT_BIND 251756858
-#define CURL_LDAP_SEARCH_FAILED 251756866
-#define CURL_OBSOLETE40 251756874
-#define CURL_FUNCTION_NOT_FOUND 251756882
-#define CURL_ABORTED_BY_CALLBACK 251756890
-#define CURL_BAD_FUNCTION_ARGUMENT 251756898
-#define CURL_OBSOLETE44 251756906
-#define CURL_INTERFACE_FAILED 251756914
-#define CURL_OBSOLETE46 251756922
-#define CURL_TOO_MANY_REDIRECTS 251756930
-#define CURL_UNKNOWN_TELNET_OPTION 251756938
-#define CURL_TELNET_OPTION_SYNTAX 251756946
-#define CURL_OBSOLETE50 251756954
-#define CURL_PEER_FAILED_VERIF 251756962
-#define CURL_GOT_NOTHING 251756970
-#define CURL_SSL_ENGINE_NOTFOUND 251756978
-#define CURL_SSL_ENGINE_SETFAILED 251756986
-#define CURL_SEND_ERROR 251756994
-#define CURL_RECV_ERROR 251757002
-#define CURL_OBSOLETE57 251757010
-#define CURL_SSL_CERTPROBLEM 251757018
-#define CURL_SSL_CIPHER 251757026
-#define CURL_SSL_CACERT 251757034
-#define CURL_BAD_CONTENT_ENCODING 251757042
-#define CURL_LDAP_INVALID_URL 251757050
-#define CURL_FILESIZE_EXCEEDED 251757058
-#define CURL_USE_SSL_FAILED 251757066
-#define CURL_SEND_FAIL_REWIND 251757074
-#define CURL_SSL_ENGINE_INITFAILED 251757082
-#define CURL_LOGIN_DENIED 251757090
-#define CURL_TFTP_NOTFOUND 251757098
-#define CURL_TFTP_PERM 251757106
-#define CURL_REMOTE_DISK_FULL 251757114
-#define CURL_TFTP_ILLEGAL 251757122
-#define CURL_TFTP_UNKNOWNID 251757130
-#define CURL_REMOTE_FILE_EXISTS 251757138
-#define CURL_TFTP_NOSUCHUSER 251757146
-#define CURL_CONV_FAILED 251757154
-#define CURL_CONV_REQD 251757162
-#define CURL_SSL_CACERT_BADFILE 251757170
-#define CURL_REMOTE_FILE_NOT_FOUND 251757178
-#define CURL_SSH 251757186
-#define CURL_SSL_SHUTDOWN_FAILED 251757194
-#define CURL_AGAIN 251757202
-#define CURL_SSL_CRL_BADFILE 251757210
-#define CURL_SSL_ISSUER_ERROR 251757218
-#define CURL_CURL_LAST 251757226
+#define CURL_LDAP_CANNOT_BIND       251756858
+#define CURL_LDAP_SEARCH_FAILED     251756866
+#define CURL_OBSOLETE40             251756874
+#define CURL_FUNCTION_NOT_FOUND     251756882
+#define CURL_ABORTED_BY_CALLBACK    251756890
+#define CURL_BAD_FUNCTION_ARGUMENT  251756898
+#define CURL_OBSOLETE44             251756906
+#define CURL_INTERFACE_FAILED       251756914
+#define CURL_OBSOLETE46             251756922
+#define CURL_TOO_MANY_REDIRECTS     251756930
+#define CURL_UNKNOWN_TELNET_OPTION  251756938
+#define CURL_TELNET_OPTION_SYNTAX   251756946
+#define CURL_OBSOLETE50             251756954
+#define CURL_PEER_FAILED_VERIF      251756962
+#define CURL_GOT_NOTHING            251756970
+#define CURL_SSL_ENGINE_NOTFOUND    251756978
+#define CURL_SSL_ENGINE_SETFAILED   251756986
+#define CURL_SEND_ERROR             251756994
+#define CURL_RECV_ERROR             251757002
+#define CURL_OBSOLETE57             251757010
+#define CURL_SSL_CERTPROBLEM        251757018
+#define CURL_SSL_CIPHER             251757026
+#define CURL_SSL_CACERT             251757034
+#define CURL_BAD_CONTENT_ENCODING   251757042
+#define CURL_LDAP_INVALID_URL       251757050
+#define CURL_FILESIZE_EXCEEDED      251757058
+#define CURL_USE_SSL_FAILED         251757066
+#define CURL_SEND_FAIL_REWIND       251757074
+#define CURL_SSL_ENGINE_INITFAILED  251757082
+#define CURL_LOGIN_DENIED           251757090
+#define CURL_TFTP_NOTFOUND          251757098
+#define CURL_TFTP_PERM              251757106
+#define CURL_REMOTE_DISK_FULL       251757114
+#define CURL_TFTP_ILLEGAL           251757122
+#define CURL_TFTP_UNKNOWNID         251757130
+#define CURL_REMOTE_FILE_EXISTS     251757138
+#define CURL_TFTP_NOSUCHUSER        251757146
+#define CURL_CONV_FAILED            251757154
+#define CURL_CONV_REQD              251757162
+#define CURL_SSL_CACERT_BADFILE     251757170
+#define CURL_REMOTE_FILE_NOT_FOUND  251757178
+#define CURL_SSH                    251757186
+#define CURL_SSL_SHUTDOWN_FAILED    251757194
+#define CURL_AGAIN                  251757202
+#define CURL_SSL_CRL_BADFILE        251757210
+#define CURL_SSL_ISSUER_ERROR       251757218
+#define CURL_CURL_LAST              251757226
 
 #pragma __member_alignment __restore
 
diff --git a/packages/vms/report_openssl_version.c b/packages/vms/report_openssl_version.c
index dd1713b244..d2b0d367bc 100644
--- a/packages/vms/report_openssl_version.c
+++ b/packages/vms/report_openssl_version.c
@@ -35,15 +35,14 @@
 #include 
 #include 
 
-unsigned long LIB$SET_SYMBOL(
-  const struct dsc$descriptor_s * symbol,
-  const struct dsc$descriptor_s * value,
-  const unsigned long *table_type);
+unsigned long LIB$SET_SYMBOL(const struct dsc$descriptor_s *symbol,
+                             const struct dsc$descriptor_s *value,
+                             const unsigned long *table_type);
 
 int main(int argc, char **argv)
 {
   void *libptr;
-  const char * (*ssl_version)(int t);
+  const char *(*ssl_version)(int t);
   const char *version;
 
   if(argc < 1) {
@@ -53,11 +52,11 @@ int main(int argc, char **argv)
 
   libptr = dlopen(argv[1], 0);
 
-  ssl_version = (const char * (*)(int))dlsym(libptr, "SSLeay_version");
+  ssl_version = (const char *(*)(int))dlsym(libptr, "SSLeay_version");
   if(!ssl_version) {
-    ssl_version = (const char * (*)(int))dlsym(libptr, "ssleay_version");
+    ssl_version = (const char *(*)(int))dlsym(libptr, "ssleay_version");
     if(!ssl_version) {
-      ssl_version = (const char * (*)(int))dlsym(libptr, "SSLEAY_VERSION");
+      ssl_version = (const char *(*)(int))dlsym(libptr, "SSLEAY_VERSION");
     }
   }
 
diff --git a/scripts/cd2cd b/scripts/cd2cd
index 9356ade6e6..d593e9a579 100755
--- a/scripts/cd2cd
+++ b/scripts/cd2cd
@@ -54,7 +54,6 @@ while(1) {
     }
 }
 
-
 use POSIX qw(strftime);
 my @ts;
 if(defined($ENV{SOURCE_DATE_EPOCH})) {
diff --git a/scripts/checksrc.pl b/scripts/checksrc.pl
index 87b72af963..54436b8358 100755
--- a/scripts/checksrc.pl
+++ b/scripts/checksrc.pl
@@ -1205,7 +1205,6 @@ sub scanfile {
 
 }
 
-
 if($errors || $warnings || $verbose) {
     printf "checksrc: %d errors and %d warnings\n", $errors, $warnings;
     if($suppressed) {
diff --git a/scripts/ciconfig.pl b/scripts/ciconfig.pl
index c56c31e2be..95ce0fb877 100755
--- a/scripts/ciconfig.pl
+++ b/scripts/ciconfig.pl
@@ -108,7 +108,6 @@ my %defaulton = (
 
     );
 
-
 sub configureopts {
     my ($opts)=@_;
     my %thisin;
@@ -189,7 +188,6 @@ for my $w (sort keys %avail) {
     }
 }
 
-
 print "ENABLED configure options that are not available\n";
 for my $w (sort keys %with) {
     if(!$avail{$w}) {
diff --git a/scripts/delta b/scripts/delta
index b6a1df8a17..c67d98a2c3 100755
--- a/scripts/delta
+++ b/scripts/delta
@@ -95,7 +95,7 @@ my $deletes=`git diff-tree --diff-filter=A -r --summary origin/$branch $start 2>
 my $creates=`git diff-tree --diff-filter=D -r --summary origin/$branch $start 2>/dev/null | wc -l`;
 
 # Time since that tag
-my $tagged=`git for-each-ref --format="%(refname:short) | %(taggerdate:unix)" refs/tags/* | grep ^$start | cut "-d|" -f2`; # Unix timestamp
+my $tagged=`git for-each-ref --format="%(refname:short) | %(taggerdate:unix)" refs/tags/* | grep ^$start | cut '-d|' -f2`; # Unix timestamp
 my $taggednice=`git for-each-ref --format="%(refname:short) | %(creatordate)" refs/tags/* | grep ^$start | cut '-d|' -f2`; # human readable time
 chomp $taggednice;
 my $now=POSIX::strftime("%s", localtime());
diff --git a/scripts/firefox-db2pem.sh b/scripts/firefox-db2pem.sh
index 634e429b50..7d31b12886 100755
--- a/scripts/firefox-db2pem.sh
+++ b/scripts/firefox-db2pem.sh
@@ -54,7 +54,6 @@ cat > "$out" < 4)" },
-  {"smbs", "#if defined(USE_SSL) && !defined(CURL_DISABLE_SMB) && \\\n"
-   "  defined(USE_CURL_NTLM_CORE) && (SIZEOF_CURL_OFF_T > 4)" },
-  {"smtp", "#ifndef CURL_DISABLE_SMTP" },
-  {"smtps", "#if defined(USE_SSL) && !defined(CURL_DISABLE_SMTP)" },
-  {"telnet", "#ifndef CURL_DISABLE_TELNET" },
-  {"tftp", "#ifndef CURL_DISABLE_TFTP" },
-  {"ws",
-   "#if !defined(CURL_DISABLE_WEBSOCKETS) && !defined(CURL_DISABLE_HTTP)" },
-  {"wss", "#if !defined(CURL_DISABLE_WEBSOCKETS) && \\\n"
-   "  defined(USE_SSL) && !defined(CURL_DISABLE_HTTP)" },
+  { "dict", "#ifndef CURL_DISABLE_DICT" },
+  { "file", "#ifndef CURL_DISABLE_FILE" },
+  { "ftp", "#ifndef CURL_DISABLE_FTP" },
+  { "ftps", "#if defined(USE_SSL) && !defined(CURL_DISABLE_FTP)" },
+  { "gopher", "#ifndef CURL_DISABLE_GOPHER" },
+  { "gophers", "#if defined(USE_SSL) && !defined(CURL_DISABLE_GOPHER)" },
+  { "http", "#ifndef CURL_DISABLE_HTTP" },
+  { "https", "#if defined(USE_SSL) && !defined(CURL_DISABLE_HTTP)" },
+  { "imap", "#ifndef CURL_DISABLE_IMAP" },
+  { "imaps", "#if defined(USE_SSL) && !defined(CURL_DISABLE_IMAP)" },
+  { "ldap", "#ifndef CURL_DISABLE_LDAP" },
+  { "ldaps", "#if !defined(CURL_DISABLE_LDAP) && \\\n"
+             "  !defined(CURL_DISABLE_LDAPS) && \\\n"
+             "  ((defined(USE_OPENLDAP) && defined(USE_SSL)) || \\\n"
+             "   (!defined(USE_OPENLDAP) && defined(HAVE_LDAP_SSL)))" },
+  { "mqtt", "#ifndef CURL_DISABLE_MQTT" },
+  { "pop3", "#ifndef CURL_DISABLE_POP3" },
+  { "pop3s", "#if defined(USE_SSL) && !defined(CURL_DISABLE_POP3)" },
+  { "rtmp", "#ifdef USE_LIBRTMP" },
+  { "rtmpt", "#ifdef USE_LIBRTMP" },
+  { "rtmpe", "#ifdef USE_LIBRTMP" },
+  { "rtmpte", "#ifdef USE_LIBRTMP" },
+  { "rtmps", "#ifdef USE_LIBRTMP" },
+  { "rtmpts", "#ifdef USE_LIBRTMP" },
+  { "rtsp", "#ifndef CURL_DISABLE_RTSP" },
+  { "scp", "#ifdef USE_SSH" },
+  { "sftp", "#ifdef USE_SSH" },
+  { "smb", "#if !defined(CURL_DISABLE_SMB) && \\\n"
+           "  defined(USE_CURL_NTLM_CORE) && (SIZEOF_CURL_OFF_T > 4)" },
+  { "smbs", "#if defined(USE_SSL) && !defined(CURL_DISABLE_SMB) && \\\n"
+            "  defined(USE_CURL_NTLM_CORE) && (SIZEOF_CURL_OFF_T > 4)" },
+  { "smtp", "#ifndef CURL_DISABLE_SMTP" },
+  { "smtps", "#if defined(USE_SSL) && !defined(CURL_DISABLE_SMTP)" },
+  { "telnet", "#ifndef CURL_DISABLE_TELNET" },
+  { "tftp", "#ifndef CURL_DISABLE_TFTP" },
+  { "ws",
+    "#if !defined(CURL_DISABLE_WEBSOCKETS) && !defined(CURL_DISABLE_HTTP)" },
+  { "wss", "#if !defined(CURL_DISABLE_WEBSOCKETS) && \\\n"
+           "  defined(USE_SSL) && !defined(CURL_DISABLE_HTTP)" },
   { NULL, NULL }
 };
 
@@ -108,7 +108,8 @@ static void showtable(int try, int init, int shift)
          "     s++;\n"
          "     l--;\n"
          "   }\n"
-         "*/\n", init, shift);
+         "*/\n",
+         init, shift);
 
   printf("  static const struct Curl_handler * const protocols[%d] = {", try);
 
@@ -158,10 +159,10 @@ int main(void)
         for(j = 0; j < i; j++) {
 
           if(num[j] == v) {
-            /*
+#if 0
             printf("NOPE: %u is a dupe (%s and %s)\n",
                    v, scheme[i], scheme[j]);
-            */
+#endif
             badcombo = 1;
             break;
           }
diff --git a/src/tool_parsecfg.c b/src/tool_parsecfg.c
index 0466c547c3..fd669f96cf 100644
--- a/src/tool_parsecfg.c
+++ b/src/tool_parsecfg.c
@@ -273,7 +273,6 @@ ParameterError parseconfig(const char *filename, int max_recursive,
   return err;
 }
 
-
 static bool get_line(FILE *input, struct dynbuf *buf, bool *error)
 {
   CURLcode result;
diff --git a/tests/appveyor.pm b/tests/appveyor.pm
index ed1728682c..f332bc2b27 100644
--- a/tests/appveyor.pm
+++ b/tests/appveyor.pm
@@ -38,7 +38,6 @@ BEGIN {
     );
 }
 
-
 my %APPVEYOR_TEST_NAMES;  # JSON and shell-quoted test names by test number
 
 sub appveyor_check_environment {
diff --git a/tests/data/data320.html b/tests/data/data320.html
index 2756af5f3b..307bb87c47 100644
--- a/tests/data/data320.html
+++ b/tests/data/data320.html
@@ -1,7 +1,6 @@
 
 
This is GnuTLS

 
-
 
Session ID: 003030000100000001000000000000000030330001000000B062410001000000

 
If your browser supports session resuming, then you should see the same session ID, when you press the reload button.

 
Connected as user 'jsmith'.

diff --git a/tests/data/test1109 b/tests/data/test1109
index 043e22cd08..667e098215 100644
--- a/tests/data/test1109
+++ b/tests/data/test1109
@@ -30,7 +30,6 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER#test
 
 
 
-
 # Verify data after the test has been "shot"
 
 
diff --git a/tests/data/test1110 b/tests/data/test1110
index 2d57e49d61..ac282f572c 100644
--- a/tests/data/test1110
+++ b/tests/data/test1110
@@ -31,7 +31,6 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER?q=foobar#fragment
 
 
 
-
 # Verify data after the test has been "shot"
 
 
diff --git a/tests/data/test1111 b/tests/data/test1111
index 8cf705afe7..9d9232248a 100644
--- a/tests/data/test1111
+++ b/tests/data/test1111
@@ -31,7 +31,6 @@ http://%HOSTIP:%HTTPPORT/%TESTNUMBER?q=foobar#fragment#fragment2
 
 
 
-
 # Verify data after the test has been "shot"
 
 
diff --git a/tests/data/test1331 b/tests/data/test1331
index 7f8ff78680..10df80f16a 100644
--- a/tests/data/test1331
+++ b/tests/data/test1331
@@ -49,8 +49,6 @@ Content-Length: 6
 
 hello
 
-
-
 
 
 # Client-side
diff --git a/tests/data/test1408 b/tests/data/test1408
index 1ae279c348..88436dab0e 100644
--- a/tests/data/test1408
+++ b/tests/data/test1408
@@ -31,8 +31,6 @@ Set-Cookie: time=2
 
 -foo-
 
-
-
 
 
 #
diff --git a/tests/data/test1409 b/tests/data/test1409
index e0c32be188..de145ff9d6 100644
--- a/tests/data/test1409
+++ b/tests/data/test1409
@@ -6,7 +6,6 @@ FAILURE
 
 
 
-
 #
 # Client-side
 
diff --git a/tests/data/test1410 b/tests/data/test1410
index 73362dc005..c370e1da5f 100644
--- a/tests/data/test1410
+++ b/tests/data/test1410
@@ -6,7 +6,6 @@ FAILURE
 
 
 
-
 #
 # Client-side
 
diff --git a/tests/data/test1411 b/tests/data/test1411
index 6eaa65d328..309dc1692a 100644
--- a/tests/data/test1411
+++ b/tests/data/test1411
@@ -23,7 +23,6 @@ Funny-head: yesyes
 
 
 
-
 #
 # Client-side
 
diff --git a/tests/data/test161 b/tests/data/test161
index 7908c41d2a..80a03882da 100644
--- a/tests/data/test161
+++ b/tests/data/test161
@@ -29,7 +29,6 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER
 
 
 
-
 # Verify data after the test has been "shot"
 
 # This does not send QUIT because of known bug:
diff --git a/tests/data/test2030 b/tests/data/test2030
index 47f01a14ed..307b223264 100644
--- a/tests/data/test2030
+++ b/tests/data/test2030
@@ -25,7 +25,6 @@ ensure that the order does not matter. -->
 
 -->
 
-
 
 
 HTTP/1.1 401 Need Digest or NTLM auth
diff --git a/tests/data/test2045 b/tests/data/test2045
index 241d9fc14f..0532be5708 100644
--- a/tests/data/test2045
+++ b/tests/data/test2045
@@ -6,7 +6,6 @@ FTP
 
 
 
-
 #
 # Server-side
 
diff --git a/tests/data/test206 b/tests/data/test206
index 7a2acac700..b036eb9d40 100644
--- a/tests/data/test206
+++ b/tests/data/test206
@@ -17,7 +17,6 @@ connection-monitor
 auth_required
 
 
-
 # this is returned first since we get no proxy-auth
 
 HTTP/1.1 407 Authorization Required to proxy me my dear
diff --git a/tests/data/test2202 b/tests/data/test2202
index 9bb0379936..6330b9519d 100644
--- a/tests/data/test2202
+++ b/tests/data/test2202
@@ -50,7 +50,6 @@ client CONNECT 2e 00044d51545404c2003c000c6375726c
 server CONNACK 2 20020005
 
 
-
 # 8 is CURLE_WEIRD_SERVER_REPLY
 
 8
diff --git a/tests/data/test228 b/tests/data/test228
index e9acda8ddb..e609aaa741 100644
--- a/tests/data/test228
+++ b/tests/data/test228
@@ -34,7 +34,6 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER --ftp-account "one count"
 
 
 
-
 # Verify data after the test has been "shot"
 
 
diff --git a/tests/data/test3105 b/tests/data/test3105
index 543d52e432..64f1c5ab4c 100644
--- a/tests/data/test3105
+++ b/tests/data/test3105
@@ -5,7 +5,6 @@ curl_multi_remove_handle
 
 
 
-
 #
 # Client-side
 
diff --git a/tests/data/test399 b/tests/data/test399
index bd73155253..8495446c0d 100644
--- a/tests/data/test399
+++ b/tests/data/test399
@@ -5,7 +5,6 @@ URL
 
 
 
-
 #
 # Client-side
 
diff --git a/tests/data/test698 b/tests/data/test698
index 3335e3875d..a3e16a511e 100644
--- a/tests/data/test698
+++ b/tests/data/test698
@@ -34,7 +34,6 @@ ftp://%HOSTIP:%FTPPORT/%TESTNUMBER --ftp-account "one count" ftp://%HOSTIP:%FTPP
 
 
 
-
 # Verify data after the test has been "shot"
 
 
diff --git a/tests/devtest.pl b/tests/devtest.pl
index a2a9cde875..46adb6136a 100755
--- a/tests/devtest.pl
+++ b/tests/devtest.pl
@@ -64,7 +64,6 @@ use testutil qw(
     );
 use getpart;
 
-
 #######################################################################
 # logmsg is our general message logging subroutine.
 # This function is currently required to be here by servers.pm
@@ -105,7 +104,6 @@ sub parseprotocols {
     push @protocols, 'none';
 }
 
-
 #######################################################################
 # Initialize @protocols from the curl binary under test
 #
@@ -117,7 +115,6 @@ sub init_protocols {
     }
 }
 
-
 #######################################################################
 # Initialize the test harness to run tests
 #
diff --git a/tests/directories.pm b/tests/directories.pm
index 8b3c1addfa..cbb5921cd3 100644
--- a/tests/directories.pm
+++ b/tests/directories.pm
@@ -37,7 +37,6 @@ BEGIN {
     );
 }
 
-
 my %file_chmod1 = (
     'name'      => 'chmod1',
     'content'   => "This file should have permissions 444\n",
diff --git a/tests/getpart.pm b/tests/getpart.pm
index 69b810db5c..b88cce628b 100644
--- a/tests/getpart.pm
+++ b/tests/getpart.pm
@@ -103,8 +103,8 @@ sub getpartattr {
         if(!$inside && ($_ =~ /^ *\<$section/)) {
             $inside++;
         }
-        if((1 ==$inside) && ( ($_ =~ /^ *\<$part ([^>]*)/) ||
-                              !(defined($part)) )
+        if((1 == $inside) && (($_ =~ /^ *\<$part ([^>]*)/) ||
+                              !(defined($part)))
              ) {
             $inside++;
             my $attr=$1;
@@ -118,10 +118,10 @@ sub getpartattr {
             last;
         }
         # detect end of section when part was not found
-        elsif((1 ==$inside) && ($_ =~ /^ *\<\/$section\>/)) {
+        elsif((1 == $inside) && ($_ =~ /^ *\<\/$section\>/)) {
             last;
         }
-        elsif((2 ==$inside) && ($_ =~ /^ *\<\/$part/)) {
+        elsif((2 == $inside) && ($_ =~ /^ *\<\/$part/)) {
             $inside--;
         }
     }
@@ -252,7 +252,6 @@ sub loadtest {
     return 0;
 }
 
-
 # Return entire document as list of lines
 sub fulltest {
     return @xml;
@@ -323,7 +322,6 @@ sub savetest {
 # Strip off all lines that match the specified pattern and return
 # the new array.
 #
-
 sub striparray {
     my ($pattern, $arrayref) = @_;
 
@@ -423,5 +421,4 @@ sub loadarray {
     return @array;
 }
 
-
 1;
diff --git a/tests/globalconfig.pm b/tests/globalconfig.pm
index 8543b3aec4..8d5105a36c 100644
--- a/tests/globalconfig.pm
+++ b/tests/globalconfig.pm
@@ -85,7 +85,6 @@ use pathhelp qw(
 use Cwd qw(getcwd);
 use File::Spec;
 
-
 #######################################################################
 # global configuration variables
 #
diff --git a/tests/libtest/cli_ftp_upload.c b/tests/libtest/cli_ftp_upload.c
index 7493a210e6..32835bc123 100644
--- a/tests/libtest/cli_ftp_upload.c
+++ b/tests/libtest/cli_ftp_upload.c
@@ -21,12 +21,10 @@
  * SPDX-License-Identifier: curl
  *
  ***************************************************************************/
-
 #include "first.h"
 
 #include "testtrace.h"
 
-
 #ifndef CURL_DISABLE_FTP
 
 struct test_cli_ftp_upload_data {
@@ -85,8 +83,7 @@ static CURLcode test_cli_ftp_upload(const char *URL)
   curl_off_t uploadsize = -1;
 
   (void)URL;
-  while((ch = cgetopt(test_argc, test_argv, "r:"))
-        != -1) {
+  while((ch = cgetopt(test_argc, test_argv, "r:")) != -1) {
     switch(ch) {
     case 'r':
       resolve = coptarg;
diff --git a/tests/libtest/lib651.c b/tests/libtest/lib651.c
index 1e38d18895..0a7684abe4 100644
--- a/tests/libtest/lib651.c
+++ b/tests/libtest/lib651.c
@@ -55,7 +55,6 @@ static CURLcode test_lib651(const char *URL)
   if(formrc)
     curl_mprintf("curl_formadd(1) = %d\n", formrc);
 
-
   curl = curl_easy_init();
   if(!curl) {
     curl_mfprintf(stderr, "curl_easy_init() failed\n");
diff --git a/tests/libtest/mk-lib1521.pl b/tests/libtest/mk-lib1521.pl
index bfb0e590e7..77e10a05d9 100755
--- a/tests/libtest/mk-lib1521.pl
+++ b/tests/libtest/mk-lib1521.pl
@@ -74,7 +74,6 @@ my @not_built_in_num = (
     'CURLOPT_SOCKS5_AUTH',
     );
 
-
 #
 # Generate a set of string checks
 #
@@ -626,7 +625,6 @@ MOO
     }
 }
 
-
 print $fh <